1 // SPDX-License-Identifier: GPL-2.0 OR BSD-3-Clause
3 * Copyright (C) 2012-2014, 2018-2023 Intel Corporation
4 * Copyright (C) 2013-2015 Intel Mobile Communications GmbH
5 * Copyright (C) 2016-2017 Intel Deutschland GmbH
7 #include <linux/etherdevice.h>
8 #include <net/mac80211.h>
9 #include <linux/crc32.h>
12 #include "fw/api/scan.h"
15 #define IWL_DENSE_EBS_SCAN_RATIO 5
16 #define IWL_SPARSE_EBS_SCAN_RATIO 1
18 #define IWL_SCAN_DWELL_ACTIVE 10
19 #define IWL_SCAN_DWELL_PASSIVE 110
20 #define IWL_SCAN_DWELL_FRAGMENTED 44
21 #define IWL_SCAN_DWELL_EXTENDED 90
22 #define IWL_SCAN_NUM_OF_FRAGS 3
24 /* adaptive dwell max budget time [TU] for full scan */
25 #define IWL_SCAN_ADWELL_MAX_BUDGET_FULL_SCAN 300
26 /* adaptive dwell max budget time [TU] for directed scan */
27 #define IWL_SCAN_ADWELL_MAX_BUDGET_DIRECTED_SCAN 100
28 /* adaptive dwell default high band APs number */
29 #define IWL_SCAN_ADWELL_DEFAULT_HB_N_APS 8
30 /* adaptive dwell default low band APs number */
31 #define IWL_SCAN_ADWELL_DEFAULT_LB_N_APS 2
32 /* adaptive dwell default APs number in social channels (1, 6, 11) */
33 #define IWL_SCAN_ADWELL_DEFAULT_N_APS_SOCIAL 10
34 /* number of scan channels */
35 #define IWL_SCAN_NUM_CHANNELS 112
36 /* adaptive dwell number of APs override mask for p2p friendly GO */
37 #define IWL_SCAN_ADWELL_N_APS_GO_FRIENDLY_BIT BIT(20)
38 /* adaptive dwell number of APs override mask for social channels */
39 #define IWL_SCAN_ADWELL_N_APS_SOCIAL_CHS_BIT BIT(21)
40 /* adaptive dwell number of APs override for p2p friendly GO channels */
41 #define IWL_SCAN_ADWELL_N_APS_GO_FRIENDLY 10
42 /* adaptive dwell number of APs override for social channels */
43 #define IWL_SCAN_ADWELL_N_APS_SOCIAL_CHS 2
45 /* minimal number of 2GHz and 5GHz channels in the regular scan request */
46 #define IWL_MVM_6GHZ_PASSIVE_SCAN_MIN_CHANS 4
48 /* Number of iterations on the channel for mei filtered scan */
49 #define IWL_MEI_SCAN_NUM_ITER 5U
51 struct iwl_mvm_scan_timing_params {
56 static struct iwl_mvm_scan_timing_params scan_timing[] = {
57 [IWL_SCAN_TYPE_UNASSOC] = {
61 [IWL_SCAN_TYPE_WILD] = {
65 [IWL_SCAN_TYPE_MILD] = {
69 [IWL_SCAN_TYPE_FRAGMENTED] = {
73 [IWL_SCAN_TYPE_FAST_BALANCE] = {
79 struct iwl_mvm_scan_params {
80 /* For CDB this is low band scan type, for non-CDB - type. */
81 enum iwl_mvm_scan_type type;
82 enum iwl_mvm_scan_type hb_type;
86 struct cfg80211_ssid *ssids;
87 struct ieee80211_channel **channels;
94 struct iwl_scan_probe_req preq;
95 struct cfg80211_match_set *match_sets;
97 struct cfg80211_sched_scan_plan *scan_plans;
99 struct cfg80211_scan_6ghz_params *scan_6ghz_params;
102 bool enable_6ghz_passive;
103 bool respect_p2p_go, respect_p2p_go_hb;
104 s8 tsf_report_link_id;
105 u8 bssid[ETH_ALEN] __aligned(2);
108 static inline void *iwl_mvm_get_scan_req_umac_data(struct iwl_mvm *mvm)
110 struct iwl_scan_req_umac *cmd = mvm->scan_cmd;
112 if (iwl_mvm_is_adaptive_dwell_v2_supported(mvm))
113 return (void *)&cmd->v8.data;
115 if (iwl_mvm_is_adaptive_dwell_supported(mvm))
116 return (void *)&cmd->v7.data;
118 if (iwl_mvm_cdb_scan_api(mvm))
119 return (void *)&cmd->v6.data;
121 return (void *)&cmd->v1.data;
124 static inline struct iwl_scan_umac_chan_param *
125 iwl_mvm_get_scan_req_umac_channel(struct iwl_mvm *mvm)
127 struct iwl_scan_req_umac *cmd = mvm->scan_cmd;
129 if (iwl_mvm_is_adaptive_dwell_v2_supported(mvm))
130 return &cmd->v8.channel;
132 if (iwl_mvm_is_adaptive_dwell_supported(mvm))
133 return &cmd->v7.channel;
135 if (iwl_mvm_cdb_scan_api(mvm))
136 return &cmd->v6.channel;
138 return &cmd->v1.channel;
141 static u8 iwl_mvm_scan_rx_ant(struct iwl_mvm *mvm)
143 if (mvm->scan_rx_ant != ANT_NONE)
144 return mvm->scan_rx_ant;
145 return iwl_mvm_get_valid_rx_ant(mvm);
148 static inline __le16 iwl_mvm_scan_rx_chain(struct iwl_mvm *mvm)
153 rx_ant = iwl_mvm_scan_rx_ant(mvm);
154 rx_chain = rx_ant << PHY_RX_CHAIN_VALID_POS;
155 rx_chain |= rx_ant << PHY_RX_CHAIN_FORCE_MIMO_SEL_POS;
156 rx_chain |= rx_ant << PHY_RX_CHAIN_FORCE_SEL_POS;
157 rx_chain |= 0x1 << PHY_RX_CHAIN_DRIVER_FORCE_POS;
158 return cpu_to_le16(rx_chain);
162 iwl_mvm_scan_rate_n_flags(struct iwl_mvm *mvm, enum nl80211_band band,
167 iwl_mvm_toggle_tx_ant(mvm, &mvm->scan_last_antenna_idx);
168 tx_ant = BIT(mvm->scan_last_antenna_idx) << RATE_MCS_ANT_POS;
170 if (band == NL80211_BAND_2GHZ && !no_cck)
171 return cpu_to_le32(IWL_RATE_1M_PLCP | RATE_MCS_CCK_MSK_V1 |
174 return cpu_to_le32(IWL_RATE_6M_PLCP | tx_ant);
177 static enum iwl_mvm_traffic_load iwl_mvm_get_traffic_load(struct iwl_mvm *mvm)
179 return mvm->tcm.result.global_load;
182 static enum iwl_mvm_traffic_load
183 iwl_mvm_get_traffic_load_band(struct iwl_mvm *mvm, enum nl80211_band band)
185 return mvm->tcm.result.band_load[band];
188 struct iwl_mvm_scan_iter_data {
190 struct ieee80211_vif *current_vif;
191 bool is_dcm_with_p2p_go;
194 static void iwl_mvm_scan_iterator(void *_data, u8 *mac,
195 struct ieee80211_vif *vif)
197 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
198 struct iwl_mvm_scan_iter_data *data = _data;
199 struct iwl_mvm_vif *curr_mvmvif;
201 if (vif->type != NL80211_IFTYPE_P2P_DEVICE &&
202 mvmvif->deflink.phy_ctxt &&
203 mvmvif->deflink.phy_ctxt->id < NUM_PHY_CTX)
204 data->global_cnt += 1;
206 if (!data->current_vif || vif == data->current_vif)
209 curr_mvmvif = iwl_mvm_vif_from_mac80211(data->current_vif);
211 if (vif->type == NL80211_IFTYPE_AP && vif->p2p &&
212 mvmvif->deflink.phy_ctxt && curr_mvmvif->deflink.phy_ctxt &&
213 mvmvif->deflink.phy_ctxt->id != curr_mvmvif->deflink.phy_ctxt->id)
214 data->is_dcm_with_p2p_go = true;
218 iwl_mvm_scan_type _iwl_mvm_get_scan_type(struct iwl_mvm *mvm,
219 struct ieee80211_vif *vif,
220 enum iwl_mvm_traffic_load load,
223 struct iwl_mvm_scan_iter_data data = {
225 .is_dcm_with_p2p_go = false,
229 ieee80211_iterate_active_interfaces_atomic(mvm->hw,
230 IEEE80211_IFACE_ITER_NORMAL,
231 iwl_mvm_scan_iterator,
234 if (!data.global_cnt)
235 return IWL_SCAN_TYPE_UNASSOC;
237 if (fw_has_api(&mvm->fw->ucode_capa,
238 IWL_UCODE_TLV_API_FRAGMENTED_SCAN)) {
239 if ((load == IWL_MVM_TRAFFIC_HIGH || low_latency) &&
240 (!vif || vif->type != NL80211_IFTYPE_P2P_DEVICE))
241 return IWL_SCAN_TYPE_FRAGMENTED;
244 * in case of DCM with P2P GO set all scan requests as
247 if (vif && vif->type == NL80211_IFTYPE_STATION &&
248 data.is_dcm_with_p2p_go)
249 return IWL_SCAN_TYPE_FAST_BALANCE;
252 if (load >= IWL_MVM_TRAFFIC_MEDIUM || low_latency)
253 return IWL_SCAN_TYPE_MILD;
255 return IWL_SCAN_TYPE_WILD;
259 iwl_mvm_scan_type iwl_mvm_get_scan_type(struct iwl_mvm *mvm,
260 struct ieee80211_vif *vif)
262 enum iwl_mvm_traffic_load load;
265 load = iwl_mvm_get_traffic_load(mvm);
266 low_latency = iwl_mvm_low_latency(mvm);
268 return _iwl_mvm_get_scan_type(mvm, vif, load, low_latency);
272 iwl_mvm_scan_type iwl_mvm_get_scan_type_band(struct iwl_mvm *mvm,
273 struct ieee80211_vif *vif,
274 enum nl80211_band band)
276 enum iwl_mvm_traffic_load load;
279 load = iwl_mvm_get_traffic_load_band(mvm, band);
280 low_latency = iwl_mvm_low_latency_band(mvm, band);
282 return _iwl_mvm_get_scan_type(mvm, vif, load, low_latency);
285 static inline bool iwl_mvm_rrm_scan_needed(struct iwl_mvm *mvm)
287 /* require rrm scan whenever the fw supports it */
288 return fw_has_capa(&mvm->fw->ucode_capa,
289 IWL_UCODE_TLV_CAPA_DS_PARAM_SET_IE_SUPPORT);
292 static int iwl_mvm_max_scan_ie_fw_cmd_room(struct iwl_mvm *mvm)
296 max_probe_len = SCAN_OFFLOAD_PROBE_REQ_SIZE;
298 /* we create the 802.11 header and SSID element */
299 max_probe_len -= 24 + 2;
301 /* DS parameter set element is added on 2.4GHZ band if required */
302 if (iwl_mvm_rrm_scan_needed(mvm))
305 return max_probe_len;
308 int iwl_mvm_max_scan_ie_len(struct iwl_mvm *mvm)
310 int max_ie_len = iwl_mvm_max_scan_ie_fw_cmd_room(mvm);
312 /* TODO: [BUG] This function should return the maximum allowed size of
313 * scan IEs, however the LMAC scan api contains both 2GHZ and 5GHZ IEs
314 * in the same command. So the correct implementation of this function
315 * is just iwl_mvm_max_scan_ie_fw_cmd_room() / 2. Currently the scan
316 * command has only 512 bytes and it would leave us with about 240
317 * bytes for scan IEs, which is clearly not enough. So meanwhile
318 * we will report an incorrect value. This may result in a failure to
319 * issue a scan in unified_scan_lmac and unified_sched_scan_lmac
320 * functions with -ENOBUFS, if a large enough probe will be provided.
325 void iwl_mvm_rx_lmac_scan_iter_complete_notif(struct iwl_mvm *mvm,
326 struct iwl_rx_cmd_buffer *rxb)
328 struct iwl_rx_packet *pkt = rxb_addr(rxb);
329 struct iwl_lmac_scan_complete_notif *notif = (void *)pkt->data;
332 "Scan offload iteration complete: status=0x%x scanned channels=%d\n",
333 notif->status, notif->scanned_channels);
335 if (mvm->sched_scan_pass_all == SCHED_SCAN_PASS_ALL_FOUND) {
336 IWL_DEBUG_SCAN(mvm, "Pass all scheduled scan results found\n");
337 ieee80211_sched_scan_results(mvm->hw);
338 mvm->sched_scan_pass_all = SCHED_SCAN_PASS_ALL_ENABLED;
342 void iwl_mvm_rx_scan_match_found(struct iwl_mvm *mvm,
343 struct iwl_rx_cmd_buffer *rxb)
345 IWL_DEBUG_SCAN(mvm, "Scheduled scan results\n");
346 ieee80211_sched_scan_results(mvm->hw);
349 static const char *iwl_mvm_ebs_status_str(enum iwl_scan_ebs_status status)
352 case IWL_SCAN_EBS_SUCCESS:
354 case IWL_SCAN_EBS_INACTIVE:
356 case IWL_SCAN_EBS_FAILED:
357 case IWL_SCAN_EBS_CHAN_NOT_FOUND:
363 void iwl_mvm_rx_lmac_scan_complete_notif(struct iwl_mvm *mvm,
364 struct iwl_rx_cmd_buffer *rxb)
366 struct iwl_rx_packet *pkt = rxb_addr(rxb);
367 struct iwl_periodic_scan_complete *scan_notif = (void *)pkt->data;
368 bool aborted = (scan_notif->status == IWL_SCAN_OFFLOAD_ABORTED);
370 /* If this happens, the firmware has mistakenly sent an LMAC
371 * notification during UMAC scans -- warn and ignore it.
373 if (WARN_ON_ONCE(fw_has_capa(&mvm->fw->ucode_capa,
374 IWL_UCODE_TLV_CAPA_UMAC_SCAN)))
377 /* scan status must be locked for proper checking */
378 lockdep_assert_held(&mvm->mutex);
380 /* We first check if we were stopping a scan, in which case we
381 * just clear the stopping flag. Then we check if it was a
382 * firmware initiated stop, in which case we need to inform
384 * Note that we can have a stopping and a running scan
385 * simultaneously, but we can't have two different types of
386 * scans stopping or running at the same time (since LMAC
387 * doesn't support it).
390 if (mvm->scan_status & IWL_MVM_SCAN_STOPPING_SCHED) {
391 WARN_ON_ONCE(mvm->scan_status & IWL_MVM_SCAN_STOPPING_REGULAR);
393 IWL_DEBUG_SCAN(mvm, "Scheduled scan %s, EBS status %s\n",
394 aborted ? "aborted" : "completed",
395 iwl_mvm_ebs_status_str(scan_notif->ebs_status));
397 "Last line %d, Last iteration %d, Time after last iteration %d\n",
398 scan_notif->last_schedule_line,
399 scan_notif->last_schedule_iteration,
400 __le32_to_cpu(scan_notif->time_after_last_iter));
402 mvm->scan_status &= ~IWL_MVM_SCAN_STOPPING_SCHED;
403 } else if (mvm->scan_status & IWL_MVM_SCAN_STOPPING_REGULAR) {
404 IWL_DEBUG_SCAN(mvm, "Regular scan %s, EBS status %s\n",
405 aborted ? "aborted" : "completed",
406 iwl_mvm_ebs_status_str(scan_notif->ebs_status));
408 mvm->scan_status &= ~IWL_MVM_SCAN_STOPPING_REGULAR;
409 } else if (mvm->scan_status & IWL_MVM_SCAN_SCHED) {
410 WARN_ON_ONCE(mvm->scan_status & IWL_MVM_SCAN_REGULAR);
412 IWL_DEBUG_SCAN(mvm, "Scheduled scan %s, EBS status %s\n",
413 aborted ? "aborted" : "completed",
414 iwl_mvm_ebs_status_str(scan_notif->ebs_status));
416 "Last line %d, Last iteration %d, Time after last iteration %d (FW)\n",
417 scan_notif->last_schedule_line,
418 scan_notif->last_schedule_iteration,
419 __le32_to_cpu(scan_notif->time_after_last_iter));
421 mvm->scan_status &= ~IWL_MVM_SCAN_SCHED;
422 ieee80211_sched_scan_stopped(mvm->hw);
423 mvm->sched_scan_pass_all = SCHED_SCAN_PASS_ALL_DISABLED;
424 } else if (mvm->scan_status & IWL_MVM_SCAN_REGULAR) {
425 struct cfg80211_scan_info info = {
429 IWL_DEBUG_SCAN(mvm, "Regular scan %s, EBS status %s (FW)\n",
430 aborted ? "aborted" : "completed",
431 iwl_mvm_ebs_status_str(scan_notif->ebs_status));
433 mvm->scan_status &= ~IWL_MVM_SCAN_REGULAR;
434 ieee80211_scan_completed(mvm->hw, &info);
435 cancel_delayed_work(&mvm->scan_timeout_dwork);
436 iwl_mvm_resume_tcm(mvm);
439 "got scan complete notification but no scan is running\n");
442 mvm->last_ebs_successful =
443 scan_notif->ebs_status == IWL_SCAN_EBS_SUCCESS ||
444 scan_notif->ebs_status == IWL_SCAN_EBS_INACTIVE;
447 static int iwl_ssid_exist(u8 *ssid, u8 ssid_len, struct iwl_ssid_ie *ssid_list)
451 for (i = 0; i < PROBE_OPTION_MAX; i++) {
452 if (!ssid_list[i].len)
454 if (ssid_list[i].len == ssid_len &&
455 !memcmp(ssid_list->ssid, ssid, ssid_len))
461 /* We insert the SSIDs in an inverted order, because the FW will
464 static void iwl_scan_build_ssids(struct iwl_mvm_scan_params *params,
465 struct iwl_ssid_ie *ssids,
473 * copy SSIDs from match list.
474 * iwl_config_sched_scan_profiles() uses the order of these ssids to
477 for (i = 0, j = params->n_match_sets - 1;
478 j >= 0 && i < PROBE_OPTION_MAX;
480 /* skip empty SSID matchsets */
481 if (!params->match_sets[j].ssid.ssid_len)
483 ssids[i].id = WLAN_EID_SSID;
484 ssids[i].len = params->match_sets[j].ssid.ssid_len;
485 memcpy(ssids[i].ssid, params->match_sets[j].ssid.ssid,
489 /* add SSIDs from scan SSID list */
490 for (j = params->n_ssids - 1;
491 j >= 0 && i < PROBE_OPTION_MAX;
493 index = iwl_ssid_exist(params->ssids[j].ssid,
494 params->ssids[j].ssid_len,
497 ssids[i].id = WLAN_EID_SSID;
498 ssids[i].len = params->ssids[j].ssid_len;
499 memcpy(ssids[i].ssid, params->ssids[j].ssid,
501 tmp_bitmap |= BIT(i);
503 tmp_bitmap |= BIT(index);
507 *ssid_bitmap = tmp_bitmap;
511 iwl_mvm_config_sched_scan_profiles(struct iwl_mvm *mvm,
512 struct cfg80211_sched_scan_request *req)
514 struct iwl_scan_offload_profile *profile;
515 struct iwl_scan_offload_profile_cfg_v1 *profile_cfg_v1;
516 struct iwl_scan_offload_blocklist *blocklist;
517 struct iwl_scan_offload_profile_cfg_data *data;
518 int max_profiles = iwl_umac_scan_get_max_profiles(mvm->fw);
519 int profile_cfg_size = sizeof(*data) +
520 sizeof(*profile) * max_profiles;
521 struct iwl_host_cmd cmd = {
522 .id = SCAN_OFFLOAD_UPDATE_PROFILES_CMD,
523 .len[1] = profile_cfg_size,
524 .dataflags[0] = IWL_HCMD_DFL_NOCOPY,
525 .dataflags[1] = IWL_HCMD_DFL_NOCOPY,
531 if (WARN_ON(req->n_match_sets > max_profiles))
534 if (mvm->fw->ucode_capa.flags & IWL_UCODE_TLV_FLAGS_SHORT_BL)
535 blocklist_len = IWL_SCAN_SHORT_BLACKLIST_LEN;
537 blocklist_len = IWL_SCAN_MAX_BLACKLIST_LEN;
539 blocklist = kcalloc(blocklist_len, sizeof(*blocklist), GFP_KERNEL);
543 profile_cfg_v1 = kzalloc(profile_cfg_size, GFP_KERNEL);
544 if (!profile_cfg_v1) {
549 cmd.data[0] = blocklist;
550 cmd.len[0] = sizeof(*blocklist) * blocklist_len;
551 cmd.data[1] = profile_cfg_v1;
553 /* if max_profile is MAX_PROFILES_V2, we have the new API */
554 if (max_profiles == IWL_SCAN_MAX_PROFILES_V2) {
555 struct iwl_scan_offload_profile_cfg *profile_cfg =
556 (struct iwl_scan_offload_profile_cfg *)profile_cfg_v1;
558 data = &profile_cfg->data;
560 data = &profile_cfg_v1->data;
563 /* No blocklist configuration */
564 data->num_profiles = req->n_match_sets;
565 data->active_clients = SCAN_CLIENT_SCHED_SCAN;
566 data->pass_match = SCAN_CLIENT_SCHED_SCAN;
567 data->match_notify = SCAN_CLIENT_SCHED_SCAN;
569 if (!req->n_match_sets || !req->match_sets[0].ssid.ssid_len)
570 data->any_beacon_notify = SCAN_CLIENT_SCHED_SCAN;
572 for (i = 0; i < req->n_match_sets; i++) {
573 profile = &profile_cfg_v1->profiles[i];
574 profile->ssid_index = i;
575 /* Support any cipher and auth algorithm */
576 profile->unicast_cipher = 0xff;
577 profile->auth_alg = IWL_AUTH_ALGO_UNSUPPORTED |
578 IWL_AUTH_ALGO_NONE | IWL_AUTH_ALGO_PSK | IWL_AUTH_ALGO_8021X |
579 IWL_AUTH_ALGO_SAE | IWL_AUTH_ALGO_8021X_SHA384 | IWL_AUTH_ALGO_OWE;
580 profile->network_type = IWL_NETWORK_TYPE_ANY;
581 profile->band_selection = IWL_SCAN_OFFLOAD_SELECT_ANY;
582 profile->client_bitmap = SCAN_CLIENT_SCHED_SCAN;
585 IWL_DEBUG_SCAN(mvm, "Sending scheduled scan profile config\n");
587 ret = iwl_mvm_send_cmd(mvm, &cmd);
588 kfree(profile_cfg_v1);
595 static bool iwl_mvm_scan_pass_all(struct iwl_mvm *mvm,
596 struct cfg80211_sched_scan_request *req)
598 if (req->n_match_sets && req->match_sets[0].ssid.ssid_len) {
600 "Sending scheduled scan with filtering, n_match_sets %d\n",
602 mvm->sched_scan_pass_all = SCHED_SCAN_PASS_ALL_DISABLED;
606 IWL_DEBUG_SCAN(mvm, "Sending Scheduled scan without filtering\n");
608 mvm->sched_scan_pass_all = SCHED_SCAN_PASS_ALL_ENABLED;
612 static int iwl_mvm_lmac_scan_abort(struct iwl_mvm *mvm)
615 struct iwl_host_cmd cmd = {
616 .id = SCAN_OFFLOAD_ABORT_CMD,
618 u32 status = CAN_ABORT_STATUS;
620 ret = iwl_mvm_send_cmd_status(mvm, &cmd, &status);
624 if (status != CAN_ABORT_STATUS) {
626 * The scan abort will return 1 for success or
627 * 2 for "failure". A failure condition can be
628 * due to simply not being in an active scan which
629 * can occur if we send the scan abort before the
630 * microcode has notified us that a scan is completed.
632 IWL_DEBUG_SCAN(mvm, "SCAN OFFLOAD ABORT ret %d.\n", status);
639 static void iwl_mvm_scan_fill_tx_cmd(struct iwl_mvm *mvm,
640 struct iwl_scan_req_tx_cmd *tx_cmd,
643 tx_cmd[0].tx_flags = cpu_to_le32(TX_CMD_FLG_SEQ_CTL |
645 tx_cmd[0].rate_n_flags = iwl_mvm_scan_rate_n_flags(mvm,
649 if (!iwl_mvm_has_new_station_api(mvm->fw)) {
650 tx_cmd[0].sta_id = mvm->aux_sta.sta_id;
651 tx_cmd[1].sta_id = mvm->aux_sta.sta_id;
654 * Fw doesn't use this sta anymore, pending deprecation via HOST API
658 tx_cmd[0].sta_id = 0xff;
659 tx_cmd[1].sta_id = 0xff;
662 tx_cmd[1].tx_flags = cpu_to_le32(TX_CMD_FLG_SEQ_CTL |
665 tx_cmd[1].rate_n_flags = iwl_mvm_scan_rate_n_flags(mvm,
671 iwl_mvm_lmac_scan_cfg_channels(struct iwl_mvm *mvm,
672 struct ieee80211_channel **channels,
673 int n_channels, u32 ssid_bitmap,
674 struct iwl_scan_req_lmac *cmd)
676 struct iwl_scan_channel_cfg_lmac *channel_cfg = (void *)&cmd->data;
679 for (i = 0; i < n_channels; i++) {
680 channel_cfg[i].channel_num =
681 cpu_to_le16(channels[i]->hw_value);
682 channel_cfg[i].iter_count = cpu_to_le16(1);
683 channel_cfg[i].iter_interval = 0;
684 channel_cfg[i].flags =
685 cpu_to_le32(IWL_UNIFIED_SCAN_CHANNEL_PARTIAL |
690 static u8 *iwl_mvm_copy_and_insert_ds_elem(struct iwl_mvm *mvm, const u8 *ies,
691 size_t len, u8 *const pos)
693 static const u8 before_ds_params[] = {
697 WLAN_EID_EXT_SUPP_RATES,
702 if (!iwl_mvm_rrm_scan_needed(mvm)) {
703 memcpy(newpos, ies, len);
707 offs = ieee80211_ie_split(ies, len,
709 ARRAY_SIZE(before_ds_params),
712 memcpy(newpos, ies, offs);
715 /* Add a placeholder for DS Parameter Set element */
716 *newpos++ = WLAN_EID_DS_PARAMS;
720 memcpy(newpos, ies + offs, len - offs);
721 newpos += len - offs;
726 #define WFA_TPC_IE_LEN 9
728 static void iwl_mvm_add_tpc_report_ie(u8 *pos)
730 pos[0] = WLAN_EID_VENDOR_SPECIFIC;
731 pos[1] = WFA_TPC_IE_LEN - 2;
732 pos[2] = (WLAN_OUI_MICROSOFT >> 16) & 0xff;
733 pos[3] = (WLAN_OUI_MICROSOFT >> 8) & 0xff;
734 pos[4] = WLAN_OUI_MICROSOFT & 0xff;
735 pos[5] = WLAN_OUI_TYPE_MICROSOFT_TPC;
737 /* pos[7] - tx power will be inserted by the FW */
743 iwl_mvm_build_scan_probe(struct iwl_mvm *mvm, struct ieee80211_vif *vif,
744 struct ieee80211_scan_ies *ies,
745 struct iwl_mvm_scan_params *params)
747 struct ieee80211_mgmt *frame = (void *)params->preq.buf;
749 const u8 *mac_addr = params->flags & NL80211_SCAN_FLAG_RANDOM_ADDR ?
750 params->mac_addr : NULL;
753 * Unfortunately, right now the offload scan doesn't support randomising
754 * within the firmware, so until the firmware API is ready we implement
755 * it in the driver. This means that the scan iterations won't really be
756 * random, only when it's restarted, but at least that helps a bit.
759 get_random_mask_addr(frame->sa, mac_addr,
760 params->mac_addr_mask);
762 memcpy(frame->sa, vif->addr, ETH_ALEN);
764 frame->frame_control = cpu_to_le16(IEEE80211_STYPE_PROBE_REQ);
765 eth_broadcast_addr(frame->da);
766 ether_addr_copy(frame->bssid, params->bssid);
769 pos = frame->u.probe_req.variable;
770 *pos++ = WLAN_EID_SSID;
773 params->preq.mac_header.offset = 0;
774 params->preq.mac_header.len = cpu_to_le16(24 + 2);
776 /* Insert ds parameter set element on 2.4 GHz band */
777 newpos = iwl_mvm_copy_and_insert_ds_elem(mvm,
778 ies->ies[NL80211_BAND_2GHZ],
779 ies->len[NL80211_BAND_2GHZ],
781 params->preq.band_data[0].offset = cpu_to_le16(pos - params->preq.buf);
782 params->preq.band_data[0].len = cpu_to_le16(newpos - pos);
785 memcpy(pos, ies->ies[NL80211_BAND_5GHZ],
786 ies->len[NL80211_BAND_5GHZ]);
787 params->preq.band_data[1].offset = cpu_to_le16(pos - params->preq.buf);
788 params->preq.band_data[1].len =
789 cpu_to_le16(ies->len[NL80211_BAND_5GHZ]);
790 pos += ies->len[NL80211_BAND_5GHZ];
792 memcpy(pos, ies->ies[NL80211_BAND_6GHZ],
793 ies->len[NL80211_BAND_6GHZ]);
794 params->preq.band_data[2].offset = cpu_to_le16(pos - params->preq.buf);
795 params->preq.band_data[2].len =
796 cpu_to_le16(ies->len[NL80211_BAND_6GHZ]);
797 pos += ies->len[NL80211_BAND_6GHZ];
798 memcpy(pos, ies->common_ies, ies->common_ie_len);
799 params->preq.common_data.offset = cpu_to_le16(pos - params->preq.buf);
801 if (iwl_mvm_rrm_scan_needed(mvm) &&
802 !fw_has_capa(&mvm->fw->ucode_capa,
803 IWL_UCODE_TLV_CAPA_WFA_TPC_REP_IE_SUPPORT)) {
804 iwl_mvm_add_tpc_report_ie(pos + ies->common_ie_len);
805 params->preq.common_data.len = cpu_to_le16(ies->common_ie_len +
808 params->preq.common_data.len = cpu_to_le16(ies->common_ie_len);
812 static void iwl_mvm_scan_lmac_dwell(struct iwl_mvm *mvm,
813 struct iwl_scan_req_lmac *cmd,
814 struct iwl_mvm_scan_params *params)
816 cmd->active_dwell = IWL_SCAN_DWELL_ACTIVE;
817 cmd->passive_dwell = IWL_SCAN_DWELL_PASSIVE;
818 cmd->fragmented_dwell = IWL_SCAN_DWELL_FRAGMENTED;
819 cmd->extended_dwell = IWL_SCAN_DWELL_EXTENDED;
820 cmd->max_out_time = cpu_to_le32(scan_timing[params->type].max_out_time);
821 cmd->suspend_time = cpu_to_le32(scan_timing[params->type].suspend_time);
822 cmd->scan_prio = cpu_to_le32(IWL_SCAN_PRIORITY_EXT_6);
825 static inline bool iwl_mvm_scan_fits(struct iwl_mvm *mvm, int n_ssids,
826 struct ieee80211_scan_ies *ies,
829 return ((n_ssids <= PROBE_OPTION_MAX) &&
830 (n_channels <= mvm->fw->ucode_capa.n_scan_channels) &
831 (ies->common_ie_len +
832 ies->len[NL80211_BAND_2GHZ] +
833 ies->len[NL80211_BAND_5GHZ] <=
834 iwl_mvm_max_scan_ie_fw_cmd_room(mvm)));
837 static inline bool iwl_mvm_scan_use_ebs(struct iwl_mvm *mvm,
838 struct ieee80211_vif *vif)
840 const struct iwl_ucode_capabilities *capa = &mvm->fw->ucode_capa;
843 if (iwl_mvm_is_cdb_supported(mvm))
844 low_latency = iwl_mvm_low_latency_band(mvm, NL80211_BAND_5GHZ);
846 low_latency = iwl_mvm_low_latency(mvm);
848 /* We can only use EBS if:
849 * 1. the feature is supported;
850 * 2. the last EBS was successful;
851 * 3. if only single scan, the single scan EBS API is supported;
852 * 4. it's not a p2p find operation.
853 * 5. we are not in low latency mode,
854 * or if fragmented ebs is supported by the FW
856 return ((capa->flags & IWL_UCODE_TLV_FLAGS_EBS_SUPPORT) &&
857 mvm->last_ebs_successful && IWL_MVM_ENABLE_EBS &&
858 vif->type != NL80211_IFTYPE_P2P_DEVICE &&
859 (!low_latency || iwl_mvm_is_frag_ebs_supported(mvm)));
862 static inline bool iwl_mvm_is_regular_scan(struct iwl_mvm_scan_params *params)
864 return params->n_scan_plans == 1 &&
865 params->scan_plans[0].iterations == 1;
868 static bool iwl_mvm_is_scan_fragmented(enum iwl_mvm_scan_type type)
870 return (type == IWL_SCAN_TYPE_FRAGMENTED ||
871 type == IWL_SCAN_TYPE_FAST_BALANCE);
874 static int iwl_mvm_scan_lmac_flags(struct iwl_mvm *mvm,
875 struct iwl_mvm_scan_params *params,
876 struct ieee80211_vif *vif)
880 if (params->n_ssids == 0)
881 flags |= IWL_MVM_LMAC_SCAN_FLAG_PASSIVE;
883 if (params->n_ssids == 1 && params->ssids[0].ssid_len != 0)
884 flags |= IWL_MVM_LMAC_SCAN_FLAG_PRE_CONNECTION;
886 if (iwl_mvm_is_scan_fragmented(params->type))
887 flags |= IWL_MVM_LMAC_SCAN_FLAG_FRAGMENTED;
889 if (iwl_mvm_rrm_scan_needed(mvm) &&
890 fw_has_capa(&mvm->fw->ucode_capa,
891 IWL_UCODE_TLV_CAPA_WFA_TPC_REP_IE_SUPPORT))
892 flags |= IWL_MVM_LMAC_SCAN_FLAGS_RRM_ENABLED;
894 if (params->pass_all)
895 flags |= IWL_MVM_LMAC_SCAN_FLAG_PASS_ALL;
897 flags |= IWL_MVM_LMAC_SCAN_FLAG_MATCH;
899 #ifdef CONFIG_IWLWIFI_DEBUGFS
900 if (mvm->scan_iter_notif_enabled)
901 flags |= IWL_MVM_LMAC_SCAN_FLAG_ITER_COMPLETE;
904 if (mvm->sched_scan_pass_all == SCHED_SCAN_PASS_ALL_ENABLED)
905 flags |= IWL_MVM_LMAC_SCAN_FLAG_ITER_COMPLETE;
907 if (iwl_mvm_is_regular_scan(params) &&
908 vif->type != NL80211_IFTYPE_P2P_DEVICE &&
909 !iwl_mvm_is_scan_fragmented(params->type))
910 flags |= IWL_MVM_LMAC_SCAN_FLAG_EXTENDED_DWELL;
916 iwl_mvm_scan_set_legacy_probe_req(struct iwl_scan_probe_req_v1 *p_req,
917 struct iwl_scan_probe_req *src_p_req)
921 p_req->mac_header = src_p_req->mac_header;
922 for (i = 0; i < SCAN_NUM_BAND_PROBE_DATA_V_1; i++)
923 p_req->band_data[i] = src_p_req->band_data[i];
924 p_req->common_data = src_p_req->common_data;
925 memcpy(p_req->buf, src_p_req->buf, sizeof(p_req->buf));
928 static int iwl_mvm_scan_lmac(struct iwl_mvm *mvm, struct ieee80211_vif *vif,
929 struct iwl_mvm_scan_params *params)
931 struct iwl_scan_req_lmac *cmd = mvm->scan_cmd;
932 struct iwl_scan_probe_req_v1 *preq =
933 (void *)(cmd->data + sizeof(struct iwl_scan_channel_cfg_lmac) *
934 mvm->fw->ucode_capa.n_scan_channels);
939 if (WARN_ON(params->n_scan_plans > IWL_MAX_SCHED_SCAN_PLANS))
942 iwl_mvm_scan_lmac_dwell(mvm, cmd, params);
944 cmd->rx_chain_select = iwl_mvm_scan_rx_chain(mvm);
945 cmd->iter_num = cpu_to_le32(1);
946 cmd->n_channels = (u8)params->n_channels;
948 cmd->delay = cpu_to_le32(params->delay);
950 cmd->scan_flags = cpu_to_le32(iwl_mvm_scan_lmac_flags(mvm, params,
953 band = iwl_mvm_phy_band_from_nl80211(params->channels[0]->band);
954 cmd->flags = cpu_to_le32(band);
955 cmd->filter_flags = cpu_to_le32(MAC_FILTER_ACCEPT_GRP |
956 MAC_FILTER_IN_BEACON);
957 iwl_mvm_scan_fill_tx_cmd(mvm, cmd->tx_cmd, params->no_cck);
958 iwl_scan_build_ssids(params, cmd->direct_scan, &ssid_bitmap);
960 /* this API uses bits 1-20 instead of 0-19 */
963 for (i = 0; i < params->n_scan_plans; i++) {
964 struct cfg80211_sched_scan_plan *scan_plan =
965 ¶ms->scan_plans[i];
967 cmd->schedule[i].delay =
968 cpu_to_le16(scan_plan->interval);
969 cmd->schedule[i].iterations = scan_plan->iterations;
970 cmd->schedule[i].full_scan_mul = 1;
974 * If the number of iterations of the last scan plan is set to
975 * zero, it should run infinitely. However, this is not always the case.
976 * For example, when regular scan is requested the driver sets one scan
977 * plan with one iteration.
979 if (!cmd->schedule[i - 1].iterations)
980 cmd->schedule[i - 1].iterations = 0xff;
982 if (iwl_mvm_scan_use_ebs(mvm, vif)) {
983 cmd->channel_opt[0].flags =
984 cpu_to_le16(IWL_SCAN_CHANNEL_FLAG_EBS |
985 IWL_SCAN_CHANNEL_FLAG_EBS_ACCURATE |
986 IWL_SCAN_CHANNEL_FLAG_CACHE_ADD);
987 cmd->channel_opt[0].non_ebs_ratio =
988 cpu_to_le16(IWL_DENSE_EBS_SCAN_RATIO);
989 cmd->channel_opt[1].flags =
990 cpu_to_le16(IWL_SCAN_CHANNEL_FLAG_EBS |
991 IWL_SCAN_CHANNEL_FLAG_EBS_ACCURATE |
992 IWL_SCAN_CHANNEL_FLAG_CACHE_ADD);
993 cmd->channel_opt[1].non_ebs_ratio =
994 cpu_to_le16(IWL_SPARSE_EBS_SCAN_RATIO);
997 iwl_mvm_lmac_scan_cfg_channels(mvm, params->channels,
998 params->n_channels, ssid_bitmap, cmd);
1000 iwl_mvm_scan_set_legacy_probe_req(preq, ¶ms->preq);
1005 static int rate_to_scan_rate_flag(unsigned int rate)
1007 static const int rate_to_scan_rate[IWL_RATE_COUNT] = {
1008 [IWL_RATE_1M_INDEX] = SCAN_CONFIG_RATE_1M,
1009 [IWL_RATE_2M_INDEX] = SCAN_CONFIG_RATE_2M,
1010 [IWL_RATE_5M_INDEX] = SCAN_CONFIG_RATE_5M,
1011 [IWL_RATE_11M_INDEX] = SCAN_CONFIG_RATE_11M,
1012 [IWL_RATE_6M_INDEX] = SCAN_CONFIG_RATE_6M,
1013 [IWL_RATE_9M_INDEX] = SCAN_CONFIG_RATE_9M,
1014 [IWL_RATE_12M_INDEX] = SCAN_CONFIG_RATE_12M,
1015 [IWL_RATE_18M_INDEX] = SCAN_CONFIG_RATE_18M,
1016 [IWL_RATE_24M_INDEX] = SCAN_CONFIG_RATE_24M,
1017 [IWL_RATE_36M_INDEX] = SCAN_CONFIG_RATE_36M,
1018 [IWL_RATE_48M_INDEX] = SCAN_CONFIG_RATE_48M,
1019 [IWL_RATE_54M_INDEX] = SCAN_CONFIG_RATE_54M,
1022 return rate_to_scan_rate[rate];
1025 static __le32 iwl_mvm_scan_config_rates(struct iwl_mvm *mvm)
1027 struct ieee80211_supported_band *band;
1028 unsigned int rates = 0;
1031 band = &mvm->nvm_data->bands[NL80211_BAND_2GHZ];
1032 for (i = 0; i < band->n_bitrates; i++)
1033 rates |= rate_to_scan_rate_flag(band->bitrates[i].hw_value);
1034 band = &mvm->nvm_data->bands[NL80211_BAND_5GHZ];
1035 for (i = 0; i < band->n_bitrates; i++)
1036 rates |= rate_to_scan_rate_flag(band->bitrates[i].hw_value);
1038 /* Set both basic rates and supported rates */
1039 rates |= SCAN_CONFIG_SUPPORTED_RATE(rates);
1041 return cpu_to_le32(rates);
1044 static void iwl_mvm_fill_scan_dwell(struct iwl_mvm *mvm,
1045 struct iwl_scan_dwell *dwell)
1047 dwell->active = IWL_SCAN_DWELL_ACTIVE;
1048 dwell->passive = IWL_SCAN_DWELL_PASSIVE;
1049 dwell->fragmented = IWL_SCAN_DWELL_FRAGMENTED;
1050 dwell->extended = IWL_SCAN_DWELL_EXTENDED;
1053 static void iwl_mvm_fill_channels(struct iwl_mvm *mvm, u8 *channels,
1056 struct ieee80211_supported_band *band;
1059 band = &mvm->nvm_data->bands[NL80211_BAND_2GHZ];
1060 for (i = 0; i < band->n_channels && j < max_channels; i++, j++)
1061 channels[j] = band->channels[i].hw_value;
1062 band = &mvm->nvm_data->bands[NL80211_BAND_5GHZ];
1063 for (i = 0; i < band->n_channels && j < max_channels; i++, j++)
1064 channels[j] = band->channels[i].hw_value;
1067 static void iwl_mvm_fill_scan_config_v1(struct iwl_mvm *mvm, void *config,
1068 u32 flags, u8 channel_flags,
1071 enum iwl_mvm_scan_type type = iwl_mvm_get_scan_type(mvm, NULL);
1072 struct iwl_scan_config_v1 *cfg = config;
1074 cfg->flags = cpu_to_le32(flags);
1075 cfg->tx_chains = cpu_to_le32(iwl_mvm_get_valid_tx_ant(mvm));
1076 cfg->rx_chains = cpu_to_le32(iwl_mvm_scan_rx_ant(mvm));
1077 cfg->legacy_rates = iwl_mvm_scan_config_rates(mvm);
1078 cfg->out_of_channel_time = cpu_to_le32(scan_timing[type].max_out_time);
1079 cfg->suspend_time = cpu_to_le32(scan_timing[type].suspend_time);
1081 iwl_mvm_fill_scan_dwell(mvm, &cfg->dwell);
1083 memcpy(&cfg->mac_addr, &mvm->addresses[0].addr, ETH_ALEN);
1085 /* This function should not be called when using ADD_STA ver >=12 */
1086 WARN_ON_ONCE(iwl_mvm_has_new_station_api(mvm->fw));
1088 cfg->bcast_sta_id = mvm->aux_sta.sta_id;
1089 cfg->channel_flags = channel_flags;
1091 iwl_mvm_fill_channels(mvm, cfg->channel_array, max_channels);
1094 static void iwl_mvm_fill_scan_config_v2(struct iwl_mvm *mvm, void *config,
1095 u32 flags, u8 channel_flags,
1098 struct iwl_scan_config_v2 *cfg = config;
1100 cfg->flags = cpu_to_le32(flags);
1101 cfg->tx_chains = cpu_to_le32(iwl_mvm_get_valid_tx_ant(mvm));
1102 cfg->rx_chains = cpu_to_le32(iwl_mvm_scan_rx_ant(mvm));
1103 cfg->legacy_rates = iwl_mvm_scan_config_rates(mvm);
1105 if (iwl_mvm_is_cdb_supported(mvm)) {
1106 enum iwl_mvm_scan_type lb_type, hb_type;
1108 lb_type = iwl_mvm_get_scan_type_band(mvm, NULL,
1110 hb_type = iwl_mvm_get_scan_type_band(mvm, NULL,
1113 cfg->out_of_channel_time[SCAN_LB_LMAC_IDX] =
1114 cpu_to_le32(scan_timing[lb_type].max_out_time);
1115 cfg->suspend_time[SCAN_LB_LMAC_IDX] =
1116 cpu_to_le32(scan_timing[lb_type].suspend_time);
1118 cfg->out_of_channel_time[SCAN_HB_LMAC_IDX] =
1119 cpu_to_le32(scan_timing[hb_type].max_out_time);
1120 cfg->suspend_time[SCAN_HB_LMAC_IDX] =
1121 cpu_to_le32(scan_timing[hb_type].suspend_time);
1123 enum iwl_mvm_scan_type type =
1124 iwl_mvm_get_scan_type(mvm, NULL);
1126 cfg->out_of_channel_time[SCAN_LB_LMAC_IDX] =
1127 cpu_to_le32(scan_timing[type].max_out_time);
1128 cfg->suspend_time[SCAN_LB_LMAC_IDX] =
1129 cpu_to_le32(scan_timing[type].suspend_time);
1132 iwl_mvm_fill_scan_dwell(mvm, &cfg->dwell);
1134 memcpy(&cfg->mac_addr, &mvm->addresses[0].addr, ETH_ALEN);
1136 /* This function should not be called when using ADD_STA ver >=12 */
1137 WARN_ON_ONCE(iwl_mvm_has_new_station_api(mvm->fw));
1139 cfg->bcast_sta_id = mvm->aux_sta.sta_id;
1140 cfg->channel_flags = channel_flags;
1142 iwl_mvm_fill_channels(mvm, cfg->channel_array, max_channels);
1145 static int iwl_mvm_legacy_config_scan(struct iwl_mvm *mvm)
1149 struct iwl_host_cmd cmd = {
1150 .id = WIDE_ID(IWL_ALWAYS_LONG_GROUP, SCAN_CFG_CMD),
1152 enum iwl_mvm_scan_type type;
1153 enum iwl_mvm_scan_type hb_type = IWL_SCAN_TYPE_NOT_SET;
1155 mvm->nvm_data->bands[NL80211_BAND_2GHZ].n_channels +
1156 mvm->nvm_data->bands[NL80211_BAND_5GHZ].n_channels;
1160 if (WARN_ON(num_channels > mvm->fw->ucode_capa.n_scan_channels))
1161 num_channels = mvm->fw->ucode_capa.n_scan_channels;
1163 if (iwl_mvm_is_cdb_supported(mvm)) {
1164 type = iwl_mvm_get_scan_type_band(mvm, NULL,
1166 hb_type = iwl_mvm_get_scan_type_band(mvm, NULL,
1168 if (type == mvm->scan_type && hb_type == mvm->hb_scan_type)
1171 type = iwl_mvm_get_scan_type(mvm, NULL);
1172 if (type == mvm->scan_type)
1176 if (iwl_mvm_cdb_scan_api(mvm))
1177 cmd_size = sizeof(struct iwl_scan_config_v2);
1179 cmd_size = sizeof(struct iwl_scan_config_v1);
1180 cmd_size += mvm->fw->ucode_capa.n_scan_channels;
1182 cfg = kzalloc(cmd_size, GFP_KERNEL);
1186 flags = SCAN_CONFIG_FLAG_ACTIVATE |
1187 SCAN_CONFIG_FLAG_ALLOW_CHUB_REQS |
1188 SCAN_CONFIG_FLAG_SET_TX_CHAINS |
1189 SCAN_CONFIG_FLAG_SET_RX_CHAINS |
1190 SCAN_CONFIG_FLAG_SET_AUX_STA_ID |
1191 SCAN_CONFIG_FLAG_SET_ALL_TIMES |
1192 SCAN_CONFIG_FLAG_SET_LEGACY_RATES |
1193 SCAN_CONFIG_FLAG_SET_MAC_ADDR |
1194 SCAN_CONFIG_FLAG_SET_CHANNEL_FLAGS |
1195 SCAN_CONFIG_N_CHANNELS(num_channels) |
1196 (iwl_mvm_is_scan_fragmented(type) ?
1197 SCAN_CONFIG_FLAG_SET_FRAGMENTED :
1198 SCAN_CONFIG_FLAG_CLEAR_FRAGMENTED);
1200 channel_flags = IWL_CHANNEL_FLAG_EBS |
1201 IWL_CHANNEL_FLAG_ACCURATE_EBS |
1202 IWL_CHANNEL_FLAG_EBS_ADD |
1203 IWL_CHANNEL_FLAG_PRE_SCAN_PASSIVE2ACTIVE;
1206 * Check for fragmented scan on LMAC2 - high band.
1207 * LMAC1 - low band is checked above.
1209 if (iwl_mvm_cdb_scan_api(mvm)) {
1210 if (iwl_mvm_is_cdb_supported(mvm))
1211 flags |= (iwl_mvm_is_scan_fragmented(hb_type)) ?
1212 SCAN_CONFIG_FLAG_SET_LMAC2_FRAGMENTED :
1213 SCAN_CONFIG_FLAG_CLEAR_LMAC2_FRAGMENTED;
1214 iwl_mvm_fill_scan_config_v2(mvm, cfg, flags, channel_flags,
1217 iwl_mvm_fill_scan_config_v1(mvm, cfg, flags, channel_flags,
1222 cmd.len[0] = cmd_size;
1223 cmd.dataflags[0] = IWL_HCMD_DFL_NOCOPY;
1225 IWL_DEBUG_SCAN(mvm, "Sending UMAC scan config\n");
1227 ret = iwl_mvm_send_cmd(mvm, &cmd);
1229 mvm->scan_type = type;
1230 mvm->hb_scan_type = hb_type;
1237 int iwl_mvm_config_scan(struct iwl_mvm *mvm)
1239 struct iwl_scan_config cfg;
1240 struct iwl_host_cmd cmd = {
1241 .id = WIDE_ID(IWL_ALWAYS_LONG_GROUP, SCAN_CFG_CMD),
1242 .len[0] = sizeof(cfg),
1244 .dataflags[0] = IWL_HCMD_DFL_NOCOPY,
1247 if (!iwl_mvm_is_reduced_config_scan_supported(mvm))
1248 return iwl_mvm_legacy_config_scan(mvm);
1250 memset(&cfg, 0, sizeof(cfg));
1252 if (!iwl_mvm_has_new_station_api(mvm->fw)) {
1253 cfg.bcast_sta_id = mvm->aux_sta.sta_id;
1254 } else if (iwl_fw_lookup_cmd_ver(mvm->fw, SCAN_CFG_CMD, 0) < 5) {
1256 * Fw doesn't use this sta anymore. Deprecated on SCAN_CFG_CMD
1259 cfg.bcast_sta_id = 0xff;
1262 cfg.tx_chains = cpu_to_le32(iwl_mvm_get_valid_tx_ant(mvm));
1263 cfg.rx_chains = cpu_to_le32(iwl_mvm_scan_rx_ant(mvm));
1265 IWL_DEBUG_SCAN(mvm, "Sending UMAC scan config\n");
1267 return iwl_mvm_send_cmd(mvm, &cmd);
1270 static int iwl_mvm_scan_uid_by_status(struct iwl_mvm *mvm, int status)
1274 for (i = 0; i < mvm->max_scans; i++)
1275 if (mvm->scan_uid_status[i] == status)
1281 static void iwl_mvm_scan_umac_dwell(struct iwl_mvm *mvm,
1282 struct iwl_scan_req_umac *cmd,
1283 struct iwl_mvm_scan_params *params)
1285 struct iwl_mvm_scan_timing_params *timing, *hb_timing;
1286 u8 active_dwell, passive_dwell;
1288 timing = &scan_timing[params->type];
1289 active_dwell = IWL_SCAN_DWELL_ACTIVE;
1290 passive_dwell = IWL_SCAN_DWELL_PASSIVE;
1292 if (iwl_mvm_is_adaptive_dwell_supported(mvm)) {
1293 cmd->v7.adwell_default_n_aps_social =
1294 IWL_SCAN_ADWELL_DEFAULT_N_APS_SOCIAL;
1295 cmd->v7.adwell_default_n_aps =
1296 IWL_SCAN_ADWELL_DEFAULT_LB_N_APS;
1298 if (iwl_mvm_is_adwell_hb_ap_num_supported(mvm))
1299 cmd->v9.adwell_default_hb_n_aps =
1300 IWL_SCAN_ADWELL_DEFAULT_HB_N_APS;
1302 /* if custom max budget was configured with debugfs */
1303 if (IWL_MVM_ADWELL_MAX_BUDGET)
1304 cmd->v7.adwell_max_budget =
1305 cpu_to_le16(IWL_MVM_ADWELL_MAX_BUDGET);
1306 else if (params->ssids && params->ssids[0].ssid_len)
1307 cmd->v7.adwell_max_budget =
1308 cpu_to_le16(IWL_SCAN_ADWELL_MAX_BUDGET_DIRECTED_SCAN);
1310 cmd->v7.adwell_max_budget =
1311 cpu_to_le16(IWL_SCAN_ADWELL_MAX_BUDGET_FULL_SCAN);
1313 cmd->v7.scan_priority = cpu_to_le32(IWL_SCAN_PRIORITY_EXT_6);
1314 cmd->v7.max_out_time[SCAN_LB_LMAC_IDX] =
1315 cpu_to_le32(timing->max_out_time);
1316 cmd->v7.suspend_time[SCAN_LB_LMAC_IDX] =
1317 cpu_to_le32(timing->suspend_time);
1319 if (iwl_mvm_is_cdb_supported(mvm)) {
1320 hb_timing = &scan_timing[params->hb_type];
1322 cmd->v7.max_out_time[SCAN_HB_LMAC_IDX] =
1323 cpu_to_le32(hb_timing->max_out_time);
1324 cmd->v7.suspend_time[SCAN_HB_LMAC_IDX] =
1325 cpu_to_le32(hb_timing->suspend_time);
1328 if (!iwl_mvm_is_adaptive_dwell_v2_supported(mvm)) {
1329 cmd->v7.active_dwell = active_dwell;
1330 cmd->v7.passive_dwell = passive_dwell;
1331 cmd->v7.fragmented_dwell = IWL_SCAN_DWELL_FRAGMENTED;
1333 cmd->v8.active_dwell[SCAN_LB_LMAC_IDX] = active_dwell;
1334 cmd->v8.passive_dwell[SCAN_LB_LMAC_IDX] = passive_dwell;
1335 if (iwl_mvm_is_cdb_supported(mvm)) {
1336 cmd->v8.active_dwell[SCAN_HB_LMAC_IDX] =
1338 cmd->v8.passive_dwell[SCAN_HB_LMAC_IDX] =
1343 cmd->v1.extended_dwell = IWL_SCAN_DWELL_EXTENDED;
1344 cmd->v1.active_dwell = active_dwell;
1345 cmd->v1.passive_dwell = passive_dwell;
1346 cmd->v1.fragmented_dwell = IWL_SCAN_DWELL_FRAGMENTED;
1348 if (iwl_mvm_is_cdb_supported(mvm)) {
1349 hb_timing = &scan_timing[params->hb_type];
1351 cmd->v6.max_out_time[SCAN_HB_LMAC_IDX] =
1352 cpu_to_le32(hb_timing->max_out_time);
1353 cmd->v6.suspend_time[SCAN_HB_LMAC_IDX] =
1354 cpu_to_le32(hb_timing->suspend_time);
1357 if (iwl_mvm_cdb_scan_api(mvm)) {
1358 cmd->v6.scan_priority =
1359 cpu_to_le32(IWL_SCAN_PRIORITY_EXT_6);
1360 cmd->v6.max_out_time[SCAN_LB_LMAC_IDX] =
1361 cpu_to_le32(timing->max_out_time);
1362 cmd->v6.suspend_time[SCAN_LB_LMAC_IDX] =
1363 cpu_to_le32(timing->suspend_time);
1365 cmd->v1.scan_priority =
1366 cpu_to_le32(IWL_SCAN_PRIORITY_EXT_6);
1367 cmd->v1.max_out_time =
1368 cpu_to_le32(timing->max_out_time);
1369 cmd->v1.suspend_time =
1370 cpu_to_le32(timing->suspend_time);
1374 if (iwl_mvm_is_regular_scan(params))
1375 cmd->ooc_priority = cpu_to_le32(IWL_SCAN_PRIORITY_EXT_6);
1377 cmd->ooc_priority = cpu_to_le32(IWL_SCAN_PRIORITY_EXT_2);
1380 static u32 iwl_mvm_scan_umac_ooc_priority(struct iwl_mvm_scan_params *params)
1382 return iwl_mvm_is_regular_scan(params) ?
1383 IWL_SCAN_PRIORITY_EXT_6 :
1384 IWL_SCAN_PRIORITY_EXT_2;
1388 iwl_mvm_scan_umac_dwell_v11(struct iwl_mvm *mvm,
1389 struct iwl_scan_general_params_v11 *general_params,
1390 struct iwl_mvm_scan_params *params)
1392 struct iwl_mvm_scan_timing_params *timing, *hb_timing;
1393 u8 active_dwell, passive_dwell;
1395 timing = &scan_timing[params->type];
1396 active_dwell = IWL_SCAN_DWELL_ACTIVE;
1397 passive_dwell = IWL_SCAN_DWELL_PASSIVE;
1399 general_params->adwell_default_social_chn =
1400 IWL_SCAN_ADWELL_DEFAULT_N_APS_SOCIAL;
1401 general_params->adwell_default_2g = IWL_SCAN_ADWELL_DEFAULT_LB_N_APS;
1402 general_params->adwell_default_5g = IWL_SCAN_ADWELL_DEFAULT_HB_N_APS;
1404 /* if custom max budget was configured with debugfs */
1405 if (IWL_MVM_ADWELL_MAX_BUDGET)
1406 general_params->adwell_max_budget =
1407 cpu_to_le16(IWL_MVM_ADWELL_MAX_BUDGET);
1408 else if (params->ssids && params->ssids[0].ssid_len)
1409 general_params->adwell_max_budget =
1410 cpu_to_le16(IWL_SCAN_ADWELL_MAX_BUDGET_DIRECTED_SCAN);
1412 general_params->adwell_max_budget =
1413 cpu_to_le16(IWL_SCAN_ADWELL_MAX_BUDGET_FULL_SCAN);
1415 general_params->scan_priority = cpu_to_le32(IWL_SCAN_PRIORITY_EXT_6);
1416 general_params->max_out_of_time[SCAN_LB_LMAC_IDX] =
1417 cpu_to_le32(timing->max_out_time);
1418 general_params->suspend_time[SCAN_LB_LMAC_IDX] =
1419 cpu_to_le32(timing->suspend_time);
1421 hb_timing = &scan_timing[params->hb_type];
1423 general_params->max_out_of_time[SCAN_HB_LMAC_IDX] =
1424 cpu_to_le32(hb_timing->max_out_time);
1425 general_params->suspend_time[SCAN_HB_LMAC_IDX] =
1426 cpu_to_le32(hb_timing->suspend_time);
1428 general_params->active_dwell[SCAN_LB_LMAC_IDX] = active_dwell;
1429 general_params->passive_dwell[SCAN_LB_LMAC_IDX] = passive_dwell;
1430 general_params->active_dwell[SCAN_HB_LMAC_IDX] = active_dwell;
1431 general_params->passive_dwell[SCAN_HB_LMAC_IDX] = passive_dwell;
1434 struct iwl_mvm_scan_channel_segment {
1437 u8 first_channel_id;
1439 u8 channel_spacing_shift;
1443 static const struct iwl_mvm_scan_channel_segment scan_channel_segments[] = {
1447 .first_channel_id = 1,
1448 .last_channel_id = 14,
1449 .channel_spacing_shift = 0,
1455 .first_channel_id = 36,
1456 .last_channel_id = 144,
1457 .channel_spacing_shift = 2,
1463 .first_channel_id = 149,
1464 .last_channel_id = 181,
1465 .channel_spacing_shift = 2,
1471 .first_channel_id = 1,
1472 .last_channel_id = 241,
1473 .channel_spacing_shift = 2,
1478 static int iwl_mvm_scan_ch_and_band_to_idx(u8 channel_id, u8 band)
1485 for (i = 0; i < ARRAY_SIZE(scan_channel_segments); i++) {
1486 const struct iwl_mvm_scan_channel_segment *ch_segment =
1487 &scan_channel_segments[i];
1490 if (ch_segment->band != band ||
1491 ch_segment->first_channel_id > channel_id ||
1492 ch_segment->last_channel_id < channel_id)
1495 ch_offset = (channel_id - ch_segment->first_channel_id) >>
1496 ch_segment->channel_spacing_shift;
1498 index = scan_channel_segments[i].start_idx + ch_offset;
1499 if (index < IWL_SCAN_NUM_CHANNELS)
1508 static const u8 p2p_go_friendly_chs[] = {
1509 36, 40, 44, 48, 149, 153, 157, 161, 165,
1512 static const u8 social_chs[] = {
1516 static void iwl_mvm_scan_ch_add_n_aps_override(enum nl80211_iftype vif_type,
1517 u8 ch_id, u8 band, u8 *ch_bitmap,
1518 size_t bitmap_n_entries)
1522 if (vif_type != NL80211_IFTYPE_P2P_DEVICE)
1525 for (i = 0; i < ARRAY_SIZE(p2p_go_friendly_chs); i++) {
1526 if (p2p_go_friendly_chs[i] == ch_id) {
1527 int ch_idx, bitmap_idx;
1529 ch_idx = iwl_mvm_scan_ch_and_band_to_idx(ch_id, band);
1533 bitmap_idx = ch_idx / 8;
1534 if (bitmap_idx >= bitmap_n_entries)
1537 ch_idx = ch_idx % 8;
1538 ch_bitmap[bitmap_idx] |= BIT(ch_idx);
1545 static u32 iwl_mvm_scan_ch_n_aps_flag(enum nl80211_iftype vif_type, u8 ch_id)
1550 if (vif_type != NL80211_IFTYPE_P2P_DEVICE)
1553 for (i = 0; i < ARRAY_SIZE(p2p_go_friendly_chs); i++) {
1554 if (p2p_go_friendly_chs[i] == ch_id) {
1555 flags |= IWL_SCAN_ADWELL_N_APS_GO_FRIENDLY_BIT;
1563 for (i = 0; i < ARRAY_SIZE(social_chs); i++) {
1564 if (social_chs[i] == ch_id) {
1565 flags |= IWL_SCAN_ADWELL_N_APS_SOCIAL_CHS_BIT;
1575 iwl_mvm_umac_scan_cfg_channels(struct iwl_mvm *mvm,
1576 struct ieee80211_channel **channels,
1577 int n_channels, u32 flags,
1578 struct iwl_scan_channel_cfg_umac *channel_cfg)
1582 for (i = 0; i < n_channels; i++) {
1583 channel_cfg[i].flags = cpu_to_le32(flags);
1584 channel_cfg[i].v1.channel_num = channels[i]->hw_value;
1585 if (iwl_mvm_is_scan_ext_chan_supported(mvm)) {
1586 enum nl80211_band band = channels[i]->band;
1588 channel_cfg[i].v2.band =
1589 iwl_mvm_phy_band_from_nl80211(band);
1590 channel_cfg[i].v2.iter_count = 1;
1591 channel_cfg[i].v2.iter_interval = 0;
1593 channel_cfg[i].v1.iter_count = 1;
1594 channel_cfg[i].v1.iter_interval = 0;
1600 iwl_mvm_umac_scan_cfg_channels_v4(struct iwl_mvm *mvm,
1601 struct ieee80211_channel **channels,
1602 struct iwl_scan_channel_params_v4 *cp,
1603 int n_channels, u32 flags,
1604 enum nl80211_iftype vif_type)
1606 u8 *bitmap = cp->adwell_ch_override_bitmap;
1607 size_t bitmap_n_entries = ARRAY_SIZE(cp->adwell_ch_override_bitmap);
1610 for (i = 0; i < n_channels; i++) {
1611 enum nl80211_band band = channels[i]->band;
1612 struct iwl_scan_channel_cfg_umac *cfg =
1613 &cp->channel_config[i];
1615 cfg->flags = cpu_to_le32(flags);
1616 cfg->v2.channel_num = channels[i]->hw_value;
1617 cfg->v2.band = iwl_mvm_phy_band_from_nl80211(band);
1618 cfg->v2.iter_count = 1;
1619 cfg->v2.iter_interval = 0;
1621 iwl_mvm_scan_ch_add_n_aps_override(vif_type,
1622 cfg->v2.channel_num,
1623 cfg->v2.band, bitmap,
1629 iwl_mvm_umac_scan_cfg_channels_v7(struct iwl_mvm *mvm,
1630 struct ieee80211_channel **channels,
1631 struct iwl_scan_channel_params_v7 *cp,
1632 int n_channels, u32 flags,
1633 enum nl80211_iftype vif_type, u32 version)
1637 for (i = 0; i < n_channels; i++) {
1638 enum nl80211_band band = channels[i]->band;
1639 struct iwl_scan_channel_cfg_umac *cfg = &cp->channel_config[i];
1641 iwl_mvm_scan_ch_n_aps_flag(vif_type,
1642 channels[i]->hw_value);
1643 u8 iwl_band = iwl_mvm_phy_band_from_nl80211(band);
1645 cfg->flags = cpu_to_le32(flags | n_aps_flag);
1646 cfg->v2.channel_num = channels[i]->hw_value;
1647 if (cfg80211_channel_is_psc(channels[i]))
1649 cfg->v2.iter_count = 1;
1650 cfg->v2.iter_interval = 0;
1652 cfg->v2.band = iwl_band;
1654 cfg->flags |= cpu_to_le32((iwl_band <<
1655 IWL_CHAN_CFG_FLAGS_BAND_POS));
1660 iwl_mvm_umac_scan_fill_6g_chan_list(struct iwl_mvm *mvm,
1661 struct iwl_mvm_scan_params *params,
1662 struct iwl_scan_probe_params_v4 *pp)
1664 int j, idex_s = 0, idex_b = 0;
1665 struct cfg80211_scan_6ghz_params *scan_6ghz_params =
1666 params->scan_6ghz_params;
1667 bool hidden_supported = fw_has_capa(&mvm->fw->ucode_capa,
1668 IWL_UCODE_TLV_CAPA_HIDDEN_6GHZ_SCAN);
1670 for (j = 0; j < params->n_ssids && idex_s < SCAN_SHORT_SSID_MAX_SIZE;
1672 if (!params->ssids[j].ssid_len)
1675 pp->short_ssid[idex_s] =
1676 cpu_to_le32(~crc32_le(~0, params->ssids[j].ssid,
1677 params->ssids[j].ssid_len));
1679 if (hidden_supported) {
1680 pp->direct_scan[idex_s].id = WLAN_EID_SSID;
1681 pp->direct_scan[idex_s].len = params->ssids[j].ssid_len;
1682 memcpy(pp->direct_scan[idex_s].ssid, params->ssids[j].ssid,
1683 params->ssids[j].ssid_len);
1689 * Populate the arrays of the short SSIDs and the BSSIDs using the 6GHz
1690 * collocated parameters. This might not be optimal, as this processing
1691 * does not (yet) correspond to the actual channels, so it is possible
1692 * that some entries would be left out.
1694 * TODO: improve this logic.
1696 for (j = 0; j < params->n_6ghz_params; j++) {
1699 /* First, try to place the short SSID */
1700 if (scan_6ghz_params[j].short_ssid_valid) {
1701 for (k = 0; k < idex_s; k++) {
1702 if (pp->short_ssid[k] ==
1703 cpu_to_le32(scan_6ghz_params[j].short_ssid))
1707 if (k == idex_s && idex_s < SCAN_SHORT_SSID_MAX_SIZE) {
1708 pp->short_ssid[idex_s++] =
1709 cpu_to_le32(scan_6ghz_params[j].short_ssid);
1713 /* try to place BSSID for the same entry */
1714 for (k = 0; k < idex_b; k++) {
1715 if (!memcmp(&pp->bssid_array[k],
1716 scan_6ghz_params[j].bssid, ETH_ALEN))
1720 if (k == idex_b && idex_b < SCAN_BSSID_MAX_SIZE) {
1721 memcpy(&pp->bssid_array[idex_b++],
1722 scan_6ghz_params[j].bssid, ETH_ALEN);
1726 pp->short_ssid_num = idex_s;
1727 pp->bssid_num = idex_b;
1730 /* TODO: this function can be merged with iwl_mvm_scan_umac_fill_ch_p_v7 */
1732 iwl_mvm_umac_scan_cfg_channels_v7_6g(struct iwl_mvm *mvm,
1733 struct iwl_mvm_scan_params *params,
1735 struct iwl_scan_probe_params_v4 *pp,
1736 struct iwl_scan_channel_params_v7 *cp,
1737 enum nl80211_iftype vif_type,
1741 struct cfg80211_scan_6ghz_params *scan_6ghz_params =
1742 params->scan_6ghz_params;
1745 for (i = 0, ch_cnt = 0; i < params->n_channels; i++) {
1746 struct iwl_scan_channel_cfg_umac *cfg =
1747 &cp->channel_config[ch_cnt];
1749 u32 s_ssid_bitmap = 0, bssid_bitmap = 0, flags = 0;
1750 u8 j, k, s_max = 0, b_max = 0, n_used_bssid_entries;
1751 bool force_passive, found = false, allow_passive = true,
1752 unsolicited_probe_on_chan = false, psc_no_listen = false;
1753 s8 psd_20 = IEEE80211_RNR_TBTT_PARAMS_PSD_RESERVED;
1756 * Avoid performing passive scan on non PSC channels unless the
1757 * scan is specifically a passive scan, i.e., no SSIDs
1758 * configured in the scan command.
1760 if (!cfg80211_channel_is_psc(params->channels[i]) &&
1761 !params->n_6ghz_params && params->n_ssids)
1764 cfg->v1.channel_num = params->channels[i]->hw_value;
1766 cfg->v2.band = PHY_BAND_6;
1768 cfg->flags |= cpu_to_le32(PHY_BAND_6 <<
1769 IWL_CHAN_CFG_FLAGS_BAND_POS);
1771 cfg->v5.iter_count = 1;
1772 cfg->v5.iter_interval = 0;
1775 * The optimize the scan time, i.e., reduce the scan dwell time
1776 * on each channel, the below logic tries to set 3 direct BSSID
1777 * probe requests for each broadcast probe request with a short
1779 * TODO: improve this logic
1781 n_used_bssid_entries = 3;
1782 for (j = 0; j < params->n_6ghz_params; j++) {
1785 if (!(scan_6ghz_params[j].channel_idx == i))
1788 /* Use the highest PSD value allowed as advertised by
1789 * APs for this channel
1791 tmp_psd_20 = scan_6ghz_params[j].psd_20;
1793 IEEE80211_RNR_TBTT_PARAMS_PSD_RESERVED &&
1795 IEEE80211_RNR_TBTT_PARAMS_PSD_RESERVED ||
1796 psd_20 < tmp_psd_20))
1797 psd_20 = tmp_psd_20;
1800 unsolicited_probe_on_chan |=
1801 scan_6ghz_params[j].unsolicited_probe;
1802 psc_no_listen |= scan_6ghz_params[j].psc_no_listen;
1804 for (k = 0; k < pp->short_ssid_num; k++) {
1805 if (!scan_6ghz_params[j].unsolicited_probe &&
1806 le32_to_cpu(pp->short_ssid[k]) ==
1807 scan_6ghz_params[j].short_ssid) {
1808 /* Relevant short SSID bit set */
1809 if (s_ssid_bitmap & BIT(k)) {
1815 * Use short SSID only to create a new
1816 * iteration during channel dwell or in
1817 * case that the short SSID has a
1818 * matching SSID, i.e., scan for hidden
1821 if (n_used_bssid_entries >= 3) {
1822 s_ssid_bitmap |= BIT(k);
1824 n_used_bssid_entries -= 3;
1827 } else if (pp->direct_scan[k].len) {
1828 s_ssid_bitmap |= BIT(k);
1831 allow_passive = false;
1840 for (k = 0; k < pp->bssid_num; k++) {
1841 if (!memcmp(&pp->bssid_array[k],
1842 scan_6ghz_params[j].bssid,
1844 if (!(bssid_bitmap & BIT(k))) {
1845 bssid_bitmap |= BIT(k);
1847 n_used_bssid_entries++;
1854 if (cfg80211_channel_is_psc(params->channels[i]) &&
1856 flags |= IWL_UHB_CHAN_CFG_FLAG_PSC_CHAN_NO_LISTEN;
1858 if (unsolicited_probe_on_chan)
1859 flags |= IWL_UHB_CHAN_CFG_FLAG_UNSOLICITED_PROBE_RES;
1862 * In the following cases apply passive scan:
1863 * 1. Non fragmented scan:
1864 * - PSC channel with NO_LISTEN_FLAG on should be treated
1865 * like non PSC channel
1866 * - Non PSC channel with more than 3 short SSIDs or more
1868 * - Non PSC Channel with unsolicited probe response and
1869 * more than 2 short SSIDs or more than 6 BSSIDs.
1870 * - PSC channel with more than 2 short SSIDs or more than
1872 * 3. Fragmented scan:
1873 * - PSC channel with more than 1 SSID or 3 BSSIDs.
1874 * - Non PSC channel with more than 2 SSIDs or 6 BSSIDs.
1875 * - Non PSC channel with unsolicited probe response and
1876 * more than 1 SSID or more than 3 BSSIDs.
1878 if (!iwl_mvm_is_scan_fragmented(params->type)) {
1879 if (!cfg80211_channel_is_psc(params->channels[i]) ||
1880 flags & IWL_UHB_CHAN_CFG_FLAG_PSC_CHAN_NO_LISTEN) {
1881 force_passive = (s_max > 3 || b_max > 9);
1882 force_passive |= (unsolicited_probe_on_chan &&
1883 (s_max > 2 || b_max > 6));
1885 force_passive = (s_max > 2 || b_max > 6);
1887 } else if (cfg80211_channel_is_psc(params->channels[i])) {
1888 force_passive = (s_max > 1 || b_max > 3);
1890 force_passive = (s_max > 2 || b_max > 6);
1891 force_passive |= (unsolicited_probe_on_chan &&
1892 (s_max > 1 || b_max > 3));
1894 if ((allow_passive && force_passive) ||
1895 (!(bssid_bitmap | s_ssid_bitmap) &&
1896 !cfg80211_channel_is_psc(params->channels[i])))
1897 flags |= IWL_UHB_CHAN_CFG_FLAG_FORCE_PASSIVE;
1899 flags |= bssid_bitmap | (s_ssid_bitmap << 16);
1901 cfg->flags |= cpu_to_le32(flags);
1903 cfg->v5.psd_20 = psd_20;
1908 if (params->n_channels > ch_cnt)
1910 "6GHz: reducing number channels: (%u->%u)\n",
1911 params->n_channels, ch_cnt);
1916 static u8 iwl_mvm_scan_umac_chan_flags_v2(struct iwl_mvm *mvm,
1917 struct iwl_mvm_scan_params *params,
1918 struct ieee80211_vif *vif)
1922 flags |= IWL_SCAN_CHANNEL_FLAG_ENABLE_CHAN_ORDER;
1924 if (iwl_mvm_scan_use_ebs(mvm, vif))
1925 flags |= IWL_SCAN_CHANNEL_FLAG_EBS |
1926 IWL_SCAN_CHANNEL_FLAG_EBS_ACCURATE |
1927 IWL_SCAN_CHANNEL_FLAG_CACHE_ADD;
1929 /* set fragmented ebs for fragmented scan on HB channels */
1930 if ((!iwl_mvm_is_cdb_supported(mvm) &&
1931 iwl_mvm_is_scan_fragmented(params->type)) ||
1932 (iwl_mvm_is_cdb_supported(mvm) &&
1933 iwl_mvm_is_scan_fragmented(params->hb_type)))
1934 flags |= IWL_SCAN_CHANNEL_FLAG_EBS_FRAG;
1937 * force EBS in case the scan is a fragmented and there is a need to take P2P
1938 * GO operation into consideration during scan operation.
1940 if ((!iwl_mvm_is_cdb_supported(mvm) &&
1941 iwl_mvm_is_scan_fragmented(params->type) && params->respect_p2p_go) ||
1942 (iwl_mvm_is_cdb_supported(mvm) &&
1943 iwl_mvm_is_scan_fragmented(params->hb_type) &&
1944 params->respect_p2p_go_hb)) {
1945 IWL_DEBUG_SCAN(mvm, "Respect P2P GO. Force EBS\n");
1946 flags |= IWL_SCAN_CHANNEL_FLAG_FORCE_EBS;
1952 static void iwl_mvm_scan_6ghz_passive_scan(struct iwl_mvm *mvm,
1953 struct iwl_mvm_scan_params *params,
1954 struct ieee80211_vif *vif)
1956 struct ieee80211_supported_band *sband =
1957 &mvm->nvm_data->bands[NL80211_BAND_6GHZ];
1960 params->enable_6ghz_passive = false;
1962 if (params->scan_6ghz)
1965 if (!fw_has_capa(&mvm->fw->ucode_capa,
1966 IWL_UCODE_TLV_CAPA_PASSIVE_6GHZ_SCAN)) {
1968 "6GHz passive scan: Not supported by FW\n");
1972 /* 6GHz passive scan allowed only on station interface */
1973 if (vif->type != NL80211_IFTYPE_STATION) {
1975 "6GHz passive scan: not station interface\n");
1980 * 6GHz passive scan is allowed in a defined time interval following HW
1981 * reset or resume flow, or while not associated and a large interval
1982 * has passed since the last 6GHz passive scan.
1984 if ((vif->cfg.assoc ||
1985 time_after(mvm->last_6ghz_passive_scan_jiffies +
1986 (IWL_MVM_6GHZ_PASSIVE_SCAN_TIMEOUT * HZ), jiffies)) &&
1987 (time_before(mvm->last_reset_or_resume_time_jiffies +
1988 (IWL_MVM_6GHZ_PASSIVE_SCAN_ASSOC_TIMEOUT * HZ),
1990 IWL_DEBUG_SCAN(mvm, "6GHz passive scan: %s\n",
1991 vif->cfg.assoc ? "associated" :
1992 "timeout did not expire");
1996 /* not enough channels in the regular scan request */
1997 if (params->n_channels < IWL_MVM_6GHZ_PASSIVE_SCAN_MIN_CHANS) {
1999 "6GHz passive scan: not enough channels\n");
2003 for (i = 0; i < params->n_ssids; i++) {
2004 if (!params->ssids[i].ssid_len)
2008 /* not a wildcard scan, so cannot enable passive 6GHz scan */
2009 if (i == params->n_ssids) {
2011 "6GHz passive scan: no wildcard SSID\n");
2015 if (!sband || !sband->n_channels) {
2017 "6GHz passive scan: no 6GHz channels\n");
2021 for (i = 0, n_disabled = 0; i < sband->n_channels; i++) {
2022 if (sband->channels[i].flags & (IEEE80211_CHAN_DISABLED))
2027 * Not all the 6GHz channels are disabled, so no need for 6GHz passive
2030 if (n_disabled != sband->n_channels) {
2032 "6GHz passive scan: 6GHz channels enabled\n");
2036 /* all conditions to enable 6ghz passive scan are satisfied */
2037 IWL_DEBUG_SCAN(mvm, "6GHz passive scan: can be enabled\n");
2038 params->enable_6ghz_passive = true;
2041 static u16 iwl_mvm_scan_umac_flags_v2(struct iwl_mvm *mvm,
2042 struct iwl_mvm_scan_params *params,
2043 struct ieee80211_vif *vif,
2049 * If no direct SSIDs are provided perform a passive scan. Otherwise,
2050 * if there is a single SSID which is not the broadcast SSID, assume
2051 * that the scan is intended for roaming purposes and thus enable Rx on
2052 * all chains to improve chances of hearing the beacons/probe responses.
2054 if (params->n_ssids == 0)
2055 flags |= IWL_UMAC_SCAN_GEN_FLAGS_V2_FORCE_PASSIVE;
2056 else if (params->n_ssids == 1 && params->ssids[0].ssid_len)
2057 flags |= IWL_UMAC_SCAN_GEN_FLAGS_V2_USE_ALL_RX_CHAINS;
2059 if (iwl_mvm_is_scan_fragmented(params->type))
2060 flags |= IWL_UMAC_SCAN_GEN_FLAGS_V2_FRAGMENTED_LMAC1;
2062 if (iwl_mvm_is_scan_fragmented(params->hb_type))
2063 flags |= IWL_UMAC_SCAN_GEN_FLAGS_V2_FRAGMENTED_LMAC2;
2065 if (params->pass_all)
2066 flags |= IWL_UMAC_SCAN_GEN_FLAGS_V2_PASS_ALL;
2068 flags |= IWL_UMAC_SCAN_GEN_FLAGS_V2_MATCH;
2070 if (!iwl_mvm_is_regular_scan(params))
2071 flags |= IWL_UMAC_SCAN_GEN_FLAGS_V2_PERIODIC;
2073 if (params->iter_notif ||
2074 mvm->sched_scan_pass_all == SCHED_SCAN_PASS_ALL_ENABLED)
2075 flags |= IWL_UMAC_SCAN_GEN_FLAGS_V2_NTFY_ITER_COMPLETE;
2077 if (IWL_MVM_ADWELL_ENABLE)
2078 flags |= IWL_UMAC_SCAN_GEN_FLAGS_V2_ADAPTIVE_DWELL;
2080 if (type == IWL_MVM_SCAN_SCHED || type == IWL_MVM_SCAN_NETDETECT)
2081 flags |= IWL_UMAC_SCAN_GEN_FLAGS_V2_PREEMPTIVE;
2083 if ((type == IWL_MVM_SCAN_SCHED || type == IWL_MVM_SCAN_NETDETECT) &&
2084 params->flags & NL80211_SCAN_FLAG_COLOCATED_6GHZ)
2085 flags |= IWL_UMAC_SCAN_GEN_FLAGS_V2_TRIGGER_UHB_SCAN;
2087 if (params->enable_6ghz_passive)
2088 flags |= IWL_UMAC_SCAN_GEN_FLAGS_V2_6GHZ_PASSIVE_SCAN;
2090 if (iwl_mvm_is_oce_supported(mvm) &&
2091 (params->flags & (NL80211_SCAN_FLAG_ACCEPT_BCAST_PROBE_RESP |
2092 NL80211_SCAN_FLAG_OCE_PROBE_REQ_HIGH_TX_RATE |
2093 NL80211_SCAN_FLAG_FILS_MAX_CHANNEL_TIME)))
2094 flags |= IWL_UMAC_SCAN_GEN_FLAGS_V2_OCE;
2099 static u8 iwl_mvm_scan_umac_flags2(struct iwl_mvm *mvm,
2100 struct iwl_mvm_scan_params *params,
2101 struct ieee80211_vif *vif, int type)
2105 if (iwl_mvm_is_cdb_supported(mvm)) {
2106 if (params->respect_p2p_go)
2107 flags |= IWL_UMAC_SCAN_GEN_PARAMS_FLAGS2_RESPECT_P2P_GO_LB;
2108 if (params->respect_p2p_go_hb)
2109 flags |= IWL_UMAC_SCAN_GEN_PARAMS_FLAGS2_RESPECT_P2P_GO_HB;
2111 if (params->respect_p2p_go)
2112 flags = IWL_UMAC_SCAN_GEN_PARAMS_FLAGS2_RESPECT_P2P_GO_LB |
2113 IWL_UMAC_SCAN_GEN_PARAMS_FLAGS2_RESPECT_P2P_GO_HB;
2116 if (params->scan_6ghz &&
2117 fw_has_capa(&mvm->fw->ucode_capa,
2118 IWL_UCODE_TLV_CAPA_SCAN_DONT_TOGGLE_ANT))
2119 flags |= IWL_UMAC_SCAN_GEN_PARAMS_FLAGS2_DONT_TOGGLE_ANT;
2124 static u16 iwl_mvm_scan_umac_flags(struct iwl_mvm *mvm,
2125 struct iwl_mvm_scan_params *params,
2126 struct ieee80211_vif *vif)
2130 if (params->n_ssids == 0)
2131 flags = IWL_UMAC_SCAN_GEN_FLAGS_PASSIVE;
2133 if (params->n_ssids == 1 && params->ssids[0].ssid_len != 0)
2134 flags |= IWL_UMAC_SCAN_GEN_FLAGS_PRE_CONNECT;
2136 if (iwl_mvm_is_scan_fragmented(params->type))
2137 flags |= IWL_UMAC_SCAN_GEN_FLAGS_FRAGMENTED;
2139 if (iwl_mvm_is_cdb_supported(mvm) &&
2140 iwl_mvm_is_scan_fragmented(params->hb_type))
2141 flags |= IWL_UMAC_SCAN_GEN_FLAGS_LMAC2_FRAGMENTED;
2143 if (iwl_mvm_rrm_scan_needed(mvm) &&
2144 fw_has_capa(&mvm->fw->ucode_capa,
2145 IWL_UCODE_TLV_CAPA_WFA_TPC_REP_IE_SUPPORT))
2146 flags |= IWL_UMAC_SCAN_GEN_FLAGS_RRM_ENABLED;
2148 if (params->pass_all)
2149 flags |= IWL_UMAC_SCAN_GEN_FLAGS_PASS_ALL;
2151 flags |= IWL_UMAC_SCAN_GEN_FLAGS_MATCH;
2153 if (!iwl_mvm_is_regular_scan(params))
2154 flags |= IWL_UMAC_SCAN_GEN_FLAGS_PERIODIC;
2156 if (params->iter_notif)
2157 flags |= IWL_UMAC_SCAN_GEN_FLAGS_ITER_COMPLETE;
2159 #ifdef CONFIG_IWLWIFI_DEBUGFS
2160 if (mvm->scan_iter_notif_enabled)
2161 flags |= IWL_UMAC_SCAN_GEN_FLAGS_ITER_COMPLETE;
2164 if (mvm->sched_scan_pass_all == SCHED_SCAN_PASS_ALL_ENABLED)
2165 flags |= IWL_UMAC_SCAN_GEN_FLAGS_ITER_COMPLETE;
2167 if (iwl_mvm_is_adaptive_dwell_supported(mvm) && IWL_MVM_ADWELL_ENABLE)
2168 flags |= IWL_UMAC_SCAN_GEN_FLAGS_ADAPTIVE_DWELL;
2171 * Extended dwell is relevant only for low band to start with, as it is
2172 * being used for social channles only (1, 6, 11), so we can check
2173 * only scan type on low band also for CDB.
2175 if (iwl_mvm_is_regular_scan(params) &&
2176 vif->type != NL80211_IFTYPE_P2P_DEVICE &&
2177 !iwl_mvm_is_scan_fragmented(params->type) &&
2178 !iwl_mvm_is_adaptive_dwell_supported(mvm) &&
2179 !iwl_mvm_is_oce_supported(mvm))
2180 flags |= IWL_UMAC_SCAN_GEN_FLAGS_EXTENDED_DWELL;
2182 if (iwl_mvm_is_oce_supported(mvm)) {
2183 if ((params->flags &
2184 NL80211_SCAN_FLAG_OCE_PROBE_REQ_HIGH_TX_RATE))
2185 flags |= IWL_UMAC_SCAN_GEN_FLAGS_PROB_REQ_HIGH_TX_RATE;
2186 /* Since IWL_UMAC_SCAN_GEN_FLAGS_EXTENDED_DWELL and
2187 * NL80211_SCAN_FLAG_OCE_PROBE_REQ_DEFERRAL_SUPPRESSION shares
2188 * the same bit, we need to make sure that we use this bit here
2189 * only when IWL_UMAC_SCAN_GEN_FLAGS_EXTENDED_DWELL cannot be
2191 if ((params->flags &
2192 NL80211_SCAN_FLAG_OCE_PROBE_REQ_DEFERRAL_SUPPRESSION) &&
2193 !WARN_ON_ONCE(!iwl_mvm_is_adaptive_dwell_supported(mvm)))
2194 flags |= IWL_UMAC_SCAN_GEN_FLAGS_PROB_REQ_DEFER_SUPP;
2195 if ((params->flags & NL80211_SCAN_FLAG_FILS_MAX_CHANNEL_TIME))
2196 flags |= IWL_UMAC_SCAN_GEN_FLAGS_MAX_CHNL_TIME;
2203 iwl_mvm_fill_scan_sched_params(struct iwl_mvm_scan_params *params,
2204 struct iwl_scan_umac_schedule *schedule,
2208 if (WARN_ON(!params->n_scan_plans ||
2209 params->n_scan_plans > IWL_MAX_SCHED_SCAN_PLANS))
2212 for (i = 0; i < params->n_scan_plans; i++) {
2213 struct cfg80211_sched_scan_plan *scan_plan =
2214 ¶ms->scan_plans[i];
2216 schedule[i].iter_count = scan_plan->iterations;
2217 schedule[i].interval =
2218 cpu_to_le16(scan_plan->interval);
2222 * If the number of iterations of the last scan plan is set to
2223 * zero, it should run infinitely. However, this is not always the case.
2224 * For example, when regular scan is requested the driver sets one scan
2225 * plan with one iteration.
2227 if (!schedule[params->n_scan_plans - 1].iter_count)
2228 schedule[params->n_scan_plans - 1].iter_count = 0xff;
2230 *delay = cpu_to_le16(params->delay);
2235 static int iwl_mvm_scan_umac(struct iwl_mvm *mvm, struct ieee80211_vif *vif,
2236 struct iwl_mvm_scan_params *params,
2239 struct iwl_scan_req_umac *cmd = mvm->scan_cmd;
2240 struct iwl_scan_umac_chan_param *chan_param;
2241 void *cmd_data = iwl_mvm_get_scan_req_umac_data(mvm);
2242 void *sec_part = (u8 *)cmd_data + sizeof(struct iwl_scan_channel_cfg_umac) *
2243 mvm->fw->ucode_capa.n_scan_channels;
2244 struct iwl_scan_req_umac_tail_v2 *tail_v2 =
2245 (struct iwl_scan_req_umac_tail_v2 *)sec_part;
2246 struct iwl_scan_req_umac_tail_v1 *tail_v1;
2247 struct iwl_ssid_ie *direct_scan;
2249 u32 ssid_bitmap = 0;
2250 u8 channel_flags = 0;
2252 struct iwl_mvm_vif *scan_vif = iwl_mvm_vif_from_mac80211(vif);
2254 chan_param = iwl_mvm_get_scan_req_umac_channel(mvm);
2256 iwl_mvm_scan_umac_dwell(mvm, cmd, params);
2258 mvm->scan_uid_status[uid] = type;
2260 cmd->uid = cpu_to_le32(uid);
2261 gen_flags = iwl_mvm_scan_umac_flags(mvm, params, vif);
2262 cmd->general_flags = cpu_to_le16(gen_flags);
2263 if (iwl_mvm_is_adaptive_dwell_v2_supported(mvm)) {
2264 if (gen_flags & IWL_UMAC_SCAN_GEN_FLAGS_FRAGMENTED)
2265 cmd->v8.num_of_fragments[SCAN_LB_LMAC_IDX] =
2266 IWL_SCAN_NUM_OF_FRAGS;
2267 if (gen_flags & IWL_UMAC_SCAN_GEN_FLAGS_LMAC2_FRAGMENTED)
2268 cmd->v8.num_of_fragments[SCAN_HB_LMAC_IDX] =
2269 IWL_SCAN_NUM_OF_FRAGS;
2271 cmd->v8.general_flags2 =
2272 IWL_UMAC_SCAN_GEN_FLAGS2_ALLOW_CHNL_REORDER;
2275 cmd->scan_start_mac_id = scan_vif->id;
2277 if (type == IWL_MVM_SCAN_SCHED || type == IWL_MVM_SCAN_NETDETECT)
2278 cmd->flags = cpu_to_le32(IWL_UMAC_SCAN_FLAG_PREEMPTIVE);
2280 if (iwl_mvm_scan_use_ebs(mvm, vif)) {
2281 channel_flags = IWL_SCAN_CHANNEL_FLAG_EBS |
2282 IWL_SCAN_CHANNEL_FLAG_EBS_ACCURATE |
2283 IWL_SCAN_CHANNEL_FLAG_CACHE_ADD;
2285 /* set fragmented ebs for fragmented scan on HB channels */
2286 if (iwl_mvm_is_frag_ebs_supported(mvm)) {
2288 IWL_UMAC_SCAN_GEN_FLAGS_LMAC2_FRAGMENTED ||
2289 (!iwl_mvm_is_cdb_supported(mvm) &&
2290 gen_flags & IWL_UMAC_SCAN_GEN_FLAGS_FRAGMENTED))
2291 channel_flags |= IWL_SCAN_CHANNEL_FLAG_EBS_FRAG;
2295 chan_param->flags = channel_flags;
2296 chan_param->count = params->n_channels;
2298 ret = iwl_mvm_fill_scan_sched_params(params, tail_v2->schedule,
2301 mvm->scan_uid_status[uid] = 0;
2305 if (iwl_mvm_is_scan_ext_chan_supported(mvm)) {
2306 tail_v2->preq = params->preq;
2307 direct_scan = tail_v2->direct_scan;
2309 tail_v1 = (struct iwl_scan_req_umac_tail_v1 *)sec_part;
2310 iwl_mvm_scan_set_legacy_probe_req(&tail_v1->preq,
2312 direct_scan = tail_v1->direct_scan;
2314 iwl_scan_build_ssids(params, direct_scan, &ssid_bitmap);
2315 iwl_mvm_umac_scan_cfg_channels(mvm, params->channels,
2316 params->n_channels, ssid_bitmap,
2322 iwl_mvm_scan_umac_fill_general_p_v12(struct iwl_mvm *mvm,
2323 struct iwl_mvm_scan_params *params,
2324 struct ieee80211_vif *vif,
2325 struct iwl_scan_general_params_v11 *gp,
2326 u16 gen_flags, u8 gen_flags2,
2329 struct iwl_mvm_vif *scan_vif = iwl_mvm_vif_from_mac80211(vif);
2331 iwl_mvm_scan_umac_dwell_v11(mvm, gp, params);
2333 IWL_DEBUG_SCAN(mvm, "General: flags=0x%x, flags2=0x%x\n",
2334 gen_flags, gen_flags2);
2336 gp->flags = cpu_to_le16(gen_flags);
2337 gp->flags2 = gen_flags2;
2339 if (gen_flags & IWL_UMAC_SCAN_GEN_FLAGS_V2_FRAGMENTED_LMAC1)
2340 gp->num_of_fragments[SCAN_LB_LMAC_IDX] = IWL_SCAN_NUM_OF_FRAGS;
2341 if (gen_flags & IWL_UMAC_SCAN_GEN_FLAGS_V2_FRAGMENTED_LMAC2)
2342 gp->num_of_fragments[SCAN_HB_LMAC_IDX] = IWL_SCAN_NUM_OF_FRAGS;
2344 mvm->scan_link_id = 0;
2347 gp->scan_start_mac_or_link_id = scan_vif->id;
2349 struct iwl_mvm_vif_link_info *link_info =
2350 scan_vif->link[params->tsf_report_link_id];
2352 mvm->scan_link_id = params->tsf_report_link_id;
2353 if (!WARN_ON(!link_info))
2354 gp->scan_start_mac_or_link_id = link_info->fw_link_id;
2359 iwl_mvm_scan_umac_fill_probe_p_v3(struct iwl_mvm_scan_params *params,
2360 struct iwl_scan_probe_params_v3 *pp)
2362 pp->preq = params->preq;
2363 pp->ssid_num = params->n_ssids;
2364 iwl_scan_build_ssids(params, pp->direct_scan, NULL);
2368 iwl_mvm_scan_umac_fill_probe_p_v4(struct iwl_mvm_scan_params *params,
2369 struct iwl_scan_probe_params_v4 *pp,
2372 pp->preq = params->preq;
2373 iwl_scan_build_ssids(params, pp->direct_scan, bitmap_ssid);
2377 iwl_mvm_scan_umac_fill_ch_p_v4(struct iwl_mvm *mvm,
2378 struct iwl_mvm_scan_params *params,
2379 struct ieee80211_vif *vif,
2380 struct iwl_scan_channel_params_v4 *cp,
2381 u32 channel_cfg_flags)
2383 cp->flags = iwl_mvm_scan_umac_chan_flags_v2(mvm, params, vif);
2384 cp->count = params->n_channels;
2385 cp->num_of_aps_override = IWL_SCAN_ADWELL_N_APS_GO_FRIENDLY;
2387 iwl_mvm_umac_scan_cfg_channels_v4(mvm, params->channels, cp,
2394 iwl_mvm_scan_umac_fill_ch_p_v7(struct iwl_mvm *mvm,
2395 struct iwl_mvm_scan_params *params,
2396 struct ieee80211_vif *vif,
2397 struct iwl_scan_channel_params_v7 *cp,
2398 u32 channel_cfg_flags,
2401 cp->flags = iwl_mvm_scan_umac_chan_flags_v2(mvm, params, vif);
2402 cp->count = params->n_channels;
2403 cp->n_aps_override[0] = IWL_SCAN_ADWELL_N_APS_GO_FRIENDLY;
2404 cp->n_aps_override[1] = IWL_SCAN_ADWELL_N_APS_SOCIAL_CHS;
2406 iwl_mvm_umac_scan_cfg_channels_v7(mvm, params->channels, cp,
2409 vif->type, version);
2411 if (params->enable_6ghz_passive) {
2412 struct ieee80211_supported_band *sband =
2413 &mvm->nvm_data->bands[NL80211_BAND_6GHZ];
2416 for (i = 0; i < sband->n_channels; i++) {
2417 struct ieee80211_channel *channel =
2418 &sband->channels[i];
2420 struct iwl_scan_channel_cfg_umac *cfg =
2421 &cp->channel_config[cp->count];
2423 if (!cfg80211_channel_is_psc(channel))
2426 cfg->v5.channel_num = channel->hw_value;
2427 cfg->v5.iter_count = 1;
2428 cfg->v5.iter_interval = 0;
2432 cfg->v2.band = PHY_BAND_6;
2434 cfg->flags = cpu_to_le32(PHY_BAND_6 <<
2435 IWL_CHAN_CFG_FLAGS_BAND_POS);
2437 IEEE80211_RNR_TBTT_PARAMS_PSD_RESERVED;
2444 static int iwl_mvm_scan_umac_v12(struct iwl_mvm *mvm, struct ieee80211_vif *vif,
2445 struct iwl_mvm_scan_params *params, int type,
2448 struct iwl_scan_req_umac_v12 *cmd = mvm->scan_cmd;
2449 struct iwl_scan_req_params_v12 *scan_p = &cmd->scan_params;
2453 mvm->scan_uid_status[uid] = type;
2455 cmd->ooc_priority = cpu_to_le32(iwl_mvm_scan_umac_ooc_priority(params));
2456 cmd->uid = cpu_to_le32(uid);
2458 gen_flags = iwl_mvm_scan_umac_flags_v2(mvm, params, vif, type);
2459 iwl_mvm_scan_umac_fill_general_p_v12(mvm, params, vif,
2460 &scan_p->general_params,
2463 ret = iwl_mvm_fill_scan_sched_params(params,
2464 scan_p->periodic_params.schedule,
2465 &scan_p->periodic_params.delay);
2469 iwl_mvm_scan_umac_fill_probe_p_v3(params, &scan_p->probe_params);
2470 iwl_mvm_scan_umac_fill_ch_p_v4(mvm, params, vif,
2471 &scan_p->channel_params, 0);
2476 static int iwl_mvm_scan_umac_v14_and_above(struct iwl_mvm *mvm,
2477 struct ieee80211_vif *vif,
2478 struct iwl_mvm_scan_params *params,
2479 int type, int uid, u32 version)
2481 struct iwl_scan_req_umac_v17 *cmd = mvm->scan_cmd;
2482 struct iwl_scan_req_params_v17 *scan_p = &cmd->scan_params;
2483 struct iwl_scan_channel_params_v7 *cp = &scan_p->channel_params;
2484 struct iwl_scan_probe_params_v4 *pb = &scan_p->probe_params;
2488 u32 bitmap_ssid = 0;
2490 mvm->scan_uid_status[uid] = type;
2492 cmd->ooc_priority = cpu_to_le32(iwl_mvm_scan_umac_ooc_priority(params));
2493 cmd->uid = cpu_to_le32(uid);
2495 gen_flags = iwl_mvm_scan_umac_flags_v2(mvm, params, vif, type);
2498 gen_flags2 = iwl_mvm_scan_umac_flags2(mvm, params, vif, type);
2502 iwl_mvm_scan_umac_fill_general_p_v12(mvm, params, vif,
2503 &scan_p->general_params,
2504 gen_flags, gen_flags2, version);
2506 ret = iwl_mvm_fill_scan_sched_params(params,
2507 scan_p->periodic_params.schedule,
2508 &scan_p->periodic_params.delay);
2512 if (!params->scan_6ghz) {
2513 iwl_mvm_scan_umac_fill_probe_p_v4(params,
2514 &scan_p->probe_params,
2516 iwl_mvm_scan_umac_fill_ch_p_v7(mvm, params, vif,
2517 &scan_p->channel_params,
2522 pb->preq = params->preq;
2525 cp->flags = iwl_mvm_scan_umac_chan_flags_v2(mvm, params, vif);
2526 cp->n_aps_override[0] = IWL_SCAN_ADWELL_N_APS_GO_FRIENDLY;
2527 cp->n_aps_override[1] = IWL_SCAN_ADWELL_N_APS_SOCIAL_CHS;
2529 iwl_mvm_umac_scan_fill_6g_chan_list(mvm, params, pb);
2531 cp->count = iwl_mvm_umac_scan_cfg_channels_v7_6g(mvm, params,
2536 mvm->scan_uid_status[uid] = 0;
2540 if (!params->n_ssids ||
2541 (params->n_ssids == 1 && !params->ssids[0].ssid_len))
2542 cp->flags |= IWL_SCAN_CHANNEL_FLAG_6G_PSC_NO_FILTER;
2547 static int iwl_mvm_scan_umac_v14(struct iwl_mvm *mvm, struct ieee80211_vif *vif,
2548 struct iwl_mvm_scan_params *params, int type,
2551 return iwl_mvm_scan_umac_v14_and_above(mvm, vif, params, type, uid, 14);
2554 static int iwl_mvm_scan_umac_v15(struct iwl_mvm *mvm, struct ieee80211_vif *vif,
2555 struct iwl_mvm_scan_params *params, int type,
2558 return iwl_mvm_scan_umac_v14_and_above(mvm, vif, params, type, uid, 15);
2561 static int iwl_mvm_scan_umac_v16(struct iwl_mvm *mvm, struct ieee80211_vif *vif,
2562 struct iwl_mvm_scan_params *params, int type,
2565 return iwl_mvm_scan_umac_v14_and_above(mvm, vif, params, type, uid, 16);
2568 static int iwl_mvm_scan_umac_v17(struct iwl_mvm *mvm, struct ieee80211_vif *vif,
2569 struct iwl_mvm_scan_params *params, int type,
2572 return iwl_mvm_scan_umac_v14_and_above(mvm, vif, params, type, uid, 17);
2575 static int iwl_mvm_num_scans(struct iwl_mvm *mvm)
2577 return hweight32(mvm->scan_status & IWL_MVM_SCAN_MASK);
2580 static int iwl_mvm_check_running_scans(struct iwl_mvm *mvm, int type)
2582 bool unified_image = fw_has_capa(&mvm->fw->ucode_capa,
2583 IWL_UCODE_TLV_CAPA_CNSLDTD_D3_D0_IMG);
2585 /* This looks a bit arbitrary, but the idea is that if we run
2586 * out of possible simultaneous scans and the userspace is
2587 * trying to run a scan type that is already running, we
2588 * return -EBUSY. But if the userspace wants to start a
2589 * different type of scan, we stop the opposite type to make
2590 * space for the new request. The reason is backwards
2591 * compatibility with old wpa_supplicant that wouldn't stop a
2592 * scheduled scan before starting a normal scan.
2595 /* FW supports only a single periodic scan */
2596 if ((type == IWL_MVM_SCAN_SCHED || type == IWL_MVM_SCAN_NETDETECT) &&
2597 mvm->scan_status & (IWL_MVM_SCAN_SCHED | IWL_MVM_SCAN_NETDETECT))
2600 if (iwl_mvm_num_scans(mvm) < mvm->max_scans)
2603 /* Use a switch, even though this is a bitmask, so that more
2604 * than one bits set will fall in default and we will warn.
2607 case IWL_MVM_SCAN_REGULAR:
2608 if (mvm->scan_status & IWL_MVM_SCAN_REGULAR_MASK)
2610 return iwl_mvm_scan_stop(mvm, IWL_MVM_SCAN_SCHED, true);
2611 case IWL_MVM_SCAN_SCHED:
2612 if (mvm->scan_status & IWL_MVM_SCAN_SCHED_MASK)
2614 return iwl_mvm_scan_stop(mvm, IWL_MVM_SCAN_REGULAR, true);
2615 case IWL_MVM_SCAN_NETDETECT:
2616 /* For non-unified images, there's no need to stop
2617 * anything for net-detect since the firmware is
2618 * restarted anyway. This way, any sched scans that
2619 * were running will be restarted when we resume.
2624 /* If this is a unified image and we ran out of scans,
2625 * we need to stop something. Prefer stopping regular
2626 * scans, because the results are useless at this
2627 * point, and we should be able to keep running
2628 * another scheduled scan while suspended.
2630 if (mvm->scan_status & IWL_MVM_SCAN_REGULAR_MASK)
2631 return iwl_mvm_scan_stop(mvm, IWL_MVM_SCAN_REGULAR,
2633 if (mvm->scan_status & IWL_MVM_SCAN_SCHED_MASK)
2634 return iwl_mvm_scan_stop(mvm, IWL_MVM_SCAN_SCHED,
2636 /* Something is wrong if no scan was running but we
2648 #define SCAN_TIMEOUT 30000
2650 void iwl_mvm_scan_timeout_wk(struct work_struct *work)
2652 struct delayed_work *delayed_work = to_delayed_work(work);
2653 struct iwl_mvm *mvm = container_of(delayed_work, struct iwl_mvm,
2654 scan_timeout_dwork);
2656 IWL_ERR(mvm, "regular scan timed out\n");
2658 iwl_force_nmi(mvm->trans);
2661 static void iwl_mvm_fill_scan_type(struct iwl_mvm *mvm,
2662 struct iwl_mvm_scan_params *params,
2663 struct ieee80211_vif *vif)
2665 if (iwl_mvm_is_cdb_supported(mvm)) {
2667 iwl_mvm_get_scan_type_band(mvm, vif,
2670 iwl_mvm_get_scan_type_band(mvm, vif,
2673 params->type = iwl_mvm_get_scan_type(mvm, vif);
2677 struct iwl_scan_umac_handler {
2679 int (*handler)(struct iwl_mvm *mvm, struct ieee80211_vif *vif,
2680 struct iwl_mvm_scan_params *params, int type, int uid);
2683 #define IWL_SCAN_UMAC_HANDLER(_ver) { \
2685 .handler = iwl_mvm_scan_umac_v##_ver, \
2688 static const struct iwl_scan_umac_handler iwl_scan_umac_handlers[] = {
2689 /* set the newest version first to shorten the list traverse time */
2690 IWL_SCAN_UMAC_HANDLER(17),
2691 IWL_SCAN_UMAC_HANDLER(16),
2692 IWL_SCAN_UMAC_HANDLER(15),
2693 IWL_SCAN_UMAC_HANDLER(14),
2694 IWL_SCAN_UMAC_HANDLER(12),
2697 static void iwl_mvm_mei_scan_work(struct work_struct *wk)
2699 struct iwl_mei_scan_filter *scan_filter =
2700 container_of(wk, struct iwl_mei_scan_filter, scan_work);
2701 struct iwl_mvm *mvm =
2702 container_of(scan_filter, struct iwl_mvm, mei_scan_filter);
2703 struct iwl_mvm_csme_conn_info *info;
2704 struct sk_buff *skb;
2707 mutex_lock(&mvm->mutex);
2708 info = iwl_mvm_get_csme_conn_info(mvm);
2709 memcpy(bssid, info->conn_info.bssid, ETH_ALEN);
2710 mutex_unlock(&mvm->mutex);
2712 while ((skb = skb_dequeue(&scan_filter->scan_res))) {
2713 struct ieee80211_mgmt *mgmt = (void *)skb->data;
2715 if (!memcmp(mgmt->bssid, bssid, ETH_ALEN))
2716 ieee80211_rx_irqsafe(mvm->hw, skb);
2722 void iwl_mvm_mei_scan_filter_init(struct iwl_mei_scan_filter *mei_scan_filter)
2724 skb_queue_head_init(&mei_scan_filter->scan_res);
2725 INIT_WORK(&mei_scan_filter->scan_work, iwl_mvm_mei_scan_work);
2728 /* In case CSME is connected and has link protection set, this function will
2729 * override the scan request to scan only the associated channel and only for
2730 * the associated SSID.
2732 static void iwl_mvm_mei_limited_scan(struct iwl_mvm *mvm,
2733 struct iwl_mvm_scan_params *params)
2735 struct iwl_mvm_csme_conn_info *info = iwl_mvm_get_csme_conn_info(mvm);
2736 struct iwl_mei_conn_info *conn_info;
2737 struct ieee80211_channel *chan;
2741 IWL_DEBUG_SCAN(mvm, "mei_limited_scan: no connection info\n");
2745 conn_info = &info->conn_info;
2746 if (!info->conn_info.lp_state || !info->conn_info.ssid_len)
2749 if (!params->n_channels || !params->n_ssids)
2752 mvm->mei_scan_filter.is_mei_limited_scan = true;
2754 chan = ieee80211_get_channel(mvm->hw->wiphy,
2755 ieee80211_channel_to_frequency(conn_info->channel,
2759 "Failed to get CSME channel (chan=%u band=%u)\n",
2760 conn_info->channel, conn_info->band);
2764 /* The mei filtered scan must find the AP, otherwise CSME will
2765 * take the NIC ownership. Add several iterations on the channel to
2766 * make the scan more robust.
2768 scan_iters = min(IWL_MEI_SCAN_NUM_ITER, params->n_channels);
2769 params->n_channels = scan_iters;
2770 for (i = 0; i < scan_iters; i++)
2771 params->channels[i] = chan;
2773 IWL_DEBUG_SCAN(mvm, "Mei scan: num iterations=%u\n", scan_iters);
2775 params->n_ssids = 1;
2776 params->ssids[0].ssid_len = conn_info->ssid_len;
2777 memcpy(params->ssids[0].ssid, conn_info->ssid, conn_info->ssid_len);
2780 static int iwl_mvm_build_scan_cmd(struct iwl_mvm *mvm,
2781 struct ieee80211_vif *vif,
2782 struct iwl_host_cmd *hcmd,
2783 struct iwl_mvm_scan_params *params,
2789 lockdep_assert_held(&mvm->mutex);
2790 memset(mvm->scan_cmd, 0, mvm->scan_cmd_size);
2792 iwl_mvm_mei_limited_scan(mvm, params);
2794 if (!fw_has_capa(&mvm->fw->ucode_capa, IWL_UCODE_TLV_CAPA_UMAC_SCAN)) {
2795 hcmd->id = SCAN_OFFLOAD_REQUEST_CMD;
2797 return iwl_mvm_scan_lmac(mvm, vif, params);
2800 uid = iwl_mvm_scan_uid_by_status(mvm, 0);
2804 hcmd->id = WIDE_ID(IWL_ALWAYS_LONG_GROUP, SCAN_REQ_UMAC);
2806 scan_ver = iwl_fw_lookup_cmd_ver(mvm->fw, SCAN_REQ_UMAC,
2807 IWL_FW_CMD_VER_UNKNOWN);
2809 for (i = 0; i < ARRAY_SIZE(iwl_scan_umac_handlers); i++) {
2810 const struct iwl_scan_umac_handler *ver_handler =
2811 &iwl_scan_umac_handlers[i];
2813 if (ver_handler->version != scan_ver)
2816 return ver_handler->handler(mvm, vif, params, type, uid);
2819 err = iwl_mvm_scan_umac(mvm, vif, params, type, uid);
2826 struct iwl_mvm_scan_respect_p2p_go_iter_data {
2827 struct ieee80211_vif *current_vif;
2829 enum nl80211_band band;
2832 static void iwl_mvm_scan_respect_p2p_go_iter(void *_data, u8 *mac,
2833 struct ieee80211_vif *vif)
2835 struct iwl_mvm_scan_respect_p2p_go_iter_data *data = _data;
2836 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
2838 /* exclude the given vif */
2839 if (vif == data->current_vif)
2842 if (vif->type == NL80211_IFTYPE_AP && vif->p2p) {
2846 link_id < ARRAY_SIZE(mvmvif->link);
2848 struct iwl_mvm_vif_link_info *link =
2849 mvmvif->link[link_id];
2851 if (link && link->phy_ctxt->id < NUM_PHY_CTX &&
2852 (data->band == NUM_NL80211_BANDS ||
2853 link->phy_ctxt->channel->band == data->band)) {
2854 data->p2p_go = true;
2861 static bool _iwl_mvm_get_respect_p2p_go(struct iwl_mvm *mvm,
2862 struct ieee80211_vif *vif,
2864 enum nl80211_band band)
2866 struct iwl_mvm_scan_respect_p2p_go_iter_data data = {
2875 ieee80211_iterate_active_interfaces_atomic(mvm->hw,
2876 IEEE80211_IFACE_ITER_NORMAL,
2877 iwl_mvm_scan_respect_p2p_go_iter,
2883 static bool iwl_mvm_get_respect_p2p_go_band(struct iwl_mvm *mvm,
2884 struct ieee80211_vif *vif,
2885 enum nl80211_band band)
2887 bool low_latency = iwl_mvm_low_latency_band(mvm, band);
2889 return _iwl_mvm_get_respect_p2p_go(mvm, vif, low_latency, band);
2892 static bool iwl_mvm_get_respect_p2p_go(struct iwl_mvm *mvm,
2893 struct ieee80211_vif *vif)
2895 bool low_latency = iwl_mvm_low_latency(mvm);
2897 return _iwl_mvm_get_respect_p2p_go(mvm, vif, low_latency,
2901 static void iwl_mvm_fill_respect_p2p_go(struct iwl_mvm *mvm,
2902 struct iwl_mvm_scan_params *params,
2903 struct ieee80211_vif *vif)
2905 if (iwl_mvm_is_cdb_supported(mvm)) {
2906 params->respect_p2p_go =
2907 iwl_mvm_get_respect_p2p_go_band(mvm, vif,
2909 params->respect_p2p_go_hb =
2910 iwl_mvm_get_respect_p2p_go_band(mvm, vif,
2913 params->respect_p2p_go = iwl_mvm_get_respect_p2p_go(mvm, vif);
2917 int iwl_mvm_reg_scan_start(struct iwl_mvm *mvm, struct ieee80211_vif *vif,
2918 struct cfg80211_scan_request *req,
2919 struct ieee80211_scan_ies *ies)
2921 struct iwl_host_cmd hcmd = {
2922 .len = { iwl_mvm_scan_size(mvm), },
2923 .data = { mvm->scan_cmd, },
2924 .dataflags = { IWL_HCMD_DFL_NOCOPY, },
2926 struct iwl_mvm_scan_params params = {};
2928 struct cfg80211_sched_scan_plan scan_plan = { .iterations = 1 };
2930 lockdep_assert_held(&mvm->mutex);
2932 if (iwl_mvm_is_lar_supported(mvm) && !mvm->lar_regdom_set) {
2933 IWL_ERR(mvm, "scan while LAR regdomain is not set\n");
2937 ret = iwl_mvm_check_running_scans(mvm, IWL_MVM_SCAN_REGULAR);
2941 /* we should have failed registration if scan_cmd was NULL */
2942 if (WARN_ON(!mvm->scan_cmd))
2945 if (!iwl_mvm_scan_fits(mvm, req->n_ssids, ies, req->n_channels))
2948 params.n_ssids = req->n_ssids;
2949 params.flags = req->flags;
2950 params.n_channels = req->n_channels;
2952 params.ssids = req->ssids;
2953 params.channels = req->channels;
2954 params.mac_addr = req->mac_addr;
2955 params.mac_addr_mask = req->mac_addr_mask;
2956 params.no_cck = req->no_cck;
2957 params.pass_all = true;
2958 params.n_match_sets = 0;
2959 params.match_sets = NULL;
2960 ether_addr_copy(params.bssid, req->bssid);
2962 params.scan_plans = &scan_plan;
2963 params.n_scan_plans = 1;
2965 params.n_6ghz_params = req->n_6ghz_params;
2966 params.scan_6ghz_params = req->scan_6ghz_params;
2967 params.scan_6ghz = req->scan_6ghz;
2968 iwl_mvm_fill_scan_type(mvm, ¶ms, vif);
2969 iwl_mvm_fill_respect_p2p_go(mvm, ¶ms, vif);
2972 params.iter_notif = true;
2974 params.tsf_report_link_id = req->tsf_report_link_id;
2975 if (params.tsf_report_link_id < 0) {
2976 if (vif->active_links)
2977 params.tsf_report_link_id = __ffs(vif->active_links);
2979 params.tsf_report_link_id = 0;
2982 iwl_mvm_build_scan_probe(mvm, vif, ies, ¶ms);
2984 iwl_mvm_scan_6ghz_passive_scan(mvm, ¶ms, vif);
2986 uid = iwl_mvm_build_scan_cmd(mvm, vif, &hcmd, ¶ms,
2987 IWL_MVM_SCAN_REGULAR);
2992 iwl_mvm_pause_tcm(mvm, false);
2994 ret = iwl_mvm_send_cmd(mvm, &hcmd);
2996 /* If the scan failed, it usually means that the FW was unable
2997 * to allocate the time events. Warn on it, but maybe we
2998 * should try to send the command again with different params.
3000 IWL_ERR(mvm, "Scan failed! ret %d\n", ret);
3001 iwl_mvm_resume_tcm(mvm);
3002 mvm->scan_uid_status[uid] = 0;
3006 IWL_DEBUG_SCAN(mvm, "Scan request was sent successfully\n");
3007 mvm->scan_status |= IWL_MVM_SCAN_REGULAR;
3008 mvm->scan_vif = iwl_mvm_vif_from_mac80211(vif);
3010 if (params.enable_6ghz_passive)
3011 mvm->last_6ghz_passive_scan_jiffies = jiffies;
3013 schedule_delayed_work(&mvm->scan_timeout_dwork,
3014 msecs_to_jiffies(SCAN_TIMEOUT));
3019 int iwl_mvm_sched_scan_start(struct iwl_mvm *mvm,
3020 struct ieee80211_vif *vif,
3021 struct cfg80211_sched_scan_request *req,
3022 struct ieee80211_scan_ies *ies,
3025 struct iwl_host_cmd hcmd = {
3026 .len = { iwl_mvm_scan_size(mvm), },
3027 .data = { mvm->scan_cmd, },
3028 .dataflags = { IWL_HCMD_DFL_NOCOPY, },
3030 struct iwl_mvm_scan_params params = {};
3033 bool non_psc_included = false;
3035 lockdep_assert_held(&mvm->mutex);
3037 if (iwl_mvm_is_lar_supported(mvm) && !mvm->lar_regdom_set) {
3038 IWL_ERR(mvm, "sched-scan while LAR regdomain is not set\n");
3042 ret = iwl_mvm_check_running_scans(mvm, type);
3046 /* we should have failed registration if scan_cmd was NULL */
3047 if (WARN_ON(!mvm->scan_cmd))
3051 params.n_ssids = req->n_ssids;
3052 params.flags = req->flags;
3053 params.n_channels = req->n_channels;
3054 params.ssids = req->ssids;
3055 params.channels = req->channels;
3056 params.mac_addr = req->mac_addr;
3057 params.mac_addr_mask = req->mac_addr_mask;
3058 params.no_cck = false;
3059 params.pass_all = iwl_mvm_scan_pass_all(mvm, req);
3060 params.n_match_sets = req->n_match_sets;
3061 params.match_sets = req->match_sets;
3062 eth_broadcast_addr(params.bssid);
3063 if (!req->n_scan_plans)
3066 params.n_scan_plans = req->n_scan_plans;
3067 params.scan_plans = req->scan_plans;
3069 iwl_mvm_fill_scan_type(mvm, ¶ms, vif);
3070 iwl_mvm_fill_respect_p2p_go(mvm, ¶ms, vif);
3072 /* In theory, LMAC scans can handle a 32-bit delay, but since
3073 * waiting for over 18 hours to start the scan is a bit silly
3074 * and to keep it aligned with UMAC scans (which only support
3075 * 16-bit delays), trim it down to 16-bits.
3077 if (req->delay > U16_MAX) {
3079 "delay value is > 16-bits, set to max possible\n");
3080 params.delay = U16_MAX;
3082 params.delay = req->delay;
3085 ret = iwl_mvm_config_sched_scan_profiles(mvm, req);
3089 iwl_mvm_build_scan_probe(mvm, vif, ies, ¶ms);
3091 /* for 6 GHZ band only PSC channels need to be added */
3092 for (i = 0; i < params.n_channels; i++) {
3093 struct ieee80211_channel *channel = params.channels[i];
3095 if (channel->band == NL80211_BAND_6GHZ &&
3096 !cfg80211_channel_is_psc(channel)) {
3097 non_psc_included = true;
3102 if (non_psc_included) {
3103 params.channels = kmemdup(params.channels,
3104 sizeof(params.channels[0]) *
3107 if (!params.channels)
3110 for (i = j = 0; i < params.n_channels; i++) {
3111 if (params.channels[i]->band == NL80211_BAND_6GHZ &&
3112 !cfg80211_channel_is_psc(params.channels[i]))
3114 params.channels[j++] = params.channels[i];
3116 params.n_channels = j;
3119 if (non_psc_included &&
3120 !iwl_mvm_scan_fits(mvm, req->n_ssids, ies, params.n_channels)) {
3121 kfree(params.channels);
3125 uid = iwl_mvm_build_scan_cmd(mvm, vif, &hcmd, ¶ms, type);
3127 if (non_psc_included)
3128 kfree(params.channels);
3132 ret = iwl_mvm_send_cmd(mvm, &hcmd);
3135 "Sched scan request was sent successfully\n");
3136 mvm->scan_status |= type;
3138 /* If the scan failed, it usually means that the FW was unable
3139 * to allocate the time events. Warn on it, but maybe we
3140 * should try to send the command again with different params.
3142 IWL_ERR(mvm, "Sched scan failed! ret %d\n", ret);
3143 mvm->scan_uid_status[uid] = 0;
3144 mvm->sched_scan_pass_all = SCHED_SCAN_PASS_ALL_DISABLED;
3150 void iwl_mvm_rx_umac_scan_complete_notif(struct iwl_mvm *mvm,
3151 struct iwl_rx_cmd_buffer *rxb)
3153 struct iwl_rx_packet *pkt = rxb_addr(rxb);
3154 struct iwl_umac_scan_complete *notif = (void *)pkt->data;
3155 u32 uid = __le32_to_cpu(notif->uid);
3156 bool aborted = (notif->status == IWL_SCAN_OFFLOAD_ABORTED);
3158 mvm->mei_scan_filter.is_mei_limited_scan = false;
3160 if (WARN_ON(!(mvm->scan_uid_status[uid] & mvm->scan_status)))
3163 /* if the scan is already stopping, we don't need to notify mac80211 */
3164 if (mvm->scan_uid_status[uid] == IWL_MVM_SCAN_REGULAR) {
3165 struct cfg80211_scan_info info = {
3167 .scan_start_tsf = mvm->scan_start,
3169 struct iwl_mvm_vif *scan_vif = mvm->scan_vif;
3170 struct iwl_mvm_vif_link_info *link_info =
3171 scan_vif->link[mvm->scan_link_id];
3173 if (!WARN_ON(!link_info))
3174 memcpy(info.tsf_bssid, link_info->bssid, ETH_ALEN);
3176 ieee80211_scan_completed(mvm->hw, &info);
3177 mvm->scan_vif = NULL;
3178 cancel_delayed_work(&mvm->scan_timeout_dwork);
3179 iwl_mvm_resume_tcm(mvm);
3180 } else if (mvm->scan_uid_status[uid] == IWL_MVM_SCAN_SCHED) {
3181 ieee80211_sched_scan_stopped(mvm->hw);
3182 mvm->sched_scan_pass_all = SCHED_SCAN_PASS_ALL_DISABLED;
3185 mvm->scan_status &= ~mvm->scan_uid_status[uid];
3187 "Scan completed, uid %u type %u, status %s, EBS status %s\n",
3188 uid, mvm->scan_uid_status[uid],
3189 notif->status == IWL_SCAN_OFFLOAD_COMPLETED ?
3190 "completed" : "aborted",
3191 iwl_mvm_ebs_status_str(notif->ebs_status));
3193 "Last line %d, Last iteration %d, Time from last iteration %d\n",
3194 notif->last_schedule, notif->last_iter,
3195 __le32_to_cpu(notif->time_from_last_iter));
3197 if (notif->ebs_status != IWL_SCAN_EBS_SUCCESS &&
3198 notif->ebs_status != IWL_SCAN_EBS_INACTIVE)
3199 mvm->last_ebs_successful = false;
3201 mvm->scan_uid_status[uid] = 0;
3204 void iwl_mvm_rx_umac_scan_iter_complete_notif(struct iwl_mvm *mvm,
3205 struct iwl_rx_cmd_buffer *rxb)
3207 struct iwl_rx_packet *pkt = rxb_addr(rxb);
3208 struct iwl_umac_scan_iter_complete_notif *notif = (void *)pkt->data;
3210 mvm->scan_start = le64_to_cpu(notif->start_tsf);
3213 "UMAC Scan iteration complete: status=0x%x scanned_channels=%d\n",
3214 notif->status, notif->scanned_channels);
3216 if (mvm->sched_scan_pass_all == SCHED_SCAN_PASS_ALL_FOUND) {
3217 IWL_DEBUG_SCAN(mvm, "Pass all scheduled scan results found\n");
3218 ieee80211_sched_scan_results(mvm->hw);
3219 mvm->sched_scan_pass_all = SCHED_SCAN_PASS_ALL_ENABLED;
3223 "UMAC Scan iteration complete: scan started at %llu (TSF)\n",
3227 static int iwl_mvm_umac_scan_abort(struct iwl_mvm *mvm, int type)
3229 struct iwl_umac_scan_abort cmd = {};
3232 lockdep_assert_held(&mvm->mutex);
3234 /* We should always get a valid index here, because we already
3235 * checked that this type of scan was running in the generic
3238 uid = iwl_mvm_scan_uid_by_status(mvm, type);
3239 if (WARN_ON_ONCE(uid < 0))
3242 cmd.uid = cpu_to_le32(uid);
3244 IWL_DEBUG_SCAN(mvm, "Sending scan abort, uid %u\n", uid);
3246 ret = iwl_mvm_send_cmd_pdu(mvm,
3247 WIDE_ID(IWL_ALWAYS_LONG_GROUP, SCAN_ABORT_UMAC),
3248 0, sizeof(cmd), &cmd);
3250 mvm->scan_uid_status[uid] = type << IWL_MVM_SCAN_STOPPING_SHIFT;
3255 static int iwl_mvm_scan_stop_wait(struct iwl_mvm *mvm, int type)
3257 struct iwl_notification_wait wait_scan_done;
3258 static const u16 scan_done_notif[] = { SCAN_COMPLETE_UMAC,
3259 SCAN_OFFLOAD_COMPLETE, };
3262 lockdep_assert_held(&mvm->mutex);
3264 iwl_init_notification_wait(&mvm->notif_wait, &wait_scan_done,
3266 ARRAY_SIZE(scan_done_notif),
3269 IWL_DEBUG_SCAN(mvm, "Preparing to stop scan, type %x\n", type);
3271 if (fw_has_capa(&mvm->fw->ucode_capa, IWL_UCODE_TLV_CAPA_UMAC_SCAN))
3272 ret = iwl_mvm_umac_scan_abort(mvm, type);
3274 ret = iwl_mvm_lmac_scan_abort(mvm);
3277 IWL_DEBUG_SCAN(mvm, "couldn't stop scan type %d\n", type);
3278 iwl_remove_notification(&mvm->notif_wait, &wait_scan_done);
3282 return iwl_wait_notification(&mvm->notif_wait, &wait_scan_done,
3286 static size_t iwl_scan_req_umac_get_size(u8 scan_ver)
3290 return sizeof(struct iwl_scan_req_umac_v12);
3295 return sizeof(struct iwl_scan_req_umac_v17);
3301 size_t iwl_mvm_scan_size(struct iwl_mvm *mvm)
3303 int base_size, tail_size;
3304 u8 scan_ver = iwl_fw_lookup_cmd_ver(mvm->fw, SCAN_REQ_UMAC,
3305 IWL_FW_CMD_VER_UNKNOWN);
3307 base_size = iwl_scan_req_umac_get_size(scan_ver);
3312 if (iwl_mvm_is_adaptive_dwell_v2_supported(mvm))
3313 base_size = IWL_SCAN_REQ_UMAC_SIZE_V8;
3314 else if (iwl_mvm_is_adaptive_dwell_supported(mvm))
3315 base_size = IWL_SCAN_REQ_UMAC_SIZE_V7;
3316 else if (iwl_mvm_cdb_scan_api(mvm))
3317 base_size = IWL_SCAN_REQ_UMAC_SIZE_V6;
3319 base_size = IWL_SCAN_REQ_UMAC_SIZE_V1;
3321 if (fw_has_capa(&mvm->fw->ucode_capa, IWL_UCODE_TLV_CAPA_UMAC_SCAN)) {
3322 if (iwl_mvm_is_scan_ext_chan_supported(mvm))
3323 tail_size = sizeof(struct iwl_scan_req_umac_tail_v2);
3325 tail_size = sizeof(struct iwl_scan_req_umac_tail_v1);
3328 sizeof(struct iwl_scan_channel_cfg_umac) *
3329 mvm->fw->ucode_capa.n_scan_channels +
3332 return sizeof(struct iwl_scan_req_lmac) +
3333 sizeof(struct iwl_scan_channel_cfg_lmac) *
3334 mvm->fw->ucode_capa.n_scan_channels +
3335 sizeof(struct iwl_scan_probe_req_v1);
3339 * This function is used in nic restart flow, to inform mac80211 about scans
3340 * that was aborted by restart flow or by an assert.
3342 void iwl_mvm_report_scan_aborted(struct iwl_mvm *mvm)
3344 if (fw_has_capa(&mvm->fw->ucode_capa, IWL_UCODE_TLV_CAPA_UMAC_SCAN)) {
3347 uid = iwl_mvm_scan_uid_by_status(mvm, IWL_MVM_SCAN_REGULAR);
3349 struct cfg80211_scan_info info = {
3353 cancel_delayed_work(&mvm->scan_timeout_dwork);
3355 ieee80211_scan_completed(mvm->hw, &info);
3356 mvm->scan_uid_status[uid] = 0;
3358 uid = iwl_mvm_scan_uid_by_status(mvm, IWL_MVM_SCAN_SCHED);
3360 /* Sched scan will be restarted by mac80211 in
3361 * restart_hw, so do not report if FW is about to be
3364 if (!mvm->fw_restart)
3365 ieee80211_sched_scan_stopped(mvm->hw);
3366 mvm->sched_scan_pass_all = SCHED_SCAN_PASS_ALL_DISABLED;
3367 mvm->scan_uid_status[uid] = 0;
3369 uid = iwl_mvm_scan_uid_by_status(mvm,
3370 IWL_MVM_SCAN_STOPPING_REGULAR);
3372 mvm->scan_uid_status[uid] = 0;
3374 uid = iwl_mvm_scan_uid_by_status(mvm,
3375 IWL_MVM_SCAN_STOPPING_SCHED);
3377 mvm->scan_uid_status[uid] = 0;
3379 /* We shouldn't have any UIDs still set. Loop over all the
3380 * UIDs to make sure there's nothing left there and warn if
3383 for (i = 0; i < mvm->max_scans; i++) {
3384 if (WARN_ONCE(mvm->scan_uid_status[i],
3385 "UMAC scan UID %d status was not cleaned\n",
3387 mvm->scan_uid_status[i] = 0;
3390 if (mvm->scan_status & IWL_MVM_SCAN_REGULAR) {
3391 struct cfg80211_scan_info info = {
3395 cancel_delayed_work(&mvm->scan_timeout_dwork);
3396 ieee80211_scan_completed(mvm->hw, &info);
3399 /* Sched scan will be restarted by mac80211 in
3400 * restart_hw, so do not report if FW is about to be
3403 if ((mvm->scan_status & IWL_MVM_SCAN_SCHED) &&
3405 ieee80211_sched_scan_stopped(mvm->hw);
3406 mvm->sched_scan_pass_all = SCHED_SCAN_PASS_ALL_DISABLED;
3411 int iwl_mvm_scan_stop(struct iwl_mvm *mvm, int type, bool notify)
3415 if (!(mvm->scan_status & type))
3418 if (!test_bit(STATUS_DEVICE_ENABLED, &mvm->trans->status)) {
3423 ret = iwl_mvm_scan_stop_wait(mvm, type);
3425 mvm->scan_status |= type << IWL_MVM_SCAN_STOPPING_SHIFT;
3427 /* Clear the scan status so the next scan requests will
3428 * succeed and mark the scan as stopping, so that the Rx
3429 * handler doesn't do anything, as the scan was stopped from
3432 mvm->scan_status &= ~type;
3434 if (type == IWL_MVM_SCAN_REGULAR) {
3435 cancel_delayed_work(&mvm->scan_timeout_dwork);
3437 struct cfg80211_scan_info info = {
3441 ieee80211_scan_completed(mvm->hw, &info);
3443 } else if (notify) {
3444 ieee80211_sched_scan_stopped(mvm->hw);
3445 mvm->sched_scan_pass_all = SCHED_SCAN_PASS_ALL_DISABLED;
projects / J-linux.git / blob