1 // SPDX-License-Identifier: GPL-2.0 OR BSD-3-Clause 2 /* 3 * Copyright (C) 2024-2025 Intel Corporation 4 */ 5 #include <linux/crc32.h> 6 7 #include "iwl-utils.h" 8 9 #include "mld.h" 10 #include "scan.h" 11 #include "hcmd.h" 12 #include "iface.h" 13 #include "phy.h" 14 #include "mlo.h" 15 16 #include "fw/api/scan.h" 17 #include "fw/dbg.h" 18 19 #define IWL_SCAN_DWELL_ACTIVE 10 20 #define IWL_SCAN_DWELL_PASSIVE 110 21 #define IWL_SCAN_NUM_OF_FRAGS 3 22 23 /* adaptive dwell max budget time [TU] for full scan */ 24 #define IWL_SCAN_ADWELL_MAX_BUDGET_FULL_SCAN 300 25 26 /* adaptive dwell max budget time [TU] for directed scan */ 27 #define IWL_SCAN_ADWELL_MAX_BUDGET_DIRECTED_SCAN 100 28 29 /* adaptive dwell default high band APs number */ 30 #define IWL_SCAN_ADWELL_DEFAULT_HB_N_APS 8 31 32 /* adaptive dwell default low band APs number */ 33 #define IWL_SCAN_ADWELL_DEFAULT_LB_N_APS 2 34 35 /* adaptive dwell default APs number for P2P social channels (1, 6, 11) */ 36 #define IWL_SCAN_ADWELL_DEFAULT_N_APS_SOCIAL 10 37 38 /* adaptive dwell number of APs override for P2P friendly GO channels */ 39 #define IWL_SCAN_ADWELL_N_APS_GO_FRIENDLY 10 40 41 /* adaptive dwell number of APs override for P2P social channels */ 42 #define IWL_SCAN_ADWELL_N_APS_SOCIAL_CHS 2 43 44 /* adaptive dwell number of APs override mask for p2p friendly GO */ 45 #define IWL_SCAN_ADWELL_N_APS_GO_FRIENDLY_BIT BIT(20) 46 47 /* adaptive dwell number of APs override mask for social channels */ 48 #define IWL_SCAN_ADWELL_N_APS_SOCIAL_CHS_BIT BIT(21) 49 50 #define SCAN_TIMEOUT_MSEC (30000 * HZ) 51 52 /* minimal number of 2GHz and 5GHz channels in the regular scan request */ 53 #define IWL_MLD_6GHZ_PASSIVE_SCAN_MIN_CHANS 4 54 55 enum iwl_mld_scan_type { 56 IWL_SCAN_TYPE_NOT_SET, 57 IWL_SCAN_TYPE_UNASSOC, 58 IWL_SCAN_TYPE_WILD, 59 IWL_SCAN_TYPE_MILD, 60 IWL_SCAN_TYPE_FRAGMENTED, 61 IWL_SCAN_TYPE_FAST_BALANCE, 62 }; 63 64 struct iwl_mld_scan_timing_params { 65 u32 suspend_time; 66 u32 max_out_time; 67 }; 68 69 static const struct iwl_mld_scan_timing_params scan_timing[] = { 70 [IWL_SCAN_TYPE_UNASSOC] = { 71 .suspend_time = 0, 72 .max_out_time = 0, 73 }, 74 [IWL_SCAN_TYPE_WILD] = { 75 .suspend_time = 30, 76 .max_out_time = 120, 77 }, 78 [IWL_SCAN_TYPE_MILD] = { 79 .suspend_time = 120, 80 .max_out_time = 120, 81 }, 82 [IWL_SCAN_TYPE_FRAGMENTED] = { 83 .suspend_time = 95, 84 .max_out_time = 44, 85 }, 86 [IWL_SCAN_TYPE_FAST_BALANCE] = { 87 .suspend_time = 30, 88 .max_out_time = 37, 89 }, 90 }; 91 92 struct iwl_mld_scan_params { 93 enum iwl_mld_scan_type type; 94 u32 n_channels; 95 u16 delay; 96 int n_ssids; 97 struct cfg80211_ssid *ssids; 98 struct ieee80211_channel **channels; 99 u32 flags; 100 u8 *mac_addr; 101 u8 *mac_addr_mask; 102 bool no_cck; 103 bool pass_all; 104 int n_match_sets; 105 struct iwl_scan_probe_req preq; 106 struct cfg80211_match_set *match_sets; 107 int n_scan_plans; 108 struct cfg80211_sched_scan_plan *scan_plans; 109 bool iter_notif; 110 bool respect_p2p_go; 111 u8 fw_link_id; 112 struct cfg80211_scan_6ghz_params *scan_6ghz_params; 113 u32 n_6ghz_params; 114 bool scan_6ghz; 115 bool enable_6ghz_passive; 116 u8 bssid[ETH_ALEN] __aligned(2); 117 }; 118 119 struct iwl_mld_scan_respect_p2p_go_iter_data { 120 struct ieee80211_vif *current_vif; 121 bool p2p_go; 122 }; 123 124 static void iwl_mld_scan_respect_p2p_go_iter(void *_data, u8 *mac, 125 struct ieee80211_vif *vif) 126 { 127 struct iwl_mld_scan_respect_p2p_go_iter_data *data = _data; 128 129 /* exclude the given vif */ 130 if (vif == data->current_vif) 131 return; 132 133 /* TODO: CDB check the band of the GO */ 134 if (ieee80211_vif_type_p2p(vif) == NL80211_IFTYPE_P2P_GO && 135 iwl_mld_vif_from_mac80211(vif)->ap_ibss_active) 136 data->p2p_go = true; 137 } 138 139 static bool iwl_mld_get_respect_p2p_go(struct iwl_mld *mld, 140 struct ieee80211_vif *vif, 141 bool low_latency) 142 { 143 struct iwl_mld_scan_respect_p2p_go_iter_data data = { 144 .current_vif = vif, 145 .p2p_go = false, 146 }; 147 148 if (!low_latency) 149 return false; 150 151 ieee80211_iterate_active_interfaces_mtx(mld->hw, 152 IEEE80211_IFACE_ITER_NORMAL, 153 iwl_mld_scan_respect_p2p_go_iter, 154 &data); 155 156 return data.p2p_go; 157 } 158 159 struct iwl_mld_scan_iter_data { 160 struct ieee80211_vif *current_vif; 161 bool active_vif; 162 bool is_dcm_with_p2p_go; 163 bool global_low_latency; 164 }; 165 166 static void iwl_mld_scan_iterator(void *_data, u8 *mac, 167 struct ieee80211_vif *vif) 168 { 169 struct iwl_mld_scan_iter_data *data = _data; 170 struct ieee80211_vif *curr_vif = data->current_vif; 171 struct iwl_mld_vif *mld_vif = iwl_mld_vif_from_mac80211(vif); 172 struct iwl_mld_vif *curr_mld_vif; 173 unsigned long curr_vif_active_links; 174 u16 link_id; 175 176 data->global_low_latency |= iwl_mld_vif_low_latency(mld_vif); 177 178 if ((ieee80211_vif_is_mld(vif) && vif->active_links) || 179 (vif->type != NL80211_IFTYPE_P2P_DEVICE && 180 mld_vif->deflink.active)) 181 data->active_vif = true; 182 183 if (vif == curr_vif) 184 return; 185 186 if (ieee80211_vif_type_p2p(vif) != NL80211_IFTYPE_P2P_GO) 187 return; 188 189 /* Currently P2P GO can't be AP MLD so the logic below assumes that */ 190 WARN_ON_ONCE(ieee80211_vif_is_mld(vif)); 191 192 curr_vif_active_links = 193 ieee80211_vif_is_mld(curr_vif) ? curr_vif->active_links : 1; 194 195 curr_mld_vif = iwl_mld_vif_from_mac80211(curr_vif); 196 197 for_each_set_bit(link_id, &curr_vif_active_links, 198 IEEE80211_MLD_MAX_NUM_LINKS) { 199 struct iwl_mld_link *curr_mld_link = 200 iwl_mld_link_dereference_check(curr_mld_vif, link_id); 201 202 if (WARN_ON(!curr_mld_link)) 203 return; 204 205 if (rcu_access_pointer(curr_mld_link->chan_ctx) && 206 rcu_access_pointer(mld_vif->deflink.chan_ctx) != 207 rcu_access_pointer(curr_mld_link->chan_ctx)) { 208 data->is_dcm_with_p2p_go = true; 209 return; 210 } 211 } 212 } 213 214 static enum 215 iwl_mld_scan_type iwl_mld_get_scan_type(struct iwl_mld *mld, 216 struct ieee80211_vif *vif, 217 struct iwl_mld_scan_iter_data *data) 218 { 219 enum iwl_mld_traffic_load load = mld->scan.traffic_load.status; 220 221 /* A scanning AP interface probably wants to generate a survey to do 222 * ACS (automatic channel selection). 223 * Force a non-fragmented scan in that case. 224 */ 225 if (ieee80211_vif_type_p2p(vif) == NL80211_IFTYPE_AP) 226 return IWL_SCAN_TYPE_WILD; 227 228 if (!data->active_vif) 229 return IWL_SCAN_TYPE_UNASSOC; 230 231 if ((load == IWL_MLD_TRAFFIC_HIGH || data->global_low_latency) && 232 vif->type != NL80211_IFTYPE_P2P_DEVICE) 233 return IWL_SCAN_TYPE_FRAGMENTED; 234 235 /* In case of DCM with P2P GO set all scan requests as 236 * fast-balance scan 237 */ 238 if (vif->type == NL80211_IFTYPE_STATION && 239 data->is_dcm_with_p2p_go) 240 return IWL_SCAN_TYPE_FAST_BALANCE; 241 242 if (load >= IWL_MLD_TRAFFIC_MEDIUM || data->global_low_latency) 243 return IWL_SCAN_TYPE_MILD; 244 245 return IWL_SCAN_TYPE_WILD; 246 } 247 248 static u8 * 249 iwl_mld_scan_add_2ghz_elems(struct iwl_mld *mld, const u8 *ies, 250 size_t len, u8 *const pos) 251 { 252 static const u8 before_ds_params[] = { 253 WLAN_EID_SSID, 254 WLAN_EID_SUPP_RATES, 255 WLAN_EID_REQUEST, 256 WLAN_EID_EXT_SUPP_RATES, 257 }; 258 size_t offs; 259 u8 *newpos = pos; 260 261 offs = ieee80211_ie_split(ies, len, 262 before_ds_params, 263 ARRAY_SIZE(before_ds_params), 264 0); 265 266 memcpy(newpos, ies, offs); 267 newpos += offs; 268 269 /* Add a placeholder for DS Parameter Set element */ 270 *newpos++ = WLAN_EID_DS_PARAMS; 271 *newpos++ = 1; 272 *newpos++ = 0; 273 274 memcpy(newpos, ies + offs, len - offs); 275 newpos += len - offs; 276 277 return newpos; 278 } 279 280 static void 281 iwl_mld_scan_add_tpc_report_elem(u8 *pos) 282 { 283 pos[0] = WLAN_EID_VENDOR_SPECIFIC; 284 pos[1] = WFA_TPC_IE_LEN - 2; 285 pos[2] = (WLAN_OUI_MICROSOFT >> 16) & 0xff; 286 pos[3] = (WLAN_OUI_MICROSOFT >> 8) & 0xff; 287 pos[4] = WLAN_OUI_MICROSOFT & 0xff; 288 pos[5] = WLAN_OUI_TYPE_MICROSOFT_TPC; 289 pos[6] = 0; 290 /* pos[7] - tx power will be inserted by the FW */ 291 pos[7] = 0; 292 pos[8] = 0; 293 } 294 295 static u32 296 iwl_mld_scan_ooc_priority(enum iwl_mld_scan_status scan_status) 297 { 298 if (scan_status == IWL_MLD_SCAN_REGULAR) 299 return IWL_SCAN_PRIORITY_EXT_6; 300 if (scan_status == IWL_MLD_SCAN_INT_MLO) 301 return IWL_SCAN_PRIORITY_EXT_4; 302 303 return IWL_SCAN_PRIORITY_EXT_2; 304 } 305 306 static bool 307 iwl_mld_scan_is_regular(struct iwl_mld_scan_params *params) 308 { 309 return params->n_scan_plans == 1 && 310 params->scan_plans[0].iterations == 1; 311 } 312 313 static bool 314 iwl_mld_scan_is_fragmented(enum iwl_mld_scan_type type) 315 { 316 return (type == IWL_SCAN_TYPE_FRAGMENTED || 317 type == IWL_SCAN_TYPE_FAST_BALANCE); 318 } 319 320 static int 321 iwl_mld_scan_uid_by_status(struct iwl_mld *mld, int status) 322 { 323 for (int i = 0; i < ARRAY_SIZE(mld->scan.uid_status); i++) 324 if (mld->scan.uid_status[i] == status) 325 return i; 326 327 return -ENOENT; 328 } 329 330 static const char * 331 iwl_mld_scan_ebs_status_str(enum iwl_scan_ebs_status status) 332 { 333 switch (status) { 334 case IWL_SCAN_EBS_SUCCESS: 335 return "successful"; 336 case IWL_SCAN_EBS_INACTIVE: 337 return "inactive"; 338 case IWL_SCAN_EBS_FAILED: 339 case IWL_SCAN_EBS_CHAN_NOT_FOUND: 340 default: 341 return "failed"; 342 } 343 } 344 345 static int 346 iwl_mld_scan_ssid_exist(u8 *ssid, u8 ssid_len, struct iwl_ssid_ie *ssid_list) 347 { 348 for (int i = 0; i < PROBE_OPTION_MAX; i++) { 349 if (!ssid_list[i].len) 350 return -1; 351 if (ssid_list[i].len == ssid_len && 352 !memcmp(ssid_list[i].ssid, ssid, ssid_len)) 353 return i; 354 } 355 356 return -1; 357 } 358 359 static bool 360 iwl_mld_scan_fits(struct iwl_mld *mld, int n_ssids, 361 struct ieee80211_scan_ies *ies, int n_channels) 362 { 363 return ((n_ssids <= PROBE_OPTION_MAX) && 364 (n_channels <= mld->fw->ucode_capa.n_scan_channels) && 365 (ies->common_ie_len + ies->len[NL80211_BAND_2GHZ] + 366 ies->len[NL80211_BAND_5GHZ] + ies->len[NL80211_BAND_6GHZ] <= 367 iwl_mld_scan_max_template_size())); 368 } 369 370 static void 371 iwl_mld_scan_build_probe_req(struct iwl_mld *mld, struct ieee80211_vif *vif, 372 struct ieee80211_scan_ies *ies, 373 struct iwl_mld_scan_params *params) 374 { 375 struct ieee80211_mgmt *frame = (void *)params->preq.buf; 376 u8 *pos, *newpos; 377 const u8 *mac_addr = params->flags & NL80211_SCAN_FLAG_RANDOM_ADDR ? 378 params->mac_addr : NULL; 379 380 if (mac_addr) 381 get_random_mask_addr(frame->sa, mac_addr, 382 params->mac_addr_mask); 383 else 384 memcpy(frame->sa, vif->addr, ETH_ALEN); 385 386 frame->frame_control = cpu_to_le16(IEEE80211_STYPE_PROBE_REQ); 387 eth_broadcast_addr(frame->da); 388 ether_addr_copy(frame->bssid, params->bssid); 389 frame->seq_ctrl = 0; 390 391 pos = frame->u.probe_req.variable; 392 *pos++ = WLAN_EID_SSID; 393 *pos++ = 0; 394 395 params->preq.mac_header.offset = 0; 396 params->preq.mac_header.len = cpu_to_le16(24 + 2); 397 398 /* Insert DS parameter set element on 2.4 GHz band */ 399 newpos = iwl_mld_scan_add_2ghz_elems(mld, 400 ies->ies[NL80211_BAND_2GHZ], 401 ies->len[NL80211_BAND_2GHZ], 402 pos); 403 params->preq.band_data[0].offset = cpu_to_le16(pos - params->preq.buf); 404 params->preq.band_data[0].len = cpu_to_le16(newpos - pos); 405 pos = newpos; 406 407 memcpy(pos, ies->ies[NL80211_BAND_5GHZ], 408 ies->len[NL80211_BAND_5GHZ]); 409 params->preq.band_data[1].offset = cpu_to_le16(pos - params->preq.buf); 410 params->preq.band_data[1].len = 411 cpu_to_le16(ies->len[NL80211_BAND_5GHZ]); 412 pos += ies->len[NL80211_BAND_5GHZ]; 413 414 memcpy(pos, ies->ies[NL80211_BAND_6GHZ], 415 ies->len[NL80211_BAND_6GHZ]); 416 params->preq.band_data[2].offset = cpu_to_le16(pos - params->preq.buf); 417 params->preq.band_data[2].len = 418 cpu_to_le16(ies->len[NL80211_BAND_6GHZ]); 419 pos += ies->len[NL80211_BAND_6GHZ]; 420 421 memcpy(pos, ies->common_ies, ies->common_ie_len); 422 params->preq.common_data.offset = cpu_to_le16(pos - params->preq.buf); 423 424 iwl_mld_scan_add_tpc_report_elem(pos + ies->common_ie_len); 425 params->preq.common_data.len = cpu_to_le16(ies->common_ie_len + 426 WFA_TPC_IE_LEN); 427 } 428 429 static u16 430 iwl_mld_scan_get_cmd_gen_flags(struct iwl_mld *mld, 431 struct iwl_mld_scan_params *params, 432 struct ieee80211_vif *vif, 433 enum iwl_mld_scan_status scan_status) 434 { 435 u16 flags = 0; 436 437 /* If no direct SSIDs are provided perform a passive scan. Otherwise, 438 * if there is a single SSID which is not the broadcast SSID, assume 439 * that the scan is intended for roaming purposes and thus enable Rx on 440 * all chains to improve chances of hearing the beacons/probe responses. 441 */ 442 if (params->n_ssids == 0) 443 flags |= IWL_UMAC_SCAN_GEN_FLAGS_V2_FORCE_PASSIVE; 444 else if (params->n_ssids == 1 && params->ssids[0].ssid_len) 445 flags |= IWL_UMAC_SCAN_GEN_FLAGS_V2_USE_ALL_RX_CHAINS; 446 447 if (params->pass_all) 448 flags |= IWL_UMAC_SCAN_GEN_FLAGS_V2_PASS_ALL; 449 else 450 flags |= IWL_UMAC_SCAN_GEN_FLAGS_V2_MATCH; 451 452 if (iwl_mld_scan_is_fragmented(params->type)) 453 flags |= IWL_UMAC_SCAN_GEN_FLAGS_V2_FRAGMENTED_LMAC1; 454 455 if (!iwl_mld_scan_is_regular(params)) 456 flags |= IWL_UMAC_SCAN_GEN_FLAGS_V2_PERIODIC; 457 458 if (params->iter_notif || 459 mld->scan.pass_all_sched_res == SCHED_SCAN_PASS_ALL_STATE_ENABLED) 460 flags |= IWL_UMAC_SCAN_GEN_FLAGS_V2_NTFY_ITER_COMPLETE; 461 462 if (scan_status == IWL_MLD_SCAN_SCHED || 463 scan_status == IWL_MLD_SCAN_NETDETECT) 464 flags |= IWL_UMAC_SCAN_GEN_FLAGS_V2_PREEMPTIVE; 465 466 if (params->flags & (NL80211_SCAN_FLAG_ACCEPT_BCAST_PROBE_RESP | 467 NL80211_SCAN_FLAG_OCE_PROBE_REQ_HIGH_TX_RATE | 468 NL80211_SCAN_FLAG_FILS_MAX_CHANNEL_TIME)) 469 flags |= IWL_UMAC_SCAN_GEN_FLAGS_V2_OCE; 470 471 if ((scan_status == IWL_MLD_SCAN_SCHED || 472 scan_status == IWL_MLD_SCAN_NETDETECT) && 473 params->flags & NL80211_SCAN_FLAG_COLOCATED_6GHZ) 474 flags |= IWL_UMAC_SCAN_GEN_FLAGS_V2_TRIGGER_UHB_SCAN; 475 476 if (params->enable_6ghz_passive) 477 flags |= IWL_UMAC_SCAN_GEN_FLAGS_V2_6GHZ_PASSIVE_SCAN; 478 479 flags |= IWL_UMAC_SCAN_GEN_FLAGS_V2_ADAPTIVE_DWELL; 480 481 return flags; 482 } 483 484 static u8 485 iwl_mld_scan_get_cmd_gen_flags2(struct iwl_mld *mld, 486 struct iwl_mld_scan_params *params, 487 struct ieee80211_vif *vif, 488 enum iwl_mld_scan_status scan_status, 489 u16 gen_flags) 490 { 491 u8 flags = 0; 492 493 /* TODO: CDB */ 494 if (params->respect_p2p_go) 495 flags |= IWL_UMAC_SCAN_GEN_PARAMS_FLAGS2_RESPECT_P2P_GO_LB | 496 IWL_UMAC_SCAN_GEN_PARAMS_FLAGS2_RESPECT_P2P_GO_HB; 497 498 if (params->scan_6ghz) 499 flags |= IWL_UMAC_SCAN_GEN_PARAMS_FLAGS2_DONT_TOGGLE_ANT; 500 501 /* For AP interfaces, request survey data for regular scans and if 502 * it is supported. For non-AP interfaces, EBS will be enabled and 503 * the results may be missing information for some channels. 504 */ 505 if (scan_status == IWL_MLD_SCAN_REGULAR && 506 ieee80211_vif_type_p2p(vif) == NL80211_IFTYPE_AP && 507 gen_flags & IWL_UMAC_SCAN_GEN_FLAGS_V2_FORCE_PASSIVE) 508 flags |= IWL_UMAC_SCAN_GEN_FLAGS2_COLLECT_CHANNEL_STATS; 509 510 return flags; 511 } 512 513 static void 514 iwl_mld_scan_cmd_set_dwell(struct iwl_mld *mld, 515 struct iwl_scan_general_params_v11 *gp, 516 struct iwl_mld_scan_params *params) 517 { 518 const struct iwl_mld_scan_timing_params *timing = 519 &scan_timing[params->type]; 520 521 gp->adwell_default_social_chn = 522 IWL_SCAN_ADWELL_DEFAULT_N_APS_SOCIAL; 523 gp->adwell_default_2g = IWL_SCAN_ADWELL_DEFAULT_LB_N_APS; 524 gp->adwell_default_5g = IWL_SCAN_ADWELL_DEFAULT_HB_N_APS; 525 526 if (params->n_ssids && params->ssids[0].ssid_len) 527 gp->adwell_max_budget = 528 cpu_to_le16(IWL_SCAN_ADWELL_MAX_BUDGET_DIRECTED_SCAN); 529 else 530 gp->adwell_max_budget = 531 cpu_to_le16(IWL_SCAN_ADWELL_MAX_BUDGET_FULL_SCAN); 532 533 gp->scan_priority = cpu_to_le32(IWL_SCAN_PRIORITY_EXT_6); 534 535 gp->max_out_of_time[SCAN_LB_LMAC_IDX] = cpu_to_le32(timing->max_out_time); 536 gp->suspend_time[SCAN_LB_LMAC_IDX] = cpu_to_le32(timing->suspend_time); 537 538 gp->active_dwell[SCAN_LB_LMAC_IDX] = IWL_SCAN_DWELL_ACTIVE; 539 gp->passive_dwell[SCAN_LB_LMAC_IDX] = IWL_SCAN_DWELL_PASSIVE; 540 gp->active_dwell[SCAN_HB_LMAC_IDX] = IWL_SCAN_DWELL_ACTIVE; 541 gp->passive_dwell[SCAN_HB_LMAC_IDX] = IWL_SCAN_DWELL_PASSIVE; 542 543 IWL_DEBUG_SCAN(mld, 544 "Scan: adwell_max_budget=%d max_out_of_time=%d suspend_time=%d\n", 545 gp->adwell_max_budget, 546 gp->max_out_of_time[SCAN_LB_LMAC_IDX], 547 gp->suspend_time[SCAN_LB_LMAC_IDX]); 548 } 549 550 static void 551 iwl_mld_scan_cmd_set_gen_params(struct iwl_mld *mld, 552 struct iwl_mld_scan_params *params, 553 struct ieee80211_vif *vif, 554 struct iwl_scan_general_params_v11 *gp, 555 enum iwl_mld_scan_status scan_status) 556 { 557 u16 gen_flags = iwl_mld_scan_get_cmd_gen_flags(mld, params, vif, 558 scan_status); 559 u8 gen_flags2 = iwl_mld_scan_get_cmd_gen_flags2(mld, params, vif, 560 scan_status, 561 gen_flags); 562 563 IWL_DEBUG_SCAN(mld, "General: flags=0x%x, flags2=0x%x\n", 564 gen_flags, gen_flags2); 565 566 gp->flags = cpu_to_le16(gen_flags); 567 gp->flags2 = gen_flags2; 568 569 iwl_mld_scan_cmd_set_dwell(mld, gp, params); 570 571 if (gen_flags & IWL_UMAC_SCAN_GEN_FLAGS_V2_FRAGMENTED_LMAC1) 572 gp->num_of_fragments[SCAN_LB_LMAC_IDX] = IWL_SCAN_NUM_OF_FRAGS; 573 574 if (params->fw_link_id != IWL_MLD_INVALID_FW_ID) 575 gp->scan_start_mac_or_link_id = params->fw_link_id; 576 } 577 578 static int 579 iwl_mld_scan_cmd_set_sched_params(struct iwl_mld_scan_params *params, 580 struct iwl_scan_umac_schedule *schedule, 581 __le16 *delay) 582 { 583 if (WARN_ON(!params->n_scan_plans || 584 params->n_scan_plans > IWL_MAX_SCHED_SCAN_PLANS)) 585 return -EINVAL; 586 587 for (int i = 0; i < params->n_scan_plans; i++) { 588 struct cfg80211_sched_scan_plan *scan_plan = 589 ¶ms->scan_plans[i]; 590 591 schedule[i].iter_count = scan_plan->iterations; 592 schedule[i].interval = 593 cpu_to_le16(scan_plan->interval); 594 } 595 596 /* If the number of iterations of the last scan plan is set to zero, 597 * it should run infinitely. However, this is not always the case. 598 * For example, when regular scan is requested the driver sets one scan 599 * plan with one iteration. 600 */ 601 if (!schedule[params->n_scan_plans - 1].iter_count) 602 schedule[params->n_scan_plans - 1].iter_count = 0xff; 603 604 *delay = cpu_to_le16(params->delay); 605 606 return 0; 607 } 608 609 /* We insert the SSIDs in an inverted order, because the FW will 610 * invert it back. 611 */ 612 static void 613 iwl_mld_scan_cmd_build_ssids(struct iwl_mld_scan_params *params, 614 struct iwl_ssid_ie *ssids, u32 *ssid_bitmap) 615 { 616 int i, j; 617 int index; 618 u32 tmp_bitmap = 0; 619 620 /* copy SSIDs from match list. iwl_config_sched_scan_profiles() 621 * uses the order of these ssids to config match list. 622 */ 623 for (i = 0, j = params->n_match_sets - 1; 624 j >= 0 && i < PROBE_OPTION_MAX; 625 i++, j--) { 626 /* skip empty SSID match_sets */ 627 if (!params->match_sets[j].ssid.ssid_len) 628 continue; 629 630 ssids[i].id = WLAN_EID_SSID; 631 ssids[i].len = params->match_sets[j].ssid.ssid_len; 632 memcpy(ssids[i].ssid, params->match_sets[j].ssid.ssid, 633 ssids[i].len); 634 } 635 636 /* add SSIDs from scan SSID list */ 637 for (j = params->n_ssids - 1; 638 j >= 0 && i < PROBE_OPTION_MAX; 639 i++, j--) { 640 index = iwl_mld_scan_ssid_exist(params->ssids[j].ssid, 641 params->ssids[j].ssid_len, 642 ssids); 643 if (index < 0) { 644 ssids[i].id = WLAN_EID_SSID; 645 ssids[i].len = params->ssids[j].ssid_len; 646 memcpy(ssids[i].ssid, params->ssids[j].ssid, 647 ssids[i].len); 648 tmp_bitmap |= BIT(i); 649 } else { 650 tmp_bitmap |= BIT(index); 651 } 652 } 653 654 if (ssid_bitmap) 655 *ssid_bitmap = tmp_bitmap; 656 } 657 658 static void 659 iwl_mld_scan_fill_6g_chan_list(struct iwl_mld_scan_params *params, 660 struct iwl_scan_probe_params_v4 *pp) 661 { 662 int j, idex_s = 0, idex_b = 0; 663 struct cfg80211_scan_6ghz_params *scan_6ghz_params = 664 params->scan_6ghz_params; 665 666 for (j = 0; 667 j < params->n_ssids && idex_s < SCAN_SHORT_SSID_MAX_SIZE; 668 j++) { 669 if (!params->ssids[j].ssid_len) 670 continue; 671 672 pp->short_ssid[idex_s] = 673 cpu_to_le32(~crc32_le(~0, params->ssids[j].ssid, 674 params->ssids[j].ssid_len)); 675 676 /* hidden 6ghz scan */ 677 pp->direct_scan[idex_s].id = WLAN_EID_SSID; 678 pp->direct_scan[idex_s].len = params->ssids[j].ssid_len; 679 memcpy(pp->direct_scan[idex_s].ssid, params->ssids[j].ssid, 680 params->ssids[j].ssid_len); 681 idex_s++; 682 } 683 684 /* Populate the arrays of the short SSIDs and the BSSIDs using the 6GHz 685 * collocated parameters. This might not be optimal, as this processing 686 * does not (yet) correspond to the actual channels, so it is possible 687 * that some entries would be left out. 688 */ 689 for (j = 0; j < params->n_6ghz_params; j++) { 690 int k; 691 692 /* First, try to place the short SSID */ 693 if (scan_6ghz_params[j].short_ssid_valid) { 694 for (k = 0; k < idex_s; k++) { 695 if (pp->short_ssid[k] == 696 cpu_to_le32(scan_6ghz_params[j].short_ssid)) 697 break; 698 } 699 700 if (k == idex_s && idex_s < SCAN_SHORT_SSID_MAX_SIZE) { 701 pp->short_ssid[idex_s++] = 702 cpu_to_le32(scan_6ghz_params[j].short_ssid); 703 } 704 } 705 706 /* try to place BSSID for the same entry */ 707 for (k = 0; k < idex_b; k++) { 708 if (!memcmp(&pp->bssid_array[k], 709 scan_6ghz_params[j].bssid, ETH_ALEN)) 710 break; 711 } 712 713 if (k == idex_b && idex_b < SCAN_BSSID_MAX_SIZE && 714 !WARN_ONCE(!is_valid_ether_addr(scan_6ghz_params[j].bssid), 715 "scan: invalid BSSID at index %u, index_b=%u\n", 716 j, idex_b)) { 717 memcpy(&pp->bssid_array[idex_b++], 718 scan_6ghz_params[j].bssid, ETH_ALEN); 719 } 720 } 721 722 pp->short_ssid_num = idex_s; 723 pp->bssid_num = idex_b; 724 } 725 726 static void 727 iwl_mld_scan_cmd_set_probe_params(struct iwl_mld_scan_params *params, 728 struct iwl_scan_probe_params_v4 *pp, 729 u32 *bitmap_ssid) 730 { 731 pp->preq = params->preq; 732 733 if (params->scan_6ghz) { 734 iwl_mld_scan_fill_6g_chan_list(params, pp); 735 return; 736 } 737 738 /* relevant only for 2.4 GHz /5 GHz scan */ 739 iwl_mld_scan_cmd_build_ssids(params, pp->direct_scan, bitmap_ssid); 740 } 741 742 static bool 743 iwl_mld_scan_use_ebs(struct iwl_mld *mld, struct ieee80211_vif *vif, 744 bool low_latency) 745 { 746 const struct iwl_ucode_capabilities *capa = &mld->fw->ucode_capa; 747 748 /* We can only use EBS if: 749 * 1. the feature is supported. 750 * 2. the last EBS was successful. 751 * 3. it's not a p2p find operation. 752 * 4. we are not in low latency mode, 753 * or if fragmented ebs is supported by the FW 754 * 5. the VIF is not an AP interface (scan wants survey results) 755 */ 756 return ((capa->flags & IWL_UCODE_TLV_FLAGS_EBS_SUPPORT) && 757 !mld->scan.last_ebs_failed && 758 vif->type != NL80211_IFTYPE_P2P_DEVICE && 759 (!low_latency || fw_has_api(capa, IWL_UCODE_TLV_API_FRAG_EBS)) && 760 ieee80211_vif_type_p2p(vif) != NL80211_IFTYPE_AP); 761 } 762 763 static u8 764 iwl_mld_scan_cmd_set_chan_flags(struct iwl_mld *mld, 765 struct iwl_mld_scan_params *params, 766 struct ieee80211_vif *vif, 767 bool low_latency) 768 { 769 u8 flags = 0; 770 771 flags |= IWL_SCAN_CHANNEL_FLAG_ENABLE_CHAN_ORDER; 772 773 if (iwl_mld_scan_use_ebs(mld, vif, low_latency)) 774 flags |= IWL_SCAN_CHANNEL_FLAG_EBS | 775 IWL_SCAN_CHANNEL_FLAG_EBS_ACCURATE | 776 IWL_SCAN_CHANNEL_FLAG_CACHE_ADD; 777 778 /* set fragmented ebs for fragmented scan */ 779 if (iwl_mld_scan_is_fragmented(params->type)) 780 flags |= IWL_SCAN_CHANNEL_FLAG_EBS_FRAG; 781 782 /* Force EBS in case the scan is a fragmented and there is a need 783 * to take P2P GO operation into consideration during scan operation. 784 */ 785 /* TODO: CDB */ 786 if (iwl_mld_scan_is_fragmented(params->type) && 787 params->respect_p2p_go) { 788 IWL_DEBUG_SCAN(mld, "Respect P2P GO. Force EBS\n"); 789 flags |= IWL_SCAN_CHANNEL_FLAG_FORCE_EBS; 790 } 791 792 return flags; 793 } 794 795 static const u8 p2p_go_friendly_chs[] = { 796 36, 40, 44, 48, 149, 153, 157, 161, 165, 797 }; 798 799 static const u8 social_chs[] = { 800 1, 6, 11 801 }; 802 803 static u32 iwl_mld_scan_ch_n_aps_flag(enum nl80211_iftype vif_type, u8 ch_id) 804 { 805 if (vif_type != NL80211_IFTYPE_P2P_DEVICE) 806 return 0; 807 808 for (int i = 0; i < ARRAY_SIZE(p2p_go_friendly_chs); i++) { 809 if (ch_id == p2p_go_friendly_chs[i]) 810 return IWL_SCAN_ADWELL_N_APS_GO_FRIENDLY_BIT; 811 } 812 813 for (int i = 0; i < ARRAY_SIZE(social_chs); i++) { 814 if (ch_id == social_chs[i]) 815 return IWL_SCAN_ADWELL_N_APS_SOCIAL_CHS_BIT; 816 } 817 818 return 0; 819 } 820 821 static void 822 iwl_mld_scan_cmd_set_channels(struct iwl_mld *mld, 823 struct ieee80211_channel **channels, 824 struct iwl_scan_channel_params_v7 *cp, 825 int n_channels, u32 flags, 826 enum nl80211_iftype vif_type) 827 { 828 for (int i = 0; i < n_channels; i++) { 829 enum nl80211_band band = channels[i]->band; 830 struct iwl_scan_channel_cfg_umac *cfg = &cp->channel_config[i]; 831 u8 iwl_band = iwl_mld_nl80211_band_to_fw(band); 832 u32 n_aps_flag = 833 iwl_mld_scan_ch_n_aps_flag(vif_type, 834 channels[i]->hw_value); 835 836 if (IWL_MLD_ADAPTIVE_DWELL_NUM_APS_OVERRIDE) 837 n_aps_flag = IWL_SCAN_ADWELL_N_APS_GO_FRIENDLY_BIT; 838 839 cfg->flags = cpu_to_le32(flags | n_aps_flag); 840 cfg->channel_num = channels[i]->hw_value; 841 if (cfg80211_channel_is_psc(channels[i])) 842 cfg->flags = 0; 843 844 if (band == NL80211_BAND_6GHZ) { 845 /* 6 GHz channels should only appear in a scan request 846 * that has scan_6ghz set. The only exception is MLO 847 * scan, which has to be passive. 848 */ 849 WARN_ON_ONCE(cfg->flags != 0); 850 cfg->flags = 851 cpu_to_le32(IWL_UHB_CHAN_CFG_FLAG_FORCE_PASSIVE); 852 } 853 854 cfg->v2.iter_count = 1; 855 cfg->v2.iter_interval = 0; 856 cfg->flags |= cpu_to_le32(iwl_band << 857 IWL_CHAN_CFG_FLAGS_BAND_POS); 858 } 859 } 860 861 static u8 862 iwl_mld_scan_cfg_channels_6g(struct iwl_mld *mld, 863 struct iwl_mld_scan_params *params, 864 u32 n_channels, 865 struct iwl_scan_probe_params_v4 *pp, 866 struct iwl_scan_channel_params_v7 *cp, 867 enum nl80211_iftype vif_type) 868 { 869 struct cfg80211_scan_6ghz_params *scan_6ghz_params = 870 params->scan_6ghz_params; 871 u32 i; 872 u8 ch_cnt; 873 874 for (i = 0, ch_cnt = 0; i < params->n_channels; i++) { 875 struct iwl_scan_channel_cfg_umac *cfg = 876 &cp->channel_config[ch_cnt]; 877 878 u32 s_ssid_bitmap = 0, bssid_bitmap = 0, flags = 0; 879 u8 k, n_s_ssids = 0, n_bssids = 0; 880 u8 max_s_ssids, max_bssids; 881 bool force_passive = false, found = false, allow_passive = true, 882 unsolicited_probe_on_chan = false, psc_no_listen = false; 883 s8 psd_20 = IEEE80211_RNR_TBTT_PARAMS_PSD_RESERVED; 884 885 /* Avoid performing passive scan on non PSC channels unless the 886 * scan is specifically a passive scan, i.e., no SSIDs 887 * configured in the scan command. 888 */ 889 if (!cfg80211_channel_is_psc(params->channels[i]) && 890 !params->n_6ghz_params && params->n_ssids) 891 continue; 892 893 cfg->channel_num = params->channels[i]->hw_value; 894 cfg->flags |= 895 cpu_to_le32(PHY_BAND_6 << IWL_CHAN_CFG_FLAGS_BAND_POS); 896 897 cfg->v5.iter_count = 1; 898 cfg->v5.iter_interval = 0; 899 900 for (u32 j = 0; j < params->n_6ghz_params; j++) { 901 s8 tmp_psd_20; 902 903 if (!(scan_6ghz_params[j].channel_idx == i)) 904 continue; 905 906 unsolicited_probe_on_chan |= 907 scan_6ghz_params[j].unsolicited_probe; 908 909 /* Use the highest PSD value allowed as advertised by 910 * APs for this channel 911 */ 912 tmp_psd_20 = scan_6ghz_params[j].psd_20; 913 if (tmp_psd_20 != 914 IEEE80211_RNR_TBTT_PARAMS_PSD_RESERVED && 915 (psd_20 == 916 IEEE80211_RNR_TBTT_PARAMS_PSD_RESERVED || 917 psd_20 < tmp_psd_20)) 918 psd_20 = tmp_psd_20; 919 920 psc_no_listen |= scan_6ghz_params[j].psc_no_listen; 921 } 922 923 /* In the following cases apply passive scan: 924 * 1. Non fragmented scan: 925 * - PSC channel with NO_LISTEN_FLAG on should be treated 926 * like non PSC channel 927 * - Non PSC channel with more than 3 short SSIDs or more 928 * than 9 BSSIDs. 929 * - Non PSC Channel with unsolicited probe response and 930 * more than 2 short SSIDs or more than 6 BSSIDs. 931 * - PSC channel with more than 2 short SSIDs or more than 932 * 6 BSSIDs. 933 * 2. Fragmented scan: 934 * - PSC channel with more than 1 SSID or 3 BSSIDs. 935 * - Non PSC channel with more than 2 SSIDs or 6 BSSIDs. 936 * - Non PSC channel with unsolicited probe response and 937 * more than 1 SSID or more than 3 BSSIDs. 938 */ 939 if (!iwl_mld_scan_is_fragmented(params->type)) { 940 if (!cfg80211_channel_is_psc(params->channels[i]) || 941 psc_no_listen) { 942 if (unsolicited_probe_on_chan) { 943 max_s_ssids = 2; 944 max_bssids = 6; 945 } else { 946 max_s_ssids = 3; 947 max_bssids = 9; 948 } 949 } else { 950 max_s_ssids = 2; 951 max_bssids = 6; 952 } 953 } else if (cfg80211_channel_is_psc(params->channels[i])) { 954 max_s_ssids = 1; 955 max_bssids = 3; 956 } else { 957 if (unsolicited_probe_on_chan) { 958 max_s_ssids = 1; 959 max_bssids = 3; 960 } else { 961 max_s_ssids = 2; 962 max_bssids = 6; 963 } 964 } 965 966 /* To optimize the scan time, i.e., reduce the scan dwell time 967 * on each channel, the below logic tries to set 3 direct BSSID 968 * probe requests for each broadcast probe request with a short 969 * SSID. 970 */ 971 for (u32 j = 0; j < params->n_6ghz_params; j++) { 972 if (!(scan_6ghz_params[j].channel_idx == i)) 973 continue; 974 975 found = false; 976 977 for (k = 0; 978 k < pp->short_ssid_num && n_s_ssids < max_s_ssids; 979 k++) { 980 if (!scan_6ghz_params[j].unsolicited_probe && 981 le32_to_cpu(pp->short_ssid[k]) == 982 scan_6ghz_params[j].short_ssid) { 983 /* Relevant short SSID bit set */ 984 if (s_ssid_bitmap & BIT(k)) { 985 found = true; 986 break; 987 } 988 989 /* Prefer creating BSSID entries unless 990 * the short SSID probe can be done in 991 * the same channel dwell iteration. 992 * 993 * We also need to create a short SSID 994 * entry for any hidden AP. 995 */ 996 if (3 * n_s_ssids > n_bssids && 997 !pp->direct_scan[k].len) 998 break; 999 1000 /* Hidden AP, cannot do passive scan */ 1001 if (pp->direct_scan[k].len) 1002 allow_passive = false; 1003 1004 s_ssid_bitmap |= BIT(k); 1005 n_s_ssids++; 1006 found = true; 1007 break; 1008 } 1009 } 1010 1011 if (found) 1012 continue; 1013 1014 for (k = 0; k < pp->bssid_num; k++) { 1015 if (memcmp(&pp->bssid_array[k], 1016 scan_6ghz_params[j].bssid, 1017 ETH_ALEN)) 1018 continue; 1019 1020 if (bssid_bitmap & BIT(k)) 1021 break; 1022 1023 if (n_bssids < max_bssids) { 1024 bssid_bitmap |= BIT(k); 1025 n_bssids++; 1026 } else { 1027 force_passive = TRUE; 1028 } 1029 1030 break; 1031 } 1032 } 1033 1034 if (cfg80211_channel_is_psc(params->channels[i]) && 1035 psc_no_listen) 1036 flags |= IWL_UHB_CHAN_CFG_FLAG_PSC_CHAN_NO_LISTEN; 1037 1038 if (unsolicited_probe_on_chan) 1039 flags |= IWL_UHB_CHAN_CFG_FLAG_UNSOLICITED_PROBE_RES; 1040 1041 if ((allow_passive && force_passive) || 1042 (!(bssid_bitmap | s_ssid_bitmap) && 1043 !cfg80211_channel_is_psc(params->channels[i]))) 1044 flags |= IWL_UHB_CHAN_CFG_FLAG_FORCE_PASSIVE; 1045 else 1046 flags |= bssid_bitmap | (s_ssid_bitmap << 16); 1047 1048 cfg->flags |= cpu_to_le32(flags); 1049 cfg->v5.psd_20 = psd_20; 1050 1051 ch_cnt++; 1052 } 1053 1054 if (params->n_channels > ch_cnt) 1055 IWL_DEBUG_SCAN(mld, 1056 "6GHz: reducing number channels: (%u->%u)\n", 1057 params->n_channels, ch_cnt); 1058 1059 return ch_cnt; 1060 } 1061 1062 static int 1063 iwl_mld_scan_cmd_set_6ghz_chan_params(struct iwl_mld *mld, 1064 struct iwl_mld_scan_params *params, 1065 struct ieee80211_vif *vif, 1066 struct iwl_scan_req_params_v17 *scan_p, 1067 enum iwl_mld_scan_status scan_status) 1068 { 1069 struct iwl_scan_channel_params_v7 *chan_p = &scan_p->channel_params; 1070 struct iwl_scan_probe_params_v4 *probe_p = &scan_p->probe_params; 1071 1072 chan_p->flags = iwl_mld_scan_get_cmd_gen_flags(mld, params, vif, 1073 scan_status); 1074 chan_p->count = iwl_mld_scan_cfg_channels_6g(mld, params, 1075 params->n_channels, 1076 probe_p, chan_p, 1077 vif->type); 1078 if (!chan_p->count) 1079 return -EINVAL; 1080 1081 if (!params->n_ssids || 1082 (params->n_ssids == 1 && !params->ssids[0].ssid_len)) 1083 chan_p->flags |= IWL_SCAN_CHANNEL_FLAG_6G_PSC_NO_FILTER; 1084 1085 return 0; 1086 } 1087 1088 static int 1089 iwl_mld_scan_cmd_set_chan_params(struct iwl_mld *mld, 1090 struct iwl_mld_scan_params *params, 1091 struct ieee80211_vif *vif, 1092 struct iwl_scan_req_params_v17 *scan_p, 1093 bool low_latency, 1094 enum iwl_mld_scan_status scan_status, 1095 u32 channel_cfg_flags) 1096 { 1097 struct iwl_scan_channel_params_v7 *cp = &scan_p->channel_params; 1098 struct ieee80211_supported_band *sband = 1099 &mld->nvm_data->bands[NL80211_BAND_6GHZ]; 1100 1101 cp->n_aps_override[0] = IWL_SCAN_ADWELL_N_APS_GO_FRIENDLY; 1102 cp->n_aps_override[1] = IWL_SCAN_ADWELL_N_APS_SOCIAL_CHS; 1103 1104 if (IWL_MLD_ADAPTIVE_DWELL_NUM_APS_OVERRIDE) 1105 cp->n_aps_override[0] = IWL_MLD_ADAPTIVE_DWELL_NUM_APS_OVERRIDE; 1106 1107 if (params->scan_6ghz) 1108 return iwl_mld_scan_cmd_set_6ghz_chan_params(mld, params, 1109 vif, scan_p, 1110 scan_status); 1111 1112 /* relevant only for 2.4 GHz/5 GHz scan */ 1113 cp->flags = iwl_mld_scan_cmd_set_chan_flags(mld, params, vif, 1114 low_latency); 1115 cp->count = params->n_channels; 1116 1117 iwl_mld_scan_cmd_set_channels(mld, params->channels, cp, 1118 params->n_channels, channel_cfg_flags, 1119 vif->type); 1120 1121 if (!params->enable_6ghz_passive) 1122 return 0; 1123 1124 /* fill 6 GHz passive scan cfg */ 1125 for (int i = 0; i < sband->n_channels; i++) { 1126 struct ieee80211_channel *channel = 1127 &sband->channels[i]; 1128 struct iwl_scan_channel_cfg_umac *cfg = 1129 &cp->channel_config[cp->count]; 1130 1131 if (!cfg80211_channel_is_psc(channel)) 1132 continue; 1133 1134 cfg->channel_num = channel->hw_value; 1135 cfg->v5.iter_count = 1; 1136 cfg->v5.iter_interval = 0; 1137 cfg->v5.psd_20 = 1138 IEEE80211_RNR_TBTT_PARAMS_PSD_RESERVED; 1139 cfg->flags = cpu_to_le32(PHY_BAND_6 << 1140 IWL_CHAN_CFG_FLAGS_BAND_POS); 1141 cp->count++; 1142 } 1143 1144 return 0; 1145 } 1146 1147 static int 1148 iwl_mld_scan_build_cmd(struct iwl_mld *mld, struct ieee80211_vif *vif, 1149 struct iwl_mld_scan_params *params, 1150 enum iwl_mld_scan_status scan_status, 1151 bool low_latency) 1152 { 1153 struct iwl_scan_req_umac_v17 *cmd = mld->scan.cmd; 1154 struct iwl_scan_req_params_v17 *scan_p = &cmd->scan_params; 1155 u32 bitmap_ssid = 0; 1156 int uid, ret; 1157 1158 memset(mld->scan.cmd, 0, mld->scan.cmd_size); 1159 1160 /* find a free UID entry */ 1161 uid = iwl_mld_scan_uid_by_status(mld, IWL_MLD_SCAN_NONE); 1162 if (uid < 0) 1163 return uid; 1164 1165 cmd->uid = cpu_to_le32(uid); 1166 cmd->ooc_priority = 1167 cpu_to_le32(iwl_mld_scan_ooc_priority(scan_status)); 1168 1169 iwl_mld_scan_cmd_set_gen_params(mld, params, vif, 1170 &scan_p->general_params, scan_status); 1171 1172 ret = iwl_mld_scan_cmd_set_sched_params(params, 1173 scan_p->periodic_params.schedule, 1174 &scan_p->periodic_params.delay); 1175 if (ret) 1176 return ret; 1177 1178 iwl_mld_scan_cmd_set_probe_params(params, &scan_p->probe_params, 1179 &bitmap_ssid); 1180 1181 ret = iwl_mld_scan_cmd_set_chan_params(mld, params, vif, scan_p, 1182 low_latency, scan_status, 1183 bitmap_ssid); 1184 if (ret) 1185 return ret; 1186 1187 return uid; 1188 } 1189 1190 static bool 1191 iwl_mld_scan_pass_all(struct iwl_mld *mld, 1192 struct cfg80211_sched_scan_request *req) 1193 { 1194 if (req->n_match_sets && req->match_sets[0].ssid.ssid_len) { 1195 IWL_DEBUG_SCAN(mld, 1196 "Sending scheduled scan with filtering, n_match_sets %d\n", 1197 req->n_match_sets); 1198 mld->scan.pass_all_sched_res = SCHED_SCAN_PASS_ALL_STATE_DISABLED; 1199 return false; 1200 } 1201 1202 IWL_DEBUG_SCAN(mld, "Sending Scheduled scan without filtering\n"); 1203 mld->scan.pass_all_sched_res = SCHED_SCAN_PASS_ALL_STATE_ENABLED; 1204 1205 return true; 1206 } 1207 1208 static int 1209 iwl_mld_config_sched_scan_profiles(struct iwl_mld *mld, 1210 struct cfg80211_sched_scan_request *req) 1211 { 1212 struct iwl_host_cmd hcmd = { 1213 .id = SCAN_OFFLOAD_UPDATE_PROFILES_CMD, 1214 .dataflags[0] = IWL_HCMD_DFL_NOCOPY, 1215 }; 1216 struct iwl_scan_offload_profile *profile; 1217 struct iwl_scan_offload_profile_cfg_data *cfg_data; 1218 struct iwl_scan_offload_profile_cfg *profile_cfg; 1219 struct iwl_scan_offload_blocklist *blocklist; 1220 u32 blocklist_size = IWL_SCAN_MAX_BLACKLIST_LEN * sizeof(*blocklist); 1221 u32 cmd_size = blocklist_size + sizeof(*profile_cfg); 1222 u8 *cmd; 1223 int ret; 1224 1225 if (WARN_ON(req->n_match_sets > IWL_SCAN_MAX_PROFILES_V2)) 1226 return -EIO; 1227 1228 cmd = kzalloc(cmd_size, GFP_KERNEL); 1229 if (!cmd) 1230 return -ENOMEM; 1231 1232 hcmd.data[0] = cmd; 1233 hcmd.len[0] = cmd_size; 1234 1235 blocklist = (struct iwl_scan_offload_blocklist *)cmd; 1236 profile_cfg = (struct iwl_scan_offload_profile_cfg *)(cmd + blocklist_size); 1237 1238 /* No blocklist configuration */ 1239 cfg_data = &profile_cfg->data; 1240 cfg_data->num_profiles = req->n_match_sets; 1241 cfg_data->active_clients = SCAN_CLIENT_SCHED_SCAN; 1242 cfg_data->pass_match = SCAN_CLIENT_SCHED_SCAN; 1243 cfg_data->match_notify = SCAN_CLIENT_SCHED_SCAN; 1244 1245 if (!req->n_match_sets || !req->match_sets[0].ssid.ssid_len) 1246 cfg_data->any_beacon_notify = SCAN_CLIENT_SCHED_SCAN; 1247 1248 for (int i = 0; i < req->n_match_sets; i++) { 1249 profile = &profile_cfg->profiles[i]; 1250 1251 /* Support any cipher and auth algorithm */ 1252 profile->unicast_cipher = 0xff; 1253 profile->auth_alg = IWL_AUTH_ALGO_UNSUPPORTED | 1254 IWL_AUTH_ALGO_NONE | IWL_AUTH_ALGO_PSK | 1255 IWL_AUTH_ALGO_8021X | IWL_AUTH_ALGO_SAE | 1256 IWL_AUTH_ALGO_8021X_SHA384 | IWL_AUTH_ALGO_OWE; 1257 profile->network_type = IWL_NETWORK_TYPE_ANY; 1258 profile->band_selection = IWL_SCAN_OFFLOAD_SELECT_ANY; 1259 profile->client_bitmap = SCAN_CLIENT_SCHED_SCAN; 1260 profile->ssid_index = i; 1261 } 1262 1263 IWL_DEBUG_SCAN(mld, 1264 "Sending scheduled scan profile config (n_match_sets=%u)\n", 1265 req->n_match_sets); 1266 1267 ret = iwl_mld_send_cmd(mld, &hcmd); 1268 1269 kfree(cmd); 1270 1271 return ret; 1272 } 1273 1274 static int 1275 iwl_mld_sched_scan_handle_non_psc_channels(struct iwl_mld_scan_params *params, 1276 bool *non_psc_included) 1277 { 1278 int i, j; 1279 1280 *non_psc_included = false; 1281 /* for 6 GHZ band only PSC channels need to be added */ 1282 for (i = 0; i < params->n_channels; i++) { 1283 struct ieee80211_channel *channel = params->channels[i]; 1284 1285 if (channel->band == NL80211_BAND_6GHZ && 1286 !cfg80211_channel_is_psc(channel)) { 1287 *non_psc_included = true; 1288 break; 1289 } 1290 } 1291 1292 if (!*non_psc_included) 1293 return 0; 1294 1295 params->channels = 1296 kmemdup(params->channels, 1297 sizeof(params->channels[0]) * params->n_channels, 1298 GFP_KERNEL); 1299 if (!params->channels) 1300 return -ENOMEM; 1301 1302 for (i = j = 0; i < params->n_channels; i++) { 1303 if (params->channels[i]->band == NL80211_BAND_6GHZ && 1304 !cfg80211_channel_is_psc(params->channels[i])) 1305 continue; 1306 params->channels[j++] = params->channels[i]; 1307 } 1308 1309 params->n_channels = j; 1310 1311 return 0; 1312 } 1313 1314 static void 1315 iwl_mld_scan_6ghz_passive_scan(struct iwl_mld *mld, 1316 struct iwl_mld_scan_params *params, 1317 struct ieee80211_vif *vif) 1318 { 1319 struct ieee80211_supported_band *sband = 1320 &mld->nvm_data->bands[NL80211_BAND_6GHZ]; 1321 u32 n_disabled, i; 1322 1323 params->enable_6ghz_passive = false; 1324 1325 /* 6 GHz passive scan may be enabled in the first 2.4 GHz/5 GHz scan 1326 * phase to discover geo location if no AP's are found. Skip it when 1327 * we're in the 6 GHz scan phase. 1328 */ 1329 if (params->scan_6ghz) 1330 return; 1331 1332 /* 6 GHz passive scan allowed only on station interface */ 1333 if (vif->type != NL80211_IFTYPE_STATION) { 1334 IWL_DEBUG_SCAN(mld, 1335 "6GHz passive scan: not station interface\n"); 1336 return; 1337 } 1338 1339 /* 6 GHz passive scan is allowed in a defined time interval following 1340 * HW reset or resume flow, or while not associated and a large 1341 * interval has passed since the last 6 GHz passive scan. 1342 */ 1343 if ((vif->cfg.assoc || 1344 time_after(mld->scan.last_6ghz_passive_jiffies + 1345 (IWL_MLD_6GHZ_PASSIVE_SCAN_TIMEOUT * HZ), jiffies)) && 1346 (time_before(mld->scan.last_start_time_jiffies + 1347 (IWL_MLD_6GHZ_PASSIVE_SCAN_ASSOC_TIMEOUT * HZ), 1348 jiffies))) { 1349 IWL_DEBUG_SCAN(mld, "6GHz passive scan: %s\n", 1350 vif->cfg.assoc ? "associated" : 1351 "timeout did not expire"); 1352 return; 1353 } 1354 1355 /* not enough channels in the regular scan request */ 1356 if (params->n_channels < IWL_MLD_6GHZ_PASSIVE_SCAN_MIN_CHANS) { 1357 IWL_DEBUG_SCAN(mld, 1358 "6GHz passive scan: not enough channels %d\n", 1359 params->n_channels); 1360 return; 1361 } 1362 1363 for (i = 0; i < params->n_ssids; i++) { 1364 if (!params->ssids[i].ssid_len) 1365 break; 1366 } 1367 1368 /* not a wildcard scan, so cannot enable passive 6 GHz scan */ 1369 if (i == params->n_ssids) { 1370 IWL_DEBUG_SCAN(mld, 1371 "6GHz passive scan: no wildcard SSID\n"); 1372 return; 1373 } 1374 1375 if (!sband || !sband->n_channels) { 1376 IWL_DEBUG_SCAN(mld, 1377 "6GHz passive scan: no 6GHz channels\n"); 1378 return; 1379 } 1380 1381 for (i = 0, n_disabled = 0; i < sband->n_channels; i++) { 1382 if (sband->channels[i].flags & (IEEE80211_CHAN_DISABLED)) 1383 n_disabled++; 1384 } 1385 1386 /* Not all the 6 GHz channels are disabled, so no need for 6 GHz 1387 * passive scan 1388 */ 1389 if (n_disabled != sband->n_channels) { 1390 IWL_DEBUG_SCAN(mld, 1391 "6GHz passive scan: 6GHz channels enabled\n"); 1392 return; 1393 } 1394 1395 /* all conditions to enable 6 GHz passive scan are satisfied */ 1396 IWL_DEBUG_SCAN(mld, "6GHz passive scan: can be enabled\n"); 1397 params->enable_6ghz_passive = true; 1398 } 1399 1400 static void 1401 iwl_mld_scan_set_link_id(struct iwl_mld *mld, struct ieee80211_vif *vif, 1402 struct iwl_mld_scan_params *params, 1403 s8 tsf_report_link_id, 1404 enum iwl_mld_scan_status scan_status) 1405 { 1406 struct iwl_mld_vif *mld_vif = iwl_mld_vif_from_mac80211(vif); 1407 struct iwl_mld_link *link; 1408 1409 if (tsf_report_link_id < 0) { 1410 if (vif->active_links) 1411 tsf_report_link_id = __ffs(vif->active_links); 1412 else 1413 tsf_report_link_id = 0; 1414 } 1415 1416 link = iwl_mld_link_dereference_check(mld_vif, tsf_report_link_id); 1417 if (!WARN_ON(!link)) { 1418 params->fw_link_id = link->fw_id; 1419 /* we to store fw_link_id only for regular scan, 1420 * and use it in scan complete notif 1421 */ 1422 if (scan_status == IWL_MLD_SCAN_REGULAR) 1423 mld->scan.fw_link_id = link->fw_id; 1424 } else { 1425 mld->scan.fw_link_id = IWL_MLD_INVALID_FW_ID; 1426 params->fw_link_id = IWL_MLD_INVALID_FW_ID; 1427 } 1428 } 1429 1430 static int 1431 _iwl_mld_single_scan_start(struct iwl_mld *mld, struct ieee80211_vif *vif, 1432 struct cfg80211_scan_request *req, 1433 struct ieee80211_scan_ies *ies, 1434 enum iwl_mld_scan_status scan_status) 1435 { 1436 struct iwl_host_cmd hcmd = { 1437 .id = WIDE_ID(LONG_GROUP, SCAN_REQ_UMAC), 1438 .len = { mld->scan.cmd_size, }, 1439 .data = { mld->scan.cmd, }, 1440 .dataflags = { IWL_HCMD_DFL_NOCOPY, }, 1441 }; 1442 struct iwl_mld_scan_iter_data scan_iter_data = { 1443 .current_vif = vif, 1444 }; 1445 struct cfg80211_sched_scan_plan scan_plan = {.iterations = 1}; 1446 struct iwl_mld_scan_params params = {}; 1447 int ret, uid; 1448 1449 /* we should have failed registration if scan_cmd was NULL */ 1450 if (WARN_ON(!mld->scan.cmd)) 1451 return -ENOMEM; 1452 1453 if (!iwl_mld_scan_fits(mld, req->n_ssids, ies, req->n_channels)) 1454 return -ENOBUFS; 1455 1456 ieee80211_iterate_active_interfaces_mtx(mld->hw, 1457 IEEE80211_IFACE_ITER_NORMAL, 1458 iwl_mld_scan_iterator, 1459 &scan_iter_data); 1460 1461 params.type = iwl_mld_get_scan_type(mld, vif, &scan_iter_data); 1462 params.n_ssids = req->n_ssids; 1463 params.flags = req->flags; 1464 params.n_channels = req->n_channels; 1465 params.delay = 0; 1466 params.ssids = req->ssids; 1467 params.channels = req->channels; 1468 params.mac_addr = req->mac_addr; 1469 params.mac_addr_mask = req->mac_addr_mask; 1470 params.no_cck = req->no_cck; 1471 params.pass_all = true; 1472 params.n_match_sets = 0; 1473 params.match_sets = NULL; 1474 params.scan_plans = &scan_plan; 1475 params.n_scan_plans = 1; 1476 1477 params.n_6ghz_params = req->n_6ghz_params; 1478 params.scan_6ghz_params = req->scan_6ghz_params; 1479 params.scan_6ghz = req->scan_6ghz; 1480 1481 ether_addr_copy(params.bssid, req->bssid); 1482 /* TODO: CDB - per-band flag */ 1483 params.respect_p2p_go = 1484 iwl_mld_get_respect_p2p_go(mld, vif, 1485 scan_iter_data.global_low_latency); 1486 1487 if (req->duration) 1488 params.iter_notif = true; 1489 1490 iwl_mld_scan_set_link_id(mld, vif, ¶ms, req->tsf_report_link_id, 1491 scan_status); 1492 1493 iwl_mld_scan_build_probe_req(mld, vif, ies, ¶ms); 1494 1495 iwl_mld_scan_6ghz_passive_scan(mld, ¶ms, vif); 1496 1497 uid = iwl_mld_scan_build_cmd(mld, vif, ¶ms, scan_status, 1498 scan_iter_data.global_low_latency); 1499 if (uid < 0) 1500 return uid; 1501 1502 ret = iwl_mld_send_cmd(mld, &hcmd); 1503 if (ret) { 1504 IWL_ERR(mld, "Scan failed! ret %d\n", ret); 1505 return ret; 1506 } 1507 1508 IWL_DEBUG_SCAN(mld, "Scan request send success: status=%u, uid=%u\n", 1509 scan_status, uid); 1510 1511 mld->scan.uid_status[uid] = scan_status; 1512 mld->scan.status |= scan_status; 1513 1514 if (params.enable_6ghz_passive) 1515 mld->scan.last_6ghz_passive_jiffies = jiffies; 1516 1517 return 0; 1518 } 1519 1520 static int 1521 iwl_mld_scan_send_abort_cmd_status(struct iwl_mld *mld, int uid, u32 *status) 1522 { 1523 struct iwl_umac_scan_abort abort_cmd = { 1524 .uid = cpu_to_le32(uid), 1525 }; 1526 struct iwl_host_cmd cmd = { 1527 .id = WIDE_ID(LONG_GROUP, SCAN_ABORT_UMAC), 1528 .flags = CMD_WANT_SKB, 1529 .data = { &abort_cmd }, 1530 .len[0] = sizeof(abort_cmd), 1531 }; 1532 struct iwl_rx_packet *pkt; 1533 struct iwl_cmd_response *resp; 1534 u32 resp_len; 1535 int ret; 1536 1537 ret = iwl_mld_send_cmd(mld, &cmd); 1538 if (ret) 1539 return ret; 1540 1541 pkt = cmd.resp_pkt; 1542 1543 resp_len = iwl_rx_packet_payload_len(pkt); 1544 if (IWL_FW_CHECK(mld, resp_len != sizeof(*resp), 1545 "Scan Abort: unexpected response length %d\n", 1546 resp_len)) { 1547 ret = -EIO; 1548 goto out; 1549 } 1550 1551 resp = (void *)pkt->data; 1552 *status = le32_to_cpu(resp->status); 1553 1554 out: 1555 iwl_free_resp(&cmd); 1556 return ret; 1557 } 1558 1559 static int 1560 iwl_mld_scan_abort(struct iwl_mld *mld, int type, int uid, bool *wait) 1561 { 1562 enum iwl_umac_scan_abort_status status; 1563 int ret; 1564 1565 *wait = true; 1566 1567 IWL_DEBUG_SCAN(mld, "Sending scan abort, uid %u\n", uid); 1568 1569 ret = iwl_mld_scan_send_abort_cmd_status(mld, uid, &status); 1570 1571 IWL_DEBUG_SCAN(mld, "Scan abort: ret=%d status=%u\n", ret, status); 1572 1573 /* We don't need to wait to scan complete in the following cases: 1574 * 1. Driver failed to send the scan abort cmd. 1575 * 2. The FW is no longer familiar with the scan that needs to be 1576 * stopped. It is expected that the scan complete notification was 1577 * already received but not yet processed. 1578 * 1579 * In both cases the flow should continue similar to the case that the 1580 * scan was really aborted. 1581 */ 1582 if (ret || status == IWL_UMAC_SCAN_ABORT_STATUS_NOT_FOUND) 1583 *wait = false; 1584 1585 return ret; 1586 } 1587 1588 static int 1589 iwl_mld_scan_stop_wait(struct iwl_mld *mld, int type, int uid) 1590 { 1591 struct iwl_notification_wait wait_scan_done; 1592 static const u16 scan_comp_notif[] = { SCAN_COMPLETE_UMAC }; 1593 bool wait = true; 1594 int ret; 1595 1596 iwl_init_notification_wait(&mld->notif_wait, &wait_scan_done, 1597 scan_comp_notif, 1598 ARRAY_SIZE(scan_comp_notif), 1599 NULL, NULL); 1600 1601 IWL_DEBUG_SCAN(mld, "Preparing to stop scan, type=%x\n", type); 1602 1603 ret = iwl_mld_scan_abort(mld, type, uid, &wait); 1604 if (ret) { 1605 IWL_DEBUG_SCAN(mld, "couldn't stop scan type=%d\n", type); 1606 goto return_no_wait; 1607 } 1608 1609 if (!wait) { 1610 IWL_DEBUG_SCAN(mld, "no need to wait for scan type=%d\n", type); 1611 goto return_no_wait; 1612 } 1613 1614 return iwl_wait_notification(&mld->notif_wait, &wait_scan_done, HZ); 1615 1616 return_no_wait: 1617 iwl_remove_notification(&mld->notif_wait, &wait_scan_done); 1618 return ret; 1619 } 1620 1621 int iwl_mld_sched_scan_start(struct iwl_mld *mld, 1622 struct ieee80211_vif *vif, 1623 struct cfg80211_sched_scan_request *req, 1624 struct ieee80211_scan_ies *ies, 1625 int type) 1626 { 1627 struct iwl_host_cmd hcmd = { 1628 .id = WIDE_ID(LONG_GROUP, SCAN_REQ_UMAC), 1629 .len = { mld->scan.cmd_size, }, 1630 .data = { mld->scan.cmd, }, 1631 .dataflags = { IWL_HCMD_DFL_NOCOPY, }, 1632 }; 1633 struct iwl_mld_scan_params params = {}; 1634 struct iwl_mld_scan_iter_data scan_iter_data = { 1635 .current_vif = vif, 1636 }; 1637 bool non_psc_included = false; 1638 int ret, uid; 1639 1640 /* we should have failed registration if scan_cmd was NULL */ 1641 if (WARN_ON(!mld->scan.cmd)) 1642 return -ENOMEM; 1643 1644 /* FW supports only a single periodic scan */ 1645 if (mld->scan.status & (IWL_MLD_SCAN_SCHED | IWL_MLD_SCAN_NETDETECT)) 1646 return -EBUSY; 1647 1648 ieee80211_iterate_active_interfaces_mtx(mld->hw, 1649 IEEE80211_IFACE_ITER_NORMAL, 1650 iwl_mld_scan_iterator, 1651 &scan_iter_data); 1652 1653 params.type = iwl_mld_get_scan_type(mld, vif, &scan_iter_data); 1654 params.flags = req->flags; 1655 params.n_ssids = req->n_ssids; 1656 params.ssids = req->ssids; 1657 params.n_channels = req->n_channels; 1658 params.channels = req->channels; 1659 params.mac_addr = req->mac_addr; 1660 params.mac_addr_mask = req->mac_addr_mask; 1661 params.no_cck = false; 1662 params.pass_all = iwl_mld_scan_pass_all(mld, req); 1663 params.n_match_sets = req->n_match_sets; 1664 params.match_sets = req->match_sets; 1665 params.n_scan_plans = req->n_scan_plans; 1666 params.scan_plans = req->scan_plans; 1667 /* TODO: CDB - per-band flag */ 1668 params.respect_p2p_go = 1669 iwl_mld_get_respect_p2p_go(mld, vif, 1670 scan_iter_data.global_low_latency); 1671 1672 /* UMAC scan supports up to 16-bit delays, trim it down to 16-bits */ 1673 params.delay = req->delay > U16_MAX ? U16_MAX : req->delay; 1674 1675 eth_broadcast_addr(params.bssid); 1676 1677 ret = iwl_mld_config_sched_scan_profiles(mld, req); 1678 if (ret) 1679 return ret; 1680 1681 iwl_mld_scan_build_probe_req(mld, vif, ies, ¶ms); 1682 1683 ret = iwl_mld_sched_scan_handle_non_psc_channels(¶ms, 1684 &non_psc_included); 1685 if (ret) 1686 goto out; 1687 1688 if (!iwl_mld_scan_fits(mld, req->n_ssids, ies, params.n_channels)) { 1689 ret = -ENOBUFS; 1690 goto out; 1691 } 1692 1693 uid = iwl_mld_scan_build_cmd(mld, vif, ¶ms, type, 1694 scan_iter_data.global_low_latency); 1695 if (uid < 0) { 1696 ret = uid; 1697 goto out; 1698 } 1699 1700 ret = iwl_mld_send_cmd(mld, &hcmd); 1701 if (!ret) { 1702 IWL_DEBUG_SCAN(mld, 1703 "Sched scan request send success: type=%u, uid=%u\n", 1704 type, uid); 1705 mld->scan.uid_status[uid] = type; 1706 mld->scan.status |= type; 1707 } else { 1708 IWL_ERR(mld, "Sched scan failed! ret %d\n", ret); 1709 mld->scan.pass_all_sched_res = SCHED_SCAN_PASS_ALL_STATE_DISABLED; 1710 } 1711 1712 out: 1713 if (non_psc_included) 1714 kfree(params.channels); 1715 return ret; 1716 } 1717 1718 int iwl_mld_scan_stop(struct iwl_mld *mld, int type, bool notify) 1719 { 1720 int uid, ret; 1721 1722 IWL_DEBUG_SCAN(mld, 1723 "Request to stop scan: type=0x%x, status=0x%x\n", 1724 type, mld->scan.status); 1725 1726 if (!(mld->scan.status & type)) 1727 return 0; 1728 1729 uid = iwl_mld_scan_uid_by_status(mld, type); 1730 /* must be valid, we just checked it's running */ 1731 if (WARN_ON_ONCE(uid < 0)) 1732 return uid; 1733 1734 ret = iwl_mld_scan_stop_wait(mld, type, uid); 1735 if (ret) 1736 IWL_DEBUG_SCAN(mld, "Failed to stop scan\n"); 1737 1738 /* Clear the scan status so the next scan requests will 1739 * succeed and mark the scan as stopping, so that the Rx 1740 * handler doesn't do anything, as the scan was stopped from 1741 * above. Also remove the handler to not notify mac80211 1742 * erroneously after a new scan starts, for example. 1743 */ 1744 mld->scan.status &= ~type; 1745 mld->scan.uid_status[uid] = IWL_MLD_SCAN_NONE; 1746 iwl_mld_cancel_notifications_of_object(mld, IWL_MLD_OBJECT_TYPE_SCAN, 1747 uid); 1748 1749 if (type == IWL_MLD_SCAN_REGULAR) { 1750 if (notify) { 1751 struct cfg80211_scan_info info = { 1752 .aborted = true, 1753 }; 1754 1755 ieee80211_scan_completed(mld->hw, &info); 1756 } 1757 } else if (notify) { 1758 ieee80211_sched_scan_stopped(mld->hw); 1759 mld->scan.pass_all_sched_res = SCHED_SCAN_PASS_ALL_STATE_DISABLED; 1760 } 1761 1762 return ret; 1763 } 1764 1765 int iwl_mld_regular_scan_start(struct iwl_mld *mld, struct ieee80211_vif *vif, 1766 struct cfg80211_scan_request *req, 1767 struct ieee80211_scan_ies *ies) 1768 { 1769 /* Clear survey data when starting the first part of a regular scan */ 1770 if (req->first_part && mld->channel_survey) 1771 memset(mld->channel_survey->channels, 0, 1772 sizeof(mld->channel_survey->channels[0]) * 1773 mld->channel_survey->n_channels); 1774 1775 if (vif->type == NL80211_IFTYPE_P2P_DEVICE) 1776 iwl_mld_emlsr_block_tmp_non_bss(mld); 1777 1778 return _iwl_mld_single_scan_start(mld, vif, req, ies, 1779 IWL_MLD_SCAN_REGULAR); 1780 } 1781 1782 static void iwl_mld_int_mlo_scan_start(struct iwl_mld *mld, 1783 struct ieee80211_vif *vif, 1784 struct ieee80211_channel **channels, 1785 size_t n_channels) 1786 { 1787 struct cfg80211_scan_request *req __free(kfree) = NULL; 1788 struct ieee80211_scan_ies ies = {}; 1789 size_t size; 1790 int ret; 1791 1792 IWL_DEBUG_SCAN(mld, "Starting Internal MLO scan: n_channels=%zu\n", 1793 n_channels); 1794 1795 size = struct_size(req, channels, n_channels); 1796 req = kzalloc(size, GFP_KERNEL); 1797 if (!req) 1798 return; 1799 1800 /* set the requested channels */ 1801 for (int i = 0; i < n_channels; i++) 1802 req->channels[i] = channels[i]; 1803 1804 req->n_channels = n_channels; 1805 1806 /* set the rates */ 1807 for (int i = 0; i < NUM_NL80211_BANDS; i++) 1808 if (mld->wiphy->bands[i]) 1809 req->rates[i] = 1810 (1 << mld->wiphy->bands[i]->n_bitrates) - 1; 1811 1812 req->wdev = ieee80211_vif_to_wdev(vif); 1813 req->wiphy = mld->wiphy; 1814 req->scan_start = jiffies; 1815 req->tsf_report_link_id = -1; 1816 1817 ret = _iwl_mld_single_scan_start(mld, vif, req, &ies, 1818 IWL_MLD_SCAN_INT_MLO); 1819 1820 if (!ret) 1821 mld->scan.last_mlo_scan_time = ktime_get_boottime_ns(); 1822 1823 IWL_DEBUG_SCAN(mld, "Internal MLO scan: ret=%d\n", ret); 1824 } 1825 1826 #define IWL_MLD_MLO_SCAN_BLOCKOUT_TIME 5 /* seconds */ 1827 1828 void iwl_mld_int_mlo_scan(struct iwl_mld *mld, struct ieee80211_vif *vif) 1829 { 1830 struct ieee80211_channel *channels[IEEE80211_MLD_MAX_NUM_LINKS]; 1831 struct iwl_mld_vif *mld_vif = iwl_mld_vif_from_mac80211(vif); 1832 unsigned long usable_links = ieee80211_vif_usable_links(vif); 1833 size_t n_channels = 0; 1834 u8 link_id; 1835 1836 lockdep_assert_wiphy(mld->wiphy); 1837 1838 if (!IWL_MLD_AUTO_EML_ENABLE || !vif->cfg.assoc || 1839 !ieee80211_vif_is_mld(vif) || hweight16(vif->valid_links) == 1) 1840 return; 1841 1842 if (mld->scan.status & IWL_MLD_SCAN_INT_MLO) { 1843 IWL_DEBUG_SCAN(mld, "Internal MLO scan is already running\n"); 1844 return; 1845 } 1846 1847 if (mld_vif->last_link_activation_time > ktime_get_boottime_seconds() - 1848 IWL_MLD_MLO_SCAN_BLOCKOUT_TIME) { 1849 /* timing doesn't matter much, so use the blockout time */ 1850 wiphy_delayed_work_queue(mld->wiphy, 1851 &mld_vif->mlo_scan_start_wk, 1852 IWL_MLD_MLO_SCAN_BLOCKOUT_TIME); 1853 return; 1854 } 1855 1856 for_each_set_bit(link_id, &usable_links, IEEE80211_MLD_MAX_NUM_LINKS) { 1857 struct ieee80211_bss_conf *link_conf = 1858 link_conf_dereference_check(vif, link_id); 1859 1860 if (WARN_ON_ONCE(!link_conf)) 1861 continue; 1862 1863 channels[n_channels++] = link_conf->chanreq.oper.chan; 1864 } 1865 1866 if (!n_channels) 1867 return; 1868 1869 iwl_mld_int_mlo_scan_start(mld, vif, channels, n_channels); 1870 } 1871 1872 void iwl_mld_handle_scan_iter_complete_notif(struct iwl_mld *mld, 1873 struct iwl_rx_packet *pkt) 1874 { 1875 struct iwl_umac_scan_iter_complete_notif *notif = (void *)pkt->data; 1876 u32 uid = __le32_to_cpu(notif->uid); 1877 1878 if (IWL_FW_CHECK(mld, uid >= ARRAY_SIZE(mld->scan.uid_status), 1879 "FW reports out-of-range scan UID %d\n", uid)) 1880 return; 1881 1882 if (mld->scan.uid_status[uid] == IWL_MLD_SCAN_REGULAR) 1883 mld->scan.start_tsf = le64_to_cpu(notif->start_tsf); 1884 1885 IWL_DEBUG_SCAN(mld, 1886 "UMAC Scan iteration complete: status=0x%x scanned_channels=%d\n", 1887 notif->status, notif->scanned_channels); 1888 1889 if (mld->scan.pass_all_sched_res == SCHED_SCAN_PASS_ALL_STATE_FOUND) { 1890 IWL_DEBUG_SCAN(mld, "Pass all scheduled scan results found\n"); 1891 ieee80211_sched_scan_results(mld->hw); 1892 mld->scan.pass_all_sched_res = SCHED_SCAN_PASS_ALL_STATE_ENABLED; 1893 } 1894 1895 IWL_DEBUG_SCAN(mld, 1896 "UMAC Scan iteration complete: scan started at %llu (TSF)\n", 1897 le64_to_cpu(notif->start_tsf)); 1898 } 1899 1900 void iwl_mld_handle_match_found_notif(struct iwl_mld *mld, 1901 struct iwl_rx_packet *pkt) 1902 { 1903 IWL_DEBUG_SCAN(mld, "Scheduled scan results\n"); 1904 ieee80211_sched_scan_results(mld->hw); 1905 } 1906 1907 void iwl_mld_handle_scan_complete_notif(struct iwl_mld *mld, 1908 struct iwl_rx_packet *pkt) 1909 { 1910 struct iwl_umac_scan_complete *notif = (void *)pkt->data; 1911 bool aborted = (notif->status == IWL_SCAN_OFFLOAD_ABORTED); 1912 u32 uid = __le32_to_cpu(notif->uid); 1913 1914 if (IWL_FW_CHECK(mld, uid >= ARRAY_SIZE(mld->scan.uid_status), 1915 "FW reports out-of-range scan UID %d\n", uid)) 1916 return; 1917 1918 IWL_DEBUG_SCAN(mld, 1919 "Scan completed: uid=%u type=%u, status=%s, EBS=%s\n", 1920 uid, mld->scan.uid_status[uid], 1921 notif->status == IWL_SCAN_OFFLOAD_COMPLETED ? 1922 "completed" : "aborted", 1923 iwl_mld_scan_ebs_status_str(notif->ebs_status)); 1924 IWL_DEBUG_SCAN(mld, "Scan completed: scan_status=0x%x\n", 1925 mld->scan.status); 1926 IWL_DEBUG_SCAN(mld, 1927 "Scan completed: line=%u, iter=%u, elapsed time=%u\n", 1928 notif->last_schedule, notif->last_iter, 1929 __le32_to_cpu(notif->time_from_last_iter)); 1930 1931 if (IWL_FW_CHECK(mld, !(mld->scan.uid_status[uid] & mld->scan.status), 1932 "FW reports scan UID %d we didn't trigger\n", uid)) 1933 return; 1934 1935 /* if the scan is already stopping, we don't need to notify mac80211 */ 1936 if (mld->scan.uid_status[uid] == IWL_MLD_SCAN_REGULAR) { 1937 struct cfg80211_scan_info info = { 1938 .aborted = aborted, 1939 .scan_start_tsf = mld->scan.start_tsf, 1940 }; 1941 int fw_link_id = mld->scan.fw_link_id; 1942 struct ieee80211_bss_conf *link_conf = NULL; 1943 1944 if (fw_link_id != IWL_MLD_INVALID_FW_ID) 1945 link_conf = 1946 wiphy_dereference(mld->wiphy, 1947 mld->fw_id_to_bss_conf[fw_link_id]); 1948 1949 /* It is possible that by the time the scan is complete the 1950 * link was already removed and is not valid. 1951 */ 1952 if (link_conf) 1953 ether_addr_copy(info.tsf_bssid, link_conf->bssid); 1954 else 1955 IWL_DEBUG_SCAN(mld, "Scan link is no longer valid\n"); 1956 1957 ieee80211_scan_completed(mld->hw, &info); 1958 1959 /* Scan is over, we can check again the tpt counters */ 1960 iwl_mld_stop_ignoring_tpt_updates(mld); 1961 } else if (mld->scan.uid_status[uid] == IWL_MLD_SCAN_SCHED) { 1962 ieee80211_sched_scan_stopped(mld->hw); 1963 mld->scan.pass_all_sched_res = SCHED_SCAN_PASS_ALL_STATE_DISABLED; 1964 } else if (mld->scan.uid_status[uid] == IWL_MLD_SCAN_INT_MLO) { 1965 IWL_DEBUG_SCAN(mld, "Internal MLO scan completed\n"); 1966 1967 /* 1968 * We limit link selection to internal MLO scans as otherwise 1969 * we do not know whether all channels were covered. 1970 */ 1971 iwl_mld_select_links(mld); 1972 } 1973 1974 mld->scan.status &= ~mld->scan.uid_status[uid]; 1975 1976 IWL_DEBUG_SCAN(mld, "Scan completed: after update: scan_status=0x%x\n", 1977 mld->scan.status); 1978 1979 mld->scan.uid_status[uid] = IWL_MLD_SCAN_NONE; 1980 1981 if (notif->ebs_status != IWL_SCAN_EBS_SUCCESS && 1982 notif->ebs_status != IWL_SCAN_EBS_INACTIVE) 1983 mld->scan.last_ebs_failed = true; 1984 } 1985 1986 /* This function is used in nic restart flow, to inform mac80211 about scans 1987 * that were aborted by restart flow or by an assert. 1988 */ 1989 void iwl_mld_report_scan_aborted(struct iwl_mld *mld) 1990 { 1991 int uid; 1992 1993 uid = iwl_mld_scan_uid_by_status(mld, IWL_MLD_SCAN_REGULAR); 1994 if (uid >= 0) { 1995 struct cfg80211_scan_info info = { 1996 .aborted = true, 1997 }; 1998 1999 ieee80211_scan_completed(mld->hw, &info); 2000 mld->scan.uid_status[uid] = IWL_MLD_SCAN_NONE; 2001 } 2002 2003 uid = iwl_mld_scan_uid_by_status(mld, IWL_MLD_SCAN_SCHED); 2004 if (uid >= 0) { 2005 mld->scan.pass_all_sched_res = SCHED_SCAN_PASS_ALL_STATE_DISABLED; 2006 mld->scan.uid_status[uid] = IWL_MLD_SCAN_NONE; 2007 2008 /* sched scan will be restarted by mac80211 in reconfig. 2009 * report to mac80211 that sched scan stopped only if we won't 2010 * restart the firmware. 2011 */ 2012 if (!iwlwifi_mod_params.fw_restart) 2013 ieee80211_sched_scan_stopped(mld->hw); 2014 } 2015 2016 uid = iwl_mld_scan_uid_by_status(mld, IWL_MLD_SCAN_INT_MLO); 2017 if (uid >= 0) { 2018 IWL_DEBUG_SCAN(mld, "Internal MLO scan aborted\n"); 2019 mld->scan.uid_status[uid] = IWL_MLD_SCAN_NONE; 2020 } 2021 2022 BUILD_BUG_ON(IWL_MLD_SCAN_NONE != 0); 2023 memset(mld->scan.uid_status, 0, sizeof(mld->scan.uid_status)); 2024 } 2025 2026 int iwl_mld_alloc_scan_cmd(struct iwl_mld *mld) 2027 { 2028 u8 scan_cmd_ver = iwl_fw_lookup_cmd_ver(mld->fw, SCAN_REQ_UMAC, 2029 IWL_FW_CMD_VER_UNKNOWN); 2030 size_t scan_cmd_size; 2031 2032 if (scan_cmd_ver == 17) { 2033 scan_cmd_size = sizeof(struct iwl_scan_req_umac_v17); 2034 } else { 2035 IWL_ERR(mld, "Unexpected scan cmd version %d\n", scan_cmd_ver); 2036 return -EINVAL; 2037 } 2038 2039 mld->scan.cmd = kmalloc(scan_cmd_size, GFP_KERNEL); 2040 if (!mld->scan.cmd) 2041 return -ENOMEM; 2042 2043 mld->scan.cmd_size = scan_cmd_size; 2044 2045 return 0; 2046 } 2047 2048 static int iwl_mld_chanidx_from_phy(struct iwl_mld *mld, 2049 enum nl80211_band band, 2050 u16 phy_chan_num) 2051 { 2052 struct ieee80211_supported_band *sband = mld->wiphy->bands[band]; 2053 2054 if (WARN_ON_ONCE(!sband)) 2055 return -EINVAL; 2056 2057 for (int chan_idx = 0; chan_idx < sband->n_channels; chan_idx++) { 2058 struct ieee80211_channel *channel = &sband->channels[chan_idx]; 2059 2060 if (channel->hw_value == phy_chan_num) 2061 return chan_idx; 2062 } 2063 2064 return -EINVAL; 2065 } 2066 2067 void iwl_mld_handle_channel_survey_notif(struct iwl_mld *mld, 2068 struct iwl_rx_packet *pkt) 2069 { 2070 const struct iwl_umac_scan_channel_survey_notif *notif = 2071 (void *)pkt->data; 2072 struct iwl_mld_survey_channel *info; 2073 enum nl80211_band band; 2074 int chan_idx; 2075 2076 if (!mld->channel_survey) { 2077 size_t n_channels = 0; 2078 2079 for (band = 0; band < NUM_NL80211_BANDS; band++) { 2080 if (!mld->wiphy->bands[band]) 2081 continue; 2082 2083 n_channels += mld->wiphy->bands[band]->n_channels; 2084 } 2085 2086 mld->channel_survey = kzalloc(struct_size(mld->channel_survey, 2087 channels, n_channels), 2088 GFP_KERNEL); 2089 2090 if (!mld->channel_survey) 2091 return; 2092 2093 mld->channel_survey->n_channels = n_channels; 2094 n_channels = 0; 2095 for (band = 0; band < NUM_NL80211_BANDS; band++) { 2096 if (!mld->wiphy->bands[band]) 2097 continue; 2098 2099 mld->channel_survey->bands[band] = 2100 &mld->channel_survey->channels[n_channels]; 2101 n_channels += mld->wiphy->bands[band]->n_channels; 2102 } 2103 } 2104 2105 band = iwl_mld_phy_band_to_nl80211(le32_to_cpu(notif->band)); 2106 chan_idx = iwl_mld_chanidx_from_phy(mld, band, 2107 le32_to_cpu(notif->channel)); 2108 if (WARN_ON_ONCE(chan_idx < 0)) 2109 return; 2110 2111 IWL_DEBUG_SCAN(mld, "channel survey received for freq %d\n", 2112 mld->wiphy->bands[band]->channels[chan_idx].center_freq); 2113 2114 info = &mld->channel_survey->bands[band][chan_idx]; 2115 2116 /* Times are all in ms */ 2117 info->time = le32_to_cpu(notif->active_time); 2118 info->time_busy = le32_to_cpu(notif->busy_time); 2119 info->noise = 2120 iwl_average_neg_dbm(notif->noise, ARRAY_SIZE(notif->noise)); 2121 } 2122 2123 int iwl_mld_mac80211_get_survey(struct ieee80211_hw *hw, int idx, 2124 struct survey_info *survey) 2125 { 2126 struct iwl_mld *mld = IWL_MAC80211_GET_MLD(hw); 2127 int curr_idx = 0; 2128 2129 if (!mld->channel_survey) 2130 return -ENOENT; 2131 2132 /* Iterate bands/channels to find the requested index. 2133 * Logically this returns the entry with index "idx" from a flattened 2134 * survey result array that only contains channels with information. 2135 * The current index into this flattened array is tracked in curr_idx. 2136 */ 2137 for (enum nl80211_band band = 0; band < NUM_NL80211_BANDS; band++) { 2138 struct ieee80211_supported_band *sband = 2139 mld->wiphy->bands[band]; 2140 2141 if (!sband) 2142 continue; 2143 2144 for (int per_band_idx = 0; 2145 per_band_idx < sband->n_channels; 2146 per_band_idx++) { 2147 struct iwl_mld_survey_channel *info = 2148 &mld->channel_survey->bands[band][per_band_idx]; 2149 2150 /* Skip entry entirely, it was not reported/scanned, 2151 * do not increase curr_idx for this entry. 2152 */ 2153 if (!info->time) 2154 continue; 2155 2156 /* Search did not reach the requested entry yet, 2157 * increment curr_idx and continue. 2158 */ 2159 if (idx != curr_idx) { 2160 curr_idx++; 2161 continue; 2162 } 2163 2164 /* Found (the next) channel to report */ 2165 survey->channel = &sband->channels[per_band_idx]; 2166 survey->filled = SURVEY_INFO_TIME | 2167 SURVEY_INFO_TIME_BUSY; 2168 survey->time = info->time; 2169 survey->time_busy = info->time_busy; 2170 survey->noise = info->noise; 2171 if (survey->noise < 0) 2172 survey->filled |= SURVEY_INFO_NOISE_DBM; 2173 2174 return 0; 2175 } 2176 } 2177 2178 return -ENOENT; 2179 } 2180