1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3  * MLO link handling
4  *
5  * Copyright (C) 2022-2023 Intel Corporation
6  */
7 #include <linux/slab.h>
8 #include <linux/kernel.h>
9 #include <net/mac80211.h>
10 #include "ieee80211_i.h"
11 #include "driver-ops.h"
12 #include "key.h"
13 #include "debugfs_netdev.h"
14 
ieee80211_link_setup(struct ieee80211_link_data * link)15 void ieee80211_link_setup(struct ieee80211_link_data *link)
16 {
17 	if (link->sdata->vif.type == NL80211_IFTYPE_STATION)
18 		ieee80211_mgd_setup_link(link);
19 }
20 
ieee80211_link_init(struct ieee80211_sub_if_data * sdata,int link_id,struct ieee80211_link_data * link,struct ieee80211_bss_conf * link_conf)21 void ieee80211_link_init(struct ieee80211_sub_if_data *sdata,
22 			 int link_id,
23 			 struct ieee80211_link_data *link,
24 			 struct ieee80211_bss_conf *link_conf)
25 {
26 	bool deflink = link_id < 0;
27 
28 	if (link_id < 0)
29 		link_id = 0;
30 
31 	rcu_assign_pointer(sdata->vif.link_conf[link_id], link_conf);
32 	rcu_assign_pointer(sdata->link[link_id], link);
33 
34 	link->sdata = sdata;
35 	link->link_id = link_id;
36 	link->conf = link_conf;
37 	link_conf->link_id = link_id;
38 	link_conf->vif = &sdata->vif;
39 
40 	INIT_WORK(&link->csa_finalize_work,
41 		  ieee80211_csa_finalize_work);
42 	INIT_WORK(&link->color_change_finalize_work,
43 		  ieee80211_color_change_finalize_work);
44 	INIT_DELAYED_WORK(&link->color_collision_detect_work,
45 			  ieee80211_color_collision_detection_work);
46 	INIT_LIST_HEAD(&link->assigned_chanctx_list);
47 	INIT_LIST_HEAD(&link->reserved_chanctx_list);
48 	INIT_DELAYED_WORK(&link->dfs_cac_timer_work,
49 			  ieee80211_dfs_cac_timer_work);
50 
51 	if (!deflink) {
52 		switch (sdata->vif.type) {
53 		case NL80211_IFTYPE_AP:
54 			ether_addr_copy(link_conf->addr,
55 					sdata->wdev.links[link_id].addr);
56 			link_conf->bssid = link_conf->addr;
57 			WARN_ON(!(sdata->wdev.valid_links & BIT(link_id)));
58 			break;
59 		case NL80211_IFTYPE_STATION:
60 			/* station sets the bssid in ieee80211_mgd_setup_link */
61 			break;
62 		default:
63 			WARN_ON(1);
64 		}
65 
66 		ieee80211_link_debugfs_add(link);
67 	}
68 }
69 
ieee80211_link_stop(struct ieee80211_link_data * link)70 void ieee80211_link_stop(struct ieee80211_link_data *link)
71 {
72 	if (link->sdata->vif.type == NL80211_IFTYPE_STATION)
73 		ieee80211_mgd_stop_link(link);
74 
75 	cancel_delayed_work_sync(&link->color_collision_detect_work);
76 	ieee80211_link_release_channel(link);
77 }
78 
79 struct link_container {
80 	struct ieee80211_link_data data;
81 	struct ieee80211_bss_conf conf;
82 };
83 
ieee80211_tear_down_links(struct ieee80211_sub_if_data * sdata,struct link_container ** links,u16 mask)84 static void ieee80211_tear_down_links(struct ieee80211_sub_if_data *sdata,
85 				      struct link_container **links, u16 mask)
86 {
87 	struct ieee80211_link_data *link;
88 	LIST_HEAD(keys);
89 	unsigned int link_id;
90 
91 	for (link_id = 0; link_id < IEEE80211_MLD_MAX_NUM_LINKS; link_id++) {
92 		if (!(mask & BIT(link_id)))
93 			continue;
94 		link = &links[link_id]->data;
95 		if (link_id == 0 && !link)
96 			link = &sdata->deflink;
97 		if (WARN_ON(!link))
98 			continue;
99 		ieee80211_remove_link_keys(link, &keys);
100 		ieee80211_link_debugfs_remove(link);
101 		ieee80211_link_stop(link);
102 	}
103 
104 	synchronize_rcu();
105 
106 	ieee80211_free_key_list(sdata->local, &keys);
107 }
108 
ieee80211_free_links(struct ieee80211_sub_if_data * sdata,struct link_container ** links)109 static void ieee80211_free_links(struct ieee80211_sub_if_data *sdata,
110 				 struct link_container **links)
111 {
112 	unsigned int link_id;
113 
114 	for (link_id = 0; link_id < IEEE80211_MLD_MAX_NUM_LINKS; link_id++)
115 		kfree(links[link_id]);
116 }
117 
ieee80211_check_dup_link_addrs(struct ieee80211_sub_if_data * sdata)118 static int ieee80211_check_dup_link_addrs(struct ieee80211_sub_if_data *sdata)
119 {
120 	unsigned int i, j;
121 
122 	for (i = 0; i < IEEE80211_MLD_MAX_NUM_LINKS; i++) {
123 		struct ieee80211_link_data *link1;
124 
125 		link1 = sdata_dereference(sdata->link[i], sdata);
126 		if (!link1)
127 			continue;
128 		for (j = i + 1; j < IEEE80211_MLD_MAX_NUM_LINKS; j++) {
129 			struct ieee80211_link_data *link2;
130 
131 			link2 = sdata_dereference(sdata->link[j], sdata);
132 			if (!link2)
133 				continue;
134 
135 			if (ether_addr_equal(link1->conf->addr,
136 					     link2->conf->addr))
137 				return -EALREADY;
138 		}
139 	}
140 
141 	return 0;
142 }
143 
ieee80211_set_vif_links_bitmaps(struct ieee80211_sub_if_data * sdata,u16 valid_links,u16 dormant_links)144 static void ieee80211_set_vif_links_bitmaps(struct ieee80211_sub_if_data *sdata,
145 					    u16 valid_links, u16 dormant_links)
146 {
147 	sdata->vif.valid_links = valid_links;
148 	sdata->vif.dormant_links = dormant_links;
149 
150 	if (!valid_links ||
151 	    WARN((~valid_links & dormant_links) ||
152 		 !(valid_links & ~dormant_links),
153 		 "Invalid links: valid=0x%x, dormant=0x%x",
154 		 valid_links, dormant_links)) {
155 		sdata->vif.active_links = 0;
156 		sdata->vif.dormant_links = 0;
157 		return;
158 	}
159 
160 	switch (sdata->vif.type) {
161 	case NL80211_IFTYPE_AP:
162 		/* in an AP all links are always active */
163 		sdata->vif.active_links = valid_links;
164 
165 		/* AP links are not expected to be disabled */
166 		WARN_ON(dormant_links);
167 		break;
168 	case NL80211_IFTYPE_STATION:
169 		if (sdata->vif.active_links)
170 			break;
171 		sdata->vif.active_links = valid_links & ~dormant_links;
172 		WARN_ON(hweight16(sdata->vif.active_links) > 1);
173 		break;
174 	default:
175 		WARN_ON(1);
176 	}
177 }
178 
ieee80211_vif_update_links(struct ieee80211_sub_if_data * sdata,struct link_container ** to_free,u16 new_links,u16 dormant_links)179 static int ieee80211_vif_update_links(struct ieee80211_sub_if_data *sdata,
180 				      struct link_container **to_free,
181 				      u16 new_links, u16 dormant_links)
182 {
183 	u16 old_links = sdata->vif.valid_links;
184 	u16 old_active = sdata->vif.active_links;
185 	unsigned long add = new_links & ~old_links;
186 	unsigned long rem = old_links & ~new_links;
187 	unsigned int link_id;
188 	int ret;
189 	struct link_container *links[IEEE80211_MLD_MAX_NUM_LINKS] = {}, *link;
190 	struct ieee80211_bss_conf *old[IEEE80211_MLD_MAX_NUM_LINKS];
191 	struct ieee80211_link_data *old_data[IEEE80211_MLD_MAX_NUM_LINKS];
192 	bool use_deflink = old_links == 0; /* set for error case */
193 
194 	sdata_assert_lock(sdata);
195 
196 	memset(to_free, 0, sizeof(links));
197 
198 	if (old_links == new_links && dormant_links == sdata->vif.dormant_links)
199 		return 0;
200 
201 	/* if there were no old links, need to clear the pointers to deflink */
202 	if (!old_links)
203 		rem |= BIT(0);
204 
205 	/* allocate new link structures first */
206 	for_each_set_bit(link_id, &add, IEEE80211_MLD_MAX_NUM_LINKS) {
207 		link = kzalloc(sizeof(*link), GFP_KERNEL);
208 		if (!link) {
209 			ret = -ENOMEM;
210 			goto free;
211 		}
212 		links[link_id] = link;
213 	}
214 
215 	/* keep track of the old pointers for the driver */
216 	BUILD_BUG_ON(sizeof(old) != sizeof(sdata->vif.link_conf));
217 	memcpy(old, sdata->vif.link_conf, sizeof(old));
218 	/* and for us in error cases */
219 	BUILD_BUG_ON(sizeof(old_data) != sizeof(sdata->link));
220 	memcpy(old_data, sdata->link, sizeof(old_data));
221 
222 	/* grab old links to free later */
223 	for_each_set_bit(link_id, &rem, IEEE80211_MLD_MAX_NUM_LINKS) {
224 		if (rcu_access_pointer(sdata->link[link_id]) != &sdata->deflink) {
225 			/*
226 			 * we must have allocated the data through this path so
227 			 * we know we can free both at the same time
228 			 */
229 			to_free[link_id] = container_of(rcu_access_pointer(sdata->link[link_id]),
230 							typeof(*links[link_id]),
231 							data);
232 		}
233 
234 		RCU_INIT_POINTER(sdata->link[link_id], NULL);
235 		RCU_INIT_POINTER(sdata->vif.link_conf[link_id], NULL);
236 	}
237 
238 	/* link them into data structures */
239 	for_each_set_bit(link_id, &add, IEEE80211_MLD_MAX_NUM_LINKS) {
240 		WARN_ON(!use_deflink &&
241 			rcu_access_pointer(sdata->link[link_id]) == &sdata->deflink);
242 
243 		link = links[link_id];
244 		ieee80211_link_init(sdata, link_id, &link->data, &link->conf);
245 		ieee80211_link_setup(&link->data);
246 	}
247 
248 	if (new_links == 0)
249 		ieee80211_link_init(sdata, -1, &sdata->deflink,
250 				    &sdata->vif.bss_conf);
251 
252 	ret = ieee80211_check_dup_link_addrs(sdata);
253 	if (!ret) {
254 		/* for keys we will not be able to undo this */
255 		ieee80211_tear_down_links(sdata, to_free, rem);
256 
257 		ieee80211_set_vif_links_bitmaps(sdata, new_links, dormant_links);
258 
259 		/* tell the driver */
260 		ret = drv_change_vif_links(sdata->local, sdata,
261 					   old_links & old_active,
262 					   new_links & sdata->vif.active_links,
263 					   old);
264 	}
265 
266 	if (ret) {
267 		/* restore config */
268 		memcpy(sdata->link, old_data, sizeof(old_data));
269 		memcpy(sdata->vif.link_conf, old, sizeof(old));
270 		ieee80211_set_vif_links_bitmaps(sdata, old_links, dormant_links);
271 		/* and free (only) the newly allocated links */
272 		memset(to_free, 0, sizeof(links));
273 		goto free;
274 	}
275 
276 	/* use deflink/bss_conf again if and only if there are no more links */
277 	use_deflink = new_links == 0;
278 
279 	goto deinit;
280 free:
281 	/* if we failed during allocation, only free all */
282 	for (link_id = 0; link_id < IEEE80211_MLD_MAX_NUM_LINKS; link_id++) {
283 		kfree(links[link_id]);
284 		links[link_id] = NULL;
285 	}
286 deinit:
287 	if (use_deflink)
288 		ieee80211_link_init(sdata, -1, &sdata->deflink,
289 				    &sdata->vif.bss_conf);
290 	return ret;
291 }
292 
ieee80211_vif_set_links(struct ieee80211_sub_if_data * sdata,u16 new_links,u16 dormant_links)293 int ieee80211_vif_set_links(struct ieee80211_sub_if_data *sdata,
294 			    u16 new_links, u16 dormant_links)
295 {
296 	struct link_container *links[IEEE80211_MLD_MAX_NUM_LINKS];
297 	int ret;
298 
299 	ret = ieee80211_vif_update_links(sdata, links, new_links,
300 					 dormant_links);
301 	ieee80211_free_links(sdata, links);
302 
303 	return ret;
304 }
305 
ieee80211_vif_clear_links(struct ieee80211_sub_if_data * sdata)306 void ieee80211_vif_clear_links(struct ieee80211_sub_if_data *sdata)
307 {
308 	struct link_container *links[IEEE80211_MLD_MAX_NUM_LINKS];
309 
310 	/*
311 	 * The locking here is different because when we free links
312 	 * in the station case we need to be able to cancel_work_sync()
313 	 * something that also takes the lock.
314 	 */
315 
316 	sdata_lock(sdata);
317 	ieee80211_vif_update_links(sdata, links, 0, 0);
318 	sdata_unlock(sdata);
319 
320 	ieee80211_free_links(sdata, links);
321 }
322 
_ieee80211_set_active_links(struct ieee80211_sub_if_data * sdata,u16 active_links)323 static int _ieee80211_set_active_links(struct ieee80211_sub_if_data *sdata,
324 				       u16 active_links)
325 {
326 	struct ieee80211_bss_conf *link_confs[IEEE80211_MLD_MAX_NUM_LINKS];
327 	struct ieee80211_local *local = sdata->local;
328 	u16 old_active = sdata->vif.active_links;
329 	unsigned long rem = old_active & ~active_links;
330 	unsigned long add = active_links & ~old_active;
331 	struct sta_info *sta;
332 	unsigned int link_id;
333 	int ret, i;
334 
335 	if (!ieee80211_sdata_running(sdata))
336 		return -ENETDOWN;
337 
338 	if (sdata->vif.type != NL80211_IFTYPE_STATION)
339 		return -EINVAL;
340 
341 	if (active_links & ~ieee80211_vif_usable_links(&sdata->vif))
342 		return -EINVAL;
343 
344 	/* nothing to do */
345 	if (old_active == active_links)
346 		return 0;
347 
348 	for (i = 0; i < IEEE80211_MLD_MAX_NUM_LINKS; i++)
349 		link_confs[i] = sdata_dereference(sdata->vif.link_conf[i],
350 						  sdata);
351 
352 	if (add) {
353 		sdata->vif.active_links |= active_links;
354 		ret = drv_change_vif_links(local, sdata,
355 					   old_active,
356 					   sdata->vif.active_links,
357 					   link_confs);
358 		if (ret) {
359 			sdata->vif.active_links = old_active;
360 			return ret;
361 		}
362 	}
363 
364 	for_each_set_bit(link_id, &rem, IEEE80211_MLD_MAX_NUM_LINKS) {
365 		struct ieee80211_link_data *link;
366 
367 		link = sdata_dereference(sdata->link[link_id], sdata);
368 
369 		/* FIXME: kill TDLS connections on the link */
370 
371 		ieee80211_link_release_channel(link);
372 	}
373 
374 	list_for_each_entry(sta, &local->sta_list, list) {
375 		if (sdata != sta->sdata)
376 			continue;
377 
378 		/* this is very temporary, but do it anyway */
379 		__ieee80211_sta_recalc_aggregates(sta,
380 						  old_active | active_links);
381 
382 		ret = drv_change_sta_links(local, sdata, &sta->sta,
383 					   old_active,
384 					   old_active | active_links);
385 		WARN_ON_ONCE(ret);
386 	}
387 
388 	ret = ieee80211_key_switch_links(sdata, rem, add);
389 	WARN_ON_ONCE(ret);
390 
391 	list_for_each_entry(sta, &local->sta_list, list) {
392 		if (sdata != sta->sdata)
393 			continue;
394 
395 		__ieee80211_sta_recalc_aggregates(sta, active_links);
396 
397 		ret = drv_change_sta_links(local, sdata, &sta->sta,
398 					   old_active | active_links,
399 					   active_links);
400 		WARN_ON_ONCE(ret);
401 
402 		/*
403 		 * Do it again, just in case - the driver might very
404 		 * well have called ieee80211_sta_recalc_aggregates()
405 		 * from there when filling in the new links, which
406 		 * would set it wrong since the vif's active links are
407 		 * not switched yet...
408 		 */
409 		__ieee80211_sta_recalc_aggregates(sta, active_links);
410 	}
411 
412 	for_each_set_bit(link_id, &add, IEEE80211_MLD_MAX_NUM_LINKS) {
413 		struct ieee80211_link_data *link;
414 
415 		link = sdata_dereference(sdata->link[link_id], sdata);
416 
417 		ret = ieee80211_link_use_channel(link, &link->conf->chandef,
418 						 IEEE80211_CHANCTX_SHARED);
419 		WARN_ON_ONCE(ret);
420 
421 		ieee80211_mgd_set_link_qos_params(link);
422 		ieee80211_link_info_change_notify(sdata, link,
423 						  BSS_CHANGED_ERP_CTS_PROT |
424 						  BSS_CHANGED_ERP_PREAMBLE |
425 						  BSS_CHANGED_ERP_SLOT |
426 						  BSS_CHANGED_HT |
427 						  BSS_CHANGED_BASIC_RATES |
428 						  BSS_CHANGED_BSSID |
429 						  BSS_CHANGED_CQM |
430 						  BSS_CHANGED_QOS |
431 						  BSS_CHANGED_TXPOWER |
432 						  BSS_CHANGED_BANDWIDTH |
433 						  BSS_CHANGED_TWT |
434 						  BSS_CHANGED_HE_OBSS_PD |
435 						  BSS_CHANGED_HE_BSS_COLOR);
436 	}
437 
438 	old_active = sdata->vif.active_links;
439 	sdata->vif.active_links = active_links;
440 
441 	if (rem) {
442 		ret = drv_change_vif_links(local, sdata, old_active,
443 					   active_links, link_confs);
444 		WARN_ON_ONCE(ret);
445 	}
446 
447 	return 0;
448 }
449 
__ieee80211_set_active_links(struct ieee80211_vif * vif,u16 active_links)450 int __ieee80211_set_active_links(struct ieee80211_vif *vif, u16 active_links)
451 {
452 	struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
453 	struct ieee80211_local *local = sdata->local;
454 	u16 old_active;
455 	int ret;
456 
457 	sdata_assert_lock(sdata);
458 	mutex_lock(&local->sta_mtx);
459 	mutex_lock(&local->mtx);
460 	mutex_lock(&local->key_mtx);
461 	old_active = sdata->vif.active_links;
462 	if (old_active & active_links) {
463 		/*
464 		 * if there's at least one link that stays active across
465 		 * the change then switch to it (to those) first, and
466 		 * then enable the additional links
467 		 */
468 		ret = _ieee80211_set_active_links(sdata,
469 						  old_active & active_links);
470 		if (!ret)
471 			ret = _ieee80211_set_active_links(sdata, active_links);
472 	} else {
473 		/* otherwise switch directly */
474 		ret = _ieee80211_set_active_links(sdata, active_links);
475 	}
476 	mutex_unlock(&local->key_mtx);
477 	mutex_unlock(&local->mtx);
478 	mutex_unlock(&local->sta_mtx);
479 
480 	return ret;
481 }
482 
ieee80211_set_active_links(struct ieee80211_vif * vif,u16 active_links)483 int ieee80211_set_active_links(struct ieee80211_vif *vif, u16 active_links)
484 {
485 	struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
486 	int ret;
487 
488 	sdata_lock(sdata);
489 	ret = __ieee80211_set_active_links(vif, active_links);
490 	sdata_unlock(sdata);
491 
492 	return ret;
493 }
494 EXPORT_SYMBOL_GPL(ieee80211_set_active_links);
495 
ieee80211_set_active_links_async(struct ieee80211_vif * vif,u16 active_links)496 void ieee80211_set_active_links_async(struct ieee80211_vif *vif,
497 				      u16 active_links)
498 {
499 	struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
500 
501 	if (!ieee80211_sdata_running(sdata))
502 		return;
503 
504 	if (sdata->vif.type != NL80211_IFTYPE_STATION)
505 		return;
506 
507 	if (active_links & ~ieee80211_vif_usable_links(&sdata->vif))
508 		return;
509 
510 	/* nothing to do */
511 	if (sdata->vif.active_links == active_links)
512 		return;
513 
514 	sdata->desired_active_links = active_links;
515 	schedule_work(&sdata->activate_links_work);
516 }
517 EXPORT_SYMBOL_GPL(ieee80211_set_active_links_async);
518