1 /******************************************************************************
3 * This file is provided under a dual BSD/GPLv2 license. When using or
4 * redistributing this file, you may do so under either license.
8 * Copyright(c) 2012 - 2015 Intel Corporation. All rights reserved.
9 * Copyright(c) 2013 - 2015 Intel Mobile Communications GmbH
10 * Copyright(c) 2016 Intel Deutschland GmbH
12 * This program is free software; you can redistribute it and/or modify
13 * it under the terms of version 2 of the GNU General Public License as
14 * published by the Free Software Foundation.
16 * This program is distributed in the hope that it will be useful, but
17 * WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
19 * General Public License for more details.
21 * You should have received a copy of the GNU General Public License
22 * along with this program; if not, write to the Free Software
23 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110,
26 * The full GNU General Public License is included in this distribution
27 * in the file called COPYING.
29 * Contact Information:
30 * Intel Linux Wireless <linuxwifi@intel.com>
31 * Intel Corporation, 5200 N.E. Elam Young Parkway, Hillsboro, OR 97124-6497
35 * Copyright(c) 2012 - 2015 Intel Corporation. All rights reserved.
36 * Copyright(c) 2013 - 2015 Intel Mobile Communications GmbH
37 * Copyright(c) 2016 Intel Deutschland GmbH
38 * All rights reserved.
40 * Redistribution and use in source and binary forms, with or without
41 * modification, are permitted provided that the following conditions
44 * * Redistributions of source code must retain the above copyright
45 * notice, this list of conditions and the following disclaimer.
46 * * Redistributions in binary form must reproduce the above copyright
47 * notice, this list of conditions and the following disclaimer in
48 * the documentation and/or other materials provided with the
50 * * Neither the name Intel Corporation nor the names of its
51 * contributors may be used to endorse or promote products derived
52 * from this software without specific prior written permission.
54 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
55 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
56 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
57 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
58 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
59 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
60 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
61 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
62 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
63 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
64 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
66 *****************************************************************************/
67 #include <net/mac80211.h>
74 * New version of ADD_STA_sta command added new fields at the end of the
75 * structure, so sending the size of the relevant API's structure is enough to
76 * support both API versions.
78 static inline int iwl_mvm_add_sta_cmd_size(struct iwl_mvm *mvm)
80 return iwl_mvm_has_new_rx_api(mvm) ?
81 sizeof(struct iwl_mvm_add_sta_cmd) :
82 sizeof(struct iwl_mvm_add_sta_cmd_v7);
85 static int iwl_mvm_find_free_sta_id(struct iwl_mvm *mvm,
86 enum nl80211_iftype iftype)
91 BUILD_BUG_ON(IWL_MVM_STATION_COUNT > 32);
92 WARN_ON_ONCE(test_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status));
94 lockdep_assert_held(&mvm->mutex);
96 /* d0i3/d3 assumes the AP's sta_id (of sta vif) is 0. reserve it. */
97 if (iftype != NL80211_IFTYPE_STATION)
98 reserved_ids = BIT(0);
100 /* Don't take rcu_read_lock() since we are protected by mvm->mutex */
101 for (sta_id = 0; sta_id < IWL_MVM_STATION_COUNT; sta_id++) {
102 if (BIT(sta_id) & reserved_ids)
105 if (!rcu_dereference_protected(mvm->fw_id_to_mac_id[sta_id],
106 lockdep_is_held(&mvm->mutex)))
109 return IWL_MVM_STATION_COUNT;
112 /* send station add/update command to firmware */
113 int iwl_mvm_sta_send_to_fw(struct iwl_mvm *mvm, struct ieee80211_sta *sta,
116 struct iwl_mvm_sta *mvm_sta = iwl_mvm_sta_from_mac80211(sta);
117 struct iwl_mvm_add_sta_cmd add_sta_cmd = {
118 .sta_id = mvm_sta->sta_id,
119 .mac_id_n_color = cpu_to_le32(mvm_sta->mac_id_n_color),
120 .add_modify = update ? 1 : 0,
121 .station_flags_msk = cpu_to_le32(STA_FLG_FAT_EN_MSK |
122 STA_FLG_MIMO_EN_MSK),
123 .tid_disable_tx = cpu_to_le16(mvm_sta->tid_disable_agg),
127 u32 agg_size = 0, mpdu_dens = 0;
130 add_sta_cmd.tfd_queue_msk = cpu_to_le32(mvm_sta->tfd_queue_msk);
131 memcpy(&add_sta_cmd.addr, sta->addr, ETH_ALEN);
134 switch (sta->bandwidth) {
135 case IEEE80211_STA_RX_BW_160:
136 add_sta_cmd.station_flags |= cpu_to_le32(STA_FLG_FAT_EN_160MHZ);
138 case IEEE80211_STA_RX_BW_80:
139 add_sta_cmd.station_flags |= cpu_to_le32(STA_FLG_FAT_EN_80MHZ);
141 case IEEE80211_STA_RX_BW_40:
142 add_sta_cmd.station_flags |= cpu_to_le32(STA_FLG_FAT_EN_40MHZ);
144 case IEEE80211_STA_RX_BW_20:
145 if (sta->ht_cap.ht_supported)
146 add_sta_cmd.station_flags |=
147 cpu_to_le32(STA_FLG_FAT_EN_20MHZ);
151 switch (sta->rx_nss) {
153 add_sta_cmd.station_flags |= cpu_to_le32(STA_FLG_MIMO_EN_SISO);
156 add_sta_cmd.station_flags |= cpu_to_le32(STA_FLG_MIMO_EN_MIMO2);
159 add_sta_cmd.station_flags |= cpu_to_le32(STA_FLG_MIMO_EN_MIMO3);
163 switch (sta->smps_mode) {
164 case IEEE80211_SMPS_AUTOMATIC:
165 case IEEE80211_SMPS_NUM_MODES:
168 case IEEE80211_SMPS_STATIC:
170 add_sta_cmd.station_flags &= ~cpu_to_le32(STA_FLG_MIMO_EN_MSK);
171 add_sta_cmd.station_flags |= cpu_to_le32(STA_FLG_MIMO_EN_SISO);
173 case IEEE80211_SMPS_DYNAMIC:
174 add_sta_cmd.station_flags |= cpu_to_le32(STA_FLG_RTS_MIMO_PROT);
176 case IEEE80211_SMPS_OFF:
181 if (sta->ht_cap.ht_supported) {
182 add_sta_cmd.station_flags_msk |=
183 cpu_to_le32(STA_FLG_MAX_AGG_SIZE_MSK |
184 STA_FLG_AGG_MPDU_DENS_MSK);
186 mpdu_dens = sta->ht_cap.ampdu_density;
189 if (sta->vht_cap.vht_supported) {
190 agg_size = sta->vht_cap.cap &
191 IEEE80211_VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MASK;
193 IEEE80211_VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_SHIFT;
194 } else if (sta->ht_cap.ht_supported) {
195 agg_size = sta->ht_cap.ampdu_factor;
198 add_sta_cmd.station_flags |=
199 cpu_to_le32(agg_size << STA_FLG_MAX_AGG_SIZE_SHIFT);
200 add_sta_cmd.station_flags |=
201 cpu_to_le32(mpdu_dens << STA_FLG_AGG_MPDU_DENS_SHIFT);
203 status = ADD_STA_SUCCESS;
204 ret = iwl_mvm_send_cmd_pdu_status(mvm, ADD_STA,
205 iwl_mvm_add_sta_cmd_size(mvm),
206 &add_sta_cmd, &status);
210 switch (status & IWL_ADD_STA_STATUS_MASK) {
211 case ADD_STA_SUCCESS:
212 IWL_DEBUG_ASSOC(mvm, "ADD_STA PASSED\n");
216 IWL_ERR(mvm, "ADD_STA failed\n");
223 static int iwl_mvm_tdls_sta_init(struct iwl_mvm *mvm,
224 struct ieee80211_sta *sta)
226 unsigned long used_hw_queues;
227 struct iwl_mvm_sta *mvmsta = iwl_mvm_sta_from_mac80211(sta);
228 unsigned int wdg_timeout =
229 iwl_mvm_get_wd_timeout(mvm, NULL, true, false);
232 lockdep_assert_held(&mvm->mutex);
234 used_hw_queues = iwl_mvm_get_used_hw_queues(mvm, NULL);
236 /* Find available queues, and allocate them to the ACs */
237 for (ac = 0; ac < IEEE80211_NUM_ACS; ac++) {
238 u8 queue = find_first_zero_bit(&used_hw_queues,
239 mvm->first_agg_queue);
241 if (queue >= mvm->first_agg_queue) {
242 IWL_ERR(mvm, "Failed to allocate STA queue\n");
246 __set_bit(queue, &used_hw_queues);
247 mvmsta->hw_queue[ac] = queue;
250 /* Found a place for all queues - enable them */
251 for (ac = 0; ac < IEEE80211_NUM_ACS; ac++) {
252 iwl_mvm_enable_ac_txq(mvm, mvmsta->hw_queue[ac],
253 mvmsta->hw_queue[ac],
254 iwl_mvm_ac_to_tx_fifo[ac], 0,
256 mvmsta->tfd_queue_msk |= BIT(mvmsta->hw_queue[ac]);
262 static void iwl_mvm_tdls_sta_deinit(struct iwl_mvm *mvm,
263 struct ieee80211_sta *sta)
265 struct iwl_mvm_sta *mvmsta = iwl_mvm_sta_from_mac80211(sta);
266 unsigned long sta_msk;
269 lockdep_assert_held(&mvm->mutex);
271 /* disable the TDLS STA-specific queues */
272 sta_msk = mvmsta->tfd_queue_msk;
273 for_each_set_bit(i, &sta_msk, sizeof(sta_msk) * BITS_PER_BYTE)
274 iwl_mvm_disable_txq(mvm, i, i, IWL_MAX_TID_COUNT, 0);
277 int iwl_mvm_add_sta(struct iwl_mvm *mvm,
278 struct ieee80211_vif *vif,
279 struct ieee80211_sta *sta)
281 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
282 struct iwl_mvm_sta *mvm_sta = iwl_mvm_sta_from_mac80211(sta);
283 struct iwl_mvm_rxq_dup_data *dup_data;
286 lockdep_assert_held(&mvm->mutex);
288 if (!test_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status))
289 sta_id = iwl_mvm_find_free_sta_id(mvm,
290 ieee80211_vif_type_p2p(vif));
292 sta_id = mvm_sta->sta_id;
294 if (sta_id == IWL_MVM_STATION_COUNT)
297 spin_lock_init(&mvm_sta->lock);
299 mvm_sta->sta_id = sta_id;
300 mvm_sta->mac_id_n_color = FW_CMD_ID_AND_COLOR(mvmvif->id,
303 mvm_sta->max_agg_bufsize = LINK_QUAL_AGG_FRAME_LIMIT_DEF;
304 mvm_sta->tx_protection = 0;
305 mvm_sta->tt_tx_protection = false;
307 /* HW restart, don't assume the memory has been zeroed */
308 atomic_set(&mvm->pending_frames[sta_id], 0);
309 mvm_sta->tid_disable_agg = 0xffff; /* No aggs at first */
310 mvm_sta->tfd_queue_msk = 0;
312 /* allocate new queues for a TDLS station */
314 ret = iwl_mvm_tdls_sta_init(mvm, sta);
318 for (i = 0; i < IEEE80211_NUM_ACS; i++)
319 if (vif->hw_queue[i] != IEEE80211_INVAL_HW_QUEUE)
320 mvm_sta->tfd_queue_msk |= BIT(vif->hw_queue[i]);
323 /* for HW restart - reset everything but the sequence number */
324 for (i = 0; i < IWL_MAX_TID_COUNT; i++) {
325 u16 seq = mvm_sta->tid_data[i].seq_number;
326 memset(&mvm_sta->tid_data[i], 0, sizeof(mvm_sta->tid_data[i]));
327 mvm_sta->tid_data[i].seq_number = seq;
329 mvm_sta->agg_tids = 0;
331 if (iwl_mvm_has_new_rx_api(mvm) &&
332 !test_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status)) {
333 dup_data = kcalloc(mvm->trans->num_rx_queues,
338 mvm_sta->dup_data = dup_data;
341 ret = iwl_mvm_sta_send_to_fw(mvm, sta, false);
345 if (vif->type == NL80211_IFTYPE_STATION) {
347 WARN_ON(mvmvif->ap_sta_id != IWL_MVM_STATION_COUNT);
348 mvmvif->ap_sta_id = sta_id;
350 WARN_ON(mvmvif->ap_sta_id == IWL_MVM_STATION_COUNT);
354 rcu_assign_pointer(mvm->fw_id_to_mac_id[sta_id], sta);
359 iwl_mvm_tdls_sta_deinit(mvm, sta);
363 int iwl_mvm_update_sta(struct iwl_mvm *mvm,
364 struct ieee80211_vif *vif,
365 struct ieee80211_sta *sta)
367 return iwl_mvm_sta_send_to_fw(mvm, sta, true);
370 int iwl_mvm_drain_sta(struct iwl_mvm *mvm, struct iwl_mvm_sta *mvmsta,
373 struct iwl_mvm_add_sta_cmd cmd = {};
377 lockdep_assert_held(&mvm->mutex);
379 cmd.mac_id_n_color = cpu_to_le32(mvmsta->mac_id_n_color);
380 cmd.sta_id = mvmsta->sta_id;
381 cmd.add_modify = STA_MODE_MODIFY;
382 cmd.station_flags = drain ? cpu_to_le32(STA_FLG_DRAIN_FLOW) : 0;
383 cmd.station_flags_msk = cpu_to_le32(STA_FLG_DRAIN_FLOW);
385 status = ADD_STA_SUCCESS;
386 ret = iwl_mvm_send_cmd_pdu_status(mvm, ADD_STA,
387 iwl_mvm_add_sta_cmd_size(mvm),
392 switch (status & IWL_ADD_STA_STATUS_MASK) {
393 case ADD_STA_SUCCESS:
394 IWL_DEBUG_INFO(mvm, "Frames for staid %d will drained in fw\n",
399 IWL_ERR(mvm, "Couldn't drain frames for staid %d\n",
408 * Remove a station from the FW table. Before sending the command to remove
409 * the station validate that the station is indeed known to the driver (sanity
412 static int iwl_mvm_rm_sta_common(struct iwl_mvm *mvm, u8 sta_id)
414 struct ieee80211_sta *sta;
415 struct iwl_mvm_rm_sta_cmd rm_sta_cmd = {
420 sta = rcu_dereference_protected(mvm->fw_id_to_mac_id[sta_id],
421 lockdep_is_held(&mvm->mutex));
423 /* Note: internal stations are marked as error values */
425 IWL_ERR(mvm, "Invalid station id\n");
429 ret = iwl_mvm_send_cmd_pdu(mvm, REMOVE_STA, 0,
430 sizeof(rm_sta_cmd), &rm_sta_cmd);
432 IWL_ERR(mvm, "Failed to remove station. Id=%d\n", sta_id);
439 void iwl_mvm_sta_drained_wk(struct work_struct *wk)
441 struct iwl_mvm *mvm = container_of(wk, struct iwl_mvm, sta_drained_wk);
445 * The mutex is needed because of the SYNC cmd, but not only: if the
446 * work would run concurrently with iwl_mvm_rm_sta, it would run before
447 * iwl_mvm_rm_sta sets the station as busy, and exit. Then
448 * iwl_mvm_rm_sta would set the station as busy, and nobody will clean
451 mutex_lock(&mvm->mutex);
453 for_each_set_bit(sta_id, mvm->sta_drained, IWL_MVM_STATION_COUNT) {
455 struct ieee80211_sta *sta =
456 rcu_dereference_protected(mvm->fw_id_to_mac_id[sta_id],
457 lockdep_is_held(&mvm->mutex));
460 * This station is in use or RCU-removed; the latter happens in
461 * managed mode, where mac80211 removes the station before we
462 * can remove it from firmware (we can only do that after the
463 * MAC is marked unassociated), and possibly while the deauth
464 * frame to disconnect from the AP is still queued. Then, the
465 * station pointer is -ENOENT when the last skb is reclaimed.
467 if (!IS_ERR(sta) || PTR_ERR(sta) == -ENOENT)
470 if (PTR_ERR(sta) == -EINVAL) {
471 IWL_ERR(mvm, "Drained sta %d, but it is internal?\n",
477 IWL_ERR(mvm, "Drained sta %d, but it was NULL?\n",
482 WARN_ON(PTR_ERR(sta) != -EBUSY);
483 /* This station was removed and we waited until it got drained,
484 * we can now proceed and remove it.
486 ret = iwl_mvm_rm_sta_common(mvm, sta_id);
489 "Couldn't remove sta %d after it was drained\n",
493 RCU_INIT_POINTER(mvm->fw_id_to_mac_id[sta_id], NULL);
494 clear_bit(sta_id, mvm->sta_drained);
496 if (mvm->tfd_drained[sta_id]) {
497 unsigned long i, msk = mvm->tfd_drained[sta_id];
499 for_each_set_bit(i, &msk, sizeof(msk) * BITS_PER_BYTE)
500 iwl_mvm_disable_txq(mvm, i, i,
501 IWL_MAX_TID_COUNT, 0);
503 mvm->tfd_drained[sta_id] = 0;
504 IWL_DEBUG_TDLS(mvm, "Drained sta %d, with queues %ld\n",
509 mutex_unlock(&mvm->mutex);
512 int iwl_mvm_rm_sta(struct iwl_mvm *mvm,
513 struct ieee80211_vif *vif,
514 struct ieee80211_sta *sta)
516 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
517 struct iwl_mvm_sta *mvm_sta = iwl_mvm_sta_from_mac80211(sta);
520 lockdep_assert_held(&mvm->mutex);
522 if (iwl_mvm_has_new_rx_api(mvm))
523 kfree(mvm_sta->dup_data);
525 if (vif->type == NL80211_IFTYPE_STATION &&
526 mvmvif->ap_sta_id == mvm_sta->sta_id) {
527 ret = iwl_mvm_drain_sta(mvm, mvm_sta, true);
530 /* flush its queues here since we are freeing mvm_sta */
531 ret = iwl_mvm_flush_tx_path(mvm, mvm_sta->tfd_queue_msk, 0);
534 ret = iwl_trans_wait_tx_queue_empty(mvm->trans,
535 mvm_sta->tfd_queue_msk);
538 ret = iwl_mvm_drain_sta(mvm, mvm_sta, false);
540 /* if we are associated - we can't remove the AP STA now */
541 if (vif->bss_conf.assoc)
544 /* unassoc - go ahead - remove the AP STA now */
545 mvmvif->ap_sta_id = IWL_MVM_STATION_COUNT;
547 /* clear d0i3_ap_sta_id if no longer relevant */
548 if (mvm->d0i3_ap_sta_id == mvm_sta->sta_id)
549 mvm->d0i3_ap_sta_id = IWL_MVM_STATION_COUNT;
553 * This shouldn't happen - the TDLS channel switch should be canceled
554 * before the STA is removed.
556 if (WARN_ON_ONCE(mvm->tdls_cs.peer.sta_id == mvm_sta->sta_id)) {
557 mvm->tdls_cs.peer.sta_id = IWL_MVM_STATION_COUNT;
558 cancel_delayed_work(&mvm->tdls_cs.dwork);
562 * Make sure that the tx response code sees the station as -EBUSY and
563 * calls the drain worker.
565 spin_lock_bh(&mvm_sta->lock);
567 * There are frames pending on the AC queues for this station.
568 * We need to wait until all the frames are drained...
570 if (atomic_read(&mvm->pending_frames[mvm_sta->sta_id])) {
571 rcu_assign_pointer(mvm->fw_id_to_mac_id[mvm_sta->sta_id],
573 spin_unlock_bh(&mvm_sta->lock);
575 /* disable TDLS sta queues on drain complete */
577 mvm->tfd_drained[mvm_sta->sta_id] =
578 mvm_sta->tfd_queue_msk;
579 IWL_DEBUG_TDLS(mvm, "Draining TDLS sta %d\n",
583 ret = iwl_mvm_drain_sta(mvm, mvm_sta, true);
585 spin_unlock_bh(&mvm_sta->lock);
588 iwl_mvm_tdls_sta_deinit(mvm, sta);
590 ret = iwl_mvm_rm_sta_common(mvm, mvm_sta->sta_id);
591 RCU_INIT_POINTER(mvm->fw_id_to_mac_id[mvm_sta->sta_id], NULL);
597 int iwl_mvm_rm_sta_id(struct iwl_mvm *mvm,
598 struct ieee80211_vif *vif,
601 int ret = iwl_mvm_rm_sta_common(mvm, sta_id);
603 lockdep_assert_held(&mvm->mutex);
605 RCU_INIT_POINTER(mvm->fw_id_to_mac_id[sta_id], NULL);
609 int iwl_mvm_allocate_int_sta(struct iwl_mvm *mvm,
610 struct iwl_mvm_int_sta *sta,
611 u32 qmask, enum nl80211_iftype iftype)
613 if (!test_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status)) {
614 sta->sta_id = iwl_mvm_find_free_sta_id(mvm, iftype);
615 if (WARN_ON_ONCE(sta->sta_id == IWL_MVM_STATION_COUNT))
619 sta->tfd_queue_msk = qmask;
621 /* put a non-NULL value so iterating over the stations won't stop */
622 rcu_assign_pointer(mvm->fw_id_to_mac_id[sta->sta_id], ERR_PTR(-EINVAL));
626 static void iwl_mvm_dealloc_int_sta(struct iwl_mvm *mvm,
627 struct iwl_mvm_int_sta *sta)
629 RCU_INIT_POINTER(mvm->fw_id_to_mac_id[sta->sta_id], NULL);
630 memset(sta, 0, sizeof(struct iwl_mvm_int_sta));
631 sta->sta_id = IWL_MVM_STATION_COUNT;
634 static int iwl_mvm_add_int_sta_common(struct iwl_mvm *mvm,
635 struct iwl_mvm_int_sta *sta,
637 u16 mac_id, u16 color)
639 struct iwl_mvm_add_sta_cmd cmd;
643 lockdep_assert_held(&mvm->mutex);
645 memset(&cmd, 0, sizeof(cmd));
646 cmd.sta_id = sta->sta_id;
647 cmd.mac_id_n_color = cpu_to_le32(FW_CMD_ID_AND_COLOR(mac_id,
650 cmd.tfd_queue_msk = cpu_to_le32(sta->tfd_queue_msk);
651 cmd.tid_disable_tx = cpu_to_le16(0xffff);
654 memcpy(cmd.addr, addr, ETH_ALEN);
656 ret = iwl_mvm_send_cmd_pdu_status(mvm, ADD_STA,
657 iwl_mvm_add_sta_cmd_size(mvm),
662 switch (status & IWL_ADD_STA_STATUS_MASK) {
663 case ADD_STA_SUCCESS:
664 IWL_DEBUG_INFO(mvm, "Internal station added.\n");
668 IWL_ERR(mvm, "Add internal station failed, status=0x%x\n",
675 int iwl_mvm_add_aux_sta(struct iwl_mvm *mvm)
677 unsigned int wdg_timeout = iwlmvm_mod_params.tfd_q_hang_detect ?
678 mvm->cfg->base_params->wd_timeout :
679 IWL_WATCHDOG_DISABLED;
682 lockdep_assert_held(&mvm->mutex);
684 /* Map Aux queue to fifo - needs to happen before adding Aux station */
685 iwl_mvm_enable_ac_txq(mvm, mvm->aux_queue, mvm->aux_queue,
686 IWL_MVM_TX_FIFO_MCAST, 0, wdg_timeout);
688 /* Allocate aux station and assign to it the aux queue */
689 ret = iwl_mvm_allocate_int_sta(mvm, &mvm->aux_sta, BIT(mvm->aux_queue),
690 NL80211_IFTYPE_UNSPECIFIED);
694 ret = iwl_mvm_add_int_sta_common(mvm, &mvm->aux_sta, NULL,
698 iwl_mvm_dealloc_int_sta(mvm, &mvm->aux_sta);
702 int iwl_mvm_add_snif_sta(struct iwl_mvm *mvm, struct ieee80211_vif *vif)
704 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
706 lockdep_assert_held(&mvm->mutex);
707 return iwl_mvm_add_int_sta_common(mvm, &mvm->snif_sta, vif->addr,
711 int iwl_mvm_rm_snif_sta(struct iwl_mvm *mvm, struct ieee80211_vif *vif)
715 lockdep_assert_held(&mvm->mutex);
717 ret = iwl_mvm_rm_sta_common(mvm, mvm->snif_sta.sta_id);
719 IWL_WARN(mvm, "Failed sending remove station\n");
724 void iwl_mvm_dealloc_snif_sta(struct iwl_mvm *mvm)
726 iwl_mvm_dealloc_int_sta(mvm, &mvm->snif_sta);
729 void iwl_mvm_del_aux_sta(struct iwl_mvm *mvm)
731 lockdep_assert_held(&mvm->mutex);
733 iwl_mvm_dealloc_int_sta(mvm, &mvm->aux_sta);
737 * Send the add station command for the vif's broadcast station.
738 * Assumes that the station was already allocated.
740 * @mvm: the mvm component
741 * @vif: the interface to which the broadcast station is added
742 * @bsta: the broadcast station to add.
744 int iwl_mvm_send_add_bcast_sta(struct iwl_mvm *mvm, struct ieee80211_vif *vif)
746 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
747 struct iwl_mvm_int_sta *bsta = &mvmvif->bcast_sta;
748 static const u8 _baddr[] = {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF};
749 const u8 *baddr = _baddr;
751 lockdep_assert_held(&mvm->mutex);
753 if (vif->type == NL80211_IFTYPE_ADHOC)
754 baddr = vif->bss_conf.bssid;
756 if (WARN_ON_ONCE(bsta->sta_id == IWL_MVM_STATION_COUNT))
759 return iwl_mvm_add_int_sta_common(mvm, bsta, baddr,
760 mvmvif->id, mvmvif->color);
763 /* Send the FW a request to remove the station from it's internal data
764 * structures, but DO NOT remove the entry from the local data structures. */
765 int iwl_mvm_send_rm_bcast_sta(struct iwl_mvm *mvm, struct ieee80211_vif *vif)
767 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
770 lockdep_assert_held(&mvm->mutex);
772 ret = iwl_mvm_rm_sta_common(mvm, mvmvif->bcast_sta.sta_id);
774 IWL_WARN(mvm, "Failed sending remove station\n");
778 int iwl_mvm_alloc_bcast_sta(struct iwl_mvm *mvm, struct ieee80211_vif *vif)
780 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
783 lockdep_assert_held(&mvm->mutex);
785 qmask = iwl_mvm_mac_get_queues_mask(vif);
788 * The firmware defines the TFD queue mask to only be relevant
789 * for *unicast* queues, so the multicast (CAB) queue shouldn't
792 if (vif->type == NL80211_IFTYPE_AP)
793 qmask &= ~BIT(vif->cab_queue);
795 return iwl_mvm_allocate_int_sta(mvm, &mvmvif->bcast_sta, qmask,
796 ieee80211_vif_type_p2p(vif));
799 /* Allocate a new station entry for the broadcast station to the given vif,
800 * and send it to the FW.
801 * Note that each P2P mac should have its own broadcast station.
803 * @mvm: the mvm component
804 * @vif: the interface to which the broadcast station is added
805 * @bsta: the broadcast station to add. */
806 int iwl_mvm_add_bcast_sta(struct iwl_mvm *mvm, struct ieee80211_vif *vif)
808 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
809 struct iwl_mvm_int_sta *bsta = &mvmvif->bcast_sta;
812 lockdep_assert_held(&mvm->mutex);
814 ret = iwl_mvm_alloc_bcast_sta(mvm, vif);
818 ret = iwl_mvm_send_add_bcast_sta(mvm, vif);
821 iwl_mvm_dealloc_int_sta(mvm, bsta);
826 void iwl_mvm_dealloc_bcast_sta(struct iwl_mvm *mvm, struct ieee80211_vif *vif)
828 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
830 iwl_mvm_dealloc_int_sta(mvm, &mvmvif->bcast_sta);
834 * Send the FW a request to remove the station from it's internal data
835 * structures, and in addition remove it from the local data structure.
837 int iwl_mvm_rm_bcast_sta(struct iwl_mvm *mvm, struct ieee80211_vif *vif)
841 lockdep_assert_held(&mvm->mutex);
843 ret = iwl_mvm_send_rm_bcast_sta(mvm, vif);
845 iwl_mvm_dealloc_bcast_sta(mvm, vif);
850 #define IWL_MAX_RX_BA_SESSIONS 16
852 int iwl_mvm_sta_rx_agg(struct iwl_mvm *mvm, struct ieee80211_sta *sta,
853 int tid, u16 ssn, bool start, u8 buf_size)
855 struct iwl_mvm_sta *mvm_sta = iwl_mvm_sta_from_mac80211(sta);
856 struct iwl_mvm_add_sta_cmd cmd = {};
860 lockdep_assert_held(&mvm->mutex);
862 if (start && mvm->rx_ba_sessions >= IWL_MAX_RX_BA_SESSIONS) {
863 IWL_WARN(mvm, "Not enough RX BA SESSIONS\n");
867 cmd.mac_id_n_color = cpu_to_le32(mvm_sta->mac_id_n_color);
868 cmd.sta_id = mvm_sta->sta_id;
869 cmd.add_modify = STA_MODE_MODIFY;
871 cmd.add_immediate_ba_tid = (u8) tid;
872 cmd.add_immediate_ba_ssn = cpu_to_le16(ssn);
873 cmd.rx_ba_window = cpu_to_le16((u16)buf_size);
875 cmd.remove_immediate_ba_tid = (u8) tid;
877 cmd.modify_mask = start ? STA_MODIFY_ADD_BA_TID :
878 STA_MODIFY_REMOVE_BA_TID;
880 status = ADD_STA_SUCCESS;
881 ret = iwl_mvm_send_cmd_pdu_status(mvm, ADD_STA,
882 iwl_mvm_add_sta_cmd_size(mvm),
887 switch (status & IWL_ADD_STA_STATUS_MASK) {
888 case ADD_STA_SUCCESS:
889 IWL_DEBUG_INFO(mvm, "RX BA Session %sed in fw\n",
890 start ? "start" : "stopp");
892 case ADD_STA_IMMEDIATE_BA_FAILURE:
893 IWL_WARN(mvm, "RX BA Session refused by fw\n");
898 IWL_ERR(mvm, "RX BA Session failed %sing, status 0x%x\n",
899 start ? "start" : "stopp", status);
905 mvm->rx_ba_sessions++;
906 else if (mvm->rx_ba_sessions > 0)
907 /* check that restart flow didn't zero the counter */
908 mvm->rx_ba_sessions--;
914 static int iwl_mvm_sta_tx_agg(struct iwl_mvm *mvm, struct ieee80211_sta *sta,
915 int tid, u8 queue, bool start)
917 struct iwl_mvm_sta *mvm_sta = iwl_mvm_sta_from_mac80211(sta);
918 struct iwl_mvm_add_sta_cmd cmd = {};
922 lockdep_assert_held(&mvm->mutex);
925 mvm_sta->tfd_queue_msk |= BIT(queue);
926 mvm_sta->tid_disable_agg &= ~BIT(tid);
928 mvm_sta->tfd_queue_msk &= ~BIT(queue);
929 mvm_sta->tid_disable_agg |= BIT(tid);
932 cmd.mac_id_n_color = cpu_to_le32(mvm_sta->mac_id_n_color);
933 cmd.sta_id = mvm_sta->sta_id;
934 cmd.add_modify = STA_MODE_MODIFY;
935 cmd.modify_mask = STA_MODIFY_QUEUES | STA_MODIFY_TID_DISABLE_TX;
936 cmd.tfd_queue_msk = cpu_to_le32(mvm_sta->tfd_queue_msk);
937 cmd.tid_disable_tx = cpu_to_le16(mvm_sta->tid_disable_agg);
939 status = ADD_STA_SUCCESS;
940 ret = iwl_mvm_send_cmd_pdu_status(mvm, ADD_STA,
941 iwl_mvm_add_sta_cmd_size(mvm),
946 switch (status & IWL_ADD_STA_STATUS_MASK) {
947 case ADD_STA_SUCCESS:
951 IWL_ERR(mvm, "TX BA Session failed %sing, status 0x%x\n",
952 start ? "start" : "stopp", status);
959 const u8 tid_to_mac80211_ac[] = {
970 static const u8 tid_to_ucode_ac[] = {
981 int iwl_mvm_sta_tx_agg_start(struct iwl_mvm *mvm, struct ieee80211_vif *vif,
982 struct ieee80211_sta *sta, u16 tid, u16 *ssn)
984 struct iwl_mvm_sta *mvmsta = iwl_mvm_sta_from_mac80211(sta);
985 struct iwl_mvm_tid_data *tid_data;
989 if (WARN_ON_ONCE(tid >= IWL_MAX_TID_COUNT))
992 if (mvmsta->tid_data[tid].state != IWL_AGG_OFF) {
993 IWL_ERR(mvm, "Start AGG when state is not IWL_AGG_OFF %d!\n",
994 mvmsta->tid_data[tid].state);
998 lockdep_assert_held(&mvm->mutex);
1000 spin_lock_bh(&mvmsta->lock);
1002 /* possible race condition - we entered D0i3 while starting agg */
1003 if (test_bit(IWL_MVM_STATUS_IN_D0I3, &mvm->status)) {
1004 spin_unlock_bh(&mvmsta->lock);
1005 IWL_ERR(mvm, "Entered D0i3 while starting Tx agg\n");
1009 spin_lock_bh(&mvm->queue_info_lock);
1011 txq_id = iwl_mvm_find_free_queue(mvm, mvm->first_agg_queue,
1012 mvm->last_agg_queue);
1015 spin_unlock_bh(&mvm->queue_info_lock);
1016 IWL_ERR(mvm, "Failed to allocate agg queue\n");
1019 mvm->queue_info[txq_id].setup_reserved = true;
1020 spin_unlock_bh(&mvm->queue_info_lock);
1022 tid_data = &mvmsta->tid_data[tid];
1023 tid_data->ssn = IEEE80211_SEQ_TO_SN(tid_data->seq_number);
1024 tid_data->txq_id = txq_id;
1025 *ssn = tid_data->ssn;
1027 IWL_DEBUG_TX_QUEUES(mvm,
1028 "Start AGG: sta %d tid %d queue %d - ssn = %d, next_recl = %d\n",
1029 mvmsta->sta_id, tid, txq_id, tid_data->ssn,
1030 tid_data->next_reclaimed);
1032 if (tid_data->ssn == tid_data->next_reclaimed) {
1033 tid_data->state = IWL_AGG_STARTING;
1034 ieee80211_start_tx_ba_cb_irqsafe(vif, sta->addr, tid);
1036 tid_data->state = IWL_EMPTYING_HW_QUEUE_ADDBA;
1042 spin_unlock_bh(&mvmsta->lock);
1047 int iwl_mvm_sta_tx_agg_oper(struct iwl_mvm *mvm, struct ieee80211_vif *vif,
1048 struct ieee80211_sta *sta, u16 tid, u8 buf_size,
1051 struct iwl_mvm_sta *mvmsta = iwl_mvm_sta_from_mac80211(sta);
1052 struct iwl_mvm_tid_data *tid_data = &mvmsta->tid_data[tid];
1053 unsigned int wdg_timeout =
1054 iwl_mvm_get_wd_timeout(mvm, vif, sta->tdls, false);
1058 struct iwl_trans_txq_scd_cfg cfg = {
1059 .sta_id = mvmsta->sta_id,
1061 .frame_limit = buf_size,
1065 BUILD_BUG_ON((sizeof(mvmsta->agg_tids) * BITS_PER_BYTE)
1066 != IWL_MAX_TID_COUNT);
1068 buf_size = min_t(int, buf_size, LINK_QUAL_AGG_FRAME_LIMIT_DEF);
1070 spin_lock_bh(&mvmsta->lock);
1071 ssn = tid_data->ssn;
1072 queue = tid_data->txq_id;
1073 tid_data->state = IWL_AGG_ON;
1074 mvmsta->agg_tids |= BIT(tid);
1075 tid_data->ssn = 0xffff;
1076 tid_data->amsdu_in_ampdu_allowed = amsdu;
1077 spin_unlock_bh(&mvmsta->lock);
1079 cfg.fifo = iwl_mvm_ac_to_tx_fifo[tid_to_mac80211_ac[tid]];
1081 iwl_mvm_enable_txq(mvm, queue, vif->hw_queue[tid_to_mac80211_ac[tid]],
1082 ssn, &cfg, wdg_timeout);
1084 ret = iwl_mvm_sta_tx_agg(mvm, sta, tid, queue, true);
1088 /* No need to mark as reserved */
1089 spin_lock_bh(&mvm->queue_info_lock);
1090 mvm->queue_info[queue].setup_reserved = false;
1091 spin_unlock_bh(&mvm->queue_info_lock);
1094 * Even though in theory the peer could have different
1095 * aggregation reorder buffer sizes for different sessions,
1096 * our ucode doesn't allow for that and has a global limit
1097 * for each station. Therefore, use the minimum of all the
1098 * aggregation sessions and our default value.
1100 mvmsta->max_agg_bufsize =
1101 min(mvmsta->max_agg_bufsize, buf_size);
1102 mvmsta->lq_sta.lq.agg_frame_cnt_limit = mvmsta->max_agg_bufsize;
1104 IWL_DEBUG_HT(mvm, "Tx aggregation enabled on ra = %pM tid = %d\n",
1107 return iwl_mvm_send_lq_cmd(mvm, &mvmsta->lq_sta.lq, false);
1110 int iwl_mvm_sta_tx_agg_stop(struct iwl_mvm *mvm, struct ieee80211_vif *vif,
1111 struct ieee80211_sta *sta, u16 tid)
1113 struct iwl_mvm_sta *mvmsta = iwl_mvm_sta_from_mac80211(sta);
1114 struct iwl_mvm_tid_data *tid_data = &mvmsta->tid_data[tid];
1120 * If mac80211 is cleaning its state, then say that we finished since
1121 * our state has been cleared anyway.
1123 if (test_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status)) {
1124 ieee80211_stop_tx_ba_cb_irqsafe(vif, sta->addr, tid);
1128 spin_lock_bh(&mvmsta->lock);
1130 txq_id = tid_data->txq_id;
1132 IWL_DEBUG_TX_QUEUES(mvm, "Stop AGG: sta %d tid %d q %d state %d\n",
1133 mvmsta->sta_id, tid, txq_id, tid_data->state);
1135 mvmsta->agg_tids &= ~BIT(tid);
1137 /* No need to mark as reserved anymore */
1138 spin_lock_bh(&mvm->queue_info_lock);
1139 mvm->queue_info[txq_id].setup_reserved = false;
1140 spin_unlock_bh(&mvm->queue_info_lock);
1142 switch (tid_data->state) {
1144 tid_data->ssn = IEEE80211_SEQ_TO_SN(tid_data->seq_number);
1146 IWL_DEBUG_TX_QUEUES(mvm,
1147 "ssn = %d, next_recl = %d\n",
1148 tid_data->ssn, tid_data->next_reclaimed);
1150 /* There are still packets for this RA / TID in the HW */
1151 if (tid_data->ssn != tid_data->next_reclaimed) {
1152 tid_data->state = IWL_EMPTYING_HW_QUEUE_DELBA;
1157 tid_data->ssn = 0xffff;
1158 tid_data->state = IWL_AGG_OFF;
1159 spin_unlock_bh(&mvmsta->lock);
1161 ieee80211_stop_tx_ba_cb_irqsafe(vif, sta->addr, tid);
1163 iwl_mvm_sta_tx_agg(mvm, sta, tid, txq_id, false);
1165 iwl_mvm_disable_txq(mvm, txq_id,
1166 vif->hw_queue[tid_to_mac80211_ac[tid]], tid,
1169 case IWL_AGG_STARTING:
1170 case IWL_EMPTYING_HW_QUEUE_ADDBA:
1172 * The agg session has been stopped before it was set up. This
1173 * can happen when the AddBA timer times out for example.
1176 /* No barriers since we are under mutex */
1177 lockdep_assert_held(&mvm->mutex);
1179 ieee80211_stop_tx_ba_cb_irqsafe(vif, sta->addr, tid);
1180 tid_data->state = IWL_AGG_OFF;
1185 "Stopping AGG while state not ON or starting for %d on %d (%d)\n",
1186 mvmsta->sta_id, tid, tid_data->state);
1188 "\ttid_data->txq_id = %d\n", tid_data->txq_id);
1192 spin_unlock_bh(&mvmsta->lock);
1197 int iwl_mvm_sta_tx_agg_flush(struct iwl_mvm *mvm, struct ieee80211_vif *vif,
1198 struct ieee80211_sta *sta, u16 tid)
1200 struct iwl_mvm_sta *mvmsta = iwl_mvm_sta_from_mac80211(sta);
1201 struct iwl_mvm_tid_data *tid_data = &mvmsta->tid_data[tid];
1203 enum iwl_mvm_agg_state old_state;
1206 * First set the agg state to OFF to avoid calling
1207 * ieee80211_stop_tx_ba_cb in iwl_mvm_check_ratid_empty.
1209 spin_lock_bh(&mvmsta->lock);
1210 txq_id = tid_data->txq_id;
1211 IWL_DEBUG_TX_QUEUES(mvm, "Flush AGG: sta %d tid %d q %d state %d\n",
1212 mvmsta->sta_id, tid, txq_id, tid_data->state);
1213 old_state = tid_data->state;
1214 tid_data->state = IWL_AGG_OFF;
1215 mvmsta->agg_tids &= ~BIT(tid);
1216 spin_unlock_bh(&mvmsta->lock);
1218 /* No need to mark as reserved */
1219 spin_lock_bh(&mvm->queue_info_lock);
1220 mvm->queue_info[txq_id].setup_reserved = false;
1221 spin_unlock_bh(&mvm->queue_info_lock);
1223 if (old_state >= IWL_AGG_ON) {
1224 iwl_mvm_drain_sta(mvm, mvmsta, true);
1225 if (iwl_mvm_flush_tx_path(mvm, BIT(txq_id), 0))
1226 IWL_ERR(mvm, "Couldn't flush the AGG queue\n");
1227 iwl_trans_wait_tx_queue_empty(mvm->trans,
1228 mvmsta->tfd_queue_msk);
1229 iwl_mvm_drain_sta(mvm, mvmsta, false);
1231 iwl_mvm_sta_tx_agg(mvm, sta, tid, txq_id, false);
1233 iwl_mvm_disable_txq(mvm, tid_data->txq_id,
1234 vif->hw_queue[tid_to_mac80211_ac[tid]], tid,
1241 static int iwl_mvm_set_fw_key_idx(struct iwl_mvm *mvm)
1243 int i, max = -1, max_offs = -1;
1245 lockdep_assert_held(&mvm->mutex);
1247 /* Pick the unused key offset with the highest 'deleted'
1248 * counter. Every time a key is deleted, all the counters
1249 * are incremented and the one that was just deleted is
1250 * reset to zero. Thus, the highest counter is the one
1251 * that was deleted longest ago. Pick that one.
1253 for (i = 0; i < STA_KEY_MAX_NUM; i++) {
1254 if (test_bit(i, mvm->fw_key_table))
1256 if (mvm->fw_key_deleted[i] > max) {
1257 max = mvm->fw_key_deleted[i];
1263 return STA_KEY_IDX_INVALID;
1268 static struct iwl_mvm_sta *iwl_mvm_get_key_sta(struct iwl_mvm *mvm,
1269 struct ieee80211_vif *vif,
1270 struct ieee80211_sta *sta)
1272 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
1275 return iwl_mvm_sta_from_mac80211(sta);
1278 * The device expects GTKs for station interfaces to be
1279 * installed as GTKs for the AP station. If we have no
1280 * station ID, then use AP's station ID.
1282 if (vif->type == NL80211_IFTYPE_STATION &&
1283 mvmvif->ap_sta_id != IWL_MVM_STATION_COUNT) {
1284 u8 sta_id = mvmvif->ap_sta_id;
1286 sta = rcu_dereference_check(mvm->fw_id_to_mac_id[sta_id],
1287 lockdep_is_held(&mvm->mutex));
1289 * It is possible that the 'sta' parameter is NULL,
1290 * for example when a GTK is removed - the sta_id will then
1291 * be the AP ID, and no station was passed by mac80211.
1293 if (IS_ERR_OR_NULL(sta))
1296 return iwl_mvm_sta_from_mac80211(sta);
1302 static int iwl_mvm_send_sta_key(struct iwl_mvm *mvm,
1303 struct iwl_mvm_sta *mvm_sta,
1304 struct ieee80211_key_conf *keyconf, bool mcast,
1305 u32 tkip_iv32, u16 *tkip_p1k, u32 cmd_flags,
1308 struct iwl_mvm_add_sta_key_cmd cmd = {};
1314 u8 sta_id = mvm_sta->sta_id;
1316 keyidx = (keyconf->keyidx << STA_KEY_FLG_KEYID_POS) &
1317 STA_KEY_FLG_KEYID_MSK;
1318 key_flags = cpu_to_le16(keyidx);
1319 key_flags |= cpu_to_le16(STA_KEY_FLG_WEP_KEY_MAP);
1321 switch (keyconf->cipher) {
1322 case WLAN_CIPHER_SUITE_TKIP:
1323 key_flags |= cpu_to_le16(STA_KEY_FLG_TKIP);
1324 cmd.tkip_rx_tsc_byte2 = tkip_iv32;
1325 for (i = 0; i < 5; i++)
1326 cmd.tkip_rx_ttak[i] = cpu_to_le16(tkip_p1k[i]);
1327 memcpy(cmd.key, keyconf->key, keyconf->keylen);
1329 case WLAN_CIPHER_SUITE_CCMP:
1330 key_flags |= cpu_to_le16(STA_KEY_FLG_CCM);
1331 memcpy(cmd.key, keyconf->key, keyconf->keylen);
1333 case WLAN_CIPHER_SUITE_WEP104:
1334 key_flags |= cpu_to_le16(STA_KEY_FLG_WEP_13BYTES);
1336 case WLAN_CIPHER_SUITE_WEP40:
1337 key_flags |= cpu_to_le16(STA_KEY_FLG_WEP);
1338 memcpy(cmd.key + 3, keyconf->key, keyconf->keylen);
1341 key_flags |= cpu_to_le16(STA_KEY_FLG_EXT);
1342 memcpy(cmd.key, keyconf->key, keyconf->keylen);
1346 key_flags |= cpu_to_le16(STA_KEY_MULTICAST);
1348 cmd.key_offset = key_offset;
1349 cmd.key_flags = key_flags;
1350 cmd.sta_id = sta_id;
1352 status = ADD_STA_SUCCESS;
1353 if (cmd_flags & CMD_ASYNC)
1354 ret = iwl_mvm_send_cmd_pdu(mvm, ADD_STA_KEY, CMD_ASYNC,
1357 ret = iwl_mvm_send_cmd_pdu_status(mvm, ADD_STA_KEY, sizeof(cmd),
1361 case ADD_STA_SUCCESS:
1362 IWL_DEBUG_WEP(mvm, "MODIFY_STA: set dynamic key passed\n");
1366 IWL_ERR(mvm, "MODIFY_STA: set dynamic key failed\n");
1373 static int iwl_mvm_send_sta_igtk(struct iwl_mvm *mvm,
1374 struct ieee80211_key_conf *keyconf,
1375 u8 sta_id, bool remove_key)
1377 struct iwl_mvm_mgmt_mcast_key_cmd igtk_cmd = {};
1379 /* verify the key details match the required command's expectations */
1380 if (WARN_ON((keyconf->cipher != WLAN_CIPHER_SUITE_AES_CMAC) ||
1381 (keyconf->flags & IEEE80211_KEY_FLAG_PAIRWISE) ||
1382 (keyconf->keyidx != 4 && keyconf->keyidx != 5)))
1385 igtk_cmd.key_id = cpu_to_le32(keyconf->keyidx);
1386 igtk_cmd.sta_id = cpu_to_le32(sta_id);
1389 igtk_cmd.ctrl_flags |= cpu_to_le32(STA_KEY_NOT_VALID);
1391 struct ieee80211_key_seq seq;
1394 memcpy(igtk_cmd.IGTK, keyconf->key, keyconf->keylen);
1395 ieee80211_get_key_rx_seq(keyconf, 0, &seq);
1396 pn = seq.aes_cmac.pn;
1397 igtk_cmd.receive_seq_cnt = cpu_to_le64(((u64) pn[5] << 0) |
1398 ((u64) pn[4] << 8) |
1399 ((u64) pn[3] << 16) |
1400 ((u64) pn[2] << 24) |
1401 ((u64) pn[1] << 32) |
1402 ((u64) pn[0] << 40));
1405 IWL_DEBUG_INFO(mvm, "%s igtk for sta %u\n",
1406 remove_key ? "removing" : "installing",
1409 return iwl_mvm_send_cmd_pdu(mvm, MGMT_MCAST_KEY, 0,
1410 sizeof(igtk_cmd), &igtk_cmd);
1414 static inline u8 *iwl_mvm_get_mac_addr(struct iwl_mvm *mvm,
1415 struct ieee80211_vif *vif,
1416 struct ieee80211_sta *sta)
1418 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
1423 if (vif->type == NL80211_IFTYPE_STATION &&
1424 mvmvif->ap_sta_id != IWL_MVM_STATION_COUNT) {
1425 u8 sta_id = mvmvif->ap_sta_id;
1426 sta = rcu_dereference_protected(mvm->fw_id_to_mac_id[sta_id],
1427 lockdep_is_held(&mvm->mutex));
1435 static int __iwl_mvm_set_sta_key(struct iwl_mvm *mvm,
1436 struct ieee80211_vif *vif,
1437 struct ieee80211_sta *sta,
1438 struct ieee80211_key_conf *keyconf,
1442 struct iwl_mvm_sta *mvm_sta = iwl_mvm_sta_from_mac80211(sta);
1445 struct ieee80211_key_seq seq;
1448 switch (keyconf->cipher) {
1449 case WLAN_CIPHER_SUITE_TKIP:
1450 addr = iwl_mvm_get_mac_addr(mvm, vif, sta);
1451 /* get phase 1 key from mac80211 */
1452 ieee80211_get_key_rx_seq(keyconf, 0, &seq);
1453 ieee80211_get_tkip_rx_p1k(keyconf, addr, seq.tkip.iv32, p1k);
1454 ret = iwl_mvm_send_sta_key(mvm, mvm_sta, keyconf, mcast,
1455 seq.tkip.iv32, p1k, 0, key_offset);
1457 case WLAN_CIPHER_SUITE_CCMP:
1458 case WLAN_CIPHER_SUITE_WEP40:
1459 case WLAN_CIPHER_SUITE_WEP104:
1460 ret = iwl_mvm_send_sta_key(mvm, mvm_sta, keyconf, mcast,
1461 0, NULL, 0, key_offset);
1464 ret = iwl_mvm_send_sta_key(mvm, mvm_sta, keyconf, mcast,
1465 0, NULL, 0, key_offset);
1471 static int __iwl_mvm_remove_sta_key(struct iwl_mvm *mvm, u8 sta_id,
1472 struct ieee80211_key_conf *keyconf,
1475 struct iwl_mvm_add_sta_key_cmd cmd = {};
1480 key_flags = cpu_to_le16((keyconf->keyidx << STA_KEY_FLG_KEYID_POS) &
1481 STA_KEY_FLG_KEYID_MSK);
1482 key_flags |= cpu_to_le16(STA_KEY_FLG_NO_ENC | STA_KEY_FLG_WEP_KEY_MAP);
1483 key_flags |= cpu_to_le16(STA_KEY_NOT_VALID);
1486 key_flags |= cpu_to_le16(STA_KEY_MULTICAST);
1488 cmd.key_flags = key_flags;
1489 cmd.key_offset = keyconf->hw_key_idx;
1490 cmd.sta_id = sta_id;
1492 status = ADD_STA_SUCCESS;
1493 ret = iwl_mvm_send_cmd_pdu_status(mvm, ADD_STA_KEY, sizeof(cmd),
1497 case ADD_STA_SUCCESS:
1498 IWL_DEBUG_WEP(mvm, "MODIFY_STA: remove sta key passed\n");
1502 IWL_ERR(mvm, "MODIFY_STA: remove sta key failed\n");
1509 int iwl_mvm_set_sta_key(struct iwl_mvm *mvm,
1510 struct ieee80211_vif *vif,
1511 struct ieee80211_sta *sta,
1512 struct ieee80211_key_conf *keyconf,
1515 bool mcast = !(keyconf->flags & IEEE80211_KEY_FLAG_PAIRWISE);
1516 struct iwl_mvm_sta *mvm_sta;
1519 static const u8 __maybe_unused zero_addr[ETH_ALEN] = {0};
1521 lockdep_assert_held(&mvm->mutex);
1523 /* Get the station id from the mvm local station table */
1524 mvm_sta = iwl_mvm_get_key_sta(mvm, vif, sta);
1526 IWL_ERR(mvm, "Failed to find station\n");
1529 sta_id = mvm_sta->sta_id;
1531 if (keyconf->cipher == WLAN_CIPHER_SUITE_AES_CMAC) {
1532 ret = iwl_mvm_send_sta_igtk(mvm, keyconf, sta_id, false);
1537 * It is possible that the 'sta' parameter is NULL, and thus
1538 * there is a need to retrieve the sta from the local station table.
1541 sta = rcu_dereference_protected(mvm->fw_id_to_mac_id[sta_id],
1542 lockdep_is_held(&mvm->mutex));
1543 if (IS_ERR_OR_NULL(sta)) {
1544 IWL_ERR(mvm, "Invalid station id\n");
1549 if (WARN_ON_ONCE(iwl_mvm_sta_from_mac80211(sta)->vif != vif))
1552 /* If the key_offset is not pre-assigned, we need to find a
1553 * new offset to use. In normal cases, the offset is not
1554 * pre-assigned, but during HW_RESTART we want to reuse the
1555 * same indices, so we pass them when this function is called.
1557 * In D3 entry, we need to hardcoded the indices (because the
1558 * firmware hardcodes the PTK offset to 0). In this case, we
1559 * need to make sure we don't overwrite the hw_key_idx in the
1560 * keyconf structure, because otherwise we cannot configure
1561 * the original ones back when resuming.
1563 if (key_offset == STA_KEY_IDX_INVALID) {
1564 key_offset = iwl_mvm_set_fw_key_idx(mvm);
1565 if (key_offset == STA_KEY_IDX_INVALID)
1567 keyconf->hw_key_idx = key_offset;
1570 ret = __iwl_mvm_set_sta_key(mvm, vif, sta, keyconf, key_offset, mcast);
1575 * For WEP, the same key is used for multicast and unicast. Upload it
1576 * again, using the same key offset, and now pointing the other one
1577 * to the same key slot (offset).
1578 * If this fails, remove the original as well.
1580 if (keyconf->cipher == WLAN_CIPHER_SUITE_WEP40 ||
1581 keyconf->cipher == WLAN_CIPHER_SUITE_WEP104) {
1582 ret = __iwl_mvm_set_sta_key(mvm, vif, sta, keyconf,
1583 key_offset, !mcast);
1585 __iwl_mvm_remove_sta_key(mvm, sta_id, keyconf, mcast);
1590 __set_bit(key_offset, mvm->fw_key_table);
1593 IWL_DEBUG_WEP(mvm, "key: cipher=%x len=%d idx=%d sta=%pM ret=%d\n",
1594 keyconf->cipher, keyconf->keylen, keyconf->keyidx,
1595 sta ? sta->addr : zero_addr, ret);
1599 int iwl_mvm_remove_sta_key(struct iwl_mvm *mvm,
1600 struct ieee80211_vif *vif,
1601 struct ieee80211_sta *sta,
1602 struct ieee80211_key_conf *keyconf)
1604 bool mcast = !(keyconf->flags & IEEE80211_KEY_FLAG_PAIRWISE);
1605 struct iwl_mvm_sta *mvm_sta;
1606 u8 sta_id = IWL_MVM_STATION_COUNT;
1609 lockdep_assert_held(&mvm->mutex);
1611 /* Get the station from the mvm local station table */
1612 mvm_sta = iwl_mvm_get_key_sta(mvm, vif, sta);
1614 IWL_DEBUG_WEP(mvm, "mvm remove dynamic key: idx=%d sta=%d\n",
1615 keyconf->keyidx, sta_id);
1617 if (keyconf->cipher == WLAN_CIPHER_SUITE_AES_CMAC)
1618 return iwl_mvm_send_sta_igtk(mvm, keyconf, sta_id, true);
1620 if (!__test_and_clear_bit(keyconf->hw_key_idx, mvm->fw_key_table)) {
1621 IWL_ERR(mvm, "offset %d not used in fw key table.\n",
1622 keyconf->hw_key_idx);
1626 /* track which key was deleted last */
1627 for (i = 0; i < STA_KEY_MAX_NUM; i++) {
1628 if (mvm->fw_key_deleted[i] < U8_MAX)
1629 mvm->fw_key_deleted[i]++;
1631 mvm->fw_key_deleted[keyconf->hw_key_idx] = 0;
1634 IWL_DEBUG_WEP(mvm, "station non-existent, early return.\n");
1638 sta_id = mvm_sta->sta_id;
1640 ret = __iwl_mvm_remove_sta_key(mvm, sta_id, keyconf, mcast);
1644 /* delete WEP key twice to get rid of (now useless) offset */
1645 if (keyconf->cipher == WLAN_CIPHER_SUITE_WEP40 ||
1646 keyconf->cipher == WLAN_CIPHER_SUITE_WEP104)
1647 ret = __iwl_mvm_remove_sta_key(mvm, sta_id, keyconf, !mcast);
1652 void iwl_mvm_update_tkip_key(struct iwl_mvm *mvm,
1653 struct ieee80211_vif *vif,
1654 struct ieee80211_key_conf *keyconf,
1655 struct ieee80211_sta *sta, u32 iv32,
1658 struct iwl_mvm_sta *mvm_sta;
1659 bool mcast = !(keyconf->flags & IEEE80211_KEY_FLAG_PAIRWISE);
1663 mvm_sta = iwl_mvm_get_key_sta(mvm, vif, sta);
1664 if (WARN_ON_ONCE(!mvm_sta))
1666 iwl_mvm_send_sta_key(mvm, mvm_sta, keyconf, mcast,
1667 iv32, phase1key, CMD_ASYNC, keyconf->hw_key_idx);
1673 void iwl_mvm_sta_modify_ps_wake(struct iwl_mvm *mvm,
1674 struct ieee80211_sta *sta)
1676 struct iwl_mvm_sta *mvmsta = iwl_mvm_sta_from_mac80211(sta);
1677 struct iwl_mvm_add_sta_cmd cmd = {
1678 .add_modify = STA_MODE_MODIFY,
1679 .sta_id = mvmsta->sta_id,
1680 .station_flags_msk = cpu_to_le32(STA_FLG_PS),
1681 .mac_id_n_color = cpu_to_le32(mvmsta->mac_id_n_color),
1685 ret = iwl_mvm_send_cmd_pdu(mvm, ADD_STA, CMD_ASYNC,
1686 iwl_mvm_add_sta_cmd_size(mvm), &cmd);
1688 IWL_ERR(mvm, "Failed to send ADD_STA command (%d)\n", ret);
1691 void iwl_mvm_sta_modify_sleep_tx_count(struct iwl_mvm *mvm,
1692 struct ieee80211_sta *sta,
1693 enum ieee80211_frame_release_type reason,
1694 u16 cnt, u16 tids, bool more_data,
1697 struct iwl_mvm_sta *mvmsta = iwl_mvm_sta_from_mac80211(sta);
1698 struct iwl_mvm_add_sta_cmd cmd = {
1699 .add_modify = STA_MODE_MODIFY,
1700 .sta_id = mvmsta->sta_id,
1701 .modify_mask = STA_MODIFY_SLEEPING_STA_TX_COUNT,
1702 .sleep_tx_count = cpu_to_le16(cnt),
1703 .mac_id_n_color = cpu_to_le32(mvmsta->mac_id_n_color),
1706 unsigned long _tids = tids;
1708 /* convert TIDs to ACs - we don't support TSPEC so that's OK
1709 * Note that this field is reserved and unused by firmware not
1710 * supporting GO uAPSD, so it's safe to always do this.
1712 for_each_set_bit(tid, &_tids, IWL_MAX_TID_COUNT)
1713 cmd.awake_acs |= BIT(tid_to_ucode_ac[tid]);
1715 /* If we're releasing frames from aggregation queues then check if the
1716 * all queues combined that we're releasing frames from have
1717 * - more frames than the service period, in which case more_data
1719 * - fewer than 'cnt' frames, in which case we need to adjust the
1720 * firmware command (but do that unconditionally)
1723 int remaining = cnt;
1726 spin_lock_bh(&mvmsta->lock);
1727 for_each_set_bit(tid, &_tids, IWL_MAX_TID_COUNT) {
1728 struct iwl_mvm_tid_data *tid_data;
1731 tid_data = &mvmsta->tid_data[tid];
1732 if (WARN(tid_data->state != IWL_AGG_ON &&
1733 tid_data->state != IWL_EMPTYING_HW_QUEUE_DELBA,
1734 "TID %d state is %d\n",
1735 tid, tid_data->state)) {
1736 spin_unlock_bh(&mvmsta->lock);
1737 ieee80211_sta_eosp(sta);
1741 n_queued = iwl_mvm_tid_queued(tid_data);
1742 if (n_queued > remaining) {
1747 remaining -= n_queued;
1749 sleep_tx_count = cnt - remaining;
1750 if (reason == IEEE80211_FRAME_RELEASE_UAPSD)
1751 mvmsta->sleep_tx_count = sleep_tx_count;
1752 spin_unlock_bh(&mvmsta->lock);
1754 cmd.sleep_tx_count = cpu_to_le16(sleep_tx_count);
1755 if (WARN_ON(cnt - remaining == 0)) {
1756 ieee80211_sta_eosp(sta);
1761 /* Note: this is ignored by firmware not supporting GO uAPSD */
1763 cmd.sleep_state_flags |= cpu_to_le16(STA_SLEEP_STATE_MOREDATA);
1765 if (reason == IEEE80211_FRAME_RELEASE_PSPOLL) {
1766 mvmsta->next_status_eosp = true;
1767 cmd.sleep_state_flags |= cpu_to_le16(STA_SLEEP_STATE_PS_POLL);
1769 cmd.sleep_state_flags |= cpu_to_le16(STA_SLEEP_STATE_UAPSD);
1772 /* block the Tx queues until the FW updated the sleep Tx count */
1773 iwl_trans_block_txq_ptrs(mvm->trans, true);
1775 ret = iwl_mvm_send_cmd_pdu(mvm, ADD_STA,
1776 CMD_ASYNC | CMD_WANT_ASYNC_CALLBACK,
1777 iwl_mvm_add_sta_cmd_size(mvm), &cmd);
1779 IWL_ERR(mvm, "Failed to send ADD_STA command (%d)\n", ret);
1782 void iwl_mvm_rx_eosp_notif(struct iwl_mvm *mvm,
1783 struct iwl_rx_cmd_buffer *rxb)
1785 struct iwl_rx_packet *pkt = rxb_addr(rxb);
1786 struct iwl_mvm_eosp_notification *notif = (void *)pkt->data;
1787 struct ieee80211_sta *sta;
1788 u32 sta_id = le32_to_cpu(notif->sta_id);
1790 if (WARN_ON_ONCE(sta_id >= IWL_MVM_STATION_COUNT))
1794 sta = rcu_dereference(mvm->fw_id_to_mac_id[sta_id]);
1795 if (!IS_ERR_OR_NULL(sta))
1796 ieee80211_sta_eosp(sta);
1800 void iwl_mvm_sta_modify_disable_tx(struct iwl_mvm *mvm,
1801 struct iwl_mvm_sta *mvmsta, bool disable)
1803 struct iwl_mvm_add_sta_cmd cmd = {
1804 .add_modify = STA_MODE_MODIFY,
1805 .sta_id = mvmsta->sta_id,
1806 .station_flags = disable ? cpu_to_le32(STA_FLG_DISABLE_TX) : 0,
1807 .station_flags_msk = cpu_to_le32(STA_FLG_DISABLE_TX),
1808 .mac_id_n_color = cpu_to_le32(mvmsta->mac_id_n_color),
1812 ret = iwl_mvm_send_cmd_pdu(mvm, ADD_STA, CMD_ASYNC,
1813 iwl_mvm_add_sta_cmd_size(mvm), &cmd);
1815 IWL_ERR(mvm, "Failed to send ADD_STA command (%d)\n", ret);
1818 void iwl_mvm_sta_modify_disable_tx_ap(struct iwl_mvm *mvm,
1819 struct ieee80211_sta *sta,
1822 struct iwl_mvm_sta *mvm_sta = iwl_mvm_sta_from_mac80211(sta);
1824 spin_lock_bh(&mvm_sta->lock);
1826 if (mvm_sta->disable_tx == disable) {
1827 spin_unlock_bh(&mvm_sta->lock);
1831 mvm_sta->disable_tx = disable;
1834 * Tell mac80211 to start/stop queuing tx for this station,
1835 * but don't stop queuing if there are still pending frames
1838 if (disable || !atomic_read(&mvm->pending_frames[mvm_sta->sta_id]))
1839 ieee80211_sta_block_awake(mvm->hw, sta, disable);
1841 iwl_mvm_sta_modify_disable_tx(mvm, mvm_sta, disable);
1843 spin_unlock_bh(&mvm_sta->lock);
1846 void iwl_mvm_modify_all_sta_disable_tx(struct iwl_mvm *mvm,
1847 struct iwl_mvm_vif *mvmvif,
1850 struct ieee80211_sta *sta;
1851 struct iwl_mvm_sta *mvm_sta;
1854 lockdep_assert_held(&mvm->mutex);
1856 /* Block/unblock all the stations of the given mvmvif */
1857 for (i = 0; i < IWL_MVM_STATION_COUNT; i++) {
1858 sta = rcu_dereference_protected(mvm->fw_id_to_mac_id[i],
1859 lockdep_is_held(&mvm->mutex));
1860 if (IS_ERR_OR_NULL(sta))
1863 mvm_sta = iwl_mvm_sta_from_mac80211(sta);
1864 if (mvm_sta->mac_id_n_color !=
1865 FW_CMD_ID_AND_COLOR(mvmvif->id, mvmvif->color))
1868 iwl_mvm_sta_modify_disable_tx_ap(mvm, sta, disable);
1872 void iwl_mvm_csa_client_absent(struct iwl_mvm *mvm, struct ieee80211_vif *vif)
1874 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
1875 struct iwl_mvm_sta *mvmsta;
1879 mvmsta = iwl_mvm_sta_from_staid_rcu(mvm, mvmvif->ap_sta_id);
1881 if (!WARN_ON(!mvmsta))
1882 iwl_mvm_sta_modify_disable_tx(mvm, mvmsta, true);
projects / cascardo / linux.git / blob