1 // SPDX-License-Identifier: GPL-2.0 OR BSD-3-Clause
2 /*
3 * Copyright (C) 2024-2025 Intel Corporation
4 */
5
6 #include <net/mac80211.h>
7 #include <kunit/static_stub.h>
8
9 #include "mld.h"
10 #include "sta.h"
11 #include "agg.h"
12 #include "rx.h"
13 #include "hcmd.h"
14 #include "iface.h"
15 #include "time_sync.h"
16 #include "fw/dbg.h"
17 #include "fw/api/rx.h"
18
19 /* stores relevant PHY data fields extracted from iwl_rx_mpdu_desc */
20 struct iwl_mld_rx_phy_data {
21 struct iwl_rx_phy_air_sniffer_ntfy *ntfy;
22 bool first_subframe;
23 bool with_data;
24 u32 rate_n_flags;
25 u32 gp2_on_air_rise;
26 /* phy_info is only valid when we have a frame, i.e. with_data=true */
27 u16 phy_info;
28 u8 energy_a, energy_b;
29 };
30
31 static void
iwl_mld_fill_phy_data_from_mpdu(struct iwl_mld * mld,struct iwl_rx_mpdu_desc * desc,struct iwl_mld_rx_phy_data * phy_data)32 iwl_mld_fill_phy_data_from_mpdu(struct iwl_mld *mld,
33 struct iwl_rx_mpdu_desc *desc,
34 struct iwl_mld_rx_phy_data *phy_data)
35 {
36 if (unlikely(mld->monitor.phy.valid)) {
37 mld->monitor.phy.used = true;
38 phy_data->ntfy = &mld->monitor.phy.data;
39 }
40
41 phy_data->phy_info = le16_to_cpu(desc->phy_info);
42 phy_data->rate_n_flags = iwl_v3_rate_from_v2_v3(desc->v3.rate_n_flags,
43 mld->fw_rates_ver_3);
44 phy_data->gp2_on_air_rise = le32_to_cpu(desc->v3.gp2_on_air_rise);
45 phy_data->energy_a = desc->v3.energy_a;
46 phy_data->energy_b = desc->v3.energy_b;
47 phy_data->with_data = true;
48 }
49
iwl_mld_check_pn(struct iwl_mld * mld,struct sk_buff * skb,int queue,struct ieee80211_sta * sta)50 static inline int iwl_mld_check_pn(struct iwl_mld *mld, struct sk_buff *skb,
51 int queue, struct ieee80211_sta *sta)
52 {
53 struct ieee80211_hdr *hdr = (void *)skb_mac_header(skb);
54 struct ieee80211_rx_status *stats = IEEE80211_SKB_RXCB(skb);
55 struct iwl_mld_sta *mld_sta;
56 struct iwl_mld_ptk_pn *ptk_pn;
57 int res;
58 u8 tid, keyidx;
59 u8 pn[IEEE80211_CCMP_PN_LEN];
60 u8 *extiv;
61
62 /* multicast and non-data only arrives on default queue; avoid checking
63 * for default queue - we don't want to replicate all the logic that's
64 * necessary for checking the PN on fragmented frames, leave that
65 * to mac80211
66 */
67 if (queue == 0 || !ieee80211_is_data(hdr->frame_control) ||
68 is_multicast_ether_addr(hdr->addr1))
69 return 0;
70
71 if (!(stats->flag & RX_FLAG_DECRYPTED))
72 return 0;
73
74 /* if we are here - this for sure is either CCMP or GCMP */
75 if (!sta) {
76 IWL_DEBUG_DROP(mld,
77 "expected hw-decrypted unicast frame for station\n");
78 return -1;
79 }
80
81 mld_sta = iwl_mld_sta_from_mac80211(sta);
82
83 extiv = (u8 *)hdr + ieee80211_hdrlen(hdr->frame_control);
84 keyidx = extiv[3] >> 6;
85
86 ptk_pn = rcu_dereference(mld_sta->ptk_pn[keyidx]);
87 if (!ptk_pn)
88 return -1;
89
90 if (ieee80211_is_data_qos(hdr->frame_control))
91 tid = ieee80211_get_tid(hdr);
92 else
93 tid = 0;
94
95 /* we don't use HCCA/802.11 QoS TSPECs, so drop such frames */
96 if (tid >= IWL_MAX_TID_COUNT)
97 return -1;
98
99 /* load pn */
100 pn[0] = extiv[7];
101 pn[1] = extiv[6];
102 pn[2] = extiv[5];
103 pn[3] = extiv[4];
104 pn[4] = extiv[1];
105 pn[5] = extiv[0];
106
107 res = memcmp(pn, ptk_pn->q[queue].pn[tid], IEEE80211_CCMP_PN_LEN);
108 if (res < 0)
109 return -1;
110 if (!res && !(stats->flag & RX_FLAG_ALLOW_SAME_PN))
111 return -1;
112
113 memcpy(ptk_pn->q[queue].pn[tid], pn, IEEE80211_CCMP_PN_LEN);
114 stats->flag |= RX_FLAG_PN_VALIDATED;
115
116 return 0;
117 }
118
119 /* iwl_mld_pass_packet_to_mac80211 - passes the packet for mac80211 */
iwl_mld_pass_packet_to_mac80211(struct iwl_mld * mld,struct napi_struct * napi,struct sk_buff * skb,int queue,struct ieee80211_sta * sta)120 void iwl_mld_pass_packet_to_mac80211(struct iwl_mld *mld,
121 struct napi_struct *napi,
122 struct sk_buff *skb, int queue,
123 struct ieee80211_sta *sta)
124 {
125 KUNIT_STATIC_STUB_REDIRECT(iwl_mld_pass_packet_to_mac80211,
126 mld, napi, skb, queue, sta);
127
128 if (unlikely(iwl_mld_check_pn(mld, skb, queue, sta))) {
129 kfree_skb(skb);
130 return;
131 }
132
133 ieee80211_rx_napi(mld->hw, sta, skb, napi);
134 }
135 EXPORT_SYMBOL_IF_IWLWIFI_KUNIT(iwl_mld_pass_packet_to_mac80211);
136
iwl_mld_used_average_energy(struct iwl_mld * mld,int link_id,struct ieee80211_hdr * hdr,struct ieee80211_rx_status * rx_status)137 static bool iwl_mld_used_average_energy(struct iwl_mld *mld, int link_id,
138 struct ieee80211_hdr *hdr,
139 struct ieee80211_rx_status *rx_status)
140 {
141 struct ieee80211_bss_conf *link_conf;
142 struct iwl_mld_link *mld_link;
143
144 if (unlikely(!hdr || link_id < 0))
145 return false;
146
147 if (likely(!ieee80211_is_beacon(hdr->frame_control)))
148 return false;
149
150 /*
151 * if link ID is >= valid ones then that means the RX
152 * was on the AUX link and no correction is needed
153 */
154 if (link_id >= mld->fw->ucode_capa.num_links)
155 return false;
156
157 /* for the link conf lookup */
158 guard(rcu)();
159
160 link_conf = rcu_dereference(mld->fw_id_to_bss_conf[link_id]);
161 if (!link_conf)
162 return false;
163
164 mld_link = iwl_mld_link_from_mac80211(link_conf);
165 if (!mld_link)
166 return false;
167
168 /*
169 * If we know the link by link ID then the frame was
170 * received for the link, so by filtering it means it
171 * was from the AP the link is connected to.
172 */
173
174 /* skip also in case we don't have it (yet) */
175 if (!mld_link->average_beacon_energy)
176 return false;
177
178 IWL_DEBUG_STATS(mld, "energy override by average %d\n",
179 mld_link->average_beacon_energy);
180 rx_status->signal = -mld_link->average_beacon_energy;
181 return true;
182 }
183
iwl_mld_fill_signal(struct iwl_mld * mld,int link_id,struct ieee80211_hdr * hdr,struct ieee80211_rx_status * rx_status,struct iwl_mld_rx_phy_data * phy_data)184 static void iwl_mld_fill_signal(struct iwl_mld *mld, int link_id,
185 struct ieee80211_hdr *hdr,
186 struct ieee80211_rx_status *rx_status,
187 struct iwl_mld_rx_phy_data *phy_data)
188 {
189 u32 rate_n_flags = phy_data->rate_n_flags;
190 int energy_a = phy_data->energy_a;
191 int energy_b = phy_data->energy_b;
192 int max_energy;
193
194 energy_a = energy_a ? -energy_a : S8_MIN;
195 energy_b = energy_b ? -energy_b : S8_MIN;
196 max_energy = max(energy_a, energy_b);
197
198 IWL_DEBUG_STATS(mld, "energy in A %d B %d, and max %d\n",
199 energy_a, energy_b, max_energy);
200
201 if (iwl_mld_used_average_energy(mld, link_id, hdr, rx_status))
202 return;
203
204 rx_status->signal = max_energy;
205 rx_status->chains = u32_get_bits(rate_n_flags, RATE_MCS_ANT_AB_MSK);
206 rx_status->chain_signal[0] = energy_a;
207 rx_status->chain_signal[1] = energy_b;
208 }
209
210 static void
iwl_mld_decode_vht_phy_data(struct iwl_mld_rx_phy_data * phy_data,struct ieee80211_radiotap_vht * vht,struct ieee80211_rx_status * rx_status)211 iwl_mld_decode_vht_phy_data(struct iwl_mld_rx_phy_data *phy_data,
212 struct ieee80211_radiotap_vht *vht,
213 struct ieee80211_rx_status *rx_status)
214 {
215 bool stbc;
216
217 vht->known = cpu_to_le16(IEEE80211_RADIOTAP_VHT_KNOWN_BANDWIDTH |
218 IEEE80211_RADIOTAP_VHT_KNOWN_GROUP_ID |
219 IEEE80211_RADIOTAP_VHT_KNOWN_STBC |
220 IEEE80211_RADIOTAP_VHT_KNOWN_GI |
221 IEEE80211_RADIOTAP_VHT_KNOWN_SGI_NSYM_DIS |
222 IEEE80211_RADIOTAP_VHT_KNOWN_LDPC_EXTRA_OFDM_SYM |
223 IEEE80211_RADIOTAP_VHT_KNOWN_BEAMFORMED);
224
225 switch (le32_get_bits(phy_data->ntfy->sigs.vht.a1,
226 OFDM_RX_FRAME_VHT_BANDWIDTH)) {
227 case 0:
228 vht->bandwidth = IEEE80211_RADIOTAP_VHT_BW_20;
229 break;
230 case 1:
231 vht->bandwidth = IEEE80211_RADIOTAP_VHT_BW_40;
232 break;
233 case 2:
234 vht->bandwidth = IEEE80211_RADIOTAP_VHT_BW_80;
235 break;
236 case 3:
237 vht->bandwidth = IEEE80211_RADIOTAP_VHT_BW_160;
238 break;
239 }
240
241 vht->group_id = le32_get_bits(phy_data->ntfy->sigs.vht.a1,
242 OFDM_RX_FRAME_VHT_GRP_ID);
243
244 stbc = le32_get_bits(phy_data->ntfy->sigs.vht.a1,
245 OFDM_RX_FRAME_VHT_STBC);
246 if (stbc)
247 vht->flags |= IEEE80211_RADIOTAP_VHT_FLAG_STBC;
248
249 if (le32_get_bits(phy_data->ntfy->sigs.vht.a2,
250 OFDM_RX_FRAME_VHT_SHORT_GI))
251 vht->flags |= IEEE80211_RADIOTAP_VHT_FLAG_SGI;
252
253 if (le32_get_bits(phy_data->ntfy->sigs.vht.a2,
254 OFDM_RX_FRAME_VHT_SHORT_GI_AMBIG))
255 vht->flags |= IEEE80211_RADIOTAP_VHT_FLAG_SGI_NSYM_M10_9;
256
257 if (le32_get_bits(phy_data->ntfy->sigs.vht.a2,
258 OFDM_RX_FRAME_VHT_CODING_EXTRA_SYM))
259 vht->flags |= IEEE80211_RADIOTAP_VHT_FLAG_LDPC_EXTRA_OFDM_SYM;
260
261 if (vht->group_id != 0 && vht->group_id != 63) {
262 /* MU frame */
263 int user = le32_get_bits(phy_data->ntfy->sigs.vht.a1,
264 OFDM_RX_FRAME_VHT_MU_MIMO_USER_POSITION);
265 int nsts;
266
267 /* Always beamformed */
268 vht->flags |= IEEE80211_RADIOTAP_VHT_FLAG_BEAMFORMED;
269
270 /* No MCS information in the a1/a2 data for MU frames */
271 nsts = le32_get_bits(phy_data->ntfy->sigs.vht.a1,
272 OFDM_RX_FRAME_VHT_STS_USER0);
273 vht->mcs_nss[0] = (stbc ? nsts / 2 : nsts) | 0xf0;
274
275 nsts = le32_get_bits(phy_data->ntfy->sigs.vht.a1,
276 OFDM_RX_FRAME_VHT_MU_STS_USER1);
277 vht->mcs_nss[1] = (stbc ? nsts / 2 : nsts) | 0xf0;
278
279 nsts = le32_get_bits(phy_data->ntfy->sigs.vht.a1,
280 OFDM_RX_FRAME_VHT_MU_STS_USER2);
281 vht->mcs_nss[2] = (stbc ? nsts / 2 : nsts) | 0xf0;
282
283 nsts = le32_get_bits(phy_data->ntfy->sigs.vht.a1,
284 OFDM_RX_FRAME_VHT_MU_STS_USER3);
285 vht->mcs_nss[3] = (stbc ? nsts / 2 : nsts) | 0xf0;
286
287 /* Report current user MCS from rate_n_flags via rx_status */
288 vht->mcs_nss[user] &= 0x0f;
289 vht->mcs_nss[user] |= rx_status->rate_idx << 4;
290
291 /* Report LDPC for current user */
292 if (rx_status->enc_flags & RX_ENC_FLAG_LDPC)
293 vht->coding = 0x1 << user;
294 } else {
295 int nsts;
296
297 /* SU frame */
298 vht->known |= cpu_to_le16(IEEE80211_RADIOTAP_VHT_KNOWN_PARTIAL_AID);
299
300 if (le32_get_bits(phy_data->ntfy->sigs.vht.a2,
301 OFDM_RX_FRAME_VHT_BF_OR_MU_RESERVED))
302 vht->flags |= IEEE80211_RADIOTAP_VHT_FLAG_BEAMFORMED;
303
304 vht->partial_aid =
305 cpu_to_le16(le32_get_bits(phy_data->ntfy->sigs.vht.a1,
306 OFDM_RX_FRAME_VHT_PARTIAL_AID_OR_MU_STS));
307
308 nsts = le32_get_bits(phy_data->ntfy->sigs.vht.a1,
309 OFDM_RX_FRAME_VHT_STS) + 1;
310 vht->mcs_nss[0] =
311 (stbc ? nsts / 2 : nsts) |
312 le32_get_bits(phy_data->ntfy->sigs.vht.a2,
313 OFDM_RX_FRAME_VHT_MCS_OR_MU_CODING) << 4;
314 vht->mcs_nss[1] = 0;
315 vht->mcs_nss[2] = 0;
316 vht->mcs_nss[3] = 0;
317
318 if (rx_status->enc_flags & RX_ENC_FLAG_LDPC)
319 vht->coding = 0x1;
320 }
321 }
322
iwl_mld_rx_vht(struct sk_buff * skb,struct iwl_mld_rx_phy_data * phy_data)323 static void iwl_mld_rx_vht(struct sk_buff *skb,
324 struct iwl_mld_rx_phy_data *phy_data)
325 {
326 struct ieee80211_rx_status *rx_status = IEEE80211_SKB_RXCB(skb);
327 struct ieee80211_radiotap_vht *vht;
328
329 if (likely(!phy_data->ntfy))
330 return;
331
332 vht = skb_put_zero(skb, sizeof(*vht));
333 rx_status->flag |= RX_FLAG_RADIOTAP_VHT;
334
335 iwl_mld_decode_vht_phy_data(phy_data, vht, rx_status);
336 }
337
338 static void
iwl_mld_he_set_ru_alloc(struct ieee80211_rx_status * rx_status,struct ieee80211_radiotap_he * he,u8 ru_with_p80)339 iwl_mld_he_set_ru_alloc(struct ieee80211_rx_status *rx_status,
340 struct ieee80211_radiotap_he *he,
341 u8 ru_with_p80)
342 {
343 u8 ru = ru_with_p80 >> 1;
344 u8 p80 = ru_with_p80 & 1;
345 u8 offs = 0;
346
347 rx_status->bw = RATE_INFO_BW_HE_RU;
348
349 he->data1 |= cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA1_BW_RU_ALLOC_KNOWN);
350 he->data2 |= cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA2_PRISEC_80_KNOWN |
351 IEEE80211_RADIOTAP_HE_DATA2_RU_OFFSET_KNOWN);
352
353 switch (ru) {
354 case 0 ... 36:
355 rx_status->he_ru = NL80211_RATE_INFO_HE_RU_ALLOC_26;
356 offs = ru;
357 break;
358 case 37 ... 52:
359 rx_status->he_ru = NL80211_RATE_INFO_HE_RU_ALLOC_52;
360 offs = ru - 37;
361 break;
362 case 53 ... 60:
363 rx_status->he_ru = NL80211_RATE_INFO_HE_RU_ALLOC_106;
364 offs = ru - 53;
365 break;
366 case 61 ... 64:
367 rx_status->he_ru = NL80211_RATE_INFO_HE_RU_ALLOC_242;
368 offs = ru - 61;
369 break;
370 case 65 ... 66:
371 rx_status->he_ru = NL80211_RATE_INFO_HE_RU_ALLOC_484;
372 offs = ru - 65;
373 break;
374 case 67:
375 rx_status->he_ru = NL80211_RATE_INFO_HE_RU_ALLOC_996;
376 break;
377 case 68:
378 rx_status->he_ru = NL80211_RATE_INFO_HE_RU_ALLOC_2x996;
379 break;
380 }
381
382 he->data2 |= le16_encode_bits(offs,
383 IEEE80211_RADIOTAP_HE_DATA2_RU_OFFSET);
384
385 he->data2 |= le16_encode_bits(p80, IEEE80211_RADIOTAP_HE_DATA2_PRISEC_80_SEC);
386 }
387
388 #define RTAP_ENC_HE(src, src_msk, dst_msk) \
389 le16_encode_bits(le32_get_bits(src, src_msk), dst_msk)
390
391 static void
iwl_mld_decode_he_mu(struct iwl_mld_rx_phy_data * phy_data,struct ieee80211_radiotap_he * he,struct ieee80211_radiotap_he_mu * he_mu,struct ieee80211_rx_status * rx_status)392 iwl_mld_decode_he_mu(struct iwl_mld_rx_phy_data *phy_data,
393 struct ieee80211_radiotap_he *he,
394 struct ieee80211_radiotap_he_mu *he_mu,
395 struct ieee80211_rx_status *rx_status)
396 {
397 u32 rate_n_flags = phy_data->rate_n_flags;
398
399 he_mu->flags1 |= RTAP_ENC_HE(phy_data->ntfy->sigs.he.a1,
400 OFDM_RX_FRAME_HE_DCM,
401 IEEE80211_RADIOTAP_HE_MU_FLAGS1_SIG_B_DCM);
402 he_mu->flags1 |= RTAP_ENC_HE(phy_data->ntfy->sigs.he.a1,
403 OFDM_RX_FRAME_HE_MCS,
404 IEEE80211_RADIOTAP_HE_MU_FLAGS1_SIG_B_MCS);
405 he_mu->flags2 |= RTAP_ENC_HE(phy_data->ntfy->sigs.he.a1,
406 OFDM_RX_FRAME_HE_PRMBL_PUNC_TYPE,
407 IEEE80211_RADIOTAP_HE_MU_FLAGS2_PUNC_FROM_SIG_A_BW);
408 he_mu->flags2 |= RTAP_ENC_HE(phy_data->ntfy->sigs.he.a2,
409 OFDM_RX_FRAME_HE_MU_NUM_OF_SIGB_SYM_OR_USER_NUM,
410 IEEE80211_RADIOTAP_HE_MU_FLAGS2_SIG_B_SYMS_USERS);
411 he_mu->flags2 |= RTAP_ENC_HE(phy_data->ntfy->sigs.he.a2,
412 OFDM_RX_FRAME_HE_MU_SIGB_COMP,
413 IEEE80211_RADIOTAP_HE_MU_FLAGS2_SIG_B_COMP);
414
415 if (phy_data->ntfy->flags & IWL_SNIF_FLAG_VALID_RU &&
416 le32_get_bits(phy_data->ntfy->sigs.he.cmn[2],
417 OFDM_RX_FRAME_HE_COMMON_CC1_CRC_OK)) {
418 he_mu->flags1 |=
419 cpu_to_le16(IEEE80211_RADIOTAP_HE_MU_FLAGS1_CH1_RU_KNOWN |
420 IEEE80211_RADIOTAP_HE_MU_FLAGS1_CH1_CTR_26T_RU_KNOWN);
421
422 he_mu->flags1 |=
423 RTAP_ENC_HE(phy_data->ntfy->sigs.he.cmn[2],
424 OFDM_RX_FRAME_HE_CENTER_RU_CC1,
425 IEEE80211_RADIOTAP_HE_MU_FLAGS1_CH1_CTR_26T_RU);
426
427 he_mu->ru_ch1[0] = le32_get_bits(phy_data->ntfy->sigs.he.cmn[0],
428 OFDM_RX_FRAME_HE_RU_ALLOC_0_A1);
429 he_mu->ru_ch1[1] = le32_get_bits(phy_data->ntfy->sigs.he.cmn[1],
430 OFDM_RX_FRAME_HE_RU_ALLOC_1_C1);
431 he_mu->ru_ch1[2] = le32_get_bits(phy_data->ntfy->sigs.he.cmn[0],
432 OFDM_RX_FRAME_HE_RU_ALLOC_0_A2);
433 he_mu->ru_ch1[3] = le32_get_bits(phy_data->ntfy->sigs.he.cmn[1],
434 OFDM_RX_FRAME_HE_RU_ALLOC_1_C2);
435 }
436
437 if (phy_data->ntfy->flags & IWL_SNIF_FLAG_VALID_RU &&
438 le32_get_bits(phy_data->ntfy->sigs.he.cmn[2],
439 OFDM_RX_FRAME_HE_COMMON_CC2_CRC_OK) &&
440 (rate_n_flags & RATE_MCS_CHAN_WIDTH_MSK) != RATE_MCS_CHAN_WIDTH_20) {
441 he_mu->flags1 |=
442 cpu_to_le16(IEEE80211_RADIOTAP_HE_MU_FLAGS1_CH2_RU_KNOWN |
443 IEEE80211_RADIOTAP_HE_MU_FLAGS1_CH2_CTR_26T_RU_KNOWN);
444
445 he_mu->flags2 |=
446 RTAP_ENC_HE(phy_data->ntfy->sigs.he.cmn[2],
447 OFDM_RX_FRAME_HE_CENTER_RU_CC2,
448 IEEE80211_RADIOTAP_HE_MU_FLAGS2_CH2_CTR_26T_RU);
449
450 he_mu->ru_ch2[0] = le32_get_bits(phy_data->ntfy->sigs.he.cmn[0],
451 OFDM_RX_FRAME_HE_RU_ALLOC_0_B1);
452 he_mu->ru_ch2[1] = le32_get_bits(phy_data->ntfy->sigs.he.cmn[1],
453 OFDM_RX_FRAME_HE_RU_ALLOC_1_D1);
454 he_mu->ru_ch2[2] = le32_get_bits(phy_data->ntfy->sigs.he.cmn[0],
455 OFDM_RX_FRAME_HE_RU_ALLOC_0_B2);
456 he_mu->ru_ch2[3] = le32_get_bits(phy_data->ntfy->sigs.he.cmn[1],
457 OFDM_RX_FRAME_HE_RU_ALLOC_1_D2);
458 }
459
460 #define CHECK_BW(bw) \
461 BUILD_BUG_ON(IEEE80211_RADIOTAP_HE_MU_FLAGS2_BW_FROM_SIG_A_BW_ ## bw ## MHZ != \
462 RATE_MCS_CHAN_WIDTH_##bw >> RATE_MCS_CHAN_WIDTH_POS)
463 CHECK_BW(20);
464 CHECK_BW(40);
465 CHECK_BW(80);
466 CHECK_BW(160);
467 #undef CHECK_BW
468
469 he_mu->flags2 |=
470 le16_encode_bits(u32_get_bits(rate_n_flags, RATE_MCS_CHAN_WIDTH_MSK),
471 IEEE80211_RADIOTAP_HE_MU_FLAGS2_BW_FROM_SIG_A_BW);
472
473 iwl_mld_he_set_ru_alloc(rx_status, he,
474 le32_get_bits(phy_data->ntfy->sigs.he.b,
475 OFDM_RX_FRAME_HE_SIGB_STA_RU));
476 }
477
478 static void
iwl_mld_decode_he_tb_phy_data(struct iwl_mld_rx_phy_data * phy_data,struct ieee80211_radiotap_he * he,struct ieee80211_rx_status * rx_status)479 iwl_mld_decode_he_tb_phy_data(struct iwl_mld_rx_phy_data *phy_data,
480 struct ieee80211_radiotap_he *he,
481 struct ieee80211_rx_status *rx_status)
482 {
483 u32 rate_n_flags = phy_data->rate_n_flags;
484 u32 nsts;
485
486 he->data1 |= cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA1_BSS_COLOR_KNOWN |
487 IEEE80211_RADIOTAP_HE_DATA1_SPTL_REUSE_KNOWN |
488 IEEE80211_RADIOTAP_HE_DATA1_SPTL_REUSE2_KNOWN |
489 IEEE80211_RADIOTAP_HE_DATA1_SPTL_REUSE3_KNOWN |
490 IEEE80211_RADIOTAP_HE_DATA1_SPTL_REUSE4_KNOWN);
491
492 he->data4 |= RTAP_ENC_HE(phy_data->ntfy->sigs.he_tb.a1,
493 OFDM_RX_HE_TRIG_SPATIAL_REUSE_1,
494 IEEE80211_RADIOTAP_HE_DATA4_TB_SPTL_REUSE1);
495 he->data4 |= RTAP_ENC_HE(phy_data->ntfy->sigs.he_tb.a1,
496 OFDM_RX_HE_TRIG_SPATIAL_REUSE_2,
497 IEEE80211_RADIOTAP_HE_DATA4_TB_SPTL_REUSE2);
498 he->data4 |= RTAP_ENC_HE(phy_data->ntfy->sigs.he_tb.a1,
499 OFDM_RX_HE_TRIG_SPATIAL_REUSE_3,
500 IEEE80211_RADIOTAP_HE_DATA4_TB_SPTL_REUSE3);
501 he->data4 |= RTAP_ENC_HE(phy_data->ntfy->sigs.he_tb.a1,
502 OFDM_RX_HE_TRIG_SPATIAL_REUSE_4,
503 IEEE80211_RADIOTAP_HE_DATA4_TB_SPTL_REUSE4);
504 he->data3 |= RTAP_ENC_HE(phy_data->ntfy->sigs.he_tb.a1,
505 OFDM_RX_HE_TRIG_BSS_COLOR,
506 IEEE80211_RADIOTAP_HE_DATA3_BSS_COLOR);
507
508 #define CHECK_BW(bw) \
509 BUILD_BUG_ON(IEEE80211_RADIOTAP_HE_DATA6_TB_PPDU_BW_ ## bw ## MHZ != \
510 RATE_MCS_CHAN_WIDTH_##bw >> RATE_MCS_CHAN_WIDTH_POS)
511 CHECK_BW(20);
512 CHECK_BW(40);
513 CHECK_BW(80);
514 CHECK_BW(160);
515 #undef CHECK_BW
516
517 he->data6 |= cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA6_TB_PPDU_BW_KNOWN) |
518 le16_encode_bits(u32_get_bits(rate_n_flags, RATE_MCS_CHAN_WIDTH_MSK),
519 IEEE80211_RADIOTAP_HE_DATA6_TB_PPDU_BW);
520
521 if (!(phy_data->ntfy->flags & IWL_SNIF_FLAG_VALID_TB_RX))
522 return;
523
524 he->data1 |= cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA1_LDPC_XSYMSEG_KNOWN |
525 IEEE80211_RADIOTAP_HE_DATA1_DOPPLER_KNOWN);
526 he->data2 |= cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA2_PRE_FEC_PAD_KNOWN |
527 IEEE80211_RADIOTAP_HE_DATA2_PE_DISAMBIG_KNOWN |
528 IEEE80211_RADIOTAP_HE_DATA2_TXOP_KNOWN |
529 IEEE80211_RADIOTAP_HE_DATA2_NUM_LTF_SYMS_KNOWN);
530
531 he->data3 |= RTAP_ENC_HE(phy_data->ntfy->sigs.he_tb.tb_rx1,
532 OFDM_UCODE_TRIG_BASE_RX_CODING_EXTRA_SYM,
533 IEEE80211_RADIOTAP_HE_DATA3_LDPC_XSYMSEG);
534 he->data6 |= RTAP_ENC_HE(phy_data->ntfy->sigs.he_tb.tb_rx1,
535 OFDM_UCODE_TRIG_BASE_RX_DOPPLER,
536 IEEE80211_RADIOTAP_HE_DATA6_DOPPLER);
537 he->data5 |= RTAP_ENC_HE(phy_data->ntfy->sigs.he_tb.tb_rx1,
538 OFDM_UCODE_TRIG_BASE_RX_PRE_FEC_PAD_FACTOR,
539 IEEE80211_RADIOTAP_HE_DATA5_PRE_FEC_PAD);
540 he->data5 |= RTAP_ENC_HE(phy_data->ntfy->sigs.he_tb.tb_rx1,
541 OFDM_UCODE_TRIG_BASE_RX_PE_DISAMBIG,
542 IEEE80211_RADIOTAP_HE_DATA5_PE_DISAMBIG);
543 he->data5 |= RTAP_ENC_HE(phy_data->ntfy->sigs.he_tb.tb_rx1,
544 OFDM_UCODE_TRIG_BASE_RX_NUM_OF_LTF_SYM,
545 IEEE80211_RADIOTAP_HE_DATA5_NUM_LTF_SYMS);
546 he->data6 |= RTAP_ENC_HE(phy_data->ntfy->sigs.he_tb.a2,
547 OFDM_RX_HE_TRIG_TXOP_DURATION,
548 IEEE80211_RADIOTAP_HE_DATA6_TXOP);
549
550 iwl_mld_he_set_ru_alloc(rx_status, he,
551 le32_get_bits(phy_data->ntfy->sigs.he_tb.tb_rx1,
552 OFDM_UCODE_TRIG_BASE_RX_RU));
553
554 nsts = le32_get_bits(phy_data->ntfy->sigs.he_tb.tb_rx1,
555 OFDM_UCODE_TRIG_BASE_RX_NSTS) + 1;
556 rx_status->nss = nsts >> !!(rate_n_flags & RATE_MCS_STBC_MSK);
557 }
558
559 static void
iwl_mld_decode_he_phy_data(struct iwl_mld_rx_phy_data * phy_data,struct ieee80211_radiotap_he * he,struct ieee80211_radiotap_he_mu * he_mu,struct ieee80211_rx_status * rx_status)560 iwl_mld_decode_he_phy_data(struct iwl_mld_rx_phy_data *phy_data,
561 struct ieee80211_radiotap_he *he,
562 struct ieee80211_radiotap_he_mu *he_mu,
563 struct ieee80211_rx_status *rx_status)
564 {
565 u32 rate_n_flags = phy_data->rate_n_flags;
566 u32 he_type = rate_n_flags & RATE_MCS_HE_TYPE_MSK;
567 u32 nsts;
568
569 switch (he_type) {
570 case RATE_MCS_HE_TYPE_TRIG:
571 iwl_mld_decode_he_tb_phy_data(phy_data, he, rx_status);
572 /* that's it, below is only for SU/MU */
573 return;
574 case RATE_MCS_HE_TYPE_MU:
575 iwl_mld_decode_he_mu(phy_data, he, he_mu, rx_status);
576
577 nsts = le32_get_bits(phy_data->ntfy->sigs.he.b,
578 OFDM_RX_FRAME_HE_SIGB_NSTS) + 1;
579 break;
580 case RATE_MCS_HE_TYPE_SU:
581 case RATE_MCS_HE_TYPE_EXT_SU:
582 he->data1 |= cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA1_BEAM_CHANGE_KNOWN);
583 he->data3 |= RTAP_ENC_HE(phy_data->ntfy->sigs.he.a1,
584 OFDM_RX_FRAME_HE_BEAM_CHANGE,
585 IEEE80211_RADIOTAP_HE_DATA3_BEAM_CHANGE);
586
587 nsts = le32_get_bits(phy_data->ntfy->sigs.he.a1,
588 OFDM_RX_FRAME_HE_NSTS) + 1;
589 break;
590 }
591
592 rx_status->nss = nsts >> !!(rate_n_flags & RATE_MCS_STBC_MSK);
593
594 he->data1 |= cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA1_LDPC_XSYMSEG_KNOWN |
595 IEEE80211_RADIOTAP_HE_DATA1_DOPPLER_KNOWN);
596 he->data2 |= cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA2_PRE_FEC_PAD_KNOWN |
597 IEEE80211_RADIOTAP_HE_DATA2_PE_DISAMBIG_KNOWN |
598 IEEE80211_RADIOTAP_HE_DATA2_TXOP_KNOWN |
599 IEEE80211_RADIOTAP_HE_DATA2_NUM_LTF_SYMS_KNOWN);
600
601 he->data3 |= RTAP_ENC_HE(phy_data->ntfy->sigs.he.a2,
602 OFDM_RX_FRAME_HE_CODING_EXTRA_SYM,
603 IEEE80211_RADIOTAP_HE_DATA3_LDPC_XSYMSEG);
604 he->data5 |= RTAP_ENC_HE(phy_data->ntfy->sigs.he.a2,
605 OFDM_RX_FRAME_HE_PRE_FEC_PAD_FACTOR,
606 IEEE80211_RADIOTAP_HE_DATA5_PRE_FEC_PAD);
607 he->data5 |= RTAP_ENC_HE(phy_data->ntfy->sigs.he.a2,
608 OFDM_RX_FRAME_HE_PE_DISAMBIG,
609 IEEE80211_RADIOTAP_HE_DATA5_PE_DISAMBIG);
610 he->data5 |= RTAP_ENC_HE(phy_data->ntfy->sigs.he.a2,
611 OFDM_RX_FRAME_HE_MU_NUM_OF_LTF_SYM,
612 IEEE80211_RADIOTAP_HE_DATA5_NUM_LTF_SYMS);
613 he->data6 |= RTAP_ENC_HE(phy_data->ntfy->sigs.he.a2,
614 OFDM_RX_FRAME_HE_TXOP_DURATION,
615 IEEE80211_RADIOTAP_HE_DATA6_TXOP);
616 he->data6 |= RTAP_ENC_HE(phy_data->ntfy->sigs.he.a2,
617 OFDM_RX_FRAME_HE_DOPPLER,
618 IEEE80211_RADIOTAP_HE_DATA6_DOPPLER);
619
620 he->data1 |= cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA1_UL_DL_KNOWN |
621 IEEE80211_RADIOTAP_HE_DATA1_BSS_COLOR_KNOWN |
622 IEEE80211_RADIOTAP_HE_DATA1_SPTL_REUSE_KNOWN);
623
624 he->data3 |= RTAP_ENC_HE(phy_data->ntfy->sigs.he.a1,
625 OFDM_RX_FRAME_HE_BSS_COLOR,
626 IEEE80211_RADIOTAP_HE_DATA3_BSS_COLOR);
627 he->data3 |= RTAP_ENC_HE(phy_data->ntfy->sigs.he.a1,
628 OFDM_RX_FRAME_HE_UL_FLAG,
629 IEEE80211_RADIOTAP_HE_DATA3_UL_DL);
630 he->data4 |= RTAP_ENC_HE(phy_data->ntfy->sigs.he.a1,
631 OFDM_RX_FRAME_HE_SPATIAL_REUSE,
632 IEEE80211_RADIOTAP_HE_DATA4_SU_MU_SPTL_REUSE);
633 }
634
iwl_mld_rx_he(struct sk_buff * skb,struct iwl_mld_rx_phy_data * phy_data)635 static void iwl_mld_rx_he(struct sk_buff *skb,
636 struct iwl_mld_rx_phy_data *phy_data)
637 {
638 struct ieee80211_rx_status *rx_status = IEEE80211_SKB_RXCB(skb);
639 struct ieee80211_radiotap_he *he = NULL;
640 struct ieee80211_radiotap_he_mu *he_mu = NULL;
641 u32 rate_n_flags = phy_data->rate_n_flags;
642 u32 he_type = rate_n_flags & RATE_MCS_HE_TYPE_MSK;
643 u8 ltf;
644 static const struct ieee80211_radiotap_he known = {
645 .data1 = cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA1_DATA_MCS_KNOWN |
646 IEEE80211_RADIOTAP_HE_DATA1_DATA_DCM_KNOWN |
647 IEEE80211_RADIOTAP_HE_DATA1_STBC_KNOWN |
648 IEEE80211_RADIOTAP_HE_DATA1_CODING_KNOWN),
649 .data2 = cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA2_GI_KNOWN |
650 IEEE80211_RADIOTAP_HE_DATA2_TXBF_KNOWN),
651 };
652 static const struct ieee80211_radiotap_he_mu mu_known = {
653 .flags1 = cpu_to_le16(IEEE80211_RADIOTAP_HE_MU_FLAGS1_SIG_B_MCS_KNOWN |
654 IEEE80211_RADIOTAP_HE_MU_FLAGS1_SIG_B_DCM_KNOWN |
655 IEEE80211_RADIOTAP_HE_MU_FLAGS1_SIG_B_SYMS_USERS_KNOWN |
656 IEEE80211_RADIOTAP_HE_MU_FLAGS1_SIG_B_COMP_KNOWN),
657 .flags2 = cpu_to_le16(IEEE80211_RADIOTAP_HE_MU_FLAGS2_PUNC_FROM_SIG_A_BW_KNOWN |
658 IEEE80211_RADIOTAP_HE_MU_FLAGS2_BW_FROM_SIG_A_BW_KNOWN),
659 };
660
661 he = skb_put_data(skb, &known, sizeof(known));
662 rx_status->flag |= RX_FLAG_RADIOTAP_HE;
663
664 switch (he_type) {
665 case RATE_MCS_HE_TYPE_EXT_SU:
666 /*
667 * Except for this special case we won't have
668 * HE RU allocation info outside of monitor mode
669 * since we don't get the PHY notif.
670 */
671 if (rate_n_flags & RATE_MCS_HE_106T_MSK) {
672 rx_status->bw = RATE_INFO_BW_HE_RU;
673 rx_status->he_ru = NL80211_RATE_INFO_HE_RU_ALLOC_106;
674 }
675 fallthrough;
676 case RATE_MCS_HE_TYPE_SU:
677 /* actual data is filled in mac80211 */
678 he->data1 |=
679 cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA1_BW_RU_ALLOC_KNOWN);
680 break;
681 }
682
683 #define CHECK_TYPE(F) \
684 BUILD_BUG_ON(IEEE80211_RADIOTAP_HE_DATA1_FORMAT_ ## F != \
685 (RATE_MCS_HE_TYPE_ ## F >> RATE_MCS_HE_TYPE_POS))
686
687 CHECK_TYPE(SU);
688 CHECK_TYPE(EXT_SU);
689 CHECK_TYPE(MU);
690 CHECK_TYPE(TRIG);
691
692 he->data1 |= cpu_to_le16(he_type >> RATE_MCS_HE_TYPE_POS);
693
694 if (rate_n_flags & RATE_MCS_BF_MSK)
695 he->data5 |= cpu_to_le16(IEEE80211_RADIOTAP_HE_DATA5_TXBF);
696
697 switch (u32_get_bits(rate_n_flags, RATE_MCS_HE_GI_LTF_MSK)) {
698 case 0:
699 if (he_type == RATE_MCS_HE_TYPE_TRIG)
700 rx_status->he_gi = NL80211_RATE_INFO_HE_GI_1_6;
701 else
702 rx_status->he_gi = NL80211_RATE_INFO_HE_GI_0_8;
703 if (he_type == RATE_MCS_HE_TYPE_MU)
704 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_4X;
705 else
706 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_1X;
707 break;
708 case 1:
709 if (he_type == RATE_MCS_HE_TYPE_TRIG)
710 rx_status->he_gi = NL80211_RATE_INFO_HE_GI_1_6;
711 else
712 rx_status->he_gi = NL80211_RATE_INFO_HE_GI_0_8;
713 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_2X;
714 break;
715 case 2:
716 if (he_type == RATE_MCS_HE_TYPE_TRIG) {
717 rx_status->he_gi = NL80211_RATE_INFO_HE_GI_3_2;
718 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_4X;
719 } else {
720 rx_status->he_gi = NL80211_RATE_INFO_HE_GI_1_6;
721 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_2X;
722 }
723 break;
724 case 3:
725 rx_status->he_gi = NL80211_RATE_INFO_HE_GI_3_2;
726 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_4X;
727 break;
728 case 4:
729 rx_status->he_gi = NL80211_RATE_INFO_HE_GI_0_8;
730 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_4X;
731 break;
732 default:
733 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_UNKNOWN;
734 }
735
736 he->data5 |= le16_encode_bits(ltf,
737 IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE);
738
739 if (likely(!phy_data->ntfy))
740 return;
741
742 if (he_type == RATE_MCS_HE_TYPE_MU) {
743 he_mu = skb_put_data(skb, &mu_known, sizeof(mu_known));
744 rx_status->flag |= RX_FLAG_RADIOTAP_HE_MU;
745 }
746
747 iwl_mld_decode_he_phy_data(phy_data, he, he_mu, rx_status);
748 }
749
iwl_mld_decode_lsig(struct sk_buff * skb,struct iwl_mld_rx_phy_data * phy_data)750 static void iwl_mld_decode_lsig(struct sk_buff *skb,
751 struct iwl_mld_rx_phy_data *phy_data)
752 {
753 struct ieee80211_rx_status *rx_status = IEEE80211_SKB_RXCB(skb);
754 u32 format = phy_data->rate_n_flags & RATE_MCS_MOD_TYPE_MSK;
755 struct ieee80211_radiotap_lsig *lsig;
756 u32 lsig_len, rate;
757
758 if (likely(!phy_data->ntfy))
759 return;
760
761 /*
762 * Technically legacy CCK/OFDM frames don't have an L-SIG
763 * since that's the compat format for HT (non-greenfield)
764 * and up. However, it's meant to be compatible with the
765 * LENGTH and RATE fields in Clause 17 and 18 OFDM frames
766 * so include the field for any non-CCK frame. For CCK it
767 * cannot work, since the LENGTH field for them is 16-bit
768 * and the radiotap field only has 12 bits.
769 */
770 if (format == RATE_MCS_MOD_TYPE_CCK)
771 return;
772
773 lsig_len = le32_get_bits(phy_data->ntfy->legacy_sig.ofdm,
774 OFDM_RX_LEGACY_LENGTH);
775 rate = le32_get_bits(phy_data->ntfy->legacy_sig.ofdm, OFDM_RX_RATE);
776
777 lsig = skb_put(skb, sizeof(*lsig));
778 lsig->data1 = cpu_to_le16(IEEE80211_RADIOTAP_LSIG_DATA1_LENGTH_KNOWN) |
779 cpu_to_le16(IEEE80211_RADIOTAP_LSIG_DATA1_RATE_KNOWN);
780 lsig->data2 = le16_encode_bits(lsig_len,
781 IEEE80211_RADIOTAP_LSIG_DATA2_LENGTH) |
782 le16_encode_bits(rate, IEEE80211_RADIOTAP_LSIG_DATA2_RATE);
783 rx_status->flag |= RX_FLAG_RADIOTAP_LSIG;
784 }
785
786 /* Put a TLV on the skb and return data pointer
787 *
788 * Also pad the len to 4 and zero out all data part
789 */
790 static void *
iwl_mld_radiotap_put_tlv(struct sk_buff * skb,u16 type,u16 len)791 iwl_mld_radiotap_put_tlv(struct sk_buff *skb, u16 type, u16 len)
792 {
793 struct ieee80211_radiotap_tlv *tlv;
794
795 tlv = skb_put(skb, sizeof(*tlv));
796 tlv->type = cpu_to_le16(type);
797 tlv->len = cpu_to_le16(len);
798 return skb_put_zero(skb, ALIGN(len, 4));
799 }
800
801 #define LE32_DEC_ENC(value, dec_bits, enc_bits) \
802 le32_encode_bits(le32_get_bits(value, dec_bits), enc_bits)
803
804 #define IWL_MLD_ENC_USIG_VALUE_MASK(usig, in_value, dec_bits, enc_bits) do { \
805 typeof(enc_bits) _enc_bits = enc_bits; \
806 typeof(usig) _usig = usig; \
807 (_usig)->mask |= cpu_to_le32(_enc_bits); \
808 (_usig)->value |= LE32_DEC_ENC(in_value, dec_bits, _enc_bits); \
809 } while (0)
810
iwl_mld_decode_eht_usig_tb(struct iwl_mld_rx_phy_data * phy_data,struct ieee80211_radiotap_eht_usig * usig)811 static void iwl_mld_decode_eht_usig_tb(struct iwl_mld_rx_phy_data *phy_data,
812 struct ieee80211_radiotap_eht_usig *usig)
813 {
814 __le32 usig_a1 = phy_data->ntfy->sigs.eht_tb.usig_a1;
815 __le32 usig_a2 = phy_data->ntfy->sigs.eht_tb.usig_a2_eht;
816
817 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a1,
818 OFDM_RX_FRAME_EHT_USIG1_DISREGARD,
819 IEEE80211_RADIOTAP_EHT_USIG1_TB_B20_B25_DISREGARD);
820 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2,
821 OFDM_RX_FRAME_EHT_PPDU_TYPE,
822 IEEE80211_RADIOTAP_EHT_USIG2_TB_B0_B1_PPDU_TYPE);
823 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2,
824 OFDM_RX_FRAME_EHT_USIG2_VALIDATE_B2,
825 IEEE80211_RADIOTAP_EHT_USIG2_TB_B2_VALIDATE);
826 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2,
827 OFDM_RX_FRAME_EHT_TRIG_SPATIAL_REUSE_1,
828 IEEE80211_RADIOTAP_EHT_USIG2_TB_B3_B6_SPATIAL_REUSE_1);
829 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2,
830 OFDM_RX_FRAME_EHT_TRIG_SPATIAL_REUSE_2,
831 IEEE80211_RADIOTAP_EHT_USIG2_TB_B7_B10_SPATIAL_REUSE_2);
832 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2,
833 OFDM_RX_FRAME_EHT_TRIG_USIG2_DISREGARD,
834 IEEE80211_RADIOTAP_EHT_USIG2_TB_B11_B15_DISREGARD);
835 }
836
iwl_mld_decode_eht_usig_non_tb(struct iwl_mld_rx_phy_data * phy_data,struct ieee80211_radiotap_eht_usig * usig)837 static void iwl_mld_decode_eht_usig_non_tb(struct iwl_mld_rx_phy_data *phy_data,
838 struct ieee80211_radiotap_eht_usig *usig)
839 {
840 __le32 usig_a1 = phy_data->ntfy->sigs.eht.usig_a1;
841 __le32 usig_a2 = phy_data->ntfy->sigs.eht.usig_a2_eht;
842
843 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a1,
844 OFDM_RX_FRAME_EHT_USIG1_DISREGARD,
845 IEEE80211_RADIOTAP_EHT_USIG1_MU_B20_B24_DISREGARD);
846 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a1,
847 OFDM_RX_FRAME_EHT_USIG1_VALIDATE,
848 IEEE80211_RADIOTAP_EHT_USIG1_MU_B25_VALIDATE);
849 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2,
850 OFDM_RX_FRAME_EHT_PPDU_TYPE,
851 IEEE80211_RADIOTAP_EHT_USIG2_MU_B0_B1_PPDU_TYPE);
852 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2,
853 OFDM_RX_FRAME_EHT_USIG2_VALIDATE_B2,
854 IEEE80211_RADIOTAP_EHT_USIG2_MU_B2_VALIDATE);
855 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2,
856 OFDM_RX_FRAME_EHT_PUNC_CHANNEL,
857 IEEE80211_RADIOTAP_EHT_USIG2_MU_B3_B7_PUNCTURED_INFO);
858 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2,
859 OFDM_RX_FRAME_EHT_USIG2_VALIDATE_B8,
860 IEEE80211_RADIOTAP_EHT_USIG2_MU_B8_VALIDATE);
861 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2,
862 OFDM_RX_FRAME_EHT_SIG_MCS,
863 IEEE80211_RADIOTAP_EHT_USIG2_MU_B9_B10_SIG_MCS);
864 IWL_MLD_ENC_USIG_VALUE_MASK(usig, usig_a2,
865 OFDM_RX_FRAME_EHT_SIG_SYM_NUM,
866 IEEE80211_RADIOTAP_EHT_USIG2_MU_B11_B15_EHT_SIG_SYMBOLS);
867 }
868
iwl_mld_decode_eht_usig(struct iwl_mld_rx_phy_data * phy_data,struct sk_buff * skb)869 static void iwl_mld_decode_eht_usig(struct iwl_mld_rx_phy_data *phy_data,
870 struct sk_buff *skb)
871 {
872 u32 he_type = phy_data->rate_n_flags & RATE_MCS_HE_TYPE_MSK;
873 __le32 usig_a1 = phy_data->ntfy->sigs.eht.usig_a1;
874 __le32 usig_a2 = phy_data->ntfy->sigs.eht.usig_a2_eht;
875 struct ieee80211_radiotap_eht_usig *usig;
876 u32 bw;
877
878 usig = iwl_mld_radiotap_put_tlv(skb, IEEE80211_RADIOTAP_EHT_USIG,
879 sizeof(*usig));
880
881 BUILD_BUG_ON(offsetof(union iwl_sigs, eht.usig_a1) !=
882 offsetof(union iwl_sigs, eht_tb.usig_a1));
883 BUILD_BUG_ON(offsetof(union iwl_sigs, eht.usig_a2_eht) !=
884 offsetof(union iwl_sigs, eht_tb.usig_a2_eht));
885
886 usig->common |= cpu_to_le32(IEEE80211_RADIOTAP_EHT_USIG_COMMON_UL_DL_KNOWN |
887 IEEE80211_RADIOTAP_EHT_USIG_COMMON_BSS_COLOR_KNOWN |
888 IEEE80211_RADIOTAP_EHT_USIG_COMMON_VALIDATE_BITS_CHECKED |
889 IEEE80211_RADIOTAP_EHT_USIG_COMMON_BW_KNOWN |
890 IEEE80211_RADIOTAP_EHT_USIG_COMMON_TXOP_KNOWN);
891
892 #define CHECK_BW(bw) \
893 BUILD_BUG_ON(IEEE80211_RADIOTAP_EHT_USIG_COMMON_BW_ ## bw ## MHZ != \
894 RATE_MCS_CHAN_WIDTH_ ## bw ## _VAL)
895 CHECK_BW(20);
896 CHECK_BW(40);
897 CHECK_BW(80);
898 CHECK_BW(160);
899 #undef CHECK_BW
900 BUILD_BUG_ON(IEEE80211_RADIOTAP_EHT_USIG_COMMON_BW_320MHZ_1 !=
901 RATE_MCS_CHAN_WIDTH_320_VAL);
902 bw = u32_get_bits(phy_data->rate_n_flags, RATE_MCS_CHAN_WIDTH_MSK);
903 /* specific handling for 320MHz-1/320MHz-2 */
904 if (bw == RATE_MCS_CHAN_WIDTH_320_VAL)
905 bw += le32_get_bits(usig_a1, OFDM_RX_FRAME_EHT_BW320_SLOT);
906 usig->common |= le32_encode_bits(bw,
907 IEEE80211_RADIOTAP_EHT_USIG_COMMON_BW);
908
909 usig->common |= LE32_DEC_ENC(usig_a1, OFDM_RX_FRAME_ENHANCED_WIFI_UL_FLAG,
910 IEEE80211_RADIOTAP_EHT_USIG_COMMON_UL_DL);
911 usig->common |= LE32_DEC_ENC(usig_a1, OFDM_RX_FRAME_ENHANCED_WIFI_BSS_COLOR,
912 IEEE80211_RADIOTAP_EHT_USIG_COMMON_BSS_COLOR);
913
914 if (le32_get_bits(usig_a1, OFDM_RX_FRAME_EHT_USIG1_VALIDATE) &&
915 le32_get_bits(usig_a2, OFDM_RX_FRAME_EHT_USIG2_VALIDATE_B2) &&
916 le32_get_bits(usig_a2, OFDM_RX_FRAME_EHT_USIG2_VALIDATE_B8))
917 usig->common |= cpu_to_le32(IEEE80211_RADIOTAP_EHT_USIG_COMMON_VALIDATE_BITS_OK);
918
919 usig->common |= LE32_DEC_ENC(usig_a1,
920 OFDM_RX_FRAME_ENHANCED_WIFI_TXOP_DURATION,
921 IEEE80211_RADIOTAP_EHT_USIG_COMMON_TXOP);
922
923 if (!le32_get_bits(usig_a2, OFDM_RX_USIG_CRC_OK))
924 usig->common |= cpu_to_le32(IEEE80211_RADIOTAP_EHT_USIG_COMMON_BAD_USIG_CRC);
925
926 usig->common |= cpu_to_le32(IEEE80211_RADIOTAP_EHT_USIG_COMMON_PHY_VER_KNOWN);
927 usig->common |= LE32_DEC_ENC(usig_a1,
928 OFDM_RX_FRAME_ENHANCED_WIFI_VER_ID,
929 IEEE80211_RADIOTAP_EHT_USIG_COMMON_PHY_VER);
930
931 if (he_type == RATE_MCS_HE_TYPE_TRIG)
932 iwl_mld_decode_eht_usig_tb(phy_data, usig);
933 else
934 iwl_mld_decode_eht_usig_non_tb(phy_data, usig);
935 }
936
937 static void
iwl_mld_eht_set_ru_alloc(struct ieee80211_rx_status * rx_status,u32 ru_with_p80)938 iwl_mld_eht_set_ru_alloc(struct ieee80211_rx_status *rx_status,
939 u32 ru_with_p80)
940 {
941 enum nl80211_eht_ru_alloc nl_ru;
942 u32 ru = ru_with_p80 >> 1;
943
944 /*
945 * HW always uses trigger frame format:
946 *
947 * Draft PIEEE802.11be D7.0 Table 9-46l - Encoding of the PS160 and
948 * RU Allocation subfields in an EHT variant User Info field
949 */
950
951 switch (ru) {
952 case 0 ... 36:
953 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_26;
954 break;
955 case 37 ... 52:
956 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_52;
957 break;
958 case 53 ... 60:
959 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_106;
960 break;
961 case 61 ... 64:
962 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_242;
963 break;
964 case 65 ... 66:
965 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_484;
966 break;
967 case 67:
968 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_996;
969 break;
970 case 68:
971 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_2x996;
972 break;
973 case 69:
974 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_4x996;
975 break;
976 case 70 ... 81:
977 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_52P26;
978 break;
979 case 82 ... 89:
980 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_106P26;
981 break;
982 case 90 ... 93:
983 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_484P242;
984 break;
985 case 94 ... 95:
986 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_996P484;
987 break;
988 case 96 ... 99:
989 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_996P484P242;
990 break;
991 case 100 ... 103:
992 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_2x996P484;
993 break;
994 case 104:
995 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_3x996;
996 break;
997 case 105 ... 106:
998 nl_ru = NL80211_RATE_INFO_EHT_RU_ALLOC_3x996P484;
999 break;
1000 default:
1001 return;
1002 }
1003
1004 rx_status->bw = RATE_INFO_BW_EHT_RU;
1005 rx_status->eht.ru = nl_ru;
1006 }
1007
iwl_mld_decode_eht_tb(struct iwl_mld_rx_phy_data * phy_data,struct ieee80211_rx_status * rx_status,struct ieee80211_radiotap_eht * eht)1008 static void iwl_mld_decode_eht_tb(struct iwl_mld_rx_phy_data *phy_data,
1009 struct ieee80211_rx_status *rx_status,
1010 struct ieee80211_radiotap_eht *eht)
1011 {
1012 if (!(phy_data->ntfy->flags & IWL_SNIF_FLAG_VALID_TB_RX))
1013 return;
1014
1015 eht->known |= cpu_to_le32(IEEE80211_RADIOTAP_EHT_KNOWN_RU_ALLOC_TB_FMT |
1016 IEEE80211_RADIOTAP_EHT_KNOWN_LDPC_EXTRA_SYM_OM |
1017 IEEE80211_RADIOTAP_EHT_KNOWN_PRE_PADD_FACOR_OM |
1018 IEEE80211_RADIOTAP_EHT_KNOWN_PE_DISAMBIGUITY_OM |
1019 IEEE80211_RADIOTAP_EHT_KNOWN_EHT_LTF |
1020 IEEE80211_RADIOTAP_EHT_KNOWN_PRIMARY_80);
1021
1022 eht->data[8] |= LE32_DEC_ENC(phy_data->ntfy->sigs.eht_tb.tb_rx0,
1023 OFDM_UCODE_TRIG_BASE_PS160,
1024 IEEE80211_RADIOTAP_EHT_DATA8_RU_ALLOC_TB_FMT_PS_160);
1025 eht->data[8] |= LE32_DEC_ENC(phy_data->ntfy->sigs.eht_tb.tb_rx1,
1026 OFDM_UCODE_TRIG_BASE_RX_RU,
1027 IEEE80211_RADIOTAP_EHT_DATA8_RU_ALLOC_TB_FMT_B0 |
1028 IEEE80211_RADIOTAP_EHT_DATA8_RU_ALLOC_TB_FMT_B7_B1);
1029 eht->data[0] |= LE32_DEC_ENC(phy_data->ntfy->sigs.eht_tb.tb_rx1,
1030 OFDM_UCODE_TRIG_BASE_RX_CODING_EXTRA_SYM,
1031 IEEE80211_RADIOTAP_EHT_DATA0_LDPC_EXTRA_SYM_OM);
1032 eht->data[0] |= LE32_DEC_ENC(phy_data->ntfy->sigs.eht_tb.tb_rx1,
1033 OFDM_UCODE_TRIG_BASE_RX_PRE_FEC_PAD_FACTOR,
1034 IEEE80211_RADIOTAP_EHT_DATA0_PRE_PADD_FACOR_OM);
1035 eht->data[0] |= LE32_DEC_ENC(phy_data->ntfy->sigs.eht_tb.tb_rx1,
1036 OFDM_UCODE_TRIG_BASE_RX_PE_DISAMBIG,
1037 IEEE80211_RADIOTAP_EHT_DATA0_PE_DISAMBIGUITY_OM);
1038 eht->data[0] |= LE32_DEC_ENC(phy_data->ntfy->sigs.eht_tb.tb_rx1,
1039 OFDM_UCODE_TRIG_BASE_RX_NUM_OF_LTF_SYM,
1040 IEEE80211_RADIOTAP_EHT_DATA0_EHT_LTF);
1041 eht->data[1] |= LE32_DEC_ENC(phy_data->ntfy->sigs.eht_tb.tb_rx0,
1042 OFDM_UCODE_TRIG_BASE_RX_RU_P80,
1043 IEEE80211_RADIOTAP_EHT_DATA1_PRIMARY_80);
1044
1045 iwl_mld_eht_set_ru_alloc(rx_status,
1046 le32_get_bits(phy_data->ntfy->sigs.eht_tb.tb_rx1,
1047 OFDM_UCODE_TRIG_BASE_RX_RU));
1048 }
1049
iwl_mld_eht_decode_user_ru(struct iwl_mld_rx_phy_data * phy_data,struct ieee80211_radiotap_eht * eht)1050 static void iwl_mld_eht_decode_user_ru(struct iwl_mld_rx_phy_data *phy_data,
1051 struct ieee80211_radiotap_eht *eht)
1052 {
1053 u32 phy_bw = phy_data->rate_n_flags & RATE_MCS_CHAN_WIDTH_MSK;
1054
1055 if (!(phy_data->ntfy->flags & IWL_SNIF_FLAG_VALID_RU))
1056 return;
1057
1058 #define __IWL_MLD_ENC_EHT_RU(rt_data, rt_ru, fw_data, fw_ru) \
1059 eht->data[(rt_data)] |= \
1060 (cpu_to_le32(IEEE80211_RADIOTAP_EHT_DATA ## rt_data ## _RU_ALLOC_CC_ ## rt_ru ## _KNOWN) | \
1061 LE32_DEC_ENC(phy_data->ntfy->sigs.eht.cmn[fw_data], \
1062 OFDM_RX_FRAME_EHT_RU_ALLOC_ ## fw_data ## _ ## fw_ru, \
1063 IEEE80211_RADIOTAP_EHT_DATA ## rt_data ## _RU_ALLOC_CC_ ## rt_ru))
1064
1065 #define _IWL_MLD_ENC_EHT_RU(rt_data, rt_ru, fw_data, fw_ru) \
1066 __IWL_MLD_ENC_EHT_RU(rt_data, rt_ru, fw_data, fw_ru)
1067
1068 #define IEEE80211_RADIOTAP_RU_DATA_1_1_1 1
1069 #define IEEE80211_RADIOTAP_RU_DATA_2_1_1 2
1070 #define IEEE80211_RADIOTAP_RU_DATA_1_1_2 2
1071 #define IEEE80211_RADIOTAP_RU_DATA_2_1_2 2
1072 #define IEEE80211_RADIOTAP_RU_DATA_1_2_1 3
1073 #define IEEE80211_RADIOTAP_RU_DATA_2_2_1 3
1074 #define IEEE80211_RADIOTAP_RU_DATA_1_2_2 3
1075 #define IEEE80211_RADIOTAP_RU_DATA_2_2_2 4
1076 #define IEEE80211_RADIOTAP_RU_DATA_1_2_3 4
1077 #define IEEE80211_RADIOTAP_RU_DATA_2_2_3 4
1078 #define IEEE80211_RADIOTAP_RU_DATA_1_2_4 5
1079 #define IEEE80211_RADIOTAP_RU_DATA_2_2_4 5
1080 #define IEEE80211_RADIOTAP_RU_DATA_1_2_5 5
1081 #define IEEE80211_RADIOTAP_RU_DATA_2_2_5 6
1082 #define IEEE80211_RADIOTAP_RU_DATA_1_2_6 6
1083 #define IEEE80211_RADIOTAP_RU_DATA_2_2_6 6
1084
1085 #define IWL_RX_RU_DATA_A1 0
1086 #define IWL_RX_RU_DATA_A2 0
1087 #define IWL_RX_RU_DATA_A3 0
1088 #define IWL_RX_RU_DATA_A4 4
1089 #define IWL_RX_RU_DATA_B1 1
1090 #define IWL_RX_RU_DATA_B2 1
1091 #define IWL_RX_RU_DATA_B3 1
1092 #define IWL_RX_RU_DATA_B4 4
1093 #define IWL_RX_RU_DATA_C1 2
1094 #define IWL_RX_RU_DATA_C2 2
1095 #define IWL_RX_RU_DATA_C3 2
1096 #define IWL_RX_RU_DATA_C4 5
1097 #define IWL_RX_RU_DATA_D1 3
1098 #define IWL_RX_RU_DATA_D2 3
1099 #define IWL_RX_RU_DATA_D3 3
1100 #define IWL_RX_RU_DATA_D4 5
1101
1102 #define IWL_MLD_ENC_EHT_RU(rt_ru, fw_ru) \
1103 _IWL_MLD_ENC_EHT_RU(IEEE80211_RADIOTAP_RU_DATA_ ## rt_ru, \
1104 rt_ru, \
1105 IWL_RX_RU_DATA_ ## fw_ru, \
1106 fw_ru)
1107
1108 /*
1109 * Hardware labels the content channels/RU allocation values
1110 * as follows:
1111 *
1112 * Content Channel 1 Content Channel 2
1113 * 20 MHz: A1
1114 * 40 MHz: A1 B1
1115 * 80 MHz: A1 C1 B1 D1
1116 * 160 MHz: A1 C1 A2 C2 B1 D1 B2 D2
1117 * 320 MHz: A1 C1 A2 C2 A3 C3 A4 C4 B1 D1 B2 D2 B3 D3 B4 D4
1118 */
1119
1120 switch (phy_bw) {
1121 case RATE_MCS_CHAN_WIDTH_320:
1122 /* content channel 1 */
1123 IWL_MLD_ENC_EHT_RU(1_2_3, A3);
1124 IWL_MLD_ENC_EHT_RU(1_2_4, C3);
1125 IWL_MLD_ENC_EHT_RU(1_2_5, A4);
1126 IWL_MLD_ENC_EHT_RU(1_2_6, C4);
1127 /* content channel 2 */
1128 IWL_MLD_ENC_EHT_RU(2_2_3, B3);
1129 IWL_MLD_ENC_EHT_RU(2_2_4, D3);
1130 IWL_MLD_ENC_EHT_RU(2_2_5, B4);
1131 IWL_MLD_ENC_EHT_RU(2_2_6, D4);
1132 fallthrough;
1133 case RATE_MCS_CHAN_WIDTH_160:
1134 /* content channel 1 */
1135 IWL_MLD_ENC_EHT_RU(1_2_1, A2);
1136 IWL_MLD_ENC_EHT_RU(1_2_2, C2);
1137 /* content channel 2 */
1138 IWL_MLD_ENC_EHT_RU(2_2_1, B2);
1139 IWL_MLD_ENC_EHT_RU(2_2_2, D2);
1140 fallthrough;
1141 case RATE_MCS_CHAN_WIDTH_80:
1142 /* content channel 1 */
1143 IWL_MLD_ENC_EHT_RU(1_1_2, C1);
1144 /* content channel 2 */
1145 IWL_MLD_ENC_EHT_RU(2_1_2, D1);
1146 fallthrough;
1147 case RATE_MCS_CHAN_WIDTH_40:
1148 /* content channel 2 */
1149 IWL_MLD_ENC_EHT_RU(2_1_1, B1);
1150 fallthrough;
1151 case RATE_MCS_CHAN_WIDTH_20:
1152 /* content channel 1 */
1153 IWL_MLD_ENC_EHT_RU(1_1_1, A1);
1154 break;
1155 }
1156 }
1157
iwl_mld_decode_eht_non_tb(struct iwl_mld_rx_phy_data * phy_data,struct ieee80211_rx_status * rx_status,struct ieee80211_radiotap_eht * eht)1158 static void iwl_mld_decode_eht_non_tb(struct iwl_mld_rx_phy_data *phy_data,
1159 struct ieee80211_rx_status *rx_status,
1160 struct ieee80211_radiotap_eht *eht)
1161 {
1162 eht->known |= cpu_to_le32(IEEE80211_RADIOTAP_EHT_KNOWN_SPATIAL_REUSE |
1163 /* All RU allocating size/index is in TB format */
1164 IEEE80211_RADIOTAP_EHT_KNOWN_RU_ALLOC_TB_FMT |
1165 IEEE80211_RADIOTAP_EHT_KNOWN_LDPC_EXTRA_SYM_OM |
1166 IEEE80211_RADIOTAP_EHT_KNOWN_PRE_PADD_FACOR_OM |
1167 IEEE80211_RADIOTAP_EHT_KNOWN_PE_DISAMBIGUITY_OM |
1168 IEEE80211_RADIOTAP_EHT_KNOWN_EHT_LTF |
1169 IEEE80211_RADIOTAP_EHT_KNOWN_PRIMARY_80 |
1170 IEEE80211_RADIOTAP_EHT_KNOWN_NR_NON_OFDMA_USERS_M);
1171
1172 eht->data[0] |= LE32_DEC_ENC(phy_data->ntfy->sigs.eht.b1,
1173 OFDM_RX_FRAME_EHT_SPATIAL_REUSE,
1174 IEEE80211_RADIOTAP_EHT_DATA0_SPATIAL_REUSE);
1175 eht->data[8] |= LE32_DEC_ENC(phy_data->ntfy->sigs.eht.b2,
1176 OFDM_RX_FRAME_EHT_STA_RU_PS160,
1177 IEEE80211_RADIOTAP_EHT_DATA8_RU_ALLOC_TB_FMT_PS_160);
1178 eht->data[8] |= LE32_DEC_ENC(phy_data->ntfy->sigs.eht.b2,
1179 OFDM_RX_FRAME_EHT_STA_RU,
1180 IEEE80211_RADIOTAP_EHT_DATA8_RU_ALLOC_TB_FMT_B0 |
1181 IEEE80211_RADIOTAP_EHT_DATA8_RU_ALLOC_TB_FMT_B7_B1);
1182 eht->data[0] |= LE32_DEC_ENC(phy_data->ntfy->sigs.eht.b1,
1183 OFDM_RX_FRAME_EHT_CODING_EXTRA_SYM,
1184 IEEE80211_RADIOTAP_EHT_DATA0_LDPC_EXTRA_SYM_OM);
1185 eht->data[0] |= LE32_DEC_ENC(phy_data->ntfy->sigs.eht.b1,
1186 OFDM_RX_FRAME_EHT_PRE_FEC_PAD_FACTOR,
1187 IEEE80211_RADIOTAP_EHT_DATA0_PRE_PADD_FACOR_OM);
1188 eht->data[0] |= LE32_DEC_ENC(phy_data->ntfy->sigs.eht.b1,
1189 OFDM_RX_FRAME_EHT_PE_DISAMBIG,
1190 IEEE80211_RADIOTAP_EHT_DATA0_PE_DISAMBIGUITY_OM);
1191 eht->data[0] |= LE32_DEC_ENC(phy_data->ntfy->sigs.eht.b1,
1192 OFDM_RX_FRAME_EHT_NUM_OF_LTF_SYM,
1193 IEEE80211_RADIOTAP_EHT_DATA0_EHT_LTF);
1194 eht->data[1] |= LE32_DEC_ENC(phy_data->ntfy->sigs.eht.b2,
1195 OFDM_RX_FRAME_EHT_STA_RU_P80,
1196 IEEE80211_RADIOTAP_EHT_DATA1_PRIMARY_80);
1197 eht->data[7] |= LE32_DEC_ENC(phy_data->ntfy->sigs.eht.b1,
1198 OFDM_RX_FRAME_EHT_NUM_OF_USERS,
1199 IEEE80211_RADIOTAP_EHT_DATA7_NUM_OF_NON_OFDMA_USERS);
1200
1201 iwl_mld_eht_decode_user_ru(phy_data, eht);
1202
1203 iwl_mld_eht_set_ru_alloc(rx_status,
1204 le32_get_bits(phy_data->ntfy->sigs.eht.b2,
1205 OFDM_RX_FRAME_EHT_STA_RU));
1206 }
1207
iwl_mld_decode_eht_phy_data(struct iwl_mld_rx_phy_data * phy_data,struct ieee80211_rx_status * rx_status,struct ieee80211_radiotap_eht * eht)1208 static void iwl_mld_decode_eht_phy_data(struct iwl_mld_rx_phy_data *phy_data,
1209 struct ieee80211_rx_status *rx_status,
1210 struct ieee80211_radiotap_eht *eht)
1211 {
1212 u32 he_type = phy_data->rate_n_flags & RATE_MCS_HE_TYPE_MSK;
1213
1214 if (he_type == RATE_MCS_HE_TYPE_TRIG)
1215 iwl_mld_decode_eht_tb(phy_data, rx_status, eht);
1216 else
1217 iwl_mld_decode_eht_non_tb(phy_data, rx_status, eht);
1218 }
1219
iwl_mld_rx_eht(struct iwl_mld * mld,struct sk_buff * skb,struct iwl_mld_rx_phy_data * phy_data)1220 static void iwl_mld_rx_eht(struct iwl_mld *mld, struct sk_buff *skb,
1221 struct iwl_mld_rx_phy_data *phy_data)
1222 {
1223 struct ieee80211_rx_status *rx_status = IEEE80211_SKB_RXCB(skb);
1224 struct ieee80211_radiotap_eht *eht;
1225 size_t eht_len = sizeof(*eht);
1226 u32 rate_n_flags = phy_data->rate_n_flags;
1227 u32 he_type = rate_n_flags & RATE_MCS_HE_TYPE_MSK;
1228 /* EHT and HE have the same values for LTF */
1229 u8 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_UNKNOWN;
1230
1231 /* u32 for 1 user_info */
1232 if (phy_data->with_data)
1233 eht_len += sizeof(u32);
1234
1235 eht = iwl_mld_radiotap_put_tlv(skb, IEEE80211_RADIOTAP_EHT, eht_len);
1236
1237 rx_status->flag |= RX_FLAG_RADIOTAP_TLV_AT_END;
1238
1239 switch (u32_get_bits(rate_n_flags, RATE_MCS_HE_GI_LTF_MSK)) {
1240 case 0:
1241 if (he_type == RATE_MCS_HE_TYPE_TRIG) {
1242 rx_status->eht.gi = NL80211_RATE_INFO_EHT_GI_1_6;
1243 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_1X;
1244 } else {
1245 rx_status->eht.gi = NL80211_RATE_INFO_EHT_GI_0_8;
1246 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_2X;
1247 }
1248 break;
1249 case 1:
1250 rx_status->eht.gi = NL80211_RATE_INFO_EHT_GI_1_6;
1251 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_2X;
1252 break;
1253 case 2:
1254 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_4X;
1255 if (he_type == RATE_MCS_HE_TYPE_TRIG)
1256 rx_status->eht.gi = NL80211_RATE_INFO_EHT_GI_3_2;
1257 else
1258 rx_status->eht.gi = NL80211_RATE_INFO_EHT_GI_0_8;
1259 break;
1260 case 3:
1261 if (he_type != RATE_MCS_HE_TYPE_TRIG) {
1262 ltf = IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_4X;
1263 rx_status->eht.gi = NL80211_RATE_INFO_EHT_GI_3_2;
1264 }
1265 break;
1266 default:
1267 /* nothing here */
1268 break;
1269 }
1270
1271 if (ltf != IEEE80211_RADIOTAP_HE_DATA5_LTF_SIZE_UNKNOWN) {
1272 eht->known |= cpu_to_le32(IEEE80211_RADIOTAP_EHT_KNOWN_GI);
1273 eht->data[0] |= le32_encode_bits(ltf,
1274 IEEE80211_RADIOTAP_EHT_DATA0_LTF) |
1275 le32_encode_bits(rx_status->eht.gi,
1276 IEEE80211_RADIOTAP_EHT_DATA0_GI);
1277 }
1278
1279 if (!phy_data->with_data) {
1280 eht->known |= cpu_to_le32(IEEE80211_RADIOTAP_EHT_KNOWN_NSS_S |
1281 IEEE80211_RADIOTAP_EHT_KNOWN_BEAMFORMED_S);
1282 eht->data[7] |= LE32_DEC_ENC(phy_data->ntfy->sigs.eht.b1,
1283 OFDM_RX_FRAME_EHT_NSTS,
1284 IEEE80211_RADIOTAP_EHT_DATA7_NSS_S);
1285 if (rate_n_flags & RATE_MCS_BF_MSK)
1286 eht->data[7] |=
1287 cpu_to_le32(IEEE80211_RADIOTAP_EHT_DATA7_BEAMFORMED_S);
1288 } else {
1289 eht->user_info[0] |=
1290 cpu_to_le32(IEEE80211_RADIOTAP_EHT_USER_INFO_MCS_KNOWN |
1291 IEEE80211_RADIOTAP_EHT_USER_INFO_CODING_KNOWN |
1292 IEEE80211_RADIOTAP_EHT_USER_INFO_NSS_KNOWN_O |
1293 IEEE80211_RADIOTAP_EHT_USER_INFO_BEAMFORMING_KNOWN_O |
1294 IEEE80211_RADIOTAP_EHT_USER_INFO_DATA_FOR_USER);
1295
1296 if (rate_n_flags & RATE_MCS_BF_MSK)
1297 eht->user_info[0] |=
1298 cpu_to_le32(IEEE80211_RADIOTAP_EHT_USER_INFO_BEAMFORMING_O);
1299
1300 if (rate_n_flags & RATE_MCS_LDPC_MSK)
1301 eht->user_info[0] |=
1302 cpu_to_le32(IEEE80211_RADIOTAP_EHT_USER_INFO_CODING);
1303
1304 eht->user_info[0] |=
1305 le32_encode_bits(u32_get_bits(rate_n_flags,
1306 RATE_VHT_MCS_RATE_CODE_MSK),
1307 IEEE80211_RADIOTAP_EHT_USER_INFO_MCS) |
1308 le32_encode_bits(u32_get_bits(rate_n_flags,
1309 RATE_MCS_NSS_MSK),
1310 IEEE80211_RADIOTAP_EHT_USER_INFO_NSS_O);
1311 }
1312
1313 if (likely(!phy_data->ntfy))
1314 return;
1315
1316 if (phy_data->with_data) {
1317 eht->user_info[0] |=
1318 cpu_to_le32(IEEE80211_RADIOTAP_EHT_USER_INFO_STA_ID_KNOWN) |
1319 LE32_DEC_ENC(phy_data->ntfy->sigs.eht.user_id,
1320 OFDM_RX_FRAME_EHT_USER_FIELD_ID,
1321 IEEE80211_RADIOTAP_EHT_USER_INFO_STA_ID);
1322 }
1323
1324 iwl_mld_decode_eht_usig(phy_data, skb);
1325 iwl_mld_decode_eht_phy_data(phy_data, rx_status, eht);
1326 }
1327
1328 #ifdef CONFIG_IWLWIFI_DEBUGFS
iwl_mld_add_rtap_sniffer_config(struct iwl_mld * mld,struct sk_buff * skb)1329 static void iwl_mld_add_rtap_sniffer_config(struct iwl_mld *mld,
1330 struct sk_buff *skb)
1331 {
1332 struct ieee80211_rx_status *rx_status = IEEE80211_SKB_RXCB(skb);
1333 struct ieee80211_radiotap_vendor_content *radiotap;
1334 const u16 vendor_data_len = sizeof(mld->monitor.cur_aid);
1335
1336 if (!mld->monitor.cur_aid)
1337 return;
1338
1339 radiotap =
1340 iwl_mld_radiotap_put_tlv(skb,
1341 IEEE80211_RADIOTAP_VENDOR_NAMESPACE,
1342 sizeof(*radiotap) + vendor_data_len);
1343
1344 /* Intel OUI */
1345 radiotap->oui[0] = 0xf6;
1346 radiotap->oui[1] = 0x54;
1347 radiotap->oui[2] = 0x25;
1348 /* Intel OUI default radiotap subtype */
1349 radiotap->oui_subtype = 1;
1350 /* Sniffer config element type */
1351 radiotap->vendor_type = 0;
1352
1353 /* fill the data now */
1354 memcpy(radiotap->data, &mld->monitor.cur_aid,
1355 sizeof(mld->monitor.cur_aid));
1356
1357 rx_status->flag |= RX_FLAG_RADIOTAP_TLV_AT_END;
1358 }
1359 #endif
1360
iwl_mld_add_rtap_sniffer_phy_data(struct iwl_mld * mld,struct sk_buff * skb,struct iwl_rx_phy_air_sniffer_ntfy * ntfy)1361 static void iwl_mld_add_rtap_sniffer_phy_data(struct iwl_mld *mld,
1362 struct sk_buff *skb,
1363 struct iwl_rx_phy_air_sniffer_ntfy *ntfy)
1364 {
1365 struct ieee80211_rx_status *rx_status = IEEE80211_SKB_RXCB(skb);
1366 struct ieee80211_radiotap_vendor_content *radiotap;
1367 const u16 vendor_data_len = sizeof(*ntfy);
1368
1369 radiotap =
1370 iwl_mld_radiotap_put_tlv(skb,
1371 IEEE80211_RADIOTAP_VENDOR_NAMESPACE,
1372 sizeof(*radiotap) + vendor_data_len);
1373
1374 /* Intel OUI */
1375 radiotap->oui[0] = 0xf6;
1376 radiotap->oui[1] = 0x54;
1377 radiotap->oui[2] = 0x25;
1378 /* Intel OUI default radiotap subtype */
1379 radiotap->oui_subtype = 1;
1380 /* PHY data element type */
1381 radiotap->vendor_type = cpu_to_le16(1);
1382
1383 /* fill the data now */
1384 memcpy(radiotap->data, ntfy, vendor_data_len);
1385
1386 rx_status->flag |= RX_FLAG_RADIOTAP_TLV_AT_END;
1387 }
1388
1389 static void
iwl_mld_set_rx_nonlegacy_rate_info(u32 rate_n_flags,struct ieee80211_rx_status * rx_status)1390 iwl_mld_set_rx_nonlegacy_rate_info(u32 rate_n_flags,
1391 struct ieee80211_rx_status *rx_status)
1392 {
1393 u8 stbc = u32_get_bits(rate_n_flags, RATE_MCS_STBC_MSK);
1394
1395 /* NSS may be overridden by PHY ntfy with full value */
1396 rx_status->nss = u32_get_bits(rate_n_flags, RATE_MCS_NSS_MSK) + 1;
1397 rx_status->rate_idx = rate_n_flags & RATE_MCS_CODE_MSK;
1398 rx_status->enc_flags |= stbc << RX_ENC_FLAG_STBC_SHIFT;
1399 if (rate_n_flags & RATE_MCS_LDPC_MSK)
1400 rx_status->enc_flags |= RX_ENC_FLAG_LDPC;
1401 }
1402
iwl_mld_set_rx_rate(struct iwl_mld * mld,struct iwl_mld_rx_phy_data * phy_data,struct ieee80211_rx_status * rx_status)1403 static void iwl_mld_set_rx_rate(struct iwl_mld *mld,
1404 struct iwl_mld_rx_phy_data *phy_data,
1405 struct ieee80211_rx_status *rx_status)
1406 {
1407 u32 rate_n_flags = phy_data->rate_n_flags;
1408 u8 stbc = u32_get_bits(rate_n_flags, RATE_MCS_STBC_MSK);
1409 u32 format = rate_n_flags & RATE_MCS_MOD_TYPE_MSK;
1410 bool is_sgi = rate_n_flags & RATE_MCS_SGI_MSK;
1411
1412 /* bandwidth may be overridden to RU by PHY ntfy */
1413 switch (rate_n_flags & RATE_MCS_CHAN_WIDTH_MSK) {
1414 case RATE_MCS_CHAN_WIDTH_20:
1415 break;
1416 case RATE_MCS_CHAN_WIDTH_40:
1417 rx_status->bw = RATE_INFO_BW_40;
1418 break;
1419 case RATE_MCS_CHAN_WIDTH_80:
1420 rx_status->bw = RATE_INFO_BW_80;
1421 break;
1422 case RATE_MCS_CHAN_WIDTH_160:
1423 rx_status->bw = RATE_INFO_BW_160;
1424 break;
1425 case RATE_MCS_CHAN_WIDTH_320:
1426 rx_status->bw = RATE_INFO_BW_320;
1427 break;
1428 }
1429
1430 switch (format) {
1431 case RATE_MCS_MOD_TYPE_CCK:
1432 if (phy_data->phy_info & IWL_RX_MPDU_PHY_SHORT_PREAMBLE)
1433 rx_status->enc_flags |= RX_ENC_FLAG_SHORTPRE;
1434 fallthrough;
1435 case RATE_MCS_MOD_TYPE_LEGACY_OFDM: {
1436 int rate =
1437 iwl_mld_legacy_hw_idx_to_mac80211_idx(rate_n_flags,
1438 rx_status->band);
1439
1440 /* override BW - it could be DUP and indicate the wrong BW */
1441 rx_status->bw = RATE_INFO_BW_20;
1442
1443 /* valid rate */
1444 if (rate >= 0 && rate <= 0xFF) {
1445 rx_status->rate_idx = rate;
1446 break;
1447 }
1448
1449 /* invalid rate */
1450 rx_status->rate_idx = 0;
1451
1452 /*
1453 * In monitor mode we can see CCK frames on 5 or 6 GHz, usually
1454 * just the (possibly malformed) PHY header by accident, since
1455 * the decoder doesn't seem to turn off CCK. We cannot correctly
1456 * encode the rate to mac80211 (and therefore not in radiotap)
1457 * since we give the per-band index which doesn't cover those
1458 * rates.
1459 */
1460 if (!mld->monitor.on && net_ratelimit())
1461 IWL_ERR(mld, "invalid rate_n_flags=0x%x, band=%d\n",
1462 rate_n_flags, rx_status->band);
1463 break;
1464 }
1465 case RATE_MCS_MOD_TYPE_HT:
1466 rx_status->encoding = RX_ENC_HT;
1467 rx_status->rate_idx = RATE_HT_MCS_INDEX(rate_n_flags);
1468 rx_status->enc_flags |= stbc << RX_ENC_FLAG_STBC_SHIFT;
1469 break;
1470 case RATE_MCS_MOD_TYPE_VHT:
1471 rx_status->encoding = RX_ENC_VHT;
1472 iwl_mld_set_rx_nonlegacy_rate_info(rate_n_flags, rx_status);
1473 break;
1474 case RATE_MCS_MOD_TYPE_HE:
1475 rx_status->encoding = RX_ENC_HE;
1476 rx_status->he_dcm =
1477 !!(rate_n_flags & RATE_HE_DUAL_CARRIER_MODE_MSK);
1478 iwl_mld_set_rx_nonlegacy_rate_info(rate_n_flags, rx_status);
1479 break;
1480 case RATE_MCS_MOD_TYPE_EHT:
1481 rx_status->encoding = RX_ENC_EHT;
1482 iwl_mld_set_rx_nonlegacy_rate_info(rate_n_flags, rx_status);
1483 break;
1484 default:
1485 WARN_ON_ONCE(1);
1486 }
1487
1488 if (format != RATE_MCS_MOD_TYPE_CCK && is_sgi)
1489 rx_status->enc_flags |= RX_ENC_FLAG_SHORT_GI;
1490 }
1491
1492 /* Note: hdr can be NULL */
iwl_mld_rx_fill_status(struct iwl_mld * mld,int link_id,struct ieee80211_hdr * hdr,struct sk_buff * skb,struct iwl_mld_rx_phy_data * phy_data)1493 static void iwl_mld_rx_fill_status(struct iwl_mld *mld, int link_id,
1494 struct ieee80211_hdr *hdr,
1495 struct sk_buff *skb,
1496 struct iwl_mld_rx_phy_data *phy_data)
1497 {
1498 struct ieee80211_rx_status *rx_status = IEEE80211_SKB_RXCB(skb);
1499 u32 rate_n_flags = phy_data->rate_n_flags;
1500 u32 format = rate_n_flags & RATE_MCS_MOD_TYPE_MSK;
1501
1502 iwl_mld_fill_signal(mld, link_id, hdr, rx_status, phy_data);
1503
1504 rx_status->device_timestamp = phy_data->gp2_on_air_rise;
1505
1506 iwl_mld_set_rx_rate(mld, phy_data, rx_status);
1507
1508 /* must be before HE data (radiotap field order) */
1509 if (format == RATE_MCS_MOD_TYPE_VHT)
1510 iwl_mld_rx_vht(skb, phy_data);
1511
1512 /* must be before L-SIG data (radiotap field order) */
1513 if (format == RATE_MCS_MOD_TYPE_HE)
1514 iwl_mld_rx_he(skb, phy_data);
1515
1516 iwl_mld_decode_lsig(skb, phy_data);
1517
1518 /* TLVs - must be after radiotap fixed fields */
1519 if (format == RATE_MCS_MOD_TYPE_EHT)
1520 iwl_mld_rx_eht(mld, skb, phy_data);
1521
1522 #ifdef CONFIG_IWLWIFI_DEBUGFS
1523 if (unlikely(mld->monitor.on)) {
1524 iwl_mld_add_rtap_sniffer_config(mld, skb);
1525
1526 if (mld->monitor.ptp_time) {
1527 u64 adj_time =
1528 iwl_mld_ptp_get_adj_time(mld,
1529 phy_data->gp2_on_air_rise *
1530 NSEC_PER_USEC);
1531
1532 rx_status->mactime = div64_u64(adj_time, NSEC_PER_USEC);
1533 rx_status->flag |= RX_FLAG_MACTIME_IS_RTAP_TS64;
1534 rx_status->flag &= ~RX_FLAG_MACTIME;
1535 }
1536 }
1537 #endif
1538
1539 if (phy_data->ntfy)
1540 iwl_mld_add_rtap_sniffer_phy_data(mld, skb, phy_data->ntfy);
1541 }
1542
1543 /* iwl_mld_create_skb adds the rxb to a new skb */
iwl_mld_build_rx_skb(struct iwl_mld * mld,struct sk_buff * skb,struct ieee80211_hdr * hdr,u16 len,u8 crypt_len,struct iwl_rx_cmd_buffer * rxb)1544 static int iwl_mld_build_rx_skb(struct iwl_mld *mld, struct sk_buff *skb,
1545 struct ieee80211_hdr *hdr, u16 len,
1546 u8 crypt_len, struct iwl_rx_cmd_buffer *rxb)
1547 {
1548 struct iwl_rx_packet *pkt = rxb_addr(rxb);
1549 struct iwl_rx_mpdu_desc *desc = (void *)pkt->data;
1550 unsigned int headlen, fraglen, pad_len = 0;
1551 unsigned int hdrlen = ieee80211_hdrlen(hdr->frame_control);
1552 u8 mic_crc_len = u8_get_bits(desc->mac_flags1,
1553 IWL_RX_MPDU_MFLG1_MIC_CRC_LEN_MASK) << 1;
1554
1555 if (desc->mac_flags2 & IWL_RX_MPDU_MFLG2_PAD) {
1556 len -= 2;
1557 pad_len = 2;
1558 }
1559
1560 /* For non monitor interface strip the bytes the RADA might not have
1561 * removed (it might be disabled, e.g. for mgmt frames). As a monitor
1562 * interface cannot exist with other interfaces, this removal is safe
1563 * and sufficient, in monitor mode there's no decryption being done.
1564 */
1565 if (len > mic_crc_len && !ieee80211_hw_check(mld->hw, RX_INCLUDES_FCS))
1566 len -= mic_crc_len;
1567
1568 /* If frame is small enough to fit in skb->head, pull it completely.
1569 * If not, only pull ieee80211_hdr (including crypto if present, and
1570 * an additional 8 bytes for SNAP/ethertype, see below) so that
1571 * splice() or TCP coalesce are more efficient.
1572 *
1573 * Since, in addition, ieee80211_data_to_8023() always pull in at
1574 * least 8 bytes (possibly more for mesh) we can do the same here
1575 * to save the cost of doing it later. That still doesn't pull in
1576 * the actual IP header since the typical case has a SNAP header.
1577 * If the latter changes (there are efforts in the standards group
1578 * to do so) we should revisit this and ieee80211_data_to_8023().
1579 */
1580 headlen = (len <= skb_tailroom(skb)) ? len : hdrlen + crypt_len + 8;
1581
1582 /* The firmware may align the packet to DWORD.
1583 * The padding is inserted after the IV.
1584 * After copying the header + IV skip the padding if
1585 * present before copying packet data.
1586 */
1587 hdrlen += crypt_len;
1588
1589 if (unlikely(headlen < hdrlen))
1590 return -EINVAL;
1591
1592 /* Since data doesn't move data while putting data on skb and that is
1593 * the only way we use, data + len is the next place that hdr would
1594 * be put
1595 */
1596 skb_set_mac_header(skb, skb->len);
1597 skb_put_data(skb, hdr, hdrlen);
1598 skb_put_data(skb, (u8 *)hdr + hdrlen + pad_len, headlen - hdrlen);
1599
1600 if (skb->ip_summed == CHECKSUM_COMPLETE) {
1601 struct {
1602 u8 hdr[6];
1603 __be16 type;
1604 } __packed *shdr = (void *)((u8 *)hdr + hdrlen + pad_len);
1605
1606 if (unlikely(headlen - hdrlen < sizeof(*shdr) ||
1607 !ether_addr_equal(shdr->hdr, rfc1042_header) ||
1608 (shdr->type != htons(ETH_P_IP) &&
1609 shdr->type != htons(ETH_P_ARP) &&
1610 shdr->type != htons(ETH_P_IPV6) &&
1611 shdr->type != htons(ETH_P_8021Q) &&
1612 shdr->type != htons(ETH_P_PAE) &&
1613 shdr->type != htons(ETH_P_TDLS))))
1614 skb->ip_summed = CHECKSUM_NONE;
1615 }
1616
1617 fraglen = len - headlen;
1618
1619 if (fraglen) {
1620 int offset = (u8 *)hdr + headlen + pad_len -
1621 (u8 *)rxb_addr(rxb) + rxb_offset(rxb);
1622
1623 skb_add_rx_frag(skb, 0, rxb_steal_page(rxb), offset,
1624 fraglen, rxb->truesize);
1625 }
1626
1627 return 0;
1628 }
1629
1630 /* returns true if a packet is a duplicate or invalid tid and
1631 * should be dropped. Updates AMSDU PN tracking info
1632 */
1633 VISIBLE_IF_IWLWIFI_KUNIT
1634 bool
iwl_mld_is_dup(struct iwl_mld * mld,struct ieee80211_sta * sta,struct ieee80211_hdr * hdr,const struct iwl_rx_mpdu_desc * mpdu_desc,struct ieee80211_rx_status * rx_status,int queue)1635 iwl_mld_is_dup(struct iwl_mld *mld, struct ieee80211_sta *sta,
1636 struct ieee80211_hdr *hdr,
1637 const struct iwl_rx_mpdu_desc *mpdu_desc,
1638 struct ieee80211_rx_status *rx_status, int queue)
1639 {
1640 struct iwl_mld_sta *mld_sta;
1641 struct iwl_mld_rxq_dup_data *dup_data;
1642 u8 tid, sub_frame_idx;
1643
1644 if (WARN_ON(!sta))
1645 return false;
1646
1647 mld_sta = iwl_mld_sta_from_mac80211(sta);
1648
1649 if (WARN_ON_ONCE(!mld_sta->dup_data))
1650 return false;
1651
1652 dup_data = &mld_sta->dup_data[queue];
1653
1654 /* Drop duplicate 802.11 retransmissions
1655 * (IEEE 802.11-2020: 10.3.2.14 "Duplicate detection and recovery")
1656 */
1657 if (ieee80211_is_ctl(hdr->frame_control) ||
1658 ieee80211_is_any_nullfunc(hdr->frame_control) ||
1659 is_multicast_ether_addr(hdr->addr1))
1660 return false;
1661
1662 if (ieee80211_is_data_qos(hdr->frame_control)) {
1663 /* frame has qos control */
1664 tid = ieee80211_get_tid(hdr);
1665 if (tid >= IWL_MAX_TID_COUNT)
1666 return true;
1667 } else {
1668 tid = IWL_MAX_TID_COUNT;
1669 }
1670
1671 /* If this wasn't a part of an A-MSDU the sub-frame index will be 0 */
1672 sub_frame_idx = mpdu_desc->amsdu_info &
1673 IWL_RX_MPDU_AMSDU_SUBFRAME_IDX_MASK;
1674
1675 if (IWL_FW_CHECK(mld,
1676 sub_frame_idx > 0 &&
1677 !(mpdu_desc->mac_flags2 & IWL_RX_MPDU_MFLG2_AMSDU),
1678 "got sub_frame_idx=%d but A-MSDU flag is not set\n",
1679 sub_frame_idx))
1680 return true;
1681
1682 if (unlikely(ieee80211_has_retry(hdr->frame_control) &&
1683 dup_data->last_seq[tid] == hdr->seq_ctrl &&
1684 dup_data->last_sub_frame_idx[tid] >= sub_frame_idx))
1685 return true;
1686
1687 /* Allow same PN as the first subframe for following sub frames */
1688 if (dup_data->last_seq[tid] == hdr->seq_ctrl &&
1689 sub_frame_idx > dup_data->last_sub_frame_idx[tid])
1690 rx_status->flag |= RX_FLAG_ALLOW_SAME_PN;
1691
1692 dup_data->last_seq[tid] = hdr->seq_ctrl;
1693 dup_data->last_sub_frame_idx[tid] = sub_frame_idx;
1694
1695 rx_status->flag |= RX_FLAG_DUP_VALIDATED;
1696
1697 return false;
1698 }
1699 EXPORT_SYMBOL_IF_IWLWIFI_KUNIT(iwl_mld_is_dup);
1700
iwl_mld_update_last_rx_timestamp(struct iwl_mld * mld,u8 baid)1701 static void iwl_mld_update_last_rx_timestamp(struct iwl_mld *mld, u8 baid)
1702 {
1703 unsigned long now = jiffies;
1704 unsigned long timeout;
1705 struct iwl_mld_baid_data *ba_data;
1706
1707 ba_data = rcu_dereference(mld->fw_id_to_ba[baid]);
1708 if (!ba_data) {
1709 IWL_DEBUG_HT(mld, "BAID %d not found in map\n", baid);
1710 return;
1711 }
1712
1713 if (!ba_data->timeout)
1714 return;
1715
1716 /* To minimize cache bouncing between RX queues, avoid frequent updates
1717 * to last_rx_timestamp. update it only when the timeout period has
1718 * passed. The worst-case scenario is the session expiring after
1719 * approximately 2 * timeout, which is negligible (the update is
1720 * atomic).
1721 */
1722 timeout = TU_TO_JIFFIES(ba_data->timeout);
1723 if (time_is_before_jiffies(ba_data->last_rx_timestamp + timeout))
1724 ba_data->last_rx_timestamp = now;
1725 }
1726
1727 /* Processes received packets for a station.
1728 * Sets *drop to true if the packet should be dropped.
1729 * Returns the station if found, or NULL otherwise.
1730 */
1731 static struct ieee80211_sta *
iwl_mld_rx_with_sta(struct iwl_mld * mld,struct ieee80211_hdr * hdr,struct sk_buff * skb,const struct iwl_rx_mpdu_desc * mpdu_desc,const struct iwl_rx_packet * pkt,int queue,bool * drop)1732 iwl_mld_rx_with_sta(struct iwl_mld *mld, struct ieee80211_hdr *hdr,
1733 struct sk_buff *skb,
1734 const struct iwl_rx_mpdu_desc *mpdu_desc,
1735 const struct iwl_rx_packet *pkt, int queue, bool *drop)
1736 {
1737 struct ieee80211_sta *sta = NULL;
1738 struct ieee80211_link_sta *link_sta = NULL;
1739 struct ieee80211_rx_status *rx_status;
1740 u8 baid;
1741
1742 if (mpdu_desc->status & cpu_to_le32(IWL_RX_MPDU_STATUS_SRC_STA_FOUND)) {
1743 u8 sta_id = le32_get_bits(mpdu_desc->status,
1744 IWL_RX_MPDU_STATUS_STA_ID);
1745
1746 if (IWL_FW_CHECK(mld,
1747 sta_id >= mld->fw->ucode_capa.num_stations,
1748 "rx_mpdu: invalid sta_id %d\n", sta_id))
1749 return NULL;
1750
1751 link_sta = rcu_dereference(mld->fw_id_to_link_sta[sta_id]);
1752 if (!IS_ERR_OR_NULL(link_sta))
1753 sta = link_sta->sta;
1754 } else if (!is_multicast_ether_addr(hdr->addr2)) {
1755 /* Passing NULL is fine since we prevent two stations with the
1756 * same address from being added.
1757 */
1758 sta = ieee80211_find_sta_by_ifaddr(mld->hw, hdr->addr2, NULL);
1759 }
1760
1761 /* we may not have any station yet */
1762 if (!sta)
1763 return NULL;
1764
1765 rx_status = IEEE80211_SKB_RXCB(skb);
1766
1767 if (link_sta && sta->valid_links) {
1768 rx_status->link_valid = true;
1769 rx_status->link_id = link_sta->link_id;
1770 }
1771
1772 /* fill checksum */
1773 if (ieee80211_is_data(hdr->frame_control) &&
1774 pkt->len_n_flags & cpu_to_le32(FH_RSCSR_RPA_EN)) {
1775 u16 hwsum = be16_to_cpu(mpdu_desc->v3.raw_xsum);
1776
1777 skb->ip_summed = CHECKSUM_COMPLETE;
1778 skb->csum = csum_unfold(~(__force __sum16)hwsum);
1779 }
1780
1781 if (iwl_mld_is_dup(mld, sta, hdr, mpdu_desc, rx_status, queue)) {
1782 IWL_DEBUG_DROP(mld, "Dropping duplicate packet 0x%x\n",
1783 le16_to_cpu(hdr->seq_ctrl));
1784 *drop = true;
1785 return NULL;
1786 }
1787
1788 baid = le32_get_bits(mpdu_desc->reorder_data,
1789 IWL_RX_MPDU_REORDER_BAID_MASK);
1790 if (baid != IWL_RX_REORDER_DATA_INVALID_BAID)
1791 iwl_mld_update_last_rx_timestamp(mld, baid);
1792
1793 if (link_sta && ieee80211_is_data(hdr->frame_control)) {
1794 u8 sub_frame_idx = mpdu_desc->amsdu_info &
1795 IWL_RX_MPDU_AMSDU_SUBFRAME_IDX_MASK;
1796
1797 /* 0 means not an A-MSDU, and 1 means a new A-MSDU */
1798 if (!sub_frame_idx || sub_frame_idx == 1)
1799 iwl_mld_count_mpdu_rx(link_sta, queue, 1);
1800
1801 if (!is_multicast_ether_addr(hdr->addr1))
1802 iwl_mld_low_latency_update_counters(mld, hdr, sta,
1803 queue);
1804 }
1805
1806 return sta;
1807 }
1808
iwl_mld_rx_mgmt_prot(struct ieee80211_sta * sta,struct ieee80211_hdr * hdr,struct ieee80211_rx_status * rx_status,u32 mpdu_status,u32 mpdu_len)1809 static int iwl_mld_rx_mgmt_prot(struct ieee80211_sta *sta,
1810 struct ieee80211_hdr *hdr,
1811 struct ieee80211_rx_status *rx_status,
1812 u32 mpdu_status,
1813 u32 mpdu_len)
1814 {
1815 struct iwl_mld_link *link;
1816 struct wireless_dev *wdev;
1817 struct iwl_mld_sta *mld_sta;
1818 struct iwl_mld_vif *mld_vif;
1819 u8 keyidx;
1820 struct ieee80211_key_conf *key;
1821 const u8 *frame = (void *)hdr;
1822 const u8 *mmie;
1823 u8 link_id;
1824
1825 if ((mpdu_status & IWL_RX_MPDU_STATUS_SEC_MASK) ==
1826 IWL_RX_MPDU_STATUS_SEC_NONE)
1827 return 0;
1828
1829 /* For non-beacon, we don't really care. But beacons may
1830 * be filtered out, and we thus need the firmware's replay
1831 * detection, otherwise beacons the firmware previously
1832 * filtered could be replayed, or something like that, and
1833 * it can filter a lot - though usually only if nothing has
1834 * changed.
1835 */
1836 if (!ieee80211_is_beacon(hdr->frame_control))
1837 return 0;
1838
1839 if (!sta)
1840 return -1;
1841
1842 mld_sta = iwl_mld_sta_from_mac80211(sta);
1843 mld_vif = iwl_mld_vif_from_mac80211(mld_sta->vif);
1844
1845 /* key mismatch - will also report !MIC_OK but we shouldn't count it */
1846 if (!(mpdu_status & IWL_RX_MPDU_STATUS_KEY_VALID))
1847 goto report;
1848
1849 /* good cases */
1850 if (likely(mpdu_status & IWL_RX_MPDU_STATUS_MIC_OK &&
1851 !(mpdu_status & IWL_RX_MPDU_STATUS_REPLAY_ERROR))) {
1852 rx_status->flag |= RX_FLAG_DECRYPTED;
1853 return 0;
1854 }
1855
1856 link_id = rx_status->link_valid ? rx_status->link_id : 0;
1857 link = rcu_dereference(mld_vif->link[link_id]);
1858 if (WARN_ON_ONCE(!link))
1859 return -1;
1860
1861 /* both keys will have the same cipher and MIC length, use
1862 * whichever one is available
1863 */
1864 key = rcu_dereference(link->bigtks[0]);
1865 if (!key) {
1866 key = rcu_dereference(link->bigtks[1]);
1867 if (!key)
1868 goto report;
1869 }
1870
1871 /* get the real key ID */
1872 if (mpdu_len < key->icv_len)
1873 goto report;
1874
1875 mmie = frame + (mpdu_len - key->icv_len);
1876
1877 /* the position of the key_id in ieee80211_mmie_16 is the same */
1878 keyidx = le16_to_cpu(((const struct ieee80211_mmie *) mmie)->key_id);
1879
1880 /* and if that's the other key, look it up */
1881 if (keyidx != key->keyidx) {
1882 /* shouldn't happen since firmware checked, but be safe
1883 * in case the MIC length is wrong too, for example
1884 */
1885 if (keyidx != 6 && keyidx != 7)
1886 return -1;
1887
1888 key = rcu_dereference(link->bigtks[keyidx - 6]);
1889 if (!key)
1890 goto report;
1891 }
1892
1893 /* Report status to mac80211 */
1894 if (!(mpdu_status & IWL_RX_MPDU_STATUS_MIC_OK))
1895 ieee80211_key_mic_failure(key);
1896 else if (mpdu_status & IWL_RX_MPDU_STATUS_REPLAY_ERROR)
1897 ieee80211_key_replay(key);
1898 report:
1899 wdev = ieee80211_vif_to_wdev(mld_sta->vif);
1900 if (wdev->netdev)
1901 cfg80211_rx_unprot_mlme_mgmt(wdev->netdev, (void *)hdr,
1902 mpdu_len);
1903
1904 return -1;
1905 }
1906
iwl_mld_rx_crypto(struct iwl_mld * mld,struct ieee80211_sta * sta,struct ieee80211_hdr * hdr,struct ieee80211_rx_status * rx_status,struct iwl_rx_mpdu_desc * desc,int queue,u32 pkt_flags,u8 * crypto_len)1907 static int iwl_mld_rx_crypto(struct iwl_mld *mld,
1908 struct ieee80211_sta *sta,
1909 struct ieee80211_hdr *hdr,
1910 struct ieee80211_rx_status *rx_status,
1911 struct iwl_rx_mpdu_desc *desc, int queue,
1912 u32 pkt_flags, u8 *crypto_len)
1913 {
1914 u32 status = le32_to_cpu(desc->status);
1915
1916 if (unlikely(ieee80211_is_mgmt(hdr->frame_control) &&
1917 !ieee80211_has_protected(hdr->frame_control)))
1918 return iwl_mld_rx_mgmt_prot(sta, hdr, rx_status, status,
1919 le16_to_cpu(desc->mpdu_len));
1920
1921 if (!ieee80211_has_protected(hdr->frame_control) ||
1922 (status & IWL_RX_MPDU_STATUS_SEC_MASK) ==
1923 IWL_RX_MPDU_STATUS_SEC_NONE)
1924 return 0;
1925
1926 switch (status & IWL_RX_MPDU_STATUS_SEC_MASK) {
1927 case IWL_RX_MPDU_STATUS_SEC_CCM:
1928 case IWL_RX_MPDU_STATUS_SEC_GCM:
1929 BUILD_BUG_ON(IEEE80211_CCMP_PN_LEN != IEEE80211_GCMP_PN_LEN);
1930 if (!(status & IWL_RX_MPDU_STATUS_MIC_OK)) {
1931 IWL_DEBUG_DROP(mld,
1932 "Dropping packet, bad MIC (CCM/GCM)\n");
1933 return -1;
1934 }
1935
1936 rx_status->flag |= RX_FLAG_DECRYPTED | RX_FLAG_MIC_STRIPPED;
1937 *crypto_len = IEEE80211_CCMP_HDR_LEN;
1938 return 0;
1939 case IWL_RX_MPDU_STATUS_SEC_TKIP:
1940 if (!(status & IWL_RX_MPDU_STATUS_ICV_OK))
1941 return -1;
1942
1943 if (!(status & RX_MPDU_RES_STATUS_MIC_OK))
1944 rx_status->flag |= RX_FLAG_MMIC_ERROR;
1945
1946 if (pkt_flags & FH_RSCSR_RADA_EN) {
1947 rx_status->flag |= RX_FLAG_ICV_STRIPPED;
1948 rx_status->flag |= RX_FLAG_MMIC_STRIPPED;
1949 }
1950
1951 *crypto_len = IEEE80211_TKIP_IV_LEN;
1952 rx_status->flag |= RX_FLAG_DECRYPTED;
1953 return 0;
1954 default:
1955 break;
1956 }
1957
1958 return 0;
1959 }
1960
iwl_mld_rx_update_ampdu_data(struct iwl_mld * mld,struct iwl_mld_rx_phy_data * phy_data,struct ieee80211_rx_status * rx_status)1961 static void iwl_mld_rx_update_ampdu_data(struct iwl_mld *mld,
1962 struct iwl_mld_rx_phy_data *phy_data,
1963 struct ieee80211_rx_status *rx_status)
1964 {
1965 u32 format = phy_data->rate_n_flags & RATE_MCS_MOD_TYPE_MSK;
1966 bool toggle_bit =
1967 phy_data->phy_info & IWL_RX_MPDU_PHY_AMPDU_TOGGLE;
1968
1969 switch (format) {
1970 case RATE_MCS_MOD_TYPE_CCK:
1971 case RATE_MCS_MOD_TYPE_LEGACY_OFDM:
1972 /* no aggregation possible */
1973 return;
1974 case RATE_MCS_MOD_TYPE_HT:
1975 case RATE_MCS_MOD_TYPE_VHT:
1976 /* single frames are not A-MPDU format */
1977 if (!(phy_data->phy_info & IWL_RX_MPDU_PHY_AMPDU))
1978 return;
1979 break;
1980 default:
1981 /* HE/EHT/UHR have A-MPDU format for single frames */
1982 if (!(phy_data->phy_info & IWL_RX_MPDU_PHY_AMPDU)) {
1983 rx_status->flag |= RX_FLAG_AMPDU_DETAILS;
1984 rx_status->flag |= RX_FLAG_AMPDU_EOF_BIT_KNOWN;
1985 if (phy_data->phy_info & IWL_RX_MPDU_PHY_EOF_INDICATION)
1986 rx_status->flag |= RX_FLAG_AMPDU_EOF_BIT;
1987 return;
1988 }
1989 }
1990
1991 rx_status->flag |= RX_FLAG_AMPDU_DETAILS;
1992 /* Toggle is switched whenever new aggregation starts. Make
1993 * sure ampdu_reference is never 0 so we can later use it to
1994 * see if the frame was really part of an A-MPDU or not.
1995 */
1996 if (toggle_bit != mld->monitor.ampdu_toggle) {
1997 mld->monitor.ampdu_ref++;
1998 if (mld->monitor.ampdu_ref == 0)
1999 mld->monitor.ampdu_ref++;
2000 mld->monitor.ampdu_toggle = toggle_bit;
2001 phy_data->first_subframe = true;
2002
2003 /* report EOF bit on the first subframe */
2004 rx_status->flag |= RX_FLAG_AMPDU_EOF_BIT_KNOWN;
2005 if (phy_data->phy_info & IWL_RX_MPDU_PHY_EOF_INDICATION)
2006 rx_status->flag |= RX_FLAG_AMPDU_EOF_BIT;
2007 }
2008 rx_status->ampdu_reference = mld->monitor.ampdu_ref;
2009 }
2010
2011 static void
iwl_mld_fill_rx_status_band_freq(struct ieee80211_rx_status * rx_status,u8 band,u8 channel)2012 iwl_mld_fill_rx_status_band_freq(struct ieee80211_rx_status *rx_status,
2013 u8 band, u8 channel)
2014 {
2015 rx_status->band = iwl_mld_phy_band_to_nl80211(band);
2016 rx_status->freq = ieee80211_channel_to_frequency(channel,
2017 rx_status->band);
2018 }
2019
iwl_mld_rx_mpdu(struct iwl_mld * mld,struct napi_struct * napi,struct iwl_rx_cmd_buffer * rxb,int queue)2020 void iwl_mld_rx_mpdu(struct iwl_mld *mld, struct napi_struct *napi,
2021 struct iwl_rx_cmd_buffer *rxb, int queue)
2022 {
2023 struct iwl_rx_packet *pkt = rxb_addr(rxb);
2024 struct iwl_mld_rx_phy_data phy_data = {};
2025 struct iwl_rx_mpdu_desc *mpdu_desc = (void *)pkt->data;
2026 struct ieee80211_sta *sta;
2027 struct ieee80211_hdr *hdr;
2028 struct sk_buff *skb;
2029 size_t mpdu_desc_size = sizeof(*mpdu_desc);
2030 bool drop = false;
2031 u8 crypto_len = 0, band, link_id;
2032 u32 pkt_len = iwl_rx_packet_payload_len(pkt);
2033 u32 mpdu_len;
2034 enum iwl_mld_reorder_result reorder_res;
2035 struct ieee80211_rx_status *rx_status;
2036 unsigned int alloc_size = 128;
2037
2038 if (unlikely(mld->fw_status.in_hw_restart))
2039 return;
2040
2041 if (IWL_FW_CHECK(mld, pkt_len < mpdu_desc_size,
2042 "Bad REPLY_RX_MPDU_CMD size (%d)\n", pkt_len))
2043 return;
2044
2045 mpdu_len = le16_to_cpu(mpdu_desc->mpdu_len);
2046
2047 if (IWL_FW_CHECK(mld, mpdu_len + mpdu_desc_size > pkt_len,
2048 "FW lied about packet len (%d)\n", pkt_len))
2049 return;
2050
2051 iwl_mld_fill_phy_data_from_mpdu(mld, mpdu_desc, &phy_data);
2052
2053 /* Don't use dev_alloc_skb(), we'll have enough headroom once
2054 * ieee80211_hdr pulled.
2055 *
2056 * For monitor mode we need more space to include the full PHY
2057 * notification data.
2058 */
2059 if (unlikely(mld->monitor.on) && phy_data.ntfy)
2060 alloc_size += sizeof(struct iwl_rx_phy_air_sniffer_ntfy);
2061 skb = alloc_skb(alloc_size, GFP_ATOMIC);
2062 if (!skb) {
2063 IWL_ERR(mld, "alloc_skb failed\n");
2064 return;
2065 }
2066
2067 hdr = (void *)(pkt->data + mpdu_desc_size);
2068
2069 if (mpdu_desc->mac_flags2 & IWL_RX_MPDU_MFLG2_PAD) {
2070 /* If the device inserted padding it means that (it thought)
2071 * the 802.11 header wasn't a multiple of 4 bytes long. In
2072 * this case, reserve two bytes at the start of the SKB to
2073 * align the payload properly in case we end up copying it.
2074 */
2075 skb_reserve(skb, 2);
2076 }
2077
2078 rx_status = IEEE80211_SKB_RXCB(skb);
2079
2080 /* this is needed early */
2081 band = u8_get_bits(mpdu_desc->mac_phy_band,
2082 IWL_RX_MPDU_MAC_PHY_BAND_BAND_MASK);
2083 iwl_mld_fill_rx_status_band_freq(rx_status, band,
2084 mpdu_desc->v3.channel);
2085
2086
2087 rcu_read_lock();
2088
2089 sta = iwl_mld_rx_with_sta(mld, hdr, skb, mpdu_desc, pkt, queue, &drop);
2090 if (drop)
2091 goto drop;
2092
2093 if (unlikely(mld->monitor.on))
2094 iwl_mld_rx_update_ampdu_data(mld, &phy_data, rx_status);
2095
2096 /* Keep packets with CRC errors (and with overrun) for monitor mode
2097 * (otherwise the firmware discards them) but mark them as bad.
2098 */
2099 if (!(mpdu_desc->status & cpu_to_le32(IWL_RX_MPDU_STATUS_CRC_OK)) ||
2100 !(mpdu_desc->status & cpu_to_le32(IWL_RX_MPDU_STATUS_OVERRUN_OK))) {
2101 IWL_DEBUG_RX(mld, "Bad CRC or FIFO: 0x%08X.\n",
2102 le32_to_cpu(mpdu_desc->status));
2103 rx_status->flag |= RX_FLAG_FAILED_FCS_CRC;
2104 }
2105
2106 if (likely(!(phy_data.phy_info & IWL_RX_MPDU_PHY_TSF_OVERLOAD))) {
2107 rx_status->mactime =
2108 le64_to_cpu(mpdu_desc->v3.tsf_on_air_rise);
2109
2110 /* TSF as indicated by the firmware is at INA time */
2111 rx_status->flag |= RX_FLAG_MACTIME_PLCP_START;
2112 }
2113
2114 /* management stuff on default queue */
2115 if (!queue && unlikely(ieee80211_is_beacon(hdr->frame_control) ||
2116 ieee80211_is_probe_resp(hdr->frame_control))) {
2117 rx_status->boottime_ns = ktime_get_boottime_ns();
2118
2119 if (mld->scan.pass_all_sched_res ==
2120 SCHED_SCAN_PASS_ALL_STATE_ENABLED)
2121 mld->scan.pass_all_sched_res =
2122 SCHED_SCAN_PASS_ALL_STATE_FOUND;
2123 }
2124
2125 link_id = u8_get_bits(mpdu_desc->mac_phy_band,
2126 IWL_RX_MPDU_MAC_PHY_BAND_LINK_MASK);
2127
2128 iwl_mld_rx_fill_status(mld, link_id, hdr, skb, &phy_data);
2129
2130 if (iwl_mld_rx_crypto(mld, sta, hdr, rx_status, mpdu_desc, queue,
2131 le32_to_cpu(pkt->len_n_flags), &crypto_len))
2132 goto drop;
2133
2134 if (iwl_mld_build_rx_skb(mld, skb, hdr, mpdu_len, crypto_len, rxb))
2135 goto drop;
2136
2137 /* time sync frame is saved and will be released later when the
2138 * notification with the timestamps arrives.
2139 */
2140 if (iwl_mld_time_sync_frame(mld, skb, hdr->addr2))
2141 goto out;
2142
2143 reorder_res = iwl_mld_reorder(mld, napi, queue, sta, skb, mpdu_desc);
2144 switch (reorder_res) {
2145 case IWL_MLD_PASS_SKB:
2146 break;
2147 case IWL_MLD_DROP_SKB:
2148 goto drop;
2149 case IWL_MLD_BUFFERED_SKB:
2150 goto out;
2151 default:
2152 WARN_ON(1);
2153 goto drop;
2154 }
2155
2156 iwl_mld_pass_packet_to_mac80211(mld, napi, skb, queue, sta);
2157
2158 goto out;
2159
2160 drop:
2161 kfree_skb(skb);
2162 out:
2163 rcu_read_unlock();
2164 }
2165
2166 #define SYNC_RX_QUEUE_TIMEOUT (HZ)
iwl_mld_sync_rx_queues(struct iwl_mld * mld,enum iwl_mld_internal_rxq_notif_type type,const void * notif_payload,u32 notif_payload_size)2167 void iwl_mld_sync_rx_queues(struct iwl_mld *mld,
2168 enum iwl_mld_internal_rxq_notif_type type,
2169 const void *notif_payload, u32 notif_payload_size)
2170 {
2171 u8 num_rx_queues = mld->trans->info.num_rxqs;
2172 struct {
2173 struct iwl_rxq_sync_cmd sync_cmd;
2174 struct iwl_mld_internal_rxq_notif notif;
2175 } __packed cmd = {
2176 .sync_cmd.rxq_mask = cpu_to_le32(BIT(num_rx_queues) - 1),
2177 .sync_cmd.count =
2178 cpu_to_le32(sizeof(struct iwl_mld_internal_rxq_notif) +
2179 notif_payload_size),
2180 .notif.type = type,
2181 .notif.cookie = mld->rxq_sync.cookie,
2182 };
2183 struct iwl_host_cmd hcmd = {
2184 .id = WIDE_ID(DATA_PATH_GROUP, TRIGGER_RX_QUEUES_NOTIF_CMD),
2185 .data[0] = &cmd,
2186 .len[0] = sizeof(cmd),
2187 .data[1] = notif_payload,
2188 .len[1] = notif_payload_size,
2189 };
2190 int ret;
2191
2192 /* size must be a multiple of DWORD */
2193 if (WARN_ON(cmd.sync_cmd.count & cpu_to_le32(3)))
2194 return;
2195
2196 mld->rxq_sync.state = (1 << num_rx_queues) - 1;
2197
2198 ret = iwl_mld_send_cmd(mld, &hcmd);
2199 if (ret) {
2200 IWL_ERR(mld, "Failed to trigger RX queues sync (%d)\n", ret);
2201 goto out;
2202 }
2203
2204 ret = wait_event_timeout(mld->rxq_sync.waitq,
2205 READ_ONCE(mld->rxq_sync.state) == 0,
2206 SYNC_RX_QUEUE_TIMEOUT);
2207 WARN_ONCE(!ret, "RXQ sync failed: state=0x%lx, cookie=%d\n",
2208 mld->rxq_sync.state, mld->rxq_sync.cookie);
2209
2210 out:
2211 mld->rxq_sync.state = 0;
2212 mld->rxq_sync.cookie++;
2213 }
2214
iwl_mld_handle_rx_queues_sync_notif(struct iwl_mld * mld,struct napi_struct * napi,struct iwl_rx_packet * pkt,int queue)2215 void iwl_mld_handle_rx_queues_sync_notif(struct iwl_mld *mld,
2216 struct napi_struct *napi,
2217 struct iwl_rx_packet *pkt, int queue)
2218 {
2219 struct iwl_rxq_sync_notification *notif;
2220 struct iwl_mld_internal_rxq_notif *internal_notif;
2221 u32 len = iwl_rx_packet_payload_len(pkt);
2222 size_t combined_notif_len = sizeof(*notif) + sizeof(*internal_notif);
2223
2224 notif = (void *)pkt->data;
2225 internal_notif = (void *)notif->payload;
2226
2227 if (IWL_FW_CHECK(mld, len < combined_notif_len,
2228 "invalid notification size %u (%zu)\n",
2229 len, combined_notif_len))
2230 return;
2231
2232 len -= combined_notif_len;
2233
2234 if (IWL_FW_CHECK(mld, mld->rxq_sync.cookie != internal_notif->cookie,
2235 "received expired RX queue sync message (cookie=%d expected=%d q[%d])\n",
2236 internal_notif->cookie, mld->rxq_sync.cookie, queue))
2237 return;
2238
2239 switch (internal_notif->type) {
2240 case IWL_MLD_RXQ_EMPTY:
2241 IWL_FW_CHECK(mld, len,
2242 "invalid empty notification size %d\n", len);
2243 break;
2244 case IWL_MLD_RXQ_NOTIF_DEL_BA:
2245 if (IWL_FW_CHECK(mld, len != sizeof(struct iwl_mld_delba_data),
2246 "invalid delba notification size %u (%zu)\n",
2247 len, sizeof(struct iwl_mld_delba_data)))
2248 break;
2249 iwl_mld_del_ba(mld, queue, (void *)internal_notif->payload);
2250 break;
2251 default:
2252 WARN_ON_ONCE(1);
2253 }
2254
2255 IWL_FW_CHECK(mld, !test_and_clear_bit(queue, &mld->rxq_sync.state),
2256 "RXQ sync: queue %d responded a second time!\n", queue);
2257
2258 if (READ_ONCE(mld->rxq_sync.state) == 0)
2259 wake_up(&mld->rxq_sync.waitq);
2260 }
2261
iwl_mld_no_data_rx(struct iwl_mld * mld,struct napi_struct * napi,struct iwl_rx_phy_air_sniffer_ntfy * ntfy)2262 static void iwl_mld_no_data_rx(struct iwl_mld *mld,
2263 struct napi_struct *napi,
2264 struct iwl_rx_phy_air_sniffer_ntfy *ntfy)
2265 {
2266 struct ieee80211_rx_status *rx_status;
2267 struct iwl_mld_rx_phy_data phy_data = {
2268 .ntfy = ntfy,
2269 .phy_info = 0, /* short preamble set below */
2270 .rate_n_flags = le32_to_cpu(ntfy->rate),
2271 .gp2_on_air_rise = le32_to_cpu(ntfy->on_air_rise_time),
2272 .energy_a = ntfy->rssi_a,
2273 .energy_b = ntfy->rssi_b,
2274 };
2275 u32 format = phy_data.rate_n_flags & RATE_MCS_MOD_TYPE_MSK;
2276 struct sk_buff *skb;
2277
2278 skb = alloc_skb(128 + sizeof(struct iwl_rx_phy_air_sniffer_ntfy),
2279 GFP_ATOMIC);
2280 if (!skb)
2281 return;
2282
2283 rx_status = IEEE80211_SKB_RXCB(skb);
2284
2285 /* 0-length PSDU */
2286 rx_status->flag |= RX_FLAG_NO_PSDU;
2287
2288 switch (ntfy->status) {
2289 case IWL_SNIF_STAT_PLCP_RX_OK:
2290 /* we only get here with sounding PPDUs */
2291 rx_status->zero_length_psdu_type =
2292 IEEE80211_RADIOTAP_ZERO_LEN_PSDU_SOUNDING;
2293 break;
2294 case IWL_SNIF_STAT_AID_NOT_FOR_US:
2295 rx_status->zero_length_psdu_type =
2296 IEEE80211_RADIOTAP_ZERO_LEN_PSDU_NOT_CAPTURED;
2297 break;
2298 case IWL_SNIF_STAT_PLCP_RX_LSIG_ERR:
2299 case IWL_SNIF_STAT_PLCP_RX_SIGA_ERR:
2300 case IWL_SNIF_STAT_PLCP_RX_SIGB_ERR:
2301 case IWL_SNIF_STAT_UNKNOWN_ERROR:
2302 default:
2303 rx_status->flag |= RX_FLAG_FAILED_PLCP_CRC;
2304 fallthrough;
2305 case IWL_SNIF_STAT_UNEXPECTED_TB:
2306 case IWL_SNIF_STAT_UNSUPPORTED_RATE:
2307 rx_status->zero_length_psdu_type =
2308 IEEE80211_RADIOTAP_ZERO_LEN_PSDU_VENDOR;
2309 /* we could include the real reason in a vendor TLV */
2310 }
2311
2312 if (format == RATE_MCS_MOD_TYPE_CCK &&
2313 ntfy->legacy_sig.cck & cpu_to_le32(CCK_CRFR_SHORT_PREAMBLE))
2314 phy_data.phy_info |= IWL_RX_MPDU_PHY_SHORT_PREAMBLE;
2315
2316 iwl_mld_fill_rx_status_band_freq(IEEE80211_SKB_RXCB(skb),
2317 ntfy->band, ntfy->channel);
2318
2319 /* link ID is ignored for NULL header */
2320 iwl_mld_rx_fill_status(mld, -1, NULL, skb, &phy_data);
2321
2322 /* No more radiotap info should be added after this point.
2323 * Mark it as mac header for upper layers to know where
2324 * the radiotap header ends.
2325 */
2326 skb_set_mac_header(skb, skb->len);
2327
2328 /* pass the packet to mac80211 */
2329 rcu_read_lock();
2330 ieee80211_rx_napi(mld->hw, NULL, skb, napi);
2331 rcu_read_unlock();
2332 }
2333
iwl_mld_handle_phy_air_sniffer_notif(struct iwl_mld * mld,struct napi_struct * napi,struct iwl_rx_packet * pkt)2334 void iwl_mld_handle_phy_air_sniffer_notif(struct iwl_mld *mld,
2335 struct napi_struct *napi,
2336 struct iwl_rx_packet *pkt)
2337 {
2338 struct iwl_rx_phy_air_sniffer_ntfy *ntfy = (void *)pkt->data;
2339 bool is_ndp = false;
2340 u32 he_type;
2341
2342 if (IWL_FW_CHECK(mld, iwl_rx_packet_payload_len(pkt) < sizeof(*ntfy),
2343 "invalid air sniffer notification size\n"))
2344 return;
2345
2346 /* check if there's an old one to release as errored */
2347 if (mld->monitor.phy.valid && !mld->monitor.phy.used) {
2348 /* didn't capture data, so override status */
2349 mld->monitor.phy.data.status = IWL_SNIF_STAT_AID_NOT_FOR_US;
2350 iwl_mld_no_data_rx(mld, napi, &mld->monitor.phy.data);
2351 }
2352
2353 /* old data is no longer valid now */
2354 mld->monitor.phy.valid = false;
2355
2356 he_type = le32_to_cpu(ntfy->rate) & RATE_MCS_HE_TYPE_MSK;
2357
2358 switch (le32_to_cpu(ntfy->rate) & RATE_MCS_MOD_TYPE_MSK) {
2359 case RATE_MCS_MOD_TYPE_HT:
2360 is_ndp = !le32_get_bits(ntfy->sigs.ht.a1,
2361 OFDM_RX_FRAME_HT_LENGTH);
2362 break;
2363 case RATE_MCS_MOD_TYPE_VHT:
2364 is_ndp = le32_get_bits(ntfy->sigs.vht.a0,
2365 OFDM_RX_FRAME_VHT_NUM_OF_DATA_SYM_VALID) &&
2366 !le32_get_bits(ntfy->sigs.vht.a0,
2367 OFDM_RX_FRAME_VHT_NUM_OF_DATA_SYM);
2368 break;
2369 case RATE_MCS_MOD_TYPE_HE:
2370 if (he_type == RATE_MCS_HE_TYPE_TRIG)
2371 break;
2372 is_ndp = le32_get_bits(ntfy->sigs.he.a3,
2373 OFDM_RX_FRAME_HE_NUM_OF_DATA_SYM_VALID) &&
2374 !le32_get_bits(ntfy->sigs.he.a3,
2375 OFDM_RX_FRAME_HE_NUM_OF_DATA_SYM);
2376 break;
2377 case RATE_MCS_MOD_TYPE_EHT:
2378 if (he_type == RATE_MCS_HE_TYPE_TRIG)
2379 break;
2380 is_ndp = le32_get_bits(ntfy->sigs.eht.sig2,
2381 OFDM_RX_FRAME_EHT_NUM_OF_DATA_SYM_VALID) &&
2382 !le32_get_bits(ntfy->sigs.eht.sig2,
2383 OFDM_RX_FRAME_EHT_NUM_OF_DATA_SYM);
2384 break;
2385 }
2386
2387 if (ntfy->status != IWL_SNIF_STAT_PLCP_RX_OK || is_ndp) {
2388 iwl_mld_no_data_rx(mld, napi, ntfy);
2389 return;
2390 }
2391
2392 /* hang on to it for the RX_MPDU data packet(s) */
2393 mld->monitor.phy.data = *ntfy;
2394 mld->monitor.phy.valid = true;
2395 mld->monitor.phy.used = false;
2396 }
2397