Commit d615ea32 authored by Johannes Berg's avatar Johannes Berg

wifi: iwlwifi: mvm: put only a single IGTK into FW

The firmware only supports a single IGTK, and due to some
changes it really doesn't like to have multiple programmed
in later versions. Since only newer firmware cannot remove
a key that isn't present any more, adjust only the MLD API
code to keep track of the previous IGTK and remove it when
a new one is added.
Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
Signed-off-by: default avatarGregory Greenman <gregory.greenman@intel.com>
Link: https://lore.kernel.org/r/20230613155501.3fde1ef09270.I2e12a3b0bba4325c07dc8fcce39b711f158bd621@changeidSigned-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
parent 63745236
......@@ -1038,6 +1038,7 @@ static void iwl_mvm_cleanup_iterator(void *data, u8 *mac,
mvmvif->link[link_id]->fw_link_id = IWL_MVM_FW_LINK_ID_INVALID;
mvmvif->link[link_id]->phy_ctxt = NULL;
mvmvif->link[link_id]->active = 0;
mvmvif->link[link_id]->igtk = NULL;
}
probe_data = rcu_dereference_protected(mvmvif->deflink.probe_resp_data,
......
......@@ -231,8 +231,49 @@ int iwl_mvm_sec_key_add(struct iwl_mvm *mvm,
{
u32 sta_mask = iwl_mvm_get_sec_sta_mask(mvm, vif, sta, keyconf);
u32 key_flags = iwl_mvm_get_sec_flags(mvm, vif, sta, keyconf);
struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
struct iwl_mvm_vif_link_info *mvm_link = NULL;
int ret;
if (keyconf->keyidx == 4 || keyconf->keyidx == 5) {
unsigned int link_id = 0;
/* set to -1 for non-MLO right now */
if (keyconf->link_id >= 0)
link_id = keyconf->link_id;
mvm_link = mvmvif->link[link_id];
if (WARN_ON(!mvm_link))
return -EINVAL;
if (mvm_link->igtk) {
IWL_DEBUG_MAC80211(mvm, "remove old IGTK %d\n",
mvm_link->igtk->keyidx);
ret = iwl_mvm_sec_key_del(mvm, vif, sta,
mvm_link->igtk);
if (ret)
IWL_ERR(mvm,
"failed to remove old IGTK (ret=%d)\n",
ret);
}
WARN_ON(mvm_link->igtk);
}
ret = iwl_mvm_mld_send_key(mvm, sta_mask, key_flags, keyconf);
if (ret)
return ret;
if (mvm_link)
mvm_link->igtk = keyconf;
/* We don't really need this, but need it to be not invalid,
* and if we switch links multiple times it might go to be
* invalid when removed.
*/
keyconf->hw_key_idx = 0;
return iwl_mvm_mld_send_key(mvm, sta_mask, key_flags, keyconf);
return 0;
}
static int _iwl_mvm_sec_key_del(struct iwl_mvm *mvm,
......@@ -243,11 +284,31 @@ static int _iwl_mvm_sec_key_del(struct iwl_mvm *mvm,
{
u32 sta_mask = iwl_mvm_get_sec_sta_mask(mvm, vif, sta, keyconf);
u32 key_flags = iwl_mvm_get_sec_flags(mvm, vif, sta, keyconf);
struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
int ret;
if (WARN_ON(!sta_mask))
return -EINVAL;
if (keyconf->keyidx == 4 || keyconf->keyidx == 5) {
struct iwl_mvm_vif_link_info *mvm_link;
unsigned int link_id = 0;
/* set to -1 for non-MLO right now */
if (keyconf->link_id >= 0)
link_id = keyconf->link_id;
mvm_link = mvmvif->link[link_id];
if (WARN_ON(!mvm_link))
return -EINVAL;
if (mvm_link->igtk == keyconf) {
/* no longer in HW - mark for later */
mvm_link->igtk->hw_key_idx = STA_KEY_IDX_INVALID;
mvm_link->igtk = NULL;
}
}
ret = __iwl_mvm_sec_key_del(mvm, sta_mask, key_flags, keyconf->keyidx,
flags);
if (ret)
......
/* SPDX-License-Identifier: GPL-2.0 OR BSD-3-Clause */
/*
* Copyright (C) 2012-2014, 2018-2022 Intel Corporation
* Copyright (C) 2012-2014, 2018-2023 Intel Corporation
* Copyright (C) 2013-2015 Intel Mobile Communications GmbH
* Copyright (C) 2016-2017 Intel Deutschland GmbH
*/
......@@ -300,6 +300,7 @@ struct iwl_probe_resp_data {
* @he_ru_2mhz_block: 26-tone RU OFDMA transmissions should be blocked
* @queue_params: QoS params for this MAC
* @mgmt_queue: queue number for unbufferable management frames
* @igtk: the current IGTK programmed into the firmware
*/
struct iwl_mvm_vif_link_info {
u8 bssid[ETH_ALEN];
......@@ -317,6 +318,8 @@ struct iwl_mvm_vif_link_info {
enum ieee80211_smps_mode smps_requests[NUM_IWL_MVM_SMPS_REQ];
struct iwl_probe_resp_data __rcu *probe_resp_data;
struct ieee80211_key_conf *igtk;
bool he_ru_2mhz_block;
bool active;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment