1 /******************************************************************************
3 * This file is provided under a dual BSD/GPLv2 license. When using or
4 * redistributing this file, you may do so under either license.
8 * Copyright(c) 2012 - 2014 Intel Corporation. All rights reserved.
9 * Copyright(c) 2013 - 2014 Intel Mobile Communications GmbH
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of version 2 of the GNU General Public License as
13 * published by the Free Software Foundation.
15 * This program is distributed in the hope that it will be useful, but
16 * WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 * General Public License for more details.
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, write to the Free Software
22 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110,
25 * The full GNU General Public License is included in this distribution
26 * in the file called COPYING.
28 * Contact Information:
29 * Intel Linux Wireless <ilw@linux.intel.com>
30 * Intel Corporation, 5200 N.E. Elam Young Parkway, Hillsboro, OR 97124-6497
34 * Copyright(c) 2012 - 2014 Intel Corporation. All rights reserved.
35 * Copyright(c) 2013 - 2014 Intel Mobile Communications GmbH
36 * All rights reserved.
38 * Redistribution and use in source and binary forms, with or without
39 * modification, are permitted provided that the following conditions
42 * * Redistributions of source code must retain the above copyright
43 * notice, this list of conditions and the following disclaimer.
44 * * Redistributions in binary form must reproduce the above copyright
45 * notice, this list of conditions and the following disclaimer in
46 * the documentation and/or other materials provided with the
48 * * Neither the name Intel Corporation nor the names of its
49 * contributors may be used to endorse or promote products derived
50 * from this software without specific prior written permission.
52 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
53 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
54 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
55 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
56 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
57 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
58 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
59 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
60 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
61 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
62 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
64 *****************************************************************************/
66 #include <linux/etherdevice.h>
67 #include <net/mac80211.h>
70 #include "iwl-eeprom-parse.h"
71 #include "fw-api-scan.h"
73 #define IWL_PLCP_QUIET_THRESH 1
74 #define IWL_ACTIVE_QUIET_TIME 10
76 struct iwl_mvm_scan_params {
79 bool passive_fragmented;
83 } dwell[IEEE80211_NUM_BANDS];
86 enum iwl_umac_scan_uid_type {
87 IWL_UMAC_SCAN_UID_REG_SCAN = BIT(0),
88 IWL_UMAC_SCAN_UID_SCHED_SCAN = BIT(1),
89 IWL_UMAC_SCAN_UID_ALL = IWL_UMAC_SCAN_UID_REG_SCAN |
90 IWL_UMAC_SCAN_UID_SCHED_SCAN,
93 static int iwl_umac_scan_stop(struct iwl_mvm *mvm,
94 enum iwl_umac_scan_uid_type type, bool notify);
96 static u8 iwl_mvm_scan_rx_ant(struct iwl_mvm *mvm)
98 if (mvm->scan_rx_ant != ANT_NONE)
99 return mvm->scan_rx_ant;
100 return mvm->fw->valid_rx_ant;
103 static inline __le16 iwl_mvm_scan_rx_chain(struct iwl_mvm *mvm)
108 rx_ant = iwl_mvm_scan_rx_ant(mvm);
109 rx_chain = rx_ant << PHY_RX_CHAIN_VALID_POS;
110 rx_chain |= rx_ant << PHY_RX_CHAIN_FORCE_MIMO_SEL_POS;
111 rx_chain |= rx_ant << PHY_RX_CHAIN_FORCE_SEL_POS;
112 rx_chain |= 0x1 << PHY_RX_CHAIN_DRIVER_FORCE_POS;
113 return cpu_to_le16(rx_chain);
116 static __le32 iwl_mvm_scan_rxon_flags(enum ieee80211_band band)
118 if (band == IEEE80211_BAND_2GHZ)
119 return cpu_to_le32(PHY_BAND_24);
121 return cpu_to_le32(PHY_BAND_5);
125 iwl_mvm_scan_rate_n_flags(struct iwl_mvm *mvm, enum ieee80211_band band,
130 mvm->scan_last_antenna_idx =
131 iwl_mvm_next_antenna(mvm, mvm->fw->valid_tx_ant,
132 mvm->scan_last_antenna_idx);
133 tx_ant = BIT(mvm->scan_last_antenna_idx) << RATE_MCS_ANT_POS;
135 if (band == IEEE80211_BAND_2GHZ && !no_cck)
136 return cpu_to_le32(IWL_RATE_1M_PLCP | RATE_MCS_CCK_MSK |
139 return cpu_to_le32(IWL_RATE_6M_PLCP | tx_ant);
143 * We insert the SSIDs in an inverted order, because the FW will
144 * invert it back. The most prioritized SSID, which is first in the
145 * request list, is not copied here, but inserted directly to the probe
148 static void iwl_mvm_scan_fill_ssids(struct iwl_ssid_ie *cmd_ssid,
149 struct cfg80211_ssid *ssids,
150 int n_ssids, int first)
154 for (req_idx = n_ssids - 1, fw_idx = 0; req_idx >= first;
155 req_idx--, fw_idx++) {
156 cmd_ssid[fw_idx].id = WLAN_EID_SSID;
157 cmd_ssid[fw_idx].len = ssids[req_idx].ssid_len;
158 memcpy(cmd_ssid[fw_idx].ssid,
160 ssids[req_idx].ssid_len);
165 * If req->n_ssids > 0, it means we should do an active scan.
166 * In case of active scan w/o directed scan, we receive a zero-length SSID
167 * just to notify that this scan is active and not passive.
168 * In order to notify the FW of the number of SSIDs we wish to scan (including
169 * the zero-length one), we need to set the corresponding bits in chan->type,
170 * one for each SSID, and set the active bit (first). If the first SSID is
171 * already included in the probe template, so we need to set only
172 * req->n_ssids - 1 bits in addition to the first bit.
174 static u16 iwl_mvm_get_active_dwell(enum ieee80211_band band, int n_ssids)
176 if (band == IEEE80211_BAND_2GHZ)
177 return 20 + 3 * (n_ssids + 1);
178 return 10 + 2 * (n_ssids + 1);
181 static u16 iwl_mvm_get_passive_dwell(enum ieee80211_band band)
183 return band == IEEE80211_BAND_2GHZ ? 100 + 20 : 100 + 10;
186 static void iwl_mvm_scan_fill_channels(struct iwl_scan_cmd *cmd,
187 struct cfg80211_scan_request *req,
189 struct iwl_mvm_scan_params *params)
191 struct iwl_scan_channel *chan = (struct iwl_scan_channel *)
192 (cmd->data + le16_to_cpu(cmd->tx_cmd.len));
194 int type = BIT(req->n_ssids) - 1;
195 enum ieee80211_band band = req->channels[0]->band;
198 type |= BIT(req->n_ssids);
200 for (i = 0; i < cmd->channel_count; i++) {
201 chan->channel = cpu_to_le16(req->channels[i]->hw_value);
202 chan->type = cpu_to_le32(type);
203 if (req->channels[i]->flags & IEEE80211_CHAN_NO_IR)
204 chan->type &= cpu_to_le32(~SCAN_CHANNEL_TYPE_ACTIVE);
205 chan->active_dwell = cpu_to_le16(params->dwell[band].active);
206 chan->passive_dwell = cpu_to_le16(params->dwell[band].passive);
207 chan->iteration_count = cpu_to_le16(1);
213 * Fill in probe request with the following parameters:
214 * TA is our vif HW address, which mac80211 ensures we have.
215 * Packet is broadcasted, so this is both SA and DA.
216 * The probe request IE is made out of two: first comes the most prioritized
217 * SSID if a directed scan is requested. Second comes whatever extra
218 * information was given to us as the scan request IE.
220 static u16 iwl_mvm_fill_probe_req(struct ieee80211_mgmt *frame, const u8 *ta,
221 int n_ssids, const u8 *ssid, int ssid_len,
222 const u8 *band_ie, int band_ie_len,
223 const u8 *common_ie, int common_ie_len,
229 /* Make sure there is enough space for the probe request,
230 * two mandatory IEs and the data */
235 frame->frame_control = cpu_to_le16(IEEE80211_STYPE_PROBE_REQ);
236 eth_broadcast_addr(frame->da);
237 memcpy(frame->sa, ta, ETH_ALEN);
238 eth_broadcast_addr(frame->bssid);
243 /* for passive scans, no need to fill anything */
247 /* points to the payload of the request */
248 pos = &frame->u.probe_req.variable[0];
250 /* fill in our SSID IE */
251 left -= ssid_len + 2;
254 *pos++ = WLAN_EID_SSID;
256 if (ssid && ssid_len) { /* ssid_len may be == 0 even if ssid is valid */
257 memcpy(pos, ssid, ssid_len);
263 if (WARN_ON(left < band_ie_len + common_ie_len))
266 if (band_ie && band_ie_len) {
267 memcpy(pos, band_ie, band_ie_len);
272 if (common_ie && common_ie_len) {
273 memcpy(pos, common_ie, common_ie_len);
274 pos += common_ie_len;
275 len += common_ie_len;
281 static void iwl_mvm_scan_condition_iterator(void *data, u8 *mac,
282 struct ieee80211_vif *vif)
284 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
285 bool *global_bound = data;
287 if (vif->type != NL80211_IFTYPE_P2P_DEVICE && mvmvif->phy_ctxt &&
288 mvmvif->phy_ctxt->id < MAX_PHYS)
289 *global_bound = true;
292 static void iwl_mvm_scan_calc_params(struct iwl_mvm *mvm,
293 struct ieee80211_vif *vif,
294 int n_ssids, u32 flags,
295 struct iwl_mvm_scan_params *params)
297 bool global_bound = false;
298 enum ieee80211_band band;
299 u8 frag_passive_dwell = 0;
301 ieee80211_iterate_active_interfaces_atomic(mvm->hw,
302 IEEE80211_IFACE_ITER_NORMAL,
303 iwl_mvm_scan_condition_iterator,
309 params->suspend_time = 30;
310 params->max_out_time = 170;
312 if (iwl_mvm_low_latency(mvm)) {
313 if (mvm->fw->ucode_capa.api[0] &
314 IWL_UCODE_TLV_API_FRAGMENTED_SCAN) {
315 params->suspend_time = 105;
316 params->max_out_time = 70;
317 frag_passive_dwell = 20;
319 params->suspend_time = 120;
320 params->max_out_time = 120;
324 if (frag_passive_dwell && (mvm->fw->ucode_capa.api[0] &
325 IWL_UCODE_TLV_API_FRAGMENTED_SCAN)) {
327 * P2P device scan should not be fragmented to avoid negative
328 * impact on P2P device discovery. Configure max_out_time to be
329 * equal to dwell time on passive channel. Take a longest
330 * possible value, one that corresponds to 2GHz band
332 if (vif->type == NL80211_IFTYPE_P2P_DEVICE) {
334 iwl_mvm_get_passive_dwell(IEEE80211_BAND_2GHZ);
335 params->max_out_time = passive_dwell;
337 params->passive_fragmented = true;
341 if (flags & NL80211_SCAN_FLAG_LOW_PRIORITY)
342 params->max_out_time = 200;
346 for (band = IEEE80211_BAND_2GHZ; band < IEEE80211_NUM_BANDS; band++) {
347 if (params->passive_fragmented)
348 params->dwell[band].passive = frag_passive_dwell;
350 params->dwell[band].passive =
351 iwl_mvm_get_passive_dwell(band);
352 params->dwell[band].active = iwl_mvm_get_active_dwell(band,
357 static inline bool iwl_mvm_rrm_scan_needed(struct iwl_mvm *mvm)
359 /* require rrm scan whenever the fw supports it */
360 return mvm->fw->ucode_capa.capa[0] &
361 IWL_UCODE_TLV_CAPA_DS_PARAM_SET_IE_SUPPORT;
364 static int iwl_mvm_max_scan_ie_fw_cmd_room(struct iwl_mvm *mvm,
369 if (mvm->fw->ucode_capa.api[0] & IWL_UCODE_TLV_API_LMAC_SCAN)
370 max_probe_len = SCAN_OFFLOAD_PROBE_REQ_SIZE;
372 max_probe_len = mvm->fw->ucode_capa.max_probe_length;
374 /* we create the 802.11 header and SSID element */
375 max_probe_len -= 24 + 2;
377 /* basic ssid is added only for hw_scan with and old api */
378 if (!(mvm->fw->ucode_capa.flags & IWL_UCODE_TLV_FLAGS_NO_BASIC_SSID) &&
379 !(mvm->fw->ucode_capa.api[0] & IWL_UCODE_TLV_API_LMAC_SCAN) &&
383 /* DS parameter set element is added on 2.4GHZ band if required */
384 if (iwl_mvm_rrm_scan_needed(mvm))
387 return max_probe_len;
390 int iwl_mvm_max_scan_ie_len(struct iwl_mvm *mvm, bool is_sched_scan)
392 int max_ie_len = iwl_mvm_max_scan_ie_fw_cmd_room(mvm, is_sched_scan);
394 if (!(mvm->fw->ucode_capa.api[0] & IWL_UCODE_TLV_API_LMAC_SCAN))
397 /* TODO: [BUG] This function should return the maximum allowed size of
398 * scan IEs, however the LMAC scan api contains both 2GHZ and 5GHZ IEs
399 * in the same command. So the correct implementation of this function
400 * is just iwl_mvm_max_scan_ie_fw_cmd_room() / 2. Currently the scan
401 * command has only 512 bytes and it would leave us with about 240
402 * bytes for scan IEs, which is clearly not enough. So meanwhile
403 * we will report an incorrect value. This may result in a failure to
404 * issue a scan in unified_scan_lmac and unified_sched_scan_lmac
405 * functions with -ENOBUFS, if a large enough probe will be provided.
410 int iwl_mvm_scan_request(struct iwl_mvm *mvm,
411 struct ieee80211_vif *vif,
412 struct cfg80211_scan_request *req)
414 struct iwl_host_cmd hcmd = {
415 .id = SCAN_REQUEST_CMD,
417 .data = { mvm->scan_cmd, },
418 .dataflags = { IWL_HCMD_DFL_NOCOPY, },
420 struct iwl_scan_cmd *cmd = mvm->scan_cmd;
425 bool basic_ssid = !(mvm->fw->ucode_capa.flags &
426 IWL_UCODE_TLV_FLAGS_NO_BASIC_SSID);
427 struct iwl_mvm_scan_params params = {};
429 lockdep_assert_held(&mvm->mutex);
431 /* we should have failed registration if scan_cmd was NULL */
432 if (WARN_ON(mvm->scan_cmd == NULL))
435 IWL_DEBUG_SCAN(mvm, "Handling mac80211 scan request\n");
436 mvm->scan_status = IWL_MVM_SCAN_OS;
437 memset(cmd, 0, ksize(cmd));
439 cmd->channel_count = (u8)req->n_channels;
440 cmd->quiet_time = cpu_to_le16(IWL_ACTIVE_QUIET_TIME);
441 cmd->quiet_plcp_th = cpu_to_le16(IWL_PLCP_QUIET_THRESH);
442 cmd->rxchain_sel_flags = iwl_mvm_scan_rx_chain(mvm);
444 iwl_mvm_scan_calc_params(mvm, vif, req->n_ssids, req->flags, ¶ms);
445 cmd->max_out_time = cpu_to_le32(params.max_out_time);
446 cmd->suspend_time = cpu_to_le32(params.suspend_time);
447 if (params.passive_fragmented)
448 cmd->scan_flags |= SCAN_FLAGS_FRAGMENTED_SCAN;
450 cmd->rxon_flags = iwl_mvm_scan_rxon_flags(req->channels[0]->band);
451 cmd->filter_flags = cpu_to_le32(MAC_FILTER_ACCEPT_GRP |
452 MAC_FILTER_IN_BEACON);
454 if (vif->type == NL80211_IFTYPE_P2P_DEVICE)
455 cmd->type = cpu_to_le32(SCAN_TYPE_DISCOVERY_FORCED);
457 cmd->type = cpu_to_le32(SCAN_TYPE_FORCED);
459 cmd->repeats = cpu_to_le32(1);
462 * If the user asked for passive scan, don't change to active scan if
463 * you see any activity on the channel - remain passive.
465 if (req->n_ssids > 0) {
466 cmd->passive2active = cpu_to_le16(1);
467 cmd->scan_flags |= SCAN_FLAGS_PASSIVE2ACTIVE;
469 ssid = req->ssids[0].ssid;
470 ssid_len = req->ssids[0].ssid_len;
473 cmd->passive2active = 0;
474 cmd->scan_flags &= ~SCAN_FLAGS_PASSIVE2ACTIVE;
477 iwl_mvm_scan_fill_ssids(cmd->direct_scan, req->ssids, req->n_ssids,
480 cmd->tx_cmd.tx_flags = cpu_to_le32(TX_CMD_FLG_SEQ_CTL |
481 3 << TX_CMD_FLG_BT_PRIO_POS);
483 cmd->tx_cmd.sta_id = mvm->aux_sta.sta_id;
484 cmd->tx_cmd.life_time = cpu_to_le32(TX_CMD_LIFE_TIME_INFINITE);
485 cmd->tx_cmd.rate_n_flags =
486 iwl_mvm_scan_rate_n_flags(mvm, req->channels[0]->band,
490 cpu_to_le16(iwl_mvm_fill_probe_req(
491 (struct ieee80211_mgmt *)cmd->data,
493 req->n_ssids, ssid, ssid_len,
494 req->ie, req->ie_len, NULL, 0,
495 mvm->fw->ucode_capa.max_probe_length));
497 iwl_mvm_scan_fill_channels(cmd, req, basic_ssid, ¶ms);
499 cmd->len = cpu_to_le16(sizeof(struct iwl_scan_cmd) +
500 le16_to_cpu(cmd->tx_cmd.len) +
501 (cmd->channel_count * sizeof(struct iwl_scan_channel)));
502 hcmd.len[0] = le16_to_cpu(cmd->len);
504 status = SCAN_RESPONSE_OK;
505 ret = iwl_mvm_send_cmd_status(mvm, &hcmd, &status);
506 if (!ret && status == SCAN_RESPONSE_OK) {
507 IWL_DEBUG_SCAN(mvm, "Scan request was sent successfully\n");
510 * If the scan failed, it usually means that the FW was unable
511 * to allocate the time events. Warn on it, but maybe we
512 * should try to send the command again with different params.
514 IWL_ERR(mvm, "Scan failed! status 0x%x ret %d\n",
516 mvm->scan_status = IWL_MVM_SCAN_NONE;
522 int iwl_mvm_rx_scan_response(struct iwl_mvm *mvm, struct iwl_rx_cmd_buffer *rxb,
523 struct iwl_device_cmd *cmd)
525 struct iwl_rx_packet *pkt = rxb_addr(rxb);
526 struct iwl_cmd_response *resp = (void *)pkt->data;
528 IWL_DEBUG_SCAN(mvm, "Scan response received. status 0x%x\n",
529 le32_to_cpu(resp->status));
533 int iwl_mvm_rx_scan_complete(struct iwl_mvm *mvm, struct iwl_rx_cmd_buffer *rxb,
534 struct iwl_device_cmd *cmd)
536 struct iwl_rx_packet *pkt = rxb_addr(rxb);
537 struct iwl_scan_complete_notif *notif = (void *)pkt->data;
539 lockdep_assert_held(&mvm->mutex);
541 IWL_DEBUG_SCAN(mvm, "Scan complete: status=0x%x scanned channels=%d\n",
542 notif->status, notif->scanned_channels);
544 if (mvm->scan_status == IWL_MVM_SCAN_OS)
545 mvm->scan_status = IWL_MVM_SCAN_NONE;
546 ieee80211_scan_completed(mvm->hw, notif->status != SCAN_COMP_STATUS_OK);
548 iwl_mvm_unref(mvm, IWL_MVM_REF_SCAN);
553 int iwl_mvm_rx_scan_offload_results(struct iwl_mvm *mvm,
554 struct iwl_rx_cmd_buffer *rxb,
555 struct iwl_device_cmd *cmd)
557 struct iwl_rx_packet *pkt = rxb_addr(rxb);
559 if (!(mvm->fw->ucode_capa.capa[0] & IWL_UCODE_TLV_CAPA_UMAC_SCAN) &&
560 !(mvm->fw->ucode_capa.api[0] & IWL_UCODE_TLV_API_LMAC_SCAN)) {
561 struct iwl_sched_scan_results *notif = (void *)pkt->data;
563 if (!(notif->client_bitmap & SCAN_CLIENT_SCHED_SCAN))
567 IWL_DEBUG_SCAN(mvm, "Scheduled scan results\n");
568 ieee80211_sched_scan_results(mvm->hw);
573 static bool iwl_mvm_scan_abort_notif(struct iwl_notif_wait_data *notif_wait,
574 struct iwl_rx_packet *pkt, void *data)
576 struct iwl_mvm *mvm =
577 container_of(notif_wait, struct iwl_mvm, notif_wait);
578 struct iwl_scan_complete_notif *notif;
581 switch (pkt->hdr.cmd) {
583 resp = (void *)pkt->data;
584 if (*resp == CAN_ABORT_STATUS) {
586 "Scan can be aborted, wait until completion\n");
591 * If scan cannot be aborted, it means that we had a
592 * SCAN_COMPLETE_NOTIFICATION in the pipe and it called
593 * ieee80211_scan_completed already.
595 IWL_DEBUG_SCAN(mvm, "Scan cannot be aborted, exit now: %d\n",
599 case SCAN_COMPLETE_NOTIFICATION:
600 notif = (void *)pkt->data;
601 IWL_DEBUG_SCAN(mvm, "Scan aborted: status 0x%x\n",
611 static int iwl_mvm_cancel_regular_scan(struct iwl_mvm *mvm)
613 struct iwl_notification_wait wait_scan_abort;
614 static const u8 scan_abort_notif[] = { SCAN_ABORT_CMD,
615 SCAN_COMPLETE_NOTIFICATION };
618 iwl_init_notification_wait(&mvm->notif_wait, &wait_scan_abort,
620 ARRAY_SIZE(scan_abort_notif),
621 iwl_mvm_scan_abort_notif, NULL);
623 ret = iwl_mvm_send_cmd_pdu(mvm, SCAN_ABORT_CMD, 0, 0, NULL);
625 IWL_ERR(mvm, "Couldn't send SCAN_ABORT_CMD: %d\n", ret);
626 /* mac80211's state will be cleaned in the nic_restart flow */
627 goto out_remove_notif;
630 return iwl_wait_notification(&mvm->notif_wait, &wait_scan_abort, HZ);
633 iwl_remove_notification(&mvm->notif_wait, &wait_scan_abort);
637 int iwl_mvm_rx_scan_offload_complete_notif(struct iwl_mvm *mvm,
638 struct iwl_rx_cmd_buffer *rxb,
639 struct iwl_device_cmd *cmd)
641 struct iwl_rx_packet *pkt = rxb_addr(rxb);
642 u8 status, ebs_status;
644 if (mvm->fw->ucode_capa.api[0] & IWL_UCODE_TLV_API_LMAC_SCAN) {
645 struct iwl_periodic_scan_complete *scan_notif;
647 scan_notif = (void *)pkt->data;
648 status = scan_notif->status;
649 ebs_status = scan_notif->ebs_status;
651 struct iwl_scan_offload_complete *scan_notif;
653 scan_notif = (void *)pkt->data;
654 status = scan_notif->status;
655 ebs_status = scan_notif->ebs_status;
657 /* scan status must be locked for proper checking */
658 lockdep_assert_held(&mvm->mutex);
661 "%s completed, status %s, EBS status %s\n",
662 mvm->scan_status == IWL_MVM_SCAN_SCHED ?
663 "Scheduled scan" : "Scan",
664 status == IWL_SCAN_OFFLOAD_COMPLETED ?
665 "completed" : "aborted",
666 ebs_status == IWL_SCAN_EBS_SUCCESS ?
667 "success" : "failed");
670 /* only call mac80211 completion if the stop was initiated by FW */
671 if (mvm->scan_status == IWL_MVM_SCAN_SCHED) {
672 mvm->scan_status = IWL_MVM_SCAN_NONE;
673 ieee80211_sched_scan_stopped(mvm->hw);
674 } else if (mvm->scan_status == IWL_MVM_SCAN_OS) {
675 mvm->scan_status = IWL_MVM_SCAN_NONE;
676 ieee80211_scan_completed(mvm->hw,
677 status == IWL_SCAN_OFFLOAD_ABORTED);
678 iwl_mvm_unref(mvm, IWL_MVM_REF_SCAN);
681 mvm->last_ebs_successful = !ebs_status;
686 static void iwl_scan_offload_build_tx_cmd(struct iwl_mvm *mvm,
687 struct ieee80211_vif *vif,
688 struct ieee80211_scan_ies *ies,
689 enum ieee80211_band band,
690 struct iwl_tx_cmd *cmd,
695 cmd->tx_flags = cpu_to_le32(TX_CMD_FLG_SEQ_CTL);
696 cmd->life_time = cpu_to_le32(TX_CMD_LIFE_TIME_INFINITE);
697 cmd->sta_id = mvm->aux_sta.sta_id;
699 cmd->rate_n_flags = iwl_mvm_scan_rate_n_flags(mvm, band, false);
701 cmd_len = iwl_mvm_fill_probe_req((struct ieee80211_mgmt *)data,
704 ies->ies[band], ies->len[band],
705 ies->common_ies, ies->common_ie_len,
706 SCAN_OFFLOAD_PROBE_REQ_SIZE);
707 cmd->len = cpu_to_le16(cmd_len);
710 static void iwl_build_scan_cmd(struct iwl_mvm *mvm,
711 struct ieee80211_vif *vif,
712 struct cfg80211_sched_scan_request *req,
713 struct iwl_scan_offload_cmd *scan,
714 struct iwl_mvm_scan_params *params)
716 scan->channel_count = req->n_channels;
717 scan->quiet_time = cpu_to_le16(IWL_ACTIVE_QUIET_TIME);
718 scan->quiet_plcp_th = cpu_to_le16(IWL_PLCP_QUIET_THRESH);
719 scan->good_CRC_th = IWL_GOOD_CRC_TH_DEFAULT;
720 scan->rx_chain = iwl_mvm_scan_rx_chain(mvm);
722 scan->max_out_time = cpu_to_le32(params->max_out_time);
723 scan->suspend_time = cpu_to_le32(params->suspend_time);
725 scan->filter_flags |= cpu_to_le32(MAC_FILTER_ACCEPT_GRP |
726 MAC_FILTER_IN_BEACON);
727 scan->scan_type = cpu_to_le32(SCAN_TYPE_BACKGROUND);
728 scan->rep_count = cpu_to_le32(1);
730 if (params->passive_fragmented)
731 scan->scan_flags |= SCAN_FLAGS_FRAGMENTED_SCAN;
734 static int iwl_ssid_exist(u8 *ssid, u8 ssid_len, struct iwl_ssid_ie *ssid_list)
738 for (i = 0; i < PROBE_OPTION_MAX; i++) {
739 if (!ssid_list[i].len)
741 if (ssid_list[i].len == ssid_len &&
742 !memcmp(ssid_list->ssid, ssid, ssid_len))
748 static void iwl_scan_offload_build_ssid(struct cfg80211_sched_scan_request *req,
749 struct iwl_ssid_ie *direct_scan,
750 u32 *ssid_bitmap, bool basic_ssid)
756 * copy SSIDs from match list.
757 * iwl_config_sched_scan_profiles() uses the order of these ssids to
760 for (i = 0; i < req->n_match_sets && i < PROBE_OPTION_MAX; i++) {
761 /* skip empty SSID matchsets */
762 if (!req->match_sets[i].ssid.ssid_len)
764 direct_scan[i].id = WLAN_EID_SSID;
765 direct_scan[i].len = req->match_sets[i].ssid.ssid_len;
766 memcpy(direct_scan[i].ssid, req->match_sets[i].ssid.ssid,
770 /* add SSIDs from scan SSID list */
772 for (j = 0; j < req->n_ssids && i < PROBE_OPTION_MAX; j++) {
773 index = iwl_ssid_exist(req->ssids[j].ssid,
774 req->ssids[j].ssid_len,
777 if (!req->ssids[j].ssid_len && basic_ssid)
779 direct_scan[i].id = WLAN_EID_SSID;
780 direct_scan[i].len = req->ssids[j].ssid_len;
781 memcpy(direct_scan[i].ssid, req->ssids[j].ssid,
783 *ssid_bitmap |= BIT(i + 1);
786 *ssid_bitmap |= BIT(index + 1);
791 static void iwl_build_channel_cfg(struct iwl_mvm *mvm,
792 struct cfg80211_sched_scan_request *req,
794 enum ieee80211_band band,
797 struct iwl_mvm_scan_params *params)
799 u32 n_channels = mvm->fw->ucode_capa.n_scan_channels;
800 __le32 *type = (__le32 *)channels_buffer;
801 __le16 *channel_number = (__le16 *)(type + n_channels);
802 __le16 *iter_count = channel_number + n_channels;
803 __le32 *iter_interval = (__le32 *)(iter_count + n_channels);
804 u8 *active_dwell = (u8 *)(iter_interval + n_channels);
805 u8 *passive_dwell = active_dwell + n_channels;
808 for (i = 0; i < req->n_channels; i++) {
809 struct ieee80211_channel *chan = req->channels[i];
811 if (chan->band != band)
817 channel_number[index] = cpu_to_le16(chan->hw_value);
818 active_dwell[index] = params->dwell[band].active;
819 passive_dwell[index] = params->dwell[band].passive;
821 iter_count[index] = cpu_to_le16(1);
822 iter_interval[index] = 0;
824 if (!(chan->flags & IEEE80211_CHAN_NO_IR))
826 cpu_to_le32(IWL_SCAN_OFFLOAD_CHANNEL_ACTIVE);
828 type[index] |= cpu_to_le32(IWL_SCAN_OFFLOAD_CHANNEL_FULL |
829 IWL_SCAN_OFFLOAD_CHANNEL_PARTIAL);
831 if (chan->flags & IEEE80211_CHAN_NO_HT40)
833 cpu_to_le32(IWL_SCAN_OFFLOAD_CHANNEL_NARROW);
835 /* scan for all SSIDs from req->ssids */
836 type[index] |= cpu_to_le32(ssid_bitmap);
840 int iwl_mvm_config_sched_scan(struct iwl_mvm *mvm,
841 struct ieee80211_vif *vif,
842 struct cfg80211_sched_scan_request *req,
843 struct ieee80211_scan_ies *ies)
845 int band_2ghz = mvm->nvm_data->bands[IEEE80211_BAND_2GHZ].n_channels;
846 int band_5ghz = mvm->nvm_data->bands[IEEE80211_BAND_5GHZ].n_channels;
852 bool basic_ssid = !(mvm->fw->ucode_capa.flags &
853 IWL_UCODE_TLV_FLAGS_NO_BASIC_SSID);
855 struct iwl_scan_offload_cfg *scan_cfg;
856 struct iwl_host_cmd cmd = {
857 .id = SCAN_OFFLOAD_CONFIG_CMD,
859 struct iwl_mvm_scan_params params = {};
861 lockdep_assert_held(&mvm->mutex);
863 cmd_len = sizeof(struct iwl_scan_offload_cfg) +
864 mvm->fw->ucode_capa.n_scan_channels * IWL_SCAN_CHAN_SIZE +
865 2 * SCAN_OFFLOAD_PROBE_REQ_SIZE;
867 scan_cfg = kzalloc(cmd_len, GFP_KERNEL);
871 probes = scan_cfg->data +
872 mvm->fw->ucode_capa.n_scan_channels * IWL_SCAN_CHAN_SIZE;
874 iwl_mvm_scan_calc_params(mvm, vif, req->n_ssids, 0, ¶ms);
875 iwl_build_scan_cmd(mvm, vif, req, &scan_cfg->scan_cmd, ¶ms);
876 scan_cfg->scan_cmd.len = cpu_to_le16(cmd_len);
878 iwl_scan_offload_build_ssid(req, scan_cfg->scan_cmd.direct_scan,
879 &ssid_bitmap, basic_ssid);
880 /* build tx frames for supported bands */
882 iwl_scan_offload_build_tx_cmd(mvm, vif, ies,
884 &scan_cfg->scan_cmd.tx_cmd[0],
886 iwl_build_channel_cfg(mvm, req, scan_cfg->data,
887 IEEE80211_BAND_2GHZ, &head,
888 ssid_bitmap, ¶ms);
891 iwl_scan_offload_build_tx_cmd(mvm, vif, ies,
893 &scan_cfg->scan_cmd.tx_cmd[1],
895 SCAN_OFFLOAD_PROBE_REQ_SIZE);
896 iwl_build_channel_cfg(mvm, req, scan_cfg->data,
897 IEEE80211_BAND_5GHZ, &head,
898 ssid_bitmap, ¶ms);
901 cmd.data[0] = scan_cfg;
902 cmd.len[0] = cmd_len;
903 cmd.dataflags[0] = IWL_HCMD_DFL_NOCOPY;
905 IWL_DEBUG_SCAN(mvm, "Sending scheduled scan config\n");
907 ret = iwl_mvm_send_cmd(mvm, &cmd);
912 int iwl_mvm_config_sched_scan_profiles(struct iwl_mvm *mvm,
913 struct cfg80211_sched_scan_request *req)
915 struct iwl_scan_offload_profile *profile;
916 struct iwl_scan_offload_profile_cfg *profile_cfg;
917 struct iwl_scan_offload_blacklist *blacklist;
918 struct iwl_host_cmd cmd = {
919 .id = SCAN_OFFLOAD_UPDATE_PROFILES_CMD,
920 .len[1] = sizeof(*profile_cfg),
921 .dataflags[0] = IWL_HCMD_DFL_NOCOPY,
922 .dataflags[1] = IWL_HCMD_DFL_NOCOPY,
928 if (WARN_ON(req->n_match_sets > IWL_SCAN_MAX_PROFILES))
931 if (mvm->fw->ucode_capa.flags & IWL_UCODE_TLV_FLAGS_SHORT_BL)
932 blacklist_len = IWL_SCAN_SHORT_BLACKLIST_LEN;
934 blacklist_len = IWL_SCAN_MAX_BLACKLIST_LEN;
936 blacklist = kzalloc(sizeof(*blacklist) * blacklist_len, GFP_KERNEL);
940 profile_cfg = kzalloc(sizeof(*profile_cfg), GFP_KERNEL);
946 cmd.data[0] = blacklist;
947 cmd.len[0] = sizeof(*blacklist) * blacklist_len;
948 cmd.data[1] = profile_cfg;
950 /* No blacklist configuration */
952 profile_cfg->num_profiles = req->n_match_sets;
953 profile_cfg->active_clients = SCAN_CLIENT_SCHED_SCAN;
954 profile_cfg->pass_match = SCAN_CLIENT_SCHED_SCAN;
955 profile_cfg->match_notify = SCAN_CLIENT_SCHED_SCAN;
956 if (!req->n_match_sets || !req->match_sets[0].ssid.ssid_len)
957 profile_cfg->any_beacon_notify = SCAN_CLIENT_SCHED_SCAN;
959 for (i = 0; i < req->n_match_sets; i++) {
960 profile = &profile_cfg->profiles[i];
961 profile->ssid_index = i;
962 /* Support any cipher and auth algorithm */
963 profile->unicast_cipher = 0xff;
964 profile->auth_alg = 0xff;
965 profile->network_type = IWL_NETWORK_TYPE_ANY;
966 profile->band_selection = IWL_SCAN_OFFLOAD_SELECT_ANY;
967 profile->client_bitmap = SCAN_CLIENT_SCHED_SCAN;
970 IWL_DEBUG_SCAN(mvm, "Sending scheduled scan profile config\n");
972 ret = iwl_mvm_send_cmd(mvm, &cmd);
980 static bool iwl_mvm_scan_pass_all(struct iwl_mvm *mvm,
981 struct cfg80211_sched_scan_request *req)
983 if (req->n_match_sets && req->match_sets[0].ssid.ssid_len) {
985 "Sending scheduled scan with filtering, n_match_sets %d\n",
990 IWL_DEBUG_SCAN(mvm, "Sending Scheduled scan without filtering\n");
994 int iwl_mvm_sched_scan_start(struct iwl_mvm *mvm,
995 struct cfg80211_sched_scan_request *req)
997 struct iwl_scan_offload_req scan_req = {
998 .watchdog = IWL_SCHED_SCAN_WATCHDOG,
1000 .schedule_line[0].iterations = IWL_FAST_SCHED_SCAN_ITERATIONS,
1001 .schedule_line[0].delay = cpu_to_le16(req->interval / 1000),
1002 .schedule_line[0].full_scan_mul = 1,
1004 .schedule_line[1].iterations = 0xff,
1005 .schedule_line[1].delay = cpu_to_le16(req->interval / 1000),
1006 .schedule_line[1].full_scan_mul = IWL_FULL_SCAN_MULTIPLIER,
1009 if (iwl_mvm_scan_pass_all(mvm, req))
1010 scan_req.flags |= cpu_to_le16(IWL_SCAN_OFFLOAD_FLAG_PASS_ALL);
1012 if (mvm->last_ebs_successful &&
1013 mvm->fw->ucode_capa.flags & IWL_UCODE_TLV_FLAGS_EBS_SUPPORT)
1015 cpu_to_le16(IWL_SCAN_OFFLOAD_FLAG_EBS_ACCURATE_MODE);
1017 return iwl_mvm_send_cmd_pdu(mvm, SCAN_OFFLOAD_REQUEST_CMD, 0,
1018 sizeof(scan_req), &scan_req);
1021 int iwl_mvm_scan_offload_start(struct iwl_mvm *mvm,
1022 struct ieee80211_vif *vif,
1023 struct cfg80211_sched_scan_request *req,
1024 struct ieee80211_scan_ies *ies)
1028 if (mvm->fw->ucode_capa.capa[0] & IWL_UCODE_TLV_CAPA_UMAC_SCAN) {
1029 ret = iwl_mvm_config_sched_scan_profiles(mvm, req);
1032 ret = iwl_mvm_sched_scan_umac(mvm, vif, req, ies);
1033 } else if ((mvm->fw->ucode_capa.api[0] & IWL_UCODE_TLV_API_LMAC_SCAN)) {
1034 mvm->scan_status = IWL_MVM_SCAN_SCHED;
1035 ret = iwl_mvm_config_sched_scan_profiles(mvm, req);
1038 ret = iwl_mvm_unified_sched_scan_lmac(mvm, vif, req, ies);
1040 mvm->scan_status = IWL_MVM_SCAN_SCHED;
1041 ret = iwl_mvm_config_sched_scan(mvm, vif, req, ies);
1044 ret = iwl_mvm_config_sched_scan_profiles(mvm, req);
1047 ret = iwl_mvm_sched_scan_start(mvm, req);
1053 static int iwl_mvm_send_scan_offload_abort(struct iwl_mvm *mvm)
1056 struct iwl_host_cmd cmd = {
1057 .id = SCAN_OFFLOAD_ABORT_CMD,
1061 /* Exit instantly with error when device is not ready
1062 * to receive scan abort command or it does not perform
1063 * scheduled scan currently */
1064 if (mvm->scan_status != IWL_MVM_SCAN_SCHED &&
1065 (!(mvm->fw->ucode_capa.api[0] & IWL_UCODE_TLV_API_LMAC_SCAN) ||
1066 mvm->scan_status != IWL_MVM_SCAN_OS))
1069 ret = iwl_mvm_send_cmd_status(mvm, &cmd, &status);
1073 if (status != CAN_ABORT_STATUS) {
1075 * The scan abort will return 1 for success or
1076 * 2 for "failure". A failure condition can be
1077 * due to simply not being in an active scan which
1078 * can occur if we send the scan abort before the
1079 * microcode has notified us that a scan is completed.
1081 IWL_DEBUG_SCAN(mvm, "SCAN OFFLOAD ABORT ret %d.\n", status);
1088 int iwl_mvm_scan_offload_stop(struct iwl_mvm *mvm, bool notify)
1091 struct iwl_notification_wait wait_scan_done;
1092 static const u8 scan_done_notif[] = { SCAN_OFFLOAD_COMPLETE, };
1093 bool sched = mvm->scan_status == IWL_MVM_SCAN_SCHED;
1095 lockdep_assert_held(&mvm->mutex);
1097 if (mvm->fw->ucode_capa.capa[0] & IWL_UCODE_TLV_CAPA_UMAC_SCAN)
1098 return iwl_umac_scan_stop(mvm, IWL_UMAC_SCAN_UID_SCHED_SCAN,
1101 if (mvm->scan_status != IWL_MVM_SCAN_SCHED &&
1102 (!(mvm->fw->ucode_capa.api[0] & IWL_UCODE_TLV_API_LMAC_SCAN) ||
1103 mvm->scan_status != IWL_MVM_SCAN_OS)) {
1104 IWL_DEBUG_SCAN(mvm, "No scan to stop\n");
1108 iwl_init_notification_wait(&mvm->notif_wait, &wait_scan_done,
1110 ARRAY_SIZE(scan_done_notif),
1113 ret = iwl_mvm_send_scan_offload_abort(mvm);
1115 IWL_DEBUG_SCAN(mvm, "Send stop %sscan failed %d\n",
1116 sched ? "offloaded " : "", ret);
1117 iwl_remove_notification(&mvm->notif_wait, &wait_scan_done);
1121 IWL_DEBUG_SCAN(mvm, "Successfully sent stop %sscan\n",
1122 sched ? "offloaded " : "");
1124 ret = iwl_wait_notification(&mvm->notif_wait, &wait_scan_done, 1 * HZ);
1129 * Clear the scan status so the next scan requests will succeed. This
1130 * also ensures the Rx handler doesn't do anything, as the scan was
1131 * stopped from above. Since the rx handler won't do anything now,
1132 * we have to release the scan reference here.
1134 if (mvm->scan_status == IWL_MVM_SCAN_OS)
1135 iwl_mvm_unref(mvm, IWL_MVM_REF_SCAN);
1137 mvm->scan_status = IWL_MVM_SCAN_NONE;
1141 ieee80211_sched_scan_stopped(mvm->hw);
1143 ieee80211_scan_completed(mvm->hw, true);
1149 static void iwl_mvm_unified_scan_fill_tx_cmd(struct iwl_mvm *mvm,
1150 struct iwl_scan_req_tx_cmd *tx_cmd,
1153 tx_cmd[0].tx_flags = cpu_to_le32(TX_CMD_FLG_SEQ_CTL |
1155 tx_cmd[0].rate_n_flags = iwl_mvm_scan_rate_n_flags(mvm,
1156 IEEE80211_BAND_2GHZ,
1158 tx_cmd[0].sta_id = mvm->aux_sta.sta_id;
1160 tx_cmd[1].tx_flags = cpu_to_le32(TX_CMD_FLG_SEQ_CTL |
1162 tx_cmd[1].rate_n_flags = iwl_mvm_scan_rate_n_flags(mvm,
1163 IEEE80211_BAND_5GHZ,
1165 tx_cmd[1].sta_id = mvm->aux_sta.sta_id;
1169 iwl_mvm_lmac_scan_cfg_channels(struct iwl_mvm *mvm,
1170 struct ieee80211_channel **channels,
1171 int n_channels, u32 ssid_bitmap,
1172 struct iwl_scan_req_unified_lmac *cmd)
1174 struct iwl_scan_channel_cfg_lmac *channel_cfg = (void *)&cmd->data;
1177 for (i = 0; i < n_channels; i++) {
1178 channel_cfg[i].channel_num =
1179 cpu_to_le16(channels[i]->hw_value);
1180 channel_cfg[i].iter_count = cpu_to_le16(1);
1181 channel_cfg[i].iter_interval = 0;
1182 channel_cfg[i].flags =
1183 cpu_to_le32(IWL_UNIFIED_SCAN_CHANNEL_PARTIAL |
1188 static u8 *iwl_mvm_copy_and_insert_ds_elem(struct iwl_mvm *mvm, const u8 *ies,
1189 size_t len, u8 *const pos)
1191 static const u8 before_ds_params[] = {
1193 WLAN_EID_SUPP_RATES,
1195 WLAN_EID_EXT_SUPP_RATES,
1200 if (!iwl_mvm_rrm_scan_needed(mvm)) {
1201 memcpy(newpos, ies, len);
1202 return newpos + len;
1205 offs = ieee80211_ie_split(ies, len,
1207 ARRAY_SIZE(before_ds_params),
1210 memcpy(newpos, ies, offs);
1213 /* Add a placeholder for DS Parameter Set element */
1214 *newpos++ = WLAN_EID_DS_PARAMS;
1218 memcpy(newpos, ies + offs, len - offs);
1219 newpos += len - offs;
1225 iwl_mvm_build_unified_scan_probe(struct iwl_mvm *mvm, struct ieee80211_vif *vif,
1226 struct ieee80211_scan_ies *ies,
1227 struct iwl_scan_probe_req *preq)
1229 struct ieee80211_mgmt *frame = (struct ieee80211_mgmt *)preq->buf;
1232 frame->frame_control = cpu_to_le16(IEEE80211_STYPE_PROBE_REQ);
1233 eth_broadcast_addr(frame->da);
1234 memcpy(frame->sa, vif->addr, ETH_ALEN);
1235 eth_broadcast_addr(frame->bssid);
1236 frame->seq_ctrl = 0;
1238 pos = frame->u.probe_req.variable;
1239 *pos++ = WLAN_EID_SSID;
1242 preq->mac_header.offset = 0;
1243 preq->mac_header.len = cpu_to_le16(24 + 2);
1245 /* Insert ds parameter set element on 2.4 GHz band */
1246 newpos = iwl_mvm_copy_and_insert_ds_elem(mvm,
1247 ies->ies[IEEE80211_BAND_2GHZ],
1248 ies->len[IEEE80211_BAND_2GHZ],
1250 preq->band_data[0].offset = cpu_to_le16(pos - preq->buf);
1251 preq->band_data[0].len = cpu_to_le16(newpos - pos);
1254 memcpy(pos, ies->ies[IEEE80211_BAND_5GHZ],
1255 ies->len[IEEE80211_BAND_5GHZ]);
1256 preq->band_data[1].offset = cpu_to_le16(pos - preq->buf);
1257 preq->band_data[1].len = cpu_to_le16(ies->len[IEEE80211_BAND_5GHZ]);
1258 pos += ies->len[IEEE80211_BAND_5GHZ];
1260 memcpy(pos, ies->common_ies, ies->common_ie_len);
1261 preq->common_data.offset = cpu_to_le16(pos - preq->buf);
1262 preq->common_data.len = cpu_to_le16(ies->common_ie_len);
1266 iwl_mvm_build_generic_unified_scan_cmd(struct iwl_mvm *mvm,
1267 struct iwl_scan_req_unified_lmac *cmd,
1268 struct iwl_mvm_scan_params *params)
1270 memset(cmd, 0, ksize(cmd));
1271 cmd->active_dwell = params->dwell[IEEE80211_BAND_2GHZ].active;
1272 cmd->passive_dwell = params->dwell[IEEE80211_BAND_2GHZ].passive;
1273 if (params->passive_fragmented)
1274 cmd->fragmented_dwell =
1275 params->dwell[IEEE80211_BAND_2GHZ].passive;
1276 cmd->rx_chain_select = iwl_mvm_scan_rx_chain(mvm);
1277 cmd->max_out_time = cpu_to_le32(params->max_out_time);
1278 cmd->suspend_time = cpu_to_le32(params->suspend_time);
1279 cmd->scan_prio = cpu_to_le32(IWL_SCAN_PRIORITY_HIGH);
1280 cmd->iter_num = cpu_to_le32(1);
1282 if (mvm->fw->ucode_capa.flags & IWL_UCODE_TLV_FLAGS_EBS_SUPPORT &&
1283 mvm->last_ebs_successful) {
1284 cmd->channel_opt[0].flags =
1285 cpu_to_le16(IWL_SCAN_CHANNEL_FLAG_EBS |
1286 IWL_SCAN_CHANNEL_FLAG_EBS_ACCURATE |
1287 IWL_SCAN_CHANNEL_FLAG_CACHE_ADD);
1288 cmd->channel_opt[1].flags =
1289 cpu_to_le16(IWL_SCAN_CHANNEL_FLAG_EBS |
1290 IWL_SCAN_CHANNEL_FLAG_EBS_ACCURATE |
1291 IWL_SCAN_CHANNEL_FLAG_CACHE_ADD);
1294 if (iwl_mvm_rrm_scan_needed(mvm))
1296 cpu_to_le32(IWL_MVM_LMAC_SCAN_FLAGS_RRM_ENABLED);
1299 int iwl_mvm_unified_scan_lmac(struct iwl_mvm *mvm,
1300 struct ieee80211_vif *vif,
1301 struct ieee80211_scan_request *req)
1303 struct iwl_host_cmd hcmd = {
1304 .id = SCAN_OFFLOAD_REQUEST_CMD,
1305 .len = { sizeof(struct iwl_scan_req_unified_lmac) +
1306 sizeof(struct iwl_scan_channel_cfg_lmac) *
1307 mvm->fw->ucode_capa.n_scan_channels +
1308 sizeof(struct iwl_scan_probe_req), },
1309 .data = { mvm->scan_cmd, },
1310 .dataflags = { IWL_HCMD_DFL_NOCOPY, },
1312 struct iwl_scan_req_unified_lmac *cmd = mvm->scan_cmd;
1313 struct iwl_scan_probe_req *preq;
1314 struct iwl_mvm_scan_params params = {};
1316 int ssid_bitmap = 0;
1319 lockdep_assert_held(&mvm->mutex);
1321 /* we should have failed registration if scan_cmd was NULL */
1322 if (WARN_ON(mvm->scan_cmd == NULL))
1325 if (req->req.n_ssids > PROBE_OPTION_MAX ||
1326 req->ies.common_ie_len + req->ies.len[NL80211_BAND_2GHZ] +
1327 req->ies.len[NL80211_BAND_5GHZ] >
1328 iwl_mvm_max_scan_ie_fw_cmd_room(mvm, false) ||
1329 req->req.n_channels > mvm->fw->ucode_capa.n_scan_channels)
1332 mvm->scan_status = IWL_MVM_SCAN_OS;
1334 iwl_mvm_scan_calc_params(mvm, vif, req->req.n_ssids, req->req.flags,
1337 iwl_mvm_build_generic_unified_scan_cmd(mvm, cmd, ¶ms);
1339 cmd->n_channels = (u8)req->req.n_channels;
1341 flags = IWL_MVM_LMAC_SCAN_FLAG_PASS_ALL;
1343 if (req->req.n_ssids == 1 && req->req.ssids[0].ssid_len != 0)
1344 flags |= IWL_MVM_LMAC_SCAN_FLAG_PRE_CONNECTION;
1346 if (params.passive_fragmented)
1347 flags |= IWL_MVM_LMAC_SCAN_FLAG_FRAGMENTED;
1349 if (req->req.n_ssids == 0)
1350 flags |= IWL_MVM_LMAC_SCAN_FLAG_PASSIVE;
1352 cmd->scan_flags |= cpu_to_le32(flags);
1354 cmd->flags = iwl_mvm_scan_rxon_flags(req->req.channels[0]->band);
1355 cmd->filter_flags = cpu_to_le32(MAC_FILTER_ACCEPT_GRP |
1356 MAC_FILTER_IN_BEACON);
1357 iwl_mvm_unified_scan_fill_tx_cmd(mvm, cmd->tx_cmd, req->req.no_cck);
1358 iwl_mvm_scan_fill_ssids(cmd->direct_scan, req->req.ssids,
1359 req->req.n_ssids, 0);
1361 cmd->schedule[0].delay = 0;
1362 cmd->schedule[0].iterations = 1;
1363 cmd->schedule[0].full_scan_mul = 0;
1364 cmd->schedule[1].delay = 0;
1365 cmd->schedule[1].iterations = 0;
1366 cmd->schedule[1].full_scan_mul = 0;
1368 for (i = 1; i <= req->req.n_ssids; i++)
1369 ssid_bitmap |= BIT(i);
1371 iwl_mvm_lmac_scan_cfg_channels(mvm, req->req.channels,
1372 req->req.n_channels, ssid_bitmap,
1375 preq = (void *)(cmd->data + sizeof(struct iwl_scan_channel_cfg_lmac) *
1376 mvm->fw->ucode_capa.n_scan_channels);
1378 iwl_mvm_build_unified_scan_probe(mvm, vif, &req->ies, preq);
1380 ret = iwl_mvm_send_cmd(mvm, &hcmd);
1382 IWL_DEBUG_SCAN(mvm, "Scan request was sent successfully\n");
1385 * If the scan failed, it usually means that the FW was unable
1386 * to allocate the time events. Warn on it, but maybe we
1387 * should try to send the command again with different params.
1389 IWL_ERR(mvm, "Scan failed! ret %d\n", ret);
1390 mvm->scan_status = IWL_MVM_SCAN_NONE;
1396 int iwl_mvm_unified_sched_scan_lmac(struct iwl_mvm *mvm,
1397 struct ieee80211_vif *vif,
1398 struct cfg80211_sched_scan_request *req,
1399 struct ieee80211_scan_ies *ies)
1401 struct iwl_host_cmd hcmd = {
1402 .id = SCAN_OFFLOAD_REQUEST_CMD,
1403 .len = { sizeof(struct iwl_scan_req_unified_lmac) +
1404 sizeof(struct iwl_scan_channel_cfg_lmac) *
1405 mvm->fw->ucode_capa.n_scan_channels +
1406 sizeof(struct iwl_scan_probe_req), },
1407 .data = { mvm->scan_cmd, },
1408 .dataflags = { IWL_HCMD_DFL_NOCOPY, },
1410 struct iwl_scan_req_unified_lmac *cmd = mvm->scan_cmd;
1411 struct iwl_scan_probe_req *preq;
1412 struct iwl_mvm_scan_params params = {};
1414 u32 flags = 0, ssid_bitmap = 0;
1416 lockdep_assert_held(&mvm->mutex);
1418 /* we should have failed registration if scan_cmd was NULL */
1419 if (WARN_ON(mvm->scan_cmd == NULL))
1422 if (req->n_ssids > PROBE_OPTION_MAX ||
1423 ies->common_ie_len + ies->len[NL80211_BAND_2GHZ] +
1424 ies->len[NL80211_BAND_5GHZ] >
1425 iwl_mvm_max_scan_ie_fw_cmd_room(mvm, true) ||
1426 req->n_channels > mvm->fw->ucode_capa.n_scan_channels)
1429 iwl_mvm_scan_calc_params(mvm, vif, req->n_ssids, 0, ¶ms);
1431 iwl_mvm_build_generic_unified_scan_cmd(mvm, cmd, ¶ms);
1433 cmd->n_channels = (u8)req->n_channels;
1435 if (iwl_mvm_scan_pass_all(mvm, req))
1436 flags |= IWL_MVM_LMAC_SCAN_FLAG_PASS_ALL;
1438 if (req->n_ssids == 1 && req->ssids[0].ssid_len != 0)
1439 flags |= IWL_MVM_LMAC_SCAN_FLAG_PRE_CONNECTION;
1441 if (params.passive_fragmented)
1442 flags |= IWL_MVM_LMAC_SCAN_FLAG_FRAGMENTED;
1444 if (req->n_ssids == 0)
1445 flags |= IWL_MVM_LMAC_SCAN_FLAG_PASSIVE;
1447 cmd->scan_flags |= cpu_to_le32(flags);
1449 cmd->flags = iwl_mvm_scan_rxon_flags(req->channels[0]->band);
1450 cmd->filter_flags = cpu_to_le32(MAC_FILTER_ACCEPT_GRP |
1451 MAC_FILTER_IN_BEACON);
1452 iwl_mvm_unified_scan_fill_tx_cmd(mvm, cmd->tx_cmd, false);
1453 iwl_scan_offload_build_ssid(req, cmd->direct_scan, &ssid_bitmap, false);
1455 cmd->schedule[0].delay = cpu_to_le16(req->interval / MSEC_PER_SEC);
1456 cmd->schedule[0].iterations = IWL_FAST_SCHED_SCAN_ITERATIONS;
1457 cmd->schedule[0].full_scan_mul = 1;
1459 cmd->schedule[1].delay = cpu_to_le16(req->interval / MSEC_PER_SEC);
1460 cmd->schedule[1].iterations = 0xff;
1461 cmd->schedule[1].full_scan_mul = IWL_FULL_SCAN_MULTIPLIER;
1463 iwl_mvm_lmac_scan_cfg_channels(mvm, req->channels, req->n_channels,
1466 preq = (void *)(cmd->data + sizeof(struct iwl_scan_channel_cfg_lmac) *
1467 mvm->fw->ucode_capa.n_scan_channels);
1469 iwl_mvm_build_unified_scan_probe(mvm, vif, ies, preq);
1471 ret = iwl_mvm_send_cmd(mvm, &hcmd);
1474 "Sched scan request was sent successfully\n");
1477 * If the scan failed, it usually means that the FW was unable
1478 * to allocate the time events. Warn on it, but maybe we
1479 * should try to send the command again with different params.
1481 IWL_ERR(mvm, "Sched scan failed! ret %d\n", ret);
1482 mvm->scan_status = IWL_MVM_SCAN_NONE;
1489 int iwl_mvm_cancel_scan(struct iwl_mvm *mvm)
1491 if (mvm->fw->ucode_capa.capa[0] & IWL_UCODE_TLV_CAPA_UMAC_SCAN)
1492 return iwl_umac_scan_stop(mvm, IWL_UMAC_SCAN_UID_REG_SCAN,
1495 if (mvm->scan_status == IWL_MVM_SCAN_NONE)
1498 if (iwl_mvm_is_radio_killed(mvm)) {
1499 ieee80211_scan_completed(mvm->hw, true);
1500 iwl_mvm_unref(mvm, IWL_MVM_REF_SCAN);
1501 mvm->scan_status = IWL_MVM_SCAN_NONE;
1505 if (mvm->fw->ucode_capa.api[0] & IWL_UCODE_TLV_API_LMAC_SCAN)
1506 return iwl_mvm_scan_offload_stop(mvm, true);
1507 return iwl_mvm_cancel_regular_scan(mvm);
1512 struct iwl_umac_scan_done {
1513 struct iwl_mvm *mvm;
1514 enum iwl_umac_scan_uid_type type;
1517 static int rate_to_scan_rate_flag(unsigned int rate)
1519 static const int rate_to_scan_rate[IWL_RATE_COUNT] = {
1520 [IWL_RATE_1M_INDEX] = SCAN_CONFIG_RATE_1M,
1521 [IWL_RATE_2M_INDEX] = SCAN_CONFIG_RATE_2M,
1522 [IWL_RATE_5M_INDEX] = SCAN_CONFIG_RATE_5M,
1523 [IWL_RATE_11M_INDEX] = SCAN_CONFIG_RATE_11M,
1524 [IWL_RATE_6M_INDEX] = SCAN_CONFIG_RATE_6M,
1525 [IWL_RATE_9M_INDEX] = SCAN_CONFIG_RATE_9M,
1526 [IWL_RATE_12M_INDEX] = SCAN_CONFIG_RATE_12M,
1527 [IWL_RATE_18M_INDEX] = SCAN_CONFIG_RATE_18M,
1528 [IWL_RATE_24M_INDEX] = SCAN_CONFIG_RATE_24M,
1529 [IWL_RATE_36M_INDEX] = SCAN_CONFIG_RATE_36M,
1530 [IWL_RATE_48M_INDEX] = SCAN_CONFIG_RATE_48M,
1531 [IWL_RATE_54M_INDEX] = SCAN_CONFIG_RATE_54M,
1534 return rate_to_scan_rate[rate];
1537 static __le32 iwl_mvm_scan_config_rates(struct iwl_mvm *mvm)
1539 struct ieee80211_supported_band *band;
1540 unsigned int rates = 0;
1543 band = &mvm->nvm_data->bands[IEEE80211_BAND_2GHZ];
1544 for (i = 0; i < band->n_bitrates; i++)
1545 rates |= rate_to_scan_rate_flag(band->bitrates[i].hw_value);
1546 band = &mvm->nvm_data->bands[IEEE80211_BAND_5GHZ];
1547 for (i = 0; i < band->n_bitrates; i++)
1548 rates |= rate_to_scan_rate_flag(band->bitrates[i].hw_value);
1550 /* Set both basic rates and supported rates */
1551 rates |= SCAN_CONFIG_SUPPORTED_RATE(rates);
1553 return cpu_to_le32(rates);
1556 int iwl_mvm_config_scan(struct iwl_mvm *mvm)
1559 struct iwl_scan_config *scan_config;
1560 struct ieee80211_supported_band *band;
1562 mvm->nvm_data->bands[IEEE80211_BAND_2GHZ].n_channels +
1563 mvm->nvm_data->bands[IEEE80211_BAND_5GHZ].n_channels;
1564 int ret, i, j = 0, cmd_size, data_size;
1565 struct iwl_host_cmd cmd = {
1569 if (WARN_ON(num_channels > mvm->fw->ucode_capa.n_scan_channels))
1572 cmd_size = sizeof(*scan_config) + mvm->fw->ucode_capa.n_scan_channels;
1574 scan_config = kzalloc(cmd_size, GFP_KERNEL);
1578 data_size = cmd_size - sizeof(struct iwl_mvm_umac_cmd_hdr);
1579 scan_config->hdr.size = cpu_to_le16(data_size);
1580 scan_config->flags = cpu_to_le32(SCAN_CONFIG_FLAG_ACTIVATE |
1581 SCAN_CONFIG_FLAG_ALLOW_CHUB_REQS |
1582 SCAN_CONFIG_FLAG_SET_TX_CHAINS |
1583 SCAN_CONFIG_FLAG_SET_RX_CHAINS |
1584 SCAN_CONFIG_FLAG_SET_ALL_TIMES |
1585 SCAN_CONFIG_FLAG_SET_LEGACY_RATES |
1586 SCAN_CONFIG_FLAG_SET_MAC_ADDR |
1587 SCAN_CONFIG_FLAG_SET_CHANNEL_FLAGS|
1588 SCAN_CONFIG_N_CHANNELS(num_channels));
1589 scan_config->tx_chains = cpu_to_le32(mvm->fw->valid_tx_ant);
1590 scan_config->rx_chains = cpu_to_le32(iwl_mvm_scan_rx_ant(mvm));
1591 scan_config->legacy_rates = iwl_mvm_scan_config_rates(mvm);
1592 scan_config->out_of_channel_time = cpu_to_le32(170);
1593 scan_config->suspend_time = cpu_to_le32(30);
1594 scan_config->dwell_active = 20;
1595 scan_config->dwell_passive = 110;
1596 scan_config->dwell_fragmented = 20;
1598 memcpy(&scan_config->mac_addr, &mvm->addresses[0].addr, ETH_ALEN);
1600 scan_config->bcast_sta_id = mvm->aux_sta.sta_id;
1601 scan_config->channel_flags = IWL_CHANNEL_FLAG_EBS |
1602 IWL_CHANNEL_FLAG_ACCURATE_EBS |
1603 IWL_CHANNEL_FLAG_EBS_ADD |
1604 IWL_CHANNEL_FLAG_PRE_SCAN_PASSIVE2ACTIVE;
1606 band = &mvm->nvm_data->bands[IEEE80211_BAND_2GHZ];
1607 for (i = 0; i < band->n_channels; i++, j++)
1608 scan_config->channel_array[j] = band->channels[i].center_freq;
1609 band = &mvm->nvm_data->bands[IEEE80211_BAND_5GHZ];
1610 for (i = 0; i < band->n_channels; i++, j++)
1611 scan_config->channel_array[j] = band->channels[i].center_freq;
1613 cmd.data[0] = scan_config;
1614 cmd.len[0] = cmd_size;
1615 cmd.dataflags[0] = IWL_HCMD_DFL_NOCOPY;
1617 IWL_DEBUG_SCAN(mvm, "Sending UMAC scan config\n");
1619 ret = iwl_mvm_send_cmd(mvm, &cmd);
1625 static int iwl_mvm_find_scan_uid(struct iwl_mvm *mvm, u32 uid)
1629 for (i = 0; i < IWL_MVM_MAX_SIMULTANEOUS_SCANS; i++)
1630 if (mvm->scan_uid[i] == uid)
1636 static int iwl_mvm_find_free_scan_uid(struct iwl_mvm *mvm)
1638 return iwl_mvm_find_scan_uid(mvm, 0);
1641 static bool iwl_mvm_find_scan_type(struct iwl_mvm *mvm,
1642 enum iwl_umac_scan_uid_type type)
1646 for (i = 0; i < IWL_MVM_MAX_SIMULTANEOUS_SCANS; i++)
1647 if (mvm->scan_uid[i] & type)
1653 static u32 iwl_generate_scan_uid(struct iwl_mvm *mvm,
1654 enum iwl_umac_scan_uid_type type)
1658 /* make sure exactly one bit is on in scan type */
1659 WARN_ON(hweight8(type) != 1);
1662 * Make sure scan uids are unique. If one scan lasts long time while
1663 * others are completing frequently, the seq number will wrap up and
1664 * we may have more than one scan with the same uid.
1667 uid = type | (mvm->scan_seq_num <<
1668 IWL_UMAC_SCAN_UID_SEQ_OFFSET);
1669 mvm->scan_seq_num++;
1670 } while (iwl_mvm_find_scan_uid(mvm, uid) <
1671 IWL_MVM_MAX_SIMULTANEOUS_SCANS);
1673 IWL_DEBUG_SCAN(mvm, "Generated scan UID %u\n", uid);
1679 iwl_mvm_build_generic_umac_scan_cmd(struct iwl_mvm *mvm,
1680 struct iwl_scan_req_umac *cmd,
1681 struct iwl_mvm_scan_params *params)
1683 memset(cmd, 0, ksize(cmd));
1684 cmd->hdr.size = cpu_to_le16(iwl_mvm_scan_size(mvm) -
1685 sizeof(struct iwl_mvm_umac_cmd_hdr));
1686 cmd->active_dwell = params->dwell[IEEE80211_BAND_2GHZ].active;
1687 cmd->passive_dwell = params->dwell[IEEE80211_BAND_2GHZ].passive;
1688 if (params->passive_fragmented)
1689 cmd->fragmented_dwell =
1690 params->dwell[IEEE80211_BAND_2GHZ].passive;
1691 cmd->max_out_time = cpu_to_le32(params->max_out_time);
1692 cmd->suspend_time = cpu_to_le32(params->suspend_time);
1693 cmd->scan_priority = cpu_to_le32(IWL_SCAN_PRIORITY_HIGH);
1697 iwl_mvm_umac_scan_cfg_channels(struct iwl_mvm *mvm,
1698 struct ieee80211_channel **channels,
1699 int n_channels, u32 ssid_bitmap,
1700 struct iwl_scan_req_umac *cmd)
1702 struct iwl_scan_channel_cfg_umac *channel_cfg = (void *)&cmd->data;
1705 for (i = 0; i < n_channels; i++) {
1706 channel_cfg[i].flags = cpu_to_le32(ssid_bitmap);
1707 channel_cfg[i].channel_num = channels[i]->hw_value;
1708 channel_cfg[i].iter_count = 1;
1709 channel_cfg[i].iter_interval = 0;
1713 static u32 iwl_mvm_scan_umac_common_flags(struct iwl_mvm *mvm, int n_ssids,
1714 struct cfg80211_ssid *ssids,
1720 flags = IWL_UMAC_SCAN_GEN_FLAGS_PASSIVE;
1722 if (n_ssids == 1 && ssids[0].ssid_len != 0)
1723 flags |= IWL_UMAC_SCAN_GEN_FLAGS_PRE_CONNECT;
1726 flags |= IWL_UMAC_SCAN_GEN_FLAGS_FRAGMENTED;
1728 if (iwl_mvm_rrm_scan_needed(mvm))
1729 flags |= IWL_UMAC_SCAN_GEN_FLAGS_RRM_ENABLED;
1734 int iwl_mvm_scan_umac(struct iwl_mvm *mvm, struct ieee80211_vif *vif,
1735 struct ieee80211_scan_request *req)
1737 struct iwl_host_cmd hcmd = {
1738 .id = SCAN_REQ_UMAC,
1739 .len = { iwl_mvm_scan_size(mvm), },
1740 .data = { mvm->scan_cmd, },
1741 .dataflags = { IWL_HCMD_DFL_NOCOPY, },
1743 struct iwl_scan_req_umac *cmd = mvm->scan_cmd;
1744 struct iwl_scan_req_umac_tail *sec_part = (void *)&cmd->data +
1745 sizeof(struct iwl_scan_channel_cfg_umac) *
1746 mvm->fw->ucode_capa.n_scan_channels;
1747 struct iwl_mvm_scan_params params = {};
1749 int ssid_bitmap = 0;
1750 int ret, i, uid_idx;
1752 lockdep_assert_held(&mvm->mutex);
1754 uid_idx = iwl_mvm_find_free_scan_uid(mvm);
1755 if (uid_idx >= IWL_MVM_MAX_SIMULTANEOUS_SCANS)
1758 /* we should have failed registration if scan_cmd was NULL */
1759 if (WARN_ON(mvm->scan_cmd == NULL))
1762 if (WARN_ON(req->req.n_ssids > PROBE_OPTION_MAX ||
1763 req->ies.common_ie_len +
1764 req->ies.len[NL80211_BAND_2GHZ] +
1765 req->ies.len[NL80211_BAND_5GHZ] + 24 + 2 >
1766 SCAN_OFFLOAD_PROBE_REQ_SIZE || req->req.n_channels >
1767 mvm->fw->ucode_capa.n_scan_channels))
1770 iwl_mvm_scan_calc_params(mvm, vif, req->req.n_ssids, req->req.flags,
1773 iwl_mvm_build_generic_umac_scan_cmd(mvm, cmd, ¶ms);
1775 uid = iwl_generate_scan_uid(mvm, IWL_UMAC_SCAN_UID_REG_SCAN);
1776 mvm->scan_uid[uid_idx] = uid;
1777 cmd->uid = cpu_to_le32(uid);
1779 cmd->ooc_priority = cpu_to_le32(IWL_SCAN_PRIORITY_HIGH);
1781 flags = iwl_mvm_scan_umac_common_flags(mvm, req->req.n_ssids,
1783 params.passive_fragmented);
1785 flags |= IWL_UMAC_SCAN_GEN_FLAGS_PASS_ALL;
1787 cmd->general_flags = cpu_to_le32(flags);
1788 cmd->n_channels = req->req.n_channels;
1790 for (i = 0; i < req->req.n_ssids; i++)
1791 ssid_bitmap |= BIT(i);
1793 iwl_mvm_umac_scan_cfg_channels(mvm, req->req.channels,
1794 req->req.n_channels, ssid_bitmap, cmd);
1796 sec_part->schedule[0].iter_count = 1;
1797 sec_part->delay = 0;
1799 iwl_mvm_build_unified_scan_probe(mvm, vif, &req->ies, &sec_part->preq);
1801 iwl_mvm_scan_fill_ssids(sec_part->direct_scan, req->req.ssids,
1802 req->req.n_ssids, 0);
1804 ret = iwl_mvm_send_cmd(mvm, &hcmd);
1807 "Scan request was sent successfully\n");
1810 * If the scan failed, it usually means that the FW was unable
1811 * to allocate the time events. Warn on it, but maybe we
1812 * should try to send the command again with different params.
1814 IWL_ERR(mvm, "Scan failed! ret %d\n", ret);
1819 int iwl_mvm_sched_scan_umac(struct iwl_mvm *mvm, struct ieee80211_vif *vif,
1820 struct cfg80211_sched_scan_request *req,
1821 struct ieee80211_scan_ies *ies)
1824 struct iwl_host_cmd hcmd = {
1825 .id = SCAN_REQ_UMAC,
1826 .len = { iwl_mvm_scan_size(mvm), },
1827 .data = { mvm->scan_cmd, },
1828 .dataflags = { IWL_HCMD_DFL_NOCOPY, },
1830 struct iwl_scan_req_umac *cmd = mvm->scan_cmd;
1831 struct iwl_scan_req_umac_tail *sec_part = (void *)&cmd->data +
1832 sizeof(struct iwl_scan_channel_cfg_umac) *
1833 mvm->fw->ucode_capa.n_scan_channels;
1834 struct iwl_mvm_scan_params params = {};
1836 int ssid_bitmap = 0;
1839 lockdep_assert_held(&mvm->mutex);
1841 uid_idx = iwl_mvm_find_free_scan_uid(mvm);
1842 if (uid_idx >= IWL_MVM_MAX_SIMULTANEOUS_SCANS)
1845 /* we should have failed registration if scan_cmd was NULL */
1846 if (WARN_ON(mvm->scan_cmd == NULL))
1849 if (WARN_ON(req->n_ssids > PROBE_OPTION_MAX ||
1850 ies->common_ie_len + ies->len[NL80211_BAND_2GHZ] +
1851 ies->len[NL80211_BAND_5GHZ] + 24 + 2 >
1852 SCAN_OFFLOAD_PROBE_REQ_SIZE || req->n_channels >
1853 mvm->fw->ucode_capa.n_scan_channels))
1856 iwl_mvm_scan_calc_params(mvm, vif, req->n_ssids, req->flags,
1859 iwl_mvm_build_generic_umac_scan_cmd(mvm, cmd, ¶ms);
1861 cmd->flags = cpu_to_le32(IWL_UMAC_SCAN_FLAG_PREEMPTIVE);
1863 uid = iwl_generate_scan_uid(mvm, IWL_UMAC_SCAN_UID_SCHED_SCAN);
1864 mvm->scan_uid[uid_idx] = uid;
1865 cmd->uid = cpu_to_le32(uid);
1867 cmd->ooc_priority = cpu_to_le32(IWL_SCAN_PRIORITY_LOW);
1869 flags = iwl_mvm_scan_umac_common_flags(mvm, req->n_ssids, req->ssids,
1870 params.passive_fragmented);
1872 flags |= IWL_UMAC_SCAN_GEN_FLAGS_PERIODIC;
1874 if (iwl_mvm_scan_pass_all(mvm, req))
1875 flags |= IWL_UMAC_SCAN_GEN_FLAGS_PASS_ALL;
1877 flags |= IWL_UMAC_SCAN_GEN_FLAGS_MATCH;
1879 cmd->general_flags = cpu_to_le32(flags);
1881 if (mvm->fw->ucode_capa.flags & IWL_UCODE_TLV_FLAGS_EBS_SUPPORT &&
1882 mvm->last_ebs_successful)
1883 cmd->channel_flags = IWL_SCAN_CHANNEL_FLAG_EBS |
1884 IWL_SCAN_CHANNEL_FLAG_EBS_ACCURATE |
1885 IWL_SCAN_CHANNEL_FLAG_CACHE_ADD;
1887 cmd->n_channels = req->n_channels;
1889 iwl_scan_offload_build_ssid(req, sec_part->direct_scan, &ssid_bitmap,
1892 /* This API uses bits 0-19 instead of 1-20. */
1893 ssid_bitmap = ssid_bitmap >> 1;
1895 iwl_mvm_umac_scan_cfg_channels(mvm, req->channels, req->n_channels,
1898 sec_part->schedule[0].interval =
1899 cpu_to_le16(req->interval / MSEC_PER_SEC);
1900 sec_part->schedule[0].iter_count = 0xff;
1902 sec_part->delay = 0;
1904 iwl_mvm_build_unified_scan_probe(mvm, vif, ies, &sec_part->preq);
1906 ret = iwl_mvm_send_cmd(mvm, &hcmd);
1909 "Sched scan request was sent successfully\n");
1912 * If the scan failed, it usually means that the FW was unable
1913 * to allocate the time events. Warn on it, but maybe we
1914 * should try to send the command again with different params.
1916 IWL_ERR(mvm, "Sched scan failed! ret %d\n", ret);
1921 int iwl_mvm_rx_umac_scan_complete_notif(struct iwl_mvm *mvm,
1922 struct iwl_rx_cmd_buffer *rxb,
1923 struct iwl_device_cmd *cmd)
1925 struct iwl_rx_packet *pkt = rxb_addr(rxb);
1926 struct iwl_umac_scan_complete *notif = (void *)pkt->data;
1927 u32 uid = __le32_to_cpu(notif->uid);
1928 bool sched = !!(uid & IWL_UMAC_SCAN_UID_SCHED_SCAN);
1929 int uid_idx = iwl_mvm_find_scan_uid(mvm, uid);
1931 if (WARN(uid_idx >= IWL_MVM_MAX_SIMULTANEOUS_SCANS,
1932 "Scan notification for uknown scan ID\n"))
1936 "Scan completed, uid %u type %s, status %s, EBS status %s\n",
1937 uid, sched ? "sched" : "regular",
1938 notif->status == IWL_SCAN_OFFLOAD_COMPLETED ?
1939 "completed" : "aborted",
1940 notif->ebs_status == IWL_SCAN_EBS_SUCCESS ?
1941 "success" : "failed");
1943 mvm->last_ebs_successful = !notif->ebs_status;
1944 mvm->scan_uid[uid_idx] = 0;
1947 ieee80211_scan_completed(mvm->hw,
1949 IWL_SCAN_OFFLOAD_ABORTED);
1950 iwl_mvm_unref(mvm, IWL_MVM_REF_SCAN);
1951 } else if (!iwl_mvm_find_scan_type(mvm, IWL_UMAC_SCAN_UID_SCHED_SCAN)) {
1952 ieee80211_sched_scan_stopped(mvm->hw);
1954 IWL_DEBUG_SCAN(mvm, "Another sched scan is running\n");
1960 static bool iwl_scan_umac_done_check(struct iwl_notif_wait_data *notif_wait,
1961 struct iwl_rx_packet *pkt, void *data)
1963 struct iwl_umac_scan_done *scan_done = data;
1964 struct iwl_umac_scan_complete *notif = (void *)pkt->data;
1965 u32 uid = __le32_to_cpu(notif->uid);
1966 int uid_idx = iwl_mvm_find_scan_uid(scan_done->mvm, uid);
1968 if (WARN_ON(pkt->hdr.cmd != SCAN_COMPLETE_UMAC))
1971 if (uid_idx >= IWL_MVM_MAX_SIMULTANEOUS_SCANS)
1975 * Clear scan uid of scans that was aborted from above and completed
1976 * in FW so the RX handler does nothing.
1978 scan_done->mvm->scan_uid[uid_idx] = 0;
1980 return !iwl_mvm_find_scan_type(scan_done->mvm, scan_done->type);
1983 static int iwl_umac_scan_abort_one(struct iwl_mvm *mvm, u32 uid)
1985 struct iwl_umac_scan_abort cmd = {
1986 .hdr.size = cpu_to_le16(sizeof(struct iwl_umac_scan_abort) -
1987 sizeof(struct iwl_mvm_umac_cmd_hdr)),
1988 .uid = cpu_to_le32(uid),
1991 lockdep_assert_held(&mvm->mutex);
1993 IWL_DEBUG_SCAN(mvm, "Sending scan abort, uid %u\n", uid);
1995 return iwl_mvm_send_cmd_pdu(mvm, SCAN_ABORT_UMAC, 0, sizeof(cmd), &cmd);
1998 static int iwl_umac_scan_stop(struct iwl_mvm *mvm,
1999 enum iwl_umac_scan_uid_type type, bool notify)
2001 struct iwl_notification_wait wait_scan_done;
2002 static const u8 scan_done_notif[] = { SCAN_COMPLETE_UMAC, };
2003 struct iwl_umac_scan_done scan_done = {
2009 iwl_init_notification_wait(&mvm->notif_wait, &wait_scan_done,
2011 ARRAY_SIZE(scan_done_notif),
2012 iwl_scan_umac_done_check, &scan_done);
2014 IWL_DEBUG_SCAN(mvm, "Preparing to stop scan, type %x\n", type);
2016 for (i = 0; i < IWL_MVM_MAX_SIMULTANEOUS_SCANS; i++) {
2017 if (mvm->scan_uid[i] & type) {
2020 if (iwl_mvm_is_radio_killed(mvm) &&
2021 (type & IWL_UMAC_SCAN_UID_REG_SCAN)) {
2022 ieee80211_scan_completed(mvm->hw, true);
2023 iwl_mvm_unref(mvm, IWL_MVM_REF_SCAN);
2027 err = iwl_umac_scan_abort_one(mvm, mvm->scan_uid[i]);
2034 IWL_DEBUG_SCAN(mvm, "Couldn't stop scan\n");
2035 iwl_remove_notification(&mvm->notif_wait, &wait_scan_done);
2039 ret = iwl_wait_notification(&mvm->notif_wait, &wait_scan_done, 1 * HZ);
2044 if (type & IWL_UMAC_SCAN_UID_SCHED_SCAN)
2045 ieee80211_sched_scan_stopped(mvm->hw);
2046 if (type & IWL_UMAC_SCAN_UID_REG_SCAN) {
2047 ieee80211_scan_completed(mvm->hw, true);
2048 iwl_mvm_unref(mvm, IWL_MVM_REF_SCAN);
2055 int iwl_mvm_scan_size(struct iwl_mvm *mvm)
2057 if (mvm->fw->ucode_capa.capa[0] & IWL_UCODE_TLV_CAPA_UMAC_SCAN)
2058 return sizeof(struct iwl_scan_req_umac) +
2059 sizeof(struct iwl_scan_channel_cfg_umac) *
2060 mvm->fw->ucode_capa.n_scan_channels +
2061 sizeof(struct iwl_scan_req_umac_tail);
2063 if (mvm->fw->ucode_capa.api[0] & IWL_UCODE_TLV_API_LMAC_SCAN)
2064 return sizeof(struct iwl_scan_req_unified_lmac) +
2065 sizeof(struct iwl_scan_channel_cfg_lmac) *
2066 mvm->fw->ucode_capa.n_scan_channels +
2067 sizeof(struct iwl_scan_probe_req);
2069 return sizeof(struct iwl_scan_cmd) +
2070 mvm->fw->ucode_capa.max_probe_length +
2071 mvm->fw->ucode_capa.n_scan_channels *
2072 sizeof(struct iwl_scan_channel);
projects / firefly-linux-kernel-4.4.55.git / blob