1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * MLO link handling 4 * 5 * Copyright (C) 2022-2025 Intel Corporation 6 */ 7 #include <linux/slab.h> 8 #include <linux/kernel.h> 9 #include <net/mac80211.h> 10 #include "ieee80211_i.h" 11 #include "driver-ops.h" 12 #include "key.h" 13 #include "debugfs_netdev.h" 14 15 static void ieee80211_update_apvlan_links(struct ieee80211_sub_if_data *sdata) 16 { 17 struct ieee80211_sub_if_data *vlan; 18 struct ieee80211_link_data *link; 19 u16 ap_bss_links = sdata->vif.valid_links; 20 u16 new_links, vlan_links; 21 unsigned long add; 22 23 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list) { 24 int link_id; 25 26 if (!vlan) 27 continue; 28 29 /* No support for 4addr with MLO yet */ 30 if (vlan->wdev.use_4addr) 31 return; 32 33 vlan_links = vlan->vif.valid_links; 34 35 new_links = ap_bss_links; 36 37 add = new_links & ~vlan_links; 38 if (!add) 39 continue; 40 41 ieee80211_vif_set_links(vlan, add, 0); 42 43 for_each_set_bit(link_id, &add, IEEE80211_MLD_MAX_NUM_LINKS) { 44 link = sdata_dereference(vlan->link[link_id], vlan); 45 ieee80211_link_vlan_copy_chanctx(link); 46 } 47 } 48 } 49 50 void ieee80211_apvlan_link_setup(struct ieee80211_sub_if_data *sdata) 51 { 52 struct ieee80211_sub_if_data *ap_bss = container_of(sdata->bss, 53 struct ieee80211_sub_if_data, u.ap); 54 u16 new_links = ap_bss->vif.valid_links; 55 unsigned long add; 56 int link_id; 57 58 if (!ap_bss->vif.valid_links) 59 return; 60 61 add = new_links; 62 for_each_set_bit(link_id, &add, IEEE80211_MLD_MAX_NUM_LINKS) { 63 sdata->wdev.valid_links |= BIT(link_id); 64 ether_addr_copy(sdata->wdev.links[link_id].addr, 65 ap_bss->wdev.links[link_id].addr); 66 } 67 68 ieee80211_vif_set_links(sdata, new_links, 0); 69 } 70 71 void ieee80211_apvlan_link_clear(struct ieee80211_sub_if_data *sdata) 72 { 73 if (!sdata->wdev.valid_links) 74 return; 75 76 sdata->wdev.valid_links = 0; 77 ieee80211_vif_clear_links(sdata); 78 } 79 80 void ieee80211_link_setup(struct ieee80211_link_data *link) 81 { 82 if (link->sdata->vif.type == NL80211_IFTYPE_STATION) 83 ieee80211_mgd_setup_link(link); 84 } 85 86 void ieee80211_link_init(struct ieee80211_sub_if_data *sdata, 87 int link_id, 88 struct ieee80211_link_data *link, 89 struct ieee80211_bss_conf *link_conf) 90 { 91 bool deflink = link_id < 0; 92 93 if (link_id < 0) 94 link_id = 0; 95 96 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) { 97 struct ieee80211_sub_if_data *ap_bss; 98 struct ieee80211_bss_conf *ap_bss_conf; 99 100 ap_bss = container_of(sdata->bss, 101 struct ieee80211_sub_if_data, u.ap); 102 ap_bss_conf = sdata_dereference(ap_bss->vif.link_conf[link_id], 103 ap_bss); 104 memcpy(link_conf, ap_bss_conf, sizeof(*link_conf)); 105 } 106 107 link->sdata = sdata; 108 link->link_id = link_id; 109 link->conf = link_conf; 110 link_conf->link_id = link_id; 111 link_conf->vif = &sdata->vif; 112 link->ap_power_level = IEEE80211_UNSET_POWER_LEVEL; 113 link->user_power_level = sdata->local->user_power_level; 114 link_conf->txpower = INT_MIN; 115 116 wiphy_work_init(&link->csa.finalize_work, 117 ieee80211_csa_finalize_work); 118 wiphy_work_init(&link->color_change_finalize_work, 119 ieee80211_color_change_finalize_work); 120 wiphy_delayed_work_init(&link->color_collision_detect_work, 121 ieee80211_color_collision_detection_work); 122 INIT_LIST_HEAD(&link->assigned_chanctx_list); 123 INIT_LIST_HEAD(&link->reserved_chanctx_list); 124 wiphy_delayed_work_init(&link->dfs_cac_timer_work, 125 ieee80211_dfs_cac_timer_work); 126 127 if (!deflink) { 128 switch (sdata->vif.type) { 129 case NL80211_IFTYPE_AP: 130 case NL80211_IFTYPE_AP_VLAN: 131 ether_addr_copy(link_conf->addr, 132 sdata->wdev.links[link_id].addr); 133 link_conf->bssid = link_conf->addr; 134 WARN_ON(!(sdata->wdev.valid_links & BIT(link_id))); 135 break; 136 case NL80211_IFTYPE_STATION: 137 /* station sets the bssid in ieee80211_mgd_setup_link */ 138 break; 139 default: 140 WARN_ON(1); 141 } 142 143 ieee80211_link_debugfs_add(link); 144 } 145 146 rcu_assign_pointer(sdata->vif.link_conf[link_id], link_conf); 147 rcu_assign_pointer(sdata->link[link_id], link); 148 } 149 150 void ieee80211_link_stop(struct ieee80211_link_data *link) 151 { 152 if (link->sdata->vif.type == NL80211_IFTYPE_STATION) 153 ieee80211_mgd_stop_link(link); 154 155 wiphy_delayed_work_cancel(link->sdata->local->hw.wiphy, 156 &link->color_collision_detect_work); 157 wiphy_work_cancel(link->sdata->local->hw.wiphy, 158 &link->color_change_finalize_work); 159 wiphy_work_cancel(link->sdata->local->hw.wiphy, 160 &link->csa.finalize_work); 161 162 if (link->sdata->wdev.links[link->link_id].cac_started) { 163 wiphy_delayed_work_cancel(link->sdata->local->hw.wiphy, 164 &link->dfs_cac_timer_work); 165 cfg80211_cac_event(link->sdata->dev, 166 &link->conf->chanreq.oper, 167 NL80211_RADAR_CAC_ABORTED, 168 GFP_KERNEL, link->link_id); 169 } 170 171 ieee80211_link_release_channel(link); 172 } 173 174 struct link_container { 175 struct ieee80211_link_data data; 176 struct ieee80211_bss_conf conf; 177 }; 178 179 static void ieee80211_tear_down_links(struct ieee80211_sub_if_data *sdata, 180 struct link_container **links, u16 mask) 181 { 182 struct ieee80211_link_data *link; 183 LIST_HEAD(keys); 184 unsigned int link_id; 185 186 for (link_id = 0; link_id < IEEE80211_MLD_MAX_NUM_LINKS; link_id++) { 187 if (!(mask & BIT(link_id))) 188 continue; 189 link = &links[link_id]->data; 190 if (link_id == 0 && !link) 191 link = &sdata->deflink; 192 if (WARN_ON(!link)) 193 continue; 194 ieee80211_remove_link_keys(link, &keys); 195 ieee80211_link_debugfs_remove(link); 196 ieee80211_link_stop(link); 197 } 198 199 synchronize_rcu(); 200 201 ieee80211_free_key_list(sdata->local, &keys); 202 } 203 204 static void ieee80211_free_links(struct ieee80211_sub_if_data *sdata, 205 struct link_container **links) 206 { 207 unsigned int link_id; 208 209 for (link_id = 0; link_id < IEEE80211_MLD_MAX_NUM_LINKS; link_id++) 210 kfree(links[link_id]); 211 } 212 213 static int ieee80211_check_dup_link_addrs(struct ieee80211_sub_if_data *sdata) 214 { 215 unsigned int i, j; 216 217 for (i = 0; i < IEEE80211_MLD_MAX_NUM_LINKS; i++) { 218 struct ieee80211_link_data *link1; 219 220 link1 = sdata_dereference(sdata->link[i], sdata); 221 if (!link1) 222 continue; 223 for (j = i + 1; j < IEEE80211_MLD_MAX_NUM_LINKS; j++) { 224 struct ieee80211_link_data *link2; 225 226 link2 = sdata_dereference(sdata->link[j], sdata); 227 if (!link2) 228 continue; 229 230 if (ether_addr_equal(link1->conf->addr, 231 link2->conf->addr)) 232 return -EALREADY; 233 } 234 } 235 236 return 0; 237 } 238 239 static void ieee80211_set_vif_links_bitmaps(struct ieee80211_sub_if_data *sdata, 240 u16 valid_links, u16 dormant_links) 241 { 242 sdata->vif.valid_links = valid_links; 243 sdata->vif.dormant_links = dormant_links; 244 245 if (!valid_links || 246 WARN((~valid_links & dormant_links) || 247 !(valid_links & ~dormant_links), 248 "Invalid links: valid=0x%x, dormant=0x%x", 249 valid_links, dormant_links)) { 250 sdata->vif.active_links = 0; 251 sdata->vif.dormant_links = 0; 252 return; 253 } 254 255 switch (sdata->vif.type) { 256 case NL80211_IFTYPE_AP: 257 case NL80211_IFTYPE_AP_VLAN: 258 /* in an AP all links are always active */ 259 sdata->vif.active_links = valid_links; 260 261 /* AP links are not expected to be disabled */ 262 WARN_ON(dormant_links); 263 break; 264 case NL80211_IFTYPE_STATION: 265 if (sdata->vif.active_links) 266 break; 267 sdata->vif.active_links = valid_links & ~dormant_links; 268 WARN_ON(hweight16(sdata->vif.active_links) > 1); 269 break; 270 default: 271 WARN_ON(1); 272 } 273 } 274 275 static int ieee80211_vif_update_links(struct ieee80211_sub_if_data *sdata, 276 struct link_container **to_free, 277 u16 new_links, u16 dormant_links) 278 { 279 u16 old_links = sdata->vif.valid_links; 280 u16 old_active = sdata->vif.active_links; 281 unsigned long add = new_links & ~old_links; 282 unsigned long rem = old_links & ~new_links; 283 unsigned int link_id; 284 int ret; 285 struct link_container *links[IEEE80211_MLD_MAX_NUM_LINKS] = {}, *link; 286 struct ieee80211_bss_conf *old[IEEE80211_MLD_MAX_NUM_LINKS]; 287 struct ieee80211_link_data *old_data[IEEE80211_MLD_MAX_NUM_LINKS]; 288 bool use_deflink = old_links == 0; /* set for error case */ 289 290 lockdep_assert_wiphy(sdata->local->hw.wiphy); 291 292 memset(to_free, 0, sizeof(links)); 293 294 if (old_links == new_links && dormant_links == sdata->vif.dormant_links) 295 return 0; 296 297 /* if there were no old links, need to clear the pointers to deflink */ 298 if (!old_links) 299 rem |= BIT(0); 300 301 /* allocate new link structures first */ 302 for_each_set_bit(link_id, &add, IEEE80211_MLD_MAX_NUM_LINKS) { 303 link = kzalloc(sizeof(*link), GFP_KERNEL); 304 if (!link) { 305 ret = -ENOMEM; 306 goto free; 307 } 308 links[link_id] = link; 309 } 310 311 /* keep track of the old pointers for the driver */ 312 BUILD_BUG_ON(sizeof(old) != sizeof(sdata->vif.link_conf)); 313 memcpy(old, sdata->vif.link_conf, sizeof(old)); 314 /* and for us in error cases */ 315 BUILD_BUG_ON(sizeof(old_data) != sizeof(sdata->link)); 316 memcpy(old_data, sdata->link, sizeof(old_data)); 317 318 /* grab old links to free later */ 319 for_each_set_bit(link_id, &rem, IEEE80211_MLD_MAX_NUM_LINKS) { 320 if (rcu_access_pointer(sdata->link[link_id]) != &sdata->deflink) { 321 /* 322 * we must have allocated the data through this path so 323 * we know we can free both at the same time 324 */ 325 to_free[link_id] = container_of(rcu_access_pointer(sdata->link[link_id]), 326 typeof(*links[link_id]), 327 data); 328 } 329 330 RCU_INIT_POINTER(sdata->link[link_id], NULL); 331 RCU_INIT_POINTER(sdata->vif.link_conf[link_id], NULL); 332 } 333 334 if (!old_links) 335 ieee80211_debugfs_recreate_netdev(sdata, true); 336 337 /* link them into data structures */ 338 for_each_set_bit(link_id, &add, IEEE80211_MLD_MAX_NUM_LINKS) { 339 WARN_ON(!use_deflink && 340 rcu_access_pointer(sdata->link[link_id]) == &sdata->deflink); 341 342 link = links[link_id]; 343 ieee80211_link_init(sdata, link_id, &link->data, &link->conf); 344 ieee80211_link_setup(&link->data); 345 } 346 347 if (new_links == 0) 348 ieee80211_link_init(sdata, -1, &sdata->deflink, 349 &sdata->vif.bss_conf); 350 351 ret = ieee80211_check_dup_link_addrs(sdata); 352 if (!ret) { 353 /* for keys we will not be able to undo this */ 354 ieee80211_tear_down_links(sdata, to_free, rem); 355 356 ieee80211_set_vif_links_bitmaps(sdata, new_links, dormant_links); 357 358 /* tell the driver */ 359 if (sdata->vif.type != NL80211_IFTYPE_AP_VLAN) 360 ret = drv_change_vif_links(sdata->local, sdata, 361 old_links & old_active, 362 new_links & sdata->vif.active_links, 363 old); 364 if (!new_links) 365 ieee80211_debugfs_recreate_netdev(sdata, false); 366 367 if (sdata->vif.type == NL80211_IFTYPE_AP) 368 ieee80211_update_apvlan_links(sdata); 369 } 370 371 /* 372 * Ignore errors if we are only removing links as removal should 373 * always succeed 374 */ 375 if (!new_links) 376 ret = 0; 377 378 if (ret) { 379 /* restore config */ 380 memcpy(sdata->link, old_data, sizeof(old_data)); 381 memcpy(sdata->vif.link_conf, old, sizeof(old)); 382 ieee80211_set_vif_links_bitmaps(sdata, old_links, dormant_links); 383 /* and free (only) the newly allocated links */ 384 memset(to_free, 0, sizeof(links)); 385 goto free; 386 } 387 388 /* use deflink/bss_conf again if and only if there are no more links */ 389 use_deflink = new_links == 0; 390 391 goto deinit; 392 free: 393 /* if we failed during allocation, only free all */ 394 for (link_id = 0; link_id < IEEE80211_MLD_MAX_NUM_LINKS; link_id++) { 395 kfree(links[link_id]); 396 links[link_id] = NULL; 397 } 398 deinit: 399 if (use_deflink) 400 ieee80211_link_init(sdata, -1, &sdata->deflink, 401 &sdata->vif.bss_conf); 402 return ret; 403 } 404 405 int ieee80211_vif_set_links(struct ieee80211_sub_if_data *sdata, 406 u16 new_links, u16 dormant_links) 407 { 408 struct link_container *links[IEEE80211_MLD_MAX_NUM_LINKS]; 409 int ret; 410 411 ret = ieee80211_vif_update_links(sdata, links, new_links, 412 dormant_links); 413 ieee80211_free_links(sdata, links); 414 415 return ret; 416 } 417 418 static int _ieee80211_set_active_links(struct ieee80211_sub_if_data *sdata, 419 u16 active_links) 420 { 421 struct ieee80211_bss_conf *link_confs[IEEE80211_MLD_MAX_NUM_LINKS]; 422 struct ieee80211_local *local = sdata->local; 423 u16 old_active = sdata->vif.active_links; 424 unsigned long rem = old_active & ~active_links; 425 unsigned long add = active_links & ~old_active; 426 struct sta_info *sta; 427 unsigned int link_id; 428 int ret, i; 429 430 if (!ieee80211_sdata_running(sdata)) 431 return -ENETDOWN; 432 433 if (sdata->vif.type != NL80211_IFTYPE_STATION) 434 return -EINVAL; 435 436 if (active_links & ~ieee80211_vif_usable_links(&sdata->vif)) 437 return -EINVAL; 438 439 /* nothing to do */ 440 if (old_active == active_links) 441 return 0; 442 443 for (i = 0; i < IEEE80211_MLD_MAX_NUM_LINKS; i++) 444 link_confs[i] = sdata_dereference(sdata->vif.link_conf[i], 445 sdata); 446 447 if (add) { 448 sdata->vif.active_links |= active_links; 449 ret = drv_change_vif_links(local, sdata, 450 old_active, 451 sdata->vif.active_links, 452 link_confs); 453 if (ret) { 454 sdata->vif.active_links = old_active; 455 return ret; 456 } 457 } 458 459 for_each_set_bit(link_id, &rem, IEEE80211_MLD_MAX_NUM_LINKS) { 460 struct ieee80211_link_data *link; 461 462 link = sdata_dereference(sdata->link[link_id], sdata); 463 464 ieee80211_teardown_tdls_peers(link); 465 466 __ieee80211_link_release_channel(link, true); 467 468 /* 469 * If CSA is (still) active while the link is deactivated, 470 * just schedule the channel switch work for the time we 471 * had previously calculated, and we'll take the process 472 * from there. 473 */ 474 if (link->conf->csa_active) 475 wiphy_delayed_work_queue(local->hw.wiphy, 476 &link->u.mgd.csa.switch_work, 477 link->u.mgd.csa.time - 478 jiffies); 479 } 480 481 for_each_set_bit(link_id, &add, IEEE80211_MLD_MAX_NUM_LINKS) { 482 struct ieee80211_link_data *link; 483 484 link = sdata_dereference(sdata->link[link_id], sdata); 485 486 /* 487 * This call really should not fail. Unfortunately, it appears 488 * that this may happen occasionally with some drivers. Should 489 * it happen, we are stuck in a bad place as going backwards is 490 * not really feasible. 491 * 492 * So lets just tell link_use_channel that it must not fail to 493 * assign the channel context (from mac80211's perspective) and 494 * assume the driver is going to trigger a recovery flow if it 495 * had a failure. 496 * That really is not great nor guaranteed to work. But at least 497 * the internal mac80211 state remains consistent and there is 498 * a chance that we can recover. 499 */ 500 ret = _ieee80211_link_use_channel(link, 501 &link->conf->chanreq, 502 IEEE80211_CHANCTX_SHARED, 503 true); 504 WARN_ON_ONCE(ret); 505 506 /* 507 * inform about the link info changed parameters after all 508 * stations are also added 509 */ 510 } 511 512 list_for_each_entry(sta, &local->sta_list, list) { 513 if (sdata != sta->sdata) 514 continue; 515 516 /* this is very temporary, but do it anyway */ 517 __ieee80211_sta_recalc_aggregates(sta, 518 old_active | active_links); 519 520 ret = drv_change_sta_links(local, sdata, &sta->sta, 521 old_active, 522 old_active | active_links); 523 WARN_ON_ONCE(ret); 524 } 525 526 ret = ieee80211_key_switch_links(sdata, rem, add); 527 WARN_ON_ONCE(ret); 528 529 list_for_each_entry(sta, &local->sta_list, list) { 530 if (sdata != sta->sdata) 531 continue; 532 533 __ieee80211_sta_recalc_aggregates(sta, active_links); 534 535 ret = drv_change_sta_links(local, sdata, &sta->sta, 536 old_active | active_links, 537 active_links); 538 WARN_ON_ONCE(ret); 539 540 /* 541 * Do it again, just in case - the driver might very 542 * well have called ieee80211_sta_recalc_aggregates() 543 * from there when filling in the new links, which 544 * would set it wrong since the vif's active links are 545 * not switched yet... 546 */ 547 __ieee80211_sta_recalc_aggregates(sta, active_links); 548 } 549 550 for_each_set_bit(link_id, &add, IEEE80211_MLD_MAX_NUM_LINKS) { 551 struct ieee80211_link_data *link; 552 553 link = sdata_dereference(sdata->link[link_id], sdata); 554 555 ieee80211_mgd_set_link_qos_params(link); 556 ieee80211_link_info_change_notify(sdata, link, 557 BSS_CHANGED_ERP_CTS_PROT | 558 BSS_CHANGED_ERP_PREAMBLE | 559 BSS_CHANGED_ERP_SLOT | 560 BSS_CHANGED_HT | 561 BSS_CHANGED_BASIC_RATES | 562 BSS_CHANGED_BSSID | 563 BSS_CHANGED_CQM | 564 BSS_CHANGED_QOS | 565 BSS_CHANGED_TXPOWER | 566 BSS_CHANGED_BANDWIDTH | 567 BSS_CHANGED_TWT | 568 BSS_CHANGED_HE_OBSS_PD | 569 BSS_CHANGED_HE_BSS_COLOR); 570 } 571 572 old_active = sdata->vif.active_links; 573 sdata->vif.active_links = active_links; 574 575 if (rem) { 576 ret = drv_change_vif_links(local, sdata, old_active, 577 active_links, link_confs); 578 WARN_ON_ONCE(ret); 579 } 580 581 return 0; 582 } 583 584 int ieee80211_set_active_links(struct ieee80211_vif *vif, u16 active_links) 585 { 586 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); 587 struct ieee80211_local *local = sdata->local; 588 u16 old_active; 589 int ret; 590 591 lockdep_assert_wiphy(local->hw.wiphy); 592 593 if (WARN_ON(!active_links)) 594 return -EINVAL; 595 596 old_active = sdata->vif.active_links; 597 if (old_active == active_links) 598 return 0; 599 600 if (!drv_can_activate_links(local, sdata, active_links)) 601 return -EINVAL; 602 603 if (old_active & active_links) { 604 /* 605 * if there's at least one link that stays active across 606 * the change then switch to it (to those) first, and 607 * then enable the additional links 608 */ 609 ret = _ieee80211_set_active_links(sdata, 610 old_active & active_links); 611 if (!ret) 612 ret = _ieee80211_set_active_links(sdata, active_links); 613 } else { 614 /* otherwise switch directly */ 615 ret = _ieee80211_set_active_links(sdata, active_links); 616 } 617 618 return ret; 619 } 620 EXPORT_SYMBOL_GPL(ieee80211_set_active_links); 621 622 void ieee80211_set_active_links_async(struct ieee80211_vif *vif, 623 u16 active_links) 624 { 625 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); 626 627 if (WARN_ON(!active_links)) 628 return; 629 630 if (!ieee80211_sdata_running(sdata)) 631 return; 632 633 if (sdata->vif.type != NL80211_IFTYPE_STATION) 634 return; 635 636 if (active_links & ~ieee80211_vif_usable_links(&sdata->vif)) 637 return; 638 639 /* nothing to do */ 640 if (sdata->vif.active_links == active_links) 641 return; 642 643 sdata->desired_active_links = active_links; 644 wiphy_work_queue(sdata->local->hw.wiphy, &sdata->activate_links_work); 645 } 646 EXPORT_SYMBOL_GPL(ieee80211_set_active_links_async); 647