1 // SPDX-License-Identifier: GPL-2.0 OR BSD-3-Clause
2 /*
3 * Copyright (C) 2024-2025 Intel Corporation
4 */
5 #include <linux/crc32.h>
6
7 #include "mld.h"
8 #include "scan.h"
9 #include "hcmd.h"
10 #include "iface.h"
11 #include "phy.h"
12 #include "mlo.h"
13
14 #include "fw/api/scan.h"
15 #include "fw/dbg.h"
16
17 #define IWL_SCAN_DWELL_ACTIVE 10
18 #define IWL_SCAN_DWELL_PASSIVE 110
19 #define IWL_SCAN_NUM_OF_FRAGS 3
20
21 /* adaptive dwell max budget time [TU] for full scan */
22 #define IWL_SCAN_ADWELL_MAX_BUDGET_FULL_SCAN 300
23
24 /* adaptive dwell max budget time [TU] for directed scan */
25 #define IWL_SCAN_ADWELL_MAX_BUDGET_DIRECTED_SCAN 100
26
27 /* adaptive dwell default high band APs number */
28 #define IWL_SCAN_ADWELL_DEFAULT_HB_N_APS 8
29
30 /* adaptive dwell default low band APs number */
31 #define IWL_SCAN_ADWELL_DEFAULT_LB_N_APS 2
32
33 /* adaptive dwell default APs number for P2P social channels (1, 6, 11) */
34 #define IWL_SCAN_ADWELL_DEFAULT_N_APS_SOCIAL 10
35
36 /* adaptive dwell number of APs override for P2P friendly GO channels */
37 #define IWL_SCAN_ADWELL_N_APS_GO_FRIENDLY 10
38
39 /* adaptive dwell number of APs override for P2P social channels */
40 #define IWL_SCAN_ADWELL_N_APS_SOCIAL_CHS 2
41
42 /* adaptive dwell number of APs override mask for p2p friendly GO */
43 #define IWL_SCAN_ADWELL_N_APS_GO_FRIENDLY_BIT BIT(20)
44
45 /* adaptive dwell number of APs override mask for social channels */
46 #define IWL_SCAN_ADWELL_N_APS_SOCIAL_CHS_BIT BIT(21)
47
48 #define SCAN_TIMEOUT_MSEC (30000 * HZ)
49
50 /* minimal number of 2GHz and 5GHz channels in the regular scan request */
51 #define IWL_MLD_6GHZ_PASSIVE_SCAN_MIN_CHANS 4
52
53 enum iwl_mld_scan_type {
54 IWL_SCAN_TYPE_NOT_SET,
55 IWL_SCAN_TYPE_UNASSOC,
56 IWL_SCAN_TYPE_WILD,
57 IWL_SCAN_TYPE_MILD,
58 IWL_SCAN_TYPE_FRAGMENTED,
59 IWL_SCAN_TYPE_FAST_BALANCE,
60 };
61
62 struct iwl_mld_scan_timing_params {
63 u32 suspend_time;
64 u32 max_out_time;
65 };
66
67 static const struct iwl_mld_scan_timing_params scan_timing[] = {
68 [IWL_SCAN_TYPE_UNASSOC] = {
69 .suspend_time = 0,
70 .max_out_time = 0,
71 },
72 [IWL_SCAN_TYPE_WILD] = {
73 .suspend_time = 30,
74 .max_out_time = 120,
75 },
76 [IWL_SCAN_TYPE_MILD] = {
77 .suspend_time = 120,
78 .max_out_time = 120,
79 },
80 [IWL_SCAN_TYPE_FRAGMENTED] = {
81 .suspend_time = 95,
82 .max_out_time = 44,
83 },
84 [IWL_SCAN_TYPE_FAST_BALANCE] = {
85 .suspend_time = 30,
86 .max_out_time = 37,
87 },
88 };
89
90 struct iwl_mld_scan_params {
91 enum iwl_mld_scan_type type;
92 u32 n_channels;
93 u16 delay;
94 int n_ssids;
95 struct cfg80211_ssid *ssids;
96 struct ieee80211_channel **channels;
97 u32 flags;
98 u8 *mac_addr;
99 u8 *mac_addr_mask;
100 bool no_cck;
101 bool pass_all;
102 int n_match_sets;
103 struct iwl_scan_probe_req preq;
104 struct cfg80211_match_set *match_sets;
105 int n_scan_plans;
106 struct cfg80211_sched_scan_plan *scan_plans;
107 bool iter_notif;
108 bool respect_p2p_go;
109 u8 fw_link_id;
110 struct cfg80211_scan_6ghz_params *scan_6ghz_params;
111 u32 n_6ghz_params;
112 bool scan_6ghz;
113 bool enable_6ghz_passive;
114 u8 bssid[ETH_ALEN] __aligned(2);
115 };
116
117 struct iwl_mld_scan_respect_p2p_go_iter_data {
118 struct ieee80211_vif *current_vif;
119 bool p2p_go;
120 };
121
iwl_mld_scan_respect_p2p_go_iter(void * _data,u8 * mac,struct ieee80211_vif * vif)122 static void iwl_mld_scan_respect_p2p_go_iter(void *_data, u8 *mac,
123 struct ieee80211_vif *vif)
124 {
125 struct iwl_mld_scan_respect_p2p_go_iter_data *data = _data;
126
127 /* exclude the given vif */
128 if (vif == data->current_vif)
129 return;
130
131 /* TODO: CDB check the band of the GO */
132 if (ieee80211_vif_type_p2p(vif) == NL80211_IFTYPE_P2P_GO &&
133 iwl_mld_vif_from_mac80211(vif)->ap_ibss_active)
134 data->p2p_go = true;
135 }
136
iwl_mld_get_respect_p2p_go(struct iwl_mld * mld,struct ieee80211_vif * vif,bool low_latency)137 static bool iwl_mld_get_respect_p2p_go(struct iwl_mld *mld,
138 struct ieee80211_vif *vif,
139 bool low_latency)
140 {
141 struct iwl_mld_scan_respect_p2p_go_iter_data data = {
142 .current_vif = vif,
143 .p2p_go = false,
144 };
145
146 if (!low_latency)
147 return false;
148
149 ieee80211_iterate_active_interfaces_mtx(mld->hw,
150 IEEE80211_IFACE_ITER_NORMAL,
151 iwl_mld_scan_respect_p2p_go_iter,
152 &data);
153
154 return data.p2p_go;
155 }
156
157 struct iwl_mld_scan_iter_data {
158 struct ieee80211_vif *current_vif;
159 bool active_vif;
160 bool is_dcm_with_p2p_go;
161 bool global_low_latency;
162 };
163
iwl_mld_scan_iterator(void * _data,u8 * mac,struct ieee80211_vif * vif)164 static void iwl_mld_scan_iterator(void *_data, u8 *mac,
165 struct ieee80211_vif *vif)
166 {
167 struct iwl_mld_scan_iter_data *data = _data;
168 struct ieee80211_vif *curr_vif = data->current_vif;
169 struct iwl_mld_vif *mld_vif = iwl_mld_vif_from_mac80211(vif);
170 struct iwl_mld_vif *curr_mld_vif;
171 unsigned long curr_vif_active_links;
172 u16 link_id;
173
174 data->global_low_latency |= iwl_mld_vif_low_latency(mld_vif);
175
176 if ((ieee80211_vif_is_mld(vif) && vif->active_links) ||
177 (vif->type != NL80211_IFTYPE_P2P_DEVICE &&
178 mld_vif->deflink.active))
179 data->active_vif = true;
180
181 if (vif == curr_vif)
182 return;
183
184 if (ieee80211_vif_type_p2p(vif) != NL80211_IFTYPE_P2P_GO)
185 return;
186
187 /* Currently P2P GO can't be AP MLD so the logic below assumes that */
188 WARN_ON_ONCE(ieee80211_vif_is_mld(vif));
189
190 curr_vif_active_links =
191 ieee80211_vif_is_mld(curr_vif) ? curr_vif->active_links : 1;
192
193 curr_mld_vif = iwl_mld_vif_from_mac80211(curr_vif);
194
195 for_each_set_bit(link_id, &curr_vif_active_links,
196 IEEE80211_MLD_MAX_NUM_LINKS) {
197 struct iwl_mld_link *curr_mld_link =
198 iwl_mld_link_dereference_check(curr_mld_vif, link_id);
199
200 if (WARN_ON(!curr_mld_link))
201 return;
202
203 if (rcu_access_pointer(curr_mld_link->chan_ctx) &&
204 rcu_access_pointer(mld_vif->deflink.chan_ctx) !=
205 rcu_access_pointer(curr_mld_link->chan_ctx)) {
206 data->is_dcm_with_p2p_go = true;
207 return;
208 }
209 }
210 }
211
212 static enum
iwl_mld_get_scan_type(struct iwl_mld * mld,struct ieee80211_vif * vif,struct iwl_mld_scan_iter_data * data)213 iwl_mld_scan_type iwl_mld_get_scan_type(struct iwl_mld *mld,
214 struct ieee80211_vif *vif,
215 struct iwl_mld_scan_iter_data *data)
216 {
217 enum iwl_mld_traffic_load load = mld->scan.traffic_load.status;
218
219 /* A scanning AP interface probably wants to generate a survey to do
220 * ACS (automatic channel selection).
221 * Force a non-fragmented scan in that case.
222 */
223 if (ieee80211_vif_type_p2p(vif) == NL80211_IFTYPE_AP)
224 return IWL_SCAN_TYPE_WILD;
225
226 if (!data->active_vif)
227 return IWL_SCAN_TYPE_UNASSOC;
228
229 if ((load == IWL_MLD_TRAFFIC_HIGH || data->global_low_latency) &&
230 vif->type != NL80211_IFTYPE_P2P_DEVICE)
231 return IWL_SCAN_TYPE_FRAGMENTED;
232
233 /* In case of DCM with P2P GO set all scan requests as
234 * fast-balance scan
235 */
236 if (vif->type == NL80211_IFTYPE_STATION &&
237 data->is_dcm_with_p2p_go)
238 return IWL_SCAN_TYPE_FAST_BALANCE;
239
240 if (load >= IWL_MLD_TRAFFIC_MEDIUM || data->global_low_latency)
241 return IWL_SCAN_TYPE_MILD;
242
243 return IWL_SCAN_TYPE_WILD;
244 }
245
246 static u8 *
iwl_mld_scan_add_2ghz_elems(struct iwl_mld * mld,const u8 * ies,size_t len,u8 * const pos)247 iwl_mld_scan_add_2ghz_elems(struct iwl_mld *mld, const u8 *ies,
248 size_t len, u8 *const pos)
249 {
250 static const u8 before_ds_params[] = {
251 WLAN_EID_SSID,
252 WLAN_EID_SUPP_RATES,
253 WLAN_EID_REQUEST,
254 WLAN_EID_EXT_SUPP_RATES,
255 };
256 size_t offs;
257 u8 *newpos = pos;
258
259 offs = ieee80211_ie_split(ies, len,
260 before_ds_params,
261 ARRAY_SIZE(before_ds_params),
262 0);
263
264 memcpy(newpos, ies, offs);
265 newpos += offs;
266
267 /* Add a placeholder for DS Parameter Set element */
268 *newpos++ = WLAN_EID_DS_PARAMS;
269 *newpos++ = 1;
270 *newpos++ = 0;
271
272 memcpy(newpos, ies + offs, len - offs);
273 newpos += len - offs;
274
275 return newpos;
276 }
277
278 static void
iwl_mld_scan_add_tpc_report_elem(u8 * pos)279 iwl_mld_scan_add_tpc_report_elem(u8 *pos)
280 {
281 pos[0] = WLAN_EID_VENDOR_SPECIFIC;
282 pos[1] = WFA_TPC_IE_LEN - 2;
283 pos[2] = (WLAN_OUI_MICROSOFT >> 16) & 0xff;
284 pos[3] = (WLAN_OUI_MICROSOFT >> 8) & 0xff;
285 pos[4] = WLAN_OUI_MICROSOFT & 0xff;
286 pos[5] = WLAN_OUI_TYPE_MICROSOFT_TPC;
287 pos[6] = 0;
288 /* pos[7] - tx power will be inserted by the FW */
289 pos[7] = 0;
290 pos[8] = 0;
291 }
292
293 static u32
iwl_mld_scan_ooc_priority(enum iwl_mld_scan_status scan_status)294 iwl_mld_scan_ooc_priority(enum iwl_mld_scan_status scan_status)
295 {
296 if (scan_status == IWL_MLD_SCAN_REGULAR)
297 return IWL_SCAN_PRIORITY_EXT_6;
298 if (scan_status == IWL_MLD_SCAN_INT_MLO)
299 return IWL_SCAN_PRIORITY_EXT_4;
300
301 return IWL_SCAN_PRIORITY_EXT_2;
302 }
303
304 static bool
iwl_mld_scan_is_regular(struct iwl_mld_scan_params * params)305 iwl_mld_scan_is_regular(struct iwl_mld_scan_params *params)
306 {
307 return params->n_scan_plans == 1 &&
308 params->scan_plans[0].iterations == 1;
309 }
310
311 static bool
iwl_mld_scan_is_fragmented(enum iwl_mld_scan_type type)312 iwl_mld_scan_is_fragmented(enum iwl_mld_scan_type type)
313 {
314 return (type == IWL_SCAN_TYPE_FRAGMENTED ||
315 type == IWL_SCAN_TYPE_FAST_BALANCE);
316 }
317
318 static int
iwl_mld_scan_uid_by_status(struct iwl_mld * mld,int status)319 iwl_mld_scan_uid_by_status(struct iwl_mld *mld, int status)
320 {
321 for (int i = 0; i < ARRAY_SIZE(mld->scan.uid_status); i++)
322 if (mld->scan.uid_status[i] == status)
323 return i;
324
325 return -ENOENT;
326 }
327
328 static const char *
iwl_mld_scan_ebs_status_str(enum iwl_scan_ebs_status status)329 iwl_mld_scan_ebs_status_str(enum iwl_scan_ebs_status status)
330 {
331 switch (status) {
332 case IWL_SCAN_EBS_SUCCESS:
333 return "successful";
334 case IWL_SCAN_EBS_INACTIVE:
335 return "inactive";
336 case IWL_SCAN_EBS_FAILED:
337 case IWL_SCAN_EBS_CHAN_NOT_FOUND:
338 default:
339 return "failed";
340 }
341 }
342
343 static int
iwl_mld_scan_ssid_exist(u8 * ssid,u8 ssid_len,struct iwl_ssid_ie * ssid_list)344 iwl_mld_scan_ssid_exist(u8 *ssid, u8 ssid_len, struct iwl_ssid_ie *ssid_list)
345 {
346 for (int i = 0; i < PROBE_OPTION_MAX; i++) {
347 if (!ssid_list[i].len)
348 return -1;
349 if (ssid_list[i].len == ssid_len &&
350 !memcmp(ssid_list[i].ssid, ssid, ssid_len))
351 return i;
352 }
353
354 return -1;
355 }
356
357 static bool
iwl_mld_scan_fits(struct iwl_mld * mld,int n_ssids,struct ieee80211_scan_ies * ies,int n_channels)358 iwl_mld_scan_fits(struct iwl_mld *mld, int n_ssids,
359 struct ieee80211_scan_ies *ies, int n_channels)
360 {
361 return ((n_ssids <= PROBE_OPTION_MAX) &&
362 (n_channels <= mld->fw->ucode_capa.n_scan_channels) &
363 (ies->common_ie_len + ies->len[NL80211_BAND_2GHZ] +
364 ies->len[NL80211_BAND_5GHZ] + ies->len[NL80211_BAND_6GHZ] <=
365 iwl_mld_scan_max_template_size()));
366 }
367
368 static void
iwl_mld_scan_build_probe_req(struct iwl_mld * mld,struct ieee80211_vif * vif,struct ieee80211_scan_ies * ies,struct iwl_mld_scan_params * params)369 iwl_mld_scan_build_probe_req(struct iwl_mld *mld, struct ieee80211_vif *vif,
370 struct ieee80211_scan_ies *ies,
371 struct iwl_mld_scan_params *params)
372 {
373 struct ieee80211_mgmt *frame = (void *)params->preq.buf;
374 u8 *pos, *newpos;
375 const u8 *mac_addr = params->flags & NL80211_SCAN_FLAG_RANDOM_ADDR ?
376 params->mac_addr : NULL;
377
378 if (mac_addr)
379 get_random_mask_addr(frame->sa, mac_addr,
380 params->mac_addr_mask);
381 else
382 memcpy(frame->sa, vif->addr, ETH_ALEN);
383
384 frame->frame_control = cpu_to_le16(IEEE80211_STYPE_PROBE_REQ);
385 eth_broadcast_addr(frame->da);
386 ether_addr_copy(frame->bssid, params->bssid);
387 frame->seq_ctrl = 0;
388
389 pos = frame->u.probe_req.variable;
390 *pos++ = WLAN_EID_SSID;
391 *pos++ = 0;
392
393 params->preq.mac_header.offset = 0;
394 params->preq.mac_header.len = cpu_to_le16(24 + 2);
395
396 /* Insert DS parameter set element on 2.4 GHz band */
397 newpos = iwl_mld_scan_add_2ghz_elems(mld,
398 ies->ies[NL80211_BAND_2GHZ],
399 ies->len[NL80211_BAND_2GHZ],
400 pos);
401 params->preq.band_data[0].offset = cpu_to_le16(pos - params->preq.buf);
402 params->preq.band_data[0].len = cpu_to_le16(newpos - pos);
403 pos = newpos;
404
405 memcpy(pos, ies->ies[NL80211_BAND_5GHZ],
406 ies->len[NL80211_BAND_5GHZ]);
407 params->preq.band_data[1].offset = cpu_to_le16(pos - params->preq.buf);
408 params->preq.band_data[1].len =
409 cpu_to_le16(ies->len[NL80211_BAND_5GHZ]);
410 pos += ies->len[NL80211_BAND_5GHZ];
411
412 memcpy(pos, ies->ies[NL80211_BAND_6GHZ],
413 ies->len[NL80211_BAND_6GHZ]);
414 params->preq.band_data[2].offset = cpu_to_le16(pos - params->preq.buf);
415 params->preq.band_data[2].len =
416 cpu_to_le16(ies->len[NL80211_BAND_6GHZ]);
417 pos += ies->len[NL80211_BAND_6GHZ];
418
419 memcpy(pos, ies->common_ies, ies->common_ie_len);
420 params->preq.common_data.offset = cpu_to_le16(pos - params->preq.buf);
421
422 iwl_mld_scan_add_tpc_report_elem(pos + ies->common_ie_len);
423 params->preq.common_data.len = cpu_to_le16(ies->common_ie_len +
424 WFA_TPC_IE_LEN);
425 }
426
427 static u16
iwl_mld_scan_get_cmd_gen_flags(struct iwl_mld * mld,struct iwl_mld_scan_params * params,struct ieee80211_vif * vif,enum iwl_mld_scan_status scan_status)428 iwl_mld_scan_get_cmd_gen_flags(struct iwl_mld *mld,
429 struct iwl_mld_scan_params *params,
430 struct ieee80211_vif *vif,
431 enum iwl_mld_scan_status scan_status)
432 {
433 u16 flags = 0;
434
435 /* If no direct SSIDs are provided perform a passive scan. Otherwise,
436 * if there is a single SSID which is not the broadcast SSID, assume
437 * that the scan is intended for roaming purposes and thus enable Rx on
438 * all chains to improve chances of hearing the beacons/probe responses.
439 */
440 if (params->n_ssids == 0)
441 flags |= IWL_UMAC_SCAN_GEN_FLAGS_V2_FORCE_PASSIVE;
442 else if (params->n_ssids == 1 && params->ssids[0].ssid_len)
443 flags |= IWL_UMAC_SCAN_GEN_FLAGS_V2_USE_ALL_RX_CHAINS;
444
445 if (params->pass_all)
446 flags |= IWL_UMAC_SCAN_GEN_FLAGS_V2_PASS_ALL;
447 else
448 flags |= IWL_UMAC_SCAN_GEN_FLAGS_V2_MATCH;
449
450 if (iwl_mld_scan_is_fragmented(params->type))
451 flags |= IWL_UMAC_SCAN_GEN_FLAGS_V2_FRAGMENTED_LMAC1;
452
453 if (!iwl_mld_scan_is_regular(params))
454 flags |= IWL_UMAC_SCAN_GEN_FLAGS_V2_PERIODIC;
455
456 if (params->iter_notif ||
457 mld->scan.pass_all_sched_res == SCHED_SCAN_PASS_ALL_STATE_ENABLED)
458 flags |= IWL_UMAC_SCAN_GEN_FLAGS_V2_NTFY_ITER_COMPLETE;
459
460 if (scan_status == IWL_MLD_SCAN_SCHED ||
461 scan_status == IWL_MLD_SCAN_NETDETECT)
462 flags |= IWL_UMAC_SCAN_GEN_FLAGS_V2_PREEMPTIVE;
463
464 if (params->flags & (NL80211_SCAN_FLAG_ACCEPT_BCAST_PROBE_RESP |
465 NL80211_SCAN_FLAG_OCE_PROBE_REQ_HIGH_TX_RATE |
466 NL80211_SCAN_FLAG_FILS_MAX_CHANNEL_TIME))
467 flags |= IWL_UMAC_SCAN_GEN_FLAGS_V2_OCE;
468
469 if ((scan_status == IWL_MLD_SCAN_SCHED ||
470 scan_status == IWL_MLD_SCAN_NETDETECT) &&
471 params->flags & NL80211_SCAN_FLAG_COLOCATED_6GHZ)
472 flags |= IWL_UMAC_SCAN_GEN_FLAGS_V2_TRIGGER_UHB_SCAN;
473
474 if (params->enable_6ghz_passive)
475 flags |= IWL_UMAC_SCAN_GEN_FLAGS_V2_6GHZ_PASSIVE_SCAN;
476
477 flags |= IWL_UMAC_SCAN_GEN_FLAGS_V2_ADAPTIVE_DWELL;
478
479 return flags;
480 }
481
482 static u8
iwl_mld_scan_get_cmd_gen_flags2(struct iwl_mld * mld,struct iwl_mld_scan_params * params,struct ieee80211_vif * vif,u16 gen_flags)483 iwl_mld_scan_get_cmd_gen_flags2(struct iwl_mld *mld,
484 struct iwl_mld_scan_params *params,
485 struct ieee80211_vif *vif, u16 gen_flags)
486 {
487 u8 flags = 0;
488
489 /* TODO: CDB */
490 if (params->respect_p2p_go)
491 flags |= IWL_UMAC_SCAN_GEN_PARAMS_FLAGS2_RESPECT_P2P_GO_LB |
492 IWL_UMAC_SCAN_GEN_PARAMS_FLAGS2_RESPECT_P2P_GO_HB;
493
494 if (params->scan_6ghz)
495 flags |= IWL_UMAC_SCAN_GEN_PARAMS_FLAGS2_DONT_TOGGLE_ANT;
496
497 return flags;
498 }
499
500 static void
iwl_mld_scan_cmd_set_dwell(struct iwl_mld * mld,struct iwl_scan_general_params_v11 * gp,struct iwl_mld_scan_params * params)501 iwl_mld_scan_cmd_set_dwell(struct iwl_mld *mld,
502 struct iwl_scan_general_params_v11 *gp,
503 struct iwl_mld_scan_params *params)
504 {
505 const struct iwl_mld_scan_timing_params *timing =
506 &scan_timing[params->type];
507
508 gp->adwell_default_social_chn =
509 IWL_SCAN_ADWELL_DEFAULT_N_APS_SOCIAL;
510 gp->adwell_default_2g = IWL_SCAN_ADWELL_DEFAULT_LB_N_APS;
511 gp->adwell_default_5g = IWL_SCAN_ADWELL_DEFAULT_HB_N_APS;
512
513 if (params->n_ssids && params->ssids[0].ssid_len)
514 gp->adwell_max_budget =
515 cpu_to_le16(IWL_SCAN_ADWELL_MAX_BUDGET_DIRECTED_SCAN);
516 else
517 gp->adwell_max_budget =
518 cpu_to_le16(IWL_SCAN_ADWELL_MAX_BUDGET_FULL_SCAN);
519
520 gp->scan_priority = cpu_to_le32(IWL_SCAN_PRIORITY_EXT_6);
521
522 gp->max_out_of_time[SCAN_LB_LMAC_IDX] = cpu_to_le32(timing->max_out_time);
523 gp->suspend_time[SCAN_LB_LMAC_IDX] = cpu_to_le32(timing->suspend_time);
524
525 gp->active_dwell[SCAN_LB_LMAC_IDX] = IWL_SCAN_DWELL_ACTIVE;
526 gp->passive_dwell[SCAN_LB_LMAC_IDX] = IWL_SCAN_DWELL_PASSIVE;
527 gp->active_dwell[SCAN_HB_LMAC_IDX] = IWL_SCAN_DWELL_ACTIVE;
528 gp->passive_dwell[SCAN_HB_LMAC_IDX] = IWL_SCAN_DWELL_PASSIVE;
529
530 IWL_DEBUG_SCAN(mld,
531 "Scan: adwell_max_budget=%d max_out_of_time=%d suspend_time=%d\n",
532 gp->adwell_max_budget,
533 gp->max_out_of_time[SCAN_LB_LMAC_IDX],
534 gp->suspend_time[SCAN_LB_LMAC_IDX]);
535 }
536
537 static void
iwl_mld_scan_cmd_set_gen_params(struct iwl_mld * mld,struct iwl_mld_scan_params * params,struct ieee80211_vif * vif,struct iwl_scan_general_params_v11 * gp,enum iwl_mld_scan_status scan_status)538 iwl_mld_scan_cmd_set_gen_params(struct iwl_mld *mld,
539 struct iwl_mld_scan_params *params,
540 struct ieee80211_vif *vif,
541 struct iwl_scan_general_params_v11 *gp,
542 enum iwl_mld_scan_status scan_status)
543 {
544 u16 gen_flags = iwl_mld_scan_get_cmd_gen_flags(mld, params, vif,
545 scan_status);
546 u8 gen_flags2 = iwl_mld_scan_get_cmd_gen_flags2(mld, params, vif,
547 gen_flags);
548
549 IWL_DEBUG_SCAN(mld, "General: flags=0x%x, flags2=0x%x\n",
550 gen_flags, gen_flags2);
551
552 gp->flags = cpu_to_le16(gen_flags);
553 gp->flags2 = gen_flags2;
554
555 iwl_mld_scan_cmd_set_dwell(mld, gp, params);
556
557 if (gen_flags & IWL_UMAC_SCAN_GEN_FLAGS_V2_FRAGMENTED_LMAC1)
558 gp->num_of_fragments[SCAN_LB_LMAC_IDX] = IWL_SCAN_NUM_OF_FRAGS;
559
560 if (params->fw_link_id != IWL_MLD_INVALID_FW_ID)
561 gp->scan_start_mac_or_link_id = params->fw_link_id;
562 }
563
564 static int
iwl_mld_scan_cmd_set_sched_params(struct iwl_mld_scan_params * params,struct iwl_scan_umac_schedule * schedule,__le16 * delay)565 iwl_mld_scan_cmd_set_sched_params(struct iwl_mld_scan_params *params,
566 struct iwl_scan_umac_schedule *schedule,
567 __le16 *delay)
568 {
569 if (WARN_ON(!params->n_scan_plans ||
570 params->n_scan_plans > IWL_MAX_SCHED_SCAN_PLANS))
571 return -EINVAL;
572
573 for (int i = 0; i < params->n_scan_plans; i++) {
574 struct cfg80211_sched_scan_plan *scan_plan =
575 ¶ms->scan_plans[i];
576
577 schedule[i].iter_count = scan_plan->iterations;
578 schedule[i].interval =
579 cpu_to_le16(scan_plan->interval);
580 }
581
582 /* If the number of iterations of the last scan plan is set to zero,
583 * it should run infinitely. However, this is not always the case.
584 * For example, when regular scan is requested the driver sets one scan
585 * plan with one iteration.
586 */
587 if (!schedule[params->n_scan_plans - 1].iter_count)
588 schedule[params->n_scan_plans - 1].iter_count = 0xff;
589
590 *delay = cpu_to_le16(params->delay);
591
592 return 0;
593 }
594
595 /* We insert the SSIDs in an inverted order, because the FW will
596 * invert it back.
597 */
598 static void
iwl_mld_scan_cmd_build_ssids(struct iwl_mld_scan_params * params,struct iwl_ssid_ie * ssids,u32 * ssid_bitmap)599 iwl_mld_scan_cmd_build_ssids(struct iwl_mld_scan_params *params,
600 struct iwl_ssid_ie *ssids, u32 *ssid_bitmap)
601 {
602 int i, j;
603 int index;
604 u32 tmp_bitmap = 0;
605
606 /* copy SSIDs from match list. iwl_config_sched_scan_profiles()
607 * uses the order of these ssids to config match list.
608 */
609 for (i = 0, j = params->n_match_sets - 1;
610 j >= 0 && i < PROBE_OPTION_MAX;
611 i++, j--) {
612 /* skip empty SSID match_sets */
613 if (!params->match_sets[j].ssid.ssid_len)
614 continue;
615
616 ssids[i].id = WLAN_EID_SSID;
617 ssids[i].len = params->match_sets[j].ssid.ssid_len;
618 memcpy(ssids[i].ssid, params->match_sets[j].ssid.ssid,
619 ssids[i].len);
620 }
621
622 /* add SSIDs from scan SSID list */
623 for (j = params->n_ssids - 1;
624 j >= 0 && i < PROBE_OPTION_MAX;
625 i++, j--) {
626 index = iwl_mld_scan_ssid_exist(params->ssids[j].ssid,
627 params->ssids[j].ssid_len,
628 ssids);
629 if (index < 0) {
630 ssids[i].id = WLAN_EID_SSID;
631 ssids[i].len = params->ssids[j].ssid_len;
632 memcpy(ssids[i].ssid, params->ssids[j].ssid,
633 ssids[i].len);
634 tmp_bitmap |= BIT(i);
635 } else {
636 tmp_bitmap |= BIT(index);
637 }
638 }
639
640 if (ssid_bitmap)
641 *ssid_bitmap = tmp_bitmap;
642 }
643
644 static void
iwl_mld_scan_fill_6g_chan_list(struct iwl_mld_scan_params * params,struct iwl_scan_probe_params_v4 * pp)645 iwl_mld_scan_fill_6g_chan_list(struct iwl_mld_scan_params *params,
646 struct iwl_scan_probe_params_v4 *pp)
647 {
648 int j, idex_s = 0, idex_b = 0;
649 struct cfg80211_scan_6ghz_params *scan_6ghz_params =
650 params->scan_6ghz_params;
651
652 for (j = 0;
653 j < params->n_ssids && idex_s < SCAN_SHORT_SSID_MAX_SIZE;
654 j++) {
655 if (!params->ssids[j].ssid_len)
656 continue;
657
658 pp->short_ssid[idex_s] =
659 cpu_to_le32(~crc32_le(~0, params->ssids[j].ssid,
660 params->ssids[j].ssid_len));
661
662 /* hidden 6ghz scan */
663 pp->direct_scan[idex_s].id = WLAN_EID_SSID;
664 pp->direct_scan[idex_s].len = params->ssids[j].ssid_len;
665 memcpy(pp->direct_scan[idex_s].ssid, params->ssids[j].ssid,
666 params->ssids[j].ssid_len);
667 idex_s++;
668 }
669
670 /* Populate the arrays of the short SSIDs and the BSSIDs using the 6GHz
671 * collocated parameters. This might not be optimal, as this processing
672 * does not (yet) correspond to the actual channels, so it is possible
673 * that some entries would be left out.
674 */
675 for (j = 0; j < params->n_6ghz_params; j++) {
676 int k;
677
678 /* First, try to place the short SSID */
679 if (scan_6ghz_params[j].short_ssid_valid) {
680 for (k = 0; k < idex_s; k++) {
681 if (pp->short_ssid[k] ==
682 cpu_to_le32(scan_6ghz_params[j].short_ssid))
683 break;
684 }
685
686 if (k == idex_s && idex_s < SCAN_SHORT_SSID_MAX_SIZE) {
687 pp->short_ssid[idex_s++] =
688 cpu_to_le32(scan_6ghz_params[j].short_ssid);
689 }
690 }
691
692 /* try to place BSSID for the same entry */
693 for (k = 0; k < idex_b; k++) {
694 if (!memcmp(&pp->bssid_array[k],
695 scan_6ghz_params[j].bssid, ETH_ALEN))
696 break;
697 }
698
699 if (k == idex_b && idex_b < SCAN_BSSID_MAX_SIZE &&
700 !WARN_ONCE(!is_valid_ether_addr(scan_6ghz_params[j].bssid),
701 "scan: invalid BSSID at index %u, index_b=%u\n",
702 j, idex_b)) {
703 memcpy(&pp->bssid_array[idex_b++],
704 scan_6ghz_params[j].bssid, ETH_ALEN);
705 }
706 }
707
708 pp->short_ssid_num = idex_s;
709 pp->bssid_num = idex_b;
710 }
711
712 static void
iwl_mld_scan_cmd_set_probe_params(struct iwl_mld_scan_params * params,struct iwl_scan_probe_params_v4 * pp,u32 * bitmap_ssid)713 iwl_mld_scan_cmd_set_probe_params(struct iwl_mld_scan_params *params,
714 struct iwl_scan_probe_params_v4 *pp,
715 u32 *bitmap_ssid)
716 {
717 pp->preq = params->preq;
718
719 if (params->scan_6ghz) {
720 iwl_mld_scan_fill_6g_chan_list(params, pp);
721 return;
722 }
723
724 /* relevant only for 2.4 GHz /5 GHz scan */
725 iwl_mld_scan_cmd_build_ssids(params, pp->direct_scan, bitmap_ssid);
726 }
727
728 static bool
iwl_mld_scan_use_ebs(struct iwl_mld * mld,struct ieee80211_vif * vif,bool low_latency)729 iwl_mld_scan_use_ebs(struct iwl_mld *mld, struct ieee80211_vif *vif,
730 bool low_latency)
731 {
732 const struct iwl_ucode_capabilities *capa = &mld->fw->ucode_capa;
733
734 /* We can only use EBS if:
735 * 1. the feature is supported.
736 * 2. the last EBS was successful.
737 * 3. it's not a p2p find operation.
738 * 4. we are not in low latency mode,
739 * or if fragmented ebs is supported by the FW
740 * 5. the VIF is not an AP interface (scan wants survey results)
741 */
742 return ((capa->flags & IWL_UCODE_TLV_FLAGS_EBS_SUPPORT) &&
743 !mld->scan.last_ebs_failed &&
744 vif->type != NL80211_IFTYPE_P2P_DEVICE &&
745 (!low_latency || fw_has_api(capa, IWL_UCODE_TLV_API_FRAG_EBS)) &&
746 ieee80211_vif_type_p2p(vif) != NL80211_IFTYPE_AP);
747 }
748
749 static u8
iwl_mld_scan_cmd_set_chan_flags(struct iwl_mld * mld,struct iwl_mld_scan_params * params,struct ieee80211_vif * vif,bool low_latency)750 iwl_mld_scan_cmd_set_chan_flags(struct iwl_mld *mld,
751 struct iwl_mld_scan_params *params,
752 struct ieee80211_vif *vif,
753 bool low_latency)
754 {
755 u8 flags = 0;
756
757 flags |= IWL_SCAN_CHANNEL_FLAG_ENABLE_CHAN_ORDER;
758
759 if (iwl_mld_scan_use_ebs(mld, vif, low_latency))
760 flags |= IWL_SCAN_CHANNEL_FLAG_EBS |
761 IWL_SCAN_CHANNEL_FLAG_EBS_ACCURATE |
762 IWL_SCAN_CHANNEL_FLAG_CACHE_ADD;
763
764 /* set fragmented ebs for fragmented scan */
765 if (iwl_mld_scan_is_fragmented(params->type))
766 flags |= IWL_SCAN_CHANNEL_FLAG_EBS_FRAG;
767
768 /* Force EBS in case the scan is a fragmented and there is a need
769 * to take P2P GO operation into consideration during scan operation.
770 */
771 /* TODO: CDB */
772 if (iwl_mld_scan_is_fragmented(params->type) &&
773 params->respect_p2p_go) {
774 IWL_DEBUG_SCAN(mld, "Respect P2P GO. Force EBS\n");
775 flags |= IWL_SCAN_CHANNEL_FLAG_FORCE_EBS;
776 }
777
778 return flags;
779 }
780
781 static const u8 p2p_go_friendly_chs[] = {
782 36, 40, 44, 48, 149, 153, 157, 161, 165,
783 };
784
785 static const u8 social_chs[] = {
786 1, 6, 11
787 };
788
iwl_mld_scan_ch_n_aps_flag(enum nl80211_iftype vif_type,u8 ch_id)789 static u32 iwl_mld_scan_ch_n_aps_flag(enum nl80211_iftype vif_type, u8 ch_id)
790 {
791 if (vif_type != NL80211_IFTYPE_P2P_DEVICE)
792 return 0;
793
794 for (int i = 0; i < ARRAY_SIZE(p2p_go_friendly_chs); i++) {
795 if (ch_id == p2p_go_friendly_chs[i])
796 return IWL_SCAN_ADWELL_N_APS_GO_FRIENDLY_BIT;
797 }
798
799 for (int i = 0; i < ARRAY_SIZE(social_chs); i++) {
800 if (ch_id == social_chs[i])
801 return IWL_SCAN_ADWELL_N_APS_SOCIAL_CHS_BIT;
802 }
803
804 return 0;
805 }
806
807 static void
iwl_mld_scan_cmd_set_channels(struct iwl_mld * mld,struct ieee80211_channel ** channels,struct iwl_scan_channel_params_v7 * cp,int n_channels,u32 flags,enum nl80211_iftype vif_type)808 iwl_mld_scan_cmd_set_channels(struct iwl_mld *mld,
809 struct ieee80211_channel **channels,
810 struct iwl_scan_channel_params_v7 *cp,
811 int n_channels, u32 flags,
812 enum nl80211_iftype vif_type)
813 {
814 for (int i = 0; i < n_channels; i++) {
815 enum nl80211_band band = channels[i]->band;
816 struct iwl_scan_channel_cfg_umac *cfg = &cp->channel_config[i];
817 u8 iwl_band = iwl_mld_nl80211_band_to_fw(band);
818 u32 n_aps_flag =
819 iwl_mld_scan_ch_n_aps_flag(vif_type,
820 channels[i]->hw_value);
821
822 if (IWL_MLD_ADAPTIVE_DWELL_NUM_APS_OVERRIDE)
823 n_aps_flag = IWL_SCAN_ADWELL_N_APS_GO_FRIENDLY_BIT;
824
825 cfg->flags = cpu_to_le32(flags | n_aps_flag);
826 cfg->channel_num = channels[i]->hw_value;
827 if (cfg80211_channel_is_psc(channels[i]))
828 cfg->flags = 0;
829
830 if (band == NL80211_BAND_6GHZ) {
831 /* 6 GHz channels should only appear in a scan request
832 * that has scan_6ghz set. The only exception is MLO
833 * scan, which has to be passive.
834 */
835 WARN_ON_ONCE(cfg->flags != 0);
836 cfg->flags =
837 cpu_to_le32(IWL_UHB_CHAN_CFG_FLAG_FORCE_PASSIVE);
838 }
839
840 cfg->v2.iter_count = 1;
841 cfg->v2.iter_interval = 0;
842 cfg->flags |= cpu_to_le32(iwl_band <<
843 IWL_CHAN_CFG_FLAGS_BAND_POS);
844 }
845 }
846
847 static u8
iwl_mld_scan_cfg_channels_6g(struct iwl_mld * mld,struct iwl_mld_scan_params * params,u32 n_channels,struct iwl_scan_probe_params_v4 * pp,struct iwl_scan_channel_params_v7 * cp,enum nl80211_iftype vif_type)848 iwl_mld_scan_cfg_channels_6g(struct iwl_mld *mld,
849 struct iwl_mld_scan_params *params,
850 u32 n_channels,
851 struct iwl_scan_probe_params_v4 *pp,
852 struct iwl_scan_channel_params_v7 *cp,
853 enum nl80211_iftype vif_type)
854 {
855 struct cfg80211_scan_6ghz_params *scan_6ghz_params =
856 params->scan_6ghz_params;
857 u32 i;
858 u8 ch_cnt;
859
860 for (i = 0, ch_cnt = 0; i < params->n_channels; i++) {
861 struct iwl_scan_channel_cfg_umac *cfg =
862 &cp->channel_config[ch_cnt];
863
864 u32 s_ssid_bitmap = 0, bssid_bitmap = 0, flags = 0;
865 u8 k, n_s_ssids = 0, n_bssids = 0;
866 u8 max_s_ssids, max_bssids;
867 bool force_passive = false, found = false, allow_passive = true,
868 unsolicited_probe_on_chan = false, psc_no_listen = false;
869 s8 psd_20 = IEEE80211_RNR_TBTT_PARAMS_PSD_RESERVED;
870
871 /* Avoid performing passive scan on non PSC channels unless the
872 * scan is specifically a passive scan, i.e., no SSIDs
873 * configured in the scan command.
874 */
875 if (!cfg80211_channel_is_psc(params->channels[i]) &&
876 !params->n_6ghz_params && params->n_ssids)
877 continue;
878
879 cfg->channel_num = params->channels[i]->hw_value;
880 cfg->flags |=
881 cpu_to_le32(PHY_BAND_6 << IWL_CHAN_CFG_FLAGS_BAND_POS);
882
883 cfg->v5.iter_count = 1;
884 cfg->v5.iter_interval = 0;
885
886 for (u32 j = 0; j < params->n_6ghz_params; j++) {
887 s8 tmp_psd_20;
888
889 if (!(scan_6ghz_params[j].channel_idx == i))
890 continue;
891
892 unsolicited_probe_on_chan |=
893 scan_6ghz_params[j].unsolicited_probe;
894
895 /* Use the highest PSD value allowed as advertised by
896 * APs for this channel
897 */
898 tmp_psd_20 = scan_6ghz_params[j].psd_20;
899 if (tmp_psd_20 !=
900 IEEE80211_RNR_TBTT_PARAMS_PSD_RESERVED &&
901 (psd_20 ==
902 IEEE80211_RNR_TBTT_PARAMS_PSD_RESERVED ||
903 psd_20 < tmp_psd_20))
904 psd_20 = tmp_psd_20;
905
906 psc_no_listen |= scan_6ghz_params[j].psc_no_listen;
907 }
908
909 /* In the following cases apply passive scan:
910 * 1. Non fragmented scan:
911 * - PSC channel with NO_LISTEN_FLAG on should be treated
912 * like non PSC channel
913 * - Non PSC channel with more than 3 short SSIDs or more
914 * than 9 BSSIDs.
915 * - Non PSC Channel with unsolicited probe response and
916 * more than 2 short SSIDs or more than 6 BSSIDs.
917 * - PSC channel with more than 2 short SSIDs or more than
918 * 6 BSSIDs.
919 * 2. Fragmented scan:
920 * - PSC channel with more than 1 SSID or 3 BSSIDs.
921 * - Non PSC channel with more than 2 SSIDs or 6 BSSIDs.
922 * - Non PSC channel with unsolicited probe response and
923 * more than 1 SSID or more than 3 BSSIDs.
924 */
925 if (!iwl_mld_scan_is_fragmented(params->type)) {
926 if (!cfg80211_channel_is_psc(params->channels[i]) ||
927 psc_no_listen) {
928 if (unsolicited_probe_on_chan) {
929 max_s_ssids = 2;
930 max_bssids = 6;
931 } else {
932 max_s_ssids = 3;
933 max_bssids = 9;
934 }
935 } else {
936 max_s_ssids = 2;
937 max_bssids = 6;
938 }
939 } else if (cfg80211_channel_is_psc(params->channels[i])) {
940 max_s_ssids = 1;
941 max_bssids = 3;
942 } else {
943 if (unsolicited_probe_on_chan) {
944 max_s_ssids = 1;
945 max_bssids = 3;
946 } else {
947 max_s_ssids = 2;
948 max_bssids = 6;
949 }
950 }
951
952 /* To optimize the scan time, i.e., reduce the scan dwell time
953 * on each channel, the below logic tries to set 3 direct BSSID
954 * probe requests for each broadcast probe request with a short
955 * SSID.
956 */
957 for (u32 j = 0; j < params->n_6ghz_params; j++) {
958 if (!(scan_6ghz_params[j].channel_idx == i))
959 continue;
960
961 found = false;
962
963 for (k = 0;
964 k < pp->short_ssid_num && n_s_ssids < max_s_ssids;
965 k++) {
966 if (!scan_6ghz_params[j].unsolicited_probe &&
967 le32_to_cpu(pp->short_ssid[k]) ==
968 scan_6ghz_params[j].short_ssid) {
969 /* Relevant short SSID bit set */
970 if (s_ssid_bitmap & BIT(k)) {
971 found = true;
972 break;
973 }
974
975 /* Prefer creating BSSID entries unless
976 * the short SSID probe can be done in
977 * the same channel dwell iteration.
978 *
979 * We also need to create a short SSID
980 * entry for any hidden AP.
981 */
982 if (3 * n_s_ssids > n_bssids &&
983 !pp->direct_scan[k].len)
984 break;
985
986 /* Hidden AP, cannot do passive scan */
987 if (pp->direct_scan[k].len)
988 allow_passive = false;
989
990 s_ssid_bitmap |= BIT(k);
991 n_s_ssids++;
992 found = true;
993 break;
994 }
995 }
996
997 if (found)
998 continue;
999
1000 for (k = 0; k < pp->bssid_num; k++) {
1001 if (memcmp(&pp->bssid_array[k],
1002 scan_6ghz_params[j].bssid,
1003 ETH_ALEN))
1004 continue;
1005
1006 if (bssid_bitmap & BIT(k))
1007 break;
1008
1009 if (n_bssids < max_bssids) {
1010 bssid_bitmap |= BIT(k);
1011 n_bssids++;
1012 } else {
1013 force_passive = TRUE;
1014 }
1015
1016 break;
1017 }
1018 }
1019
1020 if (cfg80211_channel_is_psc(params->channels[i]) &&
1021 psc_no_listen)
1022 flags |= IWL_UHB_CHAN_CFG_FLAG_PSC_CHAN_NO_LISTEN;
1023
1024 if (unsolicited_probe_on_chan)
1025 flags |= IWL_UHB_CHAN_CFG_FLAG_UNSOLICITED_PROBE_RES;
1026
1027 if ((allow_passive && force_passive) ||
1028 (!(bssid_bitmap | s_ssid_bitmap) &&
1029 !cfg80211_channel_is_psc(params->channels[i])))
1030 flags |= IWL_UHB_CHAN_CFG_FLAG_FORCE_PASSIVE;
1031 else
1032 flags |= bssid_bitmap | (s_ssid_bitmap << 16);
1033
1034 cfg->flags |= cpu_to_le32(flags);
1035 cfg->v5.psd_20 = psd_20;
1036
1037 ch_cnt++;
1038 }
1039
1040 if (params->n_channels > ch_cnt)
1041 IWL_DEBUG_SCAN(mld,
1042 "6GHz: reducing number channels: (%u->%u)\n",
1043 params->n_channels, ch_cnt);
1044
1045 return ch_cnt;
1046 }
1047
1048 static int
iwl_mld_scan_cmd_set_6ghz_chan_params(struct iwl_mld * mld,struct iwl_mld_scan_params * params,struct ieee80211_vif * vif,struct iwl_scan_req_params_v17 * scan_p,enum iwl_mld_scan_status scan_status)1049 iwl_mld_scan_cmd_set_6ghz_chan_params(struct iwl_mld *mld,
1050 struct iwl_mld_scan_params *params,
1051 struct ieee80211_vif *vif,
1052 struct iwl_scan_req_params_v17 *scan_p,
1053 enum iwl_mld_scan_status scan_status)
1054 {
1055 struct iwl_scan_channel_params_v7 *chan_p = &scan_p->channel_params;
1056 struct iwl_scan_probe_params_v4 *probe_p = &scan_p->probe_params;
1057
1058 chan_p->flags = iwl_mld_scan_get_cmd_gen_flags(mld, params, vif,
1059 scan_status);
1060 chan_p->count = iwl_mld_scan_cfg_channels_6g(mld, params,
1061 params->n_channels,
1062 probe_p, chan_p,
1063 vif->type);
1064 if (!chan_p->count)
1065 return -EINVAL;
1066
1067 if (!params->n_ssids ||
1068 (params->n_ssids == 1 && !params->ssids[0].ssid_len))
1069 chan_p->flags |= IWL_SCAN_CHANNEL_FLAG_6G_PSC_NO_FILTER;
1070
1071 return 0;
1072 }
1073
1074 static int
iwl_mld_scan_cmd_set_chan_params(struct iwl_mld * mld,struct iwl_mld_scan_params * params,struct ieee80211_vif * vif,struct iwl_scan_req_params_v17 * scan_p,bool low_latency,enum iwl_mld_scan_status scan_status,u32 channel_cfg_flags)1075 iwl_mld_scan_cmd_set_chan_params(struct iwl_mld *mld,
1076 struct iwl_mld_scan_params *params,
1077 struct ieee80211_vif *vif,
1078 struct iwl_scan_req_params_v17 *scan_p,
1079 bool low_latency,
1080 enum iwl_mld_scan_status scan_status,
1081 u32 channel_cfg_flags)
1082 {
1083 struct iwl_scan_channel_params_v7 *cp = &scan_p->channel_params;
1084 struct ieee80211_supported_band *sband =
1085 &mld->nvm_data->bands[NL80211_BAND_6GHZ];
1086
1087 cp->n_aps_override[0] = IWL_SCAN_ADWELL_N_APS_GO_FRIENDLY;
1088 cp->n_aps_override[1] = IWL_SCAN_ADWELL_N_APS_SOCIAL_CHS;
1089
1090 if (IWL_MLD_ADAPTIVE_DWELL_NUM_APS_OVERRIDE)
1091 cp->n_aps_override[0] = IWL_MLD_ADAPTIVE_DWELL_NUM_APS_OVERRIDE;
1092
1093 if (params->scan_6ghz)
1094 return iwl_mld_scan_cmd_set_6ghz_chan_params(mld, params,
1095 vif, scan_p,
1096 scan_status);
1097
1098 /* relevant only for 2.4 GHz/5 GHz scan */
1099 cp->flags = iwl_mld_scan_cmd_set_chan_flags(mld, params, vif,
1100 low_latency);
1101 cp->count = params->n_channels;
1102
1103 iwl_mld_scan_cmd_set_channels(mld, params->channels, cp,
1104 params->n_channels, channel_cfg_flags,
1105 vif->type);
1106
1107 if (!params->enable_6ghz_passive)
1108 return 0;
1109
1110 /* fill 6 GHz passive scan cfg */
1111 for (int i = 0; i < sband->n_channels; i++) {
1112 struct ieee80211_channel *channel =
1113 &sband->channels[i];
1114 struct iwl_scan_channel_cfg_umac *cfg =
1115 &cp->channel_config[cp->count];
1116
1117 if (!cfg80211_channel_is_psc(channel))
1118 continue;
1119
1120 cfg->channel_num = channel->hw_value;
1121 cfg->v5.iter_count = 1;
1122 cfg->v5.iter_interval = 0;
1123 cfg->v5.psd_20 =
1124 IEEE80211_RNR_TBTT_PARAMS_PSD_RESERVED;
1125 cfg->flags = cpu_to_le32(PHY_BAND_6 <<
1126 IWL_CHAN_CFG_FLAGS_BAND_POS);
1127 cp->count++;
1128 }
1129
1130 return 0;
1131 }
1132
1133 static int
iwl_mld_scan_build_cmd(struct iwl_mld * mld,struct ieee80211_vif * vif,struct iwl_mld_scan_params * params,enum iwl_mld_scan_status scan_status,bool low_latency)1134 iwl_mld_scan_build_cmd(struct iwl_mld *mld, struct ieee80211_vif *vif,
1135 struct iwl_mld_scan_params *params,
1136 enum iwl_mld_scan_status scan_status,
1137 bool low_latency)
1138 {
1139 struct iwl_scan_req_umac_v17 *cmd = mld->scan.cmd;
1140 struct iwl_scan_req_params_v17 *scan_p = &cmd->scan_params;
1141 u32 bitmap_ssid = 0;
1142 int uid, ret;
1143
1144 memset(mld->scan.cmd, 0, mld->scan.cmd_size);
1145
1146 /* find a free UID entry */
1147 uid = iwl_mld_scan_uid_by_status(mld, IWL_MLD_SCAN_NONE);
1148 if (uid < 0)
1149 return uid;
1150
1151 cmd->uid = cpu_to_le32(uid);
1152 cmd->ooc_priority =
1153 cpu_to_le32(iwl_mld_scan_ooc_priority(scan_status));
1154
1155 iwl_mld_scan_cmd_set_gen_params(mld, params, vif,
1156 &scan_p->general_params, scan_status);
1157
1158 ret = iwl_mld_scan_cmd_set_sched_params(params,
1159 scan_p->periodic_params.schedule,
1160 &scan_p->periodic_params.delay);
1161 if (ret)
1162 return ret;
1163
1164 iwl_mld_scan_cmd_set_probe_params(params, &scan_p->probe_params,
1165 &bitmap_ssid);
1166
1167 ret = iwl_mld_scan_cmd_set_chan_params(mld, params, vif, scan_p,
1168 low_latency, scan_status,
1169 bitmap_ssid);
1170 if (ret)
1171 return ret;
1172
1173 return uid;
1174 }
1175
1176 static bool
iwl_mld_scan_pass_all(struct iwl_mld * mld,struct cfg80211_sched_scan_request * req)1177 iwl_mld_scan_pass_all(struct iwl_mld *mld,
1178 struct cfg80211_sched_scan_request *req)
1179 {
1180 if (req->n_match_sets && req->match_sets[0].ssid.ssid_len) {
1181 IWL_DEBUG_SCAN(mld,
1182 "Sending scheduled scan with filtering, n_match_sets %d\n",
1183 req->n_match_sets);
1184 mld->scan.pass_all_sched_res = SCHED_SCAN_PASS_ALL_STATE_DISABLED;
1185 return false;
1186 }
1187
1188 IWL_DEBUG_SCAN(mld, "Sending Scheduled scan without filtering\n");
1189 mld->scan.pass_all_sched_res = SCHED_SCAN_PASS_ALL_STATE_ENABLED;
1190
1191 return true;
1192 }
1193
1194 static int
iwl_mld_config_sched_scan_profiles(struct iwl_mld * mld,struct cfg80211_sched_scan_request * req)1195 iwl_mld_config_sched_scan_profiles(struct iwl_mld *mld,
1196 struct cfg80211_sched_scan_request *req)
1197 {
1198 struct iwl_host_cmd hcmd = {
1199 .id = SCAN_OFFLOAD_UPDATE_PROFILES_CMD,
1200 .dataflags[0] = IWL_HCMD_DFL_NOCOPY,
1201 };
1202 struct iwl_scan_offload_profile *profile;
1203 struct iwl_scan_offload_profile_cfg_data *cfg_data;
1204 struct iwl_scan_offload_profile_cfg *profile_cfg;
1205 struct iwl_scan_offload_blocklist *blocklist;
1206 u32 blocklist_size = IWL_SCAN_MAX_BLACKLIST_LEN * sizeof(*blocklist);
1207 u32 cmd_size = blocklist_size + sizeof(*profile_cfg);
1208 u8 *cmd;
1209 int ret;
1210
1211 if (WARN_ON(req->n_match_sets > IWL_SCAN_MAX_PROFILES_V2))
1212 return -EIO;
1213
1214 cmd = kzalloc(cmd_size, GFP_KERNEL);
1215 if (!cmd)
1216 return -ENOMEM;
1217
1218 hcmd.data[0] = cmd;
1219 hcmd.len[0] = cmd_size;
1220
1221 blocklist = (struct iwl_scan_offload_blocklist *)cmd;
1222 profile_cfg = (struct iwl_scan_offload_profile_cfg *)(cmd + blocklist_size);
1223
1224 /* No blocklist configuration */
1225 cfg_data = &profile_cfg->data;
1226 cfg_data->num_profiles = req->n_match_sets;
1227 cfg_data->active_clients = SCAN_CLIENT_SCHED_SCAN;
1228 cfg_data->pass_match = SCAN_CLIENT_SCHED_SCAN;
1229 cfg_data->match_notify = SCAN_CLIENT_SCHED_SCAN;
1230
1231 if (!req->n_match_sets || !req->match_sets[0].ssid.ssid_len)
1232 cfg_data->any_beacon_notify = SCAN_CLIENT_SCHED_SCAN;
1233
1234 for (int i = 0; i < req->n_match_sets; i++) {
1235 profile = &profile_cfg->profiles[i];
1236
1237 /* Support any cipher and auth algorithm */
1238 profile->unicast_cipher = 0xff;
1239 profile->auth_alg = IWL_AUTH_ALGO_UNSUPPORTED |
1240 IWL_AUTH_ALGO_NONE | IWL_AUTH_ALGO_PSK |
1241 IWL_AUTH_ALGO_8021X | IWL_AUTH_ALGO_SAE |
1242 IWL_AUTH_ALGO_8021X_SHA384 | IWL_AUTH_ALGO_OWE;
1243 profile->network_type = IWL_NETWORK_TYPE_ANY;
1244 profile->band_selection = IWL_SCAN_OFFLOAD_SELECT_ANY;
1245 profile->client_bitmap = SCAN_CLIENT_SCHED_SCAN;
1246 profile->ssid_index = i;
1247 }
1248
1249 IWL_DEBUG_SCAN(mld,
1250 "Sending scheduled scan profile config (n_match_sets=%u)\n",
1251 req->n_match_sets);
1252
1253 ret = iwl_mld_send_cmd(mld, &hcmd);
1254
1255 kfree(cmd);
1256
1257 return ret;
1258 }
1259
1260 static int
iwl_mld_sched_scan_handle_non_psc_channels(struct iwl_mld_scan_params * params,bool * non_psc_included)1261 iwl_mld_sched_scan_handle_non_psc_channels(struct iwl_mld_scan_params *params,
1262 bool *non_psc_included)
1263 {
1264 int i, j;
1265
1266 *non_psc_included = false;
1267 /* for 6 GHZ band only PSC channels need to be added */
1268 for (i = 0; i < params->n_channels; i++) {
1269 struct ieee80211_channel *channel = params->channels[i];
1270
1271 if (channel->band == NL80211_BAND_6GHZ &&
1272 !cfg80211_channel_is_psc(channel)) {
1273 *non_psc_included = true;
1274 break;
1275 }
1276 }
1277
1278 if (!*non_psc_included)
1279 return 0;
1280
1281 params->channels =
1282 kmemdup(params->channels,
1283 sizeof(params->channels[0]) * params->n_channels,
1284 GFP_KERNEL);
1285 if (!params->channels)
1286 return -ENOMEM;
1287
1288 for (i = j = 0; i < params->n_channels; i++) {
1289 if (params->channels[i]->band == NL80211_BAND_6GHZ &&
1290 !cfg80211_channel_is_psc(params->channels[i]))
1291 continue;
1292 params->channels[j++] = params->channels[i];
1293 }
1294
1295 params->n_channels = j;
1296
1297 return 0;
1298 }
1299
1300 static void
iwl_mld_scan_6ghz_passive_scan(struct iwl_mld * mld,struct iwl_mld_scan_params * params,struct ieee80211_vif * vif)1301 iwl_mld_scan_6ghz_passive_scan(struct iwl_mld *mld,
1302 struct iwl_mld_scan_params *params,
1303 struct ieee80211_vif *vif)
1304 {
1305 struct ieee80211_supported_band *sband =
1306 &mld->nvm_data->bands[NL80211_BAND_6GHZ];
1307 u32 n_disabled, i;
1308
1309 params->enable_6ghz_passive = false;
1310
1311 /* 6 GHz passive scan may be enabled in the first 2.4 GHz/5 GHz scan
1312 * phase to discover geo location if no AP's are found. Skip it when
1313 * we're in the 6 GHz scan phase.
1314 */
1315 if (params->scan_6ghz)
1316 return;
1317
1318 /* 6 GHz passive scan allowed only on station interface */
1319 if (vif->type != NL80211_IFTYPE_STATION) {
1320 IWL_DEBUG_SCAN(mld,
1321 "6GHz passive scan: not station interface\n");
1322 return;
1323 }
1324
1325 /* 6 GHz passive scan is allowed in a defined time interval following
1326 * HW reset or resume flow, or while not associated and a large
1327 * interval has passed since the last 6 GHz passive scan.
1328 */
1329 if ((vif->cfg.assoc ||
1330 time_after(mld->scan.last_6ghz_passive_jiffies +
1331 (IWL_MLD_6GHZ_PASSIVE_SCAN_TIMEOUT * HZ), jiffies)) &&
1332 (time_before(mld->scan.last_start_time_jiffies +
1333 (IWL_MLD_6GHZ_PASSIVE_SCAN_ASSOC_TIMEOUT * HZ),
1334 jiffies))) {
1335 IWL_DEBUG_SCAN(mld, "6GHz passive scan: %s\n",
1336 vif->cfg.assoc ? "associated" :
1337 "timeout did not expire");
1338 return;
1339 }
1340
1341 /* not enough channels in the regular scan request */
1342 if (params->n_channels < IWL_MLD_6GHZ_PASSIVE_SCAN_MIN_CHANS) {
1343 IWL_DEBUG_SCAN(mld,
1344 "6GHz passive scan: not enough channels %d\n",
1345 params->n_channels);
1346 return;
1347 }
1348
1349 for (i = 0; i < params->n_ssids; i++) {
1350 if (!params->ssids[i].ssid_len)
1351 break;
1352 }
1353
1354 /* not a wildcard scan, so cannot enable passive 6 GHz scan */
1355 if (i == params->n_ssids) {
1356 IWL_DEBUG_SCAN(mld,
1357 "6GHz passive scan: no wildcard SSID\n");
1358 return;
1359 }
1360
1361 if (!sband || !sband->n_channels) {
1362 IWL_DEBUG_SCAN(mld,
1363 "6GHz passive scan: no 6GHz channels\n");
1364 return;
1365 }
1366
1367 for (i = 0, n_disabled = 0; i < sband->n_channels; i++) {
1368 if (sband->channels[i].flags & (IEEE80211_CHAN_DISABLED))
1369 n_disabled++;
1370 }
1371
1372 /* Not all the 6 GHz channels are disabled, so no need for 6 GHz
1373 * passive scan
1374 */
1375 if (n_disabled != sband->n_channels) {
1376 IWL_DEBUG_SCAN(mld,
1377 "6GHz passive scan: 6GHz channels enabled\n");
1378 return;
1379 }
1380
1381 /* all conditions to enable 6 GHz passive scan are satisfied */
1382 IWL_DEBUG_SCAN(mld, "6GHz passive scan: can be enabled\n");
1383 params->enable_6ghz_passive = true;
1384 }
1385
1386 static void
iwl_mld_scan_set_link_id(struct iwl_mld * mld,struct ieee80211_vif * vif,struct iwl_mld_scan_params * params,s8 tsf_report_link_id,enum iwl_mld_scan_status scan_status)1387 iwl_mld_scan_set_link_id(struct iwl_mld *mld, struct ieee80211_vif *vif,
1388 struct iwl_mld_scan_params *params,
1389 s8 tsf_report_link_id,
1390 enum iwl_mld_scan_status scan_status)
1391 {
1392 struct iwl_mld_vif *mld_vif = iwl_mld_vif_from_mac80211(vif);
1393 struct iwl_mld_link *link;
1394
1395 if (tsf_report_link_id < 0) {
1396 if (vif->active_links)
1397 tsf_report_link_id = __ffs(vif->active_links);
1398 else
1399 tsf_report_link_id = 0;
1400 }
1401
1402 link = iwl_mld_link_dereference_check(mld_vif, tsf_report_link_id);
1403 if (!WARN_ON(!link)) {
1404 params->fw_link_id = link->fw_id;
1405 /* we to store fw_link_id only for regular scan,
1406 * and use it in scan complete notif
1407 */
1408 if (scan_status == IWL_MLD_SCAN_REGULAR)
1409 mld->scan.fw_link_id = link->fw_id;
1410 } else {
1411 mld->scan.fw_link_id = IWL_MLD_INVALID_FW_ID;
1412 params->fw_link_id = IWL_MLD_INVALID_FW_ID;
1413 }
1414 }
1415
1416 static int
_iwl_mld_single_scan_start(struct iwl_mld * mld,struct ieee80211_vif * vif,struct cfg80211_scan_request * req,struct ieee80211_scan_ies * ies,enum iwl_mld_scan_status scan_status)1417 _iwl_mld_single_scan_start(struct iwl_mld *mld, struct ieee80211_vif *vif,
1418 struct cfg80211_scan_request *req,
1419 struct ieee80211_scan_ies *ies,
1420 enum iwl_mld_scan_status scan_status)
1421 {
1422 struct iwl_host_cmd hcmd = {
1423 .id = WIDE_ID(LONG_GROUP, SCAN_REQ_UMAC),
1424 .len = { mld->scan.cmd_size, },
1425 .data = { mld->scan.cmd, },
1426 .dataflags = { IWL_HCMD_DFL_NOCOPY, },
1427 };
1428 struct iwl_mld_scan_iter_data scan_iter_data = {
1429 .current_vif = vif,
1430 };
1431 struct cfg80211_sched_scan_plan scan_plan = {.iterations = 1};
1432 struct iwl_mld_scan_params params = {};
1433 int ret, uid;
1434
1435 /* we should have failed registration if scan_cmd was NULL */
1436 if (WARN_ON(!mld->scan.cmd))
1437 return -ENOMEM;
1438
1439 if (!iwl_mld_scan_fits(mld, req->n_ssids, ies, req->n_channels))
1440 return -ENOBUFS;
1441
1442 ieee80211_iterate_active_interfaces_mtx(mld->hw,
1443 IEEE80211_IFACE_ITER_NORMAL,
1444 iwl_mld_scan_iterator,
1445 &scan_iter_data);
1446
1447 params.type = iwl_mld_get_scan_type(mld, vif, &scan_iter_data);
1448 params.n_ssids = req->n_ssids;
1449 params.flags = req->flags;
1450 params.n_channels = req->n_channels;
1451 params.delay = 0;
1452 params.ssids = req->ssids;
1453 params.channels = req->channels;
1454 params.mac_addr = req->mac_addr;
1455 params.mac_addr_mask = req->mac_addr_mask;
1456 params.no_cck = req->no_cck;
1457 params.pass_all = true;
1458 params.n_match_sets = 0;
1459 params.match_sets = NULL;
1460 params.scan_plans = &scan_plan;
1461 params.n_scan_plans = 1;
1462
1463 params.n_6ghz_params = req->n_6ghz_params;
1464 params.scan_6ghz_params = req->scan_6ghz_params;
1465 params.scan_6ghz = req->scan_6ghz;
1466
1467 ether_addr_copy(params.bssid, req->bssid);
1468 /* TODO: CDB - per-band flag */
1469 params.respect_p2p_go =
1470 iwl_mld_get_respect_p2p_go(mld, vif,
1471 scan_iter_data.global_low_latency);
1472
1473 if (req->duration)
1474 params.iter_notif = true;
1475
1476 iwl_mld_scan_set_link_id(mld, vif, ¶ms, req->tsf_report_link_id,
1477 scan_status);
1478
1479 iwl_mld_scan_build_probe_req(mld, vif, ies, ¶ms);
1480
1481 iwl_mld_scan_6ghz_passive_scan(mld, ¶ms, vif);
1482
1483 uid = iwl_mld_scan_build_cmd(mld, vif, ¶ms, scan_status,
1484 scan_iter_data.global_low_latency);
1485 if (uid < 0)
1486 return uid;
1487
1488 ret = iwl_mld_send_cmd(mld, &hcmd);
1489 if (ret) {
1490 IWL_ERR(mld, "Scan failed! ret %d\n", ret);
1491 return ret;
1492 }
1493
1494 IWL_DEBUG_SCAN(mld, "Scan request send success: status=%u, uid=%u\n",
1495 scan_status, uid);
1496
1497 mld->scan.uid_status[uid] = scan_status;
1498 mld->scan.status |= scan_status;
1499
1500 if (params.enable_6ghz_passive)
1501 mld->scan.last_6ghz_passive_jiffies = jiffies;
1502
1503 return 0;
1504 }
1505
1506 static int
iwl_mld_scan_send_abort_cmd_status(struct iwl_mld * mld,int uid,u32 * status)1507 iwl_mld_scan_send_abort_cmd_status(struct iwl_mld *mld, int uid, u32 *status)
1508 {
1509 struct iwl_umac_scan_abort abort_cmd = {
1510 .uid = cpu_to_le32(uid),
1511 };
1512 struct iwl_host_cmd cmd = {
1513 .id = WIDE_ID(LONG_GROUP, SCAN_ABORT_UMAC),
1514 .flags = CMD_WANT_SKB,
1515 .data = { &abort_cmd },
1516 .len[0] = sizeof(abort_cmd),
1517 };
1518 struct iwl_rx_packet *pkt;
1519 struct iwl_cmd_response *resp;
1520 u32 resp_len;
1521 int ret;
1522
1523 ret = iwl_mld_send_cmd(mld, &cmd);
1524 if (ret)
1525 return ret;
1526
1527 pkt = cmd.resp_pkt;
1528
1529 resp_len = iwl_rx_packet_payload_len(pkt);
1530 if (IWL_FW_CHECK(mld, resp_len != sizeof(*resp),
1531 "Scan Abort: unexpected response length %d\n",
1532 resp_len)) {
1533 ret = -EIO;
1534 goto out;
1535 }
1536
1537 resp = (void *)pkt->data;
1538 *status = le32_to_cpu(resp->status);
1539
1540 out:
1541 iwl_free_resp(&cmd);
1542 return ret;
1543 }
1544
1545 static int
iwl_mld_scan_abort(struct iwl_mld * mld,int type,int uid,bool * wait)1546 iwl_mld_scan_abort(struct iwl_mld *mld, int type, int uid, bool *wait)
1547 {
1548 enum iwl_umac_scan_abort_status status;
1549 int ret;
1550
1551 *wait = true;
1552
1553 IWL_DEBUG_SCAN(mld, "Sending scan abort, uid %u\n", uid);
1554
1555 ret = iwl_mld_scan_send_abort_cmd_status(mld, uid, &status);
1556
1557 IWL_DEBUG_SCAN(mld, "Scan abort: ret=%d status=%u\n", ret, status);
1558
1559 /* We don't need to wait to scan complete in the following cases:
1560 * 1. Driver failed to send the scan abort cmd.
1561 * 2. The FW is no longer familiar with the scan that needs to be
1562 * stopped. It is expected that the scan complete notification was
1563 * already received but not yet processed.
1564 *
1565 * In both cases the flow should continue similar to the case that the
1566 * scan was really aborted.
1567 */
1568 if (ret || status == IWL_UMAC_SCAN_ABORT_STATUS_NOT_FOUND)
1569 *wait = false;
1570
1571 return ret;
1572 }
1573
1574 static int
iwl_mld_scan_stop_wait(struct iwl_mld * mld,int type,int uid)1575 iwl_mld_scan_stop_wait(struct iwl_mld *mld, int type, int uid)
1576 {
1577 struct iwl_notification_wait wait_scan_done;
1578 static const u16 scan_comp_notif[] = { SCAN_COMPLETE_UMAC };
1579 bool wait = true;
1580 int ret;
1581
1582 iwl_init_notification_wait(&mld->notif_wait, &wait_scan_done,
1583 scan_comp_notif,
1584 ARRAY_SIZE(scan_comp_notif),
1585 NULL, NULL);
1586
1587 IWL_DEBUG_SCAN(mld, "Preparing to stop scan, type=%x\n", type);
1588
1589 ret = iwl_mld_scan_abort(mld, type, uid, &wait);
1590 if (ret) {
1591 IWL_DEBUG_SCAN(mld, "couldn't stop scan type=%d\n", type);
1592 goto return_no_wait;
1593 }
1594
1595 if (!wait) {
1596 IWL_DEBUG_SCAN(mld, "no need to wait for scan type=%d\n", type);
1597 goto return_no_wait;
1598 }
1599
1600 return iwl_wait_notification(&mld->notif_wait, &wait_scan_done, HZ);
1601
1602 return_no_wait:
1603 iwl_remove_notification(&mld->notif_wait, &wait_scan_done);
1604 return ret;
1605 }
1606
iwl_mld_sched_scan_start(struct iwl_mld * mld,struct ieee80211_vif * vif,struct cfg80211_sched_scan_request * req,struct ieee80211_scan_ies * ies,int type)1607 int iwl_mld_sched_scan_start(struct iwl_mld *mld,
1608 struct ieee80211_vif *vif,
1609 struct cfg80211_sched_scan_request *req,
1610 struct ieee80211_scan_ies *ies,
1611 int type)
1612 {
1613 struct iwl_host_cmd hcmd = {
1614 .id = WIDE_ID(LONG_GROUP, SCAN_REQ_UMAC),
1615 .len = { mld->scan.cmd_size, },
1616 .data = { mld->scan.cmd, },
1617 .dataflags = { IWL_HCMD_DFL_NOCOPY, },
1618 };
1619 struct iwl_mld_scan_params params = {};
1620 struct iwl_mld_scan_iter_data scan_iter_data = {
1621 .current_vif = vif,
1622 };
1623 bool non_psc_included = false;
1624 int ret, uid;
1625
1626 /* we should have failed registration if scan_cmd was NULL */
1627 if (WARN_ON(!mld->scan.cmd))
1628 return -ENOMEM;
1629
1630 /* FW supports only a single periodic scan */
1631 if (mld->scan.status & (IWL_MLD_SCAN_SCHED | IWL_MLD_SCAN_NETDETECT))
1632 return -EBUSY;
1633
1634 ieee80211_iterate_active_interfaces_mtx(mld->hw,
1635 IEEE80211_IFACE_ITER_NORMAL,
1636 iwl_mld_scan_iterator,
1637 &scan_iter_data);
1638
1639 params.type = iwl_mld_get_scan_type(mld, vif, &scan_iter_data);
1640 params.flags = req->flags;
1641 params.n_ssids = req->n_ssids;
1642 params.ssids = req->ssids;
1643 params.n_channels = req->n_channels;
1644 params.channels = req->channels;
1645 params.mac_addr = req->mac_addr;
1646 params.mac_addr_mask = req->mac_addr_mask;
1647 params.no_cck = false;
1648 params.pass_all = iwl_mld_scan_pass_all(mld, req);
1649 params.n_match_sets = req->n_match_sets;
1650 params.match_sets = req->match_sets;
1651 params.n_scan_plans = req->n_scan_plans;
1652 params.scan_plans = req->scan_plans;
1653 /* TODO: CDB - per-band flag */
1654 params.respect_p2p_go =
1655 iwl_mld_get_respect_p2p_go(mld, vif,
1656 scan_iter_data.global_low_latency);
1657
1658 /* UMAC scan supports up to 16-bit delays, trim it down to 16-bits */
1659 params.delay = req->delay > U16_MAX ? U16_MAX : req->delay;
1660
1661 eth_broadcast_addr(params.bssid);
1662
1663 ret = iwl_mld_config_sched_scan_profiles(mld, req);
1664 if (ret)
1665 return ret;
1666
1667 iwl_mld_scan_build_probe_req(mld, vif, ies, ¶ms);
1668
1669 ret = iwl_mld_sched_scan_handle_non_psc_channels(¶ms,
1670 &non_psc_included);
1671 if (ret)
1672 goto out;
1673
1674 if (!iwl_mld_scan_fits(mld, req->n_ssids, ies, params.n_channels)) {
1675 ret = -ENOBUFS;
1676 goto out;
1677 }
1678
1679 uid = iwl_mld_scan_build_cmd(mld, vif, ¶ms, type,
1680 scan_iter_data.global_low_latency);
1681 if (uid < 0) {
1682 ret = uid;
1683 goto out;
1684 }
1685
1686 ret = iwl_mld_send_cmd(mld, &hcmd);
1687 if (!ret) {
1688 IWL_DEBUG_SCAN(mld,
1689 "Sched scan request send success: type=%u, uid=%u\n",
1690 type, uid);
1691 mld->scan.uid_status[uid] = type;
1692 mld->scan.status |= type;
1693 } else {
1694 IWL_ERR(mld, "Sched scan failed! ret %d\n", ret);
1695 mld->scan.pass_all_sched_res = SCHED_SCAN_PASS_ALL_STATE_DISABLED;
1696 }
1697
1698 out:
1699 if (non_psc_included)
1700 kfree(params.channels);
1701 return ret;
1702 }
1703
iwl_mld_scan_stop(struct iwl_mld * mld,int type,bool notify)1704 int iwl_mld_scan_stop(struct iwl_mld *mld, int type, bool notify)
1705 {
1706 int uid, ret;
1707
1708 IWL_DEBUG_SCAN(mld,
1709 "Request to stop scan: type=0x%x, status=0x%x\n",
1710 type, mld->scan.status);
1711
1712 if (!(mld->scan.status & type))
1713 return 0;
1714
1715 uid = iwl_mld_scan_uid_by_status(mld, type);
1716 /* must be valid, we just checked it's running */
1717 if (WARN_ON_ONCE(uid < 0))
1718 return uid;
1719
1720 ret = iwl_mld_scan_stop_wait(mld, type, uid);
1721 if (ret)
1722 IWL_DEBUG_SCAN(mld, "Failed to stop scan\n");
1723
1724 /* Clear the scan status so the next scan requests will
1725 * succeed and mark the scan as stopping, so that the Rx
1726 * handler doesn't do anything, as the scan was stopped from
1727 * above. Also remove the handler to not notify mac80211
1728 * erroneously after a new scan starts, for example.
1729 */
1730 mld->scan.status &= ~type;
1731 mld->scan.uid_status[uid] = IWL_MLD_SCAN_NONE;
1732 iwl_mld_cancel_notifications_of_object(mld, IWL_MLD_OBJECT_TYPE_SCAN,
1733 uid);
1734
1735 if (type == IWL_MLD_SCAN_REGULAR) {
1736 if (notify) {
1737 struct cfg80211_scan_info info = {
1738 .aborted = true,
1739 };
1740
1741 ieee80211_scan_completed(mld->hw, &info);
1742 }
1743 } else if (notify) {
1744 ieee80211_sched_scan_stopped(mld->hw);
1745 mld->scan.pass_all_sched_res = SCHED_SCAN_PASS_ALL_STATE_DISABLED;
1746 }
1747
1748 return ret;
1749 }
1750
iwl_mld_regular_scan_start(struct iwl_mld * mld,struct ieee80211_vif * vif,struct cfg80211_scan_request * req,struct ieee80211_scan_ies * ies)1751 int iwl_mld_regular_scan_start(struct iwl_mld *mld, struct ieee80211_vif *vif,
1752 struct cfg80211_scan_request *req,
1753 struct ieee80211_scan_ies *ies)
1754 {
1755 return _iwl_mld_single_scan_start(mld, vif, req, ies,
1756 IWL_MLD_SCAN_REGULAR);
1757 }
1758
iwl_mld_int_mlo_scan_start(struct iwl_mld * mld,struct ieee80211_vif * vif,struct ieee80211_channel ** channels,size_t n_channels)1759 static void iwl_mld_int_mlo_scan_start(struct iwl_mld *mld,
1760 struct ieee80211_vif *vif,
1761 struct ieee80211_channel **channels,
1762 size_t n_channels)
1763 {
1764 struct cfg80211_scan_request *req __free(kfree) = NULL;
1765 struct ieee80211_scan_ies ies = {};
1766 size_t size;
1767 int ret;
1768
1769 IWL_DEBUG_SCAN(mld, "Starting Internal MLO scan: n_channels=%zu\n",
1770 n_channels);
1771
1772 size = struct_size(req, channels, n_channels);
1773 req = kzalloc(size, GFP_KERNEL);
1774 if (!req)
1775 return;
1776
1777 /* set the requested channels */
1778 for (int i = 0; i < n_channels; i++)
1779 req->channels[i] = channels[i];
1780
1781 req->n_channels = n_channels;
1782
1783 /* set the rates */
1784 for (int i = 0; i < NUM_NL80211_BANDS; i++)
1785 if (mld->wiphy->bands[i])
1786 req->rates[i] =
1787 (1 << mld->wiphy->bands[i]->n_bitrates) - 1;
1788
1789 req->wdev = ieee80211_vif_to_wdev(vif);
1790 req->wiphy = mld->wiphy;
1791 req->scan_start = jiffies;
1792 req->tsf_report_link_id = -1;
1793
1794 ret = _iwl_mld_single_scan_start(mld, vif, req, &ies,
1795 IWL_MLD_SCAN_INT_MLO);
1796
1797 if (!ret)
1798 mld->scan.last_mlo_scan_time = ktime_get_boottime_ns();
1799
1800 IWL_DEBUG_SCAN(mld, "Internal MLO scan: ret=%d\n", ret);
1801 }
1802
iwl_mld_int_mlo_scan(struct iwl_mld * mld,struct ieee80211_vif * vif)1803 void iwl_mld_int_mlo_scan(struct iwl_mld *mld, struct ieee80211_vif *vif)
1804 {
1805 struct ieee80211_channel *channels[IEEE80211_MLD_MAX_NUM_LINKS];
1806 unsigned long usable_links = ieee80211_vif_usable_links(vif);
1807 size_t n_channels = 0;
1808 u8 link_id;
1809
1810 lockdep_assert_wiphy(mld->wiphy);
1811
1812 if (!vif->cfg.assoc || !ieee80211_vif_is_mld(vif) ||
1813 hweight16(vif->valid_links) == 1)
1814 return;
1815
1816 if (mld->scan.status & IWL_MLD_SCAN_INT_MLO) {
1817 IWL_DEBUG_SCAN(mld, "Internal MLO scan is already running\n");
1818 return;
1819 }
1820
1821 for_each_set_bit(link_id, &usable_links, IEEE80211_MLD_MAX_NUM_LINKS) {
1822 struct ieee80211_bss_conf *link_conf =
1823 link_conf_dereference_check(vif, link_id);
1824
1825 if (WARN_ON_ONCE(!link_conf))
1826 continue;
1827
1828 channels[n_channels++] = link_conf->chanreq.oper.chan;
1829 }
1830
1831 if (!n_channels)
1832 return;
1833
1834 iwl_mld_int_mlo_scan_start(mld, vif, channels, n_channels);
1835 }
1836
iwl_mld_handle_scan_iter_complete_notif(struct iwl_mld * mld,struct iwl_rx_packet * pkt)1837 void iwl_mld_handle_scan_iter_complete_notif(struct iwl_mld *mld,
1838 struct iwl_rx_packet *pkt)
1839 {
1840 struct iwl_umac_scan_iter_complete_notif *notif = (void *)pkt->data;
1841 u32 uid = __le32_to_cpu(notif->uid);
1842
1843 if (IWL_FW_CHECK(mld, uid >= ARRAY_SIZE(mld->scan.uid_status),
1844 "FW reports out-of-range scan UID %d\n", uid))
1845 return;
1846
1847 if (mld->scan.uid_status[uid] == IWL_MLD_SCAN_REGULAR)
1848 mld->scan.start_tsf = le64_to_cpu(notif->start_tsf);
1849
1850 IWL_DEBUG_SCAN(mld,
1851 "UMAC Scan iteration complete: status=0x%x scanned_channels=%d\n",
1852 notif->status, notif->scanned_channels);
1853
1854 if (mld->scan.pass_all_sched_res == SCHED_SCAN_PASS_ALL_STATE_FOUND) {
1855 IWL_DEBUG_SCAN(mld, "Pass all scheduled scan results found\n");
1856 ieee80211_sched_scan_results(mld->hw);
1857 mld->scan.pass_all_sched_res = SCHED_SCAN_PASS_ALL_STATE_ENABLED;
1858 }
1859
1860 IWL_DEBUG_SCAN(mld,
1861 "UMAC Scan iteration complete: scan started at %llu (TSF)\n",
1862 le64_to_cpu(notif->start_tsf));
1863 }
1864
iwl_mld_handle_match_found_notif(struct iwl_mld * mld,struct iwl_rx_packet * pkt)1865 void iwl_mld_handle_match_found_notif(struct iwl_mld *mld,
1866 struct iwl_rx_packet *pkt)
1867 {
1868 IWL_DEBUG_SCAN(mld, "Scheduled scan results\n");
1869 ieee80211_sched_scan_results(mld->hw);
1870 }
1871
iwl_mld_handle_scan_complete_notif(struct iwl_mld * mld,struct iwl_rx_packet * pkt)1872 void iwl_mld_handle_scan_complete_notif(struct iwl_mld *mld,
1873 struct iwl_rx_packet *pkt)
1874 {
1875 struct iwl_umac_scan_complete *notif = (void *)pkt->data;
1876 bool aborted = (notif->status == IWL_SCAN_OFFLOAD_ABORTED);
1877 u32 uid = __le32_to_cpu(notif->uid);
1878
1879 if (IWL_FW_CHECK(mld, uid >= ARRAY_SIZE(mld->scan.uid_status),
1880 "FW reports out-of-range scan UID %d\n", uid))
1881 return;
1882
1883 IWL_DEBUG_SCAN(mld,
1884 "Scan completed: uid=%u type=%u, status=%s, EBS=%s\n",
1885 uid, mld->scan.uid_status[uid],
1886 notif->status == IWL_SCAN_OFFLOAD_COMPLETED ?
1887 "completed" : "aborted",
1888 iwl_mld_scan_ebs_status_str(notif->ebs_status));
1889 IWL_DEBUG_SCAN(mld, "Scan completed: scan_status=0x%x\n",
1890 mld->scan.status);
1891 IWL_DEBUG_SCAN(mld,
1892 "Scan completed: line=%u, iter=%u, elapsed time=%u\n",
1893 notif->last_schedule, notif->last_iter,
1894 __le32_to_cpu(notif->time_from_last_iter));
1895
1896 if (IWL_FW_CHECK(mld, !(mld->scan.uid_status[uid] & mld->scan.status),
1897 "FW reports scan UID %d we didn't trigger\n", uid))
1898 return;
1899
1900 /* if the scan is already stopping, we don't need to notify mac80211 */
1901 if (mld->scan.uid_status[uid] == IWL_MLD_SCAN_REGULAR) {
1902 struct cfg80211_scan_info info = {
1903 .aborted = aborted,
1904 .scan_start_tsf = mld->scan.start_tsf,
1905 };
1906 int fw_link_id = mld->scan.fw_link_id;
1907 struct ieee80211_bss_conf *link_conf = NULL;
1908
1909 if (fw_link_id != IWL_MLD_INVALID_FW_ID)
1910 link_conf =
1911 wiphy_dereference(mld->wiphy,
1912 mld->fw_id_to_bss_conf[fw_link_id]);
1913
1914 /* It is possible that by the time the scan is complete the
1915 * link was already removed and is not valid.
1916 */
1917 if (link_conf)
1918 ether_addr_copy(info.tsf_bssid, link_conf->bssid);
1919 else
1920 IWL_DEBUG_SCAN(mld, "Scan link is no longer valid\n");
1921
1922 ieee80211_scan_completed(mld->hw, &info);
1923 } else if (mld->scan.uid_status[uid] == IWL_MLD_SCAN_SCHED) {
1924 ieee80211_sched_scan_stopped(mld->hw);
1925 mld->scan.pass_all_sched_res = SCHED_SCAN_PASS_ALL_STATE_DISABLED;
1926 } else if (mld->scan.uid_status[uid] == IWL_MLD_SCAN_INT_MLO) {
1927 IWL_DEBUG_SCAN(mld, "Internal MLO scan completed\n");
1928
1929 /*
1930 * We limit link selection to internal MLO scans as otherwise
1931 * we do not know whether all channels were covered.
1932 */
1933 iwl_mld_select_links(mld);
1934 }
1935
1936 mld->scan.status &= ~mld->scan.uid_status[uid];
1937
1938 IWL_DEBUG_SCAN(mld, "Scan completed: after update: scan_status=0x%x\n",
1939 mld->scan.status);
1940
1941 mld->scan.uid_status[uid] = IWL_MLD_SCAN_NONE;
1942
1943 if (notif->ebs_status != IWL_SCAN_EBS_SUCCESS &&
1944 notif->ebs_status != IWL_SCAN_EBS_INACTIVE)
1945 mld->scan.last_ebs_failed = true;
1946 }
1947
1948 /* This function is used in nic restart flow, to inform mac80211 about scans
1949 * that were aborted by restart flow or by an assert.
1950 */
iwl_mld_report_scan_aborted(struct iwl_mld * mld)1951 void iwl_mld_report_scan_aborted(struct iwl_mld *mld)
1952 {
1953 int uid;
1954
1955 uid = iwl_mld_scan_uid_by_status(mld, IWL_MLD_SCAN_REGULAR);
1956 if (uid >= 0) {
1957 struct cfg80211_scan_info info = {
1958 .aborted = true,
1959 };
1960
1961 ieee80211_scan_completed(mld->hw, &info);
1962 mld->scan.uid_status[uid] = IWL_MLD_SCAN_NONE;
1963 }
1964
1965 uid = iwl_mld_scan_uid_by_status(mld, IWL_MLD_SCAN_SCHED);
1966 if (uid >= 0) {
1967 mld->scan.pass_all_sched_res = SCHED_SCAN_PASS_ALL_STATE_DISABLED;
1968 mld->scan.uid_status[uid] = IWL_MLD_SCAN_NONE;
1969
1970 /* sched scan will be restarted by mac80211 in reconfig.
1971 * report to mac80211 that sched scan stopped only if we won't
1972 * restart the firmware.
1973 */
1974 if (!iwlwifi_mod_params.fw_restart)
1975 ieee80211_sched_scan_stopped(mld->hw);
1976 }
1977
1978 uid = iwl_mld_scan_uid_by_status(mld, IWL_MLD_SCAN_INT_MLO);
1979 if (uid >= 0) {
1980 IWL_DEBUG_SCAN(mld, "Internal MLO scan aborted\n");
1981 mld->scan.uid_status[uid] = IWL_MLD_SCAN_NONE;
1982 }
1983
1984 BUILD_BUG_ON(IWL_MLD_SCAN_NONE != 0);
1985 memset(mld->scan.uid_status, 0, sizeof(mld->scan.uid_status));
1986 }
1987
iwl_mld_alloc_scan_cmd(struct iwl_mld * mld)1988 int iwl_mld_alloc_scan_cmd(struct iwl_mld *mld)
1989 {
1990 u8 scan_cmd_ver = iwl_fw_lookup_cmd_ver(mld->fw, SCAN_REQ_UMAC,
1991 IWL_FW_CMD_VER_UNKNOWN);
1992 size_t scan_cmd_size;
1993
1994 if (scan_cmd_ver == 17) {
1995 scan_cmd_size = sizeof(struct iwl_scan_req_umac_v17);
1996 } else {
1997 IWL_ERR(mld, "Unexpected scan cmd version %d\n", scan_cmd_ver);
1998 return -EINVAL;
1999 }
2000
2001 mld->scan.cmd = kmalloc(scan_cmd_size, GFP_KERNEL);
2002 if (!mld->scan.cmd)
2003 return -ENOMEM;
2004
2005 mld->scan.cmd_size = scan_cmd_size;
2006
2007 return 0;
2008 }
2009