1 // SPDX-License-Identifier: GPL-2.0 OR BSD-3-Clause 2 /* 3 * Copyright (C) 2012-2014, 2018-2024 Intel Corporation 4 * Copyright (C) 2013-2015 Intel Mobile Communications GmbH 5 * Copyright (C) 2017 Intel Deutschland GmbH 6 */ 7 #include <linux/jiffies.h> 8 #include <net/mac80211.h> 9 10 #include "fw/notif-wait.h" 11 #include "iwl-trans.h" 12 #include "fw-api.h" 13 #include "time-event.h" 14 #include "mvm.h" 15 #include "iwl-io.h" 16 #include "iwl-prph.h" 17 18 /* 19 * For the high priority TE use a time event type that has similar priority to 20 * the FW's action scan priority. 21 */ 22 #define IWL_MVM_ROC_TE_TYPE_NORMAL TE_P2P_DEVICE_DISCOVERABLE 23 #define IWL_MVM_ROC_TE_TYPE_MGMT_TX TE_P2P_CLIENT_ASSOC 24 25 void iwl_mvm_te_clear_data(struct iwl_mvm *mvm, 26 struct iwl_mvm_time_event_data *te_data) 27 { 28 lockdep_assert_held(&mvm->time_event_lock); 29 30 if (!te_data || !te_data->vif) 31 return; 32 33 list_del(&te_data->list); 34 35 /* 36 * the list is only used for AUX ROC events so make sure it is always 37 * initialized 38 */ 39 INIT_LIST_HEAD(&te_data->list); 40 41 te_data->running = false; 42 te_data->uid = 0; 43 te_data->id = TE_MAX; 44 te_data->vif = NULL; 45 te_data->link_id = -1; 46 } 47 48 static void iwl_mvm_cleanup_roc(struct iwl_mvm *mvm) 49 { 50 struct ieee80211_vif *bss_vif = iwl_mvm_get_bss_vif(mvm); 51 struct ieee80211_vif *vif = mvm->p2p_device_vif; 52 53 lockdep_assert_held(&mvm->mutex); 54 55 /* 56 * Clear the ROC_P2P_RUNNING status bit. 57 * This will cause the TX path to drop offchannel transmissions. 58 * That would also be done by mac80211, but it is racy, in particular 59 * in the case that the time event actually completed in the firmware. 60 * 61 * Also flush the offchannel queue -- this is called when the time 62 * event finishes or is canceled, so that frames queued for it 63 * won't get stuck on the queue and be transmitted in the next 64 * time event. 65 */ 66 if (test_and_clear_bit(IWL_MVM_STATUS_ROC_P2P_RUNNING, &mvm->status)) { 67 struct iwl_mvm_vif *mvmvif; 68 69 synchronize_net(); 70 71 /* 72 * NB: access to this pointer would be racy, but the flush bit 73 * can only be set when we had a P2P-Device VIF, and we have a 74 * flush of this work in iwl_mvm_prepare_mac_removal() so it's 75 * not really racy. 76 */ 77 78 if (!WARN_ON(!vif)) { 79 mvmvif = iwl_mvm_vif_from_mac80211(vif); 80 iwl_mvm_flush_sta(mvm, mvmvif->deflink.bcast_sta.sta_id, 81 mvmvif->deflink.bcast_sta.tfd_queue_msk); 82 83 if (mvm->mld_api_is_used) { 84 iwl_mvm_mld_rm_bcast_sta(mvm, vif, 85 &vif->bss_conf); 86 87 iwl_mvm_link_changed(mvm, vif, &vif->bss_conf, 88 LINK_CONTEXT_MODIFY_ACTIVE, 89 false); 90 } else { 91 iwl_mvm_rm_p2p_bcast_sta(mvm, vif); 92 iwl_mvm_binding_remove_vif(mvm, vif); 93 } 94 95 /* Do not remove the PHY context as removing and adding 96 * a PHY context has timing overheads. Leaving it 97 * configured in FW would be useful in case the next ROC 98 * is with the same channel. 99 */ 100 } 101 } 102 103 /* 104 * P2P AUX ROC and HS2.0 ROC do not run simultaneously. 105 * Clear the ROC_AUX_RUNNING status bit. 106 * This will cause the TX path to drop offchannel transmissions. 107 * That would also be done by mac80211, but it is racy, in particular 108 * in the case that the time event actually completed in the firmware 109 * (which is handled in iwl_mvm_te_handle_notif). 110 */ 111 if (test_and_clear_bit(IWL_MVM_STATUS_ROC_AUX_RUNNING, &mvm->status)) { 112 synchronize_net(); 113 114 iwl_mvm_flush_sta(mvm, mvm->aux_sta.sta_id, 115 mvm->aux_sta.tfd_queue_msk); 116 117 if (mvm->mld_api_is_used) { 118 iwl_mvm_mld_rm_aux_sta(mvm); 119 mutex_unlock(&mvm->mutex); 120 return; 121 } 122 123 /* In newer version of this command an aux station is added only 124 * in cases of dedicated tx queue and need to be removed in end 125 * of use */ 126 if (iwl_mvm_has_new_station_api(mvm->fw)) 127 iwl_mvm_rm_aux_sta(mvm); 128 } 129 130 if (!IS_ERR_OR_NULL(bss_vif)) 131 iwl_mvm_unblock_esr(mvm, bss_vif, IWL_MVM_ESR_BLOCKED_ROC); 132 mutex_unlock(&mvm->mutex); 133 } 134 135 void iwl_mvm_roc_done_wk(struct work_struct *wk) 136 { 137 struct iwl_mvm *mvm = container_of(wk, struct iwl_mvm, roc_done_wk); 138 139 mutex_lock(&mvm->mutex); 140 /* Mutex is released inside */ 141 iwl_mvm_cleanup_roc(mvm); 142 } 143 144 static void iwl_mvm_roc_finished(struct iwl_mvm *mvm) 145 { 146 /* 147 * Of course, our status bit is just as racy as mac80211, so in 148 * addition, fire off the work struct which will drop all frames 149 * from the hardware queues that made it through the race. First 150 * it will of course synchronize the TX path to make sure that 151 * any *new* TX will be rejected. 152 */ 153 schedule_work(&mvm->roc_done_wk); 154 } 155 156 static void iwl_mvm_csa_noa_start(struct iwl_mvm *mvm) 157 { 158 struct ieee80211_vif *csa_vif; 159 160 rcu_read_lock(); 161 162 csa_vif = rcu_dereference(mvm->csa_vif); 163 if (!csa_vif || !csa_vif->bss_conf.csa_active) 164 goto out_unlock; 165 166 IWL_DEBUG_TE(mvm, "CSA NOA started\n"); 167 168 /* 169 * CSA NoA is started but we still have beacons to 170 * transmit on the current channel. 171 * So we just do nothing here and the switch 172 * will be performed on the last TBTT. 173 */ 174 if (!ieee80211_beacon_cntdwn_is_complete(csa_vif, 0)) { 175 IWL_WARN(mvm, "CSA NOA started too early\n"); 176 goto out_unlock; 177 } 178 179 ieee80211_csa_finish(csa_vif, 0); 180 181 rcu_read_unlock(); 182 183 RCU_INIT_POINTER(mvm->csa_vif, NULL); 184 185 return; 186 187 out_unlock: 188 rcu_read_unlock(); 189 } 190 191 static bool iwl_mvm_te_check_disconnect(struct iwl_mvm *mvm, 192 struct ieee80211_vif *vif, 193 const char *errmsg) 194 { 195 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 196 197 if (vif->type != NL80211_IFTYPE_STATION) 198 return false; 199 200 if (!mvmvif->csa_bcn_pending && vif->cfg.assoc && 201 vif->bss_conf.dtim_period) 202 return false; 203 if (errmsg) 204 IWL_ERR(mvm, "%s\n", errmsg); 205 206 if (mvmvif->csa_bcn_pending) { 207 struct iwl_mvm_sta *mvmsta; 208 209 rcu_read_lock(); 210 mvmsta = iwl_mvm_sta_from_staid_rcu(mvm, 211 mvmvif->deflink.ap_sta_id); 212 if (!WARN_ON(!mvmsta)) 213 iwl_mvm_sta_modify_disable_tx(mvm, mvmsta, false); 214 rcu_read_unlock(); 215 } 216 217 if (vif->cfg.assoc) { 218 /* 219 * When not associated, this will be called from 220 * iwl_mvm_event_mlme_callback_ini() 221 */ 222 iwl_dbg_tlv_time_point(&mvm->fwrt, 223 IWL_FW_INI_TIME_POINT_ASSOC_FAILED, 224 NULL); 225 } 226 227 iwl_mvm_connection_loss(mvm, vif, errmsg); 228 return true; 229 } 230 231 static void 232 iwl_mvm_te_handle_notify_csa(struct iwl_mvm *mvm, 233 struct iwl_mvm_time_event_data *te_data, 234 struct iwl_time_event_notif *notif) 235 { 236 struct ieee80211_vif *vif = te_data->vif; 237 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 238 239 if (!notif->status) 240 IWL_DEBUG_TE(mvm, "CSA time event failed to start\n"); 241 242 switch (te_data->vif->type) { 243 case NL80211_IFTYPE_AP: 244 if (!notif->status) 245 mvmvif->csa_failed = true; 246 iwl_mvm_csa_noa_start(mvm); 247 break; 248 case NL80211_IFTYPE_STATION: 249 if (!notif->status) { 250 iwl_mvm_connection_loss(mvm, vif, 251 "CSA TE failed to start"); 252 break; 253 } 254 iwl_mvm_csa_client_absent(mvm, te_data->vif); 255 cancel_delayed_work(&mvmvif->csa_work); 256 ieee80211_chswitch_done(te_data->vif, true, 0); 257 break; 258 default: 259 /* should never happen */ 260 WARN_ON_ONCE(1); 261 break; 262 } 263 264 /* we don't need it anymore */ 265 iwl_mvm_te_clear_data(mvm, te_data); 266 } 267 268 static void iwl_mvm_te_check_trigger(struct iwl_mvm *mvm, 269 struct iwl_time_event_notif *notif, 270 struct iwl_mvm_time_event_data *te_data) 271 { 272 struct iwl_fw_dbg_trigger_tlv *trig; 273 struct iwl_fw_dbg_trigger_time_event *te_trig; 274 int i; 275 276 trig = iwl_fw_dbg_trigger_on(&mvm->fwrt, 277 ieee80211_vif_to_wdev(te_data->vif), 278 FW_DBG_TRIGGER_TIME_EVENT); 279 if (!trig) 280 return; 281 282 te_trig = (void *)trig->data; 283 284 for (i = 0; i < ARRAY_SIZE(te_trig->time_events); i++) { 285 u32 trig_te_id = le32_to_cpu(te_trig->time_events[i].id); 286 u32 trig_action_bitmap = 287 le32_to_cpu(te_trig->time_events[i].action_bitmap); 288 u32 trig_status_bitmap = 289 le32_to_cpu(te_trig->time_events[i].status_bitmap); 290 291 if (trig_te_id != te_data->id || 292 !(trig_action_bitmap & le32_to_cpu(notif->action)) || 293 !(trig_status_bitmap & BIT(le32_to_cpu(notif->status)))) 294 continue; 295 296 iwl_fw_dbg_collect_trig(&mvm->fwrt, trig, 297 "Time event %d Action 0x%x received status: %d", 298 te_data->id, 299 le32_to_cpu(notif->action), 300 le32_to_cpu(notif->status)); 301 break; 302 } 303 } 304 305 /* 306 * Handles a FW notification for an event that is known to the driver. 307 * 308 * @mvm: the mvm component 309 * @te_data: the time event data 310 * @notif: the notification data corresponding the time event data. 311 */ 312 static void iwl_mvm_te_handle_notif(struct iwl_mvm *mvm, 313 struct iwl_mvm_time_event_data *te_data, 314 struct iwl_time_event_notif *notif) 315 { 316 lockdep_assert_held(&mvm->time_event_lock); 317 318 IWL_DEBUG_TE(mvm, "Handle time event notif - UID = 0x%x action %d\n", 319 le32_to_cpu(notif->unique_id), 320 le32_to_cpu(notif->action)); 321 322 iwl_mvm_te_check_trigger(mvm, notif, te_data); 323 324 /* 325 * The FW sends the start/end time event notifications even for events 326 * that it fails to schedule. This is indicated in the status field of 327 * the notification. This happens in cases that the scheduler cannot 328 * find a schedule that can handle the event (for example requesting a 329 * P2P Device discoveribility, while there are other higher priority 330 * events in the system). 331 */ 332 if (!le32_to_cpu(notif->status)) { 333 const char *msg; 334 335 if (notif->action & cpu_to_le32(TE_V2_NOTIF_HOST_EVENT_START)) 336 msg = "Time Event start notification failure"; 337 else 338 msg = "Time Event end notification failure"; 339 340 IWL_DEBUG_TE(mvm, "%s\n", msg); 341 342 if (iwl_mvm_te_check_disconnect(mvm, te_data->vif, msg)) { 343 iwl_mvm_te_clear_data(mvm, te_data); 344 return; 345 } 346 } 347 348 if (le32_to_cpu(notif->action) & TE_V2_NOTIF_HOST_EVENT_END) { 349 IWL_DEBUG_TE(mvm, 350 "TE ended - current time %lu, estimated end %lu\n", 351 jiffies, te_data->end_jiffies); 352 353 switch (te_data->vif->type) { 354 case NL80211_IFTYPE_P2P_DEVICE: 355 ieee80211_remain_on_channel_expired(mvm->hw); 356 iwl_mvm_roc_finished(mvm); 357 break; 358 case NL80211_IFTYPE_STATION: 359 /* 360 * If we are switching channel, don't disconnect 361 * if the time event is already done. Beacons can 362 * be delayed a bit after the switch. 363 */ 364 if (te_data->id == TE_CHANNEL_SWITCH_PERIOD) { 365 IWL_DEBUG_TE(mvm, 366 "No beacon heard and the CS time event is over, don't disconnect\n"); 367 break; 368 } 369 370 /* 371 * By now, we should have finished association 372 * and know the dtim period. 373 */ 374 iwl_mvm_te_check_disconnect(mvm, te_data->vif, 375 !te_data->vif->cfg.assoc ? 376 "Not associated and the time event is over already..." : 377 "No beacon heard and the time event is over already..."); 378 break; 379 default: 380 break; 381 } 382 383 iwl_mvm_te_clear_data(mvm, te_data); 384 } else if (le32_to_cpu(notif->action) & TE_V2_NOTIF_HOST_EVENT_START) { 385 te_data->running = true; 386 te_data->end_jiffies = TU_TO_EXP_TIME(te_data->duration); 387 388 if (te_data->vif->type == NL80211_IFTYPE_P2P_DEVICE) { 389 set_bit(IWL_MVM_STATUS_ROC_P2P_RUNNING, &mvm->status); 390 ieee80211_ready_on_channel(mvm->hw); 391 } else if (te_data->id == TE_CHANNEL_SWITCH_PERIOD) { 392 iwl_mvm_te_handle_notify_csa(mvm, te_data, notif); 393 } 394 } else { 395 IWL_WARN(mvm, "Got TE with unknown action\n"); 396 } 397 } 398 399 struct iwl_mvm_rx_roc_iterator_data { 400 u32 activity; 401 bool end_activity; 402 bool found; 403 }; 404 405 static void iwl_mvm_rx_roc_iterator(void *_data, u8 *mac, 406 struct ieee80211_vif *vif) 407 { 408 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 409 struct iwl_mvm_rx_roc_iterator_data *data = _data; 410 411 if (mvmvif->roc_activity == data->activity) { 412 data->found = true; 413 if (data->end_activity) 414 mvmvif->roc_activity = ROC_NUM_ACTIVITIES; 415 } 416 } 417 418 void iwl_mvm_rx_roc_notif(struct iwl_mvm *mvm, 419 struct iwl_rx_cmd_buffer *rxb) 420 { 421 struct iwl_rx_packet *pkt = rxb_addr(rxb); 422 struct iwl_roc_notif *notif = (void *)pkt->data; 423 u32 activity = le32_to_cpu(notif->activity); 424 bool started = le32_to_cpu(notif->success) && 425 le32_to_cpu(notif->started); 426 struct iwl_mvm_rx_roc_iterator_data data = { 427 .activity = activity, 428 .end_activity = !started, 429 }; 430 431 /* Clear vif roc_activity if done (set to ROC_NUM_ACTIVITIES) */ 432 ieee80211_iterate_active_interfaces_atomic(mvm->hw, 433 IEEE80211_IFACE_ITER_NORMAL, 434 iwl_mvm_rx_roc_iterator, 435 &data); 436 /* 437 * It is possible that the ROC was canceled 438 * but the notification was already fired. 439 */ 440 if (!data.found) 441 return; 442 443 if (started) { 444 set_bit(IWL_MVM_STATUS_ROC_AUX_RUNNING, &mvm->status); 445 ieee80211_ready_on_channel(mvm->hw); 446 } else { 447 iwl_mvm_roc_finished(mvm); 448 ieee80211_remain_on_channel_expired(mvm->hw); 449 } 450 } 451 452 /* 453 * Handle A Aux ROC time event 454 */ 455 static int iwl_mvm_aux_roc_te_handle_notif(struct iwl_mvm *mvm, 456 struct iwl_time_event_notif *notif) 457 { 458 struct iwl_mvm_time_event_data *aux_roc_te = NULL, *te_data; 459 460 list_for_each_entry(te_data, &mvm->aux_roc_te_list, list) { 461 if (le32_to_cpu(notif->unique_id) == te_data->uid) { 462 aux_roc_te = te_data; 463 break; 464 } 465 } 466 if (!aux_roc_te) /* Not a Aux ROC time event */ 467 return -EINVAL; 468 469 iwl_mvm_te_check_trigger(mvm, notif, te_data); 470 471 IWL_DEBUG_TE(mvm, 472 "Aux ROC time event notification - UID = 0x%x action %d (error = %d)\n", 473 le32_to_cpu(notif->unique_id), 474 le32_to_cpu(notif->action), le32_to_cpu(notif->status)); 475 476 if (!le32_to_cpu(notif->status) || 477 le32_to_cpu(notif->action) == TE_V2_NOTIF_HOST_EVENT_END) { 478 /* End TE, notify mac80211 */ 479 ieee80211_remain_on_channel_expired(mvm->hw); 480 iwl_mvm_roc_finished(mvm); /* flush aux queue */ 481 list_del(&te_data->list); /* remove from list */ 482 te_data->running = false; 483 te_data->vif = NULL; 484 te_data->uid = 0; 485 te_data->id = TE_MAX; 486 } else if (le32_to_cpu(notif->action) == TE_V2_NOTIF_HOST_EVENT_START) { 487 set_bit(IWL_MVM_STATUS_ROC_AUX_RUNNING, &mvm->status); 488 te_data->running = true; 489 ieee80211_ready_on_channel(mvm->hw); /* Start TE */ 490 } else { 491 IWL_DEBUG_TE(mvm, 492 "ERROR: Unknown Aux ROC Time Event (action = %d)\n", 493 le32_to_cpu(notif->action)); 494 return -EINVAL; 495 } 496 497 return 0; 498 } 499 500 /* 501 * The Rx handler for time event notifications 502 */ 503 void iwl_mvm_rx_time_event_notif(struct iwl_mvm *mvm, 504 struct iwl_rx_cmd_buffer *rxb) 505 { 506 struct iwl_rx_packet *pkt = rxb_addr(rxb); 507 struct iwl_time_event_notif *notif = (void *)pkt->data; 508 struct iwl_mvm_time_event_data *te_data, *tmp; 509 510 IWL_DEBUG_TE(mvm, "Time event notification - UID = 0x%x action %d\n", 511 le32_to_cpu(notif->unique_id), 512 le32_to_cpu(notif->action)); 513 514 spin_lock_bh(&mvm->time_event_lock); 515 /* This time event is triggered for Aux ROC request */ 516 if (!iwl_mvm_aux_roc_te_handle_notif(mvm, notif)) 517 goto unlock; 518 519 list_for_each_entry_safe(te_data, tmp, &mvm->time_event_list, list) { 520 if (le32_to_cpu(notif->unique_id) == te_data->uid) 521 iwl_mvm_te_handle_notif(mvm, te_data, notif); 522 } 523 unlock: 524 spin_unlock_bh(&mvm->time_event_lock); 525 } 526 527 static bool iwl_mvm_te_notif(struct iwl_notif_wait_data *notif_wait, 528 struct iwl_rx_packet *pkt, void *data) 529 { 530 struct iwl_mvm *mvm = 531 container_of(notif_wait, struct iwl_mvm, notif_wait); 532 struct iwl_mvm_time_event_data *te_data = data; 533 struct iwl_time_event_notif *resp; 534 int resp_len = iwl_rx_packet_payload_len(pkt); 535 536 if (WARN_ON(pkt->hdr.cmd != TIME_EVENT_NOTIFICATION)) 537 return true; 538 539 if (WARN_ON_ONCE(resp_len != sizeof(*resp))) { 540 IWL_ERR(mvm, "Invalid TIME_EVENT_NOTIFICATION response\n"); 541 return true; 542 } 543 544 resp = (void *)pkt->data; 545 546 /* te_data->uid is already set in the TIME_EVENT_CMD response */ 547 if (le32_to_cpu(resp->unique_id) != te_data->uid) 548 return false; 549 550 IWL_DEBUG_TE(mvm, "TIME_EVENT_NOTIFICATION response - UID = 0x%x\n", 551 te_data->uid); 552 if (!resp->status) 553 IWL_ERR(mvm, 554 "TIME_EVENT_NOTIFICATION received but not executed\n"); 555 556 return true; 557 } 558 559 static bool iwl_mvm_time_event_response(struct iwl_notif_wait_data *notif_wait, 560 struct iwl_rx_packet *pkt, void *data) 561 { 562 struct iwl_mvm *mvm = 563 container_of(notif_wait, struct iwl_mvm, notif_wait); 564 struct iwl_mvm_time_event_data *te_data = data; 565 struct iwl_time_event_resp *resp; 566 int resp_len = iwl_rx_packet_payload_len(pkt); 567 568 if (WARN_ON(pkt->hdr.cmd != TIME_EVENT_CMD)) 569 return true; 570 571 if (WARN_ON_ONCE(resp_len != sizeof(*resp))) { 572 IWL_ERR(mvm, "Invalid TIME_EVENT_CMD response\n"); 573 return true; 574 } 575 576 resp = (void *)pkt->data; 577 578 /* we should never get a response to another TIME_EVENT_CMD here */ 579 if (WARN_ON_ONCE(le32_to_cpu(resp->id) != te_data->id)) 580 return false; 581 582 te_data->uid = le32_to_cpu(resp->unique_id); 583 IWL_DEBUG_TE(mvm, "TIME_EVENT_CMD response - UID = 0x%x\n", 584 te_data->uid); 585 return true; 586 } 587 588 static int iwl_mvm_time_event_send_add(struct iwl_mvm *mvm, 589 struct ieee80211_vif *vif, 590 struct iwl_mvm_time_event_data *te_data, 591 struct iwl_time_event_cmd *te_cmd) 592 { 593 static const u16 time_event_response[] = { TIME_EVENT_CMD }; 594 struct iwl_notification_wait wait_time_event; 595 int ret; 596 597 lockdep_assert_held(&mvm->mutex); 598 599 IWL_DEBUG_TE(mvm, "Add new TE, duration %d TU\n", 600 le32_to_cpu(te_cmd->duration)); 601 602 spin_lock_bh(&mvm->time_event_lock); 603 if (WARN_ON(te_data->id != TE_MAX)) { 604 spin_unlock_bh(&mvm->time_event_lock); 605 return -EIO; 606 } 607 te_data->vif = vif; 608 te_data->duration = le32_to_cpu(te_cmd->duration); 609 te_data->id = le32_to_cpu(te_cmd->id); 610 list_add_tail(&te_data->list, &mvm->time_event_list); 611 spin_unlock_bh(&mvm->time_event_lock); 612 613 /* 614 * Use a notification wait, which really just processes the 615 * command response and doesn't wait for anything, in order 616 * to be able to process the response and get the UID inside 617 * the RX path. Using CMD_WANT_SKB doesn't work because it 618 * stores the buffer and then wakes up this thread, by which 619 * time another notification (that the time event started) 620 * might already be processed unsuccessfully. 621 */ 622 iwl_init_notification_wait(&mvm->notif_wait, &wait_time_event, 623 time_event_response, 624 ARRAY_SIZE(time_event_response), 625 iwl_mvm_time_event_response, te_data); 626 627 ret = iwl_mvm_send_cmd_pdu(mvm, TIME_EVENT_CMD, 0, 628 sizeof(*te_cmd), te_cmd); 629 if (ret) { 630 IWL_ERR(mvm, "Couldn't send TIME_EVENT_CMD: %d\n", ret); 631 iwl_remove_notification(&mvm->notif_wait, &wait_time_event); 632 goto out_clear_te; 633 } 634 635 /* No need to wait for anything, so just pass 1 (0 isn't valid) */ 636 ret = iwl_wait_notification(&mvm->notif_wait, &wait_time_event, 1); 637 /* should never fail */ 638 WARN_ON_ONCE(ret); 639 640 if (ret) { 641 out_clear_te: 642 spin_lock_bh(&mvm->time_event_lock); 643 iwl_mvm_te_clear_data(mvm, te_data); 644 spin_unlock_bh(&mvm->time_event_lock); 645 } 646 return ret; 647 } 648 649 void iwl_mvm_protect_session(struct iwl_mvm *mvm, 650 struct ieee80211_vif *vif, 651 u32 duration, u32 min_duration, 652 u32 max_delay, bool wait_for_notif) 653 { 654 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 655 struct iwl_mvm_time_event_data *te_data = &mvmvif->time_event_data; 656 const u16 te_notif_response[] = { TIME_EVENT_NOTIFICATION }; 657 struct iwl_notification_wait wait_te_notif; 658 struct iwl_time_event_cmd time_cmd = {}; 659 660 lockdep_assert_held(&mvm->mutex); 661 662 if (te_data->running && 663 time_after(te_data->end_jiffies, TU_TO_EXP_TIME(min_duration))) { 664 IWL_DEBUG_TE(mvm, "We have enough time in the current TE: %u\n", 665 jiffies_to_msecs(te_data->end_jiffies - jiffies)); 666 return; 667 } 668 669 if (te_data->running) { 670 IWL_DEBUG_TE(mvm, "extend 0x%x: only %u ms left\n", 671 te_data->uid, 672 jiffies_to_msecs(te_data->end_jiffies - jiffies)); 673 /* 674 * we don't have enough time 675 * cancel the current TE and issue a new one 676 * Of course it would be better to remove the old one only 677 * when the new one is added, but we don't care if we are off 678 * channel for a bit. All we need to do, is not to return 679 * before we actually begin to be on the channel. 680 */ 681 iwl_mvm_stop_session_protection(mvm, vif); 682 } 683 684 time_cmd.action = cpu_to_le32(FW_CTXT_ACTION_ADD); 685 time_cmd.id_and_color = 686 cpu_to_le32(FW_CMD_ID_AND_COLOR(mvmvif->id, mvmvif->color)); 687 time_cmd.id = cpu_to_le32(TE_BSS_STA_AGGRESSIVE_ASSOC); 688 689 time_cmd.apply_time = cpu_to_le32(0); 690 691 time_cmd.max_frags = TE_V2_FRAG_NONE; 692 time_cmd.max_delay = cpu_to_le32(max_delay); 693 /* TODO: why do we need to interval = bi if it is not periodic? */ 694 time_cmd.interval = cpu_to_le32(1); 695 time_cmd.duration = cpu_to_le32(duration); 696 time_cmd.repeat = 1; 697 time_cmd.policy = cpu_to_le16(TE_V2_NOTIF_HOST_EVENT_START | 698 TE_V2_NOTIF_HOST_EVENT_END | 699 TE_V2_START_IMMEDIATELY); 700 701 if (!wait_for_notif) { 702 iwl_mvm_time_event_send_add(mvm, vif, te_data, &time_cmd); 703 return; 704 } 705 706 /* 707 * Create notification_wait for the TIME_EVENT_NOTIFICATION to use 708 * right after we send the time event 709 */ 710 iwl_init_notification_wait(&mvm->notif_wait, &wait_te_notif, 711 te_notif_response, 712 ARRAY_SIZE(te_notif_response), 713 iwl_mvm_te_notif, te_data); 714 715 /* If TE was sent OK - wait for the notification that started */ 716 if (iwl_mvm_time_event_send_add(mvm, vif, te_data, &time_cmd)) { 717 IWL_ERR(mvm, "Failed to add TE to protect session\n"); 718 iwl_remove_notification(&mvm->notif_wait, &wait_te_notif); 719 } else if (iwl_wait_notification(&mvm->notif_wait, &wait_te_notif, 720 TU_TO_JIFFIES(max_delay))) { 721 IWL_ERR(mvm, "Failed to protect session until TE\n"); 722 } 723 } 724 725 /* Determine whether mac or link id should be used, and validate the link id */ 726 static int iwl_mvm_get_session_prot_id(struct iwl_mvm *mvm, 727 struct ieee80211_vif *vif, 728 s8 link_id) 729 { 730 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 731 int ver = iwl_fw_lookup_cmd_ver(mvm->fw, 732 WIDE_ID(MAC_CONF_GROUP, 733 SESSION_PROTECTION_CMD), 1); 734 735 if (ver < 2) 736 return mvmvif->id; 737 738 if (WARN(link_id < 0 || !mvmvif->link[link_id], 739 "Invalid link ID for session protection: %u\n", link_id)) 740 return -EINVAL; 741 742 if (WARN(!mvmvif->link[link_id]->active, 743 "Session Protection on an inactive link: %u\n", link_id)) 744 return -EINVAL; 745 746 return mvmvif->link[link_id]->fw_link_id; 747 } 748 749 static void iwl_mvm_cancel_session_protection(struct iwl_mvm *mvm, 750 struct ieee80211_vif *vif, 751 u32 id, s8 link_id) 752 { 753 int mac_link_id = iwl_mvm_get_session_prot_id(mvm, vif, link_id); 754 struct iwl_mvm_session_prot_cmd cmd = { 755 .id_and_color = cpu_to_le32(mac_link_id), 756 .action = cpu_to_le32(FW_CTXT_ACTION_REMOVE), 757 .conf_id = cpu_to_le32(id), 758 }; 759 int ret; 760 761 if (mac_link_id < 0) 762 return; 763 764 ret = iwl_mvm_send_cmd_pdu(mvm, 765 WIDE_ID(MAC_CONF_GROUP, SESSION_PROTECTION_CMD), 766 0, sizeof(cmd), &cmd); 767 if (ret) 768 IWL_ERR(mvm, 769 "Couldn't send the SESSION_PROTECTION_CMD: %d\n", ret); 770 } 771 772 static void iwl_mvm_roc_rm_cmd(struct iwl_mvm *mvm, u32 activity) 773 { 774 struct iwl_roc_req roc_cmd = { 775 .action = cpu_to_le32(FW_CTXT_ACTION_REMOVE), 776 .activity = cpu_to_le32(activity), 777 }; 778 int ret; 779 780 lockdep_assert_held(&mvm->mutex); 781 ret = iwl_mvm_send_cmd_pdu(mvm, WIDE_ID(MAC_CONF_GROUP, ROC_CMD), 0, 782 sizeof(roc_cmd), &roc_cmd); 783 if (ret) 784 IWL_ERR(mvm, "Couldn't send the ROC_CMD: %d\n", ret); 785 } 786 787 static bool __iwl_mvm_remove_time_event(struct iwl_mvm *mvm, 788 struct iwl_mvm_time_event_data *te_data, 789 u32 *uid) 790 { 791 u32 id; 792 struct ieee80211_vif *vif = te_data->vif; 793 struct iwl_mvm_vif *mvmvif; 794 enum nl80211_iftype iftype; 795 s8 link_id; 796 bool p2p_aux = iwl_mvm_has_p2p_over_aux(mvm); 797 u8 roc_ver = iwl_fw_lookup_cmd_ver(mvm->fw, 798 WIDE_ID(MAC_CONF_GROUP, ROC_CMD), 0); 799 800 if (!vif) 801 return false; 802 803 mvmvif = iwl_mvm_vif_from_mac80211(te_data->vif); 804 iftype = te_data->vif->type; 805 806 /* 807 * It is possible that by the time we got to this point the time 808 * event was already removed. 809 */ 810 spin_lock_bh(&mvm->time_event_lock); 811 812 /* Save time event uid before clearing its data */ 813 *uid = te_data->uid; 814 id = te_data->id; 815 link_id = te_data->link_id; 816 817 /* 818 * The clear_data function handles time events that were already removed 819 */ 820 iwl_mvm_te_clear_data(mvm, te_data); 821 spin_unlock_bh(&mvm->time_event_lock); 822 823 if ((p2p_aux && iftype == NL80211_IFTYPE_P2P_DEVICE) || 824 (roc_ver >= 3 && mvmvif->roc_activity == ROC_ACTIVITY_HOTSPOT)) { 825 if (mvmvif->roc_activity < ROC_NUM_ACTIVITIES) { 826 iwl_mvm_roc_rm_cmd(mvm, mvmvif->roc_activity); 827 mvmvif->roc_activity = ROC_NUM_ACTIVITIES; 828 iwl_mvm_roc_finished(mvm); 829 } 830 return false; 831 } else if (fw_has_capa(&mvm->fw->ucode_capa, 832 IWL_UCODE_TLV_CAPA_SESSION_PROT_CMD) && 833 id != HOT_SPOT_CMD) { 834 /* When session protection is used, the te_data->id field 835 * is reused to save session protection's configuration. 836 * For AUX ROC, HOT_SPOT_CMD is used and the te_data->id 837 * field is set to HOT_SPOT_CMD. 838 */ 839 if (mvmvif && id < SESSION_PROTECT_CONF_MAX_ID) { 840 /* Session protection is still ongoing. Cancel it */ 841 iwl_mvm_cancel_session_protection(mvm, vif, id, 842 link_id); 843 if (iftype == NL80211_IFTYPE_P2P_DEVICE) { 844 iwl_mvm_roc_finished(mvm); 845 } 846 } 847 return false; 848 } else { 849 /* It is possible that by the time we try to remove it, the 850 * time event has already ended and removed. In such a case 851 * there is no need to send a removal command. 852 */ 853 if (id == TE_MAX) { 854 IWL_DEBUG_TE(mvm, "TE 0x%x has already ended\n", *uid); 855 return false; 856 } 857 } 858 859 return true; 860 } 861 862 /* 863 * Explicit request to remove a aux roc time event. The removal of a time 864 * event needs to be synchronized with the flow of a time event's end 865 * notification, which also removes the time event from the op mode 866 * data structures. 867 */ 868 static void iwl_mvm_remove_aux_roc_te(struct iwl_mvm *mvm, 869 struct iwl_mvm_vif *mvmvif, 870 struct iwl_mvm_time_event_data *te_data) 871 { 872 struct iwl_hs20_roc_req aux_cmd = {}; 873 u16 len = sizeof(aux_cmd) - iwl_mvm_chan_info_padding(mvm); 874 875 u32 uid; 876 int ret; 877 878 if (!__iwl_mvm_remove_time_event(mvm, te_data, &uid)) 879 return; 880 881 aux_cmd.event_unique_id = cpu_to_le32(uid); 882 aux_cmd.action = cpu_to_le32(FW_CTXT_ACTION_REMOVE); 883 aux_cmd.id_and_color = 884 cpu_to_le32(FW_CMD_ID_AND_COLOR(mvmvif->id, mvmvif->color)); 885 IWL_DEBUG_TE(mvm, "Removing BSS AUX ROC TE 0x%x\n", 886 le32_to_cpu(aux_cmd.event_unique_id)); 887 ret = iwl_mvm_send_cmd_pdu(mvm, HOT_SPOT_CMD, 0, 888 len, &aux_cmd); 889 890 if (WARN_ON(ret)) 891 return; 892 } 893 894 /* 895 * Explicit request to remove a time event. The removal of a time event needs to 896 * be synchronized with the flow of a time event's end notification, which also 897 * removes the time event from the op mode data structures. 898 */ 899 void iwl_mvm_remove_time_event(struct iwl_mvm *mvm, 900 struct iwl_mvm_vif *mvmvif, 901 struct iwl_mvm_time_event_data *te_data) 902 { 903 struct iwl_time_event_cmd time_cmd = {}; 904 u32 uid; 905 int ret; 906 907 if (!__iwl_mvm_remove_time_event(mvm, te_data, &uid)) 908 return; 909 910 /* When we remove a TE, the UID is to be set in the id field */ 911 time_cmd.id = cpu_to_le32(uid); 912 time_cmd.action = cpu_to_le32(FW_CTXT_ACTION_REMOVE); 913 time_cmd.id_and_color = 914 cpu_to_le32(FW_CMD_ID_AND_COLOR(mvmvif->id, mvmvif->color)); 915 916 IWL_DEBUG_TE(mvm, "Removing TE 0x%x\n", le32_to_cpu(time_cmd.id)); 917 ret = iwl_mvm_send_cmd_pdu(mvm, TIME_EVENT_CMD, 0, 918 sizeof(time_cmd), &time_cmd); 919 if (ret) 920 IWL_ERR(mvm, "Couldn't remove the time event\n"); 921 } 922 923 void iwl_mvm_stop_session_protection(struct iwl_mvm *mvm, 924 struct ieee80211_vif *vif) 925 { 926 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 927 struct iwl_mvm_time_event_data *te_data = &mvmvif->time_event_data; 928 u32 id; 929 930 lockdep_assert_held(&mvm->mutex); 931 932 spin_lock_bh(&mvm->time_event_lock); 933 id = te_data->id; 934 spin_unlock_bh(&mvm->time_event_lock); 935 936 if (fw_has_capa(&mvm->fw->ucode_capa, 937 IWL_UCODE_TLV_CAPA_SESSION_PROT_CMD)) { 938 if (id != SESSION_PROTECT_CONF_ASSOC) { 939 IWL_DEBUG_TE(mvm, 940 "don't remove session protection id=%u\n", 941 id); 942 return; 943 } 944 } else if (id != TE_BSS_STA_AGGRESSIVE_ASSOC) { 945 IWL_DEBUG_TE(mvm, 946 "don't remove TE with id=%u (not session protection)\n", 947 id); 948 return; 949 } 950 951 iwl_mvm_remove_time_event(mvm, mvmvif, te_data); 952 } 953 954 void iwl_mvm_rx_session_protect_notif(struct iwl_mvm *mvm, 955 struct iwl_rx_cmd_buffer *rxb) 956 { 957 struct iwl_rx_packet *pkt = rxb_addr(rxb); 958 struct iwl_mvm_session_prot_notif *notif = (void *)pkt->data; 959 unsigned int ver = 960 iwl_fw_lookup_notif_ver(mvm->fw, MAC_CONF_GROUP, 961 SESSION_PROTECTION_NOTIF, 2); 962 int id = le32_to_cpu(notif->mac_link_id); 963 struct ieee80211_vif *vif; 964 struct iwl_mvm_vif *mvmvif; 965 unsigned int notif_link_id; 966 967 rcu_read_lock(); 968 969 if (ver <= 2) { 970 vif = iwl_mvm_rcu_dereference_vif_id(mvm, id, true); 971 } else { 972 struct ieee80211_bss_conf *link_conf = 973 iwl_mvm_rcu_fw_link_id_to_link_conf(mvm, id, true); 974 975 if (!link_conf) 976 goto out_unlock; 977 978 notif_link_id = link_conf->link_id; 979 vif = link_conf->vif; 980 } 981 982 if (!vif) 983 goto out_unlock; 984 985 mvmvif = iwl_mvm_vif_from_mac80211(vif); 986 987 if (WARN(ver > 2 && mvmvif->time_event_data.link_id >= 0 && 988 mvmvif->time_event_data.link_id != notif_link_id, 989 "SESSION_PROTECTION_NOTIF was received for link %u, while the current time event is on link %u\n", 990 notif_link_id, mvmvif->time_event_data.link_id)) 991 goto out_unlock; 992 993 /* The vif is not a P2P_DEVICE, maintain its time_event_data */ 994 if (vif->type != NL80211_IFTYPE_P2P_DEVICE) { 995 struct iwl_mvm_time_event_data *te_data = 996 &mvmvif->time_event_data; 997 998 if (!le32_to_cpu(notif->status)) { 999 iwl_mvm_te_check_disconnect(mvm, vif, 1000 "Session protection failure"); 1001 spin_lock_bh(&mvm->time_event_lock); 1002 iwl_mvm_te_clear_data(mvm, te_data); 1003 spin_unlock_bh(&mvm->time_event_lock); 1004 } 1005 1006 if (le32_to_cpu(notif->start)) { 1007 spin_lock_bh(&mvm->time_event_lock); 1008 te_data->running = le32_to_cpu(notif->start); 1009 te_data->end_jiffies = 1010 TU_TO_EXP_TIME(te_data->duration); 1011 spin_unlock_bh(&mvm->time_event_lock); 1012 } else { 1013 /* 1014 * By now, we should have finished association 1015 * and know the dtim period. 1016 */ 1017 iwl_mvm_te_check_disconnect(mvm, vif, 1018 !vif->cfg.assoc ? 1019 "Not associated and the session protection is over already..." : 1020 "No beacon heard and the session protection is over already..."); 1021 spin_lock_bh(&mvm->time_event_lock); 1022 iwl_mvm_te_clear_data(mvm, te_data); 1023 spin_unlock_bh(&mvm->time_event_lock); 1024 } 1025 1026 goto out_unlock; 1027 } 1028 1029 if (!le32_to_cpu(notif->status) || !le32_to_cpu(notif->start)) { 1030 /* End TE, notify mac80211 */ 1031 mvmvif->time_event_data.id = SESSION_PROTECT_CONF_MAX_ID; 1032 mvmvif->time_event_data.link_id = -1; 1033 iwl_mvm_roc_finished(mvm); 1034 ieee80211_remain_on_channel_expired(mvm->hw); 1035 } else if (le32_to_cpu(notif->start)) { 1036 if (WARN_ON(mvmvif->time_event_data.id != 1037 le32_to_cpu(notif->conf_id))) 1038 goto out_unlock; 1039 set_bit(IWL_MVM_STATUS_ROC_P2P_RUNNING, &mvm->status); 1040 ieee80211_ready_on_channel(mvm->hw); /* Start TE */ 1041 } 1042 1043 out_unlock: 1044 rcu_read_unlock(); 1045 } 1046 1047 #define AUX_ROC_MIN_DURATION MSEC_TO_TU(100) 1048 #define AUX_ROC_MIN_DELAY MSEC_TO_TU(200) 1049 #define AUX_ROC_MAX_DELAY MSEC_TO_TU(600) 1050 #define AUX_ROC_SAFETY_BUFFER MSEC_TO_TU(20) 1051 #define AUX_ROC_MIN_SAFETY_BUFFER MSEC_TO_TU(10) 1052 1053 void iwl_mvm_roc_duration_and_delay(struct ieee80211_vif *vif, 1054 u32 duration_ms, 1055 u32 *duration_tu, 1056 u32 *delay) 1057 { 1058 u32 dtim_interval = vif->bss_conf.dtim_period * 1059 vif->bss_conf.beacon_int; 1060 1061 *delay = AUX_ROC_MIN_DELAY; 1062 *duration_tu = MSEC_TO_TU(duration_ms); 1063 1064 /* 1065 * If we are associated we want the delay time to be at least one 1066 * dtim interval so that the FW can wait until after the DTIM and 1067 * then start the time event, this will potentially allow us to 1068 * remain off-channel for the max duration. 1069 * Since we want to use almost a whole dtim interval we would also 1070 * like the delay to be for 2-3 dtim intervals, in case there are 1071 * other time events with higher priority. 1072 */ 1073 if (vif->cfg.assoc) { 1074 *delay = min_t(u32, dtim_interval * 3, AUX_ROC_MAX_DELAY); 1075 /* We cannot remain off-channel longer than the DTIM interval */ 1076 if (dtim_interval <= *duration_tu) { 1077 *duration_tu = dtim_interval - AUX_ROC_SAFETY_BUFFER; 1078 if (*duration_tu <= AUX_ROC_MIN_DURATION) 1079 *duration_tu = dtim_interval - 1080 AUX_ROC_MIN_SAFETY_BUFFER; 1081 } 1082 } 1083 } 1084 1085 int iwl_mvm_roc_add_cmd(struct iwl_mvm *mvm, 1086 struct ieee80211_channel *channel, 1087 struct ieee80211_vif *vif, 1088 int duration, enum iwl_roc_activity activity) 1089 { 1090 int res; 1091 u32 duration_tu, delay; 1092 struct iwl_roc_req roc_req = { 1093 .action = cpu_to_le32(FW_CTXT_ACTION_ADD), 1094 .activity = cpu_to_le32(activity), 1095 .sta_id = cpu_to_le32(mvm->aux_sta.sta_id), 1096 }; 1097 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 1098 1099 lockdep_assert_held(&mvm->mutex); 1100 1101 if (WARN_ON(mvmvif->roc_activity != ROC_NUM_ACTIVITIES)) 1102 return -EBUSY; 1103 1104 /* Set the channel info data */ 1105 iwl_mvm_set_chan_info(mvm, &roc_req.channel_info, 1106 channel->hw_value, 1107 iwl_mvm_phy_band_from_nl80211(channel->band), 1108 IWL_PHY_CHANNEL_MODE20, 0); 1109 1110 iwl_mvm_roc_duration_and_delay(vif, duration, &duration_tu, 1111 &delay); 1112 roc_req.duration = cpu_to_le32(duration_tu); 1113 roc_req.max_delay = cpu_to_le32(delay); 1114 1115 IWL_DEBUG_TE(mvm, 1116 "\t(requested = %ums, max_delay = %ums)\n", 1117 duration, delay); 1118 IWL_DEBUG_TE(mvm, 1119 "Requesting to remain on channel %u for %utu. activity %u\n", 1120 channel->hw_value, duration_tu, activity); 1121 1122 /* Set the node address */ 1123 memcpy(roc_req.node_addr, vif->addr, ETH_ALEN); 1124 1125 res = iwl_mvm_send_cmd_pdu(mvm, WIDE_ID(MAC_CONF_GROUP, ROC_CMD), 1126 0, sizeof(roc_req), &roc_req); 1127 if (!res) 1128 mvmvif->roc_activity = activity; 1129 1130 return res; 1131 } 1132 1133 static int 1134 iwl_mvm_start_p2p_roc_session_protection(struct iwl_mvm *mvm, 1135 struct ieee80211_vif *vif, 1136 int duration, 1137 enum ieee80211_roc_type type) 1138 { 1139 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 1140 struct iwl_mvm_session_prot_cmd cmd = { 1141 .id_and_color = 1142 cpu_to_le32(iwl_mvm_get_session_prot_id(mvm, vif, 0)), 1143 .action = cpu_to_le32(FW_CTXT_ACTION_ADD), 1144 .duration_tu = cpu_to_le32(MSEC_TO_TU(duration)), 1145 }; 1146 1147 lockdep_assert_held(&mvm->mutex); 1148 1149 /* The time_event_data.id field is reused to save session 1150 * protection's configuration. 1151 */ 1152 1153 mvmvif->time_event_data.link_id = 0; 1154 1155 switch (type) { 1156 case IEEE80211_ROC_TYPE_NORMAL: 1157 mvmvif->time_event_data.id = 1158 SESSION_PROTECT_CONF_P2P_DEVICE_DISCOV; 1159 break; 1160 case IEEE80211_ROC_TYPE_MGMT_TX: 1161 mvmvif->time_event_data.id = 1162 SESSION_PROTECT_CONF_P2P_GO_NEGOTIATION; 1163 break; 1164 default: 1165 WARN_ONCE(1, "Got an invalid ROC type\n"); 1166 return -EINVAL; 1167 } 1168 1169 cmd.conf_id = cpu_to_le32(mvmvif->time_event_data.id); 1170 return iwl_mvm_send_cmd_pdu(mvm, 1171 WIDE_ID(MAC_CONF_GROUP, SESSION_PROTECTION_CMD), 1172 0, sizeof(cmd), &cmd); 1173 } 1174 1175 int iwl_mvm_start_p2p_roc(struct iwl_mvm *mvm, struct ieee80211_vif *vif, 1176 int duration, enum ieee80211_roc_type type) 1177 { 1178 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 1179 struct iwl_mvm_time_event_data *te_data = &mvmvif->time_event_data; 1180 struct iwl_time_event_cmd time_cmd = {}; 1181 1182 lockdep_assert_held(&mvm->mutex); 1183 if (te_data->running) { 1184 IWL_WARN(mvm, "P2P_DEVICE remain on channel already running\n"); 1185 return -EBUSY; 1186 } 1187 1188 if (fw_has_capa(&mvm->fw->ucode_capa, 1189 IWL_UCODE_TLV_CAPA_SESSION_PROT_CMD)) 1190 return iwl_mvm_start_p2p_roc_session_protection(mvm, vif, 1191 duration, 1192 type); 1193 1194 time_cmd.action = cpu_to_le32(FW_CTXT_ACTION_ADD); 1195 time_cmd.id_and_color = 1196 cpu_to_le32(FW_CMD_ID_AND_COLOR(mvmvif->id, mvmvif->color)); 1197 1198 switch (type) { 1199 case IEEE80211_ROC_TYPE_NORMAL: 1200 time_cmd.id = cpu_to_le32(IWL_MVM_ROC_TE_TYPE_NORMAL); 1201 break; 1202 case IEEE80211_ROC_TYPE_MGMT_TX: 1203 time_cmd.id = cpu_to_le32(IWL_MVM_ROC_TE_TYPE_MGMT_TX); 1204 break; 1205 default: 1206 WARN_ONCE(1, "Got an invalid ROC type\n"); 1207 return -EINVAL; 1208 } 1209 1210 time_cmd.apply_time = cpu_to_le32(0); 1211 time_cmd.interval = cpu_to_le32(1); 1212 1213 /* 1214 * The P2P Device TEs can have lower priority than other events 1215 * that are being scheduled by the driver/fw, and thus it might not be 1216 * scheduled. To improve the chances of it being scheduled, allow them 1217 * to be fragmented, and in addition allow them to be delayed. 1218 */ 1219 time_cmd.max_frags = min(MSEC_TO_TU(duration)/50, TE_V2_FRAG_ENDLESS); 1220 time_cmd.max_delay = cpu_to_le32(MSEC_TO_TU(duration/2)); 1221 time_cmd.duration = cpu_to_le32(MSEC_TO_TU(duration)); 1222 time_cmd.repeat = 1; 1223 time_cmd.policy = cpu_to_le16(TE_V2_NOTIF_HOST_EVENT_START | 1224 TE_V2_NOTIF_HOST_EVENT_END | 1225 TE_V2_START_IMMEDIATELY); 1226 1227 return iwl_mvm_time_event_send_add(mvm, vif, te_data, &time_cmd); 1228 } 1229 1230 static struct iwl_mvm_time_event_data *iwl_mvm_get_roc_te(struct iwl_mvm *mvm) 1231 { 1232 struct iwl_mvm_time_event_data *te_data; 1233 1234 lockdep_assert_held(&mvm->mutex); 1235 1236 spin_lock_bh(&mvm->time_event_lock); 1237 1238 /* 1239 * Iterate over the list of time events and find the time event that is 1240 * associated with a P2P_DEVICE interface. 1241 * This assumes that a P2P_DEVICE interface can have only a single time 1242 * event at any given time and this time event coresponds to a ROC 1243 * request 1244 */ 1245 list_for_each_entry(te_data, &mvm->time_event_list, list) { 1246 if (te_data->vif->type == NL80211_IFTYPE_P2P_DEVICE) 1247 goto out; 1248 } 1249 1250 /* There can only be at most one AUX ROC time event, we just use the 1251 * list to simplify/unify code. Remove it if it exists. 1252 */ 1253 te_data = list_first_entry_or_null(&mvm->aux_roc_te_list, 1254 struct iwl_mvm_time_event_data, 1255 list); 1256 out: 1257 spin_unlock_bh(&mvm->time_event_lock); 1258 return te_data; 1259 } 1260 1261 void iwl_mvm_cleanup_roc_te(struct iwl_mvm *mvm) 1262 { 1263 struct iwl_mvm_time_event_data *te_data; 1264 u32 uid; 1265 1266 te_data = iwl_mvm_get_roc_te(mvm); 1267 if (te_data) 1268 __iwl_mvm_remove_time_event(mvm, te_data, &uid); 1269 } 1270 1271 void iwl_mvm_stop_roc(struct iwl_mvm *mvm, struct ieee80211_vif *vif) 1272 { 1273 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 1274 struct iwl_mvm_time_event_data *te_data; 1275 bool p2p_aux = iwl_mvm_has_p2p_over_aux(mvm); 1276 u8 roc_ver = iwl_fw_lookup_cmd_ver(mvm->fw, 1277 WIDE_ID(MAC_CONF_GROUP, ROC_CMD), 0); 1278 int iftype = vif->type; 1279 1280 mutex_lock(&mvm->mutex); 1281 1282 if (p2p_aux || (roc_ver >= 3 && iftype != NL80211_IFTYPE_P2P_DEVICE)) { 1283 if (mvmvif->roc_activity < ROC_NUM_ACTIVITIES) { 1284 iwl_mvm_roc_rm_cmd(mvm, mvmvif->roc_activity); 1285 mvmvif->roc_activity = ROC_NUM_ACTIVITIES; 1286 } 1287 goto cleanup_roc; 1288 } else if (fw_has_capa(&mvm->fw->ucode_capa, 1289 IWL_UCODE_TLV_CAPA_SESSION_PROT_CMD)) { 1290 te_data = &mvmvif->time_event_data; 1291 1292 if (iftype == NL80211_IFTYPE_P2P_DEVICE) { 1293 if (te_data->id >= SESSION_PROTECT_CONF_MAX_ID) { 1294 IWL_DEBUG_TE(mvm, 1295 "No remain on channel event\n"); 1296 mutex_unlock(&mvm->mutex); 1297 return; 1298 } 1299 iwl_mvm_cancel_session_protection(mvm, vif, 1300 te_data->id, 1301 te_data->link_id); 1302 } else { 1303 iwl_mvm_remove_aux_roc_te(mvm, mvmvif, 1304 &mvmvif->hs_time_event_data); 1305 } 1306 goto cleanup_roc; 1307 } 1308 1309 te_data = iwl_mvm_get_roc_te(mvm); 1310 if (!te_data) { 1311 IWL_WARN(mvm, "No remain on channel event\n"); 1312 mutex_unlock(&mvm->mutex); 1313 return; 1314 } 1315 1316 mvmvif = iwl_mvm_vif_from_mac80211(te_data->vif); 1317 iftype = te_data->vif->type; 1318 if (iftype == NL80211_IFTYPE_P2P_DEVICE) 1319 iwl_mvm_remove_time_event(mvm, mvmvif, te_data); 1320 else 1321 iwl_mvm_remove_aux_roc_te(mvm, mvmvif, te_data); 1322 1323 cleanup_roc: 1324 /* 1325 * In case we get here before the ROC event started, 1326 * (so the status bit isn't set) set it here so iwl_mvm_cleanup_roc will 1327 * cleanup things properly 1328 */ 1329 if (p2p_aux || iftype != NL80211_IFTYPE_P2P_DEVICE) 1330 set_bit(IWL_MVM_STATUS_ROC_AUX_RUNNING, &mvm->status); 1331 else 1332 set_bit(IWL_MVM_STATUS_ROC_P2P_RUNNING, &mvm->status); 1333 1334 /* Mutex is released inside this function */ 1335 iwl_mvm_cleanup_roc(mvm); 1336 } 1337 1338 void iwl_mvm_remove_csa_period(struct iwl_mvm *mvm, 1339 struct ieee80211_vif *vif) 1340 { 1341 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 1342 struct iwl_mvm_time_event_data *te_data = &mvmvif->time_event_data; 1343 u32 id; 1344 1345 lockdep_assert_held(&mvm->mutex); 1346 1347 spin_lock_bh(&mvm->time_event_lock); 1348 id = te_data->id; 1349 spin_unlock_bh(&mvm->time_event_lock); 1350 1351 if (id != TE_CHANNEL_SWITCH_PERIOD) 1352 return; 1353 1354 iwl_mvm_remove_time_event(mvm, mvmvif, te_data); 1355 } 1356 1357 int iwl_mvm_schedule_csa_period(struct iwl_mvm *mvm, 1358 struct ieee80211_vif *vif, 1359 u32 duration, u32 apply_time) 1360 { 1361 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 1362 struct iwl_mvm_time_event_data *te_data = &mvmvif->time_event_data; 1363 struct iwl_time_event_cmd time_cmd = {}; 1364 1365 lockdep_assert_held(&mvm->mutex); 1366 1367 if (te_data->running) { 1368 u32 id; 1369 1370 spin_lock_bh(&mvm->time_event_lock); 1371 id = te_data->id; 1372 spin_unlock_bh(&mvm->time_event_lock); 1373 1374 if (id == TE_CHANNEL_SWITCH_PERIOD) { 1375 IWL_DEBUG_TE(mvm, "CS period is already scheduled\n"); 1376 return -EBUSY; 1377 } 1378 1379 /* 1380 * Remove the session protection time event to allow the 1381 * channel switch. If we got here, we just heard a beacon so 1382 * the session protection is not needed anymore anyway. 1383 */ 1384 iwl_mvm_remove_time_event(mvm, mvmvif, te_data); 1385 } 1386 1387 time_cmd.action = cpu_to_le32(FW_CTXT_ACTION_ADD); 1388 time_cmd.id_and_color = 1389 cpu_to_le32(FW_CMD_ID_AND_COLOR(mvmvif->id, mvmvif->color)); 1390 time_cmd.id = cpu_to_le32(TE_CHANNEL_SWITCH_PERIOD); 1391 time_cmd.apply_time = cpu_to_le32(apply_time); 1392 time_cmd.max_frags = TE_V2_FRAG_NONE; 1393 time_cmd.duration = cpu_to_le32(duration); 1394 time_cmd.repeat = 1; 1395 time_cmd.interval = cpu_to_le32(1); 1396 time_cmd.policy = cpu_to_le16(TE_V2_NOTIF_HOST_EVENT_START | 1397 TE_V2_ABSENCE); 1398 if (!apply_time) 1399 time_cmd.policy |= cpu_to_le16(TE_V2_START_IMMEDIATELY); 1400 1401 return iwl_mvm_time_event_send_add(mvm, vif, te_data, &time_cmd); 1402 } 1403 1404 static bool iwl_mvm_session_prot_notif(struct iwl_notif_wait_data *notif_wait, 1405 struct iwl_rx_packet *pkt, void *data) 1406 { 1407 struct iwl_mvm *mvm = 1408 container_of(notif_wait, struct iwl_mvm, notif_wait); 1409 struct iwl_mvm_session_prot_notif *resp; 1410 int resp_len = iwl_rx_packet_payload_len(pkt); 1411 1412 if (WARN_ON(pkt->hdr.cmd != SESSION_PROTECTION_NOTIF || 1413 pkt->hdr.group_id != MAC_CONF_GROUP)) 1414 return true; 1415 1416 if (WARN_ON_ONCE(resp_len != sizeof(*resp))) { 1417 IWL_ERR(mvm, "Invalid SESSION_PROTECTION_NOTIF response\n"); 1418 return true; 1419 } 1420 1421 resp = (void *)pkt->data; 1422 1423 if (!resp->status) 1424 IWL_ERR(mvm, 1425 "TIME_EVENT_NOTIFICATION received but not executed\n"); 1426 1427 return true; 1428 } 1429 1430 void iwl_mvm_schedule_session_protection(struct iwl_mvm *mvm, 1431 struct ieee80211_vif *vif, 1432 u32 duration, u32 min_duration, 1433 bool wait_for_notif, 1434 unsigned int link_id) 1435 { 1436 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 1437 struct iwl_mvm_time_event_data *te_data = &mvmvif->time_event_data; 1438 const u16 notif[] = { WIDE_ID(MAC_CONF_GROUP, SESSION_PROTECTION_NOTIF) }; 1439 struct iwl_notification_wait wait_notif; 1440 int mac_link_id = iwl_mvm_get_session_prot_id(mvm, vif, (s8)link_id); 1441 struct iwl_mvm_session_prot_cmd cmd = { 1442 .id_and_color = cpu_to_le32(mac_link_id), 1443 .action = cpu_to_le32(FW_CTXT_ACTION_ADD), 1444 .conf_id = cpu_to_le32(SESSION_PROTECT_CONF_ASSOC), 1445 .duration_tu = cpu_to_le32(MSEC_TO_TU(duration)), 1446 }; 1447 1448 if (mac_link_id < 0) 1449 return; 1450 1451 lockdep_assert_held(&mvm->mutex); 1452 1453 spin_lock_bh(&mvm->time_event_lock); 1454 if (te_data->running && te_data->link_id == link_id && 1455 time_after(te_data->end_jiffies, TU_TO_EXP_TIME(min_duration))) { 1456 IWL_DEBUG_TE(mvm, "We have enough time in the current TE: %u\n", 1457 jiffies_to_msecs(te_data->end_jiffies - jiffies)); 1458 spin_unlock_bh(&mvm->time_event_lock); 1459 1460 return; 1461 } 1462 1463 iwl_mvm_te_clear_data(mvm, te_data); 1464 /* 1465 * The time_event_data.id field is reused to save session 1466 * protection's configuration. 1467 */ 1468 te_data->id = le32_to_cpu(cmd.conf_id); 1469 te_data->duration = le32_to_cpu(cmd.duration_tu); 1470 te_data->vif = vif; 1471 te_data->link_id = link_id; 1472 spin_unlock_bh(&mvm->time_event_lock); 1473 1474 IWL_DEBUG_TE(mvm, "Add new session protection, duration %d TU\n", 1475 le32_to_cpu(cmd.duration_tu)); 1476 1477 if (!wait_for_notif) { 1478 if (iwl_mvm_send_cmd_pdu(mvm, 1479 WIDE_ID(MAC_CONF_GROUP, SESSION_PROTECTION_CMD), 1480 0, sizeof(cmd), &cmd)) { 1481 goto send_cmd_err; 1482 } 1483 1484 return; 1485 } 1486 1487 iwl_init_notification_wait(&mvm->notif_wait, &wait_notif, 1488 notif, ARRAY_SIZE(notif), 1489 iwl_mvm_session_prot_notif, NULL); 1490 1491 if (iwl_mvm_send_cmd_pdu(mvm, 1492 WIDE_ID(MAC_CONF_GROUP, SESSION_PROTECTION_CMD), 1493 0, sizeof(cmd), &cmd)) { 1494 iwl_remove_notification(&mvm->notif_wait, &wait_notif); 1495 goto send_cmd_err; 1496 } else if (iwl_wait_notification(&mvm->notif_wait, &wait_notif, 1497 TU_TO_JIFFIES(100))) { 1498 IWL_ERR(mvm, 1499 "Failed to protect session until session protection\n"); 1500 } 1501 return; 1502 1503 send_cmd_err: 1504 IWL_ERR(mvm, 1505 "Couldn't send the SESSION_PROTECTION_CMD\n"); 1506 spin_lock_bh(&mvm->time_event_lock); 1507 iwl_mvm_te_clear_data(mvm, te_data); 1508 spin_unlock_bh(&mvm->time_event_lock); 1509 } 1510