1/****************************************************************************** 2 * 3 * This file is provided under a dual BSD/GPLv2 license. When using or 4 * redistributing this file, you may do so under either license. 5 * 6 * GPL LICENSE SUMMARY 7 * 8 * Copyright(c) 2012 - 2014 Intel Corporation. All rights reserved. 9 * Copyright(c) 2013 - 2014 Intel Mobile Communications GmbH 10 * 11 * This program is free software; you can redistribute it and/or modify 12 * it under the terms of version 2 of the GNU General Public License as 13 * published by the Free Software Foundation. 14 * 15 * This program is distributed in the hope that it will be useful, but 16 * WITHOUT ANY WARRANTY; without even the implied warranty of 17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 18 * General Public License for more details. 19 * 20 * You should have received a copy of the GNU General Public License 21 * along with this program; if not, write to the Free Software 22 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110, 23 * USA 24 * 25 * The full GNU General Public License is included in this distribution 26 * in the file called COPYING. 27 * 28 * Contact Information: 29 * Intel Linux Wireless <ilw@linux.intel.com> 30 * Intel Corporation, 5200 N.E. Elam Young Parkway, Hillsboro, OR 97124-6497 31 * 32 * BSD LICENSE 33 * 34 * Copyright(c) 2012 - 2014 Intel Corporation. All rights reserved. 35 * Copyright(c) 2013 - 2014 Intel Mobile Communications GmbH 36 * All rights reserved. 37 * 38 * Redistribution and use in source and binary forms, with or without 39 * modification, are permitted provided that the following conditions 40 * are met: 41 * 42 * * Redistributions of source code must retain the above copyright 43 * notice, this list of conditions and the following disclaimer. 44 * * Redistributions in binary form must reproduce the above copyright 45 * notice, this list of conditions and the following disclaimer in 46 * the documentation and/or other materials provided with the 47 * distribution. 48 * * Neither the name Intel Corporation nor the names of its 49 * contributors may be used to endorse or promote products derived 50 * from this software without specific prior written permission. 51 * 52 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 53 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 54 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 55 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 56 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 57 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 58 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 59 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 60 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 61 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 62 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 63 * 64 *****************************************************************************/ 65 66#include <linux/etherdevice.h> 67#include <net/mac80211.h> 68 69#include "mvm.h" 70#include "iwl-eeprom-parse.h" 71#include "fw-api-scan.h" 72 73#define IWL_PLCP_QUIET_THRESH 1 74#define IWL_ACTIVE_QUIET_TIME 10 75 76struct iwl_mvm_scan_params { 77 u32 max_out_time; 78 u32 suspend_time; 79 bool passive_fragmented; 80 struct _dwell { 81 u16 passive; 82 u16 active; 83 } dwell[IEEE80211_NUM_BANDS]; 84}; 85 86static inline __le16 iwl_mvm_scan_rx_chain(struct iwl_mvm *mvm) 87{ 88 u16 rx_chain; 89 u8 rx_ant; 90 91 if (mvm->scan_rx_ant != ANT_NONE) 92 rx_ant = mvm->scan_rx_ant; 93 else 94 rx_ant = mvm->fw->valid_rx_ant; 95 rx_chain = rx_ant << PHY_RX_CHAIN_VALID_POS; 96 rx_chain |= rx_ant << PHY_RX_CHAIN_FORCE_MIMO_SEL_POS; 97 rx_chain |= rx_ant << PHY_RX_CHAIN_FORCE_SEL_POS; 98 rx_chain |= 0x1 << PHY_RX_CHAIN_DRIVER_FORCE_POS; 99 return cpu_to_le16(rx_chain); 100} 101 102static __le32 iwl_mvm_scan_rxon_flags(enum ieee80211_band band) 103{ 104 if (band == IEEE80211_BAND_2GHZ) 105 return cpu_to_le32(PHY_BAND_24); 106 else 107 return cpu_to_le32(PHY_BAND_5); 108} 109 110static inline __le32 111iwl_mvm_scan_rate_n_flags(struct iwl_mvm *mvm, enum ieee80211_band band, 112 bool no_cck) 113{ 114 u32 tx_ant; 115 116 mvm->scan_last_antenna_idx = 117 iwl_mvm_next_antenna(mvm, mvm->fw->valid_tx_ant, 118 mvm->scan_last_antenna_idx); 119 tx_ant = BIT(mvm->scan_last_antenna_idx) << RATE_MCS_ANT_POS; 120 121 if (band == IEEE80211_BAND_2GHZ && !no_cck) 122 return cpu_to_le32(IWL_RATE_1M_PLCP | RATE_MCS_CCK_MSK | 123 tx_ant); 124 else 125 return cpu_to_le32(IWL_RATE_6M_PLCP | tx_ant); 126} 127 128/* 129 * We insert the SSIDs in an inverted order, because the FW will 130 * invert it back. The most prioritized SSID, which is first in the 131 * request list, is not copied here, but inserted directly to the probe 132 * request. 133 */ 134static void iwl_mvm_scan_fill_ssids(struct iwl_ssid_ie *cmd_ssid, 135 struct cfg80211_ssid *ssids, 136 int n_ssids, int first) 137{ 138 int fw_idx, req_idx; 139 140 for (req_idx = n_ssids - 1, fw_idx = 0; req_idx >= first; 141 req_idx--, fw_idx++) { 142 cmd_ssid[fw_idx].id = WLAN_EID_SSID; 143 cmd_ssid[fw_idx].len = ssids[req_idx].ssid_len; 144 memcpy(cmd_ssid[fw_idx].ssid, 145 ssids[req_idx].ssid, 146 ssids[req_idx].ssid_len); 147 } 148} 149 150/* 151 * If req->n_ssids > 0, it means we should do an active scan. 152 * In case of active scan w/o directed scan, we receive a zero-length SSID 153 * just to notify that this scan is active and not passive. 154 * In order to notify the FW of the number of SSIDs we wish to scan (including 155 * the zero-length one), we need to set the corresponding bits in chan->type, 156 * one for each SSID, and set the active bit (first). If the first SSID is 157 * already included in the probe template, so we need to set only 158 * req->n_ssids - 1 bits in addition to the first bit. 159 */ 160static u16 iwl_mvm_get_active_dwell(enum ieee80211_band band, int n_ssids) 161{ 162 if (band == IEEE80211_BAND_2GHZ) 163 return 20 + 3 * (n_ssids + 1); 164 return 10 + 2 * (n_ssids + 1); 165} 166 167static u16 iwl_mvm_get_passive_dwell(enum ieee80211_band band) 168{ 169 return band == IEEE80211_BAND_2GHZ ? 100 + 20 : 100 + 10; 170} 171 172static void iwl_mvm_scan_fill_channels(struct iwl_scan_cmd *cmd, 173 struct cfg80211_scan_request *req, 174 bool basic_ssid, 175 struct iwl_mvm_scan_params *params) 176{ 177 struct iwl_scan_channel *chan = (struct iwl_scan_channel *) 178 (cmd->data + le16_to_cpu(cmd->tx_cmd.len)); 179 int i; 180 int type = BIT(req->n_ssids) - 1; 181 enum ieee80211_band band = req->channels[0]->band; 182 183 if (!basic_ssid) 184 type |= BIT(req->n_ssids); 185 186 for (i = 0; i < cmd->channel_count; i++) { 187 chan->channel = cpu_to_le16(req->channels[i]->hw_value); 188 chan->type = cpu_to_le32(type); 189 if (req->channels[i]->flags & IEEE80211_CHAN_NO_IR) 190 chan->type &= cpu_to_le32(~SCAN_CHANNEL_TYPE_ACTIVE); 191 chan->active_dwell = cpu_to_le16(params->dwell[band].active); 192 chan->passive_dwell = cpu_to_le16(params->dwell[band].passive); 193 chan->iteration_count = cpu_to_le16(1); 194 chan++; 195 } 196} 197 198/* 199 * Fill in probe request with the following parameters: 200 * TA is our vif HW address, which mac80211 ensures we have. 201 * Packet is broadcasted, so this is both SA and DA. 202 * The probe request IE is made out of two: first comes the most prioritized 203 * SSID if a directed scan is requested. Second comes whatever extra 204 * information was given to us as the scan request IE. 205 */ 206static u16 iwl_mvm_fill_probe_req(struct ieee80211_mgmt *frame, const u8 *ta, 207 int n_ssids, const u8 *ssid, int ssid_len, 208 const u8 *band_ie, int band_ie_len, 209 const u8 *common_ie, int common_ie_len, 210 int left) 211{ 212 int len = 0; 213 u8 *pos = NULL; 214 215 /* Make sure there is enough space for the probe request, 216 * two mandatory IEs and the data */ 217 left -= 24; 218 if (left < 0) 219 return 0; 220 221 frame->frame_control = cpu_to_le16(IEEE80211_STYPE_PROBE_REQ); 222 eth_broadcast_addr(frame->da); 223 memcpy(frame->sa, ta, ETH_ALEN); 224 eth_broadcast_addr(frame->bssid); 225 frame->seq_ctrl = 0; 226 227 len += 24; 228 229 /* for passive scans, no need to fill anything */ 230 if (n_ssids == 0) 231 return (u16)len; 232 233 /* points to the payload of the request */ 234 pos = &frame->u.probe_req.variable[0]; 235 236 /* fill in our SSID IE */ 237 left -= ssid_len + 2; 238 if (left < 0) 239 return 0; 240 *pos++ = WLAN_EID_SSID; 241 *pos++ = ssid_len; 242 if (ssid && ssid_len) { /* ssid_len may be == 0 even if ssid is valid */ 243 memcpy(pos, ssid, ssid_len); 244 pos += ssid_len; 245 } 246 247 len += ssid_len + 2; 248 249 if (WARN_ON(left < band_ie_len + common_ie_len)) 250 return len; 251 252 if (band_ie && band_ie_len) { 253 memcpy(pos, band_ie, band_ie_len); 254 pos += band_ie_len; 255 len += band_ie_len; 256 } 257 258 if (common_ie && common_ie_len) { 259 memcpy(pos, common_ie, common_ie_len); 260 pos += common_ie_len; 261 len += common_ie_len; 262 } 263 264 return (u16)len; 265} 266 267static void iwl_mvm_scan_condition_iterator(void *data, u8 *mac, 268 struct ieee80211_vif *vif) 269{ 270 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 271 bool *global_bound = data; 272 273 if (mvmvif->phy_ctxt && mvmvif->phy_ctxt->id < MAX_PHYS) 274 *global_bound = true; 275} 276 277static void iwl_mvm_scan_calc_params(struct iwl_mvm *mvm, 278 struct ieee80211_vif *vif, 279 int n_ssids, u32 flags, 280 struct iwl_mvm_scan_params *params) 281{ 282 bool global_bound = false; 283 enum ieee80211_band band; 284 u8 frag_passive_dwell = 0; 285 286 ieee80211_iterate_active_interfaces_atomic(mvm->hw, 287 IEEE80211_IFACE_ITER_NORMAL, 288 iwl_mvm_scan_condition_iterator, 289 &global_bound); 290 291 if (!global_bound) 292 goto not_bound; 293 294 params->suspend_time = 30; 295 params->max_out_time = 170; 296 297 if (iwl_mvm_low_latency(mvm)) { 298 if (mvm->fw->ucode_capa.api[0] & 299 IWL_UCODE_TLV_API_FRAGMENTED_SCAN) { 300 params->suspend_time = 105; 301 params->max_out_time = 70; 302 frag_passive_dwell = 20; 303 } else { 304 params->suspend_time = 120; 305 params->max_out_time = 120; 306 } 307 } 308 309 if (frag_passive_dwell && (mvm->fw->ucode_capa.api[0] & 310 IWL_UCODE_TLV_API_FRAGMENTED_SCAN)) { 311 /* 312 * P2P device scan should not be fragmented to avoid negative 313 * impact on P2P device discovery. Configure max_out_time to be 314 * equal to dwell time on passive channel. Take a longest 315 * possible value, one that corresponds to 2GHz band 316 */ 317 if (vif->type == NL80211_IFTYPE_P2P_DEVICE) { 318 u32 passive_dwell = 319 iwl_mvm_get_passive_dwell(IEEE80211_BAND_2GHZ); 320 params->max_out_time = passive_dwell; 321 } else { 322 params->passive_fragmented = true; 323 } 324 } 325 326 if (flags & NL80211_SCAN_FLAG_LOW_PRIORITY) 327 params->max_out_time = 200; 328 329not_bound: 330 331 for (band = IEEE80211_BAND_2GHZ; band < IEEE80211_NUM_BANDS; band++) { 332 if (params->passive_fragmented) 333 params->dwell[band].passive = frag_passive_dwell; 334 else 335 params->dwell[band].passive = 336 iwl_mvm_get_passive_dwell(band); 337 params->dwell[band].active = iwl_mvm_get_active_dwell(band, 338 n_ssids); 339 } 340} 341 342static inline bool iwl_mvm_rrm_scan_needed(struct iwl_mvm *mvm) 343{ 344 /* require rrm scan whenever the fw supports it */ 345 return mvm->fw->ucode_capa.capa[0] & 346 IWL_UCODE_TLV_CAPA_DS_PARAM_SET_IE_SUPPORT; 347} 348 349static int iwl_mvm_max_scan_ie_fw_cmd_room(struct iwl_mvm *mvm, 350 bool is_sched_scan) 351{ 352 int max_probe_len; 353 354 if (mvm->fw->ucode_capa.api[0] & IWL_UCODE_TLV_API_LMAC_SCAN) 355 max_probe_len = SCAN_OFFLOAD_PROBE_REQ_SIZE; 356 else 357 max_probe_len = mvm->fw->ucode_capa.max_probe_length; 358 359 /* we create the 802.11 header and SSID element */ 360 max_probe_len -= 24 + 2; 361 362 /* basic ssid is added only for hw_scan with and old api */ 363 if (!(mvm->fw->ucode_capa.flags & IWL_UCODE_TLV_FLAGS_NO_BASIC_SSID) && 364 !(mvm->fw->ucode_capa.api[0] & IWL_UCODE_TLV_API_LMAC_SCAN) && 365 !is_sched_scan) 366 max_probe_len -= 32; 367 368 return max_probe_len; 369} 370 371int iwl_mvm_max_scan_ie_len(struct iwl_mvm *mvm, bool is_sched_scan) 372{ 373 int max_ie_len = iwl_mvm_max_scan_ie_fw_cmd_room(mvm, is_sched_scan); 374 375 if (!(mvm->fw->ucode_capa.api[0] & IWL_UCODE_TLV_API_LMAC_SCAN)) 376 return max_ie_len; 377 378 /* TODO: [BUG] This function should return the maximum allowed size of 379 * scan IEs, however the LMAC scan api contains both 2GHZ and 5GHZ IEs 380 * in the same command. So the correct implementation of this function 381 * is just iwl_mvm_max_scan_ie_fw_cmd_room() / 2. Currently the scan 382 * command has only 512 bytes and it would leave us with about 240 383 * bytes for scan IEs, which is clearly not enough. So meanwhile 384 * we will report an incorrect value. This may result in a failure to 385 * issue a scan in unified_scan_lmac and unified_sched_scan_lmac 386 * functions with -ENOBUFS, if a large enough probe will be provided. 387 */ 388 return max_ie_len; 389} 390 391int iwl_mvm_scan_request(struct iwl_mvm *mvm, 392 struct ieee80211_vif *vif, 393 struct cfg80211_scan_request *req) 394{ 395 struct iwl_host_cmd hcmd = { 396 .id = SCAN_REQUEST_CMD, 397 .len = { 0, }, 398 .data = { mvm->scan_cmd, }, 399 .dataflags = { IWL_HCMD_DFL_NOCOPY, }, 400 }; 401 struct iwl_scan_cmd *cmd = mvm->scan_cmd; 402 int ret; 403 u32 status; 404 int ssid_len = 0; 405 u8 *ssid = NULL; 406 bool basic_ssid = !(mvm->fw->ucode_capa.flags & 407 IWL_UCODE_TLV_FLAGS_NO_BASIC_SSID); 408 struct iwl_mvm_scan_params params = {}; 409 410 lockdep_assert_held(&mvm->mutex); 411 412 /* we should have failed registration if scan_cmd was NULL */ 413 if (WARN_ON(mvm->scan_cmd == NULL)) 414 return -ENOMEM; 415 416 IWL_DEBUG_SCAN(mvm, "Handling mac80211 scan request\n"); 417 mvm->scan_status = IWL_MVM_SCAN_OS; 418 memset(cmd, 0, ksize(cmd)); 419 420 cmd->channel_count = (u8)req->n_channels; 421 cmd->quiet_time = cpu_to_le16(IWL_ACTIVE_QUIET_TIME); 422 cmd->quiet_plcp_th = cpu_to_le16(IWL_PLCP_QUIET_THRESH); 423 cmd->rxchain_sel_flags = iwl_mvm_scan_rx_chain(mvm); 424 425 iwl_mvm_scan_calc_params(mvm, vif, req->n_ssids, req->flags, ¶ms); 426 cmd->max_out_time = cpu_to_le32(params.max_out_time); 427 cmd->suspend_time = cpu_to_le32(params.suspend_time); 428 if (params.passive_fragmented) 429 cmd->scan_flags |= SCAN_FLAGS_FRAGMENTED_SCAN; 430 431 cmd->rxon_flags = iwl_mvm_scan_rxon_flags(req->channels[0]->band); 432 cmd->filter_flags = cpu_to_le32(MAC_FILTER_ACCEPT_GRP | 433 MAC_FILTER_IN_BEACON); 434 435 if (vif->type == NL80211_IFTYPE_P2P_DEVICE) 436 cmd->type = cpu_to_le32(SCAN_TYPE_DISCOVERY_FORCED); 437 else 438 cmd->type = cpu_to_le32(SCAN_TYPE_FORCED); 439 440 cmd->repeats = cpu_to_le32(1); 441 442 /* 443 * If the user asked for passive scan, don't change to active scan if 444 * you see any activity on the channel - remain passive. 445 */ 446 if (req->n_ssids > 0) { 447 cmd->passive2active = cpu_to_le16(1); 448 cmd->scan_flags |= SCAN_FLAGS_PASSIVE2ACTIVE; 449 if (basic_ssid) { 450 ssid = req->ssids[0].ssid; 451 ssid_len = req->ssids[0].ssid_len; 452 } 453 } else { 454 cmd->passive2active = 0; 455 cmd->scan_flags &= ~SCAN_FLAGS_PASSIVE2ACTIVE; 456 } 457 458 iwl_mvm_scan_fill_ssids(cmd->direct_scan, req->ssids, req->n_ssids, 459 basic_ssid ? 1 : 0); 460 461 cmd->tx_cmd.tx_flags = cpu_to_le32(TX_CMD_FLG_SEQ_CTL | 462 3 << TX_CMD_FLG_BT_PRIO_POS); 463 464 cmd->tx_cmd.sta_id = mvm->aux_sta.sta_id; 465 cmd->tx_cmd.life_time = cpu_to_le32(TX_CMD_LIFE_TIME_INFINITE); 466 cmd->tx_cmd.rate_n_flags = 467 iwl_mvm_scan_rate_n_flags(mvm, req->channels[0]->band, 468 req->no_cck); 469 470 cmd->tx_cmd.len = 471 cpu_to_le16(iwl_mvm_fill_probe_req( 472 (struct ieee80211_mgmt *)cmd->data, 473 vif->addr, 474 req->n_ssids, ssid, ssid_len, 475 req->ie, req->ie_len, NULL, 0, 476 mvm->fw->ucode_capa.max_probe_length)); 477 478 iwl_mvm_scan_fill_channels(cmd, req, basic_ssid, ¶ms); 479 480 cmd->len = cpu_to_le16(sizeof(struct iwl_scan_cmd) + 481 le16_to_cpu(cmd->tx_cmd.len) + 482 (cmd->channel_count * sizeof(struct iwl_scan_channel))); 483 hcmd.len[0] = le16_to_cpu(cmd->len); 484 485 status = SCAN_RESPONSE_OK; 486 ret = iwl_mvm_send_cmd_status(mvm, &hcmd, &status); 487 if (!ret && status == SCAN_RESPONSE_OK) { 488 IWL_DEBUG_SCAN(mvm, "Scan request was sent successfully\n"); 489 } else { 490 /* 491 * If the scan failed, it usually means that the FW was unable 492 * to allocate the time events. Warn on it, but maybe we 493 * should try to send the command again with different params. 494 */ 495 IWL_ERR(mvm, "Scan failed! status 0x%x ret %d\n", 496 status, ret); 497 mvm->scan_status = IWL_MVM_SCAN_NONE; 498 ret = -EIO; 499 } 500 return ret; 501} 502 503int iwl_mvm_rx_scan_response(struct iwl_mvm *mvm, struct iwl_rx_cmd_buffer *rxb, 504 struct iwl_device_cmd *cmd) 505{ 506 struct iwl_rx_packet *pkt = rxb_addr(rxb); 507 struct iwl_cmd_response *resp = (void *)pkt->data; 508 509 IWL_DEBUG_SCAN(mvm, "Scan response received. status 0x%x\n", 510 le32_to_cpu(resp->status)); 511 return 0; 512} 513 514int iwl_mvm_rx_scan_complete(struct iwl_mvm *mvm, struct iwl_rx_cmd_buffer *rxb, 515 struct iwl_device_cmd *cmd) 516{ 517 struct iwl_rx_packet *pkt = rxb_addr(rxb); 518 struct iwl_scan_complete_notif *notif = (void *)pkt->data; 519 520 lockdep_assert_held(&mvm->mutex); 521 522 IWL_DEBUG_SCAN(mvm, "Scan complete: status=0x%x scanned channels=%d\n", 523 notif->status, notif->scanned_channels); 524 525 if (mvm->scan_status == IWL_MVM_SCAN_OS) 526 mvm->scan_status = IWL_MVM_SCAN_NONE; 527 ieee80211_scan_completed(mvm->hw, notif->status != SCAN_COMP_STATUS_OK); 528 529 iwl_mvm_unref(mvm, IWL_MVM_REF_SCAN); 530 531 return 0; 532} 533 534int iwl_mvm_rx_scan_offload_results(struct iwl_mvm *mvm, 535 struct iwl_rx_cmd_buffer *rxb, 536 struct iwl_device_cmd *cmd) 537{ 538 struct iwl_rx_packet *pkt = rxb_addr(rxb); 539 u8 client_bitmap = 0; 540 541 if (!(mvm->fw->ucode_capa.api[0] & IWL_UCODE_TLV_API_LMAC_SCAN)) { 542 struct iwl_sched_scan_results *notif = (void *)pkt->data; 543 544 client_bitmap = notif->client_bitmap; 545 } 546 547 if (mvm->fw->ucode_capa.api[0] & IWL_UCODE_TLV_API_LMAC_SCAN || 548 client_bitmap & SCAN_CLIENT_SCHED_SCAN) { 549 if (mvm->scan_status == IWL_MVM_SCAN_SCHED) { 550 IWL_DEBUG_SCAN(mvm, "Scheduled scan results\n"); 551 ieee80211_sched_scan_results(mvm->hw); 552 } else { 553 IWL_DEBUG_SCAN(mvm, "Scan results\n"); 554 } 555 } 556 557 return 0; 558} 559 560static bool iwl_mvm_scan_abort_notif(struct iwl_notif_wait_data *notif_wait, 561 struct iwl_rx_packet *pkt, void *data) 562{ 563 struct iwl_mvm *mvm = 564 container_of(notif_wait, struct iwl_mvm, notif_wait); 565 struct iwl_scan_complete_notif *notif; 566 u32 *resp; 567 568 switch (pkt->hdr.cmd) { 569 case SCAN_ABORT_CMD: 570 resp = (void *)pkt->data; 571 if (*resp == CAN_ABORT_STATUS) { 572 IWL_DEBUG_SCAN(mvm, 573 "Scan can be aborted, wait until completion\n"); 574 return false; 575 } 576 577 /* 578 * If scan cannot be aborted, it means that we had a 579 * SCAN_COMPLETE_NOTIFICATION in the pipe and it called 580 * ieee80211_scan_completed already. 581 */ 582 IWL_DEBUG_SCAN(mvm, "Scan cannot be aborted, exit now: %d\n", 583 *resp); 584 return true; 585 586 case SCAN_COMPLETE_NOTIFICATION: 587 notif = (void *)pkt->data; 588 IWL_DEBUG_SCAN(mvm, "Scan aborted: status 0x%x\n", 589 notif->status); 590 return true; 591 592 default: 593 WARN_ON(1); 594 return false; 595 }; 596} 597 598static int iwl_mvm_cancel_regular_scan(struct iwl_mvm *mvm) 599{ 600 struct iwl_notification_wait wait_scan_abort; 601 static const u8 scan_abort_notif[] = { SCAN_ABORT_CMD, 602 SCAN_COMPLETE_NOTIFICATION }; 603 int ret; 604 605 iwl_init_notification_wait(&mvm->notif_wait, &wait_scan_abort, 606 scan_abort_notif, 607 ARRAY_SIZE(scan_abort_notif), 608 iwl_mvm_scan_abort_notif, NULL); 609 610 ret = iwl_mvm_send_cmd_pdu(mvm, SCAN_ABORT_CMD, 0, 0, NULL); 611 if (ret) { 612 IWL_ERR(mvm, "Couldn't send SCAN_ABORT_CMD: %d\n", ret); 613 /* mac80211's state will be cleaned in the nic_restart flow */ 614 goto out_remove_notif; 615 } 616 617 return iwl_wait_notification(&mvm->notif_wait, &wait_scan_abort, HZ); 618 619out_remove_notif: 620 iwl_remove_notification(&mvm->notif_wait, &wait_scan_abort); 621 return ret; 622} 623 624int iwl_mvm_rx_scan_offload_complete_notif(struct iwl_mvm *mvm, 625 struct iwl_rx_cmd_buffer *rxb, 626 struct iwl_device_cmd *cmd) 627{ 628 struct iwl_rx_packet *pkt = rxb_addr(rxb); 629 u8 status, ebs_status; 630 631 if (mvm->fw->ucode_capa.api[0] & IWL_UCODE_TLV_API_LMAC_SCAN) { 632 struct iwl_periodic_scan_complete *scan_notif; 633 634 scan_notif = (void *)pkt->data; 635 status = scan_notif->status; 636 ebs_status = scan_notif->ebs_status; 637 } else { 638 struct iwl_scan_offload_complete *scan_notif; 639 640 scan_notif = (void *)pkt->data; 641 status = scan_notif->status; 642 ebs_status = scan_notif->ebs_status; 643 } 644 /* scan status must be locked for proper checking */ 645 lockdep_assert_held(&mvm->mutex); 646 647 IWL_DEBUG_SCAN(mvm, 648 "%s completed, status %s, EBS status %s\n", 649 mvm->scan_status == IWL_MVM_SCAN_SCHED ? 650 "Scheduled scan" : "Scan", 651 status == IWL_SCAN_OFFLOAD_COMPLETED ? 652 "completed" : "aborted", 653 ebs_status == IWL_SCAN_EBS_SUCCESS ? 654 "success" : "failed"); 655 656 657 /* only call mac80211 completion if the stop was initiated by FW */ 658 if (mvm->scan_status == IWL_MVM_SCAN_SCHED) { 659 mvm->scan_status = IWL_MVM_SCAN_NONE; 660 ieee80211_sched_scan_stopped(mvm->hw); 661 } else if (mvm->scan_status == IWL_MVM_SCAN_OS) { 662 mvm->scan_status = IWL_MVM_SCAN_NONE; 663 ieee80211_scan_completed(mvm->hw, 664 status == IWL_SCAN_OFFLOAD_ABORTED); 665 } 666 667 mvm->last_ebs_successful = !ebs_status; 668 669 return 0; 670} 671 672static void iwl_scan_offload_build_tx_cmd(struct iwl_mvm *mvm, 673 struct ieee80211_vif *vif, 674 struct ieee80211_scan_ies *ies, 675 enum ieee80211_band band, 676 struct iwl_tx_cmd *cmd, 677 u8 *data) 678{ 679 u16 cmd_len; 680 681 cmd->tx_flags = cpu_to_le32(TX_CMD_FLG_SEQ_CTL); 682 cmd->life_time = cpu_to_le32(TX_CMD_LIFE_TIME_INFINITE); 683 cmd->sta_id = mvm->aux_sta.sta_id; 684 685 cmd->rate_n_flags = iwl_mvm_scan_rate_n_flags(mvm, band, false); 686 687 cmd_len = iwl_mvm_fill_probe_req((struct ieee80211_mgmt *)data, 688 vif->addr, 689 1, NULL, 0, 690 ies->ies[band], ies->len[band], 691 ies->common_ies, ies->common_ie_len, 692 SCAN_OFFLOAD_PROBE_REQ_SIZE); 693 cmd->len = cpu_to_le16(cmd_len); 694} 695 696static void iwl_build_scan_cmd(struct iwl_mvm *mvm, 697 struct ieee80211_vif *vif, 698 struct cfg80211_sched_scan_request *req, 699 struct iwl_scan_offload_cmd *scan, 700 struct iwl_mvm_scan_params *params) 701{ 702 scan->channel_count = req->n_channels; 703 scan->quiet_time = cpu_to_le16(IWL_ACTIVE_QUIET_TIME); 704 scan->quiet_plcp_th = cpu_to_le16(IWL_PLCP_QUIET_THRESH); 705 scan->good_CRC_th = IWL_GOOD_CRC_TH_DEFAULT; 706 scan->rx_chain = iwl_mvm_scan_rx_chain(mvm); 707 708 scan->max_out_time = cpu_to_le32(params->max_out_time); 709 scan->suspend_time = cpu_to_le32(params->suspend_time); 710 711 scan->filter_flags |= cpu_to_le32(MAC_FILTER_ACCEPT_GRP | 712 MAC_FILTER_IN_BEACON); 713 scan->scan_type = cpu_to_le32(SCAN_TYPE_BACKGROUND); 714 scan->rep_count = cpu_to_le32(1); 715 716 if (params->passive_fragmented) 717 scan->scan_flags |= SCAN_FLAGS_FRAGMENTED_SCAN; 718} 719 720static int iwl_ssid_exist(u8 *ssid, u8 ssid_len, struct iwl_ssid_ie *ssid_list) 721{ 722 int i; 723 724 for (i = 0; i < PROBE_OPTION_MAX; i++) { 725 if (!ssid_list[i].len) 726 break; 727 if (ssid_list[i].len == ssid_len && 728 !memcmp(ssid_list->ssid, ssid, ssid_len)) 729 return i; 730 } 731 return -1; 732} 733 734static void iwl_scan_offload_build_ssid(struct cfg80211_sched_scan_request *req, 735 struct iwl_ssid_ie *direct_scan, 736 u32 *ssid_bitmap, bool basic_ssid) 737{ 738 int i, j; 739 int index; 740 741 /* 742 * copy SSIDs from match list. 743 * iwl_config_sched_scan_profiles() uses the order of these ssids to 744 * config match list. 745 */ 746 for (i = 0; i < req->n_match_sets && i < PROBE_OPTION_MAX; i++) { 747 /* skip empty SSID matchsets */ 748 if (!req->match_sets[i].ssid.ssid_len) 749 continue; 750 direct_scan[i].id = WLAN_EID_SSID; 751 direct_scan[i].len = req->match_sets[i].ssid.ssid_len; 752 memcpy(direct_scan[i].ssid, req->match_sets[i].ssid.ssid, 753 direct_scan[i].len); 754 } 755 756 /* add SSIDs from scan SSID list */ 757 *ssid_bitmap = 0; 758 for (j = 0; j < req->n_ssids && i < PROBE_OPTION_MAX; j++) { 759 index = iwl_ssid_exist(req->ssids[j].ssid, 760 req->ssids[j].ssid_len, 761 direct_scan); 762 if (index < 0) { 763 if (!req->ssids[j].ssid_len && basic_ssid) 764 continue; 765 direct_scan[i].id = WLAN_EID_SSID; 766 direct_scan[i].len = req->ssids[j].ssid_len; 767 memcpy(direct_scan[i].ssid, req->ssids[j].ssid, 768 direct_scan[i].len); 769 *ssid_bitmap |= BIT(i + 1); 770 i++; 771 } else { 772 *ssid_bitmap |= BIT(index + 1); 773 } 774 } 775} 776 777static void iwl_build_channel_cfg(struct iwl_mvm *mvm, 778 struct cfg80211_sched_scan_request *req, 779 u8 *channels_buffer, 780 enum ieee80211_band band, 781 int *head, 782 u32 ssid_bitmap, 783 struct iwl_mvm_scan_params *params) 784{ 785 u32 n_channels = mvm->fw->ucode_capa.n_scan_channels; 786 __le32 *type = (__le32 *)channels_buffer; 787 __le16 *channel_number = (__le16 *)(type + n_channels); 788 __le16 *iter_count = channel_number + n_channels; 789 __le32 *iter_interval = (__le32 *)(iter_count + n_channels); 790 u8 *active_dwell = (u8 *)(iter_interval + n_channels); 791 u8 *passive_dwell = active_dwell + n_channels; 792 int i, index = 0; 793 794 for (i = 0; i < req->n_channels; i++) { 795 struct ieee80211_channel *chan = req->channels[i]; 796 797 if (chan->band != band) 798 continue; 799 800 index = *head; 801 (*head)++; 802 803 channel_number[index] = cpu_to_le16(chan->hw_value); 804 active_dwell[index] = params->dwell[band].active; 805 passive_dwell[index] = params->dwell[band].passive; 806 807 iter_count[index] = cpu_to_le16(1); 808 iter_interval[index] = 0; 809 810 if (!(chan->flags & IEEE80211_CHAN_NO_IR)) 811 type[index] |= 812 cpu_to_le32(IWL_SCAN_OFFLOAD_CHANNEL_ACTIVE); 813 814 type[index] |= cpu_to_le32(IWL_SCAN_OFFLOAD_CHANNEL_FULL | 815 IWL_SCAN_OFFLOAD_CHANNEL_PARTIAL); 816 817 if (chan->flags & IEEE80211_CHAN_NO_HT40) 818 type[index] |= 819 cpu_to_le32(IWL_SCAN_OFFLOAD_CHANNEL_NARROW); 820 821 /* scan for all SSIDs from req->ssids */ 822 type[index] |= cpu_to_le32(ssid_bitmap); 823 } 824} 825 826int iwl_mvm_config_sched_scan(struct iwl_mvm *mvm, 827 struct ieee80211_vif *vif, 828 struct cfg80211_sched_scan_request *req, 829 struct ieee80211_scan_ies *ies) 830{ 831 int band_2ghz = mvm->nvm_data->bands[IEEE80211_BAND_2GHZ].n_channels; 832 int band_5ghz = mvm->nvm_data->bands[IEEE80211_BAND_5GHZ].n_channels; 833 int head = 0; 834 u32 ssid_bitmap; 835 int cmd_len; 836 int ret; 837 u8 *probes; 838 bool basic_ssid = !(mvm->fw->ucode_capa.flags & 839 IWL_UCODE_TLV_FLAGS_NO_BASIC_SSID); 840 841 struct iwl_scan_offload_cfg *scan_cfg; 842 struct iwl_host_cmd cmd = { 843 .id = SCAN_OFFLOAD_CONFIG_CMD, 844 }; 845 struct iwl_mvm_scan_params params = {}; 846 847 lockdep_assert_held(&mvm->mutex); 848 849 cmd_len = sizeof(struct iwl_scan_offload_cfg) + 850 mvm->fw->ucode_capa.n_scan_channels * IWL_SCAN_CHAN_SIZE + 851 2 * SCAN_OFFLOAD_PROBE_REQ_SIZE; 852 853 scan_cfg = kzalloc(cmd_len, GFP_KERNEL); 854 if (!scan_cfg) 855 return -ENOMEM; 856 857 probes = scan_cfg->data + 858 mvm->fw->ucode_capa.n_scan_channels * IWL_SCAN_CHAN_SIZE; 859 860 iwl_mvm_scan_calc_params(mvm, vif, req->n_ssids, 0, ¶ms); 861 iwl_build_scan_cmd(mvm, vif, req, &scan_cfg->scan_cmd, ¶ms); 862 scan_cfg->scan_cmd.len = cpu_to_le16(cmd_len); 863 864 iwl_scan_offload_build_ssid(req, scan_cfg->scan_cmd.direct_scan, 865 &ssid_bitmap, basic_ssid); 866 /* build tx frames for supported bands */ 867 if (band_2ghz) { 868 iwl_scan_offload_build_tx_cmd(mvm, vif, ies, 869 IEEE80211_BAND_2GHZ, 870 &scan_cfg->scan_cmd.tx_cmd[0], 871 probes); 872 iwl_build_channel_cfg(mvm, req, scan_cfg->data, 873 IEEE80211_BAND_2GHZ, &head, 874 ssid_bitmap, ¶ms); 875 } 876 if (band_5ghz) { 877 iwl_scan_offload_build_tx_cmd(mvm, vif, ies, 878 IEEE80211_BAND_5GHZ, 879 &scan_cfg->scan_cmd.tx_cmd[1], 880 probes + 881 SCAN_OFFLOAD_PROBE_REQ_SIZE); 882 iwl_build_channel_cfg(mvm, req, scan_cfg->data, 883 IEEE80211_BAND_5GHZ, &head, 884 ssid_bitmap, ¶ms); 885 } 886 887 cmd.data[0] = scan_cfg; 888 cmd.len[0] = cmd_len; 889 cmd.dataflags[0] = IWL_HCMD_DFL_NOCOPY; 890 891 IWL_DEBUG_SCAN(mvm, "Sending scheduled scan config\n"); 892 893 ret = iwl_mvm_send_cmd(mvm, &cmd); 894 kfree(scan_cfg); 895 return ret; 896} 897 898int iwl_mvm_config_sched_scan_profiles(struct iwl_mvm *mvm, 899 struct cfg80211_sched_scan_request *req) 900{ 901 struct iwl_scan_offload_profile *profile; 902 struct iwl_scan_offload_profile_cfg *profile_cfg; 903 struct iwl_scan_offload_blacklist *blacklist; 904 struct iwl_host_cmd cmd = { 905 .id = SCAN_OFFLOAD_UPDATE_PROFILES_CMD, 906 .len[1] = sizeof(*profile_cfg), 907 .dataflags[0] = IWL_HCMD_DFL_NOCOPY, 908 .dataflags[1] = IWL_HCMD_DFL_NOCOPY, 909 }; 910 int blacklist_len; 911 int i; 912 int ret; 913 914 if (WARN_ON(req->n_match_sets > IWL_SCAN_MAX_PROFILES)) 915 return -EIO; 916 917 if (mvm->fw->ucode_capa.flags & IWL_UCODE_TLV_FLAGS_SHORT_BL) 918 blacklist_len = IWL_SCAN_SHORT_BLACKLIST_LEN; 919 else 920 blacklist_len = IWL_SCAN_MAX_BLACKLIST_LEN; 921 922 blacklist = kzalloc(sizeof(*blacklist) * blacklist_len, GFP_KERNEL); 923 if (!blacklist) 924 return -ENOMEM; 925 926 profile_cfg = kzalloc(sizeof(*profile_cfg), GFP_KERNEL); 927 if (!profile_cfg) { 928 ret = -ENOMEM; 929 goto free_blacklist; 930 } 931 932 cmd.data[0] = blacklist; 933 cmd.len[0] = sizeof(*blacklist) * blacklist_len; 934 cmd.data[1] = profile_cfg; 935 936 /* No blacklist configuration */ 937 938 profile_cfg->num_profiles = req->n_match_sets; 939 profile_cfg->active_clients = SCAN_CLIENT_SCHED_SCAN; 940 profile_cfg->pass_match = SCAN_CLIENT_SCHED_SCAN; 941 profile_cfg->match_notify = SCAN_CLIENT_SCHED_SCAN; 942 if (!req->n_match_sets || !req->match_sets[0].ssid.ssid_len) 943 profile_cfg->any_beacon_notify = SCAN_CLIENT_SCHED_SCAN; 944 945 for (i = 0; i < req->n_match_sets; i++) { 946 profile = &profile_cfg->profiles[i]; 947 profile->ssid_index = i; 948 /* Support any cipher and auth algorithm */ 949 profile->unicast_cipher = 0xff; 950 profile->auth_alg = 0xff; 951 profile->network_type = IWL_NETWORK_TYPE_ANY; 952 profile->band_selection = IWL_SCAN_OFFLOAD_SELECT_ANY; 953 profile->client_bitmap = SCAN_CLIENT_SCHED_SCAN; 954 } 955 956 IWL_DEBUG_SCAN(mvm, "Sending scheduled scan profile config\n"); 957 958 ret = iwl_mvm_send_cmd(mvm, &cmd); 959 kfree(profile_cfg); 960free_blacklist: 961 kfree(blacklist); 962 963 return ret; 964} 965 966int iwl_mvm_sched_scan_start(struct iwl_mvm *mvm, 967 struct cfg80211_sched_scan_request *req) 968{ 969 struct iwl_scan_offload_req scan_req = { 970 .watchdog = IWL_SCHED_SCAN_WATCHDOG, 971 972 .schedule_line[0].iterations = IWL_FAST_SCHED_SCAN_ITERATIONS, 973 .schedule_line[0].delay = cpu_to_le16(req->interval / 1000), 974 .schedule_line[0].full_scan_mul = 1, 975 976 .schedule_line[1].iterations = 0xff, 977 .schedule_line[1].delay = cpu_to_le16(req->interval / 1000), 978 .schedule_line[1].full_scan_mul = IWL_FULL_SCAN_MULTIPLIER, 979 }; 980 981 if (req->n_match_sets && req->match_sets[0].ssid.ssid_len) { 982 IWL_DEBUG_SCAN(mvm, 983 "Sending scheduled scan with filtering, filter len %d\n", 984 req->n_match_sets); 985 } else { 986 IWL_DEBUG_SCAN(mvm, 987 "Sending Scheduled scan without filtering\n"); 988 scan_req.flags |= cpu_to_le16(IWL_SCAN_OFFLOAD_FLAG_PASS_ALL); 989 } 990 991 if (mvm->last_ebs_successful && 992 mvm->fw->ucode_capa.flags & IWL_UCODE_TLV_FLAGS_EBS_SUPPORT) 993 scan_req.flags |= 994 cpu_to_le16(IWL_SCAN_OFFLOAD_FLAG_EBS_ACCURATE_MODE); 995 996 return iwl_mvm_send_cmd_pdu(mvm, SCAN_OFFLOAD_REQUEST_CMD, 0, 997 sizeof(scan_req), &scan_req); 998} 999 1000static int iwl_mvm_send_scan_offload_abort(struct iwl_mvm *mvm) 1001{ 1002 int ret; 1003 struct iwl_host_cmd cmd = { 1004 .id = SCAN_OFFLOAD_ABORT_CMD, 1005 }; 1006 u32 status; 1007 1008 /* Exit instantly with error when device is not ready 1009 * to receive scan abort command or it does not perform 1010 * scheduled scan currently */ 1011 if (mvm->scan_status != IWL_MVM_SCAN_SCHED && 1012 (!(mvm->fw->ucode_capa.api[0] & IWL_UCODE_TLV_API_LMAC_SCAN) || 1013 mvm->scan_status != IWL_MVM_SCAN_OS)) 1014 return -EIO; 1015 1016 ret = iwl_mvm_send_cmd_status(mvm, &cmd, &status); 1017 if (ret) 1018 return ret; 1019 1020 if (status != CAN_ABORT_STATUS) { 1021 /* 1022 * The scan abort will return 1 for success or 1023 * 2 for "failure". A failure condition can be 1024 * due to simply not being in an active scan which 1025 * can occur if we send the scan abort before the 1026 * microcode has notified us that a scan is completed. 1027 */ 1028 IWL_DEBUG_SCAN(mvm, "SCAN OFFLOAD ABORT ret %d.\n", status); 1029 ret = -ENOENT; 1030 } 1031 1032 return ret; 1033} 1034 1035int iwl_mvm_scan_offload_stop(struct iwl_mvm *mvm, bool notify) 1036{ 1037 int ret; 1038 struct iwl_notification_wait wait_scan_done; 1039 static const u8 scan_done_notif[] = { SCAN_OFFLOAD_COMPLETE, }; 1040 bool sched = mvm->scan_status == IWL_MVM_SCAN_SCHED; 1041 1042 lockdep_assert_held(&mvm->mutex); 1043 1044 if (mvm->scan_status != IWL_MVM_SCAN_SCHED && 1045 (!(mvm->fw->ucode_capa.api[0] & IWL_UCODE_TLV_API_LMAC_SCAN) || 1046 mvm->scan_status != IWL_MVM_SCAN_OS)) { 1047 IWL_DEBUG_SCAN(mvm, "No scan to stop\n"); 1048 return 0; 1049 } 1050 1051 iwl_init_notification_wait(&mvm->notif_wait, &wait_scan_done, 1052 scan_done_notif, 1053 ARRAY_SIZE(scan_done_notif), 1054 NULL, NULL); 1055 1056 ret = iwl_mvm_send_scan_offload_abort(mvm); 1057 if (ret) { 1058 IWL_DEBUG_SCAN(mvm, "Send stop %sscan failed %d\n", 1059 sched ? "offloaded " : "", ret); 1060 iwl_remove_notification(&mvm->notif_wait, &wait_scan_done); 1061 return ret; 1062 } 1063 1064 IWL_DEBUG_SCAN(mvm, "Successfully sent stop %sscan\n", 1065 sched ? "offloaded " : ""); 1066 1067 ret = iwl_wait_notification(&mvm->notif_wait, &wait_scan_done, 1 * HZ); 1068 if (ret) 1069 return ret; 1070 1071 /* 1072 * Clear the scan status so the next scan requests will succeed. This 1073 * also ensures the Rx handler doesn't do anything, as the scan was 1074 * stopped from above. 1075 */ 1076 mvm->scan_status = IWL_MVM_SCAN_NONE; 1077 1078 if (notify) { 1079 if (sched) 1080 ieee80211_sched_scan_stopped(mvm->hw); 1081 else 1082 ieee80211_scan_completed(mvm->hw, true); 1083 } 1084 1085 return 0; 1086} 1087 1088static void iwl_mvm_unified_scan_fill_tx_cmd(struct iwl_mvm *mvm, 1089 struct iwl_scan_req_tx_cmd *tx_cmd, 1090 bool no_cck) 1091{ 1092 tx_cmd[0].tx_flags = cpu_to_le32(TX_CMD_FLG_SEQ_CTL | 1093 TX_CMD_FLG_BT_DIS); 1094 tx_cmd[0].rate_n_flags = iwl_mvm_scan_rate_n_flags(mvm, 1095 IEEE80211_BAND_2GHZ, 1096 no_cck); 1097 tx_cmd[0].sta_id = mvm->aux_sta.sta_id; 1098 1099 tx_cmd[1].tx_flags = cpu_to_le32(TX_CMD_FLG_SEQ_CTL | 1100 TX_CMD_FLG_BT_DIS); 1101 tx_cmd[1].rate_n_flags = iwl_mvm_scan_rate_n_flags(mvm, 1102 IEEE80211_BAND_5GHZ, 1103 no_cck); 1104 tx_cmd[1].sta_id = mvm->aux_sta.sta_id; 1105} 1106 1107static void 1108iwl_mvm_lmac_scan_cfg_channels(struct iwl_mvm *mvm, 1109 struct ieee80211_channel **channels, 1110 int n_channels, u32 ssid_bitmap, 1111 struct iwl_scan_req_unified_lmac *cmd) 1112{ 1113 struct iwl_scan_channel_cfg_lmac *channel_cfg = (void *)&cmd->data; 1114 int i; 1115 1116 for (i = 0; i < n_channels; i++) { 1117 channel_cfg[i].channel_num = 1118 cpu_to_le16(channels[i]->hw_value); 1119 channel_cfg[i].iter_count = cpu_to_le16(1); 1120 channel_cfg[i].iter_interval = 0; 1121 channel_cfg[i].flags = 1122 cpu_to_le32(IWL_UNIFIED_SCAN_CHANNEL_PARTIAL | 1123 ssid_bitmap); 1124 } 1125} 1126 1127static void 1128iwl_mvm_build_unified_scan_probe(struct iwl_mvm *mvm, struct ieee80211_vif *vif, 1129 struct ieee80211_scan_ies *ies, 1130 struct iwl_scan_req_unified_lmac *cmd) 1131{ 1132 struct iwl_scan_probe_req *preq = (void *)(cmd->data + 1133 sizeof(struct iwl_scan_channel_cfg_lmac) * 1134 mvm->fw->ucode_capa.n_scan_channels); 1135 struct ieee80211_mgmt *frame = (struct ieee80211_mgmt *)preq->buf; 1136 u8 *pos; 1137 1138 frame->frame_control = cpu_to_le16(IEEE80211_STYPE_PROBE_REQ); 1139 eth_broadcast_addr(frame->da); 1140 memcpy(frame->sa, vif->addr, ETH_ALEN); 1141 eth_broadcast_addr(frame->bssid); 1142 frame->seq_ctrl = 0; 1143 1144 pos = frame->u.probe_req.variable; 1145 *pos++ = WLAN_EID_SSID; 1146 *pos++ = 0; 1147 1148 preq->mac_header.offset = 0; 1149 preq->mac_header.len = cpu_to_le16(24 + 2); 1150 1151 memcpy(pos, ies->ies[IEEE80211_BAND_2GHZ], 1152 ies->len[IEEE80211_BAND_2GHZ]); 1153 preq->band_data[0].offset = cpu_to_le16(pos - preq->buf); 1154 preq->band_data[0].len = cpu_to_le16(ies->len[IEEE80211_BAND_2GHZ]); 1155 pos += ies->len[IEEE80211_BAND_2GHZ]; 1156 1157 memcpy(pos, ies->ies[IEEE80211_BAND_5GHZ], 1158 ies->len[IEEE80211_BAND_5GHZ]); 1159 preq->band_data[1].offset = cpu_to_le16(pos - preq->buf); 1160 preq->band_data[1].len = cpu_to_le16(ies->len[IEEE80211_BAND_5GHZ]); 1161 pos += ies->len[IEEE80211_BAND_5GHZ]; 1162 1163 memcpy(pos, ies->common_ies, ies->common_ie_len); 1164 preq->common_data.offset = cpu_to_le16(pos - preq->buf); 1165 preq->common_data.len = cpu_to_le16(ies->common_ie_len); 1166} 1167 1168static void 1169iwl_mvm_build_generic_unified_scan_cmd(struct iwl_mvm *mvm, 1170 struct iwl_scan_req_unified_lmac *cmd, 1171 struct iwl_mvm_scan_params *params) 1172{ 1173 memset(cmd, 0, ksize(cmd)); 1174 cmd->active_dwell = params->dwell[IEEE80211_BAND_2GHZ].active; 1175 cmd->passive_dwell = params->dwell[IEEE80211_BAND_2GHZ].passive; 1176 if (params->passive_fragmented) 1177 cmd->fragmented_dwell = 1178 params->dwell[IEEE80211_BAND_2GHZ].passive; 1179 cmd->rx_chain_select = iwl_mvm_scan_rx_chain(mvm); 1180 cmd->max_out_time = cpu_to_le32(params->max_out_time); 1181 cmd->suspend_time = cpu_to_le32(params->suspend_time); 1182 cmd->scan_prio = cpu_to_le32(IWL_SCAN_PRIORITY_HIGH); 1183 cmd->iter_num = cpu_to_le32(1); 1184 1185 if (mvm->fw->ucode_capa.flags & IWL_UCODE_TLV_FLAGS_EBS_SUPPORT && 1186 mvm->last_ebs_successful) { 1187 cmd->channel_opt[0].flags = 1188 cpu_to_le16(IWL_SCAN_CHANNEL_FLAG_EBS | 1189 IWL_SCAN_CHANNEL_FLAG_EBS_ACCURATE | 1190 IWL_SCAN_CHANNEL_FLAG_CACHE_ADD); 1191 cmd->channel_opt[1].flags = 1192 cpu_to_le16(IWL_SCAN_CHANNEL_FLAG_EBS | 1193 IWL_SCAN_CHANNEL_FLAG_EBS_ACCURATE | 1194 IWL_SCAN_CHANNEL_FLAG_CACHE_ADD); 1195 } 1196 1197 if (iwl_mvm_rrm_scan_needed(mvm)) 1198 cmd->scan_flags |= 1199 cpu_to_le32(IWL_MVM_LMAC_SCAN_FLAGS_RRM_ENABLED); 1200} 1201 1202int iwl_mvm_unified_scan_lmac(struct iwl_mvm *mvm, 1203 struct ieee80211_vif *vif, 1204 struct ieee80211_scan_request *req) 1205{ 1206 struct iwl_host_cmd hcmd = { 1207 .id = SCAN_OFFLOAD_REQUEST_CMD, 1208 .len = { sizeof(struct iwl_scan_req_unified_lmac) + 1209 sizeof(struct iwl_scan_channel_cfg_lmac) * 1210 mvm->fw->ucode_capa.n_scan_channels + 1211 sizeof(struct iwl_scan_probe_req), }, 1212 .data = { mvm->scan_cmd, }, 1213 .dataflags = { IWL_HCMD_DFL_NOCOPY, }, 1214 }; 1215 struct iwl_scan_req_unified_lmac *cmd = mvm->scan_cmd; 1216 struct iwl_mvm_scan_params params = {}; 1217 u32 flags; 1218 int ssid_bitmap = 0; 1219 int ret, i; 1220 1221 lockdep_assert_held(&mvm->mutex); 1222 1223 /* we should have failed registration if scan_cmd was NULL */ 1224 if (WARN_ON(mvm->scan_cmd == NULL)) 1225 return -ENOMEM; 1226 1227 if (req->req.n_ssids > PROBE_OPTION_MAX || 1228 req->ies.common_ie_len + req->ies.len[NL80211_BAND_2GHZ] + 1229 req->ies.len[NL80211_BAND_5GHZ] > 1230 iwl_mvm_max_scan_ie_fw_cmd_room(mvm, false) || 1231 req->req.n_channels > mvm->fw->ucode_capa.n_scan_channels) 1232 return -ENOBUFS; 1233 1234 mvm->scan_status = IWL_MVM_SCAN_OS; 1235 1236 iwl_mvm_scan_calc_params(mvm, vif, req->req.n_ssids, req->req.flags, 1237 ¶ms); 1238 1239 iwl_mvm_build_generic_unified_scan_cmd(mvm, cmd, ¶ms); 1240 1241 cmd->n_channels = (u8)req->req.n_channels; 1242 1243 flags = IWL_MVM_LMAC_SCAN_FLAG_PASS_ALL; 1244 1245 if (req->req.n_ssids == 1 && req->req.ssids[0].ssid_len != 0) 1246 flags |= IWL_MVM_LMAC_SCAN_FLAG_PRE_CONNECTION; 1247 1248 if (params.passive_fragmented) 1249 flags |= IWL_MVM_LMAC_SCAN_FLAG_FRAGMENTED; 1250 1251 if (req->req.n_ssids == 0) 1252 flags |= IWL_MVM_LMAC_SCAN_FLAG_PASSIVE; 1253 1254 cmd->scan_flags |= cpu_to_le32(flags); 1255 1256 cmd->flags = iwl_mvm_scan_rxon_flags(req->req.channels[0]->band); 1257 cmd->filter_flags = cpu_to_le32(MAC_FILTER_ACCEPT_GRP | 1258 MAC_FILTER_IN_BEACON); 1259 iwl_mvm_unified_scan_fill_tx_cmd(mvm, cmd->tx_cmd, req->req.no_cck); 1260 iwl_mvm_scan_fill_ssids(cmd->direct_scan, req->req.ssids, 1261 req->req.n_ssids, 0); 1262 1263 cmd->schedule[0].delay = 0; 1264 cmd->schedule[0].iterations = 1; 1265 cmd->schedule[0].full_scan_mul = 0; 1266 cmd->schedule[1].delay = 0; 1267 cmd->schedule[1].iterations = 0; 1268 cmd->schedule[1].full_scan_mul = 0; 1269 1270 for (i = 1; i <= req->req.n_ssids; i++) 1271 ssid_bitmap |= BIT(i); 1272 1273 iwl_mvm_lmac_scan_cfg_channels(mvm, req->req.channels, 1274 req->req.n_channels, ssid_bitmap, 1275 cmd); 1276 1277 iwl_mvm_build_unified_scan_probe(mvm, vif, &req->ies, cmd); 1278 1279 ret = iwl_mvm_send_cmd(mvm, &hcmd); 1280 if (!ret) { 1281 IWL_DEBUG_SCAN(mvm, "Scan request was sent successfully\n"); 1282 } else { 1283 /* 1284 * If the scan failed, it usually means that the FW was unable 1285 * to allocate the time events. Warn on it, but maybe we 1286 * should try to send the command again with different params. 1287 */ 1288 IWL_ERR(mvm, "Scan failed! ret %d\n", ret); 1289 mvm->scan_status = IWL_MVM_SCAN_NONE; 1290 ret = -EIO; 1291 } 1292 return ret; 1293} 1294 1295int iwl_mvm_unified_sched_scan_lmac(struct iwl_mvm *mvm, 1296 struct ieee80211_vif *vif, 1297 struct cfg80211_sched_scan_request *req, 1298 struct ieee80211_scan_ies *ies) 1299{ 1300 struct iwl_host_cmd hcmd = { 1301 .id = SCAN_OFFLOAD_REQUEST_CMD, 1302 .len = { sizeof(struct iwl_scan_req_unified_lmac) + 1303 sizeof(struct iwl_scan_channel_cfg_lmac) * 1304 mvm->fw->ucode_capa.n_scan_channels + 1305 sizeof(struct iwl_scan_probe_req), }, 1306 .data = { mvm->scan_cmd, }, 1307 .dataflags = { IWL_HCMD_DFL_NOCOPY, }, 1308 }; 1309 struct iwl_scan_req_unified_lmac *cmd = mvm->scan_cmd; 1310 struct iwl_mvm_scan_params params = {}; 1311 int ret; 1312 u32 flags = 0, ssid_bitmap = 0; 1313 1314 lockdep_assert_held(&mvm->mutex); 1315 1316 /* we should have failed registration if scan_cmd was NULL */ 1317 if (WARN_ON(mvm->scan_cmd == NULL)) 1318 return -ENOMEM; 1319 1320 if (req->n_ssids > PROBE_OPTION_MAX || 1321 ies->common_ie_len + ies->len[NL80211_BAND_2GHZ] + 1322 ies->len[NL80211_BAND_5GHZ] > 1323 iwl_mvm_max_scan_ie_fw_cmd_room(mvm, true) || 1324 req->n_channels > mvm->fw->ucode_capa.n_scan_channels) 1325 return -ENOBUFS; 1326 1327 iwl_mvm_scan_calc_params(mvm, vif, req->n_ssids, 0, ¶ms); 1328 1329 iwl_mvm_build_generic_unified_scan_cmd(mvm, cmd, ¶ms); 1330 1331 cmd->n_channels = (u8)req->n_channels; 1332 1333 if (req->n_match_sets && req->match_sets[0].ssid.ssid_len) { 1334 IWL_DEBUG_SCAN(mvm, 1335 "Sending scheduled scan with filtering, n_match_sets %d\n", 1336 req->n_match_sets); 1337 } else { 1338 IWL_DEBUG_SCAN(mvm, 1339 "Sending Scheduled scan without filtering\n"); 1340 flags |= IWL_MVM_LMAC_SCAN_FLAG_PASS_ALL; 1341 } 1342 1343 if (req->n_ssids == 1 && req->ssids[0].ssid_len != 0) 1344 flags |= IWL_MVM_LMAC_SCAN_FLAG_PRE_CONNECTION; 1345 1346 if (params.passive_fragmented) 1347 flags |= IWL_MVM_LMAC_SCAN_FLAG_FRAGMENTED; 1348 1349 if (req->n_ssids == 0) 1350 flags |= IWL_MVM_LMAC_SCAN_FLAG_PASSIVE; 1351 1352 cmd->scan_flags |= cpu_to_le32(flags); 1353 1354 cmd->flags = iwl_mvm_scan_rxon_flags(req->channels[0]->band); 1355 cmd->filter_flags = cpu_to_le32(MAC_FILTER_ACCEPT_GRP | 1356 MAC_FILTER_IN_BEACON); 1357 iwl_mvm_unified_scan_fill_tx_cmd(mvm, cmd->tx_cmd, false); 1358 iwl_scan_offload_build_ssid(req, cmd->direct_scan, &ssid_bitmap, false); 1359 1360 cmd->schedule[0].delay = cpu_to_le16(req->interval / MSEC_PER_SEC); 1361 cmd->schedule[0].iterations = IWL_FAST_SCHED_SCAN_ITERATIONS; 1362 cmd->schedule[0].full_scan_mul = 1; 1363 1364 cmd->schedule[1].delay = cpu_to_le16(req->interval / MSEC_PER_SEC); 1365 cmd->schedule[1].iterations = 0xff; 1366 cmd->schedule[1].full_scan_mul = IWL_FULL_SCAN_MULTIPLIER; 1367 1368 iwl_mvm_lmac_scan_cfg_channels(mvm, req->channels, req->n_channels, 1369 ssid_bitmap, cmd); 1370 1371 iwl_mvm_build_unified_scan_probe(mvm, vif, ies, cmd); 1372 1373 ret = iwl_mvm_send_cmd(mvm, &hcmd); 1374 if (!ret) { 1375 IWL_DEBUG_SCAN(mvm, 1376 "Sched scan request was sent successfully\n"); 1377 } else { 1378 /* 1379 * If the scan failed, it usually means that the FW was unable 1380 * to allocate the time events. Warn on it, but maybe we 1381 * should try to send the command again with different params. 1382 */ 1383 IWL_ERR(mvm, "Sched scan failed! ret %d\n", ret); 1384 mvm->scan_status = IWL_MVM_SCAN_NONE; 1385 ret = -EIO; 1386 } 1387 return ret; 1388} 1389 1390 1391int iwl_mvm_cancel_scan(struct iwl_mvm *mvm) 1392{ 1393 if (mvm->scan_status == IWL_MVM_SCAN_NONE) 1394 return 0; 1395 1396 if (iwl_mvm_is_radio_killed(mvm)) { 1397 ieee80211_scan_completed(mvm->hw, true); 1398 iwl_mvm_unref(mvm, IWL_MVM_REF_SCAN); 1399 mvm->scan_status = IWL_MVM_SCAN_NONE; 1400 return 0; 1401 } 1402 1403 if (mvm->fw->ucode_capa.api[0] & IWL_UCODE_TLV_API_LMAC_SCAN) 1404 return iwl_mvm_scan_offload_stop(mvm, true); 1405 return iwl_mvm_cancel_regular_scan(mvm); 1406} 1407