1 /******************************************************************************
3 * This file is provided under a dual BSD/GPLv2 license. When using or
4 * redistributing this file, you may do so under either license.
8 * Copyright(c) 2012 - 2014 Intel Corporation. All rights reserved.
9 * Copyright(c) 2013 - 2014 Intel Mobile Communications GmbH
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of version 2 of the GNU General Public License as
13 * published by the Free Software Foundation.
15 * This program is distributed in the hope that it will be useful, but
16 * WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 * General Public License for more details.
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, write to the Free Software
22 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110,
25 * The full GNU General Public License is included in this distribution
26 * in the file called COPYING.
28 * Contact Information:
29 * Intel Linux Wireless <ilw@linux.intel.com>
30 * Intel Corporation, 5200 N.E. Elam Young Parkway, Hillsboro, OR 97124-6497
34 * Copyright(c) 2012 - 2014 Intel Corporation. All rights reserved.
35 * Copyright(c) 2013 - 2014 Intel Mobile Communications GmbH
36 * All rights reserved.
38 * Redistribution and use in source and binary forms, with or without
39 * modification, are permitted provided that the following conditions
42 * * Redistributions of source code must retain the above copyright
43 * notice, this list of conditions and the following disclaimer.
44 * * Redistributions in binary form must reproduce the above copyright
45 * notice, this list of conditions and the following disclaimer in
46 * the documentation and/or other materials provided with the
48 * * Neither the name Intel Corporation nor the names of its
49 * contributors may be used to endorse or promote products derived
50 * from this software without specific prior written permission.
52 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
53 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
54 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
55 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
56 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
57 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
58 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
59 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
60 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
61 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
62 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
64 *****************************************************************************/
66 #include <linux/etherdevice.h>
67 #include <net/mac80211.h>
70 #include "iwl-eeprom-parse.h"
71 #include "fw-api-scan.h"
73 #define IWL_PLCP_QUIET_THRESH 1
74 #define IWL_ACTIVE_QUIET_TIME 10
76 struct iwl_mvm_scan_params {
79 bool passive_fragmented;
83 } dwell[IEEE80211_NUM_BANDS];
86 enum iwl_umac_scan_uid_type {
87 IWL_UMAC_SCAN_UID_REG_SCAN = BIT(0),
88 IWL_UMAC_SCAN_UID_SCHED_SCAN = BIT(1),
89 IWL_UMAC_SCAN_UID_ALL = IWL_UMAC_SCAN_UID_REG_SCAN |
90 IWL_UMAC_SCAN_UID_SCHED_SCAN,
93 static int iwl_umac_scan_stop(struct iwl_mvm *mvm,
94 enum iwl_umac_scan_uid_type type, bool notify);
96 static u8 iwl_mvm_scan_rx_ant(struct iwl_mvm *mvm)
98 if (mvm->scan_rx_ant != ANT_NONE)
99 return mvm->scan_rx_ant;
100 return mvm->fw->valid_rx_ant;
103 static inline __le16 iwl_mvm_scan_rx_chain(struct iwl_mvm *mvm)
108 rx_ant = iwl_mvm_scan_rx_ant(mvm);
109 rx_chain = rx_ant << PHY_RX_CHAIN_VALID_POS;
110 rx_chain |= rx_ant << PHY_RX_CHAIN_FORCE_MIMO_SEL_POS;
111 rx_chain |= rx_ant << PHY_RX_CHAIN_FORCE_SEL_POS;
112 rx_chain |= 0x1 << PHY_RX_CHAIN_DRIVER_FORCE_POS;
113 return cpu_to_le16(rx_chain);
116 static __le32 iwl_mvm_scan_rxon_flags(enum ieee80211_band band)
118 if (band == IEEE80211_BAND_2GHZ)
119 return cpu_to_le32(PHY_BAND_24);
121 return cpu_to_le32(PHY_BAND_5);
125 iwl_mvm_scan_rate_n_flags(struct iwl_mvm *mvm, enum ieee80211_band band,
130 mvm->scan_last_antenna_idx =
131 iwl_mvm_next_antenna(mvm, mvm->fw->valid_tx_ant,
132 mvm->scan_last_antenna_idx);
133 tx_ant = BIT(mvm->scan_last_antenna_idx) << RATE_MCS_ANT_POS;
135 if (band == IEEE80211_BAND_2GHZ && !no_cck)
136 return cpu_to_le32(IWL_RATE_1M_PLCP | RATE_MCS_CCK_MSK |
139 return cpu_to_le32(IWL_RATE_6M_PLCP | tx_ant);
143 * We insert the SSIDs in an inverted order, because the FW will
144 * invert it back. The most prioritized SSID, which is first in the
145 * request list, is not copied here, but inserted directly to the probe
148 static void iwl_mvm_scan_fill_ssids(struct iwl_ssid_ie *cmd_ssid,
149 struct cfg80211_ssid *ssids,
150 int n_ssids, int first)
154 for (req_idx = n_ssids - 1, fw_idx = 0; req_idx >= first;
155 req_idx--, fw_idx++) {
156 cmd_ssid[fw_idx].id = WLAN_EID_SSID;
157 cmd_ssid[fw_idx].len = ssids[req_idx].ssid_len;
158 memcpy(cmd_ssid[fw_idx].ssid,
160 ssids[req_idx].ssid_len);
165 * If req->n_ssids > 0, it means we should do an active scan.
166 * In case of active scan w/o directed scan, we receive a zero-length SSID
167 * just to notify that this scan is active and not passive.
168 * In order to notify the FW of the number of SSIDs we wish to scan (including
169 * the zero-length one), we need to set the corresponding bits in chan->type,
170 * one for each SSID, and set the active bit (first). If the first SSID is
171 * already included in the probe template, so we need to set only
172 * req->n_ssids - 1 bits in addition to the first bit.
174 static u16 iwl_mvm_get_active_dwell(enum ieee80211_band band, int n_ssids)
176 if (band == IEEE80211_BAND_2GHZ)
177 return 20 + 3 * (n_ssids + 1);
178 return 10 + 2 * (n_ssids + 1);
181 static u16 iwl_mvm_get_passive_dwell(enum ieee80211_band band)
183 return band == IEEE80211_BAND_2GHZ ? 100 + 20 : 100 + 10;
186 static void iwl_mvm_scan_fill_channels(struct iwl_scan_cmd *cmd,
187 struct cfg80211_scan_request *req,
189 struct iwl_mvm_scan_params *params)
191 struct iwl_scan_channel *chan = (struct iwl_scan_channel *)
192 (cmd->data + le16_to_cpu(cmd->tx_cmd.len));
194 int type = BIT(req->n_ssids) - 1;
195 enum ieee80211_band band = req->channels[0]->band;
198 type |= BIT(req->n_ssids);
200 for (i = 0; i < cmd->channel_count; i++) {
201 chan->channel = cpu_to_le16(req->channels[i]->hw_value);
202 chan->type = cpu_to_le32(type);
203 if (req->channels[i]->flags & IEEE80211_CHAN_NO_IR)
204 chan->type &= cpu_to_le32(~SCAN_CHANNEL_TYPE_ACTIVE);
205 chan->active_dwell = cpu_to_le16(params->dwell[band].active);
206 chan->passive_dwell = cpu_to_le16(params->dwell[band].passive);
207 chan->iteration_count = cpu_to_le16(1);
213 * Fill in probe request with the following parameters:
214 * TA is our vif HW address, which mac80211 ensures we have.
215 * Packet is broadcasted, so this is both SA and DA.
216 * The probe request IE is made out of two: first comes the most prioritized
217 * SSID if a directed scan is requested. Second comes whatever extra
218 * information was given to us as the scan request IE.
220 static u16 iwl_mvm_fill_probe_req(struct ieee80211_mgmt *frame, const u8 *ta,
221 int n_ssids, const u8 *ssid, int ssid_len,
222 const u8 *band_ie, int band_ie_len,
223 const u8 *common_ie, int common_ie_len,
229 /* Make sure there is enough space for the probe request,
230 * two mandatory IEs and the data */
235 frame->frame_control = cpu_to_le16(IEEE80211_STYPE_PROBE_REQ);
236 eth_broadcast_addr(frame->da);
237 memcpy(frame->sa, ta, ETH_ALEN);
238 eth_broadcast_addr(frame->bssid);
243 /* for passive scans, no need to fill anything */
247 /* points to the payload of the request */
248 pos = &frame->u.probe_req.variable[0];
250 /* fill in our SSID IE */
251 left -= ssid_len + 2;
254 *pos++ = WLAN_EID_SSID;
256 if (ssid && ssid_len) { /* ssid_len may be == 0 even if ssid is valid */
257 memcpy(pos, ssid, ssid_len);
263 if (WARN_ON(left < band_ie_len + common_ie_len))
266 if (band_ie && band_ie_len) {
267 memcpy(pos, band_ie, band_ie_len);
272 if (common_ie && common_ie_len) {
273 memcpy(pos, common_ie, common_ie_len);
274 pos += common_ie_len;
275 len += common_ie_len;
281 static void iwl_mvm_scan_condition_iterator(void *data, u8 *mac,
282 struct ieee80211_vif *vif)
284 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
285 bool *global_bound = data;
287 if (vif->type != NL80211_IFTYPE_P2P_DEVICE && mvmvif->phy_ctxt &&
288 mvmvif->phy_ctxt->id < MAX_PHYS)
289 *global_bound = true;
292 static void iwl_mvm_scan_calc_params(struct iwl_mvm *mvm,
293 struct ieee80211_vif *vif,
294 int n_ssids, u32 flags,
295 struct iwl_mvm_scan_params *params)
297 bool global_bound = false;
298 enum ieee80211_band band;
299 u8 frag_passive_dwell = 0;
301 ieee80211_iterate_active_interfaces_atomic(mvm->hw,
302 IEEE80211_IFACE_ITER_NORMAL,
303 iwl_mvm_scan_condition_iterator,
309 params->suspend_time = 30;
310 params->max_out_time = 170;
312 if (iwl_mvm_low_latency(mvm)) {
313 if (mvm->fw->ucode_capa.api[0] &
314 IWL_UCODE_TLV_API_FRAGMENTED_SCAN) {
315 params->suspend_time = 105;
316 params->max_out_time = 70;
317 frag_passive_dwell = 20;
319 params->suspend_time = 120;
320 params->max_out_time = 120;
324 if (frag_passive_dwell && (mvm->fw->ucode_capa.api[0] &
325 IWL_UCODE_TLV_API_FRAGMENTED_SCAN)) {
327 * P2P device scan should not be fragmented to avoid negative
328 * impact on P2P device discovery. Configure max_out_time to be
329 * equal to dwell time on passive channel. Take a longest
330 * possible value, one that corresponds to 2GHz band
332 if (vif->type == NL80211_IFTYPE_P2P_DEVICE) {
334 iwl_mvm_get_passive_dwell(IEEE80211_BAND_2GHZ);
335 params->max_out_time = passive_dwell;
337 params->passive_fragmented = true;
341 if (flags & NL80211_SCAN_FLAG_LOW_PRIORITY)
342 params->max_out_time = 200;
346 for (band = IEEE80211_BAND_2GHZ; band < IEEE80211_NUM_BANDS; band++) {
347 if (params->passive_fragmented)
348 params->dwell[band].passive = frag_passive_dwell;
350 params->dwell[band].passive =
351 iwl_mvm_get_passive_dwell(band);
352 params->dwell[band].active = iwl_mvm_get_active_dwell(band,
357 static inline bool iwl_mvm_rrm_scan_needed(struct iwl_mvm *mvm)
359 /* require rrm scan whenever the fw supports it */
360 return mvm->fw->ucode_capa.capa[0] &
361 IWL_UCODE_TLV_CAPA_DS_PARAM_SET_IE_SUPPORT;
364 static int iwl_mvm_max_scan_ie_fw_cmd_room(struct iwl_mvm *mvm,
369 if (mvm->fw->ucode_capa.api[0] & IWL_UCODE_TLV_API_LMAC_SCAN)
370 max_probe_len = SCAN_OFFLOAD_PROBE_REQ_SIZE;
372 max_probe_len = mvm->fw->ucode_capa.max_probe_length;
374 /* we create the 802.11 header and SSID element */
375 max_probe_len -= 24 + 2;
377 /* basic ssid is added only for hw_scan with and old api */
378 if (!(mvm->fw->ucode_capa.flags & IWL_UCODE_TLV_FLAGS_NO_BASIC_SSID) &&
379 !(mvm->fw->ucode_capa.api[0] & IWL_UCODE_TLV_API_LMAC_SCAN) &&
383 /* DS parameter set element is added on 2.4GHZ band if required */
384 if (iwl_mvm_rrm_scan_needed(mvm))
387 return max_probe_len;
390 int iwl_mvm_max_scan_ie_len(struct iwl_mvm *mvm, bool is_sched_scan)
392 int max_ie_len = iwl_mvm_max_scan_ie_fw_cmd_room(mvm, is_sched_scan);
394 if (!(mvm->fw->ucode_capa.api[0] & IWL_UCODE_TLV_API_LMAC_SCAN))
397 /* TODO: [BUG] This function should return the maximum allowed size of
398 * scan IEs, however the LMAC scan api contains both 2GHZ and 5GHZ IEs
399 * in the same command. So the correct implementation of this function
400 * is just iwl_mvm_max_scan_ie_fw_cmd_room() / 2. Currently the scan
401 * command has only 512 bytes and it would leave us with about 240
402 * bytes for scan IEs, which is clearly not enough. So meanwhile
403 * we will report an incorrect value. This may result in a failure to
404 * issue a scan in unified_scan_lmac and unified_sched_scan_lmac
405 * functions with -ENOBUFS, if a large enough probe will be provided.
410 int iwl_mvm_scan_request(struct iwl_mvm *mvm,
411 struct ieee80211_vif *vif,
412 struct cfg80211_scan_request *req)
414 struct iwl_host_cmd hcmd = {
415 .id = SCAN_REQUEST_CMD,
417 .data = { mvm->scan_cmd, },
418 .dataflags = { IWL_HCMD_DFL_NOCOPY, },
420 struct iwl_scan_cmd *cmd = mvm->scan_cmd;
425 bool basic_ssid = !(mvm->fw->ucode_capa.flags &
426 IWL_UCODE_TLV_FLAGS_NO_BASIC_SSID);
427 struct iwl_mvm_scan_params params = {};
429 lockdep_assert_held(&mvm->mutex);
431 /* we should have failed registration if scan_cmd was NULL */
432 if (WARN_ON(mvm->scan_cmd == NULL))
435 IWL_DEBUG_SCAN(mvm, "Handling mac80211 scan request\n");
436 mvm->scan_status = IWL_MVM_SCAN_OS;
437 memset(cmd, 0, ksize(cmd));
439 cmd->channel_count = (u8)req->n_channels;
440 cmd->quiet_time = cpu_to_le16(IWL_ACTIVE_QUIET_TIME);
441 cmd->quiet_plcp_th = cpu_to_le16(IWL_PLCP_QUIET_THRESH);
442 cmd->rxchain_sel_flags = iwl_mvm_scan_rx_chain(mvm);
444 iwl_mvm_scan_calc_params(mvm, vif, req->n_ssids, req->flags, ¶ms);
445 cmd->max_out_time = cpu_to_le32(params.max_out_time);
446 cmd->suspend_time = cpu_to_le32(params.suspend_time);
447 if (params.passive_fragmented)
448 cmd->scan_flags |= SCAN_FLAGS_FRAGMENTED_SCAN;
450 cmd->rxon_flags = iwl_mvm_scan_rxon_flags(req->channels[0]->band);
451 cmd->filter_flags = cpu_to_le32(MAC_FILTER_ACCEPT_GRP |
452 MAC_FILTER_IN_BEACON);
454 if (vif->type == NL80211_IFTYPE_P2P_DEVICE)
455 cmd->type = cpu_to_le32(SCAN_TYPE_DISCOVERY_FORCED);
457 cmd->type = cpu_to_le32(SCAN_TYPE_FORCED);
459 cmd->repeats = cpu_to_le32(1);
462 * If the user asked for passive scan, don't change to active scan if
463 * you see any activity on the channel - remain passive.
465 if (req->n_ssids > 0) {
466 cmd->passive2active = cpu_to_le16(1);
467 cmd->scan_flags |= SCAN_FLAGS_PASSIVE2ACTIVE;
469 ssid = req->ssids[0].ssid;
470 ssid_len = req->ssids[0].ssid_len;
473 cmd->passive2active = 0;
474 cmd->scan_flags &= ~SCAN_FLAGS_PASSIVE2ACTIVE;
477 iwl_mvm_scan_fill_ssids(cmd->direct_scan, req->ssids, req->n_ssids,
480 cmd->tx_cmd.tx_flags = cpu_to_le32(TX_CMD_FLG_SEQ_CTL |
481 3 << TX_CMD_FLG_BT_PRIO_POS);
483 cmd->tx_cmd.sta_id = mvm->aux_sta.sta_id;
484 cmd->tx_cmd.life_time = cpu_to_le32(TX_CMD_LIFE_TIME_INFINITE);
485 cmd->tx_cmd.rate_n_flags =
486 iwl_mvm_scan_rate_n_flags(mvm, req->channels[0]->band,
490 cpu_to_le16(iwl_mvm_fill_probe_req(
491 (struct ieee80211_mgmt *)cmd->data,
493 req->n_ssids, ssid, ssid_len,
494 req->ie, req->ie_len, NULL, 0,
495 mvm->fw->ucode_capa.max_probe_length));
497 iwl_mvm_scan_fill_channels(cmd, req, basic_ssid, ¶ms);
499 cmd->len = cpu_to_le16(sizeof(struct iwl_scan_cmd) +
500 le16_to_cpu(cmd->tx_cmd.len) +
501 (cmd->channel_count * sizeof(struct iwl_scan_channel)));
502 hcmd.len[0] = le16_to_cpu(cmd->len);
504 status = SCAN_RESPONSE_OK;
505 ret = iwl_mvm_send_cmd_status(mvm, &hcmd, &status);
506 if (!ret && status == SCAN_RESPONSE_OK) {
507 IWL_DEBUG_SCAN(mvm, "Scan request was sent successfully\n");
510 * If the scan failed, it usually means that the FW was unable
511 * to allocate the time events. Warn on it, but maybe we
512 * should try to send the command again with different params.
514 IWL_ERR(mvm, "Scan failed! status 0x%x ret %d\n",
516 mvm->scan_status = IWL_MVM_SCAN_NONE;
522 int iwl_mvm_rx_scan_response(struct iwl_mvm *mvm, struct iwl_rx_cmd_buffer *rxb,
523 struct iwl_device_cmd *cmd)
525 struct iwl_rx_packet *pkt = rxb_addr(rxb);
526 struct iwl_cmd_response *resp = (void *)pkt->data;
528 IWL_DEBUG_SCAN(mvm, "Scan response received. status 0x%x\n",
529 le32_to_cpu(resp->status));
533 int iwl_mvm_rx_scan_complete(struct iwl_mvm *mvm, struct iwl_rx_cmd_buffer *rxb,
534 struct iwl_device_cmd *cmd)
536 struct iwl_rx_packet *pkt = rxb_addr(rxb);
537 struct iwl_scan_complete_notif *notif = (void *)pkt->data;
539 lockdep_assert_held(&mvm->mutex);
541 IWL_DEBUG_SCAN(mvm, "Scan complete: status=0x%x scanned channels=%d\n",
542 notif->status, notif->scanned_channels);
544 if (mvm->scan_status == IWL_MVM_SCAN_OS)
545 mvm->scan_status = IWL_MVM_SCAN_NONE;
546 ieee80211_scan_completed(mvm->hw, notif->status != SCAN_COMP_STATUS_OK);
548 iwl_mvm_unref(mvm, IWL_MVM_REF_SCAN);
553 int iwl_mvm_rx_scan_offload_results(struct iwl_mvm *mvm,
554 struct iwl_rx_cmd_buffer *rxb,
555 struct iwl_device_cmd *cmd)
557 struct iwl_rx_packet *pkt = rxb_addr(rxb);
559 if (!(mvm->fw->ucode_capa.capa[0] & IWL_UCODE_TLV_CAPA_UMAC_SCAN) &&
560 !(mvm->fw->ucode_capa.api[0] & IWL_UCODE_TLV_API_LMAC_SCAN)) {
561 struct iwl_sched_scan_results *notif = (void *)pkt->data;
563 if (!(notif->client_bitmap & SCAN_CLIENT_SCHED_SCAN))
567 IWL_DEBUG_SCAN(mvm, "Scheduled scan results\n");
568 ieee80211_sched_scan_results(mvm->hw);
573 static bool iwl_mvm_scan_abort_notif(struct iwl_notif_wait_data *notif_wait,
574 struct iwl_rx_packet *pkt, void *data)
576 struct iwl_mvm *mvm =
577 container_of(notif_wait, struct iwl_mvm, notif_wait);
578 struct iwl_scan_complete_notif *notif;
581 switch (pkt->hdr.cmd) {
583 resp = (void *)pkt->data;
584 if (*resp == CAN_ABORT_STATUS) {
586 "Scan can be aborted, wait until completion\n");
591 * If scan cannot be aborted, it means that we had a
592 * SCAN_COMPLETE_NOTIFICATION in the pipe and it called
593 * ieee80211_scan_completed already.
595 IWL_DEBUG_SCAN(mvm, "Scan cannot be aborted, exit now: %d\n",
599 case SCAN_COMPLETE_NOTIFICATION:
600 notif = (void *)pkt->data;
601 IWL_DEBUG_SCAN(mvm, "Scan aborted: status 0x%x\n",
611 static int iwl_mvm_cancel_regular_scan(struct iwl_mvm *mvm)
613 struct iwl_notification_wait wait_scan_abort;
614 static const u8 scan_abort_notif[] = { SCAN_ABORT_CMD,
615 SCAN_COMPLETE_NOTIFICATION };
618 iwl_init_notification_wait(&mvm->notif_wait, &wait_scan_abort,
620 ARRAY_SIZE(scan_abort_notif),
621 iwl_mvm_scan_abort_notif, NULL);
623 ret = iwl_mvm_send_cmd_pdu(mvm, SCAN_ABORT_CMD, 0, 0, NULL);
625 IWL_ERR(mvm, "Couldn't send SCAN_ABORT_CMD: %d\n", ret);
626 /* mac80211's state will be cleaned in the nic_restart flow */
627 goto out_remove_notif;
630 return iwl_wait_notification(&mvm->notif_wait, &wait_scan_abort, HZ);
633 iwl_remove_notification(&mvm->notif_wait, &wait_scan_abort);
637 int iwl_mvm_rx_scan_offload_complete_notif(struct iwl_mvm *mvm,
638 struct iwl_rx_cmd_buffer *rxb,
639 struct iwl_device_cmd *cmd)
641 struct iwl_rx_packet *pkt = rxb_addr(rxb);
642 u8 status, ebs_status;
644 if (mvm->fw->ucode_capa.api[0] & IWL_UCODE_TLV_API_LMAC_SCAN) {
645 struct iwl_periodic_scan_complete *scan_notif;
647 scan_notif = (void *)pkt->data;
648 status = scan_notif->status;
649 ebs_status = scan_notif->ebs_status;
651 struct iwl_scan_offload_complete *scan_notif;
653 scan_notif = (void *)pkt->data;
654 status = scan_notif->status;
655 ebs_status = scan_notif->ebs_status;
657 /* scan status must be locked for proper checking */
658 lockdep_assert_held(&mvm->mutex);
661 "%s completed, status %s, EBS status %s\n",
662 mvm->scan_status == IWL_MVM_SCAN_SCHED ?
663 "Scheduled scan" : "Scan",
664 status == IWL_SCAN_OFFLOAD_COMPLETED ?
665 "completed" : "aborted",
666 ebs_status == IWL_SCAN_EBS_SUCCESS ?
667 "success" : "failed");
670 /* only call mac80211 completion if the stop was initiated by FW */
671 if (mvm->scan_status == IWL_MVM_SCAN_SCHED) {
672 mvm->scan_status = IWL_MVM_SCAN_NONE;
673 ieee80211_sched_scan_stopped(mvm->hw);
674 } else if (mvm->scan_status == IWL_MVM_SCAN_OS) {
675 mvm->scan_status = IWL_MVM_SCAN_NONE;
676 ieee80211_scan_completed(mvm->hw,
677 status == IWL_SCAN_OFFLOAD_ABORTED);
678 iwl_mvm_unref(mvm, IWL_MVM_REF_SCAN);
681 mvm->last_ebs_successful = !ebs_status;
686 static void iwl_scan_offload_build_tx_cmd(struct iwl_mvm *mvm,
687 struct ieee80211_vif *vif,
688 struct ieee80211_scan_ies *ies,
689 enum ieee80211_band band,
690 struct iwl_tx_cmd *cmd,
695 cmd->tx_flags = cpu_to_le32(TX_CMD_FLG_SEQ_CTL);
696 cmd->life_time = cpu_to_le32(TX_CMD_LIFE_TIME_INFINITE);
697 cmd->sta_id = mvm->aux_sta.sta_id;
699 cmd->rate_n_flags = iwl_mvm_scan_rate_n_flags(mvm, band, false);
701 cmd_len = iwl_mvm_fill_probe_req((struct ieee80211_mgmt *)data,
704 ies->ies[band], ies->len[band],
705 ies->common_ies, ies->common_ie_len,
706 SCAN_OFFLOAD_PROBE_REQ_SIZE);
707 cmd->len = cpu_to_le16(cmd_len);
710 static void iwl_build_scan_cmd(struct iwl_mvm *mvm,
711 struct ieee80211_vif *vif,
712 struct cfg80211_sched_scan_request *req,
713 struct iwl_scan_offload_cmd *scan,
714 struct iwl_mvm_scan_params *params)
716 scan->channel_count = req->n_channels;
717 scan->quiet_time = cpu_to_le16(IWL_ACTIVE_QUIET_TIME);
718 scan->quiet_plcp_th = cpu_to_le16(IWL_PLCP_QUIET_THRESH);
719 scan->good_CRC_th = IWL_GOOD_CRC_TH_DEFAULT;
720 scan->rx_chain = iwl_mvm_scan_rx_chain(mvm);
722 scan->max_out_time = cpu_to_le32(params->max_out_time);
723 scan->suspend_time = cpu_to_le32(params->suspend_time);
725 scan->filter_flags |= cpu_to_le32(MAC_FILTER_ACCEPT_GRP |
726 MAC_FILTER_IN_BEACON);
727 scan->scan_type = cpu_to_le32(SCAN_TYPE_BACKGROUND);
728 scan->rep_count = cpu_to_le32(1);
730 if (params->passive_fragmented)
731 scan->scan_flags |= SCAN_FLAGS_FRAGMENTED_SCAN;
734 static int iwl_ssid_exist(u8 *ssid, u8 ssid_len, struct iwl_ssid_ie *ssid_list)
738 for (i = 0; i < PROBE_OPTION_MAX; i++) {
739 if (!ssid_list[i].len)
741 if (ssid_list[i].len == ssid_len &&
742 !memcmp(ssid_list->ssid, ssid, ssid_len))
748 static void iwl_scan_offload_build_ssid(struct cfg80211_sched_scan_request *req,
749 struct iwl_ssid_ie *direct_scan,
750 u32 *ssid_bitmap, bool basic_ssid)
756 * copy SSIDs from match list.
757 * iwl_config_sched_scan_profiles() uses the order of these ssids to
760 for (i = 0; i < req->n_match_sets && i < PROBE_OPTION_MAX; i++) {
761 /* skip empty SSID matchsets */
762 if (!req->match_sets[i].ssid.ssid_len)
764 direct_scan[i].id = WLAN_EID_SSID;
765 direct_scan[i].len = req->match_sets[i].ssid.ssid_len;
766 memcpy(direct_scan[i].ssid, req->match_sets[i].ssid.ssid,
770 /* add SSIDs from scan SSID list */
772 for (j = 0; j < req->n_ssids && i < PROBE_OPTION_MAX; j++) {
773 index = iwl_ssid_exist(req->ssids[j].ssid,
774 req->ssids[j].ssid_len,
777 if (!req->ssids[j].ssid_len && basic_ssid)
779 direct_scan[i].id = WLAN_EID_SSID;
780 direct_scan[i].len = req->ssids[j].ssid_len;
781 memcpy(direct_scan[i].ssid, req->ssids[j].ssid,
783 *ssid_bitmap |= BIT(i + 1);
786 *ssid_bitmap |= BIT(index + 1);
791 static void iwl_build_channel_cfg(struct iwl_mvm *mvm,
792 struct cfg80211_sched_scan_request *req,
794 enum ieee80211_band band,
797 struct iwl_mvm_scan_params *params)
799 u32 n_channels = mvm->fw->ucode_capa.n_scan_channels;
800 __le32 *type = (__le32 *)channels_buffer;
801 __le16 *channel_number = (__le16 *)(type + n_channels);
802 __le16 *iter_count = channel_number + n_channels;
803 __le32 *iter_interval = (__le32 *)(iter_count + n_channels);
804 u8 *active_dwell = (u8 *)(iter_interval + n_channels);
805 u8 *passive_dwell = active_dwell + n_channels;
808 for (i = 0; i < req->n_channels; i++) {
809 struct ieee80211_channel *chan = req->channels[i];
811 if (chan->band != band)
817 channel_number[index] = cpu_to_le16(chan->hw_value);
818 active_dwell[index] = params->dwell[band].active;
819 passive_dwell[index] = params->dwell[band].passive;
821 iter_count[index] = cpu_to_le16(1);
822 iter_interval[index] = 0;
824 if (!(chan->flags & IEEE80211_CHAN_NO_IR))
826 cpu_to_le32(IWL_SCAN_OFFLOAD_CHANNEL_ACTIVE);
828 type[index] |= cpu_to_le32(IWL_SCAN_OFFLOAD_CHANNEL_FULL |
829 IWL_SCAN_OFFLOAD_CHANNEL_PARTIAL);
831 if (chan->flags & IEEE80211_CHAN_NO_HT40)
833 cpu_to_le32(IWL_SCAN_OFFLOAD_CHANNEL_NARROW);
835 /* scan for all SSIDs from req->ssids */
836 type[index] |= cpu_to_le32(ssid_bitmap);
840 int iwl_mvm_config_sched_scan(struct iwl_mvm *mvm,
841 struct ieee80211_vif *vif,
842 struct cfg80211_sched_scan_request *req,
843 struct ieee80211_scan_ies *ies)
845 int band_2ghz = mvm->nvm_data->bands[IEEE80211_BAND_2GHZ].n_channels;
846 int band_5ghz = mvm->nvm_data->bands[IEEE80211_BAND_5GHZ].n_channels;
852 bool basic_ssid = !(mvm->fw->ucode_capa.flags &
853 IWL_UCODE_TLV_FLAGS_NO_BASIC_SSID);
855 struct iwl_scan_offload_cfg *scan_cfg;
856 struct iwl_host_cmd cmd = {
857 .id = SCAN_OFFLOAD_CONFIG_CMD,
859 struct iwl_mvm_scan_params params = {};
861 lockdep_assert_held(&mvm->mutex);
863 cmd_len = sizeof(struct iwl_scan_offload_cfg) +
864 mvm->fw->ucode_capa.n_scan_channels * IWL_SCAN_CHAN_SIZE +
865 2 * SCAN_OFFLOAD_PROBE_REQ_SIZE;
867 scan_cfg = kzalloc(cmd_len, GFP_KERNEL);
871 probes = scan_cfg->data +
872 mvm->fw->ucode_capa.n_scan_channels * IWL_SCAN_CHAN_SIZE;
874 iwl_mvm_scan_calc_params(mvm, vif, req->n_ssids, 0, ¶ms);
875 iwl_build_scan_cmd(mvm, vif, req, &scan_cfg->scan_cmd, ¶ms);
876 scan_cfg->scan_cmd.len = cpu_to_le16(cmd_len);
878 iwl_scan_offload_build_ssid(req, scan_cfg->scan_cmd.direct_scan,
879 &ssid_bitmap, basic_ssid);
880 /* build tx frames for supported bands */
882 iwl_scan_offload_build_tx_cmd(mvm, vif, ies,
884 &scan_cfg->scan_cmd.tx_cmd[0],
886 iwl_build_channel_cfg(mvm, req, scan_cfg->data,
887 IEEE80211_BAND_2GHZ, &head,
888 ssid_bitmap, ¶ms);
891 iwl_scan_offload_build_tx_cmd(mvm, vif, ies,
893 &scan_cfg->scan_cmd.tx_cmd[1],
895 SCAN_OFFLOAD_PROBE_REQ_SIZE);
896 iwl_build_channel_cfg(mvm, req, scan_cfg->data,
897 IEEE80211_BAND_5GHZ, &head,
898 ssid_bitmap, ¶ms);
901 cmd.data[0] = scan_cfg;
902 cmd.len[0] = cmd_len;
903 cmd.dataflags[0] = IWL_HCMD_DFL_NOCOPY;
905 IWL_DEBUG_SCAN(mvm, "Sending scheduled scan config\n");
907 ret = iwl_mvm_send_cmd(mvm, &cmd);
912 int iwl_mvm_config_sched_scan_profiles(struct iwl_mvm *mvm,
913 struct cfg80211_sched_scan_request *req)
915 struct iwl_scan_offload_profile *profile;
916 struct iwl_scan_offload_profile_cfg *profile_cfg;
917 struct iwl_scan_offload_blacklist *blacklist;
918 struct iwl_host_cmd cmd = {
919 .id = SCAN_OFFLOAD_UPDATE_PROFILES_CMD,
920 .len[1] = sizeof(*profile_cfg),
921 .dataflags[0] = IWL_HCMD_DFL_NOCOPY,
922 .dataflags[1] = IWL_HCMD_DFL_NOCOPY,
928 if (WARN_ON(req->n_match_sets > IWL_SCAN_MAX_PROFILES))
931 if (mvm->fw->ucode_capa.flags & IWL_UCODE_TLV_FLAGS_SHORT_BL)
932 blacklist_len = IWL_SCAN_SHORT_BLACKLIST_LEN;
934 blacklist_len = IWL_SCAN_MAX_BLACKLIST_LEN;
936 blacklist = kzalloc(sizeof(*blacklist) * blacklist_len, GFP_KERNEL);
940 profile_cfg = kzalloc(sizeof(*profile_cfg), GFP_KERNEL);
946 cmd.data[0] = blacklist;
947 cmd.len[0] = sizeof(*blacklist) * blacklist_len;
948 cmd.data[1] = profile_cfg;
950 /* No blacklist configuration */
952 profile_cfg->num_profiles = req->n_match_sets;
953 profile_cfg->active_clients = SCAN_CLIENT_SCHED_SCAN;
954 profile_cfg->pass_match = SCAN_CLIENT_SCHED_SCAN;
955 profile_cfg->match_notify = SCAN_CLIENT_SCHED_SCAN;
956 if (!req->n_match_sets || !req->match_sets[0].ssid.ssid_len)
957 profile_cfg->any_beacon_notify = SCAN_CLIENT_SCHED_SCAN;
959 for (i = 0; i < req->n_match_sets; i++) {
960 profile = &profile_cfg->profiles[i];
961 profile->ssid_index = i;
962 /* Support any cipher and auth algorithm */
963 profile->unicast_cipher = 0xff;
964 profile->auth_alg = 0xff;
965 profile->network_type = IWL_NETWORK_TYPE_ANY;
966 profile->band_selection = IWL_SCAN_OFFLOAD_SELECT_ANY;
967 profile->client_bitmap = SCAN_CLIENT_SCHED_SCAN;
970 IWL_DEBUG_SCAN(mvm, "Sending scheduled scan profile config\n");
972 ret = iwl_mvm_send_cmd(mvm, &cmd);
980 static bool iwl_mvm_scan_pass_all(struct iwl_mvm *mvm,
981 struct cfg80211_sched_scan_request *req)
983 if (req->n_match_sets && req->match_sets[0].ssid.ssid_len) {
985 "Sending scheduled scan with filtering, n_match_sets %d\n",
990 IWL_DEBUG_SCAN(mvm, "Sending Scheduled scan without filtering\n");
994 int iwl_mvm_sched_scan_start(struct iwl_mvm *mvm,
995 struct cfg80211_sched_scan_request *req)
997 struct iwl_scan_offload_req scan_req = {
998 .watchdog = IWL_SCHED_SCAN_WATCHDOG,
1000 .schedule_line[0].iterations = IWL_FAST_SCHED_SCAN_ITERATIONS,
1001 .schedule_line[0].delay = cpu_to_le16(req->interval / 1000),
1002 .schedule_line[0].full_scan_mul = 1,
1004 .schedule_line[1].iterations = 0xff,
1005 .schedule_line[1].delay = cpu_to_le16(req->interval / 1000),
1006 .schedule_line[1].full_scan_mul = IWL_FULL_SCAN_MULTIPLIER,
1009 if (iwl_mvm_scan_pass_all(mvm, req))
1010 scan_req.flags |= cpu_to_le16(IWL_SCAN_OFFLOAD_FLAG_PASS_ALL);
1012 if (mvm->last_ebs_successful &&
1013 mvm->fw->ucode_capa.flags & IWL_UCODE_TLV_FLAGS_EBS_SUPPORT)
1015 cpu_to_le16(IWL_SCAN_OFFLOAD_FLAG_EBS_ACCURATE_MODE);
1017 return iwl_mvm_send_cmd_pdu(mvm, SCAN_OFFLOAD_REQUEST_CMD, 0,
1018 sizeof(scan_req), &scan_req);
1021 int iwl_mvm_scan_offload_start(struct iwl_mvm *mvm,
1022 struct ieee80211_vif *vif,
1023 struct cfg80211_sched_scan_request *req,
1024 struct ieee80211_scan_ies *ies)
1028 if (mvm->fw->ucode_capa.capa[0] & IWL_UCODE_TLV_CAPA_UMAC_SCAN) {
1029 ret = iwl_mvm_config_sched_scan_profiles(mvm, req);
1032 ret = iwl_mvm_sched_scan_umac(mvm, vif, req, ies);
1033 } else if ((mvm->fw->ucode_capa.api[0] & IWL_UCODE_TLV_API_LMAC_SCAN)) {
1034 mvm->scan_status = IWL_MVM_SCAN_SCHED;
1035 ret = iwl_mvm_config_sched_scan_profiles(mvm, req);
1038 ret = iwl_mvm_unified_sched_scan_lmac(mvm, vif, req, ies);
1040 mvm->scan_status = IWL_MVM_SCAN_SCHED;
1041 ret = iwl_mvm_config_sched_scan(mvm, vif, req, ies);
1044 ret = iwl_mvm_config_sched_scan_profiles(mvm, req);
1047 ret = iwl_mvm_sched_scan_start(mvm, req);
1053 static int iwl_mvm_send_scan_offload_abort(struct iwl_mvm *mvm)
1056 struct iwl_host_cmd cmd = {
1057 .id = SCAN_OFFLOAD_ABORT_CMD,
1061 /* Exit instantly with error when device is not ready
1062 * to receive scan abort command or it does not perform
1063 * scheduled scan currently */
1064 if (mvm->scan_status != IWL_MVM_SCAN_SCHED &&
1065 (!(mvm->fw->ucode_capa.api[0] & IWL_UCODE_TLV_API_LMAC_SCAN) ||
1066 mvm->scan_status != IWL_MVM_SCAN_OS))
1069 ret = iwl_mvm_send_cmd_status(mvm, &cmd, &status);
1073 if (status != CAN_ABORT_STATUS) {
1075 * The scan abort will return 1 for success or
1076 * 2 for "failure". A failure condition can be
1077 * due to simply not being in an active scan which
1078 * can occur if we send the scan abort before the
1079 * microcode has notified us that a scan is completed.
1081 IWL_DEBUG_SCAN(mvm, "SCAN OFFLOAD ABORT ret %d.\n", status);
1088 int iwl_mvm_scan_offload_stop(struct iwl_mvm *mvm, bool notify)
1091 struct iwl_notification_wait wait_scan_done;
1092 static const u8 scan_done_notif[] = { SCAN_OFFLOAD_COMPLETE, };
1093 bool sched = mvm->scan_status == IWL_MVM_SCAN_SCHED;
1095 lockdep_assert_held(&mvm->mutex);
1097 if (mvm->fw->ucode_capa.capa[0] & IWL_UCODE_TLV_CAPA_UMAC_SCAN)
1098 return iwl_umac_scan_stop(mvm, IWL_UMAC_SCAN_UID_SCHED_SCAN,
1101 if (mvm->scan_status != IWL_MVM_SCAN_SCHED &&
1102 (!(mvm->fw->ucode_capa.api[0] & IWL_UCODE_TLV_API_LMAC_SCAN) ||
1103 mvm->scan_status != IWL_MVM_SCAN_OS)) {
1104 IWL_DEBUG_SCAN(mvm, "No scan to stop\n");
1108 iwl_init_notification_wait(&mvm->notif_wait, &wait_scan_done,
1110 ARRAY_SIZE(scan_done_notif),
1113 ret = iwl_mvm_send_scan_offload_abort(mvm);
1115 IWL_DEBUG_SCAN(mvm, "Send stop %sscan failed %d\n",
1116 sched ? "offloaded " : "", ret);
1117 iwl_remove_notification(&mvm->notif_wait, &wait_scan_done);
1121 IWL_DEBUG_SCAN(mvm, "Successfully sent stop %sscan\n",
1122 sched ? "offloaded " : "");
1124 ret = iwl_wait_notification(&mvm->notif_wait, &wait_scan_done, 1 * HZ);
1129 * Clear the scan status so the next scan requests will succeed. This
1130 * also ensures the Rx handler doesn't do anything, as the scan was
1131 * stopped from above. Since the rx handler won't do anything now,
1132 * we have to release the scan reference here.
1134 if (mvm->scan_status == IWL_MVM_SCAN_OS)
1135 iwl_mvm_unref(mvm, IWL_MVM_REF_SCAN);
1137 mvm->scan_status = IWL_MVM_SCAN_NONE;
1141 ieee80211_sched_scan_stopped(mvm->hw);
1143 ieee80211_scan_completed(mvm->hw, true);
1149 static void iwl_mvm_unified_scan_fill_tx_cmd(struct iwl_mvm *mvm,
1150 struct iwl_scan_req_tx_cmd *tx_cmd,
1153 tx_cmd[0].tx_flags = cpu_to_le32(TX_CMD_FLG_SEQ_CTL |
1155 tx_cmd[0].rate_n_flags = iwl_mvm_scan_rate_n_flags(mvm,
1156 IEEE80211_BAND_2GHZ,
1158 tx_cmd[0].sta_id = mvm->aux_sta.sta_id;
1160 tx_cmd[1].tx_flags = cpu_to_le32(TX_CMD_FLG_SEQ_CTL |
1162 tx_cmd[1].rate_n_flags = iwl_mvm_scan_rate_n_flags(mvm,
1163 IEEE80211_BAND_5GHZ,
1165 tx_cmd[1].sta_id = mvm->aux_sta.sta_id;
1169 iwl_mvm_lmac_scan_cfg_channels(struct iwl_mvm *mvm,
1170 struct ieee80211_channel **channels,
1171 int n_channels, u32 ssid_bitmap,
1172 struct iwl_scan_req_unified_lmac *cmd)
1174 struct iwl_scan_channel_cfg_lmac *channel_cfg = (void *)&cmd->data;
1177 for (i = 0; i < n_channels; i++) {
1178 channel_cfg[i].channel_num =
1179 cpu_to_le16(channels[i]->hw_value);
1180 channel_cfg[i].iter_count = cpu_to_le16(1);
1181 channel_cfg[i].iter_interval = 0;
1182 channel_cfg[i].flags =
1183 cpu_to_le32(IWL_UNIFIED_SCAN_CHANNEL_PARTIAL |
1188 static u8 *iwl_mvm_copy_and_insert_ds_elem(struct iwl_mvm *mvm, const u8 *ies,
1189 size_t len, u8 *const pos)
1191 static const u8 before_ds_params[] = {
1193 WLAN_EID_SUPP_RATES,
1195 WLAN_EID_EXT_SUPP_RATES,
1200 if (!iwl_mvm_rrm_scan_needed(mvm)) {
1201 memcpy(newpos, ies, len);
1202 return newpos + len;
1205 offs = ieee80211_ie_split(ies, len,
1207 ARRAY_SIZE(before_ds_params),
1210 memcpy(newpos, ies, offs);
1213 /* Add a placeholder for DS Parameter Set element */
1214 *newpos++ = WLAN_EID_DS_PARAMS;
1218 memcpy(newpos, ies + offs, len - offs);
1219 newpos += len - offs;
1225 iwl_mvm_build_unified_scan_probe(struct iwl_mvm *mvm, struct ieee80211_vif *vif,
1226 struct ieee80211_scan_ies *ies,
1227 struct iwl_scan_probe_req *preq,
1228 const u8 *mac_addr, const u8 *mac_addr_mask)
1230 struct ieee80211_mgmt *frame = (struct ieee80211_mgmt *)preq->buf;
1234 * Unfortunately, right now the offload scan doesn't support randomising
1235 * within the firmware, so until the firmware API is ready we implement
1236 * it in the driver. This means that the scan iterations won't really be
1237 * random, only when it's restarted, but at least that helps a bit.
1240 get_random_mask_addr(frame->sa, mac_addr, mac_addr_mask);
1242 memcpy(frame->sa, vif->addr, ETH_ALEN);
1244 frame->frame_control = cpu_to_le16(IEEE80211_STYPE_PROBE_REQ);
1245 eth_broadcast_addr(frame->da);
1246 eth_broadcast_addr(frame->bssid);
1247 frame->seq_ctrl = 0;
1249 pos = frame->u.probe_req.variable;
1250 *pos++ = WLAN_EID_SSID;
1253 preq->mac_header.offset = 0;
1254 preq->mac_header.len = cpu_to_le16(24 + 2);
1256 /* Insert ds parameter set element on 2.4 GHz band */
1257 newpos = iwl_mvm_copy_and_insert_ds_elem(mvm,
1258 ies->ies[IEEE80211_BAND_2GHZ],
1259 ies->len[IEEE80211_BAND_2GHZ],
1261 preq->band_data[0].offset = cpu_to_le16(pos - preq->buf);
1262 preq->band_data[0].len = cpu_to_le16(newpos - pos);
1265 memcpy(pos, ies->ies[IEEE80211_BAND_5GHZ],
1266 ies->len[IEEE80211_BAND_5GHZ]);
1267 preq->band_data[1].offset = cpu_to_le16(pos - preq->buf);
1268 preq->band_data[1].len = cpu_to_le16(ies->len[IEEE80211_BAND_5GHZ]);
1269 pos += ies->len[IEEE80211_BAND_5GHZ];
1271 memcpy(pos, ies->common_ies, ies->common_ie_len);
1272 preq->common_data.offset = cpu_to_le16(pos - preq->buf);
1273 preq->common_data.len = cpu_to_le16(ies->common_ie_len);
1277 iwl_mvm_build_generic_unified_scan_cmd(struct iwl_mvm *mvm,
1278 struct iwl_scan_req_unified_lmac *cmd,
1279 struct iwl_mvm_scan_params *params)
1281 memset(cmd, 0, ksize(cmd));
1282 cmd->active_dwell = params->dwell[IEEE80211_BAND_2GHZ].active;
1283 cmd->passive_dwell = params->dwell[IEEE80211_BAND_2GHZ].passive;
1284 if (params->passive_fragmented)
1285 cmd->fragmented_dwell =
1286 params->dwell[IEEE80211_BAND_2GHZ].passive;
1287 cmd->rx_chain_select = iwl_mvm_scan_rx_chain(mvm);
1288 cmd->max_out_time = cpu_to_le32(params->max_out_time);
1289 cmd->suspend_time = cpu_to_le32(params->suspend_time);
1290 cmd->scan_prio = cpu_to_le32(IWL_SCAN_PRIORITY_HIGH);
1291 cmd->iter_num = cpu_to_le32(1);
1293 if (mvm->fw->ucode_capa.flags & IWL_UCODE_TLV_FLAGS_EBS_SUPPORT &&
1294 mvm->last_ebs_successful) {
1295 cmd->channel_opt[0].flags =
1296 cpu_to_le16(IWL_SCAN_CHANNEL_FLAG_EBS |
1297 IWL_SCAN_CHANNEL_FLAG_EBS_ACCURATE |
1298 IWL_SCAN_CHANNEL_FLAG_CACHE_ADD);
1299 cmd->channel_opt[1].flags =
1300 cpu_to_le16(IWL_SCAN_CHANNEL_FLAG_EBS |
1301 IWL_SCAN_CHANNEL_FLAG_EBS_ACCURATE |
1302 IWL_SCAN_CHANNEL_FLAG_CACHE_ADD);
1305 if (iwl_mvm_rrm_scan_needed(mvm))
1307 cpu_to_le32(IWL_MVM_LMAC_SCAN_FLAGS_RRM_ENABLED);
1310 int iwl_mvm_unified_scan_lmac(struct iwl_mvm *mvm,
1311 struct ieee80211_vif *vif,
1312 struct ieee80211_scan_request *req)
1314 struct iwl_host_cmd hcmd = {
1315 .id = SCAN_OFFLOAD_REQUEST_CMD,
1316 .len = { sizeof(struct iwl_scan_req_unified_lmac) +
1317 sizeof(struct iwl_scan_channel_cfg_lmac) *
1318 mvm->fw->ucode_capa.n_scan_channels +
1319 sizeof(struct iwl_scan_probe_req), },
1320 .data = { mvm->scan_cmd, },
1321 .dataflags = { IWL_HCMD_DFL_NOCOPY, },
1323 struct iwl_scan_req_unified_lmac *cmd = mvm->scan_cmd;
1324 struct iwl_scan_probe_req *preq;
1325 struct iwl_mvm_scan_params params = {};
1327 u32 ssid_bitmap = 0;
1330 lockdep_assert_held(&mvm->mutex);
1332 /* we should have failed registration if scan_cmd was NULL */
1333 if (WARN_ON(mvm->scan_cmd == NULL))
1336 if (req->req.n_ssids > PROBE_OPTION_MAX ||
1337 req->ies.common_ie_len + req->ies.len[NL80211_BAND_2GHZ] +
1338 req->ies.len[NL80211_BAND_5GHZ] >
1339 iwl_mvm_max_scan_ie_fw_cmd_room(mvm, false) ||
1340 req->req.n_channels > mvm->fw->ucode_capa.n_scan_channels)
1343 mvm->scan_status = IWL_MVM_SCAN_OS;
1345 iwl_mvm_scan_calc_params(mvm, vif, req->req.n_ssids, req->req.flags,
1348 iwl_mvm_build_generic_unified_scan_cmd(mvm, cmd, ¶ms);
1350 cmd->n_channels = (u8)req->req.n_channels;
1352 flags = IWL_MVM_LMAC_SCAN_FLAG_PASS_ALL;
1354 if (req->req.n_ssids == 1 && req->req.ssids[0].ssid_len != 0)
1355 flags |= IWL_MVM_LMAC_SCAN_FLAG_PRE_CONNECTION;
1357 if (params.passive_fragmented)
1358 flags |= IWL_MVM_LMAC_SCAN_FLAG_FRAGMENTED;
1360 if (req->req.n_ssids == 0)
1361 flags |= IWL_MVM_LMAC_SCAN_FLAG_PASSIVE;
1363 cmd->scan_flags |= cpu_to_le32(flags);
1365 cmd->flags = iwl_mvm_scan_rxon_flags(req->req.channels[0]->band);
1366 cmd->filter_flags = cpu_to_le32(MAC_FILTER_ACCEPT_GRP |
1367 MAC_FILTER_IN_BEACON);
1368 iwl_mvm_unified_scan_fill_tx_cmd(mvm, cmd->tx_cmd, req->req.no_cck);
1369 iwl_mvm_scan_fill_ssids(cmd->direct_scan, req->req.ssids,
1370 req->req.n_ssids, 0);
1372 cmd->schedule[0].delay = 0;
1373 cmd->schedule[0].iterations = 1;
1374 cmd->schedule[0].full_scan_mul = 0;
1375 cmd->schedule[1].delay = 0;
1376 cmd->schedule[1].iterations = 0;
1377 cmd->schedule[1].full_scan_mul = 0;
1379 for (i = 1; i <= req->req.n_ssids; i++)
1380 ssid_bitmap |= BIT(i);
1382 iwl_mvm_lmac_scan_cfg_channels(mvm, req->req.channels,
1383 req->req.n_channels, ssid_bitmap,
1386 preq = (void *)(cmd->data + sizeof(struct iwl_scan_channel_cfg_lmac) *
1387 mvm->fw->ucode_capa.n_scan_channels);
1389 iwl_mvm_build_unified_scan_probe(mvm, vif, &req->ies, preq,
1390 req->req.flags & NL80211_SCAN_FLAG_RANDOM_ADDR ?
1391 req->req.mac_addr : NULL,
1392 req->req.mac_addr_mask);
1394 ret = iwl_mvm_send_cmd(mvm, &hcmd);
1396 IWL_DEBUG_SCAN(mvm, "Scan request was sent successfully\n");
1399 * If the scan failed, it usually means that the FW was unable
1400 * to allocate the time events. Warn on it, but maybe we
1401 * should try to send the command again with different params.
1403 IWL_ERR(mvm, "Scan failed! ret %d\n", ret);
1404 mvm->scan_status = IWL_MVM_SCAN_NONE;
1410 int iwl_mvm_unified_sched_scan_lmac(struct iwl_mvm *mvm,
1411 struct ieee80211_vif *vif,
1412 struct cfg80211_sched_scan_request *req,
1413 struct ieee80211_scan_ies *ies)
1415 struct iwl_host_cmd hcmd = {
1416 .id = SCAN_OFFLOAD_REQUEST_CMD,
1417 .len = { sizeof(struct iwl_scan_req_unified_lmac) +
1418 sizeof(struct iwl_scan_channel_cfg_lmac) *
1419 mvm->fw->ucode_capa.n_scan_channels +
1420 sizeof(struct iwl_scan_probe_req), },
1421 .data = { mvm->scan_cmd, },
1422 .dataflags = { IWL_HCMD_DFL_NOCOPY, },
1424 struct iwl_scan_req_unified_lmac *cmd = mvm->scan_cmd;
1425 struct iwl_scan_probe_req *preq;
1426 struct iwl_mvm_scan_params params = {};
1428 u32 flags = 0, ssid_bitmap = 0;
1430 lockdep_assert_held(&mvm->mutex);
1432 /* we should have failed registration if scan_cmd was NULL */
1433 if (WARN_ON(mvm->scan_cmd == NULL))
1436 if (req->n_ssids > PROBE_OPTION_MAX ||
1437 ies->common_ie_len + ies->len[NL80211_BAND_2GHZ] +
1438 ies->len[NL80211_BAND_5GHZ] >
1439 iwl_mvm_max_scan_ie_fw_cmd_room(mvm, true) ||
1440 req->n_channels > mvm->fw->ucode_capa.n_scan_channels)
1443 iwl_mvm_scan_calc_params(mvm, vif, req->n_ssids, 0, ¶ms);
1445 iwl_mvm_build_generic_unified_scan_cmd(mvm, cmd, ¶ms);
1447 cmd->n_channels = (u8)req->n_channels;
1449 if (iwl_mvm_scan_pass_all(mvm, req))
1450 flags |= IWL_MVM_LMAC_SCAN_FLAG_PASS_ALL;
1452 if (req->n_ssids == 1 && req->ssids[0].ssid_len != 0)
1453 flags |= IWL_MVM_LMAC_SCAN_FLAG_PRE_CONNECTION;
1455 if (params.passive_fragmented)
1456 flags |= IWL_MVM_LMAC_SCAN_FLAG_FRAGMENTED;
1458 if (req->n_ssids == 0)
1459 flags |= IWL_MVM_LMAC_SCAN_FLAG_PASSIVE;
1461 cmd->scan_flags |= cpu_to_le32(flags);
1463 cmd->flags = iwl_mvm_scan_rxon_flags(req->channels[0]->band);
1464 cmd->filter_flags = cpu_to_le32(MAC_FILTER_ACCEPT_GRP |
1465 MAC_FILTER_IN_BEACON);
1466 iwl_mvm_unified_scan_fill_tx_cmd(mvm, cmd->tx_cmd, false);
1467 iwl_scan_offload_build_ssid(req, cmd->direct_scan, &ssid_bitmap, false);
1469 cmd->schedule[0].delay = cpu_to_le16(req->interval / MSEC_PER_SEC);
1470 cmd->schedule[0].iterations = IWL_FAST_SCHED_SCAN_ITERATIONS;
1471 cmd->schedule[0].full_scan_mul = 1;
1473 cmd->schedule[1].delay = cpu_to_le16(req->interval / MSEC_PER_SEC);
1474 cmd->schedule[1].iterations = 0xff;
1475 cmd->schedule[1].full_scan_mul = IWL_FULL_SCAN_MULTIPLIER;
1477 iwl_mvm_lmac_scan_cfg_channels(mvm, req->channels, req->n_channels,
1480 preq = (void *)(cmd->data + sizeof(struct iwl_scan_channel_cfg_lmac) *
1481 mvm->fw->ucode_capa.n_scan_channels);
1483 iwl_mvm_build_unified_scan_probe(mvm, vif, ies, preq,
1484 req->flags & NL80211_SCAN_FLAG_RANDOM_ADDR ?
1485 req->mac_addr : NULL,
1486 req->mac_addr_mask);
1488 ret = iwl_mvm_send_cmd(mvm, &hcmd);
1491 "Sched scan request was sent successfully\n");
1494 * If the scan failed, it usually means that the FW was unable
1495 * to allocate the time events. Warn on it, but maybe we
1496 * should try to send the command again with different params.
1498 IWL_ERR(mvm, "Sched scan failed! ret %d\n", ret);
1499 mvm->scan_status = IWL_MVM_SCAN_NONE;
1506 int iwl_mvm_cancel_scan(struct iwl_mvm *mvm)
1508 if (mvm->fw->ucode_capa.capa[0] & IWL_UCODE_TLV_CAPA_UMAC_SCAN)
1509 return iwl_umac_scan_stop(mvm, IWL_UMAC_SCAN_UID_REG_SCAN,
1512 if (mvm->scan_status == IWL_MVM_SCAN_NONE)
1515 if (iwl_mvm_is_radio_killed(mvm)) {
1516 ieee80211_scan_completed(mvm->hw, true);
1517 iwl_mvm_unref(mvm, IWL_MVM_REF_SCAN);
1518 mvm->scan_status = IWL_MVM_SCAN_NONE;
1522 if (mvm->fw->ucode_capa.api[0] & IWL_UCODE_TLV_API_LMAC_SCAN)
1523 return iwl_mvm_scan_offload_stop(mvm, true);
1524 return iwl_mvm_cancel_regular_scan(mvm);
1529 struct iwl_umac_scan_done {
1530 struct iwl_mvm *mvm;
1531 enum iwl_umac_scan_uid_type type;
1534 static int rate_to_scan_rate_flag(unsigned int rate)
1536 static const int rate_to_scan_rate[IWL_RATE_COUNT] = {
1537 [IWL_RATE_1M_INDEX] = SCAN_CONFIG_RATE_1M,
1538 [IWL_RATE_2M_INDEX] = SCAN_CONFIG_RATE_2M,
1539 [IWL_RATE_5M_INDEX] = SCAN_CONFIG_RATE_5M,
1540 [IWL_RATE_11M_INDEX] = SCAN_CONFIG_RATE_11M,
1541 [IWL_RATE_6M_INDEX] = SCAN_CONFIG_RATE_6M,
1542 [IWL_RATE_9M_INDEX] = SCAN_CONFIG_RATE_9M,
1543 [IWL_RATE_12M_INDEX] = SCAN_CONFIG_RATE_12M,
1544 [IWL_RATE_18M_INDEX] = SCAN_CONFIG_RATE_18M,
1545 [IWL_RATE_24M_INDEX] = SCAN_CONFIG_RATE_24M,
1546 [IWL_RATE_36M_INDEX] = SCAN_CONFIG_RATE_36M,
1547 [IWL_RATE_48M_INDEX] = SCAN_CONFIG_RATE_48M,
1548 [IWL_RATE_54M_INDEX] = SCAN_CONFIG_RATE_54M,
1551 return rate_to_scan_rate[rate];
1554 static __le32 iwl_mvm_scan_config_rates(struct iwl_mvm *mvm)
1556 struct ieee80211_supported_band *band;
1557 unsigned int rates = 0;
1560 band = &mvm->nvm_data->bands[IEEE80211_BAND_2GHZ];
1561 for (i = 0; i < band->n_bitrates; i++)
1562 rates |= rate_to_scan_rate_flag(band->bitrates[i].hw_value);
1563 band = &mvm->nvm_data->bands[IEEE80211_BAND_5GHZ];
1564 for (i = 0; i < band->n_bitrates; i++)
1565 rates |= rate_to_scan_rate_flag(band->bitrates[i].hw_value);
1567 /* Set both basic rates and supported rates */
1568 rates |= SCAN_CONFIG_SUPPORTED_RATE(rates);
1570 return cpu_to_le32(rates);
1573 int iwl_mvm_config_scan(struct iwl_mvm *mvm)
1576 struct iwl_scan_config *scan_config;
1577 struct ieee80211_supported_band *band;
1579 mvm->nvm_data->bands[IEEE80211_BAND_2GHZ].n_channels +
1580 mvm->nvm_data->bands[IEEE80211_BAND_5GHZ].n_channels;
1581 int ret, i, j = 0, cmd_size, data_size;
1582 struct iwl_host_cmd cmd = {
1586 if (WARN_ON(num_channels > mvm->fw->ucode_capa.n_scan_channels))
1589 cmd_size = sizeof(*scan_config) + mvm->fw->ucode_capa.n_scan_channels;
1591 scan_config = kzalloc(cmd_size, GFP_KERNEL);
1595 data_size = cmd_size - sizeof(struct iwl_mvm_umac_cmd_hdr);
1596 scan_config->hdr.size = cpu_to_le16(data_size);
1597 scan_config->flags = cpu_to_le32(SCAN_CONFIG_FLAG_ACTIVATE |
1598 SCAN_CONFIG_FLAG_ALLOW_CHUB_REQS |
1599 SCAN_CONFIG_FLAG_SET_TX_CHAINS |
1600 SCAN_CONFIG_FLAG_SET_RX_CHAINS |
1601 SCAN_CONFIG_FLAG_SET_ALL_TIMES |
1602 SCAN_CONFIG_FLAG_SET_LEGACY_RATES |
1603 SCAN_CONFIG_FLAG_SET_MAC_ADDR |
1604 SCAN_CONFIG_FLAG_SET_CHANNEL_FLAGS|
1605 SCAN_CONFIG_N_CHANNELS(num_channels));
1606 scan_config->tx_chains = cpu_to_le32(mvm->fw->valid_tx_ant);
1607 scan_config->rx_chains = cpu_to_le32(iwl_mvm_scan_rx_ant(mvm));
1608 scan_config->legacy_rates = iwl_mvm_scan_config_rates(mvm);
1609 scan_config->out_of_channel_time = cpu_to_le32(170);
1610 scan_config->suspend_time = cpu_to_le32(30);
1611 scan_config->dwell_active = 20;
1612 scan_config->dwell_passive = 110;
1613 scan_config->dwell_fragmented = 20;
1615 memcpy(&scan_config->mac_addr, &mvm->addresses[0].addr, ETH_ALEN);
1617 scan_config->bcast_sta_id = mvm->aux_sta.sta_id;
1618 scan_config->channel_flags = IWL_CHANNEL_FLAG_EBS |
1619 IWL_CHANNEL_FLAG_ACCURATE_EBS |
1620 IWL_CHANNEL_FLAG_EBS_ADD |
1621 IWL_CHANNEL_FLAG_PRE_SCAN_PASSIVE2ACTIVE;
1623 band = &mvm->nvm_data->bands[IEEE80211_BAND_2GHZ];
1624 for (i = 0; i < band->n_channels; i++, j++)
1625 scan_config->channel_array[j] = band->channels[i].center_freq;
1626 band = &mvm->nvm_data->bands[IEEE80211_BAND_5GHZ];
1627 for (i = 0; i < band->n_channels; i++, j++)
1628 scan_config->channel_array[j] = band->channels[i].center_freq;
1630 cmd.data[0] = scan_config;
1631 cmd.len[0] = cmd_size;
1632 cmd.dataflags[0] = IWL_HCMD_DFL_NOCOPY;
1634 IWL_DEBUG_SCAN(mvm, "Sending UMAC scan config\n");
1636 ret = iwl_mvm_send_cmd(mvm, &cmd);
1642 static int iwl_mvm_find_scan_uid(struct iwl_mvm *mvm, u32 uid)
1646 for (i = 0; i < IWL_MVM_MAX_SIMULTANEOUS_SCANS; i++)
1647 if (mvm->scan_uid[i] == uid)
1653 static int iwl_mvm_find_free_scan_uid(struct iwl_mvm *mvm)
1655 return iwl_mvm_find_scan_uid(mvm, 0);
1658 static bool iwl_mvm_find_scan_type(struct iwl_mvm *mvm,
1659 enum iwl_umac_scan_uid_type type)
1663 for (i = 0; i < IWL_MVM_MAX_SIMULTANEOUS_SCANS; i++)
1664 if (mvm->scan_uid[i] & type)
1670 static u32 iwl_generate_scan_uid(struct iwl_mvm *mvm,
1671 enum iwl_umac_scan_uid_type type)
1675 /* make sure exactly one bit is on in scan type */
1676 WARN_ON(hweight8(type) != 1);
1679 * Make sure scan uids are unique. If one scan lasts long time while
1680 * others are completing frequently, the seq number will wrap up and
1681 * we may have more than one scan with the same uid.
1684 uid = type | (mvm->scan_seq_num <<
1685 IWL_UMAC_SCAN_UID_SEQ_OFFSET);
1686 mvm->scan_seq_num++;
1687 } while (iwl_mvm_find_scan_uid(mvm, uid) <
1688 IWL_MVM_MAX_SIMULTANEOUS_SCANS);
1690 IWL_DEBUG_SCAN(mvm, "Generated scan UID %u\n", uid);
1696 iwl_mvm_build_generic_umac_scan_cmd(struct iwl_mvm *mvm,
1697 struct iwl_scan_req_umac *cmd,
1698 struct iwl_mvm_scan_params *params)
1700 memset(cmd, 0, ksize(cmd));
1701 cmd->hdr.size = cpu_to_le16(iwl_mvm_scan_size(mvm) -
1702 sizeof(struct iwl_mvm_umac_cmd_hdr));
1703 cmd->active_dwell = params->dwell[IEEE80211_BAND_2GHZ].active;
1704 cmd->passive_dwell = params->dwell[IEEE80211_BAND_2GHZ].passive;
1705 if (params->passive_fragmented)
1706 cmd->fragmented_dwell =
1707 params->dwell[IEEE80211_BAND_2GHZ].passive;
1708 cmd->max_out_time = cpu_to_le32(params->max_out_time);
1709 cmd->suspend_time = cpu_to_le32(params->suspend_time);
1710 cmd->scan_priority = cpu_to_le32(IWL_SCAN_PRIORITY_HIGH);
1714 iwl_mvm_umac_scan_cfg_channels(struct iwl_mvm *mvm,
1715 struct ieee80211_channel **channels,
1716 int n_channels, u32 ssid_bitmap,
1717 struct iwl_scan_req_umac *cmd)
1719 struct iwl_scan_channel_cfg_umac *channel_cfg = (void *)&cmd->data;
1722 for (i = 0; i < n_channels; i++) {
1723 channel_cfg[i].flags = cpu_to_le32(ssid_bitmap);
1724 channel_cfg[i].channel_num = channels[i]->hw_value;
1725 channel_cfg[i].iter_count = 1;
1726 channel_cfg[i].iter_interval = 0;
1730 static u32 iwl_mvm_scan_umac_common_flags(struct iwl_mvm *mvm, int n_ssids,
1731 struct cfg80211_ssid *ssids,
1737 flags = IWL_UMAC_SCAN_GEN_FLAGS_PASSIVE;
1739 if (n_ssids == 1 && ssids[0].ssid_len != 0)
1740 flags |= IWL_UMAC_SCAN_GEN_FLAGS_PRE_CONNECT;
1743 flags |= IWL_UMAC_SCAN_GEN_FLAGS_FRAGMENTED;
1745 if (iwl_mvm_rrm_scan_needed(mvm))
1746 flags |= IWL_UMAC_SCAN_GEN_FLAGS_RRM_ENABLED;
1751 int iwl_mvm_scan_umac(struct iwl_mvm *mvm, struct ieee80211_vif *vif,
1752 struct ieee80211_scan_request *req)
1754 struct iwl_host_cmd hcmd = {
1755 .id = SCAN_REQ_UMAC,
1756 .len = { iwl_mvm_scan_size(mvm), },
1757 .data = { mvm->scan_cmd, },
1758 .dataflags = { IWL_HCMD_DFL_NOCOPY, },
1760 struct iwl_scan_req_umac *cmd = mvm->scan_cmd;
1761 struct iwl_scan_req_umac_tail *sec_part = (void *)&cmd->data +
1762 sizeof(struct iwl_scan_channel_cfg_umac) *
1763 mvm->fw->ucode_capa.n_scan_channels;
1764 struct iwl_mvm_scan_params params = {};
1766 u32 ssid_bitmap = 0;
1767 int ret, i, uid_idx;
1769 lockdep_assert_held(&mvm->mutex);
1771 uid_idx = iwl_mvm_find_free_scan_uid(mvm);
1772 if (uid_idx >= IWL_MVM_MAX_SIMULTANEOUS_SCANS)
1775 /* we should have failed registration if scan_cmd was NULL */
1776 if (WARN_ON(mvm->scan_cmd == NULL))
1779 if (WARN_ON(req->req.n_ssids > PROBE_OPTION_MAX ||
1780 req->ies.common_ie_len +
1781 req->ies.len[NL80211_BAND_2GHZ] +
1782 req->ies.len[NL80211_BAND_5GHZ] + 24 + 2 >
1783 SCAN_OFFLOAD_PROBE_REQ_SIZE || req->req.n_channels >
1784 mvm->fw->ucode_capa.n_scan_channels))
1787 iwl_mvm_scan_calc_params(mvm, vif, req->req.n_ssids, req->req.flags,
1790 iwl_mvm_build_generic_umac_scan_cmd(mvm, cmd, ¶ms);
1792 uid = iwl_generate_scan_uid(mvm, IWL_UMAC_SCAN_UID_REG_SCAN);
1793 mvm->scan_uid[uid_idx] = uid;
1794 cmd->uid = cpu_to_le32(uid);
1796 cmd->ooc_priority = cpu_to_le32(IWL_SCAN_PRIORITY_HIGH);
1798 flags = iwl_mvm_scan_umac_common_flags(mvm, req->req.n_ssids,
1800 params.passive_fragmented);
1802 flags |= IWL_UMAC_SCAN_GEN_FLAGS_PASS_ALL;
1804 cmd->general_flags = cpu_to_le32(flags);
1805 cmd->n_channels = req->req.n_channels;
1807 for (i = 0; i < req->req.n_ssids; i++)
1808 ssid_bitmap |= BIT(i);
1810 iwl_mvm_umac_scan_cfg_channels(mvm, req->req.channels,
1811 req->req.n_channels, ssid_bitmap, cmd);
1813 sec_part->schedule[0].iter_count = 1;
1814 sec_part->delay = 0;
1816 iwl_mvm_build_unified_scan_probe(mvm, vif, &req->ies, &sec_part->preq,
1817 req->req.flags & NL80211_SCAN_FLAG_RANDOM_ADDR ?
1818 req->req.mac_addr : NULL,
1819 req->req.mac_addr_mask);
1821 iwl_mvm_scan_fill_ssids(sec_part->direct_scan, req->req.ssids,
1822 req->req.n_ssids, 0);
1824 ret = iwl_mvm_send_cmd(mvm, &hcmd);
1827 "Scan request was sent successfully\n");
1830 * If the scan failed, it usually means that the FW was unable
1831 * to allocate the time events. Warn on it, but maybe we
1832 * should try to send the command again with different params.
1834 IWL_ERR(mvm, "Scan failed! ret %d\n", ret);
1839 int iwl_mvm_sched_scan_umac(struct iwl_mvm *mvm, struct ieee80211_vif *vif,
1840 struct cfg80211_sched_scan_request *req,
1841 struct ieee80211_scan_ies *ies)
1844 struct iwl_host_cmd hcmd = {
1845 .id = SCAN_REQ_UMAC,
1846 .len = { iwl_mvm_scan_size(mvm), },
1847 .data = { mvm->scan_cmd, },
1848 .dataflags = { IWL_HCMD_DFL_NOCOPY, },
1850 struct iwl_scan_req_umac *cmd = mvm->scan_cmd;
1851 struct iwl_scan_req_umac_tail *sec_part = (void *)&cmd->data +
1852 sizeof(struct iwl_scan_channel_cfg_umac) *
1853 mvm->fw->ucode_capa.n_scan_channels;
1854 struct iwl_mvm_scan_params params = {};
1856 u32 ssid_bitmap = 0;
1859 lockdep_assert_held(&mvm->mutex);
1861 uid_idx = iwl_mvm_find_free_scan_uid(mvm);
1862 if (uid_idx >= IWL_MVM_MAX_SIMULTANEOUS_SCANS)
1865 /* we should have failed registration if scan_cmd was NULL */
1866 if (WARN_ON(mvm->scan_cmd == NULL))
1869 if (WARN_ON(req->n_ssids > PROBE_OPTION_MAX ||
1870 ies->common_ie_len + ies->len[NL80211_BAND_2GHZ] +
1871 ies->len[NL80211_BAND_5GHZ] + 24 + 2 >
1872 SCAN_OFFLOAD_PROBE_REQ_SIZE || req->n_channels >
1873 mvm->fw->ucode_capa.n_scan_channels))
1876 iwl_mvm_scan_calc_params(mvm, vif, req->n_ssids, req->flags,
1879 iwl_mvm_build_generic_umac_scan_cmd(mvm, cmd, ¶ms);
1881 cmd->flags = cpu_to_le32(IWL_UMAC_SCAN_FLAG_PREEMPTIVE);
1883 uid = iwl_generate_scan_uid(mvm, IWL_UMAC_SCAN_UID_SCHED_SCAN);
1884 mvm->scan_uid[uid_idx] = uid;
1885 cmd->uid = cpu_to_le32(uid);
1887 cmd->ooc_priority = cpu_to_le32(IWL_SCAN_PRIORITY_LOW);
1889 flags = iwl_mvm_scan_umac_common_flags(mvm, req->n_ssids, req->ssids,
1890 params.passive_fragmented);
1892 flags |= IWL_UMAC_SCAN_GEN_FLAGS_PERIODIC;
1894 if (iwl_mvm_scan_pass_all(mvm, req))
1895 flags |= IWL_UMAC_SCAN_GEN_FLAGS_PASS_ALL;
1897 flags |= IWL_UMAC_SCAN_GEN_FLAGS_MATCH;
1899 cmd->general_flags = cpu_to_le32(flags);
1901 if (mvm->fw->ucode_capa.flags & IWL_UCODE_TLV_FLAGS_EBS_SUPPORT &&
1902 mvm->last_ebs_successful)
1903 cmd->channel_flags = IWL_SCAN_CHANNEL_FLAG_EBS |
1904 IWL_SCAN_CHANNEL_FLAG_EBS_ACCURATE |
1905 IWL_SCAN_CHANNEL_FLAG_CACHE_ADD;
1907 cmd->n_channels = req->n_channels;
1909 iwl_scan_offload_build_ssid(req, sec_part->direct_scan, &ssid_bitmap,
1912 /* This API uses bits 0-19 instead of 1-20. */
1913 ssid_bitmap = ssid_bitmap >> 1;
1915 iwl_mvm_umac_scan_cfg_channels(mvm, req->channels, req->n_channels,
1918 sec_part->schedule[0].interval =
1919 cpu_to_le16(req->interval / MSEC_PER_SEC);
1920 sec_part->schedule[0].iter_count = 0xff;
1922 sec_part->delay = 0;
1924 iwl_mvm_build_unified_scan_probe(mvm, vif, ies, &sec_part->preq,
1925 req->flags & NL80211_SCAN_FLAG_RANDOM_ADDR ?
1926 req->mac_addr : NULL,
1927 req->mac_addr_mask);
1929 ret = iwl_mvm_send_cmd(mvm, &hcmd);
1932 "Sched scan request was sent successfully\n");
1935 * If the scan failed, it usually means that the FW was unable
1936 * to allocate the time events. Warn on it, but maybe we
1937 * should try to send the command again with different params.
1939 IWL_ERR(mvm, "Sched scan failed! ret %d\n", ret);
1944 int iwl_mvm_rx_umac_scan_complete_notif(struct iwl_mvm *mvm,
1945 struct iwl_rx_cmd_buffer *rxb,
1946 struct iwl_device_cmd *cmd)
1948 struct iwl_rx_packet *pkt = rxb_addr(rxb);
1949 struct iwl_umac_scan_complete *notif = (void *)pkt->data;
1950 u32 uid = __le32_to_cpu(notif->uid);
1951 bool sched = !!(uid & IWL_UMAC_SCAN_UID_SCHED_SCAN);
1952 int uid_idx = iwl_mvm_find_scan_uid(mvm, uid);
1955 * Scan uid may be set to zero in case of scan abort request from above.
1957 if (uid_idx >= IWL_MVM_MAX_SIMULTANEOUS_SCANS)
1961 "Scan completed, uid %u type %s, status %s, EBS status %s\n",
1962 uid, sched ? "sched" : "regular",
1963 notif->status == IWL_SCAN_OFFLOAD_COMPLETED ?
1964 "completed" : "aborted",
1965 notif->ebs_status == IWL_SCAN_EBS_SUCCESS ?
1966 "success" : "failed");
1968 mvm->last_ebs_successful = !notif->ebs_status;
1969 mvm->scan_uid[uid_idx] = 0;
1972 ieee80211_scan_completed(mvm->hw,
1974 IWL_SCAN_OFFLOAD_ABORTED);
1975 iwl_mvm_unref(mvm, IWL_MVM_REF_SCAN);
1976 } else if (!iwl_mvm_find_scan_type(mvm, IWL_UMAC_SCAN_UID_SCHED_SCAN)) {
1977 ieee80211_sched_scan_stopped(mvm->hw);
1979 IWL_DEBUG_SCAN(mvm, "Another sched scan is running\n");
1985 static bool iwl_scan_umac_done_check(struct iwl_notif_wait_data *notif_wait,
1986 struct iwl_rx_packet *pkt, void *data)
1988 struct iwl_umac_scan_done *scan_done = data;
1989 struct iwl_umac_scan_complete *notif = (void *)pkt->data;
1990 u32 uid = __le32_to_cpu(notif->uid);
1991 int uid_idx = iwl_mvm_find_scan_uid(scan_done->mvm, uid);
1993 if (WARN_ON(pkt->hdr.cmd != SCAN_COMPLETE_UMAC))
1996 if (uid_idx >= IWL_MVM_MAX_SIMULTANEOUS_SCANS)
2000 * Clear scan uid of scans that was aborted from above and completed
2001 * in FW so the RX handler does nothing.
2003 scan_done->mvm->scan_uid[uid_idx] = 0;
2005 return !iwl_mvm_find_scan_type(scan_done->mvm, scan_done->type);
2008 static int iwl_umac_scan_abort_one(struct iwl_mvm *mvm, u32 uid)
2010 struct iwl_umac_scan_abort cmd = {
2011 .hdr.size = cpu_to_le16(sizeof(struct iwl_umac_scan_abort) -
2012 sizeof(struct iwl_mvm_umac_cmd_hdr)),
2013 .uid = cpu_to_le32(uid),
2016 lockdep_assert_held(&mvm->mutex);
2018 IWL_DEBUG_SCAN(mvm, "Sending scan abort, uid %u\n", uid);
2020 return iwl_mvm_send_cmd_pdu(mvm, SCAN_ABORT_UMAC, 0, sizeof(cmd), &cmd);
2023 static int iwl_umac_scan_stop(struct iwl_mvm *mvm,
2024 enum iwl_umac_scan_uid_type type, bool notify)
2026 struct iwl_notification_wait wait_scan_done;
2027 static const u8 scan_done_notif[] = { SCAN_COMPLETE_UMAC, };
2028 struct iwl_umac_scan_done scan_done = {
2034 iwl_init_notification_wait(&mvm->notif_wait, &wait_scan_done,
2036 ARRAY_SIZE(scan_done_notif),
2037 iwl_scan_umac_done_check, &scan_done);
2039 IWL_DEBUG_SCAN(mvm, "Preparing to stop scan, type %x\n", type);
2041 for (i = 0; i < IWL_MVM_MAX_SIMULTANEOUS_SCANS; i++) {
2042 if (mvm->scan_uid[i] & type) {
2045 if (iwl_mvm_is_radio_killed(mvm) &&
2046 (type & IWL_UMAC_SCAN_UID_REG_SCAN)) {
2047 ieee80211_scan_completed(mvm->hw, true);
2048 iwl_mvm_unref(mvm, IWL_MVM_REF_SCAN);
2052 err = iwl_umac_scan_abort_one(mvm, mvm->scan_uid[i]);
2059 IWL_DEBUG_SCAN(mvm, "Couldn't stop scan\n");
2060 iwl_remove_notification(&mvm->notif_wait, &wait_scan_done);
2064 ret = iwl_wait_notification(&mvm->notif_wait, &wait_scan_done, 1 * HZ);
2069 if (type & IWL_UMAC_SCAN_UID_SCHED_SCAN)
2070 ieee80211_sched_scan_stopped(mvm->hw);
2071 if (type & IWL_UMAC_SCAN_UID_REG_SCAN) {
2072 ieee80211_scan_completed(mvm->hw, true);
2073 iwl_mvm_unref(mvm, IWL_MVM_REF_SCAN);
2080 int iwl_mvm_scan_size(struct iwl_mvm *mvm)
2082 if (mvm->fw->ucode_capa.capa[0] & IWL_UCODE_TLV_CAPA_UMAC_SCAN)
2083 return sizeof(struct iwl_scan_req_umac) +
2084 sizeof(struct iwl_scan_channel_cfg_umac) *
2085 mvm->fw->ucode_capa.n_scan_channels +
2086 sizeof(struct iwl_scan_req_umac_tail);
2088 if (mvm->fw->ucode_capa.api[0] & IWL_UCODE_TLV_API_LMAC_SCAN)
2089 return sizeof(struct iwl_scan_req_unified_lmac) +
2090 sizeof(struct iwl_scan_channel_cfg_lmac) *
2091 mvm->fw->ucode_capa.n_scan_channels +
2092 sizeof(struct iwl_scan_probe_req);
2094 return sizeof(struct iwl_scan_cmd) +
2095 mvm->fw->ucode_capa.max_probe_length +
2096 mvm->fw->ucode_capa.n_scan_channels *
2097 sizeof(struct iwl_scan_channel);
projects / cascardo / linux.git / blob