xref: /linux/drivers/net/wireless/realtek/rtw89/cam.c (revision 59237b0c962e8a4e03a7666b8c1d047c262f236e)
1 // SPDX-License-Identifier: GPL-2.0 OR BSD-3-Clause
2 /* Copyright(c) 2019-2020  Realtek Corporation
3  */
4 
5 #include "cam.h"
6 #include "debug.h"
7 #include "fw.h"
8 #include "mac.h"
9 
10 static struct sk_buff *
11 rtw89_cam_get_sec_key_cmd(struct rtw89_dev *rtwdev,
12 			  struct rtw89_sec_cam_entry *sec_cam,
13 			  bool ext_key)
14 {
15 	struct sk_buff *skb;
16 	u32 cmd_len = H2C_SEC_CAM_LEN;
17 	u32 key32[4];
18 	u8 *cmd;
19 	int i, j;
20 
21 	skb = rtw89_fw_h2c_alloc_skb_with_hdr(rtwdev, cmd_len);
22 	if (!skb)
23 		return NULL;
24 
25 	skb_put_zero(skb, cmd_len);
26 
27 	for (i = 0; i < 4; i++) {
28 		j = i * 4;
29 		j += ext_key ? 16 : 0;
30 		key32[i] = FIELD_PREP(GENMASK(7, 0), sec_cam->key[j + 0]) |
31 			   FIELD_PREP(GENMASK(15, 8), sec_cam->key[j + 1]) |
32 			   FIELD_PREP(GENMASK(23, 16), sec_cam->key[j + 2]) |
33 			   FIELD_PREP(GENMASK(31, 24), sec_cam->key[j + 3]);
34 	}
35 
36 	cmd = skb->data;
37 	RTW89_SET_FWCMD_SEC_IDX(cmd, sec_cam->sec_cam_idx + (ext_key ? 1 : 0));
38 	RTW89_SET_FWCMD_SEC_OFFSET(cmd, sec_cam->offset);
39 	RTW89_SET_FWCMD_SEC_LEN(cmd, sec_cam->len);
40 	RTW89_SET_FWCMD_SEC_TYPE(cmd, sec_cam->type);
41 	RTW89_SET_FWCMD_SEC_EXT_KEY(cmd, ext_key);
42 	RTW89_SET_FWCMD_SEC_SPP_MODE(cmd, sec_cam->spp_mode);
43 	RTW89_SET_FWCMD_SEC_KEY0(cmd, key32[0]);
44 	RTW89_SET_FWCMD_SEC_KEY1(cmd, key32[1]);
45 	RTW89_SET_FWCMD_SEC_KEY2(cmd, key32[2]);
46 	RTW89_SET_FWCMD_SEC_KEY3(cmd, key32[3]);
47 
48 	return skb;
49 }
50 
51 static int rtw89_cam_send_sec_key_cmd(struct rtw89_dev *rtwdev,
52 				      struct rtw89_sec_cam_entry *sec_cam)
53 {
54 	struct sk_buff *skb, *ext_skb;
55 	int ret;
56 
57 	skb = rtw89_cam_get_sec_key_cmd(rtwdev, sec_cam, false);
58 	if (!skb) {
59 		rtw89_err(rtwdev, "failed to get sec key command\n");
60 		return -ENOMEM;
61 	}
62 
63 	rtw89_h2c_pkt_set_hdr(rtwdev, skb,
64 			      FWCMD_TYPE_H2C,
65 			      H2C_CAT_MAC,
66 			      H2C_CL_MAC_SEC_CAM,
67 			      H2C_FUNC_MAC_SEC_UPD, 1, 0,
68 			      H2C_SEC_CAM_LEN);
69 	ret = rtw89_h2c_tx(rtwdev, skb, false);
70 	if (ret) {
71 		rtw89_err(rtwdev, "failed to send sec key h2c: %d\n", ret);
72 		dev_kfree_skb(skb);
73 		return ret;
74 	}
75 
76 	if (!sec_cam->ext_key)
77 		return 0;
78 
79 	ext_skb = rtw89_cam_get_sec_key_cmd(rtwdev, sec_cam, true);
80 	if (!ext_skb) {
81 		rtw89_err(rtwdev, "failed to get ext sec key command\n");
82 		return -ENOMEM;
83 	}
84 
85 	rtw89_h2c_pkt_set_hdr(rtwdev, ext_skb,
86 			      FWCMD_TYPE_H2C,
87 			      H2C_CAT_MAC,
88 			      H2C_CL_MAC_SEC_CAM,
89 			      H2C_FUNC_MAC_SEC_UPD,
90 			      1, 0, H2C_SEC_CAM_LEN);
91 	ret = rtw89_h2c_tx(rtwdev, ext_skb, false);
92 	if (ret) {
93 		rtw89_err(rtwdev, "failed to send ext sec key h2c: %d\n", ret);
94 		dev_kfree_skb(ext_skb);
95 		return ret;
96 	}
97 
98 	return 0;
99 }
100 
101 static int rtw89_cam_get_avail_sec_cam(struct rtw89_dev *rtwdev,
102 				       u8 *sec_cam_idx, bool ext_key)
103 {
104 	const struct rtw89_chip_info *chip = rtwdev->chip;
105 	struct rtw89_cam_info *cam_info = &rtwdev->cam_info;
106 	u8 sec_cam_num = chip->scam_num;
107 	u8 idx = 0;
108 
109 	if (!ext_key) {
110 		idx = find_first_zero_bit(cam_info->sec_cam_map, sec_cam_num);
111 		if (idx >= sec_cam_num)
112 			return -EBUSY;
113 
114 		set_bit(idx, cam_info->sec_cam_map);
115 		*sec_cam_idx = idx;
116 
117 		return 0;
118 	}
119 
120 again:
121 	idx = find_next_zero_bit(cam_info->sec_cam_map, sec_cam_num, idx);
122 	if (idx >= sec_cam_num - 1)
123 		return -EBUSY;
124 	/* ext keys need two cam entries for 256-bit key */
125 	if (test_bit(idx + 1, cam_info->sec_cam_map)) {
126 		idx++;
127 		goto again;
128 	}
129 
130 	set_bit(idx, cam_info->sec_cam_map);
131 	set_bit(idx + 1, cam_info->sec_cam_map);
132 	*sec_cam_idx = idx;
133 
134 	return 0;
135 }
136 
137 static int rtw89_cam_get_addr_cam_key_idx(struct rtw89_addr_cam_entry *addr_cam,
138 					  struct rtw89_sec_cam_entry *sec_cam,
139 					  struct ieee80211_key_conf *key,
140 					  u8 *key_idx)
141 {
142 	u8 idx;
143 
144 	/* RTW89_ADDR_CAM_SEC_NONE	: not enabled
145 	 * RTW89_ADDR_CAM_SEC_ALL_UNI	: 0 - 6 unicast
146 	 * RTW89_ADDR_CAM_SEC_NORMAL	: 0 - 1 unicast, 2 - 4 group, 5 - 6 BIP
147 	 * RTW89_ADDR_CAM_SEC_4GROUP	: 0 - 1 unicast, 2 - 5 group, 6 BIP
148 	 */
149 	switch (addr_cam->sec_ent_mode) {
150 	case RTW89_ADDR_CAM_SEC_NONE:
151 		return -EINVAL;
152 	case RTW89_ADDR_CAM_SEC_ALL_UNI:
153 		idx = find_first_zero_bit(addr_cam->sec_cam_map,
154 					  RTW89_SEC_CAM_IN_ADDR_CAM);
155 		if (idx >= RTW89_SEC_CAM_IN_ADDR_CAM)
156 			return -EBUSY;
157 		*key_idx = idx;
158 		break;
159 	case RTW89_ADDR_CAM_SEC_NORMAL:
160 		if (sec_cam->type == RTW89_SEC_KEY_TYPE_BIP_CCMP128) {
161 			idx = find_next_zero_bit(addr_cam->sec_cam_map,
162 						 RTW89_SEC_CAM_IN_ADDR_CAM, 5);
163 			if (idx > 6)
164 				return -EBUSY;
165 			*key_idx = idx;
166 			break;
167 		}
168 
169 		if (key->flags & IEEE80211_KEY_FLAG_PAIRWISE) {
170 			idx = find_next_zero_bit(addr_cam->sec_cam_map,
171 						 RTW89_SEC_CAM_IN_ADDR_CAM, 0);
172 			if (idx > 1)
173 				return -EBUSY;
174 			*key_idx = idx;
175 			break;
176 		}
177 
178 		/* Group keys */
179 		idx = find_next_zero_bit(addr_cam->sec_cam_map,
180 					 RTW89_SEC_CAM_IN_ADDR_CAM, 2);
181 		if (idx > 4)
182 			return -EBUSY;
183 		*key_idx = idx;
184 		break;
185 	case RTW89_ADDR_CAM_SEC_4GROUP:
186 		if (sec_cam->type == RTW89_SEC_KEY_TYPE_BIP_CCMP128) {
187 			if (test_bit(6, addr_cam->sec_cam_map))
188 				return -EINVAL;
189 			*key_idx = 6;
190 			break;
191 		}
192 
193 		if (key->flags & IEEE80211_KEY_FLAG_PAIRWISE) {
194 			idx = find_next_zero_bit(addr_cam->sec_cam_map,
195 						 RTW89_SEC_CAM_IN_ADDR_CAM, 0);
196 			if (idx > 1)
197 				return -EBUSY;
198 			*key_idx = idx;
199 			break;
200 		}
201 
202 		/* Group keys */
203 		idx = find_next_zero_bit(addr_cam->sec_cam_map,
204 					 RTW89_SEC_CAM_IN_ADDR_CAM, 2);
205 		if (idx > 5)
206 			return -EBUSY;
207 		*key_idx = idx;
208 		break;
209 	}
210 
211 	return 0;
212 }
213 
214 static int rtw89_cam_attach_sec_cam(struct rtw89_dev *rtwdev,
215 				    struct ieee80211_vif *vif,
216 				    struct ieee80211_sta *sta,
217 				    struct ieee80211_key_conf *key,
218 				    struct rtw89_sec_cam_entry *sec_cam)
219 {
220 	struct rtw89_sta *rtwsta = sta_to_rtwsta_safe(sta);
221 	struct rtw89_vif *rtwvif;
222 	struct rtw89_addr_cam_entry *addr_cam;
223 	u8 key_idx = 0;
224 	int ret;
225 
226 	if (!vif) {
227 		rtw89_err(rtwdev, "No iface for adding sec cam\n");
228 		return -EINVAL;
229 	}
230 
231 	rtwvif = (struct rtw89_vif *)vif->drv_priv;
232 	addr_cam = rtw89_get_addr_cam_of(rtwvif, rtwsta);
233 
234 	if (key->cipher == WLAN_CIPHER_SUITE_WEP40 ||
235 	    key->cipher == WLAN_CIPHER_SUITE_WEP104)
236 		addr_cam->sec_ent_mode = RTW89_ADDR_CAM_SEC_ALL_UNI;
237 
238 	ret = rtw89_cam_get_addr_cam_key_idx(addr_cam, sec_cam, key, &key_idx);
239 	if (ret) {
240 		rtw89_err(rtwdev, "failed to get addr cam key idx %d, %d\n",
241 			  addr_cam->sec_ent_mode, sec_cam->type);
242 		return ret;
243 	}
244 
245 	key->hw_key_idx = key_idx;
246 	addr_cam->sec_ent_keyid[key_idx] = key->keyidx;
247 	addr_cam->sec_ent[key_idx] = sec_cam->sec_cam_idx;
248 	addr_cam->sec_entries[key_idx] = sec_cam;
249 	set_bit(key_idx, addr_cam->sec_cam_map);
250 	ret = rtw89_chip_h2c_dctl_sec_cam(rtwdev, rtwvif, rtwsta);
251 	if (ret) {
252 		rtw89_err(rtwdev, "failed to update dctl cam sec entry: %d\n",
253 			  ret);
254 		return ret;
255 	}
256 	ret = rtw89_fw_h2c_cam(rtwdev, rtwvif, rtwsta, NULL);
257 	if (ret) {
258 		rtw89_err(rtwdev, "failed to update addr cam sec entry: %d\n",
259 			  ret);
260 		clear_bit(key_idx, addr_cam->sec_cam_map);
261 		addr_cam->sec_entries[key_idx] = NULL;
262 		return ret;
263 	}
264 
265 	return 0;
266 }
267 
268 static int rtw89_cam_sec_key_install(struct rtw89_dev *rtwdev,
269 				     struct ieee80211_vif *vif,
270 				     struct ieee80211_sta *sta,
271 				     struct ieee80211_key_conf *key,
272 				     u8 hw_key_type, bool ext_key)
273 {
274 	struct rtw89_sec_cam_entry *sec_cam = NULL;
275 	struct rtw89_cam_info *cam_info = &rtwdev->cam_info;
276 	u8 sec_cam_idx;
277 	int ret;
278 
279 	/* maximum key length 256-bit */
280 	if (key->keylen > 32) {
281 		rtw89_err(rtwdev, "invalid sec key length %d\n", key->keylen);
282 		return -EINVAL;
283 	}
284 
285 	ret = rtw89_cam_get_avail_sec_cam(rtwdev, &sec_cam_idx, ext_key);
286 	if (ret) {
287 		rtw89_warn(rtwdev, "no available sec cam: %d ext: %d\n",
288 			   ret, ext_key);
289 		return ret;
290 	}
291 
292 	sec_cam = kzalloc(sizeof(*sec_cam), GFP_KERNEL);
293 	if (!sec_cam) {
294 		ret = -ENOMEM;
295 		goto err_release_cam;
296 	}
297 
298 	sec_cam->sec_cam_idx = sec_cam_idx;
299 	sec_cam->type = hw_key_type;
300 	sec_cam->len = RTW89_SEC_CAM_LEN;
301 	sec_cam->ext_key = ext_key;
302 	memcpy(sec_cam->key, key->key, key->keylen);
303 	ret = rtw89_cam_send_sec_key_cmd(rtwdev, sec_cam);
304 	if (ret) {
305 		rtw89_err(rtwdev, "failed to send sec key cmd: %d\n", ret);
306 		goto err_release_cam;
307 	}
308 
309 	/* associate with addr cam */
310 	ret = rtw89_cam_attach_sec_cam(rtwdev, vif, sta, key, sec_cam);
311 	if (ret) {
312 		rtw89_err(rtwdev, "failed to attach sec cam: %d\n", ret);
313 		goto err_release_cam;
314 	}
315 
316 	return 0;
317 
318 err_release_cam:
319 	kfree(sec_cam);
320 	clear_bit(sec_cam_idx, cam_info->sec_cam_map);
321 	if (ext_key)
322 		clear_bit(sec_cam_idx + 1, cam_info->sec_cam_map);
323 
324 	return ret;
325 }
326 
327 int rtw89_cam_sec_key_add(struct rtw89_dev *rtwdev,
328 			  struct ieee80211_vif *vif,
329 			  struct ieee80211_sta *sta,
330 			  struct ieee80211_key_conf *key)
331 {
332 	const struct rtw89_chip_info *chip = rtwdev->chip;
333 	u8 hw_key_type;
334 	bool ext_key = false;
335 	int ret;
336 
337 	switch (key->cipher) {
338 	case WLAN_CIPHER_SUITE_WEP40:
339 		hw_key_type = RTW89_SEC_KEY_TYPE_WEP40;
340 		break;
341 	case WLAN_CIPHER_SUITE_WEP104:
342 		hw_key_type = RTW89_SEC_KEY_TYPE_WEP104;
343 		break;
344 	case WLAN_CIPHER_SUITE_CCMP:
345 		hw_key_type = RTW89_SEC_KEY_TYPE_CCMP128;
346 		key->flags |= IEEE80211_KEY_FLAG_SW_MGMT_TX;
347 		break;
348 	case WLAN_CIPHER_SUITE_CCMP_256:
349 		hw_key_type = RTW89_SEC_KEY_TYPE_CCMP256;
350 		key->flags |= IEEE80211_KEY_FLAG_SW_MGMT_TX;
351 		ext_key = true;
352 		break;
353 	case WLAN_CIPHER_SUITE_GCMP:
354 		hw_key_type = RTW89_SEC_KEY_TYPE_GCMP128;
355 		key->flags |= IEEE80211_KEY_FLAG_SW_MGMT_TX;
356 		break;
357 	case WLAN_CIPHER_SUITE_GCMP_256:
358 		hw_key_type = RTW89_SEC_KEY_TYPE_GCMP256;
359 		key->flags |= IEEE80211_KEY_FLAG_SW_MGMT_TX;
360 		ext_key = true;
361 		break;
362 	case WLAN_CIPHER_SUITE_AES_CMAC:
363 		hw_key_type = RTW89_SEC_KEY_TYPE_BIP_CCMP128;
364 		break;
365 	default:
366 		return -EOPNOTSUPP;
367 	}
368 
369 	if (!chip->hw_sec_hdr)
370 		key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV;
371 
372 	ret = rtw89_cam_sec_key_install(rtwdev, vif, sta, key, hw_key_type,
373 					ext_key);
374 	if (ret) {
375 		rtw89_err(rtwdev, "failed to install key type %d ext %d: %d\n",
376 			  hw_key_type, ext_key, ret);
377 		return ret;
378 	}
379 
380 	return 0;
381 }
382 
383 int rtw89_cam_sec_key_del(struct rtw89_dev *rtwdev,
384 			  struct ieee80211_vif *vif,
385 			  struct ieee80211_sta *sta,
386 			  struct ieee80211_key_conf *key,
387 			  bool inform_fw)
388 {
389 	struct rtw89_sta *rtwsta = sta_to_rtwsta_safe(sta);
390 	struct rtw89_cam_info *cam_info = &rtwdev->cam_info;
391 	struct rtw89_vif *rtwvif;
392 	struct rtw89_addr_cam_entry *addr_cam;
393 	struct rtw89_sec_cam_entry *sec_cam;
394 	u8 key_idx = key->hw_key_idx;
395 	u8 sec_cam_idx;
396 	int ret = 0;
397 
398 	if (!vif) {
399 		rtw89_err(rtwdev, "No iface for deleting sec cam\n");
400 		return -EINVAL;
401 	}
402 
403 	rtwvif = (struct rtw89_vif *)vif->drv_priv;
404 	addr_cam = rtw89_get_addr_cam_of(rtwvif, rtwsta);
405 	sec_cam = addr_cam->sec_entries[key_idx];
406 	if (!sec_cam)
407 		return -EINVAL;
408 
409 	/* detach sec cam from addr cam */
410 	clear_bit(key_idx, addr_cam->sec_cam_map);
411 	addr_cam->sec_entries[key_idx] = NULL;
412 	if (inform_fw) {
413 		ret = rtw89_chip_h2c_dctl_sec_cam(rtwdev, rtwvif, rtwsta);
414 		if (ret)
415 			rtw89_err(rtwdev, "failed to update dctl cam del key: %d\n", ret);
416 		ret = rtw89_fw_h2c_cam(rtwdev, rtwvif, rtwsta, NULL);
417 		if (ret)
418 			rtw89_err(rtwdev, "failed to update cam del key: %d\n", ret);
419 	}
420 
421 	/* clear valid bit in addr cam will disable sec cam,
422 	 * so we don't need to send H2C command again
423 	 */
424 	sec_cam_idx = sec_cam->sec_cam_idx;
425 	clear_bit(sec_cam_idx, cam_info->sec_cam_map);
426 	if (sec_cam->ext_key)
427 		clear_bit(sec_cam_idx + 1, cam_info->sec_cam_map);
428 
429 	kfree(sec_cam);
430 
431 	return ret;
432 }
433 
434 static void rtw89_cam_reset_key_iter(struct ieee80211_hw *hw,
435 				     struct ieee80211_vif *vif,
436 				     struct ieee80211_sta *sta,
437 				     struct ieee80211_key_conf *key,
438 				     void *data)
439 {
440 	struct rtw89_dev *rtwdev = (struct rtw89_dev *)data;
441 
442 	rtw89_cam_sec_key_del(rtwdev, vif, sta, key, false);
443 }
444 
445 void rtw89_cam_deinit_addr_cam(struct rtw89_dev *rtwdev,
446 			       struct rtw89_addr_cam_entry *addr_cam)
447 {
448 	struct rtw89_cam_info *cam_info = &rtwdev->cam_info;
449 
450 	addr_cam->valid = false;
451 	clear_bit(addr_cam->addr_cam_idx, cam_info->addr_cam_map);
452 }
453 
454 void rtw89_cam_deinit_bssid_cam(struct rtw89_dev *rtwdev,
455 				struct rtw89_bssid_cam_entry *bssid_cam)
456 {
457 	struct rtw89_cam_info *cam_info = &rtwdev->cam_info;
458 
459 	bssid_cam->valid = false;
460 	clear_bit(bssid_cam->bssid_cam_idx, cam_info->bssid_cam_map);
461 }
462 
463 void rtw89_cam_deinit(struct rtw89_dev *rtwdev, struct rtw89_vif *rtwvif)
464 {
465 	struct rtw89_addr_cam_entry *addr_cam = &rtwvif->addr_cam;
466 	struct rtw89_bssid_cam_entry *bssid_cam = &rtwvif->bssid_cam;
467 
468 	rtw89_cam_deinit_addr_cam(rtwdev, addr_cam);
469 	rtw89_cam_deinit_bssid_cam(rtwdev, bssid_cam);
470 }
471 
472 void rtw89_cam_reset_keys(struct rtw89_dev *rtwdev)
473 {
474 	rcu_read_lock();
475 	ieee80211_iter_keys_rcu(rtwdev->hw, NULL, rtw89_cam_reset_key_iter, rtwdev);
476 	rcu_read_unlock();
477 }
478 
479 static int rtw89_cam_get_avail_addr_cam(struct rtw89_dev *rtwdev,
480 					u8 *addr_cam_idx)
481 {
482 	const struct rtw89_chip_info *chip = rtwdev->chip;
483 	struct rtw89_cam_info *cam_info = &rtwdev->cam_info;
484 	u8 addr_cam_num = chip->acam_num;
485 	u8 idx;
486 
487 	idx = find_first_zero_bit(cam_info->addr_cam_map, addr_cam_num);
488 	if (idx >= addr_cam_num)
489 		return -EBUSY;
490 
491 	set_bit(idx, cam_info->addr_cam_map);
492 	*addr_cam_idx = idx;
493 
494 	return 0;
495 }
496 
497 static u8 rtw89_get_addr_cam_entry_size(struct rtw89_dev *rtwdev)
498 {
499 	const struct rtw89_chip_info *chip = rtwdev->chip;
500 
501 	switch (chip->chip_id) {
502 	case RTL8852A:
503 	case RTL8852B:
504 	case RTL8851B:
505 		return ADDR_CAM_ENT_SIZE;
506 	default:
507 		return ADDR_CAM_ENT_SHORT_SIZE;
508 	}
509 }
510 
511 int rtw89_cam_init_addr_cam(struct rtw89_dev *rtwdev,
512 			    struct rtw89_addr_cam_entry *addr_cam,
513 			    const struct rtw89_bssid_cam_entry *bssid_cam)
514 {
515 	u8 addr_cam_idx;
516 	int i;
517 	int ret;
518 
519 	if (unlikely(addr_cam->valid)) {
520 		rtw89_debug(rtwdev, RTW89_DBG_FW,
521 			    "addr cam is already valid; skip init\n");
522 		return 0;
523 	}
524 
525 	ret = rtw89_cam_get_avail_addr_cam(rtwdev, &addr_cam_idx);
526 	if (ret) {
527 		rtw89_err(rtwdev, "failed to get available addr cam\n");
528 		return ret;
529 	}
530 
531 	addr_cam->addr_cam_idx = addr_cam_idx;
532 	addr_cam->len = rtw89_get_addr_cam_entry_size(rtwdev);
533 	addr_cam->offset = 0;
534 	addr_cam->valid = true;
535 	addr_cam->addr_mask = 0;
536 	addr_cam->mask_sel = RTW89_NO_MSK;
537 	addr_cam->sec_ent_mode = RTW89_ADDR_CAM_SEC_NORMAL;
538 	bitmap_zero(addr_cam->sec_cam_map, RTW89_SEC_CAM_IN_ADDR_CAM);
539 
540 	for (i = 0; i < RTW89_SEC_CAM_IN_ADDR_CAM; i++) {
541 		addr_cam->sec_ent_keyid[i] = 0;
542 		addr_cam->sec_ent[i] = 0;
543 	}
544 
545 	/* associate addr cam with bssid cam */
546 	addr_cam->bssid_cam_idx = bssid_cam->bssid_cam_idx;
547 
548 	return 0;
549 }
550 
551 static int rtw89_cam_get_avail_bssid_cam(struct rtw89_dev *rtwdev,
552 					 u8 *bssid_cam_idx)
553 {
554 	const struct rtw89_chip_info *chip = rtwdev->chip;
555 	struct rtw89_cam_info *cam_info = &rtwdev->cam_info;
556 	u8 bssid_cam_num = chip->bcam_num;
557 	u8 idx;
558 
559 	idx = find_first_zero_bit(cam_info->bssid_cam_map, bssid_cam_num);
560 	if (idx >= bssid_cam_num)
561 		return -EBUSY;
562 
563 	set_bit(idx, cam_info->bssid_cam_map);
564 	*bssid_cam_idx = idx;
565 
566 	return 0;
567 }
568 
569 int rtw89_cam_init_bssid_cam(struct rtw89_dev *rtwdev,
570 			     struct rtw89_vif *rtwvif,
571 			     struct rtw89_bssid_cam_entry *bssid_cam,
572 			     const u8 *bssid)
573 {
574 	u8 bssid_cam_idx;
575 	int ret;
576 
577 	if (unlikely(bssid_cam->valid)) {
578 		rtw89_debug(rtwdev, RTW89_DBG_FW,
579 			    "bssid cam is already valid; skip init\n");
580 		return 0;
581 	}
582 
583 	ret = rtw89_cam_get_avail_bssid_cam(rtwdev, &bssid_cam_idx);
584 	if (ret) {
585 		rtw89_err(rtwdev, "failed to get available bssid cam\n");
586 		return ret;
587 	}
588 
589 	bssid_cam->bssid_cam_idx = bssid_cam_idx;
590 	bssid_cam->phy_idx = rtwvif->phy_idx;
591 	bssid_cam->len = BSSID_CAM_ENT_SIZE;
592 	bssid_cam->offset = 0;
593 	bssid_cam->valid = true;
594 	ether_addr_copy(bssid_cam->bssid, bssid);
595 
596 	return 0;
597 }
598 
599 void rtw89_cam_bssid_changed(struct rtw89_dev *rtwdev, struct rtw89_vif *rtwvif)
600 {
601 	struct rtw89_bssid_cam_entry *bssid_cam = &rtwvif->bssid_cam;
602 
603 	ether_addr_copy(bssid_cam->bssid, rtwvif->bssid);
604 }
605 
606 int rtw89_cam_init(struct rtw89_dev *rtwdev, struct rtw89_vif *rtwvif)
607 {
608 	struct rtw89_addr_cam_entry *addr_cam = &rtwvif->addr_cam;
609 	struct rtw89_bssid_cam_entry *bssid_cam = &rtwvif->bssid_cam;
610 	int ret;
611 
612 	ret = rtw89_cam_init_bssid_cam(rtwdev, rtwvif, bssid_cam, rtwvif->bssid);
613 	if (ret) {
614 		rtw89_err(rtwdev, "failed to init bssid cam\n");
615 		return ret;
616 	}
617 
618 	ret = rtw89_cam_init_addr_cam(rtwdev, addr_cam, bssid_cam);
619 	if (ret) {
620 		rtw89_err(rtwdev, "failed to init addr cam\n");
621 		return ret;
622 	}
623 
624 	return 0;
625 }
626 
627 int rtw89_cam_fill_bssid_cam_info(struct rtw89_dev *rtwdev,
628 				  struct rtw89_vif *rtwvif,
629 				  struct rtw89_sta *rtwsta, u8 *cmd)
630 {
631 	struct ieee80211_vif *vif = rtwvif_to_vif(rtwvif);
632 	struct rtw89_bssid_cam_entry *bssid_cam = rtw89_get_bssid_cam_of(rtwvif, rtwsta);
633 	u8 bss_color = vif->bss_conf.he_bss_color.color;
634 	u8 bss_mask;
635 
636 	if (vif->bss_conf.nontransmitted)
637 		bss_mask = RTW89_BSSID_MATCH_5_BYTES;
638 	else
639 		bss_mask = RTW89_BSSID_MATCH_ALL;
640 
641 	FWCMD_SET_ADDR_BSSID_IDX(cmd, bssid_cam->bssid_cam_idx);
642 	FWCMD_SET_ADDR_BSSID_OFFSET(cmd, bssid_cam->offset);
643 	FWCMD_SET_ADDR_BSSID_LEN(cmd, bssid_cam->len);
644 	FWCMD_SET_ADDR_BSSID_VALID(cmd, bssid_cam->valid);
645 	FWCMD_SET_ADDR_BSSID_MASK(cmd, bss_mask);
646 	FWCMD_SET_ADDR_BSSID_BB_SEL(cmd, bssid_cam->phy_idx);
647 	FWCMD_SET_ADDR_BSSID_BSS_COLOR(cmd, bss_color);
648 
649 	FWCMD_SET_ADDR_BSSID_BSSID0(cmd, bssid_cam->bssid[0]);
650 	FWCMD_SET_ADDR_BSSID_BSSID1(cmd, bssid_cam->bssid[1]);
651 	FWCMD_SET_ADDR_BSSID_BSSID2(cmd, bssid_cam->bssid[2]);
652 	FWCMD_SET_ADDR_BSSID_BSSID3(cmd, bssid_cam->bssid[3]);
653 	FWCMD_SET_ADDR_BSSID_BSSID4(cmd, bssid_cam->bssid[4]);
654 	FWCMD_SET_ADDR_BSSID_BSSID5(cmd, bssid_cam->bssid[5]);
655 
656 	return 0;
657 }
658 
659 static u8 rtw89_cam_addr_hash(u8 start, const u8 *addr)
660 {
661 	u8 hash = 0;
662 	u8 i;
663 
664 	for (i = start; i < ETH_ALEN; i++)
665 		hash ^= addr[i];
666 
667 	return hash;
668 }
669 
670 void rtw89_cam_fill_addr_cam_info(struct rtw89_dev *rtwdev,
671 				  struct rtw89_vif *rtwvif,
672 				  struct rtw89_sta *rtwsta,
673 				  const u8 *scan_mac_addr,
674 				  u8 *cmd)
675 {
676 	struct ieee80211_vif *vif = rtwvif_to_vif(rtwvif);
677 	struct rtw89_addr_cam_entry *addr_cam = rtw89_get_addr_cam_of(rtwvif, rtwsta);
678 	struct ieee80211_sta *sta = rtwsta_to_sta_safe(rtwsta);
679 	const u8 *sma = scan_mac_addr ? scan_mac_addr : rtwvif->mac_addr;
680 	u8 sma_hash, tma_hash, addr_msk_start;
681 	u8 sma_start = 0;
682 	u8 tma_start = 0;
683 	u8 *tma = sta ? sta->addr : rtwvif->bssid;
684 
685 	if (addr_cam->addr_mask != 0) {
686 		addr_msk_start = __ffs(addr_cam->addr_mask);
687 		if (addr_cam->mask_sel == RTW89_SMA)
688 			sma_start = addr_msk_start;
689 		else if (addr_cam->mask_sel == RTW89_TMA)
690 			tma_start = addr_msk_start;
691 	}
692 	sma_hash = rtw89_cam_addr_hash(sma_start, sma);
693 	tma_hash = rtw89_cam_addr_hash(tma_start, tma);
694 
695 	FWCMD_SET_ADDR_IDX(cmd, addr_cam->addr_cam_idx);
696 	FWCMD_SET_ADDR_OFFSET(cmd, addr_cam->offset);
697 	FWCMD_SET_ADDR_LEN(cmd, addr_cam->len);
698 
699 	FWCMD_SET_ADDR_VALID(cmd, addr_cam->valid);
700 	FWCMD_SET_ADDR_NET_TYPE(cmd, rtwvif->net_type);
701 	FWCMD_SET_ADDR_BCN_HIT_COND(cmd, rtwvif->bcn_hit_cond);
702 	FWCMD_SET_ADDR_HIT_RULE(cmd, rtwvif->hit_rule);
703 	FWCMD_SET_ADDR_BB_SEL(cmd, rtwvif->phy_idx);
704 	FWCMD_SET_ADDR_ADDR_MASK(cmd, addr_cam->addr_mask);
705 	FWCMD_SET_ADDR_MASK_SEL(cmd, addr_cam->mask_sel);
706 	FWCMD_SET_ADDR_SMA_HASH(cmd, sma_hash);
707 	FWCMD_SET_ADDR_TMA_HASH(cmd, tma_hash);
708 
709 	FWCMD_SET_ADDR_BSSID_CAM_IDX(cmd, addr_cam->bssid_cam_idx);
710 
711 	FWCMD_SET_ADDR_SMA0(cmd, sma[0]);
712 	FWCMD_SET_ADDR_SMA1(cmd, sma[1]);
713 	FWCMD_SET_ADDR_SMA2(cmd, sma[2]);
714 	FWCMD_SET_ADDR_SMA3(cmd, sma[3]);
715 	FWCMD_SET_ADDR_SMA4(cmd, sma[4]);
716 	FWCMD_SET_ADDR_SMA5(cmd, sma[5]);
717 
718 	FWCMD_SET_ADDR_TMA0(cmd, tma[0]);
719 	FWCMD_SET_ADDR_TMA1(cmd, tma[1]);
720 	FWCMD_SET_ADDR_TMA2(cmd, tma[2]);
721 	FWCMD_SET_ADDR_TMA3(cmd, tma[3]);
722 	FWCMD_SET_ADDR_TMA4(cmd, tma[4]);
723 	FWCMD_SET_ADDR_TMA5(cmd, tma[5]);
724 
725 	FWCMD_SET_ADDR_PORT_INT(cmd, rtwvif->port);
726 	FWCMD_SET_ADDR_TSF_SYNC(cmd, rtwvif->port);
727 	FWCMD_SET_ADDR_TF_TRS(cmd, rtwvif->trigger);
728 	FWCMD_SET_ADDR_LSIG_TXOP(cmd, rtwvif->lsig_txop);
729 	FWCMD_SET_ADDR_TGT_IND(cmd, rtwvif->tgt_ind);
730 	FWCMD_SET_ADDR_FRM_TGT_IND(cmd, rtwvif->frm_tgt_ind);
731 	FWCMD_SET_ADDR_MACID(cmd, rtwsta ? rtwsta->mac_id : rtwvif->mac_id);
732 	if (rtwvif->net_type == RTW89_NET_TYPE_INFRA)
733 		FWCMD_SET_ADDR_AID12(cmd, vif->cfg.aid & 0xfff);
734 	else if (rtwvif->net_type == RTW89_NET_TYPE_AP_MODE)
735 		FWCMD_SET_ADDR_AID12(cmd, sta ? sta->aid & 0xfff : 0);
736 	FWCMD_SET_ADDR_WOL_PATTERN(cmd, rtwvif->wowlan_pattern);
737 	FWCMD_SET_ADDR_WOL_UC(cmd, rtwvif->wowlan_uc);
738 	FWCMD_SET_ADDR_WOL_MAGIC(cmd, rtwvif->wowlan_magic);
739 	FWCMD_SET_ADDR_WAPI(cmd, addr_cam->wapi);
740 	FWCMD_SET_ADDR_SEC_ENT_MODE(cmd, addr_cam->sec_ent_mode);
741 	FWCMD_SET_ADDR_SEC_ENT0_KEYID(cmd, addr_cam->sec_ent_keyid[0]);
742 	FWCMD_SET_ADDR_SEC_ENT1_KEYID(cmd, addr_cam->sec_ent_keyid[1]);
743 	FWCMD_SET_ADDR_SEC_ENT2_KEYID(cmd, addr_cam->sec_ent_keyid[2]);
744 	FWCMD_SET_ADDR_SEC_ENT3_KEYID(cmd, addr_cam->sec_ent_keyid[3]);
745 	FWCMD_SET_ADDR_SEC_ENT4_KEYID(cmd, addr_cam->sec_ent_keyid[4]);
746 	FWCMD_SET_ADDR_SEC_ENT5_KEYID(cmd, addr_cam->sec_ent_keyid[5]);
747 	FWCMD_SET_ADDR_SEC_ENT6_KEYID(cmd, addr_cam->sec_ent_keyid[6]);
748 
749 	FWCMD_SET_ADDR_SEC_ENT_VALID(cmd, addr_cam->sec_cam_map[0] & 0xff);
750 	FWCMD_SET_ADDR_SEC_ENT0(cmd, addr_cam->sec_ent[0]);
751 	FWCMD_SET_ADDR_SEC_ENT1(cmd, addr_cam->sec_ent[1]);
752 	FWCMD_SET_ADDR_SEC_ENT2(cmd, addr_cam->sec_ent[2]);
753 	FWCMD_SET_ADDR_SEC_ENT3(cmd, addr_cam->sec_ent[3]);
754 	FWCMD_SET_ADDR_SEC_ENT4(cmd, addr_cam->sec_ent[4]);
755 	FWCMD_SET_ADDR_SEC_ENT5(cmd, addr_cam->sec_ent[5]);
756 	FWCMD_SET_ADDR_SEC_ENT6(cmd, addr_cam->sec_ent[6]);
757 }
758 
759 void rtw89_cam_fill_dctl_sec_cam_info_v1(struct rtw89_dev *rtwdev,
760 					 struct rtw89_vif *rtwvif,
761 					 struct rtw89_sta *rtwsta,
762 					 struct rtw89_h2c_dctlinfo_ud_v1 *h2c)
763 {
764 	struct rtw89_addr_cam_entry *addr_cam = rtw89_get_addr_cam_of(rtwvif, rtwsta);
765 	struct rtw89_wow_param *rtw_wow = &rtwdev->wow;
766 	u8 *ptk_tx_iv = rtw_wow->key_info.ptk_tx_iv;
767 
768 	h2c->c0 = le32_encode_bits(rtwsta ? rtwsta->mac_id : rtwvif->mac_id,
769 				   DCTLINFO_V1_C0_MACID) |
770 		  le32_encode_bits(1, DCTLINFO_V1_C0_OP);
771 
772 	h2c->w4 = le32_encode_bits(addr_cam->sec_ent_keyid[0],
773 				   DCTLINFO_V1_W4_SEC_ENT0_KEYID) |
774 		  le32_encode_bits(addr_cam->sec_ent_keyid[1],
775 				   DCTLINFO_V1_W4_SEC_ENT1_KEYID) |
776 		  le32_encode_bits(addr_cam->sec_ent_keyid[2],
777 				   DCTLINFO_V1_W4_SEC_ENT2_KEYID) |
778 		  le32_encode_bits(addr_cam->sec_ent_keyid[3],
779 				   DCTLINFO_V1_W4_SEC_ENT3_KEYID) |
780 		  le32_encode_bits(addr_cam->sec_ent_keyid[4],
781 				   DCTLINFO_V1_W4_SEC_ENT4_KEYID) |
782 		  le32_encode_bits(addr_cam->sec_ent_keyid[5],
783 				   DCTLINFO_V1_W4_SEC_ENT5_KEYID) |
784 		  le32_encode_bits(addr_cam->sec_ent_keyid[6],
785 				   DCTLINFO_V1_W4_SEC_ENT6_KEYID);
786 	h2c->m4 = cpu_to_le32(DCTLINFO_V1_W4_SEC_ENT0_KEYID |
787 			      DCTLINFO_V1_W4_SEC_ENT1_KEYID |
788 			      DCTLINFO_V1_W4_SEC_ENT2_KEYID |
789 			      DCTLINFO_V1_W4_SEC_ENT3_KEYID |
790 			      DCTLINFO_V1_W4_SEC_ENT4_KEYID |
791 			      DCTLINFO_V1_W4_SEC_ENT5_KEYID |
792 			      DCTLINFO_V1_W4_SEC_ENT6_KEYID);
793 
794 	h2c->w5 = le32_encode_bits(addr_cam->sec_cam_map[0] & 0xff,
795 				   DCTLINFO_V1_W5_SEC_ENT_VALID) |
796 		  le32_encode_bits(addr_cam->sec_ent[0],
797 				   DCTLINFO_V1_W5_SEC_ENT0) |
798 		  le32_encode_bits(addr_cam->sec_ent[1],
799 				   DCTLINFO_V1_W5_SEC_ENT1) |
800 		  le32_encode_bits(addr_cam->sec_ent[2],
801 				   DCTLINFO_V1_W5_SEC_ENT2);
802 	h2c->m5 = cpu_to_le32(DCTLINFO_V1_W5_SEC_ENT_VALID |
803 			      DCTLINFO_V1_W5_SEC_ENT0      |
804 			      DCTLINFO_V1_W5_SEC_ENT1      |
805 			      DCTLINFO_V1_W5_SEC_ENT2);
806 
807 	h2c->w6 = le32_encode_bits(addr_cam->sec_ent[3],
808 				   DCTLINFO_V1_W6_SEC_ENT3) |
809 		  le32_encode_bits(addr_cam->sec_ent[4],
810 				   DCTLINFO_V1_W6_SEC_ENT4) |
811 		  le32_encode_bits(addr_cam->sec_ent[5],
812 				   DCTLINFO_V1_W6_SEC_ENT5) |
813 		  le32_encode_bits(addr_cam->sec_ent[6],
814 				   DCTLINFO_V1_W6_SEC_ENT6);
815 	h2c->m6 = cpu_to_le32(DCTLINFO_V1_W6_SEC_ENT3 |
816 			      DCTLINFO_V1_W6_SEC_ENT4 |
817 			      DCTLINFO_V1_W6_SEC_ENT5 |
818 			      DCTLINFO_V1_W6_SEC_ENT6);
819 
820 	if (rtw_wow->ptk_alg) {
821 		h2c->w0 = le32_encode_bits(ptk_tx_iv[0] | ptk_tx_iv[1] << 8,
822 					   DCTLINFO_V1_W0_AES_IV_L);
823 		h2c->m0 = cpu_to_le32(DCTLINFO_V1_W0_AES_IV_L);
824 
825 		h2c->w1 = le32_encode_bits(ptk_tx_iv[4]       |
826 					   ptk_tx_iv[5] << 8  |
827 					   ptk_tx_iv[6] << 16 |
828 					   ptk_tx_iv[7] << 24,
829 					   DCTLINFO_V1_W1_AES_IV_H);
830 		h2c->m1 = cpu_to_le32(DCTLINFO_V1_W1_AES_IV_H);
831 
832 		h2c->w4 |= le32_encode_bits(rtw_wow->ptk_keyidx,
833 					    DCTLINFO_V1_W4_SEC_KEY_ID);
834 		h2c->m4 |= cpu_to_le32(DCTLINFO_V1_W4_SEC_KEY_ID);
835 	}
836 }
837 
838 void rtw89_cam_fill_dctl_sec_cam_info_v2(struct rtw89_dev *rtwdev,
839 					 struct rtw89_vif *rtwvif,
840 					 struct rtw89_sta *rtwsta,
841 					 struct rtw89_h2c_dctlinfo_ud_v2 *h2c)
842 {
843 	struct rtw89_addr_cam_entry *addr_cam = rtw89_get_addr_cam_of(rtwvif, rtwsta);
844 	struct rtw89_wow_param *rtw_wow = &rtwdev->wow;
845 	u8 *ptk_tx_iv = rtw_wow->key_info.ptk_tx_iv;
846 
847 	h2c->c0 = le32_encode_bits(rtwsta ? rtwsta->mac_id : rtwvif->mac_id,
848 				   DCTLINFO_V2_C0_MACID) |
849 		  le32_encode_bits(1, DCTLINFO_V2_C0_OP);
850 
851 	h2c->w4 = le32_encode_bits(addr_cam->sec_ent_keyid[0],
852 				   DCTLINFO_V2_W4_SEC_ENT0_KEYID) |
853 		  le32_encode_bits(addr_cam->sec_ent_keyid[1],
854 				   DCTLINFO_V2_W4_SEC_ENT1_KEYID) |
855 		  le32_encode_bits(addr_cam->sec_ent_keyid[2],
856 				   DCTLINFO_V2_W4_SEC_ENT2_KEYID) |
857 		  le32_encode_bits(addr_cam->sec_ent_keyid[3],
858 				   DCTLINFO_V2_W4_SEC_ENT3_KEYID) |
859 		  le32_encode_bits(addr_cam->sec_ent_keyid[4],
860 				   DCTLINFO_V2_W4_SEC_ENT4_KEYID) |
861 		  le32_encode_bits(addr_cam->sec_ent_keyid[5],
862 				   DCTLINFO_V2_W4_SEC_ENT5_KEYID) |
863 		  le32_encode_bits(addr_cam->sec_ent_keyid[6],
864 				   DCTLINFO_V2_W4_SEC_ENT6_KEYID);
865 	h2c->m4 = cpu_to_le32(DCTLINFO_V2_W4_SEC_ENT0_KEYID |
866 			      DCTLINFO_V2_W4_SEC_ENT1_KEYID |
867 			      DCTLINFO_V2_W4_SEC_ENT2_KEYID |
868 			      DCTLINFO_V2_W4_SEC_ENT3_KEYID |
869 			      DCTLINFO_V2_W4_SEC_ENT4_KEYID |
870 			      DCTLINFO_V2_W4_SEC_ENT5_KEYID |
871 			      DCTLINFO_V2_W4_SEC_ENT6_KEYID);
872 
873 	h2c->w5 = le32_encode_bits(addr_cam->sec_cam_map[0],
874 				   DCTLINFO_V2_W5_SEC_ENT_VALID_V1) |
875 		  le32_encode_bits(addr_cam->sec_ent[0],
876 				   DCTLINFO_V2_W5_SEC_ENT0_V1);
877 	h2c->m5 = cpu_to_le32(DCTLINFO_V2_W5_SEC_ENT_VALID_V1 |
878 			      DCTLINFO_V2_W5_SEC_ENT0_V1);
879 
880 	h2c->w6 = le32_encode_bits(addr_cam->sec_ent[1],
881 				   DCTLINFO_V2_W6_SEC_ENT1_V1) |
882 		  le32_encode_bits(addr_cam->sec_ent[2],
883 				   DCTLINFO_V2_W6_SEC_ENT2_V1) |
884 		  le32_encode_bits(addr_cam->sec_ent[3],
885 				   DCTLINFO_V2_W6_SEC_ENT3_V1) |
886 		  le32_encode_bits(addr_cam->sec_ent[4],
887 				   DCTLINFO_V2_W6_SEC_ENT4_V1);
888 	h2c->m6 = cpu_to_le32(DCTLINFO_V2_W6_SEC_ENT1_V1 |
889 			      DCTLINFO_V2_W6_SEC_ENT2_V1 |
890 			      DCTLINFO_V2_W6_SEC_ENT3_V1 |
891 			      DCTLINFO_V2_W6_SEC_ENT4_V1);
892 
893 	h2c->w7 = le32_encode_bits(addr_cam->sec_ent[5],
894 				   DCTLINFO_V2_W7_SEC_ENT5_V1) |
895 		  le32_encode_bits(addr_cam->sec_ent[6],
896 				   DCTLINFO_V2_W7_SEC_ENT6_V1);
897 	h2c->m7 = cpu_to_le32(DCTLINFO_V2_W7_SEC_ENT5_V1 |
898 			      DCTLINFO_V2_W7_SEC_ENT6_V1);
899 
900 	if (rtw_wow->ptk_alg) {
901 		h2c->w0 = le32_encode_bits(ptk_tx_iv[0] | ptk_tx_iv[1] << 8,
902 					   DCTLINFO_V2_W0_AES_IV_L);
903 		h2c->m0 = cpu_to_le32(DCTLINFO_V2_W0_AES_IV_L);
904 
905 		h2c->w1 = le32_encode_bits(ptk_tx_iv[4] |
906 					   ptk_tx_iv[5] << 8 |
907 					   ptk_tx_iv[6] << 16 |
908 					   ptk_tx_iv[7] << 24,
909 					   DCTLINFO_V2_W1_AES_IV_H);
910 		h2c->m1 = cpu_to_le32(DCTLINFO_V2_W1_AES_IV_H);
911 
912 		h2c->w4 |= le32_encode_bits(rtw_wow->ptk_keyidx,
913 					    DCTLINFO_V2_W4_SEC_KEY_ID);
914 		h2c->m4 |= cpu_to_le32(DCTLINFO_V2_W4_SEC_KEY_ID);
915 	}
916 }
917