]> git.proxmox.com Git - mirror_ubuntu-hirsute-kernel.git/blob - drivers/net/wireless/intel/iwlwifi/mvm/sta.c
projects / mirror_ubuntu-hirsute-kernel.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge tag 'nfc-next-4.7-1' of git://git.kernel.org/pub/scm/linux/kernel/git/sameo...
[mirror_ubuntu-hirsute-kernel.git] / drivers / net / wireless / intel / iwlwifi / mvm / sta.c
1 /******************************************************************************
2 *
3 * This file is provided under a dual BSD/GPLv2 license. When using or
4 * redistributing this file, you may do so under either license.
5 *
6 * GPL LICENSE SUMMARY
7 *
8 * Copyright(c) 2012 - 2015 Intel Corporation. All rights reserved.
9 * Copyright(c) 2013 - 2015 Intel Mobile Communications GmbH
10 * Copyright(c) 2016 Intel Deutschland GmbH
11 *
12 * This program is free software; you can redistribute it and/or modify
13 * it under the terms of version 2 of the GNU General Public License as
14 * published by the Free Software Foundation.
15 *
16 * This program is distributed in the hope that it will be useful, but
17 * WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
19 * General Public License for more details.
20 *
21 * You should have received a copy of the GNU General Public License
22 * along with this program; if not, write to the Free Software
23 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110,
24 * USA
25 *
26 * The full GNU General Public License is included in this distribution
27 * in the file called COPYING.
28 *
29 * Contact Information:
30 * Intel Linux Wireless <linuxwifi@intel.com>
31 * Intel Corporation, 5200 N.E. Elam Young Parkway, Hillsboro, OR 97124-6497
32 *
33 * BSD LICENSE
34 *
35 * Copyright(c) 2012 - 2015 Intel Corporation. All rights reserved.
36 * Copyright(c) 2013 - 2015 Intel Mobile Communications GmbH
37 * Copyright(c) 2016 Intel Deutschland GmbH
38 * All rights reserved.
39 *
40 * Redistribution and use in source and binary forms, with or without
41 * modification, are permitted provided that the following conditions
42 * are met:
43 *
44 * * Redistributions of source code must retain the above copyright
45 * notice, this list of conditions and the following disclaimer.
46 * * Redistributions in binary form must reproduce the above copyright
47 * notice, this list of conditions and the following disclaimer in
48 * the documentation and/or other materials provided with the
49 * distribution.
50 * * Neither the name Intel Corporation nor the names of its
51 * contributors may be used to endorse or promote products derived
52 * from this software without specific prior written permission.
53 *
54 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
55 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
56 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
57 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
58 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
59 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
60 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
61 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
62 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
63 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
64 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
65 *
66 *****************************************************************************/
67 #include <net/mac80211.h>
68
69 #include "mvm.h"
70 #include "sta.h"
71 #include "rs.h"
72
73 /*
74 * New version of ADD_STA_sta command added new fields at the end of the
75 * structure, so sending the size of the relevant API's structure is enough to
76 * support both API versions.
77 */
78 static inline int iwl_mvm_add_sta_cmd_size(struct iwl_mvm *mvm)
79 {
80 return iwl_mvm_has_new_rx_api(mvm) ?
81 sizeof(struct iwl_mvm_add_sta_cmd) :
82 sizeof(struct iwl_mvm_add_sta_cmd_v7);
83 }
84
85 static int iwl_mvm_find_free_sta_id(struct iwl_mvm *mvm,
86 enum nl80211_iftype iftype)
87 {
88 int sta_id;
89 u32 reserved_ids = 0;
90
91 BUILD_BUG_ON(IWL_MVM_STATION_COUNT > 32);
92 WARN_ON_ONCE(test_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status));
93
94 lockdep_assert_held(&mvm->mutex);
95
96 /* d0i3/d3 assumes the AP's sta_id (of sta vif) is 0. reserve it. */
97 if (iftype != NL80211_IFTYPE_STATION)
98 reserved_ids = BIT(0);
99
100 /* Don't take rcu_read_lock() since we are protected by mvm->mutex */
101 for (sta_id = 0; sta_id < IWL_MVM_STATION_COUNT; sta_id++) {
102 if (BIT(sta_id) & reserved_ids)
103 continue;
104
105 if (!rcu_dereference_protected(mvm->fw_id_to_mac_id[sta_id],
106 lockdep_is_held(&mvm->mutex)))
107 return sta_id;
108 }
109 return IWL_MVM_STATION_COUNT;
110 }
111
112 /* send station add/update command to firmware */
113 int iwl_mvm_sta_send_to_fw(struct iwl_mvm *mvm, struct ieee80211_sta *sta,
114 bool update, unsigned int flags)
115 {
116 struct iwl_mvm_sta *mvm_sta = iwl_mvm_sta_from_mac80211(sta);
117 struct iwl_mvm_add_sta_cmd add_sta_cmd = {
118 .sta_id = mvm_sta->sta_id,
119 .mac_id_n_color = cpu_to_le32(mvm_sta->mac_id_n_color),
120 .add_modify = update ? 1 : 0,
121 .station_flags_msk = cpu_to_le32(STA_FLG_FAT_EN_MSK |
122 STA_FLG_MIMO_EN_MSK),
123 .tid_disable_tx = cpu_to_le16(mvm_sta->tid_disable_agg),
124 };
125 int ret;
126 u32 status;
127 u32 agg_size = 0, mpdu_dens = 0;
128
129 if (!update || (flags & STA_MODIFY_QUEUES)) {
130 add_sta_cmd.tfd_queue_msk = cpu_to_le32(mvm_sta->tfd_queue_msk);
131 memcpy(&add_sta_cmd.addr, sta->addr, ETH_ALEN);
132
133 if (flags & STA_MODIFY_QUEUES)
134 add_sta_cmd.modify_mask |= STA_MODIFY_QUEUES;
135 }
136
137 switch (sta->bandwidth) {
138 case IEEE80211_STA_RX_BW_160:
139 add_sta_cmd.station_flags |= cpu_to_le32(STA_FLG_FAT_EN_160MHZ);
140 /* fall through */
141 case IEEE80211_STA_RX_BW_80:
142 add_sta_cmd.station_flags |= cpu_to_le32(STA_FLG_FAT_EN_80MHZ);
143 /* fall through */
144 case IEEE80211_STA_RX_BW_40:
145 add_sta_cmd.station_flags |= cpu_to_le32(STA_FLG_FAT_EN_40MHZ);
146 /* fall through */
147 case IEEE80211_STA_RX_BW_20:
148 if (sta->ht_cap.ht_supported)
149 add_sta_cmd.station_flags |=
150 cpu_to_le32(STA_FLG_FAT_EN_20MHZ);
151 break;
152 }
153
154 switch (sta->rx_nss) {
155 case 1:
156 add_sta_cmd.station_flags |= cpu_to_le32(STA_FLG_MIMO_EN_SISO);
157 break;
158 case 2:
159 add_sta_cmd.station_flags |= cpu_to_le32(STA_FLG_MIMO_EN_MIMO2);
160 break;
161 case 3 ... 8:
162 add_sta_cmd.station_flags |= cpu_to_le32(STA_FLG_MIMO_EN_MIMO3);
163 break;
164 }
165
166 switch (sta->smps_mode) {
167 case IEEE80211_SMPS_AUTOMATIC:
168 case IEEE80211_SMPS_NUM_MODES:
169 WARN_ON(1);
170 break;
171 case IEEE80211_SMPS_STATIC:
172 /* override NSS */
173 add_sta_cmd.station_flags &= ~cpu_to_le32(STA_FLG_MIMO_EN_MSK);
174 add_sta_cmd.station_flags |= cpu_to_le32(STA_FLG_MIMO_EN_SISO);
175 break;
176 case IEEE80211_SMPS_DYNAMIC:
177 add_sta_cmd.station_flags |= cpu_to_le32(STA_FLG_RTS_MIMO_PROT);
178 break;
179 case IEEE80211_SMPS_OFF:
180 /* nothing */
181 break;
182 }
183
184 if (sta->ht_cap.ht_supported) {
185 add_sta_cmd.station_flags_msk |=
186 cpu_to_le32(STA_FLG_MAX_AGG_SIZE_MSK |
187 STA_FLG_AGG_MPDU_DENS_MSK);
188
189 mpdu_dens = sta->ht_cap.ampdu_density;
190 }
191
192 if (sta->vht_cap.vht_supported) {
193 agg_size = sta->vht_cap.cap &
194 IEEE80211_VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MASK;
195 agg_size >>=
196 IEEE80211_VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_SHIFT;
197 } else if (sta->ht_cap.ht_supported) {
198 agg_size = sta->ht_cap.ampdu_factor;
199 }
200
201 add_sta_cmd.station_flags |=
202 cpu_to_le32(agg_size << STA_FLG_MAX_AGG_SIZE_SHIFT);
203 add_sta_cmd.station_flags |=
204 cpu_to_le32(mpdu_dens << STA_FLG_AGG_MPDU_DENS_SHIFT);
205
206 status = ADD_STA_SUCCESS;
207 ret = iwl_mvm_send_cmd_pdu_status(mvm, ADD_STA,
208 iwl_mvm_add_sta_cmd_size(mvm),
209 &add_sta_cmd, &status);
210 if (ret)
211 return ret;
212
213 switch (status & IWL_ADD_STA_STATUS_MASK) {
214 case ADD_STA_SUCCESS:
215 IWL_DEBUG_ASSOC(mvm, "ADD_STA PASSED\n");
216 break;
217 default:
218 ret = -EIO;
219 IWL_ERR(mvm, "ADD_STA failed\n");
220 break;
221 }
222
223 return ret;
224 }
225
226 static int iwl_mvm_tdls_sta_init(struct iwl_mvm *mvm,
227 struct ieee80211_sta *sta)
228 {
229 unsigned long used_hw_queues;
230 struct iwl_mvm_sta *mvmsta = iwl_mvm_sta_from_mac80211(sta);
231 unsigned int wdg_timeout =
232 iwl_mvm_get_wd_timeout(mvm, NULL, true, false);
233 u32 ac;
234
235 lockdep_assert_held(&mvm->mutex);
236
237 used_hw_queues = iwl_mvm_get_used_hw_queues(mvm, NULL);
238
239 /* Find available queues, and allocate them to the ACs */
240 for (ac = 0; ac < IEEE80211_NUM_ACS; ac++) {
241 u8 queue = find_first_zero_bit(&used_hw_queues,
242 mvm->first_agg_queue);
243
244 if (queue >= mvm->first_agg_queue) {
245 IWL_ERR(mvm, "Failed to allocate STA queue\n");
246 return -EBUSY;
247 }
248
249 __set_bit(queue, &used_hw_queues);
250 mvmsta->hw_queue[ac] = queue;
251 }
252
253 /* Found a place for all queues - enable them */
254 for (ac = 0; ac < IEEE80211_NUM_ACS; ac++) {
255 iwl_mvm_enable_ac_txq(mvm, mvmsta->hw_queue[ac],
256 mvmsta->hw_queue[ac],
257 iwl_mvm_ac_to_tx_fifo[ac], 0,
258 wdg_timeout);
259 mvmsta->tfd_queue_msk |= BIT(mvmsta->hw_queue[ac]);
260 }
261
262 return 0;
263 }
264
265 static void iwl_mvm_tdls_sta_deinit(struct iwl_mvm *mvm,
266 struct ieee80211_sta *sta)
267 {
268 struct iwl_mvm_sta *mvmsta = iwl_mvm_sta_from_mac80211(sta);
269 unsigned long sta_msk;
270 int i;
271
272 lockdep_assert_held(&mvm->mutex);
273
274 /* disable the TDLS STA-specific queues */
275 sta_msk = mvmsta->tfd_queue_msk;
276 for_each_set_bit(i, &sta_msk, sizeof(sta_msk) * BITS_PER_BYTE)
277 iwl_mvm_disable_txq(mvm, i, i, IWL_MAX_TID_COUNT, 0);
278 }
279
280 static int iwl_mvm_sta_alloc_queue(struct iwl_mvm *mvm,
281 struct ieee80211_sta *sta, u8 ac, int tid,
282 struct ieee80211_hdr *hdr)
283 {
284 struct iwl_mvm_sta *mvmsta = iwl_mvm_sta_from_mac80211(sta);
285 struct iwl_trans_txq_scd_cfg cfg = {
286 .fifo = iwl_mvm_ac_to_tx_fifo[ac],
287 .sta_id = mvmsta->sta_id,
288 .tid = tid,
289 .frame_limit = IWL_FRAME_LIMIT,
290 };
291 unsigned int wdg_timeout =
292 iwl_mvm_get_wd_timeout(mvm, mvmsta->vif, false, false);
293 u8 mac_queue = mvmsta->vif->hw_queue[ac];
294 int queue = -1;
295 int ssn;
296
297 lockdep_assert_held(&mvm->mutex);
298
299 spin_lock_bh(&mvm->queue_info_lock);
300
301 /*
302 * Non-QoS, QoS NDP and MGMT frames should go to a MGMT queue, if one
303 * exists
304 */
305 if (!ieee80211_is_data_qos(hdr->frame_control) ||
306 ieee80211_is_qos_nullfunc(hdr->frame_control)) {
307 queue = iwl_mvm_find_free_queue(mvm, IWL_MVM_DQA_MIN_MGMT_QUEUE,
308 IWL_MVM_DQA_MAX_MGMT_QUEUE);
309 if (queue >= IWL_MVM_DQA_MIN_MGMT_QUEUE)
310 IWL_DEBUG_TX_QUEUES(mvm, "Found free MGMT queue #%d\n",
311 queue);
312
313 /* If no such queue is found, we'll use a DATA queue instead */
314 }
315
316 if (queue < 0 && mvmsta->reserved_queue != IEEE80211_INVAL_HW_QUEUE) {
317 queue = mvmsta->reserved_queue;
318 IWL_DEBUG_TX_QUEUES(mvm, "Using reserved queue #%d\n", queue);
319 }
320
321 if (queue < 0)
322 queue = iwl_mvm_find_free_queue(mvm, IWL_MVM_DQA_MIN_DATA_QUEUE,
323 IWL_MVM_DQA_MAX_DATA_QUEUE);
324 if (queue >= 0)
325 mvm->queue_info[queue].setup_reserved = false;
326
327 spin_unlock_bh(&mvm->queue_info_lock);
328
329 /* TODO: support shared queues for same RA */
330 if (queue < 0)
331 return -ENOSPC;
332
333 /*
334 * Actual en/disablement of aggregations is through the ADD_STA HCMD,
335 * but for configuring the SCD to send A-MPDUs we need to mark the queue
336 * as aggregatable.
337 * Mark all DATA queues as allowing to be aggregated at some point
338 */
339 cfg.aggregate = (queue >= IWL_MVM_DQA_MIN_DATA_QUEUE ||
340 queue == IWL_MVM_DQA_BSS_CLIENT_QUEUE);
341
342 IWL_DEBUG_TX_QUEUES(mvm, "Allocating queue #%d to sta %d on tid %d\n",
343 queue, mvmsta->sta_id, tid);
344
345 ssn = IEEE80211_SEQ_TO_SN(le16_to_cpu(hdr->seq_ctrl));
346 iwl_mvm_enable_txq(mvm, queue, mac_queue, ssn, &cfg,
347 wdg_timeout);
348
349 spin_lock_bh(&mvmsta->lock);
350 mvmsta->tid_data[tid].txq_id = queue;
351 mvmsta->tfd_queue_msk |= BIT(queue);
352
353 if (mvmsta->reserved_queue == queue)
354 mvmsta->reserved_queue = IEEE80211_INVAL_HW_QUEUE;
355 spin_unlock_bh(&mvmsta->lock);
356
357 return iwl_mvm_sta_send_to_fw(mvm, sta, true, STA_MODIFY_QUEUES);
358 }
359
360 static inline u8 iwl_mvm_tid_to_ac_queue(int tid)
361 {
362 if (tid == IWL_MAX_TID_COUNT)
363 return IEEE80211_AC_VO; /* MGMT */
364
365 return tid_to_mac80211_ac[tid];
366 }
367
368 static void iwl_mvm_tx_deferred_stream(struct iwl_mvm *mvm,
369 struct ieee80211_sta *sta, int tid)
370 {
371 struct iwl_mvm_sta *mvmsta = iwl_mvm_sta_from_mac80211(sta);
372 struct iwl_mvm_tid_data *tid_data = &mvmsta->tid_data[tid];
373 struct sk_buff *skb;
374 struct ieee80211_hdr *hdr;
375 struct sk_buff_head deferred_tx;
376 u8 mac_queue;
377 bool no_queue = false; /* Marks if there is a problem with the queue */
378 u8 ac;
379
380 lockdep_assert_held(&mvm->mutex);
381
382 skb = skb_peek(&tid_data->deferred_tx_frames);
383 if (!skb)
384 return;
385 hdr = (void *)skb->data;
386
387 ac = iwl_mvm_tid_to_ac_queue(tid);
388 mac_queue = IEEE80211_SKB_CB(skb)->hw_queue;
389
390 if (tid_data->txq_id == IEEE80211_INVAL_HW_QUEUE &&
391 iwl_mvm_sta_alloc_queue(mvm, sta, ac, tid, hdr)) {
392 IWL_ERR(mvm,
393 "Can't alloc TXQ for sta %d tid %d - dropping frame\n",
394 mvmsta->sta_id, tid);
395
396 /*
397 * Mark queue as problematic so later the deferred traffic is
398 * freed, as we can do nothing with it
399 */
400 no_queue = true;
401 }
402
403 __skb_queue_head_init(&deferred_tx);
404
405 /* Disable bottom-halves when entering TX path */
406 local_bh_disable();
407 spin_lock(&mvmsta->lock);
408 skb_queue_splice_init(&tid_data->deferred_tx_frames, &deferred_tx);
409 spin_unlock(&mvmsta->lock);
410
411 while ((skb = __skb_dequeue(&deferred_tx)))
412 if (no_queue || iwl_mvm_tx_skb(mvm, skb, sta))
413 ieee80211_free_txskb(mvm->hw, skb);
414 local_bh_enable();
415
416 /* Wake queue */
417 iwl_mvm_start_mac_queues(mvm, BIT(mac_queue));
418 }
419
420 void iwl_mvm_add_new_dqa_stream_wk(struct work_struct *wk)
421 {
422 struct iwl_mvm *mvm = container_of(wk, struct iwl_mvm,
423 add_stream_wk);
424 struct ieee80211_sta *sta;
425 struct iwl_mvm_sta *mvmsta;
426 unsigned long deferred_tid_traffic;
427 int sta_id, tid;
428
429 mutex_lock(&mvm->mutex);
430
431 /* Go over all stations with deferred traffic */
432 for_each_set_bit(sta_id, mvm->sta_deferred_frames,
433 IWL_MVM_STATION_COUNT) {
434 clear_bit(sta_id, mvm->sta_deferred_frames);
435 sta = rcu_dereference_protected(mvm->fw_id_to_mac_id[sta_id],
436 lockdep_is_held(&mvm->mutex));
437 if (IS_ERR_OR_NULL(sta))
438 continue;
439
440 mvmsta = iwl_mvm_sta_from_mac80211(sta);
441 deferred_tid_traffic = mvmsta->deferred_traffic_tid_map;
442
443 for_each_set_bit(tid, &deferred_tid_traffic,
444 IWL_MAX_TID_COUNT + 1)
445 iwl_mvm_tx_deferred_stream(mvm, sta, tid);
446 }
447
448 mutex_unlock(&mvm->mutex);
449 }
450
451 static int iwl_mvm_reserve_sta_stream(struct iwl_mvm *mvm,
452 struct ieee80211_sta *sta,
453 enum nl80211_iftype vif_type)
454 {
455 struct iwl_mvm_sta *mvmsta = iwl_mvm_sta_from_mac80211(sta);
456 int queue;
457
458 spin_lock_bh(&mvm->queue_info_lock);
459
460 /* Make sure we have free resources for this STA */
461 if (vif_type == NL80211_IFTYPE_STATION && !sta->tdls &&
462 !mvm->queue_info[IWL_MVM_DQA_BSS_CLIENT_QUEUE].hw_queue_refcount &&
463 !mvm->queue_info[IWL_MVM_DQA_BSS_CLIENT_QUEUE].setup_reserved)
464 queue = IWL_MVM_DQA_BSS_CLIENT_QUEUE;
465 else
466 queue = iwl_mvm_find_free_queue(mvm, IWL_MVM_DQA_MIN_DATA_QUEUE,
467 IWL_MVM_DQA_MAX_DATA_QUEUE);
468 if (queue < 0) {
469 spin_unlock_bh(&mvm->queue_info_lock);
470 IWL_ERR(mvm, "No available queues for new station\n");
471 return -ENOSPC;
472 }
473 mvm->queue_info[queue].setup_reserved = true;
474
475 spin_unlock_bh(&mvm->queue_info_lock);
476
477 mvmsta->reserved_queue = queue;
478
479 IWL_DEBUG_TX_QUEUES(mvm, "Reserving data queue #%d for sta_id %d\n",
480 queue, mvmsta->sta_id);
481
482 return 0;
483 }
484
485 int iwl_mvm_add_sta(struct iwl_mvm *mvm,
486 struct ieee80211_vif *vif,
487 struct ieee80211_sta *sta)
488 {
489 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
490 struct iwl_mvm_sta *mvm_sta = iwl_mvm_sta_from_mac80211(sta);
491 struct iwl_mvm_rxq_dup_data *dup_data;
492 int i, ret, sta_id;
493
494 lockdep_assert_held(&mvm->mutex);
495
496 if (!test_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status))
497 sta_id = iwl_mvm_find_free_sta_id(mvm,
498 ieee80211_vif_type_p2p(vif));
499 else
500 sta_id = mvm_sta->sta_id;
501
502 if (sta_id == IWL_MVM_STATION_COUNT)
503 return -ENOSPC;
504
505 spin_lock_init(&mvm_sta->lock);
506
507 mvm_sta->sta_id = sta_id;
508 mvm_sta->mac_id_n_color = FW_CMD_ID_AND_COLOR(mvmvif->id,
509 mvmvif->color);
510 mvm_sta->vif = vif;
511 mvm_sta->max_agg_bufsize = LINK_QUAL_AGG_FRAME_LIMIT_DEF;
512 mvm_sta->tx_protection = 0;
513 mvm_sta->tt_tx_protection = false;
514
515 /* HW restart, don't assume the memory has been zeroed */
516 atomic_set(&mvm->pending_frames[sta_id], 0);
517 mvm_sta->tid_disable_agg = 0xffff; /* No aggs at first */
518 mvm_sta->tfd_queue_msk = 0;
519
520 /* allocate new queues for a TDLS station */
521 if (sta->tdls) {
522 ret = iwl_mvm_tdls_sta_init(mvm, sta);
523 if (ret)
524 return ret;
525 } else if (!iwl_mvm_is_dqa_supported(mvm)) {
526 for (i = 0; i < IEEE80211_NUM_ACS; i++)
527 if (vif->hw_queue[i] != IEEE80211_INVAL_HW_QUEUE)
528 mvm_sta->tfd_queue_msk |= BIT(vif->hw_queue[i]);
529 }
530
531 /* for HW restart - reset everything but the sequence number */
532 for (i = 0; i <= IWL_MAX_TID_COUNT; i++) {
533 u16 seq = mvm_sta->tid_data[i].seq_number;
534 memset(&mvm_sta->tid_data[i], 0, sizeof(mvm_sta->tid_data[i]));
535 mvm_sta->tid_data[i].seq_number = seq;
536
537 if (!iwl_mvm_is_dqa_supported(mvm))
538 continue;
539
540 /*
541 * Mark all queues for this STA as unallocated and defer TX
542 * frames until the queue is allocated
543 */
544 mvm_sta->tid_data[i].txq_id = IEEE80211_INVAL_HW_QUEUE;
545 skb_queue_head_init(&mvm_sta->tid_data[i].deferred_tx_frames);
546 }
547 mvm_sta->deferred_traffic_tid_map = 0;
548 mvm_sta->agg_tids = 0;
549
550 if (iwl_mvm_has_new_rx_api(mvm) &&
551 !test_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status)) {
552 dup_data = kcalloc(mvm->trans->num_rx_queues,
553 sizeof(*dup_data),
554 GFP_KERNEL);
555 if (!dup_data)
556 return -ENOMEM;
557 mvm_sta->dup_data = dup_data;
558 }
559
560 if (iwl_mvm_is_dqa_supported(mvm)) {
561 ret = iwl_mvm_reserve_sta_stream(mvm, sta,
562 ieee80211_vif_type_p2p(vif));
563 if (ret)
564 goto err;
565 }
566
567 ret = iwl_mvm_sta_send_to_fw(mvm, sta, false, 0);
568 if (ret)
569 goto err;
570
571 if (vif->type == NL80211_IFTYPE_STATION) {
572 if (!sta->tdls) {
573 WARN_ON(mvmvif->ap_sta_id != IWL_MVM_STATION_COUNT);
574 mvmvif->ap_sta_id = sta_id;
575 } else {
576 WARN_ON(mvmvif->ap_sta_id == IWL_MVM_STATION_COUNT);
577 }
578 }
579
580 rcu_assign_pointer(mvm->fw_id_to_mac_id[sta_id], sta);
581
582 return 0;
583
584 err:
585 iwl_mvm_tdls_sta_deinit(mvm, sta);
586 return ret;
587 }
588
589 int iwl_mvm_update_sta(struct iwl_mvm *mvm,
590 struct ieee80211_vif *vif,
591 struct ieee80211_sta *sta)
592 {
593 return iwl_mvm_sta_send_to_fw(mvm, sta, true, 0);
594 }
595
596 int iwl_mvm_drain_sta(struct iwl_mvm *mvm, struct iwl_mvm_sta *mvmsta,
597 bool drain)
598 {
599 struct iwl_mvm_add_sta_cmd cmd = {};
600 int ret;
601 u32 status;
602
603 lockdep_assert_held(&mvm->mutex);
604
605 cmd.mac_id_n_color = cpu_to_le32(mvmsta->mac_id_n_color);
606 cmd.sta_id = mvmsta->sta_id;
607 cmd.add_modify = STA_MODE_MODIFY;
608 cmd.station_flags = drain ? cpu_to_le32(STA_FLG_DRAIN_FLOW) : 0;
609 cmd.station_flags_msk = cpu_to_le32(STA_FLG_DRAIN_FLOW);
610
611 status = ADD_STA_SUCCESS;
612 ret = iwl_mvm_send_cmd_pdu_status(mvm, ADD_STA,
613 iwl_mvm_add_sta_cmd_size(mvm),
614 &cmd, &status);
615 if (ret)
616 return ret;
617
618 switch (status & IWL_ADD_STA_STATUS_MASK) {
619 case ADD_STA_SUCCESS:
620 IWL_DEBUG_INFO(mvm, "Frames for staid %d will drained in fw\n",
621 mvmsta->sta_id);
622 break;
623 default:
624 ret = -EIO;
625 IWL_ERR(mvm, "Couldn't drain frames for staid %d\n",
626 mvmsta->sta_id);
627 break;
628 }
629
630 return ret;
631 }
632
633 /*
634 * Remove a station from the FW table. Before sending the command to remove
635 * the station validate that the station is indeed known to the driver (sanity
636 * only).
637 */
638 static int iwl_mvm_rm_sta_common(struct iwl_mvm *mvm, u8 sta_id)
639 {
640 struct ieee80211_sta *sta;
641 struct iwl_mvm_rm_sta_cmd rm_sta_cmd = {
642 .sta_id = sta_id,
643 };
644 int ret;
645
646 sta = rcu_dereference_protected(mvm->fw_id_to_mac_id[sta_id],
647 lockdep_is_held(&mvm->mutex));
648
649 /* Note: internal stations are marked as error values */
650 if (!sta) {
651 IWL_ERR(mvm, "Invalid station id\n");
652 return -EINVAL;
653 }
654
655 ret = iwl_mvm_send_cmd_pdu(mvm, REMOVE_STA, 0,
656 sizeof(rm_sta_cmd), &rm_sta_cmd);
657 if (ret) {
658 IWL_ERR(mvm, "Failed to remove station. Id=%d\n", sta_id);
659 return ret;
660 }
661
662 return 0;
663 }
664
665 void iwl_mvm_sta_drained_wk(struct work_struct *wk)
666 {
667 struct iwl_mvm *mvm = container_of(wk, struct iwl_mvm, sta_drained_wk);
668 u8 sta_id;
669
670 /*
671 * The mutex is needed because of the SYNC cmd, but not only: if the
672 * work would run concurrently with iwl_mvm_rm_sta, it would run before
673 * iwl_mvm_rm_sta sets the station as busy, and exit. Then
674 * iwl_mvm_rm_sta would set the station as busy, and nobody will clean
675 * that later.
676 */
677 mutex_lock(&mvm->mutex);
678
679 for_each_set_bit(sta_id, mvm->sta_drained, IWL_MVM_STATION_COUNT) {
680 int ret;
681 struct ieee80211_sta *sta =
682 rcu_dereference_protected(mvm->fw_id_to_mac_id[sta_id],
683 lockdep_is_held(&mvm->mutex));
684
685 /*
686 * This station is in use or RCU-removed; the latter happens in
687 * managed mode, where mac80211 removes the station before we
688 * can remove it from firmware (we can only do that after the
689 * MAC is marked unassociated), and possibly while the deauth
690 * frame to disconnect from the AP is still queued. Then, the
691 * station pointer is -ENOENT when the last skb is reclaimed.
692 */
693 if (!IS_ERR(sta) || PTR_ERR(sta) == -ENOENT)
694 continue;
695
696 if (PTR_ERR(sta) == -EINVAL) {
697 IWL_ERR(mvm, "Drained sta %d, but it is internal?\n",
698 sta_id);
699 continue;
700 }
701
702 if (!sta) {
703 IWL_ERR(mvm, "Drained sta %d, but it was NULL?\n",
704 sta_id);
705 continue;
706 }
707
708 WARN_ON(PTR_ERR(sta) != -EBUSY);
709 /* This station was removed and we waited until it got drained,
710 * we can now proceed and remove it.
711 */
712 ret = iwl_mvm_rm_sta_common(mvm, sta_id);
713 if (ret) {
714 IWL_ERR(mvm,
715 "Couldn't remove sta %d after it was drained\n",
716 sta_id);
717 continue;
718 }
719 RCU_INIT_POINTER(mvm->fw_id_to_mac_id[sta_id], NULL);
720 clear_bit(sta_id, mvm->sta_drained);
721
722 if (mvm->tfd_drained[sta_id]) {
723 unsigned long i, msk = mvm->tfd_drained[sta_id];
724
725 for_each_set_bit(i, &msk, sizeof(msk) * BITS_PER_BYTE)
726 iwl_mvm_disable_txq(mvm, i, i,
727 IWL_MAX_TID_COUNT, 0);
728
729 mvm->tfd_drained[sta_id] = 0;
730 IWL_DEBUG_TDLS(mvm, "Drained sta %d, with queues %ld\n",
731 sta_id, msk);
732 }
733 }
734
735 mutex_unlock(&mvm->mutex);
736 }
737
738 static void iwl_mvm_disable_sta_queues(struct iwl_mvm *mvm,
739 struct ieee80211_vif *vif,
740 struct iwl_mvm_sta *mvm_sta)
741 {
742 int ac;
743 int i;
744
745 lockdep_assert_held(&mvm->mutex);
746
747 for (i = 0; i < ARRAY_SIZE(mvm_sta->tid_data); i++) {
748 if (mvm_sta->tid_data[i].txq_id == IEEE80211_INVAL_HW_QUEUE)
749 continue;
750
751 ac = iwl_mvm_tid_to_ac_queue(i);
752 iwl_mvm_disable_txq(mvm, mvm_sta->tid_data[i].txq_id,
753 vif->hw_queue[ac], i, 0);
754 mvm_sta->tid_data[i].txq_id = IEEE80211_INVAL_HW_QUEUE;
755 }
756 }
757
758 int iwl_mvm_rm_sta(struct iwl_mvm *mvm,
759 struct ieee80211_vif *vif,
760 struct ieee80211_sta *sta)
761 {
762 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
763 struct iwl_mvm_sta *mvm_sta = iwl_mvm_sta_from_mac80211(sta);
764 int ret;
765
766 lockdep_assert_held(&mvm->mutex);
767
768 if (iwl_mvm_has_new_rx_api(mvm))
769 kfree(mvm_sta->dup_data);
770
771 if (vif->type == NL80211_IFTYPE_STATION &&
772 mvmvif->ap_sta_id == mvm_sta->sta_id) {
773 ret = iwl_mvm_drain_sta(mvm, mvm_sta, true);
774 if (ret)
775 return ret;
776 /* flush its queues here since we are freeing mvm_sta */
777 ret = iwl_mvm_flush_tx_path(mvm, mvm_sta->tfd_queue_msk, 0);
778 if (ret)
779 return ret;
780 ret = iwl_trans_wait_tx_queue_empty(mvm->trans,
781 mvm_sta->tfd_queue_msk);
782 if (ret)
783 return ret;
784 ret = iwl_mvm_drain_sta(mvm, mvm_sta, false);
785
786 /* If DQA is supported - the queues can be disabled now */
787 if (iwl_mvm_is_dqa_supported(mvm))
788 iwl_mvm_disable_sta_queues(mvm, vif, mvm_sta);
789
790 /* if we are associated - we can't remove the AP STA now */
791 if (vif->bss_conf.assoc)
792 return ret;
793
794 /* unassoc - go ahead - remove the AP STA now */
795 mvmvif->ap_sta_id = IWL_MVM_STATION_COUNT;
796
797 /* clear d0i3_ap_sta_id if no longer relevant */
798 if (mvm->d0i3_ap_sta_id == mvm_sta->sta_id)
799 mvm->d0i3_ap_sta_id = IWL_MVM_STATION_COUNT;
800 }
801
802 /*
803 * This shouldn't happen - the TDLS channel switch should be canceled
804 * before the STA is removed.
805 */
806 if (WARN_ON_ONCE(mvm->tdls_cs.peer.sta_id == mvm_sta->sta_id)) {
807 mvm->tdls_cs.peer.sta_id = IWL_MVM_STATION_COUNT;
808 cancel_delayed_work(&mvm->tdls_cs.dwork);
809 }
810
811 /*
812 * Make sure that the tx response code sees the station as -EBUSY and
813 * calls the drain worker.
814 */
815 spin_lock_bh(&mvm_sta->lock);
816 /*
817 * There are frames pending on the AC queues for this station.
818 * We need to wait until all the frames are drained...
819 */
820 if (atomic_read(&mvm->pending_frames[mvm_sta->sta_id])) {
821 rcu_assign_pointer(mvm->fw_id_to_mac_id[mvm_sta->sta_id],
822 ERR_PTR(-EBUSY));
823 spin_unlock_bh(&mvm_sta->lock);
824
825 /* disable TDLS sta queues on drain complete */
826 if (sta->tdls) {
827 mvm->tfd_drained[mvm_sta->sta_id] =
828 mvm_sta->tfd_queue_msk;
829 IWL_DEBUG_TDLS(mvm, "Draining TDLS sta %d\n",
830 mvm_sta->sta_id);
831 }
832
833 ret = iwl_mvm_drain_sta(mvm, mvm_sta, true);
834 } else {
835 spin_unlock_bh(&mvm_sta->lock);
836
837 if (sta->tdls)
838 iwl_mvm_tdls_sta_deinit(mvm, sta);
839
840 ret = iwl_mvm_rm_sta_common(mvm, mvm_sta->sta_id);
841 RCU_INIT_POINTER(mvm->fw_id_to_mac_id[mvm_sta->sta_id], NULL);
842 }
843
844 return ret;
845 }
846
847 int iwl_mvm_rm_sta_id(struct iwl_mvm *mvm,
848 struct ieee80211_vif *vif,
849 u8 sta_id)
850 {
851 int ret = iwl_mvm_rm_sta_common(mvm, sta_id);
852
853 lockdep_assert_held(&mvm->mutex);
854
855 RCU_INIT_POINTER(mvm->fw_id_to_mac_id[sta_id], NULL);
856 return ret;
857 }
858
859 int iwl_mvm_allocate_int_sta(struct iwl_mvm *mvm,
860 struct iwl_mvm_int_sta *sta,
861 u32 qmask, enum nl80211_iftype iftype)
862 {
863 if (!test_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status)) {
864 sta->sta_id = iwl_mvm_find_free_sta_id(mvm, iftype);
865 if (WARN_ON_ONCE(sta->sta_id == IWL_MVM_STATION_COUNT))
866 return -ENOSPC;
867 }
868
869 sta->tfd_queue_msk = qmask;
870
871 /* put a non-NULL value so iterating over the stations won't stop */
872 rcu_assign_pointer(mvm->fw_id_to_mac_id[sta->sta_id], ERR_PTR(-EINVAL));
873 return 0;
874 }
875
876 static void iwl_mvm_dealloc_int_sta(struct iwl_mvm *mvm,
877 struct iwl_mvm_int_sta *sta)
878 {
879 RCU_INIT_POINTER(mvm->fw_id_to_mac_id[sta->sta_id], NULL);
880 memset(sta, 0, sizeof(struct iwl_mvm_int_sta));
881 sta->sta_id = IWL_MVM_STATION_COUNT;
882 }
883
884 static int iwl_mvm_add_int_sta_common(struct iwl_mvm *mvm,
885 struct iwl_mvm_int_sta *sta,
886 const u8 *addr,
887 u16 mac_id, u16 color)
888 {
889 struct iwl_mvm_add_sta_cmd cmd;
890 int ret;
891 u32 status;
892
893 lockdep_assert_held(&mvm->mutex);
894
895 memset(&cmd, 0, sizeof(cmd));
896 cmd.sta_id = sta->sta_id;
897 cmd.mac_id_n_color = cpu_to_le32(FW_CMD_ID_AND_COLOR(mac_id,
898 color));
899
900 cmd.tfd_queue_msk = cpu_to_le32(sta->tfd_queue_msk);
901 cmd.tid_disable_tx = cpu_to_le16(0xffff);
902
903 if (addr)
904 memcpy(cmd.addr, addr, ETH_ALEN);
905
906 ret = iwl_mvm_send_cmd_pdu_status(mvm, ADD_STA,
907 iwl_mvm_add_sta_cmd_size(mvm),
908 &cmd, &status);
909 if (ret)
910 return ret;
911
912 switch (status & IWL_ADD_STA_STATUS_MASK) {
913 case ADD_STA_SUCCESS:
914 IWL_DEBUG_INFO(mvm, "Internal station added.\n");
915 return 0;
916 default:
917 ret = -EIO;
918 IWL_ERR(mvm, "Add internal station failed, status=0x%x\n",
919 status);
920 break;
921 }
922 return ret;
923 }
924
925 int iwl_mvm_add_aux_sta(struct iwl_mvm *mvm)
926 {
927 unsigned int wdg_timeout = iwlmvm_mod_params.tfd_q_hang_detect ?
928 mvm->cfg->base_params->wd_timeout :
929 IWL_WATCHDOG_DISABLED;
930 int ret;
931
932 lockdep_assert_held(&mvm->mutex);
933
934 /* Map Aux queue to fifo - needs to happen before adding Aux station */
935 iwl_mvm_enable_ac_txq(mvm, mvm->aux_queue, mvm->aux_queue,
936 IWL_MVM_TX_FIFO_MCAST, 0, wdg_timeout);
937
938 /* Allocate aux station and assign to it the aux queue */
939 ret = iwl_mvm_allocate_int_sta(mvm, &mvm->aux_sta, BIT(mvm->aux_queue),
940 NL80211_IFTYPE_UNSPECIFIED);
941 if (ret)
942 return ret;
943
944 ret = iwl_mvm_add_int_sta_common(mvm, &mvm->aux_sta, NULL,
945 MAC_INDEX_AUX, 0);
946
947 if (ret)
948 iwl_mvm_dealloc_int_sta(mvm, &mvm->aux_sta);
949 return ret;
950 }
951
952 int iwl_mvm_add_snif_sta(struct iwl_mvm *mvm, struct ieee80211_vif *vif)
953 {
954 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
955
956 lockdep_assert_held(&mvm->mutex);
957 return iwl_mvm_add_int_sta_common(mvm, &mvm->snif_sta, vif->addr,
958 mvmvif->id, 0);
959 }
960
961 int iwl_mvm_rm_snif_sta(struct iwl_mvm *mvm, struct ieee80211_vif *vif)
962 {
963 int ret;
964
965 lockdep_assert_held(&mvm->mutex);
966
967 ret = iwl_mvm_rm_sta_common(mvm, mvm->snif_sta.sta_id);
968 if (ret)
969 IWL_WARN(mvm, "Failed sending remove station\n");
970
971 return ret;
972 }
973
974 void iwl_mvm_dealloc_snif_sta(struct iwl_mvm *mvm)
975 {
976 iwl_mvm_dealloc_int_sta(mvm, &mvm->snif_sta);
977 }
978
979 void iwl_mvm_del_aux_sta(struct iwl_mvm *mvm)
980 {
981 lockdep_assert_held(&mvm->mutex);
982
983 iwl_mvm_dealloc_int_sta(mvm, &mvm->aux_sta);
984 }
985
986 /*
987 * Send the add station command for the vif's broadcast station.
988 * Assumes that the station was already allocated.
989 *
990 * @mvm: the mvm component
991 * @vif: the interface to which the broadcast station is added
992 * @bsta: the broadcast station to add.
993 */
994 int iwl_mvm_send_add_bcast_sta(struct iwl_mvm *mvm, struct ieee80211_vif *vif)
995 {
996 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
997 struct iwl_mvm_int_sta *bsta = &mvmvif->bcast_sta;
998 static const u8 _baddr[] = {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF};
999 const u8 *baddr = _baddr;
1000
1001 lockdep_assert_held(&mvm->mutex);
1002
1003 if (vif->type == NL80211_IFTYPE_ADHOC)
1004 baddr = vif->bss_conf.bssid;
1005
1006 if (WARN_ON_ONCE(bsta->sta_id == IWL_MVM_STATION_COUNT))
1007 return -ENOSPC;
1008
1009 return iwl_mvm_add_int_sta_common(mvm, bsta, baddr,
1010 mvmvif->id, mvmvif->color);
1011 }
1012
1013 /* Send the FW a request to remove the station from it's internal data
1014 * structures, but DO NOT remove the entry from the local data structures. */
1015 int iwl_mvm_send_rm_bcast_sta(struct iwl_mvm *mvm, struct ieee80211_vif *vif)
1016 {
1017 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
1018 int ret;
1019
1020 lockdep_assert_held(&mvm->mutex);
1021
1022 ret = iwl_mvm_rm_sta_common(mvm, mvmvif->bcast_sta.sta_id);
1023 if (ret)
1024 IWL_WARN(mvm, "Failed sending remove station\n");
1025 return ret;
1026 }
1027
1028 int iwl_mvm_alloc_bcast_sta(struct iwl_mvm *mvm, struct ieee80211_vif *vif)
1029 {
1030 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
1031 u32 qmask;
1032
1033 lockdep_assert_held(&mvm->mutex);
1034
1035 qmask = iwl_mvm_mac_get_queues_mask(vif);
1036
1037 /*
1038 * The firmware defines the TFD queue mask to only be relevant
1039 * for *unicast* queues, so the multicast (CAB) queue shouldn't
1040 * be included.
1041 */
1042 if (vif->type == NL80211_IFTYPE_AP)
1043 qmask &= ~BIT(vif->cab_queue);
1044
1045 return iwl_mvm_allocate_int_sta(mvm, &mvmvif->bcast_sta, qmask,
1046 ieee80211_vif_type_p2p(vif));
1047 }
1048
1049 /* Allocate a new station entry for the broadcast station to the given vif,
1050 * and send it to the FW.
1051 * Note that each P2P mac should have its own broadcast station.
1052 *
1053 * @mvm: the mvm component
1054 * @vif: the interface to which the broadcast station is added
1055 * @bsta: the broadcast station to add. */
1056 int iwl_mvm_add_bcast_sta(struct iwl_mvm *mvm, struct ieee80211_vif *vif)
1057 {
1058 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
1059 struct iwl_mvm_int_sta *bsta = &mvmvif->bcast_sta;
1060 int ret;
1061
1062 lockdep_assert_held(&mvm->mutex);
1063
1064 ret = iwl_mvm_alloc_bcast_sta(mvm, vif);
1065 if (ret)
1066 return ret;
1067
1068 ret = iwl_mvm_send_add_bcast_sta(mvm, vif);
1069
1070 if (ret)
1071 iwl_mvm_dealloc_int_sta(mvm, bsta);
1072
1073 return ret;
1074 }
1075
1076 void iwl_mvm_dealloc_bcast_sta(struct iwl_mvm *mvm, struct ieee80211_vif *vif)
1077 {
1078 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
1079
1080 iwl_mvm_dealloc_int_sta(mvm, &mvmvif->bcast_sta);
1081 }
1082
1083 /*
1084 * Send the FW a request to remove the station from it's internal data
1085 * structures, and in addition remove it from the local data structure.
1086 */
1087 int iwl_mvm_rm_bcast_sta(struct iwl_mvm *mvm, struct ieee80211_vif *vif)
1088 {
1089 int ret;
1090
1091 lockdep_assert_held(&mvm->mutex);
1092
1093 ret = iwl_mvm_send_rm_bcast_sta(mvm, vif);
1094
1095 iwl_mvm_dealloc_bcast_sta(mvm, vif);
1096
1097 return ret;
1098 }
1099
1100 #define IWL_MAX_RX_BA_SESSIONS 16
1101
1102 int iwl_mvm_sta_rx_agg(struct iwl_mvm *mvm, struct ieee80211_sta *sta,
1103 int tid, u16 ssn, bool start, u8 buf_size)
1104 {
1105 struct iwl_mvm_sta *mvm_sta = iwl_mvm_sta_from_mac80211(sta);
1106 struct iwl_mvm_add_sta_cmd cmd = {};
1107 int ret;
1108 u32 status;
1109
1110 lockdep_assert_held(&mvm->mutex);
1111
1112 if (start && mvm->rx_ba_sessions >= IWL_MAX_RX_BA_SESSIONS) {
1113 IWL_WARN(mvm, "Not enough RX BA SESSIONS\n");
1114 return -ENOSPC;
1115 }
1116
1117 cmd.mac_id_n_color = cpu_to_le32(mvm_sta->mac_id_n_color);
1118 cmd.sta_id = mvm_sta->sta_id;
1119 cmd.add_modify = STA_MODE_MODIFY;
1120 if (start) {
1121 cmd.add_immediate_ba_tid = (u8) tid;
1122 cmd.add_immediate_ba_ssn = cpu_to_le16(ssn);
1123 cmd.rx_ba_window = cpu_to_le16((u16)buf_size);
1124 } else {
1125 cmd.remove_immediate_ba_tid = (u8) tid;
1126 }
1127 cmd.modify_mask = start ? STA_MODIFY_ADD_BA_TID :
1128 STA_MODIFY_REMOVE_BA_TID;
1129
1130 status = ADD_STA_SUCCESS;
1131 ret = iwl_mvm_send_cmd_pdu_status(mvm, ADD_STA,
1132 iwl_mvm_add_sta_cmd_size(mvm),
1133 &cmd, &status);
1134 if (ret)
1135 return ret;
1136
1137 switch (status & IWL_ADD_STA_STATUS_MASK) {
1138 case ADD_STA_SUCCESS:
1139 IWL_DEBUG_INFO(mvm, "RX BA Session %sed in fw\n",
1140 start ? "start" : "stopp");
1141 break;
1142 case ADD_STA_IMMEDIATE_BA_FAILURE:
1143 IWL_WARN(mvm, "RX BA Session refused by fw\n");
1144 ret = -ENOSPC;
1145 break;
1146 default:
1147 ret = -EIO;
1148 IWL_ERR(mvm, "RX BA Session failed %sing, status 0x%x\n",
1149 start ? "start" : "stopp", status);
1150 break;
1151 }
1152
1153 if (!ret) {
1154 if (start)
1155 mvm->rx_ba_sessions++;
1156 else if (mvm->rx_ba_sessions > 0)
1157 /* check that restart flow didn't zero the counter */
1158 mvm->rx_ba_sessions--;
1159 }
1160
1161 return ret;
1162 }
1163
1164 static int iwl_mvm_sta_tx_agg(struct iwl_mvm *mvm, struct ieee80211_sta *sta,
1165 int tid, u8 queue, bool start)
1166 {
1167 struct iwl_mvm_sta *mvm_sta = iwl_mvm_sta_from_mac80211(sta);
1168 struct iwl_mvm_add_sta_cmd cmd = {};
1169 int ret;
1170 u32 status;
1171
1172 lockdep_assert_held(&mvm->mutex);
1173
1174 if (start) {
1175 mvm_sta->tfd_queue_msk |= BIT(queue);
1176 mvm_sta->tid_disable_agg &= ~BIT(tid);
1177 } else {
1178 mvm_sta->tfd_queue_msk &= ~BIT(queue);
1179 mvm_sta->tid_disable_agg |= BIT(tid);
1180 }
1181
1182 cmd.mac_id_n_color = cpu_to_le32(mvm_sta->mac_id_n_color);
1183 cmd.sta_id = mvm_sta->sta_id;
1184 cmd.add_modify = STA_MODE_MODIFY;
1185 cmd.modify_mask = STA_MODIFY_QUEUES | STA_MODIFY_TID_DISABLE_TX;
1186 cmd.tfd_queue_msk = cpu_to_le32(mvm_sta->tfd_queue_msk);
1187 cmd.tid_disable_tx = cpu_to_le16(mvm_sta->tid_disable_agg);
1188
1189 status = ADD_STA_SUCCESS;
1190 ret = iwl_mvm_send_cmd_pdu_status(mvm, ADD_STA,
1191 iwl_mvm_add_sta_cmd_size(mvm),
1192 &cmd, &status);
1193 if (ret)
1194 return ret;
1195
1196 switch (status & IWL_ADD_STA_STATUS_MASK) {
1197 case ADD_STA_SUCCESS:
1198 break;
1199 default:
1200 ret = -EIO;
1201 IWL_ERR(mvm, "TX BA Session failed %sing, status 0x%x\n",
1202 start ? "start" : "stopp", status);
1203 break;
1204 }
1205
1206 return ret;
1207 }
1208
1209 const u8 tid_to_mac80211_ac[] = {
1210 IEEE80211_AC_BE,
1211 IEEE80211_AC_BK,
1212 IEEE80211_AC_BK,
1213 IEEE80211_AC_BE,
1214 IEEE80211_AC_VI,
1215 IEEE80211_AC_VI,
1216 IEEE80211_AC_VO,
1217 IEEE80211_AC_VO,
1218 };
1219
1220 static const u8 tid_to_ucode_ac[] = {
1221 AC_BE,
1222 AC_BK,
1223 AC_BK,
1224 AC_BE,
1225 AC_VI,
1226 AC_VI,
1227 AC_VO,
1228 AC_VO,
1229 };
1230
1231 int iwl_mvm_sta_tx_agg_start(struct iwl_mvm *mvm, struct ieee80211_vif *vif,
1232 struct ieee80211_sta *sta, u16 tid, u16 *ssn)
1233 {
1234 struct iwl_mvm_sta *mvmsta = iwl_mvm_sta_from_mac80211(sta);
1235 struct iwl_mvm_tid_data *tid_data;
1236 int txq_id;
1237 int ret;
1238
1239 if (WARN_ON_ONCE(tid >= IWL_MAX_TID_COUNT))
1240 return -EINVAL;
1241
1242 if (mvmsta->tid_data[tid].state != IWL_AGG_OFF) {
1243 IWL_ERR(mvm, "Start AGG when state is not IWL_AGG_OFF %d!\n",
1244 mvmsta->tid_data[tid].state);
1245 return -ENXIO;
1246 }
1247
1248 lockdep_assert_held(&mvm->mutex);
1249
1250 spin_lock_bh(&mvmsta->lock);
1251
1252 /* possible race condition - we entered D0i3 while starting agg */
1253 if (test_bit(IWL_MVM_STATUS_IN_D0I3, &mvm->status)) {
1254 spin_unlock_bh(&mvmsta->lock);
1255 IWL_ERR(mvm, "Entered D0i3 while starting Tx agg\n");
1256 return -EIO;
1257 }
1258
1259 spin_lock_bh(&mvm->queue_info_lock);
1260
1261 txq_id = iwl_mvm_find_free_queue(mvm, mvm->first_agg_queue,
1262 mvm->last_agg_queue);
1263 if (txq_id < 0) {
1264 ret = txq_id;
1265 spin_unlock_bh(&mvm->queue_info_lock);
1266 IWL_ERR(mvm, "Failed to allocate agg queue\n");
1267 goto release_locks;
1268 }
1269 mvm->queue_info[txq_id].setup_reserved = true;
1270 spin_unlock_bh(&mvm->queue_info_lock);
1271
1272 tid_data = &mvmsta->tid_data[tid];
1273 tid_data->ssn = IEEE80211_SEQ_TO_SN(tid_data->seq_number);
1274 tid_data->txq_id = txq_id;
1275 *ssn = tid_data->ssn;
1276
1277 IWL_DEBUG_TX_QUEUES(mvm,
1278 "Start AGG: sta %d tid %d queue %d - ssn = %d, next_recl = %d\n",
1279 mvmsta->sta_id, tid, txq_id, tid_data->ssn,
1280 tid_data->next_reclaimed);
1281
1282 if (tid_data->ssn == tid_data->next_reclaimed) {
1283 tid_data->state = IWL_AGG_STARTING;
1284 ieee80211_start_tx_ba_cb_irqsafe(vif, sta->addr, tid);
1285 } else {
1286 tid_data->state = IWL_EMPTYING_HW_QUEUE_ADDBA;
1287 }
1288
1289 ret = 0;
1290
1291 release_locks:
1292 spin_unlock_bh(&mvmsta->lock);
1293
1294 return ret;
1295 }
1296
1297 int iwl_mvm_sta_tx_agg_oper(struct iwl_mvm *mvm, struct ieee80211_vif *vif,
1298 struct ieee80211_sta *sta, u16 tid, u8 buf_size,
1299 bool amsdu)
1300 {
1301 struct iwl_mvm_sta *mvmsta = iwl_mvm_sta_from_mac80211(sta);
1302 struct iwl_mvm_tid_data *tid_data = &mvmsta->tid_data[tid];
1303 unsigned int wdg_timeout =
1304 iwl_mvm_get_wd_timeout(mvm, vif, sta->tdls, false);
1305 int queue, ret;
1306 u16 ssn;
1307
1308 struct iwl_trans_txq_scd_cfg cfg = {
1309 .sta_id = mvmsta->sta_id,
1310 .tid = tid,
1311 .frame_limit = buf_size,
1312 .aggregate = true,
1313 };
1314
1315 BUILD_BUG_ON((sizeof(mvmsta->agg_tids) * BITS_PER_BYTE)
1316 != IWL_MAX_TID_COUNT);
1317
1318 buf_size = min_t(int, buf_size, LINK_QUAL_AGG_FRAME_LIMIT_DEF);
1319
1320 spin_lock_bh(&mvmsta->lock);
1321 ssn = tid_data->ssn;
1322 queue = tid_data->txq_id;
1323 tid_data->state = IWL_AGG_ON;
1324 mvmsta->agg_tids |= BIT(tid);
1325 tid_data->ssn = 0xffff;
1326 tid_data->amsdu_in_ampdu_allowed = amsdu;
1327 spin_unlock_bh(&mvmsta->lock);
1328
1329 cfg.fifo = iwl_mvm_ac_to_tx_fifo[tid_to_mac80211_ac[tid]];
1330
1331 iwl_mvm_enable_txq(mvm, queue, vif->hw_queue[tid_to_mac80211_ac[tid]],
1332 ssn, &cfg, wdg_timeout);
1333
1334 ret = iwl_mvm_sta_tx_agg(mvm, sta, tid, queue, true);
1335 if (ret)
1336 return -EIO;
1337
1338 /* No need to mark as reserved */
1339 spin_lock_bh(&mvm->queue_info_lock);
1340 mvm->queue_info[queue].setup_reserved = false;
1341 spin_unlock_bh(&mvm->queue_info_lock);
1342
1343 /*
1344 * Even though in theory the peer could have different
1345 * aggregation reorder buffer sizes for different sessions,
1346 * our ucode doesn't allow for that and has a global limit
1347 * for each station. Therefore, use the minimum of all the
1348 * aggregation sessions and our default value.
1349 */
1350 mvmsta->max_agg_bufsize =
1351 min(mvmsta->max_agg_bufsize, buf_size);
1352 mvmsta->lq_sta.lq.agg_frame_cnt_limit = mvmsta->max_agg_bufsize;
1353
1354 IWL_DEBUG_HT(mvm, "Tx aggregation enabled on ra = %pM tid = %d\n",
1355 sta->addr, tid);
1356
1357 return iwl_mvm_send_lq_cmd(mvm, &mvmsta->lq_sta.lq, false);
1358 }
1359
1360 int iwl_mvm_sta_tx_agg_stop(struct iwl_mvm *mvm, struct ieee80211_vif *vif,
1361 struct ieee80211_sta *sta, u16 tid)
1362 {
1363 struct iwl_mvm_sta *mvmsta = iwl_mvm_sta_from_mac80211(sta);
1364 struct iwl_mvm_tid_data *tid_data = &mvmsta->tid_data[tid];
1365 u16 txq_id;
1366 int err;
1367
1368
1369 /*
1370 * If mac80211 is cleaning its state, then say that we finished since
1371 * our state has been cleared anyway.
1372 */
1373 if (test_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status)) {
1374 ieee80211_stop_tx_ba_cb_irqsafe(vif, sta->addr, tid);
1375 return 0;
1376 }
1377
1378 spin_lock_bh(&mvmsta->lock);
1379
1380 txq_id = tid_data->txq_id;
1381
1382 IWL_DEBUG_TX_QUEUES(mvm, "Stop AGG: sta %d tid %d q %d state %d\n",
1383 mvmsta->sta_id, tid, txq_id, tid_data->state);
1384
1385 mvmsta->agg_tids &= ~BIT(tid);
1386
1387 /* No need to mark as reserved anymore */
1388 spin_lock_bh(&mvm->queue_info_lock);
1389 mvm->queue_info[txq_id].setup_reserved = false;
1390 spin_unlock_bh(&mvm->queue_info_lock);
1391
1392 switch (tid_data->state) {
1393 case IWL_AGG_ON:
1394 tid_data->ssn = IEEE80211_SEQ_TO_SN(tid_data->seq_number);
1395
1396 IWL_DEBUG_TX_QUEUES(mvm,
1397 "ssn = %d, next_recl = %d\n",
1398 tid_data->ssn, tid_data->next_reclaimed);
1399
1400 /* There are still packets for this RA / TID in the HW */
1401 if (tid_data->ssn != tid_data->next_reclaimed) {
1402 tid_data->state = IWL_EMPTYING_HW_QUEUE_DELBA;
1403 err = 0;
1404 break;
1405 }
1406
1407 tid_data->ssn = 0xffff;
1408 tid_data->state = IWL_AGG_OFF;
1409 spin_unlock_bh(&mvmsta->lock);
1410
1411 ieee80211_stop_tx_ba_cb_irqsafe(vif, sta->addr, tid);
1412
1413 iwl_mvm_sta_tx_agg(mvm, sta, tid, txq_id, false);
1414
1415 iwl_mvm_disable_txq(mvm, txq_id,
1416 vif->hw_queue[tid_to_mac80211_ac[tid]], tid,
1417 0);
1418 return 0;
1419 case IWL_AGG_STARTING:
1420 case IWL_EMPTYING_HW_QUEUE_ADDBA:
1421 /*
1422 * The agg session has been stopped before it was set up. This
1423 * can happen when the AddBA timer times out for example.
1424 */
1425
1426 /* No barriers since we are under mutex */
1427 lockdep_assert_held(&mvm->mutex);
1428
1429 ieee80211_stop_tx_ba_cb_irqsafe(vif, sta->addr, tid);
1430 tid_data->state = IWL_AGG_OFF;
1431 err = 0;
1432 break;
1433 default:
1434 IWL_ERR(mvm,
1435 "Stopping AGG while state not ON or starting for %d on %d (%d)\n",
1436 mvmsta->sta_id, tid, tid_data->state);
1437 IWL_ERR(mvm,
1438 "\ttid_data->txq_id = %d\n", tid_data->txq_id);
1439 err = -EINVAL;
1440 }
1441
1442 spin_unlock_bh(&mvmsta->lock);
1443
1444 return err;
1445 }
1446
1447 int iwl_mvm_sta_tx_agg_flush(struct iwl_mvm *mvm, struct ieee80211_vif *vif,
1448 struct ieee80211_sta *sta, u16 tid)
1449 {
1450 struct iwl_mvm_sta *mvmsta = iwl_mvm_sta_from_mac80211(sta);
1451 struct iwl_mvm_tid_data *tid_data = &mvmsta->tid_data[tid];
1452 u16 txq_id;
1453 enum iwl_mvm_agg_state old_state;
1454
1455 /*
1456 * First set the agg state to OFF to avoid calling
1457 * ieee80211_stop_tx_ba_cb in iwl_mvm_check_ratid_empty.
1458 */
1459 spin_lock_bh(&mvmsta->lock);
1460 txq_id = tid_data->txq_id;
1461 IWL_DEBUG_TX_QUEUES(mvm, "Flush AGG: sta %d tid %d q %d state %d\n",
1462 mvmsta->sta_id, tid, txq_id, tid_data->state);
1463 old_state = tid_data->state;
1464 tid_data->state = IWL_AGG_OFF;
1465 mvmsta->agg_tids &= ~BIT(tid);
1466 spin_unlock_bh(&mvmsta->lock);
1467
1468 /* No need to mark as reserved */
1469 spin_lock_bh(&mvm->queue_info_lock);
1470 mvm->queue_info[txq_id].setup_reserved = false;
1471 spin_unlock_bh(&mvm->queue_info_lock);
1472
1473 if (old_state >= IWL_AGG_ON) {
1474 iwl_mvm_drain_sta(mvm, mvmsta, true);
1475 if (iwl_mvm_flush_tx_path(mvm, BIT(txq_id), 0))
1476 IWL_ERR(mvm, "Couldn't flush the AGG queue\n");
1477 iwl_trans_wait_tx_queue_empty(mvm->trans,
1478 mvmsta->tfd_queue_msk);
1479 iwl_mvm_drain_sta(mvm, mvmsta, false);
1480
1481 iwl_mvm_sta_tx_agg(mvm, sta, tid, txq_id, false);
1482
1483 iwl_mvm_disable_txq(mvm, tid_data->txq_id,
1484 vif->hw_queue[tid_to_mac80211_ac[tid]], tid,
1485 0);
1486 }
1487
1488 return 0;
1489 }
1490
1491 static int iwl_mvm_set_fw_key_idx(struct iwl_mvm *mvm)
1492 {
1493 int i, max = -1, max_offs = -1;
1494
1495 lockdep_assert_held(&mvm->mutex);
1496
1497 /* Pick the unused key offset with the highest 'deleted'
1498 * counter. Every time a key is deleted, all the counters
1499 * are incremented and the one that was just deleted is
1500 * reset to zero. Thus, the highest counter is the one
1501 * that was deleted longest ago. Pick that one.
1502 */
1503 for (i = 0; i < STA_KEY_MAX_NUM; i++) {
1504 if (test_bit(i, mvm->fw_key_table))
1505 continue;
1506 if (mvm->fw_key_deleted[i] > max) {
1507 max = mvm->fw_key_deleted[i];
1508 max_offs = i;
1509 }
1510 }
1511
1512 if (max_offs < 0)
1513 return STA_KEY_IDX_INVALID;
1514
1515 return max_offs;
1516 }
1517
1518 static struct iwl_mvm_sta *iwl_mvm_get_key_sta(struct iwl_mvm *mvm,
1519 struct ieee80211_vif *vif,
1520 struct ieee80211_sta *sta)
1521 {
1522 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
1523
1524 if (sta)
1525 return iwl_mvm_sta_from_mac80211(sta);
1526
1527 /*
1528 * The device expects GTKs for station interfaces to be
1529 * installed as GTKs for the AP station. If we have no
1530 * station ID, then use AP's station ID.
1531 */
1532 if (vif->type == NL80211_IFTYPE_STATION &&
1533 mvmvif->ap_sta_id != IWL_MVM_STATION_COUNT) {
1534 u8 sta_id = mvmvif->ap_sta_id;
1535
1536 sta = rcu_dereference_check(mvm->fw_id_to_mac_id[sta_id],
1537 lockdep_is_held(&mvm->mutex));
1538 /*
1539 * It is possible that the 'sta' parameter is NULL,
1540 * for example when a GTK is removed - the sta_id will then
1541 * be the AP ID, and no station was passed by mac80211.
1542 */
1543 if (IS_ERR_OR_NULL(sta))
1544 return NULL;
1545
1546 return iwl_mvm_sta_from_mac80211(sta);
1547 }
1548
1549 return NULL;
1550 }
1551
1552 static int iwl_mvm_send_sta_key(struct iwl_mvm *mvm,
1553 struct iwl_mvm_sta *mvm_sta,
1554 struct ieee80211_key_conf *keyconf, bool mcast,
1555 u32 tkip_iv32, u16 *tkip_p1k, u32 cmd_flags,
1556 u8 key_offset)
1557 {
1558 struct iwl_mvm_add_sta_key_cmd cmd = {};
1559 __le16 key_flags;
1560 int ret;
1561 u32 status;
1562 u16 keyidx;
1563 int i;
1564 u8 sta_id = mvm_sta->sta_id;
1565
1566 keyidx = (keyconf->keyidx << STA_KEY_FLG_KEYID_POS) &
1567 STA_KEY_FLG_KEYID_MSK;
1568 key_flags = cpu_to_le16(keyidx);
1569 key_flags |= cpu_to_le16(STA_KEY_FLG_WEP_KEY_MAP);
1570
1571 switch (keyconf->cipher) {
1572 case WLAN_CIPHER_SUITE_TKIP:
1573 key_flags |= cpu_to_le16(STA_KEY_FLG_TKIP);
1574 cmd.tkip_rx_tsc_byte2 = tkip_iv32;
1575 for (i = 0; i < 5; i++)
1576 cmd.tkip_rx_ttak[i] = cpu_to_le16(tkip_p1k[i]);
1577 memcpy(cmd.key, keyconf->key, keyconf->keylen);
1578 break;
1579 case WLAN_CIPHER_SUITE_CCMP:
1580 key_flags |= cpu_to_le16(STA_KEY_FLG_CCM);
1581 memcpy(cmd.key, keyconf->key, keyconf->keylen);
1582 break;
1583 case WLAN_CIPHER_SUITE_WEP104:
1584 key_flags |= cpu_to_le16(STA_KEY_FLG_WEP_13BYTES);
1585 /* fall through */
1586 case WLAN_CIPHER_SUITE_WEP40:
1587 key_flags |= cpu_to_le16(STA_KEY_FLG_WEP);
1588 memcpy(cmd.key + 3, keyconf->key, keyconf->keylen);
1589 break;
1590 default:
1591 key_flags |= cpu_to_le16(STA_KEY_FLG_EXT);
1592 memcpy(cmd.key, keyconf->key, keyconf->keylen);
1593 }
1594
1595 if (mcast)
1596 key_flags |= cpu_to_le16(STA_KEY_MULTICAST);
1597
1598 cmd.key_offset = key_offset;
1599 cmd.key_flags = key_flags;
1600 cmd.sta_id = sta_id;
1601
1602 status = ADD_STA_SUCCESS;
1603 if (cmd_flags & CMD_ASYNC)
1604 ret = iwl_mvm_send_cmd_pdu(mvm, ADD_STA_KEY, CMD_ASYNC,
1605 sizeof(cmd), &cmd);
1606 else
1607 ret = iwl_mvm_send_cmd_pdu_status(mvm, ADD_STA_KEY, sizeof(cmd),
1608 &cmd, &status);
1609
1610 switch (status) {
1611 case ADD_STA_SUCCESS:
1612 IWL_DEBUG_WEP(mvm, "MODIFY_STA: set dynamic key passed\n");
1613 break;
1614 default:
1615 ret = -EIO;
1616 IWL_ERR(mvm, "MODIFY_STA: set dynamic key failed\n");
1617 break;
1618 }
1619
1620 return ret;
1621 }
1622
1623 static int iwl_mvm_send_sta_igtk(struct iwl_mvm *mvm,
1624 struct ieee80211_key_conf *keyconf,
1625 u8 sta_id, bool remove_key)
1626 {
1627 struct iwl_mvm_mgmt_mcast_key_cmd igtk_cmd = {};
1628
1629 /* verify the key details match the required command's expectations */
1630 if (WARN_ON((keyconf->cipher != WLAN_CIPHER_SUITE_AES_CMAC) ||
1631 (keyconf->flags & IEEE80211_KEY_FLAG_PAIRWISE) ||
1632 (keyconf->keyidx != 4 && keyconf->keyidx != 5)))
1633 return -EINVAL;
1634
1635 igtk_cmd.key_id = cpu_to_le32(keyconf->keyidx);
1636 igtk_cmd.sta_id = cpu_to_le32(sta_id);
1637
1638 if (remove_key) {
1639 igtk_cmd.ctrl_flags |= cpu_to_le32(STA_KEY_NOT_VALID);
1640 } else {
1641 struct ieee80211_key_seq seq;
1642 const u8 *pn;
1643
1644 memcpy(igtk_cmd.IGTK, keyconf->key, keyconf->keylen);
1645 ieee80211_get_key_rx_seq(keyconf, 0, &seq);
1646 pn = seq.aes_cmac.pn;
1647 igtk_cmd.receive_seq_cnt = cpu_to_le64(((u64) pn[5] << 0) |
1648 ((u64) pn[4] << 8) |
1649 ((u64) pn[3] << 16) |
1650 ((u64) pn[2] << 24) |
1651 ((u64) pn[1] << 32) |
1652 ((u64) pn[0] << 40));
1653 }
1654
1655 IWL_DEBUG_INFO(mvm, "%s igtk for sta %u\n",
1656 remove_key ? "removing" : "installing",
1657 igtk_cmd.sta_id);
1658
1659 return iwl_mvm_send_cmd_pdu(mvm, MGMT_MCAST_KEY, 0,
1660 sizeof(igtk_cmd), &igtk_cmd);
1661 }
1662
1663
1664 static inline u8 *iwl_mvm_get_mac_addr(struct iwl_mvm *mvm,
1665 struct ieee80211_vif *vif,
1666 struct ieee80211_sta *sta)
1667 {
1668 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
1669
1670 if (sta)
1671 return sta->addr;
1672
1673 if (vif->type == NL80211_IFTYPE_STATION &&
1674 mvmvif->ap_sta_id != IWL_MVM_STATION_COUNT) {
1675 u8 sta_id = mvmvif->ap_sta_id;
1676 sta = rcu_dereference_protected(mvm->fw_id_to_mac_id[sta_id],
1677 lockdep_is_held(&mvm->mutex));
1678 return sta->addr;
1679 }
1680
1681
1682 return NULL;
1683 }
1684
1685 static int __iwl_mvm_set_sta_key(struct iwl_mvm *mvm,
1686 struct ieee80211_vif *vif,
1687 struct ieee80211_sta *sta,
1688 struct ieee80211_key_conf *keyconf,
1689 u8 key_offset,
1690 bool mcast)
1691 {
1692 struct iwl_mvm_sta *mvm_sta = iwl_mvm_sta_from_mac80211(sta);
1693 int ret;
1694 const u8 *addr;
1695 struct ieee80211_key_seq seq;
1696 u16 p1k[5];
1697
1698 switch (keyconf->cipher) {
1699 case WLAN_CIPHER_SUITE_TKIP:
1700 addr = iwl_mvm_get_mac_addr(mvm, vif, sta);
1701 /* get phase 1 key from mac80211 */
1702 ieee80211_get_key_rx_seq(keyconf, 0, &seq);
1703 ieee80211_get_tkip_rx_p1k(keyconf, addr, seq.tkip.iv32, p1k);
1704 ret = iwl_mvm_send_sta_key(mvm, mvm_sta, keyconf, mcast,
1705 seq.tkip.iv32, p1k, 0, key_offset);
1706 break;
1707 case WLAN_CIPHER_SUITE_CCMP:
1708 case WLAN_CIPHER_SUITE_WEP40:
1709 case WLAN_CIPHER_SUITE_WEP104:
1710 ret = iwl_mvm_send_sta_key(mvm, mvm_sta, keyconf, mcast,
1711 0, NULL, 0, key_offset);
1712 break;
1713 default:
1714 ret = iwl_mvm_send_sta_key(mvm, mvm_sta, keyconf, mcast,
1715 0, NULL, 0, key_offset);
1716 }
1717
1718 return ret;
1719 }
1720
1721 static int __iwl_mvm_remove_sta_key(struct iwl_mvm *mvm, u8 sta_id,
1722 struct ieee80211_key_conf *keyconf,
1723 bool mcast)
1724 {
1725 struct iwl_mvm_add_sta_key_cmd cmd = {};
1726 __le16 key_flags;
1727 int ret;
1728 u32 status;
1729
1730 key_flags = cpu_to_le16((keyconf->keyidx << STA_KEY_FLG_KEYID_POS) &
1731 STA_KEY_FLG_KEYID_MSK);
1732 key_flags |= cpu_to_le16(STA_KEY_FLG_NO_ENC | STA_KEY_FLG_WEP_KEY_MAP);
1733 key_flags |= cpu_to_le16(STA_KEY_NOT_VALID);
1734
1735 if (mcast)
1736 key_flags |= cpu_to_le16(STA_KEY_MULTICAST);
1737
1738 cmd.key_flags = key_flags;
1739 cmd.key_offset = keyconf->hw_key_idx;
1740 cmd.sta_id = sta_id;
1741
1742 status = ADD_STA_SUCCESS;
1743 ret = iwl_mvm_send_cmd_pdu_status(mvm, ADD_STA_KEY, sizeof(cmd),
1744 &cmd, &status);
1745
1746 switch (status) {
1747 case ADD_STA_SUCCESS:
1748 IWL_DEBUG_WEP(mvm, "MODIFY_STA: remove sta key passed\n");
1749 break;
1750 default:
1751 ret = -EIO;
1752 IWL_ERR(mvm, "MODIFY_STA: remove sta key failed\n");
1753 break;
1754 }
1755
1756 return ret;
1757 }
1758
1759 int iwl_mvm_set_sta_key(struct iwl_mvm *mvm,
1760 struct ieee80211_vif *vif,
1761 struct ieee80211_sta *sta,
1762 struct ieee80211_key_conf *keyconf,
1763 u8 key_offset)
1764 {
1765 bool mcast = !(keyconf->flags & IEEE80211_KEY_FLAG_PAIRWISE);
1766 struct iwl_mvm_sta *mvm_sta;
1767 u8 sta_id;
1768 int ret;
1769 static const u8 __maybe_unused zero_addr[ETH_ALEN] = {0};
1770
1771 lockdep_assert_held(&mvm->mutex);
1772
1773 /* Get the station id from the mvm local station table */
1774 mvm_sta = iwl_mvm_get_key_sta(mvm, vif, sta);
1775 if (!mvm_sta) {
1776 IWL_ERR(mvm, "Failed to find station\n");
1777 return -EINVAL;
1778 }
1779 sta_id = mvm_sta->sta_id;
1780
1781 if (keyconf->cipher == WLAN_CIPHER_SUITE_AES_CMAC) {
1782 ret = iwl_mvm_send_sta_igtk(mvm, keyconf, sta_id, false);
1783 goto end;
1784 }
1785
1786 /*
1787 * It is possible that the 'sta' parameter is NULL, and thus
1788 * there is a need to retrieve the sta from the local station table.
1789 */
1790 if (!sta) {
1791 sta = rcu_dereference_protected(mvm->fw_id_to_mac_id[sta_id],
1792 lockdep_is_held(&mvm->mutex));
1793 if (IS_ERR_OR_NULL(sta)) {
1794 IWL_ERR(mvm, "Invalid station id\n");
1795 return -EINVAL;
1796 }
1797 }
1798
1799 if (WARN_ON_ONCE(iwl_mvm_sta_from_mac80211(sta)->vif != vif))
1800 return -EINVAL;
1801
1802 /* If the key_offset is not pre-assigned, we need to find a
1803 * new offset to use. In normal cases, the offset is not
1804 * pre-assigned, but during HW_RESTART we want to reuse the
1805 * same indices, so we pass them when this function is called.
1806 *
1807 * In D3 entry, we need to hardcoded the indices (because the
1808 * firmware hardcodes the PTK offset to 0). In this case, we
1809 * need to make sure we don't overwrite the hw_key_idx in the
1810 * keyconf structure, because otherwise we cannot configure
1811 * the original ones back when resuming.
1812 */
1813 if (key_offset == STA_KEY_IDX_INVALID) {
1814 key_offset = iwl_mvm_set_fw_key_idx(mvm);
1815 if (key_offset == STA_KEY_IDX_INVALID)
1816 return -ENOSPC;
1817 keyconf->hw_key_idx = key_offset;
1818 }
1819
1820 ret = __iwl_mvm_set_sta_key(mvm, vif, sta, keyconf, key_offset, mcast);
1821 if (ret)
1822 goto end;
1823
1824 /*
1825 * For WEP, the same key is used for multicast and unicast. Upload it
1826 * again, using the same key offset, and now pointing the other one
1827 * to the same key slot (offset).
1828 * If this fails, remove the original as well.
1829 */
1830 if (keyconf->cipher == WLAN_CIPHER_SUITE_WEP40 ||
1831 keyconf->cipher == WLAN_CIPHER_SUITE_WEP104) {
1832 ret = __iwl_mvm_set_sta_key(mvm, vif, sta, keyconf,
1833 key_offset, !mcast);
1834 if (ret) {
1835 __iwl_mvm_remove_sta_key(mvm, sta_id, keyconf, mcast);
1836 goto end;
1837 }
1838 }
1839
1840 __set_bit(key_offset, mvm->fw_key_table);
1841
1842 end:
1843 IWL_DEBUG_WEP(mvm, "key: cipher=%x len=%d idx=%d sta=%pM ret=%d\n",
1844 keyconf->cipher, keyconf->keylen, keyconf->keyidx,
1845 sta ? sta->addr : zero_addr, ret);
1846 return ret;
1847 }
1848
1849 int iwl_mvm_remove_sta_key(struct iwl_mvm *mvm,
1850 struct ieee80211_vif *vif,
1851 struct ieee80211_sta *sta,
1852 struct ieee80211_key_conf *keyconf)
1853 {
1854 bool mcast = !(keyconf->flags & IEEE80211_KEY_FLAG_PAIRWISE);
1855 struct iwl_mvm_sta *mvm_sta;
1856 u8 sta_id = IWL_MVM_STATION_COUNT;
1857 int ret, i;
1858
1859 lockdep_assert_held(&mvm->mutex);
1860
1861 /* Get the station from the mvm local station table */
1862 mvm_sta = iwl_mvm_get_key_sta(mvm, vif, sta);
1863
1864 IWL_DEBUG_WEP(mvm, "mvm remove dynamic key: idx=%d sta=%d\n",
1865 keyconf->keyidx, sta_id);
1866
1867 if (keyconf->cipher == WLAN_CIPHER_SUITE_AES_CMAC)
1868 return iwl_mvm_send_sta_igtk(mvm, keyconf, sta_id, true);
1869
1870 if (!__test_and_clear_bit(keyconf->hw_key_idx, mvm->fw_key_table)) {
1871 IWL_ERR(mvm, "offset %d not used in fw key table.\n",
1872 keyconf->hw_key_idx);
1873 return -ENOENT;
1874 }
1875
1876 /* track which key was deleted last */
1877 for (i = 0; i < STA_KEY_MAX_NUM; i++) {
1878 if (mvm->fw_key_deleted[i] < U8_MAX)
1879 mvm->fw_key_deleted[i]++;
1880 }
1881 mvm->fw_key_deleted[keyconf->hw_key_idx] = 0;
1882
1883 if (!mvm_sta) {
1884 IWL_DEBUG_WEP(mvm, "station non-existent, early return.\n");
1885 return 0;
1886 }
1887
1888 sta_id = mvm_sta->sta_id;
1889
1890 ret = __iwl_mvm_remove_sta_key(mvm, sta_id, keyconf, mcast);
1891 if (ret)
1892 return ret;
1893
1894 /* delete WEP key twice to get rid of (now useless) offset */
1895 if (keyconf->cipher == WLAN_CIPHER_SUITE_WEP40 ||
1896 keyconf->cipher == WLAN_CIPHER_SUITE_WEP104)
1897 ret = __iwl_mvm_remove_sta_key(mvm, sta_id, keyconf, !mcast);
1898
1899 return ret;
1900 }
1901
1902 void iwl_mvm_update_tkip_key(struct iwl_mvm *mvm,
1903 struct ieee80211_vif *vif,
1904 struct ieee80211_key_conf *keyconf,
1905 struct ieee80211_sta *sta, u32 iv32,
1906 u16 *phase1key)
1907 {
1908 struct iwl_mvm_sta *mvm_sta;
1909 bool mcast = !(keyconf->flags & IEEE80211_KEY_FLAG_PAIRWISE);
1910
1911 rcu_read_lock();
1912
1913 mvm_sta = iwl_mvm_get_key_sta(mvm, vif, sta);
1914 if (WARN_ON_ONCE(!mvm_sta))
1915 goto unlock;
1916 iwl_mvm_send_sta_key(mvm, mvm_sta, keyconf, mcast,
1917 iv32, phase1key, CMD_ASYNC, keyconf->hw_key_idx);
1918
1919 unlock:
1920 rcu_read_unlock();
1921 }
1922
1923 void iwl_mvm_sta_modify_ps_wake(struct iwl_mvm *mvm,
1924 struct ieee80211_sta *sta)
1925 {
1926 struct iwl_mvm_sta *mvmsta = iwl_mvm_sta_from_mac80211(sta);
1927 struct iwl_mvm_add_sta_cmd cmd = {
1928 .add_modify = STA_MODE_MODIFY,
1929 .sta_id = mvmsta->sta_id,
1930 .station_flags_msk = cpu_to_le32(STA_FLG_PS),
1931 .mac_id_n_color = cpu_to_le32(mvmsta->mac_id_n_color),
1932 };
1933 int ret;
1934
1935 ret = iwl_mvm_send_cmd_pdu(mvm, ADD_STA, CMD_ASYNC,
1936 iwl_mvm_add_sta_cmd_size(mvm), &cmd);
1937 if (ret)
1938 IWL_ERR(mvm, "Failed to send ADD_STA command (%d)\n", ret);
1939 }
1940
1941 void iwl_mvm_sta_modify_sleep_tx_count(struct iwl_mvm *mvm,
1942 struct ieee80211_sta *sta,
1943 enum ieee80211_frame_release_type reason,
1944 u16 cnt, u16 tids, bool more_data,
1945 bool agg)
1946 {
1947 struct iwl_mvm_sta *mvmsta = iwl_mvm_sta_from_mac80211(sta);
1948 struct iwl_mvm_add_sta_cmd cmd = {
1949 .add_modify = STA_MODE_MODIFY,
1950 .sta_id = mvmsta->sta_id,
1951 .modify_mask = STA_MODIFY_SLEEPING_STA_TX_COUNT,
1952 .sleep_tx_count = cpu_to_le16(cnt),
1953 .mac_id_n_color = cpu_to_le32(mvmsta->mac_id_n_color),
1954 };
1955 int tid, ret;
1956 unsigned long _tids = tids;
1957
1958 /* convert TIDs to ACs - we don't support TSPEC so that's OK
1959 * Note that this field is reserved and unused by firmware not
1960 * supporting GO uAPSD, so it's safe to always do this.
1961 */
1962 for_each_set_bit(tid, &_tids, IWL_MAX_TID_COUNT)
1963 cmd.awake_acs |= BIT(tid_to_ucode_ac[tid]);
1964
1965 /* If we're releasing frames from aggregation queues then check if the
1966 * all queues combined that we're releasing frames from have
1967 * - more frames than the service period, in which case more_data
1968 * needs to be set
1969 * - fewer than 'cnt' frames, in which case we need to adjust the
1970 * firmware command (but do that unconditionally)
1971 */
1972 if (agg) {
1973 int remaining = cnt;
1974 int sleep_tx_count;
1975
1976 spin_lock_bh(&mvmsta->lock);
1977 for_each_set_bit(tid, &_tids, IWL_MAX_TID_COUNT) {
1978 struct iwl_mvm_tid_data *tid_data;
1979 u16 n_queued;
1980
1981 tid_data = &mvmsta->tid_data[tid];
1982 if (WARN(tid_data->state != IWL_AGG_ON &&
1983 tid_data->state != IWL_EMPTYING_HW_QUEUE_DELBA,
1984 "TID %d state is %d\n",
1985 tid, tid_data->state)) {
1986 spin_unlock_bh(&mvmsta->lock);
1987 ieee80211_sta_eosp(sta);
1988 return;
1989 }
1990
1991 n_queued = iwl_mvm_tid_queued(tid_data);
1992 if (n_queued > remaining) {
1993 more_data = true;
1994 remaining = 0;
1995 break;
1996 }
1997 remaining -= n_queued;
1998 }
1999 sleep_tx_count = cnt - remaining;
2000 if (reason == IEEE80211_FRAME_RELEASE_UAPSD)
2001 mvmsta->sleep_tx_count = sleep_tx_count;
2002 spin_unlock_bh(&mvmsta->lock);
2003
2004 cmd.sleep_tx_count = cpu_to_le16(sleep_tx_count);
2005 if (WARN_ON(cnt - remaining == 0)) {
2006 ieee80211_sta_eosp(sta);
2007 return;
2008 }
2009 }
2010
2011 /* Note: this is ignored by firmware not supporting GO uAPSD */
2012 if (more_data)
2013 cmd.sleep_state_flags |= cpu_to_le16(STA_SLEEP_STATE_MOREDATA);
2014
2015 if (reason == IEEE80211_FRAME_RELEASE_PSPOLL) {
2016 mvmsta->next_status_eosp = true;
2017 cmd.sleep_state_flags |= cpu_to_le16(STA_SLEEP_STATE_PS_POLL);
2018 } else {
2019 cmd.sleep_state_flags |= cpu_to_le16(STA_SLEEP_STATE_UAPSD);
2020 }
2021
2022 /* block the Tx queues until the FW updated the sleep Tx count */
2023 iwl_trans_block_txq_ptrs(mvm->trans, true);
2024
2025 ret = iwl_mvm_send_cmd_pdu(mvm, ADD_STA,
2026 CMD_ASYNC | CMD_WANT_ASYNC_CALLBACK,
2027 iwl_mvm_add_sta_cmd_size(mvm), &cmd);
2028 if (ret)
2029 IWL_ERR(mvm, "Failed to send ADD_STA command (%d)\n", ret);
2030 }
2031
2032 void iwl_mvm_rx_eosp_notif(struct iwl_mvm *mvm,
2033 struct iwl_rx_cmd_buffer *rxb)
2034 {
2035 struct iwl_rx_packet *pkt = rxb_addr(rxb);
2036 struct iwl_mvm_eosp_notification *notif = (void *)pkt->data;
2037 struct ieee80211_sta *sta;
2038 u32 sta_id = le32_to_cpu(notif->sta_id);
2039
2040 if (WARN_ON_ONCE(sta_id >= IWL_MVM_STATION_COUNT))
2041 return;
2042
2043 rcu_read_lock();
2044 sta = rcu_dereference(mvm->fw_id_to_mac_id[sta_id]);
2045 if (!IS_ERR_OR_NULL(sta))
2046 ieee80211_sta_eosp(sta);
2047 rcu_read_unlock();
2048 }
2049
2050 void iwl_mvm_sta_modify_disable_tx(struct iwl_mvm *mvm,
2051 struct iwl_mvm_sta *mvmsta, bool disable)
2052 {
2053 struct iwl_mvm_add_sta_cmd cmd = {
2054 .add_modify = STA_MODE_MODIFY,
2055 .sta_id = mvmsta->sta_id,
2056 .station_flags = disable ? cpu_to_le32(STA_FLG_DISABLE_TX) : 0,
2057 .station_flags_msk = cpu_to_le32(STA_FLG_DISABLE_TX),
2058 .mac_id_n_color = cpu_to_le32(mvmsta->mac_id_n_color),
2059 };
2060 int ret;
2061
2062 ret = iwl_mvm_send_cmd_pdu(mvm, ADD_STA, CMD_ASYNC,
2063 iwl_mvm_add_sta_cmd_size(mvm), &cmd);
2064 if (ret)
2065 IWL_ERR(mvm, "Failed to send ADD_STA command (%d)\n", ret);
2066 }
2067
2068 void iwl_mvm_sta_modify_disable_tx_ap(struct iwl_mvm *mvm,
2069 struct ieee80211_sta *sta,
2070 bool disable)
2071 {
2072 struct iwl_mvm_sta *mvm_sta = iwl_mvm_sta_from_mac80211(sta);
2073
2074 spin_lock_bh(&mvm_sta->lock);
2075
2076 if (mvm_sta->disable_tx == disable) {
2077 spin_unlock_bh(&mvm_sta->lock);
2078 return;
2079 }
2080
2081 mvm_sta->disable_tx = disable;
2082
2083 /*
2084 * Tell mac80211 to start/stop queuing tx for this station,
2085 * but don't stop queuing if there are still pending frames
2086 * for this station.
2087 */
2088 if (disable || !atomic_read(&mvm->pending_frames[mvm_sta->sta_id]))
2089 ieee80211_sta_block_awake(mvm->hw, sta, disable);
2090
2091 iwl_mvm_sta_modify_disable_tx(mvm, mvm_sta, disable);
2092
2093 spin_unlock_bh(&mvm_sta->lock);
2094 }
2095
2096 void iwl_mvm_modify_all_sta_disable_tx(struct iwl_mvm *mvm,
2097 struct iwl_mvm_vif *mvmvif,
2098 bool disable)
2099 {
2100 struct ieee80211_sta *sta;
2101 struct iwl_mvm_sta *mvm_sta;
2102 int i;
2103
2104 lockdep_assert_held(&mvm->mutex);
2105
2106 /* Block/unblock all the stations of the given mvmvif */
2107 for (i = 0; i < IWL_MVM_STATION_COUNT; i++) {
2108 sta = rcu_dereference_protected(mvm->fw_id_to_mac_id[i],
2109 lockdep_is_held(&mvm->mutex));
2110 if (IS_ERR_OR_NULL(sta))
2111 continue;
2112
2113 mvm_sta = iwl_mvm_sta_from_mac80211(sta);
2114 if (mvm_sta->mac_id_n_color !=
2115 FW_CMD_ID_AND_COLOR(mvmvif->id, mvmvif->color))
2116 continue;
2117
2118 iwl_mvm_sta_modify_disable_tx_ap(mvm, sta, disable);
2119 }
2120 }
2121
2122 void iwl_mvm_csa_client_absent(struct iwl_mvm *mvm, struct ieee80211_vif *vif)
2123 {
2124 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
2125 struct iwl_mvm_sta *mvmsta;
2126
2127 rcu_read_lock();
2128
2129 mvmsta = iwl_mvm_sta_from_staid_rcu(mvm, mvmvif->ap_sta_id);
2130
2131 if (!WARN_ON(!mvmsta))
2132 iwl_mvm_sta_modify_disable_tx(mvm, mvmsta, true);
2133
2134 rcu_read_unlock();
2135 }
Ubuntu Hirsute Linux kernel mirror