Jonas Jelonek [Mon, 9 May 2022 17:39:58 +0000 (19:39 +0200)]
mac80211: minstrel_ht: support ieee80211_rate_status
This patch adds support for the new struct ieee80211_rate_status and its
annotation in struct ieee80211_tx_status in minstrel_ht.
In minstrel_ht_tx_status, a check for the presence of instances of the
new struct in ieee80211_tx_status is added. Based on this, minstrel_ht
then gets and updates internal rate stats with either struct
ieee80211_rate_status or ieee80211_tx_info->status.rates.
Adjusted variants of minstrel_ht_txstat_valid, minstrel_ht_get_stats,
minstrel_{ht/vht}_get_group_idx are added which use struct
ieee80211_rate_status and struct rate_info instead of the legacy structs.
struct rate_info from cfg80211.h does not provide whether short preamble
was used for the transmission. So we retrieve this information from VIF
and STA configuration and cache it in a new flag in struct minstrel_ht_sta
per rate control instance.
Compile-Tested: current wireless-next tree with all flags on
Tested-on: Xiaomi 4A Gigabit (MediaTek MT7603E, MT7612E) with OpenWrt
Linux 5.10.113
Jonas Jelonek [Mon, 9 May 2022 17:39:57 +0000 (19:39 +0200)]
mac80211: extend current rate control tx status API
This patch adds the new struct ieee80211_rate_status and replaces
'struct rate_info *rate' in ieee80211_tx_status with pointer and length
annotation.
The struct ieee80211_rate_status allows to:
(1) receive tx power status feedback for transmit power control (TPC)
per packet or packet retry
(2) dynamic mapping of wifi chip specific multi-rate retry (mrr)
chains with different lengths
(3) increase the limit of annotatable rate indices to support
IEEE802.11ac rate sets and beyond
ieee80211_tx_info, control and status buffer, and ieee80211_tx_rate
cannot be used to achieve these goals due to fixed size limitations.
Our new struct contains a struct rate_info to annotate the rate that was
used, retry count of the rate and tx power. It is intended for all
information related to RC and TPC that needs to be passed from driver to
mac80211 and its RC/TPC algorithms like Minstrel_HT. It corresponds to
one stage in an mrr. Multiple subsequent instances of this struct can be
included in struct ieee80211_tx_status via a pointer and a length variable.
Those instances can be allocated on-stack. The former reference to a single
instance of struct rate_info is replaced with our new annotation.
An extension is introduced to struct ieee80211_hw. There are two new
members called 'tx_power_levels' and 'max_txpwr_levels_idx' acting as a
tx power level table. When a wifi device is registered, the driver shall
supply all supported power levels in this list. This allows to support
several quirks like differing power steps in power level ranges or
alike. TPC can use this for algorithm and thus be designed more abstract
instead of handling all possible step widths individually.
Further mandatory changes in status.c, mt76 and ath11k drivers due to the
removal of 'struct rate_info *rate' are also included.
status.c already uses the information in ieee80211_tx_status->rate in
radiotap, this is now changed to use ieee80211_rate_status->rate_idx.
mt76 driver already uses struct rate_info to pass the tx rate to status
path. The new members of the ieee80211_tx_status are set to NULL and 0
because the previously passed rate is not relevant to rate control and
accurate information is passed via tx_info->status.rates.
For ath11k, the txrate can be passed via this struct because ath11k uses
firmware RC and thus the information does not interfere with software RC.
Compile-Tested: current wireless-next tree with all flags on
Tested-on: Xiaomi 4A Gigabit (MediaTek MT7603E, MT7612E) with OpenWrt
Linux 5.10.113
mac80211: disable BSS color collision detection in case of no free colors
AP may run out of BSS color after color collision
detection event from driver.
Disable BSS color collision detection if no free colors are
available based on bss color disabled bit sent as a part of
NL80211_ATTR_HE_BSS_COLOR attribute sent in
NL80211_CMD_SET_BEACON.
nl80211: Parse NL80211_ATTR_HE_BSS_COLOR as a part of nl80211_parse_beacon
NL80211_ATTR_HE_BSS_COLOR attribute can be included in both
NL80211_CMD_START_AP and NL80211_CMD_SET_BEACON commands.
Move he_bss_color from cfg80211_ap_settings to cfg80211_beacon_data
and parse NL80211_ATTR_HE_BSS_COLOR as a part of nl80211_parse_beacon()
to have bss color settings parsed for both start ap and set beacon
commands.
Add a new flag he_bss_color_valid to indicate whether
NL80211_ATTR_HE_BSS_COLOR attribute is included.
We currently track whether we're associated and which the
BSS is in the same variable (ifmgd->associated), but for
MLD we'll need to move the BSS pointer to be per link,
while the question whether we're associated or not is for
the whole interface.
Add ifmgd->assoc_bss that stores the pointer and change
ifmgd->associated to be just a bool, so the question of
whether we're associated can continue working after MLD
rework, without requiring changes, while the BSS pointer
will have to be changed/used checked per link.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Fri, 13 May 2022 13:48:06 +0000 (15:48 +0200)]
mac80211: mlme: use local SSID copy
There's no need to look it up from the ifmgd->associated
BSS configuration, we already maintain a local copy since
commit b0140fda626e ("mac80211: mlme: save ssid info to
ieee80211_bss_conf while assoc").
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Fri, 13 May 2022 13:48:05 +0000 (15:48 +0200)]
mac80211: use ifmgd->bssid instead of ifmgd->associated->bssid
Since we always track the BSSID there when we get associated,
these are equivalent, but ifmgd->bssid saves a dereference and
thus makes the code a bit smaller, and more readable.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Fri, 6 May 2022 08:51:52 +0000 (10:51 +0200)]
mac80211: unify CCMP/GCMP AAD construction
Ping-Ke's previous patch adjusted the CCMP AAD construction
to properly take the order bit into account, but failed to
update the (identical) GCMP AAD construction as well.
Deren Wu [Wed, 11 May 2022 23:06:36 +0000 (07:06 +0800)]
mt76: mt7921: add ipv6 NS offload support
Add ipv6 NS offload for WoWLAN state.
Tested in this way:
1. Put device-A into WoW state.
2. ping6 from device-B to device-A.
3. In sniffer, see Neighbour advertisement from device-A.
Reviewed-by: Sean Wang <sean.wang@mediatek.com> Signed-off-by: Deren Wu <deren.wu@mediatek.com> Signed-off-by: Ming Yen Hsieh <mingyen.hsieh@mediatek.com> Signed-off-by: Felix Fietkau <nbd@nbd.name>
Felix Fietkau [Thu, 6 Jan 2022 12:22:28 +0000 (13:22 +0100)]
mt76: add support for overriding the device used for DMA mapping
WED support requires using non-coherent DMA, whereas the PCI device might
be configured for coherent DMA.
The WED driver will take care of changing the PCI HIF coherent IO setting
on attach.
Ryder Lee [Thu, 5 May 2022 07:08:35 +0000 (15:08 +0800)]
mt76: mt7915: introduce mt7915_mac_severe_check()
In rare cases, TRB pointers might be out of sync leads to RMAC stopping
Rx that requires minimal recovery, so add this helper to periodically
check TRB status.
Tested-by: Chad Monroe <chad.monroe@smartrg.com> Signed-off-by: Ryder Lee <ryder.lee@mediatek.com> Signed-off-by: Felix Fietkau <nbd@nbd.name>
Peter Chiu [Thu, 5 May 2022 08:25:54 +0000 (16:25 +0800)]
mt76: mt7915: limit minimum twt duration
The minimum twt duration supported by mt7915 is 64 according to hardware
design. Reply station with TWT_SETUP_CMD_DICTATE if min_twt_dur smaller
than 64.
Signed-off-by: Peter Chiu <chui-hao.chiu@mediatek.com> Signed-off-by: Felix Fietkau <nbd@nbd.name>
Lorenzo Bianconi [Fri, 29 Apr 2022 11:55:56 +0000 (13:55 +0200)]
mt76: mt7915: configure soc clocks in mt7986_wmac_init
Configure mt7986 wmac soc clocks in mt7986_wmac_init routine.
Tested-by: Peter Chiu <chui-hao.chiu@mediatek.com> Co-developed-by: Peter Chiu <chui-hao.chiu@mediatek.com> Signed-off-by: Peter Chiu <chui-hao.chiu@mediatek.com> Signed-off-by: Lorenzo Bianconi <lorenzo@kernel.org> Signed-off-by: Felix Fietkau <nbd@nbd.name>
Felix Fietkau [Sat, 23 Apr 2022 05:01:18 +0000 (07:01 +0200)]
mt76: fix tx status related use-after-free race on station removal
There is a small race window where ongoing tx activity can lead to a skb
getting added to the status tracking idr after that idr has already been
cleaned up, which will keep the wcid linked in the status poll list.
Fix this by only adding status skbs if the wcid pointer is still assigned
in dev->wcid, which gets cleared early by mt76_sta_pre_rcu_remove
Fixes: bd1e3e7b693c ("mt76: introduce packet_id idr") Tested-by: Ben Greear <greearb@candelatech.com> Signed-off-by: Felix Fietkau <nbd@nbd.name>
Felix Fietkau [Wed, 20 Apr 2022 12:29:00 +0000 (14:29 +0200)]
mt76: fix encap offload ethernet type check
The driver needs to check if the format is 802.2 vs 802.3 in order to set
a tx descriptor flag. skb->protocol can't be used, since it may not be properly
initialized for packets coming in from a packet socket.
Fix misdetection by checking the ethertype from the skb data instead
Reported-by: Thibaut VARÈNE <hacks+kernel@slashdirt.org> Signed-off-by: Felix Fietkau <nbd@nbd.name>
Bo Jiao [Wed, 20 Apr 2022 07:11:44 +0000 (15:11 +0800)]
mt76: mt7915: disable RX_HDR_TRANS_SHORT
This patch disables RX_TRANS_SHORT to make MDP to do header translation
when payload less than 8 bytes, hence the (QoS) null data can be encapsulated
to 802.3 format. However, WDS requires (QoS) null data in 802.11 format
to created vlan AP interfaces.
Signed-off-by: Ryder Lee <ryder.lee@mediatek.com> Signed-off-by: lian.chen <lian.chen@mediatek.com> Signed-off-by: Sujuan Chen <sujuan.chen@mediatek.com> Signed-off-by: Bo Jiao <Bo.Jiao@mediatek.com> Signed-off-by: Felix Fietkau <nbd@nbd.name>
mt76: mt7915: add debugfs knob for RF registers read/write
Add RF registers read/write support for debugging RF issues, which
should be processed by mcu commands.
The index of rf registers use the generic regidx, and are combined
with two parts: WF selection [31:28] and offset [27:0].
Reviewed-by: Ryder Lee <ryder.lee@mediatek.com> Signed-off-by: Peter Chiu <chui-hao.chiu@mediatek.com> Signed-off-by: Shayne Chen <shayne.chen@mediatek.com> Signed-off-by: Felix Fietkau <nbd@nbd.name>
Sean Wang [Thu, 14 Apr 2022 22:56:05 +0000 (06:56 +0800)]
mt76: mt7921: fix kernel crash at mt7921_pci_remove
The crash log shown it is possible that mt7921_irq_handler is called while
devm_free_irq is being handled so mt76_free_device need to be postponed
until devm_free_irq is completed to solve the crash we free the mt76 device
too early.
Colin Ian King [Thu, 14 Apr 2022 09:54:38 +0000 (10:54 +0100)]
mt76: mt7921: make read-only array ppet16_ppet8_ru3_ru0 static const
Don't populate the read-only array ppet16_ppet8_ru3_ru0 on the stack but
instead make it static const. Also makes the object code a little smaller.
Reviewed-by: AngeloGioacchino Del Regno <angelogioacchino.delregno@collabora.com> Signed-off-by: Colin Ian King <colin.i.king@gmail.com> Signed-off-by: Felix Fietkau <nbd@nbd.name>
Colin Ian King [Thu, 14 Apr 2022 09:50:07 +0000 (10:50 +0100)]
mt76: mt7915: make read-only array ppet16_ppet8_ru3_ru0 static const
Don't populate the read-only array ppet16_ppet8_ru3_ru0 on the stack but
instead make it static const. Also makes the object code a little smaller.
Reviewed-by: AngeloGioacchino Del Regno <angelogioacchino.delregno@collabora.com> Signed-off-by: Colin Ian King <colin.i.king@gmail.com> Signed-off-by: Felix Fietkau <nbd@nbd.name>
Felix Fietkau [Wed, 20 Apr 2022 10:27:18 +0000 (12:27 +0200)]
mt76: fix rx reordering with non explicit / psmp ack policy
When the QoS ack policy was set to non explicit / psmp ack, frames are treated
as not being part of a BA session, which causes extra latency on reordering.
Fix this by only bypassing reordering for packets with no-ack policy
Sean Wang [Wed, 6 Apr 2022 18:29:14 +0000 (02:29 +0800)]
mt76: mt7921: Add AP mode support
add AP mode support to mt7921 that can work for mt7921[e,s,u]
with the common code.
Tested-by: Deren Wu <deren.wu@mediatek.com> Tested-by: Lorenzo Bianconi <lorenzo@kernel.org> Signed-off-by: Sean Wang <sean.wang@mediatek.com> Signed-off-by: Felix Fietkau <nbd@nbd.name>
Lorenzo Bianconi [Mon, 4 Apr 2022 17:28:02 +0000 (19:28 +0200)]
mt76: mt7915: use 0xff to initialize bitrate_mask in mt7915_init_bitrate_mask
Use 0xff (GENMASK(7,0)) in mt7915_init_bitrate_mask routine in order to
initialize bitrate_mask structure in order to avoid truncating value in
memset().
Signed-off-by: Lorenzo Bianconi <lorenzo@kernel.org> Signed-off-by: Felix Fietkau <nbd@nbd.name>
Lorenzo Bianconi [Mon, 4 Apr 2022 08:23:15 +0000 (10:23 +0200)]
mt76: mt7915: fix possible NULL pointer dereference in mt7915_mac_fill_rx_vector
Fix possible NULL pointer dereference in mt7915_mac_fill_rx_vector
routine if the chip does not support dbdc and the hw reports band_idx
set to 1.
Fixes: 78fc30a21cf11 ("mt76: mt7915: move testmode data from dev to phy") Signed-off-by: Lorenzo Bianconi <lorenzo@kernel.org> Signed-off-by: Felix Fietkau <nbd@nbd.name>
Lorenzo Bianconi [Mon, 4 Apr 2022 08:08:10 +0000 (10:08 +0200)]
mt76: mt7915: fix possible uninitialized pointer dereference in mt7986_wmac_gpio_setup
Add default case for type switch in mt7986_wmac_gpio_setup routine in
order to avoid a possible uninitialized pointer dereference.
Fixes: 99ad32a4ca3a2 ("mt76: mt7915: add support for MT7986") Signed-off-by: Lorenzo Bianconi <lorenzo@kernel.org> Signed-off-by: Felix Fietkau <nbd@nbd.name>
mt76: mt7921: Fix the error handling path of mt7921_pci_probe()
In case of error, some resources must be freed, as already done above and
below the devm_kmemdup() and __mt7921e_mcu_drv_pmctrl() calls added in the
commit in Fixes:.
Fixes: 602cc0c9618a ("mt76: mt7921e: fix possible probe failure after reboot") Signed-off-by: Christophe JAILLET <christophe.jaillet@wanadoo.fr> Signed-off-by: Felix Fietkau <nbd@nbd.name>
Lorenzo Bianconi [Thu, 17 Mar 2022 17:08:35 +0000 (18:08 +0100)]
mt76: mt7921: honor pm user configuration in mt7921_sniffer_interface_iter
Honor runtime-pm user configuration in mt7921_sniffer_interface_iter
routine if we do not have a monitor interface.
Fixes: 1f12fa34e5dc5 ("mt76: mt7921: don't enable beacon filter when IEEE80211_CONF_CHANGE_MONITOR is set") Signed-off-by: Lorenzo Bianconi <lorenzo@kernel.org> Signed-off-by: Felix Fietkau <nbd@nbd.name>
Felix Fietkau [Fri, 25 Mar 2022 21:01:43 +0000 (22:01 +0100)]
mt76: fix use-after-free by removing a non-RCU wcid pointer
Fixes an issue caught by KASAN about use-after-free in mt76_txq_schedule
by protecting mtxq->wcid with rcu_lock between mt76_txq_schedule and
sta_info_[alloc, free].
[18853.876689] ==================================================================
[18853.876751] BUG: KASAN: use-after-free in mt76_txq_schedule+0x204/0xaf8 [mt76]
[18853.876773] Read of size 8 at addr ffffffaf989a2138 by task mt76-tx phy0/883
[18853.876786]
[18853.876810] CPU: 5 PID: 883 Comm: mt76-tx phy0 Not tainted 5.10.100-fix-510-56778d365941-kasan #5 0b01fbbcf41a530f52043508fec2e31a4215
Jaehee Park [Fri, 6 May 2022 17:00:46 +0000 (13:00 -0400)]
wfx: use container_of() to get vif
Currently, upon virtual interface creation, wfx_add_interface() stores
a reference to the corresponding struct ieee80211_vif in private data,
for later usage. This is not needed when using the container_of
construct. This construct already has all the info it needs to retrieve
the reference to the corresponding struct from the offset that is
already available, inherent in container_of(), between its type and
member inputs (struct ieee80211_vif and drv_priv, respectively).
Remove vif (which was previously storing the reference to the struct
ieee80211_vif) from the struct wfx_vif, define a function
wvif_to_vif(wvif) for container_of(), and replace all wvif->vif with
the newly defined container_of construct.
Ajay Singh [Wed, 4 May 2022 16:19:27 +0000 (16:19 +0000)]
wilc1000: add valid vmm_entry check before fetching from TX queue
'vmm_table' array contains the size of data buffer length including host
header length. In 'vmm_table' array, the Zero value means the end of
vmm_entries that needs to transfer to firmware which is calculated based on
VMM free size in firmware.
Use 'vmm_table' valid entry check before fetching the entry from TX queue to
only copy valid number of entries to avoid possible NULL pointer exception
observed sometimes during large file transfers.
Ajay Singh [Wed, 4 May 2022 16:19:26 +0000 (16:19 +0000)]
wilc1000: fix crash observed in AP mode with cfg80211_register_netdevice()
Monitor(mon.) interface is used for handling the AP mode and 'ieee80211_ptr'
reference is not getting set for it. Like earlier implementation,
use register_netdevice() instead of cfg80211_register_netdevice() which
expects valid 'ieee80211_ptr' reference to avoid the possible crash.
Ajay Singh [Wed, 4 May 2022 16:19:25 +0000 (16:19 +0000)]
wilc1000: use fixed function base register value to access SDIO_FBR_ENABLE_CSA
The function number was not correct(reset to 0) when host resumes from
suspend state. Use hardcoded value in function base information
register(FBR base address) to re-initialize correctly on host resume.
Ajay Singh [Wed, 4 May 2022 16:19:25 +0000 (16:19 +0000)]
wilc1000: increase firmware version array size
Increase firmware version array size to hold complete version information.
The firmware commit id(Build:) information is also part of the firmware
version string.
Firmware version format:
WILC_WIFI_FW_REL_XX_XX Build: XXXXX
Felix Fietkau [Wed, 20 Apr 2022 10:49:07 +0000 (12:49 +0200)]
mac80211: upgrade passive scan to active scan on DFS channels after beacon rx
In client mode, we can't connect to hidden SSID APs or SSIDs not advertised
in beacons on DFS channels, since we're forced to passive scan. Fix this by
sending out a probe request immediately after the first beacon, if active
scan was requested by the user.
Ping-Ke Shih [Thu, 24 Mar 2022 00:48:16 +0000 (08:48 +0800)]
mac80211: consider Order bit to fill CCMP AAD
Follow IEEE 802.11-21 that HTC subfield masked to 0 for all data frames
containing a QoS Control field. It also defines the AAD length depends on
QC and A4 fields, so change logic to determine length accordingly.
Johannes Berg [Thu, 14 Apr 2022 12:04:03 +0000 (14:04 +0200)]
nl80211: rework internal_flags usage
Since internal_flags is only 8 bits, we can only have one
more internal flag. However, we can obviously never use all
of possible the combinations, in fact, we only use 14 of
them (including no flags).
Since we want more flags for MLO (multi-link operation) in
the future, refactor the code to use a flags selector, so
wrap all of the .internal_flags assignments in a IFLAGS()
macro which selects the combination according to the pre-
defined list of combinations.
When we need a new combination, we'll have to add it, but
again we will never use all possible combinations.
Johannes Berg [Thu, 14 Apr 2022 12:04:02 +0000 (14:04 +0200)]
nl80211: don't hold RTNL in color change request
It's not necessary to hold the RTNL across color change
requests, since all the inner locking needs only the
wiphy mutex which we already hold as well.
Johannes Berg [Tue, 12 Apr 2022 20:09:59 +0000 (22:09 +0200)]
cfg80211: remove cfg80211_get_chan_state()
We haven't used this function for years, since commit c781944b71f8
("cfg80211: Remove unused cfg80211_can_use_iftype_chan()") which
itself removed a function unused since commit 97dc94f1d933
("cfg80211: remove channel_switch combination check"), almost eight
years ago.
Also remove the now unused enum cfg80211_chan_mode and some struct
members that were only used for this function.
Ping-Ke Shih [Tue, 3 May 2022 12:00:01 +0000 (20:00 +0800)]
rtw89: 8852c: add 8852ce to Makefile and Kconfig
This initial vesion is usable now. It can support STA, AP and monitor
modes, so we can add 8852ce to Kconfig and Makefile.
We are still working on some features, such as deep power save, and BT
coexistence. But, this version still can have a good WiFi-only performance
already, and will continue to fine tune power consumption.
Ping-Ke Shih [Tue, 3 May 2022 11:59:57 +0000 (19:59 +0800)]
rtw89: ps: fine tune polling interval while changing low power mode
By experiments, it spends ~45/1090~2480us to enter/leave low power mode,
so the old polling interval 1000us can waste time. Use smaller polling
interval depends on experimental results to reduce the time to transition
state.
projects / users / jedix / linux-maple.git / log