Sven Eckelmann [Tue, 11 Jun 2019 17:21:31 +0000 (19:21 +0200)]
 
ath10k: fix max antenna gain unit
Most of the txpower for the ath10k firmware is stored as twicepower (0.5 dB
steps). This isn't the case for max_antenna_gain - which is still expected
by the firmware as dB.
The firmware is converting it from dB to the internal (twicepower)
representation when it calculates the limits of a channel. This can be seen
in tpc_stats when configuring "12" as max_antenna_gain. Instead of the
expected 12 (6 dB), the tpc_stats shows 24 (12 dB).
Tested on QCA9888 and IPQ4019 with firmware 10.4-3.5.3-00057.
Fixes: 02256930d9b8 ("ath10k: use proper tx power unit")
Signed-off-by: Sven Eckelmann <seckelmann@datto.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20190611172131.6064-1-sven@narfation.org
Dan Carpenter [Mon, 11 Oct 2021 15:18:01 +0000 (18:18 +0300)]
 
ath9k: fix an IS_ERR() vs NULL check
The devm_kmemdup() function doesn't return error pointers, it returns
NULL on error.
Fixes: eb3a97a69be8 ("ath9k: fetch calibration data via nvmem subsystem")
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20211011123533.GA15188@kili
Baochen Qiang [Mon, 11 Oct 2021 15:18:00 +0000 (18:18 +0300)]
 
ath11k: Identify DFS channel when sending scan channel list command
WMI_CHAN_INFO_DFS flag should be set when configuring a DFS channel
included in scan channel list. Without it, firmware will not send a
probe request frame which is needed in connection to an AP configured
with hidden SSID/network_id. So fix this to allow probe request frames
to be sent in cases where a beacon frame has been seen on the channel
first.
Tested-on: WCN6855 hw2.0 PCI WLAN.HSP.1.1-01720.1-QCAHSPSWPL_V1_V2_SILICONZ_LITE-1
Signed-off-by: Baochen Qiang <bqiang@codeaurora.org>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20211011054919.77071-1-bqiang@codeaurora.org
Christian Lamparter [Mon, 11 Oct 2021 15:18:00 +0000 (18:18 +0300)]
 
ath9k: support DT ieee80211-freq-limit property to limit channels
The common DT property can be used to limit the available channels
but ath9k has to manually call wiphy_read_of_freq_limits().
I would have put this into ath9k_of_init(). But it didn't work there.
The reason is that in ath9k_of_init() the channels and bands are not yet
registered in the wiphy struct. So there isn't any channel to flag as
disabled.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20211009212847.1781986-1-chunkeey@gmail.com
Baochen Qiang [Mon, 11 Oct 2021 06:33:09 +0000 (09:33 +0300)]
 
ath11k: Change number of TCL rings to one for QCA6390
Some targets, QCA6390 for example, use only one TCL ring, it is better to
initialize only one ring and leave others untouched for such targets.
This is a theoretical fix found during code review, no visible impact.
Tested-on: QCA6390 hw2.0 PCI WLAN.HST.1.0.1-01740-QCAHSTSWPLZ_V2_TO_X86-1
Signed-off-by: Baochen Qiang <bqiang@codeaurora.org>
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210914163726.38604-1-jouni@codeaurora.org
Baochen Qiang [Mon, 11 Oct 2021 06:33:08 +0000 (09:33 +0300)]
 
ath11k: Handle MSI enablement during rmmod and SSR
When doing "rmmod ath11k_pci", ath11k performs global SOC reset
and MHI reset, where 0 address access is captured by IOMMU. See
log below:
...
[  133.953860] ath11k_pci 0000:02:00.0: setting mhi state: DEINIT(1)
[  133.959714] ath11k_pci 0000:02:00.0: AMD-Vi: Event logged [IO_PAGE_FAULT domain=0x000a address=0x0 flags=0x0020]
[  133.973854] ath11k_pci 0000:02:00.0: MHISTATUS 0xff04
[  133.974095] ath11k_pci 0000:02:00.0: AMD-Vi: Event logged [IO_PAGE_FAULT domain=0x000a address=0x0 flags=0x0020]
...
This issue is also observed in SSR process, cause a similar
sequence as above is performed.
Such an invalid access occurs because, during rmmod or SSR, MSI
address is cleared but HW MSI functionality not disabled, thus HW
target is able to raise an MSI transaction with 0 as MSI address.
So it can be fixed by simply disabling MSI before reset. For SSR,
since MSI functionality is still needed after target is brought
back, we need to reenable it.
Also change naming of some interfaces related.
Tested-on: QCA6390 hw2.0 PCI WLAN.HST.1.0.1-01740-QCAHSTSWPLZ_V2_TO_X86-1
Tested-on: WCN6855 hw2.0 PCI WLAN.HSP.1.1-01720.1-QCAHSPSWPL_V1_V2_SILICONZ_LITE-1
Signed-off-by: Baochen Qiang <bqiang@codeaurora.org>
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210913180246.193388-5-jouni@codeaurora.org
Tuo Li [Thu, 5 Aug 2021 15:38:53 +0000 (08:38 -0700)]
 
ath: dfs_pattern_detector: Fix possible null-pointer dereference in channel_detector_create()
kzalloc() is used to allocate memory for cd->detectors, and if it fails,
channel_detector_exit() behind the label fail will be called:
  channel_detector_exit(dpd, cd);
In channel_detector_exit(), cd->detectors is dereferenced through:
  struct pri_detector *de = cd->detectors[i];
To fix this possible null-pointer dereference, check cd->detectors before
the for loop to dereference cd->detectors.
Reported-by: TOTE Robot <oslab@tsinghua.edu.cn>
Signed-off-by: Tuo Li <islituo@gmail.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210805153854.154066-1-islituo@gmail.com
Gustavo A. R. Silva [Thu, 7 Oct 2021 15:16:24 +0000 (18:16 +0300)]
 
ath11k: Use kcalloc() instead of kzalloc()
Use 2-factor multiplication argument form kcalloc() instead
of kzalloc().
Link: https://github.com/KSPP/linux/issues/162
Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20211006181204.GA913553@embeddedor
Colin Ian King [Thu, 7 Oct 2021 15:16:24 +0000 (18:16 +0300)]
 
ath11k: Remove redundant assignment to variable fw_size
Variable fw_size is being assigned a value that is never read and
being re-assigned a new value in the next statement. The assignment
is redundant and can be removed.
Addresses-Coverity: ("Unused value")
Fixes: 336e7b53c82f ("ath11k: clean up BDF download functions")
Signed-off-by: Colin Ian King <colin.king@canonical.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20211006105529.1011239-1-colin.king@canonical.com
Colin Ian King [Wed, 6 Oct 2021 08:32:17 +0000 (09:32 +0100)]
 
ath11k: Fix spelling mistake "incompaitiblity" -> "incompatibility"
There is a spelling mistake in an ath11k_warn message. Fix it.
Signed-off-by: Colin Ian King <colin.king@canonical.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20211006083217.349596-1-colin.king@canonical.com
Tim Gardner [Tue, 5 Oct 2021 13:55:54 +0000 (16:55 +0300)]
 
ath11k: Remove unused variable in ath11k_dp_rx_mon_merg_msdus()
Coverity complains that a constant variable guards dead code. In fact,
mpdu_buf is set NULL and never updated.
4834err_merge_fail:
    	null: At condition mpdu_buf, the value of mpdu_buf must be NULL.
    	dead_error_condition: The condition mpdu_buf cannot be true.
CID 92162 (#1 of 1): 'Constant' variable guards dead code (DEADCODE)
dead_error_line: Execution cannot reach the expression decap_format !=
  DP_RX_DECAP_TYPE_RAW inside this statement: if (mpdu_buf && decap_forma....
Local variable mpdu_buf is assigned only once, to a constant value, making it
  effectively constant throughout its scope. If this is not the intent, examine
  the logic to see if there is a missing assignment that would make mpdu_buf not
  remain constant.
4835        if (mpdu_buf && decap_format != DP_RX_DECAP_TYPE_RAW) {
Fix this by removing mpdu_buf and unreachable code.
Cc: Kalle Valo <kvalo@codeaurora.org>
Cc: "David S. Miller" <davem@davemloft.net>
Cc: Jakub Kicinski <kuba@kernel.org>
Cc: ath11k@lists.infradead.org
Cc: linux-wireless@vger.kernel.org
Cc: netdev@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Signed-off-by: Tim Gardner <tim.gardner@canonical.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210927150743.19816-1-tim.gardner@canonical.com
Christian Lamparter [Tue, 5 Oct 2021 13:55:54 +0000 (16:55 +0300)]
 
dt-bindings: net: wireless: qca,ath9k: convert to the json-schema
This replaces the existing .txt binding file. Furthermore, this
also helps with validating DTS files.
Introduced binding changes:
 1. added inherited mac-address nvmem property
 2. added inherited ieee80211-freq-limit property
 3. added new calibration nvmem property
 4. added second example (taken from the Netgear WNDR3700v2)
    Reason: Setting qca,no-eeprom; takes presedence over
    nvmem-cells. I think a different example is needed,
    because the driver can only reads from one calibration
    source per device.
 5. (re-added) chip list (based on data from ath9k's pci.c)
Added binding .yaml to MAINTAINERS.
Reviewed-by: Rob Herring <robh@kernel.org>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210924223509.52525-1-chunkeey@gmail.com
Linus Lüssing [Tue, 5 Oct 2021 13:55:53 +0000 (16:55 +0300)]
 
ath9k: Fix potential interrupt storm on queue reset
In tests with two Lima boards from 8devices (QCA4531 based) on OpenWrt
19.07 we could force a silent restart of a device with no serial
output when we were sending a high amount of UDP traffic (iperf3 at 80
MBit/s in both directions from external hosts, saturating the wifi and
causing a load of about 4.5 to 6) and were then triggering an
ath9k_queue_reset().
Further debugging showed that the restart was caused by the ath79
watchdog. With disabled watchdog we could observe that the device was
constantly going into ath_isr() interrupt handler and was returning
early after the ATH_OP_HW_RESET flag test, without clearing any
interrupts. Even though ath9k_queue_reset() calls
ath9k_hw_kill_interrupts().
With JTAG we could observe the following race condition:
1) ath9k_queue_reset()
   ...
   -> ath9k_hw_kill_interrupts()
   -> set_bit(ATH_OP_HW_RESET, &common->op_flags);
   ...
   <- returns
      2) ath9k_tasklet()
         ...
         -> ath9k_hw_resume_interrupts()
         ...
         <- returns
                 3) loops around:
                    ...
                    handle_int()
                    -> ath_isr()
                       ...
                       -> if (test_bit(ATH_OP_HW_RESET,
                                       &common->op_flags))
                            return IRQ_HANDLED;
                    x) ath_reset_internal():
                       => never reached <=
And in ath_isr() we would typically see the following interrupts /
interrupt causes:
* status: 0x00111030 or 0x00110030
* async_cause: 2 (AR_INTR_MAC_IPQ)
* sync_cause: 0
So the ath9k_tasklet() reenables the ath9k interrupts
through ath9k_hw_resume_interrupts() which ath9k_queue_reset() had just
disabled. And ath_isr() then keeps firing because it returns IRQ_HANDLED
without actually clearing the interrupt.
To fix this IRQ storm also clear/disable the interrupts again when we
are in reset state.
Cc: Sven Eckelmann <sven@narfation.org>
Cc: Simon Wunderlich <sw@simonwunderlich.de>
Cc: Linus Lüssing <linus.luessing@c0d3.blue>
Fixes: 872b5d814f99 ("ath9k: do not access hardware on IRQs during reset")
Signed-off-by: Linus Lüssing <ll@simonwunderlich.de>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210914192515.9273-3-linus.luessing@c0d3.blue
Linus Lüssing [Tue, 5 Oct 2021 13:55:53 +0000 (16:55 +0300)]
 
ath9k: add option to reset the wifi chip via debugfs
Sometimes, in yet unknown cases the wifi chip stops working. To allow a
watchdog in userspace to easily and quickly reset the wifi chip, add the
according functionality to userspace. A reset can then be triggered
via:
  $ echo 1 > /sys/kernel/debug/ieee80211/phy0/ath9k/reset
The number of user resets can further be tracked in the row "User reset"
in the same file.
So far people usually used "iw scan" to fix ath9k chip hangs from
userspace. Which triggers the ath9k_queue_reset(), too. The reset file
however has the advantage of less overhead, which makes debugging bugs
within ath9k_queue_reset() easier.
Signed-off-by: Linus Lüssing <ll@simonwunderlich.de>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210914192515.9273-2-linus.luessing@c0d3.blue
Stephen Boyd [Tue, 5 Oct 2021 13:55:53 +0000 (16:55 +0300)]
 
ath10k: Don't always treat modem stop events as crashes
When rebooting on sc7180 Trogdor devices I see the following crash from
the wifi driver.
 ath10k_snoc 
18800000.wifi: firmware crashed! (guid 
83493570-29a2-4e98-a83e-
70048c47669c)
This is because a modem stop event looks just like a firmware crash to
the driver, the qmi connection is closed in both cases. Use the qcom ssr
notifier block to stop treating the qmi connection close event as a
firmware crash signal when the modem hasn't actually crashed. See
ath10k_qmi_event_server_exit() for more details.
This silences the crash message seen during every reboot.
Fixes: 3f14b73c3843 ("ath10k: Enable MSA region dump support for WCN3990")
Cc: Youghandhar Chintala <youghand@codeaurora.org>
Cc: Abhishek Kumar <kuabhs@chromium.org>
Cc: Steev Klimaszewski <steev@kali.org>
Cc: Matthias Kaehlcke <mka@chromium.org>
Cc: Rakesh Pillai <pillair@codeaurora.org>
Signed-off-by: Stephen Boyd <swboyd@chromium.org>
Reviewed-by: Rakesh Pillai <pillair@codeaurora.org>
Tested-By: Youghandhar Chintala <youghand@codeaurora.org>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210922233341.182624-1-swboyd@chromium.org
Kalle Valo [Tue, 5 Oct 2021 06:23:01 +0000 (09:23 +0300)]
 
Merge ath-next from git://git./linux/kernel/git/kvalo/ath.git
ath.git patches for v5.16. Major changes:
ath9k
* load calibration data and pci init values via nvmem subsystem
ath11k
* include channel rx and tx time in survey dump statistics
* support for setting fixed Wi-Fi 6 rates from user space
* support for 80P80 and 160 MHz bandwidths
* spectral scan support for QCN9074
* support for calibration data files per radio
* support for calibration data via eeprom
* support for rx decapsulation offload (data frames in 802.3 format)
* support channel 2 in 6 GHz band
ath10k
* include frame time stamp in beacon and probe response frames
wcn36xx
* enable Idle Mode Power Save (IMPS) to reduce power consumption during idle
Chris Chiu [Fri, 1 Oct 2021 04:00:44 +0000 (12:00 +0800)]
 
rtl8xxxu: Use lower tx rates for the ack packet
According to the Realtek propritary driver and the rtw88 driver, the
tx rates of the ack (includes block ack) are initialized with lower
tx rates (no HT rates) which is set by the RRSR register value. In
real cases, ack rate higher than current tx rate could lead to
difficulty for the receiving end to receive management/control frames.
The retransmission rate would be higher then expected when the driver
is acting as receiver and the RSSI is not good.
Cross out higer rates for ack packet before implementing dynamic rrsr
configuration like the commit 
4830872685f8 ("rtw88: add dynamic rrsr
configuration").
Signed-off-by: Chris Chiu <chris.chiu@canonical.com>
Acked-by: Jes Sorensen <Jes.Sorensen@gmail.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20211001040044.1028708-1-chris.chiu@canonical.com
Sohaib Mohamed [Thu, 30 Sep 2021 19:49:20 +0000 (21:49 +0200)]
 
bcma: drop unneeded initialization value
Do not initialise statics to 0
ERROR found by checkpatch.pl
Signed-off-by: Sohaib Mohamed <sohaib.amhmd@gmail.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210930194920.15847-1-sohaib.amhmd@gmail.com
Hans de Goede [Tue, 28 Sep 2021 16:06:33 +0000 (18:06 +0200)]
 
brcmfmac: Add DMI nvram filename quirk for Cyberbook T116 tablet
The Cyberbook T116 tablet contains quite generic names in the sys_vendor
and product_name DMI strings, without this patch brcmfmac will try to load:
"brcmfmac43455-sdio.Default string-Default string.txt" as nvram file which
is way too generic.
The nvram file shipped on the factory Android image contains the exact
same settings as those used on the AcePC T8 mini PC, so point the new
DMI nvram filename quirk to the acepc-t8 nvram file.
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210928160633.96928-1-hdegoede@redhat.com
Zong-Zhe Yang [Fri, 1 Oct 2021 08:23:01 +0000 (16:23 +0800)]
 
rtw88: refine fw_crash debugfs to show non-zero while triggering
The usage of fw_crash debugfs is to write 1 to it to trigger fw crash
simulation and to read from it to check the state. When zero is read,
it is supposed to mean fw crash/restart process is done. Then, some
test plans can be designed for crash/restart.
e.g.
step 1. trigger fw crash simulation
step 2. poll the state until zero is read
step 3. check connection by ping test
However, in certain connection cases, triggering fw crash simulation
will take a while. If the state is queried too early before restart
begins processing, it may mistakenly think restart process has been
done. If some tests are started at this time, something unexpected
might happen due to the follow-up restart process.
To avoid that, let fw_crash also show non-zero when a simulation
is still triggering.
Signed-off-by: Zong-Zhe Yang <kevin_yang@realtek.com>
Signed-off-by: Ping-Ke Shih <pkshih@realtek.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20211001082301.4805-1-pkshih@realtek.com
Zong-Zhe Yang [Mon, 27 Sep 2021 11:18:30 +0000 (19:18 +0800)]
 
rtw88: fix RX clock gate setting while fifo dump
When fw fifo dumps, RX clock gating should be disabled to avoid
something unexpected. However, the register operation ran into
a mistake. So, we fix it.
Signed-off-by: Zong-Zhe Yang <kevin_yang@realtek.com>
Signed-off-by: Ping-Ke Shih <pkshih@realtek.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210927111830.5354-1-pkshih@realtek.com
Fabio Estevam [Tue, 28 Sep 2021 11:00:47 +0000 (14:00 +0300)]
 
ath10k: sdio: Add missing BH locking around napi_schdule()
On a i.MX-based board with a QCA9377 Wifi chip, the following errors
are seen after launching the 'hostapd' application:
hostapd /etc/wifi.conf
Configuration file: /etc/wifi.conf
wlan0: interface state UNINITIALIZED->COUNTRY_UPDATE
NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #08!!!
Using interface wlan0 with hwaddr 00:1f:7b:31:04:a0 and ssid "thessid"
IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
wlan0: interface state COUNTRY_UPDATE->ENABLED
wlan0: AP-ENABLED
NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #08!!!
NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #08!!!
NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #08!!!
NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #08!!!
...
Fix this problem by adding the BH locking around napi-schedule(),
in the same way it was done in commit 
e63052a5dd3c ("mlx5e: add
add missing BH locking around napi_schdule()").
Its commit log provides the following explanation:
"It's not correct to call napi_schedule() in pure process
context. Because we use __raise_softirq_irqoff() we require
callers to be in a context which will eventually lead to
softirq handling (hardirq, bh disabled, etc.).
With code as is users will see:
NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #08!!!
"
Fixes: cfee8793a74d ("ath10k: enable napi on RX path for sdio")
Signed-off-by: Fabio Estevam <festevam@denx.de>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210824144339.2796122-1-festevam@denx.de
Loic Poulain [Tue, 28 Sep 2021 11:00:47 +0000 (14:00 +0300)]
 
ath10k: Fix missing frame timestamp for beacon/probe-resp
When receiving a beacon or probe response, we should update the
boottime_ns field which is the timestamp the frame was received at.
(cf mac80211.h)
This fixes a scanning issue with Android since it relies on this
timestamp to determine when the AP has been seen for the last time
(via the nl80211 BSS_LAST_SEEN_BOOTTIME parameter).
Fixes: 5e3dd157d7e7 ("ath10k: mac80211 driver for Qualcomm Atheros 802.11ac CQA98xx devices")
Signed-off-by: Loic Poulain <loic.poulain@linaro.org>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/1629811733-7927-1-git-send-email-loic.poulain@linaro.org
Alagu Sankar [Tue, 28 Sep 2021 11:00:47 +0000 (14:00 +0300)]
 
ath10k: high latency fixes for beacon buffer
Beacon buffer for high latency devices does not use DMA. other similar
buffer allocation methods in the driver have already been modified for
high latency path. Fix the beacon buffer allocation left out in the
earlier high latency changes.
Signed-off-by: Alagu Sankar <alagusankar@silex-india.com>
Signed-off-by: Erik Stromdahl <erik.stromdahl@gmail.com>
[fabio: adapt it to use ar->bus_param.dev_type ]
Signed-off-by: Fabio Estevam <festevam@denx.de>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210818232627.2040121-1-festevam@denx.de
Baochen Qiang [Tue, 28 Sep 2021 11:00:46 +0000 (14:00 +0300)]
 
ath11k: Change DMA_FROM_DEVICE to DMA_TO_DEVICE when map reinjected packets
For fragmented packets, ath11k reassembles each fragment as a normal
packet and then reinjects it into HW ring. In this case, the DMA
direction should be DMA_TO_DEVICE, not DMA_FROM_DEVICE, otherwise
invalid payload will be reinjected to HW and then delivered to host.
What is more, since arbitrary memory could be allocated to the frame, we
don't know what kind of data is contained in the buffer reinjected.
Thus, as a bad result, private info may be leaked.
Note that this issue is only found on Intel platform.
Tested-on: QCA6390 hw2.0 PCI WLAN.HST.1.0.1-01740-QCAHSTSWPLZ_V2_TO_X86-1
Signed-off-by: Baochen Qiang <bqiang@codeaurora.org>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210916064617.20006-1-bqiang@codeaurora.org
Pradeep Kumar Chitrapu [Tue, 28 Sep 2021 11:00:46 +0000 (14:00 +0300)]
 
ath11k: support SMPS configuration for 6 GHz
Parse SMPS configuration from IEs and configure. Without this,
SMPS is not enabled for 6 GHz band.
Tested-on: QCN9074 hw1.0 PCI WLAN.HK.2.4.0.1-01386-QCAHKSWPL_SILICONZ-1
Signed-off-by: Pradeep Kumar Chitrapu <pradeepc@codeaurora.org>
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210913175510.193005-3-jouni@codeaurora.org
Pradeep Kumar Chitrapu [Tue, 28 Sep 2021 11:00:46 +0000 (14:00 +0300)]
 
ath11k: add 6 GHz params in peer assoc command
Currently A-MPDU aggregation parameters are not being configured
during peer association for 6 GHz band. Hence, extract these
parameters from station's capabilities received in association
request and send to firmware. Without this, A-MPDU aggregation
is not happening in 6 GHz band.
Tested-on: QCN9074 hw1.0 PCI WLAN.HK.2.4.0.1-01386-QCAHKSWPL_SILICONZ-1
Signed-off-by: Pradeep Kumar Chitrapu <pradeepc@codeaurora.org>
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210913175510.193005-2-jouni@codeaurora.org
Pradeep Kumar Chitrapu [Tue, 28 Sep 2021 11:00:45 +0000 (14:00 +0300)]
 
ieee80211: Add new A-MPDU factor macro for HE 6 GHz peer caps
Add IEEE80211_HE_6GHZ_MAX_AMPDU_FACTOR as per IEEE Std 802.11ax-2021,
9.4.2.263 to use for peer max A-MPDU factor in 6 GHz band.
Signed-off-by: Pradeep Kumar Chitrapu <pradeepc@codeaurora.org>
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Acked-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210913175510.193005-1-jouni@codeaurora.org
Wen Gong [Tue, 28 Sep 2021 11:00:45 +0000 (14:00 +0300)]
 
ath11k: indicate to mac80211 scan complete with aborted flag for ATH11K_SCAN_STARTING state
Scan failure can not be recovered from when running a loop of the
following steps:
1. run scan: "iw wlan scan".
2. run command: echo assert > /sys/kernel/debug/ath11k/qca6490\ hw2.0/simulate_fw_crash
   immediately after step 1.
result:
scan failed and can not recover even when wlan recovery succeeds:
command failed: Device or resource busy (-16)
reason:
When scan arrives, WMI_START_SCAN_CMDID is sent to the firmware and
function ath11k_mac_op_hw_scan() returns, then simulate_fw_crash arrives
and the scan started event does not arrive, and then it starts to do
recovery of wlan. __ath11k_mac_scan_finish() which is called from
ath11k_core_halt() is one step of recovery, it will not call
ieee80211_scan_completed() by logic currently because the scan state is
ATH11K_SCAN_STARTING. Thus it leads the scan not being completed in
mac80211, and leads all consecutive scans failing with -EBUSY in
nl80211_trigger_scan even after wlan recovery success.
Indicate scan complete with aborted flag to mac80211 for
ATH11K_SCAN_STARTING to allow recovery from scan failed with "Device or
resource busy (-16)" after wlan recovery.
Tested-on: WCN6855 hw2.0 PCI WLAN.HSP.1.1-01720.1-QCAHSPSWPL_V1_V2_SILICONZ_LITE-1
Signed-off-by: Wen Gong <wgong@codeaurora.org>
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210914164226.38843-3-jouni@codeaurora.org
Wen Gong [Tue, 28 Sep 2021 11:00:45 +0000 (14:00 +0300)]
 
ath11k: indicate scan complete for scan canceled when scan running
ath11k prints "Received scan event for unknown vdev" when doing the
following test:
1. trigger scan
2. wait 0.2 second
3. iw reg set or 11d scan complete from firmware
Reason: When iw reg set or 11d scan complete, the new country code will
be set to the firmware, and the new regdomain info indicated to ath11k,
then the new channel list will be sent to the firmware. The firmware
will cancel the current scan after receiving WMI_SCAN_CHAN_LIST_CMDID
which is used for the new channel list, and the state of ath11k is
ATH11K_SCAN_RUNNING, then ath11k_get_ar_on_scan_abort() returns NULL and
ath11k_scan_event() returns at this point and does not indicate scan
completion to mac80211.
Indicate scan completion to mac80211 and get rid of the "Received scan
event for unknown vdev" print for the above case.
Tested-on: WCN6855 hw2.0 PCI WLAN.HSP.1.1-01720.1-QCAHSPSWPL_V1_V2_SILICONZ_LITE-1
Signed-off-by: Wen Gong <wgong@codeaurora.org>
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210914164226.38843-2-jouni@codeaurora.org
Wen Gong [Tue, 28 Sep 2021 11:00:45 +0000 (14:00 +0300)]
 
ath11k: add handler for scan event WMI_SCAN_EVENT_DEQUEUED
When wlan interface is up, 11d scan is sent to the firmware, and the
firmware needs to spend couple of seconds to complete the 11d scan. If
immediately a normal scan from user space arrives to ath11k, then the
normal scan request is also sent to the firmware, but the scan started
event will be reported to ath11k until the 11d scan complete. When timed
out for the scan started in ath11k, ath11k stops the normal scan and the
firmware reports WMI_SCAN_EVENT_DEQUEUED to ath11k for the normal scan.
ath11k has no handler for the event and then timed out for the scan
completed in ath11k_scan_stop(), and ath11k prints the following error
message.
[ 1491.604750] ath11k_pci 0000:02:00.0: failed to receive scan abort comple: timed out
[ 1491.604756] ath11k_pci 0000:02:00.0: failed to stop scan: -110
[ 1491.604758] ath11k_pci 0000:02:00.0: failed to start hw scan: -110
Add a handler for WMI_SCAN_EVENT_DEQUEUED and then complete the scan to
get rid of the above error message.
Tested-on: WCN6855 hw2.0 PCI WLAN.HSP.1.1-01720.1-QCAHSPSWPL_V1_V2_SILICONZ_LITE-1
Signed-off-by: Wen Gong <wgong@codeaurora.org>
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210914164226.38843-1-jouni@codeaurora.org
Venkateswara Naralasetty [Tue, 28 Sep 2021 11:00:45 +0000 (14:00 +0300)]
 
ath11k: add HTT stats support for new stats
Add HTT stats support for,
29-ATH11K_DBG_HTT_EXT_STATS_PEER_CTRL_PATH_TXRX_STATS:
Used to dump the control path txrx stats for each connected peer.
Usage:
echo 29 > /sys/kernel/debug/ieee80211/phyx/ath11k/htt_stats_type
cat /sys/kernel/debug/ieee80211/phyx/netdev\:wlan0/stations/
<sta mac>/htt_peer_stats.
31-ATH11K_DBG_HTT_EXT_STATS_PDEV_TX_RATE_TXBF_STATS:
Used to dump the per pdev tx rate txbf stats.
Usage:
echo 31 > /sys/kernel/debug/ieee80211/phyx/ath11k/htt_stats_type
cat /sys/kernel/debug/ieee80211/phyx/ath11k/htt_stats
32-ATH11k_DBG_HTT_EXT_STATS_TXBF_OFDMA:
Used to dump the TXBF ofdma stats for all ofdma users.
Usage:
echo 32 > /sys/kernel/debug/ieee80211/phyx/ath11k/htt_stats_type
cat /sys/kernel/debug/ieee80211/phyx/ath11k/htt_stats
37-ATH11K_DBG_HTT_EXT_PHY_COUNTERS_AND_PHY_STATS:
Used to dump the mac and phy txrx counts and phy stats like per chain rssi
and ANI level.
Usage:
echo 37 > /sys/kernel/debug/ieee80211/phyx/ath11k/htt_stats_type
cat /sys/kernel/debug/ieee80211/phyx/ath11k/htt_stats
Tested-on: IPQ8074 hw2.0 AHB WLAN.HK.2.5.0.1-00486-QCAHKSWPL_SILICONZ-1
Signed-off-by: Venkateswara Naralasetty <vnaralas@codeaurora.org>
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210913223148.208026-6-jouni@codeaurora.org
Seevalamuthu Mariappan [Tue, 28 Sep 2021 11:00:45 +0000 (14:00 +0300)]
 
ath11k: Change masking and shifting in htt stats
In debugfs_htt_stats.c, masking and shifting is done to get
stats values. Instead use GENMASK and FIELD_GET to improve
code readability and maintenance.
Tested-on: IPQ8074 hw2.0 AHB WLAN.HK.2.5.0.1-01105-QCAHKSWPL_SILICONZ-1
Signed-off-by: Seevalamuthu Mariappan <seevalam@codeaurora.org>
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210913223148.208026-5-jouni@codeaurora.org
Seevalamuthu Mariappan [Tue, 28 Sep 2021 11:00:45 +0000 (14:00 +0300)]
 
ath11k: Remove htt stats fixed size array usage
To support the HTT Stats DebugFS interface a single large buffer that
contains the stats must be provided to the DebugFS infrastructure.
In the current code, for each class of stats, the stats are first
formatted in a local on-stack buffer, and then the local buffer is
copied to the large DebugFS buffer.
This logic has a problem when, for a given class, the formatted
stats exceed the size of the on-stack buffer. When this occurs the
stats for this class is truncated. In addition, this logic is
inefficient since it introduces an unnecessary memory copy.
To address these issues, update the logic to no longer use a local
on-stack buffer, and instead write the formatted data directly into
the large DebugFS buffer.
Tested-on: IPQ8074 hw2.0 AHB WLAN.HK.2.5.0.1-01105-QCAHKSWPL_SILICONZ-1
Signed-off-by: Seevalamuthu Mariappan <seevalam@codeaurora.org>
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210913223148.208026-4-jouni@codeaurora.org
Seevalamuthu Mariappan [Tue, 28 Sep 2021 11:00:44 +0000 (14:00 +0300)]
 
ath11k: Replace HTT_DBG_OUT with scnprintf
Get rid of macro HTT_DBG_OUT and replace it with scnprintf().
The macro does not do anything else. Added required new line
characters to scnprintf() for proper display.
Tested-on: IPQ8074 hw2.0 AHB WLAN.HK.2.5.0.1-01105-QCAHKSWPL_SILICONZ-1
Signed-off-by: Seevalamuthu Mariappan <seevalam@codeaurora.org>
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210913223148.208026-3-jouni@codeaurora.org
Seevalamuthu Mariappan [Tue, 28 Sep 2021 11:00:44 +0000 (14:00 +0300)]
 
ath11k: Rename macro ARRAY_TO_STRING to PRINT_ARRAY_TO_BUF
Renaming of macro is done to describe the macro functionality
better as the macro functionality is modified in next patch-sets.
No functional changes are done.
Signed-off-by: Seevalamuthu Mariappan <seevalam@codeaurora.org>
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210913223148.208026-2-jouni@codeaurora.org
Baochen Qiang [Tue, 28 Sep 2021 11:00:44 +0000 (14:00 +0300)]
 
ath11k: Fix memory leak in ath11k_qmi_driver_event_work
The buffer pointed to by event is not freed in case
ATH11K_FLAG_UNREGISTERING bit is set, resulting in
memory leak, so fix it.
Tested-on: WCN6855 hw2.0 PCI WLAN.HSP.1.1-01720.1-QCAHSPSWPL_V1_V2_SILICONZ_LITE-1
Fixes: d5c65159f289 ("ath11k: driver for Qualcomm IEEE 802.11ax devices")
Signed-off-by: Baochen Qiang <bqiang@codeaurora.org>
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210913180246.193388-4-jouni@codeaurora.org
Baochen Qiang [Tue, 28 Sep 2021 11:00:44 +0000 (14:00 +0300)]
 
ath11k: Fix inaccessible debug registers
Current code clears debug registers after SOC global reset performed
in ath11k_pci_sw_reset. However at that time those registers are
not accessible due to reset, thus they are actually not cleared at all.
For WCN6855, it may cause target fail to initialize. This issue can be
fixed by moving clear action ahead.
In addition, on some specific platforms, need to add delay to wait
those registers to become accessible.
Tested-on: WCN6855 hw2.0 PCI WLAN.HSP.1.1-01720.1-QCAHSPSWPL_V1_V2_SILICONZ_LITE-1
Signed-off-by: Baochen Qiang <bqiang@codeaurora.org>
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210913180246.193388-3-jouni@codeaurora.org
Baochen Qiang [Tue, 28 Sep 2021 11:00:43 +0000 (14:00 +0300)]
 
ath11k: Drop MSDU with length error in DP rx path
There are MSDUs whose length are invalid. For example,
attackers may inject on purpose truncated A-MSDUs with
invalid MSDU length.
Such MSDUs are marked with an err bit set in rx attention
tlvs, so we can check and drop them.
Tested-on: QCA6390 hw2.0 PCI WLAN.HST.1.0.1-01740-QCAHSTSWPLZ_V2_TO_X86-1
Tested-on: WCN6855 hw2.0 PCI WLAN.HSP.1.1-01720.1-QCAHSPSWPL_V1_V2_SILICONZ_LITE-1
Signed-off-by: Baochen Qiang <bqiang@codeaurora.org>
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210913180246.193388-2-jouni@codeaurora.org
Wen Gong [Tue, 28 Sep 2021 11:00:43 +0000 (14:00 +0300)]
 
ath11k: copy cap info of 6G band under WMI_HOST_WLAN_5G_CAP for WCN6855
WCN6855 has 2 phys, one is 2G, another is 5G/6G, so it should copy the
cap info of 6G band under the check of WMI_HOST_WLAN_5G_CAP as well as
for the 5G band. Some chips like QCN9074 only have 6G, not have 2G and
5G, and this 6G capability is also under WMI_HOST_WLAN_5G_CAP, so this
change will not disturb it.
Tested-on: WCN6855 hw2.0 PCI WLAN.HSP.1.1-01720.1-QCAHSPSWPL_V1_V2_SILICONZ_LITE-1
Signed-off-by: Wen Gong <wgong@codeaurora.org>
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210804181217.88751-4-jouni@codeaurora.org
Wen Gong [Tue, 28 Sep 2021 11:00:43 +0000 (14:00 +0300)]
 
ath11k: enable 6G channels for WCN6855
For some chips such as WCN6855, single_pdev_only is set in struct
ath11k_hw_params which means ath11k calls ieee80211_register_hw() only
once and create only one device interface, and that device interface
supports all 2G/5G/6G channels.
ath11k_mac_setup_channels_rates() sets up the channels and it is called
for each device interface. It is called only once for single_pdev_only,
and then set up all channels for 2G/5G/6G. The logic of
ath11k_mac_setup_channels_rates() is not suitable for single_pdev_only,
it leads to all 6G channels being disabled for the device interface
which is single_pdev_only such as WCN6855.
Add channel frequency checks for the 6G band and enable the 6G channels
properly based on what is supported by the chip.
Tested-on: WCN6855 hw2.0 PCI WLAN.HSP.1.1-01720.1-QCAHSPSWPL_V1_V2_SILICONZ_LITE-1
Signed-off-by: Wen Gong <wgong@codeaurora.org>
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210804181217.88751-3-jouni@codeaurora.org
Wen Gong [Tue, 28 Sep 2021 11:00:43 +0000 (14:00 +0300)]
 
ath11k: re-enable ht_cap/vht_cap for 5G band for WCN6855
WCN6855 uses single_pdev_only, so it supports both the 5G and 6G bands
in the same ath11k/pdev and it needs to enable ht_cap/vht_cap for the 5G
band, otherwise it will downgrade to non-HT mode for the 5G band. Some
chips like QCN9074 only support the 6G band, not the 5G band, and use
the flag ar->supports_6ghz which is true to discard ht_cap/vht_cap.
Tested-on: WCN6855 hw2.0 PCI WLAN.HSP.1.1-01720.1-QCAHSPSWPL_V1_V2_SILICONZ_LITE-1
Signed-off-by: Wen Gong <wgong@codeaurora.org>
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210804181217.88751-2-jouni@codeaurora.org
Pradeep Kumar Chitrapu [Tue, 28 Sep 2021 11:00:43 +0000 (14:00 +0300)]
 
ath11k: fix survey dump collection in 6 GHz
When ath11k receives survey request, choose the 6 GHz band when enabled.
Without this, survey request does not include any 6 GHz band results,
thereby causing auto channel selection to fail.
Tested-on: QCN9074 hw1.0 PCI WLAN.HK.2.4.0.1-01386-QCAHKSWPL_SILICONZ-1
Signed-off-by: Pradeep Kumar Chitrapu <pradeepc@codeaurora.org>
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210722102054.43419-3-jouni@codeaurora.org
Pradeep Kumar Chitrapu [Tue, 28 Sep 2021 11:00:43 +0000 (14:00 +0300)]
 
ath11k: fix packet drops due to incorrect 6 GHz freq value in rx status
Frequency in rx status is being filled incorrectly in the 6 GHz band as
channel number received is invalid in this case which is causing packet
drops. So fix that.
Fixes: 5dcf42f8b79d ("ath11k: Use freq instead of channel number in rx path")
Signed-off-by: Pradeep Kumar Chitrapu <pradeepc@codeaurora.org>
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210722102054.43419-2-jouni@codeaurora.org
Pradeep Kumar Chitrapu [Tue, 28 Sep 2021 11:00:43 +0000 (14:00 +0300)]
 
ath11k: add channel 2 into 6 GHz channel list
Add support for the 6 GHz channel 2 with center frequency 5935 MHz and
operating class 136 per IEEE Std 802.11ax-2021, Table E-4.
Signed-off-by: Pradeep Kumar Chitrapu <pradeepc@codeaurora.org>
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210722102054.43419-1-jouni@codeaurora.org
P Praneesh [Tue, 28 Sep 2021 09:05:41 +0000 (12:05 +0300)]
 
ath11k: Add wmi peer create conf event in wmi_tlv_event_id
When the driver sends a peer create cmd, the firmware responds with
WMI_PEER_CREATE_CONF_EVENTID to confirm the firmware received
WMI_PEER_CREATE_CMDID. Since the peer create conf event is not handled
in ath11k_wmi_tlv_op_rx, we are getting unknown event id warning prints
during peer creation.
Add WMI_PEER_CREATE_CONF_EVENTID in wmi_tlv_event_id and handle
the same as unsupported event id under wmi logs.
warning prints:
[ 4382.230817] ath11k_pci 0000:01:00.0: Unknown eventid: 0x601a
Tested-on: IPQ8074 hw2.0 AHB WLAN.HK.2.4.0.1-01695-QCAHKSWPL_SILICONZ-1
Signed-off-by: P Praneesh <ppranees@codeaurora.org>
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210721212029.142388-9-jouni@codeaurora.org
Karthikeyan Periyasamy [Tue, 28 Sep 2021 09:05:41 +0000 (12:05 +0300)]
 
ath11k: Avoid "No VIF found" warning message
Facing below warning prints when we do wifi down in multiple VAPs scenario.
warning print:
ath11k 
c000000.wifi: No VIF found for vdev 2
...
ath11k 
c000000.wifi: No VIF found for vdev 0
In ath11k_mac_get_arvif_by_vdev_id(), we iterate all the radio to get the
arvif for the requested vdev_id through ath11k_mac_get_arvif().
ath11k_mac_get_arvif() throws a warning message if the given vdev_id is
not found in the given radio. So to avoid the warning message, add
the allocated_vdev_map cross check against the given vdev_id before using
ath11k_mac_get_arvif() to ensure that vdev_id is allocated in the
given radio.
Tested-on: IPQ8074 hw2.0 AHB WLAN.HK.2.4.0.1-01492-QCAHKSWPL_SILICONZ-1
Tested-on: IPQ6018 hw1.0 AHB WLAN.HK.2.4.0.1-00330-QCAHKSWPL_SILICONZ-1
Signed-off-by: Karthikeyan Periyasamy <periyasa@codeaurora.org>
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210721212029.142388-8-jouni@codeaurora.org
Sriram R [Tue, 28 Sep 2021 09:05:40 +0000 (12:05 +0300)]
 
ath11k: Fix crash during firmware recovery on reo cmd ring access
In scenario when a peer is disassociating, there could be
multiple places where a reo cmd ring is accessed, such as
during aggregation teardown, tid queue cleanup, etc.
When this happens during firmware recovery where accessing of FW/HW
resources/registers is not recommended, accessing reo cmd ring in
this case could lead to crash or undefined behaviour.
Hence avoid this by checking for corresponding flag to avoid
accessing reo cmd ring during firmware recovery.
Sample crash:
[ 3936.456050] Unhandled fault: imprecise external abort (0x1c06) at 0x54bb842a
[ 3936.456411] WARN: Access Violation!!!, Run "cat /sys/kernel/debug/qcom_debug_logs/tz_log" for more details
[ 3936.467997] pgd = 
b4474000
[ 3936.477440] [
54bb842a] *pgd=
6fa61831, *pte=
7f95d59f, *ppte=
7f95de7e
<snip>
[ 3937.177436] [<
8030ab10>] (_raw_spin_unlock_bh) from [<
7f5e9eb8>] (ath11k_hal_reo_cmd_send+0x440/0x458 [ath11k])
[ 3937.185730] [<
7f5e9eb8>] (ath11k_hal_reo_cmd_send [ath11k]) from [<
7f601c4c>] (ath11k_dp_tx_send_reo_cmd+0x2c/0xcc [ath11k])
[ 3937.195524] [<
7f601c4c>] (ath11k_dp_tx_send_reo_cmd [ath11k]) from [<
7f602f10>] (ath11k_peer_rx_tid_reo_update+0x84/0xbc [ath11k])
[ 3937.206984] [<
7f602f10>] (ath11k_peer_rx_tid_reo_update [ath11k]) from [<
7f605a9c>] (ath11k_dp_rx_ampdu_stop+0xa8/0x130 [ath11k])
[ 3937.218532] [<
7f605a9c>] (ath11k_dp_rx_ampdu_stop [ath11k]) from [<
7f5f6730>] (ath11k_mac_op_ampdu_action+0x6c/0x98 [ath11k])
[ 3937.230250] [<
7f5f6730>] (ath11k_mac_op_ampdu_action [ath11k]) from [<
c7b6e890>] (___ieee80211_stop_rx_ba_session+0x98/0x144 [mac80211])
[ 3937.241499] [<
c7b6e890>] (___ieee80211_stop_rx_ba_session [mac80211]) from [<
c7b6cdd8>] (ieee80211_sta_tear_down_BA_sessions+0x4c/0xf4 [)
[ 3937.253833] [<
c7b6cdd8>] (ieee80211_sta_tear_down_BA_sessions [mac80211]) from [<
c7b63460>] (ieee80211_sta_eosp+0x5b8/0x960 [mac80211])
[ 3937.266764] [<
c7b63460>] (ieee80211_sta_eosp [mac80211]) from [<
c7b66da8>] (__sta_info_flush+0x9c/0x134 [mac80211])
[ 3937.278826] [<
c7b66da8>] (__sta_info_flush [mac80211]) from [<
c7b7bd00>] (ieee80211_stop_ap+0x14c/0x28c [mac80211])
[ 3937.289240] [<
c7b7bd00>] (ieee80211_stop_ap [mac80211]) from [<
7f509cf0>] (__cfg80211_stop_ap+0x4c/0xd8 [cfg80211])
[ 3937.299629] [<
7f509cf0>] (__cfg80211_stop_ap [cfg80211]) from [<
7f4dddec>] (cfg80211_leave+0x24/0x30 [cfg80211])
[ 3937.310041] [<
7f4dddec>] (cfg80211_leave [cfg80211]) from [<
7f4de03c>] (cfg80211_netdev_notifier_call+0x174/0x48c [cfg80211])
[ 3937.320457] [<
7f4de03c>] (cfg80211_netdev_notifier_call [cfg80211]) from [<
80339928>] (notifier_call_chain+0x40/0x68)
[ 3937.331636] [<
80339928>] (notifier_call_chain) from [<
803399a8>] (raw_notifier_call_chain+0x14/0x1c)
[ 3937.342221] [<
803399a8>] (raw_notifier_call_chain) from [<
8073bb00>] (call_netdevice_notifiers+0xc/0x14)
Tested-on: IPQ8074 hw2.0 AHB WLAN.HK.2.1.0.1-01240-QCAHKSWPL_SILICONZ-1
Signed-off-by: Sriram R <srirrama@codeaurora.org>
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210721212029.142388-7-jouni@codeaurora.org
Seevalamuthu Mariappan [Tue, 28 Sep 2021 09:05:40 +0000 (12:05 +0300)]
 
ath11k: Assign free_vdev_map value before ieee80211_register_hw
Firmware crash is seen randomly, because of sending wrong vdev_id
in vdev_create command. This is due to free_vdev_map value being 0.
free_vdev_map is getting assigned after ieee80211_register_hw. In
some race conditions, add_interface api is getting called before
assigning value to free_vdev_map. Fix this by assigning free_vdev_map
before ieee80211_register_hw.
Also, moved ar->cc_freq_hz and ar->txmgmt_idr initialization before
ieee80211_register_hw to avoid such race conditions.
Tested-on: IPQ8074 hw2.0 AHB WLAN.HK.2.5.0.1-00948-QCAHKSWPL_SILICONZ-1
Tested-on: QCN9074 hw1.0 PCI WLAN.HK.2.4.0.1-01734-QCAHKSWPL_SILICONZ-1
Signed-off-by: Seevalamuthu Mariappan <seevalam@codeaurora.org>
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210721212029.142388-6-jouni@codeaurora.org
Seevalamuthu Mariappan [Tue, 28 Sep 2021 09:05:40 +0000 (12:05 +0300)]
 
ath11k: Add vdev start flag to disable hardware encryption
Firmware blocks all data traffic until the key is plumbed. But, with
software encryption mode, key is never plumbed to firmware. Due to this,
a traffic failure in software encryption mode has been observed. Hence,
firmware has introduced a flag to differentiate software encryption
mode. This flag can be passed during vdev_start command.
Enable WMI_VDEV_START_HW_ENCRYPTION_DISABLED flag in vdev_start command
to notify firmware to disable hardware encryption for a vdev. This is set
if raw mode software encryption is enabled.
Tested-on: IPQ8074 hw2.0 AHB WLAN.HK.2.4.0.1-01421-QCAHKSWPL_SILICONZ-1
Signed-off-by: Seevalamuthu Mariappan <seevalam@codeaurora.org>
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210721212029.142388-5-jouni@codeaurora.org
Sriram R [Tue, 28 Sep 2021 09:05:40 +0000 (12:05 +0300)]
 
ath11k: Avoid race during regd updates
Whenever ath11k is bootup with a user country already set, cfg80211
notifies this country info to ath11k soon after registration, where the
notification is sent to the firmware for fetching the rules of this user
country input.
Multiple race conditions could be seen in this scenario where a new
request is either lost as pointed in [1] or a new regd overwrites the
default regd provided by the firmware during bootup. Note that, the
default regd is used for intersection purpose and hence it should not be
overwritten.
The main reason as pointed by [1] is the usage of ATH11K_FLAG_REGISTERED
flag which is updated after completion of core registration, whereas the
reg notification from cfg80211 and wmi events for the corresponding
request can happen much before that. Since the ATH11K_FLAG_REGISTERED is
currently used to determine if the event containing reg rules belong to
default regd or for user request, there is a possibility of the default
regd getting overwritten.
Since the default reg rules will be received only once per pdev on
firmware load, the above flag based check can be replaced with a check
to see if default_regd is already set, so that we can now always update
the new_regd. Also if the new_regd is set, this will be always used to
update the reg rules for the registered phy.
[1] https://patchwork.kernel.org/project/linux-wireless/patch/
1829665.1PRlr7bOQj@ripper/
Tested-on: IPQ8074 hw2.0 AHB WLAN.HK.2.4.0.1-01460-QCAHKSWPL_SILICONZ-1
Fixes: d5c65159f289 ("ath11k: driver for Qualcomm IEEE 802.11ax devices")
Signed-off-by: Sriram R <srirrama@codeaurora.org>
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210721212029.142388-4-jouni@codeaurora.org
Sriram R [Tue, 28 Sep 2021 09:05:40 +0000 (12:05 +0300)]
 
ath11k: Avoid reg rules update during firmware recovery
During firmware recovery, the default reg rules which are
received via WMI_REG_CHAN_LIST_CC_EVENT can overwrite
the currently configured user regd.
See below snap for example,
root@OpenWrt:/# iw reg get | grep country
country FR: DFS-ETSI
country FR: DFS-ETSI
country FR: DFS-ETSI
country FR: DFS-ETSI
root@OpenWrt:/# echo assert > /sys/kernel/debug/ath11k/ipq8074\ hw2.0/simulate_f
w_crash
<snip>
[ 5290.471696] ath11k 
c000000.wifi1: pdev 1 successfully recovered
root@OpenWrt:/# iw reg get | grep country
country FR: DFS-ETSI
country US: DFS-FCC
country US: DFS-FCC
country US: DFS-FCC
In the above, the user configured country 'FR' is overwritten
when the rules of default country 'US' are received and updated during
recovery. Hence avoid processing of these rules in general
during firmware recovery as they have been already applied during
driver registration or after last set user country is configured.
This scenario applies for both AP and STA devices basically because
cfg80211 is not aware of the recovery and only the driver recovers, but
changing or resetting of the reg domain during recovery is not needed so
as to continue with the configured regdomain currently in use.
Tested-on: IPQ8074 hw2.0 AHB WLAN.HK.2.4.0.1-01460-QCAHKSWPL_SILICONZ-1
Signed-off-by: Sriram R <srirrama@codeaurora.org>
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210721212029.142388-3-jouni@codeaurora.org
Sriram R [Tue, 28 Sep 2021 09:05:40 +0000 (12:05 +0300)]
 
ath11k: Update pdev tx and rx firmware stats
Update the fields of pdev tx and tx firmware stats structure.
Missing fields resulted in wrong fw stats to be displayed as below.
root@OpenWrt:/# cat /sys/kernel/debug/ath11k/
		ipq8074\ hw2.0/mac0/fw_stats/pdev_stats | grep Illegal
Illegal rate phy errors   
36839112
Note that this struct was missing its members from initial driver
support and this change doesn't introduce/modify the structure for
firmware changes.
Tested-on: IPQ8074 hw2.0 AHB WLAN.HK.2.4.0.1-01734-QCAHKSWPL_SILICONZ-1 v2
Signed-off-by: Sriram R <srirrama@codeaurora.org>
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210721212029.142388-2-jouni@codeaurora.org
Anilkumar Kolli [Tue, 28 Sep 2021 09:05:40 +0000 (12:05 +0300)]
 
ath11k: Fix pktlog lite rx events
Fix sending rx_buf_sz to ath11k_dp_tx_htt_rx_filter_setup()
to enable pktlog full or lite mode. Depending on mode update the
trace buffer with log type full/lite.
Pktlog lite is a lighter version of pktlog. This can be used to capture
PPDU stats. These are useful for firmware performance debugging.
pktlog lite dumps are enabled using,
  echo "0x0 1" > ath11k/IPQ8074 hw2.0/mac0/pktlog_filter
Tested On: IPQ8074 hw2.0 AHB WLAN.HK.2.1.0.1-01233-QCAHKSWPL_SILICONZ-1 v2
Signed-off-by: Anilkumar Kolli <akolli@codeaurora.org>
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210721212029.142388-1-jouni@codeaurora.org
Sriram R [Tue, 28 Sep 2021 09:05:40 +0000 (12:05 +0300)]
 
ath11k: Add support for RX decapsulation offload
Add support for rx decapsulation offload by advertising
the support to mac80211 during registration. Also ensure
the frames have the RX_FLAG_8023 flag set in decap offload
frames before passing to mac80211.
Since the packets delivered to the driver are in 802.3 format, these
can be sent to the network core with minimal processing in mac80211.
This helps in releasing some CPU cycles in the host processor and
thereby improving the performance.
Two exceptions are made before passing decap frames, one is
for EAPOL packets since mac80211 8023 fast rx for the sta
is set only after authorization, other case is for multicast
packets to validate PN in mac80211. In both the cases the
decap frames are converted to 80211 frame and sent to mac80211.
Ethernet decap can be enabled by using frame_mode modparam:
insmod ath11k frame_mode=2
Tested-on: IPQ8074 hw2.0 AHB WLAN.HK.2.5.0.1-00844-QCAHKSWPL_SILICONZ-1 v2
Co-developed-by: Manikanta Pubbisetty <mpubbise@codeaurora.org>
Signed-off-by: Manikanta Pubbisetty <mpubbise@codeaurora.org>
Signed-off-by: Sriram R <srirrama@codeaurora.org>
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210721204217.120572-1-jouni@codeaurora.org
Dan Carpenter [Tue, 28 Sep 2021 09:05:43 +0000 (12:05 +0300)]
 
ath11k: fix some sleeping in atomic bugs
The ath11k_dbring_bufs_replenish() and ath11k_dbring_fill_bufs()
take a "gfp" parameter but they since they take spinlocks, the
allocations they do have to be atomic.  This causes a bug because
ath11k_dbring_buf_setup passes GFP_KERNEL for the gfp flags.
The fix is to use GFP_ATOMIC and remove the unused parameters.
Fixes: bd6478559e27 ("ath11k: Add direct buffer ring support")
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210812070434.GE31863@kili
Aaron Ma [Tue, 28 Sep 2021 09:05:43 +0000 (12:05 +0300)]
 
ath11k: qmi: avoid error messages when dma allocation fails
qmi tries to allocate a large contiguous dma memory at first,
on the AMD Ryzen platform it fails, then retries with small slices.
So set flag GFP_NOWARN to avoid flooding dmesg.
Signed-off-by: Aaron Ma <aaron.ma@canonical.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210823063258.37747-1-aaron.ma@canonical.com
Gustavo A. R. Silva [Tue, 28 Sep 2021 09:05:44 +0000 (12:05 +0300)]
 
ath11k: Replace one-element array with flexible-array member
There is a regular need in the kernel to provide a way to declare having a
dynamically sized set of trailing elements in a structure. Kernel code
should always use "flexible array members"[1] for these cases. The older
style of one-element or zero-length arrays should no longer be used[2].
Refactor the code a bit according to the use of a flexible-array member in
struct scan_chan_list_params instead of a one-element array, and use the
struct_size() helper.
Also, save 25 (too many) bytes that were being allocated:
$ pahole -C channel_param drivers/net/wireless/ath/ath11k/reg.o
struct channel_param {
	u8                         chan_id;              /*     0     1 */
	u8                         pwr;                  /*     1     1 */
	u32                        mhz;                  /*     2     4 */
	/* Bitfield combined with next fields */
	u32                        half_rate:1;          /*     4:16  4 */
	u32                        quarter_rate:1;       /*     4:17  4 */
	u32                        dfs_set:1;            /*     4:18  4 */
	u32                        dfs_set_cfreq2:1;     /*     4:19  4 */
	u32                        is_chan_passive:1;    /*     4:20  4 */
	u32                        allow_ht:1;           /*     4:21  4 */
	u32                        allow_vht:1;          /*     4:22  4 */
	u32                        allow_he:1;           /*     4:23  4 */
	u32                        set_agile:1;          /*     4:24  4 */
	u32                        psc_channel:1;        /*     4:25  4 */
	/* XXX 6 bits hole, try to pack */
	u32                        phy_mode;             /*     8     4 */
	u32                        cfreq1;               /*    12     4 */
	u32                        cfreq2;               /*    16     4 */
	char                       maxpower;             /*    20     1 */
	char                       minpower;             /*    21     1 */
	char                       maxregpower;          /*    22     1 */
	u8                         antennamax;           /*    23     1 */
	u8                         reg_class_id;         /*    24     1 */
	/* size: 25, cachelines: 1, members: 21 */
	/* sum members: 23 */
	/* sum bitfield members: 10 bits, bit holes: 1, sum bit holes: 6 bits */
	/* last cacheline: 25 bytes */
} __attribute__((__packed__));
as previously, sizeof(struct scan_chan_list_params) was 32 bytes:
$ pahole -C scan_chan_list_params drivers/net/wireless/ath/ath11k/reg.o
struct scan_chan_list_params {
	u32                        pdev_id;              /*     0     4 */
	u16                        nallchans;            /*     4     2 */
	struct channel_param       ch_param[1];          /*     6    25 */
	/* size: 32, cachelines: 1, members: 3 */
	/* padding: 1 */
	/* last cacheline: 32 bytes */
};
and now with the flexible array transformation it is just 8 bytes:
$ pahole -C scan_chan_list_params drivers/net/wireless/ath/ath11k/reg.o
struct scan_chan_list_params {
	u32                        pdev_id;              /*     0     4 */
	u16                        nallchans;            /*     4     2 */
	struct channel_param       ch_param[];           /*     6     0 */
	/* size: 8, cachelines: 1, members: 3 */
	/* padding: 2 */
	/* last cacheline: 8 bytes */
};
This helps with the ongoing efforts to globally enable -Warray-bounds and
get us closer to being able to tighten the FORTIFY_SOURCE routines on
memcpy().
This issue was found with the help of Coccinelle and audited and fixed,
manually.
[1] https://en.wikipedia.org/wiki/Flexible_array_member
[2] https://www.kernel.org/doc/html/v5.10/process/deprecated.html#zero-length-and-one-element-arrays
Link: https://github.com/KSPP/linux/issues/79
Link: https://github.com/KSPP/linux/issues/109
Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210823172159.GA25800@embeddedor
Anilkumar Kolli [Tue, 28 Sep 2021 09:05:39 +0000 (12:05 +0300)]
 
ath11k: add caldata download support from EEPROM
Firmware updates EEPROM support capability in QMI FW caps, send QMI BDF
download request message with file type EEPROM, to get caldata download
from EEPROM. Firmware takes more time to update cal data from EEPROM, so
increase QMI timeout.
Tested-on: QCN9074 hw1.0 PCI WLAN.HK.2.4.0.1-01838-QCAHKSWPL_SILICONZ-1
Signed-off-by: Anilkumar Kolli <akolli@codeaurora.org>
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210721201927.100369-5-jouni@codeaurora.org
Anilkumar Kolli [Tue, 28 Sep 2021 09:05:39 +0000 (12:05 +0300)]
 
ath11k: add caldata file for multiple radios
If multiple PCI cards are attached, each needs its own caldata file.
Added new Caldata file name,
PCI Bus:
        cal-pci-0001:01:00.0.bin
        cal-pci-0000:01:00.0.bin
AHB Bus:
	cal-ahb-
c000000.wifi1.bin
Tested-on: IPQ8074 hw2.0 AHB WLAN.HK.2.4.0.1-00009-QCAHKSWPL_SILICONZ-1
Tested-on: QCN9074 hw1.0 PCI WLAN.HK.2.4.0.1-01838-QCAHKSWPL_SILICONZ-1
Signed-off-by: Anilkumar Kolli <akolli@codeaurora.org>
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210721201927.100369-4-jouni@codeaurora.org
Anilkumar Kolli [Tue, 28 Sep 2021 09:05:39 +0000 (12:05 +0300)]
 
ath11k: clean up BDF download functions
In current code, AHB/PCI uses two separate functions to download
BDF file. Refactor code and make a common function to send QMI BDF
download request for both AHB and PCI devices. This patch has no
functional change.
Tested-on: IPQ8074 hw2.0 AHB WLAN.HK.2.4.0.1-00009-QCAHKSWPL_SILICONZ-1
Tested-on: QCN9074 hw1.0 PCI WLAN.HK.2.4.0.1-01838-QCAHKSWPL_SILICONZ-1
Signed-off-by: Anilkumar Kolli <akolli@codeaurora.org>
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210721201927.100369-3-jouni@codeaurora.org
Anilkumar Kolli [Tue, 28 Sep 2021 09:05:39 +0000 (12:05 +0300)]
 
ath11k: use hw_params to access board_size and cal_offset
Reuse board_size from hw_params, add cal_offset to hw params.
This patch is clean up only, there is no change in functionality.
cal_size was unused, so remove that.
Tested-on: IPQ8074 hw2.0 AHB WLAN.HK.2.4.0.1-00009-QCAHKSWPL_SILICONZ-1
Tested-on: QCN9074 hw1.0 PCI WLAN.HK.2.4.0.1-01838-QCAHKSWPL_SILICONZ-1
Signed-off-by: Anilkumar Kolli <akolli@codeaurora.org>
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210721201927.100369-2-jouni@codeaurora.org
Arnd Bergmann [Fri, 24 Sep 2021 13:52:52 +0000 (16:52 +0300)]
 
ath11k: Wstringop-overread warning
gcc-11 with the kernel address sanitizer prints a warning for this
driver:
In function 'ath11k_peer_assoc_h_vht',
    inlined from 'ath11k_peer_assoc_prepare' at drivers/net/wireless/ath/ath11k/mac.c:1632:2:
drivers/net/wireless/ath/ath11k/mac.c:1164:13: error: 'ath11k_peer_assoc_h_vht_masked' reading 16 bytes from a region of size 4 [-Werror=stringop-overread]
 1164 |         if (ath11k_peer_assoc_h_vht_masked(vht_mcs_mask))
      |             ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/net/wireless/ath/ath11k/mac.c: In function 'ath11k_peer_assoc_prepare':
drivers/net/wireless/ath/ath11k/mac.c:1164:13: note: referencing argument 1 of type 'const u16 *' {aka 'const short unsigned int *'}
drivers/net/wireless/ath/ath11k/mac.c:969:1: note: in a call to function 'ath11k_peer_assoc_h_vht_masked'
  969 | ath11k_peer_assoc_h_vht_masked(const u16 vht_mcs_mask[NL80211_VHT_NSS_MAX])
      | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
According to analysis from gcc developers, this is a glitch in the
way gcc tracks the size of struct members. This should really get
fixed in gcc, but it's also easy to work around this instance
by changing the function prototype to no include the length of
the array.
Link: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=99673
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210322160253.4032422-5-arnd@kernel.org
Karthikeyan Periyasamy [Fri, 24 Sep 2021 13:52:46 +0000 (16:52 +0300)]
 
ath11k: Add spectral scan support for QCN9074
Populate the below hw parameters as per the QCN9074 support
	1. FFT bin size as two bytes
	2. Maximum FFT bin count as 1024
	3. Summary report pad size as 16
	4. FFT report header length as 24
Tested-on: QCN9074 hw1.0 PCI WLAN.HK.2.4.0.1-01492-QCAHKSWPL_SILICONZ-1
Signed-off-by: Karthikeyan Periyasamy <periyasa@codeaurora.org>
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210721180809.90960-5-jouni@codeaurora.org
Karthikeyan Periyasamy [Fri, 24 Sep 2021 13:52:46 +0000 (16:52 +0300)]
 
ath11k: Fix the spectral minimum FFT bin count
User was not able to configure the spectral with the FFT bin count 32.
In all supported platforms, the expected minimum FFT bin count is 32 but
it was wrongly defined as 64. This restrict the user to not configure
down to the actually supported minimum FFT bin count. So update the
minimum FFT bin count as 32.
Tested-on: IPQ8074 hw2.0 AHB WLAN.HK.2.4.0.1-01492-QCAHKSWPL_SILICONZ-1
Tested-on: IPQ6018 hw1.0 AHB WLAN.HK.2.4.0.1-00330-QCAHKSWPL_SILICONZ-1
Signed-off-by: Karthikeyan Periyasamy <periyasa@codeaurora.org>
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210721180809.90960-4-jouni@codeaurora.org
Karthikeyan Periyasamy [Fri, 24 Sep 2021 13:52:46 +0000 (16:52 +0300)]
 
ath11k: Introduce spectral hw configurable param
Below parameters have been identified as configurable across the platforms.
So to scale the spectral across the platforms, move these parameter
into hw param.
	1. Maximum FFT bins
	2. Summary report pad size
	3. FFT report header length
Tested-on: IPQ8074 hw2.0 AHB WLAN.HK.2.4.0.1-01492-QCAHKSWPL_SILICONZ-1
Tested-on: IPQ6018 hw1.0 AHB WLAN.HK.2.4.0.1-00330-QCAHKSWPL_SILICONZ-1
Signed-off-by: Karthikeyan Periyasamy <periyasa@codeaurora.org>
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210721180809.90960-3-jouni@codeaurora.org
Karthikeyan Periyasamy [Fri, 24 Sep 2021 13:52:46 +0000 (16:52 +0300)]
 
ath11k: Refactor spectral FFT bin size
In IPQ8074, actual FFT bin size is two bytes but hardware reports it
with extra pad size of two bytes for each FFT bin. So finally each FFT
bin advertise as four bytes size in the collected data. This FFT pad is
not advertised in IPQ6018 platform. To accommodate this different
behavior across the platforms, introduce the hw param fft_pad_sz and use
it in spectral process. Also group all the spectral params under the new
structure in hw param structure for scalable in future.
Tested-on: IPQ8074 hw2.0 AHB WLAN.HK.2.4.0.1-01492-QCAHKSWPL_SILICONZ-1
Tested-on: IPQ6018 hw1.0 AHB WLAN.HK.2.4.0.1-00330-QCAHKSWPL_SILICONZ-1
Signed-off-by: Karthikeyan Periyasamy <periyasa@codeaurora.org>
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210721180809.90960-2-jouni@codeaurora.org
P Praneesh [Fri, 24 Sep 2021 13:52:46 +0000 (16:52 +0300)]
 
ath11k: add support for 80P80 and 160 MHz bandwidth
For 160 MHz, nss_ratio_enabled flag is added to indicate firmware
supports sending NSS ratio information from firmware as a part of
service ready ext event. Extract this NSS ratio info from service
ready ext event and save this information in ath11k_pdev_cap to
calculate NSS ratio.
Current firmware configurations support two types of NSS ratio
which is WMI_NSS_RATIO_1_NSS for QCN9074 and WMI_NSS_RATIO_1BY2_NSS
for IPQ8074. Based on this two configuration, max supported
NSS getting calculated.
Move ath11k_peer_assoc_h_phymode() before ath11k_peer_assoc_h_vht()
to get arg->peer_phymode updated.
Tested-on: QCN9074 hw1.0 PCI WLAN.HK.2.4.0.1-00097-QCAHKSWPL_SILICONZ-1
Tested-on: IPQ8074 hw2.0 AHB WLAN.HK.2.4.0.1-01467-QCAHKSWPL_SILICONZ-1
Co-developed-by: Ganesh Sesetti <gseset@codeaurora.org>
Signed-off-by: Ganesh Sesetti <gseset@codeaurora.org>
Co-developed-by: Sathishkumar Muruganandam <murugana@codeaurora.org>
Signed-off-by: Sathishkumar Muruganandam <murugana@codeaurora.org>
Signed-off-by: P Praneesh <ppranees@codeaurora.org>
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210721173615.75637-2-jouni@codeaurora.org
Miles Hu [Fri, 24 Sep 2021 13:52:45 +0000 (16:52 +0300)]
 
ath11k: add support for setting fixed HE rate/gi/ltf
Support setting fixed HE rate/gi/ltf values that we are now able to send
to the kernel using nl80211. The added code is reusing parts of the
existing code path already used for HT/VHT. The new helpers are
symmetric to how we do it for HT/VHT.
Tested-on: IPQ8074 hw2.0 AHB WLAN.HK.2.5.0.1-00235-QCAHKSWPL_SILICONZ-1
Signed-off-by: Miles Hu <milehu@codeaurora.org>
Co-developed-by: Aloka Dixit <alokad@codeaurora.org>
Signed-off-by: Aloka Dixit <alokad@codeaurora.org>
Co-developed-by: Lavanya Suresh <lavaks@codeaurora.org>
Signed-off-by: Lavanya Suresh <lavaks@codeaurora.org>
Co-developed-by: Pradeep Chitrapu <pradeepc@codeaurora.org>
Signed-off-by: Pradeep Chitrapu <pradeepc@codeaurora.org>
Signed-off-by: Venkateswara Naralasetty <vnaralas@codeaurora.org>
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210721173615.75637-1-jouni@codeaurora.org
Cai Huoqing [Sat, 25 Sep 2021 12:46:20 +0000 (20:46 +0800)]
 
ipw2200: Fix a function name in print messages
Use dma_alloc_coherent() instead of pci_alloc_consistent(),
because only dma_alloc_coherent() is called here.
Signed-off-by: Cai Huoqing <caihuoqing@baidu.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210925124621.197-1-caihuoqing@baidu.com
Seevalamuthu Mariappan [Tue, 21 Sep 2021 13:39:30 +0000 (16:39 +0300)]
 
ath11k: monitor mode clean up to use separate APIs
If monitor interface is enabled in co-exist mode, only local traffic are
captured. It's caused by missing monitor vdev in co-exist mode. So,
monitor mode clean up is done with separate Monitor APIs. For this,
introduce flags monitor_started and monitor_vdev_created.
Tested-on: IPQ8074 hw2.0 AHB WLAN.HK.2.4.0.1-01725-QCAHKSWPL_SILICONZ-1
Co-developed-by: Miles Hu <milehu@codeaurora.org>
Signed-off-by: Miles Hu <milehu@codeaurora.org>
Co-developed-by: Vasanthakumar Thiagarajan <vthiagar@codeaurora.org>
Signed-off-by: Vasanthakumar Thiagarajan <vthiagar@codeaurora.org>
Signed-off-by: Seevalamuthu Mariappan <seevalam@codeaurora.org>
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210721162053.46290-4-jouni@codeaurora.org
Seevalamuthu Mariappan [Tue, 21 Sep 2021 13:39:29 +0000 (16:39 +0300)]
 
ath11k: add separate APIs for monitor mode
Add separate APIs for monitor_vdev_create/monitor_vdev_delete
and monitor_vdev_start/monitor_vdev_stop.
Tested-on: IPQ8074 hw2.0 AHB WLAN.HK.2.4.0.1-01725-QCAHKSWPL_SILICONZ-1
Co-developed-by: Miles Hu <milehu@codeaurora.org>
Signed-off-by: Miles Hu <milehu@codeaurora.org>
Co-developed-by: Vasanthakumar Thiagarajan <vthiagar@codeaurora.org>
Signed-off-by: Vasanthakumar Thiagarajan <vthiagar@codeaurora.org>
Signed-off-by: Seevalamuthu Mariappan <seevalam@codeaurora.org>
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210721162053.46290-3-jouni@codeaurora.org
Seevalamuthu Mariappan [Tue, 21 Sep 2021 13:39:29 +0000 (16:39 +0300)]
 
ath11k: move static function ath11k_mac_vdev_setup_sync to top
This is to prepare for monitor mode clean up.
No functional changes are done.
Co-developed-by: Miles Hu <milehu@codeaurora.org>
Signed-off-by: Miles Hu <milehu@codeaurora.org>
Co-developed-by: Vasanthakumar Thiagarajan <vthiagar@codeaurora.org>
Signed-off-by: Vasanthakumar Thiagarajan <vthiagar@codeaurora.org>
Signed-off-by: Seevalamuthu Mariappan <seevalam@codeaurora.org>
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210721162053.46290-2-jouni@codeaurora.org
Guo-Feng Fan [Wed, 22 Sep 2021 02:36:37 +0000 (10:36 +0800)]
 
rtw88: 8821c: correct 2.4G tx power for type 2/4 NIC
NIC card saves calibrated TX power index in the efuse(ROM).
Driver loads TX power idex when interface is up.
The problem is type2/4 NICs loads 2.4G TX power index
from wrong position. This patch corrects the offsets.
So, driver loads real 2.4G TX power index for type 2/4 NICs.
2.4G performance increased when using correct TX power index.
Signed-off-by: Guo-Feng Fan <vincent_fann@realtek.com>
Signed-off-by: Ping-Ke Shih <pkshih@realtek.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210922023637.9357-2-pkshih@realtek.com
Guo-Feng Fan [Wed, 22 Sep 2021 02:36:36 +0000 (10:36 +0800)]
 
rtw88: 8821c: support RFE type4 wifi NIC
RFE type4 is a new NIC which has one RF antenna shares with BT.
RFE type4 HW is the same as RFE type2 but attaching antenna to
aux antenna connector.
RFE type2 attach antenna to main antenna connector.
Load the same parameter as RFE type2 when initializing NIC.
Signed-off-by: Guo-Feng Fan <vincent_fann@realtek.com>
Signed-off-by: Ping-Ke Shih <pkshih@realtek.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210922023637.9357-1-pkshih@realtek.com
Len Baker [Sat, 4 Sep 2021 09:22:17 +0000 (11:22 +0200)]
 
brcmfmac: Replace zero-length array with flexible array member
There is a regular need in the kernel to provide a way to declare
having a dynamically sized set of trailing elements in a structure.
Kernel code should always use "flexible array members"[1] for these
cases. The older style of one-element or zero-length arrays should
no longer be used[2].
Also, make use of the struct_size() helper in devm_kzalloc().
[1] https://en.wikipedia.org/wiki/Flexible_array_member
[2] https://www.kernel.org/doc/html/v5.14/process/deprecated.html#zero-length-and-one-element-arrays
Signed-off-by: Len Baker <len.baker@gmx.com>
Reviewed-by: Gustavo A. R. Silva <gustavoars@kernel.org>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210904092217.2848-1-len.baker@gmx.com
Krzysztof Kozlowski [Fri, 17 Sep 2021 09:21:08 +0000 (11:21 +0200)]
 
rt2x00: remove duplicate USB device ID
The device 0x043e,0x7a32 is already on the list under
CONFIG_RT2800USB_RT55XX.  Since it is the sole Arcadyan entry in RT55xx,
assume the proper chip is RT55xx, not RT53xx, although this was not
confirmed by testing or 3rd party sources.
Signed-off-by: Krzysztof Kozlowski <krzysztof.kozlowski@canonical.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210917092108.19497-3-krzysztof.kozlowski@canonical.com
Krzysztof Kozlowski [Fri, 17 Sep 2021 09:21:07 +0000 (11:21 +0200)]
 
ar5512: remove duplicate USB device ID
The device 0x157e,0x3006 is already on the list.
Signed-off-by: Krzysztof Kozlowski <krzysztof.kozlowski@canonical.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210917092108.19497-2-krzysztof.kozlowski@canonical.com
Krzysztof Kozlowski [Fri, 17 Sep 2021 09:21:06 +0000 (11:21 +0200)]
 
zd1211rw: remove duplicate USB device ID
The device 0x07b8,0x6001 is already on the list as zd1211 chip. Wiki
https://wireless.wiki.kernel.org/en/users/Drivers/zd1211rw/devices
confirms it is also zd1211, not the zd1211b.
Signed-off-by: Krzysztof Kozlowski <krzysztof.kozlowski@canonical.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210917092108.19497-1-krzysztof.kozlowski@canonical.com
Ajay Singh [Thu, 16 Sep 2021 16:49:23 +0000 (16:49 +0000)]
 
wilc1000: increase config packets response wait timeout limit
Increase the WID config packet response timeout to have extra wait time for
host to receive the response message from firmware. Sometimes the WID
config response was timed out because of host interrupt latency.
Signed-off-by: Ajay Singh <ajay.kathat@microchip.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210916164902.74629-12-ajay.kathat@microchip.com
Ajay Singh [Thu, 16 Sep 2021 16:49:22 +0000 (16:49 +0000)]
 
wilc1000: use correct write command sequence in wilc_spi_sync_ext()
Instead of using double read for the same register, use the write register
command after the read command.
The correct sequence is to use the read value in write command instead of
reading the same register again.
Signed-off-by: Ajay Singh <ajay.kathat@microchip.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210916164902.74629-11-ajay.kathat@microchip.com
Ajay Singh [Thu, 16 Sep 2021 16:49:21 +0000 (16:49 +0000)]
 
wilc1000: add 'initialized' flag check before adding an element to TX queue
Add 'initialized' variable check before adding net/mgmt packet to TX queue
as safety check before passing the commands to the firmware.
Signed-off-by: Ajay Singh <ajay.kathat@microchip.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210916164902.74629-10-ajay.kathat@microchip.com
Ajay Singh [Thu, 16 Sep 2021 16:49:21 +0000 (16:49 +0000)]
 
wilc1000: invoke chip reset register before firmware download
Add the chip reset command to initialize the WILC chip before downloading
the firmware. Also, put the chip in wake-up mode so it is ready to receive
the firmware binary from the host.
Signed-off-by: Ajay Singh <ajay.kathat@microchip.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210916164902.74629-9-ajay.kathat@microchip.com
Ajay Singh [Thu, 16 Sep 2021 16:49:20 +0000 (16:49 +0000)]
 
wilc1000: ignore clockless registers status response for SPI
During WILC chip wake-up sequence, the clockless status register sometimes
reports failure even when the actual status is successful. So, for the
clockless register, remove the incorrect error status reporting during the
read and write command API's.
Signed-off-by: Ajay Singh <ajay.kathat@microchip.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210916164902.74629-8-ajay.kathat@microchip.com
Ajay Singh [Thu, 16 Sep 2021 16:49:20 +0000 (16:49 +0000)]
 
wilc1000: handle read failure issue for clockless registers
For SPI bus, the register read fails after read/write to the clockless
register during chip wakeup sequence. Add workaround to send CMD_RESET
command during chip wake-up sequence to overcome the issue.
Signed-off-by: Ajay Singh <ajay.kathat@microchip.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210916164902.74629-7-ajay.kathat@microchip.com
Ajay Singh [Thu, 16 Sep 2021 16:49:19 +0000 (16:49 +0000)]
 
wilc1000: add reset/terminate/repeat command support for SPI bus
Add reset/terminate/repeat command for SPI module. In case of SPI commands
failure, the host should issue a RESET command to WILC chip to recover
from any temporary bus error.
For now, the new command support is added and later the SPI read/write
API's would be modified to make use of these commands for retry mechanism
Signed-off-by: Ajay Singh <ajay.kathat@microchip.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210916164902.74629-6-ajay.kathat@microchip.com
Ajay Singh [Thu, 16 Sep 2021 16:49:19 +0000 (16:49 +0000)]
 
wilc1000: configure registers to handle chip wakeup sequence
Use the correct sequence to configure clockless registers for chip wake-up.
The following sequence is expected from WILC chip for wakeup:
 - set wakeup bit in wakeup_reg register
 - after setting the wakeup bit, read back the clock status bit for wakeup
   complete.
For SDIO/SPI modules, the wakeup sequence is the same except uses different
register values so refactored the code to use common function for both
SDIO/SPI bus.
Signed-off-by: Ajay Singh <ajay.kathat@microchip.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210916164902.74629-5-ajay.kathat@microchip.com
Ajay Singh [Thu, 16 Sep 2021 16:49:18 +0000 (16:49 +0000)]
 
wilc1000: add new WID to pass wake_enable information to firmware
Add new WID(WID_WOWLAN_TRIGGER) to send wake_enable information to firmware.
In 'set_wakeup' cfg80211_ops callback, the enable information was not
passed to firmware which is required to handle WOWLan trigger notification
from firmware.
Signed-off-by: Ajay Singh <ajay.kathat@microchip.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210916164902.74629-4-ajay.kathat@microchip.com
Ajay Singh [Thu, 16 Sep 2021 16:49:18 +0000 (16:49 +0000)]
 
wilc1000: fix possible memory leak in cfg_scan_result()
When the BSS reference holds a valid reference, it is not freed. The 'if'
condition is wrong. Instead of the 'if (bss)' check, the 'if (!bss)' check
is used.
The issue is solved by removing the unnecessary 'if' check because
cfg80211_put_bss() already performs the NULL validation.
Fixes: 6cd4fa5ab691 ("staging: wilc1000: make use of cfg80211_inform_bss_frame()")
Signed-off-by: Ajay Singh <ajay.kathat@microchip.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210916164902.74629-3-ajay.kathat@microchip.com
Ajay Singh [Thu, 16 Sep 2021 16:49:17 +0000 (16:49 +0000)]
 
wilc1000: move 'deinit_lock' lock init/destroy inside module probe
Move initialization & deinitialization of 'deinit_lock' mutex lock inside
wlan_init_locks() & wlan_deinit_locks() API's respectively alongside other
locks. After the movement, the client count variable(client_count) which is
used for lock init/deinit is removed.
Signed-off-by: Ajay Singh <ajay.kathat@microchip.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210916164902.74629-2-ajay.kathat@microchip.com
Marek Vasut [Thu, 16 Sep 2021 14:42:45 +0000 (16:42 +0200)]
 
rsi: Fix module dev_oper_mode parameter description
The module parameters are missing dev_oper_mode 12, BT classic alone,
add it. Moreover, the parameters encode newlines, which ends up being
printed malformed e.g. by modinfo, so fix that too.
However, the module parameter string is duplicated in both USB and SDIO
modules and the dev_oper_mode mode enumeration in those module parameters
is a duplicate of macros used by the driver. Furthermore, the enumeration
is confusing.
So, deduplicate the module parameter string and use __stringify() to
encode the correct mode enumeration values into the module parameter
string. Finally, replace 'Wi-Fi' with 'Wi-Fi alone' and 'BT' with
'BT classic alone' to clarify what those modes really mean.
Fixes: 898b255339310 ("rsi: add module parameter operating mode")
Signed-off-by: Marek Vasut <marex@denx.de>
Cc: Amitkumar Karwar <amit.karwar@redpinesignals.com>
Cc: Angus Ainslie <angus@akkea.ca>
Cc: David S. Miller <davem@davemloft.net>
Cc: Jakub Kicinski <kuba@kernel.org>
Cc: Kalle Valo <kvalo@codeaurora.org>
Cc: Karun Eagalapati <karun256@gmail.com>
Cc: Martin Fuzzey <martin.fuzzey@flowbird.group>
Cc: Martin Kepplinger <martink@posteo.de>
Cc: Prameela Rani Garnepudi <prameela.j04cs@gmail.com>
Cc: Sebastian Krzyszkowiak <sebastian.krzyszkowiak@puri.sm>
Cc: Siva Rebbagondla <siva8118@gmail.com>
Cc: netdev@vger.kernel.org
Cc: <stable@vger.kernel.org> # 4.17+
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210916144245.10181-1-marex@denx.de
Jonas Dreßler [Tue, 14 Sep 2021 19:59:09 +0000 (21:59 +0200)]
 
mwifiex: Fix copy-paste mistake when creating virtual interface
The BSS priority here for a new P2P_CLIENT device was accidentally set
to an enum that's certainly not meant for this. Since
MWIFIEX_BSS_ROLE_STA is 0 anyway, we can just set the bss_priority to 0
instead here.
Signed-off-by: Jonas Dreßler <verdre@v0yd.nl>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210914195909.36035-10-verdre@v0yd.nl
Jonas Dreßler [Tue, 14 Sep 2021 19:59:08 +0000 (21:59 +0200)]
 
mwifiex: Properly initialize private structure on interface type changes
When creating a new virtual interface in mwifiex_add_virtual_intf(), we
update our internal driver states like bss_type, bss_priority, bss_role
and bss_mode to reflect the mode the firmware will be set to.
When switching virtual interface mode using
mwifiex_init_new_priv_params() though, we currently only update bss_mode
and bss_role. In order for the interface mode switch to actually work,
we also need to update bss_type to its proper value, so do that.
This fixes a crash of the firmware (because the driver tries to execute
commands that are invalid in AP mode) when switching from station mode
to AP mode.
Signed-off-by: Jonas Dreßler <verdre@v0yd.nl>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210914195909.36035-9-verdre@v0yd.nl
Jonas Dreßler [Tue, 14 Sep 2021 19:59:07 +0000 (21:59 +0200)]
 
mwifiex: Handle interface type changes from AP to STATION
Looks like this case was simply overseen, so handle it, too.
Signed-off-by: Jonas Dreßler <verdre@v0yd.nl>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210914195909.36035-8-verdre@v0yd.nl
Jonas Dreßler [Tue, 14 Sep 2021 19:59:06 +0000 (21:59 +0200)]
 
mwifiex: Allow switching interface type from P2P_CLIENT to P2P_GO
It's possible to change virtual interface type between P2P_CLIENT and
P2P_GO, the card supports that just fine, and it happens for example
when using miracast with the miraclecast software.
So allow type changes between P2P_CLIENT and P2P_GO and simply call into
mwifiex_change_vif_to_p2p(), which handles this just fine. We have to
call mwifiex_cfg80211_deinit_p2p() before though to make sure the old
p2p mode is properly uninitialized.
Signed-off-by: Jonas Dreßler <verdre@v0yd.nl>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210914195909.36035-7-verdre@v0yd.nl
Jonas Dreßler [Tue, 14 Sep 2021 19:59:05 +0000 (21:59 +0200)]
 
mwifiex: Update virtual interface counters right after setting bss_type
In mwifiex_init_new_priv_params() we update our private driver state to
reflect the currently selected virtual interface type. Most notably we
set the bss_mode to the mode we're going to put the firmware in.
Now after we updated the driver state we actually start talking to the
firmware and instruct it to set up the new mode. Those commands can and
will sometimes fail, in which case we return with an error from
mwifiex_change_vif_to_*. We currently update our virtual interface type
counters after this return, which means the code is never reached when a
firmware error happens and we never update the counters. Since we have
updated our bss_mode earlier though, the counters now no longer reflect
the actual state of the driver.
This will break things on the next virtual interface change, because the
virtual interface type we're switching away from didn't get its counter
incremented, and we end up decrementing a 0-counter.
To fix this, simply update the virtual interface type counters right
after updating our driver structures, so that they are always in sync.
Signed-off-by: Jonas Dreßler <verdre@v0yd.nl>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210914195909.36035-6-verdre@v0yd.nl
Jonas Dreßler [Tue, 14 Sep 2021 19:59:04 +0000 (21:59 +0200)]
 
mwifiex: Use helper function for counting interface types
Use a small helper function to increment and decrement the counter of
the interface types we currently manage. This makes the code that
actually changes and sets up the interface type a bit less messy and
also helps avoiding mistakes in case someone increments/decrements a
counter wrongly.
Signed-off-by: Jonas Dreßler <verdre@v0yd.nl>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210914195909.36035-5-verdre@v0yd.nl
Jonas Dreßler [Tue, 14 Sep 2021 19:59:03 +0000 (21:59 +0200)]
 
mwifiex: Run SET_BSS_MODE when changing from P2P to STATION vif-type
We currently handle changing from the P2P to the STATION virtual
interface type slightly different than changing from P2P to ADHOC: When
changing to STATION, we don't send the SET_BSS_MODE command. We do send
that command on all other type-changes though, and it probably makes
sense to send the command since after all we just changed our BSS_MODE.
Looking at prior changes to this part of the code, it seems that this is
simply a leftover from old refactorings.
Since sending the SET_BSS_MODE command is the only difference between
mwifiex_change_vif_to_sta_adhoc() and the current code, we can now use
mwifiex_change_vif_to_sta_adhoc() for both switching to ADHOC and
STATION interface type.
This does not fix any particular bug and just "looked right", so there's
a small chance it might be a regression.
Signed-off-by: Jonas Dreßler <verdre@v0yd.nl>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210914195909.36035-4-verdre@v0yd.nl
Jonas Dreßler [Tue, 14 Sep 2021 19:59:02 +0000 (21:59 +0200)]
 
mwifiex: Use function to check whether interface type change is allowed
Instead of bailing out in the function which is supposed to do the type
change, detect invalid changes beforehand using a generic function and
return an error if the change is not allowed.
Signed-off-by: Jonas Dreßler <verdre@v0yd.nl>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210914195909.36035-3-verdre@v0yd.nl
Jonas Dreßler [Tue, 14 Sep 2021 19:59:01 +0000 (21:59 +0200)]
 
mwifiex: Small cleanup for handling virtual interface type changes
Handle the obvious invalid virtual interface type changes with a general
check instead of looking at the individual change.
For type changes from P2P_CLIENT to P2P_GO and the other way round, this
changes the behavior slightly: We now still do nothing, but return
-EOPNOTSUPP instead of 0. Now that behavior was incorrect before and
still is, because type changes between these two types are actually
possible and supported, which we'll fix in a following commit.
Signed-off-by: Jonas Dreßler <verdre@v0yd.nl>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210914195909.36035-2-verdre@v0yd.nl