1// SPDX-License-Identifier: GPL-2.0-only
2/*
3 * NXP Wireless LAN device driver: 802.11h
4 *
5 * Copyright 2011-2020 NXP
6 */
7
8#include "main.h"
9#include "fw.h"
10
11
12void mwifiex_init_11h_params(struct mwifiex_private *priv)
13{
14	priv->state_11h.is_11h_enabled = true;
15	priv->state_11h.is_11h_active = false;
16}
17
18inline int mwifiex_is_11h_active(struct mwifiex_private *priv)
19{
20	return priv->state_11h.is_11h_active;
21}
22/* This function appends 11h info to a buffer while joining an
23 * infrastructure BSS
24 */
25static void
26mwifiex_11h_process_infra_join(struct mwifiex_private *priv, u8 **buffer,
27			       struct mwifiex_bssdescriptor *bss_desc)
28{
29	struct mwifiex_ie_types_header *ie_header;
30	struct mwifiex_ie_types_pwr_capability *cap;
31	struct mwifiex_ie_types_local_pwr_constraint *constraint;
32	struct ieee80211_supported_band *sband;
33	u8 radio_type;
34	int i;
35
36	if (!buffer || !(*buffer))
37		return;
38
39	radio_type = mwifiex_band_to_radio_type((u8) bss_desc->bss_band);
40	sband = priv->wdev.wiphy->bands[radio_type];
41
42	cap = (struct mwifiex_ie_types_pwr_capability *)*buffer;
43	cap->header.type = cpu_to_le16(WLAN_EID_PWR_CAPABILITY);
44	cap->header.len = cpu_to_le16(2);
45	cap->min_pwr = 0;
46	cap->max_pwr = 0;
47	*buffer += sizeof(*cap);
48
49	constraint = (struct mwifiex_ie_types_local_pwr_constraint *)*buffer;
50	constraint->header.type = cpu_to_le16(WLAN_EID_PWR_CONSTRAINT);
51	constraint->header.len = cpu_to_le16(2);
52	constraint->chan = bss_desc->channel;
53	constraint->constraint = bss_desc->local_constraint;
54	*buffer += sizeof(*constraint);
55
56	ie_header = (struct mwifiex_ie_types_header *)*buffer;
57	ie_header->type = cpu_to_le16(TLV_TYPE_PASSTHROUGH);
58	ie_header->len  = cpu_to_le16(2 * sband->n_channels + 2);
59	*buffer += sizeof(*ie_header);
60	*(*buffer)++ = WLAN_EID_SUPPORTED_CHANNELS;
61	*(*buffer)++ = 2 * sband->n_channels;
62	for (i = 0; i < sband->n_channels; i++) {
63		*(*buffer)++ = ieee80211_frequency_to_channel(
64					sband->channels[i].center_freq);
65		*(*buffer)++ = 1; /* one channel in the subband */
66	}
67}
68
69/* Enable or disable the 11h extensions in the firmware */
70int mwifiex_11h_activate(struct mwifiex_private *priv, bool flag)
71{
72	u32 enable = flag;
73
74	/* enable master mode radar detection on AP interface */
75	if ((GET_BSS_ROLE(priv) == MWIFIEX_BSS_ROLE_UAP) && enable)
76		enable |= MWIFIEX_MASTER_RADAR_DET_MASK;
77
78	return mwifiex_send_cmd(priv, HostCmd_CMD_802_11_SNMP_MIB,
79				HostCmd_ACT_GEN_SET, DOT11H_I, &enable, true);
80}
81
82/* This functions processes TLV buffer for a pending BSS Join command.
83 *
84 * Activate 11h functionality in the firmware if the spectrum management
85 * capability bit is found in the network we are joining. Also, necessary
86 * TLVs are set based on requested network's 11h capability.
87 */
88void mwifiex_11h_process_join(struct mwifiex_private *priv, u8 **buffer,
89			      struct mwifiex_bssdescriptor *bss_desc)
90{
91	if (bss_desc->sensed_11h) {
92		/* Activate 11h functions in firmware, turns on capability
93		 * bit
94		 */
95		mwifiex_11h_activate(priv, true);
96		priv->state_11h.is_11h_active = true;
97		bss_desc->cap_info_bitmap |= WLAN_CAPABILITY_SPECTRUM_MGMT;
98		mwifiex_11h_process_infra_join(priv, buffer, bss_desc);
99	} else {
100		/* Deactivate 11h functions in the firmware */
101		mwifiex_11h_activate(priv, false);
102		priv->state_11h.is_11h_active = false;
103		bss_desc->cap_info_bitmap &= ~WLAN_CAPABILITY_SPECTRUM_MGMT;
104	}
105}
106
107/* This is DFS CAC work queue function.
108 * This delayed work emits CAC finished event for cfg80211 if
109 * CAC was started earlier.
110 */
111void mwifiex_dfs_cac_work_queue(struct work_struct *work)
112{
113	struct cfg80211_chan_def chandef;
114	struct delayed_work *delayed_work = to_delayed_work(work);
115	struct mwifiex_private *priv =
116			container_of(delayed_work, struct mwifiex_private,
117				     dfs_cac_work);
118
119	chandef = priv->dfs_chandef;
120	if (priv->wdev.cac_started) {
121		mwifiex_dbg(priv->adapter, MSG,
122			    "CAC timer finished; No radar detected\n");
123		cfg80211_cac_event(priv->netdev, &chandef,
124				   NL80211_RADAR_CAC_FINISHED,
125				   GFP_KERNEL);
126	}
127}
128
129/* This function prepares channel report request command to FW for
130 * starting radar detection.
131 */
132int mwifiex_cmd_issue_chan_report_request(struct mwifiex_private *priv,
133					  struct host_cmd_ds_command *cmd,
134					  void *data_buf)
135{
136	struct host_cmd_ds_chan_rpt_req *cr_req = &cmd->params.chan_rpt_req;
137	struct mwifiex_radar_params *radar_params = (void *)data_buf;
138
139	cmd->command = cpu_to_le16(HostCmd_CMD_CHAN_REPORT_REQUEST);
140	cmd->size = cpu_to_le16(S_DS_GEN);
141	le16_unaligned_add_cpu(&cmd->size,
142			       sizeof(struct host_cmd_ds_chan_rpt_req));
143
144	cr_req->chan_desc.start_freq = cpu_to_le16(MWIFIEX_A_BAND_START_FREQ);
145	cr_req->chan_desc.chan_num = radar_params->chandef->chan->hw_value;
146	cr_req->chan_desc.chan_width = radar_params->chandef->width;
147	cr_req->msec_dwell_time = cpu_to_le32(radar_params->cac_time_ms);
148
149	if (radar_params->cac_time_ms)
150		mwifiex_dbg(priv->adapter, MSG,
151			    "11h: issuing DFS Radar check for channel=%d\n",
152			    radar_params->chandef->chan->hw_value);
153	else
154		mwifiex_dbg(priv->adapter, MSG, "cancelling CAC\n");
155
156	return 0;
157}
158
159int mwifiex_stop_radar_detection(struct mwifiex_private *priv,
160				 struct cfg80211_chan_def *chandef)
161{
162	struct mwifiex_radar_params radar_params;
163
164	memset(&radar_params, 0, sizeof(struct mwifiex_radar_params));
165	radar_params.chandef = chandef;
166	radar_params.cac_time_ms = 0;
167
168	return mwifiex_send_cmd(priv, HostCmd_CMD_CHAN_REPORT_REQUEST,
169				HostCmd_ACT_GEN_SET, 0, &radar_params, true);
170}
171
172/* This function is to abort ongoing CAC upon stopping AP operations
173 * or during unload.
174 */
175void mwifiex_abort_cac(struct mwifiex_private *priv)
176{
177	if (priv->wdev.cac_started) {
178		if (mwifiex_stop_radar_detection(priv, &priv->dfs_chandef))
179			mwifiex_dbg(priv->adapter, ERROR,
180				    "failed to stop CAC in FW\n");
181		mwifiex_dbg(priv->adapter, MSG,
182			    "Aborting delayed work for CAC.\n");
183		cancel_delayed_work_sync(&priv->dfs_cac_work);
184		cfg80211_cac_event(priv->netdev, &priv->dfs_chandef,
185				   NL80211_RADAR_CAC_ABORTED, GFP_KERNEL);
186	}
187}
188
189/* This function handles channel report event from FW during CAC period.
190 * If radar is detected during CAC, driver indicates the same to cfg80211
191 * and also cancels ongoing delayed work.
192 */
193int mwifiex_11h_handle_chanrpt_ready(struct mwifiex_private *priv,
194				     struct sk_buff *skb)
195{
196	struct host_cmd_ds_chan_rpt_event *rpt_event;
197	struct mwifiex_ie_types_chan_rpt_data *rpt;
198	u16 event_len, tlv_len;
199
200	rpt_event = (void *)(skb->data + sizeof(u32));
201	event_len = skb->len - (sizeof(struct host_cmd_ds_chan_rpt_event)+
202				sizeof(u32));
203
204	if (le32_to_cpu(rpt_event->result) != HostCmd_RESULT_OK) {
205		mwifiex_dbg(priv->adapter, ERROR,
206			    "Error in channel report event\n");
207		return -1;
208	}
209
210	while (event_len >= sizeof(struct mwifiex_ie_types_header)) {
211		rpt = (void *)&rpt_event->tlvbuf;
212		tlv_len = le16_to_cpu(rpt->header.len);
213
214		switch (le16_to_cpu(rpt->header.type)) {
215		case TLV_TYPE_CHANRPT_11H_BASIC:
216			if (rpt->map.radar) {
217				mwifiex_dbg(priv->adapter, MSG,
218					    "RADAR Detected on channel %d!\n",
219					    priv->dfs_chandef.chan->hw_value);
220				cancel_delayed_work_sync(&priv->dfs_cac_work);
221				cfg80211_cac_event(priv->netdev,
222						   &priv->dfs_chandef,
223						   NL80211_RADAR_DETECTED,
224						   GFP_KERNEL);
225			}
226			break;
227		default:
228			break;
229		}
230
231		event_len -= (tlv_len + sizeof(rpt->header));
232	}
233
234	return 0;
235}
236
237/* Handler for radar detected event from FW.*/
238int mwifiex_11h_handle_radar_detected(struct mwifiex_private *priv,
239				      struct sk_buff *skb)
240{
241	struct mwifiex_radar_det_event *rdr_event;
242
243	rdr_event = (void *)(skb->data + sizeof(u32));
244
245	mwifiex_dbg(priv->adapter, MSG,
246		    "radar detected; indicating kernel\n");
247	if (mwifiex_stop_radar_detection(priv, &priv->dfs_chandef))
248		mwifiex_dbg(priv->adapter, ERROR,
249			    "Failed to stop CAC in FW\n");
250	cfg80211_radar_event(priv->adapter->wiphy, &priv->dfs_chandef,
251			     GFP_KERNEL);
252	mwifiex_dbg(priv->adapter, MSG, "regdomain: %d\n",
253		    rdr_event->reg_domain);
254	mwifiex_dbg(priv->adapter, MSG, "radar detection type: %d\n",
255		    rdr_event->det_type);
256
257	return 0;
258}
259
260/* This is work queue function for channel switch handling.
261 * This function takes care of updating new channel definitin to
262 * bss config structure, restart AP and indicate channel switch success
263 * to cfg80211.
264 */
265void mwifiex_dfs_chan_sw_work_queue(struct work_struct *work)
266{
267	struct mwifiex_uap_bss_param *bss_cfg;
268	struct delayed_work *delayed_work = to_delayed_work(work);
269	struct mwifiex_private *priv =
270			container_of(delayed_work, struct mwifiex_private,
271				     dfs_chan_sw_work);
272
273	bss_cfg = &priv->bss_cfg;
274	if (!bss_cfg->beacon_period) {
275		mwifiex_dbg(priv->adapter, ERROR,
276			    "channel switch: AP already stopped\n");
277		return;
278	}
279
280	mwifiex_uap_set_channel(priv, bss_cfg, priv->dfs_chandef);
281
282	if (mwifiex_config_start_uap(priv, bss_cfg)) {
283		mwifiex_dbg(priv->adapter, ERROR,
284			    "Failed to start AP after channel switch\n");
285		return;
286	}
287
288	mwifiex_dbg(priv->adapter, MSG,
289		    "indicating channel switch completion to kernel\n");
290	wiphy_lock(priv->wdev.wiphy);
291	cfg80211_ch_switch_notify(priv->netdev, &priv->dfs_chandef, 0);
292	wiphy_unlock(priv->wdev.wiphy);
293}
294