- 20 Apr, 2023 3 commits
-
-
Johannes Berg authored
The RADA/firmware collaborate on MIC stripping in the following way: - the firmware fills the IWL_RX_MPDU_MFLG1_MIC_CRC_LEN_MASK value for how many words need to be removed at the end of the frame, CRC and, if decryption was done, MIC - if the RADA is active, it will - remove that much from the end of the frame - zero the value in IWL_RX_MPDU_MFLG1_MIC_CRC_LEN_MASK As a consequence, the only thing the driver should need to do is to - unconditionally tell mac80211 that the MIC was removed if decryption was already done - remove as much as IWL_RX_MPDU_MFLG1_MIC_CRC_LEN_MASK says at the end of the frame, since either RADA did it and then the value is 0, or RADA was disabled and then the value is whatever should be removed to strip both CRC & MIC However, all this code was historically grown and getting a bit confused. Originally, we were indicating that the MIC was not stripped, which is the version of the code upstreamed in commit 780e87c2 ("iwlwifi: mvm: add 9000 series RX processing") which indicated RX_FLAG_DECRYPTED in iwl_mvm_rx_crypto(). We later had a commit to change that to also indicate that the MIC was stripped, adding RX_FLAG_MIC_STRIPPED. However, this was then "fixed" later to only do that conditionally on RADA being enabled, since otherwise RADA didn't strip the MIC bytes yet. At the time, we were also always including the FCS if the RADA was not enabled, so that was still broken wrt. the FCS if the RADA isn't enabled - but that's a pretty rare case. Notably though, it does happen for management frames, where we do need to remove the MIC and CRC but the RADA is disabled. Later, in commit 40a0b38d ("iwlwifi: mvm: Fix calculation of frame length"), we changed this again, upstream this was just a single commit, but internally it was split into first the correct commit and then an additional fix that reduced the number of bytes that are removed by crypt_len. Note that this is clearly wrong since crypt_len indicates the length of the PN header (always 8), not the length of the MIC (8 or 16 depending on algorithm). However, this additional fix mostly canceled the other bugs, apart from the confusion about the size of the MIC. To fix this correctly, remove all those additional workarounds. We really should always indicate to mac80211 the MIC was stripped (it cannot use it anyway if decryption was already done), and also always actually remove it and the CRC regardless of the RADA being enabled or not. That's simple though, the value indicated in the metadata is zeroed by the RADA if it's enabled and used the value, so there's no need to check if it's enabled or not. Notably then, this fixes the MIC size confusion, letting us receive GCMP-256 encrypted management frames correctly that would otherwise be reported to mac80211 8 bytes too short since the RADA is turned off for them, crypt_len is 8, but the MIC size is 16, so when we do the adjustment based on IWL_RX_MPDU_MFLG1_MIC_CRC_LEN_MASK (which indicates 20 bytes to remove) we remove 12 bytes but indicate then to mac80211 the MIC is still present, so mac80211 again removes the MIC of 16 bytes, for an overall removal of 28 rather than 20 bytes. Signed-off-by:
Johannes Berg <johannes.berg@intel.com> Signed-off-by:
Gregory Greenman <gregory.greenman@intel.com> Link: https://lore.kernel.org/r/20230418122405.81345b6ab0cd.Ibe0348defb6cce11c99929a1f049e60b5cfc150c@changeidSigned-off-by:
-
Johannes Berg authored
Fix a memory leak that occurs when reading the fw_info file all the way, since we return NULL indicating no more data, but don't free the status tracking object. Fixes: 36dfe9ac ("iwlwifi: dump api version in yaml format") Signed-off-by:
-
Mukesh Sisodiya authored
Add support for B0 version of MAC of MR device Signed-off-by:
Mukesh Sisodiya <mukesh.sisodiya@intel.com> Signed-off-by:
-
- 19 Apr, 2023 1 commit
-
-
Hans de Goede authored
A received TKIP key may be up to 32 bytes because it may contain MIC rx/tx keys too. These are not used by iwl and copying these over overflows the iwl_keyinfo.key field. Add a check to not copy more data to iwl_keyinfo.key then will fit. This fixes backtraces like this one: memcpy: detected field-spanning write (size 32) of single field "sta_cmd.key.key" at drivers/net/wireless/intel/iwlwifi/dvm/sta.c:1103 (size 16) WARNING: CPU: 1 PID: 946 at drivers/net/wireless/intel/iwlwifi/dvm/sta.c:1103 iwlagn_send_sta_key+0x375/0x390 [iwldvm] <snip> Hardware name: Dell Inc. Latitude E6430/0H3MT5, BIOS A21 05/08/2017 RIP: 0010:iwlagn_send_sta_key+0x375/0x390 [iwldvm] <snip> Call Trace: <TASK> iwl_set_dynamic_key+0x1f0/0x220 [iwldvm] iwlagn_mac_set_key+0x1e4/0x280 [iwldvm] drv_set_key+0xa4/0x1b0 [mac80211] ieee80211_key_enable_hw_accel+0xa8/0x2d0 [mac80211] ieee80211_key_replace+0x22d/0x8e0 [mac80211] <snip> Link: https://www.alionet.org/index.php?topic=1469.0 Link: https://lore.kernel.org/linux-wireless/20230218191056.never.374-kees@kernel.org/ Link: https://lore.kernel.org/linux-wireless/68760035-7f75-1b23-e355-bfb758a87d83@redhat.com/ Cc: Kees Cook <keescook@chromium.org> Suggested-by:
Johannes Berg <johannes@sipsolutions.net> Signed-off-by:
Hans de Goede <hdegoede@redhat.com> Reviewed-by:
Kees Cook <keescook@chromium.org> Signed-off-by:
-
- 18 Apr, 2023 16 commits
-
-
Felix Fietkau authored
It is unused and should not be used. In order to avoid limitations in 4-address mode, the driver should always use ieee80211_tx_status_ext for 802.3 frames with a valid sta pointer. Signed-off-by:
Felix Fietkau <nbd@nbd.name> Link: https://lore.kernel.org/r/20230417133751.79160-1-nbd@nbd.nameSigned-off-by:
-
Gregory Greenman authored
Start supporting API version 78 for AX devices. Signed-off-by:
-
Johannes Berg authored
Check the firmware response size for responses to the memory read/write command in debugfs before using it. Fixes: 2b55f43f ("iwlwifi: mvm: Add mem debugfs entry") Signed-off-by:
-
Johannes Berg authored
For MLO support, use the pointer to the peer MLD instead of the default link station id, since the default link is only used for non-MLO cases. Using the default link sta id is meaningless for MLO. Also remove the rcu protected section since we now avoid the lookup based on sta id. Signed-off-by:
-
Johannes Berg authored
If the AP station already exists on link activation (which means we're during link switch), configure the TLC in FW so we can immediately transmit once the link is activated. Signed-off-by:
-
Johannes Berg authored
For MLO, we cannot use vif->bss_conf.chandef.chan->band, since that will lead to a NULL-ptr dereference as bss_conf isn't used. However, in case of real MLO, we also need to take both LMACs into account if they exist, since the station might be active on both LMACs at the same time. Signed-off-by:
-
Johannes Berg authored
Track instead whether or not the station was authorized, that's clearer than trying to indicate in the code whether or not the full bandwidth should be used via an 'update' argument. While at it, give rs_fw_rate_init() the iwl_mvm_ prefix. Signed-off-by:
-
Johannes Berg authored
When allocating a new link station, initialize the ratescaling data for it. To do that, refactor the initialization code out into a new iwl_mvm_rs_add_sta_link() function. Signed-off-by:
-
Johannes Berg authored
We need to look up the correct version of this struct depending on the interface type, rather than just checking if the pointer is non-NULL. Fix that. Fixes: befebbb3 ("iwlwifi: rs: consider LDPC capability in case of HE") Fixes: b009cf71 ("iwlwifi: mvm: only enable HE DCM if we also support TX") Signed-off-by:
-
Johannes Berg authored
Since only clients to an AP can be 20MHz-only STAs, adjust the code to not make the use of EHT capabilities depend on only the bandwidth, but also the type of interface. Fixes: 701404f1 ("wifi: iwlwifi: rs: add support for parsing max MCS per NSS/BW in 11be") Signed-off-by:
-
Johannes Berg authored
When this is called it might crash due to the use of deflink's phy context, update all links instead. It really shouldn't be called right now though, but it's better to have safer code until we update this to be with a link parameter. Signed-off-by:
-
Johannes Berg authored
When we first add the STA before sending an authentication frame this is false. However, in some cases such as FT or certainly in MLO link switch scenarios, it will be true. If it happens to be true, it causes a firmware assert (in LMAC, 0x2528), because the same bit is used by the firmware for tracking this setting as well as for tracking if the management key has been installed, and then we get this assert from the firmware when installing the MFP key as it thinks it has already been installed. Remove the setting for now, until the firmware disentangles the two. We should be able to set it, in fact we should be setting it speculatively before authentication/association, to avoid processing management frames that should have been protected/encrypted before the key is set. Signed-off-by:
-
Johannes Berg authored
We can allow NL80211_EXT_FEATURE_SCAN_MIN_PREQ_CONTENT since we just use the elements from mac80211. Signed-off-by:
-
Johannes Berg authored
A long time, ago in commit 818965d3 ("cfg80211: Allow a scan request for a specific BSSID"), the stack started passing the BSSID that should be scanned for. Use it in iwlwifi for the intended optimisation, and to also allow the use of this for an implementation sending multi-link probe requests. Signed-off-by:
-
Gregory Greenman authored
The restriction where MAC ID 0 could be used only for the managed/IBSS vif is not required when using the new MLO FW API. Update the driver. Signed-off-by:
-
Emmanuel Grumbach authored
The firmware no longer wants the beacon template inside the MAC command. Signed-off-by:
Emmanuel Grumbach <emmanuel.grumbach@intel.com> Signed-off-by:
-
- 17 Apr, 2023 20 commits
-
-
Po-Hao Huang authored
Add iface_combination declaration to enable concurrent mode. Only two interfaces under same frequency is supported currently. We limit the role combination to be STA + P2P or STA + AP only for now until new feature is requested. Signed-off-by:
Po-Hao Huang <phhuang@realtek.com> Signed-off-by:
Ping-Ke Shih <pkshih@realtek.com> Signed-off-by:
Kalle Valo <kvalo@kernel.org> Link: https://lore.kernel.org/r/20230415035016.15788-2-pkshih@realtek.com
-
Po-Hao Huang authored
Power saving for more than one station is not supported currently. Disallow entering PS mode when we have more than one associated stations. Signed-off-by:
-
Po-Hao Huang authored
Since firmware can't have proper statistics, driver update the statistics periodically to firmware to assist in tuning performance. Signed-off-by:
-
Ping-Ke Shih authored
Remove macros that set H2C data. Instead, use struct and le32_encode_bits() with mask definition to make it clean. Signed-off-by:
-
Po-Hao Huang authored
Since we can get the current channel definition each interface maps to, remove store_op function that is no longer required to make things simple. Signed-off-by:
-
Chih-Kang Chang authored
Mac80211 core may ask driver to change to idle mode during HW scan, then H2C command for HW scan will send failed since chip is in idle mode. Therefore, We check the SCANNING flag before entering IPS to prevent this behavior. Signed-off-by:
Chih-Kang Chang <gary.chang@realtek.com> Signed-off-by:
-
Ping-Ke Shih authored
8851B has various hardware module types, so BT coexistence in firmware needs these information to make decision. Add them to make 8851B work well. Signed-off-by:
-
Ching-Te Ku authored
Correct Bluetooth RSSI count method. The 6dB is the gap between hardware packet sampled value and real RSSI value. Signed-off-by:
Ching-Te Ku <ku920601@realtek.com> Signed-off-by:
-
Ching-Te Ku authored
Chips use similar hardware for path control, but could different path/antenna configuration. Add these register to monitor, if there are wrong settings, these register can help to debug. Signed-off-by:
-
Ching-Te Ku authored
When Wi-Fi & Bluetooth are both busy at the same time, Wi-Fi need to enable RX gain to protect Wi-Fi RX RF ability. Without this configure the interference from Bluetooth will bring a big impact to Wi-Fi RX. Signed-off-by:
-
Chih-Kang Chang authored
In WoWLAN Mode, it's expected that WiFi chip could enter power save mode only after all setting is finished, but current wow_enter_lps function break the rule and may lead to WoWLAN function fail in low probability, so fix it. Signed-off-by:
-
Chin-Yen Lee authored
To support WoWLAN mode for 8852be, we add one PLE quota setting and WoWLAN stub, which shows that supported WLAN events include receiving magic packet, rekey packet and deauth packet, and disconnecting from AP. Signed-off-by:
Chin-Yen Lee <timlee@realtek.com> Signed-off-by:
-
Golan Ben Ami authored
This is noising the kernel log and customers asked to hush it down. We can live with this message in "info" verbosity. Signed-off-by:
Golan Ben Ami <golan.ben.ami@intel.com> Signed-off-by:
-
Emmanuel Grumbach authored
Since we didn't reset t to 0, only the first iteration of the loop did checked the ready bit several times. From the second iteration and on, we just tested the bit once and continued to the next iteration. Reported-and-tested-by:
Lorenzo Zolfanelli <lorenzo@zolfa.nl> Link: https://bugzilla.kernel.org/show_bug.cgi?id=216452 Fixes: 289e5501 ("iwlwifi: fix the preparation of the card") Signed-off-by:
-
Johannes Berg authored
Newer firmware images have a TLV advertising how many beacons they support, use that to permit adding more links in AP mode (FW needs to support at least as many links as beacons). Signed-off-by:
-
Johannes Berg authored
Implement switching keys from one set of firmware station IDs to another set, during link switch. Signed-off-by:
-
Johannes Berg authored
When we switch station links, also add the code to switch BAIDs from one station mask to the new one. To do so, refactor the switching code a bit to have common code for all the needed switches; will add keys next. Signed-off-by:
-
Johannes Berg authored
When we have MLO connections, a BAID applies to multiple firmware stations. Track the station mask instead of the station ID, getting rid of a few more deflink cases and preparing for handling link switching for BAIDs. Signed-off-by:
-
Gregory Greenman authored
Start supporting API version 77 for AX devices. Signed-off-by:
-
Johannes Berg authored
When we remove a queue we need to use the currently active firmware stations in the mask, not the deflink one. Fix that. Signed-off-by:
-
