1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * MLO link handling 4 * 5 * Copyright (C) 2022-2025 Intel Corporation 6 */ 7 #include <linux/slab.h> 8 #include <linux/kernel.h> 9 #include <net/mac80211.h> 10 #include "ieee80211_i.h" 11 #include "driver-ops.h" 12 #include "key.h" 13 #include "debugfs_netdev.h" 14 15 static void ieee80211_update_apvlan_links(struct ieee80211_sub_if_data *sdata) 16 { 17 unsigned long rem = ~sdata->vif.valid_links & 18 GENMASK(IEEE80211_MLD_MAX_NUM_LINKS - 1, 0); 19 struct ieee80211_local *local = sdata->local; 20 unsigned long add = sdata->vif.valid_links; 21 struct wiphy *wiphy = local->hw.wiphy; 22 struct ieee80211_sub_if_data *vlan; 23 struct ieee80211_link_data *link; 24 struct sta_info *sta; 25 26 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list) { 27 int link_id; 28 29 if (vlan->wdev.use_4addr) { 30 sta = wiphy_dereference(wiphy, 31 vlan->u.vlan.sta); 32 if (sta) 33 add = add & sta->sta.valid_links; 34 } 35 36 if (add == vlan->vif.valid_links) 37 continue; 38 39 for_each_set_bit(link_id, &add, IEEE80211_MLD_MAX_NUM_LINKS) { 40 vlan->wdev.valid_links |= BIT(link_id); 41 ether_addr_copy(vlan->wdev.links[link_id].addr, 42 sdata->wdev.links[link_id].addr); 43 } 44 45 for_each_set_bit(link_id, &rem, IEEE80211_MLD_MAX_NUM_LINKS) { 46 vlan->wdev.valid_links &= ~BIT(link_id); 47 eth_zero_addr(vlan->wdev.links[link_id].addr); 48 } 49 50 ieee80211_vif_set_links(vlan, add, 0); 51 52 for_each_set_bit(link_id, &add, IEEE80211_MLD_MAX_NUM_LINKS) { 53 link = sdata_dereference(vlan->link[link_id], vlan); 54 ieee80211_link_vlan_copy_chanctx(link); 55 } 56 } 57 } 58 59 void ieee80211_apvlan_link_setup(struct ieee80211_sub_if_data *sdata) 60 { 61 struct ieee80211_sub_if_data *ap_bss = container_of(sdata->bss, 62 struct ieee80211_sub_if_data, u.ap); 63 u16 new_links = ap_bss->vif.valid_links; 64 unsigned long add; 65 int link_id; 66 67 if (!ap_bss->vif.valid_links) 68 return; 69 70 add = new_links; 71 for_each_set_bit(link_id, &add, IEEE80211_MLD_MAX_NUM_LINKS) { 72 sdata->wdev.valid_links |= BIT(link_id); 73 ether_addr_copy(sdata->wdev.links[link_id].addr, 74 ap_bss->wdev.links[link_id].addr); 75 } 76 77 ieee80211_vif_set_links(sdata, new_links, 0); 78 } 79 80 void ieee80211_apvlan_link_clear(struct ieee80211_sub_if_data *sdata) 81 { 82 if (!sdata->wdev.valid_links) 83 return; 84 85 sdata->wdev.valid_links = 0; 86 ieee80211_vif_clear_links(sdata); 87 } 88 89 void ieee80211_link_setup(struct ieee80211_link_data *link) 90 { 91 if (link->sdata->vif.type == NL80211_IFTYPE_STATION) 92 ieee80211_mgd_setup_link(link); 93 } 94 95 void ieee80211_link_init(struct ieee80211_sub_if_data *sdata, 96 int link_id, 97 struct ieee80211_link_data *link, 98 struct ieee80211_bss_conf *link_conf) 99 { 100 bool deflink = link_id < 0; 101 102 if (link_id < 0) 103 link_id = 0; 104 105 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) { 106 struct ieee80211_sub_if_data *ap_bss; 107 struct ieee80211_bss_conf *ap_bss_conf; 108 109 ap_bss = container_of(sdata->bss, 110 struct ieee80211_sub_if_data, u.ap); 111 112 if (deflink) 113 ap_bss_conf = &ap_bss->vif.bss_conf; 114 else 115 ap_bss_conf = sdata_dereference(ap_bss->vif.link_conf[link_id], 116 ap_bss); 117 118 memcpy(link_conf, ap_bss_conf, sizeof(*link_conf)); 119 } 120 121 link->sdata = sdata; 122 link->link_id = link_id; 123 link->conf = link_conf; 124 link_conf->link_id = link_id; 125 link_conf->vif = &sdata->vif; 126 link->ap_power_level = IEEE80211_UNSET_POWER_LEVEL; 127 link->user_power_level = sdata->local->user_power_level; 128 link_conf->txpower = INT_MIN; 129 130 wiphy_work_init(&link->csa.finalize_work, 131 ieee80211_csa_finalize_work); 132 wiphy_work_init(&link->color_change_finalize_work, 133 ieee80211_color_change_finalize_work); 134 wiphy_delayed_work_init(&link->color_collision_detect_work, 135 ieee80211_color_collision_detection_work); 136 wiphy_hrtimer_work_init(&link->dfs_cac_timer_work, 137 ieee80211_dfs_cac_timer_work); 138 139 if (!deflink) { 140 switch (sdata->vif.type) { 141 case NL80211_IFTYPE_AP: 142 case NL80211_IFTYPE_AP_VLAN: 143 ether_addr_copy(link_conf->addr, 144 sdata->wdev.links[link_id].addr); 145 link_conf->bssid = link_conf->addr; 146 WARN_ON(!(sdata->wdev.valid_links & BIT(link_id))); 147 break; 148 case NL80211_IFTYPE_STATION: 149 /* station sets the bssid in ieee80211_mgd_setup_link */ 150 break; 151 default: 152 WARN_ON(1); 153 } 154 155 ieee80211_link_debugfs_add(link); 156 } 157 158 rcu_assign_pointer(sdata->vif.link_conf[link_id], link_conf); 159 rcu_assign_pointer(sdata->link[link_id], link); 160 } 161 162 void ieee80211_link_stop(struct ieee80211_link_data *link) 163 { 164 if (link->sdata->vif.type == NL80211_IFTYPE_STATION) 165 ieee80211_mgd_stop_link(link); 166 167 wiphy_delayed_work_cancel(link->sdata->local->hw.wiphy, 168 &link->color_collision_detect_work); 169 wiphy_work_cancel(link->sdata->local->hw.wiphy, 170 &link->color_change_finalize_work); 171 wiphy_work_cancel(link->sdata->local->hw.wiphy, 172 &link->csa.finalize_work); 173 174 if (link->sdata->wdev.links[link->link_id].cac_started) { 175 wiphy_hrtimer_work_cancel(link->sdata->local->hw.wiphy, 176 &link->dfs_cac_timer_work); 177 cfg80211_cac_event(link->sdata->dev, 178 &link->conf->chanreq.oper, 179 NL80211_RADAR_CAC_ABORTED, 180 GFP_KERNEL, link->link_id); 181 } 182 183 ieee80211_link_release_channel(link); 184 } 185 186 struct link_container { 187 struct ieee80211_link_data data; 188 struct ieee80211_bss_conf conf; 189 }; 190 191 static void ieee80211_tear_down_links(struct ieee80211_sub_if_data *sdata, 192 struct link_container **links, u16 mask) 193 { 194 struct ieee80211_link_data *link; 195 LIST_HEAD(keys); 196 unsigned int link_id; 197 198 for (link_id = 0; link_id < IEEE80211_MLD_MAX_NUM_LINKS; link_id++) { 199 if (!(mask & BIT(link_id))) 200 continue; 201 link = &links[link_id]->data; 202 if (link_id == 0 && !link) 203 link = &sdata->deflink; 204 if (WARN_ON(!link)) 205 continue; 206 ieee80211_remove_link_keys(link, &keys); 207 ieee80211_link_debugfs_remove(link); 208 ieee80211_link_stop(link); 209 } 210 211 synchronize_rcu(); 212 213 ieee80211_free_key_list(sdata->local, &keys); 214 } 215 216 static void ieee80211_free_links(struct ieee80211_sub_if_data *sdata, 217 struct link_container **links) 218 { 219 unsigned int link_id; 220 221 for (link_id = 0; link_id < IEEE80211_MLD_MAX_NUM_LINKS; link_id++) 222 kfree(links[link_id]); 223 } 224 225 static int ieee80211_check_dup_link_addrs(struct ieee80211_sub_if_data *sdata) 226 { 227 unsigned int i, j; 228 229 for (i = 0; i < IEEE80211_MLD_MAX_NUM_LINKS; i++) { 230 struct ieee80211_link_data *link1; 231 232 link1 = sdata_dereference(sdata->link[i], sdata); 233 if (!link1) 234 continue; 235 for (j = i + 1; j < IEEE80211_MLD_MAX_NUM_LINKS; j++) { 236 struct ieee80211_link_data *link2; 237 238 link2 = sdata_dereference(sdata->link[j], sdata); 239 if (!link2) 240 continue; 241 242 if (ether_addr_equal(link1->conf->addr, 243 link2->conf->addr)) 244 return -EALREADY; 245 } 246 } 247 248 return 0; 249 } 250 251 static void ieee80211_set_vif_links_bitmaps(struct ieee80211_sub_if_data *sdata, 252 u16 valid_links, u16 dormant_links) 253 { 254 sdata->vif.valid_links = valid_links; 255 sdata->vif.dormant_links = dormant_links; 256 257 if (!valid_links || 258 WARN((~valid_links & dormant_links) || 259 !(valid_links & ~dormant_links), 260 "Invalid links: valid=0x%x, dormant=0x%x", 261 valid_links, dormant_links)) { 262 sdata->vif.active_links = 0; 263 sdata->vif.dormant_links = 0; 264 return; 265 } 266 267 switch (sdata->vif.type) { 268 case NL80211_IFTYPE_AP: 269 case NL80211_IFTYPE_AP_VLAN: 270 /* in an AP all links are always active */ 271 sdata->vif.active_links = valid_links; 272 273 /* AP links are not expected to be disabled */ 274 WARN_ON(dormant_links); 275 break; 276 case NL80211_IFTYPE_STATION: 277 if (sdata->vif.active_links) 278 break; 279 sdata->vif.active_links = valid_links & ~dormant_links; 280 WARN_ON(hweight16(sdata->vif.active_links) > 1); 281 break; 282 default: 283 WARN_ON(1); 284 } 285 } 286 287 static int ieee80211_vif_update_links(struct ieee80211_sub_if_data *sdata, 288 struct link_container **to_free, 289 u16 new_links, u16 dormant_links) 290 { 291 u16 old_links = sdata->vif.valid_links; 292 u16 old_active = sdata->vif.active_links; 293 unsigned long add = new_links & ~old_links; 294 unsigned long rem = old_links & ~new_links; 295 unsigned int link_id; 296 int ret; 297 struct link_container *links[IEEE80211_MLD_MAX_NUM_LINKS] = {}, *link; 298 struct ieee80211_bss_conf *old[IEEE80211_MLD_MAX_NUM_LINKS]; 299 struct ieee80211_link_data *old_data[IEEE80211_MLD_MAX_NUM_LINKS]; 300 bool use_deflink = old_links == 0; /* set for error case */ 301 bool non_sta = sdata->vif.type != NL80211_IFTYPE_STATION; 302 303 lockdep_assert_wiphy(sdata->local->hw.wiphy); 304 305 memset(to_free, 0, sizeof(links)); 306 307 if (old_links == new_links && dormant_links == sdata->vif.dormant_links) 308 return 0; 309 310 /* if there were no old links, need to clear the pointers to deflink */ 311 if (!old_links) 312 rem |= BIT(0); 313 314 /* allocate new link structures first */ 315 for_each_set_bit(link_id, &add, IEEE80211_MLD_MAX_NUM_LINKS) { 316 link = kzalloc_obj(*link); 317 if (!link) { 318 ret = -ENOMEM; 319 goto free; 320 } 321 links[link_id] = link; 322 } 323 324 /* keep track of the old pointers for the driver */ 325 BUILD_BUG_ON(sizeof(old) != sizeof(sdata->vif.link_conf)); 326 memcpy(old, sdata->vif.link_conf, sizeof(old)); 327 /* and for us in error cases */ 328 BUILD_BUG_ON(sizeof(old_data) != sizeof(sdata->link)); 329 memcpy(old_data, sdata->link, sizeof(old_data)); 330 331 /* grab old links to free later */ 332 for_each_set_bit(link_id, &rem, IEEE80211_MLD_MAX_NUM_LINKS) { 333 if (rcu_access_pointer(sdata->link[link_id]) != &sdata->deflink) { 334 /* 335 * we must have allocated the data through this path so 336 * we know we can free both at the same time 337 */ 338 to_free[link_id] = container_of(rcu_access_pointer(sdata->link[link_id]), 339 typeof(*links[link_id]), 340 data); 341 } 342 343 RCU_INIT_POINTER(sdata->link[link_id], NULL); 344 RCU_INIT_POINTER(sdata->vif.link_conf[link_id], NULL); 345 } 346 347 if (!old_links) 348 ieee80211_debugfs_recreate_netdev(sdata, true); 349 350 /* link them into data structures */ 351 for_each_set_bit(link_id, &add, IEEE80211_MLD_MAX_NUM_LINKS) { 352 WARN_ON(!use_deflink && 353 rcu_access_pointer(sdata->link[link_id]) == &sdata->deflink); 354 355 link = links[link_id]; 356 ieee80211_link_init(sdata, link_id, &link->data, &link->conf); 357 ieee80211_link_setup(&link->data); 358 ieee80211_set_wmm_default(&link->data, true, non_sta); 359 } 360 361 if (new_links == 0) 362 ieee80211_link_init(sdata, -1, &sdata->deflink, 363 &sdata->vif.bss_conf); 364 365 ret = ieee80211_check_dup_link_addrs(sdata); 366 if (!ret) { 367 /* for keys we will not be able to undo this */ 368 ieee80211_tear_down_links(sdata, to_free, rem); 369 370 ieee80211_set_vif_links_bitmaps(sdata, new_links, dormant_links); 371 372 /* tell the driver */ 373 if (sdata->vif.type != NL80211_IFTYPE_AP_VLAN) 374 ret = drv_change_vif_links(sdata->local, sdata, 375 old_links & old_active, 376 new_links & sdata->vif.active_links, 377 old); 378 if (!new_links) 379 ieee80211_debugfs_recreate_netdev(sdata, false); 380 381 if (sdata->vif.type == NL80211_IFTYPE_AP) 382 ieee80211_update_apvlan_links(sdata); 383 } 384 385 /* 386 * Ignore errors if we are only removing links as removal should 387 * always succeed 388 */ 389 if (!new_links) 390 ret = 0; 391 392 if (ret) { 393 /* restore config */ 394 memcpy(sdata->link, old_data, sizeof(old_data)); 395 memcpy(sdata->vif.link_conf, old, sizeof(old)); 396 ieee80211_set_vif_links_bitmaps(sdata, old_links, dormant_links); 397 /* and free (only) the newly allocated links */ 398 memset(to_free, 0, sizeof(links)); 399 goto free; 400 } 401 402 /* use deflink/bss_conf again if and only if there are no more links */ 403 use_deflink = new_links == 0; 404 405 goto deinit; 406 free: 407 /* if we failed during allocation, only free all */ 408 for (link_id = 0; link_id < IEEE80211_MLD_MAX_NUM_LINKS; link_id++) { 409 kfree(links[link_id]); 410 links[link_id] = NULL; 411 } 412 deinit: 413 if (use_deflink) 414 ieee80211_link_init(sdata, -1, &sdata->deflink, 415 &sdata->vif.bss_conf); 416 return ret; 417 } 418 419 int ieee80211_vif_set_links(struct ieee80211_sub_if_data *sdata, 420 u16 new_links, u16 dormant_links) 421 { 422 struct link_container *links[IEEE80211_MLD_MAX_NUM_LINKS]; 423 int ret; 424 425 ret = ieee80211_vif_update_links(sdata, links, new_links, 426 dormant_links); 427 ieee80211_free_links(sdata, links); 428 429 return ret; 430 } 431 432 static int _ieee80211_set_active_links(struct ieee80211_sub_if_data *sdata, 433 u16 active_links) 434 { 435 struct ieee80211_bss_conf *link_confs[IEEE80211_MLD_MAX_NUM_LINKS]; 436 struct ieee80211_local *local = sdata->local; 437 u16 old_active = sdata->vif.active_links; 438 unsigned long rem = old_active & ~active_links; 439 unsigned long add = active_links & ~old_active; 440 struct sta_info *sta; 441 unsigned int link_id; 442 int ret, i; 443 444 if (!ieee80211_sdata_running(sdata)) 445 return -ENETDOWN; 446 447 if (sdata->vif.type != NL80211_IFTYPE_STATION) 448 return -EINVAL; 449 450 if (active_links & ~ieee80211_vif_usable_links(&sdata->vif)) 451 return -EINVAL; 452 453 /* nothing to do */ 454 if (old_active == active_links) 455 return 0; 456 457 for (i = 0; i < IEEE80211_MLD_MAX_NUM_LINKS; i++) 458 link_confs[i] = sdata_dereference(sdata->vif.link_conf[i], 459 sdata); 460 461 if (add) { 462 sdata->vif.active_links |= active_links; 463 ret = drv_change_vif_links(local, sdata, 464 old_active, 465 sdata->vif.active_links, 466 link_confs); 467 if (ret) { 468 sdata->vif.active_links = old_active; 469 return ret; 470 } 471 } 472 473 for_each_set_bit(link_id, &rem, IEEE80211_MLD_MAX_NUM_LINKS) { 474 struct ieee80211_link_data *link; 475 476 link = sdata_dereference(sdata->link[link_id], sdata); 477 478 ieee80211_teardown_tdls_peers(link); 479 480 __ieee80211_link_release_channel(link, true); 481 482 /* 483 * If CSA is (still) active while the link is deactivated, 484 * just schedule the channel switch work for the time we 485 * had previously calculated, and we'll take the process 486 * from there. 487 */ 488 if (link->conf->csa_active) 489 wiphy_hrtimer_work_queue(local->hw.wiphy, 490 &link->u.mgd.csa.switch_work, 491 link->u.mgd.csa.time - 492 ktime_get_boottime()); 493 } 494 495 for_each_set_bit(link_id, &add, IEEE80211_MLD_MAX_NUM_LINKS) { 496 struct ieee80211_link_data *link; 497 498 link = sdata_dereference(sdata->link[link_id], sdata); 499 500 /* 501 * This call really should not fail. Unfortunately, it appears 502 * that this may happen occasionally with some drivers. Should 503 * it happen, we are stuck in a bad place as going backwards is 504 * not really feasible. 505 * 506 * So lets just tell link_use_channel that it must not fail to 507 * assign the channel context (from mac80211's perspective) and 508 * assume the driver is going to trigger a recovery flow if it 509 * had a failure. 510 * That really is not great nor guaranteed to work. But at least 511 * the internal mac80211 state remains consistent and there is 512 * a chance that we can recover. 513 */ 514 ret = _ieee80211_link_use_channel(link, 515 &link->conf->chanreq, 516 IEEE80211_CHANCTX_SHARED, 517 true); 518 WARN_ON_ONCE(ret); 519 520 /* 521 * inform about the link info changed parameters after all 522 * stations are also added 523 */ 524 } 525 526 list_for_each_entry(sta, &local->sta_list, list) { 527 if (sdata != sta->sdata) 528 continue; 529 530 /* this is very temporary, but do it anyway */ 531 __ieee80211_sta_recalc_aggregates(sta, 532 old_active | active_links); 533 534 ret = drv_change_sta_links(local, sdata, &sta->sta, 535 old_active, 536 old_active | active_links); 537 WARN_ON_ONCE(ret); 538 } 539 540 ret = ieee80211_key_switch_links(sdata, rem, add); 541 WARN_ON_ONCE(ret); 542 543 list_for_each_entry(sta, &local->sta_list, list) { 544 if (sdata != sta->sdata) 545 continue; 546 547 __ieee80211_sta_recalc_aggregates(sta, active_links); 548 549 ret = drv_change_sta_links(local, sdata, &sta->sta, 550 old_active | active_links, 551 active_links); 552 WARN_ON_ONCE(ret); 553 554 /* 555 * Do it again, just in case - the driver might very 556 * well have called ieee80211_sta_recalc_aggregates() 557 * from there when filling in the new links, which 558 * would set it wrong since the vif's active links are 559 * not switched yet... 560 */ 561 __ieee80211_sta_recalc_aggregates(sta, active_links); 562 } 563 564 for_each_set_bit(link_id, &add, IEEE80211_MLD_MAX_NUM_LINKS) { 565 struct ieee80211_link_data *link; 566 567 link = sdata_dereference(sdata->link[link_id], sdata); 568 569 ieee80211_mgd_set_link_qos_params(link); 570 ieee80211_link_info_change_notify(sdata, link, 571 BSS_CHANGED_ERP_CTS_PROT | 572 BSS_CHANGED_ERP_PREAMBLE | 573 BSS_CHANGED_ERP_SLOT | 574 BSS_CHANGED_HT | 575 BSS_CHANGED_BASIC_RATES | 576 BSS_CHANGED_BSSID | 577 BSS_CHANGED_CQM | 578 BSS_CHANGED_QOS | 579 BSS_CHANGED_TXPOWER | 580 BSS_CHANGED_BANDWIDTH | 581 BSS_CHANGED_TWT | 582 BSS_CHANGED_HE_OBSS_PD | 583 BSS_CHANGED_HE_BSS_COLOR); 584 } 585 586 old_active = sdata->vif.active_links; 587 sdata->vif.active_links = active_links; 588 589 if (rem) { 590 ret = drv_change_vif_links(local, sdata, old_active, 591 active_links, link_confs); 592 WARN_ON_ONCE(ret); 593 } 594 595 return 0; 596 } 597 598 int ieee80211_set_active_links(struct ieee80211_vif *vif, u16 active_links) 599 { 600 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); 601 struct ieee80211_local *local = sdata->local; 602 u16 old_active; 603 int ret; 604 605 lockdep_assert_wiphy(local->hw.wiphy); 606 607 if (WARN_ON(!active_links)) 608 return -EINVAL; 609 610 old_active = sdata->vif.active_links; 611 if (old_active == active_links) 612 return 0; 613 614 if (!drv_can_activate_links(local, sdata, active_links)) 615 return -EINVAL; 616 617 if (old_active & active_links) { 618 /* 619 * if there's at least one link that stays active across 620 * the change then switch to it (to those) first, and 621 * then enable the additional links 622 */ 623 ret = _ieee80211_set_active_links(sdata, 624 old_active & active_links); 625 if (!ret) 626 ret = _ieee80211_set_active_links(sdata, active_links); 627 } else { 628 /* otherwise switch directly */ 629 ret = _ieee80211_set_active_links(sdata, active_links); 630 } 631 632 return ret; 633 } 634 EXPORT_SYMBOL_GPL(ieee80211_set_active_links); 635 636 void ieee80211_set_active_links_async(struct ieee80211_vif *vif, 637 u16 active_links) 638 { 639 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); 640 641 if (WARN_ON(!active_links)) 642 return; 643 644 if (!ieee80211_sdata_running(sdata)) 645 return; 646 647 if (sdata->vif.type != NL80211_IFTYPE_STATION) 648 return; 649 650 if (active_links & ~ieee80211_vif_usable_links(&sdata->vif)) 651 return; 652 653 /* nothing to do */ 654 if (sdata->vif.active_links == active_links) 655 return; 656 657 sdata->desired_active_links = active_links; 658 wiphy_work_queue(sdata->local->hw.wiphy, &sdata->activate_links_work); 659 } 660 EXPORT_SYMBOL_GPL(ieee80211_set_active_links_async); 661