xref: /linux/drivers/net/wireless/ath/ath10k/mac.c (revision 7f71507851fc7764b36a3221839607d3a45c2025) 
1 // SPDX-License-Identifier: ISC
2 /*
3  * Copyright (c) 2005-2011 Atheros Communications Inc.
4  * Copyright (c) 2011-2017 Qualcomm Atheros, Inc.
5  * Copyright (c) 2018-2019, The Linux Foundation. All rights reserved.
6  * Copyright (c) 2021-2024 Qualcomm Innovation Center, Inc. All rights reserved.
7  */
8 
9 #include "mac.h"
10 
11 #include <net/cfg80211.h>
12 #include <net/mac80211.h>
13 #include <linux/etherdevice.h>
14 #include <linux/acpi.h>
15 #include <linux/of.h>
16 #include <linux/bitfield.h>
17 
18 #include "hif.h"
19 #include "core.h"
20 #include "debug.h"
21 #include "wmi.h"
22 #include "htt.h"
23 #include "txrx.h"
24 #include "testmode.h"
25 #include "wmi-tlv.h"
26 #include "wmi-ops.h"
27 #include "wow.h"
28 #include "leds.h"
29 
30 /*********/
31 /* Rates */
32 /*********/
33 
34 static struct ieee80211_rate ath10k_rates[] = {
35 	{ .bitrate = 10,
36 	  .hw_value = ATH10K_HW_RATE_CCK_LP_1M },
37 	{ .bitrate = 20,
38 	  .hw_value = ATH10K_HW_RATE_CCK_LP_2M,
39 	  .hw_value_short = ATH10K_HW_RATE_CCK_SP_2M,
40 	  .flags = IEEE80211_RATE_SHORT_PREAMBLE },
41 	{ .bitrate = 55,
42 	  .hw_value = ATH10K_HW_RATE_CCK_LP_5_5M,
43 	  .hw_value_short = ATH10K_HW_RATE_CCK_SP_5_5M,
44 	  .flags = IEEE80211_RATE_SHORT_PREAMBLE },
45 	{ .bitrate = 110,
46 	  .hw_value = ATH10K_HW_RATE_CCK_LP_11M,
47 	  .hw_value_short = ATH10K_HW_RATE_CCK_SP_11M,
48 	  .flags = IEEE80211_RATE_SHORT_PREAMBLE },
49 
50 	{ .bitrate = 60, .hw_value = ATH10K_HW_RATE_OFDM_6M },
51 	{ .bitrate = 90, .hw_value = ATH10K_HW_RATE_OFDM_9M },
52 	{ .bitrate = 120, .hw_value = ATH10K_HW_RATE_OFDM_12M },
53 	{ .bitrate = 180, .hw_value = ATH10K_HW_RATE_OFDM_18M },
54 	{ .bitrate = 240, .hw_value = ATH10K_HW_RATE_OFDM_24M },
55 	{ .bitrate = 360, .hw_value = ATH10K_HW_RATE_OFDM_36M },
56 	{ .bitrate = 480, .hw_value = ATH10K_HW_RATE_OFDM_48M },
57 	{ .bitrate = 540, .hw_value = ATH10K_HW_RATE_OFDM_54M },
58 };
59 
60 static struct ieee80211_rate ath10k_rates_rev2[] = {
61 	{ .bitrate = 10,
62 	  .hw_value = ATH10K_HW_RATE_REV2_CCK_LP_1M },
63 	{ .bitrate = 20,
64 	  .hw_value = ATH10K_HW_RATE_REV2_CCK_LP_2M,
65 	  .hw_value_short = ATH10K_HW_RATE_REV2_CCK_SP_2M,
66 	  .flags = IEEE80211_RATE_SHORT_PREAMBLE },
67 	{ .bitrate = 55,
68 	  .hw_value = ATH10K_HW_RATE_REV2_CCK_LP_5_5M,
69 	  .hw_value_short = ATH10K_HW_RATE_REV2_CCK_SP_5_5M,
70 	  .flags = IEEE80211_RATE_SHORT_PREAMBLE },
71 	{ .bitrate = 110,
72 	  .hw_value = ATH10K_HW_RATE_REV2_CCK_LP_11M,
73 	  .hw_value_short = ATH10K_HW_RATE_REV2_CCK_SP_11M,
74 	  .flags = IEEE80211_RATE_SHORT_PREAMBLE },
75 
76 	{ .bitrate = 60, .hw_value = ATH10K_HW_RATE_OFDM_6M },
77 	{ .bitrate = 90, .hw_value = ATH10K_HW_RATE_OFDM_9M },
78 	{ .bitrate = 120, .hw_value = ATH10K_HW_RATE_OFDM_12M },
79 	{ .bitrate = 180, .hw_value = ATH10K_HW_RATE_OFDM_18M },
80 	{ .bitrate = 240, .hw_value = ATH10K_HW_RATE_OFDM_24M },
81 	{ .bitrate = 360, .hw_value = ATH10K_HW_RATE_OFDM_36M },
82 	{ .bitrate = 480, .hw_value = ATH10K_HW_RATE_OFDM_48M },
83 	{ .bitrate = 540, .hw_value = ATH10K_HW_RATE_OFDM_54M },
84 };
85 
86 static const struct cfg80211_sar_freq_ranges ath10k_sar_freq_ranges[] = {
87 	{.start_freq = 2402, .end_freq = 2494 },
88 	{.start_freq = 5170, .end_freq = 5875 },
89 };
90 
91 static const struct cfg80211_sar_capa ath10k_sar_capa = {
92 	.type = NL80211_SAR_TYPE_POWER,
93 	.num_freq_ranges = (ARRAY_SIZE(ath10k_sar_freq_ranges)),
94 	.freq_ranges = &ath10k_sar_freq_ranges[0],
95 };
96 
97 #define ATH10K_MAC_FIRST_OFDM_RATE_IDX 4
98 
99 #define ath10k_a_rates (ath10k_rates + ATH10K_MAC_FIRST_OFDM_RATE_IDX)
100 #define ath10k_a_rates_size (ARRAY_SIZE(ath10k_rates) - \
101 			     ATH10K_MAC_FIRST_OFDM_RATE_IDX)
102 #define ath10k_g_rates (ath10k_rates + 0)
103 #define ath10k_g_rates_size (ARRAY_SIZE(ath10k_rates))
104 
105 #define ath10k_g_rates_rev2 (ath10k_rates_rev2 + 0)
106 #define ath10k_g_rates_rev2_size (ARRAY_SIZE(ath10k_rates_rev2))
107 
108 #define ath10k_wmi_legacy_rates ath10k_rates
109 
110 static bool ath10k_mac_bitrate_is_cck(int bitrate)
111 {
112 	switch (bitrate) {
113 	case 10:
114 	case 20:
115 	case 55:
116 	case 110:
117 		return true;
118 	}
119 
120 	return false;
121 }
122 
123 static u8 ath10k_mac_bitrate_to_rate(int bitrate)
124 {
125 	return DIV_ROUND_UP(bitrate, 5) |
126 	       (ath10k_mac_bitrate_is_cck(bitrate) ? BIT(7) : 0);
127 }
128 
129 u8 ath10k_mac_hw_rate_to_idx(const struct ieee80211_supported_band *sband,
130 			     u8 hw_rate, bool cck)
131 {
132 	const struct ieee80211_rate *rate;
133 	int i;
134 
135 	for (i = 0; i < sband->n_bitrates; i++) {
136 		rate = &sband->bitrates[i];
137 
138 		if (ath10k_mac_bitrate_is_cck(rate->bitrate) != cck)
139 			continue;
140 
141 		if (rate->hw_value == hw_rate)
142 			return i;
143 		else if (rate->flags & IEEE80211_RATE_SHORT_PREAMBLE &&
144 			 rate->hw_value_short == hw_rate)
145 			return i;
146 	}
147 
148 	return 0;
149 }
150 
151 u8 ath10k_mac_bitrate_to_idx(const struct ieee80211_supported_band *sband,
152 			     u32 bitrate)
153 {
154 	int i;
155 
156 	for (i = 0; i < sband->n_bitrates; i++)
157 		if (sband->bitrates[i].bitrate == bitrate)
158 			return i;
159 
160 	return 0;
161 }
162 
163 static int ath10k_mac_get_rate_hw_value(int bitrate)
164 {
165 	int i;
166 	u8 hw_value_prefix = 0;
167 
168 	if (ath10k_mac_bitrate_is_cck(bitrate))
169 		hw_value_prefix = WMI_RATE_PREAMBLE_CCK << 6;
170 
171 	for (i = 0; i < ARRAY_SIZE(ath10k_rates); i++) {
172 		if (ath10k_rates[i].bitrate == bitrate)
173 			return hw_value_prefix | ath10k_rates[i].hw_value;
174 	}
175 
176 	return -EINVAL;
177 }
178 
179 static int ath10k_mac_get_max_vht_mcs_map(u16 mcs_map, int nss)
180 {
181 	switch ((mcs_map >> (2 * nss)) & 0x3) {
182 	case IEEE80211_VHT_MCS_SUPPORT_0_7: return BIT(8) - 1;
183 	case IEEE80211_VHT_MCS_SUPPORT_0_8: return BIT(9) - 1;
184 	case IEEE80211_VHT_MCS_SUPPORT_0_9: return BIT(10) - 1;
185 	}
186 	return 0;
187 }
188 
189 static u32
190 ath10k_mac_max_ht_nss(const u8 ht_mcs_mask[IEEE80211_HT_MCS_MASK_LEN])
191 {
192 	int nss;
193 
194 	for (nss = IEEE80211_HT_MCS_MASK_LEN - 1; nss >= 0; nss--)
195 		if (ht_mcs_mask[nss])
196 			return nss + 1;
197 
198 	return 1;
199 }
200 
201 static u32
202 ath10k_mac_max_vht_nss(const u16 vht_mcs_mask[NL80211_VHT_NSS_MAX])
203 {
204 	int nss;
205 
206 	for (nss = NL80211_VHT_NSS_MAX - 1; nss >= 0; nss--)
207 		if (vht_mcs_mask[nss])
208 			return nss + 1;
209 
210 	return 1;
211 }
212 
213 int ath10k_mac_ext_resource_config(struct ath10k *ar, u32 val)
214 {
215 	enum wmi_host_platform_type platform_type;
216 	int ret;
217 
218 	if (test_bit(WMI_SERVICE_TX_MODE_DYNAMIC, ar->wmi.svc_map))
219 		platform_type = WMI_HOST_PLATFORM_LOW_PERF;
220 	else
221 		platform_type = WMI_HOST_PLATFORM_HIGH_PERF;
222 
223 	ret = ath10k_wmi_ext_resource_config(ar, platform_type, val);
224 
225 	if (ret && ret != -EOPNOTSUPP) {
226 		ath10k_warn(ar, "failed to configure ext resource: %d\n", ret);
227 		return ret;
228 	}
229 
230 	return 0;
231 }
232 
233 /**********/
234 /* Crypto */
235 /**********/
236 
237 static int ath10k_send_key(struct ath10k_vif *arvif,
238 			   struct ieee80211_key_conf *key,
239 			   enum set_key_cmd cmd,
240 			   const u8 *macaddr, u32 flags)
241 {
242 	struct ath10k *ar = arvif->ar;
243 	struct wmi_vdev_install_key_arg arg = {
244 		.vdev_id = arvif->vdev_id,
245 		.key_idx = key->keyidx,
246 		.key_len = key->keylen,
247 		.key_data = key->key,
248 		.key_flags = flags,
249 		.macaddr = macaddr,
250 	};
251 
252 	lockdep_assert_held(&arvif->ar->conf_mutex);
253 
254 	switch (key->cipher) {
255 	case WLAN_CIPHER_SUITE_CCMP:
256 		arg.key_cipher = ar->wmi_key_cipher[WMI_CIPHER_AES_CCM];
257 		key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV_MGMT;
258 		break;
259 	case WLAN_CIPHER_SUITE_TKIP:
260 		arg.key_cipher = ar->wmi_key_cipher[WMI_CIPHER_TKIP];
261 		arg.key_txmic_len = 8;
262 		arg.key_rxmic_len = 8;
263 		break;
264 	case WLAN_CIPHER_SUITE_WEP40:
265 	case WLAN_CIPHER_SUITE_WEP104:
266 		arg.key_cipher = ar->wmi_key_cipher[WMI_CIPHER_WEP];
267 		break;
268 	case WLAN_CIPHER_SUITE_CCMP_256:
269 		arg.key_cipher = ar->wmi_key_cipher[WMI_CIPHER_AES_CCM];
270 		break;
271 	case WLAN_CIPHER_SUITE_GCMP:
272 	case WLAN_CIPHER_SUITE_GCMP_256:
273 		arg.key_cipher = ar->wmi_key_cipher[WMI_CIPHER_AES_GCM];
274 		key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV_MGMT;
275 		break;
276 	case WLAN_CIPHER_SUITE_BIP_GMAC_128:
277 	case WLAN_CIPHER_SUITE_BIP_GMAC_256:
278 	case WLAN_CIPHER_SUITE_BIP_CMAC_256:
279 	case WLAN_CIPHER_SUITE_AES_CMAC:
280 		WARN_ON(1);
281 		return -EINVAL;
282 	default:
283 		ath10k_warn(ar, "cipher %d is not supported\n", key->cipher);
284 		return -EOPNOTSUPP;
285 	}
286 
287 	if (test_bit(ATH10K_FLAG_RAW_MODE, &ar->dev_flags))
288 		key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV;
289 
290 	if (cmd == DISABLE_KEY) {
291 		arg.key_cipher = ar->wmi_key_cipher[WMI_CIPHER_NONE];
292 		arg.key_data = NULL;
293 	}
294 
295 	return ath10k_wmi_vdev_install_key(arvif->ar, &arg);
296 }
297 
298 static int ath10k_install_key(struct ath10k_vif *arvif,
299 			      struct ieee80211_key_conf *key,
300 			      enum set_key_cmd cmd,
301 			      const u8 *macaddr, u32 flags)
302 {
303 	struct ath10k *ar = arvif->ar;
304 	int ret;
305 	unsigned long time_left;
306 
307 	lockdep_assert_held(&ar->conf_mutex);
308 
309 	reinit_completion(&ar->install_key_done);
310 
311 	if (arvif->nohwcrypt)
312 		return 1;
313 
314 	ret = ath10k_send_key(arvif, key, cmd, macaddr, flags);
315 	if (ret)
316 		return ret;
317 
318 	time_left = wait_for_completion_timeout(&ar->install_key_done, 3 * HZ);
319 	if (time_left == 0)
320 		return -ETIMEDOUT;
321 
322 	return 0;
323 }
324 
325 static int ath10k_install_peer_wep_keys(struct ath10k_vif *arvif,
326 					const u8 *addr)
327 {
328 	struct ath10k *ar = arvif->ar;
329 	struct ath10k_peer *peer;
330 	int ret;
331 	int i;
332 	u32 flags;
333 
334 	lockdep_assert_held(&ar->conf_mutex);
335 
336 	if (WARN_ON(arvif->vif->type != NL80211_IFTYPE_AP &&
337 		    arvif->vif->type != NL80211_IFTYPE_ADHOC &&
338 		    arvif->vif->type != NL80211_IFTYPE_MESH_POINT))
339 		return -EINVAL;
340 
341 	spin_lock_bh(&ar->data_lock);
342 	peer = ath10k_peer_find(ar, arvif->vdev_id, addr);
343 	spin_unlock_bh(&ar->data_lock);
344 
345 	if (!peer)
346 		return -ENOENT;
347 
348 	for (i = 0; i < ARRAY_SIZE(arvif->wep_keys); i++) {
349 		if (arvif->wep_keys[i] == NULL)
350 			continue;
351 
352 		switch (arvif->vif->type) {
353 		case NL80211_IFTYPE_AP:
354 			flags = WMI_KEY_PAIRWISE;
355 
356 			if (arvif->def_wep_key_idx == i)
357 				flags |= WMI_KEY_TX_USAGE;
358 
359 			ret = ath10k_install_key(arvif, arvif->wep_keys[i],
360 						 SET_KEY, addr, flags);
361 			if (ret < 0)
362 				return ret;
363 			break;
364 		case NL80211_IFTYPE_ADHOC:
365 			ret = ath10k_install_key(arvif, arvif->wep_keys[i],
366 						 SET_KEY, addr,
367 						 WMI_KEY_PAIRWISE);
368 			if (ret < 0)
369 				return ret;
370 
371 			ret = ath10k_install_key(arvif, arvif->wep_keys[i],
372 						 SET_KEY, addr, WMI_KEY_GROUP);
373 			if (ret < 0)
374 				return ret;
375 			break;
376 		default:
377 			WARN_ON(1);
378 			return -EINVAL;
379 		}
380 
381 		spin_lock_bh(&ar->data_lock);
382 		peer->keys[i] = arvif->wep_keys[i];
383 		spin_unlock_bh(&ar->data_lock);
384 	}
385 
386 	/* In some cases (notably with static WEP IBSS with multiple keys)
387 	 * multicast Tx becomes broken. Both pairwise and groupwise keys are
388 	 * installed already. Using WMI_KEY_TX_USAGE in different combinations
389 	 * didn't seem help. Using def_keyid vdev parameter seems to be
390 	 * effective so use that.
391 	 *
392 	 * FIXME: Revisit. Perhaps this can be done in a less hacky way.
393 	 */
394 	if (arvif->vif->type != NL80211_IFTYPE_ADHOC)
395 		return 0;
396 
397 	if (arvif->def_wep_key_idx == -1)
398 		return 0;
399 
400 	ret = ath10k_wmi_vdev_set_param(arvif->ar,
401 					arvif->vdev_id,
402 					arvif->ar->wmi.vdev_param->def_keyid,
403 					arvif->def_wep_key_idx);
404 	if (ret) {
405 		ath10k_warn(ar, "failed to re-set def wpa key idxon vdev %i: %d\n",
406 			    arvif->vdev_id, ret);
407 		return ret;
408 	}
409 
410 	return 0;
411 }
412 
413 static int ath10k_clear_peer_keys(struct ath10k_vif *arvif,
414 				  const u8 *addr)
415 {
416 	struct ath10k *ar = arvif->ar;
417 	struct ath10k_peer *peer;
418 	int first_errno = 0;
419 	int ret;
420 	int i;
421 	u32 flags = 0;
422 
423 	lockdep_assert_held(&ar->conf_mutex);
424 
425 	spin_lock_bh(&ar->data_lock);
426 	peer = ath10k_peer_find(ar, arvif->vdev_id, addr);
427 	spin_unlock_bh(&ar->data_lock);
428 
429 	if (!peer)
430 		return -ENOENT;
431 
432 	for (i = 0; i < ARRAY_SIZE(peer->keys); i++) {
433 		if (peer->keys[i] == NULL)
434 			continue;
435 
436 		/* key flags are not required to delete the key */
437 		ret = ath10k_install_key(arvif, peer->keys[i],
438 					 DISABLE_KEY, addr, flags);
439 		if (ret < 0 && first_errno == 0)
440 			first_errno = ret;
441 
442 		if (ret < 0)
443 			ath10k_warn(ar, "failed to remove peer wep key %d: %d\n",
444 				    i, ret);
445 
446 		spin_lock_bh(&ar->data_lock);
447 		peer->keys[i] = NULL;
448 		spin_unlock_bh(&ar->data_lock);
449 	}
450 
451 	return first_errno;
452 }
453 
454 bool ath10k_mac_is_peer_wep_key_set(struct ath10k *ar, const u8 *addr,
455 				    u8 keyidx)
456 {
457 	struct ath10k_peer *peer;
458 	int i;
459 
460 	lockdep_assert_held(&ar->data_lock);
461 
462 	/* We don't know which vdev this peer belongs to,
463 	 * since WMI doesn't give us that information.
464 	 *
465 	 * FIXME: multi-bss needs to be handled.
466 	 */
467 	peer = ath10k_peer_find(ar, 0, addr);
468 	if (!peer)
469 		return false;
470 
471 	for (i = 0; i < ARRAY_SIZE(peer->keys); i++) {
472 		if (peer->keys[i] && peer->keys[i]->keyidx == keyidx)
473 			return true;
474 	}
475 
476 	return false;
477 }
478 
479 static int ath10k_clear_vdev_key(struct ath10k_vif *arvif,
480 				 struct ieee80211_key_conf *key)
481 {
482 	struct ath10k *ar = arvif->ar;
483 	struct ath10k_peer *peer;
484 	u8 addr[ETH_ALEN];
485 	int first_errno = 0;
486 	int ret;
487 	int i;
488 	u32 flags = 0;
489 
490 	lockdep_assert_held(&ar->conf_mutex);
491 
492 	for (;;) {
493 		/* since ath10k_install_key we can't hold data_lock all the
494 		 * time, so we try to remove the keys incrementally
495 		 */
496 		spin_lock_bh(&ar->data_lock);
497 		i = 0;
498 		list_for_each_entry(peer, &ar->peers, list) {
499 			for (i = 0; i < ARRAY_SIZE(peer->keys); i++) {
500 				if (peer->keys[i] == key) {
501 					ether_addr_copy(addr, peer->addr);
502 					peer->keys[i] = NULL;
503 					break;
504 				}
505 			}
506 
507 			if (i < ARRAY_SIZE(peer->keys))
508 				break;
509 		}
510 		spin_unlock_bh(&ar->data_lock);
511 
512 		if (i == ARRAY_SIZE(peer->keys))
513 			break;
514 		/* key flags are not required to delete the key */
515 		ret = ath10k_install_key(arvif, key, DISABLE_KEY, addr, flags);
516 		if (ret < 0 && first_errno == 0)
517 			first_errno = ret;
518 
519 		if (ret)
520 			ath10k_warn(ar, "failed to remove key for %pM: %d\n",
521 				    addr, ret);
522 	}
523 
524 	return first_errno;
525 }
526 
527 static int ath10k_mac_vif_update_wep_key(struct ath10k_vif *arvif,
528 					 struct ieee80211_key_conf *key)
529 {
530 	struct ath10k *ar = arvif->ar;
531 	struct ath10k_peer *peer;
532 	int ret;
533 
534 	lockdep_assert_held(&ar->conf_mutex);
535 
536 	list_for_each_entry(peer, &ar->peers, list) {
537 		if (ether_addr_equal(peer->addr, arvif->vif->addr))
538 			continue;
539 
540 		if (ether_addr_equal(peer->addr, arvif->bssid))
541 			continue;
542 
543 		if (peer->keys[key->keyidx] == key)
544 			continue;
545 
546 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vif vdev %i update key %i needs update\n",
547 			   arvif->vdev_id, key->keyidx);
548 
549 		ret = ath10k_install_peer_wep_keys(arvif, peer->addr);
550 		if (ret) {
551 			ath10k_warn(ar, "failed to update wep keys on vdev %i for peer %pM: %d\n",
552 				    arvif->vdev_id, peer->addr, ret);
553 			return ret;
554 		}
555 	}
556 
557 	return 0;
558 }
559 
560 /*********************/
561 /* General utilities */
562 /*********************/
563 
564 static inline enum wmi_phy_mode
565 chan_to_phymode(const struct cfg80211_chan_def *chandef)
566 {
567 	enum wmi_phy_mode phymode = MODE_UNKNOWN;
568 
569 	switch (chandef->chan->band) {
570 	case NL80211_BAND_2GHZ:
571 		switch (chandef->width) {
572 		case NL80211_CHAN_WIDTH_20_NOHT:
573 			if (chandef->chan->flags & IEEE80211_CHAN_NO_OFDM)
574 				phymode = MODE_11B;
575 			else
576 				phymode = MODE_11G;
577 			break;
578 		case NL80211_CHAN_WIDTH_20:
579 			phymode = MODE_11NG_HT20;
580 			break;
581 		case NL80211_CHAN_WIDTH_40:
582 			phymode = MODE_11NG_HT40;
583 			break;
584 		default:
585 			phymode = MODE_UNKNOWN;
586 			break;
587 		}
588 		break;
589 	case NL80211_BAND_5GHZ:
590 		switch (chandef->width) {
591 		case NL80211_CHAN_WIDTH_20_NOHT:
592 			phymode = MODE_11A;
593 			break;
594 		case NL80211_CHAN_WIDTH_20:
595 			phymode = MODE_11NA_HT20;
596 			break;
597 		case NL80211_CHAN_WIDTH_40:
598 			phymode = MODE_11NA_HT40;
599 			break;
600 		case NL80211_CHAN_WIDTH_80:
601 			phymode = MODE_11AC_VHT80;
602 			break;
603 		case NL80211_CHAN_WIDTH_160:
604 			phymode = MODE_11AC_VHT160;
605 			break;
606 		case NL80211_CHAN_WIDTH_80P80:
607 			phymode = MODE_11AC_VHT80_80;
608 			break;
609 		default:
610 			phymode = MODE_UNKNOWN;
611 			break;
612 		}
613 		break;
614 	default:
615 		break;
616 	}
617 
618 	WARN_ON(phymode == MODE_UNKNOWN);
619 	return phymode;
620 }
621 
622 static u8 ath10k_parse_mpdudensity(u8 mpdudensity)
623 {
624 /*
625  * 802.11n D2.0 defined values for "Minimum MPDU Start Spacing":
626  *   0 for no restriction
627  *   1 for 1/4 us
628  *   2 for 1/2 us
629  *   3 for 1 us
630  *   4 for 2 us
631  *   5 for 4 us
632  *   6 for 8 us
633  *   7 for 16 us
634  */
635 	switch (mpdudensity) {
636 	case 0:
637 		return 0;
638 	case 1:
639 	case 2:
640 	case 3:
641 	/* Our lower layer calculations limit our precision to
642 	 * 1 microsecond
643 	 */
644 		return 1;
645 	case 4:
646 		return 2;
647 	case 5:
648 		return 4;
649 	case 6:
650 		return 8;
651 	case 7:
652 		return 16;
653 	default:
654 		return 0;
655 	}
656 }
657 
658 int ath10k_mac_vif_chan(struct ieee80211_vif *vif,
659 			struct cfg80211_chan_def *def)
660 {
661 	struct ieee80211_chanctx_conf *conf;
662 
663 	rcu_read_lock();
664 	conf = rcu_dereference(vif->bss_conf.chanctx_conf);
665 	if (!conf) {
666 		rcu_read_unlock();
667 		return -ENOENT;
668 	}
669 
670 	*def = conf->def;
671 	rcu_read_unlock();
672 
673 	return 0;
674 }
675 
676 static void ath10k_mac_num_chanctxs_iter(struct ieee80211_hw *hw,
677 					 struct ieee80211_chanctx_conf *conf,
678 					 void *data)
679 {
680 	int *num = data;
681 
682 	(*num)++;
683 }
684 
685 static int ath10k_mac_num_chanctxs(struct ath10k *ar)
686 {
687 	int num = 0;
688 
689 	ieee80211_iter_chan_contexts_atomic(ar->hw,
690 					    ath10k_mac_num_chanctxs_iter,
691 					    &num);
692 
693 	return num;
694 }
695 
696 static void
697 ath10k_mac_get_any_chandef_iter(struct ieee80211_hw *hw,
698 				struct ieee80211_chanctx_conf *conf,
699 				void *data)
700 {
701 	struct cfg80211_chan_def **def = data;
702 
703 	*def = &conf->def;
704 }
705 
706 static void ath10k_wait_for_peer_delete_done(struct ath10k *ar, u32 vdev_id,
707 					     const u8 *addr)
708 {
709 	unsigned long time_left;
710 	int ret;
711 
712 	if (test_bit(WMI_SERVICE_SYNC_DELETE_CMDS, ar->wmi.svc_map)) {
713 		ret = ath10k_wait_for_peer_deleted(ar, vdev_id, addr);
714 		if (ret) {
715 			ath10k_warn(ar, "failed wait for peer deleted");
716 			return;
717 		}
718 
719 		time_left = wait_for_completion_timeout(&ar->peer_delete_done,
720 							5 * HZ);
721 		if (!time_left)
722 			ath10k_warn(ar, "Timeout in receiving peer delete response\n");
723 	}
724 }
725 
726 static int ath10k_peer_create(struct ath10k *ar,
727 			      struct ieee80211_vif *vif,
728 			      struct ieee80211_sta *sta,
729 			      u32 vdev_id,
730 			      const u8 *addr,
731 			      enum wmi_peer_type peer_type)
732 {
733 	struct ath10k_peer *peer;
734 	int ret;
735 
736 	lockdep_assert_held(&ar->conf_mutex);
737 
738 	/* Each vdev consumes a peer entry as well. */
739 	if (ar->num_peers + list_count_nodes(&ar->arvifs) >= ar->max_num_peers)
740 		return -ENOBUFS;
741 
742 	ret = ath10k_wmi_peer_create(ar, vdev_id, addr, peer_type);
743 	if (ret) {
744 		ath10k_warn(ar, "failed to create wmi peer %pM on vdev %i: %i\n",
745 			    addr, vdev_id, ret);
746 		return ret;
747 	}
748 
749 	ret = ath10k_wait_for_peer_created(ar, vdev_id, addr);
750 	if (ret) {
751 		ath10k_warn(ar, "failed to wait for created wmi peer %pM on vdev %i: %i\n",
752 			    addr, vdev_id, ret);
753 		return ret;
754 	}
755 
756 	spin_lock_bh(&ar->data_lock);
757 
758 	peer = ath10k_peer_find(ar, vdev_id, addr);
759 	if (!peer) {
760 		spin_unlock_bh(&ar->data_lock);
761 		ath10k_warn(ar, "failed to find peer %pM on vdev %i after creation\n",
762 			    addr, vdev_id);
763 		ath10k_wait_for_peer_delete_done(ar, vdev_id, addr);
764 		return -ENOENT;
765 	}
766 
767 	peer->vif = vif;
768 	peer->sta = sta;
769 
770 	spin_unlock_bh(&ar->data_lock);
771 
772 	ar->num_peers++;
773 
774 	return 0;
775 }
776 
777 static int ath10k_mac_set_kickout(struct ath10k_vif *arvif)
778 {
779 	struct ath10k *ar = arvif->ar;
780 	u32 param;
781 	int ret;
782 
783 	param = ar->wmi.pdev_param->sta_kickout_th;
784 	ret = ath10k_wmi_pdev_set_param(ar, param,
785 					ATH10K_KICKOUT_THRESHOLD);
786 	if (ret) {
787 		ath10k_warn(ar, "failed to set kickout threshold on vdev %i: %d\n",
788 			    arvif->vdev_id, ret);
789 		return ret;
790 	}
791 
792 	param = ar->wmi.vdev_param->ap_keepalive_min_idle_inactive_time_secs;
793 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, param,
794 					ATH10K_KEEPALIVE_MIN_IDLE);
795 	if (ret) {
796 		ath10k_warn(ar, "failed to set keepalive minimum idle time on vdev %i: %d\n",
797 			    arvif->vdev_id, ret);
798 		return ret;
799 	}
800 
801 	param = ar->wmi.vdev_param->ap_keepalive_max_idle_inactive_time_secs;
802 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, param,
803 					ATH10K_KEEPALIVE_MAX_IDLE);
804 	if (ret) {
805 		ath10k_warn(ar, "failed to set keepalive maximum idle time on vdev %i: %d\n",
806 			    arvif->vdev_id, ret);
807 		return ret;
808 	}
809 
810 	param = ar->wmi.vdev_param->ap_keepalive_max_unresponsive_time_secs;
811 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, param,
812 					ATH10K_KEEPALIVE_MAX_UNRESPONSIVE);
813 	if (ret) {
814 		ath10k_warn(ar, "failed to set keepalive maximum unresponsive time on vdev %i: %d\n",
815 			    arvif->vdev_id, ret);
816 		return ret;
817 	}
818 
819 	return 0;
820 }
821 
822 static int ath10k_mac_set_rts(struct ath10k_vif *arvif, u32 value)
823 {
824 	struct ath10k *ar = arvif->ar;
825 	u32 vdev_param;
826 
827 	vdev_param = ar->wmi.vdev_param->rts_threshold;
828 	return ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param, value);
829 }
830 
831 static int ath10k_peer_delete(struct ath10k *ar, u32 vdev_id, const u8 *addr)
832 {
833 	int ret;
834 
835 	lockdep_assert_held(&ar->conf_mutex);
836 
837 	ret = ath10k_wmi_peer_delete(ar, vdev_id, addr);
838 	if (ret)
839 		return ret;
840 
841 	ret = ath10k_wait_for_peer_deleted(ar, vdev_id, addr);
842 	if (ret)
843 		return ret;
844 
845 	if (test_bit(WMI_SERVICE_SYNC_DELETE_CMDS, ar->wmi.svc_map)) {
846 		unsigned long time_left;
847 
848 		time_left = wait_for_completion_timeout
849 			    (&ar->peer_delete_done, 5 * HZ);
850 
851 		if (!time_left) {
852 			ath10k_warn(ar, "Timeout in receiving peer delete response\n");
853 			return -ETIMEDOUT;
854 		}
855 	}
856 
857 	ar->num_peers--;
858 
859 	return 0;
860 }
861 
862 static void ath10k_peer_map_cleanup(struct ath10k *ar, struct ath10k_peer *peer)
863 {
864 	int peer_id, i;
865 
866 	lockdep_assert_held(&ar->conf_mutex);
867 
868 	for_each_set_bit(peer_id, peer->peer_ids,
869 			 ATH10K_MAX_NUM_PEER_IDS) {
870 		ar->peer_map[peer_id] = NULL;
871 	}
872 
873 	/* Double check that peer is properly un-referenced from
874 	 * the peer_map
875 	 */
876 	for (i = 0; i < ARRAY_SIZE(ar->peer_map); i++) {
877 		if (ar->peer_map[i] == peer) {
878 			ath10k_warn(ar, "removing stale peer_map entry for %pM (ptr %pK idx %d)\n",
879 				    peer->addr, peer, i);
880 			ar->peer_map[i] = NULL;
881 		}
882 	}
883 
884 	list_del(&peer->list);
885 	kfree(peer);
886 	ar->num_peers--;
887 }
888 
889 static void ath10k_peer_cleanup(struct ath10k *ar, u32 vdev_id)
890 {
891 	struct ath10k_peer *peer, *tmp;
892 
893 	lockdep_assert_held(&ar->conf_mutex);
894 
895 	spin_lock_bh(&ar->data_lock);
896 	list_for_each_entry_safe(peer, tmp, &ar->peers, list) {
897 		if (peer->vdev_id != vdev_id)
898 			continue;
899 
900 		ath10k_warn(ar, "removing stale peer %pM from vdev_id %d\n",
901 			    peer->addr, vdev_id);
902 
903 		ath10k_peer_map_cleanup(ar, peer);
904 	}
905 	spin_unlock_bh(&ar->data_lock);
906 }
907 
908 static void ath10k_peer_cleanup_all(struct ath10k *ar)
909 {
910 	struct ath10k_peer *peer, *tmp;
911 	int i;
912 
913 	lockdep_assert_held(&ar->conf_mutex);
914 
915 	spin_lock_bh(&ar->data_lock);
916 	list_for_each_entry_safe(peer, tmp, &ar->peers, list) {
917 		list_del(&peer->list);
918 		kfree(peer);
919 	}
920 
921 	for (i = 0; i < ARRAY_SIZE(ar->peer_map); i++)
922 		ar->peer_map[i] = NULL;
923 
924 	spin_unlock_bh(&ar->data_lock);
925 
926 	ar->num_peers = 0;
927 	ar->num_stations = 0;
928 }
929 
930 static int ath10k_mac_tdls_peer_update(struct ath10k *ar, u32 vdev_id,
931 				       struct ieee80211_sta *sta,
932 				       enum wmi_tdls_peer_state state)
933 {
934 	int ret;
935 	struct wmi_tdls_peer_update_cmd_arg arg = {};
936 	struct wmi_tdls_peer_capab_arg cap = {};
937 	struct wmi_channel_arg chan_arg = {};
938 
939 	lockdep_assert_held(&ar->conf_mutex);
940 
941 	arg.vdev_id = vdev_id;
942 	arg.peer_state = state;
943 	ether_addr_copy(arg.addr, sta->addr);
944 
945 	cap.peer_max_sp = sta->max_sp;
946 	cap.peer_uapsd_queues = sta->uapsd_queues;
947 
948 	if (state == WMI_TDLS_PEER_STATE_CONNECTED &&
949 	    !sta->tdls_initiator)
950 		cap.is_peer_responder = 1;
951 
952 	ret = ath10k_wmi_tdls_peer_update(ar, &arg, &cap, &chan_arg);
953 	if (ret) {
954 		ath10k_warn(ar, "failed to update tdls peer %pM on vdev %i: %i\n",
955 			    arg.addr, vdev_id, ret);
956 		return ret;
957 	}
958 
959 	return 0;
960 }
961 
962 /************************/
963 /* Interface management */
964 /************************/
965 
966 void ath10k_mac_vif_beacon_free(struct ath10k_vif *arvif)
967 {
968 	struct ath10k *ar = arvif->ar;
969 
970 	lockdep_assert_held(&ar->data_lock);
971 
972 	if (!arvif->beacon)
973 		return;
974 
975 	if (!arvif->beacon_buf)
976 		dma_unmap_single(ar->dev, ATH10K_SKB_CB(arvif->beacon)->paddr,
977 				 arvif->beacon->len, DMA_TO_DEVICE);
978 
979 	if (WARN_ON(arvif->beacon_state != ATH10K_BEACON_SCHEDULED &&
980 		    arvif->beacon_state != ATH10K_BEACON_SENT))
981 		return;
982 
983 	dev_kfree_skb_any(arvif->beacon);
984 
985 	arvif->beacon = NULL;
986 	arvif->beacon_state = ATH10K_BEACON_SCHEDULED;
987 }
988 
989 static void ath10k_mac_vif_beacon_cleanup(struct ath10k_vif *arvif)
990 {
991 	struct ath10k *ar = arvif->ar;
992 
993 	lockdep_assert_held(&ar->data_lock);
994 
995 	ath10k_mac_vif_beacon_free(arvif);
996 
997 	if (arvif->beacon_buf) {
998 		if (ar->bus_param.dev_type == ATH10K_DEV_TYPE_HL)
999 			kfree(arvif->beacon_buf);
1000 		else
1001 			dma_free_coherent(ar->dev, IEEE80211_MAX_FRAME_LEN,
1002 					  arvif->beacon_buf,
1003 					  arvif->beacon_paddr);
1004 		arvif->beacon_buf = NULL;
1005 	}
1006 }
1007 
1008 static inline int ath10k_vdev_setup_sync(struct ath10k *ar)
1009 {
1010 	unsigned long time_left;
1011 
1012 	lockdep_assert_held(&ar->conf_mutex);
1013 
1014 	if (test_bit(ATH10K_FLAG_CRASH_FLUSH, &ar->dev_flags))
1015 		return -ESHUTDOWN;
1016 
1017 	time_left = wait_for_completion_timeout(&ar->vdev_setup_done,
1018 						ATH10K_VDEV_SETUP_TIMEOUT_HZ);
1019 	if (time_left == 0)
1020 		return -ETIMEDOUT;
1021 
1022 	return ar->last_wmi_vdev_start_status;
1023 }
1024 
1025 static int ath10k_monitor_vdev_start(struct ath10k *ar, int vdev_id)
1026 {
1027 	struct cfg80211_chan_def *chandef = NULL;
1028 	struct ieee80211_channel *channel = NULL;
1029 	struct wmi_vdev_start_request_arg arg = {};
1030 	int ret = 0;
1031 
1032 	lockdep_assert_held(&ar->conf_mutex);
1033 
1034 	ieee80211_iter_chan_contexts_atomic(ar->hw,
1035 					    ath10k_mac_get_any_chandef_iter,
1036 					    &chandef);
1037 	if (WARN_ON_ONCE(!chandef))
1038 		return -ENOENT;
1039 
1040 	channel = chandef->chan;
1041 
1042 	arg.vdev_id = vdev_id;
1043 	arg.channel.freq = channel->center_freq;
1044 	arg.channel.band_center_freq1 = chandef->center_freq1;
1045 	arg.channel.band_center_freq2 = chandef->center_freq2;
1046 
1047 	/* TODO setup this dynamically, what in case we
1048 	 * don't have any vifs?
1049 	 */
1050 	arg.channel.mode = chan_to_phymode(chandef);
1051 	arg.channel.chan_radar =
1052 			!!(channel->flags & IEEE80211_CHAN_RADAR);
1053 
1054 	arg.channel.min_power = 0;
1055 	arg.channel.max_power = channel->max_power * 2;
1056 	arg.channel.max_reg_power = channel->max_reg_power * 2;
1057 	arg.channel.max_antenna_gain = channel->max_antenna_gain;
1058 
1059 	reinit_completion(&ar->vdev_setup_done);
1060 	reinit_completion(&ar->vdev_delete_done);
1061 
1062 	ret = ath10k_wmi_vdev_start(ar, &arg);
1063 	if (ret) {
1064 		ath10k_warn(ar, "failed to request monitor vdev %i start: %d\n",
1065 			    vdev_id, ret);
1066 		return ret;
1067 	}
1068 
1069 	ret = ath10k_vdev_setup_sync(ar);
1070 	if (ret) {
1071 		ath10k_warn(ar, "failed to synchronize setup for monitor vdev %i start: %d\n",
1072 			    vdev_id, ret);
1073 		return ret;
1074 	}
1075 
1076 	ret = ath10k_wmi_vdev_up(ar, vdev_id, 0, ar->mac_addr);
1077 	if (ret) {
1078 		ath10k_warn(ar, "failed to put up monitor vdev %i: %d\n",
1079 			    vdev_id, ret);
1080 		goto vdev_stop;
1081 	}
1082 
1083 	ar->monitor_vdev_id = vdev_id;
1084 
1085 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac monitor vdev %i started\n",
1086 		   ar->monitor_vdev_id);
1087 	return 0;
1088 
1089 vdev_stop:
1090 	ret = ath10k_wmi_vdev_stop(ar, ar->monitor_vdev_id);
1091 	if (ret)
1092 		ath10k_warn(ar, "failed to stop monitor vdev %i after start failure: %d\n",
1093 			    ar->monitor_vdev_id, ret);
1094 
1095 	return ret;
1096 }
1097 
1098 static int ath10k_monitor_vdev_stop(struct ath10k *ar)
1099 {
1100 	int ret = 0;
1101 
1102 	lockdep_assert_held(&ar->conf_mutex);
1103 
1104 	ret = ath10k_wmi_vdev_down(ar, ar->monitor_vdev_id);
1105 	if (ret)
1106 		ath10k_warn(ar, "failed to put down monitor vdev %i: %d\n",
1107 			    ar->monitor_vdev_id, ret);
1108 
1109 	reinit_completion(&ar->vdev_setup_done);
1110 	reinit_completion(&ar->vdev_delete_done);
1111 
1112 	ret = ath10k_wmi_vdev_stop(ar, ar->monitor_vdev_id);
1113 	if (ret)
1114 		ath10k_warn(ar, "failed to request monitor vdev %i stop: %d\n",
1115 			    ar->monitor_vdev_id, ret);
1116 
1117 	ret = ath10k_vdev_setup_sync(ar);
1118 	if (ret)
1119 		ath10k_warn(ar, "failed to synchronize monitor vdev %i stop: %d\n",
1120 			    ar->monitor_vdev_id, ret);
1121 
1122 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac monitor vdev %i stopped\n",
1123 		   ar->monitor_vdev_id);
1124 	return ret;
1125 }
1126 
1127 static int ath10k_monitor_vdev_create(struct ath10k *ar)
1128 {
1129 	int bit, ret = 0;
1130 
1131 	lockdep_assert_held(&ar->conf_mutex);
1132 
1133 	if (ar->free_vdev_map == 0) {
1134 		ath10k_warn(ar, "failed to find free vdev id for monitor vdev\n");
1135 		return -ENOMEM;
1136 	}
1137 
1138 	bit = __ffs64(ar->free_vdev_map);
1139 
1140 	ar->monitor_vdev_id = bit;
1141 
1142 	ret = ath10k_wmi_vdev_create(ar, ar->monitor_vdev_id,
1143 				     WMI_VDEV_TYPE_MONITOR,
1144 				     0, ar->mac_addr);
1145 	if (ret) {
1146 		ath10k_warn(ar, "failed to request monitor vdev %i creation: %d\n",
1147 			    ar->monitor_vdev_id, ret);
1148 		return ret;
1149 	}
1150 
1151 	ar->free_vdev_map &= ~(1LL << ar->monitor_vdev_id);
1152 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac monitor vdev %d created\n",
1153 		   ar->monitor_vdev_id);
1154 
1155 	return 0;
1156 }
1157 
1158 static int ath10k_monitor_vdev_delete(struct ath10k *ar)
1159 {
1160 	int ret = 0;
1161 
1162 	lockdep_assert_held(&ar->conf_mutex);
1163 
1164 	ret = ath10k_wmi_vdev_delete(ar, ar->monitor_vdev_id);
1165 	if (ret) {
1166 		ath10k_warn(ar, "failed to request wmi monitor vdev %i removal: %d\n",
1167 			    ar->monitor_vdev_id, ret);
1168 		return ret;
1169 	}
1170 
1171 	ar->free_vdev_map |= 1LL << ar->monitor_vdev_id;
1172 
1173 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac monitor vdev %d deleted\n",
1174 		   ar->monitor_vdev_id);
1175 	return ret;
1176 }
1177 
1178 static int ath10k_monitor_start(struct ath10k *ar)
1179 {
1180 	int ret;
1181 
1182 	lockdep_assert_held(&ar->conf_mutex);
1183 
1184 	ret = ath10k_monitor_vdev_create(ar);
1185 	if (ret) {
1186 		ath10k_warn(ar, "failed to create monitor vdev: %d\n", ret);
1187 		return ret;
1188 	}
1189 
1190 	ret = ath10k_monitor_vdev_start(ar, ar->monitor_vdev_id);
1191 	if (ret) {
1192 		ath10k_warn(ar, "failed to start monitor vdev: %d\n", ret);
1193 		ath10k_monitor_vdev_delete(ar);
1194 		return ret;
1195 	}
1196 
1197 	ar->monitor_started = true;
1198 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac monitor started\n");
1199 
1200 	return 0;
1201 }
1202 
1203 static int ath10k_monitor_stop(struct ath10k *ar)
1204 {
1205 	int ret;
1206 
1207 	lockdep_assert_held(&ar->conf_mutex);
1208 
1209 	ret = ath10k_monitor_vdev_stop(ar);
1210 	if (ret) {
1211 		ath10k_warn(ar, "failed to stop monitor vdev: %d\n", ret);
1212 		return ret;
1213 	}
1214 
1215 	ret = ath10k_monitor_vdev_delete(ar);
1216 	if (ret) {
1217 		ath10k_warn(ar, "failed to delete monitor vdev: %d\n", ret);
1218 		return ret;
1219 	}
1220 
1221 	ar->monitor_started = false;
1222 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac monitor stopped\n");
1223 
1224 	return 0;
1225 }
1226 
1227 static bool ath10k_mac_monitor_vdev_is_needed(struct ath10k *ar)
1228 {
1229 	int num_ctx;
1230 
1231 	/* At least one chanctx is required to derive a channel to start
1232 	 * monitor vdev on.
1233 	 */
1234 	num_ctx = ath10k_mac_num_chanctxs(ar);
1235 	if (num_ctx == 0)
1236 		return false;
1237 
1238 	/* If there's already an existing special monitor interface then don't
1239 	 * bother creating another monitor vdev.
1240 	 */
1241 	if (ar->monitor_arvif)
1242 		return false;
1243 
1244 	return ar->monitor ||
1245 	       (!test_bit(ATH10K_FW_FEATURE_ALLOWS_MESH_BCAST,
1246 			  ar->running_fw->fw_file.fw_features) &&
1247 		(ar->filter_flags & (FIF_OTHER_BSS | FIF_MCAST_ACTION))) ||
1248 	       test_bit(ATH10K_CAC_RUNNING, &ar->dev_flags);
1249 }
1250 
1251 static bool ath10k_mac_monitor_vdev_is_allowed(struct ath10k *ar)
1252 {
1253 	int num_ctx;
1254 
1255 	num_ctx = ath10k_mac_num_chanctxs(ar);
1256 
1257 	/* FIXME: Current interface combinations and cfg80211/mac80211 code
1258 	 * shouldn't allow this but make sure to prevent handling the following
1259 	 * case anyway since multi-channel DFS hasn't been tested at all.
1260 	 */
1261 	if (test_bit(ATH10K_CAC_RUNNING, &ar->dev_flags) && num_ctx > 1)
1262 		return false;
1263 
1264 	return true;
1265 }
1266 
1267 static int ath10k_monitor_recalc(struct ath10k *ar)
1268 {
1269 	bool needed;
1270 	bool allowed;
1271 	int ret;
1272 
1273 	lockdep_assert_held(&ar->conf_mutex);
1274 
1275 	needed = ath10k_mac_monitor_vdev_is_needed(ar);
1276 	allowed = ath10k_mac_monitor_vdev_is_allowed(ar);
1277 
1278 	ath10k_dbg(ar, ATH10K_DBG_MAC,
1279 		   "mac monitor recalc started? %d needed? %d allowed? %d\n",
1280 		   ar->monitor_started, needed, allowed);
1281 
1282 	if (WARN_ON(needed && !allowed)) {
1283 		if (ar->monitor_started) {
1284 			ath10k_dbg(ar, ATH10K_DBG_MAC, "mac monitor stopping disallowed monitor\n");
1285 
1286 			ret = ath10k_monitor_stop(ar);
1287 			if (ret)
1288 				ath10k_warn(ar, "failed to stop disallowed monitor: %d\n",
1289 					    ret);
1290 				/* not serious */
1291 		}
1292 
1293 		return -EPERM;
1294 	}
1295 
1296 	if (needed == ar->monitor_started)
1297 		return 0;
1298 
1299 	if (needed)
1300 		return ath10k_monitor_start(ar);
1301 	else
1302 		return ath10k_monitor_stop(ar);
1303 }
1304 
1305 static bool ath10k_mac_can_set_cts_prot(struct ath10k_vif *arvif)
1306 {
1307 	struct ath10k *ar = arvif->ar;
1308 
1309 	lockdep_assert_held(&ar->conf_mutex);
1310 
1311 	if (!arvif->is_started) {
1312 		ath10k_dbg(ar, ATH10K_DBG_MAC, "defer cts setup, vdev is not ready yet\n");
1313 		return false;
1314 	}
1315 
1316 	return true;
1317 }
1318 
1319 static int ath10k_mac_set_cts_prot(struct ath10k_vif *arvif)
1320 {
1321 	struct ath10k *ar = arvif->ar;
1322 	u32 vdev_param;
1323 
1324 	lockdep_assert_held(&ar->conf_mutex);
1325 
1326 	vdev_param = ar->wmi.vdev_param->protection_mode;
1327 
1328 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %d cts_protection %d\n",
1329 		   arvif->vdev_id, arvif->use_cts_prot);
1330 
1331 	return ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
1332 					 arvif->use_cts_prot ? 1 : 0);
1333 }
1334 
1335 static int ath10k_recalc_rtscts_prot(struct ath10k_vif *arvif)
1336 {
1337 	struct ath10k *ar = arvif->ar;
1338 	u32 vdev_param, rts_cts = 0;
1339 
1340 	lockdep_assert_held(&ar->conf_mutex);
1341 
1342 	vdev_param = ar->wmi.vdev_param->enable_rtscts;
1343 
1344 	rts_cts |= SM(WMI_RTSCTS_ENABLED, WMI_RTSCTS_SET);
1345 
1346 	if (arvif->num_legacy_stations > 0)
1347 		rts_cts |= SM(WMI_RTSCTS_ACROSS_SW_RETRIES,
1348 			      WMI_RTSCTS_PROFILE);
1349 	else
1350 		rts_cts |= SM(WMI_RTSCTS_FOR_SECOND_RATESERIES,
1351 			      WMI_RTSCTS_PROFILE);
1352 
1353 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %d recalc rts/cts prot %d\n",
1354 		   arvif->vdev_id, rts_cts);
1355 
1356 	return ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
1357 					 rts_cts);
1358 }
1359 
1360 static int ath10k_start_cac(struct ath10k *ar)
1361 {
1362 	int ret;
1363 
1364 	lockdep_assert_held(&ar->conf_mutex);
1365 
1366 	set_bit(ATH10K_CAC_RUNNING, &ar->dev_flags);
1367 
1368 	ret = ath10k_monitor_recalc(ar);
1369 	if (ret) {
1370 		ath10k_warn(ar, "failed to start monitor (cac): %d\n", ret);
1371 		clear_bit(ATH10K_CAC_RUNNING, &ar->dev_flags);
1372 		return ret;
1373 	}
1374 
1375 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac cac start monitor vdev %d\n",
1376 		   ar->monitor_vdev_id);
1377 
1378 	return 0;
1379 }
1380 
1381 static int ath10k_stop_cac(struct ath10k *ar)
1382 {
1383 	lockdep_assert_held(&ar->conf_mutex);
1384 
1385 	/* CAC is not running - do nothing */
1386 	if (!test_bit(ATH10K_CAC_RUNNING, &ar->dev_flags))
1387 		return 0;
1388 
1389 	clear_bit(ATH10K_CAC_RUNNING, &ar->dev_flags);
1390 	ath10k_monitor_stop(ar);
1391 
1392 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac cac finished\n");
1393 
1394 	return 0;
1395 }
1396 
1397 static void ath10k_mac_has_radar_iter(struct ieee80211_hw *hw,
1398 				      struct ieee80211_chanctx_conf *conf,
1399 				      void *data)
1400 {
1401 	bool *ret = data;
1402 
1403 	if (!*ret && conf->radar_enabled)
1404 		*ret = true;
1405 }
1406 
1407 static bool ath10k_mac_has_radar_enabled(struct ath10k *ar)
1408 {
1409 	bool has_radar = false;
1410 
1411 	ieee80211_iter_chan_contexts_atomic(ar->hw,
1412 					    ath10k_mac_has_radar_iter,
1413 					    &has_radar);
1414 
1415 	return has_radar;
1416 }
1417 
1418 static void ath10k_recalc_radar_detection(struct ath10k *ar)
1419 {
1420 	int ret;
1421 
1422 	lockdep_assert_held(&ar->conf_mutex);
1423 
1424 	ath10k_stop_cac(ar);
1425 
1426 	if (!ath10k_mac_has_radar_enabled(ar))
1427 		return;
1428 
1429 	if (ar->num_started_vdevs > 0)
1430 		return;
1431 
1432 	ret = ath10k_start_cac(ar);
1433 	if (ret) {
1434 		/*
1435 		 * Not possible to start CAC on current channel so starting
1436 		 * radiation is not allowed, make this channel DFS_UNAVAILABLE
1437 		 * by indicating that radar was detected.
1438 		 */
1439 		ath10k_warn(ar, "failed to start CAC: %d\n", ret);
1440 		ieee80211_radar_detected(ar->hw, NULL);
1441 	}
1442 }
1443 
1444 static int ath10k_vdev_stop(struct ath10k_vif *arvif)
1445 {
1446 	struct ath10k *ar = arvif->ar;
1447 	int ret;
1448 
1449 	lockdep_assert_held(&ar->conf_mutex);
1450 
1451 	reinit_completion(&ar->vdev_setup_done);
1452 	reinit_completion(&ar->vdev_delete_done);
1453 
1454 	ret = ath10k_wmi_vdev_stop(ar, arvif->vdev_id);
1455 	if (ret) {
1456 		ath10k_warn(ar, "failed to stop WMI vdev %i: %d\n",
1457 			    arvif->vdev_id, ret);
1458 		return ret;
1459 	}
1460 
1461 	ret = ath10k_vdev_setup_sync(ar);
1462 	if (ret) {
1463 		ath10k_warn(ar, "failed to synchronize setup for vdev %i: %d\n",
1464 			    arvif->vdev_id, ret);
1465 		return ret;
1466 	}
1467 
1468 	WARN_ON(ar->num_started_vdevs == 0);
1469 
1470 	if (ar->num_started_vdevs != 0) {
1471 		ar->num_started_vdevs--;
1472 		ath10k_recalc_radar_detection(ar);
1473 	}
1474 
1475 	return ret;
1476 }
1477 
1478 static int ath10k_vdev_start_restart(struct ath10k_vif *arvif,
1479 				     const struct cfg80211_chan_def *chandef,
1480 				     bool restart)
1481 {
1482 	struct ath10k *ar = arvif->ar;
1483 	struct wmi_vdev_start_request_arg arg = {};
1484 	int ret = 0;
1485 
1486 	lockdep_assert_held(&ar->conf_mutex);
1487 
1488 	reinit_completion(&ar->vdev_setup_done);
1489 	reinit_completion(&ar->vdev_delete_done);
1490 
1491 	arg.vdev_id = arvif->vdev_id;
1492 	arg.dtim_period = arvif->dtim_period;
1493 	arg.bcn_intval = arvif->beacon_interval;
1494 
1495 	arg.channel.freq = chandef->chan->center_freq;
1496 	arg.channel.band_center_freq1 = chandef->center_freq1;
1497 	arg.channel.band_center_freq2 = chandef->center_freq2;
1498 	arg.channel.mode = chan_to_phymode(chandef);
1499 
1500 	arg.channel.min_power = 0;
1501 	arg.channel.max_power = chandef->chan->max_power * 2;
1502 	arg.channel.max_reg_power = chandef->chan->max_reg_power * 2;
1503 	arg.channel.max_antenna_gain = chandef->chan->max_antenna_gain;
1504 
1505 	if (arvif->vdev_type == WMI_VDEV_TYPE_AP) {
1506 		arg.ssid = arvif->u.ap.ssid;
1507 		arg.ssid_len = arvif->u.ap.ssid_len;
1508 		arg.hidden_ssid = arvif->u.ap.hidden_ssid;
1509 
1510 		/* For now allow DFS for AP mode */
1511 		arg.channel.chan_radar =
1512 			!!(chandef->chan->flags & IEEE80211_CHAN_RADAR);
1513 	} else if (arvif->vdev_type == WMI_VDEV_TYPE_IBSS) {
1514 		arg.ssid = arvif->vif->cfg.ssid;
1515 		arg.ssid_len = arvif->vif->cfg.ssid_len;
1516 	}
1517 
1518 	ath10k_dbg(ar, ATH10K_DBG_MAC,
1519 		   "mac vdev %d start center_freq %d phymode %s\n",
1520 		   arg.vdev_id, arg.channel.freq,
1521 		   ath10k_wmi_phymode_str(arg.channel.mode));
1522 
1523 	if (restart)
1524 		ret = ath10k_wmi_vdev_restart(ar, &arg);
1525 	else
1526 		ret = ath10k_wmi_vdev_start(ar, &arg);
1527 
1528 	if (ret) {
1529 		ath10k_warn(ar, "failed to start WMI vdev %i: %d\n",
1530 			    arg.vdev_id, ret);
1531 		return ret;
1532 	}
1533 
1534 	ret = ath10k_vdev_setup_sync(ar);
1535 	if (ret) {
1536 		ath10k_warn(ar,
1537 			    "failed to synchronize setup for vdev %i restart %d: %d\n",
1538 			    arg.vdev_id, restart, ret);
1539 		return ret;
1540 	}
1541 
1542 	ar->num_started_vdevs++;
1543 	ath10k_recalc_radar_detection(ar);
1544 
1545 	return ret;
1546 }
1547 
1548 static int ath10k_vdev_start(struct ath10k_vif *arvif,
1549 			     const struct cfg80211_chan_def *def)
1550 {
1551 	return ath10k_vdev_start_restart(arvif, def, false);
1552 }
1553 
1554 static int ath10k_vdev_restart(struct ath10k_vif *arvif,
1555 			       const struct cfg80211_chan_def *def)
1556 {
1557 	return ath10k_vdev_start_restart(arvif, def, true);
1558 }
1559 
1560 static int ath10k_mac_setup_bcn_p2p_ie(struct ath10k_vif *arvif,
1561 				       struct sk_buff *bcn)
1562 {
1563 	struct ath10k *ar = arvif->ar;
1564 	struct ieee80211_mgmt *mgmt;
1565 	const u8 *p2p_ie;
1566 	int ret;
1567 
1568 	if (arvif->vif->type != NL80211_IFTYPE_AP || !arvif->vif->p2p)
1569 		return 0;
1570 
1571 	mgmt = (void *)bcn->data;
1572 	p2p_ie = cfg80211_find_vendor_ie(WLAN_OUI_WFA, WLAN_OUI_TYPE_WFA_P2P,
1573 					 mgmt->u.beacon.variable,
1574 					 bcn->len - (mgmt->u.beacon.variable -
1575 						     bcn->data));
1576 	if (!p2p_ie)
1577 		return -ENOENT;
1578 
1579 	ret = ath10k_wmi_p2p_go_bcn_ie(ar, arvif->vdev_id, p2p_ie);
1580 	if (ret) {
1581 		ath10k_warn(ar, "failed to submit p2p go bcn ie for vdev %i: %d\n",
1582 			    arvif->vdev_id, ret);
1583 		return ret;
1584 	}
1585 
1586 	return 0;
1587 }
1588 
1589 static int ath10k_mac_remove_vendor_ie(struct sk_buff *skb, unsigned int oui,
1590 				       u8 oui_type, size_t ie_offset)
1591 {
1592 	size_t len;
1593 	const u8 *next;
1594 	const u8 *end;
1595 	u8 *ie;
1596 
1597 	if (WARN_ON(skb->len < ie_offset))
1598 		return -EINVAL;
1599 
1600 	ie = (u8 *)cfg80211_find_vendor_ie(oui, oui_type,
1601 					   skb->data + ie_offset,
1602 					   skb->len - ie_offset);
1603 	if (!ie)
1604 		return -ENOENT;
1605 
1606 	len = ie[1] + 2;
1607 	end = skb->data + skb->len;
1608 	next = ie + len;
1609 
1610 	if (WARN_ON(next > end))
1611 		return -EINVAL;
1612 
1613 	memmove(ie, next, end - next);
1614 	skb_trim(skb, skb->len - len);
1615 
1616 	return 0;
1617 }
1618 
1619 static int ath10k_mac_setup_bcn_tmpl(struct ath10k_vif *arvif)
1620 {
1621 	struct ath10k *ar = arvif->ar;
1622 	struct ieee80211_hw *hw = ar->hw;
1623 	struct ieee80211_vif *vif = arvif->vif;
1624 	struct ieee80211_mutable_offsets offs = {};
1625 	struct sk_buff *bcn;
1626 	int ret;
1627 
1628 	if (!test_bit(WMI_SERVICE_BEACON_OFFLOAD, ar->wmi.svc_map))
1629 		return 0;
1630 
1631 	if (arvif->vdev_type != WMI_VDEV_TYPE_AP &&
1632 	    arvif->vdev_type != WMI_VDEV_TYPE_IBSS)
1633 		return 0;
1634 
1635 	bcn = ieee80211_beacon_get_template(hw, vif, &offs, 0);
1636 	if (!bcn) {
1637 		ath10k_warn(ar, "failed to get beacon template from mac80211\n");
1638 		return -EPERM;
1639 	}
1640 
1641 	ret = ath10k_mac_setup_bcn_p2p_ie(arvif, bcn);
1642 	if (ret) {
1643 		ath10k_warn(ar, "failed to setup p2p go bcn ie: %d\n", ret);
1644 		kfree_skb(bcn);
1645 		return ret;
1646 	}
1647 
1648 	/* P2P IE is inserted by firmware automatically (as configured above)
1649 	 * so remove it from the base beacon template to avoid duplicate P2P
1650 	 * IEs in beacon frames.
1651 	 */
1652 	ath10k_mac_remove_vendor_ie(bcn, WLAN_OUI_WFA, WLAN_OUI_TYPE_WFA_P2P,
1653 				    offsetof(struct ieee80211_mgmt,
1654 					     u.beacon.variable));
1655 
1656 	ret = ath10k_wmi_bcn_tmpl(ar, arvif->vdev_id, offs.tim_offset, bcn, 0,
1657 				  0, NULL, 0);
1658 	kfree_skb(bcn);
1659 
1660 	if (ret) {
1661 		ath10k_warn(ar, "failed to submit beacon template command: %d\n",
1662 			    ret);
1663 		return ret;
1664 	}
1665 
1666 	return 0;
1667 }
1668 
1669 static int ath10k_mac_setup_prb_tmpl(struct ath10k_vif *arvif)
1670 {
1671 	struct ath10k *ar = arvif->ar;
1672 	struct ieee80211_hw *hw = ar->hw;
1673 	struct ieee80211_vif *vif = arvif->vif;
1674 	struct sk_buff *prb;
1675 	int ret;
1676 
1677 	if (!test_bit(WMI_SERVICE_BEACON_OFFLOAD, ar->wmi.svc_map))
1678 		return 0;
1679 
1680 	if (arvif->vdev_type != WMI_VDEV_TYPE_AP)
1681 		return 0;
1682 
1683 	 /* For mesh, probe response and beacon share the same template */
1684 	if (ieee80211_vif_is_mesh(vif))
1685 		return 0;
1686 
1687 	prb = ieee80211_proberesp_get(hw, vif);
1688 	if (!prb) {
1689 		ath10k_warn(ar, "failed to get probe resp template from mac80211\n");
1690 		return -EPERM;
1691 	}
1692 
1693 	ret = ath10k_wmi_prb_tmpl(ar, arvif->vdev_id, prb);
1694 	kfree_skb(prb);
1695 
1696 	if (ret) {
1697 		ath10k_warn(ar, "failed to submit probe resp template command: %d\n",
1698 			    ret);
1699 		return ret;
1700 	}
1701 
1702 	return 0;
1703 }
1704 
1705 static int ath10k_mac_vif_fix_hidden_ssid(struct ath10k_vif *arvif)
1706 {
1707 	struct ath10k *ar = arvif->ar;
1708 	struct cfg80211_chan_def def;
1709 	int ret;
1710 
1711 	/* When originally vdev is started during assign_vif_chanctx() some
1712 	 * information is missing, notably SSID. Firmware revisions with beacon
1713 	 * offloading require the SSID to be provided during vdev (re)start to
1714 	 * handle hidden SSID properly.
1715 	 *
1716 	 * Vdev restart must be done after vdev has been both started and
1717 	 * upped. Otherwise some firmware revisions (at least 10.2) fail to
1718 	 * deliver vdev restart response event causing timeouts during vdev
1719 	 * syncing in ath10k.
1720 	 *
1721 	 * Note: The vdev down/up and template reinstallation could be skipped
1722 	 * since only wmi-tlv firmware are known to have beacon offload and
1723 	 * wmi-tlv doesn't seem to misbehave like 10.2 wrt vdev restart
1724 	 * response delivery. It's probably more robust to keep it as is.
1725 	 */
1726 	if (!test_bit(WMI_SERVICE_BEACON_OFFLOAD, ar->wmi.svc_map))
1727 		return 0;
1728 
1729 	if (WARN_ON(!arvif->is_started))
1730 		return -EINVAL;
1731 
1732 	if (WARN_ON(!arvif->is_up))
1733 		return -EINVAL;
1734 
1735 	if (WARN_ON(ath10k_mac_vif_chan(arvif->vif, &def)))
1736 		return -EINVAL;
1737 
1738 	ret = ath10k_wmi_vdev_down(ar, arvif->vdev_id);
1739 	if (ret) {
1740 		ath10k_warn(ar, "failed to bring down ap vdev %i: %d\n",
1741 			    arvif->vdev_id, ret);
1742 		return ret;
1743 	}
1744 
1745 	/* Vdev down reset beacon & presp templates. Reinstall them. Otherwise
1746 	 * firmware will crash upon vdev up.
1747 	 */
1748 
1749 	ret = ath10k_mac_setup_bcn_tmpl(arvif);
1750 	if (ret) {
1751 		ath10k_warn(ar, "failed to update beacon template: %d\n", ret);
1752 		return ret;
1753 	}
1754 
1755 	ret = ath10k_mac_setup_prb_tmpl(arvif);
1756 	if (ret) {
1757 		ath10k_warn(ar, "failed to update presp template: %d\n", ret);
1758 		return ret;
1759 	}
1760 
1761 	ret = ath10k_vdev_restart(arvif, &def);
1762 	if (ret) {
1763 		ath10k_warn(ar, "failed to restart ap vdev %i: %d\n",
1764 			    arvif->vdev_id, ret);
1765 		return ret;
1766 	}
1767 
1768 	ret = ath10k_wmi_vdev_up(arvif->ar, arvif->vdev_id, arvif->aid,
1769 				 arvif->bssid);
1770 	if (ret) {
1771 		ath10k_warn(ar, "failed to bring up ap vdev %i: %d\n",
1772 			    arvif->vdev_id, ret);
1773 		return ret;
1774 	}
1775 
1776 	return 0;
1777 }
1778 
1779 static void ath10k_control_beaconing(struct ath10k_vif *arvif,
1780 				     struct ieee80211_bss_conf *info)
1781 {
1782 	struct ath10k *ar = arvif->ar;
1783 	int ret = 0;
1784 
1785 	lockdep_assert_held(&arvif->ar->conf_mutex);
1786 
1787 	if (!info->enable_beacon) {
1788 		ret = ath10k_wmi_vdev_down(ar, arvif->vdev_id);
1789 		if (ret)
1790 			ath10k_warn(ar, "failed to down vdev_id %i: %d\n",
1791 				    arvif->vdev_id, ret);
1792 
1793 		arvif->is_up = false;
1794 
1795 		spin_lock_bh(&arvif->ar->data_lock);
1796 		ath10k_mac_vif_beacon_free(arvif);
1797 		spin_unlock_bh(&arvif->ar->data_lock);
1798 
1799 		return;
1800 	}
1801 
1802 	arvif->tx_seq_no = 0x1000;
1803 
1804 	arvif->aid = 0;
1805 	ether_addr_copy(arvif->bssid, info->bssid);
1806 
1807 	ret = ath10k_wmi_vdev_up(arvif->ar, arvif->vdev_id, arvif->aid,
1808 				 arvif->bssid);
1809 	if (ret) {
1810 		ath10k_warn(ar, "failed to bring up vdev %d: %i\n",
1811 			    arvif->vdev_id, ret);
1812 		return;
1813 	}
1814 
1815 	arvif->is_up = true;
1816 
1817 	ret = ath10k_mac_vif_fix_hidden_ssid(arvif);
1818 	if (ret) {
1819 		ath10k_warn(ar, "failed to fix hidden ssid for vdev %i, expect trouble: %d\n",
1820 			    arvif->vdev_id, ret);
1821 		return;
1822 	}
1823 
1824 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %d up\n", arvif->vdev_id);
1825 }
1826 
1827 static void ath10k_control_ibss(struct ath10k_vif *arvif,
1828 				struct ieee80211_vif *vif)
1829 {
1830 	struct ath10k *ar = arvif->ar;
1831 	u32 vdev_param;
1832 	int ret = 0;
1833 
1834 	lockdep_assert_held(&arvif->ar->conf_mutex);
1835 
1836 	if (!vif->cfg.ibss_joined) {
1837 		if (is_zero_ether_addr(arvif->bssid))
1838 			return;
1839 
1840 		eth_zero_addr(arvif->bssid);
1841 
1842 		return;
1843 	}
1844 
1845 	vdev_param = arvif->ar->wmi.vdev_param->atim_window;
1846 	ret = ath10k_wmi_vdev_set_param(arvif->ar, arvif->vdev_id, vdev_param,
1847 					ATH10K_DEFAULT_ATIM);
1848 	if (ret)
1849 		ath10k_warn(ar, "failed to set IBSS ATIM for vdev %d: %d\n",
1850 			    arvif->vdev_id, ret);
1851 }
1852 
1853 static int ath10k_mac_vif_recalc_ps_wake_threshold(struct ath10k_vif *arvif)
1854 {
1855 	struct ath10k *ar = arvif->ar;
1856 	u32 param;
1857 	u32 value;
1858 	int ret;
1859 
1860 	lockdep_assert_held(&arvif->ar->conf_mutex);
1861 
1862 	if (arvif->u.sta.uapsd)
1863 		value = WMI_STA_PS_TX_WAKE_THRESHOLD_NEVER;
1864 	else
1865 		value = WMI_STA_PS_TX_WAKE_THRESHOLD_ALWAYS;
1866 
1867 	param = WMI_STA_PS_PARAM_TX_WAKE_THRESHOLD;
1868 	ret = ath10k_wmi_set_sta_ps_param(ar, arvif->vdev_id, param, value);
1869 	if (ret) {
1870 		ath10k_warn(ar, "failed to submit ps wake threshold %u on vdev %i: %d\n",
1871 			    value, arvif->vdev_id, ret);
1872 		return ret;
1873 	}
1874 
1875 	return 0;
1876 }
1877 
1878 static int ath10k_mac_vif_recalc_ps_poll_count(struct ath10k_vif *arvif)
1879 {
1880 	struct ath10k *ar = arvif->ar;
1881 	u32 param;
1882 	u32 value;
1883 	int ret;
1884 
1885 	lockdep_assert_held(&arvif->ar->conf_mutex);
1886 
1887 	if (arvif->u.sta.uapsd)
1888 		value = WMI_STA_PS_PSPOLL_COUNT_UAPSD;
1889 	else
1890 		value = WMI_STA_PS_PSPOLL_COUNT_NO_MAX;
1891 
1892 	param = WMI_STA_PS_PARAM_PSPOLL_COUNT;
1893 	ret = ath10k_wmi_set_sta_ps_param(ar, arvif->vdev_id,
1894 					  param, value);
1895 	if (ret) {
1896 		ath10k_warn(ar, "failed to submit ps poll count %u on vdev %i: %d\n",
1897 			    value, arvif->vdev_id, ret);
1898 		return ret;
1899 	}
1900 
1901 	return 0;
1902 }
1903 
1904 static int ath10k_mac_num_vifs_started(struct ath10k *ar)
1905 {
1906 	struct ath10k_vif *arvif;
1907 	int num = 0;
1908 
1909 	lockdep_assert_held(&ar->conf_mutex);
1910 
1911 	list_for_each_entry(arvif, &ar->arvifs, list)
1912 		if (arvif->is_started)
1913 			num++;
1914 
1915 	return num;
1916 }
1917 
1918 static int ath10k_mac_vif_setup_ps(struct ath10k_vif *arvif)
1919 {
1920 	struct ath10k *ar = arvif->ar;
1921 	struct ieee80211_vif *vif = arvif->vif;
1922 	struct ieee80211_conf *conf = &ar->hw->conf;
1923 	enum wmi_sta_powersave_param param;
1924 	enum wmi_sta_ps_mode psmode;
1925 	int ret;
1926 	int ps_timeout;
1927 	bool enable_ps;
1928 
1929 	lockdep_assert_held(&arvif->ar->conf_mutex);
1930 
1931 	if (arvif->vif->type != NL80211_IFTYPE_STATION)
1932 		return 0;
1933 
1934 	enable_ps = arvif->ps;
1935 
1936 	if (enable_ps && ath10k_mac_num_vifs_started(ar) > 1 &&
1937 	    !test_bit(ATH10K_FW_FEATURE_MULTI_VIF_PS_SUPPORT,
1938 		      ar->running_fw->fw_file.fw_features)) {
1939 		ath10k_warn(ar, "refusing to enable ps on vdev %i: not supported by fw\n",
1940 			    arvif->vdev_id);
1941 		enable_ps = false;
1942 	}
1943 
1944 	if (!arvif->is_started) {
1945 		/* mac80211 can update vif powersave state while disconnected.
1946 		 * Firmware doesn't behave nicely and consumes more power than
1947 		 * necessary if PS is disabled on a non-started vdev. Hence
1948 		 * force-enable PS for non-running vdevs.
1949 		 */
1950 		psmode = WMI_STA_PS_MODE_ENABLED;
1951 	} else if (enable_ps) {
1952 		psmode = WMI_STA_PS_MODE_ENABLED;
1953 		param = WMI_STA_PS_PARAM_INACTIVITY_TIME;
1954 
1955 		ps_timeout = conf->dynamic_ps_timeout;
1956 		if (ps_timeout == 0) {
1957 			/* Firmware doesn't like 0 */
1958 			ps_timeout = ieee80211_tu_to_usec(
1959 				vif->bss_conf.beacon_int) / 1000;
1960 		}
1961 
1962 		ret = ath10k_wmi_set_sta_ps_param(ar, arvif->vdev_id, param,
1963 						  ps_timeout);
1964 		if (ret) {
1965 			ath10k_warn(ar, "failed to set inactivity time for vdev %d: %i\n",
1966 				    arvif->vdev_id, ret);
1967 			return ret;
1968 		}
1969 	} else {
1970 		psmode = WMI_STA_PS_MODE_DISABLED;
1971 	}
1972 
1973 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %d psmode %s\n",
1974 		   arvif->vdev_id, psmode ? "enable" : "disable");
1975 
1976 	ret = ath10k_wmi_set_psmode(ar, arvif->vdev_id, psmode);
1977 	if (ret) {
1978 		ath10k_warn(ar, "failed to set PS Mode %d for vdev %d: %d\n",
1979 			    psmode, arvif->vdev_id, ret);
1980 		return ret;
1981 	}
1982 
1983 	return 0;
1984 }
1985 
1986 static int ath10k_mac_vif_disable_keepalive(struct ath10k_vif *arvif)
1987 {
1988 	struct ath10k *ar = arvif->ar;
1989 	struct wmi_sta_keepalive_arg arg = {};
1990 	int ret;
1991 
1992 	lockdep_assert_held(&arvif->ar->conf_mutex);
1993 
1994 	if (arvif->vdev_type != WMI_VDEV_TYPE_STA)
1995 		return 0;
1996 
1997 	if (!test_bit(WMI_SERVICE_STA_KEEP_ALIVE, ar->wmi.svc_map))
1998 		return 0;
1999 
2000 	/* Some firmware revisions have a bug and ignore the `enabled` field.
2001 	 * Instead use the interval to disable the keepalive.
2002 	 */
2003 	arg.vdev_id = arvif->vdev_id;
2004 	arg.enabled = 1;
2005 	arg.method = WMI_STA_KEEPALIVE_METHOD_NULL_FRAME;
2006 	arg.interval = WMI_STA_KEEPALIVE_INTERVAL_DISABLE;
2007 
2008 	ret = ath10k_wmi_sta_keepalive(ar, &arg);
2009 	if (ret) {
2010 		ath10k_warn(ar, "failed to submit keepalive on vdev %i: %d\n",
2011 			    arvif->vdev_id, ret);
2012 		return ret;
2013 	}
2014 
2015 	return 0;
2016 }
2017 
2018 static void ath10k_mac_vif_ap_csa_count_down(struct ath10k_vif *arvif)
2019 {
2020 	struct ath10k *ar = arvif->ar;
2021 	struct ieee80211_vif *vif = arvif->vif;
2022 	int ret;
2023 
2024 	lockdep_assert_held(&arvif->ar->conf_mutex);
2025 
2026 	if (WARN_ON(!test_bit(WMI_SERVICE_BEACON_OFFLOAD, ar->wmi.svc_map)))
2027 		return;
2028 
2029 	if (arvif->vdev_type != WMI_VDEV_TYPE_AP)
2030 		return;
2031 
2032 	if (!vif->bss_conf.csa_active)
2033 		return;
2034 
2035 	if (!arvif->is_up)
2036 		return;
2037 
2038 	if (!ieee80211_beacon_cntdwn_is_complete(vif, 0)) {
2039 		ieee80211_beacon_update_cntdwn(vif, 0);
2040 
2041 		ret = ath10k_mac_setup_bcn_tmpl(arvif);
2042 		if (ret)
2043 			ath10k_warn(ar, "failed to update bcn tmpl during csa: %d\n",
2044 				    ret);
2045 
2046 		ret = ath10k_mac_setup_prb_tmpl(arvif);
2047 		if (ret)
2048 			ath10k_warn(ar, "failed to update prb tmpl during csa: %d\n",
2049 				    ret);
2050 	} else {
2051 		ieee80211_csa_finish(vif, 0);
2052 	}
2053 }
2054 
2055 static void ath10k_mac_vif_ap_csa_work(struct work_struct *work)
2056 {
2057 	struct ath10k_vif *arvif = container_of(work, struct ath10k_vif,
2058 						ap_csa_work);
2059 	struct ath10k *ar = arvif->ar;
2060 
2061 	mutex_lock(&ar->conf_mutex);
2062 	ath10k_mac_vif_ap_csa_count_down(arvif);
2063 	mutex_unlock(&ar->conf_mutex);
2064 }
2065 
2066 static void ath10k_mac_handle_beacon_iter(void *data, u8 *mac,
2067 					  struct ieee80211_vif *vif)
2068 {
2069 	struct sk_buff *skb = data;
2070 	struct ieee80211_mgmt *mgmt = (void *)skb->data;
2071 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
2072 
2073 	if (vif->type != NL80211_IFTYPE_STATION)
2074 		return;
2075 
2076 	if (!ether_addr_equal(mgmt->bssid, vif->bss_conf.bssid))
2077 		return;
2078 
2079 	cancel_delayed_work(&arvif->connection_loss_work);
2080 }
2081 
2082 void ath10k_mac_handle_beacon(struct ath10k *ar, struct sk_buff *skb)
2083 {
2084 	ieee80211_iterate_active_interfaces_atomic(ar->hw,
2085 						   ATH10K_ITER_NORMAL_FLAGS,
2086 						   ath10k_mac_handle_beacon_iter,
2087 						   skb);
2088 }
2089 
2090 static void ath10k_mac_handle_beacon_miss_iter(void *data, u8 *mac,
2091 					       struct ieee80211_vif *vif)
2092 {
2093 	u32 *vdev_id = data;
2094 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
2095 	struct ath10k *ar = arvif->ar;
2096 	struct ieee80211_hw *hw = ar->hw;
2097 
2098 	if (arvif->vdev_id != *vdev_id)
2099 		return;
2100 
2101 	if (!arvif->is_up)
2102 		return;
2103 
2104 	ieee80211_beacon_loss(vif);
2105 
2106 	/* Firmware doesn't report beacon loss events repeatedly. If AP probe
2107 	 * (done by mac80211) succeeds but beacons do not resume then it
2108 	 * doesn't make sense to continue operation. Queue connection loss work
2109 	 * which can be cancelled when beacon is received.
2110 	 */
2111 	ieee80211_queue_delayed_work(hw, &arvif->connection_loss_work,
2112 				     ATH10K_CONNECTION_LOSS_HZ);
2113 }
2114 
2115 void ath10k_mac_handle_beacon_miss(struct ath10k *ar, u32 vdev_id)
2116 {
2117 	ieee80211_iterate_active_interfaces_atomic(ar->hw,
2118 						   ATH10K_ITER_NORMAL_FLAGS,
2119 						   ath10k_mac_handle_beacon_miss_iter,
2120 						   &vdev_id);
2121 }
2122 
2123 static void ath10k_mac_vif_sta_connection_loss_work(struct work_struct *work)
2124 {
2125 	struct ath10k_vif *arvif = container_of(work, struct ath10k_vif,
2126 						connection_loss_work.work);
2127 	struct ieee80211_vif *vif = arvif->vif;
2128 
2129 	if (!arvif->is_up)
2130 		return;
2131 
2132 	ieee80211_connection_loss(vif);
2133 }
2134 
2135 /**********************/
2136 /* Station management */
2137 /**********************/
2138 
2139 static u32 ath10k_peer_assoc_h_listen_intval(struct ath10k *ar,
2140 					     struct ieee80211_vif *vif)
2141 {
2142 	/* Some firmware revisions have unstable STA powersave when listen
2143 	 * interval is set too high (e.g. 5). The symptoms are firmware doesn't
2144 	 * generate NullFunc frames properly even if buffered frames have been
2145 	 * indicated in Beacon TIM. Firmware would seldom wake up to pull
2146 	 * buffered frames. Often pinging the device from AP would simply fail.
2147 	 *
2148 	 * As a workaround set it to 1.
2149 	 */
2150 	if (vif->type == NL80211_IFTYPE_STATION)
2151 		return 1;
2152 
2153 	return ar->hw->conf.listen_interval;
2154 }
2155 
2156 static void ath10k_peer_assoc_h_basic(struct ath10k *ar,
2157 				      struct ieee80211_vif *vif,
2158 				      struct ieee80211_sta *sta,
2159 				      struct wmi_peer_assoc_complete_arg *arg)
2160 {
2161 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
2162 	u32 aid;
2163 
2164 	lockdep_assert_held(&ar->conf_mutex);
2165 
2166 	if (vif->type == NL80211_IFTYPE_STATION)
2167 		aid = vif->cfg.aid;
2168 	else
2169 		aid = sta->aid;
2170 
2171 	ether_addr_copy(arg->addr, sta->addr);
2172 	arg->vdev_id = arvif->vdev_id;
2173 	arg->peer_aid = aid;
2174 	arg->peer_flags |= arvif->ar->wmi.peer_flags->auth;
2175 	arg->peer_listen_intval = ath10k_peer_assoc_h_listen_intval(ar, vif);
2176 	arg->peer_num_spatial_streams = 1;
2177 	arg->peer_caps = vif->bss_conf.assoc_capability;
2178 }
2179 
2180 static void ath10k_peer_assoc_h_crypto(struct ath10k *ar,
2181 				       struct ieee80211_vif *vif,
2182 				       struct ieee80211_sta *sta,
2183 				       struct wmi_peer_assoc_complete_arg *arg)
2184 {
2185 	struct ieee80211_bss_conf *info = &vif->bss_conf;
2186 	struct cfg80211_chan_def def;
2187 	struct cfg80211_bss *bss;
2188 	const u8 *rsnie = NULL;
2189 	const u8 *wpaie = NULL;
2190 
2191 	lockdep_assert_held(&ar->conf_mutex);
2192 
2193 	if (WARN_ON(ath10k_mac_vif_chan(vif, &def)))
2194 		return;
2195 
2196 	bss = cfg80211_get_bss(ar->hw->wiphy, def.chan, info->bssid,
2197 			       vif->cfg.ssid_len ? vif->cfg.ssid : NULL,
2198 			       vif->cfg.ssid_len,
2199 			       IEEE80211_BSS_TYPE_ANY, IEEE80211_PRIVACY_ANY);
2200 	if (bss) {
2201 		const struct cfg80211_bss_ies *ies;
2202 
2203 		rcu_read_lock();
2204 		rsnie = ieee80211_bss_get_ie(bss, WLAN_EID_RSN);
2205 
2206 		ies = rcu_dereference(bss->ies);
2207 
2208 		wpaie = cfg80211_find_vendor_ie(WLAN_OUI_MICROSOFT,
2209 						WLAN_OUI_TYPE_MICROSOFT_WPA,
2210 						ies->data,
2211 						ies->len);
2212 		rcu_read_unlock();
2213 		cfg80211_put_bss(ar->hw->wiphy, bss);
2214 	}
2215 
2216 	/* FIXME: base on RSN IE/WPA IE is a correct idea? */
2217 	if (rsnie || wpaie) {
2218 		ath10k_dbg(ar, ATH10K_DBG_WMI, "%s: rsn ie found\n", __func__);
2219 		arg->peer_flags |= ar->wmi.peer_flags->need_ptk_4_way;
2220 	}
2221 
2222 	if (wpaie) {
2223 		ath10k_dbg(ar, ATH10K_DBG_WMI, "%s: wpa ie found\n", __func__);
2224 		arg->peer_flags |= ar->wmi.peer_flags->need_gtk_2_way;
2225 	}
2226 
2227 	if (sta->mfp &&
2228 	    test_bit(ATH10K_FW_FEATURE_MFP_SUPPORT,
2229 		     ar->running_fw->fw_file.fw_features)) {
2230 		arg->peer_flags |= ar->wmi.peer_flags->pmf;
2231 	}
2232 }
2233 
2234 static void ath10k_peer_assoc_h_rates(struct ath10k *ar,
2235 				      struct ieee80211_vif *vif,
2236 				      struct ieee80211_sta *sta,
2237 				      struct wmi_peer_assoc_complete_arg *arg)
2238 {
2239 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
2240 	struct wmi_rate_set_arg *rateset = &arg->peer_legacy_rates;
2241 	struct cfg80211_chan_def def;
2242 	const struct ieee80211_supported_band *sband;
2243 	const struct ieee80211_rate *rates;
2244 	enum nl80211_band band;
2245 	u32 ratemask;
2246 	u8 rate;
2247 	int i;
2248 
2249 	lockdep_assert_held(&ar->conf_mutex);
2250 
2251 	if (WARN_ON(ath10k_mac_vif_chan(vif, &def)))
2252 		return;
2253 
2254 	band = def.chan->band;
2255 	sband = ar->hw->wiphy->bands[band];
2256 	ratemask = sta->deflink.supp_rates[band];
2257 	ratemask &= arvif->bitrate_mask.control[band].legacy;
2258 	rates = sband->bitrates;
2259 
2260 	rateset->num_rates = 0;
2261 
2262 	for (i = 0; i < 32; i++, ratemask >>= 1, rates++) {
2263 		if (!(ratemask & 1))
2264 			continue;
2265 
2266 		rate = ath10k_mac_bitrate_to_rate(rates->bitrate);
2267 		rateset->rates[rateset->num_rates] = rate;
2268 		rateset->num_rates++;
2269 	}
2270 }
2271 
2272 static bool
2273 ath10k_peer_assoc_h_ht_masked(const u8 ht_mcs_mask[IEEE80211_HT_MCS_MASK_LEN])
2274 {
2275 	int nss;
2276 
2277 	for (nss = 0; nss < IEEE80211_HT_MCS_MASK_LEN; nss++)
2278 		if (ht_mcs_mask[nss])
2279 			return false;
2280 
2281 	return true;
2282 }
2283 
2284 static bool
2285 ath10k_peer_assoc_h_vht_masked(const u16 vht_mcs_mask[NL80211_VHT_NSS_MAX])
2286 {
2287 	int nss;
2288 
2289 	for (nss = 0; nss < NL80211_VHT_NSS_MAX; nss++)
2290 		if (vht_mcs_mask[nss])
2291 			return false;
2292 
2293 	return true;
2294 }
2295 
2296 static void ath10k_peer_assoc_h_ht(struct ath10k *ar,
2297 				   struct ieee80211_vif *vif,
2298 				   struct ieee80211_sta *sta,
2299 				   struct wmi_peer_assoc_complete_arg *arg)
2300 {
2301 	const struct ieee80211_sta_ht_cap *ht_cap = &sta->deflink.ht_cap;
2302 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
2303 	struct cfg80211_chan_def def;
2304 	enum nl80211_band band;
2305 	const u8 *ht_mcs_mask;
2306 	const u16 *vht_mcs_mask;
2307 	int i, n;
2308 	u8 max_nss;
2309 	u32 stbc;
2310 
2311 	lockdep_assert_held(&ar->conf_mutex);
2312 
2313 	if (WARN_ON(ath10k_mac_vif_chan(vif, &def)))
2314 		return;
2315 
2316 	if (!ht_cap->ht_supported)
2317 		return;
2318 
2319 	band = def.chan->band;
2320 	ht_mcs_mask = arvif->bitrate_mask.control[band].ht_mcs;
2321 	vht_mcs_mask = arvif->bitrate_mask.control[band].vht_mcs;
2322 
2323 	if (ath10k_peer_assoc_h_ht_masked(ht_mcs_mask) &&
2324 	    ath10k_peer_assoc_h_vht_masked(vht_mcs_mask))
2325 		return;
2326 
2327 	arg->peer_flags |= ar->wmi.peer_flags->ht;
2328 	arg->peer_max_mpdu = (1 << (IEEE80211_HT_MAX_AMPDU_FACTOR +
2329 				    ht_cap->ampdu_factor)) - 1;
2330 
2331 	arg->peer_mpdu_density =
2332 		ath10k_parse_mpdudensity(ht_cap->ampdu_density);
2333 
2334 	arg->peer_ht_caps = ht_cap->cap;
2335 	arg->peer_rate_caps |= WMI_RC_HT_FLAG;
2336 
2337 	if (ht_cap->cap & IEEE80211_HT_CAP_LDPC_CODING)
2338 		arg->peer_flags |= ar->wmi.peer_flags->ldbc;
2339 
2340 	if (sta->deflink.bandwidth >= IEEE80211_STA_RX_BW_40) {
2341 		arg->peer_flags |= ar->wmi.peer_flags->bw40;
2342 		arg->peer_rate_caps |= WMI_RC_CW40_FLAG;
2343 	}
2344 
2345 	if (arvif->bitrate_mask.control[band].gi != NL80211_TXRATE_FORCE_LGI) {
2346 		if (ht_cap->cap & IEEE80211_HT_CAP_SGI_20)
2347 			arg->peer_rate_caps |= WMI_RC_SGI_FLAG;
2348 
2349 		if (ht_cap->cap & IEEE80211_HT_CAP_SGI_40)
2350 			arg->peer_rate_caps |= WMI_RC_SGI_FLAG;
2351 	}
2352 
2353 	if (ht_cap->cap & IEEE80211_HT_CAP_TX_STBC) {
2354 		arg->peer_rate_caps |= WMI_RC_TX_STBC_FLAG;
2355 		arg->peer_flags |= ar->wmi.peer_flags->stbc;
2356 	}
2357 
2358 	if (ht_cap->cap & IEEE80211_HT_CAP_RX_STBC) {
2359 		stbc = ht_cap->cap & IEEE80211_HT_CAP_RX_STBC;
2360 		stbc = stbc >> IEEE80211_HT_CAP_RX_STBC_SHIFT;
2361 		stbc = stbc << WMI_RC_RX_STBC_FLAG_S;
2362 		arg->peer_rate_caps |= stbc;
2363 		arg->peer_flags |= ar->wmi.peer_flags->stbc;
2364 	}
2365 
2366 	if (ht_cap->mcs.rx_mask[1] && ht_cap->mcs.rx_mask[2])
2367 		arg->peer_rate_caps |= WMI_RC_TS_FLAG;
2368 	else if (ht_cap->mcs.rx_mask[1])
2369 		arg->peer_rate_caps |= WMI_RC_DS_FLAG;
2370 
2371 	for (i = 0, n = 0, max_nss = 0; i < IEEE80211_HT_MCS_MASK_LEN * 8; i++)
2372 		if ((ht_cap->mcs.rx_mask[i / 8] & BIT(i % 8)) &&
2373 		    (ht_mcs_mask[i / 8] & BIT(i % 8))) {
2374 			max_nss = (i / 8) + 1;
2375 			arg->peer_ht_rates.rates[n++] = i;
2376 		}
2377 
2378 	/*
2379 	 * This is a workaround for HT-enabled STAs which break the spec
2380 	 * and have no HT capabilities RX mask (no HT RX MCS map).
2381 	 *
2382 	 * As per spec, in section 20.3.5 Modulation and coding scheme (MCS),
2383 	 * MCS 0 through 7 are mandatory in 20MHz with 800 ns GI at all STAs.
2384 	 *
2385 	 * Firmware asserts if such situation occurs.
2386 	 */
2387 	if (n == 0) {
2388 		arg->peer_ht_rates.num_rates = 8;
2389 		for (i = 0; i < arg->peer_ht_rates.num_rates; i++)
2390 			arg->peer_ht_rates.rates[i] = i;
2391 	} else {
2392 		arg->peer_ht_rates.num_rates = n;
2393 		arg->peer_num_spatial_streams = min(sta->deflink.rx_nss,
2394 						    max_nss);
2395 	}
2396 
2397 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac ht peer %pM mcs cnt %d nss %d\n",
2398 		   arg->addr,
2399 		   arg->peer_ht_rates.num_rates,
2400 		   arg->peer_num_spatial_streams);
2401 }
2402 
2403 static int ath10k_peer_assoc_qos_ap(struct ath10k *ar,
2404 				    struct ath10k_vif *arvif,
2405 				    struct ieee80211_sta *sta)
2406 {
2407 	u32 uapsd = 0;
2408 	u32 max_sp = 0;
2409 	int ret = 0;
2410 
2411 	lockdep_assert_held(&ar->conf_mutex);
2412 
2413 	if (sta->wme && sta->uapsd_queues) {
2414 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac uapsd_queues 0x%x max_sp %d\n",
2415 			   sta->uapsd_queues, sta->max_sp);
2416 
2417 		if (sta->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_VO)
2418 			uapsd |= WMI_AP_PS_UAPSD_AC3_DELIVERY_EN |
2419 				 WMI_AP_PS_UAPSD_AC3_TRIGGER_EN;
2420 		if (sta->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_VI)
2421 			uapsd |= WMI_AP_PS_UAPSD_AC2_DELIVERY_EN |
2422 				 WMI_AP_PS_UAPSD_AC2_TRIGGER_EN;
2423 		if (sta->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_BK)
2424 			uapsd |= WMI_AP_PS_UAPSD_AC1_DELIVERY_EN |
2425 				 WMI_AP_PS_UAPSD_AC1_TRIGGER_EN;
2426 		if (sta->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_BE)
2427 			uapsd |= WMI_AP_PS_UAPSD_AC0_DELIVERY_EN |
2428 				 WMI_AP_PS_UAPSD_AC0_TRIGGER_EN;
2429 
2430 		if (sta->max_sp < MAX_WMI_AP_PS_PEER_PARAM_MAX_SP)
2431 			max_sp = sta->max_sp;
2432 
2433 		ret = ath10k_wmi_set_ap_ps_param(ar, arvif->vdev_id,
2434 						 sta->addr,
2435 						 WMI_AP_PS_PEER_PARAM_UAPSD,
2436 						 uapsd);
2437 		if (ret) {
2438 			ath10k_warn(ar, "failed to set ap ps peer param uapsd for vdev %i: %d\n",
2439 				    arvif->vdev_id, ret);
2440 			return ret;
2441 		}
2442 
2443 		ret = ath10k_wmi_set_ap_ps_param(ar, arvif->vdev_id,
2444 						 sta->addr,
2445 						 WMI_AP_PS_PEER_PARAM_MAX_SP,
2446 						 max_sp);
2447 		if (ret) {
2448 			ath10k_warn(ar, "failed to set ap ps peer param max sp for vdev %i: %d\n",
2449 				    arvif->vdev_id, ret);
2450 			return ret;
2451 		}
2452 
2453 		/* TODO setup this based on STA listen interval and
2454 		 * beacon interval. Currently we don't know
2455 		 * sta->listen_interval - mac80211 patch required.
2456 		 * Currently use 10 seconds
2457 		 */
2458 		ret = ath10k_wmi_set_ap_ps_param(ar, arvif->vdev_id, sta->addr,
2459 						 WMI_AP_PS_PEER_PARAM_AGEOUT_TIME,
2460 						 10);
2461 		if (ret) {
2462 			ath10k_warn(ar, "failed to set ap ps peer param ageout time for vdev %i: %d\n",
2463 				    arvif->vdev_id, ret);
2464 			return ret;
2465 		}
2466 	}
2467 
2468 	return 0;
2469 }
2470 
2471 static u16
2472 ath10k_peer_assoc_h_vht_limit(u16 tx_mcs_set,
2473 			      const u16 vht_mcs_limit[NL80211_VHT_NSS_MAX])
2474 {
2475 	int idx_limit;
2476 	int nss;
2477 	u16 mcs_map;
2478 	u16 mcs;
2479 
2480 	for (nss = 0; nss < NL80211_VHT_NSS_MAX; nss++) {
2481 		mcs_map = ath10k_mac_get_max_vht_mcs_map(tx_mcs_set, nss) &
2482 			  vht_mcs_limit[nss];
2483 
2484 		if (mcs_map)
2485 			idx_limit = fls(mcs_map) - 1;
2486 		else
2487 			idx_limit = -1;
2488 
2489 		switch (idx_limit) {
2490 		case 0:
2491 		case 1:
2492 		case 2:
2493 		case 3:
2494 		case 4:
2495 		case 5:
2496 		case 6:
2497 		default:
2498 			/* see ath10k_mac_can_set_bitrate_mask() */
2499 			WARN_ON(1);
2500 			fallthrough;
2501 		case -1:
2502 			mcs = IEEE80211_VHT_MCS_NOT_SUPPORTED;
2503 			break;
2504 		case 7:
2505 			mcs = IEEE80211_VHT_MCS_SUPPORT_0_7;
2506 			break;
2507 		case 8:
2508 			mcs = IEEE80211_VHT_MCS_SUPPORT_0_8;
2509 			break;
2510 		case 9:
2511 			mcs = IEEE80211_VHT_MCS_SUPPORT_0_9;
2512 			break;
2513 		}
2514 
2515 		tx_mcs_set &= ~(0x3 << (nss * 2));
2516 		tx_mcs_set |= mcs << (nss * 2);
2517 	}
2518 
2519 	return tx_mcs_set;
2520 }
2521 
2522 static u32 get_160mhz_nss_from_maxrate(int rate)
2523 {
2524 	u32 nss;
2525 
2526 	switch (rate) {
2527 	case 780:
2528 		nss = 1;
2529 		break;
2530 	case 1560:
2531 		nss = 2;
2532 		break;
2533 	case 2106:
2534 		nss = 3; /* not support MCS9 from spec*/
2535 		break;
2536 	case 3120:
2537 		nss = 4;
2538 		break;
2539 	default:
2540 		 nss = 1;
2541 	}
2542 
2543 	return nss;
2544 }
2545 
2546 static void ath10k_peer_assoc_h_vht(struct ath10k *ar,
2547 				    struct ieee80211_vif *vif,
2548 				    struct ieee80211_sta *sta,
2549 				    struct wmi_peer_assoc_complete_arg *arg)
2550 {
2551 	const struct ieee80211_sta_vht_cap *vht_cap = &sta->deflink.vht_cap;
2552 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
2553 	struct ath10k_hw_params *hw = &ar->hw_params;
2554 	struct cfg80211_chan_def def;
2555 	enum nl80211_band band;
2556 	const u16 *vht_mcs_mask;
2557 	u8 ampdu_factor;
2558 	u8 max_nss, vht_mcs;
2559 	int i;
2560 
2561 	if (WARN_ON(ath10k_mac_vif_chan(vif, &def)))
2562 		return;
2563 
2564 	if (!vht_cap->vht_supported)
2565 		return;
2566 
2567 	band = def.chan->band;
2568 	vht_mcs_mask = arvif->bitrate_mask.control[band].vht_mcs;
2569 
2570 	if (ath10k_peer_assoc_h_vht_masked(vht_mcs_mask))
2571 		return;
2572 
2573 	arg->peer_flags |= ar->wmi.peer_flags->vht;
2574 
2575 	if (def.chan->band == NL80211_BAND_2GHZ)
2576 		arg->peer_flags |= ar->wmi.peer_flags->vht_2g;
2577 
2578 	arg->peer_vht_caps = vht_cap->cap;
2579 
2580 	ampdu_factor = (vht_cap->cap &
2581 			IEEE80211_VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MASK) >>
2582 		       IEEE80211_VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_SHIFT;
2583 
2584 	/* Workaround: Some Netgear/Linksys 11ac APs set Rx A-MPDU factor to
2585 	 * zero in VHT IE. Using it would result in degraded throughput.
2586 	 * arg->peer_max_mpdu at this point contains HT max_mpdu so keep
2587 	 * it if VHT max_mpdu is smaller.
2588 	 */
2589 	arg->peer_max_mpdu = max(arg->peer_max_mpdu,
2590 				 (1U << (IEEE80211_HT_MAX_AMPDU_FACTOR +
2591 					ampdu_factor)) - 1);
2592 
2593 	if (sta->deflink.bandwidth == IEEE80211_STA_RX_BW_80)
2594 		arg->peer_flags |= ar->wmi.peer_flags->bw80;
2595 
2596 	if (sta->deflink.bandwidth == IEEE80211_STA_RX_BW_160)
2597 		arg->peer_flags |= ar->wmi.peer_flags->bw160;
2598 
2599 	/* Calculate peer NSS capability from VHT capabilities if STA
2600 	 * supports VHT.
2601 	 */
2602 	for (i = 0, max_nss = 0, vht_mcs = 0; i < NL80211_VHT_NSS_MAX; i++) {
2603 		vht_mcs = __le16_to_cpu(vht_cap->vht_mcs.rx_mcs_map) >>
2604 			  (2 * i) & 3;
2605 
2606 		if ((vht_mcs != IEEE80211_VHT_MCS_NOT_SUPPORTED) &&
2607 		    vht_mcs_mask[i])
2608 			max_nss = i + 1;
2609 	}
2610 	arg->peer_num_spatial_streams = min(sta->deflink.rx_nss, max_nss);
2611 	arg->peer_vht_rates.rx_max_rate =
2612 		__le16_to_cpu(vht_cap->vht_mcs.rx_highest);
2613 	arg->peer_vht_rates.rx_mcs_set =
2614 		__le16_to_cpu(vht_cap->vht_mcs.rx_mcs_map);
2615 	arg->peer_vht_rates.tx_max_rate =
2616 		__le16_to_cpu(vht_cap->vht_mcs.tx_highest);
2617 	arg->peer_vht_rates.tx_mcs_set = ath10k_peer_assoc_h_vht_limit(
2618 		__le16_to_cpu(vht_cap->vht_mcs.tx_mcs_map), vht_mcs_mask);
2619 
2620 	/* Configure bandwidth-NSS mapping to FW
2621 	 * for the chip's tx chains setting on 160Mhz bw
2622 	 */
2623 	if (arg->peer_phymode == MODE_11AC_VHT160 ||
2624 	    arg->peer_phymode == MODE_11AC_VHT80_80) {
2625 		u32 rx_nss;
2626 		u32 max_rate;
2627 
2628 		max_rate = arg->peer_vht_rates.rx_max_rate;
2629 		rx_nss = get_160mhz_nss_from_maxrate(max_rate);
2630 
2631 		if (rx_nss == 0)
2632 			rx_nss = arg->peer_num_spatial_streams;
2633 		else
2634 			rx_nss = min(arg->peer_num_spatial_streams, rx_nss);
2635 
2636 		max_rate = hw->vht160_mcs_tx_highest;
2637 		rx_nss = min(rx_nss, get_160mhz_nss_from_maxrate(max_rate));
2638 
2639 		arg->peer_bw_rxnss_override =
2640 			FIELD_PREP(WMI_PEER_NSS_MAP_ENABLE, 1) |
2641 			FIELD_PREP(WMI_PEER_NSS_160MHZ_MASK, (rx_nss - 1));
2642 
2643 		if (arg->peer_phymode == MODE_11AC_VHT80_80) {
2644 			arg->peer_bw_rxnss_override |=
2645 			FIELD_PREP(WMI_PEER_NSS_80_80MHZ_MASK, (rx_nss - 1));
2646 		}
2647 	}
2648 	ath10k_dbg(ar, ATH10K_DBG_MAC,
2649 		   "mac vht peer %pM max_mpdu %d flags 0x%x peer_rx_nss_override 0x%x\n",
2650 		   sta->addr, arg->peer_max_mpdu,
2651 		   arg->peer_flags, arg->peer_bw_rxnss_override);
2652 }
2653 
2654 static void ath10k_peer_assoc_h_qos(struct ath10k *ar,
2655 				    struct ieee80211_vif *vif,
2656 				    struct ieee80211_sta *sta,
2657 				    struct wmi_peer_assoc_complete_arg *arg)
2658 {
2659 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
2660 
2661 	switch (arvif->vdev_type) {
2662 	case WMI_VDEV_TYPE_AP:
2663 		if (sta->wme)
2664 			arg->peer_flags |= arvif->ar->wmi.peer_flags->qos;
2665 
2666 		if (sta->wme && sta->uapsd_queues) {
2667 			arg->peer_flags |= arvif->ar->wmi.peer_flags->apsd;
2668 			arg->peer_rate_caps |= WMI_RC_UAPSD_FLAG;
2669 		}
2670 		break;
2671 	case WMI_VDEV_TYPE_STA:
2672 		if (sta->wme)
2673 			arg->peer_flags |= arvif->ar->wmi.peer_flags->qos;
2674 		break;
2675 	case WMI_VDEV_TYPE_IBSS:
2676 		if (sta->wme)
2677 			arg->peer_flags |= arvif->ar->wmi.peer_flags->qos;
2678 		break;
2679 	default:
2680 		break;
2681 	}
2682 
2683 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac peer %pM qos %d\n",
2684 		   sta->addr, !!(arg->peer_flags &
2685 		   arvif->ar->wmi.peer_flags->qos));
2686 }
2687 
2688 static bool ath10k_mac_sta_has_ofdm_only(struct ieee80211_sta *sta)
2689 {
2690 	return sta->deflink.supp_rates[NL80211_BAND_2GHZ] >>
2691 	       ATH10K_MAC_FIRST_OFDM_RATE_IDX;
2692 }
2693 
2694 static enum wmi_phy_mode ath10k_mac_get_phymode_vht(struct ath10k *ar,
2695 						    struct ieee80211_sta *sta)
2696 {
2697 	struct ieee80211_sta_vht_cap *vht_cap = &sta->deflink.vht_cap;
2698 
2699 	if (sta->deflink.bandwidth == IEEE80211_STA_RX_BW_160) {
2700 		switch (vht_cap->cap & IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_MASK) {
2701 		case IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_160MHZ:
2702 			return MODE_11AC_VHT160;
2703 		case IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ:
2704 			return MODE_11AC_VHT80_80;
2705 		default:
2706 			/* not sure if this is a valid case? */
2707 			return MODE_11AC_VHT160;
2708 		}
2709 	}
2710 
2711 	if (sta->deflink.bandwidth == IEEE80211_STA_RX_BW_80)
2712 		return MODE_11AC_VHT80;
2713 
2714 	if (sta->deflink.bandwidth == IEEE80211_STA_RX_BW_40)
2715 		return MODE_11AC_VHT40;
2716 
2717 	if (sta->deflink.bandwidth == IEEE80211_STA_RX_BW_20)
2718 		return MODE_11AC_VHT20;
2719 
2720 	return MODE_UNKNOWN;
2721 }
2722 
2723 static void ath10k_peer_assoc_h_phymode(struct ath10k *ar,
2724 					struct ieee80211_vif *vif,
2725 					struct ieee80211_sta *sta,
2726 					struct wmi_peer_assoc_complete_arg *arg)
2727 {
2728 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
2729 	struct cfg80211_chan_def def;
2730 	enum nl80211_band band;
2731 	const u8 *ht_mcs_mask;
2732 	const u16 *vht_mcs_mask;
2733 	enum wmi_phy_mode phymode = MODE_UNKNOWN;
2734 
2735 	if (WARN_ON(ath10k_mac_vif_chan(vif, &def)))
2736 		return;
2737 
2738 	band = def.chan->band;
2739 	ht_mcs_mask = arvif->bitrate_mask.control[band].ht_mcs;
2740 	vht_mcs_mask = arvif->bitrate_mask.control[band].vht_mcs;
2741 
2742 	switch (band) {
2743 	case NL80211_BAND_2GHZ:
2744 		if (sta->deflink.vht_cap.vht_supported &&
2745 		    !ath10k_peer_assoc_h_vht_masked(vht_mcs_mask)) {
2746 			if (sta->deflink.bandwidth == IEEE80211_STA_RX_BW_40)
2747 				phymode = MODE_11AC_VHT40;
2748 			else
2749 				phymode = MODE_11AC_VHT20;
2750 		} else if (sta->deflink.ht_cap.ht_supported &&
2751 			   !ath10k_peer_assoc_h_ht_masked(ht_mcs_mask)) {
2752 			if (sta->deflink.bandwidth == IEEE80211_STA_RX_BW_40)
2753 				phymode = MODE_11NG_HT40;
2754 			else
2755 				phymode = MODE_11NG_HT20;
2756 		} else if (ath10k_mac_sta_has_ofdm_only(sta)) {
2757 			phymode = MODE_11G;
2758 		} else {
2759 			phymode = MODE_11B;
2760 		}
2761 
2762 		break;
2763 	case NL80211_BAND_5GHZ:
2764 		/*
2765 		 * Check VHT first.
2766 		 */
2767 		if (sta->deflink.vht_cap.vht_supported &&
2768 		    !ath10k_peer_assoc_h_vht_masked(vht_mcs_mask)) {
2769 			phymode = ath10k_mac_get_phymode_vht(ar, sta);
2770 		} else if (sta->deflink.ht_cap.ht_supported &&
2771 			   !ath10k_peer_assoc_h_ht_masked(ht_mcs_mask)) {
2772 			if (sta->deflink.bandwidth >= IEEE80211_STA_RX_BW_40)
2773 				phymode = MODE_11NA_HT40;
2774 			else
2775 				phymode = MODE_11NA_HT20;
2776 		} else {
2777 			phymode = MODE_11A;
2778 		}
2779 
2780 		break;
2781 	default:
2782 		break;
2783 	}
2784 
2785 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac peer %pM phymode %s\n",
2786 		   sta->addr, ath10k_wmi_phymode_str(phymode));
2787 
2788 	arg->peer_phymode = phymode;
2789 	WARN_ON(phymode == MODE_UNKNOWN);
2790 }
2791 
2792 static int ath10k_peer_assoc_prepare(struct ath10k *ar,
2793 				     struct ieee80211_vif *vif,
2794 				     struct ieee80211_sta *sta,
2795 				     struct wmi_peer_assoc_complete_arg *arg)
2796 {
2797 	lockdep_assert_held(&ar->conf_mutex);
2798 
2799 	memset(arg, 0, sizeof(*arg));
2800 
2801 	ath10k_peer_assoc_h_basic(ar, vif, sta, arg);
2802 	ath10k_peer_assoc_h_crypto(ar, vif, sta, arg);
2803 	ath10k_peer_assoc_h_rates(ar, vif, sta, arg);
2804 	ath10k_peer_assoc_h_ht(ar, vif, sta, arg);
2805 	ath10k_peer_assoc_h_phymode(ar, vif, sta, arg);
2806 	ath10k_peer_assoc_h_vht(ar, vif, sta, arg);
2807 	ath10k_peer_assoc_h_qos(ar, vif, sta, arg);
2808 
2809 	return 0;
2810 }
2811 
2812 static const u32 ath10k_smps_map[] = {
2813 	[WLAN_HT_CAP_SM_PS_STATIC] = WMI_PEER_SMPS_STATIC,
2814 	[WLAN_HT_CAP_SM_PS_DYNAMIC] = WMI_PEER_SMPS_DYNAMIC,
2815 	[WLAN_HT_CAP_SM_PS_INVALID] = WMI_PEER_SMPS_PS_NONE,
2816 	[WLAN_HT_CAP_SM_PS_DISABLED] = WMI_PEER_SMPS_PS_NONE,
2817 };
2818 
2819 static int ath10k_setup_peer_smps(struct ath10k *ar, struct ath10k_vif *arvif,
2820 				  const u8 *addr,
2821 				  const struct ieee80211_sta_ht_cap *ht_cap)
2822 {
2823 	int smps;
2824 
2825 	if (!ht_cap->ht_supported)
2826 		return 0;
2827 
2828 	smps = ht_cap->cap & IEEE80211_HT_CAP_SM_PS;
2829 	smps >>= IEEE80211_HT_CAP_SM_PS_SHIFT;
2830 
2831 	if (smps >= ARRAY_SIZE(ath10k_smps_map))
2832 		return -EINVAL;
2833 
2834 	return ath10k_wmi_peer_set_param(ar, arvif->vdev_id, addr,
2835 					 ar->wmi.peer_param->smps_state,
2836 					 ath10k_smps_map[smps]);
2837 }
2838 
2839 static int ath10k_mac_vif_recalc_txbf(struct ath10k *ar,
2840 				      struct ieee80211_vif *vif,
2841 				      struct ieee80211_sta_vht_cap vht_cap)
2842 {
2843 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
2844 	int ret;
2845 	u32 param;
2846 	u32 value;
2847 
2848 	if (ath10k_wmi_get_txbf_conf_scheme(ar) != WMI_TXBF_CONF_AFTER_ASSOC)
2849 		return 0;
2850 
2851 	if (!(ar->vht_cap_info &
2852 	      (IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE |
2853 	       IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE |
2854 	       IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE |
2855 	       IEEE80211_VHT_CAP_MU_BEAMFORMER_CAPABLE)))
2856 		return 0;
2857 
2858 	param = ar->wmi.vdev_param->txbf;
2859 	value = 0;
2860 
2861 	if (WARN_ON(param == WMI_VDEV_PARAM_UNSUPPORTED))
2862 		return 0;
2863 
2864 	/* The following logic is correct. If a remote STA advertises support
2865 	 * for being a beamformer then we should enable us being a beamformee.
2866 	 */
2867 
2868 	if (ar->vht_cap_info &
2869 	    (IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE |
2870 	     IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE)) {
2871 		if (vht_cap.cap & IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE)
2872 			value |= WMI_VDEV_PARAM_TXBF_SU_TX_BFEE;
2873 
2874 		if (vht_cap.cap & IEEE80211_VHT_CAP_MU_BEAMFORMER_CAPABLE)
2875 			value |= WMI_VDEV_PARAM_TXBF_MU_TX_BFEE;
2876 	}
2877 
2878 	if (ar->vht_cap_info &
2879 	    (IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE |
2880 	     IEEE80211_VHT_CAP_MU_BEAMFORMER_CAPABLE)) {
2881 		if (vht_cap.cap & IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE)
2882 			value |= WMI_VDEV_PARAM_TXBF_SU_TX_BFER;
2883 
2884 		if (vht_cap.cap & IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE)
2885 			value |= WMI_VDEV_PARAM_TXBF_MU_TX_BFER;
2886 	}
2887 
2888 	if (value & WMI_VDEV_PARAM_TXBF_MU_TX_BFEE)
2889 		value |= WMI_VDEV_PARAM_TXBF_SU_TX_BFEE;
2890 
2891 	if (value & WMI_VDEV_PARAM_TXBF_MU_TX_BFER)
2892 		value |= WMI_VDEV_PARAM_TXBF_SU_TX_BFER;
2893 
2894 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, param, value);
2895 	if (ret) {
2896 		ath10k_warn(ar, "failed to submit vdev param txbf 0x%x: %d\n",
2897 			    value, ret);
2898 		return ret;
2899 	}
2900 
2901 	return 0;
2902 }
2903 
2904 static bool ath10k_mac_is_connected(struct ath10k *ar)
2905 {
2906 	struct ath10k_vif *arvif;
2907 
2908 	list_for_each_entry(arvif, &ar->arvifs, list) {
2909 		if (arvif->is_up && arvif->vdev_type == WMI_VDEV_TYPE_STA)
2910 			return true;
2911 	}
2912 
2913 	return false;
2914 }
2915 
2916 static int ath10k_mac_txpower_setup(struct ath10k *ar, int txpower)
2917 {
2918 	int ret;
2919 	u32 param;
2920 	int tx_power_2g, tx_power_5g;
2921 	bool connected;
2922 
2923 	lockdep_assert_held(&ar->conf_mutex);
2924 
2925 	/* ath10k internally uses unit of 0.5 dBm so multiply by 2 */
2926 	tx_power_2g = txpower * 2;
2927 	tx_power_5g = txpower * 2;
2928 
2929 	connected = ath10k_mac_is_connected(ar);
2930 
2931 	if (connected && ar->tx_power_2g_limit)
2932 		if (tx_power_2g > ar->tx_power_2g_limit)
2933 			tx_power_2g = ar->tx_power_2g_limit;
2934 
2935 	if (connected && ar->tx_power_5g_limit)
2936 		if (tx_power_5g > ar->tx_power_5g_limit)
2937 			tx_power_5g = ar->tx_power_5g_limit;
2938 
2939 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac txpower 2g: %d, 5g: %d\n",
2940 		   tx_power_2g, tx_power_5g);
2941 
2942 	param = ar->wmi.pdev_param->txpower_limit2g;
2943 	ret = ath10k_wmi_pdev_set_param(ar, param, tx_power_2g);
2944 	if (ret) {
2945 		ath10k_warn(ar, "failed to set 2g txpower %d: %d\n",
2946 			    tx_power_2g, ret);
2947 		return ret;
2948 	}
2949 
2950 	param = ar->wmi.pdev_param->txpower_limit5g;
2951 	ret = ath10k_wmi_pdev_set_param(ar, param, tx_power_5g);
2952 	if (ret) {
2953 		ath10k_warn(ar, "failed to set 5g txpower %d: %d\n",
2954 			    tx_power_5g, ret);
2955 		return ret;
2956 	}
2957 
2958 	return 0;
2959 }
2960 
2961 static int ath10k_mac_txpower_recalc(struct ath10k *ar)
2962 {
2963 	struct ath10k_vif *arvif;
2964 	int ret, txpower = -1;
2965 
2966 	lockdep_assert_held(&ar->conf_mutex);
2967 
2968 	list_for_each_entry(arvif, &ar->arvifs, list) {
2969 		/* txpower not initialized yet? */
2970 		if (arvif->txpower == INT_MIN)
2971 			continue;
2972 
2973 		if (txpower == -1)
2974 			txpower = arvif->txpower;
2975 		else
2976 			txpower = min(txpower, arvif->txpower);
2977 	}
2978 
2979 	if (txpower == -1)
2980 		return 0;
2981 
2982 	ret = ath10k_mac_txpower_setup(ar, txpower);
2983 	if (ret) {
2984 		ath10k_warn(ar, "failed to setup tx power %d: %d\n",
2985 			    txpower, ret);
2986 		return ret;
2987 	}
2988 
2989 	return 0;
2990 }
2991 
2992 static int ath10k_mac_set_sar_power(struct ath10k *ar)
2993 {
2994 	if (!ar->hw_params.dynamic_sar_support)
2995 		return -EOPNOTSUPP;
2996 
2997 	if (!ath10k_mac_is_connected(ar))
2998 		return 0;
2999 
3000 	/* if connected, then arvif->txpower must be valid */
3001 	return ath10k_mac_txpower_recalc(ar);
3002 }
3003 
3004 static int ath10k_mac_set_sar_specs(struct ieee80211_hw *hw,
3005 				    const struct cfg80211_sar_specs *sar)
3006 {
3007 	const struct cfg80211_sar_sub_specs *sub_specs;
3008 	struct ath10k *ar = hw->priv;
3009 	u32 i;
3010 	int ret;
3011 
3012 	mutex_lock(&ar->conf_mutex);
3013 
3014 	if (!ar->hw_params.dynamic_sar_support) {
3015 		ret = -EOPNOTSUPP;
3016 		goto err;
3017 	}
3018 
3019 	if (!sar || sar->type != NL80211_SAR_TYPE_POWER ||
3020 	    sar->num_sub_specs == 0) {
3021 		ret = -EINVAL;
3022 		goto err;
3023 	}
3024 
3025 	sub_specs = sar->sub_specs;
3026 
3027 	/* 0dbm is not a practical value for ath10k, so use 0
3028 	 * as no SAR limitation on it.
3029 	 */
3030 	ar->tx_power_2g_limit = 0;
3031 	ar->tx_power_5g_limit = 0;
3032 
3033 	/* note the power is in 0.25dbm unit, while ath10k uses
3034 	 * 0.5dbm unit.
3035 	 */
3036 	for (i = 0; i < sar->num_sub_specs; i++) {
3037 		if (sub_specs->freq_range_index == 0)
3038 			ar->tx_power_2g_limit = sub_specs->power / 2;
3039 		else if (sub_specs->freq_range_index == 1)
3040 			ar->tx_power_5g_limit = sub_specs->power / 2;
3041 
3042 		sub_specs++;
3043 	}
3044 
3045 	ret = ath10k_mac_set_sar_power(ar);
3046 	if (ret) {
3047 		ath10k_warn(ar, "failed to set sar power: %d", ret);
3048 		goto err;
3049 	}
3050 
3051 err:
3052 	mutex_unlock(&ar->conf_mutex);
3053 	return ret;
3054 }
3055 
3056 /* can be called only in mac80211 callbacks due to `key_count` usage */
3057 static void ath10k_bss_assoc(struct ieee80211_hw *hw,
3058 			     struct ieee80211_vif *vif,
3059 			     struct ieee80211_bss_conf *bss_conf)
3060 {
3061 	struct ath10k *ar = hw->priv;
3062 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
3063 	struct ieee80211_sta_ht_cap ht_cap;
3064 	struct ieee80211_sta_vht_cap vht_cap;
3065 	struct wmi_peer_assoc_complete_arg peer_arg;
3066 	struct ieee80211_sta *ap_sta;
3067 	int ret;
3068 
3069 	lockdep_assert_held(&ar->conf_mutex);
3070 
3071 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %i assoc bssid %pM aid %d\n",
3072 		   arvif->vdev_id, arvif->bssid, arvif->aid);
3073 
3074 	rcu_read_lock();
3075 
3076 	ap_sta = ieee80211_find_sta(vif, bss_conf->bssid);
3077 	if (!ap_sta) {
3078 		ath10k_warn(ar, "failed to find station entry for bss %pM vdev %i\n",
3079 			    bss_conf->bssid, arvif->vdev_id);
3080 		rcu_read_unlock();
3081 		return;
3082 	}
3083 
3084 	/* ap_sta must be accessed only within rcu section which must be left
3085 	 * before calling ath10k_setup_peer_smps() which might sleep.
3086 	 */
3087 	ht_cap = ap_sta->deflink.ht_cap;
3088 	vht_cap = ap_sta->deflink.vht_cap;
3089 
3090 	ret = ath10k_peer_assoc_prepare(ar, vif, ap_sta, &peer_arg);
3091 	if (ret) {
3092 		ath10k_warn(ar, "failed to prepare peer assoc for %pM vdev %i: %d\n",
3093 			    bss_conf->bssid, arvif->vdev_id, ret);
3094 		rcu_read_unlock();
3095 		return;
3096 	}
3097 
3098 	rcu_read_unlock();
3099 
3100 	ret = ath10k_wmi_peer_assoc(ar, &peer_arg);
3101 	if (ret) {
3102 		ath10k_warn(ar, "failed to run peer assoc for %pM vdev %i: %d\n",
3103 			    bss_conf->bssid, arvif->vdev_id, ret);
3104 		return;
3105 	}
3106 
3107 	ret = ath10k_setup_peer_smps(ar, arvif, bss_conf->bssid, &ht_cap);
3108 	if (ret) {
3109 		ath10k_warn(ar, "failed to setup peer SMPS for vdev %i: %d\n",
3110 			    arvif->vdev_id, ret);
3111 		return;
3112 	}
3113 
3114 	ret = ath10k_mac_vif_recalc_txbf(ar, vif, vht_cap);
3115 	if (ret) {
3116 		ath10k_warn(ar, "failed to recalc txbf for vdev %i on bss %pM: %d\n",
3117 			    arvif->vdev_id, bss_conf->bssid, ret);
3118 		return;
3119 	}
3120 
3121 	ath10k_dbg(ar, ATH10K_DBG_MAC,
3122 		   "mac vdev %d up (associated) bssid %pM aid %d\n",
3123 		   arvif->vdev_id, bss_conf->bssid, vif->cfg.aid);
3124 
3125 	WARN_ON(arvif->is_up);
3126 
3127 	arvif->aid = vif->cfg.aid;
3128 	ether_addr_copy(arvif->bssid, bss_conf->bssid);
3129 
3130 	ret = ath10k_wmi_pdev_set_param(ar,
3131 					ar->wmi.pdev_param->peer_stats_info_enable, 1);
3132 	if (ret)
3133 		ath10k_warn(ar, "failed to enable peer stats info: %d\n", ret);
3134 
3135 	ret = ath10k_wmi_vdev_up(ar, arvif->vdev_id, arvif->aid, arvif->bssid);
3136 	if (ret) {
3137 		ath10k_warn(ar, "failed to set vdev %d up: %d\n",
3138 			    arvif->vdev_id, ret);
3139 		return;
3140 	}
3141 
3142 	arvif->is_up = true;
3143 
3144 	ath10k_mac_set_sar_power(ar);
3145 
3146 	/* Workaround: Some firmware revisions (tested with qca6174
3147 	 * WLAN.RM.2.0-00073) have buggy powersave state machine and must be
3148 	 * poked with peer param command.
3149 	 */
3150 	ret = ath10k_wmi_peer_set_param(ar, arvif->vdev_id, arvif->bssid,
3151 					ar->wmi.peer_param->dummy_var, 1);
3152 	if (ret) {
3153 		ath10k_warn(ar, "failed to poke peer %pM param for ps workaround on vdev %i: %d\n",
3154 			    arvif->bssid, arvif->vdev_id, ret);
3155 		return;
3156 	}
3157 }
3158 
3159 static void ath10k_bss_disassoc(struct ieee80211_hw *hw,
3160 				struct ieee80211_vif *vif)
3161 {
3162 	struct ath10k *ar = hw->priv;
3163 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
3164 	struct ieee80211_sta_vht_cap vht_cap = {};
3165 	int ret;
3166 
3167 	lockdep_assert_held(&ar->conf_mutex);
3168 
3169 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %i disassoc bssid %pM\n",
3170 		   arvif->vdev_id, arvif->bssid);
3171 
3172 	ret = ath10k_wmi_vdev_down(ar, arvif->vdev_id);
3173 	if (ret)
3174 		ath10k_warn(ar, "failed to down vdev %i: %d\n",
3175 			    arvif->vdev_id, ret);
3176 
3177 	arvif->def_wep_key_idx = -1;
3178 
3179 	ret = ath10k_mac_vif_recalc_txbf(ar, vif, vht_cap);
3180 	if (ret) {
3181 		ath10k_warn(ar, "failed to recalc txbf for vdev %i: %d\n",
3182 			    arvif->vdev_id, ret);
3183 		return;
3184 	}
3185 
3186 	arvif->is_up = false;
3187 
3188 	ath10k_mac_txpower_recalc(ar);
3189 
3190 	cancel_delayed_work_sync(&arvif->connection_loss_work);
3191 }
3192 
3193 static int ath10k_new_peer_tid_config(struct ath10k *ar,
3194 				      struct ieee80211_sta *sta,
3195 				      struct ath10k_vif *arvif)
3196 {
3197 	struct wmi_per_peer_per_tid_cfg_arg arg = {};
3198 	struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
3199 	bool config_apply;
3200 	int ret, i;
3201 
3202 	for (i = 0; i < ATH10K_TID_MAX; i++) {
3203 		config_apply = false;
3204 		if (arvif->retry_long[i] || arvif->ampdu[i] ||
3205 		    arvif->rate_ctrl[i] || arvif->rtscts[i]) {
3206 			config_apply = true;
3207 			arg.tid = i;
3208 			arg.vdev_id = arvif->vdev_id;
3209 			arg.retry_count = arvif->retry_long[i];
3210 			arg.aggr_control = arvif->ampdu[i];
3211 			arg.rate_ctrl = arvif->rate_ctrl[i];
3212 			arg.rcode_flags = arvif->rate_code[i];
3213 
3214 			if (arvif->rtscts[i])
3215 				arg.ext_tid_cfg_bitmap =
3216 					WMI_EXT_TID_RTS_CTS_CONFIG;
3217 			else
3218 				arg.ext_tid_cfg_bitmap = 0;
3219 
3220 			arg.rtscts_ctrl = arvif->rtscts[i];
3221 		}
3222 
3223 		if (arvif->noack[i]) {
3224 			arg.ack_policy = arvif->noack[i];
3225 			arg.rate_ctrl = WMI_TID_CONFIG_RATE_CONTROL_DEFAULT_LOWEST_RATE;
3226 			arg.aggr_control = WMI_TID_CONFIG_AGGR_CONTROL_DISABLE;
3227 			config_apply = true;
3228 		}
3229 
3230 		/* Assign default value(-1) to newly connected station.
3231 		 * This is to identify station specific tid configuration not
3232 		 * configured for the station.
3233 		 */
3234 		arsta->retry_long[i] = -1;
3235 		arsta->noack[i] = -1;
3236 		arsta->ampdu[i] = -1;
3237 
3238 		if (!config_apply)
3239 			continue;
3240 
3241 		ether_addr_copy(arg.peer_macaddr.addr, sta->addr);
3242 
3243 		ret = ath10k_wmi_set_per_peer_per_tid_cfg(ar, &arg);
3244 		if (ret) {
3245 			ath10k_warn(ar, "failed to set per tid retry/aggr config for sta %pM: %d\n",
3246 				    sta->addr, ret);
3247 			return ret;
3248 		}
3249 
3250 		memset(&arg, 0, sizeof(arg));
3251 	}
3252 
3253 	return 0;
3254 }
3255 
3256 static int ath10k_station_assoc(struct ath10k *ar,
3257 				struct ieee80211_vif *vif,
3258 				struct ieee80211_sta *sta,
3259 				bool reassoc)
3260 {
3261 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
3262 	struct wmi_peer_assoc_complete_arg peer_arg;
3263 	int ret = 0;
3264 
3265 	lockdep_assert_held(&ar->conf_mutex);
3266 
3267 	ret = ath10k_peer_assoc_prepare(ar, vif, sta, &peer_arg);
3268 	if (ret) {
3269 		ath10k_warn(ar, "failed to prepare WMI peer assoc for %pM vdev %i: %i\n",
3270 			    sta->addr, arvif->vdev_id, ret);
3271 		return ret;
3272 	}
3273 
3274 	ret = ath10k_wmi_peer_assoc(ar, &peer_arg);
3275 	if (ret) {
3276 		ath10k_warn(ar, "failed to run peer assoc for STA %pM vdev %i: %d\n",
3277 			    sta->addr, arvif->vdev_id, ret);
3278 		return ret;
3279 	}
3280 
3281 	/* Re-assoc is run only to update supported rates for given station. It
3282 	 * doesn't make much sense to reconfigure the peer completely.
3283 	 */
3284 	if (!reassoc) {
3285 		ret = ath10k_setup_peer_smps(ar, arvif, sta->addr,
3286 					     &sta->deflink.ht_cap);
3287 		if (ret) {
3288 			ath10k_warn(ar, "failed to setup peer SMPS for vdev %d: %d\n",
3289 				    arvif->vdev_id, ret);
3290 			return ret;
3291 		}
3292 
3293 		ret = ath10k_peer_assoc_qos_ap(ar, arvif, sta);
3294 		if (ret) {
3295 			ath10k_warn(ar, "failed to set qos params for STA %pM for vdev %i: %d\n",
3296 				    sta->addr, arvif->vdev_id, ret);
3297 			return ret;
3298 		}
3299 
3300 		if (!sta->wme) {
3301 			arvif->num_legacy_stations++;
3302 			ret  = ath10k_recalc_rtscts_prot(arvif);
3303 			if (ret) {
3304 				ath10k_warn(ar, "failed to recalculate rts/cts prot for vdev %d: %d\n",
3305 					    arvif->vdev_id, ret);
3306 				return ret;
3307 			}
3308 		}
3309 
3310 		/* Plumb cached keys only for static WEP */
3311 		if ((arvif->def_wep_key_idx != -1) && (!sta->tdls)) {
3312 			ret = ath10k_install_peer_wep_keys(arvif, sta->addr);
3313 			if (ret) {
3314 				ath10k_warn(ar, "failed to install peer wep keys for vdev %i: %d\n",
3315 					    arvif->vdev_id, ret);
3316 				return ret;
3317 			}
3318 		}
3319 	}
3320 
3321 	if (!test_bit(WMI_SERVICE_PEER_TID_CONFIGS_SUPPORT, ar->wmi.svc_map))
3322 		return ret;
3323 
3324 	return ath10k_new_peer_tid_config(ar, sta, arvif);
3325 }
3326 
3327 static int ath10k_station_disassoc(struct ath10k *ar,
3328 				   struct ieee80211_vif *vif,
3329 				   struct ieee80211_sta *sta)
3330 {
3331 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
3332 	int ret = 0;
3333 
3334 	lockdep_assert_held(&ar->conf_mutex);
3335 
3336 	if (!sta->wme) {
3337 		arvif->num_legacy_stations--;
3338 		ret = ath10k_recalc_rtscts_prot(arvif);
3339 		if (ret) {
3340 			ath10k_warn(ar, "failed to recalculate rts/cts prot for vdev %d: %d\n",
3341 				    arvif->vdev_id, ret);
3342 			return ret;
3343 		}
3344 	}
3345 
3346 	ret = ath10k_clear_peer_keys(arvif, sta->addr);
3347 	if (ret) {
3348 		ath10k_warn(ar, "failed to clear all peer wep keys for vdev %i: %d\n",
3349 			    arvif->vdev_id, ret);
3350 		return ret;
3351 	}
3352 
3353 	return ret;
3354 }
3355 
3356 /**************/
3357 /* Regulatory */
3358 /**************/
3359 
3360 static int ath10k_update_channel_list(struct ath10k *ar)
3361 {
3362 	struct ieee80211_hw *hw = ar->hw;
3363 	struct ieee80211_supported_band **bands;
3364 	enum nl80211_band band;
3365 	struct ieee80211_channel *channel;
3366 	struct wmi_scan_chan_list_arg arg = {0};
3367 	struct wmi_channel_arg *ch;
3368 	bool passive;
3369 	int len;
3370 	int ret;
3371 	int i;
3372 
3373 	lockdep_assert_held(&ar->conf_mutex);
3374 
3375 	bands = hw->wiphy->bands;
3376 	for (band = 0; band < NUM_NL80211_BANDS; band++) {
3377 		if (!bands[band])
3378 			continue;
3379 
3380 		for (i = 0; i < bands[band]->n_channels; i++) {
3381 			if (bands[band]->channels[i].flags &
3382 			    IEEE80211_CHAN_DISABLED)
3383 				continue;
3384 
3385 			arg.n_channels++;
3386 		}
3387 	}
3388 
3389 	len = sizeof(struct wmi_channel_arg) * arg.n_channels;
3390 	arg.channels = kzalloc(len, GFP_KERNEL);
3391 	if (!arg.channels)
3392 		return -ENOMEM;
3393 
3394 	ch = arg.channels;
3395 	for (band = 0; band < NUM_NL80211_BANDS; band++) {
3396 		if (!bands[band])
3397 			continue;
3398 
3399 		for (i = 0; i < bands[band]->n_channels; i++) {
3400 			channel = &bands[band]->channels[i];
3401 
3402 			if (channel->flags & IEEE80211_CHAN_DISABLED)
3403 				continue;
3404 
3405 			ch->allow_ht = true;
3406 
3407 			/* FIXME: when should we really allow VHT? */
3408 			ch->allow_vht = true;
3409 
3410 			ch->allow_ibss =
3411 				!(channel->flags & IEEE80211_CHAN_NO_IR);
3412 
3413 			ch->ht40plus =
3414 				!(channel->flags & IEEE80211_CHAN_NO_HT40PLUS);
3415 
3416 			ch->chan_radar =
3417 				!!(channel->flags & IEEE80211_CHAN_RADAR);
3418 
3419 			passive = channel->flags & IEEE80211_CHAN_NO_IR;
3420 			ch->passive = passive;
3421 
3422 			/* the firmware is ignoring the "radar" flag of the
3423 			 * channel and is scanning actively using Probe Requests
3424 			 * on "Radar detection"/DFS channels which are not
3425 			 * marked as "available"
3426 			 */
3427 			ch->passive |= ch->chan_radar;
3428 
3429 			ch->freq = channel->center_freq;
3430 			ch->band_center_freq1 = channel->center_freq;
3431 			ch->min_power = 0;
3432 			ch->max_power = channel->max_power * 2;
3433 			ch->max_reg_power = channel->max_reg_power * 2;
3434 			ch->max_antenna_gain = channel->max_antenna_gain;
3435 			ch->reg_class_id = 0; /* FIXME */
3436 
3437 			/* FIXME: why use only legacy modes, why not any
3438 			 * HT/VHT modes? Would that even make any
3439 			 * difference?
3440 			 */
3441 			if (channel->band == NL80211_BAND_2GHZ)
3442 				ch->mode = MODE_11G;
3443 			else
3444 				ch->mode = MODE_11A;
3445 
3446 			if (WARN_ON_ONCE(ch->mode == MODE_UNKNOWN))
3447 				continue;
3448 
3449 			ath10k_dbg(ar, ATH10K_DBG_WMI,
3450 				   "mac channel [%zd/%d] freq %d maxpower %d regpower %d antenna %d mode %d\n",
3451 				    ch - arg.channels, arg.n_channels,
3452 				   ch->freq, ch->max_power, ch->max_reg_power,
3453 				   ch->max_antenna_gain, ch->mode);
3454 
3455 			ch++;
3456 		}
3457 	}
3458 
3459 	ret = ath10k_wmi_scan_chan_list(ar, &arg);
3460 	kfree(arg.channels);
3461 
3462 	return ret;
3463 }
3464 
3465 static enum wmi_dfs_region
3466 ath10k_mac_get_dfs_region(enum nl80211_dfs_regions dfs_region)
3467 {
3468 	switch (dfs_region) {
3469 	case NL80211_DFS_UNSET:
3470 		return WMI_UNINIT_DFS_DOMAIN;
3471 	case NL80211_DFS_FCC:
3472 		return WMI_FCC_DFS_DOMAIN;
3473 	case NL80211_DFS_ETSI:
3474 		return WMI_ETSI_DFS_DOMAIN;
3475 	case NL80211_DFS_JP:
3476 		return WMI_MKK4_DFS_DOMAIN;
3477 	}
3478 	return WMI_UNINIT_DFS_DOMAIN;
3479 }
3480 
3481 static void ath10k_regd_update(struct ath10k *ar)
3482 {
3483 	struct reg_dmn_pair_mapping *regpair;
3484 	int ret;
3485 	enum wmi_dfs_region wmi_dfs_reg;
3486 	enum nl80211_dfs_regions nl_dfs_reg;
3487 
3488 	lockdep_assert_held(&ar->conf_mutex);
3489 
3490 	ret = ath10k_update_channel_list(ar);
3491 	if (ret)
3492 		ath10k_warn(ar, "failed to update channel list: %d\n", ret);
3493 
3494 	regpair = ar->ath_common.regulatory.regpair;
3495 
3496 	if (IS_ENABLED(CONFIG_ATH10K_DFS_CERTIFIED) && ar->dfs_detector) {
3497 		nl_dfs_reg = ar->dfs_detector->region;
3498 		wmi_dfs_reg = ath10k_mac_get_dfs_region(nl_dfs_reg);
3499 	} else {
3500 		wmi_dfs_reg = WMI_UNINIT_DFS_DOMAIN;
3501 	}
3502 
3503 	/* Target allows setting up per-band regdomain but ath_common provides
3504 	 * a combined one only
3505 	 */
3506 	ret = ath10k_wmi_pdev_set_regdomain(ar,
3507 					    regpair->reg_domain,
3508 					    regpair->reg_domain, /* 2ghz */
3509 					    regpair->reg_domain, /* 5ghz */
3510 					    regpair->reg_2ghz_ctl,
3511 					    regpair->reg_5ghz_ctl,
3512 					    wmi_dfs_reg);
3513 	if (ret)
3514 		ath10k_warn(ar, "failed to set pdev regdomain: %d\n", ret);
3515 }
3516 
3517 static void ath10k_mac_update_channel_list(struct ath10k *ar,
3518 					   struct ieee80211_supported_band *band)
3519 {
3520 	int i;
3521 
3522 	if (ar->low_5ghz_chan && ar->high_5ghz_chan) {
3523 		for (i = 0; i < band->n_channels; i++) {
3524 			if (band->channels[i].center_freq < ar->low_5ghz_chan ||
3525 			    band->channels[i].center_freq > ar->high_5ghz_chan)
3526 				band->channels[i].flags |=
3527 					IEEE80211_CHAN_DISABLED;
3528 		}
3529 	}
3530 }
3531 
3532 static void ath10k_reg_notifier(struct wiphy *wiphy,
3533 				struct regulatory_request *request)
3534 {
3535 	struct ieee80211_hw *hw = wiphy_to_ieee80211_hw(wiphy);
3536 	struct ath10k *ar = hw->priv;
3537 	bool result;
3538 
3539 	ath_reg_notifier_apply(wiphy, request, &ar->ath_common.regulatory);
3540 
3541 	if (IS_ENABLED(CONFIG_ATH10K_DFS_CERTIFIED) && ar->dfs_detector) {
3542 		ath10k_dbg(ar, ATH10K_DBG_REGULATORY, "dfs region 0x%x\n",
3543 			   request->dfs_region);
3544 		result = ar->dfs_detector->set_dfs_domain(ar->dfs_detector,
3545 							  request->dfs_region);
3546 		if (!result)
3547 			ath10k_warn(ar, "DFS region 0x%X not supported, will trigger radar for every pulse\n",
3548 				    request->dfs_region);
3549 	}
3550 
3551 	mutex_lock(&ar->conf_mutex);
3552 	if (ar->state == ATH10K_STATE_ON)
3553 		ath10k_regd_update(ar);
3554 	mutex_unlock(&ar->conf_mutex);
3555 
3556 	if (ar->phy_capability & WHAL_WLAN_11A_CAPABILITY)
3557 		ath10k_mac_update_channel_list(ar,
3558 					       ar->hw->wiphy->bands[NL80211_BAND_5GHZ]);
3559 }
3560 
3561 static void ath10k_stop_radar_confirmation(struct ath10k *ar)
3562 {
3563 	spin_lock_bh(&ar->data_lock);
3564 	ar->radar_conf_state = ATH10K_RADAR_CONFIRMATION_STOPPED;
3565 	spin_unlock_bh(&ar->data_lock);
3566 
3567 	cancel_work_sync(&ar->radar_confirmation_work);
3568 }
3569 
3570 /***************/
3571 /* TX handlers */
3572 /***************/
3573 
3574 enum ath10k_mac_tx_path {
3575 	ATH10K_MAC_TX_HTT,
3576 	ATH10K_MAC_TX_HTT_MGMT,
3577 	ATH10K_MAC_TX_WMI_MGMT,
3578 	ATH10K_MAC_TX_UNKNOWN,
3579 };
3580 
3581 void ath10k_mac_tx_lock(struct ath10k *ar, int reason)
3582 {
3583 	lockdep_assert_held(&ar->htt.tx_lock);
3584 
3585 	WARN_ON(reason >= ATH10K_TX_PAUSE_MAX);
3586 	ar->tx_paused |= BIT(reason);
3587 	ieee80211_stop_queues(ar->hw);
3588 }
3589 
3590 static void ath10k_mac_tx_unlock_iter(void *data, u8 *mac,
3591 				      struct ieee80211_vif *vif)
3592 {
3593 	struct ath10k *ar = data;
3594 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
3595 
3596 	if (arvif->tx_paused)
3597 		return;
3598 
3599 	ieee80211_wake_queue(ar->hw, arvif->vdev_id);
3600 }
3601 
3602 void ath10k_mac_tx_unlock(struct ath10k *ar, int reason)
3603 {
3604 	lockdep_assert_held(&ar->htt.tx_lock);
3605 
3606 	WARN_ON(reason >= ATH10K_TX_PAUSE_MAX);
3607 	ar->tx_paused &= ~BIT(reason);
3608 
3609 	if (ar->tx_paused)
3610 		return;
3611 
3612 	ieee80211_iterate_active_interfaces_atomic(ar->hw,
3613 						   ATH10K_ITER_RESUME_FLAGS,
3614 						   ath10k_mac_tx_unlock_iter,
3615 						   ar);
3616 
3617 	ieee80211_wake_queue(ar->hw, ar->hw->offchannel_tx_hw_queue);
3618 }
3619 
3620 void ath10k_mac_vif_tx_lock(struct ath10k_vif *arvif, int reason)
3621 {
3622 	struct ath10k *ar = arvif->ar;
3623 
3624 	lockdep_assert_held(&ar->htt.tx_lock);
3625 
3626 	WARN_ON(reason >= BITS_PER_LONG);
3627 	arvif->tx_paused |= BIT(reason);
3628 	ieee80211_stop_queue(ar->hw, arvif->vdev_id);
3629 }
3630 
3631 void ath10k_mac_vif_tx_unlock(struct ath10k_vif *arvif, int reason)
3632 {
3633 	struct ath10k *ar = arvif->ar;
3634 
3635 	lockdep_assert_held(&ar->htt.tx_lock);
3636 
3637 	WARN_ON(reason >= BITS_PER_LONG);
3638 	arvif->tx_paused &= ~BIT(reason);
3639 
3640 	if (ar->tx_paused)
3641 		return;
3642 
3643 	if (arvif->tx_paused)
3644 		return;
3645 
3646 	ieee80211_wake_queue(ar->hw, arvif->vdev_id);
3647 }
3648 
3649 static void ath10k_mac_vif_handle_tx_pause(struct ath10k_vif *arvif,
3650 					   enum wmi_tlv_tx_pause_id pause_id,
3651 					   enum wmi_tlv_tx_pause_action action)
3652 {
3653 	struct ath10k *ar = arvif->ar;
3654 
3655 	lockdep_assert_held(&ar->htt.tx_lock);
3656 
3657 	switch (action) {
3658 	case WMI_TLV_TX_PAUSE_ACTION_STOP:
3659 		ath10k_mac_vif_tx_lock(arvif, pause_id);
3660 		break;
3661 	case WMI_TLV_TX_PAUSE_ACTION_WAKE:
3662 		ath10k_mac_vif_tx_unlock(arvif, pause_id);
3663 		break;
3664 	default:
3665 		ath10k_dbg(ar, ATH10K_DBG_BOOT,
3666 			   "received unknown tx pause action %d on vdev %i, ignoring\n",
3667 			    action, arvif->vdev_id);
3668 		break;
3669 	}
3670 }
3671 
3672 struct ath10k_mac_tx_pause {
3673 	u32 vdev_id;
3674 	enum wmi_tlv_tx_pause_id pause_id;
3675 	enum wmi_tlv_tx_pause_action action;
3676 };
3677 
3678 static void ath10k_mac_handle_tx_pause_iter(void *data, u8 *mac,
3679 					    struct ieee80211_vif *vif)
3680 {
3681 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
3682 	struct ath10k_mac_tx_pause *arg = data;
3683 
3684 	if (arvif->vdev_id != arg->vdev_id)
3685 		return;
3686 
3687 	ath10k_mac_vif_handle_tx_pause(arvif, arg->pause_id, arg->action);
3688 }
3689 
3690 void ath10k_mac_handle_tx_pause_vdev(struct ath10k *ar, u32 vdev_id,
3691 				     enum wmi_tlv_tx_pause_id pause_id,
3692 				     enum wmi_tlv_tx_pause_action action)
3693 {
3694 	struct ath10k_mac_tx_pause arg = {
3695 		.vdev_id = vdev_id,
3696 		.pause_id = pause_id,
3697 		.action = action,
3698 	};
3699 
3700 	spin_lock_bh(&ar->htt.tx_lock);
3701 	ieee80211_iterate_active_interfaces_atomic(ar->hw,
3702 						   ATH10K_ITER_RESUME_FLAGS,
3703 						   ath10k_mac_handle_tx_pause_iter,
3704 						   &arg);
3705 	spin_unlock_bh(&ar->htt.tx_lock);
3706 }
3707 
3708 static enum ath10k_hw_txrx_mode
3709 ath10k_mac_tx_h_get_txmode(struct ath10k *ar,
3710 			   struct ieee80211_vif *vif,
3711 			   struct ieee80211_sta *sta,
3712 			   struct sk_buff *skb)
3713 {
3714 	const struct ieee80211_hdr *hdr = (void *)skb->data;
3715 	const struct ath10k_skb_cb *skb_cb = ATH10K_SKB_CB(skb);
3716 	__le16 fc = hdr->frame_control;
3717 
3718 	if (IEEE80211_SKB_CB(skb)->flags & IEEE80211_TX_CTL_HW_80211_ENCAP)
3719 		return ATH10K_HW_TXRX_ETHERNET;
3720 
3721 	if (!vif || vif->type == NL80211_IFTYPE_MONITOR)
3722 		return ATH10K_HW_TXRX_RAW;
3723 
3724 	if (ieee80211_is_mgmt(fc))
3725 		return ATH10K_HW_TXRX_MGMT;
3726 
3727 	/* Workaround:
3728 	 *
3729 	 * NullFunc frames are mostly used to ping if a client or AP are still
3730 	 * reachable and responsive. This implies tx status reports must be
3731 	 * accurate - otherwise either mac80211 or userspace (e.g. hostapd) can
3732 	 * come to a conclusion that the other end disappeared and tear down
3733 	 * BSS connection or it can never disconnect from BSS/client (which is
3734 	 * the case).
3735 	 *
3736 	 * Firmware with HTT older than 3.0 delivers incorrect tx status for
3737 	 * NullFunc frames to driver. However there's a HTT Mgmt Tx command
3738 	 * which seems to deliver correct tx reports for NullFunc frames. The
3739 	 * downside of using it is it ignores client powersave state so it can
3740 	 * end up disconnecting sleeping clients in AP mode. It should fix STA
3741 	 * mode though because AP don't sleep.
3742 	 */
3743 	if (ar->htt.target_version_major < 3 &&
3744 	    (ieee80211_is_nullfunc(fc) || ieee80211_is_qos_nullfunc(fc)) &&
3745 	    !test_bit(ATH10K_FW_FEATURE_HAS_WMI_MGMT_TX,
3746 		      ar->running_fw->fw_file.fw_features))
3747 		return ATH10K_HW_TXRX_MGMT;
3748 
3749 	/* Workaround:
3750 	 *
3751 	 * Some wmi-tlv firmwares for qca6174 have broken Tx key selection for
3752 	 * NativeWifi txmode - it selects AP key instead of peer key. It seems
3753 	 * to work with Ethernet txmode so use it.
3754 	 *
3755 	 * FIXME: Check if raw mode works with TDLS.
3756 	 */
3757 	if (ieee80211_is_data_present(fc) && sta && sta->tdls)
3758 		return ATH10K_HW_TXRX_ETHERNET;
3759 
3760 	if (test_bit(ATH10K_FLAG_RAW_MODE, &ar->dev_flags) ||
3761 	    skb_cb->flags & ATH10K_SKB_F_RAW_TX)
3762 		return ATH10K_HW_TXRX_RAW;
3763 
3764 	return ATH10K_HW_TXRX_NATIVE_WIFI;
3765 }
3766 
3767 static bool ath10k_tx_h_use_hwcrypto(struct ieee80211_vif *vif,
3768 				     struct sk_buff *skb)
3769 {
3770 	const struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
3771 	const struct ieee80211_hdr *hdr = (void *)skb->data;
3772 	const u32 mask = IEEE80211_TX_INTFL_DONT_ENCRYPT |
3773 			 IEEE80211_TX_CTL_INJECTED;
3774 
3775 	if (!ieee80211_has_protected(hdr->frame_control))
3776 		return false;
3777 
3778 	if ((info->flags & mask) == mask)
3779 		return false;
3780 
3781 	if (vif)
3782 		return !((struct ath10k_vif *)vif->drv_priv)->nohwcrypt;
3783 
3784 	return true;
3785 }
3786 
3787 /* HTT Tx uses Native Wifi tx mode which expects 802.11 frames without QoS
3788  * Control in the header.
3789  */
3790 static void ath10k_tx_h_nwifi(struct ieee80211_hw *hw, struct sk_buff *skb)
3791 {
3792 	struct ieee80211_hdr *hdr = (void *)skb->data;
3793 	struct ath10k_skb_cb *cb = ATH10K_SKB_CB(skb);
3794 	u8 *qos_ctl;
3795 
3796 	if (!ieee80211_is_data_qos(hdr->frame_control))
3797 		return;
3798 
3799 	qos_ctl = ieee80211_get_qos_ctl(hdr);
3800 	memmove(skb->data + IEEE80211_QOS_CTL_LEN,
3801 		skb->data, (void *)qos_ctl - (void *)skb->data);
3802 	skb_pull(skb, IEEE80211_QOS_CTL_LEN);
3803 
3804 	/* Some firmware revisions don't handle sending QoS NullFunc well.
3805 	 * These frames are mainly used for CQM purposes so it doesn't really
3806 	 * matter whether QoS NullFunc or NullFunc are sent.
3807 	 */
3808 	hdr = (void *)skb->data;
3809 	if (ieee80211_is_qos_nullfunc(hdr->frame_control))
3810 		cb->flags &= ~ATH10K_SKB_F_QOS;
3811 
3812 	hdr->frame_control &= ~__cpu_to_le16(IEEE80211_STYPE_QOS_DATA);
3813 }
3814 
3815 static void ath10k_tx_h_8023(struct sk_buff *skb)
3816 {
3817 	struct ieee80211_hdr *hdr;
3818 	struct rfc1042_hdr *rfc1042;
3819 	struct ethhdr *eth;
3820 	size_t hdrlen;
3821 	u8 da[ETH_ALEN];
3822 	u8 sa[ETH_ALEN];
3823 	__be16 type;
3824 
3825 	hdr = (void *)skb->data;
3826 	hdrlen = ieee80211_hdrlen(hdr->frame_control);
3827 	rfc1042 = (void *)skb->data + hdrlen;
3828 
3829 	ether_addr_copy(da, ieee80211_get_DA(hdr));
3830 	ether_addr_copy(sa, ieee80211_get_SA(hdr));
3831 	type = rfc1042->snap_type;
3832 
3833 	skb_pull(skb, hdrlen + sizeof(*rfc1042));
3834 	skb_push(skb, sizeof(*eth));
3835 
3836 	eth = (void *)skb->data;
3837 	ether_addr_copy(eth->h_dest, da);
3838 	ether_addr_copy(eth->h_source, sa);
3839 	eth->h_proto = type;
3840 }
3841 
3842 static void ath10k_tx_h_add_p2p_noa_ie(struct ath10k *ar,
3843 				       struct ieee80211_vif *vif,
3844 				       struct sk_buff *skb)
3845 {
3846 	struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
3847 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
3848 
3849 	/* This is case only for P2P_GO */
3850 	if (vif->type != NL80211_IFTYPE_AP || !vif->p2p)
3851 		return;
3852 
3853 	if (unlikely(ieee80211_is_probe_resp(hdr->frame_control))) {
3854 		spin_lock_bh(&ar->data_lock);
3855 		if (arvif->u.ap.noa_data)
3856 			if (!pskb_expand_head(skb, 0, arvif->u.ap.noa_len,
3857 					      GFP_ATOMIC))
3858 				skb_put_data(skb, arvif->u.ap.noa_data,
3859 					     arvif->u.ap.noa_len);
3860 		spin_unlock_bh(&ar->data_lock);
3861 	}
3862 }
3863 
3864 static void ath10k_mac_tx_h_fill_cb(struct ath10k *ar,
3865 				    struct ieee80211_vif *vif,
3866 				    struct ieee80211_txq *txq,
3867 				    struct ieee80211_sta *sta,
3868 				    struct sk_buff *skb, u16 airtime)
3869 {
3870 	struct ieee80211_hdr *hdr = (void *)skb->data;
3871 	struct ath10k_skb_cb *cb = ATH10K_SKB_CB(skb);
3872 	const struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
3873 	bool is_data = ieee80211_is_data(hdr->frame_control) ||
3874 			ieee80211_is_data_qos(hdr->frame_control);
3875 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
3876 	struct ath10k_sta *arsta;
3877 	u8 tid, *qos_ctl;
3878 	bool noack = false;
3879 
3880 	cb->flags = 0;
3881 
3882 	if (info->flags & IEEE80211_TX_CTL_HW_80211_ENCAP) {
3883 		cb->flags |= ATH10K_SKB_F_QOS;	/* Assume data frames are QoS */
3884 		goto finish_cb_fill;
3885 	}
3886 
3887 	if (!ath10k_tx_h_use_hwcrypto(vif, skb))
3888 		cb->flags |= ATH10K_SKB_F_NO_HWCRYPT;
3889 
3890 	if (ieee80211_is_mgmt(hdr->frame_control))
3891 		cb->flags |= ATH10K_SKB_F_MGMT;
3892 
3893 	if (ieee80211_is_data_qos(hdr->frame_control)) {
3894 		cb->flags |= ATH10K_SKB_F_QOS;
3895 		qos_ctl = ieee80211_get_qos_ctl(hdr);
3896 		tid = (*qos_ctl) & IEEE80211_QOS_CTL_TID_MASK;
3897 
3898 		if (arvif->noack[tid] == WMI_PEER_TID_CONFIG_NOACK)
3899 			noack = true;
3900 
3901 		if (sta) {
3902 			arsta = (struct ath10k_sta *)sta->drv_priv;
3903 
3904 			if (arsta->noack[tid] == WMI_PEER_TID_CONFIG_NOACK)
3905 				noack = true;
3906 
3907 			if (arsta->noack[tid] == WMI_PEER_TID_CONFIG_ACK)
3908 				noack = false;
3909 		}
3910 
3911 		if (noack)
3912 			cb->flags |= ATH10K_SKB_F_NOACK_TID;
3913 	}
3914 
3915 	/* Data frames encrypted in software will be posted to firmware
3916 	 * with tx encap mode set to RAW. Ex: Multicast traffic generated
3917 	 * for a specific VLAN group will always be encrypted in software.
3918 	 */
3919 	if (is_data && ieee80211_has_protected(hdr->frame_control) &&
3920 	    !info->control.hw_key) {
3921 		cb->flags |= ATH10K_SKB_F_NO_HWCRYPT;
3922 		cb->flags |= ATH10K_SKB_F_RAW_TX;
3923 	}
3924 
3925 finish_cb_fill:
3926 	cb->vif = vif;
3927 	cb->txq = txq;
3928 	cb->airtime_est = airtime;
3929 	if (sta) {
3930 		arsta = (struct ath10k_sta *)sta->drv_priv;
3931 		spin_lock_bh(&ar->data_lock);
3932 		cb->ucast_cipher = arsta->ucast_cipher;
3933 		spin_unlock_bh(&ar->data_lock);
3934 	}
3935 }
3936 
3937 bool ath10k_mac_tx_frm_has_freq(struct ath10k *ar)
3938 {
3939 	/* FIXME: Not really sure since when the behaviour changed. At some
3940 	 * point new firmware stopped requiring creation of peer entries for
3941 	 * offchannel tx (and actually creating them causes issues with wmi-htc
3942 	 * tx credit replenishment and reliability). Assuming it's at least 3.4
3943 	 * because that's when the `freq` was introduced to TX_FRM HTT command.
3944 	 */
3945 	return (ar->htt.target_version_major >= 3 &&
3946 		ar->htt.target_version_minor >= 4 &&
3947 		ar->running_fw->fw_file.htt_op_version == ATH10K_FW_HTT_OP_VERSION_TLV);
3948 }
3949 
3950 static int ath10k_mac_tx_wmi_mgmt(struct ath10k *ar, struct sk_buff *skb)
3951 {
3952 	struct sk_buff_head *q = &ar->wmi_mgmt_tx_queue;
3953 
3954 	if (skb_queue_len_lockless(q) >= ATH10K_MAX_NUM_MGMT_PENDING) {
3955 		ath10k_warn(ar, "wmi mgmt tx queue is full\n");
3956 		return -ENOSPC;
3957 	}
3958 
3959 	skb_queue_tail(q, skb);
3960 	ieee80211_queue_work(ar->hw, &ar->wmi_mgmt_tx_work);
3961 
3962 	return 0;
3963 }
3964 
3965 static enum ath10k_mac_tx_path
3966 ath10k_mac_tx_h_get_txpath(struct ath10k *ar,
3967 			   struct sk_buff *skb,
3968 			   enum ath10k_hw_txrx_mode txmode)
3969 {
3970 	switch (txmode) {
3971 	case ATH10K_HW_TXRX_RAW:
3972 	case ATH10K_HW_TXRX_NATIVE_WIFI:
3973 	case ATH10K_HW_TXRX_ETHERNET:
3974 		return ATH10K_MAC_TX_HTT;
3975 	case ATH10K_HW_TXRX_MGMT:
3976 		if (test_bit(ATH10K_FW_FEATURE_HAS_WMI_MGMT_TX,
3977 			     ar->running_fw->fw_file.fw_features) ||
3978 			     test_bit(WMI_SERVICE_MGMT_TX_WMI,
3979 				      ar->wmi.svc_map))
3980 			return ATH10K_MAC_TX_WMI_MGMT;
3981 		else if (ar->htt.target_version_major >= 3)
3982 			return ATH10K_MAC_TX_HTT;
3983 		else
3984 			return ATH10K_MAC_TX_HTT_MGMT;
3985 	}
3986 
3987 	return ATH10K_MAC_TX_UNKNOWN;
3988 }
3989 
3990 static int ath10k_mac_tx_submit(struct ath10k *ar,
3991 				enum ath10k_hw_txrx_mode txmode,
3992 				enum ath10k_mac_tx_path txpath,
3993 				struct sk_buff *skb)
3994 {
3995 	struct ath10k_htt *htt = &ar->htt;
3996 	int ret = -EINVAL;
3997 
3998 	switch (txpath) {
3999 	case ATH10K_MAC_TX_HTT:
4000 		ret = ath10k_htt_tx(htt, txmode, skb);
4001 		break;
4002 	case ATH10K_MAC_TX_HTT_MGMT:
4003 		ret = ath10k_htt_mgmt_tx(htt, skb);
4004 		break;
4005 	case ATH10K_MAC_TX_WMI_MGMT:
4006 		ret = ath10k_mac_tx_wmi_mgmt(ar, skb);
4007 		break;
4008 	case ATH10K_MAC_TX_UNKNOWN:
4009 		WARN_ON_ONCE(1);
4010 		ret = -EINVAL;
4011 		break;
4012 	}
4013 
4014 	if (ret) {
4015 		ath10k_warn(ar, "failed to transmit packet, dropping: %d\n",
4016 			    ret);
4017 		ieee80211_free_txskb(ar->hw, skb);
4018 	}
4019 
4020 	return ret;
4021 }
4022 
4023 /* This function consumes the sk_buff regardless of return value as far as
4024  * caller is concerned so no freeing is necessary afterwards.
4025  */
4026 static int ath10k_mac_tx(struct ath10k *ar,
4027 			 struct ieee80211_vif *vif,
4028 			 enum ath10k_hw_txrx_mode txmode,
4029 			 enum ath10k_mac_tx_path txpath,
4030 			 struct sk_buff *skb, bool noque_offchan)
4031 {
4032 	struct ieee80211_hw *hw = ar->hw;
4033 	struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
4034 	const struct ath10k_skb_cb *skb_cb = ATH10K_SKB_CB(skb);
4035 	int ret;
4036 
4037 	/* We should disable CCK RATE due to P2P */
4038 	if (info->flags & IEEE80211_TX_CTL_NO_CCK_RATE)
4039 		ath10k_dbg(ar, ATH10K_DBG_MAC, "IEEE80211_TX_CTL_NO_CCK_RATE\n");
4040 
4041 	switch (txmode) {
4042 	case ATH10K_HW_TXRX_MGMT:
4043 	case ATH10K_HW_TXRX_NATIVE_WIFI:
4044 		ath10k_tx_h_nwifi(hw, skb);
4045 		ath10k_tx_h_add_p2p_noa_ie(ar, vif, skb);
4046 		ath10k_tx_h_seq_no(vif, skb);
4047 		break;
4048 	case ATH10K_HW_TXRX_ETHERNET:
4049 		/* Convert 802.11->802.3 header only if the frame was earlier
4050 		 * encapsulated to 802.11 by mac80211. Otherwise pass it as is.
4051 		 */
4052 		if (!(info->flags & IEEE80211_TX_CTL_HW_80211_ENCAP))
4053 			ath10k_tx_h_8023(skb);
4054 		break;
4055 	case ATH10K_HW_TXRX_RAW:
4056 		if (!test_bit(ATH10K_FLAG_RAW_MODE, &ar->dev_flags) &&
4057 		    !(skb_cb->flags & ATH10K_SKB_F_RAW_TX)) {
4058 			WARN_ON_ONCE(1);
4059 			ieee80211_free_txskb(hw, skb);
4060 			return -EOPNOTSUPP;
4061 		}
4062 	}
4063 
4064 	if (!noque_offchan && info->flags & IEEE80211_TX_CTL_TX_OFFCHAN) {
4065 		if (!ath10k_mac_tx_frm_has_freq(ar)) {
4066 			ath10k_dbg(ar, ATH10K_DBG_MAC, "mac queued offchannel skb %pK len %d\n",
4067 				   skb, skb->len);
4068 
4069 			skb_queue_tail(&ar->offchan_tx_queue, skb);
4070 			ieee80211_queue_work(hw, &ar->offchan_tx_work);
4071 			return 0;
4072 		}
4073 	}
4074 
4075 	ret = ath10k_mac_tx_submit(ar, txmode, txpath, skb);
4076 	if (ret) {
4077 		ath10k_warn(ar, "failed to submit frame: %d\n", ret);
4078 		return ret;
4079 	}
4080 
4081 	return 0;
4082 }
4083 
4084 void ath10k_offchan_tx_purge(struct ath10k *ar)
4085 {
4086 	struct sk_buff *skb;
4087 
4088 	for (;;) {
4089 		skb = skb_dequeue(&ar->offchan_tx_queue);
4090 		if (!skb)
4091 			break;
4092 
4093 		ieee80211_free_txskb(ar->hw, skb);
4094 	}
4095 }
4096 
4097 void ath10k_offchan_tx_work(struct work_struct *work)
4098 {
4099 	struct ath10k *ar = container_of(work, struct ath10k, offchan_tx_work);
4100 	struct ath10k_peer *peer;
4101 	struct ath10k_vif *arvif;
4102 	enum ath10k_hw_txrx_mode txmode;
4103 	enum ath10k_mac_tx_path txpath;
4104 	struct ieee80211_hdr *hdr;
4105 	struct ieee80211_vif *vif;
4106 	struct ieee80211_sta *sta;
4107 	struct sk_buff *skb;
4108 	const u8 *peer_addr;
4109 	int vdev_id;
4110 	int ret;
4111 	unsigned long time_left;
4112 	bool tmp_peer_created = false;
4113 
4114 	/* FW requirement: We must create a peer before FW will send out
4115 	 * an offchannel frame. Otherwise the frame will be stuck and
4116 	 * never transmitted. We delete the peer upon tx completion.
4117 	 * It is unlikely that a peer for offchannel tx will already be
4118 	 * present. However it may be in some rare cases so account for that.
4119 	 * Otherwise we might remove a legitimate peer and break stuff.
4120 	 */
4121 
4122 	for (;;) {
4123 		skb = skb_dequeue(&ar->offchan_tx_queue);
4124 		if (!skb)
4125 			break;
4126 
4127 		mutex_lock(&ar->conf_mutex);
4128 
4129 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac offchannel skb %pK len %d\n",
4130 			   skb, skb->len);
4131 
4132 		hdr = (struct ieee80211_hdr *)skb->data;
4133 		peer_addr = ieee80211_get_DA(hdr);
4134 
4135 		spin_lock_bh(&ar->data_lock);
4136 		vdev_id = ar->scan.vdev_id;
4137 		peer = ath10k_peer_find(ar, vdev_id, peer_addr);
4138 		spin_unlock_bh(&ar->data_lock);
4139 
4140 		if (peer) {
4141 			ath10k_warn(ar, "peer %pM on vdev %d already present\n",
4142 				    peer_addr, vdev_id);
4143 		} else {
4144 			ret = ath10k_peer_create(ar, NULL, NULL, vdev_id,
4145 						 peer_addr,
4146 						 WMI_PEER_TYPE_DEFAULT);
4147 			if (ret)
4148 				ath10k_warn(ar, "failed to create peer %pM on vdev %d: %d\n",
4149 					    peer_addr, vdev_id, ret);
4150 			tmp_peer_created = (ret == 0);
4151 		}
4152 
4153 		spin_lock_bh(&ar->data_lock);
4154 		reinit_completion(&ar->offchan_tx_completed);
4155 		ar->offchan_tx_skb = skb;
4156 		spin_unlock_bh(&ar->data_lock);
4157 
4158 		/* It's safe to access vif and sta - conf_mutex guarantees that
4159 		 * sta_state() and remove_interface() are locked exclusively
4160 		 * out wrt to this offchannel worker.
4161 		 */
4162 		arvif = ath10k_get_arvif(ar, vdev_id);
4163 		if (arvif) {
4164 			vif = arvif->vif;
4165 			sta = ieee80211_find_sta(vif, peer_addr);
4166 		} else {
4167 			vif = NULL;
4168 			sta = NULL;
4169 		}
4170 
4171 		txmode = ath10k_mac_tx_h_get_txmode(ar, vif, sta, skb);
4172 		txpath = ath10k_mac_tx_h_get_txpath(ar, skb, txmode);
4173 
4174 		ret = ath10k_mac_tx(ar, vif, txmode, txpath, skb, true);
4175 		if (ret) {
4176 			ath10k_warn(ar, "failed to transmit offchannel frame: %d\n",
4177 				    ret);
4178 			/* not serious */
4179 		}
4180 
4181 		time_left =
4182 		wait_for_completion_timeout(&ar->offchan_tx_completed, 3 * HZ);
4183 		if (time_left == 0)
4184 			ath10k_warn(ar, "timed out waiting for offchannel skb %pK, len: %d\n",
4185 				    skb, skb->len);
4186 
4187 		if (!peer && tmp_peer_created) {
4188 			ret = ath10k_peer_delete(ar, vdev_id, peer_addr);
4189 			if (ret)
4190 				ath10k_warn(ar, "failed to delete peer %pM on vdev %d: %d\n",
4191 					    peer_addr, vdev_id, ret);
4192 		}
4193 
4194 		mutex_unlock(&ar->conf_mutex);
4195 	}
4196 }
4197 
4198 void ath10k_mgmt_over_wmi_tx_purge(struct ath10k *ar)
4199 {
4200 	struct sk_buff *skb;
4201 
4202 	for (;;) {
4203 		skb = skb_dequeue(&ar->wmi_mgmt_tx_queue);
4204 		if (!skb)
4205 			break;
4206 
4207 		ieee80211_free_txskb(ar->hw, skb);
4208 	}
4209 }
4210 
4211 void ath10k_mgmt_over_wmi_tx_work(struct work_struct *work)
4212 {
4213 	struct ath10k *ar = container_of(work, struct ath10k, wmi_mgmt_tx_work);
4214 	struct sk_buff *skb;
4215 	dma_addr_t paddr;
4216 	int ret;
4217 
4218 	for (;;) {
4219 		skb = skb_dequeue(&ar->wmi_mgmt_tx_queue);
4220 		if (!skb)
4221 			break;
4222 
4223 		if (test_bit(ATH10K_FW_FEATURE_MGMT_TX_BY_REF,
4224 			     ar->running_fw->fw_file.fw_features)) {
4225 			paddr = dma_map_single(ar->dev, skb->data,
4226 					       skb->len, DMA_TO_DEVICE);
4227 			if (dma_mapping_error(ar->dev, paddr)) {
4228 				ieee80211_free_txskb(ar->hw, skb);
4229 				continue;
4230 			}
4231 			ret = ath10k_wmi_mgmt_tx_send(ar, skb, paddr);
4232 			if (ret) {
4233 				ath10k_warn(ar, "failed to transmit management frame by ref via WMI: %d\n",
4234 					    ret);
4235 				/* remove this msdu from idr tracking */
4236 				ath10k_wmi_cleanup_mgmt_tx_send(ar, skb);
4237 
4238 				dma_unmap_single(ar->dev, paddr, skb->len,
4239 						 DMA_TO_DEVICE);
4240 				ieee80211_free_txskb(ar->hw, skb);
4241 			}
4242 		} else {
4243 			ret = ath10k_wmi_mgmt_tx(ar, skb);
4244 			if (ret) {
4245 				ath10k_warn(ar, "failed to transmit management frame via WMI: %d\n",
4246 					    ret);
4247 				ieee80211_free_txskb(ar->hw, skb);
4248 			}
4249 		}
4250 	}
4251 }
4252 
4253 static void ath10k_mac_txq_init(struct ieee80211_txq *txq)
4254 {
4255 	struct ath10k_txq *artxq;
4256 
4257 	if (!txq)
4258 		return;
4259 
4260 	artxq = (void *)txq->drv_priv;
4261 	INIT_LIST_HEAD(&artxq->list);
4262 }
4263 
4264 static void ath10k_mac_txq_unref(struct ath10k *ar, struct ieee80211_txq *txq)
4265 {
4266 	struct ath10k_skb_cb *cb;
4267 	struct sk_buff *msdu;
4268 	int msdu_id;
4269 
4270 	if (!txq)
4271 		return;
4272 
4273 	spin_lock_bh(&ar->htt.tx_lock);
4274 	idr_for_each_entry(&ar->htt.pending_tx, msdu, msdu_id) {
4275 		cb = ATH10K_SKB_CB(msdu);
4276 		if (cb->txq == txq)
4277 			cb->txq = NULL;
4278 	}
4279 	spin_unlock_bh(&ar->htt.tx_lock);
4280 }
4281 
4282 struct ieee80211_txq *ath10k_mac_txq_lookup(struct ath10k *ar,
4283 					    u16 peer_id,
4284 					    u8 tid)
4285 {
4286 	struct ath10k_peer *peer;
4287 
4288 	lockdep_assert_held(&ar->data_lock);
4289 
4290 	peer = ar->peer_map[peer_id];
4291 	if (!peer)
4292 		return NULL;
4293 
4294 	if (peer->removed)
4295 		return NULL;
4296 
4297 	if (peer->sta)
4298 		return peer->sta->txq[tid];
4299 	else if (peer->vif)
4300 		return peer->vif->txq;
4301 	else
4302 		return NULL;
4303 }
4304 
4305 static bool ath10k_mac_tx_can_push(struct ieee80211_hw *hw,
4306 				   struct ieee80211_txq *txq)
4307 {
4308 	struct ath10k *ar = hw->priv;
4309 	struct ath10k_txq *artxq = (void *)txq->drv_priv;
4310 
4311 	/* No need to get locks */
4312 	if (ar->htt.tx_q_state.mode == HTT_TX_MODE_SWITCH_PUSH)
4313 		return true;
4314 
4315 	if (ar->htt.num_pending_tx < ar->htt.tx_q_state.num_push_allowed)
4316 		return true;
4317 
4318 	if (artxq->num_fw_queued < artxq->num_push_allowed)
4319 		return true;
4320 
4321 	return false;
4322 }
4323 
4324 /* Return estimated airtime in microsecond, which is calculated using last
4325  * reported TX rate. This is just a rough estimation because host driver has no
4326  * knowledge of the actual transmit rate, retries or aggregation. If actual
4327  * airtime can be reported by firmware, then delta between estimated and actual
4328  * airtime can be adjusted from deficit.
4329  */
4330 #define IEEE80211_ATF_OVERHEAD		100	/* IFS + some slot time */
4331 #define IEEE80211_ATF_OVERHEAD_IFS	16	/* IFS only */
4332 static u16 ath10k_mac_update_airtime(struct ath10k *ar,
4333 				     struct ieee80211_txq *txq,
4334 				     struct sk_buff *skb)
4335 {
4336 	struct ath10k_sta *arsta;
4337 	u32 pktlen;
4338 	u16 airtime = 0;
4339 
4340 	if (!txq || !txq->sta)
4341 		return airtime;
4342 
4343 	if (test_bit(WMI_SERVICE_REPORT_AIRTIME, ar->wmi.svc_map))
4344 		return airtime;
4345 
4346 	spin_lock_bh(&ar->data_lock);
4347 	arsta = (struct ath10k_sta *)txq->sta->drv_priv;
4348 
4349 	pktlen = skb->len + 38; /* Assume MAC header 30, SNAP 8 for most case */
4350 	if (arsta->last_tx_bitrate) {
4351 		/* airtime in us, last_tx_bitrate in 100kbps */
4352 		airtime = (pktlen * 8 * (1000 / 100))
4353 				/ arsta->last_tx_bitrate;
4354 		/* overhead for media access time and IFS */
4355 		airtime += IEEE80211_ATF_OVERHEAD_IFS;
4356 	} else {
4357 		/* This is mostly for throttle excessive BC/MC frames, and the
4358 		 * airtime/rate doesn't need be exact. Airtime of BC/MC frames
4359 		 * in 2G get some discount, which helps prevent very low rate
4360 		 * frames from being blocked for too long.
4361 		 */
4362 		airtime = (pktlen * 8 * (1000 / 100)) / 60; /* 6M */
4363 		airtime += IEEE80211_ATF_OVERHEAD;
4364 	}
4365 	spin_unlock_bh(&ar->data_lock);
4366 
4367 	return airtime;
4368 }
4369 
4370 int ath10k_mac_tx_push_txq(struct ieee80211_hw *hw,
4371 			   struct ieee80211_txq *txq)
4372 {
4373 	struct ath10k *ar = hw->priv;
4374 	struct ath10k_htt *htt = &ar->htt;
4375 	struct ath10k_txq *artxq = (void *)txq->drv_priv;
4376 	struct ieee80211_vif *vif = txq->vif;
4377 	struct ieee80211_sta *sta = txq->sta;
4378 	enum ath10k_hw_txrx_mode txmode;
4379 	enum ath10k_mac_tx_path txpath;
4380 	struct sk_buff *skb;
4381 	struct ieee80211_hdr *hdr;
4382 	size_t skb_len;
4383 	bool is_mgmt, is_presp;
4384 	int ret;
4385 	u16 airtime;
4386 
4387 	spin_lock_bh(&ar->htt.tx_lock);
4388 	ret = ath10k_htt_tx_inc_pending(htt);
4389 	spin_unlock_bh(&ar->htt.tx_lock);
4390 
4391 	if (ret)
4392 		return ret;
4393 
4394 	skb = ieee80211_tx_dequeue_ni(hw, txq);
4395 	if (!skb) {
4396 		spin_lock_bh(&ar->htt.tx_lock);
4397 		ath10k_htt_tx_dec_pending(htt);
4398 		spin_unlock_bh(&ar->htt.tx_lock);
4399 
4400 		return -ENOENT;
4401 	}
4402 
4403 	airtime = ath10k_mac_update_airtime(ar, txq, skb);
4404 	ath10k_mac_tx_h_fill_cb(ar, vif, txq, sta, skb, airtime);
4405 
4406 	skb_len = skb->len;
4407 	txmode = ath10k_mac_tx_h_get_txmode(ar, vif, sta, skb);
4408 	txpath = ath10k_mac_tx_h_get_txpath(ar, skb, txmode);
4409 	is_mgmt = (txpath == ATH10K_MAC_TX_HTT_MGMT);
4410 
4411 	if (is_mgmt) {
4412 		hdr = (struct ieee80211_hdr *)skb->data;
4413 		is_presp = ieee80211_is_probe_resp(hdr->frame_control);
4414 
4415 		spin_lock_bh(&ar->htt.tx_lock);
4416 		ret = ath10k_htt_tx_mgmt_inc_pending(htt, is_mgmt, is_presp);
4417 
4418 		if (ret) {
4419 			ath10k_htt_tx_dec_pending(htt);
4420 			spin_unlock_bh(&ar->htt.tx_lock);
4421 			return ret;
4422 		}
4423 		spin_unlock_bh(&ar->htt.tx_lock);
4424 	}
4425 
4426 	ret = ath10k_mac_tx(ar, vif, txmode, txpath, skb, false);
4427 	if (unlikely(ret)) {
4428 		ath10k_warn(ar, "failed to push frame: %d\n", ret);
4429 
4430 		spin_lock_bh(&ar->htt.tx_lock);
4431 		ath10k_htt_tx_dec_pending(htt);
4432 		if (is_mgmt)
4433 			ath10k_htt_tx_mgmt_dec_pending(htt);
4434 		spin_unlock_bh(&ar->htt.tx_lock);
4435 
4436 		return ret;
4437 	}
4438 
4439 	spin_lock_bh(&ar->htt.tx_lock);
4440 	artxq->num_fw_queued++;
4441 	spin_unlock_bh(&ar->htt.tx_lock);
4442 
4443 	return skb_len;
4444 }
4445 
4446 static int ath10k_mac_schedule_txq(struct ieee80211_hw *hw, u32 ac)
4447 {
4448 	struct ieee80211_txq *txq;
4449 	int ret = 0;
4450 
4451 	ieee80211_txq_schedule_start(hw, ac);
4452 	while ((txq = ieee80211_next_txq(hw, ac))) {
4453 		while (ath10k_mac_tx_can_push(hw, txq)) {
4454 			ret = ath10k_mac_tx_push_txq(hw, txq);
4455 			if (ret < 0)
4456 				break;
4457 		}
4458 		ieee80211_return_txq(hw, txq, false);
4459 		ath10k_htt_tx_txq_update(hw, txq);
4460 		if (ret == -EBUSY)
4461 			break;
4462 	}
4463 	ieee80211_txq_schedule_end(hw, ac);
4464 
4465 	return ret;
4466 }
4467 
4468 void ath10k_mac_tx_push_pending(struct ath10k *ar)
4469 {
4470 	struct ieee80211_hw *hw = ar->hw;
4471 	u32 ac;
4472 
4473 	if (ar->htt.tx_q_state.mode != HTT_TX_MODE_SWITCH_PUSH)
4474 		return;
4475 
4476 	if (ar->htt.num_pending_tx >= (ar->htt.max_num_pending_tx / 2))
4477 		return;
4478 
4479 	rcu_read_lock();
4480 	for (ac = 0; ac < IEEE80211_NUM_ACS; ac++) {
4481 		if (ath10k_mac_schedule_txq(hw, ac) == -EBUSY)
4482 			break;
4483 	}
4484 	rcu_read_unlock();
4485 }
4486 EXPORT_SYMBOL(ath10k_mac_tx_push_pending);
4487 
4488 /************/
4489 /* Scanning */
4490 /************/
4491 
4492 void __ath10k_scan_finish(struct ath10k *ar)
4493 {
4494 	lockdep_assert_held(&ar->data_lock);
4495 
4496 	switch (ar->scan.state) {
4497 	case ATH10K_SCAN_IDLE:
4498 		break;
4499 	case ATH10K_SCAN_RUNNING:
4500 	case ATH10K_SCAN_ABORTING:
4501 		if (ar->scan.is_roc && ar->scan.roc_notify)
4502 			ieee80211_remain_on_channel_expired(ar->hw);
4503 		fallthrough;
4504 	case ATH10K_SCAN_STARTING:
4505 		if (!ar->scan.is_roc) {
4506 			struct cfg80211_scan_info info = {
4507 				.aborted = ((ar->scan.state ==
4508 					    ATH10K_SCAN_ABORTING) ||
4509 					    (ar->scan.state ==
4510 					    ATH10K_SCAN_STARTING)),
4511 			};
4512 
4513 			ieee80211_scan_completed(ar->hw, &info);
4514 		}
4515 
4516 		ar->scan.state = ATH10K_SCAN_IDLE;
4517 		ar->scan_channel = NULL;
4518 		ar->scan.roc_freq = 0;
4519 		ath10k_offchan_tx_purge(ar);
4520 		cancel_delayed_work(&ar->scan.timeout);
4521 		complete(&ar->scan.completed);
4522 		break;
4523 	}
4524 }
4525 
4526 void ath10k_scan_finish(struct ath10k *ar)
4527 {
4528 	spin_lock_bh(&ar->data_lock);
4529 	__ath10k_scan_finish(ar);
4530 	spin_unlock_bh(&ar->data_lock);
4531 }
4532 
4533 static int ath10k_scan_stop(struct ath10k *ar)
4534 {
4535 	struct wmi_stop_scan_arg arg = {
4536 		.req_id = 1, /* FIXME */
4537 		.req_type = WMI_SCAN_STOP_ONE,
4538 		.u.scan_id = ATH10K_SCAN_ID,
4539 	};
4540 	int ret;
4541 
4542 	lockdep_assert_held(&ar->conf_mutex);
4543 
4544 	ret = ath10k_wmi_stop_scan(ar, &arg);
4545 	if (ret) {
4546 		ath10k_warn(ar, "failed to stop wmi scan: %d\n", ret);
4547 		goto out;
4548 	}
4549 
4550 	ret = wait_for_completion_timeout(&ar->scan.completed, 3 * HZ);
4551 	if (ret == 0) {
4552 		ath10k_warn(ar, "failed to receive scan abortion completion: timed out\n");
4553 		ret = -ETIMEDOUT;
4554 	} else if (ret > 0) {
4555 		ret = 0;
4556 	}
4557 
4558 out:
4559 	/* Scan state should be updated upon scan completion but in case
4560 	 * firmware fails to deliver the event (for whatever reason) it is
4561 	 * desired to clean up scan state anyway. Firmware may have just
4562 	 * dropped the scan completion event delivery due to transport pipe
4563 	 * being overflown with data and/or it can recover on its own before
4564 	 * next scan request is submitted.
4565 	 */
4566 	spin_lock_bh(&ar->data_lock);
4567 	if (ar->scan.state != ATH10K_SCAN_IDLE)
4568 		__ath10k_scan_finish(ar);
4569 	spin_unlock_bh(&ar->data_lock);
4570 
4571 	return ret;
4572 }
4573 
4574 static void ath10k_scan_abort(struct ath10k *ar)
4575 {
4576 	int ret;
4577 
4578 	lockdep_assert_held(&ar->conf_mutex);
4579 
4580 	spin_lock_bh(&ar->data_lock);
4581 
4582 	switch (ar->scan.state) {
4583 	case ATH10K_SCAN_IDLE:
4584 		/* This can happen if timeout worker kicked in and called
4585 		 * abortion while scan completion was being processed.
4586 		 */
4587 		break;
4588 	case ATH10K_SCAN_STARTING:
4589 	case ATH10K_SCAN_ABORTING:
4590 		ath10k_warn(ar, "refusing scan abortion due to invalid scan state: %s (%d)\n",
4591 			    ath10k_scan_state_str(ar->scan.state),
4592 			    ar->scan.state);
4593 		break;
4594 	case ATH10K_SCAN_RUNNING:
4595 		ar->scan.state = ATH10K_SCAN_ABORTING;
4596 		spin_unlock_bh(&ar->data_lock);
4597 
4598 		ret = ath10k_scan_stop(ar);
4599 		if (ret)
4600 			ath10k_warn(ar, "failed to abort scan: %d\n", ret);
4601 
4602 		spin_lock_bh(&ar->data_lock);
4603 		break;
4604 	}
4605 
4606 	spin_unlock_bh(&ar->data_lock);
4607 }
4608 
4609 void ath10k_scan_timeout_work(struct work_struct *work)
4610 {
4611 	struct ath10k *ar = container_of(work, struct ath10k,
4612 					 scan.timeout.work);
4613 
4614 	mutex_lock(&ar->conf_mutex);
4615 	ath10k_scan_abort(ar);
4616 	mutex_unlock(&ar->conf_mutex);
4617 }
4618 
4619 static int ath10k_start_scan(struct ath10k *ar,
4620 			     const struct wmi_start_scan_arg *arg)
4621 {
4622 	int ret;
4623 
4624 	lockdep_assert_held(&ar->conf_mutex);
4625 
4626 	ret = ath10k_wmi_start_scan(ar, arg);
4627 	if (ret)
4628 		return ret;
4629 
4630 	ret = wait_for_completion_timeout(&ar->scan.started, 1 * HZ);
4631 	if (ret == 0) {
4632 		ret = ath10k_scan_stop(ar);
4633 		if (ret)
4634 			ath10k_warn(ar, "failed to stop scan: %d\n", ret);
4635 
4636 		return -ETIMEDOUT;
4637 	}
4638 
4639 	/* If we failed to start the scan, return error code at
4640 	 * this point.  This is probably due to some issue in the
4641 	 * firmware, but no need to wedge the driver due to that...
4642 	 */
4643 	spin_lock_bh(&ar->data_lock);
4644 	if (ar->scan.state == ATH10K_SCAN_IDLE) {
4645 		spin_unlock_bh(&ar->data_lock);
4646 		return -EINVAL;
4647 	}
4648 	spin_unlock_bh(&ar->data_lock);
4649 
4650 	return 0;
4651 }
4652 
4653 /**********************/
4654 /* mac80211 callbacks */
4655 /**********************/
4656 
4657 static void ath10k_mac_op_tx(struct ieee80211_hw *hw,
4658 			     struct ieee80211_tx_control *control,
4659 			     struct sk_buff *skb)
4660 {
4661 	struct ath10k *ar = hw->priv;
4662 	struct ath10k_htt *htt = &ar->htt;
4663 	struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
4664 	struct ieee80211_vif *vif = info->control.vif;
4665 	struct ieee80211_sta *sta = control->sta;
4666 	struct ieee80211_txq *txq = NULL;
4667 	enum ath10k_hw_txrx_mode txmode;
4668 	enum ath10k_mac_tx_path txpath;
4669 	bool is_htt;
4670 	bool is_mgmt;
4671 	int ret;
4672 	u16 airtime;
4673 
4674 	airtime = ath10k_mac_update_airtime(ar, txq, skb);
4675 	ath10k_mac_tx_h_fill_cb(ar, vif, txq, sta, skb, airtime);
4676 
4677 	txmode = ath10k_mac_tx_h_get_txmode(ar, vif, sta, skb);
4678 	txpath = ath10k_mac_tx_h_get_txpath(ar, skb, txmode);
4679 	is_htt = (txpath == ATH10K_MAC_TX_HTT ||
4680 		  txpath == ATH10K_MAC_TX_HTT_MGMT);
4681 	is_mgmt = (txpath == ATH10K_MAC_TX_HTT_MGMT);
4682 
4683 	if (is_htt) {
4684 		bool is_presp = false;
4685 
4686 		spin_lock_bh(&ar->htt.tx_lock);
4687 		if (!(info->flags & IEEE80211_TX_CTL_HW_80211_ENCAP)) {
4688 			struct ieee80211_hdr *hdr = (void *)skb->data;
4689 
4690 			is_presp = ieee80211_is_probe_resp(hdr->frame_control);
4691 		}
4692 
4693 		ret = ath10k_htt_tx_inc_pending(htt);
4694 		if (ret) {
4695 			ath10k_warn(ar, "failed to increase tx pending count: %d, dropping\n",
4696 				    ret);
4697 			spin_unlock_bh(&ar->htt.tx_lock);
4698 			ieee80211_free_txskb(ar->hw, skb);
4699 			return;
4700 		}
4701 
4702 		ret = ath10k_htt_tx_mgmt_inc_pending(htt, is_mgmt, is_presp);
4703 		if (ret) {
4704 			ath10k_dbg(ar, ATH10K_DBG_MAC, "failed to increase tx mgmt pending count: %d, dropping\n",
4705 				   ret);
4706 			ath10k_htt_tx_dec_pending(htt);
4707 			spin_unlock_bh(&ar->htt.tx_lock);
4708 			ieee80211_free_txskb(ar->hw, skb);
4709 			return;
4710 		}
4711 		spin_unlock_bh(&ar->htt.tx_lock);
4712 	}
4713 
4714 	ret = ath10k_mac_tx(ar, vif, txmode, txpath, skb, false);
4715 	if (ret) {
4716 		ath10k_warn(ar, "failed to transmit frame: %d\n", ret);
4717 		if (is_htt) {
4718 			spin_lock_bh(&ar->htt.tx_lock);
4719 			ath10k_htt_tx_dec_pending(htt);
4720 			if (is_mgmt)
4721 				ath10k_htt_tx_mgmt_dec_pending(htt);
4722 			spin_unlock_bh(&ar->htt.tx_lock);
4723 		}
4724 		return;
4725 	}
4726 }
4727 
4728 static void ath10k_mac_op_wake_tx_queue(struct ieee80211_hw *hw,
4729 					struct ieee80211_txq *txq)
4730 {
4731 	struct ath10k *ar = hw->priv;
4732 	int ret;
4733 	u8 ac = txq->ac;
4734 
4735 	ath10k_htt_tx_txq_update(hw, txq);
4736 	if (ar->htt.tx_q_state.mode != HTT_TX_MODE_SWITCH_PUSH)
4737 		return;
4738 
4739 	spin_lock_bh(&ar->queue_lock[ac]);
4740 
4741 	ieee80211_txq_schedule_start(hw, ac);
4742 	txq = ieee80211_next_txq(hw, ac);
4743 	if (!txq)
4744 		goto out;
4745 
4746 	while (ath10k_mac_tx_can_push(hw, txq)) {
4747 		ret = ath10k_mac_tx_push_txq(hw, txq);
4748 		if (ret < 0)
4749 			break;
4750 	}
4751 	ieee80211_return_txq(hw, txq, false);
4752 	ath10k_htt_tx_txq_update(hw, txq);
4753 out:
4754 	ieee80211_txq_schedule_end(hw, ac);
4755 	spin_unlock_bh(&ar->queue_lock[ac]);
4756 }
4757 
4758 /* Must not be called with conf_mutex held as workers can use that also. */
4759 void ath10k_drain_tx(struct ath10k *ar)
4760 {
4761 	lockdep_assert_not_held(&ar->conf_mutex);
4762 
4763 	/* make sure rcu-protected mac80211 tx path itself is drained */
4764 	synchronize_net();
4765 
4766 	ath10k_offchan_tx_purge(ar);
4767 	ath10k_mgmt_over_wmi_tx_purge(ar);
4768 
4769 	cancel_work_sync(&ar->offchan_tx_work);
4770 	cancel_work_sync(&ar->wmi_mgmt_tx_work);
4771 }
4772 
4773 void ath10k_halt(struct ath10k *ar)
4774 {
4775 	struct ath10k_vif *arvif;
4776 
4777 	lockdep_assert_held(&ar->conf_mutex);
4778 
4779 	clear_bit(ATH10K_CAC_RUNNING, &ar->dev_flags);
4780 	ar->filter_flags = 0;
4781 	ar->monitor = false;
4782 	ar->monitor_arvif = NULL;
4783 
4784 	if (ar->monitor_started)
4785 		ath10k_monitor_stop(ar);
4786 
4787 	ar->monitor_started = false;
4788 	ar->tx_paused = 0;
4789 
4790 	ath10k_scan_finish(ar);
4791 	ath10k_peer_cleanup_all(ar);
4792 	ath10k_stop_radar_confirmation(ar);
4793 	ath10k_core_stop(ar);
4794 	ath10k_hif_power_down(ar);
4795 
4796 	spin_lock_bh(&ar->data_lock);
4797 	list_for_each_entry(arvif, &ar->arvifs, list)
4798 		ath10k_mac_vif_beacon_cleanup(arvif);
4799 	spin_unlock_bh(&ar->data_lock);
4800 }
4801 
4802 static int ath10k_get_antenna(struct ieee80211_hw *hw, u32 *tx_ant, u32 *rx_ant)
4803 {
4804 	struct ath10k *ar = hw->priv;
4805 
4806 	mutex_lock(&ar->conf_mutex);
4807 
4808 	*tx_ant = ar->cfg_tx_chainmask;
4809 	*rx_ant = ar->cfg_rx_chainmask;
4810 
4811 	mutex_unlock(&ar->conf_mutex);
4812 
4813 	return 0;
4814 }
4815 
4816 static bool ath10k_check_chain_mask(struct ath10k *ar, u32 cm, const char *dbg)
4817 {
4818 	/* It is not clear that allowing gaps in chainmask
4819 	 * is helpful.  Probably it will not do what user
4820 	 * is hoping for, so warn in that case.
4821 	 */
4822 	if (cm == 15 || cm == 7 || cm == 3 || cm == 1 || cm == 0)
4823 		return true;
4824 
4825 	ath10k_warn(ar, "mac %s antenna chainmask is invalid: 0x%x.  Suggested values: 15, 7, 3, 1 or 0.\n",
4826 		    dbg, cm);
4827 	return false;
4828 }
4829 
4830 static int ath10k_mac_get_vht_cap_bf_sts(struct ath10k *ar)
4831 {
4832 	int nsts = ar->vht_cap_info;
4833 
4834 	nsts &= IEEE80211_VHT_CAP_BEAMFORMEE_STS_MASK;
4835 	nsts >>= IEEE80211_VHT_CAP_BEAMFORMEE_STS_SHIFT;
4836 
4837 	/* If firmware does not deliver to host number of space-time
4838 	 * streams supported, assume it support up to 4 BF STS and return
4839 	 * the value for VHT CAP: nsts-1)
4840 	 */
4841 	if (nsts == 0)
4842 		return 3;
4843 
4844 	return nsts;
4845 }
4846 
4847 static int ath10k_mac_get_vht_cap_bf_sound_dim(struct ath10k *ar)
4848 {
4849 	int sound_dim = ar->vht_cap_info;
4850 
4851 	sound_dim &= IEEE80211_VHT_CAP_SOUNDING_DIMENSIONS_MASK;
4852 	sound_dim >>= IEEE80211_VHT_CAP_SOUNDING_DIMENSIONS_SHIFT;
4853 
4854 	/* If the sounding dimension is not advertised by the firmware,
4855 	 * let's use a default value of 1
4856 	 */
4857 	if (sound_dim == 0)
4858 		return 1;
4859 
4860 	return sound_dim;
4861 }
4862 
4863 static struct ieee80211_sta_vht_cap ath10k_create_vht_cap(struct ath10k *ar)
4864 {
4865 	struct ieee80211_sta_vht_cap vht_cap = {0};
4866 	struct ath10k_hw_params *hw = &ar->hw_params;
4867 	u16 mcs_map;
4868 	u32 val;
4869 	int i;
4870 
4871 	vht_cap.vht_supported = 1;
4872 	vht_cap.cap = ar->vht_cap_info;
4873 
4874 	if (ar->vht_cap_info & (IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE |
4875 				IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE)) {
4876 		val = ath10k_mac_get_vht_cap_bf_sts(ar);
4877 		val <<= IEEE80211_VHT_CAP_BEAMFORMEE_STS_SHIFT;
4878 		val &= IEEE80211_VHT_CAP_BEAMFORMEE_STS_MASK;
4879 
4880 		vht_cap.cap |= val;
4881 	}
4882 
4883 	if (ar->vht_cap_info & (IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE |
4884 				IEEE80211_VHT_CAP_MU_BEAMFORMER_CAPABLE)) {
4885 		val = ath10k_mac_get_vht_cap_bf_sound_dim(ar);
4886 		val <<= IEEE80211_VHT_CAP_SOUNDING_DIMENSIONS_SHIFT;
4887 		val &= IEEE80211_VHT_CAP_SOUNDING_DIMENSIONS_MASK;
4888 
4889 		vht_cap.cap |= val;
4890 	}
4891 
4892 	mcs_map = 0;
4893 	for (i = 0; i < 8; i++) {
4894 		if ((i < ar->num_rf_chains) && (ar->cfg_tx_chainmask & BIT(i)))
4895 			mcs_map |= IEEE80211_VHT_MCS_SUPPORT_0_9 << (i * 2);
4896 		else
4897 			mcs_map |= IEEE80211_VHT_MCS_NOT_SUPPORTED << (i * 2);
4898 	}
4899 
4900 	if (ar->cfg_tx_chainmask <= 1)
4901 		vht_cap.cap &= ~IEEE80211_VHT_CAP_TXSTBC;
4902 
4903 	vht_cap.vht_mcs.rx_mcs_map = cpu_to_le16(mcs_map);
4904 	vht_cap.vht_mcs.tx_mcs_map = cpu_to_le16(mcs_map);
4905 
4906 	/* If we are supporting 160Mhz or 80+80, then the NIC may be able to do
4907 	 * a restricted NSS for 160 or 80+80 vs what it can do for 80Mhz.  Give
4908 	 * user-space a clue if that is the case.
4909 	 */
4910 	if ((vht_cap.cap & IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_MASK) &&
4911 	    (hw->vht160_mcs_rx_highest != 0 ||
4912 	     hw->vht160_mcs_tx_highest != 0)) {
4913 		vht_cap.vht_mcs.rx_highest = cpu_to_le16(hw->vht160_mcs_rx_highest);
4914 		vht_cap.vht_mcs.tx_highest = cpu_to_le16(hw->vht160_mcs_tx_highest);
4915 	}
4916 
4917 	return vht_cap;
4918 }
4919 
4920 static struct ieee80211_sta_ht_cap ath10k_get_ht_cap(struct ath10k *ar)
4921 {
4922 	int i;
4923 	struct ieee80211_sta_ht_cap ht_cap = {0};
4924 
4925 	if (!(ar->ht_cap_info & WMI_HT_CAP_ENABLED))
4926 		return ht_cap;
4927 
4928 	ht_cap.ht_supported = 1;
4929 	ht_cap.ampdu_factor = IEEE80211_HT_MAX_AMPDU_64K;
4930 	ht_cap.ampdu_density = IEEE80211_HT_MPDU_DENSITY_8;
4931 	ht_cap.cap |= IEEE80211_HT_CAP_SUP_WIDTH_20_40;
4932 	ht_cap.cap |= IEEE80211_HT_CAP_DSSSCCK40;
4933 	ht_cap.cap |=
4934 		WLAN_HT_CAP_SM_PS_DISABLED << IEEE80211_HT_CAP_SM_PS_SHIFT;
4935 
4936 	if (ar->ht_cap_info & WMI_HT_CAP_HT20_SGI)
4937 		ht_cap.cap |= IEEE80211_HT_CAP_SGI_20;
4938 
4939 	if (ar->ht_cap_info & WMI_HT_CAP_HT40_SGI)
4940 		ht_cap.cap |= IEEE80211_HT_CAP_SGI_40;
4941 
4942 	if (ar->ht_cap_info & WMI_HT_CAP_DYNAMIC_SMPS) {
4943 		u32 smps;
4944 
4945 		smps   = WLAN_HT_CAP_SM_PS_DYNAMIC;
4946 		smps <<= IEEE80211_HT_CAP_SM_PS_SHIFT;
4947 
4948 		ht_cap.cap |= smps;
4949 	}
4950 
4951 	if (ar->ht_cap_info & WMI_HT_CAP_TX_STBC && (ar->cfg_tx_chainmask > 1))
4952 		ht_cap.cap |= IEEE80211_HT_CAP_TX_STBC;
4953 
4954 	if (ar->ht_cap_info & WMI_HT_CAP_RX_STBC) {
4955 		u32 stbc;
4956 
4957 		stbc   = ar->ht_cap_info;
4958 		stbc  &= WMI_HT_CAP_RX_STBC;
4959 		stbc >>= WMI_HT_CAP_RX_STBC_MASK_SHIFT;
4960 		stbc <<= IEEE80211_HT_CAP_RX_STBC_SHIFT;
4961 		stbc  &= IEEE80211_HT_CAP_RX_STBC;
4962 
4963 		ht_cap.cap |= stbc;
4964 	}
4965 
4966 	if (ar->ht_cap_info & WMI_HT_CAP_LDPC || (ar->ht_cap_info &
4967 	    WMI_HT_CAP_RX_LDPC && (ar->ht_cap_info & WMI_HT_CAP_TX_LDPC)))
4968 		ht_cap.cap |= IEEE80211_HT_CAP_LDPC_CODING;
4969 
4970 	if (ar->ht_cap_info & WMI_HT_CAP_L_SIG_TXOP_PROT)
4971 		ht_cap.cap |= IEEE80211_HT_CAP_LSIG_TXOP_PROT;
4972 
4973 	/* max AMSDU is implicitly taken from vht_cap_info */
4974 	if (ar->vht_cap_info & WMI_VHT_CAP_MAX_MPDU_LEN_MASK)
4975 		ht_cap.cap |= IEEE80211_HT_CAP_MAX_AMSDU;
4976 
4977 	for (i = 0; i < ar->num_rf_chains; i++) {
4978 		if (ar->cfg_rx_chainmask & BIT(i))
4979 			ht_cap.mcs.rx_mask[i] = 0xFF;
4980 	}
4981 
4982 	ht_cap.mcs.tx_params |= IEEE80211_HT_MCS_TX_DEFINED;
4983 
4984 	return ht_cap;
4985 }
4986 
4987 static void ath10k_mac_setup_ht_vht_cap(struct ath10k *ar)
4988 {
4989 	struct ieee80211_supported_band *band;
4990 	struct ieee80211_sta_vht_cap vht_cap;
4991 	struct ieee80211_sta_ht_cap ht_cap;
4992 
4993 	ht_cap = ath10k_get_ht_cap(ar);
4994 	vht_cap = ath10k_create_vht_cap(ar);
4995 
4996 	if (ar->phy_capability & WHAL_WLAN_11G_CAPABILITY) {
4997 		band = &ar->mac.sbands[NL80211_BAND_2GHZ];
4998 		band->ht_cap = ht_cap;
4999 	}
5000 	if (ar->phy_capability & WHAL_WLAN_11A_CAPABILITY) {
5001 		band = &ar->mac.sbands[NL80211_BAND_5GHZ];
5002 		band->ht_cap = ht_cap;
5003 		band->vht_cap = vht_cap;
5004 	}
5005 }
5006 
5007 static int __ath10k_set_antenna(struct ath10k *ar, u32 tx_ant, u32 rx_ant)
5008 {
5009 	int ret;
5010 	bool is_valid_tx_chain_mask, is_valid_rx_chain_mask;
5011 
5012 	lockdep_assert_held(&ar->conf_mutex);
5013 
5014 	is_valid_tx_chain_mask = ath10k_check_chain_mask(ar, tx_ant, "tx");
5015 	is_valid_rx_chain_mask = ath10k_check_chain_mask(ar, rx_ant, "rx");
5016 
5017 	if (!is_valid_tx_chain_mask || !is_valid_rx_chain_mask)
5018 		return -EINVAL;
5019 
5020 	ar->cfg_tx_chainmask = tx_ant;
5021 	ar->cfg_rx_chainmask = rx_ant;
5022 
5023 	if ((ar->state != ATH10K_STATE_ON) &&
5024 	    (ar->state != ATH10K_STATE_RESTARTED))
5025 		return 0;
5026 
5027 	ret = ath10k_wmi_pdev_set_param(ar, ar->wmi.pdev_param->tx_chain_mask,
5028 					tx_ant);
5029 	if (ret) {
5030 		ath10k_warn(ar, "failed to set tx-chainmask: %d, req 0x%x\n",
5031 			    ret, tx_ant);
5032 		return ret;
5033 	}
5034 
5035 	ret = ath10k_wmi_pdev_set_param(ar, ar->wmi.pdev_param->rx_chain_mask,
5036 					rx_ant);
5037 	if (ret) {
5038 		ath10k_warn(ar, "failed to set rx-chainmask: %d, req 0x%x\n",
5039 			    ret, rx_ant);
5040 		return ret;
5041 	}
5042 
5043 	/* Reload HT/VHT capability */
5044 	ath10k_mac_setup_ht_vht_cap(ar);
5045 
5046 	return 0;
5047 }
5048 
5049 static int ath10k_set_antenna(struct ieee80211_hw *hw, u32 tx_ant, u32 rx_ant)
5050 {
5051 	struct ath10k *ar = hw->priv;
5052 	int ret;
5053 
5054 	mutex_lock(&ar->conf_mutex);
5055 	ret = __ath10k_set_antenna(ar, tx_ant, rx_ant);
5056 	mutex_unlock(&ar->conf_mutex);
5057 	return ret;
5058 }
5059 
5060 static int __ath10k_fetch_bb_timing_dt(struct ath10k *ar,
5061 				       struct wmi_bb_timing_cfg_arg *bb_timing)
5062 {
5063 	struct device_node *node;
5064 	const char *fem_name;
5065 	int ret;
5066 
5067 	node = ar->dev->of_node;
5068 	if (!node)
5069 		return -ENOENT;
5070 
5071 	ret = of_property_read_string_index(node, "ext-fem-name", 0, &fem_name);
5072 	if (ret)
5073 		return -ENOENT;
5074 
5075 	/*
5076 	 * If external Front End module used in hardware, then default base band timing
5077 	 * parameter cannot be used since they were fine tuned for reference hardware,
5078 	 * so choosing different value suitable for that external FEM.
5079 	 */
5080 	if (!strcmp("microsemi-lx5586", fem_name)) {
5081 		bb_timing->bb_tx_timing = 0x00;
5082 		bb_timing->bb_xpa_timing = 0x0101;
5083 	} else {
5084 		return -ENOENT;
5085 	}
5086 
5087 	ath10k_dbg(ar, ATH10K_DBG_BOOT, "boot bb_tx_timing 0x%x bb_xpa_timing 0x%x\n",
5088 		   bb_timing->bb_tx_timing, bb_timing->bb_xpa_timing);
5089 	return 0;
5090 }
5091 
5092 static int ath10k_mac_rfkill_config(struct ath10k *ar)
5093 {
5094 	u32 param;
5095 	int ret;
5096 
5097 	if (ar->hw_values->rfkill_pin == 0) {
5098 		ath10k_warn(ar, "ath10k does not support hardware rfkill with this device\n");
5099 		return -EOPNOTSUPP;
5100 	}
5101 
5102 	ath10k_dbg(ar, ATH10K_DBG_MAC,
5103 		   "mac rfkill_pin %d rfkill_cfg %d rfkill_on_level %d",
5104 		   ar->hw_values->rfkill_pin, ar->hw_values->rfkill_cfg,
5105 		   ar->hw_values->rfkill_on_level);
5106 
5107 	param = FIELD_PREP(WMI_TLV_RFKILL_CFG_RADIO_LEVEL,
5108 			   ar->hw_values->rfkill_on_level) |
5109 		FIELD_PREP(WMI_TLV_RFKILL_CFG_GPIO_PIN_NUM,
5110 			   ar->hw_values->rfkill_pin) |
5111 		FIELD_PREP(WMI_TLV_RFKILL_CFG_PIN_AS_GPIO,
5112 			   ar->hw_values->rfkill_cfg);
5113 
5114 	ret = ath10k_wmi_pdev_set_param(ar,
5115 					ar->wmi.pdev_param->rfkill_config,
5116 					param);
5117 	if (ret) {
5118 		ath10k_warn(ar,
5119 			    "failed to set rfkill config 0x%x: %d\n",
5120 			    param, ret);
5121 		return ret;
5122 	}
5123 	return 0;
5124 }
5125 
5126 int ath10k_mac_rfkill_enable_radio(struct ath10k *ar, bool enable)
5127 {
5128 	enum wmi_tlv_rfkill_enable_radio param;
5129 	int ret;
5130 
5131 	if (enable)
5132 		param = WMI_TLV_RFKILL_ENABLE_RADIO_ON;
5133 	else
5134 		param = WMI_TLV_RFKILL_ENABLE_RADIO_OFF;
5135 
5136 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac rfkill enable %d", param);
5137 
5138 	ret = ath10k_wmi_pdev_set_param(ar, ar->wmi.pdev_param->rfkill_enable,
5139 					param);
5140 	if (ret) {
5141 		ath10k_warn(ar, "failed to set rfkill enable param %d: %d\n",
5142 			    param, ret);
5143 		return ret;
5144 	}
5145 
5146 	return 0;
5147 }
5148 
5149 static int ath10k_start(struct ieee80211_hw *hw)
5150 {
5151 	struct ath10k *ar = hw->priv;
5152 	u32 param;
5153 	int ret = 0;
5154 	struct wmi_bb_timing_cfg_arg bb_timing = {0};
5155 
5156 	/*
5157 	 * This makes sense only when restarting hw. It is harmless to call
5158 	 * unconditionally. This is necessary to make sure no HTT/WMI tx
5159 	 * commands will be submitted while restarting.
5160 	 */
5161 	ath10k_drain_tx(ar);
5162 
5163 	mutex_lock(&ar->conf_mutex);
5164 
5165 	switch (ar->state) {
5166 	case ATH10K_STATE_OFF:
5167 		ar->state = ATH10K_STATE_ON;
5168 		break;
5169 	case ATH10K_STATE_RESTARTING:
5170 		ar->state = ATH10K_STATE_RESTARTED;
5171 		break;
5172 	case ATH10K_STATE_ON:
5173 	case ATH10K_STATE_RESTARTED:
5174 	case ATH10K_STATE_WEDGED:
5175 		WARN_ON(1);
5176 		ret = -EINVAL;
5177 		goto err;
5178 	case ATH10K_STATE_UTF:
5179 		ret = -EBUSY;
5180 		goto err;
5181 	}
5182 
5183 	spin_lock_bh(&ar->data_lock);
5184 
5185 	if (ar->hw_rfkill_on) {
5186 		ar->hw_rfkill_on = false;
5187 		spin_unlock_bh(&ar->data_lock);
5188 		goto err;
5189 	}
5190 
5191 	spin_unlock_bh(&ar->data_lock);
5192 
5193 	ret = ath10k_hif_power_up(ar, ATH10K_FIRMWARE_MODE_NORMAL);
5194 	if (ret) {
5195 		ath10k_err(ar, "Could not init hif: %d\n", ret);
5196 		goto err_off;
5197 	}
5198 
5199 	ret = ath10k_core_start(ar, ATH10K_FIRMWARE_MODE_NORMAL,
5200 				&ar->normal_mode_fw);
5201 	if (ret) {
5202 		ath10k_err(ar, "Could not init core: %d\n", ret);
5203 		goto err_power_down;
5204 	}
5205 
5206 	if (ar->sys_cap_info & WMI_TLV_SYS_CAP_INFO_RFKILL) {
5207 		ret = ath10k_mac_rfkill_config(ar);
5208 		if (ret && ret != -EOPNOTSUPP) {
5209 			ath10k_warn(ar, "failed to configure rfkill: %d", ret);
5210 			goto err_core_stop;
5211 		}
5212 	}
5213 
5214 	param = ar->wmi.pdev_param->pmf_qos;
5215 	ret = ath10k_wmi_pdev_set_param(ar, param, 1);
5216 	if (ret) {
5217 		ath10k_warn(ar, "failed to enable PMF QOS: %d\n", ret);
5218 		goto err_core_stop;
5219 	}
5220 
5221 	param = ar->wmi.pdev_param->dynamic_bw;
5222 	ret = ath10k_wmi_pdev_set_param(ar, param, 1);
5223 	if (ret) {
5224 		ath10k_warn(ar, "failed to enable dynamic BW: %d\n", ret);
5225 		goto err_core_stop;
5226 	}
5227 
5228 	if (test_bit(WMI_SERVICE_SPOOF_MAC_SUPPORT, ar->wmi.svc_map)) {
5229 		ret = ath10k_wmi_scan_prob_req_oui(ar, ar->mac_addr);
5230 		if (ret) {
5231 			ath10k_err(ar, "failed to set prob req oui: %i\n", ret);
5232 			goto err_core_stop;
5233 		}
5234 	}
5235 
5236 	if (test_bit(WMI_SERVICE_ADAPTIVE_OCS, ar->wmi.svc_map)) {
5237 		ret = ath10k_wmi_adaptive_qcs(ar, true);
5238 		if (ret) {
5239 			ath10k_warn(ar, "failed to enable adaptive qcs: %d\n",
5240 				    ret);
5241 			goto err_core_stop;
5242 		}
5243 	}
5244 
5245 	if (test_bit(WMI_SERVICE_BURST, ar->wmi.svc_map)) {
5246 		param = ar->wmi.pdev_param->burst_enable;
5247 		ret = ath10k_wmi_pdev_set_param(ar, param, 0);
5248 		if (ret) {
5249 			ath10k_warn(ar, "failed to disable burst: %d\n", ret);
5250 			goto err_core_stop;
5251 		}
5252 	}
5253 
5254 	param = ar->wmi.pdev_param->idle_ps_config;
5255 	ret = ath10k_wmi_pdev_set_param(ar, param, 1);
5256 	if (ret && ret != -EOPNOTSUPP) {
5257 		ath10k_warn(ar, "failed to enable idle_ps_config: %d\n", ret);
5258 		goto err_core_stop;
5259 	}
5260 
5261 	__ath10k_set_antenna(ar, ar->cfg_tx_chainmask, ar->cfg_rx_chainmask);
5262 
5263 	/*
5264 	 * By default FW set ARP frames ac to voice (6). In that case ARP
5265 	 * exchange is not working properly for UAPSD enabled AP. ARP requests
5266 	 * which arrives with access category 0 are processed by network stack
5267 	 * and send back with access category 0, but FW changes access category
5268 	 * to 6. Set ARP frames access category to best effort (0) solves
5269 	 * this problem.
5270 	 */
5271 
5272 	param = ar->wmi.pdev_param->arp_ac_override;
5273 	ret = ath10k_wmi_pdev_set_param(ar, param, 0);
5274 	if (ret) {
5275 		ath10k_warn(ar, "failed to set arp ac override parameter: %d\n",
5276 			    ret);
5277 		goto err_core_stop;
5278 	}
5279 
5280 	if (test_bit(ATH10K_FW_FEATURE_SUPPORTS_ADAPTIVE_CCA,
5281 		     ar->running_fw->fw_file.fw_features)) {
5282 		ret = ath10k_wmi_pdev_enable_adaptive_cca(ar, 1,
5283 							  WMI_CCA_DETECT_LEVEL_AUTO,
5284 							  WMI_CCA_DETECT_MARGIN_AUTO);
5285 		if (ret) {
5286 			ath10k_warn(ar, "failed to enable adaptive cca: %d\n",
5287 				    ret);
5288 			goto err_core_stop;
5289 		}
5290 	}
5291 
5292 	param = ar->wmi.pdev_param->ani_enable;
5293 	ret = ath10k_wmi_pdev_set_param(ar, param, 1);
5294 	if (ret) {
5295 		ath10k_warn(ar, "failed to enable ani by default: %d\n",
5296 			    ret);
5297 		goto err_core_stop;
5298 	}
5299 
5300 	ar->ani_enabled = true;
5301 
5302 	if (ath10k_peer_stats_enabled(ar)) {
5303 		param = ar->wmi.pdev_param->peer_stats_update_period;
5304 		ret = ath10k_wmi_pdev_set_param(ar, param,
5305 						PEER_DEFAULT_STATS_UPDATE_PERIOD);
5306 		if (ret) {
5307 			ath10k_warn(ar,
5308 				    "failed to set peer stats period : %d\n",
5309 				    ret);
5310 			goto err_core_stop;
5311 		}
5312 	}
5313 
5314 	param = ar->wmi.pdev_param->enable_btcoex;
5315 	if (test_bit(WMI_SERVICE_COEX_GPIO, ar->wmi.svc_map) &&
5316 	    test_bit(ATH10K_FW_FEATURE_BTCOEX_PARAM,
5317 		     ar->running_fw->fw_file.fw_features) &&
5318 	    ar->coex_support) {
5319 		ret = ath10k_wmi_pdev_set_param(ar, param, 0);
5320 		if (ret) {
5321 			ath10k_warn(ar,
5322 				    "failed to set btcoex param: %d\n", ret);
5323 			goto err_core_stop;
5324 		}
5325 		clear_bit(ATH10K_FLAG_BTCOEX, &ar->dev_flags);
5326 	}
5327 
5328 	if (test_bit(WMI_SERVICE_BB_TIMING_CONFIG_SUPPORT, ar->wmi.svc_map)) {
5329 		ret = __ath10k_fetch_bb_timing_dt(ar, &bb_timing);
5330 		if (!ret) {
5331 			ret = ath10k_wmi_pdev_bb_timing(ar, &bb_timing);
5332 			if (ret) {
5333 				ath10k_warn(ar,
5334 					    "failed to set bb timings: %d\n",
5335 					    ret);
5336 				goto err_core_stop;
5337 			}
5338 		}
5339 	}
5340 
5341 	ar->num_started_vdevs = 0;
5342 	ath10k_regd_update(ar);
5343 
5344 	ath10k_spectral_start(ar);
5345 	ath10k_thermal_set_throttling(ar);
5346 
5347 	ar->radar_conf_state = ATH10K_RADAR_CONFIRMATION_IDLE;
5348 
5349 	mutex_unlock(&ar->conf_mutex);
5350 	return 0;
5351 
5352 err_core_stop:
5353 	ath10k_core_stop(ar);
5354 
5355 err_power_down:
5356 	ath10k_hif_power_down(ar);
5357 
5358 err_off:
5359 	ar->state = ATH10K_STATE_OFF;
5360 
5361 err:
5362 	mutex_unlock(&ar->conf_mutex);
5363 	return ret;
5364 }
5365 
5366 static void ath10k_stop(struct ieee80211_hw *hw, bool suspend)
5367 {
5368 	struct ath10k *ar = hw->priv;
5369 	u32 opt;
5370 
5371 	ath10k_drain_tx(ar);
5372 
5373 	mutex_lock(&ar->conf_mutex);
5374 	if (ar->state != ATH10K_STATE_OFF) {
5375 		if (!ar->hw_rfkill_on) {
5376 			/* If the current driver state is RESTARTING but not yet
5377 			 * fully RESTARTED because of incoming suspend event,
5378 			 * then ath10k_halt() is already called via
5379 			 * ath10k_core_restart() and should not be called here.
5380 			 */
5381 			if (ar->state != ATH10K_STATE_RESTARTING) {
5382 				ath10k_halt(ar);
5383 			} else {
5384 				/* Suspending here, because when in RESTARTING
5385 				 * state, ath10k_core_stop() skips
5386 				 * ath10k_wait_for_suspend().
5387 				 */
5388 				opt = WMI_PDEV_SUSPEND_AND_DISABLE_INTR;
5389 				ath10k_wait_for_suspend(ar, opt);
5390 			}
5391 		}
5392 		ar->state = ATH10K_STATE_OFF;
5393 	}
5394 	mutex_unlock(&ar->conf_mutex);
5395 
5396 	cancel_work_sync(&ar->set_coverage_class_work);
5397 	cancel_delayed_work_sync(&ar->scan.timeout);
5398 	cancel_work_sync(&ar->restart_work);
5399 }
5400 
5401 static int ath10k_config_ps(struct ath10k *ar)
5402 {
5403 	struct ath10k_vif *arvif;
5404 	int ret = 0;
5405 
5406 	lockdep_assert_held(&ar->conf_mutex);
5407 
5408 	list_for_each_entry(arvif, &ar->arvifs, list) {
5409 		ret = ath10k_mac_vif_setup_ps(arvif);
5410 		if (ret) {
5411 			ath10k_warn(ar, "failed to setup powersave: %d\n", ret);
5412 			break;
5413 		}
5414 	}
5415 
5416 	return ret;
5417 }
5418 
5419 static int ath10k_config(struct ieee80211_hw *hw, u32 changed)
5420 {
5421 	struct ath10k *ar = hw->priv;
5422 	struct ieee80211_conf *conf = &hw->conf;
5423 	int ret = 0;
5424 
5425 	mutex_lock(&ar->conf_mutex);
5426 
5427 	if (changed & IEEE80211_CONF_CHANGE_PS)
5428 		ath10k_config_ps(ar);
5429 
5430 	if (changed & IEEE80211_CONF_CHANGE_MONITOR) {
5431 		ar->monitor = conf->flags & IEEE80211_CONF_MONITOR;
5432 		ret = ath10k_monitor_recalc(ar);
5433 		if (ret)
5434 			ath10k_warn(ar, "failed to recalc monitor: %d\n", ret);
5435 	}
5436 
5437 	mutex_unlock(&ar->conf_mutex);
5438 	return ret;
5439 }
5440 
5441 static u32 get_nss_from_chainmask(u16 chain_mask)
5442 {
5443 	if ((chain_mask & 0xf) == 0xf)
5444 		return 4;
5445 	else if ((chain_mask & 0x7) == 0x7)
5446 		return 3;
5447 	else if ((chain_mask & 0x3) == 0x3)
5448 		return 2;
5449 	return 1;
5450 }
5451 
5452 static int ath10k_mac_set_txbf_conf(struct ath10k_vif *arvif)
5453 {
5454 	u32 value = 0;
5455 	struct ath10k *ar = arvif->ar;
5456 	int nsts;
5457 	int sound_dim;
5458 
5459 	if (ath10k_wmi_get_txbf_conf_scheme(ar) != WMI_TXBF_CONF_BEFORE_ASSOC)
5460 		return 0;
5461 
5462 	nsts = ath10k_mac_get_vht_cap_bf_sts(ar);
5463 	if (ar->vht_cap_info & (IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE |
5464 				IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE))
5465 		value |= SM(nsts, WMI_TXBF_STS_CAP_OFFSET);
5466 
5467 	sound_dim = ath10k_mac_get_vht_cap_bf_sound_dim(ar);
5468 	if (ar->vht_cap_info & (IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE |
5469 				IEEE80211_VHT_CAP_MU_BEAMFORMER_CAPABLE))
5470 		value |= SM(sound_dim, WMI_BF_SOUND_DIM_OFFSET);
5471 
5472 	if (!value)
5473 		return 0;
5474 
5475 	if (ar->vht_cap_info & IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE)
5476 		value |= WMI_VDEV_PARAM_TXBF_SU_TX_BFER;
5477 
5478 	if (ar->vht_cap_info & IEEE80211_VHT_CAP_MU_BEAMFORMER_CAPABLE)
5479 		value |= (WMI_VDEV_PARAM_TXBF_MU_TX_BFER |
5480 			  WMI_VDEV_PARAM_TXBF_SU_TX_BFER);
5481 
5482 	if (ar->vht_cap_info & IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE)
5483 		value |= WMI_VDEV_PARAM_TXBF_SU_TX_BFEE;
5484 
5485 	if (ar->vht_cap_info & IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE)
5486 		value |= (WMI_VDEV_PARAM_TXBF_MU_TX_BFEE |
5487 			  WMI_VDEV_PARAM_TXBF_SU_TX_BFEE);
5488 
5489 	return ath10k_wmi_vdev_set_param(ar, arvif->vdev_id,
5490 					 ar->wmi.vdev_param->txbf, value);
5491 }
5492 
5493 static void ath10k_update_vif_offload(struct ieee80211_hw *hw,
5494 				      struct ieee80211_vif *vif)
5495 {
5496 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
5497 	struct ath10k *ar = hw->priv;
5498 	u32 vdev_param;
5499 	int ret;
5500 
5501 	if (ath10k_frame_mode != ATH10K_HW_TXRX_ETHERNET ||
5502 	    ar->wmi.vdev_param->tx_encap_type == WMI_VDEV_PARAM_UNSUPPORTED ||
5503 	     (vif->type != NL80211_IFTYPE_STATION &&
5504 	      vif->type != NL80211_IFTYPE_AP))
5505 		vif->offload_flags &= ~IEEE80211_OFFLOAD_ENCAP_ENABLED;
5506 
5507 	vdev_param = ar->wmi.vdev_param->tx_encap_type;
5508 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
5509 					ATH10K_HW_TXRX_NATIVE_WIFI);
5510 	/* 10.X firmware does not support this VDEV parameter. Do not warn */
5511 	if (ret && ret != -EOPNOTSUPP) {
5512 		ath10k_warn(ar, "failed to set vdev %i TX encapsulation: %d\n",
5513 			    arvif->vdev_id, ret);
5514 	}
5515 }
5516 
5517 /*
5518  * TODO:
5519  * Figure out how to handle WMI_VDEV_SUBTYPE_P2P_DEVICE,
5520  * because we will send mgmt frames without CCK. This requirement
5521  * for P2P_FIND/GO_NEG should be handled by checking CCK flag
5522  * in the TX packet.
5523  */
5524 static int ath10k_add_interface(struct ieee80211_hw *hw,
5525 				struct ieee80211_vif *vif)
5526 {
5527 	struct ath10k *ar = hw->priv;
5528 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
5529 	struct ath10k_peer *peer;
5530 	enum wmi_sta_powersave_param param;
5531 	int ret = 0;
5532 	u32 value;
5533 	int bit;
5534 	int i;
5535 	u32 vdev_param;
5536 
5537 	vif->driver_flags |= IEEE80211_VIF_SUPPORTS_UAPSD;
5538 
5539 	mutex_lock(&ar->conf_mutex);
5540 
5541 	memset(arvif, 0, sizeof(*arvif));
5542 	ath10k_mac_txq_init(vif->txq);
5543 
5544 	arvif->ar = ar;
5545 	arvif->vif = vif;
5546 
5547 	INIT_LIST_HEAD(&arvif->list);
5548 	INIT_WORK(&arvif->ap_csa_work, ath10k_mac_vif_ap_csa_work);
5549 	INIT_DELAYED_WORK(&arvif->connection_loss_work,
5550 			  ath10k_mac_vif_sta_connection_loss_work);
5551 
5552 	for (i = 0; i < ARRAY_SIZE(arvif->bitrate_mask.control); i++) {
5553 		arvif->bitrate_mask.control[i].legacy = 0xffffffff;
5554 		memset(arvif->bitrate_mask.control[i].ht_mcs, 0xff,
5555 		       sizeof(arvif->bitrate_mask.control[i].ht_mcs));
5556 		memset(arvif->bitrate_mask.control[i].vht_mcs, 0xff,
5557 		       sizeof(arvif->bitrate_mask.control[i].vht_mcs));
5558 	}
5559 
5560 	if (ar->num_peers >= ar->max_num_peers) {
5561 		ath10k_warn(ar, "refusing vdev creation due to insufficient peer entry resources in firmware\n");
5562 		ret = -ENOBUFS;
5563 		goto err;
5564 	}
5565 
5566 	if (ar->free_vdev_map == 0) {
5567 		ath10k_warn(ar, "Free vdev map is empty, no more interfaces allowed.\n");
5568 		ret = -EBUSY;
5569 		goto err;
5570 	}
5571 	bit = __ffs64(ar->free_vdev_map);
5572 
5573 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac create vdev %i map %llx\n",
5574 		   bit, ar->free_vdev_map);
5575 
5576 	arvif->vdev_id = bit;
5577 	arvif->vdev_subtype =
5578 		ath10k_wmi_get_vdev_subtype(ar, WMI_VDEV_SUBTYPE_NONE);
5579 
5580 	switch (vif->type) {
5581 	case NL80211_IFTYPE_P2P_DEVICE:
5582 		arvif->vdev_type = WMI_VDEV_TYPE_STA;
5583 		arvif->vdev_subtype = ath10k_wmi_get_vdev_subtype
5584 					(ar, WMI_VDEV_SUBTYPE_P2P_DEVICE);
5585 		break;
5586 	case NL80211_IFTYPE_UNSPECIFIED:
5587 	case NL80211_IFTYPE_STATION:
5588 		arvif->vdev_type = WMI_VDEV_TYPE_STA;
5589 		if (vif->p2p)
5590 			arvif->vdev_subtype = ath10k_wmi_get_vdev_subtype
5591 					(ar, WMI_VDEV_SUBTYPE_P2P_CLIENT);
5592 		break;
5593 	case NL80211_IFTYPE_ADHOC:
5594 		arvif->vdev_type = WMI_VDEV_TYPE_IBSS;
5595 		break;
5596 	case NL80211_IFTYPE_MESH_POINT:
5597 		if (test_bit(WMI_SERVICE_MESH_11S, ar->wmi.svc_map)) {
5598 			arvif->vdev_subtype = ath10k_wmi_get_vdev_subtype
5599 						(ar, WMI_VDEV_SUBTYPE_MESH_11S);
5600 		} else if (!test_bit(ATH10K_FLAG_RAW_MODE, &ar->dev_flags)) {
5601 			ret = -EINVAL;
5602 			ath10k_warn(ar, "must load driver with rawmode=1 to add mesh interfaces\n");
5603 			goto err;
5604 		}
5605 		arvif->vdev_type = WMI_VDEV_TYPE_AP;
5606 		break;
5607 	case NL80211_IFTYPE_AP:
5608 		arvif->vdev_type = WMI_VDEV_TYPE_AP;
5609 
5610 		if (vif->p2p)
5611 			arvif->vdev_subtype = ath10k_wmi_get_vdev_subtype
5612 						(ar, WMI_VDEV_SUBTYPE_P2P_GO);
5613 		break;
5614 	case NL80211_IFTYPE_MONITOR:
5615 		arvif->vdev_type = WMI_VDEV_TYPE_MONITOR;
5616 		break;
5617 	default:
5618 		WARN_ON(1);
5619 		break;
5620 	}
5621 
5622 	/* Using vdev_id as queue number will make it very easy to do per-vif
5623 	 * tx queue locking. This shouldn't wrap due to interface combinations
5624 	 * but do a modulo for correctness sake and prevent using offchannel tx
5625 	 * queues for regular vif tx.
5626 	 */
5627 	vif->cab_queue = arvif->vdev_id % (IEEE80211_MAX_QUEUES - 1);
5628 	for (i = 0; i < ARRAY_SIZE(vif->hw_queue); i++)
5629 		vif->hw_queue[i] = arvif->vdev_id % (IEEE80211_MAX_QUEUES - 1);
5630 
5631 	/* Some firmware revisions don't wait for beacon tx completion before
5632 	 * sending another SWBA event. This could lead to hardware using old
5633 	 * (freed) beacon data in some cases, e.g. tx credit starvation
5634 	 * combined with missed TBTT. This is very rare.
5635 	 *
5636 	 * On non-IOMMU-enabled hosts this could be a possible security issue
5637 	 * because hw could beacon some random data on the air.  On
5638 	 * IOMMU-enabled hosts DMAR faults would occur in most cases and target
5639 	 * device would crash.
5640 	 *
5641 	 * Since there are no beacon tx completions (implicit nor explicit)
5642 	 * propagated to host the only workaround for this is to allocate a
5643 	 * DMA-coherent buffer for a lifetime of a vif and use it for all
5644 	 * beacon tx commands. Worst case for this approach is some beacons may
5645 	 * become corrupted, e.g. have garbled IEs or out-of-date TIM bitmap.
5646 	 */
5647 	if (vif->type == NL80211_IFTYPE_ADHOC ||
5648 	    vif->type == NL80211_IFTYPE_MESH_POINT ||
5649 	    vif->type == NL80211_IFTYPE_AP) {
5650 		if (ar->bus_param.dev_type == ATH10K_DEV_TYPE_HL) {
5651 			arvif->beacon_buf = kmalloc(IEEE80211_MAX_FRAME_LEN,
5652 						    GFP_KERNEL);
5653 
5654 			/* Using a kernel pointer in place of a dma_addr_t
5655 			 * token can lead to undefined behavior if that
5656 			 * makes it into cache management functions. Use a
5657 			 * known-invalid address token instead, which
5658 			 * avoids the warning and makes it easier to catch
5659 			 * bugs if it does end up getting used.
5660 			 */
5661 			arvif->beacon_paddr = DMA_MAPPING_ERROR;
5662 		} else {
5663 			arvif->beacon_buf =
5664 				dma_alloc_coherent(ar->dev,
5665 						   IEEE80211_MAX_FRAME_LEN,
5666 						   &arvif->beacon_paddr,
5667 						   GFP_ATOMIC);
5668 		}
5669 		if (!arvif->beacon_buf) {
5670 			ret = -ENOMEM;
5671 			ath10k_warn(ar, "failed to allocate beacon buffer: %d\n",
5672 				    ret);
5673 			goto err;
5674 		}
5675 	}
5676 	if (test_bit(ATH10K_FLAG_HW_CRYPTO_DISABLED, &ar->dev_flags))
5677 		arvif->nohwcrypt = true;
5678 
5679 	if (arvif->nohwcrypt &&
5680 	    !test_bit(ATH10K_FLAG_RAW_MODE, &ar->dev_flags)) {
5681 		ret = -EINVAL;
5682 		ath10k_warn(ar, "cryptmode module param needed for sw crypto\n");
5683 		goto err;
5684 	}
5685 
5686 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev create %d (add interface) type %d subtype %d bcnmode %s\n",
5687 		   arvif->vdev_id, arvif->vdev_type, arvif->vdev_subtype,
5688 		   arvif->beacon_buf ? "single-buf" : "per-skb");
5689 
5690 	ret = ath10k_wmi_vdev_create(ar, arvif->vdev_id, arvif->vdev_type,
5691 				     arvif->vdev_subtype, vif->addr);
5692 	if (ret) {
5693 		ath10k_warn(ar, "failed to create WMI vdev %i: %d\n",
5694 			    arvif->vdev_id, ret);
5695 		goto err;
5696 	}
5697 
5698 	if (test_bit(WMI_SERVICE_VDEV_DISABLE_4_ADDR_SRC_LRN_SUPPORT,
5699 		     ar->wmi.svc_map)) {
5700 		vdev_param = ar->wmi.vdev_param->disable_4addr_src_lrn;
5701 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
5702 						WMI_VDEV_DISABLE_4_ADDR_SRC_LRN);
5703 		if (ret && ret != -EOPNOTSUPP) {
5704 			ath10k_warn(ar, "failed to disable 4addr src lrn vdev %i: %d\n",
5705 				    arvif->vdev_id, ret);
5706 		}
5707 	}
5708 
5709 	ar->free_vdev_map &= ~(1LL << arvif->vdev_id);
5710 	spin_lock_bh(&ar->data_lock);
5711 	list_add(&arvif->list, &ar->arvifs);
5712 	spin_unlock_bh(&ar->data_lock);
5713 
5714 	/* It makes no sense to have firmware do keepalives. mac80211 already
5715 	 * takes care of this with idle connection polling.
5716 	 */
5717 	ret = ath10k_mac_vif_disable_keepalive(arvif);
5718 	if (ret) {
5719 		ath10k_warn(ar, "failed to disable keepalive on vdev %i: %d\n",
5720 			    arvif->vdev_id, ret);
5721 		goto err_vdev_delete;
5722 	}
5723 
5724 	arvif->def_wep_key_idx = -1;
5725 
5726 	ath10k_update_vif_offload(hw, vif);
5727 
5728 	/* Configuring number of spatial stream for monitor interface is causing
5729 	 * target assert in qca9888 and qca6174.
5730 	 */
5731 	if (ar->cfg_tx_chainmask && (vif->type != NL80211_IFTYPE_MONITOR)) {
5732 		u16 nss = get_nss_from_chainmask(ar->cfg_tx_chainmask);
5733 
5734 		vdev_param = ar->wmi.vdev_param->nss;
5735 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
5736 						nss);
5737 		if (ret) {
5738 			ath10k_warn(ar, "failed to set vdev %i chainmask 0x%x, nss %i: %d\n",
5739 				    arvif->vdev_id, ar->cfg_tx_chainmask, nss,
5740 				    ret);
5741 			goto err_vdev_delete;
5742 		}
5743 	}
5744 
5745 	if (arvif->vdev_type == WMI_VDEV_TYPE_AP ||
5746 	    arvif->vdev_type == WMI_VDEV_TYPE_IBSS) {
5747 		ret = ath10k_peer_create(ar, vif, NULL, arvif->vdev_id,
5748 					 vif->addr, WMI_PEER_TYPE_DEFAULT);
5749 		if (ret) {
5750 			ath10k_warn(ar, "failed to create vdev %i peer for AP/IBSS: %d\n",
5751 				    arvif->vdev_id, ret);
5752 			goto err_vdev_delete;
5753 		}
5754 
5755 		spin_lock_bh(&ar->data_lock);
5756 
5757 		peer = ath10k_peer_find(ar, arvif->vdev_id, vif->addr);
5758 		if (!peer) {
5759 			ath10k_warn(ar, "failed to lookup peer %pM on vdev %i\n",
5760 				    vif->addr, arvif->vdev_id);
5761 			spin_unlock_bh(&ar->data_lock);
5762 			ret = -ENOENT;
5763 			goto err_peer_delete;
5764 		}
5765 
5766 		arvif->peer_id = find_first_bit(peer->peer_ids,
5767 						ATH10K_MAX_NUM_PEER_IDS);
5768 
5769 		spin_unlock_bh(&ar->data_lock);
5770 	} else {
5771 		arvif->peer_id = HTT_INVALID_PEERID;
5772 	}
5773 
5774 	if (arvif->vdev_type == WMI_VDEV_TYPE_AP) {
5775 		ret = ath10k_mac_set_kickout(arvif);
5776 		if (ret) {
5777 			ath10k_warn(ar, "failed to set vdev %i kickout parameters: %d\n",
5778 				    arvif->vdev_id, ret);
5779 			goto err_peer_delete;
5780 		}
5781 	}
5782 
5783 	if (arvif->vdev_type == WMI_VDEV_TYPE_STA) {
5784 		param = WMI_STA_PS_PARAM_RX_WAKE_POLICY;
5785 		value = WMI_STA_PS_RX_WAKE_POLICY_WAKE;
5786 		ret = ath10k_wmi_set_sta_ps_param(ar, arvif->vdev_id,
5787 						  param, value);
5788 		if (ret) {
5789 			ath10k_warn(ar, "failed to set vdev %i RX wake policy: %d\n",
5790 				    arvif->vdev_id, ret);
5791 			goto err_peer_delete;
5792 		}
5793 
5794 		ret = ath10k_mac_vif_recalc_ps_wake_threshold(arvif);
5795 		if (ret) {
5796 			ath10k_warn(ar, "failed to recalc ps wake threshold on vdev %i: %d\n",
5797 				    arvif->vdev_id, ret);
5798 			goto err_peer_delete;
5799 		}
5800 
5801 		ret = ath10k_mac_vif_recalc_ps_poll_count(arvif);
5802 		if (ret) {
5803 			ath10k_warn(ar, "failed to recalc ps poll count on vdev %i: %d\n",
5804 				    arvif->vdev_id, ret);
5805 			goto err_peer_delete;
5806 		}
5807 	}
5808 
5809 	ret = ath10k_mac_set_txbf_conf(arvif);
5810 	if (ret) {
5811 		ath10k_warn(ar, "failed to set txbf for vdev %d: %d\n",
5812 			    arvif->vdev_id, ret);
5813 		goto err_peer_delete;
5814 	}
5815 
5816 	ret = ath10k_mac_set_rts(arvif, ar->hw->wiphy->rts_threshold);
5817 	if (ret) {
5818 		ath10k_warn(ar, "failed to set rts threshold for vdev %d: %d\n",
5819 			    arvif->vdev_id, ret);
5820 		goto err_peer_delete;
5821 	}
5822 
5823 	arvif->txpower = vif->bss_conf.txpower;
5824 	ret = ath10k_mac_txpower_recalc(ar);
5825 	if (ret) {
5826 		ath10k_warn(ar, "failed to recalc tx power: %d\n", ret);
5827 		goto err_peer_delete;
5828 	}
5829 
5830 	if (test_bit(WMI_SERVICE_RTT_RESPONDER_ROLE, ar->wmi.svc_map)) {
5831 		vdev_param = ar->wmi.vdev_param->rtt_responder_role;
5832 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
5833 						arvif->ftm_responder);
5834 
5835 		/* It is harmless to not set FTM role. Do not warn */
5836 		if (ret && ret != -EOPNOTSUPP)
5837 			ath10k_warn(ar, "failed to set vdev %i FTM Responder: %d\n",
5838 				    arvif->vdev_id, ret);
5839 	}
5840 
5841 	if (vif->type == NL80211_IFTYPE_MONITOR) {
5842 		ar->monitor_arvif = arvif;
5843 		ret = ath10k_monitor_recalc(ar);
5844 		if (ret) {
5845 			ath10k_warn(ar, "failed to recalc monitor: %d\n", ret);
5846 			goto err_peer_delete;
5847 		}
5848 	}
5849 
5850 	spin_lock_bh(&ar->htt.tx_lock);
5851 	if (!ar->tx_paused)
5852 		ieee80211_wake_queue(ar->hw, arvif->vdev_id);
5853 	spin_unlock_bh(&ar->htt.tx_lock);
5854 
5855 	mutex_unlock(&ar->conf_mutex);
5856 	return 0;
5857 
5858 err_peer_delete:
5859 	if (arvif->vdev_type == WMI_VDEV_TYPE_AP ||
5860 	    arvif->vdev_type == WMI_VDEV_TYPE_IBSS) {
5861 		ath10k_wmi_peer_delete(ar, arvif->vdev_id, vif->addr);
5862 		ath10k_wait_for_peer_delete_done(ar, arvif->vdev_id,
5863 						 vif->addr);
5864 	}
5865 
5866 err_vdev_delete:
5867 	ath10k_wmi_vdev_delete(ar, arvif->vdev_id);
5868 	ar->free_vdev_map |= 1LL << arvif->vdev_id;
5869 	spin_lock_bh(&ar->data_lock);
5870 	list_del(&arvif->list);
5871 	spin_unlock_bh(&ar->data_lock);
5872 
5873 err:
5874 	if (arvif->beacon_buf) {
5875 		if (ar->bus_param.dev_type == ATH10K_DEV_TYPE_HL)
5876 			kfree(arvif->beacon_buf);
5877 		else
5878 			dma_free_coherent(ar->dev, IEEE80211_MAX_FRAME_LEN,
5879 					  arvif->beacon_buf,
5880 					  arvif->beacon_paddr);
5881 		arvif->beacon_buf = NULL;
5882 	}
5883 
5884 	mutex_unlock(&ar->conf_mutex);
5885 
5886 	return ret;
5887 }
5888 
5889 static void ath10k_mac_vif_tx_unlock_all(struct ath10k_vif *arvif)
5890 {
5891 	int i;
5892 
5893 	for (i = 0; i < BITS_PER_LONG; i++)
5894 		ath10k_mac_vif_tx_unlock(arvif, i);
5895 }
5896 
5897 static void ath10k_remove_interface(struct ieee80211_hw *hw,
5898 				    struct ieee80211_vif *vif)
5899 {
5900 	struct ath10k *ar = hw->priv;
5901 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
5902 	struct ath10k_peer *peer;
5903 	unsigned long time_left;
5904 	int ret;
5905 	int i;
5906 
5907 	cancel_work_sync(&arvif->ap_csa_work);
5908 	cancel_delayed_work_sync(&arvif->connection_loss_work);
5909 
5910 	mutex_lock(&ar->conf_mutex);
5911 
5912 	ret = ath10k_spectral_vif_stop(arvif);
5913 	if (ret)
5914 		ath10k_warn(ar, "failed to stop spectral for vdev %i: %d\n",
5915 			    arvif->vdev_id, ret);
5916 
5917 	ar->free_vdev_map |= 1LL << arvif->vdev_id;
5918 	spin_lock_bh(&ar->data_lock);
5919 	list_del(&arvif->list);
5920 	spin_unlock_bh(&ar->data_lock);
5921 
5922 	if (arvif->vdev_type == WMI_VDEV_TYPE_AP ||
5923 	    arvif->vdev_type == WMI_VDEV_TYPE_IBSS) {
5924 		ret = ath10k_wmi_peer_delete(arvif->ar, arvif->vdev_id,
5925 					     vif->addr);
5926 		if (ret)
5927 			ath10k_warn(ar, "failed to submit AP/IBSS self-peer removal on vdev %i: %d\n",
5928 				    arvif->vdev_id, ret);
5929 
5930 		ath10k_wait_for_peer_delete_done(ar, arvif->vdev_id,
5931 						 vif->addr);
5932 		kfree(arvif->u.ap.noa_data);
5933 	}
5934 
5935 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %i delete (remove interface)\n",
5936 		   arvif->vdev_id);
5937 
5938 	ret = ath10k_wmi_vdev_delete(ar, arvif->vdev_id);
5939 	if (ret)
5940 		ath10k_warn(ar, "failed to delete WMI vdev %i: %d\n",
5941 			    arvif->vdev_id, ret);
5942 
5943 	if (test_bit(WMI_SERVICE_SYNC_DELETE_CMDS, ar->wmi.svc_map)) {
5944 		time_left = wait_for_completion_timeout(&ar->vdev_delete_done,
5945 							ATH10K_VDEV_DELETE_TIMEOUT_HZ);
5946 		if (time_left == 0) {
5947 			ath10k_warn(ar, "Timeout in receiving vdev delete response\n");
5948 			goto out;
5949 		}
5950 	}
5951 
5952 	/* Some firmware revisions don't notify host about self-peer removal
5953 	 * until after associated vdev is deleted.
5954 	 */
5955 	if (arvif->vdev_type == WMI_VDEV_TYPE_AP ||
5956 	    arvif->vdev_type == WMI_VDEV_TYPE_IBSS) {
5957 		ret = ath10k_wait_for_peer_deleted(ar, arvif->vdev_id,
5958 						   vif->addr);
5959 		if (ret)
5960 			ath10k_warn(ar, "failed to remove AP self-peer on vdev %i: %d\n",
5961 				    arvif->vdev_id, ret);
5962 
5963 		spin_lock_bh(&ar->data_lock);
5964 		ar->num_peers--;
5965 		spin_unlock_bh(&ar->data_lock);
5966 	}
5967 
5968 	spin_lock_bh(&ar->data_lock);
5969 	for (i = 0; i < ARRAY_SIZE(ar->peer_map); i++) {
5970 		peer = ar->peer_map[i];
5971 		if (!peer)
5972 			continue;
5973 
5974 		if (peer->vif == vif) {
5975 			ath10k_warn(ar, "found vif peer %pM entry on vdev %i after it was supposedly removed\n",
5976 				    vif->addr, arvif->vdev_id);
5977 			peer->vif = NULL;
5978 		}
5979 	}
5980 
5981 	/* Clean this up late, less opportunity for firmware to access
5982 	 * DMA memory we have deleted.
5983 	 */
5984 	ath10k_mac_vif_beacon_cleanup(arvif);
5985 	spin_unlock_bh(&ar->data_lock);
5986 
5987 	ath10k_peer_cleanup(ar, arvif->vdev_id);
5988 	ath10k_mac_txq_unref(ar, vif->txq);
5989 
5990 	if (vif->type == NL80211_IFTYPE_MONITOR) {
5991 		ar->monitor_arvif = NULL;
5992 		ret = ath10k_monitor_recalc(ar);
5993 		if (ret)
5994 			ath10k_warn(ar, "failed to recalc monitor: %d\n", ret);
5995 	}
5996 
5997 	ret = ath10k_mac_txpower_recalc(ar);
5998 	if (ret)
5999 		ath10k_warn(ar, "failed to recalc tx power: %d\n", ret);
6000 
6001 	spin_lock_bh(&ar->htt.tx_lock);
6002 	ath10k_mac_vif_tx_unlock_all(arvif);
6003 	spin_unlock_bh(&ar->htt.tx_lock);
6004 
6005 	ath10k_mac_txq_unref(ar, vif->txq);
6006 
6007 out:
6008 	mutex_unlock(&ar->conf_mutex);
6009 }
6010 
6011 /*
6012  * FIXME: Has to be verified.
6013  */
6014 #define SUPPORTED_FILTERS			\
6015 	(FIF_ALLMULTI |				\
6016 	FIF_CONTROL |				\
6017 	FIF_PSPOLL |				\
6018 	FIF_OTHER_BSS |				\
6019 	FIF_BCN_PRBRESP_PROMISC |		\
6020 	FIF_PROBE_REQ |				\
6021 	FIF_FCSFAIL)
6022 
6023 static void ath10k_configure_filter(struct ieee80211_hw *hw,
6024 				    unsigned int changed_flags,
6025 				    unsigned int *total_flags,
6026 				    u64 multicast)
6027 {
6028 	struct ath10k *ar = hw->priv;
6029 	int ret;
6030 	unsigned int supported = SUPPORTED_FILTERS;
6031 
6032 	mutex_lock(&ar->conf_mutex);
6033 
6034 	if (ar->hw_params.mcast_frame_registration)
6035 		supported |= FIF_MCAST_ACTION;
6036 
6037 	*total_flags &= supported;
6038 
6039 	ar->filter_flags = *total_flags;
6040 
6041 	ret = ath10k_monitor_recalc(ar);
6042 	if (ret)
6043 		ath10k_warn(ar, "failed to recalc monitor: %d\n", ret);
6044 
6045 	mutex_unlock(&ar->conf_mutex);
6046 }
6047 
6048 static void ath10k_recalculate_mgmt_rate(struct ath10k *ar,
6049 					 struct ieee80211_vif *vif,
6050 					 struct cfg80211_chan_def *def)
6051 {
6052 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
6053 	const struct ieee80211_supported_band *sband;
6054 	u8 basic_rate_idx;
6055 	int hw_rate_code;
6056 	u32 vdev_param;
6057 	u16 bitrate;
6058 	int ret;
6059 
6060 	lockdep_assert_held(&ar->conf_mutex);
6061 
6062 	sband = ar->hw->wiphy->bands[def->chan->band];
6063 	basic_rate_idx = ffs(vif->bss_conf.basic_rates) - 1;
6064 	bitrate = sband->bitrates[basic_rate_idx].bitrate;
6065 
6066 	hw_rate_code = ath10k_mac_get_rate_hw_value(bitrate);
6067 	if (hw_rate_code < 0) {
6068 		ath10k_warn(ar, "bitrate not supported %d\n", bitrate);
6069 		return;
6070 	}
6071 
6072 	vdev_param = ar->wmi.vdev_param->mgmt_rate;
6073 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
6074 					hw_rate_code);
6075 	if (ret)
6076 		ath10k_warn(ar, "failed to set mgmt tx rate %d\n", ret);
6077 }
6078 
6079 static void ath10k_bss_info_changed(struct ieee80211_hw *hw,
6080 				    struct ieee80211_vif *vif,
6081 				    struct ieee80211_bss_conf *info,
6082 				    u64 changed)
6083 {
6084 	struct ath10k *ar = hw->priv;
6085 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
6086 	struct cfg80211_chan_def def;
6087 	u32 vdev_param, pdev_param, slottime, preamble;
6088 	u16 bitrate, hw_value;
6089 	u8 rate, rateidx;
6090 	int ret = 0, mcast_rate;
6091 	enum nl80211_band band;
6092 
6093 	mutex_lock(&ar->conf_mutex);
6094 
6095 	if (changed & BSS_CHANGED_IBSS)
6096 		ath10k_control_ibss(arvif, vif);
6097 
6098 	if (changed & BSS_CHANGED_BEACON_INT) {
6099 		arvif->beacon_interval = info->beacon_int;
6100 		vdev_param = ar->wmi.vdev_param->beacon_interval;
6101 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
6102 						arvif->beacon_interval);
6103 		ath10k_dbg(ar, ATH10K_DBG_MAC,
6104 			   "mac vdev %d beacon_interval %d\n",
6105 			   arvif->vdev_id, arvif->beacon_interval);
6106 
6107 		if (ret)
6108 			ath10k_warn(ar, "failed to set beacon interval for vdev %d: %i\n",
6109 				    arvif->vdev_id, ret);
6110 	}
6111 
6112 	if (changed & BSS_CHANGED_BEACON) {
6113 		ath10k_dbg(ar, ATH10K_DBG_MAC,
6114 			   "vdev %d set beacon tx mode to staggered\n",
6115 			   arvif->vdev_id);
6116 
6117 		pdev_param = ar->wmi.pdev_param->beacon_tx_mode;
6118 		ret = ath10k_wmi_pdev_set_param(ar, pdev_param,
6119 						WMI_BEACON_STAGGERED_MODE);
6120 		if (ret)
6121 			ath10k_warn(ar, "failed to set beacon mode for vdev %d: %i\n",
6122 				    arvif->vdev_id, ret);
6123 
6124 		ret = ath10k_mac_setup_bcn_tmpl(arvif);
6125 		if (ret)
6126 			ath10k_warn(ar, "failed to update beacon template: %d\n",
6127 				    ret);
6128 
6129 		if (ieee80211_vif_is_mesh(vif)) {
6130 			/* mesh doesn't use SSID but firmware needs it */
6131 			arvif->u.ap.ssid_len = 4;
6132 			memcpy(arvif->u.ap.ssid, "mesh", arvif->u.ap.ssid_len);
6133 		}
6134 	}
6135 
6136 	if (changed & BSS_CHANGED_AP_PROBE_RESP) {
6137 		ret = ath10k_mac_setup_prb_tmpl(arvif);
6138 		if (ret)
6139 			ath10k_warn(ar, "failed to setup probe resp template on vdev %i: %d\n",
6140 				    arvif->vdev_id, ret);
6141 	}
6142 
6143 	if (changed & (BSS_CHANGED_BEACON_INFO | BSS_CHANGED_BEACON)) {
6144 		arvif->dtim_period = info->dtim_period;
6145 
6146 		ath10k_dbg(ar, ATH10K_DBG_MAC,
6147 			   "mac vdev %d dtim_period %d\n",
6148 			   arvif->vdev_id, arvif->dtim_period);
6149 
6150 		vdev_param = ar->wmi.vdev_param->dtim_period;
6151 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
6152 						arvif->dtim_period);
6153 		if (ret)
6154 			ath10k_warn(ar, "failed to set dtim period for vdev %d: %i\n",
6155 				    arvif->vdev_id, ret);
6156 	}
6157 
6158 	if (changed & BSS_CHANGED_SSID &&
6159 	    vif->type == NL80211_IFTYPE_AP) {
6160 		arvif->u.ap.ssid_len = vif->cfg.ssid_len;
6161 		if (vif->cfg.ssid_len)
6162 			memcpy(arvif->u.ap.ssid, vif->cfg.ssid,
6163 			       vif->cfg.ssid_len);
6164 		arvif->u.ap.hidden_ssid = info->hidden_ssid;
6165 	}
6166 
6167 	if (changed & BSS_CHANGED_BSSID && !is_zero_ether_addr(info->bssid))
6168 		ether_addr_copy(arvif->bssid, info->bssid);
6169 
6170 	if (changed & BSS_CHANGED_FTM_RESPONDER &&
6171 	    arvif->ftm_responder != info->ftm_responder &&
6172 	    test_bit(WMI_SERVICE_RTT_RESPONDER_ROLE, ar->wmi.svc_map)) {
6173 		arvif->ftm_responder = info->ftm_responder;
6174 
6175 		vdev_param = ar->wmi.vdev_param->rtt_responder_role;
6176 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
6177 						arvif->ftm_responder);
6178 
6179 		ath10k_dbg(ar, ATH10K_DBG_MAC,
6180 			   "mac vdev %d ftm_responder %d:ret %d\n",
6181 			   arvif->vdev_id, arvif->ftm_responder, ret);
6182 	}
6183 
6184 	if (changed & BSS_CHANGED_BEACON_ENABLED)
6185 		ath10k_control_beaconing(arvif, info);
6186 
6187 	if (changed & BSS_CHANGED_ERP_CTS_PROT) {
6188 		arvif->use_cts_prot = info->use_cts_prot;
6189 
6190 		ret = ath10k_recalc_rtscts_prot(arvif);
6191 		if (ret)
6192 			ath10k_warn(ar, "failed to recalculate rts/cts prot for vdev %d: %d\n",
6193 				    arvif->vdev_id, ret);
6194 
6195 		if (ath10k_mac_can_set_cts_prot(arvif)) {
6196 			ret = ath10k_mac_set_cts_prot(arvif);
6197 			if (ret)
6198 				ath10k_warn(ar, "failed to set cts protection for vdev %d: %d\n",
6199 					    arvif->vdev_id, ret);
6200 		}
6201 	}
6202 
6203 	if (changed & BSS_CHANGED_ERP_SLOT) {
6204 		if (info->use_short_slot)
6205 			slottime = WMI_VDEV_SLOT_TIME_SHORT; /* 9us */
6206 
6207 		else
6208 			slottime = WMI_VDEV_SLOT_TIME_LONG; /* 20us */
6209 
6210 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %d slot_time %d\n",
6211 			   arvif->vdev_id, slottime);
6212 
6213 		vdev_param = ar->wmi.vdev_param->slot_time;
6214 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
6215 						slottime);
6216 		if (ret)
6217 			ath10k_warn(ar, "failed to set erp slot for vdev %d: %i\n",
6218 				    arvif->vdev_id, ret);
6219 	}
6220 
6221 	if (changed & BSS_CHANGED_ERP_PREAMBLE) {
6222 		if (info->use_short_preamble)
6223 			preamble = WMI_VDEV_PREAMBLE_SHORT;
6224 		else
6225 			preamble = WMI_VDEV_PREAMBLE_LONG;
6226 
6227 		ath10k_dbg(ar, ATH10K_DBG_MAC,
6228 			   "mac vdev %d preamble %dn",
6229 			   arvif->vdev_id, preamble);
6230 
6231 		vdev_param = ar->wmi.vdev_param->preamble;
6232 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
6233 						preamble);
6234 		if (ret)
6235 			ath10k_warn(ar, "failed to set preamble for vdev %d: %i\n",
6236 				    arvif->vdev_id, ret);
6237 	}
6238 
6239 	if (changed & BSS_CHANGED_ASSOC) {
6240 		if (vif->cfg.assoc) {
6241 			/* Workaround: Make sure monitor vdev is not running
6242 			 * when associating to prevent some firmware revisions
6243 			 * (e.g. 10.1 and 10.2) from crashing.
6244 			 */
6245 			if (ar->monitor_started)
6246 				ath10k_monitor_stop(ar);
6247 			ath10k_bss_assoc(hw, vif, info);
6248 			ath10k_monitor_recalc(ar);
6249 		} else {
6250 			ath10k_bss_disassoc(hw, vif);
6251 		}
6252 	}
6253 
6254 	if (changed & BSS_CHANGED_TXPOWER) {
6255 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev_id %i txpower %d\n",
6256 			   arvif->vdev_id, info->txpower);
6257 
6258 		arvif->txpower = info->txpower;
6259 		ret = ath10k_mac_txpower_recalc(ar);
6260 		if (ret)
6261 			ath10k_warn(ar, "failed to recalc tx power: %d\n", ret);
6262 	}
6263 
6264 	if (changed & BSS_CHANGED_PS) {
6265 		arvif->ps = vif->cfg.ps;
6266 
6267 		ret = ath10k_config_ps(ar);
6268 		if (ret)
6269 			ath10k_warn(ar, "failed to setup ps on vdev %i: %d\n",
6270 				    arvif->vdev_id, ret);
6271 	}
6272 
6273 	if (changed & BSS_CHANGED_MCAST_RATE &&
6274 	    !ath10k_mac_vif_chan(arvif->vif, &def)) {
6275 		band = def.chan->band;
6276 		mcast_rate = vif->bss_conf.mcast_rate[band];
6277 		if (mcast_rate > 0)
6278 			rateidx = mcast_rate - 1;
6279 		else
6280 			rateidx = ffs(vif->bss_conf.basic_rates) - 1;
6281 
6282 		if (ar->phy_capability & WHAL_WLAN_11A_CAPABILITY)
6283 			rateidx += ATH10K_MAC_FIRST_OFDM_RATE_IDX;
6284 
6285 		bitrate = ath10k_wmi_legacy_rates[rateidx].bitrate;
6286 		hw_value = ath10k_wmi_legacy_rates[rateidx].hw_value;
6287 		if (ath10k_mac_bitrate_is_cck(bitrate))
6288 			preamble = WMI_RATE_PREAMBLE_CCK;
6289 		else
6290 			preamble = WMI_RATE_PREAMBLE_OFDM;
6291 
6292 		rate = ATH10K_HW_RATECODE(hw_value, 0, preamble);
6293 
6294 		ath10k_dbg(ar, ATH10K_DBG_MAC,
6295 			   "mac vdev %d mcast_rate %x\n",
6296 			   arvif->vdev_id, rate);
6297 
6298 		vdev_param = ar->wmi.vdev_param->mcast_data_rate;
6299 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id,
6300 						vdev_param, rate);
6301 		if (ret)
6302 			ath10k_warn(ar,
6303 				    "failed to set mcast rate on vdev %i: %d\n",
6304 				    arvif->vdev_id,  ret);
6305 
6306 		vdev_param = ar->wmi.vdev_param->bcast_data_rate;
6307 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id,
6308 						vdev_param, rate);
6309 		if (ret)
6310 			ath10k_warn(ar,
6311 				    "failed to set bcast rate on vdev %i: %d\n",
6312 				    arvif->vdev_id,  ret);
6313 	}
6314 
6315 	if (changed & BSS_CHANGED_BASIC_RATES &&
6316 	    !ath10k_mac_vif_chan(arvif->vif, &def))
6317 		ath10k_recalculate_mgmt_rate(ar, vif, &def);
6318 
6319 	mutex_unlock(&ar->conf_mutex);
6320 }
6321 
6322 static void ath10k_mac_op_set_coverage_class(struct ieee80211_hw *hw, s16 value)
6323 {
6324 	struct ath10k *ar = hw->priv;
6325 
6326 	/* This function should never be called if setting the coverage class
6327 	 * is not supported on this hardware.
6328 	 */
6329 	if (!ar->hw_params.hw_ops->set_coverage_class) {
6330 		WARN_ON_ONCE(1);
6331 		return;
6332 	}
6333 	ar->hw_params.hw_ops->set_coverage_class(ar, value);
6334 }
6335 
6336 struct ath10k_mac_tdls_iter_data {
6337 	u32 num_tdls_stations;
6338 	struct ieee80211_vif *curr_vif;
6339 };
6340 
6341 static void ath10k_mac_tdls_vif_stations_count_iter(void *data,
6342 						    struct ieee80211_sta *sta)
6343 {
6344 	struct ath10k_mac_tdls_iter_data *iter_data = data;
6345 	struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
6346 	struct ieee80211_vif *sta_vif = arsta->arvif->vif;
6347 
6348 	if (sta->tdls && sta_vif == iter_data->curr_vif)
6349 		iter_data->num_tdls_stations++;
6350 }
6351 
6352 static int ath10k_mac_tdls_vif_stations_count(struct ieee80211_hw *hw,
6353 					      struct ieee80211_vif *vif)
6354 {
6355 	struct ath10k_mac_tdls_iter_data data = {};
6356 
6357 	data.curr_vif = vif;
6358 
6359 	ieee80211_iterate_stations_atomic(hw,
6360 					  ath10k_mac_tdls_vif_stations_count_iter,
6361 					  &data);
6362 	return data.num_tdls_stations;
6363 }
6364 
6365 static int ath10k_hw_scan(struct ieee80211_hw *hw,
6366 			  struct ieee80211_vif *vif,
6367 			  struct ieee80211_scan_request *hw_req)
6368 {
6369 	struct ath10k *ar = hw->priv;
6370 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
6371 	struct cfg80211_scan_request *req = &hw_req->req;
6372 	struct wmi_start_scan_arg *arg = NULL;
6373 	int ret = 0;
6374 	int i;
6375 	u32 scan_timeout;
6376 
6377 	mutex_lock(&ar->conf_mutex);
6378 
6379 	if (ath10k_mac_tdls_vif_stations_count(hw, vif) > 0) {
6380 		ret = -EBUSY;
6381 		goto exit;
6382 	}
6383 
6384 	spin_lock_bh(&ar->data_lock);
6385 	switch (ar->scan.state) {
6386 	case ATH10K_SCAN_IDLE:
6387 		reinit_completion(&ar->scan.started);
6388 		reinit_completion(&ar->scan.completed);
6389 		ar->scan.state = ATH10K_SCAN_STARTING;
6390 		ar->scan.is_roc = false;
6391 		ar->scan.vdev_id = arvif->vdev_id;
6392 		ret = 0;
6393 		break;
6394 	case ATH10K_SCAN_STARTING:
6395 	case ATH10K_SCAN_RUNNING:
6396 	case ATH10K_SCAN_ABORTING:
6397 		ret = -EBUSY;
6398 		break;
6399 	}
6400 	spin_unlock_bh(&ar->data_lock);
6401 
6402 	if (ret)
6403 		goto exit;
6404 
6405 	arg = kzalloc(sizeof(*arg), GFP_KERNEL);
6406 	if (!arg) {
6407 		ret = -ENOMEM;
6408 		goto exit;
6409 	}
6410 
6411 	ath10k_wmi_start_scan_init(ar, arg);
6412 	arg->vdev_id = arvif->vdev_id;
6413 	arg->scan_id = ATH10K_SCAN_ID;
6414 
6415 	if (req->ie_len) {
6416 		arg->ie_len = req->ie_len;
6417 		memcpy(arg->ie, req->ie, arg->ie_len);
6418 	}
6419 
6420 	if (req->n_ssids) {
6421 		arg->n_ssids = req->n_ssids;
6422 		for (i = 0; i < arg->n_ssids; i++) {
6423 			arg->ssids[i].len  = req->ssids[i].ssid_len;
6424 			arg->ssids[i].ssid = req->ssids[i].ssid;
6425 		}
6426 	} else {
6427 		arg->scan_ctrl_flags |= WMI_SCAN_FLAG_PASSIVE;
6428 	}
6429 
6430 	if (req->flags & NL80211_SCAN_FLAG_RANDOM_ADDR) {
6431 		arg->scan_ctrl_flags |=  WMI_SCAN_ADD_SPOOFED_MAC_IN_PROBE_REQ;
6432 		ether_addr_copy(arg->mac_addr.addr, req->mac_addr);
6433 		ether_addr_copy(arg->mac_mask.addr, req->mac_addr_mask);
6434 	}
6435 
6436 	if (req->n_channels) {
6437 		arg->n_channels = req->n_channels;
6438 		for (i = 0; i < arg->n_channels; i++)
6439 			arg->channels[i] = req->channels[i]->center_freq;
6440 	}
6441 
6442 	/* if duration is set, default dwell times will be overwritten */
6443 	if (req->duration) {
6444 		arg->dwell_time_active = req->duration;
6445 		arg->dwell_time_passive = req->duration;
6446 		arg->burst_duration_ms = req->duration;
6447 
6448 		scan_timeout = min_t(u32, arg->max_rest_time *
6449 				(arg->n_channels - 1) + (req->duration +
6450 				ATH10K_SCAN_CHANNEL_SWITCH_WMI_EVT_OVERHEAD) *
6451 				arg->n_channels, arg->max_scan_time);
6452 	} else {
6453 		scan_timeout = arg->max_scan_time;
6454 	}
6455 
6456 	/* Add a 200ms margin to account for event/command processing */
6457 	scan_timeout += 200;
6458 
6459 	ret = ath10k_start_scan(ar, arg);
6460 	if (ret) {
6461 		ath10k_warn(ar, "failed to start hw scan: %d\n", ret);
6462 		spin_lock_bh(&ar->data_lock);
6463 		ar->scan.state = ATH10K_SCAN_IDLE;
6464 		spin_unlock_bh(&ar->data_lock);
6465 	}
6466 
6467 	ieee80211_queue_delayed_work(ar->hw, &ar->scan.timeout,
6468 				     msecs_to_jiffies(scan_timeout));
6469 
6470 exit:
6471 	kfree(arg);
6472 
6473 	mutex_unlock(&ar->conf_mutex);
6474 	return ret;
6475 }
6476 
6477 static void ath10k_cancel_hw_scan(struct ieee80211_hw *hw,
6478 				  struct ieee80211_vif *vif)
6479 {
6480 	struct ath10k *ar = hw->priv;
6481 
6482 	mutex_lock(&ar->conf_mutex);
6483 	ath10k_scan_abort(ar);
6484 	mutex_unlock(&ar->conf_mutex);
6485 
6486 	cancel_delayed_work_sync(&ar->scan.timeout);
6487 }
6488 
6489 static void ath10k_set_key_h_def_keyidx(struct ath10k *ar,
6490 					struct ath10k_vif *arvif,
6491 					enum set_key_cmd cmd,
6492 					struct ieee80211_key_conf *key)
6493 {
6494 	u32 vdev_param = arvif->ar->wmi.vdev_param->def_keyid;
6495 	int ret;
6496 
6497 	/* 10.1 firmware branch requires default key index to be set to group
6498 	 * key index after installing it. Otherwise FW/HW Txes corrupted
6499 	 * frames with multi-vif APs. This is not required for main firmware
6500 	 * branch (e.g. 636).
6501 	 *
6502 	 * This is also needed for 636 fw for IBSS-RSN to work more reliably.
6503 	 *
6504 	 * FIXME: It remains unknown if this is required for multi-vif STA
6505 	 * interfaces on 10.1.
6506 	 */
6507 
6508 	if (arvif->vdev_type != WMI_VDEV_TYPE_AP &&
6509 	    arvif->vdev_type != WMI_VDEV_TYPE_IBSS)
6510 		return;
6511 
6512 	if (key->cipher == WLAN_CIPHER_SUITE_WEP40)
6513 		return;
6514 
6515 	if (key->cipher == WLAN_CIPHER_SUITE_WEP104)
6516 		return;
6517 
6518 	if (key->flags & IEEE80211_KEY_FLAG_PAIRWISE)
6519 		return;
6520 
6521 	if (cmd != SET_KEY)
6522 		return;
6523 
6524 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
6525 					key->keyidx);
6526 	if (ret)
6527 		ath10k_warn(ar, "failed to set vdev %i group key as default key: %d\n",
6528 			    arvif->vdev_id, ret);
6529 }
6530 
6531 static int ath10k_set_key(struct ieee80211_hw *hw, enum set_key_cmd cmd,
6532 			  struct ieee80211_vif *vif, struct ieee80211_sta *sta,
6533 			  struct ieee80211_key_conf *key)
6534 {
6535 	struct ath10k *ar = hw->priv;
6536 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
6537 	struct ath10k_sta *arsta;
6538 	struct ath10k_peer *peer;
6539 	const u8 *peer_addr;
6540 	bool is_wep = key->cipher == WLAN_CIPHER_SUITE_WEP40 ||
6541 		      key->cipher == WLAN_CIPHER_SUITE_WEP104;
6542 	int ret = 0;
6543 	int ret2;
6544 	u32 flags = 0;
6545 	u32 flags2;
6546 
6547 	/* this one needs to be done in software */
6548 	if (key->cipher == WLAN_CIPHER_SUITE_AES_CMAC ||
6549 	    key->cipher == WLAN_CIPHER_SUITE_BIP_GMAC_128 ||
6550 	    key->cipher == WLAN_CIPHER_SUITE_BIP_GMAC_256 ||
6551 	    key->cipher == WLAN_CIPHER_SUITE_BIP_CMAC_256)
6552 		return 1;
6553 
6554 	if (arvif->nohwcrypt)
6555 		return 1;
6556 
6557 	if (key->keyidx > WMI_MAX_KEY_INDEX)
6558 		return -ENOSPC;
6559 
6560 	mutex_lock(&ar->conf_mutex);
6561 
6562 	if (sta) {
6563 		arsta = (struct ath10k_sta *)sta->drv_priv;
6564 		peer_addr = sta->addr;
6565 		spin_lock_bh(&ar->data_lock);
6566 		arsta->ucast_cipher = key->cipher;
6567 		spin_unlock_bh(&ar->data_lock);
6568 	} else if (arvif->vdev_type == WMI_VDEV_TYPE_STA) {
6569 		peer_addr = vif->bss_conf.bssid;
6570 	} else {
6571 		peer_addr = vif->addr;
6572 	}
6573 
6574 	key->hw_key_idx = key->keyidx;
6575 
6576 	if (is_wep) {
6577 		if (cmd == SET_KEY)
6578 			arvif->wep_keys[key->keyidx] = key;
6579 		else
6580 			arvif->wep_keys[key->keyidx] = NULL;
6581 	}
6582 
6583 	/* the peer should not disappear in mid-way (unless FW goes awry) since
6584 	 * we already hold conf_mutex. we just make sure its there now.
6585 	 */
6586 	spin_lock_bh(&ar->data_lock);
6587 	peer = ath10k_peer_find(ar, arvif->vdev_id, peer_addr);
6588 	spin_unlock_bh(&ar->data_lock);
6589 
6590 	if (!peer) {
6591 		if (cmd == SET_KEY) {
6592 			ath10k_warn(ar, "failed to install key for non-existent peer %pM\n",
6593 				    peer_addr);
6594 			ret = -EOPNOTSUPP;
6595 			goto exit;
6596 		} else {
6597 			/* if the peer doesn't exist there is no key to disable anymore */
6598 			goto exit;
6599 		}
6600 	}
6601 
6602 	if (key->flags & IEEE80211_KEY_FLAG_PAIRWISE)
6603 		flags |= WMI_KEY_PAIRWISE;
6604 	else
6605 		flags |= WMI_KEY_GROUP;
6606 
6607 	if (is_wep) {
6608 		if (cmd == DISABLE_KEY)
6609 			ath10k_clear_vdev_key(arvif, key);
6610 
6611 		/* When WEP keys are uploaded it's possible that there are
6612 		 * stations associated already (e.g. when merging) without any
6613 		 * keys. Static WEP needs an explicit per-peer key upload.
6614 		 */
6615 		if (vif->type == NL80211_IFTYPE_ADHOC &&
6616 		    cmd == SET_KEY)
6617 			ath10k_mac_vif_update_wep_key(arvif, key);
6618 
6619 		/* 802.1x never sets the def_wep_key_idx so each set_key()
6620 		 * call changes default tx key.
6621 		 *
6622 		 * Static WEP sets def_wep_key_idx via .set_default_unicast_key
6623 		 * after first set_key().
6624 		 */
6625 		if (cmd == SET_KEY && arvif->def_wep_key_idx == -1)
6626 			flags |= WMI_KEY_TX_USAGE;
6627 	}
6628 
6629 	ret = ath10k_install_key(arvif, key, cmd, peer_addr, flags);
6630 	if (ret) {
6631 		WARN_ON(ret > 0);
6632 		ath10k_warn(ar, "failed to install key for vdev %i peer %pM: %d\n",
6633 			    arvif->vdev_id, peer_addr, ret);
6634 		goto exit;
6635 	}
6636 
6637 	/* mac80211 sets static WEP keys as groupwise while firmware requires
6638 	 * them to be installed twice as both pairwise and groupwise.
6639 	 */
6640 	if (is_wep && !sta && vif->type == NL80211_IFTYPE_STATION) {
6641 		flags2 = flags;
6642 		flags2 &= ~WMI_KEY_GROUP;
6643 		flags2 |= WMI_KEY_PAIRWISE;
6644 
6645 		ret = ath10k_install_key(arvif, key, cmd, peer_addr, flags2);
6646 		if (ret) {
6647 			WARN_ON(ret > 0);
6648 			ath10k_warn(ar, "failed to install (ucast) key for vdev %i peer %pM: %d\n",
6649 				    arvif->vdev_id, peer_addr, ret);
6650 			ret2 = ath10k_install_key(arvif, key, DISABLE_KEY,
6651 						  peer_addr, flags);
6652 			if (ret2) {
6653 				WARN_ON(ret2 > 0);
6654 				ath10k_warn(ar, "failed to disable (mcast) key for vdev %i peer %pM: %d\n",
6655 					    arvif->vdev_id, peer_addr, ret2);
6656 			}
6657 			goto exit;
6658 		}
6659 	}
6660 
6661 	ath10k_set_key_h_def_keyidx(ar, arvif, cmd, key);
6662 
6663 	spin_lock_bh(&ar->data_lock);
6664 	peer = ath10k_peer_find(ar, arvif->vdev_id, peer_addr);
6665 	if (peer && cmd == SET_KEY)
6666 		peer->keys[key->keyidx] = key;
6667 	else if (peer && cmd == DISABLE_KEY)
6668 		peer->keys[key->keyidx] = NULL;
6669 	else if (peer == NULL)
6670 		/* impossible unless FW goes crazy */
6671 		ath10k_warn(ar, "Peer %pM disappeared!\n", peer_addr);
6672 	spin_unlock_bh(&ar->data_lock);
6673 
6674 	if (sta && sta->tdls)
6675 		ath10k_wmi_peer_set_param(ar, arvif->vdev_id, sta->addr,
6676 					  ar->wmi.peer_param->authorize, 1);
6677 	else if (sta && cmd == SET_KEY && (key->flags & IEEE80211_KEY_FLAG_PAIRWISE))
6678 		ath10k_wmi_peer_set_param(ar, arvif->vdev_id, peer_addr,
6679 					  ar->wmi.peer_param->authorize, 1);
6680 
6681 exit:
6682 	mutex_unlock(&ar->conf_mutex);
6683 	return ret;
6684 }
6685 
6686 static void ath10k_set_default_unicast_key(struct ieee80211_hw *hw,
6687 					   struct ieee80211_vif *vif,
6688 					   int keyidx)
6689 {
6690 	struct ath10k *ar = hw->priv;
6691 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
6692 	int ret;
6693 
6694 	mutex_lock(&arvif->ar->conf_mutex);
6695 
6696 	if (arvif->ar->state != ATH10K_STATE_ON)
6697 		goto unlock;
6698 
6699 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %d set keyidx %d\n",
6700 		   arvif->vdev_id, keyidx);
6701 
6702 	ret = ath10k_wmi_vdev_set_param(arvif->ar,
6703 					arvif->vdev_id,
6704 					arvif->ar->wmi.vdev_param->def_keyid,
6705 					keyidx);
6706 
6707 	if (ret) {
6708 		ath10k_warn(ar, "failed to update wep key index for vdev %d: %d\n",
6709 			    arvif->vdev_id,
6710 			    ret);
6711 		goto unlock;
6712 	}
6713 
6714 	arvif->def_wep_key_idx = keyidx;
6715 
6716 unlock:
6717 	mutex_unlock(&arvif->ar->conf_mutex);
6718 }
6719 
6720 static void ath10k_sta_rc_update_wk(struct work_struct *wk)
6721 {
6722 	struct ath10k *ar;
6723 	struct ath10k_vif *arvif;
6724 	struct ath10k_sta *arsta;
6725 	struct ieee80211_sta *sta;
6726 	struct cfg80211_chan_def def;
6727 	enum nl80211_band band;
6728 	const u8 *ht_mcs_mask;
6729 	const u16 *vht_mcs_mask;
6730 	u32 changed, bw, nss, smps;
6731 	int err;
6732 
6733 	arsta = container_of(wk, struct ath10k_sta, update_wk);
6734 	sta = container_of((void *)arsta, struct ieee80211_sta, drv_priv);
6735 	arvif = arsta->arvif;
6736 	ar = arvif->ar;
6737 
6738 	if (WARN_ON(ath10k_mac_vif_chan(arvif->vif, &def)))
6739 		return;
6740 
6741 	band = def.chan->band;
6742 	ht_mcs_mask = arvif->bitrate_mask.control[band].ht_mcs;
6743 	vht_mcs_mask = arvif->bitrate_mask.control[band].vht_mcs;
6744 
6745 	spin_lock_bh(&ar->data_lock);
6746 
6747 	changed = arsta->changed;
6748 	arsta->changed = 0;
6749 
6750 	bw = arsta->bw;
6751 	nss = arsta->nss;
6752 	smps = arsta->smps;
6753 
6754 	spin_unlock_bh(&ar->data_lock);
6755 
6756 	mutex_lock(&ar->conf_mutex);
6757 
6758 	nss = max_t(u32, 1, nss);
6759 	nss = min(nss, max(ath10k_mac_max_ht_nss(ht_mcs_mask),
6760 			   ath10k_mac_max_vht_nss(vht_mcs_mask)));
6761 
6762 	if (changed & IEEE80211_RC_BW_CHANGED) {
6763 		enum wmi_phy_mode mode;
6764 
6765 		mode = chan_to_phymode(&def);
6766 		ath10k_dbg(ar, ATH10K_DBG_STA, "mac update sta %pM peer bw %d phymode %d\n",
6767 			   sta->addr, bw, mode);
6768 
6769 		err = ath10k_wmi_peer_set_param(ar, arvif->vdev_id, sta->addr,
6770 						ar->wmi.peer_param->phymode, mode);
6771 		if (err) {
6772 			ath10k_warn(ar, "failed to update STA %pM peer phymode %d: %d\n",
6773 				    sta->addr, mode, err);
6774 			goto exit;
6775 		}
6776 
6777 		err = ath10k_wmi_peer_set_param(ar, arvif->vdev_id, sta->addr,
6778 						ar->wmi.peer_param->chan_width, bw);
6779 		if (err)
6780 			ath10k_warn(ar, "failed to update STA %pM peer bw %d: %d\n",
6781 				    sta->addr, bw, err);
6782 	}
6783 
6784 	if (changed & IEEE80211_RC_NSS_CHANGED) {
6785 		ath10k_dbg(ar, ATH10K_DBG_STA, "mac update sta %pM nss %d\n",
6786 			   sta->addr, nss);
6787 
6788 		err = ath10k_wmi_peer_set_param(ar, arvif->vdev_id, sta->addr,
6789 						ar->wmi.peer_param->nss, nss);
6790 		if (err)
6791 			ath10k_warn(ar, "failed to update STA %pM nss %d: %d\n",
6792 				    sta->addr, nss, err);
6793 	}
6794 
6795 	if (changed & IEEE80211_RC_SMPS_CHANGED) {
6796 		ath10k_dbg(ar, ATH10K_DBG_STA, "mac update sta %pM smps %d\n",
6797 			   sta->addr, smps);
6798 
6799 		err = ath10k_wmi_peer_set_param(ar, arvif->vdev_id, sta->addr,
6800 						ar->wmi.peer_param->smps_state, smps);
6801 		if (err)
6802 			ath10k_warn(ar, "failed to update STA %pM smps %d: %d\n",
6803 				    sta->addr, smps, err);
6804 	}
6805 
6806 	if (changed & IEEE80211_RC_SUPP_RATES_CHANGED) {
6807 		ath10k_dbg(ar, ATH10K_DBG_STA, "mac update sta %pM supp rates\n",
6808 			   sta->addr);
6809 
6810 		err = ath10k_station_assoc(ar, arvif->vif, sta, true);
6811 		if (err)
6812 			ath10k_warn(ar, "failed to reassociate station: %pM\n",
6813 				    sta->addr);
6814 	}
6815 
6816 exit:
6817 	mutex_unlock(&ar->conf_mutex);
6818 }
6819 
6820 static int ath10k_mac_inc_num_stations(struct ath10k_vif *arvif,
6821 				       struct ieee80211_sta *sta)
6822 {
6823 	struct ath10k *ar = arvif->ar;
6824 
6825 	lockdep_assert_held(&ar->conf_mutex);
6826 
6827 	if (arvif->vdev_type == WMI_VDEV_TYPE_STA && !sta->tdls)
6828 		return 0;
6829 
6830 	if (ar->num_stations >= ar->max_num_stations)
6831 		return -ENOBUFS;
6832 
6833 	ar->num_stations++;
6834 
6835 	return 0;
6836 }
6837 
6838 static void ath10k_mac_dec_num_stations(struct ath10k_vif *arvif,
6839 					struct ieee80211_sta *sta)
6840 {
6841 	struct ath10k *ar = arvif->ar;
6842 
6843 	lockdep_assert_held(&ar->conf_mutex);
6844 
6845 	if (arvif->vdev_type == WMI_VDEV_TYPE_STA && !sta->tdls)
6846 		return;
6847 
6848 	ar->num_stations--;
6849 }
6850 
6851 static int ath10k_sta_set_txpwr(struct ieee80211_hw *hw,
6852 				struct ieee80211_vif *vif,
6853 				struct ieee80211_sta *sta)
6854 {
6855 	struct ath10k *ar = hw->priv;
6856 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
6857 	int ret = 0;
6858 	s16 txpwr;
6859 
6860 	if (sta->deflink.txpwr.type == NL80211_TX_POWER_AUTOMATIC) {
6861 		txpwr = 0;
6862 	} else {
6863 		txpwr = sta->deflink.txpwr.power;
6864 		if (!txpwr)
6865 			return -EINVAL;
6866 	}
6867 
6868 	if (txpwr > ATH10K_TX_POWER_MAX_VAL || txpwr < ATH10K_TX_POWER_MIN_VAL)
6869 		return -EINVAL;
6870 
6871 	mutex_lock(&ar->conf_mutex);
6872 
6873 	ret = ath10k_wmi_peer_set_param(ar, arvif->vdev_id, sta->addr,
6874 					ar->wmi.peer_param->use_fixed_power, txpwr);
6875 	if (ret) {
6876 		ath10k_warn(ar, "failed to set tx power for station ret: %d\n",
6877 			    ret);
6878 		goto out;
6879 	}
6880 
6881 out:
6882 	mutex_unlock(&ar->conf_mutex);
6883 	return ret;
6884 }
6885 
6886 struct ath10k_mac_iter_tid_conf_data {
6887 	struct ieee80211_vif *curr_vif;
6888 	struct ath10k *ar;
6889 	bool reset_config;
6890 };
6891 
6892 static bool
6893 ath10k_mac_bitrate_mask_has_single_rate(struct ath10k *ar,
6894 					enum nl80211_band band,
6895 					const struct cfg80211_bitrate_mask *mask,
6896 					int *vht_num_rates)
6897 {
6898 	int num_rates = 0;
6899 	int i, tmp;
6900 
6901 	num_rates += hweight32(mask->control[band].legacy);
6902 
6903 	for (i = 0; i < ARRAY_SIZE(mask->control[band].ht_mcs); i++)
6904 		num_rates += hweight8(mask->control[band].ht_mcs[i]);
6905 
6906 	*vht_num_rates = 0;
6907 	for (i = 0; i < ARRAY_SIZE(mask->control[band].vht_mcs); i++) {
6908 		tmp = hweight16(mask->control[band].vht_mcs[i]);
6909 		num_rates += tmp;
6910 		*vht_num_rates += tmp;
6911 	}
6912 
6913 	return num_rates == 1;
6914 }
6915 
6916 static int
6917 ath10k_mac_bitrate_mask_get_single_rate(struct ath10k *ar,
6918 					enum nl80211_band band,
6919 					const struct cfg80211_bitrate_mask *mask,
6920 					u8 *rate, u8 *nss, bool vht_only)
6921 {
6922 	int rate_idx;
6923 	int i;
6924 	u16 bitrate;
6925 	u8 preamble;
6926 	u8 hw_rate;
6927 
6928 	if (vht_only)
6929 		goto next;
6930 
6931 	if (hweight32(mask->control[band].legacy) == 1) {
6932 		rate_idx = ffs(mask->control[band].legacy) - 1;
6933 
6934 		if (ar->phy_capability & WHAL_WLAN_11A_CAPABILITY)
6935 			rate_idx += ATH10K_MAC_FIRST_OFDM_RATE_IDX;
6936 
6937 		hw_rate = ath10k_wmi_legacy_rates[rate_idx].hw_value;
6938 		bitrate = ath10k_wmi_legacy_rates[rate_idx].bitrate;
6939 
6940 		if (ath10k_mac_bitrate_is_cck(bitrate))
6941 			preamble = WMI_RATE_PREAMBLE_CCK;
6942 		else
6943 			preamble = WMI_RATE_PREAMBLE_OFDM;
6944 
6945 		*nss = 1;
6946 		*rate = preamble << 6 |
6947 			(*nss - 1) << 4 |
6948 			hw_rate << 0;
6949 
6950 		return 0;
6951 	}
6952 
6953 	for (i = 0; i < ARRAY_SIZE(mask->control[band].ht_mcs); i++) {
6954 		if (hweight8(mask->control[band].ht_mcs[i]) == 1) {
6955 			*nss = i + 1;
6956 			*rate = WMI_RATE_PREAMBLE_HT << 6 |
6957 				(*nss - 1) << 4 |
6958 				(ffs(mask->control[band].ht_mcs[i]) - 1);
6959 
6960 			return 0;
6961 		}
6962 	}
6963 
6964 next:
6965 	for (i = 0; i < ARRAY_SIZE(mask->control[band].vht_mcs); i++) {
6966 		if (hweight16(mask->control[band].vht_mcs[i]) == 1) {
6967 			*nss = i + 1;
6968 			*rate = WMI_RATE_PREAMBLE_VHT << 6 |
6969 				(*nss - 1) << 4 |
6970 				(ffs(mask->control[band].vht_mcs[i]) - 1);
6971 
6972 			return 0;
6973 		}
6974 	}
6975 
6976 	return -EINVAL;
6977 }
6978 
6979 static int ath10k_mac_validate_rate_mask(struct ath10k *ar,
6980 					 struct ieee80211_sta *sta,
6981 					 u32 rate_ctrl_flag, u8 nss)
6982 {
6983 	struct ieee80211_sta_ht_cap *ht_cap = &sta->deflink.ht_cap;
6984 	struct ieee80211_sta_vht_cap *vht_cap = &sta->deflink.vht_cap;
6985 
6986 	if (nss > sta->deflink.rx_nss) {
6987 		ath10k_warn(ar, "Invalid nss field, configured %u limit %u\n",
6988 			    nss, sta->deflink.rx_nss);
6989 		return -EINVAL;
6990 	}
6991 
6992 	if (ATH10K_HW_PREAMBLE(rate_ctrl_flag) == WMI_RATE_PREAMBLE_VHT) {
6993 		if (!vht_cap->vht_supported) {
6994 			ath10k_warn(ar, "Invalid VHT rate for sta %pM\n",
6995 				    sta->addr);
6996 			return -EINVAL;
6997 		}
6998 	} else if (ATH10K_HW_PREAMBLE(rate_ctrl_flag) == WMI_RATE_PREAMBLE_HT) {
6999 		if (!ht_cap->ht_supported || vht_cap->vht_supported) {
7000 			ath10k_warn(ar, "Invalid HT rate for sta %pM\n",
7001 				    sta->addr);
7002 			return -EINVAL;
7003 		}
7004 	} else {
7005 		if (ht_cap->ht_supported || vht_cap->vht_supported)
7006 			return -EINVAL;
7007 	}
7008 
7009 	return 0;
7010 }
7011 
7012 static int
7013 ath10k_mac_tid_bitrate_config(struct ath10k *ar,
7014 			      struct ieee80211_vif *vif,
7015 			      struct ieee80211_sta *sta,
7016 			      u32 *rate_ctrl_flag, u8 *rate_ctrl,
7017 			      enum nl80211_tx_rate_setting txrate_type,
7018 			      const struct cfg80211_bitrate_mask *mask)
7019 {
7020 	struct cfg80211_chan_def def;
7021 	enum nl80211_band band;
7022 	u8 nss, rate;
7023 	int vht_num_rates, ret;
7024 
7025 	if (WARN_ON(ath10k_mac_vif_chan(vif, &def)))
7026 		return -EINVAL;
7027 
7028 	if (txrate_type == NL80211_TX_RATE_AUTOMATIC) {
7029 		*rate_ctrl = WMI_TID_CONFIG_RATE_CONTROL_AUTO;
7030 		*rate_ctrl_flag = 0;
7031 		return 0;
7032 	}
7033 
7034 	band = def.chan->band;
7035 
7036 	if (!ath10k_mac_bitrate_mask_has_single_rate(ar, band, mask,
7037 						     &vht_num_rates)) {
7038 		return -EINVAL;
7039 	}
7040 
7041 	ret = ath10k_mac_bitrate_mask_get_single_rate(ar, band, mask,
7042 						      &rate, &nss, false);
7043 	if (ret) {
7044 		ath10k_warn(ar, "failed to get single rate: %d\n",
7045 			    ret);
7046 		return ret;
7047 	}
7048 
7049 	*rate_ctrl_flag = rate;
7050 
7051 	if (sta && ath10k_mac_validate_rate_mask(ar, sta, *rate_ctrl_flag, nss))
7052 		return -EINVAL;
7053 
7054 	if (txrate_type == NL80211_TX_RATE_FIXED)
7055 		*rate_ctrl = WMI_TID_CONFIG_RATE_CONTROL_FIXED_RATE;
7056 	else if (txrate_type == NL80211_TX_RATE_LIMITED &&
7057 		 (test_bit(WMI_SERVICE_EXT_PEER_TID_CONFIGS_SUPPORT,
7058 			   ar->wmi.svc_map)))
7059 		*rate_ctrl = WMI_PEER_TID_CONFIG_RATE_UPPER_CAP;
7060 	else
7061 		return -EOPNOTSUPP;
7062 
7063 	return 0;
7064 }
7065 
7066 static int ath10k_mac_set_tid_config(struct ath10k *ar, struct ieee80211_sta *sta,
7067 				     struct ieee80211_vif *vif, u32 changed,
7068 				     struct wmi_per_peer_per_tid_cfg_arg *arg)
7069 {
7070 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
7071 	struct ath10k_sta *arsta;
7072 	int ret;
7073 
7074 	if (sta) {
7075 		if (!sta->wme)
7076 			return -EOPNOTSUPP;
7077 
7078 		arsta = (struct ath10k_sta *)sta->drv_priv;
7079 
7080 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_NOACK)) {
7081 			if ((arsta->retry_long[arg->tid] > 0 ||
7082 			     arsta->rate_code[arg->tid] > 0 ||
7083 			     arsta->ampdu[arg->tid] ==
7084 					WMI_TID_CONFIG_AGGR_CONTROL_ENABLE) &&
7085 			     arg->ack_policy == WMI_PEER_TID_CONFIG_NOACK) {
7086 				changed &= ~BIT(NL80211_TID_CONFIG_ATTR_NOACK);
7087 				arg->ack_policy = 0;
7088 				arg->aggr_control = 0;
7089 				arg->rate_ctrl = 0;
7090 				arg->rcode_flags = 0;
7091 			}
7092 		}
7093 
7094 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_AMPDU_CTRL)) {
7095 			if (arsta->noack[arg->tid] == WMI_PEER_TID_CONFIG_NOACK ||
7096 			    arvif->noack[arg->tid] == WMI_PEER_TID_CONFIG_NOACK) {
7097 				arg->aggr_control = 0;
7098 				changed &= ~BIT(NL80211_TID_CONFIG_ATTR_RETRY_LONG);
7099 			}
7100 		}
7101 
7102 		if (changed & (BIT(NL80211_TID_CONFIG_ATTR_TX_RATE) |
7103 		    BIT(NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE))) {
7104 			if (arsta->noack[arg->tid] == WMI_PEER_TID_CONFIG_NOACK ||
7105 			    arvif->noack[arg->tid] == WMI_PEER_TID_CONFIG_NOACK) {
7106 				arg->rate_ctrl = 0;
7107 				arg->rcode_flags = 0;
7108 			}
7109 		}
7110 
7111 		ether_addr_copy(arg->peer_macaddr.addr, sta->addr);
7112 
7113 		ret = ath10k_wmi_set_per_peer_per_tid_cfg(ar, arg);
7114 		if (ret)
7115 			return ret;
7116 
7117 		/* Store the configured parameters in success case */
7118 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_NOACK)) {
7119 			arsta->noack[arg->tid] = arg->ack_policy;
7120 			arg->ack_policy = 0;
7121 			arg->aggr_control = 0;
7122 			arg->rate_ctrl = 0;
7123 			arg->rcode_flags = 0;
7124 		}
7125 
7126 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_RETRY_LONG)) {
7127 			arsta->retry_long[arg->tid] = arg->retry_count;
7128 			arg->retry_count = 0;
7129 		}
7130 
7131 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_AMPDU_CTRL)) {
7132 			arsta->ampdu[arg->tid] = arg->aggr_control;
7133 			arg->aggr_control = 0;
7134 		}
7135 
7136 		if (changed & (BIT(NL80211_TID_CONFIG_ATTR_TX_RATE) |
7137 		    BIT(NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE))) {
7138 			arsta->rate_ctrl[arg->tid] = arg->rate_ctrl;
7139 			arg->rate_ctrl = 0;
7140 			arg->rcode_flags = 0;
7141 		}
7142 
7143 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL)) {
7144 			arsta->rtscts[arg->tid] = arg->rtscts_ctrl;
7145 			arg->ext_tid_cfg_bitmap = 0;
7146 		}
7147 	} else {
7148 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_NOACK)) {
7149 			if ((arvif->retry_long[arg->tid] ||
7150 			     arvif->rate_code[arg->tid] ||
7151 			     arvif->ampdu[arg->tid] ==
7152 					WMI_TID_CONFIG_AGGR_CONTROL_ENABLE) &&
7153 			     arg->ack_policy == WMI_PEER_TID_CONFIG_NOACK) {
7154 				changed &= ~BIT(NL80211_TID_CONFIG_ATTR_NOACK);
7155 			} else {
7156 				arvif->noack[arg->tid] = arg->ack_policy;
7157 				arvif->ampdu[arg->tid] = arg->aggr_control;
7158 				arvif->rate_ctrl[arg->tid] = arg->rate_ctrl;
7159 			}
7160 		}
7161 
7162 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_RETRY_LONG)) {
7163 			if (arvif->noack[arg->tid] == WMI_PEER_TID_CONFIG_NOACK)
7164 				changed &= ~BIT(NL80211_TID_CONFIG_ATTR_RETRY_LONG);
7165 			else
7166 				arvif->retry_long[arg->tid] = arg->retry_count;
7167 		}
7168 
7169 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_AMPDU_CTRL)) {
7170 			if (arvif->noack[arg->tid] == WMI_PEER_TID_CONFIG_NOACK)
7171 				changed &= ~BIT(NL80211_TID_CONFIG_ATTR_AMPDU_CTRL);
7172 			else
7173 				arvif->ampdu[arg->tid] = arg->aggr_control;
7174 		}
7175 
7176 		if (changed & (BIT(NL80211_TID_CONFIG_ATTR_TX_RATE) |
7177 		    BIT(NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE))) {
7178 			if (arvif->noack[arg->tid] == WMI_PEER_TID_CONFIG_NOACK) {
7179 				changed &= ~(BIT(NL80211_TID_CONFIG_ATTR_TX_RATE) |
7180 					     BIT(NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE));
7181 			} else {
7182 				arvif->rate_ctrl[arg->tid] = arg->rate_ctrl;
7183 				arvif->rate_code[arg->tid] = arg->rcode_flags;
7184 			}
7185 		}
7186 
7187 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL)) {
7188 			arvif->rtscts[arg->tid] = arg->rtscts_ctrl;
7189 			arg->ext_tid_cfg_bitmap = 0;
7190 		}
7191 
7192 		if (changed)
7193 			arvif->tid_conf_changed[arg->tid] |= changed;
7194 	}
7195 
7196 	return 0;
7197 }
7198 
7199 static int
7200 ath10k_mac_parse_tid_config(struct ath10k *ar,
7201 			    struct ieee80211_sta *sta,
7202 			    struct ieee80211_vif *vif,
7203 			    struct cfg80211_tid_cfg *tid_conf,
7204 			    struct wmi_per_peer_per_tid_cfg_arg *arg)
7205 {
7206 	u32 changed = tid_conf->mask;
7207 	int ret = 0, i = 0;
7208 
7209 	if (!changed)
7210 		return -EINVAL;
7211 
7212 	while (i < ATH10K_TID_MAX) {
7213 		if (!(tid_conf->tids & BIT(i))) {
7214 			i++;
7215 			continue;
7216 		}
7217 
7218 		arg->tid = i;
7219 
7220 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_NOACK)) {
7221 			if (tid_conf->noack == NL80211_TID_CONFIG_ENABLE) {
7222 				arg->ack_policy = WMI_PEER_TID_CONFIG_NOACK;
7223 				arg->rate_ctrl =
7224 				WMI_TID_CONFIG_RATE_CONTROL_DEFAULT_LOWEST_RATE;
7225 				arg->aggr_control =
7226 					WMI_TID_CONFIG_AGGR_CONTROL_DISABLE;
7227 			} else {
7228 				arg->ack_policy =
7229 					WMI_PEER_TID_CONFIG_ACK;
7230 				arg->rate_ctrl =
7231 					WMI_TID_CONFIG_RATE_CONTROL_AUTO;
7232 				arg->aggr_control =
7233 					WMI_TID_CONFIG_AGGR_CONTROL_ENABLE;
7234 			}
7235 		}
7236 
7237 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_RETRY_LONG))
7238 			arg->retry_count = tid_conf->retry_long;
7239 
7240 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_AMPDU_CTRL)) {
7241 			if (tid_conf->noack == NL80211_TID_CONFIG_ENABLE)
7242 				arg->aggr_control = WMI_TID_CONFIG_AGGR_CONTROL_ENABLE;
7243 			else
7244 				arg->aggr_control = WMI_TID_CONFIG_AGGR_CONTROL_DISABLE;
7245 		}
7246 
7247 		if (changed & (BIT(NL80211_TID_CONFIG_ATTR_TX_RATE) |
7248 		    BIT(NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE))) {
7249 			ret = ath10k_mac_tid_bitrate_config(ar, vif, sta,
7250 							    &arg->rcode_flags,
7251 							    &arg->rate_ctrl,
7252 							    tid_conf->txrate_type,
7253 							&tid_conf->txrate_mask);
7254 			if (ret) {
7255 				ath10k_warn(ar, "failed to configure bitrate mask %d\n",
7256 					    ret);
7257 				arg->rcode_flags = 0;
7258 				arg->rate_ctrl = 0;
7259 			}
7260 		}
7261 
7262 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL)) {
7263 			if (tid_conf->rtscts)
7264 				arg->rtscts_ctrl = tid_conf->rtscts;
7265 
7266 			arg->ext_tid_cfg_bitmap = WMI_EXT_TID_RTS_CTS_CONFIG;
7267 		}
7268 
7269 		ret = ath10k_mac_set_tid_config(ar, sta, vif, changed, arg);
7270 		if (ret)
7271 			return ret;
7272 		i++;
7273 	}
7274 
7275 	return ret;
7276 }
7277 
7278 static int ath10k_mac_reset_tid_config(struct ath10k *ar,
7279 				       struct ieee80211_sta *sta,
7280 				       struct ath10k_vif *arvif,
7281 				       u8 tids)
7282 {
7283 	struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
7284 	struct wmi_per_peer_per_tid_cfg_arg arg;
7285 	int ret = 0, i = 0;
7286 
7287 	arg.vdev_id = arvif->vdev_id;
7288 	while (i < ATH10K_TID_MAX) {
7289 		if (!(tids & BIT(i))) {
7290 			i++;
7291 			continue;
7292 		}
7293 
7294 		arg.tid = i;
7295 		arg.ack_policy = WMI_PEER_TID_CONFIG_ACK;
7296 		arg.retry_count = ATH10K_MAX_RETRY_COUNT;
7297 		arg.rate_ctrl = WMI_TID_CONFIG_RATE_CONTROL_AUTO;
7298 		arg.aggr_control = WMI_TID_CONFIG_AGGR_CONTROL_ENABLE;
7299 		arg.rtscts_ctrl = WMI_TID_CONFIG_RTSCTS_CONTROL_ENABLE;
7300 		arg.ext_tid_cfg_bitmap = WMI_EXT_TID_RTS_CTS_CONFIG;
7301 
7302 		ether_addr_copy(arg.peer_macaddr.addr, sta->addr);
7303 
7304 		ret = ath10k_wmi_set_per_peer_per_tid_cfg(ar, &arg);
7305 		if (ret)
7306 			return ret;
7307 
7308 		if (!arvif->tids_rst) {
7309 			arsta->retry_long[i] = -1;
7310 			arsta->noack[i] = -1;
7311 			arsta->ampdu[i] = -1;
7312 			arsta->rate_code[i] = -1;
7313 			arsta->rate_ctrl[i] = 0;
7314 			arsta->rtscts[i] = -1;
7315 		} else {
7316 			arvif->retry_long[i] = 0;
7317 			arvif->noack[i] = 0;
7318 			arvif->ampdu[i] = 0;
7319 			arvif->rate_code[i] = 0;
7320 			arvif->rate_ctrl[i] = 0;
7321 			arvif->rtscts[i] = 0;
7322 		}
7323 
7324 		i++;
7325 	}
7326 
7327 	return ret;
7328 }
7329 
7330 static void ath10k_sta_tid_cfg_wk(struct work_struct *wk)
7331 {
7332 	struct wmi_per_peer_per_tid_cfg_arg arg = {};
7333 	struct ieee80211_sta *sta;
7334 	struct ath10k_sta *arsta;
7335 	struct ath10k_vif *arvif;
7336 	struct ath10k *ar;
7337 	bool config_apply;
7338 	int ret, i;
7339 	u32 changed;
7340 	u8 nss;
7341 
7342 	arsta = container_of(wk, struct ath10k_sta, tid_config_wk);
7343 	sta = container_of((void *)arsta, struct ieee80211_sta, drv_priv);
7344 	arvif = arsta->arvif;
7345 	ar = arvif->ar;
7346 
7347 	mutex_lock(&ar->conf_mutex);
7348 
7349 	if (arvif->tids_rst) {
7350 		ret = ath10k_mac_reset_tid_config(ar, sta, arvif,
7351 						  arvif->tids_rst);
7352 		goto exit;
7353 	}
7354 
7355 	ether_addr_copy(arg.peer_macaddr.addr, sta->addr);
7356 
7357 	for (i = 0; i < ATH10K_TID_MAX; i++) {
7358 		config_apply = false;
7359 		changed = arvif->tid_conf_changed[i];
7360 
7361 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_NOACK)) {
7362 			if (arsta->noack[i] != -1) {
7363 				arg.ack_policy  = 0;
7364 			} else {
7365 				config_apply = true;
7366 				arg.ack_policy = arvif->noack[i];
7367 				arg.aggr_control = arvif->ampdu[i];
7368 				arg.rate_ctrl = arvif->rate_ctrl[i];
7369 			}
7370 		}
7371 
7372 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_RETRY_LONG)) {
7373 			if (arsta->retry_long[i] != -1 ||
7374 			    arsta->noack[i] == WMI_PEER_TID_CONFIG_NOACK ||
7375 			    arvif->noack[i] == WMI_PEER_TID_CONFIG_NOACK) {
7376 				arg.retry_count = 0;
7377 			} else {
7378 				arg.retry_count = arvif->retry_long[i];
7379 				config_apply = true;
7380 			}
7381 		}
7382 
7383 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_AMPDU_CTRL)) {
7384 			if (arsta->ampdu[i] != -1 ||
7385 			    arsta->noack[i] == WMI_PEER_TID_CONFIG_NOACK ||
7386 			    arvif->noack[i] == WMI_PEER_TID_CONFIG_NOACK) {
7387 				arg.aggr_control = 0;
7388 			} else {
7389 				arg.aggr_control = arvif->ampdu[i];
7390 				config_apply = true;
7391 			}
7392 		}
7393 
7394 		if (changed & (BIT(NL80211_TID_CONFIG_ATTR_TX_RATE) |
7395 		    BIT(NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE))) {
7396 			nss = ATH10K_HW_NSS(arvif->rate_code[i]);
7397 			ret = ath10k_mac_validate_rate_mask(ar, sta,
7398 							    arvif->rate_code[i],
7399 							    nss);
7400 			if (ret &&
7401 			    arvif->rate_ctrl[i] > WMI_TID_CONFIG_RATE_CONTROL_AUTO) {
7402 				arg.rate_ctrl = 0;
7403 				arg.rcode_flags = 0;
7404 			}
7405 
7406 			if (arsta->rate_ctrl[i] >
7407 			    WMI_TID_CONFIG_RATE_CONTROL_AUTO ||
7408 			    arsta->noack[i] == WMI_PEER_TID_CONFIG_NOACK ||
7409 			    arvif->noack[i] == WMI_PEER_TID_CONFIG_NOACK) {
7410 				arg.rate_ctrl = 0;
7411 				arg.rcode_flags = 0;
7412 			} else {
7413 				arg.rate_ctrl = arvif->rate_ctrl[i];
7414 				arg.rcode_flags = arvif->rate_code[i];
7415 				config_apply = true;
7416 			}
7417 		}
7418 
7419 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL)) {
7420 			if (arsta->rtscts[i]) {
7421 				arg.rtscts_ctrl = 0;
7422 				arg.ext_tid_cfg_bitmap = 0;
7423 			} else {
7424 				arg.rtscts_ctrl = arvif->rtscts[i] - 1;
7425 				arg.ext_tid_cfg_bitmap =
7426 					WMI_EXT_TID_RTS_CTS_CONFIG;
7427 				config_apply = true;
7428 			}
7429 		}
7430 
7431 		arg.tid = i;
7432 
7433 		if (config_apply) {
7434 			ret = ath10k_wmi_set_per_peer_per_tid_cfg(ar, &arg);
7435 			if (ret)
7436 				ath10k_warn(ar, "failed to set per tid config for sta %pM: %d\n",
7437 					    sta->addr, ret);
7438 		}
7439 
7440 		arg.ack_policy  = 0;
7441 		arg.retry_count  = 0;
7442 		arg.aggr_control  = 0;
7443 		arg.rate_ctrl = 0;
7444 		arg.rcode_flags = 0;
7445 	}
7446 
7447 exit:
7448 	mutex_unlock(&ar->conf_mutex);
7449 }
7450 
7451 static void ath10k_mac_vif_stations_tid_conf(void *data,
7452 					     struct ieee80211_sta *sta)
7453 {
7454 	struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
7455 	struct ath10k_mac_iter_tid_conf_data *iter_data = data;
7456 	struct ieee80211_vif *sta_vif = arsta->arvif->vif;
7457 
7458 	if (sta_vif != iter_data->curr_vif || !sta->wme)
7459 		return;
7460 
7461 	ieee80211_queue_work(iter_data->ar->hw, &arsta->tid_config_wk);
7462 }
7463 
7464 static int ath10k_sta_state(struct ieee80211_hw *hw,
7465 			    struct ieee80211_vif *vif,
7466 			    struct ieee80211_sta *sta,
7467 			    enum ieee80211_sta_state old_state,
7468 			    enum ieee80211_sta_state new_state)
7469 {
7470 	struct ath10k *ar = hw->priv;
7471 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
7472 	struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
7473 	struct ath10k_peer *peer;
7474 	int ret = 0;
7475 	int i;
7476 
7477 	if (old_state == IEEE80211_STA_NOTEXIST &&
7478 	    new_state == IEEE80211_STA_NONE) {
7479 		memset(arsta, 0, sizeof(*arsta));
7480 		arsta->arvif = arvif;
7481 		arsta->peer_ps_state = WMI_PEER_PS_STATE_DISABLED;
7482 		INIT_WORK(&arsta->update_wk, ath10k_sta_rc_update_wk);
7483 		INIT_WORK(&arsta->tid_config_wk, ath10k_sta_tid_cfg_wk);
7484 
7485 		for (i = 0; i < ARRAY_SIZE(sta->txq); i++)
7486 			ath10k_mac_txq_init(sta->txq[i]);
7487 	}
7488 
7489 	/* cancel must be done outside the mutex to avoid deadlock */
7490 	if ((old_state == IEEE80211_STA_NONE &&
7491 	     new_state == IEEE80211_STA_NOTEXIST)) {
7492 		cancel_work_sync(&arsta->update_wk);
7493 		cancel_work_sync(&arsta->tid_config_wk);
7494 	}
7495 
7496 	mutex_lock(&ar->conf_mutex);
7497 
7498 	if (old_state == IEEE80211_STA_NOTEXIST &&
7499 	    new_state == IEEE80211_STA_NONE) {
7500 		/*
7501 		 * New station addition.
7502 		 */
7503 		enum wmi_peer_type peer_type = WMI_PEER_TYPE_DEFAULT;
7504 		u32 num_tdls_stations;
7505 
7506 		ath10k_dbg(ar, ATH10K_DBG_STA,
7507 			   "mac vdev %d peer create %pM (new sta) sta %d / %d peer %d / %d\n",
7508 			   arvif->vdev_id, sta->addr,
7509 			   ar->num_stations + 1, ar->max_num_stations,
7510 			   ar->num_peers + 1, ar->max_num_peers);
7511 
7512 		num_tdls_stations = ath10k_mac_tdls_vif_stations_count(hw, vif);
7513 
7514 		if (sta->tdls) {
7515 			if (num_tdls_stations >= ar->max_num_tdls_vdevs) {
7516 				ath10k_warn(ar, "vdev %i exceeded maximum number of tdls vdevs %i\n",
7517 					    arvif->vdev_id,
7518 					    ar->max_num_tdls_vdevs);
7519 				ret = -ELNRNG;
7520 				goto exit;
7521 			}
7522 			peer_type = WMI_PEER_TYPE_TDLS;
7523 		}
7524 
7525 		ret = ath10k_mac_inc_num_stations(arvif, sta);
7526 		if (ret) {
7527 			ath10k_warn(ar, "refusing to associate station: too many connected already (%d)\n",
7528 				    ar->max_num_stations);
7529 			goto exit;
7530 		}
7531 
7532 		if (ath10k_debug_is_extd_tx_stats_enabled(ar)) {
7533 			arsta->tx_stats = kzalloc(sizeof(*arsta->tx_stats),
7534 						  GFP_KERNEL);
7535 			if (!arsta->tx_stats) {
7536 				ath10k_mac_dec_num_stations(arvif, sta);
7537 				ret = -ENOMEM;
7538 				goto exit;
7539 			}
7540 		}
7541 
7542 		ret = ath10k_peer_create(ar, vif, sta, arvif->vdev_id,
7543 					 sta->addr, peer_type);
7544 		if (ret) {
7545 			ath10k_warn(ar, "failed to add peer %pM for vdev %d when adding a new sta: %i\n",
7546 				    sta->addr, arvif->vdev_id, ret);
7547 			ath10k_mac_dec_num_stations(arvif, sta);
7548 			kfree(arsta->tx_stats);
7549 			goto exit;
7550 		}
7551 
7552 		spin_lock_bh(&ar->data_lock);
7553 
7554 		peer = ath10k_peer_find(ar, arvif->vdev_id, sta->addr);
7555 		if (!peer) {
7556 			ath10k_warn(ar, "failed to lookup peer %pM on vdev %i\n",
7557 				    vif->addr, arvif->vdev_id);
7558 			spin_unlock_bh(&ar->data_lock);
7559 			ath10k_peer_delete(ar, arvif->vdev_id, sta->addr);
7560 			ath10k_mac_dec_num_stations(arvif, sta);
7561 			kfree(arsta->tx_stats);
7562 			ret = -ENOENT;
7563 			goto exit;
7564 		}
7565 
7566 		arsta->peer_id = find_first_bit(peer->peer_ids,
7567 						ATH10K_MAX_NUM_PEER_IDS);
7568 
7569 		spin_unlock_bh(&ar->data_lock);
7570 
7571 		if (!sta->tdls)
7572 			goto exit;
7573 
7574 		ret = ath10k_wmi_update_fw_tdls_state(ar, arvif->vdev_id,
7575 						      WMI_TDLS_ENABLE_ACTIVE);
7576 		if (ret) {
7577 			ath10k_warn(ar, "failed to update fw tdls state on vdev %i: %i\n",
7578 				    arvif->vdev_id, ret);
7579 			ath10k_peer_delete(ar, arvif->vdev_id,
7580 					   sta->addr);
7581 			ath10k_mac_dec_num_stations(arvif, sta);
7582 			kfree(arsta->tx_stats);
7583 			goto exit;
7584 		}
7585 
7586 		ret = ath10k_mac_tdls_peer_update(ar, arvif->vdev_id, sta,
7587 						  WMI_TDLS_PEER_STATE_PEERING);
7588 		if (ret) {
7589 			ath10k_warn(ar,
7590 				    "failed to update tdls peer %pM for vdev %d when adding a new sta: %i\n",
7591 				    sta->addr, arvif->vdev_id, ret);
7592 			ath10k_peer_delete(ar, arvif->vdev_id, sta->addr);
7593 			ath10k_mac_dec_num_stations(arvif, sta);
7594 			kfree(arsta->tx_stats);
7595 
7596 			if (num_tdls_stations != 0)
7597 				goto exit;
7598 			ath10k_wmi_update_fw_tdls_state(ar, arvif->vdev_id,
7599 							WMI_TDLS_DISABLE);
7600 		}
7601 	} else if ((old_state == IEEE80211_STA_NONE &&
7602 		    new_state == IEEE80211_STA_NOTEXIST)) {
7603 		/*
7604 		 * Existing station deletion.
7605 		 */
7606 		ath10k_dbg(ar, ATH10K_DBG_STA,
7607 			   "mac vdev %d peer delete %pM sta %pK (sta gone)\n",
7608 			   arvif->vdev_id, sta->addr, sta);
7609 
7610 		if (sta->tdls) {
7611 			ret = ath10k_mac_tdls_peer_update(ar, arvif->vdev_id,
7612 							  sta,
7613 							  WMI_TDLS_PEER_STATE_TEARDOWN);
7614 			if (ret)
7615 				ath10k_warn(ar, "failed to update tdls peer state for %pM state %d: %i\n",
7616 					    sta->addr,
7617 					    WMI_TDLS_PEER_STATE_TEARDOWN, ret);
7618 		}
7619 
7620 		ret = ath10k_peer_delete(ar, arvif->vdev_id, sta->addr);
7621 		if (ret)
7622 			ath10k_warn(ar, "failed to delete peer %pM for vdev %d: %i\n",
7623 				    sta->addr, arvif->vdev_id, ret);
7624 
7625 		ath10k_mac_dec_num_stations(arvif, sta);
7626 
7627 		spin_lock_bh(&ar->data_lock);
7628 		for (i = 0; i < ARRAY_SIZE(ar->peer_map); i++) {
7629 			peer = ar->peer_map[i];
7630 			if (!peer)
7631 				continue;
7632 
7633 			if (peer->sta == sta) {
7634 				ath10k_warn(ar, "found sta peer %pM (ptr %pK id %d) entry on vdev %i after it was supposedly removed\n",
7635 					    sta->addr, peer, i, arvif->vdev_id);
7636 				peer->sta = NULL;
7637 
7638 				/* Clean up the peer object as well since we
7639 				 * must have failed to do this above.
7640 				 */
7641 				ath10k_peer_map_cleanup(ar, peer);
7642 			}
7643 		}
7644 		spin_unlock_bh(&ar->data_lock);
7645 
7646 		if (ath10k_debug_is_extd_tx_stats_enabled(ar)) {
7647 			kfree(arsta->tx_stats);
7648 			arsta->tx_stats = NULL;
7649 		}
7650 
7651 		for (i = 0; i < ARRAY_SIZE(sta->txq); i++)
7652 			ath10k_mac_txq_unref(ar, sta->txq[i]);
7653 
7654 		if (!sta->tdls)
7655 			goto exit;
7656 
7657 		if (ath10k_mac_tdls_vif_stations_count(hw, vif))
7658 			goto exit;
7659 
7660 		/* This was the last tdls peer in current vif */
7661 		ret = ath10k_wmi_update_fw_tdls_state(ar, arvif->vdev_id,
7662 						      WMI_TDLS_DISABLE);
7663 		if (ret) {
7664 			ath10k_warn(ar, "failed to update fw tdls state on vdev %i: %i\n",
7665 				    arvif->vdev_id, ret);
7666 		}
7667 	} else if (old_state == IEEE80211_STA_AUTH &&
7668 		   new_state == IEEE80211_STA_ASSOC &&
7669 		   (vif->type == NL80211_IFTYPE_AP ||
7670 		    vif->type == NL80211_IFTYPE_MESH_POINT ||
7671 		    vif->type == NL80211_IFTYPE_ADHOC)) {
7672 		/*
7673 		 * New association.
7674 		 */
7675 		ath10k_dbg(ar, ATH10K_DBG_STA, "mac sta %pM associated\n",
7676 			   sta->addr);
7677 
7678 		ret = ath10k_station_assoc(ar, vif, sta, false);
7679 		if (ret)
7680 			ath10k_warn(ar, "failed to associate station %pM for vdev %i: %i\n",
7681 				    sta->addr, arvif->vdev_id, ret);
7682 	} else if (old_state == IEEE80211_STA_ASSOC &&
7683 		   new_state == IEEE80211_STA_AUTHORIZED &&
7684 		   sta->tdls) {
7685 		/*
7686 		 * Tdls station authorized.
7687 		 */
7688 		ath10k_dbg(ar, ATH10K_DBG_STA, "mac tdls sta %pM authorized\n",
7689 			   sta->addr);
7690 
7691 		ret = ath10k_station_assoc(ar, vif, sta, false);
7692 		if (ret) {
7693 			ath10k_warn(ar, "failed to associate tdls station %pM for vdev %i: %i\n",
7694 				    sta->addr, arvif->vdev_id, ret);
7695 			goto exit;
7696 		}
7697 
7698 		ret = ath10k_mac_tdls_peer_update(ar, arvif->vdev_id, sta,
7699 						  WMI_TDLS_PEER_STATE_CONNECTED);
7700 		if (ret)
7701 			ath10k_warn(ar, "failed to update tdls peer %pM for vdev %i: %i\n",
7702 				    sta->addr, arvif->vdev_id, ret);
7703 	} else if (old_state == IEEE80211_STA_ASSOC &&
7704 		    new_state == IEEE80211_STA_AUTH &&
7705 		    (vif->type == NL80211_IFTYPE_AP ||
7706 		     vif->type == NL80211_IFTYPE_MESH_POINT ||
7707 		     vif->type == NL80211_IFTYPE_ADHOC)) {
7708 		/*
7709 		 * Disassociation.
7710 		 */
7711 		ath10k_dbg(ar, ATH10K_DBG_STA, "mac sta %pM disassociated\n",
7712 			   sta->addr);
7713 
7714 		ret = ath10k_station_disassoc(ar, vif, sta);
7715 		if (ret)
7716 			ath10k_warn(ar, "failed to disassociate station: %pM vdev %i: %i\n",
7717 				    sta->addr, arvif->vdev_id, ret);
7718 	}
7719 exit:
7720 	mutex_unlock(&ar->conf_mutex);
7721 	return ret;
7722 }
7723 
7724 static int ath10k_conf_tx_uapsd(struct ath10k *ar, struct ieee80211_vif *vif,
7725 				u16 ac, bool enable)
7726 {
7727 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
7728 	struct wmi_sta_uapsd_auto_trig_arg arg = {};
7729 	u32 prio = 0, acc = 0;
7730 	u32 value = 0;
7731 	int ret = 0;
7732 
7733 	lockdep_assert_held(&ar->conf_mutex);
7734 
7735 	if (arvif->vdev_type != WMI_VDEV_TYPE_STA)
7736 		return 0;
7737 
7738 	switch (ac) {
7739 	case IEEE80211_AC_VO:
7740 		value = WMI_STA_PS_UAPSD_AC3_DELIVERY_EN |
7741 			WMI_STA_PS_UAPSD_AC3_TRIGGER_EN;
7742 		prio = 7;
7743 		acc = 3;
7744 		break;
7745 	case IEEE80211_AC_VI:
7746 		value = WMI_STA_PS_UAPSD_AC2_DELIVERY_EN |
7747 			WMI_STA_PS_UAPSD_AC2_TRIGGER_EN;
7748 		prio = 5;
7749 		acc = 2;
7750 		break;
7751 	case IEEE80211_AC_BE:
7752 		value = WMI_STA_PS_UAPSD_AC1_DELIVERY_EN |
7753 			WMI_STA_PS_UAPSD_AC1_TRIGGER_EN;
7754 		prio = 2;
7755 		acc = 1;
7756 		break;
7757 	case IEEE80211_AC_BK:
7758 		value = WMI_STA_PS_UAPSD_AC0_DELIVERY_EN |
7759 			WMI_STA_PS_UAPSD_AC0_TRIGGER_EN;
7760 		prio = 0;
7761 		acc = 0;
7762 		break;
7763 	}
7764 
7765 	if (enable)
7766 		arvif->u.sta.uapsd |= value;
7767 	else
7768 		arvif->u.sta.uapsd &= ~value;
7769 
7770 	ret = ath10k_wmi_set_sta_ps_param(ar, arvif->vdev_id,
7771 					  WMI_STA_PS_PARAM_UAPSD,
7772 					  arvif->u.sta.uapsd);
7773 	if (ret) {
7774 		ath10k_warn(ar, "failed to set uapsd params: %d\n", ret);
7775 		goto exit;
7776 	}
7777 
7778 	if (arvif->u.sta.uapsd)
7779 		value = WMI_STA_PS_RX_WAKE_POLICY_POLL_UAPSD;
7780 	else
7781 		value = WMI_STA_PS_RX_WAKE_POLICY_WAKE;
7782 
7783 	ret = ath10k_wmi_set_sta_ps_param(ar, arvif->vdev_id,
7784 					  WMI_STA_PS_PARAM_RX_WAKE_POLICY,
7785 					  value);
7786 	if (ret)
7787 		ath10k_warn(ar, "failed to set rx wake param: %d\n", ret);
7788 
7789 	ret = ath10k_mac_vif_recalc_ps_wake_threshold(arvif);
7790 	if (ret) {
7791 		ath10k_warn(ar, "failed to recalc ps wake threshold on vdev %i: %d\n",
7792 			    arvif->vdev_id, ret);
7793 		return ret;
7794 	}
7795 
7796 	ret = ath10k_mac_vif_recalc_ps_poll_count(arvif);
7797 	if (ret) {
7798 		ath10k_warn(ar, "failed to recalc ps poll count on vdev %i: %d\n",
7799 			    arvif->vdev_id, ret);
7800 		return ret;
7801 	}
7802 
7803 	if (test_bit(WMI_SERVICE_STA_UAPSD_BASIC_AUTO_TRIG, ar->wmi.svc_map) ||
7804 	    test_bit(WMI_SERVICE_STA_UAPSD_VAR_AUTO_TRIG, ar->wmi.svc_map)) {
7805 		/* Only userspace can make an educated decision when to send
7806 		 * trigger frame. The following effectively disables u-UAPSD
7807 		 * autotrigger in firmware (which is enabled by default
7808 		 * provided the autotrigger service is available).
7809 		 */
7810 
7811 		arg.wmm_ac = acc;
7812 		arg.user_priority = prio;
7813 		arg.service_interval = 0;
7814 		arg.suspend_interval = WMI_STA_UAPSD_MAX_INTERVAL_MSEC;
7815 		arg.delay_interval = WMI_STA_UAPSD_MAX_INTERVAL_MSEC;
7816 
7817 		ret = ath10k_wmi_vdev_sta_uapsd(ar, arvif->vdev_id,
7818 						arvif->bssid, &arg, 1);
7819 		if (ret) {
7820 			ath10k_warn(ar, "failed to set uapsd auto trigger %d\n",
7821 				    ret);
7822 			return ret;
7823 		}
7824 	}
7825 
7826 exit:
7827 	return ret;
7828 }
7829 
7830 static int ath10k_conf_tx(struct ieee80211_hw *hw,
7831 			  struct ieee80211_vif *vif,
7832 			  unsigned int link_id, u16 ac,
7833 			  const struct ieee80211_tx_queue_params *params)
7834 {
7835 	struct ath10k *ar = hw->priv;
7836 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
7837 	struct wmi_wmm_params_arg *p = NULL;
7838 	int ret;
7839 
7840 	mutex_lock(&ar->conf_mutex);
7841 
7842 	switch (ac) {
7843 	case IEEE80211_AC_VO:
7844 		p = &arvif->wmm_params.ac_vo;
7845 		break;
7846 	case IEEE80211_AC_VI:
7847 		p = &arvif->wmm_params.ac_vi;
7848 		break;
7849 	case IEEE80211_AC_BE:
7850 		p = &arvif->wmm_params.ac_be;
7851 		break;
7852 	case IEEE80211_AC_BK:
7853 		p = &arvif->wmm_params.ac_bk;
7854 		break;
7855 	}
7856 
7857 	if (WARN_ON(!p)) {
7858 		ret = -EINVAL;
7859 		goto exit;
7860 	}
7861 
7862 	p->cwmin = params->cw_min;
7863 	p->cwmax = params->cw_max;
7864 	p->aifs = params->aifs;
7865 
7866 	/*
7867 	 * The channel time duration programmed in the HW is in absolute
7868 	 * microseconds, while mac80211 gives the txop in units of
7869 	 * 32 microseconds.
7870 	 */
7871 	p->txop = params->txop * 32;
7872 
7873 	if (ar->wmi.ops->gen_vdev_wmm_conf) {
7874 		ret = ath10k_wmi_vdev_wmm_conf(ar, arvif->vdev_id,
7875 					       &arvif->wmm_params);
7876 		if (ret) {
7877 			ath10k_warn(ar, "failed to set vdev wmm params on vdev %i: %d\n",
7878 				    arvif->vdev_id, ret);
7879 			goto exit;
7880 		}
7881 	} else {
7882 		/* This won't work well with multi-interface cases but it's
7883 		 * better than nothing.
7884 		 */
7885 		ret = ath10k_wmi_pdev_set_wmm_params(ar, &arvif->wmm_params);
7886 		if (ret) {
7887 			ath10k_warn(ar, "failed to set wmm params: %d\n", ret);
7888 			goto exit;
7889 		}
7890 	}
7891 
7892 	ret = ath10k_conf_tx_uapsd(ar, vif, ac, params->uapsd);
7893 	if (ret)
7894 		ath10k_warn(ar, "failed to set sta uapsd: %d\n", ret);
7895 
7896 exit:
7897 	mutex_unlock(&ar->conf_mutex);
7898 	return ret;
7899 }
7900 
7901 static int ath10k_remain_on_channel(struct ieee80211_hw *hw,
7902 				    struct ieee80211_vif *vif,
7903 				    struct ieee80211_channel *chan,
7904 				    int duration,
7905 				    enum ieee80211_roc_type type)
7906 {
7907 	struct ath10k *ar = hw->priv;
7908 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
7909 	struct wmi_start_scan_arg *arg = NULL;
7910 	int ret = 0;
7911 	u32 scan_time_msec;
7912 
7913 	mutex_lock(&ar->conf_mutex);
7914 
7915 	if (ath10k_mac_tdls_vif_stations_count(hw, vif) > 0) {
7916 		ret = -EBUSY;
7917 		goto exit;
7918 	}
7919 
7920 	spin_lock_bh(&ar->data_lock);
7921 	switch (ar->scan.state) {
7922 	case ATH10K_SCAN_IDLE:
7923 		reinit_completion(&ar->scan.started);
7924 		reinit_completion(&ar->scan.completed);
7925 		reinit_completion(&ar->scan.on_channel);
7926 		ar->scan.state = ATH10K_SCAN_STARTING;
7927 		ar->scan.is_roc = true;
7928 		ar->scan.vdev_id = arvif->vdev_id;
7929 		ar->scan.roc_freq = chan->center_freq;
7930 		ar->scan.roc_notify = true;
7931 		ret = 0;
7932 		break;
7933 	case ATH10K_SCAN_STARTING:
7934 	case ATH10K_SCAN_RUNNING:
7935 	case ATH10K_SCAN_ABORTING:
7936 		ret = -EBUSY;
7937 		break;
7938 	}
7939 	spin_unlock_bh(&ar->data_lock);
7940 
7941 	if (ret)
7942 		goto exit;
7943 
7944 	scan_time_msec = ar->hw->wiphy->max_remain_on_channel_duration * 2;
7945 
7946 	arg = kzalloc(sizeof(*arg), GFP_KERNEL);
7947 	if (!arg) {
7948 		ret = -ENOMEM;
7949 		goto exit;
7950 	}
7951 
7952 	ath10k_wmi_start_scan_init(ar, arg);
7953 	arg->vdev_id = arvif->vdev_id;
7954 	arg->scan_id = ATH10K_SCAN_ID;
7955 	arg->n_channels = 1;
7956 	arg->channels[0] = chan->center_freq;
7957 	arg->dwell_time_active = scan_time_msec;
7958 	arg->dwell_time_passive = scan_time_msec;
7959 	arg->max_scan_time = scan_time_msec;
7960 	arg->scan_ctrl_flags |= WMI_SCAN_FLAG_PASSIVE;
7961 	arg->scan_ctrl_flags |= WMI_SCAN_FILTER_PROBE_REQ;
7962 	arg->burst_duration_ms = duration;
7963 
7964 	ret = ath10k_start_scan(ar, arg);
7965 	if (ret) {
7966 		ath10k_warn(ar, "failed to start roc scan: %d\n", ret);
7967 		spin_lock_bh(&ar->data_lock);
7968 		ar->scan.state = ATH10K_SCAN_IDLE;
7969 		spin_unlock_bh(&ar->data_lock);
7970 		goto exit;
7971 	}
7972 
7973 	ret = wait_for_completion_timeout(&ar->scan.on_channel, 3 * HZ);
7974 	if (ret == 0) {
7975 		ath10k_warn(ar, "failed to switch to channel for roc scan\n");
7976 
7977 		ret = ath10k_scan_stop(ar);
7978 		if (ret)
7979 			ath10k_warn(ar, "failed to stop scan: %d\n", ret);
7980 
7981 		ret = -ETIMEDOUT;
7982 		goto exit;
7983 	}
7984 
7985 	ieee80211_queue_delayed_work(ar->hw, &ar->scan.timeout,
7986 				     msecs_to_jiffies(duration));
7987 
7988 	ret = 0;
7989 exit:
7990 	kfree(arg);
7991 
7992 	mutex_unlock(&ar->conf_mutex);
7993 	return ret;
7994 }
7995 
7996 static int ath10k_cancel_remain_on_channel(struct ieee80211_hw *hw,
7997 					   struct ieee80211_vif *vif)
7998 {
7999 	struct ath10k *ar = hw->priv;
8000 
8001 	mutex_lock(&ar->conf_mutex);
8002 
8003 	spin_lock_bh(&ar->data_lock);
8004 	ar->scan.roc_notify = false;
8005 	spin_unlock_bh(&ar->data_lock);
8006 
8007 	ath10k_scan_abort(ar);
8008 
8009 	mutex_unlock(&ar->conf_mutex);
8010 
8011 	cancel_delayed_work_sync(&ar->scan.timeout);
8012 
8013 	return 0;
8014 }
8015 
8016 /*
8017  * Both RTS and Fragmentation threshold are interface-specific
8018  * in ath10k, but device-specific in mac80211.
8019  */
8020 
8021 static int ath10k_set_rts_threshold(struct ieee80211_hw *hw, u32 value)
8022 {
8023 	struct ath10k *ar = hw->priv;
8024 	struct ath10k_vif *arvif;
8025 	int ret = 0;
8026 
8027 	mutex_lock(&ar->conf_mutex);
8028 	list_for_each_entry(arvif, &ar->arvifs, list) {
8029 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %d rts threshold %d\n",
8030 			   arvif->vdev_id, value);
8031 
8032 		ret = ath10k_mac_set_rts(arvif, value);
8033 		if (ret) {
8034 			ath10k_warn(ar, "failed to set rts threshold for vdev %d: %d\n",
8035 				    arvif->vdev_id, ret);
8036 			break;
8037 		}
8038 	}
8039 	mutex_unlock(&ar->conf_mutex);
8040 
8041 	return ret;
8042 }
8043 
8044 static int ath10k_mac_op_set_frag_threshold(struct ieee80211_hw *hw, u32 value)
8045 {
8046 	/* Even though there's a WMI enum for fragmentation threshold no known
8047 	 * firmware actually implements it. Moreover it is not possible to rely
8048 	 * frame fragmentation to mac80211 because firmware clears the "more
8049 	 * fragments" bit in frame control making it impossible for remote
8050 	 * devices to reassemble frames.
8051 	 *
8052 	 * Hence implement a dummy callback just to say fragmentation isn't
8053 	 * supported. This effectively prevents mac80211 from doing frame
8054 	 * fragmentation in software.
8055 	 */
8056 	return -EOPNOTSUPP;
8057 }
8058 
8059 void ath10k_mac_wait_tx_complete(struct ath10k *ar)
8060 {
8061 	bool skip;
8062 	long time_left;
8063 
8064 	/* mac80211 doesn't care if we really xmit queued frames or not
8065 	 * we'll collect those frames either way if we stop/delete vdevs
8066 	 */
8067 
8068 	if (ar->state == ATH10K_STATE_WEDGED)
8069 		return;
8070 
8071 	time_left = wait_event_timeout(ar->htt.empty_tx_wq, ({
8072 			bool empty;
8073 
8074 			spin_lock_bh(&ar->htt.tx_lock);
8075 			empty = (ar->htt.num_pending_tx == 0);
8076 			spin_unlock_bh(&ar->htt.tx_lock);
8077 
8078 			skip = (ar->state == ATH10K_STATE_WEDGED) ||
8079 			       test_bit(ATH10K_FLAG_CRASH_FLUSH,
8080 					&ar->dev_flags);
8081 
8082 			(empty || skip);
8083 		}), ATH10K_FLUSH_TIMEOUT_HZ);
8084 
8085 	if (time_left == 0 || skip)
8086 		ath10k_warn(ar, "failed to flush transmit queue (skip %i ar-state %i): %ld\n",
8087 			    skip, ar->state, time_left);
8088 }
8089 
8090 static void ath10k_flush(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
8091 			 u32 queues, bool drop)
8092 {
8093 	struct ath10k *ar = hw->priv;
8094 	struct ath10k_vif *arvif;
8095 	u32 bitmap;
8096 
8097 	if (drop) {
8098 		if (vif && vif->type == NL80211_IFTYPE_STATION) {
8099 			bitmap = ~(1 << WMI_MGMT_TID);
8100 			list_for_each_entry(arvif, &ar->arvifs, list) {
8101 				if (arvif->vdev_type == WMI_VDEV_TYPE_STA)
8102 					ath10k_wmi_peer_flush(ar, arvif->vdev_id,
8103 							      arvif->bssid, bitmap);
8104 			}
8105 			ath10k_htt_flush_tx(&ar->htt);
8106 		}
8107 		return;
8108 	}
8109 
8110 	mutex_lock(&ar->conf_mutex);
8111 	ath10k_mac_wait_tx_complete(ar);
8112 	mutex_unlock(&ar->conf_mutex);
8113 }
8114 
8115 /* TODO: Implement this function properly
8116  * For now it is needed to reply to Probe Requests in IBSS mode.
8117  * Probably we need this information from FW.
8118  */
8119 static int ath10k_tx_last_beacon(struct ieee80211_hw *hw)
8120 {
8121 	return 1;
8122 }
8123 
8124 static void ath10k_reconfig_complete(struct ieee80211_hw *hw,
8125 				     enum ieee80211_reconfig_type reconfig_type)
8126 {
8127 	struct ath10k *ar = hw->priv;
8128 	struct ath10k_vif *arvif;
8129 
8130 	if (reconfig_type != IEEE80211_RECONFIG_TYPE_RESTART)
8131 		return;
8132 
8133 	mutex_lock(&ar->conf_mutex);
8134 
8135 	/* If device failed to restart it will be in a different state, e.g.
8136 	 * ATH10K_STATE_WEDGED
8137 	 */
8138 	if (ar->state == ATH10K_STATE_RESTARTED) {
8139 		ath10k_info(ar, "device successfully recovered\n");
8140 		ar->state = ATH10K_STATE_ON;
8141 		ieee80211_wake_queues(ar->hw);
8142 		clear_bit(ATH10K_FLAG_RESTARTING, &ar->dev_flags);
8143 		if (ar->hw_params.hw_restart_disconnect) {
8144 			list_for_each_entry(arvif, &ar->arvifs, list) {
8145 				if (arvif->is_up && arvif->vdev_type == WMI_VDEV_TYPE_STA)
8146 					ieee80211_hw_restart_disconnect(arvif->vif);
8147 				}
8148 		}
8149 	}
8150 
8151 	mutex_unlock(&ar->conf_mutex);
8152 }
8153 
8154 static void
8155 ath10k_mac_update_bss_chan_survey(struct ath10k *ar,
8156 				  struct ieee80211_channel *channel)
8157 {
8158 	int ret;
8159 	enum wmi_bss_survey_req_type type = WMI_BSS_SURVEY_REQ_TYPE_READ;
8160 
8161 	lockdep_assert_held(&ar->conf_mutex);
8162 
8163 	if (!test_bit(WMI_SERVICE_BSS_CHANNEL_INFO_64, ar->wmi.svc_map) ||
8164 	    (ar->rx_channel != channel))
8165 		return;
8166 
8167 	if (ar->scan.state != ATH10K_SCAN_IDLE) {
8168 		ath10k_dbg(ar, ATH10K_DBG_MAC, "ignoring bss chan info request while scanning..\n");
8169 		return;
8170 	}
8171 
8172 	reinit_completion(&ar->bss_survey_done);
8173 
8174 	ret = ath10k_wmi_pdev_bss_chan_info_request(ar, type);
8175 	if (ret) {
8176 		ath10k_warn(ar, "failed to send pdev bss chan info request\n");
8177 		return;
8178 	}
8179 
8180 	ret = wait_for_completion_timeout(&ar->bss_survey_done, 3 * HZ);
8181 	if (!ret) {
8182 		ath10k_warn(ar, "bss channel survey timed out\n");
8183 		return;
8184 	}
8185 }
8186 
8187 static int ath10k_get_survey(struct ieee80211_hw *hw, int idx,
8188 			     struct survey_info *survey)
8189 {
8190 	struct ath10k *ar = hw->priv;
8191 	struct ieee80211_supported_band *sband;
8192 	struct survey_info *ar_survey = &ar->survey[idx];
8193 	int ret = 0;
8194 
8195 	mutex_lock(&ar->conf_mutex);
8196 
8197 	sband = hw->wiphy->bands[NL80211_BAND_2GHZ];
8198 	if (sband && idx >= sband->n_channels) {
8199 		idx -= sband->n_channels;
8200 		sband = NULL;
8201 	}
8202 
8203 	if (!sband)
8204 		sband = hw->wiphy->bands[NL80211_BAND_5GHZ];
8205 
8206 	if (!sband || idx >= sband->n_channels) {
8207 		ret = -ENOENT;
8208 		goto exit;
8209 	}
8210 
8211 	ath10k_mac_update_bss_chan_survey(ar, &sband->channels[idx]);
8212 
8213 	spin_lock_bh(&ar->data_lock);
8214 	memcpy(survey, ar_survey, sizeof(*survey));
8215 	spin_unlock_bh(&ar->data_lock);
8216 
8217 	survey->channel = &sband->channels[idx];
8218 
8219 	if (ar->rx_channel == survey->channel)
8220 		survey->filled |= SURVEY_INFO_IN_USE;
8221 
8222 exit:
8223 	mutex_unlock(&ar->conf_mutex);
8224 	return ret;
8225 }
8226 
8227 static bool
8228 ath10k_mac_bitrate_mask_get_single_nss(struct ath10k *ar,
8229 				       enum nl80211_band band,
8230 				       const struct cfg80211_bitrate_mask *mask,
8231 				       int *nss)
8232 {
8233 	struct ieee80211_supported_band *sband = &ar->mac.sbands[band];
8234 	u16 vht_mcs_map = le16_to_cpu(sband->vht_cap.vht_mcs.tx_mcs_map);
8235 	u8 ht_nss_mask = 0;
8236 	u8 vht_nss_mask = 0;
8237 	int i;
8238 
8239 	if (mask->control[band].legacy)
8240 		return false;
8241 
8242 	for (i = 0; i < ARRAY_SIZE(mask->control[band].ht_mcs); i++) {
8243 		if (mask->control[band].ht_mcs[i] == 0)
8244 			continue;
8245 		else if (mask->control[band].ht_mcs[i] ==
8246 			 sband->ht_cap.mcs.rx_mask[i])
8247 			ht_nss_mask |= BIT(i);
8248 		else
8249 			return false;
8250 	}
8251 
8252 	for (i = 0; i < ARRAY_SIZE(mask->control[band].vht_mcs); i++) {
8253 		if (mask->control[band].vht_mcs[i] == 0)
8254 			continue;
8255 		else if (mask->control[band].vht_mcs[i] ==
8256 			 ath10k_mac_get_max_vht_mcs_map(vht_mcs_map, i))
8257 			vht_nss_mask |= BIT(i);
8258 		else
8259 			return false;
8260 	}
8261 
8262 	if (ht_nss_mask != vht_nss_mask)
8263 		return false;
8264 
8265 	if (ht_nss_mask == 0)
8266 		return false;
8267 
8268 	if (BIT(fls(ht_nss_mask)) - 1 != ht_nss_mask)
8269 		return false;
8270 
8271 	*nss = fls(ht_nss_mask);
8272 
8273 	return true;
8274 }
8275 
8276 static int ath10k_mac_set_fixed_rate_params(struct ath10k_vif *arvif,
8277 					    u8 rate, u8 nss, u8 sgi, u8 ldpc)
8278 {
8279 	struct ath10k *ar = arvif->ar;
8280 	u32 vdev_param;
8281 	int ret;
8282 
8283 	lockdep_assert_held(&ar->conf_mutex);
8284 
8285 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac set fixed rate params vdev %i rate 0x%02x nss %u sgi %u\n",
8286 		   arvif->vdev_id, rate, nss, sgi);
8287 
8288 	vdev_param = ar->wmi.vdev_param->fixed_rate;
8289 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param, rate);
8290 	if (ret) {
8291 		ath10k_warn(ar, "failed to set fixed rate param 0x%02x: %d\n",
8292 			    rate, ret);
8293 		return ret;
8294 	}
8295 
8296 	vdev_param = ar->wmi.vdev_param->nss;
8297 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param, nss);
8298 	if (ret) {
8299 		ath10k_warn(ar, "failed to set nss param %d: %d\n", nss, ret);
8300 		return ret;
8301 	}
8302 
8303 	vdev_param = ar->wmi.vdev_param->sgi;
8304 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param, sgi);
8305 	if (ret) {
8306 		ath10k_warn(ar, "failed to set sgi param %d: %d\n", sgi, ret);
8307 		return ret;
8308 	}
8309 
8310 	vdev_param = ar->wmi.vdev_param->ldpc;
8311 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param, ldpc);
8312 	if (ret) {
8313 		ath10k_warn(ar, "failed to set ldpc param %d: %d\n", ldpc, ret);
8314 		return ret;
8315 	}
8316 
8317 	return 0;
8318 }
8319 
8320 static bool
8321 ath10k_mac_can_set_bitrate_mask(struct ath10k *ar,
8322 				enum nl80211_band band,
8323 				const struct cfg80211_bitrate_mask *mask,
8324 				bool allow_pfr)
8325 {
8326 	int i;
8327 	u16 vht_mcs;
8328 
8329 	/* Due to firmware limitation in WMI_PEER_ASSOC_CMDID it is impossible
8330 	 * to express all VHT MCS rate masks. Effectively only the following
8331 	 * ranges can be used: none, 0-7, 0-8 and 0-9.
8332 	 */
8333 	for (i = 0; i < NL80211_VHT_NSS_MAX; i++) {
8334 		vht_mcs = mask->control[band].vht_mcs[i];
8335 
8336 		switch (vht_mcs) {
8337 		case 0:
8338 		case BIT(8) - 1:
8339 		case BIT(9) - 1:
8340 		case BIT(10) - 1:
8341 			break;
8342 		default:
8343 			if (!allow_pfr)
8344 				ath10k_warn(ar, "refusing bitrate mask with missing 0-7 VHT MCS rates\n");
8345 			return false;
8346 		}
8347 	}
8348 
8349 	return true;
8350 }
8351 
8352 static bool ath10k_mac_set_vht_bitrate_mask_fixup(struct ath10k *ar,
8353 						  struct ath10k_vif *arvif,
8354 						  struct ieee80211_sta *sta)
8355 {
8356 	int err;
8357 	u8 rate = arvif->vht_pfr;
8358 
8359 	/* skip non vht and multiple rate peers */
8360 	if (!sta->deflink.vht_cap.vht_supported || arvif->vht_num_rates != 1)
8361 		return false;
8362 
8363 	err = ath10k_wmi_peer_set_param(ar, arvif->vdev_id, sta->addr,
8364 					WMI_PEER_PARAM_FIXED_RATE, rate);
8365 	if (err)
8366 		ath10k_warn(ar, "failed to enable STA %pM peer fixed rate: %d\n",
8367 			    sta->addr, err);
8368 
8369 	return true;
8370 }
8371 
8372 static void ath10k_mac_set_bitrate_mask_iter(void *data,
8373 					     struct ieee80211_sta *sta)
8374 {
8375 	struct ath10k_vif *arvif = data;
8376 	struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
8377 	struct ath10k *ar = arvif->ar;
8378 
8379 	if (arsta->arvif != arvif)
8380 		return;
8381 
8382 	if (ath10k_mac_set_vht_bitrate_mask_fixup(ar, arvif, sta))
8383 		return;
8384 
8385 	spin_lock_bh(&ar->data_lock);
8386 	arsta->changed |= IEEE80211_RC_SUPP_RATES_CHANGED;
8387 	spin_unlock_bh(&ar->data_lock);
8388 
8389 	ieee80211_queue_work(ar->hw, &arsta->update_wk);
8390 }
8391 
8392 static void ath10k_mac_clr_bitrate_mask_iter(void *data,
8393 					     struct ieee80211_sta *sta)
8394 {
8395 	struct ath10k_vif *arvif = data;
8396 	struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
8397 	struct ath10k *ar = arvif->ar;
8398 	int err;
8399 
8400 	/* clear vht peers only */
8401 	if (arsta->arvif != arvif || !sta->deflink.vht_cap.vht_supported)
8402 		return;
8403 
8404 	err = ath10k_wmi_peer_set_param(ar, arvif->vdev_id, sta->addr,
8405 					WMI_PEER_PARAM_FIXED_RATE,
8406 					WMI_FIXED_RATE_NONE);
8407 	if (err)
8408 		ath10k_warn(ar, "failed to clear STA %pM peer fixed rate: %d\n",
8409 			    sta->addr, err);
8410 }
8411 
8412 static int ath10k_mac_op_set_bitrate_mask(struct ieee80211_hw *hw,
8413 					  struct ieee80211_vif *vif,
8414 					  const struct cfg80211_bitrate_mask *mask)
8415 {
8416 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
8417 	struct cfg80211_chan_def def;
8418 	struct ath10k *ar = arvif->ar;
8419 	enum nl80211_band band;
8420 	const u8 *ht_mcs_mask;
8421 	const u16 *vht_mcs_mask;
8422 	u8 rate;
8423 	u8 nss;
8424 	u8 sgi;
8425 	u8 ldpc;
8426 	int single_nss;
8427 	int ret;
8428 	int vht_num_rates, allow_pfr;
8429 	u8 vht_pfr;
8430 	bool update_bitrate_mask = true;
8431 
8432 	if (ath10k_mac_vif_chan(vif, &def))
8433 		return -EPERM;
8434 
8435 	band = def.chan->band;
8436 	ht_mcs_mask = mask->control[band].ht_mcs;
8437 	vht_mcs_mask = mask->control[band].vht_mcs;
8438 	ldpc = !!(ar->ht_cap_info & WMI_HT_CAP_LDPC);
8439 
8440 	sgi = mask->control[band].gi;
8441 	if (sgi == NL80211_TXRATE_FORCE_LGI)
8442 		return -EINVAL;
8443 
8444 	allow_pfr = test_bit(ATH10K_FW_FEATURE_PEER_FIXED_RATE,
8445 			     ar->normal_mode_fw.fw_file.fw_features);
8446 	if (allow_pfr) {
8447 		mutex_lock(&ar->conf_mutex);
8448 		ieee80211_iterate_stations_atomic(ar->hw,
8449 						  ath10k_mac_clr_bitrate_mask_iter,
8450 						  arvif);
8451 		mutex_unlock(&ar->conf_mutex);
8452 	}
8453 
8454 	if (ath10k_mac_bitrate_mask_has_single_rate(ar, band, mask,
8455 						    &vht_num_rates)) {
8456 		ret = ath10k_mac_bitrate_mask_get_single_rate(ar, band, mask,
8457 							      &rate, &nss,
8458 							      false);
8459 		if (ret) {
8460 			ath10k_warn(ar, "failed to get single rate for vdev %i: %d\n",
8461 				    arvif->vdev_id, ret);
8462 			return ret;
8463 		}
8464 	} else if (ath10k_mac_bitrate_mask_get_single_nss(ar, band, mask,
8465 							  &single_nss)) {
8466 		rate = WMI_FIXED_RATE_NONE;
8467 		nss = single_nss;
8468 	} else {
8469 		rate = WMI_FIXED_RATE_NONE;
8470 		nss = min(ar->num_rf_chains,
8471 			  max(ath10k_mac_max_ht_nss(ht_mcs_mask),
8472 			      ath10k_mac_max_vht_nss(vht_mcs_mask)));
8473 
8474 		if (!ath10k_mac_can_set_bitrate_mask(ar, band, mask,
8475 						     allow_pfr)) {
8476 			u8 vht_nss;
8477 
8478 			if (!allow_pfr || vht_num_rates != 1)
8479 				return -EINVAL;
8480 
8481 			/* Reach here, firmware supports peer fixed rate and has
8482 			 * single vht rate, and don't update vif birate_mask, as
8483 			 * the rate only for specific peer.
8484 			 */
8485 			ath10k_mac_bitrate_mask_get_single_rate(ar, band, mask,
8486 								&vht_pfr,
8487 								&vht_nss,
8488 								true);
8489 			update_bitrate_mask = false;
8490 		} else {
8491 			vht_pfr = 0;
8492 		}
8493 
8494 		mutex_lock(&ar->conf_mutex);
8495 
8496 		if (update_bitrate_mask)
8497 			arvif->bitrate_mask = *mask;
8498 		arvif->vht_num_rates = vht_num_rates;
8499 		arvif->vht_pfr = vht_pfr;
8500 		ieee80211_iterate_stations_atomic(ar->hw,
8501 						  ath10k_mac_set_bitrate_mask_iter,
8502 						  arvif);
8503 
8504 		mutex_unlock(&ar->conf_mutex);
8505 	}
8506 
8507 	mutex_lock(&ar->conf_mutex);
8508 
8509 	ret = ath10k_mac_set_fixed_rate_params(arvif, rate, nss, sgi, ldpc);
8510 	if (ret) {
8511 		ath10k_warn(ar, "failed to set fixed rate params on vdev %i: %d\n",
8512 			    arvif->vdev_id, ret);
8513 		goto exit;
8514 	}
8515 
8516 exit:
8517 	mutex_unlock(&ar->conf_mutex);
8518 
8519 	return ret;
8520 }
8521 
8522 static void ath10k_sta_rc_update(struct ieee80211_hw *hw,
8523 				 struct ieee80211_vif *vif,
8524 				 struct ieee80211_link_sta *link_sta,
8525 				 u32 changed)
8526 {
8527 	struct ieee80211_sta *sta = link_sta->sta;
8528 	struct ath10k *ar = hw->priv;
8529 	struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
8530 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
8531 	struct ath10k_peer *peer;
8532 	u32 bw, smps;
8533 
8534 	spin_lock_bh(&ar->data_lock);
8535 
8536 	peer = ath10k_peer_find(ar, arvif->vdev_id, sta->addr);
8537 	if (!peer) {
8538 		spin_unlock_bh(&ar->data_lock);
8539 		ath10k_warn(ar, "mac sta rc update failed to find peer %pM on vdev %i\n",
8540 			    sta->addr, arvif->vdev_id);
8541 		return;
8542 	}
8543 
8544 	ath10k_dbg(ar, ATH10K_DBG_STA,
8545 		   "mac sta rc update for %pM changed %08x bw %d nss %d smps %d\n",
8546 		   sta->addr, changed, sta->deflink.bandwidth,
8547 		   sta->deflink.rx_nss,
8548 		   sta->deflink.smps_mode);
8549 
8550 	if (changed & IEEE80211_RC_BW_CHANGED) {
8551 		bw = WMI_PEER_CHWIDTH_20MHZ;
8552 
8553 		switch (sta->deflink.bandwidth) {
8554 		case IEEE80211_STA_RX_BW_20:
8555 			bw = WMI_PEER_CHWIDTH_20MHZ;
8556 			break;
8557 		case IEEE80211_STA_RX_BW_40:
8558 			bw = WMI_PEER_CHWIDTH_40MHZ;
8559 			break;
8560 		case IEEE80211_STA_RX_BW_80:
8561 			bw = WMI_PEER_CHWIDTH_80MHZ;
8562 			break;
8563 		case IEEE80211_STA_RX_BW_160:
8564 			bw = WMI_PEER_CHWIDTH_160MHZ;
8565 			break;
8566 		default:
8567 			ath10k_warn(ar, "Invalid bandwidth %d in rc update for %pM\n",
8568 				    sta->deflink.bandwidth, sta->addr);
8569 			bw = WMI_PEER_CHWIDTH_20MHZ;
8570 			break;
8571 		}
8572 
8573 		arsta->bw = bw;
8574 	}
8575 
8576 	if (changed & IEEE80211_RC_NSS_CHANGED)
8577 		arsta->nss = sta->deflink.rx_nss;
8578 
8579 	if (changed & IEEE80211_RC_SMPS_CHANGED) {
8580 		smps = WMI_PEER_SMPS_PS_NONE;
8581 
8582 		switch (sta->deflink.smps_mode) {
8583 		case IEEE80211_SMPS_AUTOMATIC:
8584 		case IEEE80211_SMPS_OFF:
8585 			smps = WMI_PEER_SMPS_PS_NONE;
8586 			break;
8587 		case IEEE80211_SMPS_STATIC:
8588 			smps = WMI_PEER_SMPS_STATIC;
8589 			break;
8590 		case IEEE80211_SMPS_DYNAMIC:
8591 			smps = WMI_PEER_SMPS_DYNAMIC;
8592 			break;
8593 		case IEEE80211_SMPS_NUM_MODES:
8594 			ath10k_warn(ar, "Invalid smps %d in sta rc update for %pM\n",
8595 				    sta->deflink.smps_mode, sta->addr);
8596 			smps = WMI_PEER_SMPS_PS_NONE;
8597 			break;
8598 		}
8599 
8600 		arsta->smps = smps;
8601 	}
8602 
8603 	arsta->changed |= changed;
8604 
8605 	spin_unlock_bh(&ar->data_lock);
8606 
8607 	ieee80211_queue_work(hw, &arsta->update_wk);
8608 }
8609 
8610 static void ath10k_offset_tsf(struct ieee80211_hw *hw,
8611 			      struct ieee80211_vif *vif, s64 tsf_offset)
8612 {
8613 	struct ath10k *ar = hw->priv;
8614 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
8615 	u32 offset, vdev_param;
8616 	int ret;
8617 
8618 	if (tsf_offset < 0) {
8619 		vdev_param = ar->wmi.vdev_param->dec_tsf;
8620 		offset = -tsf_offset;
8621 	} else {
8622 		vdev_param = ar->wmi.vdev_param->inc_tsf;
8623 		offset = tsf_offset;
8624 	}
8625 
8626 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id,
8627 					vdev_param, offset);
8628 
8629 	if (ret && ret != -EOPNOTSUPP)
8630 		ath10k_warn(ar, "failed to set tsf offset %d cmd %d: %d\n",
8631 			    offset, vdev_param, ret);
8632 }
8633 
8634 static int ath10k_ampdu_action(struct ieee80211_hw *hw,
8635 			       struct ieee80211_vif *vif,
8636 			       struct ieee80211_ampdu_params *params)
8637 {
8638 	struct ath10k *ar = hw->priv;
8639 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
8640 	struct ieee80211_sta *sta = params->sta;
8641 	enum ieee80211_ampdu_mlme_action action = params->action;
8642 	u16 tid = params->tid;
8643 
8644 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac ampdu vdev_id %i sta %pM tid %u action %d\n",
8645 		   arvif->vdev_id, sta->addr, tid, action);
8646 
8647 	switch (action) {
8648 	case IEEE80211_AMPDU_RX_START:
8649 	case IEEE80211_AMPDU_RX_STOP:
8650 		/* HTT AddBa/DelBa events trigger mac80211 Rx BA session
8651 		 * creation/removal. Do we need to verify this?
8652 		 */
8653 		return 0;
8654 	case IEEE80211_AMPDU_TX_START:
8655 	case IEEE80211_AMPDU_TX_STOP_CONT:
8656 	case IEEE80211_AMPDU_TX_STOP_FLUSH:
8657 	case IEEE80211_AMPDU_TX_STOP_FLUSH_CONT:
8658 	case IEEE80211_AMPDU_TX_OPERATIONAL:
8659 		/* Firmware offloads Tx aggregation entirely so deny mac80211
8660 		 * Tx aggregation requests.
8661 		 */
8662 		return -EOPNOTSUPP;
8663 	}
8664 
8665 	return -EINVAL;
8666 }
8667 
8668 static void
8669 ath10k_mac_update_rx_channel(struct ath10k *ar,
8670 			     struct ieee80211_chanctx_conf *ctx,
8671 			     struct ieee80211_vif_chanctx_switch *vifs,
8672 			     int n_vifs)
8673 {
8674 	struct cfg80211_chan_def *def = NULL;
8675 
8676 	/* Both locks are required because ar->rx_channel is modified. This
8677 	 * allows readers to hold either lock.
8678 	 */
8679 	lockdep_assert_held(&ar->conf_mutex);
8680 	lockdep_assert_held(&ar->data_lock);
8681 
8682 	WARN_ON(ctx && vifs);
8683 	WARN_ON(vifs && !n_vifs);
8684 
8685 	/* FIXME: Sort of an optimization and a workaround. Peers and vifs are
8686 	 * on a linked list now. Doing a lookup peer -> vif -> chanctx for each
8687 	 * ppdu on Rx may reduce performance on low-end systems. It should be
8688 	 * possible to make tables/hashmaps to speed the lookup up (be vary of
8689 	 * cpu data cache lines though regarding sizes) but to keep the initial
8690 	 * implementation simple and less intrusive fallback to the slow lookup
8691 	 * only for multi-channel cases. Single-channel cases will remain to
8692 	 * use the old channel derival and thus performance should not be
8693 	 * affected much.
8694 	 */
8695 	rcu_read_lock();
8696 	if (!ctx && ath10k_mac_num_chanctxs(ar) == 1) {
8697 		ieee80211_iter_chan_contexts_atomic(ar->hw,
8698 						    ath10k_mac_get_any_chandef_iter,
8699 						    &def);
8700 
8701 		if (vifs)
8702 			def = &vifs[0].new_ctx->def;
8703 
8704 		ar->rx_channel = def->chan;
8705 	} else if ((ctx && ath10k_mac_num_chanctxs(ar) == 0) ||
8706 		   (ctx && (ar->state == ATH10K_STATE_RESTARTED))) {
8707 		/* During driver restart due to firmware assert, since mac80211
8708 		 * already has valid channel context for given radio, channel
8709 		 * context iteration return num_chanctx > 0. So fix rx_channel
8710 		 * when restart is in progress.
8711 		 */
8712 		ar->rx_channel = ctx->def.chan;
8713 	} else {
8714 		ar->rx_channel = NULL;
8715 	}
8716 	rcu_read_unlock();
8717 }
8718 
8719 static void
8720 ath10k_mac_update_vif_chan(struct ath10k *ar,
8721 			   struct ieee80211_vif_chanctx_switch *vifs,
8722 			   int n_vifs)
8723 {
8724 	struct ath10k_vif *arvif;
8725 	int ret;
8726 	int i;
8727 
8728 	lockdep_assert_held(&ar->conf_mutex);
8729 
8730 	/* First stop monitor interface. Some FW versions crash if there's a
8731 	 * lone monitor interface.
8732 	 */
8733 	if (ar->monitor_started)
8734 		ath10k_monitor_stop(ar);
8735 
8736 	for (i = 0; i < n_vifs; i++) {
8737 		arvif = (void *)vifs[i].vif->drv_priv;
8738 
8739 		ath10k_dbg(ar, ATH10K_DBG_MAC,
8740 			   "mac chanctx switch vdev_id %i freq %u->%u width %d->%d\n",
8741 			   arvif->vdev_id,
8742 			   vifs[i].old_ctx->def.chan->center_freq,
8743 			   vifs[i].new_ctx->def.chan->center_freq,
8744 			   vifs[i].old_ctx->def.width,
8745 			   vifs[i].new_ctx->def.width);
8746 
8747 		if (WARN_ON(!arvif->is_started))
8748 			continue;
8749 
8750 		if (WARN_ON(!arvif->is_up))
8751 			continue;
8752 
8753 		ret = ath10k_wmi_vdev_down(ar, arvif->vdev_id);
8754 		if (ret) {
8755 			ath10k_warn(ar, "failed to down vdev %d: %d\n",
8756 				    arvif->vdev_id, ret);
8757 			continue;
8758 		}
8759 	}
8760 
8761 	/* All relevant vdevs are downed and associated channel resources
8762 	 * should be available for the channel switch now.
8763 	 */
8764 
8765 	spin_lock_bh(&ar->data_lock);
8766 	ath10k_mac_update_rx_channel(ar, NULL, vifs, n_vifs);
8767 	spin_unlock_bh(&ar->data_lock);
8768 
8769 	for (i = 0; i < n_vifs; i++) {
8770 		arvif = (void *)vifs[i].vif->drv_priv;
8771 
8772 		if (WARN_ON(!arvif->is_started))
8773 			continue;
8774 
8775 		if (WARN_ON(!arvif->is_up))
8776 			continue;
8777 
8778 		ret = ath10k_mac_setup_bcn_tmpl(arvif);
8779 		if (ret)
8780 			ath10k_warn(ar, "failed to update bcn tmpl during csa: %d\n",
8781 				    ret);
8782 
8783 		ret = ath10k_mac_setup_prb_tmpl(arvif);
8784 		if (ret)
8785 			ath10k_warn(ar, "failed to update prb tmpl during csa: %d\n",
8786 				    ret);
8787 
8788 		ret = ath10k_vdev_restart(arvif, &vifs[i].new_ctx->def);
8789 		if (ret) {
8790 			ath10k_warn(ar, "failed to restart vdev %d: %d\n",
8791 				    arvif->vdev_id, ret);
8792 			continue;
8793 		}
8794 
8795 		ret = ath10k_wmi_vdev_up(arvif->ar, arvif->vdev_id, arvif->aid,
8796 					 arvif->bssid);
8797 		if (ret) {
8798 			ath10k_warn(ar, "failed to bring vdev up %d: %d\n",
8799 				    arvif->vdev_id, ret);
8800 			continue;
8801 		}
8802 	}
8803 
8804 	ath10k_monitor_recalc(ar);
8805 }
8806 
8807 static int
8808 ath10k_mac_op_add_chanctx(struct ieee80211_hw *hw,
8809 			  struct ieee80211_chanctx_conf *ctx)
8810 {
8811 	struct ath10k *ar = hw->priv;
8812 
8813 	ath10k_dbg(ar, ATH10K_DBG_MAC,
8814 		   "mac chanctx add freq %u width %d ptr %pK\n",
8815 		   ctx->def.chan->center_freq, ctx->def.width, ctx);
8816 
8817 	mutex_lock(&ar->conf_mutex);
8818 
8819 	spin_lock_bh(&ar->data_lock);
8820 	ath10k_mac_update_rx_channel(ar, ctx, NULL, 0);
8821 	spin_unlock_bh(&ar->data_lock);
8822 
8823 	ath10k_recalc_radar_detection(ar);
8824 	ath10k_monitor_recalc(ar);
8825 
8826 	mutex_unlock(&ar->conf_mutex);
8827 
8828 	return 0;
8829 }
8830 
8831 static void
8832 ath10k_mac_op_remove_chanctx(struct ieee80211_hw *hw,
8833 			     struct ieee80211_chanctx_conf *ctx)
8834 {
8835 	struct ath10k *ar = hw->priv;
8836 
8837 	ath10k_dbg(ar, ATH10K_DBG_MAC,
8838 		   "mac chanctx remove freq %u width %d ptr %pK\n",
8839 		   ctx->def.chan->center_freq, ctx->def.width, ctx);
8840 
8841 	mutex_lock(&ar->conf_mutex);
8842 
8843 	spin_lock_bh(&ar->data_lock);
8844 	ath10k_mac_update_rx_channel(ar, NULL, NULL, 0);
8845 	spin_unlock_bh(&ar->data_lock);
8846 
8847 	ath10k_recalc_radar_detection(ar);
8848 	ath10k_monitor_recalc(ar);
8849 
8850 	mutex_unlock(&ar->conf_mutex);
8851 }
8852 
8853 struct ath10k_mac_change_chanctx_arg {
8854 	struct ieee80211_chanctx_conf *ctx;
8855 	struct ieee80211_vif_chanctx_switch *vifs;
8856 	int n_vifs;
8857 	int next_vif;
8858 };
8859 
8860 static void
8861 ath10k_mac_change_chanctx_cnt_iter(void *data, u8 *mac,
8862 				   struct ieee80211_vif *vif)
8863 {
8864 	struct ath10k_mac_change_chanctx_arg *arg = data;
8865 
8866 	if (rcu_access_pointer(vif->bss_conf.chanctx_conf) != arg->ctx)
8867 		return;
8868 
8869 	arg->n_vifs++;
8870 }
8871 
8872 static void
8873 ath10k_mac_change_chanctx_fill_iter(void *data, u8 *mac,
8874 				    struct ieee80211_vif *vif)
8875 {
8876 	struct ath10k_mac_change_chanctx_arg *arg = data;
8877 	struct ieee80211_chanctx_conf *ctx;
8878 
8879 	ctx = rcu_access_pointer(vif->bss_conf.chanctx_conf);
8880 	if (ctx != arg->ctx)
8881 		return;
8882 
8883 	if (WARN_ON(arg->next_vif == arg->n_vifs))
8884 		return;
8885 
8886 	arg->vifs[arg->next_vif].vif = vif;
8887 	arg->vifs[arg->next_vif].old_ctx = ctx;
8888 	arg->vifs[arg->next_vif].new_ctx = ctx;
8889 	arg->next_vif++;
8890 }
8891 
8892 static void
8893 ath10k_mac_op_change_chanctx(struct ieee80211_hw *hw,
8894 			     struct ieee80211_chanctx_conf *ctx,
8895 			     u32 changed)
8896 {
8897 	struct ath10k *ar = hw->priv;
8898 	struct ath10k_mac_change_chanctx_arg arg = { .ctx = ctx };
8899 
8900 	mutex_lock(&ar->conf_mutex);
8901 
8902 	ath10k_dbg(ar, ATH10K_DBG_MAC,
8903 		   "mac chanctx change freq %u width %d ptr %pK changed %x\n",
8904 		   ctx->def.chan->center_freq, ctx->def.width, ctx, changed);
8905 
8906 	/* This shouldn't really happen because channel switching should use
8907 	 * switch_vif_chanctx().
8908 	 */
8909 	if (WARN_ON(changed & IEEE80211_CHANCTX_CHANGE_CHANNEL))
8910 		goto unlock;
8911 
8912 	if (changed & IEEE80211_CHANCTX_CHANGE_WIDTH) {
8913 		ieee80211_iterate_active_interfaces_atomic(
8914 					hw,
8915 					ATH10K_ITER_NORMAL_FLAGS,
8916 					ath10k_mac_change_chanctx_cnt_iter,
8917 					&arg);
8918 		if (arg.n_vifs == 0)
8919 			goto radar;
8920 
8921 		arg.vifs = kcalloc(arg.n_vifs, sizeof(arg.vifs[0]),
8922 				   GFP_KERNEL);
8923 		if (!arg.vifs)
8924 			goto radar;
8925 
8926 		ieee80211_iterate_active_interfaces_atomic(
8927 					hw,
8928 					ATH10K_ITER_NORMAL_FLAGS,
8929 					ath10k_mac_change_chanctx_fill_iter,
8930 					&arg);
8931 		ath10k_mac_update_vif_chan(ar, arg.vifs, arg.n_vifs);
8932 		kfree(arg.vifs);
8933 	}
8934 
8935 radar:
8936 	ath10k_recalc_radar_detection(ar);
8937 
8938 	/* FIXME: How to configure Rx chains properly? */
8939 
8940 	/* No other actions are actually necessary. Firmware maintains channel
8941 	 * definitions per vdev internally and there's no host-side channel
8942 	 * context abstraction to configure, e.g. channel width.
8943 	 */
8944 
8945 unlock:
8946 	mutex_unlock(&ar->conf_mutex);
8947 }
8948 
8949 static int
8950 ath10k_mac_op_assign_vif_chanctx(struct ieee80211_hw *hw,
8951 				 struct ieee80211_vif *vif,
8952 				 struct ieee80211_bss_conf *link_conf,
8953 				 struct ieee80211_chanctx_conf *ctx)
8954 {
8955 	struct ath10k *ar = hw->priv;
8956 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
8957 	int ret;
8958 
8959 	mutex_lock(&ar->conf_mutex);
8960 
8961 	ath10k_dbg(ar, ATH10K_DBG_MAC,
8962 		   "mac chanctx assign ptr %pK vdev_id %i\n",
8963 		   ctx, arvif->vdev_id);
8964 
8965 	if (WARN_ON(arvif->is_started)) {
8966 		mutex_unlock(&ar->conf_mutex);
8967 		return -EBUSY;
8968 	}
8969 
8970 	ret = ath10k_vdev_start(arvif, &ctx->def);
8971 	if (ret) {
8972 		ath10k_warn(ar, "failed to start vdev %i addr %pM on freq %d: %d\n",
8973 			    arvif->vdev_id, vif->addr,
8974 			    ctx->def.chan->center_freq, ret);
8975 		goto err;
8976 	}
8977 
8978 	arvif->is_started = true;
8979 
8980 	ret = ath10k_mac_vif_setup_ps(arvif);
8981 	if (ret) {
8982 		ath10k_warn(ar, "failed to update vdev %i ps: %d\n",
8983 			    arvif->vdev_id, ret);
8984 		goto err_stop;
8985 	}
8986 
8987 	if (vif->type == NL80211_IFTYPE_MONITOR) {
8988 		ret = ath10k_wmi_vdev_up(ar, arvif->vdev_id, 0, vif->addr);
8989 		if (ret) {
8990 			ath10k_warn(ar, "failed to up monitor vdev %i: %d\n",
8991 				    arvif->vdev_id, ret);
8992 			goto err_stop;
8993 		}
8994 
8995 		arvif->is_up = true;
8996 	}
8997 
8998 	if (ath10k_mac_can_set_cts_prot(arvif)) {
8999 		ret = ath10k_mac_set_cts_prot(arvif);
9000 		if (ret)
9001 			ath10k_warn(ar, "failed to set cts protection for vdev %d: %d\n",
9002 				    arvif->vdev_id, ret);
9003 	}
9004 
9005 	if (ath10k_peer_stats_enabled(ar) &&
9006 	    ar->hw_params.tx_stats_over_pktlog) {
9007 		ar->pktlog_filter |= ATH10K_PKTLOG_PEER_STATS;
9008 		ret = ath10k_wmi_pdev_pktlog_enable(ar,
9009 						    ar->pktlog_filter);
9010 		if (ret) {
9011 			ath10k_warn(ar, "failed to enable pktlog %d\n", ret);
9012 			goto err_stop;
9013 		}
9014 	}
9015 
9016 	mutex_unlock(&ar->conf_mutex);
9017 	return 0;
9018 
9019 err_stop:
9020 	ath10k_vdev_stop(arvif);
9021 	arvif->is_started = false;
9022 	ath10k_mac_vif_setup_ps(arvif);
9023 
9024 err:
9025 	mutex_unlock(&ar->conf_mutex);
9026 	return ret;
9027 }
9028 
9029 static void
9030 ath10k_mac_op_unassign_vif_chanctx(struct ieee80211_hw *hw,
9031 				   struct ieee80211_vif *vif,
9032 				   struct ieee80211_bss_conf *link_conf,
9033 				   struct ieee80211_chanctx_conf *ctx)
9034 {
9035 	struct ath10k *ar = hw->priv;
9036 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
9037 	int ret;
9038 
9039 	mutex_lock(&ar->conf_mutex);
9040 
9041 	ath10k_dbg(ar, ATH10K_DBG_MAC,
9042 		   "mac chanctx unassign ptr %pK vdev_id %i\n",
9043 		   ctx, arvif->vdev_id);
9044 
9045 	WARN_ON(!arvif->is_started);
9046 
9047 	if (vif->type == NL80211_IFTYPE_MONITOR) {
9048 		WARN_ON(!arvif->is_up);
9049 
9050 		ret = ath10k_wmi_vdev_down(ar, arvif->vdev_id);
9051 		if (ret)
9052 			ath10k_warn(ar, "failed to down monitor vdev %i: %d\n",
9053 				    arvif->vdev_id, ret);
9054 
9055 		arvif->is_up = false;
9056 	}
9057 
9058 	ret = ath10k_vdev_stop(arvif);
9059 	if (ret)
9060 		ath10k_warn(ar, "failed to stop vdev %i: %d\n",
9061 			    arvif->vdev_id, ret);
9062 
9063 	arvif->is_started = false;
9064 
9065 	mutex_unlock(&ar->conf_mutex);
9066 }
9067 
9068 static int
9069 ath10k_mac_op_switch_vif_chanctx(struct ieee80211_hw *hw,
9070 				 struct ieee80211_vif_chanctx_switch *vifs,
9071 				 int n_vifs,
9072 				 enum ieee80211_chanctx_switch_mode mode)
9073 {
9074 	struct ath10k *ar = hw->priv;
9075 
9076 	mutex_lock(&ar->conf_mutex);
9077 
9078 	ath10k_dbg(ar, ATH10K_DBG_MAC,
9079 		   "mac chanctx switch n_vifs %d mode %d\n",
9080 		   n_vifs, mode);
9081 	ath10k_mac_update_vif_chan(ar, vifs, n_vifs);
9082 
9083 	mutex_unlock(&ar->conf_mutex);
9084 	return 0;
9085 }
9086 
9087 static void ath10k_mac_op_sta_pre_rcu_remove(struct ieee80211_hw *hw,
9088 					     struct ieee80211_vif *vif,
9089 					     struct ieee80211_sta *sta)
9090 {
9091 	struct ath10k *ar;
9092 	struct ath10k_peer *peer;
9093 
9094 	ar = hw->priv;
9095 
9096 	list_for_each_entry(peer, &ar->peers, list)
9097 		if (peer->sta == sta)
9098 			peer->removed = true;
9099 }
9100 
9101 /* HT MCS parameters with Nss = 1 */
9102 static const struct ath10k_index_ht_data_rate_type supported_ht_mcs_rate_nss1[] = {
9103 	/* MCS  L20   L40   S20  S40 */
9104 	{0,  { 65,  135,  72,  150} },
9105 	{1,  { 130, 270,  144, 300} },
9106 	{2,  { 195, 405,  217, 450} },
9107 	{3,  { 260, 540,  289, 600} },
9108 	{4,  { 390, 810,  433, 900} },
9109 	{5,  { 520, 1080, 578, 1200} },
9110 	{6,  { 585, 1215, 650, 1350} },
9111 	{7,  { 650, 1350, 722, 1500} }
9112 };
9113 
9114 /* HT MCS parameters with Nss = 2 */
9115 static const struct ath10k_index_ht_data_rate_type supported_ht_mcs_rate_nss2[] = {
9116 	/* MCS  L20    L40   S20   S40 */
9117 	{0,  {130,  270,  144,  300} },
9118 	{1,  {260,  540,  289,  600} },
9119 	{2,  {390,  810,  433,  900} },
9120 	{3,  {520,  1080, 578,  1200} },
9121 	{4,  {780,  1620, 867,  1800} },
9122 	{5,  {1040, 2160, 1156, 2400} },
9123 	{6,  {1170, 2430, 1300, 2700} },
9124 	{7,  {1300, 2700, 1444, 3000} }
9125 };
9126 
9127 /* MCS parameters with Nss = 1 */
9128 static const struct ath10k_index_vht_data_rate_type supported_vht_mcs_rate_nss1[] = {
9129 	/* MCS  L80    S80     L40   S40    L20   S20 */
9130 	{0,  {293,  325},  {135,  150},  {65,   72} },
9131 	{1,  {585,  650},  {270,  300},  {130,  144} },
9132 	{2,  {878,  975},  {405,  450},  {195,  217} },
9133 	{3,  {1170, 1300}, {540,  600},  {260,  289} },
9134 	{4,  {1755, 1950}, {810,  900},  {390,  433} },
9135 	{5,  {2340, 2600}, {1080, 1200}, {520,  578} },
9136 	{6,  {2633, 2925}, {1215, 1350}, {585,  650} },
9137 	{7,  {2925, 3250}, {1350, 1500}, {650,  722} },
9138 	{8,  {3510, 3900}, {1620, 1800}, {780,  867} },
9139 	{9,  {3900, 4333}, {1800, 2000}, {865,  960} }
9140 };
9141 
9142 /*MCS parameters with Nss = 2 */
9143 static const struct ath10k_index_vht_data_rate_type supported_vht_mcs_rate_nss2[] = {
9144 	/* MCS  L80    S80     L40   S40    L20   S20 */
9145 	{0,  {585,  650},  {270,  300},  {130,  144} },
9146 	{1,  {1170, 1300}, {540,  600},  {260,  289} },
9147 	{2,  {1755, 1950}, {810,  900},  {390,  433} },
9148 	{3,  {2340, 2600}, {1080, 1200}, {520,  578} },
9149 	{4,  {3510, 3900}, {1620, 1800}, {780,  867} },
9150 	{5,  {4680, 5200}, {2160, 2400}, {1040, 1156} },
9151 	{6,  {5265, 5850}, {2430, 2700}, {1170, 1300} },
9152 	{7,  {5850, 6500}, {2700, 3000}, {1300, 1444} },
9153 	{8,  {7020, 7800}, {3240, 3600}, {1560, 1733} },
9154 	{9,  {7800, 8667}, {3600, 4000}, {1730, 1920} }
9155 };
9156 
9157 static void ath10k_mac_get_rate_flags_ht(struct ath10k *ar, u32 rate, u8 nss, u8 mcs,
9158 					 u8 *flags, u8 *bw)
9159 {
9160 	struct ath10k_index_ht_data_rate_type *mcs_rate;
9161 	u8 index;
9162 	size_t len_nss1 = ARRAY_SIZE(supported_ht_mcs_rate_nss1);
9163 	size_t len_nss2 = ARRAY_SIZE(supported_ht_mcs_rate_nss2);
9164 
9165 	if (mcs >= (len_nss1 + len_nss2)) {
9166 		ath10k_warn(ar, "not supported mcs %d in current rate table", mcs);
9167 		return;
9168 	}
9169 
9170 	mcs_rate = (struct ath10k_index_ht_data_rate_type *)
9171 		   ((nss == 1) ? &supported_ht_mcs_rate_nss1 :
9172 		   &supported_ht_mcs_rate_nss2);
9173 
9174 	if (mcs >= len_nss1)
9175 		index = mcs - len_nss1;
9176 	else
9177 		index = mcs;
9178 
9179 	if (rate == mcs_rate[index].supported_rate[0]) {
9180 		*bw = RATE_INFO_BW_20;
9181 	} else if (rate == mcs_rate[index].supported_rate[1]) {
9182 		*bw |= RATE_INFO_BW_40;
9183 	} else if (rate == mcs_rate[index].supported_rate[2]) {
9184 		*bw |= RATE_INFO_BW_20;
9185 		*flags |= RATE_INFO_FLAGS_SHORT_GI;
9186 	} else if (rate == mcs_rate[index].supported_rate[3]) {
9187 		*bw |= RATE_INFO_BW_40;
9188 		*flags |= RATE_INFO_FLAGS_SHORT_GI;
9189 	} else {
9190 		ath10k_warn(ar, "invalid ht params rate %d 100kbps nss %d mcs %d",
9191 			    rate, nss, mcs);
9192 	}
9193 }
9194 
9195 static void ath10k_mac_get_rate_flags_vht(struct ath10k *ar, u32 rate, u8 nss, u8 mcs,
9196 					  u8 *flags, u8 *bw)
9197 {
9198 	struct ath10k_index_vht_data_rate_type *mcs_rate;
9199 
9200 	mcs_rate = (struct ath10k_index_vht_data_rate_type *)
9201 		   ((nss == 1) ? &supported_vht_mcs_rate_nss1 :
9202 		   &supported_vht_mcs_rate_nss2);
9203 
9204 	if (rate == mcs_rate[mcs].supported_VHT80_rate[0]) {
9205 		*bw = RATE_INFO_BW_80;
9206 	} else if (rate == mcs_rate[mcs].supported_VHT80_rate[1]) {
9207 		*bw = RATE_INFO_BW_80;
9208 		*flags |= RATE_INFO_FLAGS_SHORT_GI;
9209 	} else if (rate == mcs_rate[mcs].supported_VHT40_rate[0]) {
9210 		*bw = RATE_INFO_BW_40;
9211 	} else if (rate == mcs_rate[mcs].supported_VHT40_rate[1]) {
9212 		*bw = RATE_INFO_BW_40;
9213 		*flags |= RATE_INFO_FLAGS_SHORT_GI;
9214 	} else if (rate == mcs_rate[mcs].supported_VHT20_rate[0]) {
9215 		*bw = RATE_INFO_BW_20;
9216 	} else if (rate == mcs_rate[mcs].supported_VHT20_rate[1]) {
9217 		*bw = RATE_INFO_BW_20;
9218 		*flags |= RATE_INFO_FLAGS_SHORT_GI;
9219 	} else {
9220 		ath10k_warn(ar, "invalid vht params rate %d 100kbps nss %d mcs %d",
9221 			    rate, nss, mcs);
9222 	}
9223 }
9224 
9225 static void ath10k_mac_get_rate_flags(struct ath10k *ar, u32 rate,
9226 				      enum ath10k_phy_mode mode, u8 nss, u8 mcs,
9227 				      u8 *flags, u8 *bw)
9228 {
9229 	if (mode == ATH10K_PHY_MODE_HT) {
9230 		*flags = RATE_INFO_FLAGS_MCS;
9231 		ath10k_mac_get_rate_flags_ht(ar, rate, nss, mcs, flags, bw);
9232 	} else if (mode == ATH10K_PHY_MODE_VHT) {
9233 		*flags = RATE_INFO_FLAGS_VHT_MCS;
9234 		ath10k_mac_get_rate_flags_vht(ar, rate, nss, mcs, flags, bw);
9235 	}
9236 }
9237 
9238 static void ath10k_mac_parse_bitrate(struct ath10k *ar, u32 rate_code,
9239 				     u32 bitrate_kbps, struct rate_info *rate)
9240 {
9241 	enum ath10k_phy_mode mode = ATH10K_PHY_MODE_LEGACY;
9242 	enum wmi_rate_preamble preamble = WMI_TLV_GET_HW_RC_PREAM_V1(rate_code);
9243 	u8 nss = WMI_TLV_GET_HW_RC_NSS_V1(rate_code) + 1;
9244 	u8 mcs = WMI_TLV_GET_HW_RC_RATE_V1(rate_code);
9245 	u8 flags = 0, bw = 0;
9246 
9247 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac parse rate code 0x%x bitrate %d kbps\n",
9248 		   rate_code, bitrate_kbps);
9249 
9250 	if (preamble == WMI_RATE_PREAMBLE_HT)
9251 		mode = ATH10K_PHY_MODE_HT;
9252 	else if (preamble == WMI_RATE_PREAMBLE_VHT)
9253 		mode = ATH10K_PHY_MODE_VHT;
9254 
9255 	ath10k_mac_get_rate_flags(ar, bitrate_kbps / 100, mode, nss, mcs, &flags, &bw);
9256 
9257 	ath10k_dbg(ar, ATH10K_DBG_MAC,
9258 		   "mac parse bitrate preamble %d mode %d nss %d mcs %d flags %x bw %d\n",
9259 		   preamble, mode, nss, mcs, flags, bw);
9260 
9261 	rate->flags = flags;
9262 	rate->bw = bw;
9263 	rate->legacy = bitrate_kbps / 100;
9264 	rate->nss = nss;
9265 	rate->mcs = mcs;
9266 }
9267 
9268 static void ath10k_mac_sta_get_peer_stats_info(struct ath10k *ar,
9269 					       struct ieee80211_sta *sta,
9270 					       struct station_info *sinfo)
9271 {
9272 	struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
9273 	struct ath10k_peer *peer;
9274 	unsigned long time_left;
9275 	int ret;
9276 
9277 	if (!(ar->hw_params.supports_peer_stats_info &&
9278 	      arsta->arvif->vdev_type == WMI_VDEV_TYPE_STA))
9279 		return;
9280 
9281 	spin_lock_bh(&ar->data_lock);
9282 	peer = ath10k_peer_find(ar, arsta->arvif->vdev_id, sta->addr);
9283 	spin_unlock_bh(&ar->data_lock);
9284 	if (!peer)
9285 		return;
9286 
9287 	reinit_completion(&ar->peer_stats_info_complete);
9288 
9289 	ret = ath10k_wmi_request_peer_stats_info(ar,
9290 						 arsta->arvif->vdev_id,
9291 						 WMI_REQUEST_ONE_PEER_STATS_INFO,
9292 						 arsta->arvif->bssid,
9293 						 0);
9294 	if (ret && ret != -EOPNOTSUPP) {
9295 		ath10k_warn(ar, "could not request peer stats info: %d\n", ret);
9296 		return;
9297 	}
9298 
9299 	time_left = wait_for_completion_timeout(&ar->peer_stats_info_complete, 3 * HZ);
9300 	if (time_left == 0) {
9301 		ath10k_warn(ar, "timed out waiting peer stats info\n");
9302 		return;
9303 	}
9304 
9305 	if (arsta->rx_rate_code != 0 && arsta->rx_bitrate_kbps != 0) {
9306 		ath10k_mac_parse_bitrate(ar, arsta->rx_rate_code,
9307 					 arsta->rx_bitrate_kbps,
9308 					 &sinfo->rxrate);
9309 
9310 		sinfo->filled |= BIT_ULL(NL80211_STA_INFO_RX_BITRATE);
9311 		arsta->rx_rate_code = 0;
9312 		arsta->rx_bitrate_kbps = 0;
9313 	}
9314 
9315 	if (arsta->tx_rate_code != 0 && arsta->tx_bitrate_kbps != 0) {
9316 		ath10k_mac_parse_bitrate(ar, arsta->tx_rate_code,
9317 					 arsta->tx_bitrate_kbps,
9318 					 &sinfo->txrate);
9319 
9320 		sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_BITRATE);
9321 		arsta->tx_rate_code = 0;
9322 		arsta->tx_bitrate_kbps = 0;
9323 	}
9324 }
9325 
9326 static void ath10k_sta_statistics(struct ieee80211_hw *hw,
9327 				  struct ieee80211_vif *vif,
9328 				  struct ieee80211_sta *sta,
9329 				  struct station_info *sinfo)
9330 {
9331 	struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
9332 	struct ath10k *ar = arsta->arvif->ar;
9333 
9334 	if (!ath10k_peer_stats_enabled(ar))
9335 		return;
9336 
9337 	mutex_lock(&ar->conf_mutex);
9338 	ath10k_debug_fw_stats_request(ar);
9339 	mutex_unlock(&ar->conf_mutex);
9340 
9341 	sinfo->rx_duration = arsta->rx_duration;
9342 	sinfo->filled |= BIT_ULL(NL80211_STA_INFO_RX_DURATION);
9343 
9344 	if (arsta->txrate.legacy || arsta->txrate.nss) {
9345 		if (arsta->txrate.legacy) {
9346 			sinfo->txrate.legacy = arsta->txrate.legacy;
9347 		} else {
9348 			sinfo->txrate.mcs = arsta->txrate.mcs;
9349 			sinfo->txrate.nss = arsta->txrate.nss;
9350 			sinfo->txrate.bw = arsta->txrate.bw;
9351 		}
9352 		sinfo->txrate.flags = arsta->txrate.flags;
9353 		sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_BITRATE);
9354 	}
9355 
9356 	if (ar->htt.disable_tx_comp) {
9357 		sinfo->tx_failed = arsta->tx_failed;
9358 		sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_FAILED);
9359 	}
9360 
9361 	sinfo->tx_retries = arsta->tx_retries;
9362 	sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_RETRIES);
9363 
9364 	ath10k_mac_sta_get_peer_stats_info(ar, sta, sinfo);
9365 }
9366 
9367 static int ath10k_mac_op_set_tid_config(struct ieee80211_hw *hw,
9368 					struct ieee80211_vif *vif,
9369 					struct ieee80211_sta *sta,
9370 					struct cfg80211_tid_config *tid_config)
9371 {
9372 	struct ath10k *ar = hw->priv;
9373 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
9374 	struct ath10k_mac_iter_tid_conf_data data = {};
9375 	struct wmi_per_peer_per_tid_cfg_arg arg = {};
9376 	int ret, i;
9377 
9378 	mutex_lock(&ar->conf_mutex);
9379 	arg.vdev_id = arvif->vdev_id;
9380 
9381 	arvif->tids_rst = 0;
9382 	memset(arvif->tid_conf_changed, 0, sizeof(arvif->tid_conf_changed));
9383 
9384 	for (i = 0; i < tid_config->n_tid_conf; i++) {
9385 		ret = ath10k_mac_parse_tid_config(ar, sta, vif,
9386 						  &tid_config->tid_conf[i],
9387 						  &arg);
9388 		if (ret)
9389 			goto exit;
9390 	}
9391 
9392 	ret = 0;
9393 
9394 	if (sta)
9395 		goto exit;
9396 
9397 	arvif->tids_rst = 0;
9398 	data.curr_vif = vif;
9399 	data.ar = ar;
9400 
9401 	ieee80211_iterate_stations_atomic(hw, ath10k_mac_vif_stations_tid_conf,
9402 					  &data);
9403 
9404 exit:
9405 	mutex_unlock(&ar->conf_mutex);
9406 	return ret;
9407 }
9408 
9409 static int ath10k_mac_op_reset_tid_config(struct ieee80211_hw *hw,
9410 					  struct ieee80211_vif *vif,
9411 					  struct ieee80211_sta *sta,
9412 					  u8 tids)
9413 {
9414 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
9415 	struct ath10k_mac_iter_tid_conf_data data = {};
9416 	struct ath10k *ar = hw->priv;
9417 	int ret = 0;
9418 
9419 	mutex_lock(&ar->conf_mutex);
9420 
9421 	if (sta) {
9422 		arvif->tids_rst = 0;
9423 		ret = ath10k_mac_reset_tid_config(ar, sta, arvif, tids);
9424 		goto exit;
9425 	}
9426 
9427 	arvif->tids_rst = tids;
9428 	data.curr_vif = vif;
9429 	data.ar = ar;
9430 	ieee80211_iterate_stations_atomic(hw, ath10k_mac_vif_stations_tid_conf,
9431 					  &data);
9432 
9433 exit:
9434 	mutex_unlock(&ar->conf_mutex);
9435 	return ret;
9436 }
9437 
9438 static const struct ieee80211_ops ath10k_ops = {
9439 	.tx				= ath10k_mac_op_tx,
9440 	.wake_tx_queue			= ath10k_mac_op_wake_tx_queue,
9441 	.start				= ath10k_start,
9442 	.stop				= ath10k_stop,
9443 	.config				= ath10k_config,
9444 	.add_interface			= ath10k_add_interface,
9445 	.update_vif_offload		= ath10k_update_vif_offload,
9446 	.remove_interface		= ath10k_remove_interface,
9447 	.configure_filter		= ath10k_configure_filter,
9448 	.bss_info_changed		= ath10k_bss_info_changed,
9449 	.set_coverage_class		= ath10k_mac_op_set_coverage_class,
9450 	.hw_scan			= ath10k_hw_scan,
9451 	.cancel_hw_scan			= ath10k_cancel_hw_scan,
9452 	.set_key			= ath10k_set_key,
9453 	.set_default_unicast_key        = ath10k_set_default_unicast_key,
9454 	.sta_state			= ath10k_sta_state,
9455 	.sta_set_txpwr			= ath10k_sta_set_txpwr,
9456 	.conf_tx			= ath10k_conf_tx,
9457 	.remain_on_channel		= ath10k_remain_on_channel,
9458 	.cancel_remain_on_channel	= ath10k_cancel_remain_on_channel,
9459 	.set_rts_threshold		= ath10k_set_rts_threshold,
9460 	.set_frag_threshold		= ath10k_mac_op_set_frag_threshold,
9461 	.flush				= ath10k_flush,
9462 	.tx_last_beacon			= ath10k_tx_last_beacon,
9463 	.set_antenna			= ath10k_set_antenna,
9464 	.get_antenna			= ath10k_get_antenna,
9465 	.reconfig_complete		= ath10k_reconfig_complete,
9466 	.get_survey			= ath10k_get_survey,
9467 	.set_bitrate_mask		= ath10k_mac_op_set_bitrate_mask,
9468 	.link_sta_rc_update		= ath10k_sta_rc_update,
9469 	.offset_tsf			= ath10k_offset_tsf,
9470 	.ampdu_action			= ath10k_ampdu_action,
9471 	.get_et_sset_count		= ath10k_debug_get_et_sset_count,
9472 	.get_et_stats			= ath10k_debug_get_et_stats,
9473 	.get_et_strings			= ath10k_debug_get_et_strings,
9474 	.add_chanctx			= ath10k_mac_op_add_chanctx,
9475 	.remove_chanctx			= ath10k_mac_op_remove_chanctx,
9476 	.change_chanctx			= ath10k_mac_op_change_chanctx,
9477 	.assign_vif_chanctx		= ath10k_mac_op_assign_vif_chanctx,
9478 	.unassign_vif_chanctx		= ath10k_mac_op_unassign_vif_chanctx,
9479 	.switch_vif_chanctx		= ath10k_mac_op_switch_vif_chanctx,
9480 	.sta_pre_rcu_remove		= ath10k_mac_op_sta_pre_rcu_remove,
9481 	.sta_statistics			= ath10k_sta_statistics,
9482 	.set_tid_config			= ath10k_mac_op_set_tid_config,
9483 	.reset_tid_config		= ath10k_mac_op_reset_tid_config,
9484 
9485 	CFG80211_TESTMODE_CMD(ath10k_tm_cmd)
9486 
9487 #ifdef CONFIG_PM
9488 	.suspend			= ath10k_wow_op_suspend,
9489 	.resume				= ath10k_wow_op_resume,
9490 	.set_wakeup			= ath10k_wow_op_set_wakeup,
9491 #endif
9492 #ifdef CONFIG_MAC80211_DEBUGFS
9493 	.sta_add_debugfs		= ath10k_sta_add_debugfs,
9494 #endif
9495 	.set_sar_specs			= ath10k_mac_set_sar_specs,
9496 };
9497 
9498 #define CHAN2G(_channel, _freq, _flags) { \
9499 	.band			= NL80211_BAND_2GHZ, \
9500 	.hw_value		= (_channel), \
9501 	.center_freq		= (_freq), \
9502 	.flags			= (_flags), \
9503 	.max_antenna_gain	= 0, \
9504 	.max_power		= 30, \
9505 }
9506 
9507 #define CHAN5G(_channel, _freq, _flags) { \
9508 	.band			= NL80211_BAND_5GHZ, \
9509 	.hw_value		= (_channel), \
9510 	.center_freq		= (_freq), \
9511 	.flags			= (_flags), \
9512 	.max_antenna_gain	= 0, \
9513 	.max_power		= 30, \
9514 }
9515 
9516 static const struct ieee80211_channel ath10k_2ghz_channels[] = {
9517 	CHAN2G(1, 2412, 0),
9518 	CHAN2G(2, 2417, 0),
9519 	CHAN2G(3, 2422, 0),
9520 	CHAN2G(4, 2427, 0),
9521 	CHAN2G(5, 2432, 0),
9522 	CHAN2G(6, 2437, 0),
9523 	CHAN2G(7, 2442, 0),
9524 	CHAN2G(8, 2447, 0),
9525 	CHAN2G(9, 2452, 0),
9526 	CHAN2G(10, 2457, 0),
9527 	CHAN2G(11, 2462, 0),
9528 	CHAN2G(12, 2467, 0),
9529 	CHAN2G(13, 2472, 0),
9530 	CHAN2G(14, 2484, 0),
9531 };
9532 
9533 static const struct ieee80211_channel ath10k_5ghz_channels[] = {
9534 	CHAN5G(36, 5180, 0),
9535 	CHAN5G(40, 5200, 0),
9536 	CHAN5G(44, 5220, 0),
9537 	CHAN5G(48, 5240, 0),
9538 	CHAN5G(52, 5260, 0),
9539 	CHAN5G(56, 5280, 0),
9540 	CHAN5G(60, 5300, 0),
9541 	CHAN5G(64, 5320, 0),
9542 	CHAN5G(100, 5500, 0),
9543 	CHAN5G(104, 5520, 0),
9544 	CHAN5G(108, 5540, 0),
9545 	CHAN5G(112, 5560, 0),
9546 	CHAN5G(116, 5580, 0),
9547 	CHAN5G(120, 5600, 0),
9548 	CHAN5G(124, 5620, 0),
9549 	CHAN5G(128, 5640, 0),
9550 	CHAN5G(132, 5660, 0),
9551 	CHAN5G(136, 5680, 0),
9552 	CHAN5G(140, 5700, 0),
9553 	CHAN5G(144, 5720, 0),
9554 	CHAN5G(149, 5745, 0),
9555 	CHAN5G(153, 5765, 0),
9556 	CHAN5G(157, 5785, 0),
9557 	CHAN5G(161, 5805, 0),
9558 	CHAN5G(165, 5825, 0),
9559 	CHAN5G(169, 5845, 0),
9560 	CHAN5G(173, 5865, 0),
9561 	/* If you add more, you may need to change ATH10K_MAX_5G_CHAN */
9562 	/* And you will definitely need to change ATH10K_NUM_CHANS in core.h */
9563 };
9564 
9565 struct ath10k *ath10k_mac_create(size_t priv_size)
9566 {
9567 	struct ieee80211_hw *hw;
9568 	struct ieee80211_ops *ops;
9569 	struct ath10k *ar;
9570 
9571 	ops = kmemdup(&ath10k_ops, sizeof(ath10k_ops), GFP_KERNEL);
9572 	if (!ops)
9573 		return NULL;
9574 
9575 	hw = ieee80211_alloc_hw(sizeof(struct ath10k) + priv_size, ops);
9576 	if (!hw) {
9577 		kfree(ops);
9578 		return NULL;
9579 	}
9580 
9581 	ar = hw->priv;
9582 	ar->hw = hw;
9583 	ar->ops = ops;
9584 
9585 	return ar;
9586 }
9587 
9588 void ath10k_mac_destroy(struct ath10k *ar)
9589 {
9590 	struct ieee80211_ops *ops = ar->ops;
9591 
9592 	ieee80211_free_hw(ar->hw);
9593 	kfree(ops);
9594 }
9595 
9596 static const struct ieee80211_iface_limit ath10k_if_limits[] = {
9597 	{
9598 		.max	= 8,
9599 		.types	= BIT(NL80211_IFTYPE_STATION)
9600 			| BIT(NL80211_IFTYPE_P2P_CLIENT)
9601 	},
9602 	{
9603 		.max	= 3,
9604 		.types	= BIT(NL80211_IFTYPE_P2P_GO)
9605 	},
9606 	{
9607 		.max	= 1,
9608 		.types	= BIT(NL80211_IFTYPE_P2P_DEVICE)
9609 	},
9610 	{
9611 		.max	= 7,
9612 		.types	= BIT(NL80211_IFTYPE_AP)
9613 #ifdef CONFIG_MAC80211_MESH
9614 			| BIT(NL80211_IFTYPE_MESH_POINT)
9615 #endif
9616 	},
9617 };
9618 
9619 static const struct ieee80211_iface_limit ath10k_10x_if_limits[] = {
9620 	{
9621 		.max	= 8,
9622 		.types	= BIT(NL80211_IFTYPE_AP)
9623 #ifdef CONFIG_MAC80211_MESH
9624 			| BIT(NL80211_IFTYPE_MESH_POINT)
9625 #endif
9626 	},
9627 	{
9628 		.max	= 1,
9629 		.types	= BIT(NL80211_IFTYPE_STATION)
9630 	},
9631 };
9632 
9633 static const struct ieee80211_iface_combination ath10k_if_comb[] = {
9634 	{
9635 		.limits = ath10k_if_limits,
9636 		.n_limits = ARRAY_SIZE(ath10k_if_limits),
9637 		.max_interfaces = 8,
9638 		.num_different_channels = 1,
9639 		.beacon_int_infra_match = true,
9640 	},
9641 };
9642 
9643 static const struct ieee80211_iface_combination ath10k_10x_if_comb[] = {
9644 	{
9645 		.limits = ath10k_10x_if_limits,
9646 		.n_limits = ARRAY_SIZE(ath10k_10x_if_limits),
9647 		.max_interfaces = 8,
9648 		.num_different_channels = 1,
9649 		.beacon_int_infra_match = true,
9650 		.beacon_int_min_gcd = 1,
9651 #ifdef CONFIG_ATH10K_DFS_CERTIFIED
9652 		.radar_detect_widths =	BIT(NL80211_CHAN_WIDTH_20_NOHT) |
9653 					BIT(NL80211_CHAN_WIDTH_20) |
9654 					BIT(NL80211_CHAN_WIDTH_40) |
9655 					BIT(NL80211_CHAN_WIDTH_80),
9656 #endif
9657 	},
9658 };
9659 
9660 static const struct ieee80211_iface_limit ath10k_tlv_if_limit[] = {
9661 	{
9662 		.max = 2,
9663 		.types = BIT(NL80211_IFTYPE_STATION),
9664 	},
9665 	{
9666 		.max = 2,
9667 		.types = BIT(NL80211_IFTYPE_AP) |
9668 #ifdef CONFIG_MAC80211_MESH
9669 			 BIT(NL80211_IFTYPE_MESH_POINT) |
9670 #endif
9671 			 BIT(NL80211_IFTYPE_P2P_CLIENT) |
9672 			 BIT(NL80211_IFTYPE_P2P_GO),
9673 	},
9674 	{
9675 		.max = 1,
9676 		.types = BIT(NL80211_IFTYPE_P2P_DEVICE),
9677 	},
9678 };
9679 
9680 static const struct ieee80211_iface_limit ath10k_tlv_qcs_if_limit[] = {
9681 	{
9682 		.max = 2,
9683 		.types = BIT(NL80211_IFTYPE_STATION),
9684 	},
9685 	{
9686 		.max = 2,
9687 		.types = BIT(NL80211_IFTYPE_P2P_CLIENT),
9688 	},
9689 	{
9690 		.max = 1,
9691 		.types = BIT(NL80211_IFTYPE_AP) |
9692 #ifdef CONFIG_MAC80211_MESH
9693 			 BIT(NL80211_IFTYPE_MESH_POINT) |
9694 #endif
9695 			 BIT(NL80211_IFTYPE_P2P_GO),
9696 	},
9697 	{
9698 		.max = 1,
9699 		.types = BIT(NL80211_IFTYPE_P2P_DEVICE),
9700 	},
9701 };
9702 
9703 static const struct ieee80211_iface_limit ath10k_tlv_if_limit_ibss[] = {
9704 	{
9705 		.max = 1,
9706 		.types = BIT(NL80211_IFTYPE_STATION),
9707 	},
9708 	{
9709 		.max = 1,
9710 		.types = BIT(NL80211_IFTYPE_ADHOC),
9711 	},
9712 };
9713 
9714 /* FIXME: This is not thoroughly tested. These combinations may over- or
9715  * underestimate hw/fw capabilities.
9716  */
9717 static struct ieee80211_iface_combination ath10k_tlv_if_comb[] = {
9718 	{
9719 		.limits = ath10k_tlv_if_limit,
9720 		.num_different_channels = 1,
9721 		.max_interfaces = 4,
9722 		.n_limits = ARRAY_SIZE(ath10k_tlv_if_limit),
9723 	},
9724 	{
9725 		.limits = ath10k_tlv_if_limit_ibss,
9726 		.num_different_channels = 1,
9727 		.max_interfaces = 2,
9728 		.n_limits = ARRAY_SIZE(ath10k_tlv_if_limit_ibss),
9729 	},
9730 };
9731 
9732 static struct ieee80211_iface_combination ath10k_tlv_qcs_if_comb[] = {
9733 	{
9734 		.limits = ath10k_tlv_if_limit,
9735 		.num_different_channels = 1,
9736 		.max_interfaces = 4,
9737 		.n_limits = ARRAY_SIZE(ath10k_tlv_if_limit),
9738 	},
9739 	{
9740 		.limits = ath10k_tlv_qcs_if_limit,
9741 		.num_different_channels = 2,
9742 		.max_interfaces = 4,
9743 		.n_limits = ARRAY_SIZE(ath10k_tlv_qcs_if_limit),
9744 	},
9745 	{
9746 		.limits = ath10k_tlv_if_limit_ibss,
9747 		.num_different_channels = 1,
9748 		.max_interfaces = 2,
9749 		.n_limits = ARRAY_SIZE(ath10k_tlv_if_limit_ibss),
9750 	},
9751 };
9752 
9753 static const struct ieee80211_iface_limit ath10k_10_4_if_limits[] = {
9754 	{
9755 		.max = 1,
9756 		.types = BIT(NL80211_IFTYPE_STATION),
9757 	},
9758 	{
9759 		.max	= 16,
9760 		.types	= BIT(NL80211_IFTYPE_AP)
9761 #ifdef CONFIG_MAC80211_MESH
9762 			| BIT(NL80211_IFTYPE_MESH_POINT)
9763 #endif
9764 	},
9765 };
9766 
9767 static const struct ieee80211_iface_combination ath10k_10_4_if_comb[] = {
9768 	{
9769 		.limits = ath10k_10_4_if_limits,
9770 		.n_limits = ARRAY_SIZE(ath10k_10_4_if_limits),
9771 		.max_interfaces = 16,
9772 		.num_different_channels = 1,
9773 		.beacon_int_infra_match = true,
9774 		.beacon_int_min_gcd = 1,
9775 #ifdef CONFIG_ATH10K_DFS_CERTIFIED
9776 		.radar_detect_widths =	BIT(NL80211_CHAN_WIDTH_20_NOHT) |
9777 					BIT(NL80211_CHAN_WIDTH_20) |
9778 					BIT(NL80211_CHAN_WIDTH_40) |
9779 					BIT(NL80211_CHAN_WIDTH_80) |
9780 					BIT(NL80211_CHAN_WIDTH_80P80) |
9781 					BIT(NL80211_CHAN_WIDTH_160),
9782 #endif
9783 	},
9784 };
9785 
9786 static const struct
9787 ieee80211_iface_combination ath10k_10_4_bcn_int_if_comb[] = {
9788 	{
9789 		.limits = ath10k_10_4_if_limits,
9790 		.n_limits = ARRAY_SIZE(ath10k_10_4_if_limits),
9791 		.max_interfaces = 16,
9792 		.num_different_channels = 1,
9793 		.beacon_int_infra_match = true,
9794 		.beacon_int_min_gcd = 100,
9795 #ifdef CONFIG_ATH10K_DFS_CERTIFIED
9796 		.radar_detect_widths =  BIT(NL80211_CHAN_WIDTH_20_NOHT) |
9797 					BIT(NL80211_CHAN_WIDTH_20) |
9798 					BIT(NL80211_CHAN_WIDTH_40) |
9799 					BIT(NL80211_CHAN_WIDTH_80) |
9800 					BIT(NL80211_CHAN_WIDTH_80P80) |
9801 					BIT(NL80211_CHAN_WIDTH_160),
9802 #endif
9803 	},
9804 };
9805 
9806 static void ath10k_get_arvif_iter(void *data, u8 *mac,
9807 				  struct ieee80211_vif *vif)
9808 {
9809 	struct ath10k_vif_iter *arvif_iter = data;
9810 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
9811 
9812 	if (arvif->vdev_id == arvif_iter->vdev_id)
9813 		arvif_iter->arvif = arvif;
9814 }
9815 
9816 struct ath10k_vif *ath10k_get_arvif(struct ath10k *ar, u32 vdev_id)
9817 {
9818 	struct ath10k_vif_iter arvif_iter;
9819 
9820 	memset(&arvif_iter, 0, sizeof(struct ath10k_vif_iter));
9821 	arvif_iter.vdev_id = vdev_id;
9822 
9823 	ieee80211_iterate_active_interfaces_atomic(ar->hw,
9824 						   ATH10K_ITER_RESUME_FLAGS,
9825 						   ath10k_get_arvif_iter,
9826 						   &arvif_iter);
9827 	if (!arvif_iter.arvif) {
9828 		ath10k_warn(ar, "No VIF found for vdev %d\n", vdev_id);
9829 		return NULL;
9830 	}
9831 
9832 	return arvif_iter.arvif;
9833 }
9834 
9835 #define WRD_METHOD "WRDD"
9836 #define WRDD_WIFI  (0x07)
9837 
9838 static u32 ath10k_mac_wrdd_get_mcc(struct ath10k *ar, union acpi_object *wrdd)
9839 {
9840 	union acpi_object *mcc_pkg;
9841 	union acpi_object *domain_type;
9842 	union acpi_object *mcc_value;
9843 	u32 i;
9844 
9845 	if (wrdd->type != ACPI_TYPE_PACKAGE ||
9846 	    wrdd->package.count < 2 ||
9847 	    wrdd->package.elements[0].type != ACPI_TYPE_INTEGER ||
9848 	    wrdd->package.elements[0].integer.value != 0) {
9849 		ath10k_warn(ar, "ignoring malformed/unsupported wrdd structure\n");
9850 		return 0;
9851 	}
9852 
9853 	for (i = 1; i < wrdd->package.count; ++i) {
9854 		mcc_pkg = &wrdd->package.elements[i];
9855 
9856 		if (mcc_pkg->type != ACPI_TYPE_PACKAGE)
9857 			continue;
9858 		if (mcc_pkg->package.count < 2)
9859 			continue;
9860 		if (mcc_pkg->package.elements[0].type != ACPI_TYPE_INTEGER ||
9861 		    mcc_pkg->package.elements[1].type != ACPI_TYPE_INTEGER)
9862 			continue;
9863 
9864 		domain_type = &mcc_pkg->package.elements[0];
9865 		if (domain_type->integer.value != WRDD_WIFI)
9866 			continue;
9867 
9868 		mcc_value = &mcc_pkg->package.elements[1];
9869 		return mcc_value->integer.value;
9870 	}
9871 	return 0;
9872 }
9873 
9874 static int ath10k_mac_get_wrdd_regulatory(struct ath10k *ar, u16 *rd)
9875 {
9876 	acpi_handle root_handle;
9877 	acpi_handle handle;
9878 	struct acpi_buffer wrdd = {ACPI_ALLOCATE_BUFFER, NULL};
9879 	acpi_status status;
9880 	u32 alpha2_code;
9881 	char alpha2[3];
9882 
9883 	root_handle = ACPI_HANDLE(ar->dev);
9884 	if (!root_handle)
9885 		return -EOPNOTSUPP;
9886 
9887 	status = acpi_get_handle(root_handle, (acpi_string)WRD_METHOD, &handle);
9888 	if (ACPI_FAILURE(status)) {
9889 		ath10k_dbg(ar, ATH10K_DBG_BOOT,
9890 			   "failed to get wrd method %d\n", status);
9891 		return -EIO;
9892 	}
9893 
9894 	status = acpi_evaluate_object(handle, NULL, NULL, &wrdd);
9895 	if (ACPI_FAILURE(status)) {
9896 		ath10k_dbg(ar, ATH10K_DBG_BOOT,
9897 			   "failed to call wrdc %d\n", status);
9898 		return -EIO;
9899 	}
9900 
9901 	alpha2_code = ath10k_mac_wrdd_get_mcc(ar, wrdd.pointer);
9902 	kfree(wrdd.pointer);
9903 	if (!alpha2_code)
9904 		return -EIO;
9905 
9906 	alpha2[0] = (alpha2_code >> 8) & 0xff;
9907 	alpha2[1] = (alpha2_code >> 0) & 0xff;
9908 	alpha2[2] = '\0';
9909 
9910 	ath10k_dbg(ar, ATH10K_DBG_BOOT,
9911 		   "regulatory hint from WRDD (alpha2-code): %s\n", alpha2);
9912 
9913 	*rd = ath_regd_find_country_by_name(alpha2);
9914 	if (*rd == 0xffff)
9915 		return -EIO;
9916 
9917 	*rd |= COUNTRY_ERD_FLAG;
9918 	return 0;
9919 }
9920 
9921 static int ath10k_mac_init_rd(struct ath10k *ar)
9922 {
9923 	int ret;
9924 	u16 rd;
9925 
9926 	ret = ath10k_mac_get_wrdd_regulatory(ar, &rd);
9927 	if (ret) {
9928 		ath10k_dbg(ar, ATH10K_DBG_BOOT,
9929 			   "fallback to eeprom programmed regulatory settings\n");
9930 		rd = ar->hw_eeprom_rd;
9931 	}
9932 
9933 	ar->ath_common.regulatory.current_rd = rd;
9934 	return 0;
9935 }
9936 
9937 int ath10k_mac_register(struct ath10k *ar)
9938 {
9939 	static const u32 cipher_suites[] = {
9940 		WLAN_CIPHER_SUITE_WEP40,
9941 		WLAN_CIPHER_SUITE_WEP104,
9942 		WLAN_CIPHER_SUITE_TKIP,
9943 		WLAN_CIPHER_SUITE_CCMP,
9944 
9945 		/* Do not add hardware supported ciphers before this line.
9946 		 * Allow software encryption for all chips. Don't forget to
9947 		 * update n_cipher_suites below.
9948 		 */
9949 		WLAN_CIPHER_SUITE_AES_CMAC,
9950 		WLAN_CIPHER_SUITE_BIP_CMAC_256,
9951 		WLAN_CIPHER_SUITE_BIP_GMAC_128,
9952 		WLAN_CIPHER_SUITE_BIP_GMAC_256,
9953 
9954 		/* Only QCA99x0 and QCA4019 variants support GCMP-128, GCMP-256
9955 		 * and CCMP-256 in hardware.
9956 		 */
9957 		WLAN_CIPHER_SUITE_GCMP,
9958 		WLAN_CIPHER_SUITE_GCMP_256,
9959 		WLAN_CIPHER_SUITE_CCMP_256,
9960 	};
9961 	struct ieee80211_supported_band *band;
9962 	void *channels;
9963 	int ret;
9964 
9965 	if (!is_valid_ether_addr(ar->mac_addr)) {
9966 		ath10k_warn(ar, "invalid MAC address; choosing random\n");
9967 		eth_random_addr(ar->mac_addr);
9968 	}
9969 	SET_IEEE80211_PERM_ADDR(ar->hw, ar->mac_addr);
9970 
9971 	SET_IEEE80211_DEV(ar->hw, ar->dev);
9972 
9973 	BUILD_BUG_ON((ARRAY_SIZE(ath10k_2ghz_channels) +
9974 		      ARRAY_SIZE(ath10k_5ghz_channels)) !=
9975 		     ATH10K_NUM_CHANS);
9976 
9977 	if (ar->phy_capability & WHAL_WLAN_11G_CAPABILITY) {
9978 		channels = kmemdup(ath10k_2ghz_channels,
9979 				   sizeof(ath10k_2ghz_channels),
9980 				   GFP_KERNEL);
9981 		if (!channels) {
9982 			ret = -ENOMEM;
9983 			goto err_free;
9984 		}
9985 
9986 		band = &ar->mac.sbands[NL80211_BAND_2GHZ];
9987 		band->n_channels = ARRAY_SIZE(ath10k_2ghz_channels);
9988 		band->channels = channels;
9989 
9990 		if (ar->hw_params.cck_rate_map_rev2) {
9991 			band->n_bitrates = ath10k_g_rates_rev2_size;
9992 			band->bitrates = ath10k_g_rates_rev2;
9993 		} else {
9994 			band->n_bitrates = ath10k_g_rates_size;
9995 			band->bitrates = ath10k_g_rates;
9996 		}
9997 
9998 		ar->hw->wiphy->bands[NL80211_BAND_2GHZ] = band;
9999 	}
10000 
10001 	if (ar->phy_capability & WHAL_WLAN_11A_CAPABILITY) {
10002 		channels = kmemdup(ath10k_5ghz_channels,
10003 				   sizeof(ath10k_5ghz_channels),
10004 				   GFP_KERNEL);
10005 		if (!channels) {
10006 			ret = -ENOMEM;
10007 			goto err_free;
10008 		}
10009 
10010 		band = &ar->mac.sbands[NL80211_BAND_5GHZ];
10011 		band->n_channels = ARRAY_SIZE(ath10k_5ghz_channels);
10012 		band->channels = channels;
10013 		band->n_bitrates = ath10k_a_rates_size;
10014 		band->bitrates = ath10k_a_rates;
10015 		ar->hw->wiphy->bands[NL80211_BAND_5GHZ] = band;
10016 	}
10017 
10018 	wiphy_read_of_freq_limits(ar->hw->wiphy);
10019 	ath10k_mac_setup_ht_vht_cap(ar);
10020 
10021 	ar->hw->wiphy->interface_modes =
10022 		BIT(NL80211_IFTYPE_STATION) |
10023 		BIT(NL80211_IFTYPE_AP) |
10024 		BIT(NL80211_IFTYPE_MESH_POINT);
10025 
10026 	ar->hw->wiphy->available_antennas_rx = ar->cfg_rx_chainmask;
10027 	ar->hw->wiphy->available_antennas_tx = ar->cfg_tx_chainmask;
10028 
10029 	if (!test_bit(ATH10K_FW_FEATURE_NO_P2P, ar->normal_mode_fw.fw_file.fw_features))
10030 		ar->hw->wiphy->interface_modes |=
10031 			BIT(NL80211_IFTYPE_P2P_DEVICE) |
10032 			BIT(NL80211_IFTYPE_P2P_CLIENT) |
10033 			BIT(NL80211_IFTYPE_P2P_GO);
10034 
10035 	ieee80211_hw_set(ar->hw, SIGNAL_DBM);
10036 
10037 	if (!test_bit(ATH10K_FW_FEATURE_NO_PS,
10038 		      ar->running_fw->fw_file.fw_features)) {
10039 		ieee80211_hw_set(ar->hw, SUPPORTS_PS);
10040 		ieee80211_hw_set(ar->hw, SUPPORTS_DYNAMIC_PS);
10041 	}
10042 
10043 	ieee80211_hw_set(ar->hw, MFP_CAPABLE);
10044 	ieee80211_hw_set(ar->hw, REPORTS_TX_ACK_STATUS);
10045 	ieee80211_hw_set(ar->hw, HAS_RATE_CONTROL);
10046 	ieee80211_hw_set(ar->hw, AP_LINK_PS);
10047 	ieee80211_hw_set(ar->hw, SPECTRUM_MGMT);
10048 	ieee80211_hw_set(ar->hw, SUPPORT_FAST_XMIT);
10049 	ieee80211_hw_set(ar->hw, CONNECTION_MONITOR);
10050 	ieee80211_hw_set(ar->hw, SUPPORTS_PER_STA_GTK);
10051 	ieee80211_hw_set(ar->hw, WANT_MONITOR_VIF);
10052 	ieee80211_hw_set(ar->hw, CHANCTX_STA_CSA);
10053 	ieee80211_hw_set(ar->hw, QUEUE_CONTROL);
10054 	ieee80211_hw_set(ar->hw, SUPPORTS_TX_FRAG);
10055 	ieee80211_hw_set(ar->hw, REPORTS_LOW_ACK);
10056 
10057 	if (!test_bit(ATH10K_FLAG_RAW_MODE, &ar->dev_flags))
10058 		ieee80211_hw_set(ar->hw, SW_CRYPTO_CONTROL);
10059 
10060 	ar->hw->wiphy->features |= NL80211_FEATURE_STATIC_SMPS;
10061 	ar->hw->wiphy->flags |= WIPHY_FLAG_IBSS_RSN;
10062 
10063 	if (ar->ht_cap_info & WMI_HT_CAP_DYNAMIC_SMPS)
10064 		ar->hw->wiphy->features |= NL80211_FEATURE_DYNAMIC_SMPS;
10065 
10066 	if (ar->ht_cap_info & WMI_HT_CAP_ENABLED) {
10067 		ieee80211_hw_set(ar->hw, AMPDU_AGGREGATION);
10068 		ieee80211_hw_set(ar->hw, TX_AMPDU_SETUP_IN_HW);
10069 	}
10070 
10071 	ar->hw->wiphy->max_scan_ssids = WLAN_SCAN_PARAMS_MAX_SSID;
10072 	ar->hw->wiphy->max_scan_ie_len = WLAN_SCAN_PARAMS_MAX_IE_LEN;
10073 
10074 	if (test_bit(WMI_SERVICE_NLO, ar->wmi.svc_map)) {
10075 		ar->hw->wiphy->max_sched_scan_ssids = WMI_PNO_MAX_SUPP_NETWORKS;
10076 		ar->hw->wiphy->max_match_sets = WMI_PNO_MAX_SUPP_NETWORKS;
10077 		ar->hw->wiphy->max_sched_scan_ie_len = WMI_PNO_MAX_IE_LENGTH;
10078 		ar->hw->wiphy->max_sched_scan_plans = WMI_PNO_MAX_SCHED_SCAN_PLANS;
10079 		ar->hw->wiphy->max_sched_scan_plan_interval =
10080 			WMI_PNO_MAX_SCHED_SCAN_PLAN_INT;
10081 		ar->hw->wiphy->max_sched_scan_plan_iterations =
10082 			WMI_PNO_MAX_SCHED_SCAN_PLAN_ITRNS;
10083 		ar->hw->wiphy->features |= NL80211_FEATURE_ND_RANDOM_MAC_ADDR;
10084 	}
10085 
10086 	ar->hw->vif_data_size = sizeof(struct ath10k_vif);
10087 	ar->hw->sta_data_size = sizeof(struct ath10k_sta);
10088 	ar->hw->txq_data_size = sizeof(struct ath10k_txq);
10089 
10090 	ar->hw->max_listen_interval = ATH10K_MAX_HW_LISTEN_INTERVAL;
10091 
10092 	if (test_bit(WMI_SERVICE_BEACON_OFFLOAD, ar->wmi.svc_map)) {
10093 		ar->hw->wiphy->flags |= WIPHY_FLAG_AP_PROBE_RESP_OFFLOAD;
10094 
10095 		/* Firmware delivers WPS/P2P Probe Requests frames to driver so
10096 		 * that userspace (e.g. wpa_supplicant/hostapd) can generate
10097 		 * correct Probe Responses. This is more of a hack advert..
10098 		 */
10099 		ar->hw->wiphy->probe_resp_offload |=
10100 			NL80211_PROBE_RESP_OFFLOAD_SUPPORT_WPS |
10101 			NL80211_PROBE_RESP_OFFLOAD_SUPPORT_WPS2 |
10102 			NL80211_PROBE_RESP_OFFLOAD_SUPPORT_P2P;
10103 	}
10104 
10105 	if (test_bit(WMI_SERVICE_TDLS, ar->wmi.svc_map) ||
10106 	    test_bit(WMI_SERVICE_TDLS_EXPLICIT_MODE_ONLY, ar->wmi.svc_map)) {
10107 		ar->hw->wiphy->flags |= WIPHY_FLAG_SUPPORTS_TDLS;
10108 		if (test_bit(WMI_SERVICE_TDLS_WIDER_BANDWIDTH, ar->wmi.svc_map))
10109 			ieee80211_hw_set(ar->hw, TDLS_WIDER_BW);
10110 	}
10111 
10112 	if (test_bit(WMI_SERVICE_TDLS_UAPSD_BUFFER_STA, ar->wmi.svc_map))
10113 		ieee80211_hw_set(ar->hw, SUPPORTS_TDLS_BUFFER_STA);
10114 
10115 	if (ath10k_frame_mode == ATH10K_HW_TXRX_ETHERNET) {
10116 		if (ar->wmi.vdev_param->tx_encap_type !=
10117 		    WMI_VDEV_PARAM_UNSUPPORTED)
10118 			ieee80211_hw_set(ar->hw, SUPPORTS_TX_ENCAP_OFFLOAD);
10119 	}
10120 
10121 	ar->hw->wiphy->flags |= WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL;
10122 	ar->hw->wiphy->flags |= WIPHY_FLAG_HAS_CHANNEL_SWITCH;
10123 	ar->hw->wiphy->max_remain_on_channel_duration = 5000;
10124 
10125 	ar->hw->wiphy->flags |= WIPHY_FLAG_AP_UAPSD;
10126 	ar->hw->wiphy->features |= NL80211_FEATURE_AP_MODE_CHAN_WIDTH_CHANGE |
10127 				   NL80211_FEATURE_AP_SCAN;
10128 
10129 	ar->hw->wiphy->max_ap_assoc_sta = ar->max_num_stations;
10130 
10131 	ret = ath10k_wow_init(ar);
10132 	if (ret) {
10133 		ath10k_warn(ar, "failed to init wow: %d\n", ret);
10134 		goto err_free;
10135 	}
10136 
10137 	wiphy_ext_feature_set(ar->hw->wiphy, NL80211_EXT_FEATURE_VHT_IBSS);
10138 	wiphy_ext_feature_set(ar->hw->wiphy,
10139 			      NL80211_EXT_FEATURE_SET_SCAN_DWELL);
10140 	wiphy_ext_feature_set(ar->hw->wiphy, NL80211_EXT_FEATURE_AQL);
10141 
10142 	if (ar->hw_params.mcast_frame_registration)
10143 		wiphy_ext_feature_set(ar->hw->wiphy,
10144 				      NL80211_EXT_FEATURE_MULTICAST_REGISTRATIONS);
10145 
10146 	if (test_bit(WMI_SERVICE_TX_DATA_ACK_RSSI, ar->wmi.svc_map) ||
10147 	    test_bit(WMI_SERVICE_HTT_MGMT_TX_COMP_VALID_FLAGS, ar->wmi.svc_map))
10148 		wiphy_ext_feature_set(ar->hw->wiphy,
10149 				      NL80211_EXT_FEATURE_ACK_SIGNAL_SUPPORT);
10150 
10151 	if (ath10k_peer_stats_enabled(ar) ||
10152 	    test_bit(WMI_SERVICE_REPORT_AIRTIME, ar->wmi.svc_map))
10153 		wiphy_ext_feature_set(ar->hw->wiphy,
10154 				      NL80211_EXT_FEATURE_AIRTIME_FAIRNESS);
10155 
10156 	if (test_bit(WMI_SERVICE_RTT_RESPONDER_ROLE, ar->wmi.svc_map))
10157 		wiphy_ext_feature_set(ar->hw->wiphy,
10158 				      NL80211_EXT_FEATURE_ENABLE_FTM_RESPONDER);
10159 
10160 	if (test_bit(WMI_SERVICE_TX_PWR_PER_PEER, ar->wmi.svc_map))
10161 		wiphy_ext_feature_set(ar->hw->wiphy,
10162 				      NL80211_EXT_FEATURE_STA_TX_PWR);
10163 
10164 	if (test_bit(WMI_SERVICE_PEER_TID_CONFIGS_SUPPORT, ar->wmi.svc_map)) {
10165 		ar->hw->wiphy->tid_config_support.vif |=
10166 				BIT(NL80211_TID_CONFIG_ATTR_NOACK) |
10167 				BIT(NL80211_TID_CONFIG_ATTR_RETRY_SHORT) |
10168 				BIT(NL80211_TID_CONFIG_ATTR_RETRY_LONG) |
10169 				BIT(NL80211_TID_CONFIG_ATTR_AMPDU_CTRL) |
10170 				BIT(NL80211_TID_CONFIG_ATTR_TX_RATE) |
10171 				BIT(NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE);
10172 
10173 		if (test_bit(WMI_SERVICE_EXT_PEER_TID_CONFIGS_SUPPORT,
10174 			     ar->wmi.svc_map)) {
10175 			ar->hw->wiphy->tid_config_support.vif |=
10176 				BIT(NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL);
10177 		}
10178 
10179 		ar->hw->wiphy->tid_config_support.peer =
10180 				ar->hw->wiphy->tid_config_support.vif;
10181 		ar->hw->wiphy->max_data_retry_count = ATH10K_MAX_RETRY_COUNT;
10182 	} else {
10183 		ar->ops->set_tid_config = NULL;
10184 	}
10185 	/*
10186 	 * on LL hardware queues are managed entirely by the FW
10187 	 * so we only advertise to mac we can do the queues thing
10188 	 */
10189 	ar->hw->queues = IEEE80211_MAX_QUEUES;
10190 
10191 	/* vdev_ids are used as hw queue numbers. Make sure offchan tx queue is
10192 	 * something that vdev_ids can't reach so that we don't stop the queue
10193 	 * accidentally.
10194 	 */
10195 	ar->hw->offchannel_tx_hw_queue = IEEE80211_MAX_QUEUES - 1;
10196 
10197 	switch (ar->running_fw->fw_file.wmi_op_version) {
10198 	case ATH10K_FW_WMI_OP_VERSION_MAIN:
10199 		ar->hw->wiphy->iface_combinations = ath10k_if_comb;
10200 		ar->hw->wiphy->n_iface_combinations =
10201 			ARRAY_SIZE(ath10k_if_comb);
10202 		ar->hw->wiphy->interface_modes |= BIT(NL80211_IFTYPE_ADHOC);
10203 		break;
10204 	case ATH10K_FW_WMI_OP_VERSION_TLV:
10205 		if (test_bit(WMI_SERVICE_ADAPTIVE_OCS, ar->wmi.svc_map)) {
10206 			ar->hw->wiphy->iface_combinations =
10207 				ath10k_tlv_qcs_if_comb;
10208 			ar->hw->wiphy->n_iface_combinations =
10209 				ARRAY_SIZE(ath10k_tlv_qcs_if_comb);
10210 		} else {
10211 			ar->hw->wiphy->iface_combinations = ath10k_tlv_if_comb;
10212 			ar->hw->wiphy->n_iface_combinations =
10213 				ARRAY_SIZE(ath10k_tlv_if_comb);
10214 		}
10215 		ar->hw->wiphy->interface_modes |= BIT(NL80211_IFTYPE_ADHOC);
10216 		break;
10217 	case ATH10K_FW_WMI_OP_VERSION_10_1:
10218 	case ATH10K_FW_WMI_OP_VERSION_10_2:
10219 	case ATH10K_FW_WMI_OP_VERSION_10_2_4:
10220 		ar->hw->wiphy->iface_combinations = ath10k_10x_if_comb;
10221 		ar->hw->wiphy->n_iface_combinations =
10222 			ARRAY_SIZE(ath10k_10x_if_comb);
10223 		break;
10224 	case ATH10K_FW_WMI_OP_VERSION_10_4:
10225 		ar->hw->wiphy->iface_combinations = ath10k_10_4_if_comb;
10226 		ar->hw->wiphy->n_iface_combinations =
10227 			ARRAY_SIZE(ath10k_10_4_if_comb);
10228 		if (test_bit(WMI_SERVICE_VDEV_DIFFERENT_BEACON_INTERVAL_SUPPORT,
10229 			     ar->wmi.svc_map)) {
10230 			ar->hw->wiphy->iface_combinations =
10231 				ath10k_10_4_bcn_int_if_comb;
10232 			ar->hw->wiphy->n_iface_combinations =
10233 				ARRAY_SIZE(ath10k_10_4_bcn_int_if_comb);
10234 		}
10235 		break;
10236 	case ATH10K_FW_WMI_OP_VERSION_UNSET:
10237 	case ATH10K_FW_WMI_OP_VERSION_MAX:
10238 		WARN_ON(1);
10239 		ret = -EINVAL;
10240 		goto err_free;
10241 	}
10242 
10243 	if (ar->hw_params.dynamic_sar_support)
10244 		ar->hw->wiphy->sar_capa = &ath10k_sar_capa;
10245 
10246 	if (!test_bit(ATH10K_FLAG_RAW_MODE, &ar->dev_flags))
10247 		ar->hw->netdev_features = NETIF_F_HW_CSUM;
10248 
10249 	if (IS_ENABLED(CONFIG_ATH10K_DFS_CERTIFIED)) {
10250 		/* Init ath dfs pattern detector */
10251 		ar->ath_common.debug_mask = ATH_DBG_DFS;
10252 		ar->dfs_detector = dfs_pattern_detector_init(&ar->ath_common,
10253 							     NL80211_DFS_UNSET);
10254 
10255 		if (!ar->dfs_detector)
10256 			ath10k_warn(ar, "failed to initialise DFS pattern detector\n");
10257 	}
10258 
10259 	ret = ath10k_mac_init_rd(ar);
10260 	if (ret) {
10261 		ath10k_err(ar, "failed to derive regdom: %d\n", ret);
10262 		goto err_dfs_detector_exit;
10263 	}
10264 
10265 	/* Disable set_coverage_class for chipsets that do not support it. */
10266 	if (!ar->hw_params.hw_ops->set_coverage_class)
10267 		ar->ops->set_coverage_class = NULL;
10268 
10269 	ret = ath_regd_init(&ar->ath_common.regulatory, ar->hw->wiphy,
10270 			    ath10k_reg_notifier);
10271 	if (ret) {
10272 		ath10k_err(ar, "failed to initialise regulatory: %i\n", ret);
10273 		goto err_dfs_detector_exit;
10274 	}
10275 
10276 	if (test_bit(WMI_SERVICE_SPOOF_MAC_SUPPORT, ar->wmi.svc_map)) {
10277 		ar->hw->wiphy->features |=
10278 			NL80211_FEATURE_SCAN_RANDOM_MAC_ADDR;
10279 	}
10280 
10281 	ar->hw->wiphy->cipher_suites = cipher_suites;
10282 
10283 	/* QCA988x and QCA6174 family chips do not support CCMP-256, GCMP-128
10284 	 * and GCMP-256 ciphers in hardware. Fetch number of ciphers supported
10285 	 * from chip specific hw_param table.
10286 	 */
10287 	if (!ar->hw_params.n_cipher_suites ||
10288 	    ar->hw_params.n_cipher_suites > ARRAY_SIZE(cipher_suites)) {
10289 		ath10k_err(ar, "invalid hw_params.n_cipher_suites %d\n",
10290 			   ar->hw_params.n_cipher_suites);
10291 		ar->hw_params.n_cipher_suites = 8;
10292 	}
10293 	ar->hw->wiphy->n_cipher_suites = ar->hw_params.n_cipher_suites;
10294 
10295 	wiphy_ext_feature_set(ar->hw->wiphy, NL80211_EXT_FEATURE_CQM_RSSI_LIST);
10296 
10297 	ar->hw->weight_multiplier = ATH10K_AIRTIME_WEIGHT_MULTIPLIER;
10298 
10299 	ret = ieee80211_register_hw(ar->hw);
10300 	if (ret) {
10301 		ath10k_err(ar, "failed to register ieee80211: %d\n", ret);
10302 		goto err_dfs_detector_exit;
10303 	}
10304 
10305 	if (test_bit(WMI_SERVICE_PER_PACKET_SW_ENCRYPT, ar->wmi.svc_map)) {
10306 		ar->hw->wiphy->interface_modes |= BIT(NL80211_IFTYPE_AP_VLAN);
10307 		ar->hw->wiphy->software_iftypes |= BIT(NL80211_IFTYPE_AP_VLAN);
10308 	}
10309 
10310 	if (!ath_is_world_regd(&ar->ath_common.reg_world_copy) &&
10311 	    !ath_is_world_regd(&ar->ath_common.regulatory)) {
10312 		ret = regulatory_hint(ar->hw->wiphy,
10313 				      ar->ath_common.regulatory.alpha2);
10314 		if (ret)
10315 			goto err_unregister;
10316 	}
10317 
10318 	return 0;
10319 
10320 err_unregister:
10321 	ieee80211_unregister_hw(ar->hw);
10322 
10323 err_dfs_detector_exit:
10324 	if (IS_ENABLED(CONFIG_ATH10K_DFS_CERTIFIED) && ar->dfs_detector)
10325 		ar->dfs_detector->exit(ar->dfs_detector);
10326 
10327 err_free:
10328 	kfree(ar->mac.sbands[NL80211_BAND_2GHZ].channels);
10329 	kfree(ar->mac.sbands[NL80211_BAND_5GHZ].channels);
10330 
10331 	SET_IEEE80211_DEV(ar->hw, NULL);
10332 	return ret;
10333 }
10334 
10335 void ath10k_mac_unregister(struct ath10k *ar)
10336 {
10337 	ieee80211_unregister_hw(ar->hw);
10338 
10339 	if (IS_ENABLED(CONFIG_ATH10K_DFS_CERTIFIED) && ar->dfs_detector)
10340 		ar->dfs_detector->exit(ar->dfs_detector);
10341 
10342 	kfree(ar->mac.sbands[NL80211_BAND_2GHZ].channels);
10343 	kfree(ar->mac.sbands[NL80211_BAND_5GHZ].channels);
10344 
10345 	SET_IEEE80211_DEV(ar->hw, NULL);
10346 }
10347