sta.c revision 013290aa46689a97447ef93c7058436315e476d7
1/****************************************************************************** 2 * 3 * This file is provided under a dual BSD/GPLv2 license. When using or 4 * redistributing this file, you may do so under either license. 5 * 6 * GPL LICENSE SUMMARY 7 * 8 * Copyright(c) 2012 - 2014 Intel Corporation. All rights reserved. 9 * Copyright(c) 2013 - 2014 Intel Mobile Communications GmbH 10 * 11 * This program is free software; you can redistribute it and/or modify 12 * it under the terms of version 2 of the GNU General Public License as 13 * published by the Free Software Foundation. 14 * 15 * This program is distributed in the hope that it will be useful, but 16 * WITHOUT ANY WARRANTY; without even the implied warranty of 17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 18 * General Public License for more details. 19 * 20 * You should have received a copy of the GNU General Public License 21 * along with this program; if not, write to the Free Software 22 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110, 23 * USA 24 * 25 * The full GNU General Public License is included in this distribution 26 * in the file called COPYING. 27 * 28 * Contact Information: 29 * Intel Linux Wireless <ilw@linux.intel.com> 30 * Intel Corporation, 5200 N.E. Elam Young Parkway, Hillsboro, OR 97124-6497 31 * 32 * BSD LICENSE 33 * 34 * Copyright(c) 2012 - 2014 Intel Corporation. All rights reserved. 35 * Copyright(c) 2013 - 2014 Intel Mobile Communications GmbH 36 * All rights reserved. 37 * 38 * Redistribution and use in source and binary forms, with or without 39 * modification, are permitted provided that the following conditions 40 * are met: 41 * 42 * * Redistributions of source code must retain the above copyright 43 * notice, this list of conditions and the following disclaimer. 44 * * Redistributions in binary form must reproduce the above copyright 45 * notice, this list of conditions and the following disclaimer in 46 * the documentation and/or other materials provided with the 47 * distribution. 48 * * Neither the name Intel Corporation nor the names of its 49 * contributors may be used to endorse or promote products derived 50 * from this software without specific prior written permission. 51 * 52 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 53 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 54 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 55 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 56 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 57 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 58 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 59 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 60 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 61 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 62 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 63 * 64 *****************************************************************************/ 65#include <net/mac80211.h> 66 67#include "mvm.h" 68#include "sta.h" 69#include "rs.h" 70 71static int iwl_mvm_find_free_sta_id(struct iwl_mvm *mvm, 72 enum nl80211_iftype iftype) 73{ 74 int sta_id; 75 u32 reserved_ids = 0; 76 77 BUILD_BUG_ON(IWL_MVM_STATION_COUNT > 32); 78 WARN_ON_ONCE(test_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status)); 79 80 lockdep_assert_held(&mvm->mutex); 81 82 /* d0i3/d3 assumes the AP's sta_id (of sta vif) is 0. reserve it. */ 83 if (iftype != NL80211_IFTYPE_STATION) 84 reserved_ids = BIT(0); 85 86 /* Don't take rcu_read_lock() since we are protected by mvm->mutex */ 87 for (sta_id = 0; sta_id < IWL_MVM_STATION_COUNT; sta_id++) { 88 if (BIT(sta_id) & reserved_ids) 89 continue; 90 91 if (!rcu_dereference_protected(mvm->fw_id_to_mac_id[sta_id], 92 lockdep_is_held(&mvm->mutex))) 93 return sta_id; 94 } 95 return IWL_MVM_STATION_COUNT; 96} 97 98/* send station add/update command to firmware */ 99int iwl_mvm_sta_send_to_fw(struct iwl_mvm *mvm, struct ieee80211_sta *sta, 100 bool update) 101{ 102 struct iwl_mvm_sta *mvm_sta = (void *)sta->drv_priv; 103 struct iwl_mvm_add_sta_cmd add_sta_cmd = { 104 .sta_id = mvm_sta->sta_id, 105 .mac_id_n_color = cpu_to_le32(mvm_sta->mac_id_n_color), 106 .add_modify = update ? 1 : 0, 107 .station_flags_msk = cpu_to_le32(STA_FLG_FAT_EN_MSK | 108 STA_FLG_MIMO_EN_MSK), 109 }; 110 int ret; 111 u32 status; 112 u32 agg_size = 0, mpdu_dens = 0; 113 114 if (!update) { 115 add_sta_cmd.tfd_queue_msk = cpu_to_le32(mvm_sta->tfd_queue_msk); 116 memcpy(&add_sta_cmd.addr, sta->addr, ETH_ALEN); 117 } 118 119 switch (sta->bandwidth) { 120 case IEEE80211_STA_RX_BW_160: 121 add_sta_cmd.station_flags |= cpu_to_le32(STA_FLG_FAT_EN_160MHZ); 122 /* fall through */ 123 case IEEE80211_STA_RX_BW_80: 124 add_sta_cmd.station_flags |= cpu_to_le32(STA_FLG_FAT_EN_80MHZ); 125 /* fall through */ 126 case IEEE80211_STA_RX_BW_40: 127 add_sta_cmd.station_flags |= cpu_to_le32(STA_FLG_FAT_EN_40MHZ); 128 /* fall through */ 129 case IEEE80211_STA_RX_BW_20: 130 if (sta->ht_cap.ht_supported) 131 add_sta_cmd.station_flags |= 132 cpu_to_le32(STA_FLG_FAT_EN_20MHZ); 133 break; 134 } 135 136 switch (sta->rx_nss) { 137 case 1: 138 add_sta_cmd.station_flags |= cpu_to_le32(STA_FLG_MIMO_EN_SISO); 139 break; 140 case 2: 141 add_sta_cmd.station_flags |= cpu_to_le32(STA_FLG_MIMO_EN_MIMO2); 142 break; 143 case 3 ... 8: 144 add_sta_cmd.station_flags |= cpu_to_le32(STA_FLG_MIMO_EN_MIMO3); 145 break; 146 } 147 148 switch (sta->smps_mode) { 149 case IEEE80211_SMPS_AUTOMATIC: 150 case IEEE80211_SMPS_NUM_MODES: 151 WARN_ON(1); 152 break; 153 case IEEE80211_SMPS_STATIC: 154 /* override NSS */ 155 add_sta_cmd.station_flags &= ~cpu_to_le32(STA_FLG_MIMO_EN_MSK); 156 add_sta_cmd.station_flags |= cpu_to_le32(STA_FLG_MIMO_EN_SISO); 157 break; 158 case IEEE80211_SMPS_DYNAMIC: 159 add_sta_cmd.station_flags |= cpu_to_le32(STA_FLG_RTS_MIMO_PROT); 160 break; 161 case IEEE80211_SMPS_OFF: 162 /* nothing */ 163 break; 164 } 165 166 if (sta->ht_cap.ht_supported) { 167 add_sta_cmd.station_flags_msk |= 168 cpu_to_le32(STA_FLG_MAX_AGG_SIZE_MSK | 169 STA_FLG_AGG_MPDU_DENS_MSK); 170 171 mpdu_dens = sta->ht_cap.ampdu_density; 172 } 173 174 if (sta->vht_cap.vht_supported) { 175 agg_size = sta->vht_cap.cap & 176 IEEE80211_VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MASK; 177 agg_size >>= 178 IEEE80211_VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_SHIFT; 179 } else if (sta->ht_cap.ht_supported) { 180 agg_size = sta->ht_cap.ampdu_factor; 181 } 182 183 add_sta_cmd.station_flags |= 184 cpu_to_le32(agg_size << STA_FLG_MAX_AGG_SIZE_SHIFT); 185 add_sta_cmd.station_flags |= 186 cpu_to_le32(mpdu_dens << STA_FLG_AGG_MPDU_DENS_SHIFT); 187 188 status = ADD_STA_SUCCESS; 189 ret = iwl_mvm_send_cmd_pdu_status(mvm, ADD_STA, sizeof(add_sta_cmd), 190 &add_sta_cmd, &status); 191 if (ret) 192 return ret; 193 194 switch (status) { 195 case ADD_STA_SUCCESS: 196 IWL_DEBUG_ASSOC(mvm, "ADD_STA PASSED\n"); 197 break; 198 default: 199 ret = -EIO; 200 IWL_ERR(mvm, "ADD_STA failed\n"); 201 break; 202 } 203 204 return ret; 205} 206 207int iwl_mvm_add_sta(struct iwl_mvm *mvm, 208 struct ieee80211_vif *vif, 209 struct ieee80211_sta *sta) 210{ 211 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 212 struct iwl_mvm_sta *mvm_sta = (void *)sta->drv_priv; 213 int i, ret, sta_id; 214 215 lockdep_assert_held(&mvm->mutex); 216 217 if (!test_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status)) 218 sta_id = iwl_mvm_find_free_sta_id(mvm, 219 ieee80211_vif_type_p2p(vif)); 220 else 221 sta_id = mvm_sta->sta_id; 222 223 if (WARN_ON_ONCE(sta_id == IWL_MVM_STATION_COUNT)) 224 return -ENOSPC; 225 226 spin_lock_init(&mvm_sta->lock); 227 228 mvm_sta->sta_id = sta_id; 229 mvm_sta->mac_id_n_color = FW_CMD_ID_AND_COLOR(mvmvif->id, 230 mvmvif->color); 231 mvm_sta->vif = vif; 232 mvm_sta->max_agg_bufsize = LINK_QUAL_AGG_FRAME_LIMIT_DEF; 233 mvm_sta->tx_protection = 0; 234 mvm_sta->tt_tx_protection = false; 235 236 /* HW restart, don't assume the memory has been zeroed */ 237 atomic_set(&mvm->pending_frames[sta_id], 0); 238 mvm_sta->tid_disable_agg = 0; 239 mvm_sta->tfd_queue_msk = 0; 240 for (i = 0; i < IEEE80211_NUM_ACS; i++) 241 if (vif->hw_queue[i] != IEEE80211_INVAL_HW_QUEUE) 242 mvm_sta->tfd_queue_msk |= BIT(vif->hw_queue[i]); 243 244 /* for HW restart - reset everything but the sequence number */ 245 for (i = 0; i < IWL_MAX_TID_COUNT; i++) { 246 u16 seq = mvm_sta->tid_data[i].seq_number; 247 memset(&mvm_sta->tid_data[i], 0, sizeof(mvm_sta->tid_data[i])); 248 mvm_sta->tid_data[i].seq_number = seq; 249 } 250 251 ret = iwl_mvm_sta_send_to_fw(mvm, sta, false); 252 if (ret) 253 return ret; 254 255 if (vif->type == NL80211_IFTYPE_STATION) { 256 if (!sta->tdls) { 257 WARN_ON(mvmvif->ap_sta_id != IWL_MVM_STATION_COUNT); 258 mvmvif->ap_sta_id = sta_id; 259 } else { 260 WARN_ON(mvmvif->ap_sta_id == IWL_MVM_STATION_COUNT); 261 } 262 } 263 264 rcu_assign_pointer(mvm->fw_id_to_mac_id[sta_id], sta); 265 266 return 0; 267} 268 269int iwl_mvm_update_sta(struct iwl_mvm *mvm, 270 struct ieee80211_vif *vif, 271 struct ieee80211_sta *sta) 272{ 273 return iwl_mvm_sta_send_to_fw(mvm, sta, true); 274} 275 276int iwl_mvm_drain_sta(struct iwl_mvm *mvm, struct iwl_mvm_sta *mvmsta, 277 bool drain) 278{ 279 struct iwl_mvm_add_sta_cmd cmd = {}; 280 int ret; 281 u32 status; 282 283 lockdep_assert_held(&mvm->mutex); 284 285 cmd.mac_id_n_color = cpu_to_le32(mvmsta->mac_id_n_color); 286 cmd.sta_id = mvmsta->sta_id; 287 cmd.add_modify = STA_MODE_MODIFY; 288 cmd.station_flags = drain ? cpu_to_le32(STA_FLG_DRAIN_FLOW) : 0; 289 cmd.station_flags_msk = cpu_to_le32(STA_FLG_DRAIN_FLOW); 290 291 status = ADD_STA_SUCCESS; 292 ret = iwl_mvm_send_cmd_pdu_status(mvm, ADD_STA, sizeof(cmd), 293 &cmd, &status); 294 if (ret) 295 return ret; 296 297 switch (status) { 298 case ADD_STA_SUCCESS: 299 IWL_DEBUG_INFO(mvm, "Frames for staid %d will drained in fw\n", 300 mvmsta->sta_id); 301 break; 302 default: 303 ret = -EIO; 304 IWL_ERR(mvm, "Couldn't drain frames for staid %d\n", 305 mvmsta->sta_id); 306 break; 307 } 308 309 return ret; 310} 311 312/* 313 * Remove a station from the FW table. Before sending the command to remove 314 * the station validate that the station is indeed known to the driver (sanity 315 * only). 316 */ 317static int iwl_mvm_rm_sta_common(struct iwl_mvm *mvm, u8 sta_id) 318{ 319 struct ieee80211_sta *sta; 320 struct iwl_mvm_rm_sta_cmd rm_sta_cmd = { 321 .sta_id = sta_id, 322 }; 323 int ret; 324 325 sta = rcu_dereference_protected(mvm->fw_id_to_mac_id[sta_id], 326 lockdep_is_held(&mvm->mutex)); 327 328 /* Note: internal stations are marked as error values */ 329 if (!sta) { 330 IWL_ERR(mvm, "Invalid station id\n"); 331 return -EINVAL; 332 } 333 334 ret = iwl_mvm_send_cmd_pdu(mvm, REMOVE_STA, 0, 335 sizeof(rm_sta_cmd), &rm_sta_cmd); 336 if (ret) { 337 IWL_ERR(mvm, "Failed to remove station. Id=%d\n", sta_id); 338 return ret; 339 } 340 341 return 0; 342} 343 344void iwl_mvm_sta_drained_wk(struct work_struct *wk) 345{ 346 struct iwl_mvm *mvm = container_of(wk, struct iwl_mvm, sta_drained_wk); 347 u8 sta_id; 348 349 /* 350 * The mutex is needed because of the SYNC cmd, but not only: if the 351 * work would run concurrently with iwl_mvm_rm_sta, it would run before 352 * iwl_mvm_rm_sta sets the station as busy, and exit. Then 353 * iwl_mvm_rm_sta would set the station as busy, and nobody will clean 354 * that later. 355 */ 356 mutex_lock(&mvm->mutex); 357 358 for_each_set_bit(sta_id, mvm->sta_drained, IWL_MVM_STATION_COUNT) { 359 int ret; 360 struct ieee80211_sta *sta = 361 rcu_dereference_protected(mvm->fw_id_to_mac_id[sta_id], 362 lockdep_is_held(&mvm->mutex)); 363 364 /* 365 * This station is in use or RCU-removed; the latter happens in 366 * managed mode, where mac80211 removes the station before we 367 * can remove it from firmware (we can only do that after the 368 * MAC is marked unassociated), and possibly while the deauth 369 * frame to disconnect from the AP is still queued. Then, the 370 * station pointer is -ENOENT when the last skb is reclaimed. 371 */ 372 if (!IS_ERR(sta) || PTR_ERR(sta) == -ENOENT) 373 continue; 374 375 if (PTR_ERR(sta) == -EINVAL) { 376 IWL_ERR(mvm, "Drained sta %d, but it is internal?\n", 377 sta_id); 378 continue; 379 } 380 381 if (!sta) { 382 IWL_ERR(mvm, "Drained sta %d, but it was NULL?\n", 383 sta_id); 384 continue; 385 } 386 387 WARN_ON(PTR_ERR(sta) != -EBUSY); 388 /* This station was removed and we waited until it got drained, 389 * we can now proceed and remove it. 390 */ 391 ret = iwl_mvm_rm_sta_common(mvm, sta_id); 392 if (ret) { 393 IWL_ERR(mvm, 394 "Couldn't remove sta %d after it was drained\n", 395 sta_id); 396 continue; 397 } 398 RCU_INIT_POINTER(mvm->fw_id_to_mac_id[sta_id], NULL); 399 clear_bit(sta_id, mvm->sta_drained); 400 } 401 402 mutex_unlock(&mvm->mutex); 403} 404 405int iwl_mvm_rm_sta(struct iwl_mvm *mvm, 406 struct ieee80211_vif *vif, 407 struct ieee80211_sta *sta) 408{ 409 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 410 struct iwl_mvm_sta *mvm_sta = (void *)sta->drv_priv; 411 int ret; 412 413 lockdep_assert_held(&mvm->mutex); 414 415 if (vif->type == NL80211_IFTYPE_STATION && 416 mvmvif->ap_sta_id == mvm_sta->sta_id) { 417 /* flush its queues here since we are freeing mvm_sta */ 418 ret = iwl_mvm_flush_tx_path(mvm, mvm_sta->tfd_queue_msk, true); 419 420 /* if we are associated - we can't remove the AP STA now */ 421 if (vif->bss_conf.assoc) 422 return ret; 423 424 /* unassoc - go ahead - remove the AP STA now */ 425 mvmvif->ap_sta_id = IWL_MVM_STATION_COUNT; 426 427 /* clear d0i3_ap_sta_id if no longer relevant */ 428 if (mvm->d0i3_ap_sta_id == mvm_sta->sta_id) 429 mvm->d0i3_ap_sta_id = IWL_MVM_STATION_COUNT; 430 } 431 432 /* 433 * Make sure that the tx response code sees the station as -EBUSY and 434 * calls the drain worker. 435 */ 436 spin_lock_bh(&mvm_sta->lock); 437 /* 438 * There are frames pending on the AC queues for this station. 439 * We need to wait until all the frames are drained... 440 */ 441 if (atomic_read(&mvm->pending_frames[mvm_sta->sta_id])) { 442 rcu_assign_pointer(mvm->fw_id_to_mac_id[mvm_sta->sta_id], 443 ERR_PTR(-EBUSY)); 444 spin_unlock_bh(&mvm_sta->lock); 445 ret = iwl_mvm_drain_sta(mvm, mvm_sta, true); 446 } else { 447 spin_unlock_bh(&mvm_sta->lock); 448 ret = iwl_mvm_rm_sta_common(mvm, mvm_sta->sta_id); 449 RCU_INIT_POINTER(mvm->fw_id_to_mac_id[mvm_sta->sta_id], NULL); 450 } 451 452 return ret; 453} 454 455int iwl_mvm_rm_sta_id(struct iwl_mvm *mvm, 456 struct ieee80211_vif *vif, 457 u8 sta_id) 458{ 459 int ret = iwl_mvm_rm_sta_common(mvm, sta_id); 460 461 lockdep_assert_held(&mvm->mutex); 462 463 RCU_INIT_POINTER(mvm->fw_id_to_mac_id[sta_id], NULL); 464 return ret; 465} 466 467int iwl_mvm_allocate_int_sta(struct iwl_mvm *mvm, struct iwl_mvm_int_sta *sta, 468 u32 qmask, enum nl80211_iftype iftype) 469{ 470 if (!test_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status)) { 471 sta->sta_id = iwl_mvm_find_free_sta_id(mvm, iftype); 472 if (WARN_ON_ONCE(sta->sta_id == IWL_MVM_STATION_COUNT)) 473 return -ENOSPC; 474 } 475 476 sta->tfd_queue_msk = qmask; 477 478 /* put a non-NULL value so iterating over the stations won't stop */ 479 rcu_assign_pointer(mvm->fw_id_to_mac_id[sta->sta_id], ERR_PTR(-EINVAL)); 480 return 0; 481} 482 483void iwl_mvm_dealloc_int_sta(struct iwl_mvm *mvm, struct iwl_mvm_int_sta *sta) 484{ 485 RCU_INIT_POINTER(mvm->fw_id_to_mac_id[sta->sta_id], NULL); 486 memset(sta, 0, sizeof(struct iwl_mvm_int_sta)); 487 sta->sta_id = IWL_MVM_STATION_COUNT; 488} 489 490static int iwl_mvm_add_int_sta_common(struct iwl_mvm *mvm, 491 struct iwl_mvm_int_sta *sta, 492 const u8 *addr, 493 u16 mac_id, u16 color) 494{ 495 struct iwl_mvm_add_sta_cmd cmd; 496 int ret; 497 u32 status; 498 499 lockdep_assert_held(&mvm->mutex); 500 501 memset(&cmd, 0, sizeof(cmd)); 502 cmd.sta_id = sta->sta_id; 503 cmd.mac_id_n_color = cpu_to_le32(FW_CMD_ID_AND_COLOR(mac_id, 504 color)); 505 506 cmd.tfd_queue_msk = cpu_to_le32(sta->tfd_queue_msk); 507 508 if (addr) 509 memcpy(cmd.addr, addr, ETH_ALEN); 510 511 ret = iwl_mvm_send_cmd_pdu_status(mvm, ADD_STA, sizeof(cmd), 512 &cmd, &status); 513 if (ret) 514 return ret; 515 516 switch (status) { 517 case ADD_STA_SUCCESS: 518 IWL_DEBUG_INFO(mvm, "Internal station added.\n"); 519 return 0; 520 default: 521 ret = -EIO; 522 IWL_ERR(mvm, "Add internal station failed, status=0x%x\n", 523 status); 524 break; 525 } 526 return ret; 527} 528 529int iwl_mvm_add_aux_sta(struct iwl_mvm *mvm) 530{ 531 int ret; 532 533 lockdep_assert_held(&mvm->mutex); 534 535 /* Map Aux queue to fifo - needs to happen before adding Aux station */ 536 iwl_trans_ac_txq_enable(mvm->trans, mvm->aux_queue, 537 IWL_MVM_TX_FIFO_MCAST); 538 539 /* Allocate aux station and assign to it the aux queue */ 540 ret = iwl_mvm_allocate_int_sta(mvm, &mvm->aux_sta, BIT(mvm->aux_queue), 541 NL80211_IFTYPE_UNSPECIFIED); 542 if (ret) 543 return ret; 544 545 ret = iwl_mvm_add_int_sta_common(mvm, &mvm->aux_sta, NULL, 546 MAC_INDEX_AUX, 0); 547 548 if (ret) 549 iwl_mvm_dealloc_int_sta(mvm, &mvm->aux_sta); 550 return ret; 551} 552 553/* 554 * Send the add station command for the vif's broadcast station. 555 * Assumes that the station was already allocated. 556 * 557 * @mvm: the mvm component 558 * @vif: the interface to which the broadcast station is added 559 * @bsta: the broadcast station to add. 560 */ 561int iwl_mvm_send_add_bcast_sta(struct iwl_mvm *mvm, struct ieee80211_vif *vif) 562{ 563 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 564 struct iwl_mvm_int_sta *bsta = &mvmvif->bcast_sta; 565 static const u8 _baddr[] = {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}; 566 const u8 *baddr = _baddr; 567 568 lockdep_assert_held(&mvm->mutex); 569 570 if (vif->type == NL80211_IFTYPE_ADHOC) 571 baddr = vif->bss_conf.bssid; 572 573 if (WARN_ON_ONCE(bsta->sta_id == IWL_MVM_STATION_COUNT)) 574 return -ENOSPC; 575 576 return iwl_mvm_add_int_sta_common(mvm, bsta, baddr, 577 mvmvif->id, mvmvif->color); 578} 579 580/* Send the FW a request to remove the station from it's internal data 581 * structures, but DO NOT remove the entry from the local data structures. */ 582int iwl_mvm_send_rm_bcast_sta(struct iwl_mvm *mvm, struct ieee80211_vif *vif) 583{ 584 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 585 int ret; 586 587 lockdep_assert_held(&mvm->mutex); 588 589 ret = iwl_mvm_rm_sta_common(mvm, mvmvif->bcast_sta.sta_id); 590 if (ret) 591 IWL_WARN(mvm, "Failed sending remove station\n"); 592 return ret; 593} 594 595int iwl_mvm_alloc_bcast_sta(struct iwl_mvm *mvm, struct ieee80211_vif *vif) 596{ 597 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 598 u32 qmask; 599 600 lockdep_assert_held(&mvm->mutex); 601 602 qmask = iwl_mvm_mac_get_queues_mask(mvm, vif); 603 604 /* 605 * The firmware defines the TFD queue mask to only be relevant 606 * for *unicast* queues, so the multicast (CAB) queue shouldn't 607 * be included. 608 */ 609 if (vif->type == NL80211_IFTYPE_AP) 610 qmask &= ~BIT(vif->cab_queue); 611 612 return iwl_mvm_allocate_int_sta(mvm, &mvmvif->bcast_sta, qmask, 613 ieee80211_vif_type_p2p(vif)); 614} 615 616/* Allocate a new station entry for the broadcast station to the given vif, 617 * and send it to the FW. 618 * Note that each P2P mac should have its own broadcast station. 619 * 620 * @mvm: the mvm component 621 * @vif: the interface to which the broadcast station is added 622 * @bsta: the broadcast station to add. */ 623int iwl_mvm_add_bcast_sta(struct iwl_mvm *mvm, struct ieee80211_vif *vif) 624{ 625 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 626 struct iwl_mvm_int_sta *bsta = &mvmvif->bcast_sta; 627 int ret; 628 629 lockdep_assert_held(&mvm->mutex); 630 631 ret = iwl_mvm_alloc_bcast_sta(mvm, vif); 632 if (ret) 633 return ret; 634 635 ret = iwl_mvm_send_add_bcast_sta(mvm, vif); 636 637 if (ret) 638 iwl_mvm_dealloc_int_sta(mvm, bsta); 639 640 return ret; 641} 642 643void iwl_mvm_dealloc_bcast_sta(struct iwl_mvm *mvm, struct ieee80211_vif *vif) 644{ 645 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 646 647 iwl_mvm_dealloc_int_sta(mvm, &mvmvif->bcast_sta); 648} 649 650/* 651 * Send the FW a request to remove the station from it's internal data 652 * structures, and in addition remove it from the local data structure. 653 */ 654int iwl_mvm_rm_bcast_sta(struct iwl_mvm *mvm, struct ieee80211_vif *vif) 655{ 656 int ret; 657 658 lockdep_assert_held(&mvm->mutex); 659 660 ret = iwl_mvm_send_rm_bcast_sta(mvm, vif); 661 662 iwl_mvm_dealloc_bcast_sta(mvm, vif); 663 664 return ret; 665} 666 667#define IWL_MAX_RX_BA_SESSIONS 16 668 669int iwl_mvm_sta_rx_agg(struct iwl_mvm *mvm, struct ieee80211_sta *sta, 670 int tid, u16 ssn, bool start) 671{ 672 struct iwl_mvm_sta *mvm_sta = (void *)sta->drv_priv; 673 struct iwl_mvm_add_sta_cmd cmd = {}; 674 int ret; 675 u32 status; 676 677 lockdep_assert_held(&mvm->mutex); 678 679 if (start && mvm->rx_ba_sessions >= IWL_MAX_RX_BA_SESSIONS) { 680 IWL_WARN(mvm, "Not enough RX BA SESSIONS\n"); 681 return -ENOSPC; 682 } 683 684 cmd.mac_id_n_color = cpu_to_le32(mvm_sta->mac_id_n_color); 685 cmd.sta_id = mvm_sta->sta_id; 686 cmd.add_modify = STA_MODE_MODIFY; 687 if (start) { 688 cmd.add_immediate_ba_tid = (u8) tid; 689 cmd.add_immediate_ba_ssn = cpu_to_le16(ssn); 690 } else { 691 cmd.remove_immediate_ba_tid = (u8) tid; 692 } 693 cmd.modify_mask = start ? STA_MODIFY_ADD_BA_TID : 694 STA_MODIFY_REMOVE_BA_TID; 695 696 status = ADD_STA_SUCCESS; 697 ret = iwl_mvm_send_cmd_pdu_status(mvm, ADD_STA, sizeof(cmd), 698 &cmd, &status); 699 if (ret) 700 return ret; 701 702 switch (status) { 703 case ADD_STA_SUCCESS: 704 IWL_DEBUG_INFO(mvm, "RX BA Session %sed in fw\n", 705 start ? "start" : "stopp"); 706 break; 707 case ADD_STA_IMMEDIATE_BA_FAILURE: 708 IWL_WARN(mvm, "RX BA Session refused by fw\n"); 709 ret = -ENOSPC; 710 break; 711 default: 712 ret = -EIO; 713 IWL_ERR(mvm, "RX BA Session failed %sing, status 0x%x\n", 714 start ? "start" : "stopp", status); 715 break; 716 } 717 718 if (!ret) { 719 if (start) 720 mvm->rx_ba_sessions++; 721 else if (mvm->rx_ba_sessions > 0) 722 /* check that restart flow didn't zero the counter */ 723 mvm->rx_ba_sessions--; 724 } 725 726 return ret; 727} 728 729static int iwl_mvm_sta_tx_agg(struct iwl_mvm *mvm, struct ieee80211_sta *sta, 730 int tid, u8 queue, bool start) 731{ 732 struct iwl_mvm_sta *mvm_sta = (void *)sta->drv_priv; 733 struct iwl_mvm_add_sta_cmd cmd = {}; 734 int ret; 735 u32 status; 736 737 lockdep_assert_held(&mvm->mutex); 738 739 if (start) { 740 mvm_sta->tfd_queue_msk |= BIT(queue); 741 mvm_sta->tid_disable_agg &= ~BIT(tid); 742 } else { 743 mvm_sta->tfd_queue_msk &= ~BIT(queue); 744 mvm_sta->tid_disable_agg |= BIT(tid); 745 } 746 747 cmd.mac_id_n_color = cpu_to_le32(mvm_sta->mac_id_n_color); 748 cmd.sta_id = mvm_sta->sta_id; 749 cmd.add_modify = STA_MODE_MODIFY; 750 cmd.modify_mask = STA_MODIFY_QUEUES | STA_MODIFY_TID_DISABLE_TX; 751 cmd.tfd_queue_msk = cpu_to_le32(mvm_sta->tfd_queue_msk); 752 cmd.tid_disable_tx = cpu_to_le16(mvm_sta->tid_disable_agg); 753 754 status = ADD_STA_SUCCESS; 755 ret = iwl_mvm_send_cmd_pdu_status(mvm, ADD_STA, sizeof(cmd), 756 &cmd, &status); 757 if (ret) 758 return ret; 759 760 switch (status) { 761 case ADD_STA_SUCCESS: 762 break; 763 default: 764 ret = -EIO; 765 IWL_ERR(mvm, "TX BA Session failed %sing, status 0x%x\n", 766 start ? "start" : "stopp", status); 767 break; 768 } 769 770 return ret; 771} 772 773const u8 tid_to_mac80211_ac[] = { 774 IEEE80211_AC_BE, 775 IEEE80211_AC_BK, 776 IEEE80211_AC_BK, 777 IEEE80211_AC_BE, 778 IEEE80211_AC_VI, 779 IEEE80211_AC_VI, 780 IEEE80211_AC_VO, 781 IEEE80211_AC_VO, 782}; 783 784static const u8 tid_to_ucode_ac[] = { 785 AC_BE, 786 AC_BK, 787 AC_BK, 788 AC_BE, 789 AC_VI, 790 AC_VI, 791 AC_VO, 792 AC_VO, 793}; 794 795int iwl_mvm_sta_tx_agg_start(struct iwl_mvm *mvm, struct ieee80211_vif *vif, 796 struct ieee80211_sta *sta, u16 tid, u16 *ssn) 797{ 798 struct iwl_mvm_sta *mvmsta = iwl_mvm_sta_from_mac80211(sta); 799 struct iwl_mvm_tid_data *tid_data; 800 int txq_id; 801 802 if (WARN_ON_ONCE(tid >= IWL_MAX_TID_COUNT)) 803 return -EINVAL; 804 805 if (mvmsta->tid_data[tid].state != IWL_AGG_OFF) { 806 IWL_ERR(mvm, "Start AGG when state is not IWL_AGG_OFF %d!\n", 807 mvmsta->tid_data[tid].state); 808 return -ENXIO; 809 } 810 811 lockdep_assert_held(&mvm->mutex); 812 813 for (txq_id = mvm->first_agg_queue; 814 txq_id <= mvm->last_agg_queue; txq_id++) 815 if (mvm->queue_to_mac80211[txq_id] == 816 IWL_INVALID_MAC80211_QUEUE) 817 break; 818 819 if (txq_id > mvm->last_agg_queue) { 820 IWL_ERR(mvm, "Failed to allocate agg queue\n"); 821 return -EIO; 822 } 823 824 spin_lock_bh(&mvmsta->lock); 825 826 /* possible race condition - we entered D0i3 while starting agg */ 827 if (test_bit(IWL_MVM_STATUS_IN_D0I3, &mvm->status)) { 828 spin_unlock_bh(&mvmsta->lock); 829 IWL_ERR(mvm, "Entered D0i3 while starting Tx agg\n"); 830 return -EIO; 831 } 832 833 /* the new tx queue is still connected to the same mac80211 queue */ 834 mvm->queue_to_mac80211[txq_id] = vif->hw_queue[tid_to_mac80211_ac[tid]]; 835 836 tid_data = &mvmsta->tid_data[tid]; 837 tid_data->ssn = IEEE80211_SEQ_TO_SN(tid_data->seq_number); 838 tid_data->txq_id = txq_id; 839 *ssn = tid_data->ssn; 840 841 IWL_DEBUG_TX_QUEUES(mvm, 842 "Start AGG: sta %d tid %d queue %d - ssn = %d, next_recl = %d\n", 843 mvmsta->sta_id, tid, txq_id, tid_data->ssn, 844 tid_data->next_reclaimed); 845 846 if (tid_data->ssn == tid_data->next_reclaimed) { 847 tid_data->state = IWL_AGG_STARTING; 848 ieee80211_start_tx_ba_cb_irqsafe(vif, sta->addr, tid); 849 } else { 850 tid_data->state = IWL_EMPTYING_HW_QUEUE_ADDBA; 851 } 852 853 spin_unlock_bh(&mvmsta->lock); 854 855 return 0; 856} 857 858int iwl_mvm_sta_tx_agg_oper(struct iwl_mvm *mvm, struct ieee80211_vif *vif, 859 struct ieee80211_sta *sta, u16 tid, u8 buf_size) 860{ 861 struct iwl_mvm_sta *mvmsta = iwl_mvm_sta_from_mac80211(sta); 862 struct iwl_mvm_tid_data *tid_data = &mvmsta->tid_data[tid]; 863 int queue, fifo, ret; 864 u16 ssn; 865 866 buf_size = min_t(int, buf_size, LINK_QUAL_AGG_FRAME_LIMIT_DEF); 867 868 spin_lock_bh(&mvmsta->lock); 869 ssn = tid_data->ssn; 870 queue = tid_data->txq_id; 871 tid_data->state = IWL_AGG_ON; 872 tid_data->ssn = 0xffff; 873 spin_unlock_bh(&mvmsta->lock); 874 875 fifo = iwl_mvm_ac_to_tx_fifo[tid_to_mac80211_ac[tid]]; 876 877 ret = iwl_mvm_sta_tx_agg(mvm, sta, tid, queue, true); 878 if (ret) 879 return -EIO; 880 881 iwl_trans_txq_enable(mvm->trans, queue, fifo, mvmsta->sta_id, tid, 882 buf_size, ssn); 883 884 /* 885 * Even though in theory the peer could have different 886 * aggregation reorder buffer sizes for different sessions, 887 * our ucode doesn't allow for that and has a global limit 888 * for each station. Therefore, use the minimum of all the 889 * aggregation sessions and our default value. 890 */ 891 mvmsta->max_agg_bufsize = 892 min(mvmsta->max_agg_bufsize, buf_size); 893 mvmsta->lq_sta.lq.agg_frame_cnt_limit = mvmsta->max_agg_bufsize; 894 895 IWL_DEBUG_HT(mvm, "Tx aggregation enabled on ra = %pM tid = %d\n", 896 sta->addr, tid); 897 898 return iwl_mvm_send_lq_cmd(mvm, &mvmsta->lq_sta.lq, false); 899} 900 901int iwl_mvm_sta_tx_agg_stop(struct iwl_mvm *mvm, struct ieee80211_vif *vif, 902 struct ieee80211_sta *sta, u16 tid) 903{ 904 struct iwl_mvm_sta *mvmsta = iwl_mvm_sta_from_mac80211(sta); 905 struct iwl_mvm_tid_data *tid_data = &mvmsta->tid_data[tid]; 906 u16 txq_id; 907 int err; 908 909 910 /* 911 * If mac80211 is cleaning its state, then say that we finished since 912 * our state has been cleared anyway. 913 */ 914 if (test_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status)) { 915 ieee80211_stop_tx_ba_cb_irqsafe(vif, sta->addr, tid); 916 return 0; 917 } 918 919 spin_lock_bh(&mvmsta->lock); 920 921 txq_id = tid_data->txq_id; 922 923 IWL_DEBUG_TX_QUEUES(mvm, "Stop AGG: sta %d tid %d q %d state %d\n", 924 mvmsta->sta_id, tid, txq_id, tid_data->state); 925 926 switch (tid_data->state) { 927 case IWL_AGG_ON: 928 tid_data->ssn = IEEE80211_SEQ_TO_SN(tid_data->seq_number); 929 930 IWL_DEBUG_TX_QUEUES(mvm, 931 "ssn = %d, next_recl = %d\n", 932 tid_data->ssn, tid_data->next_reclaimed); 933 934 /* There are still packets for this RA / TID in the HW */ 935 if (tid_data->ssn != tid_data->next_reclaimed) { 936 tid_data->state = IWL_EMPTYING_HW_QUEUE_DELBA; 937 err = 0; 938 break; 939 } 940 941 tid_data->ssn = 0xffff; 942 iwl_trans_txq_disable(mvm->trans, txq_id, true); 943 /* fall through */ 944 case IWL_AGG_STARTING: 945 case IWL_EMPTYING_HW_QUEUE_ADDBA: 946 /* 947 * The agg session has been stopped before it was set up. This 948 * can happen when the AddBA timer times out for example. 949 */ 950 951 /* No barriers since we are under mutex */ 952 lockdep_assert_held(&mvm->mutex); 953 mvm->queue_to_mac80211[txq_id] = IWL_INVALID_MAC80211_QUEUE; 954 955 ieee80211_stop_tx_ba_cb_irqsafe(vif, sta->addr, tid); 956 tid_data->state = IWL_AGG_OFF; 957 err = 0; 958 break; 959 default: 960 IWL_ERR(mvm, 961 "Stopping AGG while state not ON or starting for %d on %d (%d)\n", 962 mvmsta->sta_id, tid, tid_data->state); 963 IWL_ERR(mvm, 964 "\ttid_data->txq_id = %d\n", tid_data->txq_id); 965 err = -EINVAL; 966 } 967 968 spin_unlock_bh(&mvmsta->lock); 969 970 return err; 971} 972 973int iwl_mvm_sta_tx_agg_flush(struct iwl_mvm *mvm, struct ieee80211_vif *vif, 974 struct ieee80211_sta *sta, u16 tid) 975{ 976 struct iwl_mvm_sta *mvmsta = iwl_mvm_sta_from_mac80211(sta); 977 struct iwl_mvm_tid_data *tid_data = &mvmsta->tid_data[tid]; 978 u16 txq_id; 979 enum iwl_mvm_agg_state old_state; 980 981 /* 982 * First set the agg state to OFF to avoid calling 983 * ieee80211_stop_tx_ba_cb in iwl_mvm_check_ratid_empty. 984 */ 985 spin_lock_bh(&mvmsta->lock); 986 txq_id = tid_data->txq_id; 987 IWL_DEBUG_TX_QUEUES(mvm, "Flush AGG: sta %d tid %d q %d state %d\n", 988 mvmsta->sta_id, tid, txq_id, tid_data->state); 989 old_state = tid_data->state; 990 tid_data->state = IWL_AGG_OFF; 991 spin_unlock_bh(&mvmsta->lock); 992 993 if (old_state >= IWL_AGG_ON) { 994 if (iwl_mvm_flush_tx_path(mvm, BIT(txq_id), true)) 995 IWL_ERR(mvm, "Couldn't flush the AGG queue\n"); 996 997 iwl_trans_txq_disable(mvm->trans, tid_data->txq_id, true); 998 } 999 1000 mvm->queue_to_mac80211[tid_data->txq_id] = 1001 IWL_INVALID_MAC80211_QUEUE; 1002 1003 return 0; 1004} 1005 1006static int iwl_mvm_set_fw_key_idx(struct iwl_mvm *mvm) 1007{ 1008 int i; 1009 1010 lockdep_assert_held(&mvm->mutex); 1011 1012 i = find_first_zero_bit(mvm->fw_key_table, STA_KEY_MAX_NUM); 1013 1014 if (i == STA_KEY_MAX_NUM) 1015 return STA_KEY_IDX_INVALID; 1016 1017 __set_bit(i, mvm->fw_key_table); 1018 1019 return i; 1020} 1021 1022static u8 iwl_mvm_get_key_sta_id(struct ieee80211_vif *vif, 1023 struct ieee80211_sta *sta) 1024{ 1025 struct iwl_mvm_vif *mvmvif = (void *)vif->drv_priv; 1026 1027 if (sta) { 1028 struct iwl_mvm_sta *mvm_sta = (void *)sta->drv_priv; 1029 1030 return mvm_sta->sta_id; 1031 } 1032 1033 /* 1034 * The device expects GTKs for station interfaces to be 1035 * installed as GTKs for the AP station. If we have no 1036 * station ID, then use AP's station ID. 1037 */ 1038 if (vif->type == NL80211_IFTYPE_STATION && 1039 mvmvif->ap_sta_id != IWL_MVM_STATION_COUNT) 1040 return mvmvif->ap_sta_id; 1041 1042 return IWL_MVM_STATION_COUNT; 1043} 1044 1045static int iwl_mvm_send_sta_key(struct iwl_mvm *mvm, 1046 struct iwl_mvm_sta *mvm_sta, 1047 struct ieee80211_key_conf *keyconf, 1048 u8 sta_id, u32 tkip_iv32, u16 *tkip_p1k, 1049 u32 cmd_flags) 1050{ 1051 struct iwl_mvm_add_sta_key_cmd cmd = {}; 1052 __le16 key_flags; 1053 int ret, status; 1054 u16 keyidx; 1055 int i; 1056 1057 keyidx = (keyconf->keyidx << STA_KEY_FLG_KEYID_POS) & 1058 STA_KEY_FLG_KEYID_MSK; 1059 key_flags = cpu_to_le16(keyidx); 1060 key_flags |= cpu_to_le16(STA_KEY_FLG_WEP_KEY_MAP); 1061 1062 switch (keyconf->cipher) { 1063 case WLAN_CIPHER_SUITE_TKIP: 1064 key_flags |= cpu_to_le16(STA_KEY_FLG_TKIP); 1065 cmd.tkip_rx_tsc_byte2 = tkip_iv32; 1066 for (i = 0; i < 5; i++) 1067 cmd.tkip_rx_ttak[i] = cpu_to_le16(tkip_p1k[i]); 1068 memcpy(cmd.key, keyconf->key, keyconf->keylen); 1069 break; 1070 case WLAN_CIPHER_SUITE_CCMP: 1071 key_flags |= cpu_to_le16(STA_KEY_FLG_CCM); 1072 memcpy(cmd.key, keyconf->key, keyconf->keylen); 1073 break; 1074 default: 1075 key_flags |= cpu_to_le16(STA_KEY_FLG_EXT); 1076 memcpy(cmd.key, keyconf->key, keyconf->keylen); 1077 } 1078 1079 if (!(keyconf->flags & IEEE80211_KEY_FLAG_PAIRWISE)) 1080 key_flags |= cpu_to_le16(STA_KEY_MULTICAST); 1081 1082 cmd.key_offset = keyconf->hw_key_idx; 1083 cmd.key_flags = key_flags; 1084 cmd.sta_id = sta_id; 1085 1086 status = ADD_STA_SUCCESS; 1087 if (cmd_flags & CMD_ASYNC) 1088 ret = iwl_mvm_send_cmd_pdu(mvm, ADD_STA_KEY, CMD_ASYNC, 1089 sizeof(cmd), &cmd); 1090 else 1091 ret = iwl_mvm_send_cmd_pdu_status(mvm, ADD_STA_KEY, sizeof(cmd), 1092 &cmd, &status); 1093 1094 switch (status) { 1095 case ADD_STA_SUCCESS: 1096 IWL_DEBUG_WEP(mvm, "MODIFY_STA: set dynamic key passed\n"); 1097 break; 1098 default: 1099 ret = -EIO; 1100 IWL_ERR(mvm, "MODIFY_STA: set dynamic key failed\n"); 1101 break; 1102 } 1103 1104 return ret; 1105} 1106 1107static int iwl_mvm_send_sta_igtk(struct iwl_mvm *mvm, 1108 struct ieee80211_key_conf *keyconf, 1109 u8 sta_id, bool remove_key) 1110{ 1111 struct iwl_mvm_mgmt_mcast_key_cmd igtk_cmd = {}; 1112 1113 /* verify the key details match the required command's expectations */ 1114 if (WARN_ON((keyconf->cipher != WLAN_CIPHER_SUITE_AES_CMAC) || 1115 (keyconf->flags & IEEE80211_KEY_FLAG_PAIRWISE) || 1116 (keyconf->keyidx != 4 && keyconf->keyidx != 5))) 1117 return -EINVAL; 1118 1119 igtk_cmd.key_id = cpu_to_le32(keyconf->keyidx); 1120 igtk_cmd.sta_id = cpu_to_le32(sta_id); 1121 1122 if (remove_key) { 1123 igtk_cmd.ctrl_flags |= cpu_to_le32(STA_KEY_NOT_VALID); 1124 } else { 1125 struct ieee80211_key_seq seq; 1126 const u8 *pn; 1127 1128 memcpy(igtk_cmd.IGTK, keyconf->key, keyconf->keylen); 1129 ieee80211_aes_cmac_calculate_k1_k2(keyconf, 1130 igtk_cmd.K1, igtk_cmd.K2); 1131 ieee80211_get_key_rx_seq(keyconf, 0, &seq); 1132 pn = seq.aes_cmac.pn; 1133 igtk_cmd.receive_seq_cnt = cpu_to_le64(((u64) pn[5] << 0) | 1134 ((u64) pn[4] << 8) | 1135 ((u64) pn[3] << 16) | 1136 ((u64) pn[2] << 24) | 1137 ((u64) pn[1] << 32) | 1138 ((u64) pn[0] << 40)); 1139 } 1140 1141 IWL_DEBUG_INFO(mvm, "%s igtk for sta %u\n", 1142 remove_key ? "removing" : "installing", 1143 igtk_cmd.sta_id); 1144 1145 return iwl_mvm_send_cmd_pdu(mvm, MGMT_MCAST_KEY, 0, 1146 sizeof(igtk_cmd), &igtk_cmd); 1147} 1148 1149 1150static inline u8 *iwl_mvm_get_mac_addr(struct iwl_mvm *mvm, 1151 struct ieee80211_vif *vif, 1152 struct ieee80211_sta *sta) 1153{ 1154 struct iwl_mvm_vif *mvmvif = (void *)vif->drv_priv; 1155 1156 if (sta) 1157 return sta->addr; 1158 1159 if (vif->type == NL80211_IFTYPE_STATION && 1160 mvmvif->ap_sta_id != IWL_MVM_STATION_COUNT) { 1161 u8 sta_id = mvmvif->ap_sta_id; 1162 sta = rcu_dereference_protected(mvm->fw_id_to_mac_id[sta_id], 1163 lockdep_is_held(&mvm->mutex)); 1164 return sta->addr; 1165 } 1166 1167 1168 return NULL; 1169} 1170 1171int iwl_mvm_set_sta_key(struct iwl_mvm *mvm, 1172 struct ieee80211_vif *vif, 1173 struct ieee80211_sta *sta, 1174 struct ieee80211_key_conf *keyconf, 1175 bool have_key_offset) 1176{ 1177 struct iwl_mvm_sta *mvm_sta; 1178 int ret; 1179 u8 *addr, sta_id; 1180 struct ieee80211_key_seq seq; 1181 u16 p1k[5]; 1182 1183 lockdep_assert_held(&mvm->mutex); 1184 1185 /* Get the station id from the mvm local station table */ 1186 sta_id = iwl_mvm_get_key_sta_id(vif, sta); 1187 if (sta_id == IWL_MVM_STATION_COUNT) { 1188 IWL_ERR(mvm, "Failed to find station id\n"); 1189 return -EINVAL; 1190 } 1191 1192 if (keyconf->cipher == WLAN_CIPHER_SUITE_AES_CMAC) { 1193 ret = iwl_mvm_send_sta_igtk(mvm, keyconf, sta_id, false); 1194 goto end; 1195 } 1196 1197 /* 1198 * It is possible that the 'sta' parameter is NULL, and thus 1199 * there is a need to retrieve the sta from the local station table. 1200 */ 1201 if (!sta) { 1202 sta = rcu_dereference_protected(mvm->fw_id_to_mac_id[sta_id], 1203 lockdep_is_held(&mvm->mutex)); 1204 if (IS_ERR_OR_NULL(sta)) { 1205 IWL_ERR(mvm, "Invalid station id\n"); 1206 return -EINVAL; 1207 } 1208 } 1209 1210 mvm_sta = (struct iwl_mvm_sta *)sta->drv_priv; 1211 if (WARN_ON_ONCE(mvm_sta->vif != vif)) 1212 return -EINVAL; 1213 1214 if (!have_key_offset) { 1215 /* 1216 * The D3 firmware hardcodes the PTK offset to 0, so we have to 1217 * configure it there. As a result, this workaround exists to 1218 * let the caller set the key offset (hw_key_idx), see d3.c. 1219 */ 1220 keyconf->hw_key_idx = iwl_mvm_set_fw_key_idx(mvm); 1221 if (keyconf->hw_key_idx == STA_KEY_IDX_INVALID) 1222 return -ENOSPC; 1223 } 1224 1225 switch (keyconf->cipher) { 1226 case WLAN_CIPHER_SUITE_TKIP: 1227 addr = iwl_mvm_get_mac_addr(mvm, vif, sta); 1228 /* get phase 1 key from mac80211 */ 1229 ieee80211_get_key_rx_seq(keyconf, 0, &seq); 1230 ieee80211_get_tkip_rx_p1k(keyconf, addr, seq.tkip.iv32, p1k); 1231 ret = iwl_mvm_send_sta_key(mvm, mvm_sta, keyconf, sta_id, 1232 seq.tkip.iv32, p1k, 0); 1233 break; 1234 case WLAN_CIPHER_SUITE_CCMP: 1235 ret = iwl_mvm_send_sta_key(mvm, mvm_sta, keyconf, sta_id, 1236 0, NULL, 0); 1237 break; 1238 default: 1239 ret = iwl_mvm_send_sta_key(mvm, mvm_sta, keyconf, 1240 sta_id, 0, NULL, 0); 1241 } 1242 1243 if (ret) 1244 __clear_bit(keyconf->hw_key_idx, mvm->fw_key_table); 1245 1246end: 1247 IWL_DEBUG_WEP(mvm, "key: cipher=%x len=%d idx=%d sta=%pM ret=%d\n", 1248 keyconf->cipher, keyconf->keylen, keyconf->keyidx, 1249 sta->addr, ret); 1250 return ret; 1251} 1252 1253int iwl_mvm_remove_sta_key(struct iwl_mvm *mvm, 1254 struct ieee80211_vif *vif, 1255 struct ieee80211_sta *sta, 1256 struct ieee80211_key_conf *keyconf) 1257{ 1258 struct iwl_mvm_sta *mvm_sta; 1259 struct iwl_mvm_add_sta_key_cmd cmd = {}; 1260 __le16 key_flags; 1261 int ret, status; 1262 u8 sta_id; 1263 1264 lockdep_assert_held(&mvm->mutex); 1265 1266 /* Get the station id from the mvm local station table */ 1267 sta_id = iwl_mvm_get_key_sta_id(vif, sta); 1268 1269 IWL_DEBUG_WEP(mvm, "mvm remove dynamic key: idx=%d sta=%d\n", 1270 keyconf->keyidx, sta_id); 1271 1272 if (keyconf->cipher == WLAN_CIPHER_SUITE_AES_CMAC) 1273 return iwl_mvm_send_sta_igtk(mvm, keyconf, sta_id, true); 1274 1275 ret = __test_and_clear_bit(keyconf->hw_key_idx, mvm->fw_key_table); 1276 if (!ret) { 1277 IWL_ERR(mvm, "offset %d not used in fw key table.\n", 1278 keyconf->hw_key_idx); 1279 return -ENOENT; 1280 } 1281 1282 if (sta_id == IWL_MVM_STATION_COUNT) { 1283 IWL_DEBUG_WEP(mvm, "station non-existent, early return.\n"); 1284 return 0; 1285 } 1286 1287 /* 1288 * It is possible that the 'sta' parameter is NULL, and thus 1289 * there is a need to retrieve the sta from the local station table, 1290 * for example when a GTK is removed (where the sta_id will then be 1291 * the AP ID, and no station was passed by mac80211.) 1292 */ 1293 if (!sta) { 1294 sta = rcu_dereference_protected(mvm->fw_id_to_mac_id[sta_id], 1295 lockdep_is_held(&mvm->mutex)); 1296 if (!sta) { 1297 IWL_ERR(mvm, "Invalid station id\n"); 1298 return -EINVAL; 1299 } 1300 } 1301 1302 mvm_sta = (struct iwl_mvm_sta *)sta->drv_priv; 1303 if (WARN_ON_ONCE(mvm_sta->vif != vif)) 1304 return -EINVAL; 1305 1306 key_flags = cpu_to_le16((keyconf->keyidx << STA_KEY_FLG_KEYID_POS) & 1307 STA_KEY_FLG_KEYID_MSK); 1308 key_flags |= cpu_to_le16(STA_KEY_FLG_NO_ENC | STA_KEY_FLG_WEP_KEY_MAP); 1309 key_flags |= cpu_to_le16(STA_KEY_NOT_VALID); 1310 1311 if (!(keyconf->flags & IEEE80211_KEY_FLAG_PAIRWISE)) 1312 key_flags |= cpu_to_le16(STA_KEY_MULTICAST); 1313 1314 cmd.key_flags = key_flags; 1315 cmd.key_offset = keyconf->hw_key_idx; 1316 cmd.sta_id = sta_id; 1317 1318 status = ADD_STA_SUCCESS; 1319 ret = iwl_mvm_send_cmd_pdu_status(mvm, ADD_STA_KEY, sizeof(cmd), 1320 &cmd, &status); 1321 1322 switch (status) { 1323 case ADD_STA_SUCCESS: 1324 IWL_DEBUG_WEP(mvm, "MODIFY_STA: remove sta key passed\n"); 1325 break; 1326 default: 1327 ret = -EIO; 1328 IWL_ERR(mvm, "MODIFY_STA: remove sta key failed\n"); 1329 break; 1330 } 1331 1332 return ret; 1333} 1334 1335void iwl_mvm_update_tkip_key(struct iwl_mvm *mvm, 1336 struct ieee80211_vif *vif, 1337 struct ieee80211_key_conf *keyconf, 1338 struct ieee80211_sta *sta, u32 iv32, 1339 u16 *phase1key) 1340{ 1341 struct iwl_mvm_sta *mvm_sta; 1342 u8 sta_id = iwl_mvm_get_key_sta_id(vif, sta); 1343 1344 if (WARN_ON_ONCE(sta_id == IWL_MVM_STATION_COUNT)) 1345 return; 1346 1347 rcu_read_lock(); 1348 1349 if (!sta) { 1350 sta = rcu_dereference(mvm->fw_id_to_mac_id[sta_id]); 1351 if (WARN_ON(IS_ERR_OR_NULL(sta))) { 1352 rcu_read_unlock(); 1353 return; 1354 } 1355 } 1356 1357 mvm_sta = (void *)sta->drv_priv; 1358 iwl_mvm_send_sta_key(mvm, mvm_sta, keyconf, sta_id, 1359 iv32, phase1key, CMD_ASYNC); 1360 rcu_read_unlock(); 1361} 1362 1363void iwl_mvm_sta_modify_ps_wake(struct iwl_mvm *mvm, 1364 struct ieee80211_sta *sta) 1365{ 1366 struct iwl_mvm_sta *mvmsta = iwl_mvm_sta_from_mac80211(sta); 1367 struct iwl_mvm_add_sta_cmd cmd = { 1368 .add_modify = STA_MODE_MODIFY, 1369 .sta_id = mvmsta->sta_id, 1370 .station_flags_msk = cpu_to_le32(STA_FLG_PS), 1371 .mac_id_n_color = cpu_to_le32(mvmsta->mac_id_n_color), 1372 }; 1373 int ret; 1374 1375 ret = iwl_mvm_send_cmd_pdu(mvm, ADD_STA, CMD_ASYNC, sizeof(cmd), &cmd); 1376 if (ret) 1377 IWL_ERR(mvm, "Failed to send ADD_STA command (%d)\n", ret); 1378} 1379 1380void iwl_mvm_sta_modify_sleep_tx_count(struct iwl_mvm *mvm, 1381 struct ieee80211_sta *sta, 1382 enum ieee80211_frame_release_type reason, 1383 u16 cnt, u16 tids, bool more_data, 1384 bool agg) 1385{ 1386 struct iwl_mvm_sta *mvmsta = iwl_mvm_sta_from_mac80211(sta); 1387 struct iwl_mvm_add_sta_cmd cmd = { 1388 .add_modify = STA_MODE_MODIFY, 1389 .sta_id = mvmsta->sta_id, 1390 .modify_mask = STA_MODIFY_SLEEPING_STA_TX_COUNT, 1391 .sleep_tx_count = cpu_to_le16(cnt), 1392 .mac_id_n_color = cpu_to_le32(mvmsta->mac_id_n_color), 1393 }; 1394 int tid, ret; 1395 unsigned long _tids = tids; 1396 1397 /* convert TIDs to ACs - we don't support TSPEC so that's OK 1398 * Note that this field is reserved and unused by firmware not 1399 * supporting GO uAPSD, so it's safe to always do this. 1400 */ 1401 for_each_set_bit(tid, &_tids, IWL_MAX_TID_COUNT) 1402 cmd.awake_acs |= BIT(tid_to_ucode_ac[tid]); 1403 1404 /* If we're releasing frames from aggregation queues then check if the 1405 * all queues combined that we're releasing frames from have 1406 * - more frames than the service period, in which case more_data 1407 * needs to be set 1408 * - fewer than 'cnt' frames, in which case we need to adjust the 1409 * firmware command (but do that unconditionally) 1410 */ 1411 if (agg) { 1412 int remaining = cnt; 1413 1414 spin_lock_bh(&mvmsta->lock); 1415 for_each_set_bit(tid, &_tids, IWL_MAX_TID_COUNT) { 1416 struct iwl_mvm_tid_data *tid_data; 1417 u16 n_queued; 1418 1419 tid_data = &mvmsta->tid_data[tid]; 1420 if (WARN(tid_data->state != IWL_AGG_ON && 1421 tid_data->state != IWL_EMPTYING_HW_QUEUE_DELBA, 1422 "TID %d state is %d\n", 1423 tid, tid_data->state)) { 1424 spin_unlock_bh(&mvmsta->lock); 1425 ieee80211_sta_eosp(sta); 1426 return; 1427 } 1428 1429 n_queued = iwl_mvm_tid_queued(tid_data); 1430 if (n_queued > remaining) { 1431 more_data = true; 1432 remaining = 0; 1433 break; 1434 } 1435 remaining -= n_queued; 1436 } 1437 spin_unlock_bh(&mvmsta->lock); 1438 1439 cmd.sleep_tx_count = cpu_to_le16(cnt - remaining); 1440 if (WARN_ON(cnt - remaining == 0)) { 1441 ieee80211_sta_eosp(sta); 1442 return; 1443 } 1444 } 1445 1446 /* Note: this is ignored by firmware not supporting GO uAPSD */ 1447 if (more_data) 1448 cmd.sleep_state_flags |= cpu_to_le16(STA_SLEEP_STATE_MOREDATA); 1449 1450 if (reason == IEEE80211_FRAME_RELEASE_PSPOLL) { 1451 mvmsta->next_status_eosp = true; 1452 cmd.sleep_state_flags |= cpu_to_le16(STA_SLEEP_STATE_PS_POLL); 1453 } else { 1454 cmd.sleep_state_flags |= cpu_to_le16(STA_SLEEP_STATE_UAPSD); 1455 } 1456 1457 ret = iwl_mvm_send_cmd_pdu(mvm, ADD_STA, CMD_ASYNC, sizeof(cmd), &cmd); 1458 if (ret) 1459 IWL_ERR(mvm, "Failed to send ADD_STA command (%d)\n", ret); 1460} 1461 1462int iwl_mvm_rx_eosp_notif(struct iwl_mvm *mvm, 1463 struct iwl_rx_cmd_buffer *rxb, 1464 struct iwl_device_cmd *cmd) 1465{ 1466 struct iwl_rx_packet *pkt = rxb_addr(rxb); 1467 struct iwl_mvm_eosp_notification *notif = (void *)pkt->data; 1468 struct ieee80211_sta *sta; 1469 u32 sta_id = le32_to_cpu(notif->sta_id); 1470 1471 if (WARN_ON_ONCE(sta_id >= IWL_MVM_STATION_COUNT)) 1472 return 0; 1473 1474 rcu_read_lock(); 1475 sta = rcu_dereference(mvm->fw_id_to_mac_id[sta_id]); 1476 if (!IS_ERR_OR_NULL(sta)) 1477 ieee80211_sta_eosp(sta); 1478 rcu_read_unlock(); 1479 1480 return 0; 1481} 1482 1483void iwl_mvm_sta_modify_disable_tx(struct iwl_mvm *mvm, 1484 struct iwl_mvm_sta *mvmsta, bool disable) 1485{ 1486 struct iwl_mvm_add_sta_cmd cmd = { 1487 .add_modify = STA_MODE_MODIFY, 1488 .sta_id = mvmsta->sta_id, 1489 .station_flags = disable ? cpu_to_le32(STA_FLG_DISABLE_TX) : 0, 1490 .station_flags_msk = cpu_to_le32(STA_FLG_DISABLE_TX), 1491 .mac_id_n_color = cpu_to_le32(mvmsta->mac_id_n_color), 1492 }; 1493 int ret; 1494 1495 if (!(mvm->fw->ucode_capa.api[0] & IWL_UCODE_TLV_API_DISABLE_STA_TX)) 1496 return; 1497 1498 ret = iwl_mvm_send_cmd_pdu(mvm, ADD_STA, CMD_ASYNC, sizeof(cmd), &cmd); 1499 if (ret) 1500 IWL_ERR(mvm, "Failed to send ADD_STA command (%d)\n", ret); 1501} 1502 1503void iwl_mvm_sta_modify_disable_tx_ap(struct iwl_mvm *mvm, 1504 struct ieee80211_sta *sta, 1505 bool disable) 1506{ 1507 struct iwl_mvm_sta *mvm_sta = iwl_mvm_sta_from_mac80211(sta); 1508 1509 spin_lock_bh(&mvm_sta->lock); 1510 1511 if (mvm_sta->disable_tx == disable) { 1512 spin_unlock_bh(&mvm_sta->lock); 1513 return; 1514 } 1515 1516 mvm_sta->disable_tx = disable; 1517 1518 /* 1519 * Tell mac80211 to start/stop queueing tx for this station, 1520 * but don't stop queueing if there are still pending frames 1521 * for this station. 1522 */ 1523 if (disable || !atomic_read(&mvm->pending_frames[mvm_sta->sta_id])) 1524 ieee80211_sta_block_awake(mvm->hw, sta, disable); 1525 1526 iwl_mvm_sta_modify_disable_tx(mvm, mvm_sta, disable); 1527 1528 spin_unlock_bh(&mvm_sta->lock); 1529} 1530 1531void iwl_mvm_modify_all_sta_disable_tx(struct iwl_mvm *mvm, 1532 struct iwl_mvm_vif *mvmvif, 1533 bool disable) 1534{ 1535 struct ieee80211_sta *sta; 1536 struct iwl_mvm_sta *mvm_sta; 1537 int i; 1538 1539 lockdep_assert_held(&mvm->mutex); 1540 1541 /* Block/unblock all the stations of the given mvmvif */ 1542 for (i = 0; i < IWL_MVM_STATION_COUNT; i++) { 1543 sta = rcu_dereference_protected(mvm->fw_id_to_mac_id[i], 1544 lockdep_is_held(&mvm->mutex)); 1545 if (IS_ERR_OR_NULL(sta)) 1546 continue; 1547 1548 mvm_sta = iwl_mvm_sta_from_mac80211(sta); 1549 if (mvm_sta->mac_id_n_color != 1550 FW_CMD_ID_AND_COLOR(mvmvif->id, mvmvif->color)) 1551 continue; 1552 1553 iwl_mvm_sta_modify_disable_tx_ap(mvm, sta, disable); 1554 } 1555} 1556