ClabureDB: Classified Bug-Reports Database

Project: Linux Kernel

Showing error 610

User:	Jiri Slaby
Error type:	Double Unlock
Error type description:	Some lock is unlocked twice unintentionally in a sequence
File location:	drivers/net/wireless/iwlwifi/iwl-sta.c
Line in file:	770
Project:	Linux Kernel
Project version:	2.6.28
Tools:	Stanse (1.2)
Entered:	2011-11-07 22:20:57 UTC
Source:

   1/******************************************************************************
   2 *
   3 * Copyright(c) 2003 - 2008 Intel Corporation. All rights reserved.
   4 *
   5 * Portions of this file are derived from the ipw3945 project, as well
   6 * as portions of the ieee80211 subsystem header files.
   7 *
   8 * This program is free software; you can redistribute it and/or modify it
   9 * under the terms of version 2 of the GNU General Public License as
  10 * published by the Free Software Foundation.
  11 *
  12 * This program is distributed in the hope that it will be useful, but WITHOUT
  13 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  14 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
  15 * more details.
  16 *
  17 * You should have received a copy of the GNU General Public License along with
  18 * this program; if not, write to the Free Software Foundation, Inc.,
  19 * 51 Franklin Street, Fifth Floor, Boston, MA 02110, USA
  20 *
  21 * The full GNU General Public License is included in this distribution in the
  22 * file called LICENSE.
  23 *
  24 * Contact Information:
  25 * James P. Ketrenos <ipw2100-admin@linux.intel.com>
  26 * Intel Corporation, 5200 N.E. Elam Young Parkway, Hillsboro, OR 97124-6497
  27 *
  28 *****************************************************************************/
  29
  30#include <net/mac80211.h>
  31#include <linux/etherdevice.h>
  32
  33#include "iwl-dev.h"
  34#include "iwl-core.h"
  35#include "iwl-sta.h"
  36#include "iwl-helpers.h"
  37
  38
  39#define IWL_STA_DRIVER_ACTIVE BIT(0) /* driver entry is active */
  40#define IWL_STA_UCODE_ACTIVE  BIT(1) /* ucode entry is active */
  41
  42u8 iwl_find_station(struct iwl_priv *priv, const u8 *addr)
  43{
  44        int i;
  45        int start = 0;
  46        int ret = IWL_INVALID_STATION;
  47        unsigned long flags;
  48        DECLARE_MAC_BUF(mac);
  49
  50        if ((priv->iw_mode == NL80211_IFTYPE_ADHOC) ||
  51            (priv->iw_mode == NL80211_IFTYPE_AP))
  52                start = IWL_STA_ID;
  53
  54        if (is_broadcast_ether_addr(addr))
  55                return priv->hw_params.bcast_sta_id;
  56
  57        spin_lock_irqsave(&priv->sta_lock, flags);
  58        for (i = start; i < priv->hw_params.max_stations; i++)
  59                if (priv->stations[i].used &&
  60                    (!compare_ether_addr(priv->stations[i].sta.sta.addr,
  61                                         addr))) {
  62                        ret = i;
  63                        goto out;
  64                }
  65
  66        IWL_DEBUG_ASSOC_LIMIT("can not find STA %s total %d\n",
  67                              print_mac(mac, addr), priv->num_stations);
  68
  69 out:
  70        spin_unlock_irqrestore(&priv->sta_lock, flags);
  71        return ret;
  72}
  73EXPORT_SYMBOL(iwl_find_station);
  74
  75int iwl_get_ra_sta_id(struct iwl_priv *priv, struct ieee80211_hdr *hdr)
  76{
  77        if (priv->iw_mode == NL80211_IFTYPE_STATION) {
  78                return IWL_AP_ID;
  79        } else {
  80                u8 *da = ieee80211_get_DA(hdr);
  81                return iwl_find_station(priv, da);
  82        }
  83}
  84EXPORT_SYMBOL(iwl_get_ra_sta_id);
  85
  86static void iwl_sta_ucode_activate(struct iwl_priv *priv, u8 sta_id)
  87{
  88        unsigned long flags;
  89        DECLARE_MAC_BUF(mac);
  90
  91        spin_lock_irqsave(&priv->sta_lock, flags);
  92
  93        if (!(priv->stations[sta_id].used & IWL_STA_DRIVER_ACTIVE))
  94                IWL_ERROR("ACTIVATE a non DRIVER active station %d\n", sta_id);
  95
  96        priv->stations[sta_id].used |= IWL_STA_UCODE_ACTIVE;
  97        IWL_DEBUG_ASSOC("Added STA to Ucode: %s\n",
  98                        print_mac(mac, priv->stations[sta_id].sta.sta.addr));
  99
 100        spin_unlock_irqrestore(&priv->sta_lock, flags);
 101}
 102
 103static int iwl_add_sta_callback(struct iwl_priv *priv,
 104                                   struct iwl_cmd *cmd, struct sk_buff *skb)
 105{
 106        struct iwl_rx_packet *res = NULL;
 107        u8 sta_id = cmd->cmd.addsta.sta.sta_id;
 108
 109        if (!skb) {
 110                IWL_ERROR("Error: Response NULL in REPLY_ADD_STA.\n");
 111                return 1;
 112        }
 113
 114        res = (struct iwl_rx_packet *)skb->data;
 115        if (res->hdr.flags & IWL_CMD_FAILED_MSK) {
 116                IWL_ERROR("Bad return from REPLY_ADD_STA (0x%08X)\n",
 117                          res->hdr.flags);
 118                return 1;
 119        }
 120
 121        switch (res->u.add_sta.status) {
 122        case ADD_STA_SUCCESS_MSK:
 123                iwl_sta_ucode_activate(priv, sta_id);
 124                 /* fall through */
 125        default:
 126                IWL_DEBUG_HC("Received REPLY_ADD_STA:(0x%08X)\n",
 127                             res->u.add_sta.status);
 128                break;
 129        }
 130
 131        /* We didn't cache the SKB; let the caller free it */
 132        return 1;
 133}
 134
 135int iwl_send_add_sta(struct iwl_priv *priv,
 136                     struct iwl_addsta_cmd *sta, u8 flags)
 137{
 138        struct iwl_rx_packet *res = NULL;
 139        int ret = 0;
 140        u8 data[sizeof(*sta)];
 141        struct iwl_host_cmd cmd = {
 142                .id = REPLY_ADD_STA,
 143                .meta.flags = flags,
 144                .data = data,
 145        };
 146
 147        if (flags & CMD_ASYNC)
 148                cmd.meta.u.callback = iwl_add_sta_callback;
 149        else
 150                cmd.meta.flags |= CMD_WANT_SKB;
 151
 152        cmd.len = priv->cfg->ops->utils->build_addsta_hcmd(sta, data);
 153        ret = iwl_send_cmd(priv, &cmd);
 154
 155        if (ret || (flags & CMD_ASYNC))
 156                return ret;
 157
 158        res = (struct iwl_rx_packet *)cmd.meta.u.skb->data;
 159        if (res->hdr.flags & IWL_CMD_FAILED_MSK) {
 160                IWL_ERROR("Bad return from REPLY_ADD_STA (0x%08X)\n",
 161                          res->hdr.flags);
 162                ret = -EIO;
 163        }
 164
 165        if (ret == 0) {
 166                switch (res->u.add_sta.status) {
 167                case ADD_STA_SUCCESS_MSK:
 168                        iwl_sta_ucode_activate(priv, sta->sta.sta_id);
 169                        IWL_DEBUG_INFO("REPLY_ADD_STA PASSED\n");
 170                        break;
 171                default:
 172                        ret = -EIO;
 173                        IWL_WARNING("REPLY_ADD_STA failed\n");
 174                        break;
 175                }
 176        }
 177
 178        priv->alloc_rxb_skb--;
 179        dev_kfree_skb_any(cmd.meta.u.skb);
 180
 181        return ret;
 182}
 183EXPORT_SYMBOL(iwl_send_add_sta);
 184
 185static void iwl_set_ht_add_station(struct iwl_priv *priv, u8 index,
 186                                   struct ieee80211_ht_info *sta_ht_inf)
 187{
 188        __le32 sta_flags;
 189        u8 mimo_ps_mode;
 190
 191        if (!sta_ht_inf || !sta_ht_inf->ht_supported)
 192                goto done;
 193
 194        mimo_ps_mode = (sta_ht_inf->cap & IEEE80211_HT_CAP_SM_PS) >> 2;
 195
 196        sta_flags = priv->stations[index].sta.station_flags;
 197
 198        sta_flags &= ~(STA_FLG_RTS_MIMO_PROT_MSK | STA_FLG_MIMO_DIS_MSK);
 199
 200        switch (mimo_ps_mode) {
 201        case WLAN_HT_CAP_SM_PS_STATIC:
 202                sta_flags |= STA_FLG_MIMO_DIS_MSK;
 203                break;
 204        case WLAN_HT_CAP_SM_PS_DYNAMIC:
 205                sta_flags |= STA_FLG_RTS_MIMO_PROT_MSK;
 206                break;
 207        case WLAN_HT_CAP_SM_PS_DISABLED:
 208                break;
 209        default:
 210                IWL_WARNING("Invalid MIMO PS mode %d\n", mimo_ps_mode);
 211                break;
 212        }
 213
 214        sta_flags |= cpu_to_le32(
 215              (u32)sta_ht_inf->ampdu_factor << STA_FLG_MAX_AGG_SIZE_POS);
 216
 217        sta_flags |= cpu_to_le32(
 218              (u32)sta_ht_inf->ampdu_density << STA_FLG_AGG_MPDU_DENSITY_POS);
 219
 220        if (iwl_is_fat_tx_allowed(priv, sta_ht_inf))
 221                sta_flags |= STA_FLG_FAT_EN_MSK;
 222        else
 223                sta_flags &= ~STA_FLG_FAT_EN_MSK;
 224
 225        priv->stations[index].sta.station_flags = sta_flags;
 226 done:
 227        return;
 228}
 229
 230/**
 231 * iwl_add_station_flags - Add station to tables in driver and device
 232 */
 233u8 iwl_add_station_flags(struct iwl_priv *priv, const u8 *addr, int is_ap,
 234                         u8 flags, struct ieee80211_ht_info *ht_info)
 235{
 236        int i;
 237        int sta_id = IWL_INVALID_STATION;
 238        struct iwl_station_entry *station;
 239        unsigned long flags_spin;
 240        DECLARE_MAC_BUF(mac);
 241
 242        spin_lock_irqsave(&priv->sta_lock, flags_spin);
 243        if (is_ap)
 244                sta_id = IWL_AP_ID;
 245        else if (is_broadcast_ether_addr(addr))
 246                sta_id = priv->hw_params.bcast_sta_id;
 247        else
 248                for (i = IWL_STA_ID; i < priv->hw_params.max_stations; i++) {
 249                        if (!compare_ether_addr(priv->stations[i].sta.sta.addr,
 250                                                addr)) {
 251                                sta_id = i;
 252                                break;
 253                        }
 254
 255                        if (!priv->stations[i].used &&
 256                            sta_id == IWL_INVALID_STATION)
 257                                sta_id = i;
 258                }
 259
 260        /* These two conditions have the same outcome, but keep them separate
 261           since they have different meanings */
 262        if (unlikely(sta_id == IWL_INVALID_STATION)) {
 263                spin_unlock_irqrestore(&priv->sta_lock, flags_spin);
 264                return sta_id;
 265        }
 266
 267        if (priv->stations[sta_id].used &&
 268            !compare_ether_addr(priv->stations[sta_id].sta.sta.addr, addr)) {
 269                spin_unlock_irqrestore(&priv->sta_lock, flags_spin);
 270                return sta_id;
 271        }
 272
 273
 274        station = &priv->stations[sta_id];
 275        station->used = IWL_STA_DRIVER_ACTIVE;
 276        IWL_DEBUG_ASSOC("Add STA to driver ID %d: %s\n",
 277                        sta_id, print_mac(mac, addr));
 278        priv->num_stations++;
 279
 280        /* Set up the REPLY_ADD_STA command to send to device */
 281        memset(&station->sta, 0, sizeof(struct iwl_addsta_cmd));
 282        memcpy(station->sta.sta.addr, addr, ETH_ALEN);
 283        station->sta.mode = 0;
 284        station->sta.sta.sta_id = sta_id;
 285        station->sta.station_flags = 0;
 286
 287        /* BCAST station and IBSS stations do not work in HT mode */
 288        if (sta_id != priv->hw_params.bcast_sta_id &&
 289            priv->iw_mode != NL80211_IFTYPE_ADHOC)
 290                iwl_set_ht_add_station(priv, sta_id, ht_info);
 291
 292        spin_unlock_irqrestore(&priv->sta_lock, flags_spin);
 293
 294        /* Add station to device's station table */
 295        iwl_send_add_sta(priv, &station->sta, flags);
 296        return sta_id;
 297
 298}
 299EXPORT_SYMBOL(iwl_add_station_flags);
 300
 301static void iwl_sta_ucode_deactivate(struct iwl_priv *priv, const char *addr)
 302{
 303        unsigned long flags;
 304        DECLARE_MAC_BUF(mac);
 305
 306        u8 sta_id = iwl_find_station(priv, addr);
 307
 308        BUG_ON(sta_id == IWL_INVALID_STATION);
 309
 310        IWL_DEBUG_ASSOC("Removed STA from Ucode: %s\n",
 311                        print_mac(mac, addr));
 312
 313        spin_lock_irqsave(&priv->sta_lock, flags);
 314
 315        /* Ucode must be active and driver must be non active */
 316        if (priv->stations[sta_id].used != IWL_STA_UCODE_ACTIVE)
 317                IWL_ERROR("removed non active STA %d\n", sta_id);
 318
 319        priv->stations[sta_id].used &= ~IWL_STA_UCODE_ACTIVE;
 320
 321        memset(&priv->stations[sta_id], 0, sizeof(struct iwl_station_entry));
 322        spin_unlock_irqrestore(&priv->sta_lock, flags);
 323}
 324
 325static int iwl_remove_sta_callback(struct iwl_priv *priv,
 326                                   struct iwl_cmd *cmd, struct sk_buff *skb)
 327{
 328        struct iwl_rx_packet *res = NULL;
 329        const char *addr = cmd->cmd.rm_sta.addr;
 330
 331        if (!skb) {
 332                IWL_ERROR("Error: Response NULL in REPLY_REMOVE_STA.\n");
 333                return 1;
 334        }
 335
 336        res = (struct iwl_rx_packet *)skb->data;
 337        if (res->hdr.flags & IWL_CMD_FAILED_MSK) {
 338                IWL_ERROR("Bad return from REPLY_REMOVE_STA (0x%08X)\n",
 339                res->hdr.flags);
 340                return 1;
 341        }
 342
 343        switch (res->u.rem_sta.status) {
 344        case REM_STA_SUCCESS_MSK:
 345                iwl_sta_ucode_deactivate(priv, addr);
 346                break;
 347        default:
 348                IWL_ERROR("REPLY_REMOVE_STA failed\n");
 349                break;
 350        }
 351
 352        /* We didn't cache the SKB; let the caller free it */
 353        return 1;
 354}
 355
 356static int iwl_send_remove_station(struct iwl_priv *priv, const u8 *addr,
 357                                   u8 flags)
 358{
 359        struct iwl_rx_packet *res = NULL;
 360        int ret;
 361
 362        struct iwl_rem_sta_cmd rm_sta_cmd;
 363
 364        struct iwl_host_cmd cmd = {
 365                .id = REPLY_REMOVE_STA,
 366                .len = sizeof(struct iwl_rem_sta_cmd),
 367                .meta.flags = flags,
 368                .data = &rm_sta_cmd,
 369        };
 370
 371        memset(&rm_sta_cmd, 0, sizeof(rm_sta_cmd));
 372        rm_sta_cmd.num_sta = 1;
 373        memcpy(&rm_sta_cmd.addr, addr , ETH_ALEN);
 374
 375        if (flags & CMD_ASYNC)
 376                cmd.meta.u.callback = iwl_remove_sta_callback;
 377        else
 378                cmd.meta.flags |= CMD_WANT_SKB;
 379        ret = iwl_send_cmd(priv, &cmd);
 380
 381        if (ret || (flags & CMD_ASYNC))
 382                return ret;
 383
 384        res = (struct iwl_rx_packet *)cmd.meta.u.skb->data;
 385        if (res->hdr.flags & IWL_CMD_FAILED_MSK) {
 386                IWL_ERROR("Bad return from REPLY_REMOVE_STA (0x%08X)\n",
 387                          res->hdr.flags);
 388                ret = -EIO;
 389        }
 390
 391        if (!ret) {
 392                switch (res->u.rem_sta.status) {
 393                case REM_STA_SUCCESS_MSK:
 394                        iwl_sta_ucode_deactivate(priv, addr);
 395                        IWL_DEBUG_ASSOC("REPLY_REMOVE_STA PASSED\n");
 396                        break;
 397                default:
 398                        ret = -EIO;
 399                        IWL_ERROR("REPLY_REMOVE_STA failed\n");
 400                        break;
 401                }
 402        }
 403
 404        priv->alloc_rxb_skb--;
 405        dev_kfree_skb_any(cmd.meta.u.skb);
 406
 407        return ret;
 408}
 409
 410/**
 411 * iwl_remove_station - Remove driver's knowledge of station.
 412 */
 413int iwl_remove_station(struct iwl_priv *priv, const u8 *addr, int is_ap)
 414{
 415        int sta_id = IWL_INVALID_STATION;
 416        int i, ret = -EINVAL;
 417        unsigned long flags;
 418        DECLARE_MAC_BUF(mac);
 419
 420        spin_lock_irqsave(&priv->sta_lock, flags);
 421
 422        if (is_ap)
 423                sta_id = IWL_AP_ID;
 424        else if (is_broadcast_ether_addr(addr))
 425                sta_id = priv->hw_params.bcast_sta_id;
 426        else
 427                for (i = IWL_STA_ID; i < priv->hw_params.max_stations; i++)
 428                        if (priv->stations[i].used &&
 429                            !compare_ether_addr(priv->stations[i].sta.sta.addr,
 430                                                addr)) {
 431                                sta_id = i;
 432                                break;
 433                        }
 434
 435        if (unlikely(sta_id == IWL_INVALID_STATION))
 436                goto out;
 437
 438        IWL_DEBUG_ASSOC("Removing STA from driver:%d  %s\n",
 439                sta_id, print_mac(mac, addr));
 440
 441        if (!(priv->stations[sta_id].used & IWL_STA_DRIVER_ACTIVE)) {
 442                IWL_ERROR("Removing %s but non DRIVER active\n",
 443                                print_mac(mac, addr));
 444                goto out;
 445        }
 446
 447        if (!(priv->stations[sta_id].used & IWL_STA_UCODE_ACTIVE)) {
 448                IWL_ERROR("Removing %s but non UCODE active\n",
 449                                print_mac(mac, addr));
 450                goto out;
 451        }
 452
 453
 454        priv->stations[sta_id].used &= ~IWL_STA_DRIVER_ACTIVE;
 455
 456        priv->num_stations--;
 457
 458        BUG_ON(priv->num_stations < 0);
 459
 460        spin_unlock_irqrestore(&priv->sta_lock, flags);
 461
 462        ret = iwl_send_remove_station(priv, addr, CMD_ASYNC);
 463        return ret;
 464out:
 465        spin_unlock_irqrestore(&priv->sta_lock, flags);
 466        return ret;
 467}
 468EXPORT_SYMBOL(iwl_remove_station);
 469
 470static int iwl_get_free_ucode_key_index(struct iwl_priv *priv)
 471{
 472        int i;
 473
 474        for (i = 0; i < STA_KEY_MAX_NUM; i++)
 475                if (!test_and_set_bit(i, &priv->ucode_key_table))
 476                        return i;
 477
 478        return WEP_INVALID_OFFSET;
 479}
 480
 481int iwl_send_static_wepkey_cmd(struct iwl_priv *priv, u8 send_if_empty)
 482{
 483        int i, not_empty = 0;
 484        u8 buff[sizeof(struct iwl_wep_cmd) +
 485                sizeof(struct iwl_wep_key) * WEP_KEYS_MAX];
 486        struct iwl_wep_cmd *wep_cmd = (struct iwl_wep_cmd *)buff;
 487        size_t cmd_size  = sizeof(struct iwl_wep_cmd);
 488        struct iwl_host_cmd cmd = {
 489                .id = REPLY_WEPKEY,
 490                .data = wep_cmd,
 491                .meta.flags = CMD_ASYNC,
 492        };
 493
 494        memset(wep_cmd, 0, cmd_size +
 495                        (sizeof(struct iwl_wep_key) * WEP_KEYS_MAX));
 496
 497        for (i = 0; i < WEP_KEYS_MAX ; i++) {
 498                wep_cmd->key[i].key_index = i;
 499                if (priv->wep_keys[i].key_size) {
 500                        wep_cmd->key[i].key_offset = i;
 501                        not_empty = 1;
 502                } else {
 503                        wep_cmd->key[i].key_offset = WEP_INVALID_OFFSET;
 504                }
 505
 506                wep_cmd->key[i].key_size = priv->wep_keys[i].key_size;
 507                memcpy(&wep_cmd->key[i].key[3], priv->wep_keys[i].key,
 508                                priv->wep_keys[i].key_size);
 509        }
 510
 511        wep_cmd->global_key_type = WEP_KEY_WEP_TYPE;
 512        wep_cmd->num_keys = WEP_KEYS_MAX;
 513
 514        cmd_size += sizeof(struct iwl_wep_key) * WEP_KEYS_MAX;
 515
 516        cmd.len = cmd_size;
 517
 518        if (not_empty || send_if_empty)
 519                return iwl_send_cmd(priv, &cmd);
 520        else
 521                return 0;
 522}
 523EXPORT_SYMBOL(iwl_send_static_wepkey_cmd);
 524
 525int iwl_remove_default_wep_key(struct iwl_priv *priv,
 526                               struct ieee80211_key_conf *keyconf)
 527{
 528        int ret;
 529        unsigned long flags;
 530
 531        spin_lock_irqsave(&priv->sta_lock, flags);
 532
 533        if (!test_and_clear_bit(keyconf->keyidx, &priv->ucode_key_table))
 534                IWL_ERROR("index %d not used in uCode key table.\n",
 535                          keyconf->keyidx);
 536
 537        priv->default_wep_key--;
 538        memset(&priv->wep_keys[keyconf->keyidx], 0, sizeof(priv->wep_keys[0]));
 539        ret = iwl_send_static_wepkey_cmd(priv, 1);
 540        IWL_DEBUG_WEP("Remove default WEP key: idx=%d ret=%d\n",
 541                      keyconf->keyidx, ret);
 542        spin_unlock_irqrestore(&priv->sta_lock, flags);
 543
 544        return ret;
 545}
 546EXPORT_SYMBOL(iwl_remove_default_wep_key);
 547
 548int iwl_set_default_wep_key(struct iwl_priv *priv,
 549                            struct ieee80211_key_conf *keyconf)
 550{
 551        int ret;
 552        unsigned long flags;
 553
 554        if (keyconf->keylen != WEP_KEY_LEN_128 &&
 555            keyconf->keylen != WEP_KEY_LEN_64) {
 556                IWL_DEBUG_WEP("Bad WEP key length %d\n", keyconf->keylen);
 557                return -EINVAL;
 558        }
 559
 560        keyconf->flags &= ~IEEE80211_KEY_FLAG_GENERATE_IV;
 561        keyconf->hw_key_idx = HW_KEY_DEFAULT;
 562        priv->stations[IWL_AP_ID].keyinfo.alg = ALG_WEP;
 563
 564        spin_lock_irqsave(&priv->sta_lock, flags);
 565        priv->default_wep_key++;
 566
 567        if (test_and_set_bit(keyconf->keyidx, &priv->ucode_key_table))
 568                IWL_ERROR("index %d already used in uCode key table.\n",
 569                        keyconf->keyidx);
 570
 571        priv->wep_keys[keyconf->keyidx].key_size = keyconf->keylen;
 572        memcpy(&priv->wep_keys[keyconf->keyidx].key, &keyconf->key,
 573                                                        keyconf->keylen);
 574
 575        ret = iwl_send_static_wepkey_cmd(priv, 0);
 576        IWL_DEBUG_WEP("Set default WEP key: len=%d idx=%d ret=%d\n",
 577                keyconf->keylen, keyconf->keyidx, ret);
 578        spin_unlock_irqrestore(&priv->sta_lock, flags);
 579
 580        return ret;
 581}
 582EXPORT_SYMBOL(iwl_set_default_wep_key);
 583
 584static int iwl_set_wep_dynamic_key_info(struct iwl_priv *priv,
 585                                struct ieee80211_key_conf *keyconf,
 586                                u8 sta_id)
 587{
 588        unsigned long flags;
 589        __le16 key_flags = 0;
 590        int ret;
 591
 592        keyconf->flags &= ~IEEE80211_KEY_FLAG_GENERATE_IV;
 593
 594        key_flags |= (STA_KEY_FLG_WEP | STA_KEY_FLG_MAP_KEY_MSK);
 595        key_flags |= cpu_to_le16(keyconf->keyidx << STA_KEY_FLG_KEYID_POS);
 596        key_flags &= ~STA_KEY_FLG_INVALID;
 597
 598        if (keyconf->keylen == WEP_KEY_LEN_128)
 599                key_flags |= STA_KEY_FLG_KEY_SIZE_MSK;
 600
 601        if (sta_id == priv->hw_params.bcast_sta_id)
 602                key_flags |= STA_KEY_MULTICAST_MSK;
 603
 604        spin_lock_irqsave(&priv->sta_lock, flags);
 605
 606        priv->stations[sta_id].keyinfo.alg = keyconf->alg;
 607        priv->stations[sta_id].keyinfo.keylen = keyconf->keylen;
 608        priv->stations[sta_id].keyinfo.keyidx = keyconf->keyidx;
 609
 610        memcpy(priv->stations[sta_id].keyinfo.key,
 611                                keyconf->key, keyconf->keylen);
 612
 613        memcpy(&priv->stations[sta_id].sta.key.key[3],
 614                                keyconf->key, keyconf->keylen);
 615
 616        if ((priv->stations[sta_id].sta.key.key_flags & STA_KEY_FLG_ENCRYPT_MSK)
 617                        == STA_KEY_FLG_NO_ENC)
 618                priv->stations[sta_id].sta.key.key_offset =
 619                                 iwl_get_free_ucode_key_index(priv);
 620        /* else, we are overriding an existing key => no need to allocated room
 621         * in uCode. */
 622
 623        WARN(priv->stations[sta_id].sta.key.key_offset == WEP_INVALID_OFFSET,
 624                "no space for new kew");
 625
 626        priv->stations[sta_id].sta.key.key_flags = key_flags;
 627        priv->stations[sta_id].sta.sta.modify_mask = STA_MODIFY_KEY_MASK;
 628        priv->stations[sta_id].sta.mode = STA_CONTROL_MODIFY_MSK;
 629
 630        ret = iwl_send_add_sta(priv, &priv->stations[sta_id].sta, CMD_ASYNC);
 631
 632        spin_unlock_irqrestore(&priv->sta_lock, flags);
 633
 634        return ret;
 635}
 636
 637static int iwl_set_ccmp_dynamic_key_info(struct iwl_priv *priv,
 638                                   struct ieee80211_key_conf *keyconf,
 639                                   u8 sta_id)
 640{
 641        unsigned long flags;
 642        __le16 key_flags = 0;
 643        int ret;
 644
 645        key_flags |= (STA_KEY_FLG_CCMP | STA_KEY_FLG_MAP_KEY_MSK);
 646        key_flags |= cpu_to_le16(keyconf->keyidx << STA_KEY_FLG_KEYID_POS);
 647        key_flags &= ~STA_KEY_FLG_INVALID;
 648
 649        if (sta_id == priv->hw_params.bcast_sta_id)
 650                key_flags |= STA_KEY_MULTICAST_MSK;
 651
 652        keyconf->flags |= IEEE80211_KEY_FLAG_GENERATE_IV;
 653
 654        spin_lock_irqsave(&priv->sta_lock, flags);
 655        priv->stations[sta_id].keyinfo.alg = keyconf->alg;
 656        priv->stations[sta_id].keyinfo.keylen = keyconf->keylen;
 657
 658        memcpy(priv->stations[sta_id].keyinfo.key, keyconf->key,
 659               keyconf->keylen);
 660
 661        memcpy(priv->stations[sta_id].sta.key.key, keyconf->key,
 662               keyconf->keylen);
 663
 664        if ((priv->stations[sta_id].sta.key.key_flags & STA_KEY_FLG_ENCRYPT_MSK)
 665                        == STA_KEY_FLG_NO_ENC)
 666                priv->stations[sta_id].sta.key.key_offset =
 667                                 iwl_get_free_ucode_key_index(priv);
 668        /* else, we are overriding an existing key => no need to allocated room
 669         * in uCode. */
 670
 671        WARN(priv->stations[sta_id].sta.key.key_offset == WEP_INVALID_OFFSET,
 672                "no space for new kew");
 673
 674        priv->stations[sta_id].sta.key.key_flags = key_flags;
 675        priv->stations[sta_id].sta.sta.modify_mask = STA_MODIFY_KEY_MASK;
 676        priv->stations[sta_id].sta.mode = STA_CONTROL_MODIFY_MSK;
 677
 678        ret = iwl_send_add_sta(priv, &priv->stations[sta_id].sta, CMD_ASYNC);
 679
 680        spin_unlock_irqrestore(&priv->sta_lock, flags);
 681
 682        return ret;
 683}
 684
 685static int iwl_set_tkip_dynamic_key_info(struct iwl_priv *priv,
 686                                   struct ieee80211_key_conf *keyconf,
 687                                   u8 sta_id)
 688{
 689        unsigned long flags;
 690        int ret = 0;
 691
 692        keyconf->flags |= IEEE80211_KEY_FLAG_GENERATE_IV;
 693        keyconf->flags |= IEEE80211_KEY_FLAG_GENERATE_MMIC;
 694
 695        spin_lock_irqsave(&priv->sta_lock, flags);
 696
 697        priv->stations[sta_id].keyinfo.alg = keyconf->alg;
 698        priv->stations[sta_id].keyinfo.keylen = 16;
 699
 700        if ((priv->stations[sta_id].sta.key.key_flags & STA_KEY_FLG_ENCRYPT_MSK)
 701                        == STA_KEY_FLG_NO_ENC)
 702                priv->stations[sta_id].sta.key.key_offset =
 703                                 iwl_get_free_ucode_key_index(priv);
 704        /* else, we are overriding an existing key => no need to allocated room
 705         * in uCode. */
 706
 707        WARN(priv->stations[sta_id].sta.key.key_offset == WEP_INVALID_OFFSET,
 708                "no space for new kew");
 709
 710        /* This copy is acutally not needed: we get the key with each TX */
 711        memcpy(priv->stations[sta_id].keyinfo.key, keyconf->key, 16);
 712
 713        memcpy(priv->stations[sta_id].sta.key.key, keyconf->key, 16);
 714
 715        spin_unlock_irqrestore(&priv->sta_lock, flags);
 716
 717        return ret;
 718}
 719
 720int iwl_remove_dynamic_key(struct iwl_priv *priv,
 721                                struct ieee80211_key_conf *keyconf,
 722                                u8 sta_id)
 723{
 724        unsigned long flags;
 725        int ret = 0;
 726        u16 key_flags;
 727        u8 keyidx;
 728
 729        priv->key_mapping_key--;
 730
 731        spin_lock_irqsave(&priv->sta_lock, flags);
 732        key_flags = le16_to_cpu(priv->stations[sta_id].sta.key.key_flags);
 733        keyidx = (key_flags >> STA_KEY_FLG_KEYID_POS) & 0x3;
 734
 735        IWL_DEBUG_WEP("Remove dynamic key: idx=%d sta=%d\n",
 736                      keyconf->keyidx, sta_id);
 737
 738        if (keyconf->keyidx != keyidx) {
 739                /* We need to remove a key with index different that the one
 740                 * in the uCode. This means that the key we need to remove has
 741                 * been replaced by another one with different index.
 742                 * Don't do anything and return ok
 743                 */
 744                spin_unlock_irqrestore(&priv->sta_lock, flags);
 745                return 0;
 746        }
 747
 748        if (priv->stations[sta_id].sta.key.key_offset == WEP_INVALID_OFFSET) {
 749                IWL_WARNING("Removing wrong key %d 0x%x\n",
 750                            keyconf->keyidx, key_flags);
 751                spin_unlock_irqrestore(&priv->sta_lock, flags);
 752                return 0;
 753        }
 754
 755        if (!test_and_clear_bit(priv->stations[sta_id].sta.key.key_offset,
 756                &priv->ucode_key_table))
 757                IWL_ERROR("index %d not used in uCode key table.\n",
 758                        priv->stations[sta_id].sta.key.key_offset);
 759        memset(&priv->stations[sta_id].keyinfo, 0,
 760                                        sizeof(struct iwl_hw_key));
 761        memset(&priv->stations[sta_id].sta.key, 0,
 762                                        sizeof(struct iwl4965_keyinfo));
 763        priv->stations[sta_id].sta.key.key_flags =
 764                        STA_KEY_FLG_NO_ENC | STA_KEY_FLG_INVALID;
 765        priv->stations[sta_id].sta.key.key_offset = WEP_INVALID_OFFSET;
 766        priv->stations[sta_id].sta.sta.modify_mask = STA_MODIFY_KEY_MASK;
 767        priv->stations[sta_id].sta.mode = STA_CONTROL_MODIFY_MSK;
 768
 769        ret =  iwl_send_add_sta(priv, &priv->stations[sta_id].sta, CMD_ASYNC);
 770        spin_unlock_irqrestore(&priv->sta_lock, flags);
 771        return ret;
 772}
 773EXPORT_SYMBOL(iwl_remove_dynamic_key);
 774
 775int iwl_set_dynamic_key(struct iwl_priv *priv,
 776                                struct ieee80211_key_conf *keyconf, u8 sta_id)
 777{
 778        int ret;
 779
 780        priv->key_mapping_key++;
 781        keyconf->hw_key_idx = HW_KEY_DYNAMIC;
 782
 783        switch (keyconf->alg) {
 784        case ALG_CCMP:
 785                ret = iwl_set_ccmp_dynamic_key_info(priv, keyconf, sta_id);
 786                break;
 787        case ALG_TKIP:
 788                ret = iwl_set_tkip_dynamic_key_info(priv, keyconf, sta_id);
 789                break;
 790        case ALG_WEP:
 791                ret = iwl_set_wep_dynamic_key_info(priv, keyconf, sta_id);
 792                break;
 793        default:
 794                IWL_ERROR("Unknown alg: %s alg = %d\n", __func__, keyconf->alg);
 795                ret = -EINVAL;
 796        }
 797
 798        IWL_DEBUG_WEP("Set dynamic key: alg= %d len=%d idx=%d sta=%d ret=%d\n",
 799                      keyconf->alg, keyconf->keylen, keyconf->keyidx,
 800                      sta_id, ret);
 801
 802        return ret;
 803}
 804EXPORT_SYMBOL(iwl_set_dynamic_key);
 805
 806#ifdef CONFIG_IWLWIFI_DEBUG
 807static void iwl_dump_lq_cmd(struct iwl_priv *priv,
 808                           struct iwl_link_quality_cmd *lq)
 809{
 810        int i;
 811        IWL_DEBUG_RATE("lq station id 0x%x\n", lq->sta_id);
 812        IWL_DEBUG_RATE("lq dta 0x%X 0x%X\n",
 813                       lq->general_params.single_stream_ant_msk,
 814                       lq->general_params.dual_stream_ant_msk);
 815
 816        for (i = 0; i < LINK_QUAL_MAX_RETRY_NUM; i++)
 817                IWL_DEBUG_RATE("lq index %d 0x%X\n",
 818                               i, lq->rs_table[i].rate_n_flags);
 819}
 820#else
 821static inline void iwl_dump_lq_cmd(struct iwl_priv *priv,
 822                                   struct iwl_link_quality_cmd *lq)
 823{
 824}
 825#endif
 826
 827int iwl_send_lq_cmd(struct iwl_priv *priv,
 828                    struct iwl_link_quality_cmd *lq, u8 flags)
 829{
 830        struct iwl_host_cmd cmd = {
 831                .id = REPLY_TX_LINK_QUALITY_CMD,
 832                .len = sizeof(struct iwl_link_quality_cmd),
 833                .meta.flags = flags,
 834                .data = lq,
 835        };
 836
 837        if ((lq->sta_id == 0xFF) &&
 838            (priv->iw_mode == NL80211_IFTYPE_ADHOC))
 839                return -EINVAL;
 840
 841        if (lq->sta_id == 0xFF)
 842                lq->sta_id = IWL_AP_ID;
 843
 844        iwl_dump_lq_cmd(priv, lq);
 845
 846        if (iwl_is_associated(priv) && priv->assoc_station_added)
 847                return  iwl_send_cmd(priv, &cmd);
 848
 849        return 0;
 850}
 851EXPORT_SYMBOL(iwl_send_lq_cmd);
 852
 853/**
 854 * iwl_sta_init_lq - Initialize a station's hardware rate table
 855 *
 856 * The uCode's station table contains a table of fallback rates
 857 * for automatic fallback during transmission.
 858 *
 859 * NOTE: This sets up a default set of values.  These will be replaced later
 860 *       if the driver's iwl-agn-rs rate scaling algorithm is used, instead of
 861 *       rc80211_simple.
 862 *
 863 * NOTE: Run REPLY_ADD_STA command to set up station table entry, before
 864 *       calling this function (which runs REPLY_TX_LINK_QUALITY_CMD,
 865 *       which requires station table entry to exist).
 866 */
 867static void iwl_sta_init_lq(struct iwl_priv *priv, const u8 *addr, int is_ap)
 868{
 869        int i, r;
 870        struct iwl_link_quality_cmd link_cmd = {
 871                .reserved1 = 0,
 872        };
 873        u16 rate_flags;
 874
 875        /* Set up the rate scaling to start at selected rate, fall back
 876         * all the way down to 1M in IEEE order, and then spin on 1M */
 877        if (is_ap)
 878                r = IWL_RATE_54M_INDEX;
 879        else if (priv->band == IEEE80211_BAND_5GHZ)
 880                r = IWL_RATE_6M_INDEX;
 881        else
 882                r = IWL_RATE_1M_INDEX;
 883
 884        for (i = 0; i < LINK_QUAL_MAX_RETRY_NUM; i++) {
 885                rate_flags = 0;
 886                if (r >= IWL_FIRST_CCK_RATE && r <= IWL_LAST_CCK_RATE)
 887                        rate_flags |= RATE_MCS_CCK_MSK;
 888
 889                /* Use Tx antenna B only */
 890                rate_flags |= RATE_MCS_ANT_B_MSK; /*FIXME:RS*/
 891
 892                link_cmd.rs_table[i].rate_n_flags =
 893                        iwl_hw_set_rate_n_flags(iwl_rates[r].plcp, rate_flags);
 894                r = iwl4965_get_prev_ieee_rate(r);
 895        }
 896
 897        link_cmd.general_params.single_stream_ant_msk = 2;
 898        link_cmd.general_params.dual_stream_ant_msk = 3;
 899        link_cmd.agg_params.agg_dis_start_th = 3;
 900        link_cmd.agg_params.agg_time_limit = cpu_to_le16(4000);
 901
 902        /* Update the rate scaling for control frame Tx to AP */
 903        link_cmd.sta_id = is_ap ? IWL_AP_ID : priv->hw_params.bcast_sta_id;
 904
 905        iwl_send_cmd_pdu_async(priv, REPLY_TX_LINK_QUALITY_CMD,
 906                               sizeof(link_cmd), &link_cmd, NULL);
 907}
 908
 909/**
 910 * iwl_rxon_add_station - add station into station table.
 911 *
 912 * there is only one AP station with id= IWL_AP_ID
 913 * NOTE: mutex must be held before calling this fnction
 914 */
 915int iwl_rxon_add_station(struct iwl_priv *priv, const u8 *addr, int is_ap)
 916{
 917        u8 sta_id;
 918
 919        /* Add station to device's station table */
 920        struct ieee80211_conf *conf = &priv->hw->conf;
 921        struct ieee80211_ht_info *cur_ht_config = &conf->ht_conf;
 922
 923        if ((is_ap) &&
 924            (conf->flags & IEEE80211_CONF_SUPPORT_HT_MODE) &&
 925            (priv->iw_mode == NL80211_IFTYPE_STATION))
 926                sta_id = iwl_add_station_flags(priv, addr, is_ap,
 927                                                   0, cur_ht_config);
 928        else
 929                sta_id = iwl_add_station_flags(priv, addr, is_ap,
 930                                                   0, NULL);
 931
 932        /* Set up default rate scaling table in device's station table */
 933        iwl_sta_init_lq(priv, addr, is_ap);
 934
 935        return sta_id;
 936}
 937EXPORT_SYMBOL(iwl_rxon_add_station);
 938
 939/**
 940 * iwl_get_sta_id - Find station's index within station table
 941 *
 942 * If new IBSS station, create new entry in station table
 943 */
 944int iwl_get_sta_id(struct iwl_priv *priv, struct ieee80211_hdr *hdr)
 945{
 946        int sta_id;
 947        u16 fc = le16_to_cpu(hdr->frame_control);
 948        DECLARE_MAC_BUF(mac);
 949
 950        /* If this frame is broadcast or management, use broadcast station id */
 951        if (((fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA) ||
 952            is_multicast_ether_addr(hdr->addr1))
 953                return priv->hw_params.bcast_sta_id;
 954
 955        switch (priv->iw_mode) {
 956
 957        /* If we are a client station in a BSS network, use the special
 958         * AP station entry (that's the only station we communicate with) */
 959        case NL80211_IFTYPE_STATION:
 960                return IWL_AP_ID;
 961
 962        /* If we are an AP, then find the station, or use BCAST */
 963        case NL80211_IFTYPE_AP:
 964                sta_id = iwl_find_station(priv, hdr->addr1);
 965                if (sta_id != IWL_INVALID_STATION)
 966                        return sta_id;
 967                return priv->hw_params.bcast_sta_id;
 968
 969        /* If this frame is going out to an IBSS network, find the station,
 970         * or create a new station table entry */
 971        case NL80211_IFTYPE_ADHOC:
 972                sta_id = iwl_find_station(priv, hdr->addr1);
 973                if (sta_id != IWL_INVALID_STATION)
 974                        return sta_id;
 975
 976                /* Create new station table entry */
 977                sta_id = iwl_add_station_flags(priv, hdr->addr1,
 978                                                   0, CMD_ASYNC, NULL);
 979
 980                if (sta_id != IWL_INVALID_STATION)
 981                        return sta_id;
 982
 983                IWL_DEBUG_DROP("Station %s not in station map. "
 984                               "Defaulting to broadcast...\n",
 985                               print_mac(mac, hdr->addr1));
 986                iwl_print_hex_dump(priv, IWL_DL_DROP, (u8 *) hdr, sizeof(*hdr));
 987                return priv->hw_params.bcast_sta_id;
 988
 989        /* If we are in monitor mode, use BCAST. This is required for
 990         * packet injection. */
 991        case NL80211_IFTYPE_MONITOR:
 992                return priv->hw_params.bcast_sta_id;
 993
 994        default:
 995                IWL_WARNING("Unknown mode of operation: %d\n", priv->iw_mode);
 996                return priv->hw_params.bcast_sta_id;
 997        }
 998}
 999EXPORT_SYMBOL(iwl_get_sta_id);
1000
1001/**
1002 * iwl_sta_modify_enable_tid_tx - Enable Tx for this TID in station table
1003 */
1004void iwl_sta_modify_enable_tid_tx(struct iwl_priv *priv, int sta_id, int tid)
1005{
1006        unsigned long flags;
1007
1008        /* Remove "disable" flag, to enable Tx for this TID */
1009        spin_lock_irqsave(&priv->sta_lock, flags);
1010        priv->stations[sta_id].sta.sta.modify_mask = STA_MODIFY_TID_DISABLE_TX;
1011        priv->stations[sta_id].sta.tid_disable_tx &= cpu_to_le16(~(1 << tid));
1012        priv->stations[sta_id].sta.mode = STA_CONTROL_MODIFY_MSK;
1013        spin_unlock_irqrestore(&priv->sta_lock, flags);
1014
1015        iwl_send_add_sta(priv, &priv->stations[sta_id].sta, CMD_ASYNC);
1016}
1017EXPORT_SYMBOL(iwl_sta_modify_enable_tid_tx);
1018