1 // SPDX-License-Identifier: GPL-2.0 OR BSD-3-Clause 2 /* 3 * Copyright (C) 2024-2025 Intel Corporation 4 */ 5 6 #include <net/mac80211.h> 7 #include <kunit/static_stub.h> 8 9 #include "mld.h" 10 #include "sta.h" 11 #include "agg.h" 12 #include "rx.h" 13 #include "hcmd.h" 14 #include "iface.h" 15 #include "time_sync.h" 16 #include "fw/dbg.h" 17 #include "fw/api/rx.h" 18 19 /* stores relevant PHY data fields extracted from iwl_rx_mpdu_desc */ 20 struct iwl_mld_rx_phy_data { 21 enum iwl_rx_phy_info_type info_type; 22 __le32 data0; 23 __le32 data1; 24 __le32 data2; 25 __le32 data3; 26 __le32 eht_data4; 27 __le32 data5; 28 __le16 data4; 29 bool first_subframe; 30 bool with_data; 31 __le32 rx_vec[4]; 32 u32 rate_n_flags; 33 u32 gp2_on_air_rise; 34 u16 phy_info; 35 u8 energy_a, energy_b; 36 }; 37 38 static void 39 iwl_mld_fill_phy_data(struct iwl_mld *mld, 40 struct iwl_rx_mpdu_desc *desc, 41 struct iwl_mld_rx_phy_data *phy_data) 42 { 43 phy_data->phy_info = le16_to_cpu(desc->phy_info); 44 phy_data->rate_n_flags = iwl_v3_rate_from_v2_v3(desc->v3.rate_n_flags, 45 mld->fw_rates_ver_3); 46 phy_data->gp2_on_air_rise = le32_to_cpu(desc->v3.gp2_on_air_rise); 47 phy_data->energy_a = desc->v3.energy_a; 48 phy_data->energy_b = desc->v3.energy_b; 49 phy_data->data0 = desc->v3.phy_data0; 50 phy_data->data1 = desc->v3.phy_data1; 51 phy_data->data2 = desc->v3.phy_data2; 52 phy_data->data3 = desc->v3.phy_data3; 53 phy_data->data4 = desc->phy_data4; 54 phy_data->eht_data4 = desc->phy_eht_data4; 55 phy_data->data5 = desc->v3.phy_data5; 56 phy_data->with_data = true; 57 } 58 59 static inline int iwl_mld_check_pn(struct iwl_mld *mld, struct sk_buff *skb, 60 int queue, struct ieee80211_sta *sta) 61 { 62 struct ieee80211_hdr *hdr = (void *)skb_mac_header(skb); 63 struct ieee80211_rx_status *stats = IEEE80211_SKB_RXCB(skb); 64 struct iwl_mld_sta *mld_sta; 65 struct iwl_mld_ptk_pn *ptk_pn; 66 int res; 67 u8 tid, keyidx; 68 u8 pn[IEEE80211_CCMP_PN_LEN]; 69 u8 *extiv; 70 71 /* multicast and non-data only arrives on default queue; avoid checking 72 * for default queue - we don't want to replicate all the logic that's 73 * necessary for checking the PN on fragmented frames, leave that 74 * to mac80211 75 */ 76 if (queue == 0 || !ieee80211_is_data(hdr->frame_control) || 77 is_multicast_ether_addr(hdr->addr1)) 78 return 0; 79 80 if (!(stats->flag & RX_FLAG_DECRYPTED)) 81 return 0; 82 83 /* if we are here - this for sure is either CCMP or GCMP */ 84 if (!sta) { 85 IWL_DEBUG_DROP(mld, 86 "expected hw-decrypted unicast frame for station\n"); 87 return -1; 88 } 89 90 mld_sta = iwl_mld_sta_from_mac80211(sta); 91 92 extiv = (u8 *)hdr + ieee80211_hdrlen(hdr->frame_control); 93 keyidx = extiv[3] >> 6; 94 95 ptk_pn = rcu_dereference(mld_sta->ptk_pn[keyidx]); 96 if (!ptk_pn) 97 return -1; 98 99 if (ieee80211_is_data_qos(hdr->frame_control)) 100 tid = ieee80211_get_tid(hdr); 101 else 102 tid = 0; 103 104 /* we don't use HCCA/802.11 QoS TSPECs, so drop such frames */ 105 if (tid >= IWL_MAX_TID_COUNT) 106 return -1; 107 108 /* load pn */ 109 pn[0] = extiv[7]; 110 pn[1] = extiv[6]; 111 pn[2] = extiv[5]; 112 pn[3] = extiv[4]; 113 pn[4] = extiv[1]; 114 pn[5] = extiv[0]; 115 116 res = memcmp(pn, ptk_pn->q[queue].pn[tid], IEEE80211_CCMP_PN_LEN); 117 if (res < 0) 118 return -1; 119 if (!res && !(stats->flag & RX_FLAG_ALLOW_SAME_PN)) 120 return -1; 121 122 memcpy(ptk_pn->q[queue].pn[tid], pn, IEEE80211_CCMP_PN_LEN); 123 stats->flag |= RX_FLAG_PN_VALIDATED; 124 125 return 0; 126 } 127 128 /* iwl_mld_pass_packet_to_mac80211 - passes the packet for mac80211 */ 129 void iwl_mld_pass_packet_to_mac80211(struct iwl_mld *mld, 130 struct napi_struct *napi, 131 struct sk_buff *skb, int queue, 132 struct ieee80211_sta *sta) 133 { 134 KUNIT_STATIC_STUB_REDIRECT(iwl_mld_pass_packet_to_mac80211, 135 mld, napi, skb, queue, sta); 136 137 if (unlikely(iwl_mld_check_pn(mld, skb, queue, sta))) { 138 kfree_skb(skb); 139 return; 140 } 141 142 ieee80211_rx_napi(mld->hw, sta, skb, napi); 143 } 144 EXPORT_SYMBOL_IF_IWLWIFI_KUNIT(iwl_mld_pass_packet_to_mac80211); 145 146 static bool iwl_mld_used_average_energy(struct iwl_mld *mld, int link_id, 147 struct ieee80211_hdr *hdr, 148 struct ieee80211_rx_status *rx_status) 149 { 150 struct ieee80211_bss_conf *link_conf; 151 struct iwl_mld_link *mld_link; 152 153 if (unlikely(!hdr || link_id < 0)) 154 return false; 155 156 if (likely(!ieee80211_is_beacon(hdr->frame_control))) 157 return false; 158 159 /* 160 * if link ID is >= valid ones then that means the RX 161 * was on the AUX link and no correction is needed 162 */ 163 if (link_id >= mld->fw->ucode_capa.num_links) 164 return false; 165 166 /* for the link conf lookup */ 167 guard(rcu)(); 168 169 link_conf = rcu_dereference(mld->fw_id_to_bss_conf[link_id]); 170 if (!link_conf) 171 return false; 172 173 mld_link = iwl_mld_link_from_mac80211(link_conf); 174 if (!mld_link) 175 return false; 176 177 /* 178 * If we know the link by link ID then the frame was 179 * received for the link, so by filtering it means it 180 * was from the AP the link is connected to. 181 */ 182 183 /* skip also in case we don't have it (yet) */ 184 if (!mld_link->average_beacon_energy) 185 return false; 186 187 IWL_DEBUG_STATS(mld, "energy override by average %d\n", 188 mld_link->average_beacon_energy); 189 rx_status->signal = -mld_link->average_beacon_energy; 190 return true; 191 } 192 193 static void iwl_mld_fill_signal(struct iwl_mld *mld, int link_id, 194 struct ieee80211_hdr *hdr, 195 struct ieee80211_rx_status *rx_status, 196 struct iwl_mld_rx_phy_data *phy_data) 197 { 198 u32 rate_n_flags = phy_data->rate_n_flags; 199 int energy_a = phy_data->energy_a; 200 int energy_b = phy_data->energy_b; 201 int max_energy; 202 203 energy_a = energy_a ? -energy_a : S8_MIN; 204 energy_b = energy_b ? -energy_b : S8_MIN; 205 max_energy = max(energy_a, energy_b); 206 207 IWL_DEBUG_STATS(mld, "energy in A %d B %d, and max %d\n", 208 energy_a, energy_b, max_energy); 209 210 if (iwl_mld_used_average_energy(mld, link_id, hdr, rx_status)) 211 return; 212 213 rx_status->signal = max_energy; 214 rx_status->chains = u32_get_bits(rate_n_flags, RATE_MCS_ANT_AB_MSK); 215 rx_status->chain_signal[0] = energy_a; 216 rx_status->chain_signal[1] = energy_b; 217 } 218 219 static void 220 iwl_mld_decode_he_phy_ru_alloc(struct iwl_mld_rx_phy_data *phy_data, 221 struct ieee80211_radiotap_he *he, 222 struct ieee80211_radiotap_he_mu *he_mu, 223 struct ieee80211_rx_status *rx_status) 224 { 225 /* Unfortunately, we have to leave the mac80211 data 226 * incorrect for the case that we receive an HE-MU 227 * transmission and *don't* have the HE phy data (due 228 * to the bits being used for TSF). This shouldn't 229 * happen though as management frames where we need 230 * the TSF/timers are not be transmitted in HE-MU. 231 */ 232 u8 ru = le32_get_bits(phy_data->data1, IWL_RX_PHY_DATA1_HE_RU_ALLOC_MASK); 233 u32 rate_n_flags = phy_data->rate_n_flags; 234 u32 he_type = rate_n_flags & RATE_MCS_HE_TYPE_MSK; 235 u8 offs = 0; 236 237 rx_status->bw = RATE_INFO_BW_HE_RU; 238 239 he->data1 |= cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA1_BW_RU_ALLOC_KNOWN); 240 241 switch (ru) { 242 case 0 ... 36: 243 rx_status->he_ru = NL80211_RATE_INFO_HE_RU_ALLOC_26; 244 offs = ru; 245 break; 246 case 37 ... 52: 247 rx_status->he_ru = NL80211_RATE_INFO_HE_RU_ALLOC_52; 248 offs = ru - 37; 249 break; 250 case 53 ... 60: 251 rx_status->he_ru = NL80211_RATE_INFO_HE_RU_ALLOC_106; 252 offs = ru - 53; 253 break; 254 case 61 ... 64: 255 rx_status->he_ru = NL80211_RATE_INFO_HE_RU_ALLOC_242; 256 offs = ru - 61; 257 break; 258 case 65 ... 66: 259 rx_status->he_ru = NL80211_RATE_INFO_HE_RU_ALLOC_484; 260 offs = ru - 65; 261 break; 262 case 67: 263 rx_status->he_ru = NL80211_RATE_INFO_HE_RU_ALLOC_996; 264 break; 265 case 68: 266 rx_status->he_ru = NL80211_RATE_INFO_HE_RU_ALLOC_2x996; 267 break; 268 } 269 he->data2 |= le16_encode_bits(offs, 270 IEEE80211_RADIOTAP_HE_DATA2_RU_OFFSET); 271 he->data2 |= cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA2_PRISEC_80_KNOWN | 272 IEEE80211_RADIOTAP_HE_DATA2_RU_OFFSET_KNOWN); 273 if (phy_data->data1 & cpu_to_le32(IWL_RX_PHY_DATA1_HE_RU_ALLOC_SEC80)) 274 he->data2 |= 275 cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA2_PRISEC_80_SEC); 276 277 #define CHECK_BW(bw) \ 278 BUILD_BUG_ON(IEEE80211_RADIOTAP_HE_MU_FLAGS2_BW_FROM_SIG_A_BW_ ## bw ## MHZ != \ 279 RATE_MCS_CHAN_WIDTH_##bw >> RATE_MCS_CHAN_WIDTH_POS); \ 280 BUILD_BUG_ON(IEEE80211_RADIOTAP_HE_DATA6_TB_PPDU_BW_ ## bw ## MHZ != \ 281 RATE_MCS_CHAN_WIDTH_##bw >> RATE_MCS_CHAN_WIDTH_POS) 282 CHECK_BW(20); 283 CHECK_BW(40); 284 CHECK_BW(80); 285 CHECK_BW(160); 286 287 if (he_mu) 288 he_mu->flags2 |= 289 le16_encode_bits(u32_get_bits(rate_n_flags, 290 RATE_MCS_CHAN_WIDTH_MSK), 291 IEEE80211_RADIOTAP_HE_MU_FLAGS2_BW_FROM_SIG_A_BW); 292 else if (he_type == RATE_MCS_HE_TYPE_TRIG) 293 he->data6 |= 294 cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA6_TB_PPDU_BW_KNOWN) | 295 le16_encode_bits(u32_get_bits(rate_n_flags, 296 RATE_MCS_CHAN_WIDTH_MSK), 297 IEEE80211_RADIOTAP_HE_DATA6_TB_PPDU_BW); 298 } 299 300 static void 301 iwl_mld_decode_he_mu_ext(struct iwl_mld_rx_phy_data *phy_data, 302 struct ieee80211_radiotap_he_mu *he_mu) 303 { 304 u32 phy_data2 = le32_to_cpu(phy_data->data2); 305 u32 phy_data3 = le32_to_cpu(phy_data->data3); 306 u16 phy_data4 = le16_to_cpu(phy_data->data4); 307 u32 rate_n_flags = phy_data->rate_n_flags; 308 309 if (u32_get_bits(phy_data4, IWL_RX_PHY_DATA4_HE_MU_EXT_CH1_CRC_OK)) { 310 he_mu->flags1 |= 311 cpu_to_le16(IEEE80211_RADIOTAP_HE_MU_FLAGS1_CH1_RU_KNOWN | 312 IEEE80211_RADIOTAP_HE_MU_FLAGS1_CH1_CTR_26T_RU_KNOWN); 313 314 he_mu->flags1 |= 315 le16_encode_bits(u32_get_bits(phy_data4, 316 IWL_RX_PHY_DATA4_HE_MU_EXT_CH1_CTR_RU), 317 IEEE80211_RADIOTAP_HE_MU_FLAGS1_CH1_CTR_26T_RU); 318 319 he_mu->ru_ch1[0] = u32_get_bits(phy_data2, 320 IWL_RX_PHY_DATA2_HE_MU_EXT_CH1_RU0); 321 he_mu->ru_ch1[1] = u32_get_bits(phy_data3, 322 IWL_RX_PHY_DATA3_HE_MU_EXT_CH1_RU1); 323 he_mu->ru_ch1[2] = u32_get_bits(phy_data2, 324 IWL_RX_PHY_DATA2_HE_MU_EXT_CH1_RU2); 325 he_mu->ru_ch1[3] = u32_get_bits(phy_data3, 326 IWL_RX_PHY_DATA3_HE_MU_EXT_CH1_RU3); 327 } 328 329 if (u32_get_bits(phy_data4, IWL_RX_PHY_DATA4_HE_MU_EXT_CH2_CRC_OK) && 330 (rate_n_flags & RATE_MCS_CHAN_WIDTH_MSK) != RATE_MCS_CHAN_WIDTH_20) { 331 he_mu->flags1 |= 332 cpu_to_le16(IEEE80211_RADIOTAP_HE_MU_FLAGS1_CH2_RU_KNOWN | 333 IEEE80211_RADIOTAP_HE_MU_FLAGS1_CH2_CTR_26T_RU_KNOWN); 334 335 he_mu->flags2 |= 336 le16_encode_bits(u32_get_bits(phy_data4, 337 IWL_RX_PHY_DATA4_HE_MU_EXT_CH2_CTR_RU), 338 IEEE80211_RADIOTAP_HE_MU_FLAGS2_CH2_CTR_26T_RU); 339 340 he_mu->ru_ch2[0] = u32_get_bits(phy_data2, 341 IWL_RX_PHY_DATA2_HE_MU_EXT_CH2_RU0); 342 he_mu->ru_ch2[1] = u32_get_bits(phy_data3, 343 IWL_RX_PHY_DATA3_HE_MU_EXT_CH2_RU1); 344 he_mu->ru_ch2[2] = u32_get_bits(phy_data2, 345 IWL_RX_PHY_DATA2_HE_MU_EXT_CH2_RU2); 346 he_mu->ru_ch2[3] = u32_get_bits(phy_data3, 347 IWL_RX_PHY_DATA3_HE_MU_EXT_CH2_RU3); 348 } 349 } 350 351 static void 352 iwl_mld_decode_he_phy_data(struct iwl_mld_rx_phy_data *phy_data, 353 struct ieee80211_radiotap_he *he, 354 struct ieee80211_radiotap_he_mu *he_mu, 355 struct ieee80211_rx_status *rx_status, 356 int queue) 357 { 358 switch (phy_data->info_type) { 359 case IWL_RX_PHY_INFO_TYPE_NONE: 360 case IWL_RX_PHY_INFO_TYPE_CCK: 361 case IWL_RX_PHY_INFO_TYPE_OFDM_LGCY: 362 case IWL_RX_PHY_INFO_TYPE_HT: 363 case IWL_RX_PHY_INFO_TYPE_VHT_SU: 364 case IWL_RX_PHY_INFO_TYPE_VHT_MU: 365 case IWL_RX_PHY_INFO_TYPE_EHT_MU: 366 case IWL_RX_PHY_INFO_TYPE_EHT_TB: 367 case IWL_RX_PHY_INFO_TYPE_EHT_MU_EXT: 368 case IWL_RX_PHY_INFO_TYPE_EHT_TB_EXT: 369 return; 370 case IWL_RX_PHY_INFO_TYPE_HE_TB_EXT: 371 he->data1 |= cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA1_SPTL_REUSE_KNOWN | 372 IEEE80211_RADIOTAP_HE_DATA1_SPTL_REUSE2_KNOWN | 373 IEEE80211_RADIOTAP_HE_DATA1_SPTL_REUSE3_KNOWN | 374 IEEE80211_RADIOTAP_HE_DATA1_SPTL_REUSE4_KNOWN); 375 he->data4 |= le16_encode_bits(le32_get_bits(phy_data->data2, 376 IWL_RX_PHY_DATA2_HE_TB_EXT_SPTL_REUSE1), 377 IEEE80211_RADIOTAP_HE_DATA4_TB_SPTL_REUSE1); 378 he->data4 |= le16_encode_bits(le32_get_bits(phy_data->data2, 379 IWL_RX_PHY_DATA2_HE_TB_EXT_SPTL_REUSE2), 380 IEEE80211_RADIOTAP_HE_DATA4_TB_SPTL_REUSE2); 381 he->data4 |= le16_encode_bits(le32_get_bits(phy_data->data2, 382 IWL_RX_PHY_DATA2_HE_TB_EXT_SPTL_REUSE3), 383 IEEE80211_RADIOTAP_HE_DATA4_TB_SPTL_REUSE3); 384 he->data4 |= le16_encode_bits(le32_get_bits(phy_data->data2, 385 IWL_RX_PHY_DATA2_HE_TB_EXT_SPTL_REUSE4), 386 IEEE80211_RADIOTAP_HE_DATA4_TB_SPTL_REUSE4); 387 fallthrough; 388 case IWL_RX_PHY_INFO_TYPE_HE_SU: 389 case IWL_RX_PHY_INFO_TYPE_HE_MU: 390 case IWL_RX_PHY_INFO_TYPE_HE_MU_EXT: 391 case IWL_RX_PHY_INFO_TYPE_HE_TB: 392 /* HE common */ 393 he->data1 |= cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA1_LDPC_XSYMSEG_KNOWN | 394 IEEE80211_RADIOTAP_HE_DATA1_DOPPLER_KNOWN | 395 IEEE80211_RADIOTAP_HE_DATA1_BSS_COLOR_KNOWN); 396 he->data2 |= cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA2_PRE_FEC_PAD_KNOWN | 397 IEEE80211_RADIOTAP_HE_DATA2_PE_DISAMBIG_KNOWN | 398 IEEE80211_RADIOTAP_HE_DATA2_TXOP_KNOWN | 399 IEEE80211_RADIOTAP_HE_DATA2_NUM_LTF_SYMS_KNOWN); 400 he->data3 |= le16_encode_bits(le32_get_bits(phy_data->data0, 401 IWL_RX_PHY_DATA0_HE_BSS_COLOR_MASK), 402 IEEE80211_RADIOTAP_HE_DATA3_BSS_COLOR); 403 if (phy_data->info_type != IWL_RX_PHY_INFO_TYPE_HE_TB && 404 phy_data->info_type != IWL_RX_PHY_INFO_TYPE_HE_TB_EXT) { 405 he->data1 |= cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA1_UL_DL_KNOWN); 406 he->data3 |= le16_encode_bits(le32_get_bits(phy_data->data0, 407 IWL_RX_PHY_DATA0_HE_UPLINK), 408 IEEE80211_RADIOTAP_HE_DATA3_UL_DL); 409 } 410 he->data3 |= le16_encode_bits(le32_get_bits(phy_data->data0, 411 IWL_RX_PHY_DATA0_HE_LDPC_EXT_SYM), 412 IEEE80211_RADIOTAP_HE_DATA3_LDPC_XSYMSEG); 413 he->data5 |= le16_encode_bits(le32_get_bits(phy_data->data0, 414 IWL_RX_PHY_DATA0_HE_PRE_FEC_PAD_MASK), 415 IEEE80211_RADIOTAP_HE_DATA5_PRE_FEC_PAD); 416 he->data5 |= le16_encode_bits(le32_get_bits(phy_data->data0, 417 IWL_RX_PHY_DATA0_HE_PE_DISAMBIG), 418 IEEE80211_RADIOTAP_HE_DATA5_PE_DISAMBIG); 419 he->data5 |= le16_encode_bits(le32_get_bits(phy_data->data1, 420 IWL_RX_PHY_DATA1_HE_LTF_NUM_MASK), 421 IEEE80211_RADIOTAP_HE_DATA5_NUM_LTF_SYMS); 422 he->data6 |= le16_encode_bits(le32_get_bits(phy_data->data0, 423 IWL_RX_PHY_DATA0_HE_TXOP_DUR_MASK), 424 IEEE80211_RADIOTAP_HE_DATA6_TXOP); 425 he->data6 |= le16_encode_bits(le32_get_bits(phy_data->data0, 426 IWL_RX_PHY_DATA0_HE_DOPPLER), 427 IEEE80211_RADIOTAP_HE_DATA6_DOPPLER); 428 break; 429 } 430 431 switch (phy_data->info_type) { 432 case IWL_RX_PHY_INFO_TYPE_HE_MU_EXT: 433 case IWL_RX_PHY_INFO_TYPE_HE_MU: 434 case IWL_RX_PHY_INFO_TYPE_HE_SU: 435 he->data1 |= cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA1_SPTL_REUSE_KNOWN); 436 he->data4 |= le16_encode_bits(le32_get_bits(phy_data->data0, 437 IWL_RX_PHY_DATA0_HE_SPATIAL_REUSE_MASK), 438 IEEE80211_RADIOTAP_HE_DATA4_SU_MU_SPTL_REUSE); 439 break; 440 default: 441 /* nothing here */ 442 break; 443 } 444 445 switch (phy_data->info_type) { 446 case IWL_RX_PHY_INFO_TYPE_HE_MU_EXT: 447 he_mu->flags1 |= 448 le16_encode_bits(le16_get_bits(phy_data->data4, 449 IWL_RX_PHY_DATA4_HE_MU_EXT_SIGB_DCM), 450 IEEE80211_RADIOTAP_HE_MU_FLAGS1_SIG_B_DCM); 451 he_mu->flags1 |= 452 le16_encode_bits(le16_get_bits(phy_data->data4, 453 IWL_RX_PHY_DATA4_HE_MU_EXT_SIGB_MCS_MASK), 454 IEEE80211_RADIOTAP_HE_MU_FLAGS1_SIG_B_MCS); 455 he_mu->flags2 |= 456 le16_encode_bits(le16_get_bits(phy_data->data4, 457 IWL_RX_PHY_DATA4_HE_MU_EXT_PREAMBLE_PUNC_TYPE_MASK), 458 IEEE80211_RADIOTAP_HE_MU_FLAGS2_PUNC_FROM_SIG_A_BW); 459 iwl_mld_decode_he_mu_ext(phy_data, he_mu); 460 fallthrough; 461 case IWL_RX_PHY_INFO_TYPE_HE_MU: 462 he_mu->flags2 |= 463 le16_encode_bits(le32_get_bits(phy_data->data1, 464 IWL_RX_PHY_DATA1_HE_MU_SIBG_SYM_OR_USER_NUM_MASK), 465 IEEE80211_RADIOTAP_HE_MU_FLAGS2_SIG_B_SYMS_USERS); 466 he_mu->flags2 |= 467 le16_encode_bits(le32_get_bits(phy_data->data1, 468 IWL_RX_PHY_DATA1_HE_MU_SIGB_COMPRESSION), 469 IEEE80211_RADIOTAP_HE_MU_FLAGS2_SIG_B_COMP); 470 fallthrough; 471 case IWL_RX_PHY_INFO_TYPE_HE_TB: 472 case IWL_RX_PHY_INFO_TYPE_HE_TB_EXT: 473 iwl_mld_decode_he_phy_ru_alloc(phy_data, he, he_mu, rx_status); 474 break; 475 case IWL_RX_PHY_INFO_TYPE_HE_SU: 476 he->data1 |= cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA1_BEAM_CHANGE_KNOWN); 477 he->data3 |= le16_encode_bits(le32_get_bits(phy_data->data0, 478 IWL_RX_PHY_DATA0_HE_BEAM_CHNG), 479 IEEE80211_RADIOTAP_HE_DATA3_BEAM_CHANGE); 480 break; 481 default: 482 /* nothing */ 483 break; 484 } 485 } 486 487 static void iwl_mld_rx_he(struct iwl_mld *mld, struct sk_buff *skb, 488 struct iwl_mld_rx_phy_data *phy_data, 489 int queue) 490 { 491 struct ieee80211_rx_status *rx_status = IEEE80211_SKB_RXCB(skb); 492 struct ieee80211_radiotap_he *he = NULL; 493 struct ieee80211_radiotap_he_mu *he_mu = NULL; 494 u32 rate_n_flags = phy_data->rate_n_flags; 495 u32 he_type = rate_n_flags & RATE_MCS_HE_TYPE_MSK; 496 u8 ltf; 497 static const struct ieee80211_radiotap_he known = { 498 .data1 = cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA1_DATA_MCS_KNOWN | 499 IEEE80211_RADIOTAP_HE_DATA1_DATA_DCM_KNOWN | 500 IEEE80211_RADIOTAP_HE_DATA1_STBC_KNOWN | 501 IEEE80211_RADIOTAP_HE_DATA1_CODING_KNOWN), 502 .data2 = cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA2_GI_KNOWN | 503 IEEE80211_RADIOTAP_HE_DATA2_TXBF_KNOWN), 504 }; 505 static const struct ieee80211_radiotap_he_mu mu_known = { 506 .flags1 = cpu_to_le16(IEEE80211_RADIOTAP_HE_MU_FLAGS1_SIG_B_MCS_KNOWN | 507 IEEE80211_RADIOTAP_HE_MU_FLAGS1_SIG_B_DCM_KNOWN | 508 IEEE80211_RADIOTAP_HE_MU_FLAGS1_SIG_B_SYMS_USERS_KNOWN | 509 IEEE80211_RADIOTAP_HE_MU_FLAGS1_SIG_B_COMP_KNOWN), 510 .flags2 = cpu_to_le16(IEEE80211_RADIOTAP_HE_MU_FLAGS2_PUNC_FROM_SIG_A_BW_KNOWN | 511 IEEE80211_RADIOTAP_HE_MU_FLAGS2_BW_FROM_SIG_A_BW_KNOWN), 512 }; 513 u16 phy_info = phy_data->phy_info; 514 515 he = skb_put_data(skb, &known, sizeof(known)); 516 rx_status->flag |= RX_FLAG_RADIOTAP_HE; 517 518 if (phy_data->info_type == IWL_RX_PHY_INFO_TYPE_HE_MU || 519 phy_data->info_type == IWL_RX_PHY_INFO_TYPE_HE_MU_EXT) { 520 he_mu = skb_put_data(skb, &mu_known, sizeof(mu_known)); 521 rx_status->flag |= RX_FLAG_RADIOTAP_HE_MU; 522 } 523 524 /* report the AMPDU-EOF bit on single frames */ 525 if (!queue && !(phy_info & IWL_RX_MPDU_PHY_AMPDU)) { 526 rx_status->flag |= RX_FLAG_AMPDU_DETAILS; 527 rx_status->flag |= RX_FLAG_AMPDU_EOF_BIT_KNOWN; 528 if (phy_data->data0 & cpu_to_le32(IWL_RX_PHY_DATA0_HE_DELIM_EOF)) 529 rx_status->flag |= RX_FLAG_AMPDU_EOF_BIT; 530 } 531 532 if (phy_info & IWL_RX_MPDU_PHY_TSF_OVERLOAD) 533 iwl_mld_decode_he_phy_data(phy_data, he, he_mu, rx_status, 534 queue); 535 536 /* update aggregation data for monitor sake on default queue */ 537 if (!queue && (phy_info & IWL_RX_MPDU_PHY_TSF_OVERLOAD) && 538 (phy_info & IWL_RX_MPDU_PHY_AMPDU) && phy_data->first_subframe) { 539 rx_status->flag |= RX_FLAG_AMPDU_EOF_BIT_KNOWN; 540 if (phy_data->data0 & cpu_to_le32(IWL_RX_PHY_DATA0_EHT_DELIM_EOF)) 541 rx_status->flag |= RX_FLAG_AMPDU_EOF_BIT; 542 } 543 544 if (he_type == RATE_MCS_HE_TYPE_EXT_SU && 545 rate_n_flags & RATE_MCS_HE_106T_MSK) { 546 rx_status->bw = RATE_INFO_BW_HE_RU; 547 rx_status->he_ru = NL80211_RATE_INFO_HE_RU_ALLOC_106; 548 } 549 550 /* actually data is filled in mac80211 */ 551 if (he_type == RATE_MCS_HE_TYPE_SU || 552 he_type == RATE_MCS_HE_TYPE_EXT_SU) 553 he->data1 |= 554 cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA1_BW_RU_ALLOC_KNOWN); 555 556 #define CHECK_TYPE(F) \ 557 BUILD_BUG_ON(IEEE80211_RADIOTAP_HE_DATA1_FORMAT_ ## F != \ 558 (RATE_MCS_HE_TYPE_ ## F >> RATE_MCS_HE_TYPE_POS)) 559 560 CHECK_TYPE(SU); 561 CHECK_TYPE(EXT_SU); 562 CHECK_TYPE(MU); 563 CHECK_TYPE(TRIG); 564 565 he->data1 |= cpu_to_le16(he_type >> RATE_MCS_HE_TYPE_POS); 566 567 if (rate_n_flags & RATE_MCS_BF_MSK) 568 he->data5 |= cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA5_TXBF); 569 570 switch ((rate_n_flags & RATE_MCS_HE_GI_LTF_MSK) >> 571 RATE_MCS_HE_GI_LTF_POS) { 572 case 0: 573 if (he_type == RATE_MCS_HE_TYPE_TRIG) 574 rx_status->he_gi = NL80211_RATE_INFO_HE_GI_1_6; 575 else 576 rx_status->he_gi = NL80211_RATE_INFO_HE_GI_0_8; 577 if (he_type == RATE_MCS_HE_TYPE_MU) 578 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_4X; 579 else 580 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_1X; 581 break; 582 case 1: 583 if (he_type == RATE_MCS_HE_TYPE_TRIG) 584 rx_status->he_gi = NL80211_RATE_INFO_HE_GI_1_6; 585 else 586 rx_status->he_gi = NL80211_RATE_INFO_HE_GI_0_8; 587 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_2X; 588 break; 589 case 2: 590 if (he_type == RATE_MCS_HE_TYPE_TRIG) { 591 rx_status->he_gi = NL80211_RATE_INFO_HE_GI_3_2; 592 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_4X; 593 } else { 594 rx_status->he_gi = NL80211_RATE_INFO_HE_GI_1_6; 595 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_2X; 596 } 597 break; 598 case 3: 599 rx_status->he_gi = NL80211_RATE_INFO_HE_GI_3_2; 600 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_4X; 601 break; 602 case 4: 603 rx_status->he_gi = NL80211_RATE_INFO_HE_GI_0_8; 604 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_4X; 605 break; 606 default: 607 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_UNKNOWN; 608 } 609 610 he->data5 |= le16_encode_bits(ltf, 611 IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE); 612 } 613 614 static void iwl_mld_decode_lsig(struct sk_buff *skb, 615 struct iwl_mld_rx_phy_data *phy_data) 616 { 617 struct ieee80211_rx_status *rx_status = IEEE80211_SKB_RXCB(skb); 618 struct ieee80211_radiotap_lsig *lsig; 619 620 switch (phy_data->info_type) { 621 case IWL_RX_PHY_INFO_TYPE_HT: 622 case IWL_RX_PHY_INFO_TYPE_VHT_SU: 623 case IWL_RX_PHY_INFO_TYPE_VHT_MU: 624 case IWL_RX_PHY_INFO_TYPE_HE_TB_EXT: 625 case IWL_RX_PHY_INFO_TYPE_HE_SU: 626 case IWL_RX_PHY_INFO_TYPE_HE_MU: 627 case IWL_RX_PHY_INFO_TYPE_HE_MU_EXT: 628 case IWL_RX_PHY_INFO_TYPE_HE_TB: 629 case IWL_RX_PHY_INFO_TYPE_EHT_MU: 630 case IWL_RX_PHY_INFO_TYPE_EHT_TB: 631 case IWL_RX_PHY_INFO_TYPE_EHT_MU_EXT: 632 case IWL_RX_PHY_INFO_TYPE_EHT_TB_EXT: 633 lsig = skb_put(skb, sizeof(*lsig)); 634 lsig->data1 = cpu_to_le16(IEEE80211_RADIOTAP_LSIG_DATA1_LENGTH_KNOWN); 635 lsig->data2 = le16_encode_bits(le32_get_bits(phy_data->data1, 636 IWL_RX_PHY_DATA1_LSIG_LEN_MASK), 637 IEEE80211_RADIOTAP_LSIG_DATA2_LENGTH); 638 rx_status->flag |= RX_FLAG_RADIOTAP_LSIG; 639 break; 640 default: 641 break; 642 } 643 } 644 645 /* Put a TLV on the skb and return data pointer 646 * 647 * Also pad the len to 4 and zero out all data part 648 */ 649 static void * 650 iwl_mld_radiotap_put_tlv(struct sk_buff *skb, u16 type, u16 len) 651 { 652 struct ieee80211_radiotap_tlv *tlv; 653 654 tlv = skb_put(skb, sizeof(*tlv)); 655 tlv->type = cpu_to_le16(type); 656 tlv->len = cpu_to_le16(len); 657 return skb_put_zero(skb, ALIGN(len, 4)); 658 } 659 660 #define LE32_DEC_ENC(value, dec_bits, enc_bits) \ 661 le32_encode_bits(le32_get_bits(value, dec_bits), enc_bits) 662 663 #define IWL_MLD_ENC_USIG_VALUE_MASK(usig, in_value, dec_bits, enc_bits) do { \ 664 typeof(enc_bits) _enc_bits = enc_bits; \ 665 typeof(usig) _usig = usig; \ 666 (_usig)->mask |= cpu_to_le32(_enc_bits); \ 667 (_usig)->value |= LE32_DEC_ENC(in_value, dec_bits, _enc_bits); \ 668 } while (0) 669 670 #define __IWL_MLD_ENC_EHT_RU(rt_data, rt_ru, fw_data, fw_ru) \ 671 eht->data[(rt_data)] |= \ 672 (cpu_to_le32 \ 673 (IEEE80211_RADIOTAP_EHT_DATA ## rt_data ## _RU_ALLOC_CC_ ## rt_ru ## _KNOWN) | \ 674 LE32_DEC_ENC(data ## fw_data, \ 675 IWL_RX_PHY_DATA ## fw_data ## _EHT_MU_EXT_RU_ALLOC_ ## fw_ru, \ 676 IEEE80211_RADIOTAP_EHT_DATA ## rt_data ## _RU_ALLOC_CC_ ## rt_ru)) 677 678 #define _IWL_MLD_ENC_EHT_RU(rt_data, rt_ru, fw_data, fw_ru) \ 679 __IWL_MLD_ENC_EHT_RU(rt_data, rt_ru, fw_data, fw_ru) 680 681 #define IEEE80211_RADIOTAP_RU_DATA_1_1_1 1 682 #define IEEE80211_RADIOTAP_RU_DATA_2_1_1 2 683 #define IEEE80211_RADIOTAP_RU_DATA_1_1_2 2 684 #define IEEE80211_RADIOTAP_RU_DATA_2_1_2 2 685 #define IEEE80211_RADIOTAP_RU_DATA_1_2_1 3 686 #define IEEE80211_RADIOTAP_RU_DATA_2_2_1 3 687 #define IEEE80211_RADIOTAP_RU_DATA_1_2_2 3 688 #define IEEE80211_RADIOTAP_RU_DATA_2_2_2 4 689 690 #define IWL_RX_RU_DATA_A1 2 691 #define IWL_RX_RU_DATA_A2 2 692 #define IWL_RX_RU_DATA_B1 2 693 #define IWL_RX_RU_DATA_B2 4 694 #define IWL_RX_RU_DATA_C1 3 695 #define IWL_RX_RU_DATA_C2 3 696 #define IWL_RX_RU_DATA_D1 4 697 #define IWL_RX_RU_DATA_D2 4 698 699 #define IWL_MLD_ENC_EHT_RU(rt_ru, fw_ru) \ 700 _IWL_MLD_ENC_EHT_RU(IEEE80211_RADIOTAP_RU_DATA_ ## rt_ru, \ 701 rt_ru, \ 702 IWL_RX_RU_DATA_ ## fw_ru, \ 703 fw_ru) 704 705 static void iwl_mld_decode_eht_ext_mu(struct iwl_mld *mld, 706 struct iwl_mld_rx_phy_data *phy_data, 707 struct ieee80211_rx_status *rx_status, 708 struct ieee80211_radiotap_eht *eht, 709 struct ieee80211_radiotap_eht_usig *usig) 710 { 711 if (phy_data->with_data) { 712 __le32 data1 = phy_data->data1; 713 __le32 data2 = phy_data->data2; 714 __le32 data3 = phy_data->data3; 715 __le32 data4 = phy_data->eht_data4; 716 __le32 data5 = phy_data->data5; 717 u32 phy_bw = phy_data->rate_n_flags & RATE_MCS_CHAN_WIDTH_MSK; 718 719 IWL_MLD_ENC_USIG_VALUE_MASK(usig, data5, 720 IWL_RX_PHY_DATA5_EHT_TYPE_AND_COMP, 721 IEEE80211_RADIOTAP_EHT_USIG2_MU_B0_B1_PPDU_TYPE); 722 IWL_MLD_ENC_USIG_VALUE_MASK(usig, data5, 723 IWL_RX_PHY_DATA5_EHT_MU_PUNC_CH_CODE, 724 IEEE80211_RADIOTAP_EHT_USIG2_MU_B3_B7_PUNCTURED_INFO); 725 IWL_MLD_ENC_USIG_VALUE_MASK(usig, data4, 726 IWL_RX_PHY_DATA4_EHT_MU_EXT_SIGB_MCS, 727 IEEE80211_RADIOTAP_EHT_USIG2_MU_B9_B10_SIG_MCS); 728 IWL_MLD_ENC_USIG_VALUE_MASK 729 (usig, data1, IWL_RX_PHY_DATA1_EHT_MU_NUM_SIG_SYM_USIGA2, 730 IEEE80211_RADIOTAP_EHT_USIG2_MU_B11_B15_EHT_SIG_SYMBOLS); 731 732 eht->user_info[0] |= 733 cpu_to_le32(IEEE80211_RADIOTAP_EHT_USER_INFO_STA_ID_KNOWN) | 734 LE32_DEC_ENC(data5, IWL_RX_PHY_DATA5_EHT_MU_STA_ID_USR, 735 IEEE80211_RADIOTAP_EHT_USER_INFO_STA_ID); 736 737 eht->known |= cpu_to_le32(IEEE80211_RADIOTAP_EHT_KNOWN_NR_NON_OFDMA_USERS_M); 738 eht->data[7] |= LE32_DEC_ENC 739 (data5, IWL_RX_PHY_DATA5_EHT_MU_NUM_USR_NON_OFDMA, 740 IEEE80211_RADIOTAP_EHT_DATA7_NUM_OF_NON_OFDMA_USERS); 741 742 /* 743 * Hardware labels the content channels/RU allocation values 744 * as follows: 745 * Content Channel 1 Content Channel 2 746 * 20 MHz: A1 747 * 40 MHz: A1 B1 748 * 80 MHz: A1 C1 B1 D1 749 * 160 MHz: A1 C1 A2 C2 B1 D1 B2 D2 750 * 320 MHz: A1 C1 A2 C2 A3 C3 A4 C4 B1 D1 B2 D2 B3 D3 B4 D4 751 * 752 * However firmware can only give us A1-D2, so the higher 753 * frequencies are missing. 754 */ 755 756 switch (phy_bw) { 757 case RATE_MCS_CHAN_WIDTH_320: 758 /* additional values are missing in RX metadata */ 759 fallthrough; 760 case RATE_MCS_CHAN_WIDTH_160: 761 /* content channel 1 */ 762 IWL_MLD_ENC_EHT_RU(1_2_1, A2); 763 IWL_MLD_ENC_EHT_RU(1_2_2, C2); 764 /* content channel 2 */ 765 IWL_MLD_ENC_EHT_RU(2_2_1, B2); 766 IWL_MLD_ENC_EHT_RU(2_2_2, D2); 767 fallthrough; 768 case RATE_MCS_CHAN_WIDTH_80: 769 /* content channel 1 */ 770 IWL_MLD_ENC_EHT_RU(1_1_2, C1); 771 /* content channel 2 */ 772 IWL_MLD_ENC_EHT_RU(2_1_2, D1); 773 fallthrough; 774 case RATE_MCS_CHAN_WIDTH_40: 775 /* content channel 2 */ 776 IWL_MLD_ENC_EHT_RU(2_1_1, B1); 777 fallthrough; 778 case RATE_MCS_CHAN_WIDTH_20: 779 IWL_MLD_ENC_EHT_RU(1_1_1, A1); 780 break; 781 } 782 } else { 783 __le32 usig_a1 = phy_data->rx_vec[0]; 784 __le32 usig_a2 = phy_data->rx_vec[1]; 785 786 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a1, 787 IWL_RX_USIG_A1_DISREGARD, 788 IEEE80211_RADIOTAP_EHT_USIG1_MU_B20_B24_DISREGARD); 789 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a1, 790 IWL_RX_USIG_A1_VALIDATE, 791 IEEE80211_RADIOTAP_EHT_USIG1_MU_B25_VALIDATE); 792 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2, 793 IWL_RX_USIG_A2_EHT_PPDU_TYPE, 794 IEEE80211_RADIOTAP_EHT_USIG2_MU_B0_B1_PPDU_TYPE); 795 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2, 796 IWL_RX_USIG_A2_EHT_USIG2_VALIDATE_B2, 797 IEEE80211_RADIOTAP_EHT_USIG2_MU_B2_VALIDATE); 798 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2, 799 IWL_RX_USIG_A2_EHT_PUNC_CHANNEL, 800 IEEE80211_RADIOTAP_EHT_USIG2_MU_B3_B7_PUNCTURED_INFO); 801 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2, 802 IWL_RX_USIG_A2_EHT_USIG2_VALIDATE_B8, 803 IEEE80211_RADIOTAP_EHT_USIG2_MU_B8_VALIDATE); 804 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2, 805 IWL_RX_USIG_A2_EHT_SIG_MCS, 806 IEEE80211_RADIOTAP_EHT_USIG2_MU_B9_B10_SIG_MCS); 807 IWL_MLD_ENC_USIG_VALUE_MASK 808 (usig, usig_a2, IWL_RX_USIG_A2_EHT_SIG_SYM_NUM, 809 IEEE80211_RADIOTAP_EHT_USIG2_MU_B11_B15_EHT_SIG_SYMBOLS); 810 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2, 811 IWL_RX_USIG_A2_EHT_CRC_OK, 812 IEEE80211_RADIOTAP_EHT_USIG2_MU_B16_B19_CRC); 813 } 814 } 815 816 static void iwl_mld_decode_eht_ext_tb(struct iwl_mld *mld, 817 struct iwl_mld_rx_phy_data *phy_data, 818 struct ieee80211_rx_status *rx_status, 819 struct ieee80211_radiotap_eht *eht, 820 struct ieee80211_radiotap_eht_usig *usig) 821 { 822 if (phy_data->with_data) { 823 __le32 data5 = phy_data->data5; 824 825 IWL_MLD_ENC_USIG_VALUE_MASK(usig, data5, 826 IWL_RX_PHY_DATA5_EHT_TYPE_AND_COMP, 827 IEEE80211_RADIOTAP_EHT_USIG2_TB_B0_B1_PPDU_TYPE); 828 IWL_MLD_ENC_USIG_VALUE_MASK(usig, data5, 829 IWL_RX_PHY_DATA5_EHT_TB_SPATIAL_REUSE1, 830 IEEE80211_RADIOTAP_EHT_USIG2_TB_B3_B6_SPATIAL_REUSE_1); 831 832 IWL_MLD_ENC_USIG_VALUE_MASK(usig, data5, 833 IWL_RX_PHY_DATA5_EHT_TB_SPATIAL_REUSE2, 834 IEEE80211_RADIOTAP_EHT_USIG2_TB_B7_B10_SPATIAL_REUSE_2); 835 } else { 836 __le32 usig_a1 = phy_data->rx_vec[0]; 837 __le32 usig_a2 = phy_data->rx_vec[1]; 838 839 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a1, 840 IWL_RX_USIG_A1_DISREGARD, 841 IEEE80211_RADIOTAP_EHT_USIG1_TB_B20_B25_DISREGARD); 842 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2, 843 IWL_RX_USIG_A2_EHT_PPDU_TYPE, 844 IEEE80211_RADIOTAP_EHT_USIG2_TB_B0_B1_PPDU_TYPE); 845 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2, 846 IWL_RX_USIG_A2_EHT_USIG2_VALIDATE_B2, 847 IEEE80211_RADIOTAP_EHT_USIG2_TB_B2_VALIDATE); 848 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2, 849 IWL_RX_USIG_A2_EHT_TRIG_SPATIAL_REUSE_1, 850 IEEE80211_RADIOTAP_EHT_USIG2_TB_B3_B6_SPATIAL_REUSE_1); 851 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2, 852 IWL_RX_USIG_A2_EHT_TRIG_SPATIAL_REUSE_2, 853 IEEE80211_RADIOTAP_EHT_USIG2_TB_B7_B10_SPATIAL_REUSE_2); 854 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2, 855 IWL_RX_USIG_A2_EHT_TRIG_USIG2_DISREGARD, 856 IEEE80211_RADIOTAP_EHT_USIG2_TB_B11_B15_DISREGARD); 857 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2, 858 IWL_RX_USIG_A2_EHT_CRC_OK, 859 IEEE80211_RADIOTAP_EHT_USIG2_TB_B16_B19_CRC); 860 } 861 } 862 863 static void iwl_mld_decode_eht_ru(struct iwl_mld *mld, 864 struct ieee80211_rx_status *rx_status, 865 struct ieee80211_radiotap_eht *eht) 866 { 867 u32 ru = le32_get_bits(eht->data[8], 868 IEEE80211_RADIOTAP_EHT_DATA8_RU_ALLOC_TB_FMT_B7_B1); 869 enum nl80211_eht_ru_alloc nl_ru; 870 871 /* Using D1.5 Table 9-53a - Encoding of PS160 and RU Allocation subfields 872 * in an EHT variant User Info field 873 */ 874 875 switch (ru) { 876 case 0 ... 36: 877 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_26; 878 break; 879 case 37 ... 52: 880 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_52; 881 break; 882 case 53 ... 60: 883 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_106; 884 break; 885 case 61 ... 64: 886 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_242; 887 break; 888 case 65 ... 66: 889 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_484; 890 break; 891 case 67: 892 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_996; 893 break; 894 case 68: 895 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_2x996; 896 break; 897 case 69: 898 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_4x996; 899 break; 900 case 70 ... 81: 901 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_52P26; 902 break; 903 case 82 ... 89: 904 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_106P26; 905 break; 906 case 90 ... 93: 907 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_484P242; 908 break; 909 case 94 ... 95: 910 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_996P484; 911 break; 912 case 96 ... 99: 913 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_996P484P242; 914 break; 915 case 100 ... 103: 916 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_2x996P484; 917 break; 918 case 104: 919 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_3x996; 920 break; 921 case 105 ... 106: 922 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_3x996P484; 923 break; 924 default: 925 return; 926 } 927 928 rx_status->bw = RATE_INFO_BW_EHT_RU; 929 rx_status->eht.ru = nl_ru; 930 } 931 932 static void iwl_mld_decode_eht_phy_data(struct iwl_mld *mld, 933 struct iwl_mld_rx_phy_data *phy_data, 934 struct ieee80211_rx_status *rx_status, 935 struct ieee80211_radiotap_eht *eht, 936 struct ieee80211_radiotap_eht_usig *usig) 937 938 { 939 __le32 data0 = phy_data->data0; 940 __le32 data1 = phy_data->data1; 941 __le32 usig_a1 = phy_data->rx_vec[0]; 942 u8 info_type = phy_data->info_type; 943 944 /* Not in EHT range */ 945 if (info_type < IWL_RX_PHY_INFO_TYPE_EHT_MU || 946 info_type > IWL_RX_PHY_INFO_TYPE_EHT_TB_EXT) 947 return; 948 949 usig->common |= cpu_to_le32 950 (IEEE80211_RADIOTAP_EHT_USIG_COMMON_UL_DL_KNOWN | 951 IEEE80211_RADIOTAP_EHT_USIG_COMMON_BSS_COLOR_KNOWN); 952 if (phy_data->with_data) { 953 usig->common |= LE32_DEC_ENC(data0, 954 IWL_RX_PHY_DATA0_EHT_UPLINK, 955 IEEE80211_RADIOTAP_EHT_USIG_COMMON_UL_DL); 956 usig->common |= LE32_DEC_ENC(data0, 957 IWL_RX_PHY_DATA0_EHT_BSS_COLOR_MASK, 958 IEEE80211_RADIOTAP_EHT_USIG_COMMON_BSS_COLOR); 959 } else { 960 usig->common |= LE32_DEC_ENC(usig_a1, 961 IWL_RX_USIG_A1_UL_FLAG, 962 IEEE80211_RADIOTAP_EHT_USIG_COMMON_UL_DL); 963 usig->common |= LE32_DEC_ENC(usig_a1, 964 IWL_RX_USIG_A1_BSS_COLOR, 965 IEEE80211_RADIOTAP_EHT_USIG_COMMON_BSS_COLOR); 966 } 967 968 usig->common |= 969 cpu_to_le32(IEEE80211_RADIOTAP_EHT_USIG_COMMON_VALIDATE_BITS_CHECKED); 970 usig->common |= 971 LE32_DEC_ENC(data0, IWL_RX_PHY_DATA0_EHT_VALIDATE, 972 IEEE80211_RADIOTAP_EHT_USIG_COMMON_VALIDATE_BITS_OK); 973 974 eht->known |= cpu_to_le32(IEEE80211_RADIOTAP_EHT_KNOWN_SPATIAL_REUSE); 975 eht->data[0] |= LE32_DEC_ENC(data0, 976 IWL_RX_PHY_DATA0_ETH_SPATIAL_REUSE_MASK, 977 IEEE80211_RADIOTAP_EHT_DATA0_SPATIAL_REUSE); 978 979 /* All RU allocating size/index is in TB format */ 980 eht->known |= cpu_to_le32(IEEE80211_RADIOTAP_EHT_KNOWN_RU_ALLOC_TB_FMT); 981 eht->data[8] |= LE32_DEC_ENC(data0, IWL_RX_PHY_DATA0_EHT_PS160, 982 IEEE80211_RADIOTAP_EHT_DATA8_RU_ALLOC_TB_FMT_PS_160); 983 eht->data[8] |= LE32_DEC_ENC(data1, IWL_RX_PHY_DATA1_EHT_RU_ALLOC_B0, 984 IEEE80211_RADIOTAP_EHT_DATA8_RU_ALLOC_TB_FMT_B0); 985 eht->data[8] |= LE32_DEC_ENC(data1, IWL_RX_PHY_DATA1_EHT_RU_ALLOC_B1_B7, 986 IEEE80211_RADIOTAP_EHT_DATA8_RU_ALLOC_TB_FMT_B7_B1); 987 988 iwl_mld_decode_eht_ru(mld, rx_status, eht); 989 990 /* We only get here in case of IWL_RX_MPDU_PHY_TSF_OVERLOAD is set 991 * which is on only in case of monitor mode so no need to check monitor 992 * mode 993 */ 994 eht->known |= cpu_to_le32(IEEE80211_RADIOTAP_EHT_KNOWN_PRIMARY_80); 995 eht->data[1] |= 996 le32_encode_bits(mld->monitor.p80, 997 IEEE80211_RADIOTAP_EHT_DATA1_PRIMARY_80); 998 999 usig->common |= cpu_to_le32(IEEE80211_RADIOTAP_EHT_USIG_COMMON_TXOP_KNOWN); 1000 if (phy_data->with_data) 1001 usig->common |= LE32_DEC_ENC(data0, IWL_RX_PHY_DATA0_EHT_TXOP_DUR_MASK, 1002 IEEE80211_RADIOTAP_EHT_USIG_COMMON_TXOP); 1003 else 1004 usig->common |= LE32_DEC_ENC(usig_a1, IWL_RX_USIG_A1_TXOP_DURATION, 1005 IEEE80211_RADIOTAP_EHT_USIG_COMMON_TXOP); 1006 1007 eht->known |= cpu_to_le32(IEEE80211_RADIOTAP_EHT_KNOWN_LDPC_EXTRA_SYM_OM); 1008 eht->data[0] |= LE32_DEC_ENC(data0, IWL_RX_PHY_DATA0_EHT_LDPC_EXT_SYM, 1009 IEEE80211_RADIOTAP_EHT_DATA0_LDPC_EXTRA_SYM_OM); 1010 1011 eht->known |= cpu_to_le32(IEEE80211_RADIOTAP_EHT_KNOWN_PRE_PADD_FACOR_OM); 1012 eht->data[0] |= LE32_DEC_ENC(data0, IWL_RX_PHY_DATA0_EHT_PRE_FEC_PAD_MASK, 1013 IEEE80211_RADIOTAP_EHT_DATA0_PRE_PADD_FACOR_OM); 1014 1015 eht->known |= cpu_to_le32(IEEE80211_RADIOTAP_EHT_KNOWN_PE_DISAMBIGUITY_OM); 1016 eht->data[0] |= LE32_DEC_ENC(data0, IWL_RX_PHY_DATA0_EHT_PE_DISAMBIG, 1017 IEEE80211_RADIOTAP_EHT_DATA0_PE_DISAMBIGUITY_OM); 1018 1019 /* TODO: what about IWL_RX_PHY_DATA0_EHT_BW320_SLOT */ 1020 1021 if (!le32_get_bits(data0, IWL_RX_PHY_DATA0_EHT_SIGA_CRC_OK)) 1022 usig->common |= cpu_to_le32(IEEE80211_RADIOTAP_EHT_USIG_COMMON_BAD_USIG_CRC); 1023 1024 usig->common |= cpu_to_le32(IEEE80211_RADIOTAP_EHT_USIG_COMMON_PHY_VER_KNOWN); 1025 usig->common |= LE32_DEC_ENC(data0, IWL_RX_PHY_DATA0_EHT_PHY_VER, 1026 IEEE80211_RADIOTAP_EHT_USIG_COMMON_PHY_VER); 1027 1028 /* 1029 * TODO: what about TB - IWL_RX_PHY_DATA1_EHT_TB_PILOT_TYPE, 1030 * IWL_RX_PHY_DATA1_EHT_TB_LOW_SS 1031 */ 1032 1033 eht->known |= cpu_to_le32(IEEE80211_RADIOTAP_EHT_KNOWN_EHT_LTF); 1034 eht->data[0] |= LE32_DEC_ENC(data1, IWL_RX_PHY_DATA1_EHT_SIG_LTF_NUM, 1035 IEEE80211_RADIOTAP_EHT_DATA0_EHT_LTF); 1036 1037 if (info_type == IWL_RX_PHY_INFO_TYPE_EHT_TB_EXT || 1038 info_type == IWL_RX_PHY_INFO_TYPE_EHT_TB) 1039 iwl_mld_decode_eht_ext_tb(mld, phy_data, rx_status, eht, usig); 1040 1041 if (info_type == IWL_RX_PHY_INFO_TYPE_EHT_MU_EXT || 1042 info_type == IWL_RX_PHY_INFO_TYPE_EHT_MU) 1043 iwl_mld_decode_eht_ext_mu(mld, phy_data, rx_status, eht, usig); 1044 } 1045 1046 static void iwl_mld_rx_eht(struct iwl_mld *mld, struct sk_buff *skb, 1047 struct iwl_mld_rx_phy_data *phy_data, 1048 int queue) 1049 { 1050 struct ieee80211_rx_status *rx_status = IEEE80211_SKB_RXCB(skb); 1051 struct ieee80211_radiotap_eht *eht; 1052 struct ieee80211_radiotap_eht_usig *usig; 1053 size_t eht_len = sizeof(*eht); 1054 1055 u32 rate_n_flags = phy_data->rate_n_flags; 1056 u32 he_type = rate_n_flags & RATE_MCS_HE_TYPE_MSK; 1057 /* EHT and HE have the same values for LTF */ 1058 u8 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_UNKNOWN; 1059 u16 phy_info = phy_data->phy_info; 1060 u32 bw; 1061 1062 /* u32 for 1 user_info */ 1063 if (phy_data->with_data) 1064 eht_len += sizeof(u32); 1065 1066 eht = iwl_mld_radiotap_put_tlv(skb, IEEE80211_RADIOTAP_EHT, eht_len); 1067 1068 usig = iwl_mld_radiotap_put_tlv(skb, IEEE80211_RADIOTAP_EHT_USIG, 1069 sizeof(*usig)); 1070 rx_status->flag |= RX_FLAG_RADIOTAP_TLV_AT_END; 1071 usig->common |= 1072 cpu_to_le32(IEEE80211_RADIOTAP_EHT_USIG_COMMON_BW_KNOWN); 1073 1074 /* specific handling for 320MHz */ 1075 bw = u32_get_bits(rate_n_flags, RATE_MCS_CHAN_WIDTH_MSK); 1076 if (bw == RATE_MCS_CHAN_WIDTH_320_VAL) 1077 bw += le32_get_bits(phy_data->data0, 1078 IWL_RX_PHY_DATA0_EHT_BW320_SLOT); 1079 1080 usig->common |= cpu_to_le32 1081 (FIELD_PREP(IEEE80211_RADIOTAP_EHT_USIG_COMMON_BW, bw)); 1082 1083 /* report the AMPDU-EOF bit on single frames */ 1084 if (!queue && !(phy_info & IWL_RX_MPDU_PHY_AMPDU)) { 1085 rx_status->flag |= RX_FLAG_AMPDU_DETAILS; 1086 rx_status->flag |= RX_FLAG_AMPDU_EOF_BIT_KNOWN; 1087 if (phy_data->data0 & 1088 cpu_to_le32(IWL_RX_PHY_DATA0_EHT_DELIM_EOF)) 1089 rx_status->flag |= RX_FLAG_AMPDU_EOF_BIT; 1090 } 1091 1092 /* update aggregation data for monitor sake on default queue */ 1093 if (!queue && (phy_info & IWL_RX_MPDU_PHY_TSF_OVERLOAD) && 1094 (phy_info & IWL_RX_MPDU_PHY_AMPDU) && phy_data->first_subframe) { 1095 rx_status->flag |= RX_FLAG_AMPDU_EOF_BIT_KNOWN; 1096 if (phy_data->data0 & 1097 cpu_to_le32(IWL_RX_PHY_DATA0_EHT_DELIM_EOF)) 1098 rx_status->flag |= RX_FLAG_AMPDU_EOF_BIT; 1099 } 1100 1101 if (phy_info & IWL_RX_MPDU_PHY_TSF_OVERLOAD) 1102 iwl_mld_decode_eht_phy_data(mld, phy_data, rx_status, eht, usig); 1103 1104 #define CHECK_TYPE(F) \ 1105 BUILD_BUG_ON(IEEE80211_RADIOTAP_HE_DATA1_FORMAT_ ## F != \ 1106 (RATE_MCS_HE_TYPE_ ## F >> RATE_MCS_HE_TYPE_POS)) 1107 1108 CHECK_TYPE(SU); 1109 CHECK_TYPE(EXT_SU); 1110 CHECK_TYPE(MU); 1111 CHECK_TYPE(TRIG); 1112 1113 switch (u32_get_bits(rate_n_flags, RATE_MCS_HE_GI_LTF_MSK)) { 1114 case 0: 1115 if (he_type == RATE_MCS_HE_TYPE_TRIG) { 1116 rx_status->eht.gi = NL80211_RATE_INFO_EHT_GI_1_6; 1117 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_1X; 1118 } else { 1119 rx_status->eht.gi = NL80211_RATE_INFO_EHT_GI_0_8; 1120 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_2X; 1121 } 1122 break; 1123 case 1: 1124 rx_status->eht.gi = NL80211_RATE_INFO_EHT_GI_1_6; 1125 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_2X; 1126 break; 1127 case 2: 1128 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_4X; 1129 if (he_type == RATE_MCS_HE_TYPE_TRIG) 1130 rx_status->eht.gi = NL80211_RATE_INFO_EHT_GI_3_2; 1131 else 1132 rx_status->eht.gi = NL80211_RATE_INFO_EHT_GI_0_8; 1133 break; 1134 case 3: 1135 if (he_type != RATE_MCS_HE_TYPE_TRIG) { 1136 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_4X; 1137 rx_status->eht.gi = NL80211_RATE_INFO_EHT_GI_3_2; 1138 } 1139 break; 1140 default: 1141 /* nothing here */ 1142 break; 1143 } 1144 1145 if (ltf != IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_UNKNOWN) { 1146 eht->known |= cpu_to_le32(IEEE80211_RADIOTAP_EHT_KNOWN_GI); 1147 eht->data[0] |= cpu_to_le32 1148 (FIELD_PREP(IEEE80211_RADIOTAP_EHT_DATA0_LTF, 1149 ltf) | 1150 FIELD_PREP(IEEE80211_RADIOTAP_EHT_DATA0_GI, 1151 rx_status->eht.gi)); 1152 } 1153 1154 if (!phy_data->with_data) { 1155 eht->known |= cpu_to_le32(IEEE80211_RADIOTAP_EHT_KNOWN_NSS_S | 1156 IEEE80211_RADIOTAP_EHT_KNOWN_BEAMFORMED_S); 1157 eht->data[7] |= 1158 le32_encode_bits(le32_get_bits(phy_data->rx_vec[2], 1159 RX_NO_DATA_RX_VEC2_EHT_NSTS_MSK), 1160 IEEE80211_RADIOTAP_EHT_DATA7_NSS_S); 1161 if (rate_n_flags & RATE_MCS_BF_MSK) 1162 eht->data[7] |= 1163 cpu_to_le32(IEEE80211_RADIOTAP_EHT_DATA7_BEAMFORMED_S); 1164 } else { 1165 eht->user_info[0] |= 1166 cpu_to_le32(IEEE80211_RADIOTAP_EHT_USER_INFO_MCS_KNOWN | 1167 IEEE80211_RADIOTAP_EHT_USER_INFO_CODING_KNOWN | 1168 IEEE80211_RADIOTAP_EHT_USER_INFO_NSS_KNOWN_O | 1169 IEEE80211_RADIOTAP_EHT_USER_INFO_BEAMFORMING_KNOWN_O | 1170 IEEE80211_RADIOTAP_EHT_USER_INFO_DATA_FOR_USER); 1171 1172 if (rate_n_flags & RATE_MCS_BF_MSK) 1173 eht->user_info[0] |= 1174 cpu_to_le32(IEEE80211_RADIOTAP_EHT_USER_INFO_BEAMFORMING_O); 1175 1176 if (rate_n_flags & RATE_MCS_LDPC_MSK) 1177 eht->user_info[0] |= 1178 cpu_to_le32(IEEE80211_RADIOTAP_EHT_USER_INFO_CODING); 1179 1180 eht->user_info[0] |= cpu_to_le32 1181 (FIELD_PREP(IEEE80211_RADIOTAP_EHT_USER_INFO_MCS, 1182 u32_get_bits(rate_n_flags, 1183 RATE_VHT_MCS_RATE_CODE_MSK)) | 1184 FIELD_PREP(IEEE80211_RADIOTAP_EHT_USER_INFO_NSS_O, 1185 u32_get_bits(rate_n_flags, 1186 RATE_MCS_NSS_MSK))); 1187 } 1188 } 1189 1190 #ifdef CONFIG_IWLWIFI_DEBUGFS 1191 static void iwl_mld_add_rtap_sniffer_config(struct iwl_mld *mld, 1192 struct sk_buff *skb) 1193 { 1194 struct ieee80211_rx_status *rx_status = IEEE80211_SKB_RXCB(skb); 1195 struct ieee80211_radiotap_vendor_content *radiotap; 1196 const u16 vendor_data_len = sizeof(mld->monitor.cur_aid); 1197 1198 if (!mld->monitor.cur_aid) 1199 return; 1200 1201 radiotap = 1202 iwl_mld_radiotap_put_tlv(skb, 1203 IEEE80211_RADIOTAP_VENDOR_NAMESPACE, 1204 sizeof(*radiotap) + vendor_data_len); 1205 1206 /* Intel OUI */ 1207 radiotap->oui[0] = 0xf6; 1208 radiotap->oui[1] = 0x54; 1209 radiotap->oui[2] = 0x25; 1210 /* radiotap sniffer config sub-namespace */ 1211 radiotap->oui_subtype = 1; 1212 radiotap->vendor_type = 0; 1213 1214 /* fill the data now */ 1215 memcpy(radiotap->data, &mld->monitor.cur_aid, 1216 sizeof(mld->monitor.cur_aid)); 1217 1218 rx_status->flag |= RX_FLAG_RADIOTAP_TLV_AT_END; 1219 } 1220 #endif 1221 1222 /* Note: hdr can be NULL */ 1223 static void iwl_mld_rx_fill_status(struct iwl_mld *mld, int link_id, 1224 struct ieee80211_hdr *hdr, 1225 struct sk_buff *skb, 1226 struct iwl_mld_rx_phy_data *phy_data, 1227 int queue) 1228 { 1229 struct ieee80211_rx_status *rx_status = IEEE80211_SKB_RXCB(skb); 1230 u32 format = phy_data->rate_n_flags & RATE_MCS_MOD_TYPE_MSK; 1231 u32 rate_n_flags = phy_data->rate_n_flags; 1232 u8 stbc = u32_get_bits(rate_n_flags, RATE_MCS_STBC_MSK); 1233 bool is_sgi = rate_n_flags & RATE_MCS_SGI_MSK; 1234 1235 phy_data->info_type = IWL_RX_PHY_INFO_TYPE_NONE; 1236 1237 if (phy_data->phy_info & IWL_RX_MPDU_PHY_TSF_OVERLOAD) 1238 phy_data->info_type = 1239 le32_get_bits(phy_data->data1, 1240 IWL_RX_PHY_DATA1_INFO_TYPE_MASK); 1241 1242 /* set the preamble flag if appropriate */ 1243 if (format == RATE_MCS_MOD_TYPE_CCK && 1244 phy_data->phy_info & IWL_RX_MPDU_PHY_SHORT_PREAMBLE) 1245 rx_status->enc_flags |= RX_ENC_FLAG_SHORTPRE; 1246 1247 iwl_mld_fill_signal(mld, link_id, hdr, rx_status, phy_data); 1248 1249 /* This may be overridden by iwl_mld_rx_he() to HE_RU */ 1250 switch (rate_n_flags & RATE_MCS_CHAN_WIDTH_MSK) { 1251 case RATE_MCS_CHAN_WIDTH_20: 1252 break; 1253 case RATE_MCS_CHAN_WIDTH_40: 1254 rx_status->bw = RATE_INFO_BW_40; 1255 break; 1256 case RATE_MCS_CHAN_WIDTH_80: 1257 rx_status->bw = RATE_INFO_BW_80; 1258 break; 1259 case RATE_MCS_CHAN_WIDTH_160: 1260 rx_status->bw = RATE_INFO_BW_160; 1261 break; 1262 case RATE_MCS_CHAN_WIDTH_320: 1263 rx_status->bw = RATE_INFO_BW_320; 1264 break; 1265 } 1266 1267 /* must be before L-SIG data */ 1268 if (format == RATE_MCS_MOD_TYPE_HE) 1269 iwl_mld_rx_he(mld, skb, phy_data, queue); 1270 1271 iwl_mld_decode_lsig(skb, phy_data); 1272 1273 rx_status->device_timestamp = phy_data->gp2_on_air_rise; 1274 1275 /* using TLV format and must be after all fixed len fields */ 1276 if (format == RATE_MCS_MOD_TYPE_EHT) 1277 iwl_mld_rx_eht(mld, skb, phy_data, queue); 1278 1279 #ifdef CONFIG_IWLWIFI_DEBUGFS 1280 if (unlikely(mld->monitor.on)) { 1281 iwl_mld_add_rtap_sniffer_config(mld, skb); 1282 1283 if (mld->monitor.ptp_time) { 1284 u64 adj_time = 1285 iwl_mld_ptp_get_adj_time(mld, 1286 phy_data->gp2_on_air_rise * 1287 NSEC_PER_USEC); 1288 1289 rx_status->mactime = div64_u64(adj_time, NSEC_PER_USEC); 1290 rx_status->flag |= RX_FLAG_MACTIME_IS_RTAP_TS64; 1291 rx_status->flag &= ~RX_FLAG_MACTIME; 1292 } 1293 } 1294 #endif 1295 1296 if (format != RATE_MCS_MOD_TYPE_CCK && is_sgi) 1297 rx_status->enc_flags |= RX_ENC_FLAG_SHORT_GI; 1298 1299 if (rate_n_flags & RATE_MCS_LDPC_MSK) 1300 rx_status->enc_flags |= RX_ENC_FLAG_LDPC; 1301 1302 switch (format) { 1303 case RATE_MCS_MOD_TYPE_HT: 1304 rx_status->encoding = RX_ENC_HT; 1305 rx_status->rate_idx = RATE_HT_MCS_INDEX(rate_n_flags); 1306 rx_status->enc_flags |= stbc << RX_ENC_FLAG_STBC_SHIFT; 1307 break; 1308 case RATE_MCS_MOD_TYPE_VHT: 1309 case RATE_MCS_MOD_TYPE_HE: 1310 case RATE_MCS_MOD_TYPE_EHT: 1311 if (format == RATE_MCS_MOD_TYPE_VHT) { 1312 rx_status->encoding = RX_ENC_VHT; 1313 } else if (format == RATE_MCS_MOD_TYPE_HE) { 1314 rx_status->encoding = RX_ENC_HE; 1315 rx_status->he_dcm = 1316 !!(rate_n_flags & RATE_HE_DUAL_CARRIER_MODE_MSK); 1317 } else if (format == RATE_MCS_MOD_TYPE_EHT) { 1318 rx_status->encoding = RX_ENC_EHT; 1319 } 1320 1321 rx_status->nss = u32_get_bits(rate_n_flags, 1322 RATE_MCS_NSS_MSK) + 1; 1323 rx_status->rate_idx = rate_n_flags & RATE_MCS_CODE_MSK; 1324 rx_status->enc_flags |= stbc << RX_ENC_FLAG_STBC_SHIFT; 1325 break; 1326 default: { 1327 int rate = 1328 iwl_mld_legacy_hw_idx_to_mac80211_idx(rate_n_flags, 1329 rx_status->band); 1330 1331 /* valid rate */ 1332 if (rate >= 0 && rate <= 0xFF) { 1333 rx_status->rate_idx = rate; 1334 break; 1335 } 1336 1337 /* invalid rate */ 1338 rx_status->rate_idx = 0; 1339 1340 if (net_ratelimit()) 1341 IWL_ERR(mld, "invalid rate_n_flags=0x%x, band=%d\n", 1342 rate_n_flags, rx_status->band); 1343 break; 1344 } 1345 } 1346 } 1347 1348 /* iwl_mld_create_skb adds the rxb to a new skb */ 1349 static int iwl_mld_build_rx_skb(struct iwl_mld *mld, struct sk_buff *skb, 1350 struct ieee80211_hdr *hdr, u16 len, 1351 u8 crypt_len, struct iwl_rx_cmd_buffer *rxb) 1352 { 1353 struct iwl_rx_packet *pkt = rxb_addr(rxb); 1354 struct iwl_rx_mpdu_desc *desc = (void *)pkt->data; 1355 unsigned int headlen, fraglen, pad_len = 0; 1356 unsigned int hdrlen = ieee80211_hdrlen(hdr->frame_control); 1357 u8 mic_crc_len = u8_get_bits(desc->mac_flags1, 1358 IWL_RX_MPDU_MFLG1_MIC_CRC_LEN_MASK) << 1; 1359 1360 if (desc->mac_flags2 & IWL_RX_MPDU_MFLG2_PAD) { 1361 len -= 2; 1362 pad_len = 2; 1363 } 1364 1365 /* For non monitor interface strip the bytes the RADA might not have 1366 * removed (it might be disabled, e.g. for mgmt frames). As a monitor 1367 * interface cannot exist with other interfaces, this removal is safe 1368 * and sufficient, in monitor mode there's no decryption being done. 1369 */ 1370 if (len > mic_crc_len && !ieee80211_hw_check(mld->hw, RX_INCLUDES_FCS)) 1371 len -= mic_crc_len; 1372 1373 /* If frame is small enough to fit in skb->head, pull it completely. 1374 * If not, only pull ieee80211_hdr (including crypto if present, and 1375 * an additional 8 bytes for SNAP/ethertype, see below) so that 1376 * splice() or TCP coalesce are more efficient. 1377 * 1378 * Since, in addition, ieee80211_data_to_8023() always pull in at 1379 * least 8 bytes (possibly more for mesh) we can do the same here 1380 * to save the cost of doing it later. That still doesn't pull in 1381 * the actual IP header since the typical case has a SNAP header. 1382 * If the latter changes (there are efforts in the standards group 1383 * to do so) we should revisit this and ieee80211_data_to_8023(). 1384 */ 1385 headlen = (len <= skb_tailroom(skb)) ? len : hdrlen + crypt_len + 8; 1386 1387 /* The firmware may align the packet to DWORD. 1388 * The padding is inserted after the IV. 1389 * After copying the header + IV skip the padding if 1390 * present before copying packet data. 1391 */ 1392 hdrlen += crypt_len; 1393 1394 if (unlikely(headlen < hdrlen)) 1395 return -EINVAL; 1396 1397 /* Since data doesn't move data while putting data on skb and that is 1398 * the only way we use, data + len is the next place that hdr would 1399 * be put 1400 */ 1401 skb_set_mac_header(skb, skb->len); 1402 skb_put_data(skb, hdr, hdrlen); 1403 skb_put_data(skb, (u8 *)hdr + hdrlen + pad_len, headlen - hdrlen); 1404 1405 if (skb->ip_summed == CHECKSUM_COMPLETE) { 1406 struct { 1407 u8 hdr[6]; 1408 __be16 type; 1409 } __packed *shdr = (void *)((u8 *)hdr + hdrlen + pad_len); 1410 1411 if (unlikely(headlen - hdrlen < sizeof(*shdr) || 1412 !ether_addr_equal(shdr->hdr, rfc1042_header) || 1413 (shdr->type != htons(ETH_P_IP) && 1414 shdr->type != htons(ETH_P_ARP) && 1415 shdr->type != htons(ETH_P_IPV6) && 1416 shdr->type != htons(ETH_P_8021Q) && 1417 shdr->type != htons(ETH_P_PAE) && 1418 shdr->type != htons(ETH_P_TDLS)))) 1419 skb->ip_summed = CHECKSUM_NONE; 1420 } 1421 1422 fraglen = len - headlen; 1423 1424 if (fraglen) { 1425 int offset = (u8 *)hdr + headlen + pad_len - 1426 (u8 *)rxb_addr(rxb) + rxb_offset(rxb); 1427 1428 skb_add_rx_frag(skb, 0, rxb_steal_page(rxb), offset, 1429 fraglen, rxb->truesize); 1430 } 1431 1432 return 0; 1433 } 1434 1435 /* returns true if a packet is a duplicate or invalid tid and 1436 * should be dropped. Updates AMSDU PN tracking info 1437 */ 1438 VISIBLE_IF_IWLWIFI_KUNIT 1439 bool 1440 iwl_mld_is_dup(struct iwl_mld *mld, struct ieee80211_sta *sta, 1441 struct ieee80211_hdr *hdr, 1442 const struct iwl_rx_mpdu_desc *mpdu_desc, 1443 struct ieee80211_rx_status *rx_status, int queue) 1444 { 1445 struct iwl_mld_sta *mld_sta; 1446 struct iwl_mld_rxq_dup_data *dup_data; 1447 u8 tid, sub_frame_idx; 1448 1449 if (WARN_ON(!sta)) 1450 return false; 1451 1452 mld_sta = iwl_mld_sta_from_mac80211(sta); 1453 1454 if (WARN_ON_ONCE(!mld_sta->dup_data)) 1455 return false; 1456 1457 dup_data = &mld_sta->dup_data[queue]; 1458 1459 /* Drop duplicate 802.11 retransmissions 1460 * (IEEE 802.11-2020: 10.3.2.14 "Duplicate detection and recovery") 1461 */ 1462 if (ieee80211_is_ctl(hdr->frame_control) || 1463 ieee80211_is_any_nullfunc(hdr->frame_control) || 1464 is_multicast_ether_addr(hdr->addr1)) 1465 return false; 1466 1467 if (ieee80211_is_data_qos(hdr->frame_control)) { 1468 /* frame has qos control */ 1469 tid = ieee80211_get_tid(hdr); 1470 if (tid >= IWL_MAX_TID_COUNT) 1471 return true; 1472 } else { 1473 tid = IWL_MAX_TID_COUNT; 1474 } 1475 1476 /* If this wasn't a part of an A-MSDU the sub-frame index will be 0 */ 1477 sub_frame_idx = mpdu_desc->amsdu_info & 1478 IWL_RX_MPDU_AMSDU_SUBFRAME_IDX_MASK; 1479 1480 if (IWL_FW_CHECK(mld, 1481 sub_frame_idx > 0 && 1482 !(mpdu_desc->mac_flags2 & IWL_RX_MPDU_MFLG2_AMSDU), 1483 "got sub_frame_idx=%d but A-MSDU flag is not set\n", 1484 sub_frame_idx)) 1485 return true; 1486 1487 if (unlikely(ieee80211_has_retry(hdr->frame_control) && 1488 dup_data->last_seq[tid] == hdr->seq_ctrl && 1489 dup_data->last_sub_frame_idx[tid] >= sub_frame_idx)) 1490 return true; 1491 1492 /* Allow same PN as the first subframe for following sub frames */ 1493 if (dup_data->last_seq[tid] == hdr->seq_ctrl && 1494 sub_frame_idx > dup_data->last_sub_frame_idx[tid]) 1495 rx_status->flag |= RX_FLAG_ALLOW_SAME_PN; 1496 1497 dup_data->last_seq[tid] = hdr->seq_ctrl; 1498 dup_data->last_sub_frame_idx[tid] = sub_frame_idx; 1499 1500 rx_status->flag |= RX_FLAG_DUP_VALIDATED; 1501 1502 return false; 1503 } 1504 EXPORT_SYMBOL_IF_IWLWIFI_KUNIT(iwl_mld_is_dup); 1505 1506 static void iwl_mld_update_last_rx_timestamp(struct iwl_mld *mld, u8 baid) 1507 { 1508 unsigned long now = jiffies; 1509 unsigned long timeout; 1510 struct iwl_mld_baid_data *ba_data; 1511 1512 ba_data = rcu_dereference(mld->fw_id_to_ba[baid]); 1513 if (!ba_data) { 1514 IWL_DEBUG_HT(mld, "BAID %d not found in map\n", baid); 1515 return; 1516 } 1517 1518 if (!ba_data->timeout) 1519 return; 1520 1521 /* To minimize cache bouncing between RX queues, avoid frequent updates 1522 * to last_rx_timestamp. update it only when the timeout period has 1523 * passed. The worst-case scenario is the session expiring after 1524 * approximately 2 * timeout, which is negligible (the update is 1525 * atomic). 1526 */ 1527 timeout = TU_TO_JIFFIES(ba_data->timeout); 1528 if (time_is_before_jiffies(ba_data->last_rx_timestamp + timeout)) 1529 ba_data->last_rx_timestamp = now; 1530 } 1531 1532 /* Processes received packets for a station. 1533 * Sets *drop to true if the packet should be dropped. 1534 * Returns the station if found, or NULL otherwise. 1535 */ 1536 static struct ieee80211_sta * 1537 iwl_mld_rx_with_sta(struct iwl_mld *mld, struct ieee80211_hdr *hdr, 1538 struct sk_buff *skb, 1539 const struct iwl_rx_mpdu_desc *mpdu_desc, 1540 const struct iwl_rx_packet *pkt, int queue, bool *drop) 1541 { 1542 struct ieee80211_sta *sta = NULL; 1543 struct ieee80211_link_sta *link_sta = NULL; 1544 struct ieee80211_rx_status *rx_status; 1545 u8 baid; 1546 1547 if (mpdu_desc->status & cpu_to_le32(IWL_RX_MPDU_STATUS_SRC_STA_FOUND)) { 1548 u8 sta_id = le32_get_bits(mpdu_desc->status, 1549 IWL_RX_MPDU_STATUS_STA_ID); 1550 1551 if (IWL_FW_CHECK(mld, 1552 sta_id >= mld->fw->ucode_capa.num_stations, 1553 "rx_mpdu: invalid sta_id %d\n", sta_id)) 1554 return NULL; 1555 1556 link_sta = rcu_dereference(mld->fw_id_to_link_sta[sta_id]); 1557 if (!IS_ERR_OR_NULL(link_sta)) 1558 sta = link_sta->sta; 1559 } else if (!is_multicast_ether_addr(hdr->addr2)) { 1560 /* Passing NULL is fine since we prevent two stations with the 1561 * same address from being added. 1562 */ 1563 sta = ieee80211_find_sta_by_ifaddr(mld->hw, hdr->addr2, NULL); 1564 } 1565 1566 /* we may not have any station yet */ 1567 if (!sta) 1568 return NULL; 1569 1570 rx_status = IEEE80211_SKB_RXCB(skb); 1571 1572 if (link_sta && sta->valid_links) { 1573 rx_status->link_valid = true; 1574 rx_status->link_id = link_sta->link_id; 1575 } 1576 1577 /* fill checksum */ 1578 if (ieee80211_is_data(hdr->frame_control) && 1579 pkt->len_n_flags & cpu_to_le32(FH_RSCSR_RPA_EN)) { 1580 u16 hwsum = be16_to_cpu(mpdu_desc->v3.raw_xsum); 1581 1582 skb->ip_summed = CHECKSUM_COMPLETE; 1583 skb->csum = csum_unfold(~(__force __sum16)hwsum); 1584 } 1585 1586 if (iwl_mld_is_dup(mld, sta, hdr, mpdu_desc, rx_status, queue)) { 1587 IWL_DEBUG_DROP(mld, "Dropping duplicate packet 0x%x\n", 1588 le16_to_cpu(hdr->seq_ctrl)); 1589 *drop = true; 1590 return NULL; 1591 } 1592 1593 baid = le32_get_bits(mpdu_desc->reorder_data, 1594 IWL_RX_MPDU_REORDER_BAID_MASK); 1595 if (baid != IWL_RX_REORDER_DATA_INVALID_BAID) 1596 iwl_mld_update_last_rx_timestamp(mld, baid); 1597 1598 if (link_sta && ieee80211_is_data(hdr->frame_control)) { 1599 u8 sub_frame_idx = mpdu_desc->amsdu_info & 1600 IWL_RX_MPDU_AMSDU_SUBFRAME_IDX_MASK; 1601 1602 /* 0 means not an A-MSDU, and 1 means a new A-MSDU */ 1603 if (!sub_frame_idx || sub_frame_idx == 1) 1604 iwl_mld_count_mpdu_rx(link_sta, queue, 1); 1605 1606 if (!is_multicast_ether_addr(hdr->addr1)) 1607 iwl_mld_low_latency_update_counters(mld, hdr, sta, 1608 queue); 1609 } 1610 1611 return sta; 1612 } 1613 1614 #define KEY_IDX_LEN 2 1615 1616 static int iwl_mld_rx_mgmt_prot(struct ieee80211_sta *sta, 1617 struct ieee80211_hdr *hdr, 1618 struct ieee80211_rx_status *rx_status, 1619 u32 mpdu_status, 1620 u32 mpdu_len) 1621 { 1622 struct wireless_dev *wdev; 1623 struct iwl_mld_sta *mld_sta; 1624 struct iwl_mld_vif *mld_vif; 1625 u8 keyidx; 1626 struct ieee80211_key_conf *key; 1627 const u8 *frame = (void *)hdr; 1628 1629 if ((mpdu_status & IWL_RX_MPDU_STATUS_SEC_MASK) == 1630 IWL_RX_MPDU_STATUS_SEC_NONE) 1631 return 0; 1632 1633 /* For non-beacon, we don't really care. But beacons may 1634 * be filtered out, and we thus need the firmware's replay 1635 * detection, otherwise beacons the firmware previously 1636 * filtered could be replayed, or something like that, and 1637 * it can filter a lot - though usually only if nothing has 1638 * changed. 1639 */ 1640 if (!ieee80211_is_beacon(hdr->frame_control)) 1641 return 0; 1642 1643 if (!sta) 1644 return -1; 1645 1646 mld_sta = iwl_mld_sta_from_mac80211(sta); 1647 mld_vif = iwl_mld_vif_from_mac80211(mld_sta->vif); 1648 1649 /* key mismatch - will also report !MIC_OK but we shouldn't count it */ 1650 if (!(mpdu_status & IWL_RX_MPDU_STATUS_KEY_VALID)) 1651 goto report; 1652 1653 /* good cases */ 1654 if (likely(mpdu_status & IWL_RX_MPDU_STATUS_MIC_OK && 1655 !(mpdu_status & IWL_RX_MPDU_STATUS_REPLAY_ERROR))) { 1656 rx_status->flag |= RX_FLAG_DECRYPTED; 1657 return 0; 1658 } 1659 1660 /* both keys will have the same cipher and MIC length, use 1661 * whichever one is available 1662 */ 1663 key = rcu_dereference(mld_vif->bigtks[0]); 1664 if (!key) { 1665 key = rcu_dereference(mld_vif->bigtks[1]); 1666 if (!key) 1667 goto report; 1668 } 1669 1670 if (mpdu_len < key->icv_len + IEEE80211_GMAC_PN_LEN + KEY_IDX_LEN) 1671 goto report; 1672 1673 /* get the real key ID */ 1674 keyidx = frame[mpdu_len - key->icv_len - IEEE80211_GMAC_PN_LEN - KEY_IDX_LEN]; 1675 /* and if that's the other key, look it up */ 1676 if (keyidx != key->keyidx) { 1677 /* shouldn't happen since firmware checked, but be safe 1678 * in case the MIC length is wrong too, for example 1679 */ 1680 if (keyidx != 6 && keyidx != 7) 1681 return -1; 1682 1683 key = rcu_dereference(mld_vif->bigtks[keyidx - 6]); 1684 if (!key) 1685 goto report; 1686 } 1687 1688 /* Report status to mac80211 */ 1689 if (!(mpdu_status & IWL_RX_MPDU_STATUS_MIC_OK)) 1690 ieee80211_key_mic_failure(key); 1691 else if (mpdu_status & IWL_RX_MPDU_STATUS_REPLAY_ERROR) 1692 ieee80211_key_replay(key); 1693 report: 1694 wdev = ieee80211_vif_to_wdev(mld_sta->vif); 1695 if (wdev->netdev) 1696 cfg80211_rx_unprot_mlme_mgmt(wdev->netdev, (void *)hdr, 1697 mpdu_len); 1698 1699 return -1; 1700 } 1701 1702 static int iwl_mld_rx_crypto(struct iwl_mld *mld, 1703 struct ieee80211_sta *sta, 1704 struct ieee80211_hdr *hdr, 1705 struct ieee80211_rx_status *rx_status, 1706 struct iwl_rx_mpdu_desc *desc, int queue, 1707 u32 pkt_flags, u8 *crypto_len) 1708 { 1709 u32 status = le32_to_cpu(desc->status); 1710 1711 if (unlikely(ieee80211_is_mgmt(hdr->frame_control) && 1712 !ieee80211_has_protected(hdr->frame_control))) 1713 return iwl_mld_rx_mgmt_prot(sta, hdr, rx_status, status, 1714 le16_to_cpu(desc->mpdu_len)); 1715 1716 if (!ieee80211_has_protected(hdr->frame_control) || 1717 (status & IWL_RX_MPDU_STATUS_SEC_MASK) == 1718 IWL_RX_MPDU_STATUS_SEC_NONE) 1719 return 0; 1720 1721 switch (status & IWL_RX_MPDU_STATUS_SEC_MASK) { 1722 case IWL_RX_MPDU_STATUS_SEC_CCM: 1723 case IWL_RX_MPDU_STATUS_SEC_GCM: 1724 BUILD_BUG_ON(IEEE80211_CCMP_PN_LEN != IEEE80211_GCMP_PN_LEN); 1725 if (!(status & IWL_RX_MPDU_STATUS_MIC_OK)) { 1726 IWL_DEBUG_DROP(mld, 1727 "Dropping packet, bad MIC (CCM/GCM)\n"); 1728 return -1; 1729 } 1730 1731 rx_status->flag |= RX_FLAG_DECRYPTED | RX_FLAG_MIC_STRIPPED; 1732 *crypto_len = IEEE80211_CCMP_HDR_LEN; 1733 return 0; 1734 case IWL_RX_MPDU_STATUS_SEC_TKIP: 1735 if (!(status & IWL_RX_MPDU_STATUS_ICV_OK)) 1736 return -1; 1737 1738 if (!(status & RX_MPDU_RES_STATUS_MIC_OK)) 1739 rx_status->flag |= RX_FLAG_MMIC_ERROR; 1740 1741 if (pkt_flags & FH_RSCSR_RADA_EN) { 1742 rx_status->flag |= RX_FLAG_ICV_STRIPPED; 1743 rx_status->flag |= RX_FLAG_MMIC_STRIPPED; 1744 } 1745 1746 *crypto_len = IEEE80211_TKIP_IV_LEN; 1747 rx_status->flag |= RX_FLAG_DECRYPTED; 1748 return 0; 1749 default: 1750 break; 1751 } 1752 1753 return 0; 1754 } 1755 1756 static void iwl_mld_rx_update_ampdu_ref(struct iwl_mld *mld, 1757 struct iwl_mld_rx_phy_data *phy_data, 1758 struct ieee80211_rx_status *rx_status) 1759 { 1760 bool toggle_bit = 1761 phy_data->phy_info & IWL_RX_MPDU_PHY_AMPDU_TOGGLE; 1762 1763 rx_status->flag |= RX_FLAG_AMPDU_DETAILS; 1764 /* Toggle is switched whenever new aggregation starts. Make 1765 * sure ampdu_reference is never 0 so we can later use it to 1766 * see if the frame was really part of an A-MPDU or not. 1767 */ 1768 if (toggle_bit != mld->monitor.ampdu_toggle) { 1769 mld->monitor.ampdu_ref++; 1770 if (mld->monitor.ampdu_ref == 0) 1771 mld->monitor.ampdu_ref++; 1772 mld->monitor.ampdu_toggle = toggle_bit; 1773 phy_data->first_subframe = true; 1774 } 1775 rx_status->ampdu_reference = mld->monitor.ampdu_ref; 1776 } 1777 1778 static void 1779 iwl_mld_fill_rx_status_band_freq(struct ieee80211_rx_status *rx_status, 1780 u8 band, u8 channel) 1781 { 1782 rx_status->band = iwl_mld_phy_band_to_nl80211(band); 1783 rx_status->freq = ieee80211_channel_to_frequency(channel, 1784 rx_status->band); 1785 } 1786 1787 void iwl_mld_rx_mpdu(struct iwl_mld *mld, struct napi_struct *napi, 1788 struct iwl_rx_cmd_buffer *rxb, int queue) 1789 { 1790 struct iwl_rx_packet *pkt = rxb_addr(rxb); 1791 struct iwl_mld_rx_phy_data phy_data = {}; 1792 struct iwl_rx_mpdu_desc *mpdu_desc = (void *)pkt->data; 1793 struct ieee80211_sta *sta; 1794 struct ieee80211_hdr *hdr; 1795 struct sk_buff *skb; 1796 size_t mpdu_desc_size = sizeof(*mpdu_desc); 1797 bool drop = false; 1798 u8 crypto_len = 0, band, link_id; 1799 u32 pkt_len = iwl_rx_packet_payload_len(pkt); 1800 u32 mpdu_len; 1801 enum iwl_mld_reorder_result reorder_res; 1802 struct ieee80211_rx_status *rx_status; 1803 1804 if (unlikely(mld->fw_status.in_hw_restart)) 1805 return; 1806 1807 if (IWL_FW_CHECK(mld, pkt_len < mpdu_desc_size, 1808 "Bad REPLY_RX_MPDU_CMD size (%d)\n", pkt_len)) 1809 return; 1810 1811 mpdu_len = le16_to_cpu(mpdu_desc->mpdu_len); 1812 1813 if (IWL_FW_CHECK(mld, mpdu_len + mpdu_desc_size > pkt_len, 1814 "FW lied about packet len (%d)\n", pkt_len)) 1815 return; 1816 1817 /* Don't use dev_alloc_skb(), we'll have enough headroom once 1818 * ieee80211_hdr pulled. 1819 */ 1820 skb = alloc_skb(128, GFP_ATOMIC); 1821 if (!skb) { 1822 IWL_ERR(mld, "alloc_skb failed\n"); 1823 return; 1824 } 1825 1826 hdr = (void *)(pkt->data + mpdu_desc_size); 1827 1828 iwl_mld_fill_phy_data(mld, mpdu_desc, &phy_data); 1829 1830 if (mpdu_desc->mac_flags2 & IWL_RX_MPDU_MFLG2_PAD) { 1831 /* If the device inserted padding it means that (it thought) 1832 * the 802.11 header wasn't a multiple of 4 bytes long. In 1833 * this case, reserve two bytes at the start of the SKB to 1834 * align the payload properly in case we end up copying it. 1835 */ 1836 skb_reserve(skb, 2); 1837 } 1838 1839 rx_status = IEEE80211_SKB_RXCB(skb); 1840 1841 /* this is needed early */ 1842 band = u8_get_bits(mpdu_desc->mac_phy_band, 1843 IWL_RX_MPDU_MAC_PHY_BAND_BAND_MASK); 1844 iwl_mld_fill_rx_status_band_freq(rx_status, band, 1845 mpdu_desc->v3.channel); 1846 1847 1848 rcu_read_lock(); 1849 1850 sta = iwl_mld_rx_with_sta(mld, hdr, skb, mpdu_desc, pkt, queue, &drop); 1851 if (drop) 1852 goto drop; 1853 1854 /* update aggregation data for monitor sake on default queue */ 1855 if (!queue && (phy_data.phy_info & IWL_RX_MPDU_PHY_AMPDU)) 1856 iwl_mld_rx_update_ampdu_ref(mld, &phy_data, rx_status); 1857 1858 /* Keep packets with CRC errors (and with overrun) for monitor mode 1859 * (otherwise the firmware discards them) but mark them as bad. 1860 */ 1861 if (!(mpdu_desc->status & cpu_to_le32(IWL_RX_MPDU_STATUS_CRC_OK)) || 1862 !(mpdu_desc->status & cpu_to_le32(IWL_RX_MPDU_STATUS_OVERRUN_OK))) { 1863 IWL_DEBUG_RX(mld, "Bad CRC or FIFO: 0x%08X.\n", 1864 le32_to_cpu(mpdu_desc->status)); 1865 rx_status->flag |= RX_FLAG_FAILED_FCS_CRC; 1866 } 1867 1868 if (likely(!(phy_data.phy_info & IWL_RX_MPDU_PHY_TSF_OVERLOAD))) { 1869 rx_status->mactime = 1870 le64_to_cpu(mpdu_desc->v3.tsf_on_air_rise); 1871 1872 /* TSF as indicated by the firmware is at INA time */ 1873 rx_status->flag |= RX_FLAG_MACTIME_PLCP_START; 1874 } 1875 1876 /* management stuff on default queue */ 1877 if (!queue && unlikely(ieee80211_is_beacon(hdr->frame_control) || 1878 ieee80211_is_probe_resp(hdr->frame_control))) { 1879 rx_status->boottime_ns = ktime_get_boottime_ns(); 1880 1881 if (mld->scan.pass_all_sched_res == 1882 SCHED_SCAN_PASS_ALL_STATE_ENABLED) 1883 mld->scan.pass_all_sched_res = 1884 SCHED_SCAN_PASS_ALL_STATE_FOUND; 1885 } 1886 1887 link_id = u8_get_bits(mpdu_desc->mac_phy_band, 1888 IWL_RX_MPDU_MAC_PHY_BAND_LINK_MASK); 1889 1890 iwl_mld_rx_fill_status(mld, link_id, hdr, skb, &phy_data, queue); 1891 1892 if (iwl_mld_rx_crypto(mld, sta, hdr, rx_status, mpdu_desc, queue, 1893 le32_to_cpu(pkt->len_n_flags), &crypto_len)) 1894 goto drop; 1895 1896 if (iwl_mld_build_rx_skb(mld, skb, hdr, mpdu_len, crypto_len, rxb)) 1897 goto drop; 1898 1899 /* time sync frame is saved and will be released later when the 1900 * notification with the timestamps arrives. 1901 */ 1902 if (iwl_mld_time_sync_frame(mld, skb, hdr->addr2)) 1903 goto out; 1904 1905 reorder_res = iwl_mld_reorder(mld, napi, queue, sta, skb, mpdu_desc); 1906 switch (reorder_res) { 1907 case IWL_MLD_PASS_SKB: 1908 break; 1909 case IWL_MLD_DROP_SKB: 1910 goto drop; 1911 case IWL_MLD_BUFFERED_SKB: 1912 goto out; 1913 default: 1914 WARN_ON(1); 1915 goto drop; 1916 } 1917 1918 iwl_mld_pass_packet_to_mac80211(mld, napi, skb, queue, sta); 1919 1920 goto out; 1921 1922 drop: 1923 kfree_skb(skb); 1924 out: 1925 rcu_read_unlock(); 1926 } 1927 1928 #define SYNC_RX_QUEUE_TIMEOUT (HZ) 1929 void iwl_mld_sync_rx_queues(struct iwl_mld *mld, 1930 enum iwl_mld_internal_rxq_notif_type type, 1931 const void *notif_payload, u32 notif_payload_size) 1932 { 1933 u8 num_rx_queues = mld->trans->info.num_rxqs; 1934 struct { 1935 struct iwl_rxq_sync_cmd sync_cmd; 1936 struct iwl_mld_internal_rxq_notif notif; 1937 } __packed cmd = { 1938 .sync_cmd.rxq_mask = cpu_to_le32(BIT(num_rx_queues) - 1), 1939 .sync_cmd.count = 1940 cpu_to_le32(sizeof(struct iwl_mld_internal_rxq_notif) + 1941 notif_payload_size), 1942 .notif.type = type, 1943 .notif.cookie = mld->rxq_sync.cookie, 1944 }; 1945 struct iwl_host_cmd hcmd = { 1946 .id = WIDE_ID(DATA_PATH_GROUP, TRIGGER_RX_QUEUES_NOTIF_CMD), 1947 .data[0] = &cmd, 1948 .len[0] = sizeof(cmd), 1949 .data[1] = notif_payload, 1950 .len[1] = notif_payload_size, 1951 }; 1952 int ret; 1953 1954 /* size must be a multiple of DWORD */ 1955 if (WARN_ON(cmd.sync_cmd.count & cpu_to_le32(3))) 1956 return; 1957 1958 mld->rxq_sync.state = (1 << num_rx_queues) - 1; 1959 1960 ret = iwl_mld_send_cmd(mld, &hcmd); 1961 if (ret) { 1962 IWL_ERR(mld, "Failed to trigger RX queues sync (%d)\n", ret); 1963 goto out; 1964 } 1965 1966 ret = wait_event_timeout(mld->rxq_sync.waitq, 1967 READ_ONCE(mld->rxq_sync.state) == 0, 1968 SYNC_RX_QUEUE_TIMEOUT); 1969 WARN_ONCE(!ret, "RXQ sync failed: state=0x%lx, cookie=%d\n", 1970 mld->rxq_sync.state, mld->rxq_sync.cookie); 1971 1972 out: 1973 mld->rxq_sync.state = 0; 1974 mld->rxq_sync.cookie++; 1975 } 1976 1977 void iwl_mld_handle_rx_queues_sync_notif(struct iwl_mld *mld, 1978 struct napi_struct *napi, 1979 struct iwl_rx_packet *pkt, int queue) 1980 { 1981 struct iwl_rxq_sync_notification *notif; 1982 struct iwl_mld_internal_rxq_notif *internal_notif; 1983 u32 len = iwl_rx_packet_payload_len(pkt); 1984 size_t combined_notif_len = sizeof(*notif) + sizeof(*internal_notif); 1985 1986 notif = (void *)pkt->data; 1987 internal_notif = (void *)notif->payload; 1988 1989 if (IWL_FW_CHECK(mld, len < combined_notif_len, 1990 "invalid notification size %u (%zu)\n", 1991 len, combined_notif_len)) 1992 return; 1993 1994 len -= combined_notif_len; 1995 1996 if (IWL_FW_CHECK(mld, mld->rxq_sync.cookie != internal_notif->cookie, 1997 "received expired RX queue sync message (cookie=%d expected=%d q[%d])\n", 1998 internal_notif->cookie, mld->rxq_sync.cookie, queue)) 1999 return; 2000 2001 switch (internal_notif->type) { 2002 case IWL_MLD_RXQ_EMPTY: 2003 IWL_FW_CHECK(mld, len, 2004 "invalid empty notification size %d\n", len); 2005 break; 2006 case IWL_MLD_RXQ_NOTIF_DEL_BA: 2007 if (IWL_FW_CHECK(mld, len != sizeof(struct iwl_mld_delba_data), 2008 "invalid delba notification size %u (%zu)\n", 2009 len, sizeof(struct iwl_mld_delba_data))) 2010 break; 2011 iwl_mld_del_ba(mld, queue, (void *)internal_notif->payload); 2012 break; 2013 default: 2014 WARN_ON_ONCE(1); 2015 } 2016 2017 IWL_FW_CHECK(mld, !test_and_clear_bit(queue, &mld->rxq_sync.state), 2018 "RXQ sync: queue %d responded a second time!\n", queue); 2019 2020 if (READ_ONCE(mld->rxq_sync.state) == 0) 2021 wake_up(&mld->rxq_sync.waitq); 2022 } 2023 2024 void iwl_mld_rx_monitor_no_data(struct iwl_mld *mld, struct napi_struct *napi, 2025 struct iwl_rx_packet *pkt, int queue) 2026 { 2027 struct iwl_rx_no_data_ver_3 *desc; 2028 struct iwl_mld_rx_phy_data phy_data; 2029 struct ieee80211_rx_status *rx_status; 2030 struct sk_buff *skb; 2031 u32 format, rssi; 2032 u8 channel; 2033 2034 if (unlikely(mld->fw_status.in_hw_restart)) 2035 return; 2036 2037 if (IWL_FW_CHECK(mld, iwl_rx_packet_payload_len(pkt) < sizeof(*desc), 2038 "Bad RX_NO_DATA_NOTIF size (%d)\n", 2039 iwl_rx_packet_payload_len(pkt))) 2040 return; 2041 2042 desc = (void *)pkt->data; 2043 2044 rssi = le32_to_cpu(desc->rssi); 2045 channel = u32_get_bits(rssi, RX_NO_DATA_CHANNEL_MSK); 2046 2047 phy_data.energy_a = u32_get_bits(rssi, RX_NO_DATA_CHAIN_A_MSK); 2048 phy_data.energy_b = u32_get_bits(rssi, RX_NO_DATA_CHAIN_B_MSK); 2049 phy_data.data0 = desc->phy_info[0]; 2050 phy_data.data1 = desc->phy_info[1]; 2051 phy_data.phy_info = IWL_RX_MPDU_PHY_TSF_OVERLOAD; 2052 phy_data.gp2_on_air_rise = le32_to_cpu(desc->on_air_rise_time); 2053 phy_data.rate_n_flags = iwl_v3_rate_from_v2_v3(desc->rate, 2054 mld->fw_rates_ver_3); 2055 phy_data.with_data = false; 2056 2057 BUILD_BUG_ON(sizeof(phy_data.rx_vec) != sizeof(desc->rx_vec)); 2058 memcpy(phy_data.rx_vec, desc->rx_vec, sizeof(phy_data.rx_vec)); 2059 2060 format = phy_data.rate_n_flags & RATE_MCS_MOD_TYPE_MSK; 2061 2062 /* Don't use dev_alloc_skb(), we'll have enough headroom once 2063 * ieee80211_hdr pulled. 2064 */ 2065 skb = alloc_skb(128, GFP_ATOMIC); 2066 if (!skb) { 2067 IWL_ERR(mld, "alloc_skb failed\n"); 2068 return; 2069 } 2070 2071 rx_status = IEEE80211_SKB_RXCB(skb); 2072 2073 /* 0-length PSDU */ 2074 rx_status->flag |= RX_FLAG_NO_PSDU; 2075 2076 /* mark as failed PLCP on any errors to skip checks in mac80211 */ 2077 if (le32_get_bits(desc->info, RX_NO_DATA_INFO_ERR_MSK) != 2078 RX_NO_DATA_INFO_ERR_NONE) 2079 rx_status->flag |= RX_FLAG_FAILED_PLCP_CRC; 2080 2081 switch (le32_get_bits(desc->info, RX_NO_DATA_INFO_TYPE_MSK)) { 2082 case RX_NO_DATA_INFO_TYPE_NDP: 2083 rx_status->zero_length_psdu_type = 2084 IEEE80211_RADIOTAP_ZERO_LEN_PSDU_SOUNDING; 2085 break; 2086 case RX_NO_DATA_INFO_TYPE_MU_UNMATCHED: 2087 case RX_NO_DATA_INFO_TYPE_TB_UNMATCHED: 2088 rx_status->zero_length_psdu_type = 2089 IEEE80211_RADIOTAP_ZERO_LEN_PSDU_NOT_CAPTURED; 2090 break; 2091 default: 2092 rx_status->zero_length_psdu_type = 2093 IEEE80211_RADIOTAP_ZERO_LEN_PSDU_VENDOR; 2094 break; 2095 } 2096 2097 rx_status->band = channel > 14 ? NL80211_BAND_5GHZ : 2098 NL80211_BAND_2GHZ; 2099 2100 rx_status->freq = ieee80211_channel_to_frequency(channel, 2101 rx_status->band); 2102 2103 /* link ID is ignored for NULL header */ 2104 iwl_mld_rx_fill_status(mld, -1, NULL, skb, &phy_data, queue); 2105 2106 /* No more radiotap info should be added after this point. 2107 * Mark it as mac header for upper layers to know where 2108 * the radiotap header ends. 2109 */ 2110 skb_set_mac_header(skb, skb->len); 2111 2112 /* Override the nss from the rx_vec since the rate_n_flags has 2113 * only 1 bit for the nss which gives a max of 2 ss but there 2114 * may be up to 8 spatial streams. 2115 */ 2116 switch (format) { 2117 case RATE_MCS_MOD_TYPE_VHT: 2118 rx_status->nss = 2119 le32_get_bits(desc->rx_vec[0], 2120 RX_NO_DATA_RX_VEC0_VHT_NSTS_MSK) + 1; 2121 break; 2122 case RATE_MCS_MOD_TYPE_HE: 2123 rx_status->nss = 2124 le32_get_bits(desc->rx_vec[0], 2125 RX_NO_DATA_RX_VEC0_HE_NSTS_MSK) + 1; 2126 break; 2127 case RATE_MCS_MOD_TYPE_EHT: 2128 rx_status->nss = 2129 le32_get_bits(desc->rx_vec[2], 2130 RX_NO_DATA_RX_VEC2_EHT_NSTS_MSK) + 1; 2131 } 2132 2133 /* pass the packet to mac80211 */ 2134 rcu_read_lock(); 2135 ieee80211_rx_napi(mld->hw, NULL, skb, napi); 2136 rcu_read_unlock(); 2137 } 2138