Loading...
Note: File does not exist in v3.1.
1/******************************************************************************
2 *
3 * This file is provided under a dual BSD/GPLv2 license. When using or
4 * redistributing this file, you may do so under either license.
5 *
6 * GPL LICENSE SUMMARY
7 *
8 * Copyright(c) 2012 - 2014 Intel Corporation. All rights reserved.
9 * Copyright(c) 2013 - 2015 Intel Mobile Communications GmbH
10 * Copyright(c) 2016 - 2017 Intel Deutschland GmbH
11 * Copyright(c) 2018 - 2019 Intel Corporation
12 *
13 * This program is free software; you can redistribute it and/or modify
14 * it under the terms of version 2 of the GNU General Public License as
15 * published by the Free Software Foundation.
16 *
17 * This program is distributed in the hope that it will be useful, but
18 * WITHOUT ANY WARRANTY; without even the implied warranty of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
20 * General Public License for more details.
21 *
22 * The full GNU General Public License is included in this distribution
23 * in the file called COPYING.
24 *
25 * Contact Information:
26 * Intel Linux Wireless <linuxwifi@intel.com>
27 * Intel Corporation, 5200 N.E. Elam Young Parkway, Hillsboro, OR 97124-6497
28 *
29 * BSD LICENSE
30 *
31 * Copyright(c) 2012 - 2014 Intel Corporation. All rights reserved.
32 * Copyright(c) 2013 - 2015 Intel Mobile Communications GmbH
33 * Copyright(c) 2016 - 2017 Intel Deutschland GmbH
34 * Copyright(c) 2018 - 2019 Intel Corporation
35 * All rights reserved.
36 *
37 * Redistribution and use in source and binary forms, with or without
38 * modification, are permitted provided that the following conditions
39 * are met:
40 *
41 * * Redistributions of source code must retain the above copyright
42 * notice, this list of conditions and the following disclaimer.
43 * * Redistributions in binary form must reproduce the above copyright
44 * notice, this list of conditions and the following disclaimer in
45 * the documentation and/or other materials provided with the
46 * distribution.
47 * * Neither the name Intel Corporation nor the names of its
48 * contributors may be used to endorse or promote products derived
49 * from this software without specific prior written permission.
50 *
51 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
52 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
53 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
54 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
55 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
56 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
57 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
58 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
59 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
60 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
61 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
62 *
63 *****************************************************************************/
64
65#include <linux/etherdevice.h>
66#include <linux/ip.h>
67#include <linux/fs.h>
68#include <net/cfg80211.h>
69#include <net/ipv6.h>
70#include <net/tcp.h>
71#include <net/addrconf.h>
72#include "iwl-modparams.h"
73#include "fw-api.h"
74#include "mvm.h"
75
76void iwl_mvm_set_rekey_data(struct ieee80211_hw *hw,
77 struct ieee80211_vif *vif,
78 struct cfg80211_gtk_rekey_data *data)
79{
80 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
81 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
82
83 if (iwlwifi_mod_params.swcrypto)
84 return;
85
86 mutex_lock(&mvm->mutex);
87
88 memcpy(mvmvif->rekey_data.kek, data->kek, NL80211_KEK_LEN);
89 memcpy(mvmvif->rekey_data.kck, data->kck, NL80211_KCK_LEN);
90 mvmvif->rekey_data.replay_ctr =
91 cpu_to_le64(be64_to_cpup((__be64 *)data->replay_ctr));
92 mvmvif->rekey_data.valid = true;
93
94 mutex_unlock(&mvm->mutex);
95}
96
97#if IS_ENABLED(CONFIG_IPV6)
98void iwl_mvm_ipv6_addr_change(struct ieee80211_hw *hw,
99 struct ieee80211_vif *vif,
100 struct inet6_dev *idev)
101{
102 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
103 struct inet6_ifaddr *ifa;
104 int idx = 0;
105
106 memset(mvmvif->tentative_addrs, 0, sizeof(mvmvif->tentative_addrs));
107
108 read_lock_bh(&idev->lock);
109 list_for_each_entry(ifa, &idev->addr_list, if_list) {
110 mvmvif->target_ipv6_addrs[idx] = ifa->addr;
111 if (ifa->flags & IFA_F_TENTATIVE)
112 __set_bit(idx, mvmvif->tentative_addrs);
113 idx++;
114 if (idx >= IWL_PROTO_OFFLOAD_NUM_IPV6_ADDRS_MAX)
115 break;
116 }
117 read_unlock_bh(&idev->lock);
118
119 mvmvif->num_target_ipv6_addrs = idx;
120}
121#endif
122
123void iwl_mvm_set_default_unicast_key(struct ieee80211_hw *hw,
124 struct ieee80211_vif *vif, int idx)
125{
126 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
127
128 mvmvif->tx_key_idx = idx;
129}
130
131static void iwl_mvm_convert_p1k(u16 *p1k, __le16 *out)
132{
133 int i;
134
135 for (i = 0; i < IWL_P1K_SIZE; i++)
136 out[i] = cpu_to_le16(p1k[i]);
137}
138
139static const u8 *iwl_mvm_find_max_pn(struct ieee80211_key_conf *key,
140 struct iwl_mvm_key_pn *ptk_pn,
141 struct ieee80211_key_seq *seq,
142 int tid, int queues)
143{
144 const u8 *ret = seq->ccmp.pn;
145 int i;
146
147 /* get the PN from mac80211, used on the default queue */
148 ieee80211_get_key_rx_seq(key, tid, seq);
149
150 /* and use the internal data for the other queues */
151 for (i = 1; i < queues; i++) {
152 const u8 *tmp = ptk_pn->q[i].pn[tid];
153
154 if (memcmp(ret, tmp, IEEE80211_CCMP_PN_LEN) <= 0)
155 ret = tmp;
156 }
157
158 return ret;
159}
160
161struct wowlan_key_data {
162 struct iwl_wowlan_rsc_tsc_params_cmd *rsc_tsc;
163 struct iwl_wowlan_tkip_params_cmd *tkip;
164 bool error, use_rsc_tsc, use_tkip, configure_keys;
165 int wep_key_idx;
166};
167
168static void iwl_mvm_wowlan_program_keys(struct ieee80211_hw *hw,
169 struct ieee80211_vif *vif,
170 struct ieee80211_sta *sta,
171 struct ieee80211_key_conf *key,
172 void *_data)
173{
174 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
175 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
176 struct wowlan_key_data *data = _data;
177 struct aes_sc *aes_sc, *aes_tx_sc = NULL;
178 struct tkip_sc *tkip_sc, *tkip_tx_sc = NULL;
179 struct iwl_p1k_cache *rx_p1ks;
180 u8 *rx_mic_key;
181 struct ieee80211_key_seq seq;
182 u32 cur_rx_iv32 = 0;
183 u16 p1k[IWL_P1K_SIZE];
184 int ret, i;
185
186 switch (key->cipher) {
187 case WLAN_CIPHER_SUITE_WEP40:
188 case WLAN_CIPHER_SUITE_WEP104: { /* hack it for now */
189 struct {
190 struct iwl_mvm_wep_key_cmd wep_key_cmd;
191 struct iwl_mvm_wep_key wep_key;
192 } __packed wkc = {
193 .wep_key_cmd.mac_id_n_color =
194 cpu_to_le32(FW_CMD_ID_AND_COLOR(mvmvif->id,
195 mvmvif->color)),
196 .wep_key_cmd.num_keys = 1,
197 /* firmware sets STA_KEY_FLG_WEP_13BYTES */
198 .wep_key_cmd.decryption_type = STA_KEY_FLG_WEP,
199 .wep_key.key_index = key->keyidx,
200 .wep_key.key_size = key->keylen,
201 };
202
203 /*
204 * This will fail -- the key functions don't set support
205 * pairwise WEP keys. However, that's better than silently
206 * failing WoWLAN. Or maybe not?
207 */
208 if (key->flags & IEEE80211_KEY_FLAG_PAIRWISE)
209 break;
210
211 memcpy(&wkc.wep_key.key[3], key->key, key->keylen);
212 if (key->keyidx == mvmvif->tx_key_idx) {
213 /* TX key must be at offset 0 */
214 wkc.wep_key.key_offset = 0;
215 } else {
216 /* others start at 1 */
217 data->wep_key_idx++;
218 wkc.wep_key.key_offset = data->wep_key_idx;
219 }
220
221 if (data->configure_keys) {
222 mutex_lock(&mvm->mutex);
223 ret = iwl_mvm_send_cmd_pdu(mvm, WEP_KEY, 0,
224 sizeof(wkc), &wkc);
225 data->error = ret != 0;
226
227 mvm->ptk_ivlen = key->iv_len;
228 mvm->ptk_icvlen = key->icv_len;
229 mvm->gtk_ivlen = key->iv_len;
230 mvm->gtk_icvlen = key->icv_len;
231 mutex_unlock(&mvm->mutex);
232 }
233
234 /* don't upload key again */
235 return;
236 }
237 default:
238 data->error = true;
239 return;
240 case WLAN_CIPHER_SUITE_AES_CMAC:
241 /*
242 * Ignore CMAC keys -- the WoWLAN firmware doesn't support them
243 * but we also shouldn't abort suspend due to that. It does have
244 * support for the IGTK key renewal, but doesn't really use the
245 * IGTK for anything. This means we could spuriously wake up or
246 * be deauthenticated, but that was considered acceptable.
247 */
248 return;
249 case WLAN_CIPHER_SUITE_TKIP:
250 if (sta) {
251 u64 pn64;
252
253 tkip_sc = data->rsc_tsc->all_tsc_rsc.tkip.unicast_rsc;
254 tkip_tx_sc = &data->rsc_tsc->all_tsc_rsc.tkip.tsc;
255
256 rx_p1ks = data->tkip->rx_uni;
257
258 pn64 = atomic64_read(&key->tx_pn);
259 tkip_tx_sc->iv16 = cpu_to_le16(TKIP_PN_TO_IV16(pn64));
260 tkip_tx_sc->iv32 = cpu_to_le32(TKIP_PN_TO_IV32(pn64));
261
262 ieee80211_get_tkip_p1k_iv(key, TKIP_PN_TO_IV32(pn64),
263 p1k);
264 iwl_mvm_convert_p1k(p1k, data->tkip->tx.p1k);
265
266 memcpy(data->tkip->mic_keys.tx,
267 &key->key[NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY],
268 IWL_MIC_KEY_SIZE);
269
270 rx_mic_key = data->tkip->mic_keys.rx_unicast;
271 } else {
272 tkip_sc =
273 data->rsc_tsc->all_tsc_rsc.tkip.multicast_rsc;
274 rx_p1ks = data->tkip->rx_multi;
275 rx_mic_key = data->tkip->mic_keys.rx_mcast;
276 }
277
278 /*
279 * For non-QoS this relies on the fact that both the uCode and
280 * mac80211 use TID 0 (as they need to to avoid replay attacks)
281 * for checking the IV in the frames.
282 */
283 for (i = 0; i < IWL_NUM_RSC; i++) {
284 ieee80211_get_key_rx_seq(key, i, &seq);
285 tkip_sc[i].iv16 = cpu_to_le16(seq.tkip.iv16);
286 tkip_sc[i].iv32 = cpu_to_le32(seq.tkip.iv32);
287 /* wrapping isn't allowed, AP must rekey */
288 if (seq.tkip.iv32 > cur_rx_iv32)
289 cur_rx_iv32 = seq.tkip.iv32;
290 }
291
292 ieee80211_get_tkip_rx_p1k(key, vif->bss_conf.bssid,
293 cur_rx_iv32, p1k);
294 iwl_mvm_convert_p1k(p1k, rx_p1ks[0].p1k);
295 ieee80211_get_tkip_rx_p1k(key, vif->bss_conf.bssid,
296 cur_rx_iv32 + 1, p1k);
297 iwl_mvm_convert_p1k(p1k, rx_p1ks[1].p1k);
298
299 memcpy(rx_mic_key,
300 &key->key[NL80211_TKIP_DATA_OFFSET_RX_MIC_KEY],
301 IWL_MIC_KEY_SIZE);
302
303 data->use_tkip = true;
304 data->use_rsc_tsc = true;
305 break;
306 case WLAN_CIPHER_SUITE_CCMP:
307 if (sta) {
308 u64 pn64;
309
310 aes_sc = data->rsc_tsc->all_tsc_rsc.aes.unicast_rsc;
311 aes_tx_sc = &data->rsc_tsc->all_tsc_rsc.aes.tsc;
312
313 pn64 = atomic64_read(&key->tx_pn);
314 aes_tx_sc->pn = cpu_to_le64(pn64);
315 } else {
316 aes_sc = data->rsc_tsc->all_tsc_rsc.aes.multicast_rsc;
317 }
318
319 /*
320 * For non-QoS this relies on the fact that both the uCode and
321 * mac80211/our RX code use TID 0 for checking the PN.
322 */
323 if (sta && iwl_mvm_has_new_rx_api(mvm)) {
324 struct iwl_mvm_sta *mvmsta;
325 struct iwl_mvm_key_pn *ptk_pn;
326 const u8 *pn;
327
328 mvmsta = iwl_mvm_sta_from_mac80211(sta);
329 ptk_pn = rcu_dereference_protected(
330 mvmsta->ptk_pn[key->keyidx],
331 lockdep_is_held(&mvm->mutex));
332 if (WARN_ON(!ptk_pn))
333 break;
334
335 for (i = 0; i < IWL_MAX_TID_COUNT; i++) {
336 pn = iwl_mvm_find_max_pn(key, ptk_pn, &seq, i,
337 mvm->trans->num_rx_queues);
338 aes_sc[i].pn = cpu_to_le64((u64)pn[5] |
339 ((u64)pn[4] << 8) |
340 ((u64)pn[3] << 16) |
341 ((u64)pn[2] << 24) |
342 ((u64)pn[1] << 32) |
343 ((u64)pn[0] << 40));
344 }
345 } else {
346 for (i = 0; i < IWL_NUM_RSC; i++) {
347 u8 *pn = seq.ccmp.pn;
348
349 ieee80211_get_key_rx_seq(key, i, &seq);
350 aes_sc[i].pn = cpu_to_le64((u64)pn[5] |
351 ((u64)pn[4] << 8) |
352 ((u64)pn[3] << 16) |
353 ((u64)pn[2] << 24) |
354 ((u64)pn[1] << 32) |
355 ((u64)pn[0] << 40));
356 }
357 }
358 data->use_rsc_tsc = true;
359 break;
360 }
361
362 if (data->configure_keys) {
363 mutex_lock(&mvm->mutex);
364 /*
365 * The D3 firmware hardcodes the key offset 0 as the key it
366 * uses to transmit packets to the AP, i.e. the PTK.
367 */
368 if (key->flags & IEEE80211_KEY_FLAG_PAIRWISE) {
369 mvm->ptk_ivlen = key->iv_len;
370 mvm->ptk_icvlen = key->icv_len;
371 ret = iwl_mvm_set_sta_key(mvm, vif, sta, key, 0);
372 } else {
373 /*
374 * firmware only supports TSC/RSC for a single key,
375 * so if there are multiple keep overwriting them
376 * with new ones -- this relies on mac80211 doing
377 * list_add_tail().
378 */
379 mvm->gtk_ivlen = key->iv_len;
380 mvm->gtk_icvlen = key->icv_len;
381 ret = iwl_mvm_set_sta_key(mvm, vif, sta, key, 1);
382 }
383 mutex_unlock(&mvm->mutex);
384 data->error = ret != 0;
385 }
386}
387
388static int iwl_mvm_send_patterns_v1(struct iwl_mvm *mvm,
389 struct cfg80211_wowlan *wowlan)
390{
391 struct iwl_wowlan_patterns_cmd_v1 *pattern_cmd;
392 struct iwl_host_cmd cmd = {
393 .id = WOWLAN_PATTERNS,
394 .dataflags[0] = IWL_HCMD_DFL_NOCOPY,
395 };
396 int i, err;
397
398 if (!wowlan->n_patterns)
399 return 0;
400
401 cmd.len[0] = struct_size(pattern_cmd, patterns, wowlan->n_patterns);
402
403 pattern_cmd = kmalloc(cmd.len[0], GFP_KERNEL);
404 if (!pattern_cmd)
405 return -ENOMEM;
406
407 pattern_cmd->n_patterns = cpu_to_le32(wowlan->n_patterns);
408
409 for (i = 0; i < wowlan->n_patterns; i++) {
410 int mask_len = DIV_ROUND_UP(wowlan->patterns[i].pattern_len, 8);
411
412 memcpy(&pattern_cmd->patterns[i].mask,
413 wowlan->patterns[i].mask, mask_len);
414 memcpy(&pattern_cmd->patterns[i].pattern,
415 wowlan->patterns[i].pattern,
416 wowlan->patterns[i].pattern_len);
417 pattern_cmd->patterns[i].mask_size = mask_len;
418 pattern_cmd->patterns[i].pattern_size =
419 wowlan->patterns[i].pattern_len;
420 }
421
422 cmd.data[0] = pattern_cmd;
423 err = iwl_mvm_send_cmd(mvm, &cmd);
424 kfree(pattern_cmd);
425 return err;
426}
427
428static int iwl_mvm_send_patterns(struct iwl_mvm *mvm,
429 struct cfg80211_wowlan *wowlan)
430{
431 struct iwl_wowlan_patterns_cmd *pattern_cmd;
432 struct iwl_host_cmd cmd = {
433 .id = WOWLAN_PATTERNS,
434 .dataflags[0] = IWL_HCMD_DFL_NOCOPY,
435 };
436 int i, err;
437
438 if (!wowlan->n_patterns)
439 return 0;
440
441 cmd.len[0] = sizeof(*pattern_cmd) +
442 wowlan->n_patterns * sizeof(struct iwl_wowlan_pattern_v2);
443
444 pattern_cmd = kmalloc(cmd.len[0], GFP_KERNEL);
445 if (!pattern_cmd)
446 return -ENOMEM;
447
448 pattern_cmd->n_patterns = cpu_to_le32(wowlan->n_patterns);
449
450 for (i = 0; i < wowlan->n_patterns; i++) {
451 int mask_len = DIV_ROUND_UP(wowlan->patterns[i].pattern_len, 8);
452
453 pattern_cmd->patterns[i].pattern_type =
454 WOWLAN_PATTERN_TYPE_BITMASK;
455
456 memcpy(&pattern_cmd->patterns[i].u.bitmask.mask,
457 wowlan->patterns[i].mask, mask_len);
458 memcpy(&pattern_cmd->patterns[i].u.bitmask.pattern,
459 wowlan->patterns[i].pattern,
460 wowlan->patterns[i].pattern_len);
461 pattern_cmd->patterns[i].u.bitmask.mask_size = mask_len;
462 pattern_cmd->patterns[i].u.bitmask.pattern_size =
463 wowlan->patterns[i].pattern_len;
464 }
465
466 cmd.data[0] = pattern_cmd;
467 err = iwl_mvm_send_cmd(mvm, &cmd);
468 kfree(pattern_cmd);
469 return err;
470}
471
472static int iwl_mvm_d3_reprogram(struct iwl_mvm *mvm, struct ieee80211_vif *vif,
473 struct ieee80211_sta *ap_sta)
474{
475 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
476 struct ieee80211_chanctx_conf *ctx;
477 u8 chains_static, chains_dynamic;
478 struct cfg80211_chan_def chandef;
479 int ret, i;
480 struct iwl_binding_cmd_v1 binding_cmd = {};
481 struct iwl_time_quota_cmd quota_cmd = {};
482 struct iwl_time_quota_data *quota;
483 u32 status;
484
485 if (WARN_ON_ONCE(iwl_mvm_is_cdb_supported(mvm)))
486 return -EINVAL;
487
488 /* add back the PHY */
489 if (WARN_ON(!mvmvif->phy_ctxt))
490 return -EINVAL;
491
492 rcu_read_lock();
493 ctx = rcu_dereference(vif->chanctx_conf);
494 if (WARN_ON(!ctx)) {
495 rcu_read_unlock();
496 return -EINVAL;
497 }
498 chandef = ctx->def;
499 chains_static = ctx->rx_chains_static;
500 chains_dynamic = ctx->rx_chains_dynamic;
501 rcu_read_unlock();
502
503 ret = iwl_mvm_phy_ctxt_add(mvm, mvmvif->phy_ctxt, &chandef,
504 chains_static, chains_dynamic);
505 if (ret)
506 return ret;
507
508 /* add back the MAC */
509 mvmvif->uploaded = false;
510
511 if (WARN_ON(!vif->bss_conf.assoc))
512 return -EINVAL;
513
514 ret = iwl_mvm_mac_ctxt_add(mvm, vif);
515 if (ret)
516 return ret;
517
518 /* add back binding - XXX refactor? */
519 binding_cmd.id_and_color =
520 cpu_to_le32(FW_CMD_ID_AND_COLOR(mvmvif->phy_ctxt->id,
521 mvmvif->phy_ctxt->color));
522 binding_cmd.action = cpu_to_le32(FW_CTXT_ACTION_ADD);
523 binding_cmd.phy =
524 cpu_to_le32(FW_CMD_ID_AND_COLOR(mvmvif->phy_ctxt->id,
525 mvmvif->phy_ctxt->color));
526 binding_cmd.macs[0] = cpu_to_le32(FW_CMD_ID_AND_COLOR(mvmvif->id,
527 mvmvif->color));
528 for (i = 1; i < MAX_MACS_IN_BINDING; i++)
529 binding_cmd.macs[i] = cpu_to_le32(FW_CTXT_INVALID);
530
531 status = 0;
532 ret = iwl_mvm_send_cmd_pdu_status(mvm, BINDING_CONTEXT_CMD,
533 IWL_BINDING_CMD_SIZE_V1, &binding_cmd,
534 &status);
535 if (ret) {
536 IWL_ERR(mvm, "Failed to add binding: %d\n", ret);
537 return ret;
538 }
539
540 if (status) {
541 IWL_ERR(mvm, "Binding command failed: %u\n", status);
542 return -EIO;
543 }
544
545 ret = iwl_mvm_sta_send_to_fw(mvm, ap_sta, false, 0);
546 if (ret)
547 return ret;
548 rcu_assign_pointer(mvm->fw_id_to_mac_id[mvmvif->ap_sta_id], ap_sta);
549
550 ret = iwl_mvm_mac_ctxt_changed(mvm, vif, false, NULL);
551 if (ret)
552 return ret;
553
554 /* and some quota */
555 quota = iwl_mvm_quota_cmd_get_quota(mvm, "a_cmd, 0);
556 quota->id_and_color =
557 cpu_to_le32(FW_CMD_ID_AND_COLOR(mvmvif->phy_ctxt->id,
558 mvmvif->phy_ctxt->color));
559 quota->quota = cpu_to_le32(IWL_MVM_MAX_QUOTA);
560 quota->max_duration = cpu_to_le32(IWL_MVM_MAX_QUOTA);
561
562 for (i = 1; i < MAX_BINDINGS; i++) {
563 quota = iwl_mvm_quota_cmd_get_quota(mvm, "a_cmd, i);
564 quota->id_and_color = cpu_to_le32(FW_CTXT_INVALID);
565 }
566
567 ret = iwl_mvm_send_cmd_pdu(mvm, TIME_QUOTA_CMD, 0,
568 iwl_mvm_quota_cmd_size(mvm), "a_cmd);
569 if (ret)
570 IWL_ERR(mvm, "Failed to send quota: %d\n", ret);
571
572 if (iwl_mvm_is_lar_supported(mvm) && iwl_mvm_init_fw_regd(mvm))
573 IWL_ERR(mvm, "Failed to initialize D3 LAR information\n");
574
575 return 0;
576}
577
578static int iwl_mvm_get_last_nonqos_seq(struct iwl_mvm *mvm,
579 struct ieee80211_vif *vif)
580{
581 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
582 struct iwl_nonqos_seq_query_cmd query_cmd = {
583 .get_set_flag = cpu_to_le32(IWL_NONQOS_SEQ_GET),
584 .mac_id_n_color =
585 cpu_to_le32(FW_CMD_ID_AND_COLOR(mvmvif->id,
586 mvmvif->color)),
587 };
588 struct iwl_host_cmd cmd = {
589 .id = NON_QOS_TX_COUNTER_CMD,
590 .flags = CMD_WANT_SKB,
591 };
592 int err;
593 u32 size;
594
595 cmd.data[0] = &query_cmd;
596 cmd.len[0] = sizeof(query_cmd);
597
598 err = iwl_mvm_send_cmd(mvm, &cmd);
599 if (err)
600 return err;
601
602 size = iwl_rx_packet_payload_len(cmd.resp_pkt);
603 if (size < sizeof(__le16)) {
604 err = -EINVAL;
605 } else {
606 err = le16_to_cpup((__le16 *)cmd.resp_pkt->data);
607 /* firmware returns next, not last-used seqno */
608 err = (u16) (err - 0x10);
609 }
610
611 iwl_free_resp(&cmd);
612 return err;
613}
614
615void iwl_mvm_set_last_nonqos_seq(struct iwl_mvm *mvm, struct ieee80211_vif *vif)
616{
617 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
618 struct iwl_nonqos_seq_query_cmd query_cmd = {
619 .get_set_flag = cpu_to_le32(IWL_NONQOS_SEQ_SET),
620 .mac_id_n_color =
621 cpu_to_le32(FW_CMD_ID_AND_COLOR(mvmvif->id,
622 mvmvif->color)),
623 .value = cpu_to_le16(mvmvif->seqno),
624 };
625
626 /* return if called during restart, not resume from D3 */
627 if (!mvmvif->seqno_valid)
628 return;
629
630 mvmvif->seqno_valid = false;
631
632 if (iwl_mvm_send_cmd_pdu(mvm, NON_QOS_TX_COUNTER_CMD, 0,
633 sizeof(query_cmd), &query_cmd))
634 IWL_ERR(mvm, "failed to set non-QoS seqno\n");
635}
636
637static int iwl_mvm_switch_to_d3(struct iwl_mvm *mvm)
638{
639 iwl_mvm_scan_stop(mvm, IWL_MVM_SCAN_REGULAR, true);
640
641 iwl_mvm_stop_device(mvm);
642 /*
643 * Set the HW restart bit -- this is mostly true as we're
644 * going to load new firmware and reprogram that, though
645 * the reprogramming is going to be manual to avoid adding
646 * all the MACs that aren't support.
647 * We don't have to clear up everything though because the
648 * reprogramming is manual. When we resume, we'll actually
649 * go through a proper restart sequence again to switch
650 * back to the runtime firmware image.
651 */
652 set_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status);
653
654 /* the fw is reset, so all the keys are cleared */
655 memset(mvm->fw_key_table, 0, sizeof(mvm->fw_key_table));
656
657 mvm->ptk_ivlen = 0;
658 mvm->ptk_icvlen = 0;
659 mvm->ptk_ivlen = 0;
660 mvm->ptk_icvlen = 0;
661
662 return iwl_mvm_load_d3_fw(mvm);
663}
664
665static int
666iwl_mvm_get_wowlan_config(struct iwl_mvm *mvm,
667 struct cfg80211_wowlan *wowlan,
668 struct iwl_wowlan_config_cmd *wowlan_config_cmd,
669 struct ieee80211_vif *vif, struct iwl_mvm_vif *mvmvif,
670 struct ieee80211_sta *ap_sta)
671{
672 int ret;
673 struct iwl_mvm_sta *mvm_ap_sta = iwl_mvm_sta_from_mac80211(ap_sta);
674
675 /* TODO: wowlan_config_cmd->wowlan_ba_teardown_tids */
676
677 wowlan_config_cmd->is_11n_connection =
678 ap_sta->ht_cap.ht_supported;
679 wowlan_config_cmd->flags = ENABLE_L3_FILTERING |
680 ENABLE_NBNS_FILTERING | ENABLE_DHCP_FILTERING;
681
682 /* Query the last used seqno and set it */
683 ret = iwl_mvm_get_last_nonqos_seq(mvm, vif);
684 if (ret < 0)
685 return ret;
686
687 wowlan_config_cmd->non_qos_seq = cpu_to_le16(ret);
688
689 iwl_mvm_set_wowlan_qos_seq(mvm_ap_sta, wowlan_config_cmd);
690
691 if (wowlan->disconnect)
692 wowlan_config_cmd->wakeup_filter |=
693 cpu_to_le32(IWL_WOWLAN_WAKEUP_BEACON_MISS |
694 IWL_WOWLAN_WAKEUP_LINK_CHANGE);
695 if (wowlan->magic_pkt)
696 wowlan_config_cmd->wakeup_filter |=
697 cpu_to_le32(IWL_WOWLAN_WAKEUP_MAGIC_PACKET);
698 if (wowlan->gtk_rekey_failure)
699 wowlan_config_cmd->wakeup_filter |=
700 cpu_to_le32(IWL_WOWLAN_WAKEUP_GTK_REKEY_FAIL);
701 if (wowlan->eap_identity_req)
702 wowlan_config_cmd->wakeup_filter |=
703 cpu_to_le32(IWL_WOWLAN_WAKEUP_EAP_IDENT_REQ);
704 if (wowlan->four_way_handshake)
705 wowlan_config_cmd->wakeup_filter |=
706 cpu_to_le32(IWL_WOWLAN_WAKEUP_4WAY_HANDSHAKE);
707 if (wowlan->n_patterns)
708 wowlan_config_cmd->wakeup_filter |=
709 cpu_to_le32(IWL_WOWLAN_WAKEUP_PATTERN_MATCH);
710
711 if (wowlan->rfkill_release)
712 wowlan_config_cmd->wakeup_filter |=
713 cpu_to_le32(IWL_WOWLAN_WAKEUP_RF_KILL_DEASSERT);
714
715 if (wowlan->tcp) {
716 /*
717 * Set the "link change" (really "link lost") flag as well
718 * since that implies losing the TCP connection.
719 */
720 wowlan_config_cmd->wakeup_filter |=
721 cpu_to_le32(IWL_WOWLAN_WAKEUP_REMOTE_LINK_LOSS |
722 IWL_WOWLAN_WAKEUP_REMOTE_SIGNATURE_TABLE |
723 IWL_WOWLAN_WAKEUP_REMOTE_WAKEUP_PACKET |
724 IWL_WOWLAN_WAKEUP_LINK_CHANGE);
725 }
726
727 if (wowlan->any) {
728 wowlan_config_cmd->wakeup_filter |=
729 cpu_to_le32(IWL_WOWLAN_WAKEUP_BEACON_MISS |
730 IWL_WOWLAN_WAKEUP_LINK_CHANGE |
731 IWL_WOWLAN_WAKEUP_RX_FRAME |
732 IWL_WOWLAN_WAKEUP_BCN_FILTERING);
733 }
734
735 return 0;
736}
737
738static int iwl_mvm_wowlan_config_key_params(struct iwl_mvm *mvm,
739 struct ieee80211_vif *vif,
740 u32 cmd_flags)
741{
742 struct iwl_wowlan_kek_kck_material_cmd kek_kck_cmd = {};
743 struct iwl_wowlan_tkip_params_cmd tkip_cmd = {};
744 bool unified = fw_has_capa(&mvm->fw->ucode_capa,
745 IWL_UCODE_TLV_CAPA_CNSLDTD_D3_D0_IMG);
746 struct wowlan_key_data key_data = {
747 .configure_keys = !unified,
748 .use_rsc_tsc = false,
749 .tkip = &tkip_cmd,
750 .use_tkip = false,
751 };
752 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
753 int ret;
754
755 key_data.rsc_tsc = kzalloc(sizeof(*key_data.rsc_tsc), GFP_KERNEL);
756 if (!key_data.rsc_tsc)
757 return -ENOMEM;
758
759 /*
760 * if we have to configure keys, call ieee80211_iter_keys(),
761 * as we need non-atomic context in order to take the
762 * required locks.
763 */
764 /*
765 * Note that currently we don't propagate cmd_flags
766 * to the iterator. In case of key_data.configure_keys,
767 * all the configured commands are SYNC, and
768 * iwl_mvm_wowlan_program_keys() will take care of
769 * locking/unlocking mvm->mutex.
770 */
771 ieee80211_iter_keys(mvm->hw, vif, iwl_mvm_wowlan_program_keys,
772 &key_data);
773
774 if (key_data.error) {
775 ret = -EIO;
776 goto out;
777 }
778
779 if (key_data.use_rsc_tsc) {
780 ret = iwl_mvm_send_cmd_pdu(mvm,
781 WOWLAN_TSC_RSC_PARAM, cmd_flags,
782 sizeof(*key_data.rsc_tsc),
783 key_data.rsc_tsc);
784 if (ret)
785 goto out;
786 }
787
788 if (key_data.use_tkip &&
789 !fw_has_api(&mvm->fw->ucode_capa,
790 IWL_UCODE_TLV_API_TKIP_MIC_KEYS)) {
791 ret = iwl_mvm_send_cmd_pdu(mvm,
792 WOWLAN_TKIP_PARAM,
793 cmd_flags, sizeof(tkip_cmd),
794 &tkip_cmd);
795 if (ret)
796 goto out;
797 }
798
799 /* configure rekey data only if offloaded rekey is supported (d3) */
800 if (mvmvif->rekey_data.valid) {
801 memset(&kek_kck_cmd, 0, sizeof(kek_kck_cmd));
802 memcpy(kek_kck_cmd.kck, mvmvif->rekey_data.kck,
803 NL80211_KCK_LEN);
804 kek_kck_cmd.kck_len = cpu_to_le16(NL80211_KCK_LEN);
805 memcpy(kek_kck_cmd.kek, mvmvif->rekey_data.kek,
806 NL80211_KEK_LEN);
807 kek_kck_cmd.kek_len = cpu_to_le16(NL80211_KEK_LEN);
808 kek_kck_cmd.replay_ctr = mvmvif->rekey_data.replay_ctr;
809
810 ret = iwl_mvm_send_cmd_pdu(mvm,
811 WOWLAN_KEK_KCK_MATERIAL, cmd_flags,
812 sizeof(kek_kck_cmd),
813 &kek_kck_cmd);
814 if (ret)
815 goto out;
816 }
817 ret = 0;
818out:
819 kfree(key_data.rsc_tsc);
820 return ret;
821}
822
823static int
824iwl_mvm_wowlan_config(struct iwl_mvm *mvm,
825 struct cfg80211_wowlan *wowlan,
826 struct iwl_wowlan_config_cmd *wowlan_config_cmd,
827 struct ieee80211_vif *vif, struct iwl_mvm_vif *mvmvif,
828 struct ieee80211_sta *ap_sta)
829{
830 int ret;
831 bool unified_image = fw_has_capa(&mvm->fw->ucode_capa,
832 IWL_UCODE_TLV_CAPA_CNSLDTD_D3_D0_IMG);
833
834 mvm->offload_tid = wowlan_config_cmd->offloading_tid;
835
836 if (!unified_image) {
837 ret = iwl_mvm_switch_to_d3(mvm);
838 if (ret)
839 return ret;
840
841 ret = iwl_mvm_d3_reprogram(mvm, vif, ap_sta);
842 if (ret)
843 return ret;
844 }
845
846 if (!iwlwifi_mod_params.swcrypto) {
847 /*
848 * This needs to be unlocked due to lock ordering
849 * constraints. Since we're in the suspend path
850 * that isn't really a problem though.
851 */
852 mutex_unlock(&mvm->mutex);
853 ret = iwl_mvm_wowlan_config_key_params(mvm, vif, CMD_ASYNC);
854 mutex_lock(&mvm->mutex);
855 if (ret)
856 return ret;
857 }
858
859 ret = iwl_mvm_send_cmd_pdu(mvm, WOWLAN_CONFIGURATION, 0,
860 sizeof(*wowlan_config_cmd),
861 wowlan_config_cmd);
862 if (ret)
863 return ret;
864
865 if (fw_has_api(&mvm->fw->ucode_capa,
866 IWL_UCODE_TLV_API_WOWLAN_TCP_SYN_WAKE))
867 ret = iwl_mvm_send_patterns(mvm, wowlan);
868 else
869 ret = iwl_mvm_send_patterns_v1(mvm, wowlan);
870 if (ret)
871 return ret;
872
873 return iwl_mvm_send_proto_offload(mvm, vif, false, true, 0);
874}
875
876static int
877iwl_mvm_netdetect_config(struct iwl_mvm *mvm,
878 struct cfg80211_wowlan *wowlan,
879 struct cfg80211_sched_scan_request *nd_config,
880 struct ieee80211_vif *vif)
881{
882 struct iwl_wowlan_config_cmd wowlan_config_cmd = {};
883 int ret;
884 bool unified_image = fw_has_capa(&mvm->fw->ucode_capa,
885 IWL_UCODE_TLV_CAPA_CNSLDTD_D3_D0_IMG);
886
887 if (!unified_image) {
888 ret = iwl_mvm_switch_to_d3(mvm);
889 if (ret)
890 return ret;
891 } else {
892 /* In theory, we wouldn't have to stop a running sched
893 * scan in order to start another one (for
894 * net-detect). But in practice this doesn't seem to
895 * work properly, so stop any running sched_scan now.
896 */
897 ret = iwl_mvm_scan_stop(mvm, IWL_MVM_SCAN_SCHED, true);
898 if (ret)
899 return ret;
900 }
901
902 /* rfkill release can be either for wowlan or netdetect */
903 if (wowlan->rfkill_release)
904 wowlan_config_cmd.wakeup_filter |=
905 cpu_to_le32(IWL_WOWLAN_WAKEUP_RF_KILL_DEASSERT);
906
907 wowlan_config_cmd.sta_id = mvm->aux_sta.sta_id;
908
909 ret = iwl_mvm_send_cmd_pdu(mvm, WOWLAN_CONFIGURATION, 0,
910 sizeof(wowlan_config_cmd),
911 &wowlan_config_cmd);
912 if (ret)
913 return ret;
914
915 ret = iwl_mvm_sched_scan_start(mvm, vif, nd_config, &mvm->nd_ies,
916 IWL_MVM_SCAN_NETDETECT);
917 if (ret)
918 return ret;
919
920 if (WARN_ON(mvm->nd_match_sets || mvm->nd_channels))
921 return -EBUSY;
922
923 /* save the sched scan matchsets... */
924 if (nd_config->n_match_sets) {
925 mvm->nd_match_sets = kmemdup(nd_config->match_sets,
926 sizeof(*nd_config->match_sets) *
927 nd_config->n_match_sets,
928 GFP_KERNEL);
929 if (mvm->nd_match_sets)
930 mvm->n_nd_match_sets = nd_config->n_match_sets;
931 }
932
933 /* ...and the sched scan channels for later reporting */
934 mvm->nd_channels = kmemdup(nd_config->channels,
935 sizeof(*nd_config->channels) *
936 nd_config->n_channels,
937 GFP_KERNEL);
938 if (mvm->nd_channels)
939 mvm->n_nd_channels = nd_config->n_channels;
940
941 return 0;
942}
943
944static void iwl_mvm_free_nd(struct iwl_mvm *mvm)
945{
946 kfree(mvm->nd_match_sets);
947 mvm->nd_match_sets = NULL;
948 mvm->n_nd_match_sets = 0;
949 kfree(mvm->nd_channels);
950 mvm->nd_channels = NULL;
951 mvm->n_nd_channels = 0;
952}
953
954static int __iwl_mvm_suspend(struct ieee80211_hw *hw,
955 struct cfg80211_wowlan *wowlan,
956 bool test)
957{
958 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
959 struct ieee80211_vif *vif = NULL;
960 struct iwl_mvm_vif *mvmvif = NULL;
961 struct ieee80211_sta *ap_sta = NULL;
962 struct iwl_d3_manager_config d3_cfg_cmd_data = {
963 /*
964 * Program the minimum sleep time to 10 seconds, as many
965 * platforms have issues processing a wakeup signal while
966 * still being in the process of suspending.
967 */
968 .min_sleep_time = cpu_to_le32(10 * 1000 * 1000),
969 };
970 struct iwl_host_cmd d3_cfg_cmd = {
971 .id = D3_CONFIG_CMD,
972 .flags = CMD_WANT_SKB,
973 .data[0] = &d3_cfg_cmd_data,
974 .len[0] = sizeof(d3_cfg_cmd_data),
975 };
976 int ret;
977 int len __maybe_unused;
978 bool unified_image = fw_has_capa(&mvm->fw->ucode_capa,
979 IWL_UCODE_TLV_CAPA_CNSLDTD_D3_D0_IMG);
980
981 if (!wowlan) {
982 /*
983 * mac80211 shouldn't get here, but for D3 test
984 * it doesn't warrant a warning
985 */
986 WARN_ON(!test);
987 return -EINVAL;
988 }
989
990 mutex_lock(&mvm->mutex);
991
992 vif = iwl_mvm_get_bss_vif(mvm);
993 if (IS_ERR_OR_NULL(vif)) {
994 ret = 1;
995 goto out_noreset;
996 }
997
998 mvmvif = iwl_mvm_vif_from_mac80211(vif);
999
1000 if (mvmvif->ap_sta_id == IWL_MVM_INVALID_STA) {
1001 /* if we're not associated, this must be netdetect */
1002 if (!wowlan->nd_config) {
1003 ret = 1;
1004 goto out_noreset;
1005 }
1006
1007 ret = iwl_mvm_netdetect_config(
1008 mvm, wowlan, wowlan->nd_config, vif);
1009 if (ret)
1010 goto out;
1011
1012 mvm->net_detect = true;
1013 } else {
1014 struct iwl_wowlan_config_cmd wowlan_config_cmd = {};
1015
1016 wowlan_config_cmd.sta_id = mvmvif->ap_sta_id;
1017
1018 ap_sta = rcu_dereference_protected(
1019 mvm->fw_id_to_mac_id[mvmvif->ap_sta_id],
1020 lockdep_is_held(&mvm->mutex));
1021 if (IS_ERR_OR_NULL(ap_sta)) {
1022 ret = -EINVAL;
1023 goto out_noreset;
1024 }
1025
1026 ret = iwl_mvm_get_wowlan_config(mvm, wowlan, &wowlan_config_cmd,
1027 vif, mvmvif, ap_sta);
1028 if (ret)
1029 goto out_noreset;
1030 ret = iwl_mvm_wowlan_config(mvm, wowlan, &wowlan_config_cmd,
1031 vif, mvmvif, ap_sta);
1032 if (ret)
1033 goto out;
1034
1035 mvm->net_detect = false;
1036 }
1037
1038 ret = iwl_mvm_power_update_device(mvm);
1039 if (ret)
1040 goto out;
1041
1042 ret = iwl_mvm_power_update_mac(mvm);
1043 if (ret)
1044 goto out;
1045
1046#ifdef CONFIG_IWLWIFI_DEBUGFS
1047 if (mvm->d3_wake_sysassert)
1048 d3_cfg_cmd_data.wakeup_flags |=
1049 cpu_to_le32(IWL_WAKEUP_D3_CONFIG_FW_ERROR);
1050#endif
1051
1052 /*
1053 * Prior to 9000 device family the driver needs to stop the dbg
1054 * recording before entering D3. In later devices the FW stops the
1055 * recording automatically.
1056 */
1057 if (mvm->trans->trans_cfg->device_family < IWL_DEVICE_FAMILY_9000)
1058 iwl_fw_dbg_stop_restart_recording(&mvm->fwrt, NULL, true);
1059
1060 /* must be last -- this switches firmware state */
1061 ret = iwl_mvm_send_cmd(mvm, &d3_cfg_cmd);
1062 if (ret)
1063 goto out;
1064#ifdef CONFIG_IWLWIFI_DEBUGFS
1065 len = iwl_rx_packet_payload_len(d3_cfg_cmd.resp_pkt);
1066 if (len >= sizeof(u32)) {
1067 mvm->d3_test_pme_ptr =
1068 le32_to_cpup((__le32 *)d3_cfg_cmd.resp_pkt->data);
1069 }
1070#endif
1071 iwl_free_resp(&d3_cfg_cmd);
1072
1073 clear_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status);
1074
1075 ret = iwl_trans_d3_suspend(mvm->trans, test, !unified_image);
1076 out:
1077 if (ret < 0) {
1078 iwl_mvm_free_nd(mvm);
1079
1080 if (!unified_image) {
1081 if (mvm->fw_restart > 0) {
1082 mvm->fw_restart--;
1083 ieee80211_restart_hw(mvm->hw);
1084 }
1085 }
1086 }
1087 out_noreset:
1088 mutex_unlock(&mvm->mutex);
1089
1090 return ret;
1091}
1092
1093int iwl_mvm_suspend(struct ieee80211_hw *hw, struct cfg80211_wowlan *wowlan)
1094{
1095 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
1096 struct iwl_trans *trans = mvm->trans;
1097 int ret;
1098
1099 iwl_mvm_pause_tcm(mvm, true);
1100
1101 iwl_fw_runtime_suspend(&mvm->fwrt);
1102
1103 ret = iwl_trans_suspend(trans);
1104 if (ret)
1105 return ret;
1106
1107 trans->system_pm_mode = IWL_PLAT_PM_MODE_D3;
1108
1109 return __iwl_mvm_suspend(hw, wowlan, false);
1110}
1111
1112/* converted data from the different status responses */
1113struct iwl_wowlan_status_data {
1114 u16 pattern_number;
1115 u16 qos_seq_ctr[8];
1116 u32 wakeup_reasons;
1117 u32 wake_packet_length;
1118 u32 wake_packet_bufsize;
1119 const u8 *wake_packet;
1120};
1121
1122static void iwl_mvm_report_wakeup_reasons(struct iwl_mvm *mvm,
1123 struct ieee80211_vif *vif,
1124 struct iwl_wowlan_status_data *status)
1125{
1126 struct sk_buff *pkt = NULL;
1127 struct cfg80211_wowlan_wakeup wakeup = {
1128 .pattern_idx = -1,
1129 };
1130 struct cfg80211_wowlan_wakeup *wakeup_report = &wakeup;
1131 u32 reasons = status->wakeup_reasons;
1132
1133 if (reasons == IWL_WOWLAN_WAKEUP_BY_NON_WIRELESS) {
1134 wakeup_report = NULL;
1135 goto report;
1136 }
1137
1138 pm_wakeup_event(mvm->dev, 0);
1139
1140 if (reasons & IWL_WOWLAN_WAKEUP_BY_MAGIC_PACKET)
1141 wakeup.magic_pkt = true;
1142
1143 if (reasons & IWL_WOWLAN_WAKEUP_BY_PATTERN)
1144 wakeup.pattern_idx =
1145 status->pattern_number;
1146
1147 if (reasons & (IWL_WOWLAN_WAKEUP_BY_DISCONNECTION_ON_MISSED_BEACON |
1148 IWL_WOWLAN_WAKEUP_BY_DISCONNECTION_ON_DEAUTH))
1149 wakeup.disconnect = true;
1150
1151 if (reasons & IWL_WOWLAN_WAKEUP_BY_GTK_REKEY_FAILURE)
1152 wakeup.gtk_rekey_failure = true;
1153
1154 if (reasons & IWL_WOWLAN_WAKEUP_BY_RFKILL_DEASSERTED)
1155 wakeup.rfkill_release = true;
1156
1157 if (reasons & IWL_WOWLAN_WAKEUP_BY_EAPOL_REQUEST)
1158 wakeup.eap_identity_req = true;
1159
1160 if (reasons & IWL_WOWLAN_WAKEUP_BY_FOUR_WAY_HANDSHAKE)
1161 wakeup.four_way_handshake = true;
1162
1163 if (reasons & IWL_WOWLAN_WAKEUP_BY_REM_WAKE_LINK_LOSS)
1164 wakeup.tcp_connlost = true;
1165
1166 if (reasons & IWL_WOWLAN_WAKEUP_BY_REM_WAKE_SIGNATURE_TABLE)
1167 wakeup.tcp_nomoretokens = true;
1168
1169 if (reasons & IWL_WOWLAN_WAKEUP_BY_REM_WAKE_WAKEUP_PACKET)
1170 wakeup.tcp_match = true;
1171
1172 if (status->wake_packet_bufsize) {
1173 int pktsize = status->wake_packet_bufsize;
1174 int pktlen = status->wake_packet_length;
1175 const u8 *pktdata = status->wake_packet;
1176 struct ieee80211_hdr *hdr = (void *)pktdata;
1177 int truncated = pktlen - pktsize;
1178
1179 /* this would be a firmware bug */
1180 if (WARN_ON_ONCE(truncated < 0))
1181 truncated = 0;
1182
1183 if (ieee80211_is_data(hdr->frame_control)) {
1184 int hdrlen = ieee80211_hdrlen(hdr->frame_control);
1185 int ivlen = 0, icvlen = 4; /* also FCS */
1186
1187 pkt = alloc_skb(pktsize, GFP_KERNEL);
1188 if (!pkt)
1189 goto report;
1190
1191 skb_put_data(pkt, pktdata, hdrlen);
1192 pktdata += hdrlen;
1193 pktsize -= hdrlen;
1194
1195 if (ieee80211_has_protected(hdr->frame_control)) {
1196 /*
1197 * This is unlocked and using gtk_i(c)vlen,
1198 * but since everything is under RTNL still
1199 * that's not really a problem - changing
1200 * it would be difficult.
1201 */
1202 if (is_multicast_ether_addr(hdr->addr1)) {
1203 ivlen = mvm->gtk_ivlen;
1204 icvlen += mvm->gtk_icvlen;
1205 } else {
1206 ivlen = mvm->ptk_ivlen;
1207 icvlen += mvm->ptk_icvlen;
1208 }
1209 }
1210
1211 /* if truncated, FCS/ICV is (partially) gone */
1212 if (truncated >= icvlen) {
1213 icvlen = 0;
1214 truncated -= icvlen;
1215 } else {
1216 icvlen -= truncated;
1217 truncated = 0;
1218 }
1219
1220 pktsize -= ivlen + icvlen;
1221 pktdata += ivlen;
1222
1223 skb_put_data(pkt, pktdata, pktsize);
1224
1225 if (ieee80211_data_to_8023(pkt, vif->addr, vif->type))
1226 goto report;
1227 wakeup.packet = pkt->data;
1228 wakeup.packet_present_len = pkt->len;
1229 wakeup.packet_len = pkt->len - truncated;
1230 wakeup.packet_80211 = false;
1231 } else {
1232 int fcslen = 4;
1233
1234 if (truncated >= 4) {
1235 truncated -= 4;
1236 fcslen = 0;
1237 } else {
1238 fcslen -= truncated;
1239 truncated = 0;
1240 }
1241 pktsize -= fcslen;
1242 wakeup.packet = status->wake_packet;
1243 wakeup.packet_present_len = pktsize;
1244 wakeup.packet_len = pktlen - truncated;
1245 wakeup.packet_80211 = true;
1246 }
1247 }
1248
1249 report:
1250 ieee80211_report_wowlan_wakeup(vif, wakeup_report, GFP_KERNEL);
1251 kfree_skb(pkt);
1252}
1253
1254static void iwl_mvm_aes_sc_to_seq(struct aes_sc *sc,
1255 struct ieee80211_key_seq *seq)
1256{
1257 u64 pn;
1258
1259 pn = le64_to_cpu(sc->pn);
1260 seq->ccmp.pn[0] = pn >> 40;
1261 seq->ccmp.pn[1] = pn >> 32;
1262 seq->ccmp.pn[2] = pn >> 24;
1263 seq->ccmp.pn[3] = pn >> 16;
1264 seq->ccmp.pn[4] = pn >> 8;
1265 seq->ccmp.pn[5] = pn;
1266}
1267
1268static void iwl_mvm_tkip_sc_to_seq(struct tkip_sc *sc,
1269 struct ieee80211_key_seq *seq)
1270{
1271 seq->tkip.iv32 = le32_to_cpu(sc->iv32);
1272 seq->tkip.iv16 = le16_to_cpu(sc->iv16);
1273}
1274
1275static void iwl_mvm_set_aes_rx_seq(struct iwl_mvm *mvm, struct aes_sc *scs,
1276 struct ieee80211_sta *sta,
1277 struct ieee80211_key_conf *key)
1278{
1279 int tid;
1280
1281 BUILD_BUG_ON(IWL_NUM_RSC != IEEE80211_NUM_TIDS);
1282
1283 if (sta && iwl_mvm_has_new_rx_api(mvm)) {
1284 struct iwl_mvm_sta *mvmsta;
1285 struct iwl_mvm_key_pn *ptk_pn;
1286
1287 mvmsta = iwl_mvm_sta_from_mac80211(sta);
1288
1289 ptk_pn = rcu_dereference_protected(mvmsta->ptk_pn[key->keyidx],
1290 lockdep_is_held(&mvm->mutex));
1291 if (WARN_ON(!ptk_pn))
1292 return;
1293
1294 for (tid = 0; tid < IWL_MAX_TID_COUNT; tid++) {
1295 struct ieee80211_key_seq seq = {};
1296 int i;
1297
1298 iwl_mvm_aes_sc_to_seq(&scs[tid], &seq);
1299 ieee80211_set_key_rx_seq(key, tid, &seq);
1300 for (i = 1; i < mvm->trans->num_rx_queues; i++)
1301 memcpy(ptk_pn->q[i].pn[tid],
1302 seq.ccmp.pn, IEEE80211_CCMP_PN_LEN);
1303 }
1304 } else {
1305 for (tid = 0; tid < IWL_NUM_RSC; tid++) {
1306 struct ieee80211_key_seq seq = {};
1307
1308 iwl_mvm_aes_sc_to_seq(&scs[tid], &seq);
1309 ieee80211_set_key_rx_seq(key, tid, &seq);
1310 }
1311 }
1312}
1313
1314static void iwl_mvm_set_tkip_rx_seq(struct tkip_sc *scs,
1315 struct ieee80211_key_conf *key)
1316{
1317 int tid;
1318
1319 BUILD_BUG_ON(IWL_NUM_RSC != IEEE80211_NUM_TIDS);
1320
1321 for (tid = 0; tid < IWL_NUM_RSC; tid++) {
1322 struct ieee80211_key_seq seq = {};
1323
1324 iwl_mvm_tkip_sc_to_seq(&scs[tid], &seq);
1325 ieee80211_set_key_rx_seq(key, tid, &seq);
1326 }
1327}
1328
1329static void iwl_mvm_set_key_rx_seq(struct iwl_mvm *mvm,
1330 struct ieee80211_key_conf *key,
1331 struct iwl_wowlan_status *status)
1332{
1333 union iwl_all_tsc_rsc *rsc = &status->gtk[0].rsc.all_tsc_rsc;
1334
1335 switch (key->cipher) {
1336 case WLAN_CIPHER_SUITE_CCMP:
1337 iwl_mvm_set_aes_rx_seq(mvm, rsc->aes.multicast_rsc, NULL, key);
1338 break;
1339 case WLAN_CIPHER_SUITE_TKIP:
1340 iwl_mvm_set_tkip_rx_seq(rsc->tkip.multicast_rsc, key);
1341 break;
1342 default:
1343 WARN_ON(1);
1344 }
1345}
1346
1347struct iwl_mvm_d3_gtk_iter_data {
1348 struct iwl_mvm *mvm;
1349 struct iwl_wowlan_status *status;
1350 void *last_gtk;
1351 u32 cipher;
1352 bool find_phase, unhandled_cipher;
1353 int num_keys;
1354};
1355
1356static void iwl_mvm_d3_update_keys(struct ieee80211_hw *hw,
1357 struct ieee80211_vif *vif,
1358 struct ieee80211_sta *sta,
1359 struct ieee80211_key_conf *key,
1360 void *_data)
1361{
1362 struct iwl_mvm_d3_gtk_iter_data *data = _data;
1363
1364 if (data->unhandled_cipher)
1365 return;
1366
1367 switch (key->cipher) {
1368 case WLAN_CIPHER_SUITE_WEP40:
1369 case WLAN_CIPHER_SUITE_WEP104:
1370 /* ignore WEP completely, nothing to do */
1371 return;
1372 case WLAN_CIPHER_SUITE_CCMP:
1373 case WLAN_CIPHER_SUITE_TKIP:
1374 /* we support these */
1375 break;
1376 default:
1377 /* everything else (even CMAC for MFP) - disconnect from AP */
1378 data->unhandled_cipher = true;
1379 return;
1380 }
1381
1382 data->num_keys++;
1383
1384 /*
1385 * pairwise key - update sequence counters only;
1386 * note that this assumes no TDLS sessions are active
1387 */
1388 if (sta) {
1389 struct ieee80211_key_seq seq = {};
1390 union iwl_all_tsc_rsc *sc =
1391 &data->status->gtk[0].rsc.all_tsc_rsc;
1392
1393 if (data->find_phase)
1394 return;
1395
1396 switch (key->cipher) {
1397 case WLAN_CIPHER_SUITE_CCMP:
1398 iwl_mvm_set_aes_rx_seq(data->mvm, sc->aes.unicast_rsc,
1399 sta, key);
1400 atomic64_set(&key->tx_pn, le64_to_cpu(sc->aes.tsc.pn));
1401 break;
1402 case WLAN_CIPHER_SUITE_TKIP:
1403 iwl_mvm_tkip_sc_to_seq(&sc->tkip.tsc, &seq);
1404 iwl_mvm_set_tkip_rx_seq(sc->tkip.unicast_rsc, key);
1405 atomic64_set(&key->tx_pn,
1406 (u64)seq.tkip.iv16 |
1407 ((u64)seq.tkip.iv32 << 16));
1408 break;
1409 }
1410
1411 /* that's it for this key */
1412 return;
1413 }
1414
1415 if (data->find_phase) {
1416 data->last_gtk = key;
1417 data->cipher = key->cipher;
1418 return;
1419 }
1420
1421 if (data->status->num_of_gtk_rekeys)
1422 ieee80211_remove_key(key);
1423 else if (data->last_gtk == key)
1424 iwl_mvm_set_key_rx_seq(data->mvm, key, data->status);
1425}
1426
1427static bool iwl_mvm_setup_connection_keep(struct iwl_mvm *mvm,
1428 struct ieee80211_vif *vif,
1429 struct iwl_wowlan_status *status)
1430{
1431 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
1432 struct iwl_mvm_d3_gtk_iter_data gtkdata = {
1433 .mvm = mvm,
1434 .status = status,
1435 };
1436 u32 disconnection_reasons =
1437 IWL_WOWLAN_WAKEUP_BY_DISCONNECTION_ON_MISSED_BEACON |
1438 IWL_WOWLAN_WAKEUP_BY_DISCONNECTION_ON_DEAUTH;
1439
1440 if (!status || !vif->bss_conf.bssid)
1441 return false;
1442
1443 if (le32_to_cpu(status->wakeup_reasons) & disconnection_reasons)
1444 return false;
1445
1446 /* find last GTK that we used initially, if any */
1447 gtkdata.find_phase = true;
1448 ieee80211_iter_keys(mvm->hw, vif,
1449 iwl_mvm_d3_update_keys, >kdata);
1450 /* not trying to keep connections with MFP/unhandled ciphers */
1451 if (gtkdata.unhandled_cipher)
1452 return false;
1453 if (!gtkdata.num_keys)
1454 goto out;
1455 if (!gtkdata.last_gtk)
1456 return false;
1457
1458 /*
1459 * invalidate all other GTKs that might still exist and update
1460 * the one that we used
1461 */
1462 gtkdata.find_phase = false;
1463 ieee80211_iter_keys(mvm->hw, vif,
1464 iwl_mvm_d3_update_keys, >kdata);
1465
1466 if (status->num_of_gtk_rekeys) {
1467 struct ieee80211_key_conf *key;
1468 struct {
1469 struct ieee80211_key_conf conf;
1470 u8 key[32];
1471 } conf = {
1472 .conf.cipher = gtkdata.cipher,
1473 .conf.keyidx =
1474 iwlmvm_wowlan_gtk_idx(&status->gtk[0]),
1475 };
1476 __be64 replay_ctr;
1477
1478 switch (gtkdata.cipher) {
1479 case WLAN_CIPHER_SUITE_CCMP:
1480 conf.conf.keylen = WLAN_KEY_LEN_CCMP;
1481 memcpy(conf.conf.key, status->gtk[0].key,
1482 WLAN_KEY_LEN_CCMP);
1483 break;
1484 case WLAN_CIPHER_SUITE_TKIP:
1485 conf.conf.keylen = WLAN_KEY_LEN_TKIP;
1486 memcpy(conf.conf.key, status->gtk[0].key, 16);
1487 /* leave TX MIC key zeroed, we don't use it anyway */
1488 memcpy(conf.conf.key +
1489 NL80211_TKIP_DATA_OFFSET_RX_MIC_KEY,
1490 status->gtk[0].tkip_mic_key, 8);
1491 break;
1492 }
1493
1494 key = ieee80211_gtk_rekey_add(vif, &conf.conf);
1495 if (IS_ERR(key))
1496 return false;
1497 iwl_mvm_set_key_rx_seq(mvm, key, status);
1498
1499 replay_ctr =
1500 cpu_to_be64(le64_to_cpu(status->replay_ctr));
1501
1502 ieee80211_gtk_rekey_notify(vif, vif->bss_conf.bssid,
1503 (void *)&replay_ctr, GFP_KERNEL);
1504 }
1505
1506out:
1507 mvmvif->seqno_valid = true;
1508 /* +0x10 because the set API expects next-to-use, not last-used */
1509 mvmvif->seqno = le16_to_cpu(status->non_qos_seq_ctr) + 0x10;
1510
1511 return true;
1512}
1513
1514struct iwl_wowlan_status *iwl_mvm_send_wowlan_get_status(struct iwl_mvm *mvm)
1515{
1516 struct iwl_wowlan_status *v7, *status;
1517 struct iwl_host_cmd cmd = {
1518 .id = WOWLAN_GET_STATUSES,
1519 .flags = CMD_WANT_SKB,
1520 };
1521 int ret, len, status_size;
1522
1523 lockdep_assert_held(&mvm->mutex);
1524
1525 ret = iwl_mvm_send_cmd(mvm, &cmd);
1526 if (ret) {
1527 IWL_ERR(mvm, "failed to query wakeup status (%d)\n", ret);
1528 return ERR_PTR(ret);
1529 }
1530
1531 if (!fw_has_api(&mvm->fw->ucode_capa,
1532 IWL_UCODE_TLV_API_WOWLAN_KEY_MATERIAL)) {
1533 struct iwl_wowlan_status_v6 *v6 = (void *)cmd.resp_pkt->data;
1534 int data_size;
1535
1536 status_size = sizeof(*v6);
1537 len = iwl_rx_packet_payload_len(cmd.resp_pkt);
1538
1539 if (len < status_size) {
1540 IWL_ERR(mvm, "Invalid WoWLAN status response!\n");
1541 status = ERR_PTR(-EIO);
1542 goto out_free_resp;
1543 }
1544
1545 data_size = ALIGN(le32_to_cpu(v6->wake_packet_bufsize), 4);
1546
1547 if (len != (status_size + data_size)) {
1548 IWL_ERR(mvm, "Invalid WoWLAN status response!\n");
1549 status = ERR_PTR(-EIO);
1550 goto out_free_resp;
1551 }
1552
1553 status = kzalloc(sizeof(*status) + data_size, GFP_KERNEL);
1554 if (!status)
1555 goto out_free_resp;
1556
1557 BUILD_BUG_ON(sizeof(v6->gtk.decrypt_key) >
1558 sizeof(status->gtk[0].key));
1559 BUILD_BUG_ON(sizeof(v6->gtk.tkip_mic_key) >
1560 sizeof(status->gtk[0].tkip_mic_key));
1561
1562 /* copy GTK info to the right place */
1563 memcpy(status->gtk[0].key, v6->gtk.decrypt_key,
1564 sizeof(v6->gtk.decrypt_key));
1565 memcpy(status->gtk[0].tkip_mic_key, v6->gtk.tkip_mic_key,
1566 sizeof(v6->gtk.tkip_mic_key));
1567 memcpy(&status->gtk[0].rsc, &v6->gtk.rsc,
1568 sizeof(status->gtk[0].rsc));
1569
1570 /* hardcode the key length to 16 since v6 only supports 16 */
1571 status->gtk[0].key_len = 16;
1572
1573 /*
1574 * The key index only uses 2 bits (values 0 to 3) and
1575 * we always set bit 7 which means this is the
1576 * currently used key.
1577 */
1578 status->gtk[0].key_flags = v6->gtk.key_index | BIT(7);
1579
1580 status->replay_ctr = v6->replay_ctr;
1581
1582 /* everything starting from pattern_number is identical */
1583 memcpy(&status->pattern_number, &v6->pattern_number,
1584 offsetof(struct iwl_wowlan_status, wake_packet) -
1585 offsetof(struct iwl_wowlan_status, pattern_number) +
1586 data_size);
1587
1588 goto out_free_resp;
1589 }
1590
1591 v7 = (void *)cmd.resp_pkt->data;
1592 status_size = sizeof(*v7);
1593 len = iwl_rx_packet_payload_len(cmd.resp_pkt);
1594
1595 if (len < status_size) {
1596 IWL_ERR(mvm, "Invalid WoWLAN status response!\n");
1597 status = ERR_PTR(-EIO);
1598 goto out_free_resp;
1599 }
1600
1601 if (len != (status_size +
1602 ALIGN(le32_to_cpu(v7->wake_packet_bufsize), 4))) {
1603 IWL_ERR(mvm, "Invalid WoWLAN status response!\n");
1604 status = ERR_PTR(-EIO);
1605 goto out_free_resp;
1606 }
1607
1608 status = kmemdup(v7, len, GFP_KERNEL);
1609
1610out_free_resp:
1611 iwl_free_resp(&cmd);
1612 return status;
1613}
1614
1615static struct iwl_wowlan_status *
1616iwl_mvm_get_wakeup_status(struct iwl_mvm *mvm)
1617{
1618 int ret;
1619
1620 /* only for tracing for now */
1621 ret = iwl_mvm_send_cmd_pdu(mvm, OFFLOADS_QUERY_CMD, 0, 0, NULL);
1622 if (ret)
1623 IWL_ERR(mvm, "failed to query offload statistics (%d)\n", ret);
1624
1625 return iwl_mvm_send_wowlan_get_status(mvm);
1626}
1627
1628/* releases the MVM mutex */
1629static bool iwl_mvm_query_wakeup_reasons(struct iwl_mvm *mvm,
1630 struct ieee80211_vif *vif)
1631{
1632 struct iwl_wowlan_status_data status;
1633 struct iwl_wowlan_status *fw_status;
1634 int i;
1635 bool keep;
1636 struct iwl_mvm_sta *mvm_ap_sta;
1637
1638 fw_status = iwl_mvm_get_wakeup_status(mvm);
1639 if (IS_ERR_OR_NULL(fw_status))
1640 goto out_unlock;
1641
1642 status.pattern_number = le16_to_cpu(fw_status->pattern_number);
1643 for (i = 0; i < 8; i++)
1644 status.qos_seq_ctr[i] =
1645 le16_to_cpu(fw_status->qos_seq_ctr[i]);
1646 status.wakeup_reasons = le32_to_cpu(fw_status->wakeup_reasons);
1647 status.wake_packet_length =
1648 le32_to_cpu(fw_status->wake_packet_length);
1649 status.wake_packet_bufsize =
1650 le32_to_cpu(fw_status->wake_packet_bufsize);
1651 status.wake_packet = fw_status->wake_packet;
1652
1653 /* still at hard-coded place 0 for D3 image */
1654 mvm_ap_sta = iwl_mvm_sta_from_staid_protected(mvm, 0);
1655 if (!mvm_ap_sta)
1656 goto out_free;
1657
1658 for (i = 0; i < IWL_MAX_TID_COUNT; i++) {
1659 u16 seq = status.qos_seq_ctr[i];
1660 /* firmware stores last-used value, we store next value */
1661 seq += 0x10;
1662 mvm_ap_sta->tid_data[i].seq_number = seq;
1663 }
1664
1665 if (mvm->trans->trans_cfg->device_family >= IWL_DEVICE_FAMILY_22000) {
1666 i = mvm->offload_tid;
1667 iwl_trans_set_q_ptrs(mvm->trans,
1668 mvm_ap_sta->tid_data[i].txq_id,
1669 mvm_ap_sta->tid_data[i].seq_number >> 4);
1670 }
1671
1672 /* now we have all the data we need, unlock to avoid mac80211 issues */
1673 mutex_unlock(&mvm->mutex);
1674
1675 iwl_mvm_report_wakeup_reasons(mvm, vif, &status);
1676
1677 keep = iwl_mvm_setup_connection_keep(mvm, vif, fw_status);
1678
1679 kfree(fw_status);
1680 return keep;
1681
1682out_free:
1683 kfree(fw_status);
1684out_unlock:
1685 mutex_unlock(&mvm->mutex);
1686 return false;
1687}
1688
1689#define ND_QUERY_BUF_LEN (sizeof(struct iwl_scan_offload_profile_match) * \
1690 IWL_SCAN_MAX_PROFILES)
1691
1692struct iwl_mvm_nd_query_results {
1693 u32 matched_profiles;
1694 u8 matches[ND_QUERY_BUF_LEN];
1695};
1696
1697static int
1698iwl_mvm_netdetect_query_results(struct iwl_mvm *mvm,
1699 struct iwl_mvm_nd_query_results *results)
1700{
1701 struct iwl_scan_offload_profiles_query *query;
1702 struct iwl_host_cmd cmd = {
1703 .id = SCAN_OFFLOAD_PROFILES_QUERY_CMD,
1704 .flags = CMD_WANT_SKB,
1705 };
1706 int ret, len;
1707 size_t query_len, matches_len;
1708
1709 ret = iwl_mvm_send_cmd(mvm, &cmd);
1710 if (ret) {
1711 IWL_ERR(mvm, "failed to query matched profiles (%d)\n", ret);
1712 return ret;
1713 }
1714
1715 if (fw_has_api(&mvm->fw->ucode_capa,
1716 IWL_UCODE_TLV_API_SCAN_OFFLOAD_CHANS)) {
1717 query_len = sizeof(struct iwl_scan_offload_profiles_query);
1718 matches_len = sizeof(struct iwl_scan_offload_profile_match) *
1719 IWL_SCAN_MAX_PROFILES;
1720 } else {
1721 query_len = sizeof(struct iwl_scan_offload_profiles_query_v1);
1722 matches_len = sizeof(struct iwl_scan_offload_profile_match_v1) *
1723 IWL_SCAN_MAX_PROFILES;
1724 }
1725
1726 len = iwl_rx_packet_payload_len(cmd.resp_pkt);
1727 if (len < query_len) {
1728 IWL_ERR(mvm, "Invalid scan offload profiles query response!\n");
1729 ret = -EIO;
1730 goto out_free_resp;
1731 }
1732
1733 query = (void *)cmd.resp_pkt->data;
1734
1735 results->matched_profiles = le32_to_cpu(query->matched_profiles);
1736 memcpy(results->matches, query->matches, matches_len);
1737
1738#ifdef CONFIG_IWLWIFI_DEBUGFS
1739 mvm->last_netdetect_scans = le32_to_cpu(query->n_scans_done);
1740#endif
1741
1742out_free_resp:
1743 iwl_free_resp(&cmd);
1744 return ret;
1745}
1746
1747static int iwl_mvm_query_num_match_chans(struct iwl_mvm *mvm,
1748 struct iwl_mvm_nd_query_results *query,
1749 int idx)
1750{
1751 int n_chans = 0, i;
1752
1753 if (fw_has_api(&mvm->fw->ucode_capa,
1754 IWL_UCODE_TLV_API_SCAN_OFFLOAD_CHANS)) {
1755 struct iwl_scan_offload_profile_match *matches =
1756 (struct iwl_scan_offload_profile_match *)query->matches;
1757
1758 for (i = 0; i < SCAN_OFFLOAD_MATCHING_CHANNELS_LEN; i++)
1759 n_chans += hweight8(matches[idx].matching_channels[i]);
1760 } else {
1761 struct iwl_scan_offload_profile_match_v1 *matches =
1762 (struct iwl_scan_offload_profile_match_v1 *)query->matches;
1763
1764 for (i = 0; i < SCAN_OFFLOAD_MATCHING_CHANNELS_LEN_V1; i++)
1765 n_chans += hweight8(matches[idx].matching_channels[i]);
1766 }
1767
1768 return n_chans;
1769}
1770
1771static void iwl_mvm_query_set_freqs(struct iwl_mvm *mvm,
1772 struct iwl_mvm_nd_query_results *query,
1773 struct cfg80211_wowlan_nd_match *match,
1774 int idx)
1775{
1776 int i;
1777
1778 if (fw_has_api(&mvm->fw->ucode_capa,
1779 IWL_UCODE_TLV_API_SCAN_OFFLOAD_CHANS)) {
1780 struct iwl_scan_offload_profile_match *matches =
1781 (struct iwl_scan_offload_profile_match *)query->matches;
1782
1783 for (i = 0; i < SCAN_OFFLOAD_MATCHING_CHANNELS_LEN * 8; i++)
1784 if (matches[idx].matching_channels[i / 8] & (BIT(i % 8)))
1785 match->channels[match->n_channels++] =
1786 mvm->nd_channels[i]->center_freq;
1787 } else {
1788 struct iwl_scan_offload_profile_match_v1 *matches =
1789 (struct iwl_scan_offload_profile_match_v1 *)query->matches;
1790
1791 for (i = 0; i < SCAN_OFFLOAD_MATCHING_CHANNELS_LEN_V1 * 8; i++)
1792 if (matches[idx].matching_channels[i / 8] & (BIT(i % 8)))
1793 match->channels[match->n_channels++] =
1794 mvm->nd_channels[i]->center_freq;
1795 }
1796}
1797
1798static void iwl_mvm_query_netdetect_reasons(struct iwl_mvm *mvm,
1799 struct ieee80211_vif *vif)
1800{
1801 struct cfg80211_wowlan_nd_info *net_detect = NULL;
1802 struct cfg80211_wowlan_wakeup wakeup = {
1803 .pattern_idx = -1,
1804 };
1805 struct cfg80211_wowlan_wakeup *wakeup_report = &wakeup;
1806 struct iwl_mvm_nd_query_results query;
1807 struct iwl_wowlan_status *fw_status;
1808 unsigned long matched_profiles;
1809 u32 reasons = 0;
1810 int i, n_matches, ret;
1811
1812 fw_status = iwl_mvm_get_wakeup_status(mvm);
1813 if (!IS_ERR_OR_NULL(fw_status)) {
1814 reasons = le32_to_cpu(fw_status->wakeup_reasons);
1815 kfree(fw_status);
1816 }
1817
1818 if (reasons & IWL_WOWLAN_WAKEUP_BY_RFKILL_DEASSERTED)
1819 wakeup.rfkill_release = true;
1820
1821 if (reasons != IWL_WOWLAN_WAKEUP_BY_NON_WIRELESS)
1822 goto out;
1823
1824 ret = iwl_mvm_netdetect_query_results(mvm, &query);
1825 if (ret || !query.matched_profiles) {
1826 wakeup_report = NULL;
1827 goto out;
1828 }
1829
1830 matched_profiles = query.matched_profiles;
1831 if (mvm->n_nd_match_sets) {
1832 n_matches = hweight_long(matched_profiles);
1833 } else {
1834 IWL_ERR(mvm, "no net detect match information available\n");
1835 n_matches = 0;
1836 }
1837
1838 net_detect = kzalloc(struct_size(net_detect, matches, n_matches),
1839 GFP_KERNEL);
1840 if (!net_detect || !n_matches)
1841 goto out_report_nd;
1842
1843 for_each_set_bit(i, &matched_profiles, mvm->n_nd_match_sets) {
1844 struct cfg80211_wowlan_nd_match *match;
1845 int idx, n_channels = 0;
1846
1847 n_channels = iwl_mvm_query_num_match_chans(mvm, &query, i);
1848
1849 match = kzalloc(struct_size(match, channels, n_channels),
1850 GFP_KERNEL);
1851 if (!match)
1852 goto out_report_nd;
1853
1854 net_detect->matches[net_detect->n_matches++] = match;
1855
1856 /* We inverted the order of the SSIDs in the scan
1857 * request, so invert the index here.
1858 */
1859 idx = mvm->n_nd_match_sets - i - 1;
1860 match->ssid.ssid_len = mvm->nd_match_sets[idx].ssid.ssid_len;
1861 memcpy(match->ssid.ssid, mvm->nd_match_sets[idx].ssid.ssid,
1862 match->ssid.ssid_len);
1863
1864 if (mvm->n_nd_channels < n_channels)
1865 continue;
1866
1867 iwl_mvm_query_set_freqs(mvm, &query, match, i);
1868 }
1869
1870out_report_nd:
1871 wakeup.net_detect = net_detect;
1872out:
1873 iwl_mvm_free_nd(mvm);
1874
1875 mutex_unlock(&mvm->mutex);
1876 ieee80211_report_wowlan_wakeup(vif, wakeup_report, GFP_KERNEL);
1877
1878 if (net_detect) {
1879 for (i = 0; i < net_detect->n_matches; i++)
1880 kfree(net_detect->matches[i]);
1881 kfree(net_detect);
1882 }
1883}
1884
1885static void iwl_mvm_d3_disconnect_iter(void *data, u8 *mac,
1886 struct ieee80211_vif *vif)
1887{
1888 /* skip the one we keep connection on */
1889 if (data == vif)
1890 return;
1891
1892 if (vif->type == NL80211_IFTYPE_STATION)
1893 ieee80211_resume_disconnect(vif);
1894}
1895
1896static int iwl_mvm_check_rt_status(struct iwl_mvm *mvm,
1897 struct ieee80211_vif *vif)
1898{
1899 u32 base = mvm->trans->dbg.lmac_error_event_table[0];
1900 struct error_table_start {
1901 /* cf. struct iwl_error_event_table */
1902 u32 valid;
1903 u32 error_id;
1904 } err_info;
1905
1906 iwl_trans_read_mem_bytes(mvm->trans, base,
1907 &err_info, sizeof(err_info));
1908
1909 if (err_info.valid &&
1910 err_info.error_id == RF_KILL_INDICATOR_FOR_WOWLAN) {
1911 struct cfg80211_wowlan_wakeup wakeup = {
1912 .rfkill_release = true,
1913 };
1914 ieee80211_report_wowlan_wakeup(vif, &wakeup, GFP_KERNEL);
1915 }
1916 return err_info.valid;
1917}
1918
1919static int __iwl_mvm_resume(struct iwl_mvm *mvm, bool test)
1920{
1921 struct ieee80211_vif *vif = NULL;
1922 int ret = 1;
1923 enum iwl_d3_status d3_status;
1924 bool keep = false;
1925 bool unified_image = fw_has_capa(&mvm->fw->ucode_capa,
1926 IWL_UCODE_TLV_CAPA_CNSLDTD_D3_D0_IMG);
1927 bool d0i3_first = fw_has_capa(&mvm->fw->ucode_capa,
1928 IWL_UCODE_TLV_CAPA_D0I3_END_FIRST);
1929
1930 mutex_lock(&mvm->mutex);
1931
1932 /* get the BSS vif pointer again */
1933 vif = iwl_mvm_get_bss_vif(mvm);
1934 if (IS_ERR_OR_NULL(vif))
1935 goto err;
1936
1937 iwl_fw_dbg_read_d3_debug_data(&mvm->fwrt);
1938
1939 if (iwl_mvm_check_rt_status(mvm, vif)) {
1940 set_bit(STATUS_FW_ERROR, &mvm->trans->status);
1941 iwl_mvm_dump_nic_error_log(mvm);
1942 iwl_fw_dbg_collect_desc(&mvm->fwrt, &iwl_dump_desc_assert,
1943 false, 0);
1944 ret = 1;
1945 goto err;
1946 }
1947
1948 ret = iwl_trans_d3_resume(mvm->trans, &d3_status, test, !unified_image);
1949 if (ret)
1950 goto err;
1951
1952 if (d3_status != IWL_D3_STATUS_ALIVE) {
1953 IWL_INFO(mvm, "Device was reset during suspend\n");
1954 goto err;
1955 }
1956
1957 if (d0i3_first) {
1958 ret = iwl_mvm_send_cmd_pdu(mvm, D0I3_END_CMD, 0, 0, NULL);
1959 if (ret < 0) {
1960 IWL_ERR(mvm, "Failed to send D0I3_END_CMD first (%d)\n",
1961 ret);
1962 goto err;
1963 }
1964 }
1965
1966 /*
1967 * Query the current location and source from the D3 firmware so we
1968 * can play it back when we re-intiailize the D0 firmware
1969 */
1970 iwl_mvm_update_changed_regdom(mvm);
1971
1972 /* Re-configure PPAG settings */
1973 iwl_mvm_ppag_send_cmd(mvm);
1974
1975 if (!unified_image)
1976 /* Re-configure default SAR profile */
1977 iwl_mvm_sar_select_profile(mvm, 1, 1);
1978
1979 if (mvm->net_detect) {
1980 /* If this is a non-unified image, we restart the FW,
1981 * so no need to stop the netdetect scan. If that
1982 * fails, continue and try to get the wake-up reasons,
1983 * but trigger a HW restart by keeping a failure code
1984 * in ret.
1985 */
1986 if (unified_image)
1987 ret = iwl_mvm_scan_stop(mvm, IWL_MVM_SCAN_NETDETECT,
1988 false);
1989
1990 iwl_mvm_query_netdetect_reasons(mvm, vif);
1991 /* has unlocked the mutex, so skip that */
1992 goto out;
1993 } else {
1994 keep = iwl_mvm_query_wakeup_reasons(mvm, vif);
1995#ifdef CONFIG_IWLWIFI_DEBUGFS
1996 if (keep)
1997 mvm->keep_vif = vif;
1998#endif
1999 /* has unlocked the mutex, so skip that */
2000 goto out_iterate;
2001 }
2002
2003err:
2004 iwl_mvm_free_nd(mvm);
2005 mutex_unlock(&mvm->mutex);
2006
2007out_iterate:
2008 if (!test)
2009 ieee80211_iterate_active_interfaces_rtnl(mvm->hw,
2010 IEEE80211_IFACE_ITER_NORMAL,
2011 iwl_mvm_d3_disconnect_iter, keep ? vif : NULL);
2012
2013out:
2014 /* no need to reset the device in unified images, if successful */
2015 if (unified_image && !ret) {
2016 /* nothing else to do if we already sent D0I3_END_CMD */
2017 if (d0i3_first)
2018 return 0;
2019
2020 ret = iwl_mvm_send_cmd_pdu(mvm, D0I3_END_CMD, 0, 0, NULL);
2021 if (!ret)
2022 return 0;
2023 }
2024
2025 /*
2026 * Reconfigure the device in one of the following cases:
2027 * 1. We are not using a unified image
2028 * 2. We are using a unified image but had an error while exiting D3
2029 */
2030 set_bit(IWL_MVM_STATUS_HW_RESTART_REQUESTED, &mvm->status);
2031
2032 return 1;
2033}
2034
2035static int iwl_mvm_resume_d3(struct iwl_mvm *mvm)
2036{
2037 iwl_trans_resume(mvm->trans);
2038
2039 return __iwl_mvm_resume(mvm, false);
2040}
2041
2042int iwl_mvm_resume(struct ieee80211_hw *hw)
2043{
2044 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
2045 int ret;
2046
2047 ret = iwl_mvm_resume_d3(mvm);
2048
2049 mvm->trans->system_pm_mode = IWL_PLAT_PM_MODE_DISABLED;
2050
2051 iwl_mvm_resume_tcm(mvm);
2052
2053 iwl_fw_runtime_resume(&mvm->fwrt);
2054
2055 return ret;
2056}
2057
2058void iwl_mvm_set_wakeup(struct ieee80211_hw *hw, bool enabled)
2059{
2060 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
2061
2062 device_set_wakeup_enable(mvm->trans->dev, enabled);
2063}
2064
2065#ifdef CONFIG_IWLWIFI_DEBUGFS
2066static int iwl_mvm_d3_test_open(struct inode *inode, struct file *file)
2067{
2068 struct iwl_mvm *mvm = inode->i_private;
2069 int err;
2070
2071 if (mvm->d3_test_active)
2072 return -EBUSY;
2073
2074 file->private_data = inode->i_private;
2075
2076 synchronize_net();
2077
2078 mvm->trans->system_pm_mode = IWL_PLAT_PM_MODE_D3;
2079
2080 iwl_mvm_pause_tcm(mvm, true);
2081
2082 iwl_fw_runtime_suspend(&mvm->fwrt);
2083
2084 /* start pseudo D3 */
2085 rtnl_lock();
2086 err = __iwl_mvm_suspend(mvm->hw, mvm->hw->wiphy->wowlan_config, true);
2087 rtnl_unlock();
2088 if (err > 0)
2089 err = -EINVAL;
2090 if (err)
2091 return err;
2092
2093 mvm->d3_test_active = true;
2094 mvm->keep_vif = NULL;
2095 return 0;
2096}
2097
2098static ssize_t iwl_mvm_d3_test_read(struct file *file, char __user *user_buf,
2099 size_t count, loff_t *ppos)
2100{
2101 struct iwl_mvm *mvm = file->private_data;
2102 u32 pme_asserted;
2103
2104 while (true) {
2105 /* read pme_ptr if available */
2106 if (mvm->d3_test_pme_ptr) {
2107 pme_asserted = iwl_trans_read_mem32(mvm->trans,
2108 mvm->d3_test_pme_ptr);
2109 if (pme_asserted)
2110 break;
2111 }
2112
2113 if (msleep_interruptible(100))
2114 break;
2115 }
2116
2117 return 0;
2118}
2119
2120static void iwl_mvm_d3_test_disconn_work_iter(void *_data, u8 *mac,
2121 struct ieee80211_vif *vif)
2122{
2123 /* skip the one we keep connection on */
2124 if (_data == vif)
2125 return;
2126
2127 if (vif->type == NL80211_IFTYPE_STATION)
2128 ieee80211_connection_loss(vif);
2129}
2130
2131static int iwl_mvm_d3_test_release(struct inode *inode, struct file *file)
2132{
2133 struct iwl_mvm *mvm = inode->i_private;
2134 bool unified_image = fw_has_capa(&mvm->fw->ucode_capa,
2135 IWL_UCODE_TLV_CAPA_CNSLDTD_D3_D0_IMG);
2136
2137 mvm->d3_test_active = false;
2138
2139 iwl_fw_dbg_read_d3_debug_data(&mvm->fwrt);
2140
2141 rtnl_lock();
2142 __iwl_mvm_resume(mvm, true);
2143 rtnl_unlock();
2144
2145 iwl_mvm_resume_tcm(mvm);
2146
2147 iwl_fw_runtime_resume(&mvm->fwrt);
2148
2149 mvm->trans->system_pm_mode = IWL_PLAT_PM_MODE_DISABLED;
2150
2151 iwl_abort_notification_waits(&mvm->notif_wait);
2152 if (!unified_image) {
2153 int remaining_time = 10;
2154
2155 ieee80211_restart_hw(mvm->hw);
2156
2157 /* wait for restart and disconnect all interfaces */
2158 while (test_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status) &&
2159 remaining_time > 0) {
2160 remaining_time--;
2161 msleep(1000);
2162 }
2163
2164 if (remaining_time == 0)
2165 IWL_ERR(mvm, "Timed out waiting for HW restart!\n");
2166 }
2167
2168 ieee80211_iterate_active_interfaces_atomic(
2169 mvm->hw, IEEE80211_IFACE_ITER_NORMAL,
2170 iwl_mvm_d3_test_disconn_work_iter, mvm->keep_vif);
2171
2172 return 0;
2173}
2174
2175const struct file_operations iwl_dbgfs_d3_test_ops = {
2176 .llseek = no_llseek,
2177 .open = iwl_mvm_d3_test_open,
2178 .read = iwl_mvm_d3_test_read,
2179 .release = iwl_mvm_d3_test_release,
2180};
2181#endif