1 // SPDX-License-Identifier: GPL-2.0 OR BSD-3-Clause 2 /* 3 * Copyright (C) 2024-2025 Intel Corporation 4 */ 5 6 #include <net/mac80211.h> 7 #include <kunit/static_stub.h> 8 9 #include "mld.h" 10 #include "sta.h" 11 #include "agg.h" 12 #include "rx.h" 13 #include "hcmd.h" 14 #include "iface.h" 15 #include "time_sync.h" 16 #include "fw/dbg.h" 17 #include "fw/api/rx.h" 18 19 /* stores relevant PHY data fields extracted from iwl_rx_mpdu_desc */ 20 struct iwl_mld_rx_phy_data { 21 struct iwl_rx_phy_air_sniffer_ntfy *ntfy; 22 bool first_subframe; 23 bool with_data; 24 u32 rate_n_flags; 25 u32 gp2_on_air_rise; 26 /* phy_info is only valid when we have a frame, i.e. with_data=true */ 27 u16 phy_info; 28 u8 energy_a, energy_b; 29 }; 30 31 static void 32 iwl_mld_fill_phy_data_from_mpdu(struct iwl_mld *mld, 33 struct iwl_rx_mpdu_desc *desc, 34 struct iwl_mld_rx_phy_data *phy_data) 35 { 36 if (unlikely(mld->monitor.phy.valid)) { 37 mld->monitor.phy.used = true; 38 phy_data->ntfy = &mld->monitor.phy.data; 39 } 40 41 phy_data->phy_info = le16_to_cpu(desc->phy_info); 42 phy_data->rate_n_flags = iwl_v3_rate_from_v2_v3(desc->v3.rate_n_flags, 43 mld->fw_rates_ver_3); 44 phy_data->gp2_on_air_rise = le32_to_cpu(desc->v3.gp2_on_air_rise); 45 phy_data->energy_a = desc->v3.energy_a; 46 phy_data->energy_b = desc->v3.energy_b; 47 phy_data->with_data = true; 48 } 49 50 static inline int iwl_mld_check_pn(struct iwl_mld *mld, struct sk_buff *skb, 51 int queue, struct ieee80211_sta *sta) 52 { 53 struct ieee80211_hdr *hdr = (void *)skb_mac_header(skb); 54 struct ieee80211_rx_status *stats = IEEE80211_SKB_RXCB(skb); 55 struct iwl_mld_sta *mld_sta; 56 struct iwl_mld_ptk_pn *ptk_pn; 57 int res; 58 u8 tid, keyidx; 59 u8 pn[IEEE80211_CCMP_PN_LEN]; 60 u8 *extiv; 61 62 /* multicast and non-data only arrives on default queue; avoid checking 63 * for default queue - we don't want to replicate all the logic that's 64 * necessary for checking the PN on fragmented frames, leave that 65 * to mac80211 66 */ 67 if (queue == 0 || !ieee80211_is_data(hdr->frame_control) || 68 is_multicast_ether_addr(hdr->addr1)) 69 return 0; 70 71 if (!(stats->flag & RX_FLAG_DECRYPTED)) 72 return 0; 73 74 /* if we are here - this for sure is either CCMP or GCMP */ 75 if (!sta) { 76 IWL_DEBUG_DROP(mld, 77 "expected hw-decrypted unicast frame for station\n"); 78 return -1; 79 } 80 81 mld_sta = iwl_mld_sta_from_mac80211(sta); 82 83 extiv = (u8 *)hdr + ieee80211_hdrlen(hdr->frame_control); 84 keyidx = extiv[3] >> 6; 85 86 ptk_pn = rcu_dereference(mld_sta->ptk_pn[keyidx]); 87 if (!ptk_pn) 88 return -1; 89 90 if (ieee80211_is_data_qos(hdr->frame_control)) 91 tid = ieee80211_get_tid(hdr); 92 else 93 tid = 0; 94 95 /* we don't use HCCA/802.11 QoS TSPECs, so drop such frames */ 96 if (tid >= IWL_MAX_TID_COUNT) 97 return -1; 98 99 /* load pn */ 100 pn[0] = extiv[7]; 101 pn[1] = extiv[6]; 102 pn[2] = extiv[5]; 103 pn[3] = extiv[4]; 104 pn[4] = extiv[1]; 105 pn[5] = extiv[0]; 106 107 res = memcmp(pn, ptk_pn->q[queue].pn[tid], IEEE80211_CCMP_PN_LEN); 108 if (res < 0) 109 return -1; 110 if (!res && !(stats->flag & RX_FLAG_ALLOW_SAME_PN)) 111 return -1; 112 113 memcpy(ptk_pn->q[queue].pn[tid], pn, IEEE80211_CCMP_PN_LEN); 114 stats->flag |= RX_FLAG_PN_VALIDATED; 115 116 return 0; 117 } 118 119 /* iwl_mld_pass_packet_to_mac80211 - passes the packet for mac80211 */ 120 void iwl_mld_pass_packet_to_mac80211(struct iwl_mld *mld, 121 struct napi_struct *napi, 122 struct sk_buff *skb, int queue, 123 struct ieee80211_sta *sta) 124 { 125 KUNIT_STATIC_STUB_REDIRECT(iwl_mld_pass_packet_to_mac80211, 126 mld, napi, skb, queue, sta); 127 128 if (unlikely(iwl_mld_check_pn(mld, skb, queue, sta))) { 129 kfree_skb(skb); 130 return; 131 } 132 133 ieee80211_rx_napi(mld->hw, sta, skb, napi); 134 } 135 EXPORT_SYMBOL_IF_IWLWIFI_KUNIT(iwl_mld_pass_packet_to_mac80211); 136 137 static bool iwl_mld_used_average_energy(struct iwl_mld *mld, int link_id, 138 struct ieee80211_hdr *hdr, 139 struct ieee80211_rx_status *rx_status) 140 { 141 struct ieee80211_bss_conf *link_conf; 142 struct iwl_mld_link *mld_link; 143 144 if (unlikely(!hdr || link_id < 0)) 145 return false; 146 147 if (likely(!ieee80211_is_beacon(hdr->frame_control))) 148 return false; 149 150 /* 151 * if link ID is >= valid ones then that means the RX 152 * was on the AUX link and no correction is needed 153 */ 154 if (link_id >= mld->fw->ucode_capa.num_links) 155 return false; 156 157 /* for the link conf lookup */ 158 guard(rcu)(); 159 160 link_conf = rcu_dereference(mld->fw_id_to_bss_conf[link_id]); 161 if (!link_conf) 162 return false; 163 164 mld_link = iwl_mld_link_from_mac80211(link_conf); 165 if (!mld_link) 166 return false; 167 168 /* 169 * If we know the link by link ID then the frame was 170 * received for the link, so by filtering it means it 171 * was from the AP the link is connected to. 172 */ 173 174 /* skip also in case we don't have it (yet) */ 175 if (!mld_link->average_beacon_energy) 176 return false; 177 178 IWL_DEBUG_STATS(mld, "energy override by average %d\n", 179 mld_link->average_beacon_energy); 180 rx_status->signal = -mld_link->average_beacon_energy; 181 return true; 182 } 183 184 static void iwl_mld_fill_signal(struct iwl_mld *mld, int link_id, 185 struct ieee80211_hdr *hdr, 186 struct ieee80211_rx_status *rx_status, 187 struct iwl_mld_rx_phy_data *phy_data) 188 { 189 u32 rate_n_flags = phy_data->rate_n_flags; 190 int energy_a = phy_data->energy_a; 191 int energy_b = phy_data->energy_b; 192 int max_energy; 193 194 energy_a = energy_a ? -energy_a : S8_MIN; 195 energy_b = energy_b ? -energy_b : S8_MIN; 196 max_energy = max(energy_a, energy_b); 197 198 IWL_DEBUG_STATS(mld, "energy in A %d B %d, and max %d\n", 199 energy_a, energy_b, max_energy); 200 201 if (iwl_mld_used_average_energy(mld, link_id, hdr, rx_status)) 202 return; 203 204 rx_status->signal = max_energy; 205 rx_status->chains = u32_get_bits(rate_n_flags, RATE_MCS_ANT_AB_MSK); 206 rx_status->chain_signal[0] = energy_a; 207 rx_status->chain_signal[1] = energy_b; 208 } 209 210 static void 211 iwl_mld_decode_vht_phy_data(struct iwl_mld_rx_phy_data *phy_data, 212 struct ieee80211_radiotap_vht *vht, 213 struct ieee80211_rx_status *rx_status) 214 { 215 bool stbc; 216 217 vht->known = cpu_to_le16(IEEE80211_RADIOTAP_VHT_KNOWN_BANDWIDTH | 218 IEEE80211_RADIOTAP_VHT_KNOWN_GROUP_ID | 219 IEEE80211_RADIOTAP_VHT_KNOWN_STBC | 220 IEEE80211_RADIOTAP_VHT_KNOWN_GI | 221 IEEE80211_RADIOTAP_VHT_KNOWN_SGI_NSYM_DIS | 222 IEEE80211_RADIOTAP_VHT_KNOWN_LDPC_EXTRA_OFDM_SYM | 223 IEEE80211_RADIOTAP_VHT_KNOWN_BEAMFORMED); 224 225 switch (le32_get_bits(phy_data->ntfy->sigs.vht.a1, 226 OFDM_RX_FRAME_VHT_BANDWIDTH)) { 227 case 0: 228 vht->bandwidth = IEEE80211_RADIOTAP_VHT_BW_20; 229 break; 230 case 1: 231 vht->bandwidth = IEEE80211_RADIOTAP_VHT_BW_40; 232 break; 233 case 2: 234 vht->bandwidth = IEEE80211_RADIOTAP_VHT_BW_80; 235 break; 236 case 3: 237 vht->bandwidth = IEEE80211_RADIOTAP_VHT_BW_160; 238 break; 239 } 240 241 vht->group_id = le32_get_bits(phy_data->ntfy->sigs.vht.a1, 242 OFDM_RX_FRAME_VHT_GRP_ID); 243 244 stbc = le32_get_bits(phy_data->ntfy->sigs.vht.a1, 245 OFDM_RX_FRAME_VHT_STBC); 246 if (stbc) 247 vht->flags |= IEEE80211_RADIOTAP_VHT_FLAG_STBC; 248 249 if (le32_get_bits(phy_data->ntfy->sigs.vht.a2, 250 OFDM_RX_FRAME_VHT_SHORT_GI)) 251 vht->flags |= IEEE80211_RADIOTAP_VHT_FLAG_SGI; 252 253 if (le32_get_bits(phy_data->ntfy->sigs.vht.a2, 254 OFDM_RX_FRAME_VHT_SHORT_GI_AMBIG)) 255 vht->flags |= IEEE80211_RADIOTAP_VHT_FLAG_SGI_NSYM_M10_9; 256 257 if (le32_get_bits(phy_data->ntfy->sigs.vht.a2, 258 OFDM_RX_FRAME_VHT_CODING_EXTRA_SYM)) 259 vht->flags |= IEEE80211_RADIOTAP_VHT_FLAG_LDPC_EXTRA_OFDM_SYM; 260 261 if (vht->group_id != 0 && vht->group_id != 63) { 262 /* MU frame */ 263 int user = le32_get_bits(phy_data->ntfy->sigs.vht.a1, 264 OFDM_RX_FRAME_VHT_MU_MIMO_USER_POSITION); 265 int nsts; 266 267 /* Always beamformed */ 268 vht->flags |= IEEE80211_RADIOTAP_VHT_FLAG_BEAMFORMED; 269 270 /* No MCS information in the a1/a2 data for MU frames */ 271 nsts = le32_get_bits(phy_data->ntfy->sigs.vht.a1, 272 OFDM_RX_FRAME_VHT_STS_USER0); 273 vht->mcs_nss[0] = (stbc ? nsts / 2 : nsts) | 0xf0; 274 275 nsts = le32_get_bits(phy_data->ntfy->sigs.vht.a1, 276 OFDM_RX_FRAME_VHT_MU_STS_USER1); 277 vht->mcs_nss[1] = (stbc ? nsts / 2 : nsts) | 0xf0; 278 279 nsts = le32_get_bits(phy_data->ntfy->sigs.vht.a1, 280 OFDM_RX_FRAME_VHT_MU_STS_USER2); 281 vht->mcs_nss[2] = (stbc ? nsts / 2 : nsts) | 0xf0; 282 283 nsts = le32_get_bits(phy_data->ntfy->sigs.vht.a1, 284 OFDM_RX_FRAME_VHT_MU_STS_USER3); 285 vht->mcs_nss[3] = (stbc ? nsts / 2 : nsts) | 0xf0; 286 287 /* Report current user MCS from rate_n_flags via rx_status */ 288 vht->mcs_nss[user] &= 0x0f; 289 vht->mcs_nss[user] |= rx_status->rate_idx << 4; 290 291 /* Report LDPC for current user */ 292 if (rx_status->enc_flags & RX_ENC_FLAG_LDPC) 293 vht->coding = 0x1 << user; 294 } else { 295 int nsts; 296 297 /* SU frame */ 298 vht->known |= cpu_to_le16(IEEE80211_RADIOTAP_VHT_KNOWN_PARTIAL_AID); 299 300 if (le32_get_bits(phy_data->ntfy->sigs.vht.a2, 301 OFDM_RX_FRAME_VHT_BF_OR_MU_RESERVED)) 302 vht->flags |= IEEE80211_RADIOTAP_VHT_FLAG_BEAMFORMED; 303 304 vht->partial_aid = 305 cpu_to_le16(le32_get_bits(phy_data->ntfy->sigs.vht.a1, 306 OFDM_RX_FRAME_VHT_PARTIAL_AID_OR_MU_STS)); 307 308 nsts = le32_get_bits(phy_data->ntfy->sigs.vht.a1, 309 OFDM_RX_FRAME_VHT_STS) + 1; 310 vht->mcs_nss[0] = 311 (stbc ? nsts / 2 : nsts) | 312 le32_get_bits(phy_data->ntfy->sigs.vht.a2, 313 OFDM_RX_FRAME_VHT_MCS_OR_MU_CODING) << 4; 314 vht->mcs_nss[1] = 0; 315 vht->mcs_nss[2] = 0; 316 vht->mcs_nss[3] = 0; 317 318 if (rx_status->enc_flags & RX_ENC_FLAG_LDPC) 319 vht->coding = 0x1; 320 } 321 } 322 323 static void iwl_mld_rx_vht(struct sk_buff *skb, 324 struct iwl_mld_rx_phy_data *phy_data) 325 { 326 struct ieee80211_rx_status *rx_status = IEEE80211_SKB_RXCB(skb); 327 struct ieee80211_radiotap_vht *vht; 328 329 if (likely(!phy_data->ntfy)) 330 return; 331 332 vht = skb_put_zero(skb, sizeof(*vht)); 333 rx_status->flag |= RX_FLAG_RADIOTAP_VHT; 334 335 iwl_mld_decode_vht_phy_data(phy_data, vht, rx_status); 336 } 337 338 static void 339 iwl_mld_he_set_ru_alloc(struct ieee80211_rx_status *rx_status, 340 struct ieee80211_radiotap_he *he, 341 u8 ru_with_p80) 342 { 343 u8 ru = ru_with_p80 >> 1; 344 u8 p80 = ru_with_p80 & 1; 345 u8 offs = 0; 346 347 rx_status->bw = RATE_INFO_BW_HE_RU; 348 349 he->data1 |= cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA1_BW_RU_ALLOC_KNOWN); 350 he->data2 |= cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA2_PRISEC_80_KNOWN | 351 IEEE80211_RADIOTAP_HE_DATA2_RU_OFFSET_KNOWN); 352 353 switch (ru) { 354 case 0 ... 36: 355 rx_status->he_ru = NL80211_RATE_INFO_HE_RU_ALLOC_26; 356 offs = ru; 357 break; 358 case 37 ... 52: 359 rx_status->he_ru = NL80211_RATE_INFO_HE_RU_ALLOC_52; 360 offs = ru - 37; 361 break; 362 case 53 ... 60: 363 rx_status->he_ru = NL80211_RATE_INFO_HE_RU_ALLOC_106; 364 offs = ru - 53; 365 break; 366 case 61 ... 64: 367 rx_status->he_ru = NL80211_RATE_INFO_HE_RU_ALLOC_242; 368 offs = ru - 61; 369 break; 370 case 65 ... 66: 371 rx_status->he_ru = NL80211_RATE_INFO_HE_RU_ALLOC_484; 372 offs = ru - 65; 373 break; 374 case 67: 375 rx_status->he_ru = NL80211_RATE_INFO_HE_RU_ALLOC_996; 376 break; 377 case 68: 378 rx_status->he_ru = NL80211_RATE_INFO_HE_RU_ALLOC_2x996; 379 break; 380 } 381 382 he->data2 |= le16_encode_bits(offs, 383 IEEE80211_RADIOTAP_HE_DATA2_RU_OFFSET); 384 385 he->data2 |= le16_encode_bits(p80, IEEE80211_RADIOTAP_HE_DATA2_PRISEC_80_SEC); 386 } 387 388 #define RTAP_ENC_HE(src, src_msk, dst_msk) \ 389 le16_encode_bits(le32_get_bits(src, src_msk), dst_msk) 390 391 static void 392 iwl_mld_decode_he_mu(struct iwl_mld_rx_phy_data *phy_data, 393 struct ieee80211_radiotap_he *he, 394 struct ieee80211_radiotap_he_mu *he_mu, 395 struct ieee80211_rx_status *rx_status) 396 { 397 u32 rate_n_flags = phy_data->rate_n_flags; 398 399 he_mu->flags1 |= RTAP_ENC_HE(phy_data->ntfy->sigs.he.a1, 400 OFDM_RX_FRAME_HE_DCM, 401 IEEE80211_RADIOTAP_HE_MU_FLAGS1_SIG_B_DCM); 402 he_mu->flags1 |= RTAP_ENC_HE(phy_data->ntfy->sigs.he.a1, 403 OFDM_RX_FRAME_HE_MCS, 404 IEEE80211_RADIOTAP_HE_MU_FLAGS1_SIG_B_MCS); 405 he_mu->flags2 |= RTAP_ENC_HE(phy_data->ntfy->sigs.he.a1, 406 OFDM_RX_FRAME_HE_PRMBL_PUNC_TYPE, 407 IEEE80211_RADIOTAP_HE_MU_FLAGS2_PUNC_FROM_SIG_A_BW); 408 he_mu->flags2 |= RTAP_ENC_HE(phy_data->ntfy->sigs.he.a2, 409 OFDM_RX_FRAME_HE_MU_NUM_OF_SIGB_SYM_OR_USER_NUM, 410 IEEE80211_RADIOTAP_HE_MU_FLAGS2_SIG_B_SYMS_USERS); 411 he_mu->flags2 |= RTAP_ENC_HE(phy_data->ntfy->sigs.he.a2, 412 OFDM_RX_FRAME_HE_MU_SIGB_COMP, 413 IEEE80211_RADIOTAP_HE_MU_FLAGS2_SIG_B_COMP); 414 415 if (phy_data->ntfy->flags & IWL_SNIF_FLAG_VALID_RU && 416 le32_get_bits(phy_data->ntfy->sigs.he.cmn[2], 417 OFDM_RX_FRAME_HE_COMMON_CC1_CRC_OK)) { 418 he_mu->flags1 |= 419 cpu_to_le16(IEEE80211_RADIOTAP_HE_MU_FLAGS1_CH1_RU_KNOWN | 420 IEEE80211_RADIOTAP_HE_MU_FLAGS1_CH1_CTR_26T_RU_KNOWN); 421 422 he_mu->flags1 |= 423 RTAP_ENC_HE(phy_data->ntfy->sigs.he.cmn[2], 424 OFDM_RX_FRAME_HE_CENTER_RU_CC1, 425 IEEE80211_RADIOTAP_HE_MU_FLAGS1_CH1_CTR_26T_RU); 426 427 he_mu->ru_ch1[0] = le32_get_bits(phy_data->ntfy->sigs.he.cmn[0], 428 OFDM_RX_FRAME_HE_RU_ALLOC_0_A1); 429 he_mu->ru_ch1[1] = le32_get_bits(phy_data->ntfy->sigs.he.cmn[1], 430 OFDM_RX_FRAME_HE_RU_ALLOC_1_C1); 431 he_mu->ru_ch1[2] = le32_get_bits(phy_data->ntfy->sigs.he.cmn[0], 432 OFDM_RX_FRAME_HE_RU_ALLOC_0_A2); 433 he_mu->ru_ch1[3] = le32_get_bits(phy_data->ntfy->sigs.he.cmn[1], 434 OFDM_RX_FRAME_HE_RU_ALLOC_1_C2); 435 } 436 437 if (phy_data->ntfy->flags & IWL_SNIF_FLAG_VALID_RU && 438 le32_get_bits(phy_data->ntfy->sigs.he.cmn[2], 439 OFDM_RX_FRAME_HE_COMMON_CC2_CRC_OK) && 440 (rate_n_flags & RATE_MCS_CHAN_WIDTH_MSK) != RATE_MCS_CHAN_WIDTH_20) { 441 he_mu->flags1 |= 442 cpu_to_le16(IEEE80211_RADIOTAP_HE_MU_FLAGS1_CH2_RU_KNOWN | 443 IEEE80211_RADIOTAP_HE_MU_FLAGS1_CH2_CTR_26T_RU_KNOWN); 444 445 he_mu->flags2 |= 446 RTAP_ENC_HE(phy_data->ntfy->sigs.he.cmn[2], 447 OFDM_RX_FRAME_HE_CENTER_RU_CC2, 448 IEEE80211_RADIOTAP_HE_MU_FLAGS2_CH2_CTR_26T_RU); 449 450 he_mu->ru_ch2[0] = le32_get_bits(phy_data->ntfy->sigs.he.cmn[0], 451 OFDM_RX_FRAME_HE_RU_ALLOC_0_B1); 452 he_mu->ru_ch2[1] = le32_get_bits(phy_data->ntfy->sigs.he.cmn[1], 453 OFDM_RX_FRAME_HE_RU_ALLOC_1_D1); 454 he_mu->ru_ch2[2] = le32_get_bits(phy_data->ntfy->sigs.he.cmn[0], 455 OFDM_RX_FRAME_HE_RU_ALLOC_0_B2); 456 he_mu->ru_ch2[3] = le32_get_bits(phy_data->ntfy->sigs.he.cmn[1], 457 OFDM_RX_FRAME_HE_RU_ALLOC_1_D2); 458 } 459 460 #define CHECK_BW(bw) \ 461 BUILD_BUG_ON(IEEE80211_RADIOTAP_HE_MU_FLAGS2_BW_FROM_SIG_A_BW_ ## bw ## MHZ != \ 462 RATE_MCS_CHAN_WIDTH_##bw >> RATE_MCS_CHAN_WIDTH_POS) 463 CHECK_BW(20); 464 CHECK_BW(40); 465 CHECK_BW(80); 466 CHECK_BW(160); 467 #undef CHECK_BW 468 469 he_mu->flags2 |= 470 le16_encode_bits(u32_get_bits(rate_n_flags, RATE_MCS_CHAN_WIDTH_MSK), 471 IEEE80211_RADIOTAP_HE_MU_FLAGS2_BW_FROM_SIG_A_BW); 472 473 iwl_mld_he_set_ru_alloc(rx_status, he, 474 le32_get_bits(phy_data->ntfy->sigs.he.b, 475 OFDM_RX_FRAME_HE_SIGB_STA_RU)); 476 } 477 478 static void 479 iwl_mld_decode_he_tb_phy_data(struct iwl_mld_rx_phy_data *phy_data, 480 struct ieee80211_radiotap_he *he, 481 struct ieee80211_rx_status *rx_status) 482 { 483 u32 rate_n_flags = phy_data->rate_n_flags; 484 u32 nsts; 485 486 he->data1 |= cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA1_BSS_COLOR_KNOWN | 487 IEEE80211_RADIOTAP_HE_DATA1_SPTL_REUSE_KNOWN | 488 IEEE80211_RADIOTAP_HE_DATA1_SPTL_REUSE2_KNOWN | 489 IEEE80211_RADIOTAP_HE_DATA1_SPTL_REUSE3_KNOWN | 490 IEEE80211_RADIOTAP_HE_DATA1_SPTL_REUSE4_KNOWN); 491 492 he->data4 |= RTAP_ENC_HE(phy_data->ntfy->sigs.he_tb.a1, 493 OFDM_RX_HE_TRIG_SPATIAL_REUSE_1, 494 IEEE80211_RADIOTAP_HE_DATA4_TB_SPTL_REUSE1); 495 he->data4 |= RTAP_ENC_HE(phy_data->ntfy->sigs.he_tb.a1, 496 OFDM_RX_HE_TRIG_SPATIAL_REUSE_2, 497 IEEE80211_RADIOTAP_HE_DATA4_TB_SPTL_REUSE2); 498 he->data4 |= RTAP_ENC_HE(phy_data->ntfy->sigs.he_tb.a1, 499 OFDM_RX_HE_TRIG_SPATIAL_REUSE_3, 500 IEEE80211_RADIOTAP_HE_DATA4_TB_SPTL_REUSE3); 501 he->data4 |= RTAP_ENC_HE(phy_data->ntfy->sigs.he_tb.a1, 502 OFDM_RX_HE_TRIG_SPATIAL_REUSE_4, 503 IEEE80211_RADIOTAP_HE_DATA4_TB_SPTL_REUSE4); 504 he->data3 |= RTAP_ENC_HE(phy_data->ntfy->sigs.he_tb.a1, 505 OFDM_RX_HE_TRIG_BSS_COLOR, 506 IEEE80211_RADIOTAP_HE_DATA3_BSS_COLOR); 507 508 #define CHECK_BW(bw) \ 509 BUILD_BUG_ON(IEEE80211_RADIOTAP_HE_DATA6_TB_PPDU_BW_ ## bw ## MHZ != \ 510 RATE_MCS_CHAN_WIDTH_##bw >> RATE_MCS_CHAN_WIDTH_POS) 511 CHECK_BW(20); 512 CHECK_BW(40); 513 CHECK_BW(80); 514 CHECK_BW(160); 515 #undef CHECK_BW 516 517 he->data6 |= cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA6_TB_PPDU_BW_KNOWN) | 518 le16_encode_bits(u32_get_bits(rate_n_flags, RATE_MCS_CHAN_WIDTH_MSK), 519 IEEE80211_RADIOTAP_HE_DATA6_TB_PPDU_BW); 520 521 if (!(phy_data->ntfy->flags & IWL_SNIF_FLAG_VALID_TB_RX)) 522 return; 523 524 he->data1 |= cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA1_LDPC_XSYMSEG_KNOWN | 525 IEEE80211_RADIOTAP_HE_DATA1_DOPPLER_KNOWN); 526 he->data2 |= cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA2_PRE_FEC_PAD_KNOWN | 527 IEEE80211_RADIOTAP_HE_DATA2_PE_DISAMBIG_KNOWN | 528 IEEE80211_RADIOTAP_HE_DATA2_TXOP_KNOWN | 529 IEEE80211_RADIOTAP_HE_DATA2_NUM_LTF_SYMS_KNOWN); 530 531 he->data3 |= RTAP_ENC_HE(phy_data->ntfy->sigs.he_tb.tb_rx1, 532 OFDM_UCODE_TRIG_BASE_RX_CODING_EXTRA_SYM, 533 IEEE80211_RADIOTAP_HE_DATA3_LDPC_XSYMSEG); 534 he->data6 |= RTAP_ENC_HE(phy_data->ntfy->sigs.he_tb.tb_rx1, 535 OFDM_UCODE_TRIG_BASE_RX_DOPPLER, 536 IEEE80211_RADIOTAP_HE_DATA6_DOPPLER); 537 he->data5 |= RTAP_ENC_HE(phy_data->ntfy->sigs.he_tb.tb_rx1, 538 OFDM_UCODE_TRIG_BASE_RX_PRE_FEC_PAD_FACTOR, 539 IEEE80211_RADIOTAP_HE_DATA5_PRE_FEC_PAD); 540 he->data5 |= RTAP_ENC_HE(phy_data->ntfy->sigs.he_tb.tb_rx1, 541 OFDM_UCODE_TRIG_BASE_RX_PE_DISAMBIG, 542 IEEE80211_RADIOTAP_HE_DATA5_PE_DISAMBIG); 543 he->data5 |= RTAP_ENC_HE(phy_data->ntfy->sigs.he_tb.tb_rx1, 544 OFDM_UCODE_TRIG_BASE_RX_NUM_OF_LTF_SYM, 545 IEEE80211_RADIOTAP_HE_DATA5_NUM_LTF_SYMS); 546 he->data6 |= RTAP_ENC_HE(phy_data->ntfy->sigs.he_tb.a2, 547 OFDM_RX_HE_TRIG_TXOP_DURATION, 548 IEEE80211_RADIOTAP_HE_DATA6_TXOP); 549 550 iwl_mld_he_set_ru_alloc(rx_status, he, 551 le32_get_bits(phy_data->ntfy->sigs.he_tb.tb_rx1, 552 OFDM_UCODE_TRIG_BASE_RX_RU)); 553 554 nsts = le32_get_bits(phy_data->ntfy->sigs.he_tb.tb_rx1, 555 OFDM_UCODE_TRIG_BASE_RX_NSTS) + 1; 556 rx_status->nss = nsts >> !!(rate_n_flags & RATE_MCS_STBC_MSK); 557 } 558 559 static void 560 iwl_mld_decode_he_phy_data(struct iwl_mld_rx_phy_data *phy_data, 561 struct ieee80211_radiotap_he *he, 562 struct ieee80211_radiotap_he_mu *he_mu, 563 struct ieee80211_rx_status *rx_status) 564 { 565 u32 rate_n_flags = phy_data->rate_n_flags; 566 u32 he_type = rate_n_flags & RATE_MCS_HE_TYPE_MSK; 567 u32 nsts; 568 569 switch (he_type) { 570 case RATE_MCS_HE_TYPE_TRIG: 571 iwl_mld_decode_he_tb_phy_data(phy_data, he, rx_status); 572 /* that's it, below is only for SU/MU */ 573 return; 574 case RATE_MCS_HE_TYPE_MU: 575 iwl_mld_decode_he_mu(phy_data, he, he_mu, rx_status); 576 577 nsts = le32_get_bits(phy_data->ntfy->sigs.he.b, 578 OFDM_RX_FRAME_HE_SIGB_NSTS) + 1; 579 break; 580 case RATE_MCS_HE_TYPE_SU: 581 case RATE_MCS_HE_TYPE_EXT_SU: 582 he->data1 |= cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA1_BEAM_CHANGE_KNOWN); 583 he->data3 |= RTAP_ENC_HE(phy_data->ntfy->sigs.he.a1, 584 OFDM_RX_FRAME_HE_BEAM_CHANGE, 585 IEEE80211_RADIOTAP_HE_DATA3_BEAM_CHANGE); 586 587 nsts = le32_get_bits(phy_data->ntfy->sigs.he.a1, 588 OFDM_RX_FRAME_HE_NSTS) + 1; 589 break; 590 } 591 592 rx_status->nss = nsts >> !!(rate_n_flags & RATE_MCS_STBC_MSK); 593 594 he->data1 |= cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA1_LDPC_XSYMSEG_KNOWN | 595 IEEE80211_RADIOTAP_HE_DATA1_DOPPLER_KNOWN); 596 he->data2 |= cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA2_PRE_FEC_PAD_KNOWN | 597 IEEE80211_RADIOTAP_HE_DATA2_PE_DISAMBIG_KNOWN | 598 IEEE80211_RADIOTAP_HE_DATA2_TXOP_KNOWN | 599 IEEE80211_RADIOTAP_HE_DATA2_NUM_LTF_SYMS_KNOWN); 600 601 he->data3 |= RTAP_ENC_HE(phy_data->ntfy->sigs.he.a2, 602 OFDM_RX_FRAME_HE_CODING_EXTRA_SYM, 603 IEEE80211_RADIOTAP_HE_DATA3_LDPC_XSYMSEG); 604 he->data5 |= RTAP_ENC_HE(phy_data->ntfy->sigs.he.a2, 605 OFDM_RX_FRAME_HE_PRE_FEC_PAD_FACTOR, 606 IEEE80211_RADIOTAP_HE_DATA5_PRE_FEC_PAD); 607 he->data5 |= RTAP_ENC_HE(phy_data->ntfy->sigs.he.a2, 608 OFDM_RX_FRAME_HE_PE_DISAMBIG, 609 IEEE80211_RADIOTAP_HE_DATA5_PE_DISAMBIG); 610 he->data5 |= RTAP_ENC_HE(phy_data->ntfy->sigs.he.a2, 611 OFDM_RX_FRAME_HE_MU_NUM_OF_LTF_SYM, 612 IEEE80211_RADIOTAP_HE_DATA5_NUM_LTF_SYMS); 613 he->data6 |= RTAP_ENC_HE(phy_data->ntfy->sigs.he.a2, 614 OFDM_RX_FRAME_HE_TXOP_DURATION, 615 IEEE80211_RADIOTAP_HE_DATA6_TXOP); 616 he->data6 |= RTAP_ENC_HE(phy_data->ntfy->sigs.he.a2, 617 OFDM_RX_FRAME_HE_DOPPLER, 618 IEEE80211_RADIOTAP_HE_DATA6_DOPPLER); 619 620 he->data1 |= cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA1_UL_DL_KNOWN | 621 IEEE80211_RADIOTAP_HE_DATA1_BSS_COLOR_KNOWN | 622 IEEE80211_RADIOTAP_HE_DATA1_SPTL_REUSE_KNOWN); 623 624 he->data3 |= RTAP_ENC_HE(phy_data->ntfy->sigs.he.a1, 625 OFDM_RX_FRAME_HE_BSS_COLOR, 626 IEEE80211_RADIOTAP_HE_DATA3_BSS_COLOR); 627 he->data3 |= RTAP_ENC_HE(phy_data->ntfy->sigs.he.a1, 628 OFDM_RX_FRAME_HE_UL_FLAG, 629 IEEE80211_RADIOTAP_HE_DATA3_UL_DL); 630 he->data4 |= RTAP_ENC_HE(phy_data->ntfy->sigs.he.a1, 631 OFDM_RX_FRAME_HE_SPATIAL_REUSE, 632 IEEE80211_RADIOTAP_HE_DATA4_SU_MU_SPTL_REUSE); 633 } 634 635 static void iwl_mld_rx_he(struct sk_buff *skb, 636 struct iwl_mld_rx_phy_data *phy_data) 637 { 638 struct ieee80211_rx_status *rx_status = IEEE80211_SKB_RXCB(skb); 639 struct ieee80211_radiotap_he *he = NULL; 640 struct ieee80211_radiotap_he_mu *he_mu = NULL; 641 u32 rate_n_flags = phy_data->rate_n_flags; 642 u32 he_type = rate_n_flags & RATE_MCS_HE_TYPE_MSK; 643 u8 ltf; 644 static const struct ieee80211_radiotap_he known = { 645 .data1 = cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA1_DATA_MCS_KNOWN | 646 IEEE80211_RADIOTAP_HE_DATA1_DATA_DCM_KNOWN | 647 IEEE80211_RADIOTAP_HE_DATA1_STBC_KNOWN | 648 IEEE80211_RADIOTAP_HE_DATA1_CODING_KNOWN), 649 .data2 = cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA2_GI_KNOWN | 650 IEEE80211_RADIOTAP_HE_DATA2_TXBF_KNOWN), 651 }; 652 static const struct ieee80211_radiotap_he_mu mu_known = { 653 .flags1 = cpu_to_le16(IEEE80211_RADIOTAP_HE_MU_FLAGS1_SIG_B_MCS_KNOWN | 654 IEEE80211_RADIOTAP_HE_MU_FLAGS1_SIG_B_DCM_KNOWN | 655 IEEE80211_RADIOTAP_HE_MU_FLAGS1_SIG_B_SYMS_USERS_KNOWN | 656 IEEE80211_RADIOTAP_HE_MU_FLAGS1_SIG_B_COMP_KNOWN), 657 .flags2 = cpu_to_le16(IEEE80211_RADIOTAP_HE_MU_FLAGS2_PUNC_FROM_SIG_A_BW_KNOWN | 658 IEEE80211_RADIOTAP_HE_MU_FLAGS2_BW_FROM_SIG_A_BW_KNOWN), 659 }; 660 661 he = skb_put_data(skb, &known, sizeof(known)); 662 rx_status->flag |= RX_FLAG_RADIOTAP_HE; 663 664 switch (he_type) { 665 case RATE_MCS_HE_TYPE_EXT_SU: 666 /* 667 * Except for this special case we won't have 668 * HE RU allocation info outside of monitor mode 669 * since we don't get the PHY notif. 670 */ 671 if (rate_n_flags & RATE_MCS_HE_106T_MSK) { 672 rx_status->bw = RATE_INFO_BW_HE_RU; 673 rx_status->he_ru = NL80211_RATE_INFO_HE_RU_ALLOC_106; 674 } 675 fallthrough; 676 case RATE_MCS_HE_TYPE_SU: 677 /* actual data is filled in mac80211 */ 678 he->data1 |= 679 cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA1_BW_RU_ALLOC_KNOWN); 680 break; 681 } 682 683 #define CHECK_TYPE(F) \ 684 BUILD_BUG_ON(IEEE80211_RADIOTAP_HE_DATA1_FORMAT_ ## F != \ 685 (RATE_MCS_HE_TYPE_ ## F >> RATE_MCS_HE_TYPE_POS)) 686 687 CHECK_TYPE(SU); 688 CHECK_TYPE(EXT_SU); 689 CHECK_TYPE(MU); 690 CHECK_TYPE(TRIG); 691 692 he->data1 |= cpu_to_le16(he_type >> RATE_MCS_HE_TYPE_POS); 693 694 if (rate_n_flags & RATE_MCS_BF_MSK) 695 he->data5 |= cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA5_TXBF); 696 697 switch (u32_get_bits(rate_n_flags, RATE_MCS_HE_GI_LTF_MSK)) { 698 case 0: 699 if (he_type == RATE_MCS_HE_TYPE_TRIG) 700 rx_status->he_gi = NL80211_RATE_INFO_HE_GI_1_6; 701 else 702 rx_status->he_gi = NL80211_RATE_INFO_HE_GI_0_8; 703 if (he_type == RATE_MCS_HE_TYPE_MU) 704 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_4X; 705 else 706 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_1X; 707 break; 708 case 1: 709 if (he_type == RATE_MCS_HE_TYPE_TRIG) 710 rx_status->he_gi = NL80211_RATE_INFO_HE_GI_1_6; 711 else 712 rx_status->he_gi = NL80211_RATE_INFO_HE_GI_0_8; 713 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_2X; 714 break; 715 case 2: 716 if (he_type == RATE_MCS_HE_TYPE_TRIG) { 717 rx_status->he_gi = NL80211_RATE_INFO_HE_GI_3_2; 718 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_4X; 719 } else { 720 rx_status->he_gi = NL80211_RATE_INFO_HE_GI_1_6; 721 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_2X; 722 } 723 break; 724 case 3: 725 rx_status->he_gi = NL80211_RATE_INFO_HE_GI_3_2; 726 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_4X; 727 break; 728 case 4: 729 rx_status->he_gi = NL80211_RATE_INFO_HE_GI_0_8; 730 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_4X; 731 break; 732 default: 733 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_UNKNOWN; 734 } 735 736 he->data5 |= le16_encode_bits(ltf, 737 IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE); 738 739 if (likely(!phy_data->ntfy)) 740 return; 741 742 if (he_type == RATE_MCS_HE_TYPE_MU) { 743 he_mu = skb_put_data(skb, &mu_known, sizeof(mu_known)); 744 rx_status->flag |= RX_FLAG_RADIOTAP_HE_MU; 745 } 746 747 iwl_mld_decode_he_phy_data(phy_data, he, he_mu, rx_status); 748 } 749 750 static void iwl_mld_decode_lsig(struct sk_buff *skb, 751 struct iwl_mld_rx_phy_data *phy_data) 752 { 753 struct ieee80211_rx_status *rx_status = IEEE80211_SKB_RXCB(skb); 754 u32 format = phy_data->rate_n_flags & RATE_MCS_MOD_TYPE_MSK; 755 struct ieee80211_radiotap_lsig *lsig; 756 u32 lsig_len, rate; 757 758 if (likely(!phy_data->ntfy)) 759 return; 760 761 /* 762 * Technically legacy CCK/OFDM frames don't have an L-SIG 763 * since that's the compat format for HT (non-greenfield) 764 * and up. However, it's meant to be compatible with the 765 * LENGTH and RATE fields in Clause 17 and 18 OFDM frames 766 * so include the field for any non-CCK frame. For CCK it 767 * cannot work, since the LENGTH field for them is 16-bit 768 * and the radiotap field only has 12 bits. 769 */ 770 if (format == RATE_MCS_MOD_TYPE_CCK) 771 return; 772 773 lsig_len = le32_get_bits(phy_data->ntfy->legacy_sig.ofdm, 774 OFDM_RX_LEGACY_LENGTH); 775 rate = le32_get_bits(phy_data->ntfy->legacy_sig.ofdm, OFDM_RX_RATE); 776 777 lsig = skb_put(skb, sizeof(*lsig)); 778 lsig->data1 = cpu_to_le16(IEEE80211_RADIOTAP_LSIG_DATA1_LENGTH_KNOWN) | 779 cpu_to_le16(IEEE80211_RADIOTAP_LSIG_DATA1_RATE_KNOWN); 780 lsig->data2 = le16_encode_bits(lsig_len, 781 IEEE80211_RADIOTAP_LSIG_DATA2_LENGTH) | 782 le16_encode_bits(rate, IEEE80211_RADIOTAP_LSIG_DATA2_RATE); 783 rx_status->flag |= RX_FLAG_RADIOTAP_LSIG; 784 } 785 786 /* Put a TLV on the skb and return data pointer 787 * 788 * Also pad the len to 4 and zero out all data part 789 */ 790 static void * 791 iwl_mld_radiotap_put_tlv(struct sk_buff *skb, u16 type, u16 len) 792 { 793 struct ieee80211_radiotap_tlv *tlv; 794 795 tlv = skb_put(skb, sizeof(*tlv)); 796 tlv->type = cpu_to_le16(type); 797 tlv->len = cpu_to_le16(len); 798 return skb_put_zero(skb, ALIGN(len, 4)); 799 } 800 801 #define LE32_DEC_ENC(value, dec_bits, enc_bits) \ 802 le32_encode_bits(le32_get_bits(value, dec_bits), enc_bits) 803 804 #define IWL_MLD_ENC_USIG_VALUE_MASK(usig, in_value, dec_bits, enc_bits) do { \ 805 typeof(enc_bits) _enc_bits = enc_bits; \ 806 typeof(usig) _usig = usig; \ 807 (_usig)->mask |= cpu_to_le32(_enc_bits); \ 808 (_usig)->value |= LE32_DEC_ENC(in_value, dec_bits, _enc_bits); \ 809 } while (0) 810 811 static void iwl_mld_decode_eht_usig_tb(struct iwl_mld_rx_phy_data *phy_data, 812 struct ieee80211_radiotap_eht_usig *usig) 813 { 814 __le32 usig_a1 = phy_data->ntfy->sigs.eht_tb.usig_a1; 815 __le32 usig_a2 = phy_data->ntfy->sigs.eht_tb.usig_a2_eht; 816 817 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a1, 818 OFDM_RX_FRAME_EHT_USIG1_DISREGARD, 819 IEEE80211_RADIOTAP_EHT_USIG1_TB_B20_B25_DISREGARD); 820 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2, 821 OFDM_RX_FRAME_EHT_PPDU_TYPE, 822 IEEE80211_RADIOTAP_EHT_USIG2_TB_B0_B1_PPDU_TYPE); 823 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2, 824 OFDM_RX_FRAME_EHT_USIG2_VALIDATE_B2, 825 IEEE80211_RADIOTAP_EHT_USIG2_TB_B2_VALIDATE); 826 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2, 827 OFDM_RX_FRAME_EHT_TRIG_SPATIAL_REUSE_1, 828 IEEE80211_RADIOTAP_EHT_USIG2_TB_B3_B6_SPATIAL_REUSE_1); 829 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2, 830 OFDM_RX_FRAME_EHT_TRIG_SPATIAL_REUSE_2, 831 IEEE80211_RADIOTAP_EHT_USIG2_TB_B7_B10_SPATIAL_REUSE_2); 832 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2, 833 OFDM_RX_FRAME_EHT_TRIG_USIG2_DISREGARD, 834 IEEE80211_RADIOTAP_EHT_USIG2_TB_B11_B15_DISREGARD); 835 } 836 837 static void iwl_mld_decode_eht_usig_non_tb(struct iwl_mld_rx_phy_data *phy_data, 838 struct ieee80211_radiotap_eht_usig *usig) 839 { 840 __le32 usig_a1 = phy_data->ntfy->sigs.eht.usig_a1; 841 __le32 usig_a2 = phy_data->ntfy->sigs.eht.usig_a2_eht; 842 843 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a1, 844 OFDM_RX_FRAME_EHT_USIG1_DISREGARD, 845 IEEE80211_RADIOTAP_EHT_USIG1_MU_B20_B24_DISREGARD); 846 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a1, 847 OFDM_RX_FRAME_EHT_USIG1_VALIDATE, 848 IEEE80211_RADIOTAP_EHT_USIG1_MU_B25_VALIDATE); 849 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2, 850 OFDM_RX_FRAME_EHT_PPDU_TYPE, 851 IEEE80211_RADIOTAP_EHT_USIG2_MU_B0_B1_PPDU_TYPE); 852 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2, 853 OFDM_RX_FRAME_EHT_USIG2_VALIDATE_B2, 854 IEEE80211_RADIOTAP_EHT_USIG2_MU_B2_VALIDATE); 855 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2, 856 OFDM_RX_FRAME_EHT_PUNC_CHANNEL, 857 IEEE80211_RADIOTAP_EHT_USIG2_MU_B3_B7_PUNCTURED_INFO); 858 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2, 859 OFDM_RX_FRAME_EHT_USIG2_VALIDATE_B8, 860 IEEE80211_RADIOTAP_EHT_USIG2_MU_B8_VALIDATE); 861 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2, 862 OFDM_RX_FRAME_EHT_SIG_MCS, 863 IEEE80211_RADIOTAP_EHT_USIG2_MU_B9_B10_SIG_MCS); 864 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2, 865 OFDM_RX_FRAME_EHT_SIG_SYM_NUM, 866 IEEE80211_RADIOTAP_EHT_USIG2_MU_B11_B15_EHT_SIG_SYMBOLS); 867 } 868 869 static void iwl_mld_decode_eht_usig(struct iwl_mld_rx_phy_data *phy_data, 870 struct sk_buff *skb) 871 { 872 u32 he_type = phy_data->rate_n_flags & RATE_MCS_HE_TYPE_MSK; 873 __le32 usig_a1 = phy_data->ntfy->sigs.eht.usig_a1; 874 __le32 usig_a2 = phy_data->ntfy->sigs.eht.usig_a2_eht; 875 struct ieee80211_radiotap_eht_usig *usig; 876 u32 bw; 877 878 usig = iwl_mld_radiotap_put_tlv(skb, IEEE80211_RADIOTAP_EHT_USIG, 879 sizeof(*usig)); 880 881 BUILD_BUG_ON(offsetof(union iwl_sigs, eht.usig_a1) != 882 offsetof(union iwl_sigs, eht_tb.usig_a1)); 883 BUILD_BUG_ON(offsetof(union iwl_sigs, eht.usig_a2_eht) != 884 offsetof(union iwl_sigs, eht_tb.usig_a2_eht)); 885 886 usig->common |= cpu_to_le32(IEEE80211_RADIOTAP_EHT_USIG_COMMON_UL_DL_KNOWN | 887 IEEE80211_RADIOTAP_EHT_USIG_COMMON_BSS_COLOR_KNOWN | 888 IEEE80211_RADIOTAP_EHT_USIG_COMMON_VALIDATE_BITS_CHECKED | 889 IEEE80211_RADIOTAP_EHT_USIG_COMMON_BW_KNOWN | 890 IEEE80211_RADIOTAP_EHT_USIG_COMMON_TXOP_KNOWN); 891 892 #define CHECK_BW(bw) \ 893 BUILD_BUG_ON(IEEE80211_RADIOTAP_EHT_USIG_COMMON_BW_ ## bw ## MHZ != \ 894 RATE_MCS_CHAN_WIDTH_ ## bw ## _VAL) 895 CHECK_BW(20); 896 CHECK_BW(40); 897 CHECK_BW(80); 898 CHECK_BW(160); 899 #undef CHECK_BW 900 BUILD_BUG_ON(IEEE80211_RADIOTAP_EHT_USIG_COMMON_BW_320MHZ_1 != 901 RATE_MCS_CHAN_WIDTH_320_VAL); 902 bw = u32_get_bits(phy_data->rate_n_flags, RATE_MCS_CHAN_WIDTH_MSK); 903 /* specific handling for 320MHz-1/320MHz-2 */ 904 if (bw == RATE_MCS_CHAN_WIDTH_320_VAL) 905 bw += le32_get_bits(usig_a1, OFDM_RX_FRAME_EHT_BW320_SLOT); 906 usig->common |= le32_encode_bits(bw, 907 IEEE80211_RADIOTAP_EHT_USIG_COMMON_BW); 908 909 usig->common |= LE32_DEC_ENC(usig_a1, OFDM_RX_FRAME_ENHANCED_WIFI_UL_FLAG, 910 IEEE80211_RADIOTAP_EHT_USIG_COMMON_UL_DL); 911 usig->common |= LE32_DEC_ENC(usig_a1, OFDM_RX_FRAME_ENHANCED_WIFI_BSS_COLOR, 912 IEEE80211_RADIOTAP_EHT_USIG_COMMON_BSS_COLOR); 913 914 if (le32_get_bits(usig_a1, OFDM_RX_FRAME_EHT_USIG1_VALIDATE) && 915 le32_get_bits(usig_a2, OFDM_RX_FRAME_EHT_USIG2_VALIDATE_B2) && 916 le32_get_bits(usig_a2, OFDM_RX_FRAME_EHT_USIG2_VALIDATE_B8)) 917 usig->common |= cpu_to_le32(IEEE80211_RADIOTAP_EHT_USIG_COMMON_VALIDATE_BITS_OK); 918 919 usig->common |= LE32_DEC_ENC(usig_a1, 920 OFDM_RX_FRAME_ENHANCED_WIFI_TXOP_DURATION, 921 IEEE80211_RADIOTAP_EHT_USIG_COMMON_TXOP); 922 923 if (!le32_get_bits(usig_a2, OFDM_RX_USIG_CRC_OK)) 924 usig->common |= cpu_to_le32(IEEE80211_RADIOTAP_EHT_USIG_COMMON_BAD_USIG_CRC); 925 926 usig->common |= cpu_to_le32(IEEE80211_RADIOTAP_EHT_USIG_COMMON_PHY_VER_KNOWN); 927 usig->common |= LE32_DEC_ENC(usig_a1, 928 OFDM_RX_FRAME_ENHANCED_WIFI_VER_ID, 929 IEEE80211_RADIOTAP_EHT_USIG_COMMON_PHY_VER); 930 931 if (he_type == RATE_MCS_HE_TYPE_TRIG) 932 iwl_mld_decode_eht_usig_tb(phy_data, usig); 933 else 934 iwl_mld_decode_eht_usig_non_tb(phy_data, usig); 935 } 936 937 static void 938 iwl_mld_eht_set_ru_alloc(struct ieee80211_rx_status *rx_status, 939 u32 ru_with_p80) 940 { 941 enum nl80211_eht_ru_alloc nl_ru; 942 u32 ru = ru_with_p80 >> 1; 943 944 /* 945 * HW always uses trigger frame format: 946 * 947 * Draft PIEEE802.11be D7.0 Table 9-46l - Encoding of the PS160 and 948 * RU Allocation subfields in an EHT variant User Info field 949 */ 950 951 switch (ru) { 952 case 0 ... 36: 953 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_26; 954 break; 955 case 37 ... 52: 956 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_52; 957 break; 958 case 53 ... 60: 959 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_106; 960 break; 961 case 61 ... 64: 962 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_242; 963 break; 964 case 65 ... 66: 965 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_484; 966 break; 967 case 67: 968 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_996; 969 break; 970 case 68: 971 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_2x996; 972 break; 973 case 69: 974 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_4x996; 975 break; 976 case 70 ... 81: 977 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_52P26; 978 break; 979 case 82 ... 89: 980 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_106P26; 981 break; 982 case 90 ... 93: 983 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_484P242; 984 break; 985 case 94 ... 95: 986 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_996P484; 987 break; 988 case 96 ... 99: 989 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_996P484P242; 990 break; 991 case 100 ... 103: 992 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_2x996P484; 993 break; 994 case 104: 995 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_3x996; 996 break; 997 case 105 ... 106: 998 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_3x996P484; 999 break; 1000 default: 1001 return; 1002 } 1003 1004 rx_status->bw = RATE_INFO_BW_EHT_RU; 1005 rx_status->eht.ru = nl_ru; 1006 } 1007 1008 static void iwl_mld_decode_eht_tb(struct iwl_mld_rx_phy_data *phy_data, 1009 struct ieee80211_rx_status *rx_status, 1010 struct ieee80211_radiotap_eht *eht) 1011 { 1012 if (!(phy_data->ntfy->flags & IWL_SNIF_FLAG_VALID_TB_RX)) 1013 return; 1014 1015 eht->known |= cpu_to_le32(IEEE80211_RADIOTAP_EHT_KNOWN_RU_ALLOC_TB_FMT | 1016 IEEE80211_RADIOTAP_EHT_KNOWN_LDPC_EXTRA_SYM_OM | 1017 IEEE80211_RADIOTAP_EHT_KNOWN_PRE_PADD_FACOR_OM | 1018 IEEE80211_RADIOTAP_EHT_KNOWN_PE_DISAMBIGUITY_OM | 1019 IEEE80211_RADIOTAP_EHT_KNOWN_EHT_LTF | 1020 IEEE80211_RADIOTAP_EHT_KNOWN_PRIMARY_80); 1021 1022 eht->data[8] |= LE32_DEC_ENC(phy_data->ntfy->sigs.eht_tb.tb_rx0, 1023 OFDM_UCODE_TRIG_BASE_PS160, 1024 IEEE80211_RADIOTAP_EHT_DATA8_RU_ALLOC_TB_FMT_PS_160); 1025 eht->data[8] |= LE32_DEC_ENC(phy_data->ntfy->sigs.eht_tb.tb_rx1, 1026 OFDM_UCODE_TRIG_BASE_RX_RU, 1027 IEEE80211_RADIOTAP_EHT_DATA8_RU_ALLOC_TB_FMT_B0 | 1028 IEEE80211_RADIOTAP_EHT_DATA8_RU_ALLOC_TB_FMT_B7_B1); 1029 eht->data[0] |= LE32_DEC_ENC(phy_data->ntfy->sigs.eht_tb.tb_rx1, 1030 OFDM_UCODE_TRIG_BASE_RX_CODING_EXTRA_SYM, 1031 IEEE80211_RADIOTAP_EHT_DATA0_LDPC_EXTRA_SYM_OM); 1032 eht->data[0] |= LE32_DEC_ENC(phy_data->ntfy->sigs.eht_tb.tb_rx1, 1033 OFDM_UCODE_TRIG_BASE_RX_PRE_FEC_PAD_FACTOR, 1034 IEEE80211_RADIOTAP_EHT_DATA0_PRE_PADD_FACOR_OM); 1035 eht->data[0] |= LE32_DEC_ENC(phy_data->ntfy->sigs.eht_tb.tb_rx1, 1036 OFDM_UCODE_TRIG_BASE_RX_PE_DISAMBIG, 1037 IEEE80211_RADIOTAP_EHT_DATA0_PE_DISAMBIGUITY_OM); 1038 eht->data[0] |= LE32_DEC_ENC(phy_data->ntfy->sigs.eht_tb.tb_rx1, 1039 OFDM_UCODE_TRIG_BASE_RX_NUM_OF_LTF_SYM, 1040 IEEE80211_RADIOTAP_EHT_DATA0_EHT_LTF); 1041 eht->data[1] |= LE32_DEC_ENC(phy_data->ntfy->sigs.eht_tb.tb_rx0, 1042 OFDM_UCODE_TRIG_BASE_RX_RU_P80, 1043 IEEE80211_RADIOTAP_EHT_DATA1_PRIMARY_80); 1044 1045 iwl_mld_eht_set_ru_alloc(rx_status, 1046 le32_get_bits(phy_data->ntfy->sigs.eht_tb.tb_rx1, 1047 OFDM_UCODE_TRIG_BASE_RX_RU)); 1048 } 1049 1050 static void iwl_mld_eht_decode_user_ru(struct iwl_mld_rx_phy_data *phy_data, 1051 struct ieee80211_radiotap_eht *eht) 1052 { 1053 u32 phy_bw = phy_data->rate_n_flags & RATE_MCS_CHAN_WIDTH_MSK; 1054 1055 if (!(phy_data->ntfy->flags & IWL_SNIF_FLAG_VALID_RU)) 1056 return; 1057 1058 #define __IWL_MLD_ENC_EHT_RU(rt_data, rt_ru, fw_data, fw_ru) \ 1059 eht->data[(rt_data)] |= \ 1060 (cpu_to_le32(IEEE80211_RADIOTAP_EHT_DATA ## rt_data ## _RU_ALLOC_CC_ ## rt_ru ## _KNOWN) | \ 1061 LE32_DEC_ENC(phy_data->ntfy->sigs.eht.cmn[fw_data], \ 1062 OFDM_RX_FRAME_EHT_RU_ALLOC_ ## fw_data ## _ ## fw_ru, \ 1063 IEEE80211_RADIOTAP_EHT_DATA ## rt_data ## _RU_ALLOC_CC_ ## rt_ru)) 1064 1065 #define _IWL_MLD_ENC_EHT_RU(rt_data, rt_ru, fw_data, fw_ru) \ 1066 __IWL_MLD_ENC_EHT_RU(rt_data, rt_ru, fw_data, fw_ru) 1067 1068 #define IEEE80211_RADIOTAP_RU_DATA_1_1_1 1 1069 #define IEEE80211_RADIOTAP_RU_DATA_2_1_1 2 1070 #define IEEE80211_RADIOTAP_RU_DATA_1_1_2 2 1071 #define IEEE80211_RADIOTAP_RU_DATA_2_1_2 2 1072 #define IEEE80211_RADIOTAP_RU_DATA_1_2_1 3 1073 #define IEEE80211_RADIOTAP_RU_DATA_2_2_1 3 1074 #define IEEE80211_RADIOTAP_RU_DATA_1_2_2 3 1075 #define IEEE80211_RADIOTAP_RU_DATA_2_2_2 4 1076 #define IEEE80211_RADIOTAP_RU_DATA_1_2_3 4 1077 #define IEEE80211_RADIOTAP_RU_DATA_2_2_3 4 1078 #define IEEE80211_RADIOTAP_RU_DATA_1_2_4 5 1079 #define IEEE80211_RADIOTAP_RU_DATA_2_2_4 5 1080 #define IEEE80211_RADIOTAP_RU_DATA_1_2_5 5 1081 #define IEEE80211_RADIOTAP_RU_DATA_2_2_5 6 1082 #define IEEE80211_RADIOTAP_RU_DATA_1_2_6 6 1083 #define IEEE80211_RADIOTAP_RU_DATA_2_2_6 6 1084 1085 #define IWL_RX_RU_DATA_A1 0 1086 #define IWL_RX_RU_DATA_A2 0 1087 #define IWL_RX_RU_DATA_A3 0 1088 #define IWL_RX_RU_DATA_A4 4 1089 #define IWL_RX_RU_DATA_B1 1 1090 #define IWL_RX_RU_DATA_B2 1 1091 #define IWL_RX_RU_DATA_B3 1 1092 #define IWL_RX_RU_DATA_B4 4 1093 #define IWL_RX_RU_DATA_C1 2 1094 #define IWL_RX_RU_DATA_C2 2 1095 #define IWL_RX_RU_DATA_C3 2 1096 #define IWL_RX_RU_DATA_C4 5 1097 #define IWL_RX_RU_DATA_D1 3 1098 #define IWL_RX_RU_DATA_D2 3 1099 #define IWL_RX_RU_DATA_D3 3 1100 #define IWL_RX_RU_DATA_D4 5 1101 1102 #define IWL_MLD_ENC_EHT_RU(rt_ru, fw_ru) \ 1103 _IWL_MLD_ENC_EHT_RU(IEEE80211_RADIOTAP_RU_DATA_ ## rt_ru, \ 1104 rt_ru, \ 1105 IWL_RX_RU_DATA_ ## fw_ru, \ 1106 fw_ru) 1107 1108 /* 1109 * Hardware labels the content channels/RU allocation values 1110 * as follows: 1111 * 1112 * Content Channel 1 Content Channel 2 1113 * 20 MHz: A1 1114 * 40 MHz: A1 B1 1115 * 80 MHz: A1 C1 B1 D1 1116 * 160 MHz: A1 C1 A2 C2 B1 D1 B2 D2 1117 * 320 MHz: A1 C1 A2 C2 A3 C3 A4 C4 B1 D1 B2 D2 B3 D3 B4 D4 1118 */ 1119 1120 switch (phy_bw) { 1121 case RATE_MCS_CHAN_WIDTH_320: 1122 /* content channel 1 */ 1123 IWL_MLD_ENC_EHT_RU(1_2_3, A3); 1124 IWL_MLD_ENC_EHT_RU(1_2_4, C3); 1125 IWL_MLD_ENC_EHT_RU(1_2_5, A4); 1126 IWL_MLD_ENC_EHT_RU(1_2_6, C4); 1127 /* content channel 2 */ 1128 IWL_MLD_ENC_EHT_RU(2_2_3, B3); 1129 IWL_MLD_ENC_EHT_RU(2_2_4, D3); 1130 IWL_MLD_ENC_EHT_RU(2_2_5, B4); 1131 IWL_MLD_ENC_EHT_RU(2_2_6, D4); 1132 fallthrough; 1133 case RATE_MCS_CHAN_WIDTH_160: 1134 /* content channel 1 */ 1135 IWL_MLD_ENC_EHT_RU(1_2_1, A2); 1136 IWL_MLD_ENC_EHT_RU(1_2_2, C2); 1137 /* content channel 2 */ 1138 IWL_MLD_ENC_EHT_RU(2_2_1, B2); 1139 IWL_MLD_ENC_EHT_RU(2_2_2, D2); 1140 fallthrough; 1141 case RATE_MCS_CHAN_WIDTH_80: 1142 /* content channel 1 */ 1143 IWL_MLD_ENC_EHT_RU(1_1_2, C1); 1144 /* content channel 2 */ 1145 IWL_MLD_ENC_EHT_RU(2_1_2, D1); 1146 fallthrough; 1147 case RATE_MCS_CHAN_WIDTH_40: 1148 /* content channel 2 */ 1149 IWL_MLD_ENC_EHT_RU(2_1_1, B1); 1150 fallthrough; 1151 case RATE_MCS_CHAN_WIDTH_20: 1152 /* content channel 1 */ 1153 IWL_MLD_ENC_EHT_RU(1_1_1, A1); 1154 break; 1155 } 1156 } 1157 1158 static void iwl_mld_decode_eht_non_tb(struct iwl_mld_rx_phy_data *phy_data, 1159 struct ieee80211_rx_status *rx_status, 1160 struct ieee80211_radiotap_eht *eht) 1161 { 1162 eht->known |= cpu_to_le32(IEEE80211_RADIOTAP_EHT_KNOWN_SPATIAL_REUSE | 1163 /* All RU allocating size/index is in TB format */ 1164 IEEE80211_RADIOTAP_EHT_KNOWN_RU_ALLOC_TB_FMT | 1165 IEEE80211_RADIOTAP_EHT_KNOWN_LDPC_EXTRA_SYM_OM | 1166 IEEE80211_RADIOTAP_EHT_KNOWN_PRE_PADD_FACOR_OM | 1167 IEEE80211_RADIOTAP_EHT_KNOWN_PE_DISAMBIGUITY_OM | 1168 IEEE80211_RADIOTAP_EHT_KNOWN_EHT_LTF | 1169 IEEE80211_RADIOTAP_EHT_KNOWN_PRIMARY_80 | 1170 IEEE80211_RADIOTAP_EHT_KNOWN_NR_NON_OFDMA_USERS_M); 1171 1172 eht->data[0] |= LE32_DEC_ENC(phy_data->ntfy->sigs.eht.b1, 1173 OFDM_RX_FRAME_EHT_SPATIAL_REUSE, 1174 IEEE80211_RADIOTAP_EHT_DATA0_SPATIAL_REUSE); 1175 eht->data[8] |= LE32_DEC_ENC(phy_data->ntfy->sigs.eht.b2, 1176 OFDM_RX_FRAME_EHT_STA_RU_PS160, 1177 IEEE80211_RADIOTAP_EHT_DATA8_RU_ALLOC_TB_FMT_PS_160); 1178 eht->data[8] |= LE32_DEC_ENC(phy_data->ntfy->sigs.eht.b2, 1179 OFDM_RX_FRAME_EHT_STA_RU, 1180 IEEE80211_RADIOTAP_EHT_DATA8_RU_ALLOC_TB_FMT_B0 | 1181 IEEE80211_RADIOTAP_EHT_DATA8_RU_ALLOC_TB_FMT_B7_B1); 1182 eht->data[0] |= LE32_DEC_ENC(phy_data->ntfy->sigs.eht.b1, 1183 OFDM_RX_FRAME_EHT_CODING_EXTRA_SYM, 1184 IEEE80211_RADIOTAP_EHT_DATA0_LDPC_EXTRA_SYM_OM); 1185 eht->data[0] |= LE32_DEC_ENC(phy_data->ntfy->sigs.eht.b1, 1186 OFDM_RX_FRAME_EHT_PRE_FEC_PAD_FACTOR, 1187 IEEE80211_RADIOTAP_EHT_DATA0_PRE_PADD_FACOR_OM); 1188 eht->data[0] |= LE32_DEC_ENC(phy_data->ntfy->sigs.eht.b1, 1189 OFDM_RX_FRAME_EHT_PE_DISAMBIG, 1190 IEEE80211_RADIOTAP_EHT_DATA0_PE_DISAMBIGUITY_OM); 1191 eht->data[0] |= LE32_DEC_ENC(phy_data->ntfy->sigs.eht.b1, 1192 OFDM_RX_FRAME_EHT_NUM_OF_LTF_SYM, 1193 IEEE80211_RADIOTAP_EHT_DATA0_EHT_LTF); 1194 eht->data[1] |= LE32_DEC_ENC(phy_data->ntfy->sigs.eht.b2, 1195 OFDM_RX_FRAME_EHT_STA_RU_P80, 1196 IEEE80211_RADIOTAP_EHT_DATA1_PRIMARY_80); 1197 eht->data[7] |= LE32_DEC_ENC(phy_data->ntfy->sigs.eht.b1, 1198 OFDM_RX_FRAME_EHT_NUM_OF_USERS, 1199 IEEE80211_RADIOTAP_EHT_DATA7_NUM_OF_NON_OFDMA_USERS); 1200 1201 iwl_mld_eht_decode_user_ru(phy_data, eht); 1202 1203 iwl_mld_eht_set_ru_alloc(rx_status, 1204 le32_get_bits(phy_data->ntfy->sigs.eht.b2, 1205 OFDM_RX_FRAME_EHT_STA_RU)); 1206 } 1207 1208 static void iwl_mld_decode_eht_phy_data(struct iwl_mld_rx_phy_data *phy_data, 1209 struct ieee80211_rx_status *rx_status, 1210 struct ieee80211_radiotap_eht *eht) 1211 { 1212 u32 he_type = phy_data->rate_n_flags & RATE_MCS_HE_TYPE_MSK; 1213 1214 if (he_type == RATE_MCS_HE_TYPE_TRIG) 1215 iwl_mld_decode_eht_tb(phy_data, rx_status, eht); 1216 else 1217 iwl_mld_decode_eht_non_tb(phy_data, rx_status, eht); 1218 } 1219 1220 static void iwl_mld_rx_eht(struct iwl_mld *mld, struct sk_buff *skb, 1221 struct iwl_mld_rx_phy_data *phy_data) 1222 { 1223 struct ieee80211_rx_status *rx_status = IEEE80211_SKB_RXCB(skb); 1224 struct ieee80211_radiotap_eht *eht; 1225 size_t eht_len = sizeof(*eht); 1226 u32 rate_n_flags = phy_data->rate_n_flags; 1227 u32 he_type = rate_n_flags & RATE_MCS_HE_TYPE_MSK; 1228 /* EHT and HE have the same values for LTF */ 1229 u8 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_UNKNOWN; 1230 1231 /* u32 for 1 user_info */ 1232 if (phy_data->with_data) 1233 eht_len += sizeof(u32); 1234 1235 eht = iwl_mld_radiotap_put_tlv(skb, IEEE80211_RADIOTAP_EHT, eht_len); 1236 1237 rx_status->flag |= RX_FLAG_RADIOTAP_TLV_AT_END; 1238 1239 switch (u32_get_bits(rate_n_flags, RATE_MCS_HE_GI_LTF_MSK)) { 1240 case 0: 1241 if (he_type == RATE_MCS_HE_TYPE_TRIG) { 1242 rx_status->eht.gi = NL80211_RATE_INFO_EHT_GI_1_6; 1243 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_1X; 1244 } else { 1245 rx_status->eht.gi = NL80211_RATE_INFO_EHT_GI_0_8; 1246 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_2X; 1247 } 1248 break; 1249 case 1: 1250 rx_status->eht.gi = NL80211_RATE_INFO_EHT_GI_1_6; 1251 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_2X; 1252 break; 1253 case 2: 1254 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_4X; 1255 if (he_type == RATE_MCS_HE_TYPE_TRIG) 1256 rx_status->eht.gi = NL80211_RATE_INFO_EHT_GI_3_2; 1257 else 1258 rx_status->eht.gi = NL80211_RATE_INFO_EHT_GI_0_8; 1259 break; 1260 case 3: 1261 if (he_type != RATE_MCS_HE_TYPE_TRIG) { 1262 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_4X; 1263 rx_status->eht.gi = NL80211_RATE_INFO_EHT_GI_3_2; 1264 } 1265 break; 1266 default: 1267 /* nothing here */ 1268 break; 1269 } 1270 1271 if (ltf != IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_UNKNOWN) { 1272 eht->known |= cpu_to_le32(IEEE80211_RADIOTAP_EHT_KNOWN_GI); 1273 eht->data[0] |= le32_encode_bits(ltf, 1274 IEEE80211_RADIOTAP_EHT_DATA0_LTF) | 1275 le32_encode_bits(rx_status->eht.gi, 1276 IEEE80211_RADIOTAP_EHT_DATA0_GI); 1277 } 1278 1279 if (!phy_data->with_data) { 1280 eht->known |= cpu_to_le32(IEEE80211_RADIOTAP_EHT_KNOWN_NSS_S | 1281 IEEE80211_RADIOTAP_EHT_KNOWN_BEAMFORMED_S); 1282 eht->data[7] |= LE32_DEC_ENC(phy_data->ntfy->sigs.eht.b1, 1283 OFDM_RX_FRAME_EHT_NSTS, 1284 IEEE80211_RADIOTAP_EHT_DATA7_NSS_S); 1285 if (rate_n_flags & RATE_MCS_BF_MSK) 1286 eht->data[7] |= 1287 cpu_to_le32(IEEE80211_RADIOTAP_EHT_DATA7_BEAMFORMED_S); 1288 } else { 1289 eht->user_info[0] |= 1290 cpu_to_le32(IEEE80211_RADIOTAP_EHT_USER_INFO_MCS_KNOWN | 1291 IEEE80211_RADIOTAP_EHT_USER_INFO_CODING_KNOWN | 1292 IEEE80211_RADIOTAP_EHT_USER_INFO_NSS_KNOWN_O | 1293 IEEE80211_RADIOTAP_EHT_USER_INFO_BEAMFORMING_KNOWN_O | 1294 IEEE80211_RADIOTAP_EHT_USER_INFO_DATA_FOR_USER); 1295 1296 if (rate_n_flags & RATE_MCS_BF_MSK) 1297 eht->user_info[0] |= 1298 cpu_to_le32(IEEE80211_RADIOTAP_EHT_USER_INFO_BEAMFORMING_O); 1299 1300 if (rate_n_flags & RATE_MCS_LDPC_MSK) 1301 eht->user_info[0] |= 1302 cpu_to_le32(IEEE80211_RADIOTAP_EHT_USER_INFO_CODING); 1303 1304 eht->user_info[0] |= 1305 le32_encode_bits(u32_get_bits(rate_n_flags, 1306 RATE_VHT_MCS_RATE_CODE_MSK), 1307 IEEE80211_RADIOTAP_EHT_USER_INFO_MCS) | 1308 le32_encode_bits(u32_get_bits(rate_n_flags, 1309 RATE_MCS_NSS_MSK), 1310 IEEE80211_RADIOTAP_EHT_USER_INFO_NSS_O); 1311 } 1312 1313 if (likely(!phy_data->ntfy)) 1314 return; 1315 1316 if (phy_data->with_data) { 1317 eht->user_info[0] |= 1318 cpu_to_le32(IEEE80211_RADIOTAP_EHT_USER_INFO_STA_ID_KNOWN) | 1319 LE32_DEC_ENC(phy_data->ntfy->sigs.eht.user_id, 1320 OFDM_RX_FRAME_EHT_USER_FIELD_ID, 1321 IEEE80211_RADIOTAP_EHT_USER_INFO_STA_ID); 1322 } 1323 1324 iwl_mld_decode_eht_usig(phy_data, skb); 1325 iwl_mld_decode_eht_phy_data(phy_data, rx_status, eht); 1326 } 1327 1328 #ifdef CONFIG_IWLWIFI_DEBUGFS 1329 static void iwl_mld_add_rtap_sniffer_config(struct iwl_mld *mld, 1330 struct sk_buff *skb) 1331 { 1332 struct ieee80211_rx_status *rx_status = IEEE80211_SKB_RXCB(skb); 1333 struct ieee80211_radiotap_vendor_content *radiotap; 1334 const u16 vendor_data_len = sizeof(mld->monitor.cur_aid); 1335 1336 if (!mld->monitor.cur_aid) 1337 return; 1338 1339 radiotap = 1340 iwl_mld_radiotap_put_tlv(skb, 1341 IEEE80211_RADIOTAP_VENDOR_NAMESPACE, 1342 sizeof(*radiotap) + vendor_data_len); 1343 1344 /* Intel OUI */ 1345 radiotap->oui[0] = 0xf6; 1346 radiotap->oui[1] = 0x54; 1347 radiotap->oui[2] = 0x25; 1348 /* Intel OUI default radiotap subtype */ 1349 radiotap->oui_subtype = 1; 1350 /* Sniffer config element type */ 1351 radiotap->vendor_type = 0; 1352 1353 /* fill the data now */ 1354 memcpy(radiotap->data, &mld->monitor.cur_aid, 1355 sizeof(mld->monitor.cur_aid)); 1356 1357 rx_status->flag |= RX_FLAG_RADIOTAP_TLV_AT_END; 1358 } 1359 #endif 1360 1361 static void iwl_mld_add_rtap_sniffer_phy_data(struct iwl_mld *mld, 1362 struct sk_buff *skb, 1363 struct iwl_rx_phy_air_sniffer_ntfy *ntfy) 1364 { 1365 struct ieee80211_rx_status *rx_status = IEEE80211_SKB_RXCB(skb); 1366 struct ieee80211_radiotap_vendor_content *radiotap; 1367 const u16 vendor_data_len = sizeof(*ntfy); 1368 1369 radiotap = 1370 iwl_mld_radiotap_put_tlv(skb, 1371 IEEE80211_RADIOTAP_VENDOR_NAMESPACE, 1372 sizeof(*radiotap) + vendor_data_len); 1373 1374 /* Intel OUI */ 1375 radiotap->oui[0] = 0xf6; 1376 radiotap->oui[1] = 0x54; 1377 radiotap->oui[2] = 0x25; 1378 /* Intel OUI default radiotap subtype */ 1379 radiotap->oui_subtype = 1; 1380 /* PHY data element type */ 1381 radiotap->vendor_type = cpu_to_le16(1); 1382 1383 /* fill the data now */ 1384 memcpy(radiotap->data, ntfy, vendor_data_len); 1385 1386 rx_status->flag |= RX_FLAG_RADIOTAP_TLV_AT_END; 1387 } 1388 1389 static void 1390 iwl_mld_set_rx_nonlegacy_rate_info(u32 rate_n_flags, 1391 struct ieee80211_rx_status *rx_status) 1392 { 1393 u8 stbc = u32_get_bits(rate_n_flags, RATE_MCS_STBC_MSK); 1394 1395 /* NSS may be overridden by PHY ntfy with full value */ 1396 rx_status->nss = u32_get_bits(rate_n_flags, RATE_MCS_NSS_MSK) + 1; 1397 rx_status->rate_idx = rate_n_flags & RATE_MCS_CODE_MSK; 1398 rx_status->enc_flags |= stbc << RX_ENC_FLAG_STBC_SHIFT; 1399 if (rate_n_flags & RATE_MCS_LDPC_MSK) 1400 rx_status->enc_flags |= RX_ENC_FLAG_LDPC; 1401 } 1402 1403 static void iwl_mld_set_rx_rate(struct iwl_mld *mld, 1404 struct iwl_mld_rx_phy_data *phy_data, 1405 struct ieee80211_rx_status *rx_status) 1406 { 1407 u32 rate_n_flags = phy_data->rate_n_flags; 1408 u8 stbc = u32_get_bits(rate_n_flags, RATE_MCS_STBC_MSK); 1409 u32 format = rate_n_flags & RATE_MCS_MOD_TYPE_MSK; 1410 bool is_sgi = rate_n_flags & RATE_MCS_SGI_MSK; 1411 1412 /* bandwidth may be overridden to RU by PHY ntfy */ 1413 switch (rate_n_flags & RATE_MCS_CHAN_WIDTH_MSK) { 1414 case RATE_MCS_CHAN_WIDTH_20: 1415 break; 1416 case RATE_MCS_CHAN_WIDTH_40: 1417 rx_status->bw = RATE_INFO_BW_40; 1418 break; 1419 case RATE_MCS_CHAN_WIDTH_80: 1420 rx_status->bw = RATE_INFO_BW_80; 1421 break; 1422 case RATE_MCS_CHAN_WIDTH_160: 1423 rx_status->bw = RATE_INFO_BW_160; 1424 break; 1425 case RATE_MCS_CHAN_WIDTH_320: 1426 rx_status->bw = RATE_INFO_BW_320; 1427 break; 1428 } 1429 1430 switch (format) { 1431 case RATE_MCS_MOD_TYPE_CCK: 1432 if (phy_data->phy_info & IWL_RX_MPDU_PHY_SHORT_PREAMBLE) 1433 rx_status->enc_flags |= RX_ENC_FLAG_SHORTPRE; 1434 fallthrough; 1435 case RATE_MCS_MOD_TYPE_LEGACY_OFDM: { 1436 int rate = 1437 iwl_mld_legacy_hw_idx_to_mac80211_idx(rate_n_flags, 1438 rx_status->band); 1439 1440 /* override BW - it could be DUP and indicate the wrong BW */ 1441 rx_status->bw = RATE_INFO_BW_20; 1442 1443 /* valid rate */ 1444 if (rate >= 0 && rate <= 0xFF) { 1445 rx_status->rate_idx = rate; 1446 break; 1447 } 1448 1449 /* invalid rate */ 1450 rx_status->rate_idx = 0; 1451 1452 /* 1453 * In monitor mode we can see CCK frames on 5 or 6 GHz, usually 1454 * just the (possibly malformed) PHY header by accident, since 1455 * the decoder doesn't seem to turn off CCK. We cannot correctly 1456 * encode the rate to mac80211 (and therefore not in radiotap) 1457 * since we give the per-band index which doesn't cover those 1458 * rates. 1459 */ 1460 if (!mld->monitor.on && net_ratelimit()) 1461 IWL_ERR(mld, "invalid rate_n_flags=0x%x, band=%d\n", 1462 rate_n_flags, rx_status->band); 1463 break; 1464 } 1465 case RATE_MCS_MOD_TYPE_HT: 1466 rx_status->encoding = RX_ENC_HT; 1467 rx_status->rate_idx = RATE_HT_MCS_INDEX(rate_n_flags); 1468 rx_status->enc_flags |= stbc << RX_ENC_FLAG_STBC_SHIFT; 1469 break; 1470 case RATE_MCS_MOD_TYPE_VHT: 1471 rx_status->encoding = RX_ENC_VHT; 1472 iwl_mld_set_rx_nonlegacy_rate_info(rate_n_flags, rx_status); 1473 break; 1474 case RATE_MCS_MOD_TYPE_HE: 1475 rx_status->encoding = RX_ENC_HE; 1476 rx_status->he_dcm = 1477 !!(rate_n_flags & RATE_HE_DUAL_CARRIER_MODE_MSK); 1478 iwl_mld_set_rx_nonlegacy_rate_info(rate_n_flags, rx_status); 1479 break; 1480 case RATE_MCS_MOD_TYPE_EHT: 1481 rx_status->encoding = RX_ENC_EHT; 1482 iwl_mld_set_rx_nonlegacy_rate_info(rate_n_flags, rx_status); 1483 break; 1484 default: 1485 WARN_ON_ONCE(1); 1486 } 1487 1488 if (format != RATE_MCS_MOD_TYPE_CCK && is_sgi) 1489 rx_status->enc_flags |= RX_ENC_FLAG_SHORT_GI; 1490 } 1491 1492 /* Note: hdr can be NULL */ 1493 static void iwl_mld_rx_fill_status(struct iwl_mld *mld, int link_id, 1494 struct ieee80211_hdr *hdr, 1495 struct sk_buff *skb, 1496 struct iwl_mld_rx_phy_data *phy_data) 1497 { 1498 struct ieee80211_rx_status *rx_status = IEEE80211_SKB_RXCB(skb); 1499 u32 rate_n_flags = phy_data->rate_n_flags; 1500 u32 format = rate_n_flags & RATE_MCS_MOD_TYPE_MSK; 1501 1502 iwl_mld_fill_signal(mld, link_id, hdr, rx_status, phy_data); 1503 1504 rx_status->device_timestamp = phy_data->gp2_on_air_rise; 1505 1506 iwl_mld_set_rx_rate(mld, phy_data, rx_status); 1507 1508 /* must be before HE data (radiotap field order) */ 1509 if (format == RATE_MCS_MOD_TYPE_VHT) 1510 iwl_mld_rx_vht(skb, phy_data); 1511 1512 /* must be before L-SIG data (radiotap field order) */ 1513 if (format == RATE_MCS_MOD_TYPE_HE) 1514 iwl_mld_rx_he(skb, phy_data); 1515 1516 iwl_mld_decode_lsig(skb, phy_data); 1517 1518 /* TLVs - must be after radiotap fixed fields */ 1519 if (format == RATE_MCS_MOD_TYPE_EHT) 1520 iwl_mld_rx_eht(mld, skb, phy_data); 1521 1522 #ifdef CONFIG_IWLWIFI_DEBUGFS 1523 if (unlikely(mld->monitor.on)) { 1524 iwl_mld_add_rtap_sniffer_config(mld, skb); 1525 1526 if (mld->monitor.ptp_time) { 1527 u64 adj_time = 1528 iwl_mld_ptp_get_adj_time(mld, 1529 phy_data->gp2_on_air_rise * 1530 NSEC_PER_USEC); 1531 1532 rx_status->mactime = div64_u64(adj_time, NSEC_PER_USEC); 1533 rx_status->flag |= RX_FLAG_MACTIME_IS_RTAP_TS64; 1534 rx_status->flag &= ~RX_FLAG_MACTIME; 1535 } 1536 } 1537 #endif 1538 1539 if (phy_data->ntfy) 1540 iwl_mld_add_rtap_sniffer_phy_data(mld, skb, phy_data->ntfy); 1541 } 1542 1543 /* iwl_mld_create_skb adds the rxb to a new skb */ 1544 static int iwl_mld_build_rx_skb(struct iwl_mld *mld, struct sk_buff *skb, 1545 struct ieee80211_hdr *hdr, u16 len, 1546 u8 crypt_len, struct iwl_rx_cmd_buffer *rxb) 1547 { 1548 struct iwl_rx_packet *pkt = rxb_addr(rxb); 1549 struct iwl_rx_mpdu_desc *desc = (void *)pkt->data; 1550 unsigned int headlen, fraglen, pad_len = 0; 1551 unsigned int hdrlen = ieee80211_hdrlen(hdr->frame_control); 1552 u8 mic_crc_len = u8_get_bits(desc->mac_flags1, 1553 IWL_RX_MPDU_MFLG1_MIC_CRC_LEN_MASK) << 1; 1554 1555 if (desc->mac_flags2 & IWL_RX_MPDU_MFLG2_PAD) { 1556 len -= 2; 1557 pad_len = 2; 1558 } 1559 1560 /* For non monitor interface strip the bytes the RADA might not have 1561 * removed (it might be disabled, e.g. for mgmt frames). As a monitor 1562 * interface cannot exist with other interfaces, this removal is safe 1563 * and sufficient, in monitor mode there's no decryption being done. 1564 */ 1565 if (len > mic_crc_len && !ieee80211_hw_check(mld->hw, RX_INCLUDES_FCS)) 1566 len -= mic_crc_len; 1567 1568 /* If frame is small enough to fit in skb->head, pull it completely. 1569 * If not, only pull ieee80211_hdr (including crypto if present, and 1570 * an additional 8 bytes for SNAP/ethertype, see below) so that 1571 * splice() or TCP coalesce are more efficient. 1572 * 1573 * Since, in addition, ieee80211_data_to_8023() always pull in at 1574 * least 8 bytes (possibly more for mesh) we can do the same here 1575 * to save the cost of doing it later. That still doesn't pull in 1576 * the actual IP header since the typical case has a SNAP header. 1577 * If the latter changes (there are efforts in the standards group 1578 * to do so) we should revisit this and ieee80211_data_to_8023(). 1579 */ 1580 headlen = (len <= skb_tailroom(skb)) ? len : hdrlen + crypt_len + 8; 1581 1582 /* The firmware may align the packet to DWORD. 1583 * The padding is inserted after the IV. 1584 * After copying the header + IV skip the padding if 1585 * present before copying packet data. 1586 */ 1587 hdrlen += crypt_len; 1588 1589 if (unlikely(headlen < hdrlen)) 1590 return -EINVAL; 1591 1592 /* Since data doesn't move data while putting data on skb and that is 1593 * the only way we use, data + len is the next place that hdr would 1594 * be put 1595 */ 1596 skb_set_mac_header(skb, skb->len); 1597 skb_put_data(skb, hdr, hdrlen); 1598 skb_put_data(skb, (u8 *)hdr + hdrlen + pad_len, headlen - hdrlen); 1599 1600 if (skb->ip_summed == CHECKSUM_COMPLETE) { 1601 struct { 1602 u8 hdr[6]; 1603 __be16 type; 1604 } __packed *shdr = (void *)((u8 *)hdr + hdrlen + pad_len); 1605 1606 if (unlikely(headlen - hdrlen < sizeof(*shdr) || 1607 !ether_addr_equal(shdr->hdr, rfc1042_header) || 1608 (shdr->type != htons(ETH_P_IP) && 1609 shdr->type != htons(ETH_P_ARP) && 1610 shdr->type != htons(ETH_P_IPV6) && 1611 shdr->type != htons(ETH_P_8021Q) && 1612 shdr->type != htons(ETH_P_PAE) && 1613 shdr->type != htons(ETH_P_TDLS)))) 1614 skb->ip_summed = CHECKSUM_NONE; 1615 } 1616 1617 fraglen = len - headlen; 1618 1619 if (fraglen) { 1620 int offset = (u8 *)hdr + headlen + pad_len - 1621 (u8 *)rxb_addr(rxb) + rxb_offset(rxb); 1622 1623 skb_add_rx_frag(skb, 0, rxb_steal_page(rxb), offset, 1624 fraglen, rxb->truesize); 1625 } 1626 1627 return 0; 1628 } 1629 1630 /* returns true if a packet is a duplicate or invalid tid and 1631 * should be dropped. Updates AMSDU PN tracking info 1632 */ 1633 VISIBLE_IF_IWLWIFI_KUNIT 1634 bool 1635 iwl_mld_is_dup(struct iwl_mld *mld, struct ieee80211_sta *sta, 1636 struct ieee80211_hdr *hdr, 1637 const struct iwl_rx_mpdu_desc *mpdu_desc, 1638 struct ieee80211_rx_status *rx_status, int queue) 1639 { 1640 struct iwl_mld_sta *mld_sta; 1641 struct iwl_mld_rxq_dup_data *dup_data; 1642 u8 tid, sub_frame_idx; 1643 1644 if (WARN_ON(!sta)) 1645 return false; 1646 1647 mld_sta = iwl_mld_sta_from_mac80211(sta); 1648 1649 if (WARN_ON_ONCE(!mld_sta->dup_data)) 1650 return false; 1651 1652 dup_data = &mld_sta->dup_data[queue]; 1653 1654 /* Drop duplicate 802.11 retransmissions 1655 * (IEEE 802.11-2020: 10.3.2.14 "Duplicate detection and recovery") 1656 */ 1657 if (ieee80211_is_ctl(hdr->frame_control) || 1658 ieee80211_is_any_nullfunc(hdr->frame_control) || 1659 is_multicast_ether_addr(hdr->addr1)) 1660 return false; 1661 1662 if (ieee80211_is_data_qos(hdr->frame_control)) { 1663 /* frame has qos control */ 1664 tid = ieee80211_get_tid(hdr); 1665 if (tid >= IWL_MAX_TID_COUNT) 1666 return true; 1667 } else { 1668 tid = IWL_MAX_TID_COUNT; 1669 } 1670 1671 /* If this wasn't a part of an A-MSDU the sub-frame index will be 0 */ 1672 sub_frame_idx = mpdu_desc->amsdu_info & 1673 IWL_RX_MPDU_AMSDU_SUBFRAME_IDX_MASK; 1674 1675 if (IWL_FW_CHECK(mld, 1676 sub_frame_idx > 0 && 1677 !(mpdu_desc->mac_flags2 & IWL_RX_MPDU_MFLG2_AMSDU), 1678 "got sub_frame_idx=%d but A-MSDU flag is not set\n", 1679 sub_frame_idx)) 1680 return true; 1681 1682 if (unlikely(ieee80211_has_retry(hdr->frame_control) && 1683 dup_data->last_seq[tid] == hdr->seq_ctrl && 1684 dup_data->last_sub_frame_idx[tid] >= sub_frame_idx)) 1685 return true; 1686 1687 /* Allow same PN as the first subframe for following sub frames */ 1688 if (dup_data->last_seq[tid] == hdr->seq_ctrl && 1689 sub_frame_idx > dup_data->last_sub_frame_idx[tid]) 1690 rx_status->flag |= RX_FLAG_ALLOW_SAME_PN; 1691 1692 dup_data->last_seq[tid] = hdr->seq_ctrl; 1693 dup_data->last_sub_frame_idx[tid] = sub_frame_idx; 1694 1695 rx_status->flag |= RX_FLAG_DUP_VALIDATED; 1696 1697 return false; 1698 } 1699 EXPORT_SYMBOL_IF_IWLWIFI_KUNIT(iwl_mld_is_dup); 1700 1701 static void iwl_mld_update_last_rx_timestamp(struct iwl_mld *mld, u8 baid) 1702 { 1703 unsigned long now = jiffies; 1704 unsigned long timeout; 1705 struct iwl_mld_baid_data *ba_data; 1706 1707 ba_data = rcu_dereference(mld->fw_id_to_ba[baid]); 1708 if (!ba_data) { 1709 IWL_DEBUG_HT(mld, "BAID %d not found in map\n", baid); 1710 return; 1711 } 1712 1713 if (!ba_data->timeout) 1714 return; 1715 1716 /* To minimize cache bouncing between RX queues, avoid frequent updates 1717 * to last_rx_timestamp. update it only when the timeout period has 1718 * passed. The worst-case scenario is the session expiring after 1719 * approximately 2 * timeout, which is negligible (the update is 1720 * atomic). 1721 */ 1722 timeout = TU_TO_JIFFIES(ba_data->timeout); 1723 if (time_is_before_jiffies(ba_data->last_rx_timestamp + timeout)) 1724 ba_data->last_rx_timestamp = now; 1725 } 1726 1727 /* Processes received packets for a station. 1728 * Sets *drop to true if the packet should be dropped. 1729 * Returns the station if found, or NULL otherwise. 1730 */ 1731 static struct ieee80211_sta * 1732 iwl_mld_rx_with_sta(struct iwl_mld *mld, struct ieee80211_hdr *hdr, 1733 struct sk_buff *skb, 1734 const struct iwl_rx_mpdu_desc *mpdu_desc, 1735 const struct iwl_rx_packet *pkt, int queue, bool *drop) 1736 { 1737 struct ieee80211_sta *sta = NULL; 1738 struct ieee80211_link_sta *link_sta = NULL; 1739 struct ieee80211_rx_status *rx_status; 1740 u8 baid; 1741 1742 if (mpdu_desc->status & cpu_to_le32(IWL_RX_MPDU_STATUS_SRC_STA_FOUND)) { 1743 u8 sta_id = le32_get_bits(mpdu_desc->status, 1744 IWL_RX_MPDU_STATUS_STA_ID); 1745 1746 if (IWL_FW_CHECK(mld, 1747 sta_id >= mld->fw->ucode_capa.num_stations, 1748 "rx_mpdu: invalid sta_id %d\n", sta_id)) 1749 return NULL; 1750 1751 link_sta = rcu_dereference(mld->fw_id_to_link_sta[sta_id]); 1752 if (!IS_ERR_OR_NULL(link_sta)) 1753 sta = link_sta->sta; 1754 } else if (!is_multicast_ether_addr(hdr->addr2)) { 1755 /* Passing NULL is fine since we prevent two stations with the 1756 * same address from being added. 1757 */ 1758 sta = ieee80211_find_sta_by_ifaddr(mld->hw, hdr->addr2, NULL); 1759 } 1760 1761 /* we may not have any station yet */ 1762 if (!sta) 1763 return NULL; 1764 1765 rx_status = IEEE80211_SKB_RXCB(skb); 1766 1767 if (link_sta && sta->valid_links) { 1768 rx_status->link_valid = true; 1769 rx_status->link_id = link_sta->link_id; 1770 } 1771 1772 /* fill checksum */ 1773 if (ieee80211_is_data(hdr->frame_control) && 1774 pkt->len_n_flags & cpu_to_le32(FH_RSCSR_RPA_EN)) { 1775 u16 hwsum = be16_to_cpu(mpdu_desc->v3.raw_xsum); 1776 1777 skb->ip_summed = CHECKSUM_COMPLETE; 1778 skb->csum = csum_unfold(~(__force __sum16)hwsum); 1779 } 1780 1781 if (iwl_mld_is_dup(mld, sta, hdr, mpdu_desc, rx_status, queue)) { 1782 IWL_DEBUG_DROP(mld, "Dropping duplicate packet 0x%x\n", 1783 le16_to_cpu(hdr->seq_ctrl)); 1784 *drop = true; 1785 return NULL; 1786 } 1787 1788 baid = le32_get_bits(mpdu_desc->reorder_data, 1789 IWL_RX_MPDU_REORDER_BAID_MASK); 1790 if (baid != IWL_RX_REORDER_DATA_INVALID_BAID) 1791 iwl_mld_update_last_rx_timestamp(mld, baid); 1792 1793 if (link_sta && ieee80211_is_data(hdr->frame_control)) { 1794 u8 sub_frame_idx = mpdu_desc->amsdu_info & 1795 IWL_RX_MPDU_AMSDU_SUBFRAME_IDX_MASK; 1796 1797 /* 0 means not an A-MSDU, and 1 means a new A-MSDU */ 1798 if (!sub_frame_idx || sub_frame_idx == 1) 1799 iwl_mld_count_mpdu_rx(link_sta, queue, 1); 1800 1801 if (!is_multicast_ether_addr(hdr->addr1)) 1802 iwl_mld_low_latency_update_counters(mld, hdr, sta, 1803 queue); 1804 } 1805 1806 return sta; 1807 } 1808 1809 static int iwl_mld_rx_mgmt_prot(struct ieee80211_sta *sta, 1810 struct ieee80211_hdr *hdr, 1811 struct ieee80211_rx_status *rx_status, 1812 u32 mpdu_status, 1813 u32 mpdu_len) 1814 { 1815 struct iwl_mld_link *link; 1816 struct wireless_dev *wdev; 1817 struct iwl_mld_sta *mld_sta; 1818 struct iwl_mld_vif *mld_vif; 1819 u8 keyidx; 1820 struct ieee80211_key_conf *key; 1821 const u8 *frame = (void *)hdr; 1822 const u8 *mmie; 1823 u8 link_id; 1824 1825 if ((mpdu_status & IWL_RX_MPDU_STATUS_SEC_MASK) == 1826 IWL_RX_MPDU_STATUS_SEC_NONE) 1827 return 0; 1828 1829 /* For non-beacon, we don't really care. But beacons may 1830 * be filtered out, and we thus need the firmware's replay 1831 * detection, otherwise beacons the firmware previously 1832 * filtered could be replayed, or something like that, and 1833 * it can filter a lot - though usually only if nothing has 1834 * changed. 1835 */ 1836 if (!ieee80211_is_beacon(hdr->frame_control)) 1837 return 0; 1838 1839 if (!sta) 1840 return -1; 1841 1842 mld_sta = iwl_mld_sta_from_mac80211(sta); 1843 mld_vif = iwl_mld_vif_from_mac80211(mld_sta->vif); 1844 1845 /* key mismatch - will also report !MIC_OK but we shouldn't count it */ 1846 if (!(mpdu_status & IWL_RX_MPDU_STATUS_KEY_VALID)) 1847 goto report; 1848 1849 /* good cases */ 1850 if (likely(mpdu_status & IWL_RX_MPDU_STATUS_MIC_OK && 1851 !(mpdu_status & IWL_RX_MPDU_STATUS_REPLAY_ERROR))) { 1852 rx_status->flag |= RX_FLAG_DECRYPTED; 1853 return 0; 1854 } 1855 1856 link_id = rx_status->link_valid ? rx_status->link_id : 0; 1857 link = rcu_dereference(mld_vif->link[link_id]); 1858 if (WARN_ON_ONCE(!link)) 1859 return -1; 1860 1861 /* both keys will have the same cipher and MIC length, use 1862 * whichever one is available 1863 */ 1864 key = rcu_dereference(link->bigtks[0]); 1865 if (!key) { 1866 key = rcu_dereference(link->bigtks[1]); 1867 if (!key) 1868 goto report; 1869 } 1870 1871 /* get the real key ID */ 1872 if (mpdu_len < key->icv_len) 1873 goto report; 1874 1875 mmie = frame + (mpdu_len - key->icv_len); 1876 1877 /* the position of the key_id in ieee80211_mmie_16 is the same */ 1878 keyidx = le16_to_cpu(((const struct ieee80211_mmie *) mmie)->key_id); 1879 1880 /* and if that's the other key, look it up */ 1881 if (keyidx != key->keyidx) { 1882 /* shouldn't happen since firmware checked, but be safe 1883 * in case the MIC length is wrong too, for example 1884 */ 1885 if (keyidx != 6 && keyidx != 7) 1886 return -1; 1887 1888 key = rcu_dereference(link->bigtks[keyidx - 6]); 1889 if (!key) 1890 goto report; 1891 } 1892 1893 /* Report status to mac80211 */ 1894 if (!(mpdu_status & IWL_RX_MPDU_STATUS_MIC_OK)) 1895 ieee80211_key_mic_failure(key); 1896 else if (mpdu_status & IWL_RX_MPDU_STATUS_REPLAY_ERROR) 1897 ieee80211_key_replay(key); 1898 report: 1899 wdev = ieee80211_vif_to_wdev(mld_sta->vif); 1900 if (wdev->netdev) 1901 cfg80211_rx_unprot_mlme_mgmt(wdev->netdev, (void *)hdr, 1902 mpdu_len); 1903 1904 return -1; 1905 } 1906 1907 static int iwl_mld_rx_crypto(struct iwl_mld *mld, 1908 struct ieee80211_sta *sta, 1909 struct ieee80211_hdr *hdr, 1910 struct ieee80211_rx_status *rx_status, 1911 struct iwl_rx_mpdu_desc *desc, int queue, 1912 u32 pkt_flags, u8 *crypto_len) 1913 { 1914 u32 status = le32_to_cpu(desc->status); 1915 1916 if (unlikely(ieee80211_is_mgmt(hdr->frame_control) && 1917 !ieee80211_has_protected(hdr->frame_control))) 1918 return iwl_mld_rx_mgmt_prot(sta, hdr, rx_status, status, 1919 le16_to_cpu(desc->mpdu_len)); 1920 1921 if (!ieee80211_has_protected(hdr->frame_control) || 1922 (status & IWL_RX_MPDU_STATUS_SEC_MASK) == 1923 IWL_RX_MPDU_STATUS_SEC_NONE) 1924 return 0; 1925 1926 switch (status & IWL_RX_MPDU_STATUS_SEC_MASK) { 1927 case IWL_RX_MPDU_STATUS_SEC_CCM: 1928 case IWL_RX_MPDU_STATUS_SEC_GCM: 1929 BUILD_BUG_ON(IEEE80211_CCMP_PN_LEN != IEEE80211_GCMP_PN_LEN); 1930 if (!(status & IWL_RX_MPDU_STATUS_MIC_OK)) { 1931 IWL_DEBUG_DROP(mld, 1932 "Dropping packet, bad MIC (CCM/GCM)\n"); 1933 return -1; 1934 } 1935 1936 rx_status->flag |= RX_FLAG_DECRYPTED | RX_FLAG_MIC_STRIPPED; 1937 *crypto_len = IEEE80211_CCMP_HDR_LEN; 1938 return 0; 1939 case IWL_RX_MPDU_STATUS_SEC_TKIP: 1940 if (!(status & IWL_RX_MPDU_STATUS_ICV_OK)) 1941 return -1; 1942 1943 if (!(status & RX_MPDU_RES_STATUS_MIC_OK)) 1944 rx_status->flag |= RX_FLAG_MMIC_ERROR; 1945 1946 if (pkt_flags & FH_RSCSR_RADA_EN) { 1947 rx_status->flag |= RX_FLAG_ICV_STRIPPED; 1948 rx_status->flag |= RX_FLAG_MMIC_STRIPPED; 1949 } 1950 1951 *crypto_len = IEEE80211_TKIP_IV_LEN; 1952 rx_status->flag |= RX_FLAG_DECRYPTED; 1953 return 0; 1954 default: 1955 break; 1956 } 1957 1958 return 0; 1959 } 1960 1961 static void iwl_mld_rx_update_ampdu_data(struct iwl_mld *mld, 1962 struct iwl_mld_rx_phy_data *phy_data, 1963 struct ieee80211_rx_status *rx_status) 1964 { 1965 u32 format = phy_data->rate_n_flags & RATE_MCS_MOD_TYPE_MSK; 1966 bool toggle_bit = 1967 phy_data->phy_info & IWL_RX_MPDU_PHY_AMPDU_TOGGLE; 1968 1969 switch (format) { 1970 case RATE_MCS_MOD_TYPE_CCK: 1971 case RATE_MCS_MOD_TYPE_LEGACY_OFDM: 1972 /* no aggregation possible */ 1973 return; 1974 case RATE_MCS_MOD_TYPE_HT: 1975 case RATE_MCS_MOD_TYPE_VHT: 1976 /* single frames are not A-MPDU format */ 1977 if (!(phy_data->phy_info & IWL_RX_MPDU_PHY_AMPDU)) 1978 return; 1979 break; 1980 default: 1981 /* HE/EHT/UHR have A-MPDU format for single frames */ 1982 if (!(phy_data->phy_info & IWL_RX_MPDU_PHY_AMPDU)) { 1983 rx_status->flag |= RX_FLAG_AMPDU_DETAILS; 1984 rx_status->flag |= RX_FLAG_AMPDU_EOF_BIT_KNOWN; 1985 if (phy_data->phy_info & IWL_RX_MPDU_PHY_EOF_INDICATION) 1986 rx_status->flag |= RX_FLAG_AMPDU_EOF_BIT; 1987 return; 1988 } 1989 } 1990 1991 rx_status->flag |= RX_FLAG_AMPDU_DETAILS; 1992 /* Toggle is switched whenever new aggregation starts. Make 1993 * sure ampdu_reference is never 0 so we can later use it to 1994 * see if the frame was really part of an A-MPDU or not. 1995 */ 1996 if (toggle_bit != mld->monitor.ampdu_toggle) { 1997 mld->monitor.ampdu_ref++; 1998 if (mld->monitor.ampdu_ref == 0) 1999 mld->monitor.ampdu_ref++; 2000 mld->monitor.ampdu_toggle = toggle_bit; 2001 phy_data->first_subframe = true; 2002 2003 /* report EOF bit on the first subframe */ 2004 rx_status->flag |= RX_FLAG_AMPDU_EOF_BIT_KNOWN; 2005 if (phy_data->phy_info & IWL_RX_MPDU_PHY_EOF_INDICATION) 2006 rx_status->flag |= RX_FLAG_AMPDU_EOF_BIT; 2007 } 2008 rx_status->ampdu_reference = mld->monitor.ampdu_ref; 2009 } 2010 2011 static void 2012 iwl_mld_fill_rx_status_band_freq(struct ieee80211_rx_status *rx_status, 2013 u8 band, u8 channel) 2014 { 2015 rx_status->band = iwl_mld_phy_band_to_nl80211(band); 2016 rx_status->freq = ieee80211_channel_to_frequency(channel, 2017 rx_status->band); 2018 } 2019 2020 void iwl_mld_rx_mpdu(struct iwl_mld *mld, struct napi_struct *napi, 2021 struct iwl_rx_cmd_buffer *rxb, int queue) 2022 { 2023 struct iwl_rx_packet *pkt = rxb_addr(rxb); 2024 struct iwl_mld_rx_phy_data phy_data = {}; 2025 struct iwl_rx_mpdu_desc *mpdu_desc = (void *)pkt->data; 2026 struct ieee80211_sta *sta; 2027 struct ieee80211_hdr *hdr; 2028 struct sk_buff *skb; 2029 size_t mpdu_desc_size = sizeof(*mpdu_desc); 2030 bool drop = false; 2031 u8 crypto_len = 0, band, link_id; 2032 u32 pkt_len = iwl_rx_packet_payload_len(pkt); 2033 u32 mpdu_len; 2034 enum iwl_mld_reorder_result reorder_res; 2035 struct ieee80211_rx_status *rx_status; 2036 unsigned int alloc_size = 128; 2037 2038 if (unlikely(mld->fw_status.in_hw_restart)) 2039 return; 2040 2041 if (IWL_FW_CHECK(mld, pkt_len < mpdu_desc_size, 2042 "Bad REPLY_RX_MPDU_CMD size (%d)\n", pkt_len)) 2043 return; 2044 2045 mpdu_len = le16_to_cpu(mpdu_desc->mpdu_len); 2046 2047 if (IWL_FW_CHECK(mld, mpdu_len + mpdu_desc_size > pkt_len, 2048 "FW lied about packet len (%d)\n", pkt_len)) 2049 return; 2050 2051 iwl_mld_fill_phy_data_from_mpdu(mld, mpdu_desc, &phy_data); 2052 2053 /* Don't use dev_alloc_skb(), we'll have enough headroom once 2054 * ieee80211_hdr pulled. 2055 * 2056 * For monitor mode we need more space to include the full PHY 2057 * notification data. 2058 */ 2059 if (unlikely(mld->monitor.on) && phy_data.ntfy) 2060 alloc_size += sizeof(struct iwl_rx_phy_air_sniffer_ntfy); 2061 skb = alloc_skb(alloc_size, GFP_ATOMIC); 2062 if (!skb) { 2063 IWL_ERR(mld, "alloc_skb failed\n"); 2064 return; 2065 } 2066 2067 hdr = (void *)(pkt->data + mpdu_desc_size); 2068 2069 if (mpdu_desc->mac_flags2 & IWL_RX_MPDU_MFLG2_PAD) { 2070 /* If the device inserted padding it means that (it thought) 2071 * the 802.11 header wasn't a multiple of 4 bytes long. In 2072 * this case, reserve two bytes at the start of the SKB to 2073 * align the payload properly in case we end up copying it. 2074 */ 2075 skb_reserve(skb, 2); 2076 } 2077 2078 rx_status = IEEE80211_SKB_RXCB(skb); 2079 2080 /* this is needed early */ 2081 band = u8_get_bits(mpdu_desc->mac_phy_band, 2082 IWL_RX_MPDU_MAC_PHY_BAND_BAND_MASK); 2083 iwl_mld_fill_rx_status_band_freq(rx_status, band, 2084 mpdu_desc->v3.channel); 2085 2086 2087 rcu_read_lock(); 2088 2089 sta = iwl_mld_rx_with_sta(mld, hdr, skb, mpdu_desc, pkt, queue, &drop); 2090 if (drop) 2091 goto drop; 2092 2093 if (unlikely(mld->monitor.on)) 2094 iwl_mld_rx_update_ampdu_data(mld, &phy_data, rx_status); 2095 2096 /* Keep packets with CRC errors (and with overrun) for monitor mode 2097 * (otherwise the firmware discards them) but mark them as bad. 2098 */ 2099 if (!(mpdu_desc->status & cpu_to_le32(IWL_RX_MPDU_STATUS_CRC_OK)) || 2100 !(mpdu_desc->status & cpu_to_le32(IWL_RX_MPDU_STATUS_OVERRUN_OK))) { 2101 IWL_DEBUG_RX(mld, "Bad CRC or FIFO: 0x%08X.\n", 2102 le32_to_cpu(mpdu_desc->status)); 2103 rx_status->flag |= RX_FLAG_FAILED_FCS_CRC; 2104 } 2105 2106 if (likely(!(phy_data.phy_info & IWL_RX_MPDU_PHY_TSF_OVERLOAD))) { 2107 rx_status->mactime = 2108 le64_to_cpu(mpdu_desc->v3.tsf_on_air_rise); 2109 2110 /* TSF as indicated by the firmware is at INA time */ 2111 rx_status->flag |= RX_FLAG_MACTIME_PLCP_START; 2112 } 2113 2114 /* management stuff on default queue */ 2115 if (!queue && unlikely(ieee80211_is_beacon(hdr->frame_control) || 2116 ieee80211_is_probe_resp(hdr->frame_control))) { 2117 rx_status->boottime_ns = ktime_get_boottime_ns(); 2118 2119 if (mld->scan.pass_all_sched_res == 2120 SCHED_SCAN_PASS_ALL_STATE_ENABLED) 2121 mld->scan.pass_all_sched_res = 2122 SCHED_SCAN_PASS_ALL_STATE_FOUND; 2123 } 2124 2125 link_id = u8_get_bits(mpdu_desc->mac_phy_band, 2126 IWL_RX_MPDU_MAC_PHY_BAND_LINK_MASK); 2127 2128 iwl_mld_rx_fill_status(mld, link_id, hdr, skb, &phy_data); 2129 2130 if (iwl_mld_rx_crypto(mld, sta, hdr, rx_status, mpdu_desc, queue, 2131 le32_to_cpu(pkt->len_n_flags), &crypto_len)) 2132 goto drop; 2133 2134 if (iwl_mld_build_rx_skb(mld, skb, hdr, mpdu_len, crypto_len, rxb)) 2135 goto drop; 2136 2137 /* time sync frame is saved and will be released later when the 2138 * notification with the timestamps arrives. 2139 */ 2140 if (iwl_mld_time_sync_frame(mld, skb, hdr->addr2)) 2141 goto out; 2142 2143 reorder_res = iwl_mld_reorder(mld, napi, queue, sta, skb, mpdu_desc); 2144 switch (reorder_res) { 2145 case IWL_MLD_PASS_SKB: 2146 break; 2147 case IWL_MLD_DROP_SKB: 2148 goto drop; 2149 case IWL_MLD_BUFFERED_SKB: 2150 goto out; 2151 default: 2152 WARN_ON(1); 2153 goto drop; 2154 } 2155 2156 iwl_mld_pass_packet_to_mac80211(mld, napi, skb, queue, sta); 2157 2158 goto out; 2159 2160 drop: 2161 kfree_skb(skb); 2162 out: 2163 rcu_read_unlock(); 2164 } 2165 2166 #define SYNC_RX_QUEUE_TIMEOUT (HZ) 2167 void iwl_mld_sync_rx_queues(struct iwl_mld *mld, 2168 enum iwl_mld_internal_rxq_notif_type type, 2169 const void *notif_payload, u32 notif_payload_size) 2170 { 2171 u8 num_rx_queues = mld->trans->info.num_rxqs; 2172 struct { 2173 struct iwl_rxq_sync_cmd sync_cmd; 2174 struct iwl_mld_internal_rxq_notif notif; 2175 } __packed cmd = { 2176 .sync_cmd.rxq_mask = cpu_to_le32(BIT(num_rx_queues) - 1), 2177 .sync_cmd.count = 2178 cpu_to_le32(sizeof(struct iwl_mld_internal_rxq_notif) + 2179 notif_payload_size), 2180 .notif.type = type, 2181 .notif.cookie = mld->rxq_sync.cookie, 2182 }; 2183 struct iwl_host_cmd hcmd = { 2184 .id = WIDE_ID(DATA_PATH_GROUP, TRIGGER_RX_QUEUES_NOTIF_CMD), 2185 .data[0] = &cmd, 2186 .len[0] = sizeof(cmd), 2187 .data[1] = notif_payload, 2188 .len[1] = notif_payload_size, 2189 }; 2190 int ret; 2191 2192 /* size must be a multiple of DWORD */ 2193 if (WARN_ON(cmd.sync_cmd.count & cpu_to_le32(3))) 2194 return; 2195 2196 mld->rxq_sync.state = (1 << num_rx_queues) - 1; 2197 2198 ret = iwl_mld_send_cmd(mld, &hcmd); 2199 if (ret) { 2200 IWL_ERR(mld, "Failed to trigger RX queues sync (%d)\n", ret); 2201 goto out; 2202 } 2203 2204 ret = wait_event_timeout(mld->rxq_sync.waitq, 2205 READ_ONCE(mld->rxq_sync.state) == 0, 2206 SYNC_RX_QUEUE_TIMEOUT); 2207 WARN_ONCE(!ret, "RXQ sync failed: state=0x%lx, cookie=%d\n", 2208 mld->rxq_sync.state, mld->rxq_sync.cookie); 2209 2210 out: 2211 mld->rxq_sync.state = 0; 2212 mld->rxq_sync.cookie++; 2213 } 2214 2215 void iwl_mld_handle_rx_queues_sync_notif(struct iwl_mld *mld, 2216 struct napi_struct *napi, 2217 struct iwl_rx_packet *pkt, int queue) 2218 { 2219 struct iwl_rxq_sync_notification *notif; 2220 struct iwl_mld_internal_rxq_notif *internal_notif; 2221 u32 len = iwl_rx_packet_payload_len(pkt); 2222 size_t combined_notif_len = sizeof(*notif) + sizeof(*internal_notif); 2223 2224 notif = (void *)pkt->data; 2225 internal_notif = (void *)notif->payload; 2226 2227 if (IWL_FW_CHECK(mld, len < combined_notif_len, 2228 "invalid notification size %u (%zu)\n", 2229 len, combined_notif_len)) 2230 return; 2231 2232 len -= combined_notif_len; 2233 2234 if (IWL_FW_CHECK(mld, mld->rxq_sync.cookie != internal_notif->cookie, 2235 "received expired RX queue sync message (cookie=%d expected=%d q[%d])\n", 2236 internal_notif->cookie, mld->rxq_sync.cookie, queue)) 2237 return; 2238 2239 switch (internal_notif->type) { 2240 case IWL_MLD_RXQ_EMPTY: 2241 IWL_FW_CHECK(mld, len, 2242 "invalid empty notification size %d\n", len); 2243 break; 2244 case IWL_MLD_RXQ_NOTIF_DEL_BA: 2245 if (IWL_FW_CHECK(mld, len != sizeof(struct iwl_mld_delba_data), 2246 "invalid delba notification size %u (%zu)\n", 2247 len, sizeof(struct iwl_mld_delba_data))) 2248 break; 2249 iwl_mld_del_ba(mld, queue, (void *)internal_notif->payload); 2250 break; 2251 default: 2252 WARN_ON_ONCE(1); 2253 } 2254 2255 IWL_FW_CHECK(mld, !test_and_clear_bit(queue, &mld->rxq_sync.state), 2256 "RXQ sync: queue %d responded a second time!\n", queue); 2257 2258 if (READ_ONCE(mld->rxq_sync.state) == 0) 2259 wake_up(&mld->rxq_sync.waitq); 2260 } 2261 2262 static void iwl_mld_no_data_rx(struct iwl_mld *mld, 2263 struct napi_struct *napi, 2264 struct iwl_rx_phy_air_sniffer_ntfy *ntfy) 2265 { 2266 struct ieee80211_rx_status *rx_status; 2267 struct iwl_mld_rx_phy_data phy_data = { 2268 .ntfy = ntfy, 2269 .phy_info = 0, /* short preamble set below */ 2270 .rate_n_flags = le32_to_cpu(ntfy->rate), 2271 .gp2_on_air_rise = le32_to_cpu(ntfy->on_air_rise_time), 2272 .energy_a = ntfy->rssi_a, 2273 .energy_b = ntfy->rssi_b, 2274 }; 2275 u32 format = phy_data.rate_n_flags & RATE_MCS_MOD_TYPE_MSK; 2276 struct sk_buff *skb; 2277 2278 skb = alloc_skb(128 + sizeof(struct iwl_rx_phy_air_sniffer_ntfy), 2279 GFP_ATOMIC); 2280 if (!skb) 2281 return; 2282 2283 rx_status = IEEE80211_SKB_RXCB(skb); 2284 2285 /* 0-length PSDU */ 2286 rx_status->flag |= RX_FLAG_NO_PSDU; 2287 2288 switch (ntfy->status) { 2289 case IWL_SNIF_STAT_PLCP_RX_OK: 2290 /* we only get here with sounding PPDUs */ 2291 rx_status->zero_length_psdu_type = 2292 IEEE80211_RADIOTAP_ZERO_LEN_PSDU_SOUNDING; 2293 break; 2294 case IWL_SNIF_STAT_AID_NOT_FOR_US: 2295 rx_status->zero_length_psdu_type = 2296 IEEE80211_RADIOTAP_ZERO_LEN_PSDU_NOT_CAPTURED; 2297 break; 2298 case IWL_SNIF_STAT_PLCP_RX_LSIG_ERR: 2299 case IWL_SNIF_STAT_PLCP_RX_SIGA_ERR: 2300 case IWL_SNIF_STAT_PLCP_RX_SIGB_ERR: 2301 case IWL_SNIF_STAT_UNKNOWN_ERROR: 2302 default: 2303 rx_status->flag |= RX_FLAG_FAILED_PLCP_CRC; 2304 fallthrough; 2305 case IWL_SNIF_STAT_UNEXPECTED_TB: 2306 case IWL_SNIF_STAT_UNSUPPORTED_RATE: 2307 rx_status->zero_length_psdu_type = 2308 IEEE80211_RADIOTAP_ZERO_LEN_PSDU_VENDOR; 2309 /* we could include the real reason in a vendor TLV */ 2310 } 2311 2312 if (format == RATE_MCS_MOD_TYPE_CCK && 2313 ntfy->legacy_sig.cck & cpu_to_le32(CCK_CRFR_SHORT_PREAMBLE)) 2314 phy_data.phy_info |= IWL_RX_MPDU_PHY_SHORT_PREAMBLE; 2315 2316 iwl_mld_fill_rx_status_band_freq(IEEE80211_SKB_RXCB(skb), 2317 ntfy->band, ntfy->channel); 2318 2319 /* link ID is ignored for NULL header */ 2320 iwl_mld_rx_fill_status(mld, -1, NULL, skb, &phy_data); 2321 2322 /* No more radiotap info should be added after this point. 2323 * Mark it as mac header for upper layers to know where 2324 * the radiotap header ends. 2325 */ 2326 skb_set_mac_header(skb, skb->len); 2327 2328 /* pass the packet to mac80211 */ 2329 rcu_read_lock(); 2330 ieee80211_rx_napi(mld->hw, NULL, skb, napi); 2331 rcu_read_unlock(); 2332 } 2333 2334 void iwl_mld_handle_phy_air_sniffer_notif(struct iwl_mld *mld, 2335 struct napi_struct *napi, 2336 struct iwl_rx_packet *pkt) 2337 { 2338 struct iwl_rx_phy_air_sniffer_ntfy *ntfy = (void *)pkt->data; 2339 bool is_ndp = false; 2340 u32 he_type; 2341 2342 if (IWL_FW_CHECK(mld, iwl_rx_packet_payload_len(pkt) < sizeof(*ntfy), 2343 "invalid air sniffer notification size\n")) 2344 return; 2345 2346 /* check if there's an old one to release as errored */ 2347 if (mld->monitor.phy.valid && !mld->monitor.phy.used) { 2348 /* didn't capture data, so override status */ 2349 mld->monitor.phy.data.status = IWL_SNIF_STAT_AID_NOT_FOR_US; 2350 iwl_mld_no_data_rx(mld, napi, &mld->monitor.phy.data); 2351 } 2352 2353 /* old data is no longer valid now */ 2354 mld->monitor.phy.valid = false; 2355 2356 he_type = le32_to_cpu(ntfy->rate) & RATE_MCS_HE_TYPE_MSK; 2357 2358 switch (le32_to_cpu(ntfy->rate) & RATE_MCS_MOD_TYPE_MSK) { 2359 case RATE_MCS_MOD_TYPE_HT: 2360 is_ndp = !le32_get_bits(ntfy->sigs.ht.a1, 2361 OFDM_RX_FRAME_HT_LENGTH); 2362 break; 2363 case RATE_MCS_MOD_TYPE_VHT: 2364 is_ndp = le32_get_bits(ntfy->sigs.vht.a0, 2365 OFDM_RX_FRAME_VHT_NUM_OF_DATA_SYM_VALID) && 2366 !le32_get_bits(ntfy->sigs.vht.a0, 2367 OFDM_RX_FRAME_VHT_NUM_OF_DATA_SYM); 2368 break; 2369 case RATE_MCS_MOD_TYPE_HE: 2370 if (he_type == RATE_MCS_HE_TYPE_TRIG) 2371 break; 2372 is_ndp = le32_get_bits(ntfy->sigs.he.a3, 2373 OFDM_RX_FRAME_HE_NUM_OF_DATA_SYM_VALID) && 2374 !le32_get_bits(ntfy->sigs.he.a3, 2375 OFDM_RX_FRAME_HE_NUM_OF_DATA_SYM); 2376 break; 2377 case RATE_MCS_MOD_TYPE_EHT: 2378 if (he_type == RATE_MCS_HE_TYPE_TRIG) 2379 break; 2380 is_ndp = le32_get_bits(ntfy->sigs.eht.sig2, 2381 OFDM_RX_FRAME_EHT_NUM_OF_DATA_SYM_VALID) && 2382 !le32_get_bits(ntfy->sigs.eht.sig2, 2383 OFDM_RX_FRAME_EHT_NUM_OF_DATA_SYM); 2384 break; 2385 } 2386 2387 if (ntfy->status != IWL_SNIF_STAT_PLCP_RX_OK || is_ndp) { 2388 iwl_mld_no_data_rx(mld, napi, ntfy); 2389 return; 2390 } 2391 2392 /* hang on to it for the RX_MPDU data packet(s) */ 2393 mld->monitor.phy.data = *ntfy; 2394 mld->monitor.phy.valid = true; 2395 mld->monitor.phy.used = false; 2396 } 2397