1 /******************************************************************************
3 * This file is provided under a dual BSD/GPLv2 license. When using or
4 * redistributing this file, you may do so under either license.
8 * Copyright(c) 2012 - 2014 Intel Corporation. All rights reserved.
9 * Copyright(c) 2013 - 2015 Intel Mobile Communications GmbH
10 * Copyright(c) 2016 - 2017 Intel Deutschland GmbH
12 * This program is free software; you can redistribute it and/or modify
13 * it under the terms of version 2 of the GNU General Public License as
14 * published by the Free Software Foundation.
16 * This program is distributed in the hope that it will be useful, but
17 * WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
19 * General Public License for more details.
21 * You should have received a copy of the GNU General Public License
22 * along with this program; if not, write to the Free Software
23 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110,
26 * The full GNU General Public License is included in this distribution
27 * in the file called COPYING.
29 * Contact Information:
30 * Intel Linux Wireless <linuxwifi@intel.com>
31 * Intel Corporation, 5200 N.E. Elam Young Parkway, Hillsboro, OR 97124-6497
35 * Copyright(c) 2012 - 2014 Intel Corporation. All rights reserved.
36 * Copyright(c) 2013 - 2015 Intel Mobile Communications GmbH
37 * Copyright(c) 2016 - 2017 Intel Deutschland GmbH
38 * All rights reserved.
40 * Redistribution and use in source and binary forms, with or without
41 * modification, are permitted provided that the following conditions
44 * * Redistributions of source code must retain the above copyright
45 * notice, this list of conditions and the following disclaimer.
46 * * Redistributions in binary form must reproduce the above copyright
47 * notice, this list of conditions and the following disclaimer in
48 * the documentation and/or other materials provided with the
50 * * Neither the name Intel Corporation nor the names of its
51 * contributors may be used to endorse or promote products derived
52 * from this software without specific prior written permission.
54 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
55 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
56 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
57 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
58 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
59 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
60 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
61 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
62 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
63 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
64 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
66 *****************************************************************************/
68 #include <linux/etherdevice.h>
69 #include <net/mac80211.h>
72 #include "fw/api/scan.h"
75 #define IWL_DENSE_EBS_SCAN_RATIO 5
76 #define IWL_SPARSE_EBS_SCAN_RATIO 1
78 enum iwl_mvm_traffic_load {
80 IWL_MVM_TRAFFIC_MEDIUM,
84 #define IWL_SCAN_DWELL_ACTIVE 10
85 #define IWL_SCAN_DWELL_PASSIVE 110
86 #define IWL_SCAN_DWELL_FRAGMENTED 44
87 #define IWL_SCAN_DWELL_EXTENDED 90
89 struct iwl_mvm_scan_timing_params {
94 static struct iwl_mvm_scan_timing_params scan_timing[] = {
95 [IWL_SCAN_TYPE_UNASSOC] = {
99 [IWL_SCAN_TYPE_WILD] = {
103 [IWL_SCAN_TYPE_MILD] = {
107 [IWL_SCAN_TYPE_FRAGMENTED] = {
113 struct iwl_mvm_scan_params {
114 enum iwl_mvm_scan_type type;
118 struct cfg80211_ssid *ssids;
119 struct ieee80211_channel **channels;
126 struct iwl_scan_probe_req preq;
127 struct cfg80211_match_set *match_sets;
129 struct cfg80211_sched_scan_plan *scan_plans;
130 u32 measurement_dwell;
133 static inline void *iwl_mvm_get_scan_req_umac_data(struct iwl_mvm *mvm)
135 struct iwl_scan_req_umac *cmd = mvm->scan_cmd;
137 if (iwl_mvm_is_adaptive_dwell_supported(mvm))
138 return (void *)&cmd->v7.data;
140 if (iwl_mvm_has_new_tx_api(mvm))
141 return (void *)&cmd->v6.data;
143 return (void *)&cmd->v1.data;
146 static u8 iwl_mvm_scan_rx_ant(struct iwl_mvm *mvm)
148 if (mvm->scan_rx_ant != ANT_NONE)
149 return mvm->scan_rx_ant;
150 return iwl_mvm_get_valid_rx_ant(mvm);
153 static inline __le16 iwl_mvm_scan_rx_chain(struct iwl_mvm *mvm)
158 rx_ant = iwl_mvm_scan_rx_ant(mvm);
159 rx_chain = rx_ant << PHY_RX_CHAIN_VALID_POS;
160 rx_chain |= rx_ant << PHY_RX_CHAIN_FORCE_MIMO_SEL_POS;
161 rx_chain |= rx_ant << PHY_RX_CHAIN_FORCE_SEL_POS;
162 rx_chain |= 0x1 << PHY_RX_CHAIN_DRIVER_FORCE_POS;
163 return cpu_to_le16(rx_chain);
166 static __le32 iwl_mvm_scan_rxon_flags(enum nl80211_band band)
168 if (band == NL80211_BAND_2GHZ)
169 return cpu_to_le32(PHY_BAND_24);
171 return cpu_to_le32(PHY_BAND_5);
175 iwl_mvm_scan_rate_n_flags(struct iwl_mvm *mvm, enum nl80211_band band,
180 mvm->scan_last_antenna_idx =
181 iwl_mvm_next_antenna(mvm, iwl_mvm_get_valid_tx_ant(mvm),
182 mvm->scan_last_antenna_idx);
183 tx_ant = BIT(mvm->scan_last_antenna_idx) << RATE_MCS_ANT_POS;
185 if (band == NL80211_BAND_2GHZ && !no_cck)
186 return cpu_to_le32(IWL_RATE_1M_PLCP | RATE_MCS_CCK_MSK |
189 return cpu_to_le32(IWL_RATE_6M_PLCP | tx_ant);
192 static void iwl_mvm_scan_condition_iterator(void *data, u8 *mac,
193 struct ieee80211_vif *vif)
195 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
196 int *global_cnt = data;
198 if (vif->type != NL80211_IFTYPE_P2P_DEVICE && mvmvif->phy_ctxt &&
199 mvmvif->phy_ctxt->id < NUM_PHY_CTX)
203 static enum iwl_mvm_traffic_load iwl_mvm_get_traffic_load(struct iwl_mvm *mvm)
205 return IWL_MVM_TRAFFIC_LOW;
209 iwl_mvm_scan_type iwl_mvm_get_scan_type(struct iwl_mvm *mvm, bool p2p_device)
212 enum iwl_mvm_traffic_load load;
215 ieee80211_iterate_active_interfaces_atomic(mvm->hw,
216 IEEE80211_IFACE_ITER_NORMAL,
217 iwl_mvm_scan_condition_iterator,
220 return IWL_SCAN_TYPE_UNASSOC;
222 load = iwl_mvm_get_traffic_load(mvm);
223 low_latency = iwl_mvm_low_latency(mvm);
225 if ((load == IWL_MVM_TRAFFIC_HIGH || low_latency) && !p2p_device &&
226 fw_has_api(&mvm->fw->ucode_capa, IWL_UCODE_TLV_API_FRAGMENTED_SCAN))
227 return IWL_SCAN_TYPE_FRAGMENTED;
229 if (load >= IWL_MVM_TRAFFIC_MEDIUM || low_latency)
230 return IWL_SCAN_TYPE_MILD;
232 return IWL_SCAN_TYPE_WILD;
236 iwl_mvm_get_measurement_dwell(struct iwl_mvm *mvm,
237 struct cfg80211_scan_request *req,
238 struct iwl_mvm_scan_params *params)
243 if (req->duration_mandatory &&
244 req->duration > scan_timing[params->type].max_out_time) {
246 "Measurement scan - too long dwell %hu (max out time %u)\n",
248 scan_timing[params->type].max_out_time);
252 return min_t(u32, (u32)req->duration,
253 scan_timing[params->type].max_out_time);
256 static inline bool iwl_mvm_rrm_scan_needed(struct iwl_mvm *mvm)
258 /* require rrm scan whenever the fw supports it */
259 return fw_has_capa(&mvm->fw->ucode_capa,
260 IWL_UCODE_TLV_CAPA_DS_PARAM_SET_IE_SUPPORT);
263 static int iwl_mvm_max_scan_ie_fw_cmd_room(struct iwl_mvm *mvm)
267 max_probe_len = SCAN_OFFLOAD_PROBE_REQ_SIZE;
269 /* we create the 802.11 header and SSID element */
270 max_probe_len -= 24 + 2;
272 /* DS parameter set element is added on 2.4GHZ band if required */
273 if (iwl_mvm_rrm_scan_needed(mvm))
276 return max_probe_len;
279 int iwl_mvm_max_scan_ie_len(struct iwl_mvm *mvm)
281 int max_ie_len = iwl_mvm_max_scan_ie_fw_cmd_room(mvm);
283 /* TODO: [BUG] This function should return the maximum allowed size of
284 * scan IEs, however the LMAC scan api contains both 2GHZ and 5GHZ IEs
285 * in the same command. So the correct implementation of this function
286 * is just iwl_mvm_max_scan_ie_fw_cmd_room() / 2. Currently the scan
287 * command has only 512 bytes and it would leave us with about 240
288 * bytes for scan IEs, which is clearly not enough. So meanwhile
289 * we will report an incorrect value. This may result in a failure to
290 * issue a scan in unified_scan_lmac and unified_sched_scan_lmac
291 * functions with -ENOBUFS, if a large enough probe will be provided.
296 void iwl_mvm_rx_lmac_scan_iter_complete_notif(struct iwl_mvm *mvm,
297 struct iwl_rx_cmd_buffer *rxb)
299 struct iwl_rx_packet *pkt = rxb_addr(rxb);
300 struct iwl_lmac_scan_complete_notif *notif = (void *)pkt->data;
303 "Scan offload iteration complete: status=0x%x scanned channels=%d\n",
304 notif->status, notif->scanned_channels);
306 if (mvm->sched_scan_pass_all == SCHED_SCAN_PASS_ALL_FOUND) {
307 IWL_DEBUG_SCAN(mvm, "Pass all scheduled scan results found\n");
308 ieee80211_sched_scan_results(mvm->hw);
309 mvm->sched_scan_pass_all = SCHED_SCAN_PASS_ALL_ENABLED;
313 void iwl_mvm_rx_scan_match_found(struct iwl_mvm *mvm,
314 struct iwl_rx_cmd_buffer *rxb)
316 IWL_DEBUG_SCAN(mvm, "Scheduled scan results\n");
317 ieee80211_sched_scan_results(mvm->hw);
320 static const char *iwl_mvm_ebs_status_str(enum iwl_scan_ebs_status status)
323 case IWL_SCAN_EBS_SUCCESS:
325 case IWL_SCAN_EBS_INACTIVE:
327 case IWL_SCAN_EBS_FAILED:
328 case IWL_SCAN_EBS_CHAN_NOT_FOUND:
334 void iwl_mvm_rx_lmac_scan_complete_notif(struct iwl_mvm *mvm,
335 struct iwl_rx_cmd_buffer *rxb)
337 struct iwl_rx_packet *pkt = rxb_addr(rxb);
338 struct iwl_periodic_scan_complete *scan_notif = (void *)pkt->data;
339 bool aborted = (scan_notif->status == IWL_SCAN_OFFLOAD_ABORTED);
341 /* If this happens, the firmware has mistakenly sent an LMAC
342 * notification during UMAC scans -- warn and ignore it.
344 if (WARN_ON_ONCE(fw_has_capa(&mvm->fw->ucode_capa,
345 IWL_UCODE_TLV_CAPA_UMAC_SCAN)))
348 /* scan status must be locked for proper checking */
349 lockdep_assert_held(&mvm->mutex);
351 /* We first check if we were stopping a scan, in which case we
352 * just clear the stopping flag. Then we check if it was a
353 * firmware initiated stop, in which case we need to inform
355 * Note that we can have a stopping and a running scan
356 * simultaneously, but we can't have two different types of
357 * scans stopping or running at the same time (since LMAC
358 * doesn't support it).
361 if (mvm->scan_status & IWL_MVM_SCAN_STOPPING_SCHED) {
362 WARN_ON_ONCE(mvm->scan_status & IWL_MVM_SCAN_STOPPING_REGULAR);
364 IWL_DEBUG_SCAN(mvm, "Scheduled scan %s, EBS status %s\n",
365 aborted ? "aborted" : "completed",
366 iwl_mvm_ebs_status_str(scan_notif->ebs_status));
368 "Last line %d, Last iteration %d, Time after last iteration %d\n",
369 scan_notif->last_schedule_line,
370 scan_notif->last_schedule_iteration,
371 __le32_to_cpu(scan_notif->time_after_last_iter));
373 mvm->scan_status &= ~IWL_MVM_SCAN_STOPPING_SCHED;
374 } else if (mvm->scan_status & IWL_MVM_SCAN_STOPPING_REGULAR) {
375 IWL_DEBUG_SCAN(mvm, "Regular scan %s, EBS status %s\n",
376 aborted ? "aborted" : "completed",
377 iwl_mvm_ebs_status_str(scan_notif->ebs_status));
379 mvm->scan_status &= ~IWL_MVM_SCAN_STOPPING_REGULAR;
380 } else if (mvm->scan_status & IWL_MVM_SCAN_SCHED) {
381 WARN_ON_ONCE(mvm->scan_status & IWL_MVM_SCAN_REGULAR);
383 IWL_DEBUG_SCAN(mvm, "Scheduled scan %s, EBS status %s\n",
384 aborted ? "aborted" : "completed",
385 iwl_mvm_ebs_status_str(scan_notif->ebs_status));
387 "Last line %d, Last iteration %d, Time after last iteration %d (FW)\n",
388 scan_notif->last_schedule_line,
389 scan_notif->last_schedule_iteration,
390 __le32_to_cpu(scan_notif->time_after_last_iter));
392 mvm->scan_status &= ~IWL_MVM_SCAN_SCHED;
393 ieee80211_sched_scan_stopped(mvm->hw);
394 mvm->sched_scan_pass_all = SCHED_SCAN_PASS_ALL_DISABLED;
395 } else if (mvm->scan_status & IWL_MVM_SCAN_REGULAR) {
396 struct cfg80211_scan_info info = {
400 IWL_DEBUG_SCAN(mvm, "Regular scan %s, EBS status %s (FW)\n",
401 aborted ? "aborted" : "completed",
402 iwl_mvm_ebs_status_str(scan_notif->ebs_status));
404 mvm->scan_status &= ~IWL_MVM_SCAN_REGULAR;
405 ieee80211_scan_completed(mvm->hw, &info);
406 iwl_mvm_unref(mvm, IWL_MVM_REF_SCAN);
407 cancel_delayed_work(&mvm->scan_timeout_dwork);
410 "got scan complete notification but no scan is running\n");
413 mvm->last_ebs_successful =
414 scan_notif->ebs_status == IWL_SCAN_EBS_SUCCESS ||
415 scan_notif->ebs_status == IWL_SCAN_EBS_INACTIVE;
418 static int iwl_ssid_exist(u8 *ssid, u8 ssid_len, struct iwl_ssid_ie *ssid_list)
422 for (i = 0; i < PROBE_OPTION_MAX; i++) {
423 if (!ssid_list[i].len)
425 if (ssid_list[i].len == ssid_len &&
426 !memcmp(ssid_list->ssid, ssid, ssid_len))
432 /* We insert the SSIDs in an inverted order, because the FW will
435 static void iwl_scan_build_ssids(struct iwl_mvm_scan_params *params,
436 struct iwl_ssid_ie *ssids,
443 * copy SSIDs from match list.
444 * iwl_config_sched_scan_profiles() uses the order of these ssids to
447 for (i = 0, j = params->n_match_sets - 1;
448 j >= 0 && i < PROBE_OPTION_MAX;
450 /* skip empty SSID matchsets */
451 if (!params->match_sets[j].ssid.ssid_len)
453 ssids[i].id = WLAN_EID_SSID;
454 ssids[i].len = params->match_sets[j].ssid.ssid_len;
455 memcpy(ssids[i].ssid, params->match_sets[j].ssid.ssid,
459 /* add SSIDs from scan SSID list */
461 for (j = params->n_ssids - 1;
462 j >= 0 && i < PROBE_OPTION_MAX;
464 index = iwl_ssid_exist(params->ssids[j].ssid,
465 params->ssids[j].ssid_len,
468 ssids[i].id = WLAN_EID_SSID;
469 ssids[i].len = params->ssids[j].ssid_len;
470 memcpy(ssids[i].ssid, params->ssids[j].ssid,
472 *ssid_bitmap |= BIT(i);
474 *ssid_bitmap |= BIT(index);
480 iwl_mvm_config_sched_scan_profiles(struct iwl_mvm *mvm,
481 struct cfg80211_sched_scan_request *req)
483 struct iwl_scan_offload_profile *profile;
484 struct iwl_scan_offload_profile_cfg *profile_cfg;
485 struct iwl_scan_offload_blacklist *blacklist;
486 struct iwl_host_cmd cmd = {
487 .id = SCAN_OFFLOAD_UPDATE_PROFILES_CMD,
488 .len[1] = sizeof(*profile_cfg),
489 .dataflags[0] = IWL_HCMD_DFL_NOCOPY,
490 .dataflags[1] = IWL_HCMD_DFL_NOCOPY,
496 if (WARN_ON(req->n_match_sets > IWL_SCAN_MAX_PROFILES))
499 if (mvm->fw->ucode_capa.flags & IWL_UCODE_TLV_FLAGS_SHORT_BL)
500 blacklist_len = IWL_SCAN_SHORT_BLACKLIST_LEN;
502 blacklist_len = IWL_SCAN_MAX_BLACKLIST_LEN;
504 blacklist = kzalloc(sizeof(*blacklist) * blacklist_len, GFP_KERNEL);
508 profile_cfg = kzalloc(sizeof(*profile_cfg), GFP_KERNEL);
514 cmd.data[0] = blacklist;
515 cmd.len[0] = sizeof(*blacklist) * blacklist_len;
516 cmd.data[1] = profile_cfg;
518 /* No blacklist configuration */
520 profile_cfg->num_profiles = req->n_match_sets;
521 profile_cfg->active_clients = SCAN_CLIENT_SCHED_SCAN;
522 profile_cfg->pass_match = SCAN_CLIENT_SCHED_SCAN;
523 profile_cfg->match_notify = SCAN_CLIENT_SCHED_SCAN;
524 if (!req->n_match_sets || !req->match_sets[0].ssid.ssid_len)
525 profile_cfg->any_beacon_notify = SCAN_CLIENT_SCHED_SCAN;
527 for (i = 0; i < req->n_match_sets; i++) {
528 profile = &profile_cfg->profiles[i];
529 profile->ssid_index = i;
530 /* Support any cipher and auth algorithm */
531 profile->unicast_cipher = 0xff;
532 profile->auth_alg = 0xff;
533 profile->network_type = IWL_NETWORK_TYPE_ANY;
534 profile->band_selection = IWL_SCAN_OFFLOAD_SELECT_ANY;
535 profile->client_bitmap = SCAN_CLIENT_SCHED_SCAN;
538 IWL_DEBUG_SCAN(mvm, "Sending scheduled scan profile config\n");
540 ret = iwl_mvm_send_cmd(mvm, &cmd);
548 static bool iwl_mvm_scan_pass_all(struct iwl_mvm *mvm,
549 struct cfg80211_sched_scan_request *req)
551 if (req->n_match_sets && req->match_sets[0].ssid.ssid_len) {
553 "Sending scheduled scan with filtering, n_match_sets %d\n",
555 mvm->sched_scan_pass_all = SCHED_SCAN_PASS_ALL_DISABLED;
559 IWL_DEBUG_SCAN(mvm, "Sending Scheduled scan without filtering\n");
561 mvm->sched_scan_pass_all = SCHED_SCAN_PASS_ALL_ENABLED;
565 static int iwl_mvm_lmac_scan_abort(struct iwl_mvm *mvm)
568 struct iwl_host_cmd cmd = {
569 .id = SCAN_OFFLOAD_ABORT_CMD,
571 u32 status = CAN_ABORT_STATUS;
573 ret = iwl_mvm_send_cmd_status(mvm, &cmd, &status);
577 if (status != CAN_ABORT_STATUS) {
579 * The scan abort will return 1 for success or
580 * 2 for "failure". A failure condition can be
581 * due to simply not being in an active scan which
582 * can occur if we send the scan abort before the
583 * microcode has notified us that a scan is completed.
585 IWL_DEBUG_SCAN(mvm, "SCAN OFFLOAD ABORT ret %d.\n", status);
592 static void iwl_mvm_scan_fill_tx_cmd(struct iwl_mvm *mvm,
593 struct iwl_scan_req_tx_cmd *tx_cmd,
596 tx_cmd[0].tx_flags = cpu_to_le32(TX_CMD_FLG_SEQ_CTL |
598 tx_cmd[0].rate_n_flags = iwl_mvm_scan_rate_n_flags(mvm,
601 tx_cmd[0].sta_id = mvm->aux_sta.sta_id;
603 tx_cmd[1].tx_flags = cpu_to_le32(TX_CMD_FLG_SEQ_CTL |
605 tx_cmd[1].rate_n_flags = iwl_mvm_scan_rate_n_flags(mvm,
608 tx_cmd[1].sta_id = mvm->aux_sta.sta_id;
612 iwl_mvm_lmac_scan_cfg_channels(struct iwl_mvm *mvm,
613 struct ieee80211_channel **channels,
614 int n_channels, u32 ssid_bitmap,
615 struct iwl_scan_req_lmac *cmd)
617 struct iwl_scan_channel_cfg_lmac *channel_cfg = (void *)&cmd->data;
620 for (i = 0; i < n_channels; i++) {
621 channel_cfg[i].channel_num =
622 cpu_to_le16(channels[i]->hw_value);
623 channel_cfg[i].iter_count = cpu_to_le16(1);
624 channel_cfg[i].iter_interval = 0;
625 channel_cfg[i].flags =
626 cpu_to_le32(IWL_UNIFIED_SCAN_CHANNEL_PARTIAL |
631 static u8 *iwl_mvm_copy_and_insert_ds_elem(struct iwl_mvm *mvm, const u8 *ies,
632 size_t len, u8 *const pos)
634 static const u8 before_ds_params[] = {
638 WLAN_EID_EXT_SUPP_RATES,
643 if (!iwl_mvm_rrm_scan_needed(mvm)) {
644 memcpy(newpos, ies, len);
648 offs = ieee80211_ie_split(ies, len,
650 ARRAY_SIZE(before_ds_params),
653 memcpy(newpos, ies, offs);
656 /* Add a placeholder for DS Parameter Set element */
657 *newpos++ = WLAN_EID_DS_PARAMS;
661 memcpy(newpos, ies + offs, len - offs);
662 newpos += len - offs;
668 iwl_mvm_build_scan_probe(struct iwl_mvm *mvm, struct ieee80211_vif *vif,
669 struct ieee80211_scan_ies *ies,
670 struct iwl_mvm_scan_params *params)
672 struct ieee80211_mgmt *frame = (void *)params->preq.buf;
674 const u8 *mac_addr = params->flags & NL80211_SCAN_FLAG_RANDOM_ADDR ?
675 params->mac_addr : NULL;
678 * Unfortunately, right now the offload scan doesn't support randomising
679 * within the firmware, so until the firmware API is ready we implement
680 * it in the driver. This means that the scan iterations won't really be
681 * random, only when it's restarted, but at least that helps a bit.
684 get_random_mask_addr(frame->sa, mac_addr,
685 params->mac_addr_mask);
687 memcpy(frame->sa, vif->addr, ETH_ALEN);
689 frame->frame_control = cpu_to_le16(IEEE80211_STYPE_PROBE_REQ);
690 eth_broadcast_addr(frame->da);
691 eth_broadcast_addr(frame->bssid);
694 pos = frame->u.probe_req.variable;
695 *pos++ = WLAN_EID_SSID;
698 params->preq.mac_header.offset = 0;
699 params->preq.mac_header.len = cpu_to_le16(24 + 2);
701 /* Insert ds parameter set element on 2.4 GHz band */
702 newpos = iwl_mvm_copy_and_insert_ds_elem(mvm,
703 ies->ies[NL80211_BAND_2GHZ],
704 ies->len[NL80211_BAND_2GHZ],
706 params->preq.band_data[0].offset = cpu_to_le16(pos - params->preq.buf);
707 params->preq.band_data[0].len = cpu_to_le16(newpos - pos);
710 memcpy(pos, ies->ies[NL80211_BAND_5GHZ],
711 ies->len[NL80211_BAND_5GHZ]);
712 params->preq.band_data[1].offset = cpu_to_le16(pos - params->preq.buf);
713 params->preq.band_data[1].len =
714 cpu_to_le16(ies->len[NL80211_BAND_5GHZ]);
715 pos += ies->len[NL80211_BAND_5GHZ];
717 memcpy(pos, ies->common_ies, ies->common_ie_len);
718 params->preq.common_data.offset = cpu_to_le16(pos - params->preq.buf);
719 params->preq.common_data.len = cpu_to_le16(ies->common_ie_len);
722 static void iwl_mvm_scan_lmac_dwell(struct iwl_mvm *mvm,
723 struct iwl_scan_req_lmac *cmd,
724 struct iwl_mvm_scan_params *params)
726 cmd->active_dwell = IWL_SCAN_DWELL_ACTIVE;
727 cmd->passive_dwell = IWL_SCAN_DWELL_PASSIVE;
728 cmd->fragmented_dwell = IWL_SCAN_DWELL_FRAGMENTED;
729 cmd->extended_dwell = IWL_SCAN_DWELL_EXTENDED;
730 cmd->max_out_time = cpu_to_le32(scan_timing[params->type].max_out_time);
731 cmd->suspend_time = cpu_to_le32(scan_timing[params->type].suspend_time);
732 cmd->scan_prio = cpu_to_le32(IWL_SCAN_PRIORITY_EXT_6);
735 static inline bool iwl_mvm_scan_fits(struct iwl_mvm *mvm, int n_ssids,
736 struct ieee80211_scan_ies *ies,
739 return ((n_ssids <= PROBE_OPTION_MAX) &&
740 (n_channels <= mvm->fw->ucode_capa.n_scan_channels) &
741 (ies->common_ie_len +
742 ies->len[NL80211_BAND_2GHZ] +
743 ies->len[NL80211_BAND_5GHZ] <=
744 iwl_mvm_max_scan_ie_fw_cmd_room(mvm)));
747 static inline bool iwl_mvm_scan_use_ebs(struct iwl_mvm *mvm,
748 struct ieee80211_vif *vif)
750 const struct iwl_ucode_capabilities *capa = &mvm->fw->ucode_capa;
752 /* We can only use EBS if:
753 * 1. the feature is supported;
754 * 2. the last EBS was successful;
755 * 3. if only single scan, the single scan EBS API is supported;
756 * 4. it's not a p2p find operation.
758 return ((capa->flags & IWL_UCODE_TLV_FLAGS_EBS_SUPPORT) &&
759 mvm->last_ebs_successful && IWL_MVM_ENABLE_EBS &&
760 vif->type != NL80211_IFTYPE_P2P_DEVICE);
763 static inline bool iwl_mvm_is_regular_scan(struct iwl_mvm_scan_params *params)
765 return params->n_scan_plans == 1 &&
766 params->scan_plans[0].iterations == 1;
769 static int iwl_mvm_scan_lmac_flags(struct iwl_mvm *mvm,
770 struct iwl_mvm_scan_params *params,
771 struct ieee80211_vif *vif)
775 if (params->n_ssids == 0)
776 flags |= IWL_MVM_LMAC_SCAN_FLAG_PASSIVE;
778 if (params->n_ssids == 1 && params->ssids[0].ssid_len != 0)
779 flags |= IWL_MVM_LMAC_SCAN_FLAG_PRE_CONNECTION;
781 if (params->type == IWL_SCAN_TYPE_FRAGMENTED)
782 flags |= IWL_MVM_LMAC_SCAN_FLAG_FRAGMENTED;
784 if (iwl_mvm_rrm_scan_needed(mvm))
785 flags |= IWL_MVM_LMAC_SCAN_FLAGS_RRM_ENABLED;
787 if (params->pass_all)
788 flags |= IWL_MVM_LMAC_SCAN_FLAG_PASS_ALL;
790 flags |= IWL_MVM_LMAC_SCAN_FLAG_MATCH;
792 #ifdef CONFIG_IWLWIFI_DEBUGFS
793 if (mvm->scan_iter_notif_enabled)
794 flags |= IWL_MVM_LMAC_SCAN_FLAG_ITER_COMPLETE;
797 if (mvm->sched_scan_pass_all == SCHED_SCAN_PASS_ALL_ENABLED)
798 flags |= IWL_MVM_LMAC_SCAN_FLAG_ITER_COMPLETE;
800 if (iwl_mvm_is_regular_scan(params) &&
801 vif->type != NL80211_IFTYPE_P2P_DEVICE &&
802 params->type != IWL_SCAN_TYPE_FRAGMENTED)
803 flags |= IWL_MVM_LMAC_SCAN_FLAG_EXTENDED_DWELL;
808 static int iwl_mvm_scan_lmac(struct iwl_mvm *mvm, struct ieee80211_vif *vif,
809 struct iwl_mvm_scan_params *params)
811 struct iwl_scan_req_lmac *cmd = mvm->scan_cmd;
812 struct iwl_scan_probe_req *preq =
813 (void *)(cmd->data + sizeof(struct iwl_scan_channel_cfg_lmac) *
814 mvm->fw->ucode_capa.n_scan_channels);
818 lockdep_assert_held(&mvm->mutex);
820 memset(cmd, 0, ksize(cmd));
822 if (WARN_ON(params->n_scan_plans > IWL_MAX_SCHED_SCAN_PLANS))
825 iwl_mvm_scan_lmac_dwell(mvm, cmd, params);
827 cmd->rx_chain_select = iwl_mvm_scan_rx_chain(mvm);
828 cmd->iter_num = cpu_to_le32(1);
829 cmd->n_channels = (u8)params->n_channels;
831 cmd->delay = cpu_to_le32(params->delay);
833 cmd->scan_flags = cpu_to_le32(iwl_mvm_scan_lmac_flags(mvm, params,
836 cmd->flags = iwl_mvm_scan_rxon_flags(params->channels[0]->band);
837 cmd->filter_flags = cpu_to_le32(MAC_FILTER_ACCEPT_GRP |
838 MAC_FILTER_IN_BEACON);
839 iwl_mvm_scan_fill_tx_cmd(mvm, cmd->tx_cmd, params->no_cck);
840 iwl_scan_build_ssids(params, cmd->direct_scan, &ssid_bitmap);
842 /* this API uses bits 1-20 instead of 0-19 */
845 for (i = 0; i < params->n_scan_plans; i++) {
846 struct cfg80211_sched_scan_plan *scan_plan =
847 ¶ms->scan_plans[i];
849 cmd->schedule[i].delay =
850 cpu_to_le16(scan_plan->interval);
851 cmd->schedule[i].iterations = scan_plan->iterations;
852 cmd->schedule[i].full_scan_mul = 1;
856 * If the number of iterations of the last scan plan is set to
857 * zero, it should run infinitely. However, this is not always the case.
858 * For example, when regular scan is requested the driver sets one scan
859 * plan with one iteration.
861 if (!cmd->schedule[i - 1].iterations)
862 cmd->schedule[i - 1].iterations = 0xff;
864 if (iwl_mvm_scan_use_ebs(mvm, vif)) {
865 cmd->channel_opt[0].flags =
866 cpu_to_le16(IWL_SCAN_CHANNEL_FLAG_EBS |
867 IWL_SCAN_CHANNEL_FLAG_EBS_ACCURATE |
868 IWL_SCAN_CHANNEL_FLAG_CACHE_ADD);
869 cmd->channel_opt[0].non_ebs_ratio =
870 cpu_to_le16(IWL_DENSE_EBS_SCAN_RATIO);
871 cmd->channel_opt[1].flags =
872 cpu_to_le16(IWL_SCAN_CHANNEL_FLAG_EBS |
873 IWL_SCAN_CHANNEL_FLAG_EBS_ACCURATE |
874 IWL_SCAN_CHANNEL_FLAG_CACHE_ADD);
875 cmd->channel_opt[1].non_ebs_ratio =
876 cpu_to_le16(IWL_SPARSE_EBS_SCAN_RATIO);
879 iwl_mvm_lmac_scan_cfg_channels(mvm, params->channels,
880 params->n_channels, ssid_bitmap, cmd);
882 *preq = params->preq;
887 static int rate_to_scan_rate_flag(unsigned int rate)
889 static const int rate_to_scan_rate[IWL_RATE_COUNT] = {
890 [IWL_RATE_1M_INDEX] = SCAN_CONFIG_RATE_1M,
891 [IWL_RATE_2M_INDEX] = SCAN_CONFIG_RATE_2M,
892 [IWL_RATE_5M_INDEX] = SCAN_CONFIG_RATE_5M,
893 [IWL_RATE_11M_INDEX] = SCAN_CONFIG_RATE_11M,
894 [IWL_RATE_6M_INDEX] = SCAN_CONFIG_RATE_6M,
895 [IWL_RATE_9M_INDEX] = SCAN_CONFIG_RATE_9M,
896 [IWL_RATE_12M_INDEX] = SCAN_CONFIG_RATE_12M,
897 [IWL_RATE_18M_INDEX] = SCAN_CONFIG_RATE_18M,
898 [IWL_RATE_24M_INDEX] = SCAN_CONFIG_RATE_24M,
899 [IWL_RATE_36M_INDEX] = SCAN_CONFIG_RATE_36M,
900 [IWL_RATE_48M_INDEX] = SCAN_CONFIG_RATE_48M,
901 [IWL_RATE_54M_INDEX] = SCAN_CONFIG_RATE_54M,
904 return rate_to_scan_rate[rate];
907 static __le32 iwl_mvm_scan_config_rates(struct iwl_mvm *mvm)
909 struct ieee80211_supported_band *band;
910 unsigned int rates = 0;
913 band = &mvm->nvm_data->bands[NL80211_BAND_2GHZ];
914 for (i = 0; i < band->n_bitrates; i++)
915 rates |= rate_to_scan_rate_flag(band->bitrates[i].hw_value);
916 band = &mvm->nvm_data->bands[NL80211_BAND_5GHZ];
917 for (i = 0; i < band->n_bitrates; i++)
918 rates |= rate_to_scan_rate_flag(band->bitrates[i].hw_value);
920 /* Set both basic rates and supported rates */
921 rates |= SCAN_CONFIG_SUPPORTED_RATE(rates);
923 return cpu_to_le32(rates);
926 static void iwl_mvm_fill_scan_dwell(struct iwl_mvm *mvm,
927 struct iwl_scan_dwell *dwell)
929 dwell->active = IWL_SCAN_DWELL_ACTIVE;
930 dwell->passive = IWL_SCAN_DWELL_PASSIVE;
931 dwell->fragmented = IWL_SCAN_DWELL_FRAGMENTED;
932 dwell->extended = IWL_SCAN_DWELL_EXTENDED;
935 static void iwl_mvm_fill_channels(struct iwl_mvm *mvm, u8 *channels)
937 struct ieee80211_supported_band *band;
940 band = &mvm->nvm_data->bands[NL80211_BAND_2GHZ];
941 for (i = 0; i < band->n_channels; i++, j++)
942 channels[j] = band->channels[i].hw_value;
943 band = &mvm->nvm_data->bands[NL80211_BAND_5GHZ];
944 for (i = 0; i < band->n_channels; i++, j++)
945 channels[j] = band->channels[i].hw_value;
948 static void iwl_mvm_fill_scan_config_v1(struct iwl_mvm *mvm, void *config,
949 u32 flags, u8 channel_flags)
951 enum iwl_mvm_scan_type type = iwl_mvm_get_scan_type(mvm, false);
952 struct iwl_scan_config_v1 *cfg = config;
954 cfg->flags = cpu_to_le32(flags);
955 cfg->tx_chains = cpu_to_le32(iwl_mvm_get_valid_tx_ant(mvm));
956 cfg->rx_chains = cpu_to_le32(iwl_mvm_scan_rx_ant(mvm));
957 cfg->legacy_rates = iwl_mvm_scan_config_rates(mvm);
958 cfg->out_of_channel_time = cpu_to_le32(scan_timing[type].max_out_time);
959 cfg->suspend_time = cpu_to_le32(scan_timing[type].suspend_time);
961 iwl_mvm_fill_scan_dwell(mvm, &cfg->dwell);
963 memcpy(&cfg->mac_addr, &mvm->addresses[0].addr, ETH_ALEN);
965 cfg->bcast_sta_id = mvm->aux_sta.sta_id;
966 cfg->channel_flags = channel_flags;
968 iwl_mvm_fill_channels(mvm, cfg->channel_array);
971 static void iwl_mvm_fill_scan_config(struct iwl_mvm *mvm, void *config,
972 u32 flags, u8 channel_flags)
974 enum iwl_mvm_scan_type type = iwl_mvm_get_scan_type(mvm, false);
975 struct iwl_scan_config *cfg = config;
977 cfg->flags = cpu_to_le32(flags);
978 cfg->tx_chains = cpu_to_le32(iwl_mvm_get_valid_tx_ant(mvm));
979 cfg->rx_chains = cpu_to_le32(iwl_mvm_scan_rx_ant(mvm));
980 cfg->legacy_rates = iwl_mvm_scan_config_rates(mvm);
981 cfg->out_of_channel_time[0] =
982 cpu_to_le32(scan_timing[type].max_out_time);
983 cfg->suspend_time[0] = cpu_to_le32(scan_timing[type].suspend_time);
985 if (iwl_mvm_is_cdb_supported(mvm)) {
986 cfg->suspend_time[1] =
987 cpu_to_le32(scan_timing[type].suspend_time);
988 cfg->out_of_channel_time[1] =
989 cpu_to_le32(scan_timing[type].max_out_time);
992 iwl_mvm_fill_scan_dwell(mvm, &cfg->dwell);
994 memcpy(&cfg->mac_addr, &mvm->addresses[0].addr, ETH_ALEN);
996 cfg->bcast_sta_id = mvm->aux_sta.sta_id;
997 cfg->channel_flags = channel_flags;
999 iwl_mvm_fill_channels(mvm, cfg->channel_array);
1002 int iwl_mvm_config_scan(struct iwl_mvm *mvm)
1006 struct iwl_host_cmd cmd = {
1007 .id = iwl_cmd_id(SCAN_CFG_CMD, IWL_ALWAYS_LONG_GROUP, 0),
1009 enum iwl_mvm_scan_type type = iwl_mvm_get_scan_type(mvm, false);
1011 mvm->nvm_data->bands[NL80211_BAND_2GHZ].n_channels +
1012 mvm->nvm_data->bands[NL80211_BAND_5GHZ].n_channels;
1016 if (WARN_ON(num_channels > mvm->fw->ucode_capa.n_scan_channels))
1019 if (type == mvm->scan_type)
1022 if (iwl_mvm_has_new_tx_api(mvm))
1023 cmd_size = sizeof(struct iwl_scan_config);
1025 cmd_size = sizeof(struct iwl_scan_config_v1);
1026 cmd_size += mvm->fw->ucode_capa.n_scan_channels;
1028 cfg = kzalloc(cmd_size, GFP_KERNEL);
1032 flags = SCAN_CONFIG_FLAG_ACTIVATE |
1033 SCAN_CONFIG_FLAG_ALLOW_CHUB_REQS |
1034 SCAN_CONFIG_FLAG_SET_TX_CHAINS |
1035 SCAN_CONFIG_FLAG_SET_RX_CHAINS |
1036 SCAN_CONFIG_FLAG_SET_AUX_STA_ID |
1037 SCAN_CONFIG_FLAG_SET_ALL_TIMES |
1038 SCAN_CONFIG_FLAG_SET_LEGACY_RATES |
1039 SCAN_CONFIG_FLAG_SET_MAC_ADDR |
1040 SCAN_CONFIG_FLAG_SET_CHANNEL_FLAGS |
1041 SCAN_CONFIG_N_CHANNELS(num_channels) |
1042 (type == IWL_SCAN_TYPE_FRAGMENTED ?
1043 SCAN_CONFIG_FLAG_SET_FRAGMENTED :
1044 SCAN_CONFIG_FLAG_CLEAR_FRAGMENTED);
1046 channel_flags = IWL_CHANNEL_FLAG_EBS |
1047 IWL_CHANNEL_FLAG_ACCURATE_EBS |
1048 IWL_CHANNEL_FLAG_EBS_ADD |
1049 IWL_CHANNEL_FLAG_PRE_SCAN_PASSIVE2ACTIVE;
1051 if (iwl_mvm_has_new_tx_api(mvm)) {
1052 flags |= (type == IWL_SCAN_TYPE_FRAGMENTED) ?
1053 SCAN_CONFIG_FLAG_SET_LMAC2_FRAGMENTED :
1054 SCAN_CONFIG_FLAG_CLEAR_LMAC2_FRAGMENTED;
1055 iwl_mvm_fill_scan_config(mvm, cfg, flags, channel_flags);
1057 iwl_mvm_fill_scan_config_v1(mvm, cfg, flags, channel_flags);
1061 cmd.len[0] = cmd_size;
1062 cmd.dataflags[0] = IWL_HCMD_DFL_NOCOPY;
1064 IWL_DEBUG_SCAN(mvm, "Sending UMAC scan config\n");
1066 ret = iwl_mvm_send_cmd(mvm, &cmd);
1068 mvm->scan_type = type;
1074 static int iwl_mvm_scan_uid_by_status(struct iwl_mvm *mvm, int status)
1078 for (i = 0; i < mvm->max_scans; i++)
1079 if (mvm->scan_uid_status[i] == status)
1085 static void iwl_mvm_scan_umac_dwell(struct iwl_mvm *mvm,
1086 struct iwl_scan_req_umac *cmd,
1087 struct iwl_mvm_scan_params *params)
1089 struct iwl_mvm_scan_timing_params *timing = &scan_timing[params->type];
1091 if (iwl_mvm_is_regular_scan(params))
1092 cmd->ooc_priority = cpu_to_le32(IWL_SCAN_PRIORITY_EXT_6);
1094 cmd->ooc_priority = cpu_to_le32(IWL_SCAN_PRIORITY_EXT_2);
1096 if (iwl_mvm_is_adaptive_dwell_supported(mvm)) {
1097 if (params->measurement_dwell) {
1098 cmd->v7.active_dwell = params->measurement_dwell;
1099 cmd->v7.passive_dwell = params->measurement_dwell;
1101 cmd->v7.active_dwell = IWL_SCAN_DWELL_ACTIVE;
1102 cmd->v7.passive_dwell = IWL_SCAN_DWELL_PASSIVE;
1104 cmd->v7.fragmented_dwell = IWL_SCAN_DWELL_FRAGMENTED;
1106 cmd->v7.scan_priority = cpu_to_le32(IWL_SCAN_PRIORITY_EXT_6);
1107 cmd->v7.max_out_time[SCAN_LB_LMAC_IDX] =
1108 cpu_to_le32(timing->max_out_time);
1109 cmd->v7.suspend_time[SCAN_LB_LMAC_IDX] =
1110 cpu_to_le32(timing->suspend_time);
1111 if (iwl_mvm_is_cdb_supported(mvm)) {
1112 cmd->v7.max_out_time[SCAN_HB_LMAC_IDX] =
1113 cpu_to_le32(timing->max_out_time);
1114 cmd->v7.suspend_time[SCAN_HB_LMAC_IDX] =
1115 cpu_to_le32(timing->suspend_time);
1121 if (params->measurement_dwell) {
1122 cmd->v1.active_dwell = params->measurement_dwell;
1123 cmd->v1.passive_dwell = params->measurement_dwell;
1124 cmd->v1.extended_dwell = params->measurement_dwell;
1126 cmd->v1.active_dwell = IWL_SCAN_DWELL_ACTIVE;
1127 cmd->v1.passive_dwell = IWL_SCAN_DWELL_PASSIVE;
1128 cmd->v1.extended_dwell = IWL_SCAN_DWELL_EXTENDED;
1130 cmd->v1.fragmented_dwell = IWL_SCAN_DWELL_FRAGMENTED;
1132 if (iwl_mvm_has_new_tx_api(mvm)) {
1133 cmd->v6.scan_priority = cpu_to_le32(IWL_SCAN_PRIORITY_EXT_6);
1134 cmd->v6.max_out_time[SCAN_LB_LMAC_IDX] =
1135 cpu_to_le32(timing->max_out_time);
1136 cmd->v6.suspend_time[SCAN_LB_LMAC_IDX] =
1137 cpu_to_le32(timing->suspend_time);
1138 if (iwl_mvm_is_cdb_supported(mvm)) {
1139 cmd->v6.max_out_time[SCAN_HB_LMAC_IDX] =
1140 cpu_to_le32(timing->max_out_time);
1141 cmd->v6.suspend_time[SCAN_HB_LMAC_IDX] =
1142 cpu_to_le32(timing->suspend_time);
1145 cmd->v1.max_out_time = cpu_to_le32(timing->max_out_time);
1146 cmd->v1.suspend_time = cpu_to_le32(timing->suspend_time);
1147 cmd->v1.scan_priority =
1148 cpu_to_le32(IWL_SCAN_PRIORITY_EXT_6);
1153 iwl_mvm_umac_scan_cfg_channels(struct iwl_mvm *mvm,
1154 struct ieee80211_channel **channels,
1155 int n_channels, u32 ssid_bitmap,
1156 struct iwl_scan_channel_cfg_umac *channel_cfg)
1160 for (i = 0; i < n_channels; i++) {
1161 channel_cfg[i].flags = cpu_to_le32(ssid_bitmap);
1162 channel_cfg[i].channel_num = channels[i]->hw_value;
1163 channel_cfg[i].iter_count = 1;
1164 channel_cfg[i].iter_interval = 0;
1168 static u16 iwl_mvm_scan_umac_flags(struct iwl_mvm *mvm,
1169 struct iwl_mvm_scan_params *params,
1170 struct ieee80211_vif *vif)
1174 if (params->n_ssids == 0)
1175 flags = IWL_UMAC_SCAN_GEN_FLAGS_PASSIVE;
1177 if (params->n_ssids == 1 && params->ssids[0].ssid_len != 0)
1178 flags |= IWL_UMAC_SCAN_GEN_FLAGS_PRE_CONNECT;
1180 if (params->type == IWL_SCAN_TYPE_FRAGMENTED) {
1181 flags |= IWL_UMAC_SCAN_GEN_FLAGS_FRAGMENTED;
1182 if (iwl_mvm_is_cdb_supported(mvm))
1183 flags |= IWL_UMAC_SCAN_GEN_FLAGS_LMAC2_FRAGMENTED;
1186 if (iwl_mvm_rrm_scan_needed(mvm))
1187 flags |= IWL_UMAC_SCAN_GEN_FLAGS_RRM_ENABLED;
1189 if (params->pass_all)
1190 flags |= IWL_UMAC_SCAN_GEN_FLAGS_PASS_ALL;
1192 flags |= IWL_UMAC_SCAN_GEN_FLAGS_MATCH;
1194 if (!iwl_mvm_is_regular_scan(params))
1195 flags |= IWL_UMAC_SCAN_GEN_FLAGS_PERIODIC;
1197 if (params->measurement_dwell)
1198 flags |= IWL_UMAC_SCAN_GEN_FLAGS_ITER_COMPLETE;
1200 #ifdef CONFIG_IWLWIFI_DEBUGFS
1201 if (mvm->scan_iter_notif_enabled)
1202 flags |= IWL_UMAC_SCAN_GEN_FLAGS_ITER_COMPLETE;
1205 if (mvm->sched_scan_pass_all == SCHED_SCAN_PASS_ALL_ENABLED)
1206 flags |= IWL_UMAC_SCAN_GEN_FLAGS_ITER_COMPLETE;
1208 if (iwl_mvm_is_regular_scan(params) &&
1209 vif->type != NL80211_IFTYPE_P2P_DEVICE &&
1210 params->type != IWL_SCAN_TYPE_FRAGMENTED)
1211 flags |= IWL_UMAC_SCAN_GEN_FLAGS_EXTENDED_DWELL;
1216 static int iwl_mvm_scan_umac(struct iwl_mvm *mvm, struct ieee80211_vif *vif,
1217 struct iwl_mvm_scan_params *params,
1220 struct iwl_scan_req_umac *cmd = mvm->scan_cmd;
1221 void *cmd_data = iwl_mvm_get_scan_req_umac_data(mvm);
1222 struct iwl_scan_req_umac_tail *sec_part = cmd_data +
1223 sizeof(struct iwl_scan_channel_cfg_umac) *
1224 mvm->fw->ucode_capa.n_scan_channels;
1226 u32 ssid_bitmap = 0;
1227 u8 channel_flags = 0;
1228 struct iwl_mvm_vif *scan_vif = iwl_mvm_vif_from_mac80211(vif);
1230 lockdep_assert_held(&mvm->mutex);
1232 if (WARN_ON(params->n_scan_plans > IWL_MAX_SCHED_SCAN_PLANS))
1235 uid = iwl_mvm_scan_uid_by_status(mvm, 0);
1239 memset(cmd, 0, ksize(cmd));
1241 iwl_mvm_scan_umac_dwell(mvm, cmd, params);
1243 mvm->scan_uid_status[uid] = type;
1245 cmd->uid = cpu_to_le32(uid);
1246 cmd->general_flags = cpu_to_le16(iwl_mvm_scan_umac_flags(mvm, params,
1248 cmd->scan_start_mac_id = scan_vif->id;
1250 if (type == IWL_MVM_SCAN_SCHED || type == IWL_MVM_SCAN_NETDETECT)
1251 cmd->flags = cpu_to_le32(IWL_UMAC_SCAN_FLAG_PREEMPTIVE);
1253 if (iwl_mvm_scan_use_ebs(mvm, vif))
1254 channel_flags = IWL_SCAN_CHANNEL_FLAG_EBS |
1255 IWL_SCAN_CHANNEL_FLAG_EBS_ACCURATE |
1256 IWL_SCAN_CHANNEL_FLAG_CACHE_ADD;
1258 if (iwl_mvm_is_adaptive_dwell_supported(mvm)) {
1259 cmd->v7.channel_flags = channel_flags;
1260 cmd->v7.n_channels = params->n_channels;
1261 } else if (iwl_mvm_has_new_tx_api(mvm)) {
1262 cmd->v6.channel_flags = channel_flags;
1263 cmd->v6.n_channels = params->n_channels;
1265 cmd->v1.channel_flags = channel_flags;
1266 cmd->v1.n_channels = params->n_channels;
1269 iwl_scan_build_ssids(params, sec_part->direct_scan, &ssid_bitmap);
1271 iwl_mvm_umac_scan_cfg_channels(mvm, params->channels,
1272 params->n_channels, ssid_bitmap,
1275 for (i = 0; i < params->n_scan_plans; i++) {
1276 struct cfg80211_sched_scan_plan *scan_plan =
1277 ¶ms->scan_plans[i];
1279 sec_part->schedule[i].iter_count = scan_plan->iterations;
1280 sec_part->schedule[i].interval =
1281 cpu_to_le16(scan_plan->interval);
1285 * If the number of iterations of the last scan plan is set to
1286 * zero, it should run infinitely. However, this is not always the case.
1287 * For example, when regular scan is requested the driver sets one scan
1288 * plan with one iteration.
1290 if (!sec_part->schedule[i - 1].iter_count)
1291 sec_part->schedule[i - 1].iter_count = 0xff;
1293 sec_part->delay = cpu_to_le16(params->delay);
1294 sec_part->preq = params->preq;
1299 static int iwl_mvm_num_scans(struct iwl_mvm *mvm)
1301 return hweight32(mvm->scan_status & IWL_MVM_SCAN_MASK);
1304 static int iwl_mvm_check_running_scans(struct iwl_mvm *mvm, int type)
1306 bool unified_image = fw_has_capa(&mvm->fw->ucode_capa,
1307 IWL_UCODE_TLV_CAPA_CNSLDTD_D3_D0_IMG);
1309 /* This looks a bit arbitrary, but the idea is that if we run
1310 * out of possible simultaneous scans and the userspace is
1311 * trying to run a scan type that is already running, we
1312 * return -EBUSY. But if the userspace wants to start a
1313 * different type of scan, we stop the opposite type to make
1314 * space for the new request. The reason is backwards
1315 * compatibility with old wpa_supplicant that wouldn't stop a
1316 * scheduled scan before starting a normal scan.
1319 if (iwl_mvm_num_scans(mvm) < mvm->max_scans)
1322 /* Use a switch, even though this is a bitmask, so that more
1323 * than one bits set will fall in default and we will warn.
1326 case IWL_MVM_SCAN_REGULAR:
1327 if (mvm->scan_status & IWL_MVM_SCAN_REGULAR_MASK)
1329 return iwl_mvm_scan_stop(mvm, IWL_MVM_SCAN_SCHED, true);
1330 case IWL_MVM_SCAN_SCHED:
1331 if (mvm->scan_status & IWL_MVM_SCAN_SCHED_MASK)
1333 return iwl_mvm_scan_stop(mvm, IWL_MVM_SCAN_REGULAR, true);
1334 case IWL_MVM_SCAN_NETDETECT:
1335 /* For non-unified images, there's no need to stop
1336 * anything for net-detect since the firmware is
1337 * restarted anyway. This way, any sched scans that
1338 * were running will be restarted when we resume.
1343 /* If this is a unified image and we ran out of scans,
1344 * we need to stop something. Prefer stopping regular
1345 * scans, because the results are useless at this
1346 * point, and we should be able to keep running
1347 * another scheduled scan while suspended.
1349 if (mvm->scan_status & IWL_MVM_SCAN_REGULAR_MASK)
1350 return iwl_mvm_scan_stop(mvm, IWL_MVM_SCAN_REGULAR,
1352 if (mvm->scan_status & IWL_MVM_SCAN_SCHED_MASK)
1353 return iwl_mvm_scan_stop(mvm, IWL_MVM_SCAN_SCHED,
1356 /* fall through, something is wrong if no scan was
1357 * running but we ran out of scans.
1367 #define SCAN_TIMEOUT 30000
1369 void iwl_mvm_scan_timeout_wk(struct work_struct *work)
1371 struct delayed_work *delayed_work = to_delayed_work(work);
1372 struct iwl_mvm *mvm = container_of(delayed_work, struct iwl_mvm,
1373 scan_timeout_dwork);
1375 IWL_ERR(mvm, "regular scan timed out\n");
1377 iwl_force_nmi(mvm->trans);
1380 int iwl_mvm_reg_scan_start(struct iwl_mvm *mvm, struct ieee80211_vif *vif,
1381 struct cfg80211_scan_request *req,
1382 struct ieee80211_scan_ies *ies)
1384 struct iwl_host_cmd hcmd = {
1385 .len = { iwl_mvm_scan_size(mvm), },
1386 .data = { mvm->scan_cmd, },
1387 .dataflags = { IWL_HCMD_DFL_NOCOPY, },
1389 struct iwl_mvm_scan_params params = {};
1391 struct cfg80211_sched_scan_plan scan_plan = { .iterations = 1 };
1393 lockdep_assert_held(&mvm->mutex);
1395 if (iwl_mvm_is_lar_supported(mvm) && !mvm->lar_regdom_set) {
1396 IWL_ERR(mvm, "scan while LAR regdomain is not set\n");
1400 ret = iwl_mvm_check_running_scans(mvm, IWL_MVM_SCAN_REGULAR);
1404 /* we should have failed registration if scan_cmd was NULL */
1405 if (WARN_ON(!mvm->scan_cmd))
1408 if (!iwl_mvm_scan_fits(mvm, req->n_ssids, ies, req->n_channels))
1411 params.n_ssids = req->n_ssids;
1412 params.flags = req->flags;
1413 params.n_channels = req->n_channels;
1415 params.ssids = req->ssids;
1416 params.channels = req->channels;
1417 params.mac_addr = req->mac_addr;
1418 params.mac_addr_mask = req->mac_addr_mask;
1419 params.no_cck = req->no_cck;
1420 params.pass_all = true;
1421 params.n_match_sets = 0;
1422 params.match_sets = NULL;
1424 params.scan_plans = &scan_plan;
1425 params.n_scan_plans = 1;
1428 iwl_mvm_get_scan_type(mvm,
1429 vif->type == NL80211_IFTYPE_P2P_DEVICE);
1431 ret = iwl_mvm_get_measurement_dwell(mvm, req, ¶ms);
1435 params.measurement_dwell = ret;
1437 iwl_mvm_build_scan_probe(mvm, vif, ies, ¶ms);
1439 if (fw_has_capa(&mvm->fw->ucode_capa, IWL_UCODE_TLV_CAPA_UMAC_SCAN)) {
1440 hcmd.id = iwl_cmd_id(SCAN_REQ_UMAC, IWL_ALWAYS_LONG_GROUP, 0);
1441 ret = iwl_mvm_scan_umac(mvm, vif, ¶ms,
1442 IWL_MVM_SCAN_REGULAR);
1444 hcmd.id = SCAN_OFFLOAD_REQUEST_CMD;
1445 ret = iwl_mvm_scan_lmac(mvm, vif, ¶ms);
1451 ret = iwl_mvm_send_cmd(mvm, &hcmd);
1453 /* If the scan failed, it usually means that the FW was unable
1454 * to allocate the time events. Warn on it, but maybe we
1455 * should try to send the command again with different params.
1457 IWL_ERR(mvm, "Scan failed! ret %d\n", ret);
1461 IWL_DEBUG_SCAN(mvm, "Scan request was sent successfully\n");
1462 mvm->scan_status |= IWL_MVM_SCAN_REGULAR;
1463 mvm->scan_vif = iwl_mvm_vif_from_mac80211(vif);
1464 iwl_mvm_ref(mvm, IWL_MVM_REF_SCAN);
1466 schedule_delayed_work(&mvm->scan_timeout_dwork,
1467 msecs_to_jiffies(SCAN_TIMEOUT));
1472 int iwl_mvm_sched_scan_start(struct iwl_mvm *mvm,
1473 struct ieee80211_vif *vif,
1474 struct cfg80211_sched_scan_request *req,
1475 struct ieee80211_scan_ies *ies,
1478 struct iwl_host_cmd hcmd = {
1479 .len = { iwl_mvm_scan_size(mvm), },
1480 .data = { mvm->scan_cmd, },
1481 .dataflags = { IWL_HCMD_DFL_NOCOPY, },
1483 struct iwl_mvm_scan_params params = {};
1486 lockdep_assert_held(&mvm->mutex);
1488 if (iwl_mvm_is_lar_supported(mvm) && !mvm->lar_regdom_set) {
1489 IWL_ERR(mvm, "sched-scan while LAR regdomain is not set\n");
1493 ret = iwl_mvm_check_running_scans(mvm, type);
1497 /* we should have failed registration if scan_cmd was NULL */
1498 if (WARN_ON(!mvm->scan_cmd))
1501 if (!iwl_mvm_scan_fits(mvm, req->n_ssids, ies, req->n_channels))
1504 params.n_ssids = req->n_ssids;
1505 params.flags = req->flags;
1506 params.n_channels = req->n_channels;
1507 params.ssids = req->ssids;
1508 params.channels = req->channels;
1509 params.mac_addr = req->mac_addr;
1510 params.mac_addr_mask = req->mac_addr_mask;
1511 params.no_cck = false;
1512 params.pass_all = iwl_mvm_scan_pass_all(mvm, req);
1513 params.n_match_sets = req->n_match_sets;
1514 params.match_sets = req->match_sets;
1515 if (!req->n_scan_plans)
1518 params.n_scan_plans = req->n_scan_plans;
1519 params.scan_plans = req->scan_plans;
1522 iwl_mvm_get_scan_type(mvm,
1523 vif->type == NL80211_IFTYPE_P2P_DEVICE);
1525 /* In theory, LMAC scans can handle a 32-bit delay, but since
1526 * waiting for over 18 hours to start the scan is a bit silly
1527 * and to keep it aligned with UMAC scans (which only support
1528 * 16-bit delays), trim it down to 16-bits.
1530 if (req->delay > U16_MAX) {
1532 "delay value is > 16-bits, set to max possible\n");
1533 params.delay = U16_MAX;
1535 params.delay = req->delay;
1538 ret = iwl_mvm_config_sched_scan_profiles(mvm, req);
1542 iwl_mvm_build_scan_probe(mvm, vif, ies, ¶ms);
1544 if (fw_has_capa(&mvm->fw->ucode_capa, IWL_UCODE_TLV_CAPA_UMAC_SCAN)) {
1545 hcmd.id = iwl_cmd_id(SCAN_REQ_UMAC, IWL_ALWAYS_LONG_GROUP, 0);
1546 ret = iwl_mvm_scan_umac(mvm, vif, ¶ms, type);
1548 hcmd.id = SCAN_OFFLOAD_REQUEST_CMD;
1549 ret = iwl_mvm_scan_lmac(mvm, vif, ¶ms);
1555 ret = iwl_mvm_send_cmd(mvm, &hcmd);
1558 "Sched scan request was sent successfully\n");
1559 mvm->scan_status |= type;
1561 /* If the scan failed, it usually means that the FW was unable
1562 * to allocate the time events. Warn on it, but maybe we
1563 * should try to send the command again with different params.
1565 IWL_ERR(mvm, "Sched scan failed! ret %d\n", ret);
1571 void iwl_mvm_rx_umac_scan_complete_notif(struct iwl_mvm *mvm,
1572 struct iwl_rx_cmd_buffer *rxb)
1574 struct iwl_rx_packet *pkt = rxb_addr(rxb);
1575 struct iwl_umac_scan_complete *notif = (void *)pkt->data;
1576 u32 uid = __le32_to_cpu(notif->uid);
1577 bool aborted = (notif->status == IWL_SCAN_OFFLOAD_ABORTED);
1579 if (WARN_ON(!(mvm->scan_uid_status[uid] & mvm->scan_status)))
1582 /* if the scan is already stopping, we don't need to notify mac80211 */
1583 if (mvm->scan_uid_status[uid] == IWL_MVM_SCAN_REGULAR) {
1584 struct cfg80211_scan_info info = {
1586 .scan_start_tsf = mvm->scan_start,
1589 memcpy(info.tsf_bssid, mvm->scan_vif->bssid, ETH_ALEN);
1590 ieee80211_scan_completed(mvm->hw, &info);
1591 mvm->scan_vif = NULL;
1592 iwl_mvm_unref(mvm, IWL_MVM_REF_SCAN);
1593 cancel_delayed_work(&mvm->scan_timeout_dwork);
1594 } else if (mvm->scan_uid_status[uid] == IWL_MVM_SCAN_SCHED) {
1595 ieee80211_sched_scan_stopped(mvm->hw);
1596 mvm->sched_scan_pass_all = SCHED_SCAN_PASS_ALL_DISABLED;
1599 mvm->scan_status &= ~mvm->scan_uid_status[uid];
1601 "Scan completed, uid %u type %u, status %s, EBS status %s\n",
1602 uid, mvm->scan_uid_status[uid],
1603 notif->status == IWL_SCAN_OFFLOAD_COMPLETED ?
1604 "completed" : "aborted",
1605 iwl_mvm_ebs_status_str(notif->ebs_status));
1607 "Last line %d, Last iteration %d, Time from last iteration %d\n",
1608 notif->last_schedule, notif->last_iter,
1609 __le32_to_cpu(notif->time_from_last_iter));
1611 if (notif->ebs_status != IWL_SCAN_EBS_SUCCESS &&
1612 notif->ebs_status != IWL_SCAN_EBS_INACTIVE)
1613 mvm->last_ebs_successful = false;
1615 mvm->scan_uid_status[uid] = 0;
1618 void iwl_mvm_rx_umac_scan_iter_complete_notif(struct iwl_mvm *mvm,
1619 struct iwl_rx_cmd_buffer *rxb)
1621 struct iwl_rx_packet *pkt = rxb_addr(rxb);
1622 struct iwl_umac_scan_iter_complete_notif *notif = (void *)pkt->data;
1624 mvm->scan_start = le64_to_cpu(notif->start_tsf);
1627 "UMAC Scan iteration complete: status=0x%x scanned_channels=%d\n",
1628 notif->status, notif->scanned_channels);
1630 if (mvm->sched_scan_pass_all == SCHED_SCAN_PASS_ALL_FOUND) {
1631 IWL_DEBUG_SCAN(mvm, "Pass all scheduled scan results found\n");
1632 ieee80211_sched_scan_results(mvm->hw);
1633 mvm->sched_scan_pass_all = SCHED_SCAN_PASS_ALL_ENABLED;
1637 "UMAC Scan iteration complete: scan started at %llu (TSF)\n",
1641 static int iwl_mvm_umac_scan_abort(struct iwl_mvm *mvm, int type)
1643 struct iwl_umac_scan_abort cmd = {};
1646 lockdep_assert_held(&mvm->mutex);
1648 /* We should always get a valid index here, because we already
1649 * checked that this type of scan was running in the generic
1652 uid = iwl_mvm_scan_uid_by_status(mvm, type);
1653 if (WARN_ON_ONCE(uid < 0))
1656 cmd.uid = cpu_to_le32(uid);
1658 IWL_DEBUG_SCAN(mvm, "Sending scan abort, uid %u\n", uid);
1660 ret = iwl_mvm_send_cmd_pdu(mvm,
1661 iwl_cmd_id(SCAN_ABORT_UMAC,
1662 IWL_ALWAYS_LONG_GROUP, 0),
1663 0, sizeof(cmd), &cmd);
1665 mvm->scan_uid_status[uid] = type << IWL_MVM_SCAN_STOPPING_SHIFT;
1670 static int iwl_mvm_scan_stop_wait(struct iwl_mvm *mvm, int type)
1672 struct iwl_notification_wait wait_scan_done;
1673 static const u16 scan_done_notif[] = { SCAN_COMPLETE_UMAC,
1674 SCAN_OFFLOAD_COMPLETE, };
1677 lockdep_assert_held(&mvm->mutex);
1679 iwl_init_notification_wait(&mvm->notif_wait, &wait_scan_done,
1681 ARRAY_SIZE(scan_done_notif),
1684 IWL_DEBUG_SCAN(mvm, "Preparing to stop scan, type %x\n", type);
1686 if (fw_has_capa(&mvm->fw->ucode_capa, IWL_UCODE_TLV_CAPA_UMAC_SCAN))
1687 ret = iwl_mvm_umac_scan_abort(mvm, type);
1689 ret = iwl_mvm_lmac_scan_abort(mvm);
1692 IWL_DEBUG_SCAN(mvm, "couldn't stop scan type %d\n", type);
1693 iwl_remove_notification(&mvm->notif_wait, &wait_scan_done);
1697 ret = iwl_wait_notification(&mvm->notif_wait, &wait_scan_done, 1 * HZ);
1702 int iwl_mvm_scan_size(struct iwl_mvm *mvm)
1704 int base_size = IWL_SCAN_REQ_UMAC_SIZE_V1;
1706 if (iwl_mvm_is_adaptive_dwell_supported(mvm))
1707 base_size = IWL_SCAN_REQ_UMAC_SIZE_V7;
1708 else if (iwl_mvm_has_new_tx_api(mvm))
1709 base_size = IWL_SCAN_REQ_UMAC_SIZE_V6;
1711 if (fw_has_capa(&mvm->fw->ucode_capa, IWL_UCODE_TLV_CAPA_UMAC_SCAN))
1713 sizeof(struct iwl_scan_channel_cfg_umac) *
1714 mvm->fw->ucode_capa.n_scan_channels +
1715 sizeof(struct iwl_scan_req_umac_tail);
1717 return sizeof(struct iwl_scan_req_lmac) +
1718 sizeof(struct iwl_scan_channel_cfg_lmac) *
1719 mvm->fw->ucode_capa.n_scan_channels +
1720 sizeof(struct iwl_scan_probe_req);
1724 * This function is used in nic restart flow, to inform mac80211 about scans
1725 * that was aborted by restart flow or by an assert.
1727 void iwl_mvm_report_scan_aborted(struct iwl_mvm *mvm)
1729 if (fw_has_capa(&mvm->fw->ucode_capa, IWL_UCODE_TLV_CAPA_UMAC_SCAN)) {
1732 uid = iwl_mvm_scan_uid_by_status(mvm, IWL_MVM_SCAN_REGULAR);
1734 struct cfg80211_scan_info info = {
1738 ieee80211_scan_completed(mvm->hw, &info);
1739 mvm->scan_uid_status[uid] = 0;
1741 uid = iwl_mvm_scan_uid_by_status(mvm, IWL_MVM_SCAN_SCHED);
1742 if (uid >= 0 && !mvm->fw_restart) {
1743 ieee80211_sched_scan_stopped(mvm->hw);
1744 mvm->sched_scan_pass_all = SCHED_SCAN_PASS_ALL_DISABLED;
1745 mvm->scan_uid_status[uid] = 0;
1748 /* We shouldn't have any UIDs still set. Loop over all the
1749 * UIDs to make sure there's nothing left there and warn if
1752 for (i = 0; i < mvm->max_scans; i++) {
1753 if (WARN_ONCE(mvm->scan_uid_status[i],
1754 "UMAC scan UID %d status was not cleaned\n",
1756 mvm->scan_uid_status[i] = 0;
1759 if (mvm->scan_status & IWL_MVM_SCAN_REGULAR) {
1760 struct cfg80211_scan_info info = {
1764 ieee80211_scan_completed(mvm->hw, &info);
1767 /* Sched scan will be restarted by mac80211 in
1768 * restart_hw, so do not report if FW is about to be
1771 if ((mvm->scan_status & IWL_MVM_SCAN_SCHED) &&
1773 ieee80211_sched_scan_stopped(mvm->hw);
1774 mvm->sched_scan_pass_all = SCHED_SCAN_PASS_ALL_DISABLED;
1779 int iwl_mvm_scan_stop(struct iwl_mvm *mvm, int type, bool notify)
1783 if (!(mvm->scan_status & type))
1786 if (iwl_mvm_is_radio_killed(mvm)) {
1791 ret = iwl_mvm_scan_stop_wait(mvm, type);
1793 mvm->scan_status |= type << IWL_MVM_SCAN_STOPPING_SHIFT;
1795 /* Clear the scan status so the next scan requests will
1796 * succeed and mark the scan as stopping, so that the Rx
1797 * handler doesn't do anything, as the scan was stopped from
1800 mvm->scan_status &= ~type;
1802 if (type == IWL_MVM_SCAN_REGULAR) {
1803 /* Since the rx handler won't do anything now, we have
1804 * to release the scan reference here.
1806 iwl_mvm_unref(mvm, IWL_MVM_REF_SCAN);
1807 cancel_delayed_work(&mvm->scan_timeout_dwork);
1809 struct cfg80211_scan_info info = {
1813 ieee80211_scan_completed(mvm->hw, &info);
1815 } else if (notify) {
1816 ieee80211_sched_scan_stopped(mvm->hw);
1817 mvm->sched_scan_pass_all = SCHED_SCAN_PASS_ALL_DISABLED;
projects / releases.git / blob