1 // SPDX-License-Identifier: GPL-2.0 OR BSD-3-Clause 2 /* 3 * Copyright (C) 2024-2025 Intel Corporation 4 */ 5 6 #include <net/mac80211.h> 7 #include <kunit/static_stub.h> 8 9 #include "mld.h" 10 #include "sta.h" 11 #include "agg.h" 12 #include "rx.h" 13 #include "hcmd.h" 14 #include "iface.h" 15 #include "time_sync.h" 16 #include "fw/dbg.h" 17 #include "fw/api/rx.h" 18 19 /* stores relevant PHY data fields extracted from iwl_rx_mpdu_desc */ 20 struct iwl_mld_rx_phy_data { 21 enum iwl_rx_phy_info_type info_type; 22 __le32 data0; 23 __le32 data1; 24 __le32 data2; 25 __le32 data3; 26 __le32 eht_data4; 27 __le32 data5; 28 __le16 data4; 29 bool first_subframe; 30 bool with_data; 31 __le32 rx_vec[4]; 32 u32 rate_n_flags; 33 u32 gp2_on_air_rise; 34 u16 phy_info; 35 u8 energy_a, energy_b; 36 }; 37 38 static void 39 iwl_mld_fill_phy_data(struct iwl_mld *mld, 40 struct iwl_rx_mpdu_desc *desc, 41 struct iwl_mld_rx_phy_data *phy_data) 42 { 43 phy_data->phy_info = le16_to_cpu(desc->phy_info); 44 phy_data->rate_n_flags = iwl_v3_rate_from_v2_v3(desc->v3.rate_n_flags, 45 mld->fw_rates_ver_3); 46 phy_data->gp2_on_air_rise = le32_to_cpu(desc->v3.gp2_on_air_rise); 47 phy_data->energy_a = desc->v3.energy_a; 48 phy_data->energy_b = desc->v3.energy_b; 49 phy_data->data0 = desc->v3.phy_data0; 50 phy_data->data1 = desc->v3.phy_data1; 51 phy_data->data2 = desc->v3.phy_data2; 52 phy_data->data3 = desc->v3.phy_data3; 53 phy_data->data4 = desc->phy_data4; 54 phy_data->eht_data4 = desc->phy_eht_data4; 55 phy_data->data5 = desc->v3.phy_data5; 56 phy_data->with_data = true; 57 } 58 59 static inline int iwl_mld_check_pn(struct iwl_mld *mld, struct sk_buff *skb, 60 int queue, struct ieee80211_sta *sta) 61 { 62 struct ieee80211_hdr *hdr = (void *)skb_mac_header(skb); 63 struct ieee80211_rx_status *stats = IEEE80211_SKB_RXCB(skb); 64 struct iwl_mld_sta *mld_sta; 65 struct iwl_mld_ptk_pn *ptk_pn; 66 int res; 67 u8 tid, keyidx; 68 u8 pn[IEEE80211_CCMP_PN_LEN]; 69 u8 *extiv; 70 71 /* multicast and non-data only arrives on default queue; avoid checking 72 * for default queue - we don't want to replicate all the logic that's 73 * necessary for checking the PN on fragmented frames, leave that 74 * to mac80211 75 */ 76 if (queue == 0 || !ieee80211_is_data(hdr->frame_control) || 77 is_multicast_ether_addr(hdr->addr1)) 78 return 0; 79 80 if (!(stats->flag & RX_FLAG_DECRYPTED)) 81 return 0; 82 83 /* if we are here - this for sure is either CCMP or GCMP */ 84 if (!sta) { 85 IWL_DEBUG_DROP(mld, 86 "expected hw-decrypted unicast frame for station\n"); 87 return -1; 88 } 89 90 mld_sta = iwl_mld_sta_from_mac80211(sta); 91 92 extiv = (u8 *)hdr + ieee80211_hdrlen(hdr->frame_control); 93 keyidx = extiv[3] >> 6; 94 95 ptk_pn = rcu_dereference(mld_sta->ptk_pn[keyidx]); 96 if (!ptk_pn) 97 return -1; 98 99 if (ieee80211_is_data_qos(hdr->frame_control)) 100 tid = ieee80211_get_tid(hdr); 101 else 102 tid = 0; 103 104 /* we don't use HCCA/802.11 QoS TSPECs, so drop such frames */ 105 if (tid >= IWL_MAX_TID_COUNT) 106 return -1; 107 108 /* load pn */ 109 pn[0] = extiv[7]; 110 pn[1] = extiv[6]; 111 pn[2] = extiv[5]; 112 pn[3] = extiv[4]; 113 pn[4] = extiv[1]; 114 pn[5] = extiv[0]; 115 116 res = memcmp(pn, ptk_pn->q[queue].pn[tid], IEEE80211_CCMP_PN_LEN); 117 if (res < 0) 118 return -1; 119 if (!res && !(stats->flag & RX_FLAG_ALLOW_SAME_PN)) 120 return -1; 121 122 memcpy(ptk_pn->q[queue].pn[tid], pn, IEEE80211_CCMP_PN_LEN); 123 stats->flag |= RX_FLAG_PN_VALIDATED; 124 125 return 0; 126 } 127 128 /* iwl_mld_pass_packet_to_mac80211 - passes the packet for mac80211 */ 129 void iwl_mld_pass_packet_to_mac80211(struct iwl_mld *mld, 130 struct napi_struct *napi, 131 struct sk_buff *skb, int queue, 132 struct ieee80211_sta *sta) 133 { 134 KUNIT_STATIC_STUB_REDIRECT(iwl_mld_pass_packet_to_mac80211, 135 mld, napi, skb, queue, sta); 136 137 if (unlikely(iwl_mld_check_pn(mld, skb, queue, sta))) { 138 kfree_skb(skb); 139 return; 140 } 141 142 ieee80211_rx_napi(mld->hw, sta, skb, napi); 143 } 144 EXPORT_SYMBOL_IF_IWLWIFI_KUNIT(iwl_mld_pass_packet_to_mac80211); 145 146 static bool iwl_mld_used_average_energy(struct iwl_mld *mld, int link_id, 147 struct ieee80211_hdr *hdr, 148 struct ieee80211_rx_status *rx_status) 149 { 150 struct ieee80211_bss_conf *link_conf; 151 struct iwl_mld_link *mld_link; 152 153 if (unlikely(!hdr || link_id < 0)) 154 return false; 155 156 if (likely(!ieee80211_is_beacon(hdr->frame_control))) 157 return false; 158 159 /* 160 * if link ID is >= valid ones then that means the RX 161 * was on the AUX link and no correction is needed 162 */ 163 if (link_id >= mld->fw->ucode_capa.num_links) 164 return false; 165 166 /* for the link conf lookup */ 167 guard(rcu)(); 168 169 link_conf = rcu_dereference(mld->fw_id_to_bss_conf[link_id]); 170 if (!link_conf) 171 return false; 172 173 mld_link = iwl_mld_link_from_mac80211(link_conf); 174 if (!mld_link) 175 return false; 176 177 /* 178 * If we know the link by link ID then the frame was 179 * received for the link, so by filtering it means it 180 * was from the AP the link is connected to. 181 */ 182 183 /* skip also in case we don't have it (yet) */ 184 if (!mld_link->average_beacon_energy) 185 return false; 186 187 IWL_DEBUG_STATS(mld, "energy override by average %d\n", 188 mld_link->average_beacon_energy); 189 rx_status->signal = -mld_link->average_beacon_energy; 190 return true; 191 } 192 193 static void iwl_mld_fill_signal(struct iwl_mld *mld, int link_id, 194 struct ieee80211_hdr *hdr, 195 struct ieee80211_rx_status *rx_status, 196 struct iwl_mld_rx_phy_data *phy_data) 197 { 198 u32 rate_n_flags = phy_data->rate_n_flags; 199 int energy_a = phy_data->energy_a; 200 int energy_b = phy_data->energy_b; 201 int max_energy; 202 203 energy_a = energy_a ? -energy_a : S8_MIN; 204 energy_b = energy_b ? -energy_b : S8_MIN; 205 max_energy = max(energy_a, energy_b); 206 207 IWL_DEBUG_STATS(mld, "energy in A %d B %d, and max %d\n", 208 energy_a, energy_b, max_energy); 209 210 if (iwl_mld_used_average_energy(mld, link_id, hdr, rx_status)) 211 return; 212 213 rx_status->signal = max_energy; 214 rx_status->chains = u32_get_bits(rate_n_flags, RATE_MCS_ANT_AB_MSK); 215 rx_status->chain_signal[0] = energy_a; 216 rx_status->chain_signal[1] = energy_b; 217 } 218 219 static void 220 iwl_mld_decode_he_phy_ru_alloc(struct iwl_mld_rx_phy_data *phy_data, 221 struct ieee80211_radiotap_he *he, 222 struct ieee80211_radiotap_he_mu *he_mu, 223 struct ieee80211_rx_status *rx_status) 224 { 225 /* Unfortunately, we have to leave the mac80211 data 226 * incorrect for the case that we receive an HE-MU 227 * transmission and *don't* have the HE phy data (due 228 * to the bits being used for TSF). This shouldn't 229 * happen though as management frames where we need 230 * the TSF/timers are not be transmitted in HE-MU. 231 */ 232 u8 ru = le32_get_bits(phy_data->data1, IWL_RX_PHY_DATA1_HE_RU_ALLOC_MASK); 233 u32 rate_n_flags = phy_data->rate_n_flags; 234 u32 he_type = rate_n_flags & RATE_MCS_HE_TYPE_MSK; 235 u8 offs = 0; 236 237 rx_status->bw = RATE_INFO_BW_HE_RU; 238 239 he->data1 |= cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA1_BW_RU_ALLOC_KNOWN); 240 241 switch (ru) { 242 case 0 ... 36: 243 rx_status->he_ru = NL80211_RATE_INFO_HE_RU_ALLOC_26; 244 offs = ru; 245 break; 246 case 37 ... 52: 247 rx_status->he_ru = NL80211_RATE_INFO_HE_RU_ALLOC_52; 248 offs = ru - 37; 249 break; 250 case 53 ... 60: 251 rx_status->he_ru = NL80211_RATE_INFO_HE_RU_ALLOC_106; 252 offs = ru - 53; 253 break; 254 case 61 ... 64: 255 rx_status->he_ru = NL80211_RATE_INFO_HE_RU_ALLOC_242; 256 offs = ru - 61; 257 break; 258 case 65 ... 66: 259 rx_status->he_ru = NL80211_RATE_INFO_HE_RU_ALLOC_484; 260 offs = ru - 65; 261 break; 262 case 67: 263 rx_status->he_ru = NL80211_RATE_INFO_HE_RU_ALLOC_996; 264 break; 265 case 68: 266 rx_status->he_ru = NL80211_RATE_INFO_HE_RU_ALLOC_2x996; 267 break; 268 } 269 he->data2 |= le16_encode_bits(offs, 270 IEEE80211_RADIOTAP_HE_DATA2_RU_OFFSET); 271 he->data2 |= cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA2_PRISEC_80_KNOWN | 272 IEEE80211_RADIOTAP_HE_DATA2_RU_OFFSET_KNOWN); 273 if (phy_data->data1 & cpu_to_le32(IWL_RX_PHY_DATA1_HE_RU_ALLOC_SEC80)) 274 he->data2 |= 275 cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA2_PRISEC_80_SEC); 276 277 #define CHECK_BW(bw) \ 278 BUILD_BUG_ON(IEEE80211_RADIOTAP_HE_MU_FLAGS2_BW_FROM_SIG_A_BW_ ## bw ## MHZ != \ 279 RATE_MCS_CHAN_WIDTH_##bw >> RATE_MCS_CHAN_WIDTH_POS); \ 280 BUILD_BUG_ON(IEEE80211_RADIOTAP_HE_DATA6_TB_PPDU_BW_ ## bw ## MHZ != \ 281 RATE_MCS_CHAN_WIDTH_##bw >> RATE_MCS_CHAN_WIDTH_POS) 282 CHECK_BW(20); 283 CHECK_BW(40); 284 CHECK_BW(80); 285 CHECK_BW(160); 286 287 if (he_mu) 288 he_mu->flags2 |= 289 le16_encode_bits(u32_get_bits(rate_n_flags, 290 RATE_MCS_CHAN_WIDTH_MSK), 291 IEEE80211_RADIOTAP_HE_MU_FLAGS2_BW_FROM_SIG_A_BW); 292 else if (he_type == RATE_MCS_HE_TYPE_TRIG) 293 he->data6 |= 294 cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA6_TB_PPDU_BW_KNOWN) | 295 le16_encode_bits(u32_get_bits(rate_n_flags, 296 RATE_MCS_CHAN_WIDTH_MSK), 297 IEEE80211_RADIOTAP_HE_DATA6_TB_PPDU_BW); 298 } 299 300 static void 301 iwl_mld_decode_he_mu_ext(struct iwl_mld_rx_phy_data *phy_data, 302 struct ieee80211_radiotap_he_mu *he_mu) 303 { 304 u32 phy_data2 = le32_to_cpu(phy_data->data2); 305 u32 phy_data3 = le32_to_cpu(phy_data->data3); 306 u16 phy_data4 = le16_to_cpu(phy_data->data4); 307 u32 rate_n_flags = phy_data->rate_n_flags; 308 309 if (u32_get_bits(phy_data4, IWL_RX_PHY_DATA4_HE_MU_EXT_CH1_CRC_OK)) { 310 he_mu->flags1 |= 311 cpu_to_le16(IEEE80211_RADIOTAP_HE_MU_FLAGS1_CH1_RU_KNOWN | 312 IEEE80211_RADIOTAP_HE_MU_FLAGS1_CH1_CTR_26T_RU_KNOWN); 313 314 he_mu->flags1 |= 315 le16_encode_bits(u32_get_bits(phy_data4, 316 IWL_RX_PHY_DATA4_HE_MU_EXT_CH1_CTR_RU), 317 IEEE80211_RADIOTAP_HE_MU_FLAGS1_CH1_CTR_26T_RU); 318 319 he_mu->ru_ch1[0] = u32_get_bits(phy_data2, 320 IWL_RX_PHY_DATA2_HE_MU_EXT_CH1_RU0); 321 he_mu->ru_ch1[1] = u32_get_bits(phy_data3, 322 IWL_RX_PHY_DATA3_HE_MU_EXT_CH1_RU1); 323 he_mu->ru_ch1[2] = u32_get_bits(phy_data2, 324 IWL_RX_PHY_DATA2_HE_MU_EXT_CH1_RU2); 325 he_mu->ru_ch1[3] = u32_get_bits(phy_data3, 326 IWL_RX_PHY_DATA3_HE_MU_EXT_CH1_RU3); 327 } 328 329 if (u32_get_bits(phy_data4, IWL_RX_PHY_DATA4_HE_MU_EXT_CH2_CRC_OK) && 330 (rate_n_flags & RATE_MCS_CHAN_WIDTH_MSK) != RATE_MCS_CHAN_WIDTH_20) { 331 he_mu->flags1 |= 332 cpu_to_le16(IEEE80211_RADIOTAP_HE_MU_FLAGS1_CH2_RU_KNOWN | 333 IEEE80211_RADIOTAP_HE_MU_FLAGS1_CH2_CTR_26T_RU_KNOWN); 334 335 he_mu->flags2 |= 336 le16_encode_bits(u32_get_bits(phy_data4, 337 IWL_RX_PHY_DATA4_HE_MU_EXT_CH2_CTR_RU), 338 IEEE80211_RADIOTAP_HE_MU_FLAGS2_CH2_CTR_26T_RU); 339 340 he_mu->ru_ch2[0] = u32_get_bits(phy_data2, 341 IWL_RX_PHY_DATA2_HE_MU_EXT_CH2_RU0); 342 he_mu->ru_ch2[1] = u32_get_bits(phy_data3, 343 IWL_RX_PHY_DATA3_HE_MU_EXT_CH2_RU1); 344 he_mu->ru_ch2[2] = u32_get_bits(phy_data2, 345 IWL_RX_PHY_DATA2_HE_MU_EXT_CH2_RU2); 346 he_mu->ru_ch2[3] = u32_get_bits(phy_data3, 347 IWL_RX_PHY_DATA3_HE_MU_EXT_CH2_RU3); 348 } 349 } 350 351 static void 352 iwl_mld_decode_he_phy_data(struct iwl_mld_rx_phy_data *phy_data, 353 struct ieee80211_radiotap_he *he, 354 struct ieee80211_radiotap_he_mu *he_mu, 355 struct ieee80211_rx_status *rx_status, 356 int queue) 357 { 358 switch (phy_data->info_type) { 359 case IWL_RX_PHY_INFO_TYPE_NONE: 360 case IWL_RX_PHY_INFO_TYPE_CCK: 361 case IWL_RX_PHY_INFO_TYPE_OFDM_LGCY: 362 case IWL_RX_PHY_INFO_TYPE_HT: 363 case IWL_RX_PHY_INFO_TYPE_VHT_SU: 364 case IWL_RX_PHY_INFO_TYPE_VHT_MU: 365 case IWL_RX_PHY_INFO_TYPE_EHT_MU: 366 case IWL_RX_PHY_INFO_TYPE_EHT_TB: 367 case IWL_RX_PHY_INFO_TYPE_EHT_MU_EXT: 368 case IWL_RX_PHY_INFO_TYPE_EHT_TB_EXT: 369 return; 370 case IWL_RX_PHY_INFO_TYPE_HE_TB_EXT: 371 he->data1 |= cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA1_SPTL_REUSE_KNOWN | 372 IEEE80211_RADIOTAP_HE_DATA1_SPTL_REUSE2_KNOWN | 373 IEEE80211_RADIOTAP_HE_DATA1_SPTL_REUSE3_KNOWN | 374 IEEE80211_RADIOTAP_HE_DATA1_SPTL_REUSE4_KNOWN); 375 he->data4 |= le16_encode_bits(le32_get_bits(phy_data->data2, 376 IWL_RX_PHY_DATA2_HE_TB_EXT_SPTL_REUSE1), 377 IEEE80211_RADIOTAP_HE_DATA4_TB_SPTL_REUSE1); 378 he->data4 |= le16_encode_bits(le32_get_bits(phy_data->data2, 379 IWL_RX_PHY_DATA2_HE_TB_EXT_SPTL_REUSE2), 380 IEEE80211_RADIOTAP_HE_DATA4_TB_SPTL_REUSE2); 381 he->data4 |= le16_encode_bits(le32_get_bits(phy_data->data2, 382 IWL_RX_PHY_DATA2_HE_TB_EXT_SPTL_REUSE3), 383 IEEE80211_RADIOTAP_HE_DATA4_TB_SPTL_REUSE3); 384 he->data4 |= le16_encode_bits(le32_get_bits(phy_data->data2, 385 IWL_RX_PHY_DATA2_HE_TB_EXT_SPTL_REUSE4), 386 IEEE80211_RADIOTAP_HE_DATA4_TB_SPTL_REUSE4); 387 fallthrough; 388 case IWL_RX_PHY_INFO_TYPE_HE_SU: 389 case IWL_RX_PHY_INFO_TYPE_HE_MU: 390 case IWL_RX_PHY_INFO_TYPE_HE_MU_EXT: 391 case IWL_RX_PHY_INFO_TYPE_HE_TB: 392 /* HE common */ 393 he->data1 |= cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA1_LDPC_XSYMSEG_KNOWN | 394 IEEE80211_RADIOTAP_HE_DATA1_DOPPLER_KNOWN | 395 IEEE80211_RADIOTAP_HE_DATA1_BSS_COLOR_KNOWN); 396 he->data2 |= cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA2_PRE_FEC_PAD_KNOWN | 397 IEEE80211_RADIOTAP_HE_DATA2_PE_DISAMBIG_KNOWN | 398 IEEE80211_RADIOTAP_HE_DATA2_TXOP_KNOWN | 399 IEEE80211_RADIOTAP_HE_DATA2_NUM_LTF_SYMS_KNOWN); 400 he->data3 |= le16_encode_bits(le32_get_bits(phy_data->data0, 401 IWL_RX_PHY_DATA0_HE_BSS_COLOR_MASK), 402 IEEE80211_RADIOTAP_HE_DATA3_BSS_COLOR); 403 if (phy_data->info_type != IWL_RX_PHY_INFO_TYPE_HE_TB && 404 phy_data->info_type != IWL_RX_PHY_INFO_TYPE_HE_TB_EXT) { 405 he->data1 |= cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA1_UL_DL_KNOWN); 406 he->data3 |= le16_encode_bits(le32_get_bits(phy_data->data0, 407 IWL_RX_PHY_DATA0_HE_UPLINK), 408 IEEE80211_RADIOTAP_HE_DATA3_UL_DL); 409 } 410 he->data3 |= le16_encode_bits(le32_get_bits(phy_data->data0, 411 IWL_RX_PHY_DATA0_HE_LDPC_EXT_SYM), 412 IEEE80211_RADIOTAP_HE_DATA3_LDPC_XSYMSEG); 413 he->data5 |= le16_encode_bits(le32_get_bits(phy_data->data0, 414 IWL_RX_PHY_DATA0_HE_PRE_FEC_PAD_MASK), 415 IEEE80211_RADIOTAP_HE_DATA5_PRE_FEC_PAD); 416 he->data5 |= le16_encode_bits(le32_get_bits(phy_data->data0, 417 IWL_RX_PHY_DATA0_HE_PE_DISAMBIG), 418 IEEE80211_RADIOTAP_HE_DATA5_PE_DISAMBIG); 419 he->data5 |= le16_encode_bits(le32_get_bits(phy_data->data1, 420 IWL_RX_PHY_DATA1_HE_LTF_NUM_MASK), 421 IEEE80211_RADIOTAP_HE_DATA5_NUM_LTF_SYMS); 422 he->data6 |= le16_encode_bits(le32_get_bits(phy_data->data0, 423 IWL_RX_PHY_DATA0_HE_TXOP_DUR_MASK), 424 IEEE80211_RADIOTAP_HE_DATA6_TXOP); 425 he->data6 |= le16_encode_bits(le32_get_bits(phy_data->data0, 426 IWL_RX_PHY_DATA0_HE_DOPPLER), 427 IEEE80211_RADIOTAP_HE_DATA6_DOPPLER); 428 break; 429 } 430 431 switch (phy_data->info_type) { 432 case IWL_RX_PHY_INFO_TYPE_HE_MU_EXT: 433 case IWL_RX_PHY_INFO_TYPE_HE_MU: 434 case IWL_RX_PHY_INFO_TYPE_HE_SU: 435 he->data1 |= cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA1_SPTL_REUSE_KNOWN); 436 he->data4 |= le16_encode_bits(le32_get_bits(phy_data->data0, 437 IWL_RX_PHY_DATA0_HE_SPATIAL_REUSE_MASK), 438 IEEE80211_RADIOTAP_HE_DATA4_SU_MU_SPTL_REUSE); 439 break; 440 default: 441 /* nothing here */ 442 break; 443 } 444 445 switch (phy_data->info_type) { 446 case IWL_RX_PHY_INFO_TYPE_HE_MU_EXT: 447 he_mu->flags1 |= 448 le16_encode_bits(le16_get_bits(phy_data->data4, 449 IWL_RX_PHY_DATA4_HE_MU_EXT_SIGB_DCM), 450 IEEE80211_RADIOTAP_HE_MU_FLAGS1_SIG_B_DCM); 451 he_mu->flags1 |= 452 le16_encode_bits(le16_get_bits(phy_data->data4, 453 IWL_RX_PHY_DATA4_HE_MU_EXT_SIGB_MCS_MASK), 454 IEEE80211_RADIOTAP_HE_MU_FLAGS1_SIG_B_MCS); 455 he_mu->flags2 |= 456 le16_encode_bits(le16_get_bits(phy_data->data4, 457 IWL_RX_PHY_DATA4_HE_MU_EXT_PREAMBLE_PUNC_TYPE_MASK), 458 IEEE80211_RADIOTAP_HE_MU_FLAGS2_PUNC_FROM_SIG_A_BW); 459 iwl_mld_decode_he_mu_ext(phy_data, he_mu); 460 fallthrough; 461 case IWL_RX_PHY_INFO_TYPE_HE_MU: 462 he_mu->flags2 |= 463 le16_encode_bits(le32_get_bits(phy_data->data1, 464 IWL_RX_PHY_DATA1_HE_MU_SIBG_SYM_OR_USER_NUM_MASK), 465 IEEE80211_RADIOTAP_HE_MU_FLAGS2_SIG_B_SYMS_USERS); 466 he_mu->flags2 |= 467 le16_encode_bits(le32_get_bits(phy_data->data1, 468 IWL_RX_PHY_DATA1_HE_MU_SIGB_COMPRESSION), 469 IEEE80211_RADIOTAP_HE_MU_FLAGS2_SIG_B_COMP); 470 fallthrough; 471 case IWL_RX_PHY_INFO_TYPE_HE_TB: 472 case IWL_RX_PHY_INFO_TYPE_HE_TB_EXT: 473 iwl_mld_decode_he_phy_ru_alloc(phy_data, he, he_mu, rx_status); 474 break; 475 case IWL_RX_PHY_INFO_TYPE_HE_SU: 476 he->data1 |= cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA1_BEAM_CHANGE_KNOWN); 477 he->data3 |= le16_encode_bits(le32_get_bits(phy_data->data0, 478 IWL_RX_PHY_DATA0_HE_BEAM_CHNG), 479 IEEE80211_RADIOTAP_HE_DATA3_BEAM_CHANGE); 480 break; 481 default: 482 /* nothing */ 483 break; 484 } 485 } 486 487 static void iwl_mld_rx_he(struct iwl_mld *mld, struct sk_buff *skb, 488 struct iwl_mld_rx_phy_data *phy_data, 489 int queue) 490 { 491 struct ieee80211_rx_status *rx_status = IEEE80211_SKB_RXCB(skb); 492 struct ieee80211_radiotap_he *he = NULL; 493 struct ieee80211_radiotap_he_mu *he_mu = NULL; 494 u32 rate_n_flags = phy_data->rate_n_flags; 495 u32 he_type = rate_n_flags & RATE_MCS_HE_TYPE_MSK; 496 u8 ltf; 497 static const struct ieee80211_radiotap_he known = { 498 .data1 = cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA1_DATA_MCS_KNOWN | 499 IEEE80211_RADIOTAP_HE_DATA1_DATA_DCM_KNOWN | 500 IEEE80211_RADIOTAP_HE_DATA1_STBC_KNOWN | 501 IEEE80211_RADIOTAP_HE_DATA1_CODING_KNOWN), 502 .data2 = cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA2_GI_KNOWN | 503 IEEE80211_RADIOTAP_HE_DATA2_TXBF_KNOWN), 504 }; 505 static const struct ieee80211_radiotap_he_mu mu_known = { 506 .flags1 = cpu_to_le16(IEEE80211_RADIOTAP_HE_MU_FLAGS1_SIG_B_MCS_KNOWN | 507 IEEE80211_RADIOTAP_HE_MU_FLAGS1_SIG_B_DCM_KNOWN | 508 IEEE80211_RADIOTAP_HE_MU_FLAGS1_SIG_B_SYMS_USERS_KNOWN | 509 IEEE80211_RADIOTAP_HE_MU_FLAGS1_SIG_B_COMP_KNOWN), 510 .flags2 = cpu_to_le16(IEEE80211_RADIOTAP_HE_MU_FLAGS2_PUNC_FROM_SIG_A_BW_KNOWN | 511 IEEE80211_RADIOTAP_HE_MU_FLAGS2_BW_FROM_SIG_A_BW_KNOWN), 512 }; 513 u16 phy_info = phy_data->phy_info; 514 515 he = skb_put_data(skb, &known, sizeof(known)); 516 rx_status->flag |= RX_FLAG_RADIOTAP_HE; 517 518 if (phy_data->info_type == IWL_RX_PHY_INFO_TYPE_HE_MU || 519 phy_data->info_type == IWL_RX_PHY_INFO_TYPE_HE_MU_EXT) { 520 he_mu = skb_put_data(skb, &mu_known, sizeof(mu_known)); 521 rx_status->flag |= RX_FLAG_RADIOTAP_HE_MU; 522 } 523 524 /* report the AMPDU-EOF bit on single frames */ 525 if (!queue && !(phy_info & IWL_RX_MPDU_PHY_AMPDU)) { 526 rx_status->flag |= RX_FLAG_AMPDU_DETAILS; 527 rx_status->flag |= RX_FLAG_AMPDU_EOF_BIT_KNOWN; 528 if (phy_data->data0 & cpu_to_le32(IWL_RX_PHY_DATA0_HE_DELIM_EOF)) 529 rx_status->flag |= RX_FLAG_AMPDU_EOF_BIT; 530 } 531 532 if (phy_info & IWL_RX_MPDU_PHY_TSF_OVERLOAD) 533 iwl_mld_decode_he_phy_data(phy_data, he, he_mu, rx_status, 534 queue); 535 536 /* update aggregation data for monitor sake on default queue */ 537 if (!queue && (phy_info & IWL_RX_MPDU_PHY_TSF_OVERLOAD) && 538 (phy_info & IWL_RX_MPDU_PHY_AMPDU) && phy_data->first_subframe) { 539 rx_status->flag |= RX_FLAG_AMPDU_EOF_BIT_KNOWN; 540 if (phy_data->data0 & cpu_to_le32(IWL_RX_PHY_DATA0_EHT_DELIM_EOF)) 541 rx_status->flag |= RX_FLAG_AMPDU_EOF_BIT; 542 } 543 544 if (he_type == RATE_MCS_HE_TYPE_EXT_SU && 545 rate_n_flags & RATE_MCS_HE_106T_MSK) { 546 rx_status->bw = RATE_INFO_BW_HE_RU; 547 rx_status->he_ru = NL80211_RATE_INFO_HE_RU_ALLOC_106; 548 } 549 550 /* actually data is filled in mac80211 */ 551 if (he_type == RATE_MCS_HE_TYPE_SU || 552 he_type == RATE_MCS_HE_TYPE_EXT_SU) 553 he->data1 |= 554 cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA1_BW_RU_ALLOC_KNOWN); 555 556 #define CHECK_TYPE(F) \ 557 BUILD_BUG_ON(IEEE80211_RADIOTAP_HE_DATA1_FORMAT_ ## F != \ 558 (RATE_MCS_HE_TYPE_ ## F >> RATE_MCS_HE_TYPE_POS)) 559 560 CHECK_TYPE(SU); 561 CHECK_TYPE(EXT_SU); 562 CHECK_TYPE(MU); 563 CHECK_TYPE(TRIG); 564 565 he->data1 |= cpu_to_le16(he_type >> RATE_MCS_HE_TYPE_POS); 566 567 if (rate_n_flags & RATE_MCS_BF_MSK) 568 he->data5 |= cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA5_TXBF); 569 570 switch ((rate_n_flags & RATE_MCS_HE_GI_LTF_MSK) >> 571 RATE_MCS_HE_GI_LTF_POS) { 572 case 0: 573 if (he_type == RATE_MCS_HE_TYPE_TRIG) 574 rx_status->he_gi = NL80211_RATE_INFO_HE_GI_1_6; 575 else 576 rx_status->he_gi = NL80211_RATE_INFO_HE_GI_0_8; 577 if (he_type == RATE_MCS_HE_TYPE_MU) 578 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_4X; 579 else 580 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_1X; 581 break; 582 case 1: 583 if (he_type == RATE_MCS_HE_TYPE_TRIG) 584 rx_status->he_gi = NL80211_RATE_INFO_HE_GI_1_6; 585 else 586 rx_status->he_gi = NL80211_RATE_INFO_HE_GI_0_8; 587 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_2X; 588 break; 589 case 2: 590 if (he_type == RATE_MCS_HE_TYPE_TRIG) { 591 rx_status->he_gi = NL80211_RATE_INFO_HE_GI_3_2; 592 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_4X; 593 } else { 594 rx_status->he_gi = NL80211_RATE_INFO_HE_GI_1_6; 595 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_2X; 596 } 597 break; 598 case 3: 599 rx_status->he_gi = NL80211_RATE_INFO_HE_GI_3_2; 600 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_4X; 601 break; 602 case 4: 603 rx_status->he_gi = NL80211_RATE_INFO_HE_GI_0_8; 604 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_4X; 605 break; 606 default: 607 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_UNKNOWN; 608 } 609 610 he->data5 |= le16_encode_bits(ltf, 611 IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE); 612 } 613 614 static void iwl_mld_decode_lsig(struct sk_buff *skb, 615 struct iwl_mld_rx_phy_data *phy_data) 616 { 617 struct ieee80211_rx_status *rx_status = IEEE80211_SKB_RXCB(skb); 618 struct ieee80211_radiotap_lsig *lsig; 619 620 switch (phy_data->info_type) { 621 case IWL_RX_PHY_INFO_TYPE_HT: 622 case IWL_RX_PHY_INFO_TYPE_VHT_SU: 623 case IWL_RX_PHY_INFO_TYPE_VHT_MU: 624 case IWL_RX_PHY_INFO_TYPE_HE_TB_EXT: 625 case IWL_RX_PHY_INFO_TYPE_HE_SU: 626 case IWL_RX_PHY_INFO_TYPE_HE_MU: 627 case IWL_RX_PHY_INFO_TYPE_HE_MU_EXT: 628 case IWL_RX_PHY_INFO_TYPE_HE_TB: 629 case IWL_RX_PHY_INFO_TYPE_EHT_MU: 630 case IWL_RX_PHY_INFO_TYPE_EHT_TB: 631 case IWL_RX_PHY_INFO_TYPE_EHT_MU_EXT: 632 case IWL_RX_PHY_INFO_TYPE_EHT_TB_EXT: 633 lsig = skb_put(skb, sizeof(*lsig)); 634 lsig->data1 = cpu_to_le16(IEEE80211_RADIOTAP_LSIG_DATA1_LENGTH_KNOWN); 635 lsig->data2 = le16_encode_bits(le32_get_bits(phy_data->data1, 636 IWL_RX_PHY_DATA1_LSIG_LEN_MASK), 637 IEEE80211_RADIOTAP_LSIG_DATA2_LENGTH); 638 rx_status->flag |= RX_FLAG_RADIOTAP_LSIG; 639 break; 640 default: 641 break; 642 } 643 } 644 645 /* Put a TLV on the skb and return data pointer 646 * 647 * Also pad the len to 4 and zero out all data part 648 */ 649 static void * 650 iwl_mld_radiotap_put_tlv(struct sk_buff *skb, u16 type, u16 len) 651 { 652 struct ieee80211_radiotap_tlv *tlv; 653 654 tlv = skb_put(skb, sizeof(*tlv)); 655 tlv->type = cpu_to_le16(type); 656 tlv->len = cpu_to_le16(len); 657 return skb_put_zero(skb, ALIGN(len, 4)); 658 } 659 660 #define LE32_DEC_ENC(value, dec_bits, enc_bits) \ 661 le32_encode_bits(le32_get_bits(value, dec_bits), enc_bits) 662 663 #define IWL_MLD_ENC_USIG_VALUE_MASK(usig, in_value, dec_bits, enc_bits) do { \ 664 typeof(enc_bits) _enc_bits = enc_bits; \ 665 typeof(usig) _usig = usig; \ 666 (_usig)->mask |= cpu_to_le32(_enc_bits); \ 667 (_usig)->value |= LE32_DEC_ENC(in_value, dec_bits, _enc_bits); \ 668 } while (0) 669 670 #define __IWL_MLD_ENC_EHT_RU(rt_data, rt_ru, fw_data, fw_ru) \ 671 eht->data[(rt_data)] |= \ 672 (cpu_to_le32 \ 673 (IEEE80211_RADIOTAP_EHT_DATA ## rt_data ## _RU_ALLOC_CC_ ## rt_ru ## _KNOWN) | \ 674 LE32_DEC_ENC(data ## fw_data, \ 675 IWL_RX_PHY_DATA ## fw_data ## _EHT_MU_EXT_RU_ALLOC_ ## fw_ru, \ 676 IEEE80211_RADIOTAP_EHT_DATA ## rt_data ## _RU_ALLOC_CC_ ## rt_ru)) 677 678 #define _IWL_MLD_ENC_EHT_RU(rt_data, rt_ru, fw_data, fw_ru) \ 679 __IWL_MLD_ENC_EHT_RU(rt_data, rt_ru, fw_data, fw_ru) 680 681 #define IEEE80211_RADIOTAP_RU_DATA_1_1_1 1 682 #define IEEE80211_RADIOTAP_RU_DATA_2_1_1 2 683 #define IEEE80211_RADIOTAP_RU_DATA_1_1_2 2 684 #define IEEE80211_RADIOTAP_RU_DATA_2_1_2 2 685 #define IEEE80211_RADIOTAP_RU_DATA_1_2_1 3 686 #define IEEE80211_RADIOTAP_RU_DATA_2_2_1 3 687 #define IEEE80211_RADIOTAP_RU_DATA_1_2_2 3 688 #define IEEE80211_RADIOTAP_RU_DATA_2_2_2 4 689 690 #define IWL_RX_RU_DATA_A1 2 691 #define IWL_RX_RU_DATA_A2 2 692 #define IWL_RX_RU_DATA_B1 2 693 #define IWL_RX_RU_DATA_B2 4 694 #define IWL_RX_RU_DATA_C1 3 695 #define IWL_RX_RU_DATA_C2 3 696 #define IWL_RX_RU_DATA_D1 4 697 #define IWL_RX_RU_DATA_D2 4 698 699 #define IWL_MLD_ENC_EHT_RU(rt_ru, fw_ru) \ 700 _IWL_MLD_ENC_EHT_RU(IEEE80211_RADIOTAP_RU_DATA_ ## rt_ru, \ 701 rt_ru, \ 702 IWL_RX_RU_DATA_ ## fw_ru, \ 703 fw_ru) 704 705 static void iwl_mld_decode_eht_ext_mu(struct iwl_mld *mld, 706 struct iwl_mld_rx_phy_data *phy_data, 707 struct ieee80211_rx_status *rx_status, 708 struct ieee80211_radiotap_eht *eht, 709 struct ieee80211_radiotap_eht_usig *usig) 710 { 711 if (phy_data->with_data) { 712 __le32 data1 = phy_data->data1; 713 __le32 data2 = phy_data->data2; 714 __le32 data3 = phy_data->data3; 715 __le32 data4 = phy_data->eht_data4; 716 __le32 data5 = phy_data->data5; 717 u32 phy_bw = phy_data->rate_n_flags & RATE_MCS_CHAN_WIDTH_MSK; 718 719 IWL_MLD_ENC_USIG_VALUE_MASK(usig, data5, 720 IWL_RX_PHY_DATA5_EHT_TYPE_AND_COMP, 721 IEEE80211_RADIOTAP_EHT_USIG2_MU_B0_B1_PPDU_TYPE); 722 IWL_MLD_ENC_USIG_VALUE_MASK(usig, data5, 723 IWL_RX_PHY_DATA5_EHT_MU_PUNC_CH_CODE, 724 IEEE80211_RADIOTAP_EHT_USIG2_MU_B3_B7_PUNCTURED_INFO); 725 IWL_MLD_ENC_USIG_VALUE_MASK(usig, data4, 726 IWL_RX_PHY_DATA4_EHT_MU_EXT_SIGB_MCS, 727 IEEE80211_RADIOTAP_EHT_USIG2_MU_B9_B10_SIG_MCS); 728 IWL_MLD_ENC_USIG_VALUE_MASK 729 (usig, data1, IWL_RX_PHY_DATA1_EHT_MU_NUM_SIG_SYM_USIGA2, 730 IEEE80211_RADIOTAP_EHT_USIG2_MU_B11_B15_EHT_SIG_SYMBOLS); 731 732 eht->user_info[0] |= 733 cpu_to_le32(IEEE80211_RADIOTAP_EHT_USER_INFO_STA_ID_KNOWN) | 734 LE32_DEC_ENC(data5, IWL_RX_PHY_DATA5_EHT_MU_STA_ID_USR, 735 IEEE80211_RADIOTAP_EHT_USER_INFO_STA_ID); 736 737 eht->known |= cpu_to_le32(IEEE80211_RADIOTAP_EHT_KNOWN_NR_NON_OFDMA_USERS_M); 738 eht->data[7] |= LE32_DEC_ENC 739 (data5, IWL_RX_PHY_DATA5_EHT_MU_NUM_USR_NON_OFDMA, 740 IEEE80211_RADIOTAP_EHT_DATA7_NUM_OF_NON_OFDMA_USERS); 741 742 /* 743 * Hardware labels the content channels/RU allocation values 744 * as follows: 745 * Content Channel 1 Content Channel 2 746 * 20 MHz: A1 747 * 40 MHz: A1 B1 748 * 80 MHz: A1 C1 B1 D1 749 * 160 MHz: A1 C1 A2 C2 B1 D1 B2 D2 750 * 320 MHz: A1 C1 A2 C2 A3 C3 A4 C4 B1 D1 B2 D2 B3 D3 B4 D4 751 * 752 * However firmware can only give us A1-D2, so the higher 753 * frequencies are missing. 754 */ 755 756 switch (phy_bw) { 757 case RATE_MCS_CHAN_WIDTH_320: 758 /* additional values are missing in RX metadata */ 759 fallthrough; 760 case RATE_MCS_CHAN_WIDTH_160: 761 /* content channel 1 */ 762 IWL_MLD_ENC_EHT_RU(1_2_1, A2); 763 IWL_MLD_ENC_EHT_RU(1_2_2, C2); 764 /* content channel 2 */ 765 IWL_MLD_ENC_EHT_RU(2_2_1, B2); 766 IWL_MLD_ENC_EHT_RU(2_2_2, D2); 767 fallthrough; 768 case RATE_MCS_CHAN_WIDTH_80: 769 /* content channel 1 */ 770 IWL_MLD_ENC_EHT_RU(1_1_2, C1); 771 /* content channel 2 */ 772 IWL_MLD_ENC_EHT_RU(2_1_2, D1); 773 fallthrough; 774 case RATE_MCS_CHAN_WIDTH_40: 775 /* content channel 2 */ 776 IWL_MLD_ENC_EHT_RU(2_1_1, B1); 777 fallthrough; 778 case RATE_MCS_CHAN_WIDTH_20: 779 IWL_MLD_ENC_EHT_RU(1_1_1, A1); 780 break; 781 } 782 } else { 783 __le32 usig_a1 = phy_data->rx_vec[0]; 784 __le32 usig_a2 = phy_data->rx_vec[1]; 785 786 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a1, 787 IWL_RX_USIG_A1_DISREGARD, 788 IEEE80211_RADIOTAP_EHT_USIG1_MU_B20_B24_DISREGARD); 789 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a1, 790 IWL_RX_USIG_A1_VALIDATE, 791 IEEE80211_RADIOTAP_EHT_USIG1_MU_B25_VALIDATE); 792 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2, 793 IWL_RX_USIG_A2_EHT_PPDU_TYPE, 794 IEEE80211_RADIOTAP_EHT_USIG2_MU_B0_B1_PPDU_TYPE); 795 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2, 796 IWL_RX_USIG_A2_EHT_USIG2_VALIDATE_B2, 797 IEEE80211_RADIOTAP_EHT_USIG2_MU_B2_VALIDATE); 798 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2, 799 IWL_RX_USIG_A2_EHT_PUNC_CHANNEL, 800 IEEE80211_RADIOTAP_EHT_USIG2_MU_B3_B7_PUNCTURED_INFO); 801 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2, 802 IWL_RX_USIG_A2_EHT_USIG2_VALIDATE_B8, 803 IEEE80211_RADIOTAP_EHT_USIG2_MU_B8_VALIDATE); 804 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2, 805 IWL_RX_USIG_A2_EHT_SIG_MCS, 806 IEEE80211_RADIOTAP_EHT_USIG2_MU_B9_B10_SIG_MCS); 807 IWL_MLD_ENC_USIG_VALUE_MASK 808 (usig, usig_a2, IWL_RX_USIG_A2_EHT_SIG_SYM_NUM, 809 IEEE80211_RADIOTAP_EHT_USIG2_MU_B11_B15_EHT_SIG_SYMBOLS); 810 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2, 811 IWL_RX_USIG_A2_EHT_CRC_OK, 812 IEEE80211_RADIOTAP_EHT_USIG2_MU_B16_B19_CRC); 813 } 814 } 815 816 static void iwl_mld_decode_eht_ext_tb(struct iwl_mld *mld, 817 struct iwl_mld_rx_phy_data *phy_data, 818 struct ieee80211_rx_status *rx_status, 819 struct ieee80211_radiotap_eht *eht, 820 struct ieee80211_radiotap_eht_usig *usig) 821 { 822 if (phy_data->with_data) { 823 __le32 data5 = phy_data->data5; 824 825 IWL_MLD_ENC_USIG_VALUE_MASK(usig, data5, 826 IWL_RX_PHY_DATA5_EHT_TYPE_AND_COMP, 827 IEEE80211_RADIOTAP_EHT_USIG2_TB_B0_B1_PPDU_TYPE); 828 IWL_MLD_ENC_USIG_VALUE_MASK(usig, data5, 829 IWL_RX_PHY_DATA5_EHT_TB_SPATIAL_REUSE1, 830 IEEE80211_RADIOTAP_EHT_USIG2_TB_B3_B6_SPATIAL_REUSE_1); 831 832 IWL_MLD_ENC_USIG_VALUE_MASK(usig, data5, 833 IWL_RX_PHY_DATA5_EHT_TB_SPATIAL_REUSE2, 834 IEEE80211_RADIOTAP_EHT_USIG2_TB_B7_B10_SPATIAL_REUSE_2); 835 } else { 836 __le32 usig_a1 = phy_data->rx_vec[0]; 837 __le32 usig_a2 = phy_data->rx_vec[1]; 838 839 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a1, 840 IWL_RX_USIG_A1_DISREGARD, 841 IEEE80211_RADIOTAP_EHT_USIG1_TB_B20_B25_DISREGARD); 842 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2, 843 IWL_RX_USIG_A2_EHT_PPDU_TYPE, 844 IEEE80211_RADIOTAP_EHT_USIG2_TB_B0_B1_PPDU_TYPE); 845 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2, 846 IWL_RX_USIG_A2_EHT_USIG2_VALIDATE_B2, 847 IEEE80211_RADIOTAP_EHT_USIG2_TB_B2_VALIDATE); 848 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2, 849 IWL_RX_USIG_A2_EHT_TRIG_SPATIAL_REUSE_1, 850 IEEE80211_RADIOTAP_EHT_USIG2_TB_B3_B6_SPATIAL_REUSE_1); 851 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2, 852 IWL_RX_USIG_A2_EHT_TRIG_SPATIAL_REUSE_2, 853 IEEE80211_RADIOTAP_EHT_USIG2_TB_B7_B10_SPATIAL_REUSE_2); 854 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2, 855 IWL_RX_USIG_A2_EHT_TRIG_USIG2_DISREGARD, 856 IEEE80211_RADIOTAP_EHT_USIG2_TB_B11_B15_DISREGARD); 857 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2, 858 IWL_RX_USIG_A2_EHT_CRC_OK, 859 IEEE80211_RADIOTAP_EHT_USIG2_TB_B16_B19_CRC); 860 } 861 } 862 863 static void iwl_mld_decode_eht_ru(struct iwl_mld *mld, 864 struct ieee80211_rx_status *rx_status, 865 struct ieee80211_radiotap_eht *eht) 866 { 867 u32 ru = le32_get_bits(eht->data[8], 868 IEEE80211_RADIOTAP_EHT_DATA8_RU_ALLOC_TB_FMT_B7_B1); 869 enum nl80211_eht_ru_alloc nl_ru; 870 871 /* Using D1.5 Table 9-53a - Encoding of PS160 and RU Allocation subfields 872 * in an EHT variant User Info field 873 */ 874 875 switch (ru) { 876 case 0 ... 36: 877 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_26; 878 break; 879 case 37 ... 52: 880 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_52; 881 break; 882 case 53 ... 60: 883 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_106; 884 break; 885 case 61 ... 64: 886 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_242; 887 break; 888 case 65 ... 66: 889 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_484; 890 break; 891 case 67: 892 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_996; 893 break; 894 case 68: 895 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_2x996; 896 break; 897 case 69: 898 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_4x996; 899 break; 900 case 70 ... 81: 901 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_52P26; 902 break; 903 case 82 ... 89: 904 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_106P26; 905 break; 906 case 90 ... 93: 907 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_484P242; 908 break; 909 case 94 ... 95: 910 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_996P484; 911 break; 912 case 96 ... 99: 913 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_996P484P242; 914 break; 915 case 100 ... 103: 916 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_2x996P484; 917 break; 918 case 104: 919 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_3x996; 920 break; 921 case 105 ... 106: 922 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_3x996P484; 923 break; 924 default: 925 return; 926 } 927 928 rx_status->bw = RATE_INFO_BW_EHT_RU; 929 rx_status->eht.ru = nl_ru; 930 } 931 932 static void iwl_mld_decode_eht_phy_data(struct iwl_mld *mld, 933 struct iwl_mld_rx_phy_data *phy_data, 934 struct ieee80211_rx_status *rx_status, 935 struct ieee80211_radiotap_eht *eht, 936 struct ieee80211_radiotap_eht_usig *usig) 937 938 { 939 __le32 data0 = phy_data->data0; 940 __le32 data1 = phy_data->data1; 941 __le32 usig_a1 = phy_data->rx_vec[0]; 942 u8 info_type = phy_data->info_type; 943 944 /* Not in EHT range */ 945 if (info_type < IWL_RX_PHY_INFO_TYPE_EHT_MU || 946 info_type > IWL_RX_PHY_INFO_TYPE_EHT_TB_EXT) 947 return; 948 949 usig->common |= cpu_to_le32 950 (IEEE80211_RADIOTAP_EHT_USIG_COMMON_UL_DL_KNOWN | 951 IEEE80211_RADIOTAP_EHT_USIG_COMMON_BSS_COLOR_KNOWN); 952 if (phy_data->with_data) { 953 usig->common |= LE32_DEC_ENC(data0, 954 IWL_RX_PHY_DATA0_EHT_UPLINK, 955 IEEE80211_RADIOTAP_EHT_USIG_COMMON_UL_DL); 956 usig->common |= LE32_DEC_ENC(data0, 957 IWL_RX_PHY_DATA0_EHT_BSS_COLOR_MASK, 958 IEEE80211_RADIOTAP_EHT_USIG_COMMON_BSS_COLOR); 959 } else { 960 usig->common |= LE32_DEC_ENC(usig_a1, 961 IWL_RX_USIG_A1_UL_FLAG, 962 IEEE80211_RADIOTAP_EHT_USIG_COMMON_UL_DL); 963 usig->common |= LE32_DEC_ENC(usig_a1, 964 IWL_RX_USIG_A1_BSS_COLOR, 965 IEEE80211_RADIOTAP_EHT_USIG_COMMON_BSS_COLOR); 966 } 967 968 usig->common |= 969 cpu_to_le32(IEEE80211_RADIOTAP_EHT_USIG_COMMON_VALIDATE_BITS_CHECKED); 970 usig->common |= 971 LE32_DEC_ENC(data0, IWL_RX_PHY_DATA0_EHT_VALIDATE, 972 IEEE80211_RADIOTAP_EHT_USIG_COMMON_VALIDATE_BITS_OK); 973 974 eht->known |= cpu_to_le32(IEEE80211_RADIOTAP_EHT_KNOWN_SPATIAL_REUSE); 975 eht->data[0] |= LE32_DEC_ENC(data0, 976 IWL_RX_PHY_DATA0_ETH_SPATIAL_REUSE_MASK, 977 IEEE80211_RADIOTAP_EHT_DATA0_SPATIAL_REUSE); 978 979 /* All RU allocating size/index is in TB format */ 980 eht->known |= cpu_to_le32(IEEE80211_RADIOTAP_EHT_KNOWN_RU_ALLOC_TB_FMT); 981 eht->data[8] |= LE32_DEC_ENC(data0, IWL_RX_PHY_DATA0_EHT_PS160, 982 IEEE80211_RADIOTAP_EHT_DATA8_RU_ALLOC_TB_FMT_PS_160); 983 eht->data[8] |= LE32_DEC_ENC(data1, IWL_RX_PHY_DATA1_EHT_RU_ALLOC_B0, 984 IEEE80211_RADIOTAP_EHT_DATA8_RU_ALLOC_TB_FMT_B0); 985 eht->data[8] |= LE32_DEC_ENC(data1, IWL_RX_PHY_DATA1_EHT_RU_ALLOC_B1_B7, 986 IEEE80211_RADIOTAP_EHT_DATA8_RU_ALLOC_TB_FMT_B7_B1); 987 988 iwl_mld_decode_eht_ru(mld, rx_status, eht); 989 990 /* We only get here in case of IWL_RX_MPDU_PHY_TSF_OVERLOAD is set 991 * which is on only in case of monitor mode so no need to check monitor 992 * mode 993 */ 994 eht->known |= cpu_to_le32(IEEE80211_RADIOTAP_EHT_KNOWN_PRIMARY_80); 995 eht->data[1] |= 996 le32_encode_bits(mld->monitor.p80, 997 IEEE80211_RADIOTAP_EHT_DATA1_PRIMARY_80); 998 999 usig->common |= cpu_to_le32(IEEE80211_RADIOTAP_EHT_USIG_COMMON_TXOP_KNOWN); 1000 if (phy_data->with_data) 1001 usig->common |= LE32_DEC_ENC(data0, IWL_RX_PHY_DATA0_EHT_TXOP_DUR_MASK, 1002 IEEE80211_RADIOTAP_EHT_USIG_COMMON_TXOP); 1003 else 1004 usig->common |= LE32_DEC_ENC(usig_a1, IWL_RX_USIG_A1_TXOP_DURATION, 1005 IEEE80211_RADIOTAP_EHT_USIG_COMMON_TXOP); 1006 1007 eht->known |= cpu_to_le32(IEEE80211_RADIOTAP_EHT_KNOWN_LDPC_EXTRA_SYM_OM); 1008 eht->data[0] |= LE32_DEC_ENC(data0, IWL_RX_PHY_DATA0_EHT_LDPC_EXT_SYM, 1009 IEEE80211_RADIOTAP_EHT_DATA0_LDPC_EXTRA_SYM_OM); 1010 1011 eht->known |= cpu_to_le32(IEEE80211_RADIOTAP_EHT_KNOWN_PRE_PADD_FACOR_OM); 1012 eht->data[0] |= LE32_DEC_ENC(data0, IWL_RX_PHY_DATA0_EHT_PRE_FEC_PAD_MASK, 1013 IEEE80211_RADIOTAP_EHT_DATA0_PRE_PADD_FACOR_OM); 1014 1015 eht->known |= cpu_to_le32(IEEE80211_RADIOTAP_EHT_KNOWN_PE_DISAMBIGUITY_OM); 1016 eht->data[0] |= LE32_DEC_ENC(data0, IWL_RX_PHY_DATA0_EHT_PE_DISAMBIG, 1017 IEEE80211_RADIOTAP_EHT_DATA0_PE_DISAMBIGUITY_OM); 1018 1019 /* TODO: what about IWL_RX_PHY_DATA0_EHT_BW320_SLOT */ 1020 1021 if (!le32_get_bits(data0, IWL_RX_PHY_DATA0_EHT_SIGA_CRC_OK)) 1022 usig->common |= cpu_to_le32(IEEE80211_RADIOTAP_EHT_USIG_COMMON_BAD_USIG_CRC); 1023 1024 usig->common |= cpu_to_le32(IEEE80211_RADIOTAP_EHT_USIG_COMMON_PHY_VER_KNOWN); 1025 usig->common |= LE32_DEC_ENC(data0, IWL_RX_PHY_DATA0_EHT_PHY_VER, 1026 IEEE80211_RADIOTAP_EHT_USIG_COMMON_PHY_VER); 1027 1028 /* 1029 * TODO: what about TB - IWL_RX_PHY_DATA1_EHT_TB_PILOT_TYPE, 1030 * IWL_RX_PHY_DATA1_EHT_TB_LOW_SS 1031 */ 1032 1033 eht->known |= cpu_to_le32(IEEE80211_RADIOTAP_EHT_KNOWN_EHT_LTF); 1034 eht->data[0] |= LE32_DEC_ENC(data1, IWL_RX_PHY_DATA1_EHT_SIG_LTF_NUM, 1035 IEEE80211_RADIOTAP_EHT_DATA0_EHT_LTF); 1036 1037 if (info_type == IWL_RX_PHY_INFO_TYPE_EHT_TB_EXT || 1038 info_type == IWL_RX_PHY_INFO_TYPE_EHT_TB) 1039 iwl_mld_decode_eht_ext_tb(mld, phy_data, rx_status, eht, usig); 1040 1041 if (info_type == IWL_RX_PHY_INFO_TYPE_EHT_MU_EXT || 1042 info_type == IWL_RX_PHY_INFO_TYPE_EHT_MU) 1043 iwl_mld_decode_eht_ext_mu(mld, phy_data, rx_status, eht, usig); 1044 } 1045 1046 static void iwl_mld_rx_eht(struct iwl_mld *mld, struct sk_buff *skb, 1047 struct iwl_mld_rx_phy_data *phy_data, 1048 int queue) 1049 { 1050 struct ieee80211_rx_status *rx_status = IEEE80211_SKB_RXCB(skb); 1051 struct ieee80211_radiotap_eht *eht; 1052 struct ieee80211_radiotap_eht_usig *usig; 1053 size_t eht_len = sizeof(*eht); 1054 1055 u32 rate_n_flags = phy_data->rate_n_flags; 1056 u32 he_type = rate_n_flags & RATE_MCS_HE_TYPE_MSK; 1057 /* EHT and HE have the same values for LTF */ 1058 u8 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_UNKNOWN; 1059 u16 phy_info = phy_data->phy_info; 1060 u32 bw; 1061 1062 /* u32 for 1 user_info */ 1063 if (phy_data->with_data) 1064 eht_len += sizeof(u32); 1065 1066 eht = iwl_mld_radiotap_put_tlv(skb, IEEE80211_RADIOTAP_EHT, eht_len); 1067 1068 usig = iwl_mld_radiotap_put_tlv(skb, IEEE80211_RADIOTAP_EHT_USIG, 1069 sizeof(*usig)); 1070 rx_status->flag |= RX_FLAG_RADIOTAP_TLV_AT_END; 1071 usig->common |= 1072 cpu_to_le32(IEEE80211_RADIOTAP_EHT_USIG_COMMON_BW_KNOWN); 1073 1074 /* specific handling for 320MHz */ 1075 bw = u32_get_bits(rate_n_flags, RATE_MCS_CHAN_WIDTH_MSK); 1076 if (bw == RATE_MCS_CHAN_WIDTH_320_VAL) 1077 bw += le32_get_bits(phy_data->data0, 1078 IWL_RX_PHY_DATA0_EHT_BW320_SLOT); 1079 1080 usig->common |= cpu_to_le32 1081 (FIELD_PREP(IEEE80211_RADIOTAP_EHT_USIG_COMMON_BW, bw)); 1082 1083 /* report the AMPDU-EOF bit on single frames */ 1084 if (!queue && !(phy_info & IWL_RX_MPDU_PHY_AMPDU)) { 1085 rx_status->flag |= RX_FLAG_AMPDU_DETAILS; 1086 rx_status->flag |= RX_FLAG_AMPDU_EOF_BIT_KNOWN; 1087 if (phy_data->data0 & 1088 cpu_to_le32(IWL_RX_PHY_DATA0_EHT_DELIM_EOF)) 1089 rx_status->flag |= RX_FLAG_AMPDU_EOF_BIT; 1090 } 1091 1092 if (phy_info & IWL_RX_MPDU_PHY_TSF_OVERLOAD) 1093 iwl_mld_decode_eht_phy_data(mld, phy_data, rx_status, eht, usig); 1094 1095 #define CHECK_TYPE(F) \ 1096 BUILD_BUG_ON(IEEE80211_RADIOTAP_HE_DATA1_FORMAT_ ## F != \ 1097 (RATE_MCS_HE_TYPE_ ## F >> RATE_MCS_HE_TYPE_POS)) 1098 1099 CHECK_TYPE(SU); 1100 CHECK_TYPE(EXT_SU); 1101 CHECK_TYPE(MU); 1102 CHECK_TYPE(TRIG); 1103 1104 switch (u32_get_bits(rate_n_flags, RATE_MCS_HE_GI_LTF_MSK)) { 1105 case 0: 1106 if (he_type == RATE_MCS_HE_TYPE_TRIG) { 1107 rx_status->eht.gi = NL80211_RATE_INFO_EHT_GI_1_6; 1108 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_1X; 1109 } else { 1110 rx_status->eht.gi = NL80211_RATE_INFO_EHT_GI_0_8; 1111 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_2X; 1112 } 1113 break; 1114 case 1: 1115 rx_status->eht.gi = NL80211_RATE_INFO_EHT_GI_1_6; 1116 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_2X; 1117 break; 1118 case 2: 1119 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_4X; 1120 if (he_type == RATE_MCS_HE_TYPE_TRIG) 1121 rx_status->eht.gi = NL80211_RATE_INFO_EHT_GI_3_2; 1122 else 1123 rx_status->eht.gi = NL80211_RATE_INFO_EHT_GI_0_8; 1124 break; 1125 case 3: 1126 if (he_type != RATE_MCS_HE_TYPE_TRIG) { 1127 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_4X; 1128 rx_status->eht.gi = NL80211_RATE_INFO_EHT_GI_3_2; 1129 } 1130 break; 1131 default: 1132 /* nothing here */ 1133 break; 1134 } 1135 1136 if (ltf != IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_UNKNOWN) { 1137 eht->known |= cpu_to_le32(IEEE80211_RADIOTAP_EHT_KNOWN_GI); 1138 eht->data[0] |= cpu_to_le32 1139 (FIELD_PREP(IEEE80211_RADIOTAP_EHT_DATA0_LTF, 1140 ltf) | 1141 FIELD_PREP(IEEE80211_RADIOTAP_EHT_DATA0_GI, 1142 rx_status->eht.gi)); 1143 } 1144 1145 if (!phy_data->with_data) { 1146 eht->known |= cpu_to_le32(IEEE80211_RADIOTAP_EHT_KNOWN_NSS_S | 1147 IEEE80211_RADIOTAP_EHT_KNOWN_BEAMFORMED_S); 1148 eht->data[7] |= 1149 le32_encode_bits(le32_get_bits(phy_data->rx_vec[2], 1150 RX_NO_DATA_RX_VEC2_EHT_NSTS_MSK), 1151 IEEE80211_RADIOTAP_EHT_DATA7_NSS_S); 1152 if (rate_n_flags & RATE_MCS_BF_MSK) 1153 eht->data[7] |= 1154 cpu_to_le32(IEEE80211_RADIOTAP_EHT_DATA7_BEAMFORMED_S); 1155 } else { 1156 eht->user_info[0] |= 1157 cpu_to_le32(IEEE80211_RADIOTAP_EHT_USER_INFO_MCS_KNOWN | 1158 IEEE80211_RADIOTAP_EHT_USER_INFO_CODING_KNOWN | 1159 IEEE80211_RADIOTAP_EHT_USER_INFO_NSS_KNOWN_O | 1160 IEEE80211_RADIOTAP_EHT_USER_INFO_BEAMFORMING_KNOWN_O | 1161 IEEE80211_RADIOTAP_EHT_USER_INFO_DATA_FOR_USER); 1162 1163 if (rate_n_flags & RATE_MCS_BF_MSK) 1164 eht->user_info[0] |= 1165 cpu_to_le32(IEEE80211_RADIOTAP_EHT_USER_INFO_BEAMFORMING_O); 1166 1167 if (rate_n_flags & RATE_MCS_LDPC_MSK) 1168 eht->user_info[0] |= 1169 cpu_to_le32(IEEE80211_RADIOTAP_EHT_USER_INFO_CODING); 1170 1171 eht->user_info[0] |= cpu_to_le32 1172 (FIELD_PREP(IEEE80211_RADIOTAP_EHT_USER_INFO_MCS, 1173 u32_get_bits(rate_n_flags, 1174 RATE_VHT_MCS_RATE_CODE_MSK)) | 1175 FIELD_PREP(IEEE80211_RADIOTAP_EHT_USER_INFO_NSS_O, 1176 u32_get_bits(rate_n_flags, 1177 RATE_MCS_NSS_MSK))); 1178 } 1179 } 1180 1181 #ifdef CONFIG_IWLWIFI_DEBUGFS 1182 static void iwl_mld_add_rtap_sniffer_config(struct iwl_mld *mld, 1183 struct sk_buff *skb) 1184 { 1185 struct ieee80211_rx_status *rx_status = IEEE80211_SKB_RXCB(skb); 1186 struct ieee80211_radiotap_vendor_content *radiotap; 1187 const u16 vendor_data_len = sizeof(mld->monitor.cur_aid); 1188 1189 if (!mld->monitor.cur_aid) 1190 return; 1191 1192 radiotap = 1193 iwl_mld_radiotap_put_tlv(skb, 1194 IEEE80211_RADIOTAP_VENDOR_NAMESPACE, 1195 sizeof(*radiotap) + vendor_data_len); 1196 1197 /* Intel OUI */ 1198 radiotap->oui[0] = 0xf6; 1199 radiotap->oui[1] = 0x54; 1200 radiotap->oui[2] = 0x25; 1201 /* radiotap sniffer config sub-namespace */ 1202 radiotap->oui_subtype = 1; 1203 radiotap->vendor_type = 0; 1204 1205 /* fill the data now */ 1206 memcpy(radiotap->data, &mld->monitor.cur_aid, 1207 sizeof(mld->monitor.cur_aid)); 1208 1209 rx_status->flag |= RX_FLAG_RADIOTAP_TLV_AT_END; 1210 } 1211 #endif 1212 1213 /* Note: hdr can be NULL */ 1214 static void iwl_mld_rx_fill_status(struct iwl_mld *mld, int link_id, 1215 struct ieee80211_hdr *hdr, 1216 struct sk_buff *skb, 1217 struct iwl_mld_rx_phy_data *phy_data, 1218 int queue) 1219 { 1220 struct ieee80211_rx_status *rx_status = IEEE80211_SKB_RXCB(skb); 1221 u32 format = phy_data->rate_n_flags & RATE_MCS_MOD_TYPE_MSK; 1222 u32 rate_n_flags = phy_data->rate_n_flags; 1223 u8 stbc = u32_get_bits(rate_n_flags, RATE_MCS_STBC_MSK); 1224 bool is_sgi = rate_n_flags & RATE_MCS_SGI_MSK; 1225 1226 phy_data->info_type = IWL_RX_PHY_INFO_TYPE_NONE; 1227 1228 if (phy_data->phy_info & IWL_RX_MPDU_PHY_TSF_OVERLOAD) 1229 phy_data->info_type = 1230 le32_get_bits(phy_data->data1, 1231 IWL_RX_PHY_DATA1_INFO_TYPE_MASK); 1232 1233 /* set the preamble flag if appropriate */ 1234 if (format == RATE_MCS_MOD_TYPE_CCK && 1235 phy_data->phy_info & IWL_RX_MPDU_PHY_SHORT_PREAMBLE) 1236 rx_status->enc_flags |= RX_ENC_FLAG_SHORTPRE; 1237 1238 iwl_mld_fill_signal(mld, link_id, hdr, rx_status, phy_data); 1239 1240 /* This may be overridden by iwl_mld_rx_he() to HE_RU */ 1241 switch (rate_n_flags & RATE_MCS_CHAN_WIDTH_MSK) { 1242 case RATE_MCS_CHAN_WIDTH_20: 1243 break; 1244 case RATE_MCS_CHAN_WIDTH_40: 1245 rx_status->bw = RATE_INFO_BW_40; 1246 break; 1247 case RATE_MCS_CHAN_WIDTH_80: 1248 rx_status->bw = RATE_INFO_BW_80; 1249 break; 1250 case RATE_MCS_CHAN_WIDTH_160: 1251 rx_status->bw = RATE_INFO_BW_160; 1252 break; 1253 case RATE_MCS_CHAN_WIDTH_320: 1254 rx_status->bw = RATE_INFO_BW_320; 1255 break; 1256 } 1257 1258 /* must be before L-SIG data */ 1259 if (format == RATE_MCS_MOD_TYPE_HE) 1260 iwl_mld_rx_he(mld, skb, phy_data, queue); 1261 1262 iwl_mld_decode_lsig(skb, phy_data); 1263 1264 rx_status->device_timestamp = phy_data->gp2_on_air_rise; 1265 1266 /* using TLV format and must be after all fixed len fields */ 1267 if (format == RATE_MCS_MOD_TYPE_EHT) 1268 iwl_mld_rx_eht(mld, skb, phy_data, queue); 1269 1270 #ifdef CONFIG_IWLWIFI_DEBUGFS 1271 if (unlikely(mld->monitor.on)) { 1272 iwl_mld_add_rtap_sniffer_config(mld, skb); 1273 1274 if (mld->monitor.ptp_time) { 1275 u64 adj_time = 1276 iwl_mld_ptp_get_adj_time(mld, 1277 phy_data->gp2_on_air_rise * 1278 NSEC_PER_USEC); 1279 1280 rx_status->mactime = div64_u64(adj_time, NSEC_PER_USEC); 1281 rx_status->flag |= RX_FLAG_MACTIME_IS_RTAP_TS64; 1282 rx_status->flag &= ~RX_FLAG_MACTIME; 1283 } 1284 } 1285 #endif 1286 1287 if (format != RATE_MCS_MOD_TYPE_CCK && is_sgi) 1288 rx_status->enc_flags |= RX_ENC_FLAG_SHORT_GI; 1289 1290 if (rate_n_flags & RATE_MCS_LDPC_MSK) 1291 rx_status->enc_flags |= RX_ENC_FLAG_LDPC; 1292 1293 switch (format) { 1294 case RATE_MCS_MOD_TYPE_HT: 1295 rx_status->encoding = RX_ENC_HT; 1296 rx_status->rate_idx = RATE_HT_MCS_INDEX(rate_n_flags); 1297 rx_status->enc_flags |= stbc << RX_ENC_FLAG_STBC_SHIFT; 1298 break; 1299 case RATE_MCS_MOD_TYPE_VHT: 1300 case RATE_MCS_MOD_TYPE_HE: 1301 case RATE_MCS_MOD_TYPE_EHT: 1302 if (format == RATE_MCS_MOD_TYPE_VHT) { 1303 rx_status->encoding = RX_ENC_VHT; 1304 } else if (format == RATE_MCS_MOD_TYPE_HE) { 1305 rx_status->encoding = RX_ENC_HE; 1306 rx_status->he_dcm = 1307 !!(rate_n_flags & RATE_HE_DUAL_CARRIER_MODE_MSK); 1308 } else if (format == RATE_MCS_MOD_TYPE_EHT) { 1309 rx_status->encoding = RX_ENC_EHT; 1310 } 1311 1312 rx_status->nss = u32_get_bits(rate_n_flags, 1313 RATE_MCS_NSS_MSK) + 1; 1314 rx_status->rate_idx = rate_n_flags & RATE_MCS_CODE_MSK; 1315 rx_status->enc_flags |= stbc << RX_ENC_FLAG_STBC_SHIFT; 1316 break; 1317 default: { 1318 int rate = 1319 iwl_mld_legacy_hw_idx_to_mac80211_idx(rate_n_flags, 1320 rx_status->band); 1321 1322 /* valid rate */ 1323 if (rate >= 0 && rate <= 0xFF) { 1324 rx_status->rate_idx = rate; 1325 break; 1326 } 1327 1328 /* invalid rate */ 1329 rx_status->rate_idx = 0; 1330 1331 if (net_ratelimit()) 1332 IWL_ERR(mld, "invalid rate_n_flags=0x%x, band=%d\n", 1333 rate_n_flags, rx_status->band); 1334 break; 1335 } 1336 } 1337 } 1338 1339 /* iwl_mld_create_skb adds the rxb to a new skb */ 1340 static int iwl_mld_build_rx_skb(struct iwl_mld *mld, struct sk_buff *skb, 1341 struct ieee80211_hdr *hdr, u16 len, 1342 u8 crypt_len, struct iwl_rx_cmd_buffer *rxb) 1343 { 1344 struct iwl_rx_packet *pkt = rxb_addr(rxb); 1345 struct iwl_rx_mpdu_desc *desc = (void *)pkt->data; 1346 unsigned int headlen, fraglen, pad_len = 0; 1347 unsigned int hdrlen = ieee80211_hdrlen(hdr->frame_control); 1348 u8 mic_crc_len = u8_get_bits(desc->mac_flags1, 1349 IWL_RX_MPDU_MFLG1_MIC_CRC_LEN_MASK) << 1; 1350 1351 if (desc->mac_flags2 & IWL_RX_MPDU_MFLG2_PAD) { 1352 len -= 2; 1353 pad_len = 2; 1354 } 1355 1356 /* For non monitor interface strip the bytes the RADA might not have 1357 * removed (it might be disabled, e.g. for mgmt frames). As a monitor 1358 * interface cannot exist with other interfaces, this removal is safe 1359 * and sufficient, in monitor mode there's no decryption being done. 1360 */ 1361 if (len > mic_crc_len && !ieee80211_hw_check(mld->hw, RX_INCLUDES_FCS)) 1362 len -= mic_crc_len; 1363 1364 /* If frame is small enough to fit in skb->head, pull it completely. 1365 * If not, only pull ieee80211_hdr (including crypto if present, and 1366 * an additional 8 bytes for SNAP/ethertype, see below) so that 1367 * splice() or TCP coalesce are more efficient. 1368 * 1369 * Since, in addition, ieee80211_data_to_8023() always pull in at 1370 * least 8 bytes (possibly more for mesh) we can do the same here 1371 * to save the cost of doing it later. That still doesn't pull in 1372 * the actual IP header since the typical case has a SNAP header. 1373 * If the latter changes (there are efforts in the standards group 1374 * to do so) we should revisit this and ieee80211_data_to_8023(). 1375 */ 1376 headlen = (len <= skb_tailroom(skb)) ? len : hdrlen + crypt_len + 8; 1377 1378 /* The firmware may align the packet to DWORD. 1379 * The padding is inserted after the IV. 1380 * After copying the header + IV skip the padding if 1381 * present before copying packet data. 1382 */ 1383 hdrlen += crypt_len; 1384 1385 if (unlikely(headlen < hdrlen)) 1386 return -EINVAL; 1387 1388 /* Since data doesn't move data while putting data on skb and that is 1389 * the only way we use, data + len is the next place that hdr would 1390 * be put 1391 */ 1392 skb_set_mac_header(skb, skb->len); 1393 skb_put_data(skb, hdr, hdrlen); 1394 skb_put_data(skb, (u8 *)hdr + hdrlen + pad_len, headlen - hdrlen); 1395 1396 if (skb->ip_summed == CHECKSUM_COMPLETE) { 1397 struct { 1398 u8 hdr[6]; 1399 __be16 type; 1400 } __packed *shdr = (void *)((u8 *)hdr + hdrlen + pad_len); 1401 1402 if (unlikely(headlen - hdrlen < sizeof(*shdr) || 1403 !ether_addr_equal(shdr->hdr, rfc1042_header) || 1404 (shdr->type != htons(ETH_P_IP) && 1405 shdr->type != htons(ETH_P_ARP) && 1406 shdr->type != htons(ETH_P_IPV6) && 1407 shdr->type != htons(ETH_P_8021Q) && 1408 shdr->type != htons(ETH_P_PAE) && 1409 shdr->type != htons(ETH_P_TDLS)))) 1410 skb->ip_summed = CHECKSUM_NONE; 1411 } 1412 1413 fraglen = len - headlen; 1414 1415 if (fraglen) { 1416 int offset = (u8 *)hdr + headlen + pad_len - 1417 (u8 *)rxb_addr(rxb) + rxb_offset(rxb); 1418 1419 skb_add_rx_frag(skb, 0, rxb_steal_page(rxb), offset, 1420 fraglen, rxb->truesize); 1421 } 1422 1423 return 0; 1424 } 1425 1426 /* returns true if a packet is a duplicate or invalid tid and 1427 * should be dropped. Updates AMSDU PN tracking info 1428 */ 1429 VISIBLE_IF_IWLWIFI_KUNIT 1430 bool 1431 iwl_mld_is_dup(struct iwl_mld *mld, struct ieee80211_sta *sta, 1432 struct ieee80211_hdr *hdr, 1433 const struct iwl_rx_mpdu_desc *mpdu_desc, 1434 struct ieee80211_rx_status *rx_status, int queue) 1435 { 1436 struct iwl_mld_sta *mld_sta; 1437 struct iwl_mld_rxq_dup_data *dup_data; 1438 u8 tid, sub_frame_idx; 1439 1440 if (WARN_ON(!sta)) 1441 return false; 1442 1443 mld_sta = iwl_mld_sta_from_mac80211(sta); 1444 1445 if (WARN_ON_ONCE(!mld_sta->dup_data)) 1446 return false; 1447 1448 dup_data = &mld_sta->dup_data[queue]; 1449 1450 /* Drop duplicate 802.11 retransmissions 1451 * (IEEE 802.11-2020: 10.3.2.14 "Duplicate detection and recovery") 1452 */ 1453 if (ieee80211_is_ctl(hdr->frame_control) || 1454 ieee80211_is_any_nullfunc(hdr->frame_control) || 1455 is_multicast_ether_addr(hdr->addr1)) 1456 return false; 1457 1458 if (ieee80211_is_data_qos(hdr->frame_control)) { 1459 /* frame has qos control */ 1460 tid = ieee80211_get_tid(hdr); 1461 if (tid >= IWL_MAX_TID_COUNT) 1462 return true; 1463 } else { 1464 tid = IWL_MAX_TID_COUNT; 1465 } 1466 1467 /* If this wasn't a part of an A-MSDU the sub-frame index will be 0 */ 1468 sub_frame_idx = mpdu_desc->amsdu_info & 1469 IWL_RX_MPDU_AMSDU_SUBFRAME_IDX_MASK; 1470 1471 if (IWL_FW_CHECK(mld, 1472 sub_frame_idx > 0 && 1473 !(mpdu_desc->mac_flags2 & IWL_RX_MPDU_MFLG2_AMSDU), 1474 "got sub_frame_idx=%d but A-MSDU flag is not set\n", 1475 sub_frame_idx)) 1476 return true; 1477 1478 if (unlikely(ieee80211_has_retry(hdr->frame_control) && 1479 dup_data->last_seq[tid] == hdr->seq_ctrl && 1480 dup_data->last_sub_frame_idx[tid] >= sub_frame_idx)) 1481 return true; 1482 1483 /* Allow same PN as the first subframe for following sub frames */ 1484 if (dup_data->last_seq[tid] == hdr->seq_ctrl && 1485 sub_frame_idx > dup_data->last_sub_frame_idx[tid]) 1486 rx_status->flag |= RX_FLAG_ALLOW_SAME_PN; 1487 1488 dup_data->last_seq[tid] = hdr->seq_ctrl; 1489 dup_data->last_sub_frame_idx[tid] = sub_frame_idx; 1490 1491 rx_status->flag |= RX_FLAG_DUP_VALIDATED; 1492 1493 return false; 1494 } 1495 EXPORT_SYMBOL_IF_IWLWIFI_KUNIT(iwl_mld_is_dup); 1496 1497 static void iwl_mld_update_last_rx_timestamp(struct iwl_mld *mld, u8 baid) 1498 { 1499 unsigned long now = jiffies; 1500 unsigned long timeout; 1501 struct iwl_mld_baid_data *ba_data; 1502 1503 ba_data = rcu_dereference(mld->fw_id_to_ba[baid]); 1504 if (!ba_data) { 1505 IWL_DEBUG_HT(mld, "BAID %d not found in map\n", baid); 1506 return; 1507 } 1508 1509 if (!ba_data->timeout) 1510 return; 1511 1512 /* To minimize cache bouncing between RX queues, avoid frequent updates 1513 * to last_rx_timestamp. update it only when the timeout period has 1514 * passed. The worst-case scenario is the session expiring after 1515 * approximately 2 * timeout, which is negligible (the update is 1516 * atomic). 1517 */ 1518 timeout = TU_TO_JIFFIES(ba_data->timeout); 1519 if (time_is_before_jiffies(ba_data->last_rx_timestamp + timeout)) 1520 ba_data->last_rx_timestamp = now; 1521 } 1522 1523 /* Processes received packets for a station. 1524 * Sets *drop to true if the packet should be dropped. 1525 * Returns the station if found, or NULL otherwise. 1526 */ 1527 static struct ieee80211_sta * 1528 iwl_mld_rx_with_sta(struct iwl_mld *mld, struct ieee80211_hdr *hdr, 1529 struct sk_buff *skb, 1530 const struct iwl_rx_mpdu_desc *mpdu_desc, 1531 const struct iwl_rx_packet *pkt, int queue, bool *drop) 1532 { 1533 struct ieee80211_sta *sta = NULL; 1534 struct ieee80211_link_sta *link_sta = NULL; 1535 struct ieee80211_rx_status *rx_status; 1536 u8 baid; 1537 1538 if (mpdu_desc->status & cpu_to_le32(IWL_RX_MPDU_STATUS_SRC_STA_FOUND)) { 1539 u8 sta_id = le32_get_bits(mpdu_desc->status, 1540 IWL_RX_MPDU_STATUS_STA_ID); 1541 1542 if (IWL_FW_CHECK(mld, 1543 sta_id >= mld->fw->ucode_capa.num_stations, 1544 "rx_mpdu: invalid sta_id %d\n", sta_id)) 1545 return NULL; 1546 1547 link_sta = rcu_dereference(mld->fw_id_to_link_sta[sta_id]); 1548 if (!IS_ERR_OR_NULL(link_sta)) 1549 sta = link_sta->sta; 1550 } else if (!is_multicast_ether_addr(hdr->addr2)) { 1551 /* Passing NULL is fine since we prevent two stations with the 1552 * same address from being added. 1553 */ 1554 sta = ieee80211_find_sta_by_ifaddr(mld->hw, hdr->addr2, NULL); 1555 } 1556 1557 /* we may not have any station yet */ 1558 if (!sta) 1559 return NULL; 1560 1561 rx_status = IEEE80211_SKB_RXCB(skb); 1562 1563 if (link_sta && sta->valid_links) { 1564 rx_status->link_valid = true; 1565 rx_status->link_id = link_sta->link_id; 1566 } 1567 1568 /* fill checksum */ 1569 if (ieee80211_is_data(hdr->frame_control) && 1570 pkt->len_n_flags & cpu_to_le32(FH_RSCSR_RPA_EN)) { 1571 u16 hwsum = be16_to_cpu(mpdu_desc->v3.raw_xsum); 1572 1573 skb->ip_summed = CHECKSUM_COMPLETE; 1574 skb->csum = csum_unfold(~(__force __sum16)hwsum); 1575 } 1576 1577 if (iwl_mld_is_dup(mld, sta, hdr, mpdu_desc, rx_status, queue)) { 1578 IWL_DEBUG_DROP(mld, "Dropping duplicate packet 0x%x\n", 1579 le16_to_cpu(hdr->seq_ctrl)); 1580 *drop = true; 1581 return NULL; 1582 } 1583 1584 baid = le32_get_bits(mpdu_desc->reorder_data, 1585 IWL_RX_MPDU_REORDER_BAID_MASK); 1586 if (baid != IWL_RX_REORDER_DATA_INVALID_BAID) 1587 iwl_mld_update_last_rx_timestamp(mld, baid); 1588 1589 if (link_sta && ieee80211_is_data(hdr->frame_control)) { 1590 u8 sub_frame_idx = mpdu_desc->amsdu_info & 1591 IWL_RX_MPDU_AMSDU_SUBFRAME_IDX_MASK; 1592 1593 /* 0 means not an A-MSDU, and 1 means a new A-MSDU */ 1594 if (!sub_frame_idx || sub_frame_idx == 1) 1595 iwl_mld_count_mpdu_rx(link_sta, queue, 1); 1596 1597 if (!is_multicast_ether_addr(hdr->addr1)) 1598 iwl_mld_low_latency_update_counters(mld, hdr, sta, 1599 queue); 1600 } 1601 1602 return sta; 1603 } 1604 1605 #define KEY_IDX_LEN 2 1606 1607 static int iwl_mld_rx_mgmt_prot(struct ieee80211_sta *sta, 1608 struct ieee80211_hdr *hdr, 1609 struct ieee80211_rx_status *rx_status, 1610 u32 mpdu_status, 1611 u32 mpdu_len) 1612 { 1613 struct wireless_dev *wdev; 1614 struct iwl_mld_sta *mld_sta; 1615 struct iwl_mld_vif *mld_vif; 1616 u8 keyidx; 1617 struct ieee80211_key_conf *key; 1618 const u8 *frame = (void *)hdr; 1619 1620 if ((mpdu_status & IWL_RX_MPDU_STATUS_SEC_MASK) == 1621 IWL_RX_MPDU_STATUS_SEC_NONE) 1622 return 0; 1623 1624 /* For non-beacon, we don't really care. But beacons may 1625 * be filtered out, and we thus need the firmware's replay 1626 * detection, otherwise beacons the firmware previously 1627 * filtered could be replayed, or something like that, and 1628 * it can filter a lot - though usually only if nothing has 1629 * changed. 1630 */ 1631 if (!ieee80211_is_beacon(hdr->frame_control)) 1632 return 0; 1633 1634 if (!sta) 1635 return -1; 1636 1637 mld_sta = iwl_mld_sta_from_mac80211(sta); 1638 mld_vif = iwl_mld_vif_from_mac80211(mld_sta->vif); 1639 1640 /* key mismatch - will also report !MIC_OK but we shouldn't count it */ 1641 if (!(mpdu_status & IWL_RX_MPDU_STATUS_KEY_VALID)) 1642 goto report; 1643 1644 /* good cases */ 1645 if (likely(mpdu_status & IWL_RX_MPDU_STATUS_MIC_OK && 1646 !(mpdu_status & IWL_RX_MPDU_STATUS_REPLAY_ERROR))) { 1647 rx_status->flag |= RX_FLAG_DECRYPTED; 1648 return 0; 1649 } 1650 1651 /* both keys will have the same cipher and MIC length, use 1652 * whichever one is available 1653 */ 1654 key = rcu_dereference(mld_vif->bigtks[0]); 1655 if (!key) { 1656 key = rcu_dereference(mld_vif->bigtks[1]); 1657 if (!key) 1658 goto report; 1659 } 1660 1661 if (mpdu_len < key->icv_len + IEEE80211_GMAC_PN_LEN + KEY_IDX_LEN) 1662 goto report; 1663 1664 /* get the real key ID */ 1665 keyidx = frame[mpdu_len - key->icv_len - IEEE80211_GMAC_PN_LEN - KEY_IDX_LEN]; 1666 /* and if that's the other key, look it up */ 1667 if (keyidx != key->keyidx) { 1668 /* shouldn't happen since firmware checked, but be safe 1669 * in case the MIC length is wrong too, for example 1670 */ 1671 if (keyidx != 6 && keyidx != 7) 1672 return -1; 1673 1674 key = rcu_dereference(mld_vif->bigtks[keyidx - 6]); 1675 if (!key) 1676 goto report; 1677 } 1678 1679 /* Report status to mac80211 */ 1680 if (!(mpdu_status & IWL_RX_MPDU_STATUS_MIC_OK)) 1681 ieee80211_key_mic_failure(key); 1682 else if (mpdu_status & IWL_RX_MPDU_STATUS_REPLAY_ERROR) 1683 ieee80211_key_replay(key); 1684 report: 1685 wdev = ieee80211_vif_to_wdev(mld_sta->vif); 1686 if (wdev->netdev) 1687 cfg80211_rx_unprot_mlme_mgmt(wdev->netdev, (void *)hdr, 1688 mpdu_len); 1689 1690 return -1; 1691 } 1692 1693 static int iwl_mld_rx_crypto(struct iwl_mld *mld, 1694 struct ieee80211_sta *sta, 1695 struct ieee80211_hdr *hdr, 1696 struct ieee80211_rx_status *rx_status, 1697 struct iwl_rx_mpdu_desc *desc, int queue, 1698 u32 pkt_flags, u8 *crypto_len) 1699 { 1700 u32 status = le32_to_cpu(desc->status); 1701 1702 if (unlikely(ieee80211_is_mgmt(hdr->frame_control) && 1703 !ieee80211_has_protected(hdr->frame_control))) 1704 return iwl_mld_rx_mgmt_prot(sta, hdr, rx_status, status, 1705 le16_to_cpu(desc->mpdu_len)); 1706 1707 if (!ieee80211_has_protected(hdr->frame_control) || 1708 (status & IWL_RX_MPDU_STATUS_SEC_MASK) == 1709 IWL_RX_MPDU_STATUS_SEC_NONE) 1710 return 0; 1711 1712 switch (status & IWL_RX_MPDU_STATUS_SEC_MASK) { 1713 case IWL_RX_MPDU_STATUS_SEC_CCM: 1714 case IWL_RX_MPDU_STATUS_SEC_GCM: 1715 BUILD_BUG_ON(IEEE80211_CCMP_PN_LEN != IEEE80211_GCMP_PN_LEN); 1716 if (!(status & IWL_RX_MPDU_STATUS_MIC_OK)) { 1717 IWL_DEBUG_DROP(mld, 1718 "Dropping packet, bad MIC (CCM/GCM)\n"); 1719 return -1; 1720 } 1721 1722 rx_status->flag |= RX_FLAG_DECRYPTED | RX_FLAG_MIC_STRIPPED; 1723 *crypto_len = IEEE80211_CCMP_HDR_LEN; 1724 return 0; 1725 case IWL_RX_MPDU_STATUS_SEC_TKIP: 1726 if (!(status & IWL_RX_MPDU_STATUS_ICV_OK)) 1727 return -1; 1728 1729 if (!(status & RX_MPDU_RES_STATUS_MIC_OK)) 1730 rx_status->flag |= RX_FLAG_MMIC_ERROR; 1731 1732 if (pkt_flags & FH_RSCSR_RADA_EN) { 1733 rx_status->flag |= RX_FLAG_ICV_STRIPPED; 1734 rx_status->flag |= RX_FLAG_MMIC_STRIPPED; 1735 } 1736 1737 *crypto_len = IEEE80211_TKIP_IV_LEN; 1738 rx_status->flag |= RX_FLAG_DECRYPTED; 1739 return 0; 1740 default: 1741 break; 1742 } 1743 1744 return 0; 1745 } 1746 1747 static void iwl_mld_rx_update_ampdu_ref(struct iwl_mld *mld, 1748 struct iwl_mld_rx_phy_data *phy_data, 1749 struct ieee80211_rx_status *rx_status) 1750 { 1751 bool toggle_bit = 1752 phy_data->phy_info & IWL_RX_MPDU_PHY_AMPDU_TOGGLE; 1753 1754 rx_status->flag |= RX_FLAG_AMPDU_DETAILS; 1755 /* Toggle is switched whenever new aggregation starts. Make 1756 * sure ampdu_reference is never 0 so we can later use it to 1757 * see if the frame was really part of an A-MPDU or not. 1758 */ 1759 if (toggle_bit != mld->monitor.ampdu_toggle) { 1760 mld->monitor.ampdu_ref++; 1761 if (mld->monitor.ampdu_ref == 0) 1762 mld->monitor.ampdu_ref++; 1763 mld->monitor.ampdu_toggle = toggle_bit; 1764 phy_data->first_subframe = true; 1765 } 1766 rx_status->ampdu_reference = mld->monitor.ampdu_ref; 1767 } 1768 1769 static void 1770 iwl_mld_fill_rx_status_band_freq(struct ieee80211_rx_status *rx_status, 1771 u8 band, u8 channel) 1772 { 1773 rx_status->band = iwl_mld_phy_band_to_nl80211(band); 1774 rx_status->freq = ieee80211_channel_to_frequency(channel, 1775 rx_status->band); 1776 } 1777 1778 void iwl_mld_rx_mpdu(struct iwl_mld *mld, struct napi_struct *napi, 1779 struct iwl_rx_cmd_buffer *rxb, int queue) 1780 { 1781 struct iwl_rx_packet *pkt = rxb_addr(rxb); 1782 struct iwl_mld_rx_phy_data phy_data = {}; 1783 struct iwl_rx_mpdu_desc *mpdu_desc = (void *)pkt->data; 1784 struct ieee80211_sta *sta; 1785 struct ieee80211_hdr *hdr; 1786 struct sk_buff *skb; 1787 size_t mpdu_desc_size = sizeof(*mpdu_desc); 1788 bool drop = false; 1789 u8 crypto_len = 0, band, link_id; 1790 u32 pkt_len = iwl_rx_packet_payload_len(pkt); 1791 u32 mpdu_len; 1792 enum iwl_mld_reorder_result reorder_res; 1793 struct ieee80211_rx_status *rx_status; 1794 1795 if (unlikely(mld->fw_status.in_hw_restart)) 1796 return; 1797 1798 if (IWL_FW_CHECK(mld, pkt_len < mpdu_desc_size, 1799 "Bad REPLY_RX_MPDU_CMD size (%d)\n", pkt_len)) 1800 return; 1801 1802 mpdu_len = le16_to_cpu(mpdu_desc->mpdu_len); 1803 1804 if (IWL_FW_CHECK(mld, mpdu_len + mpdu_desc_size > pkt_len, 1805 "FW lied about packet len (%d)\n", pkt_len)) 1806 return; 1807 1808 /* Don't use dev_alloc_skb(), we'll have enough headroom once 1809 * ieee80211_hdr pulled. 1810 */ 1811 skb = alloc_skb(128, GFP_ATOMIC); 1812 if (!skb) { 1813 IWL_ERR(mld, "alloc_skb failed\n"); 1814 return; 1815 } 1816 1817 hdr = (void *)(pkt->data + mpdu_desc_size); 1818 1819 iwl_mld_fill_phy_data(mld, mpdu_desc, &phy_data); 1820 1821 if (mpdu_desc->mac_flags2 & IWL_RX_MPDU_MFLG2_PAD) { 1822 /* If the device inserted padding it means that (it thought) 1823 * the 802.11 header wasn't a multiple of 4 bytes long. In 1824 * this case, reserve two bytes at the start of the SKB to 1825 * align the payload properly in case we end up copying it. 1826 */ 1827 skb_reserve(skb, 2); 1828 } 1829 1830 rx_status = IEEE80211_SKB_RXCB(skb); 1831 1832 /* this is needed early */ 1833 band = u8_get_bits(mpdu_desc->mac_phy_band, 1834 IWL_RX_MPDU_MAC_PHY_BAND_BAND_MASK); 1835 iwl_mld_fill_rx_status_band_freq(rx_status, band, 1836 mpdu_desc->v3.channel); 1837 1838 1839 rcu_read_lock(); 1840 1841 sta = iwl_mld_rx_with_sta(mld, hdr, skb, mpdu_desc, pkt, queue, &drop); 1842 if (drop) 1843 goto drop; 1844 1845 /* update aggregation data for monitor sake on default queue */ 1846 if (!queue && (phy_data.phy_info & IWL_RX_MPDU_PHY_AMPDU)) 1847 iwl_mld_rx_update_ampdu_ref(mld, &phy_data, rx_status); 1848 1849 /* Keep packets with CRC errors (and with overrun) for monitor mode 1850 * (otherwise the firmware discards them) but mark them as bad. 1851 */ 1852 if (!(mpdu_desc->status & cpu_to_le32(IWL_RX_MPDU_STATUS_CRC_OK)) || 1853 !(mpdu_desc->status & cpu_to_le32(IWL_RX_MPDU_STATUS_OVERRUN_OK))) { 1854 IWL_DEBUG_RX(mld, "Bad CRC or FIFO: 0x%08X.\n", 1855 le32_to_cpu(mpdu_desc->status)); 1856 rx_status->flag |= RX_FLAG_FAILED_FCS_CRC; 1857 } 1858 1859 if (likely(!(phy_data.phy_info & IWL_RX_MPDU_PHY_TSF_OVERLOAD))) { 1860 rx_status->mactime = 1861 le64_to_cpu(mpdu_desc->v3.tsf_on_air_rise); 1862 1863 /* TSF as indicated by the firmware is at INA time */ 1864 rx_status->flag |= RX_FLAG_MACTIME_PLCP_START; 1865 } 1866 1867 /* management stuff on default queue */ 1868 if (!queue && unlikely(ieee80211_is_beacon(hdr->frame_control) || 1869 ieee80211_is_probe_resp(hdr->frame_control))) { 1870 rx_status->boottime_ns = ktime_get_boottime_ns(); 1871 1872 if (mld->scan.pass_all_sched_res == 1873 SCHED_SCAN_PASS_ALL_STATE_ENABLED) 1874 mld->scan.pass_all_sched_res = 1875 SCHED_SCAN_PASS_ALL_STATE_FOUND; 1876 } 1877 1878 link_id = u8_get_bits(mpdu_desc->mac_phy_band, 1879 IWL_RX_MPDU_MAC_PHY_BAND_LINK_MASK); 1880 1881 iwl_mld_rx_fill_status(mld, link_id, hdr, skb, &phy_data, queue); 1882 1883 if (iwl_mld_rx_crypto(mld, sta, hdr, rx_status, mpdu_desc, queue, 1884 le32_to_cpu(pkt->len_n_flags), &crypto_len)) 1885 goto drop; 1886 1887 if (iwl_mld_build_rx_skb(mld, skb, hdr, mpdu_len, crypto_len, rxb)) 1888 goto drop; 1889 1890 /* time sync frame is saved and will be released later when the 1891 * notification with the timestamps arrives. 1892 */ 1893 if (iwl_mld_time_sync_frame(mld, skb, hdr->addr2)) 1894 goto out; 1895 1896 reorder_res = iwl_mld_reorder(mld, napi, queue, sta, skb, mpdu_desc); 1897 switch (reorder_res) { 1898 case IWL_MLD_PASS_SKB: 1899 break; 1900 case IWL_MLD_DROP_SKB: 1901 goto drop; 1902 case IWL_MLD_BUFFERED_SKB: 1903 goto out; 1904 default: 1905 WARN_ON(1); 1906 goto drop; 1907 } 1908 1909 iwl_mld_pass_packet_to_mac80211(mld, napi, skb, queue, sta); 1910 1911 goto out; 1912 1913 drop: 1914 kfree_skb(skb); 1915 out: 1916 rcu_read_unlock(); 1917 } 1918 1919 #define SYNC_RX_QUEUE_TIMEOUT (HZ) 1920 void iwl_mld_sync_rx_queues(struct iwl_mld *mld, 1921 enum iwl_mld_internal_rxq_notif_type type, 1922 const void *notif_payload, u32 notif_payload_size) 1923 { 1924 u8 num_rx_queues = mld->trans->info.num_rxqs; 1925 struct { 1926 struct iwl_rxq_sync_cmd sync_cmd; 1927 struct iwl_mld_internal_rxq_notif notif; 1928 } __packed cmd = { 1929 .sync_cmd.rxq_mask = cpu_to_le32(BIT(num_rx_queues) - 1), 1930 .sync_cmd.count = 1931 cpu_to_le32(sizeof(struct iwl_mld_internal_rxq_notif) + 1932 notif_payload_size), 1933 .notif.type = type, 1934 .notif.cookie = mld->rxq_sync.cookie, 1935 }; 1936 struct iwl_host_cmd hcmd = { 1937 .id = WIDE_ID(DATA_PATH_GROUP, TRIGGER_RX_QUEUES_NOTIF_CMD), 1938 .data[0] = &cmd, 1939 .len[0] = sizeof(cmd), 1940 .data[1] = notif_payload, 1941 .len[1] = notif_payload_size, 1942 }; 1943 int ret; 1944 1945 /* size must be a multiple of DWORD */ 1946 if (WARN_ON(cmd.sync_cmd.count & cpu_to_le32(3))) 1947 return; 1948 1949 mld->rxq_sync.state = (1 << num_rx_queues) - 1; 1950 1951 ret = iwl_mld_send_cmd(mld, &hcmd); 1952 if (ret) { 1953 IWL_ERR(mld, "Failed to trigger RX queues sync (%d)\n", ret); 1954 goto out; 1955 } 1956 1957 ret = wait_event_timeout(mld->rxq_sync.waitq, 1958 READ_ONCE(mld->rxq_sync.state) == 0, 1959 SYNC_RX_QUEUE_TIMEOUT); 1960 WARN_ONCE(!ret, "RXQ sync failed: state=0x%lx, cookie=%d\n", 1961 mld->rxq_sync.state, mld->rxq_sync.cookie); 1962 1963 out: 1964 mld->rxq_sync.state = 0; 1965 mld->rxq_sync.cookie++; 1966 } 1967 1968 void iwl_mld_handle_rx_queues_sync_notif(struct iwl_mld *mld, 1969 struct napi_struct *napi, 1970 struct iwl_rx_packet *pkt, int queue) 1971 { 1972 struct iwl_rxq_sync_notification *notif; 1973 struct iwl_mld_internal_rxq_notif *internal_notif; 1974 u32 len = iwl_rx_packet_payload_len(pkt); 1975 size_t combined_notif_len = sizeof(*notif) + sizeof(*internal_notif); 1976 1977 notif = (void *)pkt->data; 1978 internal_notif = (void *)notif->payload; 1979 1980 if (IWL_FW_CHECK(mld, len < combined_notif_len, 1981 "invalid notification size %u (%zu)\n", 1982 len, combined_notif_len)) 1983 return; 1984 1985 len -= combined_notif_len; 1986 1987 if (IWL_FW_CHECK(mld, mld->rxq_sync.cookie != internal_notif->cookie, 1988 "received expired RX queue sync message (cookie=%d expected=%d q[%d])\n", 1989 internal_notif->cookie, mld->rxq_sync.cookie, queue)) 1990 return; 1991 1992 switch (internal_notif->type) { 1993 case IWL_MLD_RXQ_EMPTY: 1994 IWL_FW_CHECK(mld, len, 1995 "invalid empty notification size %d\n", len); 1996 break; 1997 case IWL_MLD_RXQ_NOTIF_DEL_BA: 1998 if (IWL_FW_CHECK(mld, len != sizeof(struct iwl_mld_delba_data), 1999 "invalid delba notification size %u (%zu)\n", 2000 len, sizeof(struct iwl_mld_delba_data))) 2001 break; 2002 iwl_mld_del_ba(mld, queue, (void *)internal_notif->payload); 2003 break; 2004 default: 2005 WARN_ON_ONCE(1); 2006 } 2007 2008 IWL_FW_CHECK(mld, !test_and_clear_bit(queue, &mld->rxq_sync.state), 2009 "RXQ sync: queue %d responded a second time!\n", queue); 2010 2011 if (READ_ONCE(mld->rxq_sync.state) == 0) 2012 wake_up(&mld->rxq_sync.waitq); 2013 } 2014 2015 void iwl_mld_rx_monitor_no_data(struct iwl_mld *mld, struct napi_struct *napi, 2016 struct iwl_rx_packet *pkt, int queue) 2017 { 2018 struct iwl_rx_no_data_ver_3 *desc; 2019 struct iwl_mld_rx_phy_data phy_data; 2020 struct ieee80211_rx_status *rx_status; 2021 struct sk_buff *skb; 2022 u32 format, rssi; 2023 u8 channel; 2024 2025 if (unlikely(mld->fw_status.in_hw_restart)) 2026 return; 2027 2028 if (IWL_FW_CHECK(mld, iwl_rx_packet_payload_len(pkt) < sizeof(*desc), 2029 "Bad RX_NO_DATA_NOTIF size (%d)\n", 2030 iwl_rx_packet_payload_len(pkt))) 2031 return; 2032 2033 desc = (void *)pkt->data; 2034 2035 rssi = le32_to_cpu(desc->rssi); 2036 channel = u32_get_bits(rssi, RX_NO_DATA_CHANNEL_MSK); 2037 2038 phy_data.energy_a = u32_get_bits(rssi, RX_NO_DATA_CHAIN_A_MSK); 2039 phy_data.energy_b = u32_get_bits(rssi, RX_NO_DATA_CHAIN_B_MSK); 2040 phy_data.data0 = desc->phy_info[0]; 2041 phy_data.data1 = desc->phy_info[1]; 2042 phy_data.phy_info = IWL_RX_MPDU_PHY_TSF_OVERLOAD; 2043 phy_data.gp2_on_air_rise = le32_to_cpu(desc->on_air_rise_time); 2044 phy_data.rate_n_flags = iwl_v3_rate_from_v2_v3(desc->rate, 2045 mld->fw_rates_ver_3); 2046 phy_data.with_data = false; 2047 2048 BUILD_BUG_ON(sizeof(phy_data.rx_vec) != sizeof(desc->rx_vec)); 2049 memcpy(phy_data.rx_vec, desc->rx_vec, sizeof(phy_data.rx_vec)); 2050 2051 format = phy_data.rate_n_flags & RATE_MCS_MOD_TYPE_MSK; 2052 2053 /* Don't use dev_alloc_skb(), we'll have enough headroom once 2054 * ieee80211_hdr pulled. 2055 */ 2056 skb = alloc_skb(128, GFP_ATOMIC); 2057 if (!skb) { 2058 IWL_ERR(mld, "alloc_skb failed\n"); 2059 return; 2060 } 2061 2062 rx_status = IEEE80211_SKB_RXCB(skb); 2063 2064 /* 0-length PSDU */ 2065 rx_status->flag |= RX_FLAG_NO_PSDU; 2066 2067 /* mark as failed PLCP on any errors to skip checks in mac80211 */ 2068 if (le32_get_bits(desc->info, RX_NO_DATA_INFO_ERR_MSK) != 2069 RX_NO_DATA_INFO_ERR_NONE) 2070 rx_status->flag |= RX_FLAG_FAILED_PLCP_CRC; 2071 2072 switch (le32_get_bits(desc->info, RX_NO_DATA_INFO_TYPE_MSK)) { 2073 case RX_NO_DATA_INFO_TYPE_NDP: 2074 rx_status->zero_length_psdu_type = 2075 IEEE80211_RADIOTAP_ZERO_LEN_PSDU_SOUNDING; 2076 break; 2077 case RX_NO_DATA_INFO_TYPE_MU_UNMATCHED: 2078 case RX_NO_DATA_INFO_TYPE_TB_UNMATCHED: 2079 rx_status->zero_length_psdu_type = 2080 IEEE80211_RADIOTAP_ZERO_LEN_PSDU_NOT_CAPTURED; 2081 break; 2082 default: 2083 rx_status->zero_length_psdu_type = 2084 IEEE80211_RADIOTAP_ZERO_LEN_PSDU_VENDOR; 2085 break; 2086 } 2087 2088 rx_status->band = channel > 14 ? NL80211_BAND_5GHZ : 2089 NL80211_BAND_2GHZ; 2090 2091 rx_status->freq = ieee80211_channel_to_frequency(channel, 2092 rx_status->band); 2093 2094 /* link ID is ignored for NULL header */ 2095 iwl_mld_rx_fill_status(mld, -1, NULL, skb, &phy_data, queue); 2096 2097 /* No more radiotap info should be added after this point. 2098 * Mark it as mac header for upper layers to know where 2099 * the radiotap header ends. 2100 */ 2101 skb_set_mac_header(skb, skb->len); 2102 2103 /* Override the nss from the rx_vec since the rate_n_flags has 2104 * only 1 bit for the nss which gives a max of 2 ss but there 2105 * may be up to 8 spatial streams. 2106 */ 2107 switch (format) { 2108 case RATE_MCS_MOD_TYPE_VHT: 2109 rx_status->nss = 2110 le32_get_bits(desc->rx_vec[0], 2111 RX_NO_DATA_RX_VEC0_VHT_NSTS_MSK) + 1; 2112 break; 2113 case RATE_MCS_MOD_TYPE_HE: 2114 rx_status->nss = 2115 le32_get_bits(desc->rx_vec[0], 2116 RX_NO_DATA_RX_VEC0_HE_NSTS_MSK) + 1; 2117 break; 2118 case RATE_MCS_MOD_TYPE_EHT: 2119 rx_status->nss = 2120 le32_get_bits(desc->rx_vec[2], 2121 RX_NO_DATA_RX_VEC2_EHT_NSTS_MSK) + 1; 2122 } 2123 2124 /* pass the packet to mac80211 */ 2125 rcu_read_lock(); 2126 ieee80211_rx_napi(mld->hw, NULL, skb, napi); 2127 rcu_read_unlock(); 2128 } 2129