Kalle Valo [Wed, 20 Mar 2024 18:24:47 +0000 (20:24 +0200)]
wifi: wcn36xx: buff_to_be(): fix sparse warnings
Sparse warns:
drivers/net/wireless/ath/wcn36xx/txrx.c: note: in included file (through drivers/net/wireless/ath/wcn36xx/txrx.h):
drivers/net/wireless/ath/wcn36xx/wcn36xx.h:107:24: warning: incorrect type in assignment (different base types)
drivers/net/wireless/ath/wcn36xx/wcn36xx.h:107:24: expected unsigned int [usertype]
drivers/net/wireless/ath/wcn36xx/wcn36xx.h:107:24: got restricted __be32 [usertype]
drivers/net/wireless/ath/wcn36xx/wcn36xx.h:107:24: warning: incorrect type in assignment (different base types)
drivers/net/wireless/ath/wcn36xx/wcn36xx.h:107:24: expected unsigned int [usertype]
drivers/net/wireless/ath/wcn36xx/wcn36xx.h:107:24: got restricted __be32 [usertype]
Use void pointers and two separate variables to workaround the warning. Also
now the callers don't need any casting. There's actually cpu_to_be32_array()
available but decided to do minimal changes instead.
Kalle Valo [Wed, 20 Mar 2024 18:24:46 +0000 (20:24 +0200)]
wifi: ath6kl: fix sparse warnings
Sparse warns:
drivers/net/wireless/ath/ath6kl/htc_pipe.c:241:17: warning: incorrect type in assignment (different base types)
drivers/net/wireless/ath/ath6kl/htc_pipe.c:241:17: expected restricted __le16 x
drivers/net/wireless/ath/ath6kl/htc_pipe.c:241:17: got unsigned short [usertype]
drivers/net/wireless/ath/ath6kl/htc_mbox.c:368:9: warning: incorrect type in assignment (different base types)
drivers/net/wireless/ath/ath6kl/htc_mbox.c:368:9: expected restricted __le16 x
drivers/net/wireless/ath/ath6kl/htc_mbox.c:368:9: got unsigned short [usertype]
Use put_unaligned_le16() so that the value is converted to little endian before
storing it to the header.
Li Zhijian [Thu, 21 Mar 2024 11:42:47 +0000 (13:42 +0200)]
wifi: ath: Convert sprintf/snprintf to sysfs_emit
Per filesystems/sysfs.rst, show() should only use sysfs_emit()
or sysfs_emit_at() when formatting the value to be returned to user space.
coccinelle complains that there are still a couple of functions that use
snprintf(). Convert them to sysfs_emit().
sprintf() will be converted as weel if they have.
Generally, this patch is generated by
make coccicheck M=<path/to/file> MODE=patch \
COCCI=scripts/coccinelle/api/device_attr_show.cocci
No functional change intended
CC: Kalle Valo <kvalo@kernel.org> CC: Jeff Johnson <jjohnson@kernel.org> CC: linux-wireless@vger.kernel.org CC: ath11k@lists.infradead.org CC: ath10k@lists.infradead.org Signed-off-by: Li Zhijian <lizhijian@fujitsu.com> Signed-off-by: Kalle Valo <quic_kvalo@quicinc.com> Link: https://msgid.link/20240315055211.1347548-1-lizhijian@fujitsu.com
Baochen Qiang [Thu, 11 Jan 2024 07:14:06 +0000 (15:14 +0800)]
wifi: ath11k: do not process consecutive RDDM event
Currently we do reset for each RDDM event from MHI, however there are
cases, see below log, that we get two or more consecutive events, and
it is pointless to do reset for the subsequent ones. What's more, it
makes reset process more likely to fail.
Add a check to avoid reset again and again. This is done by tracking previous
MHI status: if we receive a new RDDM event while the previous one is
also the same, we treat it as duplicate and ignore it, because normally
we should receive a MHI_CB_EE_MISSION_MODE event between them.
wifi: ath12k: Refactor error handler of Rxdma replenish
The Rxdma replenish handler currently contains redundant code in both the
success and error cases. To avoid the redundant code, implement a
conditional jump mechanism by placing a goto statement to prevent
unnecessary execution of the error handling code when the operation is
successful. This change streamline the code readability and enhance its
efficiency.
wifi: ath12k: Optimize the lock contention of used list in Rx data path
When a packet arrives in Rx rings, the RX descriptor moves from the used
list to the free list. Then, the rxdma ring gets replenished, where the Rx
descriptor again moves from the free list to the used list. At the end, the
descriptor came to the used list with unnecessary list movement. The
descriptor used list is maintained in the Rxdma ring structure, which
creates lock contention for the list operations (add, delete) in the Rx
data path. Optimize the Rx data path by removing the used list from the
common Rxdma ring and maintain as a local variable in the Rx ring handler
itself, which avoid lock contention. Now, to find the used list descriptor
during descriptor cleanup, we need to check the in_use flag for each Rx
descriptor.
This is a simple UDP UL throughput test case results on x86+NUC device
with QCN9274 card, which clearly shows 8% to 12% improvement in the CPU
idle for the same ingress traffic.
Currently, the Rxdma buffer replenish procedure implicitly retrieves the
number of free entries when the caller passes req_entries as zero. This is
helpful to replenishing the Rxdma ring when the caller is unaware of the
number of entries to replenish. After the Rxdma ring is initialized, we
can pass req_entries as zero to replenish all the free entry in the Rxdma
ring. This change helps to align the argument req_entries to the used list
entries for better code readability.
Aloka Dixit [Thu, 14 Mar 2024 20:46:51 +0000 (13:46 -0700)]
wifi: ath12k: use correct flag field for 320 MHz channels
Due to an error during rebasing the patchset 320 MHz channel support got
broken. ath12k was setting the QoS bit instead of the correct flag.
WMI_PEER_EXT_320MHZ (0x2) is defined as an extended flag, replace
peer_flags by peer_flags_ext while sending peer data.
This affected both QCN9274 and WCN7850 which use the same flag.
Fixes: 6734cf9b4cc7 ("wifi: ath12k: peer assoc for 320 MHz") Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com> Acked-by: Jeff Johnson <quic_jjohnson@quicinc.com> Signed-off-by: Kalle Valo <quic_kvalo@quicinc.com> Link: https://msgid.link/20240314204651.11075-1-quic_alokad@quicinc.com
wifi: ath12k: fix desc address calculation in wbm tx completion
In tx completion, status desc is obtained from offsetting the address
from wbm ring. Having HTT_TX_WBM_COMP_STATUS_OFFSET(8) and reserved 8
bytes in status desc offsets the address twice and read the values
from the incorrect address. Hence, remove the
HTT_TX_WBM_COMP_STATUS_OFFSET from wbm completion address calculation.
Kang Yang [Wed, 28 Feb 2024 09:35:36 +0000 (17:35 +0800)]
wifi: ath11k: change scan flag scan_f_filter_prb_req for QCA6390/WCN6855/QCA2066
Current ROC scan will filter probe request. So P2P device cannot receive
probe request. But it is necessary for P2P mode. A P2P device cannot be
discovered if it doesn't respond to others' probe request.
In addition, station won't filter probe request with common scan. But
for station, there is no needed to receive probe request.
Based on the above two points, change scan flag scan_f_filter_prb_req
for QCA6390/WCN6855/QCA2066.
Kang Yang [Wed, 28 Feb 2024 09:35:34 +0000 (17:35 +0800)]
wifi: ath11k: implement handling of P2P NoA event
The NoA(Notice of Absence) attribute is used by the P2P Group Owner to
signal its absence due to power save timing, concurrent operation, or
off-channel scanning. It is also used in the P2P Presence Request-Response
mechanism.
The NoA attribute shall be present in the P2P IE in the beacon frames
transmitted by a P2P Group Owner when a NoA schedule is being advertised,
or when the CTWindow is non-zero.
So add support to update P2P information after P2P GO is up through
event WMI_P2P_NOA_EVENTID, and always put it in probe resp.
Create p2p.c and p2p.h for P2P related functions and definitions.
Kang Yang [Wed, 28 Feb 2024 09:35:33 +0000 (17:35 +0800)]
wifi: ath11k: add P2P IE in beacon template
P2P Element is a necessary component of P2P protocol communication.
It contains the Vendor Specific Information Element which includes
the WFA OUI and an OUI Type indicating P2P.
Add P2P IE in beacon template, and implement WMI interface for it.
Baochen Qiang [Sat, 9 Mar 2024 11:31:15 +0000 (19:31 +0800)]
wifi: ath11k: don't force enable power save on non-running vdevs
Currently we force enable power save on non-running vdevs, this results
in unexpected ping latency in below scenarios:
1. disable power save from userspace.
2. trigger suspend/resume.
With step 1 power save is disabled successfully and we get a good latency:
PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data.
64 bytes from 192.168.1.1: icmp_seq=1 ttl=64 time=5.13 ms
64 bytes from 192.168.1.1: icmp_seq=2 ttl=64 time=5.45 ms
64 bytes from 192.168.1.1: icmp_seq=3 ttl=64 time=5.99 ms
64 bytes from 192.168.1.1: icmp_seq=4 ttl=64 time=6.34 ms
64 bytes from 192.168.1.1: icmp_seq=5 ttl=64 time=4.47 ms
64 bytes from 192.168.1.1: icmp_seq=6 ttl=64 time=6.45 ms
While after step 2, the latency becomes much larger:
PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data.
64 bytes from 192.168.1.1: icmp_seq=1 ttl=64 time=17.7 ms
64 bytes from 192.168.1.1: icmp_seq=2 ttl=64 time=15.0 ms
64 bytes from 192.168.1.1: icmp_seq=3 ttl=64 time=14.3 ms
64 bytes from 192.168.1.1: icmp_seq=4 ttl=64 time=16.5 ms
64 bytes from 192.168.1.1: icmp_seq=5 ttl=64 time=20.1 ms
The reason is, with step 2, power save is force enabled due to vdev not
running, although mac80211 was trying to disable it to honor userspace
configuration:
ath11k_pci 0000:03:00.0: wmi cmd sta powersave mode psmode 1 vdev id 0
Call Trace:
ath11k_wmi_pdev_set_ps_mode
ath11k_mac_op_bss_info_changed
ieee80211_bss_info_change_notify
ieee80211_reconfig
ieee80211_resume
wiphy_resume
This logic is taken from ath10k where it was added due to below comment:
Firmware doesn't behave nicely and consumes more power than
necessary if PS is disabled on a non-started vdev.
However we don't know whether such an issue also occurs to ath11k firmware
or not. But even if it does, it's not appropriate because it goes against
userspace, even cfg/mac80211 don't know we have enabled it in fact.
Remove it to fix this issue. In this way we not only get a better latency,
but also, and the most important, keeps the consistency between userspace
and kernel/driver. The biggest price for that would be the power consumption,
which is not that important, compared with the consistency.
Kevin Lo [Fri, 8 Mar 2024 15:09:45 +0000 (17:09 +0200)]
wifi: ath11k: adjust a comment to reflect reality
On QCA6390/QCN9074/WCN6855, MHISTATUS may still have SYSERR bit set
after SOC_GLOBAL_RESET.
Signed-off-by: Kevin Lo <kevlo@kevlo.org> Acked-by: Jeff Johnson <quic_jjohnson@quicinc.com> Signed-off-by: Kalle Valo <quic_kvalo@quicinc.com> Link: https://msgid.link/ZeWEqGVibkMg2APi@ns.kevlo.org
Baochen Qiang [Wed, 6 Mar 2024 05:15:14 +0000 (07:15 +0200)]
wifi: ath10k: poll service ready message before failing
Currently host relies on CE interrupts to get notified that
the service ready message is ready. This results in timeout
issue if the interrupt is not fired, due to some unknown
reasons. See below logs:
[76321.937866] ath10k_pci 0000:02:00.0: wmi service ready event not received
...
[76322.016738] ath10k_pci 0000:02:00.0: Could not init core: -110
And finally it causes WLAN interface bring up failure.
Change to give it one more chance here by polling CE rings,
before failing directly.
Currently the soc_dp_stats debugfs file has the following permissions:
# ls -l /sys/kernel/debug/ath11k/pci-0000:03:00.0/soc_dp_stats
-rw------- 1 root root 0 Mar 4 15:04 /sys/kernel/debug/ath11k/pci-0000:03:00.0/soc_dp_stats
However this file does not actually support write operations -- no .write()
method is registered. Therefore use the correct permissions when creating
the file.
After the change:
# ls -l /sys/kernel/debug/ath11k/pci-0000:03:00.0/soc_dp_stats
-r-------- 1 root root 0 Mar 4 15:15 /sys/kernel/debug/ath11k/pci-0000:03:00.0/soc_dp_stats
ath11k inherited struct wmi_start_scan_arg from ath10k. However, in
ath11k, this struct is unused -- struct scan_req_params is used for
this functionality. So remove the unused struct.
ath12k inherited struct wmi_start_scan_arg from ath11k. However, in
ath12k, this struct is unused -- struct ath12k_wmi_scan_req_arg is
used for this functionality. So remove the unused struct.
Now WoWLAN firmware will disable PCIE DMA after driver call cfg_wake
function, and it will lead to release offload packet fail because driver
can't receive completion notification from firmware. We move release
offload packet earlier to avoid this error.
Chin-Yen Lee [Sat, 2 Mar 2024 00:58:24 +0000 (08:58 +0800)]
wifi: rtw89: update DMA function with different generation
The register of control and polling function for TX/RX DMA is different
from different generation, so update them. Also rename polling_dma
function to polling_dma_idle to avoid misunderstanding.
Chin-Yen Lee [Sat, 2 Mar 2024 00:58:22 +0000 (08:58 +0800)]
wifi: rtw89: wow: update WoWLAN reason register for different chips
The WoWLAN reason register is used for driver to get the wakeup reason
for reporting to cfg80211, and it is different from chips. So put it
into chip information.
Duoming Zhou [Thu, 29 Feb 2024 10:31:53 +0000 (18:31 +0800)]
wifi: brcm80211: handle pmk_op allocation failure
The kzalloc() in brcmf_pmksa_v3_op() will return null if the
physical memory has run out. As a result, if we dereference
the null value, the null pointer dereference bug will happen.
Return -ENOMEM from brcmf_pmksa_v3_op() if kzalloc() fails
for pmk_op.
Fixes: a96202acaea4 ("wifi: brcmfmac: cfg80211: Add support for PMKID_V3 operations") Acked-by: Arend van Spriel <arend.vanspriel@broadcom.com> Signed-off-by: Duoming Zhou <duoming@zju.edu.cn> Reviewed-by: Kees Cook <keescook@chromium.org> Signed-off-by: Kalle Valo <kvalo@kernel.org> Link: https://msgid.link/20240229103153.18533-1-duoming@zju.edu.cn
The 2 Bluetooth profiles (Hands free profile & Human interface device)
have high duty transmission, it will affect the traffic of WiFi packet
frequently. And once the WiFi traffic down to B/G mode, it will need
a better success rate to recover the transmission rate. Add new policy
option to solve the above situation.
Ching-Te Ku [Thu, 29 Feb 2024 07:45:13 +0000 (15:45 +0800)]
wifi: rtw89: coex: When Bluetooth not available don't set power/gain
If Bluetooth is working, it will update their info regularly. And the code
will increase the counters while the info updating. Use this counter to
judge is Bluetooth working or not. Don't need to set Bluetooth power or
gain when it is not working.
Ching-Te Ku [Thu, 29 Feb 2024 07:45:11 +0000 (15:45 +0800)]
wifi: rtw89: coex: Reorder H2C command index to align with firmware
Wi-Fi firmware need some driver information to do decision or do some
real-time control. Driver will update these information by H2C command.
The chip 8922a H2C command index is different from before chips/branch,
so need to assign the correct index to let firmware parsing.
Ching-Te Ku [Thu, 29 Feb 2024 07:45:09 +0000 (15:45 +0800)]
wifi: rtw89: coex: add init_info H2C command format version 7
To avoid using bit fields for H2C command, rearrange the structure.
And also patch the corresponding code for the using of this structure.
No logic changes for existing chips.
Ping-Ke Shih [Thu, 29 Feb 2024 07:45:08 +0000 (15:45 +0800)]
wifi: rtw89: 8922a: add coexistence helpers of SW grant
Under some circumstances, coexistence mechanism want to keep grant BT or
WiFi, such as inquiry and WiFi is connecting, to ensure BT or WiFi can
transmit or receive data in that period.
When hardware grant BT initially but transition to grant WiFi, the PLT
(polluted) bit is set to assist coexistence mechanism to debug if
grant signal is expected.
Johannes Berg [Wed, 28 Feb 2024 11:11:56 +0000 (12:11 +0100)]
wifi: cw1200: restore endian swapping
The code here looks well thought-out, so it seems likely
that the byte-swaps are actually needed, due to SPI bus
and device behaviour. Restore the byte-swapping, in a way
that doesn't result in sparse warnings.
When these failures happen, the warning and call trace is printed which is
excessive. Instead, just print the error but rate limited to prevent warns
to unnecessarily pollute the kernel log buffer and make the serial console
practically unusable.
For example, on an AM625 BeaglePlay board where accessing a SDIO WiFi chip
fails with an -110 (ETIMEDOUT) error:
Bitterblue Smith [Thu, 29 Feb 2024 22:35:09 +0000 (00:35 +0200)]
wifi: rtw88: 8821c: Fix beacon loss and disconnect
Tenda U9 V2.0, which contains RTL8811CU, is practically unusable because
of frequent disconnections:
Feb 23 14:46:45 ideapad2 wpa_supplicant[427]: wlp3s0f3u2: CTRL-EVENT-BEACON-LOSS
Feb 23 14:46:46 ideapad2 wpa_supplicant[427]: wlp3s0f3u2: CTRL-EVENT-DISCONNECTED
bssid=90:55:de:__:__:__ reason=4 locally_generated=1
Feb 23 14:46:52 ideapad2 wpa_supplicant[427]: wlp3s0f3u2: CTRL-EVENT-CONNECTED
- Connection to 90:55:de:__:__:__ completed [id=0 id_str=]
Feb 23 14:46:54 ideapad2 wpa_supplicant[427]: wlp3s0f3u2: CTRL-EVENT-BEACON-LOSS
Feb 23 14:46:55 ideapad2 wpa_supplicant[427]: wlp3s0f3u2: CTRL-EVENT-DISCONNECTED
bssid=90:55:de:__:__:__ reason=4 locally_generated=1
Feb 23 14:47:01 ideapad2 wpa_supplicant[427]: wlp3s0f3u2: CTRL-EVENT-CONNECTED
- Connection to 90:55:de:__:__:__ completed [id=0 id_str=]
Feb 23 14:47:04 ideapad2 wpa_supplicant[427]: wlp3s0f3u2: CTRL-EVENT-BEACON-LOSS
Feb 23 14:47:05 ideapad2 wpa_supplicant[427]: wlp3s0f3u2: CTRL-EVENT-DISCONNECTED
bssid=90:55:de:__:__:__ reason=4 locally_generated=1
This is caused by a mistake in the chip initialisation. This version of
the chip requires loading an extra AGC table right after the main one,
but the extra table is being loaded at the wrong time, in
rtw_chip_board_info_setup().
Move the extra AGC table loading to the right place, in
rtw_phy_load_tables().
The rtw_chip_board_info_setup() can only do "software" things, and
rtw_phy_load_tables() can really do IO.
Fixes: 5d6651fe8583 ("rtw88: 8821c: support RFE type2 wifi NIC") Signed-off-by: Bitterblue Smith <rtl8821cerfe2@gmail.com> Acked-by: Ping-Ke Shih <pkshih@realtek.com> Signed-off-by: Kalle Valo <kvalo@kernel.org> Link: https://msgid.link/276c31d8-b9a8-4e54-a3ac-09b74657aff7@gmail.com
Bitterblue Smith [Thu, 29 Feb 2024 22:32:45 +0000 (00:32 +0200)]
wifi: rtw88: 8821cu: Fix firmware upload fail
RTL8822CU, RTL8822BU, and RTL8821CU need an extra register write after
reading and writing certain addresses.
Without this, the firmware upload fails approximately more than 50% of
the time.
Tested with RTL8811CU (Tenda U9 V2.0) which is the same as RTL8821CU
but without Bluetooth.
Fixes: a82dfd33d123 ("wifi: rtw88: Add common USB chip support") Signed-off-by: Bitterblue Smith <rtl8821cerfe2@gmail.com> Acked-by: Ping-Ke Shih <pkshih@realtek.com> Signed-off-by: Kalle Valo <kvalo@kernel.org> Link: https://msgid.link/f12ed39d-28e8-4b8b-8d22-447bcf295afc@gmail.com
Johannes Berg [Wed, 28 Feb 2024 08:55:48 +0000 (09:55 +0100)]
wifi: mac80211: remove TDLS peers on link deactivation
If a link is deactivated, we really cannot sustain any
TDLS connections on that link any more. With the API
now changed, fix this issue and remove TDLS connections.
Johannes Berg [Wed, 28 Feb 2024 08:55:46 +0000 (09:55 +0100)]
wifi: mac80211: mlme: unify CSA handling
Unify all the CSA handling, including handling of a beacon
after the CSA, into ieee80211_sta_process_chanswitch().
The CRC of the beacon will change due to changes in the
CSA/ECSA elements, so there's really no need to have the
'beacon after CSA' handling before the CRC processing or
to change the beacon_crc_valid value here.
Johannes Berg [Wed, 28 Feb 2024 08:55:45 +0000 (09:55 +0100)]
wifi: mac80211: introduce a feature flag for quiet in CSA
When doing CSA in multi-link, there really isn't a need to
stop transmissions entirely. Add a feature flag for drivers
to indicate they can handle quiet in CSA (be it by parsing
themselves, or by implementing drv_pre_channel_switch()),
to make that possible.
Also clean up the csa_block_tx handling: it clearly cannot
handle multi-link due to the way queues are stopped, move
it to the sdata. Drivers should be doing it themselves for
working properly during CSA in MLO anyway. Also rename it
to indicate that it reflects TX was blocked at mac80211.
Johannes Berg [Wed, 28 Feb 2024 08:55:42 +0000 (09:55 +0100)]
wifi: cfg80211: allow cfg80211_defragment_element() without output
If we just want to determine the length of the fragmented
data, we basically need the same logic, and really we want
it to be _literally_ the same logic, so it cannot be out
of sync in any way.
Allow calling cfg80211_defragment_element() without an output
buffer, where it then just returns the required output size.
Also add this to the tests, just to exercise it, using the
pre-calculated length to really do the defragmentation, which
checks that this is sufficient.
Johannes Berg [Wed, 28 Feb 2024 08:48:14 +0000 (09:48 +0100)]
wifi: mac80211: defragment reconfiguration MLE when parsing
Using the scratch buffer (without advancing it) here in the
mlme.c code seems somewhat wrong, defragment the reconfig
multi-link element already when parsing. This might be a bit
more work in certain cases, but makes the whole thing more
regular.
Johannes Berg [Wed, 28 Feb 2024 08:48:13 +0000 (09:48 +0100)]
wifi: mac80211: simplify multi-link element parsing
We shouldn't assign elems->ml_basic{,len} before defragmentation,
and we don't need elems->ml_reconf{,len} at all since we don't do
defragmentation. Clean that up a bit. This does require always
defragmention even when it may not be needed, but that's easier
to reason about.
Johannes Berg [Wed, 28 Feb 2024 08:48:12 +0000 (09:48 +0100)]
wifi: mac80211: remove unnecessary ML element checks
Given the prior changes to ieee80211_mle_size_ok(), we
can now pass NULL to for_each_mle_subelement(), so no
longer need to check for that here explicitly.
We sometimes need to check if a link is active, and this
is complicated by the fact that active_links has no bits
set when the vif isn't (acting as) an MLD. Add a small
new helper ieee80211_vif_link_active() to make that a bit
easier, and use it in a few places.
Ilan Peer [Wed, 28 Feb 2024 08:47:54 +0000 (09:47 +0100)]
wifi: mac80211: Adjust CQM handling for MLO
The CQM handling did not consider the MLO case and thus notified
a not-existing link with the CQM change. To fix this, propagate
the CQM notification to all the active links (handling both the
non-MLO and MLO cases).
TODO: this currently propagates the same configuration to all
links regardless of the band. This might not be the correct
approach as different links might need to be configured with
different values.
Ilan Peer [Wed, 28 Feb 2024 08:47:39 +0000 (09:47 +0100)]
wifi: mac80211: Allow beacons to update BSS table regardless of scan
When a beacon is received use it to update the BSS table regardless
of the scanning state. Do so only when there are active non-monitor
interfaces. Also, while at it, in any case accept beacons only with
broadcast address.
Johannes Berg [Wed, 28 Feb 2024 08:40:52 +0000 (09:40 +0100)]
wifi: mac80211: obtain AP HT/VHT data for assoc request
In the association request, we make some parameters depend on the
AP's HT/VHT information. This was broken by my code because it no
longer filled that information, making it all zero.
For HT that meant we wouldn't reduce our capabilities to 20 MHz if
needed, and for VHT we lost beamforming capabilities.
Fix this. It seems like it may even have been broken for all but
the assoc link before.
Johannes Berg [Wed, 28 Feb 2024 08:40:51 +0000 (09:40 +0100)]
wifi: mac80211: don't add VHT capa on links without them
When a link doesn't have VHT capability, before the rework
we'd have set IEEE80211_CONN_DISABLE_VHT, but now with the
linear progression of 'mode', we no longer have that. Add
an explicit check for VHT being supported, so we don't add
a zeroed VHT capabilities element where it shouldn't be.
wifi: mac80211: handle netif carrier up/down with link AP during MLO
Currently whenever link AP is started, netif_carrier_up() function is
called and whenever it is brought down, netif_carrier_down() function is
called. However, with MLO, all the links of the same MLD would use the
same netdev. Hence there is no need to indicate for each link up/down.
Also, calling it down when only one of the links went down is not
desirable.
Add changes to call the netif_carrier_up() function only when first link
is brought up. Similarly, add changes to call the netif_carrier_down()
function only when last link is brought down.
In order to check the number of beaconing links in the given interface,
introduce a new helper function ieee80211_num_beaconing_links().
Johannes Berg [Mon, 26 Feb 2024 19:34:06 +0000 (20:34 +0100)]
wifi: cfg80211: check A-MSDU format more carefully
If it looks like there's another subframe in the A-MSDU
but the header isn't fully there, we can end up reading
data out of bounds, only to discard later. Make this a
bit more careful and check if the subframe header can
even be present.
Takashi Iwai [Wed, 28 Feb 2024 16:38:37 +0000 (17:38 +0100)]
wifi: iwlwifi: Add missing MODULE_FIRMWARE() for *.pnvm
A few models require *.pnvm files while we don't declare them via
MODULE_FIRMWARE(). This resulted in the breakage of WiFi on the
system that relies on the information from modinfo (e.g. openSUSE
installer image).
This patch adds those missing MODULE_FIRMWARE() entries for *.pnvm
files.
We're currently tracking rx_nss for each station, and that
is meant to be initialized to the capability NSS and later
reduced by the operating mode notification NSS.
However, we're mixing up capabilities and operating mode
NSS in the same variable. This forces us to recalculate
the NSS capability on operating mode notification RX,
which is a bit strange; due to the previous fix I had to
never keep rx_nss as zero, it also means that the capa is
never taken into account properly.
Fix all this by storing the capability value, that can be
recalculated unconditionally whenever needed, and storing
the operating mode notification NSS separately, taking it
into account when assigning the final rx_nss value.
Johannes Berg [Fri, 1 Mar 2024 16:54:51 +0000 (17:54 +0100)]
wifi: mac80211: fix supported rate masking in scan
We have an nl80211 attribute to mask supported rates from
probe responses in scanning, e.g. for use in P2P, but in
the refactoring I stopped applying this mask. Restore it.
Johannes Berg [Fri, 1 Mar 2024 18:36:33 +0000 (19:36 +0100)]
wifi: mac80211: check link exists before use
If the assoc link doesn't exist yet at this point, we
cannot use it yet. This isn't normally the case, but
e.g. in case of FT-DS (or just broken userspace) the
link might not be set up yet and will only be created
later in this function. Check that the link exists.
Fixes: 310c8387c638 ("wifi: mac80211: clean up connection process") Reported-by: Dan Carpenter <dan.carpenter@linaro.org> Closes: https://lore.kernel.org/r/3151f5d0-c18f-413d-b34b-b94f095b947c@moroto.mountain Reviewed-by: Miriam Rachel Korenblit <miriam.rachel.korenblit@intel.com> Link: https://msgid.link/20240301193633.c886d300e90a.Ie1d5e23b2a033d934d343c37249f6f4dfddcc5fe@changeid Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Jeff Johnson [Fri, 23 Feb 2024 15:39:31 +0000 (07:39 -0800)]
wifi: ath11k: constify MHI channel and controller configs
Unlike the event configuration which can be modified by MHI, the
channel and controller configurations are expected to be const. And
since they are not modified locally, constify them to prevent runtime
modification.
Kang Yang [Fri, 23 Feb 2024 05:45:05 +0000 (13:45 +0800)]
wifi: ath12k: add rcu lock for ath12k_wmi_p2p_noa_event()
Warning will appear when running P2P GO:
WARNING: suspicious RCU usage
drivers/net/wireless/ath/ath12k/mac.c:583 suspicious rcu_dereference_check() usage!
other info that might help us debug this:
rcu_scheduler_active = 2, debug_locks = 1
no locks held by swapper/0/0.
stack backtrace:
CPU: 0 PID: 0 Comm: swapper/0 Not tainted 6.8.0-rc4-wt-ath+ #4
Call Trace:
<IRQ>
dump_stack_lvl+0x82/0xa0
dump_stack+0x14/0x20
lockdep_rcu_suspicious+0x214/0x3b0
ath12k_mac_get_ar_by_vdev_id+0x192/0x220 [ath12k]
ath12k_wmi_op_rx+0x2d7/0x1b40 [ath12k]
ath12k_mac_get_ar_by_vdev_id() requires its callers to have called
rcu_read_lock(), but in ath12k_wmi_p2p_noa_event() it is called without
doing so, and hence the warning was triggered.
Add rcu_read_lock() and rcu_read_unlock() to avoid warning.
Fixes: 9411eecb60cb ("wifi: ath12k: implement handling of P2P NoA event") Reported-by: Kalle Valo <quic_kvalo@quicinc.com> Closes: https://lore.kernel.org/linux-wireless/87o7cusyvw.fsf@kernel.org/ Signed-off-by: Kang Yang <quic_kangyang@quicinc.com> Acked-by: Jeff Johnson <quic_jjohnson@quicinc.com> Signed-off-by: Kalle Valo <quic_kvalo@quicinc.com> Link: https://msgid.link/20240223054505.438839-1-quic_kangyang@quicinc.com
Baochen Qiang [Fri, 23 Feb 2024 05:31:11 +0000 (13:31 +0800)]
wifi: ath11k: decrease MHI channel buffer length to 8KB
Currently buf_len field of ath11k_mhi_config_qca6390 is assigned
with 0, making MHI use a default size, 64KB, to allocate channel
buffers. This is likely to fail in some scenarios where system
memory is highly fragmented and memory compaction or reclaim is
not allowed.
Actually those buffers are used only by QMI target -> host communication.
And for WCN6855 and QCA6390, the largest packet size for that is less
than 6KB. So change buf_len field to 8KB, which results in order 1
allocation if page size is 4KB. In this way, we can at least save some
memory, and as well as decrease the possibility of allocation failure
in those scenarios.
Reported-by: Vlastimil Babka <vbabka@suse.cz> Closes: https://lore.kernel.org/ath11k/96481a45-3547-4d23-ad34-3a8f1d90c1cd@suse.cz/ Signed-off-by: Baochen Qiang <quic_bqiang@quicinc.com> Acked-by: Jeff Johnson <quic_jjohnson@quicinc.com> Signed-off-by: Kalle Valo <quic_kvalo@quicinc.com> Link: https://msgid.link/20240223053111.29170-1-quic_bqiang@quicinc.com
if (params.flags & HAL_SRNG_FLAGS_MSI_SWAP)
cmd->info1 |= HTT_SRNG_SETUP_CMD_INFO1_RING_FLAGS_MSI_SWAP;
(since info1 is fully initialized to start with), but in
a long chain of FIELD_PREP() this really seems fine.
However, it triggers a sparse warning, in the check in
the macro for whether a constant value fits into the mask,
as this contains a "& (_val)". In this case, this really
is always intentional, so just suppress the warning by
adding "0+" to the expression, indicating explicitly that
this is correct.
Johannes Berg [Fri, 23 Feb 2024 10:40:27 +0000 (11:40 +0100)]
wifi: zd1211rw: silence sparse warnings
This code wants to compare the obtained value, but as it also
has a special type for register addresses to find places doing
such compares and calculations wrong, we need explicit casts
here to silence sparse.
Johannes Berg [Fri, 23 Feb 2024 10:40:24 +0000 (11:40 +0100)]
wifi: brcmsmac: silence sparse warnings
sparse complains on this code about casts that lose bits
due to the usage of bitwise not, but really we do want
16 bits only, so clarify that by using masks.
Johannes Berg [Fri, 23 Feb 2024 10:40:23 +0000 (11:40 +0100)]
wifi: b43: silence sparse warnings
sparse complains on this code about casts that lose bits
due to the usage of bitwise not, but really we do want
16 bits only, so clarify that by using masks.
Alexey Berezhok [Thu, 22 Feb 2024 12:29:23 +0000 (15:29 +0300)]
wifi: brcmfmac: do not pass hidden SSID attribute as value directly
In brcmf_cfg80211_start_ap() do not assume that NL80211_HIDDEN_SSID_NOT_IN_USE
is zero but prefer an explicit check instead. Use local variable 'closednet'
to pass in function call and use for error message.
Compile tested only. Addition for the commit f20073f50dfd1 ("wifi: brcmfmac: do
not cast hidden SSID attribute value to boolean").
Chin-Yen Lee [Thu, 22 Feb 2024 06:42:58 +0000 (14:42 +0800)]
wifi: rtw89: pci: implement PCI CLK/ASPM/L1SS for WiFi 7 chips
PCI CLK/ASPM/L1SS is power management mechanism used to reduce power
consumption of PCI chip. The registers for setting of these features
in WiFi 7 Chip are different from WiFi 6 chip, so separate them
in generation information.
Adjust beamforming capabilities to accurately reflect the supported
EHT features by WiFi 7 chip 8922A. It includes 1) Unset EHT CQI
feedback and 16-subcarrier grouping. 2) Correct Beamformee SS value.
3) Enable partial and full bandwidth SU/MU feedback.
Add support for random serial number in probe request and
configure channel dwell time. Advertise corresponding feature flag
NL80211_EXT_FEATURE_SCAN_RANDOM_SN and NL80211_EXT_FEATURE_SET_SCAN_DWELL.
Use the scan request duration as channel dwell time when it is
non-zero, otherwise use the default value.
wifi: brcmfmac: fweh: Fix boot crash on Raspberry Pi 4
Fix boot crash on Raspberry Pi by moving the update to `event->datalen`
before data is copied into flexible-array member `data` via `memcpy()`.
Flexible-array member `data` was annotated with `__counted_by(datalen)`
in commit 62d19b358088 ("wifi: brcmfmac: fweh: Add __counted_by for
struct brcmf_fweh_queue_item and use struct_size()"). The intention of
this is to gain visibility into the size of `data` at run-time through
its _counter_ (in this case `datalen`), and with this have its accesses
bounds-checked at run-time via CONFIG_FORTIFY_SOURCE and
CONFIG_UBSAN_BOUNDS.
To effectively accomplish the above, we shall update the counter
(`datalen`), before the first access to the flexible array (`data`),
which was also done in the mentioned commit.
However, commit edec42821911 ("wifi: brcmfmac: allow per-vendor event
handling") inadvertently caused a buffer overflow, detected by
FORTIFY_SOURCE. It moved the `event->datalen = datalen;` update to after
the first `data` access, at which point `event->datalen` was not yet
updated from zero (after calling `kzalloc()`), leading to the overflow
issue.
This fix repositions the `event->datalen = datalen;` update before
accessing `data`, restoring the intended buffer overflow protection. :)
Fixes: edec42821911 ("wifi: brcmfmac: allow per-vendor event handling") Reported-by: Nathan Chancellor <nathan@kernel.org> Closes: https://gist.github.com/nathanchance/e22f681f3bfc467f15cdf6605021aaa6 Tested-by: Nathan Chancellor <nathan@kernel.org> Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org> Reviewed-by: Kees Cook <keescook@chromium.org> Acked-by: Arend van Spriel <arend.vanspriel@broadcom.com> Signed-off-by: Kalle Valo <kvalo@kernel.org> Link: https://msgid.link/Zc+3PFCUvLoVlpg8@neat
Kalle Valo [Fri, 23 Feb 2024 15:20:33 +0000 (17:20 +0200)]
wifi: ath11k: thermal: don't try to register multiple times
Every time the firmware boots we call ath11k_core_qmi_firmware_ready() which
ends up calling ath11k_thermal_register(). So we try to register thermal
devices multiple times. And when we power off the firmware during
suspend/hibernation (implemented in the next patch) we get a warning in resume:
hwmon hwmon4: PM: parent phy0 should not be sleeping
Workaround this similarly like ath11k_mac_register() does by testing
ATH11K_FLAG_REGISTERED.
Baochen Qiang [Fri, 23 Feb 2024 15:20:33 +0000 (17:20 +0200)]
wifi: ath11k: do not dump SRNG statistics during resume
Both the firmware reset feature and the power management
suspend/resume feature share common power-down and power-up
functionality. One aspect of the power-up functionality is
the handling of the ATH11K_QMI_EVENT_FW_INIT_DONE event.
When this event is received, a call is made to
ath11k_hal_dump_srng_stats(), with the purpose to collect
information that may be useful in debugging the cause of a
firmware reset.
Unfortunately, since this functionality is shared between
both the firmware reset path and the power management
resume path, the kernel log is flooded with messages during
resume. Since these messages are not useful during resume,
and in fact can be confusing and can increase the time it
takes to resume, update the logic to only call
ath11k_hal_dump_srng_stats() during firmware reset.
projects / thirdparty / kernel / linux.git / log
