When receiving SMP packets on a BR/EDR connection, then just drop
the packet and do not try to process it.
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The L2CAP raw sockets are only used for BR/EDR signalling. Packets
on LE links should not be forwarded there.
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The switch statement for the various L2CAP fixed channel handlers
is not really ordered.
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Changing the device class when BR/EDR is disabled has no visible
effect for remote devices. However to simplify the logic allow it
as long as the controller supports BR/EDR operations.
If it is not allowed, then the overall logic becomes rather
complicated since the class of device values would need clearing
or restoring when BR/EDR setting changes.
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Loading long term keys into a BR/EDR only controller make no sense.
The kernel would never use any of these keys. So instead of allowing
userspace to waste memory, reject such operation with a not supported
error message.
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Loading link keys into a LE only controller make no sense. The kernel
would never use any of these keys. So instead of allowing userspace
to waste memory, reject such operation with a not supported error
message.
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Setting the static address does not depend on LE beeing enabled. It
only depends on a controller with LE support.
When depending on LE enabled this command becomes really complicated
since in case LE gets disabled, it would be required to clear the
static address and also its random address representation inside
the controller. With future support for private addresses such
complex setup should be avoided.
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Only when BR/EDR is supported and enabled, allow changing of the SSP
setting. Just checking if the hardware supports SSP is not enough
since it might be the case that BR/EDR is disabled.
In the case that BR/EDR is disabled, but SSP supported by the
controller the not supported error message is now returned.
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The wrong type of L2CAP signalling packets on the wrong type of
either BR/EDR or LE links need to be dropped. When that happens
the packet is dropped, but the memory not freed. So actually
free the memory as well.
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
The Slave Page Response Timeout event indicates to the Host that a
slave page response timeout has occurred in the BR/EDR Controller.
The Core Spec Addendum 4 adds this command in part B Connectionless
Slave Broadcast.
Bluetooth Core Specification Addendum 4 - Page 110
"7.7.72 Slave Page Response Timeout Event [New Section]
...
Note: this event will be generated if the slave BR/EDR Controller
responds to a page but does not receive the master FHS packet
(see Baseband, Section 8.3.3) within pagerespTO.
Event Parameters: NONE"
Signed-off-by: Dohyun Pyun <dh79.pyun@samsung.com>
Signed-off-by: C S Bhargava <cs.bhargava@samsung.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
The Synchronization Train Complete event indicates that the Start
Synchronization Train command has completed.
The Core Spec Addendum 4 adds this command in part B Connectionless
Slave Broadcast.
Bluetooth Core Specification Addendum 4 - Page 103
"7.7.67 Synchronization Train Complete Event [New Section]
...
Event Parameters:
Status 0x00 Start Synchronization Train command completed
successfully.
0x01-0xFF Start Synchronization Train command failed.
See Part D, Error Codes, for error codes and
descriptions."
Signed-off-by: Dohyun Pyun <dh79.pyun@samsung.com>
Signed-off-by: C S Bhargava <cs.bhargava@samsung.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
The Start_Synchronization_Train command controls the Synchronization
Train functionality in the BR/EDR Controller.
The Core Spec Addendum 4 adds this command in part B Connectionless
Slave Broadcast.
Bluetooth Core Specification Addendum 4 - Page 86
"7.1.51 Start Synchronization Train Command [New Section]
...
If connectionless slave broadcast mode is not enabled, the Command
Disallowed (0x0C) error code shall be returned. After receiving this
command and returning a Command Status event, the Baseband starts
attempting to send synchronization train packets containing information
related to the enabled Connectionless Slave Broadcast packet timing.
Note: The AFH_Channel_Map used in the synchronization train packets is
configured by the Set_AFH_Channel_Classification command and the local
channel classification in the BR/EDR Controller.
The synchronization train packets will be sent using the parameters
specified by the latest Write_Synchronization_Train_Parameters command.
The Synchronization Train will continue until synchronization_trainTO
slots (as specified in the last Write_Synchronization_Train command)
have passed or until the Host disables the Connectionless Slave Broadcast
logical transport."
Signed-off-by: Dohyun Pyun <dh79.pyun@samsung.com>
Signed-off-by: C S Bhargava <cs.bhargava@samsung.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
he Set_Connectionless_Slave_Broadcast command controls the
Connectionless Slave Broadcast functionality in the BR/EDR
Controller.
The Core Spec Addendum 4 adds this command in part B Connectionless
Slave Broadcast.
Bluetooth Core Specification Addendum 4 - Page 78
"7.1.49 Set Connectionless Slave Broadcast Command [New Section]
...
The LT_ADDR indicated in the Set_Connectionless_Slave_Broadcast shall be
pre-allocated using the HCI_Set_Reserved_LT_ADDR command. If the
LT_ADDR has not been reserved, the Unknown Connection Identifier (0x02)
error code shall be returned. If the controller is unable to reserve
sufficient bandwidth for the requested activity, the Connection Rejected
Due to Limited Resources (0x0D) error code shall be returned.
The LPO_Allowed parameter informs the BR/EDR Controller whether it is
allowed to sleep.
The Packet_Type parameter specifies which packet types are allowed. The
Host shall either enable BR packet types only, or shall enable EDR and DM1
packet types only.
The Interval_Min and Interval_Max parameters specify the range from which
the BR/EDR Controller must select the Connectionless Slave Broadcast
Interval. The selected Interval is returned."
Signed-off-by: Dohyun Pyun <dh79.pyun@samsung.com>
Signed-off-by: C S Bhargava <cs.bhargava@samsung.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
The Write_Synchronization_Train_Parameters command configures
the Synchronization Train functionality in the BR/EDR Controller.
The Core Spec Addendum 4 adds this command in part B Connectionless
Slave Broadcast.
Bluetooth Core Specification Addendum 4 - Page 97
"7.3.90 Write Synchronization Train Parameters Command [New Section]
...
Note: The AFH_Channel_Map used in the Synchronization Train packets is
configured by the Set_AFH_Channel_Classification command and the local
channel classification in the BR/EDR Controller.
Interval_Min and Interval_Max specify the allowed range of
Sync_Train_Interval. Refer to [Vol. 2], Part B, section 2.7.2 for
a detailed description of Sync_Train_Interval. The BR/EDR Controller shall
select an interval from this range and return it in Sync_Train_Interval.
If the Controller is unable to select a value from this range, it shall
return the Invalid HCI Command Parameters (0x12) error code.
Once started (via the Start_Synchronization_Train Command) the
Synchronization Train will continue until synchronization_trainTO slots have
passed or Connectionless Slave Broadcast has been disabled."
Signed-off-by: Dohyun Pyun <dh79.pyun@samsung.com>
Signed-off-by: C S Bhargava <cs.bhargava@samsung.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
The Set_Connectionless_Slave_Broadcast_Data command provides the
ability for the Host to set Connectionless Slave Broadcast data in
the BR/EDR Controller.
The Core Spec Addendum 4 adds this command in part B Connectionless
Slave Broadcast.
Bluetooth Core Specification Addendum 4 - Page 93
"7.3.88 Set Connectionless Slave Broadcast Data Command [New Section]
...
If connectionless slave broadcast mode is disabled, this data shall be
kept by the BR/EDR Controller and used once connectionless slave broadcast
mode is enabled. If connectionless slave broadcast mode is enabled,
and this command is successful, this data will be sent starting with
the next Connectionless Slave Broadcast instant.
The Data_Length field may be zero, in which case no data needs to be
provided.
The Host may fragment the data using the Fragment field in the command. If
the combined length of the fragments exceeds the capacity of the largest
allowed packet size specified in the Set Connectionless Slave Broadcast
command, all fragments associated with the data being assembled shall be
discarded and the Invalid HCI Command Parameters error (0x12) shall be
returned."
Signed-off-by: Dohyun Pyun <dh79.pyun@samsung.com>
Signed-off-by: C S Bhargava <cs.bhargava@samsung.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
The Delete_Reserved_LT_ADDR command requests that the BR/EDR
Controller cancel the reservation for a specific LT_ADDR reserved for the
purposes of Connectionless Slave Broadcast.
The Core Spec Addendum 4 adds this command in part B Connectionless
Slave Broadcast.
Bluetooth Core Specification Addendum 4 - Page 92
"7.3.87 Delete Reserved LT_ADDR Command [New Section]
...
If the LT_ADDR indicated in the LT_ADDR parameter is not reserved by the
BR/EDR Controller, it shall return the Unknown Connection Identifier (0x02)
error code.
If connectionless slave broadcast mode is still active, then the Controller
shall return the Command Disallowed (0x0C) error code."
Signed-off-by: Dohyun Pyun <dh79.pyun@samsung.com>
Signed-off-by: C S Bhargava <cs.bhargava@samsung.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
The Set_Reserved_LT_ADDR command allows the host to request that the
BR/EDR Controller reserve a specific LT_ADDR for Connectionless Slave
Broadcast.
The Core Spec Addendum 4 adds this command in part B Connectionless
Slave Broadcast.
Bluetooth Core Specification Addendum 4 - Page 90
"7.3.86 Set Reserved LT_ADDR Command [New Section]
...
If the LT_ADDR indicated in the LT_ADDR parameter is already in use by the
BR/EDR Controller, it shall return the ACL Connection Already Exists (0x0B)
error code. If the LT_ADDR indicated in the LT_ADDR parameter is out of
range, the controller shall return the Invalid HCI Command Parameters (0x12)
error code. If the command succeeds, then the reserved LT_ADDR shall be
used when issuing subsequent Set Connectionless Slave Broadcast Data and
Set Connectionless Slave Broadcast commands.
To ensure that the reserved LT_ADDR is not already allocated, it is
recommended that this command be issued at some point after HCI_Reset is
issued but before page scanning is enabled or paging is initiated."
Signed-off-by: Dohyun Pyun <dh79.pyun@samsung.com>
Signed-off-by: C S Bhargava <cs.bhargava@samsung.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Limit the current implementation to a single channel context used by
a single vif, thereby avoiding multi-vif/channel complexities.
Reuse the main function from AP CSA code, but move a portion out in
order to fit the STA scenario.
Add a new mac80211 HW flag so we don't break devices that don't support
channel switch with channel-contexts. The new behavior will be opt-in.
Signed-off-by: Arik Nemtsov <arik@wizery.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
The driver core clears the driver data to NULL after device_release
or on probe failure. Thus, it is not needed to manually clear the
device driver data to NULL.
Signed-off-by: Jingoo Han <jg1.han@samsung.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
In RF KILL the init ucode is running, but don't complete
all its tasks, so we need to run the init ucode again.
Change the flag name to init_ucode_complete, to be more appropriate.
Signed-off-by: Eytan Lifshitz <eytan.lifshitz@intel.com>
Reviewed-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
The firmware API for IPv6 NDP/NS offload has changed again.
Implement support for the new API; this requires calculating
the solicited node address for each "target" address as it's
no longer ignored by the firmware.
Reviewed-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Rssi events were enabled on interfaces using 5.2GHz.
Interfaces on 5.2GHz were taken into account while
determining the ACK / CTS kill mask. Fix that.
The last rssi notified to BT Coex was reset every BT Coex
Notification. Since we get a lot of these notifications
from the firmware, we reset the rssi all the time which
means that the bt_rssi_event is called all the time.
Fix that by puting the rssi we pull upon BT Coex
notification into iwl_mvm_vif_bf_data.last_bt_coex_event
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
When we have only one antenna for BT and WiFi, reduced Tx
power is irrelevant.
Also, in loose scheme, we should not use reduced Tx power
nor set the control mask to Tx power.
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Some debugfs write() operations of the MVM Firmware will ignore the
count argument, and will copy more bytes than what was specified.
Fix this by getting the right count of bytes.
This will honor restrictions put on the number of bytes to write and
avoid strcmp() calls on garbage data.
Signed-off-by: Djalal Harouni <tixxdz@opendz.org>
Reviewed-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
mvm doesn't support HT GF so drop all relevant code in rs.
Signed-off-by: Eyal Shapira <eyal@wizery.com>
Reviewed-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Enable rs algorithm to use VHT rates and use 80Mhz.
This enables reaching VHT rates which wasn't possible.
Signed-off-by: Eyal Shapira <eyal@wizery.com>
Reviewed-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
The data in MailBox comes direclty from the BT core.
We should use the data processed by the WiFi fw that is
appended to the MailBox in the BT Coex notification.
Also decide on whether the Coex type based on the input
from the the firmware and not hard coded.
Also fix the SMPS SISO threshold to 2 (it was 3).
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
This was due to a fw remainder of old implementation.
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
This is the new API for BT Coex. The full functionality
will be implemented in further patches.
Note: this disables BT Coex for the currently existing
fw (-7 version).
There is also a new command - the channel inhibition command.
This command tells BT what channels to avoid in order to
minimise the interaction between BT and WiFi.
We can tell BT about 2 channels, primary and secondary.
BT will not tune to primary at all and will avoid secondary
as much as possible.
This also means that we need to track vifs that AP / GO.
So rename iwl_mvm_bt_coex_vif_assoc to
iwl_mvm_bt_coex_vif_change to better reflect its real
meaning.
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Add support for scheduled scan according to firmware support.
Signed-off-by: David Spinadel <david.spinadel@intel.com>
Reviewed-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
New FW doesn't use the SSID from scan request template. Adding
a TLV flag to indicate the change, and fixing the flows to send
the first SSID in SSID list if the flag is on.
Signed-off-by: David Spinadel <david.spinadel@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
We want to dump the SRAM when we have an error interrupt
from the device. This happens in non-sleepable context,
hence the change.
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
VHT introduces MCS8 and MCS9. Update the expected tpt tables
to include these. Previous expected values for 20/40 MHz
are incorrect in certain cases so fix these as well.
Signed-off-by: Eyal Shapira <eyal@wizery.com>
Tested-by: Efi Tubul <efi.tubul@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Current code didn't handle well the case where we're in SISO using
ANT B and there's a BT load. Switch to ANT A in this case.
Signed-off-by: Eyal Shapira <eyal@wizery.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Newer firmware don't clean the RFKILL interrupt in APMG, do
it in driver instead.
If we forget to do so, we can't send HCMD to firmware while
the NIC is in RFKILL state.
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Add support for new station management firmware API. The old
ADD_MODIFY_STA command has been replaced with two: a modified
ADD_MODIFY_STA and a new ADD_MODIFY_STA_KEY command.
Signed-off-by: Max Stepanov <Max.Stepanov@intel.com>
Reviewed-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Adjust the following:
- RX/TX AP-to-PSM timeout in case of uAPSD and PBW snoozing
- PSM-to-AM TX/RX heavy traffic thresholds
- Beacon abort escape timer for D3/D0i3
Signed-off-by: Alexander Bondar <alexander.bondar@intel.com>
Reviewed-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
This will deadlock due to commit 9f34783863bea806
("iwlwifi: mvm: Implement BT coex notifications"):
=============================================
[ INFO: possible recursive locking detected ]
3.5.0 #10 Tainted: G W O
---------------------------------------------
kworker/2:1/5214 is trying to acquire lock:
(&mvm->mutex){+.+.+.}, at: [<ffffffffa03be23e>] iwl_mvm_bt_rssi_event+0x5e/0x210 [iwlmvm]
but task is already holding lock:
(&mvm->mutex){+.+.+.}, at: [<ffffffffa03ab2d9>] iwl_mvm_async_handlers_wk+0x49/0x120 [iwlmvm]
other info that might help us debug this:
Possible unsafe locking scenario:
CPU0
----
lock(&mvm->mutex);
lock(&mvm->mutex);
*** DEADLOCK ***
Change-Id: I9104f252b34676e2f7ffcd51166f95367e08a4d9
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Reviewed-on: https://gerrit.rds.intel.com/21887
Reviewed-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Tested-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Conflicts:
drivers/net/wireless/iwlwifi/mvm/bt-coex.c
Use beacon statistics notification handler
to notify bt coex about rssi changes.
Mac80211's mechanism is not used anymore.
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Reviewed-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
When firmware restart happens, the timers are obviously reset and
the new firmware has no synchronisation with the AP as we program
timings to the pre-restart values. The firmware should attempt to
synchronise by itself, but in multi-channel scenarios this isn't
easy, particularly since it has to try to keep service quality up
for other MACs.
To make it more reliable, give each client MAC some time to catch
beacons when restarting or resuming. Service quality was impacted
anyway (or in resume doesn't really matter much.)
Reviewed-by: Moshe Island <moshe.island@intel.com>
Reviewed-by: Ilan Peer <ilan.peer@intel.com>
Reviewed-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
The XXX_SWITCH_ANTENNA1/2 actions keep track of switching between
3 single antennas or between 3 pairs in case of MIMO2 on a MIMO3 device.
As current and future chips will have at most 2 antennas drop these.
While at it also convert the actions into enums and cleanup
the code a bit.
Signed-off-by: Eyal Shapira <eyal@wizery.com>
Reviewed-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Newer firmware fixed a bug that prevented to use CTS to
self. Firmwares with API greater than 8 have this bug
fixed. Enable the feature for these firmwares only.
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Add an option to set rx antennas for the scan command from debugfs.
Create a file called ant_rxchain in the mvm debugfs directory.
To choose antennas, write a number between 1-7 to ant_rxchain.
Write 1 for A, 2 for B, 3 for AB and so on.
Signed-off-by: Oren Givon <oren.givon@intel.com>
Reviewed-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Instead of keeping track of the non-QoS seqno for each station,
query the firmware when suspending, that's more efficient. As
this can fail, move the station ID mangling later in the code.
Reviewed-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Add a testmode command to (manually) disable (and re-enable)
beacon filtering for testing purposes.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
For testing, implement setting continuous NoA duration
using a new MVM-specific testmode command.
Signed-off-by: David Spinadel <david.spinadel@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
The merge b35c8097 seems to have lost commit eabc4ac5d,
put the code back.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
This patch increments the management interface revision due to the
various fixes, improvements and other changes that have gone in
lately.
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Marcel Holtmann