1 // SPDX-License-Identifier: GPL-2.0 OR BSD-3-Clause 2 /* 3 * Copyright (C) 2024-2025 Intel Corporation 4 */ 5 6 #include <net/mac80211.h> 7 #include <kunit/static_stub.h> 8 9 #include "mld.h" 10 #include "sta.h" 11 #include "agg.h" 12 #include "rx.h" 13 #include "hcmd.h" 14 #include "iface.h" 15 #include "time_sync.h" 16 #include "fw/dbg.h" 17 #include "fw/api/rx.h" 18 19 /* stores relevant PHY data fields extracted from iwl_rx_mpdu_desc */ 20 struct iwl_mld_rx_phy_data { 21 enum iwl_rx_phy_info_type info_type; 22 __le32 data0; 23 __le32 data1; 24 __le32 data2; 25 __le32 data3; 26 __le32 eht_data4; 27 __le32 data5; 28 __le16 data4; 29 bool first_subframe; 30 bool with_data; 31 __le32 rx_vec[4]; 32 u32 rate_n_flags; 33 u32 gp2_on_air_rise; 34 u16 phy_info; 35 u8 energy_a, energy_b; 36 }; 37 38 static void 39 iwl_mld_fill_phy_data(struct iwl_rx_mpdu_desc *desc, 40 struct iwl_mld_rx_phy_data *phy_data) 41 { 42 phy_data->phy_info = le16_to_cpu(desc->phy_info); 43 phy_data->rate_n_flags = le32_to_cpu(desc->v3.rate_n_flags); 44 phy_data->gp2_on_air_rise = le32_to_cpu(desc->v3.gp2_on_air_rise); 45 phy_data->energy_a = desc->v3.energy_a; 46 phy_data->energy_b = desc->v3.energy_b; 47 phy_data->data0 = desc->v3.phy_data0; 48 phy_data->data1 = desc->v3.phy_data1; 49 phy_data->data2 = desc->v3.phy_data2; 50 phy_data->data3 = desc->v3.phy_data3; 51 phy_data->data4 = desc->phy_data4; 52 phy_data->eht_data4 = desc->phy_eht_data4; 53 phy_data->data5 = desc->v3.phy_data5; 54 phy_data->with_data = true; 55 } 56 57 static inline int iwl_mld_check_pn(struct iwl_mld *mld, struct sk_buff *skb, 58 int queue, struct ieee80211_sta *sta) 59 { 60 struct ieee80211_hdr *hdr = (void *)skb_mac_header(skb); 61 struct ieee80211_rx_status *stats = IEEE80211_SKB_RXCB(skb); 62 struct iwl_mld_sta *mld_sta; 63 struct iwl_mld_ptk_pn *ptk_pn; 64 int res; 65 u8 tid, keyidx; 66 u8 pn[IEEE80211_CCMP_PN_LEN]; 67 u8 *extiv; 68 69 /* multicast and non-data only arrives on default queue; avoid checking 70 * for default queue - we don't want to replicate all the logic that's 71 * necessary for checking the PN on fragmented frames, leave that 72 * to mac80211 73 */ 74 if (queue == 0 || !ieee80211_is_data(hdr->frame_control) || 75 is_multicast_ether_addr(hdr->addr1)) 76 return 0; 77 78 if (!(stats->flag & RX_FLAG_DECRYPTED)) 79 return 0; 80 81 /* if we are here - this for sure is either CCMP or GCMP */ 82 if (!sta) { 83 IWL_DEBUG_DROP(mld, 84 "expected hw-decrypted unicast frame for station\n"); 85 return -1; 86 } 87 88 mld_sta = iwl_mld_sta_from_mac80211(sta); 89 90 extiv = (u8 *)hdr + ieee80211_hdrlen(hdr->frame_control); 91 keyidx = extiv[3] >> 6; 92 93 ptk_pn = rcu_dereference(mld_sta->ptk_pn[keyidx]); 94 if (!ptk_pn) 95 return -1; 96 97 if (ieee80211_is_data_qos(hdr->frame_control)) 98 tid = ieee80211_get_tid(hdr); 99 else 100 tid = 0; 101 102 /* we don't use HCCA/802.11 QoS TSPECs, so drop such frames */ 103 if (tid >= IWL_MAX_TID_COUNT) 104 return -1; 105 106 /* load pn */ 107 pn[0] = extiv[7]; 108 pn[1] = extiv[6]; 109 pn[2] = extiv[5]; 110 pn[3] = extiv[4]; 111 pn[4] = extiv[1]; 112 pn[5] = extiv[0]; 113 114 res = memcmp(pn, ptk_pn->q[queue].pn[tid], IEEE80211_CCMP_PN_LEN); 115 if (res < 0) 116 return -1; 117 if (!res && !(stats->flag & RX_FLAG_ALLOW_SAME_PN)) 118 return -1; 119 120 memcpy(ptk_pn->q[queue].pn[tid], pn, IEEE80211_CCMP_PN_LEN); 121 stats->flag |= RX_FLAG_PN_VALIDATED; 122 123 return 0; 124 } 125 126 /* iwl_mld_pass_packet_to_mac80211 - passes the packet for mac80211 */ 127 void iwl_mld_pass_packet_to_mac80211(struct iwl_mld *mld, 128 struct napi_struct *napi, 129 struct sk_buff *skb, int queue, 130 struct ieee80211_sta *sta) 131 { 132 KUNIT_STATIC_STUB_REDIRECT(iwl_mld_pass_packet_to_mac80211, 133 mld, napi, skb, queue, sta); 134 135 if (unlikely(iwl_mld_check_pn(mld, skb, queue, sta))) { 136 kfree_skb(skb); 137 return; 138 } 139 140 ieee80211_rx_napi(mld->hw, sta, skb, napi); 141 } 142 EXPORT_SYMBOL_IF_IWLWIFI_KUNIT(iwl_mld_pass_packet_to_mac80211); 143 144 static void iwl_mld_fill_signal(struct iwl_mld *mld, 145 struct ieee80211_rx_status *rx_status, 146 struct iwl_mld_rx_phy_data *phy_data) 147 { 148 u32 rate_n_flags = phy_data->rate_n_flags; 149 int energy_a = phy_data->energy_a; 150 int energy_b = phy_data->energy_b; 151 int max_energy; 152 153 energy_a = energy_a ? -energy_a : S8_MIN; 154 energy_b = energy_b ? -energy_b : S8_MIN; 155 max_energy = max(energy_a, energy_b); 156 157 IWL_DEBUG_STATS(mld, "energy in A %d B %d, and max %d\n", 158 energy_a, energy_b, max_energy); 159 160 rx_status->signal = max_energy; 161 rx_status->chains = 162 (rate_n_flags & RATE_MCS_ANT_AB_MSK) >> RATE_MCS_ANT_POS; 163 rx_status->chain_signal[0] = energy_a; 164 rx_status->chain_signal[1] = energy_b; 165 } 166 167 static void 168 iwl_mld_decode_he_phy_ru_alloc(struct iwl_mld_rx_phy_data *phy_data, 169 struct ieee80211_radiotap_he *he, 170 struct ieee80211_radiotap_he_mu *he_mu, 171 struct ieee80211_rx_status *rx_status) 172 { 173 /* Unfortunately, we have to leave the mac80211 data 174 * incorrect for the case that we receive an HE-MU 175 * transmission and *don't* have the HE phy data (due 176 * to the bits being used for TSF). This shouldn't 177 * happen though as management frames where we need 178 * the TSF/timers are not be transmitted in HE-MU. 179 */ 180 u8 ru = le32_get_bits(phy_data->data1, IWL_RX_PHY_DATA1_HE_RU_ALLOC_MASK); 181 u32 rate_n_flags = phy_data->rate_n_flags; 182 u32 he_type = rate_n_flags & RATE_MCS_HE_TYPE_MSK; 183 u8 offs = 0; 184 185 rx_status->bw = RATE_INFO_BW_HE_RU; 186 187 he->data1 |= cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA1_BW_RU_ALLOC_KNOWN); 188 189 switch (ru) { 190 case 0 ... 36: 191 rx_status->he_ru = NL80211_RATE_INFO_HE_RU_ALLOC_26; 192 offs = ru; 193 break; 194 case 37 ... 52: 195 rx_status->he_ru = NL80211_RATE_INFO_HE_RU_ALLOC_52; 196 offs = ru - 37; 197 break; 198 case 53 ... 60: 199 rx_status->he_ru = NL80211_RATE_INFO_HE_RU_ALLOC_106; 200 offs = ru - 53; 201 break; 202 case 61 ... 64: 203 rx_status->he_ru = NL80211_RATE_INFO_HE_RU_ALLOC_242; 204 offs = ru - 61; 205 break; 206 case 65 ... 66: 207 rx_status->he_ru = NL80211_RATE_INFO_HE_RU_ALLOC_484; 208 offs = ru - 65; 209 break; 210 case 67: 211 rx_status->he_ru = NL80211_RATE_INFO_HE_RU_ALLOC_996; 212 break; 213 case 68: 214 rx_status->he_ru = NL80211_RATE_INFO_HE_RU_ALLOC_2x996; 215 break; 216 } 217 he->data2 |= le16_encode_bits(offs, 218 IEEE80211_RADIOTAP_HE_DATA2_RU_OFFSET); 219 he->data2 |= cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA2_PRISEC_80_KNOWN | 220 IEEE80211_RADIOTAP_HE_DATA2_RU_OFFSET_KNOWN); 221 if (phy_data->data1 & cpu_to_le32(IWL_RX_PHY_DATA1_HE_RU_ALLOC_SEC80)) 222 he->data2 |= 223 cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA2_PRISEC_80_SEC); 224 225 #define CHECK_BW(bw) \ 226 BUILD_BUG_ON(IEEE80211_RADIOTAP_HE_MU_FLAGS2_BW_FROM_SIG_A_BW_ ## bw ## MHZ != \ 227 RATE_MCS_CHAN_WIDTH_##bw >> RATE_MCS_CHAN_WIDTH_POS); \ 228 BUILD_BUG_ON(IEEE80211_RADIOTAP_HE_DATA6_TB_PPDU_BW_ ## bw ## MHZ != \ 229 RATE_MCS_CHAN_WIDTH_##bw >> RATE_MCS_CHAN_WIDTH_POS) 230 CHECK_BW(20); 231 CHECK_BW(40); 232 CHECK_BW(80); 233 CHECK_BW(160); 234 235 if (he_mu) 236 he_mu->flags2 |= 237 le16_encode_bits(u32_get_bits(rate_n_flags, 238 RATE_MCS_CHAN_WIDTH_MSK), 239 IEEE80211_RADIOTAP_HE_MU_FLAGS2_BW_FROM_SIG_A_BW); 240 else if (he_type == RATE_MCS_HE_TYPE_TRIG) 241 he->data6 |= 242 cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA6_TB_PPDU_BW_KNOWN) | 243 le16_encode_bits(u32_get_bits(rate_n_flags, 244 RATE_MCS_CHAN_WIDTH_MSK), 245 IEEE80211_RADIOTAP_HE_DATA6_TB_PPDU_BW); 246 } 247 248 static void 249 iwl_mld_decode_he_mu_ext(struct iwl_mld_rx_phy_data *phy_data, 250 struct ieee80211_radiotap_he_mu *he_mu) 251 { 252 u32 phy_data2 = le32_to_cpu(phy_data->data2); 253 u32 phy_data3 = le32_to_cpu(phy_data->data3); 254 u16 phy_data4 = le16_to_cpu(phy_data->data4); 255 u32 rate_n_flags = phy_data->rate_n_flags; 256 257 if (u32_get_bits(phy_data4, IWL_RX_PHY_DATA4_HE_MU_EXT_CH1_CRC_OK)) { 258 he_mu->flags1 |= 259 cpu_to_le16(IEEE80211_RADIOTAP_HE_MU_FLAGS1_CH1_RU_KNOWN | 260 IEEE80211_RADIOTAP_HE_MU_FLAGS1_CH1_CTR_26T_RU_KNOWN); 261 262 he_mu->flags1 |= 263 le16_encode_bits(u32_get_bits(phy_data4, 264 IWL_RX_PHY_DATA4_HE_MU_EXT_CH1_CTR_RU), 265 IEEE80211_RADIOTAP_HE_MU_FLAGS1_CH1_CTR_26T_RU); 266 267 he_mu->ru_ch1[0] = u32_get_bits(phy_data2, 268 IWL_RX_PHY_DATA2_HE_MU_EXT_CH1_RU0); 269 he_mu->ru_ch1[1] = u32_get_bits(phy_data3, 270 IWL_RX_PHY_DATA3_HE_MU_EXT_CH1_RU1); 271 he_mu->ru_ch1[2] = u32_get_bits(phy_data2, 272 IWL_RX_PHY_DATA2_HE_MU_EXT_CH1_RU2); 273 he_mu->ru_ch1[3] = u32_get_bits(phy_data3, 274 IWL_RX_PHY_DATA3_HE_MU_EXT_CH1_RU3); 275 } 276 277 if (u32_get_bits(phy_data4, IWL_RX_PHY_DATA4_HE_MU_EXT_CH2_CRC_OK) && 278 (rate_n_flags & RATE_MCS_CHAN_WIDTH_MSK) != RATE_MCS_CHAN_WIDTH_20) { 279 he_mu->flags1 |= 280 cpu_to_le16(IEEE80211_RADIOTAP_HE_MU_FLAGS1_CH2_RU_KNOWN | 281 IEEE80211_RADIOTAP_HE_MU_FLAGS1_CH2_CTR_26T_RU_KNOWN); 282 283 he_mu->flags2 |= 284 le16_encode_bits(u32_get_bits(phy_data4, 285 IWL_RX_PHY_DATA4_HE_MU_EXT_CH2_CTR_RU), 286 IEEE80211_RADIOTAP_HE_MU_FLAGS2_CH2_CTR_26T_RU); 287 288 he_mu->ru_ch2[0] = u32_get_bits(phy_data2, 289 IWL_RX_PHY_DATA2_HE_MU_EXT_CH2_RU0); 290 he_mu->ru_ch2[1] = u32_get_bits(phy_data3, 291 IWL_RX_PHY_DATA3_HE_MU_EXT_CH2_RU1); 292 he_mu->ru_ch2[2] = u32_get_bits(phy_data2, 293 IWL_RX_PHY_DATA2_HE_MU_EXT_CH2_RU2); 294 he_mu->ru_ch2[3] = u32_get_bits(phy_data3, 295 IWL_RX_PHY_DATA3_HE_MU_EXT_CH2_RU3); 296 } 297 } 298 299 static void 300 iwl_mld_decode_he_phy_data(struct iwl_mld_rx_phy_data *phy_data, 301 struct ieee80211_radiotap_he *he, 302 struct ieee80211_radiotap_he_mu *he_mu, 303 struct ieee80211_rx_status *rx_status, 304 int queue) 305 { 306 switch (phy_data->info_type) { 307 case IWL_RX_PHY_INFO_TYPE_NONE: 308 case IWL_RX_PHY_INFO_TYPE_CCK: 309 case IWL_RX_PHY_INFO_TYPE_OFDM_LGCY: 310 case IWL_RX_PHY_INFO_TYPE_HT: 311 case IWL_RX_PHY_INFO_TYPE_VHT_SU: 312 case IWL_RX_PHY_INFO_TYPE_VHT_MU: 313 case IWL_RX_PHY_INFO_TYPE_EHT_MU: 314 case IWL_RX_PHY_INFO_TYPE_EHT_TB: 315 case IWL_RX_PHY_INFO_TYPE_EHT_MU_EXT: 316 case IWL_RX_PHY_INFO_TYPE_EHT_TB_EXT: 317 return; 318 case IWL_RX_PHY_INFO_TYPE_HE_TB_EXT: 319 he->data1 |= cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA1_SPTL_REUSE_KNOWN | 320 IEEE80211_RADIOTAP_HE_DATA1_SPTL_REUSE2_KNOWN | 321 IEEE80211_RADIOTAP_HE_DATA1_SPTL_REUSE3_KNOWN | 322 IEEE80211_RADIOTAP_HE_DATA1_SPTL_REUSE4_KNOWN); 323 he->data4 |= le16_encode_bits(le32_get_bits(phy_data->data2, 324 IWL_RX_PHY_DATA2_HE_TB_EXT_SPTL_REUSE1), 325 IEEE80211_RADIOTAP_HE_DATA4_TB_SPTL_REUSE1); 326 he->data4 |= le16_encode_bits(le32_get_bits(phy_data->data2, 327 IWL_RX_PHY_DATA2_HE_TB_EXT_SPTL_REUSE2), 328 IEEE80211_RADIOTAP_HE_DATA4_TB_SPTL_REUSE2); 329 he->data4 |= le16_encode_bits(le32_get_bits(phy_data->data2, 330 IWL_RX_PHY_DATA2_HE_TB_EXT_SPTL_REUSE3), 331 IEEE80211_RADIOTAP_HE_DATA4_TB_SPTL_REUSE3); 332 he->data4 |= le16_encode_bits(le32_get_bits(phy_data->data2, 333 IWL_RX_PHY_DATA2_HE_TB_EXT_SPTL_REUSE4), 334 IEEE80211_RADIOTAP_HE_DATA4_TB_SPTL_REUSE4); 335 fallthrough; 336 case IWL_RX_PHY_INFO_TYPE_HE_SU: 337 case IWL_RX_PHY_INFO_TYPE_HE_MU: 338 case IWL_RX_PHY_INFO_TYPE_HE_MU_EXT: 339 case IWL_RX_PHY_INFO_TYPE_HE_TB: 340 /* HE common */ 341 he->data1 |= cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA1_LDPC_XSYMSEG_KNOWN | 342 IEEE80211_RADIOTAP_HE_DATA1_DOPPLER_KNOWN | 343 IEEE80211_RADIOTAP_HE_DATA1_BSS_COLOR_KNOWN); 344 he->data2 |= cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA2_PRE_FEC_PAD_KNOWN | 345 IEEE80211_RADIOTAP_HE_DATA2_PE_DISAMBIG_KNOWN | 346 IEEE80211_RADIOTAP_HE_DATA2_TXOP_KNOWN | 347 IEEE80211_RADIOTAP_HE_DATA2_NUM_LTF_SYMS_KNOWN); 348 he->data3 |= le16_encode_bits(le32_get_bits(phy_data->data0, 349 IWL_RX_PHY_DATA0_HE_BSS_COLOR_MASK), 350 IEEE80211_RADIOTAP_HE_DATA3_BSS_COLOR); 351 if (phy_data->info_type != IWL_RX_PHY_INFO_TYPE_HE_TB && 352 phy_data->info_type != IWL_RX_PHY_INFO_TYPE_HE_TB_EXT) { 353 he->data1 |= cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA1_UL_DL_KNOWN); 354 he->data3 |= le16_encode_bits(le32_get_bits(phy_data->data0, 355 IWL_RX_PHY_DATA0_HE_UPLINK), 356 IEEE80211_RADIOTAP_HE_DATA3_UL_DL); 357 } 358 he->data3 |= le16_encode_bits(le32_get_bits(phy_data->data0, 359 IWL_RX_PHY_DATA0_HE_LDPC_EXT_SYM), 360 IEEE80211_RADIOTAP_HE_DATA3_LDPC_XSYMSEG); 361 he->data5 |= le16_encode_bits(le32_get_bits(phy_data->data0, 362 IWL_RX_PHY_DATA0_HE_PRE_FEC_PAD_MASK), 363 IEEE80211_RADIOTAP_HE_DATA5_PRE_FEC_PAD); 364 he->data5 |= le16_encode_bits(le32_get_bits(phy_data->data0, 365 IWL_RX_PHY_DATA0_HE_PE_DISAMBIG), 366 IEEE80211_RADIOTAP_HE_DATA5_PE_DISAMBIG); 367 he->data5 |= le16_encode_bits(le32_get_bits(phy_data->data1, 368 IWL_RX_PHY_DATA1_HE_LTF_NUM_MASK), 369 IEEE80211_RADIOTAP_HE_DATA5_NUM_LTF_SYMS); 370 he->data6 |= le16_encode_bits(le32_get_bits(phy_data->data0, 371 IWL_RX_PHY_DATA0_HE_TXOP_DUR_MASK), 372 IEEE80211_RADIOTAP_HE_DATA6_TXOP); 373 he->data6 |= le16_encode_bits(le32_get_bits(phy_data->data0, 374 IWL_RX_PHY_DATA0_HE_DOPPLER), 375 IEEE80211_RADIOTAP_HE_DATA6_DOPPLER); 376 break; 377 } 378 379 switch (phy_data->info_type) { 380 case IWL_RX_PHY_INFO_TYPE_HE_MU_EXT: 381 case IWL_RX_PHY_INFO_TYPE_HE_MU: 382 case IWL_RX_PHY_INFO_TYPE_HE_SU: 383 he->data1 |= cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA1_SPTL_REUSE_KNOWN); 384 he->data4 |= le16_encode_bits(le32_get_bits(phy_data->data0, 385 IWL_RX_PHY_DATA0_HE_SPATIAL_REUSE_MASK), 386 IEEE80211_RADIOTAP_HE_DATA4_SU_MU_SPTL_REUSE); 387 break; 388 default: 389 /* nothing here */ 390 break; 391 } 392 393 switch (phy_data->info_type) { 394 case IWL_RX_PHY_INFO_TYPE_HE_MU_EXT: 395 he_mu->flags1 |= 396 le16_encode_bits(le16_get_bits(phy_data->data4, 397 IWL_RX_PHY_DATA4_HE_MU_EXT_SIGB_DCM), 398 IEEE80211_RADIOTAP_HE_MU_FLAGS1_SIG_B_DCM); 399 he_mu->flags1 |= 400 le16_encode_bits(le16_get_bits(phy_data->data4, 401 IWL_RX_PHY_DATA4_HE_MU_EXT_SIGB_MCS_MASK), 402 IEEE80211_RADIOTAP_HE_MU_FLAGS1_SIG_B_MCS); 403 he_mu->flags2 |= 404 le16_encode_bits(le16_get_bits(phy_data->data4, 405 IWL_RX_PHY_DATA4_HE_MU_EXT_PREAMBLE_PUNC_TYPE_MASK), 406 IEEE80211_RADIOTAP_HE_MU_FLAGS2_PUNC_FROM_SIG_A_BW); 407 iwl_mld_decode_he_mu_ext(phy_data, he_mu); 408 fallthrough; 409 case IWL_RX_PHY_INFO_TYPE_HE_MU: 410 he_mu->flags2 |= 411 le16_encode_bits(le32_get_bits(phy_data->data1, 412 IWL_RX_PHY_DATA1_HE_MU_SIBG_SYM_OR_USER_NUM_MASK), 413 IEEE80211_RADIOTAP_HE_MU_FLAGS2_SIG_B_SYMS_USERS); 414 he_mu->flags2 |= 415 le16_encode_bits(le32_get_bits(phy_data->data1, 416 IWL_RX_PHY_DATA1_HE_MU_SIGB_COMPRESSION), 417 IEEE80211_RADIOTAP_HE_MU_FLAGS2_SIG_B_COMP); 418 fallthrough; 419 case IWL_RX_PHY_INFO_TYPE_HE_TB: 420 case IWL_RX_PHY_INFO_TYPE_HE_TB_EXT: 421 iwl_mld_decode_he_phy_ru_alloc(phy_data, he, he_mu, rx_status); 422 break; 423 case IWL_RX_PHY_INFO_TYPE_HE_SU: 424 he->data1 |= cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA1_BEAM_CHANGE_KNOWN); 425 he->data3 |= le16_encode_bits(le32_get_bits(phy_data->data0, 426 IWL_RX_PHY_DATA0_HE_BEAM_CHNG), 427 IEEE80211_RADIOTAP_HE_DATA3_BEAM_CHANGE); 428 break; 429 default: 430 /* nothing */ 431 break; 432 } 433 } 434 435 static void iwl_mld_rx_he(struct iwl_mld *mld, struct sk_buff *skb, 436 struct iwl_mld_rx_phy_data *phy_data, 437 int queue) 438 { 439 struct ieee80211_rx_status *rx_status = IEEE80211_SKB_RXCB(skb); 440 struct ieee80211_radiotap_he *he = NULL; 441 struct ieee80211_radiotap_he_mu *he_mu = NULL; 442 u32 rate_n_flags = phy_data->rate_n_flags; 443 u32 he_type = rate_n_flags & RATE_MCS_HE_TYPE_MSK; 444 u8 ltf; 445 static const struct ieee80211_radiotap_he known = { 446 .data1 = cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA1_DATA_MCS_KNOWN | 447 IEEE80211_RADIOTAP_HE_DATA1_DATA_DCM_KNOWN | 448 IEEE80211_RADIOTAP_HE_DATA1_STBC_KNOWN | 449 IEEE80211_RADIOTAP_HE_DATA1_CODING_KNOWN), 450 .data2 = cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA2_GI_KNOWN | 451 IEEE80211_RADIOTAP_HE_DATA2_TXBF_KNOWN), 452 }; 453 static const struct ieee80211_radiotap_he_mu mu_known = { 454 .flags1 = cpu_to_le16(IEEE80211_RADIOTAP_HE_MU_FLAGS1_SIG_B_MCS_KNOWN | 455 IEEE80211_RADIOTAP_HE_MU_FLAGS1_SIG_B_DCM_KNOWN | 456 IEEE80211_RADIOTAP_HE_MU_FLAGS1_SIG_B_SYMS_USERS_KNOWN | 457 IEEE80211_RADIOTAP_HE_MU_FLAGS1_SIG_B_COMP_KNOWN), 458 .flags2 = cpu_to_le16(IEEE80211_RADIOTAP_HE_MU_FLAGS2_PUNC_FROM_SIG_A_BW_KNOWN | 459 IEEE80211_RADIOTAP_HE_MU_FLAGS2_BW_FROM_SIG_A_BW_KNOWN), 460 }; 461 u16 phy_info = phy_data->phy_info; 462 463 he = skb_put_data(skb, &known, sizeof(known)); 464 rx_status->flag |= RX_FLAG_RADIOTAP_HE; 465 466 if (phy_data->info_type == IWL_RX_PHY_INFO_TYPE_HE_MU || 467 phy_data->info_type == IWL_RX_PHY_INFO_TYPE_HE_MU_EXT) { 468 he_mu = skb_put_data(skb, &mu_known, sizeof(mu_known)); 469 rx_status->flag |= RX_FLAG_RADIOTAP_HE_MU; 470 } 471 472 /* report the AMPDU-EOF bit on single frames */ 473 if (!queue && !(phy_info & IWL_RX_MPDU_PHY_AMPDU)) { 474 rx_status->flag |= RX_FLAG_AMPDU_DETAILS; 475 rx_status->flag |= RX_FLAG_AMPDU_EOF_BIT_KNOWN; 476 if (phy_data->data0 & cpu_to_le32(IWL_RX_PHY_DATA0_HE_DELIM_EOF)) 477 rx_status->flag |= RX_FLAG_AMPDU_EOF_BIT; 478 } 479 480 if (phy_info & IWL_RX_MPDU_PHY_TSF_OVERLOAD) 481 iwl_mld_decode_he_phy_data(phy_data, he, he_mu, rx_status, 482 queue); 483 484 /* update aggregation data for monitor sake on default queue */ 485 if (!queue && (phy_info & IWL_RX_MPDU_PHY_TSF_OVERLOAD) && 486 (phy_info & IWL_RX_MPDU_PHY_AMPDU) && phy_data->first_subframe) { 487 rx_status->flag |= RX_FLAG_AMPDU_EOF_BIT_KNOWN; 488 if (phy_data->data0 & cpu_to_le32(IWL_RX_PHY_DATA0_EHT_DELIM_EOF)) 489 rx_status->flag |= RX_FLAG_AMPDU_EOF_BIT; 490 } 491 492 if (he_type == RATE_MCS_HE_TYPE_EXT_SU && 493 rate_n_flags & RATE_MCS_HE_106T_MSK) { 494 rx_status->bw = RATE_INFO_BW_HE_RU; 495 rx_status->he_ru = NL80211_RATE_INFO_HE_RU_ALLOC_106; 496 } 497 498 /* actually data is filled in mac80211 */ 499 if (he_type == RATE_MCS_HE_TYPE_SU || 500 he_type == RATE_MCS_HE_TYPE_EXT_SU) 501 he->data1 |= 502 cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA1_BW_RU_ALLOC_KNOWN); 503 504 #define CHECK_TYPE(F) \ 505 BUILD_BUG_ON(IEEE80211_RADIOTAP_HE_DATA1_FORMAT_ ## F != \ 506 (RATE_MCS_HE_TYPE_ ## F >> RATE_MCS_HE_TYPE_POS)) 507 508 CHECK_TYPE(SU); 509 CHECK_TYPE(EXT_SU); 510 CHECK_TYPE(MU); 511 CHECK_TYPE(TRIG); 512 513 he->data1 |= cpu_to_le16(he_type >> RATE_MCS_HE_TYPE_POS); 514 515 if (rate_n_flags & RATE_MCS_BF_MSK) 516 he->data5 |= cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA5_TXBF); 517 518 switch ((rate_n_flags & RATE_MCS_HE_GI_LTF_MSK) >> 519 RATE_MCS_HE_GI_LTF_POS) { 520 case 0: 521 if (he_type == RATE_MCS_HE_TYPE_TRIG) 522 rx_status->he_gi = NL80211_RATE_INFO_HE_GI_1_6; 523 else 524 rx_status->he_gi = NL80211_RATE_INFO_HE_GI_0_8; 525 if (he_type == RATE_MCS_HE_TYPE_MU) 526 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_4X; 527 else 528 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_1X; 529 break; 530 case 1: 531 if (he_type == RATE_MCS_HE_TYPE_TRIG) 532 rx_status->he_gi = NL80211_RATE_INFO_HE_GI_1_6; 533 else 534 rx_status->he_gi = NL80211_RATE_INFO_HE_GI_0_8; 535 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_2X; 536 break; 537 case 2: 538 if (he_type == RATE_MCS_HE_TYPE_TRIG) { 539 rx_status->he_gi = NL80211_RATE_INFO_HE_GI_3_2; 540 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_4X; 541 } else { 542 rx_status->he_gi = NL80211_RATE_INFO_HE_GI_1_6; 543 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_2X; 544 } 545 break; 546 case 3: 547 rx_status->he_gi = NL80211_RATE_INFO_HE_GI_3_2; 548 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_4X; 549 break; 550 case 4: 551 rx_status->he_gi = NL80211_RATE_INFO_HE_GI_0_8; 552 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_4X; 553 break; 554 default: 555 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_UNKNOWN; 556 } 557 558 he->data5 |= le16_encode_bits(ltf, 559 IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE); 560 } 561 562 static void iwl_mld_decode_lsig(struct sk_buff *skb, 563 struct iwl_mld_rx_phy_data *phy_data) 564 { 565 struct ieee80211_rx_status *rx_status = IEEE80211_SKB_RXCB(skb); 566 struct ieee80211_radiotap_lsig *lsig; 567 568 switch (phy_data->info_type) { 569 case IWL_RX_PHY_INFO_TYPE_HT: 570 case IWL_RX_PHY_INFO_TYPE_VHT_SU: 571 case IWL_RX_PHY_INFO_TYPE_VHT_MU: 572 case IWL_RX_PHY_INFO_TYPE_HE_TB_EXT: 573 case IWL_RX_PHY_INFO_TYPE_HE_SU: 574 case IWL_RX_PHY_INFO_TYPE_HE_MU: 575 case IWL_RX_PHY_INFO_TYPE_HE_MU_EXT: 576 case IWL_RX_PHY_INFO_TYPE_HE_TB: 577 case IWL_RX_PHY_INFO_TYPE_EHT_MU: 578 case IWL_RX_PHY_INFO_TYPE_EHT_TB: 579 case IWL_RX_PHY_INFO_TYPE_EHT_MU_EXT: 580 case IWL_RX_PHY_INFO_TYPE_EHT_TB_EXT: 581 lsig = skb_put(skb, sizeof(*lsig)); 582 lsig->data1 = cpu_to_le16(IEEE80211_RADIOTAP_LSIG_DATA1_LENGTH_KNOWN); 583 lsig->data2 = le16_encode_bits(le32_get_bits(phy_data->data1, 584 IWL_RX_PHY_DATA1_LSIG_LEN_MASK), 585 IEEE80211_RADIOTAP_LSIG_DATA2_LENGTH); 586 rx_status->flag |= RX_FLAG_RADIOTAP_LSIG; 587 break; 588 default: 589 break; 590 } 591 } 592 593 /* Put a TLV on the skb and return data pointer 594 * 595 * Also pad the len to 4 and zero out all data part 596 */ 597 static void * 598 iwl_mld_radiotap_put_tlv(struct sk_buff *skb, u16 type, u16 len) 599 { 600 struct ieee80211_radiotap_tlv *tlv; 601 602 tlv = skb_put(skb, sizeof(*tlv)); 603 tlv->type = cpu_to_le16(type); 604 tlv->len = cpu_to_le16(len); 605 return skb_put_zero(skb, ALIGN(len, 4)); 606 } 607 608 #define LE32_DEC_ENC(value, dec_bits, enc_bits) \ 609 le32_encode_bits(le32_get_bits(value, dec_bits), enc_bits) 610 611 #define IWL_MLD_ENC_USIG_VALUE_MASK(usig, in_value, dec_bits, enc_bits) do { \ 612 typeof(enc_bits) _enc_bits = enc_bits; \ 613 typeof(usig) _usig = usig; \ 614 (_usig)->mask |= cpu_to_le32(_enc_bits); \ 615 (_usig)->value |= LE32_DEC_ENC(in_value, dec_bits, _enc_bits); \ 616 } while (0) 617 618 #define __IWL_MLD_ENC_EHT_RU(rt_data, rt_ru, fw_data, fw_ru) \ 619 eht->data[(rt_data)] |= \ 620 (cpu_to_le32 \ 621 (IEEE80211_RADIOTAP_EHT_DATA ## rt_data ## _RU_ALLOC_CC_ ## rt_ru ## _KNOWN) | \ 622 LE32_DEC_ENC(data ## fw_data, \ 623 IWL_RX_PHY_DATA ## fw_data ## _EHT_MU_EXT_RU_ALLOC_ ## fw_ru, \ 624 IEEE80211_RADIOTAP_EHT_DATA ## rt_data ## _RU_ALLOC_CC_ ## rt_ru)) 625 626 #define _IWL_MLD_ENC_EHT_RU(rt_data, rt_ru, fw_data, fw_ru) \ 627 __IWL_MLD_ENC_EHT_RU(rt_data, rt_ru, fw_data, fw_ru) 628 629 #define IEEE80211_RADIOTAP_RU_DATA_1_1_1 1 630 #define IEEE80211_RADIOTAP_RU_DATA_2_1_1 2 631 #define IEEE80211_RADIOTAP_RU_DATA_1_1_2 2 632 #define IEEE80211_RADIOTAP_RU_DATA_2_1_2 2 633 #define IEEE80211_RADIOTAP_RU_DATA_1_2_1 3 634 #define IEEE80211_RADIOTAP_RU_DATA_2_2_1 3 635 #define IEEE80211_RADIOTAP_RU_DATA_1_2_2 3 636 #define IEEE80211_RADIOTAP_RU_DATA_2_2_2 4 637 638 #define IWL_RX_RU_DATA_A1 2 639 #define IWL_RX_RU_DATA_A2 2 640 #define IWL_RX_RU_DATA_B1 2 641 #define IWL_RX_RU_DATA_B2 4 642 #define IWL_RX_RU_DATA_C1 3 643 #define IWL_RX_RU_DATA_C2 3 644 #define IWL_RX_RU_DATA_D1 4 645 #define IWL_RX_RU_DATA_D2 4 646 647 #define IWL_MLD_ENC_EHT_RU(rt_ru, fw_ru) \ 648 _IWL_MLD_ENC_EHT_RU(IEEE80211_RADIOTAP_RU_DATA_ ## rt_ru, \ 649 rt_ru, \ 650 IWL_RX_RU_DATA_ ## fw_ru, \ 651 fw_ru) 652 653 static void iwl_mld_decode_eht_ext_mu(struct iwl_mld *mld, 654 struct iwl_mld_rx_phy_data *phy_data, 655 struct ieee80211_rx_status *rx_status, 656 struct ieee80211_radiotap_eht *eht, 657 struct ieee80211_radiotap_eht_usig *usig) 658 { 659 if (phy_data->with_data) { 660 __le32 data1 = phy_data->data1; 661 __le32 data2 = phy_data->data2; 662 __le32 data3 = phy_data->data3; 663 __le32 data4 = phy_data->eht_data4; 664 __le32 data5 = phy_data->data5; 665 u32 phy_bw = phy_data->rate_n_flags & RATE_MCS_CHAN_WIDTH_MSK; 666 667 IWL_MLD_ENC_USIG_VALUE_MASK(usig, data5, 668 IWL_RX_PHY_DATA5_EHT_TYPE_AND_COMP, 669 IEEE80211_RADIOTAP_EHT_USIG2_MU_B0_B1_PPDU_TYPE); 670 IWL_MLD_ENC_USIG_VALUE_MASK(usig, data5, 671 IWL_RX_PHY_DATA5_EHT_MU_PUNC_CH_CODE, 672 IEEE80211_RADIOTAP_EHT_USIG2_MU_B3_B7_PUNCTURED_INFO); 673 IWL_MLD_ENC_USIG_VALUE_MASK(usig, data4, 674 IWL_RX_PHY_DATA4_EHT_MU_EXT_SIGB_MCS, 675 IEEE80211_RADIOTAP_EHT_USIG2_MU_B9_B10_SIG_MCS); 676 IWL_MLD_ENC_USIG_VALUE_MASK 677 (usig, data1, IWL_RX_PHY_DATA1_EHT_MU_NUM_SIG_SYM_USIGA2, 678 IEEE80211_RADIOTAP_EHT_USIG2_MU_B11_B15_EHT_SIG_SYMBOLS); 679 680 eht->user_info[0] |= 681 cpu_to_le32(IEEE80211_RADIOTAP_EHT_USER_INFO_STA_ID_KNOWN) | 682 LE32_DEC_ENC(data5, IWL_RX_PHY_DATA5_EHT_MU_STA_ID_USR, 683 IEEE80211_RADIOTAP_EHT_USER_INFO_STA_ID); 684 685 eht->known |= cpu_to_le32(IEEE80211_RADIOTAP_EHT_KNOWN_NR_NON_OFDMA_USERS_M); 686 eht->data[7] |= LE32_DEC_ENC 687 (data5, IWL_RX_PHY_DATA5_EHT_MU_NUM_USR_NON_OFDMA, 688 IEEE80211_RADIOTAP_EHT_DATA7_NUM_OF_NON_OFDMA_USERS); 689 690 /* 691 * Hardware labels the content channels/RU allocation values 692 * as follows: 693 * Content Channel 1 Content Channel 2 694 * 20 MHz: A1 695 * 40 MHz: A1 B1 696 * 80 MHz: A1 C1 B1 D1 697 * 160 MHz: A1 C1 A2 C2 B1 D1 B2 D2 698 * 320 MHz: A1 C1 A2 C2 A3 C3 A4 C4 B1 D1 B2 D2 B3 D3 B4 D4 699 * 700 * However firmware can only give us A1-D2, so the higher 701 * frequencies are missing. 702 */ 703 704 switch (phy_bw) { 705 case RATE_MCS_CHAN_WIDTH_320: 706 /* additional values are missing in RX metadata */ 707 fallthrough; 708 case RATE_MCS_CHAN_WIDTH_160: 709 /* content channel 1 */ 710 IWL_MLD_ENC_EHT_RU(1_2_1, A2); 711 IWL_MLD_ENC_EHT_RU(1_2_2, C2); 712 /* content channel 2 */ 713 IWL_MLD_ENC_EHT_RU(2_2_1, B2); 714 IWL_MLD_ENC_EHT_RU(2_2_2, D2); 715 fallthrough; 716 case RATE_MCS_CHAN_WIDTH_80: 717 /* content channel 1 */ 718 IWL_MLD_ENC_EHT_RU(1_1_2, C1); 719 /* content channel 2 */ 720 IWL_MLD_ENC_EHT_RU(2_1_2, D1); 721 fallthrough; 722 case RATE_MCS_CHAN_WIDTH_40: 723 /* content channel 2 */ 724 IWL_MLD_ENC_EHT_RU(2_1_1, B1); 725 fallthrough; 726 case RATE_MCS_CHAN_WIDTH_20: 727 IWL_MLD_ENC_EHT_RU(1_1_1, A1); 728 break; 729 } 730 } else { 731 __le32 usig_a1 = phy_data->rx_vec[0]; 732 __le32 usig_a2 = phy_data->rx_vec[1]; 733 734 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a1, 735 IWL_RX_USIG_A1_DISREGARD, 736 IEEE80211_RADIOTAP_EHT_USIG1_MU_B20_B24_DISREGARD); 737 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a1, 738 IWL_RX_USIG_A1_VALIDATE, 739 IEEE80211_RADIOTAP_EHT_USIG1_MU_B25_VALIDATE); 740 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2, 741 IWL_RX_USIG_A2_EHT_PPDU_TYPE, 742 IEEE80211_RADIOTAP_EHT_USIG2_MU_B0_B1_PPDU_TYPE); 743 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2, 744 IWL_RX_USIG_A2_EHT_USIG2_VALIDATE_B2, 745 IEEE80211_RADIOTAP_EHT_USIG2_MU_B2_VALIDATE); 746 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2, 747 IWL_RX_USIG_A2_EHT_PUNC_CHANNEL, 748 IEEE80211_RADIOTAP_EHT_USIG2_MU_B3_B7_PUNCTURED_INFO); 749 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2, 750 IWL_RX_USIG_A2_EHT_USIG2_VALIDATE_B8, 751 IEEE80211_RADIOTAP_EHT_USIG2_MU_B8_VALIDATE); 752 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2, 753 IWL_RX_USIG_A2_EHT_SIG_MCS, 754 IEEE80211_RADIOTAP_EHT_USIG2_MU_B9_B10_SIG_MCS); 755 IWL_MLD_ENC_USIG_VALUE_MASK 756 (usig, usig_a2, IWL_RX_USIG_A2_EHT_SIG_SYM_NUM, 757 IEEE80211_RADIOTAP_EHT_USIG2_MU_B11_B15_EHT_SIG_SYMBOLS); 758 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2, 759 IWL_RX_USIG_A2_EHT_CRC_OK, 760 IEEE80211_RADIOTAP_EHT_USIG2_MU_B16_B19_CRC); 761 } 762 } 763 764 static void iwl_mld_decode_eht_ext_tb(struct iwl_mld *mld, 765 struct iwl_mld_rx_phy_data *phy_data, 766 struct ieee80211_rx_status *rx_status, 767 struct ieee80211_radiotap_eht *eht, 768 struct ieee80211_radiotap_eht_usig *usig) 769 { 770 if (phy_data->with_data) { 771 __le32 data5 = phy_data->data5; 772 773 IWL_MLD_ENC_USIG_VALUE_MASK(usig, data5, 774 IWL_RX_PHY_DATA5_EHT_TYPE_AND_COMP, 775 IEEE80211_RADIOTAP_EHT_USIG2_TB_B0_B1_PPDU_TYPE); 776 IWL_MLD_ENC_USIG_VALUE_MASK(usig, data5, 777 IWL_RX_PHY_DATA5_EHT_TB_SPATIAL_REUSE1, 778 IEEE80211_RADIOTAP_EHT_USIG2_TB_B3_B6_SPATIAL_REUSE_1); 779 780 IWL_MLD_ENC_USIG_VALUE_MASK(usig, data5, 781 IWL_RX_PHY_DATA5_EHT_TB_SPATIAL_REUSE2, 782 IEEE80211_RADIOTAP_EHT_USIG2_TB_B7_B10_SPATIAL_REUSE_2); 783 } else { 784 __le32 usig_a1 = phy_data->rx_vec[0]; 785 __le32 usig_a2 = phy_data->rx_vec[1]; 786 787 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a1, 788 IWL_RX_USIG_A1_DISREGARD, 789 IEEE80211_RADIOTAP_EHT_USIG1_TB_B20_B25_DISREGARD); 790 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2, 791 IWL_RX_USIG_A2_EHT_PPDU_TYPE, 792 IEEE80211_RADIOTAP_EHT_USIG2_TB_B0_B1_PPDU_TYPE); 793 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2, 794 IWL_RX_USIG_A2_EHT_USIG2_VALIDATE_B2, 795 IEEE80211_RADIOTAP_EHT_USIG2_TB_B2_VALIDATE); 796 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2, 797 IWL_RX_USIG_A2_EHT_TRIG_SPATIAL_REUSE_1, 798 IEEE80211_RADIOTAP_EHT_USIG2_TB_B3_B6_SPATIAL_REUSE_1); 799 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2, 800 IWL_RX_USIG_A2_EHT_TRIG_SPATIAL_REUSE_2, 801 IEEE80211_RADIOTAP_EHT_USIG2_TB_B7_B10_SPATIAL_REUSE_2); 802 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2, 803 IWL_RX_USIG_A2_EHT_TRIG_USIG2_DISREGARD, 804 IEEE80211_RADIOTAP_EHT_USIG2_TB_B11_B15_DISREGARD); 805 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2, 806 IWL_RX_USIG_A2_EHT_CRC_OK, 807 IEEE80211_RADIOTAP_EHT_USIG2_TB_B16_B19_CRC); 808 } 809 } 810 811 static void iwl_mld_decode_eht_ru(struct iwl_mld *mld, 812 struct ieee80211_rx_status *rx_status, 813 struct ieee80211_radiotap_eht *eht) 814 { 815 u32 ru = le32_get_bits(eht->data[8], 816 IEEE80211_RADIOTAP_EHT_DATA8_RU_ALLOC_TB_FMT_B7_B1); 817 enum nl80211_eht_ru_alloc nl_ru; 818 819 /* Using D1.5 Table 9-53a - Encoding of PS160 and RU Allocation subfields 820 * in an EHT variant User Info field 821 */ 822 823 switch (ru) { 824 case 0 ... 36: 825 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_26; 826 break; 827 case 37 ... 52: 828 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_52; 829 break; 830 case 53 ... 60: 831 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_106; 832 break; 833 case 61 ... 64: 834 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_242; 835 break; 836 case 65 ... 66: 837 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_484; 838 break; 839 case 67: 840 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_996; 841 break; 842 case 68: 843 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_2x996; 844 break; 845 case 69: 846 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_4x996; 847 break; 848 case 70 ... 81: 849 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_52P26; 850 break; 851 case 82 ... 89: 852 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_106P26; 853 break; 854 case 90 ... 93: 855 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_484P242; 856 break; 857 case 94 ... 95: 858 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_996P484; 859 break; 860 case 96 ... 99: 861 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_996P484P242; 862 break; 863 case 100 ... 103: 864 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_2x996P484; 865 break; 866 case 104: 867 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_3x996; 868 break; 869 case 105 ... 106: 870 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_3x996P484; 871 break; 872 default: 873 return; 874 } 875 876 rx_status->bw = RATE_INFO_BW_EHT_RU; 877 rx_status->eht.ru = nl_ru; 878 } 879 880 static void iwl_mld_decode_eht_phy_data(struct iwl_mld *mld, 881 struct iwl_mld_rx_phy_data *phy_data, 882 struct ieee80211_rx_status *rx_status, 883 struct ieee80211_radiotap_eht *eht, 884 struct ieee80211_radiotap_eht_usig *usig) 885 886 { 887 __le32 data0 = phy_data->data0; 888 __le32 data1 = phy_data->data1; 889 __le32 usig_a1 = phy_data->rx_vec[0]; 890 u8 info_type = phy_data->info_type; 891 892 /* Not in EHT range */ 893 if (info_type < IWL_RX_PHY_INFO_TYPE_EHT_MU || 894 info_type > IWL_RX_PHY_INFO_TYPE_EHT_TB_EXT) 895 return; 896 897 usig->common |= cpu_to_le32 898 (IEEE80211_RADIOTAP_EHT_USIG_COMMON_UL_DL_KNOWN | 899 IEEE80211_RADIOTAP_EHT_USIG_COMMON_BSS_COLOR_KNOWN); 900 if (phy_data->with_data) { 901 usig->common |= LE32_DEC_ENC(data0, 902 IWL_RX_PHY_DATA0_EHT_UPLINK, 903 IEEE80211_RADIOTAP_EHT_USIG_COMMON_UL_DL); 904 usig->common |= LE32_DEC_ENC(data0, 905 IWL_RX_PHY_DATA0_EHT_BSS_COLOR_MASK, 906 IEEE80211_RADIOTAP_EHT_USIG_COMMON_BSS_COLOR); 907 } else { 908 usig->common |= LE32_DEC_ENC(usig_a1, 909 IWL_RX_USIG_A1_UL_FLAG, 910 IEEE80211_RADIOTAP_EHT_USIG_COMMON_UL_DL); 911 usig->common |= LE32_DEC_ENC(usig_a1, 912 IWL_RX_USIG_A1_BSS_COLOR, 913 IEEE80211_RADIOTAP_EHT_USIG_COMMON_BSS_COLOR); 914 } 915 916 usig->common |= 917 cpu_to_le32(IEEE80211_RADIOTAP_EHT_USIG_COMMON_VALIDATE_BITS_CHECKED); 918 usig->common |= 919 LE32_DEC_ENC(data0, IWL_RX_PHY_DATA0_EHT_VALIDATE, 920 IEEE80211_RADIOTAP_EHT_USIG_COMMON_VALIDATE_BITS_OK); 921 922 eht->known |= cpu_to_le32(IEEE80211_RADIOTAP_EHT_KNOWN_SPATIAL_REUSE); 923 eht->data[0] |= LE32_DEC_ENC(data0, 924 IWL_RX_PHY_DATA0_ETH_SPATIAL_REUSE_MASK, 925 IEEE80211_RADIOTAP_EHT_DATA0_SPATIAL_REUSE); 926 927 /* All RU allocating size/index is in TB format */ 928 eht->known |= cpu_to_le32(IEEE80211_RADIOTAP_EHT_KNOWN_RU_ALLOC_TB_FMT); 929 eht->data[8] |= LE32_DEC_ENC(data0, IWL_RX_PHY_DATA0_EHT_PS160, 930 IEEE80211_RADIOTAP_EHT_DATA8_RU_ALLOC_TB_FMT_PS_160); 931 eht->data[8] |= LE32_DEC_ENC(data1, IWL_RX_PHY_DATA1_EHT_RU_ALLOC_B0, 932 IEEE80211_RADIOTAP_EHT_DATA8_RU_ALLOC_TB_FMT_B0); 933 eht->data[8] |= LE32_DEC_ENC(data1, IWL_RX_PHY_DATA1_EHT_RU_ALLOC_B1_B7, 934 IEEE80211_RADIOTAP_EHT_DATA8_RU_ALLOC_TB_FMT_B7_B1); 935 936 iwl_mld_decode_eht_ru(mld, rx_status, eht); 937 938 /* We only get here in case of IWL_RX_MPDU_PHY_TSF_OVERLOAD is set 939 * which is on only in case of monitor mode so no need to check monitor 940 * mode 941 */ 942 eht->known |= cpu_to_le32(IEEE80211_RADIOTAP_EHT_KNOWN_PRIMARY_80); 943 eht->data[1] |= 944 le32_encode_bits(mld->monitor.p80, 945 IEEE80211_RADIOTAP_EHT_DATA1_PRIMARY_80); 946 947 usig->common |= cpu_to_le32(IEEE80211_RADIOTAP_EHT_USIG_COMMON_TXOP_KNOWN); 948 if (phy_data->with_data) 949 usig->common |= LE32_DEC_ENC(data0, IWL_RX_PHY_DATA0_EHT_TXOP_DUR_MASK, 950 IEEE80211_RADIOTAP_EHT_USIG_COMMON_TXOP); 951 else 952 usig->common |= LE32_DEC_ENC(usig_a1, IWL_RX_USIG_A1_TXOP_DURATION, 953 IEEE80211_RADIOTAP_EHT_USIG_COMMON_TXOP); 954 955 eht->known |= cpu_to_le32(IEEE80211_RADIOTAP_EHT_KNOWN_LDPC_EXTRA_SYM_OM); 956 eht->data[0] |= LE32_DEC_ENC(data0, IWL_RX_PHY_DATA0_EHT_LDPC_EXT_SYM, 957 IEEE80211_RADIOTAP_EHT_DATA0_LDPC_EXTRA_SYM_OM); 958 959 eht->known |= cpu_to_le32(IEEE80211_RADIOTAP_EHT_KNOWN_PRE_PADD_FACOR_OM); 960 eht->data[0] |= LE32_DEC_ENC(data0, IWL_RX_PHY_DATA0_EHT_PRE_FEC_PAD_MASK, 961 IEEE80211_RADIOTAP_EHT_DATA0_PRE_PADD_FACOR_OM); 962 963 eht->known |= cpu_to_le32(IEEE80211_RADIOTAP_EHT_KNOWN_PE_DISAMBIGUITY_OM); 964 eht->data[0] |= LE32_DEC_ENC(data0, IWL_RX_PHY_DATA0_EHT_PE_DISAMBIG, 965 IEEE80211_RADIOTAP_EHT_DATA0_PE_DISAMBIGUITY_OM); 966 967 /* TODO: what about IWL_RX_PHY_DATA0_EHT_BW320_SLOT */ 968 969 if (!le32_get_bits(data0, IWL_RX_PHY_DATA0_EHT_SIGA_CRC_OK)) 970 usig->common |= cpu_to_le32(IEEE80211_RADIOTAP_EHT_USIG_COMMON_BAD_USIG_CRC); 971 972 usig->common |= cpu_to_le32(IEEE80211_RADIOTAP_EHT_USIG_COMMON_PHY_VER_KNOWN); 973 usig->common |= LE32_DEC_ENC(data0, IWL_RX_PHY_DATA0_EHT_PHY_VER, 974 IEEE80211_RADIOTAP_EHT_USIG_COMMON_PHY_VER); 975 976 /* 977 * TODO: what about TB - IWL_RX_PHY_DATA1_EHT_TB_PILOT_TYPE, 978 * IWL_RX_PHY_DATA1_EHT_TB_LOW_SS 979 */ 980 981 eht->known |= cpu_to_le32(IEEE80211_RADIOTAP_EHT_KNOWN_EHT_LTF); 982 eht->data[0] |= LE32_DEC_ENC(data1, IWL_RX_PHY_DATA1_EHT_SIG_LTF_NUM, 983 IEEE80211_RADIOTAP_EHT_DATA0_EHT_LTF); 984 985 if (info_type == IWL_RX_PHY_INFO_TYPE_EHT_TB_EXT || 986 info_type == IWL_RX_PHY_INFO_TYPE_EHT_TB) 987 iwl_mld_decode_eht_ext_tb(mld, phy_data, rx_status, eht, usig); 988 989 if (info_type == IWL_RX_PHY_INFO_TYPE_EHT_MU_EXT || 990 info_type == IWL_RX_PHY_INFO_TYPE_EHT_MU) 991 iwl_mld_decode_eht_ext_mu(mld, phy_data, rx_status, eht, usig); 992 } 993 994 static void iwl_mld_rx_eht(struct iwl_mld *mld, struct sk_buff *skb, 995 struct iwl_mld_rx_phy_data *phy_data, 996 int queue) 997 { 998 struct ieee80211_rx_status *rx_status = IEEE80211_SKB_RXCB(skb); 999 struct ieee80211_radiotap_eht *eht; 1000 struct ieee80211_radiotap_eht_usig *usig; 1001 size_t eht_len = sizeof(*eht); 1002 1003 u32 rate_n_flags = phy_data->rate_n_flags; 1004 u32 he_type = rate_n_flags & RATE_MCS_HE_TYPE_MSK; 1005 /* EHT and HE have the same values for LTF */ 1006 u8 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_UNKNOWN; 1007 u16 phy_info = phy_data->phy_info; 1008 u32 bw; 1009 1010 /* u32 for 1 user_info */ 1011 if (phy_data->with_data) 1012 eht_len += sizeof(u32); 1013 1014 eht = iwl_mld_radiotap_put_tlv(skb, IEEE80211_RADIOTAP_EHT, eht_len); 1015 1016 usig = iwl_mld_radiotap_put_tlv(skb, IEEE80211_RADIOTAP_EHT_USIG, 1017 sizeof(*usig)); 1018 rx_status->flag |= RX_FLAG_RADIOTAP_TLV_AT_END; 1019 usig->common |= 1020 cpu_to_le32(IEEE80211_RADIOTAP_EHT_USIG_COMMON_BW_KNOWN); 1021 1022 /* specific handling for 320MHz */ 1023 bw = u32_get_bits(rate_n_flags, RATE_MCS_CHAN_WIDTH_MSK); 1024 if (bw == RATE_MCS_CHAN_WIDTH_320_VAL) 1025 bw += le32_get_bits(phy_data->data0, 1026 IWL_RX_PHY_DATA0_EHT_BW320_SLOT); 1027 1028 usig->common |= cpu_to_le32 1029 (FIELD_PREP(IEEE80211_RADIOTAP_EHT_USIG_COMMON_BW, bw)); 1030 1031 /* report the AMPDU-EOF bit on single frames */ 1032 if (!queue && !(phy_info & IWL_RX_MPDU_PHY_AMPDU)) { 1033 rx_status->flag |= RX_FLAG_AMPDU_DETAILS; 1034 rx_status->flag |= RX_FLAG_AMPDU_EOF_BIT_KNOWN; 1035 if (phy_data->data0 & 1036 cpu_to_le32(IWL_RX_PHY_DATA0_EHT_DELIM_EOF)) 1037 rx_status->flag |= RX_FLAG_AMPDU_EOF_BIT; 1038 } 1039 1040 if (phy_info & IWL_RX_MPDU_PHY_TSF_OVERLOAD) 1041 iwl_mld_decode_eht_phy_data(mld, phy_data, rx_status, eht, usig); 1042 1043 #define CHECK_TYPE(F) \ 1044 BUILD_BUG_ON(IEEE80211_RADIOTAP_HE_DATA1_FORMAT_ ## F != \ 1045 (RATE_MCS_HE_TYPE_ ## F >> RATE_MCS_HE_TYPE_POS)) 1046 1047 CHECK_TYPE(SU); 1048 CHECK_TYPE(EXT_SU); 1049 CHECK_TYPE(MU); 1050 CHECK_TYPE(TRIG); 1051 1052 switch (u32_get_bits(rate_n_flags, RATE_MCS_HE_GI_LTF_MSK)) { 1053 case 0: 1054 if (he_type == RATE_MCS_HE_TYPE_TRIG) { 1055 rx_status->eht.gi = NL80211_RATE_INFO_EHT_GI_1_6; 1056 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_1X; 1057 } else { 1058 rx_status->eht.gi = NL80211_RATE_INFO_EHT_GI_0_8; 1059 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_2X; 1060 } 1061 break; 1062 case 1: 1063 rx_status->eht.gi = NL80211_RATE_INFO_EHT_GI_1_6; 1064 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_2X; 1065 break; 1066 case 2: 1067 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_4X; 1068 if (he_type == RATE_MCS_HE_TYPE_TRIG) 1069 rx_status->eht.gi = NL80211_RATE_INFO_EHT_GI_3_2; 1070 else 1071 rx_status->eht.gi = NL80211_RATE_INFO_EHT_GI_0_8; 1072 break; 1073 case 3: 1074 if (he_type != RATE_MCS_HE_TYPE_TRIG) { 1075 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_4X; 1076 rx_status->eht.gi = NL80211_RATE_INFO_EHT_GI_3_2; 1077 } 1078 break; 1079 default: 1080 /* nothing here */ 1081 break; 1082 } 1083 1084 if (ltf != IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_UNKNOWN) { 1085 eht->known |= cpu_to_le32(IEEE80211_RADIOTAP_EHT_KNOWN_GI); 1086 eht->data[0] |= cpu_to_le32 1087 (FIELD_PREP(IEEE80211_RADIOTAP_EHT_DATA0_LTF, 1088 ltf) | 1089 FIELD_PREP(IEEE80211_RADIOTAP_EHT_DATA0_GI, 1090 rx_status->eht.gi)); 1091 } 1092 1093 if (!phy_data->with_data) { 1094 eht->known |= cpu_to_le32(IEEE80211_RADIOTAP_EHT_KNOWN_NSS_S | 1095 IEEE80211_RADIOTAP_EHT_KNOWN_BEAMFORMED_S); 1096 eht->data[7] |= 1097 le32_encode_bits(le32_get_bits(phy_data->rx_vec[2], 1098 RX_NO_DATA_RX_VEC2_EHT_NSTS_MSK), 1099 IEEE80211_RADIOTAP_EHT_DATA7_NSS_S); 1100 if (rate_n_flags & RATE_MCS_BF_MSK) 1101 eht->data[7] |= 1102 cpu_to_le32(IEEE80211_RADIOTAP_EHT_DATA7_BEAMFORMED_S); 1103 } else { 1104 eht->user_info[0] |= 1105 cpu_to_le32(IEEE80211_RADIOTAP_EHT_USER_INFO_MCS_KNOWN | 1106 IEEE80211_RADIOTAP_EHT_USER_INFO_CODING_KNOWN | 1107 IEEE80211_RADIOTAP_EHT_USER_INFO_NSS_KNOWN_O | 1108 IEEE80211_RADIOTAP_EHT_USER_INFO_BEAMFORMING_KNOWN_O | 1109 IEEE80211_RADIOTAP_EHT_USER_INFO_DATA_FOR_USER); 1110 1111 if (rate_n_flags & RATE_MCS_BF_MSK) 1112 eht->user_info[0] |= 1113 cpu_to_le32(IEEE80211_RADIOTAP_EHT_USER_INFO_BEAMFORMING_O); 1114 1115 if (rate_n_flags & RATE_MCS_LDPC_MSK) 1116 eht->user_info[0] |= 1117 cpu_to_le32(IEEE80211_RADIOTAP_EHT_USER_INFO_CODING); 1118 1119 eht->user_info[0] |= cpu_to_le32 1120 (FIELD_PREP(IEEE80211_RADIOTAP_EHT_USER_INFO_MCS, 1121 u32_get_bits(rate_n_flags, 1122 RATE_VHT_MCS_RATE_CODE_MSK)) | 1123 FIELD_PREP(IEEE80211_RADIOTAP_EHT_USER_INFO_NSS_O, 1124 u32_get_bits(rate_n_flags, 1125 RATE_MCS_NSS_MSK))); 1126 } 1127 } 1128 1129 #ifdef CONFIG_IWLWIFI_DEBUGFS 1130 static void iwl_mld_add_rtap_sniffer_config(struct iwl_mld *mld, 1131 struct sk_buff *skb) 1132 { 1133 struct ieee80211_rx_status *rx_status = IEEE80211_SKB_RXCB(skb); 1134 struct ieee80211_radiotap_vendor_content *radiotap; 1135 const u16 vendor_data_len = sizeof(mld->monitor.cur_aid); 1136 1137 if (!mld->monitor.cur_aid) 1138 return; 1139 1140 radiotap = 1141 iwl_mld_radiotap_put_tlv(skb, 1142 IEEE80211_RADIOTAP_VENDOR_NAMESPACE, 1143 sizeof(*radiotap) + vendor_data_len); 1144 1145 /* Intel OUI */ 1146 radiotap->oui[0] = 0xf6; 1147 radiotap->oui[1] = 0x54; 1148 radiotap->oui[2] = 0x25; 1149 /* radiotap sniffer config sub-namespace */ 1150 radiotap->oui_subtype = 1; 1151 radiotap->vendor_type = 0; 1152 1153 /* fill the data now */ 1154 memcpy(radiotap->data, &mld->monitor.cur_aid, 1155 sizeof(mld->monitor.cur_aid)); 1156 1157 rx_status->flag |= RX_FLAG_RADIOTAP_TLV_AT_END; 1158 } 1159 #endif 1160 1161 static void iwl_mld_rx_fill_status(struct iwl_mld *mld, struct sk_buff *skb, 1162 struct iwl_mld_rx_phy_data *phy_data, 1163 int queue) 1164 { 1165 struct ieee80211_rx_status *rx_status = IEEE80211_SKB_RXCB(skb); 1166 u32 format = phy_data->rate_n_flags & RATE_MCS_MOD_TYPE_MSK; 1167 u32 rate_n_flags = phy_data->rate_n_flags; 1168 u8 stbc = u32_get_bits(rate_n_flags, RATE_MCS_STBC_MSK); 1169 bool is_sgi = rate_n_flags & RATE_MCS_SGI_MSK; 1170 1171 phy_data->info_type = IWL_RX_PHY_INFO_TYPE_NONE; 1172 1173 if (phy_data->phy_info & IWL_RX_MPDU_PHY_TSF_OVERLOAD) 1174 phy_data->info_type = 1175 le32_get_bits(phy_data->data1, 1176 IWL_RX_PHY_DATA1_INFO_TYPE_MASK); 1177 1178 /* set the preamble flag if appropriate */ 1179 if (format == RATE_MCS_CCK_MSK && 1180 phy_data->phy_info & IWL_RX_MPDU_PHY_SHORT_PREAMBLE) 1181 rx_status->enc_flags |= RX_ENC_FLAG_SHORTPRE; 1182 1183 iwl_mld_fill_signal(mld, rx_status, phy_data); 1184 1185 /* This may be overridden by iwl_mld_rx_he() to HE_RU */ 1186 switch (rate_n_flags & RATE_MCS_CHAN_WIDTH_MSK) { 1187 case RATE_MCS_CHAN_WIDTH_20: 1188 break; 1189 case RATE_MCS_CHAN_WIDTH_40: 1190 rx_status->bw = RATE_INFO_BW_40; 1191 break; 1192 case RATE_MCS_CHAN_WIDTH_80: 1193 rx_status->bw = RATE_INFO_BW_80; 1194 break; 1195 case RATE_MCS_CHAN_WIDTH_160: 1196 rx_status->bw = RATE_INFO_BW_160; 1197 break; 1198 case RATE_MCS_CHAN_WIDTH_320: 1199 rx_status->bw = RATE_INFO_BW_320; 1200 break; 1201 } 1202 1203 /* must be before L-SIG data */ 1204 if (format == RATE_MCS_HE_MSK) 1205 iwl_mld_rx_he(mld, skb, phy_data, queue); 1206 1207 iwl_mld_decode_lsig(skb, phy_data); 1208 1209 rx_status->device_timestamp = phy_data->gp2_on_air_rise; 1210 1211 /* using TLV format and must be after all fixed len fields */ 1212 if (format == RATE_MCS_EHT_MSK) 1213 iwl_mld_rx_eht(mld, skb, phy_data, queue); 1214 1215 #ifdef CONFIG_IWLWIFI_DEBUGFS 1216 if (unlikely(mld->monitor.on)) 1217 iwl_mld_add_rtap_sniffer_config(mld, skb); 1218 #endif 1219 1220 if (format != RATE_MCS_CCK_MSK && is_sgi) 1221 rx_status->enc_flags |= RX_ENC_FLAG_SHORT_GI; 1222 1223 if (rate_n_flags & RATE_MCS_LDPC_MSK) 1224 rx_status->enc_flags |= RX_ENC_FLAG_LDPC; 1225 1226 switch (format) { 1227 case RATE_MCS_HT_MSK: 1228 rx_status->encoding = RX_ENC_HT; 1229 rx_status->rate_idx = RATE_HT_MCS_INDEX(rate_n_flags); 1230 rx_status->enc_flags |= stbc << RX_ENC_FLAG_STBC_SHIFT; 1231 break; 1232 case RATE_MCS_VHT_MSK: 1233 case RATE_MCS_HE_MSK: 1234 case RATE_MCS_EHT_MSK: 1235 if (format == RATE_MCS_VHT_MSK) { 1236 rx_status->encoding = RX_ENC_VHT; 1237 } else if (format == RATE_MCS_HE_MSK) { 1238 rx_status->encoding = RX_ENC_HE; 1239 rx_status->he_dcm = 1240 !!(rate_n_flags & RATE_HE_DUAL_CARRIER_MODE_MSK); 1241 } else if (format == RATE_MCS_EHT_MSK) { 1242 rx_status->encoding = RX_ENC_EHT; 1243 } 1244 1245 rx_status->nss = u32_get_bits(rate_n_flags, RATE_MCS_NSS_MSK) + 1; 1246 rx_status->rate_idx = rate_n_flags & RATE_MCS_CODE_MSK; 1247 rx_status->enc_flags |= stbc << RX_ENC_FLAG_STBC_SHIFT; 1248 break; 1249 default: { 1250 int rate = 1251 iwl_mld_legacy_hw_idx_to_mac80211_idx(rate_n_flags, 1252 rx_status->band); 1253 1254 /* valid rate */ 1255 if (rate >= 0 && rate <= 0xFF) { 1256 rx_status->rate_idx = rate; 1257 break; 1258 } 1259 1260 /* invalid rate */ 1261 rx_status->rate_idx = 0; 1262 1263 if (net_ratelimit()) 1264 IWL_ERR(mld, "invalid rate_n_flags=0x%x, band=%d\n", 1265 rate_n_flags, rx_status->band); 1266 break; 1267 } 1268 } 1269 } 1270 1271 /* iwl_mld_create_skb adds the rxb to a new skb */ 1272 static int iwl_mld_build_rx_skb(struct iwl_mld *mld, struct sk_buff *skb, 1273 struct ieee80211_hdr *hdr, u16 len, 1274 u8 crypt_len, struct iwl_rx_cmd_buffer *rxb) 1275 { 1276 struct iwl_rx_packet *pkt = rxb_addr(rxb); 1277 struct iwl_rx_mpdu_desc *desc = (void *)pkt->data; 1278 unsigned int headlen, fraglen, pad_len = 0; 1279 unsigned int hdrlen = ieee80211_hdrlen(hdr->frame_control); 1280 u8 mic_crc_len = u8_get_bits(desc->mac_flags1, 1281 IWL_RX_MPDU_MFLG1_MIC_CRC_LEN_MASK) << 1; 1282 1283 if (desc->mac_flags2 & IWL_RX_MPDU_MFLG2_PAD) { 1284 len -= 2; 1285 pad_len = 2; 1286 } 1287 1288 /* For non monitor interface strip the bytes the RADA might not have 1289 * removed (it might be disabled, e.g. for mgmt frames). As a monitor 1290 * interface cannot exist with other interfaces, this removal is safe 1291 * and sufficient, in monitor mode there's no decryption being done. 1292 */ 1293 if (len > mic_crc_len && !ieee80211_hw_check(mld->hw, RX_INCLUDES_FCS)) 1294 len -= mic_crc_len; 1295 1296 /* If frame is small enough to fit in skb->head, pull it completely. 1297 * If not, only pull ieee80211_hdr (including crypto if present, and 1298 * an additional 8 bytes for SNAP/ethertype, see below) so that 1299 * splice() or TCP coalesce are more efficient. 1300 * 1301 * Since, in addition, ieee80211_data_to_8023() always pull in at 1302 * least 8 bytes (possibly more for mesh) we can do the same here 1303 * to save the cost of doing it later. That still doesn't pull in 1304 * the actual IP header since the typical case has a SNAP header. 1305 * If the latter changes (there are efforts in the standards group 1306 * to do so) we should revisit this and ieee80211_data_to_8023(). 1307 */ 1308 headlen = (len <= skb_tailroom(skb)) ? len : hdrlen + crypt_len + 8; 1309 1310 /* The firmware may align the packet to DWORD. 1311 * The padding is inserted after the IV. 1312 * After copying the header + IV skip the padding if 1313 * present before copying packet data. 1314 */ 1315 hdrlen += crypt_len; 1316 1317 if (unlikely(headlen < hdrlen)) 1318 return -EINVAL; 1319 1320 /* Since data doesn't move data while putting data on skb and that is 1321 * the only way we use, data + len is the next place that hdr would 1322 * be put 1323 */ 1324 skb_set_mac_header(skb, skb->len); 1325 skb_put_data(skb, hdr, hdrlen); 1326 skb_put_data(skb, (u8 *)hdr + hdrlen + pad_len, headlen - hdrlen); 1327 1328 if (skb->ip_summed == CHECKSUM_COMPLETE) { 1329 struct { 1330 u8 hdr[6]; 1331 __be16 type; 1332 } __packed *shdr = (void *)((u8 *)hdr + hdrlen + pad_len); 1333 1334 if (unlikely(headlen - hdrlen < sizeof(*shdr) || 1335 !ether_addr_equal(shdr->hdr, rfc1042_header) || 1336 (shdr->type != htons(ETH_P_IP) && 1337 shdr->type != htons(ETH_P_ARP) && 1338 shdr->type != htons(ETH_P_IPV6) && 1339 shdr->type != htons(ETH_P_8021Q) && 1340 shdr->type != htons(ETH_P_PAE) && 1341 shdr->type != htons(ETH_P_TDLS)))) 1342 skb->ip_summed = CHECKSUM_NONE; 1343 } 1344 1345 fraglen = len - headlen; 1346 1347 if (fraglen) { 1348 int offset = (u8 *)hdr + headlen + pad_len - 1349 (u8 *)rxb_addr(rxb) + rxb_offset(rxb); 1350 1351 skb_add_rx_frag(skb, 0, rxb_steal_page(rxb), offset, 1352 fraglen, rxb->truesize); 1353 } 1354 1355 return 0; 1356 } 1357 1358 /* returns true if a packet is a duplicate or invalid tid and 1359 * should be dropped. Updates AMSDU PN tracking info 1360 */ 1361 VISIBLE_IF_IWLWIFI_KUNIT 1362 bool 1363 iwl_mld_is_dup(struct iwl_mld *mld, struct ieee80211_sta *sta, 1364 struct ieee80211_hdr *hdr, 1365 const struct iwl_rx_mpdu_desc *mpdu_desc, 1366 struct ieee80211_rx_status *rx_status, int queue) 1367 { 1368 struct iwl_mld_sta *mld_sta; 1369 struct iwl_mld_rxq_dup_data *dup_data; 1370 u8 tid, sub_frame_idx; 1371 1372 if (WARN_ON(!sta)) 1373 return false; 1374 1375 mld_sta = iwl_mld_sta_from_mac80211(sta); 1376 1377 if (WARN_ON_ONCE(!mld_sta->dup_data)) 1378 return false; 1379 1380 dup_data = &mld_sta->dup_data[queue]; 1381 1382 /* Drop duplicate 802.11 retransmissions 1383 * (IEEE 802.11-2020: 10.3.2.14 "Duplicate detection and recovery") 1384 */ 1385 if (ieee80211_is_ctl(hdr->frame_control) || 1386 ieee80211_is_any_nullfunc(hdr->frame_control) || 1387 is_multicast_ether_addr(hdr->addr1)) 1388 return false; 1389 1390 if (ieee80211_is_data_qos(hdr->frame_control)) { 1391 /* frame has qos control */ 1392 tid = ieee80211_get_tid(hdr); 1393 if (tid >= IWL_MAX_TID_COUNT) 1394 return true; 1395 } else { 1396 tid = IWL_MAX_TID_COUNT; 1397 } 1398 1399 /* If this wasn't a part of an A-MSDU the sub-frame index will be 0 */ 1400 sub_frame_idx = mpdu_desc->amsdu_info & 1401 IWL_RX_MPDU_AMSDU_SUBFRAME_IDX_MASK; 1402 1403 if (IWL_FW_CHECK(mld, 1404 sub_frame_idx > 0 && 1405 !(mpdu_desc->mac_flags2 & IWL_RX_MPDU_MFLG2_AMSDU), 1406 "got sub_frame_idx=%d but A-MSDU flag is not set\n", 1407 sub_frame_idx)) 1408 return true; 1409 1410 if (unlikely(ieee80211_has_retry(hdr->frame_control) && 1411 dup_data->last_seq[tid] == hdr->seq_ctrl && 1412 dup_data->last_sub_frame_idx[tid] >= sub_frame_idx)) 1413 return true; 1414 1415 /* Allow same PN as the first subframe for following sub frames */ 1416 if (dup_data->last_seq[tid] == hdr->seq_ctrl && 1417 sub_frame_idx > dup_data->last_sub_frame_idx[tid]) 1418 rx_status->flag |= RX_FLAG_ALLOW_SAME_PN; 1419 1420 dup_data->last_seq[tid] = hdr->seq_ctrl; 1421 dup_data->last_sub_frame_idx[tid] = sub_frame_idx; 1422 1423 rx_status->flag |= RX_FLAG_DUP_VALIDATED; 1424 1425 return false; 1426 } 1427 EXPORT_SYMBOL_IF_IWLWIFI_KUNIT(iwl_mld_is_dup); 1428 1429 static void iwl_mld_update_last_rx_timestamp(struct iwl_mld *mld, u8 baid) 1430 { 1431 unsigned long now = jiffies; 1432 unsigned long timeout; 1433 struct iwl_mld_baid_data *ba_data; 1434 1435 ba_data = rcu_dereference(mld->fw_id_to_ba[baid]); 1436 if (!ba_data) { 1437 IWL_DEBUG_HT(mld, "BAID %d not found in map\n", baid); 1438 return; 1439 } 1440 1441 if (!ba_data->timeout) 1442 return; 1443 1444 /* To minimize cache bouncing between RX queues, avoid frequent updates 1445 * to last_rx_timestamp. update it only when the timeout period has 1446 * passed. The worst-case scenario is the session expiring after 1447 * approximately 2 * timeout, which is negligible (the update is 1448 * atomic). 1449 */ 1450 timeout = TU_TO_JIFFIES(ba_data->timeout); 1451 if (time_is_before_jiffies(ba_data->last_rx_timestamp + timeout)) 1452 ba_data->last_rx_timestamp = now; 1453 } 1454 1455 /* Processes received packets for a station. 1456 * Sets *drop to true if the packet should be dropped. 1457 * Returns the station if found, or NULL otherwise. 1458 */ 1459 static struct ieee80211_sta * 1460 iwl_mld_rx_with_sta(struct iwl_mld *mld, struct ieee80211_hdr *hdr, 1461 struct sk_buff *skb, 1462 const struct iwl_rx_mpdu_desc *mpdu_desc, 1463 const struct iwl_rx_packet *pkt, int queue, bool *drop) 1464 { 1465 struct ieee80211_sta *sta = NULL; 1466 struct ieee80211_link_sta *link_sta = NULL; 1467 struct ieee80211_rx_status *rx_status; 1468 u8 baid; 1469 1470 if (mpdu_desc->status & cpu_to_le32(IWL_RX_MPDU_STATUS_SRC_STA_FOUND)) { 1471 u8 sta_id = le32_get_bits(mpdu_desc->status, 1472 IWL_RX_MPDU_STATUS_STA_ID); 1473 1474 if (IWL_FW_CHECK(mld, 1475 sta_id >= mld->fw->ucode_capa.num_stations, 1476 "rx_mpdu: invalid sta_id %d\n", sta_id)) 1477 return NULL; 1478 1479 link_sta = rcu_dereference(mld->fw_id_to_link_sta[sta_id]); 1480 if (!IS_ERR_OR_NULL(link_sta)) 1481 sta = link_sta->sta; 1482 } else if (!is_multicast_ether_addr(hdr->addr2)) { 1483 /* Passing NULL is fine since we prevent two stations with the 1484 * same address from being added. 1485 */ 1486 sta = ieee80211_find_sta_by_ifaddr(mld->hw, hdr->addr2, NULL); 1487 } 1488 1489 /* we may not have any station yet */ 1490 if (!sta) 1491 return NULL; 1492 1493 rx_status = IEEE80211_SKB_RXCB(skb); 1494 1495 if (link_sta && sta->valid_links) { 1496 rx_status->link_valid = true; 1497 rx_status->link_id = link_sta->link_id; 1498 } 1499 1500 /* fill checksum */ 1501 if (ieee80211_is_data(hdr->frame_control) && 1502 pkt->len_n_flags & cpu_to_le32(FH_RSCSR_RPA_EN)) { 1503 u16 hwsum = be16_to_cpu(mpdu_desc->v3.raw_xsum); 1504 1505 skb->ip_summed = CHECKSUM_COMPLETE; 1506 skb->csum = csum_unfold(~(__force __sum16)hwsum); 1507 } 1508 1509 if (iwl_mld_is_dup(mld, sta, hdr, mpdu_desc, rx_status, queue)) { 1510 IWL_DEBUG_DROP(mld, "Dropping duplicate packet 0x%x\n", 1511 le16_to_cpu(hdr->seq_ctrl)); 1512 *drop = true; 1513 return NULL; 1514 } 1515 1516 baid = le32_get_bits(mpdu_desc->reorder_data, 1517 IWL_RX_MPDU_REORDER_BAID_MASK); 1518 if (baid != IWL_RX_REORDER_DATA_INVALID_BAID) 1519 iwl_mld_update_last_rx_timestamp(mld, baid); 1520 1521 if (link_sta && ieee80211_is_data(hdr->frame_control)) { 1522 u8 sub_frame_idx = mpdu_desc->amsdu_info & 1523 IWL_RX_MPDU_AMSDU_SUBFRAME_IDX_MASK; 1524 1525 /* 0 means not an A-MSDU, and 1 means a new A-MSDU */ 1526 if (!sub_frame_idx || sub_frame_idx == 1) 1527 iwl_mld_count_mpdu_rx(link_sta, queue, 1); 1528 1529 if (!is_multicast_ether_addr(hdr->addr1)) 1530 iwl_mld_low_latency_update_counters(mld, hdr, sta, 1531 queue); 1532 } 1533 1534 return sta; 1535 } 1536 1537 #define KEY_IDX_LEN 2 1538 1539 static int iwl_mld_rx_mgmt_prot(struct ieee80211_sta *sta, 1540 struct ieee80211_hdr *hdr, 1541 struct ieee80211_rx_status *rx_status, 1542 u32 mpdu_status, 1543 u32 mpdu_len) 1544 { 1545 struct wireless_dev *wdev; 1546 struct iwl_mld_sta *mld_sta; 1547 struct iwl_mld_vif *mld_vif; 1548 u8 keyidx; 1549 struct ieee80211_key_conf *key; 1550 const u8 *frame = (void *)hdr; 1551 1552 if ((mpdu_status & IWL_RX_MPDU_STATUS_SEC_MASK) == 1553 IWL_RX_MPDU_STATUS_SEC_NONE) 1554 return 0; 1555 1556 /* For non-beacon, we don't really care. But beacons may 1557 * be filtered out, and we thus need the firmware's replay 1558 * detection, otherwise beacons the firmware previously 1559 * filtered could be replayed, or something like that, and 1560 * it can filter a lot - though usually only if nothing has 1561 * changed. 1562 */ 1563 if (!ieee80211_is_beacon(hdr->frame_control)) 1564 return 0; 1565 1566 if (!sta) 1567 return -1; 1568 1569 mld_sta = iwl_mld_sta_from_mac80211(sta); 1570 mld_vif = iwl_mld_vif_from_mac80211(mld_sta->vif); 1571 1572 /* key mismatch - will also report !MIC_OK but we shouldn't count it */ 1573 if (!(mpdu_status & IWL_RX_MPDU_STATUS_KEY_VALID)) 1574 goto report; 1575 1576 /* good cases */ 1577 if (likely(mpdu_status & IWL_RX_MPDU_STATUS_MIC_OK && 1578 !(mpdu_status & IWL_RX_MPDU_STATUS_REPLAY_ERROR))) { 1579 rx_status->flag |= RX_FLAG_DECRYPTED; 1580 return 0; 1581 } 1582 1583 /* both keys will have the same cipher and MIC length, use 1584 * whichever one is available 1585 */ 1586 key = rcu_dereference(mld_vif->bigtks[0]); 1587 if (!key) { 1588 key = rcu_dereference(mld_vif->bigtks[1]); 1589 if (!key) 1590 goto report; 1591 } 1592 1593 if (mpdu_len < key->icv_len + IEEE80211_GMAC_PN_LEN + KEY_IDX_LEN) 1594 goto report; 1595 1596 /* get the real key ID */ 1597 keyidx = frame[mpdu_len - key->icv_len - IEEE80211_GMAC_PN_LEN - KEY_IDX_LEN]; 1598 /* and if that's the other key, look it up */ 1599 if (keyidx != key->keyidx) { 1600 /* shouldn't happen since firmware checked, but be safe 1601 * in case the MIC length is wrong too, for example 1602 */ 1603 if (keyidx != 6 && keyidx != 7) 1604 return -1; 1605 1606 key = rcu_dereference(mld_vif->bigtks[keyidx - 6]); 1607 if (!key) 1608 goto report; 1609 } 1610 1611 /* Report status to mac80211 */ 1612 if (!(mpdu_status & IWL_RX_MPDU_STATUS_MIC_OK)) 1613 ieee80211_key_mic_failure(key); 1614 else if (mpdu_status & IWL_RX_MPDU_STATUS_REPLAY_ERROR) 1615 ieee80211_key_replay(key); 1616 report: 1617 wdev = ieee80211_vif_to_wdev(mld_sta->vif); 1618 if (wdev->netdev) 1619 cfg80211_rx_unprot_mlme_mgmt(wdev->netdev, (void *)hdr, 1620 mpdu_len); 1621 1622 return -1; 1623 } 1624 1625 static int iwl_mld_rx_crypto(struct iwl_mld *mld, 1626 struct ieee80211_sta *sta, 1627 struct ieee80211_hdr *hdr, 1628 struct ieee80211_rx_status *rx_status, 1629 struct iwl_rx_mpdu_desc *desc, int queue, 1630 u32 pkt_flags, u8 *crypto_len) 1631 { 1632 u32 status = le32_to_cpu(desc->status); 1633 1634 if (unlikely(ieee80211_is_mgmt(hdr->frame_control) && 1635 !ieee80211_has_protected(hdr->frame_control))) 1636 return iwl_mld_rx_mgmt_prot(sta, hdr, rx_status, status, 1637 le16_to_cpu(desc->mpdu_len)); 1638 1639 if (!ieee80211_has_protected(hdr->frame_control) || 1640 (status & IWL_RX_MPDU_STATUS_SEC_MASK) == 1641 IWL_RX_MPDU_STATUS_SEC_NONE) 1642 return 0; 1643 1644 switch (status & IWL_RX_MPDU_STATUS_SEC_MASK) { 1645 case IWL_RX_MPDU_STATUS_SEC_CCM: 1646 case IWL_RX_MPDU_STATUS_SEC_GCM: 1647 BUILD_BUG_ON(IEEE80211_CCMP_PN_LEN != IEEE80211_GCMP_PN_LEN); 1648 if (!(status & IWL_RX_MPDU_STATUS_MIC_OK)) { 1649 IWL_DEBUG_DROP(mld, 1650 "Dropping packet, bad MIC (CCM/GCM)\n"); 1651 return -1; 1652 } 1653 1654 rx_status->flag |= RX_FLAG_DECRYPTED | RX_FLAG_MIC_STRIPPED; 1655 *crypto_len = IEEE80211_CCMP_HDR_LEN; 1656 return 0; 1657 case IWL_RX_MPDU_STATUS_SEC_TKIP: 1658 if (!(status & IWL_RX_MPDU_STATUS_ICV_OK)) 1659 return -1; 1660 1661 if (!(status & RX_MPDU_RES_STATUS_MIC_OK)) 1662 rx_status->flag |= RX_FLAG_MMIC_ERROR; 1663 1664 if (pkt_flags & FH_RSCSR_RADA_EN) { 1665 rx_status->flag |= RX_FLAG_ICV_STRIPPED; 1666 rx_status->flag |= RX_FLAG_MMIC_STRIPPED; 1667 } 1668 1669 *crypto_len = IEEE80211_TKIP_IV_LEN; 1670 rx_status->flag |= RX_FLAG_DECRYPTED; 1671 return 0; 1672 default: 1673 break; 1674 } 1675 1676 return 0; 1677 } 1678 1679 static void iwl_mld_rx_update_ampdu_ref(struct iwl_mld *mld, 1680 struct iwl_mld_rx_phy_data *phy_data, 1681 struct ieee80211_rx_status *rx_status) 1682 { 1683 bool toggle_bit = 1684 phy_data->phy_info & IWL_RX_MPDU_PHY_AMPDU_TOGGLE; 1685 1686 rx_status->flag |= RX_FLAG_AMPDU_DETAILS; 1687 /* Toggle is switched whenever new aggregation starts. Make 1688 * sure ampdu_reference is never 0 so we can later use it to 1689 * see if the frame was really part of an A-MPDU or not. 1690 */ 1691 if (toggle_bit != mld->monitor.ampdu_toggle) { 1692 mld->monitor.ampdu_ref++; 1693 if (mld->monitor.ampdu_ref == 0) 1694 mld->monitor.ampdu_ref++; 1695 mld->monitor.ampdu_toggle = toggle_bit; 1696 phy_data->first_subframe = true; 1697 } 1698 rx_status->ampdu_reference = mld->monitor.ampdu_ref; 1699 } 1700 1701 static void 1702 iwl_mld_fill_rx_status_band_freq(struct ieee80211_rx_status *rx_status, 1703 u8 band, u8 channel) 1704 { 1705 rx_status->band = iwl_mld_phy_band_to_nl80211(band); 1706 rx_status->freq = ieee80211_channel_to_frequency(channel, 1707 rx_status->band); 1708 } 1709 1710 void iwl_mld_rx_mpdu(struct iwl_mld *mld, struct napi_struct *napi, 1711 struct iwl_rx_cmd_buffer *rxb, int queue) 1712 { 1713 struct iwl_rx_packet *pkt = rxb_addr(rxb); 1714 struct iwl_mld_rx_phy_data phy_data = {}; 1715 struct iwl_rx_mpdu_desc *mpdu_desc = (void *)pkt->data; 1716 struct ieee80211_sta *sta; 1717 struct ieee80211_hdr *hdr; 1718 struct sk_buff *skb; 1719 size_t mpdu_desc_size = sizeof(*mpdu_desc); 1720 bool drop = false; 1721 u8 crypto_len = 0, band; 1722 u32 pkt_len = iwl_rx_packet_payload_len(pkt); 1723 u32 mpdu_len; 1724 enum iwl_mld_reorder_result reorder_res; 1725 struct ieee80211_rx_status *rx_status; 1726 1727 if (unlikely(mld->fw_status.in_hw_restart)) 1728 return; 1729 1730 if (IWL_FW_CHECK(mld, pkt_len < mpdu_desc_size, 1731 "Bad REPLY_RX_MPDU_CMD size (%d)\n", pkt_len)) 1732 return; 1733 1734 mpdu_len = le16_to_cpu(mpdu_desc->mpdu_len); 1735 1736 if (IWL_FW_CHECK(mld, mpdu_len + mpdu_desc_size > pkt_len, 1737 "FW lied about packet len (%d)\n", pkt_len)) 1738 return; 1739 1740 /* Don't use dev_alloc_skb(), we'll have enough headroom once 1741 * ieee80211_hdr pulled. 1742 */ 1743 skb = alloc_skb(128, GFP_ATOMIC); 1744 if (!skb) { 1745 IWL_ERR(mld, "alloc_skb failed\n"); 1746 return; 1747 } 1748 1749 hdr = (void *)(pkt->data + mpdu_desc_size); 1750 1751 iwl_mld_fill_phy_data(mpdu_desc, &phy_data); 1752 1753 if (mpdu_desc->mac_flags2 & IWL_RX_MPDU_MFLG2_PAD) { 1754 /* If the device inserted padding it means that (it thought) 1755 * the 802.11 header wasn't a multiple of 4 bytes long. In 1756 * this case, reserve two bytes at the start of the SKB to 1757 * align the payload properly in case we end up copying it. 1758 */ 1759 skb_reserve(skb, 2); 1760 } 1761 1762 rx_status = IEEE80211_SKB_RXCB(skb); 1763 1764 /* this is needed early */ 1765 band = u8_get_bits(mpdu_desc->mac_phy_band, 1766 IWL_RX_MPDU_MAC_PHY_BAND_BAND_MASK); 1767 iwl_mld_fill_rx_status_band_freq(rx_status, band, 1768 mpdu_desc->v3.channel); 1769 1770 1771 rcu_read_lock(); 1772 1773 sta = iwl_mld_rx_with_sta(mld, hdr, skb, mpdu_desc, pkt, queue, &drop); 1774 if (drop) 1775 goto drop; 1776 1777 /* update aggregation data for monitor sake on default queue */ 1778 if (!queue && (phy_data.phy_info & IWL_RX_MPDU_PHY_AMPDU)) 1779 iwl_mld_rx_update_ampdu_ref(mld, &phy_data, rx_status); 1780 1781 /* Keep packets with CRC errors (and with overrun) for monitor mode 1782 * (otherwise the firmware discards them) but mark them as bad. 1783 */ 1784 if (!(mpdu_desc->status & cpu_to_le32(IWL_RX_MPDU_STATUS_CRC_OK)) || 1785 !(mpdu_desc->status & cpu_to_le32(IWL_RX_MPDU_STATUS_OVERRUN_OK))) { 1786 IWL_DEBUG_RX(mld, "Bad CRC or FIFO: 0x%08X.\n", 1787 le32_to_cpu(mpdu_desc->status)); 1788 rx_status->flag |= RX_FLAG_FAILED_FCS_CRC; 1789 } 1790 1791 if (likely(!(phy_data.phy_info & IWL_RX_MPDU_PHY_TSF_OVERLOAD))) { 1792 rx_status->mactime = 1793 le64_to_cpu(mpdu_desc->v3.tsf_on_air_rise); 1794 1795 /* TSF as indicated by the firmware is at INA time */ 1796 rx_status->flag |= RX_FLAG_MACTIME_PLCP_START; 1797 } 1798 1799 /* management stuff on default queue */ 1800 if (!queue && unlikely(ieee80211_is_beacon(hdr->frame_control) || 1801 ieee80211_is_probe_resp(hdr->frame_control))) { 1802 rx_status->boottime_ns = ktime_get_boottime_ns(); 1803 1804 if (mld->scan.pass_all_sched_res == 1805 SCHED_SCAN_PASS_ALL_STATE_ENABLED) 1806 mld->scan.pass_all_sched_res = 1807 SCHED_SCAN_PASS_ALL_STATE_FOUND; 1808 } 1809 1810 iwl_mld_rx_fill_status(mld, skb, &phy_data, queue); 1811 1812 if (iwl_mld_rx_crypto(mld, sta, hdr, rx_status, mpdu_desc, queue, 1813 le32_to_cpu(pkt->len_n_flags), &crypto_len)) 1814 goto drop; 1815 1816 if (iwl_mld_build_rx_skb(mld, skb, hdr, mpdu_len, crypto_len, rxb)) 1817 goto drop; 1818 1819 /* time sync frame is saved and will be released later when the 1820 * notification with the timestamps arrives. 1821 */ 1822 if (iwl_mld_time_sync_frame(mld, skb, hdr->addr2)) 1823 goto out; 1824 1825 reorder_res = iwl_mld_reorder(mld, napi, queue, sta, skb, mpdu_desc); 1826 switch (reorder_res) { 1827 case IWL_MLD_PASS_SKB: 1828 break; 1829 case IWL_MLD_DROP_SKB: 1830 goto drop; 1831 case IWL_MLD_BUFFERED_SKB: 1832 goto out; 1833 default: 1834 WARN_ON(1); 1835 goto drop; 1836 } 1837 1838 iwl_mld_pass_packet_to_mac80211(mld, napi, skb, queue, sta); 1839 1840 goto out; 1841 1842 drop: 1843 kfree_skb(skb); 1844 out: 1845 rcu_read_unlock(); 1846 } 1847 1848 #define SYNC_RX_QUEUE_TIMEOUT (HZ) 1849 void iwl_mld_sync_rx_queues(struct iwl_mld *mld, 1850 enum iwl_mld_internal_rxq_notif_type type, 1851 const void *notif_payload, u32 notif_payload_size) 1852 { 1853 u8 num_rx_queues = mld->trans->num_rx_queues; 1854 struct { 1855 struct iwl_rxq_sync_cmd sync_cmd; 1856 struct iwl_mld_internal_rxq_notif notif; 1857 } __packed cmd = { 1858 .sync_cmd.rxq_mask = cpu_to_le32(BIT(num_rx_queues) - 1), 1859 .sync_cmd.count = 1860 cpu_to_le32(sizeof(struct iwl_mld_internal_rxq_notif) + 1861 notif_payload_size), 1862 .notif.type = type, 1863 .notif.cookie = mld->rxq_sync.cookie, 1864 }; 1865 struct iwl_host_cmd hcmd = { 1866 .id = WIDE_ID(DATA_PATH_GROUP, TRIGGER_RX_QUEUES_NOTIF_CMD), 1867 .data[0] = &cmd, 1868 .len[0] = sizeof(cmd), 1869 .data[1] = notif_payload, 1870 .len[1] = notif_payload_size, 1871 }; 1872 int ret; 1873 1874 /* size must be a multiple of DWORD */ 1875 if (WARN_ON(cmd.sync_cmd.count & cpu_to_le32(3))) 1876 return; 1877 1878 mld->rxq_sync.state = (1 << num_rx_queues) - 1; 1879 1880 ret = iwl_mld_send_cmd(mld, &hcmd); 1881 if (ret) { 1882 IWL_ERR(mld, "Failed to trigger RX queues sync (%d)\n", ret); 1883 goto out; 1884 } 1885 1886 ret = wait_event_timeout(mld->rxq_sync.waitq, 1887 READ_ONCE(mld->rxq_sync.state) == 0, 1888 SYNC_RX_QUEUE_TIMEOUT); 1889 WARN_ONCE(!ret, "RXQ sync failed: state=0x%lx, cookie=%d\n", 1890 mld->rxq_sync.state, mld->rxq_sync.cookie); 1891 1892 out: 1893 mld->rxq_sync.state = 0; 1894 mld->rxq_sync.cookie++; 1895 } 1896 1897 void iwl_mld_handle_rx_queues_sync_notif(struct iwl_mld *mld, 1898 struct napi_struct *napi, 1899 struct iwl_rx_packet *pkt, int queue) 1900 { 1901 struct iwl_rxq_sync_notification *notif; 1902 struct iwl_mld_internal_rxq_notif *internal_notif; 1903 u32 len = iwl_rx_packet_payload_len(pkt); 1904 size_t combined_notif_len = sizeof(*notif) + sizeof(*internal_notif); 1905 1906 notif = (void *)pkt->data; 1907 internal_notif = (void *)notif->payload; 1908 1909 if (IWL_FW_CHECK(mld, len < combined_notif_len, 1910 "invalid notification size %u (%zu)\n", 1911 len, combined_notif_len)) 1912 return; 1913 1914 len -= combined_notif_len; 1915 1916 if (IWL_FW_CHECK(mld, mld->rxq_sync.cookie != internal_notif->cookie, 1917 "received expired RX queue sync message (cookie=%d expected=%d q[%d])\n", 1918 internal_notif->cookie, mld->rxq_sync.cookie, queue)) 1919 return; 1920 1921 switch (internal_notif->type) { 1922 case IWL_MLD_RXQ_EMPTY: 1923 IWL_FW_CHECK(mld, len, 1924 "invalid empty notification size %d\n", len); 1925 break; 1926 case IWL_MLD_RXQ_NOTIF_DEL_BA: 1927 if (IWL_FW_CHECK(mld, len != sizeof(struct iwl_mld_delba_data), 1928 "invalid delba notification size %u (%zu)\n", 1929 len, sizeof(struct iwl_mld_delba_data))) 1930 break; 1931 iwl_mld_del_ba(mld, queue, (void *)internal_notif->payload); 1932 break; 1933 default: 1934 WARN_ON_ONCE(1); 1935 } 1936 1937 IWL_FW_CHECK(mld, !test_and_clear_bit(queue, &mld->rxq_sync.state), 1938 "RXQ sync: queue %d responded a second time!\n", queue); 1939 1940 if (READ_ONCE(mld->rxq_sync.state) == 0) 1941 wake_up(&mld->rxq_sync.waitq); 1942 } 1943 1944 void iwl_mld_rx_monitor_no_data(struct iwl_mld *mld, struct napi_struct *napi, 1945 struct iwl_rx_packet *pkt, int queue) 1946 { 1947 struct iwl_rx_no_data_ver_3 *desc; 1948 struct iwl_mld_rx_phy_data phy_data; 1949 struct ieee80211_rx_status *rx_status; 1950 struct sk_buff *skb; 1951 u32 format, rssi; 1952 u8 channel; 1953 1954 if (unlikely(mld->fw_status.in_hw_restart)) 1955 return; 1956 1957 if (IWL_FW_CHECK(mld, iwl_rx_packet_payload_len(pkt) < sizeof(*desc), 1958 "Bad RX_NO_DATA_NOTIF size (%d)\n", 1959 iwl_rx_packet_payload_len(pkt))) 1960 return; 1961 1962 desc = (void *)pkt->data; 1963 1964 rssi = le32_to_cpu(desc->rssi); 1965 channel = u32_get_bits(rssi, RX_NO_DATA_CHANNEL_MSK); 1966 1967 phy_data.energy_a = u32_get_bits(rssi, RX_NO_DATA_CHAIN_A_MSK); 1968 phy_data.energy_b = u32_get_bits(rssi, RX_NO_DATA_CHAIN_B_MSK); 1969 phy_data.data0 = desc->phy_info[0]; 1970 phy_data.data1 = desc->phy_info[1]; 1971 phy_data.phy_info = IWL_RX_MPDU_PHY_TSF_OVERLOAD; 1972 phy_data.gp2_on_air_rise = le32_to_cpu(desc->on_air_rise_time); 1973 phy_data.rate_n_flags = le32_to_cpu(desc->rate); 1974 phy_data.with_data = false; 1975 1976 BUILD_BUG_ON(sizeof(phy_data.rx_vec) != sizeof(desc->rx_vec)); 1977 memcpy(phy_data.rx_vec, desc->rx_vec, sizeof(phy_data.rx_vec)); 1978 1979 format = phy_data.rate_n_flags & RATE_MCS_MOD_TYPE_MSK; 1980 1981 /* Don't use dev_alloc_skb(), we'll have enough headroom once 1982 * ieee80211_hdr pulled. 1983 */ 1984 skb = alloc_skb(128, GFP_ATOMIC); 1985 if (!skb) { 1986 IWL_ERR(mld, "alloc_skb failed\n"); 1987 return; 1988 } 1989 1990 rx_status = IEEE80211_SKB_RXCB(skb); 1991 1992 /* 0-length PSDU */ 1993 rx_status->flag |= RX_FLAG_NO_PSDU; 1994 1995 /* mark as failed PLCP on any errors to skip checks in mac80211 */ 1996 if (le32_get_bits(desc->info, RX_NO_DATA_INFO_ERR_MSK) != 1997 RX_NO_DATA_INFO_ERR_NONE) 1998 rx_status->flag |= RX_FLAG_FAILED_PLCP_CRC; 1999 2000 switch (le32_get_bits(desc->info, RX_NO_DATA_INFO_TYPE_MSK)) { 2001 case RX_NO_DATA_INFO_TYPE_NDP: 2002 rx_status->zero_length_psdu_type = 2003 IEEE80211_RADIOTAP_ZERO_LEN_PSDU_SOUNDING; 2004 break; 2005 case RX_NO_DATA_INFO_TYPE_MU_UNMATCHED: 2006 case RX_NO_DATA_INFO_TYPE_TB_UNMATCHED: 2007 rx_status->zero_length_psdu_type = 2008 IEEE80211_RADIOTAP_ZERO_LEN_PSDU_NOT_CAPTURED; 2009 break; 2010 default: 2011 rx_status->zero_length_psdu_type = 2012 IEEE80211_RADIOTAP_ZERO_LEN_PSDU_VENDOR; 2013 break; 2014 } 2015 2016 rx_status->band = channel > 14 ? NL80211_BAND_5GHZ : 2017 NL80211_BAND_2GHZ; 2018 2019 rx_status->freq = ieee80211_channel_to_frequency(channel, 2020 rx_status->band); 2021 2022 iwl_mld_rx_fill_status(mld, skb, &phy_data, queue); 2023 2024 /* No more radiotap info should be added after this point. 2025 * Mark it as mac header for upper layers to know where 2026 * the radiotap header ends. 2027 */ 2028 skb_set_mac_header(skb, skb->len); 2029 2030 /* Override the nss from the rx_vec since the rate_n_flags has 2031 * only 1 bit for the nss which gives a max of 2 ss but there 2032 * may be up to 8 spatial streams. 2033 */ 2034 switch (format) { 2035 case RATE_MCS_VHT_MSK: 2036 rx_status->nss = 2037 le32_get_bits(desc->rx_vec[0], 2038 RX_NO_DATA_RX_VEC0_VHT_NSTS_MSK) + 1; 2039 break; 2040 case RATE_MCS_HE_MSK: 2041 rx_status->nss = 2042 le32_get_bits(desc->rx_vec[0], 2043 RX_NO_DATA_RX_VEC0_HE_NSTS_MSK) + 1; 2044 break; 2045 case RATE_MCS_EHT_MSK: 2046 rx_status->nss = 2047 le32_get_bits(desc->rx_vec[2], 2048 RX_NO_DATA_RX_VEC2_EHT_NSTS_MSK) + 1; 2049 } 2050 2051 /* pass the packet to mac80211 */ 2052 rcu_read_lock(); 2053 ieee80211_rx_napi(mld->hw, NULL, skb, napi); 2054 rcu_read_unlock(); 2055 } 2056