1 /****************************************************************************** 2 * 3 * This file is provided under a dual BSD/GPLv2 license. When using or 4 * redistributing this file, you may do so under either license. 5 * 6 * GPL LICENSE SUMMARY 7 * 8 * Copyright(c) 2012 - 2014 Intel Corporation. All rights reserved. 9 * Copyright(c) 2013 - 2015 Intel Mobile Communications GmbH 10 * 11 * This program is free software; you can redistribute it and/or modify 12 * it under the terms of version 2 of the GNU General Public License as 13 * published by the Free Software Foundation. 14 * 15 * This program is distributed in the hope that it will be useful, but 16 * WITHOUT ANY WARRANTY; without even the implied warranty of 17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 18 * General Public License for more details. 19 * 20 * You should have received a copy of the GNU General Public License 21 * along with this program; if not, write to the Free Software 22 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110, 23 * USA 24 * 25 * The full GNU General Public License is included in this distribution 26 * in the file called COPYING. 27 * 28 * Contact Information: 29 * Intel Linux Wireless <linuxwifi@intel.com> 30 * Intel Corporation, 5200 N.E. Elam Young Parkway, Hillsboro, OR 97124-6497 31 * 32 * BSD LICENSE 33 * 34 * Copyright(c) 2012 - 2014 Intel Corporation. All rights reserved. 35 * Copyright(c) 2013 - 2015 Intel Mobile Communications GmbH 36 * All rights reserved. 37 * 38 * Redistribution and use in source and binary forms, with or without 39 * modification, are permitted provided that the following conditions 40 * are met: 41 * 42 * * Redistributions of source code must retain the above copyright 43 * notice, this list of conditions and the following disclaimer. 44 * * Redistributions in binary form must reproduce the above copyright 45 * notice, this list of conditions and the following disclaimer in 46 * the documentation and/or other materials provided with the 47 * distribution. 48 * * Neither the name Intel Corporation nor the names of its 49 * contributors may be used to endorse or promote products derived 50 * from this software without specific prior written permission. 51 * 52 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 53 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 54 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 55 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 56 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 57 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 58 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 59 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 60 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 61 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 62 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 63 * 64 *****************************************************************************/ 65 66 #include <linux/etherdevice.h> 67 #include <linux/ip.h> 68 #include <linux/fs.h> 69 #include <net/cfg80211.h> 70 #include <net/ipv6.h> 71 #include <net/tcp.h> 72 #include <net/addrconf.h> 73 #include "iwl-modparams.h" 74 #include "fw-api.h" 75 #include "mvm.h" 76 77 void iwl_mvm_set_rekey_data(struct ieee80211_hw *hw, 78 struct ieee80211_vif *vif, 79 struct cfg80211_gtk_rekey_data *data) 80 { 81 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 82 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 83 84 if (iwlwifi_mod_params.sw_crypto) 85 return; 86 87 mutex_lock(&mvm->mutex); 88 89 memcpy(mvmvif->rekey_data.kek, data->kek, NL80211_KEK_LEN); 90 memcpy(mvmvif->rekey_data.kck, data->kck, NL80211_KCK_LEN); 91 mvmvif->rekey_data.replay_ctr = 92 cpu_to_le64(be64_to_cpup((__be64 *)&data->replay_ctr)); 93 mvmvif->rekey_data.valid = true; 94 95 mutex_unlock(&mvm->mutex); 96 } 97 98 #if IS_ENABLED(CONFIG_IPV6) 99 void iwl_mvm_ipv6_addr_change(struct ieee80211_hw *hw, 100 struct ieee80211_vif *vif, 101 struct inet6_dev *idev) 102 { 103 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 104 struct inet6_ifaddr *ifa; 105 int idx = 0; 106 107 memset(mvmvif->tentative_addrs, 0, sizeof(mvmvif->tentative_addrs)); 108 109 read_lock_bh(&idev->lock); 110 list_for_each_entry(ifa, &idev->addr_list, if_list) { 111 mvmvif->target_ipv6_addrs[idx] = ifa->addr; 112 if (ifa->flags & IFA_F_TENTATIVE) 113 __set_bit(idx, mvmvif->tentative_addrs); 114 idx++; 115 if (idx >= IWL_PROTO_OFFLOAD_NUM_IPV6_ADDRS_MAX) 116 break; 117 } 118 read_unlock_bh(&idev->lock); 119 120 mvmvif->num_target_ipv6_addrs = idx; 121 } 122 #endif 123 124 void iwl_mvm_set_default_unicast_key(struct ieee80211_hw *hw, 125 struct ieee80211_vif *vif, int idx) 126 { 127 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 128 129 mvmvif->tx_key_idx = idx; 130 } 131 132 static void iwl_mvm_convert_p1k(u16 *p1k, __le16 *out) 133 { 134 int i; 135 136 for (i = 0; i < IWL_P1K_SIZE; i++) 137 out[i] = cpu_to_le16(p1k[i]); 138 } 139 140 static const u8 *iwl_mvm_find_max_pn(struct ieee80211_key_conf *key, 141 struct iwl_mvm_key_pn *ptk_pn, 142 struct ieee80211_key_seq *seq, 143 int tid, int queues) 144 { 145 const u8 *ret = seq->ccmp.pn; 146 int i; 147 148 /* get the PN from mac80211, used on the default queue */ 149 ieee80211_get_key_rx_seq(key, tid, seq); 150 151 /* and use the internal data for the other queues */ 152 for (i = 1; i < queues; i++) { 153 const u8 *tmp = ptk_pn->q[i].pn[tid]; 154 155 if (memcmp(ret, tmp, IEEE80211_CCMP_PN_LEN) <= 0) 156 ret = tmp; 157 } 158 159 return ret; 160 } 161 162 struct wowlan_key_data { 163 struct iwl_wowlan_rsc_tsc_params_cmd *rsc_tsc; 164 struct iwl_wowlan_tkip_params_cmd *tkip; 165 bool error, use_rsc_tsc, use_tkip, configure_keys; 166 int wep_key_idx; 167 }; 168 169 static void iwl_mvm_wowlan_program_keys(struct ieee80211_hw *hw, 170 struct ieee80211_vif *vif, 171 struct ieee80211_sta *sta, 172 struct ieee80211_key_conf *key, 173 void *_data) 174 { 175 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 176 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 177 struct wowlan_key_data *data = _data; 178 struct aes_sc *aes_sc, *aes_tx_sc = NULL; 179 struct tkip_sc *tkip_sc, *tkip_tx_sc = NULL; 180 struct iwl_p1k_cache *rx_p1ks; 181 u8 *rx_mic_key; 182 struct ieee80211_key_seq seq; 183 u32 cur_rx_iv32 = 0; 184 u16 p1k[IWL_P1K_SIZE]; 185 int ret, i; 186 187 switch (key->cipher) { 188 case WLAN_CIPHER_SUITE_WEP40: 189 case WLAN_CIPHER_SUITE_WEP104: { /* hack it for now */ 190 struct { 191 struct iwl_mvm_wep_key_cmd wep_key_cmd; 192 struct iwl_mvm_wep_key wep_key; 193 } __packed wkc = { 194 .wep_key_cmd.mac_id_n_color = 195 cpu_to_le32(FW_CMD_ID_AND_COLOR(mvmvif->id, 196 mvmvif->color)), 197 .wep_key_cmd.num_keys = 1, 198 /* firmware sets STA_KEY_FLG_WEP_13BYTES */ 199 .wep_key_cmd.decryption_type = STA_KEY_FLG_WEP, 200 .wep_key.key_index = key->keyidx, 201 .wep_key.key_size = key->keylen, 202 }; 203 204 /* 205 * This will fail -- the key functions don't set support 206 * pairwise WEP keys. However, that's better than silently 207 * failing WoWLAN. Or maybe not? 208 */ 209 if (key->flags & IEEE80211_KEY_FLAG_PAIRWISE) 210 break; 211 212 memcpy(&wkc.wep_key.key[3], key->key, key->keylen); 213 if (key->keyidx == mvmvif->tx_key_idx) { 214 /* TX key must be at offset 0 */ 215 wkc.wep_key.key_offset = 0; 216 } else { 217 /* others start at 1 */ 218 data->wep_key_idx++; 219 wkc.wep_key.key_offset = data->wep_key_idx; 220 } 221 222 if (data->configure_keys) { 223 mutex_lock(&mvm->mutex); 224 ret = iwl_mvm_send_cmd_pdu(mvm, WEP_KEY, 0, 225 sizeof(wkc), &wkc); 226 data->error = ret != 0; 227 228 mvm->ptk_ivlen = key->iv_len; 229 mvm->ptk_icvlen = key->icv_len; 230 mvm->gtk_ivlen = key->iv_len; 231 mvm->gtk_icvlen = key->icv_len; 232 mutex_unlock(&mvm->mutex); 233 } 234 235 /* don't upload key again */ 236 return; 237 } 238 default: 239 data->error = true; 240 return; 241 case WLAN_CIPHER_SUITE_AES_CMAC: 242 /* 243 * Ignore CMAC keys -- the WoWLAN firmware doesn't support them 244 * but we also shouldn't abort suspend due to that. It does have 245 * support for the IGTK key renewal, but doesn't really use the 246 * IGTK for anything. This means we could spuriously wake up or 247 * be deauthenticated, but that was considered acceptable. 248 */ 249 return; 250 case WLAN_CIPHER_SUITE_TKIP: 251 if (sta) { 252 tkip_sc = data->rsc_tsc->all_tsc_rsc.tkip.unicast_rsc; 253 tkip_tx_sc = &data->rsc_tsc->all_tsc_rsc.tkip.tsc; 254 255 rx_p1ks = data->tkip->rx_uni; 256 257 ieee80211_get_key_tx_seq(key, &seq); 258 tkip_tx_sc->iv16 = cpu_to_le16(seq.tkip.iv16); 259 tkip_tx_sc->iv32 = cpu_to_le32(seq.tkip.iv32); 260 261 ieee80211_get_tkip_p1k_iv(key, seq.tkip.iv32, p1k); 262 iwl_mvm_convert_p1k(p1k, data->tkip->tx.p1k); 263 264 memcpy(data->tkip->mic_keys.tx, 265 &key->key[NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY], 266 IWL_MIC_KEY_SIZE); 267 268 rx_mic_key = data->tkip->mic_keys.rx_unicast; 269 } else { 270 tkip_sc = 271 data->rsc_tsc->all_tsc_rsc.tkip.multicast_rsc; 272 rx_p1ks = data->tkip->rx_multi; 273 rx_mic_key = data->tkip->mic_keys.rx_mcast; 274 } 275 276 /* 277 * For non-QoS this relies on the fact that both the uCode and 278 * mac80211 use TID 0 (as they need to to avoid replay attacks) 279 * for checking the IV in the frames. 280 */ 281 for (i = 0; i < IWL_NUM_RSC; i++) { 282 ieee80211_get_key_rx_seq(key, i, &seq); 283 tkip_sc[i].iv16 = cpu_to_le16(seq.tkip.iv16); 284 tkip_sc[i].iv32 = cpu_to_le32(seq.tkip.iv32); 285 /* wrapping isn't allowed, AP must rekey */ 286 if (seq.tkip.iv32 > cur_rx_iv32) 287 cur_rx_iv32 = seq.tkip.iv32; 288 } 289 290 ieee80211_get_tkip_rx_p1k(key, vif->bss_conf.bssid, 291 cur_rx_iv32, p1k); 292 iwl_mvm_convert_p1k(p1k, rx_p1ks[0].p1k); 293 ieee80211_get_tkip_rx_p1k(key, vif->bss_conf.bssid, 294 cur_rx_iv32 + 1, p1k); 295 iwl_mvm_convert_p1k(p1k, rx_p1ks[1].p1k); 296 297 memcpy(rx_mic_key, 298 &key->key[NL80211_TKIP_DATA_OFFSET_RX_MIC_KEY], 299 IWL_MIC_KEY_SIZE); 300 301 data->use_tkip = true; 302 data->use_rsc_tsc = true; 303 break; 304 case WLAN_CIPHER_SUITE_CCMP: 305 if (sta) { 306 u64 pn64; 307 308 aes_sc = data->rsc_tsc->all_tsc_rsc.aes.unicast_rsc; 309 aes_tx_sc = &data->rsc_tsc->all_tsc_rsc.aes.tsc; 310 311 pn64 = atomic64_read(&key->tx_pn); 312 aes_tx_sc->pn = cpu_to_le64(pn64); 313 } else { 314 aes_sc = data->rsc_tsc->all_tsc_rsc.aes.multicast_rsc; 315 } 316 317 /* 318 * For non-QoS this relies on the fact that both the uCode and 319 * mac80211/our RX code use TID 0 for checking the PN. 320 */ 321 if (sta && iwl_mvm_has_new_rx_api(mvm)) { 322 struct iwl_mvm_sta *mvmsta; 323 struct iwl_mvm_key_pn *ptk_pn; 324 const u8 *pn; 325 326 mvmsta = iwl_mvm_sta_from_mac80211(sta); 327 ptk_pn = rcu_dereference_protected( 328 mvmsta->ptk_pn[key->keyidx], 329 lockdep_is_held(&mvm->mutex)); 330 if (WARN_ON(!ptk_pn)) 331 break; 332 333 for (i = 0; i < IWL_MAX_TID_COUNT; i++) { 334 pn = iwl_mvm_find_max_pn(key, ptk_pn, &seq, i, 335 mvm->trans->num_rx_queues); 336 aes_sc[i].pn = cpu_to_le64((u64)pn[5] | 337 ((u64)pn[4] << 8) | 338 ((u64)pn[3] << 16) | 339 ((u64)pn[2] << 24) | 340 ((u64)pn[1] << 32) | 341 ((u64)pn[0] << 40)); 342 } 343 } else { 344 for (i = 0; i < IWL_NUM_RSC; i++) { 345 u8 *pn = seq.ccmp.pn; 346 347 ieee80211_get_key_rx_seq(key, i, &seq); 348 aes_sc[i].pn = cpu_to_le64((u64)pn[5] | 349 ((u64)pn[4] << 8) | 350 ((u64)pn[3] << 16) | 351 ((u64)pn[2] << 24) | 352 ((u64)pn[1] << 32) | 353 ((u64)pn[0] << 40)); 354 } 355 } 356 data->use_rsc_tsc = true; 357 break; 358 } 359 360 if (data->configure_keys) { 361 mutex_lock(&mvm->mutex); 362 /* 363 * The D3 firmware hardcodes the key offset 0 as the key it 364 * uses to transmit packets to the AP, i.e. the PTK. 365 */ 366 if (key->flags & IEEE80211_KEY_FLAG_PAIRWISE) { 367 mvm->ptk_ivlen = key->iv_len; 368 mvm->ptk_icvlen = key->icv_len; 369 ret = iwl_mvm_set_sta_key(mvm, vif, sta, key, 0); 370 } else { 371 /* 372 * firmware only supports TSC/RSC for a single key, 373 * so if there are multiple keep overwriting them 374 * with new ones -- this relies on mac80211 doing 375 * list_add_tail(). 376 */ 377 mvm->gtk_ivlen = key->iv_len; 378 mvm->gtk_icvlen = key->icv_len; 379 ret = iwl_mvm_set_sta_key(mvm, vif, sta, key, 1); 380 } 381 mutex_unlock(&mvm->mutex); 382 data->error = ret != 0; 383 } 384 } 385 386 static int iwl_mvm_send_patterns(struct iwl_mvm *mvm, 387 struct cfg80211_wowlan *wowlan) 388 { 389 struct iwl_wowlan_patterns_cmd *pattern_cmd; 390 struct iwl_host_cmd cmd = { 391 .id = WOWLAN_PATTERNS, 392 .dataflags[0] = IWL_HCMD_DFL_NOCOPY, 393 }; 394 int i, err; 395 396 if (!wowlan->n_patterns) 397 return 0; 398 399 cmd.len[0] = sizeof(*pattern_cmd) + 400 wowlan->n_patterns * sizeof(struct iwl_wowlan_pattern); 401 402 pattern_cmd = kmalloc(cmd.len[0], GFP_KERNEL); 403 if (!pattern_cmd) 404 return -ENOMEM; 405 406 pattern_cmd->n_patterns = cpu_to_le32(wowlan->n_patterns); 407 408 for (i = 0; i < wowlan->n_patterns; i++) { 409 int mask_len = DIV_ROUND_UP(wowlan->patterns[i].pattern_len, 8); 410 411 memcpy(&pattern_cmd->patterns[i].mask, 412 wowlan->patterns[i].mask, mask_len); 413 memcpy(&pattern_cmd->patterns[i].pattern, 414 wowlan->patterns[i].pattern, 415 wowlan->patterns[i].pattern_len); 416 pattern_cmd->patterns[i].mask_size = mask_len; 417 pattern_cmd->patterns[i].pattern_size = 418 wowlan->patterns[i].pattern_len; 419 } 420 421 cmd.data[0] = pattern_cmd; 422 err = iwl_mvm_send_cmd(mvm, &cmd); 423 kfree(pattern_cmd); 424 return err; 425 } 426 427 enum iwl_mvm_tcp_packet_type { 428 MVM_TCP_TX_SYN, 429 MVM_TCP_RX_SYNACK, 430 MVM_TCP_TX_DATA, 431 MVM_TCP_RX_ACK, 432 MVM_TCP_RX_WAKE, 433 MVM_TCP_TX_FIN, 434 }; 435 436 static __le16 pseudo_hdr_check(int len, __be32 saddr, __be32 daddr) 437 { 438 __sum16 check = tcp_v4_check(len, saddr, daddr, 0); 439 return cpu_to_le16(be16_to_cpu((__force __be16)check)); 440 } 441 442 static void iwl_mvm_build_tcp_packet(struct ieee80211_vif *vif, 443 struct cfg80211_wowlan_tcp *tcp, 444 void *_pkt, u8 *mask, 445 __le16 *pseudo_hdr_csum, 446 enum iwl_mvm_tcp_packet_type ptype) 447 { 448 struct { 449 struct ethhdr eth; 450 struct iphdr ip; 451 struct tcphdr tcp; 452 u8 data[]; 453 } __packed *pkt = _pkt; 454 u16 ip_tot_len = sizeof(struct iphdr) + sizeof(struct tcphdr); 455 int i; 456 457 pkt->eth.h_proto = cpu_to_be16(ETH_P_IP), 458 pkt->ip.version = 4; 459 pkt->ip.ihl = 5; 460 pkt->ip.protocol = IPPROTO_TCP; 461 462 switch (ptype) { 463 case MVM_TCP_TX_SYN: 464 case MVM_TCP_TX_DATA: 465 case MVM_TCP_TX_FIN: 466 memcpy(pkt->eth.h_dest, tcp->dst_mac, ETH_ALEN); 467 memcpy(pkt->eth.h_source, vif->addr, ETH_ALEN); 468 pkt->ip.ttl = 128; 469 pkt->ip.saddr = tcp->src; 470 pkt->ip.daddr = tcp->dst; 471 pkt->tcp.source = cpu_to_be16(tcp->src_port); 472 pkt->tcp.dest = cpu_to_be16(tcp->dst_port); 473 /* overwritten for TX SYN later */ 474 pkt->tcp.doff = sizeof(struct tcphdr) / 4; 475 pkt->tcp.window = cpu_to_be16(65000); 476 break; 477 case MVM_TCP_RX_SYNACK: 478 case MVM_TCP_RX_ACK: 479 case MVM_TCP_RX_WAKE: 480 memcpy(pkt->eth.h_dest, vif->addr, ETH_ALEN); 481 memcpy(pkt->eth.h_source, tcp->dst_mac, ETH_ALEN); 482 pkt->ip.saddr = tcp->dst; 483 pkt->ip.daddr = tcp->src; 484 pkt->tcp.source = cpu_to_be16(tcp->dst_port); 485 pkt->tcp.dest = cpu_to_be16(tcp->src_port); 486 break; 487 default: 488 WARN_ON(1); 489 return; 490 } 491 492 switch (ptype) { 493 case MVM_TCP_TX_SYN: 494 /* firmware assumes 8 option bytes - 8 NOPs for now */ 495 memset(pkt->data, 0x01, 8); 496 ip_tot_len += 8; 497 pkt->tcp.doff = (sizeof(struct tcphdr) + 8) / 4; 498 pkt->tcp.syn = 1; 499 break; 500 case MVM_TCP_TX_DATA: 501 ip_tot_len += tcp->payload_len; 502 memcpy(pkt->data, tcp->payload, tcp->payload_len); 503 pkt->tcp.psh = 1; 504 pkt->tcp.ack = 1; 505 break; 506 case MVM_TCP_TX_FIN: 507 pkt->tcp.fin = 1; 508 pkt->tcp.ack = 1; 509 break; 510 case MVM_TCP_RX_SYNACK: 511 pkt->tcp.syn = 1; 512 pkt->tcp.ack = 1; 513 break; 514 case MVM_TCP_RX_ACK: 515 pkt->tcp.ack = 1; 516 break; 517 case MVM_TCP_RX_WAKE: 518 ip_tot_len += tcp->wake_len; 519 pkt->tcp.psh = 1; 520 pkt->tcp.ack = 1; 521 memcpy(pkt->data, tcp->wake_data, tcp->wake_len); 522 break; 523 } 524 525 switch (ptype) { 526 case MVM_TCP_TX_SYN: 527 case MVM_TCP_TX_DATA: 528 case MVM_TCP_TX_FIN: 529 pkt->ip.tot_len = cpu_to_be16(ip_tot_len); 530 pkt->ip.check = ip_fast_csum(&pkt->ip, pkt->ip.ihl); 531 break; 532 case MVM_TCP_RX_WAKE: 533 for (i = 0; i < DIV_ROUND_UP(tcp->wake_len, 8); i++) { 534 u8 tmp = tcp->wake_mask[i]; 535 mask[i + 6] |= tmp << 6; 536 if (i + 1 < DIV_ROUND_UP(tcp->wake_len, 8)) 537 mask[i + 7] = tmp >> 2; 538 } 539 /* fall through for ethernet/IP/TCP headers mask */ 540 case MVM_TCP_RX_SYNACK: 541 case MVM_TCP_RX_ACK: 542 mask[0] = 0xff; /* match ethernet */ 543 /* 544 * match ethernet, ip.version, ip.ihl 545 * the ip.ihl half byte is really masked out by firmware 546 */ 547 mask[1] = 0x7f; 548 mask[2] = 0x80; /* match ip.protocol */ 549 mask[3] = 0xfc; /* match ip.saddr, ip.daddr */ 550 mask[4] = 0x3f; /* match ip.daddr, tcp.source, tcp.dest */ 551 mask[5] = 0x80; /* match tcp flags */ 552 /* leave rest (0 or set for MVM_TCP_RX_WAKE) */ 553 break; 554 }; 555 556 *pseudo_hdr_csum = pseudo_hdr_check(ip_tot_len - sizeof(struct iphdr), 557 pkt->ip.saddr, pkt->ip.daddr); 558 } 559 560 static int iwl_mvm_send_remote_wake_cfg(struct iwl_mvm *mvm, 561 struct ieee80211_vif *vif, 562 struct cfg80211_wowlan_tcp *tcp) 563 { 564 struct iwl_wowlan_remote_wake_config *cfg; 565 struct iwl_host_cmd cmd = { 566 .id = REMOTE_WAKE_CONFIG_CMD, 567 .len = { sizeof(*cfg), }, 568 .dataflags = { IWL_HCMD_DFL_NOCOPY, }, 569 }; 570 int ret; 571 572 if (!tcp) 573 return 0; 574 575 cfg = kzalloc(sizeof(*cfg), GFP_KERNEL); 576 if (!cfg) 577 return -ENOMEM; 578 cmd.data[0] = cfg; 579 580 cfg->max_syn_retries = 10; 581 cfg->max_data_retries = 10; 582 cfg->tcp_syn_ack_timeout = 1; /* seconds */ 583 cfg->tcp_ack_timeout = 1; /* seconds */ 584 585 /* SYN (TX) */ 586 iwl_mvm_build_tcp_packet( 587 vif, tcp, cfg->syn_tx.data, NULL, 588 &cfg->syn_tx.info.tcp_pseudo_header_checksum, 589 MVM_TCP_TX_SYN); 590 cfg->syn_tx.info.tcp_payload_length = 0; 591 592 /* SYN/ACK (RX) */ 593 iwl_mvm_build_tcp_packet( 594 vif, tcp, cfg->synack_rx.data, cfg->synack_rx.rx_mask, 595 &cfg->synack_rx.info.tcp_pseudo_header_checksum, 596 MVM_TCP_RX_SYNACK); 597 cfg->synack_rx.info.tcp_payload_length = 0; 598 599 /* KEEPALIVE/ACK (TX) */ 600 iwl_mvm_build_tcp_packet( 601 vif, tcp, cfg->keepalive_tx.data, NULL, 602 &cfg->keepalive_tx.info.tcp_pseudo_header_checksum, 603 MVM_TCP_TX_DATA); 604 cfg->keepalive_tx.info.tcp_payload_length = 605 cpu_to_le16(tcp->payload_len); 606 cfg->sequence_number_offset = tcp->payload_seq.offset; 607 /* length must be 0..4, the field is little endian */ 608 cfg->sequence_number_length = tcp->payload_seq.len; 609 cfg->initial_sequence_number = cpu_to_le32(tcp->payload_seq.start); 610 cfg->keepalive_interval = cpu_to_le16(tcp->data_interval); 611 if (tcp->payload_tok.len) { 612 cfg->token_offset = tcp->payload_tok.offset; 613 cfg->token_length = tcp->payload_tok.len; 614 cfg->num_tokens = 615 cpu_to_le16(tcp->tokens_size % tcp->payload_tok.len); 616 memcpy(cfg->tokens, tcp->payload_tok.token_stream, 617 tcp->tokens_size); 618 } else { 619 /* set tokens to max value to almost never run out */ 620 cfg->num_tokens = cpu_to_le16(65535); 621 } 622 623 /* ACK (RX) */ 624 iwl_mvm_build_tcp_packet( 625 vif, tcp, cfg->keepalive_ack_rx.data, 626 cfg->keepalive_ack_rx.rx_mask, 627 &cfg->keepalive_ack_rx.info.tcp_pseudo_header_checksum, 628 MVM_TCP_RX_ACK); 629 cfg->keepalive_ack_rx.info.tcp_payload_length = 0; 630 631 /* WAKEUP (RX) */ 632 iwl_mvm_build_tcp_packet( 633 vif, tcp, cfg->wake_rx.data, cfg->wake_rx.rx_mask, 634 &cfg->wake_rx.info.tcp_pseudo_header_checksum, 635 MVM_TCP_RX_WAKE); 636 cfg->wake_rx.info.tcp_payload_length = 637 cpu_to_le16(tcp->wake_len); 638 639 /* FIN */ 640 iwl_mvm_build_tcp_packet( 641 vif, tcp, cfg->fin_tx.data, NULL, 642 &cfg->fin_tx.info.tcp_pseudo_header_checksum, 643 MVM_TCP_TX_FIN); 644 cfg->fin_tx.info.tcp_payload_length = 0; 645 646 ret = iwl_mvm_send_cmd(mvm, &cmd); 647 kfree(cfg); 648 649 return ret; 650 } 651 652 static int iwl_mvm_d3_reprogram(struct iwl_mvm *mvm, struct ieee80211_vif *vif, 653 struct ieee80211_sta *ap_sta) 654 { 655 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 656 struct ieee80211_chanctx_conf *ctx; 657 u8 chains_static, chains_dynamic; 658 struct cfg80211_chan_def chandef; 659 int ret, i; 660 struct iwl_binding_cmd binding_cmd = {}; 661 struct iwl_time_quota_cmd quota_cmd = {}; 662 u32 status; 663 664 /* add back the PHY */ 665 if (WARN_ON(!mvmvif->phy_ctxt)) 666 return -EINVAL; 667 668 rcu_read_lock(); 669 ctx = rcu_dereference(vif->chanctx_conf); 670 if (WARN_ON(!ctx)) { 671 rcu_read_unlock(); 672 return -EINVAL; 673 } 674 chandef = ctx->def; 675 chains_static = ctx->rx_chains_static; 676 chains_dynamic = ctx->rx_chains_dynamic; 677 rcu_read_unlock(); 678 679 ret = iwl_mvm_phy_ctxt_add(mvm, mvmvif->phy_ctxt, &chandef, 680 chains_static, chains_dynamic); 681 if (ret) 682 return ret; 683 684 /* add back the MAC */ 685 mvmvif->uploaded = false; 686 687 if (WARN_ON(!vif->bss_conf.assoc)) 688 return -EINVAL; 689 690 ret = iwl_mvm_mac_ctxt_add(mvm, vif); 691 if (ret) 692 return ret; 693 694 /* add back binding - XXX refactor? */ 695 binding_cmd.id_and_color = 696 cpu_to_le32(FW_CMD_ID_AND_COLOR(mvmvif->phy_ctxt->id, 697 mvmvif->phy_ctxt->color)); 698 binding_cmd.action = cpu_to_le32(FW_CTXT_ACTION_ADD); 699 binding_cmd.phy = 700 cpu_to_le32(FW_CMD_ID_AND_COLOR(mvmvif->phy_ctxt->id, 701 mvmvif->phy_ctxt->color)); 702 binding_cmd.macs[0] = cpu_to_le32(FW_CMD_ID_AND_COLOR(mvmvif->id, 703 mvmvif->color)); 704 for (i = 1; i < MAX_MACS_IN_BINDING; i++) 705 binding_cmd.macs[i] = cpu_to_le32(FW_CTXT_INVALID); 706 707 status = 0; 708 ret = iwl_mvm_send_cmd_pdu_status(mvm, BINDING_CONTEXT_CMD, 709 sizeof(binding_cmd), &binding_cmd, 710 &status); 711 if (ret) { 712 IWL_ERR(mvm, "Failed to add binding: %d\n", ret); 713 return ret; 714 } 715 716 if (status) { 717 IWL_ERR(mvm, "Binding command failed: %u\n", status); 718 return -EIO; 719 } 720 721 ret = iwl_mvm_sta_send_to_fw(mvm, ap_sta, false); 722 if (ret) 723 return ret; 724 rcu_assign_pointer(mvm->fw_id_to_mac_id[mvmvif->ap_sta_id], ap_sta); 725 726 ret = iwl_mvm_mac_ctxt_changed(mvm, vif, false, NULL); 727 if (ret) 728 return ret; 729 730 /* and some quota */ 731 quota_cmd.quotas[0].id_and_color = 732 cpu_to_le32(FW_CMD_ID_AND_COLOR(mvmvif->phy_ctxt->id, 733 mvmvif->phy_ctxt->color)); 734 quota_cmd.quotas[0].quota = cpu_to_le32(IWL_MVM_MAX_QUOTA); 735 quota_cmd.quotas[0].max_duration = cpu_to_le32(IWL_MVM_MAX_QUOTA); 736 737 for (i = 1; i < MAX_BINDINGS; i++) 738 quota_cmd.quotas[i].id_and_color = cpu_to_le32(FW_CTXT_INVALID); 739 740 ret = iwl_mvm_send_cmd_pdu(mvm, TIME_QUOTA_CMD, 0, 741 sizeof(quota_cmd), "a_cmd); 742 if (ret) 743 IWL_ERR(mvm, "Failed to send quota: %d\n", ret); 744 745 if (iwl_mvm_is_lar_supported(mvm) && iwl_mvm_init_fw_regd(mvm)) 746 IWL_ERR(mvm, "Failed to initialize D3 LAR information\n"); 747 748 return 0; 749 } 750 751 static int iwl_mvm_get_last_nonqos_seq(struct iwl_mvm *mvm, 752 struct ieee80211_vif *vif) 753 { 754 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 755 struct iwl_nonqos_seq_query_cmd query_cmd = { 756 .get_set_flag = cpu_to_le32(IWL_NONQOS_SEQ_GET), 757 .mac_id_n_color = 758 cpu_to_le32(FW_CMD_ID_AND_COLOR(mvmvif->id, 759 mvmvif->color)), 760 }; 761 struct iwl_host_cmd cmd = { 762 .id = NON_QOS_TX_COUNTER_CMD, 763 .flags = CMD_WANT_SKB, 764 }; 765 int err; 766 u32 size; 767 768 cmd.data[0] = &query_cmd; 769 cmd.len[0] = sizeof(query_cmd); 770 771 err = iwl_mvm_send_cmd(mvm, &cmd); 772 if (err) 773 return err; 774 775 size = iwl_rx_packet_payload_len(cmd.resp_pkt); 776 if (size < sizeof(__le16)) { 777 err = -EINVAL; 778 } else { 779 err = le16_to_cpup((__le16 *)cmd.resp_pkt->data); 780 /* firmware returns next, not last-used seqno */ 781 err = (u16) (err - 0x10); 782 } 783 784 iwl_free_resp(&cmd); 785 return err; 786 } 787 788 void iwl_mvm_set_last_nonqos_seq(struct iwl_mvm *mvm, struct ieee80211_vif *vif) 789 { 790 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 791 struct iwl_nonqos_seq_query_cmd query_cmd = { 792 .get_set_flag = cpu_to_le32(IWL_NONQOS_SEQ_SET), 793 .mac_id_n_color = 794 cpu_to_le32(FW_CMD_ID_AND_COLOR(mvmvif->id, 795 mvmvif->color)), 796 .value = cpu_to_le16(mvmvif->seqno), 797 }; 798 799 /* return if called during restart, not resume from D3 */ 800 if (!mvmvif->seqno_valid) 801 return; 802 803 mvmvif->seqno_valid = false; 804 805 if (iwl_mvm_send_cmd_pdu(mvm, NON_QOS_TX_COUNTER_CMD, 0, 806 sizeof(query_cmd), &query_cmd)) 807 IWL_ERR(mvm, "failed to set non-QoS seqno\n"); 808 } 809 810 static int iwl_mvm_switch_to_d3(struct iwl_mvm *mvm) 811 { 812 iwl_mvm_scan_stop(mvm, IWL_MVM_SCAN_REGULAR, true); 813 814 iwl_trans_stop_device(mvm->trans); 815 816 /* 817 * Set the HW restart bit -- this is mostly true as we're 818 * going to load new firmware and reprogram that, though 819 * the reprogramming is going to be manual to avoid adding 820 * all the MACs that aren't support. 821 * We don't have to clear up everything though because the 822 * reprogramming is manual. When we resume, we'll actually 823 * go through a proper restart sequence again to switch 824 * back to the runtime firmware image. 825 */ 826 set_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status); 827 828 /* the fw is reset, so all the keys are cleared */ 829 memset(mvm->fw_key_table, 0, sizeof(mvm->fw_key_table)); 830 831 mvm->ptk_ivlen = 0; 832 mvm->ptk_icvlen = 0; 833 mvm->ptk_ivlen = 0; 834 mvm->ptk_icvlen = 0; 835 836 return iwl_mvm_load_d3_fw(mvm); 837 } 838 839 static int 840 iwl_mvm_get_wowlan_config(struct iwl_mvm *mvm, 841 struct cfg80211_wowlan *wowlan, 842 struct iwl_wowlan_config_cmd *wowlan_config_cmd, 843 struct ieee80211_vif *vif, struct iwl_mvm_vif *mvmvif, 844 struct ieee80211_sta *ap_sta) 845 { 846 int ret; 847 struct iwl_mvm_sta *mvm_ap_sta = iwl_mvm_sta_from_mac80211(ap_sta); 848 849 /* TODO: wowlan_config_cmd->wowlan_ba_teardown_tids */ 850 851 wowlan_config_cmd->is_11n_connection = 852 ap_sta->ht_cap.ht_supported; 853 wowlan_config_cmd->flags = ENABLE_L3_FILTERING | 854 ENABLE_NBNS_FILTERING | ENABLE_DHCP_FILTERING; 855 856 /* Query the last used seqno and set it */ 857 ret = iwl_mvm_get_last_nonqos_seq(mvm, vif); 858 if (ret < 0) 859 return ret; 860 861 wowlan_config_cmd->non_qos_seq = cpu_to_le16(ret); 862 863 iwl_mvm_set_wowlan_qos_seq(mvm_ap_sta, wowlan_config_cmd); 864 865 if (wowlan->disconnect) 866 wowlan_config_cmd->wakeup_filter |= 867 cpu_to_le32(IWL_WOWLAN_WAKEUP_BEACON_MISS | 868 IWL_WOWLAN_WAKEUP_LINK_CHANGE); 869 if (wowlan->magic_pkt) 870 wowlan_config_cmd->wakeup_filter |= 871 cpu_to_le32(IWL_WOWLAN_WAKEUP_MAGIC_PACKET); 872 if (wowlan->gtk_rekey_failure) 873 wowlan_config_cmd->wakeup_filter |= 874 cpu_to_le32(IWL_WOWLAN_WAKEUP_GTK_REKEY_FAIL); 875 if (wowlan->eap_identity_req) 876 wowlan_config_cmd->wakeup_filter |= 877 cpu_to_le32(IWL_WOWLAN_WAKEUP_EAP_IDENT_REQ); 878 if (wowlan->four_way_handshake) 879 wowlan_config_cmd->wakeup_filter |= 880 cpu_to_le32(IWL_WOWLAN_WAKEUP_4WAY_HANDSHAKE); 881 if (wowlan->n_patterns) 882 wowlan_config_cmd->wakeup_filter |= 883 cpu_to_le32(IWL_WOWLAN_WAKEUP_PATTERN_MATCH); 884 885 if (wowlan->rfkill_release) 886 wowlan_config_cmd->wakeup_filter |= 887 cpu_to_le32(IWL_WOWLAN_WAKEUP_RF_KILL_DEASSERT); 888 889 if (wowlan->tcp) { 890 /* 891 * Set the "link change" (really "link lost") flag as well 892 * since that implies losing the TCP connection. 893 */ 894 wowlan_config_cmd->wakeup_filter |= 895 cpu_to_le32(IWL_WOWLAN_WAKEUP_REMOTE_LINK_LOSS | 896 IWL_WOWLAN_WAKEUP_REMOTE_SIGNATURE_TABLE | 897 IWL_WOWLAN_WAKEUP_REMOTE_WAKEUP_PACKET | 898 IWL_WOWLAN_WAKEUP_LINK_CHANGE); 899 } 900 901 return 0; 902 } 903 904 static void 905 iwl_mvm_iter_d0i3_ap_keys(struct iwl_mvm *mvm, 906 struct ieee80211_vif *vif, 907 void (*iter)(struct ieee80211_hw *hw, 908 struct ieee80211_vif *vif, 909 struct ieee80211_sta *sta, 910 struct ieee80211_key_conf *key, 911 void *data), 912 void *data) 913 { 914 struct ieee80211_sta *ap_sta; 915 916 rcu_read_lock(); 917 918 ap_sta = rcu_dereference(mvm->fw_id_to_mac_id[mvm->d0i3_ap_sta_id]); 919 if (IS_ERR_OR_NULL(ap_sta)) 920 goto out; 921 922 ieee80211_iter_keys_rcu(mvm->hw, vif, iter, data); 923 out: 924 rcu_read_unlock(); 925 } 926 927 int iwl_mvm_wowlan_config_key_params(struct iwl_mvm *mvm, 928 struct ieee80211_vif *vif, 929 bool d0i3, 930 u32 cmd_flags) 931 { 932 struct iwl_wowlan_kek_kck_material_cmd kek_kck_cmd = {}; 933 struct iwl_wowlan_tkip_params_cmd tkip_cmd = {}; 934 struct wowlan_key_data key_data = { 935 .configure_keys = !d0i3, 936 .use_rsc_tsc = false, 937 .tkip = &tkip_cmd, 938 .use_tkip = false, 939 }; 940 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 941 int ret; 942 943 key_data.rsc_tsc = kzalloc(sizeof(*key_data.rsc_tsc), GFP_KERNEL); 944 if (!key_data.rsc_tsc) 945 return -ENOMEM; 946 947 /* 948 * if we have to configure keys, call ieee80211_iter_keys(), 949 * as we need non-atomic context in order to take the 950 * required locks. 951 * for the d0i3 we can't use ieee80211_iter_keys(), as 952 * taking (almost) any mutex might result in deadlock. 953 */ 954 if (!d0i3) { 955 /* 956 * Note that currently we don't propagate cmd_flags 957 * to the iterator. In case of key_data.configure_keys, 958 * all the configured commands are SYNC, and 959 * iwl_mvm_wowlan_program_keys() will take care of 960 * locking/unlocking mvm->mutex. 961 */ 962 ieee80211_iter_keys(mvm->hw, vif, 963 iwl_mvm_wowlan_program_keys, 964 &key_data); 965 } else { 966 iwl_mvm_iter_d0i3_ap_keys(mvm, vif, 967 iwl_mvm_wowlan_program_keys, 968 &key_data); 969 } 970 971 if (key_data.error) { 972 ret = -EIO; 973 goto out; 974 } 975 976 if (key_data.use_rsc_tsc) { 977 ret = iwl_mvm_send_cmd_pdu(mvm, 978 WOWLAN_TSC_RSC_PARAM, cmd_flags, 979 sizeof(*key_data.rsc_tsc), 980 key_data.rsc_tsc); 981 if (ret) 982 goto out; 983 } 984 985 if (key_data.use_tkip) { 986 ret = iwl_mvm_send_cmd_pdu(mvm, 987 WOWLAN_TKIP_PARAM, 988 cmd_flags, sizeof(tkip_cmd), 989 &tkip_cmd); 990 if (ret) 991 goto out; 992 } 993 994 /* configure rekey data only if offloaded rekey is supported (d3) */ 995 if (mvmvif->rekey_data.valid && !d0i3) { 996 memset(&kek_kck_cmd, 0, sizeof(kek_kck_cmd)); 997 memcpy(kek_kck_cmd.kck, mvmvif->rekey_data.kck, 998 NL80211_KCK_LEN); 999 kek_kck_cmd.kck_len = cpu_to_le16(NL80211_KCK_LEN); 1000 memcpy(kek_kck_cmd.kek, mvmvif->rekey_data.kek, 1001 NL80211_KEK_LEN); 1002 kek_kck_cmd.kek_len = cpu_to_le16(NL80211_KEK_LEN); 1003 kek_kck_cmd.replay_ctr = mvmvif->rekey_data.replay_ctr; 1004 1005 ret = iwl_mvm_send_cmd_pdu(mvm, 1006 WOWLAN_KEK_KCK_MATERIAL, cmd_flags, 1007 sizeof(kek_kck_cmd), 1008 &kek_kck_cmd); 1009 if (ret) 1010 goto out; 1011 } 1012 ret = 0; 1013 out: 1014 kfree(key_data.rsc_tsc); 1015 return ret; 1016 } 1017 1018 static int 1019 iwl_mvm_wowlan_config(struct iwl_mvm *mvm, 1020 struct cfg80211_wowlan *wowlan, 1021 struct iwl_wowlan_config_cmd *wowlan_config_cmd, 1022 struct ieee80211_vif *vif, struct iwl_mvm_vif *mvmvif, 1023 struct ieee80211_sta *ap_sta) 1024 { 1025 int ret; 1026 1027 ret = iwl_mvm_switch_to_d3(mvm); 1028 if (ret) 1029 return ret; 1030 1031 ret = iwl_mvm_d3_reprogram(mvm, vif, ap_sta); 1032 if (ret) 1033 return ret; 1034 1035 if (!iwlwifi_mod_params.sw_crypto) { 1036 /* 1037 * This needs to be unlocked due to lock ordering 1038 * constraints. Since we're in the suspend path 1039 * that isn't really a problem though. 1040 */ 1041 mutex_unlock(&mvm->mutex); 1042 ret = iwl_mvm_wowlan_config_key_params(mvm, vif, false, 1043 CMD_ASYNC); 1044 mutex_lock(&mvm->mutex); 1045 if (ret) 1046 return ret; 1047 } 1048 1049 ret = iwl_mvm_send_cmd_pdu(mvm, WOWLAN_CONFIGURATION, 0, 1050 sizeof(*wowlan_config_cmd), 1051 wowlan_config_cmd); 1052 if (ret) 1053 return ret; 1054 1055 ret = iwl_mvm_send_patterns(mvm, wowlan); 1056 if (ret) 1057 return ret; 1058 1059 ret = iwl_mvm_send_proto_offload(mvm, vif, false, true, 0); 1060 if (ret) 1061 return ret; 1062 1063 ret = iwl_mvm_send_remote_wake_cfg(mvm, vif, wowlan->tcp); 1064 return ret; 1065 } 1066 1067 static int 1068 iwl_mvm_netdetect_config(struct iwl_mvm *mvm, 1069 struct cfg80211_wowlan *wowlan, 1070 struct cfg80211_sched_scan_request *nd_config, 1071 struct ieee80211_vif *vif) 1072 { 1073 struct iwl_wowlan_config_cmd wowlan_config_cmd = {}; 1074 int ret; 1075 1076 ret = iwl_mvm_switch_to_d3(mvm); 1077 if (ret) 1078 return ret; 1079 1080 /* rfkill release can be either for wowlan or netdetect */ 1081 if (wowlan->rfkill_release) 1082 wowlan_config_cmd.wakeup_filter |= 1083 cpu_to_le32(IWL_WOWLAN_WAKEUP_RF_KILL_DEASSERT); 1084 1085 ret = iwl_mvm_send_cmd_pdu(mvm, WOWLAN_CONFIGURATION, 0, 1086 sizeof(wowlan_config_cmd), 1087 &wowlan_config_cmd); 1088 if (ret) 1089 return ret; 1090 1091 ret = iwl_mvm_sched_scan_start(mvm, vif, nd_config, &mvm->nd_ies, 1092 IWL_MVM_SCAN_NETDETECT); 1093 if (ret) 1094 return ret; 1095 1096 if (WARN_ON(mvm->nd_match_sets || mvm->nd_channels)) 1097 return -EBUSY; 1098 1099 /* save the sched scan matchsets... */ 1100 if (nd_config->n_match_sets) { 1101 mvm->nd_match_sets = kmemdup(nd_config->match_sets, 1102 sizeof(*nd_config->match_sets) * 1103 nd_config->n_match_sets, 1104 GFP_KERNEL); 1105 if (mvm->nd_match_sets) 1106 mvm->n_nd_match_sets = nd_config->n_match_sets; 1107 } 1108 1109 /* ...and the sched scan channels for later reporting */ 1110 mvm->nd_channels = kmemdup(nd_config->channels, 1111 sizeof(*nd_config->channels) * 1112 nd_config->n_channels, 1113 GFP_KERNEL); 1114 if (mvm->nd_channels) 1115 mvm->n_nd_channels = nd_config->n_channels; 1116 1117 return 0; 1118 } 1119 1120 static void iwl_mvm_free_nd(struct iwl_mvm *mvm) 1121 { 1122 kfree(mvm->nd_match_sets); 1123 mvm->nd_match_sets = NULL; 1124 mvm->n_nd_match_sets = 0; 1125 kfree(mvm->nd_channels); 1126 mvm->nd_channels = NULL; 1127 mvm->n_nd_channels = 0; 1128 } 1129 1130 static int __iwl_mvm_suspend(struct ieee80211_hw *hw, 1131 struct cfg80211_wowlan *wowlan, 1132 bool test) 1133 { 1134 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 1135 struct ieee80211_vif *vif = NULL; 1136 struct iwl_mvm_vif *mvmvif = NULL; 1137 struct ieee80211_sta *ap_sta = NULL; 1138 struct iwl_d3_manager_config d3_cfg_cmd_data = { 1139 /* 1140 * Program the minimum sleep time to 10 seconds, as many 1141 * platforms have issues processing a wakeup signal while 1142 * still being in the process of suspending. 1143 */ 1144 .min_sleep_time = cpu_to_le32(10 * 1000 * 1000), 1145 }; 1146 struct iwl_host_cmd d3_cfg_cmd = { 1147 .id = D3_CONFIG_CMD, 1148 .flags = CMD_WANT_SKB, 1149 .data[0] = &d3_cfg_cmd_data, 1150 .len[0] = sizeof(d3_cfg_cmd_data), 1151 }; 1152 int ret; 1153 int len __maybe_unused; 1154 1155 if (!wowlan) { 1156 /* 1157 * mac80211 shouldn't get here, but for D3 test 1158 * it doesn't warrant a warning 1159 */ 1160 WARN_ON(!test); 1161 return -EINVAL; 1162 } 1163 1164 mutex_lock(&mvm->mutex); 1165 1166 vif = iwl_mvm_get_bss_vif(mvm); 1167 if (IS_ERR_OR_NULL(vif)) { 1168 ret = 1; 1169 goto out_noreset; 1170 } 1171 1172 mvmvif = iwl_mvm_vif_from_mac80211(vif); 1173 1174 if (mvmvif->ap_sta_id == IWL_MVM_STATION_COUNT) { 1175 /* if we're not associated, this must be netdetect */ 1176 if (!wowlan->nd_config) { 1177 ret = 1; 1178 goto out_noreset; 1179 } 1180 1181 ret = iwl_mvm_netdetect_config( 1182 mvm, wowlan, wowlan->nd_config, vif); 1183 if (ret) 1184 goto out; 1185 1186 mvm->net_detect = true; 1187 } else { 1188 struct iwl_wowlan_config_cmd wowlan_config_cmd = {}; 1189 1190 ap_sta = rcu_dereference_protected( 1191 mvm->fw_id_to_mac_id[mvmvif->ap_sta_id], 1192 lockdep_is_held(&mvm->mutex)); 1193 if (IS_ERR_OR_NULL(ap_sta)) { 1194 ret = -EINVAL; 1195 goto out_noreset; 1196 } 1197 1198 ret = iwl_mvm_get_wowlan_config(mvm, wowlan, &wowlan_config_cmd, 1199 vif, mvmvif, ap_sta); 1200 if (ret) 1201 goto out_noreset; 1202 ret = iwl_mvm_wowlan_config(mvm, wowlan, &wowlan_config_cmd, 1203 vif, mvmvif, ap_sta); 1204 if (ret) 1205 goto out; 1206 1207 mvm->net_detect = false; 1208 } 1209 1210 ret = iwl_mvm_power_update_device(mvm); 1211 if (ret) 1212 goto out; 1213 1214 ret = iwl_mvm_power_update_mac(mvm); 1215 if (ret) 1216 goto out; 1217 1218 #ifdef CONFIG_IWLWIFI_DEBUGFS 1219 if (mvm->d3_wake_sysassert) 1220 d3_cfg_cmd_data.wakeup_flags |= 1221 cpu_to_le32(IWL_WAKEUP_D3_CONFIG_FW_ERROR); 1222 #endif 1223 1224 /* must be last -- this switches firmware state */ 1225 ret = iwl_mvm_send_cmd(mvm, &d3_cfg_cmd); 1226 if (ret) 1227 goto out; 1228 #ifdef CONFIG_IWLWIFI_DEBUGFS 1229 len = iwl_rx_packet_payload_len(d3_cfg_cmd.resp_pkt); 1230 if (len >= sizeof(u32)) { 1231 mvm->d3_test_pme_ptr = 1232 le32_to_cpup((__le32 *)d3_cfg_cmd.resp_pkt->data); 1233 } 1234 #endif 1235 iwl_free_resp(&d3_cfg_cmd); 1236 1237 clear_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status); 1238 1239 iwl_trans_d3_suspend(mvm->trans, test); 1240 out: 1241 if (ret < 0) { 1242 iwl_mvm_ref(mvm, IWL_MVM_REF_UCODE_DOWN); 1243 ieee80211_restart_hw(mvm->hw); 1244 iwl_mvm_free_nd(mvm); 1245 } 1246 out_noreset: 1247 mutex_unlock(&mvm->mutex); 1248 1249 return ret; 1250 } 1251 1252 static int iwl_mvm_enter_d0i3_sync(struct iwl_mvm *mvm) 1253 { 1254 struct iwl_notification_wait wait_d3; 1255 static const u16 d3_notif[] = { D3_CONFIG_CMD }; 1256 int ret; 1257 1258 iwl_init_notification_wait(&mvm->notif_wait, &wait_d3, 1259 d3_notif, ARRAY_SIZE(d3_notif), 1260 NULL, NULL); 1261 1262 ret = iwl_mvm_enter_d0i3(mvm->hw->priv); 1263 if (ret) 1264 goto remove_notif; 1265 1266 ret = iwl_wait_notification(&mvm->notif_wait, &wait_d3, HZ); 1267 WARN_ON_ONCE(ret); 1268 return ret; 1269 1270 remove_notif: 1271 iwl_remove_notification(&mvm->notif_wait, &wait_d3); 1272 return ret; 1273 } 1274 1275 int iwl_mvm_suspend(struct ieee80211_hw *hw, struct cfg80211_wowlan *wowlan) 1276 { 1277 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 1278 struct iwl_trans *trans = mvm->trans; 1279 int ret; 1280 1281 /* make sure the d0i3 exit work is not pending */ 1282 flush_work(&mvm->d0i3_exit_work); 1283 1284 ret = iwl_trans_suspend(trans); 1285 if (ret) 1286 return ret; 1287 1288 if (wowlan->any) { 1289 trans->system_pm_mode = IWL_PLAT_PM_MODE_D0I3; 1290 1291 if (iwl_mvm_enter_d0i3_on_suspend(mvm)) { 1292 ret = iwl_mvm_enter_d0i3_sync(mvm); 1293 1294 if (ret) 1295 return ret; 1296 } 1297 1298 mutex_lock(&mvm->d0i3_suspend_mutex); 1299 __set_bit(D0I3_DEFER_WAKEUP, &mvm->d0i3_suspend_flags); 1300 mutex_unlock(&mvm->d0i3_suspend_mutex); 1301 1302 iwl_trans_d3_suspend(trans, false); 1303 1304 return 0; 1305 } 1306 1307 trans->system_pm_mode = IWL_PLAT_PM_MODE_D3; 1308 1309 return __iwl_mvm_suspend(hw, wowlan, false); 1310 } 1311 1312 /* converted data from the different status responses */ 1313 struct iwl_wowlan_status_data { 1314 u16 pattern_number; 1315 u16 qos_seq_ctr[8]; 1316 u32 wakeup_reasons; 1317 u32 wake_packet_length; 1318 u32 wake_packet_bufsize; 1319 const u8 *wake_packet; 1320 }; 1321 1322 static void iwl_mvm_report_wakeup_reasons(struct iwl_mvm *mvm, 1323 struct ieee80211_vif *vif, 1324 struct iwl_wowlan_status_data *status) 1325 { 1326 struct sk_buff *pkt = NULL; 1327 struct cfg80211_wowlan_wakeup wakeup = { 1328 .pattern_idx = -1, 1329 }; 1330 struct cfg80211_wowlan_wakeup *wakeup_report = &wakeup; 1331 u32 reasons = status->wakeup_reasons; 1332 1333 if (reasons == IWL_WOWLAN_WAKEUP_BY_NON_WIRELESS) { 1334 wakeup_report = NULL; 1335 goto report; 1336 } 1337 1338 pm_wakeup_event(mvm->dev, 0); 1339 1340 if (reasons & IWL_WOWLAN_WAKEUP_BY_MAGIC_PACKET) 1341 wakeup.magic_pkt = true; 1342 1343 if (reasons & IWL_WOWLAN_WAKEUP_BY_PATTERN) 1344 wakeup.pattern_idx = 1345 status->pattern_number; 1346 1347 if (reasons & (IWL_WOWLAN_WAKEUP_BY_DISCONNECTION_ON_MISSED_BEACON | 1348 IWL_WOWLAN_WAKEUP_BY_DISCONNECTION_ON_DEAUTH)) 1349 wakeup.disconnect = true; 1350 1351 if (reasons & IWL_WOWLAN_WAKEUP_BY_GTK_REKEY_FAILURE) 1352 wakeup.gtk_rekey_failure = true; 1353 1354 if (reasons & IWL_WOWLAN_WAKEUP_BY_RFKILL_DEASSERTED) 1355 wakeup.rfkill_release = true; 1356 1357 if (reasons & IWL_WOWLAN_WAKEUP_BY_EAPOL_REQUEST) 1358 wakeup.eap_identity_req = true; 1359 1360 if (reasons & IWL_WOWLAN_WAKEUP_BY_FOUR_WAY_HANDSHAKE) 1361 wakeup.four_way_handshake = true; 1362 1363 if (reasons & IWL_WOWLAN_WAKEUP_BY_REM_WAKE_LINK_LOSS) 1364 wakeup.tcp_connlost = true; 1365 1366 if (reasons & IWL_WOWLAN_WAKEUP_BY_REM_WAKE_SIGNATURE_TABLE) 1367 wakeup.tcp_nomoretokens = true; 1368 1369 if (reasons & IWL_WOWLAN_WAKEUP_BY_REM_WAKE_WAKEUP_PACKET) 1370 wakeup.tcp_match = true; 1371 1372 if (status->wake_packet_bufsize) { 1373 int pktsize = status->wake_packet_bufsize; 1374 int pktlen = status->wake_packet_length; 1375 const u8 *pktdata = status->wake_packet; 1376 struct ieee80211_hdr *hdr = (void *)pktdata; 1377 int truncated = pktlen - pktsize; 1378 1379 /* this would be a firmware bug */ 1380 if (WARN_ON_ONCE(truncated < 0)) 1381 truncated = 0; 1382 1383 if (ieee80211_is_data(hdr->frame_control)) { 1384 int hdrlen = ieee80211_hdrlen(hdr->frame_control); 1385 int ivlen = 0, icvlen = 4; /* also FCS */ 1386 1387 pkt = alloc_skb(pktsize, GFP_KERNEL); 1388 if (!pkt) 1389 goto report; 1390 1391 memcpy(skb_put(pkt, hdrlen), pktdata, hdrlen); 1392 pktdata += hdrlen; 1393 pktsize -= hdrlen; 1394 1395 if (ieee80211_has_protected(hdr->frame_control)) { 1396 /* 1397 * This is unlocked and using gtk_i(c)vlen, 1398 * but since everything is under RTNL still 1399 * that's not really a problem - changing 1400 * it would be difficult. 1401 */ 1402 if (is_multicast_ether_addr(hdr->addr1)) { 1403 ivlen = mvm->gtk_ivlen; 1404 icvlen += mvm->gtk_icvlen; 1405 } else { 1406 ivlen = mvm->ptk_ivlen; 1407 icvlen += mvm->ptk_icvlen; 1408 } 1409 } 1410 1411 /* if truncated, FCS/ICV is (partially) gone */ 1412 if (truncated >= icvlen) { 1413 icvlen = 0; 1414 truncated -= icvlen; 1415 } else { 1416 icvlen -= truncated; 1417 truncated = 0; 1418 } 1419 1420 pktsize -= ivlen + icvlen; 1421 pktdata += ivlen; 1422 1423 memcpy(skb_put(pkt, pktsize), pktdata, pktsize); 1424 1425 if (ieee80211_data_to_8023(pkt, vif->addr, vif->type)) 1426 goto report; 1427 wakeup.packet = pkt->data; 1428 wakeup.packet_present_len = pkt->len; 1429 wakeup.packet_len = pkt->len - truncated; 1430 wakeup.packet_80211 = false; 1431 } else { 1432 int fcslen = 4; 1433 1434 if (truncated >= 4) { 1435 truncated -= 4; 1436 fcslen = 0; 1437 } else { 1438 fcslen -= truncated; 1439 truncated = 0; 1440 } 1441 pktsize -= fcslen; 1442 wakeup.packet = status->wake_packet; 1443 wakeup.packet_present_len = pktsize; 1444 wakeup.packet_len = pktlen - truncated; 1445 wakeup.packet_80211 = true; 1446 } 1447 } 1448 1449 report: 1450 ieee80211_report_wowlan_wakeup(vif, wakeup_report, GFP_KERNEL); 1451 kfree_skb(pkt); 1452 } 1453 1454 static void iwl_mvm_aes_sc_to_seq(struct aes_sc *sc, 1455 struct ieee80211_key_seq *seq) 1456 { 1457 u64 pn; 1458 1459 pn = le64_to_cpu(sc->pn); 1460 seq->ccmp.pn[0] = pn >> 40; 1461 seq->ccmp.pn[1] = pn >> 32; 1462 seq->ccmp.pn[2] = pn >> 24; 1463 seq->ccmp.pn[3] = pn >> 16; 1464 seq->ccmp.pn[4] = pn >> 8; 1465 seq->ccmp.pn[5] = pn; 1466 } 1467 1468 static void iwl_mvm_tkip_sc_to_seq(struct tkip_sc *sc, 1469 struct ieee80211_key_seq *seq) 1470 { 1471 seq->tkip.iv32 = le32_to_cpu(sc->iv32); 1472 seq->tkip.iv16 = le16_to_cpu(sc->iv16); 1473 } 1474 1475 static void iwl_mvm_set_aes_rx_seq(struct iwl_mvm *mvm, struct aes_sc *scs, 1476 struct ieee80211_sta *sta, 1477 struct ieee80211_key_conf *key) 1478 { 1479 int tid; 1480 1481 BUILD_BUG_ON(IWL_NUM_RSC != IEEE80211_NUM_TIDS); 1482 1483 if (sta && iwl_mvm_has_new_rx_api(mvm)) { 1484 struct iwl_mvm_sta *mvmsta; 1485 struct iwl_mvm_key_pn *ptk_pn; 1486 1487 mvmsta = iwl_mvm_sta_from_mac80211(sta); 1488 1489 ptk_pn = rcu_dereference_protected(mvmsta->ptk_pn[key->keyidx], 1490 lockdep_is_held(&mvm->mutex)); 1491 if (WARN_ON(!ptk_pn)) 1492 return; 1493 1494 for (tid = 0; tid < IWL_MAX_TID_COUNT; tid++) { 1495 struct ieee80211_key_seq seq = {}; 1496 int i; 1497 1498 iwl_mvm_aes_sc_to_seq(&scs[tid], &seq); 1499 ieee80211_set_key_rx_seq(key, tid, &seq); 1500 for (i = 1; i < mvm->trans->num_rx_queues; i++) 1501 memcpy(ptk_pn->q[i].pn[tid], 1502 seq.ccmp.pn, IEEE80211_CCMP_PN_LEN); 1503 } 1504 } else { 1505 for (tid = 0; tid < IWL_NUM_RSC; tid++) { 1506 struct ieee80211_key_seq seq = {}; 1507 1508 iwl_mvm_aes_sc_to_seq(&scs[tid], &seq); 1509 ieee80211_set_key_rx_seq(key, tid, &seq); 1510 } 1511 } 1512 } 1513 1514 static void iwl_mvm_set_tkip_rx_seq(struct tkip_sc *scs, 1515 struct ieee80211_key_conf *key) 1516 { 1517 int tid; 1518 1519 BUILD_BUG_ON(IWL_NUM_RSC != IEEE80211_NUM_TIDS); 1520 1521 for (tid = 0; tid < IWL_NUM_RSC; tid++) { 1522 struct ieee80211_key_seq seq = {}; 1523 1524 iwl_mvm_tkip_sc_to_seq(&scs[tid], &seq); 1525 ieee80211_set_key_rx_seq(key, tid, &seq); 1526 } 1527 } 1528 1529 static void iwl_mvm_set_key_rx_seq(struct iwl_mvm *mvm, 1530 struct ieee80211_key_conf *key, 1531 struct iwl_wowlan_status *status) 1532 { 1533 union iwl_all_tsc_rsc *rsc = &status->gtk.rsc.all_tsc_rsc; 1534 1535 switch (key->cipher) { 1536 case WLAN_CIPHER_SUITE_CCMP: 1537 iwl_mvm_set_aes_rx_seq(mvm, rsc->aes.multicast_rsc, NULL, key); 1538 break; 1539 case WLAN_CIPHER_SUITE_TKIP: 1540 iwl_mvm_set_tkip_rx_seq(rsc->tkip.multicast_rsc, key); 1541 break; 1542 default: 1543 WARN_ON(1); 1544 } 1545 } 1546 1547 struct iwl_mvm_d3_gtk_iter_data { 1548 struct iwl_mvm *mvm; 1549 struct iwl_wowlan_status *status; 1550 void *last_gtk; 1551 u32 cipher; 1552 bool find_phase, unhandled_cipher; 1553 int num_keys; 1554 }; 1555 1556 static void iwl_mvm_d3_update_keys(struct ieee80211_hw *hw, 1557 struct ieee80211_vif *vif, 1558 struct ieee80211_sta *sta, 1559 struct ieee80211_key_conf *key, 1560 void *_data) 1561 { 1562 struct iwl_mvm_d3_gtk_iter_data *data = _data; 1563 1564 if (data->unhandled_cipher) 1565 return; 1566 1567 switch (key->cipher) { 1568 case WLAN_CIPHER_SUITE_WEP40: 1569 case WLAN_CIPHER_SUITE_WEP104: 1570 /* ignore WEP completely, nothing to do */ 1571 return; 1572 case WLAN_CIPHER_SUITE_CCMP: 1573 case WLAN_CIPHER_SUITE_TKIP: 1574 /* we support these */ 1575 break; 1576 default: 1577 /* everything else (even CMAC for MFP) - disconnect from AP */ 1578 data->unhandled_cipher = true; 1579 return; 1580 } 1581 1582 data->num_keys++; 1583 1584 /* 1585 * pairwise key - update sequence counters only; 1586 * note that this assumes no TDLS sessions are active 1587 */ 1588 if (sta) { 1589 struct ieee80211_key_seq seq = {}; 1590 union iwl_all_tsc_rsc *sc = &data->status->gtk.rsc.all_tsc_rsc; 1591 1592 if (data->find_phase) 1593 return; 1594 1595 switch (key->cipher) { 1596 case WLAN_CIPHER_SUITE_CCMP: 1597 iwl_mvm_set_aes_rx_seq(data->mvm, sc->aes.unicast_rsc, 1598 sta, key); 1599 atomic64_set(&key->tx_pn, le64_to_cpu(sc->aes.tsc.pn)); 1600 break; 1601 case WLAN_CIPHER_SUITE_TKIP: 1602 iwl_mvm_tkip_sc_to_seq(&sc->tkip.tsc, &seq); 1603 iwl_mvm_set_tkip_rx_seq(sc->tkip.unicast_rsc, key); 1604 ieee80211_set_key_tx_seq(key, &seq); 1605 break; 1606 } 1607 1608 /* that's it for this key */ 1609 return; 1610 } 1611 1612 if (data->find_phase) { 1613 data->last_gtk = key; 1614 data->cipher = key->cipher; 1615 return; 1616 } 1617 1618 if (data->status->num_of_gtk_rekeys) 1619 ieee80211_remove_key(key); 1620 else if (data->last_gtk == key) 1621 iwl_mvm_set_key_rx_seq(data->mvm, key, data->status); 1622 } 1623 1624 static bool iwl_mvm_setup_connection_keep(struct iwl_mvm *mvm, 1625 struct ieee80211_vif *vif, 1626 struct iwl_wowlan_status *status) 1627 { 1628 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 1629 struct iwl_mvm_d3_gtk_iter_data gtkdata = { 1630 .mvm = mvm, 1631 .status = status, 1632 }; 1633 u32 disconnection_reasons = 1634 IWL_WOWLAN_WAKEUP_BY_DISCONNECTION_ON_MISSED_BEACON | 1635 IWL_WOWLAN_WAKEUP_BY_DISCONNECTION_ON_DEAUTH; 1636 1637 if (!status || !vif->bss_conf.bssid) 1638 return false; 1639 1640 if (le32_to_cpu(status->wakeup_reasons) & disconnection_reasons) 1641 return false; 1642 1643 /* find last GTK that we used initially, if any */ 1644 gtkdata.find_phase = true; 1645 ieee80211_iter_keys(mvm->hw, vif, 1646 iwl_mvm_d3_update_keys, >kdata); 1647 /* not trying to keep connections with MFP/unhandled ciphers */ 1648 if (gtkdata.unhandled_cipher) 1649 return false; 1650 if (!gtkdata.num_keys) 1651 goto out; 1652 if (!gtkdata.last_gtk) 1653 return false; 1654 1655 /* 1656 * invalidate all other GTKs that might still exist and update 1657 * the one that we used 1658 */ 1659 gtkdata.find_phase = false; 1660 ieee80211_iter_keys(mvm->hw, vif, 1661 iwl_mvm_d3_update_keys, >kdata); 1662 1663 if (status->num_of_gtk_rekeys) { 1664 struct ieee80211_key_conf *key; 1665 struct { 1666 struct ieee80211_key_conf conf; 1667 u8 key[32]; 1668 } conf = { 1669 .conf.cipher = gtkdata.cipher, 1670 .conf.keyidx = status->gtk.key_index, 1671 }; 1672 1673 switch (gtkdata.cipher) { 1674 case WLAN_CIPHER_SUITE_CCMP: 1675 conf.conf.keylen = WLAN_KEY_LEN_CCMP; 1676 memcpy(conf.conf.key, status->gtk.decrypt_key, 1677 WLAN_KEY_LEN_CCMP); 1678 break; 1679 case WLAN_CIPHER_SUITE_TKIP: 1680 conf.conf.keylen = WLAN_KEY_LEN_TKIP; 1681 memcpy(conf.conf.key, status->gtk.decrypt_key, 16); 1682 /* leave TX MIC key zeroed, we don't use it anyway */ 1683 memcpy(conf.conf.key + 1684 NL80211_TKIP_DATA_OFFSET_RX_MIC_KEY, 1685 status->gtk.tkip_mic_key, 8); 1686 break; 1687 } 1688 1689 key = ieee80211_gtk_rekey_add(vif, &conf.conf); 1690 if (IS_ERR(key)) 1691 return false; 1692 iwl_mvm_set_key_rx_seq(mvm, key, status); 1693 } 1694 1695 if (status->num_of_gtk_rekeys) { 1696 __be64 replay_ctr = 1697 cpu_to_be64(le64_to_cpu(status->replay_ctr)); 1698 ieee80211_gtk_rekey_notify(vif, vif->bss_conf.bssid, 1699 (void *)&replay_ctr, GFP_KERNEL); 1700 } 1701 1702 out: 1703 mvmvif->seqno_valid = true; 1704 /* +0x10 because the set API expects next-to-use, not last-used */ 1705 mvmvif->seqno = le16_to_cpu(status->non_qos_seq_ctr) + 0x10; 1706 1707 return true; 1708 } 1709 1710 static struct iwl_wowlan_status * 1711 iwl_mvm_get_wakeup_status(struct iwl_mvm *mvm, struct ieee80211_vif *vif) 1712 { 1713 u32 base = mvm->error_event_table; 1714 struct error_table_start { 1715 /* cf. struct iwl_error_event_table */ 1716 u32 valid; 1717 u32 error_id; 1718 } err_info; 1719 struct iwl_host_cmd cmd = { 1720 .id = WOWLAN_GET_STATUSES, 1721 .flags = CMD_WANT_SKB, 1722 }; 1723 struct iwl_wowlan_status *status, *fw_status; 1724 int ret, len, status_size; 1725 1726 iwl_trans_read_mem_bytes(mvm->trans, base, 1727 &err_info, sizeof(err_info)); 1728 1729 if (err_info.valid) { 1730 IWL_INFO(mvm, "error table is valid (%d) with error (%d)\n", 1731 err_info.valid, err_info.error_id); 1732 if (err_info.error_id == RF_KILL_INDICATOR_FOR_WOWLAN) { 1733 struct cfg80211_wowlan_wakeup wakeup = { 1734 .rfkill_release = true, 1735 }; 1736 ieee80211_report_wowlan_wakeup(vif, &wakeup, 1737 GFP_KERNEL); 1738 } 1739 return ERR_PTR(-EIO); 1740 } 1741 1742 /* only for tracing for now */ 1743 ret = iwl_mvm_send_cmd_pdu(mvm, OFFLOADS_QUERY_CMD, 0, 0, NULL); 1744 if (ret) 1745 IWL_ERR(mvm, "failed to query offload statistics (%d)\n", ret); 1746 1747 ret = iwl_mvm_send_cmd(mvm, &cmd); 1748 if (ret) { 1749 IWL_ERR(mvm, "failed to query status (%d)\n", ret); 1750 return ERR_PTR(ret); 1751 } 1752 1753 /* RF-kill already asserted again... */ 1754 if (!cmd.resp_pkt) { 1755 fw_status = ERR_PTR(-ERFKILL); 1756 goto out_free_resp; 1757 } 1758 1759 status_size = sizeof(*fw_status); 1760 1761 len = iwl_rx_packet_payload_len(cmd.resp_pkt); 1762 if (len < status_size) { 1763 IWL_ERR(mvm, "Invalid WoWLAN status response!\n"); 1764 fw_status = ERR_PTR(-EIO); 1765 goto out_free_resp; 1766 } 1767 1768 status = (void *)cmd.resp_pkt->data; 1769 if (len != (status_size + 1770 ALIGN(le32_to_cpu(status->wake_packet_bufsize), 4))) { 1771 IWL_ERR(mvm, "Invalid WoWLAN status response!\n"); 1772 fw_status = ERR_PTR(-EIO); 1773 goto out_free_resp; 1774 } 1775 1776 fw_status = kmemdup(status, len, GFP_KERNEL); 1777 1778 out_free_resp: 1779 iwl_free_resp(&cmd); 1780 return fw_status; 1781 } 1782 1783 /* releases the MVM mutex */ 1784 static bool iwl_mvm_query_wakeup_reasons(struct iwl_mvm *mvm, 1785 struct ieee80211_vif *vif) 1786 { 1787 struct iwl_wowlan_status_data status; 1788 struct iwl_wowlan_status *fw_status; 1789 int i; 1790 bool keep; 1791 struct ieee80211_sta *ap_sta; 1792 struct iwl_mvm_sta *mvm_ap_sta; 1793 1794 fw_status = iwl_mvm_get_wakeup_status(mvm, vif); 1795 if (IS_ERR_OR_NULL(fw_status)) 1796 goto out_unlock; 1797 1798 status.pattern_number = le16_to_cpu(fw_status->pattern_number); 1799 for (i = 0; i < 8; i++) 1800 status.qos_seq_ctr[i] = 1801 le16_to_cpu(fw_status->qos_seq_ctr[i]); 1802 status.wakeup_reasons = le32_to_cpu(fw_status->wakeup_reasons); 1803 status.wake_packet_length = 1804 le32_to_cpu(fw_status->wake_packet_length); 1805 status.wake_packet_bufsize = 1806 le32_to_cpu(fw_status->wake_packet_bufsize); 1807 status.wake_packet = fw_status->wake_packet; 1808 1809 /* still at hard-coded place 0 for D3 image */ 1810 ap_sta = rcu_dereference_protected( 1811 mvm->fw_id_to_mac_id[0], 1812 lockdep_is_held(&mvm->mutex)); 1813 if (IS_ERR_OR_NULL(ap_sta)) 1814 goto out_free; 1815 1816 mvm_ap_sta = iwl_mvm_sta_from_mac80211(ap_sta); 1817 for (i = 0; i < IWL_MAX_TID_COUNT; i++) { 1818 u16 seq = status.qos_seq_ctr[i]; 1819 /* firmware stores last-used value, we store next value */ 1820 seq += 0x10; 1821 mvm_ap_sta->tid_data[i].seq_number = seq; 1822 } 1823 1824 /* now we have all the data we need, unlock to avoid mac80211 issues */ 1825 mutex_unlock(&mvm->mutex); 1826 1827 iwl_mvm_report_wakeup_reasons(mvm, vif, &status); 1828 1829 keep = iwl_mvm_setup_connection_keep(mvm, vif, fw_status); 1830 1831 kfree(fw_status); 1832 return keep; 1833 1834 out_free: 1835 kfree(fw_status); 1836 out_unlock: 1837 mutex_unlock(&mvm->mutex); 1838 return false; 1839 } 1840 1841 void iwl_mvm_d0i3_update_keys(struct iwl_mvm *mvm, 1842 struct ieee80211_vif *vif, 1843 struct iwl_wowlan_status *status) 1844 { 1845 struct iwl_mvm_d3_gtk_iter_data gtkdata = { 1846 .mvm = mvm, 1847 .status = status, 1848 }; 1849 1850 /* 1851 * rekey handling requires taking locks that can't be taken now. 1852 * however, d0i3 doesn't offload rekey, so we're fine. 1853 */ 1854 if (WARN_ON_ONCE(status->num_of_gtk_rekeys)) 1855 return; 1856 1857 /* find last GTK that we used initially, if any */ 1858 gtkdata.find_phase = true; 1859 iwl_mvm_iter_d0i3_ap_keys(mvm, vif, iwl_mvm_d3_update_keys, >kdata); 1860 1861 gtkdata.find_phase = false; 1862 iwl_mvm_iter_d0i3_ap_keys(mvm, vif, iwl_mvm_d3_update_keys, >kdata); 1863 } 1864 1865 struct iwl_mvm_nd_query_results { 1866 u32 matched_profiles; 1867 struct iwl_scan_offload_profile_match matches[IWL_SCAN_MAX_PROFILES]; 1868 }; 1869 1870 static int 1871 iwl_mvm_netdetect_query_results(struct iwl_mvm *mvm, 1872 struct iwl_mvm_nd_query_results *results) 1873 { 1874 struct iwl_scan_offload_profiles_query *query; 1875 struct iwl_host_cmd cmd = { 1876 .id = SCAN_OFFLOAD_PROFILES_QUERY_CMD, 1877 .flags = CMD_WANT_SKB, 1878 }; 1879 int ret, len; 1880 1881 ret = iwl_mvm_send_cmd(mvm, &cmd); 1882 if (ret) { 1883 IWL_ERR(mvm, "failed to query matched profiles (%d)\n", ret); 1884 return ret; 1885 } 1886 1887 /* RF-kill already asserted again... */ 1888 if (!cmd.resp_pkt) { 1889 ret = -ERFKILL; 1890 goto out_free_resp; 1891 } 1892 1893 len = iwl_rx_packet_payload_len(cmd.resp_pkt); 1894 if (len < sizeof(*query)) { 1895 IWL_ERR(mvm, "Invalid scan offload profiles query response!\n"); 1896 ret = -EIO; 1897 goto out_free_resp; 1898 } 1899 1900 query = (void *)cmd.resp_pkt->data; 1901 1902 results->matched_profiles = le32_to_cpu(query->matched_profiles); 1903 memcpy(results->matches, query->matches, sizeof(results->matches)); 1904 1905 #ifdef CONFIG_IWLWIFI_DEBUGFS 1906 mvm->last_netdetect_scans = le32_to_cpu(query->n_scans_done); 1907 #endif 1908 1909 out_free_resp: 1910 iwl_free_resp(&cmd); 1911 return ret; 1912 } 1913 1914 static void iwl_mvm_query_netdetect_reasons(struct iwl_mvm *mvm, 1915 struct ieee80211_vif *vif) 1916 { 1917 struct cfg80211_wowlan_nd_info *net_detect = NULL; 1918 struct cfg80211_wowlan_wakeup wakeup = { 1919 .pattern_idx = -1, 1920 }; 1921 struct cfg80211_wowlan_wakeup *wakeup_report = &wakeup; 1922 struct iwl_mvm_nd_query_results query; 1923 struct iwl_wowlan_status *fw_status; 1924 unsigned long matched_profiles; 1925 u32 reasons = 0; 1926 int i, j, n_matches, ret; 1927 1928 fw_status = iwl_mvm_get_wakeup_status(mvm, vif); 1929 if (!IS_ERR_OR_NULL(fw_status)) { 1930 reasons = le32_to_cpu(fw_status->wakeup_reasons); 1931 kfree(fw_status); 1932 } 1933 1934 if (reasons & IWL_WOWLAN_WAKEUP_BY_RFKILL_DEASSERTED) 1935 wakeup.rfkill_release = true; 1936 1937 if (reasons != IWL_WOWLAN_WAKEUP_BY_NON_WIRELESS) 1938 goto out; 1939 1940 ret = iwl_mvm_netdetect_query_results(mvm, &query); 1941 if (ret || !query.matched_profiles) { 1942 wakeup_report = NULL; 1943 goto out; 1944 } 1945 1946 matched_profiles = query.matched_profiles; 1947 if (mvm->n_nd_match_sets) { 1948 n_matches = hweight_long(matched_profiles); 1949 } else { 1950 IWL_ERR(mvm, "no net detect match information available\n"); 1951 n_matches = 0; 1952 } 1953 1954 net_detect = kzalloc(sizeof(*net_detect) + 1955 (n_matches * sizeof(net_detect->matches[0])), 1956 GFP_KERNEL); 1957 if (!net_detect || !n_matches) 1958 goto out_report_nd; 1959 1960 for_each_set_bit(i, &matched_profiles, mvm->n_nd_match_sets) { 1961 struct iwl_scan_offload_profile_match *fw_match; 1962 struct cfg80211_wowlan_nd_match *match; 1963 int idx, n_channels = 0; 1964 1965 fw_match = &query.matches[i]; 1966 1967 for (j = 0; j < SCAN_OFFLOAD_MATCHING_CHANNELS_LEN; j++) 1968 n_channels += hweight8(fw_match->matching_channels[j]); 1969 1970 match = kzalloc(sizeof(*match) + 1971 (n_channels * sizeof(*match->channels)), 1972 GFP_KERNEL); 1973 if (!match) 1974 goto out_report_nd; 1975 1976 net_detect->matches[net_detect->n_matches++] = match; 1977 1978 /* We inverted the order of the SSIDs in the scan 1979 * request, so invert the index here. 1980 */ 1981 idx = mvm->n_nd_match_sets - i - 1; 1982 match->ssid.ssid_len = mvm->nd_match_sets[idx].ssid.ssid_len; 1983 memcpy(match->ssid.ssid, mvm->nd_match_sets[idx].ssid.ssid, 1984 match->ssid.ssid_len); 1985 1986 if (mvm->n_nd_channels < n_channels) 1987 continue; 1988 1989 for (j = 0; j < SCAN_OFFLOAD_MATCHING_CHANNELS_LEN * 8; j++) 1990 if (fw_match->matching_channels[j / 8] & (BIT(j % 8))) 1991 match->channels[match->n_channels++] = 1992 mvm->nd_channels[j]->center_freq; 1993 } 1994 1995 out_report_nd: 1996 wakeup.net_detect = net_detect; 1997 out: 1998 iwl_mvm_free_nd(mvm); 1999 2000 mutex_unlock(&mvm->mutex); 2001 ieee80211_report_wowlan_wakeup(vif, wakeup_report, GFP_KERNEL); 2002 2003 if (net_detect) { 2004 for (i = 0; i < net_detect->n_matches; i++) 2005 kfree(net_detect->matches[i]); 2006 kfree(net_detect); 2007 } 2008 } 2009 2010 static void iwl_mvm_read_d3_sram(struct iwl_mvm *mvm) 2011 { 2012 #ifdef CONFIG_IWLWIFI_DEBUGFS 2013 const struct fw_img *img = &mvm->fw->img[IWL_UCODE_WOWLAN]; 2014 u32 len = img->sec[IWL_UCODE_SECTION_DATA].len; 2015 u32 offs = img->sec[IWL_UCODE_SECTION_DATA].offset; 2016 2017 if (!mvm->store_d3_resume_sram) 2018 return; 2019 2020 if (!mvm->d3_resume_sram) { 2021 mvm->d3_resume_sram = kzalloc(len, GFP_KERNEL); 2022 if (!mvm->d3_resume_sram) 2023 return; 2024 } 2025 2026 iwl_trans_read_mem_bytes(mvm->trans, offs, mvm->d3_resume_sram, len); 2027 #endif 2028 } 2029 2030 static void iwl_mvm_d3_disconnect_iter(void *data, u8 *mac, 2031 struct ieee80211_vif *vif) 2032 { 2033 /* skip the one we keep connection on */ 2034 if (data == vif) 2035 return; 2036 2037 if (vif->type == NL80211_IFTYPE_STATION) 2038 ieee80211_resume_disconnect(vif); 2039 } 2040 2041 static int __iwl_mvm_resume(struct iwl_mvm *mvm, bool test) 2042 { 2043 struct ieee80211_vif *vif = NULL; 2044 int ret; 2045 enum iwl_d3_status d3_status; 2046 bool keep = false; 2047 2048 mutex_lock(&mvm->mutex); 2049 2050 /* get the BSS vif pointer again */ 2051 vif = iwl_mvm_get_bss_vif(mvm); 2052 if (IS_ERR_OR_NULL(vif)) 2053 goto err; 2054 2055 ret = iwl_trans_d3_resume(mvm->trans, &d3_status, test); 2056 if (ret) 2057 goto err; 2058 2059 if (d3_status != IWL_D3_STATUS_ALIVE) { 2060 IWL_INFO(mvm, "Device was reset during suspend\n"); 2061 goto err; 2062 } 2063 2064 /* query SRAM first in case we want event logging */ 2065 iwl_mvm_read_d3_sram(mvm); 2066 2067 /* 2068 * Query the current location and source from the D3 firmware so we 2069 * can play it back when we re-intiailize the D0 firmware 2070 */ 2071 iwl_mvm_update_changed_regdom(mvm); 2072 2073 if (mvm->net_detect) { 2074 iwl_mvm_query_netdetect_reasons(mvm, vif); 2075 /* has unlocked the mutex, so skip that */ 2076 goto out; 2077 } else { 2078 keep = iwl_mvm_query_wakeup_reasons(mvm, vif); 2079 #ifdef CONFIG_IWLWIFI_DEBUGFS 2080 if (keep) 2081 mvm->keep_vif = vif; 2082 #endif 2083 /* has unlocked the mutex, so skip that */ 2084 goto out_iterate; 2085 } 2086 2087 err: 2088 iwl_mvm_free_nd(mvm); 2089 mutex_unlock(&mvm->mutex); 2090 2091 out_iterate: 2092 if (!test) 2093 ieee80211_iterate_active_interfaces_rtnl(mvm->hw, 2094 IEEE80211_IFACE_ITER_NORMAL, 2095 iwl_mvm_d3_disconnect_iter, keep ? vif : NULL); 2096 2097 out: 2098 /* return 1 to reconfigure the device */ 2099 set_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status); 2100 set_bit(IWL_MVM_STATUS_D3_RECONFIG, &mvm->status); 2101 2102 /* We always return 1, which causes mac80211 to do a reconfig 2103 * with IEEE80211_RECONFIG_TYPE_RESTART. This type of 2104 * reconfig calls iwl_mvm_restart_complete(), where we unref 2105 * the IWL_MVM_REF_UCODE_DOWN, so we need to take the 2106 * reference here. 2107 */ 2108 iwl_mvm_ref(mvm, IWL_MVM_REF_UCODE_DOWN); 2109 return 1; 2110 } 2111 2112 static int iwl_mvm_resume_d3(struct iwl_mvm *mvm) 2113 { 2114 iwl_trans_resume(mvm->trans); 2115 2116 return __iwl_mvm_resume(mvm, false); 2117 } 2118 2119 static int iwl_mvm_resume_d0i3(struct iwl_mvm *mvm) 2120 { 2121 bool exit_now; 2122 enum iwl_d3_status d3_status; 2123 struct iwl_trans *trans = mvm->trans; 2124 2125 iwl_trans_d3_resume(trans, &d3_status, false); 2126 2127 /* 2128 * make sure to clear D0I3_DEFER_WAKEUP before 2129 * calling iwl_trans_resume(), which might wait 2130 * for d0i3 exit completion. 2131 */ 2132 mutex_lock(&mvm->d0i3_suspend_mutex); 2133 __clear_bit(D0I3_DEFER_WAKEUP, &mvm->d0i3_suspend_flags); 2134 exit_now = __test_and_clear_bit(D0I3_PENDING_WAKEUP, 2135 &mvm->d0i3_suspend_flags); 2136 mutex_unlock(&mvm->d0i3_suspend_mutex); 2137 if (exit_now) { 2138 IWL_DEBUG_RPM(mvm, "Run deferred d0i3 exit\n"); 2139 _iwl_mvm_exit_d0i3(mvm); 2140 } 2141 2142 iwl_trans_resume(trans); 2143 2144 if (iwl_mvm_enter_d0i3_on_suspend(mvm)) { 2145 int ret = iwl_mvm_exit_d0i3(mvm->hw->priv); 2146 2147 if (ret) 2148 return ret; 2149 /* 2150 * d0i3 exit will be deferred until reconfig_complete. 2151 * make sure there we are out of d0i3. 2152 */ 2153 } 2154 return 0; 2155 } 2156 2157 int iwl_mvm_resume(struct ieee80211_hw *hw) 2158 { 2159 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 2160 int ret; 2161 2162 if (mvm->trans->system_pm_mode == IWL_PLAT_PM_MODE_D0I3) 2163 ret = iwl_mvm_resume_d0i3(mvm); 2164 else 2165 ret = iwl_mvm_resume_d3(mvm); 2166 2167 mvm->trans->system_pm_mode = IWL_PLAT_PM_MODE_DISABLED; 2168 2169 return ret; 2170 } 2171 2172 void iwl_mvm_set_wakeup(struct ieee80211_hw *hw, bool enabled) 2173 { 2174 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 2175 2176 device_set_wakeup_enable(mvm->trans->dev, enabled); 2177 } 2178 2179 #ifdef CONFIG_IWLWIFI_DEBUGFS 2180 static int iwl_mvm_d3_test_open(struct inode *inode, struct file *file) 2181 { 2182 struct iwl_mvm *mvm = inode->i_private; 2183 int err; 2184 2185 if (mvm->d3_test_active) 2186 return -EBUSY; 2187 2188 file->private_data = inode->i_private; 2189 2190 ieee80211_stop_queues(mvm->hw); 2191 synchronize_net(); 2192 2193 mvm->trans->system_pm_mode = IWL_PLAT_PM_MODE_D3; 2194 2195 /* start pseudo D3 */ 2196 rtnl_lock(); 2197 err = __iwl_mvm_suspend(mvm->hw, mvm->hw->wiphy->wowlan_config, true); 2198 rtnl_unlock(); 2199 if (err > 0) 2200 err = -EINVAL; 2201 if (err) { 2202 ieee80211_wake_queues(mvm->hw); 2203 return err; 2204 } 2205 mvm->d3_test_active = true; 2206 mvm->keep_vif = NULL; 2207 return 0; 2208 } 2209 2210 static ssize_t iwl_mvm_d3_test_read(struct file *file, char __user *user_buf, 2211 size_t count, loff_t *ppos) 2212 { 2213 struct iwl_mvm *mvm = file->private_data; 2214 u32 pme_asserted; 2215 2216 while (true) { 2217 /* read pme_ptr if available */ 2218 if (mvm->d3_test_pme_ptr) { 2219 pme_asserted = iwl_trans_read_mem32(mvm->trans, 2220 mvm->d3_test_pme_ptr); 2221 if (pme_asserted) 2222 break; 2223 } 2224 2225 if (msleep_interruptible(100)) 2226 break; 2227 } 2228 2229 return 0; 2230 } 2231 2232 static void iwl_mvm_d3_test_disconn_work_iter(void *_data, u8 *mac, 2233 struct ieee80211_vif *vif) 2234 { 2235 /* skip the one we keep connection on */ 2236 if (_data == vif) 2237 return; 2238 2239 if (vif->type == NL80211_IFTYPE_STATION) 2240 ieee80211_connection_loss(vif); 2241 } 2242 2243 static int iwl_mvm_d3_test_release(struct inode *inode, struct file *file) 2244 { 2245 struct iwl_mvm *mvm = inode->i_private; 2246 int remaining_time = 10; 2247 2248 mvm->d3_test_active = false; 2249 2250 rtnl_lock(); 2251 __iwl_mvm_resume(mvm, true); 2252 rtnl_unlock(); 2253 2254 mvm->trans->system_pm_mode = IWL_PLAT_PM_MODE_DISABLED; 2255 2256 iwl_abort_notification_waits(&mvm->notif_wait); 2257 ieee80211_restart_hw(mvm->hw); 2258 2259 /* wait for restart and disconnect all interfaces */ 2260 while (test_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status) && 2261 remaining_time > 0) { 2262 remaining_time--; 2263 msleep(1000); 2264 } 2265 2266 if (remaining_time == 0) 2267 IWL_ERR(mvm, "Timed out waiting for HW restart to finish!\n"); 2268 2269 ieee80211_iterate_active_interfaces_atomic( 2270 mvm->hw, IEEE80211_IFACE_ITER_NORMAL, 2271 iwl_mvm_d3_test_disconn_work_iter, mvm->keep_vif); 2272 2273 ieee80211_wake_queues(mvm->hw); 2274 2275 return 0; 2276 } 2277 2278 const struct file_operations iwl_dbgfs_d3_test_ops = { 2279 .llseek = no_llseek, 2280 .open = iwl_mvm_d3_test_open, 2281 .read = iwl_mvm_d3_test_read, 2282 .release = iwl_mvm_d3_test_release, 2283 }; 2284 #endif 2285