]> git.proxmox.com Git - mirror_ubuntu-focal-kernel.git/blame - drivers/net/wireless/iwlwifi/mvm/sta.c
projects / mirror_ubuntu-focal-kernel.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
iwlwifi: mvm: add some missing iwl_mvm_ref_sync() calls
[mirror_ubuntu-focal-kernel.git] / drivers / net / wireless / iwlwifi / mvm / sta.c
CommitLineData
8ca151b5
JB		 1/******************************************************************************
2 *
3 * This file is provided under a dual BSD/GPLv2 license. When using or
4 * redistributing this file, you may do so under either license.
5 *
6 * GPL LICENSE SUMMARY
7 *
51368bf7 8 * Copyright(c) 2012 - 2014 Intel Corporation. All rights reserved.
8ca151b5
JB		 9 *
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of version 2 of the GNU General Public License as
12 * published by the Free Software Foundation.
13 *
14 * This program is distributed in the hope that it will be useful, but
15 * WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
17 * General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License
20 * along with this program; if not, write to the Free Software
21 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110,
22 * USA
23 *
24 * The full GNU General Public License is included in this distribution
410dc5aa 25 * in the file called COPYING.
8ca151b5
JB		 26 *
27 * Contact Information:
28 * Intel Linux Wireless <ilw@linux.intel.com>
29 * Intel Corporation, 5200 N.E. Elam Young Parkway, Hillsboro, OR 97124-6497
30 *
31 * BSD LICENSE
32 *
51368bf7 33 * Copyright(c) 2012 - 2014 Intel Corporation. All rights reserved.
8ca151b5
JB		 34 * All rights reserved.
35 *
36 * Redistribution and use in source and binary forms, with or without
37 * modification, are permitted provided that the following conditions
38 * are met:
39 *
40 * * Redistributions of source code must retain the above copyright
41 * notice, this list of conditions and the following disclaimer.
42 * * Redistributions in binary form must reproduce the above copyright
43 * notice, this list of conditions and the following disclaimer in
44 * the documentation and/or other materials provided with the
45 * distribution.
46 * * Neither the name Intel Corporation nor the names of its
47 * contributors may be used to endorse or promote products derived
48 * from this software without specific prior written permission.
49 *
50 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
51 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
52 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
53 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
54 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
55 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
56 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
57 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
58 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
59 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
60 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
61 *
62 *****************************************************************************/
63#include <net/mac80211.h>
64
65#include "mvm.h"
66#include "sta.h"
9ee718aa 67#include "rs.h"
8ca151b5 68
b92e661b
EP		 69static int iwl_mvm_find_free_sta_id(struct iwl_mvm *mvm,
70 enum nl80211_iftype iftype)
8ca151b5
JB		 71{
72 int sta_id;
b92e661b 73 u32 reserved_ids = 0;
8ca151b5 74
b92e661b 75 BUILD_BUG_ON(IWL_MVM_STATION_COUNT > 32);
8ca151b5
JB		 76 WARN_ON_ONCE(test_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status));
77
78 lockdep_assert_held(&mvm->mutex);
79
b92e661b
EP		 80 /* d0i3/d3 assumes the AP's sta_id (of sta vif) is 0. reserve it. */
81 if (iftype != NL80211_IFTYPE_STATION)
82 reserved_ids = BIT(0);
83
8ca151b5 84 /* Don't take rcu_read_lock() since we are protected by mvm->mutex */
b92e661b
EP		 85 for (sta_id = 0; sta_id < IWL_MVM_STATION_COUNT; sta_id++) {
86 if (BIT(sta_id) & reserved_ids)
87 continue;
88
8ca151b5
JB		 89 if (!rcu_dereference_protected(mvm->fw_id_to_mac_id[sta_id],
90 lockdep_is_held(&mvm->mutex)))
91 return sta_id;
b92e661b 92 }
8ca151b5
JB		 93 return IWL_MVM_STATION_COUNT;
94}
95
7a453973
JB		 96/* send station add/update command to firmware */
97int iwl_mvm_sta_send_to_fw(struct iwl_mvm *mvm, struct ieee80211_sta *sta,
98 bool update)
8ca151b5
JB		 99{
100 struct iwl_mvm_sta *mvm_sta = (void *)sta->drv_priv;
4b8265ab
EG		 101 struct iwl_mvm_add_sta_cmd add_sta_cmd = {
102 .sta_id = mvm_sta->sta_id,
103 .mac_id_n_color = cpu_to_le32(mvm_sta->mac_id_n_color),
104 .add_modify = update ? 1 : 0,
105 .station_flags_msk = cpu_to_le32(STA_FLG_FAT_EN_MSK |
106 STA_FLG_MIMO_EN_MSK),
107 };
8ca151b5
JB		 108 int ret;
109 u32 status;
110 u32 agg_size = 0, mpdu_dens = 0;
111
7a453973
JB		 112 if (!update) {
113 add_sta_cmd.tfd_queue_msk = cpu_to_le32(mvm_sta->tfd_queue_msk);
114 memcpy(&add_sta_cmd.addr, sta->addr, ETH_ALEN);
115 }
5bc5aaad
JB		 116
117 switch (sta->bandwidth) {
118 case IEEE80211_STA_RX_BW_160:
119 add_sta_cmd.station_flags |= cpu_to_le32(STA_FLG_FAT_EN_160MHZ);
120 /* fall through */
121 case IEEE80211_STA_RX_BW_80:
122 add_sta_cmd.station_flags |= cpu_to_le32(STA_FLG_FAT_EN_80MHZ);
123 /* fall through */
124 case IEEE80211_STA_RX_BW_40:
125 add_sta_cmd.station_flags |= cpu_to_le32(STA_FLG_FAT_EN_40MHZ);
126 /* fall through */
127 case IEEE80211_STA_RX_BW_20:
128 if (sta->ht_cap.ht_supported)
129 add_sta_cmd.station_flags |=
130 cpu_to_le32(STA_FLG_FAT_EN_20MHZ);
131 break;
132 }
133
134 switch (sta->rx_nss) {
135 case 1:
136 add_sta_cmd.station_flags |= cpu_to_le32(STA_FLG_MIMO_EN_SISO);
137 break;
138 case 2:
139 add_sta_cmd.station_flags |= cpu_to_le32(STA_FLG_MIMO_EN_MIMO2);
140 break;
141 case 3 ... 8:
142 add_sta_cmd.station_flags |= cpu_to_le32(STA_FLG_MIMO_EN_MIMO3);
143 break;
144 }
145
146 switch (sta->smps_mode) {
147 case IEEE80211_SMPS_AUTOMATIC:
148 case IEEE80211_SMPS_NUM_MODES:
149 WARN_ON(1);
150 break;
151 case IEEE80211_SMPS_STATIC:
152 /* override NSS */
153 add_sta_cmd.station_flags &= ~cpu_to_le32(STA_FLG_MIMO_EN_MSK);
154 add_sta_cmd.station_flags |= cpu_to_le32(STA_FLG_MIMO_EN_SISO);
155 break;
156 case IEEE80211_SMPS_DYNAMIC:
157 add_sta_cmd.station_flags |= cpu_to_le32(STA_FLG_RTS_MIMO_PROT);
158 break;
159 case IEEE80211_SMPS_OFF:
160 /* nothing */
161 break;
162 }
8ca151b5
JB		 163
164 if (sta->ht_cap.ht_supported) {
165 add_sta_cmd.station_flags_msk |=
166 cpu_to_le32(STA_FLG_MAX_AGG_SIZE_MSK |
167 STA_FLG_AGG_MPDU_DENS_MSK);
168
169 mpdu_dens = sta->ht_cap.ampdu_density;
170 }
171
172 if (sta->vht_cap.vht_supported) {
173 agg_size = sta->vht_cap.cap &
174 IEEE80211_VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MASK;
175 agg_size >>=
176 IEEE80211_VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_SHIFT;
177 } else if (sta->ht_cap.ht_supported) {
178 agg_size = sta->ht_cap.ampdu_factor;
179 }
180
181 add_sta_cmd.station_flags |=
182 cpu_to_le32(agg_size << STA_FLG_MAX_AGG_SIZE_SHIFT);
183 add_sta_cmd.station_flags |=
184 cpu_to_le32(mpdu_dens << STA_FLG_AGG_MPDU_DENS_SHIFT);
185
186 status = ADD_STA_SUCCESS;
f9dc0004
EG		 187 ret = iwl_mvm_send_cmd_pdu_status(mvm, ADD_STA, sizeof(add_sta_cmd),
188 &add_sta_cmd, &status);
8ca151b5
JB		 189 if (ret)
190 return ret;
191
192 switch (status) {
193 case ADD_STA_SUCCESS:
194 IWL_DEBUG_ASSOC(mvm, "ADD_STA PASSED\n");
195 break;
196 default:
197 ret = -EIO;
198 IWL_ERR(mvm, "ADD_STA failed\n");
199 break;
200 }
201
202 return ret;
203}
204
205int iwl_mvm_add_sta(struct iwl_mvm *mvm,
206 struct ieee80211_vif *vif,
207 struct ieee80211_sta *sta)
208{
209 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
210 struct iwl_mvm_sta *mvm_sta = (void *)sta->drv_priv;
211 int i, ret, sta_id;
212
213 lockdep_assert_held(&mvm->mutex);
214
215 if (!test_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status))
b92e661b
EP		 216 sta_id = iwl_mvm_find_free_sta_id(mvm,
217 ieee80211_vif_type_p2p(vif));
8ca151b5
JB		 218 else
219 sta_id = mvm_sta->sta_id;
220
221 if (WARN_ON_ONCE(sta_id == IWL_MVM_STATION_COUNT))
222 return -ENOSPC;
223
224 spin_lock_init(&mvm_sta->lock);
225
226 mvm_sta->sta_id = sta_id;
227 mvm_sta->mac_id_n_color = FW_CMD_ID_AND_COLOR(mvmvif->id,
228 mvmvif->color);
229 mvm_sta->vif = vif;
230 mvm_sta->max_agg_bufsize = LINK_QUAL_AGG_FRAME_LIMIT_DEF;
9ee718aa
EL		 231 mvm_sta->tx_protection = 0;
232 mvm_sta->tt_tx_protection = false;
8ca151b5
JB		 233
234 /* HW restart, don't assume the memory has been zeroed */
e3d4bc8c 235 atomic_set(&mvm->pending_frames[sta_id], 0);
8ca151b5
JB		 236 mvm_sta->tid_disable_agg = 0;
237 mvm_sta->tfd_queue_msk = 0;
238 for (i = 0; i < IEEE80211_NUM_ACS; i++)
239 if (vif->hw_queue[i] != IEEE80211_INVAL_HW_QUEUE)
240 mvm_sta->tfd_queue_msk |= BIT(vif->hw_queue[i]);
241
6d9d32b8
JB		 242 /* for HW restart - reset everything but the sequence number */
243 for (i = 0; i < IWL_MAX_TID_COUNT; i++) {
244 u16 seq = mvm_sta->tid_data[i].seq_number;
245 memset(&mvm_sta->tid_data[i], 0, sizeof(mvm_sta->tid_data[i]));
246 mvm_sta->tid_data[i].seq_number = seq;
247 }
8ca151b5 248
7a453973 249 ret = iwl_mvm_sta_send_to_fw(mvm, sta, false);
8ca151b5
JB		 250 if (ret)
251 return ret;
252
253 /* The first station added is the AP, the others are TDLS STAs */
254 if (vif->type == NL80211_IFTYPE_STATION &&
255 mvmvif->ap_sta_id == IWL_MVM_STATION_COUNT)
256 mvmvif->ap_sta_id = sta_id;
257
258 rcu_assign_pointer(mvm->fw_id_to_mac_id[sta_id], sta);
259
260 return 0;
261}
262
7a453973
JB		 263int iwl_mvm_update_sta(struct iwl_mvm *mvm,
264 struct ieee80211_vif *vif,
265 struct ieee80211_sta *sta)
266{
267 return iwl_mvm_sta_send_to_fw(mvm, sta, true);
268}
269
8ca151b5
JB		 270int iwl_mvm_drain_sta(struct iwl_mvm *mvm, struct iwl_mvm_sta *mvmsta,
271 bool drain)
272{
f9dc0004 273 struct iwl_mvm_add_sta_cmd cmd = {};
8ca151b5
JB		 274 int ret;
275 u32 status;
276
277 lockdep_assert_held(&mvm->mutex);
278
279 cmd.mac_id_n_color = cpu_to_le32(mvmsta->mac_id_n_color);
280 cmd.sta_id = mvmsta->sta_id;
281 cmd.add_modify = STA_MODE_MODIFY;
282 cmd.station_flags = drain ? cpu_to_le32(STA_FLG_DRAIN_FLOW) : 0;
283 cmd.station_flags_msk = cpu_to_le32(STA_FLG_DRAIN_FLOW);
284
285 status = ADD_STA_SUCCESS;
f9dc0004
EG		 286 ret = iwl_mvm_send_cmd_pdu_status(mvm, ADD_STA, sizeof(cmd),
287 &cmd, &status);
8ca151b5
JB		 288 if (ret)
289 return ret;
290
291 switch (status) {
292 case ADD_STA_SUCCESS:
293 IWL_DEBUG_INFO(mvm, "Frames for staid %d will drained in fw\n",
294 mvmsta->sta_id);
295 break;
296 default:
297 ret = -EIO;
298 IWL_ERR(mvm, "Couldn't drain frames for staid %d\n",
299 mvmsta->sta_id);
300 break;
301 }
302
303 return ret;
304}
305
306/*
307 * Remove a station from the FW table. Before sending the command to remove
308 * the station validate that the station is indeed known to the driver (sanity
309 * only).
310 */
311static int iwl_mvm_rm_sta_common(struct iwl_mvm *mvm, u8 sta_id)
312{
313 struct ieee80211_sta *sta;
314 struct iwl_mvm_rm_sta_cmd rm_sta_cmd = {
315 .sta_id = sta_id,
316 };
317 int ret;
318
319 sta = rcu_dereference_protected(mvm->fw_id_to_mac_id[sta_id],
320 lockdep_is_held(&mvm->mutex));
321
322 /* Note: internal stations are marked as error values */
323 if (!sta) {
324 IWL_ERR(mvm, "Invalid station id\n");
325 return -EINVAL;
326 }
327
a1022927 328 ret = iwl_mvm_send_cmd_pdu(mvm, REMOVE_STA, 0,
8ca151b5
JB		 329 sizeof(rm_sta_cmd), &rm_sta_cmd);
330 if (ret) {
331 IWL_ERR(mvm, "Failed to remove station. Id=%d\n", sta_id);
332 return ret;
333 }
334
335 return 0;
336}
337
338void iwl_mvm_sta_drained_wk(struct work_struct *wk)
339{
340 struct iwl_mvm *mvm = container_of(wk, struct iwl_mvm, sta_drained_wk);
341 u8 sta_id;
342
343 /*
344 * The mutex is needed because of the SYNC cmd, but not only: if the
345 * work would run concurrently with iwl_mvm_rm_sta, it would run before
346 * iwl_mvm_rm_sta sets the station as busy, and exit. Then
347 * iwl_mvm_rm_sta would set the station as busy, and nobody will clean
348 * that later.
349 */
350 mutex_lock(&mvm->mutex);
351
352 for_each_set_bit(sta_id, mvm->sta_drained, IWL_MVM_STATION_COUNT) {
353 int ret;
354 struct ieee80211_sta *sta =
355 rcu_dereference_protected(mvm->fw_id_to_mac_id[sta_id],
356 lockdep_is_held(&mvm->mutex));
357
1ddbbb0c
JB		 358 /*
359 * This station is in use or RCU-removed; the latter happens in
360 * managed mode, where mac80211 removes the station before we
361 * can remove it from firmware (we can only do that after the
362 * MAC is marked unassociated), and possibly while the deauth
363 * frame to disconnect from the AP is still queued. Then, the
364 * station pointer is -ENOENT when the last skb is reclaimed.
365 */
366 if (!IS_ERR(sta) || PTR_ERR(sta) == -ENOENT)
8ca151b5
JB		 367 continue;
368
369 if (PTR_ERR(sta) == -EINVAL) {
370 IWL_ERR(mvm, "Drained sta %d, but it is internal?\n",
371 sta_id);
372 continue;
373 }
374
375 if (!sta) {
376 IWL_ERR(mvm, "Drained sta %d, but it was NULL?\n",
377 sta_id);
378 continue;
379 }
380
381 WARN_ON(PTR_ERR(sta) != -EBUSY);
382 /* This station was removed and we waited until it got drained,
383 * we can now proceed and remove it.
384 */
385 ret = iwl_mvm_rm_sta_common(mvm, sta_id);
386 if (ret) {
387 IWL_ERR(mvm,
388 "Couldn't remove sta %d after it was drained\n",
389 sta_id);
390 continue;
391 }
c531c771 392 RCU_INIT_POINTER(mvm->fw_id_to_mac_id[sta_id], NULL);
8ca151b5
JB		 393 clear_bit(sta_id, mvm->sta_drained);
394 }
395
396 mutex_unlock(&mvm->mutex);
397}
398
399int iwl_mvm_rm_sta(struct iwl_mvm *mvm,
400 struct ieee80211_vif *vif,
401 struct ieee80211_sta *sta)
402{
403 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
404 struct iwl_mvm_sta *mvm_sta = (void *)sta->drv_priv;
405 int ret;
406
407 lockdep_assert_held(&mvm->mutex);
408
409 if (vif->type == NL80211_IFTYPE_STATION &&
410 mvmvif->ap_sta_id == mvm_sta->sta_id) {
80d85655
EG		 411 /* flush its queues here since we are freeing mvm_sta */
412 ret = iwl_mvm_flush_tx_path(mvm, mvm_sta->tfd_queue_msk, true);
413
8ca151b5
JB		 414 /* if we are associated - we can't remove the AP STA now */
415 if (vif->bss_conf.assoc)
416 return ret;
417
418 /* unassoc - go ahead - remove the AP STA now */
419 mvmvif->ap_sta_id = IWL_MVM_STATION_COUNT;
37577fe2
EP		 420
421 /* clear d0i3_ap_sta_id if no longer relevant */
422 if (mvm->d0i3_ap_sta_id == mvm_sta->sta_id)
423 mvm->d0i3_ap_sta_id = IWL_MVM_STATION_COUNT;
8ca151b5
JB		 424 }
425
e3d4bc8c
EG		 426 /*
427 * Make sure that the tx response code sees the station as -EBUSY and
428 * calls the drain worker.
429 */
430 spin_lock_bh(&mvm_sta->lock);
8ca151b5
JB		 431 /*
432 * There are frames pending on the AC queues for this station.
433 * We need to wait until all the frames are drained...
434 */
e3d4bc8c 435 if (atomic_read(&mvm->pending_frames[mvm_sta->sta_id])) {
8ca151b5
JB		 436 rcu_assign_pointer(mvm->fw_id_to_mac_id[mvm_sta->sta_id],
437 ERR_PTR(-EBUSY));
e3d4bc8c
EG		 438 spin_unlock_bh(&mvm_sta->lock);
439 ret = iwl_mvm_drain_sta(mvm, mvm_sta, true);
8ca151b5 440 } else {
e3d4bc8c 441 spin_unlock_bh(&mvm_sta->lock);
8ca151b5 442 ret = iwl_mvm_rm_sta_common(mvm, mvm_sta->sta_id);
c531c771 443 RCU_INIT_POINTER(mvm->fw_id_to_mac_id[mvm_sta->sta_id], NULL);
8ca151b5
JB		 444 }
445
446 return ret;
447}
448
449int iwl_mvm_rm_sta_id(struct iwl_mvm *mvm,
450 struct ieee80211_vif *vif,
451 u8 sta_id)
452{
453 int ret = iwl_mvm_rm_sta_common(mvm, sta_id);
454
455 lockdep_assert_held(&mvm->mutex);
456
c531c771 457 RCU_INIT_POINTER(mvm->fw_id_to_mac_id[sta_id], NULL);
8ca151b5
JB		 458 return ret;
459}
460
461int iwl_mvm_allocate_int_sta(struct iwl_mvm *mvm, struct iwl_mvm_int_sta *sta,
b92e661b 462 u32 qmask, enum nl80211_iftype iftype)
8ca151b5
JB		 463{
464 if (!test_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status)) {
b92e661b 465 sta->sta_id = iwl_mvm_find_free_sta_id(mvm, iftype);
8ca151b5
JB		 466 if (WARN_ON_ONCE(sta->sta_id == IWL_MVM_STATION_COUNT))
467 return -ENOSPC;
468 }
469
470 sta->tfd_queue_msk = qmask;
471
472 /* put a non-NULL value so iterating over the stations won't stop */
473 rcu_assign_pointer(mvm->fw_id_to_mac_id[sta->sta_id], ERR_PTR(-EINVAL));
474 return 0;
475}
476
477void iwl_mvm_dealloc_int_sta(struct iwl_mvm *mvm, struct iwl_mvm_int_sta *sta)
478{
c531c771 479 RCU_INIT_POINTER(mvm->fw_id_to_mac_id[sta->sta_id], NULL);
8ca151b5
JB		 480 memset(sta, 0, sizeof(struct iwl_mvm_int_sta));
481 sta->sta_id = IWL_MVM_STATION_COUNT;
482}
483
484static int iwl_mvm_add_int_sta_common(struct iwl_mvm *mvm,
485 struct iwl_mvm_int_sta *sta,
486 const u8 *addr,
487 u16 mac_id, u16 color)
488{
f9dc0004 489 struct iwl_mvm_add_sta_cmd cmd;
8ca151b5
JB		 490 int ret;
491 u32 status;
492
493 lockdep_assert_held(&mvm->mutex);
494
f9dc0004 495 memset(&cmd, 0, sizeof(cmd));
8ca151b5
JB		 496 cmd.sta_id = sta->sta_id;
497 cmd.mac_id_n_color = cpu_to_le32(FW_CMD_ID_AND_COLOR(mac_id,
498 color));
499
500 cmd.tfd_queue_msk = cpu_to_le32(sta->tfd_queue_msk);
501
502 if (addr)
503 memcpy(cmd.addr, addr, ETH_ALEN);
504
f9dc0004
EG		 505 ret = iwl_mvm_send_cmd_pdu_status(mvm, ADD_STA, sizeof(cmd),
506 &cmd, &status);
8ca151b5
JB		 507 if (ret)
508 return ret;
509
510 switch (status) {
511 case ADD_STA_SUCCESS:
512 IWL_DEBUG_INFO(mvm, "Internal station added.\n");
513 return 0;
514 default:
515 ret = -EIO;
516 IWL_ERR(mvm, "Add internal station failed, status=0x%x\n",
517 status);
518 break;
519 }
520 return ret;
521}
522
523int iwl_mvm_add_aux_sta(struct iwl_mvm *mvm)
524{
525 int ret;
526
527 lockdep_assert_held(&mvm->mutex);
528
529 /* Add the aux station, but without any queues */
b92e661b
EP		 530 ret = iwl_mvm_allocate_int_sta(mvm, &mvm->aux_sta, 0,
531 NL80211_IFTYPE_UNSPECIFIED);
8ca151b5
JB		 532 if (ret)
533 return ret;
534
535 ret = iwl_mvm_add_int_sta_common(mvm, &mvm->aux_sta, NULL,
536 MAC_INDEX_AUX, 0);
537
538 if (ret)
539 iwl_mvm_dealloc_int_sta(mvm, &mvm->aux_sta);
540 return ret;
541}
542
543/*
544 * Send the add station command for the vif's broadcast station.
545 * Assumes that the station was already allocated.
546 *
547 * @mvm: the mvm component
548 * @vif: the interface to which the broadcast station is added
549 * @bsta: the broadcast station to add.
550 */
551int iwl_mvm_send_bcast_sta(struct iwl_mvm *mvm, struct ieee80211_vif *vif,
552 struct iwl_mvm_int_sta *bsta)
553{
554 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
5023d966 555 static const u8 _baddr[] = {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF};
a4243402 556 const u8 *baddr = _baddr;
8ca151b5
JB		 557
558 lockdep_assert_held(&mvm->mutex);
559
5023d966
JB		 560 if (vif->type == NL80211_IFTYPE_ADHOC)
561 baddr = vif->bss_conf.bssid;
562
8ca151b5
JB		 563 if (WARN_ON_ONCE(bsta->sta_id == IWL_MVM_STATION_COUNT))
564 return -ENOSPC;
565
566 return iwl_mvm_add_int_sta_common(mvm, bsta, baddr,
567 mvmvif->id, mvmvif->color);
568}
569
570/* Send the FW a request to remove the station from it's internal data
571 * structures, but DO NOT remove the entry from the local data structures. */
572int iwl_mvm_send_rm_bcast_sta(struct iwl_mvm *mvm,
573 struct iwl_mvm_int_sta *bsta)
574{
575 int ret;
576
577 lockdep_assert_held(&mvm->mutex);
578
579 ret = iwl_mvm_rm_sta_common(mvm, bsta->sta_id);
580 if (ret)
581 IWL_WARN(mvm, "Failed sending remove station\n");
582 return ret;
583}
584
585/* Allocate a new station entry for the broadcast station to the given vif,
586 * and send it to the FW.
587 * Note that each P2P mac should have its own broadcast station.
588 *
589 * @mvm: the mvm component
590 * @vif: the interface to which the broadcast station is added
591 * @bsta: the broadcast station to add. */
592int iwl_mvm_add_bcast_sta(struct iwl_mvm *mvm, struct ieee80211_vif *vif,
593 struct iwl_mvm_int_sta *bsta)
594{
595 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
596 static const u8 baddr[] = {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF};
597 u32 qmask;
598 int ret;
599
600 lockdep_assert_held(&mvm->mutex);
601
602 qmask = iwl_mvm_mac_get_queues_mask(mvm, vif);
b92e661b
EP		 603 ret = iwl_mvm_allocate_int_sta(mvm, bsta, qmask,
604 ieee80211_vif_type_p2p(vif));
8ca151b5
JB		 605 if (ret)
606 return ret;
607
608 ret = iwl_mvm_add_int_sta_common(mvm, bsta, baddr,
609 mvmvif->id, mvmvif->color);
610
611 if (ret)
612 iwl_mvm_dealloc_int_sta(mvm, bsta);
613 return ret;
614}
615
616/*
617 * Send the FW a request to remove the station from it's internal data
618 * structures, and in addition remove it from the local data structure.
619 */
620int iwl_mvm_rm_bcast_sta(struct iwl_mvm *mvm, struct iwl_mvm_int_sta *bsta)
621{
622 int ret;
623
624 lockdep_assert_held(&mvm->mutex);
625
626 ret = iwl_mvm_rm_sta_common(mvm, bsta->sta_id);
627 if (ret)
628 return ret;
629
630 iwl_mvm_dealloc_int_sta(mvm, bsta);
631 return ret;
632}
633
113a0447
EG		 634#define IWL_MAX_RX_BA_SESSIONS 16
635
8ca151b5
JB		 636int iwl_mvm_sta_rx_agg(struct iwl_mvm *mvm, struct ieee80211_sta *sta,
637 int tid, u16 ssn, bool start)
638{
639 struct iwl_mvm_sta *mvm_sta = (void *)sta->drv_priv;
f9dc0004 640 struct iwl_mvm_add_sta_cmd cmd = {};
8ca151b5
JB		 641 int ret;
642 u32 status;
643
644 lockdep_assert_held(&mvm->mutex);
645
113a0447
EG		 646 if (start && mvm->rx_ba_sessions >= IWL_MAX_RX_BA_SESSIONS) {
647 IWL_WARN(mvm, "Not enough RX BA SESSIONS\n");
648 return -ENOSPC;
649 }
650
8ca151b5
JB		 651 cmd.mac_id_n_color = cpu_to_le32(mvm_sta->mac_id_n_color);
652 cmd.sta_id = mvm_sta->sta_id;
653 cmd.add_modify = STA_MODE_MODIFY;
93a42667
EG		 654 if (start) {
655 cmd.add_immediate_ba_tid = (u8) tid;
656 cmd.add_immediate_ba_ssn = cpu_to_le16(ssn);
657 } else {
658 cmd.remove_immediate_ba_tid = (u8) tid;
659 }
8ca151b5
JB		 660 cmd.modify_mask = start ? STA_MODIFY_ADD_BA_TID :
661 STA_MODIFY_REMOVE_BA_TID;
662
663 status = ADD_STA_SUCCESS;
f9dc0004
EG		 664 ret = iwl_mvm_send_cmd_pdu_status(mvm, ADD_STA, sizeof(cmd),
665 &cmd, &status);
8ca151b5
JB		 666 if (ret)
667 return ret;
668
669 switch (status) {
670 case ADD_STA_SUCCESS:
671 IWL_DEBUG_INFO(mvm, "RX BA Session %sed in fw\n",
672 start ? "start" : "stopp");
673 break;
674 case ADD_STA_IMMEDIATE_BA_FAILURE:
675 IWL_WARN(mvm, "RX BA Session refused by fw\n");
676 ret = -ENOSPC;
677 break;
678 default:
679 ret = -EIO;
680 IWL_ERR(mvm, "RX BA Session failed %sing, status 0x%x\n",
681 start ? "start" : "stopp", status);
682 break;
683 }
684
113a0447
EG		 685 if (!ret) {
686 if (start)
687 mvm->rx_ba_sessions++;
688 else if (mvm->rx_ba_sessions > 0)
689 /* check that restart flow didn't zero the counter */
690 mvm->rx_ba_sessions--;
691 }
692
8ca151b5
JB		 693 return ret;
694}
695
696static int iwl_mvm_sta_tx_agg(struct iwl_mvm *mvm, struct ieee80211_sta *sta,
697 int tid, u8 queue, bool start)
698{
699 struct iwl_mvm_sta *mvm_sta = (void *)sta->drv_priv;
f9dc0004 700 struct iwl_mvm_add_sta_cmd cmd = {};
8ca151b5
JB		 701 int ret;
702 u32 status;
703
704 lockdep_assert_held(&mvm->mutex);
705
706 if (start) {
707 mvm_sta->tfd_queue_msk |= BIT(queue);
708 mvm_sta->tid_disable_agg &= ~BIT(tid);
709 } else {
710 mvm_sta->tfd_queue_msk &= ~BIT(queue);
711 mvm_sta->tid_disable_agg |= BIT(tid);
712 }
713
714 cmd.mac_id_n_color = cpu_to_le32(mvm_sta->mac_id_n_color);
715 cmd.sta_id = mvm_sta->sta_id;
716 cmd.add_modify = STA_MODE_MODIFY;
717 cmd.modify_mask = STA_MODIFY_QUEUES | STA_MODIFY_TID_DISABLE_TX;
718 cmd.tfd_queue_msk = cpu_to_le32(mvm_sta->tfd_queue_msk);
719 cmd.tid_disable_tx = cpu_to_le16(mvm_sta->tid_disable_agg);
720
721 status = ADD_STA_SUCCESS;
f9dc0004
EG		 722 ret = iwl_mvm_send_cmd_pdu_status(mvm, ADD_STA, sizeof(cmd),
723 &cmd, &status);
8ca151b5
JB		 724 if (ret)
725 return ret;
726
727 switch (status) {
728 case ADD_STA_SUCCESS:
729 break;
730 default:
731 ret = -EIO;
732 IWL_ERR(mvm, "TX BA Session failed %sing, status 0x%x\n",
733 start ? "start" : "stopp", status);
734 break;
735 }
736
737 return ret;
738}
739
b797e3fb 740const u8 tid_to_mac80211_ac[] = {
8ca151b5
JB		 741 IEEE80211_AC_BE,
742 IEEE80211_AC_BK,
743 IEEE80211_AC_BK,
744 IEEE80211_AC_BE,
745 IEEE80211_AC_VI,
746 IEEE80211_AC_VI,
747 IEEE80211_AC_VO,
748 IEEE80211_AC_VO,
749};
750
3e56eadf
JB		 751static const u8 tid_to_ucode_ac[] = {
752 AC_BE,
753 AC_BK,
754 AC_BK,
755 AC_BE,
756 AC_VI,
757 AC_VI,
758 AC_VO,
759 AC_VO,
760};
761
8ca151b5
JB		 762int iwl_mvm_sta_tx_agg_start(struct iwl_mvm *mvm, struct ieee80211_vif *vif,
763 struct ieee80211_sta *sta, u16 tid, u16 *ssn)
764{
5b577a90 765 struct iwl_mvm_sta *mvmsta = iwl_mvm_sta_from_mac80211(sta);
8ca151b5
JB		 766 struct iwl_mvm_tid_data *tid_data;
767 int txq_id;
768
769 if (WARN_ON_ONCE(tid >= IWL_MAX_TID_COUNT))
770 return -EINVAL;
771
772 if (mvmsta->tid_data[tid].state != IWL_AGG_OFF) {
773 IWL_ERR(mvm, "Start AGG when state is not IWL_AGG_OFF %d!\n",
774 mvmsta->tid_data[tid].state);
775 return -ENXIO;
776 }
777
778 lockdep_assert_held(&mvm->mutex);
779
19e737c9
EL		 780 for (txq_id = mvm->first_agg_queue;
781 txq_id <= mvm->last_agg_queue; txq_id++)
8ca151b5
JB		 782 if (mvm->queue_to_mac80211[txq_id] ==
783 IWL_INVALID_MAC80211_QUEUE)
784 break;
785
19e737c9 786 if (txq_id > mvm->last_agg_queue) {
8ca151b5
JB		 787 IWL_ERR(mvm, "Failed to allocate agg queue\n");
788 return -EIO;
789 }
790
b2492501
AN		 791 spin_lock_bh(&mvmsta->lock);
792
793 /* possible race condition - we entered D0i3 while starting agg */
794 if (test_bit(IWL_MVM_STATUS_IN_D0I3, &mvm->status)) {
795 spin_unlock_bh(&mvmsta->lock);
796 IWL_ERR(mvm, "Entered D0i3 while starting Tx agg\n");
797 return -EIO;
798 }
799
8ca151b5 800 /* the new tx queue is still connected to the same mac80211 queue */
3e56eadf 801 mvm->queue_to_mac80211[txq_id] = vif->hw_queue[tid_to_mac80211_ac[tid]];
8ca151b5 802
8ca151b5 803 tid_data = &mvmsta->tid_data[tid];
9a886586 804 tid_data->ssn = IEEE80211_SEQ_TO_SN(tid_data->seq_number);
8ca151b5
JB		 805 tid_data->txq_id = txq_id;
806 *ssn = tid_data->ssn;
807
808 IWL_DEBUG_TX_QUEUES(mvm,
809 "Start AGG: sta %d tid %d queue %d - ssn = %d, next_recl = %d\n",
810 mvmsta->sta_id, tid, txq_id, tid_data->ssn,
811 tid_data->next_reclaimed);
812
813 if (tid_data->ssn == tid_data->next_reclaimed) {
814 tid_data->state = IWL_AGG_STARTING;
815 ieee80211_start_tx_ba_cb_irqsafe(vif, sta->addr, tid);
816 } else {
817 tid_data->state = IWL_EMPTYING_HW_QUEUE_ADDBA;
818 }
819
820 spin_unlock_bh(&mvmsta->lock);
821
822 return 0;
823}
824
825int iwl_mvm_sta_tx_agg_oper(struct iwl_mvm *mvm, struct ieee80211_vif *vif,
826 struct ieee80211_sta *sta, u16 tid, u8 buf_size)
827{
5b577a90 828 struct iwl_mvm_sta *mvmsta = iwl_mvm_sta_from_mac80211(sta);
8ca151b5
JB		 829 struct iwl_mvm_tid_data *tid_data = &mvmsta->tid_data[tid];
830 int queue, fifo, ret;
831 u16 ssn;
832
833 buf_size = min_t(int, buf_size, LINK_QUAL_AGG_FRAME_LIMIT_DEF);
834
835 spin_lock_bh(&mvmsta->lock);
836 ssn = tid_data->ssn;
837 queue = tid_data->txq_id;
838 tid_data->state = IWL_AGG_ON;
839 tid_data->ssn = 0xffff;
840 spin_unlock_bh(&mvmsta->lock);
841
3e56eadf 842 fifo = iwl_mvm_ac_to_tx_fifo[tid_to_mac80211_ac[tid]];
8ca151b5
JB		 843
844 ret = iwl_mvm_sta_tx_agg(mvm, sta, tid, queue, true);
845 if (ret)
846 return -EIO;
847
848 iwl_trans_txq_enable(mvm->trans, queue, fifo, mvmsta->sta_id, tid,
849 buf_size, ssn);
850
851 /*
852 * Even though in theory the peer could have different
853 * aggregation reorder buffer sizes for different sessions,
854 * our ucode doesn't allow for that and has a global limit
855 * for each station. Therefore, use the minimum of all the
856 * aggregation sessions and our default value.
857 */
858 mvmsta->max_agg_bufsize =
859 min(mvmsta->max_agg_bufsize, buf_size);
860 mvmsta->lq_sta.lq.agg_frame_cnt_limit = mvmsta->max_agg_bufsize;
861
9ee718aa
EL		 862 IWL_DEBUG_HT(mvm, "Tx aggregation enabled on ra = %pM tid = %d\n",
863 sta->addr, tid);
864
9e680946 865 return iwl_mvm_send_lq_cmd(mvm, &mvmsta->lq_sta.lq, false);
8ca151b5
JB		 866}
867
868int iwl_mvm_sta_tx_agg_stop(struct iwl_mvm *mvm, struct ieee80211_vif *vif,
869 struct ieee80211_sta *sta, u16 tid)
870{
5b577a90 871 struct iwl_mvm_sta *mvmsta = iwl_mvm_sta_from_mac80211(sta);
8ca151b5
JB		 872 struct iwl_mvm_tid_data *tid_data = &mvmsta->tid_data[tid];
873 u16 txq_id;
874 int err;
875
f9aa8dd3
EG		 876
877 /*
878 * If mac80211 is cleaning its state, then say that we finished since
879 * our state has been cleared anyway.
880 */
881 if (test_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status)) {
882 ieee80211_stop_tx_ba_cb_irqsafe(vif, sta->addr, tid);
883 return 0;
884 }
885
8ca151b5
JB		 886 spin_lock_bh(&mvmsta->lock);
887
888 txq_id = tid_data->txq_id;
889
890 IWL_DEBUG_TX_QUEUES(mvm, "Stop AGG: sta %d tid %d q %d state %d\n",
891 mvmsta->sta_id, tid, txq_id, tid_data->state);
892
893 switch (tid_data->state) {
894 case IWL_AGG_ON:
9a886586 895 tid_data->ssn = IEEE80211_SEQ_TO_SN(tid_data->seq_number);
8ca151b5
JB		 896
897 IWL_DEBUG_TX_QUEUES(mvm,
898 "ssn = %d, next_recl = %d\n",
899 tid_data->ssn, tid_data->next_reclaimed);
900
901 /* There are still packets for this RA / TID in the HW */
902 if (tid_data->ssn != tid_data->next_reclaimed) {
903 tid_data->state = IWL_EMPTYING_HW_QUEUE_DELBA;
904 err = 0;
905 break;
906 }
907
908 tid_data->ssn = 0xffff;
909 iwl_trans_txq_disable(mvm->trans, txq_id);
910 /* fall through */
911 case IWL_AGG_STARTING:
912 case IWL_EMPTYING_HW_QUEUE_ADDBA:
913 /*
914 * The agg session has been stopped before it was set up. This
915 * can happen when the AddBA timer times out for example.
916 */
917
918 /* No barriers since we are under mutex */
919 lockdep_assert_held(&mvm->mutex);
920 mvm->queue_to_mac80211[txq_id] = IWL_INVALID_MAC80211_QUEUE;
921
922 ieee80211_stop_tx_ba_cb_irqsafe(vif, sta->addr, tid);
923 tid_data->state = IWL_AGG_OFF;
924 err = 0;
925 break;
926 default:
927 IWL_ERR(mvm,
928 "Stopping AGG while state not ON or starting for %d on %d (%d)\n",
929 mvmsta->sta_id, tid, tid_data->state);
930 IWL_ERR(mvm,
931 "\ttid_data->txq_id = %d\n", tid_data->txq_id);
932 err = -EINVAL;
933 }
934
935 spin_unlock_bh(&mvmsta->lock);
936
937 return err;
938}
939
e3d9e7ce
EG		 940int iwl_mvm_sta_tx_agg_flush(struct iwl_mvm *mvm, struct ieee80211_vif *vif,
941 struct ieee80211_sta *sta, u16 tid)
942{
5b577a90 943 struct iwl_mvm_sta *mvmsta = iwl_mvm_sta_from_mac80211(sta);
e3d9e7ce
EG		 944 struct iwl_mvm_tid_data *tid_data = &mvmsta->tid_data[tid];
945 u16 txq_id;
b6658ff8 946 enum iwl_mvm_agg_state old_state;
e3d9e7ce
EG		 947
948 /*
949 * First set the agg state to OFF to avoid calling
950 * ieee80211_stop_tx_ba_cb in iwl_mvm_check_ratid_empty.
951 */
952 spin_lock_bh(&mvmsta->lock);
953 txq_id = tid_data->txq_id;
954 IWL_DEBUG_TX_QUEUES(mvm, "Flush AGG: sta %d tid %d q %d state %d\n",
955 mvmsta->sta_id, tid, txq_id, tid_data->state);
b6658ff8 956 old_state = tid_data->state;
e3d9e7ce
EG		 957 tid_data->state = IWL_AGG_OFF;
958 spin_unlock_bh(&mvmsta->lock);
959
b6658ff8
JB		 960 if (old_state >= IWL_AGG_ON) {
961 if (iwl_mvm_flush_tx_path(mvm, BIT(txq_id), true))
962 IWL_ERR(mvm, "Couldn't flush the AGG queue\n");
963
964 iwl_trans_txq_disable(mvm->trans, tid_data->txq_id);
965 }
e3d9e7ce 966
e3d9e7ce
EG		 967 mvm->queue_to_mac80211[tid_data->txq_id] =
968 IWL_INVALID_MAC80211_QUEUE;
969
970 return 0;
971}
972
8ca151b5
JB		 973static int iwl_mvm_set_fw_key_idx(struct iwl_mvm *mvm)
974{
975 int i;
976
977 lockdep_assert_held(&mvm->mutex);
978
979 i = find_first_zero_bit(mvm->fw_key_table, STA_KEY_MAX_NUM);
980
981 if (i == STA_KEY_MAX_NUM)
982 return STA_KEY_IDX_INVALID;
983
984 __set_bit(i, mvm->fw_key_table);
985
986 return i;
987}
988
989static u8 iwl_mvm_get_key_sta_id(struct ieee80211_vif *vif,
990 struct ieee80211_sta *sta)
991{
992 struct iwl_mvm_vif *mvmvif = (void *)vif->drv_priv;
993
994 if (sta) {
995 struct iwl_mvm_sta *mvm_sta = (void *)sta->drv_priv;
996
997 return mvm_sta->sta_id;
998 }
999
1000 /*
1001 * The device expects GTKs for station interfaces to be
1002 * installed as GTKs for the AP station. If we have no
1003 * station ID, then use AP's station ID.
1004 */
1005 if (vif->type == NL80211_IFTYPE_STATION &&
1006 mvmvif->ap_sta_id != IWL_MVM_STATION_COUNT)
1007 return mvmvif->ap_sta_id;
1008
881acd89 1009 return IWL_MVM_STATION_COUNT;
8ca151b5
JB		 1010}
1011
1012static int iwl_mvm_send_sta_key(struct iwl_mvm *mvm,
1013 struct iwl_mvm_sta *mvm_sta,
1014 struct ieee80211_key_conf *keyconf,
1015 u8 sta_id, u32 tkip_iv32, u16 *tkip_p1k,
1016 u32 cmd_flags)
1017{
5a258aae 1018 struct iwl_mvm_add_sta_key_cmd cmd = {};
f9dc0004 1019 __le16 key_flags;
8ca151b5
JB		 1020 int ret, status;
1021 u16 keyidx;
1022 int i;
1023
1024 keyidx = (keyconf->keyidx << STA_KEY_FLG_KEYID_POS) &
1025 STA_KEY_FLG_KEYID_MSK;
1026 key_flags = cpu_to_le16(keyidx);
1027 key_flags |= cpu_to_le16(STA_KEY_FLG_WEP_KEY_MAP);
1028
1029 switch (keyconf->cipher) {
1030 case WLAN_CIPHER_SUITE_TKIP:
1031 key_flags |= cpu_to_le16(STA_KEY_FLG_TKIP);
5a258aae 1032 cmd.tkip_rx_tsc_byte2 = tkip_iv32;
8ca151b5 1033 for (i = 0; i < 5; i++)
5a258aae
MS		 1034 cmd.tkip_rx_ttak[i] = cpu_to_le16(tkip_p1k[i]);
1035 memcpy(cmd.key, keyconf->key, keyconf->keylen);
8ca151b5
JB		 1036 break;
1037 case WLAN_CIPHER_SUITE_CCMP:
1038 key_flags |= cpu_to_le16(STA_KEY_FLG_CCM);
5a258aae 1039 memcpy(cmd.key, keyconf->key, keyconf->keylen);
8ca151b5
JB		 1040 break;
1041 default:
e36e5433
MS		 1042 key_flags |= cpu_to_le16(STA_KEY_FLG_EXT);
1043 memcpy(cmd.key, keyconf->key, keyconf->keylen);
8ca151b5
JB		 1044 }
1045
1046 if (!(keyconf->flags & IEEE80211_KEY_FLAG_PAIRWISE))
1047 key_flags |= cpu_to_le16(STA_KEY_MULTICAST);
1048
5a258aae
MS		 1049 cmd.key_offset = keyconf->hw_key_idx;
1050 cmd.key_flags = key_flags;
8ca151b5
JB		 1051 cmd.sta_id = sta_id;
1052
1053 status = ADD_STA_SUCCESS;
a1022927 1054 if (cmd_flags & CMD_ASYNC)
f9dc0004
EG		 1055 ret = iwl_mvm_send_cmd_pdu(mvm, ADD_STA_KEY, CMD_ASYNC,
1056 sizeof(cmd), &cmd);
a1022927
EG		 1057 else
1058 ret = iwl_mvm_send_cmd_pdu_status(mvm, ADD_STA_KEY, sizeof(cmd),
1059 &cmd, &status);
8ca151b5
JB		 1060
1061 switch (status) {
1062 case ADD_STA_SUCCESS:
1063 IWL_DEBUG_WEP(mvm, "MODIFY_STA: set dynamic key passed\n");
1064 break;
1065 default:
1066 ret = -EIO;
1067 IWL_ERR(mvm, "MODIFY_STA: set dynamic key failed\n");
1068 break;
1069 }
1070
1071 return ret;
1072}
1073
1074static int iwl_mvm_send_sta_igtk(struct iwl_mvm *mvm,
1075 struct ieee80211_key_conf *keyconf,
1076 u8 sta_id, bool remove_key)
1077{
1078 struct iwl_mvm_mgmt_mcast_key_cmd igtk_cmd = {};
1079
1080 /* verify the key details match the required command's expectations */
1081 if (WARN_ON((keyconf->cipher != WLAN_CIPHER_SUITE_AES_CMAC) ||
1082 (keyconf->flags & IEEE80211_KEY_FLAG_PAIRWISE) ||
1083 (keyconf->keyidx != 4 && keyconf->keyidx != 5)))
1084 return -EINVAL;
1085
1086 igtk_cmd.key_id = cpu_to_le32(keyconf->keyidx);
1087 igtk_cmd.sta_id = cpu_to_le32(sta_id);
1088
1089 if (remove_key) {
1090 igtk_cmd.ctrl_flags |= cpu_to_le32(STA_KEY_NOT_VALID);
1091 } else {
1092 struct ieee80211_key_seq seq;
1093 const u8 *pn;
1094
1095 memcpy(igtk_cmd.IGTK, keyconf->key, keyconf->keylen);
1096 ieee80211_aes_cmac_calculate_k1_k2(keyconf,
1097 igtk_cmd.K1, igtk_cmd.K2);
1098 ieee80211_get_key_rx_seq(keyconf, 0, &seq);
1099 pn = seq.aes_cmac.pn;
1100 igtk_cmd.receive_seq_cnt = cpu_to_le64(((u64) pn[5] << 0) |
1101 ((u64) pn[4] << 8) |
1102 ((u64) pn[3] << 16) |
1103 ((u64) pn[2] << 24) |
1104 ((u64) pn[1] << 32) |
1105 ((u64) pn[0] << 40));
1106 }
1107
1108 IWL_DEBUG_INFO(mvm, "%s igtk for sta %u\n",
1109 remove_key ? "removing" : "installing",
1110 igtk_cmd.sta_id);
1111
a1022927 1112 return iwl_mvm_send_cmd_pdu(mvm, MGMT_MCAST_KEY, 0,
8ca151b5
JB		 1113 sizeof(igtk_cmd), &igtk_cmd);
1114}
1115
1116
1117static inline u8 *iwl_mvm_get_mac_addr(struct iwl_mvm *mvm,
1118 struct ieee80211_vif *vif,
1119 struct ieee80211_sta *sta)
1120{
1121 struct iwl_mvm_vif *mvmvif = (void *)vif->drv_priv;
1122
1123 if (sta)
1124 return sta->addr;
1125
1126 if (vif->type == NL80211_IFTYPE_STATION &&
1127 mvmvif->ap_sta_id != IWL_MVM_STATION_COUNT) {
1128 u8 sta_id = mvmvif->ap_sta_id;
1129 sta = rcu_dereference_protected(mvm->fw_id_to_mac_id[sta_id],
1130 lockdep_is_held(&mvm->mutex));
1131 return sta->addr;
1132 }
1133
1134
1135 return NULL;
1136}
1137
1138int iwl_mvm_set_sta_key(struct iwl_mvm *mvm,
1139 struct ieee80211_vif *vif,
1140 struct ieee80211_sta *sta,
1141 struct ieee80211_key_conf *keyconf,
1142 bool have_key_offset)
1143{
1144 struct iwl_mvm_sta *mvm_sta;
1145 int ret;
1146 u8 *addr, sta_id;
1147 struct ieee80211_key_seq seq;
1148 u16 p1k[5];
1149
1150 lockdep_assert_held(&mvm->mutex);
1151
1152 /* Get the station id from the mvm local station table */
1153 sta_id = iwl_mvm_get_key_sta_id(vif, sta);
881acd89 1154 if (sta_id == IWL_MVM_STATION_COUNT) {
8ca151b5
JB		 1155 IWL_ERR(mvm, "Failed to find station id\n");
1156 return -EINVAL;
1157 }
1158
1159 if (keyconf->cipher == WLAN_CIPHER_SUITE_AES_CMAC) {
1160 ret = iwl_mvm_send_sta_igtk(mvm, keyconf, sta_id, false);
1161 goto end;
1162 }
1163
1164 /*
1165 * It is possible that the 'sta' parameter is NULL, and thus
1166 * there is a need to retrieve the sta from the local station table.
1167 */
1168 if (!sta) {
1169 sta = rcu_dereference_protected(mvm->fw_id_to_mac_id[sta_id],
1170 lockdep_is_held(&mvm->mutex));
1171 if (IS_ERR_OR_NULL(sta)) {
1172 IWL_ERR(mvm, "Invalid station id\n");
1173 return -EINVAL;
1174 }
1175 }
1176
1177 mvm_sta = (struct iwl_mvm_sta *)sta->drv_priv;
1178 if (WARN_ON_ONCE(mvm_sta->vif != vif))
1179 return -EINVAL;
1180
1181 if (!have_key_offset) {
1182 /*
1183 * The D3 firmware hardcodes the PTK offset to 0, so we have to
1184 * configure it there. As a result, this workaround exists to
1185 * let the caller set the key offset (hw_key_idx), see d3.c.
1186 */
1187 keyconf->hw_key_idx = iwl_mvm_set_fw_key_idx(mvm);
1188 if (keyconf->hw_key_idx == STA_KEY_IDX_INVALID)
1189 return -ENOSPC;
1190 }
1191
1192 switch (keyconf->cipher) {
1193 case WLAN_CIPHER_SUITE_TKIP:
1194 addr = iwl_mvm_get_mac_addr(mvm, vif, sta);
1195 /* get phase 1 key from mac80211 */
1196 ieee80211_get_key_rx_seq(keyconf, 0, &seq);
1197 ieee80211_get_tkip_rx_p1k(keyconf, addr, seq.tkip.iv32, p1k);
1198 ret = iwl_mvm_send_sta_key(mvm, mvm_sta, keyconf, sta_id,
a1022927 1199 seq.tkip.iv32, p1k, 0);
8ca151b5
JB		 1200 break;
1201 case WLAN_CIPHER_SUITE_CCMP:
1202 ret = iwl_mvm_send_sta_key(mvm, mvm_sta, keyconf, sta_id,
a1022927 1203 0, NULL, 0);
8ca151b5
JB		 1204 break;
1205 default:
e36e5433 1206 ret = iwl_mvm_send_sta_key(mvm, mvm_sta, keyconf,
a1022927 1207 sta_id, 0, NULL, 0);
8ca151b5
JB		 1208 }
1209
1210 if (ret)
1211 __clear_bit(keyconf->hw_key_idx, mvm->fw_key_table);
1212
1213end:
1214 IWL_DEBUG_WEP(mvm, "key: cipher=%x len=%d idx=%d sta=%pM ret=%d\n",
1215 keyconf->cipher, keyconf->keylen, keyconf->keyidx,
1216 sta->addr, ret);
1217 return ret;
1218}
1219
1220int iwl_mvm_remove_sta_key(struct iwl_mvm *mvm,
1221 struct ieee80211_vif *vif,
1222 struct ieee80211_sta *sta,
1223 struct ieee80211_key_conf *keyconf)
1224{
1225 struct iwl_mvm_sta *mvm_sta;
5a258aae 1226 struct iwl_mvm_add_sta_key_cmd cmd = {};
8ca151b5
JB		 1227 __le16 key_flags;
1228 int ret, status;
1229 u8 sta_id;
1230
1231 lockdep_assert_held(&mvm->mutex);
1232
1233 /* Get the station id from the mvm local station table */
1234 sta_id = iwl_mvm_get_key_sta_id(vif, sta);
1235
1236 IWL_DEBUG_WEP(mvm, "mvm remove dynamic key: idx=%d sta=%d\n",
1237 keyconf->keyidx, sta_id);
1238
1239 if (keyconf->cipher == WLAN_CIPHER_SUITE_AES_CMAC)
1240 return iwl_mvm_send_sta_igtk(mvm, keyconf, sta_id, true);
1241
1242 ret = __test_and_clear_bit(keyconf->hw_key_idx, mvm->fw_key_table);
1243 if (!ret) {
1244 IWL_ERR(mvm, "offset %d not used in fw key table.\n",
1245 keyconf->hw_key_idx);
1246 return -ENOENT;
1247 }
1248
881acd89 1249 if (sta_id == IWL_MVM_STATION_COUNT) {
8ca151b5
JB		 1250 IWL_DEBUG_WEP(mvm, "station non-existent, early return.\n");
1251 return 0;
1252 }
1253
1254 /*
1255 * It is possible that the 'sta' parameter is NULL, and thus
1256 * there is a need to retrieve the sta from the local station table,
1257 * for example when a GTK is removed (where the sta_id will then be
1258 * the AP ID, and no station was passed by mac80211.)
1259 */
1260 if (!sta) {
1261 sta = rcu_dereference_protected(mvm->fw_id_to_mac_id[sta_id],
1262 lockdep_is_held(&mvm->mutex));
1263 if (!sta) {
1264 IWL_ERR(mvm, "Invalid station id\n");
1265 return -EINVAL;
1266 }
1267 }
1268
1269 mvm_sta = (struct iwl_mvm_sta *)sta->drv_priv;
1270 if (WARN_ON_ONCE(mvm_sta->vif != vif))
1271 return -EINVAL;
1272
8115efbd
EG		 1273 key_flags = cpu_to_le16((keyconf->keyidx << STA_KEY_FLG_KEYID_POS) &
1274 STA_KEY_FLG_KEYID_MSK);
8ca151b5
JB		 1275 key_flags |= cpu_to_le16(STA_KEY_FLG_NO_ENC | STA_KEY_FLG_WEP_KEY_MAP);
1276 key_flags |= cpu_to_le16(STA_KEY_NOT_VALID);
1277
1278 if (!(keyconf->flags & IEEE80211_KEY_FLAG_PAIRWISE))
1279 key_flags |= cpu_to_le16(STA_KEY_MULTICAST);
1280
5a258aae
MS		 1281 cmd.key_flags = key_flags;
1282 cmd.key_offset = keyconf->hw_key_idx;
8ca151b5
JB		 1283 cmd.sta_id = sta_id;
1284
8ca151b5 1285 status = ADD_STA_SUCCESS;
f9dc0004
EG		 1286 ret = iwl_mvm_send_cmd_pdu_status(mvm, ADD_STA_KEY, sizeof(cmd),
1287 &cmd, &status);
8ca151b5
JB		 1288
1289 switch (status) {
1290 case ADD_STA_SUCCESS:
1291 IWL_DEBUG_WEP(mvm, "MODIFY_STA: remove sta key passed\n");
1292 break;
1293 default:
1294 ret = -EIO;
1295 IWL_ERR(mvm, "MODIFY_STA: remove sta key failed\n");
1296 break;
1297 }
1298
1299 return ret;
1300}
1301
1302void iwl_mvm_update_tkip_key(struct iwl_mvm *mvm,
1303 struct ieee80211_vif *vif,
1304 struct ieee80211_key_conf *keyconf,
1305 struct ieee80211_sta *sta, u32 iv32,
1306 u16 *phase1key)
1307{
c3eb536a 1308 struct iwl_mvm_sta *mvm_sta;
8ca151b5
JB		 1309 u8 sta_id = iwl_mvm_get_key_sta_id(vif, sta);
1310
881acd89 1311 if (WARN_ON_ONCE(sta_id == IWL_MVM_STATION_COUNT))
8ca151b5
JB		 1312 return;
1313
c3eb536a
BL		 1314 rcu_read_lock();
1315
1316 if (!sta) {
1317 sta = rcu_dereference(mvm->fw_id_to_mac_id[sta_id]);
1318 if (WARN_ON(IS_ERR_OR_NULL(sta))) {
1319 rcu_read_unlock();
1320 return;
1321 }
1322 }
1323
1324 mvm_sta = (void *)sta->drv_priv;
8ca151b5
JB		 1325 iwl_mvm_send_sta_key(mvm, mvm_sta, keyconf, sta_id,
1326 iv32, phase1key, CMD_ASYNC);
c3eb536a 1327 rcu_read_unlock();
8ca151b5
JB		 1328}
1329
9cc40712
JB		 1330void iwl_mvm_sta_modify_ps_wake(struct iwl_mvm *mvm,
1331 struct ieee80211_sta *sta)
8ca151b5 1332{
5b577a90 1333 struct iwl_mvm_sta *mvmsta = iwl_mvm_sta_from_mac80211(sta);
f9dc0004 1334 struct iwl_mvm_add_sta_cmd cmd = {
8ca151b5 1335 .add_modify = STA_MODE_MODIFY,
9cc40712 1336 .sta_id = mvmsta->sta_id,
5af01772 1337 .station_flags_msk = cpu_to_le32(STA_FLG_PS),
9cc40712 1338 .mac_id_n_color = cpu_to_le32(mvmsta->mac_id_n_color),
8ca151b5
JB		 1339 };
1340 int ret;
1341
f9dc0004 1342 ret = iwl_mvm_send_cmd_pdu(mvm, ADD_STA, CMD_ASYNC, sizeof(cmd), &cmd);
8ca151b5
JB		 1343 if (ret)
1344 IWL_ERR(mvm, "Failed to send ADD_STA command (%d)\n", ret);
1345}
1346
9cc40712
JB		 1347void iwl_mvm_sta_modify_sleep_tx_count(struct iwl_mvm *mvm,
1348 struct ieee80211_sta *sta,
8ca151b5 1349 enum ieee80211_frame_release_type reason,
3e56eadf
JB		 1350 u16 cnt, u16 tids, bool more_data,
1351 bool agg)
8ca151b5 1352{
5b577a90 1353 struct iwl_mvm_sta *mvmsta = iwl_mvm_sta_from_mac80211(sta);
f9dc0004 1354 struct iwl_mvm_add_sta_cmd cmd = {
8ca151b5 1355 .add_modify = STA_MODE_MODIFY,
9cc40712 1356 .sta_id = mvmsta->sta_id,
8ca151b5
JB		 1357 .modify_mask = STA_MODIFY_SLEEPING_STA_TX_COUNT,
1358 .sleep_tx_count = cpu_to_le16(cnt),
9cc40712 1359 .mac_id_n_color = cpu_to_le32(mvmsta->mac_id_n_color),
8ca151b5 1360 };
3e56eadf
JB		 1361 int tid, ret;
1362 unsigned long _tids = tids;
1363
1364 /* convert TIDs to ACs - we don't support TSPEC so that's OK
1365 * Note that this field is reserved and unused by firmware not
1366 * supporting GO uAPSD, so it's safe to always do this.
1367 */
1368 for_each_set_bit(tid, &_tids, IWL_MAX_TID_COUNT)
1369 cmd.awake_acs |= BIT(tid_to_ucode_ac[tid]);
1370
1371 /* If we're releasing frames from aggregation queues then check if the
1372 * all queues combined that we're releasing frames from have
1373 * - more frames than the service period, in which case more_data
1374 * needs to be set
1375 * - fewer than 'cnt' frames, in which case we need to adjust the
1376 * firmware command (but do that unconditionally)
1377 */
1378 if (agg) {
1379 int remaining = cnt;
1380
1381 spin_lock_bh(&mvmsta->lock);
1382 for_each_set_bit(tid, &_tids, IWL_MAX_TID_COUNT) {
1383 struct iwl_mvm_tid_data *tid_data;
1384 u16 n_queued;
1385
1386 tid_data = &mvmsta->tid_data[tid];
1387 if (WARN(tid_data->state != IWL_AGG_ON &&
1388 tid_data->state != IWL_EMPTYING_HW_QUEUE_DELBA,
1389 "TID %d state is %d\n",
1390 tid, tid_data->state)) {
1391 spin_unlock_bh(&mvmsta->lock);
1392 ieee80211_sta_eosp(sta);
1393 return;
1394 }
1395
1396 n_queued = iwl_mvm_tid_queued(tid_data);
1397 if (n_queued > remaining) {
1398 more_data = true;
1399 remaining = 0;
1400 break;
1401 }
1402 remaining -= n_queued;
1403 }
1404 spin_unlock_bh(&mvmsta->lock);
1405
1406 cmd.sleep_tx_count = cpu_to_le16(cnt - remaining);
1407 if (WARN_ON(cnt - remaining == 0)) {
1408 ieee80211_sta_eosp(sta);
1409 return;
1410 }
1411 }
1412
1413 /* Note: this is ignored by firmware not supporting GO uAPSD */
1414 if (more_data)
1415 cmd.sleep_state_flags |= cpu_to_le16(STA_SLEEP_STATE_MOREDATA);
1416
1417 if (reason == IEEE80211_FRAME_RELEASE_PSPOLL) {
1418 mvmsta->next_status_eosp = true;
1419 cmd.sleep_state_flags |= cpu_to_le16(STA_SLEEP_STATE_PS_POLL);
1420 } else {
1421 cmd.sleep_state_flags |= cpu_to_le16(STA_SLEEP_STATE_UAPSD);
1422 }
8ca151b5 1423
f9dc0004 1424 ret = iwl_mvm_send_cmd_pdu(mvm, ADD_STA, CMD_ASYNC, sizeof(cmd), &cmd);
8ca151b5
JB		 1425 if (ret)
1426 IWL_ERR(mvm, "Failed to send ADD_STA command (%d)\n", ret);
1427}
3e56eadf
JB		 1428
1429int iwl_mvm_rx_eosp_notif(struct iwl_mvm *mvm,
1430 struct iwl_rx_cmd_buffer *rxb,
1431 struct iwl_device_cmd *cmd)
1432{
1433 struct iwl_rx_packet *pkt = rxb_addr(rxb);
1434 struct iwl_mvm_eosp_notification *notif = (void *)pkt->data;
1435 struct ieee80211_sta *sta;
1436 u32 sta_id = le32_to_cpu(notif->sta_id);
1437
1438 if (WARN_ON_ONCE(sta_id >= IWL_MVM_STATION_COUNT))
1439 return 0;
1440
1441 rcu_read_lock();
1442 sta = rcu_dereference(mvm->fw_id_to_mac_id[sta_id]);
1443 if (!IS_ERR_OR_NULL(sta))
1444 ieee80211_sta_eosp(sta);
1445 rcu_read_unlock();
1446
1447 return 0;
1448}
09b0ce1a
AO		 1449
1450void iwl_mvm_sta_modify_disable_tx(struct iwl_mvm *mvm,
1451 struct iwl_mvm_sta *mvmsta, bool disable)
1452{
1453 struct iwl_mvm_add_sta_cmd cmd = {
1454 .add_modify = STA_MODE_MODIFY,
1455 .sta_id = mvmsta->sta_id,
1456 .station_flags = disable ? cpu_to_le32(STA_FLG_DISABLE_TX) : 0,
1457 .station_flags_msk = cpu_to_le32(STA_FLG_DISABLE_TX),
1458 .mac_id_n_color = cpu_to_le32(mvmsta->mac_id_n_color),
1459 };
1460 int ret;
1461
1462 if (!(mvm->fw->ucode_capa.api[0] & IWL_UCODE_TLV_API_DISABLE_STA_TX))
1463 return;
1464
1465 ret = iwl_mvm_send_cmd_pdu(mvm, ADD_STA, CMD_ASYNC, sizeof(cmd), &cmd);
1466 if (ret)
1467 IWL_ERR(mvm, "Failed to send ADD_STA command (%d)\n", ret);
1468}
003e5236
AO		 1469
1470void iwl_mvm_sta_modify_disable_tx_ap(struct iwl_mvm *mvm,
1471 struct ieee80211_sta *sta,
1472 bool disable)
1473{
1474 struct iwl_mvm_sta *mvm_sta = iwl_mvm_sta_from_mac80211(sta);
1475
1476 spin_lock_bh(&mvm_sta->lock);
1477
1478 if (mvm_sta->disable_tx == disable) {
1479 spin_unlock_bh(&mvm_sta->lock);
1480 return;
1481 }
1482
1483 mvm_sta->disable_tx = disable;
1484
1485 /*
1486 * Tell mac80211 to start/stop queueing tx for this station,
1487 * but don't stop queueing if there are still pending frames
1488 * for this station.
1489 */
1490 if (disable || !atomic_read(&mvm->pending_frames[mvm_sta->sta_id]))
1491 ieee80211_sta_block_awake(mvm->hw, sta, disable);
1492
1493 iwl_mvm_sta_modify_disable_tx(mvm, mvm_sta, disable);
1494
1495 spin_unlock_bh(&mvm_sta->lock);
1496}
1497
1498void iwl_mvm_modify_all_sta_disable_tx(struct iwl_mvm *mvm,
1499 struct iwl_mvm_vif *mvmvif,
1500 bool disable)
1501{
1502 struct ieee80211_sta *sta;
1503 struct iwl_mvm_sta *mvm_sta;
1504 int i;
1505
1506 lockdep_assert_held(&mvm->mutex);
1507
1508 /* Block/unblock all the stations of the given mvmvif */
1509 for (i = 0; i < IWL_MVM_STATION_COUNT; i++) {
1510 sta = rcu_dereference_protected(mvm->fw_id_to_mac_id[i],
1511 lockdep_is_held(&mvm->mutex));
1512 if (IS_ERR_OR_NULL(sta))
1513 continue;
1514
1515 mvm_sta = iwl_mvm_sta_from_mac80211(sta);
1516 if (mvm_sta->mac_id_n_color !=
1517 FW_CMD_ID_AND_COLOR(mvmvif->id, mvmvif->color))
1518 continue;
1519
1520 iwl_mvm_sta_modify_disable_tx_ap(mvm, sta, disable);
1521 }
1522}
Ubuntu Focal Linux kernel mirror