diff options
1087 files changed, 108440 insertions, 31810 deletions
diff --git a/Makefile.inc1 b/Makefile.inc1 index da6aec1e12df..f78da3722c88 100644 --- a/Makefile.inc1 +++ b/Makefile.inc1 @@ -2215,6 +2215,8 @@ _basic_bootstrap_tools+=usr.bin/ldd _basic_bootstrap_tools+=usr.sbin/services_mkdb usr.sbin/pwd_mkdb # sysctl/chflags are required for installkernel: _basic_bootstrap_tools+=sbin/sysctl bin/chflags +# mkfifo is used by sys/conf/newvers.sh +_basic_bootstrap_tools+=usr.bin/mkfifo .if ${MK_AMD} != "no" # unifdef is only used by usr.sbin/amd/libamu/Makefile @@ -2689,8 +2691,10 @@ _prereq_libs+= gnu/lib/libssp/libssp_nonshared # gnu/lib/csu, gnu/lib/libgcc, lib/csu and lib/libc must be built before # all shared libraries for ELF. # -_startup_libs= gnu/lib/csu -_startup_libs+= lib/csu +_startup_libs= lib/csu +.if ${MK_BSD_CRTBEGIN} == "no" +_startup_libs+= gnu/lib/csu +.endif _startup_libs+= lib/libcompiler_rt _startup_libs+= lib/libc _startup_libs+= lib/libc_nonshared diff --git a/ObsoleteFiles.inc b/ObsoleteFiles.inc index ba10fdc3f716..7433ebff7380 100644 --- a/ObsoleteFiles.inc +++ b/ObsoleteFiles.inc @@ -203,6 +203,8 @@ OLD_LIBS+=usr/lib32/libcap_pwd.so.0 OLD_LIBS+=usr/lib32/libcap_random.so.0 OLD_LIBS+=usr/lib32/libcap_dns.so.0 OLD_LIBS+=usr/lib32/libcap_syslog.so.0 +# 20181012: rename of ixlv(4) to iavf(4) +OLD_FILES+=usr/share/man/man4/ixlv.4.gz # 20181009: OpenSSL 1.1.1 OLD_FILES+=usr/include/openssl/des_old.h OLD_FILES+=usr/include/openssl/dso.h @@ -31,6 +31,12 @@ NOTE TO PEOPLE WHO THINK THAT FreeBSD 13.x IS SLOW: disable the most expensive debugging functionality run "ln -s 'abort:false,junk:false' /etc/malloc.conf".) +20181126: + On amd64, arm64 and armv7 (architectures that install LLVM's ld.lld + linker as /usr/bin/ld) GNU ld is no longer installed as ld.bfd, as + it produces broken binaries when ifuncs are in use. Users needing + GNU ld should install the binutils port or package. + 20181123: The BSD crtbegin and crtend code has been enabled by default. It has had extensive testing on amd64, arm64, and i386. It can be disabled @@ -77,6 +83,13 @@ NOTE TO PEOPLE WHO THINK THAT FreeBSD 13.x IS SLOW: loading from X11 startup. These will become the defaults in 13-current shortly. +20181012: + The ixlv(4) driver has been renamed to iavf(4). As a consequence, + custom kernel and module loading configuration files must be updated + accordingly. Moreover, interfaces previous presented as ixlvN to the + system are now exposed as iavfN and network configuration files must + be adjusted as necessary. + 20181009: OpenSSL has been updated to version 1.1.1. This update included additional various API changes througout the base system. It is diff --git a/bin/dd/dd.c b/bin/dd/dd.c index ef186a8186c3..46175fa4c8f2 100644 --- a/bin/dd/dd.c +++ b/bin/dd/dd.c @@ -511,7 +511,7 @@ void dd_out(int force) { u_char *outp; - size_t cnt, i, n; + size_t cnt, n; ssize_t nw; static int warned; int sparse; @@ -544,12 +544,8 @@ dd_out(int force) do { sparse = 0; if (ddflags & C_SPARSE) { - sparse = 1; /* Is buffer sparse? */ - for (i = 0; i < cnt; i++) - if (outp[i] != 0) { - sparse = 0; - break; - } + /* Is buffer sparse? */ + sparse = BISZERO(outp, cnt); } if (sparse && !force) { pending += cnt; diff --git a/bin/dd/dd.h b/bin/dd/dd.h index 0f7c680a6ee0..8090252923fd 100644 --- a/bin/dd/dd.h +++ b/bin/dd/dd.h @@ -103,3 +103,7 @@ typedef struct { #define C_PROGRESS 0x40000000 #define C_PARITY (C_PAREVEN | C_PARODD | C_PARNONE | C_PARSET) + +#define BISZERO(p, s) ((s) > 0 && *((const char *)p) == 0 && !memcmp( \ + (const void *)(p), (const void *) \ + ((const char *)p + 1), (s) - 1)) diff --git a/bin/pkill/pkill.1 b/bin/pkill/pkill.1 index 44df82f1e53b..537f20f036ef 100644 --- a/bin/pkill/pkill.1 +++ b/bin/pkill/pkill.1 @@ -29,7 +29,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE .\" POSSIBILITY OF SUCH DAMAGE. .\" -.Dd June 5, 2017 +.Dd December 3, 2018 .Dt PKILL 1 .Os .Sh NAME @@ -221,7 +221,7 @@ This option is valid only when given as the first argument to .Pp If any .Ar pattern -operands are specified, they are used as regular expressions to match +operands are specified, they are used as extended regular expressions to match the command name or full argument list of each process. If the .Fl f @@ -241,6 +241,18 @@ or .Nm pkill process will never consider itself nor system processes (kernel threads) as a potential match. +.Sh IMPLEMENTATION NOTES +The Sun Solaris implementation utilised procfs to obtain process information. +This implementation utilises +.Xr kvm 3 +instead. +On a live system, +.Xr kvm 3 +uses +.Va kern.proc +MIB to obtain the list of processes, kernel memory through +.Pa /dev/kmem +is not accessed. .Sh EXIT STATUS The .Nm pgrep @@ -277,6 +289,7 @@ is deprecated, and its use is discouraged in favor of .Xr flock 2 , .Xr kill 2 , .Xr sigaction 2 , +.Xr kvm 3 , .Xr pidfile 3 , .Xr re_format 7 .\" Xr signal 7 diff --git a/bin/sh/expand.c b/bin/sh/expand.c index 6316400c88d5..922bf5c3c4e8 100644 --- a/bin/sh/expand.c +++ b/bin/sh/expand.c @@ -623,10 +623,11 @@ static const char * subevalvar_misc(const char *p, struct nodelist **restrict argbackq, const char *var, int subtype, int startloc, int varflags) { + const char *end; char *startp; int amount; - p = argstr(p, argbackq, EXP_TILDE, NULL); + end = argstr(p, argbackq, EXP_TILDE, NULL); STACKSTRNUL(expdest); startp = stackblock() + startloc; @@ -635,7 +636,7 @@ subevalvar_misc(const char *p, struct nodelist **restrict argbackq, setvar(var, startp, 0); amount = startp - expdest; STADJUST(amount, expdest); - return p; + return end; case VSQUESTION: if (*p != CTLENDVAR) { diff --git a/bin/sh/input.c b/bin/sh/input.c index 391953190b54..d48aab803903 100644 --- a/bin/sh/input.c +++ b/bin/sh/input.c @@ -359,12 +359,16 @@ popstring(void) void setinputfile(const char *fname, int push) { + int e; int fd; int fd2; INTOFF; - if ((fd = open(fname, O_RDONLY | O_CLOEXEC)) < 0) - error("cannot open %s: %s", fname, strerror(errno)); + if ((fd = open(fname, O_RDONLY | O_CLOEXEC)) < 0) { + e = errno; + errorwithstatus(e == ENOENT || e == ENOTDIR ? 127 : 126, + "cannot open %s: %s", fname, strerror(e)); + } if (fd < 10) { fd2 = fcntl(fd, F_DUPFD_CLOEXEC, 10); close(fd); diff --git a/bin/sh/sh.1 b/bin/sh/sh.1 index 3ea5af67637b..e671a1f0d142 100644 --- a/bin/sh/sh.1 +++ b/bin/sh/sh.1 @@ -32,7 +32,7 @@ .\" from: @(#)sh.1 8.6 (Berkeley) 5/4/95 .\" $FreeBSD$ .\" -.Dd July 19, 2018 +.Dd December 8, 2018 .Dt SH 1 .Os .Sh NAME @@ -2485,8 +2485,8 @@ lines, suitable for re-input to the shell. See the .Sx Functions subsection. -.It Ic set Oo Fl /+abCEefIimnpTuVvx Oc Oo Fl /+o Ar longname Oc Oo -.Fl c Ar string Oc Op Fl - Ar arg ... +.It Ic set Oo Fl /+abCEefIimnpTuVvx Oc Oo Fl /+o Ar longname +.Oc Op Fl - Ar arg ... The .Ic set command performs three different functions: @@ -2819,7 +2819,11 @@ Shell database. Privileged shell profile. .El .Sh EXIT STATUS -Errors that are detected by the shell, such as a syntax error, will +If the +.Ar script +cannot be found, the exit status will be 127; +if it cannot be opened for another reason, the exit status will be 126. +Other errors that are detected by the shell, such as a syntax error, will cause the shell to exit with a non-zero exit status. If the shell is not an interactive shell, the execution of the shell file will be aborted. diff --git a/bin/sh/tests/errors/Makefile b/bin/sh/tests/errors/Makefile index 868f43599973..5f8d16d22295 100644 --- a/bin/sh/tests/errors/Makefile +++ b/bin/sh/tests/errors/Makefile @@ -30,6 +30,7 @@ ${PACKAGE}FILES+= redirection-error5.0 ${PACKAGE}FILES+= redirection-error6.0 ${PACKAGE}FILES+= redirection-error7.0 ${PACKAGE}FILES+= redirection-error8.0 +${PACKAGE}FILES+= script-error1.0 ${PACKAGE}FILES+= write-error1.0 .include <bsd.test.mk> diff --git a/bin/sh/tests/errors/script-error1.0 b/bin/sh/tests/errors/script-error1.0 new file mode 100644 index 000000000000..558d9007353f --- /dev/null +++ b/bin/sh/tests/errors/script-error1.0 @@ -0,0 +1,5 @@ +# $FreeBSD$ + +{ stderr=$(${SH} /var/empty/nosuchscript 2>&1 >&3); } 3>&1 +r=$? +[ -n "$stderr" ] && [ "$r" = 127 ] diff --git a/bin/sh/tests/expansion/Makefile b/bin/sh/tests/expansion/Makefile index e087df723652..4f344c4a5161 100644 --- a/bin/sh/tests/expansion/Makefile +++ b/bin/sh/tests/expansion/Makefile @@ -86,6 +86,7 @@ ${PACKAGE}FILES+= plus-minus7.0 ${PACKAGE}FILES+= plus-minus8.0 ${PACKAGE}FILES+= plus-minus9.0 ${PACKAGE}FILES+= question1.0 +${PACKAGE}FILES+= question2.0 ${PACKAGE}FILES+= readonly1.0 ${PACKAGE}FILES+= redir1.0 ${PACKAGE}FILES+= set-u1.0 diff --git a/bin/sh/tests/expansion/question2.0 b/bin/sh/tests/expansion/question2.0 new file mode 100644 index 000000000000..592385d1df02 --- /dev/null +++ b/bin/sh/tests/expansion/question2.0 @@ -0,0 +1,11 @@ +# $FreeBSD$ + +unset dummyvar +msg=`(: ${dummyvar?}) 2>&1` +r=$? +[ "$r" != 0 ] && case $msg in +*dummyvar?* | *?dummyvar*) : ;; +*) + printf 'Bad message: [%s]\n' "$msg" + exit 1 +esac diff --git a/contrib/bmake/ChangeLog b/contrib/bmake/ChangeLog index fe6b0d949383..25edb9e496ae 100644 --- a/contrib/bmake/ChangeLog +++ b/contrib/bmake/ChangeLog @@ -1,3 +1,14 @@ +2018-09-21 Simon J. Gerraty <sjg@bad.crufty.net> + + * VERSION: 20180919 + Merge with NetBSD make, pick up + o var.c: add :q + o dir.c: cleanup caching of stats + +2018-09-21 Simon J Gerraty <sjg@beast.crufty.net> + + * Makefile.config.in: use += where it makes sense. + 2018-05-12 Simon J. Gerraty <sjg@bad.crufty.net> * VERSION: 20180512 diff --git a/contrib/bmake/FILES b/contrib/bmake/FILES index 24cd0451f077..08d9d7cf4afb 100644 --- a/contrib/bmake/FILES +++ b/contrib/bmake/FILES @@ -163,6 +163,8 @@ unit-tests/varcmd.exp unit-tests/varcmd.mk unit-tests/varmisc.exp unit-tests/varmisc.mk +unit-tests/varquote.exp +unit-tests/varquote.mk unit-tests/varshell.exp unit-tests/varshell.mk util.c diff --git a/contrib/bmake/Makefile.config.in b/contrib/bmake/Makefile.config.in index 323417bc1bcb..bc0cc9d90972 100644 --- a/contrib/bmake/Makefile.config.in +++ b/contrib/bmake/Makefile.config.in @@ -1,6 +1,6 @@ # things set by configure -_MAKE_VERSION=@_MAKE_VERSION@ +_MAKE_VERSION?=@_MAKE_VERSION@ prefix?= @prefix@ srcdir= @srcdir@ @@ -11,9 +11,9 @@ DEFAULT_SYS_PATH?= @default_sys_path@ CPPFLAGS+= @CPPFLAGS@ CFLAGS+= ${CPPFLAGS} @DEFS@ -LDFLAGS= @LDFLAGS@ -LIBOBJS= @LIBOBJS@ -LDADD= @LIBS@ +LDFLAGS+= @LDFLAGS@ +LIBOBJS+= @LIBOBJS@ +LDADD+= @LIBS@ USE_META= @use_meta@ FILEMON_H?= @filemon_h@ BMAKE_PATH_MAX?= @bmake_path_max@ diff --git a/contrib/bmake/VERSION b/contrib/bmake/VERSION index d29d946c9039..e390075f472b 100644 --- a/contrib/bmake/VERSION +++ b/contrib/bmake/VERSION @@ -1,2 +1,2 @@ # keep this compatible with sh and make -_MAKE_VERSION=20180512 +_MAKE_VERSION=20180919 diff --git a/contrib/bmake/bmake.1 b/contrib/bmake/bmake.1 index 1ee14bad6717..d0a02289a6d8 100644 --- a/contrib/bmake/bmake.1 +++ b/contrib/bmake/bmake.1 @@ -1,4 +1,4 @@ -.\" $NetBSD: make.1,v 1.272 2018/04/02 04:26:17 dholland Exp $ +.\" $NetBSD: make.1,v 1.273 2018/05/27 01:14:51 christos Exp $ .\" .\" Copyright (c) 1990, 1993 .\" The Regents of the University of California. All rights reserved. @@ -29,7 +29,7 @@ .\" .\" from: @(#)make.1 8.4 (Berkeley) 3/19/94 .\" -.Dd June 22, 2017 +.Dd May 26, 2018 .Dt BMAKE 1 .Os .Sh NAME @@ -1227,8 +1227,15 @@ due uno quattro tre .Ed .It Cm \&:Q Quotes every shell meta-character in the variable, so that it can be passed +safely to the shell. +.It Cm \&:q +Quotes every shell meta-character in the variable, and also doubles +.Sq $ +characters so that it can be passed safely through recursive invocations of .Nm . +This is equivalent to: +.Sq \&:S/\e\&$/&&/g:Q . .It Cm \&:R Replaces each word in the variable with everything but its suffix. .It Cm \&:range[=count] diff --git a/contrib/bmake/dir.c b/contrib/bmake/dir.c index 8331999802d2..0062ac04d515 100644 --- a/contrib/bmake/dir.c +++ b/contrib/bmake/dir.c @@ -1,4 +1,4 @@ -/* $NetBSD: dir.c,v 1.71 2017/04/16 21:14:47 riastradh Exp $ */ +/* $NetBSD: dir.c,v 1.73 2018/07/12 18:03:31 christos Exp $ */ /* * Copyright (c) 1988, 1989, 1990 The Regents of the University of California. @@ -70,14 +70,14 @@ */ #ifndef MAKE_NATIVE -static char rcsid[] = "$NetBSD: dir.c,v 1.71 2017/04/16 21:14:47 riastradh Exp $"; +static char rcsid[] = "$NetBSD: dir.c,v 1.73 2018/07/12 18:03:31 christos Exp $"; #else #include <sys/cdefs.h> #ifndef lint #if 0 static char sccsid[] = "@(#)dir.c 8.2 (Berkeley) 1/2/94"; #else -__RCSID("$NetBSD: dir.c,v 1.71 2017/04/16 21:14:47 riastradh Exp $"); +__RCSID("$NetBSD: dir.c,v 1.73 2018/07/12 18:03:31 christos Exp $"); #endif #endif /* not lint */ #endif @@ -268,15 +268,6 @@ struct cache_st { }; /* minimize changes below */ -static time_t -Hash_GetTimeValue(Hash_Entry *entry) -{ - struct cache_st *cst; - - cst = entry->clientPtr; - return cst->mtime; -} - #define CST_LSTAT 1 #define CST_UPDATE 2 @@ -298,6 +289,10 @@ cached_stats(Hash_Table *htp, const char *pathname, struct stat *st, int flags) memset(st, 0, sizeof(*st)); st->st_mtime = cst->mtime; st->st_mode = cst->mode; + if (DEBUG(DIR)) { + fprintf(debug_file, "Using cached time %s for %s\n", + Targ_FmtTime(st->st_mtime), pathname); + } return 0; } @@ -315,6 +310,10 @@ cached_stats(Hash_Table *htp, const char *pathname, struct stat *st, int flags) cst = entry->clientPtr; cst->mtime = st->st_mtime; cst->mode = st->st_mode; + if (DEBUG(DIR)) { + fprintf(debug_file, " Caching %s for %s\n", + Targ_FmtTime(st->st_mtime), pathname); + } return 0; } @@ -995,14 +994,6 @@ DirLookupSubdir(Path *p, const char *name) } if (cached_stat(file, &stb) == 0) { - /* - * Save the modification time so if it's needed, we don't have - * to fetch it again. - */ - if (DEBUG(DIR)) { - fprintf(debug_file, " Caching %s for %s\n", Targ_FmtTime(stb.st_mtime), - file); - } nearmisses += 1; return (file); } @@ -1134,7 +1125,6 @@ Dir_FindFile(const char *name, Lst path) Boolean hasLastDot = FALSE; /* true we should search dot last */ Boolean hasSlash; /* true if 'name' contains a / */ struct stat stb; /* Buffer for stat, if necessary */ - Hash_Entry *entry; /* Entry for mtimes table */ const char *trailing_dot = "."; /* @@ -1395,24 +1385,14 @@ Dir_FindFile(const char *name, Lst path) } bigmisses += 1; - entry = Hash_FindEntry(&mtimes, name); - if (entry != NULL) { - if (DEBUG(DIR)) { - fprintf(debug_file, " got it (in mtime cache)\n"); - } - return(bmake_strdup(name)); - } else if (cached_stat(name, &stb) == 0) { - if (DEBUG(DIR)) { - fprintf(debug_file, " Caching %s for %s\n", Targ_FmtTime(stb.st_mtime), - name); - } + if (cached_stat(name, &stb) == 0) { return (bmake_strdup(name)); - } else { - if (DEBUG(DIR)) { - fprintf(debug_file, " failed. Returning NULL\n"); - } - return NULL; } + + if (DEBUG(DIR)) { + fprintf(debug_file, " failed. Returning NULL\n"); + } + return NULL; #endif /* notdef */ } @@ -1518,7 +1498,6 @@ Dir_MTime(GNode *gn, Boolean recheck) { char *fullName; /* the full pathname of name */ struct stat stb; /* buffer for finding the mod time */ - Hash_Entry *entry; if (gn->type & OP_ARCHV) { return Arch_MTime(gn); @@ -1569,17 +1548,7 @@ Dir_MTime(GNode *gn, Boolean recheck) fullName = bmake_strdup(gn->name); } - if (!recheck) - entry = Hash_FindEntry(&mtimes, fullName); - else - entry = NULL; - if (entry != NULL) { - stb.st_mtime = Hash_GetTimeValue(entry); - if (DEBUG(DIR)) { - fprintf(debug_file, "Using cached time %s for %s\n", - Targ_FmtTime(stb.st_mtime), fullName); - } - } else if (cached_stats(&mtimes, fullName, &stb, recheck ? CST_UPDATE : 0) < 0) { + if (cached_stats(&mtimes, fullName, &stb, recheck ? CST_UPDATE : 0) < 0) { if (gn->type & OP_MEMBER) { if (fullName != gn->path) free(fullName); diff --git a/contrib/bmake/make.1 b/contrib/bmake/make.1 index 631b17c46f5b..d30e011379d5 100644 --- a/contrib/bmake/make.1 +++ b/contrib/bmake/make.1 @@ -1,4 +1,4 @@ -.\" $NetBSD: make.1,v 1.272 2018/04/02 04:26:17 dholland Exp $ +.\" $NetBSD: make.1,v 1.273 2018/05/27 01:14:51 christos Exp $ .\" .\" Copyright (c) 1990, 1993 .\" The Regents of the University of California. All rights reserved. @@ -29,7 +29,7 @@ .\" .\" from: @(#)make.1 8.4 (Berkeley) 3/19/94 .\" -.Dd September 27, 2018 +.Dd December 5, 2018 .Dt MAKE 1 .Os .Sh NAME @@ -1238,8 +1238,15 @@ due uno quattro tre .Ed .It Cm \&:Q Quotes every shell meta-character in the variable, so that it can be passed +safely to the shell. +.It Cm \&:q +Quotes every shell meta-character in the variable, and also doubles +.Sq $ +characters so that it can be passed safely through recursive invocations of .Nm . +This is equivalent to: +.Sq \&:S/\e\&$/&&/g:Q . .It Cm \&:R Replaces each word in the variable with everything but its suffix. .It Cm \&:range[=count] diff --git a/contrib/bmake/mk/ChangeLog b/contrib/bmake/mk/ChangeLog index 3bc1976fcfc3..ce8ac5361a4d 100644 --- a/contrib/bmake/mk/ChangeLog +++ b/contrib/bmake/mk/ChangeLog @@ -1,3 +1,25 @@ +2018-09-19 Simon J Gerraty <sjg@beast.crufty.net> + + * install-mk (MK_VERSION): 20180919 + + * dirdeps-options.mk: .undef cannot handle var that expands to + more than one var. + +2018-07-08 Simon J Gerraty <sjg@beast.crufty.net> + + * meta.stage.mk: allow wildcards in STAGE_FILES.* etc. + +2018-06-01 Simon J Gerraty <sjg@beast.crufty.net> + + * meta.autodep.mk: export META_FILES to avoid command line limit + * gendirdeps.mk: if we have lots of .meta files put them in + an @list + +2018-05-28 Simon J Gerraty <sjg@beast.crufty.net> + + * dirdeps-options.mk: use local.dirdeps-options.mk + not local.dirdeps-option.mk + 2018-04-20 Simon J Gerraty <sjg@beast.crufty.net> * install-mk (MK_VERSION): 20180420 diff --git a/contrib/bmake/mk/dirdeps-options.mk b/contrib/bmake/mk/dirdeps-options.mk index b6164cfa299a..4f74c02e1b8c 100644 --- a/contrib/bmake/mk/dirdeps-options.mk +++ b/contrib/bmake/mk/dirdeps-options.mk @@ -1,4 +1,4 @@ -# $Id: dirdeps-options.mk,v 1.5 2018/04/18 15:53:57 sjg Exp $ +# $Id: dirdeps-options.mk,v 1.9 2018/09/20 00:07:19 sjg Exp $ # # @(#) Copyright (c) 2018, Simon J. Gerraty # @@ -25,7 +25,7 @@ # If a Makefile.depend.options file exists, it will be included by # dirdeps.mk and meta.autodep.mk # -# We include local.dirdeps-option.mk which may also define DIRDEPS.* +# We include local.dirdeps-options.mk which may also define DIRDEPS.* # for options. # # Thus a directory, that is affected by an option FOO would have @@ -35,7 +35,7 @@ # DIRDEPS.FOO.yes # DIRDEPS.FOO.no # to whatever applies for that dir, or it can rely on globals -# set in local.dirdeps-option.mk +# set in local.dirdeps-options.mk # Either way, we will .undef DIRDEPS.* when done. # This should have been set by Makefile.depend.options @@ -43,7 +43,7 @@ DIRDEPS_OPTIONS ?= # pickup any DIRDEPS.* we need -.-include <local.dirdeps-option.mk> +.-include <local.dirdeps-options.mk> .if ${.MAKE.LEVEL} == 0 # :U below avoids potential errors when we := @@ -52,7 +52,10 @@ DIRDEPS += ${DIRDEPS.$o.${MK_$o:U}:U} .endfor DIRDEPS := ${DIRDEPS:O:u} # avoid cross contamination -.undef ${DIRDEPS_OPTIONS:tu:@o@DIRDEPS.$o.yes DIRDEPS.$o.no@} +.for o in ${DIRDEPS_OPTIONS:tu} +.undef DIRDEPS.$o.yes +.undef DIRDEPS.$o.no +.endfor .else # whether options are enabled or not, # we want to filter out the relevant DIRDEPS.* diff --git a/contrib/bmake/mk/dirdeps.mk b/contrib/bmake/mk/dirdeps.mk index 5df66e58f7ff..a84e0dde44e3 100644 --- a/contrib/bmake/mk/dirdeps.mk +++ b/contrib/bmake/mk/dirdeps.mk @@ -1,4 +1,4 @@ -# $Id: dirdeps.mk,v 1.95 2018/04/23 17:53:56 sjg Exp $ +# $Id: dirdeps.mk,v 1.96 2018/06/20 22:26:39 sjg Exp $ # Copyright (c) 2010-2013, Juniper Networks, Inc. # All rights reserved. @@ -731,6 +731,8 @@ DIRDEPS = .info loading ${_m} for ${d:E} .endif .include <${_m}> +.else +.-include <local.dirdeps-missing.mk> .endif .endif .endif @@ -746,7 +748,7 @@ DIRDEPS = DEP_RELDIR := ${RELDIR} _DEP_RELDIR := ${RELDIR} # Since we are/should be included by .MAKE.DEPENDFILE -# is is a final opportunity to add/hook global rules. +# This is a final opportunity to add/hook global rules. .-include <local.dirdeps-build.mk> # pickup local dependencies diff --git a/contrib/bmake/mk/gendirdeps.mk b/contrib/bmake/mk/gendirdeps.mk index d8f900630ac4..e04f8390cae9 100644 --- a/contrib/bmake/mk/gendirdeps.mk +++ b/contrib/bmake/mk/gendirdeps.mk @@ -1,4 +1,4 @@ -# $Id: gendirdeps.mk,v 1.38 2018/03/10 00:53:52 sjg Exp $ +# $Id: gendirdeps.mk,v 1.39 2018/06/08 01:25:31 sjg Exp $ # Copyright (c) 2010-2013, Juniper Networks, Inc. # All rights reserved. @@ -171,11 +171,27 @@ GENDIRDEPS_SEDCMDS += \ # we canonicalize them to keep things simple # if we are using a split-fs sandbox, it gets a little messier. _objtop := ${_OBJTOP:tA} + +# some people put *.meta in META_XTRAS to make sure we get here +_meta_files := ${META_FILES:N\*.meta:O:u} +# assume a big list +_meta_files_arg= @meta.list +.if empty(_meta_files) && ${META_FILES:M\*.meta} != "" +# XXX this should be considered a bad idea, +# since we cannot ignore stale .meta +x != cd ${_OBJDIR} && find . -name '*.meta' -print -o \( -type d ! -name . -prune \) | sed 's,^./,,' > meta.list; echo +.elif ${_meta_files:[#]} > 500 +.export _meta_files +x != echo; for m in $$_meta_files; do echo $$m; done > meta.list +.else +_meta_files_arg:= ${_meta_files} +.endif + dir_list != cd ${_OBJDIR} && \ ${META2DEPS_CMD} MACHINE=${MACHINE} \ SRCTOP=${SRCTOP} RELDIR=${RELDIR} CURDIR=${_CURDIR} \ ${META2DEPS_ARGS} \ - ${META_FILES:O:u} | ${META2DEPS_FILTER} ${_skip_gendirdeps} \ + ${_meta_files_arg} | ${META2DEPS_FILTER} ${_skip_gendirdeps} \ sed ${GENDIRDEPS_SEDCMDS} .if ${dir_list:M*ERROR\:*} != "" diff --git a/contrib/bmake/mk/install-mk b/contrib/bmake/mk/install-mk index 70233fc23ed8..886c264bd808 100644 --- a/contrib/bmake/mk/install-mk +++ b/contrib/bmake/mk/install-mk @@ -55,7 +55,7 @@ # Simon J. Gerraty <sjg@crufty.net> # RCSid: -# $Id: install-mk,v 1.156 2018/04/22 04:42:47 sjg Exp $ +# $Id: install-mk,v 1.160 2018/09/20 00:07:19 sjg Exp $ # # @(#) Copyright (c) 1994 Simon J. Gerraty # @@ -70,7 +70,7 @@ # sjg@crufty.net # -MK_VERSION=20180420 +MK_VERSION=20180919 OWNER= GROUP= MODE=444 diff --git a/contrib/bmake/mk/meta.autodep.mk b/contrib/bmake/mk/meta.autodep.mk index c33c5d809447..9cb3f14ea0c6 100644 --- a/contrib/bmake/mk/meta.autodep.mk +++ b/contrib/bmake/mk/meta.autodep.mk @@ -1,4 +1,4 @@ -# $Id: meta.autodep.mk,v 1.48 2018/04/15 06:30:04 sjg Exp $ +# $Id: meta.autodep.mk,v 1.50 2018/06/08 01:25:31 sjg Exp $ # # @(#) Copyright (c) 2010, Simon J. Gerraty @@ -20,9 +20,11 @@ __${_this}__: .NOTMAIN .-include <local.autodep.mk> +PICO?= .pico + .if defined(SRCS) # it would be nice to be able to query .SUFFIXES -OBJ_EXTENSIONS+= .o .po .lo .So +OBJ_EXTENSIONS+= .o .po .lo ${PICO} # explicit dependencies help short-circuit .SUFFIX searches SRCS_DEP_FILTER+= N*.[hly] @@ -178,7 +180,7 @@ DEPEND_SUFFIXES += .c .h .cpp .hpp .cxx .hxx .cc .hh @case "${.MAKE.META.FILES:T:M*.po.*}" in \ *.po.*) mv $@.${.MAKE.PID} $@;; \ *) { cat $@.${.MAKE.PID}; \ - sed 's,\.So:,.o:,;s,\.o:,.po:,' $@.${.MAKE.PID}; } | sort -u > $@; \ + sed 's,\${PICO}:,.o:,;s,\.o:,.po:,' $@.${.MAKE.PID}; } | sort -u > $@; \ rm -f $@.${.MAKE.PID};; \ esac .else @@ -243,7 +245,7 @@ META_FILES = *.meta .elif ${OPTIMIZE_OBJECT_META_FILES:Uno:tl} == "no" META_FILES = ${.MAKE.META.FILES:T:N.depend*:O:u} .else -# if we have 1000's of .o.meta, .So.meta etc we need only look at one set +# if we have 1000's of .o.meta, ${PICO}.meta etc we need only look at one set # it is left as an exercise for the reader to work out what this does META_FILES = ${.MAKE.META.FILES:T:N.depend*:N*o.meta:O:u} \ ${.MAKE.META.FILES:T:M*.${.MAKE.META.FILES:M*o.meta:R:E:O:u:[1]}.meta:O:u} @@ -260,6 +262,9 @@ META_FILES = ${.MAKE.META.FILES:T:N.depend*:N*o.meta:O:u} \ .if !empty(GENDIRDEPS_FILTER) .export GENDIRDEPS_FILTER .endif +# export to avoid blowing command line limit +META_FILES := ${META_XTRAS:U:O:u} ${META_FILES:U:T:O:u:${META_FILE_FILTER:ts:}} +.export META_FILES .endif # we might have .../ in MAKESYSPATH @@ -270,8 +275,7 @@ ${_DEPENDFILE}: ${_depend} ${.PARSEDIR}/gendirdeps.mk ${META2DEPS} $${.MAKE.MET SKIP_GENDIRDEPS='${SKIP_GENDIRDEPS:O:u}' \ DPADD='${FORCE_DPADD:O:u}' ${_gendirdeps_mutex} \ MAKESYSPATH=${_makesyspath} \ - ${.MAKE} -f gendirdeps.mk RELDIR=${RELDIR} _DEPENDFILE=${_DEPENDFILE} \ - META_FILES='${META_XTRAS:O:u} ${META_FILES:T:O:u:${META_FILE_FILTER:ts:}}') + ${.MAKE} -f gendirdeps.mk RELDIR=${RELDIR} _DEPENDFILE=${_DEPENDFILE}) @test -s $@ && touch $@; : .endif diff --git a/contrib/bmake/mk/meta.stage.mk b/contrib/bmake/mk/meta.stage.mk index 5c54f81fb378..320ffcca80a0 100644 --- a/contrib/bmake/mk/meta.stage.mk +++ b/contrib/bmake/mk/meta.stage.mk @@ -1,4 +1,4 @@ -# $Id: meta.stage.mk,v 1.55 2017/10/27 01:17:09 sjg Exp $ +# $Id: meta.stage.mk,v 1.56 2018/07/08 17:12:54 sjg Exp $ # # @(#) Copyright (c) 2011-2017, Simon J. Gerraty # @@ -141,7 +141,7 @@ _STAGE_AS_BASENAME_USE: .USE .dirdep ${.TARGET:T} .if !empty(STAGE_INCSDIR) .if !empty(STAGE_INCS) -stage_incs: ${STAGE_INCS} +stage_incs: ${STAGE_INCS:N*\**} .endif .if target(stage_incs) || !empty(.ALLTARGETS:Mstage_includes) STAGE_TARGETS += stage_incs @@ -156,7 +156,7 @@ stage_incs: .dirdep .if !empty(STAGE_LIBDIR) .if !empty(STAGE_LIBS) -stage_libs: ${STAGE_LIBS} +stage_libs: ${STAGE_LIBS:N*\**} .endif .if target(stage_libs) STAGE_TARGETS += stage_libs @@ -191,7 +191,7 @@ CLEANFILES += ${STAGE_SETS:@s@stage*$s@} # some makefiles need to populate multiple directories .for s in ${STAGE_SETS:O:u} .if !empty(STAGE_FILES.$s) -stage_files.$s: ${STAGE_FILES.$s} +stage_files.$s: ${STAGE_FILES.$s:N*\**} .endif .if target(stage_files.$s) || target(stage_files${s:S,^,.,:N._default}) STAGE_TARGETS += stage_files @@ -262,7 +262,7 @@ CLEANFILES += ${STAGE_AS_SETS:@s@stage*$s@} # both operations happen together .for s in ${STAGE_AS_SETS:O:u} .if !empty(STAGE_AS.$s) -stage_as.$s: ${STAGE_AS.$s} +stage_as.$s: ${STAGE_AS.$s:N*\**} .endif .if target(stage_as.$s) STAGE_TARGETS += stage_as @@ -277,7 +277,7 @@ stage_as.$s: .dirdep .endif .if !empty(STAGE_AS_AND_SYMLINK.$s) -stage_as_and_symlink.$s: ${STAGE_AS_AND_SYMLINK.$s} +stage_as_and_symlink.$s: ${STAGE_AS_AND_SYMLINK.$s:N*\**} .endif .if target(stage_as_and_symlink.$s) STAGE_TARGETS += stage_as_and_symlink diff --git a/contrib/bmake/unit-tests/Makefile.in b/contrib/bmake/unit-tests/Makefile.in index 4ee94bd87f68..e51d25455a50 100644 --- a/contrib/bmake/unit-tests/Makefile.in +++ b/contrib/bmake/unit-tests/Makefile.in @@ -1,6 +1,6 @@ -# $Id: Makefile.in,v 1.48 2015/12/07 04:06:29 sjg Exp $ +# $Id: Makefile.in,v 1.49 2018/09/21 21:39:05 sjg Exp $ # -# $NetBSD: Makefile,v 1.52 2015/05/05 21:51:09 sjg Exp $ +# $NetBSD: Makefile,v 1.53 2018/05/24 00:25:44 christos Exp $ # # Unit tests for make(1) # The main targets are: @@ -54,6 +54,7 @@ TESTNAMES= \ unexport-env \ varcmd \ varmisc \ + varquote \ varshell # these tests were broken by referting POSIX chanegs diff --git a/contrib/bmake/unit-tests/varquote.exp b/contrib/bmake/unit-tests/varquote.exp new file mode 100644 index 000000000000..63107bfd34f5 --- /dev/null +++ b/contrib/bmake/unit-tests/varquote.exp @@ -0,0 +1,3 @@ +-fdebug-prefix-map=$NETBSDSRCDIR=/usr/src -fdebug-regex-map=/usr/src/(.*)/obj$=/usr/obj/\1 +-fdebug-prefix-map=$NETBSDSRCDIR=/usr/src -fdebug-regex-map=/usr/src/(.*)/obj$=/usr/obj/\1 +exit status 0 diff --git a/contrib/bmake/unit-tests/varquote.mk b/contrib/bmake/unit-tests/varquote.mk new file mode 100644 index 000000000000..571f262fd91e --- /dev/null +++ b/contrib/bmake/unit-tests/varquote.mk @@ -0,0 +1,14 @@ +# $NetBSD: varquote.mk,v 1.2 2018/05/27 01:14:51 christos Exp $ +# +# Test VAR:q modifier + +.if !defined(REPROFLAGS) +REPROFLAGS+= -fdebug-prefix-map=\$$NETBSDSRCDIR=/usr/src +REPROFLAGS+= -fdebug-regex-map='/usr/src/(.*)/obj$$=/usr/obj/\1' +all: + @${MAKE} -f ${MAKEFILE} REPROFLAGS=${REPROFLAGS:S/\$/&&/g:Q} + @${MAKE} -f ${MAKEFILE} REPROFLAGS=${REPROFLAGS:q} +.else +all: + @echo ${REPROFLAGS} +.endif diff --git a/contrib/bmake/var.c b/contrib/bmake/var.c index 0e2460f131c7..b9b316939492 100644 --- a/contrib/bmake/var.c +++ b/contrib/bmake/var.c @@ -1,4 +1,4 @@ -/* $NetBSD: var.c,v 1.218 2018/02/18 00:52:42 sjg Exp $ */ +/* $NetBSD: var.c,v 1.220 2018/05/27 01:14:51 christos Exp $ */ /* * Copyright (c) 1988, 1989, 1990, 1993 @@ -69,14 +69,14 @@ */ #ifndef MAKE_NATIVE -static char rcsid[] = "$NetBSD: var.c,v 1.218 2018/02/18 00:52:42 sjg Exp $"; +static char rcsid[] = "$NetBSD: var.c,v 1.220 2018/05/27 01:14:51 christos Exp $"; #else #include <sys/cdefs.h> #ifndef lint #if 0 static char sccsid[] = "@(#)var.c 8.3 (Berkeley) 3/19/94"; #else -__RCSID("$NetBSD: var.c,v 1.218 2018/02/18 00:52:42 sjg Exp $"); +__RCSID("$NetBSD: var.c,v 1.220 2018/05/27 01:14:51 christos Exp $"); #endif #endif /* not lint */ #endif @@ -324,7 +324,7 @@ static Boolean VarLoopExpand(GNode *, Var_Parse_State *, static char *VarGetPattern(GNode *, Var_Parse_State *, int, const char **, int, int *, int *, VarPattern *); -static char *VarQuote(char *); +static char *VarQuote(char *, Boolean); static char *VarHash(char *); static char *VarModify(GNode *, Var_Parse_State *, const char *, @@ -2315,6 +2315,7 @@ VarGetPattern(GNode *ctxt, Var_Parse_State *vpstate MAKE_ATTR_UNUSED, *----------------------------------------------------------------------- * VarQuote -- * Quote shell meta-characters and space characters in the string + * if quoteDollar is set, also quote and double any '$' characters. * * Results: * The quoted string @@ -2325,7 +2326,7 @@ VarGetPattern(GNode *ctxt, Var_Parse_State *vpstate MAKE_ATTR_UNUSED, *----------------------------------------------------------------------- */ static char * -VarQuote(char *str) +VarQuote(char *str, Boolean quoteDollar) { Buffer buf; @@ -2346,6 +2347,8 @@ VarQuote(char *str) if (isspace((unsigned char)*str) || ismeta((unsigned char)*str)) Buf_AddByte(&buf, '\\'); Buf_AddByte(&buf, *str); + if (quoteDollar && *str == '$') + Buf_AddBytes(&buf, 2, "\\$"); } str = Buf_Destroy(&buf, FALSE); @@ -3485,9 +3488,10 @@ ApplyModifiers(char *nstr, const char *tstr, break; } #endif + case 'q': case 'Q': if (tstr[1] == endc || tstr[1] == ':') { - newStr = VarQuote(nstr); + newStr = VarQuote(nstr, modifier == 'q'); cp = tstr + 1; termc = *cp; break; diff --git a/contrib/ipfilter/ip_fil.c b/contrib/ipfilter/ip_fil.c index f16c4fb8a1ea..32cba4cdd372 100644 --- a/contrib/ipfilter/ip_fil.c +++ b/contrib/ipfilter/ip_fil.c @@ -482,14 +482,7 @@ ipf_fastroute(m, mpp, fin, fdp) m->mb_ifp = ifp; printpacket(fin->fin_out, m); -#if defined(__sgi) && (IRIX < 60500) - (*ifp->if_output)(ifp, (void *)ip, NULL); -# if TRU64 >= 1885 - (*ifp->if_output)(ifp, (void *)m, NULL, 0, 0); -# else (*ifp->if_output)(ifp, (void *)m, NULL, 0); -# endif -#endif done: fin->fin_ifp = sifp; fin->fin_out = sout; diff --git a/contrib/ipfilter/ipsend/ip.c b/contrib/ipfilter/ipsend/ip.c index fc7617065ac7..4f2eaed3a9b9 100644 --- a/contrib/ipfilter/ipsend/ip.c +++ b/contrib/ipfilter/ipsend/ip.c @@ -67,9 +67,9 @@ int send_ether(nfd, buf, len, gwip) bcopy((char *)buf, s + sizeof(*eh), len); if (gwip.s_addr == last_gw.s_addr) { - bcopy(last_arp, (char *)A_A eh->ether_dhost, 6); + bcopy(last_arp, (char *) &eh->ether_dhost, 6); } - else if (arp((char *)&gwip, (char *)A_A eh->ether_dhost) == -1) + else if (arp((char *)&gwip, (char *) &eh->ether_dhost) == -1) { perror("arp"); return -2; @@ -109,17 +109,17 @@ int send_ip(nfd, mtu, ip, gwip, frag) eh = (ether_header_t *)ipbuf; - bzero((char *)A_A eh->ether_shost, sizeof(eh->ether_shost)); + bzero((char *) &eh->ether_shost, sizeof(eh->ether_shost)); if (last_gw.s_addr && (gwip.s_addr == last_gw.s_addr)) { - bcopy(last_arp, (char *)A_A eh->ether_dhost, 6); + bcopy(last_arp, (char *) &eh->ether_dhost, 6); } - else if (arp((char *)&gwip, (char *)A_A eh->ether_dhost) == -1) + else if (arp((char *)&gwip, (char *) &eh->ether_dhost) == -1) { perror("arp"); return -2; } - bcopy((char *)A_A eh->ether_dhost, last_arp, sizeof(last_arp)); + bcopy((char *) &eh->ether_dhost, last_arp, sizeof(last_arp)); eh->ether_type = htons(ETHERTYPE_IP); bcopy((char *)ip, (char *)&ipsv, sizeof(*ip)); @@ -136,11 +136,11 @@ int send_ip(nfd, mtu, ip, gwip, frag) } if (ip->ip_src.s_addr != local_ip.s_addr) { - (void) arp((char *)&ip->ip_src, (char *)A_A local_arp); - bcopy(local_arp, (char *)A_A eh->ether_shost,sizeof(last_arp)); + (void) arp((char *)&ip->ip_src, (char *) &local_arp); + bcopy(local_arp, (char *) &eh->ether_shost,sizeof(last_arp)); local_ip = ip->ip_src; } else - bcopy(local_arp, (char *)A_A eh->ether_shost, 6); + bcopy(local_arp, (char *) &eh->ether_shost, 6); if (!frag || (sizeof(*eh) + iplen < mtu)) { diff --git a/contrib/ipfilter/ipsend/resend.c b/contrib/ipfilter/ipsend/resend.c index 45159bf76455..8fd289ed562e 100644 --- a/contrib/ipfilter/ipsend/resend.c +++ b/contrib/ipfilter/ipsend/resend.c @@ -97,7 +97,7 @@ int ip_resend(dev, mtu, r, gwip, datain) return -2; } - bzero((char *)A_A eh->ether_shost, sizeof(eh->ether_shost)); + bzero((char *) &eh->ether_shost, sizeof(eh->ether_shost)); if (gwip.s_addr && (arp((char *)&gwip, dhost) == -1)) { perror("arp"); @@ -113,12 +113,12 @@ int ip_resend(dev, mtu, r, gwip, datain) eh->ether_type = htons((u_short)ETHERTYPE_IP); if (!gwip.s_addr) { if (arp((char *)&gwip, - (char *)A_A eh->ether_dhost) == -1) { + (char *) &eh->ether_dhost) == -1) { perror("arp"); continue; } } else - bcopy(dhost, (char *)A_A eh->ether_dhost, + bcopy(dhost, (char *) &eh->ether_dhost, sizeof(dhost)); if (!ip->ip_sum) ip->ip_sum = chksum((u_short *)ip, diff --git a/contrib/libarchive/libarchive/archive_acl.c b/contrib/libarchive/libarchive/archive_acl.c index 6ce7ab66093a..512beee1f734 100644 --- a/contrib/libarchive/libarchive/archive_acl.c +++ b/contrib/libarchive/libarchive/archive_acl.c @@ -1585,17 +1585,29 @@ next_field_w(const wchar_t **wp, const wchar_t **start, /* Scan for the separator. */ while (**wp != L'\0' && **wp != L',' && **wp != L':' && - **wp != L'\n') { + **wp != L'\n' && **wp != L'#') { (*wp)++; } *sep = **wp; - /* Trim trailing whitespace to locate end of field. */ - *end = *wp - 1; - while (**end == L' ' || **end == L'\t' || **end == L'\n') { - (*end)--; + /* Locate end of field, trim trailing whitespace if necessary */ + if (*wp == *start) { + *end = *wp; + } else { + *end = *wp - 1; + while (**end == L' ' || **end == L'\t' || **end == L'\n') { + (*end)--; + } + (*end)++; + } + + /* Handle in-field comments */ + if (*sep == L'#') { + while (**wp != L'\0' && **wp != L',' && **wp != L'\n') { + (*wp)++; + } + *sep = **wp; } - (*end)++; /* Adjust scanner location. */ if (**wp != L'\0') @@ -1646,7 +1658,7 @@ archive_acl_from_text_l(struct archive_acl *acl, const char *text, ret = ARCHIVE_OK; types = 0; - while (text != NULL && *text != '\0') { + while (text != NULL && *text != '\0') { /* * Parse the fields out of the next entry, * advance 'text' to start of next entry. @@ -2057,23 +2069,30 @@ next_field(const char **p, const char **start, *start = *p; /* Scan for the separator. */ - while (**p != '\0' && **p != ',' && **p != ':' && **p != '\n') { + while (**p != '\0' && **p != ',' && **p != ':' && **p != '\n' && + **p != '#') { (*p)++; } *sep = **p; - /* If the field is only whitespace, bail out now. */ - if (**p == '\0') { + /* Locate end of field, trim trailing whitespace if necessary */ + if (*p == *start) { *end = *p; - return; + } else { + *end = *p - 1; + while (**end == ' ' || **end == '\t' || **end == '\n') { + (*end)--; + } + (*end)++; } - /* Trim trailing whitespace to locate end of field. */ - *end = *p - 1; - while (**end == ' ' || **end == '\t' || **end == '\n') { - (*end)--; + /* Handle in-field comments */ + if (*sep == '#') { + while (**p != '\0' && **p != ',' && **p != '\n') { + (*p)++; + } + *sep = **p; } - (*end)++; /* Adjust scanner location. */ if (**p != '\0') diff --git a/contrib/libarchive/libarchive/archive_write_disk_posix.c b/contrib/libarchive/libarchive/archive_write_disk_posix.c index d164a292b0c6..b6b220fbe6a7 100644 --- a/contrib/libarchive/libarchive/archive_write_disk_posix.c +++ b/contrib/libarchive/libarchive/archive_write_disk_posix.c @@ -1705,6 +1705,20 @@ _archive_write_disk_finish_entry(struct archive *_a) } /* + * HYPOTHESIS: + * If we're not root, we won't be setting any security + * attributes that may be wiped by the set_mode() routine + * below. We also can't set xattr on non-owner-writable files, + * which may be the state after set_mode(). Perform + * set_xattrs() first based on these constraints. + */ + if (a->user_uid != 0 && + (a->todo & TODO_XATTR)) { + int r2 = set_xattrs(a); + if (r2 < ret) ret = r2; + } + + /* * set_mode must precede ACLs on systems such as Solaris and * FreeBSD where setting the mode implicitly clears extended ACLs */ @@ -1717,8 +1731,10 @@ _archive_write_disk_finish_entry(struct archive *_a) * Security-related extended attributes (such as * security.capability on Linux) have to be restored last, * since they're implicitly removed by other file changes. + * We do this last only when root. */ - if (a->todo & TODO_XATTR) { + if (a->user_uid == 0 && + (a->todo & TODO_XATTR)) { int r2 = set_xattrs(a); if (r2 < ret) ret = r2; } @@ -2223,6 +2239,15 @@ create_filesystem_object(struct archive_write_disk *a) */ mode = final_mode & 0777 & ~a->user_umask; + /* + * Always create writable such that [f]setxattr() works if we're not + * root. + */ + if (a->user_uid != 0 && + a->todo & (TODO_HFS_COMPRESSION | TODO_XATTR)) { + mode |= 0200; + } + switch (a->mode & AE_IFMT) { default: /* POSIX requires that we fall through here. */ diff --git a/contrib/libarchive/libarchive/test/test_extattr_freebsd.c b/contrib/libarchive/libarchive/test/test_extattr_freebsd.c index f1fe53442262..ff05aa4a04b1 100644 --- a/contrib/libarchive/libarchive/test/test_extattr_freebsd.c +++ b/contrib/libarchive/libarchive/test/test_extattr_freebsd.c @@ -49,7 +49,6 @@ DEFINE_TEST(test_extattr_freebsd) struct archive_entry *ae; ssize_t n; int fd; - int extattr_privilege_bug = 0; /* * First, do a quick manual set/read of an extended attribute @@ -73,24 +72,6 @@ DEFINE_TEST(test_extattr_freebsd) assertEqualInt(4, n); close(fd); - /* - * Repeat the above, but with file permissions set to 0000. - * This should work (extattr_set_fd() should follow fd - * permissions, not file permissions), but is known broken on - * some versions of FreeBSD. - */ - fd = open("pretest2", O_RDWR | O_CREAT, 00000); - failure("Could not create test file?!"); - if (!assert(fd >= 0)) - return; - - n = extattr_set_fd(fd, EXTATTR_NAMESPACE_USER, "testattr", "1234", 4); - if (n != 4) { - skipping("Restoring xattr to an unwritable file seems to be broken on this platform"); - extattr_privilege_bug = 1; - } - close(fd); - /* Create a write-to-disk object. */ assert(NULL != (a = archive_write_disk_new())); archive_write_disk_set_options(a, @@ -120,16 +101,12 @@ DEFINE_TEST(test_extattr_freebsd) archive_entry_free(ae); /* Close the archive. */ - if (extattr_privilege_bug) - /* If the bug is here, write_close will return warning. */ - assertEqualIntA(a, ARCHIVE_WARN, archive_write_close(a)); - else - assertEqualIntA(a, ARCHIVE_OK, archive_write_close(a)); - assertEqualInt(ARCHIVE_OK, archive_write_free(a)); + assertEqualIntA(a, ARCHIVE_OK, archive_write_close(a)); /* Verify the data on disk. */ assertEqualInt(0, stat("test0", &st)); assertEqualInt(st.st_mtime, 123456); + assertEqualInt(st.st_mode & 0777, 0755); /* Verify extattr */ n = extattr_get_file("test0", EXTATTR_NAMESPACE_USER, "foo", buff, sizeof(buff)); @@ -141,17 +118,20 @@ DEFINE_TEST(test_extattr_freebsd) /* Verify the data on disk. */ assertEqualInt(0, stat("test1", &st)); assertEqualInt(st.st_mtime, 12345678); + assertEqualInt(st.st_mode & 0777, 0); + /* + * If we are not root, we have to make test1 user readable + * or extattr_get_file() will fail + */ + if (geteuid() != 0) { + chmod("test1", S_IRUSR); + } /* Verify extattr */ n = extattr_get_file("test1", EXTATTR_NAMESPACE_USER, "bar", buff, sizeof(buff)); - if (extattr_privilege_bug) { - /* If we have the bug, the extattr won't have been written. */ - assertEqualInt(n, -1); - } else { - if (assertEqualInt(n, 6)) { - buff[n] = '\0'; - assertEqualString(buff, "123456"); - } + if (assertEqualInt(n, 6)) { + buff[n] = '\0'; + assertEqualString(buff, "123456"); } /* Use libarchive APIs to read the file back into an entry and diff --git a/contrib/libarchive/libarchive/test/test_read_format_rar5.c b/contrib/libarchive/libarchive/test/test_read_format_rar5.c index 6c570f1c6643..0ccedc76f376 100644 --- a/contrib/libarchive/libarchive/test/test_read_format_rar5.c +++ b/contrib/libarchive/libarchive/test/test_read_format_rar5.c @@ -90,7 +90,7 @@ int verify_data(const uint8_t* data_ptr, int magic, int size) { static int extract_one(struct archive* a, struct archive_entry* ae, uint32_t crc) { - la_ssize_t fsize, read; + la_ssize_t fsize, bytes_read; uint8_t* buf; int ret = 1; uint32_t computed_crc; @@ -100,9 +100,9 @@ int extract_one(struct archive* a, struct archive_entry* ae, uint32_t crc) { if(buf == NULL) return 1; - read = archive_read_data(a, buf, fsize); - if(read != fsize) { - assertEqualInt(read, fsize); + bytes_read = archive_read_data(a, buf, fsize); + if(bytes_read != fsize) { + assertEqualInt(bytes_read, fsize); goto fn_exit; } diff --git a/contrib/nvi/common/encoding.c b/contrib/nvi/common/encoding.c index 7bdcf7069238..bcbc0680950d 100644 --- a/contrib/nvi/common/encoding.c +++ b/contrib/nvi/common/encoding.c @@ -96,7 +96,7 @@ looks_utf8(const char *ibuf, size_t nbytes) if (i >= nbytes) goto done; - if (buf[i] & 0x40) /* 10xxxxxx */ + if ((buf[i] & 0xc0) != 0x80) /* 10xxxxxx */ return -1; } diff --git a/contrib/ofed/libibverbs/sysfs.c b/contrib/ofed/libibverbs/sysfs.c index 0ea19fc8fd85..99ccded3276d 100644 --- a/contrib/ofed/libibverbs/sysfs.c +++ b/contrib/ofed/libibverbs/sysfs.c @@ -79,7 +79,7 @@ int ibv_read_sysfs_file(const char *dir, const char *file, char *buf, size_t size) { char *path, *s; - int fd; + int ret; size_t len; if (asprintf(&path, "%s/%s", dir, file) < 0) @@ -89,12 +89,13 @@ int ibv_read_sysfs_file(const char *dir, const char *file, if (*s == '/') *s = '.'; - len = size; - if (sysctlbyname(&path[1], buf, &len, NULL, 0) == -1) - return -1; - + len = size; + ret = sysctlbyname(&path[1], buf, &len, NULL, 0); free(path); + if (ret == -1) + return -1; + if (len > 0 && buf[len - 1] == '\n') buf[--len] = '\0'; diff --git a/contrib/ofed/opensm/opensm/main.c b/contrib/ofed/opensm/opensm/main.c index 8419e6888a98..48a97328061c 100644 --- a/contrib/ofed/opensm/opensm/main.c +++ b/contrib/ofed/opensm/opensm/main.c @@ -492,7 +492,7 @@ static ib_net64_t get_port_guid(IN osm_opensm_t * p_osm, uint64_t port_guid) fflush(stdout); if (scanf("%u", &choice) <= 0) { char junk[128]; - if (scanf("%s", junk) <= 0) + if (scanf("%127s", junk) <= 0) printf("\nError: Cannot scan!\n"); } else if (choice == 0) return 0; diff --git a/contrib/openbsm/bin/auditdistd/trail.c b/contrib/openbsm/bin/auditdistd/trail.c index 0a0bf882c45e..2a19a67ece3b 100644 --- a/contrib/openbsm/bin/auditdistd/trail.c +++ b/contrib/openbsm/bin/auditdistd/trail.c @@ -264,6 +264,12 @@ again: * 2. It is fully sent, but is not terminated, so new data can be * appended still, or * 3. It is fully sent but file name has changed. + * There are two cases here: + * 3a. Sender has crashed and the name has changed from + * .not_terminated to .crash_recovery. + * 3b. Sender was disconnected, no new data was added to the file, + * but its name has changed from .not_terminated to terminated + * name. * * Note that we are fine if our .not_terminated or .crash_recovery file * is smaller than the one on the receiver side, as it is possible that @@ -275,7 +281,7 @@ again: (offset >= sb.st_size && trail_is_not_terminated(trail->tr_filename)) || (offset >= sb.st_size && trail_is_not_terminated(filename) && - trail_is_crash_recovery(trail->tr_filename))) { + !trail_is_not_terminated(trail->tr_filename))) { /* File was not fully send. Let's finish it. */ if (lseek(fd, offset, SEEK_SET) == -1) { pjdlog_errno(LOG_ERR, diff --git a/contrib/wpa/CONTRIBUTIONS b/contrib/wpa/CONTRIBUTIONS index 76600bc87280..053e8ecda90f 100644 --- a/contrib/wpa/CONTRIBUTIONS +++ b/contrib/wpa/CONTRIBUTIONS @@ -140,7 +140,7 @@ The license terms used for hostap.git files Modified BSD license (no advertisement clause): -Copyright (c) 2002-2016, Jouni Malinen <j@w1.fi> and contributors +Copyright (c) 2002-2018, Jouni Malinen <j@w1.fi> and contributors All Rights Reserved. Redistribution and use in source and binary forms, with or without diff --git a/contrib/wpa/COPYING b/contrib/wpa/COPYING index 7efce0dee1a7..55815d4016a3 100644 --- a/contrib/wpa/COPYING +++ b/contrib/wpa/COPYING @@ -1,7 +1,7 @@ wpa_supplicant and hostapd -------------------------- -Copyright (c) 2002-2016, Jouni Malinen <j@w1.fi> and contributors +Copyright (c) 2002-2018, Jouni Malinen <j@w1.fi> and contributors All Rights Reserved. diff --git a/contrib/wpa/README b/contrib/wpa/README index 9685f586beb7..6586d72ea039 100644 --- a/contrib/wpa/README +++ b/contrib/wpa/README @@ -1,7 +1,7 @@ wpa_supplicant and hostapd -------------------------- -Copyright (c) 2002-2016, Jouni Malinen <j@w1.fi> and contributors +Copyright (c) 2002-2018, Jouni Malinen <j@w1.fi> and contributors All Rights Reserved. These programs are licensed under the BSD license (the one with diff --git a/contrib/wpa/hostapd/ChangeLog b/contrib/wpa/hostapd/ChangeLog index d2b669b58654..f1366b4a9542 100644 --- a/contrib/wpa/hostapd/ChangeLog +++ b/contrib/wpa/hostapd/ChangeLog @@ -1,5 +1,60 @@ ChangeLog for hostapd +2018-12-02 - v2.7 + * fixed WPA packet number reuse with replayed messages and key + reinstallation + [http://w1.fi/security/2017-1/] (CVE-2017-13082) + * added support for FILS (IEEE 802.11ai) shared key authentication + * added support for OWE (Opportunistic Wireless Encryption, RFC 8110; + and transition mode defined by WFA) + * added support for DPP (Wi-Fi Device Provisioning Protocol) + * FT: + - added local generation of PMK-R0/PMK-R1 for FT-PSK + (ft_psk_generate_local=1) + - replaced inter-AP protocol with a cleaner design that is more + easily extensible; this breaks backward compatibility and requires + all APs in the ESS to be updated at the same time to maintain FT + functionality + - added support for wildcard R0KH/R1KH + - replaced r0_key_lifetime (minutes) parameter with + ft_r0_key_lifetime (seconds) + - fixed wpa_psk_file use for FT-PSK + - fixed FT-SAE PMKID matching + - added expiration to PMK-R0 and PMK-R1 cache + - added IEEE VLAN support (including tagged VLANs) + - added support for SHA384 based AKM + * SAE + - fixed some PMKSA caching cases with SAE + - added support for configuring SAE password separately of the + WPA2 PSK/passphrase + - added option to require MFP for SAE associations + (sae_require_pmf=1) + - fixed PTK and EAPOL-Key integrity and key-wrap algorithm selection + for SAE; + note: this is not backwards compatible, i.e., both the AP and + station side implementations will need to be update at the same + time to maintain interoperability + - added support for Password Identifier + * hostapd_cli: added support for command history and completion + * added support for requesting beacon report + * large number of other fixes, cleanup, and extensions + * added option to configure EAPOL-Key retry limits + (wpa_group_update_count and wpa_pairwise_update_count) + * removed all PeerKey functionality + * fixed nl80211 AP mode configuration regression with Linux 4.15 and + newer + * added support for using wolfSSL cryptographic library + * fixed some 20/40 MHz coexistence cases where the BSS could drop to + 20 MHz even when 40 MHz would be allowed + * Hotspot 2.0 + - added support for setting Venue URL ANQP-element (venue_url) + - added support for advertising Hotspot 2.0 operator icons + - added support for Roaming Consortium Selection element + - added support for Terms and Conditions + - added support for OSEN connection in a shared RSN BSS + * added support for using OpenSSL 1.1.1 + * added EAP-pwd server support for salted passwords + 2016-10-02 - v2.6 * fixed EAP-pwd last fragment validation [http://w1.fi/security/2015-7/] (CVE-2015-5314) diff --git a/contrib/wpa/hostapd/README b/contrib/wpa/hostapd/README index 5d5fd365bb62..ae5317698ee8 100644 --- a/contrib/wpa/hostapd/README +++ b/contrib/wpa/hostapd/README @@ -2,7 +2,7 @@ hostapd - user space IEEE 802.11 AP and IEEE 802.1X/WPA/WPA2/EAP Authenticator and RADIUS authentication server ================================================================ -Copyright (c) 2002-2016, Jouni Malinen <j@w1.fi> and contributors +Copyright (c) 2002-2018, Jouni Malinen <j@w1.fi> and contributors All Rights Reserved. This program is licensed under the BSD license (the one with @@ -70,7 +70,7 @@ Requirements Current hardware/software requirements: - drivers: Host AP driver for Prism2/2.5/3. - (http://hostap.epitest.fi/) + (http://w1.fi/hostap-driver.html) Please note that station firmware version needs to be 1.7.0 or newer to work in WPA mode. @@ -81,8 +81,7 @@ Current hardware/software requirements: Any wired Ethernet driver for wired IEEE 802.1X authentication (experimental code) - FreeBSD -current (with some kernel mods that have not yet been - committed when hostapd v0.3.0 was released) + FreeBSD -current BSD net80211 layer (e.g., Atheros driver) @@ -186,23 +185,13 @@ Authenticator and RADIUS encapsulation between the Authenticator and the Authentication Server. Other than this, the functionality is similar to the case with the co-located Authentication Server. -Authentication Server and Supplicant ------------------------------------- +Authentication Server +--------------------- Any RADIUS server supporting EAP should be usable as an IEEE 802.1X Authentication Server with hostapd Authenticator. FreeRADIUS (http://www.freeradius.org/) has been successfully tested with hostapd -Authenticator and both Xsupplicant (http://www.open1x.org) and Windows -XP Supplicants. EAP/TLS was used with Xsupplicant and -EAP/MD5-Challenge with Windows XP. - -http://www.missl.cs.umd.edu/wireless/eaptls/ has useful information -about using EAP/TLS with FreeRADIUS and Xsupplicant (just replace -Cisco access point with Host AP driver, hostapd daemon, and a Prism2 -card ;-). http://www.freeradius.org/doc/EAP-MD5.html has information -about using EAP/MD5 with FreeRADIUS, including instructions for WinXP -configuration. http://www.denobula.com/EAPTLS.pdf has a HOWTO on -EAP/TLS use with WinXP Supplicant. +Authenticator. Automatic WEP key configuration ------------------------------- @@ -243,16 +232,15 @@ networks that require some kind of security. Task group I (Security) of IEEE 802.11 working group (http://www.ieee802.org/11/) has worked to address the flaws of the base standard and has in practice completed its work in May 2004. The IEEE 802.11i amendment to the IEEE -802.11 standard was approved in June 2004 and this amendment is likely -to be published in July 2004. +802.11 standard was approved in June 2004 and this amendment was +published in July 2004. Wi-Fi Alliance (http://www.wi-fi.org/) used a draft version of the IEEE 802.11i work (draft 3.0) to define a subset of the security enhancements that can be implemented with existing wlan hardware. This is called Wi-Fi Protected Access<TM> (WPA). This has now become a mandatory component of interoperability testing and certification done -by Wi-Fi Alliance. Wi-Fi provides information about WPA at its web -site (http://www.wi-fi.org/OpenSection/protected_access.asp). +by Wi-Fi Alliance. IEEE 802.11 standard defined wired equivalent privacy (WEP) algorithm for protecting wireless networks. WEP uses RC4 with 40-bit keys, diff --git a/contrib/wpa/hostapd/config_file.c b/contrib/wpa/hostapd/config_file.c index 5079f69e3bc5..b26da71a8410 100644 --- a/contrib/wpa/hostapd/config_file.c +++ b/contrib/wpa/hostapd/config_file.c @@ -1,6 +1,6 @@ /* * hostapd / Configuration file parser - * Copyright (c) 2003-2015, Jouni Malinen <j@w1.fi> + * Copyright (c) 2003-2018, Jouni Malinen <j@w1.fi> * * This software may be distributed under the terms of the BSD license. * See README for more details. @@ -14,6 +14,8 @@ #include "utils/common.h" #include "utils/uuid.h" #include "common/ieee802_11_defs.h" +#include "crypto/sha256.h" +#include "crypto/tls.h" #include "drivers/driver.h" #include "eap_server/eap.h" #include "radius/radius_client.h" @@ -111,7 +113,7 @@ static int hostapd_config_read_vlan_file(struct hostapd_bss_config *bss, #endif /* CONFIG_NO_VLAN */ -static int hostapd_acl_comp(const void *a, const void *b) +int hostapd_acl_comp(const void *a, const void *b) { const struct mac_acl_entry *aa = a; const struct mac_acl_entry *bb = b; @@ -119,6 +121,44 @@ static int hostapd_acl_comp(const void *a, const void *b) } +int hostapd_add_acl_maclist(struct mac_acl_entry **acl, int *num, + int vlan_id, const u8 *addr) +{ + struct mac_acl_entry *newacl; + + newacl = os_realloc_array(*acl, *num + 1, sizeof(**acl)); + if (!newacl) { + wpa_printf(MSG_ERROR, "MAC list reallocation failed"); + return -1; + } + + *acl = newacl; + os_memcpy((*acl)[*num].addr, addr, ETH_ALEN); + os_memset(&(*acl)[*num].vlan_id, 0, sizeof((*acl)[*num].vlan_id)); + (*acl)[*num].vlan_id.untagged = vlan_id; + (*acl)[*num].vlan_id.notempty = !!vlan_id; + (*num)++; + + return 0; +} + + +void hostapd_remove_acl_mac(struct mac_acl_entry **acl, int *num, + const u8 *addr) +{ + int i = 0; + + while (i < *num) { + if (os_memcmp((*acl)[i].addr, addr, ETH_ALEN) == 0) { + os_remove_in_array(*acl, *num, sizeof(**acl), i); + (*num)--; + } else { + i++; + } + } +} + + static int hostapd_config_read_maclist(const char *fname, struct mac_acl_entry **acl, int *num) { @@ -126,12 +166,8 @@ static int hostapd_config_read_maclist(const char *fname, char buf[128], *pos; int line = 0; u8 addr[ETH_ALEN]; - struct mac_acl_entry *newacl; int vlan_id; - if (!fname) - return 0; - f = fopen(fname, "r"); if (!f) { wpa_printf(MSG_ERROR, "MAC list file '%s' not found.", fname); @@ -139,7 +175,7 @@ static int hostapd_config_read_maclist(const char *fname, } while (fgets(buf, sizeof(buf), f)) { - int i, rem = 0; + int rem = 0; line++; @@ -169,16 +205,7 @@ static int hostapd_config_read_maclist(const char *fname, } if (rem) { - i = 0; - while (i < *num) { - if (os_memcmp((*acl)[i].addr, addr, ETH_ALEN) == - 0) { - os_remove_in_array(*acl, *num, - sizeof(**acl), i); - (*num)--; - } else - i++; - } + hostapd_remove_acl_mac(acl, num, addr); continue; } vlan_id = 0; @@ -190,31 +217,78 @@ static int hostapd_config_read_maclist(const char *fname, if (*pos != '\0') vlan_id = atoi(pos); - newacl = os_realloc_array(*acl, *num + 1, sizeof(**acl)); - if (newacl == NULL) { - wpa_printf(MSG_ERROR, "MAC list reallocation failed"); + if (hostapd_add_acl_maclist(acl, num, vlan_id, addr) < 0) { fclose(f); return -1; } - - *acl = newacl; - os_memcpy((*acl)[*num].addr, addr, ETH_ALEN); - os_memset(&(*acl)[*num].vlan_id, 0, - sizeof((*acl)[*num].vlan_id)); - (*acl)[*num].vlan_id.untagged = vlan_id; - (*acl)[*num].vlan_id.notempty = !!vlan_id; - (*num)++; } fclose(f); - qsort(*acl, *num, sizeof(**acl), hostapd_acl_comp); + if (*acl) + qsort(*acl, *num, sizeof(**acl), hostapd_acl_comp); return 0; } #ifdef EAP_SERVER + +static int hostapd_config_eap_user_salted(struct hostapd_eap_user *user, + const char *hash, size_t len, + char **pos, int line, + const char *fname) +{ + char *pos2 = *pos; + + while (*pos2 != '\0' && *pos2 != ' ' && *pos2 != '\t' && *pos2 != '#') + pos2++; + + if (pos2 - *pos < (int) (2 * (len + 1))) { /* at least 1 byte of salt */ + wpa_printf(MSG_ERROR, + "Invalid salted %s hash on line %d in '%s'", + hash, line, fname); + return -1; + } + + user->password = os_malloc(len); + if (!user->password) { + wpa_printf(MSG_ERROR, + "Failed to allocate memory for salted %s hash", + hash); + return -1; + } + + if (hexstr2bin(*pos, user->password, len) < 0) { + wpa_printf(MSG_ERROR, + "Invalid salted password on line %d in '%s'", + line, fname); + return -1; + } + user->password_len = len; + *pos += 2 * len; + + user->salt_len = (pos2 - *pos) / 2; + user->salt = os_malloc(user->salt_len); + if (!user->salt) { + wpa_printf(MSG_ERROR, + "Failed to allocate memory for salted %s hash", + hash); + return -1; + } + + if (hexstr2bin(*pos, user->salt, user->salt_len) < 0) { + wpa_printf(MSG_ERROR, + "Invalid salt for password on line %d in '%s'", + line, fname); + return -1; + } + + *pos = pos2; + return 0; +} + + static int hostapd_config_read_eap_user(const char *fname, struct hostapd_bss_config *conf) { @@ -223,9 +297,6 @@ static int hostapd_config_read_eap_user(const char *fname, int line = 0, ret = 0, num_methods; struct hostapd_eap_user *user = NULL, *tail = NULL, *new_user = NULL; - if (!fname) - return 0; - if (os_strncmp(fname, "sqlite:", 7) == 0) { #ifdef CONFIG_SQLITE os_free(conf->eap_user_sqlite); @@ -312,13 +383,12 @@ static int hostapd_config_read_eap_user(const char *fname, goto failed; } - user->identity = os_malloc(pos - start); + user->identity = os_memdup(start, pos - start); if (user->identity == NULL) { wpa_printf(MSG_ERROR, "Failed to allocate " "memory for EAP identity"); goto failed; } - os_memcpy(user->identity, start, pos - start); user->identity_len = pos - start; if (pos[0] == '"' && pos[1] == '*') { @@ -436,13 +506,12 @@ static int hostapd_config_read_eap_user(const char *fname, goto failed; } - user->password = os_malloc(pos - start); + user->password = os_memdup(start, pos - start); if (user->password == NULL) { wpa_printf(MSG_ERROR, "Failed to allocate " "memory for EAP password"); goto failed; } - os_memcpy(user->password, start, pos - start); user->password_len = pos - start; pos++; @@ -471,6 +540,24 @@ static int hostapd_config_read_eap_user(const char *fname, user->password_len = 16; user->password_hash = 1; pos = pos2; + } else if (os_strncmp(pos, "ssha1:", 6) == 0) { + pos += 6; + if (hostapd_config_eap_user_salted(user, "sha1", 20, + &pos, + line, fname) < 0) + goto failed; + } else if (os_strncmp(pos, "ssha256:", 8) == 0) { + pos += 8; + if (hostapd_config_eap_user_salted(user, "sha256", 32, + &pos, + line, fname) < 0) + goto failed; + } else if (os_strncmp(pos, "ssha512:", 8) == 0) { + pos += 8; + if (hostapd_config_eap_user_salted(user, "sha512", 64, + &pos, + line, fname) < 0) + goto failed; } else { pos2 = pos; while (*pos2 != '\0' && *pos2 != ' ' && @@ -522,19 +609,15 @@ static int hostapd_config_read_eap_user(const char *fname, fclose(f); if (ret == 0) { - user = conf->eap_user; - while (user) { - struct hostapd_eap_user *prev; - - prev = user; - user = user->next; - hostapd_config_free_eap_user(prev); - } + hostapd_config_free_eap_users(conf->eap_user); conf->eap_user = new_user; + } else { + hostapd_config_free_eap_users(new_user); } return ret; } + #endif /* EAP_SERVER */ @@ -684,12 +767,16 @@ static int hostapd_config_parse_key_mgmt(int line, const char *value) val |= WPA_KEY_MGMT_PSK; else if (os_strcmp(start, "WPA-EAP") == 0) val |= WPA_KEY_MGMT_IEEE8021X; -#ifdef CONFIG_IEEE80211R +#ifdef CONFIG_IEEE80211R_AP else if (os_strcmp(start, "FT-PSK") == 0) val |= WPA_KEY_MGMT_FT_PSK; else if (os_strcmp(start, "FT-EAP") == 0) val |= WPA_KEY_MGMT_FT_IEEE8021X; -#endif /* CONFIG_IEEE80211R */ +#ifdef CONFIG_SHA384 + else if (os_strcmp(start, "FT-EAP-SHA384") == 0) + val |= WPA_KEY_MGMT_FT_IEEE8021X_SHA384; +#endif /* CONFIG_SHA384 */ +#endif /* CONFIG_IEEE80211R_AP */ #ifdef CONFIG_IEEE80211W else if (os_strcmp(start, "WPA-PSK-SHA256") == 0) val |= WPA_KEY_MGMT_PSK_SHA256; @@ -710,6 +797,30 @@ static int hostapd_config_parse_key_mgmt(int line, const char *value) else if (os_strcmp(start, "WPA-EAP-SUITE-B-192") == 0) val |= WPA_KEY_MGMT_IEEE8021X_SUITE_B_192; #endif /* CONFIG_SUITEB192 */ +#ifdef CONFIG_FILS + else if (os_strcmp(start, "FILS-SHA256") == 0) + val |= WPA_KEY_MGMT_FILS_SHA256; + else if (os_strcmp(start, "FILS-SHA384") == 0) + val |= WPA_KEY_MGMT_FILS_SHA384; +#ifdef CONFIG_IEEE80211R_AP + else if (os_strcmp(start, "FT-FILS-SHA256") == 0) + val |= WPA_KEY_MGMT_FT_FILS_SHA256; + else if (os_strcmp(start, "FT-FILS-SHA384") == 0) + val |= WPA_KEY_MGMT_FT_FILS_SHA384; +#endif /* CONFIG_IEEE80211R_AP */ +#endif /* CONFIG_FILS */ +#ifdef CONFIG_OWE + else if (os_strcmp(start, "OWE") == 0) + val |= WPA_KEY_MGMT_OWE; +#endif /* CONFIG_OWE */ +#ifdef CONFIG_DPP + else if (os_strcmp(start, "DPP") == 0) + val |= WPA_KEY_MGMT_DPP; +#endif /* CONFIG_DPP */ +#ifdef CONFIG_HS20 + else if (os_strcmp(start, "OSEN") == 0) + val |= WPA_KEY_MGMT_OSEN; +#endif /* CONFIG_HS20 */ else { wpa_printf(MSG_ERROR, "Line %d: invalid key_mgmt '%s'", line, start); @@ -755,17 +866,34 @@ static int hostapd_config_read_wep(struct hostapd_wep_keys *wep, int keyidx, { size_t len = os_strlen(val); - if (keyidx < 0 || keyidx > 3 || wep->key[keyidx] != NULL) + if (keyidx < 0 || keyidx > 3) + return -1; + + if (len == 0) { + int i, set = 0; + + bin_clear_free(wep->key[keyidx], wep->len[keyidx]); + wep->key[keyidx] = NULL; + wep->len[keyidx] = 0; + for (i = 0; i < NUM_WEP_KEYS; i++) { + if (wep->key[i]) + set++; + } + if (!set) + wep->keys_set = 0; + return 0; + } + + if (wep->key[keyidx] != NULL) return -1; if (val[0] == '"') { if (len < 2 || val[len - 1] != '"') return -1; len -= 2; - wep->key[keyidx] = os_malloc(len); + wep->key[keyidx] = os_memdup(val + 1, len); if (wep->key[keyidx] == NULL) return -1; - os_memcpy(wep->key[keyidx], val + 1, len); wep->len[keyidx] = len; } else { if (len & 1) @@ -978,7 +1106,27 @@ static int hostapd_config_tx_queue(struct hostapd_config *conf, } -#ifdef CONFIG_IEEE80211R +#ifdef CONFIG_IEEE80211R_AP + +static int rkh_derive_key(const char *pos, u8 *key, size_t key_len) +{ + u8 oldkey[16]; + int ret; + + if (!hexstr2bin(pos, key, key_len)) + return 0; + + /* Try to use old short key for backwards compatibility */ + if (hexstr2bin(pos, oldkey, sizeof(oldkey))) + return -1; + + ret = hmac_sha256_kdf(oldkey, sizeof(oldkey), "FT OLDKEY", NULL, 0, + key, key_len); + os_memset(oldkey, 0, sizeof(oldkey)); + return ret; +} + + static int add_r0kh(struct hostapd_bss_config *bss, char *value) { struct ft_remote_r0kh *r0kh; @@ -1012,7 +1160,7 @@ static int add_r0kh(struct hostapd_bss_config *bss, char *value) os_memcpy(r0kh->id, pos, r0kh->id_len); pos = next; - if (hexstr2bin(pos, r0kh->key, sizeof(r0kh->key))) { + if (rkh_derive_key(pos, r0kh->key, sizeof(r0kh->key)) < 0) { wpa_printf(MSG_ERROR, "Invalid R0KH key: '%s'", pos); os_free(r0kh); return -1; @@ -1057,7 +1205,7 @@ static int add_r1kh(struct hostapd_bss_config *bss, char *value) } pos = next; - if (hexstr2bin(pos, r1kh->key, sizeof(r1kh->key))) { + if (rkh_derive_key(pos, r1kh->key, sizeof(r1kh->key)) < 0) { wpa_printf(MSG_ERROR, "Invalid R1KH key: '%s'", pos); os_free(r1kh); return -1; @@ -1068,7 +1216,7 @@ static int add_r1kh(struct hostapd_bss_config *bss, char *value) return 0; } -#endif /* CONFIG_IEEE80211R */ +#endif /* CONFIG_IEEE80211R_AP */ #ifdef CONFIG_IEEE80211N @@ -1085,6 +1233,12 @@ static int hostapd_config_ht_capab(struct hostapd_config *conf, conf->ht_capab |= HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET; conf->secondary_channel = 1; } + if (os_strstr(capab, "[HT40+]") && os_strstr(capab, "[HT40-]")) { + conf->ht_capab |= HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET; + conf->ht40_plus_minus_allowed = 1; + } + if (!os_strstr(capab, "[HT40+]") && !os_strstr(capab, "[HT40-]")) + conf->secondary_channel = 0; if (os_strstr(capab, "[SMPS-STATIC]")) { conf->ht_capab &= ~HT_CAP_INFO_SMPS_MASK; conf->ht_capab |= HT_CAP_INFO_SMPS_STATIC; @@ -1307,6 +1461,44 @@ static int parse_venue_name(struct hostapd_bss_config *bss, char *pos, } +static int parse_venue_url(struct hostapd_bss_config *bss, char *pos, + int line) +{ + char *sep; + size_t nlen; + struct hostapd_venue_url *url; + int ret = -1; + + sep = os_strchr(pos, ':'); + if (!sep) + goto fail; + *sep++ = '\0'; + + nlen = os_strlen(sep); + if (nlen > 254) + goto fail; + + url = os_realloc_array(bss->venue_url, bss->venue_url_count + 1, + sizeof(struct hostapd_venue_url)); + if (!url) + goto fail; + + bss->venue_url = url; + url = &bss->venue_url[bss->venue_url_count++]; + + url->venue_number = atoi(pos); + url->url_len = nlen; + os_memcpy(url->url, sep, nlen); + + ret = 0; +fail: + if (ret) + wpa_printf(MSG_ERROR, "Line %d: Invalid venue_url '%s'", + line, pos); + return ret; +} + + static int parse_3gpp_cell_net(struct hostapd_bss_config *bss, char *buf, int line) { @@ -1857,6 +2049,24 @@ static int hs20_parse_osu_nai(struct hostapd_bss_config *bss, } +static int hs20_parse_osu_nai2(struct hostapd_bss_config *bss, + char *pos, int line) +{ + if (bss->last_osu == NULL) { + wpa_printf(MSG_ERROR, "Line %d: Unexpected OSU field", line); + return -1; + } + + os_free(bss->last_osu->osu_nai2); + bss->last_osu->osu_nai2 = os_strdup(pos); + if (bss->last_osu->osu_nai2 == NULL) + return -1; + bss->hs20_osu_providers_nai_count++; + + return 0; +} + + static int hs20_parse_osu_method_list(struct hostapd_bss_config *bss, char *pos, int line) { @@ -1916,6 +2126,25 @@ static int hs20_parse_osu_service_desc(struct hostapd_bss_config *bss, return 0; } + +static int hs20_parse_operator_icon(struct hostapd_bss_config *bss, char *pos, + int line) +{ + char **n; + + n = os_realloc_array(bss->hs20_operator_icon, + bss->hs20_operator_icon_count + 1, sizeof(char *)); + if (!n) + return -1; + bss->hs20_operator_icon = n; + bss->hs20_operator_icon[bss->hs20_operator_icon_count] = os_strdup(pos); + if (!bss->hs20_operator_icon[bss->hs20_operator_icon_count]) + return -1; + bss->hs20_operator_icon_count++; + + return 0; +} + #endif /* CONFIG_HS20 */ @@ -1986,6 +2215,118 @@ static int parse_wpabuf_hex(int line, const char *name, struct wpabuf **buf, } +#ifdef CONFIG_FILS +static int parse_fils_realm(struct hostapd_bss_config *bss, const char *val) +{ + struct fils_realm *realm; + size_t len; + + len = os_strlen(val); + realm = os_zalloc(sizeof(*realm) + len + 1); + if (!realm) + return -1; + + os_memcpy(realm->realm, val, len); + if (fils_domain_name_hash(val, realm->hash) < 0) { + os_free(realm); + return -1; + } + dl_list_add_tail(&bss->fils_realms, &realm->list); + + return 0; +} +#endif /* CONFIG_FILS */ + + +#ifdef EAP_SERVER +static unsigned int parse_tls_flags(const char *val) +{ + unsigned int flags = 0; + + /* Disable TLS v1.3 by default for now to avoid interoperability issue. + * This can be enabled by default once the implementation has been fully + * completed and tested with other implementations. */ + flags |= TLS_CONN_DISABLE_TLSv1_3; + + if (os_strstr(val, "[ALLOW-SIGN-RSA-MD5]")) + flags |= TLS_CONN_ALLOW_SIGN_RSA_MD5; + if (os_strstr(val, "[DISABLE-TIME-CHECKS]")) + flags |= TLS_CONN_DISABLE_TIME_CHECKS; + if (os_strstr(val, "[DISABLE-TLSv1.0]")) + flags |= TLS_CONN_DISABLE_TLSv1_0; + if (os_strstr(val, "[DISABLE-TLSv1.1]")) + flags |= TLS_CONN_DISABLE_TLSv1_1; + if (os_strstr(val, "[DISABLE-TLSv1.2]")) + flags |= TLS_CONN_DISABLE_TLSv1_2; + if (os_strstr(val, "[DISABLE-TLSv1.3]")) + flags |= TLS_CONN_DISABLE_TLSv1_3; + if (os_strstr(val, "[ENABLE-TLSv1.3]")) + flags &= ~TLS_CONN_DISABLE_TLSv1_3; + if (os_strstr(val, "[SUITEB]")) + flags |= TLS_CONN_SUITEB; + if (os_strstr(val, "[SUITEB-NO-ECDH]")) + flags |= TLS_CONN_SUITEB_NO_ECDH | TLS_CONN_SUITEB; + + return flags; +} +#endif /* EAP_SERVER */ + + +#ifdef CONFIG_SAE +static int parse_sae_password(struct hostapd_bss_config *bss, const char *val) +{ + struct sae_password_entry *pw; + const char *pos = val, *pos2, *end = NULL; + + pw = os_zalloc(sizeof(*pw)); + if (!pw) + return -1; + os_memset(pw->peer_addr, 0xff, ETH_ALEN); /* default to wildcard */ + + pos2 = os_strstr(pos, "|mac="); + if (pos2) { + end = pos2; + pos2 += 5; + if (hwaddr_aton(pos2, pw->peer_addr) < 0) + goto fail; + pos = pos2 + ETH_ALEN * 3 - 1; + } + + pos2 = os_strstr(pos, "|id="); + if (pos2) { + if (!end) + end = pos2; + pos2 += 4; + pw->identifier = os_strdup(pos2); + if (!pw->identifier) + goto fail; + } + + if (!end) { + pw->password = os_strdup(val); + if (!pw->password) + goto fail; + } else { + pw->password = os_malloc(end - val + 1); + if (!pw->password) + goto fail; + os_memcpy(pw->password, val, end - val); + pw->password[end - val] = '\0'; + } + + pw->next = bss->sae_passwords; + bss->sae_passwords = pw; + + return 0; +fail: + str_clear_free(pw->password); + os_free(pw->identifier); + os_free(pw); + return -1; +} +#endif /* CONFIG_SAE */ + + static int hostapd_config_fill(struct hostapd_config *conf, struct hostapd_bss_config *bss, const char *buf, char *pos, int line) @@ -2001,20 +2342,21 @@ static int hostapd_config_fill(struct hostapd_config *conf, os_strlcpy(bss->wds_bridge, pos, sizeof(bss->wds_bridge)); } else if (os_strcmp(buf, "driver") == 0) { int j; - /* clear to get error below if setting is invalid */ - conf->driver = NULL; + const struct wpa_driver_ops *driver = NULL; + for (j = 0; wpa_drivers[j]; j++) { if (os_strcmp(pos, wpa_drivers[j]->name) == 0) { - conf->driver = wpa_drivers[j]; + driver = wpa_drivers[j]; break; } } - if (conf->driver == NULL) { + if (!driver) { wpa_printf(MSG_ERROR, "Line %d: invalid/unknown driver '%s'", line, pos); return 1; } + conf->driver = driver; } else if (os_strcmp(buf, "driver_params") == 0) { os_free(conf->driver_params); conf->driver_params = os_strdup(pos); @@ -2058,13 +2400,16 @@ static int hostapd_config_fill(struct hostapd_config *conf, } else if (os_strcmp(buf, "utf8_ssid") == 0) { bss->ssid.utf8_ssid = atoi(pos) > 0; } else if (os_strcmp(buf, "macaddr_acl") == 0) { - bss->macaddr_acl = atoi(pos); - if (bss->macaddr_acl != ACCEPT_UNLESS_DENIED && - bss->macaddr_acl != DENY_UNLESS_ACCEPTED && - bss->macaddr_acl != USE_EXTERNAL_RADIUS_AUTH) { + enum macaddr_acl acl = atoi(pos); + + if (acl != ACCEPT_UNLESS_DENIED && + acl != DENY_UNLESS_ACCEPTED && + acl != USE_EXTERNAL_RADIUS_AUTH) { wpa_printf(MSG_ERROR, "Line %d: unknown macaddr_acl %d", - line, bss->macaddr_acl); + line, acl); + return 1; } + bss->macaddr_acl = acl; } else if (os_strcmp(buf, "accept_mac_file") == 0) { if (hostapd_config_read_maclist(pos, &bss->accept_mac, &bss->num_accept_mac)) { @@ -2091,8 +2436,8 @@ static int hostapd_config_fill(struct hostapd_config *conf, bss->skip_inactivity_poll = atoi(pos); } else if (os_strcmp(buf, "country_code") == 0) { os_memcpy(conf->country, pos, 2); - /* FIX: make this configurable */ - conf->country[2] = ' '; + } else if (os_strcmp(buf, "country3") == 0) { + conf->country[2] = strtol(pos, NULL, 16); } else if (os_strcmp(buf, "ieee80211d") == 0) { conf->ieee80211d = atoi(pos); } else if (os_strcmp(buf, "ieee80211h") == 0) { @@ -2100,13 +2445,15 @@ static int hostapd_config_fill(struct hostapd_config *conf, } else if (os_strcmp(buf, "ieee8021x") == 0) { bss->ieee802_1x = atoi(pos); } else if (os_strcmp(buf, "eapol_version") == 0) { - bss->eapol_version = atoi(pos); - if (bss->eapol_version < 1 || bss->eapol_version > 2) { + int eapol_version = atoi(pos); + + if (eapol_version < 1 || eapol_version > 2) { wpa_printf(MSG_ERROR, "Line %d: invalid EAPOL version (%d): '%s'.", - line, bss->eapol_version, pos); + line, eapol_version, pos); return 1; } + bss->eapol_version = eapol_version; wpa_printf(MSG_DEBUG, "eapol_version=%d", bss->eapol_version); #ifdef EAP_SERVER } else if (os_strcmp(buf, "eap_authenticator") == 0) { @@ -2133,6 +2480,8 @@ static int hostapd_config_fill(struct hostapd_config *conf, bss->check_crl = atoi(pos); } else if (os_strcmp(buf, "tls_session_lifetime") == 0) { bss->tls_session_lifetime = atoi(pos); + } else if (os_strcmp(buf, "tls_flags") == 0) { + bss->tls_flags = parse_tls_flags(pos); } else if (os_strcmp(buf, "ocsp_stapling_response") == 0) { os_free(bss->ocsp_stapling_response); bss->ocsp_stapling_response = os_strdup(pos); @@ -2207,8 +2556,10 @@ static int hostapd_config_fill(struct hostapd_config *conf, } else if (os_strcmp(buf, "pwd_group") == 0) { bss->pwd_group = atoi(pos); #endif /* EAP_SERVER_PWD */ +#ifdef CONFIG_ERP } else if (os_strcmp(buf, "eap_server_erp") == 0) { bss->eap_server_erp = atoi(pos); +#endif /* CONFIG_ERP */ #endif /* EAP_SERVER */ } else if (os_strcmp(buf, "eap_message") == 0) { char *term; @@ -2234,24 +2585,25 @@ static int hostapd_config_fill(struct hostapd_config *conf, os_free(bss->erp_domain); bss->erp_domain = os_strdup(pos); } else if (os_strcmp(buf, "wep_key_len_broadcast") == 0) { - bss->default_wep_key_len = atoi(pos); - if (bss->default_wep_key_len > 13) { - wpa_printf(MSG_ERROR, "Line %d: invalid WEP key len %lu (= %lu bits)", - line, - (unsigned long) bss->default_wep_key_len, - (unsigned long) - bss->default_wep_key_len * 8); + int val = atoi(pos); + + if (val < 0 || val > 13) { + wpa_printf(MSG_ERROR, + "Line %d: invalid WEP key len %d (= %d bits)", + line, val, val * 8); return 1; } + bss->default_wep_key_len = val; } else if (os_strcmp(buf, "wep_key_len_unicast") == 0) { - bss->individual_wep_key_len = atoi(pos); - if (bss->individual_wep_key_len < 0 || - bss->individual_wep_key_len > 13) { - wpa_printf(MSG_ERROR, "Line %d: invalid WEP key len %d (= %d bits)", - line, bss->individual_wep_key_len, - bss->individual_wep_key_len * 8); + int val = atoi(pos); + + if (val < 0 || val > 13) { + wpa_printf(MSG_ERROR, + "Line %d: invalid WEP key len %d (= %d bits)", + line, val, val * 8); return 1; } + bss->individual_wep_key_len = val; } else if (os_strcmp(buf, "wep_rekey_period") == 0) { bss->wep_rekeying_period = atoi(pos); if (bss->wep_rekeying_period < 0) { @@ -2433,12 +2785,37 @@ static int hostapd_config_fill(struct hostapd_config *conf, bss->wpa = atoi(pos); } else if (os_strcmp(buf, "wpa_group_rekey") == 0) { bss->wpa_group_rekey = atoi(pos); + bss->wpa_group_rekey_set = 1; } else if (os_strcmp(buf, "wpa_strict_rekey") == 0) { bss->wpa_strict_rekey = atoi(pos); } else if (os_strcmp(buf, "wpa_gmk_rekey") == 0) { bss->wpa_gmk_rekey = atoi(pos); } else if (os_strcmp(buf, "wpa_ptk_rekey") == 0) { bss->wpa_ptk_rekey = atoi(pos); + } else if (os_strcmp(buf, "wpa_group_update_count") == 0) { + char *endp; + unsigned long val = strtoul(pos, &endp, 0); + + if (*endp || val < 1 || val > (u32) -1) { + wpa_printf(MSG_ERROR, + "Line %d: Invalid wpa_group_update_count=%lu; allowed range 1..4294967295", + line, val); + return 1; + } + bss->wpa_group_update_count = (u32) val; + } else if (os_strcmp(buf, "wpa_pairwise_update_count") == 0) { + char *endp; + unsigned long val = strtoul(pos, &endp, 0); + + if (*endp || val < 1 || val > (u32) -1) { + wpa_printf(MSG_ERROR, + "Line %d: Invalid wpa_pairwise_update_count=%lu; allowed range 1..4294967295", + line, val); + return 1; + } + bss->wpa_pairwise_update_count = (u32) val; + } else if (os_strcmp(buf, "wpa_disable_eapol_key_retries") == 0) { + bss->wpa_disable_eapol_key_retries = atoi(pos); } else if (os_strcmp(buf, "wpa_passphrase") == 0) { int len = os_strlen(pos); if (len < 8 || len > 63) { @@ -2497,7 +2874,7 @@ static int hostapd_config_fill(struct hostapd_config *conf, if (bss->wpa_pairwise & (WPA_CIPHER_NONE | WPA_CIPHER_WEP40 | WPA_CIPHER_WEP104)) { wpa_printf(MSG_ERROR, "Line %d: unsupported pairwise cipher suite '%s'", - bss->wpa_pairwise, pos); + line, pos); return 1; } } else if (os_strcmp(buf, "rsn_pairwise") == 0) { @@ -2507,7 +2884,21 @@ static int hostapd_config_fill(struct hostapd_config *conf, if (bss->rsn_pairwise & (WPA_CIPHER_NONE | WPA_CIPHER_WEP40 | WPA_CIPHER_WEP104)) { wpa_printf(MSG_ERROR, "Line %d: unsupported pairwise cipher suite '%s'", - bss->rsn_pairwise, pos); + line, pos); + return 1; + } + } else if (os_strcmp(buf, "group_cipher") == 0) { + bss->group_cipher = hostapd_config_parse_cipher(line, pos); + if (bss->group_cipher == -1 || bss->group_cipher == 0) + return 1; + if (bss->group_cipher != WPA_CIPHER_TKIP && + bss->group_cipher != WPA_CIPHER_CCMP && + bss->group_cipher != WPA_CIPHER_GCMP && + bss->group_cipher != WPA_CIPHER_GCMP_256 && + bss->group_cipher != WPA_CIPHER_CCMP_256) { + wpa_printf(MSG_ERROR, + "Line %d: unsupported group cipher suite '%s'", + line, pos); return 1; } #ifdef CONFIG_RSN_PREAUTH @@ -2517,11 +2908,10 @@ static int hostapd_config_fill(struct hostapd_config *conf, os_free(bss->rsn_preauth_interfaces); bss->rsn_preauth_interfaces = os_strdup(pos); #endif /* CONFIG_RSN_PREAUTH */ -#ifdef CONFIG_PEERKEY } else if (os_strcmp(buf, "peerkey") == 0) { - bss->peerkey = atoi(pos); -#endif /* CONFIG_PEERKEY */ -#ifdef CONFIG_IEEE80211R + wpa_printf(MSG_INFO, + "Line %d: Obsolete peerkey parameter ignored", line); +#ifdef CONFIG_IEEE80211R_AP } else if (os_strcmp(buf, "mobility_domain") == 0) { if (os_strlen(pos) != 2 * MOBILITY_DOMAIN_ID_LEN || hexstr2bin(pos, bss->mobility_domain, @@ -2540,9 +2930,22 @@ static int hostapd_config_fill(struct hostapd_config *conf, return 1; } } else if (os_strcmp(buf, "r0_key_lifetime") == 0) { + /* DEPRECATED: Use ft_r0_key_lifetime instead. */ + bss->r0_key_lifetime = atoi(pos) * 60; + } else if (os_strcmp(buf, "ft_r0_key_lifetime") == 0) { bss->r0_key_lifetime = atoi(pos); + } else if (os_strcmp(buf, "r1_max_key_lifetime") == 0) { + bss->r1_max_key_lifetime = atoi(pos); } else if (os_strcmp(buf, "reassociation_deadline") == 0) { bss->reassociation_deadline = atoi(pos); + } else if (os_strcmp(buf, "rkh_pos_timeout") == 0) { + bss->rkh_pos_timeout = atoi(pos); + } else if (os_strcmp(buf, "rkh_neg_timeout") == 0) { + bss->rkh_neg_timeout = atoi(pos); + } else if (os_strcmp(buf, "rkh_pull_timeout") == 0) { + bss->rkh_pull_timeout = atoi(pos); + } else if (os_strcmp(buf, "rkh_pull_retries") == 0) { + bss->rkh_pull_retries = atoi(pos); } else if (os_strcmp(buf, "r0kh") == 0) { if (add_r0kh(bss, pos) < 0) { wpa_printf(MSG_DEBUG, "Line %d: Invalid r0kh '%s'", @@ -2559,7 +2962,9 @@ static int hostapd_config_fill(struct hostapd_config *conf, bss->pmk_r1_push = atoi(pos); } else if (os_strcmp(buf, "ft_over_ds") == 0) { bss->ft_over_ds = atoi(pos); -#endif /* CONFIG_IEEE80211R */ + } else if (os_strcmp(buf, "ft_psk_generate_local") == 0) { + bss->ft_psk_generate_local = atoi(pos); +#endif /* CONFIG_IEEE80211R_AP */ #ifndef CONFIG_NO_CTRL_IFACE } else if (os_strcmp(buf, "ctrl_interface") == 0) { os_free(bss->ctrl_interface); @@ -2637,6 +3042,8 @@ static int hostapd_config_fill(struct hostapd_config *conf, line, pos); return 1; } + } else if (os_strcmp(buf, "acs_exclude_dfs") == 0) { + conf->acs_exclude_dfs = atoi(pos); } else if (os_strcmp(buf, "channel") == 0) { if (os_strcmp(pos, "acs_survey") == 0) { #ifndef CONFIG_ACS @@ -2687,21 +3094,34 @@ static int hostapd_config_fill(struct hostapd_config *conf, } #endif /* CONFIG_ACS */ } else if (os_strcmp(buf, "dtim_period") == 0) { - bss->dtim_period = atoi(pos); - if (bss->dtim_period < 1 || bss->dtim_period > 255) { + int val = atoi(pos); + + if (val < 1 || val > 255) { wpa_printf(MSG_ERROR, "Line %d: invalid dtim_period %d", - line, bss->dtim_period); + line, val); return 1; } + bss->dtim_period = val; } else if (os_strcmp(buf, "bss_load_update_period") == 0) { - bss->bss_load_update_period = atoi(pos); - if (bss->bss_load_update_period < 0 || - bss->bss_load_update_period > 100) { + int val = atoi(pos); + + if (val < 0 || val > 100) { wpa_printf(MSG_ERROR, "Line %d: invalid bss_load_update_period %d", - line, bss->bss_load_update_period); + line, val); return 1; } + bss->bss_load_update_period = val; + } else if (os_strcmp(buf, "chan_util_avg_period") == 0) { + int val = atoi(pos); + + if (val < 0) { + wpa_printf(MSG_ERROR, + "Line %d: invalid chan_util_avg_period", + line); + return 1; + } + bss->chan_util_avg_period = val; } else if (os_strcmp(buf, "rts_threshold") == 0) { conf->rts_threshold = atoi(pos); if (conf->rts_threshold < -1 || conf->rts_threshold > 65535) { @@ -2741,6 +3161,40 @@ static int hostapd_config_fill(struct hostapd_config *conf, line); return 1; } + } else if (os_strcmp(buf, "beacon_rate") == 0) { + int val; + + if (os_strncmp(pos, "ht:", 3) == 0) { + val = atoi(pos + 3); + if (val < 0 || val > 31) { + wpa_printf(MSG_ERROR, + "Line %d: invalid beacon_rate HT-MCS %d", + line, val); + return 1; + } + conf->rate_type = BEACON_RATE_HT; + conf->beacon_rate = val; + } else if (os_strncmp(pos, "vht:", 4) == 0) { + val = atoi(pos + 4); + if (val < 0 || val > 9) { + wpa_printf(MSG_ERROR, + "Line %d: invalid beacon_rate VHT-MCS %d", + line, val); + return 1; + } + conf->rate_type = BEACON_RATE_VHT; + conf->beacon_rate = val; + } else { + val = atoi(pos); + if (val < 10 || val > 10000) { + wpa_printf(MSG_ERROR, + "Line %d: invalid legacy beacon_rate %d", + line, val); + return 1; + } + conf->rate_type = BEACON_RATE_LEGACY; + conf->beacon_rate = val; + } } else if (os_strcmp(buf, "preamble") == 0) { if (atoi(pos)) conf->preamble = SHORT_PREAMBLE; @@ -2898,6 +3352,24 @@ static int hostapd_config_fill(struct hostapd_config *conf, } else if (os_strcmp(buf, "use_sta_nsts") == 0) { bss->use_sta_nsts = atoi(pos); #endif /* CONFIG_IEEE80211AC */ +#ifdef CONFIG_IEEE80211AX + } else if (os_strcmp(buf, "ieee80211ax") == 0) { + conf->ieee80211ax = atoi(pos); + } else if (os_strcmp(buf, "he_su_beamformer") == 0) { + conf->he_phy_capab.he_su_beamformer = atoi(pos); + } else if (os_strcmp(buf, "he_su_beamformee") == 0) { + conf->he_phy_capab.he_su_beamformee = atoi(pos); + } else if (os_strcmp(buf, "he_mu_beamformer") == 0) { + conf->he_phy_capab.he_mu_beamformer = atoi(pos); + } else if (os_strcmp(buf, "he_bss_color") == 0) { + conf->he_op.he_bss_color = atoi(pos); + } else if (os_strcmp(buf, "he_default_pe_duration") == 0) { + conf->he_op.he_default_pe_duration = atoi(pos); + } else if (os_strcmp(buf, "he_twt_required") == 0) { + conf->he_op.he_twt_required = atoi(pos); + } else if (os_strcmp(buf, "he_rts_threshold") == 0) { + conf->he_op.he_rts_threshold = atoi(pos); +#endif /* CONFIG_IEEE80211AX */ } else if (os_strcmp(buf, "max_listen_interval") == 0) { bss->max_listen_interval = atoi(pos); } else if (os_strcmp(buf, "disable_pmksa_caching") == 0) { @@ -2978,7 +3450,10 @@ static int hostapd_config_fill(struct hostapd_config *conf, } } else if (os_strcmp(buf, "ap_pin") == 0) { os_free(bss->ap_pin); - bss->ap_pin = os_strdup(pos); + if (*pos == '\0') + bss->ap_pin = NULL; + else + bss->ap_pin = os_strdup(pos); } else if (os_strcmp(buf, "skip_cred_build") == 0) { bss->skip_cred_build = atoi(pos); } else if (os_strcmp(buf, "extra_cred") == 0) { @@ -3089,12 +3564,14 @@ static int hostapd_config_fill(struct hostapd_config *conf, bss->time_zone = os_strdup(pos); if (bss->time_zone == NULL) return 1; -#ifdef CONFIG_WNM +#ifdef CONFIG_WNM_AP } else if (os_strcmp(buf, "wnm_sleep_mode") == 0) { bss->wnm_sleep_mode = atoi(pos); + } else if (os_strcmp(buf, "wnm_sleep_mode_no_keys") == 0) { + bss->wnm_sleep_mode_no_keys = atoi(pos); } else if (os_strcmp(buf, "bss_transition") == 0) { bss->bss_transition = atoi(pos); -#endif /* CONFIG_WNM */ +#endif /* CONFIG_WNM_AP */ #ifdef CONFIG_INTERWORKING } else if (os_strcmp(buf, "interworking") == 0) { bss->interworking = atoi(pos); @@ -3132,6 +3609,9 @@ static int hostapd_config_fill(struct hostapd_config *conf, } else if (os_strcmp(buf, "venue_name") == 0) { if (parse_venue_name(bss, pos, line) < 0) return 1; + } else if (os_strcmp(buf, "venue_url") == 0) { + if (parse_venue_url(bss, pos, line) < 0) + return 1; } else if (os_strcmp(buf, "network_auth_type") == 0) { u8 auth_type; u16 redirect_url_len; @@ -3210,7 +3690,15 @@ static int hostapd_config_fill(struct hostapd_config *conf, if (parse_anqp_elem(bss, pos, line) < 0) return 1; } else if (os_strcmp(buf, "gas_frag_limit") == 0) { - bss->gas_frag_limit = atoi(pos); + int val = atoi(pos); + + if (val <= 0) { + wpa_printf(MSG_ERROR, + "Line %d: Invalid gas_frag_limit '%s'", + line, pos); + return 1; + } + bss->gas_frag_limit = val; } else if (os_strcmp(buf, "gas_comeback_delay") == 0) { bss->gas_comeback_delay = atoi(pos); } else if (os_strcmp(buf, "qos_map_set") == 0) { @@ -3291,6 +3779,9 @@ static int hostapd_config_fill(struct hostapd_config *conf, } else if (os_strcmp(buf, "osu_nai") == 0) { if (hs20_parse_osu_nai(bss, pos, line) < 0) return 1; + } else if (os_strcmp(buf, "osu_nai2") == 0) { + if (hs20_parse_osu_nai2(bss, pos, line) < 0) + return 1; } else if (os_strcmp(buf, "osu_method_list") == 0) { if (hs20_parse_osu_method_list(bss, pos, line) < 0) return 1; @@ -3300,15 +3791,30 @@ static int hostapd_config_fill(struct hostapd_config *conf, } else if (os_strcmp(buf, "osu_service_desc") == 0) { if (hs20_parse_osu_service_desc(bss, pos, line) < 0) return 1; + } else if (os_strcmp(buf, "operator_icon") == 0) { + if (hs20_parse_operator_icon(bss, pos, line) < 0) + return 1; } else if (os_strcmp(buf, "subscr_remediation_url") == 0) { os_free(bss->subscr_remediation_url); bss->subscr_remediation_url = os_strdup(pos); } else if (os_strcmp(buf, "subscr_remediation_method") == 0) { bss->subscr_remediation_method = atoi(pos); + } else if (os_strcmp(buf, "hs20_t_c_filename") == 0) { + os_free(bss->t_c_filename); + bss->t_c_filename = os_strdup(pos); + } else if (os_strcmp(buf, "hs20_t_c_timestamp") == 0) { + bss->t_c_timestamp = strtol(pos, NULL, 0); + } else if (os_strcmp(buf, "hs20_t_c_server_url") == 0) { + os_free(bss->t_c_server_url); + bss->t_c_server_url = os_strdup(pos); #endif /* CONFIG_HS20 */ #ifdef CONFIG_MBO } else if (os_strcmp(buf, "mbo") == 0) { bss->mbo_enabled = atoi(pos); + } else if (os_strcmp(buf, "mbo_cell_data_conn_pref") == 0) { + bss->mbo_cell_data_conn_pref = atoi(pos); + } else if (os_strcmp(buf, "oce") == 0) { + bss->oce = atoi(pos); #endif /* CONFIG_MBO */ #ifdef CONFIG_TESTING_OPTIONS #define PARSE_TEST_PROBABILITY(_val) \ @@ -3377,7 +3883,20 @@ static int hostapd_config_fill(struct hostapd_config *conf, wpabuf_free(bss->own_ie_override); bss->own_ie_override = tmp; + } else if (os_strcmp(buf, "sae_reflection_attack") == 0) { + bss->sae_reflection_attack = atoi(pos); + } else if (os_strcmp(buf, "sae_commit_override") == 0) { + wpabuf_free(bss->sae_commit_override); + bss->sae_commit_override = wpabuf_parse_bin(pos); #endif /* CONFIG_TESTING_OPTIONS */ +#ifdef CONFIG_SAE + } else if (os_strcmp(buf, "sae_password") == 0) { + if (parse_sae_password(bss, pos) < 0) { + wpa_printf(MSG_ERROR, "Line %d: Invalid sae_password", + line); + return 1; + } +#endif /* CONFIG_SAE */ } else if (os_strcmp(buf, "vendor_elements") == 0) { if (parse_wpabuf_hex(line, buf, &bss->vendor_elements, pos)) return 1; @@ -3386,6 +3905,8 @@ static int hostapd_config_fill(struct hostapd_config *conf, return 1; } else if (os_strcmp(buf, "sae_anti_clogging_threshold") == 0) { bss->sae_anti_clogging_threshold = atoi(pos); + } else if (os_strcmp(buf, "sae_sync") == 0) { + bss->sae_sync = atoi(pos); } else if (os_strcmp(buf, "sae_groups") == 0) { if (hostapd_parse_intlist(&bss->sae_groups, pos)) { wpa_printf(MSG_ERROR, @@ -3393,6 +3914,8 @@ static int hostapd_config_fill(struct hostapd_config *conf, line, pos); return 1; } + } else if (os_strcmp(buf, "sae_require_mfp") == 0) { + bss->sae_require_mfp = atoi(pos); } else if (os_strcmp(buf, "local_pwr_constraint") == 0) { int val = atoi(pos); if (val < 0 || val > 255) { @@ -3478,19 +4001,116 @@ static int hostapd_config_fill(struct hostapd_config *conf, } else if (os_strcmp(buf, "lci") == 0) { wpabuf_free(conf->lci); conf->lci = wpabuf_parse_bin(pos); + if (conf->lci && wpabuf_len(conf->lci) == 0) { + wpabuf_free(conf->lci); + conf->lci = NULL; + } } else if (os_strcmp(buf, "civic") == 0) { wpabuf_free(conf->civic); conf->civic = wpabuf_parse_bin(pos); + if (conf->civic && wpabuf_len(conf->civic) == 0) { + wpabuf_free(conf->civic); + conf->civic = NULL; + } } else if (os_strcmp(buf, "rrm_neighbor_report") == 0) { if (atoi(pos)) bss->radio_measurements[0] |= WLAN_RRM_CAPS_NEIGHBOR_REPORT; + } else if (os_strcmp(buf, "rrm_beacon_report") == 0) { + if (atoi(pos)) + bss->radio_measurements[0] |= + WLAN_RRM_CAPS_BEACON_REPORT_PASSIVE | + WLAN_RRM_CAPS_BEACON_REPORT_ACTIVE | + WLAN_RRM_CAPS_BEACON_REPORT_TABLE; } else if (os_strcmp(buf, "gas_address3") == 0) { bss->gas_address3 = atoi(pos); + } else if (os_strcmp(buf, "stationary_ap") == 0) { + conf->stationary_ap = atoi(pos); } else if (os_strcmp(buf, "ftm_responder") == 0) { bss->ftm_responder = atoi(pos); } else if (os_strcmp(buf, "ftm_initiator") == 0) { bss->ftm_initiator = atoi(pos); +#ifdef CONFIG_FILS + } else if (os_strcmp(buf, "fils_cache_id") == 0) { + if (hexstr2bin(pos, bss->fils_cache_id, FILS_CACHE_ID_LEN)) { + wpa_printf(MSG_ERROR, + "Line %d: Invalid fils_cache_id '%s'", + line, pos); + return 1; + } + bss->fils_cache_id_set = 1; + } else if (os_strcmp(buf, "fils_realm") == 0) { + if (parse_fils_realm(bss, pos) < 0) + return 1; + } else if (os_strcmp(buf, "fils_dh_group") == 0) { + bss->fils_dh_group = atoi(pos); + } else if (os_strcmp(buf, "dhcp_server") == 0) { + if (hostapd_parse_ip_addr(pos, &bss->dhcp_server)) { + wpa_printf(MSG_ERROR, + "Line %d: invalid IP address '%s'", + line, pos); + return 1; + } + } else if (os_strcmp(buf, "dhcp_rapid_commit_proxy") == 0) { + bss->dhcp_rapid_commit_proxy = atoi(pos); + } else if (os_strcmp(buf, "fils_hlp_wait_time") == 0) { + bss->fils_hlp_wait_time = atoi(pos); + } else if (os_strcmp(buf, "dhcp_server_port") == 0) { + bss->dhcp_server_port = atoi(pos); + } else if (os_strcmp(buf, "dhcp_relay_port") == 0) { + bss->dhcp_relay_port = atoi(pos); +#endif /* CONFIG_FILS */ + } else if (os_strcmp(buf, "multicast_to_unicast") == 0) { + bss->multicast_to_unicast = atoi(pos); + } else if (os_strcmp(buf, "broadcast_deauth") == 0) { + bss->broadcast_deauth = atoi(pos); +#ifdef CONFIG_DPP + } else if (os_strcmp(buf, "dpp_connector") == 0) { + os_free(bss->dpp_connector); + bss->dpp_connector = os_strdup(pos); + } else if (os_strcmp(buf, "dpp_netaccesskey") == 0) { + if (parse_wpabuf_hex(line, buf, &bss->dpp_netaccesskey, pos)) + return 1; + } else if (os_strcmp(buf, "dpp_netaccesskey_expiry") == 0) { + bss->dpp_netaccesskey_expiry = strtol(pos, NULL, 0); + } else if (os_strcmp(buf, "dpp_csign") == 0) { + if (parse_wpabuf_hex(line, buf, &bss->dpp_csign, pos)) + return 1; +#endif /* CONFIG_DPP */ +#ifdef CONFIG_OWE + } else if (os_strcmp(buf, "owe_transition_bssid") == 0) { + if (hwaddr_aton(pos, bss->owe_transition_bssid)) { + wpa_printf(MSG_ERROR, + "Line %d: invalid owe_transition_bssid", + line); + return 1; + } + } else if (os_strcmp(buf, "owe_transition_ssid") == 0) { + size_t slen; + char *str = wpa_config_parse_string(pos, &slen); + + if (!str || slen < 1 || slen > SSID_MAX_LEN) { + wpa_printf(MSG_ERROR, "Line %d: invalid SSID '%s'", + line, pos); + os_free(str); + return 1; + } + os_memcpy(bss->owe_transition_ssid, str, slen); + bss->owe_transition_ssid_len = slen; + os_free(str); + } else if (os_strcmp(buf, "owe_transition_ifname") == 0) { + os_strlcpy(bss->owe_transition_ifname, pos, + sizeof(bss->owe_transition_ifname)); + } else if (os_strcmp(buf, "owe_groups") == 0) { + if (hostapd_parse_intlist(&bss->owe_groups, pos)) { + wpa_printf(MSG_ERROR, + "Line %d: Invalid owe_groups value '%s'", + line, pos); + return 1; + } + } else if (os_strcmp(buf, "coloc_intf_reporting") == 0) { + bss->coloc_intf_reporting = atoi(pos); +#endif /* CONFIG_OWE */ } else { wpa_printf(MSG_ERROR, "Line %d: unknown configuration item '%s'", diff --git a/contrib/wpa/hostapd/config_file.h b/contrib/wpa/hostapd/config_file.h index c98bdb683ba1..9830f5a2232f 100644 --- a/contrib/wpa/hostapd/config_file.h +++ b/contrib/wpa/hostapd/config_file.h @@ -13,5 +13,10 @@ struct hostapd_config * hostapd_config_read(const char *fname); int hostapd_set_iface(struct hostapd_config *conf, struct hostapd_bss_config *bss, const char *field, char *value); +int hostapd_acl_comp(const void *a, const void *b); +int hostapd_add_acl_maclist(struct mac_acl_entry **acl, int *num, + int vlan_id, const u8 *addr); +void hostapd_remove_acl_mac(struct mac_acl_entry **acl, int *num, + const u8 *addr); #endif /* CONFIG_FILE_H */ diff --git a/contrib/wpa/hostapd/ctrl_iface.c b/contrib/wpa/hostapd/ctrl_iface.c index d7db4a7c3c48..75f12e543f21 100644 --- a/contrib/wpa/hostapd/ctrl_iface.c +++ b/contrib/wpa/hostapd/ctrl_iface.c @@ -1,6 +1,6 @@ /* * hostapd / UNIX domain socket -based control interface - * Copyright (c) 2004-2015, Jouni Malinen <j@w1.fi> + * Copyright (c) 2004-2018, Jouni Malinen <j@w1.fi> * * This software may be distributed under the terms of the BSD license. * See README for more details. @@ -29,6 +29,10 @@ #include "common/version.h" #include "common/ieee802_11_defs.h" #include "common/ctrl_iface_common.h" +#ifdef CONFIG_DPP +#include "common/dpp.h" +#endif /* CONFIG_DPP */ +#include "common/wpa_ctrl.h" #include "crypto/tls.h" #include "drivers/driver.h" #include "eapol_auth/eapol_auth_sm.h" @@ -50,6 +54,7 @@ #include "ap/beacon.h" #include "ap/neighbor_db.h" #include "ap/rrm.h" +#include "ap/dpp_hostapd.h" #include "wps/wps_defs.h" #include "wps/wps.h" #include "fst/fst_ctrl_iface.h" @@ -76,9 +81,9 @@ static void hostapd_ctrl_iface_send(struct hostapd_data *hapd, int level, static int hostapd_ctrl_iface_attach(struct hostapd_data *hapd, struct sockaddr_storage *from, - socklen_t fromlen) + socklen_t fromlen, const char *input) { - return ctrl_iface_attach(&hapd->ctrl_dst, from, fromlen); + return ctrl_iface_attach(&hapd->ctrl_dst, from, fromlen, input); } @@ -763,7 +768,7 @@ static int hostapd_ctrl_iface_send_qos_map_conf(struct hostapd_data *hapd, #endif /* CONFIG_INTERWORKING */ -#ifdef CONFIG_WNM +#ifdef CONFIG_WNM_AP static int hostapd_ctrl_iface_disassoc_imminent(struct hostapd_data *hapd, const char *cmd) @@ -838,7 +843,7 @@ static int hostapd_ctrl_iface_bss_tm_req(struct hostapd_data *hapd, char *url = NULL; int ret; u8 nei_rep[1000]; - u8 *nei_pos = nei_rep; + int nei_len; u8 mbo[10]; size_t mbo_len = 0; @@ -888,99 +893,10 @@ static int hostapd_ctrl_iface_bss_tm_req(struct hostapd_data *hapd, WPA_PUT_LE16(&bss_term_dur[10], atoi(end)); } - - /* - * BSS Transition Candidate List Entries - Neighbor Report elements - * neighbor=<BSSID>,<BSSID Information>,<Operating Class>, - * <Channel Number>,<PHY Type>[,<hexdump of Optional Subelements>] - */ - pos = cmd; - while (pos) { - u8 *nei_start; - long int val; - char *endptr, *tmp; - - pos = os_strstr(pos, " neighbor="); - if (!pos) - break; - if (nei_pos + 15 > nei_rep + sizeof(nei_rep)) { - wpa_printf(MSG_DEBUG, - "Not enough room for additional neighbor"); - return -1; - } - pos += 10; - - nei_start = nei_pos; - *nei_pos++ = WLAN_EID_NEIGHBOR_REPORT; - nei_pos++; /* length to be filled in */ - - if (hwaddr_aton(pos, nei_pos)) { - wpa_printf(MSG_DEBUG, "Invalid BSSID"); - return -1; - } - nei_pos += ETH_ALEN; - pos += 17; - if (*pos != ',') { - wpa_printf(MSG_DEBUG, "Missing BSSID Information"); - return -1; - } - pos++; - - val = strtol(pos, &endptr, 0); - WPA_PUT_LE32(nei_pos, val); - nei_pos += 4; - if (*endptr != ',') { - wpa_printf(MSG_DEBUG, "Missing Operating Class"); - return -1; - } - pos = endptr + 1; - - *nei_pos++ = atoi(pos); /* Operating Class */ - pos = os_strchr(pos, ','); - if (pos == NULL) { - wpa_printf(MSG_DEBUG, "Missing Channel Number"); - return -1; - } - pos++; - - *nei_pos++ = atoi(pos); /* Channel Number */ - pos = os_strchr(pos, ','); - if (pos == NULL) { - wpa_printf(MSG_DEBUG, "Missing PHY Type"); - return -1; - } - pos++; - - *nei_pos++ = atoi(pos); /* PHY Type */ - end = os_strchr(pos, ' '); - tmp = os_strchr(pos, ','); - if (tmp && (!end || tmp < end)) { - /* Optional Subelements (hexdump) */ - size_t len; - - pos = tmp + 1; - end = os_strchr(pos, ' '); - if (end) - len = end - pos; - else - len = os_strlen(pos); - if (nei_pos + len / 2 > nei_rep + sizeof(nei_rep)) { - wpa_printf(MSG_DEBUG, - "Not enough room for neighbor subelements"); - return -1; - } - if (len & 0x01 || - hexstr2bin(pos, nei_pos, len / 2) < 0) { - wpa_printf(MSG_DEBUG, - "Invalid neighbor subelement info"); - return -1; - } - nei_pos += len / 2; - pos = end; - } - - nei_start[1] = nei_pos - nei_start - 2; - } + nei_len = ieee802_11_parse_candidate_list(cmd, nei_rep, + sizeof(nei_rep)); + if (nei_len < 0) + return -1; pos = os_strstr(cmd, " url="); if (pos) { @@ -1017,14 +933,16 @@ static int hostapd_ctrl_iface_bss_tm_req(struct hostapd_data *hapd, if (ret != 3) { wpa_printf(MSG_DEBUG, "MBO requires three arguments: mbo=<reason>:<reassoc_delay>:<cell_pref>"); - return -1; + ret = -1; + goto fail; } if (mbo_reason > MBO_TRANSITION_REASON_PREMIUM_AP) { wpa_printf(MSG_DEBUG, "Invalid MBO transition reason code %u", mbo_reason); - return -1; + ret = -1; + goto fail; } /* Valid values for Cellular preference are: 0, 1, 255 */ @@ -1032,7 +950,8 @@ static int hostapd_ctrl_iface_bss_tm_req(struct hostapd_data *hapd, wpa_printf(MSG_DEBUG, "Invalid MBO cellular capability %u", cell_pref); - return -1; + ret = -1; + goto fail; } if (reassoc_delay > 65535 || @@ -1040,7 +959,8 @@ static int hostapd_ctrl_iface_bss_tm_req(struct hostapd_data *hapd, !(req_mode & WNM_BSS_TM_REQ_DISASSOC_IMMINENT))) { wpa_printf(MSG_DEBUG, "MBO: Assoc retry delay is only valid in disassoc imminent mode"); - return -1; + ret = -1; + goto fail; } *mbo_pos++ = MBO_ATTR_ID_TRANSITION_REASON; @@ -1063,14 +983,52 @@ static int hostapd_ctrl_iface_bss_tm_req(struct hostapd_data *hapd, ret = wnm_send_bss_tm_req(hapd, sta, req_mode, disassoc_timer, valid_int, bss_term_dur, url, - nei_pos > nei_rep ? nei_rep : NULL, - nei_pos - nei_rep, mbo_len ? mbo : NULL, - mbo_len); + nei_len ? nei_rep : NULL, nei_len, + mbo_len ? mbo : NULL, mbo_len); +#ifdef CONFIG_MBO +fail: +#endif /* CONFIG_MBO */ os_free(url); return ret; } -#endif /* CONFIG_WNM */ + +static int hostapd_ctrl_iface_coloc_intf_req(struct hostapd_data *hapd, + const char *cmd) +{ + u8 addr[ETH_ALEN]; + struct sta_info *sta; + const char *pos; + unsigned int auto_report, timeout; + + if (hwaddr_aton(cmd, addr)) { + wpa_printf(MSG_DEBUG, "Invalid STA MAC address"); + return -1; + } + + sta = ap_get_sta(hapd, addr); + if (!sta) { + wpa_printf(MSG_DEBUG, "Station " MACSTR + " not found for Collocated Interference Request", + MAC2STR(addr)); + return -1; + } + + pos = cmd + 17; + if (*pos != ' ') + return -1; + pos++; + auto_report = atoi(pos); + pos = os_strchr(pos, ' '); + if (!pos) + return -1; + pos++; + timeout = atoi(pos); + + return wnm_send_coloc_intf_req(hapd, sta, auto_report, timeout); +} + +#endif /* CONFIG_WNM_AP */ static int hostapd_ctrl_iface_get_key_mgmt(struct hostapd_data *hapd, @@ -1096,7 +1054,7 @@ static int hostapd_ctrl_iface_get_key_mgmt(struct hostapd_data *hapd, return pos - buf; pos += ret; } -#ifdef CONFIG_IEEE80211R +#ifdef CONFIG_IEEE80211R_AP if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_PSK) { ret = os_snprintf(pos, end - pos, "FT-PSK "); if (os_snprintf_error(end - pos, ret)) @@ -1109,6 +1067,14 @@ static int hostapd_ctrl_iface_get_key_mgmt(struct hostapd_data *hapd, return pos - buf; pos += ret; } +#ifdef CONFIG_SHA384 + if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X_SHA384) { + ret = os_snprintf(pos, end - pos, "FT-EAP-SHA384 "); + if (os_snprintf_error(end - pos, ret)) + return pos - buf; + pos += ret; + } +#endif /* CONFIG_SHA384 */ #ifdef CONFIG_SAE if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_SAE) { ret = os_snprintf(pos, end - pos, "FT-SAE "); @@ -1117,7 +1083,21 @@ static int hostapd_ctrl_iface_get_key_mgmt(struct hostapd_data *hapd, pos += ret; } #endif /* CONFIG_SAE */ -#endif /* CONFIG_IEEE80211R */ +#ifdef CONFIG_FILS + if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_FILS_SHA256) { + ret = os_snprintf(pos, end - pos, "FT-FILS-SHA256 "); + if (os_snprintf_error(end - pos, ret)) + return pos - buf; + pos += ret; + } + if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_FILS_SHA384) { + ret = os_snprintf(pos, end - pos, "FT-FILS-SHA384 "); + if (os_snprintf_error(end - pos, ret)) + return pos - buf; + pos += ret; + } +#endif /* CONFIG_FILS */ +#endif /* CONFIG_IEEE80211R_AP */ #ifdef CONFIG_IEEE80211W if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_PSK_SHA256) { ret = os_snprintf(pos, end - pos, "WPA-PSK-SHA256 "); @@ -1154,6 +1134,38 @@ static int hostapd_ctrl_iface_get_key_mgmt(struct hostapd_data *hapd, return pos - buf; pos += ret; } +#ifdef CONFIG_FILS + if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_FILS_SHA256) { + ret = os_snprintf(pos, end - pos, "FILS-SHA256 "); + if (os_snprintf_error(end - pos, ret)) + return pos - buf; + pos += ret; + } + if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_FILS_SHA384) { + ret = os_snprintf(pos, end - pos, "FILS-SHA384 "); + if (os_snprintf_error(end - pos, ret)) + return pos - buf; + pos += ret; + } +#endif /* CONFIG_FILS */ + +#ifdef CONFIG_OWE + if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_OWE) { + ret = os_snprintf(pos, end - pos, "OWE "); + if (os_snprintf_error(end - pos, ret)) + return pos - buf; + pos += ret; + } +#endif /* CONFIG_OWE */ + +#ifdef CONFIG_DPP + if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_DPP) { + ret = os_snprintf(pos, end - pos, "DPP "); + if (os_snprintf_error(end - pos, ret)) + return pos - buf; + pos += ret; + } +#endif /* CONFIG_DPP */ if (pos > buf && *(pos - 1) == ' ') { *(pos - 1) = '\0'; @@ -1282,6 +1294,42 @@ static int hostapd_ctrl_iface_get_config(struct hostapd_data *hapd, } +static void hostapd_disassoc_accept_mac(struct hostapd_data *hapd) +{ + struct sta_info *sta; + struct vlan_description vlan_id; + + if (hapd->conf->macaddr_acl != DENY_UNLESS_ACCEPTED) + return; + + for (sta = hapd->sta_list; sta; sta = sta->next) { + if (!hostapd_maclist_found(hapd->conf->accept_mac, + hapd->conf->num_accept_mac, + sta->addr, &vlan_id) || + (vlan_id.notempty && + vlan_compare(&vlan_id, sta->vlan_desc))) + ap_sta_disconnect(hapd, sta, sta->addr, + WLAN_REASON_UNSPECIFIED); + } +} + + +static void hostapd_disassoc_deny_mac(struct hostapd_data *hapd) +{ + struct sta_info *sta; + struct vlan_description vlan_id; + + for (sta = hapd->sta_list; sta; sta = sta->next) { + if (hostapd_maclist_found(hapd->conf->deny_mac, + hapd->conf->num_deny_mac, sta->addr, + &vlan_id) && + (!vlan_id.notempty || + !vlan_compare(&vlan_id, sta->vlan_desc))) + ap_sta_disconnect(hapd, sta, sta->addr, + WLAN_REASON_UNSPECIFIED); + } +} + static int hostapd_ctrl_iface_set(struct hostapd_data *hapd, char *cmd) { char *value; @@ -1319,19 +1367,27 @@ static int hostapd_ctrl_iface_set(struct hostapd_data *hapd, char *cmd) wpa_printf(MSG_DEBUG, "WPS: Testing - wps_corrupt_pkhash=%d", wps_corrupt_pkhash); #endif /* CONFIG_WPS_TESTING */ -#ifdef CONFIG_INTERWORKING - } else if (os_strcasecmp(cmd, "gas_frag_limit") == 0) { - int val = atoi(value); - if (val <= 0) - ret = -1; - else - hapd->gas_frag_limit = val; -#endif /* CONFIG_INTERWORKING */ #ifdef CONFIG_TESTING_OPTIONS } else if (os_strcasecmp(cmd, "ext_mgmt_frame_handling") == 0) { hapd->ext_mgmt_frame_handling = atoi(value); } else if (os_strcasecmp(cmd, "ext_eapol_frame_io") == 0) { hapd->ext_eapol_frame_io = atoi(value); +#ifdef CONFIG_DPP + } else if (os_strcasecmp(cmd, "dpp_config_obj_override") == 0) { + os_free(hapd->dpp_config_obj_override); + hapd->dpp_config_obj_override = os_strdup(value); + } else if (os_strcasecmp(cmd, "dpp_discovery_override") == 0) { + os_free(hapd->dpp_discovery_override); + hapd->dpp_discovery_override = os_strdup(value); + } else if (os_strcasecmp(cmd, "dpp_groups_override") == 0) { + os_free(hapd->dpp_groups_override); + hapd->dpp_groups_override = os_strdup(value); + } else if (os_strcasecmp(cmd, + "dpp_ignore_netaccesskey_mismatch") == 0) { + hapd->dpp_ignore_netaccesskey_mismatch = atoi(value); + } else if (os_strcasecmp(cmd, "dpp_test") == 0) { + dpp_test = atoi(value); +#endif /* CONFIG_DPP */ #endif /* CONFIG_TESTING_OPTIONS */ #ifdef CONFIG_MBO } else if (os_strcasecmp(cmd, "mbo_assoc_disallow") == 0) { @@ -1352,39 +1408,26 @@ static int hostapd_ctrl_iface_set(struct hostapd_data *hapd, char *cmd) * disallowing station logic. */ #endif /* CONFIG_MBO */ +#ifdef CONFIG_DPP + } else if (os_strcasecmp(cmd, "dpp_configurator_params") == 0) { + os_free(hapd->dpp_configurator_params); + hapd->dpp_configurator_params = os_strdup(value); +#endif /* CONFIG_DPP */ } else { - struct sta_info *sta; - struct vlan_description vlan_id; - ret = hostapd_set_iface(hapd->iconf, hapd->conf, cmd, value); if (ret) return ret; if (os_strcasecmp(cmd, "deny_mac_file") == 0) { - for (sta = hapd->sta_list; sta; sta = sta->next) { - if (hostapd_maclist_found( - hapd->conf->deny_mac, - hapd->conf->num_deny_mac, sta->addr, - &vlan_id) && - (!vlan_id.notempty || - !vlan_compare(&vlan_id, sta->vlan_desc))) - ap_sta_disconnect( - hapd, sta, sta->addr, - WLAN_REASON_UNSPECIFIED); - } - } else if (hapd->conf->macaddr_acl == DENY_UNLESS_ACCEPTED && - os_strcasecmp(cmd, "accept_mac_file") == 0) { - for (sta = hapd->sta_list; sta; sta = sta->next) { - if (!hostapd_maclist_found( - hapd->conf->accept_mac, - hapd->conf->num_accept_mac, - sta->addr, &vlan_id) || - (vlan_id.notempty && - vlan_compare(&vlan_id, sta->vlan_desc))) - ap_sta_disconnect( - hapd, sta, sta->addr, - WLAN_REASON_UNSPECIFIED); - } + hostapd_disassoc_deny_mac(hapd); + } else if (os_strcasecmp(cmd, "accept_mac_file") == 0) { + hostapd_disassoc_accept_mac(hapd); + } else if (os_strncmp(cmd, "wme_ac_", 7) == 0 || + os_strncmp(cmd, "wmm_ac_", 7) == 0) { + hapd->parameter_set_count++; + if (ieee802_11_update_beacons(hapd->iface)) + wpa_printf(MSG_DEBUG, + "Failed to update beacons with WMM parameters"); } } @@ -1534,6 +1577,137 @@ static int hostapd_ctrl_iface_mgmt_tx(struct hostapd_data *hapd, char *cmd) } +static int hostapd_ctrl_iface_mgmt_tx_status_process(struct hostapd_data *hapd, + char *cmd) +{ + char *pos, *param; + size_t len; + u8 *buf; + int stype = 0, ok = 0; + union wpa_event_data event; + + if (!hapd->ext_mgmt_frame_handling) + return -1; + + /* stype=<val> ok=<0/1> buf=<frame hexdump> */ + + wpa_printf(MSG_DEBUG, "External MGMT TX status process: %s", cmd); + + pos = cmd; + param = os_strstr(pos, "stype="); + if (param) { + param += 6; + stype = atoi(param); + } + + param = os_strstr(pos, " ok="); + if (param) { + param += 4; + ok = atoi(param); + } + + param = os_strstr(pos, " buf="); + if (!param) + return -1; + param += 5; + + len = os_strlen(param); + if (len & 1) + return -1; + len /= 2; + + buf = os_malloc(len); + if (!buf || hexstr2bin(param, buf, len) < 0) { + os_free(buf); + return -1; + } + + os_memset(&event, 0, sizeof(event)); + event.tx_status.type = WLAN_FC_TYPE_MGMT; + event.tx_status.data = buf; + event.tx_status.data_len = len; + event.tx_status.stype = stype; + event.tx_status.ack = ok; + hapd->ext_mgmt_frame_handling = 0; + wpa_supplicant_event(hapd, EVENT_TX_STATUS, &event); + hapd->ext_mgmt_frame_handling = 1; + + os_free(buf); + + return 0; +} + + +static int hostapd_ctrl_iface_mgmt_rx_process(struct hostapd_data *hapd, + char *cmd) +{ + char *pos, *param; + size_t len; + u8 *buf; + int freq = 0, datarate = 0, ssi_signal = 0; + union wpa_event_data event; + + if (!hapd->ext_mgmt_frame_handling) + return -1; + + /* freq=<MHz> datarate=<val> ssi_signal=<val> frame=<frame hexdump> */ + + wpa_printf(MSG_DEBUG, "External MGMT RX process: %s", cmd); + + pos = cmd; + param = os_strstr(pos, "freq="); + if (param) { + param += 5; + freq = atoi(param); + } + + param = os_strstr(pos, " datarate="); + if (param) { + param += 10; + datarate = atoi(param); + } + + param = os_strstr(pos, " ssi_signal="); + if (param) { + param += 12; + ssi_signal = atoi(param); + } + + param = os_strstr(pos, " frame="); + if (param == NULL) + return -1; + param += 7; + + len = os_strlen(param); + if (len & 1) + return -1; + len /= 2; + + buf = os_malloc(len); + if (buf == NULL) + return -1; + + if (hexstr2bin(param, buf, len) < 0) { + os_free(buf); + return -1; + } + + os_memset(&event, 0, sizeof(event)); + event.rx_mgmt.freq = freq; + event.rx_mgmt.frame = buf; + event.rx_mgmt.frame_len = len; + event.rx_mgmt.ssi_signal = ssi_signal; + event.rx_mgmt.datarate = datarate; + hapd->ext_mgmt_frame_handling = 0; + wpa_supplicant_event(hapd, EVENT_RX_MGMT, &event); + hapd->ext_mgmt_frame_handling = 1; + + os_free(buf); + + return 0; +} + + static int hostapd_ctrl_iface_eapol_rx(struct hostapd_data *hapd, char *cmd) { char *pos; @@ -1843,6 +2017,245 @@ static int hostapd_ctrl_get_fail(struct hostapd_data *hapd, #endif /* WPA_TRACE_BFD */ } + +static int hostapd_ctrl_reset_pn(struct hostapd_data *hapd, const char *cmd) +{ + struct sta_info *sta; + u8 addr[ETH_ALEN]; + u8 zero[WPA_TK_MAX_LEN]; + + os_memset(zero, 0, sizeof(zero)); + + if (hwaddr_aton(cmd, addr)) + return -1; + +#ifdef CONFIG_IEEE80211W + if (is_broadcast_ether_addr(addr) && os_strstr(cmd, "IGTK")) { + if (hapd->last_igtk_alg == WPA_ALG_NONE) + return -1; + + wpa_printf(MSG_INFO, "TESTING: Reset IPN for IGTK"); + + /* First, use a zero key to avoid any possible duplicate key + * avoidance in the driver. */ + if (hostapd_drv_set_key(hapd->conf->iface, hapd, + hapd->last_igtk_alg, + broadcast_ether_addr, + hapd->last_igtk_key_idx, 1, NULL, 0, + zero, hapd->last_igtk_len) < 0) + return -1; + + /* Set the previously configured key to reset its TSC */ + return hostapd_drv_set_key(hapd->conf->iface, hapd, + hapd->last_igtk_alg, + broadcast_ether_addr, + hapd->last_igtk_key_idx, 1, NULL, 0, + hapd->last_igtk, + hapd->last_igtk_len); + } +#endif /* CONFIG_IEEE80211W */ + + if (is_broadcast_ether_addr(addr)) { + if (hapd->last_gtk_alg == WPA_ALG_NONE) + return -1; + + wpa_printf(MSG_INFO, "TESTING: Reset PN for GTK"); + + /* First, use a zero key to avoid any possible duplicate key + * avoidance in the driver. */ + if (hostapd_drv_set_key(hapd->conf->iface, hapd, + hapd->last_gtk_alg, + broadcast_ether_addr, + hapd->last_gtk_key_idx, 1, NULL, 0, + zero, hapd->last_gtk_len) < 0) + return -1; + + /* Set the previously configured key to reset its TSC */ + return hostapd_drv_set_key(hapd->conf->iface, hapd, + hapd->last_gtk_alg, + broadcast_ether_addr, + hapd->last_gtk_key_idx, 1, NULL, 0, + hapd->last_gtk, hapd->last_gtk_len); + } + + sta = ap_get_sta(hapd, addr); + if (!sta) + return -1; + + if (sta->last_tk_alg == WPA_ALG_NONE) + return -1; + + wpa_printf(MSG_INFO, "TESTING: Reset PN for " MACSTR, + MAC2STR(sta->addr)); + + /* First, use a zero key to avoid any possible duplicate key avoidance + * in the driver. */ + if (hostapd_drv_set_key(hapd->conf->iface, hapd, sta->last_tk_alg, + sta->addr, sta->last_tk_key_idx, 1, NULL, 0, + zero, sta->last_tk_len) < 0) + return -1; + + /* Set the previously configured key to reset its TSC/RSC */ + return hostapd_drv_set_key(hapd->conf->iface, hapd, sta->last_tk_alg, + sta->addr, sta->last_tk_key_idx, 1, NULL, 0, + sta->last_tk, sta->last_tk_len); +} + + +static int hostapd_ctrl_set_key(struct hostapd_data *hapd, const char *cmd) +{ + u8 addr[ETH_ALEN]; + const char *pos = cmd; + enum wpa_alg alg; + int idx, set_tx; + u8 seq[6], key[WPA_TK_MAX_LEN]; + size_t key_len; + + /* parameters: alg addr idx set_tx seq key */ + + alg = atoi(pos); + pos = os_strchr(pos, ' '); + if (!pos) + return -1; + pos++; + if (hwaddr_aton(pos, addr)) + return -1; + pos += 17; + if (*pos != ' ') + return -1; + pos++; + idx = atoi(pos); + pos = os_strchr(pos, ' '); + if (!pos) + return -1; + pos++; + set_tx = atoi(pos); + pos = os_strchr(pos, ' '); + if (!pos) + return -1; + pos++; + if (hexstr2bin(pos, seq, sizeof(seq)) < 0) + return -1; + pos += 2 * 6; + if (*pos != ' ') + return -1; + pos++; + key_len = os_strlen(pos) / 2; + if (hexstr2bin(pos, key, key_len) < 0) + return -1; + + wpa_printf(MSG_INFO, "TESTING: Set key"); + return hostapd_drv_set_key(hapd->conf->iface, hapd, alg, addr, idx, + set_tx, seq, 6, key, key_len); +} + + +static void restore_tk(void *ctx1, void *ctx2) +{ + struct hostapd_data *hapd = ctx1; + struct sta_info *sta = ctx2; + + wpa_printf(MSG_INFO, "TESTING: Restore TK for " MACSTR, + MAC2STR(sta->addr)); + /* This does not really restore the TSC properly, so this will result + * in replay protection issues for now since there is no clean way of + * preventing encryption of a single EAPOL frame. */ + hostapd_drv_set_key(hapd->conf->iface, hapd, sta->last_tk_alg, + sta->addr, sta->last_tk_key_idx, 1, NULL, 0, + sta->last_tk, sta->last_tk_len); +} + + +static int hostapd_ctrl_resend_m1(struct hostapd_data *hapd, const char *cmd) +{ + struct sta_info *sta; + u8 addr[ETH_ALEN]; + int plain = os_strstr(cmd, "plaintext") != NULL; + + if (hwaddr_aton(cmd, addr)) + return -1; + + sta = ap_get_sta(hapd, addr); + if (!sta || !sta->wpa_sm) + return -1; + + if (plain && sta->last_tk_alg == WPA_ALG_NONE) + plain = 0; /* no need for special processing */ + if (plain) { + wpa_printf(MSG_INFO, "TESTING: Clear TK for " MACSTR, + MAC2STR(sta->addr)); + hostapd_drv_set_key(hapd->conf->iface, hapd, WPA_ALG_NONE, + sta->addr, sta->last_tk_key_idx, 0, NULL, 0, + NULL, 0); + } + + wpa_printf(MSG_INFO, "TESTING: Send M1 to " MACSTR, MAC2STR(sta->addr)); + return wpa_auth_resend_m1(sta->wpa_sm, + os_strstr(cmd, "change-anonce") != NULL, + plain ? restore_tk : NULL, hapd, sta); +} + + +static int hostapd_ctrl_resend_m3(struct hostapd_data *hapd, const char *cmd) +{ + struct sta_info *sta; + u8 addr[ETH_ALEN]; + int plain = os_strstr(cmd, "plaintext") != NULL; + + if (hwaddr_aton(cmd, addr)) + return -1; + + sta = ap_get_sta(hapd, addr); + if (!sta || !sta->wpa_sm) + return -1; + + if (plain && sta->last_tk_alg == WPA_ALG_NONE) + plain = 0; /* no need for special processing */ + if (plain) { + wpa_printf(MSG_INFO, "TESTING: Clear TK for " MACSTR, + MAC2STR(sta->addr)); + hostapd_drv_set_key(hapd->conf->iface, hapd, WPA_ALG_NONE, + sta->addr, sta->last_tk_key_idx, 0, NULL, 0, + NULL, 0); + } + + wpa_printf(MSG_INFO, "TESTING: Send M3 to " MACSTR, MAC2STR(sta->addr)); + return wpa_auth_resend_m3(sta->wpa_sm, + plain ? restore_tk : NULL, hapd, sta); +} + + +static int hostapd_ctrl_resend_group_m1(struct hostapd_data *hapd, + const char *cmd) +{ + struct sta_info *sta; + u8 addr[ETH_ALEN]; + int plain = os_strstr(cmd, "plaintext") != NULL; + + if (hwaddr_aton(cmd, addr)) + return -1; + + sta = ap_get_sta(hapd, addr); + if (!sta || !sta->wpa_sm) + return -1; + + if (plain && sta->last_tk_alg == WPA_ALG_NONE) + plain = 0; /* no need for special processing */ + if (plain) { + wpa_printf(MSG_INFO, "TESTING: Clear TK for " MACSTR, + MAC2STR(sta->addr)); + hostapd_drv_set_key(hapd->conf->iface, hapd, WPA_ALG_NONE, + sta->addr, sta->last_tk_key_idx, 0, NULL, 0, + NULL, 0); + } + + wpa_printf(MSG_INFO, + "TESTING: Send group M1 for the same GTK and zero RSC to " + MACSTR, MAC2STR(sta->addr)); + return wpa_auth_resend_group_m1(sta->wpa_sm, + plain ? restore_tk : NULL, hapd, sta); +} + #endif /* CONFIG_TESTING_OPTIONS */ @@ -1859,6 +2272,11 @@ static int hostapd_ctrl_iface_chan_switch(struct hostapd_iface *iface, return ret; for (i = 0; i < iface->num_bss; i++) { + + /* Save CHAN_SWITCH VHT config */ + hostapd_chan_switch_vht_config( + iface->bss[i], settings.freq_params.vht_enabled); + ret = hostapd_switch_channel(iface->bss[i], &settings); if (ret) { /* FIX: What do we do if CSA fails in the middle of @@ -2055,8 +2473,9 @@ static int hostapd_ctrl_iface_track_sta_list(struct hostapd_data *hapd, int ret; os_reltime_sub(&now, &info->last_seen, &age); - ret = os_snprintf(pos, end - pos, MACSTR " %u\n", - MAC2STR(info->addr), (unsigned int) age.sec); + ret = os_snprintf(pos, end - pos, MACSTR " %u %d\n", + MAC2STR(info->addr), (unsigned int) age.sec, + info->ssi_signal); if (os_snprintf_error(end - pos, ret)) break; pos += ret; @@ -2140,11 +2559,52 @@ static int hostapd_ctrl_iface_req_range(struct hostapd_data *hapd, char *cmd) } +static int hostapd_ctrl_iface_req_beacon(struct hostapd_data *hapd, + const char *cmd, char *reply, + size_t reply_size) +{ + u8 addr[ETH_ALEN]; + const char *pos; + struct wpabuf *req; + int ret; + u8 req_mode = 0; + + if (hwaddr_aton(cmd, addr)) + return -1; + pos = os_strchr(cmd, ' '); + if (!pos) + return -1; + pos++; + if (os_strncmp(pos, "req_mode=", 9) == 0) { + int val = hex2byte(pos + 9); + + if (val < 0) + return -1; + req_mode = val; + pos += 11; + pos = os_strchr(pos, ' '); + if (!pos) + return -1; + pos++; + } + req = wpabuf_parse_bin(pos); + if (!req) + return -1; + + ret = hostapd_send_beacon_req(hapd, addr, req_mode, req); + wpabuf_free(req); + if (ret >= 0) + ret = os_snprintf(reply, reply_size, "%d", ret); + return ret; +} + + static int hostapd_ctrl_iface_set_neighbor(struct hostapd_data *hapd, char *buf) { struct wpa_ssid_value ssid; u8 bssid[ETH_ALEN]; struct wpabuf *nr, *lci = NULL, *civic = NULL; + int stationary = 0; char *tmp; int ret; @@ -2223,8 +2683,15 @@ static int hostapd_ctrl_iface_set_neighbor(struct hostapd_data *hapd, char *buf) } } + if (!buf) + goto set; + + if (os_strstr(buf, "stat")) + stationary = 1; + set: - ret = hostapd_neighbor_set(hapd, bssid, &ssid, nr, lci, civic); + ret = hostapd_neighbor_set(hapd, bssid, &ssid, nr, lci, civic, + stationary); wpabuf_free(nr); wpabuf_free(lci); @@ -2285,6 +2752,80 @@ static int hostapd_ctrl_driver_flags(struct hostapd_iface *iface, char *buf, } +static int hostapd_ctrl_iface_acl_del_mac(struct mac_acl_entry **acl, int *num, + const char *txtaddr) +{ + u8 addr[ETH_ALEN]; + struct vlan_description vlan_id; + + if (!(*num)) + return 0; + + if (hwaddr_aton(txtaddr, addr)) + return -1; + + if (hostapd_maclist_found(*acl, *num, addr, &vlan_id)) + hostapd_remove_acl_mac(acl, num, addr); + + return 0; +} + + +static void hostapd_ctrl_iface_acl_clear_list(struct mac_acl_entry **acl, + int *num) +{ + while (*num) + hostapd_remove_acl_mac(acl, num, (*acl)[0].addr); +} + + +static int hostapd_ctrl_iface_acl_show_mac(struct mac_acl_entry *acl, int num, + char *buf, size_t buflen) +{ + int i = 0, len = 0, ret = 0; + + if (!acl) + return 0; + + while (i < num) { + ret = os_snprintf(buf + len, buflen - len, + MACSTR " VLAN_ID=%d\n", + MAC2STR(acl[i].addr), + acl[i].vlan_id.untagged); + if (ret < 0 || (size_t) ret >= buflen - len) + return len; + i++; + len += ret; + } + return len; +} + + +static int hostapd_ctrl_iface_acl_add_mac(struct mac_acl_entry **acl, int *num, + const char *cmd) +{ + u8 addr[ETH_ALEN]; + struct vlan_description vlan_id; + int ret = 0, vlanid = 0; + const char *pos; + + if (hwaddr_aton(cmd, addr)) + return -1; + + pos = os_strstr(cmd, "VLAN_ID="); + if (pos) + vlanid = atoi(pos + 8); + + if (!hostapd_maclist_found(*acl, *num, addr, &vlan_id)) { + ret = hostapd_add_acl_maclist(acl, num, vlanid, addr); + if (ret != -1 && *acl) + qsort(*acl, *num, sizeof(**acl), hostapd_acl_comp); + } + + return ret < 0 ? -1 : 0; +} + + static int hostapd_ctrl_iface_receive_process(struct hostapd_data *hapd, char *buf, char *reply, int reply_size, @@ -2302,6 +2843,8 @@ static int hostapd_ctrl_iface_receive_process(struct hostapd_data *hapd, } else if (os_strncmp(buf, "RELOG", 5) == 0) { if (wpa_debug_reopen_file() < 0) reply_len = -1; + } else if (os_strncmp(buf, "NOTE ", 5) == 0) { + wpa_printf(MSG_INFO, "NOTE: %s", buf + 5); } else if (os_strcmp(buf, "STATUS") == 0) { reply_len = hostapd_ctrl_iface_status(hapd, reply, reply_size); @@ -2349,7 +2892,10 @@ static int hostapd_ctrl_iface_receive_process(struct hostapd_data *hapd, reply_len = hostapd_ctrl_iface_sta_next(hapd, buf + 9, reply, reply_size); } else if (os_strcmp(buf, "ATTACH") == 0) { - if (hostapd_ctrl_iface_attach(hapd, from, fromlen)) + if (hostapd_ctrl_iface_attach(hapd, from, fromlen, NULL)) + reply_len = -1; + } else if (os_strncmp(buf, "ATTACH ", 7) == 0) { + if (hostapd_ctrl_iface_attach(hapd, from, fromlen, buf + 7)) reply_len = -1; } else if (os_strcmp(buf, "DETACH") == 0) { if (hostapd_ctrl_iface_detach(hapd, from, fromlen)) @@ -2441,7 +2987,7 @@ static int hostapd_ctrl_iface_receive_process(struct hostapd_data *hapd, if (hostapd_ctrl_iface_hs20_deauth_req(hapd, buf + 16)) reply_len = -1; #endif /* CONFIG_HS20 */ -#ifdef CONFIG_WNM +#ifdef CONFIG_WNM_AP } else if (os_strncmp(buf, "DISASSOC_IMMINENT ", 18) == 0) { if (hostapd_ctrl_iface_disassoc_imminent(hapd, buf + 18)) reply_len = -1; @@ -2451,7 +2997,10 @@ static int hostapd_ctrl_iface_receive_process(struct hostapd_data *hapd, } else if (os_strncmp(buf, "BSS_TM_REQ ", 11) == 0) { if (hostapd_ctrl_iface_bss_tm_req(hapd, buf + 11)) reply_len = -1; -#endif /* CONFIG_WNM */ + } else if (os_strncmp(buf, "COLOC_INTF_REQ ", 15) == 0) { + if (hostapd_ctrl_iface_coloc_intf_req(hapd, buf + 15)) + reply_len = -1; +#endif /* CONFIG_WNM_AP */ } else if (os_strcmp(buf, "GET_CONFIG") == 0) { reply_len = hostapd_ctrl_iface_get_config(hapd, reply, reply_size); @@ -2480,6 +3029,13 @@ static int hostapd_ctrl_iface_receive_process(struct hostapd_data *hapd, } else if (os_strncmp(buf, "MGMT_TX ", 8) == 0) { if (hostapd_ctrl_iface_mgmt_tx(hapd, buf + 8)) reply_len = -1; + } else if (os_strncmp(buf, "MGMT_TX_STATUS_PROCESS ", 23) == 0) { + if (hostapd_ctrl_iface_mgmt_tx_status_process(hapd, + buf + 23) < 0) + reply_len = -1; + } else if (os_strncmp(buf, "MGMT_RX_PROCESS ", 16) == 0) { + if (hostapd_ctrl_iface_mgmt_rx_process(hapd, buf + 16) < 0) + reply_len = -1; } else if (os_strncmp(buf, "EAPOL_RX ", 9) == 0) { if (hostapd_ctrl_iface_eapol_rx(hapd, buf + 9) < 0) reply_len = -1; @@ -2503,6 +3059,24 @@ static int hostapd_ctrl_iface_receive_process(struct hostapd_data *hapd, reply_len = -1; } else if (os_strcmp(buf, "GET_FAIL") == 0) { reply_len = hostapd_ctrl_get_fail(hapd, reply, reply_size); + } else if (os_strncmp(buf, "RESET_PN ", 9) == 0) { + if (hostapd_ctrl_reset_pn(hapd, buf + 9) < 0) + reply_len = -1; + } else if (os_strncmp(buf, "SET_KEY ", 8) == 0) { + if (hostapd_ctrl_set_key(hapd, buf + 8) < 0) + reply_len = -1; + } else if (os_strncmp(buf, "RESEND_M1 ", 10) == 0) { + if (hostapd_ctrl_resend_m1(hapd, buf + 10) < 0) + reply_len = -1; + } else if (os_strncmp(buf, "RESEND_M3 ", 10) == 0) { + if (hostapd_ctrl_resend_m3(hapd, buf + 10) < 0) + reply_len = -1; + } else if (os_strncmp(buf, "RESEND_GROUP_M1 ", 16) == 0) { + if (hostapd_ctrl_resend_group_m1(hapd, buf + 16) < 0) + reply_len = -1; + } else if (os_strcmp(buf, "REKEY_GTK") == 0) { + if (wpa_auth_rekey_gtk(hapd->wpa_auth) < 0) + reply_len = -1; #endif /* CONFIG_TESTING_OPTIONS */ } else if (os_strncmp(buf, "CHAN_SWITCH ", 12) == 0) { if (hostapd_ctrl_iface_chan_switch(hapd->iface, buf + 12)) @@ -2534,6 +3108,9 @@ static int hostapd_ctrl_iface_receive_process(struct hostapd_data *hapd, reply_size); } else if (os_strcmp(buf, "PMKSA_FLUSH") == 0) { hostapd_ctrl_iface_pmksa_flush(hapd); + } else if (os_strncmp(buf, "PMKSA_ADD ", 10) == 0) { + if (hostapd_ctrl_iface_pmksa_add(hapd, buf + 10) < 0) + reply_len = -1; } else if (os_strncmp(buf, "SET_NEIGHBOR ", 13) == 0) { if (hostapd_ctrl_iface_set_neighbor(hapd, buf + 13)) reply_len = -1; @@ -2546,9 +3123,136 @@ static int hostapd_ctrl_iface_receive_process(struct hostapd_data *hapd, } else if (os_strncmp(buf, "REQ_RANGE ", 10) == 0) { if (hostapd_ctrl_iface_req_range(hapd, buf + 10)) reply_len = -1; + } else if (os_strncmp(buf, "REQ_BEACON ", 11) == 0) { + reply_len = hostapd_ctrl_iface_req_beacon(hapd, buf + 11, + reply, reply_size); } else if (os_strcmp(buf, "DRIVER_FLAGS") == 0) { reply_len = hostapd_ctrl_driver_flags(hapd->iface, reply, reply_size); + } else if (os_strcmp(buf, "TERMINATE") == 0) { + eloop_terminate(); + } else if (os_strncmp(buf, "ACCEPT_ACL ", 11) == 0) { + if (os_strncmp(buf + 11, "ADD_MAC ", 8) == 0) { + if (!hostapd_ctrl_iface_acl_add_mac( + &hapd->conf->accept_mac, + &hapd->conf->num_accept_mac, buf + 19)) + hostapd_disassoc_accept_mac(hapd); + else + reply_len = -1; + } else if (os_strncmp((buf + 11), "DEL_MAC ", 8) == 0) { + hostapd_ctrl_iface_acl_del_mac( + &hapd->conf->accept_mac, + &hapd->conf->num_accept_mac, buf + 19); + } else if (os_strcmp(buf + 11, "SHOW") == 0) { + reply_len = hostapd_ctrl_iface_acl_show_mac( + hapd->conf->accept_mac, + hapd->conf->num_accept_mac, reply, reply_size); + } else if (os_strcmp(buf + 11, "CLEAR") == 0) { + hostapd_ctrl_iface_acl_clear_list( + &hapd->conf->accept_mac, + &hapd->conf->num_accept_mac); + } + } else if (os_strncmp(buf, "DENY_ACL ", 9) == 0) { + if (os_strncmp(buf + 9, "ADD_MAC ", 8) == 0) { + if (!hostapd_ctrl_iface_acl_add_mac( + &hapd->conf->deny_mac, + &hapd->conf->num_deny_mac, buf + 17)) + hostapd_disassoc_deny_mac(hapd); + } else if (os_strncmp(buf + 9, "DEL_MAC ", 8) == 0) { + hostapd_ctrl_iface_acl_del_mac( + &hapd->conf->deny_mac, + &hapd->conf->num_deny_mac, buf + 17); + } else if (os_strcmp(buf + 9, "SHOW") == 0) { + reply_len = hostapd_ctrl_iface_acl_show_mac( + hapd->conf->deny_mac, + hapd->conf->num_deny_mac, reply, reply_size); + } else if (os_strcmp(buf + 9, "CLEAR") == 0) { + hostapd_ctrl_iface_acl_clear_list( + &hapd->conf->deny_mac, + &hapd->conf->num_deny_mac); + } +#ifdef CONFIG_DPP + } else if (os_strncmp(buf, "DPP_QR_CODE ", 12) == 0) { + res = hostapd_dpp_qr_code(hapd, buf + 12); + if (res < 0) { + reply_len = -1; + } else { + reply_len = os_snprintf(reply, reply_size, "%d", res); + if (os_snprintf_error(reply_size, reply_len)) + reply_len = -1; + } + } else if (os_strncmp(buf, "DPP_BOOTSTRAP_GEN ", 18) == 0) { + res = hostapd_dpp_bootstrap_gen(hapd, buf + 18); + if (res < 0) { + reply_len = -1; + } else { + reply_len = os_snprintf(reply, reply_size, "%d", res); + if (os_snprintf_error(reply_size, reply_len)) + reply_len = -1; + } + } else if (os_strncmp(buf, "DPP_BOOTSTRAP_REMOVE ", 21) == 0) { + if (hostapd_dpp_bootstrap_remove(hapd, buf + 21) < 0) + reply_len = -1; + } else if (os_strncmp(buf, "DPP_BOOTSTRAP_GET_URI ", 22) == 0) { + const char *uri; + + uri = hostapd_dpp_bootstrap_get_uri(hapd, atoi(buf + 22)); + if (!uri) { + reply_len = -1; + } else { + reply_len = os_snprintf(reply, reply_size, "%s", uri); + if (os_snprintf_error(reply_size, reply_len)) + reply_len = -1; + } + } else if (os_strncmp(buf, "DPP_BOOTSTRAP_INFO ", 19) == 0) { + reply_len = hostapd_dpp_bootstrap_info(hapd, atoi(buf + 19), + reply, reply_size); + } else if (os_strncmp(buf, "DPP_AUTH_INIT ", 14) == 0) { + if (hostapd_dpp_auth_init(hapd, buf + 13) < 0) + reply_len = -1; + } else if (os_strncmp(buf, "DPP_LISTEN ", 11) == 0) { + if (hostapd_dpp_listen(hapd, buf + 11) < 0) + reply_len = -1; + } else if (os_strcmp(buf, "DPP_STOP_LISTEN") == 0) { + hostapd_dpp_stop(hapd); + hostapd_dpp_listen_stop(hapd); + } else if (os_strncmp(buf, "DPP_CONFIGURATOR_ADD", 20) == 0) { + res = hostapd_dpp_configurator_add(hapd, buf + 20); + if (res < 0) { + reply_len = -1; + } else { + reply_len = os_snprintf(reply, reply_size, "%d", res); + if (os_snprintf_error(reply_size, reply_len)) + reply_len = -1; + } + } else if (os_strncmp(buf, "DPP_CONFIGURATOR_REMOVE ", 24) == 0) { + if (hostapd_dpp_configurator_remove(hapd, buf + 24) < 0) + reply_len = -1; + } else if (os_strncmp(buf, "DPP_CONFIGURATOR_SIGN ", 22) == 0) { + if (hostapd_dpp_configurator_sign(hapd, buf + 22) < 0) + reply_len = -1; + } else if (os_strncmp(buf, "DPP_CONFIGURATOR_GET_KEY ", 25) == 0) { + reply_len = hostapd_dpp_configurator_get_key(hapd, + atoi(buf + 25), + reply, reply_size); + } else if (os_strncmp(buf, "DPP_PKEX_ADD ", 13) == 0) { + res = hostapd_dpp_pkex_add(hapd, buf + 12); + if (res < 0) { + reply_len = -1; + } else { + reply_len = os_snprintf(reply, reply_size, "%d", res); + if (os_snprintf_error(reply_size, reply_len)) + reply_len = -1; + } + } else if (os_strncmp(buf, "DPP_PKEX_REMOVE ", 16) == 0) { + if (hostapd_dpp_pkex_remove(hapd, buf + 16) < 0) + reply_len = -1; +#endif /* CONFIG_DPP */ +#ifdef RADIUS_SERVER + } else if (os_strncmp(buf, "DAC_REQUEST ", 12) == 0) { + if (radius_server_dac_request(hapd->radius_srv, buf + 12) < 0) + reply_len = -1; +#endif /* RADIUS_SERVER */ } else { os_memcpy(reply, "UNKNOWN COMMAND\n", 16); reply_len = 16; @@ -2999,9 +3703,10 @@ static int hostapd_ctrl_iface_remove(struct hapd_interfaces *interfaces, static int hostapd_global_ctrl_iface_attach(struct hapd_interfaces *interfaces, struct sockaddr_storage *from, - socklen_t fromlen) + socklen_t fromlen, char *input) { - return ctrl_iface_attach(&interfaces->global_ctrl_dst, from, fromlen); + return ctrl_iface_attach(&interfaces->global_ctrl_dst, from, fromlen, + input); } @@ -3020,6 +3725,16 @@ static void hostapd_ctrl_iface_flush(struct hapd_interfaces *interfaces) wps_testing_dummy_cred = 0; wps_corrupt_pkhash = 0; #endif /* CONFIG_WPS_TESTING */ + +#ifdef CONFIG_TESTING_OPTIONS +#ifdef CONFIG_DPP + dpp_test = DPP_TEST_DISABLED; +#endif /* CONFIG_DPP */ +#endif /* CONFIG_TESTING_OPTIONS */ + +#ifdef CONFIG_DPP + hostapd_dpp_deinit_global(interfaces); +#endif /* CONFIG_DPP */ } @@ -3371,7 +4086,11 @@ static void hostapd_global_ctrl_iface_receive(int sock, void *eloop_ctx, reply_len = -1; } else if (os_strcmp(buf, "ATTACH") == 0) { if (hostapd_global_ctrl_iface_attach(interfaces, &from, - fromlen)) + fromlen, NULL)) + reply_len = -1; + } else if (os_strncmp(buf, "ATTACH ", 7) == 0) { + if (hostapd_global_ctrl_iface_attach(interfaces, &from, + fromlen, buf + 7)) reply_len = -1; } else if (os_strcmp(buf, "DETACH") == 0) { if (hostapd_global_ctrl_iface_detach(interfaces, &from, @@ -3478,8 +4197,6 @@ int hostapd_global_ctrl_iface_init(struct hapd_interfaces *interface) } } - dl_list_init(&interface->global_ctrl_dst); - interface->global_ctrl_sock = -1; os_get_random(gcookie, COOKIE_LEN); #ifdef CONFIG_CTRL_IFACE_UDP_REMOTE @@ -3689,6 +4406,18 @@ void hostapd_global_ctrl_iface_deinit(struct hapd_interfaces *interfaces) } +static int hostapd_ctrl_check_event_enabled(struct wpa_ctrl_dst *dst, + const char *buf) +{ + /* Enable Probe Request events based on explicit request. + * Other events are enabled by default. + */ + if (str_starts(buf, RX_PROBE_REQUEST)) + return !!(dst->events & WPA_EVENT_RX_PROBE_REQUEST); + return 1; +} + + static void hostapd_ctrl_iface_send(struct hostapd_data *hapd, int level, enum wpa_msg_type type, const char *buf, size_t len) @@ -3723,7 +4452,8 @@ static void hostapd_ctrl_iface_send(struct hostapd_data *hapd, int level, idx = 0; dl_list_for_each_safe(dst, next, ctrl_dst, struct wpa_ctrl_dst, list) { - if (level >= dst->debug_level) { + if ((level >= dst->debug_level) && + hostapd_ctrl_check_event_enabled(dst, buf)) { sockaddr_print(MSG_DEBUG, "CTRL_IFACE monitor send", &dst->addr, dst->addrlen); msg.msg_name = &dst->addr; diff --git a/contrib/wpa/hostapd/defconfig b/contrib/wpa/hostapd/defconfig index 4659dd1e6bcb..77a894d5e11a 100644 --- a/contrib/wpa/hostapd/defconfig +++ b/contrib/wpa/hostapd/defconfig @@ -31,7 +31,7 @@ CONFIG_DRIVER_NL80211=y #CONFIG_LIBNL20=y # Use libnl 3.2 libraries (if this is selected, CONFIG_LIBNL20 is ignored) -#CONFIG_LIBNL32=y +CONFIG_LIBNL32=y # Driver interface for FreeBSD net80211 layer (e.g., Atheros driver) @@ -50,9 +50,6 @@ CONFIG_IAPP=y # WPA2/IEEE 802.11i RSN pre-authentication CONFIG_RSN_PREAUTH=y -# PeerKey handshake for Station to Station Link (IEEE 802.11e DLS) -CONFIG_PEERKEY=y - # IEEE 802.11w (management frame protection) CONFIG_IEEE80211W=y @@ -157,6 +154,12 @@ CONFIG_IPV6=y # IEEE 802.11ac (Very High Throughput) support #CONFIG_IEEE80211AC=y +# IEEE 802.11ax HE support +# Note: This is experimental and work in progress. The definitions are still +# subject to change and this should not be expected to interoperate with the +# final IEEE 802.11ax version. +#CONFIG_IEEE80211AX=y + # Remove debugging code that is printing out debug messages to stdout. # This can be used to reduce the size of the hostapd considerably if debugging # code is not needed. @@ -166,6 +169,9 @@ CONFIG_IPV6=y # Disabled by default. #CONFIG_DEBUG_FILE=y +# Send debug messages to syslog instead of stdout +#CONFIG_DEBUG_SYSLOG=y + # Add support for sending all debug messages (regardless of debug verbosity) # to the Linux kernel tracing facility. This helps debug the entire stack by # making it easy to record everything happening from the driver up into the @@ -256,6 +262,7 @@ CONFIG_IPV6=y # openssl = OpenSSL (default) # gnutls = GnuTLS # internal = Internal TLSv1 implementation (experimental) +# linux = Linux kernel AF_ALG and internal TLSv1 implementation (experimental) # none = Empty template #CONFIG_TLS=openssl @@ -268,6 +275,10 @@ CONFIG_IPV6=y # can be enabled to enable use of stronger crypto algorithms. #CONFIG_TLSV12=y +# Select which ciphers to use by default with OpenSSL if the user does not +# specify them. +#CONFIG_TLS_DEFAULT_CIPHERS="DEFAULT:!EXP:!LOW" + # If CONFIG_TLS=internal is used, additional library and include paths are # needed for LibTomMath. Alternatively, an integrated, minimal version of # LibTomMath can be used. See beginning of libtommath.c for details on benefits @@ -343,3 +354,22 @@ CONFIG_IPV6=y # a client, from which a signature can be produced which can identify the model # of client device like "Nexus 6P" or "iPhone 5s". #CONFIG_TAXONOMY=y + +# Fast Initial Link Setup (FILS) (IEEE 802.11ai) +# Note: This is an experimental and not yet complete implementation. This +# should not be enabled for production use. +#CONFIG_FILS=y +# FILS shared key authentication with PFS +#CONFIG_FILS_SK_PFS=y + +# Include internal line edit mode in hostapd_cli. This can be used to provide +# limited command line editing and history support. +#CONFIG_WPA_CLI_EDIT=y + +# Opportunistic Wireless Encryption (OWE) +# Experimental implementation of draft-harkins-owe-07.txt +#CONFIG_OWE=y + +# Override default value for the wpa_disable_eapol_key_retries configuration +# parameter. See that parameter in hostapd.conf for more details. +#CFLAGS += -DDEFAULT_WPA_DISABLE_EAPOL_KEY_RETRIES=1 diff --git a/contrib/wpa/hostapd/hlr_auc_gw.c b/contrib/wpa/hostapd/hlr_auc_gw.c index 2117d3423a1b..5caa779dd648 100644 --- a/contrib/wpa/hostapd/hlr_auc_gw.c +++ b/contrib/wpa/hostapd/hlr_auc_gw.c @@ -1,6 +1,6 @@ /* * HLR/AuC testing gateway for hostapd EAP-SIM/AKA database/authenticator - * Copyright (c) 2005-2007, 2012-2016, Jouni Malinen <j@w1.fi> + * Copyright (c) 2005-2007, 2012-2017, Jouni Malinen <j@w1.fi> * * This software may be distributed under the terms of the BSD license. * See README for more details. @@ -973,7 +973,7 @@ static void usage(void) { printf("HLR/AuC testing gateway for hostapd EAP-SIM/AKA " "database/authenticator\n" - "Copyright (c) 2005-2016, Jouni Malinen <j@w1.fi>\n" + "Copyright (c) 2005-2017, Jouni Malinen <j@w1.fi>\n" "\n" "usage:\n" "hlr_auc_gw [-hu] [-s<socket path>] [-g<triplet file>] " diff --git a/contrib/wpa/hostapd/hostapd.conf b/contrib/wpa/hostapd/hostapd.conf index fa9a855a6e5f..a005217116f1 100644 --- a/contrib/wpa/hostapd/hostapd.conf +++ b/contrib/wpa/hostapd/hostapd.conf @@ -98,8 +98,25 @@ ssid=test # Country code (ISO/IEC 3166-1). Used to set regulatory domain. # Set as needed to indicate country in which device is operating. # This can limit available channels and transmit power. +# These two octets are used as the first two octets of the Country String +# (dot11CountryString) #country_code=US +# The third octet of the Country String (dot11CountryString) +# This parameter is used to set the third octet of the country string. +# +# All environments of the current frequency band and country (default) +#country3=0x20 +# Outdoor environment only +#country3=0x4f +# Indoor environment only +#country3=0x49 +# Noncountry entity (country_code=XX) +#country3=0x58 +# IEEE 802.11 standard Annex E table indication: 0x01 .. 0x1f +# Annex E, Table E-4 (Global operating classes) +#country3=0x04 + # Enable IEEE 802.11d. This advertises the country_code and the set of allowed # channels and transmit power levels based on the regulatory limits. The # country_code setting must be configured with the correct country for @@ -182,6 +199,11 @@ channel=1 #chanlist=100 104 108 112 116 #chanlist=1 6 11-13 +# Exclude DFS channels from ACS +# This option can be used to exclude all DFS channels from the ACS channel list +# in cases where the driver supports DFS channels. +#acs_exclude_dfs=1 + # Beacon interval in kus (1.024 ms) (default: 100; range 15..65535) beacon_int=100 @@ -227,6 +249,19 @@ fragm_threshold=-1 #basic_rates=10 20 55 110 #basic_rates=60 120 240 +# Beacon frame TX rate configuration +# This sets the TX rate that is used to transmit Beacon frames. If this item is +# not included, the driver default rate (likely lowest rate) is used. +# Legacy (CCK/OFDM rates): +# beacon_rate=<legacy rate in 100 kbps> +# HT: +# beacon_rate=ht:<HT MCS> +# VHT: +# beacon_rate=vht:<VHT MCS> +# +# For example, beacon_rate=10 for 1 Mbps or beacon_rate=60 for 6 Mbps (OFDM). +#beacon_rate=10 + # Short Preamble # This parameter can be used to enable optional use of short preamble for # frames sent at 2 Mbps, 5.5 Mbps, and 11 Mbps to improve network performance. @@ -294,7 +329,7 @@ ignore_broadcast_ssid=0 # TX queue parameters (EDCF / bursting) # tx_queue_<queue name>_<param> -# queues: data0, data1, data2, data3, after_beacon, beacon +# queues: data0, data1, data2, data3 # (data0 is the highest priority queue) # parameters: # aifs: AIFS (default 2) @@ -476,12 +511,38 @@ wmm_ac_vo_acm=0 # Beacon and Probe Response frames. #bss_load_update_period=50 +# Channel utilization averaging period (in BUs) +# This field is used to enable and configure channel utilization average +# calculation with bss_load_update_period. This should be in multiples of +# bss_load_update_period for more accurate calculation. +#chan_util_avg_period=600 + # Fixed BSS Load value for testing purposes # This field can be used to configure hostapd to add a fixed BSS Load element # into Beacon and Probe Response frames for testing purposes. The format is # <station count>:<channel utilization>:<available admission capacity> #bss_load_test=12:80:20000 +# Multicast to unicast conversion +# Request that the AP will do multicast-to-unicast conversion for ARP, IPv4, and +# IPv6 frames (possibly within 802.1Q). If enabled, such frames are to be sent +# to each station separately, with the DA replaced by their own MAC address +# rather than the group address. +# +# Note that this may break certain expectations of the receiver, such as the +# ability to drop unicast IP packets received within multicast L2 frames, or the +# ability to not send ICMP destination unreachable messages for packets received +# in L2 multicast (which is required, but the receiver can't tell the difference +# if this new option is enabled). +# +# This also doesn't implement the 802.11 DMS (directed multicast service). +# +#multicast_to_unicast=0 + +# Send broadcast Deauthentication frame on AP start/stop +# Default: 1 (enabled) +#broadcast_deauth=1 + ##### IEEE 802.11n related configuration ###################################### # ieee80211n: Whether IEEE 802.11n (HT) is enabled @@ -692,6 +753,47 @@ wmm_ac_vo_acm=0 # setting use_sta_nsts=1. #use_sta_nsts=0 +##### IEEE 802.11ax related configuration ##################################### + +#ieee80211ax: Whether IEEE 802.11ax (HE) is enabled +# 0 = disabled (default) +# 1 = enabled +#ieee80211ax=1 + +#he_su_beamformer: HE single user beamformer support +# 0 = not supported (default) +# 1 = supported +#he_su_beamformer=1 + +#he_su_beamformee: HE single user beamformee support +# 0 = not supported (default) +# 1 = supported +#he_su_beamformee=1 + +#he_mu_beamformer: HE multiple user beamformer support +# 0 = not supported (default) +# 1 = supported +#he_mu_beamformer=1 + +# he_bss_color: BSS color +# 0 = no BSS color (default) +# unsigned integer = BSS color +#he_bss_color=0 + +#he_default_pe_duration: The duration of PE field in an HE PPDU in us +# Possible values are 0 us (default), 4 us, 8 us, 12 us, and 16 us +#he_default_pe_duration=0 + +#he_twt_required: Whether TWT is required +# 0 = not required (default) +# 1 = required +#he_twt_required=0 + +#he_rts_threshold: Duration of STA transmission +# 0 = not set (default) +# unsigned integer = duration in units of 16 us +#he_rts_threshold=0 + ##### IEEE 802.1X-2004 related configuration ################################## # Require IEEE 802.1X authorization @@ -835,7 +937,8 @@ eap_server=0 # OpenSSL cipher string # # This is an OpenSSL specific configuration option for configuring the default -# ciphers. If not set, "DEFAULT:!EXP:!LOW" is used as the default. +# ciphers. If not set, the value configured at build time ("DEFAULT:!EXP:!LOW" +# by default) is used. # See https://www.openssl.org/docs/apps/ciphers.html for OpenSSL documentation # on cipher suite configuration. This is applicable only if hostapd is built to # use OpenSSL. @@ -1088,6 +1191,8 @@ own_ip_addr=127.0.0.1 #radius_das_port=3799 # # DAS client (the host that can send Disconnect/CoA requests) and shared secret +# Format: <IP address> <shared secret> +# IP address 0.0.0.0 can be used to allow requests from any address. #radius_das_client=192.168.1.123 shared secret here # # DAS Event-Timestamp time window in seconds @@ -1134,7 +1239,10 @@ own_ip_addr=127.0.0.1 # and/or WPA2 (full IEEE 802.11i/RSN): # bit0 = WPA # bit1 = IEEE 802.11i/RSN (WPA2) (dot11RSNAEnabled) -#wpa=1 +# Note that WPA3 is also configured with bit1 since it uses RSN just like WPA2. +# In other words, for WPA3, wpa=2 is used the configuration (and +# wpa_key_mgmt=SAE for WPA3-Personal instead of wpa_key_mgmt=WPA-PSK). +#wpa=2 # WPA pre-shared keys for WPA-PSK. This can be either entered as a 256-bit # secret in hex format (64 hex digits), wpa_psk, or as an ASCII passphrase @@ -1163,31 +1271,73 @@ own_ip_addr=127.0.0.1 # Set of accepted key management algorithms (WPA-PSK, WPA-EAP, or both). The # entries are separated with a space. WPA-PSK-SHA256 and WPA-EAP-SHA256 can be # added to enable SHA256-based stronger algorithms. +# WPA-PSK = WPA-Personal / WPA2-Personal +# WPA-PSK-SHA256 = WPA2-Personal using SHA256 +# WPA-EAP = WPA-Enterprise / WPA2-Enterprise +# WPA-EAP-SHA256 = WPA2-Enterprise using SHA256 +# SAE = SAE (WPA3-Personal) +# WPA-EAP-SUITE-B-192 = WPA3-Enterprise with 192-bit security/CNSA suite +# FT-PSK = FT with passphrase/PSK +# FT-EAP = FT with EAP +# FT-EAP-SHA384 = FT with EAP using SHA384 +# FT-SAE = FT with SAE +# FILS-SHA256 = Fast Initial Link Setup with SHA256 +# FILS-SHA384 = Fast Initial Link Setup with SHA384 +# FT-FILS-SHA256 = FT and Fast Initial Link Setup with SHA256 +# FT-FILS-SHA384 = FT and Fast Initial Link Setup with SHA384 +# OWE = Opportunistic Wireless Encryption (a.k.a. Enhanced Open) +# DPP = Device Provisioning Protocol +# OSEN = Hotspot 2.0 online signup with encryption # (dot11RSNAConfigAuthenticationSuitesTable) #wpa_key_mgmt=WPA-PSK WPA-EAP # Set of accepted cipher suites (encryption algorithms) for pairwise keys # (unicast packets). This is a space separated list of algorithms: -# CCMP = AES in Counter mode with CBC-MAC [RFC 3610, IEEE 802.11i/D7.0] -# TKIP = Temporal Key Integrity Protocol [IEEE 802.11i/D7.0] +# CCMP = AES in Counter mode with CBC-MAC (CCMP-128) +# TKIP = Temporal Key Integrity Protocol +# CCMP-256 = AES in Counter mode with CBC-MAC with 256-bit key +# GCMP = Galois/counter mode protocol (GCMP-128) +# GCMP-256 = Galois/counter mode protocol with 256-bit key # Group cipher suite (encryption algorithm for broadcast and multicast frames) # is automatically selected based on this configuration. If only CCMP is # allowed as the pairwise cipher, group cipher will also be CCMP. Otherwise, -# TKIP will be used as the group cipher. +# TKIP will be used as the group cipher. The optional group_cipher parameter can +# be used to override this automatic selection. +# # (dot11RSNAConfigPairwiseCiphersTable) # Pairwise cipher for WPA (v1) (default: TKIP) #wpa_pairwise=TKIP CCMP # Pairwise cipher for RSN/WPA2 (default: use wpa_pairwise value) #rsn_pairwise=CCMP +# Optional override for automatic group cipher selection +# This can be used to select a specific group cipher regardless of which +# pairwise ciphers were enabled for WPA and RSN. It should be noted that +# overriding the group cipher with an unexpected value can result in +# interoperability issues and in general, this parameter is mainly used for +# testing purposes. +#group_cipher=CCMP + # Time interval for rekeying GTK (broadcast/multicast encryption keys) in # seconds. (dot11RSNAConfigGroupRekeyTime) -#wpa_group_rekey=600 +# This defaults to 86400 seconds (once per day) when using CCMP/GCMP as the +# group cipher and 600 seconds (once per 10 minutes) when using TKIP as the +# group cipher. +#wpa_group_rekey=86400 # Rekey GTK when any STA that possesses the current GTK is leaving the BSS. # (dot11RSNAConfigGroupRekeyStrict) #wpa_strict_rekey=1 +# The number of times EAPOL-Key Message 1/2 in the RSN Group Key Handshake is +#retried per GTK Handshake attempt. (dot11RSNAConfigGroupUpdateCount) +# This value should only be increased when stations are constantly +# deauthenticated during GTK rekeying with the log message +# "group key handshake failed...". +# You should consider to also increase wpa_pairwise_update_count then. +# Range 1..4294967295; default: 4 +#wpa_group_update_count=4 + # Time interval for rekeying GMK (master key used internally to generate GTKs # (in seconds). #wpa_gmk_rekey=86400 @@ -1196,6 +1346,36 @@ own_ip_addr=127.0.0.1 # PTK to mitigate some attacks against TKIP deficiencies. #wpa_ptk_rekey=600 +# The number of times EAPOL-Key Message 1/4 and Message 3/4 in the RSN 4-Way +# Handshake are retried per 4-Way Handshake attempt. +# (dot11RSNAConfigPairwiseUpdateCount) +# Range 1..4294967295; default: 4 +#wpa_pairwise_update_count=4 + +# Workaround for key reinstallation attacks +# +# This parameter can be used to disable retransmission of EAPOL-Key frames that +# are used to install keys (EAPOL-Key message 3/4 and group message 1/2). This +# is similar to setting wpa_group_update_count=1 and +# wpa_pairwise_update_count=1, but with no impact to message 1/4 and with +# extended timeout on the response to avoid causing issues with stations that +# may use aggressive power saving have very long time in replying to the +# EAPOL-Key messages. +# +# This option can be used to work around key reinstallation attacks on the +# station (supplicant) side in cases those station devices cannot be updated +# for some reason. By removing the retransmissions the attacker cannot cause +# key reinstallation with a delayed frame transmission. This is related to the +# station side vulnerabilities CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, +# CVE-2017-13080, and CVE-2017-13081. +# +# This workaround might cause interoperability issues and reduced robustness of +# key negotiation especially in environments with heavy traffic load due to the +# number of attempts to perform the key exchange is reduced significantly. As +# such, this workaround is disabled by default (unless overridden in build +# configuration). To enable this, set the parameter to 1. +#wpa_disable_eapol_key_retries=1 + # Enable IEEE 802.11i/RSN/WPA2 pre-authentication. This is used to speed up # roaming be pre-authenticating IEEE 802.1X/EAP part of the full RSN # authentication and key handshake before actually associating with a new AP. @@ -1211,12 +1391,6 @@ own_ip_addr=127.0.0.1 # one. #rsn_preauth_interfaces=eth0 -# peerkey: Whether PeerKey negotiation for direct links (IEEE 802.11e) is -# allowed. This is only used with RSN/WPA2. -# 0 = disabled (default) -# 1 = enabled -#peerkey=1 - # ieee80211w: Whether management frame protection (MFP) is enabled # 0 = disabled (default) # 1 = optional @@ -1259,11 +1433,44 @@ own_ip_addr=127.0.0.1 # 1 = enabled #okc=1 +# SAE password +# This parameter can be used to set passwords for SAE. By default, the +# wpa_passphrase value is used if this separate parameter is not used, but +# wpa_passphrase follows the WPA-PSK constraints (8..63 characters) even though +# SAE passwords do not have such constraints. If the BSS enabled both SAE and +# WPA-PSK and both values are set, SAE uses the sae_password values and WPA-PSK +# uses the wpa_passphrase value. +# +# Each sae_password entry is added to a list of available passwords. This +# corresponds to the dot11RSNAConfigPasswordValueEntry. sae_password value +# starts with the password (dot11RSNAConfigPasswordCredential). That value can +# be followed by optional peer MAC address (dot11RSNAConfigPasswordPeerMac) and +# by optional password identifier (dot11RSNAConfigPasswordIdentifier). If the +# peer MAC address is not included or is set to the wildcard address +# (ff:ff:ff:ff:ff:ff), the entry is available for any station to use. If a +# specific peer MAC address is included, only a station with that MAC address +# is allowed to use the entry. If the password identifier (with non-zero length) +# is included, the entry is limited to be used only with that specified +# identifier. The last matching (based on peer MAC address and identifier) entry +# is used to select which password to use. Setting sae_password to an empty +# string has a special meaning of removing all previously added entries. +# sae_password uses the following encoding: +#<password/credential>[|mac=<peer mac>][|id=<identifier>] +# Examples: +#sae_password=secret +#sae_password=really secret|mac=ff:ff:ff:ff:ff:ff +#sae_password=example secret|mac=02:03:04:05:06:07|id=pw identifier + # SAE threshold for anti-clogging mechanism (dot11RSNASAEAntiCloggingThreshold) # This parameter defines how many open SAE instances can be in progress at the # same time before the anti-clogging mechanism is taken into use. #sae_anti_clogging_threshold=5 +# Maximum number of SAE synchronization errors (dot11RSNASAESync) +# The offending SAe peer will be disconnected if more than this many +# synchronization errors happen. +#sae_sync=5 + # Enabled SAE finite cyclic groups # SAE implementation are required to support group 19 (ECC group defined over a # 256-bit prime order field). All groups that are supported by the @@ -1273,6 +1480,75 @@ own_ip_addr=127.0.0.1 # http://www.iana.org/assignments/ipsec-registry/ipsec-registry.xml#ipsec-registry-9 #sae_groups=19 20 21 25 26 +# Require MFP for all associations using SAE +# This parameter can be used to enforce negotiation of MFP for all associations +# that negotiate use of SAE. This is used in cases where SAE-capable devices are +# known to be MFP-capable and the BSS is configured with optional MFP +# (ieee80211w=1) for legacy support. The non-SAE stations can connect without +# MFP while SAE stations are required to negotiate MFP if sae_require_mfp=1. +#sae_require_mfp=0 + +# FILS Cache Identifier (16-bit value in hexdump format) +#fils_cache_id=0011 + +# FILS Realm Information +# One or more FILS realms need to be configured when FILS is enabled. This list +# of realms is used to define which realms (used in keyName-NAI by the client) +# can be used with FILS shared key authentication for ERP. +#fils_realm=example.com +#fils_realm=example.org + +# FILS DH Group for PFS +# 0 = PFS disabled with FILS shared key authentication (default) +# 1-65535 DH Group to use for FILS PFS +#fils_dh_group=0 + +# OWE DH groups +# OWE implementations are required to support group 19 (NIST P-256). All groups +# that are supported by the implementation (e.g., groups 19, 20, and 21 when +# using OpenSSL) are enabled by default. This configuration parameter can be +# used to specify a limited set of allowed groups. The group values are listed +# in the IANA registry: +# http://www.iana.org/assignments/ipsec-registry/ipsec-registry.xml#ipsec-registry-10 +#owe_groups=19 20 21 + +# OWE transition mode configuration +# Pointer to the matching open/OWE BSS +#owe_transition_bssid=<bssid> +# SSID in same format as ssid2 described above. +#owe_transition_ssid=<SSID> +# Alternatively, OWE transition mode BSSID/SSID can be configured with a +# reference to a BSS operated by this hostapd process. +#owe_transition_ifname=<ifname> + +# DHCP server for FILS HLP +# If configured, hostapd will act as a DHCP relay for all FILS HLP requests +# that include a DHCPDISCOVER message and send them to the specific DHCP +# server for processing. hostapd will then wait for a response from that server +# before replying with (Re)Association Response frame that encapsulates this +# DHCP response. own_ip_addr is used as the local address for the communication +# with the DHCP server. +#dhcp_server=127.0.0.1 + +# DHCP server UDP port +# Default: 67 +#dhcp_server_port=67 + +# DHCP relay UDP port on the local device +# Default: 67; 0 means not to bind any specific port +#dhcp_relay_port=67 + +# DHCP rapid commit proxy +# If set to 1, this enables hostapd to act as a DHCP rapid commit proxy to +# allow the rapid commit options (two message DHCP exchange) to be used with a +# server that supports only the four message DHCP exchange. This is disabled by +# default (= 0) and can be enabled by setting this to 1. +#dhcp_rapid_commit_proxy=0 + +# Wait time for FILS HLP (dot11HLPWaitTime) in TUs +# default: 30 TUs (= 30.72 milliseconds) +#fils_hlp_wait_time=30 + ##### IEEE 802.11r configuration ############################################## # Mobility Domain identifier (dot11FTMobilityDomainID, MDID) @@ -1285,9 +1561,16 @@ own_ip_addr=127.0.0.1 # 1 to 48 octet identifier. # This is configured with nas_identifier (see RADIUS client section above). -# Default lifetime of the PMK-RO in minutes; range 1..65535 +# Default lifetime of the PMK-R0 in seconds; range 60..4294967295 +# (default: 14 days / 1209600 seconds; 0 = disable timeout) # (dot11FTR0KeyLifetime) -#r0_key_lifetime=10000 +#ft_r0_key_lifetime=1209600 + +# Maximum lifetime for PMK-R1; applied only if not zero +# PMK-R1 is removed at latest after this limit. +# Removing any PMK-R1 for expiry can be disabled by setting this to -1. +# (default: 0) +#r1_max_key_lifetime=0 # PMK-R1 Key Holder identifier (dot11FTR1KeyHolderID) # 6-octet identifier as a hex string. @@ -1299,22 +1582,52 @@ own_ip_addr=127.0.0.1 #reassociation_deadline=1000 # List of R0KHs in the same Mobility Domain -# format: <MAC address> <NAS Identifier> <128-bit key as hex string> +# format: <MAC address> <NAS Identifier> <256-bit key as hex string> # This list is used to map R0KH-ID (NAS Identifier) to a destination MAC # address when requesting PMK-R1 key from the R0KH that the STA used during the # Initial Mobility Domain Association. -#r0kh=02:01:02:03:04:05 r0kh-1.example.com 000102030405060708090a0b0c0d0e0f -#r0kh=02:01:02:03:04:06 r0kh-2.example.com 00112233445566778899aabbccddeeff +#r0kh=02:01:02:03:04:05 r0kh-1.example.com 000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f +#r0kh=02:01:02:03:04:06 r0kh-2.example.com 00112233445566778899aabbccddeeff00112233445566778899aabbccddeeff # And so on.. One line per R0KH. +# Wildcard entry: +# Upon receiving a response from R0KH, it will be added to this list, so +# subsequent requests won't be broadcast. If R0KH does not reply, it will be +# blacklisted. +#r0kh=ff:ff:ff:ff:ff:ff * 00112233445566778899aabbccddeeff # List of R1KHs in the same Mobility Domain -# format: <MAC address> <R1KH-ID> <128-bit key as hex string> +# format: <MAC address> <R1KH-ID> <256-bit key as hex string> # This list is used to map R1KH-ID to a destination MAC address when sending # PMK-R1 key from the R0KH. This is also the list of authorized R1KHs in the MD # that can request PMK-R1 keys. -#r1kh=02:01:02:03:04:05 02:11:22:33:44:55 000102030405060708090a0b0c0d0e0f -#r1kh=02:01:02:03:04:06 02:11:22:33:44:66 00112233445566778899aabbccddeeff +#r1kh=02:01:02:03:04:05 02:11:22:33:44:55 000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f +#r1kh=02:01:02:03:04:06 02:11:22:33:44:66 00112233445566778899aabbccddeeff00112233445566778899aabbccddeeff # And so on.. One line per R1KH. +# Wildcard entry: +# Upon receiving a request from an R1KH not yet known, it will be added to this +# list and thus will receive push notifications. +#r1kh=00:00:00:00:00:00 00:00:00:00:00:00 00112233445566778899aabbccddeeff + +# Timeout (seconds) for newly discovered R0KH/R1KH (see wildcard entries above) +# Special values: 0 -> do not expire +# Warning: do not cache implies no sequence number validation with wildcards +#rkh_pos_timeout=86400 (default = 1 day) + +# Timeout (milliseconds) for requesting PMK-R1 from R0KH using PULL request +# and number of retries. +#rkh_pull_timeout=1000 (default = 1 second) +#rkh_pull_retries=4 (default) + +# Timeout (seconds) for non replying R0KH (see wildcard entries above) +# Special values: 0 -> do not cache +# default: 60 seconds +#rkh_neg_timeout=60 + +# Note: The R0KH/R1KH keys used to be 128-bit in length before the message +# format was changed. That shorter key length is still supported for backwards +# compatibility of the configuration files. If such a shorter key is used, a +# 256-bit key is derived from it. For new deployments, configuring the 256-bit +# key is recommended. # Whether PMK-R1 push is enabled at R0KH # 0 = do not push PMK-R1 to all configured R1KHs (default) @@ -1326,6 +1639,14 @@ own_ip_addr=127.0.0.1 # 1 = FT-over-DS enabled (default) #ft_over_ds=1 +# Whether to generate FT response locally for PSK networks +# This avoids use of PMK-R1 push/pull from other APs with FT-PSK networks as +# the required information (PSK and other session data) is already locally +# available. +# 0 = disabled (default) +# 1 = enabled +#ft_psk_generate_local=0 + ##### Neighbor table ########################################################## # Maximum number of entries kept in AP table (either for neigbor table or for # detecting Overlapping Legacy BSS Condition). The oldest entry will be @@ -1596,6 +1917,18 @@ own_ip_addr=127.0.0.1 # 1 = enabled (allow stations to use WNM-Sleep Mode) #wnm_sleep_mode=1 +# WNM-Sleep Mode GTK/IGTK workaround +# Normally, WNM-Sleep Mode exit with management frame protection negotiated +# would result in the current GTK/IGTK getting added into the WNM-Sleep Mode +# Response frame. Some station implementations may have a vulnerability that +# results in GTK/IGTK reinstallation based on this frame being replayed. This +# configuration parameter can be used to disable that behavior and use EAPOL-Key +# frames for GTK/IGTK update instead. This would likely be only used with +# wpa_disable_eapol_key_retries=1 that enables a workaround for similar issues +# with EAPOL-Key. This is related to station side vulnerabilities CVE-2017-13087 +# and CVE-2017-13088. To enable this AP-side workaround, set the parameter to 1. +#wnm_sleep_mode_no_keys=0 + # BSS Transition Management # 0 = disabled (default) # 1 = enabled @@ -1683,6 +2016,15 @@ own_ip_addr=127.0.0.1 # (double quoted string, printf-escaped string) #venue_name=P"eng:Example\nvenue" +# Venue URL information +# This parameter can be used to configure one or more Venue URL Duples to +# provide additional information corresponding to Venue Name information. +# Each entry has a Venue Number value separated by colon from the Venue URL +# string. Venue Number indicates the corresponding venue_name entry (1 = 1st +# venue_name, 2 = 2nd venue_name, and so on; 0 = no matching venue_name) +#venue_url=1:http://www.example.com/info-eng +#venue_url=2:http://www.example.com/info-fin + # Network Authentication Type # This parameter indicates what type of network authentication is used in the # network. @@ -1853,7 +2195,27 @@ own_ip_addr=127.0.0.1 # channels 36-48): #hs20_operating_class=5173 -# OSU icons +# Terms and Conditions information +# +# hs20_t_c_filename contains the Terms and Conditions filename that the AP +# indicates in RADIUS Access-Request messages. +#hs20_t_c_filename=terms-and-conditions +# +# hs20_t_c_timestamp contains the Terms and Conditions timestamp that the AP +# indicates in RADIUS Access-Request messages. Usually, this contains the number +# of seconds since January 1, 1970 00:00 UTC showing the time when the file was +# last modified. +#hs20_t_c_timestamp=1234567 +# +# hs20_t_c_server_url contains a template for the Terms and Conditions server +# URL. This template is used to generate the URL for a STA that needs to +# acknowledge Terms and Conditions. Unlike the other hs20_t_c_* parameters, this +# parameter is used on the authentication server, not the AP. +# Macros: +# @1@ = MAC address of the STA (colon separated hex octets) +#hs20_t_c_server_url=https://example.com/t_and_c?addr=@1@&ap=123 + +# OSU and Operator icons # <Icon Width>:<Icon Height>:<Language code>:<Icon Type>:<Name>:<file path> #hs20_icon=32:32:eng:image/png:icon32:/tmp/icon32.png #hs20_icon=64:64:eng:image/png:icon64:/tmp/icon64.png @@ -1865,12 +2227,15 @@ own_ip_addr=127.0.0.1 # OSU Providers # One or more sets of following parameter. Each OSU provider is started by the # mandatory osu_server_uri item. The other parameters add information for the -# last added OSU provider. +# last added OSU provider. osu_nai specifies the OSU_NAI value for OSEN +# authentication when using a standalone OSU BSS. osu_nai2 specifies the OSU_NAI +# value for OSEN authentication when using a shared BSS (Single SSID) for OSU. # #osu_server_uri=https://example.com/osu/ #osu_friendly_name=eng:Example operator #osu_friendly_name=fin:Esimerkkipalveluntarjoaja #osu_nai=anonymous@example.com +#osu_nai2=anonymous@example.com #osu_method_list=1 0 #osu_icon=icon32 #osu_icon=icon64 @@ -1879,6 +2244,35 @@ own_ip_addr=127.0.0.1 # #osu_server_uri=... +# Operator Icons +# Operator icons are specified using references to the hs20_icon entries +# (Name subfield). This information, if present, is advertsised in the +# Operator Icon Metadata ANQO-element. +#operator_icon=icon32 +#operator_icon=icon64 + +##### Multiband Operation (MBO) ############################################### +# +# MBO enabled +# 0 = disabled (default) +# 1 = enabled +#mbo=1 +# +# Cellular data connection preference +# 0 = Excluded - AP does not want STA to use the cellular data connection +# 1 = AP prefers the STA not to use cellular data connection +# 255 = AP prefers the STA to use cellular data connection +#mbo_cell_data_conn_pref=1 + +##### Optimized Connectivity Experience (OCE) ################################# +# +# Enable OCE specific features (bitmap) +# BIT(0) - Reserved +# Set BIT(1) (= 2) to enable OCE in STA-CFON mode +# Set BIT(2) (= 4) to enable OCE in AP mode +# Default is 0 = OCE disabled +#oce=0 + ##### Fast Session Transfer (FST) support ##################################### # # The options in this section are only available when the build configuration @@ -1916,6 +2310,9 @@ own_ip_addr=127.0.0.1 # Enable neighbor report via radio measurements #rrm_neighbor_report=1 +# Enable beacon report via radio measurements +#rrm_beacon_report=1 + # Publish fine timing measurement (FTM) responder functionality # This parameter only controls publishing via Extended Capabilities element. # Actual functionality is managed outside hostapd. @@ -1925,6 +2322,12 @@ own_ip_addr=127.0.0.1 # This parameter only controls publishing via Extended Capabilities element. # Actual functionality is managed outside hostapd. #ftm_initiator=0 +# +# Stationary AP config indicates that the AP doesn't move hence location data +# can be considered as always up to date. If configured, LCI data will be sent +# as a radio measurement even if the request doesn't contain a max age element +# that allows sending of such data. Default: 0. +#stationary_ap=0 ##### TESTING OPTIONS ######################################################### # diff --git a/contrib/wpa/hostapd/hostapd.eap_user_sqlite b/contrib/wpa/hostapd/hostapd.eap_user_sqlite index 826db349cfc2..411b9eafa264 100644 --- a/contrib/wpa/hostapd/hostapd.eap_user_sqlite +++ b/contrib/wpa/hostapd/hostapd.eap_user_sqlite @@ -3,7 +3,8 @@ CREATE TABLE users( methods TEXT, password TEXT, remediation TEXT, - phase2 INTEGER + phase2 INTEGER, + t_c_timestamp INTEGER ); CREATE TABLE wildcards( @@ -24,3 +25,18 @@ CREATE TABLE authlog( username TEXT, note TEXT ); + +CREATE TABLE pending_tc( + mac_addr TEXT PRIMARY KEY, + identity TEXT +); + +CREATE TABLE current_sessions( + mac_addr TEXT PRIMARY KEY, + identity TEXT, + start_time TEXT, + nas TEXT, + hs20_t_c_filtering BOOLEAN, + waiting_coa_ack BOOLEAN, + coa_ack_received BOOLEAN +); diff --git a/contrib/wpa/hostapd/hostapd_cli.c b/contrib/wpa/hostapd/hostapd_cli.c index 5e6254244b31..489da397c63d 100644 --- a/contrib/wpa/hostapd/hostapd_cli.c +++ b/contrib/wpa/hostapd/hostapd_cli.c @@ -1,6 +1,6 @@ /* * hostapd - command line interface for hostapd daemon - * Copyright (c) 2004-2016, Jouni Malinen <j@w1.fi> + * Copyright (c) 2004-2018, Jouni Malinen <j@w1.fi> * * This software may be distributed under the terms of the BSD license. * See README for more details. @@ -21,7 +21,7 @@ static const char *const hostapd_cli_version = "hostapd_cli v" VERSION_STR "\n" -"Copyright (c) 2004-2016, Jouni Malinen <j@w1.fi> and contributors"; +"Copyright (c) 2004-2018, Jouni Malinen <j@w1.fi> and contributors"; static struct wpa_ctrl *ctrl_conn; static int hostapd_cli_quit = 0; @@ -45,6 +45,8 @@ static DEFINE_DL_LIST(stations); /* struct cli_txt_entry */ static void print_help(FILE *stream, const char *cmd); static char ** list_cmd_list(void); static void hostapd_cli_receive(int sock, void *eloop_ctx, void *sock_ctx); +static void update_stations(struct wpa_ctrl *ctrl); +static void cli_event(const char *str); static void usage(void) @@ -147,13 +149,45 @@ static void hostapd_cli_close_connection(void) } +static int hostapd_cli_reconnect(const char *ifname) +{ + char *next_ctrl_ifname; + + hostapd_cli_close_connection(); + + if (!ifname) + return -1; + + next_ctrl_ifname = os_strdup(ifname); + os_free(ctrl_ifname); + ctrl_ifname = next_ctrl_ifname; + if (!ctrl_ifname) + return -1; + + ctrl_conn = hostapd_cli_open_connection(ctrl_ifname); + if (!ctrl_conn) + return -1; + if (!interactive && !action_file) + return 0; + if (wpa_ctrl_attach(ctrl_conn) == 0) { + hostapd_cli_attached = 1; + register_event_handler(ctrl_conn); + update_stations(ctrl_conn); + } else { + printf("Warning: Failed to attach to hostapd.\n"); + } + return 0; +} + + static void hostapd_cli_msg_cb(char *msg, size_t len) { + cli_event(msg); printf("%s\n", msg); } -static int _wpa_ctrl_command(struct wpa_ctrl *ctrl, char *cmd, int print) +static int _wpa_ctrl_command(struct wpa_ctrl *ctrl, const char *cmd, int print) { char buf[4096]; size_t len; @@ -181,7 +215,7 @@ static int _wpa_ctrl_command(struct wpa_ctrl *ctrl, char *cmd, int print) } -static inline int wpa_ctrl_command(struct wpa_ctrl *ctrl, char *cmd) +static inline int wpa_ctrl_command(struct wpa_ctrl *ctrl, const char *cmd) { return _wpa_ctrl_command(ctrl, cmd, 1); } @@ -286,6 +320,21 @@ static int hostapd_cli_cmd_sta(struct wpa_ctrl *ctrl, int argc, char *argv[]) } +static char ** hostapd_complete_stations(const char *str, int pos) +{ + int arg = get_cmd_arg_num(str, pos); + char **res = NULL; + + switch (arg) { + case 1: + res = cli_txt_list_array(&stations); + break; + } + + return res; +} + + static int hostapd_cli_cmd_new_sta(struct wpa_ctrl *ctrl, int argc, char *argv[]) { @@ -318,21 +367,6 @@ static int hostapd_cli_cmd_deauthenticate(struct wpa_ctrl *ctrl, int argc, } -static char ** hostapd_complete_deauthenticate(const char *str, int pos) -{ - int arg = get_cmd_arg_num(str, pos); - char **res = NULL; - - switch (arg) { - case 1: - res = cli_txt_list_array(&stations); - break; - } - - return res; -} - - static int hostapd_cli_cmd_disassociate(struct wpa_ctrl *ctrl, int argc, char *argv[]) { @@ -351,21 +385,6 @@ static int hostapd_cli_cmd_disassociate(struct wpa_ctrl *ctrl, int argc, } -static char ** hostapd_complete_disassociate(const char *str, int pos) -{ - int arg = get_cmd_arg_num(str, pos); - char **res = NULL; - - switch (arg) { - case 1: - res = cli_txt_list_array(&stations); - break; - } - - return res; -} - - #ifdef CONFIG_TAXONOMY static int hostapd_cli_cmd_signature(struct wpa_ctrl *ctrl, int argc, char *argv[]) @@ -701,8 +720,8 @@ static int hostapd_cli_cmd_get_config(struct wpa_ctrl *ctrl, int argc, } -static int wpa_ctrl_command_sta(struct wpa_ctrl *ctrl, char *cmd, - char *addr, size_t addr_len) +static int wpa_ctrl_command_sta(struct wpa_ctrl *ctrl, const char *cmd, + char *addr, size_t addr_len, int print) { char buf[4096], *pos; size_t len; @@ -726,7 +745,8 @@ static int wpa_ctrl_command_sta(struct wpa_ctrl *ctrl, char *cmd, buf[len] = '\0'; if (memcmp(buf, "FAIL", 4) == 0) return -1; - printf("%s", buf); + if (print) + printf("%s", buf); pos = buf; while (*pos != '\0' && *pos != '\n') @@ -742,16 +762,33 @@ static int hostapd_cli_cmd_all_sta(struct wpa_ctrl *ctrl, int argc, { char addr[32], cmd[64]; - if (wpa_ctrl_command_sta(ctrl, "STA-FIRST", addr, sizeof(addr))) + if (wpa_ctrl_command_sta(ctrl, "STA-FIRST", addr, sizeof(addr), 1)) return 0; do { snprintf(cmd, sizeof(cmd), "STA-NEXT %s", addr); - } while (wpa_ctrl_command_sta(ctrl, cmd, addr, sizeof(addr)) == 0); + } while (wpa_ctrl_command_sta(ctrl, cmd, addr, sizeof(addr), 1) == 0); return -1; } +static int hostapd_cli_cmd_list_sta(struct wpa_ctrl *ctrl, int argc, + char *argv[]) +{ + char addr[32], cmd[64]; + + if (wpa_ctrl_command_sta(ctrl, "STA-FIRST", addr, sizeof(addr), 0)) + return 0; + do { + if (os_strcmp(addr, "") != 0) + printf("%s\n", addr); + os_snprintf(cmd, sizeof(cmd), "STA-NEXT %s", addr); + } while (wpa_ctrl_command_sta(ctrl, cmd, addr, sizeof(addr), 0) == 0); + + return 0; +} + + static int hostapd_cli_cmd_help(struct wpa_ctrl *ctrl, int argc, char *argv[]) { print_help(stdout, argc > 0 ? argv[0] : NULL); @@ -888,6 +925,25 @@ static int hostapd_cli_cmd_level(struct wpa_ctrl *ctrl, int argc, char *argv[]) } +static void update_stations(struct wpa_ctrl *ctrl) +{ + char addr[32], cmd[64]; + + if (!ctrl || !interactive) + return; + + cli_txt_list_flush(&stations); + + if (wpa_ctrl_command_sta(ctrl, "STA-FIRST", addr, sizeof(addr), 0)) + return; + do { + if (os_strcmp(addr, "") != 0) + cli_txt_list_add(&stations, addr); + os_snprintf(cmd, sizeof(cmd), "STA-NEXT %s", addr); + } while (wpa_ctrl_command_sta(ctrl, cmd, addr, sizeof(addr), 0) == 0); +} + + static void hostapd_cli_get_interfaces(struct wpa_ctrl *ctrl, struct dl_list *interfaces) { @@ -940,23 +996,7 @@ static int hostapd_cli_cmd_interface(struct wpa_ctrl *ctrl, int argc, hostapd_cli_list_interfaces(ctrl); return 0; } - - hostapd_cli_close_connection(); - os_free(ctrl_ifname); - ctrl_ifname = os_strdup(argv[0]); - if (ctrl_ifname == NULL) - return -1; - - if (hostapd_cli_open_connection(ctrl_ifname)) { - printf("Connected to interface '%s.\n", ctrl_ifname); - if (wpa_ctrl_attach(ctrl_conn) == 0) { - hostapd_cli_attached = 1; - register_event_handler(ctrl_conn); - } else { - printf("Warning: Failed to attach to " - "hostapd.\n"); - } - } else { + if (hostapd_cli_reconnect(argv[0]) != 0) { printf("Could not connect to interface '%s' - re-trying\n", ctrl_ifname); } @@ -984,7 +1024,7 @@ static char ** hostapd_complete_interface(const char *str, int pos) static int hostapd_cli_cmd_set(struct wpa_ctrl *ctrl, int argc, char *argv[]) { - char cmd[256]; + char cmd[2048]; int res; if (argc != 2) { @@ -1002,6 +1042,44 @@ static int hostapd_cli_cmd_set(struct wpa_ctrl *ctrl, int argc, char *argv[]) } +static char ** hostapd_complete_set(const char *str, int pos) +{ + int arg = get_cmd_arg_num(str, pos); + const char *fields[] = { +#ifdef CONFIG_WPS_TESTING + "wps_version_number", "wps_testing_dummy_cred", + "wps_corrupt_pkhash", +#endif /* CONFIG_WPS_TESTING */ +#ifdef CONFIG_INTERWORKING + "gas_frag_limit", +#endif /* CONFIG_INTERWORKING */ +#ifdef CONFIG_TESTING_OPTIONS + "ext_mgmt_frame_handling", "ext_eapol_frame_io", +#endif /* CONFIG_TESTING_OPTIONS */ +#ifdef CONFIG_MBO + "mbo_assoc_disallow", +#endif /* CONFIG_MBO */ + "deny_mac_file", "accept_mac_file", + }; + int i, num_fields = ARRAY_SIZE(fields); + + if (arg == 1) { + char **res; + + res = os_calloc(num_fields + 1, sizeof(char *)); + if (!res) + return NULL; + for (i = 0; i < num_fields; i++) { + res[i] = os_strdup(fields[i]); + if (!res[i]) + return res; + } + return res; + } + return NULL; +} + + static int hostapd_cli_cmd_get(struct wpa_ctrl *ctrl, int argc, char *argv[]) { char cmd[256]; @@ -1022,6 +1100,31 @@ static int hostapd_cli_cmd_get(struct wpa_ctrl *ctrl, int argc, char *argv[]) } +static char ** hostapd_complete_get(const char *str, int pos) +{ + int arg = get_cmd_arg_num(str, pos); + const char *fields[] = { + "version", "tls_library", + }; + int i, num_fields = ARRAY_SIZE(fields); + + if (arg == 1) { + char **res; + + res = os_calloc(num_fields + 1, sizeof(char *)); + if (!res) + return NULL; + for (i = 0; i < num_fields; i++) { + res[i] = os_strdup(fields[i]); + if (!res[i]) + return res; + } + return res; + } + return NULL; +} + + #ifdef CONFIG_FST static int hostapd_cli_cmd_fst(struct wpa_ctrl *ctrl, int argc, char *argv[]) { @@ -1185,14 +1288,14 @@ static int hostapd_cli_cmd_set_neighbor(struct wpa_ctrl *ctrl, int argc, char cmd[2048]; int res; - if (argc < 3 || argc > 5) { - printf("Invalid set_neighbor command: needs 3-5 arguments\n"); + if (argc < 3 || argc > 6) { + printf("Invalid set_neighbor command: needs 3-6 arguments\n"); return -1; } - res = os_snprintf(cmd, sizeof(cmd), "SET_NEIGHBOR %s %s %s %s %s", + res = os_snprintf(cmd, sizeof(cmd), "SET_NEIGHBOR %s %s %s %s %s %s", argv[0], argv[1], argv[2], argc >= 4 ? argv[3] : "", - argc == 5 ? argv[4] : ""); + argc >= 5 ? argv[4] : "", argc == 6 ? argv[5] : ""); if (os_snprintf_error(sizeof(cmd), res)) { printf("Too long SET_NEIGHBOR command.\n"); return -1; @@ -1261,6 +1364,122 @@ static int hostapd_cli_cmd_driver_flags(struct wpa_ctrl *ctrl, int argc, } +#ifdef CONFIG_DPP + +static int hostapd_cli_cmd_dpp_qr_code(struct wpa_ctrl *ctrl, int argc, + char *argv[]) +{ + return hostapd_cli_cmd(ctrl, "DPP_QR_CODE", 1, argc, argv); +} + + +static int hostapd_cli_cmd_dpp_bootstrap_gen(struct wpa_ctrl *ctrl, int argc, + char *argv[]) +{ + return hostapd_cli_cmd(ctrl, "DPP_BOOTSTRAP_GEN", 1, argc, argv); +} + + +static int hostapd_cli_cmd_dpp_bootstrap_remove(struct wpa_ctrl *ctrl, int argc, + char *argv[]) +{ + return hostapd_cli_cmd(ctrl, "DPP_BOOTSTRAP_REMOVE", 1, argc, argv); +} + + +static int hostapd_cli_cmd_dpp_bootstrap_get_uri(struct wpa_ctrl *ctrl, + int argc, char *argv[]) +{ + return hostapd_cli_cmd(ctrl, "DPP_BOOTSTRAP_GET_URI", 1, argc, argv); +} + + +static int hostapd_cli_cmd_dpp_bootstrap_info(struct wpa_ctrl *ctrl, int argc, + char *argv[]) +{ + return hostapd_cli_cmd(ctrl, "DPP_BOOTSTRAP_INFO", 1, argc, argv); +} + + +static int hostapd_cli_cmd_dpp_auth_init(struct wpa_ctrl *ctrl, int argc, + char *argv[]) +{ + return hostapd_cli_cmd(ctrl, "DPP_AUTH_INIT", 1, argc, argv); +} + + +static int hostapd_cli_cmd_dpp_listen(struct wpa_ctrl *ctrl, int argc, + char *argv[]) +{ + return hostapd_cli_cmd(ctrl, "DPP_LISTEN", 1, argc, argv); +} + + +static int hostapd_cli_cmd_dpp_stop_listen(struct wpa_ctrl *ctrl, int argc, + char *argv[]) +{ + return wpa_ctrl_command(ctrl, "DPP_STOP_LISTEN"); +} + + +static int hostapd_cli_cmd_dpp_configurator_add(struct wpa_ctrl *ctrl, int argc, + char *argv[]) +{ + return hostapd_cli_cmd(ctrl, "DPP_CONFIGURATOR_ADD", 0, argc, argv); +} + + +static int hostapd_cli_cmd_dpp_configurator_remove(struct wpa_ctrl *ctrl, + int argc, char *argv[]) +{ + return hostapd_cli_cmd(ctrl, "DPP_CONFIGURATOR_REMOVE", 1, argc, argv); +} + + +static int hostapd_cli_cmd_dpp_configurator_get_key(struct wpa_ctrl *ctrl, + int argc, char *argv[]) +{ + return hostapd_cli_cmd(ctrl, "DPP_CONFIGURATOR_GET_KEY", 1, argc, argv); +} + + +static int hostapd_cli_cmd_dpp_pkex_add(struct wpa_ctrl *ctrl, int argc, + char *argv[]) +{ + return hostapd_cli_cmd(ctrl, "DPP_PKEX_ADD", 1, argc, argv); +} + + +static int hostapd_cli_cmd_dpp_pkex_remove(struct wpa_ctrl *ctrl, int argc, + char *argv[]) +{ + return hostapd_cli_cmd(ctrl, "DPP_PKEX_REMOVE", 1, argc, argv); +} + +#endif /* CONFIG_DPP */ + + +static int hostapd_cli_cmd_accept_macacl(struct wpa_ctrl *ctrl, int argc, + char *argv[]) +{ + return hostapd_cli_cmd(ctrl, "ACCEPT_ACL", 1, argc, argv); +} + + +static int hostapd_cli_cmd_deny_macacl(struct wpa_ctrl *ctrl, int argc, + char *argv[]) +{ + return hostapd_cli_cmd(ctrl, "DENY_ACL", 1, argc, argv); +} + + +static int hostapd_cli_cmd_poll_sta(struct wpa_ctrl *ctrl, int argc, + char *argv[]) +{ + return hostapd_cli_cmd(ctrl, "POLL_STA", 1, argc, argv); +} + + struct hostapd_cli_cmd { const char *cmd; int (*handler)(struct wpa_ctrl *ctrl, int argc, char *argv[]); @@ -1273,26 +1492,30 @@ static const struct hostapd_cli_cmd hostapd_cli_commands[] = { "= pings hostapd" }, { "mib", hostapd_cli_cmd_mib, NULL, "= get MIB variables (dot1x, dot11, radius)" }, - { "relog", hostapd_cli_cmd_relog, NULL, NULL }, - { "status", hostapd_cli_cmd_status, NULL, NULL }, - { "sta", hostapd_cli_cmd_sta, NULL, + { "relog", hostapd_cli_cmd_relog, NULL, + "= reload/truncate debug log output file" }, + { "status", hostapd_cli_cmd_status, NULL, + "= show interface status info" }, + { "sta", hostapd_cli_cmd_sta, hostapd_complete_stations, "<addr> = get MIB variables for one station" }, { "all_sta", hostapd_cli_cmd_all_sta, NULL, "= get MIB variables for all stations" }, + { "list_sta", hostapd_cli_cmd_list_sta, NULL, + "= list all stations" }, { "new_sta", hostapd_cli_cmd_new_sta, NULL, "<addr> = add a new station" }, { "deauthenticate", hostapd_cli_cmd_deauthenticate, - hostapd_complete_deauthenticate, + hostapd_complete_stations, "<addr> = deauthenticate a station" }, { "disassociate", hostapd_cli_cmd_disassociate, - hostapd_complete_disassociate, + hostapd_complete_stations, "<addr> = disassociate a station" }, #ifdef CONFIG_TAXONOMY - { "signature", hostapd_cli_cmd_signature, NULL, + { "signature", hostapd_cli_cmd_signature, hostapd_complete_stations, "<addr> = get taxonomy signature for a station" }, #endif /* CONFIG_TAXONOMY */ #ifdef CONFIG_IEEE80211W - { "sa_query", hostapd_cli_cmd_sa_query, NULL, + { "sa_query", hostapd_cli_cmd_sa_query, hostapd_complete_stations, "<addr> = send SA Query to a station" }, #endif /* CONFIG_IEEE80211W */ #ifdef CONFIG_WPS @@ -1321,9 +1544,12 @@ static const struct hostapd_cli_cmd hostapd_cli_commands[] = { { "wps_get_status", hostapd_cli_cmd_wps_get_status, NULL, "= show current WPS status" }, #endif /* CONFIG_WPS */ - { "disassoc_imminent", hostapd_cli_cmd_disassoc_imminent, NULL, NULL }, - { "ess_disassoc", hostapd_cli_cmd_ess_disassoc, NULL, NULL }, - { "bss_tm_req", hostapd_cli_cmd_bss_tm_req, NULL, NULL }, + { "disassoc_imminent", hostapd_cli_cmd_disassoc_imminent, NULL, + "= send Disassociation Imminent notification" }, + { "ess_disassoc", hostapd_cli_cmd_ess_disassoc, NULL, + "= send ESS Dissassociation Imminent notification" }, + { "bss_tm_req", hostapd_cli_cmd_bss_tm_req, NULL, + "= send BSS Transition Management Request" }, { "get_config", hostapd_cli_cmd_get_config, NULL, "= show current configuration" }, { "help", hostapd_cli_cmd_help, hostapd_cli_complete_help, @@ -1331,35 +1557,100 @@ static const struct hostapd_cli_cmd hostapd_cli_commands[] = { { "interface", hostapd_cli_cmd_interface, hostapd_complete_interface, "[ifname] = show interfaces/select interface" }, #ifdef CONFIG_FST - { "fst", hostapd_cli_cmd_fst, NULL, NULL }, + { "fst", hostapd_cli_cmd_fst, NULL, + "<params...> = send FST-MANAGER control interface command" }, #endif /* CONFIG_FST */ - { "raw", hostapd_cli_cmd_raw, NULL, NULL }, + { "raw", hostapd_cli_cmd_raw, NULL, + "<params..> = send unprocessed command" }, { "level", hostapd_cli_cmd_level, NULL, "<debug level> = change debug level" }, { "license", hostapd_cli_cmd_license, NULL, "= show full hostapd_cli license" }, { "quit", hostapd_cli_cmd_quit, NULL, "= exit hostapd_cli" }, - { "set", hostapd_cli_cmd_set, NULL, NULL }, - { "get", hostapd_cli_cmd_get, NULL, NULL }, - { "set_qos_map_set", hostapd_cli_cmd_set_qos_map_set, NULL, NULL }, - { "send_qos_map_conf", hostapd_cli_cmd_send_qos_map_conf, NULL, NULL }, - { "chan_switch", hostapd_cli_cmd_chan_switch, NULL, NULL }, - { "hs20_wnm_notif", hostapd_cli_cmd_hs20_wnm_notif, NULL, NULL }, - { "hs20_deauth_req", hostapd_cli_cmd_hs20_deauth_req, NULL, NULL }, - { "vendor", hostapd_cli_cmd_vendor, NULL, NULL }, - { "enable", hostapd_cli_cmd_enable, NULL, NULL }, - { "reload", hostapd_cli_cmd_reload, NULL, NULL }, - { "disable", hostapd_cli_cmd_disable, NULL, NULL }, - { "erp_flush", hostapd_cli_cmd_erp_flush, NULL, NULL }, - { "log_level", hostapd_cli_cmd_log_level, NULL, NULL }, - { "pmksa", hostapd_cli_cmd_pmksa, NULL, NULL }, - { "pmksa_flush", hostapd_cli_cmd_pmksa_flush, NULL, NULL }, - { "set_neighbor", hostapd_cli_cmd_set_neighbor, NULL, NULL }, - { "remove_neighbor", hostapd_cli_cmd_remove_neighbor, NULL, NULL }, - { "req_lci", hostapd_cli_cmd_req_lci, NULL, NULL }, - { "req_range", hostapd_cli_cmd_req_range, NULL, NULL }, - { "driver_flags", hostapd_cli_cmd_driver_flags, NULL, NULL }, + { "set", hostapd_cli_cmd_set, hostapd_complete_set, + "<name> <value> = set runtime variables" }, + { "get", hostapd_cli_cmd_get, hostapd_complete_get, + "<name> = get runtime info" }, + { "set_qos_map_set", hostapd_cli_cmd_set_qos_map_set, NULL, + "<arg,arg,...> = set QoS Map set element" }, + { "send_qos_map_conf", hostapd_cli_cmd_send_qos_map_conf, + hostapd_complete_stations, + "<addr> = send QoS Map Configure frame" }, + { "chan_switch", hostapd_cli_cmd_chan_switch, NULL, + "<cs_count> <freq> [sec_channel_offset=] [center_freq1=]\n" + " [center_freq2=] [bandwidth=] [blocktx] [ht|vht]\n" + " = initiate channel switch announcement" }, + { "hs20_wnm_notif", hostapd_cli_cmd_hs20_wnm_notif, NULL, + "<addr> <url>\n" + " = send WNM-Notification Subscription Remediation Request" }, + { "hs20_deauth_req", hostapd_cli_cmd_hs20_deauth_req, NULL, + "<addr> <code (0/1)> <Re-auth-Delay(sec)> [url]\n" + " = send WNM-Notification imminent deauthentication indication" }, + { "vendor", hostapd_cli_cmd_vendor, NULL, + "<vendor id> <sub command id> [<hex formatted data>]\n" + " = send vendor driver command" }, + { "enable", hostapd_cli_cmd_enable, NULL, + "= enable hostapd on current interface" }, + { "reload", hostapd_cli_cmd_reload, NULL, + "= reload configuration for current interface" }, + { "disable", hostapd_cli_cmd_disable, NULL, + "= disable hostapd on current interface" }, + { "erp_flush", hostapd_cli_cmd_erp_flush, NULL, + "= drop all ERP keys"}, + { "log_level", hostapd_cli_cmd_log_level, NULL, + "[level] = show/change log verbosity level" }, + { "pmksa", hostapd_cli_cmd_pmksa, NULL, + " = show PMKSA cache entries" }, + { "pmksa_flush", hostapd_cli_cmd_pmksa_flush, NULL, + " = flush PMKSA cache" }, + { "set_neighbor", hostapd_cli_cmd_set_neighbor, NULL, + "<addr> <ssid=> <nr=> [lci=] [civic=] [stat]\n" + " = add AP to neighbor database" }, + { "remove_neighbor", hostapd_cli_cmd_remove_neighbor, NULL, + "<addr> <ssid=> = remove AP from neighbor database" }, + { "req_lci", hostapd_cli_cmd_req_lci, hostapd_complete_stations, + "<addr> = send LCI request to a station"}, + { "req_range", hostapd_cli_cmd_req_range, NULL, + " = send FTM range request"}, + { "driver_flags", hostapd_cli_cmd_driver_flags, NULL, + " = show supported driver flags"}, +#ifdef CONFIG_DPP + { "dpp_qr_code", hostapd_cli_cmd_dpp_qr_code, NULL, + "report a scanned DPP URI from a QR Code" }, + { "dpp_bootstrap_gen", hostapd_cli_cmd_dpp_bootstrap_gen, NULL, + "type=<qrcode> [chan=..] [mac=..] [info=..] [curve=..] [key=..] = generate DPP bootstrap information" }, + { "dpp_bootstrap_remove", hostapd_cli_cmd_dpp_bootstrap_remove, NULL, + "*|<id> = remove DPP bootstrap information" }, + { "dpp_bootstrap_get_uri", hostapd_cli_cmd_dpp_bootstrap_get_uri, NULL, + "<id> = get DPP bootstrap URI" }, + { "dpp_bootstrap_info", hostapd_cli_cmd_dpp_bootstrap_info, NULL, + "<id> = show DPP bootstrap information" }, + { "dpp_auth_init", hostapd_cli_cmd_dpp_auth_init, NULL, + "peer=<id> [own=<id>] = initiate DPP bootstrapping" }, + { "dpp_listen", hostapd_cli_cmd_dpp_listen, NULL, + "<freq in MHz> = start DPP listen" }, + { "dpp_stop_listen", hostapd_cli_cmd_dpp_stop_listen, NULL, + "= stop DPP listen" }, + { "dpp_configurator_add", hostapd_cli_cmd_dpp_configurator_add, NULL, + "[curve=..] [key=..] = add DPP configurator" }, + { "dpp_configurator_remove", hostapd_cli_cmd_dpp_configurator_remove, + NULL, + "*|<id> = remove DPP configurator" }, + { "dpp_configurator_get_key", hostapd_cli_cmd_dpp_configurator_get_key, + NULL, + "<id> = Get DPP configurator's private key" }, + { "dpp_pkex_add", hostapd_cli_cmd_dpp_pkex_add, NULL, + "add PKEX code" }, + { "dpp_pkex_remove", hostapd_cli_cmd_dpp_pkex_remove, NULL, + "*|<id> = remove DPP pkex information" }, +#endif /* CONFIG_DPP */ + { "accept_acl", hostapd_cli_cmd_accept_macacl, NULL, + "=Add/Delete/Show/Clear accept MAC ACL" }, + { "deny_acl", hostapd_cli_cmd_deny_macacl, NULL, + "=Add/Delete/Show/Clear deny MAC ACL" }, + { "poll_sta", hostapd_cli_cmd_poll_sta, hostapd_complete_stations, + "<addr> = poll a STA to check connectivity with a QoS null frame" }, { NULL, NULL, NULL, NULL } }; @@ -1471,7 +1762,7 @@ static void hostapd_cli_recv_pending(struct wpa_ctrl *ctrl, int in_read, if (ctrl_conn == NULL) return; while (wpa_ctrl_pending(ctrl)) { - char buf[256]; + char buf[4096]; size_t len = sizeof(buf) - 1; if (wpa_ctrl_recv(ctrl, buf, &len) == 0) { buf[len] = '\0'; @@ -1504,19 +1795,8 @@ static void hostapd_cli_ping(void *eloop_ctx, void *timeout_ctx) printf("Connection to hostapd lost - trying to reconnect\n"); hostapd_cli_close_connection(); } - if (!ctrl_conn) { - ctrl_conn = hostapd_cli_open_connection(ctrl_ifname); - if (ctrl_conn) { - printf("Connection to hostapd re-established\n"); - if (wpa_ctrl_attach(ctrl_conn) == 0) { - hostapd_cli_attached = 1; - register_event_handler(ctrl_conn); - } else { - printf("Warning: Failed to attach to " - "hostapd.\n"); - } - } - } + if (!ctrl_conn && hostapd_cli_reconnect(ctrl_ifname) == 0) + printf("Connection to hostapd re-established\n"); if (ctrl_conn) hostapd_cli_recv_pending(ctrl_conn, 1, 0); eloop_register_timeout(ping_interval, 0, hostapd_cli_ping, NULL, NULL); @@ -1611,17 +1891,34 @@ static char ** hostapd_cli_edit_completion_cb(void *ctx, const char *str, static void hostapd_cli_interactive(void) { + char *hfile = NULL; + char *home; + printf("\nInteractive mode\n\n"); +#ifdef CONFIG_HOSTAPD_CLI_HISTORY_DIR + home = CONFIG_HOSTAPD_CLI_HISTORY_DIR; +#else /* CONFIG_HOSTAPD_CLI_HISTORY_DIR */ + home = getenv("HOME"); +#endif /* CONFIG_HOSTAPD_CLI_HISTORY_DIR */ + if (home) { + const char *fname = ".hostapd_cli_history"; + int hfile_len = os_strlen(home) + 1 + os_strlen(fname) + 1; + hfile = os_malloc(hfile_len); + if (hfile) + os_snprintf(hfile, hfile_len, "%s/%s", home, fname); + } + eloop_register_signal_terminate(hostapd_cli_eloop_terminate, NULL); edit_init(hostapd_cli_edit_cmd_cb, hostapd_cli_edit_eof_cb, - hostapd_cli_edit_completion_cb, NULL, NULL, NULL); + hostapd_cli_edit_completion_cb, NULL, hfile, NULL); eloop_register_timeout(ping_interval, 0, hostapd_cli_ping, NULL, NULL); eloop_run(); cli_txt_list_flush(&stations); - edit_deinit(NULL, NULL); + edit_deinit(hfile, NULL); + os_free(hfile); eloop_cancel_timeout(hostapd_cli_ping, NULL, NULL); } @@ -1748,7 +2045,7 @@ int main(int argc, char *argv[]) closedir(dir); } } - ctrl_conn = hostapd_cli_open_connection(ctrl_ifname); + hostapd_cli_reconnect(ctrl_ifname); if (ctrl_conn) { if (warning_displayed) printf("Connection established.\n"); @@ -1769,17 +2066,8 @@ int main(int argc, char *argv[]) continue; } - if (interactive || action_file) { - if (wpa_ctrl_attach(ctrl_conn) == 0) { - hostapd_cli_attached = 1; - register_event_handler(ctrl_conn); - } else { - printf("Warning: Failed to attach to hostapd.\n"); - if (action_file) - return -1; - } - } - + if (action_file && !hostapd_cli_attached) + return -1; if (daemonize && os_daemonize(pid_file) && eloop_sock_requeue()) return -1; diff --git a/contrib/wpa/hostapd/main.c b/contrib/wpa/hostapd/main.c index 2c8dbd30a274..414dfe4241e0 100644 --- a/contrib/wpa/hostapd/main.c +++ b/contrib/wpa/hostapd/main.c @@ -1,6 +1,6 @@ /* * hostapd / main() - * Copyright (c) 2002-2016, Jouni Malinen <j@w1.fi> + * Copyright (c) 2002-2018, Jouni Malinen <j@w1.fi> * * This software may be distributed under the terms of the BSD license. * See README for more details. @@ -24,6 +24,7 @@ #include "ap/hostapd.h" #include "ap/ap_config.h" #include "ap/ap_drv_ops.h" +#include "ap/dpp_hostapd.h" #include "fst/fst.h" #include "config_file.h" #include "eap_register.h" @@ -108,6 +109,10 @@ static void hostapd_logger_cb(void *ctx, const u8 *addr, unsigned int module, module_str ? module_str : "", module_str ? ": " : "", txt); +#ifdef CONFIG_DEBUG_SYSLOG + if (wpa_debug_syslog) + conf_stdout = 0; +#endif /* CONFIG_DEBUG_SYSLOG */ if ((conf_stdout & module) && level >= conf_stdout_level) { wpa_debug_print_timestamp(); wpa_printf(MSG_INFO, "%s", format); @@ -248,7 +253,7 @@ static int hostapd_driver_init(struct hostapd_iface *iface) * * This function is used to parse configuration file for a full interface (one * or more BSSes sharing the same radio) and allocate memory for the BSS - * interfaces. No actiual driver operations are started. + * interfaces. No actual driver operations are started. */ static struct hostapd_iface * hostapd_interface_init(struct hapd_interfaces *interfaces, const char *if_name, @@ -451,7 +456,7 @@ static void show_version(void) "hostapd v" VERSION_STR "\n" "User space daemon for IEEE 802.11 AP management,\n" "IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator\n" - "Copyright (c) 2002-2016, Jouni Malinen <j@w1.fi> " + "Copyright (c) 2002-2018, Jouni Malinen <j@w1.fi> " "and contributors\n"); } @@ -480,10 +485,13 @@ static void usage(void) " -f log output to debug file instead of stdout\n" #endif /* CONFIG_DEBUG_FILE */ #ifdef CONFIG_DEBUG_LINUX_TRACING - " -T = record to Linux tracing in addition to logging\n" + " -T record to Linux tracing in addition to logging\n" " (records all messages regardless of debug verbosity)\n" #endif /* CONFIG_DEBUG_LINUX_TRACING */ " -i list of interface names to use\n" +#ifdef CONFIG_DEBUG_SYSLOG + " -s log output to syslog instead of stdout\n" +#endif /* CONFIG_DEBUG_SYSLOG */ " -S start all the interfaces synchronously\n" " -t include timestamps in some debug messages\n" " -v show hostapd version\n"); @@ -549,14 +557,14 @@ static int hostapd_get_ctrl_iface_group(struct hapd_interfaces *interfaces, static int hostapd_get_interface_names(char ***if_names, size_t *if_names_size, - char *optarg) + char *arg) { char *if_name, *tmp, **nnames; size_t i; - if (!optarg) + if (!arg) return -1; - if_name = strtok_r(optarg, ",", &tmp); + if_name = strtok_r(arg, ",", &tmp); while (if_name) { nnames = os_realloc_array(*if_names, 1 + *if_names_size, @@ -659,9 +667,15 @@ int main(int argc, char *argv[]) interfaces.global_iface_name = NULL; interfaces.global_ctrl_sock = -1; dl_list_init(&interfaces.global_ctrl_dst); +#ifdef CONFIG_ETH_P_OUI + dl_list_init(&interfaces.eth_p_oui); +#endif /* CONFIG_ETH_P_OUI */ +#ifdef CONFIG_DPP + hostapd_dpp_init_global(&interfaces); +#endif /* CONFIG_DPP */ for (;;) { - c = getopt(argc, argv, "b:Bde:f:hi:KP:STtu:vg:G:"); + c = getopt(argc, argv, "b:Bde:f:hi:KP:sSTtu:vg:G:"); if (c < 0) break; switch (c) { @@ -718,6 +732,11 @@ int main(int argc, char *argv[]) bss_config = tmp_bss; bss_config[num_bss_configs++] = optarg; break; +#ifdef CONFIG_DEBUG_SYSLOG + case 's': + wpa_debug_syslog = 1; + break; +#endif /* CONFIG_DEBUG_SYSLOG */ case 'S': start_ifaces_in_sync = 1; break; @@ -746,6 +765,10 @@ int main(int argc, char *argv[]) wpa_debug_open_file(log_file); else wpa_debug_setup_stdout(); +#ifdef CONFIG_DEBUG_SYSLOG + if (wpa_debug_syslog) + wpa_debug_open_syslog(); +#endif /* CONFIG_DEBUG_SYSLOG */ #ifdef CONFIG_DEBUG_LINUX_TRACING if (enable_trace_dbg) { int tret = wpa_debug_open_linux_tracing(); @@ -877,11 +900,16 @@ int main(int argc, char *argv[]) } os_free(interfaces.iface); +#ifdef CONFIG_DPP + hostapd_dpp_deinit_global(&interfaces); +#endif /* CONFIG_DPP */ + if (interfaces.eloop_initialized) eloop_cancel_timeout(hostapd_periodic, &interfaces, NULL); hostapd_global_deinit(pid_file, interfaces.eloop_initialized); os_free(pid_file); + wpa_debug_close_syslog(); if (log_file) wpa_debug_close_file(); wpa_debug_close_linux_tracing(); diff --git a/contrib/wpa/hs20/client/est.c b/contrib/wpa/hs20/client/est.c index 9f1519bf4e4e..b1aacb8ffbbe 100644 --- a/contrib/wpa/hs20/client/est.c +++ b/contrib/wpa/hs20/client/est.c @@ -666,7 +666,6 @@ int est_simple_enroll(struct hs20_osu_client *ctx, const char *url, char *buf, *resp, *req, *req2; size_t buflen, resp_len, len, pkcs7_len; unsigned char *pkcs7; - FILE *f; char client_cert_buf[200]; char client_key_buf[200]; const char *client_cert = NULL, *client_key = NULL; @@ -721,11 +720,6 @@ int est_simple_enroll(struct hs20_osu_client *ctx, const char *url, return -1; } wpa_printf(MSG_DEBUG, "EST simpleenroll response: %s", resp); - f = fopen("Cert/est-resp.raw", "w"); - if (f) { - fwrite(resp, resp_len, 1, f); - fclose(f); - } pkcs7 = base64_decode((unsigned char *) resp, resp_len, &pkcs7_len); if (pkcs7 == NULL) { diff --git a/contrib/wpa/hs20/client/oma_dm_client.c b/contrib/wpa/hs20/client/oma_dm_client.c index 5854b726dba2..d75c84562aca 100644 --- a/contrib/wpa/hs20/client/oma_dm_client.c +++ b/contrib/wpa/hs20/client/oma_dm_client.c @@ -111,6 +111,12 @@ static xml_node_t * oma_dm_build_hdr(struct hs20_osu_client *ctx, xml_node_t *syncml, *synchdr; xml_namespace_t *ns; + if (!ctx->devid) { + wpa_printf(MSG_ERROR, + "DevId from devinfo.xml is not available - cannot use OMA DM"); + return NULL; + } + syncml = xml_node_create_root(ctx->xml, "SYNCML:SYNCML1.2", NULL, &ns, "SyncML"); diff --git a/contrib/wpa/hs20/client/osu_client.c b/contrib/wpa/hs20/client/osu_client.c index c05c57d44f89..636e10666f8b 100644 --- a/contrib/wpa/hs20/client/osu_client.c +++ b/contrib/wpa/hs20/client/osu_client.c @@ -105,6 +105,35 @@ static int valid_fqdn(const char *fqdn) } +static int android_update_permission(const char *path, mode_t mode) +{ +#ifdef ANDROID + /* we need to change file/folder permission for Android */ + + if (!path) { + wpa_printf(MSG_ERROR, "file path null"); + return -1; + } + + /* Allow processes running with Group ID as AID_WIFI, + * to read files from SP, SP/<fqdn>, Cert and osu-info directories */ + if (chown(path, -1, AID_WIFI)) { + wpa_printf(MSG_INFO, "CTRL: Could not chown directory: %s", + strerror(errno)); + return -1; + } + + if (chmod(path, mode) < 0) { + wpa_printf(MSG_INFO, "CTRL: Could not chmod directory: %s", + strerror(errno)); + return -1; + } +#endif /* ANDROID */ + + return 0; +} + + int osu_get_certificate(struct hs20_osu_client *ctx, xml_node_t *getcert) { xml_node_t *node; @@ -169,6 +198,8 @@ int osu_get_certificate(struct hs20_osu_client *ctx, xml_node_t *getcert) } mkdir("Cert", S_IRWXU); + android_update_permission("Cert", S_IRWXU | S_IRWXG); + if (est_load_cacerts(ctx, url) < 0 || est_build_csr(ctx, url) < 0 || est_simple_enroll(ctx, url, user, pw) < 0) @@ -262,7 +293,6 @@ static int process_est_cert(struct hs20_osu_client *ctx, xml_node_t *cert, unlink("Cert/est-req.b64"); unlink("Cert/est-req.pem"); - unlink("Cert/est-resp.raw"); rmdir("Cert"); return 0; @@ -406,7 +436,7 @@ static int cmd_dl_polupd_ca(struct hs20_osu_client *ctx, const char *pps_fname, if (node == NULL) { wpa_printf(MSG_INFO, "No Policy/PolicyUpdate/TrustRoot/CertURL found from PPS"); xml_node_free(ctx->xml, pps); - return -1; + return -2; } ret = download_cert(ctx, node, ca_fname); @@ -433,7 +463,7 @@ static int cmd_dl_aaa_ca(struct hs20_osu_client *ctx, const char *pps_fname, if (node == NULL) { wpa_printf(MSG_INFO, "No AAAServerTrustRoot/CertURL found from PPS"); xml_node_free(ctx->xml, pps); - return -1; + return -2; } aaa = xml_node_first_child(ctx->xml, node); @@ -455,7 +485,7 @@ static int download_trust_roots(struct hs20_osu_client *ctx, { char *dir, *pos; char fname[300]; - int ret; + int ret, ret1; dir = os_strdup(pps_fname); if (dir == NULL) @@ -470,9 +500,13 @@ static int download_trust_roots(struct hs20_osu_client *ctx, snprintf(fname, sizeof(fname), "%s/ca.pem", dir); ret = cmd_dl_osu_ca(ctx, pps_fname, fname); snprintf(fname, sizeof(fname), "%s/polupd-ca.pem", dir); - cmd_dl_polupd_ca(ctx, pps_fname, fname); + ret1 = cmd_dl_polupd_ca(ctx, pps_fname, fname); + if (ret == 0 && ret1 == -1) + ret = -1; snprintf(fname, sizeof(fname), "%s/aaa-ca.pem", dir); - cmd_dl_aaa_ca(ctx, pps_fname, fname); + ret1 = cmd_dl_aaa_ca(ctx, pps_fname, fname); + if (ret == 0 && ret1 == -1) + ret = -1; os_free(dir); @@ -578,20 +612,8 @@ int hs20_add_pps_mo(struct hs20_osu_client *ctx, const char *uri, } } -#ifdef ANDROID - /* Allow processes running with Group ID as AID_WIFI, - * to read files from SP/<fqdn> directory */ - if (chown(fname, -1, AID_WIFI)) { - wpa_printf(MSG_INFO, "CTRL: Could not chown directory: %s", - strerror(errno)); - /* Try to continue anyway */ - } - if (chmod(fname, S_IRWXU | S_IRGRP | S_IXGRP) < 0) { - wpa_printf(MSG_INFO, "CTRL: Could not chmod directory: %s", - strerror(errno)); - /* Try to continue anyway */ - } -#endif /* ANDROID */ + android_update_permission("SP", S_IRWXU | S_IRGRP | S_IXGRP); + android_update_permission(fname, S_IRWXU | S_IRGRP | S_IXGRP); snprintf(fname, fname_len, "SP/%s/pps.xml", fqdn); @@ -1213,8 +1235,7 @@ static void set_pps_cred_home_sp_oi(struct hs20_osu_client *ctx, int id, homeoi) < 0) wpa_printf(MSG_INFO, "Failed to set cred required_roaming_consortium"); } else { - if (set_cred_quoted(ctx->ifname, id, "roaming_consortium", - homeoi) < 0) + if (set_cred(ctx->ifname, id, "roaming_consortium", homeoi) < 0) wpa_printf(MSG_INFO, "Failed to set cred roaming_consortium"); } @@ -1289,7 +1310,9 @@ static void set_pps_cred_home_sp_roaming_consortium_oi( if (str == NULL) return; wpa_printf(MSG_INFO, "- HomeSP/RoamingConsortiumOI = %s", str); - /* TODO: Set to wpa_supplicant */ + if (set_cred_quoted(ctx->ifname, id, "roaming_consortiums", + str) < 0) + wpa_printf(MSG_INFO, "Failed to set cred roaming_consortiums"); xml_node_get_text_free(ctx->xml, str); } @@ -1442,10 +1465,92 @@ static void set_pps_cred_able_to_share(struct hs20_osu_client *ctx, int id, } +static void set_pps_cred_eap_method_eap_type(struct hs20_osu_client *ctx, + int id, xml_node_t *node) +{ + char *str = xml_node_get_text(ctx->xml, node); + int type; + const char *eap_method = NULL; + + if (!str) + return; + wpa_printf(MSG_INFO, + "- Credential/UsernamePassword/EAPMethod/EAPType = %s", str); + type = atoi(str); + switch (type) { + case EAP_TYPE_TLS: + eap_method = "TLS"; + break; + case EAP_TYPE_TTLS: + eap_method = "TTLS"; + break; + case EAP_TYPE_PEAP: + eap_method = "PEAP"; + break; + case EAP_TYPE_PWD: + eap_method = "PWD"; + break; + } + xml_node_get_text_free(ctx->xml, str); + if (!eap_method) { + wpa_printf(MSG_INFO, "Unknown EAPType value"); + return; + } + + if (set_cred(ctx->ifname, id, "eap", eap_method) < 0) + wpa_printf(MSG_INFO, "Failed to set cred eap"); +} + + +static void set_pps_cred_eap_method_inner_method(struct hs20_osu_client *ctx, + int id, xml_node_t *node) +{ + char *str = xml_node_get_text(ctx->xml, node); + const char *phase2 = NULL; + + if (!str) + return; + wpa_printf(MSG_INFO, + "- Credential/UsernamePassword/EAPMethod/InnerMethod = %s", + str); + if (os_strcmp(str, "PAP") == 0) + phase2 = "auth=PAP"; + else if (os_strcmp(str, "CHAP") == 0) + phase2 = "auth=CHAP"; + else if (os_strcmp(str, "MS-CHAP") == 0) + phase2 = "auth=MSCHAP"; + else if (os_strcmp(str, "MS-CHAP-V2") == 0) + phase2 = "auth=MSCHAPV2"; + xml_node_get_text_free(ctx->xml, str); + if (!phase2) { + wpa_printf(MSG_INFO, "Unknown InnerMethod value"); + return; + } + + if (set_cred_quoted(ctx->ifname, id, "phase2", phase2) < 0) + wpa_printf(MSG_INFO, "Failed to set cred phase2"); +} + + static void set_pps_cred_eap_method(struct hs20_osu_client *ctx, int id, xml_node_t *node) { - wpa_printf(MSG_INFO, "- Credential/UsernamePassword/EAPMethod - TODO"); + xml_node_t *child; + const char *name; + + wpa_printf(MSG_INFO, "- Credential/UsernamePassword/EAPMethod"); + + xml_node_for_each_child(ctx->xml, child, node) { + xml_node_for_each_check(ctx->xml, child); + name = xml_node_get_localname(ctx->xml, child); + if (os_strcasecmp(name, "EAPType") == 0) + set_pps_cred_eap_method_eap_type(ctx, id, child); + else if (os_strcasecmp(name, "InnerMethod") == 0) + set_pps_cred_eap_method_inner_method(ctx, id, child); + else + wpa_printf(MSG_INFO, "Unknown Credential/UsernamePassword/EAPMethod node '%s'", + name); + } } @@ -1884,7 +1989,9 @@ struct osu_data { char url[256]; unsigned int methods; char osu_ssid[33]; + char osu_ssid2[33]; char osu_nai[256]; + char osu_nai2[256]; struct osu_lang_text friendly_name[MAX_OSU_VALS]; size_t friendly_name_count; struct osu_lang_text serv_desc[MAX_OSU_VALS]; @@ -1943,12 +2050,24 @@ static struct osu_data * parse_osu_providers(const char *fname, size_t *count) continue; } + if (strncmp(buf, "osu_ssid2=", 10) == 0) { + snprintf(last->osu_ssid2, sizeof(last->osu_ssid2), + "%s", buf + 10); + continue; + } + if (os_strncmp(buf, "osu_nai=", 8) == 0) { os_snprintf(last->osu_nai, sizeof(last->osu_nai), "%s", buf + 8); continue; } + if (os_strncmp(buf, "osu_nai2=", 9) == 0) { + os_snprintf(last->osu_nai2, sizeof(last->osu_nai2), + "%s", buf + 9); + continue; + } + if (strncmp(buf, "friendly_name=", 14) == 0) { struct osu_lang_text *txt; if (last->friendly_name_count == MAX_OSU_VALS) @@ -2024,9 +2143,9 @@ static struct osu_data * parse_osu_providers(const char *fname, size_t *count) static int osu_connect(struct hs20_osu_client *ctx, const char *bssid, - const char *ssid, const char *url, + const char *ssid, const char *ssid2, const char *url, unsigned int methods, int no_prod_assoc, - const char *osu_nai) + const char *osu_nai, const char *osu_nai2) { int id; const char *ifname = ctx->ifname; @@ -2034,26 +2153,54 @@ static int osu_connect(struct hs20_osu_client *ctx, const char *bssid, struct wpa_ctrl *mon; int res; + if (ssid2 && ssid2[0] == '\0') + ssid2 = NULL; + + if (ctx->osu_ssid) { + if (os_strcmp(ssid, ctx->osu_ssid) == 0) { + wpa_printf(MSG_DEBUG, + "Enforced OSU SSID matches ANQP info"); + ssid2 = NULL; + } else if (ssid2 && os_strcmp(ssid2, ctx->osu_ssid) == 0) { + wpa_printf(MSG_DEBUG, + "Enforced OSU SSID matches RSN[OSEN] info"); + ssid = ssid2; + } else { + wpa_printf(MSG_INFO, "Enforced OSU SSID did not match"); + write_summary(ctx, "Enforced OSU SSID did not match"); + return -1; + } + } + id = add_network(ifname); if (id < 0) return -1; if (set_network_quoted(ifname, id, "ssid", ssid) < 0) return -1; + if (ssid2) + osu_nai = osu_nai2; if (osu_nai && os_strlen(osu_nai) > 0) { char dir[255], fname[300]; if (getcwd(dir, sizeof(dir)) == NULL) return -1; os_snprintf(fname, sizeof(fname), "%s/osu-ca.pem", dir); + if (ssid2 && set_network_quoted(ifname, id, "ssid", ssid2) < 0) + return -1; + if (set_network(ifname, id, "proto", "OSEN") < 0 || set_network(ifname, id, "key_mgmt", "OSEN") < 0 || set_network(ifname, id, "pairwise", "CCMP") < 0 || - set_network(ifname, id, "group", "GTK_NOT_USED") < 0 || + set_network(ifname, id, "group", "GTK_NOT_USED CCMP") < 0 || set_network(ifname, id, "eap", "WFA-UNAUTH-TLS") < 0 || set_network(ifname, id, "ocsp", "2") < 0 || set_network_quoted(ifname, id, "identity", osu_nai) < 0 || set_network_quoted(ifname, id, "ca_cert", fname) < 0) return -1; + } else if (ssid2) { + wpa_printf(MSG_INFO, "No OSU_NAI set for RSN[OSEN]"); + write_summary(ctx, "No OSU_NAI set for RSN[OSEN]"); + return -1; } else { if (set_network(ifname, id, "key_mgmt", "NONE") < 0) return -1; @@ -2134,7 +2281,7 @@ static int cmd_osu_select(struct hs20_osu_client *ctx, const char *dir, char fname[255]; FILE *f; struct osu_data *osu = NULL, *last = NULL; - size_t osu_count, i, j; + size_t osu_count = 0, i, j; int ret; write_summary(ctx, "OSU provider selection"); @@ -2229,8 +2376,12 @@ static int cmd_osu_select(struct hs20_osu_client *ctx, const char *dir, fprintf(f, "</table></a><br><small>BSSID: %s<br>\n" "SSID: %s<br>\n", last->bssid, last->osu_ssid); + if (last->osu_ssid2[0]) + fprintf(f, "SSID2: %s<br>\n", last->osu_ssid2); if (last->osu_nai[0]) fprintf(f, "NAI: %s<br>\n", last->osu_nai); + if (last->osu_nai2[0]) + fprintf(f, "NAI2: %s<br>\n", last->osu_nai2); fprintf(f, "URL: %s<br>\n" "methods:%s%s<br>\n" "</small></p>\n", @@ -2257,6 +2408,8 @@ selected: ret = 0; wpa_printf(MSG_INFO, "BSSID: %s", last->bssid); wpa_printf(MSG_INFO, "SSID: %s", last->osu_ssid); + if (last->osu_ssid2[0]) + wpa_printf(MSG_INFO, "SSID2: %s", last->osu_ssid2); wpa_printf(MSG_INFO, "URL: %s", last->url); write_summary(ctx, "Selected OSU provider id=%d BSSID=%s SSID=%s URL=%s", ret, last->bssid, last->osu_ssid, last->url); @@ -2311,10 +2464,13 @@ selected: "No supported OSU provisioning method"); ret = -1; } - } else if (connect) + } else if (connect) { ret = osu_connect(ctx, last->bssid, last->osu_ssid, + last->osu_ssid2, last->url, last->methods, - no_prod_assoc, last->osu_nai); + no_prod_assoc, last->osu_nai, + last->osu_nai2); + } } else ret = -1; @@ -2346,15 +2502,7 @@ static int cmd_signup(struct hs20_osu_client *ctx, int no_prod_assoc, return -1; } -#ifdef ANDROID - /* Allow processes running with Group ID as AID_WIFI - * to read/write files from osu-info directory - */ - if (chown(fname, -1, AID_WIFI)) { - wpa_printf(MSG_INFO, "Could not chown osu-info directory: %s", - strerror(errno)); - } -#endif /* ANDROID */ + android_update_permission(fname, S_IRWXU | S_IRWXG | S_IROTH | S_IXOTH); snprintf(buf, sizeof(buf), "SET osu_dir %s", fname); if (wpa_command(ifname, buf) < 0) { @@ -2920,24 +3068,17 @@ static int init_ctx(struct hs20_osu_client *ctx) return -1; devinfo = node_from_file(ctx->xml, "devinfo.xml"); - if (!devinfo) { - wpa_printf(MSG_ERROR, "devinfo.xml not found"); - return -1; - } - - devid = get_node(ctx->xml, devinfo, "DevId"); - if (devid) { - char *tmp = xml_node_get_text(ctx->xml, devid); - if (tmp) { - ctx->devid = os_strdup(tmp); - xml_node_get_text_free(ctx->xml, tmp); + if (devinfo) { + devid = get_node(ctx->xml, devinfo, "DevId"); + if (devid) { + char *tmp = xml_node_get_text(ctx->xml, devid); + + if (tmp) { + ctx->devid = os_strdup(tmp); + xml_node_get_text_free(ctx->xml, tmp); + } } - } - xml_node_free(ctx->xml, devinfo); - - if (ctx->devid == NULL) { - wpa_printf(MSG_ERROR, "Could not fetch DevId from devinfo.xml"); - return -1; + xml_node_free(ctx->xml, devinfo); } ctx->http = http_init_ctx(ctx, ctx->xml); @@ -3040,7 +3181,7 @@ int main(int argc, char *argv[]) return -1; for (;;) { - c = getopt(argc, argv, "df:hKNO:qr:s:S:tw:x:"); + c = getopt(argc, argv, "df:hKNo:O:qr:s:S:tw:x:"); if (c < 0) break; switch (c) { @@ -3057,6 +3198,9 @@ int main(int argc, char *argv[]) case 'N': no_prod_assoc = 1; break; + case 'o': + ctx.osu_ssid = optarg; + break; case 'O': friendly_name = optarg; break; diff --git a/contrib/wpa/hs20/client/osu_client.h b/contrib/wpa/hs20/client/osu_client.h index 9a7059edfddb..5c8e6d00b6bb 100644 --- a/contrib/wpa/hs20/client/osu_client.h +++ b/contrib/wpa/hs20/client/osu_client.h @@ -47,6 +47,7 @@ struct hs20_osu_client { int client_cert_present; char **server_dnsname; size_t server_dnsname_count; + const char *osu_ssid; /* Enforced OSU_SSID for testing purposes */ #define WORKAROUND_OCSP_OPTIONAL 0x00000001 unsigned long int workarounds; }; diff --git a/contrib/wpa/src/ap/acs.c b/contrib/wpa/src/ap/acs.c index 5e8380535854..6d4c0416dd42 100644 --- a/contrib/wpa/src/ap/acs.c +++ b/contrib/wpa/src/ap/acs.c @@ -260,7 +260,7 @@ static void acs_clean_chan_surveys(struct hostapd_channel_data *chan) } -static void acs_cleanup(struct hostapd_iface *iface) +void acs_cleanup(struct hostapd_iface *iface) { int i; struct hostapd_channel_data *chan; @@ -314,7 +314,7 @@ acs_survey_interference_factor(struct freq_survey *survey, s8 min_nf) /* TODO: figure out the best multiplier for noise floor base */ factor = pow(10, survey->nf / 5.0L) + - (busy / total) * + (total ? (busy / total) : 0) * pow(2, pow(10, (long double) survey->nf / 10.0L) - pow(10, (long double) min_nf / 10.0L)); @@ -331,10 +331,8 @@ acs_survey_chan_interference_factor(struct hostapd_iface *iface, long double int_factor = 0; unsigned count = 0; - if (dl_list_empty(&chan->survey_list)) - return; - - if (chan->flag & HOSTAPD_CHAN_DISABLED) + if (dl_list_empty(&chan->survey_list) || + (chan->flag & HOSTAPD_CHAN_DISABLED)) return; chan->interference_factor = 0; @@ -359,9 +357,8 @@ acs_survey_chan_interference_factor(struct hostapd_iface *iface, (unsigned long) survey->channel_time_rx); } - if (!count) - return; - chan->interference_factor /= count; + if (count) + chan->interference_factor /= count; } @@ -450,13 +447,9 @@ static int acs_surveys_are_sufficient(struct hostapd_iface *iface) for (i = 0; i < iface->current_mode->num_channels; i++) { chan = &iface->current_mode->channels[i]; - if (chan->flag & HOSTAPD_CHAN_DISABLED) - continue; - - if (!acs_survey_list_is_sufficient(chan)) - continue; - - valid++; + if (!(chan->flag & HOSTAPD_CHAN_DISABLED) && + acs_survey_list_is_sufficient(chan)) + valid++; } /* We need at least survey data for one channel */ @@ -466,13 +459,9 @@ static int acs_surveys_are_sufficient(struct hostapd_iface *iface) static int acs_usable_chan(struct hostapd_channel_data *chan) { - if (dl_list_empty(&chan->survey_list)) - return 0; - if (chan->flag & HOSTAPD_CHAN_DISABLED) - return 0; - if (!acs_survey_list_is_sufficient(chan)) - return 0; - return 1; + return !dl_list_empty(&chan->survey_list) && + !(chan->flag & HOSTAPD_CHAN_DISABLED) && + acs_survey_list_is_sufficient(chan); } @@ -788,10 +777,7 @@ static int acs_study_survey_based(struct hostapd_iface *iface) static int acs_study_options(struct hostapd_iface *iface) { - int err; - - err = acs_study_survey_based(iface); - if (err == 0) + if (acs_study_survey_based(iface) == 0) return 0; /* TODO: If no surveys are available/sufficient this is a good @@ -920,14 +906,11 @@ static int acs_request_scan(struct hostapd_iface *iface) enum hostapd_chan_status acs_init(struct hostapd_iface *iface) { - int err; - wpa_printf(MSG_INFO, "ACS: Automatic channel selection started, this may take a bit"); if (iface->drv_flags & WPA_DRIVER_FLAGS_ACS_OFFLOAD) { wpa_printf(MSG_INFO, "ACS: Offloading to driver"); - err = hostapd_drv_do_acs(iface->bss[0]); - if (err) + if (hostapd_drv_do_acs(iface->bss[0])) return HOSTAPD_CHAN_INVALID; return HOSTAPD_CHAN_ACS; } @@ -937,8 +920,7 @@ enum hostapd_chan_status acs_init(struct hostapd_iface *iface) acs_cleanup(iface); - err = acs_request_scan(iface); - if (err < 0) + if (acs_request_scan(iface) < 0) return HOSTAPD_CHAN_INVALID; hostapd_set_state(iface, HAPD_IFACE_ACS); diff --git a/contrib/wpa/src/ap/acs.h b/contrib/wpa/src/ap/acs.h index fc85259e85d5..ec84f0ee97f3 100644 --- a/contrib/wpa/src/ap/acs.h +++ b/contrib/wpa/src/ap/acs.h @@ -13,6 +13,7 @@ #ifdef CONFIG_ACS enum hostapd_chan_status acs_init(struct hostapd_iface *iface); +void acs_cleanup(struct hostapd_iface *iface); #else /* CONFIG_ACS */ @@ -22,6 +23,10 @@ static inline enum hostapd_chan_status acs_init(struct hostapd_iface *iface) return HOSTAPD_CHAN_INVALID; } +static inline void acs_cleanup(struct hostapd_iface *iface) +{ +} + #endif /* CONFIG_ACS */ #endif /* ACS_H */ diff --git a/contrib/wpa/src/ap/ap_config.c b/contrib/wpa/src/ap/ap_config.c index 228de2baf946..f9b6f295927f 100644 --- a/contrib/wpa/src/ap/ap_config.c +++ b/contrib/wpa/src/ap/ap_config.c @@ -10,9 +10,11 @@ #include "utils/common.h" #include "crypto/sha1.h" +#include "crypto/tls.h" #include "radius/radius_client.h" #include "common/ieee802_11_defs.h" #include "common/eapol_common.h" +#include "common/dhcp.h" #include "eap_common/eap_wsc_common.h" #include "eap_server/eap.h" #include "wpa_auth.h" @@ -36,6 +38,10 @@ static void hostapd_config_free_vlan(struct hostapd_bss_config *bss) } +#ifndef DEFAULT_WPA_DISABLE_EAPOL_KEY_RETRIES +#define DEFAULT_WPA_DISABLE_EAPOL_KEY_RETRIES 0 +#endif /* DEFAULT_WPA_DISABLE_EAPOL_KEY_RETRIES */ + void hostapd_config_defaults_bss(struct hostapd_bss_config *bss) { dl_list_init(&bss->anqp_elem); @@ -55,6 +61,10 @@ void hostapd_config_defaults_bss(struct hostapd_bss_config *bss) bss->wpa_group_rekey = 600; bss->wpa_gmk_rekey = 86400; + bss->wpa_group_update_count = 4; + bss->wpa_pairwise_update_count = 4; + bss->wpa_disable_eapol_key_retries = + DEFAULT_WPA_DISABLE_EAPOL_KEY_RETRIES; bss->wpa_key_mgmt = WPA_KEY_MGMT_PSK; bss->wpa_pairwise = WPA_CIPHER_TKIP; bss->wpa_group = WPA_CIPHER_TKIP; @@ -88,13 +98,39 @@ void hostapd_config_defaults_bss(struct hostapd_bss_config *bss) /* Set to -1 as defaults depends on HT in setup */ bss->wmm_enabled = -1; -#ifdef CONFIG_IEEE80211R +#ifdef CONFIG_IEEE80211R_AP bss->ft_over_ds = 1; -#endif /* CONFIG_IEEE80211R */ + bss->rkh_pos_timeout = 86400; + bss->rkh_neg_timeout = 60; + bss->rkh_pull_timeout = 1000; + bss->rkh_pull_retries = 4; + bss->r0_key_lifetime = 1209600; +#endif /* CONFIG_IEEE80211R_AP */ bss->radius_das_time_window = 300; bss->sae_anti_clogging_threshold = 5; + bss->sae_sync = 5; + + bss->gas_frag_limit = 1400; + +#ifdef CONFIG_FILS + dl_list_init(&bss->fils_realms); + bss->fils_hlp_wait_time = 30; + bss->dhcp_server_port = DHCP_SERVER_PORT; + bss->dhcp_relay_port = DHCP_SERVER_PORT; +#endif /* CONFIG_FILS */ + + bss->broadcast_deauth = 1; + +#ifdef CONFIG_MBO + bss->mbo_cell_data_conn_pref = -1; +#endif /* CONFIG_MBO */ + + /* Disable TLS v1.3 by default for now to avoid interoperability issue. + * This can be enabled by default once the implementation has been fully + * completed and tested with other implementations. */ + bss->tls_flags = TLS_CONN_DISABLE_TLSv1_3; } @@ -192,6 +228,11 @@ struct hostapd_config * hostapd_config_defaults(void) conf->acs_num_scans = 5; #endif /* CONFIG_ACS */ + /* The third octet of the country string uses an ASCII space character + * by default to indicate that the regulations encompass all + * environments for the current frequency band in the country. */ + conf->country[2] = ' '; + return conf; } @@ -329,13 +370,7 @@ int hostapd_setup_wpa_psk(struct hostapd_bss_config *conf) ssid->wpa_psk->group = 1; } - if (ssid->wpa_psk_file) { - if (hostapd_config_read_wpa_psk(ssid->wpa_psk_file, - &conf->ssid)) - return -1; - } - - return 0; + return hostapd_config_read_wpa_psk(ssid->wpa_psk_file, &conf->ssid); } @@ -380,10 +415,23 @@ void hostapd_config_free_eap_user(struct hostapd_eap_user *user) hostapd_config_free_radius_attr(user->accept_attr); os_free(user->identity); bin_clear_free(user->password, user->password_len); + bin_clear_free(user->salt, user->salt_len); os_free(user); } +void hostapd_config_free_eap_users(struct hostapd_eap_user *user) +{ + struct hostapd_eap_user *prev_user; + + while (user) { + prev_user = user; + user = user->next; + hostapd_config_free_eap_user(prev_user); + } +} + + static void hostapd_config_free_wep(struct hostapd_wep_keys *keys) { int i; @@ -420,10 +468,38 @@ static void hostapd_config_free_anqp_elem(struct hostapd_bss_config *conf) } -void hostapd_config_free_bss(struct hostapd_bss_config *conf) +static void hostapd_config_free_fils_realms(struct hostapd_bss_config *conf) { - struct hostapd_eap_user *user, *prev_user; +#ifdef CONFIG_FILS + struct fils_realm *realm; + while ((realm = dl_list_first(&conf->fils_realms, struct fils_realm, + list))) { + dl_list_del(&realm->list); + os_free(realm); + } +#endif /* CONFIG_FILS */ +} + + +static void hostapd_config_free_sae_passwords(struct hostapd_bss_config *conf) +{ + struct sae_password_entry *pw, *tmp; + + pw = conf->sae_passwords; + conf->sae_passwords = NULL; + while (pw) { + tmp = pw; + pw = pw->next; + str_clear_free(tmp->password); + os_free(tmp->identifier); + os_free(tmp); + } +} + + +void hostapd_config_free_bss(struct hostapd_bss_config *conf) +{ if (conf == NULL) return; @@ -436,12 +512,7 @@ void hostapd_config_free_bss(struct hostapd_bss_config *conf) os_free(conf->ssid.vlan_tagged_interface); #endif /* CONFIG_FULL_DYNAMIC_VLAN */ - user = conf->eap_user; - while (user) { - prev_user = user; - user = user->next; - hostapd_config_free_eap_user(prev_user); - } + hostapd_config_free_eap_users(conf->eap_user); os_free(conf->eap_user_sqlite); os_free(conf->eap_req_id_text); @@ -477,7 +548,7 @@ void hostapd_config_free_bss(struct hostapd_bss_config *conf) hostapd_config_free_vlan(conf); os_free(conf->time_zone); -#ifdef CONFIG_IEEE80211R +#ifdef CONFIG_IEEE80211R_AP { struct ft_remote_r0kh *r0kh, *r0kh_prev; struct ft_remote_r1kh *r1kh, *r1kh_prev; @@ -498,7 +569,7 @@ void hostapd_config_free_bss(struct hostapd_bss_config *conf) os_free(r1kh_prev); } } -#endif /* CONFIG_IEEE80211R */ +#endif /* CONFIG_IEEE80211R_AP */ #ifdef CONFIG_WPS os_free(conf->wps_pin_requests); @@ -530,6 +601,7 @@ void hostapd_config_free_bss(struct hostapd_bss_config *conf) os_free(conf->roaming_consortium); os_free(conf->venue_name); + os_free(conf->venue_url); os_free(conf->nai_realm_data); os_free(conf->network_auth_type); os_free(conf->anqp_3gpp_cell_net); @@ -559,17 +631,30 @@ void hostapd_config_free_bss(struct hostapd_bss_config *conf) os_free(p->icons[j]); os_free(p->icons); os_free(p->osu_nai); + os_free(p->osu_nai2); os_free(p->service_desc); } os_free(conf->hs20_osu_providers); } + if (conf->hs20_operator_icon) { + size_t i; + + for (i = 0; i < conf->hs20_operator_icon_count; i++) + os_free(conf->hs20_operator_icon[i]); + os_free(conf->hs20_operator_icon); + } os_free(conf->subscr_remediation_url); + os_free(conf->t_c_filename); + os_free(conf->t_c_server_url); #endif /* CONFIG_HS20 */ wpabuf_free(conf->vendor_elements); wpabuf_free(conf->assocresp_elements); os_free(conf->sae_groups); +#ifdef CONFIG_OWE + os_free(conf->owe_groups); +#endif /* CONFIG_OWE */ os_free(conf->wowlan_triggers); @@ -577,11 +662,22 @@ void hostapd_config_free_bss(struct hostapd_bss_config *conf) #ifdef CONFIG_TESTING_OPTIONS wpabuf_free(conf->own_ie_override); + wpabuf_free(conf->sae_commit_override); #endif /* CONFIG_TESTING_OPTIONS */ os_free(conf->no_probe_resp_if_seen_on); os_free(conf->no_auth_if_seen_on); + hostapd_config_free_fils_realms(conf); + +#ifdef CONFIG_DPP + os_free(conf->dpp_connector); + wpabuf_free(conf->dpp_netaccesskey); + wpabuf_free(conf->dpp_csign); +#endif /* CONFIG_DPP */ + + hostapd_config_free_sae_passwords(conf); + os_free(conf); } @@ -802,7 +898,7 @@ static int hostapd_config_check_bss(struct hostapd_bss_config *bss, } } -#ifdef CONFIG_IEEE80211R +#ifdef CONFIG_IEEE80211R_AP if (full_config && wpa_key_mgmt_ft(bss->wpa_key_mgmt) && (bss->nas_identifier == NULL || os_strlen(bss->nas_identifier) < 1 || @@ -812,7 +908,7 @@ static int hostapd_config_check_bss(struct hostapd_bss_config *bss, "string"); return -1; } -#endif /* CONFIG_IEEE80211R */ +#endif /* CONFIG_IEEE80211R_AP */ #ifdef CONFIG_IEEE80211N if (full_config && conf->ieee80211n && @@ -848,6 +944,16 @@ static int hostapd_config_check_bss(struct hostapd_bss_config *bss, wpa_printf(MSG_ERROR, "VHT (IEEE 802.11ac) with WEP is not allowed, disabling VHT capabilities"); } + + if (full_config && conf->ieee80211ac && bss->wpa && + !(bss->wpa_pairwise & WPA_CIPHER_CCMP) && + !(bss->rsn_pairwise & (WPA_CIPHER_CCMP | WPA_CIPHER_GCMP | + WPA_CIPHER_CCMP_256 | WPA_CIPHER_GCMP_256))) + { + bss->disable_11ac = 1; + wpa_printf(MSG_ERROR, + "VHT (IEEE 802.11ac) with WPA/WPA2 requires CCMP/GCMP to be enabled, disabling VHT capabilities"); + } #endif /* CONFIG_IEEE80211AC */ #ifdef CONFIG_WPS @@ -866,7 +972,9 @@ static int hostapd_config_check_bss(struct hostapd_bss_config *bss, if (full_config && bss->wps_state && bss->wpa && (!(bss->wpa & 2) || - !(bss->rsn_pairwise & (WPA_CIPHER_CCMP | WPA_CIPHER_GCMP)))) { + !(bss->rsn_pairwise & (WPA_CIPHER_CCMP | WPA_CIPHER_GCMP | + WPA_CIPHER_CCMP_256 | + WPA_CIPHER_GCMP_256)))) { wpa_printf(MSG_INFO, "WPS: WPA/TKIP configuration without " "WPA2/CCMP/GCMP forced WPS to be disabled"); bss->wps_state = 0; @@ -976,8 +1084,15 @@ void hostapd_set_security_params(struct hostapd_bss_config *bss, if ((bss->wpa & 2) && bss->rsn_pairwise == 0) bss->rsn_pairwise = bss->wpa_pairwise; - bss->wpa_group = wpa_select_ap_group_cipher(bss->wpa, bss->wpa_pairwise, - bss->rsn_pairwise); + if (bss->group_cipher) + bss->wpa_group = bss->group_cipher; + else + bss->wpa_group = wpa_select_ap_group_cipher(bss->wpa, + bss->wpa_pairwise, + bss->rsn_pairwise); + if (!bss->wpa_group_rekey_set) + bss->wpa_group_rekey = bss->wpa_group == WPA_CIPHER_TKIP ? + 600 : 86400; if (full_config) { bss->radius->auth_server = bss->radius->auth_servers; diff --git a/contrib/wpa/src/ap/ap_config.h b/contrib/wpa/src/ap/ap_config.h index 8c8f7e286bda..778366d49afe 100644 --- a/contrib/wpa/src/ap/ap_config.h +++ b/contrib/wpa/src/ap/ap_config.h @@ -160,6 +160,8 @@ struct hostapd_eap_user { } methods[EAP_MAX_METHODS]; u8 *password; size_t password_len; + u8 *salt; + size_t salt_len; /* non-zero when password is salted */ int phase2; int force_version; unsigned int wildcard_prefix:1; @@ -169,6 +171,7 @@ struct hostapd_eap_user { unsigned int macacl:1; int ttls_auth; /* EAP_TTLS_AUTH_* bitfield */ struct hostapd_radius_attr *accept_attr; + u32 t_c_timestamp; }; struct hostapd_radius_attr { @@ -201,6 +204,12 @@ struct hostapd_lang_string { u8 name[252]; }; +struct hostapd_venue_url { + u8 venue_number; + u8 url_len; + u8 url[254]; +}; + #define MAX_NAI_REALMS 10 #define MAX_NAI_REALMLEN 255 #define MAX_NAI_EAP_METHODS 5 @@ -224,6 +233,18 @@ struct anqp_element { struct wpabuf *payload; }; +struct fils_realm { + struct dl_list list; + u8 hash[2]; + char realm[]; +}; + +struct sae_password_entry { + struct sae_password_entry *next; + char *password; + char *identifier; + u8 peer_addr[ETH_ALEN]; +}; /** * struct hostapd_bss_config - Per-BSS configuration @@ -242,7 +263,8 @@ struct hostapd_bss_config { int max_num_sta; /* maximum number of STAs in station table */ int dtim_period; - int bss_load_update_period; + unsigned int bss_load_update_period; + unsigned int chan_util_avg_period; int ieee802_1x; /* use IEEE 802.1X */ int eapol_version; @@ -287,7 +309,7 @@ struct hostapd_bss_config { char iapp_iface[IFNAMSIZ + 1]; /* interface used with IAPP broadcast * frames */ - enum { + enum macaddr_acl { ACCEPT_UNLESS_DENIED = 0, DENY_UNLESS_ACCEPTED = 1, USE_EXTERNAL_RADIUS_AUTH = 2 @@ -319,27 +341,37 @@ struct hostapd_bss_config { PSK_RADIUS_REQUIRED = 2 } wpa_psk_radius; int wpa_pairwise; + int group_cipher; /* wpa_group value override from configuation */ int wpa_group; int wpa_group_rekey; + int wpa_group_rekey_set; int wpa_strict_rekey; int wpa_gmk_rekey; int wpa_ptk_rekey; + u32 wpa_group_update_count; + u32 wpa_pairwise_update_count; + int wpa_disable_eapol_key_retries; int rsn_pairwise; int rsn_preauth; char *rsn_preauth_interfaces; - int peerkey; -#ifdef CONFIG_IEEE80211R +#ifdef CONFIG_IEEE80211R_AP /* IEEE 802.11r - Fast BSS Transition */ u8 mobility_domain[MOBILITY_DOMAIN_ID_LEN]; u8 r1_key_holder[FT_R1KH_ID_LEN]; - u32 r0_key_lifetime; + u32 r0_key_lifetime; /* PMK-R0 lifetime seconds */ + int rkh_pos_timeout; + int rkh_neg_timeout; + int rkh_pull_timeout; /* ms */ + int rkh_pull_retries; u32 reassociation_deadline; struct ft_remote_r0kh *r0kh_list; struct ft_remote_r1kh *r1kh_list; int pmk_r1_push; int ft_over_ds; -#endif /* CONFIG_IEEE80211R */ + int ft_psk_generate_local; + int r1_max_key_lifetime; +#endif /* CONFIG_IEEE80211R_AP */ char *ctrl_interface; /* directory for UNIX domain sockets */ #ifndef CONFIG_NATIVE_WINDOWS @@ -353,6 +385,7 @@ struct hostapd_bss_config { char *private_key_passwd; int check_crl; unsigned int tls_session_lifetime; + unsigned int tls_flags; char *ocsp_stapling_response; char *ocsp_stapling_response_multi; char *dh_file; @@ -464,6 +497,7 @@ struct hostapd_bss_config { int time_advertisement; char *time_zone; int wnm_sleep_mode; + int wnm_sleep_mode_no_keys; int bss_transition; /* IEEE 802.11u - Interworking */ @@ -486,6 +520,10 @@ struct hostapd_bss_config { unsigned int venue_name_count; struct hostapd_lang_string *venue_name; + /* Venue URL duples */ + unsigned int venue_url_count; + struct hostapd_venue_url *venue_url; + /* IEEE 802.11u - Network Authentication Type */ u8 *network_auth_type; size_t network_auth_type_len; @@ -508,7 +546,7 @@ struct hostapd_bss_config { struct dl_list anqp_elem; /* list of struct anqp_element */ u16 gas_comeback_delay; - int gas_frag_limit; + size_t gas_frag_limit; int gas_address3; u8 qos_map_set[16 + 2 * 21]; @@ -547,13 +585,20 @@ struct hostapd_bss_config { char **icons; size_t icons_count; char *osu_nai; + char *osu_nai2; unsigned int service_desc_count; struct hostapd_lang_string *service_desc; } *hs20_osu_providers, *last_osu; size_t hs20_osu_providers_count; + size_t hs20_osu_providers_nai_count; + char **hs20_operator_icon; + size_t hs20_operator_icon_count; unsigned int hs20_deauth_req_timeout; char *subscr_remediation_url; u8 subscr_remediation_method; + char *t_c_filename; + u32 t_c_timestamp; + char *t_c_server_url; #endif /* CONFIG_HS20 */ u8 wps_rf_bands; /* RF bands for WPS (WPS_RF_*) */ @@ -566,7 +611,10 @@ struct hostapd_bss_config { struct wpabuf *assocresp_elements; unsigned int sae_anti_clogging_threshold; + unsigned int sae_sync; + int sae_require_mfp; int *sae_groups; + struct sae_password_entry *sae_passwords; char *wowlan_triggers; /* Wake-on-WLAN triggers */ @@ -574,6 +622,8 @@ struct hostapd_bss_config { u8 bss_load_test[5]; u8 bss_load_test_set; struct wpabuf *own_ie_override; + int sae_reflection_attack; + struct wpabuf *sae_commit_override; #endif /* CONFIG_TESTING_OPTIONS */ #define MESH_ENABLED BIT(0) @@ -591,12 +641,71 @@ struct hostapd_bss_config { #ifdef CONFIG_MBO int mbo_enabled; + /** + * oce - Enable OCE in AP and/or STA-CFON mode + * - BIT(0) is Reserved + * - Set BIT(1) to enable OCE in STA-CFON mode + * - Set BIT(2) to enable OCE in AP mode + */ + unsigned int oce; + int mbo_cell_data_conn_pref; #endif /* CONFIG_MBO */ int ftm_responder; int ftm_initiator; + +#ifdef CONFIG_FILS + u8 fils_cache_id[FILS_CACHE_ID_LEN]; + int fils_cache_id_set; + struct dl_list fils_realms; /* list of struct fils_realm */ + int fils_dh_group; + struct hostapd_ip_addr dhcp_server; + int dhcp_rapid_commit_proxy; + unsigned int fils_hlp_wait_time; + u16 dhcp_server_port; + u16 dhcp_relay_port; +#endif /* CONFIG_FILS */ + + int multicast_to_unicast; + + int broadcast_deauth; + +#ifdef CONFIG_DPP + char *dpp_connector; + struct wpabuf *dpp_netaccesskey; + unsigned int dpp_netaccesskey_expiry; + struct wpabuf *dpp_csign; +#endif /* CONFIG_DPP */ + +#ifdef CONFIG_OWE + macaddr owe_transition_bssid; + u8 owe_transition_ssid[SSID_MAX_LEN]; + size_t owe_transition_ssid_len; + char owe_transition_ifname[IFNAMSIZ + 1]; + int *owe_groups; +#endif /* CONFIG_OWE */ + + int coloc_intf_reporting; +}; + +/** + * struct he_phy_capabilities_info - HE PHY capabilities + */ +struct he_phy_capabilities_info { + Boolean he_su_beamformer; + Boolean he_su_beamformee; + Boolean he_mu_beamformer; }; +/** + * struct he_operation - HE operation + */ +struct he_operation { + u8 he_bss_color; + u8 he_default_pe_duration; + u8 he_twt_required; + u8 he_rts_threshold; +}; /** * struct hostapd_config - Per-radio interface configuration @@ -612,6 +721,7 @@ struct hostapd_config { u8 channel; u8 acs; struct wpa_freq_range_list acs_ch_list; + int acs_exclude_dfs; enum hostapd_hw_mode hw_mode; /* HOSTAPD_MODE_IEEE80211A, .. */ enum { LONG_PREAMBLE = 0, @@ -620,6 +730,8 @@ struct hostapd_config { int *supported_rates; int *basic_rates; + unsigned int beacon_rate; + enum beacon_rate_type rate_type; const struct wpa_driver_ops *driver; char *driver_params; @@ -635,6 +747,9 @@ struct hostapd_config { * ' ' (ascii 32): all environments * 'O': Outdoor environemnt only * 'I': Indoor environment only + * 'X': Used with noncountry entity ("XXX") + * 0x00..0x31: identifying IEEE 802.11 standard + * Annex E table (0x04 = global table) */ int ieee80211d; @@ -675,6 +790,7 @@ struct hostapd_config { u8 vht_oper_chwidth; u8 vht_oper_centr_freq_seg0_idx; u8 vht_oper_centr_freq_seg1_idx; + u8 ht40_plus_minus_allowed; /* Use driver-generated interface addresses when adding multiple BSSs */ u8 use_driver_iface_addr; @@ -707,6 +823,18 @@ struct hostapd_config { struct wpabuf *lci; struct wpabuf *civic; + int stationary_ap; + + int ieee80211ax; +#ifdef CONFIG_IEEE80211AX + struct he_phy_capabilities_info he_phy_capab; + struct he_operation he_op; +#endif /* CONFIG_IEEE80211AX */ + + /* VHT enable/disable config from CHAN_SWITCH */ +#define CH_SWITCH_VHT_ENABLED BIT(0) +#define CH_SWITCH_VHT_DISABLED BIT(1) + unsigned int ch_switch_vht_config; }; @@ -714,6 +842,7 @@ int hostapd_mac_comp(const void *a, const void *b); struct hostapd_config * hostapd_config_defaults(void); void hostapd_config_defaults_bss(struct hostapd_bss_config *bss); void hostapd_config_free_eap_user(struct hostapd_eap_user *user); +void hostapd_config_free_eap_users(struct hostapd_eap_user *user); void hostapd_config_clear_wpa_psk(struct hostapd_wpa_psk **p); void hostapd_config_free_bss(struct hostapd_bss_config *conf); void hostapd_config_free(struct hostapd_config *conf); diff --git a/contrib/wpa/src/ap/ap_drv_ops.c b/contrib/wpa/src/ap/ap_drv_ops.c index f1394654d3a8..067cf863e84c 100644 --- a/contrib/wpa/src/ap/ap_drv_ops.c +++ b/contrib/wpa/src/ap/ap_drv_ops.c @@ -19,6 +19,7 @@ #include "ap_config.h" #include "p2p_hostapd.h" #include "hs20.h" +#include "wpa_auth.h" #include "ap_drv_ops.h" @@ -99,6 +100,13 @@ int hostapd_build_ap_extra_ies(struct hostapd_data *hapd, goto fail; #endif /* CONFIG_FST */ +#ifdef CONFIG_FILS + pos = hostapd_eid_fils_indic(hapd, buf, 0); + if (add_buf_data(&beacon, buf, pos - buf) < 0 || + add_buf_data(&proberesp, buf, pos - buf) < 0) + goto fail; +#endif /* CONFIG_FILS */ + if (add_buf(&beacon, hapd->wps_beacon_ie) < 0 || add_buf(&proberesp, hapd->wps_probe_resp_ie) < 0) goto fail; @@ -168,7 +176,8 @@ int hostapd_build_ap_extra_ies(struct hostapd_data *hapd, #endif /* CONFIG_HS20 */ #ifdef CONFIG_MBO - if (hapd->conf->mbo_enabled) { + if (hapd->conf->mbo_enabled || + OCE_STA_CFON_ENABLED(hapd) || OCE_AP_ENABLED(hapd)) { pos = hostapd_eid_mbo(hapd, buf, sizeof(buf)); if (add_buf_data(&beacon, buf, pos - buf) < 0 || add_buf_data(&proberesp, buf, pos - buf) < 0 || @@ -177,6 +186,13 @@ int hostapd_build_ap_extra_ies(struct hostapd_data *hapd, } #endif /* CONFIG_MBO */ +#ifdef CONFIG_OWE + pos = hostapd_eid_owe_trans(hapd, buf, sizeof(buf)); + if (add_buf_data(&beacon, buf, pos - buf) < 0 || + add_buf_data(&proberesp, buf, pos - buf) < 0) + goto fail; +#endif /* CONFIG_OWE */ + add_buf(&beacon, hapd->conf->vendor_elements); add_buf(&proberesp, hapd->conf->vendor_elements); add_buf(&assocresp, hapd->conf->assocresp_elements); @@ -340,10 +356,44 @@ int hostapd_add_sta_node(struct hostapd_data *hapd, const u8 *addr, int hostapd_sta_auth(struct hostapd_data *hapd, const u8 *addr, u16 seq, u16 status, const u8 *ie, size_t len) { + struct wpa_driver_sta_auth_params params; +#ifdef CONFIG_FILS + struct sta_info *sta; +#endif /* CONFIG_FILS */ + if (hapd->driver == NULL || hapd->driver->sta_auth == NULL) return 0; - return hapd->driver->sta_auth(hapd->drv_priv, hapd->own_addr, addr, - seq, status, ie, len); + + os_memset(¶ms, 0, sizeof(params)); + +#ifdef CONFIG_FILS + sta = ap_get_sta(hapd, addr); + if (!sta) { + wpa_printf(MSG_DEBUG, "Station " MACSTR + " not found for sta_auth processing", + MAC2STR(addr)); + return 0; + } + + if (sta->auth_alg == WLAN_AUTH_FILS_SK || + sta->auth_alg == WLAN_AUTH_FILS_SK_PFS || + sta->auth_alg == WLAN_AUTH_FILS_PK) { + params.fils_auth = 1; + wpa_auth_get_fils_aead_params(sta->wpa_sm, params.fils_anonce, + params.fils_snonce, + params.fils_kek, + ¶ms.fils_kek_len); + } +#endif /* CONFIG_FILS */ + + params.own_addr = hapd->own_addr; + params.addr = addr; + params.seq = seq; + params.status = status; + params.ie = ie; + params.len = len; + + return hapd->driver->sta_auth(hapd->drv_priv, ¶ms); } @@ -554,13 +604,13 @@ int hostapd_set_tx_queue_params(struct hostapd_data *hapd, int queue, int aifs, struct hostapd_hw_modes * hostapd_get_hw_feature_data(struct hostapd_data *hapd, u16 *num_modes, - u16 *flags) + u16 *flags, u8 *dfs_domain) { if (hapd->driver == NULL || hapd->driver->get_hw_feature_data == NULL) return NULL; return hapd->driver->get_hw_feature_data(hapd->drv_priv, num_modes, - flags); + flags, dfs_domain); } @@ -694,6 +744,15 @@ int hostapd_drv_send_action(struct hostapd_data *hapd, unsigned int freq, sta = ap_get_sta(hapd, dst); if (!sta || !(sta->flags & WLAN_STA_ASSOC)) bssid = wildcard_bssid; + } else if (is_broadcast_ether_addr(dst) && + len > 0 && data[0] == WLAN_ACTION_PUBLIC) { + /* + * The only current use case of Public Action frames with + * broadcast destination address is DPP PKEX. That case is + * directing all devices and not just the STAs within the BSS, + * so have to use the wildcard BSSID value. + */ + bssid = wildcard_bssid; } return hapd->driver->send_action(hapd->drv_priv, freq, wait, dst, hapd->own_addr, bssid, data, len, 0); @@ -774,7 +833,9 @@ static void hostapd_get_hw_mode_any_channels(struct hostapd_data *hapd, if ((acs_ch_list_all || freq_range_list_includes(&hapd->iface->conf->acs_ch_list, chan->chan)) && - !(chan->flag & HOSTAPD_CHAN_DISABLED)) + !(chan->flag & HOSTAPD_CHAN_DISABLED) && + !(hapd->iface->conf->acs_exclude_dfs && + (chan->flag & HOSTAPD_CHAN_RADAR))) int_array_add_unique(freq_list, chan->freq); } } @@ -829,6 +890,9 @@ int hostapd_drv_do_acs(struct hostapd_data *hapd) &hapd->iface->conf->acs_ch_list, chan->chan)) continue; + if (hapd->iface->conf->acs_exclude_dfs && + (chan->flag & HOSTAPD_CHAN_RADAR)) + continue; if (!(chan->flag & HOSTAPD_CHAN_DISABLED)) { channels[num_channels++] = chan->chan; int_array_add_unique(&freq_list, chan->freq); diff --git a/contrib/wpa/src/ap/ap_drv_ops.h b/contrib/wpa/src/ap/ap_drv_ops.h index 0bb7954ec061..db93fde7d6e3 100644 --- a/contrib/wpa/src/ap/ap_drv_ops.h +++ b/contrib/wpa/src/ap/ap_drv_ops.h @@ -72,7 +72,7 @@ int hostapd_set_tx_queue_params(struct hostapd_data *hapd, int queue, int aifs, int cw_min, int cw_max, int burst_time); struct hostapd_hw_modes * hostapd_get_hw_feature_data(struct hostapd_data *hapd, u16 *num_modes, - u16 *flags); + u16 *flags, u8 *dfs_domain); int hostapd_driver_commit(struct hostapd_data *hapd); int hostapd_drv_none(struct hostapd_data *hapd); int hostapd_driver_scan(struct hostapd_data *hapd, @@ -103,6 +103,14 @@ int hostapd_drv_send_action_addr3_ap(struct hostapd_data *hapd, unsigned int freq, unsigned int wait, const u8 *dst, const u8 *data, size_t len); +static inline void +hostapd_drv_send_action_cancel_wait(struct hostapd_data *hapd) +{ + if (!hapd->driver || !hapd->driver->send_action_cancel_wait || + !hapd->drv_priv) + return; + hapd->driver->send_action_cancel_wait(hapd->drv_priv); +} int hostapd_add_sta_node(struct hostapd_data *hapd, const u8 *addr, u16 auth_alg); int hostapd_sta_auth(struct hostapd_data *hapd, const u8 *addr, @@ -274,8 +282,9 @@ static inline const char * hostapd_drv_get_radio_name(struct hostapd_data *hapd) static inline int hostapd_drv_switch_channel(struct hostapd_data *hapd, struct csa_settings *settings) { - if (hapd->driver == NULL || hapd->driver->switch_channel == NULL) - return -ENOTSUP; + if (hapd->driver == NULL || hapd->driver->switch_channel == NULL || + hapd->drv_priv == NULL) + return -1; return hapd->driver->switch_channel(hapd->drv_priv, settings); } diff --git a/contrib/wpa/src/ap/ap_mlme.c b/contrib/wpa/src/ap/ap_mlme.c index e7308a01d743..db8a26759c28 100644 --- a/contrib/wpa/src/ap/ap_mlme.c +++ b/contrib/wpa/src/ap/ap_mlme.c @@ -57,7 +57,11 @@ void mlme_authenticate_indication(struct hostapd_data *hapd, HOSTAPD_LEVEL_DEBUG, "MLME-AUTHENTICATE.indication(" MACSTR ", %s)", MAC2STR(sta->addr), mlme_auth_alg_str(sta->auth_alg)); - if (sta->auth_alg != WLAN_AUTH_FT && !(sta->flags & WLAN_STA_MFP)) + if (sta->auth_alg != WLAN_AUTH_FT && + sta->auth_alg != WLAN_AUTH_FILS_SK && + sta->auth_alg != WLAN_AUTH_FILS_SK_PFS && + sta->auth_alg != WLAN_AUTH_FILS_PK && + !(sta->flags & WLAN_STA_MFP)) mlme_deletekeys_request(hapd, sta); ap_sta_clear_disconnect_timeouts(hapd, sta); } @@ -105,7 +109,10 @@ void mlme_associate_indication(struct hostapd_data *hapd, struct sta_info *sta) HOSTAPD_LEVEL_DEBUG, "MLME-ASSOCIATE.indication(" MACSTR ")", MAC2STR(sta->addr)); - if (sta->auth_alg != WLAN_AUTH_FT) + if (sta->auth_alg != WLAN_AUTH_FT && + sta->auth_alg != WLAN_AUTH_FILS_SK && + sta->auth_alg != WLAN_AUTH_FILS_SK_PFS && + sta->auth_alg != WLAN_AUTH_FILS_PK) mlme_deletekeys_request(hapd, sta); ap_sta_clear_disconnect_timeouts(hapd, sta); } @@ -130,7 +137,10 @@ void mlme_reassociate_indication(struct hostapd_data *hapd, HOSTAPD_LEVEL_DEBUG, "MLME-REASSOCIATE.indication(" MACSTR ")", MAC2STR(sta->addr)); - if (sta->auth_alg != WLAN_AUTH_FT) + if (sta->auth_alg != WLAN_AUTH_FT && + sta->auth_alg != WLAN_AUTH_FILS_SK && + sta->auth_alg != WLAN_AUTH_FILS_SK_PFS && + sta->auth_alg != WLAN_AUTH_FILS_PK) mlme_deletekeys_request(hapd, sta); ap_sta_clear_disconnect_timeouts(hapd, sta); } diff --git a/contrib/wpa/src/ap/authsrv.c b/contrib/wpa/src/ap/authsrv.c index cdb49cdd9d32..95d004ed2b16 100644 --- a/contrib/wpa/src/ap/authsrv.c +++ b/contrib/wpa/src/ap/authsrv.c @@ -71,19 +71,26 @@ static int hostapd_radius_get_eap_user(void *ctx, const u8 *identity, } if (eap_user->password) { - user->password = os_malloc(eap_user->password_len); + user->password = os_memdup(eap_user->password, + eap_user->password_len); if (user->password == NULL) goto out; - os_memcpy(user->password, eap_user->password, - eap_user->password_len); user->password_len = eap_user->password_len; user->password_hash = eap_user->password_hash; + if (eap_user->salt && eap_user->salt_len) { + user->salt = os_memdup(eap_user->salt, + eap_user->salt_len); + if (!user->salt) + goto out; + user->salt_len = eap_user->salt_len; + } } user->force_version = eap_user->force_version; user->macacl = eap_user->macacl; user->ttls_auth = eap_user->ttls_auth; user->remediation = eap_user->remediation; user->accept_attr = eap_user->accept_attr; + user->t_c_timestamp = eap_user->t_c_timestamp; rv = 0; out: @@ -129,10 +136,12 @@ static int hostapd_setup_radius_srv(struct hostapd_data *hapd) #ifdef CONFIG_HS20 srv.subscr_remediation_url = conf->subscr_remediation_url; srv.subscr_remediation_method = conf->subscr_remediation_method; + srv.t_c_server_url = conf->t_c_server_url; #endif /* CONFIG_HS20 */ srv.erp = conf->eap_server_erp; srv.erp_domain = conf->erp_domain; srv.tls_session_lifetime = conf->tls_session_lifetime; + srv.tls_flags = conf->tls_flags; hapd->radius_srv = radius_server_init(&srv); if (hapd->radius_srv == NULL) { @@ -146,6 +155,40 @@ static int hostapd_setup_radius_srv(struct hostapd_data *hapd) #endif /* RADIUS_SERVER */ +#ifdef EAP_TLS_FUNCS +static void authsrv_tls_event(void *ctx, enum tls_event ev, + union tls_event_data *data) +{ + switch (ev) { + case TLS_CERT_CHAIN_SUCCESS: + wpa_printf(MSG_DEBUG, "authsrv: remote certificate verification success"); + break; + case TLS_CERT_CHAIN_FAILURE: + wpa_printf(MSG_INFO, "authsrv: certificate chain failure: reason=%d depth=%d subject='%s' err='%s'", + data->cert_fail.reason, + data->cert_fail.depth, + data->cert_fail.subject, + data->cert_fail.reason_txt); + break; + case TLS_PEER_CERTIFICATE: + wpa_printf(MSG_DEBUG, "authsrv: peer certificate: depth=%d serial_num=%s subject=%s", + data->peer_cert.depth, + data->peer_cert.serial_num ? data->peer_cert.serial_num : "N/A", + data->peer_cert.subject); + break; + case TLS_ALERT: + if (data->alert.is_local) + wpa_printf(MSG_DEBUG, "authsrv: local TLS alert: %s", + data->alert.description); + else + wpa_printf(MSG_DEBUG, "authsrv: remote TLS alert: %s", + data->alert.description); + break; + } +} +#endif /* EAP_TLS_FUNCS */ + + int authsrv_init(struct hostapd_data *hapd) { #ifdef EAP_TLS_FUNCS @@ -157,6 +200,9 @@ int authsrv_init(struct hostapd_data *hapd) os_memset(&conf, 0, sizeof(conf)); conf.tls_session_lifetime = hapd->conf->tls_session_lifetime; + conf.tls_flags = hapd->conf->tls_flags; + conf.event_cb = authsrv_tls_event; + conf.cb_ctx = hapd; hapd->ssl_ctx = tls_init(&conf); if (hapd->ssl_ctx == NULL) { wpa_printf(MSG_ERROR, "Failed to initialize TLS"); diff --git a/contrib/wpa/src/ap/beacon.c b/contrib/wpa/src/ap/beacon.c index 233320d2e978..59bd4af395d7 100644 --- a/contrib/wpa/src/ap/beacon.c +++ b/contrib/wpa/src/ap/beacon.c @@ -16,6 +16,7 @@ #include "common/ieee802_11_defs.h" #include "common/ieee802_11_common.h" #include "common/hw_features_common.h" +#include "common/wpa_ctrl.h" #include "wps/wps_defs.h" #include "p2p/p2p.h" #include "hostapd.h" @@ -30,6 +31,7 @@ #include "hs20.h" #include "dfs.h" #include "taxonomy.h" +#include "ieee802_11_auth.h" #ifdef NEED_AP_MLME @@ -392,7 +394,15 @@ static u8 * hostapd_gen_probe_resp(struct hostapd_data *hapd, 2 + sizeof(struct ieee80211_vht_operation); } +#ifdef CONFIG_IEEE80211AX + if (hapd->iconf->ieee80211ax) { + buflen += 3 + sizeof(struct ieee80211_he_capabilities) + + 3 + sizeof(struct ieee80211_he_operation); + } +#endif /* CONFIG_IEEE80211AX */ + buflen += hostapd_mbo_ie_len(hapd); + buflen += hostapd_eid_owe_trans_len(hapd); resp = os_zalloc(buflen); if (resp == NULL) @@ -443,8 +453,9 @@ static u8 * hostapd_gen_probe_resp(struct hostapd_data *hapd, /* Extended supported rates */ pos = hostapd_eid_ext_supp_rates(hapd, pos); - /* RSN, MDIE, WPA */ - pos = hostapd_eid_wpa(hapd, pos, epos - pos); + /* RSN, MDIE */ + if (hapd->conf->wpa != WPA_PROTO_WPA) + pos = hostapd_eid_wpa(hapd, pos, epos - pos); pos = hostapd_eid_bss_load(hapd, pos, epos - pos); @@ -491,10 +502,26 @@ static u8 * hostapd_gen_probe_resp(struct hostapd_data *hapd, pos = hostapd_eid_txpower_envelope(hapd, pos); pos = hostapd_eid_wb_chsw_wrapper(hapd, pos); } +#endif /* CONFIG_IEEE80211AC */ + + pos = hostapd_eid_fils_indic(hapd, pos, 0); + +#ifdef CONFIG_IEEE80211AX + if (hapd->iconf->ieee80211ax) { + pos = hostapd_eid_he_capab(hapd, pos); + pos = hostapd_eid_he_operation(hapd, pos); + } +#endif /* CONFIG_IEEE80211AX */ + +#ifdef CONFIG_IEEE80211AC if (hapd->conf->vendor_vht) pos = hostapd_eid_vendor_vht(hapd, pos); #endif /* CONFIG_IEEE80211AC */ + /* WPA */ + if (hapd->conf->wpa == WPA_PROTO_WPA) + pos = hostapd_eid_wpa(hapd, pos, epos - pos); + /* Wi-Fi Alliance WMM */ pos = hostapd_eid_wmm(hapd, pos); @@ -526,6 +553,7 @@ static u8 * hostapd_gen_probe_resp(struct hostapd_data *hapd, #endif /* CONFIG_HS20 */ pos = hostapd_eid_mbo(hapd, pos, (u8 *) resp + buflen - pos); + pos = hostapd_eid_owe_trans(hapd, pos, (u8 *) resp + buflen - pos); if (hapd->conf->vendor_elements) { os_memcpy(pos, wpabuf_head(hapd->conf->vendor_elements), @@ -618,7 +646,7 @@ static struct hostapd_sta_info * sta_track_get(struct hostapd_iface *iface, } -void sta_track_add(struct hostapd_iface *iface, const u8 *addr) +void sta_track_add(struct hostapd_iface *iface, const u8 *addr, int ssi_signal) { struct hostapd_sta_info *info; @@ -628,6 +656,7 @@ void sta_track_add(struct hostapd_iface *iface, const u8 *addr) dl_list_del(&info->list); dl_list_add_tail(&iface->sta_seen, &info->list); os_get_reltime(&info->last_seen); + info->ssi_signal = ssi_signal; return; } @@ -637,6 +666,7 @@ void sta_track_add(struct hostapd_iface *iface, const u8 *addr) return; os_memcpy(info->addr, addr, ETH_ALEN); os_get_reltime(&info->last_seen); + info->ssi_signal = ssi_signal; if (iface->num_sta_seen >= iface->conf->track_sta_max_num) { /* Expire oldest entry to make room for a new one */ @@ -707,14 +737,30 @@ void handle_probe_req(struct hostapd_data *hapd, int ret; u16 csa_offs[2]; size_t csa_offs_len; + u32 session_timeout, acct_interim_interval; + struct vlan_description vlan_id; + struct hostapd_sta_wpa_psk_short *psk = NULL; + char *identity = NULL; + char *radius_cui = NULL; if (len < IEEE80211_HDRLEN) return; ie = ((const u8 *) mgmt) + IEEE80211_HDRLEN; if (hapd->iconf->track_sta_max_num) - sta_track_add(hapd->iface, mgmt->sa); + sta_track_add(hapd->iface, mgmt->sa, ssi_signal); ie_len = len - IEEE80211_HDRLEN; + ret = ieee802_11_allowed_address(hapd, mgmt->sa, (const u8 *) mgmt, len, + &session_timeout, + &acct_interim_interval, &vlan_id, + &psk, &identity, &radius_cui, 1); + if (ret == HOSTAPD_ACL_REJECT) { + wpa_msg(hapd->msg_ctx, MSG_DEBUG, + "Ignore Probe Request frame from " MACSTR + " due to ACL reject ", MAC2STR(mgmt->sa)); + return; + } + for (i = 0; hapd->probereq_cb && i < hapd->num_probereq_cb; i++) if (hapd->probereq_cb[i].cb(hapd->probereq_cb[i].ctx, mgmt->sa, mgmt->da, mgmt->bssid, @@ -909,6 +955,9 @@ void handle_probe_req(struct hostapd_data *hapd, } #endif /* CONFIG_TESTING_OPTIONS */ + wpa_msg_ctrl(hapd->msg_ctx, MSG_INFO, RX_PROBE_REQUEST "sa=" MACSTR + " signal=%d", MAC2STR(mgmt->sa), ssi_signal); + resp = hostapd_gen_probe_resp(hapd, mgmt, elems.p2p != NULL, &resp_len); if (resp == NULL) @@ -1033,7 +1082,15 @@ int ieee802_11_build_ap_params(struct hostapd_data *hapd, } #endif /* CONFIG_IEEE80211AC */ +#ifdef CONFIG_IEEE80211AX + if (hapd->iconf->ieee80211ax) { + tail_len += 3 + sizeof(struct ieee80211_he_capabilities) + + 3 + sizeof(struct ieee80211_he_operation); + } +#endif /* CONFIG_IEEE80211AX */ + tail_len += hostapd_mbo_ie_len(hapd); + tail_len += hostapd_eid_owe_trans_len(hapd); tailpos = tail = os_malloc(tail_len); if (head == NULL || tail == NULL) { @@ -1100,9 +1157,11 @@ int ieee802_11_build_ap_params(struct hostapd_data *hapd, /* Extended supported rates */ tailpos = hostapd_eid_ext_supp_rates(hapd, tailpos); - /* RSN, MDIE, WPA */ - tailpos = hostapd_eid_wpa(hapd, tailpos, tail + BEACON_TAIL_BUF_SIZE - - tailpos); + /* RSN, MDIE */ + if (hapd->conf->wpa != WPA_PROTO_WPA) + tailpos = hostapd_eid_wpa(hapd, tailpos, + tail + BEACON_TAIL_BUF_SIZE - + tailpos); tailpos = hostapd_eid_rm_enabled_capab(hapd, tailpos, tail + BEACON_TAIL_BUF_SIZE - @@ -1155,10 +1214,28 @@ int ieee802_11_build_ap_params(struct hostapd_data *hapd, tailpos = hostapd_eid_txpower_envelope(hapd, tailpos); tailpos = hostapd_eid_wb_chsw_wrapper(hapd, tailpos); } +#endif /* CONFIG_IEEE80211AC */ + + tailpos = hostapd_eid_fils_indic(hapd, tailpos, 0); + +#ifdef CONFIG_IEEE80211AX + if (hapd->iconf->ieee80211ax) { + tailpos = hostapd_eid_he_capab(hapd, tailpos); + tailpos = hostapd_eid_he_operation(hapd, tailpos); + } +#endif /* CONFIG_IEEE80211AX */ + +#ifdef CONFIG_IEEE80211AC if (hapd->conf->vendor_vht) tailpos = hostapd_eid_vendor_vht(hapd, tailpos); #endif /* CONFIG_IEEE80211AC */ + /* WPA */ + if (hapd->conf->wpa == WPA_PROTO_WPA) + tailpos = hostapd_eid_wpa(hapd, tailpos, + tail + BEACON_TAIL_BUF_SIZE - + tailpos); + /* Wi-Fi Alliance WMM */ tailpos = hostapd_eid_wmm(hapd, tailpos); @@ -1189,6 +1266,8 @@ int ieee802_11_build_ap_params(struct hostapd_data *hapd, #endif /* CONFIG_HS20 */ tailpos = hostapd_eid_mbo(hapd, tailpos, tail + tail_len - tailpos); + tailpos = hostapd_eid_owe_trans(hapd, tailpos, + tail + tail_len - tailpos); if (hapd->conf->vendor_elements) { os_memcpy(tailpos, wpabuf_head(hapd->conf->vendor_elements), @@ -1211,6 +1290,8 @@ int ieee802_11_build_ap_params(struct hostapd_data *hapd, params->dtim_period = hapd->conf->dtim_period; params->beacon_int = hapd->iconf->beacon_int; params->basic_rates = hapd->iface->basic_rates; + params->beacon_rate = hapd->iconf->beacon_rate; + params->rate_type = hapd->iconf->rate_type; params->ssid = hapd->conf->ssid.ssid; params->ssid_len = hapd->conf->ssid.ssid_len; if ((hapd->conf->wpa & (WPA_PROTO_WPA | WPA_PROTO_RSN)) == @@ -1274,6 +1355,7 @@ int ieee802_11_build_ap_params(struct hostapd_data *hapd, params->osen = 1; } #endif /* CONFIG_HS20 */ + params->multicast_to_unicast = hapd->conf->multicast_to_unicast; params->pbss = hapd->conf->pbss; return 0; } diff --git a/contrib/wpa/src/ap/beacon.h b/contrib/wpa/src/ap/beacon.h index fc711815cf65..a26e30879cf5 100644 --- a/contrib/wpa/src/ap/beacon.h +++ b/contrib/wpa/src/ap/beacon.h @@ -21,7 +21,7 @@ int ieee802_11_update_beacons(struct hostapd_iface *iface); int ieee802_11_build_ap_params(struct hostapd_data *hapd, struct wpa_driver_ap_params *params); void ieee802_11_free_ap_params(struct wpa_driver_ap_params *params); -void sta_track_add(struct hostapd_iface *iface, const u8 *addr); +void sta_track_add(struct hostapd_iface *iface, const u8 *addr, int ssi_signal); void sta_track_del(struct hostapd_sta_info *info); void sta_track_expire(struct hostapd_iface *iface, int force); struct hostapd_data * diff --git a/contrib/wpa/src/ap/bss_load.c b/contrib/wpa/src/ap/bss_load.c index fb639423230c..725d3cd3469b 100644 --- a/contrib/wpa/src/ap/bss_load.c +++ b/contrib/wpa/src/ap/bss_load.c @@ -16,11 +16,35 @@ #include "beacon.h" +static int get_bss_load_update_timeout(struct hostapd_data *hapd, + unsigned int *sec, unsigned int *usec) +{ + unsigned int update_period = hapd->conf->bss_load_update_period; + unsigned int beacon_int = hapd->iconf->beacon_int; + unsigned int update_timeout; + + if (!update_period || !beacon_int) { + wpa_printf(MSG_ERROR, + "BSS Load: Invalid BSS load update configuration (period=%u beacon_int=%u)", + update_period, beacon_int); + return -1; + } + + update_timeout = update_period * beacon_int; + + *sec = ((update_timeout / 1000) * 1024) / 1000; + *usec = (update_timeout % 1000) * 1024; + + return 0; +} + + static void update_channel_utilization(void *eloop_data, void *user_data) { struct hostapd_data *hapd = eloop_data; unsigned int sec, usec; int err; + struct hostapd_iface *iface = hapd->iface; if (!(hapd->beacon_set_done && hapd->started)) return; @@ -33,8 +57,24 @@ static void update_channel_utilization(void *eloop_data, void *user_data) ieee802_11_set_beacon(hapd); - sec = ((hapd->bss_load_update_timeout / 1000) * 1024) / 1000; - usec = (hapd->bss_load_update_timeout % 1000) * 1024; + if (get_bss_load_update_timeout(hapd, &sec, &usec) < 0) + return; + + if (hapd->conf->chan_util_avg_period) { + iface->chan_util_samples_sum += iface->channel_utilization; + iface->chan_util_num_sample_periods += + hapd->conf->bss_load_update_period; + if (iface->chan_util_num_sample_periods >= + hapd->conf->chan_util_avg_period) { + iface->chan_util_average = + iface->chan_util_samples_sum / + (iface->chan_util_num_sample_periods / + hapd->conf->bss_load_update_period); + iface->chan_util_samples_sum = 0; + iface->chan_util_num_sample_periods = 0; + } + } + eloop_register_timeout(sec, usec, update_channel_utilization, hapd, NULL); } @@ -42,17 +82,11 @@ static void update_channel_utilization(void *eloop_data, void *user_data) int bss_load_update_init(struct hostapd_data *hapd) { - struct hostapd_bss_config *conf = hapd->conf; - struct hostapd_config *iconf = hapd->iconf; unsigned int sec, usec; - if (!conf->bss_load_update_period || !iconf->beacon_int) + if (get_bss_load_update_timeout(hapd, &sec, &usec) < 0) return -1; - hapd->bss_load_update_timeout = conf->bss_load_update_period * - iconf->beacon_int; - sec = ((hapd->bss_load_update_timeout / 1000) * 1024) / 1000; - usec = (hapd->bss_load_update_timeout % 1000) * 1024; eloop_register_timeout(sec, usec, update_channel_utilization, hapd, NULL); return 0; diff --git a/contrib/wpa/src/ap/ctrl_iface_ap.c b/contrib/wpa/src/ap/ctrl_iface_ap.c index 3680fda3153f..21b813ee18d7 100644 --- a/contrib/wpa/src/ap/ctrl_iface_ap.c +++ b/contrib/wpa/src/ap/ctrl_iface_ap.c @@ -26,23 +26,141 @@ #include "taxonomy.h" +static size_t hostapd_write_ht_mcs_bitmask(char *buf, size_t buflen, + size_t curr_len, const u8 *mcs_set) +{ + int ret; + size_t len = curr_len; + + ret = os_snprintf(buf + len, buflen - len, + "ht_mcs_bitmask="); + if (os_snprintf_error(buflen - len, ret)) + return len; + len += ret; + + /* 77 first bits (+ 3 reserved bits) */ + len += wpa_snprintf_hex(buf + len, buflen - len, mcs_set, 10); + + ret = os_snprintf(buf + len, buflen - len, "\n"); + if (os_snprintf_error(buflen - len, ret)) + return curr_len; + len += ret; + + return len; +} + + static int hostapd_get_sta_tx_rx(struct hostapd_data *hapd, struct sta_info *sta, char *buf, size_t buflen) { struct hostap_sta_driver_data data; int ret; + int len = 0; if (hostapd_drv_read_sta_data(hapd, &data, sta->addr) < 0) return 0; ret = os_snprintf(buf, buflen, "rx_packets=%lu\ntx_packets=%lu\n" - "rx_bytes=%llu\ntx_bytes=%llu\ninactive_msec=%lu\n", + "rx_bytes=%llu\ntx_bytes=%llu\ninactive_msec=%lu\n" + "signal=%d\n", data.rx_packets, data.tx_packets, - data.rx_bytes, data.tx_bytes, data.inactive_msec); + data.rx_bytes, data.tx_bytes, data.inactive_msec, + data.signal); if (os_snprintf_error(buflen, ret)) return 0; - return ret; + len += ret; + + ret = os_snprintf(buf + len, buflen - len, "rx_rate_info=%lu", + data.current_rx_rate); + if (os_snprintf_error(buflen - len, ret)) + return len; + len += ret; + if (data.flags & STA_DRV_DATA_RX_MCS) { + ret = os_snprintf(buf + len, buflen - len, " mcs %u", + data.rx_mcs); + if (!os_snprintf_error(buflen - len, ret)) + len += ret; + } + if (data.flags & STA_DRV_DATA_RX_VHT_MCS) { + ret = os_snprintf(buf + len, buflen - len, " vhtmcs %u", + data.rx_vhtmcs); + if (!os_snprintf_error(buflen - len, ret)) + len += ret; + } + if (data.flags & STA_DRV_DATA_RX_VHT_NSS) { + ret = os_snprintf(buf + len, buflen - len, " vhtnss %u", + data.rx_vht_nss); + if (!os_snprintf_error(buflen - len, ret)) + len += ret; + } + if (data.flags & STA_DRV_DATA_RX_SHORT_GI) { + ret = os_snprintf(buf + len, buflen - len, " shortGI"); + if (!os_snprintf_error(buflen - len, ret)) + len += ret; + } + ret = os_snprintf(buf + len, buflen - len, "\n"); + if (!os_snprintf_error(buflen - len, ret)) + len += ret; + + ret = os_snprintf(buf + len, buflen - len, "tx_rate_info=%lu", + data.current_tx_rate); + if (os_snprintf_error(buflen - len, ret)) + return len; + len += ret; + if (data.flags & STA_DRV_DATA_TX_MCS) { + ret = os_snprintf(buf + len, buflen - len, " mcs %u", + data.tx_mcs); + if (!os_snprintf_error(buflen - len, ret)) + len += ret; + } + if (data.flags & STA_DRV_DATA_TX_VHT_MCS) { + ret = os_snprintf(buf + len, buflen - len, " vhtmcs %u", + data.tx_vhtmcs); + if (!os_snprintf_error(buflen - len, ret)) + len += ret; + } + if (data.flags & STA_DRV_DATA_TX_VHT_NSS) { + ret = os_snprintf(buf + len, buflen - len, " vhtnss %u", + data.tx_vht_nss); + if (!os_snprintf_error(buflen - len, ret)) + len += ret; + } + if (data.flags & STA_DRV_DATA_TX_SHORT_GI) { + ret = os_snprintf(buf + len, buflen - len, " shortGI"); + if (!os_snprintf_error(buflen - len, ret)) + len += ret; + } + ret = os_snprintf(buf + len, buflen - len, "\n"); + if (!os_snprintf_error(buflen - len, ret)) + len += ret; + + if ((sta->flags & WLAN_STA_VHT) && sta->vht_capabilities) { + ret = os_snprintf(buf + len, buflen - len, + "rx_vht_mcs_map=%04x\n" + "tx_vht_mcs_map=%04x\n", + le_to_host16(sta->vht_capabilities-> + vht_supported_mcs_set.rx_map), + le_to_host16(sta->vht_capabilities-> + vht_supported_mcs_set.tx_map)); + if (!os_snprintf_error(buflen - len, ret)) + len += ret; + } + + if ((sta->flags & WLAN_STA_HT) && sta->ht_capabilities) { + len = hostapd_write_ht_mcs_bitmask(buf, buflen, len, + sta->ht_capabilities-> + supported_mcs_set); + } + + if (data.flags & STA_DRV_DATA_LAST_ACK_RSSI) { + ret = os_snprintf(buf + len, buflen - len, + "last_ack_signal=%d\n", data.last_ack_rssi); + if (!os_snprintf_error(buflen - len, ret)) + len += ret; + } + + return len; } @@ -176,6 +294,53 @@ static int hostapd_ctrl_iface_sta_mib(struct hostapd_data *hapd, len += os_snprintf(buf + len, buflen - len, "\n"); } + if (sta->power_capab) { + ret = os_snprintf(buf + len, buflen - len, + "min_txpower=%d\n" + "max_txpower=%d\n", + sta->min_tx_power, sta->max_tx_power); + if (!os_snprintf_error(buflen - len, ret)) + len += ret; + } + +#ifdef CONFIG_IEEE80211AC + if ((sta->flags & WLAN_STA_VHT) && sta->vht_capabilities) { + res = os_snprintf(buf + len, buflen - len, + "vht_caps_info=0x%08x\n", + le_to_host32(sta->vht_capabilities-> + vht_capabilities_info)); + if (!os_snprintf_error(buflen - len, res)) + len += res; + } +#endif /* CONFIG_IEEE80211AC */ + +#ifdef CONFIG_IEEE80211N + if ((sta->flags & WLAN_STA_HT) && sta->ht_capabilities) { + res = os_snprintf(buf + len, buflen - len, + "ht_caps_info=0x%04x\n", + le_to_host16(sta->ht_capabilities-> + ht_capabilities_info)); + if (!os_snprintf_error(buflen - len, res)) + len += res; + } +#endif /* CONFIG_IEEE80211N */ + + if (sta->ext_capability && + buflen - len > (unsigned) (11 + 2 * sta->ext_capability[0])) { + len += os_snprintf(buf + len, buflen - len, "ext_capab="); + len += wpa_snprintf_hex(buf + len, buflen - len, + sta->ext_capability + 1, + sta->ext_capability[0]); + len += os_snprintf(buf + len, buflen - len, "\n"); + } + + if (sta->flags & WLAN_STA_WDS && sta->ifname_wds) { + ret = os_snprintf(buf + len, buflen - len, + "wds_sta_ifname=%s\n", sta->ifname_wds); + if (!os_snprintf_error(buflen - len, ret)) + len += ret; + } + return len; } @@ -477,7 +642,8 @@ int hostapd_ctrl_iface_status(struct hostapd_data *hapd, char *buf, size_t buflen) { struct hostapd_iface *iface = hapd->iface; - int len = 0, ret; + struct hostapd_hw_modes *mode = iface->current_mode; + int len = 0, ret, j; size_t i; ret = os_snprintf(buf + len, buflen - len, @@ -537,13 +703,17 @@ int hostapd_ctrl_iface_status(struct hostapd_data *hapd, char *buf, "channel=%u\n" "secondary_channel=%d\n" "ieee80211n=%d\n" - "ieee80211ac=%d\n", + "ieee80211ac=%d\n" + "beacon_int=%u\n" + "dtim_period=%d\n", iface->conf->channel, iface->conf->ieee80211n && !hapd->conf->disable_11n ? iface->conf->secondary_channel : 0, iface->conf->ieee80211n && !hapd->conf->disable_11n, iface->conf->ieee80211ac && - !hapd->conf->disable_11ac); + !hapd->conf->disable_11ac, + iface->conf->beacon_int, + hapd->conf->dtim_period); if (os_snprintf_error(buflen - len, ret)) return len; len += ret; @@ -551,15 +721,76 @@ int hostapd_ctrl_iface_status(struct hostapd_data *hapd, char *buf, ret = os_snprintf(buf + len, buflen - len, "vht_oper_chwidth=%d\n" "vht_oper_centr_freq_seg0_idx=%d\n" - "vht_oper_centr_freq_seg1_idx=%d\n", + "vht_oper_centr_freq_seg1_idx=%d\n" + "vht_caps_info=%08x\n", iface->conf->vht_oper_chwidth, iface->conf->vht_oper_centr_freq_seg0_idx, - iface->conf->vht_oper_centr_freq_seg1_idx); + iface->conf->vht_oper_centr_freq_seg1_idx, + iface->conf->vht_capab); + if (os_snprintf_error(buflen - len, ret)) + return len; + len += ret; + } + + if (iface->conf->ieee80211ac && !hapd->conf->disable_11ac && mode) { + u16 rxmap = WPA_GET_LE16(&mode->vht_mcs_set[0]); + u16 txmap = WPA_GET_LE16(&mode->vht_mcs_set[4]); + + ret = os_snprintf(buf + len, buflen - len, + "rx_vht_mcs_map=%04x\n" + "tx_vht_mcs_map=%04x\n", + rxmap, txmap); + if (os_snprintf_error(buflen - len, ret)) + return len; + len += ret; + } + + if (iface->conf->ieee80211n && !hapd->conf->disable_11n) { + ret = os_snprintf(buf + len, buflen - len, + "ht_caps_info=%04x\n", + hapd->iconf->ht_capab); + if (os_snprintf_error(buflen - len, ret)) + return len; + len += ret; + } + + if (iface->conf->ieee80211n && !hapd->conf->disable_11n && mode) { + len = hostapd_write_ht_mcs_bitmask(buf, buflen, len, + mode->mcs_set); + } + + if (iface->current_rates && iface->num_rates) { + ret = os_snprintf(buf + len, buflen - len, "supported_rates="); + if (os_snprintf_error(buflen - len, ret)) + return len; + len += ret; + + for (j = 0; j < iface->num_rates; j++) { + ret = os_snprintf(buf + len, buflen - len, "%s%02x", + j > 0 ? " " : "", + iface->current_rates[j].rate / 5); + if (os_snprintf_error(buflen - len, ret)) + return len; + len += ret; + } + ret = os_snprintf(buf + len, buflen - len, "\n"); if (os_snprintf_error(buflen - len, ret)) return len; len += ret; } + for (j = 0; mode && j < mode->num_channels; j++) { + if (mode->channels[j].freq == iface->freq) { + ret = os_snprintf(buf + len, buflen - len, + "max_txpower=%u\n", + mode->channels[j].max_tx_power); + if (os_snprintf_error(buflen - len, ret)) + return len; + len += ret; + break; + } + } + for (i = 0; i < iface->num_bss; i++) { struct hostapd_data *bss = iface->bss[i]; ret = os_snprintf(buf + len, buflen - len, @@ -578,6 +809,15 @@ int hostapd_ctrl_iface_status(struct hostapd_data *hapd, char *buf, len += ret; } + if (hapd->conf->chan_util_avg_period) { + ret = os_snprintf(buf + len, buflen - len, + "chan_util_avg=%u\n", + iface->chan_util_average); + if (os_snprintf_error(buflen - len, ret)) + return len; + len += ret; + } + return len; } @@ -639,3 +879,108 @@ void hostapd_ctrl_iface_pmksa_flush(struct hostapd_data *hapd) { wpa_auth_pmksa_flush(hapd->wpa_auth); } + + +int hostapd_ctrl_iface_pmksa_add(struct hostapd_data *hapd, char *cmd) +{ + u8 spa[ETH_ALEN]; + u8 pmkid[PMKID_LEN]; + u8 pmk[PMK_LEN_MAX]; + size_t pmk_len; + char *pos, *pos2; + int akmp = 0, expiration = 0; + + /* + * Entry format: + * <STA addr> <PMKID> <PMK> <expiration in seconds> <akmp> + */ + + if (hwaddr_aton(cmd, spa)) + return -1; + + pos = os_strchr(cmd, ' '); + if (!pos) + return -1; + pos++; + + if (hexstr2bin(pos, pmkid, PMKID_LEN) < 0) + return -1; + + pos = os_strchr(pos, ' '); + if (!pos) + return -1; + pos++; + + pos2 = os_strchr(pos, ' '); + if (!pos2) + return -1; + pmk_len = (pos2 - pos) / 2; + if (pmk_len < PMK_LEN || pmk_len > PMK_LEN_MAX || + hexstr2bin(pos, pmk, pmk_len) < 0) + return -1; + + pos = pos2 + 1; + + if (sscanf(pos, "%d %d", &expiration, &akmp) != 2) + return -1; + + return wpa_auth_pmksa_add2(hapd->wpa_auth, spa, pmk, pmk_len, + pmkid, expiration, akmp); +} + + +#ifdef CONFIG_PMKSA_CACHE_EXTERNAL +#ifdef CONFIG_MESH + +int hostapd_ctrl_iface_pmksa_list_mesh(struct hostapd_data *hapd, + const u8 *addr, char *buf, size_t len) +{ + return wpa_auth_pmksa_list_mesh(hapd->wpa_auth, addr, buf, len); +} + + +void * hostapd_ctrl_iface_pmksa_create_entry(const u8 *aa, char *cmd) +{ + u8 spa[ETH_ALEN]; + u8 pmkid[PMKID_LEN]; + u8 pmk[PMK_LEN_MAX]; + char *pos; + int expiration; + + /* + * Entry format: + * <BSSID> <PMKID> <PMK> <expiration in seconds> + */ + + if (hwaddr_aton(cmd, spa)) + return NULL; + + pos = os_strchr(cmd, ' '); + if (!pos) + return NULL; + pos++; + + if (hexstr2bin(pos, pmkid, PMKID_LEN) < 0) + return NULL; + + pos = os_strchr(pos, ' '); + if (!pos) + return NULL; + pos++; + + if (hexstr2bin(pos, pmk, PMK_LEN) < 0) + return NULL; + + pos = os_strchr(pos, ' '); + if (!pos) + return NULL; + pos++; + + if (sscanf(pos, "%d", &expiration) != 1) + return NULL; + + return wpa_auth_pmksa_create_entry(aa, spa, pmk, pmkid, expiration); +} + +#endif /* CONFIG_MESH */ +#endif /* CONFIG_PMKSA_CACHE_EXTERNAL */ diff --git a/contrib/wpa/src/ap/ctrl_iface_ap.h b/contrib/wpa/src/ap/ctrl_iface_ap.h index 4f996800f132..d1dcebfb957d 100644 --- a/contrib/wpa/src/ap/ctrl_iface_ap.h +++ b/contrib/wpa/src/ap/ctrl_iface_ap.h @@ -32,5 +32,9 @@ int hostapd_ctrl_iface_stop_ap(struct hostapd_data *hapd); int hostapd_ctrl_iface_pmksa_list(struct hostapd_data *hapd, char *buf, size_t len); void hostapd_ctrl_iface_pmksa_flush(struct hostapd_data *hapd); +int hostapd_ctrl_iface_pmksa_add(struct hostapd_data *hapd, char *cmd); +int hostapd_ctrl_iface_pmksa_list_mesh(struct hostapd_data *hapd, + const u8 *addr, char *buf, size_t len); +void * hostapd_ctrl_iface_pmksa_create_entry(const u8 *aa, char *cmd); #endif /* CTRL_IFACE_AP_H */ diff --git a/contrib/wpa/src/ap/dfs.c b/contrib/wpa/src/ap/dfs.c index 47adba7ef726..993dd19c2cb0 100644 --- a/contrib/wpa/src/ap/dfs.c +++ b/contrib/wpa/src/ap/dfs.c @@ -1,7 +1,7 @@ /* * DFS - Dynamic Frequency Selection * Copyright (c) 2002-2013, Jouni Malinen <j@w1.fi> - * Copyright (c) 2013-2015, Qualcomm Atheros, Inc. + * Copyright (c) 2013-2017, Qualcomm Atheros, Inc. * * This software may be distributed under the terms of the BSD license. * See README for more details. @@ -747,6 +747,23 @@ int hostapd_handle_dfs(struct hostapd_iface *iface) } +static int hostapd_config_dfs_chan_available(struct hostapd_iface *iface) +{ + int n_chans, n_chans1, start_chan_idx, start_chan_idx1; + + /* Get the start (first) channel for current configuration */ + start_chan_idx = dfs_get_start_chan_idx(iface, &start_chan_idx1); + if (start_chan_idx < 0) + return 0; + + /* Get the number of used channels, depending on width */ + n_chans = dfs_get_used_n_chans(iface, &n_chans1); + + /* Check if all channels are DFS available */ + return dfs_check_chans_available(iface, start_chan_idx, n_chans); +} + + int hostapd_dfs_complete_cac(struct hostapd_iface *iface, int success, int freq, int ht_enabled, int chan_offset, int chan_width, int cf1, int cf2) @@ -767,8 +784,21 @@ int hostapd_dfs_complete_cac(struct hostapd_iface *iface, int success, int freq, set_dfs_state(iface, freq, ht_enabled, chan_offset, chan_width, cf1, cf2, HOSTAPD_CHAN_DFS_AVAILABLE); - iface->cac_started = 0; - hostapd_setup_interface_complete(iface, 0); + /* + * Just mark the channel available when CAC completion + * event is received in enabled state. CAC result could + * have been propagated from another radio having the + * same regulatory configuration. When CAC completion is + * received during non-HAPD_IFACE_ENABLED state, make + * sure the configured channel is available because this + * CAC completion event could have been propagated from + * another radio. + */ + if (iface->state != HAPD_IFACE_ENABLED && + hostapd_config_dfs_chan_available(iface)) { + hostapd_setup_interface_complete(iface, 0); + iface->cac_started = 0; + } } } @@ -776,6 +806,25 @@ int hostapd_dfs_complete_cac(struct hostapd_iface *iface, int success, int freq, } +int hostapd_dfs_pre_cac_expired(struct hostapd_iface *iface, int freq, + int ht_enabled, int chan_offset, int chan_width, + int cf1, int cf2) +{ + wpa_msg(iface->bss[0]->msg_ctx, MSG_INFO, DFS_EVENT_PRE_CAC_EXPIRED + "freq=%d ht_enabled=%d chan_offset=%d chan_width=%d cf1=%d cf2=%d", + freq, ht_enabled, chan_offset, chan_width, cf1, cf2); + + /* Proceed only if DFS is not offloaded to the driver */ + if (iface->drv_flags & WPA_DRIVER_FLAGS_DFS_OFFLOAD) + return 0; + + set_dfs_state(iface, freq, ht_enabled, chan_offset, chan_width, + cf1, cf2, HOSTAPD_CHAN_DFS_USABLE); + + return 0; +} + + static int hostapd_dfs_start_channel_switch_cac(struct hostapd_iface *iface) { struct hostapd_channel_data *channel; @@ -840,6 +889,13 @@ static int hostapd_dfs_start_channel_switch(struct hostapd_iface *iface) if (iface->cac_started) return hostapd_dfs_start_channel_switch_cac(iface); + /* + * Allow selection of DFS channel in ETSI to comply with + * uniform spreading. + */ + if (iface->dfs_domain == HOSTAPD_DFS_REGION_ETSI) + skip_radar = 0; + /* Perform channel switch/CSA */ channel = dfs_get_valid_channel(iface, &secondary_channel, &vht_oper_centr_freq_seg0_idx, @@ -1055,7 +1111,8 @@ int hostapd_handle_dfs_offload(struct hostapd_iface *iface) return 1; } - if (ieee80211_is_dfs(iface->freq)) { + if (ieee80211_is_dfs(iface->freq, iface->hw_features, + iface->num_hw_features)) { wpa_printf(MSG_DEBUG, "%s: freq %d MHz requires DFS", __func__, iface->freq); return 0; diff --git a/contrib/wpa/src/ap/dfs.h b/contrib/wpa/src/ap/dfs.h index be8c0e6001c9..f0fa6f688037 100644 --- a/contrib/wpa/src/ap/dfs.h +++ b/contrib/wpa/src/ap/dfs.h @@ -1,7 +1,7 @@ /* * DFS - Dynamic Frequency Selection * Copyright (c) 2002-2013, Jouni Malinen <j@w1.fi> - * Copyright (c) 2013, Qualcomm Atheros, Inc. + * Copyright (c) 2013-2017, Qualcomm Atheros, Inc. * * This software may be distributed under the terms of the BSD license. * See README for more details. @@ -14,6 +14,9 @@ int hostapd_handle_dfs(struct hostapd_iface *iface); int hostapd_dfs_complete_cac(struct hostapd_iface *iface, int success, int freq, int ht_enabled, int chan_offset, int chan_width, int cf1, int cf2); +int hostapd_dfs_pre_cac_expired(struct hostapd_iface *iface, int freq, + int ht_enabled, int chan_offset, int chan_width, + int cf1, int cf2); int hostapd_dfs_radar_detected(struct hostapd_iface *iface, int freq, int ht_enabled, int chan_offset, int chan_width, diff --git a/contrib/wpa/src/ap/dhcp_snoop.c b/contrib/wpa/src/ap/dhcp_snoop.c index f0212fb2a984..6d8c2f4be0da 100644 --- a/contrib/wpa/src/ap/dhcp_snoop.c +++ b/contrib/wpa/src/ap/dhcp_snoop.c @@ -7,10 +7,9 @@ */ #include "utils/includes.h" -#include <netinet/ip.h> -#include <netinet/udp.h> #include "utils/common.h" +#include "common/dhcp.h" #include "l2_packet/l2_packet.h" #include "hostapd.h" #include "sta_info.h" @@ -18,29 +17,6 @@ #include "x_snoop.h" #include "dhcp_snoop.h" -struct bootp_pkt { - struct iphdr iph; - struct udphdr udph; - u8 op; - u8 htype; - u8 hlen; - u8 hops; - be32 xid; - be16 secs; - be16 flags; - be32 client_ip; - be32 your_ip; - be32 server_ip; - be32 relay_ip; - u8 hw_addr[16]; - u8 serv_name[64]; - u8 boot_file[128]; - u8 exten[312]; -} STRUCT_PACKED; - -#define DHCPACK 5 -static const u8 ic_bootp_cookie[] = { 99, 130, 83, 99 }; - static const char * ipaddr_str(u32 addr) { @@ -74,24 +50,26 @@ static void handle_dhcp(void *ctx, const u8 *src_addr, const u8 *buf, if (tot_len > (unsigned int) (len - ETH_HLEN)) return; - if (os_memcmp(b->exten, ic_bootp_cookie, ARRAY_SIZE(ic_bootp_cookie))) + if (WPA_GET_BE32(b->exten) != DHCP_MAGIC) return; /* Parse DHCP options */ end = (const u8 *) b + tot_len; pos = &b->exten[4]; - while (pos < end && *pos != 0xff) { + while (pos < end && *pos != DHCP_OPT_END) { const u8 *opt = pos++; - if (*opt == 0) /* padding */ + if (*opt == DHCP_OPT_PAD) continue; + if (pos >= end || 1 + *pos > end - pos) + break; pos += *pos + 1; if (pos >= end) break; switch (*opt) { - case 1: /* subnet mask */ + case DHCP_OPT_SUBNET_MASK: if (opt[1] == 4) subnet_mask = WPA_GET_BE32(&opt[2]); if (subnet_mask == 0) @@ -101,7 +79,7 @@ static void handle_dhcp(void *ctx, const u8 *src_addr, const u8 *buf, prefixlen--; } break; - case 53: /* message type */ + case DHCP_OPT_MSG_TYPE: if (opt[1]) msgtype = opt[2]; break; @@ -176,4 +154,5 @@ int dhcp_snoop_init(struct hostapd_data *hapd) void dhcp_snoop_deinit(struct hostapd_data *hapd) { l2_packet_deinit(hapd->sock_dhcp); + hapd->sock_dhcp = NULL; } diff --git a/contrib/wpa/src/ap/dpp_hostapd.c b/contrib/wpa/src/ap/dpp_hostapd.c new file mode 100644 index 000000000000..149f389f789f --- /dev/null +++ b/contrib/wpa/src/ap/dpp_hostapd.c @@ -0,0 +1,2096 @@ +/* + * hostapd / DPP integration + * Copyright (c) 2017, Qualcomm Atheros, Inc. + * + * This software may be distributed under the terms of the BSD license. + * See README for more details. + */ + +#include "utils/includes.h" + +#include "utils/common.h" +#include "utils/eloop.h" +#include "common/dpp.h" +#include "common/gas.h" +#include "common/wpa_ctrl.h" +#include "hostapd.h" +#include "ap_drv_ops.h" +#include "gas_query_ap.h" +#include "wpa_auth.h" +#include "dpp_hostapd.h" + + +static void hostapd_dpp_reply_wait_timeout(void *eloop_ctx, void *timeout_ctx); +static void hostapd_dpp_auth_success(struct hostapd_data *hapd, int initiator); +static void hostapd_dpp_init_timeout(void *eloop_ctx, void *timeout_ctx); +static int hostapd_dpp_auth_init_next(struct hostapd_data *hapd); + +static const u8 broadcast[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }; + + +static struct dpp_configurator * +hostapd_dpp_configurator_get_id(struct hostapd_data *hapd, unsigned int id) +{ + struct dpp_configurator *conf; + + dl_list_for_each(conf, &hapd->iface->interfaces->dpp_configurator, + struct dpp_configurator, list) { + if (conf->id == id) + return conf; + } + return NULL; +} + + +static unsigned int hapd_dpp_next_id(struct hostapd_data *hapd) +{ + struct dpp_bootstrap_info *bi; + unsigned int max_id = 0; + + dl_list_for_each(bi, &hapd->iface->interfaces->dpp_bootstrap, + struct dpp_bootstrap_info, list) { + if (bi->id > max_id) + max_id = bi->id; + } + return max_id + 1; +} + + +/** + * hostapd_dpp_qr_code - Parse and add DPP bootstrapping info from a QR Code + * @hapd: Pointer to hostapd_data + * @cmd: DPP URI read from a QR Code + * Returns: Identifier of the stored info or -1 on failure + */ +int hostapd_dpp_qr_code(struct hostapd_data *hapd, const char *cmd) +{ + struct dpp_bootstrap_info *bi; + struct dpp_authentication *auth = hapd->dpp_auth; + + bi = dpp_parse_qr_code(cmd); + if (!bi) + return -1; + + bi->id = hapd_dpp_next_id(hapd); + dl_list_add(&hapd->iface->interfaces->dpp_bootstrap, &bi->list); + + if (auth && auth->response_pending && + dpp_notify_new_qr_code(auth, bi) == 1) { + wpa_printf(MSG_DEBUG, + "DPP: Sending out pending authentication response"); + wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR + " freq=%u type=%d", + MAC2STR(auth->peer_mac_addr), auth->curr_freq, + DPP_PA_AUTHENTICATION_RESP); + hostapd_drv_send_action(hapd, auth->curr_freq, 0, + auth->peer_mac_addr, + wpabuf_head(hapd->dpp_auth->resp_msg), + wpabuf_len(hapd->dpp_auth->resp_msg)); + } + + return bi->id; +} + + +static char * get_param(const char *cmd, const char *param) +{ + const char *pos, *end; + char *val; + size_t len; + + pos = os_strstr(cmd, param); + if (!pos) + return NULL; + + pos += os_strlen(param); + end = os_strchr(pos, ' '); + if (end) + len = end - pos; + else + len = os_strlen(pos); + val = os_malloc(len + 1); + if (!val) + return NULL; + os_memcpy(val, pos, len); + val[len] = '\0'; + return val; +} + + +int hostapd_dpp_bootstrap_gen(struct hostapd_data *hapd, const char *cmd) +{ + char *chan = NULL, *mac = NULL, *info = NULL, *pk = NULL, *curve = NULL; + char *key = NULL; + u8 *privkey = NULL; + size_t privkey_len = 0; + size_t len; + int ret = -1; + struct dpp_bootstrap_info *bi; + + bi = os_zalloc(sizeof(*bi)); + if (!bi) + goto fail; + + if (os_strstr(cmd, "type=qrcode")) + bi->type = DPP_BOOTSTRAP_QR_CODE; + else if (os_strstr(cmd, "type=pkex")) + bi->type = DPP_BOOTSTRAP_PKEX; + else + goto fail; + + chan = get_param(cmd, " chan="); + mac = get_param(cmd, " mac="); + info = get_param(cmd, " info="); + curve = get_param(cmd, " curve="); + key = get_param(cmd, " key="); + + if (key) { + privkey_len = os_strlen(key) / 2; + privkey = os_malloc(privkey_len); + if (!privkey || + hexstr2bin(key, privkey, privkey_len) < 0) + goto fail; + } + + pk = dpp_keygen(bi, curve, privkey, privkey_len); + if (!pk) + goto fail; + + len = 4; /* "DPP:" */ + if (chan) { + if (dpp_parse_uri_chan_list(bi, chan) < 0) + goto fail; + len += 3 + os_strlen(chan); /* C:...; */ + } + if (mac) { + if (dpp_parse_uri_mac(bi, mac) < 0) + goto fail; + len += 3 + os_strlen(mac); /* M:...; */ + } + if (info) { + if (dpp_parse_uri_info(bi, info) < 0) + goto fail; + len += 3 + os_strlen(info); /* I:...; */ + } + len += 4 + os_strlen(pk); + bi->uri = os_malloc(len + 1); + if (!bi->uri) + goto fail; + os_snprintf(bi->uri, len + 1, "DPP:%s%s%s%s%s%s%s%s%sK:%s;;", + chan ? "C:" : "", chan ? chan : "", chan ? ";" : "", + mac ? "M:" : "", mac ? mac : "", mac ? ";" : "", + info ? "I:" : "", info ? info : "", info ? ";" : "", + pk); + bi->id = hapd_dpp_next_id(hapd); + dl_list_add(&hapd->iface->interfaces->dpp_bootstrap, &bi->list); + ret = bi->id; + bi = NULL; +fail: + os_free(curve); + os_free(pk); + os_free(chan); + os_free(mac); + os_free(info); + str_clear_free(key); + bin_clear_free(privkey, privkey_len); + dpp_bootstrap_info_free(bi); + return ret; +} + + +static struct dpp_bootstrap_info * +dpp_bootstrap_get_id(struct hostapd_data *hapd, unsigned int id) +{ + struct dpp_bootstrap_info *bi; + + dl_list_for_each(bi, &hapd->iface->interfaces->dpp_bootstrap, + struct dpp_bootstrap_info, list) { + if (bi->id == id) + return bi; + } + return NULL; +} + + +static int dpp_bootstrap_del(struct hapd_interfaces *ifaces, unsigned int id) +{ + struct dpp_bootstrap_info *bi, *tmp; + int found = 0; + + dl_list_for_each_safe(bi, tmp, &ifaces->dpp_bootstrap, + struct dpp_bootstrap_info, list) { + if (id && bi->id != id) + continue; + found = 1; + dl_list_del(&bi->list); + dpp_bootstrap_info_free(bi); + } + + if (id == 0) + return 0; /* flush succeeds regardless of entries found */ + return found ? 0 : -1; +} + + +int hostapd_dpp_bootstrap_remove(struct hostapd_data *hapd, const char *id) +{ + unsigned int id_val; + + if (os_strcmp(id, "*") == 0) { + id_val = 0; + } else { + id_val = atoi(id); + if (id_val == 0) + return -1; + } + + return dpp_bootstrap_del(hapd->iface->interfaces, id_val); +} + + +const char * hostapd_dpp_bootstrap_get_uri(struct hostapd_data *hapd, + unsigned int id) +{ + struct dpp_bootstrap_info *bi; + + bi = dpp_bootstrap_get_id(hapd, id); + if (!bi) + return NULL; + return bi->uri; +} + + +int hostapd_dpp_bootstrap_info(struct hostapd_data *hapd, int id, + char *reply, int reply_size) +{ + struct dpp_bootstrap_info *bi; + + bi = dpp_bootstrap_get_id(hapd, id); + if (!bi) + return -1; + return os_snprintf(reply, reply_size, "type=%s\n" + "mac_addr=" MACSTR "\n" + "info=%s\n" + "num_freq=%u\n" + "curve=%s\n", + dpp_bootstrap_type_txt(bi->type), + MAC2STR(bi->mac_addr), + bi->info ? bi->info : "", + bi->num_freq, + bi->curve->name); +} + + +static void hostapd_dpp_auth_resp_retry_timeout(void *eloop_ctx, + void *timeout_ctx) +{ + struct hostapd_data *hapd = eloop_ctx; + struct dpp_authentication *auth = hapd->dpp_auth; + + if (!auth || !auth->resp_msg) + return; + + wpa_printf(MSG_DEBUG, + "DPP: Retry Authentication Response after timeout"); + wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR + " freq=%u type=%d", + MAC2STR(auth->peer_mac_addr), auth->curr_freq, + DPP_PA_AUTHENTICATION_RESP); + hostapd_drv_send_action(hapd, auth->curr_freq, 500, auth->peer_mac_addr, + wpabuf_head(auth->resp_msg), + wpabuf_len(auth->resp_msg)); +} + + +static void hostapd_dpp_auth_resp_retry(struct hostapd_data *hapd) +{ + struct dpp_authentication *auth = hapd->dpp_auth; + unsigned int wait_time, max_tries; + + if (!auth || !auth->resp_msg) + return; + + if (hapd->dpp_resp_max_tries) + max_tries = hapd->dpp_resp_max_tries; + else + max_tries = 5; + auth->auth_resp_tries++; + if (auth->auth_resp_tries >= max_tries) { + wpa_printf(MSG_INFO, + "DPP: No confirm received from initiator - stopping exchange"); + hostapd_drv_send_action_cancel_wait(hapd); + dpp_auth_deinit(hapd->dpp_auth); + hapd->dpp_auth = NULL; + return; + } + + if (hapd->dpp_resp_retry_time) + wait_time = hapd->dpp_resp_retry_time; + else + wait_time = 1000; + wpa_printf(MSG_DEBUG, + "DPP: Schedule retransmission of Authentication Response frame in %u ms", + wait_time); + eloop_cancel_timeout(hostapd_dpp_auth_resp_retry_timeout, hapd, NULL); + eloop_register_timeout(wait_time / 1000, + (wait_time % 1000) * 1000, + hostapd_dpp_auth_resp_retry_timeout, hapd, NULL); +} + + +void hostapd_dpp_tx_status(struct hostapd_data *hapd, const u8 *dst, + const u8 *data, size_t data_len, int ok) +{ + struct dpp_authentication *auth = hapd->dpp_auth; + + wpa_printf(MSG_DEBUG, "DPP: TX status: dst=" MACSTR " ok=%d", + MAC2STR(dst), ok); + wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_TX_STATUS "dst=" MACSTR + " result=%s", MAC2STR(dst), ok ? "SUCCESS" : "FAILED"); + + if (!hapd->dpp_auth) { + wpa_printf(MSG_DEBUG, + "DPP: Ignore TX status since there is no ongoing authentication exchange"); + return; + } + + if (hapd->dpp_auth->remove_on_tx_status) { + wpa_printf(MSG_DEBUG, + "DPP: Terminate authentication exchange due to an earlier error"); + eloop_cancel_timeout(hostapd_dpp_init_timeout, hapd, NULL); + eloop_cancel_timeout(hostapd_dpp_reply_wait_timeout, + hapd, NULL); + eloop_cancel_timeout(hostapd_dpp_auth_resp_retry_timeout, hapd, + NULL); + hostapd_drv_send_action_cancel_wait(hapd); + dpp_auth_deinit(hapd->dpp_auth); + hapd->dpp_auth = NULL; + return; + } + + if (hapd->dpp_auth_ok_on_ack) + hostapd_dpp_auth_success(hapd, 1); + + if (!is_broadcast_ether_addr(dst) && !ok) { + wpa_printf(MSG_DEBUG, + "DPP: Unicast DPP Action frame was not ACKed"); + if (auth->waiting_auth_resp) { + /* In case of DPP Authentication Request frame, move to + * the next channel immediately. */ + hostapd_drv_send_action_cancel_wait(hapd); + hostapd_dpp_auth_init_next(hapd); + return; + } + if (auth->waiting_auth_conf) { + hostapd_dpp_auth_resp_retry(hapd); + return; + } + } + + if (!is_broadcast_ether_addr(dst) && auth->waiting_auth_resp && ok) { + /* Allow timeout handling to stop iteration if no response is + * received from a peer that has ACKed a request. */ + auth->auth_req_ack = 1; + } + + if (!hapd->dpp_auth_ok_on_ack && hapd->dpp_auth->neg_freq > 0 && + hapd->dpp_auth->curr_freq != hapd->dpp_auth->neg_freq) { + wpa_printf(MSG_DEBUG, + "DPP: Move from curr_freq %u MHz to neg_freq %u MHz for response", + hapd->dpp_auth->curr_freq, + hapd->dpp_auth->neg_freq); + hostapd_drv_send_action_cancel_wait(hapd); + + if (hapd->dpp_auth->neg_freq != + (unsigned int) hapd->iface->freq && hapd->iface->freq > 0) { + /* TODO: Listen operation on non-operating channel */ + wpa_printf(MSG_INFO, + "DPP: Listen operation on non-operating channel (%d MHz) is not yet supported (operating channel: %d MHz)", + hapd->dpp_auth->neg_freq, hapd->iface->freq); + } + } + + if (hapd->dpp_auth_ok_on_ack) + hapd->dpp_auth_ok_on_ack = 0; +} + + +static void hostapd_dpp_reply_wait_timeout(void *eloop_ctx, void *timeout_ctx) +{ + struct hostapd_data *hapd = eloop_ctx; + struct dpp_authentication *auth = hapd->dpp_auth; + unsigned int freq; + struct os_reltime now, diff; + unsigned int wait_time, diff_ms; + + if (!auth || !auth->waiting_auth_resp) + return; + + wait_time = hapd->dpp_resp_wait_time ? + hapd->dpp_resp_wait_time : 2000; + os_get_reltime(&now); + os_reltime_sub(&now, &hapd->dpp_last_init, &diff); + diff_ms = diff.sec * 1000 + diff.usec / 1000; + wpa_printf(MSG_DEBUG, + "DPP: Reply wait timeout - wait_time=%u diff_ms=%u", + wait_time, diff_ms); + + if (auth->auth_req_ack && diff_ms >= wait_time) { + /* Peer ACK'ed Authentication Request frame, but did not reply + * with Authentication Response frame within two seconds. */ + wpa_printf(MSG_INFO, + "DPP: No response received from responder - stopping initiation attempt"); + wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_AUTH_INIT_FAILED); + hostapd_drv_send_action_cancel_wait(hapd); + hostapd_dpp_listen_stop(hapd); + dpp_auth_deinit(auth); + hapd->dpp_auth = NULL; + return; + } + + if (diff_ms >= wait_time) { + /* Authentication Request frame was not ACK'ed and no reply + * was receiving within two seconds. */ + wpa_printf(MSG_DEBUG, + "DPP: Continue Initiator channel iteration"); + hostapd_drv_send_action_cancel_wait(hapd); + hostapd_dpp_listen_stop(hapd); + hostapd_dpp_auth_init_next(hapd); + return; + } + + /* Driver did not support 2000 ms long wait_time with TX command, so + * schedule listen operation to continue waiting for the response. + * + * DPP listen operations continue until stopped, so simply schedule a + * new call to this function at the point when the two second reply + * wait has expired. */ + wait_time -= diff_ms; + + freq = auth->curr_freq; + if (auth->neg_freq > 0) + freq = auth->neg_freq; + wpa_printf(MSG_DEBUG, + "DPP: Continue reply wait on channel %u MHz for %u ms", + freq, wait_time); + hapd->dpp_in_response_listen = 1; + + if (freq != (unsigned int) hapd->iface->freq && hapd->iface->freq > 0) { + /* TODO: Listen operation on non-operating channel */ + wpa_printf(MSG_INFO, + "DPP: Listen operation on non-operating channel (%d MHz) is not yet supported (operating channel: %d MHz)", + freq, hapd->iface->freq); + } + + eloop_register_timeout(wait_time / 1000, (wait_time % 1000) * 1000, + hostapd_dpp_reply_wait_timeout, hapd, NULL); +} + + +static void hostapd_dpp_set_testing_options(struct hostapd_data *hapd, + struct dpp_authentication *auth) +{ +#ifdef CONFIG_TESTING_OPTIONS + if (hapd->dpp_config_obj_override) + auth->config_obj_override = + os_strdup(hapd->dpp_config_obj_override); + if (hapd->dpp_discovery_override) + auth->discovery_override = + os_strdup(hapd->dpp_discovery_override); + if (hapd->dpp_groups_override) + auth->groups_override = os_strdup(hapd->dpp_groups_override); + auth->ignore_netaccesskey_mismatch = + hapd->dpp_ignore_netaccesskey_mismatch; +#endif /* CONFIG_TESTING_OPTIONS */ +} + + +static int hostapd_dpp_set_configurator(struct hostapd_data *hapd, + struct dpp_authentication *auth, + const char *cmd) +{ + const char *pos, *end; + struct dpp_configuration *conf_sta = NULL, *conf_ap = NULL; + struct dpp_configurator *conf = NULL; + u8 ssid[32] = { "test" }; + size_t ssid_len = 4; + char pass[64] = { }; + size_t pass_len = 0; + u8 psk[PMK_LEN]; + int psk_set = 0; + char *group_id = NULL; + + if (!cmd) + return 0; + + wpa_printf(MSG_DEBUG, "DPP: Set configurator parameters: %s", cmd); + pos = os_strstr(cmd, " ssid="); + if (pos) { + pos += 6; + end = os_strchr(pos, ' '); + ssid_len = end ? (size_t) (end - pos) : os_strlen(pos); + ssid_len /= 2; + if (ssid_len > sizeof(ssid) || + hexstr2bin(pos, ssid, ssid_len) < 0) + goto fail; + } + + pos = os_strstr(cmd, " pass="); + if (pos) { + pos += 6; + end = os_strchr(pos, ' '); + pass_len = end ? (size_t) (end - pos) : os_strlen(pos); + pass_len /= 2; + if (pass_len > sizeof(pass) - 1 || pass_len < 8 || + hexstr2bin(pos, (u8 *) pass, pass_len) < 0) + goto fail; + } + + pos = os_strstr(cmd, " psk="); + if (pos) { + pos += 5; + if (hexstr2bin(pos, psk, PMK_LEN) < 0) + goto fail; + psk_set = 1; + } + + pos = os_strstr(cmd, " group_id="); + if (pos) { + size_t group_id_len; + + pos += 10; + end = os_strchr(pos, ' '); + group_id_len = end ? (size_t) (end - pos) : os_strlen(pos); + group_id = os_malloc(group_id_len + 1); + if (!group_id) + goto fail; + os_memcpy(group_id, pos, group_id_len); + group_id[group_id_len] = '\0'; + } + + if (os_strstr(cmd, " conf=sta-")) { + conf_sta = os_zalloc(sizeof(struct dpp_configuration)); + if (!conf_sta) + goto fail; + os_memcpy(conf_sta->ssid, ssid, ssid_len); + conf_sta->ssid_len = ssid_len; + if (os_strstr(cmd, " conf=sta-psk") || + os_strstr(cmd, " conf=sta-sae") || + os_strstr(cmd, " conf=sta-psk-sae")) { + if (os_strstr(cmd, " conf=sta-psk-sae")) + conf_sta->akm = DPP_AKM_PSK_SAE; + else if (os_strstr(cmd, " conf=sta-sae")) + conf_sta->akm = DPP_AKM_SAE; + else + conf_sta->akm = DPP_AKM_PSK; + if (psk_set) { + os_memcpy(conf_sta->psk, psk, PMK_LEN); + } else { + conf_sta->passphrase = os_strdup(pass); + if (!conf_sta->passphrase) + goto fail; + } + } else if (os_strstr(cmd, " conf=sta-dpp")) { + conf_sta->akm = DPP_AKM_DPP; + } else { + goto fail; + } + if (os_strstr(cmd, " group_id=")) { + conf_sta->group_id = group_id; + group_id = NULL; + } + } + + if (os_strstr(cmd, " conf=ap-")) { + conf_ap = os_zalloc(sizeof(struct dpp_configuration)); + if (!conf_ap) + goto fail; + os_memcpy(conf_ap->ssid, ssid, ssid_len); + conf_ap->ssid_len = ssid_len; + if (os_strstr(cmd, " conf=ap-psk") || + os_strstr(cmd, " conf=ap-sae") || + os_strstr(cmd, " conf=ap-psk-sae")) { + if (os_strstr(cmd, " conf=ap-psk-sae")) + conf_ap->akm = DPP_AKM_PSK_SAE; + else if (os_strstr(cmd, " conf=ap-sae")) + conf_ap->akm = DPP_AKM_SAE; + else + conf_ap->akm = DPP_AKM_PSK; + if (psk_set) { + os_memcpy(conf_ap->psk, psk, PMK_LEN); + } else if (pass_len > 0) { + conf_ap->passphrase = os_strdup(pass); + if (!conf_ap->passphrase) + goto fail; + } else { + goto fail; + } + } else if (os_strstr(cmd, " conf=ap-dpp")) { + conf_ap->akm = DPP_AKM_DPP; + } else { + goto fail; + } + if (os_strstr(cmd, " group_id=")) { + conf_ap->group_id = group_id; + group_id = NULL; + } + } + + pos = os_strstr(cmd, " expiry="); + if (pos) { + long int val; + + pos += 8; + val = strtol(pos, NULL, 0); + if (val <= 0) + goto fail; + if (conf_sta) + conf_sta->netaccesskey_expiry = val; + if (conf_ap) + conf_ap->netaccesskey_expiry = val; + } + + pos = os_strstr(cmd, " configurator="); + if (pos) { + auth->configurator = 1; + pos += 14; + conf = hostapd_dpp_configurator_get_id(hapd, atoi(pos)); + if (!conf) { + wpa_printf(MSG_INFO, + "DPP: Could not find the specified configurator"); + goto fail; + } + } + auth->conf_sta = conf_sta; + auth->conf_ap = conf_ap; + auth->conf = conf; + os_free(group_id); + return 0; + +fail: + wpa_msg(hapd->msg_ctx, MSG_INFO, + "DPP: Failed to set configurator parameters"); + dpp_configuration_free(conf_sta); + dpp_configuration_free(conf_ap); + os_free(group_id); + return -1; +} + + +static void hostapd_dpp_init_timeout(void *eloop_ctx, void *timeout_ctx) +{ + struct hostapd_data *hapd = eloop_ctx; + + if (!hapd->dpp_auth) + return; + wpa_printf(MSG_DEBUG, "DPP: Retry initiation after timeout"); + hostapd_dpp_auth_init_next(hapd); +} + + +static int hostapd_dpp_auth_init_next(struct hostapd_data *hapd) +{ + struct dpp_authentication *auth = hapd->dpp_auth; + const u8 *dst; + unsigned int wait_time, max_wait_time, freq, max_tries, used; + struct os_reltime now, diff; + + if (!auth) + return -1; + + if (auth->freq_idx == 0) + os_get_reltime(&hapd->dpp_init_iter_start); + + if (auth->freq_idx >= auth->num_freq) { + auth->num_freq_iters++; + if (hapd->dpp_init_max_tries) + max_tries = hapd->dpp_init_max_tries; + else + max_tries = 5; + if (auth->num_freq_iters >= max_tries || auth->auth_req_ack) { + wpa_printf(MSG_INFO, + "DPP: No response received from responder - stopping initiation attempt"); + wpa_msg(hapd->msg_ctx, MSG_INFO, + DPP_EVENT_AUTH_INIT_FAILED); + eloop_cancel_timeout(hostapd_dpp_reply_wait_timeout, + hapd, NULL); + hostapd_drv_send_action_cancel_wait(hapd); + dpp_auth_deinit(hapd->dpp_auth); + hapd->dpp_auth = NULL; + return -1; + } + auth->freq_idx = 0; + eloop_cancel_timeout(hostapd_dpp_init_timeout, hapd, NULL); + if (hapd->dpp_init_retry_time) + wait_time = hapd->dpp_init_retry_time; + else + wait_time = 10000; + os_get_reltime(&now); + os_reltime_sub(&now, &hapd->dpp_init_iter_start, &diff); + used = diff.sec * 1000 + diff.usec / 1000; + if (used > wait_time) + wait_time = 0; + else + wait_time -= used; + wpa_printf(MSG_DEBUG, "DPP: Next init attempt in %u ms", + wait_time); + eloop_register_timeout(wait_time / 1000, + (wait_time % 1000) * 1000, + hostapd_dpp_init_timeout, hapd, + NULL); + return 0; + } + freq = auth->freq[auth->freq_idx++]; + auth->curr_freq = freq; + + if (is_zero_ether_addr(auth->peer_bi->mac_addr)) + dst = broadcast; + else + dst = auth->peer_bi->mac_addr; + hapd->dpp_auth_ok_on_ack = 0; + eloop_cancel_timeout(hostapd_dpp_reply_wait_timeout, hapd, NULL); + wait_time = 2000; /* TODO: hapd->max_remain_on_chan; */ + max_wait_time = hapd->dpp_resp_wait_time ? + hapd->dpp_resp_wait_time : 2000; + if (wait_time > max_wait_time) + wait_time = max_wait_time; + wait_time += 10; /* give the driver some extra time to complete */ + eloop_register_timeout(wait_time / 1000, (wait_time % 1000) * 1000, + hostapd_dpp_reply_wait_timeout, hapd, NULL); + wait_time -= 10; + if (auth->neg_freq > 0 && freq != auth->neg_freq) { + wpa_printf(MSG_DEBUG, + "DPP: Initiate on %u MHz and move to neg_freq %u MHz for response", + freq, auth->neg_freq); + } + wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR + " freq=%u type=%d", + MAC2STR(dst), freq, DPP_PA_AUTHENTICATION_REQ); + auth->auth_req_ack = 0; + os_get_reltime(&hapd->dpp_last_init); + return hostapd_drv_send_action(hapd, freq, wait_time, + dst, + wpabuf_head(hapd->dpp_auth->req_msg), + wpabuf_len(hapd->dpp_auth->req_msg)); +} + + +int hostapd_dpp_auth_init(struct hostapd_data *hapd, const char *cmd) +{ + const char *pos; + struct dpp_bootstrap_info *peer_bi, *own_bi = NULL; + u8 allowed_roles = DPP_CAPAB_CONFIGURATOR; + unsigned int neg_freq = 0; + + pos = os_strstr(cmd, " peer="); + if (!pos) + return -1; + pos += 6; + peer_bi = dpp_bootstrap_get_id(hapd, atoi(pos)); + if (!peer_bi) { + wpa_printf(MSG_INFO, + "DPP: Could not find bootstrapping info for the identified peer"); + return -1; + } + + pos = os_strstr(cmd, " own="); + if (pos) { + pos += 5; + own_bi = dpp_bootstrap_get_id(hapd, atoi(pos)); + if (!own_bi) { + wpa_printf(MSG_INFO, + "DPP: Could not find bootstrapping info for the identified local entry"); + return -1; + } + + if (peer_bi->curve != own_bi->curve) { + wpa_printf(MSG_INFO, + "DPP: Mismatching curves in bootstrapping info (peer=%s own=%s)", + peer_bi->curve->name, own_bi->curve->name); + return -1; + } + } + + pos = os_strstr(cmd, " role="); + if (pos) { + pos += 6; + if (os_strncmp(pos, "configurator", 12) == 0) + allowed_roles = DPP_CAPAB_CONFIGURATOR; + else if (os_strncmp(pos, "enrollee", 8) == 0) + allowed_roles = DPP_CAPAB_ENROLLEE; + else if (os_strncmp(pos, "either", 6) == 0) + allowed_roles = DPP_CAPAB_CONFIGURATOR | + DPP_CAPAB_ENROLLEE; + else + goto fail; + } + + pos = os_strstr(cmd, " neg_freq="); + if (pos) + neg_freq = atoi(pos + 10); + + if (hapd->dpp_auth) { + eloop_cancel_timeout(hostapd_dpp_init_timeout, hapd, NULL); + eloop_cancel_timeout(hostapd_dpp_reply_wait_timeout, + hapd, NULL); + eloop_cancel_timeout(hostapd_dpp_auth_resp_retry_timeout, hapd, + NULL); + hostapd_drv_send_action_cancel_wait(hapd); + dpp_auth_deinit(hapd->dpp_auth); + } + + hapd->dpp_auth = dpp_auth_init(hapd->msg_ctx, peer_bi, own_bi, + allowed_roles, neg_freq, + hapd->iface->hw_features, + hapd->iface->num_hw_features); + if (!hapd->dpp_auth) + goto fail; + hostapd_dpp_set_testing_options(hapd, hapd->dpp_auth); + if (hostapd_dpp_set_configurator(hapd, hapd->dpp_auth, cmd) < 0) { + dpp_auth_deinit(hapd->dpp_auth); + hapd->dpp_auth = NULL; + goto fail; + } + + hapd->dpp_auth->neg_freq = neg_freq; + + if (!is_zero_ether_addr(peer_bi->mac_addr)) + os_memcpy(hapd->dpp_auth->peer_mac_addr, peer_bi->mac_addr, + ETH_ALEN); + + return hostapd_dpp_auth_init_next(hapd); +fail: + return -1; +} + + +int hostapd_dpp_listen(struct hostapd_data *hapd, const char *cmd) +{ + int freq; + + freq = atoi(cmd); + if (freq <= 0) + return -1; + + if (os_strstr(cmd, " role=configurator")) + hapd->dpp_allowed_roles = DPP_CAPAB_CONFIGURATOR; + else if (os_strstr(cmd, " role=enrollee")) + hapd->dpp_allowed_roles = DPP_CAPAB_ENROLLEE; + else + hapd->dpp_allowed_roles = DPP_CAPAB_CONFIGURATOR | + DPP_CAPAB_ENROLLEE; + hapd->dpp_qr_mutual = os_strstr(cmd, " qr=mutual") != NULL; + + if (freq != hapd->iface->freq && hapd->iface->freq > 0) { + /* TODO: Listen operation on non-operating channel */ + wpa_printf(MSG_INFO, + "DPP: Listen operation on non-operating channel (%d MHz) is not yet supported (operating channel: %d MHz)", + freq, hapd->iface->freq); + return -1; + } + + return 0; +} + + +void hostapd_dpp_listen_stop(struct hostapd_data *hapd) +{ + /* TODO: Stop listen operation on non-operating channel */ +} + + +static void hostapd_dpp_rx_auth_req(struct hostapd_data *hapd, const u8 *src, + const u8 *hdr, const u8 *buf, size_t len, + unsigned int freq) +{ + const u8 *r_bootstrap, *i_bootstrap; + u16 r_bootstrap_len, i_bootstrap_len; + struct dpp_bootstrap_info *bi, *own_bi = NULL, *peer_bi = NULL; + + wpa_printf(MSG_DEBUG, "DPP: Authentication Request from " MACSTR, + MAC2STR(src)); + + r_bootstrap = dpp_get_attr(buf, len, DPP_ATTR_R_BOOTSTRAP_KEY_HASH, + &r_bootstrap_len); + if (!r_bootstrap || r_bootstrap_len != SHA256_MAC_LEN) { + wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_FAIL + "Missing or invalid required Responder Bootstrapping Key Hash attribute"); + return; + } + wpa_hexdump(MSG_MSGDUMP, "DPP: Responder Bootstrapping Key Hash", + r_bootstrap, r_bootstrap_len); + + i_bootstrap = dpp_get_attr(buf, len, DPP_ATTR_I_BOOTSTRAP_KEY_HASH, + &i_bootstrap_len); + if (!i_bootstrap || i_bootstrap_len != SHA256_MAC_LEN) { + wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_FAIL + "Missing or invalid required Initiator Bootstrapping Key Hash attribute"); + return; + } + wpa_hexdump(MSG_MSGDUMP, "DPP: Initiator Bootstrapping Key Hash", + i_bootstrap, i_bootstrap_len); + + /* Try to find own and peer bootstrapping key matches based on the + * received hash values */ + dl_list_for_each(bi, &hapd->iface->interfaces->dpp_bootstrap, + struct dpp_bootstrap_info, list) { + if (!own_bi && bi->own && + os_memcmp(bi->pubkey_hash, r_bootstrap, + SHA256_MAC_LEN) == 0) { + wpa_printf(MSG_DEBUG, + "DPP: Found matching own bootstrapping information"); + own_bi = bi; + } + + if (!peer_bi && !bi->own && + os_memcmp(bi->pubkey_hash, i_bootstrap, + SHA256_MAC_LEN) == 0) { + wpa_printf(MSG_DEBUG, + "DPP: Found matching peer bootstrapping information"); + peer_bi = bi; + } + + if (own_bi && peer_bi) + break; + } + + if (!own_bi) { + wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_FAIL + "No matching own bootstrapping key found - ignore message"); + return; + } + + if (hapd->dpp_auth) { + wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_FAIL + "Already in DPP authentication exchange - ignore new one"); + return; + } + + hapd->dpp_auth_ok_on_ack = 0; + hapd->dpp_auth = dpp_auth_req_rx(hapd->msg_ctx, hapd->dpp_allowed_roles, + hapd->dpp_qr_mutual, + peer_bi, own_bi, freq, hdr, buf, len); + if (!hapd->dpp_auth) { + wpa_printf(MSG_DEBUG, "DPP: No response generated"); + return; + } + hostapd_dpp_set_testing_options(hapd, hapd->dpp_auth); + if (hostapd_dpp_set_configurator(hapd, hapd->dpp_auth, + hapd->dpp_configurator_params) < 0) { + dpp_auth_deinit(hapd->dpp_auth); + hapd->dpp_auth = NULL; + return; + } + os_memcpy(hapd->dpp_auth->peer_mac_addr, src, ETH_ALEN); + + wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR + " freq=%u type=%d", + MAC2STR(src), hapd->dpp_auth->curr_freq, + DPP_PA_AUTHENTICATION_RESP); + hostapd_drv_send_action(hapd, hapd->dpp_auth->curr_freq, 0, + src, wpabuf_head(hapd->dpp_auth->resp_msg), + wpabuf_len(hapd->dpp_auth->resp_msg)); +} + + +static void hostapd_dpp_handle_config_obj(struct hostapd_data *hapd, + struct dpp_authentication *auth) +{ + wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_CONF_RECEIVED); + wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_CONFOBJ_AKM "%s", + dpp_akm_str(auth->akm)); + if (auth->ssid_len) + wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_CONFOBJ_SSID "%s", + wpa_ssid_txt(auth->ssid, auth->ssid_len)); + if (auth->connector) { + /* TODO: Save the Connector and consider using a command + * to fetch the value instead of sending an event with + * it. The Connector could end up being larger than what + * most clients are ready to receive as an event + * message. */ + wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_CONNECTOR "%s", + auth->connector); + } else if (auth->passphrase[0]) { + char hex[64 * 2 + 1]; + + wpa_snprintf_hex(hex, sizeof(hex), + (const u8 *) auth->passphrase, + os_strlen(auth->passphrase)); + wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_CONFOBJ_PASS "%s", + hex); + } else if (auth->psk_set) { + char hex[PMK_LEN * 2 + 1]; + + wpa_snprintf_hex(hex, sizeof(hex), auth->psk, PMK_LEN); + wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_CONFOBJ_PSK "%s", + hex); + } + if (auth->c_sign_key) { + char *hex; + size_t hexlen; + + hexlen = 2 * wpabuf_len(auth->c_sign_key) + 1; + hex = os_malloc(hexlen); + if (hex) { + wpa_snprintf_hex(hex, hexlen, + wpabuf_head(auth->c_sign_key), + wpabuf_len(auth->c_sign_key)); + wpa_msg(hapd->msg_ctx, MSG_INFO, + DPP_EVENT_C_SIGN_KEY "%s", hex); + os_free(hex); + } + } + if (auth->net_access_key) { + char *hex; + size_t hexlen; + + hexlen = 2 * wpabuf_len(auth->net_access_key) + 1; + hex = os_malloc(hexlen); + if (hex) { + wpa_snprintf_hex(hex, hexlen, + wpabuf_head(auth->net_access_key), + wpabuf_len(auth->net_access_key)); + if (auth->net_access_key_expiry) + wpa_msg(hapd->msg_ctx, MSG_INFO, + DPP_EVENT_NET_ACCESS_KEY "%s %lu", hex, + (unsigned long) + auth->net_access_key_expiry); + else + wpa_msg(hapd->msg_ctx, MSG_INFO, + DPP_EVENT_NET_ACCESS_KEY "%s", hex); + os_free(hex); + } + } +} + + +static void hostapd_dpp_gas_resp_cb(void *ctx, const u8 *addr, u8 dialog_token, + enum gas_query_ap_result result, + const struct wpabuf *adv_proto, + const struct wpabuf *resp, u16 status_code) +{ + struct hostapd_data *hapd = ctx; + const u8 *pos; + struct dpp_authentication *auth = hapd->dpp_auth; + + if (!auth || !auth->auth_success) { + wpa_printf(MSG_DEBUG, "DPP: No matching exchange in progress"); + return; + } + if (!resp || status_code != WLAN_STATUS_SUCCESS) { + wpa_printf(MSG_DEBUG, "DPP: GAS query did not succeed"); + goto fail; + } + + wpa_hexdump_buf(MSG_DEBUG, "DPP: Configuration Response adv_proto", + adv_proto); + wpa_hexdump_buf(MSG_DEBUG, "DPP: Configuration Response (GAS response)", + resp); + + if (wpabuf_len(adv_proto) != 10 || + !(pos = wpabuf_head(adv_proto)) || + pos[0] != WLAN_EID_ADV_PROTO || + pos[1] != 8 || + pos[3] != WLAN_EID_VENDOR_SPECIFIC || + pos[4] != 5 || + WPA_GET_BE24(&pos[5]) != OUI_WFA || + pos[8] != 0x1a || + pos[9] != 1) { + wpa_printf(MSG_DEBUG, + "DPP: Not a DPP Advertisement Protocol ID"); + goto fail; + } + + if (dpp_conf_resp_rx(auth, resp) < 0) { + wpa_printf(MSG_DEBUG, "DPP: Configuration attempt failed"); + goto fail; + } + + hostapd_dpp_handle_config_obj(hapd, auth); + dpp_auth_deinit(hapd->dpp_auth); + hapd->dpp_auth = NULL; + return; + +fail: + wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_CONF_FAILED); + dpp_auth_deinit(hapd->dpp_auth); + hapd->dpp_auth = NULL; +} + + +static void hostapd_dpp_start_gas_client(struct hostapd_data *hapd) +{ + struct dpp_authentication *auth = hapd->dpp_auth; + struct wpabuf *buf, *conf_req; + char json[100]; + int res; + int netrole_ap = 1; + + os_snprintf(json, sizeof(json), + "{\"name\":\"Test\"," + "\"wi-fi_tech\":\"infra\"," + "\"netRole\":\"%s\"}", + netrole_ap ? "ap" : "sta"); + wpa_printf(MSG_DEBUG, "DPP: GAS Config Attributes: %s", json); + + conf_req = dpp_build_conf_req(auth, json); + if (!conf_req) { + wpa_printf(MSG_DEBUG, + "DPP: No configuration request data available"); + return; + } + + buf = gas_build_initial_req(0, 10 + 2 + wpabuf_len(conf_req)); + if (!buf) { + wpabuf_free(conf_req); + return; + } + + /* Advertisement Protocol IE */ + wpabuf_put_u8(buf, WLAN_EID_ADV_PROTO); + wpabuf_put_u8(buf, 8); /* Length */ + wpabuf_put_u8(buf, 0x7f); + wpabuf_put_u8(buf, WLAN_EID_VENDOR_SPECIFIC); + wpabuf_put_u8(buf, 5); + wpabuf_put_be24(buf, OUI_WFA); + wpabuf_put_u8(buf, DPP_OUI_TYPE); + wpabuf_put_u8(buf, 0x01); + + /* GAS Query */ + wpabuf_put_le16(buf, wpabuf_len(conf_req)); + wpabuf_put_buf(buf, conf_req); + wpabuf_free(conf_req); + + wpa_printf(MSG_DEBUG, "DPP: GAS request to " MACSTR " (freq %u MHz)", + MAC2STR(auth->peer_mac_addr), auth->curr_freq); + + res = gas_query_ap_req(hapd->gas, auth->peer_mac_addr, auth->curr_freq, + buf, hostapd_dpp_gas_resp_cb, hapd); + if (res < 0) { + wpa_msg(hapd->msg_ctx, MSG_DEBUG, + "GAS: Failed to send Query Request"); + wpabuf_free(buf); + } else { + wpa_printf(MSG_DEBUG, + "DPP: GAS query started with dialog token %u", res); + } +} + + +static void hostapd_dpp_auth_success(struct hostapd_data *hapd, int initiator) +{ + wpa_printf(MSG_DEBUG, "DPP: Authentication succeeded"); + wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_AUTH_SUCCESS "init=%d", + initiator); +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_test == DPP_TEST_STOP_AT_AUTH_CONF) { + wpa_printf(MSG_INFO, + "DPP: TESTING - stop at Authentication Confirm"); + if (hapd->dpp_auth->configurator) { + /* Prevent GAS response */ + hapd->dpp_auth->auth_success = 0; + } + return; + } +#endif /* CONFIG_TESTING_OPTIONS */ + + if (!hapd->dpp_auth->configurator) + hostapd_dpp_start_gas_client(hapd); +} + + +static void hostapd_dpp_rx_auth_resp(struct hostapd_data *hapd, const u8 *src, + const u8 *hdr, const u8 *buf, size_t len, + unsigned int freq) +{ + struct dpp_authentication *auth = hapd->dpp_auth; + struct wpabuf *msg; + + wpa_printf(MSG_DEBUG, "DPP: Authentication Response from " MACSTR, + MAC2STR(src)); + + if (!auth) { + wpa_printf(MSG_DEBUG, + "DPP: No DPP Authentication in progress - drop"); + return; + } + + if (!is_zero_ether_addr(auth->peer_mac_addr) && + os_memcmp(src, auth->peer_mac_addr, ETH_ALEN) != 0) { + wpa_printf(MSG_DEBUG, "DPP: MAC address mismatch (expected " + MACSTR ") - drop", MAC2STR(auth->peer_mac_addr)); + return; + } + + eloop_cancel_timeout(hostapd_dpp_reply_wait_timeout, hapd, NULL); + + if (auth->curr_freq != freq && auth->neg_freq == freq) { + wpa_printf(MSG_DEBUG, + "DPP: Responder accepted request for different negotiation channel"); + auth->curr_freq = freq; + } + + eloop_cancel_timeout(hostapd_dpp_init_timeout, hapd, NULL); + msg = dpp_auth_resp_rx(auth, hdr, buf, len); + if (!msg) { + if (auth->auth_resp_status == DPP_STATUS_RESPONSE_PENDING) { + wpa_printf(MSG_DEBUG, "DPP: Wait for full response"); + return; + } + wpa_printf(MSG_DEBUG, "DPP: No confirm generated"); + return; + } + os_memcpy(auth->peer_mac_addr, src, ETH_ALEN); + + wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR + " freq=%u type=%d", MAC2STR(src), auth->curr_freq, + DPP_PA_AUTHENTICATION_CONF); + hostapd_drv_send_action(hapd, auth->curr_freq, 0, src, + wpabuf_head(msg), wpabuf_len(msg)); + wpabuf_free(msg); + hapd->dpp_auth_ok_on_ack = 1; +} + + +static void hostapd_dpp_rx_auth_conf(struct hostapd_data *hapd, const u8 *src, + const u8 *hdr, const u8 *buf, size_t len) +{ + struct dpp_authentication *auth = hapd->dpp_auth; + + wpa_printf(MSG_DEBUG, "DPP: Authentication Confirmation from " MACSTR, + MAC2STR(src)); + + if (!auth) { + wpa_printf(MSG_DEBUG, + "DPP: No DPP Authentication in progress - drop"); + return; + } + + if (os_memcmp(src, auth->peer_mac_addr, ETH_ALEN) != 0) { + wpa_printf(MSG_DEBUG, "DPP: MAC address mismatch (expected " + MACSTR ") - drop", MAC2STR(auth->peer_mac_addr)); + return; + } + + if (dpp_auth_conf_rx(auth, hdr, buf, len) < 0) { + wpa_printf(MSG_DEBUG, "DPP: Authentication failed"); + return; + } + + hostapd_dpp_auth_success(hapd, 0); +} + + +static void hostapd_dpp_send_peer_disc_resp(struct hostapd_data *hapd, + const u8 *src, unsigned int freq, + u8 trans_id, + enum dpp_status_error status) +{ + struct wpabuf *msg; + + msg = dpp_alloc_msg(DPP_PA_PEER_DISCOVERY_RESP, + 5 + 5 + 4 + os_strlen(hapd->conf->dpp_connector)); + if (!msg) + return; + +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_test == DPP_TEST_NO_TRANSACTION_ID_PEER_DISC_RESP) { + wpa_printf(MSG_INFO, "DPP: TESTING - no Transaction ID"); + goto skip_trans_id; + } + if (dpp_test == DPP_TEST_INVALID_TRANSACTION_ID_PEER_DISC_RESP) { + wpa_printf(MSG_INFO, "DPP: TESTING - invalid Transaction ID"); + trans_id ^= 0x01; + } +#endif /* CONFIG_TESTING_OPTIONS */ + + /* Transaction ID */ + wpabuf_put_le16(msg, DPP_ATTR_TRANSACTION_ID); + wpabuf_put_le16(msg, 1); + wpabuf_put_u8(msg, trans_id); + +#ifdef CONFIG_TESTING_OPTIONS +skip_trans_id: + if (dpp_test == DPP_TEST_NO_STATUS_PEER_DISC_RESP) { + wpa_printf(MSG_INFO, "DPP: TESTING - no Status"); + goto skip_status; + } + if (dpp_test == DPP_TEST_INVALID_STATUS_PEER_DISC_RESP) { + wpa_printf(MSG_INFO, "DPP: TESTING - invalid Status"); + status = 254; + } +#endif /* CONFIG_TESTING_OPTIONS */ + + /* DPP Status */ + wpabuf_put_le16(msg, DPP_ATTR_STATUS); + wpabuf_put_le16(msg, 1); + wpabuf_put_u8(msg, status); + +#ifdef CONFIG_TESTING_OPTIONS +skip_status: + if (dpp_test == DPP_TEST_NO_CONNECTOR_PEER_DISC_RESP) { + wpa_printf(MSG_INFO, "DPP: TESTING - no Connector"); + goto skip_connector; + } + if (status == DPP_STATUS_OK && + dpp_test == DPP_TEST_INVALID_CONNECTOR_PEER_DISC_RESP) { + char *connector; + + wpa_printf(MSG_INFO, "DPP: TESTING - invalid Connector"); + connector = dpp_corrupt_connector_signature( + hapd->conf->dpp_connector); + if (!connector) { + wpabuf_free(msg); + return; + } + wpabuf_put_le16(msg, DPP_ATTR_CONNECTOR); + wpabuf_put_le16(msg, os_strlen(connector)); + wpabuf_put_str(msg, connector); + os_free(connector); + goto skip_connector; + } +#endif /* CONFIG_TESTING_OPTIONS */ + + /* DPP Connector */ + if (status == DPP_STATUS_OK) { + wpabuf_put_le16(msg, DPP_ATTR_CONNECTOR); + wpabuf_put_le16(msg, os_strlen(hapd->conf->dpp_connector)); + wpabuf_put_str(msg, hapd->conf->dpp_connector); + } + +#ifdef CONFIG_TESTING_OPTIONS +skip_connector: +#endif /* CONFIG_TESTING_OPTIONS */ + + wpa_printf(MSG_DEBUG, "DPP: Send Peer Discovery Response to " MACSTR + " status=%d", MAC2STR(src), status); + wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR + " freq=%u type=%d status=%d", MAC2STR(src), freq, + DPP_PA_PEER_DISCOVERY_RESP, status); + hostapd_drv_send_action(hapd, freq, 0, src, + wpabuf_head(msg), wpabuf_len(msg)); + wpabuf_free(msg); +} + + +static void hostapd_dpp_rx_peer_disc_req(struct hostapd_data *hapd, + const u8 *src, + const u8 *buf, size_t len, + unsigned int freq) +{ + const u8 *connector, *trans_id; + u16 connector_len, trans_id_len; + struct os_time now; + struct dpp_introduction intro; + os_time_t expire; + int expiration; + enum dpp_status_error res; + + wpa_printf(MSG_DEBUG, "DPP: Peer Discovery Request from " MACSTR, + MAC2STR(src)); + if (!hapd->wpa_auth || + !(hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_DPP) || + !(hapd->conf->wpa & WPA_PROTO_RSN)) { + wpa_printf(MSG_DEBUG, "DPP: DPP AKM not in use"); + return; + } + + if (!hapd->conf->dpp_connector || !hapd->conf->dpp_netaccesskey || + !hapd->conf->dpp_csign) { + wpa_printf(MSG_DEBUG, "DPP: No own Connector/keys set"); + return; + } + + os_get_time(&now); + + if (hapd->conf->dpp_netaccesskey_expiry && + (os_time_t) hapd->conf->dpp_netaccesskey_expiry < now.sec) { + wpa_printf(MSG_INFO, "DPP: Own netAccessKey expired"); + return; + } + + trans_id = dpp_get_attr(buf, len, DPP_ATTR_TRANSACTION_ID, + &trans_id_len); + if (!trans_id || trans_id_len != 1) { + wpa_printf(MSG_DEBUG, + "DPP: Peer did not include Transaction ID"); + return; + } + + connector = dpp_get_attr(buf, len, DPP_ATTR_CONNECTOR, &connector_len); + if (!connector) { + wpa_printf(MSG_DEBUG, + "DPP: Peer did not include its Connector"); + return; + } + + res = dpp_peer_intro(&intro, hapd->conf->dpp_connector, + wpabuf_head(hapd->conf->dpp_netaccesskey), + wpabuf_len(hapd->conf->dpp_netaccesskey), + wpabuf_head(hapd->conf->dpp_csign), + wpabuf_len(hapd->conf->dpp_csign), + connector, connector_len, &expire); + if (res == 255) { + wpa_printf(MSG_INFO, + "DPP: Network Introduction protocol resulted in internal failure (peer " + MACSTR ")", MAC2STR(src)); + return; + } + if (res != DPP_STATUS_OK) { + wpa_printf(MSG_INFO, + "DPP: Network Introduction protocol resulted in failure (peer " + MACSTR " status %d)", MAC2STR(src), res); + hostapd_dpp_send_peer_disc_resp(hapd, src, freq, trans_id[0], + res); + return; + } + + if (!expire || (os_time_t) hapd->conf->dpp_netaccesskey_expiry < expire) + expire = hapd->conf->dpp_netaccesskey_expiry; + if (expire) + expiration = expire - now.sec; + else + expiration = 0; + + if (wpa_auth_pmksa_add2(hapd->wpa_auth, src, intro.pmk, intro.pmk_len, + intro.pmkid, expiration, + WPA_KEY_MGMT_DPP) < 0) { + wpa_printf(MSG_ERROR, "DPP: Failed to add PMKSA cache entry"); + return; + } + + hostapd_dpp_send_peer_disc_resp(hapd, src, freq, trans_id[0], + DPP_STATUS_OK); +} + + +static void +hostapd_dpp_rx_pkex_exchange_req(struct hostapd_data *hapd, const u8 *src, + const u8 *buf, size_t len, + unsigned int freq) +{ + struct wpabuf *msg; + + wpa_printf(MSG_DEBUG, "DPP: PKEX Exchange Request from " MACSTR, + MAC2STR(src)); + + /* TODO: Support multiple PKEX codes by iterating over all the enabled + * values here */ + + if (!hapd->dpp_pkex_code || !hapd->dpp_pkex_bi) { + wpa_printf(MSG_DEBUG, + "DPP: No PKEX code configured - ignore request"); + return; + } + + if (hapd->dpp_pkex) { + /* TODO: Support parallel operations */ + wpa_printf(MSG_DEBUG, + "DPP: Already in PKEX session - ignore new request"); + return; + } + + hapd->dpp_pkex = dpp_pkex_rx_exchange_req(hapd->msg_ctx, + hapd->dpp_pkex_bi, + hapd->own_addr, src, + hapd->dpp_pkex_identifier, + hapd->dpp_pkex_code, + buf, len); + if (!hapd->dpp_pkex) { + wpa_printf(MSG_DEBUG, + "DPP: Failed to process the request - ignore it"); + return; + } + + msg = hapd->dpp_pkex->exchange_resp; + wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR + " freq=%u type=%d", MAC2STR(src), freq, + DPP_PA_PKEX_EXCHANGE_RESP); + hostapd_drv_send_action(hapd, freq, 0, src, + wpabuf_head(msg), wpabuf_len(msg)); + if (hapd->dpp_pkex->failed) { + wpa_printf(MSG_DEBUG, + "DPP: Terminate PKEX exchange due to an earlier error"); + if (hapd->dpp_pkex->t > hapd->dpp_pkex->own_bi->pkex_t) + hapd->dpp_pkex->own_bi->pkex_t = hapd->dpp_pkex->t; + dpp_pkex_free(hapd->dpp_pkex); + hapd->dpp_pkex = NULL; + } +} + + +static void +hostapd_dpp_rx_pkex_exchange_resp(struct hostapd_data *hapd, const u8 *src, + const u8 *buf, size_t len, unsigned int freq) +{ + struct wpabuf *msg; + + wpa_printf(MSG_DEBUG, "DPP: PKEX Exchange Response from " MACSTR, + MAC2STR(src)); + + /* TODO: Support multiple PKEX codes by iterating over all the enabled + * values here */ + + if (!hapd->dpp_pkex || !hapd->dpp_pkex->initiator || + hapd->dpp_pkex->exchange_done) { + wpa_printf(MSG_DEBUG, "DPP: No matching PKEX session"); + return; + } + + msg = dpp_pkex_rx_exchange_resp(hapd->dpp_pkex, src, buf, len); + if (!msg) { + wpa_printf(MSG_DEBUG, "DPP: Failed to process the response"); + return; + } + + wpa_printf(MSG_DEBUG, "DPP: Send PKEX Commit-Reveal Request to " MACSTR, + MAC2STR(src)); + + wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR + " freq=%u type=%d", MAC2STR(src), freq, + DPP_PA_PKEX_COMMIT_REVEAL_REQ); + hostapd_drv_send_action(hapd, freq, 0, src, + wpabuf_head(msg), wpabuf_len(msg)); + wpabuf_free(msg); +} + + +static void +hostapd_dpp_rx_pkex_commit_reveal_req(struct hostapd_data *hapd, const u8 *src, + const u8 *hdr, const u8 *buf, size_t len, + unsigned int freq) +{ + struct wpabuf *msg; + struct dpp_pkex *pkex = hapd->dpp_pkex; + struct dpp_bootstrap_info *bi; + + wpa_printf(MSG_DEBUG, "DPP: PKEX Commit-Reveal Request from " MACSTR, + MAC2STR(src)); + + if (!pkex || pkex->initiator || !pkex->exchange_done) { + wpa_printf(MSG_DEBUG, "DPP: No matching PKEX session"); + return; + } + + msg = dpp_pkex_rx_commit_reveal_req(pkex, hdr, buf, len); + if (!msg) { + wpa_printf(MSG_DEBUG, "DPP: Failed to process the request"); + if (hapd->dpp_pkex->failed) { + wpa_printf(MSG_DEBUG, "DPP: Terminate PKEX exchange"); + if (hapd->dpp_pkex->t > hapd->dpp_pkex->own_bi->pkex_t) + hapd->dpp_pkex->own_bi->pkex_t = + hapd->dpp_pkex->t; + dpp_pkex_free(hapd->dpp_pkex); + hapd->dpp_pkex = NULL; + } + return; + } + + wpa_printf(MSG_DEBUG, "DPP: Send PKEX Commit-Reveal Response to " + MACSTR, MAC2STR(src)); + + wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR + " freq=%u type=%d", MAC2STR(src), freq, + DPP_PA_PKEX_COMMIT_REVEAL_RESP); + hostapd_drv_send_action(hapd, freq, 0, src, + wpabuf_head(msg), wpabuf_len(msg)); + wpabuf_free(msg); + + bi = os_zalloc(sizeof(*bi)); + if (!bi) + return; + bi->id = hapd_dpp_next_id(hapd); + bi->type = DPP_BOOTSTRAP_PKEX; + os_memcpy(bi->mac_addr, src, ETH_ALEN); + bi->num_freq = 1; + bi->freq[0] = freq; + bi->curve = pkex->own_bi->curve; + bi->pubkey = pkex->peer_bootstrap_key; + pkex->peer_bootstrap_key = NULL; + dpp_pkex_free(pkex); + hapd->dpp_pkex = NULL; + if (dpp_bootstrap_key_hash(bi) < 0) { + dpp_bootstrap_info_free(bi); + return; + } + dl_list_add(&hapd->iface->interfaces->dpp_bootstrap, &bi->list); +} + + +static void +hostapd_dpp_rx_pkex_commit_reveal_resp(struct hostapd_data *hapd, const u8 *src, + const u8 *hdr, const u8 *buf, size_t len, + unsigned int freq) +{ + int res; + struct dpp_bootstrap_info *bi, *own_bi; + struct dpp_pkex *pkex = hapd->dpp_pkex; + char cmd[500]; + + wpa_printf(MSG_DEBUG, "DPP: PKEX Commit-Reveal Response from " MACSTR, + MAC2STR(src)); + + if (!pkex || !pkex->initiator || !pkex->exchange_done) { + wpa_printf(MSG_DEBUG, "DPP: No matching PKEX session"); + return; + } + + res = dpp_pkex_rx_commit_reveal_resp(pkex, hdr, buf, len); + if (res < 0) { + wpa_printf(MSG_DEBUG, "DPP: Failed to process the response"); + return; + } + + own_bi = pkex->own_bi; + + bi = os_zalloc(sizeof(*bi)); + if (!bi) + return; + bi->id = hapd_dpp_next_id(hapd); + bi->type = DPP_BOOTSTRAP_PKEX; + os_memcpy(bi->mac_addr, src, ETH_ALEN); + bi->num_freq = 1; + bi->freq[0] = freq; + bi->curve = own_bi->curve; + bi->pubkey = pkex->peer_bootstrap_key; + pkex->peer_bootstrap_key = NULL; + dpp_pkex_free(pkex); + hapd->dpp_pkex = NULL; + if (dpp_bootstrap_key_hash(bi) < 0) { + dpp_bootstrap_info_free(bi); + return; + } + dl_list_add(&hapd->iface->interfaces->dpp_bootstrap, &bi->list); + + os_snprintf(cmd, sizeof(cmd), " peer=%u %s", + bi->id, + hapd->dpp_pkex_auth_cmd ? hapd->dpp_pkex_auth_cmd : ""); + wpa_printf(MSG_DEBUG, + "DPP: Start authentication after PKEX with parameters: %s", + cmd); + if (hostapd_dpp_auth_init(hapd, cmd) < 0) { + wpa_printf(MSG_DEBUG, + "DPP: Authentication initialization failed"); + return; + } +} + + +void hostapd_dpp_rx_action(struct hostapd_data *hapd, const u8 *src, + const u8 *buf, size_t len, unsigned int freq) +{ + u8 crypto_suite; + enum dpp_public_action_frame_type type; + const u8 *hdr; + unsigned int pkex_t; + + if (len < DPP_HDR_LEN) + return; + if (WPA_GET_BE24(buf) != OUI_WFA || buf[3] != DPP_OUI_TYPE) + return; + hdr = buf; + buf += 4; + len -= 4; + crypto_suite = *buf++; + type = *buf++; + len -= 2; + + wpa_printf(MSG_DEBUG, + "DPP: Received DPP Public Action frame crypto suite %u type %d from " + MACSTR " freq=%u", + crypto_suite, type, MAC2STR(src), freq); + if (crypto_suite != 1) { + wpa_printf(MSG_DEBUG, "DPP: Unsupported crypto suite %u", + crypto_suite); + wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_RX "src=" MACSTR + " freq=%u type=%d ignore=unsupported-crypto-suite", + MAC2STR(src), freq, type); + return; + } + wpa_hexdump(MSG_MSGDUMP, "DPP: Received message attributes", buf, len); + if (dpp_check_attrs(buf, len) < 0) { + wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_RX "src=" MACSTR + " freq=%u type=%d ignore=invalid-attributes", + MAC2STR(src), freq, type); + return; + } + wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_RX "src=" MACSTR + " freq=%u type=%d", MAC2STR(src), freq, type); + + switch (type) { + case DPP_PA_AUTHENTICATION_REQ: + hostapd_dpp_rx_auth_req(hapd, src, hdr, buf, len, freq); + break; + case DPP_PA_AUTHENTICATION_RESP: + hostapd_dpp_rx_auth_resp(hapd, src, hdr, buf, len, freq); + break; + case DPP_PA_AUTHENTICATION_CONF: + hostapd_dpp_rx_auth_conf(hapd, src, hdr, buf, len); + break; + case DPP_PA_PEER_DISCOVERY_REQ: + hostapd_dpp_rx_peer_disc_req(hapd, src, buf, len, freq); + break; + case DPP_PA_PKEX_EXCHANGE_REQ: + hostapd_dpp_rx_pkex_exchange_req(hapd, src, buf, len, freq); + break; + case DPP_PA_PKEX_EXCHANGE_RESP: + hostapd_dpp_rx_pkex_exchange_resp(hapd, src, buf, len, freq); + break; + case DPP_PA_PKEX_COMMIT_REVEAL_REQ: + hostapd_dpp_rx_pkex_commit_reveal_req(hapd, src, hdr, buf, len, + freq); + break; + case DPP_PA_PKEX_COMMIT_REVEAL_RESP: + hostapd_dpp_rx_pkex_commit_reveal_resp(hapd, src, hdr, buf, len, + freq); + break; + default: + wpa_printf(MSG_DEBUG, + "DPP: Ignored unsupported frame subtype %d", type); + break; + } + + if (hapd->dpp_pkex) + pkex_t = hapd->dpp_pkex->t; + else if (hapd->dpp_pkex_bi) + pkex_t = hapd->dpp_pkex_bi->pkex_t; + else + pkex_t = 0; + if (pkex_t >= PKEX_COUNTER_T_LIMIT) { + wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_PKEX_T_LIMIT "id=0"); + hostapd_dpp_pkex_remove(hapd, "*"); + } +} + + +struct wpabuf * +hostapd_dpp_gas_req_handler(struct hostapd_data *hapd, const u8 *sa, + const u8 *query, size_t query_len) +{ + struct dpp_authentication *auth = hapd->dpp_auth; + struct wpabuf *resp; + + wpa_printf(MSG_DEBUG, "DPP: GAS request from " MACSTR, MAC2STR(sa)); + if (!auth || !auth->auth_success || + os_memcmp(sa, auth->peer_mac_addr, ETH_ALEN) != 0) { + wpa_printf(MSG_DEBUG, "DPP: No matching exchange in progress"); + return NULL; + } + wpa_hexdump(MSG_DEBUG, + "DPP: Received Configuration Request (GAS Query Request)", + query, query_len); + wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_CONF_REQ_RX "src=" MACSTR, + MAC2STR(sa)); + resp = dpp_conf_req_rx(auth, query, query_len); + if (!resp) + wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_CONF_FAILED); + return resp; +} + + +void hostapd_dpp_gas_status_handler(struct hostapd_data *hapd, int ok) +{ + if (!hapd->dpp_auth) + return; + + eloop_cancel_timeout(hostapd_dpp_reply_wait_timeout, hapd, NULL); + eloop_cancel_timeout(hostapd_dpp_auth_resp_retry_timeout, hapd, NULL); + hostapd_drv_send_action_cancel_wait(hapd); + + if (ok) + wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_CONF_SENT); + else + wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_CONF_FAILED); + dpp_auth_deinit(hapd->dpp_auth); + hapd->dpp_auth = NULL; +} + + +static unsigned int hostapd_dpp_next_configurator_id(struct hostapd_data *hapd) +{ + struct dpp_configurator *conf; + unsigned int max_id = 0; + + dl_list_for_each(conf, &hapd->iface->interfaces->dpp_configurator, + struct dpp_configurator, list) { + if (conf->id > max_id) + max_id = conf->id; + } + return max_id + 1; +} + + +int hostapd_dpp_configurator_add(struct hostapd_data *hapd, const char *cmd) +{ + char *curve = NULL; + char *key = NULL; + u8 *privkey = NULL; + size_t privkey_len = 0; + int ret = -1; + struct dpp_configurator *conf = NULL; + + curve = get_param(cmd, " curve="); + key = get_param(cmd, " key="); + + if (key) { + privkey_len = os_strlen(key) / 2; + privkey = os_malloc(privkey_len); + if (!privkey || + hexstr2bin(key, privkey, privkey_len) < 0) + goto fail; + } + + conf = dpp_keygen_configurator(curve, privkey, privkey_len); + if (!conf) + goto fail; + + conf->id = hostapd_dpp_next_configurator_id(hapd); + dl_list_add(&hapd->iface->interfaces->dpp_configurator, &conf->list); + ret = conf->id; + conf = NULL; +fail: + os_free(curve); + str_clear_free(key); + bin_clear_free(privkey, privkey_len); + dpp_configurator_free(conf); + return ret; +} + + +static int dpp_configurator_del(struct hapd_interfaces *ifaces, unsigned int id) +{ + struct dpp_configurator *conf, *tmp; + int found = 0; + + dl_list_for_each_safe(conf, tmp, &ifaces->dpp_configurator, + struct dpp_configurator, list) { + if (id && conf->id != id) + continue; + found = 1; + dl_list_del(&conf->list); + dpp_configurator_free(conf); + } + + if (id == 0) + return 0; /* flush succeeds regardless of entries found */ + return found ? 0 : -1; +} + + +int hostapd_dpp_configurator_remove(struct hostapd_data *hapd, const char *id) +{ + unsigned int id_val; + + if (os_strcmp(id, "*") == 0) { + id_val = 0; + } else { + id_val = atoi(id); + if (id_val == 0) + return -1; + } + + return dpp_configurator_del(hapd->iface->interfaces, id_val); +} + + +int hostapd_dpp_configurator_sign(struct hostapd_data *hapd, const char *cmd) +{ + struct dpp_authentication *auth; + int ret = -1; + char *curve = NULL; + + auth = os_zalloc(sizeof(*auth)); + if (!auth) + return -1; + + curve = get_param(cmd, " curve="); + hostapd_dpp_set_testing_options(hapd, auth); + if (hostapd_dpp_set_configurator(hapd, auth, cmd) == 0 && + dpp_configurator_own_config(auth, curve, 1) == 0) { + hostapd_dpp_handle_config_obj(hapd, auth); + ret = 0; + } + + dpp_auth_deinit(auth); + os_free(curve); + + return ret; +} + + +int hostapd_dpp_configurator_get_key(struct hostapd_data *hapd, unsigned int id, + char *buf, size_t buflen) +{ + struct dpp_configurator *conf; + + conf = hostapd_dpp_configurator_get_id(hapd, id); + if (!conf) + return -1; + + return dpp_configurator_get_key(conf, buf, buflen); +} + + +int hostapd_dpp_pkex_add(struct hostapd_data *hapd, const char *cmd) +{ + struct dpp_bootstrap_info *own_bi; + const char *pos, *end; + + pos = os_strstr(cmd, " own="); + if (!pos) + return -1; + pos += 5; + own_bi = dpp_bootstrap_get_id(hapd, atoi(pos)); + if (!own_bi) { + wpa_printf(MSG_DEBUG, + "DPP: Identified bootstrap info not found"); + return -1; + } + if (own_bi->type != DPP_BOOTSTRAP_PKEX) { + wpa_printf(MSG_DEBUG, + "DPP: Identified bootstrap info not for PKEX"); + return -1; + } + hapd->dpp_pkex_bi = own_bi; + own_bi->pkex_t = 0; /* clear pending errors on new code */ + + os_free(hapd->dpp_pkex_identifier); + hapd->dpp_pkex_identifier = NULL; + pos = os_strstr(cmd, " identifier="); + if (pos) { + pos += 12; + end = os_strchr(pos, ' '); + if (!end) + return -1; + hapd->dpp_pkex_identifier = os_malloc(end - pos + 1); + if (!hapd->dpp_pkex_identifier) + return -1; + os_memcpy(hapd->dpp_pkex_identifier, pos, end - pos); + hapd->dpp_pkex_identifier[end - pos] = '\0'; + } + + pos = os_strstr(cmd, " code="); + if (!pos) + return -1; + os_free(hapd->dpp_pkex_code); + hapd->dpp_pkex_code = os_strdup(pos + 6); + if (!hapd->dpp_pkex_code) + return -1; + + if (os_strstr(cmd, " init=1")) { + struct wpabuf *msg; + + wpa_printf(MSG_DEBUG, "DPP: Initiating PKEX"); + dpp_pkex_free(hapd->dpp_pkex); + hapd->dpp_pkex = dpp_pkex_init(hapd->msg_ctx, own_bi, + hapd->own_addr, + hapd->dpp_pkex_identifier, + hapd->dpp_pkex_code); + if (!hapd->dpp_pkex) + return -1; + + msg = hapd->dpp_pkex->exchange_req; + /* TODO: Which channel to use? */ + wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR + " freq=%u type=%d", MAC2STR(broadcast), 2437, + DPP_PA_PKEX_EXCHANGE_REQ); + hostapd_drv_send_action(hapd, 2437, 0, broadcast, + wpabuf_head(msg), wpabuf_len(msg)); + } + + /* TODO: Support multiple PKEX info entries */ + + os_free(hapd->dpp_pkex_auth_cmd); + hapd->dpp_pkex_auth_cmd = os_strdup(cmd); + + return 1; +} + + +int hostapd_dpp_pkex_remove(struct hostapd_data *hapd, const char *id) +{ + unsigned int id_val; + + if (os_strcmp(id, "*") == 0) { + id_val = 0; + } else { + id_val = atoi(id); + if (id_val == 0) + return -1; + } + + if ((id_val != 0 && id_val != 1) || !hapd->dpp_pkex_code) + return -1; + + /* TODO: Support multiple PKEX entries */ + os_free(hapd->dpp_pkex_code); + hapd->dpp_pkex_code = NULL; + os_free(hapd->dpp_pkex_identifier); + hapd->dpp_pkex_identifier = NULL; + os_free(hapd->dpp_pkex_auth_cmd); + hapd->dpp_pkex_auth_cmd = NULL; + hapd->dpp_pkex_bi = NULL; + /* TODO: Remove dpp_pkex only if it is for the identified PKEX code */ + dpp_pkex_free(hapd->dpp_pkex); + hapd->dpp_pkex = NULL; + return 0; +} + + +void hostapd_dpp_stop(struct hostapd_data *hapd) +{ + dpp_auth_deinit(hapd->dpp_auth); + hapd->dpp_auth = NULL; + dpp_pkex_free(hapd->dpp_pkex); + hapd->dpp_pkex = NULL; +} + + +int hostapd_dpp_init(struct hostapd_data *hapd) +{ + hapd->dpp_allowed_roles = DPP_CAPAB_CONFIGURATOR | DPP_CAPAB_ENROLLEE; + hapd->dpp_init_done = 1; + return 0; +} + + +void hostapd_dpp_deinit(struct hostapd_data *hapd) +{ +#ifdef CONFIG_TESTING_OPTIONS + os_free(hapd->dpp_config_obj_override); + hapd->dpp_config_obj_override = NULL; + os_free(hapd->dpp_discovery_override); + hapd->dpp_discovery_override = NULL; + os_free(hapd->dpp_groups_override); + hapd->dpp_groups_override = NULL; + hapd->dpp_ignore_netaccesskey_mismatch = 0; +#endif /* CONFIG_TESTING_OPTIONS */ + if (!hapd->dpp_init_done) + return; + eloop_cancel_timeout(hostapd_dpp_reply_wait_timeout, hapd, NULL); + eloop_cancel_timeout(hostapd_dpp_init_timeout, hapd, NULL); + eloop_cancel_timeout(hostapd_dpp_auth_resp_retry_timeout, hapd, NULL); + dpp_auth_deinit(hapd->dpp_auth); + hapd->dpp_auth = NULL; + hostapd_dpp_pkex_remove(hapd, "*"); + hapd->dpp_pkex = NULL; + os_free(hapd->dpp_configurator_params); + hapd->dpp_configurator_params = NULL; +} + + +void hostapd_dpp_init_global(struct hapd_interfaces *ifaces) +{ + dl_list_init(&ifaces->dpp_bootstrap); + dl_list_init(&ifaces->dpp_configurator); + ifaces->dpp_init_done = 1; +} + + +void hostapd_dpp_deinit_global(struct hapd_interfaces *ifaces) +{ + if (!ifaces->dpp_init_done) + return; + dpp_bootstrap_del(ifaces, 0); + dpp_configurator_del(ifaces, 0); +} diff --git a/contrib/wpa/src/ap/dpp_hostapd.h b/contrib/wpa/src/ap/dpp_hostapd.h new file mode 100644 index 000000000000..3ef7c14567e8 --- /dev/null +++ b/contrib/wpa/src/ap/dpp_hostapd.h @@ -0,0 +1,43 @@ +/* + * hostapd / DPP integration + * Copyright (c) 2017, Qualcomm Atheros, Inc. + * + * This software may be distributed under the terms of the BSD license. + * See README for more details. + */ + +#ifndef DPP_HOSTAPD_H +#define DPP_HOSTAPD_H + +int hostapd_dpp_qr_code(struct hostapd_data *hapd, const char *cmd); +int hostapd_dpp_bootstrap_gen(struct hostapd_data *hapd, const char *cmd); +int hostapd_dpp_bootstrap_remove(struct hostapd_data *hapd, const char *id); +const char * hostapd_dpp_bootstrap_get_uri(struct hostapd_data *hapd, + unsigned int id); +int hostapd_dpp_bootstrap_info(struct hostapd_data *hapd, int id, + char *reply, int reply_size); +int hostapd_dpp_auth_init(struct hostapd_data *hapd, const char *cmd); +int hostapd_dpp_listen(struct hostapd_data *hapd, const char *cmd); +void hostapd_dpp_listen_stop(struct hostapd_data *hapd); +void hostapd_dpp_rx_action(struct hostapd_data *hapd, const u8 *src, + const u8 *buf, size_t len, unsigned int freq); +void hostapd_dpp_tx_status(struct hostapd_data *hapd, const u8 *dst, + const u8 *data, size_t data_len, int ok); +struct wpabuf * +hostapd_dpp_gas_req_handler(struct hostapd_data *hapd, const u8 *sa, + const u8 *query, size_t query_len); +void hostapd_dpp_gas_status_handler(struct hostapd_data *hapd, int ok); +int hostapd_dpp_configurator_add(struct hostapd_data *hapd, const char *cmd); +int hostapd_dpp_configurator_remove(struct hostapd_data *hapd, const char *id); +int hostapd_dpp_configurator_sign(struct hostapd_data *hapd, const char *cmd); +int hostapd_dpp_configurator_get_key(struct hostapd_data *hapd, unsigned int id, + char *buf, size_t buflen); +int hostapd_dpp_pkex_add(struct hostapd_data *hapd, const char *cmd); +int hostapd_dpp_pkex_remove(struct hostapd_data *hapd, const char *id); +void hostapd_dpp_stop(struct hostapd_data *hapd); +int hostapd_dpp_init(struct hostapd_data *hapd); +void hostapd_dpp_deinit(struct hostapd_data *hapd); +void hostapd_dpp_init_global(struct hapd_interfaces *ifaces); +void hostapd_dpp_deinit_global(struct hapd_interfaces *ifaces); + +#endif /* DPP_HOSTAPD_H */ diff --git a/contrib/wpa/src/ap/drv_callbacks.c b/contrib/wpa/src/ap/drv_callbacks.c index 3552b3e0d53b..a726a6ff87e0 100644 --- a/contrib/wpa/src/ap/drv_callbacks.c +++ b/contrib/wpa/src/ap/drv_callbacks.c @@ -31,10 +31,74 @@ #include "wps_hostapd.h" #include "ap_drv_ops.h" #include "ap_config.h" +#include "ap_mlme.h" #include "hw_features.h" #include "dfs.h" #include "beacon.h" #include "mbo_ap.h" +#include "dpp_hostapd.h" +#include "fils_hlp.h" + + +#ifdef CONFIG_FILS +void hostapd_notify_assoc_fils_finish(struct hostapd_data *hapd, + struct sta_info *sta) +{ + u16 reply_res = WLAN_STATUS_SUCCESS; + struct ieee802_11_elems elems; + u8 buf[IEEE80211_MAX_MMPDU_SIZE], *p = buf; + int new_assoc; + + wpa_printf(MSG_DEBUG, "%s FILS: Finish association with " MACSTR, + __func__, MAC2STR(sta->addr)); + eloop_cancel_timeout(fils_hlp_timeout, hapd, sta); + if (!sta->fils_pending_assoc_req) + return; + + ieee802_11_parse_elems(sta->fils_pending_assoc_req, + sta->fils_pending_assoc_req_len, &elems, 0); + if (!elems.fils_session) { + wpa_printf(MSG_DEBUG, "%s failed to find FILS Session element", + __func__); + return; + } + + p = hostapd_eid_assoc_fils_session(sta->wpa_sm, p, + elems.fils_session, + sta->fils_hlp_resp); + + reply_res = hostapd_sta_assoc(hapd, sta->addr, + sta->fils_pending_assoc_is_reassoc, + WLAN_STATUS_SUCCESS, + buf, p - buf); + ap_sta_set_authorized(hapd, sta, 1); + new_assoc = (sta->flags & WLAN_STA_ASSOC) == 0; + sta->flags |= WLAN_STA_AUTH | WLAN_STA_ASSOC; + sta->flags &= ~WLAN_STA_WNM_SLEEP_MODE; + hostapd_set_sta_flags(hapd, sta); + wpa_auth_sm_event(sta->wpa_sm, WPA_ASSOC_FILS); + ieee802_1x_notify_port_enabled(sta->eapol_sm, 1); + hostapd_new_assoc_sta(hapd, sta, !new_assoc); + os_free(sta->fils_pending_assoc_req); + sta->fils_pending_assoc_req = NULL; + sta->fils_pending_assoc_req_len = 0; + wpabuf_free(sta->fils_hlp_resp); + sta->fils_hlp_resp = NULL; + wpabuf_free(sta->hlp_dhcp_discover); + sta->hlp_dhcp_discover = NULL; + fils_hlp_deinit(hapd); + + /* + * Remove the station in case transmission of a success response fails + * (the STA was added associated to the driver) or if the station was + * previously added unassociated. + */ + if (reply_res != WLAN_STATUS_SUCCESS || sta->added_unassoc) { + hostapd_drv_sta_remove(hapd, sta->addr); + sta->added_unassoc = 0; + } +} +#endif /* CONFIG_FILS */ int hostapd_notif_assoc(struct hostapd_data *hapd, const u8 *addr, @@ -45,10 +109,10 @@ int hostapd_notif_assoc(struct hostapd_data *hapd, const u8 *addr, struct ieee802_11_elems elems; const u8 *ie; size_t ielen; -#if defined(CONFIG_IEEE80211R) || defined(CONFIG_IEEE80211W) +#if defined(CONFIG_IEEE80211R_AP) || defined(CONFIG_IEEE80211W) || defined(CONFIG_FILS) || defined(CONFIG_OWE) u8 buf[sizeof(struct ieee80211_mgmt) + 1024]; u8 *p = buf; -#endif /* CONFIG_IEEE80211R || CONFIG_IEEE80211W */ +#endif /* CONFIG_IEEE80211R_AP || CONFIG_IEEE80211W || CONFIG_FILS || CONFIG_OWE */ u16 reason = WLAN_REASON_UNSPECIFIED; u16 status = WLAN_STATUS_SUCCESS; const u8 *p2p_dev_addr = NULL; @@ -171,6 +235,14 @@ int hostapd_notif_assoc(struct hostapd_data *hapd, const u8 *addr, elems.hs20_len - 4); } else sta->hs20_ie = NULL; + + wpabuf_free(sta->roaming_consortium); + if (elems.roaming_cons_sel) + sta->roaming_consortium = wpabuf_alloc_copy( + elems.roaming_cons_sel + 4, + elems.roaming_cons_sel_len - 4); + else + sta->roaming_consortium = NULL; #endif /* CONFIG_HS20 */ #ifdef CONFIG_FST @@ -198,7 +270,9 @@ int hostapd_notif_assoc(struct hostapd_data *hapd, const u8 *addr, #endif /* CONFIG_WPS */ wpa_printf(MSG_DEBUG, "No WPA/RSN IE from STA"); - return -1; + reason = WLAN_REASON_INVALID_IE; + status = WLAN_STATUS_INVALID_IE; + goto fail; } #ifdef CONFIG_WPS if (hapd->conf->wps_state && ie[0] == 0xdd && ie[1] >= 4 && @@ -231,7 +305,8 @@ int hostapd_notif_assoc(struct hostapd_data *hapd, const u8 *addr, } res = wpa_validate_wpa_ie(hapd->wpa_auth, sta->wpa_sm, ie, ielen, - elems.mdie, elems.mdie_len); + elems.mdie, elems.mdie_len, + elems.owe_dh, elems.owe_dh_len); if (res != WPA_IE_OK) { wpa_printf(MSG_DEBUG, "WPA/RSN information element rejected? (res %u)", @@ -252,8 +327,8 @@ int hostapd_notif_assoc(struct hostapd_data *hapd, const u8 *addr, reason = WLAN_REASON_INVALID_IE; status = WLAN_STATUS_INVALID_IE; } else if (res == WPA_INVALID_MGMT_GROUP_CIPHER) { - reason = WLAN_REASON_GROUP_CIPHER_NOT_VALID; - status = WLAN_STATUS_GROUP_CIPHER_NOT_VALID; + reason = WLAN_REASON_CIPHER_SUITE_REJECTED; + status = WLAN_STATUS_CIPHER_REJECTED_PER_POLICY; } #endif /* CONFIG_IEEE80211W */ else { @@ -263,10 +338,14 @@ int hostapd_notif_assoc(struct hostapd_data *hapd, const u8 *addr, goto fail; } #ifdef CONFIG_IEEE80211W - if ((sta->flags & WLAN_STA_MFP) && !sta->sa_query_timed_out && + if ((sta->flags & (WLAN_STA_ASSOC | WLAN_STA_MFP)) == + (WLAN_STA_ASSOC | WLAN_STA_MFP) && + !sta->sa_query_timed_out && sta->sa_query_count > 0) ap_check_sa_query_timeout(hapd, sta); - if ((sta->flags & WLAN_STA_MFP) && !sta->sa_query_timed_out && + if ((sta->flags & (WLAN_STA_ASSOC | WLAN_STA_MFP)) == + (WLAN_STA_ASSOC | WLAN_STA_MFP) && + !sta->sa_query_timed_out && (sta->auth_alg != WLAN_AUTH_FT)) { /* * STA has already been associated with MFP and SA @@ -293,7 +372,7 @@ int hostapd_notif_assoc(struct hostapd_data *hapd, const u8 *addr, sta->flags &= ~WLAN_STA_MFP; #endif /* CONFIG_IEEE80211W */ -#ifdef CONFIG_IEEE80211R +#ifdef CONFIG_IEEE80211R_AP if (sta->auth_alg == WLAN_AUTH_FT) { status = wpa_ft_validate_reassoc(sta->wpa_sm, req_ies, req_ies_len); @@ -307,7 +386,7 @@ int hostapd_notif_assoc(struct hostapd_data *hapd, const u8 *addr, goto fail; } } -#endif /* CONFIG_IEEE80211R */ +#endif /* CONFIG_IEEE80211R_AP */ } else if (hapd->conf->wps_state) { #ifdef CONFIG_WPS struct wpabuf *wps; @@ -375,19 +454,128 @@ int hostapd_notif_assoc(struct hostapd_data *hapd, const u8 *addr, skip_wpa_check: #endif /* CONFIG_WPS */ -#ifdef CONFIG_IEEE80211R +#ifdef CONFIG_IEEE80211R_AP p = wpa_sm_write_assoc_resp_ies(sta->wpa_sm, buf, sizeof(buf), sta->auth_alg, req_ies, req_ies_len); + if (!p) { + wpa_printf(MSG_DEBUG, "FT: Failed to write AssocResp IEs"); + return WLAN_STATUS_UNSPECIFIED_FAILURE; + } +#endif /* CONFIG_IEEE80211R_AP */ + +#ifdef CONFIG_FILS + if (sta->auth_alg == WLAN_AUTH_FILS_SK || + sta->auth_alg == WLAN_AUTH_FILS_SK_PFS || + sta->auth_alg == WLAN_AUTH_FILS_PK) { + int delay_assoc = 0; + + if (!req_ies) + return WLAN_STATUS_UNSPECIFIED_FAILURE; + + if (!wpa_fils_validate_fils_session(sta->wpa_sm, req_ies, + req_ies_len, + sta->fils_session)) { + wpa_printf(MSG_DEBUG, + "FILS: Session validation failed"); + return WLAN_STATUS_UNSPECIFIED_FAILURE; + } + + res = wpa_fils_validate_key_confirm(sta->wpa_sm, req_ies, + req_ies_len); + if (res < 0) { + wpa_printf(MSG_DEBUG, + "FILS: Key Confirm validation failed"); + return WLAN_STATUS_UNSPECIFIED_FAILURE; + } + + if (fils_process_hlp(hapd, sta, req_ies, req_ies_len) > 0) { + wpa_printf(MSG_DEBUG, + "FILS: Delaying Assoc Response (HLP)"); + delay_assoc = 1; + } else { + wpa_printf(MSG_DEBUG, + "FILS: Going ahead with Assoc Response (no HLP)"); + } + + if (sta) { + wpa_printf(MSG_DEBUG, "FILS: HLP callback cleanup"); + eloop_cancel_timeout(fils_hlp_timeout, hapd, sta); + os_free(sta->fils_pending_assoc_req); + sta->fils_pending_assoc_req = NULL; + sta->fils_pending_assoc_req_len = 0; + wpabuf_free(sta->fils_hlp_resp); + sta->fils_hlp_resp = NULL; + sta->fils_drv_assoc_finish = 0; + } + + if (sta && delay_assoc && status == WLAN_STATUS_SUCCESS) { + u8 *req_tmp; + + req_tmp = os_malloc(req_ies_len); + if (!req_tmp) { + wpa_printf(MSG_DEBUG, + "FILS: buffer allocation failed for assoc req"); + goto fail; + } + os_memcpy(req_tmp, req_ies, req_ies_len); + sta->fils_pending_assoc_req = req_tmp; + sta->fils_pending_assoc_req_len = req_ies_len; + sta->fils_pending_assoc_is_reassoc = reassoc; + sta->fils_drv_assoc_finish = 1; + wpa_printf(MSG_DEBUG, + "FILS: Waiting for HLP processing before sending (Re)Association Response frame to " + MACSTR, MAC2STR(sta->addr)); + eloop_register_timeout( + 0, hapd->conf->fils_hlp_wait_time * 1024, + fils_hlp_timeout, hapd, sta); + return 0; + } + p = hostapd_eid_assoc_fils_session(sta->wpa_sm, p, + elems.fils_session, + sta->fils_hlp_resp); + wpa_hexdump(MSG_DEBUG, "FILS Assoc Resp BUF (IEs)", + buf, p - buf); + } +#endif /* CONFIG_FILS */ + +#ifdef CONFIG_OWE + if ((hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_OWE) && + wpa_auth_sta_key_mgmt(sta->wpa_sm) == WPA_KEY_MGMT_OWE && + elems.owe_dh) { + u8 *npos; + + npos = owe_assoc_req_process(hapd, sta, + elems.owe_dh, elems.owe_dh_len, + p, sizeof(buf) - (p - buf), + &reason); + if (npos) + p = npos; + if (!npos && + reason == WLAN_STATUS_FINITE_CYCLIC_GROUP_NOT_SUPPORTED) { + status = WLAN_STATUS_FINITE_CYCLIC_GROUP_NOT_SUPPORTED; + hostapd_sta_assoc(hapd, addr, reassoc, status, buf, + p - buf); + return 0; + } + + if (!npos || reason != WLAN_STATUS_SUCCESS) + goto fail; + } +#endif /* CONFIG_OWE */ +#if defined(CONFIG_IEEE80211R_AP) || defined(CONFIG_FILS) || defined(CONFIG_OWE) hostapd_sta_assoc(hapd, addr, reassoc, status, buf, p - buf); - if (sta->auth_alg == WLAN_AUTH_FT) + if (sta->auth_alg == WLAN_AUTH_FT || + sta->auth_alg == WLAN_AUTH_FILS_SK || + sta->auth_alg == WLAN_AUTH_FILS_SK_PFS || + sta->auth_alg == WLAN_AUTH_FILS_PK) ap_sta_set_authorized(hapd, sta, 1); -#else /* CONFIG_IEEE80211R */ +#else /* CONFIG_IEEE80211R_AP || CONFIG_FILS */ /* Keep compiler silent about unused variables */ if (status) { } -#endif /* CONFIG_IEEE80211R */ +#endif /* CONFIG_IEEE80211R_AP || CONFIG_FILS */ new_assoc = (sta->flags & WLAN_STA_ASSOC) == 0; sta->flags |= WLAN_STA_AUTH | WLAN_STA_ASSOC; @@ -397,6 +585,12 @@ skip_wpa_check: if (reassoc && (sta->auth_alg == WLAN_AUTH_FT)) wpa_auth_sm_event(sta->wpa_sm, WPA_ASSOC_FT); +#ifdef CONFIG_FILS + else if (sta->auth_alg == WLAN_AUTH_FILS_SK || + sta->auth_alg == WLAN_AUTH_FILS_SK_PFS || + sta->auth_alg == WLAN_AUTH_FILS_PK) + wpa_auth_sm_event(sta->wpa_sm, WPA_ASSOC_FILS); +#endif /* CONFIG_FILS */ else wpa_auth_sm_event(sta->wpa_sm, WPA_ASSOC); @@ -414,9 +608,9 @@ skip_wpa_check: return 0; fail: -#ifdef CONFIG_IEEE80211R +#ifdef CONFIG_IEEE80211R_AP hostapd_sta_assoc(hapd, addr, reassoc, status, buf, p - buf); -#endif /* CONFIG_IEEE80211R */ +#endif /* CONFIG_IEEE80211R_AP */ hostapd_drv_sta_disassoc(hapd, sta->addr, reason); ap_free_sta(hapd, sta); return -1; @@ -464,15 +658,81 @@ void hostapd_event_sta_low_ack(struct hostapd_data *hapd, const u8 *addr) { struct sta_info *sta = ap_get_sta(hapd, addr); - if (!sta || !hapd->conf->disassoc_low_ack) + if (!sta || !hapd->conf->disassoc_low_ack || sta->agreed_to_steer) return; hostapd_logger(hapd, addr, HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_INFO, "disconnected due to excessive missing ACKs"); hostapd_drv_sta_disassoc(hapd, addr, WLAN_REASON_DISASSOC_LOW_ACK); - if (sta) - ap_sta_disassociate(hapd, sta, WLAN_REASON_DISASSOC_LOW_ACK); + ap_sta_disassociate(hapd, sta, WLAN_REASON_DISASSOC_LOW_ACK); +} + + +void hostapd_event_sta_opmode_changed(struct hostapd_data *hapd, const u8 *addr, + enum smps_mode smps_mode, + enum chan_width chan_width, u8 rx_nss) +{ + struct sta_info *sta = ap_get_sta(hapd, addr); + const char *txt; + + if (!sta) + return; + + switch (smps_mode) { + case SMPS_AUTOMATIC: + txt = "automatic"; + break; + case SMPS_OFF: + txt = "off"; + break; + case SMPS_DYNAMIC: + txt = "dynamic"; + break; + case SMPS_STATIC: + txt = "static"; + break; + default: + txt = NULL; + break; + } + if (txt) { + wpa_msg(hapd->msg_ctx, MSG_INFO, STA_OPMODE_SMPS_MODE_CHANGED + MACSTR " %s", MAC2STR(addr), txt); + } + + switch (chan_width) { + case CHAN_WIDTH_20_NOHT: + txt = "20(no-HT)"; + break; + case CHAN_WIDTH_20: + txt = "20"; + break; + case CHAN_WIDTH_40: + txt = "40"; + break; + case CHAN_WIDTH_80: + txt = "80"; + break; + case CHAN_WIDTH_80P80: + txt = "80+80"; + break; + case CHAN_WIDTH_160: + txt = "160"; + break; + default: + txt = NULL; + break; + } + if (txt) { + wpa_msg(hapd->msg_ctx, MSG_INFO, STA_OPMODE_MAX_BW_CHANGED + MACSTR " %s", MAC2STR(addr), txt); + } + + if (rx_nss != 0xff) { + wpa_msg(hapd->msg_ctx, MSG_INFO, STA_OPMODE_N_SS_CHANGED + MACSTR " %d", MAC2STR(addr), rx_nss); + } } @@ -485,9 +745,9 @@ void hostapd_event_ch_switch(struct hostapd_data *hapd, int freq, int ht, hostapd_logger(hapd, NULL, HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_INFO, - "driver had channel switch: freq=%d, ht=%d, offset=%d, width=%d (%s), cf1=%d, cf2=%d", - freq, ht, offset, width, channel_width_to_string(width), - cf1, cf2); + "driver had channel switch: freq=%d, ht=%d, vht_ch=0x%x, offset=%d, width=%d (%s), cf1=%d, cf2=%d", + freq, ht, hapd->iconf->ch_switch_vht_config, offset, + width, channel_width_to_string(width), cf1, cf2); hapd->iface->freq = freq; @@ -532,14 +792,26 @@ void hostapd_event_ch_switch(struct hostapd_data *hapd, int freq, int ht, hapd->iconf->channel = channel; hapd->iconf->ieee80211n = ht; - if (!ht) + if (!ht) { hapd->iconf->ieee80211ac = 0; + } else if (hapd->iconf->ch_switch_vht_config) { + /* CHAN_SWITCH VHT config */ + if (hapd->iconf->ch_switch_vht_config & + CH_SWITCH_VHT_ENABLED) + hapd->iconf->ieee80211ac = 1; + else if (hapd->iconf->ch_switch_vht_config & + CH_SWITCH_VHT_DISABLED) + hapd->iconf->ieee80211ac = 0; + } + hapd->iconf->ch_switch_vht_config = 0; + hapd->iconf->secondary_channel = offset; hapd->iconf->vht_oper_chwidth = chwidth; hapd->iconf->vht_oper_centr_freq_seg0_idx = seg0_idx; hapd->iconf->vht_oper_centr_freq_seg1_idx = seg1_idx; - is_dfs = ieee80211_is_dfs(freq); + is_dfs = ieee80211_is_dfs(freq, hapd->iface->hw_features, + hapd->iface->num_hw_features); if (hapd->csa_in_progress && freq == hapd->cs_freq_params.freq) { @@ -690,7 +962,7 @@ int hostapd_probe_req_rx(struct hostapd_data *hapd, const u8 *sa, const u8 *da, #ifdef HOSTAPD -#ifdef CONFIG_IEEE80211R +#ifdef CONFIG_IEEE80211R_AP static void hostapd_notify_auth_ft_finish(void *ctx, const u8 *dst, const u8 *bssid, u16 auth_transaction, u16 status, @@ -709,7 +981,33 @@ static void hostapd_notify_auth_ft_finish(void *ctx, const u8 *dst, hostapd_sta_auth(hapd, dst, auth_transaction, status, ies, ies_len); } -#endif /* CONFIG_IEEE80211R */ +#endif /* CONFIG_IEEE80211R_AP */ + + +#ifdef CONFIG_FILS +static void hostapd_notify_auth_fils_finish(struct hostapd_data *hapd, + struct sta_info *sta, u16 resp, + struct wpabuf *data, int pub) +{ + if (resp == WLAN_STATUS_SUCCESS) { + hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, + HOSTAPD_LEVEL_DEBUG, "authentication OK (FILS)"); + sta->flags |= WLAN_STA_AUTH; + wpa_auth_sm_event(sta->wpa_sm, WPA_AUTH); + sta->auth_alg = WLAN_AUTH_FILS_SK; + mlme_authenticate_indication(hapd, sta); + } else { + hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, + HOSTAPD_LEVEL_DEBUG, + "authentication failed (FILS)"); + } + + hostapd_sta_auth(hapd, sta->addr, 2, resp, + data ? wpabuf_head(data) : NULL, + data ? wpabuf_len(data) : 0); + wpabuf_free(data); +} +#endif /* CONFIG_FILS */ static void hostapd_notif_auth(struct hostapd_data *hapd, @@ -730,7 +1028,7 @@ static void hostapd_notif_auth(struct hostapd_data *hapd, } sta->flags &= ~WLAN_STA_PREAUTH; ieee802_1x_notify_pre_auth(sta->eapol_sm, 0); -#ifdef CONFIG_IEEE80211R +#ifdef CONFIG_IEEE80211R_AP if (rx_auth->auth_type == WLAN_AUTH_FT && hapd->wpa_auth) { sta->auth_alg = WLAN_AUTH_FT; if (sta->wpa_sm == NULL) @@ -748,7 +1046,19 @@ static void hostapd_notif_auth(struct hostapd_data *hapd, hostapd_notify_auth_ft_finish, hapd); return; } -#endif /* CONFIG_IEEE80211R */ +#endif /* CONFIG_IEEE80211R_AP */ + +#ifdef CONFIG_FILS + if (rx_auth->auth_type == WLAN_AUTH_FILS_SK) { + sta->auth_alg = WLAN_AUTH_FILS_SK; + handle_auth_fils(hapd, sta, rx_auth->ies, rx_auth->ies_len, + rx_auth->auth_type, rx_auth->auth_transaction, + rx_auth->status_code, + hostapd_notify_auth_fils_finish); + return; + } +#endif /* CONFIG_FILS */ + fail: hostapd_sta_auth(hapd, rx_auth->peer, rx_auth->auth_transaction + 1, status, resp_ies, resp_ies_len); @@ -762,32 +1072,36 @@ static void hostapd_action_rx(struct hostapd_data *hapd, struct sta_info *sta; size_t plen __maybe_unused; u16 fc; + u8 *action __maybe_unused; - if (drv_mgmt->frame_len < 24 + 1) + if (drv_mgmt->frame_len < IEEE80211_HDRLEN + 2 + 1) return; - plen = drv_mgmt->frame_len - 24 - 1; + plen = drv_mgmt->frame_len - IEEE80211_HDRLEN - 1; mgmt = (struct ieee80211_mgmt *) drv_mgmt->frame; fc = le_to_host16(mgmt->frame_control); if (WLAN_FC_GET_STYPE(fc) != WLAN_FC_STYPE_ACTION) return; /* handled by the driver */ - wpa_printf(MSG_DEBUG, "RX_ACTION cat %d action plen %d", - mgmt->u.action.category, (int) plen); + action = (u8 *) &mgmt->u.action.u; + wpa_printf(MSG_DEBUG, "RX_ACTION category %u action %u sa " MACSTR + " da " MACSTR " plen %d", + mgmt->u.action.category, *action, + MAC2STR(mgmt->sa), MAC2STR(mgmt->da), (int) plen); sta = ap_get_sta(hapd, mgmt->sa); if (sta == NULL) { wpa_printf(MSG_DEBUG, "%s: station not found", __func__); return; } -#ifdef CONFIG_IEEE80211R +#ifdef CONFIG_IEEE80211R_AP if (mgmt->u.action.category == WLAN_ACTION_FT) { const u8 *payload = drv_mgmt->frame + 24 + 1; wpa_ft_action_rx(sta->wpa_sm, payload, plen); } -#endif /* CONFIG_IEEE80211R */ +#endif /* CONFIG_IEEE80211R_AP */ #ifdef CONFIG_IEEE80211W if (mgmt->u.action.category == WLAN_ACTION_SA_QUERY && plen >= 4) { ieee802_11_sa_query_action( @@ -796,18 +1110,34 @@ static void hostapd_action_rx(struct hostapd_data *hapd, mgmt->u.action.u.sa_query_resp.trans_id); } #endif /* CONFIG_IEEE80211W */ -#ifdef CONFIG_WNM +#ifdef CONFIG_WNM_AP if (mgmt->u.action.category == WLAN_ACTION_WNM) { ieee802_11_rx_wnm_action_ap(hapd, mgmt, drv_mgmt->frame_len); } -#endif /* CONFIG_WNM */ +#endif /* CONFIG_WNM_AP */ #ifdef CONFIG_FST if (mgmt->u.action.category == WLAN_ACTION_FST && hapd->iface->fst) { fst_rx_action(hapd->iface->fst, mgmt, drv_mgmt->frame_len); return; } #endif /* CONFIG_FST */ - +#ifdef CONFIG_DPP + if (plen >= 1 + 4 && + mgmt->u.action.u.vs_public_action.action == + WLAN_PA_VENDOR_SPECIFIC && + WPA_GET_BE24(mgmt->u.action.u.vs_public_action.oui) == + OUI_WFA && + mgmt->u.action.u.vs_public_action.variable[0] == + DPP_OUI_TYPE) { + const u8 *pos, *end; + + pos = mgmt->u.action.u.vs_public_action.oui; + end = drv_mgmt->frame + drv_mgmt->frame_len; + hostapd_dpp_rx_action(hapd, mgmt->sa, pos, end - pos, + drv_mgmt->freq); + return; + } +#endif /* CONFIG_DPP */ } @@ -891,6 +1221,7 @@ static int hostapd_mgmt_rx(struct hostapd_data *hapd, struct rx_mgmt *rx_mgmt) } os_memset(&fi, 0, sizeof(fi)); + fi.freq = rx_mgmt->freq; fi.datarate = rx_mgmt->datarate; fi.ssi_signal = rx_mgmt->ssi_signal; @@ -1122,6 +1453,16 @@ static void hostapd_event_dfs_radar_detected(struct hostapd_data *hapd, } +static void hostapd_event_dfs_pre_cac_expired(struct hostapd_data *hapd, + struct dfs_event *radar) +{ + wpa_printf(MSG_DEBUG, "DFS Pre-CAC expired on %d MHz", radar->freq); + hostapd_dfs_pre_cac_expired(hapd->iface, radar->freq, radar->ht_enabled, + radar->chan_offset, radar->chan_width, + radar->cf1, radar->cf2); +} + + static void hostapd_event_dfs_cac_finished(struct hostapd_data *hapd, struct dfs_event *radar) { @@ -1164,6 +1505,28 @@ static void hostapd_event_dfs_cac_started(struct hostapd_data *hapd, #endif /* NEED_AP_MLME */ +static void hostapd_event_wds_sta_interface_status(struct hostapd_data *hapd, + int istatus, + const char *ifname, + const u8 *addr) +{ + struct sta_info *sta = ap_get_sta(hapd, addr); + + if (sta) { + os_free(sta->ifname_wds); + if (istatus == INTERFACE_ADDED) + sta->ifname_wds = os_strdup(ifname); + else + sta->ifname_wds = NULL; + } + + wpa_msg(hapd->msg_ctx, MSG_INFO, "%sifname=%s sta_addr=" MACSTR, + istatus == INTERFACE_ADDED ? + WDS_STA_INTERFACE_ADDED : WDS_STA_INTERFACE_REMOVED, + ifname, MAC2STR(addr)); +} + + void wpa_supplicant_event(void *ctx, enum wpa_event_type event, union wpa_event_data *data) { @@ -1314,6 +1677,11 @@ void wpa_supplicant_event(void *ctx, enum wpa_event_type event, break; hostapd_event_dfs_radar_detected(hapd, &data->dfs_event); break; + case EVENT_DFS_PRE_CAC_EXPIRED: + if (!data) + break; + hostapd_event_dfs_pre_cac_expired(hapd, &data->dfs_event); + break; case EVENT_DFS_CAC_FINISHED: if (!data) break; @@ -1351,7 +1719,10 @@ void wpa_supplicant_event(void *ctx, enum wpa_event_type event, * Try to re-enable interface if the driver stopped it * when the interface got disabled. */ - wpa_auth_reconfig_group_keys(hapd->wpa_auth); + if (hapd->wpa_auth) + wpa_auth_reconfig_group_keys(hapd->wpa_auth); + else + hostapd_reconfig_encryption(hapd); hapd->reenable_beacon = 1; ieee802_11_set_beacon(hapd); } @@ -1367,6 +1738,18 @@ void wpa_supplicant_event(void *ctx, enum wpa_event_type event, &data->acs_selected_channels); break; #endif /* CONFIG_ACS */ + case EVENT_STATION_OPMODE_CHANGED: + hostapd_event_sta_opmode_changed(hapd, data->sta_opmode.addr, + data->sta_opmode.smps_mode, + data->sta_opmode.chan_width, + data->sta_opmode.rx_nss); + break; + case EVENT_WDS_STA_INTERFACE_STATUS: + hostapd_event_wds_sta_interface_status( + hapd, data->wds_sta_interface.istatus, + data->wds_sta_interface.ifname, + data->wds_sta_interface.sta_addr); + break; default: wpa_printf(MSG_DEBUG, "Unknown event %d", event); break; diff --git a/contrib/wpa/src/ap/eap_user_db.c b/contrib/wpa/src/ap/eap_user_db.c index 082d0f53175e..296d5c2ddf31 100644 --- a/contrib/wpa/src/ap/eap_user_db.c +++ b/contrib/wpa/src/ap/eap_user_db.c @@ -91,6 +91,8 @@ static int get_user_cb(void *ctx, int argc, char *argv[], char *col[]) set_user_methods(user, argv[i]); } else if (os_strcmp(col[i], "remediation") == 0 && argv[i]) { user->remediation = strlen(argv[i]) > 0; + } else if (os_strcmp(col[i], "t_c_timestamp") == 0 && argv[i]) { + user->t_c_timestamp = strtol(argv[i], NULL, 10); } } diff --git a/contrib/wpa/src/ap/eth_p_oui.c b/contrib/wpa/src/ap/eth_p_oui.c new file mode 100644 index 000000000000..aba901e3fa75 --- /dev/null +++ b/contrib/wpa/src/ap/eth_p_oui.c @@ -0,0 +1,191 @@ +/* + * hostapd / IEEE 802 OUI Extended EtherType 88-B7 + * Copyright (c) 2016, Jouni Malinen <j@w1.fi> + * + * This software may be distributed under the terms of the BSD license. + * See README for more details. + */ + +#include "utils/includes.h" + +#include "utils/common.h" +#include "utils/eloop.h" +#include "l2_packet/l2_packet.h" +#include "hostapd.h" +#include "eth_p_oui.h" + +/* + * See IEEE Std 802-2014, Clause 9.2.4 for the definition of the OUI Extended + * EtherType 88-B7. This file implements this with OUI 00:13:74 and + * vendor-specific subtype 0x0001. + */ +static const u8 global_oui[] = { 0x00, 0x13, 0x74, 0x00, 0x01 }; + +struct eth_p_oui_iface { + struct dl_list list; + char ifname[IFNAMSIZ + 1]; + struct l2_packet_data *l2; + struct dl_list receiver; +}; + +struct eth_p_oui_ctx { + struct dl_list list; + struct eth_p_oui_iface *iface; + /* all data needed to deliver and unregister */ + u8 oui_suffix; /* last byte of OUI */ + void (*rx_callback)(void *ctx, const u8 *src_addr, + const u8 *dst_addr, u8 oui_suffix, + const u8 *buf, size_t len); + void *rx_callback_ctx; +}; + + +void eth_p_oui_deliver(struct eth_p_oui_ctx *ctx, const u8 *src_addr, + const u8 *dst_addr, const u8 *buf, size_t len) +{ + ctx->rx_callback(ctx->rx_callback_ctx, src_addr, dst_addr, + ctx->oui_suffix, buf, len); +} + + +static void eth_p_rx(void *ctx, const u8 *src_addr, const u8 *buf, size_t len) +{ + struct eth_p_oui_iface *iface = ctx; + struct eth_p_oui_ctx *receiver; + const struct l2_ethhdr *ethhdr; + + if (len < sizeof(*ethhdr) + sizeof(global_oui) + 1) { + /* too short packet */ + return; + } + + ethhdr = (struct l2_ethhdr *) buf; + /* trim eth_hdr from buf and len */ + buf += sizeof(*ethhdr); + len -= sizeof(*ethhdr); + + /* verify OUI and vendor-specific subtype match */ + if (os_memcmp(buf, global_oui, sizeof(global_oui)) != 0) + return; + buf += sizeof(global_oui); + len -= sizeof(global_oui); + + dl_list_for_each(receiver, &iface->receiver, + struct eth_p_oui_ctx, list) { + if (buf[0] != receiver->oui_suffix) + continue; + + eth_p_oui_deliver(receiver, ethhdr->h_source, ethhdr->h_dest, + buf + 1, len - 1); + } +} + + +struct eth_p_oui_ctx * +eth_p_oui_register(struct hostapd_data *hapd, const char *ifname, u8 oui_suffix, + void (*rx_callback)(void *ctx, const u8 *src_addr, + const u8 *dst_addr, u8 oui_suffix, + const u8 *buf, size_t len), + void *rx_callback_ctx) +{ + struct eth_p_oui_iface *iface; + struct eth_p_oui_ctx *receiver; + int found = 0; + struct hapd_interfaces *interfaces; + + receiver = os_zalloc(sizeof(*receiver)); + if (!receiver) + goto err; + + receiver->oui_suffix = oui_suffix; + receiver->rx_callback = rx_callback; + receiver->rx_callback_ctx = rx_callback_ctx; + + interfaces = hapd->iface->interfaces; + + dl_list_for_each(iface, &interfaces->eth_p_oui, struct eth_p_oui_iface, + list) { + if (os_strcmp(iface->ifname, ifname) != 0) + continue; + found = 1; + break; + } + + if (!found) { + iface = os_zalloc(sizeof(*iface)); + if (!iface) + goto err; + + os_strlcpy(iface->ifname, ifname, sizeof(iface->ifname)); + iface->l2 = l2_packet_init(ifname, NULL, ETH_P_OUI, eth_p_rx, + iface, 1); + if (!iface->l2) { + os_free(iface); + goto err; + } + dl_list_init(&iface->receiver); + + dl_list_add_tail(&interfaces->eth_p_oui, &iface->list); + } + + dl_list_add_tail(&iface->receiver, &receiver->list); + receiver->iface = iface; + + return receiver; +err: + os_free(receiver); + return NULL; +} + + +void eth_p_oui_unregister(struct eth_p_oui_ctx *ctx) +{ + struct eth_p_oui_iface *iface; + + if (!ctx) + return; + + iface = ctx->iface; + + dl_list_del(&ctx->list); + os_free(ctx); + + if (dl_list_empty(&iface->receiver)) { + dl_list_del(&iface->list); + l2_packet_deinit(iface->l2); + os_free(iface); + } +} + + +int eth_p_oui_send(struct eth_p_oui_ctx *ctx, const u8 *src_addr, + const u8 *dst_addr, const u8 *buf, size_t len) +{ + struct eth_p_oui_iface *iface = ctx->iface; + u8 *packet, *p; + size_t packet_len; + int ret; + struct l2_ethhdr *ethhdr; + + packet_len = sizeof(*ethhdr) + sizeof(global_oui) + 1 + len; + packet = os_zalloc(packet_len); + if (!packet) + return -1; + p = packet; + + ethhdr = (struct l2_ethhdr *) packet; + os_memcpy(ethhdr->h_source, src_addr, ETH_ALEN); + os_memcpy(ethhdr->h_dest, dst_addr, ETH_ALEN); + ethhdr->h_proto = host_to_be16(ETH_P_OUI); + p += sizeof(*ethhdr); + + os_memcpy(p, global_oui, sizeof(global_oui)); + p[sizeof(global_oui)] = ctx->oui_suffix; + p += sizeof(global_oui) + 1; + + os_memcpy(p, buf, len); + + ret = l2_packet_send(iface->l2, NULL, 0, packet, packet_len); + os_free(packet); + return ret; +} diff --git a/contrib/wpa/src/ap/eth_p_oui.h b/contrib/wpa/src/ap/eth_p_oui.h new file mode 100644 index 000000000000..466fdc39c6f8 --- /dev/null +++ b/contrib/wpa/src/ap/eth_p_oui.h @@ -0,0 +1,28 @@ +/* + * hostapd / IEEE 802 OUI Extended Ethertype + * Copyright (c) 2016, Jouni Malinen <j@w1.fi> + * + * This software may be distributed under the terms of the BSD license. + * See README for more details. + */ + +#ifndef ETH_P_OUI_H +#define ETH_P_OUI_H + +struct eth_p_oui_ctx; +struct hostapd_data; + +/* rx_callback only gets payload after OUI passed as buf */ +struct eth_p_oui_ctx * +eth_p_oui_register(struct hostapd_data *hapd, const char *ifname, u8 oui_suffix, + void (*rx_callback)(void *ctx, const u8 *src_addr, + const u8 *dst_addr, u8 oui_suffix, + const u8 *buf, size_t len), + void *rx_callback_ctx); +void eth_p_oui_unregister(struct eth_p_oui_ctx *eth_p_oui); +int eth_p_oui_send(struct eth_p_oui_ctx *ctx, const u8 *src_addr, + const u8 *dst_addr, const u8 *buf, size_t len); +void eth_p_oui_deliver(struct eth_p_oui_ctx *ctx, const u8 *src_addr, + const u8 *dst_addr, const u8 *buf, size_t len); + +#endif /* ETH_P_OUI_H */ diff --git a/contrib/wpa/src/ap/fils_hlp.c b/contrib/wpa/src/ap/fils_hlp.c new file mode 100644 index 000000000000..2a359ab03c81 --- /dev/null +++ b/contrib/wpa/src/ap/fils_hlp.c @@ -0,0 +1,641 @@ +/* + * FILS HLP request processing + * Copyright (c) 2017, Qualcomm Atheros, Inc. + * + * This software may be distributed under the terms of the BSD license. + * See README for more details. + */ + +#include "utils/includes.h" + +#include "utils/common.h" +#include "utils/eloop.h" +#include "common/dhcp.h" +#include "hostapd.h" +#include "sta_info.h" +#include "ieee802_11.h" +#include "fils_hlp.h" + + +static be16 ip_checksum(const void *buf, size_t len) +{ + u32 sum = 0; + const u16 *pos; + + for (pos = buf; len >= 2; len -= 2) + sum += ntohs(*pos++); + if (len) + sum += ntohs(*pos << 8); + + sum = (sum >> 16) + (sum & 0xffff); + sum += sum >> 16; + return htons(~sum); +} + + +static int fils_dhcp_request(struct hostapd_data *hapd, struct sta_info *sta, + struct dhcp_data *dhcpoffer, u8 *dhcpofferend) +{ + u8 *pos, *end; + struct dhcp_data *dhcp; + struct sockaddr_in addr; + ssize_t res; + const u8 *server_id = NULL; + + if (!sta->hlp_dhcp_discover) { + wpa_printf(MSG_DEBUG, + "FILS: No pending HLP DHCPDISCOVER available"); + return -1; + } + + /* Convert to DHCPREQUEST, remove rapid commit option, replace requested + * IP address option with yiaddr. */ + pos = wpabuf_mhead(sta->hlp_dhcp_discover); + end = pos + wpabuf_len(sta->hlp_dhcp_discover); + dhcp = (struct dhcp_data *) pos; + pos = (u8 *) (dhcp + 1); + pos += 4; /* skip magic */ + while (pos < end && *pos != DHCP_OPT_END) { + u8 opt, olen; + + opt = *pos++; + if (opt == DHCP_OPT_PAD) + continue; + if (pos >= end) + break; + olen = *pos++; + if (olen > end - pos) + break; + + switch (opt) { + case DHCP_OPT_MSG_TYPE: + if (olen > 0) + *pos = DHCPREQUEST; + break; + case DHCP_OPT_RAPID_COMMIT: + case DHCP_OPT_REQUESTED_IP_ADDRESS: + case DHCP_OPT_SERVER_ID: + /* Remove option */ + pos -= 2; + os_memmove(pos, pos + 2 + olen, end - pos - 2 - olen); + end -= 2 + olen; + olen = 0; + break; + } + pos += olen; + } + if (pos >= end || *pos != DHCP_OPT_END) { + wpa_printf(MSG_DEBUG, "FILS: Could not update DHCPDISCOVER"); + return -1; + } + sta->hlp_dhcp_discover->used = pos - (u8 *) dhcp; + + /* Copy Server ID option from DHCPOFFER to DHCPREQUEST */ + pos = (u8 *) (dhcpoffer + 1); + end = dhcpofferend; + pos += 4; /* skip magic */ + while (pos < end && *pos != DHCP_OPT_END) { + u8 opt, olen; + + opt = *pos++; + if (opt == DHCP_OPT_PAD) + continue; + if (pos >= end) + break; + olen = *pos++; + if (olen > end - pos) + break; + + switch (opt) { + case DHCP_OPT_SERVER_ID: + server_id = pos - 2; + break; + } + pos += olen; + } + + if (wpabuf_resize(&sta->hlp_dhcp_discover, + 6 + 1 + (server_id ? 2 + server_id[1] : 0))) + return -1; + if (server_id) + wpabuf_put_data(sta->hlp_dhcp_discover, server_id, + 2 + server_id[1]); + wpabuf_put_u8(sta->hlp_dhcp_discover, DHCP_OPT_REQUESTED_IP_ADDRESS); + wpabuf_put_u8(sta->hlp_dhcp_discover, 4); + wpabuf_put_data(sta->hlp_dhcp_discover, &dhcpoffer->your_ip, 4); + wpabuf_put_u8(sta->hlp_dhcp_discover, DHCP_OPT_END); + + os_memset(&addr, 0, sizeof(addr)); + addr.sin_family = AF_INET; + addr.sin_addr.s_addr = hapd->conf->dhcp_server.u.v4.s_addr; + addr.sin_port = htons(hapd->conf->dhcp_server_port); + res = sendto(hapd->dhcp_sock, wpabuf_head(sta->hlp_dhcp_discover), + wpabuf_len(sta->hlp_dhcp_discover), 0, + (const struct sockaddr *) &addr, sizeof(addr)); + if (res < 0) { + wpa_printf(MSG_ERROR, "FILS: DHCP sendto failed: %s", + strerror(errno)); + return -1; + } + wpa_printf(MSG_DEBUG, + "FILS: Acting as DHCP rapid commit proxy for %s:%d", + inet_ntoa(addr.sin_addr), ntohs(addr.sin_port)); + wpabuf_free(sta->hlp_dhcp_discover); + sta->hlp_dhcp_discover = NULL; + sta->fils_dhcp_rapid_commit_proxy = 1; + return 0; +} + + +static void fils_dhcp_handler(int sd, void *eloop_ctx, void *sock_ctx) +{ + struct hostapd_data *hapd = sock_ctx; + struct sta_info *sta; + u8 buf[1500], *pos, *end, *end_opt = NULL; + struct dhcp_data *dhcp; + struct sockaddr_in addr; + socklen_t addr_len; + ssize_t res; + u8 msgtype = 0; + int rapid_commit = 0; + struct iphdr *iph; + struct udphdr *udph; + struct wpabuf *resp; + const u8 *rpos; + size_t left, len; + + addr_len = sizeof(addr); + res = recvfrom(sd, buf, sizeof(buf), 0, + (struct sockaddr *) &addr, &addr_len); + if (res < 0) { + wpa_printf(MSG_DEBUG, "FILS: DHCP read failed: %s", + strerror(errno)); + return; + } + wpa_printf(MSG_DEBUG, "FILS: DHCP response from server %s:%d (len=%d)", + inet_ntoa(addr.sin_addr), ntohs(addr.sin_port), (int) res); + wpa_hexdump(MSG_MSGDUMP, "FILS: HLP - DHCP server response", buf, res); + if ((size_t) res < sizeof(*dhcp)) + return; + dhcp = (struct dhcp_data *) buf; + if (dhcp->op != 2) + return; /* Not a BOOTREPLY */ + if (dhcp->relay_ip != hapd->conf->own_ip_addr.u.v4.s_addr) { + wpa_printf(MSG_DEBUG, + "FILS: HLP - DHCP response to unknown relay address 0x%x", + dhcp->relay_ip); + return; + } + dhcp->relay_ip = 0; + pos = (u8 *) (dhcp + 1); + end = &buf[res]; + + if (end - pos < 4 || WPA_GET_BE32(pos) != DHCP_MAGIC) { + wpa_printf(MSG_DEBUG, "FILS: HLP - no DHCP magic in response"); + return; + } + pos += 4; + + wpa_hexdump(MSG_DEBUG, "FILS: HLP - DHCP options in response", + pos, end - pos); + while (pos < end && *pos != DHCP_OPT_END) { + u8 opt, olen; + + opt = *pos++; + if (opt == DHCP_OPT_PAD) + continue; + if (pos >= end) + break; + olen = *pos++; + if (olen > end - pos) + break; + + switch (opt) { + case DHCP_OPT_MSG_TYPE: + if (olen > 0) + msgtype = pos[0]; + break; + case DHCP_OPT_RAPID_COMMIT: + rapid_commit = 1; + break; + } + pos += olen; + } + if (pos < end && *pos == DHCP_OPT_END) + end_opt = pos; + + wpa_printf(MSG_DEBUG, + "FILS: HLP - DHCP message type %u (rapid_commit=%d hw_addr=" + MACSTR ")", + msgtype, rapid_commit, MAC2STR(dhcp->hw_addr)); + + sta = ap_get_sta(hapd, dhcp->hw_addr); + if (!sta || !sta->fils_pending_assoc_req) { + wpa_printf(MSG_DEBUG, + "FILS: No pending HLP DHCP exchange with hw_addr " + MACSTR, MAC2STR(dhcp->hw_addr)); + return; + } + + if (hapd->conf->dhcp_rapid_commit_proxy && msgtype == DHCPOFFER && + !rapid_commit) { + /* Use hostapd to take care of 4-message exchange and convert + * the final DHCPACK to rapid commit version. */ + if (fils_dhcp_request(hapd, sta, dhcp, end) == 0) + return; + /* failed, so send the server response as-is */ + } else if (msgtype != DHCPACK) { + wpa_printf(MSG_DEBUG, + "FILS: No DHCPACK available from the server and cannot do rapid commit proxying"); + } + + pos = buf; + resp = wpabuf_alloc(2 * ETH_ALEN + 6 + 2 + + sizeof(*iph) + sizeof(*udph) + (end - pos) + 2); + if (!resp) + return; + wpabuf_put_data(resp, sta->addr, ETH_ALEN); + wpabuf_put_data(resp, hapd->own_addr, ETH_ALEN); + wpabuf_put_data(resp, "\xaa\xaa\x03\x00\x00\x00", 6); + wpabuf_put_be16(resp, ETH_P_IP); + iph = wpabuf_put(resp, sizeof(*iph)); + iph->version = 4; + iph->ihl = sizeof(*iph) / 4; + iph->tot_len = htons(sizeof(*iph) + sizeof(*udph) + (end - pos)); + iph->ttl = 1; + iph->protocol = 17; /* UDP */ + iph->saddr = hapd->conf->dhcp_server.u.v4.s_addr; + iph->daddr = dhcp->client_ip; + iph->check = ip_checksum(iph, sizeof(*iph)); + udph = wpabuf_put(resp, sizeof(*udph)); + udph->uh_sport = htons(DHCP_SERVER_PORT); + udph->uh_dport = htons(DHCP_CLIENT_PORT); + udph->uh_ulen = htons(sizeof(*udph) + (end - pos)); + udph->uh_sum = htons(0x0000); /* TODO: calculate checksum */ + if (hapd->conf->dhcp_rapid_commit_proxy && msgtype == DHCPACK && + !rapid_commit && sta->fils_dhcp_rapid_commit_proxy && end_opt) { + /* Add rapid commit option */ + wpabuf_put_data(resp, pos, end_opt - pos); + wpabuf_put_u8(resp, DHCP_OPT_RAPID_COMMIT); + wpabuf_put_u8(resp, 0); + wpabuf_put_data(resp, end_opt, end - end_opt); + } else { + wpabuf_put_data(resp, pos, end - pos); + } + if (wpabuf_resize(&sta->fils_hlp_resp, wpabuf_len(resp) + + 2 * wpabuf_len(resp) / 255 + 100)) { + wpabuf_free(resp); + return; + } + + rpos = wpabuf_head(resp); + left = wpabuf_len(resp); + + wpabuf_put_u8(sta->fils_hlp_resp, WLAN_EID_EXTENSION); /* Element ID */ + if (left <= 254) + len = 1 + left; + else + len = 255; + wpabuf_put_u8(sta->fils_hlp_resp, len); /* Length */ + /* Element ID Extension */ + wpabuf_put_u8(sta->fils_hlp_resp, WLAN_EID_EXT_FILS_HLP_CONTAINER); + /* Destination MAC Address, Source MAC Address, HLP Packet. + * HLP Packet is in MSDU format (i.e., including the LLC/SNAP header + * when LPD is used). */ + wpabuf_put_data(sta->fils_hlp_resp, rpos, len - 1); + rpos += len - 1; + left -= len - 1; + while (left) { + wpabuf_put_u8(sta->fils_hlp_resp, WLAN_EID_FRAGMENT); + len = left > 255 ? 255 : left; + wpabuf_put_u8(sta->fils_hlp_resp, len); + wpabuf_put_data(sta->fils_hlp_resp, rpos, len); + rpos += len; + left -= len; + } + wpabuf_free(resp); + + if (sta->fils_drv_assoc_finish) + hostapd_notify_assoc_fils_finish(hapd, sta); + else + fils_hlp_finish_assoc(hapd, sta); +} + + +static int fils_process_hlp_dhcp(struct hostapd_data *hapd, + struct sta_info *sta, + const u8 *msg, size_t len) +{ + const struct dhcp_data *dhcp; + struct wpabuf *dhcp_buf; + struct dhcp_data *dhcp_msg; + u8 msgtype = 0; + int rapid_commit = 0; + const u8 *pos = msg, *end; + struct sockaddr_in addr; + ssize_t res; + + if (len < sizeof(*dhcp)) + return 0; + dhcp = (const struct dhcp_data *) pos; + end = pos + len; + wpa_printf(MSG_DEBUG, + "FILS: HLP request DHCP: op=%u htype=%u hlen=%u hops=%u xid=0x%x", + dhcp->op, dhcp->htype, dhcp->hlen, dhcp->hops, + ntohl(dhcp->xid)); + pos += sizeof(*dhcp); + if (dhcp->op != 1) + return 0; /* Not a BOOTREQUEST */ + + if (end - pos < 4) + return 0; + if (WPA_GET_BE32(pos) != DHCP_MAGIC) { + wpa_printf(MSG_DEBUG, "FILS: HLP - no DHCP magic"); + return 0; + } + pos += 4; + + wpa_hexdump(MSG_DEBUG, "FILS: HLP - DHCP options", pos, end - pos); + while (pos < end && *pos != DHCP_OPT_END) { + u8 opt, olen; + + opt = *pos++; + if (opt == DHCP_OPT_PAD) + continue; + if (pos >= end) + break; + olen = *pos++; + if (olen > end - pos) + break; + + switch (opt) { + case DHCP_OPT_MSG_TYPE: + if (olen > 0) + msgtype = pos[0]; + break; + case DHCP_OPT_RAPID_COMMIT: + rapid_commit = 1; + break; + } + pos += olen; + } + + wpa_printf(MSG_DEBUG, "FILS: HLP - DHCP message type %u", msgtype); + if (msgtype != DHCPDISCOVER) + return 0; + + if (hapd->conf->dhcp_server.af != AF_INET || + hapd->conf->dhcp_server.u.v4.s_addr == 0) { + wpa_printf(MSG_DEBUG, + "FILS: HLP - no DHCPv4 server configured - drop request"); + return 0; + } + + if (hapd->conf->own_ip_addr.af != AF_INET || + hapd->conf->own_ip_addr.u.v4.s_addr == 0) { + wpa_printf(MSG_DEBUG, + "FILS: HLP - no IPv4 own_ip_addr configured - drop request"); + return 0; + } + + if (hapd->dhcp_sock < 0) { + int s; + + s = socket(AF_INET, SOCK_DGRAM, 0); + if (s < 0) { + wpa_printf(MSG_ERROR, + "FILS: Failed to open DHCP socket: %s", + strerror(errno)); + return 0; + } + + if (hapd->conf->dhcp_relay_port) { + os_memset(&addr, 0, sizeof(addr)); + addr.sin_family = AF_INET; + addr.sin_addr.s_addr = + hapd->conf->own_ip_addr.u.v4.s_addr; + addr.sin_port = htons(hapd->conf->dhcp_relay_port); + if (bind(s, (struct sockaddr *) &addr, sizeof(addr))) { + wpa_printf(MSG_ERROR, + "FILS: Failed to bind DHCP socket: %s", + strerror(errno)); + close(s); + return 0; + } + } + if (eloop_register_sock(s, EVENT_TYPE_READ, + fils_dhcp_handler, NULL, hapd)) { + close(s); + return 0; + } + + hapd->dhcp_sock = s; + } + + dhcp_buf = wpabuf_alloc(len); + if (!dhcp_buf) + return 0; + dhcp_msg = wpabuf_put(dhcp_buf, len); + os_memcpy(dhcp_msg, msg, len); + dhcp_msg->relay_ip = hapd->conf->own_ip_addr.u.v4.s_addr; + os_memset(&addr, 0, sizeof(addr)); + addr.sin_family = AF_INET; + addr.sin_addr.s_addr = hapd->conf->dhcp_server.u.v4.s_addr; + addr.sin_port = htons(hapd->conf->dhcp_server_port); + res = sendto(hapd->dhcp_sock, dhcp_msg, len, 0, + (const struct sockaddr *) &addr, sizeof(addr)); + if (res < 0) { + wpa_printf(MSG_ERROR, "FILS: DHCP sendto failed: %s", + strerror(errno)); + wpabuf_free(dhcp_buf); + /* Close the socket to try to recover from error */ + eloop_unregister_read_sock(hapd->dhcp_sock); + close(hapd->dhcp_sock); + hapd->dhcp_sock = -1; + return 0; + } + + wpa_printf(MSG_DEBUG, + "FILS: HLP relayed DHCP request to server %s:%d (rapid_commit=%d)", + inet_ntoa(addr.sin_addr), ntohs(addr.sin_port), + rapid_commit); + if (hapd->conf->dhcp_rapid_commit_proxy && rapid_commit) { + /* Store a copy of the DHCPDISCOVER for rapid commit proxying + * purposes if the server does not support the rapid commit + * option. */ + wpa_printf(MSG_DEBUG, + "FILS: Store DHCPDISCOVER for rapid commit proxy"); + wpabuf_free(sta->hlp_dhcp_discover); + sta->hlp_dhcp_discover = dhcp_buf; + } else { + wpabuf_free(dhcp_buf); + } + + return 1; +} + + +static int fils_process_hlp_udp(struct hostapd_data *hapd, + struct sta_info *sta, const u8 *dst, + const u8 *pos, size_t len) +{ + const struct iphdr *iph; + const struct udphdr *udph; + u16 sport, dport, ulen; + + if (len < sizeof(*iph) + sizeof(*udph)) + return 0; + iph = (const struct iphdr *) pos; + udph = (const struct udphdr *) (iph + 1); + sport = ntohs(udph->uh_sport); + dport = ntohs(udph->uh_dport); + ulen = ntohs(udph->uh_ulen); + wpa_printf(MSG_DEBUG, + "FILS: HLP request UDP: sport=%u dport=%u ulen=%u sum=0x%x", + sport, dport, ulen, ntohs(udph->uh_sum)); + /* TODO: Check UDP checksum */ + if (ulen < sizeof(*udph) || ulen > len - sizeof(*iph)) + return 0; + + if (dport == DHCP_SERVER_PORT && sport == DHCP_CLIENT_PORT) { + return fils_process_hlp_dhcp(hapd, sta, (const u8 *) (udph + 1), + ulen - sizeof(*udph)); + } + + return 0; +} + + +static int fils_process_hlp_ip(struct hostapd_data *hapd, + struct sta_info *sta, const u8 *dst, + const u8 *pos, size_t len) +{ + const struct iphdr *iph; + u16 tot_len; + + if (len < sizeof(*iph)) + return 0; + iph = (const struct iphdr *) pos; + if (ip_checksum(iph, sizeof(*iph)) != 0) { + wpa_printf(MSG_DEBUG, + "FILS: HLP request IPv4 packet had invalid header checksum - dropped"); + return 0; + } + tot_len = ntohs(iph->tot_len); + if (tot_len > len) + return 0; + wpa_printf(MSG_DEBUG, + "FILS: HLP request IPv4: saddr=%08x daddr=%08x protocol=%u", + iph->saddr, iph->daddr, iph->protocol); + switch (iph->protocol) { + case 17: + return fils_process_hlp_udp(hapd, sta, dst, pos, len); + } + + return 0; +} + + +static int fils_process_hlp_req(struct hostapd_data *hapd, + struct sta_info *sta, + const u8 *pos, size_t len) +{ + const u8 *pkt, *end; + + wpa_printf(MSG_DEBUG, "FILS: HLP request from " MACSTR " (dst=" MACSTR + " src=" MACSTR " len=%u)", + MAC2STR(sta->addr), MAC2STR(pos), MAC2STR(pos + ETH_ALEN), + (unsigned int) len); + if (os_memcmp(sta->addr, pos + ETH_ALEN, ETH_ALEN) != 0) { + wpa_printf(MSG_DEBUG, + "FILS: Ignore HLP request with unexpected source address" + MACSTR, MAC2STR(pos + ETH_ALEN)); + return 0; + } + + end = pos + len; + pkt = pos + 2 * ETH_ALEN; + if (end - pkt >= 6 && + os_memcmp(pkt, "\xaa\xaa\x03\x00\x00\x00", 6) == 0) + pkt += 6; /* Remove SNAP/LLC header */ + wpa_hexdump(MSG_MSGDUMP, "FILS: HLP request packet", pkt, end - pkt); + + if (end - pkt < 2) + return 0; + + switch (WPA_GET_BE16(pkt)) { + case ETH_P_IP: + return fils_process_hlp_ip(hapd, sta, pos, pkt + 2, + end - pkt - 2); + } + + return 0; +} + + +int fils_process_hlp(struct hostapd_data *hapd, struct sta_info *sta, + const u8 *pos, int left) +{ + const u8 *end = pos + left; + u8 *tmp, *tmp_pos; + int ret = 0; + + /* Old DHCPDISCOVER is not needed anymore, if it was still pending */ + wpabuf_free(sta->hlp_dhcp_discover); + sta->hlp_dhcp_discover = NULL; + sta->fils_dhcp_rapid_commit_proxy = 0; + + /* Check if there are any FILS HLP Container elements */ + while (end - pos >= 2) { + if (2 + pos[1] > end - pos) + return 0; + if (pos[0] == WLAN_EID_EXTENSION && + pos[1] >= 1 + 2 * ETH_ALEN && + pos[2] == WLAN_EID_EXT_FILS_HLP_CONTAINER) + break; + pos += 2 + pos[1]; + } + if (end - pos < 2) + return 0; /* No FILS HLP Container elements */ + + tmp = os_malloc(end - pos); + if (!tmp) + return 0; + + while (end - pos >= 2) { + if (2 + pos[1] > end - pos || + pos[0] != WLAN_EID_EXTENSION || + pos[1] < 1 + 2 * ETH_ALEN || + pos[2] != WLAN_EID_EXT_FILS_HLP_CONTAINER) + break; + tmp_pos = tmp; + os_memcpy(tmp_pos, pos + 3, pos[1] - 1); + tmp_pos += pos[1] - 1; + pos += 2 + pos[1]; + + /* Add possible fragments */ + while (end - pos >= 2 && pos[0] == WLAN_EID_FRAGMENT && + 2 + pos[1] <= end - pos) { + os_memcpy(tmp_pos, pos + 2, pos[1]); + tmp_pos += pos[1]; + pos += 2 + pos[1]; + } + + if (fils_process_hlp_req(hapd, sta, tmp, tmp_pos - tmp) > 0) + ret = 1; + } + + os_free(tmp); + + return ret; +} + + +void fils_hlp_deinit(struct hostapd_data *hapd) +{ + if (hapd->dhcp_sock >= 0) { + eloop_unregister_read_sock(hapd->dhcp_sock); + close(hapd->dhcp_sock); + hapd->dhcp_sock = -1; + } +} diff --git a/contrib/wpa/src/ap/fils_hlp.h b/contrib/wpa/src/ap/fils_hlp.h new file mode 100644 index 000000000000..e14a6bf65e04 --- /dev/null +++ b/contrib/wpa/src/ap/fils_hlp.h @@ -0,0 +1,27 @@ +/* + * FILS HLP request processing + * Copyright (c) 2017, Qualcomm Atheros, Inc. + * + * This software may be distributed under the terms of the BSD license. + * See README for more details. + */ + +#ifndef FILS_HLP_H +#define FILS_HLP_H + +int fils_process_hlp(struct hostapd_data *hapd, struct sta_info *sta, + const u8 *pos, int left); + +#ifdef CONFIG_FILS + +void fils_hlp_deinit(struct hostapd_data *hapd); + +#else /* CONFIG_FILS */ + +static inline void fils_hlp_deinit(struct hostapd_data *hapd) +{ +} + +#endif /* CONFIG_FILS */ + +#endif /* FILS_HLP_H */ diff --git a/contrib/wpa/src/ap/gas_query_ap.c b/contrib/wpa/src/ap/gas_query_ap.c new file mode 100644 index 000000000000..fdb3cad55ade --- /dev/null +++ b/contrib/wpa/src/ap/gas_query_ap.c @@ -0,0 +1,714 @@ +/* + * Generic advertisement service (GAS) query (hostapd) + * Copyright (c) 2009, Atheros Communications + * Copyright (c) 2011-2017, Qualcomm Atheros, Inc. + * Copyright (c) 2011-2014, Jouni Malinen <j@w1.fi> + * + * This software may be distributed under the terms of the BSD license. + * See README for more details. + */ + +#include "includes.h" + +#include "common.h" +#include "utils/eloop.h" +#include "utils/list.h" +#include "common/ieee802_11_defs.h" +#include "common/gas.h" +#include "common/wpa_ctrl.h" +#include "hostapd.h" +#include "sta_info.h" +#include "ap_drv_ops.h" +#include "gas_query_ap.h" + + +/** GAS query timeout in seconds */ +#define GAS_QUERY_TIMEOUT_PERIOD 2 + +/* GAS query wait-time / duration in ms */ +#define GAS_QUERY_WAIT_TIME_INITIAL 1000 +#define GAS_QUERY_WAIT_TIME_COMEBACK 150 + +/** + * struct gas_query_pending - Pending GAS query + */ +struct gas_query_pending { + struct dl_list list; + struct gas_query_ap *gas; + u8 addr[ETH_ALEN]; + u8 dialog_token; + u8 next_frag_id; + unsigned int wait_comeback:1; + unsigned int offchannel_tx_started:1; + unsigned int retry:1; + int freq; + u16 status_code; + struct wpabuf *req; + struct wpabuf *adv_proto; + struct wpabuf *resp; + struct os_reltime last_oper; + void (*cb)(void *ctx, const u8 *dst, u8 dialog_token, + enum gas_query_ap_result result, + const struct wpabuf *adv_proto, + const struct wpabuf *resp, u16 status_code); + void *ctx; + u8 sa[ETH_ALEN]; +}; + +/** + * struct gas_query_ap - Internal GAS query data + */ +struct gas_query_ap { + struct hostapd_data *hapd; + void *msg_ctx; + struct dl_list pending; /* struct gas_query_pending */ + struct gas_query_pending *current; +}; + + +static void gas_query_tx_comeback_timeout(void *eloop_data, void *user_ctx); +static void gas_query_timeout(void *eloop_data, void *user_ctx); +static void gas_query_rx_comeback_timeout(void *eloop_data, void *user_ctx); +static void gas_query_tx_initial_req(struct gas_query_ap *gas, + struct gas_query_pending *query); +static int gas_query_new_dialog_token(struct gas_query_ap *gas, const u8 *dst); + + +static int ms_from_time(struct os_reltime *last) +{ + struct os_reltime now, res; + + os_get_reltime(&now); + os_reltime_sub(&now, last, &res); + return res.sec * 1000 + res.usec / 1000; +} + + +/** + * gas_query_ap_init - Initialize GAS query component + * @hapd: Pointer to hostapd data + * Returns: Pointer to GAS query data or %NULL on failure + */ +struct gas_query_ap * gas_query_ap_init(struct hostapd_data *hapd, + void *msg_ctx) +{ + struct gas_query_ap *gas; + + gas = os_zalloc(sizeof(*gas)); + if (!gas) + return NULL; + + gas->hapd = hapd; + gas->msg_ctx = msg_ctx; + dl_list_init(&gas->pending); + + return gas; +} + + +static const char * gas_result_txt(enum gas_query_ap_result result) +{ + switch (result) { + case GAS_QUERY_AP_SUCCESS: + return "SUCCESS"; + case GAS_QUERY_AP_FAILURE: + return "FAILURE"; + case GAS_QUERY_AP_TIMEOUT: + return "TIMEOUT"; + case GAS_QUERY_AP_PEER_ERROR: + return "PEER_ERROR"; + case GAS_QUERY_AP_INTERNAL_ERROR: + return "INTERNAL_ERROR"; + case GAS_QUERY_AP_DELETED_AT_DEINIT: + return "DELETED_AT_DEINIT"; + } + + return "N/A"; +} + + +static void gas_query_free(struct gas_query_pending *query, int del_list) +{ + if (del_list) + dl_list_del(&query->list); + + wpabuf_free(query->req); + wpabuf_free(query->adv_proto); + wpabuf_free(query->resp); + os_free(query); +} + + +static void gas_query_done(struct gas_query_ap *gas, + struct gas_query_pending *query, + enum gas_query_ap_result result) +{ + wpa_msg(gas->msg_ctx, MSG_INFO, GAS_QUERY_DONE "addr=" MACSTR + " dialog_token=%u freq=%d status_code=%u result=%s", + MAC2STR(query->addr), query->dialog_token, query->freq, + query->status_code, gas_result_txt(result)); + if (gas->current == query) + gas->current = NULL; + eloop_cancel_timeout(gas_query_tx_comeback_timeout, gas, query); + eloop_cancel_timeout(gas_query_timeout, gas, query); + eloop_cancel_timeout(gas_query_rx_comeback_timeout, gas, query); + dl_list_del(&query->list); + query->cb(query->ctx, query->addr, query->dialog_token, result, + query->adv_proto, query->resp, query->status_code); + gas_query_free(query, 0); +} + + +/** + * gas_query_ap_deinit - Deinitialize GAS query component + * @gas: GAS query data from gas_query_init() + */ +void gas_query_ap_deinit(struct gas_query_ap *gas) +{ + struct gas_query_pending *query, *next; + + if (gas == NULL) + return; + + dl_list_for_each_safe(query, next, &gas->pending, + struct gas_query_pending, list) + gas_query_done(gas, query, GAS_QUERY_AP_DELETED_AT_DEINIT); + + os_free(gas); +} + + +static struct gas_query_pending * +gas_query_get_pending(struct gas_query_ap *gas, const u8 *addr, u8 dialog_token) +{ + struct gas_query_pending *q; + dl_list_for_each(q, &gas->pending, struct gas_query_pending, list) { + if (os_memcmp(q->addr, addr, ETH_ALEN) == 0 && + q->dialog_token == dialog_token) + return q; + } + return NULL; +} + + +static int gas_query_append(struct gas_query_pending *query, const u8 *data, + size_t len) +{ + if (wpabuf_resize(&query->resp, len) < 0) { + wpa_printf(MSG_DEBUG, "GAS: No memory to store the response"); + return -1; + } + wpabuf_put_data(query->resp, data, len); + return 0; +} + + +void gas_query_ap_tx_status(struct gas_query_ap *gas, const u8 *dst, + const u8 *data, size_t data_len, int ok) +{ + struct gas_query_pending *query; + int dur; + + if (!gas || !gas->current) { + wpa_printf(MSG_DEBUG, "GAS: Unexpected TX status: dst=" MACSTR + " ok=%d - no query in progress", MAC2STR(dst), ok); + return; + } + + query = gas->current; + + dur = ms_from_time(&query->last_oper); + wpa_printf(MSG_DEBUG, "GAS: TX status: dst=" MACSTR + " ok=%d query=%p dialog_token=%u dur=%d ms", + MAC2STR(dst), ok, query, query->dialog_token, dur); + if (os_memcmp(dst, query->addr, ETH_ALEN) != 0) { + wpa_printf(MSG_DEBUG, "GAS: TX status for unexpected destination"); + return; + } + os_get_reltime(&query->last_oper); + + eloop_cancel_timeout(gas_query_timeout, gas, query); + if (!ok) { + wpa_printf(MSG_DEBUG, "GAS: No ACK to GAS request"); + eloop_register_timeout(0, 250000, gas_query_timeout, + gas, query); + } else { + eloop_register_timeout(GAS_QUERY_TIMEOUT_PERIOD, 0, + gas_query_timeout, gas, query); + } + if (query->wait_comeback && !query->retry) { + eloop_cancel_timeout(gas_query_rx_comeback_timeout, + gas, query); + eloop_register_timeout( + 0, (GAS_QUERY_WAIT_TIME_COMEBACK + 10) * 1000, + gas_query_rx_comeback_timeout, gas, query); + } +} + + +static int pmf_in_use(struct hostapd_data *hapd, const u8 *addr) +{ + struct sta_info *sta; + + sta = ap_get_sta(hapd, addr); + return sta && (sta->flags & WLAN_STA_MFP); +} + + +static int gas_query_tx(struct gas_query_ap *gas, + struct gas_query_pending *query, + struct wpabuf *req, unsigned int wait_time) +{ + int res, prot = pmf_in_use(gas->hapd, query->addr); + + wpa_printf(MSG_DEBUG, "GAS: Send action frame to " MACSTR " len=%u " + "freq=%d prot=%d using src addr " MACSTR, + MAC2STR(query->addr), (unsigned int) wpabuf_len(req), + query->freq, prot, MAC2STR(query->sa)); + if (prot) { + u8 *categ = wpabuf_mhead_u8(req); + *categ = WLAN_ACTION_PROTECTED_DUAL; + } + os_get_reltime(&query->last_oper); + res = hostapd_drv_send_action(gas->hapd, query->freq, wait_time, + query->addr, wpabuf_head(req), + wpabuf_len(req)); + return res; +} + + +static void gas_query_tx_comeback_req(struct gas_query_ap *gas, + struct gas_query_pending *query) +{ + struct wpabuf *req; + unsigned int wait_time; + + req = gas_build_comeback_req(query->dialog_token); + if (req == NULL) { + gas_query_done(gas, query, GAS_QUERY_AP_INTERNAL_ERROR); + return; + } + + wait_time = (query->retry || !query->offchannel_tx_started) ? + GAS_QUERY_WAIT_TIME_INITIAL : GAS_QUERY_WAIT_TIME_COMEBACK; + + if (gas_query_tx(gas, query, req, wait_time) < 0) { + wpa_printf(MSG_DEBUG, "GAS: Failed to send Action frame to " + MACSTR, MAC2STR(query->addr)); + gas_query_done(gas, query, GAS_QUERY_AP_INTERNAL_ERROR); + } + + wpabuf_free(req); +} + + +static void gas_query_rx_comeback_timeout(void *eloop_data, void *user_ctx) +{ + struct gas_query_ap *gas = eloop_data; + struct gas_query_pending *query = user_ctx; + int dialog_token; + + wpa_printf(MSG_DEBUG, + "GAS: No response to comeback request received (retry=%u)", + query->retry); + if (gas->current != query || query->retry) + return; + dialog_token = gas_query_new_dialog_token(gas, query->addr); + if (dialog_token < 0) + return; + wpa_printf(MSG_DEBUG, + "GAS: Retry GAS query due to comeback response timeout"); + query->retry = 1; + query->dialog_token = dialog_token; + *(wpabuf_mhead_u8(query->req) + 2) = dialog_token; + query->wait_comeback = 0; + query->next_frag_id = 0; + wpabuf_free(query->adv_proto); + query->adv_proto = NULL; + eloop_cancel_timeout(gas_query_tx_comeback_timeout, gas, query); + eloop_cancel_timeout(gas_query_timeout, gas, query); + gas_query_tx_initial_req(gas, query); +} + + +static void gas_query_tx_comeback_timeout(void *eloop_data, void *user_ctx) +{ + struct gas_query_ap *gas = eloop_data; + struct gas_query_pending *query = user_ctx; + + wpa_printf(MSG_DEBUG, "GAS: Comeback timeout for request to " MACSTR, + MAC2STR(query->addr)); + gas_query_tx_comeback_req(gas, query); +} + + +static void gas_query_tx_comeback_req_delay(struct gas_query_ap *gas, + struct gas_query_pending *query, + u16 comeback_delay) +{ + unsigned int secs, usecs; + + secs = (comeback_delay * 1024) / 1000000; + usecs = comeback_delay * 1024 - secs * 1000000; + wpa_printf(MSG_DEBUG, "GAS: Send comeback request to " MACSTR + " in %u secs %u usecs", MAC2STR(query->addr), secs, usecs); + eloop_cancel_timeout(gas_query_tx_comeback_timeout, gas, query); + eloop_register_timeout(secs, usecs, gas_query_tx_comeback_timeout, + gas, query); +} + + +static void gas_query_rx_initial(struct gas_query_ap *gas, + struct gas_query_pending *query, + const u8 *adv_proto, const u8 *resp, + size_t len, u16 comeback_delay) +{ + wpa_printf(MSG_DEBUG, "GAS: Received initial response from " + MACSTR " (dialog_token=%u comeback_delay=%u)", + MAC2STR(query->addr), query->dialog_token, comeback_delay); + + query->adv_proto = wpabuf_alloc_copy(adv_proto, 2 + adv_proto[1]); + if (query->adv_proto == NULL) { + gas_query_done(gas, query, GAS_QUERY_AP_INTERNAL_ERROR); + return; + } + + if (comeback_delay) { + eloop_cancel_timeout(gas_query_timeout, gas, query); + query->wait_comeback = 1; + gas_query_tx_comeback_req_delay(gas, query, comeback_delay); + return; + } + + /* Query was completed without comeback mechanism */ + if (gas_query_append(query, resp, len) < 0) { + gas_query_done(gas, query, GAS_QUERY_AP_INTERNAL_ERROR); + return; + } + + gas_query_done(gas, query, GAS_QUERY_AP_SUCCESS); +} + + +static void gas_query_rx_comeback(struct gas_query_ap *gas, + struct gas_query_pending *query, + const u8 *adv_proto, const u8 *resp, + size_t len, u8 frag_id, u8 more_frags, + u16 comeback_delay) +{ + wpa_printf(MSG_DEBUG, "GAS: Received comeback response from " + MACSTR " (dialog_token=%u frag_id=%u more_frags=%u " + "comeback_delay=%u)", + MAC2STR(query->addr), query->dialog_token, frag_id, + more_frags, comeback_delay); + eloop_cancel_timeout(gas_query_rx_comeback_timeout, gas, query); + + if ((size_t) 2 + adv_proto[1] != wpabuf_len(query->adv_proto) || + os_memcmp(adv_proto, wpabuf_head(query->adv_proto), + wpabuf_len(query->adv_proto)) != 0) { + wpa_printf(MSG_DEBUG, "GAS: Advertisement Protocol changed " + "between initial and comeback response from " + MACSTR, MAC2STR(query->addr)); + gas_query_done(gas, query, GAS_QUERY_AP_PEER_ERROR); + return; + } + + if (comeback_delay) { + if (frag_id) { + wpa_printf(MSG_DEBUG, "GAS: Invalid comeback response " + "with non-zero frag_id and comeback_delay " + "from " MACSTR, MAC2STR(query->addr)); + gas_query_done(gas, query, GAS_QUERY_AP_PEER_ERROR); + return; + } + gas_query_tx_comeback_req_delay(gas, query, comeback_delay); + return; + } + + if (frag_id != query->next_frag_id) { + wpa_printf(MSG_DEBUG, "GAS: Unexpected frag_id in response " + "from " MACSTR, MAC2STR(query->addr)); + if (frag_id + 1 == query->next_frag_id) { + wpa_printf(MSG_DEBUG, "GAS: Drop frame as possible " + "retry of previous fragment"); + return; + } + gas_query_done(gas, query, GAS_QUERY_AP_PEER_ERROR); + return; + } + query->next_frag_id++; + + if (gas_query_append(query, resp, len) < 0) { + gas_query_done(gas, query, GAS_QUERY_AP_INTERNAL_ERROR); + return; + } + + if (more_frags) { + gas_query_tx_comeback_req(gas, query); + return; + } + + gas_query_done(gas, query, GAS_QUERY_AP_SUCCESS); +} + + +/** + * gas_query_ap_rx - Indicate reception of a Public Action or Protected Dual + * frame + * @gas: GAS query data from gas_query_init() + * @sa: Source MAC address of the Action frame + * @categ: Category of the Action frame + * @data: Payload of the Action frame + * @len: Length of @data + * @freq: Frequency (in MHz) on which the frame was received + * Returns: 0 if the Public Action frame was a GAS frame or -1 if not + */ +int gas_query_ap_rx(struct gas_query_ap *gas, const u8 *sa, u8 categ, + const u8 *data, size_t len, int freq) +{ + struct gas_query_pending *query; + u8 action, dialog_token, frag_id = 0, more_frags = 0; + u16 comeback_delay, resp_len; + const u8 *pos, *adv_proto; + int prot, pmf; + unsigned int left; + + if (!gas || len < 4) + return -1; + + pos = data; + action = *pos++; + dialog_token = *pos++; + + if (action != WLAN_PA_GAS_INITIAL_RESP && + action != WLAN_PA_GAS_COMEBACK_RESP) + return -1; /* Not a GAS response */ + + prot = categ == WLAN_ACTION_PROTECTED_DUAL; + pmf = pmf_in_use(gas->hapd, sa); + if (prot && !pmf) { + wpa_printf(MSG_DEBUG, "GAS: Drop unexpected protected GAS frame when PMF is disabled"); + return 0; + } + if (!prot && pmf) { + wpa_printf(MSG_DEBUG, "GAS: Drop unexpected unprotected GAS frame when PMF is enabled"); + return 0; + } + + query = gas_query_get_pending(gas, sa, dialog_token); + if (query == NULL) { + wpa_printf(MSG_DEBUG, "GAS: No pending query found for " MACSTR + " dialog token %u", MAC2STR(sa), dialog_token); + return -1; + } + + wpa_printf(MSG_DEBUG, "GAS: Response in %d ms from " MACSTR, + ms_from_time(&query->last_oper), MAC2STR(sa)); + + if (query->wait_comeback && action == WLAN_PA_GAS_INITIAL_RESP) { + wpa_printf(MSG_DEBUG, "GAS: Unexpected initial response from " + MACSTR " dialog token %u when waiting for comeback " + "response", MAC2STR(sa), dialog_token); + return 0; + } + + if (!query->wait_comeback && action == WLAN_PA_GAS_COMEBACK_RESP) { + wpa_printf(MSG_DEBUG, "GAS: Unexpected comeback response from " + MACSTR " dialog token %u when waiting for initial " + "response", MAC2STR(sa), dialog_token); + return 0; + } + + query->status_code = WPA_GET_LE16(pos); + pos += 2; + + if (query->status_code == WLAN_STATUS_QUERY_RESP_OUTSTANDING && + action == WLAN_PA_GAS_COMEBACK_RESP) { + wpa_printf(MSG_DEBUG, "GAS: Allow non-zero status for outstanding comeback response"); + } else if (query->status_code != WLAN_STATUS_SUCCESS) { + wpa_printf(MSG_DEBUG, "GAS: Query to " MACSTR " dialog token " + "%u failed - status code %u", + MAC2STR(sa), dialog_token, query->status_code); + gas_query_done(gas, query, GAS_QUERY_AP_FAILURE); + return 0; + } + + if (action == WLAN_PA_GAS_COMEBACK_RESP) { + if (pos + 1 > data + len) + return 0; + frag_id = *pos & 0x7f; + more_frags = (*pos & 0x80) >> 7; + pos++; + } + + /* Comeback Delay */ + if (pos + 2 > data + len) + return 0; + comeback_delay = WPA_GET_LE16(pos); + pos += 2; + + /* Advertisement Protocol element */ + if (pos + 2 > data + len || pos + 2 + pos[1] > data + len) { + wpa_printf(MSG_DEBUG, "GAS: No room for Advertisement " + "Protocol element in the response from " MACSTR, + MAC2STR(sa)); + return 0; + } + + if (*pos != WLAN_EID_ADV_PROTO) { + wpa_printf(MSG_DEBUG, "GAS: Unexpected Advertisement " + "Protocol element ID %u in response from " MACSTR, + *pos, MAC2STR(sa)); + return 0; + } + + adv_proto = pos; + pos += 2 + pos[1]; + + /* Query Response Length */ + if (pos + 2 > data + len) { + wpa_printf(MSG_DEBUG, "GAS: No room for GAS Response Length"); + return 0; + } + resp_len = WPA_GET_LE16(pos); + pos += 2; + + left = data + len - pos; + if (resp_len > left) { + wpa_printf(MSG_DEBUG, "GAS: Truncated Query Response in " + "response from " MACSTR, MAC2STR(sa)); + return 0; + } + + if (resp_len < left) { + wpa_printf(MSG_DEBUG, "GAS: Ignore %u octets of extra data " + "after Query Response from " MACSTR, + left - resp_len, MAC2STR(sa)); + } + + if (action == WLAN_PA_GAS_COMEBACK_RESP) + gas_query_rx_comeback(gas, query, adv_proto, pos, resp_len, + frag_id, more_frags, comeback_delay); + else + gas_query_rx_initial(gas, query, adv_proto, pos, resp_len, + comeback_delay); + + return 0; +} + + +static void gas_query_timeout(void *eloop_data, void *user_ctx) +{ + struct gas_query_ap *gas = eloop_data; + struct gas_query_pending *query = user_ctx; + + wpa_printf(MSG_DEBUG, "GAS: No response received for query to " MACSTR + " dialog token %u", + MAC2STR(query->addr), query->dialog_token); + gas_query_done(gas, query, GAS_QUERY_AP_TIMEOUT); +} + + +static int gas_query_dialog_token_available(struct gas_query_ap *gas, + const u8 *dst, u8 dialog_token) +{ + struct gas_query_pending *q; + dl_list_for_each(q, &gas->pending, struct gas_query_pending, list) { + if (os_memcmp(dst, q->addr, ETH_ALEN) == 0 && + dialog_token == q->dialog_token) + return 0; + } + + return 1; +} + + +static void gas_query_tx_initial_req(struct gas_query_ap *gas, + struct gas_query_pending *query) +{ + if (gas_query_tx(gas, query, query->req, + GAS_QUERY_WAIT_TIME_INITIAL) < 0) { + wpa_printf(MSG_DEBUG, "GAS: Failed to send Action frame to " + MACSTR, MAC2STR(query->addr)); + gas_query_done(gas, query, GAS_QUERY_AP_INTERNAL_ERROR); + return; + } + gas->current = query; + + wpa_printf(MSG_DEBUG, "GAS: Starting query timeout for dialog token %u", + query->dialog_token); + eloop_register_timeout(GAS_QUERY_TIMEOUT_PERIOD, 0, + gas_query_timeout, gas, query); +} + + +static int gas_query_new_dialog_token(struct gas_query_ap *gas, const u8 *dst) +{ + static int next_start = 0; + int dialog_token; + + for (dialog_token = 0; dialog_token < 256; dialog_token++) { + if (gas_query_dialog_token_available( + gas, dst, (next_start + dialog_token) % 256)) + break; + } + if (dialog_token == 256) + return -1; /* Too many pending queries */ + dialog_token = (next_start + dialog_token) % 256; + next_start = (dialog_token + 1) % 256; + return dialog_token; +} + + +/** + * gas_query_ap_req - Request a GAS query + * @gas: GAS query data from gas_query_init() + * @dst: Destination MAC address for the query + * @freq: Frequency (in MHz) for the channel on which to send the query + * @req: GAS query payload (to be freed by gas_query module in case of success + * return) + * @cb: Callback function for reporting GAS query result and response + * @ctx: Context pointer to use with the @cb call + * Returns: dialog token (>= 0) on success or -1 on failure + */ +int gas_query_ap_req(struct gas_query_ap *gas, const u8 *dst, int freq, + struct wpabuf *req, + void (*cb)(void *ctx, const u8 *dst, u8 dialog_token, + enum gas_query_ap_result result, + const struct wpabuf *adv_proto, + const struct wpabuf *resp, u16 status_code), + void *ctx) +{ + struct gas_query_pending *query; + int dialog_token; + + if (!gas || wpabuf_len(req) < 3) + return -1; + + dialog_token = gas_query_new_dialog_token(gas, dst); + if (dialog_token < 0) + return -1; + + query = os_zalloc(sizeof(*query)); + if (query == NULL) + return -1; + + query->gas = gas; + os_memcpy(query->addr, dst, ETH_ALEN); + query->dialog_token = dialog_token; + query->freq = freq; + query->cb = cb; + query->ctx = ctx; + query->req = req; + dl_list_add(&gas->pending, &query->list); + + *(wpabuf_mhead_u8(req) + 2) = dialog_token; + + wpa_msg(gas->msg_ctx, MSG_INFO, GAS_QUERY_START "addr=" MACSTR + " dialog_token=%u freq=%d", + MAC2STR(query->addr), query->dialog_token, query->freq); + + gas_query_tx_initial_req(gas, query); + + return dialog_token; +} diff --git a/contrib/wpa/src/ap/gas_query_ap.h b/contrib/wpa/src/ap/gas_query_ap.h new file mode 100644 index 000000000000..70f1f0537657 --- /dev/null +++ b/contrib/wpa/src/ap/gas_query_ap.h @@ -0,0 +1,43 @@ +/* + * Generic advertisement service (GAS) query + * Copyright (c) 2009, Atheros Communications + * Copyright (c) 2011-2017, Qualcomm Atheros + * + * This software may be distributed under the terms of the BSD license. + * See README for more details. + */ + +#ifndef GAS_QUERY_AP_H +#define GAS_QUERY_AP_H + +struct gas_query_ap; + +struct gas_query_ap * gas_query_ap_init(struct hostapd_data *hapd, + void *msg_ctx); +void gas_query_ap_deinit(struct gas_query_ap *gas); +int gas_query_ap_rx(struct gas_query_ap *gas, const u8 *sa, u8 categ, + const u8 *data, size_t len, int freq); + +/** + * enum gas_query_ap_result - GAS query result + */ +enum gas_query_ap_result { + GAS_QUERY_AP_SUCCESS, + GAS_QUERY_AP_FAILURE, + GAS_QUERY_AP_TIMEOUT, + GAS_QUERY_AP_PEER_ERROR, + GAS_QUERY_AP_INTERNAL_ERROR, + GAS_QUERY_AP_DELETED_AT_DEINIT +}; + +int gas_query_ap_req(struct gas_query_ap *gas, const u8 *dst, int freq, + struct wpabuf *req, + void (*cb)(void *ctx, const u8 *dst, u8 dialog_token, + enum gas_query_ap_result result, + const struct wpabuf *adv_proto, + const struct wpabuf *resp, u16 status_code), + void *ctx); +void gas_query_ap_tx_status(struct gas_query_ap *gas, const u8 *dst, + const u8 *data, size_t data_len, int ok); + +#endif /* GAS_QUERY_AP_H */ diff --git a/contrib/wpa/src/ap/gas_serv.c b/contrib/wpa/src/ap/gas_serv.c index 6ce178de3b29..a7df81032477 100644 --- a/contrib/wpa/src/ap/gas_serv.c +++ b/contrib/wpa/src/ap/gas_serv.c @@ -11,14 +11,31 @@ #include "common.h" #include "common/ieee802_11_defs.h" #include "common/gas.h" +#include "common/wpa_ctrl.h" #include "utils/eloop.h" #include "hostapd.h" #include "ap_config.h" #include "ap_drv_ops.h" +#include "dpp_hostapd.h" #include "sta_info.h" #include "gas_serv.h" +#ifdef CONFIG_DPP +static void gas_serv_write_dpp_adv_proto(struct wpabuf *buf) +{ + wpabuf_put_u8(buf, WLAN_EID_ADV_PROTO); + wpabuf_put_u8(buf, 8); /* Length */ + wpabuf_put_u8(buf, 0x7f); + wpabuf_put_u8(buf, WLAN_EID_VENDOR_SPECIFIC); + wpabuf_put_u8(buf, 5); + wpabuf_put_be24(buf, OUI_WFA); + wpabuf_put_u8(buf, DPP_OUI_TYPE); + wpabuf_put_u8(buf, 0x01); +} +#endif /* CONFIG_DPP */ + + static void convert_to_protected_dual(struct wpabuf *msg) { u8 *categ = wpabuf_mhead_u8(msg); @@ -50,9 +67,12 @@ gas_dialog_create(struct hostapd_data *hapd, const u8 *addr, u8 dialog_token) sta->flags |= WLAN_STA_GAS; /* * The default inactivity is 300 seconds. We don't need - * it to be that long. + * it to be that long. Use five second timeout and increase this + * with the comeback_delay for testing cases. */ - ap_sta_session_timeout(hapd, sta, 5); + ap_sta_session_timeout(hapd, sta, + hapd->conf->gas_comeback_delay / 1024 + + 5); } else { ap_sta_replenish_timeout(hapd, sta, 5); } @@ -161,8 +181,12 @@ static void anqp_add_hs_capab_list(struct hostapd_data *hapd, wpabuf_put_u8(buf, HS20_STYPE_OPERATING_CLASS); if (hapd->conf->hs20_osu_providers_count) wpabuf_put_u8(buf, HS20_STYPE_OSU_PROVIDERS_LIST); + if (hapd->conf->hs20_osu_providers_nai_count) + wpabuf_put_u8(buf, HS20_STYPE_OSU_PROVIDERS_NAI_LIST); if (hapd->conf->hs20_icons_count) wpabuf_put_u8(buf, HS20_STYPE_ICON_REQUEST); + if (hapd->conf->hs20_operator_icon_count) + wpabuf_put_u8(buf, HS20_STYPE_OPERATOR_ICON_METADATA); gas_anqp_set_element_len(buf, len); } #endif /* CONFIG_HS20 */ @@ -255,20 +279,29 @@ static void anqp_add_capab_list(struct hostapd_data *hapd, wpabuf_put_le16(buf, ANQP_DOMAIN_NAME); if (get_anqp_elem(hapd, ANQP_EMERGENCY_ALERT_URI)) wpabuf_put_le16(buf, ANQP_EMERGENCY_ALERT_URI); + if (get_anqp_elem(hapd, ANQP_TDLS_CAPABILITY)) + wpabuf_put_le16(buf, ANQP_TDLS_CAPABILITY); if (get_anqp_elem(hapd, ANQP_EMERGENCY_NAI)) wpabuf_put_le16(buf, ANQP_EMERGENCY_NAI); if (get_anqp_elem(hapd, ANQP_NEIGHBOR_REPORT)) wpabuf_put_le16(buf, ANQP_NEIGHBOR_REPORT); - for (id = 273; id < 277; id++) { - if (get_anqp_elem(hapd, id)) - wpabuf_put_le16(buf, id); - } - if (get_anqp_elem(hapd, ANQP_VENUE_URL)) +#ifdef CONFIG_FILS + if (!dl_list_empty(&hapd->conf->fils_realms) || + get_anqp_elem(hapd, ANQP_FILS_REALM_INFO)) + wpabuf_put_le16(buf, ANQP_FILS_REALM_INFO); +#endif /* CONFIG_FILS */ + if (get_anqp_elem(hapd, ANQP_CAG)) + wpabuf_put_le16(buf, ANQP_CAG); + if (hapd->conf->venue_url || get_anqp_elem(hapd, ANQP_VENUE_URL)) wpabuf_put_le16(buf, ANQP_VENUE_URL); if (get_anqp_elem(hapd, ANQP_ADVICE_OF_CHARGE)) wpabuf_put_le16(buf, ANQP_ADVICE_OF_CHARGE); if (get_anqp_elem(hapd, ANQP_LOCAL_CONTENT)) wpabuf_put_le16(buf, ANQP_LOCAL_CONTENT); + for (id = 280; id < 300; id++) { + if (get_anqp_elem(hapd, id)) + wpabuf_put_le16(buf, id); + } #ifdef CONFIG_HS20 anqp_add_hs_capab_list(hapd, buf); #endif /* CONFIG_HS20 */ @@ -299,6 +332,29 @@ static void anqp_add_venue_name(struct hostapd_data *hapd, struct wpabuf *buf) } +static void anqp_add_venue_url(struct hostapd_data *hapd, struct wpabuf *buf) +{ + if (anqp_add_override(hapd, buf, ANQP_VENUE_URL)) + return; + + if (hapd->conf->venue_url) { + u8 *len; + unsigned int i; + + len = gas_anqp_add_element(buf, ANQP_VENUE_URL); + for (i = 0; i < hapd->conf->venue_url_count; i++) { + struct hostapd_venue_url *url; + + url = &hapd->conf->venue_url[i]; + wpabuf_put_u8(buf, 1 + url->url_len); + wpabuf_put_u8(buf, url->venue_number); + wpabuf_put_data(buf, url->url, url->url_len); + } + gas_anqp_set_element_len(buf, len); + } +} + + static void anqp_add_network_auth_type(struct hostapd_data *hapd, struct wpabuf *buf) { @@ -548,6 +604,36 @@ static void anqp_add_domain_name(struct hostapd_data *hapd, struct wpabuf *buf) } +#ifdef CONFIG_FILS +static void anqp_add_fils_realm_info(struct hostapd_data *hapd, + struct wpabuf *buf) +{ + size_t count; + + if (anqp_add_override(hapd, buf, ANQP_FILS_REALM_INFO)) + return; + + count = dl_list_len(&hapd->conf->fils_realms); + if (count > 10000) + count = 10000; + if (count) { + struct fils_realm *realm; + + wpabuf_put_le16(buf, ANQP_FILS_REALM_INFO); + wpabuf_put_le16(buf, 2 * count); + + dl_list_for_each(realm, &hapd->conf->fils_realms, + struct fils_realm, list) { + if (count == 0) + break; + wpabuf_put_data(buf, realm->hash, 2); + count--; + } + } +} +#endif /* CONFIG_FILS */ + + #ifdef CONFIG_HS20 static void anqp_add_operator_friendly_name(struct hostapd_data *hapd, @@ -621,6 +707,29 @@ static void anqp_add_operating_class(struct hostapd_data *hapd, } +static void anqp_add_icon(struct wpabuf *buf, struct hostapd_bss_config *bss, + const char *name) +{ + size_t j; + struct hs20_icon *icon = NULL; + + for (j = 0; j < bss->hs20_icons_count && !icon; j++) { + if (os_strcmp(name, bss->hs20_icons[j].name) == 0) + icon = &bss->hs20_icons[j]; + } + if (!icon) + return; /* icon info not found */ + + wpabuf_put_le16(buf, icon->width); + wpabuf_put_le16(buf, icon->height); + wpabuf_put_data(buf, icon->language, 3); + wpabuf_put_u8(buf, os_strlen(icon->type)); + wpabuf_put_str(buf, icon->type); + wpabuf_put_u8(buf, os_strlen(icon->name)); + wpabuf_put_str(buf, icon->name); +} + + static void anqp_add_osu_provider(struct wpabuf *buf, struct hostapd_bss_config *bss, struct hs20_osu_provider *p) @@ -649,32 +758,14 @@ static void anqp_add_osu_provider(struct wpabuf *buf, /* OSU Method List */ count = wpabuf_put(buf, 1); - for (i = 0; p->method_list[i] >= 0; i++) + for (i = 0; p->method_list && p->method_list[i] >= 0; i++) wpabuf_put_u8(buf, p->method_list[i]); *count = i; /* Icons Available */ len2 = wpabuf_put(buf, 2); - for (i = 0; i < p->icons_count; i++) { - size_t j; - struct hs20_icon *icon = NULL; - - for (j = 0; j < bss->hs20_icons_count && !icon; j++) { - if (os_strcmp(p->icons[i], bss->hs20_icons[j].name) == - 0) - icon = &bss->hs20_icons[j]; - } - if (!icon) - continue; /* icon info not found */ - - wpabuf_put_le16(buf, icon->width); - wpabuf_put_le16(buf, icon->height); - wpabuf_put_data(buf, icon->language, 3); - wpabuf_put_u8(buf, os_strlen(icon->type)); - wpabuf_put_str(buf, icon->type); - wpabuf_put_u8(buf, os_strlen(icon->name)); - wpabuf_put_str(buf, icon->name); - } + for (i = 0; i < p->icons_count; i++) + anqp_add_icon(buf, bss, p->icons[i]); WPA_PUT_LE16(len2, (u8 *) wpabuf_put(buf, 0) - len2 - 2); /* OSU_NAI */ @@ -728,6 +819,40 @@ static void anqp_add_osu_providers_list(struct hostapd_data *hapd, } +static void anqp_add_osu_provider_nai(struct wpabuf *buf, + struct hs20_osu_provider *p) +{ + /* OSU_NAI for shared BSS (Single SSID) */ + if (p->osu_nai2) { + wpabuf_put_u8(buf, os_strlen(p->osu_nai2)); + wpabuf_put_str(buf, p->osu_nai2); + } else { + wpabuf_put_u8(buf, 0); + } +} + + +static void anqp_add_osu_providers_nai_list(struct hostapd_data *hapd, + struct wpabuf *buf) +{ + if (hapd->conf->hs20_osu_providers_nai_count) { + size_t i; + u8 *len = gas_anqp_add_element(buf, ANQP_VENDOR_SPECIFIC); + wpabuf_put_be24(buf, OUI_WFA); + wpabuf_put_u8(buf, HS20_ANQP_OUI_TYPE); + wpabuf_put_u8(buf, HS20_STYPE_OSU_PROVIDERS_NAI_LIST); + wpabuf_put_u8(buf, 0); /* Reserved */ + + for (i = 0; i < hapd->conf->hs20_osu_providers_count; i++) { + anqp_add_osu_provider_nai( + buf, &hapd->conf->hs20_osu_providers[i]); + } + + gas_anqp_set_element_len(buf, len); + } +} + + static void anqp_add_icon_binary_file(struct hostapd_data *hapd, struct wpabuf *buf, const u8 *name, size_t name_len) @@ -783,9 +908,49 @@ static void anqp_add_icon_binary_file(struct hostapd_data *hapd, gas_anqp_set_element_len(buf, len); } + +static void anqp_add_operator_icon_metadata(struct hostapd_data *hapd, + struct wpabuf *buf) +{ + struct hostapd_bss_config *bss = hapd->conf; + size_t i; + u8 *len; + + if (!bss->hs20_operator_icon_count) + return; + + len = gas_anqp_add_element(buf, ANQP_VENDOR_SPECIFIC); + + wpabuf_put_be24(buf, OUI_WFA); + wpabuf_put_u8(buf, HS20_ANQP_OUI_TYPE); + wpabuf_put_u8(buf, HS20_STYPE_OPERATOR_ICON_METADATA); + wpabuf_put_u8(buf, 0); /* Reserved */ + + for (i = 0; i < bss->hs20_operator_icon_count; i++) + anqp_add_icon(buf, bss, bss->hs20_operator_icon[i]); + + gas_anqp_set_element_len(buf, len); +} + #endif /* CONFIG_HS20 */ +#ifdef CONFIG_MBO +static void anqp_add_mbo_cell_data_conn_pref(struct hostapd_data *hapd, + struct wpabuf *buf) +{ + if (hapd->conf->mbo_cell_data_conn_pref >= 0) { + u8 *len = gas_anqp_add_element(buf, ANQP_VENDOR_SPECIFIC); + wpabuf_put_be24(buf, OUI_WFA); + wpabuf_put_u8(buf, MBO_ANQP_OUI_TYPE); + wpabuf_put_u8(buf, MBO_ANQP_SUBTYPE_CELL_CONN_PREF); + wpabuf_put_u8(buf, hapd->conf->mbo_cell_data_conn_pref); + gas_anqp_set_element_len(buf, len); + } +} +#endif /* CONFIG_MBO */ + + static size_t anqp_get_required_len(struct hostapd_data *hapd, const u16 *infoid, unsigned int num_infoid) @@ -821,6 +986,10 @@ gas_serv_build_gas_resp_payload(struct hostapd_data *hapd, len += 1000; if (request & ANQP_REQ_ICON_REQUEST) len += 65536; +#ifdef CONFIG_FILS + if (request & ANQP_FILS_REALM_INFO) + len += 2 * dl_list_len(&hapd->conf->fils_realms); +#endif /* CONFIG_FILS */ len += anqp_get_required_len(hapd, extra_req, num_extra_req); buf = wpabuf_alloc(len); @@ -860,8 +1029,19 @@ gas_serv_build_gas_resp_payload(struct hostapd_data *hapd, if (request & ANQP_REQ_EMERGENCY_NAI) anqp_add_elem(hapd, buf, ANQP_EMERGENCY_NAI); - for (i = 0; i < num_extra_req; i++) + for (i = 0; i < num_extra_req; i++) { +#ifdef CONFIG_FILS + if (extra_req[i] == ANQP_FILS_REALM_INFO) { + anqp_add_fils_realm_info(hapd, buf); + continue; + } +#endif /* CONFIG_FILS */ + if (extra_req[i] == ANQP_VENUE_URL) { + anqp_add_venue_url(hapd, buf); + continue; + } anqp_add_elem(hapd, buf, extra_req[i]); + } #ifdef CONFIG_HS20 if (request & ANQP_REQ_HS_CAPABILITY_LIST) @@ -878,8 +1058,17 @@ gas_serv_build_gas_resp_payload(struct hostapd_data *hapd, anqp_add_osu_providers_list(hapd, buf); if (request & ANQP_REQ_ICON_REQUEST) anqp_add_icon_binary_file(hapd, buf, icon_name, icon_name_len); + if (request & ANQP_REQ_OPERATOR_ICON_METADATA) + anqp_add_operator_icon_metadata(hapd, buf); + if (request & ANQP_REQ_OSU_PROVIDERS_NAI_LIST) + anqp_add_osu_providers_nai_list(hapd, buf); #endif /* CONFIG_HS20 */ +#ifdef CONFIG_MBO + if (request & ANQP_REQ_MBO_CELL_DATA_CONN_PREF) + anqp_add_mbo_cell_data_conn_pref(hapd, buf); +#endif /* CONFIG_MBO */ + return buf; } @@ -984,7 +1173,17 @@ static void rx_anqp_query_list_id(struct hostapd_data *hapd, u16 info_id, get_anqp_elem(hapd, info_id) != NULL, qi); break; default: - if (!get_anqp_elem(hapd, info_id)) { +#ifdef CONFIG_FILS + if (info_id == ANQP_FILS_REALM_INFO && + !dl_list_empty(&hapd->conf->fils_realms)) { + wpa_printf(MSG_DEBUG, + "ANQP: FILS Realm Information (local)"); + } else +#endif /* CONFIG_FILS */ + if (info_id == ANQP_VENUE_URL && hapd->conf->venue_url) { + wpa_printf(MSG_DEBUG, + "ANQP: Venue URL (local)"); + } else if (!get_anqp_elem(hapd, info_id)) { wpa_printf(MSG_DEBUG, "ANQP: Unsupported Info Id %u", info_id); break; @@ -1050,6 +1249,16 @@ static void rx_anqp_hs_query_list(struct hostapd_data *hapd, u8 subtype, set_anqp_req(ANQP_REQ_OSU_PROVIDERS_LIST, "OSU Providers list", hapd->conf->hs20_osu_providers_count, qi); break; + case HS20_STYPE_OPERATOR_ICON_METADATA: + set_anqp_req(ANQP_REQ_OPERATOR_ICON_METADATA, + "Operator Icon Metadata", + hapd->conf->hs20_operator_icon_count, qi); + break; + case HS20_STYPE_OSU_PROVIDERS_NAI_LIST: + set_anqp_req(ANQP_REQ_OSU_PROVIDERS_NAI_LIST, + "OSU Providers NAI List", + hapd->conf->hs20_osu_providers_nai_count, qi); + break; default: wpa_printf(MSG_DEBUG, "ANQP: Unsupported HS 2.0 subtype %u", subtype); @@ -1092,49 +1301,12 @@ static void rx_anqp_hs_icon_request(struct hostapd_data *hapd, } -static void rx_anqp_vendor_specific(struct hostapd_data *hapd, - const u8 *pos, const u8 *end, - struct anqp_query_info *qi) +static void rx_anqp_vendor_specific_hs20(struct hostapd_data *hapd, + const u8 *pos, const u8 *end, + struct anqp_query_info *qi) { - u32 oui; u8 subtype; - if (end - pos < 4) { - wpa_printf(MSG_DEBUG, "ANQP: Too short vendor specific ANQP " - "Query element"); - return; - } - - oui = WPA_GET_BE24(pos); - pos += 3; - if (oui != OUI_WFA) { - wpa_printf(MSG_DEBUG, "ANQP: Unsupported vendor OUI %06x", - oui); - return; - } - -#ifdef CONFIG_P2P - if (*pos == P2P_OUI_TYPE) { - /* - * This is for P2P SD and will be taken care of by the P2P - * implementation. This query needs to be ignored in the generic - * GAS server to avoid duplicated response. - */ - wpa_printf(MSG_DEBUG, - "ANQP: Ignore WFA vendor type %u (P2P SD) in generic GAS server", - *pos); - qi->p2p_sd = 1; - return; - } -#endif /* CONFIG_P2P */ - - if (*pos != HS20_ANQP_OUI_TYPE) { - wpa_printf(MSG_DEBUG, "ANQP: Unsupported WFA vendor type %u", - *pos); - return; - } - pos++; - if (end - pos <= 1) return; @@ -1164,6 +1336,115 @@ static void rx_anqp_vendor_specific(struct hostapd_data *hapd, #endif /* CONFIG_HS20 */ +#ifdef CONFIG_P2P +static void rx_anqp_vendor_specific_p2p(struct hostapd_data *hapd, + struct anqp_query_info *qi) +{ + /* + * This is for P2P SD and will be taken care of by the P2P + * implementation. This query needs to be ignored in the generic + * GAS server to avoid duplicated response. + */ + wpa_printf(MSG_DEBUG, + "ANQP: Ignore WFA vendor type %u (P2P SD) in generic GAS server", + P2P_OUI_TYPE); + qi->p2p_sd = 1; + return; +} +#endif /* CONFIG_P2P */ + + +#ifdef CONFIG_MBO + +static void rx_anqp_mbo_query_list(struct hostapd_data *hapd, u8 subtype, + struct anqp_query_info *qi) +{ + switch (subtype) { + case MBO_ANQP_SUBTYPE_CELL_CONN_PREF: + set_anqp_req(ANQP_REQ_MBO_CELL_DATA_CONN_PREF, + "Cellular Data Connection Preference", + hapd->conf->mbo_cell_data_conn_pref >= 0, qi); + break; + default: + wpa_printf(MSG_DEBUG, "ANQP: Unsupported MBO subtype %u", + subtype); + break; + } +} + + +static void rx_anqp_vendor_specific_mbo(struct hostapd_data *hapd, + const u8 *pos, const u8 *end, + struct anqp_query_info *qi) +{ + u8 subtype; + + if (end - pos < 1) + return; + + subtype = *pos++; + switch (subtype) { + case MBO_ANQP_SUBTYPE_QUERY_LIST: + wpa_printf(MSG_DEBUG, "ANQP: MBO Query List"); + while (pos < end) { + rx_anqp_mbo_query_list(hapd, *pos, qi); + pos++; + } + break; + default: + wpa_printf(MSG_DEBUG, "ANQP: Unsupported MBO query subtype %u", + subtype); + break; + } +} + +#endif /* CONFIG_MBO */ + + +static void rx_anqp_vendor_specific(struct hostapd_data *hapd, + const u8 *pos, const u8 *end, + struct anqp_query_info *qi) +{ + u32 oui; + + if (end - pos < 4) { + wpa_printf(MSG_DEBUG, "ANQP: Too short vendor specific ANQP " + "Query element"); + return; + } + + oui = WPA_GET_BE24(pos); + pos += 3; + if (oui != OUI_WFA) { + wpa_printf(MSG_DEBUG, "ANQP: Unsupported vendor OUI %06x", + oui); + return; + } + + switch (*pos) { +#ifdef CONFIG_P2P + case P2P_OUI_TYPE: + rx_anqp_vendor_specific_p2p(hapd, qi); + break; +#endif /* CONFIG_P2P */ +#ifdef CONFIG_HS20 + case HS20_ANQP_OUI_TYPE: + rx_anqp_vendor_specific_hs20(hapd, pos + 1, end, qi); + break; +#endif /* CONFIG_HS20 */ +#ifdef CONFIG_MBO + case MBO_ANQP_OUI_TYPE: + rx_anqp_vendor_specific_mbo(hapd, pos + 1, end, qi); + break; +#endif /* CONFIG_MBO */ + default: + wpa_printf(MSG_DEBUG, "ANQP: Unsupported WFA vendor type %u", + *pos); + break; + } +} + + static void gas_serv_req_local_processing(struct hostapd_data *hapd, const u8 *sa, u8 dialog_token, struct anqp_query_info *qi, int prot, @@ -1189,7 +1470,7 @@ static void gas_serv_req_local_processing(struct hostapd_data *hapd, } #endif /* CONFIG_P2P */ - if (wpabuf_len(buf) > hapd->gas_frag_limit || + if (wpabuf_len(buf) > hapd->conf->gas_frag_limit || hapd->conf->gas_comeback_delay) { struct gas_dialog_info *di; u16 comeback_delay = 1; @@ -1240,6 +1521,72 @@ static void gas_serv_req_local_processing(struct hostapd_data *hapd, } +#ifdef CONFIG_DPP +static void gas_serv_req_dpp_processing(struct hostapd_data *hapd, + const u8 *sa, u8 dialog_token, + int prot, struct wpabuf *buf) +{ + struct wpabuf *tx_buf; + + if (wpabuf_len(buf) > hapd->conf->gas_frag_limit || + hapd->conf->gas_comeback_delay) { + struct gas_dialog_info *di; + u16 comeback_delay = 1; + + if (hapd->conf->gas_comeback_delay) { + /* Testing - allow overriding of the delay value */ + comeback_delay = hapd->conf->gas_comeback_delay; + } + + wpa_printf(MSG_DEBUG, + "DPP: Too long response to fit in initial response - use GAS comeback"); + di = gas_dialog_create(hapd, sa, dialog_token); + if (!di) { + wpa_printf(MSG_INFO, "DPP: Could not create dialog for " + MACSTR " (dialog token %u)", + MAC2STR(sa), dialog_token); + wpabuf_free(buf); + tx_buf = gas_build_initial_resp( + dialog_token, WLAN_STATUS_UNSPECIFIED_FAILURE, + 0, 10); + if (tx_buf) + gas_serv_write_dpp_adv_proto(tx_buf); + } else { + di->prot = prot; + di->sd_resp = buf; + di->sd_resp_pos = 0; + tx_buf = gas_build_initial_resp( + dialog_token, WLAN_STATUS_SUCCESS, + comeback_delay, 10); + if (tx_buf) + gas_serv_write_dpp_adv_proto(tx_buf); + } + } else { + wpa_printf(MSG_DEBUG, + "DPP: GAS Initial response (no comeback)"); + tx_buf = gas_build_initial_resp( + dialog_token, WLAN_STATUS_SUCCESS, 0, + 10 + 2 + wpabuf_len(buf)); + if (tx_buf) { + gas_serv_write_dpp_adv_proto(tx_buf); + wpabuf_put_le16(tx_buf, wpabuf_len(buf)); + wpabuf_put_buf(tx_buf, buf); + hostapd_dpp_gas_status_handler(hapd, 1); + } + wpabuf_free(buf); + } + if (!tx_buf) + return; + if (prot) + convert_to_protected_dual(tx_buf); + hostapd_drv_send_action(hapd, hapd->iface->freq, 0, sa, + wpabuf_head(tx_buf), + wpabuf_len(tx_buf)); + wpabuf_free(tx_buf); +} +#endif /* CONFIG_DPP */ + + static void gas_serv_rx_gas_initial_req(struct hostapd_data *hapd, const u8 *sa, const u8 *data, size_t len, int prot, @@ -1252,6 +1599,9 @@ static void gas_serv_rx_gas_initial_req(struct hostapd_data *hapd, u16 slen; struct anqp_query_info qi; const u8 *adv_proto; +#ifdef CONFIG_DPP + int dpp = 0; +#endif /* CONFIG_DPP */ if (len < 1 + 2) return; @@ -1279,6 +1629,15 @@ static void gas_serv_rx_gas_initial_req(struct hostapd_data *hapd, next = pos + slen; pos++; /* skip QueryRespLenLimit and PAME-BI */ +#ifdef CONFIG_DPP + if (slen == 8 && *pos == WLAN_EID_VENDOR_SPECIFIC && + pos[1] == 5 && WPA_GET_BE24(&pos[2]) == OUI_WFA && + pos[5] == DPP_OUI_TYPE && pos[6] == 0x01) { + wpa_printf(MSG_DEBUG, "DPP: Configuration Request"); + dpp = 1; + } else +#endif /* CONFIG_DPP */ + if (*pos != ACCESS_NETWORK_QUERY_PROTOCOL) { struct wpabuf *buf; wpa_msg(hapd->msg_ctx, MSG_DEBUG, @@ -1318,6 +1677,18 @@ static void gas_serv_rx_gas_initial_req(struct hostapd_data *hapd, return; end = pos + slen; +#ifdef CONFIG_DPP + if (dpp) { + struct wpabuf *msg; + + msg = hostapd_dpp_gas_req_handler(hapd, sa, pos, slen); + if (!msg) + return; + gas_serv_req_dpp_processing(hapd, sa, dialog_token, prot, msg); + return; + } +#endif /* CONFIG_DPP */ + /* ANQP Query Request */ while (pos < end) { u16 info_id, elen; @@ -1339,11 +1710,9 @@ static void gas_serv_rx_gas_initial_req(struct hostapd_data *hapd, case ANQP_QUERY_LIST: rx_anqp_query_list(hapd, pos, pos + elen, &qi); break; -#ifdef CONFIG_HS20 case ANQP_VENDOR_SPECIFIC: rx_anqp_vendor_specific(hapd, pos, pos + elen, &qi); break; -#endif /* CONFIG_HS20 */ default: wpa_printf(MSG_DEBUG, "ANQP: Unsupported Query " "Request element %u", info_id); @@ -1393,8 +1762,8 @@ static void gas_serv_rx_gas_comeback_req(struct hostapd_data *hapd, } frag_len = wpabuf_len(dialog->sd_resp) - dialog->sd_resp_pos; - if (frag_len > hapd->gas_frag_limit) { - frag_len = hapd->gas_frag_limit; + if (frag_len > hapd->conf->gas_frag_limit) { + frag_len = hapd->conf->gas_frag_limit; more = 1; } wpa_msg(hapd->msg_ctx, MSG_DEBUG, "GAS: resp frag_len %u", @@ -1407,6 +1776,18 @@ static void gas_serv_rx_gas_comeback_req(struct hostapd_data *hapd, gas_serv_dialog_clear(dialog); return; } +#ifdef CONFIG_DPP + if (dialog->dpp) { + tx_buf = gas_build_comeback_resp(dialog_token, + WLAN_STATUS_SUCCESS, + dialog->sd_frag_id, more, 0, + 10 + frag_len); + if (tx_buf) { + gas_serv_write_dpp_adv_proto(tx_buf); + wpabuf_put_buf(tx_buf, buf); + } + } else +#endif /* CONFIG_DPP */ tx_buf = gas_anqp_build_comeback_resp_buf(dialog_token, WLAN_STATUS_SUCCESS, dialog->sd_frag_id, @@ -1430,6 +1811,10 @@ static void gas_serv_rx_gas_comeback_req(struct hostapd_data *hapd, } else { wpa_msg(hapd->msg_ctx, MSG_DEBUG, "GAS: All fragments of " "SD response sent"); +#ifdef CONFIG_DPP + if (dialog->dpp) + hostapd_dpp_gas_status_handler(hapd, 1); +#endif /* CONFIG_DPP */ gas_serv_dialog_clear(dialog); gas_serv_free_dialogs(hapd, sa); } @@ -1495,9 +1880,6 @@ int gas_serv_init(struct hostapd_data *hapd) { hapd->public_action_cb2 = gas_serv_rx_public_action; hapd->public_action_cb2_ctx = hapd; - hapd->gas_frag_limit = 1400; - if (hapd->conf->gas_frag_limit > 0) - hapd->gas_frag_limit = hapd->conf->gas_frag_limit; return 0; } diff --git a/contrib/wpa/src/ap/gas_serv.h b/contrib/wpa/src/ap/gas_serv.h index 9051e4f90513..2cf1817298f7 100644 --- a/contrib/wpa/src/ap/gas_serv.h +++ b/contrib/wpa/src/ap/gas_serv.h @@ -41,7 +41,7 @@ #define ANQP_REQ_EMERGENCY_NAI \ (1 << (ANQP_EMERGENCY_NAI - ANQP_QUERY_LIST)) /* - * First 16 Hotspot 2.0 vendor specific ANQP-elements can be included in the + * First 15 Hotspot 2.0 vendor specific ANQP-elements can be included in the * optimized bitmap. */ #define ANQP_REQ_HS_CAPABILITY_LIST \ @@ -60,6 +60,13 @@ (0x10000 << HS20_STYPE_OSU_PROVIDERS_LIST) #define ANQP_REQ_ICON_REQUEST \ (0x10000 << HS20_STYPE_ICON_REQUEST) +#define ANQP_REQ_OPERATOR_ICON_METADATA \ + (0x10000 << HS20_STYPE_OPERATOR_ICON_METADATA) +#define ANQP_REQ_OSU_PROVIDERS_NAI_LIST \ + (0x10000 << HS20_STYPE_OSU_PROVIDERS_NAI_LIST) +/* The first MBO ANQP-element can be included in the optimized bitmap. */ +#define ANQP_REQ_MBO_CELL_DATA_CONN_PREF \ + (BIT(29) << MBO_ANQP_SUBTYPE_CELL_CONN_PREF) struct gas_dialog_info { u8 valid; @@ -68,6 +75,7 @@ struct gas_dialog_info { size_t sd_resp_pos; /* Offset in sd_resp */ u8 sd_frag_id; int prot; /* whether Protected Dual of Public Action frame is used */ + int dpp; /* whether this is a DPP Config Response */ }; struct hostapd_data; diff --git a/contrib/wpa/src/ap/hostapd.c b/contrib/wpa/src/ap/hostapd.c index 9fafc7f457bb..7501bac6e42a 100644 --- a/contrib/wpa/src/ap/hostapd.c +++ b/contrib/wpa/src/ap/hostapd.c @@ -31,6 +31,8 @@ #include "vlan_init.h" #include "wpa_auth.h" #include "wps_hostapd.h" +#include "dpp_hostapd.h" +#include "gas_query_ap.h" #include "hw_features.h" #include "wpa_auth_glue.h" #include "ap_drv_ops.h" @@ -45,6 +47,9 @@ #include "ndisc_snoop.h" #include "neighbor_db.h" #include "rrm.h" +#include "fils_hlp.h" +#include "acs.h" +#include "hs20.h" static int hostapd_flush_old_stations(struct hostapd_data *hapd, u16 reason); @@ -52,6 +57,8 @@ static int hostapd_setup_encryption(char *iface, struct hostapd_data *hapd); static int hostapd_broadcast_wep_clear(struct hostapd_data *hapd); static int setup_interface2(struct hostapd_iface *iface); static void channel_list_update_timeout(void *eloop_ctx, void *timeout_ctx); +static void hostapd_interface_setup_failure_handler(void *eloop_ctx, + void *timeout_ctx); int hostapd_for_each_interface(struct hapd_interfaces *interfaces, @@ -71,10 +78,26 @@ int hostapd_for_each_interface(struct hapd_interfaces *interfaces, } +void hostapd_reconfig_encryption(struct hostapd_data *hapd) +{ + if (hapd->wpa_auth) + return; + + hostapd_set_privacy(hapd, 0); + hostapd_setup_encryption(hapd->conf->iface, hapd); +} + + static void hostapd_reload_bss(struct hostapd_data *hapd) { struct hostapd_ssid *ssid; + if (!hapd->started) + return; + + if (hapd->conf->wmm_enabled < 0) + hapd->conf->wmm_enabled = hapd->iconf->ieee80211n; + #ifndef CONFIG_NO_RADIUS radius_client_reconfig(hapd->radius, hapd->conf->radius); #endif /* CONFIG_NO_RADIUS */ @@ -153,8 +176,27 @@ static void hostapd_clear_old(struct hostapd_iface *iface) } +static int hostapd_iface_conf_changed(struct hostapd_config *newconf, + struct hostapd_config *oldconf) +{ + size_t i; + + if (newconf->num_bss != oldconf->num_bss) + return 1; + + for (i = 0; i < newconf->num_bss; i++) { + if (os_strcmp(newconf->bss[i]->iface, + oldconf->bss[i]->iface) != 0) + return 1; + } + + return 0; +} + + int hostapd_reload_config(struct hostapd_iface *iface) { + struct hapd_interfaces *interfaces = iface->interfaces; struct hostapd_data *hapd = iface->bss[0]; struct hostapd_config *newconf, *oldconf; size_t j; @@ -177,6 +219,35 @@ int hostapd_reload_config(struct hostapd_iface *iface) hostapd_clear_old(iface); oldconf = hapd->iconf; + if (hostapd_iface_conf_changed(newconf, oldconf)) { + char *fname; + int res; + + wpa_printf(MSG_DEBUG, + "Configuration changes include interface/BSS modification - force full disable+enable sequence"); + fname = os_strdup(iface->config_fname); + if (!fname) { + hostapd_config_free(newconf); + return -1; + } + hostapd_remove_iface(interfaces, hapd->conf->iface); + iface = hostapd_init(interfaces, fname); + os_free(fname); + hostapd_config_free(newconf); + if (!iface) { + wpa_printf(MSG_ERROR, + "Failed to initialize interface on config reload"); + return -1; + } + iface->interfaces = interfaces; + interfaces->iface[interfaces->count] = iface; + interfaces->count++; + res = hostapd_enable_iface(iface); + if (res < 0) + wpa_printf(MSG_ERROR, + "Failed to enable interface on config reload"); + return res; + } iface->conf = newconf; for (j = 0; j < iface->num_bss; j++) { @@ -210,7 +281,7 @@ static void hostapd_broadcast_key_clear_iface(struct hostapd_data *hapd, { int i; - if (!ifname) + if (!ifname || !hapd->drv_priv) return; for (i = 0; i < NUM_WEP_KEYS; i++) { if (hostapd_drv_set_key(ifname, hapd, WPA_ALG_NONE, NULL, i, @@ -297,6 +368,10 @@ static void hostapd_free_hapd_data(struct hostapd_data *hapd) #endif /* CONFIG_NO_RADIUS */ hostapd_deinit_wps(hapd); +#ifdef CONFIG_DPP + hostapd_dpp_deinit(hapd); + gas_query_ap_deinit(hapd->gas); +#endif /* CONFIG_DPP */ authsrv_deinit(hapd); @@ -341,6 +416,7 @@ static void hostapd_free_hapd_data(struct hostapd_data *hapd) #endif /* CONFIG_MESH */ hostapd_clean_rrm(hapd); + fils_hlp_deinit(hapd); } @@ -357,8 +433,10 @@ static void hostapd_cleanup(struct hostapd_data *hapd) wpa_printf(MSG_DEBUG, "%s(hapd=%p (%s))", __func__, hapd, hapd->conf->iface); if (hapd->iface->interfaces && - hapd->iface->interfaces->ctrl_iface_deinit) + hapd->iface->interfaces->ctrl_iface_deinit) { + wpa_msg(hapd->msg_ctx, MSG_INFO, WPA_EVENT_TERMINATING); hapd->iface->interfaces->ctrl_iface_deinit(hapd); + } hostapd_free_hapd_data(hapd); } @@ -387,8 +465,11 @@ static void hostapd_cleanup_iface_partial(struct hostapd_iface *iface) hostapd_stop_setup_timers(iface); #endif /* NEED_AP_MLME */ #endif /* CONFIG_IEEE80211N */ + if (iface->current_mode) + acs_cleanup(iface); hostapd_free_hw_features(iface->hw_features, iface->num_hw_features); iface->hw_features = NULL; + iface->current_mode = NULL; os_free(iface->current_rates); iface->current_rates = NULL; os_free(iface->basic_rates); @@ -409,6 +490,8 @@ static void hostapd_cleanup_iface(struct hostapd_iface *iface) { wpa_printf(MSG_DEBUG, "%s(%p)", __func__, iface); eloop_cancel_timeout(channel_list_update_timeout, iface, NULL); + eloop_cancel_timeout(hostapd_interface_setup_failure_handler, iface, + NULL); hostapd_cleanup_iface_partial(iface); hostapd_config_free(iface->conf); @@ -484,9 +567,12 @@ static int hostapd_flush_old_stations(struct hostapd_data *hapd, u16 reason) ret = -1; } } - wpa_dbg(hapd->msg_ctx, MSG_DEBUG, "Deauthenticate all stations"); - os_memset(addr, 0xff, ETH_ALEN); - hostapd_drv_sta_deauth(hapd, addr, reason); + if (hapd->conf && hapd->conf->broadcast_deauth) { + wpa_dbg(hapd->msg_ctx, MSG_DEBUG, + "Deauthenticate all stations"); + os_memset(addr, 0xff, ETH_ALEN); + hostapd_drv_sta_deauth(hapd, addr, reason); + } hostapd_free_stas(hapd); return ret; @@ -873,6 +959,48 @@ hostapd_das_disconnect(void *ctx, struct radius_das_attrs *attr) return RADIUS_DAS_SUCCESS; } + +#ifdef CONFIG_HS20 +static enum radius_das_res +hostapd_das_coa(void *ctx, struct radius_das_attrs *attr) +{ + struct hostapd_data *hapd = ctx; + struct sta_info *sta; + int multi; + + if (hostapd_das_nas_mismatch(hapd, attr)) + return RADIUS_DAS_NAS_MISMATCH; + + sta = hostapd_das_find_sta(hapd, attr, &multi); + if (!sta) { + if (multi) { + wpa_printf(MSG_DEBUG, + "RADIUS DAS: Multiple sessions match - not supported"); + return RADIUS_DAS_MULTI_SESSION_MATCH; + } + wpa_printf(MSG_DEBUG, "RADIUS DAS: No matching session found"); + return RADIUS_DAS_SESSION_NOT_FOUND; + } + + wpa_printf(MSG_DEBUG, "RADIUS DAS: Found a matching session " MACSTR + " - CoA", MAC2STR(sta->addr)); + + if (attr->hs20_t_c_filtering) { + if (attr->hs20_t_c_filtering[0] & BIT(0)) { + wpa_printf(MSG_DEBUG, + "HS 2.0: Unexpected Terms and Conditions filtering required in CoA-Request"); + return RADIUS_DAS_COA_FAILED; + } + + hs20_t_c_filtering(hapd, sta, 0); + } + + return RADIUS_DAS_SUCCESS; +} +#else /* CONFIG_HS20 */ +#define hostapd_das_coa NULL +#endif /* CONFIG_HS20 */ + #endif /* CONFIG_NO_RADIUS */ @@ -956,13 +1084,13 @@ static int hostapd_setup_bss(struct hostapd_data *hapd, int first) if (conf->wmm_enabled < 0) conf->wmm_enabled = hapd->iconf->ieee80211n; -#ifdef CONFIG_IEEE80211R +#ifdef CONFIG_IEEE80211R_AP if (is_zero_ether_addr(conf->r1_key_holder)) os_memcpy(conf->r1_key_holder, hapd->own_addr, ETH_ALEN); -#endif /* CONFIG_IEEE80211R */ +#endif /* CONFIG_IEEE80211R_AP */ #ifdef CONFIG_MESH - if (hapd->iface->mconf == NULL) + if ((hapd->conf->mesh & MESH_ENABLED) && hapd->iface->mconf == NULL) flush_old_stations = 0; #endif /* CONFIG_MESH */ @@ -1047,6 +1175,7 @@ static int hostapd_setup_bss(struct hostapd_data *hapd, int first) conf->radius_das_require_message_authenticator; das_conf.ctx = hapd; das_conf.disconnect = hostapd_das_disconnect; + das_conf.coa = hostapd_das_coa; hapd->radius_das = radius_das_init(&das_conf); if (hapd->radius_das == NULL) { wpa_printf(MSG_ERROR, "RADIUS DAS initialization " @@ -1063,6 +1192,14 @@ static int hostapd_setup_bss(struct hostapd_data *hapd, int first) if (hostapd_init_wps(hapd, conf)) return -1; +#ifdef CONFIG_DPP + hapd->gas = gas_query_ap_init(hapd, hapd->msg_ctx); + if (!hapd->gas) + return -1; + if (hostapd_dpp_init(hapd)) + return -1; +#endif /* CONFIG_DPP */ + if (authsrv_init(hapd) < 0) return -1; @@ -1150,7 +1287,7 @@ static void hostapd_tx_queue_params(struct hostapd_iface *iface) struct hostapd_tx_queue_params *p; #ifdef CONFIG_MESH - if (iface->mconf == NULL) + if ((hapd->conf->mesh & MESH_ENABLED) && iface->mconf == NULL) return; #endif /* CONFIG_MESH */ @@ -1561,7 +1698,7 @@ static void hostapd_set_own_neighbor_report(struct hostapd_data *hapd) int vht = hapd->iconf->ieee80211ac && !hapd->conf->disable_11ac; struct wpa_ssid_value ssid; u8 channel, op_class; - int center_freq1 = 0, center_freq2 = 0; + u8 center_freq1_idx = 0, center_freq2_idx = 0; enum nr_chan_width width; u32 bssid_info; struct wpabuf *nr; @@ -1598,22 +1735,22 @@ static void hostapd_set_own_neighbor_report(struct hostapd_data *hapd) /* TODO: Set NEI_REP_BSSID_INFO_MOBILITY_DOMAIN if MDE is set */ - ieee80211_freq_to_channel_ext(hapd->iface->freq, - hapd->iconf->secondary_channel, - hapd->iconf->vht_oper_chwidth, - &op_class, &channel); + if (ieee80211_freq_to_channel_ext(hapd->iface->freq, + hapd->iconf->secondary_channel, + hapd->iconf->vht_oper_chwidth, + &op_class, &channel) == + NUM_HOSTAPD_MODES) + return; width = hostapd_get_nr_chan_width(hapd, ht, vht); if (vht) { - center_freq1 = ieee80211_chan_to_freq( - NULL, op_class, - hapd->iconf->vht_oper_centr_freq_seg0_idx); + center_freq1_idx = hapd->iconf->vht_oper_centr_freq_seg0_idx; if (width == NR_CHAN_WIDTH_80P80) - center_freq2 = ieee80211_chan_to_freq( - NULL, op_class, - hapd->iconf->vht_oper_centr_freq_seg1_idx); + center_freq2_idx = + hapd->iconf->vht_oper_centr_freq_seg1_idx; } else if (ht) { - center_freq1 = hapd->iface->freq + - 10 * hapd->iconf->secondary_channel; + ieee80211_freq_to_chan(hapd->iface->freq + + 10 * hapd->iconf->secondary_channel, + ¢er_freq1_idx); } ssid.ssid_len = hapd->conf->ssid.ssid_len; @@ -1641,17 +1778,127 @@ static void hostapd_set_own_neighbor_report(struct hostapd_data *hapd) wpabuf_put_u8(nr, WNM_NEIGHBOR_WIDE_BW_CHAN); wpabuf_put_u8(nr, 3); wpabuf_put_u8(nr, width); - wpabuf_put_u8(nr, center_freq1); - wpabuf_put_u8(nr, center_freq2); + wpabuf_put_u8(nr, center_freq1_idx); + wpabuf_put_u8(nr, center_freq2_idx); hostapd_neighbor_set(hapd, hapd->own_addr, &ssid, nr, hapd->iconf->lci, - hapd->iconf->civic); + hapd->iconf->civic, hapd->iconf->stationary_ap); wpabuf_free(nr); #endif /* NEED_AP_MLME */ } +#ifdef CONFIG_OWE + +static int hostapd_owe_iface_iter(struct hostapd_iface *iface, void *ctx) +{ + struct hostapd_data *hapd = ctx; + size_t i; + + for (i = 0; i < iface->num_bss; i++) { + struct hostapd_data *bss = iface->bss[i]; + + if (os_strcmp(hapd->conf->owe_transition_ifname, + bss->conf->iface) != 0) + continue; + + wpa_printf(MSG_DEBUG, + "OWE: ifname=%s found transition mode ifname=%s BSSID " + MACSTR " SSID %s", + hapd->conf->iface, bss->conf->iface, + MAC2STR(bss->own_addr), + wpa_ssid_txt(bss->conf->ssid.ssid, + bss->conf->ssid.ssid_len)); + if (!bss->conf->ssid.ssid_set || !bss->conf->ssid.ssid_len || + is_zero_ether_addr(bss->own_addr)) + continue; + + os_memcpy(hapd->conf->owe_transition_bssid, bss->own_addr, + ETH_ALEN); + os_memcpy(hapd->conf->owe_transition_ssid, + bss->conf->ssid.ssid, bss->conf->ssid.ssid_len); + hapd->conf->owe_transition_ssid_len = bss->conf->ssid.ssid_len; + wpa_printf(MSG_DEBUG, + "OWE: Copied transition mode information"); + return 1; + } + + return 0; +} + + +int hostapd_owe_trans_get_info(struct hostapd_data *hapd) +{ + if (hapd->conf->owe_transition_ssid_len > 0 && + !is_zero_ether_addr(hapd->conf->owe_transition_bssid)) + return 0; + + /* Find transition mode SSID/BSSID information from a BSS operated by + * this hostapd instance. */ + if (!hapd->iface->interfaces || + !hapd->iface->interfaces->for_each_interface) + return hostapd_owe_iface_iter(hapd->iface, hapd); + else + return hapd->iface->interfaces->for_each_interface( + hapd->iface->interfaces, hostapd_owe_iface_iter, hapd); +} + + +static int hostapd_owe_iface_iter2(struct hostapd_iface *iface, void *ctx) +{ + size_t i; + + for (i = 0; i < iface->num_bss; i++) { + struct hostapd_data *bss = iface->bss[i]; + int res; + + if (!bss->conf->owe_transition_ifname[0]) + continue; + res = hostapd_owe_trans_get_info(bss); + if (res == 0) + continue; + wpa_printf(MSG_DEBUG, + "OWE: Matching transition mode interface enabled - update beacon data for %s", + bss->conf->iface); + ieee802_11_set_beacon(bss); + } + + return 0; +} + +#endif /* CONFIG_OWE */ + + +static void hostapd_owe_update_trans(struct hostapd_iface *iface) +{ +#ifdef CONFIG_OWE + /* Check whether the enabled BSS can complete OWE transition mode + * configuration for any pending interface. */ + if (!iface->interfaces || + !iface->interfaces->for_each_interface) + hostapd_owe_iface_iter2(iface, NULL); + else + iface->interfaces->for_each_interface( + iface->interfaces, hostapd_owe_iface_iter2, NULL); +#endif /* CONFIG_OWE */ +} + + +static void hostapd_interface_setup_failure_handler(void *eloop_ctx, + void *timeout_ctx) +{ + struct hostapd_iface *iface = eloop_ctx; + struct hostapd_data *hapd; + + if (iface->num_bss < 1 || !iface->bss || !iface->bss[0]) + return; + hapd = iface->bss[0]; + if (hapd->setup_complete_cb) + hapd->setup_complete_cb(hapd->setup_complete_cb_ctx); +} + + static int hostapd_setup_interface_complete_sync(struct hostapd_iface *iface, int err) { @@ -1827,6 +2074,7 @@ dfs_offload: #endif /* CONFIG_FST */ hostapd_set_state(iface, HAPD_IFACE_ENABLED); + hostapd_owe_update_trans(iface); wpa_msg(iface->bss[0]->msg_ctx, MSG_INFO, AP_EVENT_ENABLED); if (hapd->setup_complete_cb) hapd->setup_complete_cb(hapd->setup_complete_cb_ctx); @@ -1851,8 +2099,19 @@ fail: iface->fst = NULL; } #endif /* CONFIG_FST */ - if (iface->interfaces && iface->interfaces->terminate_on_error) + + if (iface->interfaces && iface->interfaces->terminate_on_error) { eloop_terminate(); + } else if (hapd->setup_complete_cb) { + /* + * Calling hapd->setup_complete_cb directly may cause iface + * deinitialization which may be accessed later by the caller. + */ + eloop_register_timeout(0, 0, + hostapd_interface_setup_failure_handler, + iface, NULL); + } + return -1; } @@ -1997,10 +2256,16 @@ hostapd_alloc_bss_data(struct hostapd_iface *hapd_iface, hapd->iconf = conf; hapd->conf = bss; hapd->iface = hapd_iface; - hapd->driver = hapd->iconf->driver; + if (conf) + hapd->driver = conf->driver; hapd->ctrl_sock = -1; dl_list_init(&hapd->ctrl_dst); dl_list_init(&hapd->nr_db); + hapd->dhcp_sock = -1; +#ifdef CONFIG_IEEE80211R_AP + dl_list_init(&hapd->l2_queue); + dl_list_init(&hapd->l2_oui_queue); +#endif /* CONFIG_IEEE80211R_AP */ return hapd; } @@ -2028,12 +2293,6 @@ void hostapd_interface_deinit(struct hostapd_iface *iface) hostapd_set_state(iface, HAPD_IFACE_DISABLED); -#ifdef CONFIG_IEEE80211N -#ifdef NEED_AP_MLME - hostapd_stop_setup_timers(iface); - eloop_cancel_timeout(ap_ht2040_timeout, iface, NULL); -#endif /* NEED_AP_MLME */ -#endif /* CONFIG_IEEE80211N */ eloop_cancel_timeout(channel_list_update_timeout, iface, NULL); iface->wait_channel_update = 0; @@ -2049,6 +2308,13 @@ void hostapd_interface_deinit(struct hostapd_iface *iface) break; hostapd_bss_deinit(iface->bss[j]); } + +#ifdef CONFIG_IEEE80211N +#ifdef NEED_AP_MLME + hostapd_stop_setup_timers(iface); + eloop_cancel_timeout(ap_ht2040_timeout, iface, NULL); +#endif /* NEED_AP_MLME */ +#endif /* CONFIG_IEEE80211N */ } @@ -2402,6 +2668,11 @@ int hostapd_disable_iface(struct hostapd_iface *hapd_iface) !!(hapd_iface->drv_flags & WPA_DRIVER_FLAGS_AP_TEARDOWN_SUPPORT); +#ifdef NEED_AP_MLME + for (j = 0; j < hapd_iface->num_bss; j++) + hostapd_cleanup_cs_params(hapd_iface->bss[j]); +#endif /* NEED_AP_MLME */ + /* same as hostapd_interface_deinit without deinitializing ctrl-iface */ for (j = 0; j < hapd_iface->num_bss; j++) { struct hostapd_data *hapd = hapd_iface->bss[j]; @@ -2459,7 +2730,7 @@ hostapd_config_alloc(struct hapd_interfaces *interfaces, const char *ifname, if (conf == NULL) { wpa_printf(MSG_ERROR, "%s: Failed to allocate memory for " "configuration", __func__); - return NULL; + return NULL; } if (driver) { @@ -2612,6 +2883,7 @@ int hostapd_add_iface(struct hapd_interfaces *interfaces, char *buf) return -1; } } + hostapd_owe_update_trans(hapd_iface); return 0; } @@ -2829,12 +3101,24 @@ void hostapd_new_assoc_sta(struct hostapd_data *hapd, struct sta_info *sta, ieee802_1x_new_station(hapd, sta); if (reassoc) { if (sta->auth_alg != WLAN_AUTH_FT && + sta->auth_alg != WLAN_AUTH_FILS_SK && + sta->auth_alg != WLAN_AUTH_FILS_SK_PFS && + sta->auth_alg != WLAN_AUTH_FILS_PK && !(sta->flags & (WLAN_STA_WPS | WLAN_STA_MAYBE_WPS))) wpa_auth_sm_event(sta->wpa_sm, WPA_REAUTH); } else wpa_auth_sta_associated(hapd->wpa_auth, sta->wpa_sm); - if (!(hapd->iface->drv_flags & WPA_DRIVER_FLAGS_INACTIVITY_TIMER)) { + if (hapd->iface->drv_flags & WPA_DRIVER_FLAGS_WIRED) { + if (eloop_cancel_timeout(ap_handle_timer, hapd, sta) > 0) { + wpa_printf(MSG_DEBUG, + "%s: %s: canceled wired ap_handle_timer timeout for " + MACSTR, + hapd->conf->iface, __func__, + MAC2STR(sta->addr)); + } + } else if (!(hapd->iface->drv_flags & + WPA_DRIVER_FLAGS_INACTIVITY_TIMER)) { wpa_printf(MSG_DEBUG, "%s: %s: reschedule ap_handle_timer timeout for " MACSTR " (%d seconds - ap_max_inactivity)", @@ -2928,60 +3212,52 @@ static int hostapd_build_beacon_data(struct hostapd_data *hapd, goto free_ap_params; ret = -1; - beacon->head = os_malloc(params.head_len); + beacon->head = os_memdup(params.head, params.head_len); if (!beacon->head) goto free_ap_extra_ies; - os_memcpy(beacon->head, params.head, params.head_len); beacon->head_len = params.head_len; - beacon->tail = os_malloc(params.tail_len); + beacon->tail = os_memdup(params.tail, params.tail_len); if (!beacon->tail) goto free_beacon; - os_memcpy(beacon->tail, params.tail, params.tail_len); beacon->tail_len = params.tail_len; if (params.proberesp != NULL) { - beacon->probe_resp = os_malloc(params.proberesp_len); + beacon->probe_resp = os_memdup(params.proberesp, + params.proberesp_len); if (!beacon->probe_resp) goto free_beacon; - os_memcpy(beacon->probe_resp, params.proberesp, - params.proberesp_len); beacon->probe_resp_len = params.proberesp_len; } /* copy the extra ies */ if (beacon_extra) { - beacon->beacon_ies = os_malloc(wpabuf_len(beacon_extra)); + beacon->beacon_ies = os_memdup(beacon_extra->buf, + wpabuf_len(beacon_extra)); if (!beacon->beacon_ies) goto free_beacon; - os_memcpy(beacon->beacon_ies, - beacon_extra->buf, wpabuf_len(beacon_extra)); beacon->beacon_ies_len = wpabuf_len(beacon_extra); } if (proberesp_extra) { - beacon->proberesp_ies = - os_malloc(wpabuf_len(proberesp_extra)); + beacon->proberesp_ies = os_memdup(proberesp_extra->buf, + wpabuf_len(proberesp_extra)); if (!beacon->proberesp_ies) goto free_beacon; - os_memcpy(beacon->proberesp_ies, proberesp_extra->buf, - wpabuf_len(proberesp_extra)); beacon->proberesp_ies_len = wpabuf_len(proberesp_extra); } if (assocresp_extra) { - beacon->assocresp_ies = - os_malloc(wpabuf_len(assocresp_extra)); + beacon->assocresp_ies = os_memdup(assocresp_extra->buf, + wpabuf_len(assocresp_extra)); if (!beacon->assocresp_ies) goto free_beacon; - os_memcpy(beacon->assocresp_ies, assocresp_extra->buf, - wpabuf_len(assocresp_extra)); beacon->assocresp_ies_len = wpabuf_len(assocresp_extra); } @@ -3158,6 +3434,19 @@ void hostapd_cleanup_cs_params(struct hostapd_data *hapd) } +void hostapd_chan_switch_vht_config(struct hostapd_data *hapd, int vht_enabled) +{ + if (vht_enabled) + hapd->iconf->ch_switch_vht_config |= CH_SWITCH_VHT_ENABLED; + else + hapd->iconf->ch_switch_vht_config |= CH_SWITCH_VHT_DISABLED; + + hostapd_logger(hapd, NULL, HOSTAPD_MODULE_IEEE80211, + HOSTAPD_LEVEL_INFO, "CHAN_SWITCH VHT CONFIG 0x%x", + hapd->iconf->ch_switch_vht_config); +} + + int hostapd_switch_channel(struct hostapd_data *hapd, struct csa_settings *settings) { @@ -3192,7 +3481,6 @@ hostapd_switch_channel_fallback(struct hostapd_iface *iface, const struct hostapd_freq_params *freq_params) { int vht_seg0_idx = 0, vht_seg1_idx = 0, vht_bw = VHT_CHANWIDTH_USE_HT; - unsigned int i; wpa_printf(MSG_DEBUG, "Restarting all CSA-related BSSes"); @@ -3234,10 +3522,8 @@ hostapd_switch_channel_fallback(struct hostapd_iface *iface, /* * cs_params must not be cleared earlier because the freq_params * argument may actually point to one of these. + * These params will be cleared during interface disable below. */ - for (i = 0; i < iface->num_bss; i++) - hostapd_cleanup_cs_params(iface->bss[i]); - hostapd_disable_iface(iface); hostapd_enable_iface(iface); } diff --git a/contrib/wpa/src/ap/hostapd.h b/contrib/wpa/src/ap/hostapd.h index dec46f692206..d304c1171810 100644 --- a/contrib/wpa/src/ap/hostapd.h +++ b/contrib/wpa/src/ap/hostapd.h @@ -14,6 +14,13 @@ #include "ap_config.h" #include "drivers/driver.h" +#define OCE_STA_CFON_ENABLED(hapd) \ + ((hapd->conf->oce & OCE_STA_CFON) && \ + (hapd->iface->drv_flags & WPA_DRIVER_FLAGS_OCE_STA_CFON)) +#define OCE_AP_ENABLED(hapd) \ + ((hapd->conf->oce & OCE_AP) && \ + (hapd->iface->drv_flags & WPA_DRIVER_FLAGS_OCE_AP)) + struct wpa_ctrl_dst; struct radius_server_data; struct upnp_wps_device_sm; @@ -53,7 +60,16 @@ struct hapd_interfaces { #ifndef CONFIG_NO_VLAN struct dynamic_iface *vlan_priv; #endif /* CONFIG_NO_VLAN */ +#ifdef CONFIG_ETH_P_OUI + struct dl_list eth_p_oui; /* OUI Extended EtherType handlers */ +#endif /* CONFIG_ETH_P_OUI */ int eloop_initialized; + +#ifdef CONFIG_DPP + int dpp_init_done; + struct dl_list dpp_bootstrap; /* struct dpp_bootstrap_info */ + struct dl_list dpp_configurator; /* struct dpp_configurator */ +#endif /* CONFIG_DPP */ }; enum hostapd_chan_status { @@ -76,6 +92,7 @@ struct hostapd_rate_data { }; struct hostapd_frame_info { + unsigned int freq; u32 channel; u32 datarate; int ssi_signal; /* dBm */ @@ -109,6 +126,7 @@ struct hostapd_neighbor_entry { struct wpabuf *civic; /* LCI update time */ struct os_time lci_date; + int stationary; }; /** @@ -184,6 +202,17 @@ struct hostapd_data { #endif /* CONFIG_FULL_DYNAMIC_VLAN */ struct l2_packet_data *l2; + +#ifdef CONFIG_IEEE80211R_AP + struct dl_list l2_queue; + struct dl_list l2_oui_queue; + struct eth_p_oui_ctx *oui_pull; + struct eth_p_oui_ctx *oui_resp; + struct eth_p_oui_ctx *oui_push; + struct eth_p_oui_ctx *oui_sreq; + struct eth_p_oui_ctx *oui_sresp; +#endif /* CONFIG_IEEE80211R_AP */ + struct wps_context *wps; int beacon_set_done; @@ -242,9 +271,6 @@ struct hostapd_data { unsigned int cs_c_off_ecsa_beacon; unsigned int cs_c_off_ecsa_proberesp; - /* BSS Load */ - unsigned int bss_load_update_timeout; - #ifdef CONFIG_P2P struct p2p_data *p2p; struct p2p_group *p2p_group; @@ -259,9 +285,6 @@ struct hostapd_data { int noa_start; int noa_duration; #endif /* CONFIG_P2P */ -#ifdef CONFIG_INTERWORKING - size_t gas_frag_limit; -#endif /* CONFIG_INTERWORKING */ #ifdef CONFIG_PROXYARP struct l2_packet_data *sock_dhcp; struct l2_packet_data *sock_ndisc; @@ -292,6 +315,18 @@ struct hostapd_data { unsigned int ext_eapol_frame_io:1; struct l2_packet_data *l2_test; + + enum wpa_alg last_gtk_alg; + int last_gtk_key_idx; + u8 last_gtk[WPA_GTK_MAX_LEN]; + size_t last_gtk_len; + +#ifdef CONFIG_IEEE80211W + enum wpa_alg last_igtk_alg; + int last_igtk_key_idx; + u8 last_igtk[WPA_IGTK_MAX_LEN]; + size_t last_igtk_len; +#endif /* CONFIG_IEEE80211W */ #endif /* CONFIG_TESTING_OPTIONS */ #ifdef CONFIG_MBO @@ -300,10 +335,42 @@ struct hostapd_data { struct dl_list nr_db; + u8 beacon_req_token; u8 lci_req_token; u8 range_req_token; unsigned int lci_req_active:1; unsigned int range_req_active:1; + + int dhcp_sock; /* UDP socket used with the DHCP server */ + +#ifdef CONFIG_DPP + int dpp_init_done; + struct dpp_authentication *dpp_auth; + u8 dpp_allowed_roles; + int dpp_qr_mutual; + int dpp_auth_ok_on_ack; + int dpp_in_response_listen; + struct gas_query_ap *gas; + struct dpp_pkex *dpp_pkex; + struct dpp_bootstrap_info *dpp_pkex_bi; + char *dpp_pkex_code; + char *dpp_pkex_identifier; + char *dpp_pkex_auth_cmd; + char *dpp_configurator_params; + struct os_reltime dpp_last_init; + struct os_reltime dpp_init_iter_start; + unsigned int dpp_init_max_tries; + unsigned int dpp_init_retry_time; + unsigned int dpp_resp_wait_time; + unsigned int dpp_resp_max_tries; + unsigned int dpp_resp_retry_time; +#ifdef CONFIG_TESTING_OPTIONS + char *dpp_config_obj_override; + char *dpp_discovery_override; + char *dpp_groups_override; + unsigned int dpp_ignore_netaccesskey_mismatch:1; +#endif /* CONFIG_TESTING_OPTIONS */ +#endif /* CONFIG_DPP */ }; @@ -311,6 +378,7 @@ struct hostapd_sta_info { struct dl_list list; u8 addr[ETH_ALEN]; struct os_reltime last_seen; + int ssi_signal; #ifdef CONFIG_TAXONOMY struct wpabuf *probe_ie_taxonomy; #endif /* CONFIG_TAXONOMY */ @@ -440,6 +508,10 @@ struct hostapd_iface { u64 last_channel_time_busy; u8 channel_utilization; + unsigned int chan_util_samples_sum; + unsigned int chan_util_num_sample_periods; + unsigned int chan_util_average; + /* eCSA IE will be added only if operating class is specified */ u8 cs_oper_class; @@ -459,6 +531,8 @@ struct hostapd_iface { struct dl_list sta_seen; /* struct hostapd_sta_info */ unsigned int num_sta_seen; + + u8 dfs_domain; }; /* hostapd.c */ @@ -466,6 +540,7 @@ int hostapd_for_each_interface(struct hapd_interfaces *interfaces, int (*cb)(struct hostapd_iface *iface, void *ctx), void *ctx); int hostapd_reload_config(struct hostapd_iface *iface); +void hostapd_reconfig_encryption(struct hostapd_data *hapd); struct hostapd_data * hostapd_alloc_bss_data(struct hostapd_iface *hapd_iface, struct hostapd_config *conf, @@ -492,6 +567,7 @@ void hostapd_channel_list_updated(struct hostapd_iface *iface, int initiator); void hostapd_set_state(struct hostapd_iface *iface, enum hostapd_iface_state s); const char * hostapd_state_text(enum hostapd_iface_state s); int hostapd_csa_in_progress(struct hostapd_iface *iface); +void hostapd_chan_switch_vht_config(struct hostapd_data *hapd, int vht_enabled); int hostapd_switch_channel(struct hostapd_data *hapd, struct csa_settings *settings); void @@ -499,6 +575,7 @@ hostapd_switch_channel_fallback(struct hostapd_iface *iface, const struct hostapd_freq_params *freq_params); void hostapd_cleanup_cs_params(struct hostapd_data *hapd); void hostapd_periodic_iface(struct hostapd_iface *iface); +int hostapd_owe_trans_get_info(struct hostapd_data *hapd); /* utils.c */ int hostapd_register_probereq_cb(struct hostapd_data *hapd, @@ -510,6 +587,8 @@ int hostapd_register_probereq_cb(struct hostapd_data *hapd, void hostapd_prune_associations(struct hostapd_data *hapd, const u8 *addr); /* drv_callbacks.c (TODO: move to somewhere else?) */ +void hostapd_notify_assoc_fils_finish(struct hostapd_data *hapd, + struct sta_info *sta); int hostapd_notif_assoc(struct hostapd_data *hapd, const u8 *addr, const u8 *ie, size_t ielen, int reassoc); void hostapd_notif_disassoc(struct hostapd_data *hapd, const u8 *addr); @@ -533,6 +612,9 @@ hostapd_get_eap_user(struct hostapd_data *hapd, const u8 *identity, struct hostapd_data * hostapd_get_iface(struct hapd_interfaces *interfaces, const char *ifname); +void hostapd_event_sta_opmode_changed(struct hostapd_data *hapd, const u8 *addr, + enum smps_mode smps_mode, + enum chan_width chan_width, u8 rx_nss); #ifdef CONFIG_FST void fst_hostapd_fill_iface_obj(struct hostapd_data *hapd, diff --git a/contrib/wpa/src/ap/hs20.c b/contrib/wpa/src/ap/hs20.c index d7909fad4a14..e265569aef38 100644 --- a/contrib/wpa/src/ap/hs20.c +++ b/contrib/wpa/src/ap/hs20.c @@ -11,9 +11,11 @@ #include "common.h" #include "common/ieee802_11_defs.h" +#include "common/wpa_ctrl.h" #include "hostapd.h" #include "ap_config.h" #include "ap_drv_ops.h" +#include "sta_info.h" #include "hs20.h" @@ -175,3 +177,72 @@ int hs20_send_wnm_notification_deauth_req(struct hostapd_data *hapd, return ret; } + + +int hs20_send_wnm_notification_t_c(struct hostapd_data *hapd, + const u8 *addr, const char *url) +{ + struct wpabuf *buf; + int ret; + size_t url_len; + + if (!url) { + wpa_printf(MSG_INFO, "HS 2.0: No T&C Server URL available"); + return -1; + } + + url_len = os_strlen(url); + if (5 + url_len > 255) { + wpa_printf(MSG_INFO, + "HS 2.0: Too long T&C Server URL for WNM-Notification: '%s'", + url); + return -1; + } + + buf = wpabuf_alloc(4 + 7 + url_len); + if (!buf) + return -1; + + wpabuf_put_u8(buf, WLAN_ACTION_WNM); + wpabuf_put_u8(buf, WNM_NOTIFICATION_REQ); + wpabuf_put_u8(buf, 1); /* Dialog token */ + wpabuf_put_u8(buf, 1); /* Type - 1 reserved for WFA */ + + /* Terms and Conditions Acceptance subelement */ + wpabuf_put_u8(buf, WLAN_EID_VENDOR_SPECIFIC); + wpabuf_put_u8(buf, 4 + 1 + url_len); + wpabuf_put_be24(buf, OUI_WFA); + wpabuf_put_u8(buf, HS20_WNM_T_C_ACCEPTANCE); + wpabuf_put_u8(buf, url_len); + wpabuf_put_str(buf, url); + + ret = hostapd_drv_send_action(hapd, hapd->iface->freq, 0, addr, + wpabuf_head(buf), wpabuf_len(buf)); + + wpabuf_free(buf); + + return ret; +} + + +void hs20_t_c_filtering(struct hostapd_data *hapd, struct sta_info *sta, + int enabled) +{ + if (enabled) { + wpa_printf(MSG_DEBUG, + "HS 2.0: Terms and Conditions filtering required for " + MACSTR, MAC2STR(sta->addr)); + sta->hs20_t_c_filtering = 1; + /* TODO: Enable firewall filtering for the STA */ + wpa_msg(hapd->msg_ctx, MSG_INFO, HS20_T_C_FILTERING_ADD MACSTR, + MAC2STR(sta->addr)); + } else { + wpa_printf(MSG_DEBUG, + "HS 2.0: Terms and Conditions filtering not required for " + MACSTR, MAC2STR(sta->addr)); + sta->hs20_t_c_filtering = 0; + /* TODO: Disable firewall filtering for the STA */ + wpa_msg(hapd->msg_ctx, MSG_INFO, + HS20_T_C_FILTERING_REMOVE MACSTR, MAC2STR(sta->addr)); + } +} diff --git a/contrib/wpa/src/ap/hs20.h b/contrib/wpa/src/ap/hs20.h index 152439f4dcb4..e99e26e91158 100644 --- a/contrib/wpa/src/ap/hs20.h +++ b/contrib/wpa/src/ap/hs20.h @@ -18,5 +18,9 @@ int hs20_send_wnm_notification(struct hostapd_data *hapd, const u8 *addr, int hs20_send_wnm_notification_deauth_req(struct hostapd_data *hapd, const u8 *addr, const struct wpabuf *payload); +int hs20_send_wnm_notification_t_c(struct hostapd_data *hapd, + const u8 *addr, const char *url); +void hs20_t_c_filtering(struct hostapd_data *hapd, struct sta_info *sta, + int enabled); #endif /* HS20_H */ diff --git a/contrib/wpa/src/ap/hw_features.c b/contrib/wpa/src/ap/hw_features.c index 16887acdfef4..5279abca1f1f 100644 --- a/contrib/wpa/src/ap/hw_features.c +++ b/contrib/wpa/src/ap/hw_features.c @@ -78,10 +78,12 @@ int hostapd_get_hw_features(struct hostapd_iface *iface) int i, j; u16 num_modes, flags; struct hostapd_hw_modes *modes; + u8 dfs_domain; if (hostapd_drv_none(hapd)) return -1; - modes = hostapd_get_hw_feature_data(hapd, &num_modes, &flags); + modes = hostapd_get_hw_feature_data(hapd, &num_modes, &flags, + &dfs_domain); if (modes == NULL) { hostapd_logger(hapd, NULL, HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_DEBUG, @@ -91,6 +93,7 @@ int hostapd_get_hw_features(struct hostapd_iface *iface) } iface->hw_flags = flags; + iface->dfs_domain = dfs_domain; hostapd_free_hw_features(iface->hw_features, iface->num_hw_features); iface->hw_features = modes; @@ -329,6 +332,9 @@ static void ieee80211n_check_scan(struct hostapd_iface *iface) res = ieee80211n_allowed_ht40_channel_pair(iface); if (!res) { iface->conf->secondary_channel = 0; + iface->conf->vht_oper_centr_freq_seg0_idx = 0; + iface->conf->vht_oper_centr_freq_seg1_idx = 0; + iface->conf->vht_oper_chwidth = VHT_CHANWIDTH_USE_HT; res = 1; wpa_printf(MSG_INFO, "Fallback to 20 MHz"); } @@ -621,41 +627,6 @@ static int ieee80211n_supported_ht_capab(struct hostapd_iface *iface) #ifdef CONFIG_IEEE80211AC - -static int ieee80211ac_cap_check(u32 hw, u32 conf, u32 cap, const char *name) -{ - u32 req_cap = conf & cap; - - /* - * Make sure we support all requested capabilities. - * NOTE: We assume that 'cap' represents a capability mask, - * not a discrete value. - */ - if ((hw & req_cap) != req_cap) { - wpa_printf(MSG_ERROR, "Driver does not support configured VHT capability [%s]", - name); - return 0; - } - return 1; -} - - -static int ieee80211ac_cap_check_max(u32 hw, u32 conf, u32 mask, - unsigned int shift, - const char *name) -{ - u32 hw_max = hw & mask; - u32 conf_val = conf & mask; - - if (conf_val > hw_max) { - wpa_printf(MSG_ERROR, "Configured VHT capability [%s] exceeds max value supported by the driver (%d > %d)", - name, conf_val >> shift, hw_max >> shift); - return 0; - } - return 1; -} - - static int ieee80211ac_supported_vht_capab(struct hostapd_iface *iface) { struct hostapd_hw_modes *mode = iface->current_mode; @@ -683,45 +654,7 @@ static int ieee80211ac_supported_vht_capab(struct hostapd_iface *iface) } } -#define VHT_CAP_CHECK(cap) \ - do { \ - if (!ieee80211ac_cap_check(hw, conf, cap, #cap)) \ - return 0; \ - } while (0) - -#define VHT_CAP_CHECK_MAX(cap) \ - do { \ - if (!ieee80211ac_cap_check_max(hw, conf, cap, cap ## _SHIFT, \ - #cap)) \ - return 0; \ - } while (0) - - VHT_CAP_CHECK_MAX(VHT_CAP_MAX_MPDU_LENGTH_MASK); - VHT_CAP_CHECK(VHT_CAP_SUPP_CHAN_WIDTH_160MHZ); - VHT_CAP_CHECK(VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ); - VHT_CAP_CHECK(VHT_CAP_RXLDPC); - VHT_CAP_CHECK(VHT_CAP_SHORT_GI_80); - VHT_CAP_CHECK(VHT_CAP_SHORT_GI_160); - VHT_CAP_CHECK(VHT_CAP_TXSTBC); - VHT_CAP_CHECK_MAX(VHT_CAP_RXSTBC_MASK); - VHT_CAP_CHECK(VHT_CAP_SU_BEAMFORMER_CAPABLE); - VHT_CAP_CHECK(VHT_CAP_SU_BEAMFORMEE_CAPABLE); - VHT_CAP_CHECK_MAX(VHT_CAP_BEAMFORMEE_STS_MAX); - VHT_CAP_CHECK_MAX(VHT_CAP_SOUNDING_DIMENSION_MAX); - VHT_CAP_CHECK(VHT_CAP_MU_BEAMFORMER_CAPABLE); - VHT_CAP_CHECK(VHT_CAP_MU_BEAMFORMEE_CAPABLE); - VHT_CAP_CHECK(VHT_CAP_VHT_TXOP_PS); - VHT_CAP_CHECK(VHT_CAP_HTC_VHT); - VHT_CAP_CHECK_MAX(VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX); - VHT_CAP_CHECK(VHT_CAP_VHT_LINK_ADAPTATION_VHT_UNSOL_MFB); - VHT_CAP_CHECK(VHT_CAP_VHT_LINK_ADAPTATION_VHT_MRQ_MFB); - VHT_CAP_CHECK(VHT_CAP_RX_ANTENNA_PATTERN); - VHT_CAP_CHECK(VHT_CAP_TX_ANTENNA_PATTERN); - -#undef VHT_CAP_CHECK -#undef VHT_CAP_CHECK_MAX - - return 1; + return ieee80211ac_cap_check(hw, conf); } #endif /* CONFIG_IEEE80211AC */ @@ -746,7 +679,8 @@ int hostapd_check_ht_capab(struct hostapd_iface *iface) if (!ieee80211n_supported_ht_capab(iface)) return -1; #ifdef CONFIG_IEEE80211AC - if (!ieee80211ac_supported_vht_capab(iface)) + if (iface->conf->ieee80211ac && + !ieee80211ac_supported_vht_capab(iface)) return -1; #endif /* CONFIG_IEEE80211AC */ ret = ieee80211n_check_40mhz(iface); @@ -785,20 +719,41 @@ static int hostapd_is_usable_chan(struct hostapd_iface *iface, chan->flag & HOSTAPD_CHAN_RADAR ? " RADAR" : ""); } + wpa_printf(MSG_INFO, "Channel %d (%s) not allowed for AP mode", + channel, primary ? "primary" : "secondary"); return 0; } static int hostapd_is_usable_chans(struct hostapd_iface *iface) { + int secondary_chan; + if (!hostapd_is_usable_chan(iface, iface->conf->channel, 1)) return 0; if (!iface->conf->secondary_channel) return 1; - return hostapd_is_usable_chan(iface, iface->conf->channel + - iface->conf->secondary_channel * 4, 0); + if (!iface->conf->ht40_plus_minus_allowed) + return hostapd_is_usable_chan( + iface, iface->conf->channel + + iface->conf->secondary_channel * 4, 0); + + /* Both HT40+ and HT40- are set, pick a valid secondary channel */ + secondary_chan = iface->conf->channel + 4; + if (hostapd_is_usable_chan(iface, secondary_chan, 0)) { + iface->conf->secondary_channel = 1; + return 1; + } + + secondary_chan = iface->conf->channel - 4; + if (hostapd_is_usable_chan(iface, secondary_chan, 0)) { + iface->conf->secondary_channel = -1; + return 1; + } + + return 0; } @@ -978,5 +933,19 @@ int hostapd_hw_get_freq(struct hostapd_data *hapd, int chan) int hostapd_hw_get_channel(struct hostapd_data *hapd, int freq) { - return hw_get_chan(hapd->iface->current_mode, freq); + int i, channel; + struct hostapd_hw_modes *mode; + + channel = hw_get_chan(hapd->iface->current_mode, freq); + if (channel) + return channel; + /* Check other available modes since the channel list for the current + * mode did not include the specified frequency. */ + for (i = 0; i < hapd->iface->num_hw_features; i++) { + mode = &hapd->iface->hw_features[i]; + channel = hw_get_chan(mode, freq); + if (channel) + return channel; + } + return 0; } diff --git a/contrib/wpa/src/ap/ieee802_11.c b/contrib/wpa/src/ap/ieee802_11.c index 333035fe7703..f9bb99d98549 100644 --- a/contrib/wpa/src/ap/ieee802_11.c +++ b/contrib/wpa/src/ap/ieee802_11.c @@ -1,6 +1,6 @@ /* * hostapd / IEEE 802.11 Management - * Copyright (c) 2002-2014, Jouni Malinen <j@w1.fi> + * Copyright (c) 2002-2017, Jouni Malinen <j@w1.fi> * * This software may be distributed under the terms of the BSD license. * See README for more details. @@ -14,6 +14,8 @@ #include "utils/eloop.h" #include "crypto/crypto.h" #include "crypto/sha256.h" +#include "crypto/sha384.h" +#include "crypto/sha512.h" #include "crypto/random.h" #include "common/ieee802_11_defs.h" #include "common/ieee802_11_common.h" @@ -45,8 +47,21 @@ #include "mbo_ap.h" #include "rrm.h" #include "taxonomy.h" +#include "fils_hlp.h" +#include "dpp_hostapd.h" +#include "gas_query_ap.h" +#ifdef CONFIG_FILS +static struct wpabuf * +prepare_auth_resp_fils(struct hostapd_data *hapd, + struct sta_info *sta, u16 *resp, + struct rsn_pmksa_cache_entry *pmksa, + struct wpabuf *erp_resp, + const u8 *msk, size_t msk_len, + int *is_pub); +#endif /* CONFIG_FILS */ + u8 * hostapd_eid_supp_rates(struct hostapd_data *hapd, u8 *eid) { u8 *pos = eid; @@ -262,7 +277,7 @@ static u16 auth_shared_key(struct hostapd_data *hapd, struct sta_info *sta, static int send_auth_reply(struct hostapd_data *hapd, const u8 *dst, const u8 *bssid, u16 auth_alg, u16 auth_transaction, u16 resp, - const u8 *ies, size_t ies_len) + const u8 *ies, size_t ies_len, const char *dbg) { struct ieee80211_mgmt *reply; u8 *buf; @@ -289,9 +304,9 @@ static int send_auth_reply(struct hostapd_data *hapd, os_memcpy(reply->u.auth.variable, ies, ies_len); wpa_printf(MSG_DEBUG, "authentication reply: STA=" MACSTR - " auth_alg=%d auth_transaction=%d resp=%d (IE len=%lu)", + " auth_alg=%d auth_transaction=%d resp=%d (IE len=%lu) (dbg=%s)", MAC2STR(dst), auth_alg, auth_transaction, - resp, (unsigned long) ies_len); + resp, (unsigned long) ies_len, dbg); if (hostapd_drv_send_mlme(hapd, reply, rlen, 0) < 0) wpa_printf(MSG_INFO, "send_auth_reply: send failed"); else @@ -303,7 +318,7 @@ static int send_auth_reply(struct hostapd_data *hapd, } -#ifdef CONFIG_IEEE80211R +#ifdef CONFIG_IEEE80211R_AP static void handle_auth_ft_finish(void *ctx, const u8 *dst, const u8 *bssid, u16 auth_transaction, u16 status, const u8 *ies, size_t ies_len) @@ -313,7 +328,8 @@ static void handle_auth_ft_finish(void *ctx, const u8 *dst, const u8 *bssid, int reply_res; reply_res = send_auth_reply(hapd, dst, bssid, WLAN_AUTH_FT, - auth_transaction, status, ies, ies_len); + auth_transaction, status, ies, ies_len, + "auth-ft-finish"); sta = ap_get_sta(hapd, dst); if (sta == NULL) @@ -334,38 +350,65 @@ static void handle_auth_ft_finish(void *ctx, const u8 *dst, const u8 *bssid, sta->flags |= WLAN_STA_AUTH; mlme_authenticate_indication(hapd, sta); } -#endif /* CONFIG_IEEE80211R */ +#endif /* CONFIG_IEEE80211R_AP */ #ifdef CONFIG_SAE -#define dot11RSNASAESync 5 /* attempts */ +static void sae_set_state(struct sta_info *sta, enum sae_state state, + const char *reason) +{ + wpa_printf(MSG_DEBUG, "SAE: State %s -> %s for peer " MACSTR " (%s)", + sae_state_txt(sta->sae->state), sae_state_txt(state), + MAC2STR(sta->addr), reason); + sta->sae->state = state; +} static struct wpabuf * auth_build_sae_commit(struct hostapd_data *hapd, struct sta_info *sta, int update) { struct wpabuf *buf; + const char *password = NULL; + struct sae_password_entry *pw; + const char *rx_id = NULL; + + if (sta->sae->tmp) + rx_id = sta->sae->tmp->pw_id; - if (hapd->conf->ssid.wpa_passphrase == NULL) { + for (pw = hapd->conf->sae_passwords; pw; pw = pw->next) { + if (!is_broadcast_ether_addr(pw->peer_addr) && + os_memcmp(pw->peer_addr, sta->addr, ETH_ALEN) != 0) + continue; + if ((rx_id && !pw->identifier) || (!rx_id && pw->identifier)) + continue; + if (rx_id && pw->identifier && + os_strcmp(rx_id, pw->identifier) != 0) + continue; + password = pw->password; + break; + } + if (!password) + password = hapd->conf->ssid.wpa_passphrase; + if (!password) { wpa_printf(MSG_DEBUG, "SAE: No password available"); return NULL; } if (update && sae_prepare_commit(hapd->own_addr, sta->addr, - (u8 *) hapd->conf->ssid.wpa_passphrase, - os_strlen(hapd->conf->ssid.wpa_passphrase), + (u8 *) password, os_strlen(password), rx_id, sta->sae) < 0) { wpa_printf(MSG_DEBUG, "SAE: Could not pick PWE"); return NULL; } - buf = wpabuf_alloc(SAE_COMMIT_MAX_LEN); + buf = wpabuf_alloc(SAE_COMMIT_MAX_LEN + + (rx_id ? 3 + os_strlen(rx_id) : 0)); if (buf == NULL) return NULL; sae_write_commit(sta->sae, buf, sta->sae->tmp ? - sta->sae->tmp->anti_clogging_token : NULL); + sta->sae->tmp->anti_clogging_token : NULL, rx_id); return buf; } @@ -394,12 +437,14 @@ static int auth_sae_send_commit(struct hostapd_data *hapd, int reply_res; data = auth_build_sae_commit(hapd, sta, update); + if (!data && sta->sae->tmp && sta->sae->tmp->pw_id) + return WLAN_STATUS_UNKNOWN_PASSWORD_IDENTIFIER; if (data == NULL) return WLAN_STATUS_UNSPECIFIED_FAILURE; reply_res = send_auth_reply(hapd, sta->addr, bssid, WLAN_AUTH_SAE, 1, WLAN_STATUS_SUCCESS, wpabuf_head(data), - wpabuf_len(data)); + wpabuf_len(data), "sae-send-commit"); wpabuf_free(data); @@ -420,7 +465,7 @@ static int auth_sae_send_confirm(struct hostapd_data *hapd, reply_res = send_auth_reply(hapd, sta->addr, bssid, WLAN_AUTH_SAE, 2, WLAN_STATUS_SUCCESS, wpabuf_head(data), - wpabuf_len(data)); + wpabuf_len(data), "sae-send-confirm"); wpabuf_free(data); @@ -499,10 +544,10 @@ static struct wpabuf * auth_build_token_req(struct hostapd_data *hapd, } -static int sae_check_big_sync(struct sta_info *sta) +static int sae_check_big_sync(struct hostapd_data *hapd, struct sta_info *sta) { - if (sta->sae->sync > dot11RSNASAESync) { - sta->sae->state = SAE_NOTHING; + if (sta->sae->sync > hapd->conf->sae_sync) { + sae_set_state(sta, SAE_NOTHING, "Sync > dot11RSNASAESync"); sta->sae->sync = 0; return -1; } @@ -516,12 +561,13 @@ static void auth_sae_retransmit_timer(void *eloop_ctx, void *eloop_data) struct sta_info *sta = eloop_data; int ret; - if (sae_check_big_sync(sta)) + if (sae_check_big_sync(hapd, sta)) return; sta->sae->sync++; wpa_printf(MSG_DEBUG, "SAE: Auth SAE retransmit timer for " MACSTR - " (sync=%d state=%d)", - MAC2STR(sta->addr), sta->sae->sync, sta->sae->state); + " (sync=%d state=%s)", + MAC2STR(sta->addr), sta->sae->sync, + sae_state_txt(sta->sae->state)); switch (sta->sae->state) { case SAE_COMMITTED: @@ -570,7 +616,7 @@ void sae_accept_sta(struct hostapd_data *hapd, struct sta_info *sta) sta->auth_alg = WLAN_AUTH_SAE; mlme_authenticate_indication(hapd, sta); wpa_auth_sm_event(sta->wpa_sm, WPA_AUTH); - sta->sae->state = SAE_ACCEPTED; + sae_set_state(sta, SAE_ACCEPTED, "Accept Confirm"); wpa_auth_pmksa_add_sae(hapd->wpa_auth, sta->addr, sta->sae->pmk, sta->sae->pmkid); } @@ -584,13 +630,16 @@ static int sae_sm_step(struct hostapd_data *hapd, struct sta_info *sta, if (auth_transaction != 1 && auth_transaction != 2) return WLAN_STATUS_UNSPECIFIED_FAILURE; + wpa_printf(MSG_DEBUG, "SAE: Peer " MACSTR " state=%s auth_trans=%u", + MAC2STR(sta->addr), sae_state_txt(sta->sae->state), + auth_transaction); switch (sta->sae->state) { case SAE_NOTHING: if (auth_transaction == 1) { ret = auth_sae_send_commit(hapd, sta, bssid, 1); if (ret) return ret; - sta->sae->state = SAE_COMMITTED; + sae_set_state(sta, SAE_COMMITTED, "Sent Commit"); if (sae_process_commit(sta->sae) < 0) return WLAN_STATUS_UNSPECIFIED_FAILURE; @@ -612,7 +661,8 @@ static int sae_sm_step(struct hostapd_data *hapd, struct sta_info *sta, ret = auth_sae_send_confirm(hapd, sta, bssid); if (ret) return ret; - sta->sae->state = SAE_CONFIRMED; + sae_set_state(sta, SAE_CONFIRMED, + "Sent Confirm (mesh)"); } else { /* * For infrastructure BSS, send only the Commit @@ -641,7 +691,7 @@ static int sae_sm_step(struct hostapd_data *hapd, struct sta_info *sta, ret = auth_sae_send_confirm(hapd, sta, bssid); if (ret) return ret; - sta->sae->state = SAE_CONFIRMED; + sae_set_state(sta, SAE_CONFIRMED, "Sent Confirm"); sta->sae->sync = 0; sae_set_retransmit_timer(hapd, sta); } else if (hapd->conf->mesh & MESH_ENABLED) { @@ -649,7 +699,7 @@ static int sae_sm_step(struct hostapd_data *hapd, struct sta_info *sta, * In mesh case, follow SAE finite state machine and * send Commit now, if sync count allows. */ - if (sae_check_big_sync(sta)) + if (sae_check_big_sync(hapd, sta)) return WLAN_STATUS_SUCCESS; sta->sae->sync++; @@ -668,7 +718,7 @@ static int sae_sm_step(struct hostapd_data *hapd, struct sta_info *sta, if (ret) return ret; - sta->sae->state = SAE_CONFIRMED; + sae_set_state(sta, SAE_CONFIRMED, "Sent Confirm"); /* * Since this was triggered on Confirm RX, run another @@ -681,7 +731,7 @@ static int sae_sm_step(struct hostapd_data *hapd, struct sta_info *sta, case SAE_CONFIRMED: sae_clear_retransmit_timer(hapd, sta); if (auth_transaction == 1) { - if (sae_check_big_sync(sta)) + if (sae_check_big_sync(hapd, sta)) return WLAN_STATUS_SUCCESS; sta->sae->sync++; @@ -698,18 +748,31 @@ static int sae_sm_step(struct hostapd_data *hapd, struct sta_info *sta, sae_set_retransmit_timer(hapd, sta); } else { + sta->sae->send_confirm = 0xffff; sae_accept_sta(hapd, sta); } break; case SAE_ACCEPTED: - if (auth_transaction == 1) { + if (auth_transaction == 1 && + (hapd->conf->mesh & MESH_ENABLED)) { wpa_printf(MSG_DEBUG, "SAE: remove the STA (" MACSTR ") doing reauthentication", MAC2STR(sta->addr)); ap_free_sta(hapd, sta); wpa_auth_pmksa_remove(hapd->wpa_auth, sta->addr); + } else if (auth_transaction == 1) { + wpa_printf(MSG_DEBUG, "SAE: Start reauthentication"); + ret = auth_sae_send_commit(hapd, sta, bssid, 1); + if (ret) + return ret; + sae_set_state(sta, SAE_COMMITTED, "Sent Commit"); + + if (sae_process_commit(sta->sae) < 0) + return WLAN_STATUS_UNSPECIFIED_FAILURE; + sta->sae->sync = 0; + sae_set_retransmit_timer(hapd, sta); } else { - if (sae_check_big_sync(sta)) + if (sae_check_big_sync(hapd, sta)) return WLAN_STATUS_SUCCESS; sta->sae->sync++; @@ -773,6 +836,29 @@ static void handle_auth_sae(struct hostapd_data *hapd, struct sta_info *sta, int resp = WLAN_STATUS_SUCCESS; struct wpabuf *data = NULL; +#ifdef CONFIG_TESTING_OPTIONS + if (hapd->conf->sae_reflection_attack && auth_transaction == 1) { + const u8 *pos, *end; + + wpa_printf(MSG_DEBUG, "SAE: TESTING - reflection attack"); + pos = mgmt->u.auth.variable; + end = ((const u8 *) mgmt) + len; + send_auth_reply(hapd, mgmt->sa, mgmt->bssid, WLAN_AUTH_SAE, + auth_transaction, resp, pos, end - pos, + "auth-sae-reflection-attack"); + goto remove_sta; + } + + if (hapd->conf->sae_commit_override && auth_transaction == 1) { + wpa_printf(MSG_DEBUG, "SAE: TESTING - commit override"); + send_auth_reply(hapd, mgmt->sa, mgmt->bssid, WLAN_AUTH_SAE, + auth_transaction, resp, + wpabuf_head(hapd->conf->sae_commit_override), + wpabuf_len(hapd->conf->sae_commit_override), + "sae-commit-override"); + goto remove_sta; + } +#endif /* CONFIG_TESTING_OPTIONS */ if (!sta->sae) { if (auth_transaction != 1 || status_code != WLAN_STATUS_SUCCESS) { @@ -784,7 +870,7 @@ static void handle_auth_sae(struct hostapd_data *hapd, struct sta_info *sta, resp = -1; goto remove_sta; } - sta->sae->state = SAE_NOTHING; + sae_set_state(sta, SAE_NOTHING, "Init"); sta->sae->sync = 0; } @@ -847,7 +933,8 @@ static void handle_auth_sae(struct hostapd_data *hapd, struct sta_info *sta, "SAE: Failed to send commit message"); goto remove_sta; } - sta->sae->state = SAE_COMMITTED; + sae_set_state(sta, SAE_COMMITTED, + "Sent Commit (anti-clogging token case in mesh)"); sta->sae->sync = 0; sae_set_retransmit_timer(hapd, sta); return; @@ -866,6 +953,20 @@ static void handle_auth_sae(struct hostapd_data *hapd, struct sta_info *sta, if (status_code != WLAN_STATUS_SUCCESS) goto remove_sta; + if (!(hapd->conf->mesh & MESH_ENABLED) && + sta->sae->state == SAE_COMMITTED) { + /* This is needed in the infrastructure BSS case to + * address a sequence where a STA entry may remain in + * hostapd across two attempts to do SAE authentication + * by the same STA. The second attempt may end up trying + * to use a different group and that would not be + * allowed if we remain in Committed state with the + * previously set parameters. */ + sae_set_state(sta, SAE_NOTHING, + "Clear existing state to allow restart"); + sae_clear_data(sta->sae); + } + resp = sae_parse_commit(sta->sae, mgmt->u.auth.variable, ((const u8 *) mgmt) + len - mgmt->u.auth.variable, &token, @@ -876,6 +977,17 @@ static void handle_auth_sae(struct hostapd_data *hapd, struct sta_info *sta, MAC2STR(sta->addr)); goto remove_sta; } + + if (resp == WLAN_STATUS_UNKNOWN_PASSWORD_IDENTIFIER) { + wpa_msg(hapd->msg_ctx, MSG_INFO, + WPA_EVENT_SAE_UNKNOWN_PASSWORD_IDENTIFIER + MACSTR, MAC2STR(sta->addr)); + sae_clear_retransmit_timer(hapd, sta); + sae_set_state(sta, SAE_NOTHING, + "Unknown Password Identifier"); + goto remove_sta; + } + if (token && check_sae_token(hapd, sta->addr, token, token_len) < 0) { wpa_printf(MSG_DEBUG, "SAE: Drop commit message with " @@ -896,7 +1008,8 @@ static void handle_auth_sae(struct hostapd_data *hapd, struct sta_info *sta, sta->addr); resp = WLAN_STATUS_ANTI_CLOGGING_TOKEN_REQ; if (hapd->conf->mesh & MESH_ENABLED) - sta->sae->state = SAE_NOTHING; + sae_set_state(sta, SAE_NOTHING, + "Request anti-clogging token case in mesh"); goto reply; } @@ -910,12 +1023,36 @@ static void handle_auth_sae(struct hostapd_data *hapd, struct sta_info *sta, goto remove_sta; if (sta->sae->state >= SAE_CONFIRMED || !(hapd->conf->mesh & MESH_ENABLED)) { - if (sae_check_confirm(sta->sae, mgmt->u.auth.variable, - ((u8 *) mgmt) + len - - mgmt->u.auth.variable) < 0) { + const u8 *var; + size_t var_len; + u16 peer_send_confirm; + + var = mgmt->u.auth.variable; + var_len = ((u8 *) mgmt) + len - mgmt->u.auth.variable; + if (var_len < 2) { resp = WLAN_STATUS_UNSPECIFIED_FAILURE; goto reply; } + + peer_send_confirm = WPA_GET_LE16(var); + + if (sta->sae->state == SAE_ACCEPTED && + (peer_send_confirm <= sta->sae->rc || + peer_send_confirm == 0xffff)) { + wpa_printf(MSG_DEBUG, + "SAE: Silently ignore unexpected Confirm from peer " + MACSTR + " (peer-send-confirm=%u Rc=%u)", + MAC2STR(sta->addr), + peer_send_confirm, sta->sae->rc); + return; + } + + if (sae_check_confirm(sta->sae, var, var_len) < 0) { + resp = WLAN_STATUS_UNSPECIFIED_FAILURE; + goto reply; + } + sta->sae->rc = peer_send_confirm; } resp = sae_sm_step(hapd, sta, mgmt->bssid, auth_transaction); } else { @@ -933,7 +1070,7 @@ reply: send_auth_reply(hapd, mgmt->sa, mgmt->bssid, WLAN_AUTH_SAE, auth_transaction, resp, data ? wpabuf_head(data) : (u8 *) "", - data ? wpabuf_len(data) : 0); + data ? wpabuf_len(data) : 0, "auth-sae"); } remove_sta: @@ -970,7 +1107,7 @@ int auth_sae_init_committed(struct hostapd_data *hapd, struct sta_info *sta) if (ret) return -1; - sta->sae->state = SAE_COMMITTED; + sae_set_state(sta, SAE_COMMITTED, "Init and sent commit"); sta->sae->sync = 0; sae_set_retransmit_timer(hapd, sta); @@ -980,6 +1117,631 @@ int auth_sae_init_committed(struct hostapd_data *hapd, struct sta_info *sta) #endif /* CONFIG_SAE */ +static u16 wpa_res_to_status_code(int res) +{ + if (res == WPA_INVALID_GROUP) + return WLAN_STATUS_GROUP_CIPHER_NOT_VALID; + if (res == WPA_INVALID_PAIRWISE) + return WLAN_STATUS_PAIRWISE_CIPHER_NOT_VALID; + if (res == WPA_INVALID_AKMP) + return WLAN_STATUS_AKMP_NOT_VALID; + if (res == WPA_ALLOC_FAIL) + return WLAN_STATUS_UNSPECIFIED_FAILURE; +#ifdef CONFIG_IEEE80211W + if (res == WPA_MGMT_FRAME_PROTECTION_VIOLATION) + return WLAN_STATUS_ROBUST_MGMT_FRAME_POLICY_VIOLATION; + if (res == WPA_INVALID_MGMT_GROUP_CIPHER) + return WLAN_STATUS_CIPHER_REJECTED_PER_POLICY; +#endif /* CONFIG_IEEE80211W */ + if (res == WPA_INVALID_MDIE) + return WLAN_STATUS_INVALID_MDIE; + if (res == WPA_INVALID_PMKID) + return WLAN_STATUS_INVALID_PMKID; + if (res != WPA_IE_OK) + return WLAN_STATUS_INVALID_IE; + return WLAN_STATUS_SUCCESS; +} + + +#ifdef CONFIG_FILS + +static void handle_auth_fils_finish(struct hostapd_data *hapd, + struct sta_info *sta, u16 resp, + struct wpabuf *data, int pub); + +void handle_auth_fils(struct hostapd_data *hapd, struct sta_info *sta, + const u8 *pos, size_t len, u16 auth_alg, + u16 auth_transaction, u16 status_code, + void (*cb)(struct hostapd_data *hapd, + struct sta_info *sta, u16 resp, + struct wpabuf *data, int pub)) +{ + u16 resp = WLAN_STATUS_SUCCESS; + const u8 *end; + struct ieee802_11_elems elems; + int res; + struct wpa_ie_data rsn; + struct rsn_pmksa_cache_entry *pmksa = NULL; + + if (auth_transaction != 1 || status_code != WLAN_STATUS_SUCCESS) + return; + + end = pos + len; + + wpa_hexdump(MSG_DEBUG, "FILS: Authentication frame fields", + pos, end - pos); + + /* TODO: FILS PK */ +#ifdef CONFIG_FILS_SK_PFS + if (auth_alg == WLAN_AUTH_FILS_SK_PFS) { + u16 group; + struct wpabuf *pub; + size_t elem_len; + + /* Using FILS PFS */ + + /* Finite Cyclic Group */ + if (end - pos < 2) { + wpa_printf(MSG_DEBUG, + "FILS: No room for Finite Cyclic Group"); + resp = WLAN_STATUS_UNSPECIFIED_FAILURE; + goto fail; + } + group = WPA_GET_LE16(pos); + pos += 2; + if (group != hapd->conf->fils_dh_group) { + wpa_printf(MSG_DEBUG, + "FILS: Unsupported Finite Cyclic Group: %u (expected %u)", + group, hapd->conf->fils_dh_group); + resp = WLAN_STATUS_FINITE_CYCLIC_GROUP_NOT_SUPPORTED; + goto fail; + } + + crypto_ecdh_deinit(sta->fils_ecdh); + sta->fils_ecdh = crypto_ecdh_init(group); + if (!sta->fils_ecdh) { + wpa_printf(MSG_INFO, + "FILS: Could not initialize ECDH with group %d", + group); + resp = WLAN_STATUS_FINITE_CYCLIC_GROUP_NOT_SUPPORTED; + goto fail; + } + + pub = crypto_ecdh_get_pubkey(sta->fils_ecdh, 1); + if (!pub) { + wpa_printf(MSG_DEBUG, + "FILS: Failed to derive ECDH public key"); + resp = WLAN_STATUS_UNSPECIFIED_FAILURE; + goto fail; + } + elem_len = wpabuf_len(pub); + wpabuf_free(pub); + + /* Element */ + if ((size_t) (end - pos) < elem_len) { + wpa_printf(MSG_DEBUG, "FILS: No room for Element"); + resp = WLAN_STATUS_UNSPECIFIED_FAILURE; + goto fail; + } + + wpabuf_free(sta->fils_g_sta); + sta->fils_g_sta = wpabuf_alloc_copy(pos, elem_len); + wpabuf_clear_free(sta->fils_dh_ss); + sta->fils_dh_ss = crypto_ecdh_set_peerkey(sta->fils_ecdh, 1, + pos, elem_len); + if (!sta->fils_dh_ss) { + wpa_printf(MSG_DEBUG, "FILS: ECDH operation failed"); + resp = WLAN_STATUS_UNSPECIFIED_FAILURE; + goto fail; + } + wpa_hexdump_buf_key(MSG_DEBUG, "FILS: DH_SS", sta->fils_dh_ss); + pos += elem_len; + } else { + crypto_ecdh_deinit(sta->fils_ecdh); + sta->fils_ecdh = NULL; + wpabuf_clear_free(sta->fils_dh_ss); + sta->fils_dh_ss = NULL; + } +#endif /* CONFIG_FILS_SK_PFS */ + + wpa_hexdump(MSG_DEBUG, "FILS: Remaining IEs", pos, end - pos); + if (ieee802_11_parse_elems(pos, end - pos, &elems, 1) == ParseFailed) { + wpa_printf(MSG_DEBUG, "FILS: Could not parse elements"); + resp = WLAN_STATUS_UNSPECIFIED_FAILURE; + goto fail; + } + + /* RSNE */ + wpa_hexdump(MSG_DEBUG, "FILS: RSN element", + elems.rsn_ie, elems.rsn_ie_len); + if (!elems.rsn_ie || + wpa_parse_wpa_ie_rsn(elems.rsn_ie - 2, elems.rsn_ie_len + 2, + &rsn) < 0) { + wpa_printf(MSG_DEBUG, "FILS: No valid RSN element"); + resp = WLAN_STATUS_UNSPECIFIED_FAILURE; + goto fail; + } + + if (!sta->wpa_sm) + sta->wpa_sm = wpa_auth_sta_init(hapd->wpa_auth, sta->addr, + NULL); + if (!sta->wpa_sm) { + wpa_printf(MSG_DEBUG, + "FILS: Failed to initialize RSN state machine"); + resp = WLAN_STATUS_UNSPECIFIED_FAILURE; + goto fail; + } + + res = wpa_validate_wpa_ie(hapd->wpa_auth, sta->wpa_sm, + elems.rsn_ie - 2, elems.rsn_ie_len + 2, + elems.mdie, elems.mdie_len, NULL, 0); + resp = wpa_res_to_status_code(res); + if (resp != WLAN_STATUS_SUCCESS) + goto fail; + + if (!elems.fils_nonce) { + wpa_printf(MSG_DEBUG, "FILS: No FILS Nonce field"); + resp = WLAN_STATUS_UNSPECIFIED_FAILURE; + goto fail; + } + wpa_hexdump(MSG_DEBUG, "FILS: SNonce", elems.fils_nonce, + FILS_NONCE_LEN); + os_memcpy(sta->fils_snonce, elems.fils_nonce, FILS_NONCE_LEN); + + /* PMKID List */ + if (rsn.pmkid && rsn.num_pmkid > 0) { + u8 num; + const u8 *pmkid; + + wpa_hexdump(MSG_DEBUG, "FILS: PMKID List", + rsn.pmkid, rsn.num_pmkid * PMKID_LEN); + + pmkid = rsn.pmkid; + num = rsn.num_pmkid; + while (num) { + wpa_hexdump(MSG_DEBUG, "FILS: PMKID", pmkid, PMKID_LEN); + pmksa = wpa_auth_pmksa_get(hapd->wpa_auth, sta->addr, + pmkid); + if (pmksa) + break; + pmksa = wpa_auth_pmksa_get_fils_cache_id(hapd->wpa_auth, + sta->addr, + pmkid); + if (pmksa) + break; + pmkid += PMKID_LEN; + num--; + } + } + if (pmksa && wpa_auth_sta_key_mgmt(sta->wpa_sm) != pmksa->akmp) { + wpa_printf(MSG_DEBUG, + "FILS: Matching PMKSA cache entry has different AKMP (0x%x != 0x%x) - ignore", + wpa_auth_sta_key_mgmt(sta->wpa_sm), pmksa->akmp); + pmksa = NULL; + } + if (pmksa) + wpa_printf(MSG_DEBUG, "FILS: Found matching PMKSA cache entry"); + + /* FILS Session */ + if (!elems.fils_session) { + wpa_printf(MSG_DEBUG, "FILS: No FILS Session element"); + resp = WLAN_STATUS_UNSPECIFIED_FAILURE; + goto fail; + } + wpa_hexdump(MSG_DEBUG, "FILS: FILS Session", elems.fils_session, + FILS_SESSION_LEN); + os_memcpy(sta->fils_session, elems.fils_session, FILS_SESSION_LEN); + + /* FILS Wrapped Data */ + if (elems.fils_wrapped_data) { + wpa_hexdump(MSG_DEBUG, "FILS: Wrapped Data", + elems.fils_wrapped_data, + elems.fils_wrapped_data_len); + if (!pmksa) { +#ifndef CONFIG_NO_RADIUS + if (!sta->eapol_sm) { + sta->eapol_sm = + ieee802_1x_alloc_eapol_sm(hapd, sta); + } + wpa_printf(MSG_DEBUG, + "FILS: Forward EAP-Initiate/Re-auth to authentication server"); + ieee802_1x_encapsulate_radius( + hapd, sta, elems.fils_wrapped_data, + elems.fils_wrapped_data_len); + sta->fils_pending_cb = cb; + wpa_printf(MSG_DEBUG, + "FILS: Will send Authentication frame once the response from authentication server is available"); + sta->flags |= WLAN_STA_PENDING_FILS_ERP; + /* Calculate pending PMKID here so that we do not need + * to maintain a copy of the EAP-Initiate/Reauth + * message. */ + if (fils_pmkid_erp(wpa_auth_sta_key_mgmt(sta->wpa_sm), + elems.fils_wrapped_data, + elems.fils_wrapped_data_len, + sta->fils_erp_pmkid) == 0) + sta->fils_erp_pmkid_set = 1; + return; +#else /* CONFIG_NO_RADIUS */ + resp = WLAN_STATUS_UNSPECIFIED_FAILURE; + goto fail; +#endif /* CONFIG_NO_RADIUS */ + } + } + +fail: + if (cb) { + struct wpabuf *data; + int pub = 0; + + data = prepare_auth_resp_fils(hapd, sta, &resp, pmksa, NULL, + NULL, 0, &pub); + if (!data) { + wpa_printf(MSG_DEBUG, + "%s: prepare_auth_resp_fils() returned failure", + __func__); + } + + cb(hapd, sta, resp, data, pub); + } +} + + +static struct wpabuf * +prepare_auth_resp_fils(struct hostapd_data *hapd, + struct sta_info *sta, u16 *resp, + struct rsn_pmksa_cache_entry *pmksa, + struct wpabuf *erp_resp, + const u8 *msk, size_t msk_len, + int *is_pub) +{ + u8 fils_nonce[FILS_NONCE_LEN]; + size_t ielen; + struct wpabuf *data = NULL; + const u8 *ie; + u8 *ie_buf = NULL; + const u8 *pmk = NULL; + size_t pmk_len = 0; + u8 pmk_buf[PMK_LEN_MAX]; + struct wpabuf *pub = NULL; + + if (*resp != WLAN_STATUS_SUCCESS) + goto fail; + + ie = wpa_auth_get_wpa_ie(hapd->wpa_auth, &ielen); + if (!ie) { + *resp = WLAN_STATUS_UNSPECIFIED_FAILURE; + goto fail; + } + + if (pmksa) { + /* Add PMKID of the selected PMKSA into RSNE */ + ie_buf = os_malloc(ielen + 2 + 2 + PMKID_LEN); + if (!ie_buf) { + *resp = WLAN_STATUS_UNSPECIFIED_FAILURE; + goto fail; + } + + os_memcpy(ie_buf, ie, ielen); + if (wpa_insert_pmkid(ie_buf, &ielen, pmksa->pmkid) < 0) { + *resp = WLAN_STATUS_UNSPECIFIED_FAILURE; + goto fail; + } + ie = ie_buf; + } + + if (random_get_bytes(fils_nonce, FILS_NONCE_LEN) < 0) { + *resp = WLAN_STATUS_UNSPECIFIED_FAILURE; + goto fail; + } + wpa_hexdump(MSG_DEBUG, "RSN: Generated FILS Nonce", + fils_nonce, FILS_NONCE_LEN); + +#ifdef CONFIG_FILS_SK_PFS + if (sta->fils_dh_ss && sta->fils_ecdh) { + pub = crypto_ecdh_get_pubkey(sta->fils_ecdh, 1); + if (!pub) { + *resp = WLAN_STATUS_UNSPECIFIED_FAILURE; + goto fail; + } + } +#endif /* CONFIG_FILS_SK_PFS */ + + data = wpabuf_alloc(1000 + ielen + (pub ? wpabuf_len(pub) : 0)); + if (!data) { + *resp = WLAN_STATUS_UNSPECIFIED_FAILURE; + goto fail; + } + + /* TODO: FILS PK */ +#ifdef CONFIG_FILS_SK_PFS + if (pub) { + /* Finite Cyclic Group */ + wpabuf_put_le16(data, hapd->conf->fils_dh_group); + + /* Element */ + wpabuf_put_buf(data, pub); + } +#endif /* CONFIG_FILS_SK_PFS */ + + /* RSNE */ + wpabuf_put_data(data, ie, ielen); + + /* MDE when using FILS+FT (already included in ie,ielen with RSNE) */ + +#ifdef CONFIG_IEEE80211R_AP + if (wpa_key_mgmt_ft(wpa_auth_sta_key_mgmt(sta->wpa_sm))) { + /* FTE[R1KH-ID,R0KH-ID] when using FILS+FT */ + int res; + int use_sha384 = wpa_key_mgmt_sha384( + wpa_auth_sta_key_mgmt(sta->wpa_sm)); + + res = wpa_auth_write_fte(hapd->wpa_auth, use_sha384, + wpabuf_put(data, 0), + wpabuf_tailroom(data)); + if (res < 0) { + *resp = WLAN_STATUS_UNSPECIFIED_FAILURE; + goto fail; + } + wpabuf_put(data, res); + } +#endif /* CONFIG_IEEE80211R_AP */ + + /* FILS Nonce */ + wpabuf_put_u8(data, WLAN_EID_EXTENSION); /* Element ID */ + wpabuf_put_u8(data, 1 + FILS_NONCE_LEN); /* Length */ + /* Element ID Extension */ + wpabuf_put_u8(data, WLAN_EID_EXT_FILS_NONCE); + wpabuf_put_data(data, fils_nonce, FILS_NONCE_LEN); + + /* FILS Session */ + wpabuf_put_u8(data, WLAN_EID_EXTENSION); /* Element ID */ + wpabuf_put_u8(data, 1 + FILS_SESSION_LEN); /* Length */ + /* Element ID Extension */ + wpabuf_put_u8(data, WLAN_EID_EXT_FILS_SESSION); + wpabuf_put_data(data, sta->fils_session, FILS_SESSION_LEN); + + /* FILS Wrapped Data */ + if (!pmksa && erp_resp) { + wpabuf_put_u8(data, WLAN_EID_EXTENSION); /* Element ID */ + wpabuf_put_u8(data, 1 + wpabuf_len(erp_resp)); /* Length */ + /* Element ID Extension */ + wpabuf_put_u8(data, WLAN_EID_EXT_FILS_WRAPPED_DATA); + wpabuf_put_buf(data, erp_resp); + + if (fils_rmsk_to_pmk(wpa_auth_sta_key_mgmt(sta->wpa_sm), + msk, msk_len, sta->fils_snonce, fils_nonce, + sta->fils_dh_ss ? + wpabuf_head(sta->fils_dh_ss) : NULL, + sta->fils_dh_ss ? + wpabuf_len(sta->fils_dh_ss) : 0, + pmk_buf, &pmk_len)) { + wpa_printf(MSG_DEBUG, "FILS: Failed to derive PMK"); + *resp = WLAN_STATUS_UNSPECIFIED_FAILURE; + wpabuf_free(data); + data = NULL; + goto fail; + } + pmk = pmk_buf; + + /* Don't use DHss in PTK derivation if PMKSA caching is not + * used. */ + wpabuf_clear_free(sta->fils_dh_ss); + sta->fils_dh_ss = NULL; + + if (sta->fils_erp_pmkid_set) { + /* TODO: get PMKLifetime from WPA parameters */ + unsigned int dot11RSNAConfigPMKLifetime = 43200; + int session_timeout; + + session_timeout = dot11RSNAConfigPMKLifetime; + if (sta->session_timeout_set) { + struct os_reltime now, diff; + + os_get_reltime(&now); + os_reltime_sub(&sta->session_timeout, &now, + &diff); + session_timeout = diff.sec; + } + + sta->fils_erp_pmkid_set = 0; + if (wpa_auth_pmksa_add2( + hapd->wpa_auth, sta->addr, + pmk, pmk_len, + sta->fils_erp_pmkid, + session_timeout, + wpa_auth_sta_key_mgmt(sta->wpa_sm)) < 0) { + wpa_printf(MSG_ERROR, + "FILS: Failed to add PMKSA cache entry based on ERP"); + } + } + } else if (pmksa) { + pmk = pmksa->pmk; + pmk_len = pmksa->pmk_len; + } + + if (!pmk) { + wpa_printf(MSG_DEBUG, "FILS: No PMK available"); + *resp = WLAN_STATUS_UNSPECIFIED_FAILURE; + wpabuf_free(data); + data = NULL; + goto fail; + } + + if (fils_auth_pmk_to_ptk(sta->wpa_sm, pmk, pmk_len, + sta->fils_snonce, fils_nonce, + sta->fils_dh_ss ? + wpabuf_head(sta->fils_dh_ss) : NULL, + sta->fils_dh_ss ? + wpabuf_len(sta->fils_dh_ss) : 0, + sta->fils_g_sta, pub) < 0) { + *resp = WLAN_STATUS_UNSPECIFIED_FAILURE; + wpabuf_free(data); + data = NULL; + goto fail; + } + +fail: + if (is_pub) + *is_pub = pub != NULL; + os_free(ie_buf); + wpabuf_free(pub); + wpabuf_clear_free(sta->fils_dh_ss); + sta->fils_dh_ss = NULL; +#ifdef CONFIG_FILS_SK_PFS + crypto_ecdh_deinit(sta->fils_ecdh); + sta->fils_ecdh = NULL; +#endif /* CONFIG_FILS_SK_PFS */ + return data; +} + + +static void handle_auth_fils_finish(struct hostapd_data *hapd, + struct sta_info *sta, u16 resp, + struct wpabuf *data, int pub) +{ + u16 auth_alg; + + auth_alg = (pub || + resp == WLAN_STATUS_FINITE_CYCLIC_GROUP_NOT_SUPPORTED) ? + WLAN_AUTH_FILS_SK_PFS : WLAN_AUTH_FILS_SK; + send_auth_reply(hapd, sta->addr, hapd->own_addr, auth_alg, 2, resp, + data ? wpabuf_head(data) : (u8 *) "", + data ? wpabuf_len(data) : 0, "auth-fils-finish"); + wpabuf_free(data); + + if (resp == WLAN_STATUS_SUCCESS) { + hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, + HOSTAPD_LEVEL_DEBUG, + "authentication OK (FILS)"); + sta->flags |= WLAN_STA_AUTH; + wpa_auth_sm_event(sta->wpa_sm, WPA_AUTH); + sta->auth_alg = pub ? WLAN_AUTH_FILS_SK_PFS : WLAN_AUTH_FILS_SK; + mlme_authenticate_indication(hapd, sta); + } +} + + +void ieee802_11_finish_fils_auth(struct hostapd_data *hapd, + struct sta_info *sta, int success, + struct wpabuf *erp_resp, + const u8 *msk, size_t msk_len) +{ + struct wpabuf *data; + int pub = 0; + u16 resp; + + sta->flags &= ~WLAN_STA_PENDING_FILS_ERP; + + if (!sta->fils_pending_cb) + return; + resp = success ? WLAN_STATUS_SUCCESS : WLAN_STATUS_UNSPECIFIED_FAILURE; + data = prepare_auth_resp_fils(hapd, sta, &resp, NULL, erp_resp, + msk, msk_len, &pub); + if (!data) { + wpa_printf(MSG_DEBUG, + "%s: prepare_auth_resp_fils() returned failure", + __func__); + } + sta->fils_pending_cb(hapd, sta, resp, data, pub); +} + +#endif /* CONFIG_FILS */ + + +int +ieee802_11_allowed_address(struct hostapd_data *hapd, const u8 *addr, + const u8 *msg, size_t len, u32 *session_timeout, + u32 *acct_interim_interval, + struct vlan_description *vlan_id, + struct hostapd_sta_wpa_psk_short **psk, + char **identity, char **radius_cui, int is_probe_req) +{ + int res; + + os_memset(vlan_id, 0, sizeof(*vlan_id)); + res = hostapd_allowed_address(hapd, addr, msg, len, + session_timeout, acct_interim_interval, + vlan_id, psk, identity, radius_cui, + is_probe_req); + + if (res == HOSTAPD_ACL_REJECT) { + if (!is_probe_req) + wpa_printf(MSG_DEBUG, + "Station " MACSTR + " not allowed to authenticate", + MAC2STR(addr)); + return HOSTAPD_ACL_REJECT; + } + + if (res == HOSTAPD_ACL_PENDING) { + wpa_printf(MSG_DEBUG, "Authentication frame from " MACSTR + " waiting for an external authentication", + MAC2STR(addr)); + /* Authentication code will re-send the authentication frame + * after it has received (and cached) information from the + * external source. */ + return HOSTAPD_ACL_PENDING; + } + + return res; +} + + +static int +ieee802_11_set_radius_info(struct hostapd_data *hapd, struct sta_info *sta, + int res, u32 session_timeout, + u32 acct_interim_interval, + struct vlan_description *vlan_id, + struct hostapd_sta_wpa_psk_short **psk, + char **identity, char **radius_cui) +{ + if (vlan_id->notempty && + !hostapd_vlan_valid(hapd->conf->vlan, vlan_id)) { + hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_RADIUS, + HOSTAPD_LEVEL_INFO, + "Invalid VLAN %d%s received from RADIUS server", + vlan_id->untagged, + vlan_id->tagged[0] ? "+" : ""); + return -1; + } + if (ap_sta_set_vlan(hapd, sta, vlan_id) < 0) + return -1; + if (sta->vlan_id) + hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_RADIUS, + HOSTAPD_LEVEL_INFO, "VLAN ID %d", sta->vlan_id); + + hostapd_free_psk_list(sta->psk); + if (hapd->conf->wpa_psk_radius != PSK_RADIUS_IGNORED) { + sta->psk = *psk; + *psk = NULL; + } else { + sta->psk = NULL; + } + + os_free(sta->identity); + sta->identity = *identity; + *identity = NULL; + + os_free(sta->radius_cui); + sta->radius_cui = *radius_cui; + *radius_cui = NULL; + + if (hapd->conf->acct_interim_interval == 0 && acct_interim_interval) + sta->acct_interim_interval = acct_interim_interval; + if (res == HOSTAPD_ACL_ACCEPT_TIMEOUT) { + sta->session_timeout_set = 1; + os_get_reltime(&sta->session_timeout); + sta->session_timeout.sec += session_timeout; + ap_sta_session_timeout(hapd, sta, session_timeout); + } else { + sta->session_timeout_set = 0; + ap_sta_no_session_timeout(hapd, sta); + } + + return 0; +} + + static void handle_auth(struct hostapd_data *hapd, const struct ieee80211_mgmt *mgmt, size_t len) { @@ -998,8 +1760,6 @@ static void handle_auth(struct hostapd_data *hapd, char *radius_cui = NULL; u16 seq_ctrl; - os_memset(&vlan_id, 0, sizeof(vlan_id)); - if (len < IEEE80211_HDRLEN + sizeof(mgmt->u.auth)) { wpa_printf(MSG_INFO, "handle_auth - too short payload (len=%lu)", (unsigned long) len); @@ -1047,20 +1807,29 @@ static void handle_auth(struct hostapd_data *hapd, #endif /* CONFIG_NO_RC4 */ if (hapd->tkip_countermeasures) { - resp = WLAN_REASON_MICHAEL_MIC_FAILURE; + wpa_printf(MSG_DEBUG, + "Ongoing TKIP countermeasures (Michael MIC failure) - reject authentication"); + resp = WLAN_STATUS_UNSPECIFIED_FAILURE; goto fail; } if (!(((hapd->conf->auth_algs & WPA_AUTH_ALG_OPEN) && auth_alg == WLAN_AUTH_OPEN) || -#ifdef CONFIG_IEEE80211R +#ifdef CONFIG_IEEE80211R_AP (hapd->conf->wpa && wpa_key_mgmt_ft(hapd->conf->wpa_key_mgmt) && auth_alg == WLAN_AUTH_FT) || -#endif /* CONFIG_IEEE80211R */ +#endif /* CONFIG_IEEE80211R_AP */ #ifdef CONFIG_SAE (hapd->conf->wpa && wpa_key_mgmt_sae(hapd->conf->wpa_key_mgmt) && auth_alg == WLAN_AUTH_SAE) || #endif /* CONFIG_SAE */ +#ifdef CONFIG_FILS + (hapd->conf->wpa && wpa_key_mgmt_fils(hapd->conf->wpa_key_mgmt) && + auth_alg == WLAN_AUTH_FILS_SK) || + (hapd->conf->wpa && wpa_key_mgmt_fils(hapd->conf->wpa_key_mgmt) && + hapd->conf->fils_dh_group && + auth_alg == WLAN_AUTH_FILS_SK_PFS) || +#endif /* CONFIG_FILS */ ((hapd->conf->auth_algs & WPA_AUTH_ALG_SHARED) && auth_alg == WLAN_AUTH_SHARED_KEY))) { wpa_printf(MSG_INFO, "Unsupported authentication algorithm (%d)", @@ -1139,29 +1908,23 @@ static void handle_auth(struct hostapd_data *hapd, } } - res = hostapd_allowed_address(hapd, mgmt->sa, (u8 *) mgmt, len, - &session_timeout, - &acct_interim_interval, &vlan_id, - &psk, &identity, &radius_cui); - + res = ieee802_11_allowed_address( + hapd, mgmt->sa, (const u8 *) mgmt, len, &session_timeout, + &acct_interim_interval, &vlan_id, &psk, &identity, &radius_cui, + 0); if (res == HOSTAPD_ACL_REJECT) { - wpa_printf(MSG_INFO, "Station " MACSTR " not allowed to authenticate", - MAC2STR(mgmt->sa)); + wpa_msg(hapd->msg_ctx, MSG_DEBUG, + "Ignore Authentication frame from " MACSTR + " due to ACL reject", MAC2STR(mgmt->sa)); resp = WLAN_STATUS_UNSPECIFIED_FAILURE; goto fail; } - if (res == HOSTAPD_ACL_PENDING) { - wpa_printf(MSG_DEBUG, "Authentication frame from " MACSTR - " waiting for an external authentication", - MAC2STR(mgmt->sa)); - /* Authentication code will re-send the authentication frame - * after it has received (and cached) information from the - * external source. */ + if (res == HOSTAPD_ACL_PENDING) return; - } sta = ap_get_sta(hapd, mgmt->sa); if (sta) { + sta->flags &= ~WLAN_STA_PENDING_FILS_ERP; if ((fc & WLAN_FC_RETRY) && sta->last_seq_ctrl != WLAN_INVALID_MGMT_SEQ && sta->last_seq_ctrl == seq_ctrl && @@ -1203,6 +1966,7 @@ static void handle_auth(struct hostapd_data *hapd, sta = ap_sta_add(hapd, mgmt->sa); if (!sta) { + wpa_printf(MSG_DEBUG, "ap_sta_add() failed"); resp = WLAN_STATUS_AP_UNABLE_TO_HANDLE_NEW_STA; goto fail; } @@ -1210,47 +1974,18 @@ static void handle_auth(struct hostapd_data *hapd, sta->last_seq_ctrl = seq_ctrl; sta->last_subtype = WLAN_FC_STYPE_AUTH; - if (vlan_id.notempty && - !hostapd_vlan_valid(hapd->conf->vlan, &vlan_id)) { - hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_RADIUS, - HOSTAPD_LEVEL_INFO, - "Invalid VLAN %d%s received from RADIUS server", - vlan_id.untagged, - vlan_id.tagged[0] ? "+" : ""); + res = ieee802_11_set_radius_info( + hapd, sta, res, session_timeout, acct_interim_interval, + &vlan_id, &psk, &identity, &radius_cui); + if (res) { + wpa_printf(MSG_DEBUG, "ieee802_11_set_radius_info() failed"); resp = WLAN_STATUS_UNSPECIFIED_FAILURE; goto fail; } - if (ap_sta_set_vlan(hapd, sta, &vlan_id) < 0) { - resp = WLAN_STATUS_UNSPECIFIED_FAILURE; - goto fail; - } - if (sta->vlan_id) - hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_RADIUS, - HOSTAPD_LEVEL_INFO, "VLAN ID %d", sta->vlan_id); - - hostapd_free_psk_list(sta->psk); - if (hapd->conf->wpa_psk_radius != PSK_RADIUS_IGNORED) { - sta->psk = psk; - psk = NULL; - } else { - sta->psk = NULL; - } - - sta->identity = identity; - identity = NULL; - sta->radius_cui = radius_cui; - radius_cui = NULL; sta->flags &= ~WLAN_STA_PREAUTH; ieee802_1x_notify_pre_auth(sta->eapol_sm, 0); - if (hapd->conf->acct_interim_interval == 0 && acct_interim_interval) - sta->acct_interim_interval = acct_interim_interval; - if (res == HOSTAPD_ACL_ACCEPT_TIMEOUT) - ap_sta_session_timeout(hapd, sta, session_timeout); - else - ap_sta_no_session_timeout(hapd, sta); - /* * If the driver supports full AP client state, add a station to the * driver before sending authentication reply to make sure the driver @@ -1263,8 +1998,15 @@ static void handle_auth(struct hostapd_data *hapd, * * In mesh mode, the station was already added to the driver when the * NEW_PEER_CANDIDATE event is received. + * + * If PMF was negotiated for the existing association, skip this to + * avoid dropping the STA entry and the associated keys. This is needed + * to allow the original connection work until the attempt can complete + * (re)association, so that unprotected Authentication frame cannot be + * used to bypass PMF protection. */ if (FULL_AP_CLIENT_STATE_SUPP(hapd->iface->drv_flags) && + (!(sta->flags & WLAN_STA_MFP) || !ap_sta_is_authorized(sta)) && !(hapd->conf->mesh & MESH_ENABLED) && !(sta->added_unassoc)) { /* @@ -1274,6 +2016,7 @@ static void handle_auth(struct hostapd_data *hapd, * updated. To handle this, station's added_unassoc flag is * cleared once the station has completed association. */ + ap_sta_set_authorized(hapd, sta, 0); hostapd_drv_sta_remove(hapd, sta->addr); sta->flags &= ~(WLAN_STA_ASSOC | WLAN_STA_AUTH | WLAN_STA_AUTHORIZED); @@ -1305,6 +2048,9 @@ static void handle_auth(struct hostapd_data *hapd, case WLAN_AUTH_SHARED_KEY: resp = auth_shared_key(hapd, sta, auth_transaction, challenge, fc & WLAN_FC_ISWEP); + if (resp != 0) + wpa_printf(MSG_DEBUG, + "auth_shared_key() failed: status=%d", resp); sta->auth_alg = WLAN_AUTH_SHARED_KEY; mlme_authenticate_indication(hapd, sta); if (sta->challenge && auth_transaction == 1) { @@ -1316,7 +2062,7 @@ static void handle_auth(struct hostapd_data *hapd, } break; #endif /* CONFIG_NO_RC4 */ -#ifdef CONFIG_IEEE80211R +#ifdef CONFIG_IEEE80211R_AP case WLAN_AUTH_FT: sta->auth_alg = WLAN_AUTH_FT; if (sta->wpa_sm == NULL) @@ -1335,7 +2081,7 @@ static void handle_auth(struct hostapd_data *hapd, handle_auth_ft_finish, hapd); /* handle_auth_ft_finish() callback will complete auth. */ return; -#endif /* CONFIG_IEEE80211R */ +#endif /* CONFIG_IEEE80211R_AP */ #ifdef CONFIG_SAE case WLAN_AUTH_SAE: #ifdef CONFIG_MESH @@ -1357,6 +2103,15 @@ static void handle_auth(struct hostapd_data *hapd, status_code); return; #endif /* CONFIG_SAE */ +#ifdef CONFIG_FILS + case WLAN_AUTH_FILS_SK: + case WLAN_AUTH_FILS_SK_PFS: + handle_auth_fils(hapd, sta, mgmt->u.auth.variable, + len - IEEE80211_HDRLEN - sizeof(mgmt->u.auth), + auth_alg, auth_transaction, status_code, + handle_auth_fils_finish); + return; +#endif /* CONFIG_FILS */ } fail: @@ -1366,7 +2121,7 @@ static void handle_auth(struct hostapd_data *hapd, reply_res = send_auth_reply(hapd, mgmt->sa, mgmt->bssid, auth_alg, auth_transaction + 1, resp, resp_ies, - resp_ies_len); + resp_ies_len, "handle-auth"); if (sta && sta->added_unassoc && (resp != WLAN_STATUS_SUCCESS || reply_res != WLAN_STATUS_SUCCESS)) { @@ -1459,6 +2214,11 @@ static u16 check_wmm(struct hostapd_data *hapd, struct sta_info *sta, static u16 copy_supp_rates(struct hostapd_data *hapd, struct sta_info *sta, struct ieee802_11_elems *elems) { + /* Supported rates not used in IEEE 802.11ad/DMG */ + if (hapd->iface->current_mode && + hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211AD) + return WLAN_STATUS_SUCCESS; + if (!elems->supp_rates) { hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_DEBUG, @@ -1496,12 +2256,187 @@ static u16 check_ext_capab(struct hostapd_data *hapd, struct sta_info *sta, } #endif /* CONFIG_INTERWORKING */ - if (ext_capab_ie_len > 0) + if (ext_capab_ie_len > 0) { sta->ecsa_supported = !!(ext_capab_ie[0] & BIT(2)); + os_free(sta->ext_capability); + sta->ext_capability = os_malloc(1 + ext_capab_ie_len); + if (sta->ext_capability) { + sta->ext_capability[0] = ext_capab_ie_len; + os_memcpy(sta->ext_capability + 1, ext_capab_ie, + ext_capab_ie_len); + } + } + + return WLAN_STATUS_SUCCESS; +} + + +#ifdef CONFIG_OWE + +static int owe_group_supported(struct hostapd_data *hapd, u16 group) +{ + int i; + int *groups = hapd->conf->owe_groups; + + if (group != 19 && group != 20 && group != 21) + return 0; + + if (!groups) + return 1; + + for (i = 0; groups[i] > 0; i++) { + if (groups[i] == group) + return 1; + } + + return 0; +} + + +static u16 owe_process_assoc_req(struct hostapd_data *hapd, + struct sta_info *sta, const u8 *owe_dh, + u8 owe_dh_len) +{ + struct wpabuf *secret, *pub, *hkey; + int res; + u8 prk[SHA512_MAC_LEN], pmkid[SHA512_MAC_LEN]; + const char *info = "OWE Key Generation"; + const u8 *addr[2]; + size_t len[2]; + u16 group; + size_t hash_len, prime_len; + + if (wpa_auth_sta_get_pmksa(sta->wpa_sm)) { + wpa_printf(MSG_DEBUG, "OWE: Using PMKSA caching"); + return WLAN_STATUS_SUCCESS; + } + + group = WPA_GET_LE16(owe_dh); + if (!owe_group_supported(hapd, group)) { + wpa_printf(MSG_DEBUG, "OWE: Unsupported DH group %u", group); + return WLAN_STATUS_FINITE_CYCLIC_GROUP_NOT_SUPPORTED; + } + if (group == 19) + prime_len = 32; + else if (group == 20) + prime_len = 48; + else if (group == 21) + prime_len = 66; + else + return WLAN_STATUS_FINITE_CYCLIC_GROUP_NOT_SUPPORTED; + + crypto_ecdh_deinit(sta->owe_ecdh); + sta->owe_ecdh = crypto_ecdh_init(group); + if (!sta->owe_ecdh) + return WLAN_STATUS_FINITE_CYCLIC_GROUP_NOT_SUPPORTED; + sta->owe_group = group; + + secret = crypto_ecdh_set_peerkey(sta->owe_ecdh, 0, owe_dh + 2, + owe_dh_len - 2); + secret = wpabuf_zeropad(secret, prime_len); + if (!secret) { + wpa_printf(MSG_DEBUG, "OWE: Invalid peer DH public key"); + return WLAN_STATUS_UNSPECIFIED_FAILURE; + } + wpa_hexdump_buf_key(MSG_DEBUG, "OWE: DH shared secret", secret); + + /* prk = HKDF-extract(C | A | group, z) */ + + pub = crypto_ecdh_get_pubkey(sta->owe_ecdh, 0); + if (!pub) { + wpabuf_clear_free(secret); + return WLAN_STATUS_UNSPECIFIED_FAILURE; + } + + /* PMKID = Truncate-128(Hash(C | A)) */ + addr[0] = owe_dh + 2; + len[0] = owe_dh_len - 2; + addr[1] = wpabuf_head(pub); + len[1] = wpabuf_len(pub); + if (group == 19) { + res = sha256_vector(2, addr, len, pmkid); + hash_len = SHA256_MAC_LEN; + } else if (group == 20) { + res = sha384_vector(2, addr, len, pmkid); + hash_len = SHA384_MAC_LEN; + } else if (group == 21) { + res = sha512_vector(2, addr, len, pmkid); + hash_len = SHA512_MAC_LEN; + } else { + wpabuf_free(pub); + wpabuf_clear_free(secret); + return WLAN_STATUS_UNSPECIFIED_FAILURE; + } + pub = wpabuf_zeropad(pub, prime_len); + if (res < 0 || !pub) { + wpabuf_free(pub); + wpabuf_clear_free(secret); + return WLAN_STATUS_UNSPECIFIED_FAILURE; + } + + hkey = wpabuf_alloc(owe_dh_len - 2 + wpabuf_len(pub) + 2); + if (!hkey) { + wpabuf_free(pub); + wpabuf_clear_free(secret); + return WLAN_STATUS_UNSPECIFIED_FAILURE; + } + + wpabuf_put_data(hkey, owe_dh + 2, owe_dh_len - 2); /* C */ + wpabuf_put_buf(hkey, pub); /* A */ + wpabuf_free(pub); + wpabuf_put_le16(hkey, group); /* group */ + if (group == 19) + res = hmac_sha256(wpabuf_head(hkey), wpabuf_len(hkey), + wpabuf_head(secret), wpabuf_len(secret), prk); + else if (group == 20) + res = hmac_sha384(wpabuf_head(hkey), wpabuf_len(hkey), + wpabuf_head(secret), wpabuf_len(secret), prk); + else if (group == 21) + res = hmac_sha512(wpabuf_head(hkey), wpabuf_len(hkey), + wpabuf_head(secret), wpabuf_len(secret), prk); + wpabuf_clear_free(hkey); + wpabuf_clear_free(secret); + if (res < 0) + return WLAN_STATUS_UNSPECIFIED_FAILURE; + + wpa_hexdump_key(MSG_DEBUG, "OWE: prk", prk, hash_len); + + /* PMK = HKDF-expand(prk, "OWE Key Generation", n) */ + + os_free(sta->owe_pmk); + sta->owe_pmk = os_malloc(hash_len); + if (!sta->owe_pmk) { + os_memset(prk, 0, SHA512_MAC_LEN); + return WLAN_STATUS_UNSPECIFIED_FAILURE; + } + + if (group == 19) + res = hmac_sha256_kdf(prk, hash_len, NULL, (const u8 *) info, + os_strlen(info), sta->owe_pmk, hash_len); + else if (group == 20) + res = hmac_sha384_kdf(prk, hash_len, NULL, (const u8 *) info, + os_strlen(info), sta->owe_pmk, hash_len); + else if (group == 21) + res = hmac_sha512_kdf(prk, hash_len, NULL, (const u8 *) info, + os_strlen(info), sta->owe_pmk, hash_len); + os_memset(prk, 0, SHA512_MAC_LEN); + if (res < 0) { + os_free(sta->owe_pmk); + sta->owe_pmk = NULL; + return WLAN_STATUS_UNSPECIFIED_FAILURE; + } + sta->owe_pmk_len = hash_len; + + wpa_hexdump_key(MSG_DEBUG, "OWE: PMK", sta->owe_pmk, sta->owe_pmk_len); + wpa_hexdump(MSG_DEBUG, "OWE: PMKID", pmkid, PMKID_LEN); + wpa_auth_pmksa_add2(hapd->wpa_auth, sta->addr, sta->owe_pmk, + sta->owe_pmk_len, pmkid, 0, WPA_KEY_MGMT_OWE); return WLAN_STATUS_SUCCESS; } +#endif /* CONFIG_OWE */ + static u16 check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta, const u8 *ies, size_t ies_len, int reassoc) @@ -1644,32 +2579,20 @@ static u16 check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta, } res = wpa_validate_wpa_ie(hapd->wpa_auth, sta->wpa_sm, wpa_ie, wpa_ie_len, - elems.mdie, elems.mdie_len); - if (res == WPA_INVALID_GROUP) - resp = WLAN_STATUS_GROUP_CIPHER_NOT_VALID; - else if (res == WPA_INVALID_PAIRWISE) - resp = WLAN_STATUS_PAIRWISE_CIPHER_NOT_VALID; - else if (res == WPA_INVALID_AKMP) - resp = WLAN_STATUS_AKMP_NOT_VALID; - else if (res == WPA_ALLOC_FAIL) - resp = WLAN_STATUS_UNSPECIFIED_FAILURE; -#ifdef CONFIG_IEEE80211W - else if (res == WPA_MGMT_FRAME_PROTECTION_VIOLATION) - resp = WLAN_STATUS_ROBUST_MGMT_FRAME_POLICY_VIOLATION; - else if (res == WPA_INVALID_MGMT_GROUP_CIPHER) - resp = WLAN_STATUS_ROBUST_MGMT_FRAME_POLICY_VIOLATION; -#endif /* CONFIG_IEEE80211W */ - else if (res == WPA_INVALID_MDIE) - resp = WLAN_STATUS_INVALID_MDIE; - else if (res != WPA_IE_OK) - resp = WLAN_STATUS_INVALID_IE; + elems.mdie, elems.mdie_len, + elems.owe_dh, elems.owe_dh_len); + resp = wpa_res_to_status_code(res); if (resp != WLAN_STATUS_SUCCESS) return resp; #ifdef CONFIG_IEEE80211W - if ((sta->flags & WLAN_STA_MFP) && !sta->sa_query_timed_out && + if ((sta->flags & (WLAN_STA_ASSOC | WLAN_STA_MFP)) == + (WLAN_STA_ASSOC | WLAN_STA_MFP) && + !sta->sa_query_timed_out && sta->sa_query_count > 0) ap_check_sa_query_timeout(hapd, sta); - if ((sta->flags & WLAN_STA_MFP) && !sta->sa_query_timed_out && + if ((sta->flags & (WLAN_STA_ASSOC | WLAN_STA_MFP)) == + (WLAN_STA_ASSOC | WLAN_STA_MFP) && + !sta->sa_query_timed_out && (!reassoc || sta->auth_alg != WLAN_AUTH_FT)) { /* * STA has already been associated with MFP and SA @@ -1690,7 +2613,7 @@ static u16 check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta, sta->flags &= ~WLAN_STA_MFP; #endif /* CONFIG_IEEE80211W */ -#ifdef CONFIG_IEEE80211R +#ifdef CONFIG_IEEE80211R_AP if (sta->auth_alg == WLAN_AUTH_FT) { if (!reassoc) { wpa_printf(MSG_DEBUG, "FT: " MACSTR " tried " @@ -1705,9 +2628,13 @@ static u16 check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta, if (resp != WLAN_STATUS_SUCCESS) return resp; } -#endif /* CONFIG_IEEE80211R */ +#endif /* CONFIG_IEEE80211R_AP */ #ifdef CONFIG_SAE + if (wpa_auth_uses_sae(sta->wpa_sm) && sta->sae && + sta->sae->state == SAE_ACCEPTED) + wpa_auth_add_sae_pmkid(sta->wpa_sm, sta->sae->pmkid); + if (wpa_auth_uses_sae(sta->wpa_sm) && sta->auth_alg == WLAN_AUTH_OPEN) { struct rsn_pmksa_cache_entry *sa; @@ -1731,6 +2658,17 @@ static u16 check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta, } #endif /* CONFIG_SAE */ +#ifdef CONFIG_OWE + if ((hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_OWE) && + wpa_auth_sta_key_mgmt(sta->wpa_sm) == WPA_KEY_MGMT_OWE && + elems.owe_dh) { + resp = owe_process_assoc_req(hapd, sta, elems.owe_dh, + elems.owe_dh_len); + if (resp != WLAN_STATUS_SUCCESS) + return resp; + } +#endif /* CONFIG_OWE */ + #ifdef CONFIG_IEEE80211N if ((sta->flags & (WLAN_STA_HT | WLAN_STA_VHT)) && wpa_auth_get_pairwise(sta->wpa_sm) == WPA_CIPHER_TKIP) { @@ -1779,6 +2717,14 @@ static u16 check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta, elems.hs20_len - 4); } else sta->hs20_ie = NULL; + + wpabuf_free(sta->roaming_consortium); + if (elems.roaming_cons_sel) + sta->roaming_consortium = wpabuf_alloc_copy( + elems.roaming_cons_sel + 4, + elems.roaming_cons_sel_len - 4); + else + sta->roaming_consortium = NULL; #endif /* CONFIG_HS20 */ #ifdef CONFIG_FST @@ -1810,6 +2756,14 @@ static u16 check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta, os_memcpy(sta->rrm_enabled_capa, elems.rrm_enabled, sizeof(sta->rrm_enabled_capa)); + if (elems.power_capab) { + sta->min_tx_power = elems.power_capab[0]; + sta->max_tx_power = elems.power_capab[1]; + sta->power_capab = 1; + } else { + sta->power_capab = 0; + } + return WLAN_STATUS_SUCCESS; } @@ -1856,7 +2810,8 @@ static int add_associated_sta(struct hostapd_data *hapd, */ if (!sta->added_unassoc && (!(sta->flags & WLAN_STA_AUTHORIZED) || - !wpa_auth_sta_ft_tk_already_set(sta->wpa_sm))) { + (!wpa_auth_sta_ft_tk_already_set(sta->wpa_sm) && + !wpa_auth_sta_fils_tk_already_set(sta->wpa_sm)))) { hostapd_drv_sta_remove(hapd, sta->addr); wpa_auth_sm_event(sta->wpa_sm, WPA_DRV_STA_REMOVED); set = 0; @@ -1904,21 +2859,36 @@ static int add_associated_sta(struct hostapd_data *hapd, static u16 send_assoc_resp(struct hostapd_data *hapd, struct sta_info *sta, - u16 status_code, int reassoc, const u8 *ies, - size_t ies_len) + const u8 *addr, u16 status_code, int reassoc, + const u8 *ies, size_t ies_len) { int send_len; - u8 buf[sizeof(struct ieee80211_mgmt) + 1024]; + u8 *buf; + size_t buflen; struct ieee80211_mgmt *reply; u8 *p; - - os_memset(buf, 0, sizeof(buf)); + u16 res = WLAN_STATUS_SUCCESS; + + buflen = sizeof(struct ieee80211_mgmt) + 1024; +#ifdef CONFIG_FILS + if (sta && sta->fils_hlp_resp) + buflen += wpabuf_len(sta->fils_hlp_resp); +#endif /* CONFIG_FILS */ +#ifdef CONFIG_OWE + if (sta && (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_OWE)) + buflen += 150; +#endif /* CONFIG_OWE */ + buf = os_zalloc(buflen); + if (!buf) { + res = WLAN_STATUS_UNSPECIFIED_FAILURE; + goto done; + } reply = (struct ieee80211_mgmt *) buf; reply->frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT, (reassoc ? WLAN_FC_STYPE_REASSOC_RESP : WLAN_FC_STYPE_ASSOC_RESP)); - os_memcpy(reply->da, sta->addr, ETH_ALEN); + os_memcpy(reply->da, addr, ETH_ALEN); os_memcpy(reply->sa, hapd->own_addr, ETH_ALEN); os_memcpy(reply->bssid, hapd->own_addr, ETH_ALEN); @@ -1927,24 +2897,40 @@ static u16 send_assoc_resp(struct hostapd_data *hapd, struct sta_info *sta, reply->u.assoc_resp.capab_info = host_to_le16(hostapd_own_capab_info(hapd)); reply->u.assoc_resp.status_code = host_to_le16(status_code); - reply->u.assoc_resp.aid = host_to_le16(sta->aid | BIT(14) | BIT(15)); + + reply->u.assoc_resp.aid = host_to_le16((sta ? sta->aid : 0) | + BIT(14) | BIT(15)); /* Supported rates */ p = hostapd_eid_supp_rates(hapd, reply->u.assoc_resp.variable); /* Extended supported rates */ p = hostapd_eid_ext_supp_rates(hapd, p); -#ifdef CONFIG_IEEE80211R - if (status_code == WLAN_STATUS_SUCCESS) { +#ifdef CONFIG_IEEE80211R_AP + if (sta && status_code == WLAN_STATUS_SUCCESS) { /* IEEE 802.11r: Mobility Domain Information, Fast BSS * Transition Information, RSN, [RIC Response] */ p = wpa_sm_write_assoc_resp_ies(sta->wpa_sm, p, - buf + sizeof(buf) - p, + buf + buflen - p, sta->auth_alg, ies, ies_len); + if (!p) { + wpa_printf(MSG_DEBUG, + "FT: Failed to write AssocResp IEs"); + res = WLAN_STATUS_UNSPECIFIED_FAILURE; + goto done; + } } -#endif /* CONFIG_IEEE80211R */ +#endif /* CONFIG_IEEE80211R_AP */ + +#ifdef CONFIG_OWE + if (sta && status_code == WLAN_STATUS_SUCCESS && + (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_OWE)) + p = wpa_auth_write_assoc_resp_owe(sta->wpa_sm, p, + buf + buflen - p, + ies, ies_len); +#endif /* CONFIG_OWE */ #ifdef CONFIG_IEEE80211W - if (status_code == WLAN_STATUS_ASSOC_REJECTED_TEMPORARILY) + if (sta && status_code == WLAN_STATUS_ASSOC_REJECTED_TEMPORARILY) p = hostapd_eid_assoc_comeback_time(hapd, sta, p); #endif /* CONFIG_IEEE80211W */ @@ -1957,7 +2943,7 @@ static u16 send_assoc_resp(struct hostapd_data *hapd, struct sta_info *sta, if (hapd->iconf->ieee80211ac && !hapd->conf->disable_11ac) { u32 nsts = 0, sta_nsts; - if (hapd->conf->use_sta_nsts && sta->vht_capabilities) { + if (sta && hapd->conf->use_sta_nsts && sta->vht_capabilities) { struct ieee80211_vht_capabilities *capa; nsts = (hapd->iface->conf->vht_capab >> @@ -1978,7 +2964,7 @@ static u16 send_assoc_resp(struct hostapd_data *hapd, struct sta_info *sta, p = hostapd_eid_ext_capab(hapd, p); p = hostapd_eid_bss_max_idle_period(hapd, p); - if (sta->qos_map_enabled) + if (sta && sta->qos_map_enabled) p = hostapd_eid_qos_map_set(hapd, p); #ifdef CONFIG_FST @@ -1990,16 +2976,17 @@ static u16 send_assoc_resp(struct hostapd_data *hapd, struct sta_info *sta, #endif /* CONFIG_FST */ #ifdef CONFIG_IEEE80211AC - if (hapd->conf->vendor_vht && (sta->flags & WLAN_STA_VENDOR_VHT)) + if (sta && hapd->conf->vendor_vht && (sta->flags & WLAN_STA_VENDOR_VHT)) p = hostapd_eid_vendor_vht(hapd, p); #endif /* CONFIG_IEEE80211AC */ - if (sta->flags & WLAN_STA_WMM) + if (sta && (sta->flags & WLAN_STA_WMM)) p = hostapd_eid_wmm(hapd, p); #ifdef CONFIG_WPS - if ((sta->flags & WLAN_STA_WPS) || - ((sta->flags & WLAN_STA_MAYBE_WPS) && hapd->conf->wpa)) { + if (sta && + ((sta->flags & WLAN_STA_WPS) || + ((sta->flags & WLAN_STA_MAYBE_WPS) && hapd->conf->wpa))) { struct wpabuf *wps = wps_build_assoc_resp_ie(); if (wps) { os_memcpy(p, wpabuf_head(wps), wpabuf_len(wps)); @@ -2010,7 +2997,7 @@ static u16 send_assoc_resp(struct hostapd_data *hapd, struct sta_info *sta, #endif /* CONFIG_WPS */ #ifdef CONFIG_P2P - if (sta->p2p_ie && hapd->p2p_group) { + if (sta && sta->p2p_ie && hapd->p2p_group) { struct wpabuf *p2p_resp_ie; enum p2p_status_code status; switch (status_code) { @@ -2039,10 +3026,10 @@ static u16 send_assoc_resp(struct hostapd_data *hapd, struct sta_info *sta, p = hostapd_eid_p2p_manage(hapd, p); #endif /* CONFIG_P2P_MANAGER */ - p = hostapd_eid_mbo(hapd, p, buf + sizeof(buf) - p); + p = hostapd_eid_mbo(hapd, p, buf + buflen - p); if (hapd->conf->assocresp_elements && - (size_t) (buf + sizeof(buf) - p) >= + (size_t) (buf + buflen - p) >= wpabuf_len(hapd->conf->assocresp_elements)) { os_memcpy(p, wpabuf_head(hapd->conf->assocresp_elements), wpabuf_len(hapd->conf->assocresp_elements)); @@ -2051,14 +3038,174 @@ static u16 send_assoc_resp(struct hostapd_data *hapd, struct sta_info *sta, send_len += p - reply->u.assoc_resp.variable; +#ifdef CONFIG_FILS + if (sta && + (sta->auth_alg == WLAN_AUTH_FILS_SK || + sta->auth_alg == WLAN_AUTH_FILS_SK_PFS || + sta->auth_alg == WLAN_AUTH_FILS_PK) && + status_code == WLAN_STATUS_SUCCESS) { + struct ieee802_11_elems elems; + + if (ieee802_11_parse_elems(ies, ies_len, &elems, 0) == + ParseFailed || !elems.fils_session) { + res = WLAN_STATUS_UNSPECIFIED_FAILURE; + goto done; + } + + /* FILS Session */ + *p++ = WLAN_EID_EXTENSION; /* Element ID */ + *p++ = 1 + FILS_SESSION_LEN; /* Length */ + *p++ = WLAN_EID_EXT_FILS_SESSION; /* Element ID Extension */ + os_memcpy(p, elems.fils_session, FILS_SESSION_LEN); + send_len += 2 + 1 + FILS_SESSION_LEN; + + send_len = fils_encrypt_assoc(sta->wpa_sm, buf, send_len, + buflen, sta->fils_hlp_resp); + if (send_len < 0) { + res = WLAN_STATUS_UNSPECIFIED_FAILURE; + goto done; + } + } +#endif /* CONFIG_FILS */ + +#ifdef CONFIG_OWE + if ((hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_OWE) && + sta && sta->owe_ecdh && status_code == WLAN_STATUS_SUCCESS && + wpa_auth_sta_key_mgmt(sta->wpa_sm) == WPA_KEY_MGMT_OWE) { + struct wpabuf *pub; + + pub = crypto_ecdh_get_pubkey(sta->owe_ecdh, 0); + if (!pub) { + res = WLAN_STATUS_UNSPECIFIED_FAILURE; + goto done; + } + /* OWE Diffie-Hellman Parameter element */ + *p++ = WLAN_EID_EXTENSION; /* Element ID */ + *p++ = 1 + 2 + wpabuf_len(pub); /* Length */ + *p++ = WLAN_EID_EXT_OWE_DH_PARAM; /* Element ID Extension */ + WPA_PUT_LE16(p, sta->owe_group); + p += 2; + os_memcpy(p, wpabuf_head(pub), wpabuf_len(pub)); + p += wpabuf_len(pub); + send_len += 3 + 2 + wpabuf_len(pub); + wpabuf_free(pub); + } +#endif /* CONFIG_OWE */ + if (hostapd_drv_send_mlme(hapd, reply, send_len, 0) < 0) { wpa_printf(MSG_INFO, "Failed to send assoc resp: %s", strerror(errno)); - return WLAN_STATUS_UNSPECIFIED_FAILURE; + res = WLAN_STATUS_UNSPECIFIED_FAILURE; } - return WLAN_STATUS_SUCCESS; +done: + os_free(buf); + return res; +} + + +#ifdef CONFIG_OWE +u8 * owe_assoc_req_process(struct hostapd_data *hapd, struct sta_info *sta, + const u8 *owe_dh, u8 owe_dh_len, + u8 *owe_buf, size_t owe_buf_len, u16 *reason) +{ +#ifdef CONFIG_TESTING_OPTIONS + if (hapd->conf->own_ie_override) { + wpa_printf(MSG_DEBUG, "OWE: Using IE override"); + *reason = WLAN_STATUS_SUCCESS; + return wpa_auth_write_assoc_resp_owe(sta->wpa_sm, owe_buf, + owe_buf_len, NULL, 0); + } +#endif /* CONFIG_TESTING_OPTIONS */ + + if (wpa_auth_sta_get_pmksa(sta->wpa_sm)) { + wpa_printf(MSG_DEBUG, "OWE: Using PMKSA caching"); + owe_buf = wpa_auth_write_assoc_resp_owe(sta->wpa_sm, owe_buf, + owe_buf_len, NULL, 0); + *reason = WLAN_STATUS_SUCCESS; + return owe_buf; + } + + *reason = owe_process_assoc_req(hapd, sta, owe_dh, owe_dh_len); + if (*reason != WLAN_STATUS_SUCCESS) + return NULL; + + owe_buf = wpa_auth_write_assoc_resp_owe(sta->wpa_sm, owe_buf, + owe_buf_len, NULL, 0); + + if (sta->owe_ecdh && owe_buf) { + struct wpabuf *pub; + + pub = crypto_ecdh_get_pubkey(sta->owe_ecdh, 0); + if (!pub) { + *reason = WLAN_STATUS_UNSPECIFIED_FAILURE; + return owe_buf; + } + + /* OWE Diffie-Hellman Parameter element */ + *owe_buf++ = WLAN_EID_EXTENSION; /* Element ID */ + *owe_buf++ = 1 + 2 + wpabuf_len(pub); /* Length */ + *owe_buf++ = WLAN_EID_EXT_OWE_DH_PARAM; /* Element ID Extension + */ + WPA_PUT_LE16(owe_buf, sta->owe_group); + owe_buf += 2; + os_memcpy(owe_buf, wpabuf_head(pub), wpabuf_len(pub)); + owe_buf += wpabuf_len(pub); + wpabuf_free(pub); + } + + return owe_buf; } +#endif /* CONFIG_OWE */ + + +#ifdef CONFIG_FILS + +void fils_hlp_finish_assoc(struct hostapd_data *hapd, struct sta_info *sta) +{ + u16 reply_res; + + wpa_printf(MSG_DEBUG, "FILS: Finish association with " MACSTR, + MAC2STR(sta->addr)); + eloop_cancel_timeout(fils_hlp_timeout, hapd, sta); + if (!sta->fils_pending_assoc_req) + return; + reply_res = send_assoc_resp(hapd, sta, sta->addr, WLAN_STATUS_SUCCESS, + sta->fils_pending_assoc_is_reassoc, + sta->fils_pending_assoc_req, + sta->fils_pending_assoc_req_len); + os_free(sta->fils_pending_assoc_req); + sta->fils_pending_assoc_req = NULL; + sta->fils_pending_assoc_req_len = 0; + wpabuf_free(sta->fils_hlp_resp); + sta->fils_hlp_resp = NULL; + wpabuf_free(sta->hlp_dhcp_discover); + sta->hlp_dhcp_discover = NULL; + + /* + * Remove the station in case transmission of a success response fails. + * At this point the station was already added associated to the driver. + */ + if (reply_res != WLAN_STATUS_SUCCESS) + hostapd_drv_sta_remove(hapd, sta->addr); +} + + +void fils_hlp_timeout(void *eloop_ctx, void *eloop_data) +{ + struct hostapd_data *hapd = eloop_ctx; + struct sta_info *sta = eloop_data; + + wpa_printf(MSG_DEBUG, + "FILS: HLP response timeout - continue with association response for " + MACSTR, MAC2STR(sta->addr)); + if (sta->fils_drv_assoc_finish) + hostapd_notify_assoc_fils_finish(hapd, sta); + else + fils_hlp_finish_assoc(hapd, sta); +} + +#endif /* CONFIG_FILS */ static void handle_assoc(struct hostapd_data *hapd, @@ -2070,6 +3217,13 @@ static void handle_assoc(struct hostapd_data *hapd, const u8 *pos; int left, i; struct sta_info *sta; + u8 *tmp = NULL; + struct hostapd_sta_wpa_psk_short *psk = NULL; + char *identity = NULL; + char *radius_cui = NULL; +#ifdef CONFIG_FILS + int delay_assoc = 0; +#endif /* CONFIG_FILS */ if (len < IEEE80211_HDRLEN + (reassoc ? sizeof(mgmt->u.reassoc_req) : sizeof(mgmt->u.assoc_req))) { @@ -2127,7 +3281,7 @@ static void handle_assoc(struct hostapd_data *hapd, } sta = ap_get_sta(hapd, mgmt->sa); -#ifdef CONFIG_IEEE80211R +#ifdef CONFIG_IEEE80211R_AP if (sta && sta->auth_alg == WLAN_AUTH_FT && (sta->flags & WLAN_STA_AUTH) == 0) { wpa_printf(MSG_DEBUG, "FT: Allow STA " MACSTR " to associate " @@ -2140,24 +3294,76 @@ static void handle_assoc(struct hostapd_data *hapd, */ sta->flags |= WLAN_STA_AUTH; } else -#endif /* CONFIG_IEEE80211R */ +#endif /* CONFIG_IEEE80211R_AP */ if (sta == NULL || (sta->flags & WLAN_STA_AUTH) == 0) { - hostapd_logger(hapd, mgmt->sa, HOSTAPD_MODULE_IEEE80211, - HOSTAPD_LEVEL_INFO, "Station tried to " - "associate before authentication " - "(aid=%d flags=0x%x)", - sta ? sta->aid : -1, - sta ? sta->flags : 0); - send_deauth(hapd, mgmt->sa, - WLAN_REASON_CLASS2_FRAME_FROM_NONAUTH_STA); - return; + if (hapd->iface->current_mode && + hapd->iface->current_mode->mode == + HOSTAPD_MODE_IEEE80211AD) { + int acl_res; + u32 session_timeout, acct_interim_interval; + struct vlan_description vlan_id; + + acl_res = ieee802_11_allowed_address( + hapd, mgmt->sa, (const u8 *) mgmt, len, + &session_timeout, &acct_interim_interval, + &vlan_id, &psk, &identity, &radius_cui, 0); + if (acl_res == HOSTAPD_ACL_REJECT) { + wpa_msg(hapd->msg_ctx, MSG_DEBUG, + "Ignore Association Request frame from " + MACSTR " due to ACL reject", + MAC2STR(mgmt->sa)); + resp = WLAN_STATUS_UNSPECIFIED_FAILURE; + goto fail; + } + if (acl_res == HOSTAPD_ACL_PENDING) + return; + + /* DMG/IEEE 802.11ad does not use authentication. + * Allocate sta entry upon association. */ + sta = ap_sta_add(hapd, mgmt->sa); + if (!sta) { + hostapd_logger(hapd, mgmt->sa, + HOSTAPD_MODULE_IEEE80211, + HOSTAPD_LEVEL_INFO, + "Failed to add STA"); + resp = WLAN_STATUS_AP_UNABLE_TO_HANDLE_NEW_STA; + goto fail; + } + + acl_res = ieee802_11_set_radius_info( + hapd, sta, acl_res, session_timeout, + acct_interim_interval, &vlan_id, &psk, + &identity, &radius_cui); + if (acl_res) { + resp = WLAN_STATUS_UNSPECIFIED_FAILURE; + goto fail; + } + + hostapd_logger(hapd, sta->addr, + HOSTAPD_MODULE_IEEE80211, + HOSTAPD_LEVEL_DEBUG, + "Skip authentication for DMG/IEEE 802.11ad"); + sta->flags |= WLAN_STA_AUTH; + wpa_auth_sm_event(sta->wpa_sm, WPA_AUTH); + sta->auth_alg = WLAN_AUTH_OPEN; + } else { + hostapd_logger(hapd, mgmt->sa, + HOSTAPD_MODULE_IEEE80211, + HOSTAPD_LEVEL_INFO, + "Station tried to associate before authentication (aid=%d flags=0x%x)", + sta ? sta->aid : -1, + sta ? sta->flags : 0); + send_deauth(hapd, mgmt->sa, + WLAN_REASON_CLASS2_FRAME_FROM_NONAUTH_STA); + return; + } } if ((fc & WLAN_FC_RETRY) && sta->last_seq_ctrl != WLAN_INVALID_MGMT_SEQ && sta->last_seq_ctrl == seq_ctrl && - sta->last_subtype == reassoc ? WLAN_FC_STYPE_REASSOC_REQ : - WLAN_FC_STYPE_ASSOC_REQ) { + sta->last_subtype == (reassoc ? WLAN_FC_STYPE_REASSOC_REQ : + WLAN_FC_STYPE_ASSOC_REQ)) { hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_DEBUG, "Drop repeated association frame seq_ctrl=0x%x", @@ -2169,7 +3375,7 @@ static void handle_assoc(struct hostapd_data *hapd, WLAN_FC_STYPE_ASSOC_REQ; if (hapd->tkip_countermeasures) { - resp = WLAN_REASON_MICHAEL_MIC_FAILURE; + resp = WLAN_STATUS_UNSPECIFIED_FAILURE; goto fail; } @@ -2195,6 +3401,32 @@ static void handle_assoc(struct hostapd_data *hapd, */ sta->capability = capab_info; +#ifdef CONFIG_FILS + if (sta->auth_alg == WLAN_AUTH_FILS_SK || + sta->auth_alg == WLAN_AUTH_FILS_SK_PFS || + sta->auth_alg == WLAN_AUTH_FILS_PK) { + int res; + + /* The end of the payload is encrypted. Need to decrypt it + * before parsing. */ + + tmp = os_memdup(pos, left); + if (!tmp) { + resp = WLAN_STATUS_UNSPECIFIED_FAILURE; + goto fail; + } + + res = fils_decrypt_assoc(sta->wpa_sm, sta->fils_session, mgmt, + len, tmp, left); + if (res < 0) { + resp = WLAN_STATUS_UNSPECIFIED_FAILURE; + goto fail; + } + pos = tmp; + left = res; + } +#endif /* CONFIG_FILS */ + /* followed by SSID and Supported rates; and HT capabilities if 802.11n * is used */ resp = check_assoc_ies(hapd, sta, pos, left, reassoc); @@ -2210,7 +3442,8 @@ static void handle_assoc(struct hostapd_data *hapd, sta->listen_interval = listen_interval; - if (hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G) + if (hapd->iface->current_mode && + hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G) sta->flags |= WLAN_STA_NONERP; for (i = 0; i < sta->supported_rates_len; i++) { if ((sta->supported_rates[i] & 0x7f) > 22) { @@ -2229,7 +3462,8 @@ static void handle_assoc(struct hostapd_data *hapd, !sta->no_short_slot_time_set) { sta->no_short_slot_time_set = 1; hapd->iface->num_sta_no_short_slot_time++; - if (hapd->iface->current_mode->mode == + if (hapd->iface->current_mode && + hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G && hapd->iface->num_sta_no_short_slot_time == 1) ieee802_11_set_beacons(hapd->iface); @@ -2244,7 +3478,8 @@ static void handle_assoc(struct hostapd_data *hapd, !sta->no_short_preamble_set) { sta->no_short_preamble_set = 1; hapd->iface->num_sta_no_short_preamble++; - if (hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G + if (hapd->iface->current_mode && + hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G && hapd->iface->num_sta_no_short_preamble == 1) ieee802_11_set_beacons(hapd->iface); } @@ -2281,7 +3516,22 @@ static void handle_assoc(struct hostapd_data *hapd, taxonomy_sta_info_assoc_req(hapd, sta, pos, left); #endif /* CONFIG_TAXONOMY */ + sta->pending_wds_enable = 0; + +#ifdef CONFIG_FILS + if (sta->auth_alg == WLAN_AUTH_FILS_SK || + sta->auth_alg == WLAN_AUTH_FILS_SK_PFS || + sta->auth_alg == WLAN_AUTH_FILS_PK) { + if (fils_process_hlp(hapd, sta, pos, left) > 0) + delay_assoc = 1; + } +#endif /* CONFIG_FILS */ + fail: + os_free(identity); + os_free(radius_cui); + hostapd_free_psk_list(psk); + /* * In case of a successful response, add the station to the driver. * Otherwise, the kernel may ignore Data frames before we process the @@ -2300,18 +3550,44 @@ static void handle_assoc(struct hostapd_data *hapd, * issues with processing other non-Data Class 3 frames during this * window. */ - if (resp == WLAN_STATUS_SUCCESS && add_associated_sta(hapd, sta)) + if (resp == WLAN_STATUS_SUCCESS && sta && add_associated_sta(hapd, sta)) resp = WLAN_STATUS_AP_UNABLE_TO_HANDLE_NEW_STA; - reply_res = send_assoc_resp(hapd, sta, resp, reassoc, pos, left); +#ifdef CONFIG_FILS + if (sta) { + eloop_cancel_timeout(fils_hlp_timeout, hapd, sta); + os_free(sta->fils_pending_assoc_req); + sta->fils_pending_assoc_req = NULL; + sta->fils_pending_assoc_req_len = 0; + wpabuf_free(sta->fils_hlp_resp); + sta->fils_hlp_resp = NULL; + } + if (sta && delay_assoc && resp == WLAN_STATUS_SUCCESS) { + sta->fils_pending_assoc_req = tmp; + sta->fils_pending_assoc_req_len = left; + sta->fils_pending_assoc_is_reassoc = reassoc; + sta->fils_drv_assoc_finish = 0; + wpa_printf(MSG_DEBUG, + "FILS: Waiting for HLP processing before sending (Re)Association Response frame to " + MACSTR, MAC2STR(sta->addr)); + eloop_cancel_timeout(fils_hlp_timeout, hapd, sta); + eloop_register_timeout(0, hapd->conf->fils_hlp_wait_time * 1024, + fils_hlp_timeout, hapd, sta); + return; + } +#endif /* CONFIG_FILS */ + + reply_res = send_assoc_resp(hapd, sta, mgmt->sa, resp, reassoc, pos, + left); + os_free(tmp); /* * Remove the station in case tranmission of a success response fails * (the STA was added associated to the driver) or if the station was * previously added unassociated. */ - if ((reply_res != WLAN_STATUS_SUCCESS && - resp == WLAN_STATUS_SUCCESS) || sta->added_unassoc) { + if (sta && ((reply_res != WLAN_STATUS_SUCCESS && + resp == WLAN_STATUS_SUCCESS) || sta->added_unassoc)) { hostapd_drv_sta_remove(hapd, sta->addr); sta->added_unassoc = 0; } @@ -2368,6 +3644,17 @@ static void handle_disassoc(struct hostapd_data *hapd, mlme_disassociate_indication( hapd, sta, le_to_host16(mgmt->u.disassoc.reason_code)); + + /* DMG/IEEE 802.11ad does not use deauthication. Deallocate sta upon + * disassociation. */ + if (hapd->iface->current_mode && + hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211AD) { + sta->flags &= ~WLAN_STA_AUTH; + wpa_auth_sm_event(sta->wpa_sm, WPA_DEAUTH); + hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, + HOSTAPD_LEVEL_DEBUG, "deauthenticated"); + ap_free_sta(hapd, sta); + } } @@ -2462,12 +3749,13 @@ static int robust_action_frame(u8 category) static int handle_action(struct hostapd_data *hapd, - const struct ieee80211_mgmt *mgmt, size_t len) + const struct ieee80211_mgmt *mgmt, size_t len, + unsigned int freq) { struct sta_info *sta; - sta = ap_get_sta(hapd, mgmt->sa); + u8 *action __maybe_unused; - if (len < IEEE80211_HDRLEN + 1) { + if (len < IEEE80211_HDRLEN + 2 + 1) { hostapd_logger(hapd, mgmt->sa, HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_DEBUG, "handle_action - too short payload (len=%lu)", @@ -2475,11 +3763,19 @@ static int handle_action(struct hostapd_data *hapd, return 0; } + action = (u8 *) &mgmt->u.action.u; + wpa_printf(MSG_DEBUG, "RX_ACTION category %u action %u sa " MACSTR + " da " MACSTR " len %d freq %u", + mgmt->u.action.category, *action, + MAC2STR(mgmt->sa), MAC2STR(mgmt->da), (int) len, freq); + + sta = ap_get_sta(hapd, mgmt->sa); + if (mgmt->u.action.category != WLAN_ACTION_PUBLIC && (sta == NULL || !(sta->flags & WLAN_STA_ASSOC))) { wpa_printf(MSG_DEBUG, "IEEE 802.11: Ignored Action " "frame (category=%u) from unassociated STA " MACSTR, - MAC2STR(mgmt->sa), mgmt->u.action.category); + mgmt->u.action.category, MAC2STR(mgmt->sa)); return 0; } @@ -2516,14 +3812,14 @@ static int handle_action(struct hostapd_data *hapd, } switch (mgmt->u.action.category) { -#ifdef CONFIG_IEEE80211R +#ifdef CONFIG_IEEE80211R_AP case WLAN_ACTION_FT: if (!sta || wpa_ft_action_rx(sta->wpa_sm, (u8 *) &mgmt->u.action, len - IEEE80211_HDRLEN)) break; return 1; -#endif /* CONFIG_IEEE80211R */ +#endif /* CONFIG_IEEE80211R_AP */ case WLAN_ACTION_WMM: hostapd_wmm_action(hapd, mgmt, len); return 1; @@ -2531,11 +3827,11 @@ static int handle_action(struct hostapd_data *hapd, case WLAN_ACTION_SA_QUERY: return hostapd_sa_query_action(hapd, mgmt, len); #endif /* CONFIG_IEEE80211W */ -#ifdef CONFIG_WNM +#ifdef CONFIG_WNM_AP case WLAN_ACTION_WNM: ieee802_11_rx_wnm_action_ap(hapd, mgmt, len); return 1; -#endif /* CONFIG_WNM */ +#endif /* CONFIG_WNM_AP */ #ifdef CONFIG_FST case WLAN_ACTION_FST: if (hapd->iface->fst) @@ -2551,12 +3847,41 @@ static int handle_action(struct hostapd_data *hapd, if (len >= IEEE80211_HDRLEN + 2 && mgmt->u.action.u.public_action.action == WLAN_PA_20_40_BSS_COEX) { - wpa_printf(MSG_DEBUG, - "HT20/40 coex mgmt frame received from STA " - MACSTR, MAC2STR(mgmt->sa)); hostapd_2040_coex_action(hapd, mgmt, len); + return 1; } #endif /* CONFIG_IEEE80211N */ +#ifdef CONFIG_DPP + if (len >= IEEE80211_HDRLEN + 6 && + mgmt->u.action.u.vs_public_action.action == + WLAN_PA_VENDOR_SPECIFIC && + WPA_GET_BE24(mgmt->u.action.u.vs_public_action.oui) == + OUI_WFA && + mgmt->u.action.u.vs_public_action.variable[0] == + DPP_OUI_TYPE) { + const u8 *pos, *end; + + pos = mgmt->u.action.u.vs_public_action.oui; + end = ((const u8 *) mgmt) + len; + hostapd_dpp_rx_action(hapd, mgmt->sa, pos, end - pos, + freq); + return 1; + } + if (len >= IEEE80211_HDRLEN + 2 && + (mgmt->u.action.u.public_action.action == + WLAN_PA_GAS_INITIAL_RESP || + mgmt->u.action.u.public_action.action == + WLAN_PA_GAS_COMEBACK_RESP)) { + const u8 *pos, *end; + + pos = &mgmt->u.action.u.public_action.action; + end = ((const u8 *) mgmt) + len; + gas_query_ap_rx(hapd->gas, mgmt->sa, + mgmt->u.action.category, + pos, end - pos, hapd->iface->freq); + return 1; + } +#endif /* CONFIG_DPP */ if (hapd->public_action_cb) { hapd->public_action_cb(hapd->public_action_cb_ctx, (u8 *) mgmt, len, @@ -2600,10 +3925,9 @@ static int handle_action(struct hostapd_data *hapd, */ wpa_printf(MSG_DEBUG, "IEEE 802.11: Return unknown Action " "frame back to sender"); - resp = os_malloc(len); + resp = os_memdup(mgmt, len); if (resp == NULL) return 0; - os_memcpy(resp, mgmt, len); os_memcpy(resp->da, resp->sa, ETH_ALEN); os_memcpy(resp->sa, hapd->own_addr, ETH_ALEN); os_memcpy(resp->bssid, hapd->own_addr, ETH_ALEN); @@ -2639,10 +3963,17 @@ int ieee802_11_mgmt(struct hostapd_data *hapd, const u8 *buf, size_t len, struct ieee80211_mgmt *mgmt; u16 fc, stype; int ret = 0; + unsigned int freq; + int ssi_signal = fi ? fi->ssi_signal : 0; if (len < 24) return 0; + if (fi && fi->freq) + freq = fi->freq; + else + freq = hapd->iface->freq; + mgmt = (struct ieee80211_mgmt *) buf; fc = le_to_host16(mgmt->frame_control); stype = WLAN_FC_GET_STYPE(fc); @@ -2669,11 +4000,13 @@ int ieee802_11_mgmt(struct hostapd_data *hapd, const u8 *buf, size_t len, if (stype == WLAN_FC_STYPE_PROBE_REQ) { - handle_probe_req(hapd, mgmt, len, fi->ssi_signal); + handle_probe_req(hapd, mgmt, len, ssi_signal); return 1; } - if (os_memcmp(mgmt->da, hapd->own_addr, ETH_ALEN) != 0) { + if ((!is_broadcast_ether_addr(mgmt->da) || + stype != WLAN_FC_STYPE_ACTION) && + os_memcmp(mgmt->da, hapd->own_addr, ETH_ALEN) != 0) { hostapd_logger(hapd, mgmt->sa, HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_DEBUG, "MGMT: DA=" MACSTR " not our address", @@ -2682,7 +4015,7 @@ int ieee802_11_mgmt(struct hostapd_data *hapd, const u8 *buf, size_t len, } if (hapd->iconf->track_sta_max_num) - sta_track_add(hapd->iface, mgmt->sa); + sta_track_add(hapd->iface, mgmt->sa, ssi_signal); switch (stype) { case WLAN_FC_STYPE_AUTH: @@ -2712,7 +4045,7 @@ int ieee802_11_mgmt(struct hostapd_data *hapd, const u8 *buf, size_t len, break; case WLAN_FC_STYPE_ACTION: wpa_printf(MSG_DEBUG, "mgmt::action"); - ret = handle_action(hapd, mgmt, len); + ret = handle_action(hapd, mgmt, len, freq); break; default: hostapd_logger(hapd, mgmt->sa, HOSTAPD_MODULE_IEEE80211, @@ -2734,7 +4067,8 @@ static void handle_auth_cb(struct hostapd_data *hapd, sta = ap_get_sta(hapd, mgmt->da); if (!sta) { - wpa_printf(MSG_INFO, "handle_auth_cb: STA " MACSTR " not found", + wpa_printf(MSG_DEBUG, "handle_auth_cb: STA " MACSTR + " not found", MAC2STR(mgmt->da)); return; } @@ -2856,11 +4190,15 @@ static void handle_assoc_cb(struct hostapd_data *hapd, new_assoc = 0; sta->flags |= WLAN_STA_ASSOC; sta->flags &= ~WLAN_STA_WNM_SLEEP_MODE; - if ((!hapd->conf->ieee802_1x && !hapd->conf->wpa && !hapd->conf->osen) || + if ((!hapd->conf->ieee802_1x && !hapd->conf->wpa && + !hapd->conf->osen) || + sta->auth_alg == WLAN_AUTH_FILS_SK || + sta->auth_alg == WLAN_AUTH_FILS_SK_PFS || + sta->auth_alg == WLAN_AUTH_FILS_PK || sta->auth_alg == WLAN_AUTH_FT) { /* - * Open, static WEP, or FT protocol; no separate authorization - * step. + * Open, static WEP, FT protocol, or FILS; no separate + * authorization step. */ ap_sta_set_authorized(hapd, sta, 1); } @@ -2874,16 +4212,6 @@ static void handle_assoc_cb(struct hostapd_data *hapd, sta->sa_query_timed_out = 0; #endif /* CONFIG_IEEE80211W */ - if (sta->flags & WLAN_STA_WDS) { - int ret; - char ifname_wds[IFNAMSIZ + 1]; - - ret = hostapd_set_wds_sta(hapd, ifname_wds, sta->addr, - sta->aid, 1); - if (!ret) - hostapd_set_wds_encryption(hapd, sta, ifname_wds); - } - if (sta->eapol_sm == NULL) { /* * This STA does not use RADIUS server for EAP authentication, @@ -2900,6 +4228,27 @@ static void handle_assoc_cb(struct hostapd_data *hapd, hostapd_set_sta_flags(hapd, sta); + if (!(sta->flags & WLAN_STA_WDS) && sta->pending_wds_enable) { + wpa_printf(MSG_DEBUG, "Enable 4-address WDS mode for STA " + MACSTR " based on pending request", + MAC2STR(sta->addr)); + sta->pending_wds_enable = 0; + sta->flags |= WLAN_STA_WDS; + } + + if (sta->flags & WLAN_STA_WDS) { + int ret; + char ifname_wds[IFNAMSIZ + 1]; + + wpa_printf(MSG_DEBUG, "Reenable 4-address WDS mode for STA " + MACSTR " (aid %u)", + MAC2STR(sta->addr), sta->aid); + ret = hostapd_set_wds_sta(hapd, ifname_wds, sta->addr, + sta->aid, 1); + if (!ret) + hostapd_set_wds_encryption(hapd, sta, ifname_wds); + } + if (sta->auth_alg == WLAN_AUTH_FT) wpa_auth_sm_event(sta->wpa_sm, WPA_ASSOC_FT); else @@ -2907,6 +4256,18 @@ static void handle_assoc_cb(struct hostapd_data *hapd, hapd->new_assoc_sta_cb(hapd, sta, !new_assoc); ieee802_1x_notify_port_enabled(sta->eapol_sm, 1); +#ifdef CONFIG_FILS + if ((sta->auth_alg == WLAN_AUTH_FILS_SK || + sta->auth_alg == WLAN_AUTH_FILS_SK_PFS || + sta->auth_alg == WLAN_AUTH_FILS_PK) && + fils_set_tk(sta->wpa_sm) < 0) { + wpa_printf(MSG_DEBUG, "FILS: TK configuration failed"); + ap_sta_disconnect(hapd, sta, sta->addr, + WLAN_REASON_UNSPECIFIED); + return; + } +#endif /* CONFIG_FILS */ + if (sta->pending_eapol_rx) { struct os_reltime now, age; @@ -2976,6 +4337,65 @@ static void handle_disassoc_cb(struct hostapd_data *hapd, } +static void handle_action_cb(struct hostapd_data *hapd, + const struct ieee80211_mgmt *mgmt, + size_t len, int ok) +{ + struct sta_info *sta; + const struct rrm_measurement_report_element *report; + + if (is_multicast_ether_addr(mgmt->da)) + return; +#ifdef CONFIG_DPP + if (len >= IEEE80211_HDRLEN + 6 && + mgmt->u.action.category == WLAN_ACTION_PUBLIC && + mgmt->u.action.u.vs_public_action.action == + WLAN_PA_VENDOR_SPECIFIC && + WPA_GET_BE24(mgmt->u.action.u.vs_public_action.oui) == + OUI_WFA && + mgmt->u.action.u.vs_public_action.variable[0] == + DPP_OUI_TYPE) { + const u8 *pos, *end; + + pos = &mgmt->u.action.u.vs_public_action.variable[1]; + end = ((const u8 *) mgmt) + len; + hostapd_dpp_tx_status(hapd, mgmt->da, pos, end - pos, ok); + return; + } + if (len >= IEEE80211_HDRLEN + 2 && + mgmt->u.action.category == WLAN_ACTION_PUBLIC && + (mgmt->u.action.u.public_action.action == + WLAN_PA_GAS_INITIAL_REQ || + mgmt->u.action.u.public_action.action == + WLAN_PA_GAS_COMEBACK_REQ)) { + const u8 *pos, *end; + + pos = mgmt->u.action.u.public_action.variable; + end = ((const u8 *) mgmt) + len; + gas_query_ap_tx_status(hapd->gas, mgmt->da, pos, end - pos, ok); + return; + } +#endif /* CONFIG_DPP */ + sta = ap_get_sta(hapd, mgmt->da); + if (!sta) { + wpa_printf(MSG_DEBUG, "handle_action_cb: STA " MACSTR + " not found", MAC2STR(mgmt->da)); + return; + } + + if (len < 24 + 5 + sizeof(*report)) + return; + report = (const struct rrm_measurement_report_element *) + &mgmt->u.action.u.rrm.variable[2]; + if (mgmt->u.action.category == WLAN_ACTION_RADIO_MEASUREMENT && + mgmt->u.action.u.rrm.action == WLAN_RRM_RADIO_MEASUREMENT_REQUEST && + report->eid == WLAN_EID_MEASURE_REQUEST && + report->len >= 3 && + report->type == MEASURE_TYPE_BEACON) + hostapd_rrm_beacon_req_tx_status(hapd, mgmt, len, ok); +} + + /** * ieee802_11_mgmt_cb - Process management frame TX status callback * @hapd: hostapd BSS data structure (the BSS from which the management frame @@ -2993,8 +4413,16 @@ void ieee802_11_mgmt_cb(struct hostapd_data *hapd, const u8 *buf, size_t len, #ifdef CONFIG_TESTING_OPTIONS if (hapd->ext_mgmt_frame_handling) { - wpa_msg(hapd->msg_ctx, MSG_INFO, "MGMT-TX-STATUS stype=%u ok=%d", - stype, ok); + size_t hex_len = 2 * len + 1; + char *hex = os_malloc(hex_len); + + if (hex) { + wpa_snprintf_hex(hex, hex_len, buf, len); + wpa_msg(hapd->msg_ctx, MSG_INFO, + "MGMT-TX-STATUS stype=%u ok=%d buf=%s", + stype, ok, hex); + os_free(hex); + } return; } #endif /* CONFIG_TESTING_OPTIONS */ @@ -3025,6 +4453,7 @@ void ieee802_11_mgmt_cb(struct hostapd_data *hapd, const u8 *buf, size_t len, break; case WLAN_FC_STYPE_ACTION: wpa_printf(MSG_DEBUG, "mgmt::action cb ok=%d", ok); + handle_action_cb(hapd, mgmt, len, ok); break; default: wpa_printf(MSG_INFO, "unknown mgmt cb frame subtype %d", stype); @@ -3139,10 +4568,22 @@ void ieee802_11_rx_from_unknown(struct hostapd_data *hapd, const u8 *src, struct sta_info *sta; sta = ap_get_sta(hapd, src); - if (sta && (sta->flags & WLAN_STA_ASSOC)) { + if (sta && + ((sta->flags & WLAN_STA_ASSOC) || + ((sta->flags & WLAN_STA_ASSOC_REQ_OK) && wds))) { if (!hapd->conf->wds_sta) return; + if ((sta->flags & (WLAN_STA_ASSOC | WLAN_STA_ASSOC_REQ_OK)) == + WLAN_STA_ASSOC_REQ_OK) { + wpa_printf(MSG_DEBUG, + "Postpone 4-address WDS mode enabling for STA " + MACSTR " since TX status for AssocResp is not yet known", + MAC2STR(sta->addr)); + sta->pending_wds_enable = 1; + return; + } + if (wds && !(sta->flags & WLAN_STA_WDS)) { int ret; char ifname_wds[IFNAMSIZ + 1]; diff --git a/contrib/wpa/src/ap/ieee802_11.h b/contrib/wpa/src/ap/ieee802_11.h index 0327dec2a2bc..2f3b4da8e752 100644 --- a/contrib/wpa/src/ap/ieee802_11.h +++ b/contrib/wpa/src/ap/ieee802_11.h @@ -16,6 +16,8 @@ struct hostapd_frame_info; struct ieee80211_ht_capabilities; struct ieee80211_vht_capabilities; struct ieee80211_mgmt; +struct vlan_description; +struct hostapd_sta_wpa_psk_short; int ieee802_11_mgmt(struct hostapd_data *hapd, const u8 *buf, size_t len, struct hostapd_frame_info *fi); @@ -55,6 +57,8 @@ u8 * hostapd_eid_vht_operation(struct hostapd_data *hapd, u8 *eid); u8 * hostapd_eid_vendor_vht(struct hostapd_data *hapd, u8 *eid); u8 * hostapd_eid_wb_chsw_wrapper(struct hostapd_data *hapd, u8 *eid); u8 * hostapd_eid_txpower_envelope(struct hostapd_data *hapd, u8 *eid); +u8 * hostapd_eid_he_capab(struct hostapd_data *hapd, u8 *eid); +u8 * hostapd_eid_he_operation(struct hostapd_data *hapd, u8 *eid); int hostapd_ht_operation_update(struct hostapd_iface *iface); void ieee802_11_send_sa_query_req(struct hostapd_data *hapd, @@ -135,4 +139,31 @@ void ap_copy_sta_supp_op_classes(struct sta_info *sta, const u8 *supp_op_classes, size_t supp_op_classes_len); +u8 * hostapd_eid_fils_indic(struct hostapd_data *hapd, u8 *eid, int hessid); +void ieee802_11_finish_fils_auth(struct hostapd_data *hapd, + struct sta_info *sta, int success, + struct wpabuf *erp_resp, + const u8 *msk, size_t msk_len); +u8 * owe_assoc_req_process(struct hostapd_data *hapd, struct sta_info *sta, + const u8 *owe_dh, u8 owe_dh_len, + u8 *owe_buf, size_t owe_buf_len, u16 *reason); +void fils_hlp_timeout(void *eloop_ctx, void *eloop_data); +void fils_hlp_finish_assoc(struct hostapd_data *hapd, struct sta_info *sta); +void handle_auth_fils(struct hostapd_data *hapd, struct sta_info *sta, + const u8 *pos, size_t len, u16 auth_alg, + u16 auth_transaction, u16 status_code, + void (*cb)(struct hostapd_data *hapd, + struct sta_info *sta, + u16 resp, struct wpabuf *data, int pub)); + +size_t hostapd_eid_owe_trans_len(struct hostapd_data *hapd); +u8 * hostapd_eid_owe_trans(struct hostapd_data *hapd, u8 *eid, size_t len); +int ieee802_11_allowed_address(struct hostapd_data *hapd, const u8 *addr, + const u8 *msg, size_t len, u32 *session_timeout, + u32 *acct_interim_interval, + struct vlan_description *vlan_id, + struct hostapd_sta_wpa_psk_short **psk, + char **identity, char **radius_cui, + int is_probe_req); + #endif /* IEEE802_11_H */ diff --git a/contrib/wpa/src/ap/ieee802_11_auth.c b/contrib/wpa/src/ap/ieee802_11_auth.c index b8905373618d..5cb7fb1454f7 100644 --- a/contrib/wpa/src/ap/ieee802_11_auth.c +++ b/contrib/wpa/src/ap/ieee802_11_auth.c @@ -244,6 +244,7 @@ int hostapd_check_acl(struct hostapd_data *hapd, const u8 *addr, * @psk: Linked list buffer for returning WPA PSK * @identity: Buffer for returning identity (from RADIUS) * @radius_cui: Buffer for returning CUI (from RADIUS) + * @is_probe_req: Whether this query for a Probe Request frame * Returns: HOSTAPD_ACL_ACCEPT, HOSTAPD_ACL_REJECT, or HOSTAPD_ACL_PENDING * * The caller is responsible for freeing the returned *identity and *radius_cui @@ -254,7 +255,8 @@ int hostapd_allowed_address(struct hostapd_data *hapd, const u8 *addr, u32 *acct_interim_interval, struct vlan_description *vlan_id, struct hostapd_sta_wpa_psk_short **psk, - char **identity, char **radius_cui) + char **identity, char **radius_cui, + int is_probe_req) { int res; @@ -281,6 +283,12 @@ int hostapd_allowed_address(struct hostapd_data *hapd, const u8 *addr, #else /* CONFIG_NO_RADIUS */ struct hostapd_acl_query_data *query; + if (is_probe_req) { + /* Skip RADIUS queries for Probe Request frames to avoid + * excessive load on the authentication server. */ + return HOSTAPD_ACL_ACCEPT; + }; + /* Check whether ACL cache has an entry for this station */ res = hostapd_acl_cache_get(hapd, addr, session_timeout, acct_interim_interval, vlan_id, psk, @@ -327,14 +335,13 @@ int hostapd_allowed_address(struct hostapd_data *hapd, const u8 *addr, return HOSTAPD_ACL_REJECT; } - query->auth_msg = os_malloc(len); + query->auth_msg = os_memdup(msg, len); if (query->auth_msg == NULL) { wpa_printf(MSG_ERROR, "Failed to allocate memory for " "auth frame."); hostapd_acl_query_free(query); return HOSTAPD_ACL_REJECT; } - os_memcpy(query->auth_msg, msg, len); query->auth_msg_len = len; query->next = hapd->acl_queries; hapd->acl_queries = query; @@ -665,9 +672,11 @@ void hostapd_acl_deinit(struct hostapd_data *hapd) #ifndef CONFIG_NO_RADIUS hostapd_acl_cache_free(hapd->acl_cache); + hapd->acl_cache = NULL; #endif /* CONFIG_NO_RADIUS */ query = hapd->acl_queries; + hapd->acl_queries = NULL; while (query) { prev = query; query = query->next; diff --git a/contrib/wpa/src/ap/ieee802_11_auth.h b/contrib/wpa/src/ap/ieee802_11_auth.h index 71f53b9612fa..5aece5183c69 100644 --- a/contrib/wpa/src/ap/ieee802_11_auth.h +++ b/contrib/wpa/src/ap/ieee802_11_auth.h @@ -23,7 +23,8 @@ int hostapd_allowed_address(struct hostapd_data *hapd, const u8 *addr, u32 *acct_interim_interval, struct vlan_description *vlan_id, struct hostapd_sta_wpa_psk_short **psk, - char **identity, char **radius_cui); + char **identity, char **radius_cui, + int is_probe_req); int hostapd_acl_init(struct hostapd_data *hapd); void hostapd_acl_deinit(struct hostapd_data *hapd); void hostapd_free_psk_list(struct hostapd_sta_wpa_psk_short *psk); diff --git a/contrib/wpa/src/ap/ieee802_11_he.c b/contrib/wpa/src/ap/ieee802_11_he.c new file mode 100644 index 000000000000..1a8d46972985 --- /dev/null +++ b/contrib/wpa/src/ap/ieee802_11_he.c @@ -0,0 +1,88 @@ +/* + * hostapd / IEEE 802.11ax HE + * Copyright (c) 2016-2017, Qualcomm Atheros, Inc. + * + * This software may be distributed under the terms of the BSD license. + * See README for more details. + */ + +#include "utils/includes.h" + +#include "utils/common.h" +#include "common/ieee802_11_defs.h" +#include "hostapd.h" +#include "ap_config.h" +#include "beacon.h" +#include "ieee802_11.h" +#include "dfs.h" + +u8 * hostapd_eid_he_capab(struct hostapd_data *hapd, u8 *eid) +{ + struct ieee80211_he_capabilities *cap; + u8 *pos = eid; + + if (!hapd->iface->current_mode) + return eid; + + *pos++ = WLAN_EID_EXTENSION; + *pos++ = 1 + sizeof(struct ieee80211_he_capabilities); + *pos++ = WLAN_EID_EXT_HE_CAPABILITIES; + + cap = (struct ieee80211_he_capabilities *) pos; + os_memset(cap, 0, sizeof(*cap)); + + if (hapd->iface->conf->he_phy_capab.he_su_beamformer) + cap->he_phy_capab_info[HE_PHYCAP_SU_BEAMFORMER_CAPAB_IDX] |= + HE_PHYCAP_SU_BEAMFORMER_CAPAB; + + if (hapd->iface->conf->he_phy_capab.he_su_beamformee) + cap->he_phy_capab_info[HE_PHYCAP_SU_BEAMFORMEE_CAPAB_IDX] |= + HE_PHYCAP_SU_BEAMFORMEE_CAPAB; + + if (hapd->iface->conf->he_phy_capab.he_mu_beamformer) + cap->he_phy_capab_info[HE_PHYCAP_MU_BEAMFORMER_CAPAB_IDX] |= + HE_PHYCAP_MU_BEAMFORMER_CAPAB; + + pos += sizeof(*cap); + + return pos; +} + + +u8 * hostapd_eid_he_operation(struct hostapd_data *hapd, u8 *eid) +{ + struct ieee80211_he_operation *oper; + u8 *pos = eid; + + if (!hapd->iface->current_mode) + return eid; + + *pos++ = WLAN_EID_EXTENSION; + *pos++ = 1 + sizeof(struct ieee80211_he_operation); + *pos++ = WLAN_EID_EXT_HE_OPERATION; + + oper = (struct ieee80211_he_operation *) pos; + os_memset(oper, 0, sizeof(*oper)); + + if (hapd->iface->conf->he_op.he_bss_color) + oper->he_oper_params |= hapd->iface->conf->he_op.he_bss_color; + + if (hapd->iface->conf->he_op.he_default_pe_duration) + oper->he_oper_params |= + (hapd->iface->conf->he_op.he_default_pe_duration << + HE_OPERATION_DFLT_PE_DURATION_OFFSET); + + if (hapd->iface->conf->he_op.he_twt_required) + oper->he_oper_params |= HE_OPERATION_TWT_REQUIRED; + + if (hapd->iface->conf->he_op.he_rts_threshold) + oper->he_oper_params |= + (hapd->iface->conf->he_op.he_rts_threshold << + HE_OPERATION_RTS_THRESHOLD_OFFSET); + + /* TODO: conditional MaxBSSID Indicator subfield */ + + pos += sizeof(*oper); + + return pos; +} diff --git a/contrib/wpa/src/ap/ieee802_11_ht.c b/contrib/wpa/src/ap/ieee802_11_ht.c index 5eb1060a2965..214855dccb8c 100644 --- a/contrib/wpa/src/ap/ieee802_11_ht.c +++ b/contrib/wpa/src/ap/ieee802_11_ht.c @@ -236,17 +236,29 @@ void hostapd_2040_coex_action(struct hostapd_data *hapd, int i; const u8 *start = (const u8 *) mgmt; const u8 *data = start + IEEE80211_HDRLEN + 2; + struct sta_info *sta; + + wpa_printf(MSG_DEBUG, + "HT: Received 20/40 BSS Coexistence Management frame from " + MACSTR, MAC2STR(mgmt->sa)); hostapd_logger(hapd, mgmt->sa, HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_DEBUG, "hostapd_public_action - action=%d", mgmt->u.action.u.public_action.action); - if (!(iface->conf->ht_capab & HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET)) + if (!(iface->conf->ht_capab & HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET)) { + wpa_printf(MSG_DEBUG, + "Ignore 20/40 BSS Coexistence Management frame since 40 MHz capability is not enabled"); return; + } - if (len < IEEE80211_HDRLEN + 2 + sizeof(*bc_ie)) + if (len < IEEE80211_HDRLEN + 2 + sizeof(*bc_ie)) { + wpa_printf(MSG_DEBUG, + "Ignore too short 20/40 BSS Coexistence Management frame"); return; + } + /* 20/40 BSS Coexistence element */ bc_ie = (struct ieee80211_2040_bss_coex_ie *) data; if (bc_ie->element_id != WLAN_EID_20_40_BSS_COEXISTENCE || bc_ie->length < 1) { @@ -254,13 +266,35 @@ void hostapd_2040_coex_action(struct hostapd_data *hapd, bc_ie->element_id, bc_ie->length); return; } - if (len < IEEE80211_HDRLEN + 2 + 2 + bc_ie->length) + if (len < IEEE80211_HDRLEN + 2 + 2 + bc_ie->length) { + wpa_printf(MSG_DEBUG, + "Truncated 20/40 BSS Coexistence element"); return; + } data += 2 + bc_ie->length; - wpa_printf(MSG_DEBUG, "20/40 BSS Coexistence Information field: 0x%x", - bc_ie->coex_param); + wpa_printf(MSG_DEBUG, + "20/40 BSS Coexistence Information field: 0x%x (%s%s%s%s%s%s)", + bc_ie->coex_param, + (bc_ie->coex_param & BIT(0)) ? "[InfoReq]" : "", + (bc_ie->coex_param & BIT(1)) ? "[40MHzIntolerant]" : "", + (bc_ie->coex_param & BIT(2)) ? "[20MHzBSSWidthReq]" : "", + (bc_ie->coex_param & BIT(3)) ? "[OBSSScanExemptionReq]" : "", + (bc_ie->coex_param & BIT(4)) ? + "[OBSSScanExemptionGrant]" : "", + (bc_ie->coex_param & (BIT(5) | BIT(6) | BIT(7))) ? + "[Reserved]" : ""); + if (bc_ie->coex_param & WLAN_20_40_BSS_COEX_20MHZ_WIDTH_REQ) { + /* Intra-BSS communication prohibiting 20/40 MHz BSS operation + */ + sta = ap_get_sta(hapd, mgmt->sa); + if (!sta || !(sta->flags & WLAN_STA_ASSOC)) { + wpa_printf(MSG_DEBUG, + "Ignore intra-BSS 20/40 BSS Coexistence Management frame from not-associated STA"); + return; + } + hostapd_logger(hapd, mgmt->sa, HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_DEBUG, @@ -269,6 +303,8 @@ void hostapd_2040_coex_action(struct hostapd_data *hapd, } if (bc_ie->coex_param & WLAN_20_40_BSS_COEX_40MHZ_INTOL) { + /* Inter-BSS communication prohibiting 20/40 MHz BSS operation + */ hostapd_logger(hapd, mgmt->sa, HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_DEBUG, @@ -276,12 +312,16 @@ void hostapd_2040_coex_action(struct hostapd_data *hapd, is_ht40_allowed = 0; } - if (start + len - data >= 3 && - data[0] == WLAN_EID_20_40_BSS_INTOLERANT && data[1] >= 1) { + /* 20/40 BSS Intolerant Channel Report element (zero or more times) */ + while (start + len - data >= 3 && + data[0] == WLAN_EID_20_40_BSS_INTOLERANT && data[1] >= 1) { u8 ielen = data[1]; - if (ielen > start + len - data - 2) + if (ielen > start + len - data - 2) { + wpa_printf(MSG_DEBUG, + "Truncated 20/40 BSS Intolerant Channel Report element"); return; + } ic_report = (struct ieee80211_2040_intol_chan_report *) data; wpa_printf(MSG_DEBUG, "20/40 BSS Intolerant Channel Report: Operating Class %u", @@ -292,8 +332,10 @@ void hostapd_2040_coex_action(struct hostapd_data *hapd, for (i = 0; i < ielen - 1; i++) { u8 chan = ic_report->variable[i]; + if (chan == iface->conf->channel) + continue; /* matching own primary channel */ if (is_40_allowed(iface, chan)) - continue; + continue; /* not within affected channels */ hostapd_logger(hapd, mgmt->sa, HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_DEBUG, @@ -301,6 +343,8 @@ void hostapd_2040_coex_action(struct hostapd_data *hapd, chan); is_ht40_allowed = 0; } + + data += 2 + ielen; } wpa_printf(MSG_DEBUG, "is_ht40_allowed=%d num_sta_ht40_intolerant=%d", is_ht40_allowed, iface->num_sta_ht40_intolerant); @@ -340,8 +384,8 @@ u16 copy_sta_ht_capab(struct hostapd_data *hapd, struct sta_info *sta, * that did not specify a valid WMM IE in the (Re)Association Request * frame. */ - if (!ht_capab || - !(sta->flags & WLAN_STA_WMM) || hapd->conf->disable_11n) { + if (!ht_capab || !(sta->flags & WLAN_STA_WMM) || + !hapd->iconf->ieee80211n || hapd->conf->disable_11n) { sta->flags &= ~WLAN_STA_HT; os_free(sta->ht_capabilities); sta->ht_capabilities = NULL; diff --git a/contrib/wpa/src/ap/ieee802_11_shared.c b/contrib/wpa/src/ap/ieee802_11_shared.c index 259413bd12ff..49e9bf8cc7c9 100644 --- a/contrib/wpa/src/ap/ieee802_11_shared.c +++ b/contrib/wpa/src/ap/ieee802_11_shared.c @@ -178,6 +178,10 @@ static void hostapd_ext_capab_byte(struct hostapd_data *hapd, u8 *pos, int idx) case 1: /* Bits 8-15 */ if (hapd->conf->proxy_arp) *pos |= 0x10; /* Bit 12 - Proxy ARP */ + if (hapd->conf->coloc_intf_reporting) { + /* Bit 13 - Collocated Interference Reporting */ + *pos |= 0x20; + } break; case 2: /* Bits 16-23 */ if (hapd->conf->wnm_sleep_mode) @@ -186,9 +190,9 @@ static void hostapd_ext_capab_byte(struct hostapd_data *hapd, u8 *pos, int idx) *pos |= 0x08; /* Bit 19 - BSS Transition */ break; case 3: /* Bits 24-31 */ -#ifdef CONFIG_WNM +#ifdef CONFIG_WNM_AP *pos |= 0x02; /* Bit 25 - SSID List */ -#endif /* CONFIG_WNM */ +#endif /* CONFIG_WNM_AP */ if (hapd->conf->time_advertisement == 2) *pos |= 0x08; /* Bit 27 - UTC TSF Offset */ if (hapd->conf->interworking) @@ -218,12 +222,21 @@ static void hostapd_ext_capab_byte(struct hostapd_data *hapd, u8 *pos, int idx) if (hapd->conf->ssid.utf8_ssid) *pos |= 0x01; /* Bit 48 - UTF-8 SSID */ break; + case 7: /* Bits 56-63 */ + break; case 8: /* Bits 64-71 */ if (hapd->conf->ftm_responder) *pos |= 0x40; /* Bit 70 - FTM responder */ if (hapd->conf->ftm_initiator) *pos |= 0x80; /* Bit 71 - FTM initiator */ break; + case 9: /* Bits 72-79 */ +#ifdef CONFIG_FILS + if ((hapd->conf->wpa & WPA_PROTO_RSN) && + wpa_key_mgmt_fils(hapd->conf->wpa_key_mgmt)) + *pos |= 0x01; +#endif /* CONFIG_FILS */ + break; } } @@ -246,10 +259,10 @@ u8 * hostapd_eid_ext_capab(struct hostapd_data *hapd, u8 *eid) if (len < 9 && (hapd->conf->ftm_initiator || hapd->conf->ftm_responder)) len = 9; -#ifdef CONFIG_WNM +#ifdef CONFIG_WNM_AP if (len < 4) len = 4; -#endif /* CONFIG_WNM */ +#endif /* CONFIG_WNM_AP */ #ifdef CONFIG_HS20 if (hapd->conf->hs20 && len < 6) len = 6; @@ -258,6 +271,11 @@ u8 * hostapd_eid_ext_capab(struct hostapd_data *hapd, u8 *eid) if (hapd->conf->mbo_enabled && len < 6) len = 6; #endif /* CONFIG_MBO */ +#ifdef CONFIG_FILS + if ((!(hapd->conf->wpa & WPA_PROTO_RSN) || + !wpa_key_mgmt_fils(hapd->conf->wpa_key_mgmt)) && len < 10) + len = 10; +#endif /* CONFIG_FILS */ if (len < hapd->iface->extended_capa_len) len = hapd->iface->extended_capa_len; if (len == 0) @@ -432,7 +450,7 @@ u8 * hostapd_eid_time_zone(struct hostapd_data *hapd, u8 *eid) { size_t len; - if (hapd->conf->time_advertisement != 2) + if (hapd->conf->time_advertisement != 2 || !hapd->conf->time_zone) return eid; len = os_strlen(hapd->conf->time_zone); @@ -503,7 +521,7 @@ u8 * hostapd_eid_bss_max_idle_period(struct hostapd_data *hapd, u8 *eid) { u8 *pos = eid; -#ifdef CONFIG_WNM +#ifdef CONFIG_WNM_AP if (hapd->conf->ap_max_inactivity > 0) { unsigned int val; *pos++ = WLAN_EID_BSS_MAX_IDLE_PERIOD; @@ -521,7 +539,7 @@ u8 * hostapd_eid_bss_max_idle_period(struct hostapd_data *hapd, u8 *eid) pos += 2; *pos++ = 0x00; /* TODO: Protected Keep-Alive Required */ } -#endif /* CONFIG_WNM */ +#endif /* CONFIG_WNM_AP */ return pos; } @@ -531,23 +549,38 @@ u8 * hostapd_eid_bss_max_idle_period(struct hostapd_data *hapd, u8 *eid) u8 * hostapd_eid_mbo(struct hostapd_data *hapd, u8 *eid, size_t len) { - u8 mbo[6], *mbo_pos = mbo; + u8 mbo[9], *mbo_pos = mbo; u8 *pos = eid; - if (!hapd->conf->mbo_enabled) + if (!hapd->conf->mbo_enabled && + !OCE_STA_CFON_ENABLED(hapd) && !OCE_AP_ENABLED(hapd)) return eid; - *mbo_pos++ = MBO_ATTR_ID_AP_CAPA_IND; - *mbo_pos++ = 1; - /* Not Cellular aware */ - *mbo_pos++ = 0; + if (hapd->conf->mbo_enabled) { + *mbo_pos++ = MBO_ATTR_ID_AP_CAPA_IND; + *mbo_pos++ = 1; + /* Not Cellular aware */ + *mbo_pos++ = 0; + } - if (hapd->mbo_assoc_disallow) { + if (hapd->conf->mbo_enabled && hapd->mbo_assoc_disallow) { *mbo_pos++ = MBO_ATTR_ID_ASSOC_DISALLOW; *mbo_pos++ = 1; *mbo_pos++ = hapd->mbo_assoc_disallow; } + if (OCE_STA_CFON_ENABLED(hapd) || OCE_AP_ENABLED(hapd)) { + u8 ctrl; + + ctrl = OCE_RELEASE; + if (OCE_STA_CFON_ENABLED(hapd) && !OCE_AP_ENABLED(hapd)) + ctrl |= OCE_IS_STA_CFON; + + *mbo_pos++ = OCE_ATTR_ID_CAPA_IND; + *mbo_pos++ = 1; + *mbo_pos++ = ctrl; + } + pos += mbo_add_ie(pos, len, mbo, mbo_pos - mbo); return pos; @@ -556,19 +589,91 @@ u8 * hostapd_eid_mbo(struct hostapd_data *hapd, u8 *eid, size_t len) u8 hostapd_mbo_ie_len(struct hostapd_data *hapd) { - if (!hapd->conf->mbo_enabled) + u8 len; + + if (!hapd->conf->mbo_enabled && + !OCE_STA_CFON_ENABLED(hapd) && !OCE_AP_ENABLED(hapd)) return 0; /* * MBO IE header (6) + Capability Indication attribute (3) + * Association Disallowed attribute (3) = 12 */ - return 6 + 3 + (hapd->mbo_assoc_disallow ? 3 : 0); + len = 6; + if (hapd->conf->mbo_enabled) + len += 3 + (hapd->mbo_assoc_disallow ? 3 : 0); + + /* OCE capability indication attribute (3) */ + if (OCE_STA_CFON_ENABLED(hapd) || OCE_AP_ENABLED(hapd)) + len += 3; + + return len; } #endif /* CONFIG_MBO */ +#ifdef CONFIG_OWE +static int hostapd_eid_owe_trans_enabled(struct hostapd_data *hapd) +{ + return hapd->conf->owe_transition_ssid_len > 0 && + !is_zero_ether_addr(hapd->conf->owe_transition_bssid); +} +#endif /* CONFIG_OWE */ + + +size_t hostapd_eid_owe_trans_len(struct hostapd_data *hapd) +{ +#ifdef CONFIG_OWE + if (!hostapd_eid_owe_trans_enabled(hapd)) + return 0; + return 6 + ETH_ALEN + 1 + hapd->conf->owe_transition_ssid_len; +#else /* CONFIG_OWE */ + return 0; +#endif /* CONFIG_OWE */ +} + + +u8 * hostapd_eid_owe_trans(struct hostapd_data *hapd, u8 *eid, + size_t len) +{ +#ifdef CONFIG_OWE + u8 *pos = eid; + size_t elen; + + if (hapd->conf->owe_transition_ifname[0] && + !hostapd_eid_owe_trans_enabled(hapd)) + hostapd_owe_trans_get_info(hapd); + + if (!hostapd_eid_owe_trans_enabled(hapd)) + return pos; + + elen = hostapd_eid_owe_trans_len(hapd); + if (len < elen) { + wpa_printf(MSG_DEBUG, + "OWE: Not enough room in the buffer for OWE IE"); + return pos; + } + + *pos++ = WLAN_EID_VENDOR_SPECIFIC; + *pos++ = elen - 2; + WPA_PUT_BE24(pos, OUI_WFA); + pos += 3; + *pos++ = OWE_OUI_TYPE; + os_memcpy(pos, hapd->conf->owe_transition_bssid, ETH_ALEN); + pos += ETH_ALEN; + *pos++ = hapd->conf->owe_transition_ssid_len; + os_memcpy(pos, hapd->conf->owe_transition_ssid, + hapd->conf->owe_transition_ssid_len); + pos += hapd->conf->owe_transition_ssid_len; + + return pos; +#else /* CONFIG_OWE */ + return eid; +#endif /* CONFIG_OWE */ +} + + void ap_copy_sta_supp_op_classes(struct sta_info *sta, const u8 *supp_op_classes, size_t supp_op_classes_len) @@ -584,3 +689,66 @@ void ap_copy_sta_supp_op_classes(struct sta_info *sta, os_memcpy(sta->supp_op_classes + 1, supp_op_classes, supp_op_classes_len); } + + +u8 * hostapd_eid_fils_indic(struct hostapd_data *hapd, u8 *eid, int hessid) +{ + u8 *pos = eid; +#ifdef CONFIG_FILS + u8 *len; + u16 fils_info = 0; + size_t realms; + struct fils_realm *realm; + + if (!(hapd->conf->wpa & WPA_PROTO_RSN) || + !wpa_key_mgmt_fils(hapd->conf->wpa_key_mgmt)) + return pos; + + realms = dl_list_len(&hapd->conf->fils_realms); + if (realms > 7) + realms = 7; /* 3 bit count field limits this to max 7 */ + + *pos++ = WLAN_EID_FILS_INDICATION; + len = pos++; + /* TODO: B0..B2: Number of Public Key Identifiers */ + if (hapd->conf->erp_domain) { + /* B3..B5: Number of Realm Identifiers */ + fils_info |= realms << 3; + } + /* TODO: B6: FILS IP Address Configuration */ + if (hapd->conf->fils_cache_id_set) + fils_info |= BIT(7); + if (hessid && !is_zero_ether_addr(hapd->conf->hessid)) + fils_info |= BIT(8); /* HESSID Included */ + /* FILS Shared Key Authentication without PFS Supported */ + fils_info |= BIT(9); + if (hapd->conf->fils_dh_group) { + /* FILS Shared Key Authentication with PFS Supported */ + fils_info |= BIT(10); + } + /* TODO: B11: FILS Public Key Authentication Supported */ + /* B12..B15: Reserved */ + WPA_PUT_LE16(pos, fils_info); + pos += 2; + if (hapd->conf->fils_cache_id_set) { + os_memcpy(pos, hapd->conf->fils_cache_id, FILS_CACHE_ID_LEN); + pos += FILS_CACHE_ID_LEN; + } + if (hessid && !is_zero_ether_addr(hapd->conf->hessid)) { + os_memcpy(pos, hapd->conf->hessid, ETH_ALEN); + pos += ETH_ALEN; + } + + dl_list_for_each(realm, &hapd->conf->fils_realms, struct fils_realm, + list) { + if (realms == 0) + break; + realms--; + os_memcpy(pos, realm->hash, 2); + pos += 2; + } + *len = pos - len - 1; +#endif /* CONFIG_FILS */ + + return pos; +} diff --git a/contrib/wpa/src/ap/ieee802_11_vht.c b/contrib/wpa/src/ap/ieee802_11_vht.c index f30f63bc5709..8d0662078bcf 100644 --- a/contrib/wpa/src/ap/ieee802_11_vht.c +++ b/contrib/wpa/src/ap/ieee802_11_vht.c @@ -334,7 +334,7 @@ u16 copy_sta_vht_capab(struct hostapd_data *hapd, struct sta_info *sta, { /* Disable VHT caps for STAs associated to no-VHT BSSes. */ if (!vht_capab || - hapd->conf->disable_11ac || + !hapd->iconf->ieee80211ac || hapd->conf->disable_11ac || !check_valid_vht_mcs(hapd->iface->current_mode, vht_capab)) { sta->flags &= ~WLAN_STA_VHT; os_free(sta->vht_capabilities); diff --git a/contrib/wpa/src/ap/ieee802_1x.c b/contrib/wpa/src/ap/ieee802_1x.c index 80ff996948f9..185279f9e3ef 100644 --- a/contrib/wpa/src/ap/ieee802_1x.c +++ b/contrib/wpa/src/ap/ieee802_1x.c @@ -31,6 +31,8 @@ #include "ap_drv_ops.h" #include "wps_hostapd.h" #include "hs20.h" +/* FIX: Not really a good thing to require ieee802_11.h here.. (FILS) */ +#include "ieee802_11.h" #include "ieee802_1x.h" @@ -316,6 +318,7 @@ static void ieee802_1x_learn_identity(struct hostapd_data *hapd, hdr->code != EAP_CODE_INITIATE)) return; + eap_erp_update_identity(sm->eap, eap, len); identity = eap_get_identity(sm->eap, &identity_len); if (identity == NULL) return; @@ -472,7 +475,7 @@ static int add_common_radius_sta_attr(struct hostapd_data *hapd, } } -#ifdef CONFIG_IEEE80211R +#ifdef CONFIG_IEEE80211R_AP if (hapd->conf->wpa && wpa_key_mgmt_ft(hapd->conf->wpa_key_mgmt) && sta->wpa_sm && (wpa_key_mgmt_ft(wpa_auth_sta_key_mgmt(sta->wpa_sm)) || @@ -485,7 +488,7 @@ static int add_common_radius_sta_attr(struct hostapd_data *hapd, wpa_printf(MSG_ERROR, "Could not add Mobility-Domain-Id"); return -1; } -#endif /* CONFIG_IEEE80211R */ +#endif /* CONFIG_IEEE80211R_AP */ if ((hapd->conf->wpa || hapd->conf->osen) && sta->wpa_sm && add_common_radius_sta_attr_rsn(hapd, req_attr, sta, msg) < 0) @@ -588,9 +591,9 @@ int add_common_radius_attr(struct hostapd_data *hapd, } -static void ieee802_1x_encapsulate_radius(struct hostapd_data *hapd, - struct sta_info *sta, - const u8 *eap, size_t len) +void ieee802_1x_encapsulate_radius(struct hostapd_data *hapd, + struct sta_info *sta, + const u8 *eap, size_t len) { struct radius_msg *msg; struct eapol_state_machine *sm = sta->eapol_sm; @@ -680,6 +683,8 @@ static void ieee802_1x_encapsulate_radius(struct hostapd_data *hapd, #ifdef CONFIG_HS20 if (hapd->conf->hs20) { u8 ver = 1; /* Release 2 */ + if (HS20_VERSION > 0x10) + ver = 2; /* Release 3 */ if (!radius_msg_add_wfa( msg, RADIUS_VENDOR_ATTR_WFA_HS20_AP_VERSION, &ver, 1)) { @@ -709,6 +714,41 @@ static void ieee802_1x_encapsulate_radius(struct hostapd_data *hapd, goto fail; } } + + if (sta->roaming_consortium && + !radius_msg_add_wfa( + msg, RADIUS_VENDOR_ATTR_WFA_HS20_ROAMING_CONSORTIUM, + wpabuf_head(sta->roaming_consortium), + wpabuf_len(sta->roaming_consortium))) { + wpa_printf(MSG_ERROR, + "Could not add HS 2.0 Roaming Consortium"); + goto fail; + } + + if (hapd->conf->t_c_filename) { + be32 timestamp; + + if (!radius_msg_add_wfa( + msg, + RADIUS_VENDOR_ATTR_WFA_HS20_T_C_FILENAME, + (const u8 *) hapd->conf->t_c_filename, + os_strlen(hapd->conf->t_c_filename))) { + wpa_printf(MSG_ERROR, + "Could not add HS 2.0 T&C Filename"); + goto fail; + } + + timestamp = host_to_be32(hapd->conf->t_c_timestamp); + if (!radius_msg_add_wfa( + msg, + RADIUS_VENDOR_ATTR_WFA_HS20_TIMESTAMP, + (const u8 *) ×tamp, + sizeof(timestamp))) { + wpa_printf(MSG_ERROR, + "Could not add HS 2.0 Timestamp"); + goto fail; + } + } } #endif /* CONFIG_HS20 */ @@ -845,7 +885,7 @@ static void handle_eap(struct hostapd_data *hapd, struct sta_info *sta, } -static struct eapol_state_machine * +struct eapol_state_machine * ieee802_1x_alloc_eapol_sm(struct hostapd_data *hapd, struct sta_info *sta) { int flags = 0; @@ -970,7 +1010,9 @@ void ieee802_1x_receive(struct hostapd_data *hapd, const u8 *sa, const u8 *buf, } key_mgmt = wpa_auth_sta_key_mgmt(sta->wpa_sm); - if (key_mgmt != -1 && wpa_key_mgmt_wpa_psk(key_mgmt)) { + if (key_mgmt != -1 && + (wpa_key_mgmt_wpa_psk(key_mgmt) || key_mgmt == WPA_KEY_MGMT_OWE || + key_mgmt == WPA_KEY_MGMT_DPP)) { wpa_printf(MSG_DEBUG, "IEEE 802.1X: Ignore EAPOL message - " "STA is using PSK"); return; @@ -1113,7 +1155,9 @@ void ieee802_1x_new_station(struct hostapd_data *hapd, struct sta_info *sta) } key_mgmt = wpa_auth_sta_key_mgmt(sta->wpa_sm); - if (key_mgmt != -1 && wpa_key_mgmt_wpa_psk(key_mgmt)) { + if (key_mgmt != -1 && + (wpa_key_mgmt_wpa_psk(key_mgmt) || key_mgmt == WPA_KEY_MGMT_OWE || + key_mgmt == WPA_KEY_MGMT_DPP)) { wpa_printf(MSG_DEBUG, "IEEE 802.1X: Ignore STA - using PSK"); /* * Clear any possible EAPOL authenticator state to support @@ -1154,7 +1198,7 @@ void ieee802_1x_new_station(struct hostapd_data *hapd, struct sta_info *sta) sta->eapol_sm->eap_if->portEnabled = TRUE; -#ifdef CONFIG_IEEE80211R +#ifdef CONFIG_IEEE80211R_AP if (sta->auth_alg == WLAN_AUTH_FT) { hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE8021X, HOSTAPD_LEVEL_DEBUG, @@ -1170,10 +1214,32 @@ void ieee802_1x_new_station(struct hostapd_data *hapd, struct sta_info *sta) sta->eapol_sm->portValid = TRUE; if (sta->eapol_sm->eap) eap_sm_notify_cached(sta->eapol_sm->eap); - /* TODO: get vlan_id from R0KH using RRB message */ + ap_sta_bind_vlan(hapd, sta); + return; + } +#endif /* CONFIG_IEEE80211R_AP */ + +#ifdef CONFIG_FILS + if (sta->auth_alg == WLAN_AUTH_FILS_SK || + sta->auth_alg == WLAN_AUTH_FILS_SK_PFS || + sta->auth_alg == WLAN_AUTH_FILS_PK) { + hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE8021X, + HOSTAPD_LEVEL_DEBUG, + "PMK from FILS - skip IEEE 802.1X/EAP"); + /* Setup EAPOL state machines to already authenticated state + * because of existing FILS information. */ + sta->eapol_sm->keyRun = TRUE; + sta->eapol_sm->eap_if->eapKeyAvailable = TRUE; + sta->eapol_sm->auth_pae_state = AUTH_PAE_AUTHENTICATING; + sta->eapol_sm->be_auth_state = BE_AUTH_SUCCESS; + sta->eapol_sm->authSuccess = TRUE; + sta->eapol_sm->authFail = FALSE; + sta->eapol_sm->portValid = TRUE; + if (sta->eapol_sm->eap) + eap_sm_notify_cached(sta->eapol_sm->eap); return; } -#endif /* CONFIG_IEEE80211R */ +#endif /* CONFIG_FILS */ pmksa = wpa_auth_sta_get_pmksa(sta->wpa_sm); if (pmksa) { @@ -1395,11 +1461,10 @@ static void ieee802_1x_store_radius_class(struct hostapd_data *hapd, } } while (class_len < 1); - nclass[nclass_count].data = os_malloc(class_len); + nclass[nclass_count].data = os_memdup(attr_class, class_len); if (nclass[nclass_count].data == NULL) break; - os_memcpy(nclass[nclass_count].data, attr_class, class_len); nclass[nclass_count].len = class_len; nclass_count++; } @@ -1559,6 +1624,33 @@ static void ieee802_1x_hs20_session_info(struct hostapd_data *hapd, ap_sta_session_warning_timeout(hapd, sta, warning_time); } + +static void ieee802_1x_hs20_t_c_filtering(struct hostapd_data *hapd, + struct sta_info *sta, u8 *pos, + size_t len) +{ + if (len < 4) + return; /* Malformed information */ + wpa_printf(MSG_DEBUG, + "HS 2.0: Terms and Conditions filtering %02x %02x %02x %02x", + pos[0], pos[1], pos[2], pos[3]); + hs20_t_c_filtering(hapd, sta, pos[0] & BIT(0)); +} + + +static void ieee802_1x_hs20_t_c_url(struct hostapd_data *hapd, + struct sta_info *sta, u8 *pos, size_t len) +{ + os_free(sta->t_c_url); + sta->t_c_url = os_malloc(len + 1); + if (!sta->t_c_url) + return; + os_memcpy(sta->t_c_url, pos, len); + sta->t_c_url[len] = '\0'; + wpa_printf(MSG_DEBUG, + "HS 2.0: Terms and Conditions URL %s", sta->t_c_url); +} + #endif /* CONFIG_HS20 */ @@ -1606,6 +1698,12 @@ static void ieee802_1x_check_hs20(struct hostapd_data *hapd, ieee802_1x_hs20_session_info(hapd, sta, pos, sublen, session_timeout); break; + case RADIUS_VENDOR_ATTR_WFA_HS20_T_C_FILTERING: + ieee802_1x_hs20_t_c_filtering(hapd, sta, pos, sublen); + break; + case RADIUS_VENDOR_ATTR_WFA_HS20_T_C_URL: + ieee802_1x_hs20_t_c_url(hapd, sta, pos, sublen); + break; } } #endif /* CONFIG_HS20 */ @@ -1663,6 +1761,7 @@ ieee802_1x_receive_auth(struct radius_msg *msg, struct radius_msg *req, struct sta_info *sta; u32 session_timeout = 0, termination_action, acct_interim_interval; int session_timeout_set; + u32 reason_code; struct eapol_state_machine *sm; int override_eapReq = 0; struct radius_hdr *hdr = radius_msg_get_hdr(msg); @@ -1788,14 +1887,17 @@ ieee802_1x_receive_auth(struct radius_msg *msg, struct radius_msg *req, break; sta->session_timeout_set = !!session_timeout_set; - sta->session_timeout = session_timeout; + os_get_reltime(&sta->session_timeout); + sta->session_timeout.sec += session_timeout; /* RFC 3580, Ch. 3.17 */ if (session_timeout_set && termination_action == - RADIUS_TERMINATION_ACTION_RADIUS_REQUEST) { + RADIUS_TERMINATION_ACTION_RADIUS_REQUEST) sm->reAuthPeriod = session_timeout; - } else if (session_timeout_set) + else if (session_timeout_set) ap_sta_session_timeout(hapd, sta, session_timeout); + else + ap_sta_no_session_timeout(hapd, sta); sm->eap_if->aaaSuccess = TRUE; override_eapReq = 1; @@ -1811,6 +1913,13 @@ ieee802_1x_receive_auth(struct radius_msg *msg, struct radius_msg *req, case RADIUS_CODE_ACCESS_REJECT: sm->eap_if->aaaFail = TRUE; override_eapReq = 1; + if (radius_msg_get_attr_int32(msg, RADIUS_ATTR_WLAN_REASON_CODE, + &reason_code) == 0) { + wpa_printf(MSG_DEBUG, + "RADIUS server indicated WLAN-Reason-Code %u in Access-Reject for " + MACSTR, reason_code, MAC2STR(sta->addr)); + sta->disconnect_reason_code = reason_code; + } break; case RADIUS_CODE_ACCESS_CHALLENGE: sm->eap_if->aaaEapReq = TRUE; @@ -1837,6 +1946,19 @@ ieee802_1x_receive_auth(struct radius_msg *msg, struct radius_msg *req, if (override_eapReq) sm->eap_if->aaaEapReq = FALSE; +#ifdef CONFIG_FILS +#ifdef NEED_AP_MLME + if (sta->flags & WLAN_STA_PENDING_FILS_ERP) { + /* TODO: Add a PMKSA entry on success? */ + ieee802_11_finish_fils_auth( + hapd, sta, hdr->code == RADIUS_CODE_ACCESS_ACCEPT, + sm->eap_if->aaaEapReqData, + sm->eap_if->aaaEapKeyData, + sm->eap_if->aaaEapKeyDataLen); + } +#endif /* NEED_AP_MLME */ +#endif /* CONFIG_FILS */ + eapol_auth_step(sm); return RADIUS_RX_QUEUED; @@ -1924,7 +2046,7 @@ static void ieee802_1x_rekey(void *eloop_ctx, void *timeout_ctx) wpa_printf(MSG_DEBUG, "IEEE 802.1X: New default WEP key index %d", eapol->default_wep_key_idx); - + if (ieee802_1x_rekey_broadcast(hapd)) { hostapd_logger(hapd, NULL, HOSTAPD_MODULE_IEEE8021X, HOSTAPD_LEVEL_WARNING, "failed to generate a " @@ -2034,13 +2156,19 @@ static int ieee802_1x_get_eap_user(void *ctx, const u8 *identity, } if (eap_user->password) { - user->password = os_malloc(eap_user->password_len); + user->password = os_memdup(eap_user->password, + eap_user->password_len); if (user->password == NULL) goto out; - os_memcpy(user->password, eap_user->password, - eap_user->password_len); user->password_len = eap_user->password_len; user->password_hash = eap_user->password_hash; + if (eap_user->salt && eap_user->salt_len) { + user->salt = os_memdup(eap_user->salt, + eap_user->salt_len); + if (!user->salt) + goto out; + user->salt_len = eap_user->salt_len; + } } user->force_version = eap_user->force_version; user->macacl = eap_user->macacl; @@ -2190,6 +2318,7 @@ int ieee802_1x_init(struct hostapd_data *hapd) conf.erp_domain = hapd->conf->erp_domain; conf.erp = hapd->conf->eap_server_erp; conf.tls_session_lifetime = hapd->conf->tls_session_lifetime; + conf.tls_flags = hapd->conf->tls_flags; conf.pac_opaque_encr_key = hapd->conf->pac_opaque_encr_key; conf.eap_fast_a_id = hapd->conf->eap_fast_a_id; conf.eap_fast_a_id_len = hapd->conf->eap_fast_a_id_len; @@ -2326,6 +2455,16 @@ int ieee802_1x_eapol_tx_status(struct hostapd_data *hapd, struct sta_info *sta, MAC2STR(sta->addr), xhdr->version, xhdr->type, be_to_host16(xhdr->length), ack); +#ifdef CONFIG_WPS + if (xhdr->type == IEEE802_1X_TYPE_EAP_PACKET && ack && + (sta->flags & WLAN_STA_WPS) && + ap_sta_pending_delayed_1x_auth_fail_disconnect(hapd, sta)) { + wpa_printf(MSG_DEBUG, + "WPS: Indicate EAP completion on ACK for EAP-Failure"); + hostapd_wps_eap_completed(hapd); + } +#endif /* CONFIG_WPS */ + if (xhdr->type != IEEE802_1X_TYPE_EAPOL_KEY) return 0; @@ -2642,6 +2781,15 @@ static void ieee802_1x_wnm_notif_send(void *eloop_ctx, void *timeout_ctx) hs20_send_wnm_notification_deauth_req(hapd, sta->addr, sta->hs20_deauth_req); } + + if (sta->hs20_t_c_filtering) { + wpa_printf(MSG_DEBUG, "HS 2.0: Send WNM-Notification to " + MACSTR " to indicate Terms and Conditions filtering", + MAC2STR(sta->addr)); + hs20_send_wnm_notification_t_c(hapd, sta->addr, sta->t_c_url); + os_free(sta->t_c_url); + sta->t_c_url = NULL; + } } #endif /* CONFIG_HS20 */ @@ -2655,6 +2803,7 @@ static void ieee802_1x_finished(struct hostapd_data *hapd, /* TODO: get PMKLifetime from WPA parameters */ static const int dot11RSNAConfigPMKLifetime = 43200; unsigned int session_timeout; + struct os_reltime now, remaining; #ifdef CONFIG_HS20 if (remediation && !sta->remediation) { @@ -2665,7 +2814,8 @@ static void ieee802_1x_finished(struct hostapd_data *hapd, sta->remediation_method = 1; /* SOAP-XML SPP */ } - if (success && (sta->remediation || sta->hs20_deauth_req)) { + if (success && (sta->remediation || sta->hs20_deauth_req || + sta->hs20_t_c_filtering)) { wpa_printf(MSG_DEBUG, "HS 2.0: Schedule WNM-Notification to " MACSTR " in 100 ms", MAC2STR(sta->addr)); eloop_cancel_timeout(ieee802_1x_wnm_notif_send, hapd, sta); @@ -2675,10 +2825,13 @@ static void ieee802_1x_finished(struct hostapd_data *hapd, #endif /* CONFIG_HS20 */ key = ieee802_1x_get_key(sta->eapol_sm, &len); - if (sta->session_timeout_set) - session_timeout = sta->session_timeout; - else + if (sta->session_timeout_set) { + os_get_reltime(&now); + os_reltime_sub(&sta->session_timeout, &now, &remaining); + session_timeout = (remaining.sec > 0) ? remaining.sec : 1; + } else { session_timeout = dot11RSNAConfigPMKLifetime; + } if (success && key && len >= PMK_LEN && !sta->remediation && !sta->hs20_deauth_requested && wpa_auth_pmksa_add(sta->wpa_sm, key, len, session_timeout, @@ -2699,15 +2852,6 @@ static void ieee802_1x_finished(struct hostapd_data *hapd, * EAP-FAST with anonymous provisioning, may require another * EAPOL authentication to be started to complete connection. */ - wpa_dbg(hapd->msg_ctx, MSG_DEBUG, "IEEE 802.1X: Force " - "disconnection after EAP-Failure"); - /* Add a small sleep to increase likelihood of previously - * requested EAP-Failure TX getting out before this should the - * driver reorder operations. - */ - os_sleep(0, 10000); - ap_sta_disconnect(hapd, sta, sta->addr, - WLAN_REASON_IEEE_802_1X_AUTH_FAILED); - hostapd_wps_eap_completed(hapd); + ap_sta_delayed_1x_auth_fail_disconnect(hapd, sta); } } diff --git a/contrib/wpa/src/ap/ieee802_1x.h b/contrib/wpa/src/ap/ieee802_1x.h index ec80199007b6..9594661be8ee 100644 --- a/contrib/wpa/src/ap/ieee802_1x.h +++ b/contrib/wpa/src/ap/ieee802_1x.h @@ -57,5 +57,10 @@ int add_common_radius_attr(struct hostapd_data *hapd, struct hostapd_radius_attr *req_attr, struct sta_info *sta, struct radius_msg *msg); +void ieee802_1x_encapsulate_radius(struct hostapd_data *hapd, + struct sta_info *sta, + const u8 *eap, size_t len); +struct eapol_state_machine * +ieee802_1x_alloc_eapol_sm(struct hostapd_data *hapd, struct sta_info *sta); #endif /* IEEE802_1X_H */ diff --git a/contrib/wpa/src/ap/ndisc_snoop.c b/contrib/wpa/src/ap/ndisc_snoop.c index 3c086bfc7131..4d6a92e086bd 100644 --- a/contrib/wpa/src/ap/ndisc_snoop.c +++ b/contrib/wpa/src/ap/ndisc_snoop.c @@ -182,4 +182,5 @@ int ndisc_snoop_init(struct hostapd_data *hapd) void ndisc_snoop_deinit(struct hostapd_data *hapd) { l2_packet_deinit(hapd->sock_ndisc); + hapd->sock_ndisc = NULL; } diff --git a/contrib/wpa/src/ap/neighbor_db.c b/contrib/wpa/src/ap/neighbor_db.c index a2efff618286..b8fd5924b889 100644 --- a/contrib/wpa/src/ap/neighbor_db.c +++ b/contrib/wpa/src/ap/neighbor_db.c @@ -43,6 +43,7 @@ static void hostapd_neighbor_clear_entry(struct hostapd_neighbor_entry *nr) nr->civic = NULL; os_memset(nr->bssid, 0, sizeof(nr->bssid)); os_memset(&nr->ssid, 0, sizeof(nr->ssid)); + nr->stationary = 0; } @@ -64,7 +65,7 @@ hostapd_neighbor_add(struct hostapd_data *hapd) int hostapd_neighbor_set(struct hostapd_data *hapd, const u8 *bssid, const struct wpa_ssid_value *ssid, const struct wpabuf *nr, const struct wpabuf *lci, - const struct wpabuf *civic) + const struct wpabuf *civic, int stationary) { struct hostapd_neighbor_entry *entry; @@ -83,18 +84,20 @@ int hostapd_neighbor_set(struct hostapd_data *hapd, const u8 *bssid, if (!entry->nr) goto fail; - if (lci) { + if (lci && wpabuf_len(lci)) { entry->lci = wpabuf_dup(lci); if (!entry->lci || os_get_time(&entry->lci_date)) goto fail; } - if (civic) { + if (civic && wpabuf_len(civic)) { entry->civic = wpabuf_dup(civic); if (!entry->civic) goto fail; } + entry->stationary = stationary; + return 0; fail: diff --git a/contrib/wpa/src/ap/neighbor_db.h b/contrib/wpa/src/ap/neighbor_db.h index c22e043c120e..ba46d88435e5 100644 --- a/contrib/wpa/src/ap/neighbor_db.h +++ b/contrib/wpa/src/ap/neighbor_db.h @@ -16,7 +16,7 @@ hostapd_neighbor_get(struct hostapd_data *hapd, const u8 *bssid, int hostapd_neighbor_set(struct hostapd_data *hapd, const u8 *bssid, const struct wpa_ssid_value *ssid, const struct wpabuf *nr, const struct wpabuf *lci, - const struct wpabuf *civic); + const struct wpabuf *civic, int stationary); int hostapd_neighbor_remove(struct hostapd_data *hapd, const u8 *bssid, const struct wpa_ssid_value *ssid); void hostpad_free_neighbor_db(struct hostapd_data *hapd); diff --git a/contrib/wpa/src/ap/peerkey_auth.c b/contrib/wpa/src/ap/peerkey_auth.c deleted file mode 100644 index efc1d7e4c78f..000000000000 --- a/contrib/wpa/src/ap/peerkey_auth.c +++ /dev/null @@ -1,396 +0,0 @@ -/* - * hostapd - PeerKey for Direct Link Setup (DLS) - * Copyright (c) 2006-2009, Jouni Malinen <j@w1.fi> - * - * This software may be distributed under the terms of the BSD license. - * See README for more details. - */ - -#include "utils/includes.h" - -#include "utils/common.h" -#include "utils/eloop.h" -#include "crypto/sha1.h" -#include "crypto/sha256.h" -#include "crypto/random.h" -#include "wpa_auth.h" -#include "wpa_auth_i.h" -#include "wpa_auth_ie.h" - -#ifdef CONFIG_PEERKEY - -static void wpa_stsl_step(void *eloop_ctx, void *timeout_ctx) -{ -#if 0 - struct wpa_authenticator *wpa_auth = eloop_ctx; - struct wpa_stsl_negotiation *neg = timeout_ctx; -#endif - - /* TODO: ? */ -} - - -struct wpa_stsl_search { - const u8 *addr; - struct wpa_state_machine *sm; -}; - - -static int wpa_stsl_select_sta(struct wpa_state_machine *sm, void *ctx) -{ - struct wpa_stsl_search *search = ctx; - if (os_memcmp(search->addr, sm->addr, ETH_ALEN) == 0) { - search->sm = sm; - return 1; - } - return 0; -} - - -static void wpa_smk_send_error(struct wpa_authenticator *wpa_auth, - struct wpa_state_machine *sm, const u8 *peer, - u16 mui, u16 error_type) -{ - u8 kde[2 + RSN_SELECTOR_LEN + ETH_ALEN + - 2 + RSN_SELECTOR_LEN + sizeof(struct rsn_error_kde)]; - u8 *pos; - struct rsn_error_kde error; - - wpa_auth_logger(wpa_auth, sm->addr, LOGGER_DEBUG, - "Sending SMK Error"); - - pos = kde; - - if (peer) { - pos = wpa_add_kde(pos, RSN_KEY_DATA_MAC_ADDR, peer, ETH_ALEN, - NULL, 0); - } - - error.mui = host_to_be16(mui); - error.error_type = host_to_be16(error_type); - pos = wpa_add_kde(pos, RSN_KEY_DATA_ERROR, - (u8 *) &error, sizeof(error), NULL, 0); - - __wpa_send_eapol(wpa_auth, sm, - WPA_KEY_INFO_SECURE | WPA_KEY_INFO_MIC | - WPA_KEY_INFO_SMK_MESSAGE | WPA_KEY_INFO_ERROR, - NULL, NULL, kde, pos - kde, 0, 0, 0); -} - - -void wpa_smk_m1(struct wpa_authenticator *wpa_auth, - struct wpa_state_machine *sm, struct wpa_eapol_key *key, - const u8 *key_data, size_t key_data_len) -{ - struct wpa_eapol_ie_parse kde; - struct wpa_stsl_search search; - u8 *buf, *pos; - size_t buf_len; - - if (wpa_parse_kde_ies(key_data, key_data_len, &kde) < 0) { - wpa_printf(MSG_INFO, "RSN: Failed to parse KDEs in SMK M1"); - return; - } - - if (kde.rsn_ie == NULL || kde.mac_addr == NULL || - kde.mac_addr_len < ETH_ALEN) { - wpa_printf(MSG_INFO, "RSN: No RSN IE or MAC address KDE in " - "SMK M1"); - return; - } - - /* Initiator = sm->addr; Peer = kde.mac_addr */ - - search.addr = kde.mac_addr; - search.sm = NULL; - if (wpa_auth_for_each_sta(wpa_auth, wpa_stsl_select_sta, &search) == - 0 || search.sm == NULL) { - wpa_printf(MSG_DEBUG, "RSN: SMK handshake with " MACSTR - " aborted - STA not associated anymore", - MAC2STR(kde.mac_addr)); - wpa_smk_send_error(wpa_auth, sm, kde.mac_addr, STK_MUI_SMK, - STK_ERR_STA_NR); - /* FIX: wpa_stsl_remove(wpa_auth, neg); */ - return; - } - - buf_len = kde.rsn_ie_len + 2 + RSN_SELECTOR_LEN + ETH_ALEN; - buf = os_malloc(buf_len); - if (buf == NULL) - return; - /* Initiator RSN IE */ - os_memcpy(buf, kde.rsn_ie, kde.rsn_ie_len); - pos = buf + kde.rsn_ie_len; - /* Initiator MAC Address */ - pos = wpa_add_kde(pos, RSN_KEY_DATA_MAC_ADDR, sm->addr, ETH_ALEN, - NULL, 0); - - /* SMK M2: - * EAPOL-Key(S=1, M=1, A=1, I=0, K=0, SM=1, KeyRSC=0, Nonce=INonce, - * MIC=MIC, DataKDs=(RSNIE_I, MAC_I KDE) - */ - - wpa_auth_logger(wpa_auth, search.sm->addr, LOGGER_DEBUG, - "Sending SMK M2"); - - __wpa_send_eapol(wpa_auth, search.sm, - WPA_KEY_INFO_SECURE | WPA_KEY_INFO_MIC | - WPA_KEY_INFO_ACK | WPA_KEY_INFO_SMK_MESSAGE, - NULL, key->key_nonce, buf, pos - buf, 0, 0, 0); - - os_free(buf); -} - - -static void wpa_send_smk_m4(struct wpa_authenticator *wpa_auth, - struct wpa_state_machine *sm, - struct wpa_eapol_key *key, - struct wpa_eapol_ie_parse *kde, - const u8 *smk) -{ - u8 *buf, *pos; - size_t buf_len; - u32 lifetime; - - /* SMK M4: - * EAPOL-Key(S=1, M=1, A=0, I=1, K=0, SM=1, KeyRSC=0, Nonce=PNonce, - * MIC=MIC, DataKDs=(MAC_I KDE, INonce KDE, SMK KDE, - * Lifetime KDE) - */ - - buf_len = 2 + RSN_SELECTOR_LEN + ETH_ALEN + - 2 + RSN_SELECTOR_LEN + WPA_NONCE_LEN + - 2 + RSN_SELECTOR_LEN + PMK_LEN + WPA_NONCE_LEN + - 2 + RSN_SELECTOR_LEN + sizeof(lifetime); - pos = buf = os_malloc(buf_len); - if (buf == NULL) - return; - - /* Initiator MAC Address */ - pos = wpa_add_kde(pos, RSN_KEY_DATA_MAC_ADDR, kde->mac_addr, ETH_ALEN, - NULL, 0); - - /* Initiator Nonce */ - pos = wpa_add_kde(pos, RSN_KEY_DATA_NONCE, kde->nonce, WPA_NONCE_LEN, - NULL, 0); - - /* SMK with PNonce */ - pos = wpa_add_kde(pos, RSN_KEY_DATA_SMK, smk, PMK_LEN, - key->key_nonce, WPA_NONCE_LEN); - - /* Lifetime */ - lifetime = htonl(43200); /* dot11RSNAConfigSMKLifetime */ - pos = wpa_add_kde(pos, RSN_KEY_DATA_LIFETIME, - (u8 *) &lifetime, sizeof(lifetime), NULL, 0); - - wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG, - "Sending SMK M4"); - - __wpa_send_eapol(wpa_auth, sm, - WPA_KEY_INFO_SECURE | WPA_KEY_INFO_MIC | - WPA_KEY_INFO_INSTALL | WPA_KEY_INFO_SMK_MESSAGE, - NULL, key->key_nonce, buf, pos - buf, 0, 1, 0); - - os_free(buf); -} - - -static void wpa_send_smk_m5(struct wpa_authenticator *wpa_auth, - struct wpa_state_machine *sm, - struct wpa_eapol_key *key, - struct wpa_eapol_ie_parse *kde, - const u8 *smk, const u8 *peer) -{ - u8 *buf, *pos; - size_t buf_len; - u32 lifetime; - - /* SMK M5: - * EAPOL-Key(S=1, M=1, A=0, I=0, K=0, SM=1, KeyRSC=0, Nonce=INonce, - * MIC=MIC, DataKDs=(RSNIE_P, MAC_P KDE, PNonce, SMK KDE, - * Lifetime KDE)) - */ - - buf_len = kde->rsn_ie_len + - 2 + RSN_SELECTOR_LEN + ETH_ALEN + - 2 + RSN_SELECTOR_LEN + WPA_NONCE_LEN + - 2 + RSN_SELECTOR_LEN + PMK_LEN + WPA_NONCE_LEN + - 2 + RSN_SELECTOR_LEN + sizeof(lifetime); - pos = buf = os_malloc(buf_len); - if (buf == NULL) - return; - - /* Peer RSN IE */ - os_memcpy(pos, kde->rsn_ie, kde->rsn_ie_len); - pos += kde->rsn_ie_len; - - /* Peer MAC Address */ - pos = wpa_add_kde(pos, RSN_KEY_DATA_MAC_ADDR, peer, ETH_ALEN, NULL, 0); - - /* PNonce */ - pos = wpa_add_kde(pos, RSN_KEY_DATA_NONCE, key->key_nonce, - WPA_NONCE_LEN, NULL, 0); - - /* SMK and INonce */ - pos = wpa_add_kde(pos, RSN_KEY_DATA_SMK, smk, PMK_LEN, - kde->nonce, WPA_NONCE_LEN); - - /* Lifetime */ - lifetime = htonl(43200); /* dot11RSNAConfigSMKLifetime */ - pos = wpa_add_kde(pos, RSN_KEY_DATA_LIFETIME, - (u8 *) &lifetime, sizeof(lifetime), NULL, 0); - - wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG, - "Sending SMK M5"); - - __wpa_send_eapol(wpa_auth, sm, - WPA_KEY_INFO_SECURE | WPA_KEY_INFO_MIC | - WPA_KEY_INFO_SMK_MESSAGE, - NULL, kde->nonce, buf, pos - buf, 0, 1, 0); - - os_free(buf); -} - - -void wpa_smk_m3(struct wpa_authenticator *wpa_auth, - struct wpa_state_machine *sm, struct wpa_eapol_key *key, - const u8 *key_data, size_t key_data_len) -{ - struct wpa_eapol_ie_parse kde; - struct wpa_stsl_search search; - u8 smk[32], buf[ETH_ALEN + 8 + 2 * WPA_NONCE_LEN], *pos; - - if (wpa_parse_kde_ies(key_data, key_data_len, &kde) < 0) { - wpa_printf(MSG_INFO, "RSN: Failed to parse KDEs in SMK M3"); - return; - } - - if (kde.rsn_ie == NULL || - kde.mac_addr == NULL || kde.mac_addr_len < ETH_ALEN || - kde.nonce == NULL || kde.nonce_len < WPA_NONCE_LEN) { - wpa_printf(MSG_INFO, "RSN: No RSN IE, MAC address KDE, or " - "Nonce KDE in SMK M3"); - return; - } - - /* Peer = sm->addr; Initiator = kde.mac_addr; - * Peer Nonce = key->key_nonce; Initiator Nonce = kde.nonce */ - - search.addr = kde.mac_addr; - search.sm = NULL; - if (wpa_auth_for_each_sta(wpa_auth, wpa_stsl_select_sta, &search) == - 0 || search.sm == NULL) { - wpa_printf(MSG_DEBUG, "RSN: SMK handshake with " MACSTR - " aborted - STA not associated anymore", - MAC2STR(kde.mac_addr)); - wpa_smk_send_error(wpa_auth, sm, kde.mac_addr, STK_MUI_SMK, - STK_ERR_STA_NR); - /* FIX: wpa_stsl_remove(wpa_auth, neg); */ - return; - } - - if (random_get_bytes(smk, PMK_LEN)) { - wpa_printf(MSG_DEBUG, "RSN: Failed to generate SMK"); - return; - } - - /* SMK = PRF-256(Random number, "SMK Derivation", - * AA || Time || INonce || PNonce) - */ - os_memcpy(buf, wpa_auth->addr, ETH_ALEN); - pos = buf + ETH_ALEN; - wpa_get_ntp_timestamp(pos); - pos += 8; - os_memcpy(pos, kde.nonce, WPA_NONCE_LEN); - pos += WPA_NONCE_LEN; - os_memcpy(pos, key->key_nonce, WPA_NONCE_LEN); -#ifdef CONFIG_IEEE80211W - sha256_prf(smk, PMK_LEN, "SMK Derivation", buf, sizeof(buf), - smk, PMK_LEN); -#else /* CONFIG_IEEE80211W */ - sha1_prf(smk, PMK_LEN, "SMK Derivation", buf, sizeof(buf), - smk, PMK_LEN); -#endif /* CONFIG_IEEE80211W */ - - wpa_hexdump_key(MSG_DEBUG, "RSN: SMK", smk, PMK_LEN); - - wpa_send_smk_m4(wpa_auth, sm, key, &kde, smk); - wpa_send_smk_m5(wpa_auth, search.sm, key, &kde, smk, sm->addr); - - /* Authenticator does not need SMK anymore and it is required to forget - * it. */ - os_memset(smk, 0, sizeof(*smk)); -} - - -void wpa_smk_error(struct wpa_authenticator *wpa_auth, - struct wpa_state_machine *sm, - const u8 *key_data, size_t key_data_len) -{ - struct wpa_eapol_ie_parse kde; - struct wpa_stsl_search search; - struct rsn_error_kde error; - u16 mui, error_type; - - if (wpa_parse_kde_ies(key_data, key_data_len, &kde) < 0) { - wpa_printf(MSG_INFO, "RSN: Failed to parse KDEs in SMK Error"); - return; - } - - if (kde.mac_addr == NULL || kde.mac_addr_len < ETH_ALEN || - kde.error == NULL || kde.error_len < sizeof(error)) { - wpa_printf(MSG_INFO, "RSN: No MAC address or Error KDE in " - "SMK Error"); - return; - } - - search.addr = kde.mac_addr; - search.sm = NULL; - if (wpa_auth_for_each_sta(wpa_auth, wpa_stsl_select_sta, &search) == - 0 || search.sm == NULL) { - wpa_printf(MSG_DEBUG, "RSN: Peer STA " MACSTR " not " - "associated for SMK Error message from " MACSTR, - MAC2STR(kde.mac_addr), MAC2STR(sm->addr)); - return; - } - - os_memcpy(&error, kde.error, sizeof(error)); - mui = be_to_host16(error.mui); - error_type = be_to_host16(error.error_type); - wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_INFO, - "STA reported SMK Error: Peer " MACSTR - " MUI %d Error Type %d", - MAC2STR(kde.mac_addr), mui, error_type); - - wpa_smk_send_error(wpa_auth, search.sm, sm->addr, mui, error_type); -} - - -int wpa_stsl_remove(struct wpa_authenticator *wpa_auth, - struct wpa_stsl_negotiation *neg) -{ - struct wpa_stsl_negotiation *pos, *prev; - - if (wpa_auth == NULL) - return -1; - pos = wpa_auth->stsl_negotiations; - prev = NULL; - while (pos) { - if (pos == neg) { - if (prev) - prev->next = pos->next; - else - wpa_auth->stsl_negotiations = pos->next; - - eloop_cancel_timeout(wpa_stsl_step, wpa_auth, pos); - os_free(pos); - return 0; - } - prev = pos; - pos = pos->next; - } - - return -1; -} - -#endif /* CONFIG_PEERKEY */ diff --git a/contrib/wpa/src/ap/pmksa_cache_auth.c b/contrib/wpa/src/ap/pmksa_cache_auth.c index d610e7e5b005..15e2c4943f2b 100644 --- a/contrib/wpa/src/ap/pmksa_cache_auth.c +++ b/contrib/wpa/src/ap/pmksa_cache_auth.c @@ -282,7 +282,42 @@ pmksa_cache_auth_add(struct rsn_pmksa_cache *pmksa, const u8 *aa, const u8 *spa, int session_timeout, struct eapol_state_machine *eapol, int akmp) { - struct rsn_pmksa_cache_entry *entry, *pos; + struct rsn_pmksa_cache_entry *entry; + + entry = pmksa_cache_auth_create_entry(pmk, pmk_len, pmkid, kck, kck_len, + aa, spa, session_timeout, eapol, + akmp); + + if (pmksa_cache_auth_add_entry(pmksa, entry) < 0) + return NULL; + + return entry; +} + + +/** + * pmksa_cache_auth_create_entry - Create a PMKSA cache entry + * @pmk: The new pairwise master key + * @pmk_len: PMK length in bytes, usually PMK_LEN (32) + * @pmkid: Calculated PMKID + * @kck: Key confirmation key or %NULL if not yet derived + * @kck_len: KCK length in bytes + * @aa: Authenticator address + * @spa: Supplicant address + * @session_timeout: Session timeout + * @eapol: Pointer to EAPOL state machine data + * @akmp: WPA_KEY_MGMT_* used in key derivation + * Returns: Pointer to the added PMKSA cache entry or %NULL on error + * + * This function creates a PMKSA entry. + */ +struct rsn_pmksa_cache_entry * +pmksa_cache_auth_create_entry(const u8 *pmk, size_t pmk_len, const u8 *pmkid, + const u8 *kck, size_t kck_len, const u8 *aa, + const u8 *spa, int session_timeout, + struct eapol_state_machine *eapol, int akmp) +{ + struct rsn_pmksa_cache_entry *entry; struct os_reltime now; if (pmk_len > PMK_LEN_MAX) @@ -303,8 +338,7 @@ pmksa_cache_auth_add(struct rsn_pmksa_cache *pmksa, else if (wpa_key_mgmt_suite_b(akmp)) rsn_pmkid_suite_b(kck, kck_len, aa, spa, entry->pmkid); else - rsn_pmkid(pmk, pmk_len, aa, spa, entry->pmkid, - wpa_key_mgmt_sha256(akmp)); + rsn_pmkid(pmk, pmk_len, aa, spa, entry->pmkid, akmp); os_get_reltime(&now); entry->expiration = now.sec; if (session_timeout > 0) @@ -315,9 +349,30 @@ pmksa_cache_auth_add(struct rsn_pmksa_cache *pmksa, os_memcpy(entry->spa, spa, ETH_ALEN); pmksa_cache_from_eapol_data(entry, eapol); + return entry; +} + + +/** + * pmksa_cache_auth_add_entry - Add a PMKSA cache entry + * @pmksa: Pointer to PMKSA cache data from pmksa_cache_auth_init() + * @entry: Pointer to PMKSA cache entry + * + * This function adds PMKSA cache entry to the PMKSA cache. If an old entry is + * already in the cache for the same Supplicant, this entry will be replaced + * with the new entry. PMKID will be calculated based on the PMK. + */ +int pmksa_cache_auth_add_entry(struct rsn_pmksa_cache *pmksa, + struct rsn_pmksa_cache_entry *entry) +{ + struct rsn_pmksa_cache_entry *pos; + + if (entry == NULL) + return -1; + /* Replace an old entry for the same STA (if found) with the new entry */ - pos = pmksa_cache_auth_get(pmksa, spa, NULL); + pos = pmksa_cache_auth_get(pmksa, entry->spa, NULL); if (pos) pmksa_cache_free_entry(pmksa, pos); @@ -331,7 +386,7 @@ pmksa_cache_auth_add(struct rsn_pmksa_cache *pmksa, pmksa_cache_link_entry(pmksa, entry); - return entry; + return 0; } @@ -462,7 +517,7 @@ struct rsn_pmksa_cache_entry * pmksa_cache_get_okc( if (os_memcmp(entry->spa, spa, ETH_ALEN) != 0) continue; rsn_pmkid(entry->pmk, entry->pmk_len, aa, spa, new_pmkid, - wpa_key_mgmt_sha256(entry->akmp)); + entry->akmp); if (os_memcmp(new_pmkid, pmkid, PMKID_LEN) == 0) return entry; } @@ -605,3 +660,70 @@ int pmksa_cache_auth_list(struct rsn_pmksa_cache *pmksa, char *buf, size_t len) } return pos - buf; } + + +#ifdef CONFIG_PMKSA_CACHE_EXTERNAL +#ifdef CONFIG_MESH + +/** + * pmksa_cache_auth_list_mesh - Dump text list of entries in PMKSA cache + * @pmksa: Pointer to PMKSA cache data from pmksa_cache_auth_init() + * @addr: MAC address of the peer (NULL means any) + * @buf: Buffer for the list + * @len: Length of the buffer + * Returns: Number of bytes written to buffer + * + * This function is used to generate a text format representation of the + * current PMKSA cache contents for the ctrl_iface PMKSA_GET command to store + * in external storage. + */ +int pmksa_cache_auth_list_mesh(struct rsn_pmksa_cache *pmksa, const u8 *addr, + char *buf, size_t len) +{ + int ret; + char *pos, *end; + struct rsn_pmksa_cache_entry *entry; + struct os_reltime now; + + pos = buf; + end = buf + len; + os_get_reltime(&now); + + + /* + * Entry format: + * <BSSID> <PMKID> <PMK> <expiration in seconds> + */ + for (entry = pmksa->pmksa; entry; entry = entry->next) { + if (addr && os_memcmp(entry->spa, addr, ETH_ALEN) != 0) + continue; + + ret = os_snprintf(pos, end - pos, MACSTR " ", + MAC2STR(entry->spa)); + if (os_snprintf_error(end - pos, ret)) + return 0; + pos += ret; + + pos += wpa_snprintf_hex(pos, end - pos, entry->pmkid, + PMKID_LEN); + + ret = os_snprintf(pos, end - pos, " "); + if (os_snprintf_error(end - pos, ret)) + return 0; + pos += ret; + + pos += wpa_snprintf_hex(pos, end - pos, entry->pmk, + entry->pmk_len); + + ret = os_snprintf(pos, end - pos, " %d\n", + (int) (entry->expiration - now.sec)); + if (os_snprintf_error(end - pos, ret)) + return 0; + pos += ret; + } + + return pos - buf; +} + +#endif /* CONFIG_MESH */ +#endif /* CONFIG_PMKSA_CACHE_EXTERNAL */ diff --git a/contrib/wpa/src/ap/pmksa_cache_auth.h b/contrib/wpa/src/ap/pmksa_cache_auth.h index d8d9c5a25c0e..2ef217435b11 100644 --- a/contrib/wpa/src/ap/pmksa_cache_auth.h +++ b/contrib/wpa/src/ap/pmksa_cache_auth.h @@ -35,6 +35,7 @@ struct rsn_pmksa_cache_entry { }; struct rsn_pmksa_cache; +struct radius_das_attrs; struct rsn_pmksa_cache * pmksa_cache_auth_init(void (*free_cb)(struct rsn_pmksa_cache_entry *entry, @@ -53,6 +54,13 @@ pmksa_cache_auth_add(struct rsn_pmksa_cache *pmksa, const u8 *aa, const u8 *spa, int session_timeout, struct eapol_state_machine *eapol, int akmp); struct rsn_pmksa_cache_entry * +pmksa_cache_auth_create_entry(const u8 *pmk, size_t pmk_len, const u8 *pmkid, + const u8 *kck, size_t kck_len, const u8 *aa, + const u8 *spa, int session_timeout, + struct eapol_state_machine *eapol, int akmp); +int pmksa_cache_auth_add_entry(struct rsn_pmksa_cache *pmksa, + struct rsn_pmksa_cache_entry *entry); +struct rsn_pmksa_cache_entry * pmksa_cache_add_okc(struct rsn_pmksa_cache *pmksa, const struct rsn_pmksa_cache_entry *old_entry, const u8 *aa, const u8 *pmkid); @@ -65,5 +73,7 @@ int pmksa_cache_auth_radius_das_disconnect(struct rsn_pmksa_cache *pmksa, struct radius_das_attrs *attr); int pmksa_cache_auth_list(struct rsn_pmksa_cache *pmksa, char *buf, size_t len); void pmksa_cache_auth_flush(struct rsn_pmksa_cache *pmksa); +int pmksa_cache_auth_list_mesh(struct rsn_pmksa_cache *pmksa, const u8 *addr, + char *buf, size_t len); #endif /* PMKSA_CACHE_H */ diff --git a/contrib/wpa/src/ap/rrm.c b/contrib/wpa/src/ap/rrm.c index 3569f955bcd2..56ed29c1c068 100644 --- a/contrib/wpa/src/ap/rrm.c +++ b/contrib/wpa/src/ap/rrm.c @@ -2,6 +2,7 @@ * hostapd / Radio Measurement (RRM) * Copyright(c) 2013 - 2016 Intel Mobile Communications GmbH. * Copyright(c) 2011 - 2016 Intel Corporation. All rights reserved. + * Copyright (c) 2016-2017, Jouni Malinen <j@w1.fi> * * This software may be distributed under the terms of the BSD license. * See README for more details. @@ -10,6 +11,7 @@ #include "utils/includes.h" #include "utils/common.h" +#include "common/wpa_ctrl.h" #include "hostapd.h" #include "ap_drv_ops.h" #include "sta_info.h" @@ -69,24 +71,47 @@ static void hostapd_handle_range_report(struct hostapd_data *hapd, u8 token, } +static void hostapd_handle_beacon_report(struct hostapd_data *hapd, + const u8 *addr, u8 token, u8 rep_mode, + const u8 *pos, size_t len) +{ + char report[2 * 255 + 1]; + + wpa_printf(MSG_DEBUG, "Beacon report token %u len %zu from " MACSTR, + token, len, MAC2STR(addr)); + /* Skip to the beginning of the Beacon report */ + if (len < 3) + return; + pos += 3; + len -= 3; + report[0] = '\0'; + if (wpa_snprintf_hex(report, sizeof(report), pos, len) < 0) + return; + wpa_msg(hapd->msg_ctx, MSG_INFO, BEACON_RESP_RX MACSTR " %u %02x %s", + MAC2STR(addr), token, rep_mode, report); +} + + static void hostapd_handle_radio_msmt_report(struct hostapd_data *hapd, const u8 *buf, size_t len) { const struct ieee80211_mgmt *mgmt = (const struct ieee80211_mgmt *) buf; const u8 *pos, *ie, *end; - u8 token; + u8 token, rep_mode; end = buf + len; token = mgmt->u.action.u.rrm.dialog_token; pos = mgmt->u.action.u.rrm.variable; while ((ie = get_ie(pos, end - pos, WLAN_EID_MEASURE_REPORT))) { - if (ie[1] < 5) { + if (ie[1] < 3) { wpa_printf(MSG_DEBUG, "Bad Measurement Report element"); break; } - wpa_printf(MSG_DEBUG, "Measurement report type %u", ie[4]); + rep_mode = ie[3]; + wpa_printf(MSG_DEBUG, "Measurement report mode 0x%x type %u", + rep_mode, ie[4]); switch (ie[4]) { case MEASURE_TYPE_LCI: @@ -95,6 +120,10 @@ static void hostapd_handle_radio_msmt_report(struct hostapd_data *hapd, case MEASURE_TYPE_FTM_RANGE: hostapd_handle_range_report(hapd, token, ie + 2, ie[1]); break; + case MEASURE_TYPE_BEACON: + hostapd_handle_beacon_report(hapd, mgmt->sa, token, + rep_mode, ie + 2, ie[1]); + break; default: wpa_printf(MSG_DEBUG, "Measurement report type %u is not supported", @@ -118,7 +147,7 @@ static u16 hostapd_parse_location_lci_req_age(const u8 *buf, size_t len) /* Subelements are arranged as IEs */ subelem = get_ie(buf + 4, len - 4, LCI_REQ_SUBELEM_MAX_AGE); if (subelem && subelem[1] == 2) - return *(u16 *) (subelem + 2); + return WPA_GET_LE16(subelem + 2); return 0; } @@ -129,12 +158,12 @@ static int hostapd_check_lci_age(struct hostapd_neighbor_entry *nr, u16 max_age) struct os_time curr, diff; unsigned long diff_l; + if (nr->stationary || max_age == 0xffff) + return 1; + if (!max_age) return 0; - if (max_age == 0xffff) - return 1; - if (os_get_time(&curr)) return 0; @@ -341,13 +370,7 @@ int hostapd_send_lci_req(struct hostapd_data *hapd, const u8 *addr) struct sta_info *sta = ap_get_sta(hapd, addr); int ret; - if (!sta) { - wpa_printf(MSG_INFO, - "Request LCI: Destination address is not in station list"); - return -1; - } - - if (!(sta->flags & WLAN_STA_AUTHORIZED)) { + if (!sta || !(sta->flags & WLAN_STA_AUTHORIZED)) { wpa_printf(MSG_INFO, "Request LCI: Destination address is not connected"); return -1; @@ -450,9 +473,8 @@ int hostapd_send_range_req(struct hostapd_data *hapd, const u8 *addr, wpa_printf(MSG_DEBUG, "Request range: Range request is already in process; overriding"); hapd->range_req_active = 0; - eloop_register_timeout(HOSTAPD_RRM_REQUEST_TIMEOUT, 0, - hostapd_range_rep_timeout_handler, hapd, - NULL); + eloop_cancel_timeout(hostapd_range_rep_timeout_handler, hapd, + NULL); } /* Action + measurement type + token + reps + EID + len = 7 */ @@ -542,3 +564,111 @@ void hostapd_clean_rrm(struct hostapd_data *hapd) eloop_cancel_timeout(hostapd_range_rep_timeout_handler, hapd, NULL); hapd->range_req_active = 0; } + + +int hostapd_send_beacon_req(struct hostapd_data *hapd, const u8 *addr, + u8 req_mode, const struct wpabuf *req) +{ + struct wpabuf *buf; + struct sta_info *sta = ap_get_sta(hapd, addr); + int ret; + enum beacon_report_mode mode; + const u8 *pos; + + /* Request data: + * Operating Class (1), Channel Number (1), Randomization Interval (2), + * Measurement Duration (2), Measurement Mode (1), BSSID (6), + * Optional Subelements (variable) + */ + if (wpabuf_len(req) < 13) { + wpa_printf(MSG_INFO, "Beacon request: Too short request data"); + return -1; + } + pos = wpabuf_head(req); + mode = pos[6]; + + if (!sta || !(sta->flags & WLAN_STA_AUTHORIZED)) { + wpa_printf(MSG_INFO, + "Beacon request: " MACSTR " is not connected", + MAC2STR(addr)); + return -1; + } + + switch (mode) { + case BEACON_REPORT_MODE_PASSIVE: + if (!(sta->rrm_enabled_capa[0] & + WLAN_RRM_CAPS_BEACON_REPORT_PASSIVE)) { + wpa_printf(MSG_INFO, + "Beacon request: " MACSTR + " does not support passive beacon report", + MAC2STR(addr)); + return -1; + } + break; + case BEACON_REPORT_MODE_ACTIVE: + if (!(sta->rrm_enabled_capa[0] & + WLAN_RRM_CAPS_BEACON_REPORT_ACTIVE)) { + wpa_printf(MSG_INFO, + "Beacon request: " MACSTR + " does not support active beacon report", + MAC2STR(addr)); + return -1; + } + break; + case BEACON_REPORT_MODE_TABLE: + if (!(sta->rrm_enabled_capa[0] & + WLAN_RRM_CAPS_BEACON_REPORT_TABLE)) { + wpa_printf(MSG_INFO, + "Beacon request: " MACSTR + " does not support table beacon report", + MAC2STR(addr)); + return -1; + } + break; + default: + wpa_printf(MSG_INFO, + "Beacon request: Unknown measurement mode %d", mode); + return -1; + } + + buf = wpabuf_alloc(5 + 2 + 3 + wpabuf_len(req)); + if (!buf) + return -1; + + hapd->beacon_req_token++; + if (!hapd->beacon_req_token) + hapd->beacon_req_token++; + + wpabuf_put_u8(buf, WLAN_ACTION_RADIO_MEASUREMENT); + wpabuf_put_u8(buf, WLAN_RRM_RADIO_MEASUREMENT_REQUEST); + wpabuf_put_u8(buf, hapd->beacon_req_token); + wpabuf_put_le16(buf, 0); /* Number of repetitions */ + + /* Measurement Request element */ + wpabuf_put_u8(buf, WLAN_EID_MEASURE_REQUEST); + wpabuf_put_u8(buf, 3 + wpabuf_len(req)); + wpabuf_put_u8(buf, 1); /* Measurement Token */ + wpabuf_put_u8(buf, req_mode); /* Measurement Request Mode */ + wpabuf_put_u8(buf, MEASURE_TYPE_BEACON); /* Measurement Type */ + wpabuf_put_buf(buf, req); + + ret = hostapd_drv_send_action(hapd, hapd->iface->freq, 0, addr, + wpabuf_head(buf), wpabuf_len(buf)); + wpabuf_free(buf); + if (ret < 0) + return ret; + + return hapd->beacon_req_token; +} + + +void hostapd_rrm_beacon_req_tx_status(struct hostapd_data *hapd, + const struct ieee80211_mgmt *mgmt, + size_t len, int ok) +{ + if (len < 24 + 3) + return; + wpa_msg(hapd->msg_ctx, MSG_INFO, BEACON_REQ_TX_STATUS MACSTR + " %u ack=%d", MAC2STR(mgmt->da), + mgmt->u.action.u.rrm.dialog_token, ok); +} diff --git a/contrib/wpa/src/ap/rrm.h b/contrib/wpa/src/ap/rrm.h index f07fd41ac019..02cd522ee9d6 100644 --- a/contrib/wpa/src/ap/rrm.h +++ b/contrib/wpa/src/ap/rrm.h @@ -24,5 +24,10 @@ int hostapd_send_range_req(struct hostapd_data *hapd, const u8 *addr, u16 random_interval, u8 min_ap, const u8 *responders, unsigned int n_responders); void hostapd_clean_rrm(struct hostapd_data *hapd); +int hostapd_send_beacon_req(struct hostapd_data *hapd, const u8 *addr, + u8 req_mode, const struct wpabuf *req); +void hostapd_rrm_beacon_req_tx_status(struct hostapd_data *hapd, + const struct ieee80211_mgmt *mgmt, + size_t len, int ok); #endif /* RRM_H */ diff --git a/contrib/wpa/src/ap/sta_info.c b/contrib/wpa/src/ap/sta_info.c index f12d4088b131..179cf43b60b1 100644 --- a/contrib/wpa/src/ap/sta_info.c +++ b/contrib/wpa/src/ap/sta_info.c @@ -1,6 +1,6 @@ /* * hostapd / Station table - * Copyright (c) 2002-2013, Jouni Malinen <j@w1.fi> + * Copyright (c) 2002-2017, Jouni Malinen <j@w1.fi> * * This software may be distributed under the terms of the BSD license. * See README for more details. @@ -17,6 +17,7 @@ #include "radius/radius_client.h" #include "p2p/p2p.h" #include "fst/fst.h" +#include "crypto/crypto.h" #include "hostapd.h" #include "accounting.h" #include "ieee802_1x.h" @@ -36,6 +37,7 @@ #include "ndisc_snoop.h" #include "sta_info.h" #include "vlan.h" +#include "wps_hostapd.h" static void ap_sta_remove_in_other_bss(struct hostapd_data *hapd, struct sta_info *sta); @@ -47,6 +49,7 @@ static void ap_sta_disassoc_cb_timeout(void *eloop_ctx, void *timeout_ctx); static void ap_sa_query_timer(void *eloop_ctx, void *timeout_ctx); #endif /* CONFIG_IEEE80211W */ static int ap_sta_remove(struct hostapd_data *hapd, struct sta_info *sta); +static void ap_sta_delayed_1x_auth_fail_cb(void *eloop_ctx, void *timeout_ctx); int ap_for_each_sta(struct hostapd_data *hapd, int (*cb)(struct hostapd_data *hapd, struct sta_info *sta, @@ -194,7 +197,8 @@ void ap_free_sta(struct hostapd_data *hapd, struct sta_info *sta) if (sta->no_short_slot_time_set) { sta->no_short_slot_time_set = 0; hapd->iface->num_sta_no_short_slot_time--; - if (hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G + if (hapd->iface->current_mode && + hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G && hapd->iface->num_sta_no_short_slot_time == 0) set_beacon++; } @@ -202,7 +206,8 @@ void ap_free_sta(struct hostapd_data *hapd, struct sta_info *sta) if (sta->no_short_preamble_set) { sta->no_short_preamble_set = 0; hapd->iface->num_sta_no_short_preamble--; - if (hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G + if (hapd->iface->current_mode && + hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G && hapd->iface->num_sta_no_short_preamble == 0) set_beacon++; } @@ -316,6 +321,7 @@ void ap_free_sta(struct hostapd_data *hapd, struct sta_info *sta) wpabuf_free(sta->wps_ie); wpabuf_free(sta->p2p_ie); wpabuf_free(sta->hs20_ie); + wpabuf_free(sta->roaming_consortium); #ifdef CONFIG_FST wpabuf_free(sta->mb_ies); #endif /* CONFIG_FST */ @@ -326,6 +332,7 @@ void ap_free_sta(struct hostapd_data *hapd, struct sta_info *sta) os_free(sta->identity); os_free(sta->radius_cui); os_free(sta->remediation_url); + os_free(sta->t_c_url); wpabuf_free(sta->hs20_deauth_req); os_free(sta->hs20_session_info_url); @@ -337,6 +344,31 @@ void ap_free_sta(struct hostapd_data *hapd, struct sta_info *sta) mbo_ap_sta_free(sta); os_free(sta->supp_op_classes); +#ifdef CONFIG_FILS + os_free(sta->fils_pending_assoc_req); + wpabuf_free(sta->fils_hlp_resp); + wpabuf_free(sta->hlp_dhcp_discover); + eloop_cancel_timeout(fils_hlp_timeout, hapd, sta); +#ifdef CONFIG_FILS_SK_PFS + crypto_ecdh_deinit(sta->fils_ecdh); + wpabuf_clear_free(sta->fils_dh_ss); + wpabuf_free(sta->fils_g_sta); +#endif /* CONFIG_FILS_SK_PFS */ +#endif /* CONFIG_FILS */ + +#ifdef CONFIG_OWE + bin_clear_free(sta->owe_pmk, sta->owe_pmk_len); + crypto_ecdh_deinit(sta->owe_ecdh); +#endif /* CONFIG_OWE */ + + os_free(sta->ext_capability); + +#ifdef CONFIG_WNM_AP + eloop_cancel_timeout(ap_sta_reset_steer_flag_timer, hapd, sta); +#endif /* CONFIG_WNM_AP */ + + os_free(sta->ifname_wds); + os_free(sta); } @@ -597,7 +629,7 @@ void ap_sta_no_session_timeout(struct hostapd_data *hapd, struct sta_info *sta) static void ap_handle_session_warning_timer(void *eloop_ctx, void *timeout_ctx) { -#ifdef CONFIG_WNM +#ifdef CONFIG_WNM_AP struct hostapd_data *hapd = eloop_ctx; struct sta_info *sta = timeout_ctx; @@ -608,7 +640,7 @@ static void ap_handle_session_warning_timer(void *eloop_ctx, void *timeout_ctx) wnm_send_ess_disassoc_imminent(hapd, sta, sta->hs20_session_info_url, sta->hs20_disassoc_timer); -#endif /* CONFIG_WNM */ +#endif /* CONFIG_WNM_AP */ } @@ -745,9 +777,17 @@ void ap_sta_disassociate(struct hostapd_data *hapd, struct sta_info *sta, wpa_printf(MSG_DEBUG, "%s: disassociate STA " MACSTR, hapd->conf->iface, MAC2STR(sta->addr)); sta->last_seq_ctrl = WLAN_INVALID_MGMT_SEQ; - sta->flags &= ~(WLAN_STA_ASSOC | WLAN_STA_ASSOC_REQ_OK); + if (hapd->iface->current_mode && + hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211AD) { + /* Skip deauthentication in DMG/IEEE 802.11ad */ + sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC | + WLAN_STA_ASSOC_REQ_OK); + sta->timeout_next = STA_REMOVE; + } else { + sta->flags &= ~(WLAN_STA_ASSOC | WLAN_STA_ASSOC_REQ_OK); + sta->timeout_next = STA_DEAUTH; + } ap_sta_set_authorized(hapd, sta, 0); - sta->timeout_next = STA_DEAUTH; wpa_printf(MSG_DEBUG, "%s: reschedule ap_handle_timer timeout " "for " MACSTR " (%d seconds - " "AP_MAX_INACTIVITY_AFTER_DISASSOC)", @@ -783,6 +823,14 @@ static void ap_sta_deauth_cb_timeout(void *eloop_ctx, void *timeout_ctx) void ap_sta_deauthenticate(struct hostapd_data *hapd, struct sta_info *sta, u16 reason) { + if (hapd->iface->current_mode && + hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211AD) { + /* Deauthentication is not used in DMG/IEEE 802.11ad; + * disassociate the STA instead. */ + ap_sta_disassociate(hapd, sta, reason); + return; + } + wpa_printf(MSG_DEBUG, "%s: deauthenticate STA " MACSTR, hapd->conf->iface, MAC2STR(sta->addr)); sta->last_seq_ctrl = WLAN_INVALID_MGMT_SEQ; @@ -1229,6 +1277,20 @@ void ap_sta_disconnect(struct hostapd_data *hapd, struct sta_info *sta, ap_handle_timer, hapd, sta); sta->timeout_next = STA_REMOVE; + if (hapd->iface->current_mode && + hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211AD) { + /* Deauthentication is not used in DMG/IEEE 802.11ad; + * disassociate the STA instead. */ + sta->disassoc_reason = reason; + sta->flags |= WLAN_STA_PENDING_DISASSOC_CB; + eloop_cancel_timeout(ap_sta_disassoc_cb_timeout, hapd, sta); + eloop_register_timeout(hapd->iface->drv_flags & + WPA_DRIVER_FLAGS_DEAUTH_TX_STATUS ? + 2 : 0, 0, ap_sta_disassoc_cb_timeout, + hapd, sta); + return; + } + sta->deauth_reason = reason; sta->flags |= WLAN_STA_PENDING_DEAUTH_CB; eloop_cancel_timeout(ap_sta_deauth_cb_timeout, hapd, sta); @@ -1275,6 +1337,15 @@ void ap_sta_clear_disconnect_timeouts(struct hostapd_data *hapd, "%s: Removed ap_sta_disassoc_cb_timeout timeout for " MACSTR, hapd->conf->iface, MAC2STR(sta->addr)); + if (eloop_cancel_timeout(ap_sta_delayed_1x_auth_fail_cb, hapd, sta) > 0) + { + wpa_printf(MSG_DEBUG, + "%s: Removed ap_sta_delayed_1x_auth_fail_cb timeout for " + MACSTR, + hapd->conf->iface, MAC2STR(sta->addr)); + if (sta->flags & WLAN_STA_WPS) + hostapd_wps_eap_completed(hapd); + } } @@ -1283,7 +1354,7 @@ int ap_sta_flags_txt(u32 flags, char *buf, size_t buflen) int res; buf[0] = '\0'; - res = os_snprintf(buf, buflen, "%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s", + res = os_snprintf(buf, buflen, "%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s", (flags & WLAN_STA_AUTH ? "[AUTH]" : ""), (flags & WLAN_STA_ASSOC ? "[ASSOC]" : ""), (flags & WLAN_STA_AUTHORIZED ? "[AUTHORIZED]" : ""), @@ -1300,6 +1371,7 @@ int ap_sta_flags_txt(u32 flags, char *buf, size_t buflen) (flags & WLAN_STA_NONERP ? "[NonERP]" : ""), (flags & WLAN_STA_WPS2 ? "[WPS2]" : ""), (flags & WLAN_STA_GAS ? "[GAS]" : ""), + (flags & WLAN_STA_HT ? "[HT]" : ""), (flags & WLAN_STA_VHT ? "[VHT]" : ""), (flags & WLAN_STA_VENDOR_VHT ? "[VENDOR_VHT]" : ""), (flags & WLAN_STA_WNM_SLEEP_MODE ? @@ -1309,3 +1381,48 @@ int ap_sta_flags_txt(u32 flags, char *buf, size_t buflen) return res; } + + +static void ap_sta_delayed_1x_auth_fail_cb(void *eloop_ctx, void *timeout_ctx) +{ + struct hostapd_data *hapd = eloop_ctx; + struct sta_info *sta = timeout_ctx; + u16 reason; + + wpa_dbg(hapd->msg_ctx, MSG_DEBUG, + "IEEE 802.1X: Scheduled disconnection of " MACSTR + " after EAP-Failure", MAC2STR(sta->addr)); + + reason = sta->disconnect_reason_code; + if (!reason) + reason = WLAN_REASON_IEEE_802_1X_AUTH_FAILED; + ap_sta_disconnect(hapd, sta, sta->addr, reason); + if (sta->flags & WLAN_STA_WPS) + hostapd_wps_eap_completed(hapd); +} + + +void ap_sta_delayed_1x_auth_fail_disconnect(struct hostapd_data *hapd, + struct sta_info *sta) +{ + wpa_dbg(hapd->msg_ctx, MSG_DEBUG, + "IEEE 802.1X: Force disconnection of " MACSTR + " after EAP-Failure in 10 ms", MAC2STR(sta->addr)); + + /* + * Add a small sleep to increase likelihood of previously requested + * EAP-Failure TX getting out before this should the driver reorder + * operations. + */ + eloop_cancel_timeout(ap_sta_delayed_1x_auth_fail_cb, hapd, sta); + eloop_register_timeout(0, 10000, ap_sta_delayed_1x_auth_fail_cb, + hapd, sta); +} + + +int ap_sta_pending_delayed_1x_auth_fail_disconnect(struct hostapd_data *hapd, + struct sta_info *sta) +{ + return eloop_is_timeout_registered(ap_sta_delayed_1x_auth_fail_cb, + hapd, sta); +} diff --git a/contrib/wpa/src/ap/sta_info.h b/contrib/wpa/src/ap/sta_info.h index 099de62d1a9a..9cac6f157f68 100644 --- a/contrib/wpa/src/ap/sta_info.h +++ b/contrib/wpa/src/ap/sta_info.h @@ -1,6 +1,6 @@ /* * hostapd / Station table - * Copyright (c) 2002-2011, Jouni Malinen <j@w1.fi> + * Copyright (c) 2002-2017, Jouni Malinen <j@w1.fi> * * This software may be distributed under the terms of the BSD license. * See README for more details. @@ -9,14 +9,11 @@ #ifndef STA_INFO_H #define STA_INFO_H -#ifdef CONFIG_MESH -/* needed for mesh_plink_state enum */ #include "common/defs.h" -#include "common/wpa_common.h" -#endif /* CONFIG_MESH */ - #include "list.h" #include "vlan.h" +#include "common/wpa_common.h" +#include "common/ieee802_11_defs.h" /* STA flags */ #define WLAN_STA_AUTH BIT(0) @@ -38,6 +35,7 @@ #define WLAN_STA_WNM_SLEEP_MODE BIT(19) #define WLAN_STA_VHT_OPMODE_ENABLED BIT(20) #define WLAN_STA_VENDOR_VHT BIT(21) +#define WLAN_STA_PENDING_FILS_ERP BIT(22) #define WLAN_STA_PENDING_DISASSOC_CB BIT(29) #define WLAN_STA_PENDING_DEAUTH_CB BIT(30) #define WLAN_STA_NONERP BIT(31) @@ -46,6 +44,7 @@ * Supported Rates IEs). */ #define WLAN_SUPP_RATES_MAX 32 +struct hostapd_data; struct mbo_non_pref_chan_info { struct mbo_non_pref_chan_info *next; @@ -68,6 +67,7 @@ struct sta_info { be32 ipaddr; struct dl_list ip6addr; /* list head for struct ip6addr */ u16 aid; /* STA's unique AID (1 .. 2007) or 0 if not yet assigned */ + u16 disconnect_reason_code; /* RADIUS server override */ u32 flags; /* Bitfield of WLAN_STA_* */ u16 capability; u16 listen_interval; /* or beacon_int for APs */ @@ -113,6 +113,10 @@ struct sta_info { unsigned int radius_das_match:1; unsigned int ecsa_supported:1; unsigned int added_unassoc:1; + unsigned int pending_wds_enable:1; + unsigned int power_capab:1; + unsigned int agreed_to_steer:1; + unsigned int hs20_t_c_filtering:1; u16 auth_alg; @@ -170,17 +174,20 @@ struct sta_info { struct os_reltime sa_query_start; #endif /* CONFIG_IEEE80211W */ -#ifdef CONFIG_INTERWORKING +#if defined(CONFIG_INTERWORKING) || defined(CONFIG_DPP) #define GAS_DIALOG_MAX 8 /* Max concurrent dialog number */ struct gas_dialog_info *gas_dialog; u8 gas_dialog_next; -#endif /* CONFIG_INTERWORKING */ +#endif /* CONFIG_INTERWORKING || CONFIG_DPP */ struct wpabuf *wps_ie; /* WPS IE from (Re)Association Request */ struct wpabuf *p2p_ie; /* P2P IE from (Re)Association Request */ struct wpabuf *hs20_ie; /* HS 2.0 IE from (Re)Association Request */ + /* Hotspot 2.0 Roaming Consortium from (Re)Association Request */ + struct wpabuf *roaming_consortium; u8 remediation_method; char *remediation_url; /* HS 2.0 Subscription Remediation Server URL */ + char *t_c_url; /* HS 2.0 Terms and Conditions Server URL */ struct wpabuf *hs20_deauth_req; char *hs20_session_info_url; int hs20_disassoc_timer; @@ -195,7 +202,8 @@ struct sta_info { unsigned int mesh_sae_pmksa_caching:1; #endif /* CONFIG_SAE */ - u32 session_timeout; /* valid only if session_timeout_set == 1 */ + /* valid only if session_timeout_set == 1 */ + struct os_reltime session_timeout; /* Last Authentication/(Re)Association Request/Action frame sequence * control */ @@ -214,10 +222,51 @@ struct sta_info { u8 rrm_enabled_capa[5]; + s8 min_tx_power; + s8 max_tx_power; + #ifdef CONFIG_TAXONOMY struct wpabuf *probe_ie_taxonomy; struct wpabuf *assoc_ie_taxonomy; #endif /* CONFIG_TAXONOMY */ + +#ifdef CONFIG_FILS + u8 fils_snonce[FILS_NONCE_LEN]; + u8 fils_session[FILS_SESSION_LEN]; + u8 fils_erp_pmkid[PMKID_LEN]; + u8 *fils_pending_assoc_req; + size_t fils_pending_assoc_req_len; + unsigned int fils_pending_assoc_is_reassoc:1; + unsigned int fils_dhcp_rapid_commit_proxy:1; + unsigned int fils_erp_pmkid_set:1; + unsigned int fils_drv_assoc_finish:1; + struct wpabuf *fils_hlp_resp; + struct wpabuf *hlp_dhcp_discover; + void (*fils_pending_cb)(struct hostapd_data *hapd, struct sta_info *sta, + u16 resp, struct wpabuf *data, int pub); +#ifdef CONFIG_FILS_SK_PFS + struct crypto_ecdh *fils_ecdh; +#endif /* CONFIG_FILS_SK_PFS */ + struct wpabuf *fils_dh_ss; + struct wpabuf *fils_g_sta; +#endif /* CONFIG_FILS */ + +#ifdef CONFIG_OWE + u8 *owe_pmk; + size_t owe_pmk_len; + struct crypto_ecdh *owe_ecdh; + u16 owe_group; +#endif /* CONFIG_OWE */ + + u8 *ext_capability; + char *ifname_wds; /* WDS ifname, if in use */ + +#ifdef CONFIG_TESTING_OPTIONS + enum wpa_alg last_tk_alg; + int last_tk_key_idx; + u8 last_tk[WPA_TK_MAX_LEN]; + size_t last_tk_len; +#endif /* CONFIG_TESTING_OPTIONS */ }; @@ -237,8 +286,6 @@ struct sta_info { #define AP_MAX_INACTIVITY_AFTER_DEAUTH (1 * 5) -struct hostapd_data; - int ap_for_each_sta(struct hostapd_data *hapd, int (*cb)(struct hostapd_data *hapd, struct sta_info *sta, void *ctx), @@ -289,5 +336,9 @@ void ap_sta_clear_disconnect_timeouts(struct hostapd_data *hapd, struct sta_info *sta); int ap_sta_flags_txt(u32 flags, char *buf, size_t buflen); +void ap_sta_delayed_1x_auth_fail_disconnect(struct hostapd_data *hapd, + struct sta_info *sta); +int ap_sta_pending_delayed_1x_auth_fail_disconnect(struct hostapd_data *hapd, + struct sta_info *sta); #endif /* STA_INFO_H */ diff --git a/contrib/wpa/src/ap/taxonomy.c b/contrib/wpa/src/ap/taxonomy.c index cea8b726f47a..ae157a7c91d6 100644 --- a/contrib/wpa/src/ap/taxonomy.c +++ b/contrib/wpa/src/ap/taxonomy.c @@ -21,6 +21,7 @@ #include "common/wpa_ctrl.h" #include "hostapd.h" #include "sta_info.h" +#include "taxonomy.h" /* Copy a string with no funny schtuff allowed; only alphanumerics. */ diff --git a/contrib/wpa/src/ap/tkip_countermeasures.c b/contrib/wpa/src/ap/tkip_countermeasures.c index 4725e2b3e8f1..557570cd1bc4 100644 --- a/contrib/wpa/src/ap/tkip_countermeasures.c +++ b/contrib/wpa/src/ap/tkip_countermeasures.c @@ -71,6 +71,11 @@ int michael_mic_failure(struct hostapd_data *hapd, const u8 *addr, int local) struct os_reltime now; int ret = 0; + hostapd_logger(hapd, addr, HOSTAPD_MODULE_IEEE80211, + HOSTAPD_LEVEL_INFO, + "Michael MIC failure detected in received frame%s", + local ? " (local)" : ""); + if (addr && local) { struct sta_info *sta = ap_get_sta(hapd, addr); if (sta != NULL) { diff --git a/contrib/wpa/src/ap/vlan_init.c b/contrib/wpa/src/ap/vlan_init.c index 31e4fc6b396a..01fecee026a1 100644 --- a/contrib/wpa/src/ap/vlan_init.c +++ b/contrib/wpa/src/ap/vlan_init.c @@ -138,6 +138,8 @@ int vlan_init(struct hostapd_data *hapd) !hapd->conf->vlan) { /* dynamic vlans enabled but no (or empty) vlan_file given */ struct hostapd_vlan *vlan; + int ret; + vlan = os_zalloc(sizeof(*vlan)); if (vlan == NULL) { wpa_printf(MSG_ERROR, "Out of memory while assigning " @@ -146,8 +148,16 @@ int vlan_init(struct hostapd_data *hapd) } vlan->vlan_id = VLAN_ID_WILDCARD; - os_snprintf(vlan->ifname, sizeof(vlan->ifname), "%s.#", - hapd->conf->iface); + ret = os_snprintf(vlan->ifname, sizeof(vlan->ifname), "%s.#", + hapd->conf->iface); + if (ret >= (int) sizeof(vlan->ifname)) { + wpa_printf(MSG_WARNING, + "VLAN: Interface name was truncated to %s", + vlan->ifname); + } else if (ret < 0) { + os_free(vlan); + return ret; + } vlan->next = hapd->conf->vlan; hapd->conf->vlan = vlan; } diff --git a/contrib/wpa/src/ap/wmm.c b/contrib/wpa/src/ap/wmm.c index 314e244bc956..8054c5d2f243 100644 --- a/contrib/wpa/src/ap/wmm.c +++ b/contrib/wpa/src/ap/wmm.c @@ -21,11 +21,6 @@ #include "wmm.h" -/* TODO: maintain separate sequence and fragment numbers for each AC - * TODO: IGMP snooping to track which multicasts to forward - and use QOS-DATA - * if only WMM stations are receiving a certain group */ - - static inline u8 wmm_aci_aifsn(int aifsn, int acm, int aci) { u8 ret; @@ -157,8 +152,9 @@ static void wmm_send_action(struct hostapd_data *hapd, const u8 *addr, int wmm_process_tspec(struct wmm_tspec_element *tspec) { - int medium_time, pps, duration; - int up, psb, dir, tid; + u64 medium_time; + unsigned int pps, duration; + unsigned int up, psb, dir, tid; u16 val, surplus; up = (tspec->ts_info[1] >> 3) & 0x07; @@ -206,8 +202,9 @@ int wmm_process_tspec(struct wmm_tspec_element *tspec) return WMM_ADDTS_STATUS_INVALID_PARAMETERS; } - medium_time = surplus * pps * duration / 0x2000; - wpa_printf(MSG_DEBUG, "WMM: Estimated medium time: %u", medium_time); + medium_time = (u64) surplus * pps * duration / 0x2000; + wpa_printf(MSG_DEBUG, "WMM: Estimated medium time: %lu", + (unsigned long) medium_time); /* * TODO: store list of granted (and still active) TSPECs and check diff --git a/contrib/wpa/src/ap/wnm_ap.c b/contrib/wpa/src/ap/wnm_ap.c index 41d50cebfbe0..1e8f58b4d07e 100644 --- a/contrib/wpa/src/ap/wnm_ap.c +++ b/contrib/wpa/src/ap/wnm_ap.c @@ -95,8 +95,8 @@ static int ieee802_11_send_wnmsleep_resp(struct hostapd_data *hapd, if (mgmt == NULL) { wpa_printf(MSG_DEBUG, "MLME: Failed to allocate buffer for " "WNM-Sleep Response action frame"); - os_free(wnmtfs_ie); - return -1; + res = -1; + goto fail; } os_memcpy(mgmt->da, addr, ETH_ALEN); os_memcpy(mgmt->sa, hapd->own_addr, ETH_ALEN); @@ -109,6 +109,7 @@ static int ieee802_11_send_wnmsleep_resp(struct hostapd_data *hapd, pos = (u8 *)mgmt->u.action.u.wnm_sleep_resp.variable; /* add key data if MFP is enabled */ if (!wpa_auth_uses_mfp(sta->wpa_sm) || + hapd->conf->wnm_sleep_mode_no_keys || action_type != WNM_SLEEP_MODE_EXIT) { mgmt->u.action.u.wnm_sleep_resp.keydata_len = 0; } else { @@ -118,11 +119,8 @@ static int ieee802_11_send_wnmsleep_resp(struct hostapd_data *hapd, (int) gtk_elem_len); #ifdef CONFIG_IEEE80211W res = wpa_wnmsleep_igtk_subelem(sta->wpa_sm, pos); - if (res < 0) { - os_free(wnmtfs_ie); - os_free(mgmt); - return -1; - } + if (res < 0) + goto fail; igtk_elem_len = res; pos += igtk_elem_len; wpa_printf(MSG_DEBUG, "Pass 4 igtk_len = %d", @@ -176,7 +174,8 @@ static int ieee802_11_send_wnmsleep_resp(struct hostapd_data *hapd, wpa_set_wnmsleep(sta->wpa_sm, 0); hostapd_drv_wnm_oper(hapd, WNM_SLEEP_EXIT_CONFIRM, addr, NULL, NULL); - if (!wpa_auth_uses_mfp(sta->wpa_sm)) + if (!wpa_auth_uses_mfp(sta->wpa_sm) || + hapd->conf->wnm_sleep_mode_no_keys) wpa_wnmsleep_rekey_gtk(sta->wpa_sm); } } else @@ -184,6 +183,7 @@ static int ieee802_11_send_wnmsleep_resp(struct hostapd_data *hapd, #undef MAX_GTK_SUBELEM_LEN #undef MAX_IGTK_SUBELEM_LEN +fail: os_free(wnmtfs_ie); os_free(mgmt); return res; @@ -202,12 +202,20 @@ static void ieee802_11_rx_wnmsleep_req(struct hostapd_data *hapd, u8 *tfsreq_ie_end = NULL; u16 tfsreq_ie_len = 0; + if (!hapd->conf->wnm_sleep_mode) { + wpa_printf(MSG_DEBUG, "Ignore WNM-Sleep Mode Request from " + MACSTR " since WNM-Sleep Mode is disabled", + MAC2STR(addr)); + return; + } + dialog_token = *pos++; while (pos + 1 < frm + len) { u8 ie_len = pos[1]; if (pos + 2 + ie_len > frm + len) break; - if (*pos == WLAN_EID_WNMSLEEP) + if (*pos == WLAN_EID_WNMSLEEP && + ie_len >= (int) sizeof(*wnmsleep_ie) - 2) wnmsleep_ie = (struct wnm_sleep_element *) pos; else if (*pos == WLAN_EID_TFS_REQ) { if (!tfsreq_ie_start) @@ -251,20 +259,14 @@ static void ieee802_11_rx_wnmsleep_req(struct hostapd_data *hapd, static int ieee802_11_send_bss_trans_mgmt_request(struct hostapd_data *hapd, const u8 *addr, - u8 dialog_token, - const char *url) + u8 dialog_token) { struct ieee80211_mgmt *mgmt; - size_t url_len, len; + size_t len; u8 *pos; int res; - if (url) - url_len = os_strlen(url); - else - url_len = 0; - - mgmt = os_zalloc(sizeof(*mgmt) + (url_len ? 1 + url_len : 0)); + mgmt = os_zalloc(sizeof(*mgmt)); if (mgmt == NULL) return -1; os_memcpy(mgmt->da, addr, ETH_ALEN); @@ -279,11 +281,6 @@ static int ieee802_11_send_bss_trans_mgmt_request(struct hostapd_data *hapd, mgmt->u.action.u.bss_tm_req.disassoc_timer = host_to_le16(0); mgmt->u.action.u.bss_tm_req.validity_interval = 1; pos = mgmt->u.action.u.bss_tm_req.variable; - if (url) { - *pos++ += url_len; - os_memcpy(pos, url, url_len); - pos += url_len; - } wpa_printf(MSG_DEBUG, "WNM: Send BSS Transition Management Request to " MACSTR " dialog_token=%u req_mode=0x%x disassoc_timer=%u " @@ -307,6 +304,20 @@ static void ieee802_11_rx_bss_trans_mgmt_query(struct hostapd_data *hapd, { u8 dialog_token, reason; const u8 *pos, *end; + int enabled = hapd->conf->bss_transition; + +#ifdef CONFIG_MBO + if (hapd->conf->mbo_enabled) + enabled = 1; +#endif /* CONFIG_MBO */ + if (!enabled) { + wpa_printf(MSG_DEBUG, + "Ignore BSS Transition Management Query from " + MACSTR + " since BSS Transition Management is disabled", + MAC2STR(addr)); + return; + } if (len < 2) { wpa_printf(MSG_DEBUG, "WNM: Ignore too short BSS Transition Management Query from " @@ -326,7 +337,20 @@ static void ieee802_11_rx_bss_trans_mgmt_query(struct hostapd_data *hapd, wpa_hexdump(MSG_DEBUG, "WNM: BSS Transition Candidate List Entries", pos, end - pos); - ieee802_11_send_bss_trans_mgmt_request(hapd, addr, dialog_token, NULL); + ieee802_11_send_bss_trans_mgmt_request(hapd, addr, dialog_token); +} + + +void ap_sta_reset_steer_flag_timer(void *eloop_ctx, void *timeout_ctx) +{ + struct hostapd_data *hapd = eloop_ctx; + struct sta_info *sta = timeout_ctx; + + if (sta->agreed_to_steer) { + wpa_printf(MSG_DEBUG, "%s: Reset steering flag for STA " MACSTR, + hapd->conf->iface, MAC2STR(sta->addr)); + sta->agreed_to_steer = 0; + } } @@ -336,6 +360,21 @@ static void ieee802_11_rx_bss_trans_mgmt_resp(struct hostapd_data *hapd, { u8 dialog_token, status_code, bss_termination_delay; const u8 *pos, *end; + int enabled = hapd->conf->bss_transition; + struct sta_info *sta; + +#ifdef CONFIG_MBO + if (hapd->conf->mbo_enabled) + enabled = 1; +#endif /* CONFIG_MBO */ + if (!enabled) { + wpa_printf(MSG_DEBUG, + "Ignore BSS Transition Management Response from " + MACSTR + " since BSS Transition Management is disabled", + MAC2STR(addr)); + return; + } if (len < 3) { wpa_printf(MSG_DEBUG, "WNM: Ignore too short BSS Transition Management Response from " @@ -354,11 +393,23 @@ static void ieee802_11_rx_bss_trans_mgmt_resp(struct hostapd_data *hapd, "bss_termination_delay=%u", MAC2STR(addr), dialog_token, status_code, bss_termination_delay); + sta = ap_get_sta(hapd, addr); + if (!sta) { + wpa_printf(MSG_DEBUG, "Station " MACSTR + " not found for received BSS TM Response", + MAC2STR(addr)); + return; + } + if (status_code == WNM_BSS_TM_ACCEPT) { if (end - pos < ETH_ALEN) { wpa_printf(MSG_DEBUG, "WNM: not enough room for Target BSSID field"); return; } + sta->agreed_to_steer = 1; + eloop_cancel_timeout(ap_sta_reset_steer_flag_timer, hapd, sta); + eloop_register_timeout(2, 0, ap_sta_reset_steer_flag_timer, + hapd, sta); wpa_printf(MSG_DEBUG, "WNM: Target BSSID: " MACSTR, MAC2STR(pos)); wpa_msg(hapd->msg_ctx, MSG_INFO, BSS_TM_RESP MACSTR @@ -368,6 +419,7 @@ static void ieee802_11_rx_bss_trans_mgmt_resp(struct hostapd_data *hapd, MAC2STR(pos)); pos += ETH_ALEN; } else { + sta->agreed_to_steer = 0; wpa_msg(hapd->msg_ctx, MSG_INFO, BSS_TM_RESP MACSTR " status_code=%u bss_termination_delay=%u", MAC2STR(addr), status_code, bss_termination_delay); @@ -401,6 +453,48 @@ static void ieee802_11_rx_wnm_notification_req(struct hostapd_data *hapd, } +static void ieee802_11_rx_wnm_coloc_intf_report(struct hostapd_data *hapd, + const u8 *addr, const u8 *buf, + size_t len) +{ + u8 dialog_token; + char *hex; + size_t hex_len; + + if (!hapd->conf->coloc_intf_reporting) { + wpa_printf(MSG_DEBUG, + "WNM: Ignore unexpected Collocated Interference Report from " + MACSTR, MAC2STR(addr)); + return; + } + + if (len < 1) { + wpa_printf(MSG_DEBUG, + "WNM: Ignore too short Collocated Interference Report from " + MACSTR, MAC2STR(addr)); + return; + } + dialog_token = *buf++; + len--; + + wpa_printf(MSG_DEBUG, + "WNM: Received Collocated Interference Report frame from " + MACSTR " (dialog_token=%u)", + MAC2STR(addr), dialog_token); + wpa_hexdump(MSG_MSGDUMP, "WNM: Collocated Interference Report Elements", + buf, len); + + hex_len = 2 * len + 1; + hex = os_malloc(hex_len); + if (!hex) + return; + wpa_snprintf_hex(hex, hex_len, buf, len); + wpa_msg_ctrl(hapd->msg_ctx, MSG_INFO, COLOC_INTF_REPORT MACSTR " %d %s", + MAC2STR(addr), dialog_token, hex); + os_free(hex); +} + + int ieee802_11_rx_wnm_action_ap(struct hostapd_data *hapd, const struct ieee80211_mgmt *mgmt, size_t len) { @@ -431,6 +525,10 @@ int ieee802_11_rx_wnm_action_ap(struct hostapd_data *hapd, ieee802_11_rx_wnm_notification_req(hapd, mgmt->sa, payload, plen); return 0; + case WNM_COLLOCATED_INTERFERENCE_REPORT: + ieee802_11_rx_wnm_coloc_intf_report(hapd, mgmt->sa, payload, + plen); + return 0; } wpa_printf(MSG_DEBUG, "WNM: Unsupported WNM Action %u from " MACSTR, @@ -629,3 +727,40 @@ int wnm_send_bss_tm_req(struct hostapd_data *hapd, struct sta_info *sta, return 0; } + + +int wnm_send_coloc_intf_req(struct hostapd_data *hapd, struct sta_info *sta, + unsigned int auto_report, unsigned int timeout) +{ + u8 buf[100], *pos; + struct ieee80211_mgmt *mgmt; + u8 dialog_token = 1; + + if (auto_report > 3 || timeout > 63) + return -1; + os_memset(buf, 0, sizeof(buf)); + mgmt = (struct ieee80211_mgmt *) buf; + mgmt->frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT, + WLAN_FC_STYPE_ACTION); + os_memcpy(mgmt->da, sta->addr, ETH_ALEN); + os_memcpy(mgmt->sa, hapd->own_addr, ETH_ALEN); + os_memcpy(mgmt->bssid, hapd->own_addr, ETH_ALEN); + mgmt->u.action.category = WLAN_ACTION_WNM; + mgmt->u.action.u.coloc_intf_req.action = + WNM_COLLOCATED_INTERFERENCE_REQ; + mgmt->u.action.u.coloc_intf_req.dialog_token = dialog_token; + mgmt->u.action.u.coloc_intf_req.req_info = auto_report | (timeout << 2); + pos = &mgmt->u.action.u.coloc_intf_req.req_info; + pos++; + + wpa_printf(MSG_DEBUG, "WNM: Sending Collocated Interference Request to " + MACSTR " (dialog_token=%u auto_report=%u timeout=%u)", + MAC2STR(sta->addr), dialog_token, auto_report, timeout); + if (hostapd_drv_send_mlme(hapd, buf, pos - buf, 0) < 0) { + wpa_printf(MSG_DEBUG, + "WNM: Failed to send Collocated Interference Request frame"); + return -1; + } + + return 0; +} diff --git a/contrib/wpa/src/ap/wnm_ap.h b/contrib/wpa/src/ap/wnm_ap.h index a44eadb85e55..1806ba0e0525 100644 --- a/contrib/wpa/src/ap/wnm_ap.h +++ b/contrib/wpa/src/ap/wnm_ap.h @@ -23,5 +23,8 @@ int wnm_send_bss_tm_req(struct hostapd_data *hapd, struct sta_info *sta, const u8 *bss_term_dur, const char *url, const u8 *nei_rep, size_t nei_rep_len, const u8 *mbo_attrs, size_t mbo_len); +void ap_sta_reset_steer_flag_timer(void *eloop_ctx, void *timeout_ctx); +int wnm_send_coloc_intf_req(struct hostapd_data *hapd, struct sta_info *sta, + unsigned int auto_report, unsigned int timeout); #endif /* WNM_AP_H */ diff --git a/contrib/wpa/src/ap/wpa_auth.c b/contrib/wpa/src/ap/wpa_auth.c index bf10cc1646f7..34969e79e46f 100644 --- a/contrib/wpa/src/ap/wpa_auth.c +++ b/contrib/wpa/src/ap/wpa_auth.c @@ -1,6 +1,6 @@ /* * IEEE 802.11 RSN / WPA Authenticator - * Copyright (c) 2004-2015, Jouni Malinen <j@w1.fi> + * Copyright (c) 2004-2018, Jouni Malinen <j@w1.fi> * * This software may be distributed under the terms of the BSD license. * See README for more details. @@ -13,10 +13,13 @@ #include "utils/state_machine.h" #include "utils/bitfield.h" #include "common/ieee802_11_defs.h" +#include "crypto/aes.h" #include "crypto/aes_wrap.h" +#include "crypto/aes_siv.h" #include "crypto/crypto.h" #include "crypto/sha1.h" #include "crypto/sha256.h" +#include "crypto/sha384.h" #include "crypto/random.h" #include "eapol_auth/eapol_auth_sm.h" #include "ap_config.h" @@ -33,8 +36,14 @@ static void wpa_send_eapol_timeout(void *eloop_ctx, void *timeout_ctx); static int wpa_sm_step(struct wpa_state_machine *sm); -static int wpa_verify_key_mic(int akmp, struct wpa_ptk *PTK, u8 *data, - size_t data_len); +static int wpa_verify_key_mic(int akmp, size_t pmk_len, struct wpa_ptk *PTK, + u8 *data, size_t data_len); +#ifdef CONFIG_FILS +static int wpa_aead_decrypt(struct wpa_state_machine *sm, struct wpa_ptk *ptk, + u8 *buf, size_t buf_len, u16 *_key_data_len); +static struct wpabuf * fils_prepare_plainbuf(struct wpa_state_machine *sm, + const struct wpabuf *hlp); +#endif /* CONFIG_FILS */ static void wpa_sm_call_step(void *eloop_ctx, void *timeout_ctx); static void wpa_group_sm_step(struct wpa_authenticator *wpa_auth, struct wpa_group *group); @@ -52,12 +61,12 @@ static void wpa_group_get(struct wpa_authenticator *wpa_auth, struct wpa_group *group); static void wpa_group_put(struct wpa_authenticator *wpa_auth, struct wpa_group *group); +static u8 * ieee80211w_kde_add(struct wpa_state_machine *sm, u8 *pos); -static const u32 dot11RSNAConfigGroupUpdateCount = 4; -static const u32 dot11RSNAConfigPairwiseUpdateCount = 4; static const u32 eapol_key_timeout_first = 100; /* ms */ static const u32 eapol_key_timeout_subseq = 1000; /* ms */ static const u32 eapol_key_timeout_first_group = 500; /* ms */ +static const u32 eapol_key_timeout_no_retrans = 4000; /* ms */ /* TODO: make these configurable */ static const int dot11RSNAConfigPMKLifetime = 43200; @@ -68,8 +77,8 @@ static const int dot11RSNAConfigSATimeout = 60; static inline int wpa_auth_mic_failure_report( struct wpa_authenticator *wpa_auth, const u8 *addr) { - if (wpa_auth->cb.mic_failure_report) - return wpa_auth->cb.mic_failure_report(wpa_auth->cb.ctx, addr); + if (wpa_auth->cb->mic_failure_report) + return wpa_auth->cb->mic_failure_report(wpa_auth->cb_ctx, addr); return 0; } @@ -77,8 +86,8 @@ static inline int wpa_auth_mic_failure_report( static inline void wpa_auth_psk_failure_report( struct wpa_authenticator *wpa_auth, const u8 *addr) { - if (wpa_auth->cb.psk_failure_report) - wpa_auth->cb.psk_failure_report(wpa_auth->cb.ctx, addr); + if (wpa_auth->cb->psk_failure_report) + wpa_auth->cb->psk_failure_report(wpa_auth->cb_ctx, addr); } @@ -86,38 +95,38 @@ static inline void wpa_auth_set_eapol(struct wpa_authenticator *wpa_auth, const u8 *addr, wpa_eapol_variable var, int value) { - if (wpa_auth->cb.set_eapol) - wpa_auth->cb.set_eapol(wpa_auth->cb.ctx, addr, var, value); + if (wpa_auth->cb->set_eapol) + wpa_auth->cb->set_eapol(wpa_auth->cb_ctx, addr, var, value); } static inline int wpa_auth_get_eapol(struct wpa_authenticator *wpa_auth, const u8 *addr, wpa_eapol_variable var) { - if (wpa_auth->cb.get_eapol == NULL) + if (wpa_auth->cb->get_eapol == NULL) return -1; - return wpa_auth->cb.get_eapol(wpa_auth->cb.ctx, addr, var); + return wpa_auth->cb->get_eapol(wpa_auth->cb_ctx, addr, var); } static inline const u8 * wpa_auth_get_psk(struct wpa_authenticator *wpa_auth, const u8 *addr, const u8 *p2p_dev_addr, - const u8 *prev_psk) + const u8 *prev_psk, size_t *psk_len) { - if (wpa_auth->cb.get_psk == NULL) + if (wpa_auth->cb->get_psk == NULL) return NULL; - return wpa_auth->cb.get_psk(wpa_auth->cb.ctx, addr, p2p_dev_addr, - prev_psk); + return wpa_auth->cb->get_psk(wpa_auth->cb_ctx, addr, p2p_dev_addr, + prev_psk, psk_len); } static inline int wpa_auth_get_msk(struct wpa_authenticator *wpa_auth, const u8 *addr, u8 *msk, size_t *len) { - if (wpa_auth->cb.get_msk == NULL) + if (wpa_auth->cb->get_msk == NULL) return -1; - return wpa_auth->cb.get_msk(wpa_auth->cb.ctx, addr, msk, len); + return wpa_auth->cb->get_msk(wpa_auth->cb_ctx, addr, msk, len); } @@ -126,19 +135,19 @@ static inline int wpa_auth_set_key(struct wpa_authenticator *wpa_auth, enum wpa_alg alg, const u8 *addr, int idx, u8 *key, size_t key_len) { - if (wpa_auth->cb.set_key == NULL) + if (wpa_auth->cb->set_key == NULL) return -1; - return wpa_auth->cb.set_key(wpa_auth->cb.ctx, vlan_id, alg, addr, idx, - key, key_len); + return wpa_auth->cb->set_key(wpa_auth->cb_ctx, vlan_id, alg, addr, idx, + key, key_len); } static inline int wpa_auth_get_seqnum(struct wpa_authenticator *wpa_auth, const u8 *addr, int idx, u8 *seq) { - if (wpa_auth->cb.get_seqnum == NULL) + if (wpa_auth->cb->get_seqnum == NULL) return -1; - return wpa_auth->cb.get_seqnum(wpa_auth->cb.ctx, addr, idx, seq); + return wpa_auth->cb->get_seqnum(wpa_auth->cb_ctx, addr, idx, seq); } @@ -146,10 +155,10 @@ static inline int wpa_auth_send_eapol(struct wpa_authenticator *wpa_auth, const u8 *addr, const u8 *data, size_t data_len, int encrypt) { - if (wpa_auth->cb.send_eapol == NULL) + if (wpa_auth->cb->send_eapol == NULL) return -1; - return wpa_auth->cb.send_eapol(wpa_auth->cb.ctx, addr, data, data_len, - encrypt); + return wpa_auth->cb->send_eapol(wpa_auth->cb_ctx, addr, data, data_len, + encrypt); } @@ -157,9 +166,9 @@ wpa_auth_send_eapol(struct wpa_authenticator *wpa_auth, const u8 *addr, static inline int wpa_auth_start_ampe(struct wpa_authenticator *wpa_auth, const u8 *addr) { - if (wpa_auth->cb.start_ampe == NULL) + if (wpa_auth->cb->start_ampe == NULL) return -1; - return wpa_auth->cb.start_ampe(wpa_auth->cb.ctx, addr); + return wpa_auth->cb->start_ampe(wpa_auth->cb_ctx, addr); } #endif /* CONFIG_MESH */ @@ -168,9 +177,9 @@ int wpa_auth_for_each_sta(struct wpa_authenticator *wpa_auth, int (*cb)(struct wpa_state_machine *sm, void *ctx), void *cb_ctx) { - if (wpa_auth->cb.for_each_sta == NULL) + if (wpa_auth->cb->for_each_sta == NULL) return 0; - return wpa_auth->cb.for_each_sta(wpa_auth->cb.ctx, cb, cb_ctx); + return wpa_auth->cb->for_each_sta(wpa_auth->cb_ctx, cb, cb_ctx); } @@ -178,18 +187,18 @@ int wpa_auth_for_each_auth(struct wpa_authenticator *wpa_auth, int (*cb)(struct wpa_authenticator *a, void *ctx), void *cb_ctx) { - if (wpa_auth->cb.for_each_auth == NULL) + if (wpa_auth->cb->for_each_auth == NULL) return 0; - return wpa_auth->cb.for_each_auth(wpa_auth->cb.ctx, cb, cb_ctx); + return wpa_auth->cb->for_each_auth(wpa_auth->cb_ctx, cb, cb_ctx); } void wpa_auth_logger(struct wpa_authenticator *wpa_auth, const u8 *addr, logger_level level, const char *txt) { - if (wpa_auth->cb.logger == NULL) + if (wpa_auth->cb->logger == NULL) return; - wpa_auth->cb.logger(wpa_auth->cb.ctx, addr, level, txt); + wpa_auth->cb->logger(wpa_auth->cb_ctx, addr, level, txt); } @@ -200,7 +209,7 @@ void wpa_auth_vlogger(struct wpa_authenticator *wpa_auth, const u8 *addr, int maxlen; va_list ap; - if (wpa_auth->cb.logger == NULL) + if (wpa_auth->cb->logger == NULL) return; maxlen = os_strlen(fmt) + 100; @@ -219,30 +228,13 @@ void wpa_auth_vlogger(struct wpa_authenticator *wpa_auth, const u8 *addr, static void wpa_sta_disconnect(struct wpa_authenticator *wpa_auth, - const u8 *addr) + const u8 *addr, u16 reason) { - if (wpa_auth->cb.disconnect == NULL) + if (wpa_auth->cb->disconnect == NULL) return; - wpa_printf(MSG_DEBUG, "wpa_sta_disconnect STA " MACSTR, MAC2STR(addr)); - wpa_auth->cb.disconnect(wpa_auth->cb.ctx, addr, - WLAN_REASON_PREV_AUTH_NOT_VALID); -} - - -static int wpa_use_aes_cmac(struct wpa_state_machine *sm) -{ - int ret = 0; -#ifdef CONFIG_IEEE80211R - if (wpa_key_mgmt_ft(sm->wpa_key_mgmt)) - ret = 1; -#endif /* CONFIG_IEEE80211R */ -#ifdef CONFIG_IEEE80211W - if (wpa_key_mgmt_sha256(sm->wpa_key_mgmt)) - ret = 1; -#endif /* CONFIG_IEEE80211W */ - if (sm->wpa_key_mgmt == WPA_KEY_MGMT_OSEN) - ret = 1; - return ret; + wpa_printf(MSG_DEBUG, "wpa_sta_disconnect STA " MACSTR " (reason %u)", + MAC2STR(addr), reason); + wpa_auth->cb->disconnect(wpa_auth->cb_ctx, addr, reason); } @@ -409,7 +401,8 @@ static struct wpa_group * wpa_group_init(struct wpa_authenticator *wpa_auth, */ struct wpa_authenticator * wpa_init(const u8 *addr, struct wpa_auth_config *conf, - struct wpa_auth_callbacks *cb) + const struct wpa_auth_callbacks *cb, + void *cb_ctx) { struct wpa_authenticator *wpa_auth; @@ -418,7 +411,8 @@ struct wpa_authenticator * wpa_init(const u8 *addr, return NULL; os_memcpy(wpa_auth->addr, addr, ETH_ALEN); os_memcpy(&wpa_auth->conf, conf, sizeof(*conf)); - os_memcpy(&wpa_auth->cb, cb, sizeof(*cb)); + wpa_auth->cb = cb; + wpa_auth->cb_ctx = cb_ctx; if (wpa_auth_gen_wpa_ie(wpa_auth)) { wpa_printf(MSG_ERROR, "Could not generate WPA IE."); @@ -443,7 +437,7 @@ struct wpa_authenticator * wpa_init(const u8 *addr, return NULL; } -#ifdef CONFIG_IEEE80211R +#ifdef CONFIG_IEEE80211R_AP wpa_auth->ft_pmk_cache = wpa_ft_pmk_cache_init(); if (wpa_auth->ft_pmk_cache == NULL) { wpa_printf(MSG_ERROR, "FT PMK cache initialization failed."); @@ -453,7 +447,7 @@ struct wpa_authenticator * wpa_init(const u8 *addr, os_free(wpa_auth); return NULL; } -#endif /* CONFIG_IEEE80211R */ +#endif /* CONFIG_IEEE80211R_AP */ if (wpa_auth->conf.wpa_gmk_rekey) { eloop_register_timeout(wpa_auth->conf.wpa_gmk_rekey, 0, @@ -506,17 +500,13 @@ void wpa_deinit(struct wpa_authenticator *wpa_auth) eloop_cancel_timeout(wpa_rekey_gmk, wpa_auth, NULL); eloop_cancel_timeout(wpa_rekey_gtk, wpa_auth, NULL); -#ifdef CONFIG_PEERKEY - while (wpa_auth->stsl_negotiations) - wpa_stsl_remove(wpa_auth, wpa_auth->stsl_negotiations); -#endif /* CONFIG_PEERKEY */ - pmksa_cache_auth_deinit(wpa_auth->pmksa); -#ifdef CONFIG_IEEE80211R +#ifdef CONFIG_IEEE80211R_AP wpa_ft_pmk_cache_deinit(wpa_auth->ft_pmk_cache); wpa_auth->ft_pmk_cache = NULL; -#endif /* CONFIG_IEEE80211R */ + wpa_ft_deinit(wpa_auth); +#endif /* CONFIG_IEEE80211R_AP */ #ifdef CONFIG_P2P bitfield_free(wpa_auth->ip_pool); @@ -599,16 +589,28 @@ int wpa_auth_sta_associated(struct wpa_authenticator *wpa_auth, if (wpa_auth == NULL || !wpa_auth->conf.wpa || sm == NULL) return -1; -#ifdef CONFIG_IEEE80211R +#ifdef CONFIG_IEEE80211R_AP if (sm->ft_completed) { wpa_auth_logger(wpa_auth, sm->addr, LOGGER_DEBUG, "FT authentication already completed - do not " "start 4-way handshake"); /* Go to PTKINITDONE state to allow GTK rekeying */ sm->wpa_ptk_state = WPA_PTK_PTKINITDONE; + sm->Pair = TRUE; + return 0; + } +#endif /* CONFIG_IEEE80211R_AP */ + +#ifdef CONFIG_FILS + if (sm->fils_completed) { + wpa_auth_logger(wpa_auth, sm->addr, LOGGER_DEBUG, + "FILS authentication already completed - do not start 4-way handshake"); + /* Go to PTKINITDONE state to allow GTK rekeying */ + sm->wpa_ptk_state = WPA_PTK_PTKINITDONE; + sm->Pair = TRUE; return 0; } -#endif /* CONFIG_IEEE80211R */ +#endif /* CONFIG_FILS */ if (sm->started) { os_memset(&sm->key_replay, 0, sizeof(sm->key_replay)); @@ -660,10 +662,10 @@ static void wpa_free_sta_sm(struct wpa_state_machine *sm) sm->group->GKeyDoneStations--; sm->GUpdateStationKeys = FALSE; } -#ifdef CONFIG_IEEE80211R +#ifdef CONFIG_IEEE80211R_AP os_free(sm->assoc_resp_ftie); wpabuf_free(sm->ft_pending_req_ies); -#endif /* CONFIG_IEEE80211R */ +#endif /* CONFIG_IEEE80211R_AP */ os_free(sm->last_rx_eapol_key); os_free(sm->wpa_ie); wpa_group_put(sm->wpa_auth, sm->group); @@ -680,15 +682,19 @@ void wpa_auth_sta_deinit(struct wpa_state_machine *sm) wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG, "strict rekeying - force GTK rekey since STA " "is leaving"); - eloop_cancel_timeout(wpa_rekey_gtk, sm->wpa_auth, NULL); - eloop_register_timeout(0, 500000, wpa_rekey_gtk, sm->wpa_auth, - NULL); + if (eloop_deplete_timeout(0, 500000, wpa_rekey_gtk, + sm->wpa_auth, NULL) == -1) + eloop_register_timeout(0, 500000, wpa_rekey_gtk, sm->wpa_auth, + NULL); } eloop_cancel_timeout(wpa_send_eapol_timeout, sm->wpa_auth, sm); sm->pending_1_of_4_timeout = 0; eloop_cancel_timeout(wpa_sm_call_step, sm, NULL); eloop_cancel_timeout(wpa_rekey_ptk, sm->wpa_auth, sm); +#ifdef CONFIG_IEEE80211R_AP + wpa_ft_sta_deinit(sm); +#endif /* CONFIG_IEEE80211R_AP */ if (sm->in_step_loop) { /* Must not free state machine while wpa_sm_step() is running. * Freeing will be completed in the end of wpa_sm_step(). */ @@ -739,7 +745,7 @@ static void wpa_replay_counter_mark_invalid(struct wpa_key_replay_counter *ctr, } -#ifdef CONFIG_IEEE80211R +#ifdef CONFIG_IEEE80211R_AP static int ft_check_msg_2_of_4(struct wpa_authenticator *wpa_auth, struct wpa_state_machine *sm, struct wpa_eapol_ie_parse *kde) @@ -786,7 +792,7 @@ static int ft_check_msg_2_of_4(struct wpa_authenticator *wpa_auth, return 0; } -#endif /* CONFIG_IEEE80211R */ +#endif /* CONFIG_IEEE80211R_AP */ static int wpa_receive_error_report(struct wpa_authenticator *wpa_auth, @@ -828,29 +834,38 @@ static int wpa_try_alt_snonce(struct wpa_state_machine *sm, u8 *data, struct wpa_ptk PTK; int ok = 0; const u8 *pmk = NULL; - unsigned int pmk_len; + size_t pmk_len; + os_memset(&PTK, 0, sizeof(PTK)); for (;;) { - if (wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt)) { + if (wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt) && + !wpa_key_mgmt_sae(sm->wpa_key_mgmt)) { pmk = wpa_auth_get_psk(sm->wpa_auth, sm->addr, - sm->p2p_dev_addr, pmk); + sm->p2p_dev_addr, pmk, &pmk_len); if (pmk == NULL) break; - pmk_len = PMK_LEN; +#ifdef CONFIG_IEEE80211R_AP + if (wpa_key_mgmt_ft_psk(sm->wpa_key_mgmt)) { + os_memcpy(sm->xxkey, pmk, pmk_len); + sm->xxkey_len = pmk_len; + } +#endif /* CONFIG_IEEE80211R_AP */ } else { pmk = sm->PMK; pmk_len = sm->pmk_len; } - wpa_derive_ptk(sm, sm->alt_SNonce, pmk, pmk_len, &PTK); + if (wpa_derive_ptk(sm, sm->alt_SNonce, pmk, pmk_len, &PTK) < 0) + break; - if (wpa_verify_key_mic(sm->wpa_key_mgmt, &PTK, data, data_len) - == 0) { + if (wpa_verify_key_mic(sm->wpa_key_mgmt, pmk_len, &PTK, + data, data_len) == 0) { ok = 1; break; } - if (!wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt)) + if (!wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt) || + wpa_key_mgmt_sae(sm->wpa_key_mgmt)) break; } @@ -877,39 +892,41 @@ void wpa_receive(struct wpa_authenticator *wpa_auth, { struct ieee802_1x_hdr *hdr; struct wpa_eapol_key *key; - struct wpa_eapol_key_192 *key192; u16 key_info, key_data_length; - enum { PAIRWISE_2, PAIRWISE_4, GROUP_2, REQUEST, - SMK_M1, SMK_M3, SMK_ERROR } msg; + enum { PAIRWISE_2, PAIRWISE_4, GROUP_2, REQUEST } msg; char *msgtxt; struct wpa_eapol_ie_parse kde; - int ft; - const u8 *eapol_key_ie, *key_data; - size_t eapol_key_ie_len, keyhdrlen, mic_len; + const u8 *key_data; + size_t keyhdrlen, mic_len; + u8 *mic; if (wpa_auth == NULL || !wpa_auth->conf.wpa || sm == NULL) return; + wpa_hexdump(MSG_MSGDUMP, "WPA: RX EAPOL data", data, data_len); - mic_len = wpa_mic_len(sm->wpa_key_mgmt); - keyhdrlen = mic_len == 24 ? sizeof(*key192) : sizeof(*key); + mic_len = wpa_mic_len(sm->wpa_key_mgmt, sm->pmk_len); + keyhdrlen = sizeof(*key) + mic_len + 2; - if (data_len < sizeof(*hdr) + keyhdrlen) + if (data_len < sizeof(*hdr) + keyhdrlen) { + wpa_printf(MSG_DEBUG, "WPA: Ignore too short EAPOL-Key frame"); return; + } hdr = (struct ieee802_1x_hdr *) data; key = (struct wpa_eapol_key *) (hdr + 1); - key192 = (struct wpa_eapol_key_192 *) (hdr + 1); + mic = (u8 *) (key + 1); key_info = WPA_GET_BE16(key->key_info); - if (mic_len == 24) { - key_data = (const u8 *) (key192 + 1); - key_data_length = WPA_GET_BE16(key192->key_data_length); - } else { - key_data = (const u8 *) (key + 1); - key_data_length = WPA_GET_BE16(key->key_data_length); - } + key_data = mic + mic_len + 2; + key_data_length = WPA_GET_BE16(mic + mic_len); wpa_printf(MSG_DEBUG, "WPA: Received EAPOL-Key from " MACSTR - " key_info=0x%x type=%u key_data_length=%u", - MAC2STR(sm->addr), key_info, key->type, key_data_length); + " key_info=0x%x type=%u mic_len=%u key_data_length=%u", + MAC2STR(sm->addr), key_info, key->type, + (unsigned int) mic_len, key_data_length); + wpa_hexdump(MSG_MSGDUMP, + "WPA: EAPOL-Key header (ending before Key MIC)", + key, sizeof(*key)); + wpa_hexdump(MSG_MSGDUMP, "WPA: EAPOL-Key Key MIC", + mic, mic_len); if (key_data_length > data_len - sizeof(*hdr) - keyhdrlen) { wpa_printf(MSG_INFO, "WPA: Invalid EAPOL-Key frame - " "key_data overflow (%d > %lu)", @@ -950,25 +967,20 @@ void wpa_receive(struct wpa_authenticator *wpa_auth, /* FIX: verify that the EAPOL-Key frame was encrypted if pairwise keys * are set */ - if ((key_info & (WPA_KEY_INFO_SMK_MESSAGE | WPA_KEY_INFO_REQUEST)) == - (WPA_KEY_INFO_SMK_MESSAGE | WPA_KEY_INFO_REQUEST)) { - if (key_info & WPA_KEY_INFO_ERROR) { - msg = SMK_ERROR; - msgtxt = "SMK Error"; - } else { - msg = SMK_M1; - msgtxt = "SMK M1"; - } - } else if (key_info & WPA_KEY_INFO_SMK_MESSAGE) { - msg = SMK_M3; - msgtxt = "SMK M3"; - } else if (key_info & WPA_KEY_INFO_REQUEST) { + if (key_info & WPA_KEY_INFO_SMK_MESSAGE) { + wpa_printf(MSG_DEBUG, "WPA: Ignore SMK message"); + return; + } + + if (key_info & WPA_KEY_INFO_REQUEST) { msg = REQUEST; msgtxt = "Request"; } else if (!(key_info & WPA_KEY_INFO_KEY_TYPE)) { msg = GROUP_2; msgtxt = "2/2 Group"; - } else if (key_data_length == 0) { + } else if (key_data_length == 0 || + (mic_len == 0 && (key_info & WPA_KEY_INFO_ENCR_KEY_DATA) && + key_data_length == AES_BLOCK_SIZE)) { msg = PAIRWISE_4; msgtxt = "4/4 Pairwise"; } else { @@ -976,15 +988,13 @@ void wpa_receive(struct wpa_authenticator *wpa_auth, msgtxt = "2/4 Pairwise"; } - /* TODO: key_info type validation for PeerKey */ if (msg == REQUEST || msg == PAIRWISE_2 || msg == PAIRWISE_4 || msg == GROUP_2) { u16 ver = key_info & WPA_KEY_INFO_TYPE_MASK; if (sm->pairwise == WPA_CIPHER_CCMP || sm->pairwise == WPA_CIPHER_GCMP) { - if (wpa_use_aes_cmac(sm) && - sm->wpa_key_mgmt != WPA_KEY_MGMT_OSEN && - !wpa_key_mgmt_suite_b(sm->wpa_key_mgmt) && + if (wpa_use_cmac(sm->wpa_key_mgmt) && + !wpa_use_akm_defined(sm->wpa_key_mgmt) && ver != WPA_KEY_INFO_TYPE_AES_128_CMAC) { wpa_auth_logger(wpa_auth, sm->addr, LOGGER_WARNING, @@ -994,7 +1004,8 @@ void wpa_receive(struct wpa_authenticator *wpa_auth, return; } - if (!wpa_use_aes_cmac(sm) && + if (!wpa_use_cmac(sm->wpa_key_mgmt) && + !wpa_use_akm_defined(sm->wpa_key_mgmt) && ver != WPA_KEY_INFO_TYPE_HMAC_SHA1_AES) { wpa_auth_logger(wpa_auth, sm->addr, LOGGER_WARNING, @@ -1004,7 +1015,7 @@ void wpa_receive(struct wpa_authenticator *wpa_auth, } } - if (wpa_key_mgmt_suite_b(sm->wpa_key_mgmt) && + if (wpa_use_akm_defined(sm->wpa_key_mgmt) && ver != WPA_KEY_INFO_TYPE_AKM_DEFINED) { wpa_auth_logger(wpa_auth, sm->addr, LOGGER_WARNING, "did not use EAPOL-Key descriptor version 0 as required for AKM-defined cases"); @@ -1092,6 +1103,15 @@ void wpa_receive(struct wpa_authenticator *wpa_auth, } continue_processing: +#ifdef CONFIG_FILS + if (sm->wpa == WPA_VERSION_WPA2 && mic_len == 0 && + !(key_info & WPA_KEY_INFO_ENCR_KEY_DATA)) { + wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_DEBUG, + "WPA: Encr Key Data bit not set even though AEAD cipher is supposed to be used - drop frame"); + return; + } +#endif /* CONFIG_FILS */ + switch (msg) { case PAIRWISE_2: if (sm->wpa_ptk_state != WPA_PTK_PTKSTART && @@ -1119,70 +1139,10 @@ continue_processing: "collect more entropy for random number " "generation"); random_mark_pool_ready(); - wpa_sta_disconnect(wpa_auth, sm->addr); - return; - } - if (wpa_parse_kde_ies(key_data, key_data_length, &kde) < 0) { - wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_INFO, - "received EAPOL-Key msg 2/4 with " - "invalid Key Data contents"); - return; - } - if (kde.rsn_ie) { - eapol_key_ie = kde.rsn_ie; - eapol_key_ie_len = kde.rsn_ie_len; - } else if (kde.osen) { - eapol_key_ie = kde.osen; - eapol_key_ie_len = kde.osen_len; - } else { - eapol_key_ie = kde.wpa_ie; - eapol_key_ie_len = kde.wpa_ie_len; - } - ft = sm->wpa == WPA_VERSION_WPA2 && - wpa_key_mgmt_ft(sm->wpa_key_mgmt); - if (sm->wpa_ie == NULL || - wpa_compare_rsn_ie(ft, - sm->wpa_ie, sm->wpa_ie_len, - eapol_key_ie, eapol_key_ie_len)) { - wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO, - "WPA IE from (Re)AssocReq did not " - "match with msg 2/4"); - if (sm->wpa_ie) { - wpa_hexdump(MSG_DEBUG, "WPA IE in AssocReq", - sm->wpa_ie, sm->wpa_ie_len); - } - wpa_hexdump(MSG_DEBUG, "WPA IE in msg 2/4", - eapol_key_ie, eapol_key_ie_len); - /* MLME-DEAUTHENTICATE.request */ - wpa_sta_disconnect(wpa_auth, sm->addr); + wpa_sta_disconnect(wpa_auth, sm->addr, + WLAN_REASON_PREV_AUTH_NOT_VALID); return; } -#ifdef CONFIG_IEEE80211R - if (ft && ft_check_msg_2_of_4(wpa_auth, sm, &kde) < 0) { - wpa_sta_disconnect(wpa_auth, sm->addr); - return; - } -#endif /* CONFIG_IEEE80211R */ -#ifdef CONFIG_P2P - if (kde.ip_addr_req && kde.ip_addr_req[0] && - wpa_auth->ip_pool && WPA_GET_BE32(sm->ip_addr) == 0) { - int idx; - wpa_printf(MSG_DEBUG, "P2P: IP address requested in " - "EAPOL-Key exchange"); - idx = bitfield_get_first_zero(wpa_auth->ip_pool); - if (idx >= 0) { - u32 start = WPA_GET_BE32(wpa_auth->conf. - ip_addr_start); - bitfield_set(wpa_auth->ip_pool, idx); - WPA_PUT_BE32(sm->ip_addr, start + idx); - wpa_printf(MSG_DEBUG, "P2P: Assigned IP " - "address %u.%u.%u.%u to " MACSTR, - sm->ip_addr[0], sm->ip_addr[1], - sm->ip_addr[2], sm->ip_addr[3], - MAC2STR(sm->addr)); - } - } -#endif /* CONFIG_P2P */ break; case PAIRWISE_4: if (sm->wpa_ptk_state != WPA_PTK_PTKINITNEGOTIATING || @@ -1204,28 +1164,6 @@ continue_processing: return; } break; -#ifdef CONFIG_PEERKEY - case SMK_M1: - case SMK_M3: - case SMK_ERROR: - if (!wpa_auth->conf.peerkey) { - wpa_printf(MSG_DEBUG, "RSN: SMK M1/M3/Error, but " - "PeerKey use disabled - ignoring message"); - return; - } - if (!sm->PTK_valid) { - wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO, - "received EAPOL-Key msg SMK in " - "invalid state - dropped"); - return; - } - break; -#else /* CONFIG_PEERKEY */ - case SMK_M1: - case SMK_M3: - case SMK_ERROR: - return; /* STSL disabled - ignore SMK messages */ -#endif /* CONFIG_PEERKEY */ case REQUEST: break; } @@ -1239,22 +1177,42 @@ continue_processing: return; } - if (!(key_info & WPA_KEY_INFO_MIC)) { + if (!wpa_key_mgmt_fils(sm->wpa_key_mgmt) && + !(key_info & WPA_KEY_INFO_MIC)) { wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO, "received invalid EAPOL-Key: Key MIC not set"); return; } +#ifdef CONFIG_FILS + if (wpa_key_mgmt_fils(sm->wpa_key_mgmt) && + (key_info & WPA_KEY_INFO_MIC)) { + wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO, + "received invalid EAPOL-Key: Key MIC set"); + return; + } +#endif /* CONFIG_FILS */ + sm->MICVerified = FALSE; if (sm->PTK_valid && !sm->update_snonce) { - if (wpa_verify_key_mic(sm->wpa_key_mgmt, &sm->PTK, data, - data_len) && + if (mic_len && + wpa_verify_key_mic(sm->wpa_key_mgmt, sm->pmk_len, &sm->PTK, + data, data_len) && (msg != PAIRWISE_4 || !sm->alt_snonce_valid || wpa_try_alt_snonce(sm, data, data_len))) { wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO, "received EAPOL-Key with invalid MIC"); return; } +#ifdef CONFIG_FILS + if (!mic_len && + wpa_aead_decrypt(sm, &sm->PTK, data, data_len, + &key_data_length) < 0) { + wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO, + "received EAPOL-Key with invalid MIC"); + return; + } +#endif /* CONFIG_FILS */ sm->MICVerified = TRUE; eloop_cancel_timeout(wpa_send_eapol_timeout, wpa_auth, sm); sm->pending_1_of_4_timeout = 0; @@ -1277,12 +1235,7 @@ continue_processing: * even though MAC address KDE is not normally encrypted, * supplicant is allowed to encrypt it. */ - if (msg == SMK_ERROR) { -#ifdef CONFIG_PEERKEY - wpa_smk_error(wpa_auth, sm, key_data, key_data_length); -#endif /* CONFIG_PEERKEY */ - return; - } else if (key_info & WPA_KEY_INFO_ERROR) { + if (key_info & WPA_KEY_INFO_ERROR) { if (wpa_receive_error_report( wpa_auth, sm, !(key_info & WPA_KEY_INFO_KEY_TYPE)) > 0) @@ -1292,11 +1245,6 @@ continue_processing: "received EAPOL-Key Request for new " "4-Way Handshake"); wpa_request_new_ptk(sm); -#ifdef CONFIG_PEERKEY - } else if (msg == SMK_M1) { - wpa_smk_m1(wpa_auth, sm, key, key_data, - key_data_length); -#endif /* CONFIG_PEERKEY */ } else if (key_data_length > 0 && wpa_parse_kde_ies(key_data, key_data_length, &kde) == 0 && @@ -1335,18 +1283,10 @@ continue_processing: wpa_replay_counter_mark_invalid(sm->key_replay, NULL); } -#ifdef CONFIG_PEERKEY - if (msg == SMK_M3) { - wpa_smk_m3(wpa_auth, sm, key, key_data, key_data_length); - return; - } -#endif /* CONFIG_PEERKEY */ - os_free(sm->last_rx_eapol_key); - sm->last_rx_eapol_key = os_malloc(data_len); + sm->last_rx_eapol_key = os_memdup(data, data_len); if (sm->last_rx_eapol_key == NULL) return; - os_memcpy(sm->last_rx_eapol_key, data, data_len); sm->last_rx_eapol_key_len = data_len; sm->rx_eapol_key_secure = !!(key_info & WPA_KEY_INFO_SECURE); @@ -1361,7 +1301,7 @@ continue_processing: static int wpa_gmk_to_gtk(const u8 *gmk, const char *label, const u8 *addr, const u8 *gnonce, u8 *gtk, size_t gtk_len) { - u8 data[ETH_ALEN + WPA_NONCE_LEN + 8 + 16]; + u8 data[ETH_ALEN + WPA_NONCE_LEN + 8 + WPA_GTK_MAX_LEN]; u8 *pos; int ret = 0; @@ -1372,21 +1312,30 @@ static int wpa_gmk_to_gtk(const u8 *gmk, const char *label, const u8 *addr, * is done only at the Authenticator and as such, does not need to be * exactly same. */ + os_memset(data, 0, sizeof(data)); os_memcpy(data, addr, ETH_ALEN); os_memcpy(data + ETH_ALEN, gnonce, WPA_NONCE_LEN); pos = data + ETH_ALEN + WPA_NONCE_LEN; wpa_get_ntp_timestamp(pos); pos += 8; - if (random_get_bytes(pos, 16) < 0) + if (random_get_bytes(pos, gtk_len) < 0) ret = -1; -#ifdef CONFIG_IEEE80211W - sha256_prf(gmk, WPA_GMK_LEN, label, data, sizeof(data), gtk, gtk_len); -#else /* CONFIG_IEEE80211W */ - if (sha1_prf(gmk, WPA_GMK_LEN, label, data, sizeof(data), gtk, gtk_len) - < 0) +#ifdef CONFIG_SHA384 + if (sha384_prf(gmk, WPA_GMK_LEN, label, data, sizeof(data), + gtk, gtk_len) < 0) ret = -1; -#endif /* CONFIG_IEEE80211W */ +#else /* CONFIG_SHA384 */ +#ifdef CONFIG_SHA256 + if (sha256_prf(gmk, WPA_GMK_LEN, label, data, sizeof(data), + gtk, gtk_len) < 0) + ret = -1; +#else /* CONFIG_SHA256 */ + if (sha1_prf(gmk, WPA_GMK_LEN, label, data, sizeof(data), + gtk, gtk_len) < 0) + ret = -1; +#endif /* CONFIG_SHA256 */ +#endif /* CONFIG_SHA384 */ return ret; } @@ -1412,26 +1361,24 @@ void __wpa_send_eapol(struct wpa_authenticator *wpa_auth, { struct ieee802_1x_hdr *hdr; struct wpa_eapol_key *key; - struct wpa_eapol_key_192 *key192; size_t len, mic_len, keyhdrlen; int alg; int key_data_len, pad_len = 0; u8 *buf, *pos; int version, pairwise; int i; - u8 *key_data; + u8 *key_mic, *key_data; - mic_len = wpa_mic_len(sm->wpa_key_mgmt); - keyhdrlen = mic_len == 24 ? sizeof(*key192) : sizeof(*key); + mic_len = wpa_mic_len(sm->wpa_key_mgmt, sm->pmk_len); + keyhdrlen = sizeof(*key) + mic_len + 2; len = sizeof(struct ieee802_1x_hdr) + keyhdrlen; if (force_version) version = force_version; - else if (sm->wpa_key_mgmt == WPA_KEY_MGMT_OSEN || - wpa_key_mgmt_suite_b(sm->wpa_key_mgmt)) + else if (wpa_use_akm_defined(sm->wpa_key_mgmt)) version = WPA_KEY_INFO_TYPE_AKM_DEFINED; - else if (wpa_use_aes_cmac(sm)) + else if (wpa_use_cmac(sm->wpa_key_mgmt)) version = WPA_KEY_INFO_TYPE_AES_128_CMAC; else if (sm->pairwise != WPA_CIPHER_TKIP) version = WPA_KEY_INFO_TYPE_HMAC_SHA1_AES; @@ -1453,8 +1400,7 @@ void __wpa_send_eapol(struct wpa_authenticator *wpa_auth, key_data_len = kde_len; if ((version == WPA_KEY_INFO_TYPE_HMAC_SHA1_AES || - sm->wpa_key_mgmt == WPA_KEY_MGMT_OSEN || - wpa_key_mgmt_suite_b(sm->wpa_key_mgmt) || + wpa_use_aes_key_wrap(sm->wpa_key_mgmt) || version == WPA_KEY_INFO_TYPE_AES_128_CMAC) && encr) { pad_len = key_data_len % 8; if (pad_len) @@ -1463,6 +1409,8 @@ void __wpa_send_eapol(struct wpa_authenticator *wpa_auth, } len += key_data_len; + if (!mic_len && encr) + len += AES_BLOCK_SIZE; hdr = os_zalloc(len); if (hdr == NULL) @@ -1471,7 +1419,7 @@ void __wpa_send_eapol(struct wpa_authenticator *wpa_auth, hdr->type = IEEE802_1X_TYPE_EAPOL_KEY; hdr->length = host_to_be16(len - sizeof(*hdr)); key = (struct wpa_eapol_key *) (hdr + 1); - key192 = (struct wpa_eapol_key_192 *) (hdr + 1); + key_mic = (u8 *) (key + 1); key_data = ((u8 *) (hdr + 1)) + keyhdrlen; key->type = sm->wpa == WPA_VERSION_WPA2 ? @@ -1484,11 +1432,11 @@ void __wpa_send_eapol(struct wpa_authenticator *wpa_auth, WPA_PUT_BE16(key->key_info, key_info); alg = pairwise ? sm->pairwise : wpa_auth->conf.wpa_group; - WPA_PUT_BE16(key->key_length, wpa_cipher_key_len(alg)); - if (key_info & WPA_KEY_INFO_SMK_MESSAGE) + if (sm->wpa == WPA_VERSION_WPA2 && !pairwise) WPA_PUT_BE16(key->key_length, 0); + else + WPA_PUT_BE16(key->key_length, wpa_cipher_key_len(alg)); - /* FIX: STSL: what to use as key_replay_counter? */ for (i = RSNA_MAX_EAPOL_RETRIES - 1; i > 0; i--) { sm->key_replay[i].valid = sm->key_replay[i - 1].valid; os_memcpy(sm->key_replay[i].counter, @@ -1510,10 +1458,31 @@ void __wpa_send_eapol(struct wpa_authenticator *wpa_auth, if (kde && !encr) { os_memcpy(key_data, kde, kde_len); - if (mic_len == 24) - WPA_PUT_BE16(key192->key_data_length, kde_len); - else - WPA_PUT_BE16(key->key_data_length, kde_len); + WPA_PUT_BE16(key_mic + mic_len, kde_len); +#ifdef CONFIG_FILS + } else if (!mic_len && kde) { + const u8 *aad[1]; + size_t aad_len[1]; + + WPA_PUT_BE16(key_mic, AES_BLOCK_SIZE + kde_len); + wpa_hexdump_key(MSG_DEBUG, "Plaintext EAPOL-Key Key Data", + kde, kde_len); + + wpa_hexdump_key(MSG_DEBUG, "WPA: KEK", + sm->PTK.kek, sm->PTK.kek_len); + /* AES-SIV AAD from EAPOL protocol version field (inclusive) to + * to Key Data (exclusive). */ + aad[0] = (u8 *) hdr; + aad_len[0] = key_mic + 2 - (u8 *) hdr; + if (aes_siv_encrypt(sm->PTK.kek, sm->PTK.kek_len, kde, kde_len, + 1, aad, aad_len, key_mic + 2) < 0) { + wpa_printf(MSG_DEBUG, "WPA: AES-SIV encryption failed"); + return; + } + + wpa_hexdump(MSG_DEBUG, "WPA: Encrypted Key Data from SIV", + key_mic + 2, AES_BLOCK_SIZE + kde_len); +#endif /* CONFIG_FILS */ } else if (encr && kde) { buf = os_zalloc(key_data_len); if (buf == NULL) { @@ -1530,24 +1499,24 @@ void __wpa_send_eapol(struct wpa_authenticator *wpa_auth, wpa_hexdump_key(MSG_DEBUG, "Plaintext EAPOL-Key Key Data", buf, key_data_len); if (version == WPA_KEY_INFO_TYPE_HMAC_SHA1_AES || - sm->wpa_key_mgmt == WPA_KEY_MGMT_OSEN || - wpa_key_mgmt_suite_b(sm->wpa_key_mgmt) || + wpa_use_aes_key_wrap(sm->wpa_key_mgmt) || version == WPA_KEY_INFO_TYPE_AES_128_CMAC) { + wpa_printf(MSG_DEBUG, + "WPA: Encrypt Key Data using AES-WRAP (KEK length %u)", + (unsigned int) sm->PTK.kek_len); if (aes_wrap(sm->PTK.kek, sm->PTK.kek_len, (key_data_len - 8) / 8, buf, key_data)) { os_free(hdr); os_free(buf); return; } - if (mic_len == 24) - WPA_PUT_BE16(key192->key_data_length, - key_data_len); - else - WPA_PUT_BE16(key->key_data_length, - key_data_len); + WPA_PUT_BE16(key_mic + mic_len, key_data_len); #ifndef CONFIG_NO_RC4 } else if (sm->PTK.kek_len == 16) { u8 ek[32]; + + wpa_printf(MSG_DEBUG, + "WPA: Encrypt Key Data using RC4"); os_memcpy(key->key_iv, sm->group->Counter + WPA_NONCE_LEN - 16, 16); inc_byte_array(sm->group->Counter, WPA_NONCE_LEN); @@ -1555,12 +1524,7 @@ void __wpa_send_eapol(struct wpa_authenticator *wpa_auth, os_memcpy(ek + 16, sm->PTK.kek, sm->PTK.kek_len); os_memcpy(key_data, buf, key_data_len); rc4_skip(ek, 32, 256, key_data, key_data_len); - if (mic_len == 24) - WPA_PUT_BE16(key192->key_data_length, - key_data_len); - else - WPA_PUT_BE16(key->key_data_length, - key_data_len); + WPA_PUT_BE16(key_mic + mic_len, key_data_len); #endif /* CONFIG_NO_RC4 */ } else { os_free(hdr); @@ -1571,9 +1535,7 @@ void __wpa_send_eapol(struct wpa_authenticator *wpa_auth, } if (key_info & WPA_KEY_INFO_MIC) { - u8 *key_mic; - - if (!sm->PTK_valid) { + if (!sm->PTK_valid || !mic_len) { wpa_auth_logger(wpa_auth, sm->addr, LOGGER_DEBUG, "PTK not valid when sending EAPOL-Key " "frame"); @@ -1581,10 +1543,12 @@ void __wpa_send_eapol(struct wpa_authenticator *wpa_auth, return; } - key_mic = key192->key_mic; /* same offset for key and key192 */ - wpa_eapol_key_mic(sm->PTK.kck, sm->PTK.kck_len, - sm->wpa_key_mgmt, version, - (u8 *) hdr, len, key_mic); + if (wpa_eapol_key_mic(sm->PTK.kck, sm->PTK.kck_len, + sm->wpa_key_mgmt, version, + (u8 *) hdr, len, key_mic) < 0) { + os_free(hdr); + return; + } #ifdef CONFIG_TESTING_OPTIONS if (!pairwise && wpa_auth->conf.corrupt_gtk_rekey_mic_probability > 0.0 && @@ -1613,7 +1577,7 @@ static void wpa_send_eapol(struct wpa_authenticator *wpa_auth, { int timeout_ms; int pairwise = key_info & WPA_KEY_INFO_KEY_TYPE; - int ctr; + u32 ctr; if (sm == NULL) return; @@ -1627,41 +1591,43 @@ static void wpa_send_eapol(struct wpa_authenticator *wpa_auth, eapol_key_timeout_first_group; else timeout_ms = eapol_key_timeout_subseq; + if (wpa_auth->conf.wpa_disable_eapol_key_retries && + (!pairwise || (key_info & WPA_KEY_INFO_MIC))) + timeout_ms = eapol_key_timeout_no_retrans; if (pairwise && ctr == 1 && !(key_info & WPA_KEY_INFO_MIC)) sm->pending_1_of_4_timeout = 1; wpa_printf(MSG_DEBUG, "WPA: Use EAPOL-Key timeout of %u ms (retry " - "counter %d)", timeout_ms, ctr); + "counter %u)", timeout_ms, ctr); eloop_register_timeout(timeout_ms / 1000, (timeout_ms % 1000) * 1000, wpa_send_eapol_timeout, wpa_auth, sm); } -static int wpa_verify_key_mic(int akmp, struct wpa_ptk *PTK, u8 *data, - size_t data_len) +static int wpa_verify_key_mic(int akmp, size_t pmk_len, struct wpa_ptk *PTK, + u8 *data, size_t data_len) { struct ieee802_1x_hdr *hdr; struct wpa_eapol_key *key; - struct wpa_eapol_key_192 *key192; u16 key_info; int ret = 0; - u8 mic[WPA_EAPOL_KEY_MIC_MAX_LEN]; - size_t mic_len = wpa_mic_len(akmp); + u8 mic[WPA_EAPOL_KEY_MIC_MAX_LEN], *mic_pos; + size_t mic_len = wpa_mic_len(akmp, pmk_len); if (data_len < sizeof(*hdr) + sizeof(*key)) return -1; hdr = (struct ieee802_1x_hdr *) data; key = (struct wpa_eapol_key *) (hdr + 1); - key192 = (struct wpa_eapol_key_192 *) (hdr + 1); + mic_pos = (u8 *) (key + 1); key_info = WPA_GET_BE16(key->key_info); - os_memcpy(mic, key192->key_mic, mic_len); - os_memset(key192->key_mic, 0, mic_len); + os_memcpy(mic, mic_pos, mic_len); + os_memset(mic_pos, 0, mic_len); if (wpa_eapol_key_mic(PTK->kck, PTK->kck_len, akmp, key_info & WPA_KEY_INFO_TYPE_MASK, - data, data_len, key192->key_mic) || - os_memcmp_const(mic, key192->key_mic, mic_len) != 0) + data, data_len, mic_pos) || + os_memcmp_const(mic, mic_pos, mic_len) != 0) ret = -1; - os_memcpy(key192->key_mic, mic, mic_len); + os_memcpy(mic_pos, mic, mic_len); return ret; } @@ -1670,7 +1636,10 @@ void wpa_remove_ptk(struct wpa_state_machine *sm) { sm->PTK_valid = FALSE; os_memset(&sm->PTK, 0, sizeof(sm->PTK)); - wpa_auth_set_key(sm->wpa_auth, 0, WPA_ALG_NONE, sm->addr, 0, NULL, 0); + if (wpa_auth_set_key(sm->wpa_auth, 0, WPA_ALG_NONE, sm->addr, 0, NULL, + 0)) + wpa_printf(MSG_DEBUG, + "RSN: PTK removal from the driver failed"); sm->pairwise_set = FALSE; eloop_cancel_timeout(wpa_rekey_ptk, sm->wpa_auth, sm); } @@ -1734,7 +1703,7 @@ int wpa_auth_sm_event(struct wpa_state_machine *sm, enum wpa_event event) sm->ReAuthenticationRequest = TRUE; break; case WPA_ASSOC_FT: -#ifdef CONFIG_IEEE80211R +#ifdef CONFIG_IEEE80211R_AP wpa_printf(MSG_DEBUG, "FT: Retry PTK configuration " "after association"); wpa_ft_install_ptk(sm); @@ -1742,22 +1711,37 @@ int wpa_auth_sm_event(struct wpa_state_machine *sm, enum wpa_event event) /* Using FT protocol, not WPA auth state machine */ sm->ft_completed = 1; return 0; -#else /* CONFIG_IEEE80211R */ +#else /* CONFIG_IEEE80211R_AP */ + break; +#endif /* CONFIG_IEEE80211R_AP */ + case WPA_ASSOC_FILS: +#ifdef CONFIG_FILS + wpa_printf(MSG_DEBUG, + "FILS: TK configuration after association"); + fils_set_tk(sm); + sm->fils_completed = 1; + return 0; +#else /* CONFIG_FILS */ break; -#endif /* CONFIG_IEEE80211R */ +#endif /* CONFIG_FILS */ case WPA_DRV_STA_REMOVED: sm->tk_already_set = FALSE; return 0; } -#ifdef CONFIG_IEEE80211R +#ifdef CONFIG_IEEE80211R_AP sm->ft_completed = 0; -#endif /* CONFIG_IEEE80211R */ +#endif /* CONFIG_IEEE80211R_AP */ #ifdef CONFIG_IEEE80211W if (sm->mgmt_frame_prot && event == WPA_AUTH) remove_ptk = 0; #endif /* CONFIG_IEEE80211W */ +#ifdef CONFIG_FILS + if (wpa_key_mgmt_fils(sm->wpa_key_mgmt) && + (event == WPA_AUTH || event == WPA_ASSOC)) + remove_ptk = 0; +#endif /* CONFIG_FILS */ if (remove_ptk) { sm->PTK_valid = FALSE; @@ -1802,7 +1786,9 @@ SM_STATE(WPA_PTK, INITIALIZE) wpa_remove_ptk(sm); wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_portValid, 0); sm->TimeoutCtr = 0; - if (wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt)) { + if (wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt) || + sm->wpa_key_mgmt == WPA_KEY_MGMT_DPP || + sm->wpa_key_mgmt == WPA_KEY_MGMT_OWE) { wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_authorized, 0); } @@ -1811,9 +1797,14 @@ SM_STATE(WPA_PTK, INITIALIZE) SM_STATE(WPA_PTK, DISCONNECT) { + u16 reason = sm->disconnect_reason; + SM_ENTRY_MA(WPA_PTK, DISCONNECT, wpa_ptk); sm->Disconnect = FALSE; - wpa_sta_disconnect(sm->wpa_auth, sm->addr); + sm->disconnect_reason = 0; + if (!reason) + reason = WLAN_REASON_PREV_AUTH_NOT_VALID; + wpa_sta_disconnect(sm->wpa_auth, sm->addr, reason); } @@ -1922,17 +1913,25 @@ SM_STATE(WPA_PTK, INITPMK) size_t len = 2 * PMK_LEN; SM_ENTRY_MA(WPA_PTK, INITPMK, wpa_ptk); -#ifdef CONFIG_IEEE80211R +#ifdef CONFIG_IEEE80211R_AP sm->xxkey_len = 0; -#endif /* CONFIG_IEEE80211R */ +#endif /* CONFIG_IEEE80211R_AP */ if (sm->pmksa) { wpa_printf(MSG_DEBUG, "WPA: PMK from PMKSA cache"); os_memcpy(sm->PMK, sm->pmksa->pmk, sm->pmksa->pmk_len); sm->pmk_len = sm->pmksa->pmk_len; +#ifdef CONFIG_DPP + } else if (sm->wpa_key_mgmt == WPA_KEY_MGMT_DPP) { + wpa_printf(MSG_DEBUG, + "DPP: No PMKSA cache entry for STA - reject connection"); + sm->Disconnect = TRUE; + sm->disconnect_reason = WLAN_REASON_INVALID_PMKID; + return; +#endif /* CONFIG_DPP */ } else if (wpa_auth_get_msk(sm->wpa_auth, sm->addr, msk, &len) == 0) { unsigned int pmk_len; - if (sm->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) + if (wpa_key_mgmt_sha384(sm->wpa_key_mgmt)) pmk_len = PMK_LEN_SUITE_B_192; else pmk_len = PMK_LEN; @@ -1948,15 +1947,20 @@ SM_STATE(WPA_PTK, INITPMK) } os_memcpy(sm->PMK, msk, pmk_len); sm->pmk_len = pmk_len; -#ifdef CONFIG_IEEE80211R +#ifdef CONFIG_IEEE80211R_AP if (len >= 2 * PMK_LEN) { - os_memcpy(sm->xxkey, msk + PMK_LEN, PMK_LEN); - sm->xxkey_len = PMK_LEN; + if (wpa_key_mgmt_sha384(sm->wpa_key_mgmt)) { + os_memcpy(sm->xxkey, msk, SHA384_MAC_LEN); + sm->xxkey_len = SHA384_MAC_LEN; + } else { + os_memcpy(sm->xxkey, msk + PMK_LEN, PMK_LEN); + sm->xxkey_len = PMK_LEN; + } } -#endif /* CONFIG_IEEE80211R */ +#endif /* CONFIG_IEEE80211R_AP */ } else { wpa_printf(MSG_DEBUG, "WPA: Could not get PMK, get_msk: %p", - sm->wpa_auth->cb.get_msk); + sm->wpa_auth->cb->get_msk); sm->Disconnect = TRUE; return; } @@ -1978,16 +1982,26 @@ SM_STATE(WPA_PTK, INITPMK) SM_STATE(WPA_PTK, INITPSK) { const u8 *psk; + size_t psk_len; + SM_ENTRY_MA(WPA_PTK, INITPSK, wpa_ptk); - psk = wpa_auth_get_psk(sm->wpa_auth, sm->addr, sm->p2p_dev_addr, NULL); + psk = wpa_auth_get_psk(sm->wpa_auth, sm->addr, sm->p2p_dev_addr, NULL, + &psk_len); if (psk) { - os_memcpy(sm->PMK, psk, PMK_LEN); - sm->pmk_len = PMK_LEN; -#ifdef CONFIG_IEEE80211R + os_memcpy(sm->PMK, psk, psk_len); + sm->pmk_len = psk_len; +#ifdef CONFIG_IEEE80211R_AP os_memcpy(sm->xxkey, psk, PMK_LEN); sm->xxkey_len = PMK_LEN; -#endif /* CONFIG_IEEE80211R */ +#endif /* CONFIG_IEEE80211R_AP */ + } +#ifdef CONFIG_SAE + if (wpa_auth_uses_sae(sm) && sm->pmksa) { + wpa_printf(MSG_DEBUG, "SAE: PMK from PMKSA cache"); + os_memcpy(sm->PMK, sm->pmksa->pmk, sm->pmksa->pmk_len); + sm->pmk_len = sm->pmksa->pmk_len; } +#endif /* CONFIG_SAE */ sm->req_replay_counter_used = 0; } @@ -2003,7 +2017,7 @@ SM_STATE(WPA_PTK, PTKSTART) sm->alt_snonce_valid = FALSE; sm->TimeoutCtr++; - if (sm->TimeoutCtr > (int) dot11RSNAConfigPairwiseUpdateCount) { + if (sm->TimeoutCtr > sm->wpa_auth->conf.wpa_pairwise_update_count) { /* No point in sending the EAPOL-Key - we will disconnect * immediately following this. */ return; @@ -2012,11 +2026,23 @@ SM_STATE(WPA_PTK, PTKSTART) wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG, "sending 1/4 msg of 4-Way Handshake"); /* - * TODO: Could add PMKID even with WPA2-PSK, but only if there is only - * one possible PSK for this STA. + * For infrastructure BSS cases, it is better for the AP not to include + * the PMKID KDE in EAPOL-Key msg 1/4 since it could be used to initiate + * offline search for the passphrase/PSK without having to be able to + * capture a 4-way handshake from a STA that has access to the network. + * + * For IBSS cases, addition of PMKID KDE could be considered even with + * WPA2-PSK cases that use multiple PSKs, but only if there is a single + * possible PSK for this STA. However, this should not be done unless + * there is support for using that information on the supplicant side. + * The concern about exposing PMKID unnecessarily in infrastructure BSS + * cases would also apply here, but at least in the IBSS case, this + * would cover a potential real use case. */ if (sm->wpa == WPA_VERSION_WPA2 && - wpa_key_mgmt_wpa_ieee8021x(sm->wpa_key_mgmt) && + (wpa_key_mgmt_wpa_ieee8021x(sm->wpa_key_mgmt) || + (sm->wpa_key_mgmt == WPA_KEY_MGMT_OWE && sm->pmksa) || + wpa_key_mgmt_sae(sm->wpa_key_mgmt)) && sm->wpa_key_mgmt != WPA_KEY_MGMT_OSEN) { pmkid = buf; pmkid_len = 2 + RSN_SELECTOR_LEN + PMKID_LEN; @@ -2024,11 +2050,31 @@ SM_STATE(WPA_PTK, PTKSTART) pmkid[1] = RSN_SELECTOR_LEN + PMKID_LEN; RSN_SELECTOR_PUT(&pmkid[2], RSN_KEY_DATA_PMKID); if (sm->pmksa) { + wpa_hexdump(MSG_DEBUG, + "RSN: Message 1/4 PMKID from PMKSA entry", + sm->pmksa->pmkid, PMKID_LEN); os_memcpy(&pmkid[2 + RSN_SELECTOR_LEN], sm->pmksa->pmkid, PMKID_LEN); } else if (wpa_key_mgmt_suite_b(sm->wpa_key_mgmt)) { /* No KCK available to derive PMKID */ + wpa_printf(MSG_DEBUG, + "RSN: No KCK available to derive PMKID for message 1/4"); pmkid = NULL; +#ifdef CONFIG_SAE + } else if (wpa_key_mgmt_sae(sm->wpa_key_mgmt)) { + if (sm->pmkid_set) { + wpa_hexdump(MSG_DEBUG, + "RSN: Message 1/4 PMKID from SAE", + sm->pmkid, PMKID_LEN); + os_memcpy(&pmkid[2 + RSN_SELECTOR_LEN], + sm->pmkid, PMKID_LEN); + } else { + /* No PMKID available */ + wpa_printf(MSG_DEBUG, + "RSN: No SAE PMKID available for message 1/4"); + pmkid = NULL; + } +#endif /* CONFIG_SAE */ } else { /* * Calculate PMKID since no PMKSA cache entry was @@ -2036,7 +2082,10 @@ SM_STATE(WPA_PTK, PTKSTART) */ rsn_pmkid(sm->PMK, sm->pmk_len, sm->wpa_auth->addr, sm->addr, &pmkid[2 + RSN_SELECTOR_LEN], - wpa_key_mgmt_sha256(sm->wpa_key_mgmt)); + sm->wpa_key_mgmt); + wpa_hexdump(MSG_DEBUG, + "RSN: Message 1/4 PMKID derived from PMK", + &pmkid[2 + RSN_SELECTOR_LEN], PMKID_LEN); } } wpa_send_eapol(sm->wpa_auth, sm, @@ -2049,10 +2098,10 @@ static int wpa_derive_ptk(struct wpa_state_machine *sm, const u8 *snonce, const u8 *pmk, unsigned int pmk_len, struct wpa_ptk *ptk) { -#ifdef CONFIG_IEEE80211R +#ifdef CONFIG_IEEE80211R_AP if (wpa_key_mgmt_ft(sm->wpa_key_mgmt)) return wpa_auth_derive_ptk_ft(sm, pmk, ptk); -#endif /* CONFIG_IEEE80211R */ +#endif /* CONFIG_IEEE80211R_AP */ return wpa_pmk_to_ptk(pmk, pmk_len, "Pairwise key expansion", sm->wpa_auth->addr, sm->addr, sm->ANonce, snonce, @@ -2060,43 +2109,587 @@ static int wpa_derive_ptk(struct wpa_state_machine *sm, const u8 *snonce, } +#ifdef CONFIG_FILS + +int fils_auth_pmk_to_ptk(struct wpa_state_machine *sm, const u8 *pmk, + size_t pmk_len, const u8 *snonce, const u8 *anonce, + const u8 *dhss, size_t dhss_len, + struct wpabuf *g_sta, struct wpabuf *g_ap) +{ + u8 ick[FILS_ICK_MAX_LEN]; + size_t ick_len; + int res; + u8 fils_ft[FILS_FT_MAX_LEN]; + size_t fils_ft_len = 0; + + res = fils_pmk_to_ptk(pmk, pmk_len, sm->addr, sm->wpa_auth->addr, + snonce, anonce, dhss, dhss_len, + &sm->PTK, ick, &ick_len, + sm->wpa_key_mgmt, sm->pairwise, + fils_ft, &fils_ft_len); + if (res < 0) + return res; + sm->PTK_valid = TRUE; + sm->tk_already_set = FALSE; + +#ifdef CONFIG_IEEE80211R_AP + if (fils_ft_len) { + struct wpa_authenticator *wpa_auth = sm->wpa_auth; + struct wpa_auth_config *conf = &wpa_auth->conf; + u8 pmk_r0[PMK_LEN_MAX], pmk_r0_name[WPA_PMK_NAME_LEN]; + int use_sha384 = wpa_key_mgmt_sha384(sm->wpa_key_mgmt); + size_t pmk_r0_len = use_sha384 ? SHA384_MAC_LEN : PMK_LEN; + + if (wpa_derive_pmk_r0(fils_ft, fils_ft_len, + conf->ssid, conf->ssid_len, + conf->mobility_domain, + conf->r0_key_holder, + conf->r0_key_holder_len, + sm->addr, pmk_r0, pmk_r0_name, + use_sha384) < 0) + return -1; + + wpa_hexdump_key(MSG_DEBUG, "FILS+FT: PMK-R0", + pmk_r0, pmk_r0_len); + wpa_hexdump(MSG_DEBUG, "FILS+FT: PMKR0Name", + pmk_r0_name, WPA_PMK_NAME_LEN); + wpa_ft_store_pmk_fils(sm, pmk_r0, pmk_r0_name); + os_memset(fils_ft, 0, sizeof(fils_ft)); + } +#endif /* CONFIG_IEEE80211R_AP */ + + res = fils_key_auth_sk(ick, ick_len, snonce, anonce, + sm->addr, sm->wpa_auth->addr, + g_sta ? wpabuf_head(g_sta) : NULL, + g_sta ? wpabuf_len(g_sta) : 0, + g_ap ? wpabuf_head(g_ap) : NULL, + g_ap ? wpabuf_len(g_ap) : 0, + sm->wpa_key_mgmt, sm->fils_key_auth_sta, + sm->fils_key_auth_ap, + &sm->fils_key_auth_len); + os_memset(ick, 0, sizeof(ick)); + + /* Store nonces for (Re)Association Request/Response frame processing */ + os_memcpy(sm->SNonce, snonce, FILS_NONCE_LEN); + os_memcpy(sm->ANonce, anonce, FILS_NONCE_LEN); + + return res; +} + + +static int wpa_aead_decrypt(struct wpa_state_machine *sm, struct wpa_ptk *ptk, + u8 *buf, size_t buf_len, u16 *_key_data_len) +{ + struct ieee802_1x_hdr *hdr; + struct wpa_eapol_key *key; + u8 *pos; + u16 key_data_len; + u8 *tmp; + const u8 *aad[1]; + size_t aad_len[1]; + + hdr = (struct ieee802_1x_hdr *) buf; + key = (struct wpa_eapol_key *) (hdr + 1); + pos = (u8 *) (key + 1); + key_data_len = WPA_GET_BE16(pos); + if (key_data_len < AES_BLOCK_SIZE || + key_data_len > buf_len - sizeof(*hdr) - sizeof(*key) - 2) { + wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_INFO, + "No room for AES-SIV data in the frame"); + return -1; + } + pos += 2; /* Pointing at the Encrypted Key Data field */ + + tmp = os_malloc(key_data_len); + if (!tmp) + return -1; + + /* AES-SIV AAD from EAPOL protocol version field (inclusive) to + * to Key Data (exclusive). */ + aad[0] = buf; + aad_len[0] = pos - buf; + if (aes_siv_decrypt(ptk->kek, ptk->kek_len, pos, key_data_len, + 1, aad, aad_len, tmp) < 0) { + wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_INFO, + "Invalid AES-SIV data in the frame"); + bin_clear_free(tmp, key_data_len); + return -1; + } + + /* AEAD decryption and validation completed successfully */ + key_data_len -= AES_BLOCK_SIZE; + wpa_hexdump_key(MSG_DEBUG, "WPA: Decrypted Key Data", + tmp, key_data_len); + + /* Replace Key Data field with the decrypted version */ + os_memcpy(pos, tmp, key_data_len); + pos -= 2; /* Key Data Length field */ + WPA_PUT_BE16(pos, key_data_len); + bin_clear_free(tmp, key_data_len); + if (_key_data_len) + *_key_data_len = key_data_len; + return 0; +} + + +const u8 * wpa_fils_validate_fils_session(struct wpa_state_machine *sm, + const u8 *ies, size_t ies_len, + const u8 *fils_session) +{ + const u8 *ie, *end; + const u8 *session = NULL; + + if (!wpa_key_mgmt_fils(sm->wpa_key_mgmt)) { + wpa_printf(MSG_DEBUG, + "FILS: Not a FILS AKM - reject association"); + return NULL; + } + + /* Verify Session element */ + ie = ies; + end = ((const u8 *) ie) + ies_len; + while (ie + 1 < end) { + if (ie + 2 + ie[1] > end) + break; + if (ie[0] == WLAN_EID_EXTENSION && + ie[1] >= 1 + FILS_SESSION_LEN && + ie[2] == WLAN_EID_EXT_FILS_SESSION) { + session = ie; + break; + } + ie += 2 + ie[1]; + } + + if (!session) { + wpa_printf(MSG_DEBUG, + "FILS: %s: Could not find FILS Session element in Assoc Req - reject", + __func__); + return NULL; + } + + if (!fils_session) { + wpa_printf(MSG_DEBUG, + "FILS: %s: Could not find FILS Session element in STA entry - reject", + __func__); + return NULL; + } + + if (os_memcmp(fils_session, session + 3, FILS_SESSION_LEN) != 0) { + wpa_printf(MSG_DEBUG, "FILS: Session mismatch"); + wpa_hexdump(MSG_DEBUG, "FILS: Expected FILS Session", + fils_session, FILS_SESSION_LEN); + wpa_hexdump(MSG_DEBUG, "FILS: Received FILS Session", + session + 3, FILS_SESSION_LEN); + return NULL; + } + return session; +} + + +int wpa_fils_validate_key_confirm(struct wpa_state_machine *sm, const u8 *ies, + size_t ies_len) +{ + struct ieee802_11_elems elems; + + if (ieee802_11_parse_elems(ies, ies_len, &elems, 1) == ParseFailed) { + wpa_printf(MSG_DEBUG, + "FILS: Failed to parse decrypted elements"); + return -1; + } + + if (!elems.fils_session) { + wpa_printf(MSG_DEBUG, "FILS: No FILS Session element"); + return -1; + } + + if (!elems.fils_key_confirm) { + wpa_printf(MSG_DEBUG, "FILS: No FILS Key Confirm element"); + return -1; + } + + if (elems.fils_key_confirm_len != sm->fils_key_auth_len) { + wpa_printf(MSG_DEBUG, + "FILS: Unexpected Key-Auth length %d (expected %d)", + elems.fils_key_confirm_len, + (int) sm->fils_key_auth_len); + return -1; + } + + if (os_memcmp(elems.fils_key_confirm, sm->fils_key_auth_sta, + sm->fils_key_auth_len) != 0) { + wpa_printf(MSG_DEBUG, "FILS: Key-Auth mismatch"); + wpa_hexdump(MSG_DEBUG, "FILS: Received Key-Auth", + elems.fils_key_confirm, elems.fils_key_confirm_len); + wpa_hexdump(MSG_DEBUG, "FILS: Expected Key-Auth", + sm->fils_key_auth_sta, sm->fils_key_auth_len); + return -1; + } + + return 0; +} + + +int fils_decrypt_assoc(struct wpa_state_machine *sm, const u8 *fils_session, + const struct ieee80211_mgmt *mgmt, size_t frame_len, + u8 *pos, size_t left) +{ + u16 fc, stype; + const u8 *end, *ie_start, *ie, *session, *crypt; + const u8 *aad[5]; + size_t aad_len[5]; + + if (!sm || !sm->PTK_valid) { + wpa_printf(MSG_DEBUG, + "FILS: No KEK to decrypt Assocication Request frame"); + return -1; + } + + if (!wpa_key_mgmt_fils(sm->wpa_key_mgmt)) { + wpa_printf(MSG_DEBUG, + "FILS: Not a FILS AKM - reject association"); + return -1; + } + + end = ((const u8 *) mgmt) + frame_len; + fc = le_to_host16(mgmt->frame_control); + stype = WLAN_FC_GET_STYPE(fc); + if (stype == WLAN_FC_STYPE_REASSOC_REQ) + ie_start = mgmt->u.reassoc_req.variable; + else + ie_start = mgmt->u.assoc_req.variable; + ie = ie_start; + + /* + * Find FILS Session element which is the last unencrypted element in + * the frame. + */ + session = wpa_fils_validate_fils_session(sm, ie, end - ie, + fils_session); + if (!session) { + wpa_printf(MSG_DEBUG, "FILS: Session validation failed"); + return -1; + } + + crypt = session + 2 + session[1]; + + if (end - crypt < AES_BLOCK_SIZE) { + wpa_printf(MSG_DEBUG, + "FILS: Too short frame to include AES-SIV data"); + return -1; + } + + /* AES-SIV AAD vectors */ + + /* The STA's MAC address */ + aad[0] = mgmt->sa; + aad_len[0] = ETH_ALEN; + /* The AP's BSSID */ + aad[1] = mgmt->da; + aad_len[1] = ETH_ALEN; + /* The STA's nonce */ + aad[2] = sm->SNonce; + aad_len[2] = FILS_NONCE_LEN; + /* The AP's nonce */ + aad[3] = sm->ANonce; + aad_len[3] = FILS_NONCE_LEN; + /* + * The (Re)Association Request frame from the Capability Information + * field to the FILS Session element (both inclusive). + */ + aad[4] = (const u8 *) &mgmt->u.assoc_req.capab_info; + aad_len[4] = crypt - aad[4]; + + if (aes_siv_decrypt(sm->PTK.kek, sm->PTK.kek_len, crypt, end - crypt, + 5, aad, aad_len, pos + (crypt - ie_start)) < 0) { + wpa_printf(MSG_DEBUG, + "FILS: Invalid AES-SIV data in the frame"); + return -1; + } + wpa_hexdump(MSG_DEBUG, "FILS: Decrypted Association Request elements", + pos, left - AES_BLOCK_SIZE); + + if (wpa_fils_validate_key_confirm(sm, pos, left - AES_BLOCK_SIZE) < 0) { + wpa_printf(MSG_DEBUG, "FILS: Key Confirm validation failed"); + return -1; + } + + return left - AES_BLOCK_SIZE; +} + + +int fils_encrypt_assoc(struct wpa_state_machine *sm, u8 *buf, + size_t current_len, size_t max_len, + const struct wpabuf *hlp) +{ + u8 *end = buf + max_len; + u8 *pos = buf + current_len; + struct ieee80211_mgmt *mgmt; + struct wpabuf *plain; + const u8 *aad[5]; + size_t aad_len[5]; + + if (!sm || !sm->PTK_valid) + return -1; + + wpa_hexdump(MSG_DEBUG, + "FILS: Association Response frame before FILS processing", + buf, current_len); + + mgmt = (struct ieee80211_mgmt *) buf; + + /* AES-SIV AAD vectors */ + + /* The AP's BSSID */ + aad[0] = mgmt->sa; + aad_len[0] = ETH_ALEN; + /* The STA's MAC address */ + aad[1] = mgmt->da; + aad_len[1] = ETH_ALEN; + /* The AP's nonce */ + aad[2] = sm->ANonce; + aad_len[2] = FILS_NONCE_LEN; + /* The STA's nonce */ + aad[3] = sm->SNonce; + aad_len[3] = FILS_NONCE_LEN; + /* + * The (Re)Association Response frame from the Capability Information + * field (the same offset in both Association and Reassociation + * Response frames) to the FILS Session element (both inclusive). + */ + aad[4] = (const u8 *) &mgmt->u.assoc_resp.capab_info; + aad_len[4] = pos - aad[4]; + + /* The following elements will be encrypted with AES-SIV */ + plain = fils_prepare_plainbuf(sm, hlp); + if (!plain) { + wpa_printf(MSG_DEBUG, "FILS: Plain buffer prep failed"); + return -1; + } + + if (pos + wpabuf_len(plain) + AES_BLOCK_SIZE > end) { + wpa_printf(MSG_DEBUG, + "FILS: Not enough room for FILS elements"); + wpabuf_free(plain); + return -1; + } + + wpa_hexdump_buf_key(MSG_DEBUG, "FILS: Association Response plaintext", + plain); + + if (aes_siv_encrypt(sm->PTK.kek, sm->PTK.kek_len, + wpabuf_head(plain), wpabuf_len(plain), + 5, aad, aad_len, pos) < 0) { + wpabuf_free(plain); + return -1; + } + + wpa_hexdump(MSG_DEBUG, + "FILS: Encrypted Association Response elements", + pos, AES_BLOCK_SIZE + wpabuf_len(plain)); + current_len += wpabuf_len(plain) + AES_BLOCK_SIZE; + wpabuf_free(plain); + + sm->fils_completed = 1; + + return current_len; +} + + +static struct wpabuf * fils_prepare_plainbuf(struct wpa_state_machine *sm, + const struct wpabuf *hlp) +{ + struct wpabuf *plain; + u8 *len, *tmp, *tmp2; + u8 hdr[2]; + u8 *gtk, dummy_gtk[32]; + size_t gtk_len; + struct wpa_group *gsm; + + plain = wpabuf_alloc(1000); + if (!plain) + return NULL; + + /* TODO: FILS Public Key */ + + /* FILS Key Confirmation */ + wpabuf_put_u8(plain, WLAN_EID_EXTENSION); /* Element ID */ + wpabuf_put_u8(plain, 1 + sm->fils_key_auth_len); /* Length */ + /* Element ID Extension */ + wpabuf_put_u8(plain, WLAN_EID_EXT_FILS_KEY_CONFIRM); + wpabuf_put_data(plain, sm->fils_key_auth_ap, sm->fils_key_auth_len); + + /* FILS HLP Container */ + if (hlp) + wpabuf_put_buf(plain, hlp); + + /* TODO: FILS IP Address Assignment */ + + /* Key Delivery */ + gsm = sm->group; + wpabuf_put_u8(plain, WLAN_EID_EXTENSION); /* Element ID */ + len = wpabuf_put(plain, 1); + wpabuf_put_u8(plain, WLAN_EID_EXT_KEY_DELIVERY); + wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN, + wpabuf_put(plain, WPA_KEY_RSC_LEN)); + /* GTK KDE */ + gtk = gsm->GTK[gsm->GN - 1]; + gtk_len = gsm->GTK_len; + if (sm->wpa_auth->conf.disable_gtk || + sm->wpa_key_mgmt == WPA_KEY_MGMT_OSEN) { + /* + * Provide unique random GTK to each STA to prevent use + * of GTK in the BSS. + */ + if (random_get_bytes(dummy_gtk, gtk_len) < 0) { + wpabuf_free(plain); + return NULL; + } + gtk = dummy_gtk; + } + hdr[0] = gsm->GN & 0x03; + hdr[1] = 0; + tmp = wpabuf_put(plain, 0); + tmp2 = wpa_add_kde(tmp, RSN_KEY_DATA_GROUPKEY, hdr, 2, + gtk, gtk_len); + wpabuf_put(plain, tmp2 - tmp); + + /* IGTK KDE */ + tmp = wpabuf_put(plain, 0); + tmp2 = ieee80211w_kde_add(sm, tmp); + wpabuf_put(plain, tmp2 - tmp); + + *len = (u8 *) wpabuf_put(plain, 0) - len - 1; + return plain; +} + + +int fils_set_tk(struct wpa_state_machine *sm) +{ + enum wpa_alg alg; + int klen; + + if (!sm || !sm->PTK_valid) { + wpa_printf(MSG_DEBUG, "FILS: No valid PTK available to set TK"); + return -1; + } + if (sm->tk_already_set) { + wpa_printf(MSG_DEBUG, "FILS: TK already set to the driver"); + return -1; + } + + alg = wpa_cipher_to_alg(sm->pairwise); + klen = wpa_cipher_key_len(sm->pairwise); + + wpa_printf(MSG_DEBUG, "FILS: Configure TK to the driver"); + if (wpa_auth_set_key(sm->wpa_auth, 0, alg, sm->addr, 0, + sm->PTK.tk, klen)) { + wpa_printf(MSG_DEBUG, "FILS: Failed to set TK to the driver"); + return -1; + } + sm->tk_already_set = TRUE; + + return 0; +} + + +u8 * hostapd_eid_assoc_fils_session(struct wpa_state_machine *sm, u8 *buf, + const u8 *fils_session, struct wpabuf *hlp) +{ + struct wpabuf *plain; + u8 *pos = buf; + + /* FILS Session */ + *pos++ = WLAN_EID_EXTENSION; /* Element ID */ + *pos++ = 1 + FILS_SESSION_LEN; /* Length */ + *pos++ = WLAN_EID_EXT_FILS_SESSION; /* Element ID Extension */ + os_memcpy(pos, fils_session, FILS_SESSION_LEN); + pos += FILS_SESSION_LEN; + + plain = fils_prepare_plainbuf(sm, hlp); + if (!plain) { + wpa_printf(MSG_DEBUG, "FILS: Plain buffer prep failed"); + return NULL; + } + + os_memcpy(pos, wpabuf_head(plain), wpabuf_len(plain)); + pos += wpabuf_len(plain); + + wpa_printf(MSG_DEBUG, "%s: plain buf_len: %u", __func__, + (unsigned int) wpabuf_len(plain)); + wpabuf_free(plain); + sm->fils_completed = 1; + return pos; +} + +#endif /* CONFIG_FILS */ + + SM_STATE(WPA_PTK, PTKCALCNEGOTIATING) { + struct wpa_authenticator *wpa_auth = sm->wpa_auth; struct wpa_ptk PTK; int ok = 0, psk_found = 0; const u8 *pmk = NULL; - unsigned int pmk_len; + size_t pmk_len; + int ft; + const u8 *eapol_key_ie, *key_data, *mic; + u16 key_data_length; + size_t mic_len, eapol_key_ie_len; + struct ieee802_1x_hdr *hdr; + struct wpa_eapol_key *key; + struct wpa_eapol_ie_parse kde; SM_ENTRY_MA(WPA_PTK, PTKCALCNEGOTIATING, wpa_ptk); sm->EAPOLKeyReceived = FALSE; sm->update_snonce = FALSE; + os_memset(&PTK, 0, sizeof(PTK)); + + mic_len = wpa_mic_len(sm->wpa_key_mgmt, sm->pmk_len); /* WPA with IEEE 802.1X: use the derived PMK from EAP * WPA-PSK: iterate through possible PSKs and select the one matching * the packet */ for (;;) { - if (wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt)) { + if (wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt) && + !wpa_key_mgmt_sae(sm->wpa_key_mgmt)) { pmk = wpa_auth_get_psk(sm->wpa_auth, sm->addr, - sm->p2p_dev_addr, pmk); + sm->p2p_dev_addr, pmk, &pmk_len); if (pmk == NULL) break; psk_found = 1; - pmk_len = PMK_LEN; +#ifdef CONFIG_IEEE80211R_AP + if (wpa_key_mgmt_ft_psk(sm->wpa_key_mgmt)) { + os_memcpy(sm->xxkey, pmk, pmk_len); + sm->xxkey_len = pmk_len; + } +#endif /* CONFIG_IEEE80211R_AP */ } else { pmk = sm->PMK; pmk_len = sm->pmk_len; } - wpa_derive_ptk(sm, sm->SNonce, pmk, pmk_len, &PTK); + if (wpa_derive_ptk(sm, sm->SNonce, pmk, pmk_len, &PTK) < 0) + break; - if (wpa_verify_key_mic(sm->wpa_key_mgmt, &PTK, + if (mic_len && + wpa_verify_key_mic(sm->wpa_key_mgmt, pmk_len, &PTK, sm->last_rx_eapol_key, sm->last_rx_eapol_key_len) == 0) { ok = 1; break; } - if (!wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt)) +#ifdef CONFIG_FILS + if (!mic_len && + wpa_aead_decrypt(sm, &PTK, sm->last_rx_eapol_key, + sm->last_rx_eapol_key_len, NULL) == 0) { + ok = 1; + break; + } +#endif /* CONFIG_FILS */ + + if (!wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt) || + wpa_key_mgmt_sae(sm->wpa_key_mgmt)) break; } @@ -2108,7 +2701,79 @@ SM_STATE(WPA_PTK, PTKCALCNEGOTIATING) return; } -#ifdef CONFIG_IEEE80211R + /* + * Note: last_rx_eapol_key length fields have already been validated in + * wpa_receive(). + */ + hdr = (struct ieee802_1x_hdr *) sm->last_rx_eapol_key; + key = (struct wpa_eapol_key *) (hdr + 1); + mic = (u8 *) (key + 1); + key_data = mic + mic_len + 2; + key_data_length = WPA_GET_BE16(mic + mic_len); + if (key_data_length > sm->last_rx_eapol_key_len - sizeof(*hdr) - + sizeof(*key) - mic_len - 2) + return; + + if (wpa_parse_kde_ies(key_data, key_data_length, &kde) < 0) { + wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_INFO, + "received EAPOL-Key msg 2/4 with invalid Key Data contents"); + return; + } + if (kde.rsn_ie) { + eapol_key_ie = kde.rsn_ie; + eapol_key_ie_len = kde.rsn_ie_len; + } else if (kde.osen) { + eapol_key_ie = kde.osen; + eapol_key_ie_len = kde.osen_len; + } else { + eapol_key_ie = kde.wpa_ie; + eapol_key_ie_len = kde.wpa_ie_len; + } + ft = sm->wpa == WPA_VERSION_WPA2 && wpa_key_mgmt_ft(sm->wpa_key_mgmt); + if (sm->wpa_ie == NULL || + wpa_compare_rsn_ie(ft, sm->wpa_ie, sm->wpa_ie_len, + eapol_key_ie, eapol_key_ie_len)) { + wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO, + "WPA IE from (Re)AssocReq did not match with msg 2/4"); + if (sm->wpa_ie) { + wpa_hexdump(MSG_DEBUG, "WPA IE in AssocReq", + sm->wpa_ie, sm->wpa_ie_len); + } + wpa_hexdump(MSG_DEBUG, "WPA IE in msg 2/4", + eapol_key_ie, eapol_key_ie_len); + /* MLME-DEAUTHENTICATE.request */ + wpa_sta_disconnect(wpa_auth, sm->addr, + WLAN_REASON_PREV_AUTH_NOT_VALID); + return; + } +#ifdef CONFIG_IEEE80211R_AP + if (ft && ft_check_msg_2_of_4(wpa_auth, sm, &kde) < 0) { + wpa_sta_disconnect(wpa_auth, sm->addr, + WLAN_REASON_PREV_AUTH_NOT_VALID); + return; + } +#endif /* CONFIG_IEEE80211R_AP */ +#ifdef CONFIG_P2P + if (kde.ip_addr_req && kde.ip_addr_req[0] && + wpa_auth->ip_pool && WPA_GET_BE32(sm->ip_addr) == 0) { + int idx; + wpa_printf(MSG_DEBUG, + "P2P: IP address requested in EAPOL-Key exchange"); + idx = bitfield_get_first_zero(wpa_auth->ip_pool); + if (idx >= 0) { + u32 start = WPA_GET_BE32(wpa_auth->conf.ip_addr_start); + bitfield_set(wpa_auth->ip_pool, idx); + WPA_PUT_BE32(sm->ip_addr, start + idx); + wpa_printf(MSG_DEBUG, + "P2P: Assigned IP address %u.%u.%u.%u to " + MACSTR, sm->ip_addr[0], sm->ip_addr[1], + sm->ip_addr[2], sm->ip_addr[3], + MAC2STR(sm->addr)); + } + } +#endif /* CONFIG_P2P */ + +#ifdef CONFIG_IEEE80211R_AP if (sm->wpa == WPA_VERSION_WPA2 && wpa_key_mgmt_ft(sm->wpa_key_mgmt)) { /* * Verify that PMKR1Name from EAPOL-Key message 2/4 matches @@ -2127,7 +2792,7 @@ SM_STATE(WPA_PTK, PTKCALCNEGOTIATING) return; } } -#endif /* CONFIG_IEEE80211R */ +#endif /* CONFIG_IEEE80211R_AP */ sm->pending_1_of_4_timeout = 0; eloop_cancel_timeout(wpa_send_eapol_timeout, sm->wpa_auth, sm); @@ -2186,7 +2851,8 @@ static u8 * ieee80211w_kde_add(struct wpa_state_machine *sm, u8 *pos) else os_memcpy(igtk.pn, rsc, sizeof(igtk.pn)); os_memcpy(igtk.igtk, gsm->IGTK[gsm->GN_igtk - 4], len); - if (sm->wpa_auth->conf.disable_gtk) { + if (sm->wpa_auth->conf.disable_gtk || + sm->wpa_key_mgmt == WPA_KEY_MGMT_OSEN) { /* * Provide unique random IGTK to each STA to prevent use of * IGTK in the BSS. @@ -2229,7 +2895,12 @@ SM_STATE(WPA_PTK, PTKINITNEGOTIATING) sm->TimeoutEvt = FALSE; sm->TimeoutCtr++; - if (sm->TimeoutCtr > (int) dot11RSNAConfigPairwiseUpdateCount) { + if (sm->wpa_auth->conf.wpa_disable_eapol_key_retries && + sm->TimeoutCtr > 1) { + /* Do not allow retransmission of EAPOL-Key msg 3/4 */ + return; + } + if (sm->TimeoutCtr > sm->wpa_auth->conf.wpa_pairwise_update_count) { /* No point in sending the EAPOL-Key - we will disconnect * immediately following this. */ return; @@ -2259,7 +2930,8 @@ SM_STATE(WPA_PTK, PTKINITNEGOTIATING) secure = 1; gtk = gsm->GTK[gsm->GN - 1]; gtk_len = gsm->GTK_len; - if (sm->wpa_auth->conf.disable_gtk) { + if (sm->wpa_auth->conf.disable_gtk || + sm->wpa_key_mgmt == WPA_KEY_MGMT_OSEN) { /* * Provide unique random GTK to each STA to prevent use * of GTK in the BSS. @@ -2297,12 +2969,12 @@ SM_STATE(WPA_PTK, PTKINITNEGOTIATING) kde_len = wpa_ie_len + ieee80211w_kde_len(sm); if (gtk) kde_len += 2 + RSN_SELECTOR_LEN + 2 + gtk_len; -#ifdef CONFIG_IEEE80211R +#ifdef CONFIG_IEEE80211R_AP if (wpa_key_mgmt_ft(sm->wpa_key_mgmt)) { kde_len += 2 + PMKID_LEN; /* PMKR1Name into RSN IE */ kde_len += 300; /* FTIE + 2 * TIE */ } -#endif /* CONFIG_IEEE80211R */ +#endif /* CONFIG_IEEE80211R_AP */ #ifdef CONFIG_P2P if (WPA_GET_BE32(sm->ip_addr) > 0) kde_len += 2 + RSN_SELECTOR_LEN + 3 * 4; @@ -2314,7 +2986,7 @@ SM_STATE(WPA_PTK, PTKINITNEGOTIATING) pos = kde; os_memcpy(pos, wpa_ie, wpa_ie_len); pos += wpa_ie_len; -#ifdef CONFIG_IEEE80211R +#ifdef CONFIG_IEEE80211R_AP if (wpa_key_mgmt_ft(sm->wpa_key_mgmt)) { int res; size_t elen; @@ -2330,7 +3002,7 @@ SM_STATE(WPA_PTK, PTKINITNEGOTIATING) pos -= wpa_ie_len; pos += elen; } -#endif /* CONFIG_IEEE80211R */ +#endif /* CONFIG_IEEE80211R_AP */ if (gtk) { u8 hdr[2]; hdr[0] = keyidx & 0x03; @@ -2340,7 +3012,7 @@ SM_STATE(WPA_PTK, PTKINITNEGOTIATING) } pos = ieee80211w_kde_add(sm, pos); -#ifdef CONFIG_IEEE80211R +#ifdef CONFIG_IEEE80211R_AP if (wpa_key_mgmt_ft(sm->wpa_key_mgmt)) { int res; struct wpa_auth_config *conf; @@ -2352,7 +3024,10 @@ SM_STATE(WPA_PTK, PTKINITNEGOTIATING) 2 + sm->assoc_resp_ftie[1]); res = 2 + sm->assoc_resp_ftie[1]; } else { - res = wpa_write_ftie(conf, conf->r0_key_holder, + int use_sha384 = wpa_key_mgmt_sha384(sm->wpa_key_mgmt); + + res = wpa_write_ftie(conf, use_sha384, + conf->r0_key_holder, conf->r0_key_holder_len, NULL, NULL, pos, kde + kde_len - pos, @@ -2377,10 +3052,10 @@ SM_STATE(WPA_PTK, PTKINITNEGOTIATING) *pos++ = WLAN_EID_TIMEOUT_INTERVAL; *pos++ = 5; *pos++ = WLAN_TIMEOUT_KEY_LIFETIME; - WPA_PUT_LE32(pos, conf->r0_key_lifetime * 60); + WPA_PUT_LE32(pos, conf->r0_key_lifetime); pos += 4; } -#endif /* CONFIG_IEEE80211R */ +#endif /* CONFIG_IEEE80211R_AP */ #ifdef CONFIG_P2P if (WPA_GET_BE32(sm->ip_addr) > 0) { u8 addr[3 * 4]; @@ -2393,7 +3068,9 @@ SM_STATE(WPA_PTK, PTKINITNEGOTIATING) #endif /* CONFIG_P2P */ wpa_send_eapol(sm->wpa_auth, sm, - (secure ? WPA_KEY_INFO_SECURE : 0) | WPA_KEY_INFO_MIC | + (secure ? WPA_KEY_INFO_SECURE : 0) | + (wpa_mic_len(sm->wpa_key_mgmt, sm->pmk_len) ? + WPA_KEY_INFO_MIC : 0) | WPA_KEY_INFO_ACK | WPA_KEY_INFO_INSTALL | WPA_KEY_INFO_KEY_TYPE, _rsc, sm->ANonce, kde, pos - kde, keyidx, encr); @@ -2410,7 +3087,8 @@ SM_STATE(WPA_PTK, PTKINITDONE) int klen = wpa_cipher_key_len(sm->pairwise); if (wpa_auth_set_key(sm->wpa_auth, 0, alg, sm->addr, 0, sm->PTK.tk, klen)) { - wpa_sta_disconnect(sm->wpa_auth, sm->addr); + wpa_sta_disconnect(sm->wpa_auth, sm->addr, + WLAN_REASON_PREV_AUTH_NOT_VALID); return; } /* FIX: MLME-SetProtection.Request(TA, Tx_Rx) */ @@ -2423,7 +3101,9 @@ SM_STATE(WPA_PTK, PTKINITDONE) sm->wpa_auth, sm); } - if (wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt)) { + if (wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt) || + sm->wpa_key_mgmt == WPA_KEY_MGMT_DPP || + sm->wpa_key_mgmt == WPA_KEY_MGMT_OWE) { wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_authorized, 1); } @@ -2449,9 +3129,9 @@ SM_STATE(WPA_PTK, PTKINITDONE) "pairwise key handshake completed (%s)", sm->wpa == WPA_VERSION_WPA ? "WPA" : "RSN"); -#ifdef CONFIG_IEEE80211R +#ifdef CONFIG_IEEE80211R_AP wpa_ft_push_pmk_r1(sm->wpa_auth, sm->addr); -#endif /* CONFIG_IEEE80211R */ +#endif /* CONFIG_IEEE80211R_AP */ } @@ -2495,15 +3175,22 @@ SM_STEP(WPA_PTK) wpa_auth_get_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_keyRun) > 0) SM_ENTER(WPA_PTK, INITPMK); - else if (wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt) + else if (wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt) || + sm->wpa_key_mgmt == WPA_KEY_MGMT_OWE /* FIX: && 802.1X::keyRun */) SM_ENTER(WPA_PTK, INITPSK); + else if (sm->wpa_key_mgmt == WPA_KEY_MGMT_DPP) + SM_ENTER(WPA_PTK, INITPMK); break; case WPA_PTK_INITPMK: if (wpa_auth_get_eapol(sm->wpa_auth, sm->addr, - WPA_EAPOL_keyAvailable) > 0) + WPA_EAPOL_keyAvailable) > 0) { + SM_ENTER(WPA_PTK, PTKSTART); +#ifdef CONFIG_DPP + } else if (sm->wpa_key_mgmt == WPA_KEY_MGMT_DPP && sm->pmksa) { SM_ENTER(WPA_PTK, PTKSTART); - else { +#endif /* CONFIG_DPP */ + } else { wpa_auth->dot11RSNA4WayHandshakeFailures++; wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_INFO, "INITPMK - keyAvailable = false"); @@ -2512,9 +3199,13 @@ SM_STEP(WPA_PTK) break; case WPA_PTK_INITPSK: if (wpa_auth_get_psk(sm->wpa_auth, sm->addr, sm->p2p_dev_addr, - NULL)) + NULL, NULL)) { + SM_ENTER(WPA_PTK, PTKSTART); +#ifdef CONFIG_SAE + } else if (wpa_auth_uses_sae(sm) && sm->pmksa) { SM_ENTER(WPA_PTK, PTKSTART); - else { +#endif /* CONFIG_SAE */ + } else { wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_INFO, "no PSK configured for the STA"); wpa_auth->dot11RSNA4WayHandshakeFailures++; @@ -2526,11 +3217,12 @@ SM_STEP(WPA_PTK) sm->EAPOLKeyPairwise) SM_ENTER(WPA_PTK, PTKCALCNEGOTIATING); else if (sm->TimeoutCtr > - (int) dot11RSNAConfigPairwiseUpdateCount) { + sm->wpa_auth->conf.wpa_pairwise_update_count) { wpa_auth->dot11RSNA4WayHandshakeFailures++; - wpa_auth_vlogger(sm->wpa_auth, sm->addr, LOGGER_DEBUG, - "PTKSTART: Retry limit %d reached", - dot11RSNAConfigPairwiseUpdateCount); + wpa_auth_vlogger( + sm->wpa_auth, sm->addr, LOGGER_DEBUG, + "PTKSTART: Retry limit %u reached", + sm->wpa_auth->conf.wpa_pairwise_update_count); SM_ENTER(WPA_PTK, DISCONNECT); } else if (sm->TimeoutEvt) SM_ENTER(WPA_PTK, PTKSTART); @@ -2554,12 +3246,14 @@ SM_STEP(WPA_PTK) sm->EAPOLKeyPairwise && sm->MICVerified) SM_ENTER(WPA_PTK, PTKINITDONE); else if (sm->TimeoutCtr > - (int) dot11RSNAConfigPairwiseUpdateCount) { + sm->wpa_auth->conf.wpa_pairwise_update_count || + (sm->wpa_auth->conf.wpa_disable_eapol_key_retries && + sm->TimeoutCtr > 1)) { wpa_auth->dot11RSNA4WayHandshakeFailures++; - wpa_auth_vlogger(sm->wpa_auth, sm->addr, LOGGER_DEBUG, - "PTKINITNEGOTIATING: Retry limit %d " - "reached", - dot11RSNAConfigPairwiseUpdateCount); + wpa_auth_vlogger( + sm->wpa_auth, sm->addr, LOGGER_DEBUG, + "PTKINITNEGOTIATING: Retry limit %u reached", + sm->wpa_auth->conf.wpa_pairwise_update_count); SM_ENTER(WPA_PTK, DISCONNECT); } else if (sm->TimeoutEvt) SM_ENTER(WPA_PTK, PTKINITNEGOTIATING); @@ -2594,7 +3288,12 @@ SM_STATE(WPA_PTK_GROUP, REKEYNEGOTIATING) SM_ENTRY_MA(WPA_PTK_GROUP, REKEYNEGOTIATING, wpa_ptk_group); sm->GTimeoutCtr++; - if (sm->GTimeoutCtr > (int) dot11RSNAConfigGroupUpdateCount) { + if (sm->wpa_auth->conf.wpa_disable_eapol_key_retries && + sm->GTimeoutCtr > 1) { + /* Do not allow retransmission of EAPOL-Key group msg 1/2 */ + return; + } + if (sm->GTimeoutCtr > sm->wpa_auth->conf.wpa_group_update_count) { /* No point in sending the EAPOL-Key - we will disconnect * immediately following this. */ return; @@ -2611,7 +3310,8 @@ SM_STATE(WPA_PTK_GROUP, REKEYNEGOTIATING) "sending 1/2 msg of Group Key Handshake"); gtk = gsm->GTK[gsm->GN - 1]; - if (sm->wpa_auth->conf.disable_gtk) { + if (sm->wpa_auth->conf.disable_gtk || + sm->wpa_key_mgmt == WPA_KEY_MGMT_OSEN) { /* * Provide unique random GTK to each STA to prevent use * of GTK in the BSS. @@ -2640,10 +3340,12 @@ SM_STATE(WPA_PTK_GROUP, REKEYNEGOTIATING) } wpa_send_eapol(sm->wpa_auth, sm, - WPA_KEY_INFO_SECURE | WPA_KEY_INFO_MIC | + WPA_KEY_INFO_SECURE | + (wpa_mic_len(sm->wpa_key_mgmt, sm->pmk_len) ? + WPA_KEY_INFO_MIC : 0) | WPA_KEY_INFO_ACK | (!sm->Pair ? WPA_KEY_INFO_INSTALL : 0), - rsc, gsm->GNonce, kde, kde_len, gsm->GN, 1); + rsc, NULL, kde, kde_len, gsm->GN, 1); os_free(kde_buf); } @@ -2672,6 +3374,10 @@ SM_STATE(WPA_PTK_GROUP, KEYERROR) sm->group->GKeyDoneStations--; sm->GUpdateStationKeys = FALSE; sm->Disconnect = TRUE; + wpa_auth_vlogger(sm->wpa_auth, sm->addr, LOGGER_INFO, + "group key handshake failed (%s) after %u tries", + sm->wpa == WPA_VERSION_WPA ? "WPA" : "RSN", + sm->wpa_auth->conf.wpa_group_update_count); } @@ -2691,7 +3397,9 @@ SM_STEP(WPA_PTK_GROUP) !sm->EAPOLKeyPairwise && sm->MICVerified) SM_ENTER(WPA_PTK_GROUP, REKEYESTABLISHED); else if (sm->GTimeoutCtr > - (int) dot11RSNAConfigGroupUpdateCount) + sm->wpa_auth->conf.wpa_group_update_count || + (sm->wpa_auth->conf.wpa_disable_eapol_key_retries && + sm->GTimeoutCtr > 1)) SM_ENTER(WPA_PTK_GROUP, KEYERROR); else if (sm->TimeoutEvt) SM_ENTER(WPA_PTK_GROUP, REKEYNEGOTIATING); @@ -2794,7 +3502,7 @@ static int wpa_group_update_sta(struct wpa_state_machine *sm, void *ctx) } -#ifdef CONFIG_WNM +#ifdef CONFIG_WNM_AP /* update GTK when exiting WNM-Sleep Mode */ void wpa_wnmsleep_rekey_gtk(struct wpa_state_machine *sm) { @@ -2873,7 +3581,7 @@ int wpa_wnmsleep_igtk_subelem(struct wpa_state_machine *sm, u8 *pos) return pos - start; } #endif /* CONFIG_IEEE80211W */ -#endif /* CONFIG_WNM */ +#endif /* CONFIG_WNM_AP */ static void wpa_group_setkeys(struct wpa_authenticator *wpa_auth, @@ -3151,8 +3859,8 @@ int wpa_get_mib(struct wpa_authenticator *wpa_auth, char *buf, size_t buflen) "dot11RSNAConfigNumberOfGTKSAReplayCounters=0\n", RSN_VERSION, !!wpa_auth->conf.wpa_strict_rekey, - dot11RSNAConfigGroupUpdateCount, - dot11RSNAConfigPairwiseUpdateCount, + wpa_auth->conf.wpa_group_update_count, + wpa_auth->conf.wpa_pairwise_update_count, wpa_cipher_key_len(wpa_auth->conf.wpa_group) * 8, dot11RSNAConfigPMKLifetime, dot11RSNAConfigPMKReauthThreshold, @@ -3279,6 +3987,14 @@ int wpa_auth_sta_ft_tk_already_set(struct wpa_state_machine *sm) } +int wpa_auth_sta_fils_tk_already_set(struct wpa_state_machine *sm) +{ + if (!sm || !wpa_key_mgmt_fils(sm->wpa_key_mgmt)) + return 0; + return sm->tk_already_set; +} + + int wpa_auth_sta_clear_pmksa(struct wpa_state_machine *sm, struct rsn_pmksa_cache_entry *entry) { @@ -3320,7 +4036,7 @@ int wpa_auth_pmksa_add(struct wpa_state_machine *sm, const u8 *pmk, sm->wpa_auth->conf.disable_pmksa_caching) return -1; - if (sm->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) { + if (wpa_key_mgmt_sha384(sm->wpa_key_mgmt)) { if (pmk_len > PMK_LEN_SUITE_B_192) pmk_len = PMK_LEN_SUITE_B_192; } else if (pmk_len > PMK_LEN) { @@ -3372,6 +4088,29 @@ int wpa_auth_pmksa_add_sae(struct wpa_authenticator *wpa_auth, const u8 *addr, } +void wpa_auth_add_sae_pmkid(struct wpa_state_machine *sm, const u8 *pmkid) +{ + os_memcpy(sm->pmkid, pmkid, PMKID_LEN); + sm->pmkid_set = 1; +} + + +int wpa_auth_pmksa_add2(struct wpa_authenticator *wpa_auth, const u8 *addr, + const u8 *pmk, size_t pmk_len, const u8 *pmkid, + int session_timeout, int akmp) +{ + if (wpa_auth->conf.disable_pmksa_caching) + return -1; + + if (pmksa_cache_auth_add(wpa_auth->pmksa, pmk, pmk_len, pmkid, + NULL, 0, wpa_auth->addr, addr, session_timeout, + NULL, akmp)) + return 0; + + return -1; +} + + void wpa_auth_pmksa_remove(struct wpa_authenticator *wpa_auth, const u8 *sta_addr) { @@ -3404,12 +4143,65 @@ void wpa_auth_pmksa_flush(struct wpa_authenticator *wpa_auth) } +#ifdef CONFIG_PMKSA_CACHE_EXTERNAL +#ifdef CONFIG_MESH + +int wpa_auth_pmksa_list_mesh(struct wpa_authenticator *wpa_auth, const u8 *addr, + char *buf, size_t len) +{ + if (!wpa_auth || !wpa_auth->pmksa) + return 0; + + return pmksa_cache_auth_list_mesh(wpa_auth->pmksa, addr, buf, len); +} + + struct rsn_pmksa_cache_entry * -wpa_auth_pmksa_get(struct wpa_authenticator *wpa_auth, const u8 *sta_addr) +wpa_auth_pmksa_create_entry(const u8 *aa, const u8 *spa, const u8 *pmk, + const u8 *pmkid, int expiration) +{ + struct rsn_pmksa_cache_entry *entry; + struct os_reltime now; + + entry = pmksa_cache_auth_create_entry(pmk, PMK_LEN, pmkid, NULL, 0, aa, + spa, 0, NULL, WPA_KEY_MGMT_SAE); + if (!entry) + return NULL; + + os_get_reltime(&now); + entry->expiration = now.sec + expiration; + return entry; +} + + +int wpa_auth_pmksa_add_entry(struct wpa_authenticator *wpa_auth, + struct rsn_pmksa_cache_entry *entry) +{ + int ret; + + if (!wpa_auth || !wpa_auth->pmksa) + return -1; + + ret = pmksa_cache_auth_add_entry(wpa_auth->pmksa, entry); + if (ret < 0) + wpa_printf(MSG_DEBUG, + "RSN: Failed to store external PMKSA cache for " + MACSTR, MAC2STR(entry->spa)); + + return ret; +} + +#endif /* CONFIG_MESH */ +#endif /* CONFIG_PMKSA_CACHE_EXTERNAL */ + + +struct rsn_pmksa_cache_entry * +wpa_auth_pmksa_get(struct wpa_authenticator *wpa_auth, const u8 *sta_addr, + const u8 *pmkid) { if (!wpa_auth || !wpa_auth->pmksa) return NULL; - return pmksa_cache_auth_get(wpa_auth->pmksa, sta_addr, NULL); + return pmksa_cache_auth_get(wpa_auth->pmksa, sta_addr, pmkid); } @@ -3662,6 +4454,14 @@ void wpa_auth_eapol_key_tx_status(struct wpa_authenticator *wpa_auth, (timeout_ms % 1000) * 1000, wpa_send_eapol_timeout, wpa_auth, sm); } + +#ifdef CONFIG_TESTING_OPTIONS + if (sm->eapol_status_cb) { + sm->eapol_status_cb(sm->eapol_status_cb_ctx1, + sm->eapol_status_cb_ctx2); + sm->eapol_status_cb = NULL; + } +#endif /* CONFIG_TESTING_OPTIONS */ } @@ -3708,3 +4508,343 @@ void wpa_auth_reconfig_group_keys(struct wpa_authenticator *wpa_auth) for (group = wpa_auth->group; group; group = group->next) wpa_group_config_group_keys(wpa_auth, group); } + + +#ifdef CONFIG_FILS + +struct wpa_auth_fils_iter_data { + struct wpa_authenticator *auth; + const u8 *cache_id; + struct rsn_pmksa_cache_entry *pmksa; + const u8 *spa; + const u8 *pmkid; +}; + + +static int wpa_auth_fils_iter(struct wpa_authenticator *a, void *ctx) +{ + struct wpa_auth_fils_iter_data *data = ctx; + + if (a == data->auth || !a->conf.fils_cache_id_set || + os_memcmp(a->conf.fils_cache_id, data->cache_id, + FILS_CACHE_ID_LEN) != 0) + return 0; + data->pmksa = pmksa_cache_auth_get(a->pmksa, data->spa, data->pmkid); + return data->pmksa != NULL; +} + + +struct rsn_pmksa_cache_entry * +wpa_auth_pmksa_get_fils_cache_id(struct wpa_authenticator *wpa_auth, + const u8 *sta_addr, const u8 *pmkid) +{ + struct wpa_auth_fils_iter_data idata; + + if (!wpa_auth->conf.fils_cache_id_set) + return NULL; + idata.auth = wpa_auth; + idata.cache_id = wpa_auth->conf.fils_cache_id; + idata.pmksa = NULL; + idata.spa = sta_addr; + idata.pmkid = pmkid; + wpa_auth_for_each_auth(wpa_auth, wpa_auth_fils_iter, &idata); + return idata.pmksa; +} + + +#ifdef CONFIG_IEEE80211R_AP +int wpa_auth_write_fte(struct wpa_authenticator *wpa_auth, int use_sha384, + u8 *buf, size_t len) +{ + struct wpa_auth_config *conf = &wpa_auth->conf; + + return wpa_write_ftie(conf, use_sha384, conf->r0_key_holder, + conf->r0_key_holder_len, + NULL, NULL, buf, len, NULL, 0); +} +#endif /* CONFIG_IEEE80211R_AP */ + + +void wpa_auth_get_fils_aead_params(struct wpa_state_machine *sm, + u8 *fils_anonce, u8 *fils_snonce, + u8 *fils_kek, size_t *fils_kek_len) +{ + os_memcpy(fils_anonce, sm->ANonce, WPA_NONCE_LEN); + os_memcpy(fils_snonce, sm->SNonce, WPA_NONCE_LEN); + os_memcpy(fils_kek, sm->PTK.kek, WPA_KEK_MAX_LEN); + *fils_kek_len = sm->PTK.kek_len; +} + +#endif /* CONFIG_FILS */ + + +#ifdef CONFIG_TESTING_OPTIONS + +int wpa_auth_resend_m1(struct wpa_state_machine *sm, int change_anonce, + void (*cb)(void *ctx1, void *ctx2), + void *ctx1, void *ctx2) +{ + const u8 *anonce = sm->ANonce; + u8 anonce_buf[WPA_NONCE_LEN]; + + if (change_anonce) { + if (random_get_bytes(anonce_buf, WPA_NONCE_LEN)) + return -1; + anonce = anonce_buf; + } + + wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG, + "sending 1/4 msg of 4-Way Handshake (TESTING)"); + wpa_send_eapol(sm->wpa_auth, sm, + WPA_KEY_INFO_ACK | WPA_KEY_INFO_KEY_TYPE, NULL, + anonce, NULL, 0, 0, 0); + return 0; +} + + +int wpa_auth_resend_m3(struct wpa_state_machine *sm, + void (*cb)(void *ctx1, void *ctx2), + void *ctx1, void *ctx2) +{ + u8 rsc[WPA_KEY_RSC_LEN], *_rsc, *gtk, *kde, *pos; +#ifdef CONFIG_IEEE80211W + u8 *opos; +#endif /* CONFIG_IEEE80211W */ + size_t gtk_len, kde_len; + struct wpa_group *gsm = sm->group; + u8 *wpa_ie; + int wpa_ie_len, secure, keyidx, encr = 0; + + /* Send EAPOL(1, 1, 1, Pair, P, RSC, ANonce, MIC(PTK), RSNIE, [MDIE], + GTK[GN], IGTK, [FTIE], [TIE * 2]) + */ + + /* Use 0 RSC */ + os_memset(rsc, 0, WPA_KEY_RSC_LEN); + /* If FT is used, wpa_auth->wpa_ie includes both RSNIE and MDIE */ + wpa_ie = sm->wpa_auth->wpa_ie; + wpa_ie_len = sm->wpa_auth->wpa_ie_len; + if (sm->wpa == WPA_VERSION_WPA && + (sm->wpa_auth->conf.wpa & WPA_PROTO_RSN) && + wpa_ie_len > wpa_ie[1] + 2 && wpa_ie[0] == WLAN_EID_RSN) { + /* WPA-only STA, remove RSN IE and possible MDIE */ + wpa_ie = wpa_ie + wpa_ie[1] + 2; + if (wpa_ie[0] == WLAN_EID_MOBILITY_DOMAIN) + wpa_ie = wpa_ie + wpa_ie[1] + 2; + wpa_ie_len = wpa_ie[1] + 2; + } + wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG, + "sending 3/4 msg of 4-Way Handshake (TESTING)"); + if (sm->wpa == WPA_VERSION_WPA2) { + /* WPA2 send GTK in the 4-way handshake */ + secure = 1; + gtk = gsm->GTK[gsm->GN - 1]; + gtk_len = gsm->GTK_len; + keyidx = gsm->GN; + _rsc = rsc; + encr = 1; + } else { + /* WPA does not include GTK in msg 3/4 */ + secure = 0; + gtk = NULL; + gtk_len = 0; + keyidx = 0; + _rsc = NULL; + if (sm->rx_eapol_key_secure) { + /* + * It looks like Windows 7 supplicant tries to use + * Secure bit in msg 2/4 after having reported Michael + * MIC failure and it then rejects the 4-way handshake + * if msg 3/4 does not set Secure bit. Work around this + * by setting the Secure bit here even in the case of + * WPA if the supplicant used it first. + */ + wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG, + "STA used Secure bit in WPA msg 2/4 - " + "set Secure for 3/4 as workaround"); + secure = 1; + } + } + + kde_len = wpa_ie_len + ieee80211w_kde_len(sm); + if (gtk) + kde_len += 2 + RSN_SELECTOR_LEN + 2 + gtk_len; +#ifdef CONFIG_IEEE80211R_AP + if (wpa_key_mgmt_ft(sm->wpa_key_mgmt)) { + kde_len += 2 + PMKID_LEN; /* PMKR1Name into RSN IE */ + kde_len += 300; /* FTIE + 2 * TIE */ + } +#endif /* CONFIG_IEEE80211R_AP */ + kde = os_malloc(kde_len); + if (kde == NULL) + return -1; + + pos = kde; + os_memcpy(pos, wpa_ie, wpa_ie_len); + pos += wpa_ie_len; +#ifdef CONFIG_IEEE80211R_AP + if (wpa_key_mgmt_ft(sm->wpa_key_mgmt)) { + int res; + size_t elen; + + elen = pos - kde; + res = wpa_insert_pmkid(kde, &elen, sm->pmk_r1_name); + if (res < 0) { + wpa_printf(MSG_ERROR, "FT: Failed to insert " + "PMKR1Name into RSN IE in EAPOL-Key data"); + os_free(kde); + return -1; + } + pos -= wpa_ie_len; + pos += elen; + } +#endif /* CONFIG_IEEE80211R_AP */ + if (gtk) { + u8 hdr[2]; + hdr[0] = keyidx & 0x03; + hdr[1] = 0; + pos = wpa_add_kde(pos, RSN_KEY_DATA_GROUPKEY, hdr, 2, + gtk, gtk_len); + } +#ifdef CONFIG_IEEE80211W + opos = pos; + pos = ieee80211w_kde_add(sm, pos); + if (pos - opos >= 2 + RSN_SELECTOR_LEN + WPA_IGTK_KDE_PREFIX_LEN) { + /* skip KDE header and keyid */ + opos += 2 + RSN_SELECTOR_LEN + 2; + os_memset(opos, 0, 6); /* clear PN */ + } +#endif /* CONFIG_IEEE80211W */ + +#ifdef CONFIG_IEEE80211R_AP + if (wpa_key_mgmt_ft(sm->wpa_key_mgmt)) { + int res; + struct wpa_auth_config *conf; + + conf = &sm->wpa_auth->conf; + if (sm->assoc_resp_ftie && + kde + kde_len - pos >= 2 + sm->assoc_resp_ftie[1]) { + os_memcpy(pos, sm->assoc_resp_ftie, + 2 + sm->assoc_resp_ftie[1]); + res = 2 + sm->assoc_resp_ftie[1]; + } else { + int use_sha384 = wpa_key_mgmt_sha384(sm->wpa_key_mgmt); + + res = wpa_write_ftie(conf, use_sha384, + conf->r0_key_holder, + conf->r0_key_holder_len, + NULL, NULL, pos, + kde + kde_len - pos, + NULL, 0); + } + if (res < 0) { + wpa_printf(MSG_ERROR, "FT: Failed to insert FTIE " + "into EAPOL-Key Key Data"); + os_free(kde); + return -1; + } + pos += res; + + /* TIE[ReassociationDeadline] (TU) */ + *pos++ = WLAN_EID_TIMEOUT_INTERVAL; + *pos++ = 5; + *pos++ = WLAN_TIMEOUT_REASSOC_DEADLINE; + WPA_PUT_LE32(pos, conf->reassociation_deadline); + pos += 4; + + /* TIE[KeyLifetime] (seconds) */ + *pos++ = WLAN_EID_TIMEOUT_INTERVAL; + *pos++ = 5; + *pos++ = WLAN_TIMEOUT_KEY_LIFETIME; + WPA_PUT_LE32(pos, conf->r0_key_lifetime); + pos += 4; + } +#endif /* CONFIG_IEEE80211R_AP */ + + wpa_send_eapol(sm->wpa_auth, sm, + (secure ? WPA_KEY_INFO_SECURE : 0) | + (wpa_mic_len(sm->wpa_key_mgmt, sm->pmk_len) ? + WPA_KEY_INFO_MIC : 0) | + WPA_KEY_INFO_ACK | WPA_KEY_INFO_INSTALL | + WPA_KEY_INFO_KEY_TYPE, + _rsc, sm->ANonce, kde, pos - kde, keyidx, encr); + os_free(kde); + return 0; +} + + +int wpa_auth_resend_group_m1(struct wpa_state_machine *sm, + void (*cb)(void *ctx1, void *ctx2), + void *ctx1, void *ctx2) +{ + u8 rsc[WPA_KEY_RSC_LEN]; + struct wpa_group *gsm = sm->group; + const u8 *kde; + u8 *kde_buf = NULL, *pos, hdr[2]; +#ifdef CONFIG_IEEE80211W + u8 *opos; +#endif /* CONFIG_IEEE80211W */ + size_t kde_len; + u8 *gtk; + + /* Send EAPOL(1, 1, 1, !Pair, G, RSC, GNonce, MIC(PTK), GTK[GN]) */ + os_memset(rsc, 0, WPA_KEY_RSC_LEN); + /* Use 0 RSC */ + wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG, + "sending 1/2 msg of Group Key Handshake (TESTING)"); + + gtk = gsm->GTK[gsm->GN - 1]; + if (sm->wpa == WPA_VERSION_WPA2) { + kde_len = 2 + RSN_SELECTOR_LEN + 2 + gsm->GTK_len + + ieee80211w_kde_len(sm); + kde_buf = os_malloc(kde_len); + if (kde_buf == NULL) + return -1; + + kde = pos = kde_buf; + hdr[0] = gsm->GN & 0x03; + hdr[1] = 0; + pos = wpa_add_kde(pos, RSN_KEY_DATA_GROUPKEY, hdr, 2, + gtk, gsm->GTK_len); +#ifdef CONFIG_IEEE80211W + opos = pos; + pos = ieee80211w_kde_add(sm, pos); + if (pos - opos >= + 2 + RSN_SELECTOR_LEN + WPA_IGTK_KDE_PREFIX_LEN) { + /* skip KDE header and keyid */ + opos += 2 + RSN_SELECTOR_LEN + 2; + os_memset(opos, 0, 6); /* clear PN */ + } +#endif /* CONFIG_IEEE80211W */ + kde_len = pos - kde; + } else { + kde = gtk; + kde_len = gsm->GTK_len; + } + + sm->eapol_status_cb = cb; + sm->eapol_status_cb_ctx1 = ctx1; + sm->eapol_status_cb_ctx2 = ctx2; + + wpa_send_eapol(sm->wpa_auth, sm, + WPA_KEY_INFO_SECURE | + (wpa_mic_len(sm->wpa_key_mgmt, sm->pmk_len) ? + WPA_KEY_INFO_MIC : 0) | + WPA_KEY_INFO_ACK | + (!sm->Pair ? WPA_KEY_INFO_INSTALL : 0), + rsc, NULL, kde, kde_len, gsm->GN, 1); + + os_free(kde_buf); + return 0; +} + + +int wpa_auth_rekey_gtk(struct wpa_authenticator *wpa_auth) +{ + if (!wpa_auth) + return -1; + eloop_cancel_timeout(wpa_rekey_gtk, wpa_auth, NULL); + return eloop_register_timeout(0, 0, wpa_rekey_gtk, wpa_auth, NULL); +} + +#endif /* CONFIG_TESTING_OPTIONS */ diff --git a/contrib/wpa/src/ap/wpa_auth.h b/contrib/wpa/src/ap/wpa_auth.h index 97461b029d24..fad5536f740e 100644 --- a/contrib/wpa/src/ap/wpa_auth.h +++ b/contrib/wpa/src/ap/wpa_auth.h @@ -1,6 +1,6 @@ /* * hostapd - IEEE 802.11i-2004 / WPA Authenticator - * Copyright (c) 2004-2015, Jouni Malinen <j@w1.fi> + * Copyright (c) 2004-2017, Jouni Malinen <j@w1.fi> * * This software may be distributed under the terms of the BSD license. * See README for more details. @@ -14,6 +14,8 @@ #include "common/wpa_common.h" #include "common/ieee802_11_defs.h" +struct vlan_description; + #define MAX_OWN_IE_OVERRIDE 256 #ifdef _MSC_VER @@ -37,74 +39,100 @@ struct ft_rrb_frame { #define FT_PACKET_REQUEST 0 #define FT_PACKET_RESPONSE 1 -/* Vendor-specific types for R0KH-R1KH protocol; not defined in 802.11r */ -#define FT_PACKET_R0KH_R1KH_PULL 200 -#define FT_PACKET_R0KH_R1KH_RESP 201 -#define FT_PACKET_R0KH_R1KH_PUSH 202 - -#define FT_R0KH_R1KH_PULL_NONCE_LEN 16 -#define FT_R0KH_R1KH_PULL_DATA_LEN (FT_R0KH_R1KH_PULL_NONCE_LEN + \ - WPA_PMK_NAME_LEN + FT_R1KH_ID_LEN + \ - ETH_ALEN) -#define FT_R0KH_R1KH_PULL_PAD_LEN ((8 - FT_R0KH_R1KH_PULL_DATA_LEN % 8) % 8) - -struct ft_r0kh_r1kh_pull_frame { - u8 frame_type; /* RSN_REMOTE_FRAME_TYPE_FT_RRB */ - u8 packet_type; /* FT_PACKET_R0KH_R1KH_PULL */ - le16 data_length; /* little endian length of data (44) */ - u8 ap_address[ETH_ALEN]; - u8 nonce[FT_R0KH_R1KH_PULL_NONCE_LEN]; - u8 pmk_r0_name[WPA_PMK_NAME_LEN]; - u8 r1kh_id[FT_R1KH_ID_LEN]; - u8 s1kh_id[ETH_ALEN]; - u8 pad[FT_R0KH_R1KH_PULL_PAD_LEN]; /* 8-octet boundary for AES block */ - u8 key_wrap_extra[8]; -} STRUCT_PACKED; +/* Vendor-specific types for R0KH-R1KH protocol; not defined in 802.11r. These + * use OUI Extended EtherType as the encapsulating format. */ +#define FT_PACKET_R0KH_R1KH_PULL 0x01 +#define FT_PACKET_R0KH_R1KH_RESP 0x02 +#define FT_PACKET_R0KH_R1KH_PUSH 0x03 +#define FT_PACKET_R0KH_R1KH_SEQ_REQ 0x04 +#define FT_PACKET_R0KH_R1KH_SEQ_RESP 0x05 + +/* packet layout + * IEEE 802 extended OUI ethertype frame header + * u16 authlen (little endian) + * multiple of struct ft_rrb_tlv (authenticated only, length = authlen) + * multiple of struct ft_rrb_tlv (AES-SIV encrypted, AES-SIV needs an extra + * blocksize length) + * + * AES-SIV AAD; + * source MAC address (6) + * authenticated-only TLVs (authlen) + * subtype (1; FT_PACKET_*) + */ -#define FT_R0KH_R1KH_RESP_DATA_LEN (FT_R0KH_R1KH_PULL_NONCE_LEN + \ - FT_R1KH_ID_LEN + ETH_ALEN + PMK_LEN + \ - WPA_PMK_NAME_LEN + 2) -#define FT_R0KH_R1KH_RESP_PAD_LEN ((8 - FT_R0KH_R1KH_RESP_DATA_LEN % 8) % 8) -struct ft_r0kh_r1kh_resp_frame { - u8 frame_type; /* RSN_REMOTE_FRAME_TYPE_FT_RRB */ - u8 packet_type; /* FT_PACKET_R0KH_R1KH_RESP */ - le16 data_length; /* little endian length of data (78) */ - u8 ap_address[ETH_ALEN]; +#define FT_RRB_NONCE_LEN 16 - u8 nonce[FT_R0KH_R1KH_PULL_NONCE_LEN]; /* copied from pull */ - u8 r1kh_id[FT_R1KH_ID_LEN]; /* copied from pull */ - u8 s1kh_id[ETH_ALEN]; /* copied from pull */ - u8 pmk_r1[PMK_LEN]; - u8 pmk_r1_name[WPA_PMK_NAME_LEN]; - le16 pairwise; - u8 pad[FT_R0KH_R1KH_RESP_PAD_LEN]; /* 8-octet boundary for AES block */ - u8 key_wrap_extra[8]; -} STRUCT_PACKED; +#define FT_RRB_LAST_EMPTY 0 /* placeholder or padding */ -#define FT_R0KH_R1KH_PUSH_DATA_LEN (4 + FT_R1KH_ID_LEN + ETH_ALEN + \ - WPA_PMK_NAME_LEN + PMK_LEN + \ - WPA_PMK_NAME_LEN + 2) -#define FT_R0KH_R1KH_PUSH_PAD_LEN ((8 - FT_R0KH_R1KH_PUSH_DATA_LEN % 8) % 8) -struct ft_r0kh_r1kh_push_frame { - u8 frame_type; /* RSN_REMOTE_FRAME_TYPE_FT_RRB */ - u8 packet_type; /* FT_PACKET_R0KH_R1KH_PUSH */ - le16 data_length; /* little endian length of data (82) */ - u8 ap_address[ETH_ALEN]; +#define FT_RRB_SEQ 1 /* struct ft_rrb_seq */ +#define FT_RRB_NONCE 2 /* size FT_RRB_NONCE_LEN */ +#define FT_RRB_TIMESTAMP 3 /* le32 unix seconds */ + +#define FT_RRB_R0KH_ID 4 /* FT_R0KH_ID_MAX_LEN */ +#define FT_RRB_R1KH_ID 5 /* FT_R1KH_ID_LEN */ +#define FT_RRB_S1KH_ID 6 /* ETH_ALEN */ + +#define FT_RRB_PMK_R0_NAME 7 /* WPA_PMK_NAME_LEN */ +#define FT_RRB_PMK_R0 8 /* PMK_LEN */ +#define FT_RRB_PMK_R1_NAME 9 /* WPA_PMK_NAME_LEN */ +#define FT_RRB_PMK_R1 10 /* PMK_LEN */ + +#define FT_RRB_PAIRWISE 11 /* le16 */ +#define FT_RRB_EXPIRES_IN 12 /* le16 seconds */ + +#define FT_RRB_VLAN_UNTAGGED 13 /* le16 */ +#define FT_RRB_VLAN_TAGGED 14 /* n times le16 */ - /* Encrypted with AES key-wrap */ - u8 timestamp[4]; /* current time in seconds since unix epoch, little - * endian */ - u8 r1kh_id[FT_R1KH_ID_LEN]; - u8 s1kh_id[ETH_ALEN]; - u8 pmk_r0_name[WPA_PMK_NAME_LEN]; - u8 pmk_r1[PMK_LEN]; - u8 pmk_r1_name[WPA_PMK_NAME_LEN]; - le16 pairwise; - u8 pad[FT_R0KH_R1KH_PUSH_PAD_LEN]; /* 8-octet boundary for AES block */ - u8 key_wrap_extra[8]; +#define FT_RRB_IDENTITY 15 +#define FT_RRB_RADIUS_CUI 16 +#define FT_RRB_SESSION_TIMEOUT 17 /* le32 seconds */ + +struct ft_rrb_tlv { + le16 type; + le16 len; + /* followed by data of length len */ +} STRUCT_PACKED; + +struct ft_rrb_seq { + le32 dom; + le32 seq; + le32 ts; } STRUCT_PACKED; +/* session TLVs: + * required: PMK_R1, PMK_R1_NAME, PAIRWISE + * optional: VLAN_UNTAGGED, VLAN_TAGGED, EXPIRES_IN, IDENTITY, RADIUS_CUI, + * SESSION_TIMEOUT + * + * pull frame TLVs: + * auth: + * required: SEQ, NONCE, R0KH_ID, R1KH_ID + * encrypted: + * required: PMK_R0_NAME, S1KH_ID + * + * response frame TLVs: + * auth: + * required: SEQ, NONCE, R0KH_ID, R1KH_ID + * encrypted: + * required: S1KH_ID + * optional: session TLVs + * + * push frame TLVs: + * auth: + * required: SEQ, R0KH_ID, R1KH_ID + * encrypted: + * required: S1KH_ID, PMK_R0_NAME, session TLVs + * + * sequence number request frame TLVs: + * auth: + * required: R0KH_ID, R1KH_ID, NONCE + * + * sequence number response frame TLVs: + * auth: + * required: SEQ, NONCE, R0KH_ID, R1KH_ID + */ + #ifdef _MSC_VER #pragma pack(pop) #endif /* _MSC_VER */ @@ -116,6 +144,7 @@ struct wpa_authenticator; struct wpa_state_machine; struct rsn_pmksa_cache_entry; struct eapol_state_machine; +struct ft_remote_seq; struct ft_remote_r0kh { @@ -123,7 +152,8 @@ struct ft_remote_r0kh { u8 addr[ETH_ALEN]; u8 id[FT_R0KH_ID_MAX_LEN]; size_t id_len; - u8 key[16]; + u8 key[32]; + struct ft_remote_seq *seq; }; @@ -131,7 +161,8 @@ struct ft_remote_r1kh { struct ft_remote_r1kh *next; u8 addr[ETH_ALEN]; u8 id[FT_R1KH_ID_LEN]; - u8 key[16]; + u8 key[32]; + struct ft_remote_seq *seq; }; @@ -144,10 +175,12 @@ struct wpa_auth_config { int wpa_strict_rekey; int wpa_gmk_rekey; int wpa_ptk_rekey; + u32 wpa_group_update_count; + u32 wpa_pairwise_update_count; + int wpa_disable_eapol_key_retries; int rsn_pairwise; int rsn_preauth; int eapol_version; - int peerkey; int wmm_enabled; int wmm_uapsd; int disable_pmksa_caching; @@ -156,21 +189,28 @@ struct wpa_auth_config { #ifdef CONFIG_IEEE80211W enum mfp_options ieee80211w; int group_mgmt_cipher; + int sae_require_mfp; #endif /* CONFIG_IEEE80211W */ -#ifdef CONFIG_IEEE80211R +#ifdef CONFIG_IEEE80211R_AP u8 ssid[SSID_MAX_LEN]; size_t ssid_len; u8 mobility_domain[MOBILITY_DOMAIN_ID_LEN]; u8 r0_key_holder[FT_R0KH_ID_MAX_LEN]; size_t r0_key_holder_len; u8 r1_key_holder[FT_R1KH_ID_LEN]; - u32 r0_key_lifetime; + u32 r0_key_lifetime; /* PMK-R0 lifetime seconds */ + int rkh_pos_timeout; + int rkh_neg_timeout; + int rkh_pull_timeout; /* ms */ + int rkh_pull_retries; + int r1_max_key_lifetime; u32 reassociation_deadline; - struct ft_remote_r0kh *r0kh_list; - struct ft_remote_r1kh *r1kh_list; + struct ft_remote_r0kh **r0kh_list; + struct ft_remote_r1kh **r1kh_list; int pmk_r1_push; int ft_over_ds; -#endif /* CONFIG_IEEE80211R */ + int ft_psk_generate_local; +#endif /* CONFIG_IEEE80211R_AP */ int disable_gtk; int ap_mlme; #ifdef CONFIG_TESTING_OPTIONS @@ -184,6 +224,10 @@ struct wpa_auth_config { u8 ip_addr_start[4]; u8 ip_addr_end[4]; #endif /* CONFIG_P2P */ +#ifdef CONFIG_FILS + unsigned int fils_cache_id_set:1; + u8 fils_cache_id[FILS_CACHE_ID_LEN]; +#endif /* CONFIG_FILS */ }; typedef enum { @@ -197,7 +241,6 @@ typedef enum { } wpa_eapol_variable; struct wpa_auth_callbacks { - void *ctx; void (*logger)(void *ctx, const u8 *addr, logger_level level, const char *txt); void (*disconnect)(void *ctx, const u8 *addr, u16 reason); @@ -207,7 +250,7 @@ struct wpa_auth_callbacks { int value); int (*get_eapol)(void *ctx, const u8 *addr, wpa_eapol_variable var); const u8 * (*get_psk)(void *ctx, const u8 *addr, const u8 *p2p_dev_addr, - const u8 *prev_psk); + const u8 *prev_psk, size_t *psk_len); int (*get_msk)(void *ctx, const u8 *addr, u8 *msk, size_t *len); int (*set_key)(void *ctx, int vlan_id, enum wpa_alg alg, const u8 *addr, int idx, u8 *key, size_t key_len); @@ -220,13 +263,29 @@ struct wpa_auth_callbacks { void *ctx), void *cb_ctx); int (*send_ether)(void *ctx, const u8 *dst, u16 proto, const u8 *data, size_t data_len); -#ifdef CONFIG_IEEE80211R + int (*send_oui)(void *ctx, const u8 *dst, u8 oui_suffix, const u8 *data, + size_t data_len); +#ifdef CONFIG_IEEE80211R_AP struct wpa_state_machine * (*add_sta)(void *ctx, const u8 *sta_addr); + int (*set_vlan)(void *ctx, const u8 *sta_addr, + struct vlan_description *vlan); + int (*get_vlan)(void *ctx, const u8 *sta_addr, + struct vlan_description *vlan); + int (*set_identity)(void *ctx, const u8 *sta_addr, + const u8 *identity, size_t identity_len); + size_t (*get_identity)(void *ctx, const u8 *sta_addr, const u8 **buf); + int (*set_radius_cui)(void *ctx, const u8 *sta_addr, + const u8 *radius_cui, size_t radius_cui_len); + size_t (*get_radius_cui)(void *ctx, const u8 *sta_addr, const u8 **buf); + void (*set_session_timeout)(void *ctx, const u8 *sta_addr, + int session_timeout); + int (*get_session_timeout)(void *ctx, const u8 *sta_addr); + int (*send_ft_action)(void *ctx, const u8 *dst, const u8 *data, size_t data_len); int (*add_tspec)(void *ctx, const u8 *sta_addr, u8 *tspec_ie, size_t tspec_ielen); -#endif /* CONFIG_IEEE80211R */ +#endif /* CONFIG_IEEE80211R_AP */ #ifdef CONFIG_MESH int (*start_ampe)(void *ctx, const u8 *sta_addr); #endif /* CONFIG_MESH */ @@ -234,7 +293,8 @@ struct wpa_auth_callbacks { struct wpa_authenticator * wpa_init(const u8 *addr, struct wpa_auth_config *conf, - struct wpa_auth_callbacks *cb); + const struct wpa_auth_callbacks *cb, + void *cb_ctx); int wpa_init_keys(struct wpa_authenticator *wpa_auth); void wpa_deinit(struct wpa_authenticator *wpa_auth); int wpa_reconfig(struct wpa_authenticator *wpa_auth, @@ -244,13 +304,14 @@ enum { WPA_IE_OK, WPA_INVALID_IE, WPA_INVALID_GROUP, WPA_INVALID_PAIRWISE, WPA_INVALID_AKMP, WPA_NOT_ENABLED, WPA_ALLOC_FAIL, WPA_MGMT_FRAME_PROTECTION_VIOLATION, WPA_INVALID_MGMT_GROUP_CIPHER, - WPA_INVALID_MDIE, WPA_INVALID_PROTO + WPA_INVALID_MDIE, WPA_INVALID_PROTO, WPA_INVALID_PMKID }; - + int wpa_validate_wpa_ie(struct wpa_authenticator *wpa_auth, struct wpa_state_machine *sm, const u8 *wpa_ie, size_t wpa_ie_len, - const u8 *mdie, size_t mdie_len); + const u8 *mdie, size_t mdie_len, + const u8 *owe_dh, size_t owe_dh_len); int wpa_validate_osen(struct wpa_authenticator *wpa_auth, struct wpa_state_machine *sm, const u8 *osen_ie, size_t osen_ie_len); @@ -267,7 +328,7 @@ void wpa_receive(struct wpa_authenticator *wpa_auth, u8 *data, size_t data_len); enum wpa_event { WPA_AUTH, WPA_ASSOC, WPA_DISASSOC, WPA_DEAUTH, WPA_REAUTH, - WPA_REAUTH_EAPOL, WPA_ASSOC_FT, WPA_DRV_STA_REMOVED + WPA_REAUTH_EAPOL, WPA_ASSOC_FT, WPA_ASSOC_FILS, WPA_DRV_STA_REMOVED }; void wpa_remove_ptk(struct wpa_state_machine *sm); int wpa_auth_sm_event(struct wpa_state_machine *sm, enum wpa_event event); @@ -281,6 +342,7 @@ int wpa_auth_get_pairwise(struct wpa_state_machine *sm); int wpa_auth_sta_key_mgmt(struct wpa_state_machine *sm); int wpa_auth_sta_wpa_version(struct wpa_state_machine *sm); int wpa_auth_sta_ft_tk_already_set(struct wpa_state_machine *sm); +int wpa_auth_sta_fils_tk_already_set(struct wpa_state_machine *sm); int wpa_auth_sta_clear_pmksa(struct wpa_state_machine *sm, struct rsn_pmksa_cache_entry *entry); struct rsn_pmksa_cache_entry * @@ -297,13 +359,28 @@ int wpa_auth_pmksa_add_preauth(struct wpa_authenticator *wpa_auth, struct eapol_state_machine *eapol); int wpa_auth_pmksa_add_sae(struct wpa_authenticator *wpa_auth, const u8 *addr, const u8 *pmk, const u8 *pmkid); +void wpa_auth_add_sae_pmkid(struct wpa_state_machine *sm, const u8 *pmkid); +int wpa_auth_pmksa_add2(struct wpa_authenticator *wpa_auth, const u8 *addr, + const u8 *pmk, size_t pmk_len, const u8 *pmkid, + int session_timeout, int akmp); void wpa_auth_pmksa_remove(struct wpa_authenticator *wpa_auth, const u8 *sta_addr); int wpa_auth_pmksa_list(struct wpa_authenticator *wpa_auth, char *buf, size_t len); void wpa_auth_pmksa_flush(struct wpa_authenticator *wpa_auth); +int wpa_auth_pmksa_list_mesh(struct wpa_authenticator *wpa_auth, const u8 *addr, + char *buf, size_t len); +struct rsn_pmksa_cache_entry * +wpa_auth_pmksa_create_entry(const u8 *aa, const u8 *spa, const u8 *pmk, + const u8 *pmkid, int expiration); +int wpa_auth_pmksa_add_entry(struct wpa_authenticator *wpa_auth, + struct rsn_pmksa_cache_entry *entry); +struct rsn_pmksa_cache_entry * +wpa_auth_pmksa_get(struct wpa_authenticator *wpa_auth, const u8 *sta_addr, + const u8 *pmkid); struct rsn_pmksa_cache_entry * -wpa_auth_pmksa_get(struct wpa_authenticator *wpa_auth, const u8 *sta_addr); +wpa_auth_pmksa_get_fils_cache_id(struct wpa_authenticator *wpa_auth, + const u8 *sta_addr, const u8 *pmkid); void wpa_auth_pmksa_set_to_sm(struct rsn_pmksa_cache_entry *pmksa, struct wpa_state_machine *sm, struct wpa_authenticator *wpa_auth, @@ -312,7 +389,7 @@ int wpa_auth_sta_set_vlan(struct wpa_state_machine *sm, int vlan_id); void wpa_auth_eapol_key_tx_status(struct wpa_authenticator *wpa_auth, struct wpa_state_machine *sm, int ack); -#ifdef CONFIG_IEEE80211R +#ifdef CONFIG_IEEE80211R_AP u8 * wpa_sm_write_assoc_resp_ies(struct wpa_state_machine *sm, u8 *pos, size_t max_len, int auth_alg, const u8 *req_ies, size_t req_ies_len); @@ -327,8 +404,13 @@ u16 wpa_ft_validate_reassoc(struct wpa_state_machine *sm, const u8 *ies, int wpa_ft_action_rx(struct wpa_state_machine *sm, const u8 *data, size_t len); int wpa_ft_rrb_rx(struct wpa_authenticator *wpa_auth, const u8 *src_addr, const u8 *data, size_t data_len); +void wpa_ft_rrb_oui_rx(struct wpa_authenticator *wpa_auth, const u8 *src_addr, + const u8 *dst_addr, u8 oui_suffix, const u8 *data, + size_t data_len); void wpa_ft_push_pmk_r1(struct wpa_authenticator *wpa_auth, const u8 *addr); -#endif /* CONFIG_IEEE80211R */ +void wpa_ft_deinit(struct wpa_authenticator *wpa_auth); +void wpa_ft_sta_deinit(struct wpa_state_machine *sm); +#endif /* CONFIG_IEEE80211R_AP */ void wpa_wnmsleep_rekey_gtk(struct wpa_state_machine *sm); void wpa_set_wnmsleep(struct wpa_state_machine *sm, int flag); @@ -347,5 +429,44 @@ void wpa_auth_reconfig_group_keys(struct wpa_authenticator *wpa_auth); int wpa_auth_ensure_group(struct wpa_authenticator *wpa_auth, int vlan_id); int wpa_auth_release_group(struct wpa_authenticator *wpa_auth, int vlan_id); +int fils_auth_pmk_to_ptk(struct wpa_state_machine *sm, const u8 *pmk, + size_t pmk_len, const u8 *snonce, const u8 *anonce, + const u8 *dhss, size_t dhss_len, + struct wpabuf *g_sta, struct wpabuf *g_ap); +int fils_decrypt_assoc(struct wpa_state_machine *sm, const u8 *fils_session, + const struct ieee80211_mgmt *mgmt, size_t frame_len, + u8 *pos, size_t left); +int fils_encrypt_assoc(struct wpa_state_machine *sm, u8 *buf, + size_t current_len, size_t max_len, + const struct wpabuf *hlp); +int fils_set_tk(struct wpa_state_machine *sm); +u8 * hostapd_eid_assoc_fils_session(struct wpa_state_machine *sm, u8 *eid, + const u8 *fils_session, + struct wpabuf *fils_hlp_resp); +const u8 * wpa_fils_validate_fils_session(struct wpa_state_machine *sm, + const u8 *ies, size_t ies_len, + const u8 *fils_session); +int wpa_fils_validate_key_confirm(struct wpa_state_machine *sm, const u8 *ies, + size_t ies_len); + +int wpa_auth_write_fte(struct wpa_authenticator *wpa_auth, int use_sha384, + u8 *buf, size_t len); +void wpa_auth_get_fils_aead_params(struct wpa_state_machine *sm, + u8 *fils_anonce, u8 *fils_snonce, + u8 *fils_kek, size_t *fils_kek_len); +u8 * wpa_auth_write_assoc_resp_owe(struct wpa_state_machine *sm, + u8 *pos, size_t max_len, + const u8 *req_ies, size_t req_ies_len); + +int wpa_auth_resend_m1(struct wpa_state_machine *sm, int change_anonce, + void (*cb)(void *ctx1, void *ctx2), + void *ctx1, void *ctx2); +int wpa_auth_resend_m3(struct wpa_state_machine *sm, + void (*cb)(void *ctx1, void *ctx2), + void *ctx1, void *ctx2); +int wpa_auth_resend_group_m1(struct wpa_state_machine *sm, + void (*cb)(void *ctx1, void *ctx2), + void *ctx1, void *ctx2); +int wpa_auth_rekey_gtk(struct wpa_authenticator *wpa_auth); #endif /* WPA_AUTH_H */ diff --git a/contrib/wpa/src/ap/wpa_auth_ft.c b/contrib/wpa/src/ap/wpa_auth_ft.c index e63b99ad2034..f6792e00f32d 100644 --- a/contrib/wpa/src/ap/wpa_auth_ft.c +++ b/contrib/wpa/src/ap/wpa_auth_ft.c @@ -1,6 +1,6 @@ /* * hostapd - IEEE 802.11r - Fast BSS Transition - * Copyright (c) 2004-2015, Jouni Malinen <j@w1.fi> + * Copyright (c) 2004-2018, Jouni Malinen <j@w1.fi> * * This software may be distributed under the terms of the BSD license. * See README for more details. @@ -13,7 +13,10 @@ #include "utils/list.h" #include "common/ieee802_11_defs.h" #include "common/ieee802_11_common.h" +#include "crypto/aes.h" +#include "crypto/aes_siv.h" #include "crypto/aes_wrap.h" +#include "crypto/sha384.h" #include "crypto/random.h" #include "ap_config.h" #include "ieee802_11.h" @@ -22,41 +25,692 @@ #include "wpa_auth_i.h" -#ifdef CONFIG_IEEE80211R +#ifdef CONFIG_IEEE80211R_AP + +const unsigned int ftRRBseqTimeout = 10; +const unsigned int ftRRBmaxQueueLen = 100; + static int wpa_ft_send_rrb_auth_resp(struct wpa_state_machine *sm, const u8 *current_ap, const u8 *sta_addr, u16 status, const u8 *resp_ies, size_t resp_ies_len); +static void ft_finish_pull(struct wpa_state_machine *sm); +static void wpa_ft_expire_pull(void *eloop_ctx, void *timeout_ctx); +static void wpa_ft_rrb_seq_timeout(void *eloop_ctx, void *timeout_ctx); + +struct tlv_list { + u16 type; + size_t len; + const u8 *data; +}; + + +/** + * wpa_ft_rrb_decrypt - Decrypt FT RRB message + * @key: AES-SIV key for AEAD + * @key_len: Length of key in octets + * @enc: Pointer to encrypted TLVs + * @enc_len: Length of encrypted TLVs in octets + * @auth: Pointer to authenticated TLVs + * @auth_len: Length of authenticated TLVs in octets + * @src_addr: MAC address of the frame sender + * @type: Vendor-specific subtype of the RRB frame (FT_PACKET_*) + * @plain: Pointer to return the pointer to the allocated plaintext buffer; + * needs to be freed by the caller if not NULL; + * will only be returned on success + * @plain_len: Pointer to return the length of the allocated plaintext buffer + * in octets + * Returns: 0 on success, -1 on error + */ +static int wpa_ft_rrb_decrypt(const u8 *key, const size_t key_len, + const u8 *enc, const size_t enc_len, + const u8 *auth, const size_t auth_len, + const u8 *src_addr, u8 type, + u8 **plain, size_t *plain_size) +{ + const u8 *ad[3] = { src_addr, auth, &type }; + size_t ad_len[3] = { ETH_ALEN, auth_len, sizeof(type) }; + + wpa_hexdump_key(MSG_DEBUG, "FT(RRB): decrypt using key", key, key_len); + + if (!key) { /* skip decryption */ + *plain = os_memdup(enc, enc_len); + if (enc_len > 0 && !*plain) + goto err; + + *plain_size = enc_len; + + return 0; + } + + *plain = NULL; + + /* SIV overhead */ + if (enc_len < AES_BLOCK_SIZE) + goto err; + + *plain = os_zalloc(enc_len - AES_BLOCK_SIZE); + if (!*plain) + goto err; + + if (aes_siv_decrypt(key, key_len, enc, enc_len, 3, ad, ad_len, + *plain) < 0) + goto err; + + *plain_size = enc_len - AES_BLOCK_SIZE; + wpa_hexdump_key(MSG_DEBUG, "FT(RRB): decrypted TLVs", + *plain, *plain_size); + return 0; +err: + os_free(*plain); + *plain = NULL; + *plain_size = 0; + + wpa_printf(MSG_ERROR, "FT(RRB): Failed to decrypt"); + + return -1; +} + + +/* get first tlv record in packet matching type + * @data (decrypted) packet + * @return 0 on success else -1 + */ +static int wpa_ft_rrb_get_tlv(const u8 *plain, size_t plain_len, + u16 type, size_t *tlv_len, const u8 **tlv_data) +{ + const struct ft_rrb_tlv *f; + size_t left; + le16 type16; + size_t len; + + left = plain_len; + type16 = host_to_le16(type); + + while (left >= sizeof(*f)) { + f = (const struct ft_rrb_tlv *) plain; + + left -= sizeof(*f); + plain += sizeof(*f); + len = le_to_host16(f->len); + + if (left < len) { + wpa_printf(MSG_DEBUG, "FT: RRB message truncated"); + break; + } + + if (f->type == type16) { + *tlv_len = len; + *tlv_data = plain; + return 0; + } + + left -= len; + plain += len; + } + + return -1; +} + + +static void wpa_ft_rrb_dump(const u8 *plain, const size_t plain_len) +{ + const struct ft_rrb_tlv *f; + size_t left; + size_t len; + + left = plain_len; + + wpa_printf(MSG_DEBUG, "FT: RRB dump message"); + while (left >= sizeof(*f)) { + f = (const struct ft_rrb_tlv *) plain; + + left -= sizeof(*f); + plain += sizeof(*f); + len = le_to_host16(f->len); + + wpa_printf(MSG_DEBUG, "FT: RRB TLV type = %d, len = %zu", + le_to_host16(f->type), len); + + if (left < len) { + wpa_printf(MSG_DEBUG, + "FT: RRB message truncated: left %zu bytes, need %zu", + left, len); + break; + } + + wpa_hexdump(MSG_DEBUG, "FT: RRB TLV data", plain, len); + + left -= len; + plain += len; + } + + if (left > 0) + wpa_hexdump(MSG_DEBUG, "FT: RRB TLV padding", plain, left); + + wpa_printf(MSG_DEBUG, "FT: RRB dump message end"); +} + + +static int cmp_int(const void *a, const void *b) +{ + int x, y; + + x = *((int *) a); + y = *((int *) b); + return x - y; +} + + +static int wpa_ft_rrb_get_tlv_vlan(const u8 *plain, const size_t plain_len, + struct vlan_description *vlan) +{ + struct ft_rrb_tlv *f; + size_t left; + size_t len; + int taggedidx; + int vlan_id; + int type; + + left = plain_len; + taggedidx = 0; + os_memset(vlan, 0, sizeof(*vlan)); + + while (left >= sizeof(*f)) { + f = (struct ft_rrb_tlv *) plain; + + left -= sizeof(*f); + plain += sizeof(*f); + + len = le_to_host16(f->len); + type = le_to_host16(f->type); + + if (left < len) { + wpa_printf(MSG_DEBUG, "FT: RRB message truncated"); + return -1; + } + + if (type != FT_RRB_VLAN_UNTAGGED && type != FT_RRB_VLAN_TAGGED) + goto skip; + + if (type == FT_RRB_VLAN_UNTAGGED && len != sizeof(le16)) { + wpa_printf(MSG_DEBUG, + "FT: RRB VLAN_UNTAGGED invalid length"); + return -1; + } + + if (type == FT_RRB_VLAN_TAGGED && len % sizeof(le16) != 0) { + wpa_printf(MSG_DEBUG, + "FT: RRB VLAN_TAGGED invalid length"); + return -1; + } + + while (len >= sizeof(le16)) { + vlan_id = WPA_GET_LE16(plain); + plain += sizeof(le16); + left -= sizeof(le16); + len -= sizeof(le16); + + if (vlan_id <= 0 || vlan_id > MAX_VLAN_ID) { + wpa_printf(MSG_DEBUG, + "FT: RRB VLAN ID invalid %d", + vlan_id); + continue; + } + + if (type == FT_RRB_VLAN_UNTAGGED) + vlan->untagged = vlan_id; + + if (type == FT_RRB_VLAN_TAGGED && + taggedidx < MAX_NUM_TAGGED_VLAN) { + vlan->tagged[taggedidx] = vlan_id; + taggedidx++; + } else if (type == FT_RRB_VLAN_TAGGED) { + wpa_printf(MSG_DEBUG, "FT: RRB too many VLANs"); + } + } + + skip: + left -= len; + plain += len; + } + + if (taggedidx) + qsort(vlan->tagged, taggedidx, sizeof(int), cmp_int); + + vlan->notempty = vlan->untagged || vlan->tagged[0]; + + return 0; +} + + +static size_t wpa_ft_tlv_len(const struct tlv_list *tlvs) +{ + size_t tlv_len = 0; + int i; + + if (!tlvs) + return 0; + + for (i = 0; tlvs[i].type != FT_RRB_LAST_EMPTY; i++) { + tlv_len += sizeof(struct ft_rrb_tlv); + tlv_len += tlvs[i].len; + } + + return tlv_len; +} + + +static size_t wpa_ft_tlv_lin(const struct tlv_list *tlvs, u8 *start, + u8 *endpos) +{ + int i; + size_t tlv_len; + struct ft_rrb_tlv *hdr; + u8 *pos; + + if (!tlvs) + return 0; + + tlv_len = 0; + pos = start; + for (i = 0; tlvs[i].type != FT_RRB_LAST_EMPTY; i++) { + if (tlv_len + sizeof(*hdr) > (size_t) (endpos - start)) + return tlv_len; + tlv_len += sizeof(*hdr); + hdr = (struct ft_rrb_tlv *) pos; + hdr->type = host_to_le16(tlvs[i].type); + hdr->len = host_to_le16(tlvs[i].len); + pos = start + tlv_len; + + if (tlv_len + tlvs[i].len > (size_t) (endpos - start)) + return tlv_len; + if (tlvs[i].len == 0) + continue; + tlv_len += tlvs[i].len; + os_memcpy(pos, tlvs[i].data, tlvs[i].len); + pos = start + tlv_len; + } + + return tlv_len; +} + + +static size_t wpa_ft_vlan_len(const struct vlan_description *vlan) +{ + size_t tlv_len = 0; + int i; + + if (!vlan || !vlan->notempty) + return 0; + + if (vlan->untagged) { + tlv_len += sizeof(struct ft_rrb_tlv); + tlv_len += sizeof(le16); + } + if (vlan->tagged[0]) + tlv_len += sizeof(struct ft_rrb_tlv); + for (i = 0; i < MAX_NUM_TAGGED_VLAN && vlan->tagged[i]; i++) + tlv_len += sizeof(le16); + + return tlv_len; +} + + +static size_t wpa_ft_vlan_lin(const struct vlan_description *vlan, + u8 *start, u8 *endpos) +{ + size_t tlv_len; + int i, len; + struct ft_rrb_tlv *hdr; + u8 *pos = start; + + if (!vlan || !vlan->notempty) + return 0; + + tlv_len = 0; + if (vlan->untagged) { + tlv_len += sizeof(*hdr); + if (start + tlv_len > endpos) + return tlv_len; + hdr = (struct ft_rrb_tlv *) pos; + hdr->type = host_to_le16(FT_RRB_VLAN_UNTAGGED); + hdr->len = host_to_le16(sizeof(le16)); + pos = start + tlv_len; + + tlv_len += sizeof(le16); + if (start + tlv_len > endpos) + return tlv_len; + WPA_PUT_LE16(pos, vlan->untagged); + pos = start + tlv_len; + } + + if (!vlan->tagged[0]) + return tlv_len; + + tlv_len += sizeof(*hdr); + if (start + tlv_len > endpos) + return tlv_len; + hdr = (struct ft_rrb_tlv *) pos; + hdr->type = host_to_le16(FT_RRB_VLAN_TAGGED); + len = 0; /* len is computed below */ + pos = start + tlv_len; + + for (i = 0; i < MAX_NUM_TAGGED_VLAN && vlan->tagged[i]; i++) { + tlv_len += sizeof(le16); + if (start + tlv_len > endpos) + break; + len += sizeof(le16); + WPA_PUT_LE16(pos, vlan->tagged[i]); + pos = start + tlv_len; + } + + hdr->len = host_to_le16(len); + + return tlv_len; +} +static int wpa_ft_rrb_lin(const struct tlv_list *tlvs1, + const struct tlv_list *tlvs2, + const struct vlan_description *vlan, + u8 **plain, size_t *plain_len) +{ + u8 *pos, *endpos; + size_t tlv_len; + + tlv_len = wpa_ft_tlv_len(tlvs1); + tlv_len += wpa_ft_tlv_len(tlvs2); + tlv_len += wpa_ft_vlan_len(vlan); + + *plain_len = tlv_len; + *plain = os_zalloc(tlv_len); + if (!*plain) { + wpa_printf(MSG_ERROR, "FT: Failed to allocate plaintext"); + goto err; + } + + pos = *plain; + endpos = *plain + tlv_len; + pos += wpa_ft_tlv_lin(tlvs1, pos, endpos); + pos += wpa_ft_tlv_lin(tlvs2, pos, endpos); + pos += wpa_ft_vlan_lin(vlan, pos, endpos); + + /* sanity check */ + if (pos != endpos) { + wpa_printf(MSG_ERROR, "FT: Length error building RRB"); + goto err; + } + + return 0; + +err: + os_free(*plain); + *plain = NULL; + *plain_len = 0; + return -1; +} + + +static int wpa_ft_rrb_encrypt(const u8 *key, const size_t key_len, + const u8 *plain, const size_t plain_len, + const u8 *auth, const size_t auth_len, + const u8 *src_addr, u8 type, u8 *enc) +{ + const u8 *ad[3] = { src_addr, auth, &type }; + size_t ad_len[3] = { ETH_ALEN, auth_len, sizeof(type) }; + + wpa_hexdump_key(MSG_DEBUG, "FT(RRB): plaintext message", + plain, plain_len); + wpa_hexdump_key(MSG_DEBUG, "FT(RRB): encrypt using key", key, key_len); + + if (!key) { + /* encryption not needed, return plaintext as packet */ + os_memcpy(enc, plain, plain_len); + } else if (aes_siv_encrypt(key, key_len, plain, plain_len, + 3, ad, ad_len, enc) < 0) { + wpa_printf(MSG_ERROR, "FT: Failed to encrypt RRB-OUI message"); + return -1; + } + + return 0; +} + + +/** + * wpa_ft_rrb_build - Build and encrypt an FT RRB message + * @key: AES-SIV key for AEAD + * @key_len: Length of key in octets + * @tlvs_enc0: First set of to-be-encrypted TLVs + * @tlvs_enc1: Second set of to-be-encrypted TLVs + * @tlvs_auth: Set of to-be-authenticated TLVs + * @src_addr: MAC address of the frame sender + * @type: Vendor-specific subtype of the RRB frame (FT_PACKET_*) + * @packet Pointer to return the pointer to the allocated packet buffer; + * needs to be freed by the caller if not null; + * will only be returned on success + * @packet_len: Pointer to return the length of the allocated buffer in octets + * Returns: 0 on success, -1 on error + */ +static int wpa_ft_rrb_build(const u8 *key, const size_t key_len, + const struct tlv_list *tlvs_enc0, + const struct tlv_list *tlvs_enc1, + const struct tlv_list *tlvs_auth, + const struct vlan_description *vlan, + const u8 *src_addr, u8 type, + u8 **packet, size_t *packet_len) +{ + u8 *plain = NULL, *auth = NULL, *pos; + size_t plain_len = 0, auth_len = 0; + int ret = -1; + + *packet = NULL; + if (wpa_ft_rrb_lin(tlvs_enc0, tlvs_enc1, vlan, &plain, &plain_len) < 0) + goto out; + + if (wpa_ft_rrb_lin(tlvs_auth, NULL, NULL, &auth, &auth_len) < 0) + goto out; + + *packet_len = sizeof(u16) + auth_len + plain_len; + if (key) + *packet_len += AES_BLOCK_SIZE; + *packet = os_zalloc(*packet_len); + if (!*packet) + goto out; + + pos = *packet; + WPA_PUT_LE16(pos, auth_len); + pos += 2; + os_memcpy(pos, auth, auth_len); + pos += auth_len; + if (wpa_ft_rrb_encrypt(key, key_len, plain, plain_len, auth, + auth_len, src_addr, type, pos) < 0) + goto out; + + ret = 0; + +out: + bin_clear_free(plain, plain_len); + os_free(auth); + + if (ret) { + wpa_printf(MSG_ERROR, "FT: Failed to build RRB-OUI message"); + os_free(*packet); + *packet = NULL; + *packet_len = 0; + } + + return ret; +} + + +#define RRB_GET_SRC(srcfield, type, field, txt, checklength) do { \ + if (wpa_ft_rrb_get_tlv(srcfield, srcfield##_len, type, \ + &f_##field##_len, &f_##field) < 0 || \ + (checklength > 0 && ((size_t) checklength) != f_##field##_len)) { \ + wpa_printf(MSG_INFO, "FT: Missing required " #field \ + " in %s from " MACSTR, txt, MAC2STR(src_addr)); \ + wpa_ft_rrb_dump(srcfield, srcfield##_len); \ + goto out; \ + } \ +} while (0) + +#define RRB_GET(type, field, txt, checklength) \ + RRB_GET_SRC(plain, type, field, txt, checklength) +#define RRB_GET_AUTH(type, field, txt, checklength) \ + RRB_GET_SRC(auth, type, field, txt, checklength) + +#define RRB_GET_OPTIONAL_SRC(srcfield, type, field, txt, checklength) do { \ + if (wpa_ft_rrb_get_tlv(srcfield, srcfield##_len, type, \ + &f_##field##_len, &f_##field) < 0 || \ + (checklength > 0 && ((size_t) checklength) != f_##field##_len)) { \ + wpa_printf(MSG_DEBUG, "FT: Missing optional " #field \ + " in %s from " MACSTR, txt, MAC2STR(src_addr)); \ + f_##field##_len = 0; \ + f_##field = NULL; \ + } \ +} while (0) + +#define RRB_GET_OPTIONAL(type, field, txt, checklength) \ + RRB_GET_OPTIONAL_SRC(plain, type, field, txt, checklength) +#define RRB_GET_OPTIONAL_AUTH(type, field, txt, checklength) \ + RRB_GET_OPTIONAL_SRC(auth, type, field, txt, checklength) + static int wpa_ft_rrb_send(struct wpa_authenticator *wpa_auth, const u8 *dst, const u8 *data, size_t data_len) { - if (wpa_auth->cb.send_ether == NULL) + if (wpa_auth->cb->send_ether == NULL) return -1; wpa_printf(MSG_DEBUG, "FT: RRB send to " MACSTR, MAC2STR(dst)); - return wpa_auth->cb.send_ether(wpa_auth->cb.ctx, dst, ETH_P_RRB, - data, data_len); + return wpa_auth->cb->send_ether(wpa_auth->cb_ctx, dst, ETH_P_RRB, + data, data_len); +} + + +static int wpa_ft_rrb_oui_send(struct wpa_authenticator *wpa_auth, + const u8 *dst, u8 oui_suffix, + const u8 *data, size_t data_len) +{ + if (!wpa_auth->cb->send_oui) + return -1; + wpa_printf(MSG_DEBUG, "FT: RRB-OUI type %u send to " MACSTR, + oui_suffix, MAC2STR(dst)); + return wpa_auth->cb->send_oui(wpa_auth->cb_ctx, dst, oui_suffix, data, + data_len); } static int wpa_ft_action_send(struct wpa_authenticator *wpa_auth, const u8 *dst, const u8 *data, size_t data_len) { - if (wpa_auth->cb.send_ft_action == NULL) + if (wpa_auth->cb->send_ft_action == NULL) return -1; - return wpa_auth->cb.send_ft_action(wpa_auth->cb.ctx, dst, - data, data_len); + return wpa_auth->cb->send_ft_action(wpa_auth->cb_ctx, dst, + data, data_len); +} + + +static const u8 * wpa_ft_get_psk(struct wpa_authenticator *wpa_auth, + const u8 *addr, const u8 *p2p_dev_addr, + const u8 *prev_psk) +{ + if (wpa_auth->cb->get_psk == NULL) + return NULL; + return wpa_auth->cb->get_psk(wpa_auth->cb_ctx, addr, p2p_dev_addr, + prev_psk, NULL); } static struct wpa_state_machine * wpa_ft_add_sta(struct wpa_authenticator *wpa_auth, const u8 *sta_addr) { - if (wpa_auth->cb.add_sta == NULL) + if (wpa_auth->cb->add_sta == NULL) return NULL; - return wpa_auth->cb.add_sta(wpa_auth->cb.ctx, sta_addr); + return wpa_auth->cb->add_sta(wpa_auth->cb_ctx, sta_addr); +} + + +static int wpa_ft_set_vlan(struct wpa_authenticator *wpa_auth, + const u8 *sta_addr, struct vlan_description *vlan) +{ + if (!wpa_auth->cb->set_vlan) + return -1; + return wpa_auth->cb->set_vlan(wpa_auth->cb_ctx, sta_addr, vlan); +} + + +static int wpa_ft_get_vlan(struct wpa_authenticator *wpa_auth, + const u8 *sta_addr, struct vlan_description *vlan) +{ + if (!wpa_auth->cb->get_vlan) + return -1; + return wpa_auth->cb->get_vlan(wpa_auth->cb_ctx, sta_addr, vlan); +} + + +static int +wpa_ft_set_identity(struct wpa_authenticator *wpa_auth, const u8 *sta_addr, + const u8 *identity, size_t identity_len) +{ + if (!wpa_auth->cb->set_identity) + return -1; + return wpa_auth->cb->set_identity(wpa_auth->cb_ctx, sta_addr, identity, + identity_len); +} + + +static size_t +wpa_ft_get_identity(struct wpa_authenticator *wpa_auth, const u8 *sta_addr, + const u8 **buf) +{ + *buf = NULL; + if (!wpa_auth->cb->get_identity) + return 0; + return wpa_auth->cb->get_identity(wpa_auth->cb_ctx, sta_addr, buf); +} + + +static int +wpa_ft_set_radius_cui(struct wpa_authenticator *wpa_auth, const u8 *sta_addr, + const u8 *radius_cui, size_t radius_cui_len) +{ + if (!wpa_auth->cb->set_radius_cui) + return -1; + return wpa_auth->cb->set_radius_cui(wpa_auth->cb_ctx, sta_addr, + radius_cui, radius_cui_len); +} + + +static size_t +wpa_ft_get_radius_cui(struct wpa_authenticator *wpa_auth, const u8 *sta_addr, + const u8 **buf) +{ + *buf = NULL; + if (!wpa_auth->cb->get_radius_cui) + return 0; + return wpa_auth->cb->get_radius_cui(wpa_auth->cb_ctx, sta_addr, buf); +} + + +static void +wpa_ft_set_session_timeout(struct wpa_authenticator *wpa_auth, + const u8 *sta_addr, int session_timeout) +{ + if (!wpa_auth->cb->set_session_timeout) + return; + wpa_auth->cb->set_session_timeout(wpa_auth->cb_ctx, sta_addr, + session_timeout); +} + + +static int +wpa_ft_get_session_timeout(struct wpa_authenticator *wpa_auth, + const u8 *sta_addr) +{ + if (!wpa_auth->cb->get_session_timeout) + return 0; + return wpa_auth->cb->get_session_timeout(wpa_auth->cb_ctx, sta_addr); } @@ -64,12 +718,12 @@ static int wpa_ft_add_tspec(struct wpa_authenticator *wpa_auth, const u8 *sta_addr, u8 *tspec_ie, size_t tspec_ielen) { - if (wpa_auth->cb.add_tspec == NULL) { + if (wpa_auth->cb->add_tspec == NULL) { wpa_printf(MSG_DEBUG, "FT: add_tspec is not initialized"); return -1; } - return wpa_auth->cb.add_tspec(wpa_auth->cb.ctx, sta_addr, tspec_ie, - tspec_ielen); + return wpa_auth->cb->add_tspec(wpa_auth->cb_ctx, sta_addr, tspec_ie, + tspec_ielen); } @@ -93,30 +747,44 @@ int wpa_write_mdie(struct wpa_auth_config *conf, u8 *buf, size_t len) } -int wpa_write_ftie(struct wpa_auth_config *conf, const u8 *r0kh_id, - size_t r0kh_id_len, +int wpa_write_ftie(struct wpa_auth_config *conf, int use_sha384, + const u8 *r0kh_id, size_t r0kh_id_len, const u8 *anonce, const u8 *snonce, u8 *buf, size_t len, const u8 *subelem, size_t subelem_len) { u8 *pos = buf, *ielen; - struct rsn_ftie *hdr; + size_t hdrlen = use_sha384 ? sizeof(struct rsn_ftie_sha384) : + sizeof(struct rsn_ftie); - if (len < 2 + sizeof(*hdr) + 2 + FT_R1KH_ID_LEN + 2 + r0kh_id_len + + if (len < 2 + hdrlen + 2 + FT_R1KH_ID_LEN + 2 + r0kh_id_len + subelem_len) return -1; *pos++ = WLAN_EID_FAST_BSS_TRANSITION; ielen = pos++; - hdr = (struct rsn_ftie *) pos; - os_memset(hdr, 0, sizeof(*hdr)); - pos += sizeof(*hdr); - WPA_PUT_LE16(hdr->mic_control, 0); - if (anonce) - os_memcpy(hdr->anonce, anonce, WPA_NONCE_LEN); - if (snonce) - os_memcpy(hdr->snonce, snonce, WPA_NONCE_LEN); + if (use_sha384) { + struct rsn_ftie_sha384 *hdr = (struct rsn_ftie_sha384 *) pos; + + os_memset(hdr, 0, sizeof(*hdr)); + pos += sizeof(*hdr); + WPA_PUT_LE16(hdr->mic_control, 0); + if (anonce) + os_memcpy(hdr->anonce, anonce, WPA_NONCE_LEN); + if (snonce) + os_memcpy(hdr->snonce, snonce, WPA_NONCE_LEN); + } else { + struct rsn_ftie *hdr = (struct rsn_ftie *) pos; + + os_memset(hdr, 0, sizeof(*hdr)); + pos += sizeof(*hdr); + WPA_PUT_LE16(hdr->mic_control, 0); + if (anonce) + os_memcpy(hdr->anonce, anonce, WPA_NONCE_LEN); + if (snonce) + os_memcpy(hdr->snonce, snonce, WPA_NONCE_LEN); + } /* Optional Parameters */ *pos++ = FTIE_SUBELEM_R1KH_ID; @@ -142,35 +810,432 @@ int wpa_write_ftie(struct wpa_auth_config *conf, const u8 *r0kh_id, } +/* A packet to be handled after seq response */ +struct ft_remote_item { + struct dl_list list; + + u8 nonce[FT_RRB_NONCE_LEN]; + struct os_reltime nonce_ts; + + u8 src_addr[ETH_ALEN]; + u8 *enc; + size_t enc_len; + u8 *auth; + size_t auth_len; + int (*cb)(struct wpa_authenticator *wpa_auth, + const u8 *src_addr, + const u8 *enc, size_t enc_len, + const u8 *auth, size_t auth_len, + int no_defer); +}; + + +static void wpa_ft_rrb_seq_free(struct ft_remote_item *item) +{ + eloop_cancel_timeout(wpa_ft_rrb_seq_timeout, ELOOP_ALL_CTX, item); + dl_list_del(&item->list); + bin_clear_free(item->enc, item->enc_len); + os_free(item->auth); + os_free(item); +} + + +static void wpa_ft_rrb_seq_flush(struct wpa_authenticator *wpa_auth, + struct ft_remote_seq *rkh_seq, int cb) +{ + struct ft_remote_item *item, *n; + + dl_list_for_each_safe(item, n, &rkh_seq->rx.queue, + struct ft_remote_item, list) { + if (cb && item->cb) + item->cb(wpa_auth, item->src_addr, item->enc, + item->enc_len, item->auth, item->auth_len, 1); + wpa_ft_rrb_seq_free(item); + } +} + + +static void wpa_ft_rrb_seq_timeout(void *eloop_ctx, void *timeout_ctx) +{ + struct ft_remote_item *item = timeout_ctx; + + wpa_ft_rrb_seq_free(item); +} + + +static int +wpa_ft_rrb_seq_req(struct wpa_authenticator *wpa_auth, + struct ft_remote_seq *rkh_seq, const u8 *src_addr, + const u8 *f_r0kh_id, size_t f_r0kh_id_len, + const u8 *f_r1kh_id, const u8 *key, size_t key_len, + const u8 *enc, size_t enc_len, + const u8 *auth, size_t auth_len, + int (*cb)(struct wpa_authenticator *wpa_auth, + const u8 *src_addr, + const u8 *enc, size_t enc_len, + const u8 *auth, size_t auth_len, + int no_defer)) +{ + struct ft_remote_item *item = NULL; + u8 *packet = NULL; + size_t packet_len; + struct tlv_list seq_req_auth[] = { + { .type = FT_RRB_NONCE, .len = FT_RRB_NONCE_LEN, + .data = NULL /* to be filled: item->nonce */ }, + { .type = FT_RRB_R0KH_ID, .len = f_r0kh_id_len, + .data = f_r0kh_id }, + { .type = FT_RRB_R1KH_ID, .len = FT_R1KH_ID_LEN, + .data = f_r1kh_id }, + { .type = FT_RRB_LAST_EMPTY, .len = 0, .data = NULL }, + }; + + if (dl_list_len(&rkh_seq->rx.queue) >= ftRRBmaxQueueLen) { + wpa_printf(MSG_DEBUG, "FT: Sequence number queue too long"); + goto err; + } + + item = os_zalloc(sizeof(*item)); + if (!item) + goto err; + + os_memcpy(item->src_addr, src_addr, ETH_ALEN); + item->cb = cb; + + if (random_get_bytes(item->nonce, FT_RRB_NONCE_LEN) < 0) { + wpa_printf(MSG_DEBUG, "FT: Seq num nonce: out of random bytes"); + goto err; + } + + if (os_get_reltime(&item->nonce_ts) < 0) + goto err; + + if (enc && enc_len > 0) { + item->enc = os_memdup(enc, enc_len); + item->enc_len = enc_len; + if (!item->enc) + goto err; + } + + if (auth && auth_len > 0) { + item->auth = os_memdup(auth, auth_len); + item->auth_len = auth_len; + if (!item->auth) + goto err; + } + + eloop_register_timeout(ftRRBseqTimeout, 0, wpa_ft_rrb_seq_timeout, + wpa_auth, item); + + seq_req_auth[0].data = item->nonce; + + if (wpa_ft_rrb_build(key, key_len, NULL, NULL, seq_req_auth, NULL, + wpa_auth->addr, FT_PACKET_R0KH_R1KH_SEQ_REQ, + &packet, &packet_len) < 0) { + item = NULL; /* some other seq resp might still accept this */ + goto err; + } + + dl_list_add(&rkh_seq->rx.queue, &item->list); + + wpa_ft_rrb_oui_send(wpa_auth, src_addr, FT_PACKET_R0KH_R1KH_SEQ_REQ, + packet, packet_len); + + os_free(packet); + + return 0; +err: + wpa_printf(MSG_DEBUG, "FT: Failed to send sequence number request"); + if (item) { + os_free(item->auth); + bin_clear_free(item->enc, item->enc_len); + os_free(item); + } + + return -1; +} + + +#define FT_RRB_SEQ_OK 0 +#define FT_RRB_SEQ_DROP 1 +#define FT_RRB_SEQ_DEFER 2 + +static int +wpa_ft_rrb_seq_chk(struct ft_remote_seq *rkh_seq, const u8 *src_addr, + const u8 *enc, size_t enc_len, + const u8 *auth, size_t auth_len, + const char *msgtype, int no_defer) +{ + const u8 *f_seq; + size_t f_seq_len; + const struct ft_rrb_seq *msg_both; + u32 msg_seq, msg_off, rkh_off; + struct os_reltime now; + unsigned int i; + + RRB_GET_AUTH(FT_RRB_SEQ, seq, msgtype, sizeof(*msg_both)); + wpa_hexdump(MSG_DEBUG, "FT: sequence number", f_seq, f_seq_len); + msg_both = (const struct ft_rrb_seq *) f_seq; + + if (rkh_seq->rx.num_last == 0) { + /* first packet from remote */ + goto defer; + } + + if (le_to_host32(msg_both->dom) != rkh_seq->rx.dom) { + /* remote might have rebooted */ + goto defer; + } + + if (os_get_reltime(&now) == 0) { + u32 msg_ts_now_remote, msg_ts_off; + struct os_reltime now_remote; + + os_reltime_sub(&now, &rkh_seq->rx.time_offset, &now_remote); + msg_ts_now_remote = now_remote.sec; + msg_ts_off = le_to_host32(msg_both->ts) - + (msg_ts_now_remote - ftRRBseqTimeout); + if (msg_ts_off > 2 * ftRRBseqTimeout) + goto defer; + } + + msg_seq = le_to_host32(msg_both->seq); + rkh_off = rkh_seq->rx.last[rkh_seq->rx.offsetidx]; + msg_off = msg_seq - rkh_off; + if (msg_off > 0xC0000000) + goto out; /* too old message, drop it */ + + if (msg_off <= 0x40000000) { + for (i = 0; i < rkh_seq->rx.num_last; i++) { + if (rkh_seq->rx.last[i] == msg_seq) + goto out; /* duplicate message, drop it */ + } + + return FT_RRB_SEQ_OK; + } + +defer: + if (no_defer) + goto out; + + wpa_printf(MSG_DEBUG, "FT: Possibly invalid sequence number in %s from " + MACSTR, msgtype, MAC2STR(src_addr)); + + return FT_RRB_SEQ_DEFER; +out: + wpa_printf(MSG_DEBUG, "FT: Invalid sequence number in %s from " MACSTR, + msgtype, MAC2STR(src_addr)); + + return FT_RRB_SEQ_DROP; +} + + +static void +wpa_ft_rrb_seq_accept(struct wpa_authenticator *wpa_auth, + struct ft_remote_seq *rkh_seq, const u8 *src_addr, + const u8 *auth, size_t auth_len, + const char *msgtype) +{ + const u8 *f_seq; + size_t f_seq_len; + const struct ft_rrb_seq *msg_both; + u32 msg_seq, msg_off, min_off, rkh_off; + int minidx = 0; + unsigned int i; + + RRB_GET_AUTH(FT_RRB_SEQ, seq, msgtype, sizeof(*msg_both)); + msg_both = (const struct ft_rrb_seq *) f_seq; + + msg_seq = le_to_host32(msg_both->seq); + + if (rkh_seq->rx.num_last < FT_REMOTE_SEQ_BACKLOG) { + rkh_seq->rx.last[rkh_seq->rx.num_last] = msg_seq; + rkh_seq->rx.num_last++; + return; + } + + rkh_off = rkh_seq->rx.last[rkh_seq->rx.offsetidx]; + for (i = 0; i < rkh_seq->rx.num_last; i++) { + msg_off = rkh_seq->rx.last[i] - rkh_off; + min_off = rkh_seq->rx.last[minidx] - rkh_off; + if (msg_off < min_off && i != rkh_seq->rx.offsetidx) + minidx = i; + } + rkh_seq->rx.last[rkh_seq->rx.offsetidx] = msg_seq; + rkh_seq->rx.offsetidx = minidx; + + return; +out: + /* RRB_GET_AUTH should never fail here as + * wpa_ft_rrb_seq_chk() verified FT_RRB_SEQ presence. */ + wpa_printf(MSG_ERROR, "FT: %s() failed", __func__); +} + + +static int wpa_ft_new_seq(struct ft_remote_seq *rkh_seq, + struct ft_rrb_seq *f_seq) +{ + struct os_reltime now; + + if (os_get_reltime(&now) < 0) + return -1; + + if (!rkh_seq->tx.dom) { + if (random_get_bytes((u8 *) &rkh_seq->tx.seq, + sizeof(rkh_seq->tx.seq))) { + wpa_printf(MSG_ERROR, + "FT: Failed to get random data for sequence number initialization"); + rkh_seq->tx.seq = now.usec; + } + if (random_get_bytes((u8 *) &rkh_seq->tx.dom, + sizeof(rkh_seq->tx.dom))) { + wpa_printf(MSG_ERROR, + "FT: Failed to get random data for sequence number initialization"); + rkh_seq->tx.dom = now.usec; + } + rkh_seq->tx.dom |= 1; + } + + f_seq->dom = host_to_le32(rkh_seq->tx.dom); + f_seq->seq = host_to_le32(rkh_seq->tx.seq); + f_seq->ts = host_to_le32(now.sec); + + rkh_seq->tx.seq++; + + return 0; +} + + struct wpa_ft_pmk_r0_sa { - struct wpa_ft_pmk_r0_sa *next; - u8 pmk_r0[PMK_LEN]; + struct dl_list list; + u8 pmk_r0[PMK_LEN_MAX]; + size_t pmk_r0_len; u8 pmk_r0_name[WPA_PMK_NAME_LEN]; u8 spa[ETH_ALEN]; int pairwise; /* Pairwise cipher suite, WPA_CIPHER_* */ - /* TODO: expiration, identity, radius_class, EAP type, VLAN ID */ + struct vlan_description *vlan; + os_time_t expiration; /* 0 for no expiration */ + u8 *identity; + size_t identity_len; + u8 *radius_cui; + size_t radius_cui_len; + os_time_t session_timeout; /* 0 for no expiration */ + /* TODO: radius_class, EAP type */ int pmk_r1_pushed; }; struct wpa_ft_pmk_r1_sa { - struct wpa_ft_pmk_r1_sa *next; - u8 pmk_r1[PMK_LEN]; + struct dl_list list; + u8 pmk_r1[PMK_LEN_MAX]; + size_t pmk_r1_len; u8 pmk_r1_name[WPA_PMK_NAME_LEN]; u8 spa[ETH_ALEN]; int pairwise; /* Pairwise cipher suite, WPA_CIPHER_* */ - /* TODO: expiration, identity, radius_class, EAP type, VLAN ID */ + struct vlan_description *vlan; + u8 *identity; + size_t identity_len; + u8 *radius_cui; + size_t radius_cui_len; + os_time_t session_timeout; /* 0 for no expiration */ + /* TODO: radius_class, EAP type */ }; struct wpa_ft_pmk_cache { - struct wpa_ft_pmk_r0_sa *pmk_r0; - struct wpa_ft_pmk_r1_sa *pmk_r1; + struct dl_list pmk_r0; /* struct wpa_ft_pmk_r0_sa */ + struct dl_list pmk_r1; /* struct wpa_ft_pmk_r1_sa */ }; + +static void wpa_ft_expire_pmk_r0(void *eloop_ctx, void *timeout_ctx); +static void wpa_ft_expire_pmk_r1(void *eloop_ctx, void *timeout_ctx); + + +static void wpa_ft_free_pmk_r0(struct wpa_ft_pmk_r0_sa *r0) +{ + if (!r0) + return; + + dl_list_del(&r0->list); + eloop_cancel_timeout(wpa_ft_expire_pmk_r0, r0, NULL); + + os_memset(r0->pmk_r0, 0, PMK_LEN_MAX); + os_free(r0->vlan); + os_free(r0->identity); + os_free(r0->radius_cui); + os_free(r0); +} + + +static void wpa_ft_expire_pmk_r0(void *eloop_ctx, void *timeout_ctx) +{ + struct wpa_ft_pmk_r0_sa *r0 = eloop_ctx; + struct os_reltime now; + int expires_in; + int session_timeout; + + os_get_reltime(&now); + + if (!r0) + return; + + expires_in = r0->expiration - now.sec; + session_timeout = r0->session_timeout - now.sec; + /* conditions to remove from cache: + * a) r0->expiration is set and hit + * -or- + * b) r0->session_timeout is set and hit + */ + if ((!r0->expiration || expires_in > 0) && + (!r0->session_timeout || session_timeout > 0)) { + wpa_printf(MSG_ERROR, + "FT: %s() called for non-expired entry %p", + __func__, r0); + eloop_cancel_timeout(wpa_ft_expire_pmk_r0, r0, NULL); + if (r0->expiration && expires_in > 0) + eloop_register_timeout(expires_in + 1, 0, + wpa_ft_expire_pmk_r0, r0, NULL); + if (r0->session_timeout && session_timeout > 0) + eloop_register_timeout(session_timeout + 1, 0, + wpa_ft_expire_pmk_r0, r0, NULL); + return; + } + + wpa_ft_free_pmk_r0(r0); +} + + +static void wpa_ft_free_pmk_r1(struct wpa_ft_pmk_r1_sa *r1) +{ + if (!r1) + return; + + dl_list_del(&r1->list); + eloop_cancel_timeout(wpa_ft_expire_pmk_r1, r1, NULL); + + os_memset(r1->pmk_r1, 0, PMK_LEN_MAX); + os_free(r1->vlan); + os_free(r1->identity); + os_free(r1->radius_cui); + os_free(r1); +} + + +static void wpa_ft_expire_pmk_r1(void *eloop_ctx, void *timeout_ctx) +{ + struct wpa_ft_pmk_r1_sa *r1 = eloop_ctx; + + wpa_ft_free_pmk_r1(r1); +} + + struct wpa_ft_pmk_cache * wpa_ft_pmk_cache_init(void) { struct wpa_ft_pmk_cache *cache; cache = os_zalloc(sizeof(*cache)); + if (cache) { + dl_list_init(&cache->pmk_r0); + dl_list_init(&cache->pmk_r1); + } return cache; } @@ -181,21 +1246,13 @@ void wpa_ft_pmk_cache_deinit(struct wpa_ft_pmk_cache *cache) struct wpa_ft_pmk_r0_sa *r0, *r0prev; struct wpa_ft_pmk_r1_sa *r1, *r1prev; - r0 = cache->pmk_r0; - while (r0) { - r0prev = r0; - r0 = r0->next; - os_memset(r0prev->pmk_r0, 0, PMK_LEN); - os_free(r0prev); - } + dl_list_for_each_safe(r0, r0prev, &cache->pmk_r0, + struct wpa_ft_pmk_r0_sa, list) + wpa_ft_free_pmk_r0(r0); - r1 = cache->pmk_r1; - while (r1) { - r1prev = r1; - r1 = r1->next; - os_memset(r1prev->pmk_r1, 0, PMK_LEN); - os_free(r1prev); - } + dl_list_for_each_safe(r1, r1prev, &cache->pmk_r1, + struct wpa_ft_pmk_r1_sa, list) + wpa_ft_free_pmk_r1(r1); os_free(cache); } @@ -203,24 +1260,63 @@ void wpa_ft_pmk_cache_deinit(struct wpa_ft_pmk_cache *cache) static int wpa_ft_store_pmk_r0(struct wpa_authenticator *wpa_auth, const u8 *spa, const u8 *pmk_r0, - const u8 *pmk_r0_name, int pairwise) + size_t pmk_r0_len, + const u8 *pmk_r0_name, int pairwise, + const struct vlan_description *vlan, + int expires_in, int session_timeout, + const u8 *identity, size_t identity_len, + const u8 *radius_cui, size_t radius_cui_len) { struct wpa_ft_pmk_cache *cache = wpa_auth->ft_pmk_cache; struct wpa_ft_pmk_r0_sa *r0; + struct os_reltime now; - /* TODO: add expiration and limit on number of entries in cache */ + /* TODO: add limit on number of entries in cache */ + os_get_reltime(&now); r0 = os_zalloc(sizeof(*r0)); if (r0 == NULL) return -1; - os_memcpy(r0->pmk_r0, pmk_r0, PMK_LEN); + os_memcpy(r0->pmk_r0, pmk_r0, pmk_r0_len); + r0->pmk_r0_len = pmk_r0_len; os_memcpy(r0->pmk_r0_name, pmk_r0_name, WPA_PMK_NAME_LEN); os_memcpy(r0->spa, spa, ETH_ALEN); r0->pairwise = pairwise; + if (expires_in > 0) + r0->expiration = now.sec + expires_in; + if (vlan && vlan->notempty) { + r0->vlan = os_zalloc(sizeof(*vlan)); + if (!r0->vlan) { + bin_clear_free(r0, sizeof(*r0)); + return -1; + } + *r0->vlan = *vlan; + } + if (identity) { + r0->identity = os_malloc(identity_len); + if (r0->identity) { + os_memcpy(r0->identity, identity, identity_len); + r0->identity_len = identity_len; + } + } + if (radius_cui) { + r0->radius_cui = os_malloc(radius_cui_len); + if (r0->radius_cui) { + os_memcpy(r0->radius_cui, radius_cui, radius_cui_len); + r0->radius_cui_len = radius_cui_len; + } + } + if (session_timeout > 0) + r0->session_timeout = now.sec + session_timeout; - r0->next = cache->pmk_r0; - cache->pmk_r0 = r0; + dl_list_add(&cache->pmk_r0, &r0->list); + if (expires_in > 0) + eloop_register_timeout(expires_in + 1, 0, wpa_ft_expire_pmk_r0, + r0, NULL); + if (session_timeout > 0) + eloop_register_timeout(session_timeout + 1, 0, + wpa_ft_expire_pmk_r0, r0, NULL); return 0; } @@ -228,49 +1324,89 @@ static int wpa_ft_store_pmk_r0(struct wpa_authenticator *wpa_auth, static int wpa_ft_fetch_pmk_r0(struct wpa_authenticator *wpa_auth, const u8 *spa, const u8 *pmk_r0_name, - u8 *pmk_r0, int *pairwise) + const struct wpa_ft_pmk_r0_sa **r0_out) { struct wpa_ft_pmk_cache *cache = wpa_auth->ft_pmk_cache; struct wpa_ft_pmk_r0_sa *r0; + struct os_reltime now; - r0 = cache->pmk_r0; - while (r0) { + os_get_reltime(&now); + dl_list_for_each(r0, &cache->pmk_r0, struct wpa_ft_pmk_r0_sa, list) { if (os_memcmp(r0->spa, spa, ETH_ALEN) == 0 && os_memcmp_const(r0->pmk_r0_name, pmk_r0_name, WPA_PMK_NAME_LEN) == 0) { - os_memcpy(pmk_r0, r0->pmk_r0, PMK_LEN); - if (pairwise) - *pairwise = r0->pairwise; + *r0_out = r0; return 0; } - - r0 = r0->next; } + *r0_out = NULL; return -1; } static int wpa_ft_store_pmk_r1(struct wpa_authenticator *wpa_auth, const u8 *spa, const u8 *pmk_r1, - const u8 *pmk_r1_name, int pairwise) + size_t pmk_r1_len, + const u8 *pmk_r1_name, int pairwise, + const struct vlan_description *vlan, + int expires_in, int session_timeout, + const u8 *identity, size_t identity_len, + const u8 *radius_cui, size_t radius_cui_len) { struct wpa_ft_pmk_cache *cache = wpa_auth->ft_pmk_cache; + int max_expires_in = wpa_auth->conf.r1_max_key_lifetime; struct wpa_ft_pmk_r1_sa *r1; + struct os_reltime now; - /* TODO: add expiration and limit on number of entries in cache */ + /* TODO: limit on number of entries in cache */ + os_get_reltime(&now); + + if (max_expires_in && (max_expires_in < expires_in || expires_in == 0)) + expires_in = max_expires_in; r1 = os_zalloc(sizeof(*r1)); if (r1 == NULL) return -1; - os_memcpy(r1->pmk_r1, pmk_r1, PMK_LEN); + os_memcpy(r1->pmk_r1, pmk_r1, pmk_r1_len); + r1->pmk_r1_len = pmk_r1_len; os_memcpy(r1->pmk_r1_name, pmk_r1_name, WPA_PMK_NAME_LEN); os_memcpy(r1->spa, spa, ETH_ALEN); r1->pairwise = pairwise; + if (vlan && vlan->notempty) { + r1->vlan = os_zalloc(sizeof(*vlan)); + if (!r1->vlan) { + bin_clear_free(r1, sizeof(*r1)); + return -1; + } + *r1->vlan = *vlan; + } + if (identity) { + r1->identity = os_malloc(identity_len); + if (r1->identity) { + os_memcpy(r1->identity, identity, identity_len); + r1->identity_len = identity_len; + } + } + if (radius_cui) { + r1->radius_cui = os_malloc(radius_cui_len); + if (r1->radius_cui) { + os_memcpy(r1->radius_cui, radius_cui, radius_cui_len); + r1->radius_cui_len = radius_cui_len; + } + } + if (session_timeout > 0) + r1->session_timeout = now.sec + session_timeout; + + dl_list_add(&cache->pmk_r1, &r1->list); - r1->next = cache->pmk_r1; - cache->pmk_r1 = r1; + if (expires_in > 0) + eloop_register_timeout(expires_in + 1, 0, wpa_ft_expire_pmk_r1, + r1, NULL); + if (session_timeout > 0) + eloop_register_timeout(session_timeout + 1, 0, + wpa_ft_expire_pmk_r1, r1, NULL); return 0; } @@ -278,94 +1414,616 @@ static int wpa_ft_store_pmk_r1(struct wpa_authenticator *wpa_auth, static int wpa_ft_fetch_pmk_r1(struct wpa_authenticator *wpa_auth, const u8 *spa, const u8 *pmk_r1_name, - u8 *pmk_r1, int *pairwise) + u8 *pmk_r1, size_t *pmk_r1_len, int *pairwise, + struct vlan_description *vlan, + const u8 **identity, size_t *identity_len, + const u8 **radius_cui, size_t *radius_cui_len, + int *session_timeout) { struct wpa_ft_pmk_cache *cache = wpa_auth->ft_pmk_cache; struct wpa_ft_pmk_r1_sa *r1; + struct os_reltime now; - r1 = cache->pmk_r1; - while (r1) { + os_get_reltime(&now); + + dl_list_for_each(r1, &cache->pmk_r1, struct wpa_ft_pmk_r1_sa, list) { if (os_memcmp(r1->spa, spa, ETH_ALEN) == 0 && os_memcmp_const(r1->pmk_r1_name, pmk_r1_name, WPA_PMK_NAME_LEN) == 0) { - os_memcpy(pmk_r1, r1->pmk_r1, PMK_LEN); + os_memcpy(pmk_r1, r1->pmk_r1, r1->pmk_r1_len); + *pmk_r1_len = r1->pmk_r1_len; if (pairwise) *pairwise = r1->pairwise; + if (vlan && r1->vlan) + *vlan = *r1->vlan; + if (vlan && !r1->vlan) + os_memset(vlan, 0, sizeof(*vlan)); + if (identity && identity_len) { + *identity = r1->identity; + *identity_len = r1->identity_len; + } + if (radius_cui && radius_cui_len) { + *radius_cui = r1->radius_cui; + *radius_cui_len = r1->radius_cui_len; + } + if (session_timeout && r1->session_timeout > now.sec) + *session_timeout = r1->session_timeout - + now.sec; + else if (session_timeout && r1->session_timeout) + *session_timeout = 1; + else if (session_timeout) + *session_timeout = 0; return 0; } - - r1 = r1->next; } return -1; } -static int wpa_ft_pull_pmk_r1(struct wpa_state_machine *sm, - const u8 *ies, size_t ies_len, - const u8 *pmk_r0_name) +static int wpa_ft_rrb_init_r0kh_seq(struct ft_remote_r0kh *r0kh) +{ + if (r0kh->seq) + return 0; + + r0kh->seq = os_zalloc(sizeof(*r0kh->seq)); + if (!r0kh->seq) { + wpa_printf(MSG_DEBUG, "FT: Failed to allocate r0kh->seq"); + return -1; + } + + dl_list_init(&r0kh->seq->rx.queue); + + return 0; +} + + +static void wpa_ft_rrb_lookup_r0kh(struct wpa_authenticator *wpa_auth, + const u8 *f_r0kh_id, size_t f_r0kh_id_len, + struct ft_remote_r0kh **r0kh_out, + struct ft_remote_r0kh **r0kh_wildcard) { struct ft_remote_r0kh *r0kh; - struct ft_r0kh_r1kh_pull_frame frame, f; - r0kh = sm->wpa_auth->conf.r0kh_list; - while (r0kh) { - if (r0kh->id_len == sm->r0kh_id_len && - os_memcmp_const(r0kh->id, sm->r0kh_id, sm->r0kh_id_len) == - 0) + *r0kh_wildcard = NULL; + *r0kh_out = NULL; + + if (wpa_auth->conf.r0kh_list) + r0kh = *wpa_auth->conf.r0kh_list; + else + r0kh = NULL; + for (; r0kh; r0kh = r0kh->next) { + if (r0kh->id_len == 1 && r0kh->id[0] == '*') + *r0kh_wildcard = r0kh; + if (f_r0kh_id && r0kh->id_len == f_r0kh_id_len && + os_memcmp_const(f_r0kh_id, r0kh->id, f_r0kh_id_len) == 0) + *r0kh_out = r0kh; + } + + if (!*r0kh_out && !*r0kh_wildcard) + wpa_printf(MSG_DEBUG, "FT: No matching R0KH found"); + + if (*r0kh_out && wpa_ft_rrb_init_r0kh_seq(*r0kh_out) < 0) + *r0kh_out = NULL; +} + + +static int wpa_ft_rrb_init_r1kh_seq(struct ft_remote_r1kh *r1kh) +{ + if (r1kh->seq) + return 0; + + r1kh->seq = os_zalloc(sizeof(*r1kh->seq)); + if (!r1kh->seq) { + wpa_printf(MSG_DEBUG, "FT: Failed to allocate r1kh->seq"); + return -1; + } + + dl_list_init(&r1kh->seq->rx.queue); + + return 0; +} + + +static void wpa_ft_rrb_lookup_r1kh(struct wpa_authenticator *wpa_auth, + const u8 *f_r1kh_id, + struct ft_remote_r1kh **r1kh_out, + struct ft_remote_r1kh **r1kh_wildcard) +{ + struct ft_remote_r1kh *r1kh; + + *r1kh_wildcard = NULL; + *r1kh_out = NULL; + + if (wpa_auth->conf.r1kh_list) + r1kh = *wpa_auth->conf.r1kh_list; + else + r1kh = NULL; + for (; r1kh; r1kh = r1kh->next) { + if (is_zero_ether_addr(r1kh->addr) && + is_zero_ether_addr(r1kh->id)) + *r1kh_wildcard = r1kh; + if (f_r1kh_id && + os_memcmp_const(r1kh->id, f_r1kh_id, FT_R1KH_ID_LEN) == 0) + *r1kh_out = r1kh; + } + + if (!*r1kh_out && !*r1kh_wildcard) + wpa_printf(MSG_DEBUG, "FT: No matching R1KH found"); + + if (*r1kh_out && wpa_ft_rrb_init_r1kh_seq(*r1kh_out) < 0) + *r1kh_out = NULL; +} + + +static int wpa_ft_rrb_check_r0kh(struct wpa_authenticator *wpa_auth, + const u8 *f_r0kh_id, size_t f_r0kh_id_len) +{ + if (f_r0kh_id_len != wpa_auth->conf.r0_key_holder_len || + os_memcmp_const(f_r0kh_id, wpa_auth->conf.r0_key_holder, + f_r0kh_id_len) != 0) + return -1; + + return 0; +} + + +static int wpa_ft_rrb_check_r1kh(struct wpa_authenticator *wpa_auth, + const u8 *f_r1kh_id) +{ + if (os_memcmp_const(f_r1kh_id, wpa_auth->conf.r1_key_holder, + FT_R1KH_ID_LEN) != 0) + return -1; + + return 0; +} + + +static void wpa_ft_rrb_del_r0kh(void *eloop_ctx, void *timeout_ctx) +{ + struct wpa_authenticator *wpa_auth = eloop_ctx; + struct ft_remote_r0kh *r0kh, *prev = NULL; + + if (!wpa_auth->conf.r0kh_list) + return; + + for (r0kh = *wpa_auth->conf.r0kh_list; r0kh; r0kh = r0kh->next) { + if (r0kh == timeout_ctx) + break; + prev = r0kh; + } + if (!r0kh) + return; + if (prev) + prev->next = r0kh->next; + else + *wpa_auth->conf.r0kh_list = r0kh->next; + if (r0kh->seq) + wpa_ft_rrb_seq_flush(wpa_auth, r0kh->seq, 0); + os_free(r0kh->seq); + os_free(r0kh); +} + + +static void wpa_ft_rrb_r0kh_replenish(struct wpa_authenticator *wpa_auth, + struct ft_remote_r0kh *r0kh, int timeout) +{ + if (timeout > 0) + eloop_replenish_timeout(timeout, 0, wpa_ft_rrb_del_r0kh, + wpa_auth, r0kh); +} + + +static void wpa_ft_rrb_r0kh_timeout(struct wpa_authenticator *wpa_auth, + struct ft_remote_r0kh *r0kh, int timeout) +{ + eloop_cancel_timeout(wpa_ft_rrb_del_r0kh, wpa_auth, r0kh); + + if (timeout > 0) + eloop_register_timeout(timeout, 0, wpa_ft_rrb_del_r0kh, + wpa_auth, r0kh); +} + + +static struct ft_remote_r0kh * +wpa_ft_rrb_add_r0kh(struct wpa_authenticator *wpa_auth, + struct ft_remote_r0kh *r0kh_wildcard, + const u8 *src_addr, const u8 *r0kh_id, size_t id_len, + int timeout) +{ + struct ft_remote_r0kh *r0kh; + + if (!wpa_auth->conf.r0kh_list) + return NULL; + + r0kh = os_zalloc(sizeof(*r0kh)); + if (!r0kh) + return NULL; + + if (src_addr) + os_memcpy(r0kh->addr, src_addr, sizeof(r0kh->addr)); + + if (id_len > FT_R0KH_ID_MAX_LEN) + id_len = FT_R0KH_ID_MAX_LEN; + os_memcpy(r0kh->id, r0kh_id, id_len); + r0kh->id_len = id_len; + + os_memcpy(r0kh->key, r0kh_wildcard->key, sizeof(r0kh->key)); + + r0kh->next = *wpa_auth->conf.r0kh_list; + *wpa_auth->conf.r0kh_list = r0kh; + + if (timeout > 0) + eloop_register_timeout(timeout, 0, wpa_ft_rrb_del_r0kh, + wpa_auth, r0kh); + + if (wpa_ft_rrb_init_r0kh_seq(r0kh) < 0) + return NULL; + + return r0kh; +} + + +static void wpa_ft_rrb_del_r1kh(void *eloop_ctx, void *timeout_ctx) +{ + struct wpa_authenticator *wpa_auth = eloop_ctx; + struct ft_remote_r1kh *r1kh, *prev = NULL; + + if (!wpa_auth->conf.r1kh_list) + return; + + for (r1kh = *wpa_auth->conf.r1kh_list; r1kh; r1kh = r1kh->next) { + if (r1kh == timeout_ctx) break; - r0kh = r0kh->next; + prev = r1kh; + } + if (!r1kh) + return; + if (prev) + prev->next = r1kh->next; + else + *wpa_auth->conf.r1kh_list = r1kh->next; + if (r1kh->seq) + wpa_ft_rrb_seq_flush(wpa_auth, r1kh->seq, 0); + os_free(r1kh->seq); + os_free(r1kh); +} + + +static void wpa_ft_rrb_r1kh_replenish(struct wpa_authenticator *wpa_auth, + struct ft_remote_r1kh *r1kh, int timeout) +{ + if (timeout > 0) + eloop_replenish_timeout(timeout, 0, wpa_ft_rrb_del_r1kh, + wpa_auth, r1kh); +} + + +static struct ft_remote_r1kh * +wpa_ft_rrb_add_r1kh(struct wpa_authenticator *wpa_auth, + struct ft_remote_r1kh *r1kh_wildcard, + const u8 *src_addr, const u8 *r1kh_id, int timeout) +{ + struct ft_remote_r1kh *r1kh; + + if (!wpa_auth->conf.r1kh_list) + return NULL; + + r1kh = os_zalloc(sizeof(*r1kh)); + if (!r1kh) + return NULL; + + os_memcpy(r1kh->addr, src_addr, sizeof(r1kh->addr)); + os_memcpy(r1kh->id, r1kh_id, sizeof(r1kh->id)); + os_memcpy(r1kh->key, r1kh_wildcard->key, sizeof(r1kh->key)); + r1kh->next = *wpa_auth->conf.r1kh_list; + *wpa_auth->conf.r1kh_list = r1kh; + + if (timeout > 0) + eloop_register_timeout(timeout, 0, wpa_ft_rrb_del_r1kh, + wpa_auth, r1kh); + + if (wpa_ft_rrb_init_r1kh_seq(r1kh) < 0) + return NULL; + + return r1kh; +} + + +void wpa_ft_sta_deinit(struct wpa_state_machine *sm) +{ + eloop_cancel_timeout(wpa_ft_expire_pull, sm, NULL); +} + + +static void wpa_ft_deinit_seq(struct wpa_authenticator *wpa_auth) +{ + struct ft_remote_r0kh *r0kh; + struct ft_remote_r1kh *r1kh; + + eloop_cancel_timeout(wpa_ft_rrb_seq_timeout, wpa_auth, ELOOP_ALL_CTX); + + if (wpa_auth->conf.r0kh_list) + r0kh = *wpa_auth->conf.r0kh_list; + else + r0kh = NULL; + for (; r0kh; r0kh = r0kh->next) { + if (!r0kh->seq) + continue; + wpa_ft_rrb_seq_flush(wpa_auth, r0kh->seq, 0); + os_free(r0kh->seq); + r0kh->seq = NULL; + } + + if (wpa_auth->conf.r1kh_list) + r1kh = *wpa_auth->conf.r1kh_list; + else + r1kh = NULL; + for (; r1kh; r1kh = r1kh->next) { + if (!r1kh->seq) + continue; + wpa_ft_rrb_seq_flush(wpa_auth, r1kh->seq, 0); + os_free(r1kh->seq); + r1kh->seq = NULL; + } +} + + +static void wpa_ft_deinit_rkh_tmp(struct wpa_authenticator *wpa_auth) +{ + struct ft_remote_r0kh *r0kh, *r0kh_next, *r0kh_prev = NULL; + struct ft_remote_r1kh *r1kh, *r1kh_next, *r1kh_prev = NULL; + + if (wpa_auth->conf.r0kh_list) + r0kh = *wpa_auth->conf.r0kh_list; + else + r0kh = NULL; + while (r0kh) { + r0kh_next = r0kh->next; + if (eloop_cancel_timeout(wpa_ft_rrb_del_r0kh, wpa_auth, + r0kh) > 0) { + if (r0kh_prev) + r0kh_prev->next = r0kh_next; + else + *wpa_auth->conf.r0kh_list = r0kh_next; + os_free(r0kh); + } else { + r0kh_prev = r0kh; + } + r0kh = r0kh_next; + } + + if (wpa_auth->conf.r1kh_list) + r1kh = *wpa_auth->conf.r1kh_list; + else + r1kh = NULL; + while (r1kh) { + r1kh_next = r1kh->next; + if (eloop_cancel_timeout(wpa_ft_rrb_del_r1kh, wpa_auth, + r1kh) > 0) { + if (r1kh_prev) + r1kh_prev->next = r1kh_next; + else + *wpa_auth->conf.r1kh_list = r1kh_next; + os_free(r1kh); + } else { + r1kh_prev = r1kh; + } + r1kh = r1kh_next; + } +} + + +void wpa_ft_deinit(struct wpa_authenticator *wpa_auth) +{ + wpa_ft_deinit_seq(wpa_auth); + wpa_ft_deinit_rkh_tmp(wpa_auth); +} + + +static void wpa_ft_block_r0kh(struct wpa_authenticator *wpa_auth, + const u8 *f_r0kh_id, size_t f_r0kh_id_len) +{ + struct ft_remote_r0kh *r0kh, *r0kh_wildcard; + + if (!wpa_auth->conf.rkh_neg_timeout) + return; + + wpa_ft_rrb_lookup_r0kh(wpa_auth, f_r0kh_id, f_r0kh_id_len, + &r0kh, &r0kh_wildcard); + + if (!r0kh_wildcard) { + /* r0kh removed after neg_timeout and might need re-adding */ + return; + } + + wpa_hexdump(MSG_DEBUG, "FT: Blacklist R0KH-ID", + f_r0kh_id, f_r0kh_id_len); + + if (r0kh) { + wpa_ft_rrb_r0kh_timeout(wpa_auth, r0kh, + wpa_auth->conf.rkh_neg_timeout); + os_memset(r0kh->addr, 0, ETH_ALEN); + } else + wpa_ft_rrb_add_r0kh(wpa_auth, r0kh_wildcard, NULL, f_r0kh_id, + f_r0kh_id_len, + wpa_auth->conf.rkh_neg_timeout); +} + + +static void wpa_ft_expire_pull(void *eloop_ctx, void *timeout_ctx) +{ + struct wpa_state_machine *sm = eloop_ctx; + + wpa_printf(MSG_DEBUG, "FT: Timeout pending pull request for " MACSTR, + MAC2STR(sm->addr)); + if (sm->ft_pending_pull_left_retries <= 0) + wpa_ft_block_r0kh(sm->wpa_auth, sm->r0kh_id, sm->r0kh_id_len); + + /* cancel multiple timeouts */ + eloop_cancel_timeout(wpa_ft_expire_pull, sm, NULL); + ft_finish_pull(sm); +} + + +static int wpa_ft_pull_pmk_r1(struct wpa_state_machine *sm, + const u8 *ies, size_t ies_len, + const u8 *pmk_r0_name) +{ + struct ft_remote_r0kh *r0kh, *r0kh_wildcard; + u8 *packet = NULL; + const u8 *key, *f_r1kh_id = sm->wpa_auth->conf.r1_key_holder; + size_t packet_len, key_len; + struct ft_rrb_seq f_seq; + int tsecs, tusecs, first; + struct wpabuf *ft_pending_req_ies; + int r0kh_timeout; + struct tlv_list req_enc[] = { + { .type = FT_RRB_PMK_R0_NAME, .len = WPA_PMK_NAME_LEN, + .data = pmk_r0_name }, + { .type = FT_RRB_S1KH_ID, .len = ETH_ALEN, + .data = sm->addr }, + { .type = FT_RRB_LAST_EMPTY, .len = 0, .data = NULL }, + }; + struct tlv_list req_auth[] = { + { .type = FT_RRB_NONCE, .len = FT_RRB_NONCE_LEN, + .data = sm->ft_pending_pull_nonce }, + { .type = FT_RRB_SEQ, .len = sizeof(f_seq), + .data = (u8 *) &f_seq }, + { .type = FT_RRB_R0KH_ID, .len = sm->r0kh_id_len, + .data = sm->r0kh_id }, + { .type = FT_RRB_R1KH_ID, .len = FT_R1KH_ID_LEN, + .data = f_r1kh_id }, + { .type = FT_RRB_LAST_EMPTY, .len = 0, .data = NULL }, + }; + + if (sm->ft_pending_pull_left_retries <= 0) + return -1; + first = sm->ft_pending_pull_left_retries == + sm->wpa_auth->conf.rkh_pull_retries; + sm->ft_pending_pull_left_retries--; + + wpa_ft_rrb_lookup_r0kh(sm->wpa_auth, sm->r0kh_id, sm->r0kh_id_len, + &r0kh, &r0kh_wildcard); + + /* Keep r0kh sufficiently long in the list for seq num check */ + r0kh_timeout = sm->wpa_auth->conf.rkh_pull_timeout / 1000 + + 1 + ftRRBseqTimeout; + if (r0kh) { + wpa_ft_rrb_r0kh_replenish(sm->wpa_auth, r0kh, r0kh_timeout); + } else if (r0kh_wildcard) { + wpa_printf(MSG_DEBUG, "FT: Using wildcard R0KH-ID"); + /* r0kh->addr: updated by SEQ_RESP and wpa_ft_expire_pull */ + r0kh = wpa_ft_rrb_add_r0kh(sm->wpa_auth, r0kh_wildcard, + r0kh_wildcard->addr, + sm->r0kh_id, sm->r0kh_id_len, + r0kh_timeout); } if (r0kh == NULL) { wpa_hexdump(MSG_DEBUG, "FT: Did not find R0KH-ID", sm->r0kh_id, sm->r0kh_id_len); return -1; } + if (is_zero_ether_addr(r0kh->addr)) { + wpa_hexdump(MSG_DEBUG, "FT: R0KH-ID is blacklisted", + sm->r0kh_id, sm->r0kh_id_len); + return -1; + } + if (os_memcmp(r0kh->addr, sm->wpa_auth->addr, ETH_ALEN) == 0) { + wpa_printf(MSG_DEBUG, + "FT: R0KH-ID points to self - no matching key available"); + return -1; + } + + key = r0kh->key; + key_len = sizeof(r0kh->key); wpa_printf(MSG_DEBUG, "FT: Send PMK-R1 pull request to remote R0KH " "address " MACSTR, MAC2STR(r0kh->addr)); - os_memset(&frame, 0, sizeof(frame)); - frame.frame_type = RSN_REMOTE_FRAME_TYPE_FT_RRB; - frame.packet_type = FT_PACKET_R0KH_R1KH_PULL; - frame.data_length = host_to_le16(FT_R0KH_R1KH_PULL_DATA_LEN); - os_memcpy(frame.ap_address, sm->wpa_auth->addr, ETH_ALEN); + if (r0kh->seq->rx.num_last == 0) { + /* A sequence request will be sent out anyway when pull + * response is received. Send it out now to avoid one RTT. */ + wpa_ft_rrb_seq_req(sm->wpa_auth, r0kh->seq, r0kh->addr, + r0kh->id, r0kh->id_len, f_r1kh_id, key, + key_len, NULL, 0, NULL, 0, NULL); + } - /* aes_wrap() does not support inplace encryption, so use a temporary - * buffer for the data. */ - if (random_get_bytes(f.nonce, FT_R0KH_R1KH_PULL_NONCE_LEN)) { + if (first && + random_get_bytes(sm->ft_pending_pull_nonce, FT_RRB_NONCE_LEN) < 0) { wpa_printf(MSG_DEBUG, "FT: Failed to get random data for " "nonce"); return -1; } - os_memcpy(sm->ft_pending_pull_nonce, f.nonce, - FT_R0KH_R1KH_PULL_NONCE_LEN); - os_memcpy(f.pmk_r0_name, pmk_r0_name, WPA_PMK_NAME_LEN); - os_memcpy(f.r1kh_id, sm->wpa_auth->conf.r1_key_holder, FT_R1KH_ID_LEN); - os_memcpy(f.s1kh_id, sm->addr, ETH_ALEN); - os_memset(f.pad, 0, sizeof(f.pad)); - if (aes_wrap(r0kh->key, sizeof(r0kh->key), - (FT_R0KH_R1KH_PULL_DATA_LEN + 7) / 8, - f.nonce, frame.nonce) < 0) + if (wpa_ft_new_seq(r0kh->seq, &f_seq) < 0) { + wpa_printf(MSG_DEBUG, "FT: Failed to get seq num"); + return -1; + } + + if (wpa_ft_rrb_build(key, key_len, req_enc, NULL, req_auth, NULL, + sm->wpa_auth->addr, FT_PACKET_R0KH_R1KH_PULL, + &packet, &packet_len) < 0) return -1; + ft_pending_req_ies = wpabuf_alloc_copy(ies, ies_len); wpabuf_free(sm->ft_pending_req_ies); - sm->ft_pending_req_ies = wpabuf_alloc_copy(ies, ies_len); - if (sm->ft_pending_req_ies == NULL) + sm->ft_pending_req_ies = ft_pending_req_ies; + if (!sm->ft_pending_req_ies) { + os_free(packet); return -1; + } + + tsecs = sm->wpa_auth->conf.rkh_pull_timeout / 1000; + tusecs = (sm->wpa_auth->conf.rkh_pull_timeout % 1000) * 1000; + eloop_register_timeout(tsecs, tusecs, wpa_ft_expire_pull, sm, NULL); + + wpa_ft_rrb_oui_send(sm->wpa_auth, r0kh->addr, FT_PACKET_R0KH_R1KH_PULL, + packet, packet_len); - wpa_ft_rrb_send(sm->wpa_auth, r0kh->addr, (u8 *) &frame, sizeof(frame)); + os_free(packet); return 0; } +int wpa_ft_store_pmk_fils(struct wpa_state_machine *sm, + const u8 *pmk_r0, const u8 *pmk_r0_name) +{ + int expires_in = sm->wpa_auth->conf.r0_key_lifetime; + struct vlan_description vlan; + const u8 *identity, *radius_cui; + size_t identity_len, radius_cui_len; + int session_timeout; + size_t pmk_r0_len = wpa_key_mgmt_sha384(sm->wpa_key_mgmt) ? + SHA384_MAC_LEN : PMK_LEN; + + if (wpa_ft_get_vlan(sm->wpa_auth, sm->addr, &vlan) < 0) { + wpa_printf(MSG_DEBUG, "FT: vlan not available for STA " MACSTR, + MAC2STR(sm->addr)); + return -1; + } + + identity_len = wpa_ft_get_identity(sm->wpa_auth, sm->addr, &identity); + radius_cui_len = wpa_ft_get_radius_cui(sm->wpa_auth, sm->addr, + &radius_cui); + session_timeout = wpa_ft_get_session_timeout(sm->wpa_auth, sm->addr); + + return wpa_ft_store_pmk_r0(sm->wpa_auth, sm->addr, pmk_r0, pmk_r0_len, + pmk_r0_name, sm->pairwise, &vlan, expires_in, + session_timeout, identity, identity_len, + radius_cui, radius_cui_len); +} + + int wpa_auth_derive_ptk_ft(struct wpa_state_machine *sm, const u8 *pmk, struct wpa_ptk *ptk) { - u8 pmk_r0[PMK_LEN], pmk_r0_name[WPA_PMK_NAME_LEN]; - u8 pmk_r1[PMK_LEN]; + u8 pmk_r0[PMK_LEN_MAX], pmk_r0_name[WPA_PMK_NAME_LEN]; + size_t pmk_r0_len = wpa_key_mgmt_sha384(sm->wpa_key_mgmt) ? + SHA384_MAC_LEN : PMK_LEN; + size_t pmk_r1_len = pmk_r0_len; + u8 pmk_r1[PMK_LEN_MAX]; u8 ptk_name[WPA_PMK_NAME_LEN]; const u8 *mdid = sm->wpa_auth->conf.mobility_domain; const u8 *r0kh = sm->wpa_auth->conf.r0_key_holder; @@ -373,6 +2031,12 @@ int wpa_auth_derive_ptk_ft(struct wpa_state_machine *sm, const u8 *pmk, const u8 *r1kh = sm->wpa_auth->conf.r1_key_holder; const u8 *ssid = sm->wpa_auth->conf.ssid; size_t ssid_len = sm->wpa_auth->conf.ssid_len; + int psk_local = sm->wpa_auth->conf.ft_psk_generate_local; + int expires_in = sm->wpa_auth->conf.r0_key_lifetime; + struct vlan_description vlan; + const u8 *identity, *radius_cui; + size_t identity_len, radius_cui_len; + int session_timeout; if (sm->xxkey_len == 0) { wpa_printf(MSG_DEBUG, "FT: XXKey not available for key " @@ -380,23 +2044,45 @@ int wpa_auth_derive_ptk_ft(struct wpa_state_machine *sm, const u8 *pmk, return -1; } - wpa_derive_pmk_r0(sm->xxkey, sm->xxkey_len, ssid, ssid_len, mdid, - r0kh, r0kh_len, sm->addr, pmk_r0, pmk_r0_name); - wpa_hexdump_key(MSG_DEBUG, "FT: PMK-R0", pmk_r0, PMK_LEN); - wpa_hexdump(MSG_DEBUG, "FT: PMKR0Name", pmk_r0_name, WPA_PMK_NAME_LEN); - wpa_ft_store_pmk_r0(sm->wpa_auth, sm->addr, pmk_r0, pmk_r0_name, - sm->pairwise); + if (wpa_ft_get_vlan(sm->wpa_auth, sm->addr, &vlan) < 0) { + wpa_printf(MSG_DEBUG, "FT: vlan not available for STA " MACSTR, + MAC2STR(sm->addr)); + return -1; + } - wpa_derive_pmk_r1(pmk_r0, pmk_r0_name, r1kh, sm->addr, - pmk_r1, sm->pmk_r1_name); - wpa_hexdump_key(MSG_DEBUG, "FT: PMK-R1", pmk_r1, PMK_LEN); + identity_len = wpa_ft_get_identity(sm->wpa_auth, sm->addr, &identity); + radius_cui_len = wpa_ft_get_radius_cui(sm->wpa_auth, sm->addr, + &radius_cui); + session_timeout = wpa_ft_get_session_timeout(sm->wpa_auth, sm->addr); + + if (wpa_derive_pmk_r0(sm->xxkey, sm->xxkey_len, ssid, ssid_len, mdid, + r0kh, r0kh_len, sm->addr, + pmk_r0, pmk_r0_name, + wpa_key_mgmt_sha384(sm->wpa_key_mgmt)) < 0) + return -1; + wpa_hexdump_key(MSG_DEBUG, "FT: PMK-R0", pmk_r0, pmk_r0_len); + wpa_hexdump(MSG_DEBUG, "FT: PMKR0Name", pmk_r0_name, WPA_PMK_NAME_LEN); + if (!psk_local || !wpa_key_mgmt_ft_psk(sm->wpa_key_mgmt)) + wpa_ft_store_pmk_r0(sm->wpa_auth, sm->addr, pmk_r0, pmk_r0_len, + pmk_r0_name, + sm->pairwise, &vlan, expires_in, + session_timeout, identity, identity_len, + radius_cui, radius_cui_len); + + if (wpa_derive_pmk_r1(pmk_r0, pmk_r0_len, pmk_r0_name, r1kh, sm->addr, + pmk_r1, sm->pmk_r1_name) < 0) + return -1; + wpa_hexdump_key(MSG_DEBUG, "FT: PMK-R1", pmk_r1, pmk_r1_len); wpa_hexdump(MSG_DEBUG, "FT: PMKR1Name", sm->pmk_r1_name, WPA_PMK_NAME_LEN); - wpa_ft_store_pmk_r1(sm->wpa_auth, sm->addr, pmk_r1, sm->pmk_r1_name, - sm->pairwise); - - return wpa_pmk_r1_to_ptk(pmk_r1, sm->SNonce, sm->ANonce, sm->addr, - sm->wpa_auth->addr, sm->pmk_r1_name, + if (!psk_local || !wpa_key_mgmt_ft_psk(sm->wpa_key_mgmt)) + wpa_ft_store_pmk_r1(sm->wpa_auth, sm->addr, pmk_r1, pmk_r1_len, + sm->pmk_r1_name, sm->pairwise, &vlan, + expires_in, session_timeout, identity, + identity_len, radius_cui, radius_cui_len); + + return wpa_pmk_r1_to_ptk(pmk_r1, pmk_r1_len, sm->SNonce, sm->ANonce, + sm->addr, sm->wpa_auth->addr, sm->pmk_r1_name, ptk, ptk_name, sm->wpa_key_mgmt, sm->pairwise); } @@ -404,9 +2090,9 @@ int wpa_auth_derive_ptk_ft(struct wpa_state_machine *sm, const u8 *pmk, static inline int wpa_auth_get_seqnum(struct wpa_authenticator *wpa_auth, const u8 *addr, int idx, u8 *seq) { - if (wpa_auth->cb.get_seqnum == NULL) + if (wpa_auth->cb->get_seqnum == NULL) return -1; - return wpa_auth->cb.get_seqnum(wpa_auth->cb.ctx, addr, idx, seq); + return wpa_auth->cb->get_seqnum(wpa_auth->cb_ctx, addr, idx, seq); } @@ -418,6 +2104,16 @@ static u8 * wpa_ft_gtk_subelem(struct wpa_state_machine *sm, size_t *len) const u8 *key; size_t key_len; u8 keybuf[32]; + const u8 *kek; + size_t kek_len; + + if (wpa_key_mgmt_fils(sm->wpa_key_mgmt)) { + kek = sm->PTK.kek2; + kek_len = sm->PTK.kek2_len; + } else { + kek = sm->PTK.kek; + kek_len = sm->PTK.kek_len; + } key_len = gsm->GTK_len; if (key_len > sizeof(keybuf)) @@ -456,8 +2152,10 @@ static u8 * wpa_ft_gtk_subelem(struct wpa_state_machine *sm, size_t *len) WPA_PUT_LE16(&subelem[2], gsm->GN & 0x03); subelem[4] = gsm->GTK_len; wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN, subelem + 5); - if (aes_wrap(sm->PTK.kek, sm->PTK.kek_len, key_len / 8, key, - subelem + 13)) { + if (aes_wrap(kek, kek_len, key_len / 8, key, subelem + 13)) { + wpa_printf(MSG_DEBUG, + "FT: GTK subelem encryption failed: kek_len=%d", + (int) kek_len); os_free(subelem); return NULL; } @@ -473,10 +2171,23 @@ static u8 * wpa_ft_igtk_subelem(struct wpa_state_machine *sm, size_t *len) u8 *subelem, *pos; struct wpa_group *gsm = sm->group; size_t subelem_len; + const u8 *kek; + size_t kek_len; + size_t igtk_len; + + if (wpa_key_mgmt_fils(sm->wpa_key_mgmt)) { + kek = sm->PTK.kek2; + kek_len = sm->PTK.kek2_len; + } else { + kek = sm->PTK.kek; + kek_len = sm->PTK.kek_len; + } + + igtk_len = wpa_cipher_key_len(sm->wpa_auth->conf.group_mgmt_cipher); /* Sub-elem ID[1] | Length[1] | KeyID[2] | IPN[6] | Key Length[1] | * Key[16+8] */ - subelem_len = 1 + 1 + 2 + 6 + 1 + WPA_IGTK_LEN + 8; + subelem_len = 1 + 1 + 2 + 6 + 1 + igtk_len + 8; subelem = os_zalloc(subelem_len); if (subelem == NULL) return NULL; @@ -488,9 +2199,12 @@ static u8 * wpa_ft_igtk_subelem(struct wpa_state_machine *sm, size_t *len) pos += 2; wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN_igtk, pos); pos += 6; - *pos++ = WPA_IGTK_LEN; - if (aes_wrap(sm->PTK.kek, sm->PTK.kek_len, WPA_IGTK_LEN / 8, + *pos++ = igtk_len; + if (aes_wrap(kek, kek_len, igtk_len / 8, gsm->IGTK[gsm->GN_igtk - 4], pos)) { + wpa_printf(MSG_DEBUG, + "FT: IGTK subelem encryption failed: kek_len=%d", + (int) kek_len); os_free(subelem); return NULL; } @@ -637,17 +2351,21 @@ u8 * wpa_sm_write_assoc_resp_ies(struct wpa_state_machine *sm, u8 *pos, const u8 *req_ies, size_t req_ies_len) { u8 *end, *mdie, *ftie, *rsnie = NULL, *r0kh_id, *subelem = NULL; + u8 *fte_mic, *elem_count; size_t mdie_len, ftie_len, rsnie_len = 0, r0kh_id_len, subelem_len = 0; int res; struct wpa_auth_config *conf; - struct rsn_ftie *_ftie; struct wpa_ft_ies parse; u8 *ric_start; u8 *anonce, *snonce; + const u8 *kck; + size_t kck_len; + int use_sha384; if (sm == NULL) return pos; + use_sha384 = wpa_key_mgmt_sha384(sm->wpa_key_mgmt); conf = &sm->wpa_auth->conf; if (!wpa_key_mgmt_ft(sm->wpa_key_mgmt)) @@ -662,7 +2380,7 @@ u8 * wpa_sm_write_assoc_resp_ies(struct wpa_state_machine *sm, u8 *pos, */ res = wpa_write_rsn_ie(conf, pos, end - pos, sm->pmk_r1_name); if (res < 0) - return pos; + return NULL; rsnie = pos; rsnie_len = res; pos += res; @@ -671,7 +2389,7 @@ u8 * wpa_sm_write_assoc_resp_ies(struct wpa_state_machine *sm, u8 *pos, /* Mobility Domain Information */ res = wpa_write_mdie(conf, pos, end - pos); if (res < 0) - return pos; + return NULL; mdie = pos; mdie_len = res; pos += res; @@ -679,6 +2397,11 @@ u8 * wpa_sm_write_assoc_resp_ies(struct wpa_state_machine *sm, u8 *pos, /* Fast BSS Transition Information */ if (auth_alg == WLAN_AUTH_FT) { subelem = wpa_ft_gtk_subelem(sm, &subelem_len); + if (!subelem) { + wpa_printf(MSG_DEBUG, + "FT: Failed to add GTK subelement"); + return NULL; + } r0kh_id = sm->r0kh_id; r0kh_id_len = sm->r0kh_id_len; anonce = sm->ANonce; @@ -690,14 +2413,16 @@ u8 * wpa_sm_write_assoc_resp_ies(struct wpa_state_machine *sm, u8 *pos, u8 *nbuf; igtk = wpa_ft_igtk_subelem(sm, &igtk_len); if (igtk == NULL) { + wpa_printf(MSG_DEBUG, + "FT: Failed to add IGTK subelement"); os_free(subelem); - return pos; + return NULL; } nbuf = os_realloc(subelem, subelem_len + igtk_len); if (nbuf == NULL) { os_free(subelem); os_free(igtk); - return pos; + return NULL; } subelem = nbuf; os_memcpy(subelem + subelem_len, igtk, igtk_len); @@ -711,44 +2436,66 @@ u8 * wpa_sm_write_assoc_resp_ies(struct wpa_state_machine *sm, u8 *pos, anonce = NULL; snonce = NULL; } - res = wpa_write_ftie(conf, r0kh_id, r0kh_id_len, anonce, snonce, pos, - end - pos, subelem, subelem_len); + res = wpa_write_ftie(conf, use_sha384, r0kh_id, r0kh_id_len, + anonce, snonce, pos, end - pos, + subelem, subelem_len); os_free(subelem); if (res < 0) - return pos; + return NULL; ftie = pos; ftie_len = res; pos += res; - _ftie = (struct rsn_ftie *) (ftie + 2); + if (use_sha384) { + struct rsn_ftie_sha384 *_ftie = + (struct rsn_ftie_sha384 *) (ftie + 2); + + fte_mic = _ftie->mic; + elem_count = &_ftie->mic_control[1]; + } else { + struct rsn_ftie *_ftie = (struct rsn_ftie *) (ftie + 2); + + fte_mic = _ftie->mic; + elem_count = &_ftie->mic_control[1]; + } if (auth_alg == WLAN_AUTH_FT) - _ftie->mic_control[1] = 3; /* Information element count */ + *elem_count = 3; /* Information element count */ ric_start = pos; - if (wpa_ft_parse_ies(req_ies, req_ies_len, &parse) == 0 && parse.ric) { + if (wpa_ft_parse_ies(req_ies, req_ies_len, &parse, use_sha384) == 0 + && parse.ric) { pos = wpa_ft_process_ric(sm, pos, end, parse.ric, parse.ric_len); if (auth_alg == WLAN_AUTH_FT) - _ftie->mic_control[1] += + *elem_count += ieee802_11_ie_count(ric_start, pos - ric_start); } if (ric_start == pos) ric_start = NULL; + if (wpa_key_mgmt_fils(sm->wpa_key_mgmt)) { + kck = sm->PTK.kck2; + kck_len = sm->PTK.kck2_len; + } else { + kck = sm->PTK.kck; + kck_len = sm->PTK.kck_len; + } if (auth_alg == WLAN_AUTH_FT && - wpa_ft_mic(sm->PTK.kck, sm->PTK.kck_len, sm->addr, - sm->wpa_auth->addr, 6, + wpa_ft_mic(kck, kck_len, sm->addr, sm->wpa_auth->addr, 6, mdie, mdie_len, ftie, ftie_len, rsnie, rsnie_len, ric_start, ric_start ? pos - ric_start : 0, - _ftie->mic) < 0) + fte_mic) < 0) { wpa_printf(MSG_DEBUG, "FT: Failed to calculate MIC"); + return NULL; + } os_free(sm->assoc_resp_ftie); sm->assoc_resp_ftie = os_malloc(ftie_len); - if (sm->assoc_resp_ftie) - os_memcpy(sm->assoc_resp_ftie, ftie, ftie_len); + if (!sm->assoc_resp_ftie) + return NULL; + os_memcpy(sm->assoc_resp_ftie, ftie, ftie_len); return pos; } @@ -759,10 +2506,10 @@ static inline int wpa_auth_set_key(struct wpa_authenticator *wpa_auth, enum wpa_alg alg, const u8 *addr, int idx, u8 *key, size_t key_len) { - if (wpa_auth->cb.set_key == NULL) + if (wpa_auth->cb->set_key == NULL) return -1; - return wpa_auth->cb.set_key(wpa_auth->cb.ctx, vlan_id, alg, addr, idx, - key, key_len); + return wpa_auth->cb->set_key(wpa_auth->cb_ctx, vlan_id, alg, addr, idx, + key, key_len); } @@ -804,20 +2551,219 @@ void wpa_ft_install_ptk(struct wpa_state_machine *sm) } +/* Derive PMK-R1 from PSK, check all available PSK */ +static int wpa_ft_psk_pmk_r1(struct wpa_state_machine *sm, + const u8 *req_pmk_r1_name, + u8 *out_pmk_r1, int *out_pairwise, + struct vlan_description *out_vlan, + const u8 **out_identity, size_t *out_identity_len, + const u8 **out_radius_cui, + size_t *out_radius_cui_len, + int *out_session_timeout) +{ + const u8 *pmk = NULL; + u8 pmk_r0[PMK_LEN], pmk_r0_name[WPA_PMK_NAME_LEN]; + u8 pmk_r1[PMK_LEN], pmk_r1_name[WPA_PMK_NAME_LEN]; + struct wpa_authenticator *wpa_auth = sm->wpa_auth; + const u8 *mdid = wpa_auth->conf.mobility_domain; + const u8 *r0kh = sm->r0kh_id; + size_t r0kh_len = sm->r0kh_id_len; + const u8 *r1kh = wpa_auth->conf.r1_key_holder; + const u8 *ssid = wpa_auth->conf.ssid; + size_t ssid_len = wpa_auth->conf.ssid_len; + int pairwise; + + pairwise = sm->pairwise; + + for (;;) { + pmk = wpa_ft_get_psk(wpa_auth, sm->addr, sm->p2p_dev_addr, + pmk); + if (pmk == NULL) + break; + + if (wpa_derive_pmk_r0(pmk, PMK_LEN, ssid, ssid_len, mdid, r0kh, + r0kh_len, sm->addr, + pmk_r0, pmk_r0_name, 0) < 0 || + wpa_derive_pmk_r1(pmk_r0, PMK_LEN, pmk_r0_name, r1kh, + sm->addr, pmk_r1, pmk_r1_name) < 0 || + os_memcmp_const(pmk_r1_name, req_pmk_r1_name, + WPA_PMK_NAME_LEN) != 0) + continue; + + /* We found a PSK that matches the requested pmk_r1_name */ + wpa_printf(MSG_DEBUG, + "FT: Found PSK to generate PMK-R1 locally"); + os_memcpy(out_pmk_r1, pmk_r1, PMK_LEN); + if (out_pairwise) + *out_pairwise = pairwise; + if (out_vlan && + wpa_ft_get_vlan(sm->wpa_auth, sm->addr, out_vlan) < 0) { + wpa_printf(MSG_DEBUG, "FT: vlan not available for STA " + MACSTR, MAC2STR(sm->addr)); + return -1; + } + + if (out_identity && out_identity_len) { + *out_identity_len = wpa_ft_get_identity( + sm->wpa_auth, sm->addr, out_identity); + } + + if (out_radius_cui && out_radius_cui_len) { + *out_radius_cui_len = wpa_ft_get_radius_cui( + sm->wpa_auth, sm->addr, out_radius_cui); + } + + if (out_session_timeout) { + *out_session_timeout = wpa_ft_get_session_timeout( + sm->wpa_auth, sm->addr); + } + + return 0; + } + + wpa_printf(MSG_DEBUG, + "FT: Did not find PSK to generate PMK-R1 locally"); + return -1; +} + + +/* Detect the configuration the station asked for. + * Required to detect FT-PSK and pairwise cipher. + */ +static int wpa_ft_set_key_mgmt(struct wpa_state_machine *sm, + struct wpa_ft_ies *parse) +{ + int key_mgmt, ciphers; + + if (sm->wpa_key_mgmt) + return 0; + + key_mgmt = parse->key_mgmt & sm->wpa_auth->conf.wpa_key_mgmt; + if (!key_mgmt) { + wpa_printf(MSG_DEBUG, "FT: Invalid key mgmt (0x%x) from " + MACSTR, parse->key_mgmt, MAC2STR(sm->addr)); + return -1; + } + if (key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X) + sm->wpa_key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X; +#ifdef CONFIG_SHA384 + else if (key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X_SHA384) + sm->wpa_key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X_SHA384; +#endif /* CONFIG_SHA384 */ + else if (key_mgmt & WPA_KEY_MGMT_FT_PSK) + sm->wpa_key_mgmt = WPA_KEY_MGMT_FT_PSK; +#ifdef CONFIG_FILS + else if (key_mgmt & WPA_KEY_MGMT_FT_FILS_SHA256) + sm->wpa_key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA256; + else if (key_mgmt & WPA_KEY_MGMT_FT_FILS_SHA384) + sm->wpa_key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA384; +#endif /* CONFIG_FILS */ + ciphers = parse->pairwise_cipher & sm->wpa_auth->conf.rsn_pairwise; + if (!ciphers) { + wpa_printf(MSG_DEBUG, "FT: Invalid pairwise cipher (0x%x) from " + MACSTR, + parse->pairwise_cipher, MAC2STR(sm->addr)); + return -1; + } + sm->pairwise = wpa_pick_pairwise_cipher(ciphers, 0); + + return 0; +} + + +static int wpa_ft_local_derive_pmk_r1(struct wpa_authenticator *wpa_auth, + struct wpa_state_machine *sm, + const u8 *r0kh_id, size_t r0kh_id_len, + const u8 *req_pmk_r0_name, + const u8 *req_pmk_r1_name, + u8 *out_pmk_r1, int *out_pairwise, + struct vlan_description *vlan, + const u8 **identity, size_t *identity_len, + const u8 **radius_cui, + size_t *radius_cui_len, + int *out_session_timeout) +{ + struct wpa_auth_config *conf = &wpa_auth->conf; + const struct wpa_ft_pmk_r0_sa *r0; + u8 pmk_r1_name[WPA_PMK_NAME_LEN]; + int expires_in = 0; + int session_timeout = 0; + struct os_reltime now; + + if (conf->r0_key_holder_len != r0kh_id_len || + os_memcmp(conf->r0_key_holder, r0kh_id, conf->r0_key_holder_len) != + 0) + return -1; /* not our R0KH-ID */ + + wpa_printf(MSG_DEBUG, "FT: STA R0KH-ID matching local configuration"); + if (wpa_ft_fetch_pmk_r0(sm->wpa_auth, sm->addr, req_pmk_r0_name, &r0) < + 0) + return -1; /* no matching PMKR0Name in local cache */ + + wpa_printf(MSG_DEBUG, "FT: Requested PMKR0Name found in local cache"); + + if (wpa_derive_pmk_r1(r0->pmk_r0, r0->pmk_r0_len, r0->pmk_r0_name, + conf->r1_key_holder, + sm->addr, out_pmk_r1, pmk_r1_name) < 0) + return -1; + wpa_hexdump_key(MSG_DEBUG, "FT: PMK-R1", out_pmk_r1, r0->pmk_r0_len); + wpa_hexdump(MSG_DEBUG, "FT: PMKR1Name", pmk_r1_name, WPA_PMK_NAME_LEN); + + os_get_reltime(&now); + if (r0->expiration) + expires_in = r0->expiration - now.sec; + + if (r0->session_timeout) + session_timeout = r0->session_timeout - now.sec; + + wpa_ft_store_pmk_r1(wpa_auth, sm->addr, out_pmk_r1, r0->pmk_r0_len, + pmk_r1_name, + sm->pairwise, r0->vlan, expires_in, session_timeout, + r0->identity, r0->identity_len, + r0->radius_cui, r0->radius_cui_len); + + *out_pairwise = sm->pairwise; + if (vlan) { + if (r0->vlan) + *vlan = *r0->vlan; + else + os_memset(vlan, 0, sizeof(*vlan)); + } + + if (identity && identity_len) { + *identity = r0->identity; + *identity_len = r0->identity_len; + } + + if (radius_cui && radius_cui_len) { + *radius_cui = r0->radius_cui; + *radius_cui_len = r0->radius_cui_len; + } + + *out_session_timeout = session_timeout; + + return 0; +} + + static int wpa_ft_process_auth_req(struct wpa_state_machine *sm, const u8 *ies, size_t ies_len, u8 **resp_ies, size_t *resp_ies_len) { struct rsn_mdie *mdie; - struct rsn_ftie *ftie; - u8 pmk_r1[PMK_LEN], pmk_r1_name[WPA_PMK_NAME_LEN]; + u8 pmk_r1[PMK_LEN_MAX], pmk_r1_name[WPA_PMK_NAME_LEN]; u8 ptk_name[WPA_PMK_NAME_LEN]; struct wpa_auth_config *conf; struct wpa_ft_ies parse; size_t buflen; int ret; u8 *pos, *end; - int pairwise; + int pairwise, session_timeout = 0; + struct vlan_description vlan; + const u8 *identity, *radius_cui; + size_t identity_len = 0, radius_cui_len = 0; + int use_sha384; + size_t pmk_r1_len; *resp_ies = NULL; *resp_ies_len = 0; @@ -828,10 +2774,12 @@ static int wpa_ft_process_auth_req(struct wpa_state_machine *sm, wpa_hexdump(MSG_DEBUG, "FT: Received authentication frame IEs", ies, ies_len); - if (wpa_ft_parse_ies(ies, ies_len, &parse) < 0) { + if (wpa_ft_parse_ies(ies, ies_len, &parse, -1)) { wpa_printf(MSG_DEBUG, "FT: Failed to parse FT IEs"); return WLAN_STATUS_UNSPECIFIED_FAILURE; } + use_sha384 = wpa_key_mgmt_sha384(parse.key_mgmt); + pmk_r1_len = use_sha384 ? SHA384_MAC_LEN : PMK_LEN; mdie = (struct rsn_mdie *) parse.mdie; if (mdie == NULL || parse.mdie_len < sizeof(*mdie) || @@ -842,13 +2790,27 @@ static int wpa_ft_process_auth_req(struct wpa_state_machine *sm, return WLAN_STATUS_INVALID_MDIE; } - ftie = (struct rsn_ftie *) parse.ftie; - if (ftie == NULL || parse.ftie_len < sizeof(*ftie)) { - wpa_printf(MSG_DEBUG, "FT: Invalid FTIE"); - return WLAN_STATUS_INVALID_FTIE; - } + if (use_sha384) { + struct rsn_ftie_sha384 *ftie; + + ftie = (struct rsn_ftie_sha384 *) parse.ftie; + if (!ftie || parse.ftie_len < sizeof(*ftie)) { + wpa_printf(MSG_DEBUG, "FT: Invalid FTIE"); + return WLAN_STATUS_INVALID_FTIE; + } - os_memcpy(sm->SNonce, ftie->snonce, WPA_NONCE_LEN); + os_memcpy(sm->SNonce, ftie->snonce, WPA_NONCE_LEN); + } else { + struct rsn_ftie *ftie; + + ftie = (struct rsn_ftie *) parse.ftie; + if (!ftie || parse.ftie_len < sizeof(*ftie)) { + wpa_printf(MSG_DEBUG, "FT: Invalid FTIE"); + return WLAN_STATUS_INVALID_FTIE; + } + + os_memcpy(sm->SNonce, ftie->snonce, WPA_NONCE_LEN); + } if (parse.r0kh_id == NULL) { wpa_printf(MSG_DEBUG, "FT: Invalid FTIE - no R0KH-ID"); @@ -865,26 +2827,58 @@ static int wpa_ft_process_auth_req(struct wpa_state_machine *sm, return WLAN_STATUS_INVALID_PMKID; } + if (wpa_ft_set_key_mgmt(sm, &parse) < 0) + return WLAN_STATUS_UNSPECIFIED_FAILURE; + wpa_hexdump(MSG_DEBUG, "FT: Requested PMKR0Name", parse.rsn_pmkid, WPA_PMK_NAME_LEN); - wpa_derive_pmk_r1_name(parse.rsn_pmkid, - sm->wpa_auth->conf.r1_key_holder, sm->addr, - pmk_r1_name); + if (wpa_derive_pmk_r1_name(parse.rsn_pmkid, + sm->wpa_auth->conf.r1_key_holder, sm->addr, + pmk_r1_name, use_sha384) < 0) + return WLAN_STATUS_UNSPECIFIED_FAILURE; wpa_hexdump(MSG_DEBUG, "FT: Derived requested PMKR1Name", pmk_r1_name, WPA_PMK_NAME_LEN); - if (wpa_ft_fetch_pmk_r1(sm->wpa_auth, sm->addr, pmk_r1_name, pmk_r1, - &pairwise) < 0) { + if (conf->ft_psk_generate_local && + wpa_key_mgmt_ft_psk(sm->wpa_key_mgmt)) { + if (wpa_ft_psk_pmk_r1(sm, pmk_r1_name, pmk_r1, &pairwise, + &vlan, &identity, &identity_len, + &radius_cui, &radius_cui_len, + &session_timeout) < 0) + return WLAN_STATUS_INVALID_PMKID; + wpa_printf(MSG_DEBUG, + "FT: Generated PMK-R1 for FT-PSK locally"); + } else if (wpa_ft_fetch_pmk_r1(sm->wpa_auth, sm->addr, pmk_r1_name, + pmk_r1, &pmk_r1_len, &pairwise, &vlan, + &identity, &identity_len, &radius_cui, + &radius_cui_len, &session_timeout) < 0) { + wpa_printf(MSG_DEBUG, + "FT: No PMK-R1 available in local cache for the requested PMKR1Name"); + if (wpa_ft_local_derive_pmk_r1(sm->wpa_auth, sm, + parse.r0kh_id, parse.r0kh_id_len, + parse.rsn_pmkid, + pmk_r1_name, pmk_r1, &pairwise, + &vlan, &identity, &identity_len, + &radius_cui, &radius_cui_len, + &session_timeout) == 0) { + wpa_printf(MSG_DEBUG, + "FT: Generated PMK-R1 based on local PMK-R0"); + goto pmk_r1_derived; + } + if (wpa_ft_pull_pmk_r1(sm, ies, ies_len, parse.rsn_pmkid) < 0) { - wpa_printf(MSG_DEBUG, "FT: Did not have matching " - "PMK-R1 and unknown R0KH-ID"); + wpa_printf(MSG_DEBUG, + "FT: Did not have matching PMK-R1 and either unknown or blocked R0KH-ID or NAK from R0KH"); return WLAN_STATUS_INVALID_PMKID; } return -1; /* Status pending */ + } else { + wpa_printf(MSG_DEBUG, "FT: Found PMKR1Name from local cache"); } - wpa_hexdump_key(MSG_DEBUG, "FT: Selected PMK-R1", pmk_r1, PMK_LEN); +pmk_r1_derived: + wpa_hexdump_key(MSG_DEBUG, "FT: Selected PMK-R1", pmk_r1, pmk_r1_len); sm->pmk_r1_name_valid = 1; os_memcpy(sm->pmk_r1_name, pmk_r1_name, WPA_PMK_NAME_LEN); @@ -899,8 +2893,8 @@ static int wpa_ft_process_auth_req(struct wpa_state_machine *sm, wpa_hexdump(MSG_DEBUG, "FT: Generated ANonce", sm->ANonce, WPA_NONCE_LEN); - if (wpa_pmk_r1_to_ptk(pmk_r1, sm->SNonce, sm->ANonce, sm->addr, - sm->wpa_auth->addr, pmk_r1_name, + if (wpa_pmk_r1_to_ptk(pmk_r1, pmk_r1_len, sm->SNonce, sm->ANonce, + sm->addr, sm->wpa_auth->addr, pmk_r1_name, &sm->PTK, ptk_name, sm->wpa_key_mgmt, pairwise) < 0) return WLAN_STATUS_UNSPECIFIED_FAILURE; @@ -910,44 +2904,51 @@ static int wpa_ft_process_auth_req(struct wpa_state_machine *sm, sm->tk_already_set = FALSE; wpa_ft_install_ptk(sm); + if (wpa_ft_set_vlan(sm->wpa_auth, sm->addr, &vlan) < 0) { + wpa_printf(MSG_DEBUG, "FT: Failed to configure VLAN"); + return WLAN_STATUS_UNSPECIFIED_FAILURE; + } + if (wpa_ft_set_identity(sm->wpa_auth, sm->addr, + identity, identity_len) < 0 || + wpa_ft_set_radius_cui(sm->wpa_auth, sm->addr, + radius_cui, radius_cui_len) < 0) { + wpa_printf(MSG_DEBUG, "FT: Failed to configure identity/CUI"); + return WLAN_STATUS_UNSPECIFIED_FAILURE; + } + wpa_ft_set_session_timeout(sm->wpa_auth, sm->addr, session_timeout); + buflen = 2 + sizeof(struct rsn_mdie) + 2 + sizeof(struct rsn_ftie) + 2 + FT_R1KH_ID_LEN + 200; *resp_ies = os_zalloc(buflen); - if (*resp_ies == NULL) { - return WLAN_STATUS_UNSPECIFIED_FAILURE; - } + if (*resp_ies == NULL) + goto fail; pos = *resp_ies; end = *resp_ies + buflen; ret = wpa_write_rsn_ie(conf, pos, end - pos, parse.rsn_pmkid); - if (ret < 0) { - os_free(*resp_ies); - *resp_ies = NULL; - return WLAN_STATUS_UNSPECIFIED_FAILURE; - } + if (ret < 0) + goto fail; pos += ret; ret = wpa_write_mdie(conf, pos, end - pos); - if (ret < 0) { - os_free(*resp_ies); - *resp_ies = NULL; - return WLAN_STATUS_UNSPECIFIED_FAILURE; - } + if (ret < 0) + goto fail; pos += ret; - ret = wpa_write_ftie(conf, parse.r0kh_id, parse.r0kh_id_len, + ret = wpa_write_ftie(conf, use_sha384, parse.r0kh_id, parse.r0kh_id_len, sm->ANonce, sm->SNonce, pos, end - pos, NULL, 0); - if (ret < 0) { - os_free(*resp_ies); - *resp_ies = NULL; - return WLAN_STATUS_UNSPECIFIED_FAILURE; - } + if (ret < 0) + goto fail; pos += ret; *resp_ies_len = pos - *resp_ies; return WLAN_STATUS_SUCCESS; +fail: + os_free(*resp_ies); + *resp_ies = NULL; + return WLAN_STATUS_UNSPECIFIED_FAILURE; } @@ -975,6 +2976,7 @@ void wpa_ft_process_auth(struct wpa_state_machine *sm, const u8 *bssid, sm->ft_pending_cb = cb; sm->ft_pending_cb_ctx = ctx; sm->ft_pending_auth_transaction = auth_transaction; + sm->ft_pending_pull_left_retries = sm->wpa_auth->conf.rkh_pull_retries; res = wpa_ft_process_auth_req(sm, ies, ies_len, &resp_ies, &resp_ies_len); if (res < 0) { @@ -998,17 +3000,23 @@ u16 wpa_ft_validate_reassoc(struct wpa_state_machine *sm, const u8 *ies, { struct wpa_ft_ies parse; struct rsn_mdie *mdie; - struct rsn_ftie *ftie; u8 mic[WPA_EAPOL_KEY_MIC_MAX_LEN]; size_t mic_len = 16; unsigned int count; + const u8 *kck; + size_t kck_len; + int use_sha384; + const u8 *anonce, *snonce, *fte_mic; + u8 fte_elem_count; if (sm == NULL) return WLAN_STATUS_UNSPECIFIED_FAILURE; + use_sha384 = wpa_key_mgmt_sha384(sm->wpa_key_mgmt); + wpa_hexdump(MSG_DEBUG, "FT: Reassoc Req IEs", ies, ies_len); - if (wpa_ft_parse_ies(ies, ies_len, &parse) < 0) { + if (wpa_ft_parse_ies(ies, ies_len, &parse, use_sha384) < 0) { wpa_printf(MSG_DEBUG, "FT: Failed to parse FT IEs"); return WLAN_STATUS_UNSPECIFIED_FAILURE; } @@ -1039,34 +3047,56 @@ u16 wpa_ft_validate_reassoc(struct wpa_state_machine *sm, const u8 *ies, return WLAN_STATUS_INVALID_MDIE; } - ftie = (struct rsn_ftie *) parse.ftie; - if (ftie == NULL || parse.ftie_len < sizeof(*ftie)) { - wpa_printf(MSG_DEBUG, "FT: Invalid FTIE"); - return WLAN_STATUS_INVALID_FTIE; + if (use_sha384) { + struct rsn_ftie_sha384 *ftie; + + ftie = (struct rsn_ftie_sha384 *) parse.ftie; + if (ftie == NULL || parse.ftie_len < sizeof(*ftie)) { + wpa_printf(MSG_DEBUG, "FT: Invalid FTIE"); + return WLAN_STATUS_INVALID_FTIE; + } + + anonce = ftie->anonce; + snonce = ftie->snonce; + fte_elem_count = ftie->mic_control[1]; + fte_mic = ftie->mic; + } else { + struct rsn_ftie *ftie; + + ftie = (struct rsn_ftie *) parse.ftie; + if (ftie == NULL || parse.ftie_len < sizeof(*ftie)) { + wpa_printf(MSG_DEBUG, "FT: Invalid FTIE"); + return WLAN_STATUS_INVALID_FTIE; + } + + anonce = ftie->anonce; + snonce = ftie->snonce; + fte_elem_count = ftie->mic_control[1]; + fte_mic = ftie->mic; } - if (os_memcmp(ftie->snonce, sm->SNonce, WPA_NONCE_LEN) != 0) { + if (os_memcmp(snonce, sm->SNonce, WPA_NONCE_LEN) != 0) { wpa_printf(MSG_DEBUG, "FT: SNonce mismatch in FTIE"); wpa_hexdump(MSG_DEBUG, "FT: Received SNonce", - ftie->snonce, WPA_NONCE_LEN); + snonce, WPA_NONCE_LEN); wpa_hexdump(MSG_DEBUG, "FT: Expected SNonce", sm->SNonce, WPA_NONCE_LEN); - return -1; + return WLAN_STATUS_INVALID_FTIE; } - if (os_memcmp(ftie->anonce, sm->ANonce, WPA_NONCE_LEN) != 0) { + if (os_memcmp(anonce, sm->ANonce, WPA_NONCE_LEN) != 0) { wpa_printf(MSG_DEBUG, "FT: ANonce mismatch in FTIE"); wpa_hexdump(MSG_DEBUG, "FT: Received ANonce", - ftie->anonce, WPA_NONCE_LEN); + anonce, WPA_NONCE_LEN); wpa_hexdump(MSG_DEBUG, "FT: Expected ANonce", sm->ANonce, WPA_NONCE_LEN); - return -1; + return WLAN_STATUS_INVALID_FTIE; } if (parse.r0kh_id == NULL) { wpa_printf(MSG_DEBUG, "FT: No R0KH-ID subelem in FTIE"); - return -1; + return WLAN_STATUS_INVALID_FTIE; } if (parse.r0kh_id_len != sm->r0kh_id_len || @@ -1078,12 +3108,12 @@ u16 wpa_ft_validate_reassoc(struct wpa_state_machine *sm, const u8 *ies, parse.r0kh_id, parse.r0kh_id_len); wpa_hexdump(MSG_DEBUG, "FT: The current R0KH-ID", sm->r0kh_id, sm->r0kh_id_len); - return -1; + return WLAN_STATUS_INVALID_FTIE; } if (parse.r1kh_id == NULL) { wpa_printf(MSG_DEBUG, "FT: No R1KH-ID subelem in FTIE"); - return -1; + return WLAN_STATUS_INVALID_FTIE; } if (os_memcmp_const(parse.r1kh_id, sm->wpa_auth->conf.r1_key_holder, @@ -1094,7 +3124,7 @@ u16 wpa_ft_validate_reassoc(struct wpa_state_machine *sm, const u8 *ies, parse.r1kh_id, FT_R1KH_ID_LEN); wpa_hexdump(MSG_DEBUG, "FT: Expected R1KH-ID", sm->wpa_auth->conf.r1_key_holder, FT_R1KH_ID_LEN); - return -1; + return WLAN_STATUS_INVALID_FTIE; } if (parse.rsn_pmkid == NULL || @@ -1102,21 +3132,27 @@ u16 wpa_ft_validate_reassoc(struct wpa_state_machine *sm, const u8 *ies, { wpa_printf(MSG_DEBUG, "FT: No matching PMKR1Name (PMKID) in " "RSNIE (pmkid=%d)", !!parse.rsn_pmkid); - return -1; + return WLAN_STATUS_INVALID_PMKID; } count = 3; if (parse.ric) count += ieee802_11_ie_count(parse.ric, parse.ric_len); - if (ftie->mic_control[1] != count) { + if (fte_elem_count != count) { wpa_printf(MSG_DEBUG, "FT: Unexpected IE count in MIC " "Control: received %u expected %u", - ftie->mic_control[1], count); - return -1; + fte_elem_count, count); + return WLAN_STATUS_UNSPECIFIED_FAILURE; } - if (wpa_ft_mic(sm->PTK.kck, sm->PTK.kck_len, sm->addr, - sm->wpa_auth->addr, 5, + if (wpa_key_mgmt_fils(sm->wpa_key_mgmt)) { + kck = sm->PTK.kck2; + kck_len = sm->PTK.kck2_len; + } else { + kck = sm->PTK.kck; + kck_len = sm->PTK.kck_len; + } + if (wpa_ft_mic(kck, kck_len, sm->addr, sm->wpa_auth->addr, 5, parse.mdie - 2, parse.mdie_len + 2, parse.ftie - 2, parse.ftie_len + 2, parse.rsn - 2, parse.rsn_len + 2, @@ -1126,12 +3162,12 @@ u16 wpa_ft_validate_reassoc(struct wpa_state_machine *sm, const u8 *ies, return WLAN_STATUS_UNSPECIFIED_FAILURE; } - if (os_memcmp_const(mic, ftie->mic, mic_len) != 0) { + if (os_memcmp_const(mic, fte_mic, mic_len) != 0) { wpa_printf(MSG_DEBUG, "FT: Invalid MIC in FTIE"); wpa_printf(MSG_DEBUG, "FT: addr=" MACSTR " auth_addr=" MACSTR, MAC2STR(sm->addr), MAC2STR(sm->wpa_auth->addr)); wpa_hexdump(MSG_MSGDUMP, "FT: Received MIC", - ftie->mic, mic_len); + fte_mic, mic_len); wpa_hexdump(MSG_MSGDUMP, "FT: Calculated MIC", mic, mic_len); wpa_hexdump(MSG_MSGDUMP, "FT: MDIE", parse.mdie - 2, parse.mdie_len + 2); @@ -1199,6 +3235,11 @@ int wpa_ft_action_rx(struct wpa_state_machine *sm, const u8 *data, size_t len) wpa_hexdump(MSG_MSGDUMP, "FT: Action frame body", ies, ies_len); + if (!sm->wpa_auth->conf.ft_over_ds) { + wpa_printf(MSG_DEBUG, "FT: Over-DS option disabled - reject"); + return -1; + } + /* RRB - Forward action frame to the target AP */ frame = os_malloc(sizeof(*frame) + len); if (frame == NULL) @@ -1251,6 +3292,7 @@ static int wpa_ft_rrb_rx_request(struct wpa_authenticator *wpa_auth, sm->ft_pending_cb = wpa_ft_rrb_rx_request_cb; sm->ft_pending_cb_ctx = sm; os_memcpy(sm->ft_pending_current_ap, current_ap, ETH_ALEN); + sm->ft_pending_pull_left_retries = sm->wpa_auth->conf.rkh_pull_retries; res = wpa_ft_process_auth_req(sm, body, len, &resp_ies, &resp_ies_len); if (res < 0) { @@ -1316,112 +3358,431 @@ static int wpa_ft_send_rrb_auth_resp(struct wpa_state_machine *sm, } +static int wpa_ft_rrb_build_r0(const u8 *key, const size_t key_len, + const struct tlv_list *tlvs, + const struct wpa_ft_pmk_r0_sa *pmk_r0, + const u8 *r1kh_id, const u8 *s1kh_id, + const struct tlv_list *tlv_auth, + const u8 *src_addr, u8 type, + u8 **packet, size_t *packet_len) +{ + u8 pmk_r1[PMK_LEN_MAX]; + size_t pmk_r1_len = pmk_r0->pmk_r0_len; + u8 pmk_r1_name[WPA_PMK_NAME_LEN]; + u8 f_pairwise[sizeof(le16)]; + u8 f_expires_in[sizeof(le16)]; + u8 f_session_timeout[sizeof(le32)]; + int expires_in; + int session_timeout; + struct os_reltime now; + int ret; + struct tlv_list sess_tlv[] = { + { .type = FT_RRB_PMK_R1, .len = pmk_r1_len, + .data = pmk_r1 }, + { .type = FT_RRB_PMK_R1_NAME, .len = sizeof(pmk_r1_name), + .data = pmk_r1_name }, + { .type = FT_RRB_PAIRWISE, .len = sizeof(f_pairwise), + .data = f_pairwise }, + { .type = FT_RRB_EXPIRES_IN, .len = sizeof(f_expires_in), + .data = f_expires_in }, + { .type = FT_RRB_IDENTITY, .len = pmk_r0->identity_len, + .data = pmk_r0->identity }, + { .type = FT_RRB_RADIUS_CUI, .len = pmk_r0->radius_cui_len, + .data = pmk_r0->radius_cui }, + { .type = FT_RRB_SESSION_TIMEOUT, + .len = sizeof(f_session_timeout), + .data = f_session_timeout }, + { .type = FT_RRB_LAST_EMPTY, .len = 0, .data = NULL }, + }; + + if (wpa_derive_pmk_r1(pmk_r0->pmk_r0, pmk_r0->pmk_r0_len, + pmk_r0->pmk_r0_name, r1kh_id, + s1kh_id, pmk_r1, pmk_r1_name) < 0) + return -1; + wpa_hexdump_key(MSG_DEBUG, "FT: PMK-R1 (for peer AP)", + pmk_r1, pmk_r1_len); + wpa_hexdump(MSG_DEBUG, "FT: PMKR1Name (for peer AP)", + pmk_r1_name, WPA_PMK_NAME_LEN); + WPA_PUT_LE16(f_pairwise, pmk_r0->pairwise); + + os_get_reltime(&now); + if (pmk_r0->expiration > now.sec) + expires_in = pmk_r0->expiration - now.sec; + else if (pmk_r0->expiration) + expires_in = 1; + else + expires_in = 0; + WPA_PUT_LE16(f_expires_in, expires_in); + + if (pmk_r0->session_timeout > now.sec) + session_timeout = pmk_r0->session_timeout - now.sec; + else if (pmk_r0->session_timeout) + session_timeout = 1; + else + session_timeout = 0; + WPA_PUT_LE32(f_session_timeout, session_timeout); + + ret = wpa_ft_rrb_build(key, key_len, tlvs, sess_tlv, tlv_auth, + pmk_r0->vlan, src_addr, type, + packet, packet_len); + + os_memset(pmk_r1, 0, sizeof(pmk_r1)); + + return ret; +} + + static int wpa_ft_rrb_rx_pull(struct wpa_authenticator *wpa_auth, const u8 *src_addr, - const u8 *data, size_t data_len) + const u8 *enc, size_t enc_len, + const u8 *auth, size_t auth_len, + int no_defer) { - struct ft_r0kh_r1kh_pull_frame f; - const u8 *crypt; - u8 *plain; - struct ft_remote_r1kh *r1kh; - struct ft_r0kh_r1kh_resp_frame resp, r; - u8 pmk_r0[PMK_LEN]; - int pairwise; + const char *msgtype = "pull request"; + u8 *plain = NULL, *packet = NULL; + size_t plain_len = 0, packet_len = 0; + struct ft_remote_r1kh *r1kh, *r1kh_wildcard; + const u8 *key; + size_t key_len; + int seq_ret; + const u8 *f_nonce, *f_r0kh_id, *f_r1kh_id, *f_s1kh_id, *f_pmk_r0_name; + size_t f_nonce_len, f_r0kh_id_len, f_r1kh_id_len, f_s1kh_id_len; + size_t f_pmk_r0_name_len; + const struct wpa_ft_pmk_r0_sa *r0; + int ret; + struct tlv_list resp[2]; + struct tlv_list resp_auth[5]; + struct ft_rrb_seq f_seq; wpa_printf(MSG_DEBUG, "FT: Received PMK-R1 pull"); - if (data_len < sizeof(f)) - return -1; + RRB_GET_AUTH(FT_RRB_R0KH_ID, r0kh_id, msgtype, -1); + wpa_hexdump(MSG_DEBUG, "FT: R0KH-ID", f_r0kh_id, f_r0kh_id_len); - r1kh = wpa_auth->conf.r1kh_list; - while (r1kh) { - if (os_memcmp(r1kh->addr, src_addr, ETH_ALEN) == 0) - break; - r1kh = r1kh->next; + if (wpa_ft_rrb_check_r0kh(wpa_auth, f_r0kh_id, f_r0kh_id_len)) { + wpa_printf(MSG_DEBUG, "FT: R0KH-ID mismatch"); + goto out; } - if (r1kh == NULL) { - wpa_printf(MSG_DEBUG, "FT: No matching R1KH address found for " - "PMK-R1 pull source address " MACSTR, - MAC2STR(src_addr)); - return -1; + + RRB_GET_AUTH(FT_RRB_R1KH_ID, r1kh_id, msgtype, FT_R1KH_ID_LEN); + wpa_printf(MSG_DEBUG, "FT: R1KH-ID=" MACSTR, MAC2STR(f_r1kh_id)); + + wpa_ft_rrb_lookup_r1kh(wpa_auth, f_r1kh_id, &r1kh, &r1kh_wildcard); + if (r1kh) { + key = r1kh->key; + key_len = sizeof(r1kh->key); + } else if (r1kh_wildcard) { + wpa_printf(MSG_DEBUG, "FT: Using wildcard R1KH-ID"); + key = r1kh_wildcard->key; + key_len = sizeof(r1kh_wildcard->key); + } else { + goto out; } - crypt = data + offsetof(struct ft_r0kh_r1kh_pull_frame, nonce); - os_memset(&f, 0, sizeof(f)); - plain = ((u8 *) &f) + offsetof(struct ft_r0kh_r1kh_pull_frame, nonce); - /* aes_unwrap() does not support inplace decryption, so use a temporary - * buffer for the data. */ - if (aes_unwrap(r1kh->key, sizeof(r1kh->key), - (FT_R0KH_R1KH_PULL_DATA_LEN + 7) / 8, - crypt, plain) < 0) { - wpa_printf(MSG_DEBUG, "FT: Failed to decrypt PMK-R1 pull " - "request from " MACSTR, MAC2STR(src_addr)); - return -1; + RRB_GET_AUTH(FT_RRB_NONCE, nonce, "pull request", FT_RRB_NONCE_LEN); + wpa_hexdump(MSG_DEBUG, "FT: nonce", f_nonce, f_nonce_len); + + seq_ret = FT_RRB_SEQ_DROP; + if (r1kh) + seq_ret = wpa_ft_rrb_seq_chk(r1kh->seq, src_addr, enc, enc_len, + auth, auth_len, msgtype, no_defer); + if (!no_defer && r1kh_wildcard && + (!r1kh || os_memcmp(r1kh->addr, src_addr, ETH_ALEN) != 0)) { + /* wildcard: r1kh-id unknown or changed addr -> do a seq req */ + seq_ret = FT_RRB_SEQ_DEFER; } - wpa_hexdump(MSG_DEBUG, "FT: PMK-R1 pull - nonce", - f.nonce, sizeof(f.nonce)); - wpa_hexdump(MSG_DEBUG, "FT: PMK-R1 pull - PMKR0Name", - f.pmk_r0_name, WPA_PMK_NAME_LEN); - wpa_printf(MSG_DEBUG, "FT: PMK-R1 pull - R1KH-ID=" MACSTR " S1KH-ID=" - MACSTR, MAC2STR(f.r1kh_id), MAC2STR(f.s1kh_id)); - - os_memset(&resp, 0, sizeof(resp)); - resp.frame_type = RSN_REMOTE_FRAME_TYPE_FT_RRB; - resp.packet_type = FT_PACKET_R0KH_R1KH_RESP; - resp.data_length = host_to_le16(FT_R0KH_R1KH_RESP_DATA_LEN); - os_memcpy(resp.ap_address, wpa_auth->addr, ETH_ALEN); - - /* aes_wrap() does not support inplace encryption, so use a temporary - * buffer for the data. */ - os_memcpy(r.nonce, f.nonce, sizeof(f.nonce)); - os_memcpy(r.r1kh_id, f.r1kh_id, FT_R1KH_ID_LEN); - os_memcpy(r.s1kh_id, f.s1kh_id, ETH_ALEN); - if (wpa_ft_fetch_pmk_r0(wpa_auth, f.s1kh_id, f.pmk_r0_name, pmk_r0, - &pairwise) < 0) { - wpa_printf(MSG_DEBUG, "FT: No matching PMKR0Name found for " - "PMK-R1 pull"); - return -1; + if (seq_ret == FT_RRB_SEQ_DROP) + goto out; + + if (wpa_ft_rrb_decrypt(key, key_len, enc, enc_len, auth, auth_len, + src_addr, FT_PACKET_R0KH_R1KH_PULL, + &plain, &plain_len) < 0) + goto out; + + if (!r1kh) + r1kh = wpa_ft_rrb_add_r1kh(wpa_auth, r1kh_wildcard, src_addr, + f_r1kh_id, + wpa_auth->conf.rkh_pos_timeout); + if (!r1kh) + goto out; + + if (seq_ret == FT_RRB_SEQ_DEFER) { + wpa_ft_rrb_seq_req(wpa_auth, r1kh->seq, src_addr, f_r0kh_id, + f_r0kh_id_len, f_r1kh_id, key, key_len, + enc, enc_len, auth, auth_len, + &wpa_ft_rrb_rx_pull); + goto out; } - wpa_derive_pmk_r1(pmk_r0, f.pmk_r0_name, f.r1kh_id, f.s1kh_id, - r.pmk_r1, r.pmk_r1_name); - wpa_hexdump_key(MSG_DEBUG, "FT: PMK-R1", r.pmk_r1, PMK_LEN); - wpa_hexdump(MSG_DEBUG, "FT: PMKR1Name", r.pmk_r1_name, - WPA_PMK_NAME_LEN); - r.pairwise = host_to_le16(pairwise); - os_memset(r.pad, 0, sizeof(r.pad)); + wpa_ft_rrb_seq_accept(wpa_auth, r1kh->seq, src_addr, auth, auth_len, + msgtype); + wpa_ft_rrb_r1kh_replenish(wpa_auth, r1kh, + wpa_auth->conf.rkh_pos_timeout); - if (aes_wrap(r1kh->key, sizeof(r1kh->key), - (FT_R0KH_R1KH_RESP_DATA_LEN + 7) / 8, - r.nonce, resp.nonce) < 0) { - os_memset(pmk_r0, 0, PMK_LEN); - return -1; + RRB_GET(FT_RRB_PMK_R0_NAME, pmk_r0_name, msgtype, WPA_PMK_NAME_LEN); + wpa_hexdump(MSG_DEBUG, "FT: PMKR0Name", f_pmk_r0_name, + f_pmk_r0_name_len); + + RRB_GET(FT_RRB_S1KH_ID, s1kh_id, msgtype, ETH_ALEN); + wpa_printf(MSG_DEBUG, "FT: S1KH-ID=" MACSTR, MAC2STR(f_s1kh_id)); + + if (wpa_ft_new_seq(r1kh->seq, &f_seq) < 0) { + wpa_printf(MSG_DEBUG, "FT: Failed to get seq num"); + goto out; } - os_memset(pmk_r0, 0, PMK_LEN); + resp[0].type = FT_RRB_S1KH_ID; + resp[0].len = f_s1kh_id_len; + resp[0].data = f_s1kh_id; + resp[1].type = FT_RRB_LAST_EMPTY; + resp[1].len = 0; + resp[1].data = NULL; + + resp_auth[0].type = FT_RRB_NONCE; + resp_auth[0].len = f_nonce_len; + resp_auth[0].data = f_nonce; + resp_auth[1].type = FT_RRB_SEQ; + resp_auth[1].len = sizeof(f_seq); + resp_auth[1].data = (u8 *) &f_seq; + resp_auth[2].type = FT_RRB_R0KH_ID; + resp_auth[2].len = f_r0kh_id_len; + resp_auth[2].data = f_r0kh_id; + resp_auth[3].type = FT_RRB_R1KH_ID; + resp_auth[3].len = f_r1kh_id_len; + resp_auth[3].data = f_r1kh_id; + resp_auth[4].type = FT_RRB_LAST_EMPTY; + resp_auth[4].len = 0; + resp_auth[4].data = NULL; + + if (wpa_ft_fetch_pmk_r0(wpa_auth, f_s1kh_id, f_pmk_r0_name, &r0) < 0) { + wpa_printf(MSG_DEBUG, "FT: No matching PMK-R0-Name found"); + ret = wpa_ft_rrb_build(key, key_len, resp, NULL, resp_auth, + NULL, wpa_auth->addr, + FT_PACKET_R0KH_R1KH_RESP, + &packet, &packet_len); + } else { + ret = wpa_ft_rrb_build_r0(key, key_len, resp, r0, f_r1kh_id, + f_s1kh_id, resp_auth, wpa_auth->addr, + FT_PACKET_R0KH_R1KH_RESP, + &packet, &packet_len); + } - wpa_ft_rrb_send(wpa_auth, src_addr, (u8 *) &resp, sizeof(resp)); + if (!ret) + wpa_ft_rrb_oui_send(wpa_auth, src_addr, + FT_PACKET_R0KH_R1KH_RESP, packet, + packet_len); + +out: + os_free(plain); + os_free(packet); return 0; } -static void ft_pull_resp_cb_finish(void *eloop_ctx, void *timeout_ctx) +/* @returns 0 on success + * -1 on error + * -2 if FR_RRB_PAIRWISE is missing + */ +static int wpa_ft_rrb_rx_r1(struct wpa_authenticator *wpa_auth, + const u8 *src_addr, u8 type, + const u8 *enc, size_t enc_len, + const u8 *auth, size_t auth_len, + const char *msgtype, u8 *s1kh_id_out, + int (*cb)(struct wpa_authenticator *wpa_auth, + const u8 *src_addr, + const u8 *enc, size_t enc_len, + const u8 *auth, size_t auth_len, + int no_defer)) +{ + u8 *plain = NULL; + size_t plain_len = 0; + struct ft_remote_r0kh *r0kh, *r0kh_wildcard; + const u8 *key; + size_t key_len; + int seq_ret; + const u8 *f_r1kh_id, *f_s1kh_id, *f_r0kh_id; + const u8 *f_pmk_r1_name, *f_pairwise, *f_pmk_r1; + const u8 *f_expires_in; + size_t f_r1kh_id_len, f_s1kh_id_len, f_r0kh_id_len; + const u8 *f_identity, *f_radius_cui; + const u8 *f_session_timeout; + size_t f_pmk_r1_name_len, f_pairwise_len, f_pmk_r1_len; + size_t f_expires_in_len; + size_t f_identity_len, f_radius_cui_len; + size_t f_session_timeout_len; + int pairwise; + int ret = -1; + int expires_in; + int session_timeout; + struct vlan_description vlan; + size_t pmk_r1_len; + + RRB_GET_AUTH(FT_RRB_R0KH_ID, r0kh_id, msgtype, -1); + wpa_hexdump(MSG_DEBUG, "FT: R0KH-ID", f_r0kh_id, f_r0kh_id_len); + + RRB_GET_AUTH(FT_RRB_R1KH_ID, r1kh_id, msgtype, FT_R1KH_ID_LEN); + wpa_printf(MSG_DEBUG, "FT: R1KH-ID=" MACSTR, MAC2STR(f_r1kh_id)); + + if (wpa_ft_rrb_check_r1kh(wpa_auth, f_r1kh_id)) { + wpa_printf(MSG_DEBUG, "FT: R1KH-ID mismatch"); + goto out; + } + + wpa_ft_rrb_lookup_r0kh(wpa_auth, f_r0kh_id, f_r0kh_id_len, &r0kh, + &r0kh_wildcard); + if (r0kh) { + key = r0kh->key; + key_len = sizeof(r0kh->key); + } else if (r0kh_wildcard) { + wpa_printf(MSG_DEBUG, "FT: Using wildcard R0KH-ID"); + key = r0kh_wildcard->key; + key_len = sizeof(r0kh_wildcard->key); + } else { + goto out; + } + + seq_ret = FT_RRB_SEQ_DROP; + if (r0kh) { + seq_ret = wpa_ft_rrb_seq_chk(r0kh->seq, src_addr, enc, enc_len, + auth, auth_len, msgtype, + cb ? 0 : 1); + } + if (cb && r0kh_wildcard && + (!r0kh || os_memcmp(r0kh->addr, src_addr, ETH_ALEN) != 0)) { + /* wildcard: r0kh-id unknown or changed addr -> do a seq req */ + seq_ret = FT_RRB_SEQ_DEFER; + } + + if (seq_ret == FT_RRB_SEQ_DROP) + goto out; + + if (wpa_ft_rrb_decrypt(key, key_len, enc, enc_len, auth, auth_len, + src_addr, type, &plain, &plain_len) < 0) + goto out; + + if (!r0kh) + r0kh = wpa_ft_rrb_add_r0kh(wpa_auth, r0kh_wildcard, src_addr, + f_r0kh_id, f_r0kh_id_len, + wpa_auth->conf.rkh_pos_timeout); + if (!r0kh) + goto out; + + if (seq_ret == FT_RRB_SEQ_DEFER) { + wpa_ft_rrb_seq_req(wpa_auth, r0kh->seq, src_addr, f_r0kh_id, + f_r0kh_id_len, f_r1kh_id, key, key_len, + enc, enc_len, auth, auth_len, cb); + goto out; + } + + wpa_ft_rrb_seq_accept(wpa_auth, r0kh->seq, src_addr, auth, auth_len, + msgtype); + wpa_ft_rrb_r0kh_replenish(wpa_auth, r0kh, + wpa_auth->conf.rkh_pos_timeout); + + RRB_GET(FT_RRB_S1KH_ID, s1kh_id, msgtype, ETH_ALEN); + wpa_printf(MSG_DEBUG, "FT: S1KH-ID=" MACSTR, MAC2STR(f_s1kh_id)); + + if (s1kh_id_out) + os_memcpy(s1kh_id_out, f_s1kh_id, ETH_ALEN); + + ret = -2; + RRB_GET(FT_RRB_PAIRWISE, pairwise, msgtype, sizeof(le16)); + wpa_hexdump(MSG_DEBUG, "FT: pairwise", f_pairwise, f_pairwise_len); + + ret = -1; + RRB_GET(FT_RRB_PMK_R1_NAME, pmk_r1_name, msgtype, WPA_PMK_NAME_LEN); + wpa_hexdump(MSG_DEBUG, "FT: PMKR1Name", + f_pmk_r1_name, WPA_PMK_NAME_LEN); + + pmk_r1_len = PMK_LEN; + if (wpa_ft_rrb_get_tlv(plain, plain_len, FT_RRB_PMK_R1, &f_pmk_r1_len, + &f_pmk_r1) == 0 && + (f_pmk_r1_len == PMK_LEN || f_pmk_r1_len == SHA384_MAC_LEN)) + pmk_r1_len = f_pmk_r1_len; + RRB_GET(FT_RRB_PMK_R1, pmk_r1, msgtype, pmk_r1_len); + wpa_hexdump_key(MSG_DEBUG, "FT: PMK-R1", f_pmk_r1, pmk_r1_len); + + pairwise = WPA_GET_LE16(f_pairwise); + + RRB_GET_OPTIONAL(FT_RRB_EXPIRES_IN, expires_in, msgtype, + sizeof(le16)); + if (f_expires_in) + expires_in = WPA_GET_LE16(f_expires_in); + else + expires_in = 0; + + wpa_printf(MSG_DEBUG, "FT: PMK-R1 %s - expires_in=%d", msgtype, + expires_in); + + if (wpa_ft_rrb_get_tlv_vlan(plain, plain_len, &vlan) < 0) { + wpa_printf(MSG_DEBUG, "FT: Cannot parse vlan"); + wpa_ft_rrb_dump(plain, plain_len); + goto out; + } + + wpa_printf(MSG_DEBUG, "FT: vlan %d%s", + le_to_host16(vlan.untagged), vlan.tagged[0] ? "+" : ""); + + RRB_GET_OPTIONAL(FT_RRB_IDENTITY, identity, msgtype, -1); + if (f_identity) + wpa_hexdump_ascii(MSG_DEBUG, "FT: Identity", f_identity, + f_identity_len); + + RRB_GET_OPTIONAL(FT_RRB_RADIUS_CUI, radius_cui, msgtype, -1); + if (f_radius_cui) + wpa_hexdump_ascii(MSG_DEBUG, "FT: CUI", f_radius_cui, + f_radius_cui_len); + + RRB_GET_OPTIONAL(FT_RRB_SESSION_TIMEOUT, session_timeout, msgtype, + sizeof(le32)); + if (f_session_timeout) + session_timeout = WPA_GET_LE32(f_session_timeout); + else + session_timeout = 0; + wpa_printf(MSG_DEBUG, "FT: session_timeout %d", session_timeout); + + if (wpa_ft_store_pmk_r1(wpa_auth, f_s1kh_id, f_pmk_r1, pmk_r1_len, + f_pmk_r1_name, + pairwise, &vlan, expires_in, session_timeout, + f_identity, f_identity_len, f_radius_cui, + f_radius_cui_len) < 0) + goto out; + + ret = 0; +out: + if (plain) { + os_memset(plain, 0, plain_len); + os_free(plain); + } + + return ret; + +} + + +static void ft_finish_pull(struct wpa_state_machine *sm) { - struct wpa_state_machine *sm = eloop_ctx; int res; u8 *resp_ies; size_t resp_ies_len; u16 status; + if (!sm->ft_pending_cb || !sm->ft_pending_req_ies) + return; + res = wpa_ft_process_auth_req(sm, wpabuf_head(sm->ft_pending_req_ies), wpabuf_len(sm->ft_pending_req_ies), &resp_ies, &resp_ies_len); + if (res < 0) { + /* this loop is broken by ft_pending_pull_left_retries */ + wpa_printf(MSG_DEBUG, + "FT: Callback postponed until response is available"); + return; + } wpabuf_free(sm->ft_pending_req_ies); sm->ft_pending_req_ies = NULL; - if (res < 0) - res = WLAN_STATUS_UNSPECIFIED_FAILURE; status = res; wpa_printf(MSG_DEBUG, "FT: Postponed auth callback result for " MACSTR " - status %u", MAC2STR(sm->addr), status); @@ -1433,171 +3794,383 @@ static void ft_pull_resp_cb_finish(void *eloop_ctx, void *timeout_ctx) } -static int ft_pull_resp_cb(struct wpa_state_machine *sm, void *ctx) +struct ft_get_sta_ctx { + const u8 *nonce; + const u8 *s1kh_id; + struct wpa_state_machine *sm; +}; + + +static int ft_get_sta_cb(struct wpa_state_machine *sm, void *ctx) { - struct ft_r0kh_r1kh_resp_frame *frame = ctx; + struct ft_get_sta_ctx *info = ctx; - if (os_memcmp(frame->s1kh_id, sm->addr, ETH_ALEN) != 0) - return 0; - if (os_memcmp(frame->nonce, sm->ft_pending_pull_nonce, - FT_R0KH_R1KH_PULL_NONCE_LEN) != 0) - return 0; - if (sm->ft_pending_cb == NULL || sm->ft_pending_req_ies == NULL) + if ((info->s1kh_id && + os_memcmp(info->s1kh_id, sm->addr, ETH_ALEN) != 0) || + os_memcmp(info->nonce, sm->ft_pending_pull_nonce, + FT_RRB_NONCE_LEN) != 0 || + sm->ft_pending_cb == NULL || sm->ft_pending_req_ies == NULL) return 0; - wpa_printf(MSG_DEBUG, "FT: Response to a pending pull request for " - MACSTR " - process from timeout", MAC2STR(sm->addr)); - eloop_register_timeout(0, 0, ft_pull_resp_cb_finish, sm, NULL); + info->sm = sm; + return 1; } static int wpa_ft_rrb_rx_resp(struct wpa_authenticator *wpa_auth, const u8 *src_addr, - const u8 *data, size_t data_len) + const u8 *enc, size_t enc_len, + const u8 *auth, size_t auth_len, + int no_defer) { - struct ft_r0kh_r1kh_resp_frame f; - const u8 *crypt; - u8 *plain; - struct ft_remote_r0kh *r0kh; - int pairwise, res; + const char *msgtype = "pull response"; + int nak, ret = -1; + struct ft_get_sta_ctx ctx; + u8 s1kh_id[ETH_ALEN]; + const u8 *f_nonce; + size_t f_nonce_len; wpa_printf(MSG_DEBUG, "FT: Received PMK-R1 pull response"); - if (data_len < sizeof(f)) - return -1; + RRB_GET_AUTH(FT_RRB_NONCE, nonce, msgtype, FT_RRB_NONCE_LEN); + wpa_hexdump(MSG_DEBUG, "FT: nonce", f_nonce, f_nonce_len); - r0kh = wpa_auth->conf.r0kh_list; - while (r0kh) { - if (os_memcmp(r0kh->addr, src_addr, ETH_ALEN) == 0) - break; - r0kh = r0kh->next; - } - if (r0kh == NULL) { - wpa_printf(MSG_DEBUG, "FT: No matching R0KH address found for " - "PMK-R0 pull response source address " MACSTR, - MAC2STR(src_addr)); + os_memset(&ctx, 0, sizeof(ctx)); + ctx.nonce = f_nonce; + if (!wpa_auth_for_each_sta(wpa_auth, ft_get_sta_cb, &ctx)) { + /* nonce not found */ + wpa_printf(MSG_DEBUG, "FT: Invalid nonce"); return -1; } - crypt = data + offsetof(struct ft_r0kh_r1kh_resp_frame, nonce); - os_memset(&f, 0, sizeof(f)); - plain = ((u8 *) &f) + offsetof(struct ft_r0kh_r1kh_resp_frame, nonce); - /* aes_unwrap() does not support inplace decryption, so use a temporary - * buffer for the data. */ - if (aes_unwrap(r0kh->key, sizeof(r0kh->key), - (FT_R0KH_R1KH_RESP_DATA_LEN + 7) / 8, - crypt, plain) < 0) { - wpa_printf(MSG_DEBUG, "FT: Failed to decrypt PMK-R1 pull " - "response from " MACSTR, MAC2STR(src_addr)); - return -1; + ret = wpa_ft_rrb_rx_r1(wpa_auth, src_addr, FT_PACKET_R0KH_R1KH_RESP, + enc, enc_len, auth, auth_len, msgtype, s1kh_id, + no_defer ? NULL : &wpa_ft_rrb_rx_resp); + if (ret == -2) { + ret = 0; + nak = 1; + } else { + nak = 0; } - - if (os_memcmp_const(f.r1kh_id, wpa_auth->conf.r1_key_holder, - FT_R1KH_ID_LEN) != 0) { - wpa_printf(MSG_DEBUG, "FT: PMK-R1 pull response did not use a " - "matching R1KH-ID"); + if (ret < 0) return -1; - } - pairwise = le_to_host16(f.pairwise); - wpa_hexdump(MSG_DEBUG, "FT: PMK-R1 pull - nonce", - f.nonce, sizeof(f.nonce)); - wpa_printf(MSG_DEBUG, "FT: PMK-R1 pull - R1KH-ID=" MACSTR " S1KH-ID=" - MACSTR " pairwise=0x%x", - MAC2STR(f.r1kh_id), MAC2STR(f.s1kh_id), pairwise); - wpa_hexdump_key(MSG_DEBUG, "FT: PMK-R1 pull - PMK-R1", - f.pmk_r1, PMK_LEN); - wpa_hexdump(MSG_DEBUG, "FT: PMK-R1 pull - PMKR1Name", - f.pmk_r1_name, WPA_PMK_NAME_LEN); - - res = wpa_ft_store_pmk_r1(wpa_auth, f.s1kh_id, f.pmk_r1, f.pmk_r1_name, - pairwise); - wpa_printf(MSG_DEBUG, "FT: Look for pending pull request"); - wpa_auth_for_each_sta(wpa_auth, ft_pull_resp_cb, &f); - os_memset(f.pmk_r1, 0, PMK_LEN); + ctx.s1kh_id = s1kh_id; + if (wpa_auth_for_each_sta(wpa_auth, ft_get_sta_cb, &ctx)) { + wpa_printf(MSG_DEBUG, + "FT: Response to a pending pull request for " MACSTR, + MAC2STR(ctx.sm->addr)); + eloop_cancel_timeout(wpa_ft_expire_pull, ctx.sm, NULL); + if (nak) + ctx.sm->ft_pending_pull_left_retries = 0; + ft_finish_pull(ctx.sm); + } - return res ? 0 : -1; +out: + return ret; } static int wpa_ft_rrb_rx_push(struct wpa_authenticator *wpa_auth, const u8 *src_addr, - const u8 *data, size_t data_len) + const u8 *enc, size_t enc_len, + const u8 *auth, size_t auth_len, int no_defer) { - struct ft_r0kh_r1kh_push_frame f; - const u8 *crypt; - u8 *plain; - struct ft_remote_r0kh *r0kh; - struct os_time now; - os_time_t tsend; - int pairwise; + const char *msgtype = "push"; wpa_printf(MSG_DEBUG, "FT: Received PMK-R1 push"); - if (data_len < sizeof(f)) + if (wpa_ft_rrb_rx_r1(wpa_auth, src_addr, FT_PACKET_R0KH_R1KH_PUSH, + enc, enc_len, auth, auth_len, msgtype, NULL, + no_defer ? NULL : wpa_ft_rrb_rx_push) < 0) return -1; - r0kh = wpa_auth->conf.r0kh_list; - while (r0kh) { - if (os_memcmp(r0kh->addr, src_addr, ETH_ALEN) == 0) - break; - r0kh = r0kh->next; + return 0; +} + + +static int wpa_ft_rrb_rx_seq(struct wpa_authenticator *wpa_auth, + const u8 *src_addr, int type, + const u8 *enc, size_t enc_len, + const u8 *auth, size_t auth_len, + struct ft_remote_seq **rkh_seq, + u8 **key, size_t *key_len, + struct ft_remote_r0kh **r0kh_out, + struct ft_remote_r1kh **r1kh_out, + struct ft_remote_r0kh **r0kh_wildcard_out, + struct ft_remote_r1kh **r1kh_wildcard_out) +{ + struct ft_remote_r0kh *r0kh = NULL; + struct ft_remote_r1kh *r1kh = NULL; + const u8 *f_r0kh_id, *f_r1kh_id; + size_t f_r0kh_id_len, f_r1kh_id_len; + int to_r0kh, to_r1kh; + u8 *plain = NULL; + size_t plain_len = 0; + struct ft_remote_r0kh *r0kh_wildcard; + struct ft_remote_r1kh *r1kh_wildcard; + + RRB_GET_AUTH(FT_RRB_R0KH_ID, r0kh_id, "seq", -1); + RRB_GET_AUTH(FT_RRB_R1KH_ID, r1kh_id, "seq", FT_R1KH_ID_LEN); + + to_r0kh = !wpa_ft_rrb_check_r0kh(wpa_auth, f_r0kh_id, f_r0kh_id_len); + to_r1kh = !wpa_ft_rrb_check_r1kh(wpa_auth, f_r1kh_id); + + if (to_r0kh && to_r1kh) { + wpa_printf(MSG_DEBUG, "FT: seq - local R0KH-ID and R1KH-ID"); + goto out; } - if (r0kh == NULL) { - wpa_printf(MSG_DEBUG, "FT: No matching R0KH address found for " - "PMK-R0 push source address " MACSTR, - MAC2STR(src_addr)); - return -1; + + if (!to_r0kh && !to_r1kh) { + wpa_printf(MSG_DEBUG, "FT: seq - remote R0KH-ID and R1KH-ID"); + goto out; } - crypt = data + offsetof(struct ft_r0kh_r1kh_push_frame, timestamp); - os_memset(&f, 0, sizeof(f)); - plain = ((u8 *) &f) + offsetof(struct ft_r0kh_r1kh_push_frame, - timestamp); - /* aes_unwrap() does not support inplace decryption, so use a temporary - * buffer for the data. */ - if (aes_unwrap(r0kh->key, sizeof(r0kh->key), - (FT_R0KH_R1KH_PUSH_DATA_LEN + 7) / 8, - crypt, plain) < 0) { - wpa_printf(MSG_DEBUG, "FT: Failed to decrypt PMK-R1 push from " - MACSTR, MAC2STR(src_addr)); - return -1; + if (!to_r0kh) { + wpa_ft_rrb_lookup_r0kh(wpa_auth, f_r0kh_id, f_r0kh_id_len, + &r0kh, &r0kh_wildcard); + if (!r0kh_wildcard && + (!r0kh || os_memcmp(r0kh->addr, src_addr, ETH_ALEN) != 0)) { + wpa_hexdump(MSG_DEBUG, "FT: Did not find R0KH-ID", + f_r0kh_id, f_r0kh_id_len); + goto out; + } + if (r0kh) { + *key = r0kh->key; + *key_len = sizeof(r0kh->key); + } else { + *key = r0kh_wildcard->key; + *key_len = sizeof(r0kh_wildcard->key); + } } - os_get_time(&now); - tsend = WPA_GET_LE32(f.timestamp); - if ((now.sec > tsend && now.sec - tsend > 60) || - (now.sec < tsend && tsend - now.sec > 60)) { - wpa_printf(MSG_DEBUG, "FT: PMK-R1 push did not have a valid " - "timestamp: sender time %d own time %d\n", - (int) tsend, (int) now.sec); - return -1; + if (!to_r1kh) { + wpa_ft_rrb_lookup_r1kh(wpa_auth, f_r1kh_id, &r1kh, + &r1kh_wildcard); + if (!r1kh_wildcard && + (!r1kh || os_memcmp(r1kh->addr, src_addr, ETH_ALEN) != 0)) { + wpa_hexdump(MSG_DEBUG, "FT: Did not find R1KH-ID", + f_r1kh_id, FT_R1KH_ID_LEN); + goto out; + } + if (r1kh) { + *key = r1kh->key; + *key_len = sizeof(r1kh->key); + } else { + *key = r1kh_wildcard->key; + *key_len = sizeof(r1kh_wildcard->key); + } } - if (os_memcmp_const(f.r1kh_id, wpa_auth->conf.r1_key_holder, - FT_R1KH_ID_LEN) != 0) { - wpa_printf(MSG_DEBUG, "FT: PMK-R1 push did not use a matching " - "R1KH-ID (received " MACSTR " own " MACSTR ")", - MAC2STR(f.r1kh_id), - MAC2STR(wpa_auth->conf.r1_key_holder)); - return -1; + if (wpa_ft_rrb_decrypt(*key, *key_len, enc, enc_len, auth, auth_len, + src_addr, type, &plain, &plain_len) < 0) + goto out; + + os_free(plain); + + if (!to_r0kh) { + if (!r0kh) + r0kh = wpa_ft_rrb_add_r0kh(wpa_auth, r0kh_wildcard, + src_addr, f_r0kh_id, + f_r0kh_id_len, + ftRRBseqTimeout); + if (!r0kh) + goto out; + + wpa_ft_rrb_r0kh_replenish(wpa_auth, r0kh, ftRRBseqTimeout); + *rkh_seq = r0kh->seq; + if (r0kh_out) + *r0kh_out = r0kh; + if (r0kh_wildcard_out) + *r0kh_wildcard_out = r0kh_wildcard; + } + + if (!to_r1kh) { + if (!r1kh) + r1kh = wpa_ft_rrb_add_r1kh(wpa_auth, r1kh_wildcard, + src_addr, f_r1kh_id, + ftRRBseqTimeout); + if (!r1kh) + goto out; + + wpa_ft_rrb_r1kh_replenish(wpa_auth, r1kh, ftRRBseqTimeout); + *rkh_seq = r1kh->seq; + if (r1kh_out) + *r1kh_out = r1kh; + if (r1kh_wildcard_out) + *r1kh_wildcard_out = r1kh_wildcard; + } + + return 0; +out: + return -1; +} + + +static int wpa_ft_rrb_rx_seq_req(struct wpa_authenticator *wpa_auth, + const u8 *src_addr, + const u8 *enc, size_t enc_len, + const u8 *auth, size_t auth_len, + int no_defer) +{ + int ret = -1; + struct ft_rrb_seq f_seq; + const u8 *f_nonce, *f_r0kh_id, *f_r1kh_id; + size_t f_nonce_len, f_r0kh_id_len, f_r1kh_id_len; + struct ft_remote_seq *rkh_seq = NULL; + u8 *packet = NULL, *key = NULL; + size_t packet_len = 0, key_len = 0; + struct tlv_list seq_resp_auth[5]; + + wpa_printf(MSG_DEBUG, "FT: Received sequence number request"); + + if (wpa_ft_rrb_rx_seq(wpa_auth, src_addr, FT_PACKET_R0KH_R1KH_SEQ_REQ, + enc, enc_len, auth, auth_len, &rkh_seq, &key, + &key_len, NULL, NULL, NULL, NULL) < 0) + goto out; + + RRB_GET_AUTH(FT_RRB_NONCE, nonce, "seq request", FT_RRB_NONCE_LEN); + wpa_hexdump(MSG_DEBUG, "FT: seq request - nonce", f_nonce, f_nonce_len); + + RRB_GET_AUTH(FT_RRB_R0KH_ID, r0kh_id, "seq", -1); + RRB_GET_AUTH(FT_RRB_R1KH_ID, r1kh_id, "seq", FT_R1KH_ID_LEN); + + if (wpa_ft_new_seq(rkh_seq, &f_seq) < 0) { + wpa_printf(MSG_DEBUG, "FT: Failed to get seq num"); + goto out; + } + + seq_resp_auth[0].type = FT_RRB_NONCE; + seq_resp_auth[0].len = f_nonce_len; + seq_resp_auth[0].data = f_nonce; + seq_resp_auth[1].type = FT_RRB_SEQ; + seq_resp_auth[1].len = sizeof(f_seq); + seq_resp_auth[1].data = (u8 *) &f_seq; + seq_resp_auth[2].type = FT_RRB_R0KH_ID; + seq_resp_auth[2].len = f_r0kh_id_len; + seq_resp_auth[2].data = f_r0kh_id; + seq_resp_auth[3].type = FT_RRB_R1KH_ID; + seq_resp_auth[3].len = FT_R1KH_ID_LEN; + seq_resp_auth[3].data = f_r1kh_id; + seq_resp_auth[4].type = FT_RRB_LAST_EMPTY; + seq_resp_auth[4].len = 0; + seq_resp_auth[4].data = NULL; + + if (wpa_ft_rrb_build(key, key_len, NULL, NULL, seq_resp_auth, NULL, + wpa_auth->addr, FT_PACKET_R0KH_R1KH_SEQ_RESP, + &packet, &packet_len) < 0) + goto out; + + wpa_ft_rrb_oui_send(wpa_auth, src_addr, + FT_PACKET_R0KH_R1KH_SEQ_RESP, packet, + packet_len); + +out: + os_free(packet); + + return ret; +} + + +static int wpa_ft_rrb_rx_seq_resp(struct wpa_authenticator *wpa_auth, + const u8 *src_addr, + const u8 *enc, size_t enc_len, + const u8 *auth, size_t auth_len, + int no_defer) +{ + u8 *key = NULL; + size_t key_len = 0; + struct ft_remote_r0kh *r0kh = NULL, *r0kh_wildcard = NULL; + struct ft_remote_r1kh *r1kh = NULL, *r1kh_wildcard = NULL; + const u8 *f_nonce, *f_seq; + size_t f_nonce_len, f_seq_len; + struct ft_remote_seq *rkh_seq = NULL; + struct ft_remote_item *item; + struct os_reltime now, now_remote; + int seq_ret, found; + const struct ft_rrb_seq *msg_both; + u32 msg_dom, msg_seq; + + wpa_printf(MSG_DEBUG, "FT: Received sequence number response"); + + if (wpa_ft_rrb_rx_seq(wpa_auth, src_addr, FT_PACKET_R0KH_R1KH_SEQ_RESP, + enc, enc_len, auth, auth_len, &rkh_seq, &key, + &key_len, &r0kh, &r1kh, &r0kh_wildcard, + &r1kh_wildcard) < 0) + goto out; + + RRB_GET_AUTH(FT_RRB_NONCE, nonce, "seq response", FT_RRB_NONCE_LEN); + wpa_hexdump(MSG_DEBUG, "FT: seq response - nonce", f_nonce, + f_nonce_len); + + found = 0; + dl_list_for_each(item, &rkh_seq->rx.queue, struct ft_remote_item, + list) { + if (os_memcmp_const(f_nonce, item->nonce, + FT_RRB_NONCE_LEN) != 0 || + os_get_reltime(&now) < 0 || + os_reltime_expired(&now, &item->nonce_ts, ftRRBseqTimeout)) + continue; + + found = 1; + break; + } + if (!found) { + wpa_printf(MSG_DEBUG, "FT: seq response - bad nonce"); + goto out; } - pairwise = le_to_host16(f.pairwise); - wpa_printf(MSG_DEBUG, "FT: PMK-R1 push - R1KH-ID=" MACSTR " S1KH-ID=" - MACSTR " pairwise=0x%x", - MAC2STR(f.r1kh_id), MAC2STR(f.s1kh_id), pairwise); - wpa_hexdump_key(MSG_DEBUG, "FT: PMK-R1 push - PMK-R1", - f.pmk_r1, PMK_LEN); - wpa_hexdump(MSG_DEBUG, "FT: PMK-R1 push - PMKR1Name", - f.pmk_r1_name, WPA_PMK_NAME_LEN); + if (r0kh) { + wpa_ft_rrb_r0kh_replenish(wpa_auth, r0kh, + wpa_auth->conf.rkh_pos_timeout); + if (r0kh_wildcard) + os_memcpy(r0kh->addr, src_addr, ETH_ALEN); + } - wpa_ft_store_pmk_r1(wpa_auth, f.s1kh_id, f.pmk_r1, f.pmk_r1_name, - pairwise); - os_memset(f.pmk_r1, 0, PMK_LEN); + if (r1kh) { + wpa_ft_rrb_r1kh_replenish(wpa_auth, r1kh, + wpa_auth->conf.rkh_pos_timeout); + if (r1kh_wildcard) + os_memcpy(r1kh->addr, src_addr, ETH_ALEN); + } + + seq_ret = wpa_ft_rrb_seq_chk(rkh_seq, src_addr, enc, enc_len, auth, + auth_len, "seq response", 1); + if (seq_ret == FT_RRB_SEQ_OK) { + wpa_printf(MSG_DEBUG, "FT: seq response - valid seq number"); + wpa_ft_rrb_seq_accept(wpa_auth, rkh_seq, src_addr, auth, + auth_len, "seq response"); + } else { + wpa_printf(MSG_DEBUG, "FT: seq response - reset seq number"); + + RRB_GET_AUTH(FT_RRB_SEQ, seq, "seq response", + sizeof(*msg_both)); + msg_both = (const struct ft_rrb_seq *) f_seq; + + msg_dom = le_to_host32(msg_both->dom); + msg_seq = le_to_host32(msg_both->seq); + now_remote.sec = le_to_host32(msg_both->ts); + now_remote.usec = 0; + + rkh_seq->rx.num_last = 2; + rkh_seq->rx.dom = msg_dom; + rkh_seq->rx.offsetidx = 0; + /* Accept some older, possibly cached packets as well */ + rkh_seq->rx.last[0] = msg_seq - FT_REMOTE_SEQ_BACKLOG - + dl_list_len(&rkh_seq->rx.queue); + rkh_seq->rx.last[1] = msg_seq; + + /* local time - offset = remote time + * <=> local time - remote time = offset */ + os_reltime_sub(&now, &now_remote, &rkh_seq->rx.time_offset); + } + + wpa_ft_rrb_seq_flush(wpa_auth, rkh_seq, 1); return 0; +out: + return -1; } @@ -1642,13 +4215,6 @@ int wpa_ft_rrb_rx(struct wpa_authenticator *wpa_auth, const u8 *src_addr, return -1; } - if (frame->packet_type == FT_PACKET_R0KH_R1KH_PULL) - return wpa_ft_rrb_rx_pull(wpa_auth, src_addr, data, data_len); - if (frame->packet_type == FT_PACKET_R0KH_R1KH_RESP) - return wpa_ft_rrb_rx_resp(wpa_auth, src_addr, data, data_len); - if (frame->packet_type == FT_PACKET_R0KH_R1KH_PUSH) - return wpa_ft_rrb_rx_push(wpa_auth, src_addr, data, data_len); - wpa_hexdump(MSG_MSGDUMP, "FT: RRB - FT Action frame", pos, alen); if (alen < 1 + 1 + 2 * ETH_ALEN) { @@ -1726,65 +4292,137 @@ int wpa_ft_rrb_rx(struct wpa_authenticator *wpa_auth, const u8 *src_addr, } -static void wpa_ft_generate_pmk_r1(struct wpa_authenticator *wpa_auth, - struct wpa_ft_pmk_r0_sa *pmk_r0, - struct ft_remote_r1kh *r1kh, - const u8 *s1kh_id, int pairwise) -{ - struct ft_r0kh_r1kh_push_frame frame, f; - struct os_time now; - const u8 *plain; - u8 *crypt; - - os_memset(&frame, 0, sizeof(frame)); - frame.frame_type = RSN_REMOTE_FRAME_TYPE_FT_RRB; - frame.packet_type = FT_PACKET_R0KH_R1KH_PUSH; - frame.data_length = host_to_le16(FT_R0KH_R1KH_PUSH_DATA_LEN); - os_memcpy(frame.ap_address, wpa_auth->addr, ETH_ALEN); - - /* aes_wrap() does not support inplace encryption, so use a temporary - * buffer for the data. */ - os_memcpy(f.r1kh_id, r1kh->id, FT_R1KH_ID_LEN); - os_memcpy(f.s1kh_id, s1kh_id, ETH_ALEN); - os_memcpy(f.pmk_r0_name, pmk_r0->pmk_r0_name, WPA_PMK_NAME_LEN); - wpa_derive_pmk_r1(pmk_r0->pmk_r0, pmk_r0->pmk_r0_name, r1kh->id, - s1kh_id, f.pmk_r1, f.pmk_r1_name); - wpa_printf(MSG_DEBUG, "FT: R1KH-ID " MACSTR, MAC2STR(r1kh->id)); - wpa_hexdump_key(MSG_DEBUG, "FT: PMK-R1", f.pmk_r1, PMK_LEN); - wpa_hexdump(MSG_DEBUG, "FT: PMKR1Name", f.pmk_r1_name, - WPA_PMK_NAME_LEN); - os_get_time(&now); - WPA_PUT_LE32(f.timestamp, now.sec); - f.pairwise = host_to_le16(pairwise); - os_memset(f.pad, 0, sizeof(f.pad)); - plain = ((const u8 *) &f) + offsetof(struct ft_r0kh_r1kh_push_frame, - timestamp); - crypt = ((u8 *) &frame) + offsetof(struct ft_r0kh_r1kh_push_frame, - timestamp); - if (aes_wrap(r1kh->key, sizeof(r1kh->key), - (FT_R0KH_R1KH_PUSH_DATA_LEN + 7) / 8, - plain, crypt) < 0) +void wpa_ft_rrb_oui_rx(struct wpa_authenticator *wpa_auth, const u8 *src_addr, + const u8 *dst_addr, u8 oui_suffix, const u8 *data, + size_t data_len) +{ + const u8 *auth, *enc; + size_t alen, elen; + int no_defer = 0; + + wpa_printf(MSG_DEBUG, "FT: RRB-OUI received frame from remote AP " + MACSTR, MAC2STR(src_addr)); + wpa_printf(MSG_DEBUG, "FT: RRB-OUI frame - oui_suffix=%d", oui_suffix); + + if (is_multicast_ether_addr(src_addr)) { + wpa_printf(MSG_DEBUG, + "FT: RRB-OUI received frame from multicast address " + MACSTR, MAC2STR(src_addr)); return; + } + + if (is_multicast_ether_addr(dst_addr)) { + wpa_printf(MSG_DEBUG, + "FT: RRB-OUI received frame from remote AP " MACSTR + " to multicast address " MACSTR, + MAC2STR(src_addr), MAC2STR(dst_addr)); + no_defer = 1; + } + + if (data_len < sizeof(u16)) { + wpa_printf(MSG_DEBUG, "FT: RRB-OUI frame too short"); + return; + } - wpa_ft_rrb_send(wpa_auth, r1kh->addr, (u8 *) &frame, sizeof(frame)); + alen = WPA_GET_LE16(data); + if (data_len < sizeof(u16) + alen) { + wpa_printf(MSG_DEBUG, "FT: RRB-OUI frame too short"); + return; + } + + auth = data + sizeof(u16); + enc = data + sizeof(u16) + alen; + elen = data_len - sizeof(u16) - alen; + + switch (oui_suffix) { + case FT_PACKET_R0KH_R1KH_PULL: + wpa_ft_rrb_rx_pull(wpa_auth, src_addr, enc, elen, auth, alen, + no_defer); + break; + case FT_PACKET_R0KH_R1KH_RESP: + wpa_ft_rrb_rx_resp(wpa_auth, src_addr, enc, elen, auth, alen, + no_defer); + break; + case FT_PACKET_R0KH_R1KH_PUSH: + wpa_ft_rrb_rx_push(wpa_auth, src_addr, enc, elen, auth, alen, + no_defer); + break; + case FT_PACKET_R0KH_R1KH_SEQ_REQ: + wpa_ft_rrb_rx_seq_req(wpa_auth, src_addr, enc, elen, auth, alen, + no_defer); + break; + case FT_PACKET_R0KH_R1KH_SEQ_RESP: + wpa_ft_rrb_rx_seq_resp(wpa_auth, src_addr, enc, elen, auth, + alen, no_defer); + break; + } +} + + +static int wpa_ft_generate_pmk_r1(struct wpa_authenticator *wpa_auth, + struct wpa_ft_pmk_r0_sa *pmk_r0, + struct ft_remote_r1kh *r1kh, + const u8 *s1kh_id) +{ + u8 *packet; + size_t packet_len; + struct ft_rrb_seq f_seq; + struct tlv_list push[] = { + { .type = FT_RRB_S1KH_ID, .len = ETH_ALEN, + .data = s1kh_id }, + { .type = FT_RRB_PMK_R0_NAME, .len = WPA_PMK_NAME_LEN, + .data = pmk_r0->pmk_r0_name }, + { .type = FT_RRB_LAST_EMPTY, .len = 0, .data = NULL }, + }; + struct tlv_list push_auth[] = { + { .type = FT_RRB_SEQ, .len = sizeof(f_seq), + .data = (u8 *) &f_seq }, + { .type = FT_RRB_R0KH_ID, + .len = wpa_auth->conf.r0_key_holder_len, + .data = wpa_auth->conf.r0_key_holder }, + { .type = FT_RRB_R1KH_ID, .len = FT_R1KH_ID_LEN, + .data = r1kh->id }, + { .type = FT_RRB_LAST_EMPTY, .len = 0, .data = NULL }, + }; + + if (wpa_ft_new_seq(r1kh->seq, &f_seq) < 0) { + wpa_printf(MSG_DEBUG, "FT: Failed to get seq num"); + return -1; + } + + if (wpa_ft_rrb_build_r0(r1kh->key, sizeof(r1kh->key), push, pmk_r0, + r1kh->id, s1kh_id, push_auth, wpa_auth->addr, + FT_PACKET_R0KH_R1KH_PUSH, + &packet, &packet_len) < 0) + return -1; + + wpa_ft_rrb_oui_send(wpa_auth, r1kh->addr, FT_PACKET_R0KH_R1KH_PUSH, + packet, packet_len); + + os_free(packet); + return 0; } void wpa_ft_push_pmk_r1(struct wpa_authenticator *wpa_auth, const u8 *addr) { - struct wpa_ft_pmk_r0_sa *r0; + struct wpa_ft_pmk_cache *cache = wpa_auth->ft_pmk_cache; + struct wpa_ft_pmk_r0_sa *r0, *r0found = NULL; struct ft_remote_r1kh *r1kh; if (!wpa_auth->conf.pmk_r1_push) return; + if (!wpa_auth->conf.r1kh_list) + return; - r0 = wpa_auth->ft_pmk_cache->pmk_r0; - while (r0) { - if (os_memcmp(r0->spa, addr, ETH_ALEN) == 0) + dl_list_for_each(r0, &cache->pmk_r0, struct wpa_ft_pmk_r0_sa, list) { + if (os_memcmp(r0->spa, addr, ETH_ALEN) == 0) { + r0found = r0; break; - r0 = r0->next; + } } + r0 = r0found; if (r0 == NULL || r0->pmk_r1_pushed) return; r0->pmk_r1_pushed = 1; @@ -1792,11 +4430,14 @@ void wpa_ft_push_pmk_r1(struct wpa_authenticator *wpa_auth, const u8 *addr) wpa_printf(MSG_DEBUG, "FT: Deriving and pushing PMK-R1 keys to R1KHs " "for STA " MACSTR, MAC2STR(addr)); - r1kh = wpa_auth->conf.r1kh_list; - while (r1kh) { - wpa_ft_generate_pmk_r1(wpa_auth, r0, r1kh, addr, r0->pairwise); - r1kh = r1kh->next; + for (r1kh = *wpa_auth->conf.r1kh_list; r1kh; r1kh = r1kh->next) { + if (is_zero_ether_addr(r1kh->addr) || + is_zero_ether_addr(r1kh->id)) + continue; + if (wpa_ft_rrb_init_r1kh_seq(r1kh) < 0) + continue; + wpa_ft_generate_pmk_r1(wpa_auth, r0, r1kh, addr); } } -#endif /* CONFIG_IEEE80211R */ +#endif /* CONFIG_IEEE80211R_AP */ diff --git a/contrib/wpa/src/ap/wpa_auth_glue.c b/contrib/wpa/src/ap/wpa_auth_glue.c index 21424147e443..812740301c8b 100644 --- a/contrib/wpa/src/ap/wpa_auth_glue.c +++ b/contrib/wpa/src/ap/wpa_auth_glue.c @@ -9,6 +9,8 @@ #include "utils/includes.h" #include "utils/common.h" +#include "utils/eloop.h" +#include "utils/list.h" #include "common/ieee802_11_defs.h" #include "common/sae.h" #include "common/wpa_ctrl.h" @@ -17,6 +19,7 @@ #include "eapol_auth/eapol_auth_sm_i.h" #include "eap_server/eap.h" #include "l2_packet/l2_packet.h" +#include "eth_p_oui.h" #include "hostapd.h" #include "ieee802_1x.h" #include "preauth_auth.h" @@ -24,6 +27,7 @@ #include "tkip_countermeasures.h" #include "ap_drv_ops.h" #include "ap_config.h" +#include "pmksa_cache_auth.h" #include "wpa_auth.h" #include "wpa_auth_glue.h" @@ -41,10 +45,13 @@ static void hostapd_wpa_auth_conf(struct hostapd_bss_config *conf, wconf->wpa_strict_rekey = conf->wpa_strict_rekey; wconf->wpa_gmk_rekey = conf->wpa_gmk_rekey; wconf->wpa_ptk_rekey = conf->wpa_ptk_rekey; + wconf->wpa_group_update_count = conf->wpa_group_update_count; + wconf->wpa_disable_eapol_key_retries = + conf->wpa_disable_eapol_key_retries; + wconf->wpa_pairwise_update_count = conf->wpa_pairwise_update_count; wconf->rsn_pairwise = conf->rsn_pairwise; wconf->rsn_preauth = conf->rsn_preauth; wconf->eapol_version = conf->eapol_version; - wconf->peerkey = conf->peerkey; wconf->wmm_enabled = conf->wmm_enabled; wconf->wmm_uapsd = conf->wmm_uapsd; wconf->disable_pmksa_caching = conf->disable_pmksa_caching; @@ -52,8 +59,9 @@ static void hostapd_wpa_auth_conf(struct hostapd_bss_config *conf, #ifdef CONFIG_IEEE80211W wconf->ieee80211w = conf->ieee80211w; wconf->group_mgmt_cipher = conf->group_mgmt_cipher; + wconf->sae_require_mfp = conf->sae_require_mfp; #endif /* CONFIG_IEEE80211W */ -#ifdef CONFIG_IEEE80211R +#ifdef CONFIG_IEEE80211R_AP wconf->ssid_len = conf->ssid.ssid_len; if (wconf->ssid_len > SSID_MAX_LEN) wconf->ssid_len = SSID_MAX_LEN; @@ -68,12 +76,18 @@ static void hostapd_wpa_auth_conf(struct hostapd_bss_config *conf, } os_memcpy(wconf->r1_key_holder, conf->r1_key_holder, FT_R1KH_ID_LEN); wconf->r0_key_lifetime = conf->r0_key_lifetime; + wconf->r1_max_key_lifetime = conf->r1_max_key_lifetime; wconf->reassociation_deadline = conf->reassociation_deadline; - wconf->r0kh_list = conf->r0kh_list; - wconf->r1kh_list = conf->r1kh_list; + wconf->rkh_pos_timeout = conf->rkh_pos_timeout; + wconf->rkh_neg_timeout = conf->rkh_neg_timeout; + wconf->rkh_pull_timeout = conf->rkh_pull_timeout; + wconf->rkh_pull_retries = conf->rkh_pull_retries; + wconf->r0kh_list = &conf->r0kh_list; + wconf->r1kh_list = &conf->r1kh_list; wconf->pmk_r1_push = conf->pmk_r1_push; wconf->ft_over_ds = conf->ft_over_ds; -#endif /* CONFIG_IEEE80211R */ + wconf->ft_psk_generate_local = conf->ft_psk_generate_local; +#endif /* CONFIG_IEEE80211R_AP */ #ifdef CONFIG_HS20 wconf->disable_gtk = conf->disable_dgaf; if (conf->osen) { @@ -107,6 +121,11 @@ static void hostapd_wpa_auth_conf(struct hostapd_bss_config *conf, os_memcpy(wconf->ip_addr_start, conf->ip_addr_start, 4); os_memcpy(wconf->ip_addr_end, conf->ip_addr_end, 4); #endif /* CONFIG_P2P */ +#ifdef CONFIG_FILS + wconf->fils_cache_id_set = conf->fils_cache_id_set; + os_memcpy(wconf->fils_cache_id, conf->fils_cache_id, + FILS_CACHE_ID_LEN); +#endif /* CONFIG_FILS */ } @@ -223,20 +242,47 @@ static int hostapd_wpa_auth_get_eapol(void *ctx, const u8 *addr, static const u8 * hostapd_wpa_auth_get_psk(void *ctx, const u8 *addr, const u8 *p2p_dev_addr, - const u8 *prev_psk) + const u8 *prev_psk, size_t *psk_len) { struct hostapd_data *hapd = ctx; struct sta_info *sta = ap_get_sta(hapd, addr); const u8 *psk; + if (psk_len) + *psk_len = PMK_LEN; + #ifdef CONFIG_SAE if (sta && sta->auth_alg == WLAN_AUTH_SAE) { if (!sta->sae || prev_psk) return NULL; return sta->sae->pmk; } + if (sta && wpa_auth_uses_sae(sta->wpa_sm)) { + wpa_printf(MSG_DEBUG, + "No PSK for STA trying to use SAE with PMKSA caching"); + return NULL; + } #endif /* CONFIG_SAE */ +#ifdef CONFIG_OWE + if ((hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_OWE) && + sta && sta->owe_pmk) { + if (psk_len) + *psk_len = sta->owe_pmk_len; + return sta->owe_pmk; + } + if ((hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_OWE) && sta) { + struct rsn_pmksa_cache_entry *sa; + + sa = wpa_auth_sta_get_pmksa(sta->wpa_sm); + if (sa && sa->akmp == WPA_KEY_MGMT_OWE) { + if (psk_len) + *psk_len = sa->pmk_len; + return sa->pmk; + } + } +#endif /* CONFIG_OWE */ + psk = hostapd_get_psk(hapd->conf, addr, p2p_dev_addr, prev_psk); /* * This is about to iterate over all psks, prev_psk gives the last @@ -307,6 +353,37 @@ static int hostapd_wpa_auth_set_key(void *ctx, int vlan_id, enum wpa_alg alg, return -1; } +#ifdef CONFIG_TESTING_OPTIONS + if (addr && !is_broadcast_ether_addr(addr)) { + struct sta_info *sta; + + sta = ap_get_sta(hapd, addr); + if (sta) { + sta->last_tk_alg = alg; + sta->last_tk_key_idx = idx; + if (key) + os_memcpy(sta->last_tk, key, key_len); + sta->last_tk_len = key_len; + } +#ifdef CONFIG_IEEE80211W + } else if (alg == WPA_ALG_IGTK || + alg == WPA_ALG_BIP_GMAC_128 || + alg == WPA_ALG_BIP_GMAC_256 || + alg == WPA_ALG_BIP_CMAC_256) { + hapd->last_igtk_alg = alg; + hapd->last_igtk_key_idx = idx; + if (key) + os_memcpy(hapd->last_igtk, key, key_len); + hapd->last_igtk_len = key_len; +#endif /* CONFIG_IEEE80211W */ + } else { + hapd->last_gtk_alg = alg; + hapd->last_gtk_key_idx = idx; + if (key) + os_memcpy(hapd->last_gtk, key, key_len); + hapd->last_gtk_len = key_len; + } +#endif /* CONFIG_TESTING_OPTIONS */ return hostapd_drv_set_key(ifname, hapd, alg, addr, idx, 1, NULL, 0, key, key_len); } @@ -401,7 +478,32 @@ static int hostapd_wpa_auth_for_each_auth( } -#ifdef CONFIG_IEEE80211R +#ifdef CONFIG_IEEE80211R_AP + +struct wpa_ft_rrb_rx_later_data { + struct dl_list list; + u8 addr[ETH_ALEN]; + size_t data_len; + /* followed by data_len octets of data */ +}; + +static void hostapd_wpa_ft_rrb_rx_later(void *eloop_ctx, void *timeout_ctx) +{ + struct hostapd_data *hapd = eloop_ctx; + struct wpa_ft_rrb_rx_later_data *data, *n; + + dl_list_for_each_safe(data, n, &hapd->l2_queue, + struct wpa_ft_rrb_rx_later_data, list) { + if (hapd->wpa_auth) { + wpa_ft_rrb_rx(hapd->wpa_auth, data->addr, + (const u8 *) (data + 1), + data->data_len); + } + dl_list_del(&data->list); + os_free(data); + } +} + struct wpa_auth_ft_iface_iter_data { struct hostapd_data *src_hapd; @@ -414,33 +516,54 @@ struct wpa_auth_ft_iface_iter_data { static int hostapd_wpa_auth_ft_iter(struct hostapd_iface *iface, void *ctx) { struct wpa_auth_ft_iface_iter_data *idata = ctx; + struct wpa_ft_rrb_rx_later_data *data; struct hostapd_data *hapd; size_t j; for (j = 0; j < iface->num_bss; j++) { hapd = iface->bss[j]; - if (hapd == idata->src_hapd) - continue; - if (!hapd->wpa_auth) + if (hapd == idata->src_hapd || + !hapd->wpa_auth || + os_memcmp(hapd->own_addr, idata->dst, ETH_ALEN) != 0) continue; - if (os_memcmp(hapd->own_addr, idata->dst, ETH_ALEN) == 0) { - wpa_printf(MSG_DEBUG, "FT: Send RRB data directly to " - "locally managed BSS " MACSTR "@%s -> " - MACSTR "@%s", - MAC2STR(idata->src_hapd->own_addr), - idata->src_hapd->conf->iface, - MAC2STR(hapd->own_addr), hapd->conf->iface); - wpa_ft_rrb_rx(hapd->wpa_auth, - idata->src_hapd->own_addr, - idata->data, idata->data_len); + + wpa_printf(MSG_DEBUG, + "FT: Send RRB data directly to locally managed BSS " + MACSTR "@%s -> " MACSTR "@%s", + MAC2STR(idata->src_hapd->own_addr), + idata->src_hapd->conf->iface, + MAC2STR(hapd->own_addr), hapd->conf->iface); + + /* Defer wpa_ft_rrb_rx() until next eloop step as this is + * when it would be triggered when reading from a socket. + * This avoids + * hapd0:send -> hapd1:recv -> hapd1:send -> hapd0:recv, + * that is calling hapd0:recv handler from within + * hapd0:send directly. + */ + data = os_zalloc(sizeof(*data) + idata->data_len); + if (!data) return 1; - } + + os_memcpy(data->addr, idata->src_hapd->own_addr, ETH_ALEN); + os_memcpy(data + 1, idata->data, idata->data_len); + data->data_len = idata->data_len; + + dl_list_add(&hapd->l2_queue, &data->list); + + if (!eloop_is_timeout_registered(hostapd_wpa_ft_rrb_rx_later, + hapd, NULL)) + eloop_register_timeout(0, 0, + hostapd_wpa_ft_rrb_rx_later, + hapd, NULL); + + return 1; } return 0; } -#endif /* CONFIG_IEEE80211R */ +#endif /* CONFIG_IEEE80211R_AP */ static int hostapd_wpa_auth_send_ether(void *ctx, const u8 *dst, u16 proto, @@ -465,7 +588,7 @@ static int hostapd_wpa_auth_send_ether(void *ctx, const u8 *dst, u16 proto, } #endif /* CONFIG_TESTING_OPTIONS */ -#ifdef CONFIG_IEEE80211R +#ifdef CONFIG_IEEE80211R_AP if (proto == ETH_P_RRB && hapd->iface->interfaces && hapd->iface->interfaces->for_each_interface) { int res; @@ -480,7 +603,7 @@ static int hostapd_wpa_auth_send_ether(void *ctx, const u8 *dst, u16 proto, if (res == 1) return data_len; } -#endif /* CONFIG_IEEE80211R */ +#endif /* CONFIG_IEEE80211R_AP */ if (hapd->driver && hapd->driver->send_ether) return hapd->driver->send_ether(hapd->drv_priv, dst, @@ -503,7 +626,157 @@ static int hostapd_wpa_auth_send_ether(void *ctx, const u8 *dst, u16 proto, } -#ifdef CONFIG_IEEE80211R +#ifdef CONFIG_ETH_P_OUI +static struct eth_p_oui_ctx * hostapd_wpa_get_oui(struct hostapd_data *hapd, + u8 oui_suffix) +{ + switch (oui_suffix) { +#ifdef CONFIG_IEEE80211R_AP + case FT_PACKET_R0KH_R1KH_PULL: + return hapd->oui_pull; + case FT_PACKET_R0KH_R1KH_RESP: + return hapd->oui_resp; + case FT_PACKET_R0KH_R1KH_PUSH: + return hapd->oui_push; + case FT_PACKET_R0KH_R1KH_SEQ_REQ: + return hapd->oui_sreq; + case FT_PACKET_R0KH_R1KH_SEQ_RESP: + return hapd->oui_sresp; +#endif /* CONFIG_IEEE80211R_AP */ + default: + return NULL; + } +} +#endif /* CONFIG_ETH_P_OUI */ + + +#ifdef CONFIG_IEEE80211R_AP + +struct oui_deliver_later_data { + struct dl_list list; + u8 src_addr[ETH_ALEN]; + u8 dst_addr[ETH_ALEN]; + size_t data_len; + u8 oui_suffix; + /* followed by data_len octets of data */ +}; + +static void hostapd_oui_deliver_later(void *eloop_ctx, void *timeout_ctx) +{ + struct hostapd_data *hapd = eloop_ctx; + struct oui_deliver_later_data *data, *n; + struct eth_p_oui_ctx *oui_ctx; + + dl_list_for_each_safe(data, n, &hapd->l2_oui_queue, + struct oui_deliver_later_data, list) { + oui_ctx = hostapd_wpa_get_oui(hapd, data->oui_suffix); + if (hapd->wpa_auth && oui_ctx) { + eth_p_oui_deliver(oui_ctx, data->src_addr, + data->dst_addr, + (const u8 *) (data + 1), + data->data_len); + } + dl_list_del(&data->list); + os_free(data); + } +} + + +struct wpa_auth_oui_iface_iter_data { + struct hostapd_data *src_hapd; + const u8 *dst_addr; + const u8 *data; + size_t data_len; + u8 oui_suffix; +}; + +static int hostapd_wpa_auth_oui_iter(struct hostapd_iface *iface, void *ctx) +{ + struct wpa_auth_oui_iface_iter_data *idata = ctx; + struct oui_deliver_later_data *data; + struct hostapd_data *hapd; + size_t j; + + for (j = 0; j < iface->num_bss; j++) { + hapd = iface->bss[j]; + if (hapd == idata->src_hapd) + continue; + if (!is_multicast_ether_addr(idata->dst_addr) && + os_memcmp(hapd->own_addr, idata->dst_addr, ETH_ALEN) != 0) + continue; + + /* defer eth_p_oui_deliver until next eloop step as this is + * when it would be triggerd from reading from sock + * This avoids + * hapd0:send -> hapd1:recv -> hapd1:send -> hapd0:recv, + * that is calling hapd0:recv handler from within + * hapd0:send directly. + */ + data = os_zalloc(sizeof(*data) + idata->data_len); + if (!data) + return 1; + + os_memcpy(data->src_addr, idata->src_hapd->own_addr, ETH_ALEN); + os_memcpy(data->dst_addr, idata->dst_addr, ETH_ALEN); + os_memcpy(data + 1, idata->data, idata->data_len); + data->data_len = idata->data_len; + data->oui_suffix = idata->oui_suffix; + + dl_list_add(&hapd->l2_oui_queue, &data->list); + + if (!eloop_is_timeout_registered(hostapd_oui_deliver_later, + hapd, NULL)) + eloop_register_timeout(0, 0, + hostapd_oui_deliver_later, + hapd, NULL); + + return 1; + } + + return 0; +} + +#endif /* CONFIG_IEEE80211R_AP */ + + +static int hostapd_wpa_auth_send_oui(void *ctx, const u8 *dst, u8 oui_suffix, + const u8 *data, size_t data_len) +{ +#ifdef CONFIG_ETH_P_OUI + struct hostapd_data *hapd = ctx; + struct eth_p_oui_ctx *oui_ctx; + +#ifdef CONFIG_IEEE80211R_AP + if (hapd->iface->interfaces && + hapd->iface->interfaces->for_each_interface) { + struct wpa_auth_oui_iface_iter_data idata; + int res; + + idata.src_hapd = hapd; + idata.dst_addr = dst; + idata.data = data; + idata.data_len = data_len; + idata.oui_suffix = oui_suffix; + res = hapd->iface->interfaces->for_each_interface( + hapd->iface->interfaces, hostapd_wpa_auth_oui_iter, + &idata); + if (res == 1) + return data_len; + } +#endif /* CONFIG_IEEE80211R_AP */ + + oui_ctx = hostapd_wpa_get_oui(hapd, oui_suffix); + if (!oui_ctx) + return -1; + + return eth_p_oui_send(oui_ctx, hapd->own_addr, dst, data, data_len); +#else /* CONFIG_ETH_P_OUI */ + return -1; +#endif /* CONFIG_ETH_P_OUI */ +} + + +#ifdef CONFIG_IEEE80211R_AP static int hostapd_wpa_auth_send_ft_action(void *ctx, const u8 *dst, const u8 *data, size_t data_len) @@ -563,6 +836,244 @@ hostapd_wpa_auth_add_sta(void *ctx, const u8 *sta_addr) } +static int hostapd_wpa_auth_set_vlan(void *ctx, const u8 *sta_addr, + struct vlan_description *vlan) +{ + struct hostapd_data *hapd = ctx; + struct sta_info *sta; + + sta = ap_get_sta(hapd, sta_addr); + if (!sta || !sta->wpa_sm) + return -1; + + if (vlan->notempty && + !hostapd_vlan_valid(hapd->conf->vlan, vlan)) { + hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, + HOSTAPD_LEVEL_INFO, + "Invalid VLAN %d%s received from FT", + vlan->untagged, vlan->tagged[0] ? "+" : ""); + return -1; + } + + if (ap_sta_set_vlan(hapd, sta, vlan) < 0) + return -1; + /* Configure wpa_group for GTK but ignore error due to driver not + * knowing this STA. */ + ap_sta_bind_vlan(hapd, sta); + + if (sta->vlan_id) + hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, + HOSTAPD_LEVEL_INFO, "VLAN ID %d", sta->vlan_id); + + return 0; +} + + +static int hostapd_wpa_auth_get_vlan(void *ctx, const u8 *sta_addr, + struct vlan_description *vlan) +{ + struct hostapd_data *hapd = ctx; + struct sta_info *sta; + + sta = ap_get_sta(hapd, sta_addr); + if (!sta) + return -1; + + if (sta->vlan_desc) + *vlan = *sta->vlan_desc; + else + os_memset(vlan, 0, sizeof(*vlan)); + + return 0; +} + + +static int +hostapd_wpa_auth_set_identity(void *ctx, const u8 *sta_addr, + const u8 *identity, size_t identity_len) +{ + struct hostapd_data *hapd = ctx; + struct sta_info *sta; + + sta = ap_get_sta(hapd, sta_addr); + if (!sta) + return -1; + + os_free(sta->identity); + sta->identity = NULL; + + if (sta->eapol_sm) { + os_free(sta->eapol_sm->identity); + sta->eapol_sm->identity = NULL; + sta->eapol_sm->identity_len = 0; + } + + if (!identity_len) + return 0; + + /* sta->identity is NULL terminated */ + sta->identity = os_zalloc(identity_len + 1); + if (!sta->identity) + return -1; + os_memcpy(sta->identity, identity, identity_len); + + if (sta->eapol_sm) { + sta->eapol_sm->identity = os_zalloc(identity_len); + if (!sta->eapol_sm->identity) + return -1; + os_memcpy(sta->eapol_sm->identity, identity, identity_len); + sta->eapol_sm->identity_len = identity_len; + } + + return 0; +} + + +static size_t +hostapd_wpa_auth_get_identity(void *ctx, const u8 *sta_addr, const u8 **buf) +{ + struct hostapd_data *hapd = ctx; + struct sta_info *sta; + size_t len; + char *identity; + + sta = ap_get_sta(hapd, sta_addr); + if (!sta) + return 0; + + *buf = ieee802_1x_get_identity(sta->eapol_sm, &len); + if (*buf && len) + return len; + + if (!sta->identity) { + *buf = NULL; + return 0; + } + + identity = sta->identity; + len = os_strlen(identity); + *buf = (u8 *) identity; + + return len; +} + + +static int +hostapd_wpa_auth_set_radius_cui(void *ctx, const u8 *sta_addr, + const u8 *radius_cui, size_t radius_cui_len) +{ + struct hostapd_data *hapd = ctx; + struct sta_info *sta; + + sta = ap_get_sta(hapd, sta_addr); + if (!sta) + return -1; + + os_free(sta->radius_cui); + sta->radius_cui = NULL; + + if (sta->eapol_sm) { + wpabuf_free(sta->eapol_sm->radius_cui); + sta->eapol_sm->radius_cui = NULL; + } + + if (!radius_cui) + return 0; + + /* sta->radius_cui is NULL terminated */ + sta->radius_cui = os_zalloc(radius_cui_len + 1); + if (!sta->radius_cui) + return -1; + os_memcpy(sta->radius_cui, radius_cui, radius_cui_len); + + if (sta->eapol_sm) { + sta->eapol_sm->radius_cui = wpabuf_alloc_copy(radius_cui, + radius_cui_len); + if (!sta->eapol_sm->radius_cui) + return -1; + } + + return 0; +} + + +static size_t +hostapd_wpa_auth_get_radius_cui(void *ctx, const u8 *sta_addr, const u8 **buf) +{ + struct hostapd_data *hapd = ctx; + struct sta_info *sta; + struct wpabuf *b; + size_t len; + char *radius_cui; + + sta = ap_get_sta(hapd, sta_addr); + if (!sta) + return 0; + + b = ieee802_1x_get_radius_cui(sta->eapol_sm); + if (b) { + len = wpabuf_len(b); + *buf = wpabuf_head(b); + return len; + } + + if (!sta->radius_cui) { + *buf = NULL; + return 0; + } + + radius_cui = sta->radius_cui; + len = os_strlen(radius_cui); + *buf = (u8 *) radius_cui; + + return len; +} + + +static void hostapd_wpa_auth_set_session_timeout(void *ctx, const u8 *sta_addr, + int session_timeout) +{ + struct hostapd_data *hapd = ctx; + struct sta_info *sta; + + sta = ap_get_sta(hapd, sta_addr); + if (!sta) + return; + + if (session_timeout) { + os_get_reltime(&sta->session_timeout); + sta->session_timeout.sec += session_timeout; + sta->session_timeout_set = 1; + ap_sta_session_timeout(hapd, sta, session_timeout); + } else { + sta->session_timeout_set = 0; + ap_sta_no_session_timeout(hapd, sta); + } +} + + +static int hostapd_wpa_auth_get_session_timeout(void *ctx, const u8 *sta_addr) +{ + struct hostapd_data *hapd = ctx; + struct sta_info *sta; + struct os_reltime now, remaining; + + sta = ap_get_sta(hapd, sta_addr); + if (!sta || !sta->session_timeout_set) + return 0; + + os_get_reltime(&now); + if (os_reltime_before(&sta->session_timeout, &now)) { + /* already expired, return >0 as timeout was set */ + return 1; + } + + os_reltime_sub(&sta->session_timeout, &now, &remaining); + + return (remaining.sec > 0) ? remaining.sec : 1; +} + + static void hostapd_rrb_receive(void *ctx, const u8 *src_addr, const u8 *buf, size_t len) { @@ -581,6 +1092,22 @@ static void hostapd_rrb_receive(void *ctx, const u8 *src_addr, const u8 *buf, } +static void hostapd_rrb_oui_receive(void *ctx, const u8 *src_addr, + const u8 *dst_addr, u8 oui_suffix, + const u8 *buf, size_t len) +{ + struct hostapd_data *hapd = ctx; + + wpa_printf(MSG_DEBUG, "FT: RRB received packet " MACSTR " -> " + MACSTR, MAC2STR(src_addr), MAC2STR(dst_addr)); + if (!is_multicast_ether_addr(dst_addr) && + os_memcmp(hapd->own_addr, dst_addr, ETH_ALEN) != 0) + return; + wpa_ft_rrb_oui_rx(hapd->wpa_auth, src_addr, dst_addr, oui_suffix, buf, + len); +} + + static int hostapd_wpa_auth_add_tspec(void *ctx, const u8 *sta_addr, u8 *tspec_ie, size_t tspec_ielen) { @@ -588,13 +1115,94 @@ static int hostapd_wpa_auth_add_tspec(void *ctx, const u8 *sta_addr, return hostapd_add_tspec(hapd, sta_addr, tspec_ie, tspec_ielen); } -#endif /* CONFIG_IEEE80211R */ + + +static int hostapd_wpa_register_ft_oui(struct hostapd_data *hapd, + const char *ft_iface) +{ + hapd->oui_pull = eth_p_oui_register(hapd, ft_iface, + FT_PACKET_R0KH_R1KH_PULL, + hostapd_rrb_oui_receive, hapd); + if (!hapd->oui_pull) + return -1; + + hapd->oui_resp = eth_p_oui_register(hapd, ft_iface, + FT_PACKET_R0KH_R1KH_RESP, + hostapd_rrb_oui_receive, hapd); + if (!hapd->oui_resp) + return -1; + + hapd->oui_push = eth_p_oui_register(hapd, ft_iface, + FT_PACKET_R0KH_R1KH_PUSH, + hostapd_rrb_oui_receive, hapd); + if (!hapd->oui_push) + return -1; + + hapd->oui_sreq = eth_p_oui_register(hapd, ft_iface, + FT_PACKET_R0KH_R1KH_SEQ_REQ, + hostapd_rrb_oui_receive, hapd); + if (!hapd->oui_sreq) + return -1; + + hapd->oui_sresp = eth_p_oui_register(hapd, ft_iface, + FT_PACKET_R0KH_R1KH_SEQ_RESP, + hostapd_rrb_oui_receive, hapd); + if (!hapd->oui_sresp) + return -1; + + return 0; +} + + +static void hostapd_wpa_unregister_ft_oui(struct hostapd_data *hapd) +{ + eth_p_oui_unregister(hapd->oui_pull); + hapd->oui_pull = NULL; + eth_p_oui_unregister(hapd->oui_resp); + hapd->oui_resp = NULL; + eth_p_oui_unregister(hapd->oui_push); + hapd->oui_push = NULL; + eth_p_oui_unregister(hapd->oui_sreq); + hapd->oui_sreq = NULL; + eth_p_oui_unregister(hapd->oui_sresp); + hapd->oui_sresp = NULL; +} +#endif /* CONFIG_IEEE80211R_AP */ int hostapd_setup_wpa(struct hostapd_data *hapd) { struct wpa_auth_config _conf; - struct wpa_auth_callbacks cb; + static const struct wpa_auth_callbacks cb = { + .logger = hostapd_wpa_auth_logger, + .disconnect = hostapd_wpa_auth_disconnect, + .mic_failure_report = hostapd_wpa_auth_mic_failure_report, + .psk_failure_report = hostapd_wpa_auth_psk_failure_report, + .set_eapol = hostapd_wpa_auth_set_eapol, + .get_eapol = hostapd_wpa_auth_get_eapol, + .get_psk = hostapd_wpa_auth_get_psk, + .get_msk = hostapd_wpa_auth_get_msk, + .set_key = hostapd_wpa_auth_set_key, + .get_seqnum = hostapd_wpa_auth_get_seqnum, + .send_eapol = hostapd_wpa_auth_send_eapol, + .for_each_sta = hostapd_wpa_auth_for_each_sta, + .for_each_auth = hostapd_wpa_auth_for_each_auth, + .send_ether = hostapd_wpa_auth_send_ether, + .send_oui = hostapd_wpa_auth_send_oui, +#ifdef CONFIG_IEEE80211R_AP + .send_ft_action = hostapd_wpa_auth_send_ft_action, + .add_sta = hostapd_wpa_auth_add_sta, + .add_tspec = hostapd_wpa_auth_add_tspec, + .set_vlan = hostapd_wpa_auth_set_vlan, + .get_vlan = hostapd_wpa_auth_get_vlan, + .set_identity = hostapd_wpa_auth_set_identity, + .get_identity = hostapd_wpa_auth_get_identity, + .set_radius_cui = hostapd_wpa_auth_set_radius_cui, + .get_radius_cui = hostapd_wpa_auth_get_radius_cui, + .set_session_timeout = hostapd_wpa_auth_set_session_timeout, + .get_session_timeout = hostapd_wpa_auth_get_session_timeout, +#endif /* CONFIG_IEEE80211R_AP */ + }; const u8 *wpa_ie; size_t wpa_ie_len; @@ -603,28 +1211,7 @@ int hostapd_setup_wpa(struct hostapd_data *hapd) _conf.tx_status = 1; if (hapd->iface->drv_flags & WPA_DRIVER_FLAGS_AP_MLME) _conf.ap_mlme = 1; - os_memset(&cb, 0, sizeof(cb)); - cb.ctx = hapd; - cb.logger = hostapd_wpa_auth_logger; - cb.disconnect = hostapd_wpa_auth_disconnect; - cb.mic_failure_report = hostapd_wpa_auth_mic_failure_report; - cb.psk_failure_report = hostapd_wpa_auth_psk_failure_report; - cb.set_eapol = hostapd_wpa_auth_set_eapol; - cb.get_eapol = hostapd_wpa_auth_get_eapol; - cb.get_psk = hostapd_wpa_auth_get_psk; - cb.get_msk = hostapd_wpa_auth_get_msk; - cb.set_key = hostapd_wpa_auth_set_key; - cb.get_seqnum = hostapd_wpa_auth_get_seqnum; - cb.send_eapol = hostapd_wpa_auth_send_eapol; - cb.for_each_sta = hostapd_wpa_auth_for_each_sta; - cb.for_each_auth = hostapd_wpa_auth_for_each_auth; - cb.send_ether = hostapd_wpa_auth_send_ether; -#ifdef CONFIG_IEEE80211R - cb.send_ft_action = hostapd_wpa_auth_send_ft_action; - cb.add_sta = hostapd_wpa_auth_add_sta; - cb.add_tspec = hostapd_wpa_auth_add_tspec; -#endif /* CONFIG_IEEE80211R */ - hapd->wpa_auth = wpa_init(hapd->own_addr, &_conf, &cb); + hapd->wpa_auth = wpa_init(hapd->own_addr, &_conf, &cb, hapd); if (hapd->wpa_auth == NULL) { wpa_printf(MSG_ERROR, "WPA initialization failed."); return -1; @@ -649,12 +1236,14 @@ int hostapd_setup_wpa(struct hostapd_data *hapd) return -1; } -#ifdef CONFIG_IEEE80211R +#ifdef CONFIG_IEEE80211R_AP if (!hostapd_drv_none(hapd) && wpa_key_mgmt_ft(hapd->conf->wpa_key_mgmt)) { - hapd->l2 = l2_packet_init(hapd->conf->bridge[0] ? - hapd->conf->bridge : - hapd->conf->iface, NULL, ETH_P_RRB, + const char *ft_iface; + + ft_iface = hapd->conf->bridge[0] ? hapd->conf->bridge : + hapd->conf->iface; + hapd->l2 = l2_packet_init(ft_iface, NULL, ETH_P_RRB, hostapd_rrb_receive, hapd, 1); if (hapd->l2 == NULL && (hapd->driver == NULL || @@ -663,8 +1252,14 @@ int hostapd_setup_wpa(struct hostapd_data *hapd) "interface"); return -1; } + + if (hostapd_wpa_register_ft_oui(hapd, ft_iface)) { + wpa_printf(MSG_ERROR, + "Failed to open ETH_P_OUI interface"); + return -1; + } } -#endif /* CONFIG_IEEE80211R */ +#endif /* CONFIG_IEEE80211R_AP */ return 0; @@ -702,8 +1297,13 @@ void hostapd_deinit_wpa(struct hostapd_data *hapd) } ieee802_1x_deinit(hapd); -#ifdef CONFIG_IEEE80211R +#ifdef CONFIG_IEEE80211R_AP + eloop_cancel_timeout(hostapd_wpa_ft_rrb_rx_later, hapd, ELOOP_ALL_CTX); + hostapd_wpa_ft_rrb_rx_later(hapd, NULL); /* flush without delivering */ + eloop_cancel_timeout(hostapd_oui_deliver_later, hapd, ELOOP_ALL_CTX); + hostapd_oui_deliver_later(hapd, NULL); /* flush without delivering */ l2_packet_deinit(hapd->l2); hapd->l2 = NULL; -#endif /* CONFIG_IEEE80211R */ + hostapd_wpa_unregister_ft_oui(hapd); +#endif /* CONFIG_IEEE80211R_AP */ } diff --git a/contrib/wpa/src/ap/wpa_auth_i.h b/contrib/wpa/src/ap/wpa_auth_i.h index 7fd8f05fa8ff..b1cea1b49b14 100644 --- a/contrib/wpa/src/ap/wpa_auth_i.h +++ b/contrib/wpa/src/ap/wpa_auth_i.h @@ -9,18 +9,13 @@ #ifndef WPA_AUTH_I_H #define WPA_AUTH_I_H +#include "utils/list.h" + /* max(dot11RSNAConfigGroupUpdateCount,dot11RSNAConfigPairwiseUpdateCount) */ #define RSNA_MAX_EAPOL_RETRIES 4 struct wpa_group; -struct wpa_stsl_negotiation { - struct wpa_stsl_negotiation *next; - u8 initiator[ETH_ALEN]; - u8 peer[ETH_ALEN]; -}; - - struct wpa_state_machine { struct wpa_authenticator *wpa_auth; struct wpa_group *group; @@ -48,8 +43,9 @@ struct wpa_state_machine { Boolean AuthenticationRequest; Boolean ReAuthenticationRequest; Boolean Disconnect; - int TimeoutCtr; - int GTimeoutCtr; + u16 disconnect_reason; /* specific reason code to use with Disconnect */ + u32 TimeoutCtr; + u32 GTimeoutCtr; Boolean TimeoutEvt; Boolean EAPOLKeyReceived; Boolean EAPOLKeyPairwise; @@ -62,6 +58,7 @@ struct wpa_state_machine { u8 alt_replay_counter[WPA_REPLAY_COUNTER_LEN]; u8 PMK[PMK_LEN_MAX]; unsigned int pmk_len; + u8 pmkid[PMKID_LEN]; /* valid if pmkid_set == 1 */ struct wpa_ptk PTK; Boolean PTK_valid; Boolean pairwise_set; @@ -89,11 +86,12 @@ struct wpa_state_machine { unsigned int rx_eapol_key_secure:1; unsigned int update_snonce:1; unsigned int alt_snonce_valid:1; -#ifdef CONFIG_IEEE80211R +#ifdef CONFIG_IEEE80211R_AP unsigned int ft_completed:1; unsigned int pmk_r1_name_valid:1; -#endif /* CONFIG_IEEE80211R */ +#endif /* CONFIG_IEEE80211R_AP */ unsigned int is_wnmsleep:1; + unsigned int pmkid_set:1; u8 req_replay_counter[WPA_REPLAY_COUNTER_LEN]; int req_replay_counter_used; @@ -113,8 +111,9 @@ struct wpa_state_machine { u32 dot11RSNAStatsTKIPLocalMICFailures; u32 dot11RSNAStatsTKIPRemoteMICFailures; -#ifdef CONFIG_IEEE80211R - u8 xxkey[PMK_LEN]; /* PSK or the second 256 bits of MSK */ +#ifdef CONFIG_IEEE80211R_AP + u8 xxkey[PMK_LEN_MAX]; /* PSK or the second 256 bits of MSK, or the + * first 384 bits of MSK */ size_t xxkey_len; u8 pmk_r1_name[WPA_PMK_NAME_LEN]; /* PMKR1Name derived from FT Auth * Request */ @@ -129,16 +128,30 @@ struct wpa_state_machine { const u8 *ies, size_t ies_len); void *ft_pending_cb_ctx; struct wpabuf *ft_pending_req_ies; - u8 ft_pending_pull_nonce[FT_R0KH_R1KH_PULL_NONCE_LEN]; + u8 ft_pending_pull_nonce[FT_RRB_NONCE_LEN]; u8 ft_pending_auth_transaction; u8 ft_pending_current_ap[ETH_ALEN]; -#endif /* CONFIG_IEEE80211R */ + int ft_pending_pull_left_retries; +#endif /* CONFIG_IEEE80211R_AP */ int pending_1_of_4_timeout; #ifdef CONFIG_P2P u8 ip_addr[4]; #endif /* CONFIG_P2P */ + +#ifdef CONFIG_FILS + u8 fils_key_auth_sta[FILS_MAX_KEY_AUTH_LEN]; + u8 fils_key_auth_ap[FILS_MAX_KEY_AUTH_LEN]; + size_t fils_key_auth_len; + unsigned int fils_completed:1; +#endif /* CONFIG_FILS */ + +#ifdef CONFIG_TESTING_OPTIONS + void (*eapol_status_cb)(void *ctx1, void *ctx2); + void *eapol_status_cb_ctx1; + void *eapol_status_cb_ctx2; +#endif /* CONFIG_TESTING_OPTIONS */ }; @@ -194,10 +207,9 @@ struct wpa_authenticator { unsigned int dot11RSNATKIPCounterMeasuresInvoked; unsigned int dot11RSNA4WayHandshakeFailures; - struct wpa_stsl_negotiation *stsl_negotiations; - struct wpa_auth_config conf; - struct wpa_auth_callbacks cb; + const struct wpa_auth_callbacks *cb; + void *cb_ctx; u8 *wpa_ie; size_t wpa_ie_len; @@ -213,6 +225,38 @@ struct wpa_authenticator { }; +#ifdef CONFIG_IEEE80211R_AP + +#define FT_REMOTE_SEQ_BACKLOG 16 +struct ft_remote_seq_rx { + u32 dom; + struct os_reltime time_offset; /* local time - offset = remote time */ + + /* accepted sequence numbers: (offset ... offset + 0x40000000] + * (except those in last) + * dropped sequence numbers: (offset - 0x40000000 ... offset] + * all others trigger SEQ_REQ message (except first message) + */ + u32 last[FT_REMOTE_SEQ_BACKLOG]; + unsigned int num_last; + u32 offsetidx; + + struct dl_list queue; /* send nonces + rrb msgs awaiting seq resp */ +}; + +struct ft_remote_seq_tx { + u32 dom; /* non zero if initialized */ + u32 seq; +}; + +struct ft_remote_seq { + struct ft_remote_seq_rx rx; + struct ft_remote_seq_tx tx; +}; + +#endif /* CONFIG_IEEE80211R_AP */ + + int wpa_write_rsn_ie(struct wpa_auth_config *conf, u8 *buf, size_t len, const u8 *pmkid); void wpa_auth_logger(struct wpa_authenticator *wpa_auth, const u8 *addr, @@ -231,24 +275,10 @@ int wpa_auth_for_each_auth(struct wpa_authenticator *wpa_auth, int (*cb)(struct wpa_authenticator *a, void *ctx), void *cb_ctx); -#ifdef CONFIG_PEERKEY -int wpa_stsl_remove(struct wpa_authenticator *wpa_auth, - struct wpa_stsl_negotiation *neg); -void wpa_smk_error(struct wpa_authenticator *wpa_auth, - struct wpa_state_machine *sm, - const u8 *key_data, size_t key_data_len); -void wpa_smk_m1(struct wpa_authenticator *wpa_auth, - struct wpa_state_machine *sm, struct wpa_eapol_key *key, - const u8 *key_data, size_t key_data_len); -void wpa_smk_m3(struct wpa_authenticator *wpa_auth, - struct wpa_state_machine *sm, struct wpa_eapol_key *key, - const u8 *key_data, size_t key_data_len); -#endif /* CONFIG_PEERKEY */ - -#ifdef CONFIG_IEEE80211R +#ifdef CONFIG_IEEE80211R_AP int wpa_write_mdie(struct wpa_auth_config *conf, u8 *buf, size_t len); -int wpa_write_ftie(struct wpa_auth_config *conf, const u8 *r0kh_id, - size_t r0kh_id_len, +int wpa_write_ftie(struct wpa_auth_config *conf, int use_sha384, + const u8 *r0kh_id, size_t r0kh_id_len, const u8 *anonce, const u8 *snonce, u8 *buf, size_t len, const u8 *subelem, size_t subelem_len); @@ -257,6 +287,8 @@ int wpa_auth_derive_ptk_ft(struct wpa_state_machine *sm, const u8 *pmk, struct wpa_ft_pmk_cache * wpa_ft_pmk_cache_init(void); void wpa_ft_pmk_cache_deinit(struct wpa_ft_pmk_cache *cache); void wpa_ft_install_ptk(struct wpa_state_machine *sm); -#endif /* CONFIG_IEEE80211R */ +int wpa_ft_store_pmk_fils(struct wpa_state_machine *sm, const u8 *pmk_r0, + const u8 *pmk_r0_name); +#endif /* CONFIG_IEEE80211R_AP */ #endif /* WPA_AUTH_I_H */ diff --git a/contrib/wpa/src/ap/wpa_auth_ie.c b/contrib/wpa/src/ap/wpa_auth_ie.c index f79783b91929..cdcc5de39d45 100644 --- a/contrib/wpa/src/ap/wpa_auth_ie.c +++ b/contrib/wpa/src/ap/wpa_auth_ie.c @@ -1,6 +1,6 @@ /* * hostapd - WPA/RSN IE and KDE definitions - * Copyright (c) 2004-2015, Jouni Malinen <j@w1.fi> + * Copyright (c) 2004-2018, Jouni Malinen <j@w1.fi> * * This software may be distributed under the terms of the BSD license. * See README for more details. @@ -164,18 +164,25 @@ int wpa_write_rsn_ie(struct wpa_auth_config *conf, u8 *buf, size_t len, pos += RSN_SELECTOR_LEN; num_suites++; } -#ifdef CONFIG_IEEE80211R +#ifdef CONFIG_IEEE80211R_AP if (conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X) { RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FT_802_1X); pos += RSN_SELECTOR_LEN; num_suites++; } +#ifdef CONFIG_SHA384 + if (conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X_SHA384) { + RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FT_802_1X_SHA384); + pos += RSN_SELECTOR_LEN; + num_suites++; + } +#endif /* CONFIG_SHA384 */ if (conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_PSK) { RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FT_PSK); pos += RSN_SELECTOR_LEN; num_suites++; } -#endif /* CONFIG_IEEE80211R */ +#endif /* CONFIG_IEEE80211R_AP */ #ifdef CONFIG_IEEE80211W if (conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA256) { RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_802_1X_SHA256); @@ -210,6 +217,51 @@ int wpa_write_rsn_ie(struct wpa_auth_config *conf, u8 *buf, size_t len, pos += RSN_SELECTOR_LEN; num_suites++; } +#ifdef CONFIG_FILS + if (conf->wpa_key_mgmt & WPA_KEY_MGMT_FILS_SHA256) { + RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FILS_SHA256); + pos += RSN_SELECTOR_LEN; + num_suites++; + } + if (conf->wpa_key_mgmt & WPA_KEY_MGMT_FILS_SHA384) { + RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FILS_SHA384); + pos += RSN_SELECTOR_LEN; + num_suites++; + } +#ifdef CONFIG_IEEE80211R_AP + if (conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_FILS_SHA256) { + RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FT_FILS_SHA256); + pos += RSN_SELECTOR_LEN; + num_suites++; + } + if (conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_FILS_SHA384) { + RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FT_FILS_SHA384); + pos += RSN_SELECTOR_LEN; + num_suites++; + } +#endif /* CONFIG_IEEE80211R_AP */ +#endif /* CONFIG_FILS */ +#ifdef CONFIG_OWE + if (conf->wpa_key_mgmt & WPA_KEY_MGMT_OWE) { + RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_OWE); + pos += RSN_SELECTOR_LEN; + num_suites++; + } +#endif /* CONFIG_OWE */ +#ifdef CONFIG_DPP + if (conf->wpa_key_mgmt & WPA_KEY_MGMT_DPP) { + RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_DPP); + pos += RSN_SELECTOR_LEN; + num_suites++; + } +#endif /* CONFIG_DPP */ +#ifdef CONFIG_HS20 + if (conf->wpa_key_mgmt & WPA_KEY_MGMT_OSEN) { + RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_OSEN); + pos += RSN_SELECTOR_LEN; + num_suites++; + } +#endif /* CONFIG_HS20 */ #ifdef CONFIG_RSN_TESTING if (rsn_testing) { @@ -230,8 +282,6 @@ int wpa_write_rsn_ie(struct wpa_auth_config *conf, u8 *buf, size_t len, capab = 0; if (conf->rsn_preauth) capab |= WPA_CAPABILITY_PREAUTH; - if (conf->peerkey) - capab |= WPA_CAPABILITY_PEERKEY_ENABLED; if (conf->wmm_enabled) { /* 4 PTKSA replay counters when using WMM */ capab |= (RSN_NUM_REPLAY_COUNTERS_16 << 2); @@ -407,7 +457,7 @@ int wpa_auth_gen_wpa_ie(struct wpa_authenticator *wpa_auth) return res; pos += res; } -#ifdef CONFIG_IEEE80211R +#ifdef CONFIG_IEEE80211R_AP if (wpa_key_mgmt_ft(wpa_auth->conf.wpa_key_mgmt)) { res = wpa_write_mdie(&wpa_auth->conf, pos, buf + sizeof(buf) - pos); @@ -415,7 +465,7 @@ int wpa_auth_gen_wpa_ie(struct wpa_authenticator *wpa_auth) return res; pos += res; } -#endif /* CONFIG_IEEE80211R */ +#endif /* CONFIG_IEEE80211R_AP */ if (wpa_auth->conf.wpa & WPA_PROTO_WPA) { res = wpa_write_wpa_ie(&wpa_auth->conf, pos, buf + sizeof(buf) - pos); @@ -474,7 +524,8 @@ static int wpa_auth_okc_iter(struct wpa_authenticator *a, void *ctx) int wpa_validate_wpa_ie(struct wpa_authenticator *wpa_auth, struct wpa_state_machine *sm, const u8 *wpa_ie, size_t wpa_ie_len, - const u8 *mdie, size_t mdie_len) + const u8 *mdie, size_t mdie_len, + const u8 *owe_dh, size_t owe_dh_len) { struct wpa_ie_data data; int ciphers, key_mgmt, res, version; @@ -509,12 +560,28 @@ int wpa_validate_wpa_ie(struct wpa_authenticator *wpa_auth, selector = RSN_AUTH_KEY_MGMT_802_1X_SUITE_B_192; else if (data.key_mgmt & WPA_KEY_MGMT_IEEE8021X_SUITE_B) selector = RSN_AUTH_KEY_MGMT_802_1X_SUITE_B; -#ifdef CONFIG_IEEE80211R +#ifdef CONFIG_FILS +#ifdef CONFIG_IEEE80211R_AP + else if (data.key_mgmt & WPA_KEY_MGMT_FT_FILS_SHA384) + selector = RSN_AUTH_KEY_MGMT_FT_FILS_SHA384; + else if (data.key_mgmt & WPA_KEY_MGMT_FT_FILS_SHA256) + selector = RSN_AUTH_KEY_MGMT_FT_FILS_SHA256; +#endif /* CONFIG_IEEE80211R_AP */ + else if (data.key_mgmt & WPA_KEY_MGMT_FILS_SHA384) + selector = RSN_AUTH_KEY_MGMT_FILS_SHA384; + else if (data.key_mgmt & WPA_KEY_MGMT_FILS_SHA256) + selector = RSN_AUTH_KEY_MGMT_FILS_SHA256; +#endif /* CONFIG_FILS */ +#ifdef CONFIG_IEEE80211R_AP +#ifdef CONFIG_SHA384 + else if (data.key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X_SHA384) + selector = RSN_AUTH_KEY_MGMT_FT_802_1X_SHA384; +#endif /* CONFIG_SHA384 */ else if (data.key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X) selector = RSN_AUTH_KEY_MGMT_FT_802_1X; else if (data.key_mgmt & WPA_KEY_MGMT_FT_PSK) selector = RSN_AUTH_KEY_MGMT_FT_PSK; -#endif /* CONFIG_IEEE80211R */ +#endif /* CONFIG_IEEE80211R_AP */ #ifdef CONFIG_IEEE80211W else if (data.key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA256) selector = RSN_AUTH_KEY_MGMT_802_1X_SHA256; @@ -531,6 +598,18 @@ int wpa_validate_wpa_ie(struct wpa_authenticator *wpa_auth, selector = RSN_AUTH_KEY_MGMT_UNSPEC_802_1X; else if (data.key_mgmt & WPA_KEY_MGMT_PSK) selector = RSN_AUTH_KEY_MGMT_PSK_OVER_802_1X; +#ifdef CONFIG_OWE + else if (data.key_mgmt & WPA_KEY_MGMT_OWE) + selector = RSN_AUTH_KEY_MGMT_OWE; +#endif /* CONFIG_OWE */ +#ifdef CONFIG_DPP + else if (data.key_mgmt & WPA_KEY_MGMT_DPP) + selector = RSN_AUTH_KEY_MGMT_DPP; +#endif /* CONFIG_DPP */ +#ifdef CONFIG_HS20 + else if (data.key_mgmt & WPA_KEY_MGMT_OSEN) + selector = RSN_AUTH_KEY_MGMT_OSEN; +#endif /* CONFIG_HS20 */ wpa_auth->dot11RSNAAuthenticationSuiteSelected = selector; selector = wpa_cipher_to_suite(WPA_PROTO_RSN, @@ -591,12 +670,28 @@ int wpa_validate_wpa_ie(struct wpa_authenticator *wpa_auth, sm->wpa_key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B_192; else if (key_mgmt & WPA_KEY_MGMT_IEEE8021X_SUITE_B) sm->wpa_key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B; -#ifdef CONFIG_IEEE80211R +#ifdef CONFIG_FILS +#ifdef CONFIG_IEEE80211R_AP + else if (key_mgmt & WPA_KEY_MGMT_FT_FILS_SHA384) + sm->wpa_key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA384; + else if (data.key_mgmt & WPA_KEY_MGMT_FT_FILS_SHA256) + sm->wpa_key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA256; +#endif /* CONFIG_IEEE80211R_AP */ + else if (key_mgmt & WPA_KEY_MGMT_FILS_SHA384) + sm->wpa_key_mgmt = WPA_KEY_MGMT_FILS_SHA384; + else if (key_mgmt & WPA_KEY_MGMT_FILS_SHA256) + sm->wpa_key_mgmt = WPA_KEY_MGMT_FILS_SHA256; +#endif /* CONFIG_FILS */ +#ifdef CONFIG_IEEE80211R_AP +#ifdef CONFIG_SHA384 + else if (key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X_SHA384) + sm->wpa_key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X_SHA384; +#endif /* CONFIG_SHA384 */ else if (key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X) sm->wpa_key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X; else if (key_mgmt & WPA_KEY_MGMT_FT_PSK) sm->wpa_key_mgmt = WPA_KEY_MGMT_FT_PSK; -#endif /* CONFIG_IEEE80211R */ +#endif /* CONFIG_IEEE80211R_AP */ #ifdef CONFIG_IEEE80211W else if (key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA256) sm->wpa_key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256; @@ -611,6 +706,18 @@ int wpa_validate_wpa_ie(struct wpa_authenticator *wpa_auth, #endif /* CONFIG_SAE */ else if (key_mgmt & WPA_KEY_MGMT_IEEE8021X) sm->wpa_key_mgmt = WPA_KEY_MGMT_IEEE8021X; +#ifdef CONFIG_OWE + else if (key_mgmt & WPA_KEY_MGMT_OWE) + sm->wpa_key_mgmt = WPA_KEY_MGMT_OWE; +#endif /* CONFIG_OWE */ +#ifdef CONFIG_DPP + else if (key_mgmt & WPA_KEY_MGMT_DPP) + sm->wpa_key_mgmt = WPA_KEY_MGMT_DPP; +#endif /* CONFIG_DPP */ +#ifdef CONFIG_HS20 + else if (key_mgmt & WPA_KEY_MGMT_OSEN) + sm->wpa_key_mgmt = WPA_KEY_MGMT_OSEN; +#endif /* CONFIG_HS20 */ else sm->wpa_key_mgmt = WPA_KEY_MGMT_PSK; @@ -634,12 +741,6 @@ int wpa_validate_wpa_ie(struct wpa_authenticator *wpa_auth, return WPA_MGMT_FRAME_PROTECTION_VIOLATION; } - if (ciphers & WPA_CIPHER_TKIP) { - wpa_printf(MSG_DEBUG, "Management frame protection " - "cannot use TKIP"); - return WPA_MGMT_FRAME_PROTECTION_VIOLATION; - } - if (data.mgmt_group_cipher != wpa_auth->conf.group_mgmt_cipher) { wpa_printf(MSG_DEBUG, "Unsupported management group " @@ -648,14 +749,31 @@ int wpa_validate_wpa_ie(struct wpa_authenticator *wpa_auth, } } +#ifdef CONFIG_SAE + if (wpa_auth->conf.ieee80211w == MGMT_FRAME_PROTECTION_OPTIONAL && + wpa_auth->conf.sae_require_mfp && + wpa_key_mgmt_sae(sm->wpa_key_mgmt) && + !(data.capabilities & WPA_CAPABILITY_MFPC)) { + wpa_printf(MSG_DEBUG, + "Management frame protection required with SAE, but client did not enable it"); + return WPA_MGMT_FRAME_PROTECTION_VIOLATION; + } +#endif /* CONFIG_SAE */ + if (wpa_auth->conf.ieee80211w == NO_MGMT_FRAME_PROTECTION || !(data.capabilities & WPA_CAPABILITY_MFPC)) sm->mgmt_frame_prot = 0; else sm->mgmt_frame_prot = 1; + + if (sm->mgmt_frame_prot && (ciphers & WPA_CIPHER_TKIP)) { + wpa_printf(MSG_DEBUG, + "Management frame protection cannot use TKIP"); + return WPA_MGMT_FRAME_PROTECTION_VIOLATION; + } #endif /* CONFIG_IEEE80211W */ -#ifdef CONFIG_IEEE80211R +#ifdef CONFIG_IEEE80211R_AP if (wpa_key_mgmt_ft(sm->wpa_key_mgmt)) { if (mdie == NULL || mdie_len < MOBILITY_DOMAIN_ID_LEN + 1) { wpa_printf(MSG_DEBUG, "RSN: Trying to use FT, but " @@ -668,8 +786,25 @@ int wpa_validate_wpa_ie(struct wpa_authenticator *wpa_auth, "MDIE", mdie, MOBILITY_DOMAIN_ID_LEN); return WPA_INVALID_MDIE; } + } else if (mdie != NULL) { + wpa_printf(MSG_DEBUG, + "RSN: Trying to use non-FT AKM suite, but MDIE included"); + return WPA_INVALID_AKMP; } -#endif /* CONFIG_IEEE80211R */ +#endif /* CONFIG_IEEE80211R_AP */ + +#ifdef CONFIG_OWE + if (sm->wpa_key_mgmt == WPA_KEY_MGMT_OWE && !owe_dh) { + wpa_printf(MSG_DEBUG, + "OWE: No Diffie-Hellman Parameter element"); + return WPA_INVALID_AKMP; + } + if (sm->wpa_key_mgmt != WPA_KEY_MGMT_OWE && owe_dh) { + wpa_printf(MSG_DEBUG, + "OWE: Unexpected Diffie-Hellman Parameter element with non-OWE AKM"); + return WPA_INVALID_AKMP; + } +#endif /* CONFIG_OWE */ sm->pairwise = wpa_pick_pairwise_cipher(ciphers, 0); if (sm->pairwise < 0) @@ -723,6 +858,23 @@ int wpa_validate_wpa_ie(struct wpa_authenticator *wpa_auth, os_memcpy(wpa_auth->dot11RSNAPMKIDUsed, pmkid, PMKID_LEN); } +#ifdef CONFIG_SAE + if (sm->wpa_key_mgmt == WPA_KEY_MGMT_SAE && data.num_pmkid && + !sm->pmksa) { + wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_DEBUG, + "No PMKSA cache entry found for SAE"); + return WPA_INVALID_PMKID; + } +#endif /* CONFIG_SAE */ + +#ifdef CONFIG_DPP + if (sm->wpa_key_mgmt == WPA_KEY_MGMT_DPP && !sm->pmksa) { + wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_DEBUG, + "No PMKSA cache entry found for DPP"); + return WPA_INVALID_PMKID; + } +#endif /* CONFIG_DPP */ + if (sm->wpa_ie == NULL || sm->wpa_ie_len < wpa_ie_len) { os_free(sm->wpa_ie); sm->wpa_ie = os_malloc(wpa_ie_len); @@ -815,36 +967,6 @@ static int wpa_parse_generic(const u8 *pos, const u8 *end, return 0; } -#ifdef CONFIG_PEERKEY - if (pos[1] > RSN_SELECTOR_LEN + 2 && - RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_SMK) { - ie->smk = pos + 2 + RSN_SELECTOR_LEN; - ie->smk_len = pos[1] - RSN_SELECTOR_LEN; - return 0; - } - - if (pos[1] > RSN_SELECTOR_LEN + 2 && - RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_NONCE) { - ie->nonce = pos + 2 + RSN_SELECTOR_LEN; - ie->nonce_len = pos[1] - RSN_SELECTOR_LEN; - return 0; - } - - if (pos[1] > RSN_SELECTOR_LEN + 2 && - RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_LIFETIME) { - ie->lifetime = pos + 2 + RSN_SELECTOR_LEN; - ie->lifetime_len = pos[1] - RSN_SELECTOR_LEN; - return 0; - } - - if (pos[1] > RSN_SELECTOR_LEN + 2 && - RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_ERROR) { - ie->error = pos + 2 + RSN_SELECTOR_LEN; - ie->error_len = pos[1] - RSN_SELECTOR_LEN; - return 0; - } -#endif /* CONFIG_PEERKEY */ - #ifdef CONFIG_IEEE80211W if (pos[1] > RSN_SELECTOR_LEN + 2 && RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_IGTK) { @@ -908,14 +1030,14 @@ int wpa_parse_kde_ies(const u8 *buf, size_t len, struct wpa_eapol_ie_parse *ie) if (*pos == WLAN_EID_RSN) { ie->rsn_ie = pos; ie->rsn_ie_len = pos[1] + 2; -#ifdef CONFIG_IEEE80211R +#ifdef CONFIG_IEEE80211R_AP } else if (*pos == WLAN_EID_MOBILITY_DOMAIN) { ie->mdie = pos; ie->mdie_len = pos[1] + 2; } else if (*pos == WLAN_EID_FAST_BSS_TRANSITION) { ie->ftie = pos; ie->ftie_len = pos[1] + 2; -#endif /* CONFIG_IEEE80211R */ +#endif /* CONFIG_IEEE80211R_AP */ } else if (*pos == WLAN_EID_VENDOR_SPECIFIC) { ret = wpa_parse_generic(pos, end, ie); if (ret < 0) @@ -938,3 +1060,36 @@ int wpa_auth_uses_mfp(struct wpa_state_machine *sm) { return sm ? sm->mgmt_frame_prot : 0; } + + +#ifdef CONFIG_OWE +u8 * wpa_auth_write_assoc_resp_owe(struct wpa_state_machine *sm, + u8 *pos, size_t max_len, + const u8 *req_ies, size_t req_ies_len) +{ + int res; + struct wpa_auth_config *conf; + + if (!sm) + return pos; + conf = &sm->wpa_auth->conf; + +#ifdef CONFIG_TESTING_OPTIONS + if (conf->own_ie_override_len) { + if (max_len < conf->own_ie_override_len) + return NULL; + wpa_hexdump(MSG_DEBUG, "WPA: Forced own IE(s) for testing", + conf->own_ie_override, conf->own_ie_override_len); + os_memcpy(pos, conf->own_ie_override, + conf->own_ie_override_len); + return pos + conf->own_ie_override_len; + } +#endif /* CONFIG_TESTING_OPTIONS */ + + res = wpa_write_rsn_ie(conf, pos, max_len, + sm->pmksa ? sm->pmksa->pmkid : NULL); + if (res < 0) + return pos; + return pos + res; +} +#endif /* CONFIG_OWE */ diff --git a/contrib/wpa/src/ap/wpa_auth_ie.h b/contrib/wpa/src/ap/wpa_auth_ie.h index d2067ba3112c..73e433349049 100644 --- a/contrib/wpa/src/ap/wpa_auth_ie.h +++ b/contrib/wpa/src/ap/wpa_auth_ie.h @@ -19,26 +19,16 @@ struct wpa_eapol_ie_parse { size_t gtk_len; const u8 *mac_addr; size_t mac_addr_len; -#ifdef CONFIG_PEERKEY - const u8 *smk; - size_t smk_len; - const u8 *nonce; - size_t nonce_len; - const u8 *lifetime; - size_t lifetime_len; - const u8 *error; - size_t error_len; -#endif /* CONFIG_PEERKEY */ #ifdef CONFIG_IEEE80211W const u8 *igtk; size_t igtk_len; #endif /* CONFIG_IEEE80211W */ -#ifdef CONFIG_IEEE80211R +#ifdef CONFIG_IEEE80211R_AP const u8 *mdie; size_t mdie_len; const u8 *ftie; size_t ftie_len; -#endif /* CONFIG_IEEE80211R */ +#endif /* CONFIG_IEEE80211R_AP */ #ifdef CONFIG_P2P const u8 *ip_addr_req; const u8 *ip_addr_alloc; diff --git a/contrib/wpa/src/ap/wps_hostapd.c b/contrib/wpa/src/ap/wps_hostapd.c index 95b40da0f6bb..5ec019971f37 100644 --- a/contrib/wpa/src/ap/wps_hostapd.c +++ b/contrib/wpa/src/ap/wps_hostapd.c @@ -1064,7 +1064,9 @@ int hostapd_init_wps(struct hostapd_data *hapd, if (conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X) wps->auth_types |= WPS_AUTH_WPA2; - if (conf->rsn_pairwise & (WPA_CIPHER_CCMP | WPA_CIPHER_GCMP)) { + if (conf->rsn_pairwise & (WPA_CIPHER_CCMP | WPA_CIPHER_GCMP | + WPA_CIPHER_CCMP_256 | + WPA_CIPHER_GCMP_256)) { wps->encr_types |= WPS_ENCR_AES; wps->encr_types_rsn |= WPS_ENCR_AES; } diff --git a/contrib/wpa/src/common/common_module_tests.c b/contrib/wpa/src/common/common_module_tests.c index e0769c08e764..0b596bbcc631 100644 --- a/contrib/wpa/src/common/common_module_tests.c +++ b/contrib/wpa/src/common/common_module_tests.c @@ -53,12 +53,38 @@ static const struct ieee802_11_parse_test_data parse_tests[] = { 18, ParseOK, 9 }, { (u8 *) "\x8b\x00", 2, ParseOK, 1 }, { (u8 *) "\xdd\x04\x00\x90\x4c\x04", 6, ParseUnknown, 1 }, + { (u8 *) "\xed\x00", 2, ParseOK, 1 }, + { (u8 *) "\xef\x00", 2, ParseOK, 1 }, + { (u8 *) "\xef\x01\x11", 3, ParseOK, 1 }, + { (u8 *) "\xf0\x00", 2, ParseOK, 1 }, + { (u8 *) "\xf1\x00", 2, ParseOK, 1 }, + { (u8 *) "\xf1\x02\x11\x22", 4, ParseOK, 1 }, + { (u8 *) "\xf2\x00", 2, ParseOK, 1 }, + { (u8 *) "\xff\x00", 2, ParseUnknown, 1 }, + { (u8 *) "\xff\x01\x00", 3, ParseUnknown, 1 }, + { (u8 *) "\xff\x01\x01", 3, ParseOK, 1 }, + { (u8 *) "\xff\x02\x01\x00", 4, ParseOK, 1 }, + { (u8 *) "\xff\x01\x02", 3, ParseOK, 1 }, + { (u8 *) "\xff\x04\x02\x11\x22\x33", 6, ParseOK, 1 }, + { (u8 *) "\xff\x01\x04", 3, ParseOK, 1 }, + { (u8 *) "\xff\x01\x05", 3, ParseOK, 1 }, + { (u8 *) "\xff\x0d\x05\x11\x22\x33\x44\x55\x55\x11\x22\x33\x44\x55\x55", + 15, ParseOK, 1 }, + { (u8 *) "\xff\x01\x06", 3, ParseOK, 1 }, + { (u8 *) "\xff\x02\x06\x00", 4, ParseOK, 1 }, + { (u8 *) "\xff\x01\x07", 3, ParseOK, 1 }, + { (u8 *) "\xff\x09\x07\x11\x22\x33\x44\x55\x66\x77\x88", 11, + ParseOK, 1 }, + { (u8 *) "\xff\x01\x0c", 3, ParseOK, 1 }, + { (u8 *) "\xff\x02\x0c\x00", 4, ParseOK, 1 }, + { (u8 *) "\xff\x01\x0d", 3, ParseOK, 1 }, { NULL, 0, ParseOK, 0 } }; static int ieee802_11_parse_tests(void) { int i, ret = 0; + struct wpabuf *buf; wpa_printf(MSG_INFO, "ieee802_11_parse tests"); @@ -84,6 +110,35 @@ static int ieee802_11_parse_tests(void) ret = -1; } + buf = ieee802_11_vendor_ie_concat((const u8 *) "\xdd\x05\x11\x22\x33\x44\x01\xdd\x05\x11\x22\x33\x44\x02\x00\x01", + 16, 0x11223344); + do { + const u8 *pos; + + if (!buf) { + wpa_printf(MSG_ERROR, + "ieee802_11_vendor_ie_concat test 2 failed"); + ret = -1; + break; + } + + if (wpabuf_len(buf) != 2) { + wpa_printf(MSG_ERROR, + "ieee802_11_vendor_ie_concat test 3 failed"); + ret = -1; + break; + } + + pos = wpabuf_head(buf); + if (pos[0] != 0x01 || pos[1] != 0x02) { + wpa_printf(MSG_ERROR, + "ieee802_11_vendor_ie_concat test 3 failed"); + ret = -1; + break; + } + } while (0); + wpabuf_free(buf); + return ret; } diff --git a/contrib/wpa/src/common/ctrl_iface_common.c b/contrib/wpa/src/common/ctrl_iface_common.c index ebbe6ffdb385..e26407dab902 100644 --- a/contrib/wpa/src/common/ctrl_iface_common.c +++ b/contrib/wpa/src/common/ctrl_iface_common.c @@ -113,17 +113,53 @@ void sockaddr_print(int level, const char *msg, struct sockaddr_storage *sock, } +static int ctrl_set_events(struct wpa_ctrl_dst *dst, const char *input) +{ + const char *value; + int val; + + if (!input) + return 0; + + value = os_strchr(input, '='); + if (!value) + return -1; + value++; + val = atoi(value); + if (val < 0 || val > 1) + return -1; + + if (str_starts(input, "probe_rx_events=")) { + if (val) + dst->events |= WPA_EVENT_RX_PROBE_REQUEST; + else + dst->events &= ~WPA_EVENT_RX_PROBE_REQUEST; + } + + return 0; +} + + int ctrl_iface_attach(struct dl_list *ctrl_dst, struct sockaddr_storage *from, - socklen_t fromlen) + socklen_t fromlen, const char *input) { struct wpa_ctrl_dst *dst; + /* Update event registration if already attached */ + dl_list_for_each(dst, ctrl_dst, struct wpa_ctrl_dst, list) { + if (!sockaddr_compare(from, fromlen, + &dst->addr, dst->addrlen)) + return ctrl_set_events(dst, input); + } + + /* New attachment */ dst = os_zalloc(sizeof(*dst)); if (dst == NULL) return -1; os_memcpy(&dst->addr, from, fromlen); dst->addrlen = fromlen; dst->debug_level = MSG_INFO; + ctrl_set_events(dst, input); dl_list_add(ctrl_dst, &dst->list); sockaddr_print(MSG_DEBUG, "CTRL_IFACE monitor attached", from, fromlen); diff --git a/contrib/wpa/src/common/ctrl_iface_common.h b/contrib/wpa/src/common/ctrl_iface_common.h index 0b6e3e740291..85e258e938b6 100644 --- a/contrib/wpa/src/common/ctrl_iface_common.h +++ b/contrib/wpa/src/common/ctrl_iface_common.h @@ -11,6 +11,9 @@ #include "utils/list.h" +/* Events enable bits (wpa_ctrl_dst::events) */ +#define WPA_EVENT_RX_PROBE_REQUEST BIT(0) + /** * struct wpa_ctrl_dst - Data structure of control interface monitors * @@ -23,13 +26,14 @@ struct wpa_ctrl_dst { socklen_t addrlen; int debug_level; int errors; + u32 events; /* WPA_EVENT_* bitmap */ }; void sockaddr_print(int level, const char *msg, struct sockaddr_storage *sock, socklen_t socklen); int ctrl_iface_attach(struct dl_list *ctrl_dst, struct sockaddr_storage *from, - socklen_t fromlen); + socklen_t fromlen, const char *input); int ctrl_iface_detach(struct dl_list *ctrl_dst, struct sockaddr_storage *from, socklen_t fromlen); int ctrl_iface_level(struct dl_list *ctrl_dst, struct sockaddr_storage *from, diff --git a/contrib/wpa/src/common/defs.h b/contrib/wpa/src/common/defs.h index 4f567945942e..c968cd6cb82a 100644 --- a/contrib/wpa/src/common/defs.h +++ b/contrib/wpa/src/common/defs.h @@ -1,6 +1,6 @@ /* * WPA Supplicant - Common definitions - * Copyright (c) 2004-2015, Jouni Malinen <j@w1.fi> + * Copyright (c) 2004-2018, Jouni Malinen <j@w1.fi> * * This software may be distributed under the terms of the BSD license. * See README for more details. @@ -51,16 +51,28 @@ typedef enum { FALSE = 0, TRUE = 1 } Boolean; #define WPA_KEY_MGMT_OSEN BIT(15) #define WPA_KEY_MGMT_IEEE8021X_SUITE_B BIT(16) #define WPA_KEY_MGMT_IEEE8021X_SUITE_B_192 BIT(17) +#define WPA_KEY_MGMT_FILS_SHA256 BIT(18) +#define WPA_KEY_MGMT_FILS_SHA384 BIT(19) +#define WPA_KEY_MGMT_FT_FILS_SHA256 BIT(20) +#define WPA_KEY_MGMT_FT_FILS_SHA384 BIT(21) +#define WPA_KEY_MGMT_OWE BIT(22) +#define WPA_KEY_MGMT_DPP BIT(23) +#define WPA_KEY_MGMT_FT_IEEE8021X_SHA384 BIT(24) static inline int wpa_key_mgmt_wpa_ieee8021x(int akm) { return !!(akm & (WPA_KEY_MGMT_IEEE8021X | WPA_KEY_MGMT_FT_IEEE8021X | + WPA_KEY_MGMT_FT_IEEE8021X_SHA384 | WPA_KEY_MGMT_CCKM | WPA_KEY_MGMT_OSEN | WPA_KEY_MGMT_IEEE8021X_SHA256 | WPA_KEY_MGMT_IEEE8021X_SUITE_B | - WPA_KEY_MGMT_IEEE8021X_SUITE_B_192)); + WPA_KEY_MGMT_IEEE8021X_SUITE_B_192 | + WPA_KEY_MGMT_FILS_SHA256 | + WPA_KEY_MGMT_FILS_SHA384 | + WPA_KEY_MGMT_FT_FILS_SHA256 | + WPA_KEY_MGMT_FT_FILS_SHA384)); } static inline int wpa_key_mgmt_wpa_psk(int akm) @@ -76,7 +88,15 @@ static inline int wpa_key_mgmt_ft(int akm) { return !!(akm & (WPA_KEY_MGMT_FT_PSK | WPA_KEY_MGMT_FT_IEEE8021X | - WPA_KEY_MGMT_FT_SAE)); + WPA_KEY_MGMT_FT_IEEE8021X_SHA384 | + WPA_KEY_MGMT_FT_SAE | + WPA_KEY_MGMT_FT_FILS_SHA256 | + WPA_KEY_MGMT_FT_FILS_SHA384)); +} + +static inline int wpa_key_mgmt_ft_psk(int akm) +{ + return !!(akm & WPA_KEY_MGMT_FT_PSK); } static inline int wpa_key_mgmt_sae(int akm) @@ -85,17 +105,32 @@ static inline int wpa_key_mgmt_sae(int akm) WPA_KEY_MGMT_FT_SAE)); } +static inline int wpa_key_mgmt_fils(int akm) +{ + return !!(akm & (WPA_KEY_MGMT_FILS_SHA256 | + WPA_KEY_MGMT_FILS_SHA384 | + WPA_KEY_MGMT_FT_FILS_SHA256 | + WPA_KEY_MGMT_FT_FILS_SHA384)); +} + static inline int wpa_key_mgmt_sha256(int akm) { return !!(akm & (WPA_KEY_MGMT_PSK_SHA256 | WPA_KEY_MGMT_IEEE8021X_SHA256 | + WPA_KEY_MGMT_SAE | + WPA_KEY_MGMT_FT_SAE | WPA_KEY_MGMT_OSEN | - WPA_KEY_MGMT_IEEE8021X_SUITE_B)); + WPA_KEY_MGMT_IEEE8021X_SUITE_B | + WPA_KEY_MGMT_FILS_SHA256 | + WPA_KEY_MGMT_FT_FILS_SHA256)); } static inline int wpa_key_mgmt_sha384(int akm) { - return !!(akm & WPA_KEY_MGMT_IEEE8021X_SUITE_B_192); + return !!(akm & (WPA_KEY_MGMT_IEEE8021X_SUITE_B_192 | + WPA_KEY_MGMT_FT_IEEE8021X_SHA384 | + WPA_KEY_MGMT_FILS_SHA384 | + WPA_KEY_MGMT_FT_FILS_SHA384)); } static inline int wpa_key_mgmt_suite_b(int akm) @@ -108,7 +143,10 @@ static inline int wpa_key_mgmt_wpa(int akm) { return wpa_key_mgmt_wpa_ieee8021x(akm) || wpa_key_mgmt_wpa_psk(akm) || - wpa_key_mgmt_sae(akm); + wpa_key_mgmt_fils(akm) || + wpa_key_mgmt_sae(akm) || + akm == WPA_KEY_MGMT_OWE || + akm == WPA_KEY_MGMT_DPP; } static inline int wpa_key_mgmt_wpa_any(int akm) @@ -132,7 +170,13 @@ static inline int wpa_key_mgmt_cckm(int akm) #define WPA_AUTH_ALG_LEAP BIT(2) #define WPA_AUTH_ALG_FT BIT(3) #define WPA_AUTH_ALG_SAE BIT(4) +#define WPA_AUTH_ALG_FILS BIT(5) +#define WPA_AUTH_ALG_FILS_SK_PFS BIT(6) +static inline int wpa_auth_alg_fils(int alg) +{ + return !!(alg & (WPA_AUTH_ALG_FILS | WPA_AUTH_ALG_FILS_SK_PFS)); +} enum wpa_alg { WPA_ALG_NONE, @@ -341,4 +385,18 @@ enum wpa_radio_work_band { BAND_60_GHZ = BIT(2), }; +enum beacon_rate_type { + BEACON_RATE_LEGACY, + BEACON_RATE_HT, + BEACON_RATE_VHT +}; + +enum eap_proxy_sim_state { + SIM_STATE_ERROR, +}; + +#define OCE_STA BIT(0) +#define OCE_STA_CFON BIT(1) +#define OCE_AP BIT(2) + #endif /* DEFS_H */ diff --git a/contrib/wpa/src/common/dhcp.h b/contrib/wpa/src/common/dhcp.h new file mode 100644 index 000000000000..d28445e7cbd7 --- /dev/null +++ b/contrib/wpa/src/common/dhcp.h @@ -0,0 +1,279 @@ +/* + * DHCP definitions + * Copyright (c) 2014-2017, Qualcomm Atheros, Inc. + * + * This software may be distributed under the terms of the BSD license. + * See README for more details. + */ + +#ifndef DHCP_H +#define DHCP_H + +/* + * Translate Linux to FreeBSD + */ +#define iphdr ip +#define ihl ip_hl +#define verson ip_v +#define tos ip_tos +#define tot_len ip_len +#define id ip_id +#define frag_off ip_off +#define ttl ip_ttl +#define protocol ip_p +#define check ip_sum +#define saddr ip_src +#define daddr ip_dst + +#include <netinet/ip.h> +#if __FAVOR_BSD +#include <netinet/udp.h> +#else +#define __FAVOR_BSD 1 +#include <netinet/udp.h> +#undef __FAVOR_BSD +#endif + +#define DHCP_SERVER_PORT 67 +#define DHCP_CLIENT_PORT 68 + +struct dhcp_data { + u8 op; + u8 htype; + u8 hlen; + u8 hops; + be32 xid; + be16 secs; + be16 flags; + be32 client_ip; + be32 your_ip; + be32 server_ip; + be32 relay_ip; + u8 hw_addr[16]; + u8 serv_name[64]; + u8 boot_file[128]; +} STRUCT_PACKED; + +struct bootp_pkt { + struct iphdr iph; + struct udphdr udph; + u8 op; + u8 htype; + u8 hlen; + u8 hops; + be32 xid; + be16 secs; + be16 flags; + be32 client_ip; + be32 your_ip; + be32 server_ip; + be32 relay_ip; + u8 hw_addr[16]; + u8 serv_name[64]; + u8 boot_file[128]; + u8 exten[312]; +} STRUCT_PACKED; + +#define DHCP_MAGIC 0x63825363 + +/* + * IANA DHCP/BOOTP registry + * http://www.iana.org/assignments/bootp-dhcp-parameters/bootp-dhcp-parameters.xhtml +*/ +enum dhcp_options { + DHCP_OPT_PAD = 0, + DHCP_OPT_SUBNET_MASK = 1, + DHCP_OPT_TIME_OFFSET = 2, + DHCP_OPT_ROUTER = 3, + DHCP_OPT_TIME_SERVER = 4, + DHCP_OPT_NAME_SERVER = 5, + DHCP_OPT_DOMAIN_NAME_SERVER = 6, + DHCP_OPT_LOG_SERVER = 7, + DHCP_OPT_QUOTES_SERVER = 8, + DHCP_OPT_LPR_SERVER = 9, + DHCP_OPT_IMPRESS_SERVER = 10, + DHCP_OPT_RLP_SERVER = 11, + DHCP_OPT_HOSTNAME = 12, + DHCP_OPT_BOOT_FILE_SIZE = 13, + DHCP_OPT_MERIT_DUMP_FILE = 14, + DHCP_OPT_DOMAIN_NAME = 15, + DHCP_OPT_SWAP_SERVER = 16, + DHCP_OPT_ROOT_PATH = 17, + DHCP_OPT_EXTENSION_PATH = 18, + DHCP_OPT_FORWARD = 19, + DHCP_OPT_SRC_RTE = 20, + DHCP_OPT_POLICY_FILTER = 21, + DHCP_OPT_MAX_DG_ASSEMBLY = 22, + DHCP_OPT_DEFAULT_IP_TTL = 23, + DHCP_OPT_MTU_TIMEOUT = 24, + DHCP_OPT_MTU_PLATEAU = 25, + DHCP_OPT_MTU_INTERFACE = 26, + DHCP_OPT_ALL_SUBNETS_LOCAL = 27, + DHCP_OPT_BROADCAST_ADDRESS = 28, + DHCP_OPT_MASK_DISCOVERY = 29, + DHCP_OPT_MASK_SUPPLIER = 30, + DHCP_OPT_ROUTER_DISCOVERY = 31, + DHCP_OPT_ROUTER_SOLICITATION_ADDRESS = 32, + DHCP_OPT_STATIC_ROUTE = 33, + DHCP_OPT_TRAILERS = 34, + DHCP_OPT_ARP_TIMEOUT = 35, + DHCP_OPT_ETHERNET = 36, + DHCP_OPT_TCP_DEFAULT_TTL = 37, + DHCP_OPT_TCP_KEEPALIVE_INTERVAL = 38, + DHCP_OPT_TCP_KEEPALIVE_GARBAGE = 39, + DHCP_OPT_NIS_DOMAIN = 40, + DHCP_OPT_NIS_SERVERS = 41, + DHCP_OPT_NTP_SERVERS = 42, + DHCP_OPT_VENDOR_SPECIFIC = 43, + DHCP_OPT_NETBIOS_NAME_SERVER = 44, + DHCP_OPT_NETBIOS_DISTRIBUTION_SERVER = 45, + DHCP_OPT_NETBIOS_NODE_TYPE = 46, + DHCP_OPT_NETBIOS_SCOPE = 47, + DHCP_OPT_FONT_SERVER = 48, + DHCP_OPT_DISPLAY_MANAGER = 49, + DHCP_OPT_REQUESTED_IP_ADDRESS = 50, + DHCP_OPT_IP_ADDRESS_LEASE_TIME = 51, + DHCP_OPT_OVERLOAD = 52, + DHCP_OPT_MSG_TYPE = 53, + DHCP_OPT_SERVER_ID = 54, + DHCP_OPT_PARAMETER_REQ_LIST = 55, + DHCP_OPT_MESSAGE = 56, + DHCP_OPT_MAX_MESSAGE_SIZE = 57, + DHCP_OPT_RENEWAL_TIME = 58, + DHCP_OPT_REBINDING_TIME = 59, + DHCP_OPT_VENDOR_CLASS_ID = 60, + DHCP_OPT_CLIENT_ID = 61, + DHCP_OPT_NETWARE_IP_DOMAIN = 62, + DHCP_OPT_NETWARE_IP_OPTION = 63, + DHCP_OPT_NIS_V3_DOMAIN = 64, + DHCP_OPT_NIS_V3_SERVERS = 65, + DHCP_OPT_TFTP_SERVER_NAME = 66, + DHCP_OPT_BOOT_FILE_NAME = 67, + DHCP_OPT_HOME_AGENT_ADDRESSES = 68, + DHCP_OPT_SMTP_SERVER = 69, + DHCP_OPT_POP3_SERVER = 70, + DHCP_OPT_NNTP_SERVER = 71, + DHCP_OPT_WWW_SERVER = 72, + DHCP_OPT_FINGER_SERVER = 73, + DHCP_OPT_IRC_SERVER = 74, + DHCP_OPT_STREETTALK_SERVER = 75, + DHCP_OPT_STDA_SERVER = 76, + DHCP_OPT_USER_CLASS = 77, + DHCP_OPT_DIRECTORY_AGENT = 78, + DHCP_OPT_SERVICE_SCOPE = 79, + DHCP_OPT_RAPID_COMMIT = 80, + DHCP_OPT_CLIENT_FQDN = 81, + DHCP_OPT_RELAY_AGENT_INFO = 82, + DHCP_OPT_ISNS = 83, + DHCP_OPT_NDS_SERVERS = 85, + DHCP_OPT_NDS_TREE_NAME = 86, + DHCP_OPT_NDS_CONTEXT = 87, + DHCP_OPT_BCMCS_CONTROLLER_DOMAIN_NAME_LIST = 88, + DHCP_OPT_BCMCS_CONTROLLER_IPV4_ADDRESS = 89, + DHCP_OPT_AUTHENTICATION = 90, + DHCP_OPT_CLIENT_LAST_TRANSACTION_TIME = 91, + DHCP_OPT_ASSOCIATED_IP = 92, + DHCP_OPT_CLIENT_SYSYEM = 93, + DHCP_OPT_CLIENT_NDI = 94, + DHCP_OPT_LDAP = 95, + DHCP_OPT_UUID_GUID = 97, + DHCP_OPT_USER_AUTH = 98, + DHCP_OPT_GEOCONF_CIVIC = 99, + DHCP_OPT_PCODE = 100, + DHCP_OPT_TCODE = 101, + DHCP_OPT_NETINFO_ADDRESS = 112, + DHCP_OPT_NETINFO_TAG = 113, + DHCP_OPT_URL = 114, + DHCP_OPT_AUTO_CONFIG = 116, + DHCP_OPT_NAME_SERVICE_SEARCH = 117, + DHCP_OPT_SUBNET_SELECTION = 118, + DHCP_OPT_DOMAIN_SEARCH = 119, + DHCP_OPT_SIP_SERVERS_DCP = 120, + DHCP_OPT_CLASSLESS_STATIC_ROUTE = 121, + DHCP_OPT_CCC = 122, + DHCP_OPT_GEOCONF = 123, + DHCP_OPT_V_I_VENDOR_CLASS = 124, + DHCP_OPT_V_I_VENDOR_SPECIFIC_INFO = 125, + DHCP_OPT_PANA_AGENT = 136, + DHCP_OPT_V4_LOST = 137, + DHCP_OPT_CAPWAP_AC_V4 = 138, + DHCP_OPT_IPV4_ADDRESS_MOS = 139, + DHCP_OPT_IPV4_FQDN_MOS = 140, + DHCP_OPT_SIP_UA_CONF = 141, + DHCP_OPT_IPV4_ADDRESS_ANDSF = 142, + DHCP_OPT_GEOLOC = 144, + DHCP_OPT_FORCERENEW_NONCE_CAPABLE = 145, + DHCP_OPT_RDNSS_SELECTION = 146, + DHCP_OPT_TFTP_SERVER_ADDRESS = 150, + DHCP_OPT_STATUS_CODE = 151, + DHCP_OPT_BASE_TIME = 152, + DHCP_OPT_START_TIME_OF_STATE = 153, + DHCP_OPT_QUERY_START_TIME = 154, + DHCP_OPT_QUERY_END_TIME = 155, + DHCP_OPT_STATE = 156, + DHCP_OPT_DATA_SOURCE = 157, + DHCP_OPT_V4_PCP_SERVER = 158, + DHCP_OPT_V4_PORTPARAMS = 159, + DHCP_OPT_CAPTIVE_PORTAL = 160, + DHCP_OPT_CONF_FILE = 209, + DHCP_OPT_PATH_PREFIX = 210, + DHCP_OPT_REBOOT_TIME = 211, + DHCP_OPT_6RD = 212, + DHCP_OPT_V4_ACCESS_DOMAIN = 213, + DHCP_OPT_SUBNET_ALLOCATION = 220, + DHCP_OPT_VSS = 221, + DHCP_OPT_END = 255 +}; + +enum dhcp_message_types { + DHCPDISCOVER = 1, + DHCPOFFER = 2, + DHCPREQUEST = 3, + DHCPDECLINE = 4, + DHCPACK = 5, + DHCPNAK = 6, + DHCPRELEASE = 7, + DHCPINFORM = 8, + DHCPFORCERENEW = 9, + DHCPLEASEQUERY = 10, + DHCPLEASEUNASSIGNED = 11, + DHCPLEASEUNKNOWN = 12, + DHCPLEASEACTIVE = 13, + DHCPBULKLEASEQUERY = 14, + DHCPLEASEQUERYDONE = 15, + DHCPACTIVELEASEQUERY = 16, + DHCPLEASEQUERYSTATUS = 17, + DHCPTLS = 18, +}; + +enum dhcp_relay_agent_suboptions { + DHCP_RELAY_OPT_AGENT_CIRCUIT_ID = 1, + DHCP_RELAY_OPT_AGENT_REMOTE_ID = 2, + DHCP_RELAY_OPT_DOCSIS_DEVICE_CLASS = 4, + DHCP_RELAY_OPT_LINK_SELECTION = 5, + DHCP_RELAY_OPT_SUBSCRIBE_ID = 6, + DHCP_RELAY_OPT_RADIUS_ATTRIBUTES = 7, + DHCP_RELAY_OPT_AUTHENTICATION = 8, + DHCP_RELAY_OPT_VEDOR_SPECIFIC = 9, + DHCP_RELAY_OPT_RELAY_AGENT_FLAGS = 10, + DHCP_RELAY_OPT_SERVER_ID_OVERRIDE = 11, + DHCP_RELAY_OPT_RELAY_AGENT_ID = 12, + DHCP_RELAY_OPT_ACCESS_TECHNOLOGY_TYPE = 13, + DHCP_RELAY_OPT_ACCESS_NETWORK_NAME = 14, + DHCP_RELAY_OPT_ACCESS_POINT_NAME = 15, + DHCP_RELAY_OPT_ACCESS_POINT_BSSID = 16, + DHCP_RELAY_OPT_OPERATOR_ID = 17, + DHCP_RELAY_OPT_OPERATOR_REALM = 18, + DHCP_RELAY_OPT_DHCPV4_VIRTUAL_SUBNET_SELECTION = 151, + DHCP_RELAY_OPT_DHCPV4_VIRTUAL_SUBNET_SELECTION_CONTROL = 152, +}; + +enum access_technology_types { + ACCESS_TECHNOLOGY_VIRTUAL = 1, + ACCESS_TECHNOLOGY_PPP = 2, + ACCESS_TECHNOLOGY_ETHERNET = 3, + ACCESS_TECHNOLOGY_WLAN = 4, + ACCESS_TECHNOLOGY_WIMAX = 5, +}; + +#endif /* DHCP_H */ diff --git a/contrib/wpa/src/common/dpp.c b/contrib/wpa/src/common/dpp.c new file mode 100644 index 000000000000..e715e0454d72 --- /dev/null +++ b/contrib/wpa/src/common/dpp.c @@ -0,0 +1,7691 @@ +/* + * DPP functionality shared between hostapd and wpa_supplicant + * Copyright (c) 2017, Qualcomm Atheros, Inc. + * + * This software may be distributed under the terms of the BSD license. + * See README for more details. + */ + +#include "utils/includes.h" +#include <openssl/opensslv.h> +#include <openssl/err.h> +#include <openssl/asn1.h> +#include <openssl/asn1t.h> + +#include "utils/common.h" +#include "utils/base64.h" +#include "utils/json.h" +#include "common/ieee802_11_common.h" +#include "common/ieee802_11_defs.h" +#include "common/wpa_ctrl.h" +#include "crypto/crypto.h" +#include "crypto/random.h" +#include "crypto/aes.h" +#include "crypto/aes_siv.h" +#include "crypto/sha384.h" +#include "crypto/sha512.h" +#include "drivers/driver.h" +#include "dpp.h" + + +#ifdef CONFIG_TESTING_OPTIONS +enum dpp_test_behavior dpp_test = DPP_TEST_DISABLED; +u8 dpp_pkex_own_mac_override[ETH_ALEN] = { 0, 0, 0, 0, 0, 0 }; +u8 dpp_pkex_peer_mac_override[ETH_ALEN] = { 0, 0, 0, 0, 0, 0 }; +u8 dpp_pkex_ephemeral_key_override[600]; +size_t dpp_pkex_ephemeral_key_override_len = 0; +u8 dpp_protocol_key_override[600]; +size_t dpp_protocol_key_override_len = 0; +u8 dpp_nonce_override[DPP_MAX_NONCE_LEN]; +size_t dpp_nonce_override_len = 0; + +static int dpp_test_gen_invalid_key(struct wpabuf *msg, + const struct dpp_curve_params *curve); +#endif /* CONFIG_TESTING_OPTIONS */ + +#if OPENSSL_VERSION_NUMBER < 0x10100000L || \ + (defined(LIBRESSL_VERSION_NUMBER) && \ + LIBRESSL_VERSION_NUMBER < 0x20700000L) +/* Compatibility wrappers for older versions. */ + +static int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s) +{ + sig->r = r; + sig->s = s; + return 1; +} + + +static void ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, + const BIGNUM **ps) +{ + if (pr) + *pr = sig->r; + if (ps) + *ps = sig->s; +} + +#endif + + +static const struct dpp_curve_params dpp_curves[] = { + /* The mandatory to support and the default NIST P-256 curve needs to + * be the first entry on this list. */ + { "prime256v1", 32, 32, 16, 32, "P-256", 19, "ES256" }, + { "secp384r1", 48, 48, 24, 48, "P-384", 20, "ES384" }, + { "secp521r1", 64, 64, 32, 66, "P-521", 21, "ES512" }, + { "brainpoolP256r1", 32, 32, 16, 32, "BP-256", 28, "BS256" }, + { "brainpoolP384r1", 48, 48, 24, 48, "BP-384", 29, "BS384" }, + { "brainpoolP512r1", 64, 64, 32, 64, "BP-512", 30, "BS512" }, + { NULL, 0, 0, 0, 0, NULL, 0, NULL } +}; + + +/* Role-specific elements for PKEX */ + +/* NIST P-256 */ +static const u8 pkex_init_x_p256[32] = { + 0x56, 0x26, 0x12, 0xcf, 0x36, 0x48, 0xfe, 0x0b, + 0x07, 0x04, 0xbb, 0x12, 0x22, 0x50, 0xb2, 0x54, + 0xb1, 0x94, 0x64, 0x7e, 0x54, 0xce, 0x08, 0x07, + 0x2e, 0xec, 0xca, 0x74, 0x5b, 0x61, 0x2d, 0x25 + }; +static const u8 pkex_init_y_p256[32] = { + 0x3e, 0x44, 0xc7, 0xc9, 0x8c, 0x1c, 0xa1, 0x0b, + 0x20, 0x09, 0x93, 0xb2, 0xfd, 0xe5, 0x69, 0xdc, + 0x75, 0xbc, 0xad, 0x33, 0xc1, 0xe7, 0xc6, 0x45, + 0x4d, 0x10, 0x1e, 0x6a, 0x3d, 0x84, 0x3c, 0xa4 + }; +static const u8 pkex_resp_x_p256[32] = { + 0x1e, 0xa4, 0x8a, 0xb1, 0xa4, 0xe8, 0x42, 0x39, + 0xad, 0x73, 0x07, 0xf2, 0x34, 0xdf, 0x57, 0x4f, + 0xc0, 0x9d, 0x54, 0xbe, 0x36, 0x1b, 0x31, 0x0f, + 0x59, 0x91, 0x52, 0x33, 0xac, 0x19, 0x9d, 0x76 +}; +static const u8 pkex_resp_y_p256[32] = { + 0xd9, 0xfb, 0xf6, 0xb9, 0xf5, 0xfa, 0xdf, 0x19, + 0x58, 0xd8, 0x3e, 0xc9, 0x89, 0x7a, 0x35, 0xc1, + 0xbd, 0xe9, 0x0b, 0x77, 0x7a, 0xcb, 0x91, 0x2a, + 0xe8, 0x21, 0x3f, 0x47, 0x52, 0x02, 0x4d, 0x67 +}; + +/* NIST P-384 */ +static const u8 pkex_init_x_p384[48] = { + 0x95, 0x3f, 0x42, 0x9e, 0x50, 0x7f, 0xf9, 0xaa, + 0xac, 0x1a, 0xf2, 0x85, 0x2e, 0x64, 0x91, 0x68, + 0x64, 0xc4, 0x3c, 0xb7, 0x5c, 0xf8, 0xc9, 0x53, + 0x6e, 0x58, 0x4c, 0x7f, 0xc4, 0x64, 0x61, 0xac, + 0x51, 0x8a, 0x6f, 0xfe, 0xab, 0x74, 0xe6, 0x12, + 0x81, 0xac, 0x38, 0x5d, 0x41, 0xe6, 0xb9, 0xa3 +}; +static const u8 pkex_init_y_p384[48] = { + 0x76, 0x2f, 0x68, 0x84, 0xa6, 0xb0, 0x59, 0x29, + 0x83, 0xa2, 0x6c, 0xa4, 0x6c, 0x3b, 0xf8, 0x56, + 0x76, 0x11, 0x2a, 0x32, 0x90, 0xbd, 0x07, 0xc7, + 0x37, 0x39, 0x9d, 0xdb, 0x96, 0xf3, 0x2b, 0xb6, + 0x27, 0xbb, 0x29, 0x3c, 0x17, 0x33, 0x9d, 0x94, + 0xc3, 0xda, 0xac, 0x46, 0xb0, 0x8e, 0x07, 0x18 +}; +static const u8 pkex_resp_x_p384[48] = { + 0xad, 0xbe, 0xd7, 0x1d, 0x3a, 0x71, 0x64, 0x98, + 0x5f, 0xb4, 0xd6, 0x4b, 0x50, 0xd0, 0x84, 0x97, + 0x4b, 0x7e, 0x57, 0x70, 0xd2, 0xd9, 0xf4, 0x92, + 0x2a, 0x3f, 0xce, 0x99, 0xc5, 0x77, 0x33, 0x44, + 0x14, 0x56, 0x92, 0xcb, 0xae, 0x46, 0x64, 0xdf, + 0xe0, 0xbb, 0xd7, 0xb1, 0x29, 0x20, 0x72, 0xdf +}; +static const u8 pkex_resp_y_p384[48] = { + 0xab, 0xa7, 0xdf, 0x52, 0xaa, 0xe2, 0x35, 0x0c, + 0xe3, 0x75, 0x32, 0xe6, 0xbf, 0x06, 0xc8, 0x7c, + 0x38, 0x29, 0x4c, 0xec, 0x82, 0xac, 0xd7, 0xa3, + 0x09, 0xd2, 0x0e, 0x22, 0x5a, 0x74, 0x52, 0xa1, + 0x7e, 0x54, 0x4e, 0xfe, 0xc6, 0x29, 0x33, 0x63, + 0x15, 0xe1, 0x7b, 0xe3, 0x40, 0x1c, 0xca, 0x06 +}; + +/* NIST P-521 */ +static const u8 pkex_init_x_p521[66] = { + 0x00, 0x16, 0x20, 0x45, 0x19, 0x50, 0x95, 0x23, + 0x0d, 0x24, 0xbe, 0x00, 0x87, 0xdc, 0xfa, 0xf0, + 0x58, 0x9a, 0x01, 0x60, 0x07, 0x7a, 0xca, 0x76, + 0x01, 0xab, 0x2d, 0x5a, 0x46, 0xcd, 0x2c, 0xb5, + 0x11, 0x9a, 0xff, 0xaa, 0x48, 0x04, 0x91, 0x38, + 0xcf, 0x86, 0xfc, 0xa4, 0xa5, 0x0f, 0x47, 0x01, + 0x80, 0x1b, 0x30, 0xa3, 0xae, 0xe8, 0x1c, 0x2e, + 0xea, 0xcc, 0xf0, 0x03, 0x9f, 0x77, 0x4c, 0x8d, + 0x97, 0x76 +}; +static const u8 pkex_init_y_p521[66] = { + 0x00, 0xb3, 0x8e, 0x02, 0xe4, 0x2a, 0x63, 0x59, + 0x12, 0xc6, 0x10, 0xba, 0x3a, 0xf9, 0x02, 0x99, + 0x3f, 0x14, 0xf0, 0x40, 0xde, 0x5c, 0xc9, 0x8b, + 0x02, 0x55, 0xfa, 0x91, 0xb1, 0xcc, 0x6a, 0xbd, + 0xe5, 0x62, 0xc0, 0xc5, 0xe3, 0xa1, 0x57, 0x9f, + 0x08, 0x1a, 0xa6, 0xe2, 0xf8, 0x55, 0x90, 0xbf, + 0xf5, 0xa6, 0xc3, 0xd8, 0x52, 0x1f, 0xb7, 0x02, + 0x2e, 0x7c, 0xc8, 0xb3, 0x20, 0x1e, 0x79, 0x8d, + 0x03, 0xa8 +}; +static const u8 pkex_resp_x_p521[66] = { + 0x00, 0x79, 0xe4, 0x4d, 0x6b, 0x5e, 0x12, 0x0a, + 0x18, 0x2c, 0xb3, 0x05, 0x77, 0x0f, 0xc3, 0x44, + 0x1a, 0xcd, 0x78, 0x46, 0x14, 0xee, 0x46, 0x3f, + 0xab, 0xc9, 0x59, 0x7c, 0x85, 0xa0, 0xc2, 0xfb, + 0x02, 0x32, 0x99, 0xde, 0x5d, 0xe1, 0x0d, 0x48, + 0x2d, 0x71, 0x7d, 0x8d, 0x3f, 0x61, 0x67, 0x9e, + 0x2b, 0x8b, 0x12, 0xde, 0x10, 0x21, 0x55, 0x0a, + 0x5b, 0x2d, 0xe8, 0x05, 0x09, 0xf6, 0x20, 0x97, + 0x84, 0xb4 +}; +static const u8 pkex_resp_y_p521[66] = { + 0x00, 0x46, 0x63, 0x39, 0xbe, 0xcd, 0xa4, 0x2d, + 0xca, 0x27, 0x74, 0xd4, 0x1b, 0x91, 0x33, 0x20, + 0x83, 0xc7, 0x3b, 0xa4, 0x09, 0x8b, 0x8e, 0xa3, + 0x88, 0xe9, 0x75, 0x7f, 0x56, 0x7b, 0x38, 0x84, + 0x62, 0x02, 0x7c, 0x90, 0x51, 0x07, 0xdb, 0xe9, + 0xd0, 0xde, 0xda, 0x9a, 0x5d, 0xe5, 0x94, 0xd2, + 0xcf, 0x9d, 0x4c, 0x33, 0x91, 0xa6, 0xc3, 0x80, + 0xa7, 0x6e, 0x7e, 0x8d, 0xf8, 0x73, 0x6e, 0x53, + 0xce, 0xe1 +}; + +/* Brainpool P-256r1 */ +static const u8 pkex_init_x_bp_p256r1[32] = { + 0x46, 0x98, 0x18, 0x6c, 0x27, 0xcd, 0x4b, 0x10, + 0x7d, 0x55, 0xa3, 0xdd, 0x89, 0x1f, 0x9f, 0xca, + 0xc7, 0x42, 0x5b, 0x8a, 0x23, 0xed, 0xf8, 0x75, + 0xac, 0xc7, 0xe9, 0x8d, 0xc2, 0x6f, 0xec, 0xd8 +}; +static const u8 pkex_init_y_bp_p256r1[32] = { + 0x93, 0xca, 0xef, 0xa9, 0x66, 0x3e, 0x87, 0xcd, + 0x52, 0x6e, 0x54, 0x13, 0xef, 0x31, 0x67, 0x30, + 0x15, 0x13, 0x9d, 0x6d, 0xc0, 0x95, 0x32, 0xbe, + 0x4f, 0xab, 0x5d, 0xf7, 0xbf, 0x5e, 0xaa, 0x0b +}; +static const u8 pkex_resp_x_bp_p256r1[32] = { + 0x90, 0x18, 0x84, 0xc9, 0xdc, 0xcc, 0xb5, 0x2f, + 0x4a, 0x3f, 0x4f, 0x18, 0x0a, 0x22, 0x56, 0x6a, + 0xa9, 0xef, 0xd4, 0xe6, 0xc3, 0x53, 0xc2, 0x1a, + 0x23, 0x54, 0xdd, 0x08, 0x7e, 0x10, 0xd8, 0xe3 +}; +static const u8 pkex_resp_y_bp_p256r1[32] = { + 0x2a, 0xfa, 0x98, 0x9b, 0xe3, 0xda, 0x30, 0xfd, + 0x32, 0x28, 0xcb, 0x66, 0xfb, 0x40, 0x7f, 0xf2, + 0xb2, 0x25, 0x80, 0x82, 0x44, 0x85, 0x13, 0x7e, + 0x4b, 0xb5, 0x06, 0xc0, 0x03, 0x69, 0x23, 0x64 +}; + +/* Brainpool P-384r1 */ +static const u8 pkex_init_x_bp_p384r1[48] = { + 0x0a, 0x2c, 0xeb, 0x49, 0x5e, 0xb7, 0x23, 0xbd, + 0x20, 0x5b, 0xe0, 0x49, 0xdf, 0xcf, 0xcf, 0x19, + 0x37, 0x36, 0xe1, 0x2f, 0x59, 0xdb, 0x07, 0x06, + 0xb5, 0xeb, 0x2d, 0xae, 0xc2, 0xb2, 0x38, 0x62, + 0xa6, 0x73, 0x09, 0xa0, 0x6c, 0x0a, 0xa2, 0x30, + 0x99, 0xeb, 0xf7, 0x1e, 0x47, 0xb9, 0x5e, 0xbe +}; +static const u8 pkex_init_y_bp_p384r1[48] = { + 0x54, 0x76, 0x61, 0x65, 0x75, 0x5a, 0x2f, 0x99, + 0x39, 0x73, 0xca, 0x6c, 0xf9, 0xf7, 0x12, 0x86, + 0x54, 0xd5, 0xd4, 0xad, 0x45, 0x7b, 0xbf, 0x32, + 0xee, 0x62, 0x8b, 0x9f, 0x52, 0xe8, 0xa0, 0xc9, + 0xb7, 0x9d, 0xd1, 0x09, 0xb4, 0x79, 0x1c, 0x3e, + 0x1a, 0xbf, 0x21, 0x45, 0x66, 0x6b, 0x02, 0x52 +}; +static const u8 pkex_resp_x_bp_p384r1[48] = { + 0x03, 0xa2, 0x57, 0xef, 0xe8, 0x51, 0x21, 0xa0, + 0xc8, 0x9e, 0x21, 0x02, 0xb5, 0x9a, 0x36, 0x25, + 0x74, 0x22, 0xd1, 0xf2, 0x1b, 0xa8, 0x9a, 0x9b, + 0x97, 0xbc, 0x5a, 0xeb, 0x26, 0x15, 0x09, 0x71, + 0x77, 0x59, 0xec, 0x8b, 0xb7, 0xe1, 0xe8, 0xce, + 0x65, 0xb8, 0xaf, 0xf8, 0x80, 0xae, 0x74, 0x6c +}; +static const u8 pkex_resp_y_bp_p384r1[48] = { + 0x2f, 0xd9, 0x6a, 0xc7, 0x3e, 0xec, 0x76, 0x65, + 0x2d, 0x38, 0x7f, 0xec, 0x63, 0x26, 0x3f, 0x04, + 0xd8, 0x4e, 0xff, 0xe1, 0x0a, 0x51, 0x74, 0x70, + 0xe5, 0x46, 0x63, 0x7f, 0x5c, 0xc0, 0xd1, 0x7c, + 0xfb, 0x2f, 0xea, 0xe2, 0xd8, 0x0f, 0x84, 0xcb, + 0xe9, 0x39, 0x5c, 0x64, 0xfe, 0xcb, 0x2f, 0xf1 +}; + +/* Brainpool P-512r1 */ +static const u8 pkex_init_x_bp_p512r1[64] = { + 0x4c, 0xe9, 0xb6, 0x1c, 0xe2, 0x00, 0x3c, 0x9c, + 0xa9, 0xc8, 0x56, 0x52, 0xaf, 0x87, 0x3e, 0x51, + 0x9c, 0xbb, 0x15, 0x31, 0x1e, 0xc1, 0x05, 0xfc, + 0x7c, 0x77, 0xd7, 0x37, 0x61, 0x27, 0xd0, 0x95, + 0x98, 0xee, 0x5d, 0xa4, 0x3d, 0x09, 0xdb, 0x3d, + 0xfa, 0x89, 0x9e, 0x7f, 0xa6, 0xa6, 0x9c, 0xff, + 0x83, 0x5c, 0x21, 0x6c, 0x3e, 0xf2, 0xfe, 0xdc, + 0x63, 0xe4, 0xd1, 0x0e, 0x75, 0x45, 0x69, 0x0f +}; +static const u8 pkex_init_y_bp_p512r1[64] = { + 0x50, 0xb5, 0x9b, 0xfa, 0x45, 0x67, 0x75, 0x94, + 0x44, 0xe7, 0x68, 0xb0, 0xeb, 0x3e, 0xb3, 0xb8, + 0xf9, 0x99, 0x05, 0xef, 0xae, 0x6c, 0xbc, 0xe3, + 0xe1, 0xd2, 0x51, 0x54, 0xdf, 0x59, 0xd4, 0x45, + 0x41, 0x3a, 0xa8, 0x0b, 0x76, 0x32, 0x44, 0x0e, + 0x07, 0x60, 0x3a, 0x6e, 0xbe, 0xfe, 0xe0, 0x58, + 0x52, 0xa0, 0xaa, 0x8b, 0xd8, 0x5b, 0xf2, 0x71, + 0x11, 0x9a, 0x9e, 0x8f, 0x1a, 0xd1, 0xc9, 0x99 +}; +static const u8 pkex_resp_x_bp_p512r1[64] = { + 0x2a, 0x60, 0x32, 0x27, 0xa1, 0xe6, 0x94, 0x72, + 0x1c, 0x48, 0xbe, 0xc5, 0x77, 0x14, 0x30, 0x76, + 0xe4, 0xbf, 0xf7, 0x7b, 0xc5, 0xfd, 0xdf, 0x19, + 0x1e, 0x0f, 0xdf, 0x1c, 0x40, 0xfa, 0x34, 0x9e, + 0x1f, 0x42, 0x24, 0xa3, 0x2c, 0xd5, 0xc7, 0xc9, + 0x7b, 0x47, 0x78, 0x96, 0xf1, 0x37, 0x0e, 0x88, + 0xcb, 0xa6, 0x52, 0x29, 0xd7, 0xa8, 0x38, 0x29, + 0x8e, 0x6e, 0x23, 0x47, 0xd4, 0x4b, 0x70, 0x3e +}; +static const u8 pkex_resp_y_bp_p512r1[64] = { + 0x80, 0x1f, 0x43, 0xd2, 0x17, 0x35, 0xec, 0x81, + 0xd9, 0x4b, 0xdc, 0x81, 0x19, 0xd9, 0x5f, 0x68, + 0x16, 0x84, 0xfe, 0x63, 0x4b, 0x8d, 0x5d, 0xaa, + 0x88, 0x4a, 0x47, 0x48, 0xd4, 0xea, 0xab, 0x7d, + 0x6a, 0xbf, 0xe1, 0x28, 0x99, 0x6a, 0x87, 0x1c, + 0x30, 0xb4, 0x44, 0x2d, 0x75, 0xac, 0x35, 0x09, + 0x73, 0x24, 0x3d, 0xb4, 0x43, 0xb1, 0xc1, 0x56, + 0x56, 0xad, 0x30, 0x87, 0xf4, 0xc3, 0x00, 0xc7 +}; + + +static void dpp_debug_print_point(const char *title, const EC_GROUP *group, + const EC_POINT *point) +{ + BIGNUM *x, *y; + BN_CTX *ctx; + char *x_str = NULL, *y_str = NULL; + + if (!wpa_debug_show_keys) + return; + + ctx = BN_CTX_new(); + x = BN_new(); + y = BN_new(); + if (!ctx || !x || !y || + EC_POINT_get_affine_coordinates_GFp(group, point, x, y, ctx) != 1) + goto fail; + + x_str = BN_bn2hex(x); + y_str = BN_bn2hex(y); + if (!x_str || !y_str) + goto fail; + + wpa_printf(MSG_DEBUG, "%s (%s,%s)", title, x_str, y_str); + +fail: + OPENSSL_free(x_str); + OPENSSL_free(y_str); + BN_free(x); + BN_free(y); + BN_CTX_free(ctx); +} + + +static int dpp_hash_vector(const struct dpp_curve_params *curve, + size_t num_elem, const u8 *addr[], const size_t *len, + u8 *mac) +{ + if (curve->hash_len == 32) + return sha256_vector(num_elem, addr, len, mac); + if (curve->hash_len == 48) + return sha384_vector(num_elem, addr, len, mac); + if (curve->hash_len == 64) + return sha512_vector(num_elem, addr, len, mac); + return -1; +} + + +static int dpp_hkdf_expand(size_t hash_len, const u8 *secret, size_t secret_len, + const char *label, u8 *out, size_t outlen) +{ + if (hash_len == 32) + return hmac_sha256_kdf(secret, secret_len, NULL, + (const u8 *) label, os_strlen(label), + out, outlen); + if (hash_len == 48) + return hmac_sha384_kdf(secret, secret_len, NULL, + (const u8 *) label, os_strlen(label), + out, outlen); + if (hash_len == 64) + return hmac_sha512_kdf(secret, secret_len, NULL, + (const u8 *) label, os_strlen(label), + out, outlen); + return -1; +} + + +static int dpp_hmac_vector(size_t hash_len, const u8 *key, size_t key_len, + size_t num_elem, const u8 *addr[], + const size_t *len, u8 *mac) +{ + if (hash_len == 32) + return hmac_sha256_vector(key, key_len, num_elem, addr, len, + mac); + if (hash_len == 48) + return hmac_sha384_vector(key, key_len, num_elem, addr, len, + mac); + if (hash_len == 64) + return hmac_sha512_vector(key, key_len, num_elem, addr, len, + mac); + return -1; +} + + +static int dpp_hmac(size_t hash_len, const u8 *key, size_t key_len, + const u8 *data, size_t data_len, u8 *mac) +{ + if (hash_len == 32) + return hmac_sha256(key, key_len, data, data_len, mac); + if (hash_len == 48) + return hmac_sha384(key, key_len, data, data_len, mac); + if (hash_len == 64) + return hmac_sha512(key, key_len, data, data_len, mac); + return -1; +} + + +static int dpp_bn2bin_pad(const BIGNUM *bn, u8 *pos, size_t len) +{ + int num_bytes, offset; + + num_bytes = BN_num_bytes(bn); + if ((size_t) num_bytes > len) + return -1; + offset = len - num_bytes; + os_memset(pos, 0, offset); + BN_bn2bin(bn, pos + offset); + return 0; +} + + +static struct wpabuf * dpp_get_pubkey_point(EVP_PKEY *pkey, int prefix) +{ + int len, res; + EC_KEY *eckey; + struct wpabuf *buf; + unsigned char *pos; + + eckey = EVP_PKEY_get1_EC_KEY(pkey); + if (!eckey) + return NULL; + EC_KEY_set_conv_form(eckey, POINT_CONVERSION_UNCOMPRESSED); + len = i2o_ECPublicKey(eckey, NULL); + if (len <= 0) { + wpa_printf(MSG_ERROR, + "DDP: Failed to determine public key encoding length"); + EC_KEY_free(eckey); + return NULL; + } + + buf = wpabuf_alloc(len); + if (!buf) { + EC_KEY_free(eckey); + return NULL; + } + + pos = wpabuf_put(buf, len); + res = i2o_ECPublicKey(eckey, &pos); + EC_KEY_free(eckey); + if (res != len) { + wpa_printf(MSG_ERROR, + "DDP: Failed to encode public key (res=%d/%d)", + res, len); + wpabuf_free(buf); + return NULL; + } + + if (!prefix) { + /* Remove 0x04 prefix to match DPP definition */ + pos = wpabuf_mhead(buf); + os_memmove(pos, pos + 1, len - 1); + buf->used--; + } + + return buf; +} + + +static EVP_PKEY * dpp_set_pubkey_point_group(const EC_GROUP *group, + const u8 *buf_x, const u8 *buf_y, + size_t len) +{ + EC_KEY *eckey = NULL; + BN_CTX *ctx; + EC_POINT *point = NULL; + BIGNUM *x = NULL, *y = NULL; + EVP_PKEY *pkey = NULL; + + ctx = BN_CTX_new(); + if (!ctx) { + wpa_printf(MSG_ERROR, "DPP: Out of memory"); + return NULL; + } + + point = EC_POINT_new(group); + x = BN_bin2bn(buf_x, len, NULL); + y = BN_bin2bn(buf_y, len, NULL); + if (!point || !x || !y) { + wpa_printf(MSG_ERROR, "DPP: Out of memory"); + goto fail; + } + + if (!EC_POINT_set_affine_coordinates_GFp(group, point, x, y, ctx)) { + wpa_printf(MSG_ERROR, + "DPP: OpenSSL: EC_POINT_set_affine_coordinates_GFp failed: %s", + ERR_error_string(ERR_get_error(), NULL)); + goto fail; + } + + if (!EC_POINT_is_on_curve(group, point, ctx) || + EC_POINT_is_at_infinity(group, point)) { + wpa_printf(MSG_ERROR, "DPP: Invalid point"); + goto fail; + } + dpp_debug_print_point("DPP: dpp_set_pubkey_point_group", group, point); + + eckey = EC_KEY_new(); + if (!eckey || + EC_KEY_set_group(eckey, group) != 1 || + EC_KEY_set_public_key(eckey, point) != 1) { + wpa_printf(MSG_ERROR, + "DPP: Failed to set EC_KEY: %s", + ERR_error_string(ERR_get_error(), NULL)); + goto fail; + } + EC_KEY_set_asn1_flag(eckey, OPENSSL_EC_NAMED_CURVE); + + pkey = EVP_PKEY_new(); + if (!pkey || EVP_PKEY_set1_EC_KEY(pkey, eckey) != 1) { + wpa_printf(MSG_ERROR, "DPP: Could not create EVP_PKEY"); + goto fail; + } + +out: + BN_free(x); + BN_free(y); + EC_KEY_free(eckey); + EC_POINT_free(point); + BN_CTX_free(ctx); + return pkey; +fail: + EVP_PKEY_free(pkey); + pkey = NULL; + goto out; +} + + +static EVP_PKEY * dpp_set_pubkey_point(EVP_PKEY *group_key, + const u8 *buf, size_t len) +{ + EC_KEY *eckey; + const EC_GROUP *group; + EVP_PKEY *pkey = NULL; + + if (len & 1) + return NULL; + + eckey = EVP_PKEY_get1_EC_KEY(group_key); + if (!eckey) { + wpa_printf(MSG_ERROR, + "DPP: Could not get EC_KEY from group_key"); + return NULL; + } + + group = EC_KEY_get0_group(eckey); + if (group) + pkey = dpp_set_pubkey_point_group(group, buf, buf + len / 2, + len / 2); + else + wpa_printf(MSG_ERROR, "DPP: Could not get EC group"); + + EC_KEY_free(eckey); + return pkey; +} + + +static void dpp_auth_fail(struct dpp_authentication *auth, const char *txt) +{ + wpa_msg(auth->msg_ctx, MSG_INFO, DPP_EVENT_FAIL "%s", txt); +} + + +struct wpabuf * dpp_alloc_msg(enum dpp_public_action_frame_type type, + size_t len) +{ + struct wpabuf *msg; + + msg = wpabuf_alloc(8 + len); + if (!msg) + return NULL; + wpabuf_put_u8(msg, WLAN_ACTION_PUBLIC); + wpabuf_put_u8(msg, WLAN_PA_VENDOR_SPECIFIC); + wpabuf_put_be24(msg, OUI_WFA); + wpabuf_put_u8(msg, DPP_OUI_TYPE); + wpabuf_put_u8(msg, 1); /* Crypto Suite */ + wpabuf_put_u8(msg, type); + return msg; +} + + +const u8 * dpp_get_attr(const u8 *buf, size_t len, u16 req_id, u16 *ret_len) +{ + u16 id, alen; + const u8 *pos = buf, *end = buf + len; + + while (end - pos >= 4) { + id = WPA_GET_LE16(pos); + pos += 2; + alen = WPA_GET_LE16(pos); + pos += 2; + if (alen > end - pos) + return NULL; + if (id == req_id) { + *ret_len = alen; + return pos; + } + pos += alen; + } + + return NULL; +} + + +int dpp_check_attrs(const u8 *buf, size_t len) +{ + const u8 *pos, *end; + int wrapped_data = 0; + + pos = buf; + end = buf + len; + while (end - pos >= 4) { + u16 id, alen; + + id = WPA_GET_LE16(pos); + pos += 2; + alen = WPA_GET_LE16(pos); + pos += 2; + wpa_printf(MSG_MSGDUMP, "DPP: Attribute ID %04x len %u", + id, alen); + if (alen > end - pos) { + wpa_printf(MSG_DEBUG, + "DPP: Truncated message - not enough room for the attribute - dropped"); + return -1; + } + if (wrapped_data) { + wpa_printf(MSG_DEBUG, + "DPP: An unexpected attribute included after the Wrapped Data attribute"); + return -1; + } + if (id == DPP_ATTR_WRAPPED_DATA) + wrapped_data = 1; + pos += alen; + } + + if (end != pos) { + wpa_printf(MSG_DEBUG, + "DPP: Unexpected octets (%d) after the last attribute", + (int) (end - pos)); + return -1; + } + + return 0; +} + + +void dpp_bootstrap_info_free(struct dpp_bootstrap_info *info) +{ + if (!info) + return; + os_free(info->uri); + os_free(info->info); + EVP_PKEY_free(info->pubkey); + os_free(info); +} + + +const char * dpp_bootstrap_type_txt(enum dpp_bootstrap_type type) +{ + switch (type) { + case DPP_BOOTSTRAP_QR_CODE: + return "QRCODE"; + case DPP_BOOTSTRAP_PKEX: + return "PKEX"; + } + return "??"; +} + + +static int dpp_uri_valid_info(const char *info) +{ + while (*info) { + unsigned char val = *info++; + + if (val < 0x20 || val > 0x7e || val == 0x3b) + return 0; + } + + return 1; +} + + +static int dpp_clone_uri(struct dpp_bootstrap_info *bi, const char *uri) +{ + bi->uri = os_strdup(uri); + return bi->uri ? 0 : -1; +} + + +int dpp_parse_uri_chan_list(struct dpp_bootstrap_info *bi, + const char *chan_list) +{ + const char *pos = chan_list; + int opclass, channel, freq; + + while (pos && *pos && *pos != ';') { + opclass = atoi(pos); + if (opclass <= 0) + goto fail; + pos = os_strchr(pos, '/'); + if (!pos) + goto fail; + pos++; + channel = atoi(pos); + if (channel <= 0) + goto fail; + while (*pos >= '0' && *pos <= '9') + pos++; + freq = ieee80211_chan_to_freq(NULL, opclass, channel); + wpa_printf(MSG_DEBUG, + "DPP: URI channel-list: opclass=%d channel=%d ==> freq=%d", + opclass, channel, freq); + if (freq < 0) { + wpa_printf(MSG_DEBUG, + "DPP: Ignore unknown URI channel-list channel (opclass=%d channel=%d)", + opclass, channel); + } else if (bi->num_freq == DPP_BOOTSTRAP_MAX_FREQ) { + wpa_printf(MSG_DEBUG, + "DPP: Too many channels in URI channel-list - ignore list"); + bi->num_freq = 0; + break; + } else { + bi->freq[bi->num_freq++] = freq; + } + + if (*pos == ';' || *pos == '\0') + break; + if (*pos != ',') + goto fail; + pos++; + } + + return 0; +fail: + wpa_printf(MSG_DEBUG, "DPP: Invalid URI channel-list"); + return -1; +} + + +int dpp_parse_uri_mac(struct dpp_bootstrap_info *bi, const char *mac) +{ + if (!mac) + return 0; + + if (hwaddr_aton2(mac, bi->mac_addr) < 0) { + wpa_printf(MSG_DEBUG, "DPP: Invalid URI mac"); + return -1; + } + + wpa_printf(MSG_DEBUG, "DPP: URI mac: " MACSTR, MAC2STR(bi->mac_addr)); + + return 0; +} + + +int dpp_parse_uri_info(struct dpp_bootstrap_info *bi, const char *info) +{ + const char *end; + + if (!info) + return 0; + + end = os_strchr(info, ';'); + if (!end) + end = info + os_strlen(info); + bi->info = os_malloc(end - info + 1); + if (!bi->info) + return -1; + os_memcpy(bi->info, info, end - info); + bi->info[end - info] = '\0'; + wpa_printf(MSG_DEBUG, "DPP: URI(information): %s", bi->info); + if (!dpp_uri_valid_info(bi->info)) { + wpa_printf(MSG_DEBUG, "DPP: Invalid URI information payload"); + return -1; + } + + return 0; +} + + +static const struct dpp_curve_params * +dpp_get_curve_oid(const ASN1_OBJECT *poid) +{ + ASN1_OBJECT *oid; + int i; + + for (i = 0; dpp_curves[i].name; i++) { + oid = OBJ_txt2obj(dpp_curves[i].name, 0); + if (oid && OBJ_cmp(poid, oid) == 0) + return &dpp_curves[i]; + } + return NULL; +} + + +static const struct dpp_curve_params * dpp_get_curve_nid(int nid) +{ + int i, tmp; + + if (!nid) + return NULL; + for (i = 0; dpp_curves[i].name; i++) { + tmp = OBJ_txt2nid(dpp_curves[i].name); + if (tmp == nid) + return &dpp_curves[i]; + } + return NULL; +} + + +static int dpp_parse_uri_pk(struct dpp_bootstrap_info *bi, const char *info) +{ + const char *end; + u8 *data; + size_t data_len; + EVP_PKEY *pkey; + const unsigned char *p; + int res; + X509_PUBKEY *pub = NULL; + ASN1_OBJECT *ppkalg; + const unsigned char *pk; + int ppklen; + X509_ALGOR *pa; +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + ASN1_OBJECT *pa_oid; +#else + const ASN1_OBJECT *pa_oid; +#endif + const void *pval; + int ptype; + const ASN1_OBJECT *poid; + char buf[100]; + + end = os_strchr(info, ';'); + if (!end) + return -1; + + data = base64_decode((const unsigned char *) info, end - info, + &data_len); + if (!data) { + wpa_printf(MSG_DEBUG, + "DPP: Invalid base64 encoding on URI public-key"); + return -1; + } + wpa_hexdump(MSG_DEBUG, "DPP: Base64 decoded URI public-key", + data, data_len); + + if (sha256_vector(1, (const u8 **) &data, &data_len, + bi->pubkey_hash) < 0) { + wpa_printf(MSG_DEBUG, "DPP: Failed to hash public key"); + os_free(data); + return -1; + } + wpa_hexdump(MSG_DEBUG, "DPP: Public key hash", + bi->pubkey_hash, SHA256_MAC_LEN); + + /* DER encoded ASN.1 SubjectPublicKeyInfo + * + * SubjectPublicKeyInfo ::= SEQUENCE { + * algorithm AlgorithmIdentifier, + * subjectPublicKey BIT STRING } + * + * AlgorithmIdentifier ::= SEQUENCE { + * algorithm OBJECT IDENTIFIER, + * parameters ANY DEFINED BY algorithm OPTIONAL } + * + * subjectPublicKey = compressed format public key per ANSI X9.63 + * algorithm = ecPublicKey (1.2.840.10045.2.1) + * parameters = shall be present and shall be OBJECT IDENTIFIER; e.g., + * prime256v1 (1.2.840.10045.3.1.7) + */ + + p = data; + pkey = d2i_PUBKEY(NULL, &p, data_len); + os_free(data); + + if (!pkey) { + wpa_printf(MSG_DEBUG, + "DPP: Could not parse URI public-key SubjectPublicKeyInfo"); + return -1; + } + + if (EVP_PKEY_type(EVP_PKEY_id(pkey)) != EVP_PKEY_EC) { + wpa_printf(MSG_DEBUG, + "DPP: SubjectPublicKeyInfo does not describe an EC key"); + EVP_PKEY_free(pkey); + return -1; + } + + res = X509_PUBKEY_set(&pub, pkey); + if (res != 1) { + wpa_printf(MSG_DEBUG, "DPP: Could not set pubkey"); + goto fail; + } + + res = X509_PUBKEY_get0_param(&ppkalg, &pk, &ppklen, &pa, pub); + if (res != 1) { + wpa_printf(MSG_DEBUG, + "DPP: Could not extract SubjectPublicKeyInfo parameters"); + goto fail; + } + res = OBJ_obj2txt(buf, sizeof(buf), ppkalg, 0); + if (res < 0 || (size_t) res >= sizeof(buf)) { + wpa_printf(MSG_DEBUG, + "DPP: Could not extract SubjectPublicKeyInfo algorithm"); + goto fail; + } + wpa_printf(MSG_DEBUG, "DPP: URI subjectPublicKey algorithm: %s", buf); + if (os_strcmp(buf, "id-ecPublicKey") != 0) { + wpa_printf(MSG_DEBUG, + "DPP: Unsupported SubjectPublicKeyInfo algorithm"); + goto fail; + } + + X509_ALGOR_get0(&pa_oid, &ptype, (void *) &pval, pa); + if (ptype != V_ASN1_OBJECT) { + wpa_printf(MSG_DEBUG, + "DPP: SubjectPublicKeyInfo parameters did not contain an OID"); + goto fail; + } + poid = pval; + res = OBJ_obj2txt(buf, sizeof(buf), poid, 0); + if (res < 0 || (size_t) res >= sizeof(buf)) { + wpa_printf(MSG_DEBUG, + "DPP: Could not extract SubjectPublicKeyInfo parameters OID"); + goto fail; + } + wpa_printf(MSG_DEBUG, "DPP: URI subjectPublicKey parameters: %s", buf); + bi->curve = dpp_get_curve_oid(poid); + if (!bi->curve) { + wpa_printf(MSG_DEBUG, + "DPP: Unsupported SubjectPublicKeyInfo curve: %s", + buf); + goto fail; + } + + wpa_hexdump(MSG_DEBUG, "DPP: URI subjectPublicKey", pk, ppklen); + + X509_PUBKEY_free(pub); + bi->pubkey = pkey; + return 0; +fail: + X509_PUBKEY_free(pub); + EVP_PKEY_free(pkey); + return -1; +} + + +static struct dpp_bootstrap_info * dpp_parse_uri(const char *uri) +{ + const char *pos = uri; + const char *end; + const char *chan_list = NULL, *mac = NULL, *info = NULL, *pk = NULL; + struct dpp_bootstrap_info *bi; + + wpa_hexdump_ascii(MSG_DEBUG, "DPP: URI", uri, os_strlen(uri)); + + if (os_strncmp(pos, "DPP:", 4) != 0) { + wpa_printf(MSG_INFO, "DPP: Not a DPP URI"); + return NULL; + } + pos += 4; + + for (;;) { + end = os_strchr(pos, ';'); + if (!end) + break; + + if (end == pos) { + /* Handle terminating ";;" and ignore unexpected ";" + * for parsing robustness. */ + pos++; + continue; + } + + if (pos[0] == 'C' && pos[1] == ':' && !chan_list) + chan_list = pos + 2; + else if (pos[0] == 'M' && pos[1] == ':' && !mac) + mac = pos + 2; + else if (pos[0] == 'I' && pos[1] == ':' && !info) + info = pos + 2; + else if (pos[0] == 'K' && pos[1] == ':' && !pk) + pk = pos + 2; + else + wpa_hexdump_ascii(MSG_DEBUG, + "DPP: Ignore unrecognized URI parameter", + pos, end - pos); + pos = end + 1; + } + + if (!pk) { + wpa_printf(MSG_INFO, "DPP: URI missing public-key"); + return NULL; + } + + bi = os_zalloc(sizeof(*bi)); + if (!bi) + return NULL; + + if (dpp_clone_uri(bi, uri) < 0 || + dpp_parse_uri_chan_list(bi, chan_list) < 0 || + dpp_parse_uri_mac(bi, mac) < 0 || + dpp_parse_uri_info(bi, info) < 0 || + dpp_parse_uri_pk(bi, pk) < 0) { + dpp_bootstrap_info_free(bi); + bi = NULL; + } + + return bi; +} + + +struct dpp_bootstrap_info * dpp_parse_qr_code(const char *uri) +{ + struct dpp_bootstrap_info *bi; + + bi = dpp_parse_uri(uri); + if (bi) + bi->type = DPP_BOOTSTRAP_QR_CODE; + return bi; +} + + +static void dpp_debug_print_key(const char *title, EVP_PKEY *key) +{ + EC_KEY *eckey; + BIO *out; + size_t rlen; + char *txt; + int res; + unsigned char *der = NULL; + int der_len; + const EC_GROUP *group; + const EC_POINT *point; + + out = BIO_new(BIO_s_mem()); + if (!out) + return; + + EVP_PKEY_print_private(out, key, 0, NULL); + rlen = BIO_ctrl_pending(out); + txt = os_malloc(rlen + 1); + if (txt) { + res = BIO_read(out, txt, rlen); + if (res > 0) { + txt[res] = '\0'; + wpa_printf(MSG_DEBUG, "%s: %s", title, txt); + } + os_free(txt); + } + BIO_free(out); + + eckey = EVP_PKEY_get1_EC_KEY(key); + if (!eckey) + return; + + group = EC_KEY_get0_group(eckey); + point = EC_KEY_get0_public_key(eckey); + if (group && point) + dpp_debug_print_point(title, group, point); + + der_len = i2d_ECPrivateKey(eckey, &der); + if (der_len > 0) + wpa_hexdump_key(MSG_DEBUG, "DPP: ECPrivateKey", der, der_len); + OPENSSL_free(der); + if (der_len <= 0) { + der = NULL; + der_len = i2d_EC_PUBKEY(eckey, &der); + if (der_len > 0) + wpa_hexdump(MSG_DEBUG, "DPP: EC_PUBKEY", der, der_len); + OPENSSL_free(der); + } + + EC_KEY_free(eckey); +} + + +static EVP_PKEY * dpp_gen_keypair(const struct dpp_curve_params *curve) +{ + EVP_PKEY_CTX *kctx = NULL; + EC_KEY *ec_params; + EVP_PKEY *params = NULL, *key = NULL; + int nid; + + wpa_printf(MSG_DEBUG, "DPP: Generating a keypair"); + + nid = OBJ_txt2nid(curve->name); + if (nid == NID_undef) { + wpa_printf(MSG_INFO, "DPP: Unsupported curve %s", curve->name); + return NULL; + } + + ec_params = EC_KEY_new_by_curve_name(nid); + if (!ec_params) { + wpa_printf(MSG_ERROR, + "DPP: Failed to generate EC_KEY parameters"); + goto fail; + } + EC_KEY_set_asn1_flag(ec_params, OPENSSL_EC_NAMED_CURVE); + params = EVP_PKEY_new(); + if (!params || EVP_PKEY_set1_EC_KEY(params, ec_params) != 1) { + wpa_printf(MSG_ERROR, + "DPP: Failed to generate EVP_PKEY parameters"); + goto fail; + } + + kctx = EVP_PKEY_CTX_new(params, NULL); + if (!kctx || + EVP_PKEY_keygen_init(kctx) != 1 || + EVP_PKEY_keygen(kctx, &key) != 1) { + wpa_printf(MSG_ERROR, "DPP: Failed to generate EC key"); + goto fail; + } + + if (wpa_debug_show_keys) + dpp_debug_print_key("Own generated key", key); + + EVP_PKEY_free(params); + EVP_PKEY_CTX_free(kctx); + return key; +fail: + EVP_PKEY_CTX_free(kctx); + EVP_PKEY_free(params); + return NULL; +} + + +static const struct dpp_curve_params * +dpp_get_curve_name(const char *name) +{ + int i; + + for (i = 0; dpp_curves[i].name; i++) { + if (os_strcmp(name, dpp_curves[i].name) == 0 || + (dpp_curves[i].jwk_crv && + os_strcmp(name, dpp_curves[i].jwk_crv) == 0)) + return &dpp_curves[i]; + } + return NULL; +} + + +static const struct dpp_curve_params * +dpp_get_curve_jwk_crv(const char *name) +{ + int i; + + for (i = 0; dpp_curves[i].name; i++) { + if (dpp_curves[i].jwk_crv && + os_strcmp(name, dpp_curves[i].jwk_crv) == 0) + return &dpp_curves[i]; + } + return NULL; +} + + +static EVP_PKEY * dpp_set_keypair(const struct dpp_curve_params **curve, + const u8 *privkey, size_t privkey_len) +{ + EVP_PKEY *pkey; + EC_KEY *eckey; + const EC_GROUP *group; + int nid; + + pkey = EVP_PKEY_new(); + if (!pkey) + return NULL; + eckey = d2i_ECPrivateKey(NULL, &privkey, privkey_len); + if (!eckey) { + wpa_printf(MSG_INFO, + "DPP: OpenSSL: d2i_ECPrivateKey() failed: %s", + ERR_error_string(ERR_get_error(), NULL)); + EVP_PKEY_free(pkey); + return NULL; + } + group = EC_KEY_get0_group(eckey); + if (!group) { + EC_KEY_free(eckey); + EVP_PKEY_free(pkey); + return NULL; + } + nid = EC_GROUP_get_curve_name(group); + *curve = dpp_get_curve_nid(nid); + if (!*curve) { + wpa_printf(MSG_INFO, + "DPP: Unsupported curve (nid=%d) in pre-assigned key", + nid); + EC_KEY_free(eckey); + EVP_PKEY_free(pkey); + return NULL; + } + + if (EVP_PKEY_assign_EC_KEY(pkey, eckey) != 1) { + EC_KEY_free(eckey); + EVP_PKEY_free(pkey); + return NULL; + } + return pkey; +} + + +typedef struct { + /* AlgorithmIdentifier ecPublicKey with optional parameters present + * as an OID identifying the curve */ + X509_ALGOR *alg; + /* Compressed format public key per ANSI X9.63 */ + ASN1_BIT_STRING *pub_key; +} DPP_BOOTSTRAPPING_KEY; + +ASN1_SEQUENCE(DPP_BOOTSTRAPPING_KEY) = { + ASN1_SIMPLE(DPP_BOOTSTRAPPING_KEY, alg, X509_ALGOR), + ASN1_SIMPLE(DPP_BOOTSTRAPPING_KEY, pub_key, ASN1_BIT_STRING) +} ASN1_SEQUENCE_END(DPP_BOOTSTRAPPING_KEY); + +IMPLEMENT_ASN1_FUNCTIONS(DPP_BOOTSTRAPPING_KEY); + + +static struct wpabuf * dpp_bootstrap_key_der(EVP_PKEY *key) +{ + unsigned char *der = NULL; + int der_len; + EC_KEY *eckey; + struct wpabuf *ret = NULL; + size_t len; + const EC_GROUP *group; + const EC_POINT *point; + BN_CTX *ctx; + DPP_BOOTSTRAPPING_KEY *bootstrap = NULL; + int nid; + + ctx = BN_CTX_new(); + eckey = EVP_PKEY_get1_EC_KEY(key); + if (!ctx || !eckey) + goto fail; + + group = EC_KEY_get0_group(eckey); + point = EC_KEY_get0_public_key(eckey); + if (!group || !point) + goto fail; + dpp_debug_print_point("DPP: bootstrap public key", group, point); + nid = EC_GROUP_get_curve_name(group); + + bootstrap = DPP_BOOTSTRAPPING_KEY_new(); + if (!bootstrap || + X509_ALGOR_set0(bootstrap->alg, OBJ_nid2obj(EVP_PKEY_EC), + V_ASN1_OBJECT, (void *) OBJ_nid2obj(nid)) != 1) + goto fail; + + len = EC_POINT_point2oct(group, point, POINT_CONVERSION_COMPRESSED, + NULL, 0, ctx); + if (len == 0) + goto fail; + + der = OPENSSL_malloc(len); + if (!der) + goto fail; + len = EC_POINT_point2oct(group, point, POINT_CONVERSION_COMPRESSED, + der, len, ctx); + + OPENSSL_free(bootstrap->pub_key->data); + bootstrap->pub_key->data = der; + der = NULL; + bootstrap->pub_key->length = len; + /* No unused bits */ + bootstrap->pub_key->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07); + bootstrap->pub_key->flags |= ASN1_STRING_FLAG_BITS_LEFT; + + der_len = i2d_DPP_BOOTSTRAPPING_KEY(bootstrap, &der); + if (der_len <= 0) { + wpa_printf(MSG_ERROR, + "DDP: Failed to build DER encoded public key"); + goto fail; + } + + ret = wpabuf_alloc_copy(der, der_len); +fail: + DPP_BOOTSTRAPPING_KEY_free(bootstrap); + OPENSSL_free(der); + EC_KEY_free(eckey); + BN_CTX_free(ctx); + return ret; +} + + +int dpp_bootstrap_key_hash(struct dpp_bootstrap_info *bi) +{ + struct wpabuf *der; + int res; + const u8 *addr[1]; + size_t len[1]; + + der = dpp_bootstrap_key_der(bi->pubkey); + if (!der) + return -1; + wpa_hexdump_buf(MSG_DEBUG, "DPP: Compressed public key (DER)", + der); + + addr[0] = wpabuf_head(der); + len[0] = wpabuf_len(der); + res = sha256_vector(1, addr, len, bi->pubkey_hash); + if (res < 0) + wpa_printf(MSG_DEBUG, "DPP: Failed to hash public key"); + else + wpa_hexdump(MSG_DEBUG, "DPP: Public key hash", bi->pubkey_hash, + SHA256_MAC_LEN); + wpabuf_free(der); + return res; +} + + +char * dpp_keygen(struct dpp_bootstrap_info *bi, const char *curve, + const u8 *privkey, size_t privkey_len) +{ + unsigned char *base64 = NULL; + char *pos, *end; + size_t len; + struct wpabuf *der = NULL; + const u8 *addr[1]; + int res; + + if (!curve) { + bi->curve = &dpp_curves[0]; + } else { + bi->curve = dpp_get_curve_name(curve); + if (!bi->curve) { + wpa_printf(MSG_INFO, "DPP: Unsupported curve: %s", + curve); + return NULL; + } + } + if (privkey) + bi->pubkey = dpp_set_keypair(&bi->curve, privkey, privkey_len); + else + bi->pubkey = dpp_gen_keypair(bi->curve); + if (!bi->pubkey) + goto fail; + bi->own = 1; + + der = dpp_bootstrap_key_der(bi->pubkey); + if (!der) + goto fail; + wpa_hexdump_buf(MSG_DEBUG, "DPP: Compressed public key (DER)", + der); + + addr[0] = wpabuf_head(der); + len = wpabuf_len(der); + res = sha256_vector(1, addr, &len, bi->pubkey_hash); + if (res < 0) { + wpa_printf(MSG_DEBUG, "DPP: Failed to hash public key"); + goto fail; + } + wpa_hexdump(MSG_DEBUG, "DPP: Public key hash", bi->pubkey_hash, + SHA256_MAC_LEN); + + base64 = base64_encode(wpabuf_head(der), wpabuf_len(der), &len); + wpabuf_free(der); + der = NULL; + if (!base64) + goto fail; + pos = (char *) base64; + end = pos + len; + for (;;) { + pos = os_strchr(pos, '\n'); + if (!pos) + break; + os_memmove(pos, pos + 1, end - pos); + } + return (char *) base64; +fail: + os_free(base64); + wpabuf_free(der); + return NULL; +} + + +static int dpp_derive_k1(const u8 *Mx, size_t Mx_len, u8 *k1, + unsigned int hash_len) +{ + u8 salt[DPP_MAX_HASH_LEN], prk[DPP_MAX_HASH_LEN]; + const char *info = "first intermediate key"; + int res; + + /* k1 = HKDF(<>, "first intermediate key", M.x) */ + + /* HKDF-Extract(<>, M.x) */ + os_memset(salt, 0, hash_len); + if (dpp_hmac(hash_len, salt, hash_len, Mx, Mx_len, prk) < 0) + return -1; + wpa_hexdump_key(MSG_DEBUG, "DPP: PRK = HKDF-Extract(<>, IKM=M.x)", + prk, hash_len); + + /* HKDF-Expand(PRK, info, L) */ + res = dpp_hkdf_expand(hash_len, prk, hash_len, info, k1, hash_len); + os_memset(prk, 0, hash_len); + if (res < 0) + return -1; + + wpa_hexdump_key(MSG_DEBUG, "DPP: k1 = HKDF-Expand(PRK, info, L)", + k1, hash_len); + return 0; +} + + +static int dpp_derive_k2(const u8 *Nx, size_t Nx_len, u8 *k2, + unsigned int hash_len) +{ + u8 salt[DPP_MAX_HASH_LEN], prk[DPP_MAX_HASH_LEN]; + const char *info = "second intermediate key"; + int res; + + /* k2 = HKDF(<>, "second intermediate key", N.x) */ + + /* HKDF-Extract(<>, N.x) */ + os_memset(salt, 0, hash_len); + res = dpp_hmac(hash_len, salt, hash_len, Nx, Nx_len, prk); + if (res < 0) + return -1; + wpa_hexdump_key(MSG_DEBUG, "DPP: PRK = HKDF-Extract(<>, IKM=N.x)", + prk, hash_len); + + /* HKDF-Expand(PRK, info, L) */ + res = dpp_hkdf_expand(hash_len, prk, hash_len, info, k2, hash_len); + os_memset(prk, 0, hash_len); + if (res < 0) + return -1; + + wpa_hexdump_key(MSG_DEBUG, "DPP: k2 = HKDF-Expand(PRK, info, L)", + k2, hash_len); + return 0; +} + + +static int dpp_derive_ke(struct dpp_authentication *auth, u8 *ke, + unsigned int hash_len) +{ + size_t nonce_len; + u8 nonces[2 * DPP_MAX_NONCE_LEN]; + const char *info_ke = "DPP Key"; + u8 prk[DPP_MAX_HASH_LEN]; + int res; + const u8 *addr[3]; + size_t len[3]; + size_t num_elem = 0; + + if (!auth->Mx_len || !auth->Nx_len) { + wpa_printf(MSG_DEBUG, + "DPP: Mx/Nx not available - cannot derive ke"); + return -1; + } + + /* ke = HKDF(I-nonce | R-nonce, "DPP Key", M.x | N.x [| L.x]) */ + + /* HKDF-Extract(I-nonce | R-nonce, M.x | N.x [| L.x]) */ + nonce_len = auth->curve->nonce_len; + os_memcpy(nonces, auth->i_nonce, nonce_len); + os_memcpy(&nonces[nonce_len], auth->r_nonce, nonce_len); + addr[num_elem] = auth->Mx; + len[num_elem] = auth->Mx_len; + num_elem++; + addr[num_elem] = auth->Nx; + len[num_elem] = auth->Nx_len; + num_elem++; + if (auth->peer_bi && auth->own_bi) { + if (!auth->Lx_len) { + wpa_printf(MSG_DEBUG, + "DPP: Lx not available - cannot derive ke"); + return -1; + } + addr[num_elem] = auth->Lx; + len[num_elem] = auth->secret_len; + num_elem++; + } + res = dpp_hmac_vector(hash_len, nonces, 2 * nonce_len, + num_elem, addr, len, prk); + if (res < 0) + return -1; + wpa_hexdump_key(MSG_DEBUG, "DPP: PRK = HKDF-Extract(<>, IKM)", + prk, hash_len); + + /* HKDF-Expand(PRK, info, L) */ + res = dpp_hkdf_expand(hash_len, prk, hash_len, info_ke, ke, hash_len); + os_memset(prk, 0, hash_len); + if (res < 0) + return -1; + + wpa_hexdump_key(MSG_DEBUG, "DPP: ke = HKDF-Expand(PRK, info, L)", + ke, hash_len); + return 0; +} + + +static void dpp_build_attr_status(struct wpabuf *msg, + enum dpp_status_error status) +{ + wpa_printf(MSG_DEBUG, "DPP: Status %d", status); + wpabuf_put_le16(msg, DPP_ATTR_STATUS); + wpabuf_put_le16(msg, 1); + wpabuf_put_u8(msg, status); +} + + +static void dpp_build_attr_r_bootstrap_key_hash(struct wpabuf *msg, + const u8 *hash) +{ + if (hash) { + wpa_printf(MSG_DEBUG, "DPP: R-Bootstrap Key Hash"); + wpabuf_put_le16(msg, DPP_ATTR_R_BOOTSTRAP_KEY_HASH); + wpabuf_put_le16(msg, SHA256_MAC_LEN); + wpabuf_put_data(msg, hash, SHA256_MAC_LEN); + } +} + + +static void dpp_build_attr_i_bootstrap_key_hash(struct wpabuf *msg, + const u8 *hash) +{ + if (hash) { + wpa_printf(MSG_DEBUG, "DPP: I-Bootstrap Key Hash"); + wpabuf_put_le16(msg, DPP_ATTR_I_BOOTSTRAP_KEY_HASH); + wpabuf_put_le16(msg, SHA256_MAC_LEN); + wpabuf_put_data(msg, hash, SHA256_MAC_LEN); + } +} + + +static struct wpabuf * dpp_auth_build_req(struct dpp_authentication *auth, + const struct wpabuf *pi, + size_t nonce_len, + const u8 *r_pubkey_hash, + const u8 *i_pubkey_hash, + unsigned int neg_freq) +{ + struct wpabuf *msg; + u8 clear[4 + DPP_MAX_NONCE_LEN + 4 + 1]; + u8 wrapped_data[4 + DPP_MAX_NONCE_LEN + 4 + 1 + AES_BLOCK_SIZE]; + u8 *pos; + const u8 *addr[2]; + size_t len[2], siv_len, attr_len; + u8 *attr_start, *attr_end; + + /* Build DPP Authentication Request frame attributes */ + attr_len = 2 * (4 + SHA256_MAC_LEN) + 4 + (pi ? wpabuf_len(pi) : 0) + + 4 + sizeof(wrapped_data); + if (neg_freq > 0) + attr_len += 4 + 2; +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_test == DPP_TEST_AFTER_WRAPPED_DATA_AUTH_REQ) + attr_len += 5; +#endif /* CONFIG_TESTING_OPTIONS */ + msg = dpp_alloc_msg(DPP_PA_AUTHENTICATION_REQ, attr_len); + if (!msg) + return NULL; + + attr_start = wpabuf_put(msg, 0); + + /* Responder Bootstrapping Key Hash */ + dpp_build_attr_r_bootstrap_key_hash(msg, r_pubkey_hash); + + /* Initiator Bootstrapping Key Hash */ + dpp_build_attr_i_bootstrap_key_hash(msg, i_pubkey_hash); + + /* Initiator Protocol Key */ + if (pi) { + wpabuf_put_le16(msg, DPP_ATTR_I_PROTOCOL_KEY); + wpabuf_put_le16(msg, wpabuf_len(pi)); + wpabuf_put_buf(msg, pi); + } + + /* Channel */ + if (neg_freq > 0) { + u8 op_class, channel; + + if (ieee80211_freq_to_channel_ext(neg_freq, 0, 0, &op_class, + &channel) == + NUM_HOSTAPD_MODES) { + wpa_printf(MSG_INFO, + "DPP: Unsupported negotiation frequency request: %d", + neg_freq); + wpabuf_free(msg); + return NULL; + } + wpabuf_put_le16(msg, DPP_ATTR_CHANNEL); + wpabuf_put_le16(msg, 2); + wpabuf_put_u8(msg, op_class); + wpabuf_put_u8(msg, channel); + } + +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_test == DPP_TEST_NO_WRAPPED_DATA_AUTH_REQ) { + wpa_printf(MSG_INFO, "DPP: TESTING - no Wrapped Data"); + goto skip_wrapped_data; + } +#endif /* CONFIG_TESTING_OPTIONS */ + + /* Wrapped data ({I-nonce, I-capabilities}k1) */ + pos = clear; + +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_test == DPP_TEST_NO_I_NONCE_AUTH_REQ) { + wpa_printf(MSG_INFO, "DPP: TESTING - no I-nonce"); + goto skip_i_nonce; + } + if (dpp_test == DPP_TEST_INVALID_I_NONCE_AUTH_REQ) { + wpa_printf(MSG_INFO, "DPP: TESTING - invalid I-nonce"); + WPA_PUT_LE16(pos, DPP_ATTR_I_NONCE); + pos += 2; + WPA_PUT_LE16(pos, nonce_len - 1); + pos += 2; + os_memcpy(pos, auth->i_nonce, nonce_len - 1); + pos += nonce_len - 1; + goto skip_i_nonce; + } +#endif /* CONFIG_TESTING_OPTIONS */ + + /* I-nonce */ + WPA_PUT_LE16(pos, DPP_ATTR_I_NONCE); + pos += 2; + WPA_PUT_LE16(pos, nonce_len); + pos += 2; + os_memcpy(pos, auth->i_nonce, nonce_len); + pos += nonce_len; + +#ifdef CONFIG_TESTING_OPTIONS +skip_i_nonce: + if (dpp_test == DPP_TEST_NO_I_CAPAB_AUTH_REQ) { + wpa_printf(MSG_INFO, "DPP: TESTING - no I-capab"); + goto skip_i_capab; + } +#endif /* CONFIG_TESTING_OPTIONS */ + + /* I-capabilities */ + WPA_PUT_LE16(pos, DPP_ATTR_I_CAPABILITIES); + pos += 2; + WPA_PUT_LE16(pos, 1); + pos += 2; + auth->i_capab = auth->allowed_roles; + *pos++ = auth->i_capab; +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_test == DPP_TEST_ZERO_I_CAPAB) { + wpa_printf(MSG_INFO, "DPP: TESTING - zero I-capabilities"); + pos[-1] = 0; + } +skip_i_capab: +#endif /* CONFIG_TESTING_OPTIONS */ + + attr_end = wpabuf_put(msg, 0); + + /* OUI, OUI type, Crypto Suite, DPP frame type */ + addr[0] = wpabuf_head_u8(msg) + 2; + len[0] = 3 + 1 + 1 + 1; + wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD[0]", addr[0], len[0]); + + /* Attributes before Wrapped Data */ + addr[1] = attr_start; + len[1] = attr_end - attr_start; + wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD[1]", addr[1], len[1]); + + siv_len = pos - clear; + wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV cleartext", clear, siv_len); + if (aes_siv_encrypt(auth->k1, auth->curve->hash_len, clear, siv_len, + 2, addr, len, wrapped_data) < 0) { + wpabuf_free(msg); + return NULL; + } + siv_len += AES_BLOCK_SIZE; + wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV ciphertext", + wrapped_data, siv_len); + + wpabuf_put_le16(msg, DPP_ATTR_WRAPPED_DATA); + wpabuf_put_le16(msg, siv_len); + wpabuf_put_data(msg, wrapped_data, siv_len); + +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_test == DPP_TEST_AFTER_WRAPPED_DATA_AUTH_REQ) { + wpa_printf(MSG_INFO, "DPP: TESTING - attr after Wrapped Data"); + dpp_build_attr_status(msg, DPP_STATUS_OK); + } +skip_wrapped_data: +#endif /* CONFIG_TESTING_OPTIONS */ + + wpa_hexdump_buf(MSG_DEBUG, + "DPP: Authentication Request frame attributes", msg); + + return msg; +} + + +static struct wpabuf * dpp_auth_build_resp(struct dpp_authentication *auth, + enum dpp_status_error status, + const struct wpabuf *pr, + size_t nonce_len, + const u8 *r_pubkey_hash, + const u8 *i_pubkey_hash, + const u8 *r_nonce, const u8 *i_nonce, + const u8 *wrapped_r_auth, + size_t wrapped_r_auth_len, + const u8 *siv_key) +{ + struct wpabuf *msg; +#define DPP_AUTH_RESP_CLEAR_LEN 2 * (4 + DPP_MAX_NONCE_LEN) + 4 + 1 + \ + 4 + 4 + DPP_MAX_HASH_LEN + AES_BLOCK_SIZE + u8 clear[DPP_AUTH_RESP_CLEAR_LEN]; + u8 wrapped_data[DPP_AUTH_RESP_CLEAR_LEN + AES_BLOCK_SIZE]; + const u8 *addr[2]; + size_t len[2], siv_len, attr_len; + u8 *attr_start, *attr_end, *pos; + + auth->waiting_auth_conf = 1; + auth->auth_resp_tries = 0; + + /* Build DPP Authentication Response frame attributes */ + attr_len = 4 + 1 + 2 * (4 + SHA256_MAC_LEN) + + 4 + (pr ? wpabuf_len(pr) : 0) + 4 + sizeof(wrapped_data); +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_test == DPP_TEST_AFTER_WRAPPED_DATA_AUTH_RESP) + attr_len += 5; +#endif /* CONFIG_TESTING_OPTIONS */ + msg = dpp_alloc_msg(DPP_PA_AUTHENTICATION_RESP, attr_len); + if (!msg) + return NULL; + + attr_start = wpabuf_put(msg, 0); + + /* DPP Status */ + if (status != 255) + dpp_build_attr_status(msg, status); + + /* Responder Bootstrapping Key Hash */ + dpp_build_attr_r_bootstrap_key_hash(msg, r_pubkey_hash); + + /* Initiator Bootstrapping Key Hash (mutual authentication) */ + dpp_build_attr_i_bootstrap_key_hash(msg, i_pubkey_hash); + + /* Responder Protocol Key */ + if (pr) { + wpabuf_put_le16(msg, DPP_ATTR_R_PROTOCOL_KEY); + wpabuf_put_le16(msg, wpabuf_len(pr)); + wpabuf_put_buf(msg, pr); + } + + attr_end = wpabuf_put(msg, 0); + +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_test == DPP_TEST_NO_WRAPPED_DATA_AUTH_RESP) { + wpa_printf(MSG_INFO, "DPP: TESTING - no Wrapped Data"); + goto skip_wrapped_data; + } +#endif /* CONFIG_TESTING_OPTIONS */ + + /* Wrapped data ({R-nonce, I-nonce, R-capabilities, {R-auth}ke}k2) */ + pos = clear; + + if (r_nonce) { + /* R-nonce */ + WPA_PUT_LE16(pos, DPP_ATTR_R_NONCE); + pos += 2; + WPA_PUT_LE16(pos, nonce_len); + pos += 2; + os_memcpy(pos, r_nonce, nonce_len); + pos += nonce_len; + } + + if (i_nonce) { + /* I-nonce */ + WPA_PUT_LE16(pos, DPP_ATTR_I_NONCE); + pos += 2; + WPA_PUT_LE16(pos, nonce_len); + pos += 2; + os_memcpy(pos, i_nonce, nonce_len); +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_test == DPP_TEST_I_NONCE_MISMATCH_AUTH_RESP) { + wpa_printf(MSG_INFO, "DPP: TESTING - I-nonce mismatch"); + pos[nonce_len / 2] ^= 0x01; + } +#endif /* CONFIG_TESTING_OPTIONS */ + pos += nonce_len; + } + +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_test == DPP_TEST_NO_R_CAPAB_AUTH_RESP) { + wpa_printf(MSG_INFO, "DPP: TESTING - no R-capab"); + goto skip_r_capab; + } +#endif /* CONFIG_TESTING_OPTIONS */ + + /* R-capabilities */ + WPA_PUT_LE16(pos, DPP_ATTR_R_CAPABILITIES); + pos += 2; + WPA_PUT_LE16(pos, 1); + pos += 2; + auth->r_capab = auth->configurator ? DPP_CAPAB_CONFIGURATOR : + DPP_CAPAB_ENROLLEE; + *pos++ = auth->r_capab; +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_test == DPP_TEST_ZERO_R_CAPAB) { + wpa_printf(MSG_INFO, "DPP: TESTING - zero R-capabilities"); + pos[-1] = 0; + } else if (dpp_test == DPP_TEST_INCOMPATIBLE_R_CAPAB_AUTH_RESP) { + wpa_printf(MSG_INFO, + "DPP: TESTING - incompatible R-capabilities"); + if ((auth->i_capab & DPP_CAPAB_ROLE_MASK) == + (DPP_CAPAB_CONFIGURATOR | DPP_CAPAB_ENROLLEE)) + pos[-1] = 0; + else + pos[-1] = auth->configurator ? DPP_CAPAB_ENROLLEE : + DPP_CAPAB_CONFIGURATOR; + } +skip_r_capab: +#endif /* CONFIG_TESTING_OPTIONS */ + + if (wrapped_r_auth) { + /* {R-auth}ke */ + WPA_PUT_LE16(pos, DPP_ATTR_WRAPPED_DATA); + pos += 2; + WPA_PUT_LE16(pos, wrapped_r_auth_len); + pos += 2; + os_memcpy(pos, wrapped_r_auth, wrapped_r_auth_len); + pos += wrapped_r_auth_len; + } + + /* OUI, OUI type, Crypto Suite, DPP frame type */ + addr[0] = wpabuf_head_u8(msg) + 2; + len[0] = 3 + 1 + 1 + 1; + wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD[0]", addr[0], len[0]); + + /* Attributes before Wrapped Data */ + addr[1] = attr_start; + len[1] = attr_end - attr_start; + wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD[1]", addr[1], len[1]); + + siv_len = pos - clear; + wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV cleartext", clear, siv_len); + if (aes_siv_encrypt(siv_key, auth->curve->hash_len, clear, siv_len, + 2, addr, len, wrapped_data) < 0) { + wpabuf_free(msg); + return NULL; + } + siv_len += AES_BLOCK_SIZE; + wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV ciphertext", + wrapped_data, siv_len); + + wpabuf_put_le16(msg, DPP_ATTR_WRAPPED_DATA); + wpabuf_put_le16(msg, siv_len); + wpabuf_put_data(msg, wrapped_data, siv_len); + +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_test == DPP_TEST_AFTER_WRAPPED_DATA_AUTH_RESP) { + wpa_printf(MSG_INFO, "DPP: TESTING - attr after Wrapped Data"); + dpp_build_attr_status(msg, DPP_STATUS_OK); + } +skip_wrapped_data: +#endif /* CONFIG_TESTING_OPTIONS */ + + wpa_hexdump_buf(MSG_DEBUG, + "DPP: Authentication Response frame attributes", msg); + return msg; +} + + +static int dpp_channel_ok_init(struct hostapd_hw_modes *own_modes, + u16 num_modes, unsigned int freq) +{ + u16 m; + int c, flag; + + if (!own_modes || !num_modes) + return 1; + + for (m = 0; m < num_modes; m++) { + for (c = 0; c < own_modes[m].num_channels; c++) { + if ((unsigned int) own_modes[m].channels[c].freq != + freq) + continue; + flag = own_modes[m].channels[c].flag; + if (!(flag & (HOSTAPD_CHAN_DISABLED | + HOSTAPD_CHAN_NO_IR | + HOSTAPD_CHAN_RADAR))) + return 1; + } + } + + wpa_printf(MSG_DEBUG, "DPP: Peer channel %u MHz not supported", freq); + return 0; +} + + +static int freq_included(const unsigned int freqs[], unsigned int num, + unsigned int freq) +{ + while (num > 0) { + if (freqs[--num] == freq) + return 1; + } + return 0; +} + + +static void freq_to_start(unsigned int freqs[], unsigned int num, + unsigned int freq) +{ + unsigned int i; + + for (i = 0; i < num; i++) { + if (freqs[i] == freq) + break; + } + if (i == 0 || i >= num) + return; + os_memmove(&freqs[1], &freqs[0], i * sizeof(freqs[0])); + freqs[0] = freq; +} + + +static int dpp_channel_intersect(struct dpp_authentication *auth, + struct hostapd_hw_modes *own_modes, + u16 num_modes) +{ + struct dpp_bootstrap_info *peer_bi = auth->peer_bi; + unsigned int i, freq; + + for (i = 0; i < peer_bi->num_freq; i++) { + freq = peer_bi->freq[i]; + if (freq_included(auth->freq, auth->num_freq, freq)) + continue; + if (dpp_channel_ok_init(own_modes, num_modes, freq)) + auth->freq[auth->num_freq++] = freq; + } + if (!auth->num_freq) { + wpa_printf(MSG_INFO, + "DPP: No available channels for initiating DPP Authentication"); + return -1; + } + auth->curr_freq = auth->freq[0]; + return 0; +} + + +static int dpp_channel_local_list(struct dpp_authentication *auth, + struct hostapd_hw_modes *own_modes, + u16 num_modes) +{ + u16 m; + int c, flag; + unsigned int freq; + + auth->num_freq = 0; + + if (!own_modes || !num_modes) { + auth->freq[0] = 2412; + auth->freq[1] = 2437; + auth->freq[2] = 2462; + auth->num_freq = 3; + return 0; + } + + for (m = 0; m < num_modes; m++) { + for (c = 0; c < own_modes[m].num_channels; c++) { + freq = own_modes[m].channels[c].freq; + flag = own_modes[m].channels[c].flag; + if (flag & (HOSTAPD_CHAN_DISABLED | + HOSTAPD_CHAN_NO_IR | + HOSTAPD_CHAN_RADAR)) + continue; + if (freq_included(auth->freq, auth->num_freq, freq)) + continue; + auth->freq[auth->num_freq++] = freq; + if (auth->num_freq == DPP_BOOTSTRAP_MAX_FREQ) { + m = num_modes; + break; + } + } + } + + return auth->num_freq == 0 ? -1 : 0; +} + + +static int dpp_prepare_channel_list(struct dpp_authentication *auth, + struct hostapd_hw_modes *own_modes, + u16 num_modes) +{ + int res; + char freqs[DPP_BOOTSTRAP_MAX_FREQ * 6 + 10], *pos, *end; + unsigned int i; + + if (auth->peer_bi->num_freq > 0) + res = dpp_channel_intersect(auth, own_modes, num_modes); + else + res = dpp_channel_local_list(auth, own_modes, num_modes); + if (res < 0) + return res; + + /* Prioritize 2.4 GHz channels 6, 1, 11 (in this order) to hit the most + * likely channels first. */ + freq_to_start(auth->freq, auth->num_freq, 2462); + freq_to_start(auth->freq, auth->num_freq, 2412); + freq_to_start(auth->freq, auth->num_freq, 2437); + + auth->freq_idx = 0; + auth->curr_freq = auth->freq[0]; + + pos = freqs; + end = pos + sizeof(freqs); + for (i = 0; i < auth->num_freq; i++) { + res = os_snprintf(pos, end - pos, " %u", auth->freq[i]); + if (os_snprintf_error(end - pos, res)) + break; + pos += res; + } + *pos = '\0'; + wpa_printf(MSG_DEBUG, "DPP: Possible frequencies for initiating:%s", + freqs); + + return 0; +} + + +static int dpp_autogen_bootstrap_key(struct dpp_authentication *auth) +{ + struct dpp_bootstrap_info *bi; + char *pk = NULL; + size_t len; + + if (auth->own_bi) + return 0; /* already generated */ + + bi = os_zalloc(sizeof(*bi)); + if (!bi) + return -1; + bi->type = DPP_BOOTSTRAP_QR_CODE; + pk = dpp_keygen(bi, auth->peer_bi->curve->name, NULL, 0); + if (!pk) + goto fail; + + len = 4; /* "DPP:" */ + len += 4 + os_strlen(pk); + bi->uri = os_malloc(len + 1); + if (!bi->uri) + goto fail; + os_snprintf(bi->uri, len + 1, "DPP:K:%s;;", pk); + wpa_printf(MSG_DEBUG, + "DPP: Auto-generated own bootstrapping key info: URI %s", + bi->uri); + + auth->tmp_own_bi = auth->own_bi = bi; + + os_free(pk); + + return 0; +fail: + os_free(pk); + dpp_bootstrap_info_free(bi); + return -1; +} + + +struct dpp_authentication * dpp_auth_init(void *msg_ctx, + struct dpp_bootstrap_info *peer_bi, + struct dpp_bootstrap_info *own_bi, + u8 dpp_allowed_roles, + unsigned int neg_freq, + struct hostapd_hw_modes *own_modes, + u16 num_modes) +{ + struct dpp_authentication *auth; + size_t nonce_len; + EVP_PKEY_CTX *ctx = NULL; + size_t secret_len; + struct wpabuf *pi = NULL; + const u8 *r_pubkey_hash, *i_pubkey_hash; +#ifdef CONFIG_TESTING_OPTIONS + u8 test_hash[SHA256_MAC_LEN]; +#endif /* CONFIG_TESTING_OPTIONS */ + + auth = os_zalloc(sizeof(*auth)); + if (!auth) + return NULL; + auth->msg_ctx = msg_ctx; + auth->initiator = 1; + auth->waiting_auth_resp = 1; + auth->allowed_roles = dpp_allowed_roles; + auth->configurator = !!(dpp_allowed_roles & DPP_CAPAB_CONFIGURATOR); + auth->peer_bi = peer_bi; + auth->own_bi = own_bi; + auth->curve = peer_bi->curve; + + if (dpp_autogen_bootstrap_key(auth) < 0 || + dpp_prepare_channel_list(auth, own_modes, num_modes) < 0) + goto fail; + +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_nonce_override_len > 0) { + wpa_printf(MSG_INFO, "DPP: TESTING - override I-nonce"); + nonce_len = dpp_nonce_override_len; + os_memcpy(auth->i_nonce, dpp_nonce_override, nonce_len); + } else { + nonce_len = auth->curve->nonce_len; + if (random_get_bytes(auth->i_nonce, nonce_len)) { + wpa_printf(MSG_ERROR, + "DPP: Failed to generate I-nonce"); + goto fail; + } + } +#else /* CONFIG_TESTING_OPTIONS */ + nonce_len = auth->curve->nonce_len; + if (random_get_bytes(auth->i_nonce, nonce_len)) { + wpa_printf(MSG_ERROR, "DPP: Failed to generate I-nonce"); + goto fail; + } +#endif /* CONFIG_TESTING_OPTIONS */ + wpa_hexdump(MSG_DEBUG, "DPP: I-nonce", auth->i_nonce, nonce_len); + +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_protocol_key_override_len) { + const struct dpp_curve_params *tmp_curve; + + wpa_printf(MSG_INFO, + "DPP: TESTING - override protocol key"); + auth->own_protocol_key = dpp_set_keypair( + &tmp_curve, dpp_protocol_key_override, + dpp_protocol_key_override_len); + } else { + auth->own_protocol_key = dpp_gen_keypair(auth->curve); + } +#else /* CONFIG_TESTING_OPTIONS */ + auth->own_protocol_key = dpp_gen_keypair(auth->curve); +#endif /* CONFIG_TESTING_OPTIONS */ + if (!auth->own_protocol_key) + goto fail; + + pi = dpp_get_pubkey_point(auth->own_protocol_key, 0); + if (!pi) + goto fail; + + /* ECDH: M = pI * BR */ + ctx = EVP_PKEY_CTX_new(auth->own_protocol_key, NULL); + if (!ctx || + EVP_PKEY_derive_init(ctx) != 1 || + EVP_PKEY_derive_set_peer(ctx, auth->peer_bi->pubkey) != 1 || + EVP_PKEY_derive(ctx, NULL, &secret_len) != 1 || + secret_len > DPP_MAX_SHARED_SECRET_LEN || + EVP_PKEY_derive(ctx, auth->Mx, &secret_len) != 1) { + wpa_printf(MSG_ERROR, + "DPP: Failed to derive ECDH shared secret: %s", + ERR_error_string(ERR_get_error(), NULL)); + goto fail; + } + auth->secret_len = secret_len; + EVP_PKEY_CTX_free(ctx); + ctx = NULL; + + wpa_hexdump_key(MSG_DEBUG, "DPP: ECDH shared secret (M.x)", + auth->Mx, auth->secret_len); + auth->Mx_len = auth->secret_len; + + if (dpp_derive_k1(auth->Mx, auth->secret_len, auth->k1, + auth->curve->hash_len) < 0) + goto fail; + + r_pubkey_hash = auth->peer_bi->pubkey_hash; + i_pubkey_hash = auth->own_bi->pubkey_hash; + +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_test == DPP_TEST_NO_R_BOOTSTRAP_KEY_HASH_AUTH_REQ) { + wpa_printf(MSG_INFO, "DPP: TESTING - no R-Bootstrap Key Hash"); + r_pubkey_hash = NULL; + } else if (dpp_test == DPP_TEST_INVALID_R_BOOTSTRAP_KEY_HASH_AUTH_REQ) { + wpa_printf(MSG_INFO, + "DPP: TESTING - invalid R-Bootstrap Key Hash"); + os_memcpy(test_hash, r_pubkey_hash, SHA256_MAC_LEN); + test_hash[SHA256_MAC_LEN - 1] ^= 0x01; + r_pubkey_hash = test_hash; + } else if (dpp_test == DPP_TEST_NO_I_BOOTSTRAP_KEY_HASH_AUTH_REQ) { + wpa_printf(MSG_INFO, "DPP: TESTING - no I-Bootstrap Key Hash"); + i_pubkey_hash = NULL; + } else if (dpp_test == DPP_TEST_INVALID_I_BOOTSTRAP_KEY_HASH_AUTH_REQ) { + wpa_printf(MSG_INFO, + "DPP: TESTING - invalid I-Bootstrap Key Hash"); + os_memcpy(test_hash, i_pubkey_hash, SHA256_MAC_LEN); + test_hash[SHA256_MAC_LEN - 1] ^= 0x01; + i_pubkey_hash = test_hash; + } else if (dpp_test == DPP_TEST_NO_I_PROTO_KEY_AUTH_REQ) { + wpa_printf(MSG_INFO, "DPP: TESTING - no I-Proto Key"); + wpabuf_free(pi); + pi = NULL; + } else if (dpp_test == DPP_TEST_INVALID_I_PROTO_KEY_AUTH_REQ) { + wpa_printf(MSG_INFO, "DPP: TESTING - invalid I-Proto Key"); + wpabuf_free(pi); + pi = wpabuf_alloc(2 * auth->curve->prime_len); + if (!pi || dpp_test_gen_invalid_key(pi, auth->curve) < 0) + goto fail; + } +#endif /* CONFIG_TESTING_OPTIONS */ + + auth->req_msg = dpp_auth_build_req(auth, pi, nonce_len, r_pubkey_hash, + i_pubkey_hash, neg_freq); + if (!auth->req_msg) + goto fail; + +out: + wpabuf_free(pi); + EVP_PKEY_CTX_free(ctx); + return auth; +fail: + dpp_auth_deinit(auth); + auth = NULL; + goto out; +} + + +struct wpabuf * dpp_build_conf_req(struct dpp_authentication *auth, + const char *json) +{ + size_t nonce_len; + size_t json_len, clear_len; + struct wpabuf *clear = NULL, *msg = NULL; + u8 *wrapped; + size_t attr_len; + + wpa_printf(MSG_DEBUG, "DPP: Build configuration request"); + + nonce_len = auth->curve->nonce_len; + if (random_get_bytes(auth->e_nonce, nonce_len)) { + wpa_printf(MSG_ERROR, "DPP: Failed to generate E-nonce"); + goto fail; + } + wpa_hexdump(MSG_DEBUG, "DPP: E-nonce", auth->e_nonce, nonce_len); + json_len = os_strlen(json); + wpa_hexdump_ascii(MSG_DEBUG, "DPP: configAttr JSON", json, json_len); + + /* { E-nonce, configAttrib }ke */ + clear_len = 4 + nonce_len + 4 + json_len; + clear = wpabuf_alloc(clear_len); + attr_len = 4 + clear_len + AES_BLOCK_SIZE; +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_test == DPP_TEST_AFTER_WRAPPED_DATA_CONF_REQ) + attr_len += 5; +#endif /* CONFIG_TESTING_OPTIONS */ + msg = wpabuf_alloc(attr_len); + if (!clear || !msg) + goto fail; + +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_test == DPP_TEST_NO_E_NONCE_CONF_REQ) { + wpa_printf(MSG_INFO, "DPP: TESTING - no E-nonce"); + goto skip_e_nonce; + } + if (dpp_test == DPP_TEST_INVALID_E_NONCE_CONF_REQ) { + wpa_printf(MSG_INFO, "DPP: TESTING - invalid E-nonce"); + wpabuf_put_le16(clear, DPP_ATTR_ENROLLEE_NONCE); + wpabuf_put_le16(clear, nonce_len - 1); + wpabuf_put_data(clear, auth->e_nonce, nonce_len - 1); + goto skip_e_nonce; + } + if (dpp_test == DPP_TEST_NO_WRAPPED_DATA_CONF_REQ) { + wpa_printf(MSG_INFO, "DPP: TESTING - no Wrapped Data"); + goto skip_wrapped_data; + } +#endif /* CONFIG_TESTING_OPTIONS */ + + /* E-nonce */ + wpabuf_put_le16(clear, DPP_ATTR_ENROLLEE_NONCE); + wpabuf_put_le16(clear, nonce_len); + wpabuf_put_data(clear, auth->e_nonce, nonce_len); + +#ifdef CONFIG_TESTING_OPTIONS +skip_e_nonce: + if (dpp_test == DPP_TEST_NO_CONFIG_ATTR_OBJ_CONF_REQ) { + wpa_printf(MSG_INFO, "DPP: TESTING - no configAttrib"); + goto skip_conf_attr_obj; + } +#endif /* CONFIG_TESTING_OPTIONS */ + + /* configAttrib */ + wpabuf_put_le16(clear, DPP_ATTR_CONFIG_ATTR_OBJ); + wpabuf_put_le16(clear, json_len); + wpabuf_put_data(clear, json, json_len); + +#ifdef CONFIG_TESTING_OPTIONS +skip_conf_attr_obj: +#endif /* CONFIG_TESTING_OPTIONS */ + + wpabuf_put_le16(msg, DPP_ATTR_WRAPPED_DATA); + wpabuf_put_le16(msg, wpabuf_len(clear) + AES_BLOCK_SIZE); + wrapped = wpabuf_put(msg, wpabuf_len(clear) + AES_BLOCK_SIZE); + + /* No AES-SIV AD */ + wpa_hexdump_buf(MSG_DEBUG, "DPP: AES-SIV cleartext", clear); + if (aes_siv_encrypt(auth->ke, auth->curve->hash_len, + wpabuf_head(clear), wpabuf_len(clear), + 0, NULL, NULL, wrapped) < 0) + goto fail; + wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV ciphertext", + wrapped, wpabuf_len(clear) + AES_BLOCK_SIZE); + +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_test == DPP_TEST_AFTER_WRAPPED_DATA_CONF_REQ) { + wpa_printf(MSG_INFO, "DPP: TESTING - attr after Wrapped Data"); + dpp_build_attr_status(msg, DPP_STATUS_OK); + } +skip_wrapped_data: +#endif /* CONFIG_TESTING_OPTIONS */ + + wpa_hexdump_buf(MSG_DEBUG, + "DPP: Configuration Request frame attributes", msg); + wpabuf_free(clear); + return msg; + +fail: + wpabuf_free(clear); + wpabuf_free(msg); + return NULL; +} + + +static void dpp_auth_success(struct dpp_authentication *auth) +{ + wpa_printf(MSG_DEBUG, + "DPP: Authentication success - clear temporary keys"); + os_memset(auth->Mx, 0, sizeof(auth->Mx)); + auth->Mx_len = 0; + os_memset(auth->Nx, 0, sizeof(auth->Nx)); + auth->Nx_len = 0; + os_memset(auth->Lx, 0, sizeof(auth->Lx)); + auth->Lx_len = 0; + os_memset(auth->k1, 0, sizeof(auth->k1)); + os_memset(auth->k2, 0, sizeof(auth->k2)); + + auth->auth_success = 1; +} + + +static int dpp_gen_r_auth(struct dpp_authentication *auth, u8 *r_auth) +{ + struct wpabuf *pix, *prx, *bix, *brx; + const u8 *addr[7]; + size_t len[7]; + size_t i, num_elem = 0; + size_t nonce_len; + u8 zero = 0; + int res = -1; + + /* R-auth = H(I-nonce | R-nonce | PI.x | PR.x | [BI.x |] BR.x | 0) */ + nonce_len = auth->curve->nonce_len; + + if (auth->initiator) { + pix = dpp_get_pubkey_point(auth->own_protocol_key, 0); + prx = dpp_get_pubkey_point(auth->peer_protocol_key, 0); + if (auth->own_bi) + bix = dpp_get_pubkey_point(auth->own_bi->pubkey, 0); + else + bix = NULL; + brx = dpp_get_pubkey_point(auth->peer_bi->pubkey, 0); + } else { + pix = dpp_get_pubkey_point(auth->peer_protocol_key, 0); + prx = dpp_get_pubkey_point(auth->own_protocol_key, 0); + if (auth->peer_bi) + bix = dpp_get_pubkey_point(auth->peer_bi->pubkey, 0); + else + bix = NULL; + brx = dpp_get_pubkey_point(auth->own_bi->pubkey, 0); + } + if (!pix || !prx || !brx) + goto fail; + + addr[num_elem] = auth->i_nonce; + len[num_elem] = nonce_len; + num_elem++; + + addr[num_elem] = auth->r_nonce; + len[num_elem] = nonce_len; + num_elem++; + + addr[num_elem] = wpabuf_head(pix); + len[num_elem] = wpabuf_len(pix) / 2; + num_elem++; + + addr[num_elem] = wpabuf_head(prx); + len[num_elem] = wpabuf_len(prx) / 2; + num_elem++; + + if (bix) { + addr[num_elem] = wpabuf_head(bix); + len[num_elem] = wpabuf_len(bix) / 2; + num_elem++; + } + + addr[num_elem] = wpabuf_head(brx); + len[num_elem] = wpabuf_len(brx) / 2; + num_elem++; + + addr[num_elem] = &zero; + len[num_elem] = 1; + num_elem++; + + wpa_printf(MSG_DEBUG, "DPP: R-auth hash components"); + for (i = 0; i < num_elem; i++) + wpa_hexdump(MSG_DEBUG, "DPP: hash component", addr[i], len[i]); + res = dpp_hash_vector(auth->curve, num_elem, addr, len, r_auth); + if (res == 0) + wpa_hexdump(MSG_DEBUG, "DPP: R-auth", r_auth, + auth->curve->hash_len); +fail: + wpabuf_free(pix); + wpabuf_free(prx); + wpabuf_free(bix); + wpabuf_free(brx); + return res; +} + + +static int dpp_gen_i_auth(struct dpp_authentication *auth, u8 *i_auth) +{ + struct wpabuf *pix = NULL, *prx = NULL, *bix = NULL, *brx = NULL; + const u8 *addr[7]; + size_t len[7]; + size_t i, num_elem = 0; + size_t nonce_len; + u8 one = 1; + int res = -1; + + /* I-auth = H(R-nonce | I-nonce | PR.x | PI.x | BR.x | [BI.x |] 1) */ + nonce_len = auth->curve->nonce_len; + + if (auth->initiator) { + pix = dpp_get_pubkey_point(auth->own_protocol_key, 0); + prx = dpp_get_pubkey_point(auth->peer_protocol_key, 0); + if (auth->own_bi) + bix = dpp_get_pubkey_point(auth->own_bi->pubkey, 0); + else + bix = NULL; + if (!auth->peer_bi) + goto fail; + brx = dpp_get_pubkey_point(auth->peer_bi->pubkey, 0); + } else { + pix = dpp_get_pubkey_point(auth->peer_protocol_key, 0); + prx = dpp_get_pubkey_point(auth->own_protocol_key, 0); + if (auth->peer_bi) + bix = dpp_get_pubkey_point(auth->peer_bi->pubkey, 0); + else + bix = NULL; + if (!auth->own_bi) + goto fail; + brx = dpp_get_pubkey_point(auth->own_bi->pubkey, 0); + } + if (!pix || !prx || !brx) + goto fail; + + addr[num_elem] = auth->r_nonce; + len[num_elem] = nonce_len; + num_elem++; + + addr[num_elem] = auth->i_nonce; + len[num_elem] = nonce_len; + num_elem++; + + addr[num_elem] = wpabuf_head(prx); + len[num_elem] = wpabuf_len(prx) / 2; + num_elem++; + + addr[num_elem] = wpabuf_head(pix); + len[num_elem] = wpabuf_len(pix) / 2; + num_elem++; + + addr[num_elem] = wpabuf_head(brx); + len[num_elem] = wpabuf_len(brx) / 2; + num_elem++; + + if (bix) { + addr[num_elem] = wpabuf_head(bix); + len[num_elem] = wpabuf_len(bix) / 2; + num_elem++; + } + + addr[num_elem] = &one; + len[num_elem] = 1; + num_elem++; + + wpa_printf(MSG_DEBUG, "DPP: I-auth hash components"); + for (i = 0; i < num_elem; i++) + wpa_hexdump(MSG_DEBUG, "DPP: hash component", addr[i], len[i]); + res = dpp_hash_vector(auth->curve, num_elem, addr, len, i_auth); + if (res == 0) + wpa_hexdump(MSG_DEBUG, "DPP: I-auth", i_auth, + auth->curve->hash_len); +fail: + wpabuf_free(pix); + wpabuf_free(prx); + wpabuf_free(bix); + wpabuf_free(brx); + return res; +} + + +static int dpp_auth_derive_l_responder(struct dpp_authentication *auth) +{ + const EC_GROUP *group; + EC_POINT *l = NULL; + EC_KEY *BI = NULL, *bR = NULL, *pR = NULL; + const EC_POINT *BI_point; + BN_CTX *bnctx; + BIGNUM *lx, *sum, *q; + const BIGNUM *bR_bn, *pR_bn; + int ret = -1; + + /* L = ((bR + pR) modulo q) * BI */ + + bnctx = BN_CTX_new(); + sum = BN_new(); + q = BN_new(); + lx = BN_new(); + if (!bnctx || !sum || !q || !lx) + goto fail; + BI = EVP_PKEY_get1_EC_KEY(auth->peer_bi->pubkey); + if (!BI) + goto fail; + BI_point = EC_KEY_get0_public_key(BI); + group = EC_KEY_get0_group(BI); + if (!group) + goto fail; + + bR = EVP_PKEY_get1_EC_KEY(auth->own_bi->pubkey); + pR = EVP_PKEY_get1_EC_KEY(auth->own_protocol_key); + if (!bR || !pR) + goto fail; + bR_bn = EC_KEY_get0_private_key(bR); + pR_bn = EC_KEY_get0_private_key(pR); + if (!bR_bn || !pR_bn) + goto fail; + if (EC_GROUP_get_order(group, q, bnctx) != 1 || + BN_mod_add(sum, bR_bn, pR_bn, q, bnctx) != 1) + goto fail; + l = EC_POINT_new(group); + if (!l || + EC_POINT_mul(group, l, NULL, BI_point, sum, bnctx) != 1 || + EC_POINT_get_affine_coordinates_GFp(group, l, lx, NULL, + bnctx) != 1) { + wpa_printf(MSG_ERROR, + "OpenSSL: failed: %s", + ERR_error_string(ERR_get_error(), NULL)); + goto fail; + } + + if (dpp_bn2bin_pad(lx, auth->Lx, auth->secret_len) < 0) + goto fail; + wpa_hexdump_key(MSG_DEBUG, "DPP: L.x", auth->Lx, auth->secret_len); + auth->Lx_len = auth->secret_len; + ret = 0; +fail: + EC_POINT_clear_free(l); + EC_KEY_free(BI); + EC_KEY_free(bR); + EC_KEY_free(pR); + BN_clear_free(lx); + BN_clear_free(sum); + BN_free(q); + BN_CTX_free(bnctx); + return ret; +} + + +static int dpp_auth_derive_l_initiator(struct dpp_authentication *auth) +{ + const EC_GROUP *group; + EC_POINT *l = NULL, *sum = NULL; + EC_KEY *bI = NULL, *BR = NULL, *PR = NULL; + const EC_POINT *BR_point, *PR_point; + BN_CTX *bnctx; + BIGNUM *lx; + const BIGNUM *bI_bn; + int ret = -1; + + /* L = bI * (BR + PR) */ + + bnctx = BN_CTX_new(); + lx = BN_new(); + if (!bnctx || !lx) + goto fail; + BR = EVP_PKEY_get1_EC_KEY(auth->peer_bi->pubkey); + PR = EVP_PKEY_get1_EC_KEY(auth->peer_protocol_key); + if (!BR || !PR) + goto fail; + BR_point = EC_KEY_get0_public_key(BR); + PR_point = EC_KEY_get0_public_key(PR); + + bI = EVP_PKEY_get1_EC_KEY(auth->own_bi->pubkey); + if (!bI) + goto fail; + group = EC_KEY_get0_group(bI); + bI_bn = EC_KEY_get0_private_key(bI); + if (!group || !bI_bn) + goto fail; + sum = EC_POINT_new(group); + l = EC_POINT_new(group); + if (!sum || !l || + EC_POINT_add(group, sum, BR_point, PR_point, bnctx) != 1 || + EC_POINT_mul(group, l, NULL, sum, bI_bn, bnctx) != 1 || + EC_POINT_get_affine_coordinates_GFp(group, l, lx, NULL, + bnctx) != 1) { + wpa_printf(MSG_ERROR, + "OpenSSL: failed: %s", + ERR_error_string(ERR_get_error(), NULL)); + goto fail; + } + + if (dpp_bn2bin_pad(lx, auth->Lx, auth->secret_len) < 0) + goto fail; + wpa_hexdump_key(MSG_DEBUG, "DPP: L.x", auth->Lx, auth->secret_len); + auth->Lx_len = auth->secret_len; + ret = 0; +fail: + EC_POINT_clear_free(l); + EC_POINT_clear_free(sum); + EC_KEY_free(bI); + EC_KEY_free(BR); + EC_KEY_free(PR); + BN_clear_free(lx); + BN_CTX_free(bnctx); + return ret; +} + + +static int dpp_auth_build_resp_ok(struct dpp_authentication *auth) +{ + size_t nonce_len; + EVP_PKEY_CTX *ctx = NULL; + size_t secret_len; + struct wpabuf *msg, *pr = NULL; + u8 r_auth[4 + DPP_MAX_HASH_LEN]; + u8 wrapped_r_auth[4 + DPP_MAX_HASH_LEN + AES_BLOCK_SIZE], *w_r_auth; + size_t wrapped_r_auth_len; + int ret = -1; + const u8 *r_pubkey_hash, *i_pubkey_hash, *r_nonce, *i_nonce; + enum dpp_status_error status = DPP_STATUS_OK; +#ifdef CONFIG_TESTING_OPTIONS + u8 test_hash[SHA256_MAC_LEN]; +#endif /* CONFIG_TESTING_OPTIONS */ + + wpa_printf(MSG_DEBUG, "DPP: Build Authentication Response"); + if (!auth->own_bi) + return -1; + +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_nonce_override_len > 0) { + wpa_printf(MSG_INFO, "DPP: TESTING - override R-nonce"); + nonce_len = dpp_nonce_override_len; + os_memcpy(auth->r_nonce, dpp_nonce_override, nonce_len); + } else { + nonce_len = auth->curve->nonce_len; + if (random_get_bytes(auth->r_nonce, nonce_len)) { + wpa_printf(MSG_ERROR, + "DPP: Failed to generate R-nonce"); + goto fail; + } + } +#else /* CONFIG_TESTING_OPTIONS */ + nonce_len = auth->curve->nonce_len; + if (random_get_bytes(auth->r_nonce, nonce_len)) { + wpa_printf(MSG_ERROR, "DPP: Failed to generate R-nonce"); + goto fail; + } +#endif /* CONFIG_TESTING_OPTIONS */ + wpa_hexdump(MSG_DEBUG, "DPP: R-nonce", auth->r_nonce, nonce_len); + +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_protocol_key_override_len) { + const struct dpp_curve_params *tmp_curve; + + wpa_printf(MSG_INFO, + "DPP: TESTING - override protocol key"); + auth->own_protocol_key = dpp_set_keypair( + &tmp_curve, dpp_protocol_key_override, + dpp_protocol_key_override_len); + } else { + auth->own_protocol_key = dpp_gen_keypair(auth->curve); + } +#else /* CONFIG_TESTING_OPTIONS */ + auth->own_protocol_key = dpp_gen_keypair(auth->curve); +#endif /* CONFIG_TESTING_OPTIONS */ + if (!auth->own_protocol_key) + goto fail; + + pr = dpp_get_pubkey_point(auth->own_protocol_key, 0); + if (!pr) + goto fail; + + /* ECDH: N = pR * PI */ + ctx = EVP_PKEY_CTX_new(auth->own_protocol_key, NULL); + if (!ctx || + EVP_PKEY_derive_init(ctx) != 1 || + EVP_PKEY_derive_set_peer(ctx, auth->peer_protocol_key) != 1 || + EVP_PKEY_derive(ctx, NULL, &secret_len) != 1 || + secret_len > DPP_MAX_SHARED_SECRET_LEN || + EVP_PKEY_derive(ctx, auth->Nx, &secret_len) != 1) { + wpa_printf(MSG_ERROR, + "DPP: Failed to derive ECDH shared secret: %s", + ERR_error_string(ERR_get_error(), NULL)); + goto fail; + } + EVP_PKEY_CTX_free(ctx); + ctx = NULL; + + wpa_hexdump_key(MSG_DEBUG, "DPP: ECDH shared secret (N.x)", + auth->Nx, auth->secret_len); + auth->Nx_len = auth->secret_len; + + if (dpp_derive_k2(auth->Nx, auth->secret_len, auth->k2, + auth->curve->hash_len) < 0) + goto fail; + + if (auth->own_bi && auth->peer_bi) { + /* Mutual authentication */ + if (dpp_auth_derive_l_responder(auth) < 0) + goto fail; + } + + if (dpp_derive_ke(auth, auth->ke, auth->curve->hash_len) < 0) + goto fail; + + /* R-auth = H(I-nonce | R-nonce | PI.x | PR.x | [BI.x |] BR.x | 0) */ + WPA_PUT_LE16(r_auth, DPP_ATTR_R_AUTH_TAG); + WPA_PUT_LE16(&r_auth[2], auth->curve->hash_len); + if (dpp_gen_r_auth(auth, r_auth + 4) < 0) + goto fail; +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_test == DPP_TEST_R_AUTH_MISMATCH_AUTH_RESP) { + wpa_printf(MSG_INFO, "DPP: TESTING - R-auth mismatch"); + r_auth[4 + auth->curve->hash_len / 2] ^= 0x01; + } +#endif /* CONFIG_TESTING_OPTIONS */ + if (aes_siv_encrypt(auth->ke, auth->curve->hash_len, + r_auth, 4 + auth->curve->hash_len, + 0, NULL, NULL, wrapped_r_auth) < 0) + goto fail; + wrapped_r_auth_len = 4 + auth->curve->hash_len + AES_BLOCK_SIZE; + wpa_hexdump(MSG_DEBUG, "DPP: {R-auth}ke", + wrapped_r_auth, wrapped_r_auth_len); + w_r_auth = wrapped_r_auth; + + r_pubkey_hash = auth->own_bi->pubkey_hash; + if (auth->peer_bi) + i_pubkey_hash = auth->peer_bi->pubkey_hash; + else + i_pubkey_hash = NULL; + + i_nonce = auth->i_nonce; + r_nonce = auth->r_nonce; + +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_test == DPP_TEST_NO_R_BOOTSTRAP_KEY_HASH_AUTH_RESP) { + wpa_printf(MSG_INFO, "DPP: TESTING - no R-Bootstrap Key Hash"); + r_pubkey_hash = NULL; + } else if (dpp_test == + DPP_TEST_INVALID_R_BOOTSTRAP_KEY_HASH_AUTH_RESP) { + wpa_printf(MSG_INFO, + "DPP: TESTING - invalid R-Bootstrap Key Hash"); + os_memcpy(test_hash, r_pubkey_hash, SHA256_MAC_LEN); + test_hash[SHA256_MAC_LEN - 1] ^= 0x01; + r_pubkey_hash = test_hash; + } else if (dpp_test == DPP_TEST_NO_I_BOOTSTRAP_KEY_HASH_AUTH_RESP) { + wpa_printf(MSG_INFO, "DPP: TESTING - no I-Bootstrap Key Hash"); + i_pubkey_hash = NULL; + } else if (dpp_test == + DPP_TEST_INVALID_I_BOOTSTRAP_KEY_HASH_AUTH_RESP) { + wpa_printf(MSG_INFO, + "DPP: TESTING - invalid I-Bootstrap Key Hash"); + if (i_pubkey_hash) + os_memcpy(test_hash, i_pubkey_hash, SHA256_MAC_LEN); + else + os_memset(test_hash, 0, SHA256_MAC_LEN); + test_hash[SHA256_MAC_LEN - 1] ^= 0x01; + i_pubkey_hash = test_hash; + } else if (dpp_test == DPP_TEST_NO_R_PROTO_KEY_AUTH_RESP) { + wpa_printf(MSG_INFO, "DPP: TESTING - no R-Proto Key"); + wpabuf_free(pr); + pr = NULL; + } else if (dpp_test == DPP_TEST_INVALID_R_PROTO_KEY_AUTH_RESP) { + wpa_printf(MSG_INFO, "DPP: TESTING - invalid R-Proto Key"); + wpabuf_free(pr); + pr = wpabuf_alloc(2 * auth->curve->prime_len); + if (!pr || dpp_test_gen_invalid_key(pr, auth->curve) < 0) + goto fail; + } else if (dpp_test == DPP_TEST_NO_R_AUTH_AUTH_RESP) { + wpa_printf(MSG_INFO, "DPP: TESTING - no R-Auth"); + w_r_auth = NULL; + wrapped_r_auth_len = 0; + } else if (dpp_test == DPP_TEST_NO_STATUS_AUTH_RESP) { + wpa_printf(MSG_INFO, "DPP: TESTING - no Status"); + status = 255; + } else if (dpp_test == DPP_TEST_INVALID_STATUS_AUTH_RESP) { + wpa_printf(MSG_INFO, "DPP: TESTING - invalid Status"); + status = 254; + } else if (dpp_test == DPP_TEST_NO_R_NONCE_AUTH_RESP) { + wpa_printf(MSG_INFO, "DPP: TESTING - no R-nonce"); + r_nonce = NULL; + } else if (dpp_test == DPP_TEST_NO_I_NONCE_AUTH_RESP) { + wpa_printf(MSG_INFO, "DPP: TESTING - no I-nonce"); + i_nonce = NULL; + } +#endif /* CONFIG_TESTING_OPTIONS */ + + msg = dpp_auth_build_resp(auth, status, pr, nonce_len, + r_pubkey_hash, i_pubkey_hash, + r_nonce, i_nonce, + w_r_auth, wrapped_r_auth_len, + auth->k2); + if (!msg) + goto fail; + wpabuf_free(auth->resp_msg); + auth->resp_msg = msg; + ret = 0; +fail: + wpabuf_free(pr); + return ret; +} + + +static int dpp_auth_build_resp_status(struct dpp_authentication *auth, + enum dpp_status_error status) +{ + struct wpabuf *msg; + const u8 *r_pubkey_hash, *i_pubkey_hash, *i_nonce; +#ifdef CONFIG_TESTING_OPTIONS + u8 test_hash[SHA256_MAC_LEN]; +#endif /* CONFIG_TESTING_OPTIONS */ + + if (!auth->own_bi) + return -1; + wpa_printf(MSG_DEBUG, "DPP: Build Authentication Response"); + + r_pubkey_hash = auth->own_bi->pubkey_hash; + if (auth->peer_bi) + i_pubkey_hash = auth->peer_bi->pubkey_hash; + else + i_pubkey_hash = NULL; + + i_nonce = auth->i_nonce; + +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_test == DPP_TEST_NO_R_BOOTSTRAP_KEY_HASH_AUTH_RESP) { + wpa_printf(MSG_INFO, "DPP: TESTING - no R-Bootstrap Key Hash"); + r_pubkey_hash = NULL; + } else if (dpp_test == + DPP_TEST_INVALID_R_BOOTSTRAP_KEY_HASH_AUTH_RESP) { + wpa_printf(MSG_INFO, + "DPP: TESTING - invalid R-Bootstrap Key Hash"); + os_memcpy(test_hash, r_pubkey_hash, SHA256_MAC_LEN); + test_hash[SHA256_MAC_LEN - 1] ^= 0x01; + r_pubkey_hash = test_hash; + } else if (dpp_test == DPP_TEST_NO_I_BOOTSTRAP_KEY_HASH_AUTH_RESP) { + wpa_printf(MSG_INFO, "DPP: TESTING - no I-Bootstrap Key Hash"); + i_pubkey_hash = NULL; + } else if (dpp_test == + DPP_TEST_INVALID_I_BOOTSTRAP_KEY_HASH_AUTH_RESP) { + wpa_printf(MSG_INFO, + "DPP: TESTING - invalid I-Bootstrap Key Hash"); + if (i_pubkey_hash) + os_memcpy(test_hash, i_pubkey_hash, SHA256_MAC_LEN); + else + os_memset(test_hash, 0, SHA256_MAC_LEN); + test_hash[SHA256_MAC_LEN - 1] ^= 0x01; + i_pubkey_hash = test_hash; + } else if (dpp_test == DPP_TEST_NO_STATUS_AUTH_RESP) { + wpa_printf(MSG_INFO, "DPP: TESTING - no Status"); + status = 255; + } else if (dpp_test == DPP_TEST_NO_I_NONCE_AUTH_RESP) { + wpa_printf(MSG_INFO, "DPP: TESTING - no I-nonce"); + i_nonce = NULL; + } +#endif /* CONFIG_TESTING_OPTIONS */ + + msg = dpp_auth_build_resp(auth, status, NULL, auth->curve->nonce_len, + r_pubkey_hash, i_pubkey_hash, + NULL, i_nonce, NULL, 0, auth->k1); + if (!msg) + return -1; + wpabuf_free(auth->resp_msg); + auth->resp_msg = msg; + return 0; +} + + +struct dpp_authentication * +dpp_auth_req_rx(void *msg_ctx, u8 dpp_allowed_roles, int qr_mutual, + struct dpp_bootstrap_info *peer_bi, + struct dpp_bootstrap_info *own_bi, + unsigned int freq, const u8 *hdr, const u8 *attr_start, + size_t attr_len) +{ + EVP_PKEY *pi = NULL; + EVP_PKEY_CTX *ctx = NULL; + size_t secret_len; + const u8 *addr[2]; + size_t len[2]; + u8 *unwrapped = NULL; + size_t unwrapped_len = 0; + const u8 *wrapped_data, *i_proto, *i_nonce, *i_capab, *i_bootstrap, + *channel; + u16 wrapped_data_len, i_proto_len, i_nonce_len, i_capab_len, + i_bootstrap_len, channel_len; + struct dpp_authentication *auth = NULL; + +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_test == DPP_TEST_STOP_AT_AUTH_REQ) { + wpa_printf(MSG_INFO, + "DPP: TESTING - stop at Authentication Request"); + return NULL; + } +#endif /* CONFIG_TESTING_OPTIONS */ + + wrapped_data = dpp_get_attr(attr_start, attr_len, DPP_ATTR_WRAPPED_DATA, + &wrapped_data_len); + if (!wrapped_data || wrapped_data_len < AES_BLOCK_SIZE) { + wpa_msg(msg_ctx, MSG_INFO, DPP_EVENT_FAIL + "Missing or invalid required Wrapped Data attribute"); + return NULL; + } + wpa_hexdump(MSG_MSGDUMP, "DPP: Wrapped Data", + wrapped_data, wrapped_data_len); + attr_len = wrapped_data - 4 - attr_start; + + auth = os_zalloc(sizeof(*auth)); + if (!auth) + goto fail; + auth->msg_ctx = msg_ctx; + auth->peer_bi = peer_bi; + auth->own_bi = own_bi; + auth->curve = own_bi->curve; + auth->curr_freq = freq; + + channel = dpp_get_attr(attr_start, attr_len, DPP_ATTR_CHANNEL, + &channel_len); + if (channel) { + int neg_freq; + + if (channel_len < 2) { + dpp_auth_fail(auth, "Too short Channel attribute"); + goto fail; + } + + neg_freq = ieee80211_chan_to_freq(NULL, channel[0], channel[1]); + wpa_printf(MSG_DEBUG, + "DPP: Initiator requested different channel for negotiation: op_class=%u channel=%u --> freq=%d", + channel[0], channel[1], neg_freq); + if (neg_freq < 0) { + dpp_auth_fail(auth, + "Unsupported Channel attribute value"); + goto fail; + } + + if (auth->curr_freq != (unsigned int) neg_freq) { + wpa_printf(MSG_DEBUG, + "DPP: Changing negotiation channel from %u MHz to %u MHz", + freq, neg_freq); + auth->curr_freq = neg_freq; + } + } + + i_proto = dpp_get_attr(attr_start, attr_len, DPP_ATTR_I_PROTOCOL_KEY, + &i_proto_len); + if (!i_proto) { + dpp_auth_fail(auth, + "Missing required Initiator Protocol Key attribute"); + goto fail; + } + wpa_hexdump(MSG_MSGDUMP, "DPP: Initiator Protocol Key", + i_proto, i_proto_len); + + /* M = bR * PI */ + pi = dpp_set_pubkey_point(own_bi->pubkey, i_proto, i_proto_len); + if (!pi) { + dpp_auth_fail(auth, "Invalid Initiator Protocol Key"); + goto fail; + } + dpp_debug_print_key("Peer (Initiator) Protocol Key", pi); + + ctx = EVP_PKEY_CTX_new(own_bi->pubkey, NULL); + if (!ctx || + EVP_PKEY_derive_init(ctx) != 1 || + EVP_PKEY_derive_set_peer(ctx, pi) != 1 || + EVP_PKEY_derive(ctx, NULL, &secret_len) != 1 || + secret_len > DPP_MAX_SHARED_SECRET_LEN || + EVP_PKEY_derive(ctx, auth->Mx, &secret_len) != 1) { + wpa_printf(MSG_ERROR, + "DPP: Failed to derive ECDH shared secret: %s", + ERR_error_string(ERR_get_error(), NULL)); + dpp_auth_fail(auth, "Failed to derive ECDH shared secret"); + goto fail; + } + auth->secret_len = secret_len; + EVP_PKEY_CTX_free(ctx); + ctx = NULL; + + wpa_hexdump_key(MSG_DEBUG, "DPP: ECDH shared secret (M.x)", + auth->Mx, auth->secret_len); + auth->Mx_len = auth->secret_len; + + if (dpp_derive_k1(auth->Mx, auth->secret_len, auth->k1, + auth->curve->hash_len) < 0) + goto fail; + + addr[0] = hdr; + len[0] = DPP_HDR_LEN; + addr[1] = attr_start; + len[1] = attr_len; + wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD[0]", addr[0], len[0]); + wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD[1]", addr[1], len[1]); + wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV ciphertext", + wrapped_data, wrapped_data_len); + unwrapped_len = wrapped_data_len - AES_BLOCK_SIZE; + unwrapped = os_malloc(unwrapped_len); + if (!unwrapped) + goto fail; + if (aes_siv_decrypt(auth->k1, auth->curve->hash_len, + wrapped_data, wrapped_data_len, + 2, addr, len, unwrapped) < 0) { + dpp_auth_fail(auth, "AES-SIV decryption failed"); + goto fail; + } + wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV cleartext", + unwrapped, unwrapped_len); + + if (dpp_check_attrs(unwrapped, unwrapped_len) < 0) { + dpp_auth_fail(auth, "Invalid attribute in unwrapped data"); + goto fail; + } + + i_nonce = dpp_get_attr(unwrapped, unwrapped_len, DPP_ATTR_I_NONCE, + &i_nonce_len); + if (!i_nonce || i_nonce_len != auth->curve->nonce_len) { + dpp_auth_fail(auth, "Missing or invalid I-nonce"); + goto fail; + } + wpa_hexdump(MSG_DEBUG, "DPP: I-nonce", i_nonce, i_nonce_len); + os_memcpy(auth->i_nonce, i_nonce, i_nonce_len); + + i_capab = dpp_get_attr(unwrapped, unwrapped_len, + DPP_ATTR_I_CAPABILITIES, + &i_capab_len); + if (!i_capab || i_capab_len < 1) { + dpp_auth_fail(auth, "Missing or invalid I-capabilities"); + goto fail; + } + auth->i_capab = i_capab[0]; + wpa_printf(MSG_DEBUG, "DPP: I-capabilities: 0x%02x", auth->i_capab); + + bin_clear_free(unwrapped, unwrapped_len); + unwrapped = NULL; + + switch (auth->i_capab & DPP_CAPAB_ROLE_MASK) { + case DPP_CAPAB_ENROLLEE: + if (!(dpp_allowed_roles & DPP_CAPAB_CONFIGURATOR)) { + wpa_printf(MSG_DEBUG, + "DPP: Local policy does not allow Configurator role"); + goto not_compatible; + } + wpa_printf(MSG_DEBUG, "DPP: Acting as Configurator"); + auth->configurator = 1; + break; + case DPP_CAPAB_CONFIGURATOR: + if (!(dpp_allowed_roles & DPP_CAPAB_ENROLLEE)) { + wpa_printf(MSG_DEBUG, + "DPP: Local policy does not allow Enrollee role"); + goto not_compatible; + } + wpa_printf(MSG_DEBUG, "DPP: Acting as Enrollee"); + auth->configurator = 0; + break; + case DPP_CAPAB_CONFIGURATOR | DPP_CAPAB_ENROLLEE: + if (dpp_allowed_roles & DPP_CAPAB_ENROLLEE) { + wpa_printf(MSG_DEBUG, "DPP: Acting as Enrollee"); + auth->configurator = 0; + } else if (dpp_allowed_roles & DPP_CAPAB_CONFIGURATOR) { + wpa_printf(MSG_DEBUG, "DPP: Acting as Configurator"); + auth->configurator = 1; + } else { + wpa_printf(MSG_DEBUG, + "DPP: Local policy does not allow Configurator/Enrollee role"); + goto not_compatible; + } + break; + default: + wpa_printf(MSG_DEBUG, "DPP: Unexpected role in I-capabilities"); + wpa_msg(auth->msg_ctx, MSG_INFO, + DPP_EVENT_FAIL "Invalid role in I-capabilities 0x%02x", + auth->i_capab & DPP_CAPAB_ROLE_MASK); + goto fail; + } + + auth->peer_protocol_key = pi; + pi = NULL; + if (qr_mutual && !peer_bi && own_bi->type == DPP_BOOTSTRAP_QR_CODE) { + char hex[SHA256_MAC_LEN * 2 + 1]; + + wpa_printf(MSG_DEBUG, + "DPP: Mutual authentication required with QR Codes, but peer info is not yet available - request more time"); + if (dpp_auth_build_resp_status(auth, + DPP_STATUS_RESPONSE_PENDING) < 0) + goto fail; + i_bootstrap = dpp_get_attr(attr_start, attr_len, + DPP_ATTR_I_BOOTSTRAP_KEY_HASH, + &i_bootstrap_len); + if (i_bootstrap && i_bootstrap_len == SHA256_MAC_LEN) { + auth->response_pending = 1; + os_memcpy(auth->waiting_pubkey_hash, + i_bootstrap, i_bootstrap_len); + wpa_snprintf_hex(hex, sizeof(hex), i_bootstrap, + i_bootstrap_len); + } else { + hex[0] = '\0'; + } + + wpa_msg(auth->msg_ctx, MSG_INFO, DPP_EVENT_SCAN_PEER_QR_CODE + "%s", hex); + return auth; + } + if (dpp_auth_build_resp_ok(auth) < 0) + goto fail; + + return auth; + +not_compatible: + wpa_msg(auth->msg_ctx, MSG_INFO, DPP_EVENT_NOT_COMPATIBLE + "i-capab=0x%02x", auth->i_capab); + if (dpp_allowed_roles & DPP_CAPAB_CONFIGURATOR) + auth->configurator = 1; + else + auth->configurator = 0; + auth->peer_protocol_key = pi; + pi = NULL; + if (dpp_auth_build_resp_status(auth, DPP_STATUS_NOT_COMPATIBLE) < 0) + goto fail; + + auth->remove_on_tx_status = 1; + return auth; +fail: + bin_clear_free(unwrapped, unwrapped_len); + EVP_PKEY_free(pi); + EVP_PKEY_CTX_free(ctx); + dpp_auth_deinit(auth); + return NULL; +} + + +int dpp_notify_new_qr_code(struct dpp_authentication *auth, + struct dpp_bootstrap_info *peer_bi) +{ + if (!auth || !auth->response_pending || + os_memcmp(auth->waiting_pubkey_hash, peer_bi->pubkey_hash, + SHA256_MAC_LEN) != 0) + return 0; + + wpa_printf(MSG_DEBUG, + "DPP: New scanned QR Code has matching public key that was needed to continue DPP Authentication exchange with " + MACSTR, MAC2STR(auth->peer_mac_addr)); + auth->peer_bi = peer_bi; + + if (dpp_auth_build_resp_ok(auth) < 0) + return -1; + + return 1; +} + + +static struct wpabuf * dpp_auth_build_conf(struct dpp_authentication *auth, + enum dpp_status_error status) +{ + struct wpabuf *msg; + u8 i_auth[4 + DPP_MAX_HASH_LEN]; + size_t i_auth_len; + u8 r_nonce[4 + DPP_MAX_NONCE_LEN]; + size_t r_nonce_len; + const u8 *addr[2]; + size_t len[2], attr_len; + u8 *wrapped_i_auth; + u8 *wrapped_r_nonce; + u8 *attr_start, *attr_end; + const u8 *r_pubkey_hash, *i_pubkey_hash; +#ifdef CONFIG_TESTING_OPTIONS + u8 test_hash[SHA256_MAC_LEN]; +#endif /* CONFIG_TESTING_OPTIONS */ + + wpa_printf(MSG_DEBUG, "DPP: Build Authentication Confirmation"); + + i_auth_len = 4 + auth->curve->hash_len; + r_nonce_len = 4 + auth->curve->nonce_len; + /* Build DPP Authentication Confirmation frame attributes */ + attr_len = 4 + 1 + 2 * (4 + SHA256_MAC_LEN) + + 4 + i_auth_len + r_nonce_len + AES_BLOCK_SIZE; +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_test == DPP_TEST_AFTER_WRAPPED_DATA_AUTH_CONF) + attr_len += 5; +#endif /* CONFIG_TESTING_OPTIONS */ + msg = dpp_alloc_msg(DPP_PA_AUTHENTICATION_CONF, attr_len); + if (!msg) + goto fail; + + attr_start = wpabuf_put(msg, 0); + + r_pubkey_hash = auth->peer_bi->pubkey_hash; + if (auth->own_bi) + i_pubkey_hash = auth->own_bi->pubkey_hash; + else + i_pubkey_hash = NULL; + +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_test == DPP_TEST_NO_STATUS_AUTH_CONF) { + wpa_printf(MSG_INFO, "DPP: TESTING - no Status"); + goto skip_status; + } else if (dpp_test == DPP_TEST_INVALID_STATUS_AUTH_CONF) { + wpa_printf(MSG_INFO, "DPP: TESTING - invalid Status"); + status = 254; + } +#endif /* CONFIG_TESTING_OPTIONS */ + + /* DPP Status */ + dpp_build_attr_status(msg, status); + +#ifdef CONFIG_TESTING_OPTIONS +skip_status: + if (dpp_test == DPP_TEST_NO_R_BOOTSTRAP_KEY_HASH_AUTH_CONF) { + wpa_printf(MSG_INFO, "DPP: TESTING - no R-Bootstrap Key Hash"); + r_pubkey_hash = NULL; + } else if (dpp_test == + DPP_TEST_INVALID_R_BOOTSTRAP_KEY_HASH_AUTH_CONF) { + wpa_printf(MSG_INFO, + "DPP: TESTING - invalid R-Bootstrap Key Hash"); + os_memcpy(test_hash, r_pubkey_hash, SHA256_MAC_LEN); + test_hash[SHA256_MAC_LEN - 1] ^= 0x01; + r_pubkey_hash = test_hash; + } else if (dpp_test == DPP_TEST_NO_I_BOOTSTRAP_KEY_HASH_AUTH_CONF) { + wpa_printf(MSG_INFO, "DPP: TESTING - no I-Bootstrap Key Hash"); + i_pubkey_hash = NULL; + } else if (dpp_test == + DPP_TEST_INVALID_I_BOOTSTRAP_KEY_HASH_AUTH_CONF) { + wpa_printf(MSG_INFO, + "DPP: TESTING - invalid I-Bootstrap Key Hash"); + if (i_pubkey_hash) + os_memcpy(test_hash, i_pubkey_hash, SHA256_MAC_LEN); + else + os_memset(test_hash, 0, SHA256_MAC_LEN); + test_hash[SHA256_MAC_LEN - 1] ^= 0x01; + i_pubkey_hash = test_hash; + } +#endif /* CONFIG_TESTING_OPTIONS */ + + /* Responder Bootstrapping Key Hash */ + dpp_build_attr_r_bootstrap_key_hash(msg, r_pubkey_hash); + + /* Initiator Bootstrapping Key Hash (mutual authentication) */ + dpp_build_attr_i_bootstrap_key_hash(msg, i_pubkey_hash); + +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_test == DPP_TEST_NO_WRAPPED_DATA_AUTH_CONF) + goto skip_wrapped_data; + if (dpp_test == DPP_TEST_NO_I_AUTH_AUTH_CONF) + i_auth_len = 0; +#endif /* CONFIG_TESTING_OPTIONS */ + + attr_end = wpabuf_put(msg, 0); + + /* OUI, OUI type, Crypto Suite, DPP frame type */ + addr[0] = wpabuf_head_u8(msg) + 2; + len[0] = 3 + 1 + 1 + 1; + wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD[0]", addr[0], len[0]); + + /* Attributes before Wrapped Data */ + addr[1] = attr_start; + len[1] = attr_end - attr_start; + wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD[1]", addr[1], len[1]); + + if (status == DPP_STATUS_OK) { + /* I-auth wrapped with ke */ + wpabuf_put_le16(msg, DPP_ATTR_WRAPPED_DATA); + wpabuf_put_le16(msg, i_auth_len + AES_BLOCK_SIZE); + wrapped_i_auth = wpabuf_put(msg, i_auth_len + AES_BLOCK_SIZE); + +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_test == DPP_TEST_NO_I_AUTH_AUTH_CONF) + goto skip_i_auth; +#endif /* CONFIG_TESTING_OPTIONS */ + + /* I-auth = H(R-nonce | I-nonce | PR.x | PI.x | BR.x | [BI.x |] + * 1) */ + WPA_PUT_LE16(i_auth, DPP_ATTR_I_AUTH_TAG); + WPA_PUT_LE16(&i_auth[2], auth->curve->hash_len); + if (dpp_gen_i_auth(auth, i_auth + 4) < 0) + goto fail; + +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_test == DPP_TEST_I_AUTH_MISMATCH_AUTH_CONF) { + wpa_printf(MSG_INFO, "DPP: TESTING - I-auth mismatch"); + i_auth[4 + auth->curve->hash_len / 2] ^= 0x01; + } +skip_i_auth: +#endif /* CONFIG_TESTING_OPTIONS */ + if (aes_siv_encrypt(auth->ke, auth->curve->hash_len, + i_auth, i_auth_len, + 2, addr, len, wrapped_i_auth) < 0) + goto fail; + wpa_hexdump(MSG_DEBUG, "DPP: {I-auth}ke", + wrapped_i_auth, i_auth_len + AES_BLOCK_SIZE); + } else { + /* R-nonce wrapped with k2 */ + wpabuf_put_le16(msg, DPP_ATTR_WRAPPED_DATA); + wpabuf_put_le16(msg, r_nonce_len + AES_BLOCK_SIZE); + wrapped_r_nonce = wpabuf_put(msg, r_nonce_len + AES_BLOCK_SIZE); + + WPA_PUT_LE16(r_nonce, DPP_ATTR_R_NONCE); + WPA_PUT_LE16(&r_nonce[2], auth->curve->nonce_len); + os_memcpy(r_nonce + 4, auth->r_nonce, auth->curve->nonce_len); + + if (aes_siv_encrypt(auth->k2, auth->curve->hash_len, + r_nonce, r_nonce_len, + 2, addr, len, wrapped_r_nonce) < 0) + goto fail; + wpa_hexdump(MSG_DEBUG, "DPP: {R-nonce}k2", + wrapped_r_nonce, r_nonce_len + AES_BLOCK_SIZE); + } + +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_test == DPP_TEST_AFTER_WRAPPED_DATA_AUTH_CONF) { + wpa_printf(MSG_INFO, "DPP: TESTING - attr after Wrapped Data"); + dpp_build_attr_status(msg, DPP_STATUS_OK); + } +skip_wrapped_data: +#endif /* CONFIG_TESTING_OPTIONS */ + + wpa_hexdump_buf(MSG_DEBUG, + "DPP: Authentication Confirmation frame attributes", + msg); + if (status == DPP_STATUS_OK) + dpp_auth_success(auth); + + return msg; + +fail: + wpabuf_free(msg); + return NULL; +} + + +static void +dpp_auth_resp_rx_status(struct dpp_authentication *auth, const u8 *hdr, + const u8 *attr_start, size_t attr_len, + const u8 *wrapped_data, u16 wrapped_data_len, + enum dpp_status_error status) +{ + const u8 *addr[2]; + size_t len[2]; + u8 *unwrapped = NULL; + size_t unwrapped_len = 0; + const u8 *i_nonce, *r_capab; + u16 i_nonce_len, r_capab_len; + + if (status == DPP_STATUS_NOT_COMPATIBLE) { + wpa_printf(MSG_DEBUG, + "DPP: Responder reported incompatible roles"); + } else if (status == DPP_STATUS_RESPONSE_PENDING) { + wpa_printf(MSG_DEBUG, + "DPP: Responder reported more time needed"); + } else { + wpa_printf(MSG_DEBUG, + "DPP: Responder reported failure (status %d)", + status); + dpp_auth_fail(auth, "Responder reported failure"); + return; + } + + addr[0] = hdr; + len[0] = DPP_HDR_LEN; + addr[1] = attr_start; + len[1] = attr_len; + wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD[0]", addr[0], len[0]); + wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD[1]", addr[1], len[1]); + wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV ciphertext", + wrapped_data, wrapped_data_len); + unwrapped_len = wrapped_data_len - AES_BLOCK_SIZE; + unwrapped = os_malloc(unwrapped_len); + if (!unwrapped) + goto fail; + if (aes_siv_decrypt(auth->k1, auth->curve->hash_len, + wrapped_data, wrapped_data_len, + 2, addr, len, unwrapped) < 0) { + dpp_auth_fail(auth, "AES-SIV decryption failed"); + goto fail; + } + wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV cleartext", + unwrapped, unwrapped_len); + + if (dpp_check_attrs(unwrapped, unwrapped_len) < 0) { + dpp_auth_fail(auth, "Invalid attribute in unwrapped data"); + goto fail; + } + + i_nonce = dpp_get_attr(unwrapped, unwrapped_len, DPP_ATTR_I_NONCE, + &i_nonce_len); + if (!i_nonce || i_nonce_len != auth->curve->nonce_len) { + dpp_auth_fail(auth, "Missing or invalid I-nonce"); + goto fail; + } + wpa_hexdump(MSG_DEBUG, "DPP: I-nonce", i_nonce, i_nonce_len); + if (os_memcmp(auth->i_nonce, i_nonce, i_nonce_len) != 0) { + dpp_auth_fail(auth, "I-nonce mismatch"); + goto fail; + } + + r_capab = dpp_get_attr(unwrapped, unwrapped_len, + DPP_ATTR_R_CAPABILITIES, + &r_capab_len); + if (!r_capab || r_capab_len < 1) { + dpp_auth_fail(auth, "Missing or invalid R-capabilities"); + goto fail; + } + auth->r_capab = r_capab[0]; + wpa_printf(MSG_DEBUG, "DPP: R-capabilities: 0x%02x", auth->r_capab); + if (status == DPP_STATUS_NOT_COMPATIBLE) { + wpa_msg(auth->msg_ctx, MSG_INFO, DPP_EVENT_NOT_COMPATIBLE + "r-capab=0x%02x", auth->r_capab); + } else if (status == DPP_STATUS_RESPONSE_PENDING) { + u8 role = auth->r_capab & DPP_CAPAB_ROLE_MASK; + + if ((auth->configurator && role != DPP_CAPAB_ENROLLEE) || + (!auth->configurator && role != DPP_CAPAB_CONFIGURATOR)) { + wpa_msg(auth->msg_ctx, MSG_INFO, + DPP_EVENT_FAIL "Unexpected role in R-capabilities 0x%02x", + role); + } else { + wpa_printf(MSG_DEBUG, + "DPP: Continue waiting for full DPP Authentication Response"); + wpa_msg(auth->msg_ctx, MSG_INFO, + DPP_EVENT_RESPONSE_PENDING "%s", + auth->tmp_own_bi ? auth->tmp_own_bi->uri : ""); + } + } +fail: + bin_clear_free(unwrapped, unwrapped_len); +} + + +struct wpabuf * +dpp_auth_resp_rx(struct dpp_authentication *auth, const u8 *hdr, + const u8 *attr_start, size_t attr_len) +{ + EVP_PKEY *pr; + EVP_PKEY_CTX *ctx = NULL; + size_t secret_len; + const u8 *addr[2]; + size_t len[2]; + u8 *unwrapped = NULL, *unwrapped2 = NULL; + size_t unwrapped_len = 0, unwrapped2_len = 0; + const u8 *r_bootstrap, *i_bootstrap, *wrapped_data, *status, *r_proto, + *r_nonce, *i_nonce, *r_capab, *wrapped2, *r_auth; + u16 r_bootstrap_len, i_bootstrap_len, wrapped_data_len, status_len, + r_proto_len, r_nonce_len, i_nonce_len, r_capab_len, + wrapped2_len, r_auth_len; + u8 r_auth2[DPP_MAX_HASH_LEN]; + u8 role; + +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_test == DPP_TEST_STOP_AT_AUTH_RESP) { + wpa_printf(MSG_INFO, + "DPP: TESTING - stop at Authentication Response"); + return NULL; + } +#endif /* CONFIG_TESTING_OPTIONS */ + + if (!auth->initiator || !auth->peer_bi) { + dpp_auth_fail(auth, "Unexpected Authentication Response"); + return NULL; + } + + auth->waiting_auth_resp = 0; + + wrapped_data = dpp_get_attr(attr_start, attr_len, DPP_ATTR_WRAPPED_DATA, + &wrapped_data_len); + if (!wrapped_data || wrapped_data_len < AES_BLOCK_SIZE) { + dpp_auth_fail(auth, + "Missing or invalid required Wrapped Data attribute"); + return NULL; + } + wpa_hexdump(MSG_DEBUG, "DPP: Wrapped data", + wrapped_data, wrapped_data_len); + + attr_len = wrapped_data - 4 - attr_start; + + r_bootstrap = dpp_get_attr(attr_start, attr_len, + DPP_ATTR_R_BOOTSTRAP_KEY_HASH, + &r_bootstrap_len); + if (!r_bootstrap || r_bootstrap_len != SHA256_MAC_LEN) { + dpp_auth_fail(auth, + "Missing or invalid required Responder Bootstrapping Key Hash attribute"); + return NULL; + } + wpa_hexdump(MSG_DEBUG, "DPP: Responder Bootstrapping Key Hash", + r_bootstrap, r_bootstrap_len); + if (os_memcmp(r_bootstrap, auth->peer_bi->pubkey_hash, + SHA256_MAC_LEN) != 0) { + dpp_auth_fail(auth, + "Unexpected Responder Bootstrapping Key Hash value"); + wpa_hexdump(MSG_DEBUG, + "DPP: Expected Responder Bootstrapping Key Hash", + auth->peer_bi->pubkey_hash, SHA256_MAC_LEN); + return NULL; + } + + i_bootstrap = dpp_get_attr(attr_start, attr_len, + DPP_ATTR_I_BOOTSTRAP_KEY_HASH, + &i_bootstrap_len); + if (i_bootstrap) { + if (i_bootstrap_len != SHA256_MAC_LEN) { + dpp_auth_fail(auth, + "Invalid Initiator Bootstrapping Key Hash attribute"); + return NULL; + } + wpa_hexdump(MSG_MSGDUMP, + "DPP: Initiator Bootstrapping Key Hash", + i_bootstrap, i_bootstrap_len); + if (!auth->own_bi || + os_memcmp(i_bootstrap, auth->own_bi->pubkey_hash, + SHA256_MAC_LEN) != 0) { + dpp_auth_fail(auth, + "Initiator Bootstrapping Key Hash attribute did not match"); + return NULL; + } + } else if (auth->own_bi && auth->own_bi->type == DPP_BOOTSTRAP_PKEX) { + /* PKEX bootstrapping mandates use of mutual authentication */ + dpp_auth_fail(auth, + "Missing Initiator Bootstrapping Key Hash attribute"); + return NULL; + } + + status = dpp_get_attr(attr_start, attr_len, DPP_ATTR_STATUS, + &status_len); + if (!status || status_len < 1) { + dpp_auth_fail(auth, + "Missing or invalid required DPP Status attribute"); + return NULL; + } + wpa_printf(MSG_DEBUG, "DPP: Status %u", status[0]); + auth->auth_resp_status = status[0]; + if (status[0] != DPP_STATUS_OK) { + dpp_auth_resp_rx_status(auth, hdr, attr_start, + attr_len, wrapped_data, + wrapped_data_len, status[0]); + return NULL; + } + + if (!i_bootstrap && auth->own_bi) { + wpa_printf(MSG_DEBUG, + "DPP: Responder decided not to use mutual authentication"); + auth->own_bi = NULL; + } + + wpa_msg(auth->msg_ctx, MSG_INFO, DPP_EVENT_AUTH_DIRECTION "mutual=%d", + auth->own_bi != NULL); + + r_proto = dpp_get_attr(attr_start, attr_len, DPP_ATTR_R_PROTOCOL_KEY, + &r_proto_len); + if (!r_proto) { + dpp_auth_fail(auth, + "Missing required Responder Protocol Key attribute"); + return NULL; + } + wpa_hexdump(MSG_MSGDUMP, "DPP: Responder Protocol Key", + r_proto, r_proto_len); + + /* N = pI * PR */ + pr = dpp_set_pubkey_point(auth->own_protocol_key, r_proto, r_proto_len); + if (!pr) { + dpp_auth_fail(auth, "Invalid Responder Protocol Key"); + return NULL; + } + dpp_debug_print_key("Peer (Responder) Protocol Key", pr); + + ctx = EVP_PKEY_CTX_new(auth->own_protocol_key, NULL); + if (!ctx || + EVP_PKEY_derive_init(ctx) != 1 || + EVP_PKEY_derive_set_peer(ctx, pr) != 1 || + EVP_PKEY_derive(ctx, NULL, &secret_len) != 1 || + secret_len > DPP_MAX_SHARED_SECRET_LEN || + EVP_PKEY_derive(ctx, auth->Nx, &secret_len) != 1) { + wpa_printf(MSG_ERROR, + "DPP: Failed to derive ECDH shared secret: %s", + ERR_error_string(ERR_get_error(), NULL)); + dpp_auth_fail(auth, "Failed to derive ECDH shared secret"); + goto fail; + } + EVP_PKEY_CTX_free(ctx); + ctx = NULL; + auth->peer_protocol_key = pr; + pr = NULL; + + wpa_hexdump_key(MSG_DEBUG, "DPP: ECDH shared secret (N.x)", + auth->Nx, auth->secret_len); + auth->Nx_len = auth->secret_len; + + if (dpp_derive_k2(auth->Nx, auth->secret_len, auth->k2, + auth->curve->hash_len) < 0) + goto fail; + + addr[0] = hdr; + len[0] = DPP_HDR_LEN; + addr[1] = attr_start; + len[1] = attr_len; + wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD[0]", addr[0], len[0]); + wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD[1]", addr[1], len[1]); + wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV ciphertext", + wrapped_data, wrapped_data_len); + unwrapped_len = wrapped_data_len - AES_BLOCK_SIZE; + unwrapped = os_malloc(unwrapped_len); + if (!unwrapped) + goto fail; + if (aes_siv_decrypt(auth->k2, auth->curve->hash_len, + wrapped_data, wrapped_data_len, + 2, addr, len, unwrapped) < 0) { + dpp_auth_fail(auth, "AES-SIV decryption failed"); + goto fail; + } + wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV cleartext", + unwrapped, unwrapped_len); + + if (dpp_check_attrs(unwrapped, unwrapped_len) < 0) { + dpp_auth_fail(auth, "Invalid attribute in unwrapped data"); + goto fail; + } + + r_nonce = dpp_get_attr(unwrapped, unwrapped_len, DPP_ATTR_R_NONCE, + &r_nonce_len); + if (!r_nonce || r_nonce_len != auth->curve->nonce_len) { + dpp_auth_fail(auth, "DPP: Missing or invalid R-nonce"); + goto fail; + } + wpa_hexdump(MSG_DEBUG, "DPP: R-nonce", r_nonce, r_nonce_len); + os_memcpy(auth->r_nonce, r_nonce, r_nonce_len); + + i_nonce = dpp_get_attr(unwrapped, unwrapped_len, DPP_ATTR_I_NONCE, + &i_nonce_len); + if (!i_nonce || i_nonce_len != auth->curve->nonce_len) { + dpp_auth_fail(auth, "Missing or invalid I-nonce"); + goto fail; + } + wpa_hexdump(MSG_DEBUG, "DPP: I-nonce", i_nonce, i_nonce_len); + if (os_memcmp(auth->i_nonce, i_nonce, i_nonce_len) != 0) { + dpp_auth_fail(auth, "I-nonce mismatch"); + goto fail; + } + + if (auth->own_bi) { + /* Mutual authentication */ + if (dpp_auth_derive_l_initiator(auth) < 0) + goto fail; + } + + r_capab = dpp_get_attr(unwrapped, unwrapped_len, + DPP_ATTR_R_CAPABILITIES, + &r_capab_len); + if (!r_capab || r_capab_len < 1) { + dpp_auth_fail(auth, "Missing or invalid R-capabilities"); + goto fail; + } + auth->r_capab = r_capab[0]; + wpa_printf(MSG_DEBUG, "DPP: R-capabilities: 0x%02x", auth->r_capab); + role = auth->r_capab & DPP_CAPAB_ROLE_MASK; + if ((auth->allowed_roles == + (DPP_CAPAB_CONFIGURATOR | DPP_CAPAB_ENROLLEE)) && + (role == DPP_CAPAB_CONFIGURATOR || role == DPP_CAPAB_ENROLLEE)) { + /* Peer selected its role, so move from "either role" to the + * role that is compatible with peer's selection. */ + auth->configurator = role == DPP_CAPAB_ENROLLEE; + wpa_printf(MSG_DEBUG, "DPP: Acting as %s", + auth->configurator ? "Configurator" : "Enrollee"); + } else if ((auth->configurator && role != DPP_CAPAB_ENROLLEE) || + (!auth->configurator && role != DPP_CAPAB_CONFIGURATOR)) { + wpa_printf(MSG_DEBUG, "DPP: Incompatible role selection"); + wpa_msg(auth->msg_ctx, MSG_INFO, DPP_EVENT_FAIL + "Unexpected role in R-capabilities 0x%02x", + role); + if (role != DPP_CAPAB_ENROLLEE && + role != DPP_CAPAB_CONFIGURATOR) + goto fail; + bin_clear_free(unwrapped, unwrapped_len); + auth->remove_on_tx_status = 1; + return dpp_auth_build_conf(auth, DPP_STATUS_NOT_COMPATIBLE); + } + + wrapped2 = dpp_get_attr(unwrapped, unwrapped_len, + DPP_ATTR_WRAPPED_DATA, &wrapped2_len); + if (!wrapped2 || wrapped2_len < AES_BLOCK_SIZE) { + dpp_auth_fail(auth, + "Missing or invalid Secondary Wrapped Data"); + goto fail; + } + + wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV ciphertext", + wrapped2, wrapped2_len); + + if (dpp_derive_ke(auth, auth->ke, auth->curve->hash_len) < 0) + goto fail; + + unwrapped2_len = wrapped2_len - AES_BLOCK_SIZE; + unwrapped2 = os_malloc(unwrapped2_len); + if (!unwrapped2) + goto fail; + if (aes_siv_decrypt(auth->ke, auth->curve->hash_len, + wrapped2, wrapped2_len, + 0, NULL, NULL, unwrapped2) < 0) { + dpp_auth_fail(auth, "AES-SIV decryption failed"); + goto fail; + } + wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV cleartext", + unwrapped2, unwrapped2_len); + + if (dpp_check_attrs(unwrapped2, unwrapped2_len) < 0) { + dpp_auth_fail(auth, + "Invalid attribute in secondary unwrapped data"); + goto fail; + } + + r_auth = dpp_get_attr(unwrapped2, unwrapped2_len, DPP_ATTR_R_AUTH_TAG, + &r_auth_len); + if (!r_auth || r_auth_len != auth->curve->hash_len) { + dpp_auth_fail(auth, + "Missing or invalid Responder Authenticating Tag"); + goto fail; + } + wpa_hexdump(MSG_DEBUG, "DPP: Received Responder Authenticating Tag", + r_auth, r_auth_len); + /* R-auth' = H(I-nonce | R-nonce | PI.x | PR.x | [BI.x |] BR.x | 0) */ + if (dpp_gen_r_auth(auth, r_auth2) < 0) + goto fail; + wpa_hexdump(MSG_DEBUG, "DPP: Calculated Responder Authenticating Tag", + r_auth2, r_auth_len); + if (os_memcmp(r_auth, r_auth2, r_auth_len) != 0) { + dpp_auth_fail(auth, "Mismatching Responder Authenticating Tag"); + bin_clear_free(unwrapped, unwrapped_len); + bin_clear_free(unwrapped2, unwrapped2_len); + auth->remove_on_tx_status = 1; + return dpp_auth_build_conf(auth, DPP_STATUS_AUTH_FAILURE); + } + + bin_clear_free(unwrapped, unwrapped_len); + bin_clear_free(unwrapped2, unwrapped2_len); + +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_test == DPP_TEST_AUTH_RESP_IN_PLACE_OF_CONF) { + wpa_printf(MSG_INFO, + "DPP: TESTING - Authentication Response in place of Confirm"); + if (dpp_auth_build_resp_ok(auth) < 0) + return NULL; + return wpabuf_dup(auth->resp_msg); + } +#endif /* CONFIG_TESTING_OPTIONS */ + + return dpp_auth_build_conf(auth, DPP_STATUS_OK); + +fail: + bin_clear_free(unwrapped, unwrapped_len); + bin_clear_free(unwrapped2, unwrapped2_len); + EVP_PKEY_free(pr); + EVP_PKEY_CTX_free(ctx); + return NULL; +} + + +static int dpp_auth_conf_rx_failure(struct dpp_authentication *auth, + const u8 *hdr, + const u8 *attr_start, size_t attr_len, + const u8 *wrapped_data, + u16 wrapped_data_len, + enum dpp_status_error status) +{ + const u8 *addr[2]; + size_t len[2]; + u8 *unwrapped = NULL; + size_t unwrapped_len = 0; + const u8 *r_nonce; + u16 r_nonce_len; + + /* Authentication Confirm failure cases are expected to include + * {R-nonce}k2 in the Wrapped Data attribute. */ + + addr[0] = hdr; + len[0] = DPP_HDR_LEN; + addr[1] = attr_start; + len[1] = attr_len; + wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD[0]", addr[0], len[0]); + wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD[1]", addr[1], len[1]); + wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV ciphertext", + wrapped_data, wrapped_data_len); + unwrapped_len = wrapped_data_len - AES_BLOCK_SIZE; + unwrapped = os_malloc(unwrapped_len); + if (!unwrapped) { + dpp_auth_fail(auth, "Authentication failed"); + goto fail; + } + if (aes_siv_decrypt(auth->k2, auth->curve->hash_len, + wrapped_data, wrapped_data_len, + 2, addr, len, unwrapped) < 0) { + dpp_auth_fail(auth, "AES-SIV decryption failed"); + goto fail; + } + wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV cleartext", + unwrapped, unwrapped_len); + + if (dpp_check_attrs(unwrapped, unwrapped_len) < 0) { + dpp_auth_fail(auth, "Invalid attribute in unwrapped data"); + goto fail; + } + + r_nonce = dpp_get_attr(unwrapped, unwrapped_len, DPP_ATTR_R_NONCE, + &r_nonce_len); + if (!r_nonce || r_nonce_len != auth->curve->nonce_len) { + dpp_auth_fail(auth, "DPP: Missing or invalid R-nonce"); + goto fail; + } + if (os_memcmp(r_nonce, auth->r_nonce, r_nonce_len) != 0) { + wpa_hexdump(MSG_DEBUG, "DPP: Received R-nonce", + r_nonce, r_nonce_len); + wpa_hexdump(MSG_DEBUG, "DPP: Expected R-nonce", + auth->r_nonce, r_nonce_len); + dpp_auth_fail(auth, "R-nonce mismatch"); + goto fail; + } + + if (status == DPP_STATUS_NOT_COMPATIBLE) + dpp_auth_fail(auth, "Peer reported incompatible R-capab role"); + else if (status == DPP_STATUS_AUTH_FAILURE) + dpp_auth_fail(auth, "Peer reported authentication failure)"); + +fail: + bin_clear_free(unwrapped, unwrapped_len); + return -1; +} + + +int dpp_auth_conf_rx(struct dpp_authentication *auth, const u8 *hdr, + const u8 *attr_start, size_t attr_len) +{ + const u8 *r_bootstrap, *i_bootstrap, *wrapped_data, *status, *i_auth; + u16 r_bootstrap_len, i_bootstrap_len, wrapped_data_len, status_len, + i_auth_len; + const u8 *addr[2]; + size_t len[2]; + u8 *unwrapped = NULL; + size_t unwrapped_len = 0; + u8 i_auth2[DPP_MAX_HASH_LEN]; + +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_test == DPP_TEST_STOP_AT_AUTH_CONF) { + wpa_printf(MSG_INFO, + "DPP: TESTING - stop at Authentication Confirm"); + return -1; + } +#endif /* CONFIG_TESTING_OPTIONS */ + + if (auth->initiator || !auth->own_bi) { + dpp_auth_fail(auth, "Unexpected Authentication Confirm"); + return -1; + } + + auth->waiting_auth_conf = 0; + + wrapped_data = dpp_get_attr(attr_start, attr_len, DPP_ATTR_WRAPPED_DATA, + &wrapped_data_len); + if (!wrapped_data || wrapped_data_len < AES_BLOCK_SIZE) { + dpp_auth_fail(auth, + "Missing or invalid required Wrapped Data attribute"); + return -1; + } + wpa_hexdump(MSG_DEBUG, "DPP: Wrapped data", + wrapped_data, wrapped_data_len); + + attr_len = wrapped_data - 4 - attr_start; + + r_bootstrap = dpp_get_attr(attr_start, attr_len, + DPP_ATTR_R_BOOTSTRAP_KEY_HASH, + &r_bootstrap_len); + if (!r_bootstrap || r_bootstrap_len != SHA256_MAC_LEN) { + dpp_auth_fail(auth, + "Missing or invalid required Responder Bootstrapping Key Hash attribute"); + return -1; + } + wpa_hexdump(MSG_DEBUG, "DPP: Responder Bootstrapping Key Hash", + r_bootstrap, r_bootstrap_len); + if (os_memcmp(r_bootstrap, auth->own_bi->pubkey_hash, + SHA256_MAC_LEN) != 0) { + wpa_hexdump(MSG_DEBUG, + "DPP: Expected Responder Bootstrapping Key Hash", + auth->peer_bi->pubkey_hash, SHA256_MAC_LEN); + dpp_auth_fail(auth, + "Responder Bootstrapping Key Hash mismatch"); + return -1; + } + + i_bootstrap = dpp_get_attr(attr_start, attr_len, + DPP_ATTR_I_BOOTSTRAP_KEY_HASH, + &i_bootstrap_len); + if (i_bootstrap) { + if (i_bootstrap_len != SHA256_MAC_LEN) { + dpp_auth_fail(auth, + "Invalid Initiator Bootstrapping Key Hash attribute"); + return -1; + } + wpa_hexdump(MSG_MSGDUMP, + "DPP: Initiator Bootstrapping Key Hash", + i_bootstrap, i_bootstrap_len); + if (!auth->peer_bi || + os_memcmp(i_bootstrap, auth->peer_bi->pubkey_hash, + SHA256_MAC_LEN) != 0) { + dpp_auth_fail(auth, + "Initiator Bootstrapping Key Hash mismatch"); + return -1; + } + } else if (auth->peer_bi) { + /* Mutual authentication and peer did not include its + * Bootstrapping Key Hash attribute. */ + dpp_auth_fail(auth, + "Missing Initiator Bootstrapping Key Hash attribute"); + return -1; + } + + status = dpp_get_attr(attr_start, attr_len, DPP_ATTR_STATUS, + &status_len); + if (!status || status_len < 1) { + dpp_auth_fail(auth, + "Missing or invalid required DPP Status attribute"); + return -1; + } + wpa_printf(MSG_DEBUG, "DPP: Status %u", status[0]); + if (status[0] == DPP_STATUS_NOT_COMPATIBLE || + status[0] == DPP_STATUS_AUTH_FAILURE) + return dpp_auth_conf_rx_failure(auth, hdr, attr_start, + attr_len, wrapped_data, + wrapped_data_len, status[0]); + + if (status[0] != DPP_STATUS_OK) { + dpp_auth_fail(auth, "Authentication failed"); + return -1; + } + + addr[0] = hdr; + len[0] = DPP_HDR_LEN; + addr[1] = attr_start; + len[1] = attr_len; + wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD[0]", addr[0], len[0]); + wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD[1]", addr[1], len[1]); + wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV ciphertext", + wrapped_data, wrapped_data_len); + unwrapped_len = wrapped_data_len - AES_BLOCK_SIZE; + unwrapped = os_malloc(unwrapped_len); + if (!unwrapped) + return -1; + if (aes_siv_decrypt(auth->ke, auth->curve->hash_len, + wrapped_data, wrapped_data_len, + 2, addr, len, unwrapped) < 0) { + dpp_auth_fail(auth, "AES-SIV decryption failed"); + goto fail; + } + wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV cleartext", + unwrapped, unwrapped_len); + + if (dpp_check_attrs(unwrapped, unwrapped_len) < 0) { + dpp_auth_fail(auth, "Invalid attribute in unwrapped data"); + goto fail; + } + + i_auth = dpp_get_attr(unwrapped, unwrapped_len, DPP_ATTR_I_AUTH_TAG, + &i_auth_len); + if (!i_auth || i_auth_len != auth->curve->hash_len) { + dpp_auth_fail(auth, + "Missing or invalid Initiator Authenticating Tag"); + goto fail; + } + wpa_hexdump(MSG_DEBUG, "DPP: Received Initiator Authenticating Tag", + i_auth, i_auth_len); + /* I-auth' = H(R-nonce | I-nonce | PR.x | PI.x | BR.x | [BI.x |] 1) */ + if (dpp_gen_i_auth(auth, i_auth2) < 0) + goto fail; + wpa_hexdump(MSG_DEBUG, "DPP: Calculated Initiator Authenticating Tag", + i_auth2, i_auth_len); + if (os_memcmp(i_auth, i_auth2, i_auth_len) != 0) { + dpp_auth_fail(auth, "Mismatching Initiator Authenticating Tag"); + goto fail; + } + + bin_clear_free(unwrapped, unwrapped_len); + dpp_auth_success(auth); + return 0; +fail: + bin_clear_free(unwrapped, unwrapped_len); + return -1; +} + + +void dpp_configuration_free(struct dpp_configuration *conf) +{ + if (!conf) + return; + str_clear_free(conf->passphrase); + os_free(conf->group_id); + bin_clear_free(conf, sizeof(*conf)); +} + + +void dpp_auth_deinit(struct dpp_authentication *auth) +{ + if (!auth) + return; + dpp_configuration_free(auth->conf_ap); + dpp_configuration_free(auth->conf_sta); + EVP_PKEY_free(auth->own_protocol_key); + EVP_PKEY_free(auth->peer_protocol_key); + wpabuf_free(auth->req_msg); + wpabuf_free(auth->resp_msg); + wpabuf_free(auth->conf_req); + os_free(auth->connector); + wpabuf_free(auth->net_access_key); + wpabuf_free(auth->c_sign_key); + dpp_bootstrap_info_free(auth->tmp_own_bi); +#ifdef CONFIG_TESTING_OPTIONS + os_free(auth->config_obj_override); + os_free(auth->discovery_override); + os_free(auth->groups_override); +#endif /* CONFIG_TESTING_OPTIONS */ + bin_clear_free(auth, sizeof(*auth)); +} + + +static struct wpabuf * +dpp_build_conf_start(struct dpp_authentication *auth, + struct dpp_configuration *conf, size_t tailroom) +{ + struct wpabuf *buf; + char ssid[6 * sizeof(conf->ssid) + 1]; + +#ifdef CONFIG_TESTING_OPTIONS + if (auth->discovery_override) + tailroom += os_strlen(auth->discovery_override); +#endif /* CONFIG_TESTING_OPTIONS */ + + buf = wpabuf_alloc(200 + tailroom); + if (!buf) + return NULL; + wpabuf_put_str(buf, "{\"wi-fi_tech\":\"infra\",\"discovery\":"); +#ifdef CONFIG_TESTING_OPTIONS + if (auth->discovery_override) { + wpa_printf(MSG_DEBUG, "DPP: TESTING - discovery override: '%s'", + auth->discovery_override); + wpabuf_put_str(buf, auth->discovery_override); + wpabuf_put_u8(buf, ','); + return buf; + } +#endif /* CONFIG_TESTING_OPTIONS */ + wpabuf_put_str(buf, "{\"ssid\":\""); + json_escape_string(ssid, sizeof(ssid), + (const char *) conf->ssid, conf->ssid_len); + wpabuf_put_str(buf, ssid); + wpabuf_put_str(buf, "\"},"); + + return buf; +} + + +static int dpp_build_jwk(struct wpabuf *buf, const char *name, EVP_PKEY *key, + const char *kid, const struct dpp_curve_params *curve) +{ + struct wpabuf *pub; + const u8 *pos; + char *x = NULL, *y = NULL; + int ret = -1; + + pub = dpp_get_pubkey_point(key, 0); + if (!pub) + goto fail; + pos = wpabuf_head(pub); + x = (char *) base64_url_encode(pos, curve->prime_len, NULL, 0); + pos += curve->prime_len; + y = (char *) base64_url_encode(pos, curve->prime_len, NULL, 0); + if (!x || !y) + goto fail; + + wpabuf_put_str(buf, "\""); + wpabuf_put_str(buf, name); + wpabuf_put_str(buf, "\":{\"kty\":\"EC\",\"crv\":\""); + wpabuf_put_str(buf, curve->jwk_crv); + wpabuf_put_str(buf, "\",\"x\":\""); + wpabuf_put_str(buf, x); + wpabuf_put_str(buf, "\",\"y\":\""); + wpabuf_put_str(buf, y); + if (kid) { + wpabuf_put_str(buf, "\",\"kid\":\""); + wpabuf_put_str(buf, kid); + } + wpabuf_put_str(buf, "\"}"); + ret = 0; +fail: + wpabuf_free(pub); + os_free(x); + os_free(y); + return ret; +} + + +static struct wpabuf * +dpp_build_conf_obj_dpp(struct dpp_authentication *auth, int ap, + struct dpp_configuration *conf) +{ + struct wpabuf *buf = NULL; + char *signed1 = NULL, *signed2 = NULL, *signed3 = NULL; + size_t tailroom; + const struct dpp_curve_params *curve; + char jws_prot_hdr[100]; + size_t signed1_len, signed2_len, signed3_len; + struct wpabuf *dppcon = NULL; + unsigned char *signature = NULL; + const unsigned char *p; + size_t signature_len; + EVP_MD_CTX *md_ctx = NULL; + ECDSA_SIG *sig = NULL; + char *dot = "."; + const EVP_MD *sign_md; + const BIGNUM *r, *s; + size_t extra_len = 1000; + + if (!auth->conf) { + wpa_printf(MSG_INFO, + "DPP: No configurator specified - cannot generate DPP config object"); + goto fail; + } + curve = auth->conf->curve; + if (curve->hash_len == SHA256_MAC_LEN) { + sign_md = EVP_sha256(); + } else if (curve->hash_len == SHA384_MAC_LEN) { + sign_md = EVP_sha384(); + } else if (curve->hash_len == SHA512_MAC_LEN) { + sign_md = EVP_sha512(); + } else { + wpa_printf(MSG_DEBUG, "DPP: Unknown signature algorithm"); + goto fail; + } + +#ifdef CONFIG_TESTING_OPTIONS + if (auth->groups_override) + extra_len += os_strlen(auth->groups_override); +#endif /* CONFIG_TESTING_OPTIONS */ + + if (conf->group_id) + extra_len += os_strlen(conf->group_id); + + /* Connector (JSON dppCon object) */ + dppcon = wpabuf_alloc(extra_len + 2 * auth->curve->prime_len * 4 / 3); + if (!dppcon) + goto fail; +#ifdef CONFIG_TESTING_OPTIONS + if (auth->groups_override) { + wpabuf_put_u8(dppcon, '{'); + if (auth->groups_override) { + wpa_printf(MSG_DEBUG, + "DPP: TESTING - groups override: '%s'", + auth->groups_override); + wpabuf_put_str(dppcon, "\"groups\":"); + wpabuf_put_str(dppcon, auth->groups_override); + wpabuf_put_u8(dppcon, ','); + } + goto skip_groups; + } +#endif /* CONFIG_TESTING_OPTIONS */ + wpabuf_printf(dppcon, "{\"groups\":[{\"groupId\":\"%s\",", + conf->group_id ? conf->group_id : "*"); + wpabuf_printf(dppcon, "\"netRole\":\"%s\"}],", ap ? "ap" : "sta"); +#ifdef CONFIG_TESTING_OPTIONS +skip_groups: +#endif /* CONFIG_TESTING_OPTIONS */ + if (dpp_build_jwk(dppcon, "netAccessKey", auth->peer_protocol_key, NULL, + auth->curve) < 0) { + wpa_printf(MSG_DEBUG, "DPP: Failed to build netAccessKey JWK"); + goto fail; + } + if (conf->netaccesskey_expiry) { + struct os_tm tm; + + if (os_gmtime(conf->netaccesskey_expiry, &tm) < 0) { + wpa_printf(MSG_DEBUG, + "DPP: Failed to generate expiry string"); + goto fail; + } + wpabuf_printf(dppcon, + ",\"expiry\":\"%04u-%02u-%02uT%02u:%02u:%02uZ\"", + tm.year, tm.month, tm.day, + tm.hour, tm.min, tm.sec); + } + wpabuf_put_u8(dppcon, '}'); + wpa_printf(MSG_DEBUG, "DPP: dppCon: %s", + (const char *) wpabuf_head(dppcon)); + + os_snprintf(jws_prot_hdr, sizeof(jws_prot_hdr), + "{\"typ\":\"dppCon\",\"kid\":\"%s\",\"alg\":\"%s\"}", + auth->conf->kid, curve->jws_alg); + signed1 = (char *) base64_url_encode((unsigned char *) jws_prot_hdr, + os_strlen(jws_prot_hdr), + &signed1_len, 0); + signed2 = (char *) base64_url_encode(wpabuf_head(dppcon), + wpabuf_len(dppcon), + &signed2_len, 0); + if (!signed1 || !signed2) + goto fail; + + md_ctx = EVP_MD_CTX_create(); + if (!md_ctx) + goto fail; + + ERR_clear_error(); + if (EVP_DigestSignInit(md_ctx, NULL, sign_md, NULL, + auth->conf->csign) != 1) { + wpa_printf(MSG_DEBUG, "DPP: EVP_DigestSignInit failed: %s", + ERR_error_string(ERR_get_error(), NULL)); + goto fail; + } + if (EVP_DigestSignUpdate(md_ctx, signed1, signed1_len) != 1 || + EVP_DigestSignUpdate(md_ctx, dot, 1) != 1 || + EVP_DigestSignUpdate(md_ctx, signed2, signed2_len) != 1) { + wpa_printf(MSG_DEBUG, "DPP: EVP_DigestSignUpdate failed: %s", + ERR_error_string(ERR_get_error(), NULL)); + goto fail; + } + if (EVP_DigestSignFinal(md_ctx, NULL, &signature_len) != 1) { + wpa_printf(MSG_DEBUG, "DPP: EVP_DigestSignFinal failed: %s", + ERR_error_string(ERR_get_error(), NULL)); + goto fail; + } + signature = os_malloc(signature_len); + if (!signature) + goto fail; + if (EVP_DigestSignFinal(md_ctx, signature, &signature_len) != 1) { + wpa_printf(MSG_DEBUG, "DPP: EVP_DigestSignFinal failed: %s", + ERR_error_string(ERR_get_error(), NULL)); + goto fail; + } + wpa_hexdump(MSG_DEBUG, "DPP: signedConnector ECDSA signature (DER)", + signature, signature_len); + /* Convert to raw coordinates r,s */ + p = signature; + sig = d2i_ECDSA_SIG(NULL, &p, signature_len); + if (!sig) + goto fail; + ECDSA_SIG_get0(sig, &r, &s); + if (dpp_bn2bin_pad(r, signature, curve->prime_len) < 0 || + dpp_bn2bin_pad(s, signature + curve->prime_len, + curve->prime_len) < 0) + goto fail; + signature_len = 2 * curve->prime_len; + wpa_hexdump(MSG_DEBUG, "DPP: signedConnector ECDSA signature (raw r,s)", + signature, signature_len); + signed3 = (char *) base64_url_encode(signature, signature_len, + &signed3_len, 0); + if (!signed3) + goto fail; + + tailroom = 1000; + tailroom += 2 * curve->prime_len * 4 / 3 + os_strlen(auth->conf->kid); + tailroom += signed1_len + signed2_len + signed3_len; + buf = dpp_build_conf_start(auth, conf, tailroom); + if (!buf) + goto fail; + + wpabuf_put_str(buf, "\"cred\":{\"akm\":\"dpp\",\"signedConnector\":\""); + wpabuf_put_str(buf, signed1); + wpabuf_put_u8(buf, '.'); + wpabuf_put_str(buf, signed2); + wpabuf_put_u8(buf, '.'); + wpabuf_put_str(buf, signed3); + wpabuf_put_str(buf, "\","); + if (dpp_build_jwk(buf, "csign", auth->conf->csign, auth->conf->kid, + curve) < 0) { + wpa_printf(MSG_DEBUG, "DPP: Failed to build csign JWK"); + goto fail; + } + + wpabuf_put_str(buf, "}}"); + + wpa_hexdump_ascii_key(MSG_DEBUG, "DPP: Configuration Object", + wpabuf_head(buf), wpabuf_len(buf)); + +out: + EVP_MD_CTX_destroy(md_ctx); + ECDSA_SIG_free(sig); + os_free(signed1); + os_free(signed2); + os_free(signed3); + os_free(signature); + wpabuf_free(dppcon); + return buf; +fail: + wpa_printf(MSG_DEBUG, "DPP: Failed to build configuration object"); + wpabuf_free(buf); + buf = NULL; + goto out; +} + + +static struct wpabuf * +dpp_build_conf_obj_legacy(struct dpp_authentication *auth, int ap, + struct dpp_configuration *conf) +{ + struct wpabuf *buf; + + buf = dpp_build_conf_start(auth, conf, 1000); + if (!buf) + return NULL; + + wpabuf_printf(buf, "\"cred\":{\"akm\":\"%s\",", dpp_akm_str(conf->akm)); + if (conf->passphrase) { + char pass[63 * 6 + 1]; + + if (os_strlen(conf->passphrase) > 63) { + wpabuf_free(buf); + return NULL; + } + + json_escape_string(pass, sizeof(pass), conf->passphrase, + os_strlen(conf->passphrase)); + wpabuf_put_str(buf, "\"pass\":\""); + wpabuf_put_str(buf, pass); + wpabuf_put_str(buf, "\""); + } else { + char psk[2 * sizeof(conf->psk) + 1]; + + wpa_snprintf_hex(psk, sizeof(psk), + conf->psk, sizeof(conf->psk)); + wpabuf_put_str(buf, "\"psk_hex\":\""); + wpabuf_put_str(buf, psk); + wpabuf_put_str(buf, "\""); + } + wpabuf_put_str(buf, "}}"); + + wpa_hexdump_ascii_key(MSG_DEBUG, "DPP: Configuration Object (legacy)", + wpabuf_head(buf), wpabuf_len(buf)); + + return buf; +} + + +static struct wpabuf * +dpp_build_conf_obj(struct dpp_authentication *auth, int ap) +{ + struct dpp_configuration *conf; + +#ifdef CONFIG_TESTING_OPTIONS + if (auth->config_obj_override) { + wpa_printf(MSG_DEBUG, "DPP: Testing - Config Object override"); + return wpabuf_alloc_copy(auth->config_obj_override, + os_strlen(auth->config_obj_override)); + } +#endif /* CONFIG_TESTING_OPTIONS */ + + conf = ap ? auth->conf_ap : auth->conf_sta; + if (!conf) { + wpa_printf(MSG_DEBUG, + "DPP: No configuration available for Enrollee(%s) - reject configuration request", + ap ? "ap" : "sta"); + return NULL; + } + + if (conf->akm == DPP_AKM_DPP) + return dpp_build_conf_obj_dpp(auth, ap, conf); + return dpp_build_conf_obj_legacy(auth, ap, conf); +} + + +static struct wpabuf * +dpp_build_conf_resp(struct dpp_authentication *auth, const u8 *e_nonce, + u16 e_nonce_len, int ap) +{ + struct wpabuf *conf; + size_t clear_len, attr_len; + struct wpabuf *clear = NULL, *msg = NULL; + u8 *wrapped; + const u8 *addr[1]; + size_t len[1]; + enum dpp_status_error status; + + conf = dpp_build_conf_obj(auth, ap); + if (conf) { + wpa_hexdump_ascii(MSG_DEBUG, "DPP: configurationObject JSON", + wpabuf_head(conf), wpabuf_len(conf)); + } + status = conf ? DPP_STATUS_OK : DPP_STATUS_CONFIGURE_FAILURE; + + /* { E-nonce, configurationObject}ke */ + clear_len = 4 + e_nonce_len; + if (conf) + clear_len += 4 + wpabuf_len(conf); + clear = wpabuf_alloc(clear_len); + attr_len = 4 + 1 + 4 + clear_len + AES_BLOCK_SIZE; +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_test == DPP_TEST_AFTER_WRAPPED_DATA_CONF_RESP) + attr_len += 5; +#endif /* CONFIG_TESTING_OPTIONS */ + msg = wpabuf_alloc(attr_len); + if (!clear || !msg) + goto fail; + +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_test == DPP_TEST_NO_E_NONCE_CONF_RESP) { + wpa_printf(MSG_INFO, "DPP: TESTING - no E-nonce"); + goto skip_e_nonce; + } + if (dpp_test == DPP_TEST_E_NONCE_MISMATCH_CONF_RESP) { + wpa_printf(MSG_INFO, "DPP: TESTING - E-nonce mismatch"); + wpabuf_put_le16(clear, DPP_ATTR_ENROLLEE_NONCE); + wpabuf_put_le16(clear, e_nonce_len); + wpabuf_put_data(clear, e_nonce, e_nonce_len - 1); + wpabuf_put_u8(clear, e_nonce[e_nonce_len - 1] ^ 0x01); + goto skip_e_nonce; + } + if (dpp_test == DPP_TEST_NO_WRAPPED_DATA_CONF_RESP) { + wpa_printf(MSG_INFO, "DPP: TESTING - no Wrapped Data"); + goto skip_wrapped_data; + } +#endif /* CONFIG_TESTING_OPTIONS */ + + /* E-nonce */ + wpabuf_put_le16(clear, DPP_ATTR_ENROLLEE_NONCE); + wpabuf_put_le16(clear, e_nonce_len); + wpabuf_put_data(clear, e_nonce, e_nonce_len); + +#ifdef CONFIG_TESTING_OPTIONS +skip_e_nonce: + if (dpp_test == DPP_TEST_NO_CONFIG_OBJ_CONF_RESP) { + wpa_printf(MSG_INFO, "DPP: TESTING - Config Object"); + goto skip_config_obj; + } +#endif /* CONFIG_TESTING_OPTIONS */ + + if (conf) { + wpabuf_put_le16(clear, DPP_ATTR_CONFIG_OBJ); + wpabuf_put_le16(clear, wpabuf_len(conf)); + wpabuf_put_buf(clear, conf); + } + +#ifdef CONFIG_TESTING_OPTIONS +skip_config_obj: + if (dpp_test == DPP_TEST_NO_STATUS_CONF_RESP) { + wpa_printf(MSG_INFO, "DPP: TESTING - Status"); + goto skip_status; + } + if (dpp_test == DPP_TEST_INVALID_STATUS_CONF_RESP) { + wpa_printf(MSG_INFO, "DPP: TESTING - invalid Status"); + status = 255; + } +#endif /* CONFIG_TESTING_OPTIONS */ + + /* DPP Status */ + dpp_build_attr_status(msg, status); + +#ifdef CONFIG_TESTING_OPTIONS +skip_status: +#endif /* CONFIG_TESTING_OPTIONS */ + + addr[0] = wpabuf_head(msg); + len[0] = wpabuf_len(msg); + wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD", addr[0], len[0]); + + wpabuf_put_le16(msg, DPP_ATTR_WRAPPED_DATA); + wpabuf_put_le16(msg, wpabuf_len(clear) + AES_BLOCK_SIZE); + wrapped = wpabuf_put(msg, wpabuf_len(clear) + AES_BLOCK_SIZE); + + wpa_hexdump_buf(MSG_DEBUG, "DPP: AES-SIV cleartext", clear); + if (aes_siv_encrypt(auth->ke, auth->curve->hash_len, + wpabuf_head(clear), wpabuf_len(clear), + 1, addr, len, wrapped) < 0) + goto fail; + wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV ciphertext", + wrapped, wpabuf_len(clear) + AES_BLOCK_SIZE); + +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_test == DPP_TEST_AFTER_WRAPPED_DATA_CONF_RESP) { + wpa_printf(MSG_INFO, "DPP: TESTING - attr after Wrapped Data"); + dpp_build_attr_status(msg, DPP_STATUS_OK); + } +skip_wrapped_data: +#endif /* CONFIG_TESTING_OPTIONS */ + + wpa_hexdump_buf(MSG_DEBUG, + "DPP: Configuration Response attributes", msg); +out: + wpabuf_free(conf); + wpabuf_free(clear); + + return msg; +fail: + wpabuf_free(msg); + msg = NULL; + goto out; +} + + +struct wpabuf * +dpp_conf_req_rx(struct dpp_authentication *auth, const u8 *attr_start, + size_t attr_len) +{ + const u8 *wrapped_data, *e_nonce, *config_attr; + u16 wrapped_data_len, e_nonce_len, config_attr_len; + u8 *unwrapped = NULL; + size_t unwrapped_len = 0; + struct wpabuf *resp = NULL; + struct json_token *root = NULL, *token; + int ap; + +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_test == DPP_TEST_STOP_AT_CONF_REQ) { + wpa_printf(MSG_INFO, + "DPP: TESTING - stop at Config Request"); + return NULL; + } +#endif /* CONFIG_TESTING_OPTIONS */ + + if (dpp_check_attrs(attr_start, attr_len) < 0) { + dpp_auth_fail(auth, "Invalid attribute in config request"); + return NULL; + } + + wrapped_data = dpp_get_attr(attr_start, attr_len, DPP_ATTR_WRAPPED_DATA, + &wrapped_data_len); + if (!wrapped_data || wrapped_data_len < AES_BLOCK_SIZE) { + dpp_auth_fail(auth, + "Missing or invalid required Wrapped Data attribute"); + return NULL; + } + + wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV ciphertext", + wrapped_data, wrapped_data_len); + unwrapped_len = wrapped_data_len - AES_BLOCK_SIZE; + unwrapped = os_malloc(unwrapped_len); + if (!unwrapped) + return NULL; + if (aes_siv_decrypt(auth->ke, auth->curve->hash_len, + wrapped_data, wrapped_data_len, + 0, NULL, NULL, unwrapped) < 0) { + dpp_auth_fail(auth, "AES-SIV decryption failed"); + goto fail; + } + wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV cleartext", + unwrapped, unwrapped_len); + + if (dpp_check_attrs(unwrapped, unwrapped_len) < 0) { + dpp_auth_fail(auth, "Invalid attribute in unwrapped data"); + goto fail; + } + + e_nonce = dpp_get_attr(unwrapped, unwrapped_len, + DPP_ATTR_ENROLLEE_NONCE, + &e_nonce_len); + if (!e_nonce || e_nonce_len != auth->curve->nonce_len) { + dpp_auth_fail(auth, + "Missing or invalid Enrollee Nonce attribute"); + goto fail; + } + wpa_hexdump(MSG_DEBUG, "DPP: Enrollee Nonce", e_nonce, e_nonce_len); + + config_attr = dpp_get_attr(unwrapped, unwrapped_len, + DPP_ATTR_CONFIG_ATTR_OBJ, + &config_attr_len); + if (!config_attr) { + dpp_auth_fail(auth, + "Missing or invalid Config Attributes attribute"); + goto fail; + } + wpa_hexdump_ascii(MSG_DEBUG, "DPP: Config Attributes", + config_attr, config_attr_len); + + root = json_parse((const char *) config_attr, config_attr_len); + if (!root) { + dpp_auth_fail(auth, "Could not parse Config Attributes"); + goto fail; + } + + token = json_get_member(root, "name"); + if (!token || token->type != JSON_STRING) { + dpp_auth_fail(auth, "No Config Attributes - name"); + goto fail; + } + wpa_printf(MSG_DEBUG, "DPP: Enrollee name = '%s'", token->string); + + token = json_get_member(root, "wi-fi_tech"); + if (!token || token->type != JSON_STRING) { + dpp_auth_fail(auth, "No Config Attributes - wi-fi_tech"); + goto fail; + } + wpa_printf(MSG_DEBUG, "DPP: wi-fi_tech = '%s'", token->string); + if (os_strcmp(token->string, "infra") != 0) { + wpa_printf(MSG_DEBUG, "DPP: Unsupported wi-fi_tech '%s'", + token->string); + dpp_auth_fail(auth, "Unsupported wi-fi_tech"); + goto fail; + } + + token = json_get_member(root, "netRole"); + if (!token || token->type != JSON_STRING) { + dpp_auth_fail(auth, "No Config Attributes - netRole"); + goto fail; + } + wpa_printf(MSG_DEBUG, "DPP: netRole = '%s'", token->string); + if (os_strcmp(token->string, "sta") == 0) { + ap = 0; + } else if (os_strcmp(token->string, "ap") == 0) { + ap = 1; + } else { + wpa_printf(MSG_DEBUG, "DPP: Unsupported netRole '%s'", + token->string); + dpp_auth_fail(auth, "Unsupported netRole"); + goto fail; + } + + resp = dpp_build_conf_resp(auth, e_nonce, e_nonce_len, ap); + +fail: + json_free(root); + os_free(unwrapped); + return resp; +} + + +static struct wpabuf * +dpp_parse_jws_prot_hdr(const struct dpp_curve_params *curve, + const u8 *prot_hdr, u16 prot_hdr_len, + const EVP_MD **ret_md) +{ + struct json_token *root, *token; + struct wpabuf *kid = NULL; + + root = json_parse((const char *) prot_hdr, prot_hdr_len); + if (!root) { + wpa_printf(MSG_DEBUG, + "DPP: JSON parsing failed for JWS Protected Header"); + goto fail; + } + + if (root->type != JSON_OBJECT) { + wpa_printf(MSG_DEBUG, + "DPP: JWS Protected Header root is not an object"); + goto fail; + } + + token = json_get_member(root, "typ"); + if (!token || token->type != JSON_STRING) { + wpa_printf(MSG_DEBUG, "DPP: No typ string value found"); + goto fail; + } + wpa_printf(MSG_DEBUG, "DPP: JWS Protected Header typ=%s", + token->string); + if (os_strcmp(token->string, "dppCon") != 0) { + wpa_printf(MSG_DEBUG, + "DPP: Unsupported JWS Protected Header typ=%s", + token->string); + goto fail; + } + + token = json_get_member(root, "alg"); + if (!token || token->type != JSON_STRING) { + wpa_printf(MSG_DEBUG, "DPP: No alg string value found"); + goto fail; + } + wpa_printf(MSG_DEBUG, "DPP: JWS Protected Header alg=%s", + token->string); + if (os_strcmp(token->string, curve->jws_alg) != 0) { + wpa_printf(MSG_DEBUG, + "DPP: Unexpected JWS Protected Header alg=%s (expected %s based on C-sign-key)", + token->string, curve->jws_alg); + goto fail; + } + if (os_strcmp(token->string, "ES256") == 0 || + os_strcmp(token->string, "BS256") == 0) + *ret_md = EVP_sha256(); + else if (os_strcmp(token->string, "ES384") == 0 || + os_strcmp(token->string, "BS384") == 0) + *ret_md = EVP_sha384(); + else if (os_strcmp(token->string, "ES512") == 0 || + os_strcmp(token->string, "BS512") == 0) + *ret_md = EVP_sha512(); + else + *ret_md = NULL; + if (!*ret_md) { + wpa_printf(MSG_DEBUG, + "DPP: Unsupported JWS Protected Header alg=%s", + token->string); + goto fail; + } + + kid = json_get_member_base64url(root, "kid"); + if (!kid) { + wpa_printf(MSG_DEBUG, "DPP: No kid string value found"); + goto fail; + } + wpa_hexdump_buf(MSG_DEBUG, "DPP: JWS Protected Header kid (decoded)", + kid); + +fail: + json_free(root); + return kid; +} + + +static int dpp_parse_cred_legacy(struct dpp_authentication *auth, + struct json_token *cred) +{ + struct json_token *pass, *psk_hex; + + wpa_printf(MSG_DEBUG, "DPP: Legacy akm=psk credential"); + + pass = json_get_member(cred, "pass"); + psk_hex = json_get_member(cred, "psk_hex"); + + if (pass && pass->type == JSON_STRING) { + size_t len = os_strlen(pass->string); + + wpa_hexdump_ascii_key(MSG_DEBUG, "DPP: Legacy passphrase", + pass->string, len); + if (len < 8 || len > 63) + return -1; + os_strlcpy(auth->passphrase, pass->string, + sizeof(auth->passphrase)); + } else if (psk_hex && psk_hex->type == JSON_STRING) { + if (auth->akm == DPP_AKM_SAE) { + wpa_printf(MSG_DEBUG, + "DPP: Unexpected psk_hex with akm=sae"); + return -1; + } + if (os_strlen(psk_hex->string) != PMK_LEN * 2 || + hexstr2bin(psk_hex->string, auth->psk, PMK_LEN) < 0) { + wpa_printf(MSG_DEBUG, "DPP: Invalid psk_hex encoding"); + return -1; + } + wpa_hexdump_key(MSG_DEBUG, "DPP: Legacy PSK", + auth->psk, PMK_LEN); + auth->psk_set = 1; + } else { + wpa_printf(MSG_DEBUG, "DPP: No pass or psk_hex strings found"); + return -1; + } + + if ((auth->akm == DPP_AKM_SAE || auth->akm == DPP_AKM_PSK_SAE) && + !auth->passphrase[0]) { + wpa_printf(MSG_DEBUG, "DPP: No pass for sae found"); + return -1; + } + + return 0; +} + + +static EVP_PKEY * dpp_parse_jwk(struct json_token *jwk, + const struct dpp_curve_params **key_curve) +{ + struct json_token *token; + const struct dpp_curve_params *curve; + struct wpabuf *x = NULL, *y = NULL; + EC_GROUP *group; + EVP_PKEY *pkey = NULL; + + token = json_get_member(jwk, "kty"); + if (!token || token->type != JSON_STRING) { + wpa_printf(MSG_DEBUG, "DPP: No kty in JWK"); + goto fail; + } + if (os_strcmp(token->string, "EC") != 0) { + wpa_printf(MSG_DEBUG, "DPP: Unexpected JWK kty '%s'", + token->string); + goto fail; + } + + token = json_get_member(jwk, "crv"); + if (!token || token->type != JSON_STRING) { + wpa_printf(MSG_DEBUG, "DPP: No crv in JWK"); + goto fail; + } + curve = dpp_get_curve_jwk_crv(token->string); + if (!curve) { + wpa_printf(MSG_DEBUG, "DPP: Unsupported JWK crv '%s'", + token->string); + goto fail; + } + + x = json_get_member_base64url(jwk, "x"); + if (!x) { + wpa_printf(MSG_DEBUG, "DPP: No x in JWK"); + goto fail; + } + wpa_hexdump_buf(MSG_DEBUG, "DPP: JWK x", x); + if (wpabuf_len(x) != curve->prime_len) { + wpa_printf(MSG_DEBUG, + "DPP: Unexpected JWK x length %u (expected %u for curve %s)", + (unsigned int) wpabuf_len(x), + (unsigned int) curve->prime_len, curve->name); + goto fail; + } + + y = json_get_member_base64url(jwk, "y"); + if (!y) { + wpa_printf(MSG_DEBUG, "DPP: No y in JWK"); + goto fail; + } + wpa_hexdump_buf(MSG_DEBUG, "DPP: JWK y", y); + if (wpabuf_len(y) != curve->prime_len) { + wpa_printf(MSG_DEBUG, + "DPP: Unexpected JWK y length %u (expected %u for curve %s)", + (unsigned int) wpabuf_len(y), + (unsigned int) curve->prime_len, curve->name); + goto fail; + } + + group = EC_GROUP_new_by_curve_name(OBJ_txt2nid(curve->name)); + if (!group) { + wpa_printf(MSG_DEBUG, "DPP: Could not prepare group for JWK"); + goto fail; + } + + pkey = dpp_set_pubkey_point_group(group, wpabuf_head(x), wpabuf_head(y), + wpabuf_len(x)); + *key_curve = curve; + +fail: + wpabuf_free(x); + wpabuf_free(y); + + return pkey; +} + + +int dpp_key_expired(const char *timestamp, os_time_t *expiry) +{ + struct os_time now; + unsigned int year, month, day, hour, min, sec; + os_time_t utime; + const char *pos; + + /* ISO 8601 date and time: + * <date>T<time> + * YYYY-MM-DDTHH:MM:SSZ + * YYYY-MM-DDTHH:MM:SS+03:00 + */ + if (os_strlen(timestamp) < 19) { + wpa_printf(MSG_DEBUG, + "DPP: Too short timestamp - assume expired key"); + return 1; + } + if (sscanf(timestamp, "%04u-%02u-%02uT%02u:%02u:%02u", + &year, &month, &day, &hour, &min, &sec) != 6) { + wpa_printf(MSG_DEBUG, + "DPP: Failed to parse expiration day - assume expired key"); + return 1; + } + + if (os_mktime(year, month, day, hour, min, sec, &utime) < 0) { + wpa_printf(MSG_DEBUG, + "DPP: Invalid date/time information - assume expired key"); + return 1; + } + + pos = timestamp + 19; + if (*pos == 'Z' || *pos == '\0') { + /* In UTC - no need to adjust */ + } else if (*pos == '-' || *pos == '+') { + int items; + + /* Adjust local time to UTC */ + items = sscanf(pos + 1, "%02u:%02u", &hour, &min); + if (items < 1) { + wpa_printf(MSG_DEBUG, + "DPP: Invalid time zone designator (%s) - assume expired key", + pos); + return 1; + } + if (*pos == '-') + utime += 3600 * hour; + if (*pos == '+') + utime -= 3600 * hour; + if (items > 1) { + if (*pos == '-') + utime += 60 * min; + if (*pos == '+') + utime -= 60 * min; + } + } else { + wpa_printf(MSG_DEBUG, + "DPP: Invalid time zone designator (%s) - assume expired key", + pos); + return 1; + } + if (expiry) + *expiry = utime; + + if (os_get_time(&now) < 0) { + wpa_printf(MSG_DEBUG, + "DPP: Cannot get current time - assume expired key"); + return 1; + } + + if (now.sec > utime) { + wpa_printf(MSG_DEBUG, "DPP: Key has expired (%lu < %lu)", + utime, now.sec); + return 1; + } + + return 0; +} + + +static int dpp_parse_connector(struct dpp_authentication *auth, + const unsigned char *payload, + u16 payload_len) +{ + struct json_token *root, *groups, *netkey, *token; + int ret = -1; + EVP_PKEY *key = NULL; + const struct dpp_curve_params *curve; + unsigned int rules = 0; + + root = json_parse((const char *) payload, payload_len); + if (!root) { + wpa_printf(MSG_DEBUG, "DPP: JSON parsing of connector failed"); + goto fail; + } + + groups = json_get_member(root, "groups"); + if (!groups || groups->type != JSON_ARRAY) { + wpa_printf(MSG_DEBUG, "DPP: No groups array found"); + goto skip_groups; + } + for (token = groups->child; token; token = token->sibling) { + struct json_token *id, *role; + + id = json_get_member(token, "groupId"); + if (!id || id->type != JSON_STRING) { + wpa_printf(MSG_DEBUG, "DPP: Missing groupId string"); + goto fail; + } + + role = json_get_member(token, "netRole"); + if (!role || role->type != JSON_STRING) { + wpa_printf(MSG_DEBUG, "DPP: Missing netRole string"); + goto fail; + } + wpa_printf(MSG_DEBUG, + "DPP: connector group: groupId='%s' netRole='%s'", + id->string, role->string); + rules++; + } +skip_groups: + + if (!rules) { + wpa_printf(MSG_DEBUG, + "DPP: Connector includes no groups"); + goto fail; + } + + token = json_get_member(root, "expiry"); + if (!token || token->type != JSON_STRING) { + wpa_printf(MSG_DEBUG, + "DPP: No expiry string found - connector does not expire"); + } else { + wpa_printf(MSG_DEBUG, "DPP: expiry = %s", token->string); + if (dpp_key_expired(token->string, + &auth->net_access_key_expiry)) { + wpa_printf(MSG_DEBUG, + "DPP: Connector (netAccessKey) has expired"); + goto fail; + } + } + + netkey = json_get_member(root, "netAccessKey"); + if (!netkey || netkey->type != JSON_OBJECT) { + wpa_printf(MSG_DEBUG, "DPP: No netAccessKey object found"); + goto fail; + } + + key = dpp_parse_jwk(netkey, &curve); + if (!key) + goto fail; + dpp_debug_print_key("DPP: Received netAccessKey", key); + + if (EVP_PKEY_cmp(key, auth->own_protocol_key) != 1) { + wpa_printf(MSG_DEBUG, + "DPP: netAccessKey in connector does not match own protocol key"); +#ifdef CONFIG_TESTING_OPTIONS + if (auth->ignore_netaccesskey_mismatch) { + wpa_printf(MSG_DEBUG, + "DPP: TESTING - skip netAccessKey mismatch"); + } else { + goto fail; + } +#else /* CONFIG_TESTING_OPTIONS */ + goto fail; +#endif /* CONFIG_TESTING_OPTIONS */ + } + + ret = 0; +fail: + EVP_PKEY_free(key); + json_free(root); + return ret; +} + + +static int dpp_check_pubkey_match(EVP_PKEY *pub, struct wpabuf *r_hash) +{ + struct wpabuf *uncomp; + int res; + u8 hash[SHA256_MAC_LEN]; + const u8 *addr[1]; + size_t len[1]; + + if (wpabuf_len(r_hash) != SHA256_MAC_LEN) + return -1; + uncomp = dpp_get_pubkey_point(pub, 1); + if (!uncomp) + return -1; + addr[0] = wpabuf_head(uncomp); + len[0] = wpabuf_len(uncomp); + wpa_hexdump(MSG_DEBUG, "DPP: Uncompressed public key", + addr[0], len[0]); + res = sha256_vector(1, addr, len, hash); + wpabuf_free(uncomp); + if (res < 0) + return -1; + if (os_memcmp(hash, wpabuf_head(r_hash), SHA256_MAC_LEN) != 0) { + wpa_printf(MSG_DEBUG, + "DPP: Received hash value does not match calculated public key hash value"); + wpa_hexdump(MSG_DEBUG, "DPP: Calculated hash", + hash, SHA256_MAC_LEN); + return -1; + } + return 0; +} + + +static void dpp_copy_csign(struct dpp_authentication *auth, EVP_PKEY *csign) +{ + unsigned char *der = NULL; + int der_len; + + der_len = i2d_PUBKEY(csign, &der); + if (der_len <= 0) + return; + wpabuf_free(auth->c_sign_key); + auth->c_sign_key = wpabuf_alloc_copy(der, der_len); + OPENSSL_free(der); +} + + +static void dpp_copy_netaccesskey(struct dpp_authentication *auth) +{ + unsigned char *der = NULL; + int der_len; + EC_KEY *eckey; + + eckey = EVP_PKEY_get1_EC_KEY(auth->own_protocol_key); + if (!eckey) + return; + + der_len = i2d_ECPrivateKey(eckey, &der); + if (der_len <= 0) { + EC_KEY_free(eckey); + return; + } + wpabuf_free(auth->net_access_key); + auth->net_access_key = wpabuf_alloc_copy(der, der_len); + OPENSSL_free(der); + EC_KEY_free(eckey); +} + + +struct dpp_signed_connector_info { + unsigned char *payload; + size_t payload_len; +}; + +static enum dpp_status_error +dpp_process_signed_connector(struct dpp_signed_connector_info *info, + EVP_PKEY *csign_pub, const char *connector) +{ + enum dpp_status_error ret = 255; + const char *pos, *end, *signed_start, *signed_end; + struct wpabuf *kid = NULL; + unsigned char *prot_hdr = NULL, *signature = NULL; + size_t prot_hdr_len = 0, signature_len = 0; + const EVP_MD *sign_md = NULL; + unsigned char *der = NULL; + int der_len; + int res; + EVP_MD_CTX *md_ctx = NULL; + ECDSA_SIG *sig = NULL; + BIGNUM *r = NULL, *s = NULL; + const struct dpp_curve_params *curve; + EC_KEY *eckey; + const EC_GROUP *group; + int nid; + + eckey = EVP_PKEY_get1_EC_KEY(csign_pub); + if (!eckey) + goto fail; + group = EC_KEY_get0_group(eckey); + if (!group) + goto fail; + nid = EC_GROUP_get_curve_name(group); + curve = dpp_get_curve_nid(nid); + if (!curve) + goto fail; + wpa_printf(MSG_DEBUG, "DPP: C-sign-key group: %s", curve->jwk_crv); + os_memset(info, 0, sizeof(*info)); + + signed_start = pos = connector; + end = os_strchr(pos, '.'); + if (!end) { + wpa_printf(MSG_DEBUG, "DPP: Missing dot(1) in signedConnector"); + ret = DPP_STATUS_INVALID_CONNECTOR; + goto fail; + } + prot_hdr = base64_url_decode((const unsigned char *) pos, + end - pos, &prot_hdr_len); + if (!prot_hdr) { + wpa_printf(MSG_DEBUG, + "DPP: Failed to base64url decode signedConnector JWS Protected Header"); + ret = DPP_STATUS_INVALID_CONNECTOR; + goto fail; + } + wpa_hexdump_ascii(MSG_DEBUG, + "DPP: signedConnector - JWS Protected Header", + prot_hdr, prot_hdr_len); + kid = dpp_parse_jws_prot_hdr(curve, prot_hdr, prot_hdr_len, &sign_md); + if (!kid) { + ret = DPP_STATUS_INVALID_CONNECTOR; + goto fail; + } + if (wpabuf_len(kid) != SHA256_MAC_LEN) { + wpa_printf(MSG_DEBUG, + "DPP: Unexpected signedConnector JWS Protected Header kid length: %u (expected %u)", + (unsigned int) wpabuf_len(kid), SHA256_MAC_LEN); + ret = DPP_STATUS_INVALID_CONNECTOR; + goto fail; + } + + pos = end + 1; + end = os_strchr(pos, '.'); + if (!end) { + wpa_printf(MSG_DEBUG, + "DPP: Missing dot(2) in signedConnector"); + ret = DPP_STATUS_INVALID_CONNECTOR; + goto fail; + } + signed_end = end - 1; + info->payload = base64_url_decode((const unsigned char *) pos, + end - pos, &info->payload_len); + if (!info->payload) { + wpa_printf(MSG_DEBUG, + "DPP: Failed to base64url decode signedConnector JWS Payload"); + ret = DPP_STATUS_INVALID_CONNECTOR; + goto fail; + } + wpa_hexdump_ascii(MSG_DEBUG, + "DPP: signedConnector - JWS Payload", + info->payload, info->payload_len); + pos = end + 1; + signature = base64_url_decode((const unsigned char *) pos, + os_strlen(pos), &signature_len); + if (!signature) { + wpa_printf(MSG_DEBUG, + "DPP: Failed to base64url decode signedConnector signature"); + ret = DPP_STATUS_INVALID_CONNECTOR; + goto fail; + } + wpa_hexdump(MSG_DEBUG, "DPP: signedConnector - signature", + signature, signature_len); + + if (dpp_check_pubkey_match(csign_pub, kid) < 0) { + ret = DPP_STATUS_NO_MATCH; + goto fail; + } + + if (signature_len & 0x01) { + wpa_printf(MSG_DEBUG, + "DPP: Unexpected signedConnector signature length (%d)", + (int) signature_len); + ret = DPP_STATUS_INVALID_CONNECTOR; + goto fail; + } + + /* JWS Signature encodes the signature (r,s) as two octet strings. Need + * to convert that to DER encoded ECDSA_SIG for OpenSSL EVP routines. */ + r = BN_bin2bn(signature, signature_len / 2, NULL); + s = BN_bin2bn(signature + signature_len / 2, signature_len / 2, NULL); + sig = ECDSA_SIG_new(); + if (!r || !s || !sig || ECDSA_SIG_set0(sig, r, s) != 1) + goto fail; + r = NULL; + s = NULL; + + der_len = i2d_ECDSA_SIG(sig, &der); + if (der_len <= 0) { + wpa_printf(MSG_DEBUG, "DPP: Could not DER encode signature"); + goto fail; + } + wpa_hexdump(MSG_DEBUG, "DPP: DER encoded signature", der, der_len); + md_ctx = EVP_MD_CTX_create(); + if (!md_ctx) + goto fail; + + ERR_clear_error(); + if (EVP_DigestVerifyInit(md_ctx, NULL, sign_md, NULL, csign_pub) != 1) { + wpa_printf(MSG_DEBUG, "DPP: EVP_DigestVerifyInit failed: %s", + ERR_error_string(ERR_get_error(), NULL)); + goto fail; + } + if (EVP_DigestVerifyUpdate(md_ctx, signed_start, + signed_end - signed_start + 1) != 1) { + wpa_printf(MSG_DEBUG, "DPP: EVP_DigestVerifyUpdate failed: %s", + ERR_error_string(ERR_get_error(), NULL)); + goto fail; + } + res = EVP_DigestVerifyFinal(md_ctx, der, der_len); + if (res != 1) { + wpa_printf(MSG_DEBUG, + "DPP: EVP_DigestVerifyFinal failed (res=%d): %s", + res, ERR_error_string(ERR_get_error(), NULL)); + ret = DPP_STATUS_INVALID_CONNECTOR; + goto fail; + } + + ret = DPP_STATUS_OK; +fail: + EC_KEY_free(eckey); + EVP_MD_CTX_destroy(md_ctx); + os_free(prot_hdr); + wpabuf_free(kid); + os_free(signature); + ECDSA_SIG_free(sig); + BN_free(r); + BN_free(s); + OPENSSL_free(der); + return ret; +} + + +static int dpp_parse_cred_dpp(struct dpp_authentication *auth, + struct json_token *cred) +{ + struct dpp_signed_connector_info info; + struct json_token *token, *csign; + int ret = -1; + EVP_PKEY *csign_pub = NULL; + const struct dpp_curve_params *key_curve = NULL; + const char *signed_connector; + + os_memset(&info, 0, sizeof(info)); + + wpa_printf(MSG_DEBUG, "DPP: Connector credential"); + + csign = json_get_member(cred, "csign"); + if (!csign || csign->type != JSON_OBJECT) { + wpa_printf(MSG_DEBUG, "DPP: No csign JWK in JSON"); + goto fail; + } + + csign_pub = dpp_parse_jwk(csign, &key_curve); + if (!csign_pub) { + wpa_printf(MSG_DEBUG, "DPP: Failed to parse csign JWK"); + goto fail; + } + dpp_debug_print_key("DPP: Received C-sign-key", csign_pub); + + token = json_get_member(cred, "signedConnector"); + if (!token || token->type != JSON_STRING) { + wpa_printf(MSG_DEBUG, "DPP: No signedConnector string found"); + goto fail; + } + wpa_hexdump_ascii(MSG_DEBUG, "DPP: signedConnector", + token->string, os_strlen(token->string)); + signed_connector = token->string; + + if (os_strchr(signed_connector, '"') || + os_strchr(signed_connector, '\n')) { + wpa_printf(MSG_DEBUG, + "DPP: Unexpected character in signedConnector"); + goto fail; + } + + if (dpp_process_signed_connector(&info, csign_pub, + signed_connector) != DPP_STATUS_OK) + goto fail; + + if (dpp_parse_connector(auth, info.payload, info.payload_len) < 0) { + wpa_printf(MSG_DEBUG, "DPP: Failed to parse connector"); + goto fail; + } + + os_free(auth->connector); + auth->connector = os_strdup(signed_connector); + + dpp_copy_csign(auth, csign_pub); + dpp_copy_netaccesskey(auth); + + ret = 0; +fail: + EVP_PKEY_free(csign_pub); + os_free(info.payload); + return ret; +} + + +const char * dpp_akm_str(enum dpp_akm akm) +{ + switch (akm) { + case DPP_AKM_DPP: + return "dpp"; + case DPP_AKM_PSK: + return "psk"; + case DPP_AKM_SAE: + return "sae"; + case DPP_AKM_PSK_SAE: + return "psk+sae"; + default: + return "??"; + } +} + + +static enum dpp_akm dpp_akm_from_str(const char *akm) +{ + if (os_strcmp(akm, "psk") == 0) + return DPP_AKM_PSK; + if (os_strcmp(akm, "sae") == 0) + return DPP_AKM_SAE; + if (os_strcmp(akm, "psk+sae") == 0) + return DPP_AKM_PSK_SAE; + if (os_strcmp(akm, "dpp") == 0) + return DPP_AKM_DPP; + return DPP_AKM_UNKNOWN; +} + + +static int dpp_parse_conf_obj(struct dpp_authentication *auth, + const u8 *conf_obj, u16 conf_obj_len) +{ + int ret = -1; + struct json_token *root, *token, *discovery, *cred; + + root = json_parse((const char *) conf_obj, conf_obj_len); + if (!root) + return -1; + if (root->type != JSON_OBJECT) { + dpp_auth_fail(auth, "JSON root is not an object"); + goto fail; + } + + token = json_get_member(root, "wi-fi_tech"); + if (!token || token->type != JSON_STRING) { + dpp_auth_fail(auth, "No wi-fi_tech string value found"); + goto fail; + } + if (os_strcmp(token->string, "infra") != 0) { + wpa_printf(MSG_DEBUG, "DPP: Unsupported wi-fi_tech value: '%s'", + token->string); + dpp_auth_fail(auth, "Unsupported wi-fi_tech value"); + goto fail; + } + + discovery = json_get_member(root, "discovery"); + if (!discovery || discovery->type != JSON_OBJECT) { + dpp_auth_fail(auth, "No discovery object in JSON"); + goto fail; + } + + token = json_get_member(discovery, "ssid"); + if (!token || token->type != JSON_STRING) { + dpp_auth_fail(auth, "No discovery::ssid string value found"); + goto fail; + } + wpa_hexdump_ascii(MSG_DEBUG, "DPP: discovery::ssid", + token->string, os_strlen(token->string)); + if (os_strlen(token->string) > SSID_MAX_LEN) { + dpp_auth_fail(auth, "Too long discovery::ssid string value"); + goto fail; + } + auth->ssid_len = os_strlen(token->string); + os_memcpy(auth->ssid, token->string, auth->ssid_len); + + cred = json_get_member(root, "cred"); + if (!cred || cred->type != JSON_OBJECT) { + dpp_auth_fail(auth, "No cred object in JSON"); + goto fail; + } + + token = json_get_member(cred, "akm"); + if (!token || token->type != JSON_STRING) { + dpp_auth_fail(auth, "No cred::akm string value found"); + goto fail; + } + auth->akm = dpp_akm_from_str(token->string); + + if (auth->akm == DPP_AKM_PSK || auth->akm == DPP_AKM_SAE || + auth->akm == DPP_AKM_PSK_SAE) { + if (dpp_parse_cred_legacy(auth, cred) < 0) + goto fail; + } else if (auth->akm == DPP_AKM_DPP) { + if (dpp_parse_cred_dpp(auth, cred) < 0) + goto fail; + } else { + wpa_printf(MSG_DEBUG, "DPP: Unsupported akm: %s", + token->string); + dpp_auth_fail(auth, "Unsupported akm"); + goto fail; + } + + wpa_printf(MSG_DEBUG, "DPP: JSON parsing completed successfully"); + ret = 0; +fail: + json_free(root); + return ret; +} + + +int dpp_conf_resp_rx(struct dpp_authentication *auth, + const struct wpabuf *resp) +{ + const u8 *wrapped_data, *e_nonce, *status, *conf_obj; + u16 wrapped_data_len, e_nonce_len, status_len, conf_obj_len; + const u8 *addr[1]; + size_t len[1]; + u8 *unwrapped = NULL; + size_t unwrapped_len = 0; + int ret = -1; + + if (dpp_check_attrs(wpabuf_head(resp), wpabuf_len(resp)) < 0) { + dpp_auth_fail(auth, "Invalid attribute in config response"); + return -1; + } + + wrapped_data = dpp_get_attr(wpabuf_head(resp), wpabuf_len(resp), + DPP_ATTR_WRAPPED_DATA, + &wrapped_data_len); + if (!wrapped_data || wrapped_data_len < AES_BLOCK_SIZE) { + dpp_auth_fail(auth, + "Missing or invalid required Wrapped Data attribute"); + return -1; + } + + wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV ciphertext", + wrapped_data, wrapped_data_len); + unwrapped_len = wrapped_data_len - AES_BLOCK_SIZE; + unwrapped = os_malloc(unwrapped_len); + if (!unwrapped) + return -1; + + addr[0] = wpabuf_head(resp); + len[0] = wrapped_data - 4 - (const u8 *) wpabuf_head(resp); + wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD", addr[0], len[0]); + + if (aes_siv_decrypt(auth->ke, auth->curve->hash_len, + wrapped_data, wrapped_data_len, + 1, addr, len, unwrapped) < 0) { + dpp_auth_fail(auth, "AES-SIV decryption failed"); + goto fail; + } + wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV cleartext", + unwrapped, unwrapped_len); + + if (dpp_check_attrs(unwrapped, unwrapped_len) < 0) { + dpp_auth_fail(auth, "Invalid attribute in unwrapped data"); + goto fail; + } + + e_nonce = dpp_get_attr(unwrapped, unwrapped_len, + DPP_ATTR_ENROLLEE_NONCE, + &e_nonce_len); + if (!e_nonce || e_nonce_len != auth->curve->nonce_len) { + dpp_auth_fail(auth, + "Missing or invalid Enrollee Nonce attribute"); + goto fail; + } + wpa_hexdump(MSG_DEBUG, "DPP: Enrollee Nonce", e_nonce, e_nonce_len); + if (os_memcmp(e_nonce, auth->e_nonce, e_nonce_len) != 0) { + dpp_auth_fail(auth, "Enrollee Nonce mismatch"); + goto fail; + } + + status = dpp_get_attr(wpabuf_head(resp), wpabuf_len(resp), + DPP_ATTR_STATUS, &status_len); + if (!status || status_len < 1) { + dpp_auth_fail(auth, + "Missing or invalid required DPP Status attribute"); + goto fail; + } + wpa_printf(MSG_DEBUG, "DPP: Status %u", status[0]); + if (status[0] != DPP_STATUS_OK) { + dpp_auth_fail(auth, "Configurator rejected configuration"); + goto fail; + } + + conf_obj = dpp_get_attr(unwrapped, unwrapped_len, + DPP_ATTR_CONFIG_OBJ, &conf_obj_len); + if (!conf_obj) { + dpp_auth_fail(auth, + "Missing required Configuration Object attribute"); + goto fail; + } + wpa_hexdump_ascii(MSG_DEBUG, "DPP: configurationObject JSON", + conf_obj, conf_obj_len); + if (dpp_parse_conf_obj(auth, conf_obj, conf_obj_len) < 0) + goto fail; + + ret = 0; + +fail: + os_free(unwrapped); + return ret; +} + + +void dpp_configurator_free(struct dpp_configurator *conf) +{ + if (!conf) + return; + EVP_PKEY_free(conf->csign); + os_free(conf->kid); + os_free(conf); +} + + +int dpp_configurator_get_key(const struct dpp_configurator *conf, char *buf, + size_t buflen) +{ + EC_KEY *eckey; + int key_len, ret = -1; + unsigned char *key = NULL; + + if (!conf->csign) + return -1; + + eckey = EVP_PKEY_get1_EC_KEY(conf->csign); + if (!eckey) + return -1; + + key_len = i2d_ECPrivateKey(eckey, &key); + if (key_len > 0) + ret = wpa_snprintf_hex(buf, buflen, key, key_len); + + EC_KEY_free(eckey); + OPENSSL_free(key); + return ret; +} + + +struct dpp_configurator * +dpp_keygen_configurator(const char *curve, const u8 *privkey, + size_t privkey_len) +{ + struct dpp_configurator *conf; + struct wpabuf *csign_pub = NULL; + u8 kid_hash[SHA256_MAC_LEN]; + const u8 *addr[1]; + size_t len[1]; + + conf = os_zalloc(sizeof(*conf)); + if (!conf) + return NULL; + + if (!curve) { + conf->curve = &dpp_curves[0]; + } else { + conf->curve = dpp_get_curve_name(curve); + if (!conf->curve) { + wpa_printf(MSG_INFO, "DPP: Unsupported curve: %s", + curve); + os_free(conf); + return NULL; + } + } + if (privkey) + conf->csign = dpp_set_keypair(&conf->curve, privkey, + privkey_len); + else + conf->csign = dpp_gen_keypair(conf->curve); + if (!conf->csign) + goto fail; + conf->own = 1; + + csign_pub = dpp_get_pubkey_point(conf->csign, 1); + if (!csign_pub) { + wpa_printf(MSG_INFO, "DPP: Failed to extract C-sign-key"); + goto fail; + } + + /* kid = SHA256(ANSI X9.63 uncompressed C-sign-key) */ + addr[0] = wpabuf_head(csign_pub); + len[0] = wpabuf_len(csign_pub); + if (sha256_vector(1, addr, len, kid_hash) < 0) { + wpa_printf(MSG_DEBUG, + "DPP: Failed to derive kid for C-sign-key"); + goto fail; + } + + conf->kid = (char *) base64_url_encode(kid_hash, sizeof(kid_hash), + NULL, 0); + if (!conf->kid) + goto fail; +out: + wpabuf_free(csign_pub); + return conf; +fail: + dpp_configurator_free(conf); + conf = NULL; + goto out; +} + + +int dpp_configurator_own_config(struct dpp_authentication *auth, + const char *curve, int ap) +{ + struct wpabuf *conf_obj; + int ret = -1; + + if (!auth->conf) { + wpa_printf(MSG_DEBUG, "DPP: No configurator specified"); + return -1; + } + + if (!curve) { + auth->curve = &dpp_curves[0]; + } else { + auth->curve = dpp_get_curve_name(curve); + if (!auth->curve) { + wpa_printf(MSG_INFO, "DPP: Unsupported curve: %s", + curve); + return -1; + } + } + wpa_printf(MSG_DEBUG, + "DPP: Building own configuration/connector with curve %s", + auth->curve->name); + + auth->own_protocol_key = dpp_gen_keypair(auth->curve); + if (!auth->own_protocol_key) + return -1; + dpp_copy_netaccesskey(auth); + auth->peer_protocol_key = auth->own_protocol_key; + dpp_copy_csign(auth, auth->conf->csign); + + conf_obj = dpp_build_conf_obj(auth, ap); + if (!conf_obj) + goto fail; + ret = dpp_parse_conf_obj(auth, wpabuf_head(conf_obj), + wpabuf_len(conf_obj)); +fail: + wpabuf_free(conf_obj); + auth->peer_protocol_key = NULL; + return ret; +} + + +static int dpp_compatible_netrole(const char *role1, const char *role2) +{ + return (os_strcmp(role1, "sta") == 0 && os_strcmp(role2, "ap") == 0) || + (os_strcmp(role1, "ap") == 0 && os_strcmp(role2, "sta") == 0); +} + + +static int dpp_connector_compatible_group(struct json_token *root, + const char *group_id, + const char *net_role) +{ + struct json_token *groups, *token; + + groups = json_get_member(root, "groups"); + if (!groups || groups->type != JSON_ARRAY) + return 0; + + for (token = groups->child; token; token = token->sibling) { + struct json_token *id, *role; + + id = json_get_member(token, "groupId"); + if (!id || id->type != JSON_STRING) + continue; + + role = json_get_member(token, "netRole"); + if (!role || role->type != JSON_STRING) + continue; + + if (os_strcmp(id->string, "*") != 0 && + os_strcmp(group_id, "*") != 0 && + os_strcmp(id->string, group_id) != 0) + continue; + + if (dpp_compatible_netrole(role->string, net_role)) + return 1; + } + + return 0; +} + + +static int dpp_connector_match_groups(struct json_token *own_root, + struct json_token *peer_root) +{ + struct json_token *groups, *token; + + groups = json_get_member(peer_root, "groups"); + if (!groups || groups->type != JSON_ARRAY) { + wpa_printf(MSG_DEBUG, "DPP: No peer groups array found"); + return 0; + } + + for (token = groups->child; token; token = token->sibling) { + struct json_token *id, *role; + + id = json_get_member(token, "groupId"); + if (!id || id->type != JSON_STRING) { + wpa_printf(MSG_DEBUG, + "DPP: Missing peer groupId string"); + continue; + } + + role = json_get_member(token, "netRole"); + if (!role || role->type != JSON_STRING) { + wpa_printf(MSG_DEBUG, + "DPP: Missing peer groups::netRole string"); + continue; + } + wpa_printf(MSG_DEBUG, + "DPP: peer connector group: groupId='%s' netRole='%s'", + id->string, role->string); + if (dpp_connector_compatible_group(own_root, id->string, + role->string)) { + wpa_printf(MSG_DEBUG, + "DPP: Compatible group/netRole in own connector"); + return 1; + } + } + + return 0; +} + + +static int dpp_derive_pmk(const u8 *Nx, size_t Nx_len, u8 *pmk, + unsigned int hash_len) +{ + u8 salt[DPP_MAX_HASH_LEN], prk[DPP_MAX_HASH_LEN]; + const char *info = "DPP PMK"; + int res; + + /* PMK = HKDF(<>, "DPP PMK", N.x) */ + + /* HKDF-Extract(<>, N.x) */ + os_memset(salt, 0, hash_len); + if (dpp_hmac(hash_len, salt, hash_len, Nx, Nx_len, prk) < 0) + return -1; + wpa_hexdump_key(MSG_DEBUG, "DPP: PRK = HKDF-Extract(<>, IKM=N.x)", + prk, hash_len); + + /* HKDF-Expand(PRK, info, L) */ + res = dpp_hkdf_expand(hash_len, prk, hash_len, info, pmk, hash_len); + os_memset(prk, 0, hash_len); + if (res < 0) + return -1; + + wpa_hexdump_key(MSG_DEBUG, "DPP: PMK = HKDF-Expand(PRK, info, L)", + pmk, hash_len); + return 0; +} + + +static int dpp_derive_pmkid(const struct dpp_curve_params *curve, + EVP_PKEY *own_key, EVP_PKEY *peer_key, u8 *pmkid) +{ + struct wpabuf *nkx, *pkx; + int ret = -1, res; + const u8 *addr[2]; + size_t len[2]; + u8 hash[SHA256_MAC_LEN]; + + /* PMKID = Truncate-128(H(min(NK.x, PK.x) | max(NK.x, PK.x))) */ + nkx = dpp_get_pubkey_point(own_key, 0); + pkx = dpp_get_pubkey_point(peer_key, 0); + if (!nkx || !pkx) + goto fail; + addr[0] = wpabuf_head(nkx); + len[0] = wpabuf_len(nkx) / 2; + addr[1] = wpabuf_head(pkx); + len[1] = wpabuf_len(pkx) / 2; + if (len[0] != len[1]) + goto fail; + if (os_memcmp(addr[0], addr[1], len[0]) > 0) { + addr[0] = wpabuf_head(pkx); + addr[1] = wpabuf_head(nkx); + } + wpa_hexdump(MSG_DEBUG, "DPP: PMKID hash payload 1", addr[0], len[0]); + wpa_hexdump(MSG_DEBUG, "DPP: PMKID hash payload 2", addr[1], len[1]); + res = sha256_vector(2, addr, len, hash); + if (res < 0) + goto fail; + wpa_hexdump(MSG_DEBUG, "DPP: PMKID hash output", hash, SHA256_MAC_LEN); + os_memcpy(pmkid, hash, PMKID_LEN); + wpa_hexdump(MSG_DEBUG, "DPP: PMKID", pmkid, PMKID_LEN); + ret = 0; +fail: + wpabuf_free(nkx); + wpabuf_free(pkx); + return ret; +} + + +enum dpp_status_error +dpp_peer_intro(struct dpp_introduction *intro, const char *own_connector, + const u8 *net_access_key, size_t net_access_key_len, + const u8 *csign_key, size_t csign_key_len, + const u8 *peer_connector, size_t peer_connector_len, + os_time_t *expiry) +{ + struct json_token *root = NULL, *netkey, *token; + struct json_token *own_root = NULL; + enum dpp_status_error ret = 255, res; + EVP_PKEY *own_key = NULL, *peer_key = NULL; + struct wpabuf *own_key_pub = NULL; + const struct dpp_curve_params *curve, *own_curve; + struct dpp_signed_connector_info info; + const unsigned char *p; + EVP_PKEY *csign = NULL; + char *signed_connector = NULL; + const char *pos, *end; + unsigned char *own_conn = NULL; + size_t own_conn_len; + EVP_PKEY_CTX *ctx = NULL; + size_t Nx_len; + u8 Nx[DPP_MAX_SHARED_SECRET_LEN]; + + os_memset(intro, 0, sizeof(*intro)); + os_memset(&info, 0, sizeof(info)); + if (expiry) + *expiry = 0; + + p = csign_key; + csign = d2i_PUBKEY(NULL, &p, csign_key_len); + if (!csign) { + wpa_printf(MSG_ERROR, + "DPP: Failed to parse local C-sign-key information"); + goto fail; + } + + own_key = dpp_set_keypair(&own_curve, net_access_key, + net_access_key_len); + if (!own_key) { + wpa_printf(MSG_ERROR, "DPP: Failed to parse own netAccessKey"); + goto fail; + } + + pos = os_strchr(own_connector, '.'); + if (!pos) { + wpa_printf(MSG_DEBUG, "DPP: Own connector is missing the first dot (.)"); + goto fail; + } + pos++; + end = os_strchr(pos, '.'); + if (!end) { + wpa_printf(MSG_DEBUG, "DPP: Own connector is missing the second dot (.)"); + goto fail; + } + own_conn = base64_url_decode((const unsigned char *) pos, + end - pos, &own_conn_len); + if (!own_conn) { + wpa_printf(MSG_DEBUG, + "DPP: Failed to base64url decode own signedConnector JWS Payload"); + goto fail; + } + + own_root = json_parse((const char *) own_conn, own_conn_len); + if (!own_root) { + wpa_printf(MSG_DEBUG, "DPP: Failed to parse local connector"); + goto fail; + } + + wpa_hexdump_ascii(MSG_DEBUG, "DPP: Peer signedConnector", + peer_connector, peer_connector_len); + signed_connector = os_malloc(peer_connector_len + 1); + if (!signed_connector) + goto fail; + os_memcpy(signed_connector, peer_connector, peer_connector_len); + signed_connector[peer_connector_len] = '\0'; + + res = dpp_process_signed_connector(&info, csign, signed_connector); + if (res != DPP_STATUS_OK) { + ret = res; + goto fail; + } + + root = json_parse((const char *) info.payload, info.payload_len); + if (!root) { + wpa_printf(MSG_DEBUG, "DPP: JSON parsing of connector failed"); + ret = DPP_STATUS_INVALID_CONNECTOR; + goto fail; + } + + if (!dpp_connector_match_groups(own_root, root)) { + wpa_printf(MSG_DEBUG, + "DPP: Peer connector does not include compatible group netrole with own connector"); + ret = DPP_STATUS_NO_MATCH; + goto fail; + } + + token = json_get_member(root, "expiry"); + if (!token || token->type != JSON_STRING) { + wpa_printf(MSG_DEBUG, + "DPP: No expiry string found - connector does not expire"); + } else { + wpa_printf(MSG_DEBUG, "DPP: expiry = %s", token->string); + if (dpp_key_expired(token->string, expiry)) { + wpa_printf(MSG_DEBUG, + "DPP: Connector (netAccessKey) has expired"); + ret = DPP_STATUS_INVALID_CONNECTOR; + goto fail; + } + } + + netkey = json_get_member(root, "netAccessKey"); + if (!netkey || netkey->type != JSON_OBJECT) { + wpa_printf(MSG_DEBUG, "DPP: No netAccessKey object found"); + ret = DPP_STATUS_INVALID_CONNECTOR; + goto fail; + } + + peer_key = dpp_parse_jwk(netkey, &curve); + if (!peer_key) { + ret = DPP_STATUS_INVALID_CONNECTOR; + goto fail; + } + dpp_debug_print_key("DPP: Received netAccessKey", peer_key); + + if (own_curve != curve) { + wpa_printf(MSG_DEBUG, + "DPP: Mismatching netAccessKey curves (%s != %s)", + own_curve->name, curve->name); + ret = DPP_STATUS_INVALID_CONNECTOR; + goto fail; + } + + /* ECDH: N = nk * PK */ + ctx = EVP_PKEY_CTX_new(own_key, NULL); + if (!ctx || + EVP_PKEY_derive_init(ctx) != 1 || + EVP_PKEY_derive_set_peer(ctx, peer_key) != 1 || + EVP_PKEY_derive(ctx, NULL, &Nx_len) != 1 || + Nx_len > DPP_MAX_SHARED_SECRET_LEN || + EVP_PKEY_derive(ctx, Nx, &Nx_len) != 1) { + wpa_printf(MSG_ERROR, + "DPP: Failed to derive ECDH shared secret: %s", + ERR_error_string(ERR_get_error(), NULL)); + goto fail; + } + + wpa_hexdump_key(MSG_DEBUG, "DPP: ECDH shared secret (N.x)", + Nx, Nx_len); + + /* PMK = HKDF(<>, "DPP PMK", N.x) */ + if (dpp_derive_pmk(Nx, Nx_len, intro->pmk, curve->hash_len) < 0) { + wpa_printf(MSG_ERROR, "DPP: Failed to derive PMK"); + goto fail; + } + intro->pmk_len = curve->hash_len; + + /* PMKID = Truncate-128(H(min(NK.x, PK.x) | max(NK.x, PK.x))) */ + if (dpp_derive_pmkid(curve, own_key, peer_key, intro->pmkid) < 0) { + wpa_printf(MSG_ERROR, "DPP: Failed to derive PMKID"); + goto fail; + } + + ret = DPP_STATUS_OK; +fail: + if (ret != DPP_STATUS_OK) + os_memset(intro, 0, sizeof(*intro)); + os_memset(Nx, 0, sizeof(Nx)); + EVP_PKEY_CTX_free(ctx); + os_free(own_conn); + os_free(signed_connector); + os_free(info.payload); + EVP_PKEY_free(own_key); + wpabuf_free(own_key_pub); + EVP_PKEY_free(peer_key); + EVP_PKEY_free(csign); + json_free(root); + json_free(own_root); + return ret; +} + + +static EVP_PKEY * dpp_pkex_get_role_elem(const struct dpp_curve_params *curve, + int init) +{ + EC_GROUP *group; + size_t len = curve->prime_len; + const u8 *x, *y; + + switch (curve->ike_group) { + case 19: + x = init ? pkex_init_x_p256 : pkex_resp_x_p256; + y = init ? pkex_init_y_p256 : pkex_resp_y_p256; + break; + case 20: + x = init ? pkex_init_x_p384 : pkex_resp_x_p384; + y = init ? pkex_init_y_p384 : pkex_resp_y_p384; + break; + case 21: + x = init ? pkex_init_x_p521 : pkex_resp_x_p521; + y = init ? pkex_init_y_p521 : pkex_resp_y_p521; + break; + case 28: + x = init ? pkex_init_x_bp_p256r1 : pkex_resp_x_bp_p256r1; + y = init ? pkex_init_y_bp_p256r1 : pkex_resp_y_bp_p256r1; + break; + case 29: + x = init ? pkex_init_x_bp_p384r1 : pkex_resp_x_bp_p384r1; + y = init ? pkex_init_y_bp_p384r1 : pkex_resp_y_bp_p384r1; + break; + case 30: + x = init ? pkex_init_x_bp_p512r1 : pkex_resp_x_bp_p512r1; + y = init ? pkex_init_y_bp_p512r1 : pkex_resp_y_bp_p512r1; + break; + default: + return NULL; + } + + group = EC_GROUP_new_by_curve_name(OBJ_txt2nid(curve->name)); + if (!group) + return NULL; + return dpp_set_pubkey_point_group(group, x, y, len); +} + + +static EC_POINT * dpp_pkex_derive_Qi(const struct dpp_curve_params *curve, + const u8 *mac_init, const char *code, + const char *identifier, BN_CTX *bnctx, + const EC_GROUP **ret_group) +{ + u8 hash[DPP_MAX_HASH_LEN]; + const u8 *addr[3]; + size_t len[3]; + unsigned int num_elem = 0; + EC_POINT *Qi = NULL; + EVP_PKEY *Pi = NULL; + EC_KEY *Pi_ec = NULL; + const EC_POINT *Pi_point; + BIGNUM *hash_bn = NULL; + const EC_GROUP *group = NULL; + EC_GROUP *group2 = NULL; + + /* Qi = H(MAC-Initiator | [identifier |] code) * Pi */ + + wpa_printf(MSG_DEBUG, "DPP: MAC-Initiator: " MACSTR, MAC2STR(mac_init)); + addr[num_elem] = mac_init; + len[num_elem] = ETH_ALEN; + num_elem++; + if (identifier) { + wpa_printf(MSG_DEBUG, "DPP: code identifier: %s", + identifier); + addr[num_elem] = (const u8 *) identifier; + len[num_elem] = os_strlen(identifier); + num_elem++; + } + wpa_hexdump_ascii_key(MSG_DEBUG, "DPP: code", code, os_strlen(code)); + addr[num_elem] = (const u8 *) code; + len[num_elem] = os_strlen(code); + num_elem++; + if (dpp_hash_vector(curve, num_elem, addr, len, hash) < 0) + goto fail; + wpa_hexdump_key(MSG_DEBUG, + "DPP: H(MAC-Initiator | [identifier |] code)", + hash, curve->hash_len); + Pi = dpp_pkex_get_role_elem(curve, 1); + if (!Pi) + goto fail; + dpp_debug_print_key("DPP: Pi", Pi); + Pi_ec = EVP_PKEY_get1_EC_KEY(Pi); + if (!Pi_ec) + goto fail; + Pi_point = EC_KEY_get0_public_key(Pi_ec); + + group = EC_KEY_get0_group(Pi_ec); + if (!group) + goto fail; + group2 = EC_GROUP_dup(group); + if (!group2) + goto fail; + Qi = EC_POINT_new(group2); + if (!Qi) { + EC_GROUP_free(group2); + goto fail; + } + hash_bn = BN_bin2bn(hash, curve->hash_len, NULL); + if (!hash_bn || + EC_POINT_mul(group2, Qi, NULL, Pi_point, hash_bn, bnctx) != 1) + goto fail; + if (EC_POINT_is_at_infinity(group, Qi)) { + wpa_printf(MSG_INFO, "DPP: Qi is the point-at-infinity"); + goto fail; + } + dpp_debug_print_point("DPP: Qi", group, Qi); +out: + EC_KEY_free(Pi_ec); + EVP_PKEY_free(Pi); + BN_clear_free(hash_bn); + if (ret_group) + *ret_group = group2; + return Qi; +fail: + EC_POINT_free(Qi); + Qi = NULL; + goto out; +} + + +static EC_POINT * dpp_pkex_derive_Qr(const struct dpp_curve_params *curve, + const u8 *mac_resp, const char *code, + const char *identifier, BN_CTX *bnctx, + const EC_GROUP **ret_group) +{ + u8 hash[DPP_MAX_HASH_LEN]; + const u8 *addr[3]; + size_t len[3]; + unsigned int num_elem = 0; + EC_POINT *Qr = NULL; + EVP_PKEY *Pr = NULL; + EC_KEY *Pr_ec = NULL; + const EC_POINT *Pr_point; + BIGNUM *hash_bn = NULL; + const EC_GROUP *group = NULL; + EC_GROUP *group2 = NULL; + + /* Qr = H(MAC-Responder | | [identifier | ] code) * Pr */ + + wpa_printf(MSG_DEBUG, "DPP: MAC-Responder: " MACSTR, MAC2STR(mac_resp)); + addr[num_elem] = mac_resp; + len[num_elem] = ETH_ALEN; + num_elem++; + if (identifier) { + wpa_printf(MSG_DEBUG, "DPP: code identifier: %s", + identifier); + addr[num_elem] = (const u8 *) identifier; + len[num_elem] = os_strlen(identifier); + num_elem++; + } + wpa_hexdump_ascii_key(MSG_DEBUG, "DPP: code", code, os_strlen(code)); + addr[num_elem] = (const u8 *) code; + len[num_elem] = os_strlen(code); + num_elem++; + if (dpp_hash_vector(curve, num_elem, addr, len, hash) < 0) + goto fail; + wpa_hexdump_key(MSG_DEBUG, + "DPP: H(MAC-Responder | [identifier |] code)", + hash, curve->hash_len); + Pr = dpp_pkex_get_role_elem(curve, 0); + if (!Pr) + goto fail; + dpp_debug_print_key("DPP: Pr", Pr); + Pr_ec = EVP_PKEY_get1_EC_KEY(Pr); + if (!Pr_ec) + goto fail; + Pr_point = EC_KEY_get0_public_key(Pr_ec); + + group = EC_KEY_get0_group(Pr_ec); + if (!group) + goto fail; + group2 = EC_GROUP_dup(group); + if (!group2) + goto fail; + Qr = EC_POINT_new(group2); + if (!Qr) { + EC_GROUP_free(group2); + goto fail; + } + hash_bn = BN_bin2bn(hash, curve->hash_len, NULL); + if (!hash_bn || + EC_POINT_mul(group2, Qr, NULL, Pr_point, hash_bn, bnctx) != 1) + goto fail; + if (EC_POINT_is_at_infinity(group, Qr)) { + wpa_printf(MSG_INFO, "DPP: Qr is the point-at-infinity"); + goto fail; + } + dpp_debug_print_point("DPP: Qr", group, Qr); +out: + EC_KEY_free(Pr_ec); + EVP_PKEY_free(Pr); + BN_clear_free(hash_bn); + if (ret_group) + *ret_group = group2; + return Qr; +fail: + EC_POINT_free(Qr); + Qr = NULL; + goto out; +} + + +#ifdef CONFIG_TESTING_OPTIONS +static int dpp_test_gen_invalid_key(struct wpabuf *msg, + const struct dpp_curve_params *curve) +{ + BN_CTX *ctx; + BIGNUM *x, *y; + int ret = -1; + EC_GROUP *group; + EC_POINT *point; + + group = EC_GROUP_new_by_curve_name(OBJ_txt2nid(curve->name)); + if (!group) + return -1; + + ctx = BN_CTX_new(); + point = EC_POINT_new(group); + x = BN_new(); + y = BN_new(); + if (!ctx || !point || !x || !y) + goto fail; + + if (BN_rand(x, curve->prime_len * 8, 0, 0) != 1) + goto fail; + + /* Generate a random y coordinate that results in a point that is not + * on the curve. */ + for (;;) { + if (BN_rand(y, curve->prime_len * 8, 0, 0) != 1) + goto fail; + + if (EC_POINT_set_affine_coordinates_GFp(group, point, x, y, + ctx) != 1) { +#if OPENSSL_VERSION_NUMBER >= 0x10100000L || defined(OPENSSL_IS_BORINGSSL) + /* Unlike older OpenSSL versions, OpenSSL 1.1.1 and BoringSSL + * return an error from EC_POINT_set_affine_coordinates_GFp() + * when the point is not on the curve. */ + break; +#else /* >=1.1.0 or OPENSSL_IS_BORINGSSL */ + goto fail; +#endif /* >= 1.1.0 or OPENSSL_IS_BORINGSSL */ + } + + if (!EC_POINT_is_on_curve(group, point, ctx)) + break; + } + + if (dpp_bn2bin_pad(x, wpabuf_put(msg, curve->prime_len), + curve->prime_len) < 0 || + dpp_bn2bin_pad(y, wpabuf_put(msg, curve->prime_len), + curve->prime_len) < 0) + goto fail; + + ret = 0; +fail: + if (ret < 0) + wpa_printf(MSG_INFO, "DPP: Failed to generate invalid key"); + BN_free(x); + BN_free(y); + EC_POINT_free(point); + BN_CTX_free(ctx); + + return ret; +} +#endif /* CONFIG_TESTING_OPTIONS */ + + +static struct wpabuf * dpp_pkex_build_exchange_req(struct dpp_pkex *pkex) +{ + EC_KEY *X_ec = NULL; + const EC_POINT *X_point; + BN_CTX *bnctx = NULL; + const EC_GROUP *group; + EC_POINT *Qi = NULL, *M = NULL; + struct wpabuf *M_buf = NULL; + BIGNUM *Mx = NULL, *My = NULL; + struct wpabuf *msg = NULL; + size_t attr_len; + const struct dpp_curve_params *curve = pkex->own_bi->curve; + + wpa_printf(MSG_DEBUG, "DPP: Build PKEX Exchange Request"); + + /* Qi = H(MAC-Initiator | [identifier |] code) * Pi */ + bnctx = BN_CTX_new(); + if (!bnctx) + goto fail; + Qi = dpp_pkex_derive_Qi(curve, pkex->own_mac, pkex->code, + pkex->identifier, bnctx, &group); + if (!Qi) + goto fail; + + /* Generate a random ephemeral keypair x/X */ +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_pkex_ephemeral_key_override_len) { + const struct dpp_curve_params *tmp_curve; + + wpa_printf(MSG_INFO, + "DPP: TESTING - override ephemeral key x/X"); + pkex->x = dpp_set_keypair(&tmp_curve, + dpp_pkex_ephemeral_key_override, + dpp_pkex_ephemeral_key_override_len); + } else { + pkex->x = dpp_gen_keypair(curve); + } +#else /* CONFIG_TESTING_OPTIONS */ + pkex->x = dpp_gen_keypair(curve); +#endif /* CONFIG_TESTING_OPTIONS */ + if (!pkex->x) + goto fail; + + /* M = X + Qi */ + X_ec = EVP_PKEY_get1_EC_KEY(pkex->x); + if (!X_ec) + goto fail; + X_point = EC_KEY_get0_public_key(X_ec); + if (!X_point) + goto fail; + dpp_debug_print_point("DPP: X", group, X_point); + M = EC_POINT_new(group); + Mx = BN_new(); + My = BN_new(); + if (!M || !Mx || !My || + EC_POINT_add(group, M, X_point, Qi, bnctx) != 1 || + EC_POINT_get_affine_coordinates_GFp(group, M, Mx, My, bnctx) != 1) + goto fail; + dpp_debug_print_point("DPP: M", group, M); + + /* Initiator -> Responder: group, [identifier,] M */ + attr_len = 4 + 2; + if (pkex->identifier) + attr_len += 4 + os_strlen(pkex->identifier); + attr_len += 4 + 2 * curve->prime_len; + msg = dpp_alloc_msg(DPP_PA_PKEX_EXCHANGE_REQ, attr_len); + if (!msg) + goto fail; + +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_test == DPP_TEST_NO_FINITE_CYCLIC_GROUP_PKEX_EXCHANGE_REQ) { + wpa_printf(MSG_INFO, "DPP: TESTING - no Finite Cyclic Group"); + goto skip_finite_cyclic_group; + } +#endif /* CONFIG_TESTING_OPTIONS */ + + /* Finite Cyclic Group attribute */ + wpabuf_put_le16(msg, DPP_ATTR_FINITE_CYCLIC_GROUP); + wpabuf_put_le16(msg, 2); + wpabuf_put_le16(msg, curve->ike_group); + +#ifdef CONFIG_TESTING_OPTIONS +skip_finite_cyclic_group: +#endif /* CONFIG_TESTING_OPTIONS */ + + /* Code Identifier attribute */ + if (pkex->identifier) { + wpabuf_put_le16(msg, DPP_ATTR_CODE_IDENTIFIER); + wpabuf_put_le16(msg, os_strlen(pkex->identifier)); + wpabuf_put_str(msg, pkex->identifier); + } + +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_test == DPP_TEST_NO_ENCRYPTED_KEY_PKEX_EXCHANGE_REQ) { + wpa_printf(MSG_INFO, "DPP: TESTING - no Encrypted Key"); + goto out; + } +#endif /* CONFIG_TESTING_OPTIONS */ + + /* M in Encrypted Key attribute */ + wpabuf_put_le16(msg, DPP_ATTR_ENCRYPTED_KEY); + wpabuf_put_le16(msg, 2 * curve->prime_len); + +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_test == DPP_TEST_INVALID_ENCRYPTED_KEY_PKEX_EXCHANGE_REQ) { + wpa_printf(MSG_INFO, "DPP: TESTING - invalid Encrypted Key"); + if (dpp_test_gen_invalid_key(msg, curve) < 0) + goto fail; + goto out; + } +#endif /* CONFIG_TESTING_OPTIONS */ + + if (dpp_bn2bin_pad(Mx, wpabuf_put(msg, curve->prime_len), + curve->prime_len) < 0 || + dpp_bn2bin_pad(Mx, pkex->Mx, curve->prime_len) < 0 || + dpp_bn2bin_pad(My, wpabuf_put(msg, curve->prime_len), + curve->prime_len) < 0) + goto fail; + +out: + wpabuf_free(M_buf); + EC_KEY_free(X_ec); + EC_POINT_free(M); + EC_POINT_free(Qi); + BN_clear_free(Mx); + BN_clear_free(My); + BN_CTX_free(bnctx); + return msg; +fail: + wpa_printf(MSG_INFO, "DPP: Failed to build PKEX Exchange Request"); + wpabuf_free(msg); + msg = NULL; + goto out; +} + + +static void dpp_pkex_fail(struct dpp_pkex *pkex, const char *txt) +{ + wpa_msg(pkex->msg_ctx, MSG_INFO, DPP_EVENT_FAIL "%s", txt); +} + + +struct dpp_pkex * dpp_pkex_init(void *msg_ctx, struct dpp_bootstrap_info *bi, + const u8 *own_mac, + const char *identifier, + const char *code) +{ + struct dpp_pkex *pkex; + +#ifdef CONFIG_TESTING_OPTIONS + if (!is_zero_ether_addr(dpp_pkex_own_mac_override)) { + wpa_printf(MSG_INFO, "DPP: TESTING - own_mac override " MACSTR, + MAC2STR(dpp_pkex_own_mac_override)); + own_mac = dpp_pkex_own_mac_override; + } +#endif /* CONFIG_TESTING_OPTIONS */ + + pkex = os_zalloc(sizeof(*pkex)); + if (!pkex) + return NULL; + pkex->msg_ctx = msg_ctx; + pkex->initiator = 1; + pkex->own_bi = bi; + os_memcpy(pkex->own_mac, own_mac, ETH_ALEN); + if (identifier) { + pkex->identifier = os_strdup(identifier); + if (!pkex->identifier) + goto fail; + } + pkex->code = os_strdup(code); + if (!pkex->code) + goto fail; + pkex->exchange_req = dpp_pkex_build_exchange_req(pkex); + if (!pkex->exchange_req) + goto fail; + return pkex; +fail: + dpp_pkex_free(pkex); + return NULL; +} + + +static struct wpabuf * +dpp_pkex_build_exchange_resp(struct dpp_pkex *pkex, + enum dpp_status_error status, + const BIGNUM *Nx, const BIGNUM *Ny) +{ + struct wpabuf *msg = NULL; + size_t attr_len; + const struct dpp_curve_params *curve = pkex->own_bi->curve; + + /* Initiator -> Responder: DPP Status, [identifier,] N */ + attr_len = 4 + 1; + if (pkex->identifier) + attr_len += 4 + os_strlen(pkex->identifier); + attr_len += 4 + 2 * curve->prime_len; + msg = dpp_alloc_msg(DPP_PA_PKEX_EXCHANGE_RESP, attr_len); + if (!msg) + goto fail; + +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_test == DPP_TEST_NO_STATUS_PKEX_EXCHANGE_RESP) { + wpa_printf(MSG_INFO, "DPP: TESTING - no Status"); + goto skip_status; + } + + if (dpp_test == DPP_TEST_INVALID_STATUS_PKEX_EXCHANGE_RESP) { + wpa_printf(MSG_INFO, "DPP: TESTING - invalid Status"); + status = 255; + } +#endif /* CONFIG_TESTING_OPTIONS */ + + /* DPP Status */ + dpp_build_attr_status(msg, status); + +#ifdef CONFIG_TESTING_OPTIONS +skip_status: +#endif /* CONFIG_TESTING_OPTIONS */ + + /* Code Identifier attribute */ + if (pkex->identifier) { + wpabuf_put_le16(msg, DPP_ATTR_CODE_IDENTIFIER); + wpabuf_put_le16(msg, os_strlen(pkex->identifier)); + wpabuf_put_str(msg, pkex->identifier); + } + + if (status != DPP_STATUS_OK) + goto skip_encrypted_key; + +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_test == DPP_TEST_NO_ENCRYPTED_KEY_PKEX_EXCHANGE_RESP) { + wpa_printf(MSG_INFO, "DPP: TESTING - no Encrypted Key"); + goto skip_encrypted_key; + } +#endif /* CONFIG_TESTING_OPTIONS */ + + /* N in Encrypted Key attribute */ + wpabuf_put_le16(msg, DPP_ATTR_ENCRYPTED_KEY); + wpabuf_put_le16(msg, 2 * curve->prime_len); + +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_test == DPP_TEST_INVALID_ENCRYPTED_KEY_PKEX_EXCHANGE_RESP) { + wpa_printf(MSG_INFO, "DPP: TESTING - invalid Encrypted Key"); + if (dpp_test_gen_invalid_key(msg, curve) < 0) + goto fail; + goto skip_encrypted_key; + } +#endif /* CONFIG_TESTING_OPTIONS */ + + if (dpp_bn2bin_pad(Nx, wpabuf_put(msg, curve->prime_len), + curve->prime_len) < 0 || + dpp_bn2bin_pad(Nx, pkex->Nx, curve->prime_len) < 0 || + dpp_bn2bin_pad(Ny, wpabuf_put(msg, curve->prime_len), + curve->prime_len) < 0) + goto fail; + +skip_encrypted_key: + if (status == DPP_STATUS_BAD_GROUP) { + /* Finite Cyclic Group attribute */ + wpabuf_put_le16(msg, DPP_ATTR_FINITE_CYCLIC_GROUP); + wpabuf_put_le16(msg, 2); + wpabuf_put_le16(msg, curve->ike_group); + } + + return msg; +fail: + wpabuf_free(msg); + return NULL; +} + + +static int dpp_pkex_derive_z(const u8 *mac_init, const u8 *mac_resp, + const u8 *Mx, size_t Mx_len, + const u8 *Nx, size_t Nx_len, + const char *code, + const u8 *Kx, size_t Kx_len, + u8 *z, unsigned int hash_len) +{ + u8 salt[DPP_MAX_HASH_LEN], prk[DPP_MAX_HASH_LEN]; + int res; + u8 *info, *pos; + size_t info_len; + + /* z = HKDF(<>, MAC-Initiator | MAC-Responder | M.x | N.x | code, K.x) + */ + + /* HKDF-Extract(<>, IKM=K.x) */ + os_memset(salt, 0, hash_len); + if (dpp_hmac(hash_len, salt, hash_len, Kx, Kx_len, prk) < 0) + return -1; + wpa_hexdump_key(MSG_DEBUG, "DPP: PRK = HKDF-Extract(<>, IKM)", + prk, hash_len); + info_len = 2 * ETH_ALEN + Mx_len + Nx_len + os_strlen(code); + info = os_malloc(info_len); + if (!info) + return -1; + pos = info; + os_memcpy(pos, mac_init, ETH_ALEN); + pos += ETH_ALEN; + os_memcpy(pos, mac_resp, ETH_ALEN); + pos += ETH_ALEN; + os_memcpy(pos, Mx, Mx_len); + pos += Mx_len; + os_memcpy(pos, Nx, Nx_len); + pos += Nx_len; + os_memcpy(pos, code, os_strlen(code)); + + /* HKDF-Expand(PRK, info, L) */ + if (hash_len == 32) + res = hmac_sha256_kdf(prk, hash_len, NULL, info, info_len, + z, hash_len); + else if (hash_len == 48) + res = hmac_sha384_kdf(prk, hash_len, NULL, info, info_len, + z, hash_len); + else if (hash_len == 64) + res = hmac_sha512_kdf(prk, hash_len, NULL, info, info_len, + z, hash_len); + else + res = -1; + os_free(info); + os_memset(prk, 0, hash_len); + if (res < 0) + return -1; + + wpa_hexdump_key(MSG_DEBUG, "DPP: z = HKDF-Expand(PRK, info, L)", + z, hash_len); + return 0; +} + + +static int dpp_pkex_identifier_match(const u8 *attr_id, u16 attr_id_len, + const char *identifier) +{ + if (!attr_id && identifier) { + wpa_printf(MSG_DEBUG, + "DPP: No PKEX code identifier received, but expected one"); + return 0; + } + + if (attr_id && !identifier) { + wpa_printf(MSG_DEBUG, + "DPP: PKEX code identifier received, but not expecting one"); + return 0; + } + + if (attr_id && identifier && + (os_strlen(identifier) != attr_id_len || + os_memcmp(identifier, attr_id, attr_id_len) != 0)) { + wpa_printf(MSG_DEBUG, "DPP: PKEX code identifier mismatch"); + return 0; + } + + return 1; +} + + +struct dpp_pkex * dpp_pkex_rx_exchange_req(void *msg_ctx, + struct dpp_bootstrap_info *bi, + const u8 *own_mac, + const u8 *peer_mac, + const char *identifier, + const char *code, + const u8 *buf, size_t len) +{ + const u8 *attr_group, *attr_id, *attr_key; + u16 attr_group_len, attr_id_len, attr_key_len; + const struct dpp_curve_params *curve = bi->curve; + u16 ike_group; + struct dpp_pkex *pkex = NULL; + EC_POINT *Qi = NULL, *Qr = NULL, *M = NULL, *X = NULL, *N = NULL; + BN_CTX *bnctx = NULL; + const EC_GROUP *group; + BIGNUM *Mx = NULL, *My = NULL; + EC_KEY *Y_ec = NULL, *X_ec = NULL;; + const EC_POINT *Y_point; + BIGNUM *Nx = NULL, *Ny = NULL; + u8 Kx[DPP_MAX_SHARED_SECRET_LEN]; + size_t Kx_len; + int res; + EVP_PKEY_CTX *ctx = NULL; + + if (bi->pkex_t >= PKEX_COUNTER_T_LIMIT) { + wpa_msg(msg_ctx, MSG_INFO, DPP_EVENT_FAIL + "PKEX counter t limit reached - ignore message"); + return NULL; + } + +#ifdef CONFIG_TESTING_OPTIONS + if (!is_zero_ether_addr(dpp_pkex_peer_mac_override)) { + wpa_printf(MSG_INFO, "DPP: TESTING - peer_mac override " MACSTR, + MAC2STR(dpp_pkex_peer_mac_override)); + peer_mac = dpp_pkex_peer_mac_override; + } + if (!is_zero_ether_addr(dpp_pkex_own_mac_override)) { + wpa_printf(MSG_INFO, "DPP: TESTING - own_mac override " MACSTR, + MAC2STR(dpp_pkex_own_mac_override)); + own_mac = dpp_pkex_own_mac_override; + } +#endif /* CONFIG_TESTING_OPTIONS */ + + attr_id_len = 0; + attr_id = dpp_get_attr(buf, len, DPP_ATTR_CODE_IDENTIFIER, + &attr_id_len); + if (!dpp_pkex_identifier_match(attr_id, attr_id_len, identifier)) + return NULL; + + attr_group = dpp_get_attr(buf, len, DPP_ATTR_FINITE_CYCLIC_GROUP, + &attr_group_len); + if (!attr_group || attr_group_len != 2) { + wpa_msg(msg_ctx, MSG_INFO, DPP_EVENT_FAIL + "Missing or invalid Finite Cyclic Group attribute"); + return NULL; + } + ike_group = WPA_GET_LE16(attr_group); + if (ike_group != curve->ike_group) { + wpa_msg(msg_ctx, MSG_INFO, DPP_EVENT_FAIL + "Mismatching PKEX curve: peer=%u own=%u", + ike_group, curve->ike_group); + pkex = os_zalloc(sizeof(*pkex)); + if (!pkex) + goto fail; + pkex->own_bi = bi; + pkex->failed = 1; + pkex->exchange_resp = dpp_pkex_build_exchange_resp( + pkex, DPP_STATUS_BAD_GROUP, NULL, NULL); + if (!pkex->exchange_resp) + goto fail; + return pkex; + } + + /* M in Encrypted Key attribute */ + attr_key = dpp_get_attr(buf, len, DPP_ATTR_ENCRYPTED_KEY, + &attr_key_len); + if (!attr_key || attr_key_len & 0x01 || attr_key_len < 2 || + attr_key_len / 2 > DPP_MAX_SHARED_SECRET_LEN) { + wpa_msg(msg_ctx, MSG_INFO, DPP_EVENT_FAIL + "Missing Encrypted Key attribute"); + return NULL; + } + + /* Qi = H(MAC-Initiator | [identifier |] code) * Pi */ + bnctx = BN_CTX_new(); + if (!bnctx) + goto fail; + Qi = dpp_pkex_derive_Qi(curve, peer_mac, code, identifier, bnctx, + &group); + if (!Qi) + goto fail; + + /* X' = M - Qi */ + X = EC_POINT_new(group); + M = EC_POINT_new(group); + Mx = BN_bin2bn(attr_key, attr_key_len / 2, NULL); + My = BN_bin2bn(attr_key + attr_key_len / 2, attr_key_len / 2, NULL); + if (!X || !M || !Mx || !My || + EC_POINT_set_affine_coordinates_GFp(group, M, Mx, My, bnctx) != 1 || + EC_POINT_is_at_infinity(group, M) || + !EC_POINT_is_on_curve(group, M, bnctx) || + EC_POINT_invert(group, Qi, bnctx) != 1 || + EC_POINT_add(group, X, M, Qi, bnctx) != 1 || + EC_POINT_is_at_infinity(group, X) || + !EC_POINT_is_on_curve(group, X, bnctx)) { + wpa_msg(msg_ctx, MSG_INFO, DPP_EVENT_FAIL + "Invalid Encrypted Key value"); + bi->pkex_t++; + goto fail; + } + dpp_debug_print_point("DPP: M", group, M); + dpp_debug_print_point("DPP: X'", group, X); + + pkex = os_zalloc(sizeof(*pkex)); + if (!pkex) + goto fail; + pkex->t = bi->pkex_t; + pkex->msg_ctx = msg_ctx; + pkex->own_bi = bi; + os_memcpy(pkex->own_mac, own_mac, ETH_ALEN); + os_memcpy(pkex->peer_mac, peer_mac, ETH_ALEN); + if (identifier) { + pkex->identifier = os_strdup(identifier); + if (!pkex->identifier) + goto fail; + } + pkex->code = os_strdup(code); + if (!pkex->code) + goto fail; + + os_memcpy(pkex->Mx, attr_key, attr_key_len / 2); + + X_ec = EC_KEY_new(); + if (!X_ec || + EC_KEY_set_group(X_ec, group) != 1 || + EC_KEY_set_public_key(X_ec, X) != 1) + goto fail; + pkex->x = EVP_PKEY_new(); + if (!pkex->x || + EVP_PKEY_set1_EC_KEY(pkex->x, X_ec) != 1) + goto fail; + + /* Qr = H(MAC-Responder | | [identifier | ] code) * Pr */ + Qr = dpp_pkex_derive_Qr(curve, own_mac, code, identifier, bnctx, NULL); + if (!Qr) + goto fail; + + /* Generate a random ephemeral keypair y/Y */ +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_pkex_ephemeral_key_override_len) { + const struct dpp_curve_params *tmp_curve; + + wpa_printf(MSG_INFO, + "DPP: TESTING - override ephemeral key y/Y"); + pkex->y = dpp_set_keypair(&tmp_curve, + dpp_pkex_ephemeral_key_override, + dpp_pkex_ephemeral_key_override_len); + } else { + pkex->y = dpp_gen_keypair(curve); + } +#else /* CONFIG_TESTING_OPTIONS */ + pkex->y = dpp_gen_keypair(curve); +#endif /* CONFIG_TESTING_OPTIONS */ + if (!pkex->y) + goto fail; + + /* N = Y + Qr */ + Y_ec = EVP_PKEY_get1_EC_KEY(pkex->y); + if (!Y_ec) + goto fail; + Y_point = EC_KEY_get0_public_key(Y_ec); + if (!Y_point) + goto fail; + dpp_debug_print_point("DPP: Y", group, Y_point); + N = EC_POINT_new(group); + Nx = BN_new(); + Ny = BN_new(); + if (!N || !Nx || !Ny || + EC_POINT_add(group, N, Y_point, Qr, bnctx) != 1 || + EC_POINT_get_affine_coordinates_GFp(group, N, Nx, Ny, bnctx) != 1) + goto fail; + dpp_debug_print_point("DPP: N", group, N); + + pkex->exchange_resp = dpp_pkex_build_exchange_resp(pkex, DPP_STATUS_OK, + Nx, Ny); + if (!pkex->exchange_resp) + goto fail; + + /* K = y * X' */ + ctx = EVP_PKEY_CTX_new(pkex->y, NULL); + if (!ctx || + EVP_PKEY_derive_init(ctx) != 1 || + EVP_PKEY_derive_set_peer(ctx, pkex->x) != 1 || + EVP_PKEY_derive(ctx, NULL, &Kx_len) != 1 || + Kx_len > DPP_MAX_SHARED_SECRET_LEN || + EVP_PKEY_derive(ctx, Kx, &Kx_len) != 1) { + wpa_printf(MSG_ERROR, + "DPP: Failed to derive ECDH shared secret: %s", + ERR_error_string(ERR_get_error(), NULL)); + goto fail; + } + + wpa_hexdump_key(MSG_DEBUG, "DPP: ECDH shared secret (K.x)", + Kx, Kx_len); + + /* z = HKDF(<>, MAC-Initiator | MAC-Responder | M.x | N.x | code, K.x) + */ + res = dpp_pkex_derive_z(pkex->peer_mac, pkex->own_mac, + pkex->Mx, curve->prime_len, + pkex->Nx, curve->prime_len, pkex->code, + Kx, Kx_len, pkex->z, curve->hash_len); + os_memset(Kx, 0, Kx_len); + if (res < 0) + goto fail; + + pkex->exchange_done = 1; + +out: + EVP_PKEY_CTX_free(ctx); + BN_CTX_free(bnctx); + EC_POINT_free(Qi); + EC_POINT_free(Qr); + BN_free(Mx); + BN_free(My); + BN_free(Nx); + BN_free(Ny); + EC_POINT_free(M); + EC_POINT_free(N); + EC_POINT_free(X); + EC_KEY_free(X_ec); + EC_KEY_free(Y_ec); + return pkex; +fail: + wpa_printf(MSG_DEBUG, "DPP: PKEX Exchange Request processing failed"); + dpp_pkex_free(pkex); + pkex = NULL; + goto out; +} + + +static struct wpabuf * +dpp_pkex_build_commit_reveal_req(struct dpp_pkex *pkex, + const struct wpabuf *A_pub, const u8 *u) +{ + const struct dpp_curve_params *curve = pkex->own_bi->curve; + struct wpabuf *msg = NULL; + size_t clear_len, attr_len; + struct wpabuf *clear = NULL; + u8 *wrapped; + u8 octet; + const u8 *addr[2]; + size_t len[2]; + + /* {A, u, [bootstrapping info]}z */ + clear_len = 4 + 2 * curve->prime_len + 4 + curve->hash_len; + clear = wpabuf_alloc(clear_len); + attr_len = 4 + clear_len + AES_BLOCK_SIZE; +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_test == DPP_TEST_AFTER_WRAPPED_DATA_PKEX_CR_REQ) + attr_len += 5; +#endif /* CONFIG_TESTING_OPTIONS */ + msg = dpp_alloc_msg(DPP_PA_PKEX_COMMIT_REVEAL_REQ, attr_len); + if (!clear || !msg) + goto fail; + +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_test == DPP_TEST_NO_BOOTSTRAP_KEY_PKEX_CR_REQ) { + wpa_printf(MSG_INFO, "DPP: TESTING - no Bootstrap Key"); + goto skip_bootstrap_key; + } + if (dpp_test == DPP_TEST_INVALID_BOOTSTRAP_KEY_PKEX_CR_REQ) { + wpa_printf(MSG_INFO, "DPP: TESTING - invalid Bootstrap Key"); + wpabuf_put_le16(clear, DPP_ATTR_BOOTSTRAP_KEY); + wpabuf_put_le16(clear, 2 * curve->prime_len); + if (dpp_test_gen_invalid_key(clear, curve) < 0) + goto fail; + goto skip_bootstrap_key; + } +#endif /* CONFIG_TESTING_OPTIONS */ + + /* A in Bootstrap Key attribute */ + wpabuf_put_le16(clear, DPP_ATTR_BOOTSTRAP_KEY); + wpabuf_put_le16(clear, wpabuf_len(A_pub)); + wpabuf_put_buf(clear, A_pub); + +#ifdef CONFIG_TESTING_OPTIONS +skip_bootstrap_key: + if (dpp_test == DPP_TEST_NO_I_AUTH_TAG_PKEX_CR_REQ) { + wpa_printf(MSG_INFO, "DPP: TESTING - no I-Auth tag"); + goto skip_i_auth_tag; + } + if (dpp_test == DPP_TEST_I_AUTH_TAG_MISMATCH_PKEX_CR_REQ) { + wpa_printf(MSG_INFO, "DPP: TESTING - I-Auth tag mismatch"); + wpabuf_put_le16(clear, DPP_ATTR_I_AUTH_TAG); + wpabuf_put_le16(clear, curve->hash_len); + wpabuf_put_data(clear, u, curve->hash_len - 1); + wpabuf_put_u8(clear, u[curve->hash_len - 1] ^ 0x01); + goto skip_i_auth_tag; + } +#endif /* CONFIG_TESTING_OPTIONS */ + + /* u in I-Auth tag attribute */ + wpabuf_put_le16(clear, DPP_ATTR_I_AUTH_TAG); + wpabuf_put_le16(clear, curve->hash_len); + wpabuf_put_data(clear, u, curve->hash_len); + +#ifdef CONFIG_TESTING_OPTIONS +skip_i_auth_tag: + if (dpp_test == DPP_TEST_NO_WRAPPED_DATA_PKEX_CR_REQ) { + wpa_printf(MSG_INFO, "DPP: TESTING - no Wrapped Data"); + goto skip_wrapped_data; + } +#endif /* CONFIG_TESTING_OPTIONS */ + + addr[0] = wpabuf_head_u8(msg) + 2; + len[0] = DPP_HDR_LEN; + octet = 0; + addr[1] = &octet; + len[1] = sizeof(octet); + wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD[0]", addr[0], len[0]); + wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD[1]", addr[1], len[1]); + + wpabuf_put_le16(msg, DPP_ATTR_WRAPPED_DATA); + wpabuf_put_le16(msg, wpabuf_len(clear) + AES_BLOCK_SIZE); + wrapped = wpabuf_put(msg, wpabuf_len(clear) + AES_BLOCK_SIZE); + + wpa_hexdump_buf(MSG_DEBUG, "DPP: AES-SIV cleartext", clear); + if (aes_siv_encrypt(pkex->z, curve->hash_len, + wpabuf_head(clear), wpabuf_len(clear), + 2, addr, len, wrapped) < 0) + goto fail; + wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV ciphertext", + wrapped, wpabuf_len(clear) + AES_BLOCK_SIZE); + +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_test == DPP_TEST_AFTER_WRAPPED_DATA_PKEX_CR_REQ) { + wpa_printf(MSG_INFO, "DPP: TESTING - attr after Wrapped Data"); + dpp_build_attr_status(msg, DPP_STATUS_OK); + } +skip_wrapped_data: +#endif /* CONFIG_TESTING_OPTIONS */ + +out: + wpabuf_free(clear); + return msg; + +fail: + wpabuf_free(msg); + msg = NULL; + goto out; +} + + +struct wpabuf * dpp_pkex_rx_exchange_resp(struct dpp_pkex *pkex, + const u8 *peer_mac, + const u8 *buf, size_t buflen) +{ + const u8 *attr_status, *attr_id, *attr_key, *attr_group; + u16 attr_status_len, attr_id_len, attr_key_len, attr_group_len; + const EC_GROUP *group; + BN_CTX *bnctx = NULL; + struct wpabuf *msg = NULL, *A_pub = NULL, *X_pub = NULL, *Y_pub = NULL; + const struct dpp_curve_params *curve = pkex->own_bi->curve; + EC_POINT *Qr = NULL, *Y = NULL, *N = NULL; + BIGNUM *Nx = NULL, *Ny = NULL; + EVP_PKEY_CTX *ctx = NULL; + EC_KEY *Y_ec = NULL; + size_t Jx_len, Kx_len; + u8 Jx[DPP_MAX_SHARED_SECRET_LEN], Kx[DPP_MAX_SHARED_SECRET_LEN]; + const u8 *addr[4]; + size_t len[4]; + u8 u[DPP_MAX_HASH_LEN]; + int res; + + if (pkex->failed || pkex->t >= PKEX_COUNTER_T_LIMIT || !pkex->initiator) + return NULL; + +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_test == DPP_TEST_STOP_AT_PKEX_EXCHANGE_RESP) { + wpa_printf(MSG_INFO, + "DPP: TESTING - stop at PKEX Exchange Response"); + pkex->failed = 1; + return NULL; + } + + if (!is_zero_ether_addr(dpp_pkex_peer_mac_override)) { + wpa_printf(MSG_INFO, "DPP: TESTING - peer_mac override " MACSTR, + MAC2STR(dpp_pkex_peer_mac_override)); + peer_mac = dpp_pkex_peer_mac_override; + } +#endif /* CONFIG_TESTING_OPTIONS */ + + os_memcpy(pkex->peer_mac, peer_mac, ETH_ALEN); + + attr_status = dpp_get_attr(buf, buflen, DPP_ATTR_STATUS, + &attr_status_len); + if (!attr_status || attr_status_len != 1) { + dpp_pkex_fail(pkex, "No DPP Status attribute"); + return NULL; + } + wpa_printf(MSG_DEBUG, "DPP: Status %u", attr_status[0]); + + if (attr_status[0] == DPP_STATUS_BAD_GROUP) { + attr_group = dpp_get_attr(buf, buflen, + DPP_ATTR_FINITE_CYCLIC_GROUP, + &attr_group_len); + if (attr_group && attr_group_len == 2) { + wpa_msg(pkex->msg_ctx, MSG_INFO, DPP_EVENT_FAIL + "Peer indicated mismatching PKEX group - proposed %u", + WPA_GET_LE16(attr_group)); + return NULL; + } + } + + if (attr_status[0] != DPP_STATUS_OK) { + dpp_pkex_fail(pkex, "PKEX failed (peer indicated failure)"); + return NULL; + } + + attr_id_len = 0; + attr_id = dpp_get_attr(buf, buflen, DPP_ATTR_CODE_IDENTIFIER, + &attr_id_len); + if (!dpp_pkex_identifier_match(attr_id, attr_id_len, + pkex->identifier)) { + dpp_pkex_fail(pkex, "PKEX code identifier mismatch"); + return NULL; + } + + /* N in Encrypted Key attribute */ + attr_key = dpp_get_attr(buf, buflen, DPP_ATTR_ENCRYPTED_KEY, + &attr_key_len); + if (!attr_key || attr_key_len & 0x01 || attr_key_len < 2) { + dpp_pkex_fail(pkex, "Missing Encrypted Key attribute"); + return NULL; + } + + /* Qr = H(MAC-Responder | [identifier |] code) * Pr */ + bnctx = BN_CTX_new(); + if (!bnctx) + goto fail; + Qr = dpp_pkex_derive_Qr(curve, pkex->peer_mac, pkex->code, + pkex->identifier, bnctx, &group); + if (!Qr) + goto fail; + + /* Y' = N - Qr */ + Y = EC_POINT_new(group); + N = EC_POINT_new(group); + Nx = BN_bin2bn(attr_key, attr_key_len / 2, NULL); + Ny = BN_bin2bn(attr_key + attr_key_len / 2, attr_key_len / 2, NULL); + if (!Y || !N || !Nx || !Ny || + EC_POINT_set_affine_coordinates_GFp(group, N, Nx, Ny, bnctx) != 1 || + EC_POINT_is_at_infinity(group, N) || + !EC_POINT_is_on_curve(group, N, bnctx) || + EC_POINT_invert(group, Qr, bnctx) != 1 || + EC_POINT_add(group, Y, N, Qr, bnctx) != 1 || + EC_POINT_is_at_infinity(group, Y) || + !EC_POINT_is_on_curve(group, Y, bnctx)) { + dpp_pkex_fail(pkex, "Invalid Encrypted Key value"); + pkex->t++; + goto fail; + } + dpp_debug_print_point("DPP: N", group, N); + dpp_debug_print_point("DPP: Y'", group, Y); + + pkex->exchange_done = 1; + + /* ECDH: J = a * Y’ */ + Y_ec = EC_KEY_new(); + if (!Y_ec || + EC_KEY_set_group(Y_ec, group) != 1 || + EC_KEY_set_public_key(Y_ec, Y) != 1) + goto fail; + pkex->y = EVP_PKEY_new(); + if (!pkex->y || + EVP_PKEY_set1_EC_KEY(pkex->y, Y_ec) != 1) + goto fail; + ctx = EVP_PKEY_CTX_new(pkex->own_bi->pubkey, NULL); + if (!ctx || + EVP_PKEY_derive_init(ctx) != 1 || + EVP_PKEY_derive_set_peer(ctx, pkex->y) != 1 || + EVP_PKEY_derive(ctx, NULL, &Jx_len) != 1 || + Jx_len > DPP_MAX_SHARED_SECRET_LEN || + EVP_PKEY_derive(ctx, Jx, &Jx_len) != 1) { + wpa_printf(MSG_ERROR, + "DPP: Failed to derive ECDH shared secret: %s", + ERR_error_string(ERR_get_error(), NULL)); + goto fail; + } + + wpa_hexdump_key(MSG_DEBUG, "DPP: ECDH shared secret (J.x)", + Jx, Jx_len); + + /* u = HMAC(J.x, MAC-Initiator | A.x | Y’.x | X.x ) */ + A_pub = dpp_get_pubkey_point(pkex->own_bi->pubkey, 0); + Y_pub = dpp_get_pubkey_point(pkex->y, 0); + X_pub = dpp_get_pubkey_point(pkex->x, 0); + if (!A_pub || !Y_pub || !X_pub) + goto fail; + addr[0] = pkex->own_mac; + len[0] = ETH_ALEN; + addr[1] = wpabuf_head(A_pub); + len[1] = wpabuf_len(A_pub) / 2; + addr[2] = wpabuf_head(Y_pub); + len[2] = wpabuf_len(Y_pub) / 2; + addr[3] = wpabuf_head(X_pub); + len[3] = wpabuf_len(X_pub) / 2; + if (dpp_hmac_vector(curve->hash_len, Jx, Jx_len, 4, addr, len, u) < 0) + goto fail; + wpa_hexdump(MSG_DEBUG, "DPP: u", u, curve->hash_len); + + /* K = x * Y’ */ + EVP_PKEY_CTX_free(ctx); + ctx = EVP_PKEY_CTX_new(pkex->x, NULL); + if (!ctx || + EVP_PKEY_derive_init(ctx) != 1 || + EVP_PKEY_derive_set_peer(ctx, pkex->y) != 1 || + EVP_PKEY_derive(ctx, NULL, &Kx_len) != 1 || + Kx_len > DPP_MAX_SHARED_SECRET_LEN || + EVP_PKEY_derive(ctx, Kx, &Kx_len) != 1) { + wpa_printf(MSG_ERROR, + "DPP: Failed to derive ECDH shared secret: %s", + ERR_error_string(ERR_get_error(), NULL)); + goto fail; + } + + wpa_hexdump_key(MSG_DEBUG, "DPP: ECDH shared secret (K.x)", + Kx, Kx_len); + + /* z = HKDF(<>, MAC-Initiator | MAC-Responder | M.x | N.x | code, K.x) + */ + res = dpp_pkex_derive_z(pkex->own_mac, pkex->peer_mac, + pkex->Mx, curve->prime_len, + attr_key /* N.x */, attr_key_len / 2, + pkex->code, Kx, Kx_len, + pkex->z, curve->hash_len); + os_memset(Kx, 0, Kx_len); + if (res < 0) + goto fail; + + msg = dpp_pkex_build_commit_reveal_req(pkex, A_pub, u); + if (!msg) + goto fail; + +out: + wpabuf_free(A_pub); + wpabuf_free(X_pub); + wpabuf_free(Y_pub); + EC_POINT_free(Qr); + EC_POINT_free(Y); + EC_POINT_free(N); + BN_free(Nx); + BN_free(Ny); + EC_KEY_free(Y_ec); + EVP_PKEY_CTX_free(ctx); + BN_CTX_free(bnctx); + return msg; +fail: + wpa_printf(MSG_DEBUG, "DPP: PKEX Exchange Response processing failed"); + goto out; +} + + +static struct wpabuf * +dpp_pkex_build_commit_reveal_resp(struct dpp_pkex *pkex, + const struct wpabuf *B_pub, const u8 *v) +{ + const struct dpp_curve_params *curve = pkex->own_bi->curve; + struct wpabuf *msg = NULL; + const u8 *addr[2]; + size_t len[2]; + u8 octet; + u8 *wrapped; + struct wpabuf *clear = NULL; + size_t clear_len, attr_len; + + /* {B, v [bootstrapping info]}z */ + clear_len = 4 + 2 * curve->prime_len + 4 + curve->hash_len; + clear = wpabuf_alloc(clear_len); + attr_len = 4 + clear_len + AES_BLOCK_SIZE; +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_test == DPP_TEST_AFTER_WRAPPED_DATA_PKEX_CR_RESP) + attr_len += 5; +#endif /* CONFIG_TESTING_OPTIONS */ + msg = dpp_alloc_msg(DPP_PA_PKEX_COMMIT_REVEAL_RESP, attr_len); + if (!clear || !msg) + goto fail; + +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_test == DPP_TEST_NO_BOOTSTRAP_KEY_PKEX_CR_RESP) { + wpa_printf(MSG_INFO, "DPP: TESTING - no Bootstrap Key"); + goto skip_bootstrap_key; + } + if (dpp_test == DPP_TEST_INVALID_BOOTSTRAP_KEY_PKEX_CR_RESP) { + wpa_printf(MSG_INFO, "DPP: TESTING - invalid Bootstrap Key"); + wpabuf_put_le16(clear, DPP_ATTR_BOOTSTRAP_KEY); + wpabuf_put_le16(clear, 2 * curve->prime_len); + if (dpp_test_gen_invalid_key(clear, curve) < 0) + goto fail; + goto skip_bootstrap_key; + } +#endif /* CONFIG_TESTING_OPTIONS */ + + /* B in Bootstrap Key attribute */ + wpabuf_put_le16(clear, DPP_ATTR_BOOTSTRAP_KEY); + wpabuf_put_le16(clear, wpabuf_len(B_pub)); + wpabuf_put_buf(clear, B_pub); + +#ifdef CONFIG_TESTING_OPTIONS +skip_bootstrap_key: + if (dpp_test == DPP_TEST_NO_R_AUTH_TAG_PKEX_CR_RESP) { + wpa_printf(MSG_INFO, "DPP: TESTING - no R-Auth tag"); + goto skip_r_auth_tag; + } + if (dpp_test == DPP_TEST_R_AUTH_TAG_MISMATCH_PKEX_CR_RESP) { + wpa_printf(MSG_INFO, "DPP: TESTING - R-Auth tag mismatch"); + wpabuf_put_le16(clear, DPP_ATTR_R_AUTH_TAG); + wpabuf_put_le16(clear, curve->hash_len); + wpabuf_put_data(clear, v, curve->hash_len - 1); + wpabuf_put_u8(clear, v[curve->hash_len - 1] ^ 0x01); + goto skip_r_auth_tag; + } +#endif /* CONFIG_TESTING_OPTIONS */ + + /* v in R-Auth tag attribute */ + wpabuf_put_le16(clear, DPP_ATTR_R_AUTH_TAG); + wpabuf_put_le16(clear, curve->hash_len); + wpabuf_put_data(clear, v, curve->hash_len); + +#ifdef CONFIG_TESTING_OPTIONS +skip_r_auth_tag: + if (dpp_test == DPP_TEST_NO_WRAPPED_DATA_PKEX_CR_RESP) { + wpa_printf(MSG_INFO, "DPP: TESTING - no Wrapped Data"); + goto skip_wrapped_data; + } +#endif /* CONFIG_TESTING_OPTIONS */ + + addr[0] = wpabuf_head_u8(msg) + 2; + len[0] = DPP_HDR_LEN; + octet = 1; + addr[1] = &octet; + len[1] = sizeof(octet); + wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD[0]", addr[0], len[0]); + wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD[1]", addr[1], len[1]); + + wpabuf_put_le16(msg, DPP_ATTR_WRAPPED_DATA); + wpabuf_put_le16(msg, wpabuf_len(clear) + AES_BLOCK_SIZE); + wrapped = wpabuf_put(msg, wpabuf_len(clear) + AES_BLOCK_SIZE); + + wpa_hexdump_buf(MSG_DEBUG, "DPP: AES-SIV cleartext", clear); + if (aes_siv_encrypt(pkex->z, curve->hash_len, + wpabuf_head(clear), wpabuf_len(clear), + 2, addr, len, wrapped) < 0) + goto fail; + wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV ciphertext", + wrapped, wpabuf_len(clear) + AES_BLOCK_SIZE); + +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_test == DPP_TEST_AFTER_WRAPPED_DATA_PKEX_CR_RESP) { + wpa_printf(MSG_INFO, "DPP: TESTING - attr after Wrapped Data"); + dpp_build_attr_status(msg, DPP_STATUS_OK); + } +skip_wrapped_data: +#endif /* CONFIG_TESTING_OPTIONS */ + +out: + wpabuf_free(clear); + return msg; + +fail: + wpabuf_free(msg); + msg = NULL; + goto out; +} + + +struct wpabuf * dpp_pkex_rx_commit_reveal_req(struct dpp_pkex *pkex, + const u8 *hdr, + const u8 *buf, size_t buflen) +{ + const struct dpp_curve_params *curve = pkex->own_bi->curve; + EVP_PKEY_CTX *ctx = NULL; + size_t Jx_len, Lx_len; + u8 Jx[DPP_MAX_SHARED_SECRET_LEN]; + u8 Lx[DPP_MAX_SHARED_SECRET_LEN]; + const u8 *wrapped_data, *b_key, *peer_u; + u16 wrapped_data_len, b_key_len, peer_u_len = 0; + const u8 *addr[4]; + size_t len[4]; + u8 octet; + u8 *unwrapped = NULL; + size_t unwrapped_len = 0; + struct wpabuf *msg = NULL, *A_pub = NULL, *X_pub = NULL, *Y_pub = NULL; + struct wpabuf *B_pub = NULL; + u8 u[DPP_MAX_HASH_LEN], v[DPP_MAX_HASH_LEN]; + +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_test == DPP_TEST_STOP_AT_PKEX_CR_REQ) { + wpa_printf(MSG_INFO, + "DPP: TESTING - stop at PKEX CR Request"); + pkex->failed = 1; + return NULL; + } +#endif /* CONFIG_TESTING_OPTIONS */ + + if (!pkex->exchange_done || pkex->failed || + pkex->t >= PKEX_COUNTER_T_LIMIT || pkex->initiator) + goto fail; + + wrapped_data = dpp_get_attr(buf, buflen, DPP_ATTR_WRAPPED_DATA, + &wrapped_data_len); + if (!wrapped_data || wrapped_data_len < AES_BLOCK_SIZE) { + dpp_pkex_fail(pkex, + "Missing or invalid required Wrapped Data attribute"); + goto fail; + } + + wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV ciphertext", + wrapped_data, wrapped_data_len); + unwrapped_len = wrapped_data_len - AES_BLOCK_SIZE; + unwrapped = os_malloc(unwrapped_len); + if (!unwrapped) + goto fail; + + addr[0] = hdr; + len[0] = DPP_HDR_LEN; + octet = 0; + addr[1] = &octet; + len[1] = sizeof(octet); + wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD[0]", addr[0], len[0]); + wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD[1]", addr[1], len[1]); + + if (aes_siv_decrypt(pkex->z, curve->hash_len, + wrapped_data, wrapped_data_len, + 2, addr, len, unwrapped) < 0) { + dpp_pkex_fail(pkex, + "AES-SIV decryption failed - possible PKEX code mismatch"); + pkex->failed = 1; + pkex->t++; + goto fail; + } + wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV cleartext", + unwrapped, unwrapped_len); + + if (dpp_check_attrs(unwrapped, unwrapped_len) < 0) { + dpp_pkex_fail(pkex, "Invalid attribute in unwrapped data"); + goto fail; + } + + b_key = dpp_get_attr(unwrapped, unwrapped_len, DPP_ATTR_BOOTSTRAP_KEY, + &b_key_len); + if (!b_key || b_key_len != 2 * curve->prime_len) { + dpp_pkex_fail(pkex, "No valid peer bootstrapping key found"); + goto fail; + } + pkex->peer_bootstrap_key = dpp_set_pubkey_point(pkex->x, b_key, + b_key_len); + if (!pkex->peer_bootstrap_key) { + dpp_pkex_fail(pkex, "Peer bootstrapping key is invalid"); + goto fail; + } + dpp_debug_print_key("DPP: Peer bootstrap public key", + pkex->peer_bootstrap_key); + + /* ECDH: J' = y * A' */ + ctx = EVP_PKEY_CTX_new(pkex->y, NULL); + if (!ctx || + EVP_PKEY_derive_init(ctx) != 1 || + EVP_PKEY_derive_set_peer(ctx, pkex->peer_bootstrap_key) != 1 || + EVP_PKEY_derive(ctx, NULL, &Jx_len) != 1 || + Jx_len > DPP_MAX_SHARED_SECRET_LEN || + EVP_PKEY_derive(ctx, Jx, &Jx_len) != 1) { + wpa_printf(MSG_ERROR, + "DPP: Failed to derive ECDH shared secret: %s", + ERR_error_string(ERR_get_error(), NULL)); + goto fail; + } + + wpa_hexdump_key(MSG_DEBUG, "DPP: ECDH shared secret (J.x)", + Jx, Jx_len); + + /* u' = HMAC(J'.x, MAC-Initiator | A'.x | Y.x | X'.x) */ + A_pub = dpp_get_pubkey_point(pkex->peer_bootstrap_key, 0); + Y_pub = dpp_get_pubkey_point(pkex->y, 0); + X_pub = dpp_get_pubkey_point(pkex->x, 0); + if (!A_pub || !Y_pub || !X_pub) + goto fail; + addr[0] = pkex->peer_mac; + len[0] = ETH_ALEN; + addr[1] = wpabuf_head(A_pub); + len[1] = wpabuf_len(A_pub) / 2; + addr[2] = wpabuf_head(Y_pub); + len[2] = wpabuf_len(Y_pub) / 2; + addr[3] = wpabuf_head(X_pub); + len[3] = wpabuf_len(X_pub) / 2; + if (dpp_hmac_vector(curve->hash_len, Jx, Jx_len, 4, addr, len, u) < 0) + goto fail; + + peer_u = dpp_get_attr(unwrapped, unwrapped_len, DPP_ATTR_I_AUTH_TAG, + &peer_u_len); + if (!peer_u || peer_u_len != curve->hash_len || + os_memcmp(peer_u, u, curve->hash_len) != 0) { + dpp_pkex_fail(pkex, "No valid u (I-Auth tag) found"); + wpa_hexdump(MSG_DEBUG, "DPP: Calculated u'", + u, curve->hash_len); + wpa_hexdump(MSG_DEBUG, "DPP: Received u", peer_u, peer_u_len); + pkex->t++; + goto fail; + } + wpa_printf(MSG_DEBUG, "DPP: Valid u (I-Auth tag) received"); + + /* ECDH: L = b * X' */ + EVP_PKEY_CTX_free(ctx); + ctx = EVP_PKEY_CTX_new(pkex->own_bi->pubkey, NULL); + if (!ctx || + EVP_PKEY_derive_init(ctx) != 1 || + EVP_PKEY_derive_set_peer(ctx, pkex->x) != 1 || + EVP_PKEY_derive(ctx, NULL, &Lx_len) != 1 || + Lx_len > DPP_MAX_SHARED_SECRET_LEN || + EVP_PKEY_derive(ctx, Lx, &Lx_len) != 1) { + wpa_printf(MSG_ERROR, + "DPP: Failed to derive ECDH shared secret: %s", + ERR_error_string(ERR_get_error(), NULL)); + goto fail; + } + + wpa_hexdump_key(MSG_DEBUG, "DPP: ECDH shared secret (L.x)", + Lx, Lx_len); + + /* v = HMAC(L.x, MAC-Responder | B.x | X'.x | Y.x) */ + B_pub = dpp_get_pubkey_point(pkex->own_bi->pubkey, 0); + if (!B_pub) + goto fail; + addr[0] = pkex->own_mac; + len[0] = ETH_ALEN; + addr[1] = wpabuf_head(B_pub); + len[1] = wpabuf_len(B_pub) / 2; + addr[2] = wpabuf_head(X_pub); + len[2] = wpabuf_len(X_pub) / 2; + addr[3] = wpabuf_head(Y_pub); + len[3] = wpabuf_len(Y_pub) / 2; + if (dpp_hmac_vector(curve->hash_len, Lx, Lx_len, 4, addr, len, v) < 0) + goto fail; + wpa_hexdump(MSG_DEBUG, "DPP: v", v, curve->hash_len); + + msg = dpp_pkex_build_commit_reveal_resp(pkex, B_pub, v); + if (!msg) + goto fail; + +out: + EVP_PKEY_CTX_free(ctx); + os_free(unwrapped); + wpabuf_free(A_pub); + wpabuf_free(B_pub); + wpabuf_free(X_pub); + wpabuf_free(Y_pub); + return msg; +fail: + wpa_printf(MSG_DEBUG, + "DPP: PKEX Commit-Reveal Request processing failed"); + goto out; +} + + +int dpp_pkex_rx_commit_reveal_resp(struct dpp_pkex *pkex, const u8 *hdr, + const u8 *buf, size_t buflen) +{ + const struct dpp_curve_params *curve = pkex->own_bi->curve; + const u8 *wrapped_data, *b_key, *peer_v; + u16 wrapped_data_len, b_key_len, peer_v_len = 0; + const u8 *addr[4]; + size_t len[4]; + u8 octet; + u8 *unwrapped = NULL; + size_t unwrapped_len = 0; + int ret = -1; + u8 v[DPP_MAX_HASH_LEN]; + size_t Lx_len; + u8 Lx[DPP_MAX_SHARED_SECRET_LEN]; + EVP_PKEY_CTX *ctx = NULL; + struct wpabuf *B_pub = NULL, *X_pub = NULL, *Y_pub = NULL; + +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_test == DPP_TEST_STOP_AT_PKEX_CR_RESP) { + wpa_printf(MSG_INFO, + "DPP: TESTING - stop at PKEX CR Response"); + pkex->failed = 1; + goto fail; + } +#endif /* CONFIG_TESTING_OPTIONS */ + + if (!pkex->exchange_done || pkex->failed || + pkex->t >= PKEX_COUNTER_T_LIMIT || !pkex->initiator) + goto fail; + + wrapped_data = dpp_get_attr(buf, buflen, DPP_ATTR_WRAPPED_DATA, + &wrapped_data_len); + if (!wrapped_data || wrapped_data_len < AES_BLOCK_SIZE) { + dpp_pkex_fail(pkex, + "Missing or invalid required Wrapped Data attribute"); + goto fail; + } + + wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV ciphertext", + wrapped_data, wrapped_data_len); + unwrapped_len = wrapped_data_len - AES_BLOCK_SIZE; + unwrapped = os_malloc(unwrapped_len); + if (!unwrapped) + goto fail; + + addr[0] = hdr; + len[0] = DPP_HDR_LEN; + octet = 1; + addr[1] = &octet; + len[1] = sizeof(octet); + wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD[0]", addr[0], len[0]); + wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD[1]", addr[1], len[1]); + + if (aes_siv_decrypt(pkex->z, curve->hash_len, + wrapped_data, wrapped_data_len, + 2, addr, len, unwrapped) < 0) { + dpp_pkex_fail(pkex, + "AES-SIV decryption failed - possible PKEX code mismatch"); + pkex->t++; + goto fail; + } + wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV cleartext", + unwrapped, unwrapped_len); + + if (dpp_check_attrs(unwrapped, unwrapped_len) < 0) { + dpp_pkex_fail(pkex, "Invalid attribute in unwrapped data"); + goto fail; + } + + b_key = dpp_get_attr(unwrapped, unwrapped_len, DPP_ATTR_BOOTSTRAP_KEY, + &b_key_len); + if (!b_key || b_key_len != 2 * curve->prime_len) { + dpp_pkex_fail(pkex, "No valid peer bootstrapping key found"); + goto fail; + } + pkex->peer_bootstrap_key = dpp_set_pubkey_point(pkex->x, b_key, + b_key_len); + if (!pkex->peer_bootstrap_key) { + dpp_pkex_fail(pkex, "Peer bootstrapping key is invalid"); + goto fail; + } + dpp_debug_print_key("DPP: Peer bootstrap public key", + pkex->peer_bootstrap_key); + + /* ECDH: L' = x * B' */ + ctx = EVP_PKEY_CTX_new(pkex->x, NULL); + if (!ctx || + EVP_PKEY_derive_init(ctx) != 1 || + EVP_PKEY_derive_set_peer(ctx, pkex->peer_bootstrap_key) != 1 || + EVP_PKEY_derive(ctx, NULL, &Lx_len) != 1 || + Lx_len > DPP_MAX_SHARED_SECRET_LEN || + EVP_PKEY_derive(ctx, Lx, &Lx_len) != 1) { + wpa_printf(MSG_ERROR, + "DPP: Failed to derive ECDH shared secret: %s", + ERR_error_string(ERR_get_error(), NULL)); + goto fail; + } + + wpa_hexdump_key(MSG_DEBUG, "DPP: ECDH shared secret (L.x)", + Lx, Lx_len); + + /* v' = HMAC(L.x, MAC-Responder | B'.x | X.x | Y'.x) */ + B_pub = dpp_get_pubkey_point(pkex->peer_bootstrap_key, 0); + X_pub = dpp_get_pubkey_point(pkex->x, 0); + Y_pub = dpp_get_pubkey_point(pkex->y, 0); + if (!B_pub || !X_pub || !Y_pub) + goto fail; + addr[0] = pkex->peer_mac; + len[0] = ETH_ALEN; + addr[1] = wpabuf_head(B_pub); + len[1] = wpabuf_len(B_pub) / 2; + addr[2] = wpabuf_head(X_pub); + len[2] = wpabuf_len(X_pub) / 2; + addr[3] = wpabuf_head(Y_pub); + len[3] = wpabuf_len(Y_pub) / 2; + if (dpp_hmac_vector(curve->hash_len, Lx, Lx_len, 4, addr, len, v) < 0) + goto fail; + + peer_v = dpp_get_attr(unwrapped, unwrapped_len, DPP_ATTR_R_AUTH_TAG, + &peer_v_len); + if (!peer_v || peer_v_len != curve->hash_len || + os_memcmp(peer_v, v, curve->hash_len) != 0) { + dpp_pkex_fail(pkex, "No valid v (R-Auth tag) found"); + wpa_hexdump(MSG_DEBUG, "DPP: Calculated v'", + v, curve->hash_len); + wpa_hexdump(MSG_DEBUG, "DPP: Received v", peer_v, peer_v_len); + pkex->t++; + goto fail; + } + wpa_printf(MSG_DEBUG, "DPP: Valid v (R-Auth tag) received"); + + ret = 0; +out: + wpabuf_free(B_pub); + wpabuf_free(X_pub); + wpabuf_free(Y_pub); + EVP_PKEY_CTX_free(ctx); + os_free(unwrapped); + return ret; +fail: + goto out; +} + + +void dpp_pkex_free(struct dpp_pkex *pkex) +{ + if (!pkex) + return; + + os_free(pkex->identifier); + os_free(pkex->code); + EVP_PKEY_free(pkex->x); + EVP_PKEY_free(pkex->y); + EVP_PKEY_free(pkex->peer_bootstrap_key); + wpabuf_free(pkex->exchange_req); + wpabuf_free(pkex->exchange_resp); + os_free(pkex); +} + + +#ifdef CONFIG_TESTING_OPTIONS +char * dpp_corrupt_connector_signature(const char *connector) +{ + char *tmp, *pos, *signed3 = NULL; + unsigned char *signature = NULL; + size_t signature_len = 0, signed3_len; + + tmp = os_zalloc(os_strlen(connector) + 5); + if (!tmp) + goto fail; + os_memcpy(tmp, connector, os_strlen(connector)); + + pos = os_strchr(tmp, '.'); + if (!pos) + goto fail; + + pos = os_strchr(pos + 1, '.'); + if (!pos) + goto fail; + pos++; + + wpa_printf(MSG_DEBUG, "DPP: Original base64url encoded signature: %s", + pos); + signature = base64_url_decode((const unsigned char *) pos, + os_strlen(pos), &signature_len); + if (!signature || signature_len == 0) + goto fail; + wpa_hexdump(MSG_DEBUG, "DPP: Original Connector signature", + signature, signature_len); + signature[signature_len - 1] ^= 0x01; + wpa_hexdump(MSG_DEBUG, "DPP: Corrupted Connector signature", + signature, signature_len); + signed3 = (char *) base64_url_encode(signature, signature_len, + &signed3_len, 0); + if (!signed3) + goto fail; + os_memcpy(pos, signed3, signed3_len); + pos[signed3_len] = '\0'; + wpa_printf(MSG_DEBUG, "DPP: Corrupted base64url encoded signature: %s", + pos); + +out: + os_free(signature); + os_free(signed3); + return tmp; +fail: + os_free(tmp); + tmp = NULL; + goto out; +} +#endif /* CONFIG_TESTING_OPTIONS */ diff --git a/contrib/wpa/src/common/dpp.h b/contrib/wpa/src/common/dpp.h new file mode 100644 index 000000000000..25759088a57e --- /dev/null +++ b/contrib/wpa/src/common/dpp.h @@ -0,0 +1,435 @@ +/* + * DPP functionality shared between hostapd and wpa_supplicant + * Copyright (c) 2017, Qualcomm Atheros, Inc. + * + * This software may be distributed under the terms of the BSD license. + * See README for more details. + */ + +#ifndef DPP_H +#define DPP_H + +#include <openssl/x509.h> + +#include "utils/list.h" +#include "common/wpa_common.h" +#include "crypto/sha256.h" + +#define DPP_HDR_LEN (4 + 2) /* OUI, OUI Type, Crypto Suite, DPP frame type */ + +enum dpp_public_action_frame_type { + DPP_PA_AUTHENTICATION_REQ = 0, + DPP_PA_AUTHENTICATION_RESP = 1, + DPP_PA_AUTHENTICATION_CONF = 2, + DPP_PA_PEER_DISCOVERY_REQ = 5, + DPP_PA_PEER_DISCOVERY_RESP = 6, + DPP_PA_PKEX_EXCHANGE_REQ = 7, + DPP_PA_PKEX_EXCHANGE_RESP = 8, + DPP_PA_PKEX_COMMIT_REVEAL_REQ = 9, + DPP_PA_PKEX_COMMIT_REVEAL_RESP = 10, +}; + +enum dpp_attribute_id { + DPP_ATTR_STATUS = 0x1000, + DPP_ATTR_I_BOOTSTRAP_KEY_HASH = 0x1001, + DPP_ATTR_R_BOOTSTRAP_KEY_HASH = 0x1002, + DPP_ATTR_I_PROTOCOL_KEY = 0x1003, + DPP_ATTR_WRAPPED_DATA = 0x1004, + DPP_ATTR_I_NONCE = 0x1005, + DPP_ATTR_I_CAPABILITIES = 0x1006, + DPP_ATTR_R_NONCE = 0x1007, + DPP_ATTR_R_CAPABILITIES = 0x1008, + DPP_ATTR_R_PROTOCOL_KEY = 0x1009, + DPP_ATTR_I_AUTH_TAG = 0x100A, + DPP_ATTR_R_AUTH_TAG = 0x100B, + DPP_ATTR_CONFIG_OBJ = 0x100C, + DPP_ATTR_CONNECTOR = 0x100D, + DPP_ATTR_CONFIG_ATTR_OBJ = 0x100E, + DPP_ATTR_BOOTSTRAP_KEY = 0x100F, + DPP_ATTR_OWN_NET_NK_HASH = 0x1011, + DPP_ATTR_FINITE_CYCLIC_GROUP = 0x1012, + DPP_ATTR_ENCRYPTED_KEY = 0x1013, + DPP_ATTR_ENROLLEE_NONCE = 0x1014, + DPP_ATTR_CODE_IDENTIFIER = 0x1015, + DPP_ATTR_TRANSACTION_ID = 0x1016, + DPP_ATTR_BOOTSTRAP_INFO = 0x1017, + DPP_ATTR_CHANNEL = 0x1018, +}; + +enum dpp_status_error { + DPP_STATUS_OK = 0, + DPP_STATUS_NOT_COMPATIBLE = 1, + DPP_STATUS_AUTH_FAILURE = 2, + DPP_STATUS_UNWRAP_FAILURE = 3, + DPP_STATUS_BAD_GROUP = 4, + DPP_STATUS_CONFIGURE_FAILURE = 5, + DPP_STATUS_RESPONSE_PENDING = 6, + DPP_STATUS_INVALID_CONNECTOR = 7, + DPP_STATUS_NO_MATCH = 8, +}; + +#define DPP_CAPAB_ENROLLEE BIT(0) +#define DPP_CAPAB_CONFIGURATOR BIT(1) +#define DPP_CAPAB_ROLE_MASK (BIT(0) | BIT(1)) + +#define DPP_BOOTSTRAP_MAX_FREQ 30 +#define DPP_MAX_NONCE_LEN 32 +#define DPP_MAX_HASH_LEN 64 +#define DPP_MAX_SHARED_SECRET_LEN 66 + +struct dpp_curve_params { + const char *name; + size_t hash_len; + size_t aes_siv_key_len; + size_t nonce_len; + size_t prime_len; + const char *jwk_crv; + u16 ike_group; + const char *jws_alg; +}; + +enum dpp_bootstrap_type { + DPP_BOOTSTRAP_QR_CODE, + DPP_BOOTSTRAP_PKEX, +}; + +struct dpp_bootstrap_info { + struct dl_list list; + unsigned int id; + enum dpp_bootstrap_type type; + char *uri; + u8 mac_addr[ETH_ALEN]; + char *info; + unsigned int freq[DPP_BOOTSTRAP_MAX_FREQ]; + unsigned int num_freq; + int own; + EVP_PKEY *pubkey; + u8 pubkey_hash[SHA256_MAC_LEN]; + const struct dpp_curve_params *curve; + unsigned int pkex_t; /* number of failures before dpp_pkex + * instantiation */ +}; + +#define PKEX_COUNTER_T_LIMIT 5 + +struct dpp_pkex { + void *msg_ctx; + unsigned int initiator:1; + unsigned int exchange_done:1; + unsigned int failed:1; + struct dpp_bootstrap_info *own_bi; + u8 own_mac[ETH_ALEN]; + u8 peer_mac[ETH_ALEN]; + char *identifier; + char *code; + EVP_PKEY *x; + EVP_PKEY *y; + u8 Mx[DPP_MAX_SHARED_SECRET_LEN]; + u8 Nx[DPP_MAX_SHARED_SECRET_LEN]; + u8 z[DPP_MAX_HASH_LEN]; + EVP_PKEY *peer_bootstrap_key; + struct wpabuf *exchange_req; + struct wpabuf *exchange_resp; + unsigned int t; /* number of failures on code use */ + unsigned int exch_req_wait_time; + unsigned int exch_req_tries; + unsigned int freq; +}; + +enum dpp_akm { + DPP_AKM_UNKNOWN, + DPP_AKM_DPP, + DPP_AKM_PSK, + DPP_AKM_SAE, + DPP_AKM_PSK_SAE +}; + +struct dpp_configuration { + u8 ssid[32]; + size_t ssid_len; + enum dpp_akm akm; + + /* For DPP configuration (connector) */ + os_time_t netaccesskey_expiry; + + /* TODO: groups */ + char *group_id; + + /* For legacy configuration */ + char *passphrase; + u8 psk[32]; +}; + +struct dpp_authentication { + void *msg_ctx; + const struct dpp_curve_params *curve; + struct dpp_bootstrap_info *peer_bi; + struct dpp_bootstrap_info *own_bi; + struct dpp_bootstrap_info *tmp_own_bi; + u8 waiting_pubkey_hash[SHA256_MAC_LEN]; + int response_pending; + enum dpp_status_error auth_resp_status; + u8 peer_mac_addr[ETH_ALEN]; + u8 i_nonce[DPP_MAX_NONCE_LEN]; + u8 r_nonce[DPP_MAX_NONCE_LEN]; + u8 e_nonce[DPP_MAX_NONCE_LEN]; + u8 i_capab; + u8 r_capab; + EVP_PKEY *own_protocol_key; + EVP_PKEY *peer_protocol_key; + struct wpabuf *req_msg; + struct wpabuf *resp_msg; + /* Intersection of possible frequencies for initiating DPP + * Authentication exchange */ + unsigned int freq[DPP_BOOTSTRAP_MAX_FREQ]; + unsigned int num_freq, freq_idx; + unsigned int curr_freq; + unsigned int neg_freq; + unsigned int num_freq_iters; + size_t secret_len; + u8 Mx[DPP_MAX_SHARED_SECRET_LEN]; + size_t Mx_len; + u8 Nx[DPP_MAX_SHARED_SECRET_LEN]; + size_t Nx_len; + u8 Lx[DPP_MAX_SHARED_SECRET_LEN]; + size_t Lx_len; + u8 k1[DPP_MAX_HASH_LEN]; + u8 k2[DPP_MAX_HASH_LEN]; + u8 ke[DPP_MAX_HASH_LEN]; + int initiator; + int waiting_auth_resp; + int waiting_auth_conf; + int auth_req_ack; + unsigned int auth_resp_tries; + u8 allowed_roles; + int configurator; + int remove_on_tx_status; + int auth_success; + struct wpabuf *conf_req; + const struct wpabuf *conf_resp; /* owned by GAS server */ + struct dpp_configuration *conf_ap; + struct dpp_configuration *conf_sta; + struct dpp_configurator *conf; + char *connector; /* received signedConnector */ + u8 ssid[SSID_MAX_LEN]; + u8 ssid_len; + char passphrase[64]; + u8 psk[PMK_LEN]; + int psk_set; + enum dpp_akm akm; + struct wpabuf *net_access_key; + os_time_t net_access_key_expiry; + struct wpabuf *c_sign_key; +#ifdef CONFIG_TESTING_OPTIONS + char *config_obj_override; + char *discovery_override; + char *groups_override; + unsigned int ignore_netaccesskey_mismatch:1; +#endif /* CONFIG_TESTING_OPTIONS */ +}; + +struct dpp_configurator { + struct dl_list list; + unsigned int id; + int own; + EVP_PKEY *csign; + char *kid; + const struct dpp_curve_params *curve; +}; + +struct dpp_introduction { + u8 pmkid[PMKID_LEN]; + u8 pmk[PMK_LEN_MAX]; + size_t pmk_len; +}; + +#ifdef CONFIG_TESTING_OPTIONS +enum dpp_test_behavior { + DPP_TEST_DISABLED = 0, + DPP_TEST_AFTER_WRAPPED_DATA_AUTH_REQ = 1, + DPP_TEST_AFTER_WRAPPED_DATA_AUTH_RESP = 2, + DPP_TEST_AFTER_WRAPPED_DATA_AUTH_CONF = 3, + DPP_TEST_AFTER_WRAPPED_DATA_PKEX_CR_REQ = 4, + DPP_TEST_AFTER_WRAPPED_DATA_PKEX_CR_RESP = 5, + DPP_TEST_AFTER_WRAPPED_DATA_CONF_REQ = 6, + DPP_TEST_AFTER_WRAPPED_DATA_CONF_RESP = 7, + DPP_TEST_ZERO_I_CAPAB = 8, + DPP_TEST_ZERO_R_CAPAB = 9, + DPP_TEST_NO_R_BOOTSTRAP_KEY_HASH_AUTH_REQ = 10, + DPP_TEST_NO_I_BOOTSTRAP_KEY_HASH_AUTH_REQ = 11, + DPP_TEST_NO_I_PROTO_KEY_AUTH_REQ = 12, + DPP_TEST_NO_I_NONCE_AUTH_REQ = 13, + DPP_TEST_NO_I_CAPAB_AUTH_REQ = 14, + DPP_TEST_NO_WRAPPED_DATA_AUTH_REQ = 15, + DPP_TEST_NO_STATUS_AUTH_RESP = 16, + DPP_TEST_NO_R_BOOTSTRAP_KEY_HASH_AUTH_RESP = 17, + DPP_TEST_NO_I_BOOTSTRAP_KEY_HASH_AUTH_RESP = 18, + DPP_TEST_NO_R_PROTO_KEY_AUTH_RESP = 19, + DPP_TEST_NO_R_NONCE_AUTH_RESP = 20, + DPP_TEST_NO_I_NONCE_AUTH_RESP = 21, + DPP_TEST_NO_R_CAPAB_AUTH_RESP = 22, + DPP_TEST_NO_R_AUTH_AUTH_RESP = 23, + DPP_TEST_NO_WRAPPED_DATA_AUTH_RESP = 24, + DPP_TEST_NO_STATUS_AUTH_CONF = 25, + DPP_TEST_NO_R_BOOTSTRAP_KEY_HASH_AUTH_CONF = 26, + DPP_TEST_NO_I_BOOTSTRAP_KEY_HASH_AUTH_CONF = 27, + DPP_TEST_NO_I_AUTH_AUTH_CONF = 28, + DPP_TEST_NO_WRAPPED_DATA_AUTH_CONF = 29, + DPP_TEST_I_NONCE_MISMATCH_AUTH_RESP = 30, + DPP_TEST_INCOMPATIBLE_R_CAPAB_AUTH_RESP = 31, + DPP_TEST_R_AUTH_MISMATCH_AUTH_RESP = 32, + DPP_TEST_I_AUTH_MISMATCH_AUTH_CONF = 33, + DPP_TEST_NO_FINITE_CYCLIC_GROUP_PKEX_EXCHANGE_REQ = 34, + DPP_TEST_NO_ENCRYPTED_KEY_PKEX_EXCHANGE_REQ = 35, + DPP_TEST_NO_STATUS_PKEX_EXCHANGE_RESP = 36, + DPP_TEST_NO_ENCRYPTED_KEY_PKEX_EXCHANGE_RESP = 37, + DPP_TEST_NO_BOOTSTRAP_KEY_PKEX_CR_REQ = 38, + DPP_TEST_NO_I_AUTH_TAG_PKEX_CR_REQ = 39, + DPP_TEST_NO_WRAPPED_DATA_PKEX_CR_REQ = 40, + DPP_TEST_NO_BOOTSTRAP_KEY_PKEX_CR_RESP = 41, + DPP_TEST_NO_R_AUTH_TAG_PKEX_CR_RESP = 42, + DPP_TEST_NO_WRAPPED_DATA_PKEX_CR_RESP = 43, + DPP_TEST_INVALID_ENCRYPTED_KEY_PKEX_EXCHANGE_REQ = 44, + DPP_TEST_INVALID_ENCRYPTED_KEY_PKEX_EXCHANGE_RESP = 45, + DPP_TEST_INVALID_STATUS_PKEX_EXCHANGE_RESP = 46, + DPP_TEST_INVALID_BOOTSTRAP_KEY_PKEX_CR_REQ = 47, + DPP_TEST_INVALID_BOOTSTRAP_KEY_PKEX_CR_RESP = 48, + DPP_TEST_I_AUTH_TAG_MISMATCH_PKEX_CR_REQ = 49, + DPP_TEST_R_AUTH_TAG_MISMATCH_PKEX_CR_RESP = 50, + DPP_TEST_NO_E_NONCE_CONF_REQ = 51, + DPP_TEST_NO_CONFIG_ATTR_OBJ_CONF_REQ = 52, + DPP_TEST_NO_WRAPPED_DATA_CONF_REQ = 53, + DPP_TEST_NO_E_NONCE_CONF_RESP = 54, + DPP_TEST_NO_CONFIG_OBJ_CONF_RESP = 55, + DPP_TEST_NO_STATUS_CONF_RESP = 56, + DPP_TEST_NO_WRAPPED_DATA_CONF_RESP = 57, + DPP_TEST_INVALID_STATUS_CONF_RESP = 58, + DPP_TEST_E_NONCE_MISMATCH_CONF_RESP = 59, + DPP_TEST_NO_TRANSACTION_ID_PEER_DISC_REQ = 60, + DPP_TEST_NO_CONNECTOR_PEER_DISC_REQ = 61, + DPP_TEST_NO_TRANSACTION_ID_PEER_DISC_RESP = 62, + DPP_TEST_NO_STATUS_PEER_DISC_RESP = 63, + DPP_TEST_NO_CONNECTOR_PEER_DISC_RESP = 64, + DPP_TEST_AUTH_RESP_IN_PLACE_OF_CONF = 65, + DPP_TEST_INVALID_I_PROTO_KEY_AUTH_REQ = 66, + DPP_TEST_INVALID_R_PROTO_KEY_AUTH_RESP = 67, + DPP_TEST_INVALID_R_BOOTSTRAP_KEY_HASH_AUTH_REQ = 68, + DPP_TEST_INVALID_I_BOOTSTRAP_KEY_HASH_AUTH_REQ = 69, + DPP_TEST_INVALID_R_BOOTSTRAP_KEY_HASH_AUTH_RESP = 70, + DPP_TEST_INVALID_I_BOOTSTRAP_KEY_HASH_AUTH_RESP = 71, + DPP_TEST_INVALID_R_BOOTSTRAP_KEY_HASH_AUTH_CONF = 72, + DPP_TEST_INVALID_I_BOOTSTRAP_KEY_HASH_AUTH_CONF = 73, + DPP_TEST_INVALID_STATUS_AUTH_RESP = 74, + DPP_TEST_INVALID_STATUS_AUTH_CONF = 75, + DPP_TEST_INVALID_CONFIG_ATTR_OBJ_CONF_REQ = 76, + DPP_TEST_INVALID_TRANSACTION_ID_PEER_DISC_RESP = 77, + DPP_TEST_INVALID_STATUS_PEER_DISC_RESP = 78, + DPP_TEST_INVALID_CONNECTOR_PEER_DISC_RESP = 79, + DPP_TEST_INVALID_CONNECTOR_PEER_DISC_REQ = 80, + DPP_TEST_INVALID_I_NONCE_AUTH_REQ = 81, + DPP_TEST_INVALID_TRANSACTION_ID_PEER_DISC_REQ = 82, + DPP_TEST_INVALID_E_NONCE_CONF_REQ = 83, + DPP_TEST_STOP_AT_PKEX_EXCHANGE_RESP = 84, + DPP_TEST_STOP_AT_PKEX_CR_REQ = 85, + DPP_TEST_STOP_AT_PKEX_CR_RESP = 86, + DPP_TEST_STOP_AT_AUTH_REQ = 87, + DPP_TEST_STOP_AT_AUTH_RESP = 88, + DPP_TEST_STOP_AT_AUTH_CONF = 89, + DPP_TEST_STOP_AT_CONF_REQ = 90, +}; + +extern enum dpp_test_behavior dpp_test; +extern u8 dpp_pkex_own_mac_override[ETH_ALEN]; +extern u8 dpp_pkex_peer_mac_override[ETH_ALEN]; +extern u8 dpp_pkex_ephemeral_key_override[600]; +extern size_t dpp_pkex_ephemeral_key_override_len; +extern u8 dpp_protocol_key_override[600]; +extern size_t dpp_protocol_key_override_len; +extern u8 dpp_nonce_override[DPP_MAX_NONCE_LEN]; +extern size_t dpp_nonce_override_len; +#endif /* CONFIG_TESTING_OPTIONS */ + +void dpp_bootstrap_info_free(struct dpp_bootstrap_info *info); +const char * dpp_bootstrap_type_txt(enum dpp_bootstrap_type type); +int dpp_bootstrap_key_hash(struct dpp_bootstrap_info *bi); +int dpp_parse_uri_chan_list(struct dpp_bootstrap_info *bi, + const char *chan_list); +int dpp_parse_uri_mac(struct dpp_bootstrap_info *bi, const char *mac); +int dpp_parse_uri_info(struct dpp_bootstrap_info *bi, const char *info); +struct dpp_bootstrap_info * dpp_parse_qr_code(const char *uri); +char * dpp_keygen(struct dpp_bootstrap_info *bi, const char *curve, + const u8 *privkey, size_t privkey_len); +struct hostapd_hw_modes; +struct dpp_authentication * dpp_auth_init(void *msg_ctx, + struct dpp_bootstrap_info *peer_bi, + struct dpp_bootstrap_info *own_bi, + u8 dpp_allowed_roles, + unsigned int neg_freq, + struct hostapd_hw_modes *own_modes, + u16 num_modes); +struct dpp_authentication * +dpp_auth_req_rx(void *msg_ctx, u8 dpp_allowed_roles, int qr_mutual, + struct dpp_bootstrap_info *peer_bi, + struct dpp_bootstrap_info *own_bi, + unsigned int freq, const u8 *hdr, const u8 *attr_start, + size_t attr_len); +struct wpabuf * +dpp_auth_resp_rx(struct dpp_authentication *auth, const u8 *hdr, + const u8 *attr_start, size_t attr_len); +struct wpabuf * dpp_build_conf_req(struct dpp_authentication *auth, + const char *json); +int dpp_auth_conf_rx(struct dpp_authentication *auth, const u8 *hdr, + const u8 *attr_start, size_t attr_len); +int dpp_notify_new_qr_code(struct dpp_authentication *auth, + struct dpp_bootstrap_info *peer_bi); +void dpp_configuration_free(struct dpp_configuration *conf); +void dpp_auth_deinit(struct dpp_authentication *auth); +struct wpabuf * +dpp_conf_req_rx(struct dpp_authentication *auth, const u8 *attr_start, + size_t attr_len); +int dpp_conf_resp_rx(struct dpp_authentication *auth, + const struct wpabuf *resp); +struct wpabuf * dpp_alloc_msg(enum dpp_public_action_frame_type type, + size_t len); +const u8 * dpp_get_attr(const u8 *buf, size_t len, u16 req_id, u16 *ret_len); +int dpp_check_attrs(const u8 *buf, size_t len); +int dpp_key_expired(const char *timestamp, os_time_t *expiry); +const char * dpp_akm_str(enum dpp_akm akm); +int dpp_configurator_get_key(const struct dpp_configurator *conf, char *buf, + size_t buflen); +void dpp_configurator_free(struct dpp_configurator *conf); +struct dpp_configurator * +dpp_keygen_configurator(const char *curve, const u8 *privkey, + size_t privkey_len); +int dpp_configurator_own_config(struct dpp_authentication *auth, + const char *curve, int ap); +enum dpp_status_error +dpp_peer_intro(struct dpp_introduction *intro, const char *own_connector, + const u8 *net_access_key, size_t net_access_key_len, + const u8 *csign_key, size_t csign_key_len, + const u8 *peer_connector, size_t peer_connector_len, + os_time_t *expiry); +struct dpp_pkex * dpp_pkex_init(void *msg_ctx, struct dpp_bootstrap_info *bi, + const u8 *own_mac, + const char *identifier, + const char *code); +struct dpp_pkex * dpp_pkex_rx_exchange_req(void *msg_ctx, + struct dpp_bootstrap_info *bi, + const u8 *own_mac, + const u8 *peer_mac, + const char *identifier, + const char *code, + const u8 *buf, size_t len); +struct wpabuf * dpp_pkex_rx_exchange_resp(struct dpp_pkex *pkex, + const u8 *peer_mac, + const u8 *buf, size_t len); +struct wpabuf * dpp_pkex_rx_commit_reveal_req(struct dpp_pkex *pkex, + const u8 *hdr, + const u8 *buf, size_t len); +int dpp_pkex_rx_commit_reveal_resp(struct dpp_pkex *pkex, const u8 *hdr, + const u8 *buf, size_t len); +void dpp_pkex_free(struct dpp_pkex *pkex); + +char * dpp_corrupt_connector_signature(const char *connector); + +#endif /* DPP_H */ diff --git a/contrib/wpa/src/common/gas.c b/contrib/wpa/src/common/gas.c index cff9254b7440..ba21b225efc9 100644 --- a/contrib/wpa/src/common/gas.c +++ b/contrib/wpa/src/common/gas.c @@ -75,7 +75,7 @@ gas_build_initial_resp(u8 dialog_token, u16 status_code, u16 comeback_delay, } -static struct wpabuf * +struct wpabuf * gas_build_comeback_resp(u8 dialog_token, u16 status_code, u8 frag_id, u8 more, u16 comeback_delay, size_t size) { diff --git a/contrib/wpa/src/common/gas.h b/contrib/wpa/src/common/gas.h index 306adc58c6ee..4c93e3114ccd 100644 --- a/contrib/wpa/src/common/gas.h +++ b/contrib/wpa/src/common/gas.h @@ -14,6 +14,9 @@ struct wpabuf * gas_build_initial_req(u8 dialog_token, size_t size); struct wpabuf * gas_build_comeback_req(u8 dialog_token); struct wpabuf * gas_build_initial_resp(u8 dialog_token, u16 status_code, u16 comeback_delay, size_t size); +struct wpabuf * +gas_build_comeback_resp(u8 dialog_token, u16 status_code, u8 frag_id, u8 more, + u16 comeback_delay, size_t size); struct wpabuf * gas_anqp_build_initial_req(u8 dialog_token, size_t size); struct wpabuf * gas_anqp_build_initial_resp(u8 dialog_token, u16 status_code, u16 comeback_delay, size_t size); diff --git a/contrib/wpa/src/common/gas_server.c b/contrib/wpa/src/common/gas_server.c new file mode 100644 index 000000000000..ca46758cec7c --- /dev/null +++ b/contrib/wpa/src/common/gas_server.c @@ -0,0 +1,487 @@ +/* + * Generic advertisement service (GAS) server + * Copyright (c) 2017, Qualcomm Atheros, Inc. + * + * This software may be distributed under the terms of the BSD license. + * See README for more details. + */ + +#include "includes.h" + +#include "utils/common.h" +#include "utils/list.h" +#include "utils/eloop.h" +#include "ieee802_11_defs.h" +#include "gas.h" +#include "gas_server.h" + + +#define MAX_ADV_PROTO_ID_LEN 10 +#define GAS_QUERY_TIMEOUT 10 + +struct gas_server_handler { + struct dl_list list; + u8 adv_proto_id[MAX_ADV_PROTO_ID_LEN]; + u8 adv_proto_id_len; + struct wpabuf * (*req_cb)(void *ctx, const u8 *sa, + const u8 *query, size_t query_len); + void (*status_cb)(void *ctx, struct wpabuf *resp, int ok); + void *ctx; + struct gas_server *gas; +}; + +struct gas_server_response { + struct dl_list list; + size_t offset; + u8 frag_id; + struct wpabuf *resp; + int freq; + u8 dst[ETH_ALEN]; + u8 dialog_token; + struct gas_server_handler *handler; +}; + +struct gas_server { + struct dl_list handlers; /* struct gas_server_handler::list */ + struct dl_list responses; /* struct gas_server_response::list */ + void (*tx)(void *ctx, int freq, const u8 *da, struct wpabuf *resp, + unsigned int wait_time); + void *ctx; +}; + +static void gas_server_free_response(struct gas_server_response *response); + + +static void gas_server_response_timeout(void *eloop_ctx, void *user_ctx) +{ + struct gas_server_response *response = eloop_ctx; + + wpa_printf(MSG_DEBUG, "GAS: Response @%p timeout for " MACSTR + " (dialog_token=%u freq=%d frag_id=%u sent=%lu/%lu) - drop pending data", + response, MAC2STR(response->dst), response->dialog_token, + response->freq, response->frag_id, + (unsigned long) response->offset, + (unsigned long) wpabuf_len(response->resp)); + response->handler->status_cb(response->handler->ctx, + response->resp, 0); + response->resp = NULL; + dl_list_del(&response->list); + gas_server_free_response(response); +} + + +static void gas_server_free_response(struct gas_server_response *response) +{ + if (!response) + return; + wpa_printf(MSG_DEBUG, "DPP: Free GAS response @%p", response); + eloop_cancel_timeout(gas_server_response_timeout, response, NULL); + wpabuf_free(response->resp); + os_free(response); +} + + +static void +gas_server_send_resp(struct gas_server *gas, struct gas_server_handler *handler, + const u8 *da, int freq, u8 dialog_token, + struct wpabuf *query_resp) +{ + size_t max_len = (freq > 56160) ? 928 : 1400; + size_t hdr_len = 24 + 2 + 5 + 3 + handler->adv_proto_id_len + 2; + size_t resp_frag_len; + struct wpabuf *resp; + u16 comeback_delay; + struct gas_server_response *response; + + if (!query_resp) + return; + + response = os_zalloc(sizeof(*response)); + if (!response) { + wpabuf_free(query_resp); + return; + } + wpa_printf(MSG_DEBUG, "DPP: Allocated GAS response @%p", response); + response->freq = freq; + response->handler = handler; + os_memcpy(response->dst, da, ETH_ALEN); + response->dialog_token = dialog_token; + if (hdr_len + wpabuf_len(query_resp) > max_len) { + /* Need to use comeback to initiate fragmentation */ + comeback_delay = 1; + resp_frag_len = 0; + } else { + /* Full response fits into the initial response */ + comeback_delay = 0; + resp_frag_len = wpabuf_len(query_resp); + } + + resp = gas_build_initial_resp(dialog_token, WLAN_STATUS_SUCCESS, + comeback_delay, + handler->adv_proto_id_len + + resp_frag_len); + if (!resp) { + wpabuf_free(query_resp); + gas_server_free_response(response); + return; + } + + /* Advertisement Protocol element */ + wpabuf_put_u8(resp, WLAN_EID_ADV_PROTO); + wpabuf_put_u8(resp, 1 + handler->adv_proto_id_len); /* Length */ + wpabuf_put_u8(resp, 0x7f); + /* Advertisement Protocol ID */ + wpabuf_put_data(resp, handler->adv_proto_id, handler->adv_proto_id_len); + + /* Query Response Length */ + wpabuf_put_le16(resp, resp_frag_len); + if (!comeback_delay) + wpabuf_put_buf(resp, query_resp); + + if (comeback_delay) { + wpa_printf(MSG_DEBUG, + "GAS: Need to fragment query response"); + } else { + wpa_printf(MSG_DEBUG, + "GAS: Full query response fits in the GAS Initial Response frame"); + } + response->offset = resp_frag_len; + response->resp = query_resp; + dl_list_add(&gas->responses, &response->list); + gas->tx(gas->ctx, freq, da, resp, comeback_delay ? 2000 : 0); + wpabuf_free(resp); + eloop_register_timeout(GAS_QUERY_TIMEOUT, 0, + gas_server_response_timeout, response, NULL); +} + + +static int +gas_server_rx_initial_req(struct gas_server *gas, const u8 *da, const u8 *sa, + const u8 *bssid, int freq, u8 dialog_token, + const u8 *data, size_t len) +{ + const u8 *pos, *end, *adv_proto, *query_req; + u8 adv_proto_len; + u16 query_req_len; + struct gas_server_handler *handler; + struct wpabuf *resp; + + wpa_hexdump(MSG_MSGDUMP, "GAS: Received GAS Initial Request frame", + data, len); + pos = data; + end = data + len; + + if (end - pos < 2 || pos[0] != WLAN_EID_ADV_PROTO) { + wpa_printf(MSG_DEBUG, + "GAS: No Advertisement Protocol element found"); + return -1; + } + pos++; + adv_proto_len = *pos++; + if (end - pos < adv_proto_len || adv_proto_len < 2) { + wpa_printf(MSG_DEBUG, + "GAS: Truncated Advertisement Protocol element"); + return -1; + } + + adv_proto = pos; + pos += adv_proto_len; + wpa_hexdump(MSG_MSGDUMP, "GAS: Advertisement Protocol element", + adv_proto, adv_proto_len); + + if (end - pos < 2) { + wpa_printf(MSG_DEBUG, "GAS: No Query Request Length field"); + return -1; + } + query_req_len = WPA_GET_LE16(pos); + pos += 2; + if (end - pos < query_req_len) { + wpa_printf(MSG_DEBUG, "GAS: Truncated Query Request field"); + return -1; + } + query_req = pos; + pos += query_req_len; + wpa_hexdump(MSG_MSGDUMP, "GAS: Query Request", + query_req, query_req_len); + + if (pos < end) { + wpa_hexdump(MSG_MSGDUMP, + "GAS: Ignored extra data after Query Request field", + pos, end - pos); + } + + dl_list_for_each(handler, &gas->handlers, struct gas_server_handler, + list) { + if (adv_proto_len < 1 + handler->adv_proto_id_len || + os_memcmp(adv_proto + 1, handler->adv_proto_id, + handler->adv_proto_id_len) != 0) + continue; + + wpa_printf(MSG_DEBUG, + "GAS: Calling handler for the requested Advertisement Protocol ID"); + resp = handler->req_cb(handler->ctx, sa, query_req, + query_req_len); + wpa_hexdump_buf(MSG_MSGDUMP, "GAS: Response from the handler", + resp); + gas_server_send_resp(gas, handler, sa, freq, dialog_token, + resp); + return 0; + } + + wpa_printf(MSG_DEBUG, + "GAS: No registered handler for the requested Advertisement Protocol ID"); + return -1; +} + + +static void +gas_server_handle_rx_comeback_req(struct gas_server_response *response) +{ + struct gas_server_handler *handler = response->handler; + struct gas_server *gas = handler->gas; + size_t max_len = (response->freq > 56160) ? 928 : 1400; + size_t hdr_len = 24 + 2 + 6 + 3 + handler->adv_proto_id_len + 2; + size_t remaining, resp_frag_len; + struct wpabuf *resp; + + remaining = wpabuf_len(response->resp) - response->offset; + if (hdr_len + remaining > max_len) + resp_frag_len = max_len - hdr_len; + else + resp_frag_len = remaining; + wpa_printf(MSG_DEBUG, + "GAS: Sending out %u/%u remaining Query Response octets", + (unsigned int) resp_frag_len, (unsigned int) remaining); + + resp = gas_build_comeback_resp(response->dialog_token, + WLAN_STATUS_SUCCESS, + response->frag_id++, + resp_frag_len < remaining, 0, + handler->adv_proto_id_len + + resp_frag_len); + if (!resp) { + dl_list_del(&response->list); + gas_server_free_response(response); + return; + } + + /* Advertisement Protocol element */ + wpabuf_put_u8(resp, WLAN_EID_ADV_PROTO); + wpabuf_put_u8(resp, 1 + handler->adv_proto_id_len); /* Length */ + wpabuf_put_u8(resp, 0x7f); + /* Advertisement Protocol ID */ + wpabuf_put_data(resp, handler->adv_proto_id, handler->adv_proto_id_len); + + /* Query Response Length */ + wpabuf_put_le16(resp, resp_frag_len); + wpabuf_put_data(resp, wpabuf_head_u8(response->resp) + response->offset, + resp_frag_len); + + response->offset += resp_frag_len; + + gas->tx(gas->ctx, response->freq, response->dst, resp, + remaining > resp_frag_len ? 2000 : 0); + wpabuf_free(resp); +} + + +static int +gas_server_rx_comeback_req(struct gas_server *gas, const u8 *da, const u8 *sa, + const u8 *bssid, int freq, u8 dialog_token) +{ + struct gas_server_response *response; + + dl_list_for_each(response, &gas->responses, struct gas_server_response, + list) { + if (response->dialog_token != dialog_token || + os_memcmp(sa, response->dst, ETH_ALEN) != 0) + continue; + gas_server_handle_rx_comeback_req(response); + return 0; + } + + wpa_printf(MSG_DEBUG, "GAS: No pending GAS response for " MACSTR + " (dialog token %u)", MAC2STR(sa), dialog_token); + return -1; +} + + +/** + * gas_query_rx - Indicate reception of a Public Action or Protected Dual frame + * @gas: GAS query data from gas_server_init() + * @da: Destination MAC address of the Action frame + * @sa: Source MAC address of the Action frame + * @bssid: BSSID of the Action frame + * @categ: Category of the Action frame + * @data: Payload of the Action frame + * @len: Length of @data + * @freq: Frequency (in MHz) on which the frame was received + * Returns: 0 if the Public Action frame was a GAS request frame or -1 if not + */ +int gas_server_rx(struct gas_server *gas, const u8 *da, const u8 *sa, + const u8 *bssid, u8 categ, const u8 *data, size_t len, + int freq) +{ + u8 action, dialog_token; + const u8 *pos, *end; + + if (!gas || len < 2) + return -1; + + if (categ == WLAN_ACTION_PROTECTED_DUAL) + return -1; /* Not supported for now */ + + pos = data; + end = data + len; + action = *pos++; + dialog_token = *pos++; + + if (action != WLAN_PA_GAS_INITIAL_REQ && + action != WLAN_PA_GAS_COMEBACK_REQ) + return -1; /* Not a GAS request */ + + wpa_printf(MSG_DEBUG, "GAS: Received GAS %s Request frame DA=" MACSTR + " SA=" MACSTR " BSSID=" MACSTR + " freq=%d dialog_token=%u len=%u", + action == WLAN_PA_GAS_INITIAL_REQ ? "Initial" : "Comeback", + MAC2STR(da), MAC2STR(sa), MAC2STR(bssid), freq, dialog_token, + (unsigned int) len); + + if (action == WLAN_PA_GAS_INITIAL_REQ) + return gas_server_rx_initial_req(gas, da, sa, bssid, + freq, dialog_token, + pos, end - pos); + return gas_server_rx_comeback_req(gas, da, sa, bssid, + freq, dialog_token); +} + + +static void gas_server_handle_tx_status(struct gas_server_response *response, + int ack) +{ + if (ack && response->offset < wpabuf_len(response->resp)) { + wpa_printf(MSG_DEBUG, + "GAS: More fragments remaining - keep pending entry"); + return; + } + + if (!ack) + wpa_printf(MSG_DEBUG, + "GAS: No ACK received - drop pending entry"); + else + wpa_printf(MSG_DEBUG, + "GAS: Last fragment of the response sent out - drop pending entry"); + + response->handler->status_cb(response->handler->ctx, + response->resp, ack); + response->resp = NULL; + dl_list_del(&response->list); + gas_server_free_response(response); +} + + +void gas_server_tx_status(struct gas_server *gas, const u8 *dst, const u8 *data, + size_t data_len, int ack) +{ + const u8 *pos; + u8 action, code, dialog_token; + struct gas_server_response *response; + + if (data_len < 24 + 3) + return; + pos = data + 24; + action = *pos++; + code = *pos++; + dialog_token = *pos++; + if (action != WLAN_ACTION_PUBLIC || + (code != WLAN_PA_GAS_INITIAL_RESP && + code != WLAN_PA_GAS_COMEBACK_RESP)) + return; + wpa_printf(MSG_DEBUG, "GAS: TX status dst=" MACSTR + " ack=%d %s dialog_token=%u", + MAC2STR(dst), ack, + code == WLAN_PA_GAS_INITIAL_RESP ? "initial" : "comeback", + dialog_token); + dl_list_for_each(response, &gas->responses, struct gas_server_response, + list) { + if (response->dialog_token != dialog_token || + os_memcmp(dst, response->dst, ETH_ALEN) != 0) + continue; + gas_server_handle_tx_status(response, ack); + return; + } + + wpa_printf(MSG_DEBUG, "GAS: No pending response matches TX status"); +} + + +struct gas_server * gas_server_init(void *ctx, + void (*tx)(void *ctx, int freq, + const u8 *da, + struct wpabuf *buf, + unsigned int wait_time)) +{ + struct gas_server *gas; + + gas = os_zalloc(sizeof(*gas)); + if (!gas) + return NULL; + gas->ctx = ctx; + gas->tx = tx; + dl_list_init(&gas->handlers); + dl_list_init(&gas->responses); + return gas; +} + + +void gas_server_deinit(struct gas_server *gas) +{ + struct gas_server_handler *handler, *tmp; + struct gas_server_response *response, *tmp_r; + + if (!gas) + return; + + dl_list_for_each_safe(handler, tmp, &gas->handlers, + struct gas_server_handler, list) { + dl_list_del(&handler->list); + os_free(handler); + } + + dl_list_for_each_safe(response, tmp_r, &gas->responses, + struct gas_server_response, list) { + dl_list_del(&response->list); + gas_server_free_response(response); + } + + os_free(gas); +} + + +int gas_server_register(struct gas_server *gas, + const u8 *adv_proto_id, u8 adv_proto_id_len, + struct wpabuf * + (*req_cb)(void *ctx, const u8 *sa, + const u8 *query, size_t query_len), + void (*status_cb)(void *ctx, struct wpabuf *resp, + int ok), + void *ctx) +{ + struct gas_server_handler *handler; + + if (!gas || adv_proto_id_len > MAX_ADV_PROTO_ID_LEN) + return -1; + handler = os_zalloc(sizeof(*handler)); + if (!handler) + return -1; + + os_memcpy(handler->adv_proto_id, adv_proto_id, adv_proto_id_len); + handler->adv_proto_id_len = adv_proto_id_len; + handler->req_cb = req_cb; + handler->status_cb = status_cb; + handler->ctx = ctx; + handler->gas = gas; + dl_list_add(&gas->handlers, &handler->list); + + return 0; +} diff --git a/contrib/wpa/src/common/gas_server.h b/contrib/wpa/src/common/gas_server.h new file mode 100644 index 000000000000..299f529f7c56 --- /dev/null +++ b/contrib/wpa/src/common/gas_server.h @@ -0,0 +1,44 @@ +/* + * Generic advertisement service (GAS) server + * Copyright (c) 2017, Qualcomm Atheros, Inc. + * + * This software may be distributed under the terms of the BSD license. + * See README for more details. + */ + +#ifndef GAS_SERVER_H +#define GAS_SERVER_H + +#ifdef CONFIG_GAS_SERVER + +struct gas_server; + +struct gas_server * gas_server_init(void *ctx, + void (*tx)(void *ctx, int freq, + const u8 *da, + struct wpabuf *buf, + unsigned int wait_time)); +void gas_server_deinit(struct gas_server *gas); +int gas_server_register(struct gas_server *gas, + const u8 *adv_proto_id, u8 adv_proto_id_len, + struct wpabuf * + (*req_cb)(void *ctx, const u8 *sa, + const u8 *query, size_t query_len), + void (*status_cb)(void *ctx, struct wpabuf *resp, + int ok), + void *ctx); +int gas_server_rx(struct gas_server *gas, const u8 *da, const u8 *sa, + const u8 *bssid, u8 categ, const u8 *data, size_t len, + int freq); +void gas_server_tx_status(struct gas_server *gas, const u8 *dst, const u8 *data, + size_t data_len, int ack); + +#else /* CONFIG_GAS_SERVER */ + +static inline void gas_server_deinit(struct gas_server *gas) +{ +} + +#endif /* CONFIG_GAS_SERVER */ + +#endif /* GAS_SERVER_H */ diff --git a/contrib/wpa/src/common/hw_features_common.c b/contrib/wpa/src/common/hw_features_common.c index 9c37ea63ca87..db4037927185 100644 --- a/contrib/wpa/src/common/hw_features_common.c +++ b/contrib/wpa/src/common/hw_features_common.c @@ -89,7 +89,7 @@ int allowed_ht40_channel_pair(struct hostapd_hw_modes *mode, int pri_chan, { int ok, j, first; int allowed[] = { 36, 44, 52, 60, 100, 108, 116, 124, 132, 140, - 149, 157, 184, 192 }; + 149, 157, 165, 184, 192 }; size_t k; if (pri_chan == sec_chan || !sec_chan) @@ -388,8 +388,10 @@ int hostapd_set_freq_params(struct hostapd_freq_params *data, /* fall through */ case VHT_CHANWIDTH_80MHZ: data->bandwidth = 80; - if ((vht_oper_chwidth == 1 && center_segment1) || - (vht_oper_chwidth == 3 && !center_segment1) || + if ((vht_oper_chwidth == VHT_CHANWIDTH_80MHZ && + center_segment1) || + (vht_oper_chwidth == VHT_CHANWIDTH_80P80MHZ && + !center_segment1) || !sec_channel_offset) return -1; if (!center_segment0) { @@ -453,3 +455,101 @@ int hostapd_set_freq_params(struct hostapd_freq_params *data, return 0; } + + +void set_disable_ht40(struct ieee80211_ht_capabilities *htcaps, + int disabled) +{ + /* Masking these out disables HT40 */ + le16 msk = host_to_le16(HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET | + HT_CAP_INFO_SHORT_GI40MHZ); + + if (disabled) + htcaps->ht_capabilities_info &= ~msk; + else + htcaps->ht_capabilities_info |= msk; +} + + +#ifdef CONFIG_IEEE80211AC + +static int _ieee80211ac_cap_check(u32 hw, u32 conf, u32 cap, + const char *name) +{ + u32 req_cap = conf & cap; + + /* + * Make sure we support all requested capabilities. + * NOTE: We assume that 'cap' represents a capability mask, + * not a discrete value. + */ + if ((hw & req_cap) != req_cap) { + wpa_printf(MSG_ERROR, + "Driver does not support configured VHT capability [%s]", + name); + return 0; + } + return 1; +} + + +static int ieee80211ac_cap_check_max(u32 hw, u32 conf, u32 mask, + unsigned int shift, + const char *name) +{ + u32 hw_max = hw & mask; + u32 conf_val = conf & mask; + + if (conf_val > hw_max) { + wpa_printf(MSG_ERROR, + "Configured VHT capability [%s] exceeds max value supported by the driver (%d > %d)", + name, conf_val >> shift, hw_max >> shift); + return 0; + } + return 1; +} + + +int ieee80211ac_cap_check(u32 hw, u32 conf) +{ +#define VHT_CAP_CHECK(cap) \ + do { \ + if (!_ieee80211ac_cap_check(hw, conf, cap, #cap)) \ + return 0; \ + } while (0) + +#define VHT_CAP_CHECK_MAX(cap) \ + do { \ + if (!ieee80211ac_cap_check_max(hw, conf, cap, cap ## _SHIFT, \ + #cap)) \ + return 0; \ + } while (0) + + VHT_CAP_CHECK_MAX(VHT_CAP_MAX_MPDU_LENGTH_MASK); + VHT_CAP_CHECK_MAX(VHT_CAP_SUPP_CHAN_WIDTH_MASK); + VHT_CAP_CHECK(VHT_CAP_RXLDPC); + VHT_CAP_CHECK(VHT_CAP_SHORT_GI_80); + VHT_CAP_CHECK(VHT_CAP_SHORT_GI_160); + VHT_CAP_CHECK(VHT_CAP_TXSTBC); + VHT_CAP_CHECK_MAX(VHT_CAP_RXSTBC_MASK); + VHT_CAP_CHECK(VHT_CAP_SU_BEAMFORMER_CAPABLE); + VHT_CAP_CHECK(VHT_CAP_SU_BEAMFORMEE_CAPABLE); + VHT_CAP_CHECK_MAX(VHT_CAP_BEAMFORMEE_STS_MAX); + VHT_CAP_CHECK_MAX(VHT_CAP_SOUNDING_DIMENSION_MAX); + VHT_CAP_CHECK(VHT_CAP_MU_BEAMFORMER_CAPABLE); + VHT_CAP_CHECK(VHT_CAP_MU_BEAMFORMEE_CAPABLE); + VHT_CAP_CHECK(VHT_CAP_VHT_TXOP_PS); + VHT_CAP_CHECK(VHT_CAP_HTC_VHT); + VHT_CAP_CHECK_MAX(VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX); + VHT_CAP_CHECK(VHT_CAP_VHT_LINK_ADAPTATION_VHT_UNSOL_MFB); + VHT_CAP_CHECK(VHT_CAP_VHT_LINK_ADAPTATION_VHT_MRQ_MFB); + VHT_CAP_CHECK(VHT_CAP_RX_ANTENNA_PATTERN); + VHT_CAP_CHECK(VHT_CAP_TX_ANTENNA_PATTERN); + +#undef VHT_CAP_CHECK +#undef VHT_CAP_CHECK_MAX + + return 1; +} + +#endif /* CONFIG_IEEE80211AC */ diff --git a/contrib/wpa/src/common/hw_features_common.h b/contrib/wpa/src/common/hw_features_common.h index 7360b4e3efed..9cddbd50e56a 100644 --- a/contrib/wpa/src/common/hw_features_common.h +++ b/contrib/wpa/src/common/hw_features_common.h @@ -35,5 +35,8 @@ int hostapd_set_freq_params(struct hostapd_freq_params *data, int vht_enabled, int sec_channel_offset, int vht_oper_chwidth, int center_segment0, int center_segment1, u32 vht_caps); +void set_disable_ht40(struct ieee80211_ht_capabilities *htcaps, + int disabled); +int ieee80211ac_cap_check(u32 hw, u32 conf); #endif /* HW_FEATURES_COMMON_H */ diff --git a/contrib/wpa/src/common/ieee802_11_common.c b/contrib/wpa/src/common/ieee802_11_common.c index b6bc449bf7dc..e1ef27795b99 100644 --- a/contrib/wpa/src/common/ieee802_11_common.c +++ b/contrib/wpa/src/common/ieee802_11_common.c @@ -11,6 +11,7 @@ #include "common.h" #include "defs.h" #include "wpa_common.h" +#include "drivers/driver.h" #include "qca-vendor.h" #include "ieee802_11_defs.h" #include "ieee802_11_common.h" @@ -120,6 +121,11 @@ static int ieee802_11_parse_vendor_specific(const u8 *pos, size_t elen, elems->mbo = pos; elems->mbo_len = elen; break; + case HS20_ROAMING_CONS_SEL_OUI_TYPE: + /* Hotspot 2.0 Roaming Consortium Selection */ + elems->roaming_cons_sel = pos; + elems->roaming_cons_sel_len = elen; + break; default: wpa_printf(MSG_MSGDUMP, "Unknown WFA " "information element ignored " @@ -179,6 +185,100 @@ static int ieee802_11_parse_vendor_specific(const u8 *pos, size_t elen, } +static int ieee802_11_parse_extension(const u8 *pos, size_t elen, + struct ieee802_11_elems *elems, + int show_errors) +{ + u8 ext_id; + + if (elen < 1) { + if (show_errors) { + wpa_printf(MSG_MSGDUMP, + "short information element (Ext)"); + } + return -1; + } + + ext_id = *pos++; + elen--; + + switch (ext_id) { + case WLAN_EID_EXT_ASSOC_DELAY_INFO: + if (elen != 1) + break; + elems->assoc_delay_info = pos; + break; + case WLAN_EID_EXT_FILS_REQ_PARAMS: + if (elen < 3) + break; + elems->fils_req_params = pos; + elems->fils_req_params_len = elen; + break; + case WLAN_EID_EXT_FILS_KEY_CONFIRM: + elems->fils_key_confirm = pos; + elems->fils_key_confirm_len = elen; + break; + case WLAN_EID_EXT_FILS_SESSION: + if (elen != FILS_SESSION_LEN) + break; + elems->fils_session = pos; + break; + case WLAN_EID_EXT_FILS_HLP_CONTAINER: + if (elen < 2 * ETH_ALEN) + break; + elems->fils_hlp = pos; + elems->fils_hlp_len = elen; + break; + case WLAN_EID_EXT_FILS_IP_ADDR_ASSIGN: + if (elen < 1) + break; + elems->fils_ip_addr_assign = pos; + elems->fils_ip_addr_assign_len = elen; + break; + case WLAN_EID_EXT_KEY_DELIVERY: + if (elen < WPA_KEY_RSC_LEN) + break; + elems->key_delivery = pos; + elems->key_delivery_len = elen; + break; + case WLAN_EID_EXT_FILS_WRAPPED_DATA: + elems->fils_wrapped_data = pos; + elems->fils_wrapped_data_len = elen; + break; + case WLAN_EID_EXT_FILS_PUBLIC_KEY: + if (elen < 1) + break; + elems->fils_pk = pos; + elems->fils_pk_len = elen; + break; + case WLAN_EID_EXT_FILS_NONCE: + if (elen != FILS_NONCE_LEN) + break; + elems->fils_nonce = pos; + break; + case WLAN_EID_EXT_OWE_DH_PARAM: + if (elen < 2) + break; + elems->owe_dh = pos; + elems->owe_dh_len = elen; + break; + case WLAN_EID_EXT_PASSWORD_IDENTIFIER: + elems->password_id = pos; + elems->password_id_len = elen; + break; + default: + if (show_errors) { + wpa_printf(MSG_MSGDUMP, + "IEEE 802.11 element parsing ignored unknown element extension (ext_id=%u elen=%u)", + ext_id, (unsigned int) elen); + } + return -1; + } + + return 0; +} + + /** * ieee802_11_parse_elems - Parse information elements in management frames * @start: Pointer to the start of IEs @@ -262,6 +362,10 @@ ParseRes ieee802_11_parse_elems(const u8 *start, size_t len, elems->rsn_ie_len = elen; break; case WLAN_EID_PWR_CAPABILITY: + if (elen < 2) + break; + elems->power_capab = pos; + elems->power_capab_len = elen; break; case WLAN_EID_SUPPORTED_CHANNELS: elems->supp_channels = pos; @@ -379,6 +483,35 @@ ParseRes ieee802_11_parse_elems(const u8 *start, size_t len, elems->rrm_enabled = pos; elems->rrm_enabled_len = elen; break; + case WLAN_EID_CAG_NUMBER: + elems->cag_number = pos; + elems->cag_number_len = elen; + break; + case WLAN_EID_AP_CSN: + if (elen < 1) + break; + elems->ap_csn = pos; + break; + case WLAN_EID_FILS_INDICATION: + if (elen < 2) + break; + elems->fils_indic = pos; + elems->fils_indic_len = elen; + break; + case WLAN_EID_DILS: + if (elen < 2) + break; + elems->dils = pos; + elems->dils_len = elen; + break; + case WLAN_EID_FRAGMENT: + /* TODO */ + break; + case WLAN_EID_EXTENSION: + if (ieee802_11_parse_extension(pos, elen, elems, + show_errors)) + unknown++; + break; default: unknown++; if (!show_errors) @@ -681,6 +814,25 @@ enum hostapd_hw_mode ieee80211_freq_to_channel_ext(unsigned int freq, return HOSTAPD_MODE_IEEE80211A; } + /* 5 GHz, channels 52..64 */ + if (freq >= 5260 && freq <= 5320) { + if ((freq - 5000) % 5) + return NUM_HOSTAPD_MODES; + + if (vht_opclass) + *op_class = vht_opclass; + else if (sec_channel == 1) + *op_class = 119; + else if (sec_channel == -1) + *op_class = 120; + else + *op_class = 118; + + *channel = (freq - 5000) / 5; + + return HOSTAPD_MODE_IEEE80211A; + } + /* 5 GHz, channels 149..169 */ if (freq >= 5745 && freq <= 5845) { if ((freq - 5000) % 5) @@ -981,7 +1133,7 @@ static int ieee80211_chan_to_freq_global(u8 op_class, u8 chan) return -1; return 5000 + 5 * chan; case 129: /* center freqs 50, 114; 160 MHz */ - if (chan < 50 || chan > 114) + if (chan < 36 || chan > 128) return -1; return 5000 + 5 * chan; case 180: /* 60 GHz band, channels 1..4 */ @@ -1031,10 +1183,24 @@ int ieee80211_chan_to_freq(const char *country, u8 op_class, u8 chan) } -int ieee80211_is_dfs(int freq) +int ieee80211_is_dfs(int freq, const struct hostapd_hw_modes *modes, + u16 num_modes) { - /* TODO: this could be more accurate to better cover all domains */ - return (freq >= 5260 && freq <= 5320) || (freq >= 5500 && freq <= 5700); + int i, j; + + if (!modes || !num_modes) + return (freq >= 5260 && freq <= 5320) || + (freq >= 5500 && freq <= 5700); + + for (i = 0; i < num_modes; i++) { + for (j = 0; j < modes[i].num_channels; j++) { + if (modes[i].channels[j].freq == freq && + (modes[i].channels[j].flag & HOSTAPD_CHAN_RADAR)) + return 1; + } + } + + return 0; } @@ -1295,6 +1461,40 @@ const u8 * get_ie(const u8 *ies, size_t len, u8 eid) } +/** + * get_ie_ext - Fetch a specified extended information element from IEs buffer + * @ies: Information elements buffer + * @len: Information elements buffer length + * @ext: Information element extension identifier (WLAN_EID_EXT_*) + * Returns: Pointer to the information element (id field) or %NULL if not found + * + * This function returns the first matching information element in the IEs + * buffer or %NULL in case the element is not found. + */ +const u8 * get_ie_ext(const u8 *ies, size_t len, u8 ext) +{ + const u8 *end; + + if (!ies) + return NULL; + + end = ies + len; + + while (end - ies > 1) { + if (2 + ies[1] > end - ies) + break; + + if (ies[0] == WLAN_EID_EXTENSION && ies[1] >= 1 && + ies[2] == ext) + return ies; + + ies += 2 + ies[1]; + } + + return NULL; +} + + size_t mbo_add_ie(u8 *buf, size_t len, const u8 *attr, size_t attr_len) { /* @@ -1317,3 +1517,250 @@ size_t mbo_add_ie(u8 *buf, size_t len, const u8 *attr, size_t attr_len) return 6 + attr_len; } + + +static const struct country_op_class us_op_class[] = { + { 1, 115 }, + { 2, 118 }, + { 3, 124 }, + { 4, 121 }, + { 5, 125 }, + { 12, 81 }, + { 22, 116 }, + { 23, 119 }, + { 24, 122 }, + { 25, 126 }, + { 26, 126 }, + { 27, 117 }, + { 28, 120 }, + { 29, 123 }, + { 30, 127 }, + { 31, 127 }, + { 32, 83 }, + { 33, 84 }, + { 34, 180 }, +}; + +static const struct country_op_class eu_op_class[] = { + { 1, 115 }, + { 2, 118 }, + { 3, 121 }, + { 4, 81 }, + { 5, 116 }, + { 6, 119 }, + { 7, 122 }, + { 8, 117 }, + { 9, 120 }, + { 10, 123 }, + { 11, 83 }, + { 12, 84 }, + { 17, 125 }, + { 18, 180 }, +}; + +static const struct country_op_class jp_op_class[] = { + { 1, 115 }, + { 30, 81 }, + { 31, 82 }, + { 32, 118 }, + { 33, 118 }, + { 34, 121 }, + { 35, 121 }, + { 36, 116 }, + { 37, 119 }, + { 38, 119 }, + { 39, 122 }, + { 40, 122 }, + { 41, 117 }, + { 42, 120 }, + { 43, 120 }, + { 44, 123 }, + { 45, 123 }, + { 56, 83 }, + { 57, 84 }, + { 58, 121 }, + { 59, 180 }, +}; + +static const struct country_op_class cn_op_class[] = { + { 1, 115 }, + { 2, 118 }, + { 3, 125 }, + { 4, 116 }, + { 5, 119 }, + { 6, 126 }, + { 7, 81 }, + { 8, 83 }, + { 9, 84 }, +}; + +static u8 +global_op_class_from_country_array(u8 op_class, size_t array_size, + const struct country_op_class *country_array) +{ + size_t i; + + for (i = 0; i < array_size; i++) { + if (country_array[i].country_op_class == op_class) + return country_array[i].global_op_class; + } + + return 0; +} + + +u8 country_to_global_op_class(const char *country, u8 op_class) +{ + const struct country_op_class *country_array; + size_t size; + u8 g_op_class; + + if (country_match(us_op_class_cc, country)) { + country_array = us_op_class; + size = ARRAY_SIZE(us_op_class); + } else if (country_match(eu_op_class_cc, country)) { + country_array = eu_op_class; + size = ARRAY_SIZE(eu_op_class); + } else if (country_match(jp_op_class_cc, country)) { + country_array = jp_op_class; + size = ARRAY_SIZE(jp_op_class); + } else if (country_match(cn_op_class_cc, country)) { + country_array = cn_op_class; + size = ARRAY_SIZE(cn_op_class); + } else { + /* + * Countries that do not match any of the above countries use + * global operating classes + */ + return op_class; + } + + g_op_class = global_op_class_from_country_array(op_class, size, + country_array); + + /* + * If the given operating class did not match any of the country's + * operating classes, assume that global operating class is used. + */ + return g_op_class ? g_op_class : op_class; +} + + +const struct oper_class_map * get_oper_class(const char *country, u8 op_class) +{ + const struct oper_class_map *op; + + if (country) + op_class = country_to_global_op_class(country, op_class); + + op = &global_op_class[0]; + while (op->op_class && op->op_class != op_class) + op++; + + if (!op->op_class) + return NULL; + + return op; +} + + +int ieee802_11_parse_candidate_list(const char *pos, u8 *nei_rep, + size_t nei_rep_len) +{ + u8 *nei_pos = nei_rep; + const char *end; + + /* + * BSS Transition Candidate List Entries - Neighbor Report elements + * neighbor=<BSSID>,<BSSID Information>,<Operating Class>, + * <Channel Number>,<PHY Type>[,<hexdump of Optional Subelements>] + */ + while (pos) { + u8 *nei_start; + long int val; + char *endptr, *tmp; + + pos = os_strstr(pos, " neighbor="); + if (!pos) + break; + if (nei_pos + 15 > nei_rep + nei_rep_len) { + wpa_printf(MSG_DEBUG, + "Not enough room for additional neighbor"); + return -1; + } + pos += 10; + + nei_start = nei_pos; + *nei_pos++ = WLAN_EID_NEIGHBOR_REPORT; + nei_pos++; /* length to be filled in */ + + if (hwaddr_aton(pos, nei_pos)) { + wpa_printf(MSG_DEBUG, "Invalid BSSID"); + return -1; + } + nei_pos += ETH_ALEN; + pos += 17; + if (*pos != ',') { + wpa_printf(MSG_DEBUG, "Missing BSSID Information"); + return -1; + } + pos++; + + val = strtol(pos, &endptr, 0); + WPA_PUT_LE32(nei_pos, val); + nei_pos += 4; + if (*endptr != ',') { + wpa_printf(MSG_DEBUG, "Missing Operating Class"); + return -1; + } + pos = endptr + 1; + + *nei_pos++ = atoi(pos); /* Operating Class */ + pos = os_strchr(pos, ','); + if (pos == NULL) { + wpa_printf(MSG_DEBUG, "Missing Channel Number"); + return -1; + } + pos++; + + *nei_pos++ = atoi(pos); /* Channel Number */ + pos = os_strchr(pos, ','); + if (pos == NULL) { + wpa_printf(MSG_DEBUG, "Missing PHY Type"); + return -1; + } + pos++; + + *nei_pos++ = atoi(pos); /* PHY Type */ + end = os_strchr(pos, ' '); + tmp = os_strchr(pos, ','); + if (tmp && (!end || tmp < end)) { + /* Optional Subelements (hexdump) */ + size_t len; + + pos = tmp + 1; + end = os_strchr(pos, ' '); + if (end) + len = end - pos; + else + len = os_strlen(pos); + if (nei_pos + len / 2 > nei_rep + nei_rep_len) { + wpa_printf(MSG_DEBUG, + "Not enough room for neighbor subelements"); + return -1; + } + if (len & 0x01 || + hexstr2bin(pos, nei_pos, len / 2) < 0) { + wpa_printf(MSG_DEBUG, + "Invalid neighbor subelement info"); + return -1; + } + nei_pos += len / 2; + pos = end; + } + + nei_start[1] = nei_pos - nei_start - 2; + } + + return nei_pos - nei_rep; +} diff --git a/contrib/wpa/src/common/ieee802_11_common.h b/contrib/wpa/src/common/ieee802_11_common.h index 42f39096f86c..ff7e51de3dc9 100644 --- a/contrib/wpa/src/common/ieee802_11_common.h +++ b/contrib/wpa/src/common/ieee802_11_common.h @@ -11,6 +11,8 @@ #include "defs.h" +struct hostapd_hw_modes; + #define MAX_NOF_MB_IES_SUPPORTED 5 struct mb_ies_info { @@ -64,6 +66,24 @@ struct ieee802_11_elems { const u8 *pref_freq_list; const u8 *supp_op_classes; const u8 *rrm_enabled; + const u8 *cag_number; + const u8 *ap_csn; + const u8 *fils_indic; + const u8 *dils; + const u8 *assoc_delay_info; + const u8 *fils_req_params; + const u8 *fils_key_confirm; + const u8 *fils_session; + const u8 *fils_hlp; + const u8 *fils_ip_addr_assign; + const u8 *key_delivery; + const u8 *fils_wrapped_data; + const u8 *fils_pk; + const u8 *fils_nonce; + const u8 *owe_dh; + const u8 *power_capab; + const u8 *roaming_cons_sel; + const u8 *password_id; u8 ssid_len; u8 supp_rates_len; @@ -96,6 +116,20 @@ struct ieee802_11_elems { u8 pref_freq_list_len; u8 supp_op_classes_len; u8 rrm_enabled_len; + u8 cag_number_len; + u8 fils_indic_len; + u8 dils_len; + u8 fils_req_params_len; + u8 fils_key_confirm_len; + u8 fils_hlp_len; + u8 fils_ip_addr_assign_len; + u8 key_delivery_len; + u8 fils_wrapped_data_len; + u8 fils_pk_len; + u8 owe_dh_len; + u8 power_capab_len; + u8 roaming_cons_sel_len; + u8 password_id_len; struct mb_ies_info mb_ies; }; @@ -126,7 +160,8 @@ int ieee80211_chan_to_freq(const char *country, u8 op_class, u8 chan); enum hostapd_hw_mode ieee80211_freq_to_channel_ext(unsigned int freq, int sec_channel, int vht, u8 *op_class, u8 *channel); -int ieee80211_is_dfs(int freq); +int ieee80211_is_dfs(int freq, const struct hostapd_hw_modes *modes, + u16 num_modes); enum phy_type ieee80211_get_phy_type(int freq, int ht, int vht); int supp_rates_11b_only(struct ieee802_11_elems *elems); @@ -150,7 +185,20 @@ extern const struct oper_class_map global_op_class[]; extern size_t global_op_class_size; const u8 * get_ie(const u8 *ies, size_t len, u8 eid); +const u8 * get_ie_ext(const u8 *ies, size_t len, u8 ext); size_t mbo_add_ie(u8 *buf, size_t len, const u8 *attr, size_t attr_len); +struct country_op_class { + u8 country_op_class; + u8 global_op_class; +}; + +u8 country_to_global_op_class(const char *country, u8 op_class); + +const struct oper_class_map * get_oper_class(const char *country, u8 op_class); + +int ieee802_11_parse_candidate_list(const char *pos, u8 *nei_rep, + size_t nei_rep_len); + #endif /* IEEE802_11_COMMON_H */ diff --git a/contrib/wpa/src/common/ieee802_11_defs.h b/contrib/wpa/src/common/ieee802_11_defs.h index d453aec790ad..762e731ab022 100644 --- a/contrib/wpa/src/common/ieee802_11_defs.h +++ b/contrib/wpa/src/common/ieee802_11_defs.h @@ -81,6 +81,9 @@ #define WLAN_AUTH_SHARED_KEY 1 #define WLAN_AUTH_FT 2 #define WLAN_AUTH_SAE 3 +#define WLAN_AUTH_FILS_SK 4 +#define WLAN_AUTH_FILS_SK_PFS 5 +#define WLAN_AUTH_FILS_PK 6 #define WLAN_AUTH_LEAP 128 #define WLAN_AUTH_CHALLENGE_LEN 128 @@ -102,7 +105,7 @@ #define WLAN_CAPABILITY_DELAYED_BLOCK_ACK BIT(14) #define WLAN_CAPABILITY_IMM_BLOCK_ACK BIT(15) -/* Status codes (IEEE 802.11-2007, 7.3.1.9, Table 7-23) */ +/* Status codes (IEEE Std 802.11-2016, 9.4.1.9, Table 9-46) */ #define WLAN_STATUS_SUCCESS 0 #define WLAN_STATUS_UNSPECIFIED_FAILURE 1 #define WLAN_STATUS_TDLS_WAKEUP_ALTERNATE 2 @@ -119,27 +122,23 @@ #define WLAN_STATUS_AUTH_TIMEOUT 16 #define WLAN_STATUS_AP_UNABLE_TO_HANDLE_NEW_STA 17 #define WLAN_STATUS_ASSOC_DENIED_RATES 18 -/* IEEE 802.11b */ #define WLAN_STATUS_ASSOC_DENIED_NOSHORT 19 -#define WLAN_STATUS_ASSOC_DENIED_NOPBCC 20 -#define WLAN_STATUS_ASSOC_DENIED_NOAGILITY 21 -/* IEEE 802.11h */ #define WLAN_STATUS_SPEC_MGMT_REQUIRED 22 #define WLAN_STATUS_PWR_CAPABILITY_NOT_VALID 23 #define WLAN_STATUS_SUPPORTED_CHANNEL_NOT_VALID 24 -/* IEEE 802.11g */ #define WLAN_STATUS_ASSOC_DENIED_NO_SHORT_SLOT_TIME 25 -#define WLAN_STATUS_ASSOC_DENIED_NO_DSSS_OFDM 26 #define WLAN_STATUS_ASSOC_DENIED_NO_HT 27 #define WLAN_STATUS_R0KH_UNREACHABLE 28 #define WLAN_STATUS_ASSOC_DENIED_NO_PCO 29 -/* IEEE 802.11w */ #define WLAN_STATUS_ASSOC_REJECTED_TEMPORARILY 30 #define WLAN_STATUS_ROBUST_MGMT_FRAME_POLICY_VIOLATION 31 #define WLAN_STATUS_UNSPECIFIED_QOS_FAILURE 32 +#define WLAN_STATUS_DENIED_INSUFFICIENT_BANDWIDTH 33 +#define WLAN_STATUS_DENIED_POOR_CHANNEL_CONDITIONS 34 +#define WLAN_STATUS_DENIED_QOS_NOT_SUPPORTED 35 #define WLAN_STATUS_REQUEST_DECLINED 37 #define WLAN_STATUS_INVALID_PARAMETERS 38 -/* IEEE 802.11i */ +#define WLAN_STATUS_REJECTED_WITH_SUGGESTED_CHANGES 39 #define WLAN_STATUS_INVALID_IE 40 #define WLAN_STATUS_GROUP_CIPHER_NOT_VALID 41 #define WLAN_STATUS_PAIRWISE_CIPHER_NOT_VALID 42 @@ -152,11 +151,13 @@ #define WLAN_STATUS_DEST_STA_NOT_PRESENT 49 #define WLAN_STATUS_DEST_STA_NOT_QOS_STA 50 #define WLAN_STATUS_ASSOC_DENIED_LISTEN_INT_TOO_LARGE 51 -/* IEEE 802.11r */ #define WLAN_STATUS_INVALID_FT_ACTION_FRAME_COUNT 52 #define WLAN_STATUS_INVALID_PMKID 53 #define WLAN_STATUS_INVALID_MDIE 54 #define WLAN_STATUS_INVALID_FTIE 55 +#define WLAN_STATUS_REQUESTED_TCLAS_NOT_SUPPORTED 56 +#define WLAN_STATUS_INSUFFICIENT_TCLAS_PROCESSING_RESOURCES 57 +#define WLAN_STATUS_TRY_ANOTHER_BSS 58 #define WLAN_STATUS_GAS_ADV_PROTO_NOT_SUPPORTED 59 #define WLAN_STATUS_NO_OUTSTANDING_GAS_REQ 60 #define WLAN_STATUS_GAS_RESP_NOT_RECEIVED 61 @@ -167,16 +168,44 @@ #define WLAN_STATUS_REQ_REFUSED_SSPN 67 #define WLAN_STATUS_REQ_REFUSED_UNAUTH_ACCESS 68 #define WLAN_STATUS_INVALID_RSNIE 72 +#define WLAN_STATUS_U_APSD_COEX_NOT_SUPPORTED 73 +#define WLAN_STATUS_U_APSD_COEX_MODE_NOT_SUPPORTED 74 +#define WLAN_STATUS_BAD_INTERVAL_WITH_U_APSD_COEX 75 #define WLAN_STATUS_ANTI_CLOGGING_TOKEN_REQ 76 #define WLAN_STATUS_FINITE_CYCLIC_GROUP_NOT_SUPPORTED 77 +#define WLAN_STATUS_CANNOT_FIND_ALT_TBTT 78 #define WLAN_STATUS_TRANSMISSION_FAILURE 79 +#define WLAN_STATUS_REQ_TCLAS_NOT_SUPPORTED 80 +#define WLAN_STATUS_TCLAS_RESOURCES_EXCHAUSTED 81 #define WLAN_STATUS_REJECTED_WITH_SUGGESTED_BSS_TRANSITION 82 +#define WLAN_STATUS_REJECT_WITH_SCHEDULE 83 +#define WLAN_STATUS_REJECT_NO_WAKEUP_SPECIFIED 84 +#define WLAN_STATUS_SUCCESS_POWER_SAVE_MODE 85 #define WLAN_STATUS_PENDING_ADMITTING_FST_SESSION 86 +#define WLAN_STATUS_PERFORMING_FST_NOW 87 +#define WLAN_STATUS_PENDING_GAP_IN_BA_WINDOW 88 +#define WLAN_STATUS_REJECT_U_PID_SETTING 89 +#define WLAN_STATUS_REFUSED_EXTERNAL_REASON 92 +#define WLAN_STATUS_REFUSED_AP_OUT_OF_MEMORY 93 +#define WLAN_STATUS_REJECTED_EMERGENCY_SERVICE_NOT_SUPPORTED 94 #define WLAN_STATUS_QUERY_RESP_OUTSTANDING 95 +#define WLAN_STATUS_REJECT_DSE_BAND 96 +#define WLAN_STATUS_TCLAS_PROCESSING_TERMINATED 97 +#define WLAN_STATUS_TS_SCHEDULE_CONFLICT 98 #define WLAN_STATUS_DENIED_WITH_SUGGESTED_BAND_AND_CHANNEL 99 +#define WLAN_STATUS_MCCAOP_RESERVATION_CONFLICT 100 +#define WLAN_STATUS_MAF_LIMIT_EXCEEDED 101 +#define WLAN_STATUS_MCCA_TRACK_LIMIT_EXCEEDED 102 +#define WLAN_STATUS_DENIED_DUE_TO_SPECTRUM_MANAGEMENT 103 #define WLAN_STATUS_ASSOC_DENIED_NO_VHT 104 - -/* Reason codes (IEEE 802.11-2007, 7.3.1.7, Table 7-22) */ +#define WLAN_STATUS_ENABLEMENT_DENIED 105 +#define WLAN_STATUS_RESTRICTION_FROM_AUTHORIZED_GDB 106 +#define WLAN_STATUS_AUTHORIZATION_DEENABLED 107 +#define WLAN_STATUS_FILS_AUTHENTICATION_FAILURE 112 +#define WLAN_STATUS_UNKNOWN_AUTHENTICATION_SERVER 113 +#define WLAN_STATUS_UNKNOWN_PASSWORD_IDENTIFIER 123 + +/* Reason codes (IEEE Std 802.11-2016, 9.4.1.7, Table 9-45) */ #define WLAN_REASON_UNSPECIFIED 1 #define WLAN_REASON_PREV_AUTH_NOT_VALID 2 #define WLAN_REASON_DEAUTH_LEAVING 3 @@ -186,10 +215,9 @@ #define WLAN_REASON_CLASS3_FRAME_FROM_NONASSOC_STA 7 #define WLAN_REASON_DISASSOC_STA_HAS_LEFT 8 #define WLAN_REASON_STA_REQ_ASSOC_WITHOUT_AUTH 9 -/* IEEE 802.11h */ #define WLAN_REASON_PWR_CAPABILITY_NOT_VALID 10 #define WLAN_REASON_SUPPORTED_CHANNEL_NOT_VALID 11 -/* IEEE 802.11i */ +#define WLAN_REASON_BSS_TRANSITION_DISASSOC 12 #define WLAN_REASON_INVALID_IE 13 #define WLAN_REASON_MICHAEL_MIC_FAILURE 14 #define WLAN_REASON_4WAY_HANDSHAKE_TIMEOUT 15 @@ -204,9 +232,26 @@ #define WLAN_REASON_CIPHER_SUITE_REJECTED 24 #define WLAN_REASON_TDLS_TEARDOWN_UNREACHABLE 25 #define WLAN_REASON_TDLS_TEARDOWN_UNSPECIFIED 26 -/* IEEE 802.11e */ +#define WLAN_REASON_SSP_REQUESTED_DISASSOC 27 +#define WLAN_REASON_NO_SSP_ROAMING_AGREEMENT 28 +#define WLAN_REASON_BAD_CIPHER_OR_AKM 29 +#define WLAN_REASON_NOT_AUTHORIZED_THIS_LOCATION 30 +#define WLAN_REASON_SERVICE_CHANGE_PRECLUDES_TS 31 +#define WLAN_REASON_UNSPECIFIED_QOS_REASON 32 +#define WLAN_REASON_NOT_ENOUGH_BANDWIDTH 33 #define WLAN_REASON_DISASSOC_LOW_ACK 34 -/* IEEE 802.11s */ +#define WLAN_REASON_EXCEEDED_TXOP 35 +#define WLAN_REASON_STA_LEAVING 36 +#define WLAN_REASON_END_TS_BA_DLS 37 +#define WLAN_REASON_UNKNOWN_TS_BA 38 +#define WLAN_REASON_TIMEOUT 39 +#define WLAN_REASON_PEERKEY_MISMATCH 45 +#define WLAN_REASON_AUTHORIZED_ACCESS_LIMIT_REACHED 46 +#define WLAN_REASON_EXTERNAL_SERVICE_REQUIREMENTS 47 +#define WLAN_REASON_INVALID_FT_ACTION_FRAME_COUNT 48 +#define WLAN_REASON_INVALID_PMKID 49 +#define WLAN_REASON_INVALID_MDE 50 +#define WLAN_REASON_INVALID_FTE 51 #define WLAN_REASON_MESH_PEERING_CANCELLED 52 #define WLAN_REASON_MESH_MAX_PEERS 53 #define WLAN_REASON_MESH_CONFIG_POLICY_VIOLATION 54 @@ -216,20 +261,29 @@ #define WLAN_REASON_MESH_INVALID_GTK 58 #define WLAN_REASON_MESH_INCONSISTENT_PARAMS 59 #define WLAN_REASON_MESH_INVALID_SECURITY_CAP 60 +#define WLAN_REASON_MESH_PATH_ERROR_NO_PROXY_INFO 61 +#define WLAN_REASON_MESH_PATH_ERROR_NO_FORWARDING_INFO 62 +#define WLAN_REASON_MESH_PATH_ERROR_DEST_UNREACHABLE 63 +#define WLAN_REASON_MAC_ADDRESS_ALREADY_EXISTS_IN_MBSS 64 +#define WLAN_REASON_MESH_CHANNEL_SWITCH_REGULATORY_REQ 65 +#define WLAN_REASON_MESH_CHANNEL_SWITCH_UNSPECIFIED 66 -/* Information Element IDs */ +/* Information Element IDs (IEEE Std 802.11-2016, 9.4.2.1, Table 9-77) */ #define WLAN_EID_SSID 0 #define WLAN_EID_SUPP_RATES 1 -#define WLAN_EID_FH_PARAMS 2 #define WLAN_EID_DS_PARAMS 3 #define WLAN_EID_CF_PARAMS 4 #define WLAN_EID_TIM 5 #define WLAN_EID_IBSS_PARAMS 6 #define WLAN_EID_COUNTRY 7 +#define WLAN_EID_REQUEST 10 #define WLAN_EID_BSS_LOAD 11 +#define WLAN_EID_EDCA_PARAM_SET 12 +#define WLAN_EID_TSPEC 13 +#define WLAN_EID_TCLAS 14 +#define WLAN_EID_SCHEDULE 15 #define WLAN_EID_CHALLENGE 16 -/* EIDs defined by IEEE 802.11h - START */ #define WLAN_EID_PWR_CONSTRAINT 32 #define WLAN_EID_PWR_CAPABILITY 33 #define WLAN_EID_TPC_REQUEST 34 @@ -238,50 +292,139 @@ #define WLAN_EID_CHANNEL_SWITCH 37 #define WLAN_EID_MEASURE_REQUEST 38 #define WLAN_EID_MEASURE_REPORT 39 -#define WLAN_EID_QUITE 40 +#define WLAN_EID_QUIET 40 #define WLAN_EID_IBSS_DFS 41 -/* EIDs defined by IEEE 802.11h - END */ #define WLAN_EID_ERP_INFO 42 +#define WLAN_EID_TS_DELAY 43 +#define WLAN_EID_TCLAS_PROCESSING 44 #define WLAN_EID_HT_CAP 45 #define WLAN_EID_QOS 46 #define WLAN_EID_RSN 48 #define WLAN_EID_EXT_SUPP_RATES 50 +#define WLAN_EID_AP_CHANNEL_REPORT 51 #define WLAN_EID_NEIGHBOR_REPORT 52 +#define WLAN_EID_RCPI 53 #define WLAN_EID_MOBILITY_DOMAIN 54 #define WLAN_EID_FAST_BSS_TRANSITION 55 #define WLAN_EID_TIMEOUT_INTERVAL 56 #define WLAN_EID_RIC_DATA 57 +#define WLAN_EID_DSE_REGISTERED_LOCATION 58 #define WLAN_EID_SUPPORTED_OPERATING_CLASSES 59 #define WLAN_EID_EXT_CHANSWITCH_ANN 60 #define WLAN_EID_HT_OPERATION 61 #define WLAN_EID_SECONDARY_CHANNEL_OFFSET 62 -#define WLAN_EID_WAPI 68 +#define WLAN_EID_BSS_AVERAGE_ACCESS_DELAY 63 +#define WLAN_EID_ANTENNA 64 +#define WLAN_EID_RSNI 65 +#define WLAN_EID_MEASUREMENT_PILOT_TRANSMISSION 66 +#define WLAN_EID_BSS_AVAILABLE_ADM_CAPA 67 +#define WLAN_EID_BSS_AC_ACCESS_DELAY 68 /* note: also used by WAPI */ #define WLAN_EID_TIME_ADVERTISEMENT 69 #define WLAN_EID_RRM_ENABLED_CAPABILITIES 70 +#define WLAN_EID_MULTIPLE_BSSID 71 #define WLAN_EID_20_40_BSS_COEXISTENCE 72 #define WLAN_EID_20_40_BSS_INTOLERANT 73 #define WLAN_EID_OVERLAPPING_BSS_SCAN_PARAMS 74 +#define WLAN_EID_RIC_DESCRIPTOR 75 #define WLAN_EID_MMIE 76 +#define WLAN_EID_EVENT_REQUEST 78 +#define WLAN_EID_EVENT_REPORT 79 +#define WLAN_EID_DIAGNOSTIC_REQUEST 80 +#define WLAN_EID_DIAGNOSTIC_REPORT 81 +#define WLAN_EID_LOCATION_PARAMETERS 82 +#define WLAN_EID_NONTRANSMITTED_BSSID_CAPA 83 #define WLAN_EID_SSID_LIST 84 +#define WLAN_EID_MLTIPLE_BSSID_INDEX 85 +#define WLAN_EID_FMS_DESCRIPTOR 86 +#define WLAN_EID_FMS_REQUEST 87 +#define WLAN_EID_FMS_RESPONSE 88 +#define WLAN_EID_QOS_TRAFFIC_CAPABILITY 89 #define WLAN_EID_BSS_MAX_IDLE_PERIOD 90 #define WLAN_EID_TFS_REQ 91 #define WLAN_EID_TFS_RESP 92 #define WLAN_EID_WNMSLEEP 93 +#define WLAN_EID_TIM_BROADCAST_REQUEST 94 +#define WLAN_EID_TIM_BROADCAST_RESPONSE 95 +#define WLAN_EID_COLLOCATED_INTERFERENCE_REPORT 96 +#define WLAN_EID_CHANNEL_USAGE 97 #define WLAN_EID_TIME_ZONE 98 +#define WLAN_EID_DMS_REQUEST 99 +#define WLAN_EID_DMS_RESPONSE 100 #define WLAN_EID_LINK_ID 101 +#define WLAN_EID_WAKEUP_SCHEDULE 102 +#define WLAN_EID_CHANNEL_SWITCH_TIMING 104 +#define WLAN_EID_PTI_CONTROL 105 +#define WLAN_EID_TPU_BUFFER_STATUS 106 #define WLAN_EID_INTERWORKING 107 #define WLAN_EID_ADV_PROTO 108 +#define WLAN_EID_EXPEDITED_BANDWIDTH_REQ 109 #define WLAN_EID_QOS_MAP_SET 110 #define WLAN_EID_ROAMING_CONSORTIUM 111 +#define WLAN_EID_EMERGENCY_ALERT_ID 112 #define WLAN_EID_MESH_CONFIG 113 #define WLAN_EID_MESH_ID 114 +#define WLAN_EID_MESH_LINK_METRIC_REPORT 115 +#define WLAN_EID_CONGESTION_NOTIFICATION 116 #define WLAN_EID_PEER_MGMT 117 +#define WLAN_EID_MESH_CHANNEL_SWITCH_PARAMETERS 118 +#define WLAN_EID_MESH_AWAKE_WINDOW 119 +#define WLAN_EID_BEACON_TIMING 120 +#define WLAN_EID_MCCAOP_SETUP_REQUEST 121 +#define WLAN_EID_MCCAOP_SETUP_REPLY 122 +#define WLAN_EID_MCCAOP_ADVERTISEMENT 123 +#define WLAN_EID_MCCAOP_TEARDOWN 124 +#define WLAN_EID_GANN 125 +#define WLAN_EID_RANN 126 #define WLAN_EID_EXT_CAPAB 127 +#define WLAN_EID_PREQ 130 +#define WLAN_EID_PREP 131 +#define WLAN_EID_PERR 132 +#define WLAN_EID_PXU 137 +#define WLAN_EID_PXUC 138 #define WLAN_EID_AMPE 139 #define WLAN_EID_MIC 140 +#define WLAN_EID_DESTINATION_URI 141 +#define WLAN_EID_U_APSD_COEX 142 +#define WLAN_EID_DMG_WAKEUP_SCHEDULE 143 +#define WLAN_EID_EXTENDED_SCHEDULE 144 +#define WLAN_EID_STA_AVAILABILITY 145 +#define WLAN_EID_DMG_TSPEC 146 +#define WLAN_EID_NEXT_DMG_ATI 147 +#define WLAN_EID_DMG_CAPABILITIES 148 +#define WLAN_EID_DMG_OPERATION 151 +#define WLAN_EID_DMG_BSS_PARAMETER_CHANGE 152 +#define WLAN_EID_DMG_BEAM_REFINEMENT 153 +#define WLAN_EID_CHANNEL_MEASUREMENT_FEEDBACK 154 #define WLAN_EID_CCKM 156 +#define WLAN_EID_AWAKE_WINDOW 157 #define WLAN_EID_MULTI_BAND 158 +#define WLAN_EID_ADDBA_EXTENSION 159 +#define WLAN_EID_NEXTPCP_LIST 160 +#define WLAN_EID_PCP_HANDOVER 161 +#define WLAN_EID_DMG_LINK_MARGIN 162 +#define WLAN_EID_SWITCHING_STREAM 163 #define WLAN_EID_SESSION_TRANSITION 164 +#define WLAN_EID_DYNAMIC_TONE_PAIRING_REPORT 165 +#define WLAN_EID_CLUSTER_REPORT 166 +#define WLAN_EID_REPLAY_CAPABILITIES 167 +#define WLAN_EID_RELAY_TRANSFER_PARAM_SET 168 +#define WLAN_EID_BEAMLINK_MAINTENANCE 169 +#define WLAN_EID_MULTIPLE_MAC_SUBLAYERS 170 +#define WLAN_EID_U_PID 171 +#define WLAN_EID_DMG_LINK_ADAPTATION_ACK 172 +#define WLAN_EID_MCCAOP_ADVERTISEMENT_OVERVIEW 174 +#define WLAN_EID_QUIET_PERIOD_REQUEST 175 +#define WLAN_EID_QUIET_PERIOD_RESPONSE 177 +#define WLAN_EID_QMF_POLICY 181 +#define WLAN_EID_ECAPC_POLICY 182 +#define WLAN_EID_CLUSTER_TIME_OFFSET 183 +#define WLAN_EID_INTRA_ACCESS_CATEGORY_PRIORITY 184 +#define WLAN_EID_SCS_DESCRIPTOR 185 +#define WLAN_EID_QLOAD_REPORT 186 +#define WLAN_EID_HCCA_TXOP_UPDATE_COUNT 187 +#define WLAN_EID_HIGHER_LAYER_STREAM_ID 188 +#define WLAN_EID_GCR_GROUP_ADDRESS 189 +#define WLAN_EID_ANTENNA_SECTOR_ID_PATTERN 190 #define WLAN_EID_VHT_CAP 191 #define WLAN_EID_VHT_OPERATION 192 #define WLAN_EID_VHT_EXTENDED_BSS_LOAD 193 @@ -291,10 +434,42 @@ #define WLAN_EID_VHT_AID 197 #define WLAN_EID_VHT_QUIET_CHANNEL 198 #define WLAN_EID_VHT_OPERATING_MODE_NOTIFICATION 199 +#define WLAN_EID_UPSIM 200 +#define WLAN_EID_REDUCED_NEIGHBOR_REPORT 201 +#define WLAN_EID_TVHT_OPERATION 202 +#define WLAN_EID_DEVICE_LOCATION 204 +#define WLAN_EID_WHITE_SPACE_MAP 205 +#define WLAN_EID_FTM_PARAMETERS 206 #define WLAN_EID_VENDOR_SPECIFIC 221 - - -/* Action frame categories (IEEE 802.11-2007, 7.3.1.11, Table 7-24) */ +#define WLAN_EID_CAG_NUMBER 237 +#define WLAN_EID_AP_CSN 239 +#define WLAN_EID_FILS_INDICATION 240 +#define WLAN_EID_DILS 241 +#define WLAN_EID_FRAGMENT 242 +#define WLAN_EID_EXTENSION 255 + +/* Element ID Extension (EID 255) values */ +#define WLAN_EID_EXT_ASSOC_DELAY_INFO 1 +#define WLAN_EID_EXT_FILS_REQ_PARAMS 2 +#define WLAN_EID_EXT_FILS_KEY_CONFIRM 3 +#define WLAN_EID_EXT_FILS_SESSION 4 +#define WLAN_EID_EXT_FILS_HLP_CONTAINER 5 +#define WLAN_EID_EXT_FILS_IP_ADDR_ASSIGN 6 +#define WLAN_EID_EXT_KEY_DELIVERY 7 +#define WLAN_EID_EXT_FILS_WRAPPED_DATA 8 +#define WLAN_EID_EXT_FTM_SYNC_INFO 9 +#define WLAN_EID_EXT_EXTENDED_REQUEST 10 +#define WLAN_EID_EXT_ESTIMATED_SERVICE_PARAMS 11 +#define WLAN_EID_EXT_FILS_PUBLIC_KEY 12 +#define WLAN_EID_EXT_FILS_NONCE 13 +#define WLAN_EID_EXT_FUTURE_CHANNEL_GUIDANCE 14 +#define WLAN_EID_EXT_OWE_DH_PARAM 32 +#define WLAN_EID_EXT_PASSWORD_IDENTIFIER 33 +#define WLAN_EID_EXT_HE_CAPABILITIES 35 +#define WLAN_EID_EXT_HE_OPERATION 36 + + +/* Action frame categories (IEEE Std 802.11-2016, 9.4.1.11, Table 9-76) */ #define WLAN_ACTION_SPECTRUM_MGMT 0 #define WLAN_ACTION_QOS 1 #define WLAN_ACTION_DLS 2 @@ -308,21 +483,59 @@ #define WLAN_ACTION_WNM 10 #define WLAN_ACTION_UNPROTECTED_WNM 11 #define WLAN_ACTION_TDLS 12 +#define WLAN_ACTION_MESH 13 +#define WLAN_ACTION_MULTIHOP 14 #define WLAN_ACTION_SELF_PROTECTED 15 +#define WLAN_ACTION_DMG 16 #define WLAN_ACTION_WMM 17 /* WMM Specification 1.1 */ #define WLAN_ACTION_FST 18 +#define WLAN_ACTION_ROBUST_AV_STREAMING 19 +#define WLAN_ACTION_UNPROTECTED_DMG 20 +#define WLAN_ACTION_VHT 21 +#define WLAN_ACTION_FILS 26 +#define WLAN_ACTION_VENDOR_SPECIFIC_PROTECTED 126 #define WLAN_ACTION_VENDOR_SPECIFIC 127 +/* Note: 128-255 used to report errors by setting category | 0x80 */ -/* Public action codes */ +/* Public action codes (IEEE Std 802.11-2016, 9.6.8.1, Table 9-307) */ #define WLAN_PA_20_40_BSS_COEX 0 +#define WLAN_PA_DSE_ENABLEMENT 1 +#define WLAN_PA_DSE_DEENABLEMENT 2 +#define WLAN_PA_DSE_REG_LOCATION_ANNOUNCE 3 +#define WLAN_PA_EXT_CHANNEL_SWITCH_ANNOUNCE 4 +#define WLAN_PA_DSE_MEASUREMENT_REQ 5 +#define WLAN_PA_DSE_MEASUREMENT_RESP 6 +#define WLAN_PA_MEASUREMENT_PILOT 7 +#define WLAN_PA_DSE_POWER_CONSTRAINT 8 #define WLAN_PA_VENDOR_SPECIFIC 9 #define WLAN_PA_GAS_INITIAL_REQ 10 #define WLAN_PA_GAS_INITIAL_RESP 11 #define WLAN_PA_GAS_COMEBACK_REQ 12 #define WLAN_PA_GAS_COMEBACK_RESP 13 #define WLAN_TDLS_DISCOVERY_RESPONSE 14 - -/* Protected Dual of Public Action frames */ +#define WLAN_PA_LOCATION_TRACK_NOTIFICATION 15 +#define WLAN_PA_QAB_REQUEST_FRAME 16 +#define WLAN_PA_QAB_RESPONSE_FRAME 17 +#define WLAN_PA_QMF_POLICY 18 +#define WLAN_PA_QMF_POLICY_CHANGE 19 +#define WLAN_PA_QLOAD_REQUEST 20 +#define WLAN_PA_QLOAD_REPORT 21 +#define WLAN_PA_HCCA_TXOP_ADVERTISEMENT 22 +#define WLAN_PA_HCCA_TXOP_RESPONSE 23 +#define WLAN_PA_PUBLIC_KEY 24 +#define WLAN_PA_CHANNEL_AVAILABILITY_QUERY 25 +#define WLAN_PA_CHANNEL_SCHEDULE_MANAGEMENT 26 +#define WLAN_PA_CONTACT_VERIFICATION_SIGNAL 27 +#define WLAN_PA_GDD_ENABLEMENT_REQ 28 +#define WLAN_PA_GDD_ENABLEMENT_RESP 29 +#define WLAN_PA_NETWORK_CHANNEL_CONTROL 30 +#define WLAN_PA_WHITE_SPACE_MAP_ANNOUNCEMENT 31 +#define WLAN_PA_FTM_REQUEST 32 +#define WLAN_PA_FTM 33 +#define WLAN_PA_FILS_DISCOVERY 34 + +/* Protected Dual of Public Action frames (IEEE Std 802.11-2016, 9.6.11, + * Table 9-332) */ #define WLAN_PROT_DSE_ENABLEMENT 1 #define WLAN_PROT_DSE_DEENABLEMENT 2 #define WLAN_PROT_EXT_CSA 4 @@ -334,6 +547,21 @@ #define WLAN_PROT_GAS_INITIAL_RESP 11 #define WLAN_PROT_GAS_COMEBACK_REQ 12 #define WLAN_PROT_GAS_COMEBACK_RESP 13 +#define WLAN_PROT_QAB_REQUEST_FRAME 16 +#define WLAN_PROT_QAB_RESPONSE_FRAME 17 +#define WLAN_PROT_QMF_POLICY 18 +#define WLAN_PROT_QMF_POLICY_CHANGE 19 +#define WLAN_PROT_QLOAD_REQUEST 20 +#define WLAN_PROT_QLOAD_REPORT 21 +#define WLAN_PROT_HCCA_TXOP_ADVERTISEMENT 22 +#define WLAN_PROT_HCCA_TXOP_RESPONSE 23 +#define WLAN_PROT_CHANNEL_AVAILABILITY_QUERY 25 +#define WLAN_PROT_CHANNEL_SCHEDULE_MANAGEMENT 26 +#define WLAN_PROT_CONTACT_VERIFICATION_SIGNAL 27 +#define WLAN_PROT_GDD_ENABLEMENT_REQ 28 +#define WLAN_PROT_GDD_ENABLEMENT_RESP 29 +#define WLAN_PROT_NETWORK_CHANNEL_CONTROL 30 +#define WLAN_PROT_WHITE_SPACE_MAP_ANNOUNCEMENT 31 /* SA Query Action frame (IEEE 802.11w/D8.0, 7.4.9) */ #define WLAN_SA_QUERY_REQUEST 0 @@ -362,10 +590,14 @@ #define WLAN_RRM_NEIGHBOR_REPORT_REQUEST 4 #define WLAN_RRM_NEIGHBOR_REPORT_RESPONSE 5 -/* Radio Measurement capabilities (from RRM Capabilities IE) */ +/* Radio Measurement capabilities (from RM Enabled Capabilities element) + * IEEE Std 802.11-2016, 9.4.2.45, Table 9-157 */ /* byte 1 (out of 5) */ #define WLAN_RRM_CAPS_LINK_MEASUREMENT BIT(0) #define WLAN_RRM_CAPS_NEIGHBOR_REPORT BIT(1) +#define WLAN_RRM_CAPS_BEACON_REPORT_PASSIVE BIT(4) +#define WLAN_RRM_CAPS_BEACON_REPORT_ACTIVE BIT(5) +#define WLAN_RRM_CAPS_BEACON_REPORT_TABLE BIT(6) /* byte 2 (out of 5) */ #define WLAN_RRM_CAPS_LCI_MEASUREMENT BIT(4) /* byte 5 (out of 5) */ @@ -398,16 +630,18 @@ #define INTERWORKING_ANT_TEST 6 #define INTERWORKING_ANT_WILDCARD 15 -/* Advertisement Protocol ID definitions (IEEE Std 802.11u-2011) */ +/* Advertisement Protocol ID definitions (IEEE Std 802.11-2016, Table 9-215) */ enum adv_proto_id { ACCESS_NETWORK_QUERY_PROTOCOL = 0, MIH_INFO_SERVICE = 1, MIH_CMD_AND_EVENT_DISCOVERY = 2, EMERGENCY_ALERT_SYSTEM = 3, + REGISTERED_LOCATION_QUERY_PROTO = 4, ADV_PROTO_VENDOR_SPECIFIC = 221 }; -/* Access Network Query Protocol info ID definitions (IEEE Std 802.11u-2011) */ +/* Access Network Query Protocol info ID definitions (IEEE Std 802.11-2016, + * Table 9-271; P802.11ai) */ enum anqp_info_id { ANQP_QUERY_LIST = 256, ANQP_CAPABILITY_LIST = 257, @@ -426,9 +660,14 @@ enum anqp_info_id { ANQP_TDLS_CAPABILITY = 270, ANQP_EMERGENCY_NAI = 271, ANQP_NEIGHBOR_REPORT = 272, + ANQP_QUERY_AP_LIST = 273, + ANQP_AP_LIST_RESPONSE = 274, + ANQP_FILS_REALM_INFO = 275, + ANQP_CAG = 276, ANQP_VENUE_URL = 277, ANQP_ADVICE_OF_CHARGE = 278, ANQP_LOCAL_CONTENT = 279, + ANQP_NETWORK_AUTH_TYPE_TIMESTAMP = 280, ANQP_VENDOR_SPECIFIC = 56797 }; @@ -505,6 +744,11 @@ enum lci_req_subelem { LCI_REQ_SUBELEM_MAX_AGE = 4, }; +#define FILS_NONCE_LEN 16 +#define FILS_SESSION_LEN 8 +#define FILS_CACHE_ID_LEN 2 +#define FILS_MAX_KEY_AUTH_LEN 48 + #ifdef _MSC_VER #pragma pack(push, 1) #endif /* _MSC_VER */ @@ -678,6 +922,16 @@ struct ieee80211_mgmt { u8 variable[]; } STRUCT_PACKED bss_tm_query; struct { + u8 action; /* 11 */ + u8 dialog_token; + u8 req_info; + } STRUCT_PACKED coloc_intf_req; + struct { + u8 action; /* 12 */ + u8 dialog_token; + u8 variable[]; + } STRUCT_PACKED coloc_intf_report; + struct { u8 action; /* 15 */ u8 variable[]; } STRUCT_PACKED slf_prot_action; @@ -887,6 +1141,7 @@ struct ieee80211_ampe_ie { #define VHT_CAP_SUPP_CHAN_WIDTH_160MHZ ((u32) BIT(2)) #define VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ ((u32) BIT(3)) #define VHT_CAP_SUPP_CHAN_WIDTH_MASK ((u32) BIT(2) | BIT(3)) +#define VHT_CAP_SUPP_CHAN_WIDTH_MASK_SHIFT 2 #define VHT_CAP_RXLDPC ((u32) BIT(4)) #define VHT_CAP_SHORT_GI_80 ((u32) BIT(5)) #define VHT_CAP_SHORT_GI_160 ((u32) BIT(6)) @@ -953,6 +1208,8 @@ struct ieee80211_ampe_ie { #define OSEN_IE_VENDOR_TYPE 0x506f9a12 #define MBO_IE_VENDOR_TYPE 0x506f9a16 #define MBO_OUI_TYPE 22 +#define OWE_IE_VENDOR_TYPE 0x506f9a1c +#define OWE_OUI_TYPE 28 #define WMM_OUI_TYPE 2 #define WMM_OUI_SUBTYPE_INFORMATION_ELEMENT 0 @@ -1072,6 +1329,7 @@ enum wmm_ac { #define HS20_INDICATION_OUI_TYPE 16 #define HS20_ANQP_OUI_TYPE 17 #define HS20_OSEN_OUI_TYPE 18 +#define HS20_ROAMING_CONS_SEL_OUI_TYPE 29 #define HS20_STYPE_QUERY_LIST 1 #define HS20_STYPE_CAPABILITY_LIST 2 #define HS20_STYPE_OPERATOR_FRIENDLY_NAME 3 @@ -1082,21 +1340,27 @@ enum wmm_ac { #define HS20_STYPE_OSU_PROVIDERS_LIST 8 #define HS20_STYPE_ICON_REQUEST 10 #define HS20_STYPE_ICON_BINARY_FILE 11 +#define HS20_STYPE_OPERATOR_ICON_METADATA 12 +#define HS20_STYPE_OSU_PROVIDERS_NAI_LIST 13 #define HS20_DGAF_DISABLED 0x01 #define HS20_PPS_MO_ID_PRESENT 0x02 #define HS20_ANQP_DOMAIN_ID_PRESENT 0x04 +#ifndef HS20_VERSION #define HS20_VERSION 0x10 /* Release 2 */ +#endif /* HS20_VERSION */ /* WNM-Notification WFA vendors specific subtypes */ #define HS20_WNM_SUB_REM_NEEDED 0 #define HS20_WNM_DEAUTH_IMMINENT_NOTICE 1 +#define HS20_WNM_T_C_ACCEPTANCE 2 #define HS20_DEAUTH_REASON_CODE_BSS 0 #define HS20_DEAUTH_REASON_CODE_ESS 1 /* MBO v0.0_r19, 4.2: MBO Attributes */ /* Table 4-5: MBO Attributes */ +/* OCE v0.0.10, Table 4-3: OCE Attributes */ enum mbo_attr_id { MBO_ATTR_ID_AP_CAPA_IND = 1, MBO_ATTR_ID_NON_PREF_CHAN_REPORT = 2, @@ -1106,6 +1370,10 @@ enum mbo_attr_id { MBO_ATTR_ID_TRANSITION_REASON = 6, MBO_ATTR_ID_TRANSITION_REJECT_REASON = 7, MBO_ATTR_ID_ASSOC_RETRY_DELAY = 8, + OCE_ATTR_ID_CAPA_IND = 101, + OCE_ATTR_ID_RSSI_BASED_ASSOC_REJECT = 102, + OCE_ATTR_ID_REDUCED_WAN_METRICS = 103, + OCE_ATTR_ID_RNR_COMPLETENESS = 104, }; /* MBO v0.0_r19, 4.2.1: MBO AP Capability Indication Attribute */ @@ -1180,9 +1448,17 @@ enum wfa_wnm_notif_subelem_id { WFA_WNM_NOTIF_SUBELEM_CELL_DATA_CAPA = 3, }; -/* MBO v0.0_r25, 4.3: MBO ANQP-elements */ +/* MBO v0.0_r27, 4.3: MBO ANQP-elements */ #define MBO_ANQP_OUI_TYPE 0x12 -#define MBO_ANQP_SUBTYPE_CELL_CONN_PREF 1 +#define MBO_ANQP_SUBTYPE_QUERY_LIST 1 +#define MBO_ANQP_SUBTYPE_CELL_CONN_PREF 2 +#define MAX_MBO_ANQP_SUBTYPE MBO_ANQP_SUBTYPE_CELL_CONN_PREF + +/* OCE v0.0.10, 4.2.1: OCE Capability Indication Attribute */ +#define OCE_RELEASE 1 +#define OCE_RELEASE_MASK (BIT(0) | BIT(1) | BIT(2)) +#define OCE_IS_STA_CFON BIT(3) +#define OCE_IS_NON_OCE_AP_PRESENT BIT(4) /* Wi-Fi Direct (P2P) */ @@ -1331,7 +1607,9 @@ enum wifi_display_subelem { WFD_SUBELEM_COUPLED_SINK = 6, WFD_SUBELEM_EXT_CAPAB = 7, WFD_SUBELEM_LOCAL_IP_ADDRESS = 8, - WFD_SUBELEM_SESSION_INFO = 9 + WFD_SUBELEM_SESSION_INFO = 9, + WFD_SUBELEM_MAC_INFO = 10, + WFD_SUBELEM_R2_DEVICE_INFO = 11, }; /* 802.11s */ @@ -1363,41 +1641,6 @@ enum plink_action_field { #define VENDOR_HT_CAPAB_OUI_TYPE 0x33 /* 00-90-4c:0x33 */ -/* cipher suite selectors */ -#define WLAN_CIPHER_SUITE_USE_GROUP 0x000FAC00 -#define WLAN_CIPHER_SUITE_WEP40 0x000FAC01 -#define WLAN_CIPHER_SUITE_TKIP 0x000FAC02 -/* reserved: 0x000FAC03 */ -#define WLAN_CIPHER_SUITE_CCMP 0x000FAC04 -#define WLAN_CIPHER_SUITE_WEP104 0x000FAC05 -#define WLAN_CIPHER_SUITE_AES_CMAC 0x000FAC06 -#define WLAN_CIPHER_SUITE_NO_GROUP_ADDR 0x000FAC07 -#define WLAN_CIPHER_SUITE_GCMP 0x000FAC08 -#define WLAN_CIPHER_SUITE_GCMP_256 0x000FAC09 -#define WLAN_CIPHER_SUITE_CCMP_256 0x000FAC0A -#define WLAN_CIPHER_SUITE_BIP_GMAC_128 0x000FAC0B -#define WLAN_CIPHER_SUITE_BIP_GMAC_256 0x000FAC0C -#define WLAN_CIPHER_SUITE_BIP_CMAC_256 0x000FAC0D - -#define WLAN_CIPHER_SUITE_SMS4 0x00147201 - -#define WLAN_CIPHER_SUITE_CKIP 0x00409600 -#define WLAN_CIPHER_SUITE_CKIP_CMIC 0x00409601 -#define WLAN_CIPHER_SUITE_CMIC 0x00409602 -#define WLAN_CIPHER_SUITE_KRK 0x004096FF /* for nl80211 use only */ - -/* AKM suite selectors */ -#define WLAN_AKM_SUITE_8021X 0x000FAC01 -#define WLAN_AKM_SUITE_PSK 0x000FAC02 -#define WLAN_AKM_SUITE_FT_8021X 0x000FAC03 -#define WLAN_AKM_SUITE_FT_PSK 0x000FAC04 -#define WLAN_AKM_SUITE_8021X_SHA256 0x000FAC05 -#define WLAN_AKM_SUITE_PSK_SHA256 0x000FAC06 -#define WLAN_AKM_SUITE_8021X_SUITE_B 0x000FAC11 -#define WLAN_AKM_SUITE_8021X_SUITE_B_192 0x000FAC12 -#define WLAN_AKM_SUITE_CCKM 0x00409600 -#define WLAN_AKM_SUITE_OSEN 0x506f9a01 - /* IEEE 802.11v - WNM Action field values */ enum wnm_action { @@ -1559,6 +1802,102 @@ struct rrm_link_measurement_report { u8 variable[0]; } STRUCT_PACKED; +/* IEEE Std 802.11-2016, 9.4.2.21 - Measurement Request element */ +struct rrm_measurement_request_element { + u8 eid; /* Element ID */ + u8 len; /* Length */ + u8 token; /* Measurement Token */ + u8 mode; /* Measurement Request Mode */ + u8 type; /* Measurement Type */ + u8 variable[0]; /* Measurement Request */ +} STRUCT_PACKED; + +/* IEEE Std 802.11-2016, Figure 9-148 - Measurement Request Mode field */ +#define MEASUREMENT_REQUEST_MODE_PARALLEL BIT(0) +#define MEASUREMENT_REQUEST_MODE_ENABLE BIT(1) +#define MEASUREMENT_REQUEST_MODE_REQUEST BIT(2) +#define MEASUREMENT_REQUEST_MODE_REPORT BIT(3) +#define MEASUREMENT_REQUEST_MODE_DURATION_MANDATORY BIT(4) + +/* IEEE Std 802.11-2016, 9.4.2.21.7 - Beacon request */ +struct rrm_measurement_beacon_request { + u8 oper_class; /* Operating Class */ + u8 channel; /* Channel Number */ + le16 rand_interval; /* Randomization Interval (in TUs) */ + le16 duration; /* Measurement Duration (in TUs) */ + u8 mode; /* Measurement Mode */ + u8 bssid[ETH_ALEN]; /* BSSID */ + u8 variable[0]; /* Optional Subelements */ +} STRUCT_PACKED; + +/* + * IEEE Std 802.11-2016, Table 9-87 - Measurement Mode definitions for Beacon + * request + */ +enum beacon_report_mode { + BEACON_REPORT_MODE_PASSIVE = 0, + BEACON_REPORT_MODE_ACTIVE = 1, + BEACON_REPORT_MODE_TABLE = 2, +}; + +/* IEEE Std 802.11-2016, Table 9-88 - Beacon Request subelement IDs */ +#define WLAN_BEACON_REQUEST_SUBELEM_SSID 0 +#define WLAN_BEACON_REQUEST_SUBELEM_INFO 1 /* Beacon Reporting */ +#define WLAN_BEACON_REQUEST_SUBELEM_DETAIL 2 /* Reporting Detail */ +#define WLAN_BEACON_REQUEST_SUBELEM_REQUEST 10 +#define WLAN_BEACON_REQUEST_SUBELEM_AP_CHANNEL 51 /* AP Channel Report */ +#define WLAN_BEACON_REQUEST_SUBELEM_VENDOR 221 + +/* + * IEEE Std 802.11-2016, Table 9-90 - Reporting Detail values + */ +enum beacon_report_detail { + /* No fixed-length fields or elements */ + BEACON_REPORT_DETAIL_NONE = 0, + /* All fixed-length fields and any requested elements in the Request + * element if present */ + BEACON_REPORT_DETAIL_REQUESTED_ONLY = 1, + /* All fixed-length fields and elements (default, used when Reporting + * Detail subelement is not included in a Beacon request) */ + BEACON_REPORT_DETAIL_ALL_FIELDS_AND_ELEMENTS = 2, +}; + +/* IEEE Std 802.11-2016, 9.4.2.22 - Measurement Report element */ +struct rrm_measurement_report_element { + u8 eid; /* Element ID */ + u8 len; /* Length */ + u8 token; /* Measurement Token */ + u8 mode; /* Measurement Report Mode */ + u8 type; /* Measurement Type */ + u8 variable[0]; /* Measurement Report */ +} STRUCT_PACKED; + +/* IEEE Std 802.11-2016, Figure 9-192 - Measurement Report Mode field */ +#define MEASUREMENT_REPORT_MODE_ACCEPT 0 +#define MEASUREMENT_REPORT_MODE_REJECT_LATE BIT(0) +#define MEASUREMENT_REPORT_MODE_REJECT_INCAPABLE BIT(1) +#define MEASUREMENT_REPORT_MODE_REJECT_REFUSED BIT(2) + +/* IEEE Std 802.11-2016, 9.4.2.22.7 - Beacon report */ +struct rrm_measurement_beacon_report { + u8 op_class; /* Operating Class */ + u8 channel; /* Channel Number */ + le64 start_time; /* Actual Measurement Start Time + * (in TSF of the BSS requesting the measurement) */ + le16 duration; /* in TUs */ + u8 report_info; /* Reported Frame Information */ + u8 rcpi; /* RCPI */ + u8 rsni; /* RSNI */ + u8 bssid[ETH_ALEN]; /* BSSID */ + u8 antenna_id; /* Antenna ID */ + le32 parent_tsf; /* Parent TSF */ + u8 variable[0]; /* Optional Subelements */ +} STRUCT_PACKED; + +/* IEEE Std 802.11-2016, Table 9-112 - Beacon report Subelement IDs */ +#define WLAN_BEACON_REPORT_SUBELEM_FRAME_BODY 1 +#define WLAN_BEACON_REPORT_SUBELEM_VENDOR 221 + /* IEEE Std 802.11ad-2012 - Multi-band element */ struct multi_band_ie { u8 eid; /* WLAN_EID_MULTI_BAND */ @@ -1660,4 +1999,55 @@ enum nr_chan_width { NR_CHAN_WIDTH_80P80 = 4, }; +struct ieee80211_he_capabilities { + u8 he_mac_capab_info[5]; + u8 he_phy_capab_info[9]; + u8 he_txrx_mcs_support[12]; /* TODO: 4, 8, or 12 octets */ + /* PPE Thresholds (optional) */ +} STRUCT_PACKED; + +struct ieee80211_he_operation { + u32 he_oper_params; + u8 he_mcs_nss_set[2]; + u8 vht_op_info_chwidth; + u8 vht_op_info_chan_center_freq_seg0_idx; + u8 vht_op_info_chan_center_freq_seg1_idx; + /* Followed by conditional MaxBSSID Indicator subfield (u8) */ +} STRUCT_PACKED; + +/* HE Capabilities Information defines */ +#define HE_PHYCAP_SU_BEAMFORMER_CAPAB_IDX 3 +#define HE_PHYCAP_SU_BEAMFORMER_CAPAB ((u8) BIT(7)) +#define HE_PHYCAP_SU_BEAMFORMEE_CAPAB_IDX 4 +#define HE_PHYCAP_SU_BEAMFORMEE_CAPAB ((u8) BIT(0)) +#define HE_PHYCAP_MU_BEAMFORMER_CAPAB_IDX 4 +#define HE_PHYCAP_MU_BEAMFORMER_CAPAB ((u8) BIT(1)) + +/* HE Operation defines */ +#define HE_OPERATION_BSS_COLOR_MASK ((u32) (BIT(0) | BIT(1) | \ + BIT(2) | BIT(3) | \ + BIT(4) | BIT(5))) +#define HE_OPERATION_DFLT_PE_DURATION_MASK ((u32) (BIT(6) | BIT(7) | \ + BIT(8))) +#define HE_OPERATION_DFLT_PE_DURATION_OFFSET 6 +#define HE_OPERATION_TWT_REQUIRED ((u32) BIT(9)) +#define HE_OPERATION_RTS_THRESHOLD_MASK ((u32) (BIT(10) | BIT(11) | \ + BIT(12) | BIT(13) | \ + BIT(14) | BIT(15) | \ + BIT(16) | BIT(17) | \ + BIT(18) | BIT(19))) +#define HE_OPERATION_RTS_THRESHOLD_OFFSET 10 +#define HE_OPERATION_PARTIAL_BSS_COLOR ((u32) BIT(20)) +#define HE_OPERATION_MAX_BSSID_INDICATOR_MASK ((u32) (BIT(21) | BIT(22) | \ + BIT(23) | BIT(24) | \ + BIT(25) | BIT(26) | \ + BIT(27) | BIT(28))) +#define HE_OPERATION_MAX_BSSID_INDICATOR_OFFSET 21 +#define HE_OPERATION_TX_BSSID_INDICATOR ((u32) BIT(29)) +#define HE_OPERATION_BSS_COLOR_DISABLED ((u32) BIT(30)) +#define HE_OPERATION_BSS_DUAL_BEACON ((u32) BIT(31)) + +/* DPP Public Action frame identifiers - OUI_WFA */ +#define DPP_OUI_TYPE 0x1A + #endif /* IEEE802_11_DEFS_H */ diff --git a/contrib/wpa/src/common/ieee802_1x_defs.h b/contrib/wpa/src/common/ieee802_1x_defs.h index a0c1d1bfafc4..e7acff108eb3 100644 --- a/contrib/wpa/src/common/ieee802_1x_defs.h +++ b/contrib/wpa/src/common/ieee802_1x_defs.h @@ -12,6 +12,8 @@ #define CS_ID_LEN 8 #define CS_ID_GCM_AES_128 0x0080020001000001ULL #define CS_NAME_GCM_AES_128 "GCM-AES-128" +#define CS_ID_GCM_AES_256 0x0080c20001000002ULL +#define CS_NAME_GCM_AES_256 "GCM-AES-256" enum macsec_policy { /** @@ -25,6 +27,12 @@ enum macsec_policy { * Disabled MACsec - do not secure sessions. */ DO_NOT_SECURE, + + /** + * Should secure sessions, and try to use encryption. + * Like @SHOULD_SECURE, this follows the key server's decision. + */ + SHOULD_ENCRYPT, }; diff --git a/contrib/wpa/src/common/privsep_commands.h b/contrib/wpa/src/common/privsep_commands.h index 8dff30382b60..b85c6c347a79 100644 --- a/contrib/wpa/src/common/privsep_commands.h +++ b/contrib/wpa/src/common/privsep_commands.h @@ -9,6 +9,7 @@ #ifndef PRIVSEP_COMMANDS_H #define PRIVSEP_COMMANDS_H +#include "drivers/driver.h" #include "common/ieee802_11_defs.h" enum privsep_cmd { @@ -29,8 +30,17 @@ enum privsep_cmd { PRIVSEP_CMD_AUTHENTICATE, }; -struct privsep_cmd_authenticate -{ +#define PRIVSEP_MAX_SCAN_FREQS 50 + +struct privsep_cmd_scan { + unsigned int num_ssids; + u8 ssids[WPAS_MAX_SCAN_SSIDS][32]; + u8 ssid_lens[WPAS_MAX_SCAN_SSIDS]; + unsigned int num_freqs; + u16 freqs[PRIVSEP_MAX_SCAN_FREQS]; +}; + +struct privsep_cmd_authenticate { int freq; u8 bssid[ETH_ALEN]; u8 ssid[SSID_MAX_LEN]; @@ -42,13 +52,12 @@ struct privsep_cmd_authenticate int wep_tx_keyidx; int local_state_change; int p2p; - size_t sae_data_len; + size_t auth_data_len; /* followed by ie_len bytes of ie */ - /* followed by sae_data_len bytes of sae_data */ + /* followed by auth_data_len bytes of auth_data */ }; -struct privsep_cmd_associate -{ +struct privsep_cmd_associate { u8 bssid[ETH_ALEN]; u8 ssid[SSID_MAX_LEN]; size_t ssid_len; @@ -64,8 +73,7 @@ struct privsep_cmd_associate /* followed by wpa_ie_len bytes of wpa_ie */ }; -struct privsep_cmd_set_key -{ +struct privsep_cmd_set_key { int alg; u8 addr[ETH_ALEN]; int key_idx; @@ -84,7 +92,6 @@ enum privsep_event { PRIVSEP_EVENT_MICHAEL_MIC_FAILURE, PRIVSEP_EVENT_INTERFACE_STATUS, PRIVSEP_EVENT_PMKID_CANDIDATE, - PRIVSEP_EVENT_STKSTART, PRIVSEP_EVENT_FT_RESPONSE, PRIVSEP_EVENT_RX_EAPOL, PRIVSEP_EVENT_SCAN_STARTED, diff --git a/contrib/wpa/src/common/qca-vendor.h b/contrib/wpa/src/common/qca-vendor.h index adaec890b58d..7c75d0804553 100644 --- a/contrib/wpa/src/common/qca-vendor.h +++ b/contrib/wpa/src/common/qca-vendor.h @@ -1,6 +1,7 @@ /* * Qualcomm Atheros OUI and vendor specific assignments - * Copyright (c) 2014-2015, Qualcomm Atheros, Inc. + * Copyright (c) 2014-2017, Qualcomm Atheros, Inc. + * Copyright (c) 2018, The Linux Foundation * * This software may be distributed under the terms of the BSD license. * See README for more details. @@ -49,7 +50,10 @@ enum qca_radiotap_vendor_ids { * * @QCA_NL80211_VENDOR_SUBCMD_NAN: NAN command/event which is used to pass * NAN Request/Response and NAN Indication messages. These messages are - * interpreted between the framework and the firmware component. + * interpreted between the framework and the firmware component. While + * sending the command from userspace to the driver, payload is not + * encapsulated inside any attribute. Attribute QCA_WLAN_VENDOR_ATTR_NAN + * is used when receiving vendor events in userspace from the driver. * * @QCA_NL80211_VENDOR_SUBCMD_KEY_MGMT_SET_KEY: Set key operation that can be * used to configure PMK to the driver even when not connected. This can @@ -90,6 +94,75 @@ enum qca_radiotap_vendor_ids { * which supports DFS offloading, to indicate a radar pattern has been * detected. The channel is now unusable. * + * @QCA_NL80211_VENDOR_SUBCMD_GET_LOGGER_FEATURE_SET: Get the feature bitmap + * based on enum wifi_logger_supported_features. Attributes defined in + * enum qca_wlan_vendor_attr_get_logger_features. + * + * @QCA_NL80211_VENDOR_SUBCMD_GET_RING_DATA: Get the ring data from a particular + * logger ring, QCA_WLAN_VENDOR_ATTR_WIFI_LOGGER_RING_ID is passed as the + * attribute for this command. Attributes defined in + * enum qca_wlan_vendor_attr_wifi_logger_start. + * + * @QCA_NL80211_VENDOR_SUBCMD_TDLS_GET_CAPABILITIES: Get the supported TDLS + * capabilities of the driver, parameters includes the attributes defined + * in enum qca_wlan_vendor_attr_tdls_get_capabilities. + * + * @QCA_NL80211_VENDOR_SUBCMD_OFFLOADED_PACKETS: Vendor command used to offload + * sending of certain periodic IP packet to firmware, attributes defined in + * enum qca_wlan_vendor_attr_offloaded_packets. + * + * @QCA_NL80211_VENDOR_SUBCMD_MONITOR_RSSI: Command used to configure RSSI + * monitoring, defines min and max RSSI which are configured for RSSI + * monitoring. Also used to notify the RSSI breach and provides the BSSID + * and RSSI value that was breached. Attributes defined in + * enum qca_wlan_vendor_attr_rssi_monitoring. + * + * @QCA_NL80211_VENDOR_SUBCMD_NDP: Command used for performing various NAN + * Data Path (NDP) related operations, attributes defined in + * enum qca_wlan_vendor_attr_ndp_params. + * + * @QCA_NL80211_VENDOR_SUBCMD_ND_OFFLOAD: Command used to enable/disable + * Neighbour Discovery offload, attributes defined in + * enum qca_wlan_vendor_attr_nd_offload. + * + * @QCA_NL80211_VENDOR_SUBCMD_PACKET_FILTER: Used to set/get the various + * configuration parameter for BPF packet filter, attributes defined in + * enum qca_wlan_vendor_attr_packet_filter. + * + * @QCA_NL80211_VENDOR_SUBCMD_GET_BUS_SIZE: Gets the driver-firmware + * maximum supported size, attributes defined in + * enum qca_wlan_vendor_drv_info. + * + * @QCA_NL80211_VENDOR_SUBCMD_GET_WAKE_REASON_STATS: Command to get various + * data about wake reasons and datapath IP statistics, attributes defined + * in enum qca_wlan_vendor_attr_wake_stats. + * + * @QCA_NL80211_VENDOR_SUBCMD_OCB_SET_CONFIG: Command used to set configuration + * for IEEE 802.11 communicating outside the context of a basic service + * set, called OCB command. Uses the attributes defines in + * enum qca_wlan_vendor_attr_ocb_set_config. + * + * @QCA_NL80211_VENDOR_SUBCMD_OCB_SET_UTC_TIME: Command used to set OCB + * UTC time. Use the attributes defines in + * enum qca_wlan_vendor_attr_ocb_set_utc_time. + * + * @QCA_NL80211_VENDOR_SUBCMD_OCB_START_TIMING_ADVERT: Command used to start + * sending OCB timing advert frames. Uses the attributes defines in + * enum qca_wlan_vendor_attr_ocb_start_timing_advert. + * + * @QCA_NL80211_VENDOR_SUBCMD_OCB_STOP_TIMING_ADVERT: Command used to stop + * OCB timing advert. Uses the attributes defines in + * enum qca_wlan_vendor_attr_ocb_stop_timing_advert. + * + * @QCA_NL80211_VENDOR_SUBCMD_OCB_GET_TSF_TIMER: Command used to get TSF + * timer value. Uses the attributes defines in + * enum qca_wlan_vendor_attr_ocb_get_tsf_resp. + * + * @QCA_NL80211_VENDOR_SUBCMD_LINK_PROPERTIES: Command/event to update the + * link properties of the respective interface. As an event, is used + * to notify the connected station's status. The attributes for this + * command are defined in enum qca_wlan_vendor_attr_link_properties. + * * @QCA_NL80211_VENDOR_SUBCMD_P2P_LISTEN_OFFLOAD_START: Command used to * start the P2P Listen offload function in device and pass the listen * channel, period, interval, count, device types, and vendor specific @@ -164,8 +237,11 @@ enum qca_radiotap_vendor_ids { * * @QCA_NL80211_VENDOR_SUBCMD_AOA_MEAS: Perform a standalone AOA (angle of * arrival) measurement with a single peer. Specify peer MAC address in - * QCA_WLAN_VENDOR_ATTR_MAC_ADDR and measurement type in - * QCA_WLAN_VENDOR_ATTR_AOA_TYPE. Measurement result is reported in + * QCA_WLAN_VENDOR_ATTR_MAC_ADDR and optionally frequency (MHz) in + * QCA_WLAN_VENDOR_ATTR_FREQ (if not specified, locate peer in kernel + * scan results cache and use the frequency from there). + * Also specify measurement type in QCA_WLAN_VENDOR_ATTR_AOA_TYPE. + * Measurement result is reported in * QCA_NL80211_VENDOR_SUBCMD_AOA_MEAS_RESULT event. * * @QCA_NL80211_VENDOR_SUBCMD_AOA_ABORT_MEAS: Abort an AOA measurement. Specify @@ -185,6 +261,244 @@ enum qca_radiotap_vendor_ids { * * @QCA_NL80211_VENDOR_SUBCMD_GET_CHAIN_RSSI: Get antenna RSSI value for a * specific chain. + * + * @QCA_NL80211_VENDOR_SUBCMD_DMG_RF_GET_SECTOR_CFG: Get low level + * configuration for a DMG RF sector. Specify sector index in + * QCA_WLAN_VENDOR_ATTR_DMG_RF_SECTOR_INDEX, sector type in + * QCA_WLAN_VENDOR_ATTR_DMG_RF_SECTOR_TYPE and RF modules + * to return sector information for in + * QCA_WLAN_VENDOR_ATTR_DMG_RF_MODULE_MASK. Returns sector configuration + * in QCA_WLAN_VENDOR_ATTR_DMG_RF_SECTOR_CFG. Also return the + * exact time where information was captured in + * QCA_WLAN_VENDOR_ATTR_TSF. + * + * @QCA_NL80211_VENDOR_SUBCMD_DMG_RF_SET_SECTOR_CFG: Set low level + * configuration for a DMG RF sector. Specify sector index in + * QCA_WLAN_VENDOR_ATTR_DMG_RF_SECTOR_INDEX, sector type in + * QCA_WLAN_VENDOR_ATTR_DMG_RF_SECTOR_TYPE and sector configuration + * for one or more DMG RF modules in + * QCA_WLAN_VENDOR_ATTR_DMG_RF_SECTOR_CFG. + * + * @QCA_NL80211_VENDOR_SUBCMD_DMG_RF_GET_SELECTED_SECTOR: Get selected + * DMG RF sector for a station. This is the sector that the HW + * will use to communicate with the station. Specify the MAC address + * of associated station/AP/PCP in QCA_WLAN_VENDOR_ATTR_MAC_ADDR (not + * needed for unassociated station). Specify sector type to return in + * QCA_WLAN_VENDOR_ATTR_DMG_RF_SECTOR_TYPE. Returns the selected + * sector index in QCA_WLAN_VENDOR_ATTR_DMG_RF_SECTOR_INDEX. + * Also return the exact time where the information was captured + * in QCA_WLAN_VENDOR_ATTR_TSF. + * + * @QCA_NL80211_VENDOR_SUBCMD_DMG_RF_SET_SELECTED_SECTOR: Set the + * selected DMG RF sector for a station. This is the sector that + * the HW will use to communicate with the station. + * Specify the MAC address of associated station/AP/PCP in + * QCA_WLAN_VENDOR_ATTR_MAC_ADDR, the sector type to select in + * QCA_WLAN_VENDOR_ATTR_DMG_RF_SECTOR_TYPE and the sector index + * in QCA_WLAN_VENDOR_ATTR_DMG_RF_SECTOR_INDEX. + * The selected sector will be locked such that it will not be + * modified like it normally does (for example when station + * moves around). To unlock the selected sector for a station + * pass the special value 0xFFFF in the sector index. To unlock + * all connected stations also pass a broadcast MAC address. + * + * @QCA_NL80211_VENDOR_SUBCMD_CONFIGURE_TDLS: Configure the TDLS behavior + * in the host driver. The different TDLS configurations are defined + * by the attributes in enum qca_wlan_vendor_attr_tdls_configuration. + * + * @QCA_NL80211_VENDOR_SUBCMD_GET_HE_CAPABILITIES: Query device IEEE 802.11ax HE + * capabilities. The response uses the attributes defined in + * enum qca_wlan_vendor_attr_get_he_capabilities. + * + * @QCA_NL80211_VENDOR_SUBCMD_ABORT_SCAN: Abort an ongoing vendor scan that was + * started with QCA_NL80211_VENDOR_SUBCMD_TRIGGER_SCAN. This command + * carries the scan cookie of the corresponding scan request. The scan + * cookie is represented by QCA_WLAN_VENDOR_ATTR_SCAN_COOKIE. + * + * @QCA_NL80211_VENDOR_SUBCMD_SET_SAR_LIMITS: Set the Specific + * Absorption Rate (SAR) power limits. A critical regulation for + * FCC compliance, OEMs require methods to set SAR limits on TX + * power of WLAN/WWAN. enum qca_vendor_attr_sar_limits + * attributes are used with this command. + * + * @QCA_NL80211_VENDOR_SUBCMD_EXTERNAL_ACS: This command/event is used by the + * host driver for offloading the implementation of Auto Channel Selection + * (ACS) to an external user space entity. This interface is used as the + * event from the host driver to the user space entity and also as the + * request from the user space entity to the host driver. The event from + * the host driver is used by the user space entity as an indication to + * start the ACS functionality. The attributes used by this event are + * represented by the enum qca_wlan_vendor_attr_external_acs_event. + * User space entity uses the same interface to inform the host driver with + * selected channels after the ACS operation using the attributes defined + * by enum qca_wlan_vendor_attr_external_acs_channels. + * + * @QCA_NL80211_VENDOR_SUBCMD_CHIP_PWRSAVE_FAILURE: Vendor event carrying the + * requisite information leading to a power save failure. The information + * carried as part of this event is represented by the + * enum qca_attr_chip_power_save_failure attributes. + * + * @QCA_NL80211_VENDOR_SUBCMD_NUD_STATS_SET: Start/Stop the NUD statistics + * collection. Uses attributes defined in enum qca_attr_nud_stats_set. + * + * @QCA_NL80211_VENDOR_SUBCMD_NUD_STATS_GET: Get the NUD statistics. These + * statistics are represented by the enum qca_attr_nud_stats_get + * attributes. + * + * @QCA_NL80211_VENDOR_SUBCMD_FETCH_BSS_TRANSITION_STATUS: Sub-command to fetch + * the BSS transition status, whether accept or reject, for a list of + * candidate BSSIDs provided by the userspace. This uses the vendor + * attributes QCA_WLAN_VENDOR_ATTR_BTM_MBO_TRANSITION_REASON and + * QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO. The userspace shall specify + * the attributes QCA_WLAN_VENDOR_ATTR_BTM_MBO_TRANSITION_REASON and an + * array of QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO_BSSID nested in + * QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO in the request. In the response + * the driver shall specify array of + * QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO_BSSID and + * QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO_STATUS pairs nested in + * QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO. + * + * @QCA_NL80211_VENDOR_SUBCMD_SET_TRACE_LEVEL: Set the trace level for a + * specific QCA module. The trace levels are represented by + * enum qca_attr_trace_level attributes. + * + * @QCA_NL80211_VENDOR_SUBCMD_BRP_SET_ANT_LIMIT: Set the Beam Refinement + * Protocol antenna limit in different modes. See enum + * qca_wlan_vendor_attr_brp_ant_limit_mode. + * + * @QCA_NL80211_VENDOR_SUBCMD_SPECTRAL_SCAN_START: Start spectral scan. The scan + * parameters are specified by enum qca_wlan_vendor_attr_spectral_scan. + * This returns a cookie (%QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_COOKIE) + * identifying the operation in success case. + * + * @QCA_NL80211_VENDOR_SUBCMD_SPECTRAL_SCAN_STOP: Stop spectral scan. This uses + * a cookie (%QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_COOKIE) from + * @QCA_NL80211_VENDOR_SUBCMD_SPECTRAL_SCAN_START to identify the scan to + * be stopped. + * + * @QCA_NL80211_VENDOR_SUBCMD_ACTIVE_TOS: Set the active Type Of Service on the + * specific interface. This can be used to modify some of the low level + * scan parameters (off channel dwell time, home channel time) in the + * driver/firmware. These parameters are maintained within the host driver. + * This command is valid only when the interface is in the connected state. + * These scan parameters shall be reset by the driver/firmware once + * disconnected. The attributes used with this command are defined in + * enum qca_wlan_vendor_attr_active_tos. + * + * @QCA_NL80211_VENDOR_SUBCMD_HANG: Event indicating to the user space that the + * driver has detected an internal failure. This event carries the + * information indicating the reason that triggered this detection. The + * attributes for this command are defined in + * enum qca_wlan_vendor_attr_hang. + * + * @QCA_NL80211_VENDOR_SUBCMD_SPECTRAL_SCAN_GET_CONFIG: Get the current values + * of spectral parameters used. The spectral scan parameters are specified + * by enum qca_wlan_vendor_attr_spectral_scan. + * + * @QCA_NL80211_VENDOR_SUBCMD_SPECTRAL_SCAN_GET_DIAG_STATS: Get the debug stats + * for spectral scan functionality. The debug stats are specified by + * enum qca_wlan_vendor_attr_spectral_diag_stats. + * + * @QCA_NL80211_VENDOR_SUBCMD_SPECTRAL_SCAN_GET_CAP_INFO: Get spectral + * scan system capabilities. The capabilities are specified + * by enum qca_wlan_vendor_attr_spectral_cap. + * + * @QCA_NL80211_VENDOR_SUBCMD_SPECTRAL_SCAN_GET_STATUS: Get the current + * status of spectral scan. The status values are specified + * by enum qca_wlan_vendor_attr_spectral_scan_status. + * + * @QCA_NL80211_VENDOR_SUBCMD_PEER_FLUSH_PENDING: Sub-command to flush + * peer pending packets. Specify the peer MAC address in + * QCA_WLAN_VENDOR_ATTR_PEER_ADDR and the access category of the packets + * in QCA_WLAN_VENDOR_ATTR_AC. The attributes are listed + * in enum qca_wlan_vendor_attr_flush_pending. + * + * @QCA_NL80211_VENDOR_SUBCMD_GET_RROP_INFO: Get vendor specific Representative + * RF Operating Parameter (RROP) information. The attributes for this + * information are defined in enum qca_wlan_vendor_attr_rrop_info. This is + * intended for use by external Auto Channel Selection applications. + * + * @QCA_NL80211_VENDOR_SUBCMD_GET_SAR_LIMITS: Get the Specific Absorption Rate + * (SAR) power limits. This is a companion to the command + * @QCA_NL80211_VENDOR_SUBCMD_SET_SAR_LIMITS and is used to retrieve the + * settings currently in use. The attributes returned by this command are + * defined by enum qca_vendor_attr_sar_limits. + * + * @QCA_NL80211_VENDOR_SUBCMD_WLAN_MAC_INFO: Provides the current behavior of + * the WLAN hardware MAC. Also, provides the WLAN netdev interface + * information attached to the respective MAC. + * This works both as a query (user space asks the current mode) or event + * interface (driver advertising the current mode to the user space). + * Driver does not trigger this event for temporary hardware mode changes. + * Mode changes w.r.t Wi-Fi connection update (VIZ creation / deletion, + * channel change, etc.) are updated with this event. Attributes for this + * interface are defined in enum qca_wlan_vendor_attr_mac. + * + * @QCA_NL80211_VENDOR_SUBCMD_SET_QDEPTH_THRESH: Set MSDU queue depth threshold + * per peer per TID. Attributes for this command are define in + * enum qca_wlan_set_qdepth_thresh_attr. + * @QCA_NL80211_VENDOR_SUBCMD_THERMAL_CMD: Provides the thermal shutdown action + * guide for WLAN driver. Request to suspend of driver and FW if the + * temperature is higher than the suspend threshold; resume action is + * requested to driver if the temperature is lower than the resume + * threshold. In user poll mode, request temperature data by user. For test + * purpose, getting thermal shutdown configuration parameters is needed. + * Attributes for this interface are defined in + * enum qca_wlan_vendor_attr_thermal_cmd. + * @QCA_NL80211_VENDOR_SUBCMD_THERMAL_EVENT: Thermal events reported from + * driver. Thermal temperature and indication of resume completion are + * reported as thermal events. The attributes for this command are defined + * in enum qca_wlan_vendor_attr_thermal_event. + * + * @QCA_NL80211_VENDOR_SUBCMD_WIFI_TEST_CONFIGURATION: Sub command to set WiFi + * test configuration. Attributes for this command are defined in + * enum qca_wlan_vendor_attr_wifi_test_config. + * + * @QCA_NL80211_VENDOR_SUBCMD_BSS_FILTER: This command is used to configure an + * RX filter to receive frames from stations that are active on the + * operating channel, but not associated with the local device (e.g., STAs + * associated with other APs). Filtering is done based on a list of BSSIDs + * and STA MAC addresses added by the user. This command is also used to + * fetch the statistics of unassociated stations. The attributes used with + * this command are defined in enum qca_wlan_vendor_attr_bss_filter. + * + * @QCA_NL80211_VENDOR_SUBCMD_NAN_EXT: An extendable version of NAN vendor + * command. The earlier command for NAN, QCA_NL80211_VENDOR_SUBCMD_NAN, + * carried a payload which was a binary blob of data. The command was not + * extendable to send more information. The newer version carries the + * legacy blob encapsulated within an attribute and can be extended with + * additional vendor attributes that can enhance the NAN command interface. + * @QCA_NL80211_VENDOR_SUBCMD_ROAM_SCAN_EVENT: Event to indicate scan triggered + * or stopped within driver/firmware in order to initiate roaming. The + * attributes used with this event are defined in enum + * qca_wlan_vendor_attr_roam_scan. Some drivers may not send these events + * in few cases, e.g., if the host processor is sleeping when this event + * is generated in firmware. + * + * @QCA_NL80211_VENDOR_SUBCMD_PEER_CFR_CAPTURE_CFG: This command is used to + * configure parameters per peer to capture Channel Frequency Response + * (CFR) and enable Periodic CFR capture. The attributes for this command + * are defined in enum qca_wlan_vendor_peer_cfr_capture_attr. + * + * @QCA_NL80211_VENDOR_SUBCMD_THROUGHPUT_CHANGE_EVENT: Event to indicate changes + * in throughput dynamically. The driver estimates the throughput based on + * number of packets being transmitted/received per second and indicates + * the changes in throughput to user space. Userspace tools can use this + * information to configure kernel's TCP parameters in order to achieve + * peak throughput. Optionally, the driver will also send guidance on + * modifications to kernel's TCP parameters which can be referred by + * userspace tools. The attributes used with this event are defined in enum + * qca_wlan_vendor_attr_throughput_change. + * + * @QCA_NL80211_VENDOR_SUBCMD_COEX_CONFIG: This command is used to set + * priorities among different types of traffic during coex scenarios. + * Current supported prioritization is among WLAN/BT/ZIGBEE with different + * profiles mentioned in enum qca_coex_config_profiles. The associated + * attributes used with this command are defined in enum + * qca_vendor_attr_coex_config. + * + * Based on the config provided, FW will boost the weight and prioritize + * the traffic for that subsystem (WLAN/BT/Zigbee). */ enum qca_nl80211_vendor_subcmds { QCA_NL80211_VENDOR_SUBCMD_UNSPEC = 0, @@ -194,7 +508,7 @@ enum qca_nl80211_vendor_subcmds { QCA_NL80211_VENDOR_SUBCMD_AVOID_FREQUENCY = 10, QCA_NL80211_VENDOR_SUBCMD_DFS_CAPABILITY = 11, QCA_NL80211_VENDOR_SUBCMD_NAN = 12, - QCA_NL80211_VENDOR_SUBMCD_STATS_EXT = 13, + QCA_NL80211_VENDOR_SUBCMD_STATS_EXT = 13, QCA_NL80211_VENDOR_SUBCMD_LL_STATS_SET = 14, QCA_NL80211_VENDOR_SUBCMD_LL_STATS_GET = 15, QCA_NL80211_VENDOR_SUBCMD_LL_STATS_CLR = 16, @@ -236,11 +550,33 @@ enum qca_nl80211_vendor_subcmds { QCA_NL80211_VENDOR_SUBCMD_DFS_OFFLOAD_CAC_ABORTED = 58, QCA_NL80211_VENDOR_SUBCMD_DFS_OFFLOAD_CAC_NOP_FINISHED = 59, QCA_NL80211_VENDOR_SUBCMD_DFS_OFFLOAD_RADAR_DETECTED = 60, - /* 61-73 - reserved for QCA */ + QCA_NL80211_VENDOR_SUBCMD_GET_WIFI_INFO = 61, + QCA_NL80211_VENDOR_SUBCMD_WIFI_LOGGER_START = 62, + QCA_NL80211_VENDOR_SUBCMD_WIFI_LOGGER_MEMORY_DUMP = 63, + QCA_NL80211_VENDOR_SUBCMD_ROAM = 64, + QCA_NL80211_VENDOR_SUBCMD_GSCAN_SET_SSID_HOTLIST = 65, + QCA_NL80211_VENDOR_SUBCMD_GSCAN_RESET_SSID_HOTLIST = 66, + QCA_NL80211_VENDOR_SUBCMD_GSCAN_HOTLIST_SSID_FOUND = 67, + QCA_NL80211_VENDOR_SUBCMD_GSCAN_HOTLIST_SSID_LOST = 68, + QCA_NL80211_VENDOR_SUBCMD_PNO_SET_LIST = 69, + QCA_NL80211_VENDOR_SUBCMD_PNO_SET_PASSPOINT_LIST = 70, + QCA_NL80211_VENDOR_SUBCMD_PNO_RESET_PASSPOINT_LIST = 71, + QCA_NL80211_VENDOR_SUBCMD_PNO_NETWORK_FOUND = 72, + QCA_NL80211_VENDOR_SUBCMD_PNO_PASSPOINT_NETWORK_FOUND = 73, /* Wi-Fi configuration subcommands */ QCA_NL80211_VENDOR_SUBCMD_SET_WIFI_CONFIGURATION = 74, QCA_NL80211_VENDOR_SUBCMD_GET_WIFI_CONFIGURATION = 75, - /* 76-90 - reserved for QCA */ + QCA_NL80211_VENDOR_SUBCMD_GET_LOGGER_FEATURE_SET = 76, + QCA_NL80211_VENDOR_SUBCMD_GET_RING_DATA = 77, + QCA_NL80211_VENDOR_SUBCMD_TDLS_GET_CAPABILITIES = 78, + QCA_NL80211_VENDOR_SUBCMD_OFFLOADED_PACKETS = 79, + QCA_NL80211_VENDOR_SUBCMD_MONITOR_RSSI = 80, + QCA_NL80211_VENDOR_SUBCMD_NDP = 81, + QCA_NL80211_VENDOR_SUBCMD_ND_OFFLOAD = 82, + QCA_NL80211_VENDOR_SUBCMD_PACKET_FILTER = 83, + QCA_NL80211_VENDOR_SUBCMD_GET_BUS_SIZE = 84, + QCA_NL80211_VENDOR_SUBCMD_GET_WAKE_REASON_STATS = 85, + /* 86-90 - reserved for QCA */ QCA_NL80211_VENDOR_SUBCMD_DATA_OFFLOAD = 91, QCA_NL80211_VENDOR_SUBCMD_OCB_SET_CONFIG = 92, QCA_NL80211_VENDOR_SUBCMD_OCB_SET_UTC_TIME = 93, @@ -285,21 +621,66 @@ enum qca_nl80211_vendor_subcmds { QCA_NL80211_VENDOR_SUBCMD_AOA_MEAS_RESULT = 136, QCA_NL80211_VENDOR_SUBCMD_ENCRYPTION_TEST = 137, QCA_NL80211_VENDOR_SUBCMD_GET_CHAIN_RSSI = 138, + /* DMG low level RF sector operations */ + QCA_NL80211_VENDOR_SUBCMD_DMG_RF_GET_SECTOR_CFG = 139, + QCA_NL80211_VENDOR_SUBCMD_DMG_RF_SET_SECTOR_CFG = 140, + QCA_NL80211_VENDOR_SUBCMD_DMG_RF_GET_SELECTED_SECTOR = 141, + QCA_NL80211_VENDOR_SUBCMD_DMG_RF_SET_SELECTED_SECTOR = 142, + QCA_NL80211_VENDOR_SUBCMD_CONFIGURE_TDLS = 143, + QCA_NL80211_VENDOR_SUBCMD_GET_HE_CAPABILITIES = 144, + QCA_NL80211_VENDOR_SUBCMD_ABORT_SCAN = 145, + QCA_NL80211_VENDOR_SUBCMD_SET_SAR_LIMITS = 146, + QCA_NL80211_VENDOR_SUBCMD_EXTERNAL_ACS = 147, + QCA_NL80211_VENDOR_SUBCMD_CHIP_PWRSAVE_FAILURE = 148, + QCA_NL80211_VENDOR_SUBCMD_NUD_STATS_SET = 149, + QCA_NL80211_VENDOR_SUBCMD_NUD_STATS_GET = 150, + QCA_NL80211_VENDOR_SUBCMD_FETCH_BSS_TRANSITION_STATUS = 151, + QCA_NL80211_VENDOR_SUBCMD_SET_TRACE_LEVEL = 152, + QCA_NL80211_VENDOR_SUBCMD_BRP_SET_ANT_LIMIT = 153, + QCA_NL80211_VENDOR_SUBCMD_SPECTRAL_SCAN_START = 154, + QCA_NL80211_VENDOR_SUBCMD_SPECTRAL_SCAN_STOP = 155, + QCA_NL80211_VENDOR_SUBCMD_ACTIVE_TOS = 156, + QCA_NL80211_VENDOR_SUBCMD_HANG = 157, + QCA_NL80211_VENDOR_SUBCMD_SPECTRAL_SCAN_GET_CONFIG = 158, + QCA_NL80211_VENDOR_SUBCMD_SPECTRAL_SCAN_GET_DIAG_STATS = 159, + QCA_NL80211_VENDOR_SUBCMD_SPECTRAL_SCAN_GET_CAP_INFO = 160, + QCA_NL80211_VENDOR_SUBCMD_SPECTRAL_SCAN_GET_STATUS = 161, + /* Flush peer pending data */ + QCA_NL80211_VENDOR_SUBCMD_PEER_FLUSH_PENDING = 162, + QCA_NL80211_VENDOR_SUBCMD_GET_RROP_INFO = 163, + QCA_NL80211_VENDOR_SUBCMD_GET_SAR_LIMITS = 164, + QCA_NL80211_VENDOR_SUBCMD_WLAN_MAC_INFO = 165, + QCA_NL80211_VENDOR_SUBCMD_SET_QDEPTH_THRESH = 166, + /* Thermal shutdown commands to protect wifi chip */ + QCA_NL80211_VENDOR_SUBCMD_THERMAL_CMD = 167, + QCA_NL80211_VENDOR_SUBCMD_THERMAL_EVENT = 168, + /* Wi-Fi test configuration subcommand */ + QCA_NL80211_VENDOR_SUBCMD_WIFI_TEST_CONFIGURATION = 169, + /* Frame filter operations for other BSSs/unassociated STAs */ + QCA_NL80211_VENDOR_SUBCMD_BSS_FILTER = 170, + QCA_NL80211_VENDOR_SUBCMD_NAN_EXT = 171, + QCA_NL80211_VENDOR_SUBCMD_ROAM_SCAN_EVENT = 172, + QCA_NL80211_VENDOR_SUBCMD_PEER_CFR_CAPTURE_CFG = 173, + QCA_NL80211_VENDOR_SUBCMD_THROUGHPUT_CHANGE_EVENT = 174, + QCA_NL80211_VENDOR_SUBCMD_COEX_CONFIG = 175, }; - enum qca_wlan_vendor_attr { QCA_WLAN_VENDOR_ATTR_INVALID = 0, /* used by QCA_NL80211_VENDOR_SUBCMD_DFS_CAPABILITY */ QCA_WLAN_VENDOR_ATTR_DFS = 1, - /* used by QCA_NL80211_VENDOR_SUBCMD_NAN */ + /* Used only when driver sends vendor events to the userspace under the + * command QCA_NL80211_VENDOR_SUBCMD_NAN. Not used when userspace sends + * commands to the driver. + */ QCA_WLAN_VENDOR_ATTR_NAN = 2, /* used by QCA_NL80211_VENDOR_SUBCMD_STATS_EXT */ QCA_WLAN_VENDOR_ATTR_STATS_EXT = 3, /* used by QCA_NL80211_VENDOR_SUBCMD_STATS_EXT */ QCA_WLAN_VENDOR_ATTR_IFINDEX = 4, /* used by QCA_NL80211_VENDOR_SUBCMD_ROAMING, u32 with values defined - * by enum qca_roaming_policy. */ + * by enum qca_roaming_policy. + */ QCA_WLAN_VENDOR_ATTR_ROAMING_POLICY = 5, QCA_WLAN_VENDOR_ATTR_MAC_ADDR = 6, /* used by QCA_NL80211_VENDOR_SUBCMD_GET_FEATURES */ @@ -387,17 +768,87 @@ enum qca_wlan_vendor_attr { QCA_WLAN_VENDOR_ATTR_AOA_MEAS_RESULT = 25, /* Used in QCA_NL80211_VENDOR_SUBCMD_GET_CHAIN_RSSI command * to specify the chain number (unsigned 32 bit value) to inquire - * the corresponding antenna RSSI value */ + * the corresponding antenna RSSI value + */ QCA_WLAN_VENDOR_ATTR_CHAIN_INDEX = 26, /* Used in QCA_NL80211_VENDOR_SUBCMD_GET_CHAIN_RSSI command - * to report the specific antenna RSSI value (unsigned 32 bit value) */ + * to report the specific antenna RSSI value (unsigned 32 bit value) + */ QCA_WLAN_VENDOR_ATTR_CHAIN_RSSI = 27, + /* Frequency in MHz, various uses. Unsigned 32 bit value */ + QCA_WLAN_VENDOR_ATTR_FREQ = 28, + /* TSF timer value, unsigned 64 bit value. + * May be returned by various commands. + */ + QCA_WLAN_VENDOR_ATTR_TSF = 29, + /* DMG RF sector index, unsigned 16 bit number. Valid values are + * 0..127 for sector indices or 65535 as special value used to + * unlock sector selection in + * QCA_NL80211_VENDOR_SUBCMD_DMG_RF_SET_SELECTED_SECTOR. + */ + QCA_WLAN_VENDOR_ATTR_DMG_RF_SECTOR_INDEX = 30, + /* DMG RF sector type, unsigned 8 bit value. One of the values + * in enum qca_wlan_vendor_attr_dmg_rf_sector_type. + */ + QCA_WLAN_VENDOR_ATTR_DMG_RF_SECTOR_TYPE = 31, + /* Bitmask of DMG RF modules for which information is requested. Each + * bit corresponds to an RF module with the same index as the bit + * number. Unsigned 32 bit number but only low 8 bits can be set since + * all DMG chips currently have up to 8 RF modules. + */ + QCA_WLAN_VENDOR_ATTR_DMG_RF_MODULE_MASK = 32, + /* Array of nested attributes where each entry is DMG RF sector + * configuration for a single RF module. + * Attributes for each entry are taken from enum + * qca_wlan_vendor_attr_dmg_rf_sector_cfg. + * Specified in QCA_NL80211_VENDOR_SUBCMD_DMG_RF_SET_SECTOR_CFG + * and returned by QCA_NL80211_VENDOR_SUBCMD_DMG_RF_GET_SECTOR_CFG. + */ + QCA_WLAN_VENDOR_ATTR_DMG_RF_SECTOR_CFG = 33, + /* Used in QCA_NL80211_VENDOR_SUBCMD_STATS_EXT command + * to report frame aggregation statistics to userspace. + */ + QCA_WLAN_VENDOR_ATTR_RX_AGGREGATION_STATS_HOLES_NUM = 34, + QCA_WLAN_VENDOR_ATTR_RX_AGGREGATION_STATS_HOLES_INFO = 35, + /* Unsigned 8-bit value representing MBO transition reason code as + * provided by the AP used by subcommand + * QCA_NL80211_VENDOR_SUBCMD_FETCH_BSS_TRANSITION_STATUS. This is + * specified by the userspace in the request to the driver. + */ + QCA_WLAN_VENDOR_ATTR_BTM_MBO_TRANSITION_REASON = 36, + /* Array of nested attributes, BSSID and status code, used by subcommand + * QCA_NL80211_VENDOR_SUBCMD_FETCH_BSS_TRANSITION_STATUS, where each + * entry is taken from enum qca_wlan_vendor_attr_btm_candidate_info. + * The userspace space specifies the list/array of candidate BSSIDs in + * the order of preference in the request. The driver specifies the + * status code, for each BSSID in the list, in the response. The + * acceptable candidates are listed in the order preferred by the + * driver. + */ + QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO = 37, + /* Used in QCA_NL80211_VENDOR_SUBCMD_BRP_SET_ANT_LIMIT command + * See enum qca_wlan_vendor_attr_brp_ant_limit_mode. + */ + QCA_WLAN_VENDOR_ATTR_BRP_ANT_LIMIT_MODE = 38, + /* Used in QCA_NL80211_VENDOR_SUBCMD_BRP_SET_ANT_LIMIT command + * to define the number of antennas to use for BRP. + * different purpose in each ANT_LIMIT_MODE: + * DISABLE - ignored + * EFFECTIVE - upper limit to number of antennas to be used + * FORCE - exact number of antennas to be used + * unsigned 8 bit value + */ + QCA_WLAN_VENDOR_ATTR_BRP_ANT_NUM_LIMIT = 39, + /* Used in QCA_NL80211_VENDOR_SUBCMD_GET_CHAIN_RSSI command + * to report the corresponding antenna index to the chain RSSI value + */ + QCA_WLAN_VENDOR_ATTR_ANTENNA_INFO = 40, + /* keep last */ QCA_WLAN_VENDOR_ATTR_AFTER_LAST, QCA_WLAN_VENDOR_ATTR_MAX = QCA_WLAN_VENDOR_ATTR_AFTER_LAST - 1, }; - enum qca_roaming_policy { QCA_ROAMING_NOT_ALLOWED, QCA_ROAMING_ALLOWED_WITHIN_ESS, @@ -413,6 +864,38 @@ enum qca_wlan_vendor_attr_roam_auth { QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_PTK_KCK, QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_PTK_KEK, QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_SUBNET_STATUS, + /* Indicates the status of re-association requested by user space for + * the BSSID specified by QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_BSSID. + * Type u16. + * Represents the status code from AP. Use + * %WLAN_STATUS_UNSPECIFIED_FAILURE if the device cannot give you the + * real status code for failures. + */ + QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_STATUS, + /* This attribute indicates that the old association was maintained when + * a re-association is requested by user space and that re-association + * attempt fails (i.e., cannot connect to the requested BSS, but can + * remain associated with the BSS with which the association was in + * place when being requested to roam). Used along with + * WLAN_VENDOR_ATTR_ROAM_AUTH_STATUS to indicate the current + * re-association status. Type flag. + * This attribute is applicable only for re-association failure cases. + */ + QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_RETAIN_CONNECTION, + /* This attribute specifies the PMK if one was newly generated during + * FILS roaming. This is added to the PMKSA cache and is used in + * subsequent connections with PMKSA caching. + */ + QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_PMK = 11, + /* This attribute specifies the PMKID used/generated for the current + * FILS roam. This is used in subsequent connections with PMKSA caching. + */ + QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_PMKID = 12, + /* A 16-bit unsigned value specifying the next sequence number to use + * in ERP message in the currently associated realm. This is used in + * doing subsequent ERP based connections in the same realm. + */ + QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_FILS_ERP_NEXT_SEQ_NUM = 13, /* keep last */ QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_AFTER_LAST, QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_MAX = @@ -493,13 +976,24 @@ enum qca_wlan_vendor_acs_hw_mode { * @QCA_WLAN_VENDOR_FEATURE_SUPPORT_HW_MODE_ANY: Device supports automatic * band selection based on channel selection results. * @QCA_WLAN_VENDOR_FEATURE_OFFCHANNEL_SIMULTANEOUS: Device supports - * simultaneous off-channel operations. + * simultaneous off-channel operations. * @QCA_WLAN_VENDOR_FEATURE_P2P_LISTEN_OFFLOAD: Device supports P2P * Listen offload; a mechanism where the station's firmware takes care of * responding to incoming Probe Request frames received from other P2P * Devices whilst in Listen state, rather than having the user space * wpa_supplicant do it. Information from received P2P requests are * forwarded from firmware to host whenever the host processor wakes up. + * @QCA_WLAN_VENDOR_FEATURE_OCE_STA: Device supports all OCE non-AP STA + * specific features. + * @QCA_WLAN_VENDOR_FEATURE_OCE_AP: Device supports all OCE AP specific + * features. + * @QCA_WLAN_VENDOR_FEATURE_OCE_STA_CFON: Device supports OCE STA-CFON + * specific features only. If a Device sets this bit but not the + * %QCA_WLAN_VENDOR_FEATURE_OCE_AP, the userspace shall assume that + * this Device may not support all OCE AP functionalities but can support + * only OCE STA-CFON functionalities. + * @QCA_WLAN_VENDOR_FEATURE_SELF_MANAGED_REGULATORY: Device supports self + * managed regulatory. * @NUM_QCA_WLAN_VENDOR_FEATURES: Number of assigned feature bits */ enum qca_wlan_vendor_features { @@ -507,6 +1001,10 @@ enum qca_wlan_vendor_features { QCA_WLAN_VENDOR_FEATURE_SUPPORT_HW_MODE_ANY = 1, QCA_WLAN_VENDOR_FEATURE_OFFCHANNEL_SIMULTANEOUS = 2, QCA_WLAN_VENDOR_FEATURE_P2P_LISTEN_OFFLOAD = 3, + QCA_WLAN_VENDOR_FEATURE_OCE_STA = 4, + QCA_WLAN_VENDOR_FEATURE_OCE_AP = 5, + QCA_WLAN_VENDOR_FEATURE_OCE_STA_CFON = 6, + QCA_WLAN_VENDOR_FEATURE_SELF_MANAGED_REGULATORY = 7, NUM_QCA_WLAN_VENDOR_FEATURES /* keep last */ }; @@ -532,6 +1030,112 @@ enum qca_wlan_vendor_attr_data_offload_ind { QCA_WLAN_VENDOR_ATTR_DATA_OFFLOAD_IND_AFTER_LAST - 1 }; +/** + * enum qca_wlan_vendor_attr_ocb_set_config - Vendor subcmd attributes to set + * OCB config + * + * @QCA_WLAN_VENDOR_ATTR_OCB_SET_CONFIG_CHANNEL_COUNT: Number of channels in the + * configuration + * @QCA_WLAN_VENDOR_ATTR_OCB_SET_CONFIG_SCHEDULE_SIZE: Size of the schedule + * @QCA_WLAN_VENDOR_ATTR_OCB_SET_CONFIG_CHANNEL_ARRAY: Array of channels + * @QCA_WLAN_VENDOR_ATTR_OCB_SET_CONFIG_SCHEDULE_ARRAY: Array of channels to be + * scheduled + * @QCA_WLAN_VENDOR_ATTR_OCB_SET_CONFIG_NDL_CHANNEL_ARRAY: Array of NDL channel + * information + * @QCA_WLAN_VENDOR_ATTR_OCB_SET_CONFIG_NDL_ACTIVE_STATE_ARRAY: Array of NDL + * active state configuration + * @QCA_WLAN_VENDOR_ATTR_OCB_SET_CONFIG_FLAGS: Configuration flags such as + * OCB_CONFIG_FLAG_80211_FRAME_MODE + * @QCA_WLAN_VENDOR_ATTR_OCB_SET_CONFIG_DEF_TX_PARAM: Default TX parameters to + * use in the case that a packet is sent without a TX control header + * @QCA_WLAN_VENDOR_ATTR_OCB_SET_CONFIG_TA_MAX_DURATION: Max duration after the + * last TA received that the local time set by TA is synchronous to other + * communicating OCB STAs. + */ +enum qca_wlan_vendor_attr_ocb_set_config { + QCA_WLAN_VENDOR_ATTR_OCB_SET_CONFIG_INVALID = 0, + QCA_WLAN_VENDOR_ATTR_OCB_SET_CONFIG_CHANNEL_COUNT = 1, + QCA_WLAN_VENDOR_ATTR_OCB_SET_CONFIG_SCHEDULE_SIZE = 2, + QCA_WLAN_VENDOR_ATTR_OCB_SET_CONFIG_CHANNEL_ARRAY = 3, + QCA_WLAN_VENDOR_ATTR_OCB_SET_CONFIG_SCHEDULE_ARRAY = 4, + QCA_WLAN_VENDOR_ATTR_OCB_SET_CONFIG_NDL_CHANNEL_ARRAY = 5, + QCA_WLAN_VENDOR_ATTR_OCB_SET_CONFIG_NDL_ACTIVE_STATE_ARRAY = 6, + QCA_WLAN_VENDOR_ATTR_OCB_SET_CONFIG_FLAGS = 7, + QCA_WLAN_VENDOR_ATTR_OCB_SET_CONFIG_DEF_TX_PARAM = 8, + QCA_WLAN_VENDOR_ATTR_OCB_SET_CONFIG_TA_MAX_DURATION = 9, + QCA_WLAN_VENDOR_ATTR_OCB_SET_CONFIG_AFTER_LAST, + QCA_WLAN_VENDOR_ATTR_OCB_SET_CONFIG_MAX = + QCA_WLAN_VENDOR_ATTR_OCB_SET_CONFIG_AFTER_LAST - 1 +}; + +/** + * enum qca_wlan_vendor_attr_ocb_set_utc_time - Vendor subcmd attributes to set + * UTC time + * + * @QCA_WLAN_VENDOR_ATTR_OCB_SET_UTC_TIME_VALUE: The UTC time as an array of + * 10 bytes + * @QCA_WLAN_VENDOR_ATTR_OCB_SET_UTC_TIME_ERROR: The time error as an array of + * 5 bytes + */ +enum qca_wlan_vendor_attr_ocb_set_utc_time { + QCA_WLAN_VENDOR_ATTR_OCB_SET_UTC_TIME_INVALID = 0, + QCA_WLAN_VENDOR_ATTR_OCB_SET_UTC_TIME_VALUE = 1, + QCA_WLAN_VENDOR_ATTR_OCB_SET_UTC_TIME_ERROR = 2, + QCA_WLAN_VENDOR_ATTR_OCB_SET_UTC_TIME_AFTER_LAST, + QCA_WLAN_VENDOR_ATTR_OCB_SET_UTC_TIME_MAX = + QCA_WLAN_VENDOR_ATTR_OCB_SET_UTC_TIME_AFTER_LAST - 1 +}; + +/** + * enum qca_wlan_vendor_attr_ocb_start_timing_advert - Vendor subcmd attributes + * to start sending timing advert frames + * + * @QCA_WLAN_VENDOR_ATTR_OCB_START_TIMING_ADVERT_CHANNEL_FREQ: Cannel frequency + * on which to send the frames + * @QCA_WLAN_VENDOR_ATTR_OCB_START_TIMING_ADVERT_REPEAT_RATE: Number of times + * the frame is sent in 5 seconds + */ +enum qca_wlan_vendor_attr_ocb_start_timing_advert { + QCA_WLAN_VENDOR_ATTR_OCB_START_TIMING_ADVERT_INVALID = 0, + QCA_WLAN_VENDOR_ATTR_OCB_START_TIMING_ADVERT_CHANNEL_FREQ = 1, + QCA_WLAN_VENDOR_ATTR_OCB_START_TIMING_ADVERT_REPEAT_RATE = 2, + QCA_WLAN_VENDOR_ATTR_OCB_START_TIMING_ADVERT_AFTER_LAST, + QCA_WLAN_VENDOR_ATTR_OCB_START_TIMING_ADVERT_MAX = + QCA_WLAN_VENDOR_ATTR_OCB_START_TIMING_ADVERT_AFTER_LAST - 1 +}; + +/** + * enum qca_wlan_vendor_attr_ocb_stop_timing_advert - Vendor subcmd attributes + * to stop timing advert + * + * @QCA_WLAN_VENDOR_ATTR_OCB_STOP_TIMING_ADVERT_CHANNEL_FREQ: The channel + * frequency on which to stop the timing advert + */ +enum qca_wlan_vendor_attr_ocb_stop_timing_advert { + QCA_WLAN_VENDOR_ATTR_OCB_STOP_TIMING_ADVERT_INVALID = 0, + QCA_WLAN_VENDOR_ATTR_OCB_STOP_TIMING_ADVERT_CHANNEL_FREQ = 1, + QCA_WLAN_VENDOR_ATTR_OCB_STOP_TIMING_ADVERT_AFTER_LAST, + QCA_WLAN_VENDOR_ATTR_OCB_STOP_TIMING_ADVERT_MAX = + QCA_WLAN_VENDOR_ATTR_OCB_STOP_TIMING_ADVERT_AFTER_LAST - 1 +}; + +/** + * enum qca_wlan_vendor_attr_ocb_get_tsf_response - Vendor subcmd attributes to + * get TSF timer value + * + * @QCA_WLAN_VENDOR_ATTR_OCB_GET_TSF_RESP_TIMER_HIGH: Higher 32 bits of the + * timer + * @QCA_WLAN_VENDOR_ATTR_OCB_GET_TSF_RESP_TIMER_LOW: Lower 32 bits of the timer + */ +enum qca_wlan_vendor_attr_ocb_get_tsf_resp { + QCA_WLAN_VENDOR_ATTR_OCB_GET_TSF_RESP_INVALID = 0, + QCA_WLAN_VENDOR_ATTR_OCB_GET_TSF_RESP_TIMER_HIGH = 1, + QCA_WLAN_VENDOR_ATTR_OCB_GET_TSF_RESP_TIMER_LOW = 2, + QCA_WLAN_VENDOR_ATTR_OCB_GET_TSF_RESP_AFTER_LAST, + QCA_WLAN_VENDOR_ATTR_OCB_GET_TSF_RESP_MAX = + QCA_WLAN_VENDOR_ATTR_OCB_GET_TSF_RESP_AFTER_LAST - 1 +}; + enum qca_vendor_attr_get_preferred_freq_list { QCA_WLAN_VENDOR_ATTR_GET_PREFERRED_FREQ_LIST_INVALID, /* A 32-unsigned value; the interface type/mode for which the preferred @@ -544,6 +1148,12 @@ enum qca_vendor_attr_get_preferred_freq_list { * from kernel space to user space. */ QCA_WLAN_VENDOR_ATTR_GET_PREFERRED_FREQ_LIST, + /* An array of nested values as per enum qca_wlan_vendor_attr_pcl + * attribute. Each element contains frequency (MHz), weight, and flag + * bit mask indicating how the frequency should be used in P2P + * negotiation; sent from kernel space to user space. + */ + QCA_WLAN_VENDOR_ATTR_GET_PREFERRED_FREQ_LIST_WEIGHED_PCL, /* keep last */ QCA_WLAN_VENDOR_ATTR_GET_PREFERRED_FREQ_LIST_AFTER_LAST, QCA_WLAN_VENDOR_ATTR_GET_PREFERRED_FREQ_LIST_MAX = @@ -679,11 +1289,39 @@ enum qca_vendor_attr_wisa_cmd { * vendor specific element is defined by the latest P802.11ax draft. * Please note that the draft is still work in progress and this element * payload is subject to change. + * + * @QCA_VENDOR_ELEM_RAPS: RAPS element (OFDMA-based Random Access Parameter Set + * element). + * This element can be used for pre-standard publication testing of HE + * before P802.11ax draft assigns the element ID extension. The payload of + * this vendor specific element is defined by the latest P802.11ax draft + * (not including the Element ID Extension field). Please note that the + * draft is still work in progress and this element payload is subject to + * change. + * + * @QCA_VENDOR_ELEM_MU_EDCA_PARAMS: MU EDCA Parameter Set element. + * This element can be used for pre-standard publication testing of HE + * before P802.11ax draft assigns the element ID extension. The payload of + * this vendor specific element is defined by the latest P802.11ax draft + * (not including the Element ID Extension field). Please note that the + * draft is still work in progress and this element payload is subject to + * change. + * + * @QCA_VENDOR_ELEM_BSS_COLOR_CHANGE: BSS Color Change Announcement element. + * This element can be used for pre-standard publication testing of HE + * before P802.11ax draft assigns the element ID extension. The payload of + * this vendor specific element is defined by the latest P802.11ax draft + * (not including the Element ID Extension field). Please note that the + * draft is still work in progress and this element payload is subject to + * change. */ enum qca_vendor_element_id { QCA_VENDOR_ELEM_P2P_PREF_CHAN_LIST = 0, QCA_VENDOR_ELEM_HE_CAPAB = 1, QCA_VENDOR_ELEM_HE_OPER = 2, + QCA_VENDOR_ELEM_RAPS = 3, + QCA_VENDOR_ELEM_MU_EDCA_PARAMS = 4, + QCA_VENDOR_ELEM_BSS_COLOR_CHANGE = 5, }; /** @@ -696,29 +1334,32 @@ enum qca_vendor_element_id { * @QCA_WLAN_VENDOR_ATTR_SCAN_SUPP_RATES: Nested array attribute of supported * rates to be included * @QCA_WLAN_VENDOR_ATTR_SCAN_TX_NO_CCK_RATE: flag used to send probe requests - * at non CCK rate in 2GHz band + * at non CCK rate in 2GHz band * @QCA_WLAN_VENDOR_ATTR_SCAN_FLAGS: Unsigned 32-bit scan flags * @QCA_WLAN_VENDOR_ATTR_SCAN_COOKIE: Unsigned 64-bit cookie provided by the - * driver for the specific scan request + * driver for the specific scan request * @QCA_WLAN_VENDOR_ATTR_SCAN_STATUS: Unsigned 8-bit status of the scan - * request decoded as in enum scan_status + * request decoded as in enum scan_status * @QCA_WLAN_VENDOR_ATTR_SCAN_MAC: 6-byte MAC address to use when randomisation - * scan flag is set + * scan flag is set * @QCA_WLAN_VENDOR_ATTR_SCAN_MAC_MASK: 6-byte MAC address mask to be used with - * randomisation + * randomisation + * @QCA_WLAN_VENDOR_ATTR_SCAN_BSSID: 6-byte MAC address representing the + * specific BSSID to scan for. */ enum qca_wlan_vendor_attr_scan { QCA_WLAN_VENDOR_ATTR_SCAN_INVALID_PARAM = 0, - QCA_WLAN_VENDOR_ATTR_SCAN_IE, - QCA_WLAN_VENDOR_ATTR_SCAN_FREQUENCIES, - QCA_WLAN_VENDOR_ATTR_SCAN_SSIDS, - QCA_WLAN_VENDOR_ATTR_SCAN_SUPP_RATES, - QCA_WLAN_VENDOR_ATTR_SCAN_TX_NO_CCK_RATE, - QCA_WLAN_VENDOR_ATTR_SCAN_FLAGS, - QCA_WLAN_VENDOR_ATTR_SCAN_COOKIE, - QCA_WLAN_VENDOR_ATTR_SCAN_STATUS, - QCA_WLAN_VENDOR_ATTR_SCAN_MAC, - QCA_WLAN_VENDOR_ATTR_SCAN_MAC_MASK, + QCA_WLAN_VENDOR_ATTR_SCAN_IE = 1, + QCA_WLAN_VENDOR_ATTR_SCAN_FREQUENCIES = 2, + QCA_WLAN_VENDOR_ATTR_SCAN_SSIDS = 3, + QCA_WLAN_VENDOR_ATTR_SCAN_SUPP_RATES = 4, + QCA_WLAN_VENDOR_ATTR_SCAN_TX_NO_CCK_RATE = 5, + QCA_WLAN_VENDOR_ATTR_SCAN_FLAGS = 6, + QCA_WLAN_VENDOR_ATTR_SCAN_COOKIE = 7, + QCA_WLAN_VENDOR_ATTR_SCAN_STATUS = 8, + QCA_WLAN_VENDOR_ATTR_SCAN_MAC = 9, + QCA_WLAN_VENDOR_ATTR_SCAN_MAC_MASK = 10, + QCA_WLAN_VENDOR_ATTR_SCAN_BSSID = 11, QCA_WLAN_VENDOR_ATTR_SCAN_AFTER_LAST, QCA_WLAN_VENDOR_ATTR_SCAN_MAX = QCA_WLAN_VENDOR_ATTR_SCAN_AFTER_LAST - 1 @@ -726,10 +1367,10 @@ enum qca_wlan_vendor_attr_scan { /** * enum scan_status - Specifies the valid values the vendor scan attribute - * QCA_WLAN_VENDOR_ATTR_SCAN_STATUS can take + * QCA_WLAN_VENDOR_ATTR_SCAN_STATUS can take * * @VENDOR_SCAN_STATUS_NEW_RESULTS: implies the vendor scan is successful with - * new scan results + * new scan results * @VENDOR_SCAN_STATUS_ABORTED: implies the vendor scan was aborted in-between */ enum scan_status { @@ -776,7 +1417,8 @@ enum qca_vendor_attr_txpower_scale { enum qca_vendor_attr_txpower_decr_db { QCA_WLAN_VENDOR_ATTR_TXPOWER_DECR_DB_INVALID, /* 8-bit unsigned value to indicate the reduction of TX power in dB for - * a virtual interface. */ + * a virtual interface. + */ QCA_WLAN_VENDOR_ATTR_TXPOWER_DECR_DB, /* keep last */ QCA_WLAN_VENDOR_ATTR_TXPOWER_DECR_DB_AFTER_LAST, @@ -826,29 +1468,37 @@ enum qca_wlan_vendor_attr_config { */ QCA_WLAN_VENDOR_ATTR_CONFIG_CHANNEL_AVOIDANCE_IND = 7, /* 8-bit unsigned value to configure the maximum TX MPDU for - * aggregation. */ + * aggregation. + */ QCA_WLAN_VENDOR_ATTR_CONFIG_TX_MPDU_AGGREGATION = 8, /* 8-bit unsigned value to configure the maximum RX MPDU for - * aggregation. */ + * aggregation. + */ QCA_WLAN_VENDOR_ATTR_CONFIG_RX_MPDU_AGGREGATION = 9, /* 8-bit unsigned value to configure the Non aggregrate/11g sw - * retry threshold (0 disable, 31 max). */ + * retry threshold (0 disable, 31 max). + */ QCA_WLAN_VENDOR_ATTR_CONFIG_NON_AGG_RETRY = 10, /* 8-bit unsigned value to configure the aggregrate sw - * retry threshold (0 disable, 31 max). */ + * retry threshold (0 disable, 31 max). + */ QCA_WLAN_VENDOR_ATTR_CONFIG_AGG_RETRY = 11, /* 8-bit unsigned value to configure the MGMT frame - * retry threshold (0 disable, 31 max). */ + * retry threshold (0 disable, 31 max). + */ QCA_WLAN_VENDOR_ATTR_CONFIG_MGMT_RETRY = 12, /* 8-bit unsigned value to configure the CTRL frame - * retry threshold (0 disable, 31 max). */ + * retry threshold (0 disable, 31 max). + */ QCA_WLAN_VENDOR_ATTR_CONFIG_CTRL_RETRY = 13, /* 8-bit unsigned value to configure the propagation delay for - * 2G/5G band (0~63, units in us) */ + * 2G/5G band (0~63, units in us) + */ QCA_WLAN_VENDOR_ATTR_CONFIG_PROPAGATION_DELAY = 14, /* Unsigned 32-bit value to configure the number of unicast TX fail * packet count. The peer is disconnected once this threshold is - * reached. */ + * reached. + */ QCA_WLAN_VENDOR_ATTR_CONFIG_TX_FAIL_COUNT = 15, /* Attribute used to set scan default IEs to the driver. * @@ -859,7 +1509,8 @@ enum qca_wlan_vendor_attr_config { * merged with the IEs received along with scan request coming to the * driver. If a particular IE is present in the scan default IEs but not * present in the scan request, then that IE should be added to the IEs - * sent in the Probe Request frames for that scan request. */ + * sent in the Probe Request frames for that scan request. + */ QCA_WLAN_VENDOR_ATTR_CONFIG_SCAN_DEFAULT_IES = 16, /* Unsigned 32-bit attribute for generic commands */ QCA_WLAN_VENDOR_ATTR_CONFIG_GENERIC_COMMAND = 17, @@ -868,42 +1519,183 @@ enum qca_wlan_vendor_attr_config { /* Unsigned 32-bit data attribute for generic command response */ QCA_WLAN_VENDOR_ATTR_CONFIG_GENERIC_DATA = 19, /* Unsigned 32-bit length attribute for - * QCA_WLAN_VENDOR_ATTR_CONFIG_GENERIC_DATA */ + * QCA_WLAN_VENDOR_ATTR_CONFIG_GENERIC_DATA + */ QCA_WLAN_VENDOR_ATTR_CONFIG_GENERIC_LENGTH = 20, /* Unsigned 32-bit flags attribute for - * QCA_WLAN_VENDOR_ATTR_CONFIG_GENERIC_DATA */ + * QCA_WLAN_VENDOR_ATTR_CONFIG_GENERIC_DATA + */ QCA_WLAN_VENDOR_ATTR_CONFIG_GENERIC_FLAGS = 21, /* Unsigned 32-bit, defining the access policy. * See enum qca_access_policy. Used with - * QCA_WLAN_VENDOR_ATTR_CONFIG_ACCESS_POLICY_IE_LIST. */ + * QCA_WLAN_VENDOR_ATTR_CONFIG_ACCESS_POLICY_IE_LIST. + */ QCA_WLAN_VENDOR_ATTR_CONFIG_ACCESS_POLICY = 22, /* Sets the list of full set of IEs for which a specific access policy * has to be applied. Used along with * QCA_WLAN_VENDOR_ATTR_CONFIG_ACCESS_POLICY to control the access. - * Zero length payload can be used to clear this access constraint. */ + * Zero length payload can be used to clear this access constraint. + */ QCA_WLAN_VENDOR_ATTR_CONFIG_ACCESS_POLICY_IE_LIST = 23, /* Unsigned 32-bit, specifies the interface index (netdev) for which the * corresponding configurations are applied. If the interface index is * not specified, the configurations are attributed to the respective - * wiphy. */ + * wiphy. + */ QCA_WLAN_VENDOR_ATTR_CONFIG_IFINDEX = 24, /* 8-bit unsigned value to trigger QPower: 1-Enable, 0-Disable */ QCA_WLAN_VENDOR_ATTR_CONFIG_QPOWER = 25, /* 8-bit unsigned value to configure the driver and below layers to * ignore the assoc disallowed set by APs while connecting - * 1-Ignore, 0-Don't ignore */ + * 1-Ignore, 0-Don't ignore + */ QCA_WLAN_VENDOR_ATTR_CONFIG_IGNORE_ASSOC_DISALLOWED = 26, /* 32-bit unsigned value to trigger antenna diversity features: - * 1-Enable, 0-Disable */ + * 1-Enable, 0-Disable + */ QCA_WLAN_VENDOR_ATTR_CONFIG_ANT_DIV_ENA = 27, /* 32-bit unsigned value to configure specific chain antenna */ QCA_WLAN_VENDOR_ATTR_CONFIG_ANT_DIV_CHAIN = 28, /* 32-bit unsigned value to trigger cycle selftest - * 1-Enable, 0-Disable */ + * 1-Enable, 0-Disable + */ QCA_WLAN_VENDOR_ATTR_CONFIG_ANT_DIV_SELFTEST = 29, /* 32-bit unsigned to configure the cycle time of selftest - * the unit is micro-second */ + * the unit is micro-second + */ QCA_WLAN_VENDOR_ATTR_CONFIG_ANT_DIV_SELFTEST_INTVL = 30, + /* 32-bit unsigned value to set reorder timeout for AC_VO */ + QCA_WLAN_VENDOR_ATTR_CONFIG_RX_REORDER_TIMEOUT_VOICE = 31, + /* 32-bit unsigned value to set reorder timeout for AC_VI */ + QCA_WLAN_VENDOR_ATTR_CONFIG_RX_REORDER_TIMEOUT_VIDEO = 32, + /* 32-bit unsigned value to set reorder timeout for AC_BE */ + QCA_WLAN_VENDOR_ATTR_CONFIG_RX_REORDER_TIMEOUT_BESTEFFORT = 33, + /* 32-bit unsigned value to set reorder timeout for AC_BK */ + QCA_WLAN_VENDOR_ATTR_CONFIG_RX_REORDER_TIMEOUT_BACKGROUND = 34, + /* 6-byte MAC address to point out the specific peer */ + QCA_WLAN_VENDOR_ATTR_CONFIG_RX_BLOCKSIZE_PEER_MAC = 35, + /* 32-bit unsigned value to set window size for specific peer */ + QCA_WLAN_VENDOR_ATTR_CONFIG_RX_BLOCKSIZE_WINLIMIT = 36, + /* 8-bit unsigned value to set the beacon miss threshold in 2.4 GHz */ + QCA_WLAN_VENDOR_ATTR_CONFIG_BEACON_MISS_THRESHOLD_24 = 37, + /* 8-bit unsigned value to set the beacon miss threshold in 5 GHz */ + QCA_WLAN_VENDOR_ATTR_CONFIG_BEACON_MISS_THRESHOLD_5 = 38, + /* 32-bit unsigned value to configure 5 or 10 MHz channel width for + * station device while in disconnect state. The attribute use the + * value of enum nl80211_chan_width: NL80211_CHAN_WIDTH_5 means 5 MHz, + * NL80211_CHAN_WIDTH_10 means 10 MHz. If set, the device work in 5 or + * 10 MHz channel width, the station will not connect to a BSS using 20 + * MHz or higher bandwidth. Set to NL80211_CHAN_WIDTH_20_NOHT to + * clear this constraint. + */ + QCA_WLAN_VENDOR_ATTR_CONFIG_SUB20_CHAN_WIDTH = 39, + /* 32-bit unsigned value to configure the propagation absolute delay + * for 2G/5G band (units in us) + */ + QCA_WLAN_VENDOR_ATTR_CONFIG_PROPAGATION_ABS_DELAY = 40, + /* 32-bit unsigned value to set probe period */ + QCA_WLAN_VENDOR_ATTR_CONFIG_ANT_DIV_PROBE_PERIOD = 41, + /* 32-bit unsigned value to set stay period */ + QCA_WLAN_VENDOR_ATTR_CONFIG_ANT_DIV_STAY_PERIOD = 42, + /* 32-bit unsigned value to set snr diff */ + QCA_WLAN_VENDOR_ATTR_CONFIG_ANT_DIV_SNR_DIFF = 43, + /* 32-bit unsigned value to set probe dwell time */ + QCA_WLAN_VENDOR_ATTR_CONFIG_ANT_DIV_PROBE_DWELL_TIME = 44, + /* 32-bit unsigned value to set mgmt snr weight */ + QCA_WLAN_VENDOR_ATTR_CONFIG_ANT_DIV_MGMT_SNR_WEIGHT = 45, + /* 32-bit unsigned value to set data snr weight */ + QCA_WLAN_VENDOR_ATTR_CONFIG_ANT_DIV_DATA_SNR_WEIGHT = 46, + /* 32-bit unsigned value to set ack snr weight */ + QCA_WLAN_VENDOR_ATTR_CONFIG_ANT_DIV_ACK_SNR_WEIGHT = 47, + /* 32-bit unsigned value to configure the listen interval. + * This is in units of beacon intervals. This configuration alters + * the negotiated listen interval with the AP during the connection. + * It is highly recommended to configure a value less than or equal to + * the one negotiated during the association. Configuring any greater + * value can have adverse effects (frame loss, AP disassociating STA, + * etc.). + */ + QCA_WLAN_VENDOR_ATTR_CONFIG_LISTEN_INTERVAL = 48, + /* + * 8 bit unsigned value that is set on an AP/GO virtual interface to + * disable operations that would cause the AP/GO to leave its operating + * channel. + * + * This will restrict the scans to the AP/GO operating channel and the + * channels of the other band, if DBS is supported.A STA/CLI interface + * brought up after this setting is enabled, will be restricted to + * connecting to devices only on the AP/GO interface's operating channel + * or on the other band in DBS case. P2P supported channel list is + * modified, to only include AP interface's operating-channel and the + * channels of the other band if DBS is supported. + * + * These restrictions are only applicable as long as the AP/GO interface + * is alive. If the AP/GO interface is brought down then this + * setting/restriction is forgotten. + * + * If this variable is set on an AP/GO interface while a multi-channel + * concurrent session is active, it has no effect on the operation of + * the current interfaces, other than restricting the scan to the AP/GO + * operating channel and the other band channels if DBS is supported. + * However, if the STA is brought down and restarted then the new STA + * connection will either be formed on the AP/GO channel or on the + * other band in a DBS case. This is because of the scan being + * restricted on these channels as mentioned above. + * + * 1-Restrict / 0-Don't restrict offchannel operations. + */ + QCA_WLAN_VENDOR_ATTR_CONFIG_RESTRICT_OFFCHANNEL = 49, + /* + * 8 bit unsigned value to enable/disable LRO (Large Receive Offload) + * on an interface. + * 1 - Enable, 0 - Disable. + */ + QCA_WLAN_VENDOR_ATTR_CONFIG_LRO = 50, + + /* + * 8 bit unsigned value to globally enable/disable scan + * 1 - Enable, 0 - Disable. + */ + QCA_WLAN_VENDOR_ATTR_CONFIG_SCAN_ENABLE = 51, + + /* 8-bit unsigned value to set the total beacon miss count + * This parameter will set the total beacon miss count. + */ + QCA_WLAN_VENDOR_ATTR_CONFIG_TOTAL_BEACON_MISS_COUNT = 52, + + /* Unsigned 32-bit value to configure the number of continuous + * Beacon Miss which shall be used by the firmware to penalize + * the RSSI for BTC. + */ + QCA_WLAN_VENDOR_ATTR_CONFIG_PENALIZE_AFTER_NCONS_BEACON_MISS_BTC = 53, + + /* 8-bit unsigned value to configure the driver and below layers to + * enable/disable all FILS features. + * 0-enable, 1-disable + */ + QCA_WLAN_VENDOR_ATTR_CONFIG_DISABLE_FILS = 54, + + /* 16-bit unsigned value to configure the level of WLAN latency + * module. See enum qca_wlan_vendor_attr_config_latency_level. + */ + QCA_WLAN_VENDOR_ATTR_CONFIG_LATENCY_LEVEL = 55, + + /* 8-bit unsigned value indicating the driver to use the RSNE as-is from + * the connect interface. Exclusively used for the scenarios where the + * device is used as a test bed device with special functionality and + * not recommended for production. This helps driver to not validate the + * RSNE passed from user space and thus allow arbitrary IE data to be + * used for testing purposes. + * 1-enable, 0-disable. + * Applications set/reset this configuration. If not reset, this + * parameter remains in use until the driver is unloaded. + */ + QCA_WLAN_VENDOR_ATTR_CONFIG_RSN_IE = 56, + + /* 8-bit unsigned value to trigger green Tx power saving. + * 1-Enable, 0-Disable + */ + QCA_WLAN_VENDOR_ATTR_CONFIG_GTX = 57, /* keep last */ QCA_WLAN_VENDOR_ATTR_CONFIG_AFTER_LAST, @@ -937,7 +1729,8 @@ enum qca_wlan_vendor_attr_sap_config { enum qca_wlan_vendor_attr_sap_conditional_chan_switch { QCA_WLAN_VENDOR_ATTR_SAP_CONDITIONAL_CHAN_SWITCH_INVALID = 0, /* Priority based frequency list (an array of u32 values in host byte - * order) */ + * order) + */ QCA_WLAN_VENDOR_ATTR_SAP_CONDITIONAL_CHAN_SWITCH_FREQ_LIST = 1, /* Status of the conditional switch (u32). * 0: Success, Non-zero: Failure @@ -972,6 +1765,36 @@ enum qca_wlan_gpio_attr { }; /** + * qca_wlan_set_qdepth_thresh_attr - Parameters for setting + * MSDUQ depth threshold per peer per tid in the target + * + * Associated Vendor Command: + * QCA_NL80211_VENDOR_SUBCMD_SET_QDEPTH_THRESH + */ +enum qca_wlan_set_qdepth_thresh_attr { + QCA_WLAN_VENDOR_ATTR_QDEPTH_THRESH_INVALID = 0, + /* 6-byte MAC address */ + QCA_WLAN_VENDOR_ATTR_QDEPTH_THRESH_MAC_ADDR, + /* Unsigned 32-bit attribute for holding the TID */ + QCA_WLAN_VENDOR_ATTR_QDEPTH_THRESH_TID, + /* Unsigned 32-bit attribute for holding the update mask + * bit 0 - Update high priority msdu qdepth threshold + * bit 1 - Update low priority msdu qdepth threshold + * bit 2 - Update UDP msdu qdepth threshold + * bit 3 - Update Non UDP msdu qdepth threshold + * rest of bits are reserved + */ + QCA_WLAN_VENDOR_ATTR_QDEPTH_THRESH_UPDATE_MASK, + /* Unsigned 32-bit attribute for holding the threshold value */ + QCA_WLAN_VENDOR_ATTR_QDEPTH_THRESH_VALUE, + + /* keep last */ + QCA_WLAN_VENDOR_ATTR_QDEPTH_THRESH_LAST, + QCA_WLAN_VENDOR_ATTR_QDEPTH_THRESH_MAX = + QCA_WLAN_VENDOR_ATTR_QDEPTH_THRESH_LAST - 1, +}; + +/** * enum qca_wlan_vendor_attr_get_hw_capability - Wi-Fi hardware capability */ enum qca_wlan_vendor_attr_get_hw_capability { @@ -1143,6 +1966,12 @@ enum qca_wlan_vendor_attr_get_hw_capability { * @QCA_WLAN_VENDOR_ATTR_LL_STATS_EXT_ANT_NF: per antenna NF value * @QCA_WLAN_VENDOR_ATTR_LL_STATS_EXT_IFACE_RSSI_BEACON: RSSI of beacon * @QCA_WLAN_VENDOR_ATTR_LL_STATS_EXT_IFACE_SNR_BEACON: SNR of beacon + * @QCA_WLAN_VENDOR_ATTR_LL_STATS_EXT_REPORT_TIME: u64 + * Absolute timestamp from 1970/1/1, unit in ms. After receiving the + * message, user layer APP could call gettimeofday to get another + * timestamp and calculate transfer delay for the message. + * @QCA_WLAN_VENDOR_ATTR_LL_STATS_EXT_MEASUREMENT_TIME: u32 + * Real period for this measurement, unit in us. */ enum qca_wlan_vendor_attr_ll_stats_ext { QCA_WLAN_VENDOR_ATTR_LL_STATS_EXT_INVALID = 0, @@ -1236,6 +2065,9 @@ enum qca_wlan_vendor_attr_ll_stats_ext { QCA_WLAN_VENDOR_ATTR_LL_STATS_EXT_IFACE_RSSI_BEACON, QCA_WLAN_VENDOR_ATTR_LL_STATS_EXT_IFACE_SNR_BEACON, + QCA_WLAN_VENDOR_ATTR_LL_STATS_EXT_REPORT_TIME, + QCA_WLAN_VENDOR_ATTR_LL_STATS_EXT_MEASUREMENT_TIME, + QCA_WLAN_VENDOR_ATTR_LL_STATS_EXT_LAST, QCA_WLAN_VENDOR_ATTR_LL_STATS_EXT_MAX = QCA_WLAN_VENDOR_ATTR_LL_STATS_EXT_LAST - 1 @@ -1289,7 +2121,7 @@ enum qca_wlan_vendor_attr_loc_capa { * @QCA_WLAN_VENDOR_ATTR_LOC_CAPA_FLAG_FTM_INITIATOR: Set if driver * can run FTM sessions. QCA_NL80211_VENDOR_SUBCMD_FTM_START_SESSION * will be supported if set. -* @QCA_WLAN_VENDOR_ATTR_LOC_CAPA_FLAG_ASAP: Set if FTM responder + * @QCA_WLAN_VENDOR_ATTR_LOC_CAPA_FLAG_ASAP: Set if FTM responder * supports immediate (ASAP) response. * @QCA_WLAN_VENDOR_ATTR_LOC_CAPA_FLAG_AOA: Set if driver supports standalone * AOA measurement using QCA_NL80211_VENDOR_SUBCMD_AOA_MEAS. @@ -1320,6 +2152,10 @@ enum qca_wlan_vendor_attr_loc_capa_flags { * @QCA_WLAN_VENDOR_ATTR_FTM_PEER_AOA_BURST_PERIOD: Request AOA * measurement every <value> bursts. If 0 or not specified, * AOA measurements will be disabled for this peer. + * @QCA_WLAN_VENDOR_ATTR_FTM_PEER_FREQ: Frequency in MHz where + * the measurement frames are exchanged. Optional; if not + * specified, try to locate the peer in the kernel scan + * results cache and use frequency from there. */ enum qca_wlan_vendor_attr_ftm_peer_info { QCA_WLAN_VENDOR_ATTR_FTM_PEER_INVALID, @@ -1328,6 +2164,7 @@ enum qca_wlan_vendor_attr_ftm_peer_info { QCA_WLAN_VENDOR_ATTR_FTM_PEER_MEAS_PARAMS, QCA_WLAN_VENDOR_ATTR_FTM_PEER_SECURE_TOKEN_ID, QCA_WLAN_VENDOR_ATTR_FTM_PEER_AOA_BURST_PERIOD, + QCA_WLAN_VENDOR_ATTR_FTM_PEER_FREQ, /* keep last */ QCA_WLAN_VENDOR_ATTR_FTM_PEER_AFTER_LAST, QCA_WLAN_VENDOR_ATTR_FTM_PEER_MAX = @@ -1587,4 +2424,3824 @@ enum qca_wlan_vendor_attr_encryption_test { QCA_WLAN_VENDOR_ATTR_ENCRYPTION_TEST_AFTER_LAST - 1 }; +/** + * enum qca_wlan_vendor_attr_dmg_rf_sector_type - Type of + * sector for DMG RF sector operations. + * + * @QCA_WLAN_VENDOR_ATTR_DMG_RF_SECTOR_TYPE_RX: RX sector + * @QCA_WLAN_VENDOR_ATTR_DMG_RF_SECTOR_TYPE_TX: TX sector + */ +enum qca_wlan_vendor_attr_dmg_rf_sector_type { + QCA_WLAN_VENDOR_ATTR_DMG_RF_SECTOR_TYPE_RX, + QCA_WLAN_VENDOR_ATTR_DMG_RF_SECTOR_TYPE_TX, + QCA_WLAN_VENDOR_ATTR_DMG_RF_SECTOR_TYPE_MAX +}; + +/** + * BRP antenna limit mode + * + * @QCA_WLAN_VENDOR_ATTR_BRP_ANT_LIMIT_MODE_DISABLE: Disable BRP force + * antenna limit, BRP will be performed as usual. + * @QCA_WLAN_VENDOR_ATTR_BRP_ANT_LIMIT_MODE_EFFECTIVE: Define maximal + * antennas limit. the hardware may use less antennas than the + * maximum limit. + * @QCA_WLAN_VENDOR_ATTR_BRP_ANT_LIMIT_MODE_FORCE: The hardware will + * use exactly the specified number of antennas for BRP. + */ +enum qca_wlan_vendor_attr_brp_ant_limit_mode { + QCA_WLAN_VENDOR_ATTR_BRP_ANT_LIMIT_MODE_DISABLE, + QCA_WLAN_VENDOR_ATTR_BRP_ANT_LIMIT_MODE_EFFECTIVE, + QCA_WLAN_VENDOR_ATTR_BRP_ANT_LIMIT_MODE_FORCE, + QCA_WLAN_VENDOR_ATTR_BRP_ANT_LIMIT_MODE_MAX +}; + +/** + * enum qca_wlan_vendor_attr_dmg_rf_sector_cfg - Attributes for + * DMG RF sector configuration for a single RF module. + * The values are defined in a compact way which closely matches + * the way it is stored in HW registers. + * The configuration provides values for 32 antennas and 8 distribution + * amplifiers, and together describes the characteristics of the RF + * sector - such as a beam in some direction with some gain. + * + * @QCA_WLAN_VENDOR_ATTR_DMG_RF_SECTOR_CFG_MODULE_INDEX: Index + * of RF module for this configuration. + * @QCA_WLAN_VENDOR_ATTR_DMG_RF_SECTOR_CFG_ETYPE0: Bit 0 of edge + * amplifier gain index. Unsigned 32 bit number containing + * bits for all 32 antennas. + * @QCA_WLAN_VENDOR_ATTR_DMG_RF_SECTOR_CFG_ETYPE1: Bit 1 of edge + * amplifier gain index. Unsigned 32 bit number containing + * bits for all 32 antennas. + * @QCA_WLAN_VENDOR_ATTR_DMG_RF_SECTOR_CFG_ETYPE2: Bit 2 of edge + * amplifier gain index. Unsigned 32 bit number containing + * bits for all 32 antennas. + * @QCA_WLAN_VENDOR_ATTR_DMG_RF_SECTOR_CFG_PSH_HI: Phase values + * for first 16 antennas, 2 bits per antenna. + * @QCA_WLAN_VENDOR_ATTR_DMG_RF_SECTOR_CFG_PSH_LO: Phase values + * for last 16 antennas, 2 bits per antenna. + * @QCA_WLAN_VENDOR_ATTR_DMG_RF_SECTOR_CFG_DTYPE_X16: Contains + * DTYPE values (3 bits) for each distribution amplifier, followed + * by X16 switch bits for each distribution amplifier. There are + * total of 8 distribution amplifiers. + */ +enum qca_wlan_vendor_attr_dmg_rf_sector_cfg { + QCA_WLAN_VENDOR_ATTR_DMG_RF_SECTOR_CFG_INVALID = 0, + QCA_WLAN_VENDOR_ATTR_DMG_RF_SECTOR_CFG_MODULE_INDEX = 1, + QCA_WLAN_VENDOR_ATTR_DMG_RF_SECTOR_CFG_ETYPE0 = 2, + QCA_WLAN_VENDOR_ATTR_DMG_RF_SECTOR_CFG_ETYPE1 = 3, + QCA_WLAN_VENDOR_ATTR_DMG_RF_SECTOR_CFG_ETYPE2 = 4, + QCA_WLAN_VENDOR_ATTR_DMG_RF_SECTOR_CFG_PSH_HI = 5, + QCA_WLAN_VENDOR_ATTR_DMG_RF_SECTOR_CFG_PSH_LO = 6, + QCA_WLAN_VENDOR_ATTR_DMG_RF_SECTOR_CFG_DTYPE_X16 = 7, + + /* keep last */ + QCA_WLAN_VENDOR_ATTR_DMG_RF_SECTOR_CFG_AFTER_LAST, + QCA_WLAN_VENDOR_ATTR_DMG_RF_SECTOR_CFG_MAX = + QCA_WLAN_VENDOR_ATTR_DMG_RF_SECTOR_CFG_AFTER_LAST - 1 +}; + +enum qca_wlan_vendor_attr_ll_stats_set { + QCA_WLAN_VENDOR_ATTR_LL_STATS_SET_INVALID = 0, + /* Unsigned 32-bit value */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_SET_CONFIG_MPDU_SIZE_THRESHOLD = 1, + QCA_WLAN_VENDOR_ATTR_LL_STATS_SET_CONFIG_AGGRESSIVE_STATS_GATHERING = 2, + /* keep last */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_SET_AFTER_LAST, + QCA_WLAN_VENDOR_ATTR_LL_STATS_SET_MAX = + QCA_WLAN_VENDOR_ATTR_LL_STATS_SET_AFTER_LAST - 1, +}; + +enum qca_wlan_vendor_attr_ll_stats_clr { + QCA_WLAN_VENDOR_ATTR_LL_STATS_CLR_INVALID = 0, + /* Unsigned 32bit bitmap for clearing statistics + * All radio statistics 0x00000001 + * cca_busy_time (within radio statistics) 0x00000002 + * All channel stats (within radio statistics) 0x00000004 + * All scan statistics (within radio statistics) 0x00000008 + * All interface statistics 0x00000010 + * All tx rate statistics (within interface statistics) 0x00000020 + * All ac statistics (with in interface statistics) 0x00000040 + * All contention (min, max, avg) statistics (within ac statisctics) + * 0x00000080. + */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_CLR_CONFIG_REQ_MASK = 1, + /* Unsigned 8 bit value: Request to stop statistics collection */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_CLR_CONFIG_STOP_REQ = 2, + + /* Unsigned 32 bit bitmap: Response from the driver + * for the cleared statistics + */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_CLR_CONFIG_RSP_MASK = 3, + /* Unsigned 8 bit value: Response from driver/firmware + * for the stop request + */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_CLR_CONFIG_STOP_RSP = 4, + /* keep last */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_CLR_AFTER_LAST, + QCA_WLAN_VENDOR_ATTR_LL_STATS_CLR_MAX = + QCA_WLAN_VENDOR_ATTR_LL_STATS_CLR_AFTER_LAST - 1, +}; + +enum qca_wlan_vendor_attr_ll_stats_get { + QCA_WLAN_VENDOR_ATTR_LL_STATS_GET_INVALID = 0, + /* Unsigned 32 bit value provided by the caller issuing the GET stats + * command. When reporting the stats results, the driver uses the same + * value to indicate which GET request the results correspond to. + */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_GET_CONFIG_REQ_ID = 1, + /* Unsigned 32 bit value - bit mask to identify what statistics are + * requested for retrieval. + * Radio Statistics 0x00000001 + * Interface Statistics 0x00000020 + * All Peer Statistics 0x00000040 + * Peer Statistics 0x00000080 + */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_GET_CONFIG_REQ_MASK = 2, + /* keep last */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_GET_AFTER_LAST, + QCA_WLAN_VENDOR_ATTR_LL_STATS_GET_MAX = + QCA_WLAN_VENDOR_ATTR_LL_STATS_GET_AFTER_LAST - 1, +}; + +enum qca_wlan_vendor_attr_ll_stats_results { + QCA_WLAN_VENDOR_ATTR_LL_STATS_INVALID = 0, + /* Unsigned 32bit value. Used by the driver; must match the request id + * provided with the QCA_NL80211_VENDOR_SUBCMD_LL_STATS_GET command. + */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_RESULTS_REQ_ID = 1, + + /* Unsigned 32 bit value */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_IFACE_BEACON_RX = 2, + /* Unsigned 32 bit value */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_IFACE_MGMT_RX = 3, + /* Unsigned 32 bit value */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_IFACE_MGMT_ACTION_RX = 4, + /* Unsigned 32 bit value */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_IFACE_MGMT_ACTION_TX = 5, + /* Signed 32 bit value */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_IFACE_RSSI_MGMT = 6, + /* Signed 32 bit value */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_IFACE_RSSI_DATA = 7, + /* Signed 32 bit value */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_IFACE_RSSI_ACK = 8, + + /* Attributes of type QCA_WLAN_VENDOR_ATTR_LL_STATS_IFACE_INFO_* are + * nested within the interface stats. + */ + + /* Interface mode, e.g., STA, SOFTAP, IBSS, etc. + * Type = enum wifi_interface_mode. + */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_IFACE_INFO_MODE = 9, + /* Interface MAC address. An array of 6 Unsigned int8 */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_IFACE_INFO_MAC_ADDR = 10, + /* Type = enum wifi_connection_state, e.g., DISCONNECTED, + * AUTHENTICATING, etc. valid for STA, CLI only. + */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_IFACE_INFO_STATE = 11, + /* Type = enum wifi_roam_state. Roaming state, e.g., IDLE or ACTIVE + */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_IFACE_INFO_ROAMING = 12, + /* Unsigned 32 bit value. WIFI_CAPABILITY_XXX */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_IFACE_INFO_CAPABILITIES = 13, + /* NULL terminated SSID. An array of 33 Unsigned 8bit values */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_IFACE_INFO_SSID = 14, + /* BSSID. An array of 6 unsigned 8 bit values */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_IFACE_INFO_BSSID = 15, + /* Country string advertised by AP. An array of 3 unsigned 8 bit + * values. + */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_IFACE_INFO_AP_COUNTRY_STR = 16, + /* Country string for this association. An array of 3 unsigned 8 bit + * values. + */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_IFACE_INFO_COUNTRY_STR = 17, + + /* Attributes of type QCA_WLAN_VENDOR_ATTR_LL_STATS_WMM_AC_* could + * be nested within the interface stats. + */ + + /* Type = enum wifi_traffic_ac, e.g., V0, VI, BE and BK */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_WMM_AC_AC = 18, + /* Unsigned int 32 value corresponding to respective AC */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_WMM_AC_TX_MPDU = 19, + /* Unsigned int 32 value corresponding to respective AC */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_WMM_AC_RX_MPDU = 20, + /* Unsigned int 32 value corresponding to respective AC */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_WMM_AC_TX_MCAST = 21, + /* Unsigned int 32 value corresponding to respective AC */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_WMM_AC_RX_MCAST = 22, + /* Unsigned int 32 value corresponding to respective AC */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_WMM_AC_RX_AMPDU = 23, + /* Unsigned int 32 value corresponding to respective AC */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_WMM_AC_TX_AMPDU = 24, + /* Unsigned int 32 value corresponding to respective AC */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_WMM_AC_MPDU_LOST = 25, + /* Unsigned int 32 value corresponding to respective AC */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_WMM_AC_RETRIES = 26, + /* Unsigned int 32 value corresponding to respective AC */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_WMM_AC_RETRIES_SHORT = 27, + /* Unsigned int 32 values corresponding to respective AC */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_WMM_AC_RETRIES_LONG = 28, + /* Unsigned int 32 values corresponding to respective AC */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_WMM_AC_CONTENTION_TIME_MIN = 29, + /* Unsigned int 32 values corresponding to respective AC */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_WMM_AC_CONTENTION_TIME_MAX = 30, + /* Unsigned int 32 values corresponding to respective AC */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_WMM_AC_CONTENTION_TIME_AVG = 31, + /* Unsigned int 32 values corresponding to respective AC */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_WMM_AC_CONTENTION_NUM_SAMPLES = 32, + /* Unsigned 32 bit value. Number of peers */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_IFACE_NUM_PEERS = 33, + + /* Attributes of type QCA_WLAN_VENDOR_ATTR_LL_STATS_PEER_INFO_* are + * nested within the interface stats. + */ + + /* Type = enum wifi_peer_type. Peer type, e.g., STA, AP, P2P GO etc. */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_PEER_INFO_TYPE = 34, + /* MAC addr corresponding to respective peer. An array of 6 unsigned + * 8 bit values. + */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_PEER_INFO_MAC_ADDRESS = 35, + /* Unsigned int 32 bit value representing capabilities corresponding + * to respective peer. + */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_PEER_INFO_CAPABILITIES = 36, + /* Unsigned 32 bit value. Number of rates */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_PEER_INFO_NUM_RATES = 37, + + /* Attributes of type QCA_WLAN_VENDOR_ATTR_LL_STATS_RATE_* + * are nested within the rate stat. + */ + + /* Wi-Fi Rate - separate attributes defined for individual fields */ + + /* Unsigned int 8 bit value; 0: OFDM, 1:CCK, 2:HT 3:VHT 4..7 reserved */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_RATE_PREAMBLE = 38, + /* Unsigned int 8 bit value; 0:1x1, 1:2x2, 3:3x3, 4:4x4 */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_RATE_NSS = 39, + /* Unsigned int 8 bit value; 0:20 MHz, 1:40 MHz, 2:80 MHz, 3:160 MHz */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_RATE_BW = 40, + /* Unsigned int 8 bit value; OFDM/CCK rate code would be as per IEEE Std + * in the units of 0.5 Mbps HT/VHT it would be MCS index + */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_RATE_MCS_INDEX = 41, + + /* Unsigned 32 bit value. Bit rate in units of 100 kbps */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_RATE_BIT_RATE = 42, + + /* Attributes of type QCA_WLAN_VENDOR_ATTR_LL_STATS_RATE_STAT_* could be + * nested within the peer info stats. + */ + + /* Unsigned int 32 bit value. Number of successfully transmitted data + * packets, i.e., with ACK received corresponding to the respective + * rate. + */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_RATE_TX_MPDU = 43, + /* Unsigned int 32 bit value. Number of received data packets + * corresponding to the respective rate. + */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_RATE_RX_MPDU = 44, + /* Unsigned int 32 bit value. Number of data packet losses, i.e., no ACK + * received corresponding to the respective rate. + */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_RATE_MPDU_LOST = 45, + /* Unsigned int 32 bit value. Total number of data packet retries for + * the respective rate. + */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_RATE_RETRIES = 46, + /* Unsigned int 32 bit value. Total number of short data packet retries + * for the respective rate. + */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_RATE_RETRIES_SHORT = 47, + /* Unsigned int 32 bit value. Total number of long data packet retries + * for the respective rate. + */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_RATE_RETRIES_LONG = 48, + + QCA_WLAN_VENDOR_ATTR_LL_STATS_RADIO_ID = 49, + /* Unsigned 32 bit value. Total number of msecs the radio is awake + * accruing over time. + */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_RADIO_ON_TIME = 50, + /* Unsigned 32 bit value. Total number of msecs the radio is + * transmitting accruing over time. + */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_RADIO_TX_TIME = 51, + /* Unsigned 32 bit value. Total number of msecs the radio is in active + * receive accruing over time. + */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_RADIO_RX_TIME = 52, + /* Unsigned 32 bit value. Total number of msecs the radio is awake due + * to all scan accruing over time. + */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_RADIO_ON_TIME_SCAN = 53, + /* Unsigned 32 bit value. Total number of msecs the radio is awake due + * to NAN accruing over time. + */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_RADIO_ON_TIME_NBD = 54, + /* Unsigned 32 bit value. Total number of msecs the radio is awake due + * to GSCAN accruing over time. + */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_RADIO_ON_TIME_GSCAN = 55, + /* Unsigned 32 bit value. Total number of msecs the radio is awake due + * to roam scan accruing over time. + */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_RADIO_ON_TIME_ROAM_SCAN = 56, + /* Unsigned 32 bit value. Total number of msecs the radio is awake due + * to PNO scan accruing over time. + */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_RADIO_ON_TIME_PNO_SCAN = 57, + /* Unsigned 32 bit value. Total number of msecs the radio is awake due + * to Hotspot 2.0 scans and GAS exchange accruing over time. + */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_RADIO_ON_TIME_HS20 = 58, + /* Unsigned 32 bit value. Number of channels. */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_RADIO_NUM_CHANNELS = 59, + + /* Attributes of type QCA_WLAN_VENDOR_ATTR_LL_STATS_CHANNEL_INFO_* could + * be nested within the channel stats. + */ + + /* Type = enum wifi_channel_width. Channel width, e.g., 20, 40, 80 */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_CHANNEL_INFO_WIDTH = 60, + /* Unsigned 32 bit value. Primary 20 MHz channel. */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_CHANNEL_INFO_CENTER_FREQ = 61, + /* Unsigned 32 bit value. Center frequency (MHz) first segment. */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_CHANNEL_INFO_CENTER_FREQ0 = 62, + /* Unsigned 32 bit value. Center frequency (MHz) second segment. */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_CHANNEL_INFO_CENTER_FREQ1 = 63, + + /* Attributes of type QCA_WLAN_VENDOR_ATTR_LL_STATS_CHANNEL_* could be + * nested within the radio stats. + */ + + /* Unsigned int 32 bit value representing total number of msecs the + * radio is awake on that channel accruing over time, corresponding to + * the respective channel. + */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_CHANNEL_ON_TIME = 64, + /* Unsigned int 32 bit value representing total number of msecs the CCA + * register is busy accruing over time corresponding to the respective + * channel. + */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_CHANNEL_CCA_BUSY_TIME = 65, + + QCA_WLAN_VENDOR_ATTR_LL_STATS_NUM_RADIOS = 66, + + /* Signifies the nested list of channel attributes + * QCA_WLAN_VENDOR_ATTR_LL_STATS_CHANNEL_INFO_* + */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_CH_INFO = 67, + + /* Signifies the nested list of peer info attributes + * QCA_WLAN_VENDOR_ATTR_LL_STATS_PEER_INFO_* + */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_PEER_INFO = 68, + + /* Signifies the nested list of rate info attributes + * QCA_WLAN_VENDOR_ATTR_LL_STATS_RATE_* + */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_PEER_INFO_RATE_INFO = 69, + + /* Signifies the nested list of wmm info attributes + * QCA_WLAN_VENDOR_ATTR_LL_STATS_WMM_AC_* + */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_WMM_INFO = 70, + + /* Unsigned 8 bit value. Used by the driver; if set to 1, it indicates + * that more stats, e.g., peers or radio, are to follow in the next + * QCA_NL80211_VENDOR_SUBCMD_LL_STATS_*_RESULTS event. + * Otherwise, it is set to 0. + */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_RESULTS_MORE_DATA = 71, + + /* Unsigned 64 bit value */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_IFACE_AVERAGE_TSF_OFFSET = 72, + + /* Unsigned 32 bit value */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_IFACE_LEAKY_AP_DETECTED = 73, + + /* Unsigned 32 bit value */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_IFACE_LEAKY_AP_AVG_NUM_FRAMES_LEAKED = 74, + + /* Unsigned 32 bit value */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_IFACE_LEAKY_AP_GUARD_TIME = 75, + + /* Unsigned 32 bit value */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_TYPE = 76, + + /* Unsigned 32 bit value */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_RADIO_NUM_TX_LEVELS = 77, + + /* Number of msecs the radio spent in transmitting for each power level + */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_RADIO_TX_TIME_PER_LEVEL = 78, + + /* Unsigned 32 bit value */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_IFACE_RTS_SUCC_CNT = 79, + /* Unsigned 32 bit value */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_IFACE_RTS_FAIL_CNT = 80, + /* Unsigned 32 bit value */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_IFACE_PPDU_SUCC_CNT = 81, + /* Unsigned 32 bit value */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_IFACE_PPDU_FAIL_CNT = 82, + + /* Unsigned int 32 value. + * Pending MSDUs corresponding to respective AC. + */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_WMM_AC_PENDING_MSDU = 83, + + /* keep last */ + QCA_WLAN_VENDOR_ATTR_LL_STATS_AFTER_LAST, + QCA_WLAN_VENDOR_ATTR_LL_STATS_MAX = + QCA_WLAN_VENDOR_ATTR_LL_STATS_AFTER_LAST - 1, +}; + +enum qca_wlan_vendor_attr_ll_stats_type { + QCA_NL80211_VENDOR_SUBCMD_LL_STATS_TYPE_INVALID = 0, + QCA_NL80211_VENDOR_SUBCMD_LL_STATS_TYPE_RADIO = 1, + QCA_NL80211_VENDOR_SUBCMD_LL_STATS_TYPE_IFACE = 2, + QCA_NL80211_VENDOR_SUBCMD_LL_STATS_TYPE_PEERS = 3, + + /* keep last */ + QCA_NL80211_VENDOR_SUBCMD_LL_STATS_TYPE_AFTER_LAST, + QCA_NL80211_VENDOR_SUBCMD_LL_STATS_TYPE_MAX = + QCA_NL80211_VENDOR_SUBCMD_LL_STATS_TYPE_AFTER_LAST - 1, +}; + +/** + * enum qca_wlan_vendor_attr_tdls_configuration - Attributes for + * TDLS configuration to the host driver. + * + * @QCA_WLAN_VENDOR_ATTR_TDLS_CONFIG_TRIGGER_MODE: Configure the TDLS trigger + * mode in the host driver. enum qca_wlan_vendor_tdls_trigger_mode + * represents the different TDLS trigger modes. + * @QCA_WLAN_VENDOR_ATTR_TDLS_CONFIG_TX_STATS_PERIOD: Duration (u32) within + * which QCA_WLAN_VENDOR_ATTR_TDLS_CONFIG_TX_THRESHOLD number + * of packets shall meet the criteria for implicit TDLS setup. + * @QCA_WLAN_VENDOR_ATTR_TDLS_CONFIG_TX_THRESHOLD: Number (u32) of Tx/Rx packets + * within a duration QCA_WLAN_VENDOR_ATTR_TDLS_CONFIG_TX_STATS_PERIOD + * to initiate a TDLS setup. + * @QCA_WLAN_VENDOR_ATTR_TDLS_CONFIG_DISCOVERY_PERIOD: Time (u32) to initiate + * a TDLS Discovery to the peer. + * @QCA_WLAN_VENDOR_ATTR_TDLS_CONFIG_MAX_DISCOVERY_ATTEMPT: Max number (u32) of + * discovery attempts to know the TDLS capability of the peer. A peer is + * marked as TDLS not capable if there is no response for all the attempts. + * @QCA_WLAN_VENDOR_ATTR_TDLS_CONFIG_IDLE_TIMEOUT: Represents a duration (u32) + * within which QCA_WLAN_VENDOR_ATTR_TDLS_CONFIG_IDLE_PACKET_THRESHOLD + * number of TX / RX frames meet the criteria for TDLS teardown. + * @QCA_WLAN_VENDOR_ATTR_TDLS_CONFIG_IDLE_PACKET_THRESHOLD: Minimum number (u32) + * of Tx/Rx packets within a duration + * QCA_WLAN_VENDOR_ATTR_TDLS_CONFIG_IDLE_TIMEOUT to tear down a TDLS link. + * @QCA_WLAN_VENDOR_ATTR_TDLS_CONFIG_SETUP_RSSI_THRESHOLD: Threshold + * corresponding to the RSSI of the peer below which a TDLS setup is + * triggered. + * @QCA_WLAN_VENDOR_ATTR_TDLS_CONFIG_TEARDOWN_RSSI_THRESHOLD: Threshold + * corresponding to the RSSI of the peer above which a TDLS teardown is + * triggered. + */ +enum qca_wlan_vendor_attr_tdls_configuration { + QCA_WLAN_VENDOR_ATTR_TDLS_CONFIG_INVALID = 0, + QCA_WLAN_VENDOR_ATTR_TDLS_CONFIG_TRIGGER_MODE = 1, + + /* Attributes configuring the TDLS Implicit Trigger */ + QCA_WLAN_VENDOR_ATTR_TDLS_CONFIG_TX_STATS_PERIOD = 2, + QCA_WLAN_VENDOR_ATTR_TDLS_CONFIG_TX_THRESHOLD = 3, + QCA_WLAN_VENDOR_ATTR_TDLS_CONFIG_DISCOVERY_PERIOD = 4, + QCA_WLAN_VENDOR_ATTR_TDLS_CONFIG_MAX_DISCOVERY_ATTEMPT = 5, + QCA_WLAN_VENDOR_ATTR_TDLS_CONFIG_IDLE_TIMEOUT = 6, + QCA_WLAN_VENDOR_ATTR_TDLS_CONFIG_IDLE_PACKET_THRESHOLD = 7, + QCA_WLAN_VENDOR_ATTR_TDLS_CONFIG_SETUP_RSSI_THRESHOLD = 8, + QCA_WLAN_VENDOR_ATTR_TDLS_CONFIG_TEARDOWN_RSSI_THRESHOLD = 9, + + /* keep last */ + QCA_WLAN_VENDOR_ATTR_TDLS_CONFIG_AFTER_LAST, + QCA_WLAN_VENDOR_ATTR_TDLS_CONFIG_MAX = + QCA_WLAN_VENDOR_ATTR_TDLS_CONFIG_AFTER_LAST - 1 +}; + +/** + * enum qca_wlan_vendor_tdls_trigger_mode: Represents the TDLS trigger mode in + * the driver + * + * The following are the different values for + * QCA_WLAN_VENDOR_ATTR_TDLS_CONFIG_TRIGGER_MODE. + * + * @QCA_WLAN_VENDOR_TDLS_TRIGGER_MODE_EXPLICIT: The trigger to initiate/teardown + * the TDLS connection to a respective peer comes from the user space. + * wpa_supplicant provides the commands TDLS_SETUP, TDLS_TEARDOWN, + * TDLS_DISCOVER to do this. + * @QCA_WLAN_VENDOR_TDLS_TRIGGER_MODE_IMPLICIT: Host driver triggers this TDLS + * setup/teardown to the eligible peer once the configured criteria + * (such as TX/RX threshold, RSSI) is met. The attributes + * in QCA_WLAN_VENDOR_ATTR_TDLS_CONFIG_IMPLICIT_PARAMS correspond to + * the different configuration criteria for the TDLS trigger from the + * host driver. + * @QCA_WLAN_VENDOR_TDLS_TRIGGER_MODE_EXTERNAL: Enables the driver to trigger + * the TDLS setup / teardown through the implicit mode only to the + * configured MAC addresses (wpa_supplicant, with tdls_external_control=1, + * configures the MAC address through TDLS_SETUP / TDLS_TEARDOWN commands). + * External mode works on top of the implicit mode. Thus the host driver + * is expected to configure in TDLS Implicit mode too to operate in + * External mode. + * Configuring External mode alone without Implicit mode is invalid. + * + * All the above implementations work as expected only when the host driver + * advertises the capability WPA_DRIVER_FLAGS_TDLS_EXTERNAL_SETUP - representing + * that the TDLS message exchange is not internal to the host driver, but + * depends on wpa_supplicant to do the message exchange. + */ +enum qca_wlan_vendor_tdls_trigger_mode { + QCA_WLAN_VENDOR_TDLS_TRIGGER_MODE_EXPLICIT = 1 << 0, + QCA_WLAN_VENDOR_TDLS_TRIGGER_MODE_IMPLICIT = 1 << 1, + QCA_WLAN_VENDOR_TDLS_TRIGGER_MODE_EXTERNAL = 1 << 2, +}; + +/** + * enum qca_vendor_attr_sar_limits_selections - Source of SAR power limits + * @QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_SELECT_BDF0: Select SAR profile #0 + * that is hard-coded in the Board Data File (BDF). + * @QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_SELECT_BDF1: Select SAR profile #1 + * that is hard-coded in the Board Data File (BDF). + * @QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_SELECT_BDF2: Select SAR profile #2 + * that is hard-coded in the Board Data File (BDF). + * @QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_SELECT_BDF3: Select SAR profile #3 + * that is hard-coded in the Board Data File (BDF). + * @QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_SELECT_BDF4: Select SAR profile #4 + * that is hard-coded in the Board Data File (BDF). + * @QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_SELECT_NONE: Do not select any + * source of SAR power limits, thereby disabling the SAR power + * limit feature. + * @QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_SELECT_USER: Select the SAR power + * limits configured by %QCA_NL80211_VENDOR_SUBCMD_SET_SAR. + * @QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_SELECT_V2_0: Select the SAR power + * limits version 2.0 configured by %QCA_NL80211_VENDOR_SUBCMD_SET_SAR. + * + * This enumerates the valid set of values that may be supplied for + * attribute %QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_SELECT in an instance of + * the %QCA_NL80211_VENDOR_SUBCMD_SET_SAR_LIMITS vendor command or in + * the response to an instance of the + * %QCA_NL80211_VENDOR_SUBCMD_GET_SAR_LIMITS vendor command. + */ +enum qca_vendor_attr_sar_limits_selections { + QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_SELECT_BDF0 = 0, + QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_SELECT_BDF1 = 1, + QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_SELECT_BDF2 = 2, + QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_SELECT_BDF3 = 3, + QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_SELECT_BDF4 = 4, + QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_SELECT_NONE = 5, + QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_SELECT_USER = 6, + QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_SELECT_V2_0 = 7, +}; + +/** + * enum qca_vendor_attr_sar_limits_spec_modulations - + * SAR limits specification modulation + * @QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_SPEC_MODULATION_CCK - + * CCK modulation + * @QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_SPEC_MODULATION_OFDM - + * OFDM modulation + * + * This enumerates the valid set of values that may be supplied for + * attribute %QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_SPEC_MODULATION in an + * instance of attribute %QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_SPEC in an + * instance of the %QCA_NL80211_VENDOR_SUBCMD_SET_SAR_LIMITS vendor + * command or in the response to an instance of the + * %QCA_NL80211_VENDOR_SUBCMD_GET_SAR_LIMITS vendor command. + */ +enum qca_vendor_attr_sar_limits_spec_modulations { + QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_SPEC_MODULATION_CCK = 0, + QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_SPEC_MODULATION_OFDM = 1, +}; + +/** + * enum qca_vendor_attr_sar_limits - Attributes for SAR power limits + * + * @QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_SAR_ENABLE: Optional (u32) value to + * select which SAR power limit table should be used. Valid + * values are enumerated in enum + * %qca_vendor_attr_sar_limits_selections. The existing SAR + * power limit selection is unchanged if this attribute is not + * present. + * + * @QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_NUM_SPECS: Optional (u32) value + * which specifies the number of SAR power limit specifications + * which will follow. + * + * @QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_SPEC: Nested array of SAR power + * limit specifications. The number of specifications is + * specified by @QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_NUM_SPECS. Each + * specification contains a set of + * QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_SPEC_* attributes. A + * specification is uniquely identified by the attributes + * %QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_SPEC_BAND, + * %QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_SPEC_CHAIN, and + * %QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_SPEC_MODULATION and always + * contains as a payload the attribute + * %QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_SPEC_POWER_LIMIT, + * %QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_SPEC_POWER_LIMIT_INDEX. + * Either %QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_SPEC_POWER_LIMIT or + * %QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_SPEC_POWER_LIMIT_INDEX is + * needed based upon the value of + * %QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_SAR_ENABLE. + * + * @QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_SPEC_BAND: Optional (u32) value to + * indicate for which band this specification applies. Valid + * values are enumerated in enum %nl80211_band (although not all + * bands may be supported by a given device). If the attribute is + * not supplied then the specification will be applied to all + * supported bands. + * + * @QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_SPEC_CHAIN: Optional (u32) value + * to indicate for which antenna chain this specification + * applies, i.e. 1 for chain 1, 2 for chain 2, etc. If the + * attribute is not supplied then the specification will be + * applied to all chains. + * + * @QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_SPEC_MODULATION: Optional (u32) + * value to indicate for which modulation scheme this + * specification applies. Valid values are enumerated in enum + * %qca_vendor_attr_sar_limits_spec_modulations. If the attribute + * is not supplied then the specification will be applied to all + * modulation schemes. + * + * @QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_SPEC_POWER_LIMIT: Required (u32) + * value to specify the actual power limit value in units of 0.5 + * dBm (i.e., a value of 11 represents 5.5 dBm). + * This is required, when %QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_SELECT is + * %QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_SELECT_USER. + * + * @QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_SPEC_POWER_LIMIT_INDEX: Required (u32) + * value to indicate SAR V2 indices (0 - 11) to select SAR V2 profiles. + * This is required, when %QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_SELECT is + * %QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_SELECT_V2_0. + * + * These attributes are used with %QCA_NL80211_VENDOR_SUBCMD_SET_SAR_LIMITS + * and %QCA_NL80211_VENDOR_SUBCMD_GET_SAR_LIMITS. + */ +enum qca_vendor_attr_sar_limits { + QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_INVALID = 0, + QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_SAR_ENABLE = 1, + QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_NUM_SPECS = 2, + QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_SPEC = 3, + QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_SPEC_BAND = 4, + QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_SPEC_CHAIN = 5, + QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_SPEC_MODULATION = 6, + QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_SPEC_POWER_LIMIT = 7, + QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_SPEC_POWER_LIMIT_INDEX = 8, + + QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_AFTER_LAST, + QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_MAX = + QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_AFTER_LAST - 1 +}; + +/** + * enum qca_wlan_vendor_attr_get_wifi_info: Attributes for data used by + * QCA_NL80211_VENDOR_SUBCMD_GET_WIFI_INFO sub command. + */ +enum qca_wlan_vendor_attr_get_wifi_info { + QCA_WLAN_VENDOR_ATTR_WIFI_INFO_GET_INVALID = 0, + QCA_WLAN_VENDOR_ATTR_WIFI_INFO_DRIVER_VERSION = 1, + QCA_WLAN_VENDOR_ATTR_WIFI_INFO_FIRMWARE_VERSION = 2, + + /* keep last */ + QCA_WLAN_VENDOR_ATTR_WIFI_INFO_GET_AFTER_LAST, + QCA_WLAN_VENDOR_ATTR_WIFI_INFO_GET_MAX = + QCA_WLAN_VENDOR_ATTR_WIFI_INFO_GET_AFTER_LAST - 1, +}; + +/* + * enum qca_wlan_vendor_attr_wifi_logger_start: Attributes for data used by + * QCA_NL80211_VENDOR_SUBCMD_WIFI_LOGGER_START sub command. + */ +enum qca_wlan_vendor_attr_wifi_logger_start { + QCA_WLAN_VENDOR_ATTR_WIFI_LOGGER_START_INVALID = 0, + QCA_WLAN_VENDOR_ATTR_WIFI_LOGGER_RING_ID = 1, + QCA_WLAN_VENDOR_ATTR_WIFI_LOGGER_VERBOSE_LEVEL = 2, + QCA_WLAN_VENDOR_ATTR_WIFI_LOGGER_FLAGS = 3, + + /* keep last */ + QCA_WLAN_VENDOR_ATTR_WIFI_LOGGER_START_AFTER_LAST, + QCA_WLAN_VENDOR_ATTR_WIFI_LOGGER_START_GET_MAX = + QCA_WLAN_VENDOR_ATTR_WIFI_LOGGER_START_AFTER_LAST - 1, +}; + +enum qca_wlan_vendor_attr_logger_results { + QCA_WLAN_VENDOR_ATTR_LOGGER_RESULTS_INVALID = 0, + + /* Unsigned 32-bit value; must match the request Id supplied by + * Wi-Fi HAL in the corresponding subcmd NL msg. + */ + QCA_WLAN_VENDOR_ATTR_LOGGER_RESULTS_REQUEST_ID = 1, + + /* Unsigned 32-bit value; used to indicate the size of memory + * dump to be allocated. + */ + QCA_WLAN_VENDOR_ATTR_LOGGER_RESULTS_MEMDUMP_SIZE = 2, + + /* keep last */ + QCA_WLAN_VENDOR_ATTR_LOGGER_RESULTS_AFTER_LAST, + QCA_WLAN_VENDOR_ATTR_LOGGER_RESULTS_MAX = + QCA_WLAN_VENDOR_ATTR_LOGGER_RESULTS_AFTER_LAST - 1, +}; + +enum qca_wlan_vendor_attr_roaming_config_params { + QCA_WLAN_VENDOR_ATTR_ROAMING_PARAM_INVALID = 0, + + QCA_WLAN_VENDOR_ATTR_ROAMING_SUBCMD = 1, + QCA_WLAN_VENDOR_ATTR_ROAMING_REQ_ID = 2, + + /* Attributes for wifi_set_ssid_white_list */ + QCA_WLAN_VENDOR_ATTR_ROAMING_PARAM_WHITE_LIST_SSID_NUM_NETWORKS = 3, + QCA_WLAN_VENDOR_ATTR_ROAMING_PARAM_WHITE_LIST_SSID_LIST = 4, + QCA_WLAN_VENDOR_ATTR_ROAMING_PARAM_WHITE_LIST_SSID = 5, + + /* Attributes for set_roam_params */ + QCA_WLAN_VENDOR_ATTR_ROAMING_PARAM_A_BAND_BOOST_THRESHOLD = 6, + QCA_WLAN_VENDOR_ATTR_ROAMING_PARAM_A_BAND_PENALTY_THRESHOLD = 7, + QCA_WLAN_VENDOR_ATTR_ROAMING_PARAM_A_BAND_BOOST_FACTOR = 8, + QCA_WLAN_VENDOR_ATTR_ROAMING_PARAM_A_BAND_PENALTY_FACTOR = 9, + QCA_WLAN_VENDOR_ATTR_ROAMING_PARAM_A_BAND_MAX_BOOST = 10, + QCA_WLAN_VENDOR_ATTR_ROAMING_PARAM_LAZY_ROAM_HISTERESYS = 11, + QCA_WLAN_VENDOR_ATTR_ROAMING_PARAM_ALERT_ROAM_RSSI_TRIGGER = 12, + + /* Attribute for set_lazy_roam */ + QCA_WLAN_VENDOR_ATTR_ROAMING_PARAM_SET_LAZY_ROAM_ENABLE = 13, + + /* Attribute for set_lazy_roam with preferences */ + QCA_WLAN_VENDOR_ATTR_ROAMING_PARAM_SET_BSSID_PREFS = 14, + QCA_WLAN_VENDOR_ATTR_ROAMING_PARAM_SET_LAZY_ROAM_NUM_BSSID = 15, + QCA_WLAN_VENDOR_ATTR_ROAMING_PARAM_SET_LAZY_ROAM_BSSID = 16, + QCA_WLAN_VENDOR_ATTR_ROAMING_PARAM_SET_LAZY_ROAM_RSSI_MODIFIER = 17, + + /* Attribute for set_blacklist bssid params */ + QCA_WLAN_VENDOR_ATTR_ROAMING_PARAM_SET_BSSID_PARAMS = 18, + QCA_WLAN_VENDOR_ATTR_ROAMING_PARAM_SET_BSSID_PARAMS_NUM_BSSID = 19, + QCA_WLAN_VENDOR_ATTR_ROAMING_PARAM_SET_BSSID_PARAMS_BSSID = 20, + + /* keep last */ + QCA_WLAN_VENDOR_ATTR_ROAMING_PARAM_AFTER_LAST, + QCA_WLAN_VENDOR_ATTR_ROAMING_PARAM_MAX = + QCA_WLAN_VENDOR_ATTR_ROAMING_PARAM_AFTER_LAST - 1, +}; + +/* + * enum qca_wlan_vendor_attr_roam_subcmd: Attributes for data used by + * QCA_NL80211_VENDOR_SUBCMD_ROAM sub command. + */ +enum qca_wlan_vendor_attr_roam_subcmd { + QCA_WLAN_VENDOR_ATTR_ROAM_SUBCMD_INVALID = 0, + QCA_WLAN_VENDOR_ATTR_ROAM_SUBCMD_SSID_WHITE_LIST = 1, + QCA_WLAN_VENDOR_ATTR_ROAM_SUBCMD_SET_GSCAN_ROAM_PARAMS = 2, + QCA_WLAN_VENDOR_ATTR_ROAM_SUBCMD_SET_LAZY_ROAM = 3, + QCA_WLAN_VENDOR_ATTR_ROAM_SUBCMD_SET_BSSID_PREFS = 4, + QCA_WLAN_VENDOR_ATTR_ROAM_SUBCMD_SET_BSSID_PARAMS = 5, + QCA_WLAN_VENDOR_ATTR_ROAM_SUBCMD_SET_BLACKLIST_BSSID = 6, + + /* keep last */ + QCA_WLAN_VENDOR_ATTR_ROAM_SUBCMD_AFTER_LAST, + QCA_WLAN_VENDOR_ATTR_ROAM_SUBCMD_MAX = + QCA_WLAN_VENDOR_ATTR_ROAM_SUBCMD_AFTER_LAST - 1, +}; + +enum qca_wlan_vendor_attr_gscan_config_params { + QCA_WLAN_VENDOR_ATTR_GSCAN_SUBCMD_CONFIG_PARAM_INVALID = 0, + + /* Unsigned 32-bit value */ + QCA_WLAN_VENDOR_ATTR_GSCAN_SUBCMD_CONFIG_PARAM_REQUEST_ID = 1, + + /* Attributes for data used by + * QCA_NL80211_VENDOR_SUBCMD_GSCAN_GET_VALID_CHANNELS sub command. + */ + /* Unsigned 32-bit value */ + QCA_WLAN_VENDOR_ATTR_GSCAN_GET_VALID_CHANNELS_CONFIG_PARAM_WIFI_BAND + = 2, + /* Unsigned 32-bit value */ + QCA_WLAN_VENDOR_ATTR_GSCAN_GET_VALID_CHANNELS_CONFIG_PARAM_MAX_CHANNELS + = 3, + + /* Attributes for input params used by + * QCA_NL80211_VENDOR_SUBCMD_GSCAN_START sub command. + */ + + /* Unsigned 32-bit value; channel frequency */ + QCA_WLAN_VENDOR_ATTR_GSCAN_CHANNEL_SPEC_CHANNEL = 4, + /* Unsigned 32-bit value; dwell time in ms. */ + QCA_WLAN_VENDOR_ATTR_GSCAN_CHANNEL_SPEC_DWELL_TIME = 5, + /* Unsigned 8-bit value; 0: active; 1: passive; N/A for DFS */ + QCA_WLAN_VENDOR_ATTR_GSCAN_CHANNEL_SPEC_PASSIVE = 6, + /* Unsigned 8-bit value; channel class */ + QCA_WLAN_VENDOR_ATTR_GSCAN_CHANNEL_SPEC_CLASS = 7, + + /* Unsigned 8-bit value; bucket index, 0 based */ + QCA_WLAN_VENDOR_ATTR_GSCAN_BUCKET_SPEC_INDEX = 8, + /* Unsigned 8-bit value; band. */ + QCA_WLAN_VENDOR_ATTR_GSCAN_BUCKET_SPEC_BAND = 9, + /* Unsigned 32-bit value; desired period, in ms. */ + QCA_WLAN_VENDOR_ATTR_GSCAN_BUCKET_SPEC_PERIOD = 10, + /* Unsigned 8-bit value; report events semantics. */ + QCA_WLAN_VENDOR_ATTR_GSCAN_BUCKET_SPEC_REPORT_EVENTS = 11, + /* Unsigned 32-bit value. Followed by a nested array of + * GSCAN_CHANNEL_SPEC_* attributes. + */ + QCA_WLAN_VENDOR_ATTR_GSCAN_BUCKET_SPEC_NUM_CHANNEL_SPECS = 12, + + /* Array of QCA_WLAN_VENDOR_ATTR_GSCAN_CHANNEL_SPEC_* attributes. + * Array size: QCA_WLAN_VENDOR_ATTR_GSCAN_BUCKET_SPEC_NUM_CHANNEL_SPECS + */ + QCA_WLAN_VENDOR_ATTR_GSCAN_CHANNEL_SPEC = 13, + + /* Unsigned 32-bit value; base timer period in ms. */ + QCA_WLAN_VENDOR_ATTR_GSCAN_SCAN_CMD_PARAMS_BASE_PERIOD = 14, + /* Unsigned 32-bit value; number of APs to store in each scan in the + * BSSID/RSSI history buffer (keep the highest RSSI APs). + */ + QCA_WLAN_VENDOR_ATTR_GSCAN_SCAN_CMD_PARAMS_MAX_AP_PER_SCAN = 15, + /* Unsigned 8-bit value; in %, when scan buffer is this much full, wake + * up AP. + */ + QCA_WLAN_VENDOR_ATTR_GSCAN_SCAN_CMD_PARAMS_REPORT_THRESHOLD_PERCENT + = 16, + + /* Unsigned 8-bit value; number of scan bucket specs; followed by a + * nested array of_GSCAN_BUCKET_SPEC_* attributes and values. The size + * of the array is determined by NUM_BUCKETS. + */ + QCA_WLAN_VENDOR_ATTR_GSCAN_SCAN_CMD_PARAMS_NUM_BUCKETS = 17, + + /* Array of QCA_WLAN_VENDOR_ATTR_GSCAN_BUCKET_SPEC_* attributes. + * Array size: QCA_WLAN_VENDOR_ATTR_GSCAN_SCAN_CMD_PARAMS_NUM_BUCKETS + */ + QCA_WLAN_VENDOR_ATTR_GSCAN_BUCKET_SPEC = 18, + + /* Unsigned 8-bit value */ + QCA_WLAN_VENDOR_ATTR_GSCAN_GET_CACHED_SCAN_RESULTS_CONFIG_PARAM_FLUSH + = 19, + /* Unsigned 32-bit value; maximum number of results to be returned. */ + QCA_WLAN_VENDOR_ATTR_GSCAN_GET_CACHED_SCAN_RESULTS_CONFIG_PARAM_MAX + = 20, + + /* An array of 6 x unsigned 8-bit value */ + QCA_WLAN_VENDOR_ATTR_GSCAN_AP_THRESHOLD_PARAM_BSSID = 21, + /* Signed 32-bit value */ + QCA_WLAN_VENDOR_ATTR_GSCAN_AP_THRESHOLD_PARAM_RSSI_LOW = 22, + /* Signed 32-bit value */ + QCA_WLAN_VENDOR_ATTR_GSCAN_AP_THRESHOLD_PARAM_RSSI_HIGH = 23, + /* Unsigned 32-bit value */ + QCA_WLAN_VENDOR_ATTR_GSCAN_AP_THRESHOLD_PARAM_CHANNEL = 24, + + /* Number of hotlist APs as unsigned 32-bit value, followed by a nested + * array of AP_THRESHOLD_PARAM attributes and values. The size of the + * array is determined by NUM_AP. + */ + QCA_WLAN_VENDOR_ATTR_GSCAN_BSSID_HOTLIST_PARAMS_NUM_AP = 25, + + /* Array of QCA_WLAN_VENDOR_ATTR_GSCAN_AP_THRESHOLD_PARAM_* attributes. + * Array size: QCA_WLAN_VENDOR_ATTR_GSCAN_BUCKET_SPEC_NUM_CHANNEL_SPECS + */ + QCA_WLAN_VENDOR_ATTR_GSCAN_AP_THRESHOLD_PARAM = 26, + + /* Unsigned 32-bit value; number of samples for averaging RSSI. */ + QCA_WLAN_VENDOR_ATTR_GSCAN_SIGNIFICANT_CHANGE_PARAMS_RSSI_SAMPLE_SIZE + = 27, + /* Unsigned 32-bit value; number of samples to confirm AP loss. */ + QCA_WLAN_VENDOR_ATTR_GSCAN_SIGNIFICANT_CHANGE_PARAMS_LOST_AP_SAMPLE_SIZE + = 28, + /* Unsigned 32-bit value; number of APs breaching threshold. */ + QCA_WLAN_VENDOR_ATTR_GSCAN_SIGNIFICANT_CHANGE_PARAMS_MIN_BREACHING = 29, + /* Unsigned 32-bit value; number of APs. Followed by an array of + * AP_THRESHOLD_PARAM attributes. Size of the array is NUM_AP. + */ + QCA_WLAN_VENDOR_ATTR_GSCAN_SIGNIFICANT_CHANGE_PARAMS_NUM_AP = 30, + /* Unsigned 32-bit value; number of samples to confirm AP loss. */ + QCA_WLAN_VENDOR_ATTR_GSCAN_BSSID_HOTLIST_PARAMS_LOST_AP_SAMPLE_SIZE + = 31, + /* Unsigned 32-bit value. If max_period is non zero or different than + * period, then this bucket is an exponential backoff bucket. + */ + QCA_WLAN_VENDOR_ATTR_GSCAN_BUCKET_SPEC_MAX_PERIOD = 32, + /* Unsigned 32-bit value. */ + QCA_WLAN_VENDOR_ATTR_GSCAN_BUCKET_SPEC_BASE = 33, + /* Unsigned 32-bit value. For exponential back off bucket, number of + * scans to perform for a given period. + */ + QCA_WLAN_VENDOR_ATTR_GSCAN_BUCKET_SPEC_STEP_COUNT = 34, + /* Unsigned 8-bit value; in number of scans, wake up AP after these + * many scans. + */ + QCA_WLAN_VENDOR_ATTR_GSCAN_SCAN_CMD_PARAMS_REPORT_THRESHOLD_NUM_SCANS + = 35, + + /* Attributes for data used by + * QCA_NL80211_VENDOR_SUBCMD_GSCAN_SET_SSID_HOTLIST sub command. + */ + /* Unsigned 3-2bit value; number of samples to confirm SSID loss. */ + QCA_WLAN_VENDOR_ATTR_GSCAN_SSID_HOTLIST_PARAMS_LOST_SSID_SAMPLE_SIZE + = 36, + /* Number of hotlist SSIDs as unsigned 32-bit value, followed by a + * nested array of SSID_THRESHOLD_PARAM_* attributes and values. The + * size of the array is determined by NUM_SSID. + */ + QCA_WLAN_VENDOR_ATTR_GSCAN_SSID_HOTLIST_PARAMS_NUM_SSID = 37, + /* Array of QCA_WLAN_VENDOR_ATTR_GSCAN_SSID_THRESHOLD_PARAM_* + * attributes. + * Array size: QCA_WLAN_VENDOR_ATTR_GSCAN_SSID_HOTLIST_PARAMS_NUM_SSID + */ + QCA_WLAN_VENDOR_ATTR_GSCAN_SSID_THRESHOLD_PARAM = 38, + + /* An array of 33 x unsigned 8-bit value; NULL terminated SSID */ + QCA_WLAN_VENDOR_ATTR_GSCAN_SSID_THRESHOLD_PARAM_SSID = 39, + /* Unsigned 8-bit value */ + QCA_WLAN_VENDOR_ATTR_GSCAN_SSID_THRESHOLD_PARAM_BAND = 40, + /* Signed 32-bit value */ + QCA_WLAN_VENDOR_ATTR_GSCAN_SSID_THRESHOLD_PARAM_RSSI_LOW = 41, + /* Signed 32-bit value */ + QCA_WLAN_VENDOR_ATTR_GSCAN_SSID_THRESHOLD_PARAM_RSSI_HIGH = 42, + /* Unsigned 32-bit value; a bitmask with additional gscan config flag. + */ + QCA_WLAN_VENDOR_ATTR_GSCAN_CONFIGURATION_FLAGS = 43, + + /* keep last */ + QCA_WLAN_VENDOR_ATTR_GSCAN_SUBCMD_CONFIG_PARAM_AFTER_LAST, + QCA_WLAN_VENDOR_ATTR_GSCAN_SUBCMD_CONFIG_PARAM_MAX = + QCA_WLAN_VENDOR_ATTR_GSCAN_SUBCMD_CONFIG_PARAM_AFTER_LAST - 1, +}; + +enum qca_wlan_vendor_attr_gscan_results { + QCA_WLAN_VENDOR_ATTR_GSCAN_RESULTS_INVALID = 0, + + /* Unsigned 32-bit value; must match the request Id supplied by + * Wi-Fi HAL in the corresponding subcmd NL msg. + */ + QCA_WLAN_VENDOR_ATTR_GSCAN_RESULTS_REQUEST_ID = 1, + + /* Unsigned 32-bit value; used to indicate the status response from + * firmware/driver for the vendor sub-command. + */ + QCA_WLAN_VENDOR_ATTR_GSCAN_STATUS = 2, + + /* GSCAN Valid Channels attributes */ + /* Unsigned 32bit value; followed by a nested array of CHANNELS. */ + QCA_WLAN_VENDOR_ATTR_GSCAN_RESULTS_NUM_CHANNELS = 3, + /* An array of NUM_CHANNELS x unsigned 32-bit value integers + * representing channel numbers. + */ + QCA_WLAN_VENDOR_ATTR_GSCAN_RESULTS_CHANNELS = 4, + + /* GSCAN Capabilities attributes */ + /* Unsigned 32-bit value */ + QCA_WLAN_VENDOR_ATTR_GSCAN_RESULTS_CAPABILITIES_MAX_SCAN_CACHE_SIZE = 5, + /* Unsigned 32-bit value */ + QCA_WLAN_VENDOR_ATTR_GSCAN_RESULTS_CAPABILITIES_MAX_SCAN_BUCKETS = 6, + /* Unsigned 32-bit value */ + QCA_WLAN_VENDOR_ATTR_GSCAN_RESULTS_CAPABILITIES_MAX_AP_CACHE_PER_SCAN + = 7, + /* Unsigned 32-bit value */ + QCA_WLAN_VENDOR_ATTR_GSCAN_RESULTS_CAPABILITIES_MAX_RSSI_SAMPLE_SIZE + = 8, + /* Signed 32-bit value */ + QCA_WLAN_VENDOR_ATTR_GSCAN_RESULTS_CAPABILITIES_MAX_SCAN_REPORTING_THRESHOLD + = 9, + /* Unsigned 32-bit value */ + QCA_WLAN_VENDOR_ATTR_GSCAN_RESULTS_CAPABILITIES_MAX_HOTLIST_BSSIDS = 10, + /* Unsigned 32-bit value */ + QCA_WLAN_VENDOR_ATTR_GSCAN_RESULTS_CAPABILITIES_MAX_SIGNIFICANT_WIFI_CHANGE_APS + = 11, + /* Unsigned 32-bit value */ + QCA_WLAN_VENDOR_ATTR_GSCAN_RESULTS_CAPABILITIES_MAX_BSSID_HISTORY_ENTRIES + = 12, + + /* GSCAN Attributes used with + * QCA_NL80211_VENDOR_SUBCMD_GSCAN_SCAN_RESULTS_AVAILABLE sub-command. + */ + + /* Unsigned 32-bit value */ + QCA_WLAN_VENDOR_ATTR_GSCAN_RESULTS_NUM_RESULTS_AVAILABLE = 13, + + /* GSCAN attributes used with + * QCA_NL80211_VENDOR_SUBCMD_GSCAN_FULL_SCAN_RESULT sub-command. + */ + + /* An array of NUM_RESULTS_AVAILABLE x + * QCA_WLAN_VENDOR_ATTR_GSCAN_RESULTS_SCAN_RESULT_* + */ + QCA_WLAN_VENDOR_ATTR_GSCAN_RESULTS_LIST = 14, + + /* Unsigned 64-bit value; age of sample at the time of retrieval */ + QCA_WLAN_VENDOR_ATTR_GSCAN_RESULTS_SCAN_RESULT_TIME_STAMP = 15, + /* 33 x unsigned 8-bit value; NULL terminated SSID */ + QCA_WLAN_VENDOR_ATTR_GSCAN_RESULTS_SCAN_RESULT_SSID = 16, + /* An array of 6 x unsigned 8-bit value */ + QCA_WLAN_VENDOR_ATTR_GSCAN_RESULTS_SCAN_RESULT_BSSID = 17, + /* Unsigned 32-bit value; channel frequency in MHz */ + QCA_WLAN_VENDOR_ATTR_GSCAN_RESULTS_SCAN_RESULT_CHANNEL = 18, + /* Signed 32-bit value */ + QCA_WLAN_VENDOR_ATTR_GSCAN_RESULTS_SCAN_RESULT_RSSI = 19, + /* Unsigned 32-bit value */ + QCA_WLAN_VENDOR_ATTR_GSCAN_RESULTS_SCAN_RESULT_RTT = 20, + /* Unsigned 32-bit value */ + QCA_WLAN_VENDOR_ATTR_GSCAN_RESULTS_SCAN_RESULT_RTT_SD = 21, + /* Unsigned 16-bit value */ + QCA_WLAN_VENDOR_ATTR_GSCAN_RESULTS_SCAN_RESULT_BEACON_PERIOD = 22, + /* Unsigned 16-bit value */ + QCA_WLAN_VENDOR_ATTR_GSCAN_RESULTS_SCAN_RESULT_CAPABILITY = 23, + /* Unsigned 32-bit value; size of the IE DATA blob */ + QCA_WLAN_VENDOR_ATTR_GSCAN_RESULTS_SCAN_RESULT_IE_LENGTH = 24, + /* An array of IE_LENGTH x unsigned 8-bit value; blob of all the + * information elements found in the beacon; this data should be a + * packed list of wifi_information_element objects, one after the + * other. + */ + QCA_WLAN_VENDOR_ATTR_GSCAN_RESULTS_SCAN_RESULT_IE_DATA = 25, + + /* Unsigned 8-bit value; set by driver to indicate more scan results are + * available. + */ + QCA_WLAN_VENDOR_ATTR_GSCAN_RESULTS_SCAN_RESULT_MORE_DATA = 26, + + /* GSCAN attributes for + * QCA_NL80211_VENDOR_SUBCMD_GSCAN_SCAN_EVENT sub-command. + */ + /* Unsigned 8-bit value */ + QCA_WLAN_VENDOR_ATTR_GSCAN_RESULTS_SCAN_EVENT_TYPE = 27, + /* Unsigned 32-bit value */ + QCA_WLAN_VENDOR_ATTR_GSCAN_RESULTS_SCAN_EVENT_STATUS = 28, + + /* GSCAN attributes for + * QCA_NL80211_VENDOR_SUBCMD_GSCAN_HOTLIST_AP_FOUND sub-command. + */ + /* Use attr QCA_WLAN_VENDOR_ATTR_GSCAN_RESULTS_NUM_RESULTS_AVAILABLE + * to indicate number of results. + * Also, use QCA_WLAN_VENDOR_ATTR_GSCAN_RESULTS_LIST to indicate the + * list of results. + */ + + /* GSCAN attributes for + * QCA_NL80211_VENDOR_SUBCMD_GSCAN_SIGNIFICANT_CHANGE sub-command. + */ + /* An array of 6 x unsigned 8-bit value */ + QCA_WLAN_VENDOR_ATTR_GSCAN_RESULTS_SIGNIFICANT_CHANGE_RESULT_BSSID = 29, + /* Unsigned 32-bit value */ + QCA_WLAN_VENDOR_ATTR_GSCAN_RESULTS_SIGNIFICANT_CHANGE_RESULT_CHANNEL + = 30, + /* Unsigned 32-bit value. */ + QCA_WLAN_VENDOR_ATTR_GSCAN_RESULTS_SIGNIFICANT_CHANGE_RESULT_NUM_RSSI + = 31, + /* A nested array of signed 32-bit RSSI values. Size of the array is + * determined by (NUM_RSSI of SIGNIFICANT_CHANGE_RESULT_NUM_RSSI. + */ + QCA_WLAN_VENDOR_ATTR_GSCAN_RESULTS_SIGNIFICANT_CHANGE_RESULT_RSSI_LIST + = 32, + + /* GSCAN attributes used with + * QCA_NL80211_VENDOR_SUBCMD_GSCAN_GET_CACHED_RESULTS sub-command. + */ + /* Use attr QCA_WLAN_VENDOR_ATTR_GSCAN_RESULTS_NUM_RESULTS_AVAILABLE + * to indicate number of gscan cached results returned. + * Also, use QCA_WLAN_VENDOR_ATTR_GSCAN_CACHED_RESULTS_LIST to indicate + * the list of gscan cached results. + */ + + /* An array of NUM_RESULTS_AVAILABLE x + * QCA_NL80211_VENDOR_ATTR_GSCAN_CACHED_RESULTS_* + */ + QCA_WLAN_VENDOR_ATTR_GSCAN_CACHED_RESULTS_LIST = 33, + /* Unsigned 32-bit value; a unique identifier for the scan unit. */ + QCA_WLAN_VENDOR_ATTR_GSCAN_CACHED_RESULTS_SCAN_ID = 34, + /* Unsigned 32-bit value; a bitmask w/additional information about scan. + */ + QCA_WLAN_VENDOR_ATTR_GSCAN_CACHED_RESULTS_FLAGS = 35, + /* Use attr QCA_WLAN_VENDOR_ATTR_GSCAN_RESULTS_NUM_RESULTS_AVAILABLE + * to indicate number of wifi scan results/bssids retrieved by the scan. + * Also, use QCA_WLAN_VENDOR_ATTR_GSCAN_RESULTS_LIST to indicate the + * list of wifi scan results returned for each cached result block. + */ + + /* GSCAN attributes for + * QCA_NL80211_VENDOR_SUBCMD_PNO_NETWORK_FOUND sub-command. + */ + /* Use QCA_WLAN_VENDOR_ATTR_GSCAN_RESULTS_NUM_RESULTS_AVAILABLE for + * number of results. + * Use QCA_WLAN_VENDOR_ATTR_GSCAN_RESULTS_LIST to indicate the nested + * list of wifi scan results returned for each + * wifi_passpoint_match_result block. + * Array size: QCA_WLAN_VENDOR_ATTR_GSCAN_RESULTS_NUM_RESULTS_AVAILABLE. + */ + + /* GSCAN attributes for + * QCA_NL80211_VENDOR_SUBCMD_PNO_PASSPOINT_NETWORK_FOUND sub-command. + */ + /* Unsigned 32-bit value */ + QCA_WLAN_VENDOR_ATTR_GSCAN_PNO_RESULTS_PASSPOINT_NETWORK_FOUND_NUM_MATCHES + = 36, + /* A nested array of + * QCA_WLAN_VENDOR_ATTR_GSCAN_PNO_RESULTS_PASSPOINT_MATCH_* + * attributes. Array size = + * *_ATTR_GSCAN_PNO_RESULTS_PASSPOINT_NETWORK_FOUND_NUM_MATCHES. + */ + QCA_WLAN_VENDOR_ATTR_GSCAN_PNO_RESULTS_PASSPOINT_MATCH_RESULT_LIST = 37, + + /* Unsigned 32-bit value; network block id for the matched network */ + QCA_WLAN_VENDOR_ATTR_GSCAN_PNO_RESULTS_PASSPOINT_MATCH_ID = 38, + /* Use QCA_WLAN_VENDOR_ATTR_GSCAN_RESULTS_LIST to indicate the nested + * list of wifi scan results returned for each + * wifi_passpoint_match_result block. + */ + /* Unsigned 32-bit value */ + QCA_WLAN_VENDOR_ATTR_GSCAN_PNO_RESULTS_PASSPOINT_MATCH_ANQP_LEN = 39, + /* An array size of PASSPOINT_MATCH_ANQP_LEN of unsigned 8-bit values; + * ANQP data in the information_element format. + */ + QCA_WLAN_VENDOR_ATTR_GSCAN_PNO_RESULTS_PASSPOINT_MATCH_ANQP = 40, + + /* Unsigned 32-bit value; a GSCAN Capabilities attribute. */ + QCA_WLAN_VENDOR_ATTR_GSCAN_RESULTS_CAPABILITIES_MAX_HOTLIST_SSIDS = 41, + /* Unsigned 32-bit value; a GSCAN Capabilities attribute. */ + QCA_WLAN_VENDOR_ATTR_GSCAN_RESULTS_CAPABILITIES_MAX_NUM_EPNO_NETS = 42, + /* Unsigned 32-bit value; a GSCAN Capabilities attribute. */ + QCA_WLAN_VENDOR_ATTR_GSCAN_RESULTS_CAPABILITIES_MAX_NUM_EPNO_NETS_BY_SSID + = 43, + /* Unsigned 32-bit value; a GSCAN Capabilities attribute. */ + QCA_WLAN_VENDOR_ATTR_GSCAN_RESULTS_CAPABILITIES_MAX_NUM_WHITELISTED_SSID + = 44, + + QCA_WLAN_VENDOR_ATTR_GSCAN_RESULTS_BUCKETS_SCANNED = 45, + + /* Unsigned 32-bit value; a GSCAN Capabilities attribute. + * This is used to limit the maximum number of BSSIDs while sending + * the vendor command QCA_NL80211_VENDOR_SUBCMD_ROAM with attributes + * QCA_WLAN_VENDOR_ATTR_ROAM_SUBCMD_SET_BLACKLIST_BSSID and + * QCA_WLAN_VENDOR_ATTR_ROAMING_PARAM_SET_BSSID_PARAMS_NUM_BSSID. + */ + QCA_WLAN_VENDOR_ATTR_GSCAN_MAX_NUM_BLACKLISTED_BSSID = 46, + + /* keep last */ + QCA_WLAN_VENDOR_ATTR_GSCAN_RESULTS_AFTER_LAST, + QCA_WLAN_VENDOR_ATTR_GSCAN_RESULTS_MAX = + QCA_WLAN_VENDOR_ATTR_GSCAN_RESULTS_AFTER_LAST - 1, +}; + +enum qca_wlan_vendor_attr_pno_config_params { + QCA_WLAN_VENDOR_ATTR_PNO_INVALID = 0, + /* Attributes for data used by + * QCA_NL80211_VENDOR_SUBCMD_PNO_SET_PASSPOINT_LIST sub command. + */ + /* Unsigned 32-bit value */ + QCA_WLAN_VENDOR_ATTR_PNO_PASSPOINT_LIST_PARAM_NUM = 1, + /* Array of nested QCA_WLAN_VENDOR_ATTR_PNO_PASSPOINT_NETWORK_PARAM_* + * attributes. Array size = + * QCA_WLAN_VENDOR_ATTR_PNO_PASSPOINT_LIST_PARAM_NUM. + */ + QCA_WLAN_VENDOR_ATTR_PNO_PASSPOINT_LIST_PARAM_NETWORK_ARRAY = 2, + + /* Unsigned 32-bit value */ + QCA_WLAN_VENDOR_ATTR_PNO_PASSPOINT_NETWORK_PARAM_ID = 3, + /* An array of 256 x unsigned 8-bit value; NULL terminated UTF-8 encoded + * realm, 0 if unspecified. + */ + QCA_WLAN_VENDOR_ATTR_PNO_PASSPOINT_NETWORK_PARAM_REALM = 4, + /* An array of 16 x unsigned 32-bit value; roaming consortium ids to + * match, 0 if unspecified. + */ + QCA_WLAN_VENDOR_ATTR_PNO_PASSPOINT_NETWORK_PARAM_ROAM_CNSRTM_ID = 5, + /* An array of 6 x unsigned 8-bit value; MCC/MNC combination, 0s if + * unspecified. + */ + QCA_WLAN_VENDOR_ATTR_PNO_PASSPOINT_NETWORK_PARAM_ROAM_PLMN = 6, + + /* Attributes for data used by + * QCA_NL80211_VENDOR_SUBCMD_PNO_SET_LIST sub command. + */ + /* Unsigned 32-bit value */ + QCA_WLAN_VENDOR_ATTR_PNO_SET_LIST_PARAM_NUM_NETWORKS = 7, + /* Array of nested + * QCA_WLAN_VENDOR_ATTR_PNO_SET_LIST_PARAM_EPNO_NETWORK_* + * attributes. Array size = + * QCA_WLAN_VENDOR_ATTR_PNO_SET_LIST_PARAM_NUM_NETWORKS. + */ + QCA_WLAN_VENDOR_ATTR_PNO_SET_LIST_PARAM_EPNO_NETWORKS_LIST = 8, + /* An array of 33 x unsigned 8-bit value; NULL terminated SSID */ + QCA_WLAN_VENDOR_ATTR_PNO_SET_LIST_PARAM_EPNO_NETWORK_SSID = 9, + /* Signed 8-bit value; threshold for considering this SSID as found, + * required granularity for this threshold is 4 dBm to 8 dBm. + */ + QCA_WLAN_VENDOR_ATTR_PNO_SET_LIST_PARAM_EPNO_NETWORK_RSSI_THRESHOLD + = 10, + /* Unsigned 8-bit value; WIFI_PNO_FLAG_XXX */ + QCA_WLAN_VENDOR_ATTR_PNO_SET_LIST_PARAM_EPNO_NETWORK_FLAGS = 11, + /* Unsigned 8-bit value; auth bit field for matching WPA IE */ + QCA_WLAN_VENDOR_ATTR_PNO_SET_LIST_PARAM_EPNO_NETWORK_AUTH_BIT = 12, + /* Unsigned 8-bit to indicate ePNO type; + * It takes values from qca_wlan_epno_type + */ + QCA_WLAN_VENDOR_ATTR_PNO_SET_LIST_PARAM_EPNO_TYPE = 13, + + /* Nested attribute to send the channel list */ + QCA_WLAN_VENDOR_ATTR_PNO_SET_LIST_PARAM_EPNO_CHANNEL_LIST = 14, + + /* Unsigned 32-bit value; indicates the interval between PNO scan + * cycles in msec. + */ + QCA_WLAN_VENDOR_ATTR_PNO_SET_LIST_PARAM_EPNO_SCAN_INTERVAL = 15, + QCA_WLAN_VENDOR_ATTR_EPNO_MIN5GHZ_RSSI = 16, + QCA_WLAN_VENDOR_ATTR_EPNO_MIN24GHZ_RSSI = 17, + QCA_WLAN_VENDOR_ATTR_EPNO_INITIAL_SCORE_MAX = 18, + QCA_WLAN_VENDOR_ATTR_EPNO_CURRENT_CONNECTION_BONUS = 19, + QCA_WLAN_VENDOR_ATTR_EPNO_SAME_NETWORK_BONUS = 20, + QCA_WLAN_VENDOR_ATTR_EPNO_SECURE_BONUS = 21, + QCA_WLAN_VENDOR_ATTR_EPNO_BAND5GHZ_BONUS = 22, + /* Unsigned 32-bit value, representing the PNO Request ID */ + QCA_WLAN_VENDOR_ATTR_PNO_CONFIG_REQUEST_ID = 23, + + /* keep last */ + QCA_WLAN_VENDOR_ATTR_PNO_AFTER_LAST, + QCA_WLAN_VENDOR_ATTR_PNO_MAX = + QCA_WLAN_VENDOR_ATTR_PNO_AFTER_LAST - 1, +}; + +/** + * qca_wlan_vendor_acs_select_reason: This represents the different reasons why + * the ACS has to be triggered. These values are used by + * QCA_WLAN_VENDOR_ATTR_EXTERNAL_ACS_EVENT_REASON and + * QCA_WLAN_VENDOR_ATTR_EXTERNAL_ACS_CHANNEL_REASON + */ +enum qca_wlan_vendor_acs_select_reason { + /* Represents the reason that the ACS triggered during the AP start */ + QCA_WLAN_VENDOR_ACS_SELECT_REASON_INIT, + /* Represents the reason that DFS found with the current channel */ + QCA_WLAN_VENDOR_ACS_SELECT_REASON_DFS, + /* Represents the reason that LTE co-exist in the current band. */ + QCA_WLAN_VENDOR_ACS_SELECT_REASON_LTE_COEX, +}; + +/** + * qca_wlan_vendor_attr_external_acs_policy: Attribute values for + * QCA_WLAN_VENDOR_ATTR_EXTERNAL_ACS_EVENT_POLICY to the vendor subcmd + * QCA_NL80211_VENDOR_SUBCMD_EXTERNAL_ACS. This represents the + * external ACS policies to select the channels w.r.t. the PCL weights. + * (QCA_WLAN_VENDOR_ATTR_EXTERNAL_ACS_EVENT_PCL represents the channels and + * their PCL weights.) + * @QCA_WLAN_VENDOR_ATTR_EXTERNAL_ACS_POLICY_PCL_MANDATORY: Mandatory to + * select a channel with non-zero PCL weight. + * @QCA_WLAN_VENDOR_ATTR_EXTERNAL_ACS_POLICY_PCL_PREFERRED: Prefer a + * channel with non-zero PCL weight. + * + */ +enum qca_wlan_vendor_attr_external_acs_policy { + QCA_WLAN_VENDOR_ATTR_EXTERNAL_ACS_POLICY_PCL_PREFERRED, + QCA_WLAN_VENDOR_ATTR_EXTERNAL_ACS_POLICY_PCL_MANDATORY, +}; + +/** + * qca_wlan_vendor_channel_prop_flags: This represent the flags for a channel. + * This is used by QCA_WLAN_VENDOR_EXTERNAL_ACS_EVENT_CHAN_INFO_ATTR_FLAGS. + */ +enum qca_wlan_vendor_channel_prop_flags { + /* Bits 0, 1, 2, and 3 are reserved */ + + /* Turbo channel */ + QCA_WLAN_VENDOR_CHANNEL_PROP_FLAG_TURBO = 1 << 4, + /* CCK channel */ + QCA_WLAN_VENDOR_CHANNEL_PROP_FLAG_CCK = 1 << 5, + /* OFDM channel */ + QCA_WLAN_VENDOR_CHANNEL_PROP_FLAG_OFDM = 1 << 6, + /* 2.4 GHz spectrum channel. */ + QCA_WLAN_VENDOR_CHANNEL_PROP_FLAG_2GHZ = 1 << 7, + /* 5 GHz spectrum channel */ + QCA_WLAN_VENDOR_CHANNEL_PROP_FLAG_5GHZ = 1 << 8, + /* Only passive scan allowed */ + QCA_WLAN_VENDOR_CHANNEL_PROP_FLAG_PASSIVE = 1 << 9, + /* Dynamic CCK-OFDM channel */ + QCA_WLAN_VENDOR_CHANNEL_PROP_FLAG_DYN = 1 << 10, + /* GFSK channel (FHSS PHY) */ + QCA_WLAN_VENDOR_CHANNEL_PROP_FLAG_GFSK = 1 << 11, + /* Radar found on channel */ + QCA_WLAN_VENDOR_CHANNEL_PROP_FLAG_RADAR = 1 << 12, + /* 11a static turbo channel only */ + QCA_WLAN_VENDOR_CHANNEL_PROP_FLAG_STURBO = 1 << 13, + /* Half rate channel */ + QCA_WLAN_VENDOR_CHANNEL_PROP_FLAG_HALF = 1 << 14, + /* Quarter rate channel */ + QCA_WLAN_VENDOR_CHANNEL_PROP_FLAG_QUARTER = 1 << 15, + /* HT 20 channel */ + QCA_WLAN_VENDOR_CHANNEL_PROP_FLAG_HT20 = 1 << 16, + /* HT 40 with extension channel above */ + QCA_WLAN_VENDOR_CHANNEL_PROP_FLAG_HT40PLUS = 1 << 17, + /* HT 40 with extension channel below */ + QCA_WLAN_VENDOR_CHANNEL_PROP_FLAG_HT40MINUS = 1 << 18, + /* HT 40 intolerant */ + QCA_WLAN_VENDOR_CHANNEL_PROP_FLAG_HT40INTOL = 1 << 19, + /* VHT 20 channel */ + QCA_WLAN_VENDOR_CHANNEL_PROP_FLAG_VHT20 = 1 << 20, + /* VHT 40 with extension channel above */ + QCA_WLAN_VENDOR_CHANNEL_PROP_FLAG_VHT40PLUS = 1 << 21, + /* VHT 40 with extension channel below */ + QCA_WLAN_VENDOR_CHANNEL_PROP_FLAG_VHT40MINUS = 1 << 22, + /* VHT 80 channel */ + QCA_WLAN_VENDOR_CHANNEL_PROP_FLAG_VHT80 = 1 << 23, + /* HT 40 intolerant mark bit for ACS use */ + QCA_WLAN_VENDOR_CHANNEL_PROP_FLAG_HT40INTOLMARK = 1 << 24, + /* Channel temporarily blocked due to noise */ + QCA_WLAN_VENDOR_CHANNEL_PROP_FLAG_BLOCKED = 1 << 25, + /* VHT 160 channel */ + QCA_WLAN_VENDOR_CHANNEL_PROP_FLAG_VHT160 = 1 << 26, + /* VHT 80+80 channel */ + QCA_WLAN_VENDOR_CHANNEL_PROP_FLAG_VHT80_80 = 1 << 27, + /* HE 20 channel */ + QCA_WLAN_VENDOR_CHANNEL_PROP_FLAG_HE20 = 1 << 28, + /* HE 40 with extension channel above */ + QCA_WLAN_VENDOR_CHANNEL_PROP_FLAG_HE40PLUS = 1 << 29, + /* HE 40 with extension channel below */ + QCA_WLAN_VENDOR_CHANNEL_PROP_FLAG_HE40MINUS = 1 << 30, + /* HE 40 intolerant */ + QCA_WLAN_VENDOR_CHANNEL_PROP_FLAG_HE40INTOL = 1 << 31, +}; + +/** + * qca_wlan_vendor_channel_prop_flags_2: This represents the flags for a + * channel, and is a continuation of qca_wlan_vendor_channel_prop_flags. This is + * used by QCA_WLAN_VENDOR_EXTERNAL_ACS_EVENT_CHAN_INFO_ATTR_FLAGS_2. + */ +enum qca_wlan_vendor_channel_prop_flags_2 { + /* HE 40 intolerant mark bit for ACS use */ + QCA_WLAN_VENDOR_CHANNEL_PROP_FLAG_HE40INTOLMARK = 1 << 0, + /* HE 80 channel */ + QCA_WLAN_VENDOR_CHANNEL_PROP_FLAG_HE80 = 1 << 1, + /* HE 160 channel */ + QCA_WLAN_VENDOR_CHANNEL_PROP_FLAG_HE160 = 1 << 2, + /* HE 80+80 channel */ + QCA_WLAN_VENDOR_CHANNEL_PROP_FLAG_HE80_80 = 1 << 3, +}; + +/** + * qca_wlan_vendor_channel_prop_flags_ext: This represent the extended flags for + * each channel. This is used by + * QCA_WLAN_VENDOR_EXTERNAL_ACS_EVENT_CHAN_INFO_ATTR_FLAG_EXT. + */ +enum qca_wlan_vendor_channel_prop_flags_ext { + /* Radar found on channel */ + QCA_WLAN_VENDOR_CHANNEL_PROP_FLAG_EXT_RADAR_FOUND = 1 << 0, + /* DFS required on channel */ + QCA_WLAN_VENDOR_CHANNEL_PROP_FLAG_EXT_DFS = 1 << 1, + /* DFS required on channel for 2nd band of 80+80 */ + QCA_WLAN_VENDOR_CHANNEL_PROP_FLAG_EXT_DFS_CFREQ2 = 1 << 2, + /* If channel has been checked for DFS */ + QCA_WLAN_VENDOR_CHANNEL_PROP_FLAG_EXT_DFS_CLEAR = 1 << 3, + /* Excluded in 802.11d */ + QCA_WLAN_VENDOR_CHANNEL_PROP_FLAG_EXT_11D_EXCLUDED = 1 << 4, + /* Channel Switch Announcement received on this channel */ + QCA_WLAN_VENDOR_CHANNEL_PROP_FLAG_EXT_CSA_RECEIVED = 1 << 5, + /* Ad-hoc is not allowed */ + QCA_WLAN_VENDOR_CHANNEL_PROP_FLAG_EXT_DISALLOW_ADHOC = 1 << 6, + /* Station only channel */ + QCA_WLAN_VENDOR_CHANNEL_PROP_FLAG_EXT_DISALLOW_HOSTAP = 1 << 7, + /* DFS radar history for slave device (STA mode) */ + QCA_WLAN_VENDOR_CHANNEL_PROP_FLAG_EXT_HISTORY_RADAR = 1 << 8, + /* DFS CAC valid for slave device (STA mode) */ + QCA_WLAN_VENDOR_CHANNEL_PROP_FLAG_EXT_CAC_VALID = 1 << 9, +}; + +/** + * qca_wlan_vendor_external_acs_event_chan_info_attr: Represents per channel + * information. These attributes are sent as part of + * QCA_WLAN_VENDOR_ATTR_EXTERNAL_ACS_EVENT_CHAN_INFO. Each set of the following + * attributes correspond to a single channel. + */ +enum qca_wlan_vendor_external_acs_event_chan_info_attr { + QCA_WLAN_VENDOR_EXTERNAL_ACS_EVENT_CHAN_INFO_ATTR_INVALID = 0, + + /* A bitmask (u32) with flags specified in + * enum qca_wlan_vendor_channel_prop_flags. + */ + QCA_WLAN_VENDOR_EXTERNAL_ACS_EVENT_CHAN_INFO_ATTR_FLAGS = 1, + /* A bitmask (u32) with flags specified in + * enum qca_wlan_vendor_channel_prop_flags_ext. + */ + QCA_WLAN_VENDOR_EXTERNAL_ACS_EVENT_CHAN_INFO_ATTR_FLAG_EXT = 2, + /* frequency in MHz (u32) */ + QCA_WLAN_VENDOR_EXTERNAL_ACS_EVENT_CHAN_INFO_ATTR_FREQ = 3, + /* maximum regulatory transmission power (u32) */ + QCA_WLAN_VENDOR_EXTERNAL_ACS_EVENT_CHAN_INFO_ATTR_MAX_REG_POWER = 4, + /* maximum transmission power (u32) */ + QCA_WLAN_VENDOR_EXTERNAL_ACS_EVENT_CHAN_INFO_ATTR_MAX_POWER = 5, + /* minimum transmission power (u32) */ + QCA_WLAN_VENDOR_EXTERNAL_ACS_EVENT_CHAN_INFO_ATTR_MIN_POWER = 6, + /* regulatory class id (u8) */ + QCA_WLAN_VENDOR_EXTERNAL_ACS_EVENT_CHAN_INFO_ATTR_REG_CLASS_ID = 7, + /* maximum antenna gain in (u8) */ + QCA_WLAN_VENDOR_EXTERNAL_ACS_EVENT_CHAN_INFO_ATTR_ANTENNA_GAIN = 8, + /* VHT segment 0 (u8) */ + QCA_WLAN_VENDOR_EXTERNAL_ACS_EVENT_CHAN_INFO_ATTR_VHT_SEG_0 = 9, + /* VHT segment 1 (u8) */ + QCA_WLAN_VENDOR_EXTERNAL_ACS_EVENT_CHAN_INFO_ATTR_VHT_SEG_1 = 10, + /* A bitmask (u32) with flags specified in + * enum qca_wlan_vendor_channel_prop_flags_2. + */ + QCA_WLAN_VENDOR_EXTERNAL_ACS_EVENT_CHAN_INFO_ATTR_FLAGS_2 = 11, + + /* keep last */ + QCA_WLAN_VENDOR_EXTERNAL_ACS_EVENT_CHAN_INFO_ATTR_LAST, + QCA_WLAN_VENDOR_EXTERNAL_ACS_EVENT_CHAN_INFO_ATTR_MAX = + QCA_WLAN_VENDOR_EXTERNAL_ACS_EVENT_CHAN_INFO_ATTR_LAST - 1, +}; + +/** + * qca_wlan_vendor_attr_pcl: Represents attributes for + * preferred channel list (PCL). These attributes are sent as part of + * QCA_WLAN_VENDOR_ATTR_EXTERNAL_ACS_EVENT_PCL and + * QCA_NL80211_VENDOR_SUBCMD_GET_PREFERRED_FREQ_LIST. + */ +enum qca_wlan_vendor_attr_pcl { + QCA_WLAN_VENDOR_ATTR_PCL_INVALID = 0, + + /* Channel number (u8) */ + QCA_WLAN_VENDOR_ATTR_PCL_CHANNEL = 1, + /* Channel weightage (u8) */ + QCA_WLAN_VENDOR_ATTR_PCL_WEIGHT = 2, + /* Channel frequency (u32) in MHz */ + QCA_WLAN_VENDOR_ATTR_PCL_FREQ = 3, + /* Channel flags (u32) + * bit 0 set: channel to be used for GO role, + * bit 1 set: channel to be used on CLI role, + * bit 2 set: channel must be considered for operating channel + * selection & peer chosen operating channel should be + * one of the channels with this flag set, + * bit 3 set: channel should be excluded in GO negotiation + */ + QCA_WLAN_VENDOR_ATTR_PCL_FLAG = 4, +}; + +/** + * qca_wlan_vendor_attr_external_acs_event: Attribute to vendor sub-command + * QCA_NL80211_VENDOR_SUBCMD_EXTERNAL_ACS. This attribute will be sent by + * host driver. + */ +enum qca_wlan_vendor_attr_external_acs_event { + QCA_WLAN_VENDOR_ATTR_EXTERNAL_ACS_EVENT_INVALID = 0, + + /* This reason (u8) refers to enum qca_wlan_vendor_acs_select_reason. + * This helps ACS module to understand why ACS needs to be started. + */ + QCA_WLAN_VENDOR_ATTR_EXTERNAL_ACS_EVENT_REASON = 1, + /* Flag attribute to indicate if driver supports spectral scanning */ + QCA_WLAN_VENDOR_ATTR_EXTERNAL_ACS_EVENT_IS_SPECTRAL_SUPPORTED = 2, + /* Flag attribute to indicate if 11ac is offloaded to firmware */ + QCA_WLAN_VENDOR_ATTR_EXTERNAL_ACS_EVENT_IS_OFFLOAD_ENABLED = 3, + /* Flag attribute to indicate if driver provides additional channel + * capability as part of scan operation + */ + QCA_WLAN_VENDOR_ATTR_EXTERNAL_ACS_EVENT_ADD_CHAN_STATS_SUPPORT = 4, + /* Flag attribute to indicate interface status is UP */ + QCA_WLAN_VENDOR_ATTR_EXTERNAL_ACS_EVENT_AP_UP = 5, + /* Operating mode (u8) of interface. Takes one of enum nl80211_iftype + * values. + */ + QCA_WLAN_VENDOR_ATTR_EXTERNAL_ACS_EVENT_SAP_MODE = 6, + /* Channel width (u8). It takes one of enum nl80211_chan_width values. + * This is the upper bound of channel width. ACS logic should try to get + * a channel with the specified width and if not found, look for lower + * values. + */ + QCA_WLAN_VENDOR_ATTR_EXTERNAL_ACS_EVENT_CHAN_WIDTH = 7, + /* This (u8) will hold values of one of enum nl80211_bands */ + QCA_WLAN_VENDOR_ATTR_EXTERNAL_ACS_EVENT_BAND = 8, + /* PHY/HW mode (u8). Takes one of enum qca_wlan_vendor_acs_hw_mode + * values + */ + QCA_WLAN_VENDOR_ATTR_EXTERNAL_ACS_EVENT_PHY_MODE = 9, + /* Array of (u32) supported frequency list among which ACS should choose + * best frequency. + */ + QCA_WLAN_VENDOR_ATTR_EXTERNAL_ACS_EVENT_FREQ_LIST = 10, + /* Preferred channel list by the driver which will have array of nested + * values as per enum qca_wlan_vendor_attr_pcl attribute. + */ + QCA_WLAN_VENDOR_ATTR_EXTERNAL_ACS_EVENT_PCL = 11, + /* Array of nested attribute for each channel. It takes attr as defined + * in enum qca_wlan_vendor_external_acs_event_chan_info_attr. + */ + QCA_WLAN_VENDOR_ATTR_EXTERNAL_ACS_EVENT_CHAN_INFO = 12, + /* External ACS policy such as PCL mandatory, PCL preferred, etc. + * It uses values defined in enum + * qca_wlan_vendor_attr_external_acs_policy. + */ + QCA_WLAN_VENDOR_ATTR_EXTERNAL_ACS_EVENT_POLICY = 13, + /* Reference RF Operating Parameter (RROP) availability information + * (u16). It uses values defined in enum + * qca_wlan_vendor_attr_rropavail_info. + */ + QCA_WLAN_VENDOR_ATTR_EXTERNAL_ACS_EVENT_RROPAVAIL_INFO = 14, + + /* keep last */ + QCA_WLAN_VENDOR_ATTR_EXTERNAL_ACS_EVENT_LAST, + QCA_WLAN_VENDOR_ATTR_EXTERNAL_ACS_EVENT_MAX = + QCA_WLAN_VENDOR_ATTR_EXTERNAL_ACS_EVENT_LAST - 1, +}; + +/** + * qca_wlan_vendor_attr_external_acs_channels: Attributes to vendor subcmd + * QCA_NL80211_VENDOR_SUBCMD_EXTERNAL_ACS. This carries a list of channels + * in priority order as decided after ACS operation in userspace. + */ +enum qca_wlan_vendor_attr_external_acs_channels { + QCA_WLAN_VENDOR_ATTR_EXTERNAL_ACS_CHANNEL_INVALID = 0, + + /* One of reason code (u8) from enum qca_wlan_vendor_acs_select_reason + */ + QCA_WLAN_VENDOR_ATTR_EXTERNAL_ACS_CHANNEL_REASON = 1, + + /* Array of nested values for each channel with following attributes: + * QCA_WLAN_VENDOR_ATTR_EXTERNAL_ACS_CHANNEL_BAND, + * QCA_WLAN_VENDOR_ATTR_EXTERNAL_ACS_CHANNEL_PRIMARY, + * QCA_WLAN_VENDOR_ATTR_EXTERNAL_ACS_CHANNEL_SECONDARY, + * QCA_WLAN_VENDOR_ATTR_EXTERNAL_ACS_CHANNEL_CENTER_SEG0, + * QCA_WLAN_VENDOR_ATTR_EXTERNAL_ACS_CHANNEL_CENTER_SEG1, + * QCA_WLAN_VENDOR_ATTR_EXTERNAL_ACS_CHANNEL_WIDTH + */ + QCA_WLAN_VENDOR_ATTR_EXTERNAL_ACS_CHANNEL_LIST = 2, + /* This (u8) will hold values of one of enum nl80211_bands */ + QCA_WLAN_VENDOR_ATTR_EXTERNAL_ACS_CHANNEL_BAND = 3, + /* Primary channel (u8) */ + QCA_WLAN_VENDOR_ATTR_EXTERNAL_ACS_CHANNEL_PRIMARY = 4, + /* Secondary channel (u8) used for HT 40 MHz channels */ + QCA_WLAN_VENDOR_ATTR_EXTERNAL_ACS_CHANNEL_SECONDARY = 5, + /* VHT seg0 channel (u8) */ + QCA_WLAN_VENDOR_ATTR_EXTERNAL_ACS_CHANNEL_CENTER_SEG0 = 6, + /* VHT seg1 channel (u8) */ + QCA_WLAN_VENDOR_ATTR_EXTERNAL_ACS_CHANNEL_CENTER_SEG1 = 7, + /* Channel width (u8). Takes one of enum nl80211_chan_width values. */ + QCA_WLAN_VENDOR_ATTR_EXTERNAL_ACS_CHANNEL_WIDTH = 8, + + /* keep last */ + QCA_WLAN_VENDOR_ATTR_EXTERNAL_ACS_CHANNEL_LAST, + QCA_WLAN_VENDOR_ATTR_EXTERNAL_ACS_CHANNEL_MAX = + QCA_WLAN_VENDOR_ATTR_EXTERNAL_ACS_CHANNEL_LAST - 1 +}; + +enum qca_chip_power_save_failure_reason { + /* Indicates if the reason for the failure is due to a protocol + * layer/module. + */ + QCA_CHIP_POWER_SAVE_FAILURE_REASON_PROTOCOL = 0, + /* Indicates if the reason for the failure is due to a hardware issue. + */ + QCA_CHIP_POWER_SAVE_FAILURE_REASON_HARDWARE = 1, +}; + +/** + * qca_attr_chip_power_save_failure: Attributes to vendor subcmd + * QCA_NL80211_VENDOR_SUBCMD_CHIP_PWRSAVE_FAILURE. This carries the requisite + * information leading to the power save failure. + */ +enum qca_attr_chip_power_save_failure { + QCA_ATTR_CHIP_POWER_SAVE_FAILURE_INVALID = 0, + /* Reason to cause the power save failure. + * These reasons are represented by + * enum qca_chip_power_save_failure_reason. + */ + QCA_ATTR_CHIP_POWER_SAVE_FAILURE_REASON = 1, + + /* keep last */ + QCA_ATTR_CHIP_POWER_SAVE_FAILURE_LAST, + QCA_ATTR_CHIP_POWER_SAVE_FAILURE_MAX = + QCA_ATTR_CHIP_POWER_SAVE_FAILURE_LAST - 1, +}; + +/** + * qca_wlan_vendor_nud_stats_data_pkt_flags: Flag representing the various + * data types for which the stats have to get collected. + */ +enum qca_wlan_vendor_nud_stats_data_pkt_flags { + QCA_WLAN_VENDOR_NUD_STATS_DATA_ARP = 1 << 0, + QCA_WLAN_VENDOR_NUD_STATS_DATA_DNS = 1 << 1, + QCA_WLAN_VENDOR_NUD_STATS_DATA_TCP_HANDSHAKE = 1 << 2, + QCA_WLAN_VENDOR_NUD_STATS_DATA_ICMPV4 = 1 << 3, + QCA_WLAN_VENDOR_NUD_STATS_DATA_ICMPV6 = 1 << 4, + /* Used by QCA_ATTR_NUD_STATS_PKT_TYPE only in nud stats get + * to represent the stats of respective data type. + */ + QCA_WLAN_VENDOR_NUD_STATS_DATA_TCP_SYN = 1 << 5, + QCA_WLAN_VENDOR_NUD_STATS_DATA_TCP_SYN_ACK = 1 << 6, + QCA_WLAN_VENDOR_NUD_STATS_DATA_TCP_ACK = 1 << 7, +}; + +enum qca_wlan_vendor_nud_stats_set_data_pkt_info { + QCA_ATTR_NUD_STATS_DATA_PKT_INFO_INVALID = 0, + /* Represents the data packet type to be monitored (u32). + * Host driver tracks the stats corresponding to each data frame + * represented by these flags. + * These data packets are represented by + * enum qca_wlan_vendor_nud_stats_data_pkt_flags + */ + QCA_ATTR_NUD_STATS_DATA_PKT_INFO_TYPE = 1, + /* Name corresponding to the DNS frame for which the respective DNS + * stats have to get monitored (string). Max string length 255. + */ + QCA_ATTR_NUD_STATS_DATA_PKT_INFO_DNS_DOMAIN_NAME = 2, + /* source port on which the respective proto stats have to get + * collected (u32). + */ + QCA_ATTR_NUD_STATS_DATA_PKT_INFO_SRC_PORT = 3, + /* destination port on which the respective proto stats have to get + * collected (u32). + */ + QCA_ATTR_NUD_STATS_DATA_PKT_INFO_DEST_PORT = 4, + /* IPv4 address for which the destined data packets have to be + * monitored. (in network byte order), u32. + */ + QCA_ATTR_NUD_STATS_DATA_PKT_INFO_DEST_IPV4 = 5, + /* IPv6 address for which the destined data packets have to be + * monitored. (in network byte order), 16 bytes array. + */ + QCA_ATTR_NUD_STATS_DATA_PKT_INFO_DEST_IPV6 = 6, + + QCA_ATTR_NUD_STATS_DATA_PKT_INFO_LAST, + QCA_ATTR_NUD_STATS_DATA_PKT_INFO_MAX = + QCA_ATTR_NUD_STATS_DATA_PKT_INFO_LAST - 1, +}; + +/** + * qca_wlan_vendor_attr_nud_stats_set: Attributes to vendor subcmd + * QCA_NL80211_VENDOR_SUBCMD_NUD_STATS_SET. This carries the requisite + * information to start/stop the NUD statistics collection. + */ +enum qca_attr_nud_stats_set { + QCA_ATTR_NUD_STATS_SET_INVALID = 0, + + /* Flag to start/stop the NUD statistics collection. + * Start - If included, Stop - If not included + */ + QCA_ATTR_NUD_STATS_SET_START = 1, + /* IPv4 address of the default gateway (in network byte order), u32 */ + QCA_ATTR_NUD_STATS_GW_IPV4 = 2, + /* Represents the list of data packet types to be monitored. + * Host driver tracks the stats corresponding to each data frame + * represented by these flags. + * These data packets are represented by + * enum qca_wlan_vendor_nud_stats_set_data_pkt_info + */ + QCA_ATTR_NUD_STATS_SET_DATA_PKT_INFO = 3, + + /* keep last */ + QCA_ATTR_NUD_STATS_SET_LAST, + QCA_ATTR_NUD_STATS_SET_MAX = + QCA_ATTR_NUD_STATS_SET_LAST - 1, +}; + +enum qca_attr_nud_data_stats { + QCA_ATTR_NUD_DATA_STATS_INVALID = 0, + /* Data packet type for which the stats are collected (u32). + * Represented by enum qca_wlan_vendor_nud_stats_data_pkt_flags + */ + QCA_ATTR_NUD_STATS_PKT_TYPE = 1, + /* Name corresponding to the DNS frame for which the respective DNS + * stats are monitored (string). Max string length 255. + */ + QCA_ATTR_NUD_STATS_PKT_DNS_DOMAIN_NAME = 2, + /* source port on which the respective proto stats are collected (u32). + */ + QCA_ATTR_NUD_STATS_PKT_SRC_PORT = 3, + /* destination port on which the respective proto stats are collected + * (u32). + */ + QCA_ATTR_NUD_STATS_PKT_DEST_PORT = 4, + /* IPv4 address for which the destined data packets have to be + * monitored. (in network byte order), u32. + */ + QCA_ATTR_NUD_STATS_PKT_DEST_IPV4 = 5, + /* IPv6 address for which the destined data packets have to be + * monitored. (in network byte order), 16 bytes array. + */ + QCA_ATTR_NUD_STATS_PKT_DEST_IPV6 = 6, + /* Data packet Request count received from netdev (u32). */ + QCA_ATTR_NUD_STATS_PKT_REQ_COUNT_FROM_NETDEV = 7, + /* Data packet Request count sent to lower MAC from upper MAC (u32). */ + QCA_ATTR_NUD_STATS_PKT_REQ_COUNT_TO_LOWER_MAC = 8, + /* Data packet Request count received by lower MAC from upper MAC + * (u32) + */ + QCA_ATTR_NUD_STATS_PKT_REQ_RX_COUNT_BY_LOWER_MAC = 9, + /* Data packet Request count successfully transmitted by the device + * (u32) + */ + QCA_ATTR_NUD_STATS_PKT_REQ_COUNT_TX_SUCCESS = 10, + /* Data packet Response count received by lower MAC (u32) */ + QCA_ATTR_NUD_STATS_PKT_RSP_RX_COUNT_BY_LOWER_MAC = 11, + /* Data packet Response count received by upper MAC (u32) */ + QCA_ATTR_NUD_STATS_PKT_RSP_RX_COUNT_BY_UPPER_MAC = 12, + /* Data packet Response count delivered to netdev (u32) */ + QCA_ATTR_NUD_STATS_PKT_RSP_COUNT_TO_NETDEV = 13, + /* Data Packet Response count that are dropped out of order (u32) */ + QCA_ATTR_NUD_STATS_PKT_RSP_COUNT_OUT_OF_ORDER_DROP = 14, + + /* keep last */ + QCA_ATTR_NUD_DATA_STATS_LAST, + QCA_ATTR_NUD_DATA_STATS_MAX = + QCA_ATTR_NUD_DATA_STATS_LAST - 1, +}; + +/** + * qca_attr_nud_stats_get: Attributes to vendor subcmd + * QCA_NL80211_VENDOR_SUBCMD_NUD_STATS_GET. This carries the requisite + * NUD statistics collected when queried. + */ +enum qca_attr_nud_stats_get { + QCA_ATTR_NUD_STATS_GET_INVALID = 0, + /* ARP Request count from netdev (u32) */ + QCA_ATTR_NUD_STATS_ARP_REQ_COUNT_FROM_NETDEV = 1, + /* ARP Request count sent to lower MAC from upper MAC (u32) */ + QCA_ATTR_NUD_STATS_ARP_REQ_COUNT_TO_LOWER_MAC = 2, + /* ARP Request count received by lower MAC from upper MAC (u32) */ + QCA_ATTR_NUD_STATS_ARP_REQ_RX_COUNT_BY_LOWER_MAC = 3, + /* ARP Request count successfully transmitted by the device (u32) */ + QCA_ATTR_NUD_STATS_ARP_REQ_COUNT_TX_SUCCESS = 4, + /* ARP Response count received by lower MAC (u32) */ + QCA_ATTR_NUD_STATS_ARP_RSP_RX_COUNT_BY_LOWER_MAC = 5, + /* ARP Response count received by upper MAC (u32) */ + QCA_ATTR_NUD_STATS_ARP_RSP_RX_COUNT_BY_UPPER_MAC = 6, + /* ARP Response count delivered to netdev (u32) */ + QCA_ATTR_NUD_STATS_ARP_RSP_COUNT_TO_NETDEV = 7, + /* ARP Response count dropped due to out of order reception (u32) */ + QCA_ATTR_NUD_STATS_ARP_RSP_COUNT_OUT_OF_ORDER_DROP = 8, + /* Flag indicating if the station's link to the AP is active. + * Active Link - If included, Inactive link - If not included + */ + QCA_ATTR_NUD_STATS_AP_LINK_ACTIVE = 9, + /* Flag indicating if there is any duplicate address detected (DAD). + * Yes - If detected, No - If not detected. + */ + QCA_ATTR_NUD_STATS_IS_DAD = 10, + /* List of Data packet types for which the stats are requested. + * This list does not carry ARP stats as they are done by the + * above attributes. Represented by enum qca_attr_nud_data_stats. + */ + QCA_ATTR_NUD_STATS_DATA_PKT_STATS = 11, + + /* keep last */ + QCA_ATTR_NUD_STATS_GET_LAST, + QCA_ATTR_NUD_STATS_GET_MAX = + QCA_ATTR_NUD_STATS_GET_LAST - 1, +}; + +enum qca_wlan_btm_candidate_status { + QCA_STATUS_ACCEPT = 0, + QCA_STATUS_REJECT_EXCESSIVE_FRAME_LOSS_EXPECTED = 1, + QCA_STATUS_REJECT_EXCESSIVE_DELAY_EXPECTED = 2, + QCA_STATUS_REJECT_INSUFFICIENT_QOS_CAPACITY = 3, + QCA_STATUS_REJECT_LOW_RSSI = 4, + QCA_STATUS_REJECT_HIGH_INTERFERENCE = 5, + QCA_STATUS_REJECT_UNKNOWN = 6, +}; + +enum qca_wlan_vendor_attr_btm_candidate_info { + QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO_INVALID = 0, + + /* 6-byte MAC address representing the BSSID of transition candidate */ + QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO_BSSID = 1, + /* Unsigned 32-bit value from enum qca_wlan_btm_candidate_status + * returned by the driver. It says whether the BSSID provided in + * QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO_BSSID is acceptable by + * the driver, if not it specifies the reason for rejection. + * Note that the user-space can overwrite the transition reject reason + * codes provided by driver based on more information. + */ + QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO_STATUS = 2, + + /* keep last */ + QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO_AFTER_LAST, + QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO_MAX = + QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO_AFTER_LAST - 1, +}; + +enum qca_attr_trace_level { + QCA_ATTR_TRACE_LEVEL_INVALID = 0, + /* + * Nested array of the following attributes: + * QCA_ATTR_TRACE_LEVEL_MODULE, + * QCA_ATTR_TRACE_LEVEL_MASK. + */ + QCA_ATTR_TRACE_LEVEL_PARAM = 1, + /* + * Specific QCA host driver module. Please refer to the QCA host + * driver implementation to get the specific module ID. + */ + QCA_ATTR_TRACE_LEVEL_MODULE = 2, + /* Different trace level masks represented in the QCA host driver. */ + QCA_ATTR_TRACE_LEVEL_MASK = 3, + + /* keep last */ + QCA_ATTR_TRACE_LEVEL_AFTER_LAST, + QCA_ATTR_TRACE_LEVEL_MAX = + QCA_ATTR_TRACE_LEVEL_AFTER_LAST - 1, +}; + +/** + * enum qca_wlan_vendor_attr_get_he_capabilities - IEEE 802.11ax HE capabilities + */ +enum qca_wlan_vendor_attr_get_he_capabilities { + QCA_WLAN_VENDOR_ATTR_HE_CAPABILITIES_INVALID = 0, + /* Whether HE capabilities is supported + * (u8 attribute: 0 = not supported, 1 = supported) + */ + QCA_WLAN_VENDOR_ATTR_HE_SUPPORTED = 1, + /* HE PHY capabilities, array of 3 u32 values */ + QCA_WLAN_VENDOR_ATTR_PHY_CAPAB = 2, + /* HE MAC capabilities (u32 attribute) */ + QCA_WLAN_VENDOR_ATTR_MAC_CAPAB = 3, + /* HE MCS map (u32 attribute) */ + QCA_WLAN_VENDOR_ATTR_HE_MCS = 4, + /* Number of SS (u32 attribute) */ + QCA_WLAN_VENDOR_ATTR_NUM_SS = 5, + /* RU count (u32 attribute) */ + QCA_WLAN_VENDOR_ATTR_RU_IDX_MASK = 6, + /* PPE threshold data, array of 8 u32 values */ + QCA_WLAN_VENDOR_ATTR_PPE_THRESHOLD = 7, + + /* keep last */ + QCA_WLAN_VENDOR_ATTR_HE_CAPABILITIES_AFTER_LAST, + QCA_WLAN_VENDOR_ATTR_HE_CAPABILITIES_MAX = + QCA_WLAN_VENDOR_ATTR_HE_CAPABILITIES_AFTER_LAST - 1, +}; + +/** + * enum qca_wlan_vendor_attr_spectral_scan - Spectral scan config parameters + */ +enum qca_wlan_vendor_attr_spectral_scan { + QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_CONFIG_INVALID = 0, + /* Number of times the chip enters spectral scan mode before + * deactivating spectral scans. When set to 0, chip will enter spectral + * scan mode continuously. u32 attribute. + */ + QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_CONFIG_SCAN_COUNT = 1, + /* Spectral scan period. Period increment resolution is 256*Tclk, + * where Tclk = 1/44 MHz (Gmode), 1/40 MHz (Amode). u32 attribute. + */ + QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_CONFIG_SCAN_PERIOD = 2, + /* Spectral scan priority. u32 attribute. */ + QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_CONFIG_PRIORITY = 3, + /* Number of FFT data points to compute. u32 attribute. */ + QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_CONFIG_FFT_SIZE = 4, + /* Enable targeted gain change before starting the spectral scan FFT. + * u32 attribute. + */ + QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_CONFIG_GC_ENA = 5, + /* Restart a queued spectral scan. u32 attribute. */ + QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_CONFIG_RESTART_ENA = 6, + /* Noise floor reference number for the calculation of bin power. + * u32 attribute. + */ + QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_CONFIG_NOISE_FLOOR_REF = 7, + /* Disallow spectral scan triggers after TX/RX packets by setting + * this delay value to roughly SIFS time period or greater. + * u32 attribute. + */ + QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_CONFIG_INIT_DELAY = 8, + /* Number of strong bins (inclusive) per sub-channel, below + * which a signal is declared a narrow band tone. u32 attribute. + */ + QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_CONFIG_NB_TONE_THR = 9, + /* Specify the threshold over which a bin is declared strong (for + * scan bandwidth analysis). u32 attribute. + */ + QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_CONFIG_STR_BIN_THR = 10, + /* Spectral scan report mode. u32 attribute. */ + QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_CONFIG_WB_RPT_MODE = 11, + /* RSSI report mode, if the ADC RSSI is below + * QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_CONFIG_RSSI_THR, + * then FFTs will not trigger, but timestamps and summaries get + * reported. u32 attribute. + */ + QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_CONFIG_RSSI_RPT_MODE = 12, + /* ADC RSSI must be greater than or equal to this threshold (signed dB) + * to ensure spectral scan reporting with normal error code. + * u32 attribute. + */ + QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_CONFIG_RSSI_THR = 13, + /* Format of frequency bin magnitude for spectral scan triggered FFTs: + * 0: linear magnitude, 1: log magnitude (20*log10(lin_mag)). + * u32 attribute. + */ + QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_CONFIG_PWR_FORMAT = 14, + /* Format of FFT report to software for spectral scan triggered FFTs. + * 0: No FFT report (only spectral scan summary report) + * 1: 2-dword summary of metrics for each completed FFT + spectral scan + * report + * 2: 2-dword summary of metrics for each completed FFT + 1x-oversampled + * bins (in-band) per FFT + spectral scan summary report + * 3: 2-dword summary of metrics for each completed FFT + 2x-oversampled + * bins (all) per FFT + spectral scan summary report + * u32 attribute. + */ + QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_CONFIG_RPT_MODE = 15, + /* Number of LSBs to shift out in order to scale the FFT bins. + * u32 attribute. + */ + QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_CONFIG_BIN_SCALE = 16, + /* Set to 1 (with spectral_scan_pwr_format=1), to report bin magnitudes + * in dBm power. u32 attribute. + */ + QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_CONFIG_DBM_ADJ = 17, + /* Per chain enable mask to select input ADC for search FFT. + * u32 attribute. + */ + QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_CONFIG_CHN_MASK = 18, + /* An unsigned 64-bit integer provided by host driver to identify the + * spectral scan request. This attribute is included in the scan + * response message for @QCA_NL80211_VENDOR_SUBCMD_SPECTRAL_SCAN_START + * and used as an attribute in + * @QCA_NL80211_VENDOR_SUBCMD_SPECTRAL_SCAN_STOP to identify the + * specific scan to be stopped. + */ + QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_COOKIE = 19, + /* Skip interval for FFT reports. u32 attribute */ + QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_CONFIG_FFT_PERIOD = 20, + /* Set to report only one set of FFT results. + * u32 attribute. + */ + QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_CONFIG_SHORT_REPORT = 21, + /* Debug level for spectral module in driver. + * 0 : Verbosity level 0 + * 1 : Verbosity level 1 + * 2 : Verbosity level 2 + * 3 : Matched filterID display + * 4 : One time dump of FFT report + * u32 attribute. + */ + QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_CONFIG_DEBUG_LEVEL = 22, + /* Type of spectral scan request. u32 attribute. + * It uses values defined in enum + * qca_wlan_vendor_attr_spectral_scan_request_type. + */ + QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_REQUEST_TYPE = 23, + + QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_CONFIG_AFTER_LAST, + QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_CONFIG_MAX = + QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_CONFIG_AFTER_LAST - 1, +}; + +/** + * enum qca_wlan_vendor_attr_spectral_diag_stats - Used by the vendor command + * QCA_NL80211_VENDOR_SUBCMD_SPECTRAL_SCAN_GET_DIAG_STATS. + */ +enum qca_wlan_vendor_attr_spectral_diag_stats { + QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_DIAG_INVALID = 0, + /* Number of spectral TLV signature mismatches. + * u64 attribute. + */ + QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_DIAG_SIG_MISMATCH = 1, + /* Number of spectral phyerror events with insufficient length when + * parsing for secondary 80 search FFT report. u64 attribute. + */ + QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_DIAG_SEC80_SFFT_INSUFFLEN = 2, + /* Number of spectral phyerror events without secondary 80 + * search FFT report. u64 attribute. + */ + QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_DIAG_NOSEC80_SFFT = 3, + /* Number of spectral phyerror events with vht operation segment 1 id + * mismatches in search fft report. u64 attribute. + */ + QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_DIAG_VHTSEG1ID_MISMATCH = 4, + /* Number of spectral phyerror events with vht operation segment 2 id + * mismatches in search fft report. u64 attribute. + */ + QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_DIAG_VHTSEG2ID_MISMATCH = 5, + + QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_DIAG_AFTER_LAST, + QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_DIAG_MAX = + QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_DIAG_AFTER_LAST - 1, +}; + +/** + * enum qca_wlan_vendor_attr_spectral_cap - Used by the vendor command + * QCA_NL80211_VENDOR_SUBCMD_SPECTRAL_SCAN_GET_CAP_INFO. + */ +enum qca_wlan_vendor_attr_spectral_cap { + QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_CAP_INVALID = 0, + /* Flag attribute to indicate phydiag capability */ + QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_CAP_PHYDIAG = 1, + /* Flag attribute to indicate radar detection capability */ + QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_CAP_RADAR = 2, + /* Flag attribute to indicate spectral capability */ + QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_CAP_SPECTRAL = 3, + /* Flag attribute to indicate advanced spectral capability */ + QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_CAP_ADVANCED_SPECTRAL = 4, + /* Spectral hardware generation. u32 attribute. + * It uses values defined in enum + * qca_wlan_vendor_spectral_scan_cap_hw_gen. + */ + QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_CAP_HW_GEN = 5, + + QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_CAP_AFTER_LAST, + QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_CAP_MAX = + QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_CAP_AFTER_LAST - 1, +}; + +/** + * enum qca_wlan_vendor_attr_spectral_scan_status - used by the vendor command + * QCA_NL80211_VENDOR_SUBCMD_SPECTRAL_SCAN_GET_STATUS. + */ +enum qca_wlan_vendor_attr_spectral_scan_status { + QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_STATUS_INVALID = 0, + /* Flag attribute to indicate whether spectral scan is enabled */ + QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_STATUS_IS_ENABLED = 1, + /* Flag attribute to indicate whether spectral scan is in progress*/ + QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_STATUS_IS_ACTIVE = 2, + + QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_STATUS_AFTER_LAST, + QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_STATUS_MAX = + QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_STATUS_AFTER_LAST - 1, +}; + +/** + * qca_wlan_vendor_attr_spectral_scan_request_type: Attribute values for + * QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_REQUEST_TYPE to the vendor subcmd + * QCA_NL80211_VENDOR_SUBCMD_SPECTRAL_SCAN_START. This represents the + * spectral scan request types. + * @QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_REQUEST_TYPE_SCAN_AND_CONFIG: Request to + * set the spectral parameters and start scan. + * @QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_REQUEST_TYPE_SCAN: Request to + * only set the spectral parameters. + * @QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_REQUEST_TYPE_CONFIG: Request to + * only start the spectral scan. + */ +enum qca_wlan_vendor_attr_spectral_scan_request_type { + QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_REQUEST_TYPE_SCAN_AND_CONFIG, + QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_REQUEST_TYPE_SCAN, + QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_REQUEST_TYPE_CONFIG, +}; + +/** + * qca_wlan_vendor_spectral_scan_cap_hw_gen: Attribute values for + * QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_CAP_HW_GEN to the vendor subcmd + * QCA_NL80211_VENDOR_SUBCMD_SPECTRAL_SCAN_GET_CAP_INFO. This represents the + * spectral hardware generation. + * @QCA_WLAN_VENDOR_SPECTRAL_SCAN_CAP_HW_GEN_1: generation 1 + * @QCA_WLAN_VENDOR_SPECTRAL_SCAN_CAP_HW_GEN_2: generation 2 + * @QCA_WLAN_VENDOR_SPECTRAL_SCAN_CAP_HW_GEN_3: generation 3 + */ +enum qca_wlan_vendor_spectral_scan_cap_hw_gen { + QCA_WLAN_VENDOR_SPECTRAL_SCAN_CAP_HW_GEN_1 = 0, + QCA_WLAN_VENDOR_SPECTRAL_SCAN_CAP_HW_GEN_2 = 1, + QCA_WLAN_VENDOR_SPECTRAL_SCAN_CAP_HW_GEN_3 = 2, +}; + +enum qca_wlan_vendor_tos { + QCA_WLAN_VENDOR_TOS_BK = 0, + QCA_WLAN_VENDOR_TOS_BE = 1, + QCA_WLAN_VENDOR_TOS_VI = 2, + QCA_WLAN_VENDOR_TOS_VO = 3, +}; + +/** + * enum qca_wlan_vendor_attr_active_tos - Used by the vendor command + * QCA_NL80211_VENDOR_SUBCMD_ACTIVE_TOS. + */ +enum qca_wlan_vendor_attr_active_tos { + QCA_WLAN_VENDOR_ATTR_ACTIVE_TOS_INVALID = 0, + /* Type Of Service - Represented by qca_wlan_vendor_tos */ + QCA_WLAN_VENDOR_ATTR_ACTIVE_TOS = 1, + /* Flag attribute representing the start (attribute included) or stop + * (attribute not included) of the respective TOS. + */ + QCA_WLAN_VENDOR_ATTR_ACTIVE_TOS_START = 2, +}; + +enum qca_wlan_vendor_hang_reason { + /* Unspecified reason */ + QCA_WLAN_HANG_REASON_UNSPECIFIED = 0, + /* No Map for the MAC entry for the received frame */ + QCA_WLAN_HANG_RX_HASH_NO_ENTRY_FOUND = 1, + /* Peer deletion timeout happened */ + QCA_WLAN_HANG_PEER_DELETION_TIMEDOUT = 2, + /* Peer unmap timeout */ + QCA_WLAN_HANG_PEER_UNMAP_TIMEDOUT = 3, + /* Scan request timed out */ + QCA_WLAN_HANG_SCAN_REQ_EXPIRED = 4, + /* Consecutive Scan attempt failures */ + QCA_WLAN_HANG_SCAN_ATTEMPT_FAILURES = 5, + /* Unable to get the message buffer */ + QCA_WLAN_HANG_GET_MSG_BUFF_FAILURE = 6, + /* Current command processing is timedout */ + QCA_WLAN_HANG_ACTIVE_LIST_TIMEOUT = 7, + /* Timeout for an ACK from FW for suspend request */ + QCA_WLAN_HANG_SUSPEND_TIMEOUT = 8, + /* Timeout for an ACK from FW for resume request */ + QCA_WLAN_HANG_RESUME_TIMEOUT = 9, + /* Transmission timeout for consecutive data frames */ + QCA_WLAN_HANG_TRANSMISSIONS_TIMEOUT = 10, + /* Timeout for the TX completion status of data frame */ + QCA_WLAN_HANG_TX_COMPLETE_TIMEOUT = 11, + /* DXE failure for TX/RX, DXE resource unavailability */ + QCA_WLAN_HANG_DXE_FAILURE = 12, + /* WMI pending commands exceed the maximum count */ + QCA_WLAN_HANG_WMI_EXCEED_MAX_PENDING_CMDS = 13, +}; + +/** + * enum qca_wlan_vendor_attr_hang - Used by the vendor command + * QCA_NL80211_VENDOR_SUBCMD_HANG. + */ +enum qca_wlan_vendor_attr_hang { + QCA_WLAN_VENDOR_ATTR_HANG_INVALID = 0, + /* Reason for the hang - u32 attribute with a value from enum + * qca_wlan_vendor_hang_reason. + */ + QCA_WLAN_VENDOR_ATTR_HANG_REASON = 1, + + QCA_WLAN_VENDOR_ATTR_HANG_AFTER_LAST, + QCA_WLAN_VENDOR_ATTR_HANG_MAX = + QCA_WLAN_VENDOR_ATTR_HANG_AFTER_LAST - 1, +}; + +/** + * enum qca_wlan_vendor_attr_flush_pending - Attributes for + * flushing pending traffic in firmware. + * + * @QCA_WLAN_VENDOR_ATTR_PEER_ADDR: Configure peer MAC address. + * @QCA_WLAN_VENDOR_ATTR_AC: Configure access category of the pending + * packets. It is u8 value with bit 0~3 represent AC_BE, AC_BK, + * AC_VI, AC_VO respectively. Set the corresponding bit to 1 to + * flush packets with access category. + */ +enum qca_wlan_vendor_attr_flush_pending { + QCA_WLAN_VENDOR_ATTR_FLUSH_PENDING_INVALID = 0, + QCA_WLAN_VENDOR_ATTR_PEER_ADDR = 1, + QCA_WLAN_VENDOR_ATTR_AC = 2, + + /* keep last */ + QCA_WLAN_VENDOR_ATTR_FLUSH_PENDING_AFTER_LAST, + QCA_WLAN_VENDOR_ATTR_FLUSH_PENDING_MAX = + QCA_WLAN_VENDOR_ATTR_FLUSH_PENDING_AFTER_LAST - 1, +}; + +/** + * enum qca_wlan_vendor_attr_rropavail_info - Specifies whether Representative + * RF Operating Parameter (RROP) information is available, and if so, at which + * point in the application-driver interaction sequence it can be retrieved by + * the application from the driver. This point may vary by architecture and + * other factors. This is a u16 value. + */ +enum qca_wlan_vendor_attr_rropavail_info { + /* RROP information is unavailable. */ + QCA_WLAN_VENDOR_ATTR_RROPAVAIL_INFO_UNAVAILABLE, + /* RROP information is available and the application can retrieve the + * information after receiving an QCA_NL80211_VENDOR_SUBCMD_EXTERNAL_ACS + * event from the driver. + */ + QCA_WLAN_VENDOR_ATTR_RROPAVAIL_INFO_EXTERNAL_ACS_START, + /* RROP information is available only after a vendor specific scan + * (requested using QCA_NL80211_VENDOR_SUBCMD_TRIGGER_SCAN) has + * successfully completed. The application can retrieve the information + * after receiving the QCA_NL80211_VENDOR_SUBCMD_SCAN_DONE event from + * the driver. + */ + QCA_WLAN_VENDOR_ATTR_RROPAVAIL_INFO_VSCAN_END, +}; + +/** + * enum qca_wlan_vendor_attr_rrop_info - Specifies vendor specific + * Representative RF Operating Parameter (RROP) information. It is sent for the + * vendor command QCA_NL80211_VENDOR_SUBCMD_GET_RROP_INFO. This information is + * intended for use by external Auto Channel Selection applications. It provides + * guidance values for some RF parameters that are used by the system during + * operation. These values could vary by channel, band, radio, and so on. + */ +enum qca_wlan_vendor_attr_rrop_info { + QCA_WLAN_VENDOR_ATTR_RROP_INFO_INVALID = 0, + + /* Representative Tx Power List (RTPL) which has an array of nested + * values as per attributes in enum qca_wlan_vendor_attr_rtplinst. + */ + QCA_WLAN_VENDOR_ATTR_RROP_INFO_RTPL = 1, + + QCA_WLAN_VENDOR_ATTR_RROP_INFO_AFTER_LAST, + QCA_WLAN_VENDOR_ATTR_RROP_INFO_MAX = + QCA_WLAN_VENDOR_ATTR_RROP_INFO_AFTER_LAST - 1 +}; + +/** + * enum qca_wlan_vendor_attr_rtplinst - Specifies attributes for individual list + * entry instances in the Representative Tx Power List (RTPL). It provides + * simplified power values intended for helping external Auto channel Selection + * applications compare potential Tx power performance between channels, other + * operating conditions remaining identical. These values are not necessarily + * the actual Tx power values that will be used by the system. They are also not + * necessarily the max or average values that will be used. Instead, they are + * relative, summarized keys for algorithmic use computed by the driver or + * underlying firmware considering a number of vendor specific factors. + */ +enum qca_wlan_vendor_attr_rtplinst { + QCA_WLAN_VENDOR_ATTR_RTPLINST_INVALID = 0, + + /* Primary channel number (u8) */ + QCA_WLAN_VENDOR_ATTR_RTPLINST_PRIMARY = 1, + /* Representative Tx power in dBm (s32) with emphasis on throughput. */ + QCA_WLAN_VENDOR_ATTR_RTPLINST_TXPOWER_THROUGHPUT = 2, + /* Representative Tx power in dBm (s32) with emphasis on range. */ + QCA_WLAN_VENDOR_ATTR_RTPLINST_TXPOWER_RANGE = 3, + + QCA_WLAN_VENDOR_ATTR_RTPLINST_AFTER_LAST, + QCA_WLAN_VENDOR_ATTR_RTPLINST_MAX = + QCA_WLAN_VENDOR_ATTR_RTPLINST_AFTER_LAST - 1, +}; + +/** + * enum qca_wlan_vendor_attr_config_latency_level - Level for + * wlan latency module. + * + * There will be various of Wi-Fi functionality like scan/roaming/adaptive + * power saving which would causing data exchange out of service, this + * would be a big impact on latency. For latency sensitive applications over + * Wi-Fi are intolerant to such operations and thus would configure them + * to meet their respective needs. It is well understood by such applications + * that altering the default behavior would degrade the Wi-Fi functionality + * w.r.t the above pointed WLAN operations. + * + * @QCA_WLAN_VENDOR_ATTR_CONFIG_LATENCY_LEVEL_NORMAL: + * Default WLAN operation level which throughput orientated. + * @QCA_WLAN_VENDOR_ATTR_CONFIG_LATENCY_LEVEL_MODERATE: + * Use moderate level to improve latency by limit scan duration. + * @QCA_WLAN_VENDOR_ATTR_CONFIG_LATENCY_LEVEL_LOW: + * Use low latency level to benifit application like concurrent + * downloading or video streaming via constraint scan/adaptive PS. + * @QCA_WLAN_VENDOR_ATTR_CONFIG_LATENCY_LEVEL_ULTRALOW: + * Use ultra low latency level to benefit for gaming/voice + * application via constraint scan/roaming/adaptive PS. + */ +enum qca_wlan_vendor_attr_config_latency_level { + QCA_WLAN_VENDOR_ATTR_CONFIG_LATENCY_LEVEL_INVALID = 0, + QCA_WLAN_VENDOR_ATTR_CONFIG_LATENCY_LEVEL_NORMAL = 1, + QCA_WLAN_VENDOR_ATTR_CONFIG_LATENCY_LEVEL_MODERATE = 2, + QCA_WLAN_VENDOR_ATTR_CONFIG_LATENCY_LEVEL_LOW = 3, + QCA_WLAN_VENDOR_ATTR_CONFIG_LATENCY_LEVEL_ULTRALOW = 4, + + /* keep last */ + QCA_WLAN_VENDOR_ATTR_CONFIG_LATENCY_LEVEL_AFTER_LAST, + QCA_WLAN_VENDOR_ATTR_CONFIG_LATENCY_LEVEL_MAX = + QCA_WLAN_VENDOR_ATTR_CONFIG_LATENCY_LEVEL_AFTER_LAST - 1, +}; + +/** + * enum qca_wlan_vendor_attr_wlan_mac - Used by the vendor command + * QCA_NL80211_VENDOR_SUBCMD_WLAN_MAC_INFO. + */ +enum qca_wlan_vendor_attr_mac { + QCA_WLAN_VENDOR_ATTR_MAC_INVALID = 0, + + /* MAC mode info list which has an array of nested values as + * per attributes in enum qca_wlan_vendor_attr_mac_mode_info. + */ + QCA_WLAN_VENDOR_ATTR_MAC_INFO = 1, + + /* keep last */ + QCA_WLAN_VENDOR_ATTR_MAC_AFTER_LAST, + QCA_WLAN_VENDOR_ATTR_MAC_MAX = + QCA_WLAN_VENDOR_ATTR_MAC_AFTER_LAST - 1, +}; + +/** + * enum qca_wlan_vendor_attr_mac_iface_info - Information of the connected + * Wi-Fi netdev interface on a respective MAC. + * Used by the attribute QCA_WLAN_VENDOR_ATTR_MAC_IFACE_INFO. + */ +enum qca_wlan_vendor_attr_mac_iface_info { + QCA_WLAN_VENDOR_ATTR_MAC_IFACE_INFO_INVALID = 0, + /* Wi-Fi netdev's interface index (u32) */ + QCA_WLAN_VENDOR_ATTR_MAC_IFACE_INFO_IFINDEX = 1, + /* Associated frequency in MHz of the connected Wi-Fi interface (u32) */ + QCA_WLAN_VENDOR_ATTR_MAC_IFACE_INFO_FREQ = 2, + + /* keep last */ + QCA_WLAN_VENDOR_ATTR_MAC_IFACE_INFO_AFTER_LAST, + QCA_WLAN_VENDOR_ATTR_MAC_IFACE_INFO_MAX = + QCA_WLAN_VENDOR_ATTR_MAC_IFACE_INFO_AFTER_LAST - 1, +}; + +/** + * enum qca_wlan_vendor_attr_mac_info - Points to MAC the information. + * Used by the attribute QCA_WLAN_VENDOR_ATTR_MAC_INFO of the + * vendor command QCA_NL80211_VENDOR_SUBCMD_WLAN_MAC_INFO. + */ +enum qca_wlan_vendor_attr_mac_info { + QCA_WLAN_VENDOR_ATTR_MAC_INFO_INVALID = 0, + /* Hardware MAC ID associated for the MAC (u32) */ + QCA_WLAN_VENDOR_ATTR_MAC_INFO_MAC_ID = 1, + /* Band supported by the MAC at a given point. + * This is a u32 bitmask of BIT(NL80211_BAND_*) as described in %enum + * nl80211_band. + */ + QCA_WLAN_VENDOR_ATTR_MAC_INFO_BAND = 2, + /* Refers to list of WLAN netdev interfaces associated with this MAC. + * Represented by enum qca_wlan_vendor_attr_mac_iface_info. + */ + QCA_WLAN_VENDOR_ATTR_MAC_IFACE_INFO = 3, + + /* keep last */ + QCA_WLAN_VENDOR_ATTR_MAC_INFO_AFTER_LAST, + QCA_WLAN_VENDOR_ATTR_MAC_INFO_MAX = + QCA_WLAN_VENDOR_ATTR_MAC_INFO_AFTER_LAST - 1, +}; + +/** + * enum qca_wlan_vendor_attr_get_logger_features - Used by the vendor command + * QCA_NL80211_VENDOR_SUBCMD_GET_LOGGER_FEATURE_SET. + */ +enum qca_wlan_vendor_attr_get_logger_features { + QCA_WLAN_VENDOR_ATTR_LOGGER_INVALID = 0, + /* Unsigned 32-bit enum value of wifi_logger_supported_features */ + QCA_WLAN_VENDOR_ATTR_LOGGER_SUPPORTED = 1, + /* keep last */ + QCA_WLAN_VENDOR_ATTR_LOGGER_AFTER_LAST, + QCA_WLAN_VENDOR_ATTR_LOGGER_MAX = + QCA_WLAN_VENDOR_ATTR_LOGGER_AFTER_LAST - 1, +}; + +/** + * enum wifi_logger_supported_features - Values for supported logger features + */ +enum wifi_logger_supported_features { + WIFI_LOGGER_MEMORY_DUMP_FEATURE = (1 << (0)), + WIFI_LOGGER_PER_PACKET_TX_RX_STATUS_FEATURE = (1 << (1)), + WIFI_LOGGER_CONNECT_EVENT_FEATURE = (1 << (2)), + WIFI_LOGGER_POWER_EVENT_FEATURE = (1 << (3)), + WIFI_LOGGER_WAKE_LOCK_FEATURE = (1 << (4)), + WIFI_LOGGER_VERBOSE_FEATURE = (1 << (5)), + WIFI_LOGGER_WATCHDOG_TIMER_FEATURE = (1 << (6)), + WIFI_LOGGER_DRIVER_DUMP_FEATURE = (1 << (7)), + WIFI_LOGGER_PACKET_FATE_FEATURE = (1 << (8)), +}; + +/** + * enum qca_wlan_tdls_caps_features_supported - Values for TDLS get + * capabilities features + */ +enum qca_wlan_tdls_caps_features_supported { + WIFI_TDLS_SUPPORT = (1 << (0)), + WIFI_TDLS_EXTERNAL_CONTROL_SUPPORT = (1 << (1)), + WIFI_TDLS_OFFCHANNEL_SUPPORT = (1 << (2)) +}; + +/** + * enum qca_wlan_vendor_attr_tdls_get_capabilities - Used by the vendor command + * QCA_NL80211_VENDOR_SUBCMD_TDLS_GET_CAPABILITIES. + */ +enum qca_wlan_vendor_attr_tdls_get_capabilities { + QCA_WLAN_VENDOR_ATTR_TDLS_GET_CAPS_INVALID = 0, + /* Indicates the max concurrent sessions */ + /* Unsigned 32-bit value */ + QCA_WLAN_VENDOR_ATTR_TDLS_GET_CAPS_MAX_CONC_SESSIONS, + /* Indicates the support for features */ + /* Unsigned 32-bit bitmap qca_wlan_tdls_caps_features_supported + */ + QCA_WLAN_VENDOR_ATTR_TDLS_GET_CAPS_FEATURES_SUPPORTED, + + /* keep last */ + QCA_WLAN_VENDOR_ATTR_TDLS_GET_CAPS_AFTER_LAST, + QCA_WLAN_VENDOR_ATTR_TDLS_GET_CAPS_MAX = + QCA_WLAN_VENDOR_ATTR_TDLS_GET_CAPS_AFTER_LAST - 1, +}; + +/** + * enum qca_wlan_offloaded_packets_sending_control - Offload packets control + * command used as value for the attribute + * QCA_WLAN_VENDOR_ATTR_OFFLOADED_PACKETS_SENDING_CONTROL. + */ +enum qca_wlan_offloaded_packets_sending_control { + QCA_WLAN_OFFLOADED_PACKETS_SENDING_CONTROL_INVALID = 0, + QCA_WLAN_OFFLOADED_PACKETS_SENDING_START, + QCA_WLAN_OFFLOADED_PACKETS_SENDING_STOP +}; + +/** + * enum qca_wlan_vendor_attr_offloaded_packets - Used by the vendor command + * QCA_NL80211_VENDOR_SUBCMD_OFFLOADED_PACKETS. + */ +enum qca_wlan_vendor_attr_offloaded_packets { + QCA_WLAN_VENDOR_ATTR_OFFLOADED_PACKETS_INVALID = 0, + /* Takes valid value from the enum + * qca_wlan_offloaded_packets_sending_control + * Unsigned 32-bit value + */ + QCA_WLAN_VENDOR_ATTR_OFFLOADED_PACKETS_SENDING_CONTROL, + /* Unsigned 32-bit value */ + QCA_WLAN_VENDOR_ATTR_OFFLOADED_PACKETS_REQUEST_ID, + /* array of u8 len: Max packet size */ + QCA_WLAN_VENDOR_ATTR_OFFLOADED_PACKETS_IP_PACKET_DATA, + /* 6-byte MAC address used to represent source MAC address */ + QCA_WLAN_VENDOR_ATTR_OFFLOADED_PACKETS_SRC_MAC_ADDR, + /* 6-byte MAC address used to represent destination MAC address */ + QCA_WLAN_VENDOR_ATTR_OFFLOADED_PACKETS_DST_MAC_ADDR, + /* Unsigned 32-bit value, in milli seconds */ + QCA_WLAN_VENDOR_ATTR_OFFLOADED_PACKETS_PERIOD, + + /* keep last */ + QCA_WLAN_VENDOR_ATTR_OFFLOADED_PACKETS_AFTER_LAST, + QCA_WLAN_VENDOR_ATTR_OFFLOADED_PACKETS_MAX = + QCA_WLAN_VENDOR_ATTR_OFFLOADED_PACKETS_AFTER_LAST - 1, +}; + +/** + * enum qca_wlan_rssi_monitoring_control - RSSI control commands used as values + * by the attribute QCA_WLAN_VENDOR_ATTR_RSSI_MONITORING_CONTROL. + */ +enum qca_wlan_rssi_monitoring_control { + QCA_WLAN_RSSI_MONITORING_CONTROL_INVALID = 0, + QCA_WLAN_RSSI_MONITORING_START, + QCA_WLAN_RSSI_MONITORING_STOP, +}; + +/** + * enum qca_wlan_vendor_attr_rssi_monitoring - Used by the vendor command + * QCA_NL80211_VENDOR_SUBCMD_MONITOR_RSSI. + */ +enum qca_wlan_vendor_attr_rssi_monitoring { + QCA_WLAN_VENDOR_ATTR_RSSI_MONITORING_INVALID = 0, + /* Takes valid value from the enum + * qca_wlan_rssi_monitoring_control + * Unsigned 32-bit value enum qca_wlan_rssi_monitoring_control + */ + QCA_WLAN_VENDOR_ATTR_RSSI_MONITORING_CONTROL, + /* Unsigned 32-bit value */ + QCA_WLAN_VENDOR_ATTR_RSSI_MONITORING_REQUEST_ID, + /* Signed 8-bit value in dBm */ + QCA_WLAN_VENDOR_ATTR_RSSI_MONITORING_MAX_RSSI, + /* Signed 8-bit value in dBm */ + QCA_WLAN_VENDOR_ATTR_RSSI_MONITORING_MIN_RSSI, + /* attributes to be used/received in callback */ + /* 6-byte MAC address used to represent current BSSID MAC address */ + QCA_WLAN_VENDOR_ATTR_RSSI_MONITORING_CUR_BSSID, + /* Signed 8-bit value indicating the current RSSI */ + QCA_WLAN_VENDOR_ATTR_RSSI_MONITORING_CUR_RSSI, + /* keep last */ + QCA_WLAN_VENDOR_ATTR_RSSI_MONITORING_AFTER_LAST, + QCA_WLAN_VENDOR_ATTR_RSSI_MONITORING_MAX = + QCA_WLAN_VENDOR_ATTR_RSSI_MONITORING_AFTER_LAST - 1, +}; + +/** + * enum qca_wlan_vendor_attr_ndp_params - Used by the vendor command + * QCA_NL80211_VENDOR_SUBCMD_NDP. + */ +enum qca_wlan_vendor_attr_ndp_params { + QCA_WLAN_VENDOR_ATTR_NDP_PARAM_INVALID = 0, + /* Unsigned 32-bit value + * enum of sub commands values in qca_wlan_ndp_sub_cmd + */ + QCA_WLAN_VENDOR_ATTR_NDP_SUBCMD, + /* Unsigned 16-bit value */ + QCA_WLAN_VENDOR_ATTR_NDP_TRANSACTION_ID, + /* NL attributes for data used NDP SUB cmds */ + /* Unsigned 32-bit value indicating a service info */ + QCA_WLAN_VENDOR_ATTR_NDP_SERVICE_INSTANCE_ID, + /* Unsigned 32-bit value; channel frequency in MHz */ + QCA_WLAN_VENDOR_ATTR_NDP_CHANNEL, + /* Interface Discovery MAC address. An array of 6 Unsigned int8 */ + QCA_WLAN_VENDOR_ATTR_NDP_PEER_DISCOVERY_MAC_ADDR, + /* Interface name on which NDP is being created */ + QCA_WLAN_VENDOR_ATTR_NDP_IFACE_STR, + /* Unsigned 32-bit value for security */ + /* CONFIG_SECURITY is deprecated, use NCS_SK_TYPE/PMK/SCID instead */ + QCA_WLAN_VENDOR_ATTR_NDP_CONFIG_SECURITY, + /* Unsigned 32-bit value for QoS */ + QCA_WLAN_VENDOR_ATTR_NDP_CONFIG_QOS, + /* Array of u8: len = QCA_WLAN_VENDOR_ATTR_NAN_DP_APP_INFO_LEN */ + QCA_WLAN_VENDOR_ATTR_NDP_APP_INFO, + /* Unsigned 32-bit value for NDP instance Id */ + QCA_WLAN_VENDOR_ATTR_NDP_INSTANCE_ID, + /* Array of instance Ids */ + QCA_WLAN_VENDOR_ATTR_NDP_INSTANCE_ID_ARRAY, + /* Unsigned 32-bit value for initiator/responder NDP response code + * accept/reject + */ + QCA_WLAN_VENDOR_ATTR_NDP_RESPONSE_CODE, + /* NDI MAC address. An array of 6 Unsigned int8 */ + QCA_WLAN_VENDOR_ATTR_NDP_NDI_MAC_ADDR, + /* Unsigned 32-bit value errors types returned by driver + * The wifi_nan.h in AOSP project platform/hardware/libhardware_legacy + * NanStatusType includes these values. + */ + QCA_WLAN_VENDOR_ATTR_NDP_DRV_RESPONSE_STATUS_TYPE, + /* Unsigned 32-bit value error values returned by driver + * The nan_i.h in AOSP project platform/hardware/qcom/wlan + * NanInternalStatusType includes these values. + */ + QCA_WLAN_VENDOR_ATTR_NDP_DRV_RETURN_VALUE, + /* Unsigned 32-bit value for Channel setup configuration + * The wifi_nan.h in AOSP project platform/hardware/libhardware_legacy + * NanDataPathChannelCfg includes these values. + */ + QCA_WLAN_VENDOR_ATTR_NDP_CHANNEL_CONFIG, + /* Unsigned 32-bit value for Cipher Suite Shared Key Type */ + QCA_WLAN_VENDOR_ATTR_NDP_CSID, + /* Array of u8: len = NAN_PMK_INFO_LEN 32 bytes */ + QCA_WLAN_VENDOR_ATTR_NDP_PMK, + /* Security Context Identifier that contains the PMKID + * Array of u8: len = NAN_SCID_BUF_LEN 1024 bytes + */ + QCA_WLAN_VENDOR_ATTR_NDP_SCID, + /* Array of u8: len = NAN_SECURITY_MAX_PASSPHRASE_LEN 63 bytes */ + QCA_WLAN_VENDOR_ATTR_NDP_PASSPHRASE, + /* Array of u8: len = NAN_MAX_SERVICE_NAME_LEN 255 bytes */ + QCA_WLAN_VENDOR_ATTR_NDP_SERVICE_NAME, + /* Unsigned 32-bit bitmap indicating schedule update + * BIT_0: NSS Update + * BIT_1: Channel list update + */ + QCA_WLAN_VENDOR_ATTR_NDP_SCHEDULE_UPDATE_REASON, + /* Unsigned 32-bit value for NSS */ + QCA_WLAN_VENDOR_ATTR_NDP_NSS, + /* Unsigned 32-bit value for NUMBER NDP CHANNEL */ + QCA_WLAN_VENDOR_ATTR_NDP_NUM_CHANNELS, + /* Unsigned 32-bit value for CHANNEL BANDWIDTH + * 0:20 MHz, 1:40 MHz, 2:80 MHz, 3:160 MHz + */ + QCA_WLAN_VENDOR_ATTR_NDP_CHANNEL_WIDTH, + /* Array of channel/band width */ + QCA_WLAN_VENDOR_ATTR_NDP_CHANNEL_INFO, + /* IPv6 address used by NDP (in network byte order), 16 bytes array. + * This attribute is used and optional for ndp request, ndp response, + * ndp indication, and ndp confirm. + */ + QCA_WLAN_VENDOR_ATTR_NDP_IPV6_ADDR = 27, + /* Unsigned 16-bit value indicating transport port used by NDP. + * This attribute is used and optional for ndp response, ndp indication, + * and ndp confirm. + */ + QCA_WLAN_VENDOR_ATTR_NDP_TRANSPORT_PORT = 28, + /* Unsigned 8-bit value indicating protocol used by NDP and assigned by + * the Internet Assigned Numbers Authority (IANA) as per: + * https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml + * This attribute is used and optional for ndp response, ndp indication, + * and ndp confirm. + */ + QCA_WLAN_VENDOR_ATTR_NDP_TRANSPORT_PROTOCOL = 29, + /* Unsigned 8-bit value indicating if NDP remote peer supports NAN NDPE. + * 1:support 0:not support + */ + QCA_WLAN_VENDOR_ATTR_PEER_NDPE_SUPPORT = 30, + + /* keep last */ + QCA_WLAN_VENDOR_ATTR_NDP_PARAMS_AFTER_LAST, + QCA_WLAN_VENDOR_ATTR_NDP_PARAMS_MAX = + QCA_WLAN_VENDOR_ATTR_NDP_PARAMS_AFTER_LAST - 1, +}; + +enum qca_wlan_ndp_sub_cmd { + QCA_WLAN_VENDOR_ATTR_NDP_INVALID = 0, + /* Command to create a NAN data path interface */ + QCA_WLAN_VENDOR_ATTR_NDP_INTERFACE_CREATE = 1, + /* Command to delete a NAN data path interface */ + QCA_WLAN_VENDOR_ATTR_NDP_INTERFACE_DELETE = 2, + /* Command to initiate a NAN data path session */ + QCA_WLAN_VENDOR_ATTR_NDP_INITIATOR_REQUEST = 3, + /* Command to notify if the NAN data path session was sent */ + QCA_WLAN_VENDOR_ATTR_NDP_INITIATOR_RESPONSE = 4, + /* Command to respond to NAN data path session */ + QCA_WLAN_VENDOR_ATTR_NDP_RESPONDER_REQUEST = 5, + /* Command to notify on the responder about the response */ + QCA_WLAN_VENDOR_ATTR_NDP_RESPONDER_RESPONSE = 6, + /* Command to initiate a NAN data path end */ + QCA_WLAN_VENDOR_ATTR_NDP_END_REQUEST = 7, + /* Command to notify the if end request was sent */ + QCA_WLAN_VENDOR_ATTR_NDP_END_RESPONSE = 8, + /* Command to notify the peer about the end request */ + QCA_WLAN_VENDOR_ATTR_NDP_REQUEST_IND = 9, + /* Command to confirm the NAN data path session is complete */ + QCA_WLAN_VENDOR_ATTR_NDP_CONFIRM_IND = 10, + /* Command to indicate the peer about the end request being received */ + QCA_WLAN_VENDOR_ATTR_NDP_END_IND = 11, + /* Command to indicate the peer of schedule update */ + QCA_WLAN_VENDOR_ATTR_NDP_SCHEDULE_UPDATE_IND = 12 +}; + +/** + * enum qca_wlan_vendor_attr_nd_offload - Used by the vendor command + * QCA_NL80211_VENDOR_SUBCMD_ND_OFFLOAD. + */ +enum qca_wlan_vendor_attr_nd_offload { + QCA_WLAN_VENDOR_ATTR_ND_OFFLOAD_INVALID = 0, + /* Flag to set Neighbour Discovery offload */ + QCA_WLAN_VENDOR_ATTR_ND_OFFLOAD_FLAG, + /* Keep last */ + QCA_WLAN_VENDOR_ATTR_ND_OFFLOAD_AFTER_LAST, + QCA_WLAN_VENDOR_ATTR_ND_OFFLOAD_MAX = + QCA_WLAN_VENDOR_ATTR_ND_OFFLOAD_AFTER_LAST - 1, +}; + +/** + * enum packet_filter_sub_cmd - Packet filter sub commands + */ +enum packet_filter_sub_cmd { + /** + * Write packet filter program and/or data. The driver/firmware should + * disable APF before writing into local buffer and re-enable APF after + * writing is done. + */ + QCA_WLAN_SET_PACKET_FILTER = 1, + /* Get packet filter feature capabilities from driver */ + QCA_WLAN_GET_PACKET_FILTER = 2, + /** + * Write packet filter program and/or data. User space will send the + * %QCA_WLAN_DISABLE_PACKET_FILTER command before issuing this command + * and will send the %QCA_WLAN_ENABLE_PACKET_FILTER afterwards. The key + * difference from that %QCA_WLAN_SET_PACKET_FILTER is the control over + * enable/disable is given to user space with this command. Also, + * user space sends the length of program portion in the buffer within + * %QCA_WLAN_VENDOR_ATTR_PACKET_FILTER_PROG_LENGTH. + */ + QCA_WLAN_WRITE_PACKET_FILTER = 3, + /* Read packet filter program and/or data */ + QCA_WLAN_READ_PACKET_FILTER = 4, + /* Enable APF feature */ + QCA_WLAN_ENABLE_PACKET_FILTER = 5, + /* Disable APF feature */ + QCA_WLAN_DISABLE_PACKET_FILTER = 6, +}; + +/** + * enum qca_wlan_vendor_attr_packet_filter - BPF control commands used by + * vendor QCA_NL80211_VENDOR_SUBCMD_PACKET_FILTER. + */ +enum qca_wlan_vendor_attr_packet_filter { + QCA_WLAN_VENDOR_ATTR_PACKET_FILTER_INVALID = 0, + /* Unsigned 32-bit enum passed using packet_filter_sub_cmd */ + QCA_WLAN_VENDOR_ATTR_PACKET_FILTER_SUB_CMD, + /* Unsigned 32-bit value indicating the packet filter version */ + QCA_WLAN_VENDOR_ATTR_PACKET_FILTER_VERSION, + /* Unsigned 32-bit value indicating the packet filter id */ + QCA_WLAN_VENDOR_ATTR_PACKET_FILTER_ID, + /** + * Unsigned 32-bit value indicating the packet filter size including + * program + data. + */ + QCA_WLAN_VENDOR_ATTR_PACKET_FILTER_SIZE, + /* Unsigned 32-bit value indicating the packet filter current offset */ + QCA_WLAN_VENDOR_ATTR_PACKET_FILTER_CURRENT_OFFSET, + /* Program and/or data in bytes */ + QCA_WLAN_VENDOR_ATTR_PACKET_FILTER_PROGRAM, + /* Unsigned 32-bit value of the length of the program section in packet + * filter buffer. + */ + QCA_WLAN_VENDOR_ATTR_PACKET_FILTER_PROG_LENGTH = 7, + + /* keep last */ + QCA_WLAN_VENDOR_ATTR_PACKET_FILTER_AFTER_LAST, + QCA_WLAN_VENDOR_ATTR_PACKET_FILTER_MAX = + QCA_WLAN_VENDOR_ATTR_PACKET_FILTER_AFTER_LAST - 1, +}; + +/** + * enum qca_wlan_vendor_drv_info - WLAN driver info used by vendor command + * QCA_NL80211_VENDOR_SUBCMD_GET_BUS_SIZE. + */ +enum qca_wlan_vendor_drv_info { + QCA_WLAN_VENDOR_ATTR_DRV_INFO_INVALID = 0, + /* Maximum Message size info between firmware & HOST + * Unsigned 32-bit value + */ + QCA_WLAN_VENDOR_ATTR_DRV_INFO_BUS_SIZE, + /* keep last */ + QCA_WLAN_VENDOR_ATTR_DRV_INFO_AFTER_LAST, + QCA_WLAN_VENDOR_ATTR_DRV_INFO_MAX = + QCA_WLAN_VENDOR_ATTR_DRV_INFO_AFTER_LAST - 1, +}; + +/** + * enum qca_wlan_vendor_attr_wake_stats - Wake lock stats used by vendor + * command QCA_NL80211_VENDOR_SUBCMD_GET_WAKE_REASON_STATS. + */ +enum qca_wlan_vendor_attr_wake_stats { + QCA_WLAN_VENDOR_ATTR_WAKE_STATS_INVALID = 0, + /* Unsigned 32-bit value indicating the total count of wake event */ + QCA_WLAN_VENDOR_ATTR_WAKE_STATS_TOTAL_CMD_EVENT_WAKE, + /* Array of individual wake count, each index representing wake reason + */ + QCA_WLAN_VENDOR_ATTR_WAKE_STATS_CMD_EVENT_WAKE_CNT_PTR, + /* Unsigned 32-bit value representing wake count array */ + QCA_WLAN_VENDOR_ATTR_WAKE_STATS_CMD_EVENT_WAKE_CNT_SZ, + /* Unsigned 32-bit total wake count value of driver/fw */ + QCA_WLAN_VENDOR_ATTR_WAKE_STATS_TOTAL_DRIVER_FW_LOCAL_WAKE, + /* Array of wake stats of driver/fw */ + QCA_WLAN_VENDOR_ATTR_WAKE_STATS_DRIVER_FW_LOCAL_WAKE_CNT_PTR, + /* Unsigned 32-bit total wake count value of driver/fw */ + QCA_WLAN_VENDOR_ATTR_WAKE_STATS_DRIVER_FW_LOCAL_WAKE_CNT_SZ, + /* Unsigned 32-bit total wake count value of packets received */ + QCA_WLAN_VENDOR_ATTR_WAKE_STATS_TOTAL_RX_DATA_WAKE, + /* Unsigned 32-bit wake count value unicast packets received */ + QCA_WLAN_VENDOR_ATTR_WAKE_STATS_RX_UNICAST_CNT, + /* Unsigned 32-bit wake count value multicast packets received */ + QCA_WLAN_VENDOR_ATTR_WAKE_STATS_RX_MULTICAST_CNT, + /* Unsigned 32-bit wake count value broadcast packets received */ + QCA_WLAN_VENDOR_ATTR_WAKE_STATS_RX_BROADCAST_CNT, + /* Unsigned 32-bit wake count value of ICMP packets */ + QCA_WLAN_VENDOR_ATTR_WAKE_STATS_ICMP_PKT, + /* Unsigned 32-bit wake count value of ICMP6 packets */ + QCA_WLAN_VENDOR_ATTR_WAKE_STATS_ICMP6_PKT, + /* Unsigned 32-bit value ICMP6 router advertisement */ + QCA_WLAN_VENDOR_ATTR_WAKE_STATS_ICMP6_RA, + /* Unsigned 32-bit value ICMP6 neighbor advertisement */ + QCA_WLAN_VENDOR_ATTR_WAKE_STATS_ICMP6_NA, + /* Unsigned 32-bit value ICMP6 neighbor solicitation */ + QCA_WLAN_VENDOR_ATTR_WAKE_STATS_ICMP6_NS, + /* Unsigned 32-bit wake count value of receive side ICMP4 multicast */ + QCA_WLAN_VENDOR_ATTR_WAKE_STATS_ICMP4_RX_MULTICAST_CNT, + /* Unsigned 32-bit wake count value of receive side ICMP6 multicast */ + QCA_WLAN_VENDOR_ATTR_WAKE_STATS_ICMP6_RX_MULTICAST_CNT, + /* Unsigned 32-bit wake count value of receive side multicast */ + QCA_WLAN_VENDOR_ATTR_WAKE_STATS_OTHER_RX_MULTICAST_CNT, + /* Unsigned 32-bit wake count value of a given RSSI breach */ + QCA_WLAN_VENDOR_ATTR_WAKE_STATS_RSSI_BREACH_CNT, + /* Unsigned 32-bit wake count value of low RSSI */ + QCA_WLAN_VENDOR_ATTR_WAKE_STATS_LOW_RSSI_CNT, + /* Unsigned 32-bit value GSCAN count */ + QCA_WLAN_VENDOR_ATTR_WAKE_STATS_GSCAN_CNT, + /* Unsigned 32-bit value PNO complete count */ + QCA_WLAN_VENDOR_ATTR_WAKE_STATS_PNO_COMPLETE_CNT, + /* Unsigned 32-bit value PNO match count */ + QCA_WLAN_VENDOR_ATTR_WAKE_STATS_PNO_MATCH_CNT, + /* keep last */ + QCA_WLAN_VENDOR_GET_WAKE_STATS_AFTER_LAST, + QCA_WLAN_VENDOR_GET_WAKE_STATS_MAX = + QCA_WLAN_VENDOR_GET_WAKE_STATS_AFTER_LAST - 1, +}; + +/** + * enum qca_wlan_vendor_attr_thermal_cmd - Vendor subcmd attributes to set + * cmd value. Used for NL attributes for data used by + * QCA_NL80211_VENDOR_SUBCMD_THERMAL_CMD sub command. + */ +enum qca_wlan_vendor_attr_thermal_cmd { + QCA_WLAN_VENDOR_ATTR_THERMAL_CMD_INVALID = 0, + /* The value of command, driver will implement different operations + * according to this value. It uses values defined in + * enum qca_wlan_vendor_attr_thermal_cmd_type. + * u32 attribute. + */ + QCA_WLAN_VENDOR_ATTR_THERMAL_CMD_VALUE = 1, + + /* keep last */ + QCA_WLAN_VENDOR_ATTR_THERMAL_CMD_AFTER_LAST, + QCA_WLAN_VENDOR_ATTR_THERMAL_CMD_MAX = + QCA_WLAN_VENDOR_ATTR_THERMAL_CMD_AFTER_LAST - 1 +}; + +/** + * qca_wlan_vendor_attr_thermal_cmd_type: Attribute values for + * QCA_WLAN_VENDOR_ATTR_THERMAL_CMD_VALUE to the vendor subcmd + * QCA_NL80211_VENDOR_SUBCMD_THERMAL_CMD. This represents the + * thermal command types sent to driver. + * @QCA_WLAN_VENDOR_ATTR_THERMAL_CMD_TYPE_GET_PARAMS: Request to + * get thermal shutdown configuration parameters for display. Parameters + * responded from driver are defined in + * enum qca_wlan_vendor_attr_get_thermal_params_rsp. + * @QCA_WLAN_VENDOR_ATTR_THERMAL_CMD_TYPE_GET_TEMPERATURE: Request to + * get temperature. Host should respond with a temperature data. It is defined + * in enum qca_wlan_vendor_attr_thermal_get_temperature. + * @QCA_WLAN_VENDOR_ATTR_THERMAL_CMD_TYPE_SUSPEND: Request to execute thermal + * suspend action. + * @QCA_WLAN_VENDOR_ATTR_THERMAL_CMD_TYPE_RESUME: Request to execute thermal + * resume action. + */ +enum qca_wlan_vendor_attr_thermal_cmd_type { + QCA_WLAN_VENDOR_ATTR_THERMAL_CMD_TYPE_GET_PARAMS, + QCA_WLAN_VENDOR_ATTR_THERMAL_CMD_TYPE_GET_TEMPERATURE, + QCA_WLAN_VENDOR_ATTR_THERMAL_CMD_TYPE_SUSPEND, + QCA_WLAN_VENDOR_ATTR_THERMAL_CMD_TYPE_RESUME, +}; + +/** + * enum qca_wlan_vendor_attr_thermal_get_temperature - vendor subcmd attributes + * to get chip temperature by user. + * enum values are used for NL attributes for data used by + * QCA_WLAN_VENDOR_ATTR_THERMAL_CMD_TYPE_GET_TEMPERATURE command for data used + * by QCA_NL80211_VENDOR_SUBCMD_THERMAL_CMD sub command. + */ +enum qca_wlan_vendor_attr_thermal_get_temperature { + QCA_WLAN_VENDOR_ATTR_THERMAL_GET_TEMPERATURE_INVALID = 0, + /* Temperature value (degree Celsius) from driver. + * u32 attribute. + */ + QCA_WLAN_VENDOR_ATTR_THERMAL_GET_TEMPERATURE_DATA, + + /* keep last */ + QCA_WLAN_VENDOR_ATTR_THERMAL_GET_TEMPERATURE_AFTER_LAST, + QCA_WLAN_VENDOR_ATTR_THERMAL_GET_TEMPERATURE_MAX = + QCA_WLAN_VENDOR_ATTR_THERMAL_GET_TEMPERATURE_AFTER_LAST - 1, +}; + +/** + * enum qca_wlan_vendor_attr_get_thermal_params_rsp - vendor subcmd attributes + * to get configuration parameters of thermal shutdown feature. Enum values are + * used by QCA_WLAN_VENDOR_ATTR_THERMAL_CMD_TYPE_GET_PARAMS command for data + * used by QCA_NL80211_VENDOR_SUBCMD_THERMAL_CMD sub command. + */ +enum qca_wlan_vendor_attr_get_thermal_params_rsp { + QCA_WLAN_VENDOR_ATTR_GET_THERMAL_PARAMS_RSP_INVALID = 0, + /* Indicate if the thermal shutdown feature is enabled. + * NLA_FLAG attribute. + */ + QCA_WLAN_VENDOR_ATTR_GET_THERMAL_PARAMS_RSP_SHUTDOWN_EN, + /* Indicate if the auto mode is enabled. + * Enable: Driver triggers the suspend/resume action. + * Disable: User space triggers the suspend/resume action. + * NLA_FLAG attribute. + */ + QCA_WLAN_VENDOR_ATTR_GET_THERMAL_PARAMS_RSP_SHUTDOWN_AUTO_EN, + /* Thermal resume threshold (degree Celsius). Issue the resume command + * if the temperature value is lower than this threshold. + * u16 attribute. + */ + QCA_WLAN_VENDOR_ATTR_GET_THERMAL_PARAMS_RSP_RESUME_THRESH, + /* Thermal warning threshold (degree Celsius). FW reports temperature + * to driver if it's higher than this threshold. + * u16 attribute. + */ + QCA_WLAN_VENDOR_ATTR_GET_THERMAL_PARAMS_RSP_WARNING_THRESH, + /* Thermal suspend threshold (degree Celsius). Issue the suspend command + * if the temperature value is higher than this threshold. + * u16 attribute. + */ + QCA_WLAN_VENDOR_ATTR_GET_THERMAL_PARAMS_RSP_SUSPEND_THRESH, + /* FW reports temperature data periodically at this interval (ms). + * u16 attribute. + */ + QCA_WLAN_VENDOR_ATTR_GET_THERMAL_PARAMS_RSP_SAMPLE_RATE, + + /* keep last */ + QCA_WLAN_VENDOR_ATTR_GET_THERMAL_PARAMS_RSP_AFTER_LAST, + QCA_WLAN_VENDOR_ATTR_GET_THERMAL_PARAMS_RSP_MAX = + QCA_WLAN_VENDOR_ATTR_GET_THERMAL_PARAMS_RSP_AFTER_LAST - 1, +}; + +/** + * enum qca_wlan_vendor_attr_thermal_event - vendor subcmd attributes to + * report thermal events from driver to user space. + * enum values are used for NL attributes for data used by + * QCA_NL80211_VENDOR_SUBCMD_THERMAL_EVENT sub command. + */ +enum qca_wlan_vendor_attr_thermal_event { + QCA_WLAN_VENDOR_ATTR_THERMAL_EVENT_INVALID = 0, + /* Temperature value (degree Celsius) from driver. + * u32 attribute. + */ + QCA_WLAN_VENDOR_ATTR_THERMAL_EVENT_TEMPERATURE, + /* Indication of resume completion from power save mode. + * NLA_FLAG attribute. + */ + QCA_WLAN_VENDOR_ATTR_THERMAL_EVENT_RESUME_COMPLETE, + + /* keep last */ + QCA_WLAN_VENDOR_ATTR_THERMAL_EVENT_AFTER_LAST, + QCA_WLAN_VENDOR_ATTR_THERMAL_EVENT_MAX = + QCA_WLAN_VENDOR_ATTR_THERMAL_EVENT_AFTER_LAST - 1, +}; + +/** + * enum he_fragmentation_val - HE fragmentation support values + * Indicates level of dynamic fragmentation that is supported by + * a STA as a recipient. + * HE fragmentation values are defined in IEEE P802.11ax/D2.0, 9.4.2.237.2 + * (HE MAC Capabilities Information field) and are used in HE Capabilities + * element to advertise the support. These values are validated in the driver + * to check the device capability and advertised in the HE Capabilities + * element. These values are used to configure testbed device to allow the + * advertised hardware capabilities to be downgraded for testing purposes. + * + * @HE_FRAG_DISABLE: no support for dynamic fragmentation + * @HE_FRAG_LEVEL1: support for dynamic fragments that are + * contained within an MPDU or S-MPDU, no support for dynamic fragments + * within an A-MPDU that is not an S-MPDU. + * @HE_FRAG_LEVEL2: support for dynamic fragments that are + * contained within an MPDU or S-MPDU and support for up to one dynamic + * fragment for each MSDU, each A-MSDU if supported by the recipient, and + * each MMPDU within an A-MPDU or multi-TID A-MPDU that is not an + * MPDU or S-MPDU. + * @HE_FRAG_LEVEL3: support for dynamic fragments that are + * contained within an MPDU or S-MPDU and support for multiple dynamic + * fragments for each MSDU and for each A-MSDU if supported by the + * recipient within an A-MPDU or multi-TID AMPDU and up to one dynamic + * fragment for each MMPDU in a multi-TID A-MPDU that is not an S-MPDU. + */ +enum he_fragmentation_val { + HE_FRAG_DISABLE, + HE_FRAG_LEVEL1, + HE_FRAG_LEVEL2, + HE_FRAG_LEVEL3, +}; + +/** + * enum he_mcs_config - HE MCS support configuration + * + * Configures the HE Tx/Rx MCS map in HE capability IE for given bandwidth. + * These values are used in driver to configure the HE MCS map to advertise + * Tx/Rx MCS map in HE capability and these values are applied for all the + * streams supported by the device. To configure MCS for different bandwidths, + * vendor command needs to be sent using this attribute with appropriate value. + * For example, to configure HE_80_MCS_0_7, send vendor command using HE MCS + * attribute with HE_80_MCS0_7. And to configure HE MCS for HE_160_MCS0_11 + * send this command using HE MCS config attribute with value HE_160_MCS0_11. + * These values are used to configure testbed device to allow the advertised + * hardware capabilities to be downgraded for testing purposes. The enum values + * are defined such that BIT[1:0] indicates the MCS map value. Values 3,7 and + * 11 are not used as BIT[1:0] value is 3 which is used to disable MCS map. + * These values are validated in the driver before setting the MCS map and + * driver returns error if the input is other than these enum values. + * + * @HE_80_MCS0_7: support for HE 80/40/20 MHz MCS 0 to 7 + * @HE_80_MCS0_9: support for HE 80/40/20 MHz MCS 0 to 9 + * @HE_80_MCS0_11: support for HE 80/40/20 MHz MCS 0 to 11 + * @HE_160_MCS0_7: support for HE 160 MHz MCS 0 to 7 + * @HE_160_MCS0_9: support for HE 160 MHz MCS 0 to 9 + * @HE_160_MCS0_11: support for HE 160 MHz MCS 0 to 11 + * @HE_80P80_MCS0_7: support for HE 80p80 MHz MCS 0 to 7 + * @HE_80P80_MCS0_9: support for HE 80p80 MHz MCS 0 to 9 + * @HE_80P80_MCS0_11: support for HE 80p80 MHz MCS 0 to 11 + */ +enum he_mcs_config { + HE_80_MCS0_7 = 0, + HE_80_MCS0_9 = 1, + HE_80_MCS0_11 = 2, + HE_160_MCS0_7 = 4, + HE_160_MCS0_9 = 5, + HE_160_MCS0_11 = 6, + HE_80P80_MCS0_7 = 8, + HE_80P80_MCS0_9 = 9, + HE_80P80_MCS0_11 = 10, +}; + +/** + * enum qca_wlan_ba_session_config - BA session configuration + * + * Indicates the configuration values for BA session configuration attribute. + * + * @QCA_WLAN_ADD_BA: Establish a new BA session with given configuration. + * @QCA_WLAN_DELETE_BA: Delete the existing BA session for given TID. + */ +enum qca_wlan_ba_session_config { + QCA_WLAN_ADD_BA = 1, + QCA_WLAN_DELETE_BA = 2, +}; + +/** + * enum qca_wlan_ac_type - Access category type + * + * Indicates the access category type value. + * + * @QCA_WLAN_AC_BE: BE access category + * @QCA_WLAN_AC_BK: BK access category + * @QCA_WLAN_AC_VI: VI access category + * @QCA_WLAN_AC_VO: VO access category + * @QCA_WLAN_AC_ALL: All ACs + */ +enum qca_wlan_ac_type { + QCA_WLAN_AC_BE = 0, + QCA_WLAN_AC_BK = 1, + QCA_WLAN_AC_VI = 2, + QCA_WLAN_AC_VO = 3, + QCA_WLAN_AC_ALL = 4, +}; + +/** + * enum qca_wlan_he_ltf_cfg - HE LTF configuration + * + * Indicates the HE LTF configuration value. + * + * @QCA_WLAN_HE_LTF_AUTO: HE-LTF is automatically set to the mandatory HE-LTF, + * based on the GI setting + * @QCA_WLAN_HE_LTF_1X: 1X HE LTF is 3.2us LTF + * @QCA_WLAN_HE_LTF_2X: 2X HE LTF is 6.4us LTF + * @QCA_WLAN_HE_LTF_4X: 4X HE LTF is 12.8us LTF + */ +enum qca_wlan_he_ltf_cfg { + QCA_WLAN_HE_LTF_AUTO = 0, + QCA_WLAN_HE_LTF_1X = 1, + QCA_WLAN_HE_LTF_2X = 2, + QCA_WLAN_HE_LTF_4X = 3, +}; + +/** + * enum qca_wlan_he_mac_padding_dur - HE trigger frame MAC padding duration + * + * Indicates the HE trigger frame MAC padding duration value. + * + * @QCA_WLAN_HE_NO_ADDITIONAL_PROCESS_TIME: no additional time required to + * process the trigger frame. + * @QCA_WLAN_HE_8US_OF_PROCESS_TIME: indicates the 8us of processing time for + * trigger frame. + * @QCA_WLAN_HE_16US_OF_PROCESS_TIME: indicates the 16us of processing time for + * trigger frame. + */ +enum qca_wlan_he_mac_padding_dur { + QCA_WLAN_HE_NO_ADDITIONAL_PROCESS_TIME = 0, + QCA_WLAN_HE_8US_OF_PROCESS_TIME = 1, + QCA_WLAN_HE_16US_OF_PROCESS_TIME = 2, +}; + +/** + * enum qca_wlan_he_om_ctrl_ch_bw - HE OM control field BW configuration + * + * Indicates the HE Operating mode control channel width setting value. + * + * @QCA_WLAN_HE_OM_CTRL_BW_20M: Primary 20 MHz + * @QCA_WLAN_HE_OM_CTRL_BW_40M: Primary 40 MHz + * @QCA_WLAN_HE_OM_CTRL_BW_80M: Primary 80 MHz + * @QCA_WLAN_HE_OM_CTRL_BW_160M: 160 MHz and 80+80 MHz + */ +enum qca_wlan_he_om_ctrl_ch_bw { + QCA_WLAN_HE_OM_CTRL_BW_20M = 0, + QCA_WLAN_HE_OM_CTRL_BW_40M = 1, + QCA_WLAN_HE_OM_CTRL_BW_80M = 2, + QCA_WLAN_HE_OM_CTRL_BW_160M = 3, +}; + +/* Attributes for data used by + * QCA_NL80211_VENDOR_SUBCMD_WIFI_TEST_CONFIGURATION + */ +enum qca_wlan_vendor_attr_wifi_test_config { + QCA_WLAN_VENDOR_ATTR_WIFI_TEST_CONFIG_INVALID = 0, + /* 8-bit unsigned value to configure the driver to enable/disable + * WMM feature. This attribute is used to configure testbed device. + * 1-enable, 0-disable + */ + QCA_WLAN_VENDOR_ATTR_WIFI_TEST_CONFIG_WMM_ENABLE = 1, + + /* 8-bit unsigned value to configure the driver to accept/reject + * the addba request from peer. This attribute is used to configure + * the testbed device. + * 1-accept addba, 0-reject addba + */ + QCA_WLAN_VENDOR_ATTR_WIFI_TEST_CONFIG_ACCEPT_ADDBA_REQ = 2, + + /* 8-bit unsigned value to configure the driver to send or not to + * send the addba request to peer. + * This attribute is used to configure the testbed device. + * 1-send addba, 0-do not send addba + */ + QCA_WLAN_VENDOR_ATTR_WIFI_TEST_CONFIG_SEND_ADDBA_REQ = 3, + + /* 8-bit unsigned value to indicate the HE fragmentation support. + * Uses enum he_fragmentation_val values. + * This attribute is used to configure the testbed device to + * allow the advertised hardware capabilities to be downgraded + * for testing purposes. + */ + QCA_WLAN_VENDOR_ATTR_WIFI_TEST_CONFIG_HE_FRAGMENTATION = 4, + + /* 8-bit unsigned value to indicate the HE MCS support. + * Uses enum he_mcs_config values. + * This attribute is used to configure the testbed device to + * allow the advertised hardware capabilities to be downgraded + * for testing purposes. + */ + QCA_WLAN_VENDOR_ATTR_WIFI_TEST_CONFIG_HE_MCS = 5, + + /* 8-bit unsigned value to configure the driver to allow or not to + * allow the connection with WEP/TKIP in HT/VHT/HE modes. + * This attribute is used to configure the testbed device. + * 1-allow WEP/TKIP in HT/VHT/HE, 0-do not allow WEP/TKIP. + */ + QCA_WLAN_VENDOR_ATTR_WIFI_TEST_CONFIG_WEP_TKIP_IN_HE = 6, + + /* 8-bit unsigned value to configure the driver to add a + * new BA session or delete the existing BA session for + * given TID. ADDBA command uses the buffer size and TID + * configuration if user specifies the values else default + * value for buffer size is used for all TIDs if the TID + * also not specified. For DEL_BA command TID value is + * required to process the command. + * Uses enum qca_wlan_ba_session_config values. + * This attribute is used to configure the testbed device. + */ + QCA_WLAN_VENDOR_ATTR_WIFI_TEST_CONFIG_ADD_DEL_BA_SESSION = 7, + + /* 16-bit unsigned value to configure the buffer size in addba + * request and response frames. + * This attribute is used to configure the testbed device. + * The range of the value is 0 to 256. + */ + QCA_WLAN_VENDOR_ATTR_WIFI_TEST_CONFIG_ADDBA_BUFF_SIZE = 8, + + /* 8-bit unsigned value to configure the buffer size in addba + * request and response frames. + * This attribute is used to configure the testbed device. + */ + QCA_WLAN_VENDOR_ATTR_WIFI_TEST_CONFIG_BA_TID = 9, + + /* 8-bit unsigned value to configure the no ack policy. + * To configure no ack policy, access category value is + * required to process the command. + * This attribute is used to configure the testbed device. + * 1 - enable no ack, 0 - disable no ack. + */ + QCA_WLAN_VENDOR_ATTR_WIFI_TEST_CONFIG_ENABLE_NO_ACK = 10, + + /* 8-bit unsigned value to configure the AC for no ack policy + * This attribute is used to configure the testbed device. + * Uses the enum qca_wlan_ac_type values. + */ + QCA_WLAN_VENDOR_ATTR_WIFI_TEST_CONFIG_NO_ACK_AC = 11, + + /* 8-bit unsigned value to configure the HE LTF + * This attribute is used to configure the testbed device. + * Uses the enum qca_wlan_he_ltf_cfg values. + */ + QCA_WLAN_VENDOR_ATTR_WIFI_TEST_CONFIG_HE_LTF = 12, + + /* 8-bit unsigned value to configure the tx beamformee. + * This attribute is used to configure the testbed device. + * 1-enable, 0-disable. + */ + QCA_WLAN_VENDOR_ATTR_WIFI_TEST_CONFIG_ENABLE_TX_BEAMFORMEE = 13, + + /* 8-bit unsigned value to configure the tx beamformee number + * of space-time streams. + * This attribute is used to configure the testbed device. + * The range of the value is 0 to 8. + */ + QCA_WLAN_VENDOR_ATTR_WIFI_TEST_CONFIG_HE_TX_BEAMFORMEE_NSTS = 14, + + /* 8-bit unsigned value to configure the MU EDCA params for given AC + * This attribute is used to configure the testbed device. + * Uses the enum qca_wlan_ac_type values. + */ + QCA_WLAN_VENDOR_ATTR_WIFI_TEST_CONFIG_HE_MU_EDCA_AC = 15, + + /* 8-bit unsigned value to configure the MU EDCA AIFSN for given AC + * To configure MU EDCA AIFSN value, MU EDCA access category value + * is required to process the command. + * This attribute is used to configure the testbed device. + */ + QCA_WLAN_VENDOR_ATTR_WIFI_TEST_CONFIG_HE_MU_EDCA_AIFSN = 16, + + /* 8-bit unsigned value to configure the MU EDCA ECW min value for + * given AC. + * To configure MU EDCA ECW min value, MU EDCA access category value + * is required to process the command. + * This attribute is used to configure the testbed device. + */ + QCA_WLAN_VENDOR_ATTR_WIFI_TEST_CONFIG_HE_MU_EDCA_ECWMIN = 17, + + /* 8-bit unsigned value to configure the MU EDCA ECW max value for + * given AC. + * To configure MU EDCA ECW max value, MU EDCA access category value + * is required to process the command. + * This attribute is used to configure the testbed device. + */ + QCA_WLAN_VENDOR_ATTR_WIFI_TEST_CONFIG_HE_MU_EDCA_ECWMAX = 18, + + /* 8-bit unsigned value to configure the MU EDCA timer for given AC + * To configure MU EDCA timer value, MU EDCA access category value + * is required to process the command. + * This attribute is used to configure the testbed device. + */ + QCA_WLAN_VENDOR_ATTR_WIFI_TEST_CONFIG_HE_MU_EDCA_TIMER = 19, + + /* 8-bit unsigned value to configure the HE trigger frame MAC padding + * duration. + * This attribute is used to configure the testbed device. + * Uses the enum qca_wlan_he_mac_padding_dur values. + */ + QCA_WLAN_VENDOR_ATTR_WIFI_TEST_CONFIG_HE_MAC_PADDING_DUR = 20, + + /* 8-bit unsigned value to override the MU EDCA params to defaults + * regardless of the AP beacon MU EDCA params. If it is enabled use + * the default values else use the MU EDCA params from AP beacon. + * This attribute is used to configure the testbed device. + * 1-enable, 0-disable. + */ + QCA_WLAN_VENDOR_ATTR_WIFI_TEST_CONFIG_OVERRIDE_MU_EDCA = 21, + + /* 8-bit unsigned value to configure the support for receiving + * an MPDU that contains an operating mode control subfield. + * This attribute is used to configure the testbed device. + * 1-enable, 0-disable. + */ + QCA_WLAN_VENDOR_ATTR_WIFI_TEST_CONFIG_HE_OM_CTRL_SUPP = 22, + + /* Nested attribute values required to setup the TWT session. + * enum qca_wlan_vendor_attr_twt_setup provides the necessary + * information to set up the session. It contains broadcast flags, + * set_up flags, trigger value, flow type, flow ID, wake interval + * exponent, protection, target wake time, wake duration, wake interval + * mantissa. These nested attributes are used to setup a host triggered + * TWT session. + */ + QCA_WLAN_VENDOR_ATTR_WIFI_TEST_CONFIG_TWT_SETUP = 23, + + /* This nested attribute is used to terminate the current TWT session. + * It does not currently carry any attributes. + */ + QCA_WLAN_VENDOR_ATTR_WIFI_TEST_CONFIG_TWT_TERMINATE = 24, + + /* This nested attribute is used to suspend the current TWT session. + * It does not currently carry any attributes. + */ + QCA_WLAN_VENDOR_ATTR_WIFI_TEST_CONFIG_TWT_SUSPEND = 25, + + /* Nested attribute values to indicate the request for resume. + * This attribute is used to resume the TWT session. + * enum qca_wlan_vendor_attr_twt_resume provides the necessary + * parameters required to resume the TWT session. + */ + QCA_WLAN_VENDOR_ATTR_WIFI_TEST_CONFIG_TWT_RESUME = 26, + + /* 8-bit unsigned value to set the HE operating mode control + * (OM CTRL) Channel Width subfield. + * The Channel Width subfield indicates the operating channel width + * supported by the STA for both reception and transmission. + * Uses the enum qca_wlan_he_om_ctrl_ch_bw values. + * This setting is cleared with the + * QCA_WLAN_VENDOR_ATTR_WIFI_TEST_CONFIG_CLEAR_HE_OM_CTRL_CONFIG + * flag attribute to reset defaults. + * This attribute is used to configure the testbed device. + */ + QCA_WLAN_VENDOR_ATTR_WIFI_TEST_CONFIG_HE_OM_CTRL_BW = 27, + + /* 8-bit unsigned value to configure the number of spatial + * streams in HE operating mode control field. + * This setting is cleared with the + * QCA_WLAN_VENDOR_ATTR_WIFI_TEST_CONFIG_CLEAR_HE_OM_CTRL_CONFIG + * flag attribute to reset defaults. + * This attribute is used to configure the testbed device. + */ + QCA_WLAN_VENDOR_ATTR_WIFI_TEST_CONFIG_HE_OM_CTRL_NSS = 28, + + /* Flag attribute to configure the UL MU disable bit in + * HE operating mode control field. + * This setting is cleared with the + * QCA_WLAN_VENDOR_ATTR_WIFI_TEST_CONFIG_CLEAR_HE_OM_CTRL_CONFIG + * flag attribute to reset defaults. + * This attribute is used to configure the testbed device. + */ + QCA_WLAN_VENDOR_ATTR_WIFI_TEST_CONFIG_HE_OM_CTRL_UL_MU_DISABLE = 29, + + /* Flag attribute to clear the previously set HE operating mode + * control field configuration. + * This attribute is used to configure the testbed device to reset + * defaults to clear any previously set HE operating mode control + * field configuration. + */ + QCA_WLAN_VENDOR_ATTR_WIFI_TEST_CONFIG_CLEAR_HE_OM_CTRL_CONFIG = 30, + + /* 8-bit unsigned value to configure HE single user PPDU + * transmission. By default this setting is disabled and it + * is disabled in the reset defaults of the device configuration. + * This attribute is used to configure the testbed device. + * 1-enable, 0-disable + */ + QCA_WLAN_VENDOR_ATTR_WIFI_TEST_CONFIG_HE_TX_SUPPDU = 31, + + /* 8-bit unsigned value to configure action frame transmission + * in HE trigger based PPDU transmission. + * By default this setting is disabled and it is disabled in + * the reset defaults of the device configuration. + * This attribute is used to configure the testbed device. + * 1-enable, 0-disable + */ + QCA_WLAN_VENDOR_ATTR_WIFI_TEST_CONFIG_HE_ACTION_TX_TB_PPDU = 32, + + /* keep last */ + QCA_WLAN_VENDOR_ATTR_WIFI_TEST_CONFIG_AFTER_LAST, + QCA_WLAN_VENDOR_ATTR_WIFI_TEST_CONFIG_MAX = + QCA_WLAN_VENDOR_ATTR_WIFI_TEST_CONFIG_AFTER_LAST - 1, +}; + +/** + * enum qca_wlan_vendor_attr_bss_filter - Used by the vendor command + * QCA_NL80211_VENDOR_SUBCMD_BSS_FILTER. + * The user can add/delete the filter by specifying the BSSID/STA MAC address in + * QCA_WLAN_VENDOR_ATTR_BSS_FILTER_MAC_ADDR, filter type in + * QCA_WLAN_VENDOR_ATTR_BSS_FILTER_TYPE, add/delete action in + * QCA_WLAN_VENDOR_ATTR_BSS_FILTER_ACTION in the request. The user can get the + * statistics of an unassociated station by specifying the MAC address in + * QCA_WLAN_VENDOR_ATTR_BSS_FILTER_MAC_ADDR, station type in + * QCA_WLAN_VENDOR_ATTR_BSS_FILTER_TYPE, GET action in + * QCA_WLAN_VENDOR_ATTR_BSS_FILTER_ACTION in the request. The user also can get + * the statistics of all unassociated stations by specifying the Broadcast MAC + * address (ff:ff:ff:ff:ff:ff) in QCA_WLAN_VENDOR_ATTR_BSS_FILTER_MAC_ADDR with + * above procedure. In the response, driver shall specify statistics + * information nested in QCA_WLAN_VENDOR_ATTR_BSS_FILTER_STA_STATS. + */ +enum qca_wlan_vendor_attr_bss_filter { + QCA_WLAN_VENDOR_ATTR_BSS_FILTER_INVALID = 0, + QCA_WLAN_VENDOR_ATTR_BSS_FILTER_MAC_ADDR = 1, + /* Other BSS filter type, unsigned 8 bit value. One of the values + * in enum qca_wlan_vendor_bss_filter_type. + */ + QCA_WLAN_VENDOR_ATTR_BSS_FILTER_TYPE = 2, + /* Other BSS filter action, unsigned 8 bit value. One of the values + * in enum qca_wlan_vendor_bss_filter_action. + */ + QCA_WLAN_VENDOR_ATTR_BSS_FILTER_ACTION = 3, + /* Array of nested attributes where each entry is the statistics + * information of the specified station that belong to another BSS. + * Attributes for each entry are taken from enum + * qca_wlan_vendor_bss_filter_sta_stats. + * Other BSS station configured in + * QCA_NL80211_VENDOR_SUBCMD_BSS_FILTER with filter type + * QCA_WLAN_VENDOR_BSS_FILTER_TYPE_STA. + * Statistics returned by QCA_NL80211_VENDOR_SUBCMD_BSS_FILTER + * with filter action QCA_WLAN_VENDOR_BSS_FILTER_ACTION_GET. + */ + QCA_WLAN_VENDOR_ATTR_BSS_FILTER_STA_STATS = 4, + + /* keep last */ + QCA_WLAN_VENDOR_ATTR_BSS_FILTER_AFTER_LAST, + QCA_WLAN_VENDOR_ATTR_BSS_FILTER_MAX = + QCA_WLAN_VENDOR_ATTR_BSS_FILTER_AFTER_LAST - 1, +}; + +/** + * enum qca_wlan_vendor_bss_filter_type - Type of + * filter used in other BSS filter operations. Used by the vendor command + * QCA_NL80211_VENDOR_SUBCMD_BSS_FILTER. + * + * @QCA_WLAN_VENDOR_BSS_FILTER_TYPE_BSSID: BSSID filter + * @QCA_WLAN_VENDOR_BSS_FILTER_TYPE_STA: Station MAC address filter + */ +enum qca_wlan_vendor_bss_filter_type { + QCA_WLAN_VENDOR_BSS_FILTER_TYPE_BSSID, + QCA_WLAN_VENDOR_BSS_FILTER_TYPE_STA, +}; + +/** + * enum qca_wlan_vendor_bss_filter_action - Type of + * action in other BSS filter operations. Used by the vendor command + * QCA_NL80211_VENDOR_SUBCMD_BSS_FILTER. + * + * @QCA_WLAN_VENDOR_BSS_FILTER_ACTION_ADD: Add filter + * @QCA_WLAN_VENDOR_BSS_FILTER_ACTION_DEL: Delete filter + * @QCA_WLAN_VENDOR_BSS_FILTER_ACTION_GET: Get the statistics + */ +enum qca_wlan_vendor_bss_filter_action { + QCA_WLAN_VENDOR_BSS_FILTER_ACTION_ADD, + QCA_WLAN_VENDOR_BSS_FILTER_ACTION_DEL, + QCA_WLAN_VENDOR_BSS_FILTER_ACTION_GET, +}; + +/** + * enum qca_wlan_vendor_bss_filter_sta_stats - Attributes for + * the statistics of a specific unassociated station belonging to another BSS. + * The statistics provides information of the unassociated station + * filtered by other BSS operation - such as MAC, signal value. + * Used by the vendor command QCA_NL80211_VENDOR_SUBCMD_BSS_FILTER. + * + * @QCA_WLAN_VENDOR_BSS_FILTER_STA_STATS_MAC: MAC address of the station. + * @QCA_WLAN_VENDOR_BSS_FILTER_STA_STATS_RSSI: Last received signal strength + * of the station. Unsigned 8 bit number containing RSSI. + * @QCA_WLAN_VENDOR_BSS_FILTER_STA_STATS_RSSI_TS: Time stamp of the host + * driver for the last received RSSI. Unsigned 64 bit number containing + * nanoseconds from the boottime. + */ +enum qca_wlan_vendor_bss_filter_sta_stats { + QCA_WLAN_VENDOR_BSS_FILTER_STA_STATS_INVALID = 0, + QCA_WLAN_VENDOR_BSS_FILTER_STA_STATS_MAC = 1, + QCA_WLAN_VENDOR_BSS_FILTER_STA_STATS_RSSI = 2, + QCA_WLAN_VENDOR_BSS_FILTER_STA_STATS_RSSI_TS = 3, + + /* keep last */ + QCA_WLAN_VENDOR_BSS_FILTER_STA_STATS_AFTER_LAST, + QCA_WLAN_VENDOR_BSS_FILTER_STA_STATS_MAX = + QCA_WLAN_VENDOR_BSS_FILTER_STA_STATS_AFTER_LAST - 1 +}; + +/* enum qca_wlan_nan_subcmd_type - Type of NAN command used by attribute + * QCA_WLAN_VENDOR_ATTR_NAN_SUBCMD_TYPE as a part of vendor command + * QCA_NL80211_VENDOR_SUBCMD_NAN_EXT. + */ +enum qca_wlan_nan_ext_subcmd_type { + /* Subcmd of type NAN Enable Request */ + QCA_WLAN_NAN_EXT_SUBCMD_TYPE_ENABLE_REQ = 1, + /* Subcmd of type NAN Disable Request */ + QCA_WLAN_NAN_EXT_SUBCMD_TYPE_DISABLE_REQ = 2, +}; + +/** + * enum qca_wlan_vendor_attr_nan_params - Used by the vendor command + * QCA_NL80211_VENDOR_SUBCMD_NAN_EXT. + */ +enum qca_wlan_vendor_attr_nan_params { + QCA_WLAN_VENDOR_ATTR_NAN_INVALID = 0, + /* Carries NAN command for firmware component. Every vendor command + * QCA_NL80211_VENDOR_SUBCMD_NAN_EXT must contain this attribute with a + * payload containing the NAN command. NLA_BINARY attribute. + */ + QCA_WLAN_VENDOR_ATTR_NAN_CMD_DATA = 1, + /* Indicates the type of NAN command sent with + * QCA_NL80211_VENDOR_SUBCMD_NAN_EXT. enum qca_wlan_nan_ext_subcmd_type + * describes the possible range of values. This attribute is mandatory + * if the command being issued is either + * QCA_WLAN_NAN_EXT_SUBCMD_TYPE_ENABLE_REQ or + * QCA_WLAN_NAN_EXT_SUBCMD_TYPE_DISABLE_REQ. NLA_U32 attribute. + */ + QCA_WLAN_VENDOR_ATTR_NAN_SUBCMD_TYPE = 2, + /* Frequency (in MHz) of primary NAN discovery social channel in 2.4 GHz + * band. This attribute is mandatory when command type is + * QCA_WLAN_NAN_EXT_SUBCMD_TYPE_ENABLE_REQ. NLA_U32 attribute. + */ + QCA_WLAN_VENDOR_ATTR_NAN_DISC_24GHZ_BAND_FREQ = 3, + /* Frequency (in MHz) of secondary NAN discovery social channel in 5 GHz + * band. This attribute is optional and should be included when command + * type is QCA_WLAN_NAN_EXT_SUBCMD_TYPE_ENABLE_REQ and NAN discovery + * has to be started on 5GHz along with 2.4GHz. NLA_U32 attribute. + */ + QCA_WLAN_VENDOR_ATTR_NAN_DISC_5GHZ_BAND_FREQ = 4, + + /* keep last */ + QCA_WLAN_VENDOR_ATTR_NAN_PARAMS_AFTER_LAST, + QCA_WLAN_VENDOR_ATTR_NAN_PARAMS_MAX = + QCA_WLAN_VENDOR_ATTR_NAN_PARAMS_AFTER_LAST - 1 +}; + +/** + * enum qca_wlan_vendor_attr_twt_setup: Represents attributes for + * TWT (Target Wake Time) setup request. These attributes are sent as part of + * %QCA_WLAN_VENDOR_ATTR_WIFI_TEST_CONFIG_TWT_SETUP and + * %QCA_NL80211_VENDOR_SUBCMD_WIFI_TEST_CONFIGURATION. + * + * @QCA_WLAN_VENDOR_ATTR_TWT_SETUP_BCAST: Flag attribute. + * Disable (flag attribute not present) - Individual TWT + * Enable (flag attribute present) - Broadcast TWT. + * Individual means the session is between the STA and the AP. + * This session is established using a separate negotiation between + * STA and AP. + * Broadcast means the session is across multiple STAs and an AP. The + * configuration parameters are announced in Beacon frames by the AP. + * + * @QCA_WLAN_VENDOR_ATTR_TWT_SETUP_REQ_TYPE: Required (u8). + * Unsigned 8-bit qca_wlan_vendor_twt_setup_req_type to + * specify the TWT request type + * + * @QCA_WLAN_VENDOR_ATTR_TWT_SETUP_TRIGGER: Flag attribute + * Enable (flag attribute present) - TWT with trigger support. + * Disable (flag attribute not present) - TWT without trigger support. + * Trigger means the AP will send the trigger frame to allow STA to send data. + * Without trigger, the STA will wait for the MU EDCA timer before + * transmitting the data. + * + * @QCA_WLAN_VENDOR_ATTR_TWT_SETUP_FLOW_TYPE: Required (u8) + * 0 - Announced TWT - In this mode, STA may skip few service periods to + * save more power. If STA wants to wake up, it will send a PS-POLL/QoS + * NULL frame to AP. + * 1 - Unannounced TWT - The STA will wakeup during every SP. + * + * @QCA_WLAN_VENDOR_ATTR_TWT_SETUP_FLOW_ID: Optional (u8) + * Flow ID is the unique identifier for each TWT session. + * Currently this is not required and dialog ID will be set to zero. + * + * @QCA_WLAN_VENDOR_ATTR_TWT_SETUP_WAKE_INTVL_EXP: Required (u8) + * This attribute (exp) is used along with the mantissa to derive the + * wake interval using the following formula: + * pow(2,exp) = wake_intvl_us/wake_intvl_mantis + * Wake interval is the interval between 2 successive SP. + * + * @QCA_WLAN_VENDOR_ATTR_TWT_SETUP_PROTECTION: Flag attribute + * Enable (flag attribute present) - Protection required. + * Disable (flag attribute not present) - Protection not required. + * If protection is enabled, then the AP will use protection + * mechanism using RTS/CTS to self to reserve the airtime. + * + * @QCA_WLAN_VENDOR_ATTR_TWT_SETUP_WAKE_TIME: Optional (u32) + * This attribute is used as the SP offset which is the offset from + * TSF after which the wake happens. The units are in microseconds. If + * this attribute is not provided, then the value will be set to zero. + * + * @QCA_WLAN_VENDOR_ATTR_TWT_SETUP_WAKE_DURATION: Required (u32) + * This is the duration of the service period. The units are in TU. + * + * @QCA_WLAN_VENDOR_ATTR_TWT_SETUP_WAKE_INTVL_MANTISSA: Required (u32) + * This attribute is used to configure wake interval mantissa. + * The units are in TU. + */ +enum qca_wlan_vendor_attr_twt_setup { + QCA_WLAN_VENDOR_ATTR_TWT_SETUP_INVALID = 0, + QCA_WLAN_VENDOR_ATTR_TWT_SETUP_BCAST = 1, + QCA_WLAN_VENDOR_ATTR_TWT_SETUP_REQ_TYPE = 2, + QCA_WLAN_VENDOR_ATTR_TWT_SETUP_TRIGGER = 3, + QCA_WLAN_VENDOR_ATTR_TWT_SETUP_FLOW_TYPE = 4, + QCA_WLAN_VENDOR_ATTR_TWT_SETUP_FLOW_ID = 5, + QCA_WLAN_VENDOR_ATTR_TWT_SETUP_WAKE_INTVL_EXP = 6, + QCA_WLAN_VENDOR_ATTR_TWT_SETUP_PROTECTION = 7, + QCA_WLAN_VENDOR_ATTR_TWT_SETUP_WAKE_TIME = 8, + QCA_WLAN_VENDOR_ATTR_TWT_SETUP_WAKE_DURATION = 9, + QCA_WLAN_VENDOR_ATTR_TWT_SETUP_WAKE_INTVL_MANTISSA = 10, + + /* keep last */ + QCA_WLAN_VENDOR_ATTR_TWT_SETUP_AFTER_LAST, + QCA_WLAN_VENDOR_ATTR_TWT_SETUP_MAX = + QCA_WLAN_VENDOR_ATTR_TWT_SETUP_AFTER_LAST - 1, +}; + +/** + * enum qca_wlan_vendor_attr_twt_resume: Represents attributes for + * TWT (Target Wake Time) resume request. These attributes are sent as part of + * %QCA_WLAN_VENDOR_ATTR_WIFI_TEST_CONFIG_TWT_RESUME and + * %QCA_NL80211_VENDOR_SUBCMD_WIFI_TEST_CONFIGURATION. + * + * @QCA_WLAN_VENDOR_ATTR_TWT_RESUME_NEXT_TWT: Optional (u8) + * This attribute is used as the SP offset which is the offset from + * TSF after which the wake happens. The units are in microseconds. + * If this attribute is not provided, then the value will be set to + * zero. + * + * @QCA_WLAN_VENDOR_ATTR_TWT_RESUME_NEXT_TWT_SIZE: Required (u32) + * This attribute represents the next TWT subfield size. + */ +enum qca_wlan_vendor_attr_twt_resume { + QCA_WLAN_VENDOR_ATTR_TWT_RESUME_INVALID = 0, + QCA_WLAN_VENDOR_ATTR_TWT_RESUME_NEXT_TWT = 1, + QCA_WLAN_VENDOR_ATTR_TWT_RESUME_NEXT_TWT_SIZE = 2, + + /* keep last */ + QCA_WLAN_VENDOR_ATTR_TWT_RESUME_AFTER_LAST, + QCA_WLAN_VENDOR_ATTR_TWT_RESUME_MAX = + QCA_WLAN_VENDOR_ATTR_TWT_RESUME_AFTER_LAST - 1, +}; + +/** + * enum qca_wlan_vendor_twt_setup_req_type - Required (u8) + * Represents the setup type being requested for TWT. + * @QCA_WLAN_VENDOR_TWT_SETUP_REQUEST: STA is not specifying all the TWT + * parameters but relying on AP to fill the parameters during the negotiation. + * @QCA_WLAN_VENDOR_TWT_SETUP_SUGGEST: STA will provide all the suggested + * values which the AP may accept or AP may provide alternative parameters + * which the STA may accept. + * @QCA_WLAN_VENDOR_TWT_SETUP_DEMAND: STA is not willing to accept any + * alternate parameters than the requested ones. + */ +enum qca_wlan_vendor_twt_setup_req_type { + QCA_WLAN_VENDOR_TWT_SETUP_REQUEST = 1, + QCA_WLAN_VENDOR_TWT_SETUP_SUGGEST = 2, + QCA_WLAN_VENDOR_TWT_SETUP_DEMAND = 3, +}; + +/** + * enum qca_wlan_roam_scan_event_type - Type of roam scan event + * + * Indicates the type of roam scan event sent by firmware/driver. + * + * @QCA_WLAN_ROAM_SCAN_TRIGGER_EVENT: Roam scan trigger event type. + * @QCA_WLAN_ROAM_SCAN_STOP_EVENT: Roam scan stopped event type. + */ +enum qca_wlan_roam_scan_event_type { + QCA_WLAN_ROAM_SCAN_TRIGGER_EVENT = 0, + QCA_WLAN_ROAM_SCAN_STOP_EVENT = 1, +}; + +/** + * enum qca_wlan_roam_scan_trigger_reason - Roam scan trigger reason + * + * Indicates the reason for triggering roam scan by firmware/driver. + * + * @QCA_WLAN_ROAM_SCAN_TRIGGER_REASON_LOW_RSSI: Due to low RSSI of current AP. + * @QCA_WLAN_ROAM_SCAN_TRIGGER_REASON_HIGH_PER: Due to high packet error rate. + */ +enum qca_wlan_roam_scan_trigger_reason { + QCA_WLAN_ROAM_SCAN_TRIGGER_REASON_LOW_RSSI = 0, + QCA_WLAN_ROAM_SCAN_TRIGGER_REASON_HIGH_PER = 1, +}; + +/** + * enum qca_wlan_vendor_attr_roam_scan - Vendor subcmd attributes to report + * roam scan related details from driver/firmware to user space. enum values + * are used for NL attributes sent with + * %QCA_NL80211_VENDOR_SUBCMD_ROAM_SCAN_EVENT sub command. + */ +enum qca_wlan_vendor_attr_roam_scan { + QCA_WLAN_VENDOR_ATTR_ROAM_SCAN_INVALID = 0, + /* Encapsulates type of roam scan event being reported. enum + * qca_wlan_roam_scan_event_type describes the possible range of + * values. u32 attribute. + */ + QCA_WLAN_VENDOR_ATTR_ROAM_SCAN_EVENT_TYPE = 1, + /* Encapsulates reason for triggering roam scan. enum + * qca_wlan_roam_scan_trigger_reason describes the possible range of + * values. u32 attribute. + */ + QCA_WLAN_VENDOR_ATTR_ROAM_SCAN_TRIGGER_REASON = 2, + + /* keep last */ + QCA_WLAN_VENDOR_ATTR_ROAM_SCAN_AFTER_LAST, + QCA_WLAN_VENDOR_ATTR_ROAM_SCAN_MAX = + QCA_WLAN_VENDOR_ATTR_ROAM_SCAN_AFTER_LAST - 1, +}; + +/** + * enum qca_wlan_vendor_cfr_method - QCA vendor CFR methods used by + * attribute QCA_WLAN_VENDOR_ATTR_PEER_CFR_METHOD as part of vendor + * command QCA_NL80211_VENDOR_SUBCMD_PEER_CFR_CAPTURE_CFG. + */ +enum qca_wlan_vendor_cfr_method { + /* CFR method using QOS Null frame */ + QCA_WLAN_VENDOR_CFR_METHOD_QOS_NULL = 0, +}; + +/** + * enum qca_wlan_vendor_peer_cfr_capture_attr - Used by the vendor command + * QCA_NL80211_VENDOR_SUBCMD_PEER_CFR_CAPTURE_CFG to configure peer + * Channel Frequency Response capture parameters and enable periodic CFR + * capture. + */ +enum qca_wlan_vendor_peer_cfr_capture_attr { + QCA_WLAN_VENDOR_ATTR_PEER_CFR_CAPTURE_INVALID = 0, + /* 6-byte MAC address of the peer. + * This attribute is mandatory. + */ + QCA_WLAN_VENDOR_ATTR_CFR_PEER_MAC_ADDR = 1, + /* Enable peer CFR Capture, flag attribute. + * This attribute is mandatory to enable peer CFR capture. + * If this attribute is not present, peer CFR capture is disabled. + */ + QCA_WLAN_VENDOR_ATTR_PEER_CFR_ENABLE = 2, + /* BW of measurement, attribute uses the values in enum nl80211_chan_width + * Supported values: 20, 40, 80, 80+80, 160. + * Note that all targets may not support all bandwidths. + * u8 attribute. This attribute is mandatory if attribute + * QCA_WLAN_VENDOR_ATTR_PEER_CFR_ENABLE is used. + */ + QCA_WLAN_VENDOR_ATTR_PEER_CFR_BANDWIDTH = 3, + /* Periodicity of CFR measurement in msec. + * Periodicity should be a multiple of Base timer. + * Current Base timer value supported is 10 msecs (default). + * 0 for one shot capture. u32 attribute. + * This attribute is mandatory if attribute + * QCA_WLAN_VENDOR_ATTR_PEER_CFR_ENABLE is used. + */ + QCA_WLAN_VENDOR_ATTR_PEER_CFR_PERIODICITY = 4, + /* Method used to capture Channel Frequency Response. + * Attribute uses the values defined in enum qca_wlan_vendor_cfr_method. + * u8 attribute. This attribute is mandatory if attribute + * QCA_WLAN_VENDOR_ATTR_PEER_CFR_ENABLE is used. + */ + QCA_WLAN_VENDOR_ATTR_PEER_CFR_METHOD = 5, + /* Enable periodic CFR capture, flag attribute. + * This attribute is mandatory to enable Periodic CFR capture. + * If this attribute is not present, periodic CFR capture is disabled. + */ + QCA_WLAN_VENDOR_ATTR_PERIODIC_CFR_CAPTURE_ENABLE = 6, + + /* Keep last */ + QCA_WLAN_VENDOR_ATTR_PEER_CFR_AFTER_LAST, + QCA_WLAN_VENDOR_ATTR_PEER_CFR_MAX = + QCA_WLAN_VENDOR_ATTR_PEER_CFR_AFTER_LAST - 1, +}; + +/** + * enum qca_wlan_throughput_level - Current throughput level + * + * Indicates the current level of throughput calculated by the driver. The + * driver may choose different thresholds to decide whether the throughput level + * is low or medium or high based on variety of parameters like physical link + * capacity of the current connection, the number of packets being dispatched + * per second, etc. The throughput level events might not be consistent with the + * actual current throughput value being observed. + * + * @QCA_WLAN_THROUGHPUT_LEVEL_LOW: Low level of throughput + * @QCA_WLAN_THROUGHPUT_LEVEL_MEDIUM: Medium level of throughput + * @QCA_WLAN_THROUGHPUT_LEVEL_HIGH: High level of throughput + */ +enum qca_wlan_throughput_level { + QCA_WLAN_THROUGHPUT_LEVEL_LOW = 0, + QCA_WLAN_THROUGHPUT_LEVEL_MEDIUM = 1, + QCA_WLAN_THROUGHPUT_LEVEL_HIGH = 2, +}; + +/** + * enum qca_wlan_vendor_attr_throughput_change - Vendor subcmd attributes to + * report throughput changes from the driver to user space. enum values are used + * for netlink attributes sent with + * %QCA_NL80211_VENDOR_SUBCMD_THROUGHPUT_CHANGE_EVENT sub command. + */ +enum qca_wlan_vendor_attr_throughput_change { + QCA_WLAN_VENDOR_ATTR_THROUGHPUT_CHANGE_INVALID = 0, + /* Indicates the direction of throughput in which the change is being + * reported. u8 attribute. Value is 0 for TX and 1 for RX. + */ + QCA_WLAN_VENDOR_ATTR_THROUGHPUT_CHANGE_DIRECTION = 1, + /* Indicates the newly observed throughput level. enum + * qca_wlan_throughput_level describes the possible range of values. + * u8 attribute. + */ + QCA_WLAN_VENDOR_ATTR_THROUGHPUT_CHANGE_THROUGHPUT_LEVEL = 2, + /* Indicates the driver's guidance on the new value to be set to + * kernel's TCP parameter tcp_limit_output_bytes. u32 attribute. The + * driver may optionally include this attribute. + */ + QCA_WLAN_VENDOR_ATTR_THROUGHPUT_CHANGE_TCP_LIMIT_OUTPUT_BYTES = 3, + /* Indicates the driver's guidance on the new value to be set to + * kernel's TCP parameter tcp_adv_win_scale. s8 attribute. Possible + * values are from -31 to 31. The driver may optionally include this + * attribute. + */ + QCA_WLAN_VENDOR_ATTR_THROUGHPUT_CHANGE_TCP_ADV_WIN_SCALE = 4, + /* Indicates the driver's guidance on the new value to be set to + * kernel's TCP parameter tcp_delack_seg. u32 attribute. The driver may + * optionally include this attribute. + */ + QCA_WLAN_VENDOR_ATTR_THROUGHPUT_CHANGE_TCP_DELACK_SEG = 5, + + /* keep last */ + QCA_WLAN_VENDOR_ATTR_THROUGHPUT_CHANGE_AFTER_LAST, + QCA_WLAN_VENDOR_ATTR_THROUGHPUT_CHANGE_MAX = + QCA_WLAN_VENDOR_ATTR_THROUGHPUT_CHANGE_AFTER_LAST - 1, +}; + +/** + * enum qca_coex_config_profiles - This enum defines different types of + * traffic streams that can be prioritized one over the other during coex + * scenarios. + * The types defined in this enum are categorized in the below manner. + * 0 - 31 values corresponds to WLAN + * 32 - 63 values corresponds to BT + * 64 - 95 values corresponds to Zigbee + * @QCA_WIFI_STA_DISCOVERY: Prioritize discovery frames for WLAN STA + * @QCA_WIFI_STA_CONNECTION: Prioritize connection frames for WLAN STA + * @QCA_WIFI_STA_CLASS_3_MGMT: Prioritize class 3 mgmt frames for WLAN STA + * @QCA_WIFI_STA_DATA : Prioritize data frames for WLAN STA + * @QCA_WIFI_STA_ALL: Priritize all frames for WLAN STA + * @QCA_WIFI_SAP_DISCOVERY: Prioritize discovery frames for WLAN SAP + * @QCA_WIFI_SAP_CONNECTION: Prioritize connection frames for WLAN SAP + * @QCA_WIFI_SAP_CLASS_3_MGMT: Prioritize class 3 mgmt frames for WLAN SAP + * @QCA_WIFI_SAP_DATA: Prioritize data frames for WLAN SAP + * @QCA_WIFI_SAP_ALL: Prioritize all frames for WLAN SAP + * @QCA_BT_A2DP: Prioritize BT A2DP + * @QCA_BT_BLE: Prioritize BT BLE + * @QCA_BT_SCO: Prioritize BT SCO + * @QCA_ZB_LOW: Prioritize Zigbee Low + * @QCA_ZB_HIGH: Prioritize Zigbee High + */ +enum qca_coex_config_profiles { + /* 0 - 31 corresponds to WLAN */ + QCA_WIFI_STA_DISCOVERY = 0, + QCA_WIFI_STA_CONNECTION = 1, + QCA_WIFI_STA_CLASS_3_MGMT = 2, + QCA_WIFI_STA_DATA = 3, + QCA_WIFI_STA_ALL = 4, + QCA_WIFI_SAP_DISCOVERY = 5, + QCA_WIFI_SAP_CONNECTION = 6, + QCA_WIFI_SAP_CLASS_3_MGMT = 7, + QCA_WIFI_SAP_DATA = 8, + QCA_WIFI_SAP_ALL = 9, + /* 32 - 63 corresponds to BT */ + QCA_BT_A2DP = 32, + QCA_BT_BLE = 33, + QCA_BT_SCO = 34, + /* 64 - 95 corresponds to Zigbee */ + QCA_ZB_LOW = 64, + QCA_ZB_HIGH = 65 +}; + +/** + * enum qca_vendor_attr_coex_config - Specifies vendor coex config attributes + * + * @QCA_VENDOR_ATTR_COEX_CONFIG_PROFILES: This attribute contains variable + * length array of 8-bit values from enum qca_coex_config_profiles. + * FW will prioritize the profiles in the order given in the array encapsulated + * in this attribute. + * For example: + * ----------------------------------------------------------------------- + * | 1 | 34 | 32 | 65 | + * ----------------------------------------------------------------------- + * If the attribute contains the values defined in above array then it means + * 1) Wifi STA connection has priority over BT_SCO, BT_A2DP and ZIGBEE HIGH. + * 2) BT_SCO has priority over BT_A2DP. + * 3) BT_A2DP has priority over ZIGBEE HIGH. + * Profiles which are not listed in this array shall not be preferred over the + * profiles which are listed in the array as a part of this attribute. + */ +enum qca_vendor_attr_coex_config { + QCA_VENDOR_ATTR_COEX_CONFIG_INVALID = 0, + QCA_VENDOR_ATTR_COEX_CONFIG_PROFILES = 1, + + /* Keep last */ + QCA_VENDOR_ATTR_COEX_CONFIG_AFTER_LAST, + QCA_VENDOR_ATTR_COEX_CONFIG_MAX = + QCA_VENDOR_ATTR_COEX_CONFIG_AFTER_LAST - 1, +}; + +/** + * enum qca_wlan_vendor_attr_link_properties - Represent the link properties. + * + * @QCA_WLAN_VENDOR_ATTR_LINK_PROPERTIES_MAC_ADDR: MAC address of the peer + * (STA/AP) for the connected link. + * @QCA_WLAN_VENDOR_ATTR_LINK_PROPERTIES_STA_FLAGS: Attribute containing a + * &struct nl80211_sta_flag_update for the respective connected link. MAC + * address of the peer represented by + * QCA_WLAN_VENDOR_ATTR_LINK_PROPERTIES_MAC_ADDR. + */ +enum qca_wlan_vendor_attr_link_properties { + QCA_WLAN_VENDOR_ATTR_LINK_PROPERTIES_INVALID = 0, + /* 1 - 3 are reserved */ + QCA_WLAN_VENDOR_ATTR_LINK_PROPERTIES_MAC_ADDR = 4, + QCA_WLAN_VENDOR_ATTR_LINK_PROPERTIES_STA_FLAGS = 5, + + /* Keep last */ + QCA_VENDOR_ATTR_LINK_PROPERTIES_AFTER_LAST, + QCA_VENDOR_ATTR_LINK_PROPERTIES_MAX = + QCA_VENDOR_ATTR_LINK_PROPERTIES_AFTER_LAST - 1, +}; + #endif /* QCA_VENDOR_H */ diff --git a/contrib/wpa/src/common/sae.c b/contrib/wpa/src/common/sae.c index 9f70f036ba76..981e788dc751 100644 --- a/contrib/wpa/src/common/sae.c +++ b/contrib/wpa/src/common/sae.c @@ -29,6 +29,8 @@ int sae_set_group(struct sae_data *sae, int group) /* First, check if this is an ECC group */ tmp->ec = crypto_ec_init(group); if (tmp->ec) { + wpa_printf(MSG_DEBUG, "SAE: Selecting supported ECC group %d", + group); sae->group = group; tmp->prime_len = crypto_ec_prime_len(tmp->ec); tmp->prime = crypto_ec_get_prime(tmp->ec); @@ -39,6 +41,8 @@ int sae_set_group(struct sae_data *sae, int group) /* Not an ECC group, check FFC */ tmp->dh = dh_groups_get(group); if (tmp->dh) { + wpa_printf(MSG_DEBUG, "SAE: Selecting supported FFC group %d", + group); sae->group = group; tmp->prime_len = tmp->dh->prime_len; if (tmp->prime_len > SAE_MAX_PRIME_LEN) { @@ -66,6 +70,8 @@ int sae_set_group(struct sae_data *sae, int group) } /* Unsupported group */ + wpa_printf(MSG_DEBUG, + "SAE: Group %d not supported by the crypto library", group); return -1; } @@ -88,6 +94,7 @@ void sae_clear_temp_data(struct sae_data *sae) crypto_ec_point_deinit(tmp->own_commit_element_ecc, 0); crypto_ec_point_deinit(tmp->peer_commit_element_ecc, 0); wpabuf_free(tmp->anti_clogging_token); + os_free(tmp->pw_id); bin_clear_free(tmp, sizeof(*tmp)); sae->tmp = NULL; } @@ -417,12 +424,13 @@ static int get_random_qr_qnr(const u8 *prime, size_t prime_len, static int sae_derive_pwe_ecc(struct sae_data *sae, const u8 *addr1, const u8 *addr2, const u8 *password, - size_t password_len) + size_t password_len, const char *identifier) { u8 counter, k = 40; u8 addrs[2 * ETH_ALEN]; - const u8 *addr[2]; - size_t len[2]; + const u8 *addr[3]; + size_t len[3]; + size_t num_elem; u8 dummy_password[32]; size_t dummy_password_len; int pwd_seed_odd = 0; @@ -454,10 +462,13 @@ static int sae_derive_pwe_ecc(struct sae_data *sae, const u8 *addr1, wpa_hexdump_ascii_key(MSG_DEBUG, "SAE: password", password, password_len); + if (identifier) + wpa_printf(MSG_DEBUG, "SAE: password identifier: %s", + identifier); /* * H(salt, ikm) = HMAC-SHA256(salt, ikm) - * base = password + * base = password [|| identifier] * pwd-seed = H(MAX(STA-A-MAC, STA-B-MAC) || MIN(STA-A-MAC, STA-B-MAC), * base || counter) */ @@ -465,8 +476,15 @@ static int sae_derive_pwe_ecc(struct sae_data *sae, const u8 *addr1, addr[0] = password; len[0] = password_len; - addr[1] = &counter; - len[1] = sizeof(counter); + num_elem = 1; + if (identifier) { + addr[num_elem] = (const u8 *) identifier; + len[num_elem] = os_strlen(identifier); + num_elem++; + } + addr[num_elem] = &counter; + len[num_elem] = sizeof(counter); + num_elem++; /* * Continue for at least k iterations to protect against side-channel @@ -484,8 +502,8 @@ static int sae_derive_pwe_ecc(struct sae_data *sae, const u8 *addr1, } wpa_printf(MSG_DEBUG, "SAE: counter = %u", counter); - if (hmac_sha256_vector(addrs, sizeof(addrs), 2, addr, len, - pwd_seed) < 0) + if (hmac_sha256_vector(addrs, sizeof(addrs), num_elem, + addr, len, pwd_seed) < 0) break; res = sae_test_pwd_seed_ecc(sae, pwd_seed, @@ -544,12 +562,13 @@ fail: static int sae_derive_pwe_ffc(struct sae_data *sae, const u8 *addr1, const u8 *addr2, const u8 *password, - size_t password_len) + size_t password_len, const char *identifier) { u8 counter; u8 addrs[2 * ETH_ALEN]; - const u8 *addr[2]; - size_t len[2]; + const u8 *addr[3]; + size_t len[3]; + size_t num_elem; int found = 0; if (sae->tmp->pwe_ffc == NULL) { @@ -564,14 +583,21 @@ static int sae_derive_pwe_ffc(struct sae_data *sae, const u8 *addr1, /* * H(salt, ikm) = HMAC-SHA256(salt, ikm) * pwd-seed = H(MAX(STA-A-MAC, STA-B-MAC) || MIN(STA-A-MAC, STA-B-MAC), - * password || counter) + * password [|| identifier] || counter) */ sae_pwd_seed_key(addr1, addr2, addrs); addr[0] = password; len[0] = password_len; - addr[1] = &counter; - len[1] = sizeof(counter); + num_elem = 1; + if (identifier) { + addr[num_elem] = (const u8 *) identifier; + len[num_elem] = os_strlen(identifier); + num_elem++; + } + addr[num_elem] = &counter; + len[num_elem] = sizeof(counter); + num_elem++; for (counter = 1; !found; counter++) { u8 pwd_seed[SHA256_MAC_LEN]; @@ -584,8 +610,8 @@ static int sae_derive_pwe_ffc(struct sae_data *sae, const u8 *addr1, } wpa_printf(MSG_DEBUG, "SAE: counter = %u", counter); - if (hmac_sha256_vector(addrs, sizeof(addrs), 2, addr, len, - pwd_seed) < 0) + if (hmac_sha256_vector(addrs, sizeof(addrs), num_elem, + addr, len, pwd_seed) < 0) break; res = sae_test_pwd_seed_ffc(sae, pwd_seed, sae->tmp->pwe_ffc); if (res < 0) @@ -696,13 +722,15 @@ fail: int sae_prepare_commit(const u8 *addr1, const u8 *addr2, const u8 *password, size_t password_len, - struct sae_data *sae) + const char *identifier, struct sae_data *sae) { if (sae->tmp == NULL || (sae->tmp->ec && sae_derive_pwe_ecc(sae, addr1, addr2, password, - password_len) < 0) || + password_len, + identifier) < 0) || (sae->tmp->dh && sae_derive_pwe_ffc(sae, addr1, addr2, password, - password_len) < 0) || + password_len, + identifier) < 0) || sae_derive_commit(sae) < 0) return -1; return 0; @@ -842,7 +870,7 @@ int sae_process_commit(struct sae_data *sae) void sae_write_commit(struct sae_data *sae, struct wpabuf *buf, - const struct wpabuf *token) + const struct wpabuf *token, const char *identifier) { u8 *pos; @@ -876,6 +904,16 @@ void sae_write_commit(struct sae_data *sae, struct wpabuf *buf, wpa_hexdump(MSG_DEBUG, "SAE: own commit-element", pos, sae->tmp->prime_len); } + + if (identifier) { + /* Password Identifier element */ + wpabuf_put_u8(buf, WLAN_EID_EXTENSION); + wpabuf_put_u8(buf, 1 + os_strlen(identifier)); + wpabuf_put_u8(buf, WLAN_EID_EXT_PASSWORD_IDENTIFIER); + wpabuf_put_str(buf, identifier); + wpa_printf(MSG_DEBUG, "SAE: own Password Identifier: %s", + identifier); + } } @@ -921,25 +959,70 @@ u16 sae_group_allowed(struct sae_data *sae, int *allowed_groups, u16 group) } +static int sae_is_password_id_elem(const u8 *pos, const u8 *end) +{ + return end - pos >= 3 && + pos[0] == WLAN_EID_EXTENSION && + pos[1] >= 1 && + end - pos - 2 >= pos[1] && + pos[2] == WLAN_EID_EXT_PASSWORD_IDENTIFIER; +} + + static void sae_parse_commit_token(struct sae_data *sae, const u8 **pos, const u8 *end, const u8 **token, size_t *token_len) { - if ((sae->tmp->ec ? 3 : 2) * sae->tmp->prime_len < end - *pos) { - size_t tlen = end - (*pos + (sae->tmp->ec ? 3 : 2) * - sae->tmp->prime_len); - wpa_hexdump(MSG_DEBUG, "SAE: Anti-Clogging Token", *pos, tlen); - if (token) - *token = *pos; - if (token_len) - *token_len = tlen; - *pos += tlen; - } else { - if (token) - *token = NULL; - if (token_len) - *token_len = 0; + size_t scalar_elem_len, tlen; + const u8 *elem; + + if (token) + *token = NULL; + if (token_len) + *token_len = 0; + + scalar_elem_len = (sae->tmp->ec ? 3 : 2) * sae->tmp->prime_len; + if (scalar_elem_len >= (size_t) (end - *pos)) + return; /* No extra data beyond peer scalar and element */ + + /* It is a bit difficult to parse this now that there is an + * optional variable length Anti-Clogging Token field and + * optional variable length Password Identifier element in the + * frame. We are sending out fixed length Anti-Clogging Token + * fields, so use that length as a requirement for the received + * token and check for the presence of possible Password + * Identifier element based on the element header information. + */ + tlen = end - (*pos + scalar_elem_len); + + if (tlen < SHA256_MAC_LEN) { + wpa_printf(MSG_DEBUG, + "SAE: Too short optional data (%u octets) to include our Anti-Clogging Token", + (unsigned int) tlen); + return; + } + + elem = *pos + scalar_elem_len; + if (sae_is_password_id_elem(elem, end)) { + /* Password Identifier element takes out all available + * extra octets, so there can be no Anti-Clogging token in + * this frame. */ + return; } + + elem += SHA256_MAC_LEN; + if (sae_is_password_id_elem(elem, end)) { + /* Password Identifier element is included in the end, so + * remove its length from the Anti-Clogging token field. */ + tlen -= 2 + elem[1]; + } + + wpa_hexdump(MSG_DEBUG, "SAE: Anti-Clogging Token", *pos, tlen); + if (token) + *token = *pos; + if (token_len) + *token_len = tlen; + *pos += tlen; } @@ -991,12 +1074,12 @@ static u16 sae_parse_commit_scalar(struct sae_data *sae, const u8 **pos, } -static u16 sae_parse_commit_element_ecc(struct sae_data *sae, const u8 *pos, +static u16 sae_parse_commit_element_ecc(struct sae_data *sae, const u8 **pos, const u8 *end) { u8 prime[SAE_MAX_ECC_PRIME_LEN]; - if (2 * sae->tmp->prime_len > end - pos) { + if (2 * sae->tmp->prime_len > end - *pos) { wpa_printf(MSG_DEBUG, "SAE: Not enough data for " "commit-element"); return WLAN_STATUS_UNSPECIFIED_FAILURE; @@ -1007,8 +1090,8 @@ static u16 sae_parse_commit_element_ecc(struct sae_data *sae, const u8 *pos, return WLAN_STATUS_UNSPECIFIED_FAILURE; /* element x and y coordinates < p */ - if (os_memcmp(pos, prime, sae->tmp->prime_len) >= 0 || - os_memcmp(pos + sae->tmp->prime_len, prime, + if (os_memcmp(*pos, prime, sae->tmp->prime_len) >= 0 || + os_memcmp(*pos + sae->tmp->prime_len, prime, sae->tmp->prime_len) >= 0) { wpa_printf(MSG_DEBUG, "SAE: Invalid coordinates in peer " "element"); @@ -1016,13 +1099,13 @@ static u16 sae_parse_commit_element_ecc(struct sae_data *sae, const u8 *pos, } wpa_hexdump(MSG_DEBUG, "SAE: Peer commit-element(x)", - pos, sae->tmp->prime_len); + *pos, sae->tmp->prime_len); wpa_hexdump(MSG_DEBUG, "SAE: Peer commit-element(y)", - pos + sae->tmp->prime_len, sae->tmp->prime_len); + *pos + sae->tmp->prime_len, sae->tmp->prime_len); crypto_ec_point_deinit(sae->tmp->peer_commit_element_ecc, 0); sae->tmp->peer_commit_element_ecc = - crypto_ec_point_from_bin(sae->tmp->ec, pos); + crypto_ec_point_from_bin(sae->tmp->ec, *pos); if (sae->tmp->peer_commit_element_ecc == NULL) return WLAN_STATUS_UNSPECIFIED_FAILURE; @@ -1032,27 +1115,29 @@ static u16 sae_parse_commit_element_ecc(struct sae_data *sae, const u8 *pos, return WLAN_STATUS_UNSPECIFIED_FAILURE; } + *pos += 2 * sae->tmp->prime_len; + return WLAN_STATUS_SUCCESS; } -static u16 sae_parse_commit_element_ffc(struct sae_data *sae, const u8 *pos, +static u16 sae_parse_commit_element_ffc(struct sae_data *sae, const u8 **pos, const u8 *end) { struct crypto_bignum *res, *one; const u8 one_bin[1] = { 0x01 }; - if (sae->tmp->prime_len > end - pos) { + if (sae->tmp->prime_len > end - *pos) { wpa_printf(MSG_DEBUG, "SAE: Not enough data for " "commit-element"); return WLAN_STATUS_UNSPECIFIED_FAILURE; } - wpa_hexdump(MSG_DEBUG, "SAE: Peer commit-element", pos, + wpa_hexdump(MSG_DEBUG, "SAE: Peer commit-element", *pos, sae->tmp->prime_len); crypto_bignum_deinit(sae->tmp->peer_commit_element_ffc, 0); sae->tmp->peer_commit_element_ffc = - crypto_bignum_init_set(pos, sae->tmp->prime_len); + crypto_bignum_init_set(*pos, sae->tmp->prime_len); if (sae->tmp->peer_commit_element_ffc == NULL) return WLAN_STATUS_UNSPECIFIED_FAILURE; /* 1 < element < p - 1 */ @@ -1080,11 +1165,13 @@ static u16 sae_parse_commit_element_ffc(struct sae_data *sae, const u8 *pos, } crypto_bignum_deinit(res, 0); + *pos += sae->tmp->prime_len; + return WLAN_STATUS_SUCCESS; } -static u16 sae_parse_commit_element(struct sae_data *sae, const u8 *pos, +static u16 sae_parse_commit_element(struct sae_data *sae, const u8 **pos, const u8 *end) { if (sae->tmp->dh) @@ -1093,6 +1180,44 @@ static u16 sae_parse_commit_element(struct sae_data *sae, const u8 *pos, } +static int sae_parse_password_identifier(struct sae_data *sae, + const u8 *pos, const u8 *end) +{ + wpa_hexdump(MSG_DEBUG, "SAE: Possible elements at the end of the frame", + pos, end - pos); + if (!sae_is_password_id_elem(pos, end)) { + if (sae->tmp->pw_id) { + wpa_printf(MSG_DEBUG, + "SAE: No Password Identifier included, but expected one (%s)", + sae->tmp->pw_id); + return WLAN_STATUS_UNKNOWN_PASSWORD_IDENTIFIER; + } + os_free(sae->tmp->pw_id); + sae->tmp->pw_id = NULL; + return WLAN_STATUS_SUCCESS; /* No Password Identifier */ + } + + if (sae->tmp->pw_id && + (pos[1] - 1 != (int) os_strlen(sae->tmp->pw_id) || + os_memcmp(sae->tmp->pw_id, pos + 3, pos[1] - 1) != 0)) { + wpa_printf(MSG_DEBUG, + "SAE: The included Password Identifier does not match the expected one (%s)", + sae->tmp->pw_id); + return WLAN_STATUS_UNKNOWN_PASSWORD_IDENTIFIER; + } + + os_free(sae->tmp->pw_id); + sae->tmp->pw_id = os_malloc(pos[1]); + if (!sae->tmp->pw_id) + return WLAN_STATUS_UNSPECIFIED_FAILURE; + os_memcpy(sae->tmp->pw_id, pos + 3, pos[1] - 1); + sae->tmp->pw_id[pos[1] - 1] = '\0'; + wpa_hexdump_ascii(MSG_DEBUG, "SAE: Received Password Identifier", + sae->tmp->pw_id, pos[1] - 1); + return WLAN_STATUS_SUCCESS; +} + + u16 sae_parse_commit(struct sae_data *sae, const u8 *data, size_t len, const u8 **token, size_t *token_len, int *allowed_groups) { @@ -1116,7 +1241,12 @@ u16 sae_parse_commit(struct sae_data *sae, const u8 *data, size_t len, return res; /* commit-element */ - res = sae_parse_commit_element(sae, pos, end); + res = sae_parse_commit_element(sae, &pos, end); + if (res != WLAN_STATUS_SUCCESS) + return res; + + /* Optional Password Identifier element */ + res = sae_parse_password_identifier(sae, pos, end); if (res != WLAN_STATUS_SUCCESS) return res; @@ -1235,7 +1365,8 @@ void sae_write_confirm(struct sae_data *sae, struct wpabuf *buf) /* Send-Confirm */ sc = wpabuf_put(buf, 0); wpabuf_put_le16(buf, sae->send_confirm); - sae->send_confirm++; + if (sae->send_confirm < 0xffff) + sae->send_confirm++; if (sae->tmp->ec) sae_cn_confirm_ecc(sae, sc, sae->tmp->own_commit_scalar, @@ -1292,3 +1423,19 @@ int sae_check_confirm(struct sae_data *sae, const u8 *data, size_t len) return 0; } + + +const char * sae_state_txt(enum sae_state state) +{ + switch (state) { + case SAE_NOTHING: + return "Nothing"; + case SAE_COMMITTED: + return "Committed"; + case SAE_CONFIRMED: + return "Confirmed"; + case SAE_ACCEPTED: + return "Accepted"; + } + return "?"; +} diff --git a/contrib/wpa/src/common/sae.h b/contrib/wpa/src/common/sae.h index a4270bc22d14..3fbcb58d155a 100644 --- a/contrib/wpa/src/common/sae.h +++ b/contrib/wpa/src/common/sae.h @@ -39,16 +39,22 @@ struct sae_temporary_data { struct crypto_bignum *prime_buf; struct crypto_bignum *order_buf; struct wpabuf *anti_clogging_token; + char *pw_id; +}; + +enum sae_state { + SAE_NOTHING, SAE_COMMITTED, SAE_CONFIRMED, SAE_ACCEPTED }; struct sae_data { - enum { SAE_NOTHING, SAE_COMMITTED, SAE_CONFIRMED, SAE_ACCEPTED } state; + enum sae_state state; u16 send_confirm; u8 pmk[SAE_PMK_LEN]; u8 pmkid[SAE_PMKID_LEN]; struct crypto_bignum *peer_commit_scalar; int group; - int sync; + unsigned int sync; /* protocol instance variable: Sync */ + u16 rc; /* protocol instance variable: Rc (received send-confirm) */ struct sae_temporary_data *tmp; }; @@ -58,14 +64,15 @@ void sae_clear_data(struct sae_data *sae); int sae_prepare_commit(const u8 *addr1, const u8 *addr2, const u8 *password, size_t password_len, - struct sae_data *sae); + const char *identifier, struct sae_data *sae); int sae_process_commit(struct sae_data *sae); void sae_write_commit(struct sae_data *sae, struct wpabuf *buf, - const struct wpabuf *token); + const struct wpabuf *token, const char *identifier); u16 sae_parse_commit(struct sae_data *sae, const u8 *data, size_t len, const u8 **token, size_t *token_len, int *allowed_groups); void sae_write_confirm(struct sae_data *sae, struct wpabuf *buf); int sae_check_confirm(struct sae_data *sae, const u8 *data, size_t len); u16 sae_group_allowed(struct sae_data *sae, int *allowed_groups, u16 group); +const char * sae_state_txt(enum sae_state state); #endif /* SAE_H */ diff --git a/contrib/wpa/src/common/version.h b/contrib/wpa/src/common/version.h index 75e5c6e006cc..2f47903d407c 100644 --- a/contrib/wpa/src/common/version.h +++ b/contrib/wpa/src/common/version.h @@ -9,6 +9,6 @@ #define GIT_VERSION_STR_POSTFIX "" #endif /* GIT_VERSION_STR_POSTFIX */ -#define VERSION_STR "2.6" VERSION_STR_POSTFIX GIT_VERSION_STR_POSTFIX +#define VERSION_STR "2.7" VERSION_STR_POSTFIX GIT_VERSION_STR_POSTFIX #endif /* VERSION_H */ diff --git a/contrib/wpa/src/common/wpa_common.c b/contrib/wpa/src/common/wpa_common.c index 299b8bbee031..2d989048ac94 100644 --- a/contrib/wpa/src/common/wpa_common.c +++ b/contrib/wpa/src/common/wpa_common.c @@ -1,6 +1,6 @@ /* * WPA/RSN - Shared functions for supplicant and authenticator - * Copyright (c) 2002-2015, Jouni Malinen <j@w1.fi> + * Copyright (c) 2002-2018, Jouni Malinen <j@w1.fi> * * This software may be distributed under the terms of the BSD license. * See README for more details. @@ -13,6 +13,7 @@ #include "crypto/sha1.h" #include "crypto/sha256.h" #include "crypto/sha384.h" +#include "crypto/sha512.h" #include "crypto/aes_wrap.h" #include "crypto/crypto.h" #include "ieee802_11_defs.h" @@ -20,27 +21,151 @@ #include "wpa_common.h" -static unsigned int wpa_kck_len(int akmp) +static unsigned int wpa_kck_len(int akmp, size_t pmk_len) { - if (akmp == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) + switch (akmp) { + case WPA_KEY_MGMT_IEEE8021X_SUITE_B_192: + case WPA_KEY_MGMT_FT_IEEE8021X_SHA384: + return 24; + case WPA_KEY_MGMT_FILS_SHA256: + case WPA_KEY_MGMT_FT_FILS_SHA256: + case WPA_KEY_MGMT_FILS_SHA384: + case WPA_KEY_MGMT_FT_FILS_SHA384: + return 0; + case WPA_KEY_MGMT_DPP: + return pmk_len / 2; + case WPA_KEY_MGMT_OWE: + return pmk_len / 2; + default: + return 16; + } +} + + +#ifdef CONFIG_IEEE80211R +static unsigned int wpa_kck2_len(int akmp) +{ + switch (akmp) { + case WPA_KEY_MGMT_FT_FILS_SHA256: + return 16; + case WPA_KEY_MGMT_FT_FILS_SHA384: return 24; - return 16; + default: + return 0; + } } +#endif /* CONFIG_IEEE80211R */ -static unsigned int wpa_kek_len(int akmp) +static unsigned int wpa_kek_len(int akmp, size_t pmk_len) { - if (akmp == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) + switch (akmp) { + case WPA_KEY_MGMT_FILS_SHA384: + case WPA_KEY_MGMT_FT_FILS_SHA384: + return 64; + case WPA_KEY_MGMT_IEEE8021X_SUITE_B_192: + case WPA_KEY_MGMT_FILS_SHA256: + case WPA_KEY_MGMT_FT_FILS_SHA256: + case WPA_KEY_MGMT_FT_IEEE8021X_SHA384: return 32; - return 16; + case WPA_KEY_MGMT_DPP: + return pmk_len <= 32 ? 16 : 32; + case WPA_KEY_MGMT_OWE: + return pmk_len <= 32 ? 16 : 32; + default: + return 16; + } } -unsigned int wpa_mic_len(int akmp) +#ifdef CONFIG_IEEE80211R +static unsigned int wpa_kek2_len(int akmp) { - if (akmp == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) + switch (akmp) { + case WPA_KEY_MGMT_FT_FILS_SHA256: + return 16; + case WPA_KEY_MGMT_FT_FILS_SHA384: + return 32; + default: + return 0; + } +} +#endif /* CONFIG_IEEE80211R */ + + +unsigned int wpa_mic_len(int akmp, size_t pmk_len) +{ + switch (akmp) { + case WPA_KEY_MGMT_IEEE8021X_SUITE_B_192: + case WPA_KEY_MGMT_FT_IEEE8021X_SHA384: return 24; - return 16; + case WPA_KEY_MGMT_FILS_SHA256: + case WPA_KEY_MGMT_FILS_SHA384: + case WPA_KEY_MGMT_FT_FILS_SHA256: + case WPA_KEY_MGMT_FT_FILS_SHA384: + return 0; + case WPA_KEY_MGMT_DPP: + return pmk_len / 2; + case WPA_KEY_MGMT_OWE: + return pmk_len / 2; + default: + return 16; + } +} + + +/** + * wpa_use_akm_defined - Is AKM-defined Key Descriptor Version used + * @akmp: WPA_KEY_MGMT_* used in key derivation + * Returns: 1 if AKM-defined Key Descriptor Version is used; 0 otherwise + */ +int wpa_use_akm_defined(int akmp) +{ + return akmp == WPA_KEY_MGMT_OSEN || + akmp == WPA_KEY_MGMT_OWE || + akmp == WPA_KEY_MGMT_DPP || + akmp == WPA_KEY_MGMT_FT_IEEE8021X_SHA384 || + wpa_key_mgmt_sae(akmp) || + wpa_key_mgmt_suite_b(akmp) || + wpa_key_mgmt_fils(akmp); +} + + +/** + * wpa_use_cmac - Is CMAC integrity algorithm used for EAPOL-Key MIC + * @akmp: WPA_KEY_MGMT_* used in key derivation + * Returns: 1 if CMAC is used; 0 otherwise + */ +int wpa_use_cmac(int akmp) +{ + return akmp == WPA_KEY_MGMT_OSEN || + akmp == WPA_KEY_MGMT_OWE || + akmp == WPA_KEY_MGMT_DPP || + wpa_key_mgmt_ft(akmp) || + wpa_key_mgmt_sha256(akmp) || + wpa_key_mgmt_sae(akmp) || + wpa_key_mgmt_suite_b(akmp); +} + + +/** + * wpa_use_aes_key_wrap - Is AES Keywrap algorithm used for EAPOL-Key Key Data + * @akmp: WPA_KEY_MGMT_* used in key derivation + * Returns: 1 if AES Keywrap is used; 0 otherwise + * + * Note: AKM 00-0F-AC:1 and 00-0F-AC:2 have special rules for selecting whether + * to use AES Keywrap based on the negotiated pairwise cipher. This function + * does not cover those special cases. + */ +int wpa_use_aes_key_wrap(int akmp) +{ + return akmp == WPA_KEY_MGMT_OSEN || + akmp == WPA_KEY_MGMT_OWE || + akmp == WPA_KEY_MGMT_DPP || + wpa_key_mgmt_ft(akmp) || + wpa_key_mgmt_sha256(akmp) || + wpa_key_mgmt_sae(akmp) || + wpa_key_mgmt_suite_b(akmp); } @@ -67,30 +192,50 @@ unsigned int wpa_mic_len(int akmp) int wpa_eapol_key_mic(const u8 *key, size_t key_len, int akmp, int ver, const u8 *buf, size_t len, u8 *mic) { - u8 hash[SHA384_MAC_LEN]; + u8 hash[SHA512_MAC_LEN]; + + if (key_len == 0) { + wpa_printf(MSG_DEBUG, + "WPA: KCK not set - cannot calculate MIC"); + return -1; + } switch (ver) { #ifndef CONFIG_FIPS case WPA_KEY_INFO_TYPE_HMAC_MD5_RC4: + wpa_printf(MSG_DEBUG, "WPA: EAPOL-Key MIC using HMAC-MD5"); return hmac_md5(key, key_len, buf, len, mic); #endif /* CONFIG_FIPS */ case WPA_KEY_INFO_TYPE_HMAC_SHA1_AES: + wpa_printf(MSG_DEBUG, "WPA: EAPOL-Key MIC using HMAC-SHA1"); if (hmac_sha1(key, key_len, buf, len, hash)) return -1; os_memcpy(mic, hash, MD5_MAC_LEN); break; #if defined(CONFIG_IEEE80211R) || defined(CONFIG_IEEE80211W) case WPA_KEY_INFO_TYPE_AES_128_CMAC: + wpa_printf(MSG_DEBUG, "WPA: EAPOL-Key MIC using AES-CMAC"); return omac1_aes_128(key, buf, len, mic); #endif /* CONFIG_IEEE80211R || CONFIG_IEEE80211W */ case WPA_KEY_INFO_TYPE_AKM_DEFINED: switch (akmp) { +#ifdef CONFIG_SAE + case WPA_KEY_MGMT_SAE: + case WPA_KEY_MGMT_FT_SAE: + wpa_printf(MSG_DEBUG, + "WPA: EAPOL-Key MIC using AES-CMAC (AKM-defined - SAE)"); + return omac1_aes_128(key, buf, len, mic); +#endif /* CONFIG_SAE */ #ifdef CONFIG_HS20 case WPA_KEY_MGMT_OSEN: + wpa_printf(MSG_DEBUG, + "WPA: EAPOL-Key MIC using AES-CMAC (AKM-defined - OSEN)"); return omac1_aes_128(key, buf, len, mic); #endif /* CONFIG_HS20 */ #ifdef CONFIG_SUITEB case WPA_KEY_MGMT_IEEE8021X_SUITE_B: + wpa_printf(MSG_DEBUG, + "WPA: EAPOL-Key MIC using HMAC-SHA256 (AKM-defined - Suite B)"); if (hmac_sha256(key, key_len, buf, len, hash)) return -1; os_memcpy(mic, hash, MD5_MAC_LEN); @@ -98,16 +243,79 @@ int wpa_eapol_key_mic(const u8 *key, size_t key_len, int akmp, int ver, #endif /* CONFIG_SUITEB */ #ifdef CONFIG_SUITEB192 case WPA_KEY_MGMT_IEEE8021X_SUITE_B_192: + wpa_printf(MSG_DEBUG, + "WPA: EAPOL-Key MIC using HMAC-SHA384 (AKM-defined - Suite B 192-bit)"); if (hmac_sha384(key, key_len, buf, len, hash)) return -1; os_memcpy(mic, hash, 24); break; #endif /* CONFIG_SUITEB192 */ +#ifdef CONFIG_OWE + case WPA_KEY_MGMT_OWE: + wpa_printf(MSG_DEBUG, + "WPA: EAPOL-Key MIC using HMAC-SHA%u (AKM-defined - OWE)", + (unsigned int) key_len * 8 * 2); + if (key_len == 128 / 8) { + if (hmac_sha256(key, key_len, buf, len, hash)) + return -1; + } else if (key_len == 192 / 8) { + if (hmac_sha384(key, key_len, buf, len, hash)) + return -1; + } else if (key_len == 256 / 8) { + if (hmac_sha512(key, key_len, buf, len, hash)) + return -1; + } else { + wpa_printf(MSG_INFO, + "OWE: Unsupported KCK length: %u", + (unsigned int) key_len); + return -1; + } + os_memcpy(mic, hash, key_len); + break; +#endif /* CONFIG_OWE */ +#ifdef CONFIG_DPP + case WPA_KEY_MGMT_DPP: + wpa_printf(MSG_DEBUG, + "WPA: EAPOL-Key MIC using HMAC-SHA%u (AKM-defined - DPP)", + (unsigned int) key_len * 8 * 2); + if (key_len == 128 / 8) { + if (hmac_sha256(key, key_len, buf, len, hash)) + return -1; + } else if (key_len == 192 / 8) { + if (hmac_sha384(key, key_len, buf, len, hash)) + return -1; + } else if (key_len == 256 / 8) { + if (hmac_sha512(key, key_len, buf, len, hash)) + return -1; + } else { + wpa_printf(MSG_INFO, + "DPP: Unsupported KCK length: %u", + (unsigned int) key_len); + return -1; + } + os_memcpy(mic, hash, key_len); + break; +#endif /* CONFIG_DPP */ +#if defined(CONFIG_IEEE80211R) && defined(CONFIG_SHA384) + case WPA_KEY_MGMT_FT_IEEE8021X_SHA384: + wpa_printf(MSG_DEBUG, + "WPA: EAPOL-Key MIC using HMAC-SHA384 (AKM-defined - FT 802.1X SHA384)"); + if (hmac_sha384(key, key_len, buf, len, hash)) + return -1; + os_memcpy(mic, hash, 24); + break; +#endif /* CONFIG_IEEE80211R && CONFIG_SHA384 */ default: + wpa_printf(MSG_DEBUG, + "WPA: EAPOL-Key MIC algorithm not known (AKM-defined - akmp=0x%x)", + akmp); return -1; } break; default: + wpa_printf(MSG_DEBUG, + "WPA: EAPOL-Key MIC algorithm not known (ver=%d)", + ver); return -1; } @@ -133,10 +341,6 @@ int wpa_eapol_key_mic(const u8 *key, size_t key_len, int akmp, int ver, * PTK = PRF-X(PMK, "Pairwise key expansion", * Min(AA, SA) || Max(AA, SA) || * Min(ANonce, SNonce) || Max(ANonce, SNonce)) - * - * STK = PRF-X(SMK, "Peer key expansion", - * Min(MAC_I, MAC_P) || Max(MAC_I, MAC_P) || - * Min(INonce, PNonce) || Max(INonce, PNonce)) */ int wpa_pmk_to_ptk(const u8 *pmk, size_t pmk_len, const char *label, const u8 *addr1, const u8 *addr2, @@ -147,6 +351,11 @@ int wpa_pmk_to_ptk(const u8 *pmk, size_t pmk_len, const char *label, u8 tmp[WPA_KCK_MAX_LEN + WPA_KEK_MAX_LEN + WPA_TK_MAX_LEN]; size_t ptk_len; + if (pmk_len == 0) { + wpa_printf(MSG_ERROR, "WPA: No PMK set for PTK derivation"); + return -1; + } + if (os_memcmp(addr1, addr2, ETH_ALEN) < 0) { os_memcpy(data, addr1, ETH_ALEN); os_memcpy(data + ETH_ALEN, addr2, ETH_ALEN); @@ -165,24 +374,62 @@ int wpa_pmk_to_ptk(const u8 *pmk, size_t pmk_len, const char *label, WPA_NONCE_LEN); } - ptk->kck_len = wpa_kck_len(akmp); - ptk->kek_len = wpa_kek_len(akmp); + ptk->kck_len = wpa_kck_len(akmp, pmk_len); + ptk->kek_len = wpa_kek_len(akmp, pmk_len); ptk->tk_len = wpa_cipher_key_len(cipher); + if (ptk->tk_len == 0) { + wpa_printf(MSG_ERROR, + "WPA: Unsupported cipher (0x%x) used in PTK derivation", + cipher); + return -1; + } ptk_len = ptk->kck_len + ptk->kek_len + ptk->tk_len; -#ifdef CONFIG_SUITEB192 - if (wpa_key_mgmt_sha384(akmp)) - sha384_prf(pmk, pmk_len, label, data, sizeof(data), - tmp, ptk_len); - else -#endif /* CONFIG_SUITEB192 */ -#ifdef CONFIG_IEEE80211W - if (wpa_key_mgmt_sha256(akmp)) - sha256_prf(pmk, pmk_len, label, data, sizeof(data), - tmp, ptk_len); - else -#endif /* CONFIG_IEEE80211W */ - sha1_prf(pmk, pmk_len, label, data, sizeof(data), tmp, ptk_len); + if (wpa_key_mgmt_sha384(akmp)) { +#if defined(CONFIG_SUITEB192) || defined(CONFIG_FILS) + wpa_printf(MSG_DEBUG, "WPA: PTK derivation using PRF(SHA384)"); + if (sha384_prf(pmk, pmk_len, label, data, sizeof(data), + tmp, ptk_len) < 0) + return -1; +#else /* CONFIG_SUITEB192 || CONFIG_FILS */ + return -1; +#endif /* CONFIG_SUITEB192 || CONFIG_FILS */ + } else if (wpa_key_mgmt_sha256(akmp) || akmp == WPA_KEY_MGMT_OWE) { +#if defined(CONFIG_IEEE80211W) || defined(CONFIG_SAE) || defined(CONFIG_FILS) + wpa_printf(MSG_DEBUG, "WPA: PTK derivation using PRF(SHA256)"); + if (sha256_prf(pmk, pmk_len, label, data, sizeof(data), + tmp, ptk_len) < 0) + return -1; +#else /* CONFIG_IEEE80211W or CONFIG_SAE or CONFIG_FILS */ + return -1; +#endif /* CONFIG_IEEE80211W or CONFIG_SAE or CONFIG_FILS */ +#ifdef CONFIG_DPP + } else if (akmp == WPA_KEY_MGMT_DPP && pmk_len == 32) { + wpa_printf(MSG_DEBUG, "WPA: PTK derivation using PRF(SHA256)"); + if (sha256_prf(pmk, pmk_len, label, data, sizeof(data), + tmp, ptk_len) < 0) + return -1; + } else if (akmp == WPA_KEY_MGMT_DPP && pmk_len == 48) { + wpa_printf(MSG_DEBUG, "WPA: PTK derivation using PRF(SHA384)"); + if (sha384_prf(pmk, pmk_len, label, data, sizeof(data), + tmp, ptk_len) < 0) + return -1; + } else if (akmp == WPA_KEY_MGMT_DPP && pmk_len == 64) { + wpa_printf(MSG_DEBUG, "WPA: PTK derivation using PRF(SHA512)"); + if (sha512_prf(pmk, pmk_len, label, data, sizeof(data), + tmp, ptk_len) < 0) + return -1; + } else if (akmp == WPA_KEY_MGMT_DPP) { + wpa_printf(MSG_INFO, "DPP: Unknown PMK length %u", + (unsigned int) pmk_len); + return -1; +#endif /* CONFIG_DPP */ + } else { + wpa_printf(MSG_DEBUG, "WPA: PTK derivation using PRF(SHA1)"); + if (sha1_prf(pmk, pmk_len, label, data, sizeof(data), tmp, + ptk_len) < 0) + return -1; + } wpa_printf(MSG_DEBUG, "WPA: PTK derivation - A1=" MACSTR " A2=" MACSTR, MAC2STR(addr1), MAC2STR(addr2)); @@ -200,10 +447,290 @@ int wpa_pmk_to_ptk(const u8 *pmk, size_t pmk_len, const char *label, os_memcpy(ptk->tk, tmp + ptk->kck_len + ptk->kek_len, ptk->tk_len); wpa_hexdump_key(MSG_DEBUG, "WPA: TK", ptk->tk, ptk->tk_len); + ptk->kek2_len = 0; + ptk->kck2_len = 0; + os_memset(tmp, 0, sizeof(tmp)); return 0; } +#ifdef CONFIG_FILS + +int fils_rmsk_to_pmk(int akmp, const u8 *rmsk, size_t rmsk_len, + const u8 *snonce, const u8 *anonce, const u8 *dh_ss, + size_t dh_ss_len, u8 *pmk, size_t *pmk_len) +{ + u8 nonces[2 * FILS_NONCE_LEN]; + const u8 *addr[2]; + size_t len[2]; + size_t num_elem; + int res; + + /* PMK = HMAC-Hash(SNonce || ANonce, rMSK [ || DHss ]) */ + wpa_printf(MSG_DEBUG, "FILS: rMSK to PMK derivation"); + + if (wpa_key_mgmt_sha384(akmp)) + *pmk_len = SHA384_MAC_LEN; + else if (wpa_key_mgmt_sha256(akmp)) + *pmk_len = SHA256_MAC_LEN; + else + return -1; + + wpa_hexdump_key(MSG_DEBUG, "FILS: rMSK", rmsk, rmsk_len); + wpa_hexdump(MSG_DEBUG, "FILS: SNonce", snonce, FILS_NONCE_LEN); + wpa_hexdump(MSG_DEBUG, "FILS: ANonce", anonce, FILS_NONCE_LEN); + wpa_hexdump(MSG_DEBUG, "FILS: DHss", dh_ss, dh_ss_len); + + os_memcpy(nonces, snonce, FILS_NONCE_LEN); + os_memcpy(&nonces[FILS_NONCE_LEN], anonce, FILS_NONCE_LEN); + addr[0] = rmsk; + len[0] = rmsk_len; + num_elem = 1; + if (dh_ss) { + addr[1] = dh_ss; + len[1] = dh_ss_len; + num_elem++; + } + if (wpa_key_mgmt_sha384(akmp)) + res = hmac_sha384_vector(nonces, 2 * FILS_NONCE_LEN, num_elem, + addr, len, pmk); + else + res = hmac_sha256_vector(nonces, 2 * FILS_NONCE_LEN, num_elem, + addr, len, pmk); + if (res == 0) + wpa_hexdump_key(MSG_DEBUG, "FILS: PMK", pmk, *pmk_len); + else + *pmk_len = 0; + return res; +} + + +int fils_pmkid_erp(int akmp, const u8 *reauth, size_t reauth_len, + u8 *pmkid) +{ + const u8 *addr[1]; + size_t len[1]; + u8 hash[SHA384_MAC_LEN]; + int res; + + /* PMKID = Truncate-128(Hash(EAP-Initiate/Reauth)) */ + addr[0] = reauth; + len[0] = reauth_len; + if (wpa_key_mgmt_sha384(akmp)) + res = sha384_vector(1, addr, len, hash); + else if (wpa_key_mgmt_sha256(akmp)) + res = sha256_vector(1, addr, len, hash); + else + return -1; + if (res) + return res; + os_memcpy(pmkid, hash, PMKID_LEN); + wpa_hexdump(MSG_DEBUG, "FILS: PMKID", pmkid, PMKID_LEN); + return 0; +} + + +int fils_pmk_to_ptk(const u8 *pmk, size_t pmk_len, const u8 *spa, const u8 *aa, + const u8 *snonce, const u8 *anonce, const u8 *dhss, + size_t dhss_len, struct wpa_ptk *ptk, + u8 *ick, size_t *ick_len, int akmp, int cipher, + u8 *fils_ft, size_t *fils_ft_len) +{ + u8 *data, *pos; + size_t data_len; + u8 tmp[FILS_ICK_MAX_LEN + WPA_KEK_MAX_LEN + WPA_TK_MAX_LEN + + FILS_FT_MAX_LEN]; + size_t key_data_len; + const char *label = "FILS PTK Derivation"; + int ret = -1; + + /* + * FILS-Key-Data = PRF-X(PMK, "FILS PTK Derivation", + * SPA || AA || SNonce || ANonce [ || DHss ]) + * ICK = L(FILS-Key-Data, 0, ICK_bits) + * KEK = L(FILS-Key-Data, ICK_bits, KEK_bits) + * TK = L(FILS-Key-Data, ICK_bits + KEK_bits, TK_bits) + * If doing FT initial mobility domain association: + * FILS-FT = L(FILS-Key-Data, ICK_bits + KEK_bits + TK_bits, + * FILS-FT_bits) + */ + data_len = 2 * ETH_ALEN + 2 * FILS_NONCE_LEN + dhss_len; + data = os_malloc(data_len); + if (!data) + goto err; + pos = data; + os_memcpy(pos, spa, ETH_ALEN); + pos += ETH_ALEN; + os_memcpy(pos, aa, ETH_ALEN); + pos += ETH_ALEN; + os_memcpy(pos, snonce, FILS_NONCE_LEN); + pos += FILS_NONCE_LEN; + os_memcpy(pos, anonce, FILS_NONCE_LEN); + pos += FILS_NONCE_LEN; + if (dhss) + os_memcpy(pos, dhss, dhss_len); + + ptk->kck_len = 0; + ptk->kek_len = wpa_kek_len(akmp, pmk_len); + ptk->tk_len = wpa_cipher_key_len(cipher); + if (wpa_key_mgmt_sha384(akmp)) + *ick_len = 48; + else if (wpa_key_mgmt_sha256(akmp)) + *ick_len = 32; + else + goto err; + key_data_len = *ick_len + ptk->kek_len + ptk->tk_len; + + if (fils_ft && fils_ft_len) { + if (akmp == WPA_KEY_MGMT_FT_FILS_SHA256) { + *fils_ft_len = 32; + } else if (akmp == WPA_KEY_MGMT_FT_FILS_SHA384) { + *fils_ft_len = 48; + } else { + *fils_ft_len = 0; + fils_ft = NULL; + } + key_data_len += *fils_ft_len; + } + + if (wpa_key_mgmt_sha384(akmp)) { + wpa_printf(MSG_DEBUG, "FILS: PTK derivation using PRF(SHA384)"); + if (sha384_prf(pmk, pmk_len, label, data, data_len, + tmp, key_data_len) < 0) + goto err; + } else { + wpa_printf(MSG_DEBUG, "FILS: PTK derivation using PRF(SHA256)"); + if (sha256_prf(pmk, pmk_len, label, data, data_len, + tmp, key_data_len) < 0) + goto err; + } + + wpa_printf(MSG_DEBUG, "FILS: PTK derivation - SPA=" MACSTR + " AA=" MACSTR, MAC2STR(spa), MAC2STR(aa)); + wpa_hexdump(MSG_DEBUG, "FILS: SNonce", snonce, FILS_NONCE_LEN); + wpa_hexdump(MSG_DEBUG, "FILS: ANonce", anonce, FILS_NONCE_LEN); + if (dhss) + wpa_hexdump_key(MSG_DEBUG, "FILS: DHss", dhss, dhss_len); + wpa_hexdump_key(MSG_DEBUG, "FILS: PMK", pmk, pmk_len); + wpa_hexdump_key(MSG_DEBUG, "FILS: FILS-Key-Data", tmp, key_data_len); + + os_memcpy(ick, tmp, *ick_len); + wpa_hexdump_key(MSG_DEBUG, "FILS: ICK", ick, *ick_len); + + os_memcpy(ptk->kek, tmp + *ick_len, ptk->kek_len); + wpa_hexdump_key(MSG_DEBUG, "FILS: KEK", ptk->kek, ptk->kek_len); + + os_memcpy(ptk->tk, tmp + *ick_len + ptk->kek_len, ptk->tk_len); + wpa_hexdump_key(MSG_DEBUG, "FILS: TK", ptk->tk, ptk->tk_len); + + if (fils_ft && fils_ft_len) { + os_memcpy(fils_ft, tmp + *ick_len + ptk->kek_len + ptk->tk_len, + *fils_ft_len); + wpa_hexdump_key(MSG_DEBUG, "FILS: FILS-FT", + fils_ft, *fils_ft_len); + } + + ptk->kek2_len = 0; + ptk->kck2_len = 0; + + os_memset(tmp, 0, sizeof(tmp)); + ret = 0; +err: + bin_clear_free(data, data_len); + return ret; +} + + +int fils_key_auth_sk(const u8 *ick, size_t ick_len, const u8 *snonce, + const u8 *anonce, const u8 *sta_addr, const u8 *bssid, + const u8 *g_sta, size_t g_sta_len, + const u8 *g_ap, size_t g_ap_len, + int akmp, u8 *key_auth_sta, u8 *key_auth_ap, + size_t *key_auth_len) +{ + const u8 *addr[6]; + size_t len[6]; + size_t num_elem = 4; + int res; + + wpa_printf(MSG_DEBUG, "FILS: Key-Auth derivation: STA-MAC=" MACSTR + " AP-BSSID=" MACSTR, MAC2STR(sta_addr), MAC2STR(bssid)); + wpa_hexdump_key(MSG_DEBUG, "FILS: ICK", ick, ick_len); + wpa_hexdump(MSG_DEBUG, "FILS: SNonce", snonce, FILS_NONCE_LEN); + wpa_hexdump(MSG_DEBUG, "FILS: ANonce", anonce, FILS_NONCE_LEN); + wpa_hexdump(MSG_DEBUG, "FILS: gSTA", g_sta, g_sta_len); + wpa_hexdump(MSG_DEBUG, "FILS: gAP", g_ap, g_ap_len); + + /* + * For (Re)Association Request frame (STA->AP): + * Key-Auth = HMAC-Hash(ICK, SNonce || ANonce || STA-MAC || AP-BSSID + * [ || gSTA || gAP ]) + */ + addr[0] = snonce; + len[0] = FILS_NONCE_LEN; + addr[1] = anonce; + len[1] = FILS_NONCE_LEN; + addr[2] = sta_addr; + len[2] = ETH_ALEN; + addr[3] = bssid; + len[3] = ETH_ALEN; + if (g_sta && g_ap_len && g_ap && g_ap_len) { + addr[4] = g_sta; + len[4] = g_sta_len; + addr[5] = g_ap; + len[5] = g_ap_len; + num_elem = 6; + } + + if (wpa_key_mgmt_sha384(akmp)) { + *key_auth_len = 48; + res = hmac_sha384_vector(ick, ick_len, num_elem, addr, len, + key_auth_sta); + } else if (wpa_key_mgmt_sha256(akmp)) { + *key_auth_len = 32; + res = hmac_sha256_vector(ick, ick_len, num_elem, addr, len, + key_auth_sta); + } else { + return -1; + } + if (res < 0) + return res; + + /* + * For (Re)Association Response frame (AP->STA): + * Key-Auth = HMAC-Hash(ICK, ANonce || SNonce || AP-BSSID || STA-MAC + * [ || gAP || gSTA ]) + */ + addr[0] = anonce; + addr[1] = snonce; + addr[2] = bssid; + addr[3] = sta_addr; + if (g_sta && g_ap_len && g_ap && g_ap_len) { + addr[4] = g_ap; + len[4] = g_ap_len; + addr[5] = g_sta; + len[5] = g_sta_len; + } + + if (wpa_key_mgmt_sha384(akmp)) + res = hmac_sha384_vector(ick, ick_len, num_elem, addr, len, + key_auth_ap); + else if (wpa_key_mgmt_sha256(akmp)) + res = hmac_sha256_vector(ick, ick_len, num_elem, addr, len, + key_auth_ap); + if (res < 0) + return res; + + wpa_hexdump(MSG_DEBUG, "FILS: Key-Auth (STA)", + key_auth_sta, *key_auth_len); + wpa_hexdump(MSG_DEBUG, "FILS: Key-Auth (AP)", + key_auth_ap, *key_auth_len); + + return 0; +} + +#endif /* CONFIG_FILS */ + #ifdef CONFIG_IEEE80211R int wpa_ft_mic(const u8 *kck, size_t kck_len, const u8 *sta_addr, @@ -216,14 +743,23 @@ int wpa_ft_mic(const u8 *kck, size_t kck_len, const u8 *sta_addr, const u8 *addr[9]; size_t len[9]; size_t i, num_elem = 0; - u8 zero_mic[16]; - - if (kck_len != 16) { + u8 zero_mic[24]; + size_t mic_len, fte_fixed_len; + + if (kck_len == 16) { + mic_len = 16; +#ifdef CONFIG_SHA384 + } else if (kck_len == 24) { + mic_len = 24; +#endif /* CONFIG_SHA384 */ + } else { wpa_printf(MSG_WARNING, "FT: Unsupported KCK length %u", (unsigned int) kck_len); return -1; } + fte_fixed_len = sizeof(struct rsn_ftie) - 16 + mic_len; + addr[num_elem] = sta_addr; len[num_elem] = ETH_ALEN; num_elem++; @@ -247,7 +783,7 @@ int wpa_ft_mic(const u8 *kck, size_t kck_len, const u8 *sta_addr, num_elem++; } if (ftie) { - if (ftie_len < 2 + sizeof(struct rsn_ftie)) + if (ftie_len < 2 + fte_fixed_len) return -1; /* IE hdr and mic_control */ @@ -256,14 +792,14 @@ int wpa_ft_mic(const u8 *kck, size_t kck_len, const u8 *sta_addr, num_elem++; /* MIC field with all zeros */ - os_memset(zero_mic, 0, sizeof(zero_mic)); + os_memset(zero_mic, 0, mic_len); addr[num_elem] = zero_mic; - len[num_elem] = sizeof(zero_mic); + len[num_elem] = mic_len; num_elem++; /* Rest of FTIE */ - addr[num_elem] = ftie + 2 + 2 + 16; - len[num_elem] = ftie_len - (2 + 2 + 16); + addr[num_elem] = ftie + 2 + 2 + mic_len; + len[num_elem] = ftie_len - (2 + 2 + mic_len); num_elem++; } if (ric) { @@ -274,7 +810,17 @@ int wpa_ft_mic(const u8 *kck, size_t kck_len, const u8 *sta_addr, for (i = 0; i < num_elem; i++) wpa_hexdump(MSG_MSGDUMP, "FT: MIC data", addr[i], len[i]); - if (omac1_aes_128_vector(kck, num_elem, addr, len, mic)) +#ifdef CONFIG_SHA384 + if (kck_len == 24) { + u8 hash[SHA384_MAC_LEN]; + + if (hmac_sha384_vector(kck, kck_len, num_elem, addr, len, hash)) + return -1; + os_memcpy(mic, hash, 24); + } +#endif /* CONFIG_SHA384 */ + if (kck_len == 16 && + omac1_aes_128_vector(kck, num_elem, addr, len, mic)) return -1; return 0; @@ -282,23 +828,27 @@ int wpa_ft_mic(const u8 *kck, size_t kck_len, const u8 *sta_addr, static int wpa_ft_parse_ftie(const u8 *ie, size_t ie_len, - struct wpa_ft_ies *parse) + struct wpa_ft_ies *parse, int use_sha384) { const u8 *end, *pos; parse->ftie = ie; parse->ftie_len = ie_len; - pos = ie + sizeof(struct rsn_ftie); + pos = ie + (use_sha384 ? sizeof(struct rsn_ftie_sha384) : + sizeof(struct rsn_ftie)); end = ie + ie_len; + wpa_hexdump(MSG_DEBUG, "FT: Parse FTE subelements", pos, end - pos); while (end - pos >= 2) { u8 id, len; id = *pos++; len = *pos++; - if (len > end - pos) + if (len > end - pos) { + wpa_printf(MSG_DEBUG, "FT: Truncated subelement"); break; + } switch (id) { case FTIE_SUBELEM_R1KH_ID: @@ -330,6 +880,9 @@ static int wpa_ft_parse_ftie(const u8 *ie, size_t ie_len, parse->igtk_len = len; break; #endif /* CONFIG_IEEE80211W */ + default: + wpa_printf(MSG_DEBUG, "FT: Unknown subelem id %u", id); + break; } pos += len; @@ -340,13 +893,19 @@ static int wpa_ft_parse_ftie(const u8 *ie, size_t ie_len, int wpa_ft_parse_ies(const u8 *ies, size_t ies_len, - struct wpa_ft_ies *parse) + struct wpa_ft_ies *parse, int use_sha384) { const u8 *end, *pos; struct wpa_ie_data data; int ret; const struct rsn_ftie *ftie; int prot_ie_count = 0; + int update_use_sha384 = 0; + + if (use_sha384 < 0) { + use_sha384 = 0; + update_use_sha384 = 1; + } os_memset(parse, 0, sizeof(*parse)); if (ies == NULL) @@ -364,6 +923,7 @@ int wpa_ft_parse_ies(const u8 *ies, size_t ies_len, switch (id) { case WLAN_EID_RSN: + wpa_hexdump(MSG_DEBUG, "FT: RSNE", pos, len); parse->rsn = pos; parse->rsn_len = len; ret = wpa_parse_wpa_ie_rsn(parse->rsn - 2, @@ -376,22 +936,65 @@ int wpa_ft_parse_ies(const u8 *ies, size_t ies_len, } if (data.num_pmkid == 1 && data.pmkid) parse->rsn_pmkid = data.pmkid; + parse->key_mgmt = data.key_mgmt; + parse->pairwise_cipher = data.pairwise_cipher; + if (update_use_sha384) { + use_sha384 = + wpa_key_mgmt_sha384(parse->key_mgmt); + update_use_sha384 = 0; + } break; case WLAN_EID_MOBILITY_DOMAIN: + wpa_hexdump(MSG_DEBUG, "FT: MDE", pos, len); if (len < sizeof(struct rsn_mdie)) return -1; parse->mdie = pos; parse->mdie_len = len; break; case WLAN_EID_FAST_BSS_TRANSITION: + wpa_hexdump(MSG_DEBUG, "FT: FTE", pos, len); + if (use_sha384) { + const struct rsn_ftie_sha384 *ftie_sha384; + + if (len < sizeof(*ftie_sha384)) + return -1; + ftie_sha384 = + (const struct rsn_ftie_sha384 *) pos; + wpa_hexdump(MSG_DEBUG, "FT: FTE-MIC Control", + ftie_sha384->mic_control, 2); + wpa_hexdump(MSG_DEBUG, "FT: FTE-MIC", + ftie_sha384->mic, + sizeof(ftie_sha384->mic)); + wpa_hexdump(MSG_DEBUG, "FT: FTE-ANonce", + ftie_sha384->anonce, + WPA_NONCE_LEN); + wpa_hexdump(MSG_DEBUG, "FT: FTE-SNonce", + ftie_sha384->snonce, + WPA_NONCE_LEN); + prot_ie_count = ftie_sha384->mic_control[1]; + if (wpa_ft_parse_ftie(pos, len, parse, 1) < 0) + return -1; + break; + } + if (len < sizeof(*ftie)) return -1; ftie = (const struct rsn_ftie *) pos; + wpa_hexdump(MSG_DEBUG, "FT: FTE-MIC Control", + ftie->mic_control, 2); + wpa_hexdump(MSG_DEBUG, "FT: FTE-MIC", + ftie->mic, sizeof(ftie->mic)); + wpa_hexdump(MSG_DEBUG, "FT: FTE-ANonce", + ftie->anonce, WPA_NONCE_LEN); + wpa_hexdump(MSG_DEBUG, "FT: FTE-SNonce", + ftie->snonce, WPA_NONCE_LEN); prot_ie_count = ftie->mic_control[1]; - if (wpa_ft_parse_ftie(pos, len, parse) < 0) + if (wpa_ft_parse_ftie(pos, len, parse, 0) < 0) return -1; break; case WLAN_EID_TIMEOUT_INTERVAL: + wpa_hexdump(MSG_DEBUG, "FT: Timeout Interval", + pos, len); if (len != 5) break; parse->tie = pos; @@ -493,6 +1096,10 @@ static int rsn_key_mgmt_to_bitfield(const u8 *s) return WPA_KEY_MGMT_FT_IEEE8021X; if (RSN_SELECTOR_GET(s) == RSN_AUTH_KEY_MGMT_FT_PSK) return WPA_KEY_MGMT_FT_PSK; +#ifdef CONFIG_SHA384 + if (RSN_SELECTOR_GET(s) == RSN_AUTH_KEY_MGMT_FT_802_1X_SHA384) + return WPA_KEY_MGMT_FT_IEEE8021X_SHA384; +#endif /* CONFIG_SHA384 */ #endif /* CONFIG_IEEE80211R */ #ifdef CONFIG_IEEE80211W if (RSN_SELECTOR_GET(s) == RSN_AUTH_KEY_MGMT_802_1X_SHA256) @@ -510,6 +1117,22 @@ static int rsn_key_mgmt_to_bitfield(const u8 *s) return WPA_KEY_MGMT_IEEE8021X_SUITE_B; if (RSN_SELECTOR_GET(s) == RSN_AUTH_KEY_MGMT_802_1X_SUITE_B_192) return WPA_KEY_MGMT_IEEE8021X_SUITE_B_192; + if (RSN_SELECTOR_GET(s) == RSN_AUTH_KEY_MGMT_FILS_SHA256) + return WPA_KEY_MGMT_FILS_SHA256; + if (RSN_SELECTOR_GET(s) == RSN_AUTH_KEY_MGMT_FILS_SHA384) + return WPA_KEY_MGMT_FILS_SHA384; + if (RSN_SELECTOR_GET(s) == RSN_AUTH_KEY_MGMT_FT_FILS_SHA256) + return WPA_KEY_MGMT_FT_FILS_SHA256; + if (RSN_SELECTOR_GET(s) == RSN_AUTH_KEY_MGMT_FT_FILS_SHA384) + return WPA_KEY_MGMT_FT_FILS_SHA384; +#ifdef CONFIG_OWE + if (RSN_SELECTOR_GET(s) == RSN_AUTH_KEY_MGMT_OWE) + return WPA_KEY_MGMT_OWE; +#endif /* CONFIG_OWE */ +#ifdef CONFIG_DPP + if (RSN_SELECTOR_GET(s) == RSN_AUTH_KEY_MGMT_DPP) + return WPA_KEY_MGMT_DPP; +#endif /* CONFIG_DPP */ if (RSN_SELECTOR_GET(s) == RSN_AUTH_KEY_MGMT_OSEN) return WPA_KEY_MGMT_OSEN; return 0; @@ -579,6 +1202,8 @@ int wpa_parse_wpa_ie_rsn(const u8 *rsn_ie, size_t rsn_ie_len, pos = rsn_ie + 6; left = rsn_ie_len - 6; + data->group_cipher = WPA_CIPHER_GTK_NOT_USED; + data->key_mgmt = WPA_KEY_MGMT_OSEN; data->proto = WPA_PROTO_OSEN; } else { const struct rsn_ie_hdr *hdr; @@ -849,27 +1474,39 @@ int wpa_parse_wpa_ie_wpa(const u8 *wpa_ie, size_t wpa_ie_len, * * IEEE Std 802.11r-2008 - 8.5.1.5.3 */ -void wpa_derive_pmk_r0(const u8 *xxkey, size_t xxkey_len, - const u8 *ssid, size_t ssid_len, - const u8 *mdid, const u8 *r0kh_id, size_t r0kh_id_len, - const u8 *s0kh_id, u8 *pmk_r0, u8 *pmk_r0_name) +int wpa_derive_pmk_r0(const u8 *xxkey, size_t xxkey_len, + const u8 *ssid, size_t ssid_len, + const u8 *mdid, const u8 *r0kh_id, size_t r0kh_id_len, + const u8 *s0kh_id, u8 *pmk_r0, u8 *pmk_r0_name, + int use_sha384) { u8 buf[1 + SSID_MAX_LEN + MOBILITY_DOMAIN_ID_LEN + 1 + FT_R0KH_ID_MAX_LEN + ETH_ALEN]; - u8 *pos, r0_key_data[48], hash[32]; + u8 *pos, r0_key_data[64], hash[48]; const u8 *addr[2]; size_t len[2]; + size_t q = use_sha384 ? 48 : 32; + size_t r0_key_data_len = q + 16; /* * R0-Key-Data = KDF-384(XXKey, "FT-R0", * SSIDlength || SSID || MDID || R0KHlength || * R0KH-ID || S0KH-ID) - * XXKey is either the second 256 bits of MSK or PSK. - * PMK-R0 = L(R0-Key-Data, 0, 256) - * PMK-R0Name-Salt = L(R0-Key-Data, 256, 128) + * XXKey is either the second 256 bits of MSK or PSK; or the first + * 384 bits of MSK for FT-EAP-SHA384. + * PMK-R0 = L(R0-Key-Data, 0, Q) + * PMK-R0Name-Salt = L(R0-Key-Data, Q, 128) + * Q = 384 for FT-EAP-SHA384; otherwise, 256 */ if (ssid_len > SSID_MAX_LEN || r0kh_id_len > FT_R0KH_ID_MAX_LEN) - return; + return -1; + wpa_printf(MSG_DEBUG, "FT: Derive PMK-R0 using KDF-%s", + use_sha384 ? "SHA384" : "SHA256"); + wpa_hexdump_key(MSG_DEBUG, "FT: XXKey", xxkey, xxkey_len); + wpa_hexdump_ascii(MSG_DEBUG, "FT: SSID", ssid, ssid_len); + wpa_hexdump(MSG_DEBUG, "FT: MDID", mdid, MOBILITY_DOMAIN_ID_LEN); + wpa_hexdump_ascii(MSG_DEBUG, "FT: R0KH-ID", r0kh_id, r0kh_id_len); + wpa_printf(MSG_DEBUG, "FT: S0KH-ID: " MACSTR, MAC2STR(s0kh_id)); pos = buf; *pos++ = ssid_len; os_memcpy(pos, ssid, ssid_len); @@ -882,20 +1519,51 @@ void wpa_derive_pmk_r0(const u8 *xxkey, size_t xxkey_len, os_memcpy(pos, s0kh_id, ETH_ALEN); pos += ETH_ALEN; - sha256_prf(xxkey, xxkey_len, "FT-R0", buf, pos - buf, - r0_key_data, sizeof(r0_key_data)); - os_memcpy(pmk_r0, r0_key_data, PMK_LEN); +#ifdef CONFIG_SHA384 + if (use_sha384) { + if (xxkey_len != SHA384_MAC_LEN) { + wpa_printf(MSG_ERROR, + "FT: Unexpected XXKey length %d (expected %d)", + (int) xxkey_len, SHA384_MAC_LEN); + return -1; + } + if (sha384_prf(xxkey, xxkey_len, "FT-R0", buf, pos - buf, + r0_key_data, r0_key_data_len) < 0) + return -1; + } +#endif /* CONFIG_SHA384 */ + if (!use_sha384) { + if (xxkey_len != PMK_LEN) { + wpa_printf(MSG_ERROR, + "FT: Unexpected XXKey length %d (expected %d)", + (int) xxkey_len, PMK_LEN); + return -1; + } + if (sha256_prf(xxkey, xxkey_len, "FT-R0", buf, pos - buf, + r0_key_data, r0_key_data_len) < 0) + return -1; + } + os_memcpy(pmk_r0, r0_key_data, q); + wpa_hexdump_key(MSG_DEBUG, "FT: PMK-R0", pmk_r0, q); + wpa_hexdump_key(MSG_DEBUG, "FT: PMK-R0Name-Salt", &r0_key_data[q], 16); /* - * PMKR0Name = Truncate-128(SHA-256("FT-R0N" || PMK-R0Name-Salt) + * PMKR0Name = Truncate-128(Hash("FT-R0N" || PMK-R0Name-Salt) */ addr[0] = (const u8 *) "FT-R0N"; len[0] = 6; - addr[1] = r0_key_data + PMK_LEN; + addr[1] = &r0_key_data[q]; len[1] = 16; - sha256_vector(2, addr, len, hash); +#ifdef CONFIG_SHA384 + if (use_sha384 && sha384_vector(2, addr, len, hash) < 0) + return -1; +#endif /* CONFIG_SHA384 */ + if (!use_sha384 && sha256_vector(2, addr, len, hash) < 0) + return -1; os_memcpy(pmk_r0_name, hash, WPA_PMK_NAME_LEN); + os_memset(r0_key_data, 0, sizeof(r0_key_data)); + return 0; } @@ -904,16 +1572,16 @@ void wpa_derive_pmk_r0(const u8 *xxkey, size_t xxkey_len, * * IEEE Std 802.11r-2008 - 8.5.1.5.4 */ -void wpa_derive_pmk_r1_name(const u8 *pmk_r0_name, const u8 *r1kh_id, - const u8 *s1kh_id, u8 *pmk_r1_name) +int wpa_derive_pmk_r1_name(const u8 *pmk_r0_name, const u8 *r1kh_id, + const u8 *s1kh_id, u8 *pmk_r1_name, int use_sha384) { - u8 hash[32]; + u8 hash[48]; const u8 *addr[4]; size_t len[4]; /* - * PMKR1Name = Truncate-128(SHA-256("FT-R1N" || PMKR0Name || - * R1KH-ID || S1KH-ID)) + * PMKR1Name = Truncate-128(Hash("FT-R1N" || PMKR0Name || + * R1KH-ID || S1KH-ID)) */ addr[0] = (const u8 *) "FT-R1N"; len[0] = 6; @@ -924,8 +1592,14 @@ void wpa_derive_pmk_r1_name(const u8 *pmk_r0_name, const u8 *r1kh_id, addr[3] = s1kh_id; len[3] = ETH_ALEN; - sha256_vector(4, addr, len, hash); +#ifdef CONFIG_SHA384 + if (use_sha384 && sha384_vector(4, addr, len, hash) < 0) + return -1; +#endif /* CONFIG_SHA384 */ + if (!use_sha384 && sha256_vector(4, addr, len, hash) < 0) + return -1; os_memcpy(pmk_r1_name, hash, WPA_PMK_NAME_LEN); + return 0; } @@ -934,23 +1608,46 @@ void wpa_derive_pmk_r1_name(const u8 *pmk_r0_name, const u8 *r1kh_id, * * IEEE Std 802.11r-2008 - 8.5.1.5.4 */ -void wpa_derive_pmk_r1(const u8 *pmk_r0, const u8 *pmk_r0_name, - const u8 *r1kh_id, const u8 *s1kh_id, - u8 *pmk_r1, u8 *pmk_r1_name) +int wpa_derive_pmk_r1(const u8 *pmk_r0, size_t pmk_r0_len, + const u8 *pmk_r0_name, + const u8 *r1kh_id, const u8 *s1kh_id, + u8 *pmk_r1, u8 *pmk_r1_name) { u8 buf[FT_R1KH_ID_LEN + ETH_ALEN]; u8 *pos; /* PMK-R1 = KDF-256(PMK-R0, "FT-R1", R1KH-ID || S1KH-ID) */ + wpa_printf(MSG_DEBUG, "FT: Derive PMK-R1 using KDF-%s", + pmk_r0_len == SHA384_MAC_LEN ? "SHA384" : "SHA256"); + wpa_hexdump_key(MSG_DEBUG, "FT: PMK-R0", pmk_r0, pmk_r0_len); + wpa_hexdump(MSG_DEBUG, "FT: R1KH-ID", r1kh_id, FT_R1KH_ID_LEN); + wpa_printf(MSG_DEBUG, "FT: S1KH-ID: " MACSTR, MAC2STR(s1kh_id)); pos = buf; os_memcpy(pos, r1kh_id, FT_R1KH_ID_LEN); pos += FT_R1KH_ID_LEN; os_memcpy(pos, s1kh_id, ETH_ALEN); pos += ETH_ALEN; - sha256_prf(pmk_r0, PMK_LEN, "FT-R1", buf, pos - buf, pmk_r1, PMK_LEN); +#ifdef CONFIG_SHA384 + if (pmk_r0_len == SHA384_MAC_LEN && + sha384_prf(pmk_r0, pmk_r0_len, "FT-R1", + buf, pos - buf, pmk_r1, pmk_r0_len) < 0) + return -1; +#endif /* CONFIG_SHA384 */ + if (pmk_r0_len == PMK_LEN && + sha256_prf(pmk_r0, pmk_r0_len, "FT-R1", + buf, pos - buf, pmk_r1, pmk_r0_len) < 0) + return -1; + if (pmk_r0_len != SHA384_MAC_LEN && pmk_r0_len != PMK_LEN) { + wpa_printf(MSG_ERROR, "FT: Unexpected PMK-R0 length %d", + (int) pmk_r0_len); + return -1; + } + wpa_hexdump_key(MSG_DEBUG, "FT: PMK-R1", pmk_r1, pmk_r0_len); - wpa_derive_pmk_r1_name(pmk_r0_name, r1kh_id, s1kh_id, pmk_r1_name); + return wpa_derive_pmk_r1_name(pmk_r0_name, r1kh_id, s1kh_id, + pmk_r1_name, + pmk_r0_len == SHA384_MAC_LEN); } @@ -959,7 +1656,8 @@ void wpa_derive_pmk_r1(const u8 *pmk_r0, const u8 *pmk_r0_name, * * IEEE Std 802.11r-2008 - 8.5.1.5.5 */ -int wpa_pmk_r1_to_ptk(const u8 *pmk_r1, const u8 *snonce, const u8 *anonce, +int wpa_pmk_r1_to_ptk(const u8 *pmk_r1, size_t pmk_r1_len, + const u8 *snonce, const u8 *anonce, const u8 *sta_addr, const u8 *bssid, const u8 *pmk_r1_name, struct wpa_ptk *ptk, u8 *ptk_name, int akmp, int cipher) @@ -968,13 +1666,21 @@ int wpa_pmk_r1_to_ptk(const u8 *pmk_r1, const u8 *snonce, const u8 *anonce, u8 *pos, hash[32]; const u8 *addr[6]; size_t len[6]; - u8 tmp[WPA_KCK_MAX_LEN + WPA_KEK_MAX_LEN + WPA_TK_MAX_LEN]; - size_t ptk_len; + u8 tmp[2 * WPA_KCK_MAX_LEN + 2 * WPA_KEK_MAX_LEN + WPA_TK_MAX_LEN]; + size_t ptk_len, offset; + int use_sha384 = wpa_key_mgmt_sha384(akmp); /* * PTK = KDF-PTKLen(PMK-R1, "FT-PTK", SNonce || ANonce || * BSSID || STA-ADDR) */ + wpa_printf(MSG_DEBUG, "FT: Derive PTK using KDF-%s", + use_sha384 ? "SHA384" : "SHA256"); + wpa_hexdump_key(MSG_DEBUG, "FT: PMK-R1", pmk_r1, pmk_r1_len); + wpa_hexdump(MSG_DEBUG, "FT: SNonce", snonce, WPA_NONCE_LEN); + wpa_hexdump(MSG_DEBUG, "FT: ANonce", anonce, WPA_NONCE_LEN); + wpa_printf(MSG_DEBUG, "FT: BSSID=" MACSTR " STA-ADDR=" MACSTR, + MAC2STR(bssid), MAC2STR(sta_addr)); pos = buf; os_memcpy(pos, snonce, WPA_NONCE_LEN); pos += WPA_NONCE_LEN; @@ -985,17 +1691,45 @@ int wpa_pmk_r1_to_ptk(const u8 *pmk_r1, const u8 *snonce, const u8 *anonce, os_memcpy(pos, sta_addr, ETH_ALEN); pos += ETH_ALEN; - ptk->kck_len = wpa_kck_len(akmp); - ptk->kek_len = wpa_kek_len(akmp); + ptk->kck_len = wpa_kck_len(akmp, PMK_LEN); + ptk->kck2_len = wpa_kck2_len(akmp); + ptk->kek_len = wpa_kek_len(akmp, PMK_LEN); + ptk->kek2_len = wpa_kek2_len(akmp); ptk->tk_len = wpa_cipher_key_len(cipher); - ptk_len = ptk->kck_len + ptk->kek_len + ptk->tk_len; - - sha256_prf(pmk_r1, PMK_LEN, "FT-PTK", buf, pos - buf, tmp, ptk_len); + ptk_len = ptk->kck_len + ptk->kek_len + ptk->tk_len + + ptk->kck2_len + ptk->kek2_len; + +#ifdef CONFIG_SHA384 + if (use_sha384) { + if (pmk_r1_len != SHA384_MAC_LEN) { + wpa_printf(MSG_ERROR, + "FT: Unexpected PMK-R1 length %d (expected %d)", + (int) pmk_r1_len, SHA384_MAC_LEN); + return -1; + } + if (sha384_prf(pmk_r1, pmk_r1_len, "FT-PTK", + buf, pos - buf, tmp, ptk_len) < 0) + return -1; + } +#endif /* CONFIG_SHA384 */ + if (!use_sha384) { + if (pmk_r1_len != PMK_LEN) { + wpa_printf(MSG_ERROR, + "FT: Unexpected PMK-R1 length %d (expected %d)", + (int) pmk_r1_len, PMK_LEN); + return -1; + } + if (sha256_prf(pmk_r1, pmk_r1_len, "FT-PTK", + buf, pos - buf, tmp, ptk_len) < 0) + return -1; + } + wpa_hexdump_key(MSG_DEBUG, "FT: PTK", tmp, ptk_len); /* * PTKName = Truncate-128(SHA-256(PMKR1Name || "FT-PTKN" || SNonce || * ANonce || BSSID || STA-ADDR)) */ + wpa_hexdump(MSG_DEBUG, "FT: PMKR1Name", pmk_r1_name, WPA_PMK_NAME_LEN); addr[0] = pmk_r1_name; len[0] = WPA_PMK_NAME_LEN; addr[1] = (const u8 *) "FT-PTKN"; @@ -1009,15 +1743,28 @@ int wpa_pmk_r1_to_ptk(const u8 *pmk_r1, const u8 *snonce, const u8 *anonce, addr[5] = sta_addr; len[5] = ETH_ALEN; - sha256_vector(6, addr, len, hash); + if (sha256_vector(6, addr, len, hash) < 0) + return -1; os_memcpy(ptk_name, hash, WPA_PMK_NAME_LEN); os_memcpy(ptk->kck, tmp, ptk->kck_len); - os_memcpy(ptk->kek, tmp + ptk->kck_len, ptk->kek_len); - os_memcpy(ptk->tk, tmp + ptk->kck_len + ptk->kek_len, ptk->tk_len); + offset = ptk->kck_len; + os_memcpy(ptk->kek, tmp + offset, ptk->kek_len); + offset += ptk->kek_len; + os_memcpy(ptk->tk, tmp + offset, ptk->tk_len); + offset += ptk->tk_len; + os_memcpy(ptk->kck2, tmp + offset, ptk->kck2_len); + offset = ptk->kck2_len; + os_memcpy(ptk->kek2, tmp + offset, ptk->kek2_len); wpa_hexdump_key(MSG_DEBUG, "FT: KCK", ptk->kck, ptk->kck_len); wpa_hexdump_key(MSG_DEBUG, "FT: KEK", ptk->kek, ptk->kek_len); + if (ptk->kck2_len) + wpa_hexdump_key(MSG_DEBUG, "FT: KCK2", + ptk->kck2, ptk->kck2_len); + if (ptk->kek2_len) + wpa_hexdump_key(MSG_DEBUG, "FT: KEK2", + ptk->kek2, ptk->kek2_len); wpa_hexdump_key(MSG_DEBUG, "FT: TK", ptk->tk, ptk->tk_len); wpa_hexdump(MSG_DEBUG, "FT: PTKName", ptk_name, WPA_PMK_NAME_LEN); @@ -1036,29 +1783,48 @@ int wpa_pmk_r1_to_ptk(const u8 *pmk_r1, const u8 *snonce, const u8 *anonce, * @aa: Authenticator address * @spa: Supplicant address * @pmkid: Buffer for PMKID - * @use_sha256: Whether to use SHA256-based KDF + * @akmp: Negotiated key management protocol * - * IEEE Std 802.11i-2004 - 8.5.1.2 Pairwise key hierarchy - * PMKID = HMAC-SHA1-128(PMK, "PMK Name" || AA || SPA) + * IEEE Std 802.11-2016 - 12.7.1.3 Pairwise key hierarchy + * AKM: 00-0F-AC:5, 00-0F-AC:6, 00-0F-AC:14, 00-0F-AC:16 + * PMKID = Truncate-128(HMAC-SHA-256(PMK, "PMK Name" || AA || SPA)) + * AKM: 00-0F-AC:11 + * See rsn_pmkid_suite_b() + * AKM: 00-0F-AC:12 + * See rsn_pmkid_suite_b_192() + * AKM: 00-0F-AC:13, 00-0F-AC:15, 00-0F-AC:17 + * PMKID = Truncate-128(HMAC-SHA-384(PMK, "PMK Name" || AA || SPA)) + * Otherwise: + * PMKID = Truncate-128(HMAC-SHA-1(PMK, "PMK Name" || AA || SPA)) */ void rsn_pmkid(const u8 *pmk, size_t pmk_len, const u8 *aa, const u8 *spa, - u8 *pmkid, int use_sha256) + u8 *pmkid, int akmp) { char *title = "PMK Name"; const u8 *addr[3]; const size_t len[3] = { 8, ETH_ALEN, ETH_ALEN }; - unsigned char hash[SHA256_MAC_LEN]; + unsigned char hash[SHA384_MAC_LEN]; addr[0] = (u8 *) title; addr[1] = aa; addr[2] = spa; -#ifdef CONFIG_IEEE80211W - if (use_sha256) + if (0) { +#if defined(CONFIG_FILS) || defined(CONFIG_SHA384) + } else if (wpa_key_mgmt_sha384(akmp)) { + wpa_printf(MSG_DEBUG, "RSN: Derive PMKID using HMAC-SHA-384"); + hmac_sha384_vector(pmk, pmk_len, 3, addr, len, hash); +#endif /* CONFIG_FILS || CONFIG_SHA384 */ +#if defined(CONFIG_IEEE80211W) || defined(CONFIG_FILS) + } else if (wpa_key_mgmt_sha256(akmp)) { + wpa_printf(MSG_DEBUG, "RSN: Derive PMKID using HMAC-SHA-256"); hmac_sha256_vector(pmk, pmk_len, 3, addr, len, hash); - else -#endif /* CONFIG_IEEE80211W */ +#endif /* CONFIG_IEEE80211W || CONFIG_FILS */ + } else { + wpa_printf(MSG_DEBUG, "RSN: Derive PMKID using HMAC-SHA-1"); hmac_sha1_vector(pmk, pmk_len, 3, addr, len, hash); + } + wpa_hexdump(MSG_DEBUG, "RSN: Derived PMKID", hash, PMKID_LEN); os_memcpy(pmkid, hash, PMKID_LEN); } @@ -1155,6 +1921,14 @@ const char * wpa_cipher_txt(int cipher) return "GCMP-256"; case WPA_CIPHER_CCMP_256: return "CCMP-256"; + case WPA_CIPHER_AES_128_CMAC: + return "BIP"; + case WPA_CIPHER_BIP_GMAC_128: + return "BIP-GMAC-128"; + case WPA_CIPHER_BIP_GMAC_256: + return "BIP-GMAC-256"; + case WPA_CIPHER_BIP_CMAC_256: + return "BIP-CMAC-256"; case WPA_CIPHER_GTK_NOT_USED: return "GTK_NOT_USED"; default: @@ -1191,6 +1965,8 @@ const char * wpa_key_mgmt_txt(int key_mgmt, int proto) #ifdef CONFIG_IEEE80211R case WPA_KEY_MGMT_FT_IEEE8021X: return "FT-EAP"; + case WPA_KEY_MGMT_FT_IEEE8021X_SHA384: + return "FT-EAP-SHA384"; case WPA_KEY_MGMT_FT_PSK: return "FT-PSK"; #endif /* CONFIG_IEEE80211R */ @@ -1212,6 +1988,18 @@ const char * wpa_key_mgmt_txt(int key_mgmt, int proto) return "WPA2-EAP-SUITE-B"; case WPA_KEY_MGMT_IEEE8021X_SUITE_B_192: return "WPA2-EAP-SUITE-B-192"; + case WPA_KEY_MGMT_FILS_SHA256: + return "FILS-SHA256"; + case WPA_KEY_MGMT_FILS_SHA384: + return "FILS-SHA384"; + case WPA_KEY_MGMT_FT_FILS_SHA256: + return "FT-FILS-SHA256"; + case WPA_KEY_MGMT_FT_FILS_SHA384: + return "FT-FILS-SHA384"; + case WPA_KEY_MGMT_OWE: + return "OWE"; + case WPA_KEY_MGMT_DPP: + return "DPP"; default: return "UNKNOWN"; } @@ -1220,28 +2008,36 @@ const char * wpa_key_mgmt_txt(int key_mgmt, int proto) u32 wpa_akm_to_suite(int akm) { + if (akm & WPA_KEY_MGMT_FT_IEEE8021X_SHA384) + return RSN_AUTH_KEY_MGMT_FT_802_1X_SHA384; if (akm & WPA_KEY_MGMT_FT_IEEE8021X) - return WLAN_AKM_SUITE_FT_8021X; + return RSN_AUTH_KEY_MGMT_FT_802_1X; if (akm & WPA_KEY_MGMT_FT_PSK) - return WLAN_AKM_SUITE_FT_PSK; - if (akm & WPA_KEY_MGMT_IEEE8021X) - return WLAN_AKM_SUITE_8021X; + return RSN_AUTH_KEY_MGMT_FT_PSK; if (akm & WPA_KEY_MGMT_IEEE8021X_SHA256) - return WLAN_AKM_SUITE_8021X_SHA256; + return RSN_AUTH_KEY_MGMT_802_1X_SHA256; if (akm & WPA_KEY_MGMT_IEEE8021X) - return WLAN_AKM_SUITE_8021X; + return RSN_AUTH_KEY_MGMT_UNSPEC_802_1X; if (akm & WPA_KEY_MGMT_PSK_SHA256) - return WLAN_AKM_SUITE_PSK_SHA256; + return RSN_AUTH_KEY_MGMT_PSK_SHA256; if (akm & WPA_KEY_MGMT_PSK) - return WLAN_AKM_SUITE_PSK; + return RSN_AUTH_KEY_MGMT_PSK_OVER_802_1X; if (akm & WPA_KEY_MGMT_CCKM) - return WLAN_AKM_SUITE_CCKM; + return RSN_AUTH_KEY_MGMT_CCKM; if (akm & WPA_KEY_MGMT_OSEN) - return WLAN_AKM_SUITE_OSEN; + return RSN_AUTH_KEY_MGMT_OSEN; if (akm & WPA_KEY_MGMT_IEEE8021X_SUITE_B) - return WLAN_AKM_SUITE_8021X_SUITE_B; + return RSN_AUTH_KEY_MGMT_802_1X_SUITE_B; if (akm & WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) - return WLAN_AKM_SUITE_8021X_SUITE_B_192; + return RSN_AUTH_KEY_MGMT_802_1X_SUITE_B_192; + if (akm & WPA_KEY_MGMT_FILS_SHA256) + return RSN_AUTH_KEY_MGMT_FILS_SHA256; + if (akm & WPA_KEY_MGMT_FILS_SHA384) + return RSN_AUTH_KEY_MGMT_FILS_SHA384; + if (akm & WPA_KEY_MGMT_FT_FILS_SHA256) + return RSN_AUTH_KEY_MGMT_FT_FILS_SHA256; + if (akm & WPA_KEY_MGMT_FT_FILS_SHA384) + return RSN_AUTH_KEY_MGMT_FT_FILS_SHA384; return 0; } @@ -1283,7 +2079,7 @@ int wpa_compare_rsn_ie(int ft_initial_assoc, } -#ifdef CONFIG_IEEE80211R +#if defined(CONFIG_IEEE80211R) || defined(CONFIG_FILS) int wpa_insert_pmkid(u8 *ies, size_t *ies_len, const u8 *pmkid) { u8 *start, *end, *rpos, *rend; @@ -1382,7 +2178,7 @@ int wpa_insert_pmkid(u8 *ies, size_t *ies_len, const u8 *pmkid) return 0; } -#endif /* CONFIG_IEEE80211R */ +#endif /* CONFIG_IEEE80211R || CONFIG_FILS */ int wpa_cipher_key_len(int cipher) @@ -1421,7 +2217,7 @@ int wpa_cipher_rsc_len(int cipher) } -int wpa_cipher_to_alg(int cipher) +enum wpa_alg wpa_cipher_to_alg(int cipher) { switch (cipher) { case WPA_CIPHER_CCMP_256: @@ -1616,6 +2412,14 @@ int wpa_parse_cipher(const char *value) val |= WPA_CIPHER_NONE; else if (os_strcmp(start, "GTK_NOT_USED") == 0) val |= WPA_CIPHER_GTK_NOT_USED; + else if (os_strcmp(start, "AES-128-CMAC") == 0) + val |= WPA_CIPHER_AES_128_CMAC; + else if (os_strcmp(start, "BIP-GMAC-128") == 0) + val |= WPA_CIPHER_BIP_GMAC_128; + else if (os_strcmp(start, "BIP-GMAC-256") == 0) + val |= WPA_CIPHER_BIP_GMAC_256; + else if (os_strcmp(start, "BIP-CMAC-256") == 0) + val |= WPA_CIPHER_BIP_CMAC_256; else { os_free(buf); return -1; @@ -1671,6 +2475,34 @@ int wpa_write_ciphers(char *start, char *end, int ciphers, const char *delim) return -1; pos += ret; } + if (ciphers & WPA_CIPHER_AES_128_CMAC) { + ret = os_snprintf(pos, end - pos, "%sAES-128-CMAC", + pos == start ? "" : delim); + if (os_snprintf_error(end - pos, ret)) + return -1; + pos += ret; + } + if (ciphers & WPA_CIPHER_BIP_GMAC_128) { + ret = os_snprintf(pos, end - pos, "%sBIP-GMAC-128", + pos == start ? "" : delim); + if (os_snprintf_error(end - pos, ret)) + return -1; + pos += ret; + } + if (ciphers & WPA_CIPHER_BIP_GMAC_256) { + ret = os_snprintf(pos, end - pos, "%sBIP-GMAC-256", + pos == start ? "" : delim); + if (os_snprintf_error(end - pos, ret)) + return -1; + pos += ret; + } + if (ciphers & WPA_CIPHER_BIP_CMAC_256) { + ret = os_snprintf(pos, end - pos, "%sBIP-CMAC-256", + pos == start ? "" : delim); + if (os_snprintf_error(end - pos, ret)) + return -1; + pos += ret; + } if (ciphers & WPA_CIPHER_NONE) { ret = os_snprintf(pos, end - pos, "%sNONE", pos == start ? "" : delim); @@ -1705,3 +2537,29 @@ int wpa_select_ap_group_cipher(int wpa, int wpa_pairwise, int rsn_pairwise) return WPA_CIPHER_CCMP_256; return WPA_CIPHER_CCMP; } + + +#ifdef CONFIG_FILS +int fils_domain_name_hash(const char *domain, u8 *hash) +{ + char buf[255], *wpos = buf; + const char *pos = domain; + size_t len; + const u8 *addr[1]; + u8 mac[SHA256_MAC_LEN]; + + for (len = 0; len < sizeof(buf) && *pos; len++) { + if (isalpha(*pos) && isupper(*pos)) + *wpos++ = tolower(*pos); + else + *wpos++ = *pos; + pos++; + } + + addr[0] = (const u8 *) buf; + if (sha256_vector(1, addr, &len, mac) < 0) + return -1; + os_memcpy(hash, mac, 2); + return 0; +} +#endif /* CONFIG_FILS */ diff --git a/contrib/wpa/src/common/wpa_common.h b/contrib/wpa/src/common/wpa_common.h index 1021ccb05a71..62617444058b 100644 --- a/contrib/wpa/src/common/wpa_common.h +++ b/contrib/wpa/src/common/wpa_common.h @@ -1,6 +1,6 @@ /* * WPA definitions shared between hostapd and wpa_supplicant - * Copyright (c) 2002-2015, Jouni Malinen <j@w1.fi> + * Copyright (c) 2002-2018, Jouni Malinen <j@w1.fi> * * This software may be distributed under the terms of the BSD license. * See README for more details. @@ -13,13 +13,15 @@ #define PMKID_LEN 16 #define PMK_LEN 32 #define PMK_LEN_SUITE_B_192 48 -#define PMK_LEN_MAX 48 +#define PMK_LEN_MAX 64 #define WPA_REPLAY_COUNTER_LEN 8 #define WPA_NONCE_LEN 32 #define WPA_KEY_RSC_LEN 8 #define WPA_GMK_LEN 32 #define WPA_GTK_MAX_LEN 32 +#define OWE_DH_GROUP 19 + #define WPA_ALLOWED_PAIRWISE_CIPHERS \ (WPA_CIPHER_CCMP | WPA_CIPHER_GCMP | WPA_CIPHER_TKIP | WPA_CIPHER_NONE | \ WPA_CIPHER_GCMP_256 | WPA_CIPHER_CCMP_256) @@ -27,6 +29,9 @@ WPA_CIPHER_GCMP_256 | WPA_CIPHER_CCMP_256) (WPA_CIPHER_CCMP | WPA_CIPHER_GCMP | WPA_CIPHER_TKIP | \ WPA_CIPHER_GCMP_256 | WPA_CIPHER_CCMP_256 | \ WPA_CIPHER_GTK_NOT_USED) +#define WPA_ALLOWED_GROUP_MGMT_CIPHERS \ +(WPA_CIPHER_AES_128_CMAC | WPA_CIPHER_BIP_GMAC_128 | WPA_CIPHER_BIP_GMAC_256 | \ +WPA_CIPHER_BIP_CMAC_256) #define WPA_SELECTOR_LEN 4 #define WPA_VERSION 1 @@ -48,10 +53,8 @@ WPA_CIPHER_GTK_NOT_USED) #define RSN_AUTH_KEY_MGMT_UNSPEC_802_1X RSN_SELECTOR(0x00, 0x0f, 0xac, 1) #define RSN_AUTH_KEY_MGMT_PSK_OVER_802_1X RSN_SELECTOR(0x00, 0x0f, 0xac, 2) -#ifdef CONFIG_IEEE80211R #define RSN_AUTH_KEY_MGMT_FT_802_1X RSN_SELECTOR(0x00, 0x0f, 0xac, 3) #define RSN_AUTH_KEY_MGMT_FT_PSK RSN_SELECTOR(0x00, 0x0f, 0xac, 4) -#endif /* CONFIG_IEEE80211R */ #define RSN_AUTH_KEY_MGMT_802_1X_SHA256 RSN_SELECTOR(0x00, 0x0f, 0xac, 5) #define RSN_AUTH_KEY_MGMT_PSK_SHA256 RSN_SELECTOR(0x00, 0x0f, 0xac, 6) #define RSN_AUTH_KEY_MGMT_TPK_HANDSHAKE RSN_SELECTOR(0x00, 0x0f, 0xac, 7) @@ -59,17 +62,24 @@ WPA_CIPHER_GTK_NOT_USED) #define RSN_AUTH_KEY_MGMT_FT_SAE RSN_SELECTOR(0x00, 0x0f, 0xac, 9) #define RSN_AUTH_KEY_MGMT_802_1X_SUITE_B RSN_SELECTOR(0x00, 0x0f, 0xac, 11) #define RSN_AUTH_KEY_MGMT_802_1X_SUITE_B_192 RSN_SELECTOR(0x00, 0x0f, 0xac, 12) -#define RSN_AUTH_KEY_MGMT_FT_802_1X_SUITE_B_192 \ -RSN_SELECTOR(0x00, 0x0f, 0xac, 13) +#define RSN_AUTH_KEY_MGMT_FT_802_1X_SHA384 RSN_SELECTOR(0x00, 0x0f, 0xac, 13) +#define RSN_AUTH_KEY_MGMT_FILS_SHA256 RSN_SELECTOR(0x00, 0x0f, 0xac, 14) +#define RSN_AUTH_KEY_MGMT_FILS_SHA384 RSN_SELECTOR(0x00, 0x0f, 0xac, 15) +#define RSN_AUTH_KEY_MGMT_FT_FILS_SHA256 RSN_SELECTOR(0x00, 0x0f, 0xac, 16) +#define RSN_AUTH_KEY_MGMT_FT_FILS_SHA384 RSN_SELECTOR(0x00, 0x0f, 0xac, 17) +#define RSN_AUTH_KEY_MGMT_OWE RSN_SELECTOR(0x00, 0x0f, 0xac, 18) #define RSN_AUTH_KEY_MGMT_CCKM RSN_SELECTOR(0x00, 0x40, 0x96, 0x00) #define RSN_AUTH_KEY_MGMT_OSEN RSN_SELECTOR(0x50, 0x6f, 0x9a, 0x01) +#define RSN_AUTH_KEY_MGMT_DPP RSN_SELECTOR(0x50, 0x6f, 0x9a, 0x02) #define RSN_CIPHER_SUITE_NONE RSN_SELECTOR(0x00, 0x0f, 0xac, 0) +#define RSN_CIPHER_SUITE_WEP40 RSN_SELECTOR(0x00, 0x0f, 0xac, 1) #define RSN_CIPHER_SUITE_TKIP RSN_SELECTOR(0x00, 0x0f, 0xac, 2) #if 0 #define RSN_CIPHER_SUITE_WRAP RSN_SELECTOR(0x00, 0x0f, 0xac, 3) #endif #define RSN_CIPHER_SUITE_CCMP RSN_SELECTOR(0x00, 0x0f, 0xac, 4) +#define RSN_CIPHER_SUITE_WEP104 RSN_SELECTOR(0x00, 0x0f, 0xac, 5) #define RSN_CIPHER_SUITE_AES_128_CMAC RSN_SELECTOR(0x00, 0x0f, 0xac, 6) #define RSN_CIPHER_SUITE_NO_GROUP_ADDRESSED RSN_SELECTOR(0x00, 0x0f, 0xac, 7) #define RSN_CIPHER_SUITE_GCMP RSN_SELECTOR(0x00, 0x0f, 0xac, 8) @@ -78,6 +88,12 @@ RSN_SELECTOR(0x00, 0x0f, 0xac, 13) #define RSN_CIPHER_SUITE_BIP_GMAC_128 RSN_SELECTOR(0x00, 0x0f, 0xac, 11) #define RSN_CIPHER_SUITE_BIP_GMAC_256 RSN_SELECTOR(0x00, 0x0f, 0xac, 12) #define RSN_CIPHER_SUITE_BIP_CMAC_256 RSN_SELECTOR(0x00, 0x0f, 0xac, 13) +#define RSN_CIPHER_SUITE_SMS4 RSN_SELECTOR(0x00, 0x14, 0x72, 1) +#define RSN_CIPHER_SUITE_CKIP RSN_SELECTOR(0x00, 0x40, 0x96, 0) +#define RSN_CIPHER_SUITE_CKIP_CMIC RSN_SELECTOR(0x00, 0x40, 0x96, 1) +#define RSN_CIPHER_SUITE_CMIC RSN_SELECTOR(0x00, 0x40, 0x96, 2) +/* KRK is defined for nl80211 use only */ +#define RSN_CIPHER_SUITE_KRK RSN_SELECTOR(0x00, 0x40, 0x96, 255) /* EAPOL-Key Key Data Encapsulation * GroupKey and PeerKey require encryption, otherwise, encryption is optional. @@ -88,12 +104,6 @@ RSN_SELECTOR(0x00, 0x0f, 0xac, 13) #endif #define RSN_KEY_DATA_MAC_ADDR RSN_SELECTOR(0x00, 0x0f, 0xac, 3) #define RSN_KEY_DATA_PMKID RSN_SELECTOR(0x00, 0x0f, 0xac, 4) -#ifdef CONFIG_PEERKEY -#define RSN_KEY_DATA_SMK RSN_SELECTOR(0x00, 0x0f, 0xac, 5) -#define RSN_KEY_DATA_NONCE RSN_SELECTOR(0x00, 0x0f, 0xac, 6) -#define RSN_KEY_DATA_LIFETIME RSN_SELECTOR(0x00, 0x0f, 0xac, 7) -#define RSN_KEY_DATA_ERROR RSN_SELECTOR(0x00, 0x0f, 0xac, 8) -#endif /* CONFIG_PEERKEY */ #ifdef CONFIG_IEEE80211W #define RSN_KEY_DATA_IGTK RSN_SELECTOR(0x00, 0x0f, 0xac, 9) #endif /* CONFIG_IEEE80211W */ @@ -179,30 +189,17 @@ struct wpa_eapol_key { u8 key_iv[16]; u8 key_rsc[WPA_KEY_RSC_LEN]; u8 key_id[8]; /* Reserved in IEEE 802.11i/RSN */ - u8 key_mic[16]; - u8 key_data_length[2]; /* big endian */ - /* followed by key_data_length bytes of key_data */ -} STRUCT_PACKED; - -struct wpa_eapol_key_192 { - u8 type; - /* Note: key_info, key_length, and key_data_length are unaligned */ - u8 key_info[2]; /* big endian */ - u8 key_length[2]; /* big endian */ - u8 replay_counter[WPA_REPLAY_COUNTER_LEN]; - u8 key_nonce[WPA_NONCE_LEN]; - u8 key_iv[16]; - u8 key_rsc[WPA_KEY_RSC_LEN]; - u8 key_id[8]; /* Reserved in IEEE 802.11i/RSN */ - u8 key_mic[24]; - u8 key_data_length[2]; /* big endian */ - /* followed by key_data_length bytes of key_data */ + /* variable length Key MIC field */ + /* big endian 2-octet Key Data Length field */ + /* followed by Key Data Length bytes of Key Data */ } STRUCT_PACKED; -#define WPA_EAPOL_KEY_MIC_MAX_LEN 24 -#define WPA_KCK_MAX_LEN 24 -#define WPA_KEK_MAX_LEN 32 +#define WPA_EAPOL_KEY_MIC_MAX_LEN 32 +#define WPA_KCK_MAX_LEN 32 +#define WPA_KEK_MAX_LEN 64 #define WPA_TK_MAX_LEN 32 +#define FILS_ICK_MAX_LEN 48 +#define FILS_FT_MAX_LEN 48 /** * struct wpa_ptk - WPA Pairwise Transient Key @@ -212,9 +209,13 @@ struct wpa_ptk { u8 kck[WPA_KCK_MAX_LEN]; /* EAPOL-Key Key Confirmation Key (KCK) */ u8 kek[WPA_KEK_MAX_LEN]; /* EAPOL-Key Key Encryption Key (KEK) */ u8 tk[WPA_TK_MAX_LEN]; /* Temporal Key (TK) */ + u8 kck2[WPA_KCK_MAX_LEN]; /* FT reasoc Key Confirmation Key (KCK2) */ + u8 kek2[WPA_KEK_MAX_LEN]; /* FT reassoc Key Encryption Key (KEK2) */ size_t kck_len; size_t kek_len; size_t tk_len; + size_t kck2_len; + size_t kek2_len; int installed; /* 1 if key has already been installed to driver */ }; @@ -283,22 +284,6 @@ struct rsn_ie_hdr { } STRUCT_PACKED; -#ifdef CONFIG_PEERKEY -enum { - STK_MUI_4WAY_STA_AP = 1, - STK_MUI_4WAY_STAT_STA = 2, - STK_MUI_GTK = 3, - STK_MUI_SMK = 4 -}; - -enum { - STK_ERR_STA_NR = 1, - STK_ERR_STA_NRSN = 2, - STK_ERR_CPHR_NS = 3, - STK_ERR_NO_STSL = 4 -}; -#endif /* CONFIG_PEERKEY */ - struct rsn_error_kde { be16 mui; be16 error_type; @@ -329,6 +314,14 @@ struct rsn_ftie { /* followed by optional parameters */ } STRUCT_PACKED; +struct rsn_ftie_sha384 { + u8 mic_control[2]; + u8 mic[24]; + u8 anonce[WPA_NONCE_LEN]; + u8 snonce[WPA_NONCE_LEN]; + /* followed by optional parameters */ +} STRUCT_PACKED; + #define FTIE_SUBELEM_R1KH_ID 1 #define FTIE_SUBELEM_GTK 2 #define FTIE_SUBELEM_R0KH_ID 3 @@ -352,6 +345,22 @@ int wpa_pmk_to_ptk(const u8 *pmk, size_t pmk_len, const char *label, const u8 *addr1, const u8 *addr2, const u8 *nonce1, const u8 *nonce2, struct wpa_ptk *ptk, int akmp, int cipher); +int fils_rmsk_to_pmk(int akmp, const u8 *rmsk, size_t rmsk_len, + const u8 *snonce, const u8 *anonce, const u8 *dh_ss, + size_t dh_ss_len, u8 *pmk, size_t *pmk_len); +int fils_pmkid_erp(int akmp, const u8 *reauth, size_t reauth_len, + u8 *pmkid); +int fils_pmk_to_ptk(const u8 *pmk, size_t pmk_len, const u8 *spa, const u8 *aa, + const u8 *snonce, const u8 *anonce, const u8 *dhss, + size_t dhss_len, struct wpa_ptk *ptk, + u8 *ick, size_t *ick_len, int akmp, int cipher, + u8 *fils_ft, size_t *fils_ft_len); +int fils_key_auth_sk(const u8 *ick, size_t ick_len, const u8 *snonce, + const u8 *anonce, const u8 *sta_addr, const u8 *bssid, + const u8 *g_sta, size_t g_sta_len, + const u8 *g_ap, size_t g_ap_len, + int akmp, u8 *key_auth_sta, u8 *key_auth_ap, + size_t *key_auth_len); #ifdef CONFIG_IEEE80211R int wpa_ft_mic(const u8 *kck, size_t kck_len, const u8 *sta_addr, @@ -360,17 +369,19 @@ int wpa_ft_mic(const u8 *kck, size_t kck_len, const u8 *sta_addr, const u8 *ftie, size_t ftie_len, const u8 *rsnie, size_t rsnie_len, const u8 *ric, size_t ric_len, u8 *mic); -void wpa_derive_pmk_r0(const u8 *xxkey, size_t xxkey_len, - const u8 *ssid, size_t ssid_len, - const u8 *mdid, const u8 *r0kh_id, size_t r0kh_id_len, - const u8 *s0kh_id, u8 *pmk_r0, u8 *pmk_r0_name); -void wpa_derive_pmk_r1_name(const u8 *pmk_r0_name, const u8 *r1kh_id, - const u8 *s1kh_id, u8 *pmk_r1_name); -void wpa_derive_pmk_r1(const u8 *pmk_r0, const u8 *pmk_r0_name, - const u8 *r1kh_id, const u8 *s1kh_id, - u8 *pmk_r1, u8 *pmk_r1_name); -int wpa_pmk_r1_to_ptk(const u8 *pmk_r1, const u8 *snonce, const u8 *anonce, - const u8 *sta_addr, const u8 *bssid, +int wpa_derive_pmk_r0(const u8 *xxkey, size_t xxkey_len, + const u8 *ssid, size_t ssid_len, + const u8 *mdid, const u8 *r0kh_id, size_t r0kh_id_len, + const u8 *s0kh_id, u8 *pmk_r0, u8 *pmk_r0_name, + int use_sha384); +int wpa_derive_pmk_r1_name(const u8 *pmk_r0_name, const u8 *r1kh_id, + const u8 *s1kh_id, u8 *pmk_r1_name, int use_sha384); +int wpa_derive_pmk_r1(const u8 *pmk_r0, size_t pmk_r0_len, + const u8 *pmk_r0_name, + const u8 *r1kh_id, const u8 *s1kh_id, + u8 *pmk_r1, u8 *pmk_r1_name); +int wpa_pmk_r1_to_ptk(const u8 *pmk_r1, size_t pmk_r1_len, const u8 *snonce, + const u8 *anonce, const u8 *sta_addr, const u8 *bssid, const u8 *pmk_r1_name, struct wpa_ptk *ptk, u8 *ptk_name, int akmp, int cipher); #endif /* CONFIG_IEEE80211R */ @@ -393,7 +404,7 @@ int wpa_parse_wpa_ie_wpa(const u8 *wpa_ie, size_t wpa_ie_len, struct wpa_ie_data *data); void rsn_pmkid(const u8 *pmk, size_t pmk_len, const u8 *aa, const u8 *spa, - u8 *pmkid, int use_sha256); + u8 *pmkid, int akmp); #ifdef CONFIG_SUITEB int rsn_pmkid_suite_b(const u8 *kck, size_t kck_len, const u8 *aa, const u8 *spa, u8 *pmkid); @@ -442,13 +453,16 @@ struct wpa_ft_ies { size_t igtk_len; const u8 *ric; size_t ric_len; + int key_mgmt; + int pairwise_cipher; }; -int wpa_ft_parse_ies(const u8 *ies, size_t ies_len, struct wpa_ft_ies *parse); +int wpa_ft_parse_ies(const u8 *ies, size_t ies_len, struct wpa_ft_ies *parse, + int use_sha384); int wpa_cipher_key_len(int cipher); int wpa_cipher_rsc_len(int cipher); -int wpa_cipher_to_alg(int cipher); +enum wpa_alg wpa_cipher_to_alg(int cipher); int wpa_cipher_valid_group(int cipher); int wpa_cipher_valid_pairwise(int cipher); int wpa_cipher_valid_mgmt_group(int cipher); @@ -460,6 +474,10 @@ int wpa_pick_group_cipher(int ciphers); int wpa_parse_cipher(const char *value); int wpa_write_ciphers(char *start, char *end, int ciphers, const char *delim); int wpa_select_ap_group_cipher(int wpa, int wpa_pairwise, int rsn_pairwise); -unsigned int wpa_mic_len(int akmp); +unsigned int wpa_mic_len(int akmp, size_t pmk_len); +int wpa_use_akm_defined(int akmp); +int wpa_use_cmac(int akmp); +int wpa_use_aes_key_wrap(int akmp); +int fils_domain_name_hash(const char *domain, u8 *hash); #endif /* WPA_COMMON_H */ diff --git a/contrib/wpa/src/common/wpa_ctrl.h b/contrib/wpa/src/common/wpa_ctrl.h index 4dcba81dc1a4..f65077e04282 100644 --- a/contrib/wpa/src/common/wpa_ctrl.h +++ b/contrib/wpa/src/common/wpa_ctrl.h @@ -1,6 +1,6 @@ /* * wpa_supplicant/hostapd control interface library - * Copyright (c) 2004-2006, Jouni Malinen <j@w1.fi> + * Copyright (c) 2004-2017, Jouni Malinen <j@w1.fi> * * This software may be distributed under the terms of the BSD license. * See README for more details. @@ -50,10 +50,19 @@ extern "C" { #define WPA_EVENT_EAP_TLS_CERT_ERROR "CTRL-EVENT-EAP-TLS-CERT-ERROR " /** EAP status */ #define WPA_EVENT_EAP_STATUS "CTRL-EVENT-EAP-STATUS " +/** Retransmit the previous request packet */ +#define WPA_EVENT_EAP_RETRANSMIT "CTRL-EVENT-EAP-RETRANSMIT " +#define WPA_EVENT_EAP_RETRANSMIT2 "CTRL-EVENT-EAP-RETRANSMIT2 " /** EAP authentication completed successfully */ #define WPA_EVENT_EAP_SUCCESS "CTRL-EVENT-EAP-SUCCESS " +#define WPA_EVENT_EAP_SUCCESS2 "CTRL-EVENT-EAP-SUCCESS2 " /** EAP authentication failed (EAP-Failure received) */ #define WPA_EVENT_EAP_FAILURE "CTRL-EVENT-EAP-FAILURE " +#define WPA_EVENT_EAP_FAILURE2 "CTRL-EVENT-EAP-FAILURE2 " +/** EAP authentication failed due to no response received */ +#define WPA_EVENT_EAP_TIMEOUT_FAILURE "CTRL-EVENT-EAP-TIMEOUT-FAILURE " +#define WPA_EVENT_EAP_TIMEOUT_FAILURE2 "CTRL-EVENT-EAP-TIMEOUT-FAILURE2 " +#define WPA_EVENT_EAP_ERROR_CODE "EAP-ERROR-CODE " /** Network block temporarily disabled (e.g., due to authentication failure) */ #define WPA_EVENT_TEMP_DISABLED "CTRL-EVENT-SSID-TEMP-DISABLED " /** Temporarily disabled network block re-enabled */ @@ -74,10 +83,15 @@ extern "C" { #define WPA_EVENT_NETWORK_NOT_FOUND "CTRL-EVENT-NETWORK-NOT-FOUND " /** Change in the signal level was reported by the driver */ #define WPA_EVENT_SIGNAL_CHANGE "CTRL-EVENT-SIGNAL-CHANGE " +/** Beacon loss reported by the driver */ +#define WPA_EVENT_BEACON_LOSS "CTRL-EVENT-BEACON-LOSS " /** Regulatory domain channel */ #define WPA_EVENT_REGDOM_CHANGE "CTRL-EVENT-REGDOM-CHANGE " /** Channel switch (followed by freq=<MHz> and other channel parameters) */ #define WPA_EVENT_CHANNEL_SWITCH "CTRL-EVENT-CHANNEL-SWITCH " +/** SAE authentication failed due to unknown password identifier */ +#define WPA_EVENT_SAE_UNKNOWN_PASSWORD_IDENTIFIER \ + "CTRL-EVENT-SAE-UNKNOWN-PASSWORD-IDENTIFIER " /** IP subnet status change notification * @@ -141,6 +155,33 @@ extern "C" { #define WPS_EVENT_ER_AP_SETTINGS "WPS-ER-AP-SETTINGS " #define WPS_EVENT_ER_SET_SEL_REG "WPS-ER-AP-SET-SEL-REG " +/* DPP events */ +#define DPP_EVENT_AUTH_SUCCESS "DPP-AUTH-SUCCESS " +#define DPP_EVENT_AUTH_INIT_FAILED "DPP-AUTH-INIT-FAILED " +#define DPP_EVENT_NOT_COMPATIBLE "DPP-NOT-COMPATIBLE " +#define DPP_EVENT_RESPONSE_PENDING "DPP-RESPONSE-PENDING " +#define DPP_EVENT_SCAN_PEER_QR_CODE "DPP-SCAN-PEER-QR-CODE " +#define DPP_EVENT_AUTH_DIRECTION "DPP-AUTH-DIRECTION " +#define DPP_EVENT_CONF_RECEIVED "DPP-CONF-RECEIVED " +#define DPP_EVENT_CONF_SENT "DPP-CONF-SENT " +#define DPP_EVENT_CONF_FAILED "DPP-CONF-FAILED " +#define DPP_EVENT_CONFOBJ_AKM "DPP-CONFOBJ-AKM " +#define DPP_EVENT_CONFOBJ_SSID "DPP-CONFOBJ-SSID " +#define DPP_EVENT_CONFOBJ_PASS "DPP-CONFOBJ-PASS " +#define DPP_EVENT_CONFOBJ_PSK "DPP-CONFOBJ-PSK " +#define DPP_EVENT_CONNECTOR "DPP-CONNECTOR " +#define DPP_EVENT_C_SIGN_KEY "DPP-C-SIGN-KEY " +#define DPP_EVENT_NET_ACCESS_KEY "DPP-NET-ACCESS-KEY " +#define DPP_EVENT_MISSING_CONNECTOR "DPP-MISSING-CONNECTOR " +#define DPP_EVENT_NETWORK_ID "DPP-NETWORK-ID " +#define DPP_EVENT_RX "DPP-RX " +#define DPP_EVENT_TX "DPP-TX " +#define DPP_EVENT_TX_STATUS "DPP-TX-STATUS " +#define DPP_EVENT_FAIL "DPP-FAIL " +#define DPP_EVENT_PKEX_T_LIMIT "DPP-PKEX-T-LIMIT " +#define DPP_EVENT_INTRO "DPP-INTRO " +#define DPP_EVENT_CONF_REQ_RX "DPP-CONF-REQ-RX " + /* MESH events */ #define MESH_GROUP_STARTED "MESH-GROUP-STARTED " #define MESH_GROUP_REMOVED "MESH-GROUP-REMOVED " @@ -232,9 +273,14 @@ extern "C" { #define RX_HS20_ANQP "RX-HS20-ANQP " #define RX_HS20_ANQP_ICON "RX-HS20-ANQP-ICON " #define RX_HS20_ICON "RX-HS20-ICON " +#define RX_MBO_ANQP "RX-MBO-ANQP " + +/* parameters: <Venue Number> <Venue URL> */ +#define RX_VENUE_URL "RX-VENUE-URL " #define HS20_SUBSCRIPTION_REMEDIATION "HS20-SUBSCRIPTION-REMEDIATION " #define HS20_DEAUTH_IMMINENT_NOTICE "HS20-DEAUTH-IMMINENT-NOTICE " +#define HS20_T_C_ACCEPTANCE "HS20-T-C-ACCEPTANCE " #define EXT_RADIO_WORK_START "EXT-RADIO-WORK-START " #define EXT_RADIO_WORK_TIMEOUT "EXT-RADIO-WORK-TIMEOUT " @@ -258,6 +304,9 @@ extern "C" { #define AP_REJECTED_MAX_STA "AP-REJECTED-MAX-STA " #define AP_REJECTED_BLOCKED_STA "AP-REJECTED-BLOCKED-STA " +#define HS20_T_C_FILTERING_ADD "HS20-T-C-FILTERING-ADD " +#define HS20_T_C_FILTERING_REMOVE "HS20-T-C-FILTERING-REMOVE " + #define AP_EVENT_ENABLED "AP-ENABLED " #define AP_EVENT_DISABLED "AP-DISABLED " @@ -273,6 +322,7 @@ extern "C" { #define DFS_EVENT_CAC_START "DFS-CAC-START " #define DFS_EVENT_CAC_COMPLETED "DFS-CAC-COMPLETED " #define DFS_EVENT_NOP_FINISHED "DFS-NOP-FINISHED " +#define DFS_EVENT_PRE_CAC_EXPIRED "DFS-PRE-CAC-EXPIRED " #define AP_CSA_FINISHED "AP-CSA-FINISHED " @@ -282,12 +332,46 @@ extern "C" { /* BSS Transition Management Response frame received */ #define BSS_TM_RESP "BSS-TM-RESP " +/* Collocated Interference Request frame received; + * parameters: <dialog token> <automatic report enabled> <report timeout> */ +#define COLOC_INTF_REQ "COLOC-INTF-REQ " +/* Collocated Interference Report frame received; + * parameters: <STA address> <dialog token> <hexdump of report elements> */ +#define COLOC_INTF_REPORT "COLOC-INTF-REPORT " + /* MBO IE with cellular data connection preference received */ #define MBO_CELL_PREFERENCE "MBO-CELL-PREFERENCE " /* BSS Transition Management Request received with MBO transition reason */ #define MBO_TRANSITION_REASON "MBO-TRANSITION-REASON " +/* parameters: <STA address> <dialog token> <ack=0/1> */ +#define BEACON_REQ_TX_STATUS "BEACON-REQ-TX-STATUS " +/* parameters: <STA address> <dialog token> <report mode> <beacon report> */ +#define BEACON_RESP_RX "BEACON-RESP-RX " + +/* PMKSA cache entry added; parameters: <BSSID> <network_id> */ +#define PMKSA_CACHE_ADDED "PMKSA-CACHE-ADDED " +/* PMKSA cache entry removed; parameters: <BSSID> <network_id> */ +#define PMKSA_CACHE_REMOVED "PMKSA-CACHE-REMOVED " + +/* FILS HLP Container receive; parameters: dst=<addr> src=<addr> frame=<hexdump> + */ +#define FILS_HLP_RX "FILS-HLP-RX " + +/* Event to indicate Probe Request frame; + * parameters: sa=<STA MAC address> signal=<signal> */ +#define RX_PROBE_REQUEST "RX-PROBE-REQUEST " + +/* Event to indicate station's HT/VHT operation mode change information */ +#define STA_OPMODE_MAX_BW_CHANGED "STA-OPMODE-MAX-BW-CHANGED " +#define STA_OPMODE_SMPS_MODE_CHANGED "STA-OPMODE-SMPS-MODE-CHANGED " +#define STA_OPMODE_N_SS_CHANGED "STA-OPMODE-N_SS-CHANGED " + +/* New interface addition or removal for 4addr WDS SDA */ +#define WDS_STA_INTERFACE_ADDED "WDS-STA-INTERFACE-ADDED " +#define WDS_STA_INTERFACE_REMOVED "WDS-STA-INTERFACE-REMOVED " + /* BSS command information masks */ #define WPA_BSS_MASK_ALL 0xFFFDFFFF @@ -313,6 +397,9 @@ extern "C" { #define WPA_BSS_MASK_SNR BIT(19) #define WPA_BSS_MASK_EST_THROUGHPUT BIT(20) #define WPA_BSS_MASK_FST BIT(21) +#define WPA_BSS_MASK_UPDATE_IDX BIT(22) +#define WPA_BSS_MASK_BEACON_IE BIT(23) +#define WPA_BSS_MASK_FILS_INDICATION BIT(24) /* VENDOR_ELEM_* frame id values */ @@ -386,7 +473,7 @@ void wpa_ctrl_close(struct wpa_ctrl *ctrl); * * This function is used to send commands to wpa_supplicant/hostapd. Received * response will be written to reply and reply_len is set to the actual length - * of the reply. This function will block for up to two seconds while waiting + * of the reply. This function will block for up to 10 seconds while waiting * for the reply. If unsolicited messages are received, the blocking time may * be longer. * diff --git a/contrib/wpa/src/common/wpa_helpers.c b/contrib/wpa/src/common/wpa_helpers.c index f1594213f97f..8e1c09ec5929 100644 --- a/contrib/wpa/src/common/wpa_helpers.c +++ b/contrib/wpa/src/common/wpa_helpers.c @@ -222,7 +222,8 @@ int wait_ip_addr(const char *ifname, int timeout) if (get_wpa_status(ifname, "ip_address", ip, sizeof(ip)) == 0 && strlen(ip) > 0) { printf("IP address found: '%s'\n", ip); - return 0; + if (strncmp(ip, "169.254.", 8) != 0) + return 0; } ctrl = wpa_open_ctrl(ifname); if (ctrl == NULL) diff --git a/contrib/wpa/src/crypto/aes-ctr.c b/contrib/wpa/src/crypto/aes-ctr.c index d4d874daacd0..e27f3bbd0706 100644 --- a/contrib/wpa/src/crypto/aes-ctr.c +++ b/contrib/wpa/src/crypto/aes-ctr.c @@ -1,5 +1,5 @@ /* - * AES-128 CTR + * AES-128/192/256 CTR * * Copyright (c) 2003-2007, Jouni Malinen <j@w1.fi> * @@ -14,15 +14,16 @@ #include "aes_wrap.h" /** - * aes_128_ctr_encrypt - AES-128 CTR mode encryption - * @key: Key for encryption (16 bytes) + * aes_ctr_encrypt - AES-128/192/256 CTR mode encryption + * @key: Key for encryption (key_len bytes) + * @key_len: Length of the key (16, 24, or 32 bytes) * @nonce: Nonce for counter mode (16 bytes) * @data: Data to encrypt in-place * @data_len: Length of data in bytes * Returns: 0 on success, -1 on failure */ -int aes_128_ctr_encrypt(const u8 *key, const u8 *nonce, - u8 *data, size_t data_len) +int aes_ctr_encrypt(const u8 *key, size_t key_len, const u8 *nonce, + u8 *data, size_t data_len) { void *ctx; size_t j, len, left = data_len; @@ -30,7 +31,7 @@ int aes_128_ctr_encrypt(const u8 *key, const u8 *nonce, u8 *pos = data; u8 counter[AES_BLOCK_SIZE], buf[AES_BLOCK_SIZE]; - ctx = aes_encrypt_init(key, 16); + ctx = aes_encrypt_init(key, key_len); if (ctx == NULL) return -1; os_memcpy(counter, nonce, AES_BLOCK_SIZE); @@ -53,3 +54,18 @@ int aes_128_ctr_encrypt(const u8 *key, const u8 *nonce, aes_encrypt_deinit(ctx); return 0; } + + +/** + * aes_128_ctr_encrypt - AES-128 CTR mode encryption + * @key: Key for encryption (key_len bytes) + * @nonce: Nonce for counter mode (16 bytes) + * @data: Data to encrypt in-place + * @data_len: Length of data in bytes + * Returns: 0 on success, -1 on failure + */ +int aes_128_ctr_encrypt(const u8 *key, const u8 *nonce, + u8 *data, size_t data_len) +{ + return aes_ctr_encrypt(key, 16, nonce, data, data_len); +} diff --git a/contrib/wpa/src/crypto/aes-internal-dec.c b/contrib/wpa/src/crypto/aes-internal-dec.c index 720c7036e4e7..748229594904 100644 --- a/contrib/wpa/src/crypto/aes-internal-dec.c +++ b/contrib/wpa/src/crypto/aes-internal-dec.c @@ -147,10 +147,12 @@ d##3 = TD0(s##3) ^ TD1(s##2) ^ TD2(s##1) ^ TD3(s##0) ^ rk[4 * i + 3] PUTU32(pt + 12, s3); } -void aes_decrypt(void *ctx, const u8 *crypt, u8 *plain) + +int aes_decrypt(void *ctx, const u8 *crypt, u8 *plain) { u32 *rk = ctx; rijndaelDecrypt(ctx, rk[AES_PRIV_NR_POS], crypt, plain); + return 0; } diff --git a/contrib/wpa/src/crypto/aes-internal-enc.c b/contrib/wpa/src/crypto/aes-internal-enc.c index f3c61b8508f3..9fdb4f35cb9b 100644 --- a/contrib/wpa/src/crypto/aes-internal-enc.c +++ b/contrib/wpa/src/crypto/aes-internal-enc.c @@ -112,10 +112,11 @@ void * aes_encrypt_init(const u8 *key, size_t len) } -void aes_encrypt(void *ctx, const u8 *plain, u8 *crypt) +int aes_encrypt(void *ctx, const u8 *plain, u8 *crypt) { u32 *rk = ctx; rijndaelEncrypt(ctx, rk[AES_PRIV_NR_POS], plain, crypt); + return 0; } diff --git a/contrib/wpa/src/crypto/aes-siv.c b/contrib/wpa/src/crypto/aes-siv.c index 5ac82c2e4b5c..b682f3ad565d 100644 --- a/contrib/wpa/src/crypto/aes-siv.c +++ b/contrib/wpa/src/crypto/aes-siv.c @@ -61,26 +61,33 @@ static void pad_block(u8 *pad, const u8 *addr, size_t len) } -static int aes_s2v(const u8 *key, size_t num_elem, const u8 *addr[], - size_t *len, u8 *mac) +static int aes_s2v(const u8 *key, size_t key_len, + size_t num_elem, const u8 *addr[], size_t *len, u8 *mac) { u8 tmp[AES_BLOCK_SIZE], tmp2[AES_BLOCK_SIZE]; u8 *buf = NULL; int ret; size_t i; + const u8 *data[1]; + size_t data_len[1]; if (!num_elem) { os_memcpy(tmp, zero, sizeof(zero)); tmp[AES_BLOCK_SIZE - 1] = 1; - return omac1_aes_128(key, tmp, sizeof(tmp), mac); + data[0] = tmp; + data_len[0] = sizeof(tmp); + return omac1_aes_vector(key, key_len, 1, data, data_len, mac); } - ret = omac1_aes_128(key, zero, sizeof(zero), tmp); + data[0] = zero; + data_len[0] = sizeof(zero); + ret = omac1_aes_vector(key, key_len, 1, data, data_len, tmp); if (ret) return ret; for (i = 0; i < num_elem - 1; i++) { - ret = omac1_aes_128(key, addr[i], len[i], tmp2); + ret = omac1_aes_vector(key, key_len, 1, &addr[i], &len[i], + tmp2); if (ret) return ret; @@ -88,13 +95,13 @@ static int aes_s2v(const u8 *key, size_t num_elem, const u8 *addr[], xor(tmp, tmp2); } if (len[i] >= AES_BLOCK_SIZE) { - buf = os_malloc(len[i]); + buf = os_memdup(addr[i], len[i]); if (!buf) return -ENOMEM; - os_memcpy(buf, addr[i], len[i]); xorend(buf, len[i], tmp, AES_BLOCK_SIZE); - ret = omac1_aes_128(key, buf, len[i], mac); + data[0] = buf; + ret = omac1_aes_vector(key, key_len, 1, data, &len[i], mac); bin_clear_free(buf, len[i]); return ret; } @@ -103,24 +110,32 @@ static int aes_s2v(const u8 *key, size_t num_elem, const u8 *addr[], pad_block(tmp2, addr[i], len[i]); xor(tmp, tmp2); - return omac1_aes_128(key, tmp, sizeof(tmp), mac); + data[0] = tmp; + data_len[0] = sizeof(tmp); + return omac1_aes_vector(key, key_len, 1, data, data_len, mac); } -int aes_siv_encrypt(const u8 *key, const u8 *pw, - size_t pwlen, size_t num_elem, - const u8 *addr[], const size_t *len, u8 *out) +int aes_siv_encrypt(const u8 *key, size_t key_len, + const u8 *pw, size_t pwlen, + size_t num_elem, const u8 *addr[], const size_t *len, + u8 *out) { const u8 *_addr[6]; size_t _len[6]; - const u8 *k1 = key, *k2 = key + 16; + const u8 *k1, *k2; u8 v[AES_BLOCK_SIZE]; size_t i; u8 *iv, *crypt_pw; - if (num_elem > ARRAY_SIZE(_addr) - 1) + if (num_elem > ARRAY_SIZE(_addr) - 1 || + (key_len != 32 && key_len != 48 && key_len != 64)) return -1; + key_len /= 2; + k1 = key; + k2 = key + key_len; + for (i = 0; i < num_elem; i++) { _addr[i] = addr[i]; _len[i] = len[i]; @@ -128,7 +143,7 @@ int aes_siv_encrypt(const u8 *key, const u8 *pw, _addr[num_elem] = pw; _len[num_elem] = pwlen; - if (aes_s2v(k1, num_elem + 1, _addr, _len, v)) + if (aes_s2v(k1, key_len, num_elem + 1, _addr, _len, v)) return -1; iv = out; @@ -140,26 +155,31 @@ int aes_siv_encrypt(const u8 *key, const u8 *pw, /* zero out 63rd and 31st bits of ctr (from right) */ v[8] &= 0x7f; v[12] &= 0x7f; - return aes_128_ctr_encrypt(k2, v, crypt_pw, pwlen); + return aes_ctr_encrypt(k2, key_len, v, crypt_pw, pwlen); } -int aes_siv_decrypt(const u8 *key, const u8 *iv_crypt, size_t iv_c_len, +int aes_siv_decrypt(const u8 *key, size_t key_len, + const u8 *iv_crypt, size_t iv_c_len, size_t num_elem, const u8 *addr[], const size_t *len, u8 *out) { const u8 *_addr[6]; size_t _len[6]; - const u8 *k1 = key, *k2 = key + 16; + const u8 *k1, *k2; size_t crypt_len; size_t i; int ret; u8 iv[AES_BLOCK_SIZE]; u8 check[AES_BLOCK_SIZE]; - if (iv_c_len < AES_BLOCK_SIZE || num_elem > ARRAY_SIZE(_addr) - 1) + if (iv_c_len < AES_BLOCK_SIZE || num_elem > ARRAY_SIZE(_addr) - 1 || + (key_len != 32 && key_len != 48 && key_len != 64)) return -1; crypt_len = iv_c_len - AES_BLOCK_SIZE; + key_len /= 2; + k1 = key; + k2 = key + key_len; for (i = 0; i < num_elem; i++) { _addr[i] = addr[i]; @@ -174,11 +194,11 @@ int aes_siv_decrypt(const u8 *key, const u8 *iv_crypt, size_t iv_c_len, iv[8] &= 0x7f; iv[12] &= 0x7f; - ret = aes_128_ctr_encrypt(k2, iv, out, crypt_len); + ret = aes_ctr_encrypt(k2, key_len, iv, out, crypt_len); if (ret) return ret; - ret = aes_s2v(k1, num_elem + 1, _addr, _len, check); + ret = aes_s2v(k1, key_len, num_elem + 1, _addr, _len, check); if (ret) return ret; if (os_memcmp(check, iv_crypt, AES_BLOCK_SIZE) == 0) diff --git a/contrib/wpa/src/crypto/aes.h b/contrib/wpa/src/crypto/aes.h index 2de59e04efa5..8ab3de2ee83f 100644 --- a/contrib/wpa/src/crypto/aes.h +++ b/contrib/wpa/src/crypto/aes.h @@ -12,10 +12,10 @@ #define AES_BLOCK_SIZE 16 void * aes_encrypt_init(const u8 *key, size_t len); -void aes_encrypt(void *ctx, const u8 *plain, u8 *crypt); +int aes_encrypt(void *ctx, const u8 *plain, u8 *crypt); void aes_encrypt_deinit(void *ctx); void * aes_decrypt_init(const u8 *key, size_t len); -void aes_decrypt(void *ctx, const u8 *crypt, u8 *plain); +int aes_decrypt(void *ctx, const u8 *crypt, u8 *plain); void aes_decrypt_deinit(void *ctx); #endif /* AES_H */ diff --git a/contrib/wpa/src/crypto/aes_siv.h b/contrib/wpa/src/crypto/aes_siv.h index 463cf6536107..fb05d80c1f12 100644 --- a/contrib/wpa/src/crypto/aes_siv.h +++ b/contrib/wpa/src/crypto/aes_siv.h @@ -9,10 +9,12 @@ #ifndef AES_SIV_H #define AES_SIV_H -int aes_siv_encrypt(const u8 *key, const u8 *pw, - size_t pwlen, size_t num_elem, - const u8 *addr[], const size_t *len, u8 *out); -int aes_siv_decrypt(const u8 *key, const u8 *iv_crypt, size_t iv_c_len, +int aes_siv_encrypt(const u8 *key, size_t key_len, + const u8 *pw, size_t pwlen, + size_t num_elem, const u8 *addr[], const size_t *len, + u8 *out); +int aes_siv_decrypt(const u8 *key, size_t key_len, + const u8 *iv_crypt, size_t iv_c_len, size_t num_elem, const u8 *addr[], const size_t *len, u8 *out); diff --git a/contrib/wpa/src/crypto/aes_wrap.h b/contrib/wpa/src/crypto/aes_wrap.h index 4a142093b0d6..b70b1d26e550 100644 --- a/contrib/wpa/src/crypto/aes_wrap.h +++ b/contrib/wpa/src/crypto/aes_wrap.h @@ -3,7 +3,7 @@ * * - AES Key Wrap Algorithm (RFC3394) * - One-Key CBC MAC (OMAC1) hash with AES-128 and AES-256 - * - AES-128 CTR mode encryption + * - AES-128/192/256 CTR mode encryption * - AES-128 EAX mode encryption/decryption * - AES-128 CBC * - AES-GCM @@ -33,6 +33,8 @@ int __must_check omac1_aes_128(const u8 *key, const u8 *data, size_t data_len, int __must_check omac1_aes_256(const u8 *key, const u8 *data, size_t data_len, u8 *mac); int __must_check aes_128_encrypt_block(const u8 *key, const u8 *in, u8 *out); +int __must_check aes_ctr_encrypt(const u8 *key, size_t key_len, const u8 *nonce, + u8 *data, size_t data_len); int __must_check aes_128_ctr_encrypt(const u8 *key, const u8 *nonce, u8 *data, size_t data_len); int __must_check aes_128_eax_encrypt(const u8 *key, diff --git a/contrib/wpa/src/crypto/crypto.h b/contrib/wpa/src/crypto/crypto.h index bdc3ba6f37e0..507b7cab86fc 100644 --- a/contrib/wpa/src/crypto/crypto.h +++ b/contrib/wpa/src/crypto/crypto.h @@ -1,6 +1,6 @@ /* * Wrapper functions for crypto libraries - * Copyright (c) 2004-2013, Jouni Malinen <j@w1.fi> + * Copyright (c) 2004-2017, Jouni Malinen <j@w1.fi> * * This software may be distributed under the terms of the BSD license. * See README for more details. @@ -106,8 +106,9 @@ int sha512_vector(size_t num_elem, const u8 *addr[], const size_t *len, * @clear: 8 octets (in) * @key: 7 octets (in) (no parity bits included) * @cypher: 8 octets (out) + * Returns: 0 on success, -1 on failure */ -void des_encrypt(const u8 *clear, const u8 *key, u8 *cypher); +int des_encrypt(const u8 *clear, const u8 *key, u8 *cypher); /** * aes_encrypt_init - Initialize AES for encryption @@ -122,8 +123,9 @@ void * aes_encrypt_init(const u8 *key, size_t len); * @ctx: Context pointer from aes_encrypt_init() * @plain: Plaintext data to be encrypted (16 bytes) * @crypt: Buffer for the encrypted data (16 bytes) + * Returns: 0 on success, -1 on failure */ -void aes_encrypt(void *ctx, const u8 *plain, u8 *crypt); +int aes_encrypt(void *ctx, const u8 *plain, u8 *crypt); /** * aes_encrypt_deinit - Deinitialize AES encryption @@ -144,8 +146,9 @@ void * aes_decrypt_init(const u8 *key, size_t len); * @ctx: Context pointer from aes_encrypt_init() * @crypt: Encrypted data (16 bytes) * @plain: Buffer for the decrypted data (16 bytes) + * Returns: 0 on success, -1 on failure */ -void aes_decrypt(void *ctx, const u8 *crypt, u8 *plain); +int aes_decrypt(void *ctx, const u8 *crypt, u8 *plain); /** * aes_decrypt_deinit - Deinitialize AES decryption @@ -414,6 +417,13 @@ int __must_check crypto_public_key_decrypt_pkcs1( struct crypto_public_key *key, const u8 *crypt, size_t crypt_len, u8 *plain, size_t *plain_len); +int crypto_dh_init(u8 generator, const u8 *prime, size_t prime_len, u8 *privkey, + u8 *pubkey); +int crypto_dh_derive_secret(u8 generator, const u8 *prime, size_t prime_len, + const u8 *privkey, size_t privkey_len, + const u8 *pubkey, size_t pubkey_len, + u8 *secret, size_t *len); + /** * crypto_global_init - Initialize crypto wrapper * @@ -526,6 +536,14 @@ int crypto_bignum_to_bin(const struct crypto_bignum *a, u8 *buf, size_t buflen, size_t padlen); /** + * crypto_bignum_rand - Create a random number in range of modulus + * @r: Bignum; set to a random value + * @m: Bignum; modulus + * Returns: 0 on success, -1 on failure + */ +int crypto_bignum_rand(struct crypto_bignum *r, const struct crypto_bignum *m); + +/** * crypto_bignum_add - c = a + b * @a: Bignum * @b: Bignum @@ -607,6 +625,16 @@ int crypto_bignum_mulmod(const struct crypto_bignum *a, struct crypto_bignum *d); /** + * crypto_bignum_rshift - r = a >> n + * @a: Bignum + * @n: Number of bits + * @r: Bignum; used to store the result of a >> n + * Returns: 0 on success, -1 on failure + */ +int crypto_bignum_rshift(const struct crypto_bignum *a, int n, + struct crypto_bignum *r); + +/** * crypto_bignum_cmp - Compare two bignums * @a: Bignum * @b: Bignum @@ -637,6 +665,13 @@ int crypto_bignum_is_zero(const struct crypto_bignum *a); int crypto_bignum_is_one(const struct crypto_bignum *a); /** + * crypto_bignum_is_odd - Is the given bignum odd + * @a: Bignum + * Returns: 1 if @a is odd or 0 if not + */ +int crypto_bignum_is_odd(const struct crypto_bignum *a); + +/** * crypto_bignum_legendre - Compute the Legendre symbol (a/p) * @a: Bignum * @p: Bignum @@ -668,6 +703,14 @@ struct crypto_ec * crypto_ec_init(int group); void crypto_ec_deinit(struct crypto_ec *e); /** + * crypto_ec_cofactor - Set the cofactor into the big number + * @e: EC context from crypto_ec_init() + * @cofactor: Cofactor of curve. + * Returns: 0 on success, -1 on failure + */ +int crypto_ec_cofactor(struct crypto_ec *e, struct crypto_bignum *cofactor); + +/** * crypto_ec_prime_len - Get length of the prime in octets * @e: EC context from crypto_ec_init() * Returns: Length of the prime defining the group @@ -682,6 +725,13 @@ size_t crypto_ec_prime_len(struct crypto_ec *e); size_t crypto_ec_prime_len_bits(struct crypto_ec *e); /** + * crypto_ec_order_len - Get length of the order in octets + * @e: EC context from crypto_ec_init() + * Returns: Length of the order defining the group + */ +size_t crypto_ec_order_len(struct crypto_ec *e); + +/** * crypto_ec_get_prime - Get prime defining an EC group * @e: EC context from crypto_ec_init() * Returns: Prime (bignum) defining the group @@ -718,6 +768,16 @@ struct crypto_ec_point * crypto_ec_point_init(struct crypto_ec *e); void crypto_ec_point_deinit(struct crypto_ec_point *p, int clear); /** + * crypto_ec_point_x - Copies the x-ordinate point into big number + * @e: EC context from crypto_ec_init() + * @p: EC point data + * @x: Big number to set to the copy of x-ordinate + * Returns: 0 on success, -1 on failure + */ +int crypto_ec_point_x(struct crypto_ec *e, const struct crypto_ec_point *p, + struct crypto_bignum *x); + +/** * crypto_ec_point_to_bin - Write EC point value as binary data * @e: EC context from crypto_ec_init() * @p: EC point data from crypto_ec_point_init() @@ -746,7 +806,7 @@ struct crypto_ec_point * crypto_ec_point_from_bin(struct crypto_ec *e, const u8 *val); /** - * crypto_bignum_add - c = a + b + * crypto_ec_point_add - c = a + b * @e: EC context from crypto_ec_init() * @a: Bignum * @b: Bignum @@ -758,7 +818,7 @@ int crypto_ec_point_add(struct crypto_ec *e, const struct crypto_ec_point *a, struct crypto_ec_point *c); /** - * crypto_bignum_mul - res = b * p + * crypto_ec_point_mul - res = b * p * @e: EC context from crypto_ec_init() * @p: EC point * @b: Bignum @@ -829,4 +889,12 @@ int crypto_ec_point_cmp(const struct crypto_ec *e, const struct crypto_ec_point *a, const struct crypto_ec_point *b); +struct crypto_ecdh; + +struct crypto_ecdh * crypto_ecdh_init(int group); +struct wpabuf * crypto_ecdh_get_pubkey(struct crypto_ecdh *ecdh, int inc_y); +struct wpabuf * crypto_ecdh_set_peerkey(struct crypto_ecdh *ecdh, int inc_y, + const u8 *key, size_t len); +void crypto_ecdh_deinit(struct crypto_ecdh *ecdh); + #endif /* CRYPTO_H */ diff --git a/contrib/wpa/src/crypto/crypto_gnutls.c b/contrib/wpa/src/crypto/crypto_gnutls.c index 0dfd54d22d47..7a797b5c359d 100644 --- a/contrib/wpa/src/crypto/crypto_gnutls.c +++ b/contrib/wpa/src/crypto/crypto_gnutls.c @@ -1,6 +1,6 @@ /* * WPA Supplicant / wrapper functions for libgcrypt - * Copyright (c) 2004-2009, Jouni Malinen <j@w1.fi> + * Copyright (c) 2004-2017, Jouni Malinen <j@w1.fi> * * This software may be distributed under the terms of the BSD license. * See README for more details. @@ -10,27 +10,42 @@ #include <gcrypt.h> #include "common.h" +#include "md5.h" +#include "sha1.h" +#include "sha256.h" +#include "sha384.h" +#include "sha512.h" #include "crypto.h" -int md4_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac) +static int gnutls_digest_vector(int algo, size_t num_elem, + const u8 *addr[], const size_t *len, u8 *mac) { gcry_md_hd_t hd; unsigned char *p; size_t i; - if (gcry_md_open(&hd, GCRY_MD_MD4, 0) != GPG_ERR_NO_ERROR) + if (TEST_FAIL()) + return -1; + + if (gcry_md_open(&hd, algo, 0) != GPG_ERR_NO_ERROR) return -1; for (i = 0; i < num_elem; i++) gcry_md_write(hd, addr[i], len[i]); - p = gcry_md_read(hd, GCRY_MD_MD4); + p = gcry_md_read(hd, algo); if (p) - memcpy(mac, p, gcry_md_get_algo_dlen(GCRY_MD_MD4)); + memcpy(mac, p, gcry_md_get_algo_dlen(algo)); gcry_md_close(hd); return 0; } -void des_encrypt(const u8 *clear, const u8 *key, u8 *cypher) +int md4_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac) +{ + return gnutls_digest_vector(GCRY_MD_MD4, num_elem, addr, len, mac); +} + + +int des_encrypt(const u8 *clear, const u8 *key, u8 *cypher) { gcry_cipher_hd_t hd; u8 pkey[8], next, tmp; @@ -49,49 +64,161 @@ void des_encrypt(const u8 *clear, const u8 *key, u8 *cypher) gcry_err_code(gcry_cipher_setkey(hd, pkey, 8)); gcry_cipher_encrypt(hd, cypher, 8, clear, 8); gcry_cipher_close(hd); + return 0; } int md5_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac) { - gcry_md_hd_t hd; - unsigned char *p; - size_t i; - - if (gcry_md_open(&hd, GCRY_MD_MD5, 0) != GPG_ERR_NO_ERROR) - return -1; - for (i = 0; i < num_elem; i++) - gcry_md_write(hd, addr[i], len[i]); - p = gcry_md_read(hd, GCRY_MD_MD5); - if (p) - memcpy(mac, p, gcry_md_get_algo_dlen(GCRY_MD_MD5)); - gcry_md_close(hd); - return 0; + return gnutls_digest_vector(GCRY_MD_MD5, num_elem, addr, len, mac); } int sha1_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac) { + return gnutls_digest_vector(GCRY_MD_SHA1, num_elem, addr, len, mac); +} + + +int sha256_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac) +{ + return gnutls_digest_vector(GCRY_MD_SHA256, num_elem, addr, len, mac); +} + + +int sha384_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac) +{ + return gnutls_digest_vector(GCRY_MD_SHA384, num_elem, addr, len, mac); +} + + +int sha512_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac) +{ + return gnutls_digest_vector(GCRY_MD_SHA512, num_elem, addr, len, mac); +} + + +static int gnutls_hmac_vector(int algo, const u8 *key, size_t key_len, + size_t num_elem, const u8 *addr[], + const size_t *len, u8 *mac) +{ gcry_md_hd_t hd; unsigned char *p; size_t i; - if (gcry_md_open(&hd, GCRY_MD_SHA1, 0) != GPG_ERR_NO_ERROR) + if (TEST_FAIL()) + return -1; + + if (gcry_md_open(&hd, algo, GCRY_MD_FLAG_HMAC) != GPG_ERR_NO_ERROR) + return -1; + if (gcry_md_setkey(hd, key, key_len) != GPG_ERR_NO_ERROR) { + gcry_md_close(hd); return -1; + } for (i = 0; i < num_elem; i++) gcry_md_write(hd, addr[i], len[i]); - p = gcry_md_read(hd, GCRY_MD_SHA1); + p = gcry_md_read(hd, algo); if (p) - memcpy(mac, p, gcry_md_get_algo_dlen(GCRY_MD_SHA1)); + memcpy(mac, p, gcry_md_get_algo_dlen(algo)); gcry_md_close(hd); return 0; } +int hmac_md5_vector(const u8 *key, size_t key_len, size_t num_elem, + const u8 *addr[], const size_t *len, u8 *mac) +{ + return gnutls_hmac_vector(GCRY_MD_MD5, key, key_len, num_elem, addr, + len, mac); +} + + +int hmac_md5(const u8 *key, size_t key_len, const u8 *data, size_t data_len, + u8 *mac) +{ + return hmac_md5_vector(key, key_len, 1, &data, &data_len, mac); +} + + +int hmac_sha1_vector(const u8 *key, size_t key_len, size_t num_elem, + const u8 *addr[], const size_t *len, u8 *mac) +{ + return gnutls_hmac_vector(GCRY_MD_SHA1, key, key_len, num_elem, addr, + len, mac); +} + + +int hmac_sha1(const u8 *key, size_t key_len, const u8 *data, size_t data_len, + u8 *mac) +{ + return hmac_sha1_vector(key, key_len, 1, &data, &data_len, mac); +} + + +#ifdef CONFIG_SHA256 + +int hmac_sha256_vector(const u8 *key, size_t key_len, size_t num_elem, + const u8 *addr[], const size_t *len, u8 *mac) +{ + return gnutls_hmac_vector(GCRY_MD_SHA256, key, key_len, num_elem, addr, + len, mac); +} + + +int hmac_sha256(const u8 *key, size_t key_len, const u8 *data, + size_t data_len, u8 *mac) +{ + return hmac_sha256_vector(key, key_len, 1, &data, &data_len, mac); +} + +#endif /* CONFIG_SHA256 */ + + +#ifdef CONFIG_SHA384 + +int hmac_sha384_vector(const u8 *key, size_t key_len, size_t num_elem, + const u8 *addr[], const size_t *len, u8 *mac) +{ + return gnutls_hmac_vector(GCRY_MD_SHA384, key, key_len, num_elem, addr, + len, mac); +} + + +int hmac_sha384(const u8 *key, size_t key_len, const u8 *data, + size_t data_len, u8 *mac) +{ + return hmac_sha384_vector(key, key_len, 1, &data, &data_len, mac); +} + +#endif /* CONFIG_SHA384 */ + + +#ifdef CONFIG_SHA512 + +int hmac_sha512_vector(const u8 *key, size_t key_len, size_t num_elem, + const u8 *addr[], const size_t *len, u8 *mac) +{ + return gnutls_hmac_vector(GCRY_MD_SHA512, key, key_len, num_elem, addr, + len, mac); +} + + +int hmac_sha512(const u8 *key, size_t key_len, const u8 *data, + size_t data_len, u8 *mac) +{ + return hmac_sha512_vector(key, key_len, 1, &data, &data_len, mac); +} + +#endif /* CONFIG_SHA512 */ + + void * aes_encrypt_init(const u8 *key, size_t len) { gcry_cipher_hd_t hd; + if (TEST_FAIL()) + return NULL; + if (gcry_cipher_open(&hd, GCRY_CIPHER_AES, GCRY_CIPHER_MODE_ECB, 0) != GPG_ERR_NO_ERROR) { printf("cipher open failed\n"); @@ -107,10 +234,11 @@ void * aes_encrypt_init(const u8 *key, size_t len) } -void aes_encrypt(void *ctx, const u8 *plain, u8 *crypt) +int aes_encrypt(void *ctx, const u8 *plain, u8 *crypt) { gcry_cipher_hd_t hd = ctx; gcry_cipher_encrypt(hd, crypt, 16, plain, 16); + return 0; } @@ -125,6 +253,9 @@ void * aes_decrypt_init(const u8 *key, size_t len) { gcry_cipher_hd_t hd; + if (TEST_FAIL()) + return NULL; + if (gcry_cipher_open(&hd, GCRY_CIPHER_AES, GCRY_CIPHER_MODE_ECB, 0) != GPG_ERR_NO_ERROR) return NULL; @@ -137,10 +268,11 @@ void * aes_decrypt_init(const u8 *key, size_t len) } -void aes_decrypt(void *ctx, const u8 *crypt, u8 *plain) +int aes_decrypt(void *ctx, const u8 *crypt, u8 *plain) { gcry_cipher_hd_t hd = ctx; gcry_cipher_decrypt(hd, plain, 16, crypt, 16); + return 0; } @@ -151,6 +283,42 @@ void aes_decrypt_deinit(void *ctx) } +int crypto_dh_init(u8 generator, const u8 *prime, size_t prime_len, u8 *privkey, + u8 *pubkey) +{ + size_t pubkey_len, pad; + + if (os_get_random(privkey, prime_len) < 0) + return -1; + if (os_memcmp(privkey, prime, prime_len) > 0) { + /* Make sure private value is smaller than prime */ + privkey[0] = 0; + } + + pubkey_len = prime_len; + if (crypto_mod_exp(&generator, 1, privkey, prime_len, prime, prime_len, + pubkey, &pubkey_len) < 0) + return -1; + if (pubkey_len < prime_len) { + pad = prime_len - pubkey_len; + os_memmove(pubkey + pad, pubkey, pubkey_len); + os_memset(pubkey, 0, pad); + } + + return 0; +} + + +int crypto_dh_derive_secret(u8 generator, const u8 *prime, size_t prime_len, + const u8 *privkey, size_t privkey_len, + const u8 *pubkey, size_t pubkey_len, + u8 *secret, size_t *len) +{ + return crypto_mod_exp(pubkey, pubkey_len, privkey, privkey_len, + prime, prime_len, secret, len); +} + + int crypto_mod_exp(const u8 *base, size_t base_len, const u8 *power, size_t power_len, const u8 *modulus, size_t modulus_len, diff --git a/contrib/wpa/src/crypto/crypto_internal-modexp.c b/contrib/wpa/src/crypto/crypto_internal-modexp.c index 9dcabb95bdd2..92581ac676d3 100644 --- a/contrib/wpa/src/crypto/crypto_internal-modexp.c +++ b/contrib/wpa/src/crypto/crypto_internal-modexp.c @@ -13,6 +13,42 @@ #include "crypto.h" +int crypto_dh_init(u8 generator, const u8 *prime, size_t prime_len, u8 *privkey, + u8 *pubkey) +{ + size_t pubkey_len, pad; + + if (os_get_random(privkey, prime_len) < 0) + return -1; + if (os_memcmp(privkey, prime, prime_len) > 0) { + /* Make sure private value is smaller than prime */ + privkey[0] = 0; + } + + pubkey_len = prime_len; + if (crypto_mod_exp(&generator, 1, privkey, prime_len, prime, prime_len, + pubkey, &pubkey_len) < 0) + return -1; + if (pubkey_len < prime_len) { + pad = prime_len - pubkey_len; + os_memmove(pubkey + pad, pubkey, pubkey_len); + os_memset(pubkey, 0, pad); + } + + return 0; +} + + +int crypto_dh_derive_secret(u8 generator, const u8 *prime, size_t prime_len, + const u8 *privkey, size_t privkey_len, + const u8 *pubkey, size_t pubkey_len, + u8 *secret, size_t *len) +{ + return crypto_mod_exp(pubkey, pubkey_len, privkey, privkey_len, + prime, prime_len, secret, len); +} + + int crypto_mod_exp(const u8 *base, size_t base_len, const u8 *power, size_t power_len, const u8 *modulus, size_t modulus_len, diff --git a/contrib/wpa/src/crypto/crypto_libtomcrypt.c b/contrib/wpa/src/crypto/crypto_libtomcrypt.c index a55edd14e2d3..259f99500bcd 100644 --- a/contrib/wpa/src/crypto/crypto_libtomcrypt.c +++ b/contrib/wpa/src/crypto/crypto_libtomcrypt.c @@ -35,7 +35,7 @@ int md4_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac) } -void des_encrypt(const u8 *clear, const u8 *key, u8 *cypher) +int des_encrypt(const u8 *clear, const u8 *key, u8 *cypher) { u8 pkey[8], next, tmp; int i; @@ -53,6 +53,7 @@ void des_encrypt(const u8 *clear, const u8 *key, u8 *cypher) des_setup(pkey, 8, 0, &skey); des_ecb_encrypt(clear, cypher, &skey); des_done(&skey); + return 0; } @@ -96,10 +97,10 @@ void * aes_encrypt_init(const u8 *key, size_t len) } -void aes_encrypt(void *ctx, const u8 *plain, u8 *crypt) +int aes_encrypt(void *ctx, const u8 *plain, u8 *crypt) { symmetric_key *skey = ctx; - aes_ecb_encrypt(plain, crypt, skey); + return aes_ecb_encrypt(plain, crypt, skey) == CRYPT_OK ? 0 : -1; } @@ -125,10 +126,10 @@ void * aes_decrypt_init(const u8 *key, size_t len) } -void aes_decrypt(void *ctx, const u8 *crypt, u8 *plain) +int aes_decrypt(void *ctx, const u8 *crypt, u8 *plain) { symmetric_key *skey = ctx; - aes_ecb_encrypt(plain, (u8 *) crypt, skey); + return aes_ecb_encrypt(plain, (u8 *) crypt, skey) == CRYPT_OK ? 0 : -1; } @@ -297,7 +298,7 @@ struct crypto_cipher { struct crypto_cipher * crypto_cipher_init(enum crypto_cipher_alg alg, const u8 *iv, const u8 *key, size_t key_len) -{ +{ struct crypto_cipher *ctx; int idx, res, rc4 = 0; @@ -693,6 +694,42 @@ void crypto_global_deinit(void) #ifdef CONFIG_MODEXP +int crypto_dh_init(u8 generator, const u8 *prime, size_t prime_len, u8 *privkey, + u8 *pubkey) +{ + size_t pubkey_len, pad; + + if (os_get_random(privkey, prime_len) < 0) + return -1; + if (os_memcmp(privkey, prime, prime_len) > 0) { + /* Make sure private value is smaller than prime */ + privkey[0] = 0; + } + + pubkey_len = prime_len; + if (crypto_mod_exp(&generator, 1, privkey, prime_len, prime, prime_len, + pubkey, &pubkey_len) < 0) + return -1; + if (pubkey_len < prime_len) { + pad = prime_len - pubkey_len; + os_memmove(pubkey + pad, pubkey, pubkey_len); + os_memset(pubkey, 0, pad); + } + + return 0; +} + + +int crypto_dh_derive_secret(u8 generator, const u8 *prime, size_t prime_len, + const u8 *privkey, size_t privkey_len, + const u8 *pubkey, size_t pubkey_len, + u8 *secret, size_t *len) +{ + return crypto_mod_exp(pubkey, pubkey_len, privkey, privkey_len, + prime, prime_len, secret, len); +} + + int crypto_mod_exp(const u8 *base, size_t base_len, const u8 *power, size_t power_len, const u8 *modulus, size_t modulus_len, diff --git a/contrib/wpa/src/crypto/crypto_linux.c b/contrib/wpa/src/crypto/crypto_linux.c new file mode 100644 index 000000000000..8099193bf068 --- /dev/null +++ b/contrib/wpa/src/crypto/crypto_linux.c @@ -0,0 +1,1006 @@ +/* + * Crypto wrapper for Linux kernel AF_ALG + * Copyright (c) 2017, Jouni Malinen <j@w1.fi> + * + * This software may be distributed under the terms of the BSD license. + * See README for more details. + */ + +#include "includes.h" +#include <linux/if_alg.h> + +#include "common.h" +#include "crypto.h" +#include "md5.h" +#include "sha1.h" +#include "sha256.h" +#include "sha384.h" +#include "aes.h" + + +#ifndef SOL_ALG +#define SOL_ALG 279 +#endif /* SOL_ALG */ + + +static int linux_af_alg_socket(const char *type, const char *name) +{ + struct sockaddr_alg sa; + int s; + + if (TEST_FAIL()) + return -1; + + s = socket(AF_ALG, SOCK_SEQPACKET, 0); + if (s < 0) { + wpa_printf(MSG_ERROR, "%s: Failed to open AF_ALG socket: %s", + __func__, strerror(errno)); + return -1; + } + + os_memset(&sa, 0, sizeof(sa)); + sa.salg_family = AF_ALG; + os_strlcpy((char *) sa.salg_type, type, sizeof(sa.salg_type)); + os_strlcpy((char *) sa.salg_name, name, sizeof(sa.salg_type)); + if (bind(s, (struct sockaddr *) &sa, sizeof(sa)) < 0) { + wpa_printf(MSG_ERROR, + "%s: Failed to bind AF_ALG socket(%s,%s): %s", + __func__, type, name, strerror(errno)); + close(s); + return -1; + } + + return s; +} + + +static int linux_af_alg_hash_vector(const char *alg, const u8 *key, + size_t key_len, size_t num_elem, + const u8 *addr[], const size_t *len, + u8 *mac, size_t mac_len) +{ + int s, t; + size_t i; + ssize_t res; + int ret = -1; + + s = linux_af_alg_socket("hash", alg); + if (s < 0) + return -1; + + if (key && setsockopt(s, SOL_ALG, ALG_SET_KEY, key, key_len) < 0) { + wpa_printf(MSG_ERROR, "%s: setsockopt(ALG_SET_KEY) failed: %s", + __func__, strerror(errno)); + close(s); + return -1; + } + + t = accept(s, NULL, NULL); + if (t < 0) { + wpa_printf(MSG_ERROR, "%s: accept on AF_ALG socket failed: %s", + __func__, strerror(errno)); + close(s); + return -1; + } + + for (i = 0; i < num_elem; i++) { + res = send(t, addr[i], len[i], i + 1 < num_elem ? MSG_MORE : 0); + if (res < 0) { + wpa_printf(MSG_ERROR, + "%s: send on AF_ALG socket failed: %s", + __func__, strerror(errno)); + goto fail; + } + if ((size_t) res < len[i]) { + wpa_printf(MSG_ERROR, + "%s: send on AF_ALG socket did not accept full buffer (%d/%d)", + __func__, (int) res, (int) len[i]); + goto fail; + } + } + + res = recv(t, mac, mac_len, 0); + if (res < 0) { + wpa_printf(MSG_ERROR, + "%s: recv on AF_ALG socket failed: %s", + __func__, strerror(errno)); + goto fail; + } + if ((size_t) res < mac_len) { + wpa_printf(MSG_ERROR, + "%s: recv on AF_ALG socket did not return full buffer (%d/%d)", + __func__, (int) res, (int) mac_len); + goto fail; + } + + ret = 0; +fail: + close(t); + close(s); + + return ret; +} + + +int md4_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac) +{ + return linux_af_alg_hash_vector("md4", NULL, 0, num_elem, addr, len, + mac, 16); +} + + +int md5_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac) +{ + return linux_af_alg_hash_vector("md5", NULL, 0, num_elem, addr, len, + mac, MD5_MAC_LEN); +} + + +int sha1_vector(size_t num_elem, const u8 *addr[], const size_t *len, + u8 *mac) +{ + return linux_af_alg_hash_vector("sha1", NULL, 0, num_elem, addr, len, + mac, SHA1_MAC_LEN); +} + + +int sha256_vector(size_t num_elem, const u8 *addr[], const size_t *len, + u8 *mac) +{ + return linux_af_alg_hash_vector("sha256", NULL, 0, num_elem, addr, len, + mac, SHA256_MAC_LEN); +} + + +int sha384_vector(size_t num_elem, const u8 *addr[], const size_t *len, + u8 *mac) +{ + return linux_af_alg_hash_vector("sha384", NULL, 0, num_elem, addr, len, + mac, SHA384_MAC_LEN); +} + + +int sha512_vector(size_t num_elem, const u8 *addr[], const size_t *len, + u8 *mac) +{ + return linux_af_alg_hash_vector("sha512", NULL, 0, num_elem, addr, len, + mac, 64); +} + + +int hmac_md5_vector(const u8 *key, size_t key_len, size_t num_elem, + const u8 *addr[], const size_t *len, u8 *mac) +{ + return linux_af_alg_hash_vector("hmac(md5)", key, key_len, num_elem, + addr, len, mac, 16); +} + + +int hmac_md5(const u8 *key, size_t key_len, const u8 *data, size_t data_len, + u8 *mac) +{ + return hmac_md5_vector(key, key_len, 1, &data, &data_len, mac); +} + + +int hmac_sha1_vector(const u8 *key, size_t key_len, size_t num_elem, + const u8 *addr[], const size_t *len, u8 *mac) +{ + return linux_af_alg_hash_vector("hmac(sha1)", key, key_len, num_elem, + addr, len, mac, SHA1_MAC_LEN); +} + + +int hmac_sha1(const u8 *key, size_t key_len, const u8 *data, size_t data_len, + u8 *mac) +{ + return hmac_sha1_vector(key, key_len, 1, &data, &data_len, mac); +} + + +int hmac_sha256_vector(const u8 *key, size_t key_len, size_t num_elem, + const u8 *addr[], const size_t *len, u8 *mac) +{ + return linux_af_alg_hash_vector("hmac(sha256)", key, key_len, num_elem, + addr, len, mac, SHA256_MAC_LEN); +} + + +int hmac_sha256(const u8 *key, size_t key_len, const u8 *data, + size_t data_len, u8 *mac) +{ + return hmac_sha256_vector(key, key_len, 1, &data, &data_len, mac); +} + + +int hmac_sha384_vector(const u8 *key, size_t key_len, size_t num_elem, + const u8 *addr[], const size_t *len, u8 *mac) +{ + return linux_af_alg_hash_vector("hmac(sha384)", key, key_len, num_elem, + addr, len, mac, SHA384_MAC_LEN); +} + + +int hmac_sha384(const u8 *key, size_t key_len, const u8 *data, + size_t data_len, u8 *mac) +{ + return hmac_sha384_vector(key, key_len, 1, &data, &data_len, mac); +} + + +struct crypto_hash { + int s; + int t; + size_t mac_len; + int failed; +}; + + +struct crypto_hash * crypto_hash_init(enum crypto_hash_alg alg, const u8 *key, + size_t key_len) +{ + struct crypto_hash *ctx; + const char *name; + + ctx = os_zalloc(sizeof(*ctx)); + if (!ctx) + return NULL; + + switch (alg) { + case CRYPTO_HASH_ALG_MD5: + name = "md5"; + ctx->mac_len = MD5_MAC_LEN; + break; + case CRYPTO_HASH_ALG_SHA1: + name = "sha1"; + ctx->mac_len = SHA1_MAC_LEN; + break; + case CRYPTO_HASH_ALG_HMAC_MD5: + name = "hmac(md5)"; + ctx->mac_len = MD5_MAC_LEN; + break; + case CRYPTO_HASH_ALG_HMAC_SHA1: + name = "hmac(sha1)"; + ctx->mac_len = SHA1_MAC_LEN; + break; + case CRYPTO_HASH_ALG_SHA256: + name = "sha256"; + ctx->mac_len = SHA256_MAC_LEN; + break; + case CRYPTO_HASH_ALG_HMAC_SHA256: + name = "hmac(sha256)"; + ctx->mac_len = SHA256_MAC_LEN; + break; + case CRYPTO_HASH_ALG_SHA384: + name = "sha384"; + ctx->mac_len = SHA384_MAC_LEN; + break; + case CRYPTO_HASH_ALG_SHA512: + name = "sha512"; + ctx->mac_len = 64; + break; + default: + os_free(ctx); + return NULL; + } + + ctx->s = linux_af_alg_socket("hash", name); + if (ctx->s < 0) { + os_free(ctx); + return NULL; + } + + if (key && key_len && + setsockopt(ctx->s, SOL_ALG, ALG_SET_KEY, key, key_len) < 0) { + wpa_printf(MSG_ERROR, "%s: setsockopt(ALG_SET_KEY) failed: %s", + __func__, strerror(errno)); + close(ctx->s); + os_free(ctx); + return NULL; + } + + ctx->t = accept(ctx->s, NULL, NULL); + if (ctx->t < 0) { + wpa_printf(MSG_ERROR, "%s: accept on AF_ALG socket failed: %s", + __func__, strerror(errno)); + close(ctx->s); + os_free(ctx); + return NULL; + } + + return ctx; +} + + +void crypto_hash_update(struct crypto_hash *ctx, const u8 *data, size_t len) +{ + ssize_t res; + + if (!ctx) + return; + + res = send(ctx->t, data, len, MSG_MORE); + if (res < 0) { + wpa_printf(MSG_ERROR, + "%s: send on AF_ALG socket failed: %s", + __func__, strerror(errno)); + ctx->failed = 1; + return; + } + if ((size_t) res < len) { + wpa_printf(MSG_ERROR, + "%s: send on AF_ALG socket did not accept full buffer (%d/%d)", + __func__, (int) res, (int) len); + ctx->failed = 1; + return; + } +} + + +static void crypto_hash_deinit(struct crypto_hash *ctx) +{ + close(ctx->s); + close(ctx->t); + os_free(ctx); +} + + +int crypto_hash_finish(struct crypto_hash *ctx, u8 *mac, size_t *len) +{ + ssize_t res; + + if (!ctx) + return -2; + + if (!mac || !len) { + crypto_hash_deinit(ctx); + return 0; + } + + if (ctx->failed) { + crypto_hash_deinit(ctx); + return -2; + } + + if (*len < ctx->mac_len) { + crypto_hash_deinit(ctx); + *len = ctx->mac_len; + return -1; + } + *len = ctx->mac_len; + + res = recv(ctx->t, mac, ctx->mac_len, 0); + if (res < 0) { + wpa_printf(MSG_ERROR, + "%s: recv on AF_ALG socket failed: %s", + __func__, strerror(errno)); + crypto_hash_deinit(ctx); + return -2; + } + if ((size_t) res < ctx->mac_len) { + wpa_printf(MSG_ERROR, + "%s: recv on AF_ALG socket did not return full buffer (%d/%d)", + __func__, (int) res, (int) ctx->mac_len); + crypto_hash_deinit(ctx); + return -2; + } + + crypto_hash_deinit(ctx); + return 0; +} + + +struct linux_af_alg_skcipher { + int s; + int t; +}; + + +static void linux_af_alg_skcipher_deinit(struct linux_af_alg_skcipher *skcipher) +{ + if (!skcipher) + return; + if (skcipher->s >= 0) + close(skcipher->s); + if (skcipher->t >= 0) + close(skcipher->t); + os_free(skcipher); +} + + +static struct linux_af_alg_skcipher * +linux_af_alg_skcipher(const char *alg, const u8 *key, size_t key_len) +{ + struct linux_af_alg_skcipher *skcipher; + + skcipher = os_zalloc(sizeof(*skcipher)); + if (!skcipher) + goto fail; + skcipher->t = -1; + + skcipher->s = linux_af_alg_socket("skcipher", alg); + if (skcipher->s < 0) + goto fail; + + if (setsockopt(skcipher->s, SOL_ALG, ALG_SET_KEY, key, key_len) < 0) { + wpa_printf(MSG_ERROR, "%s: setsockopt(ALG_SET_KEY) failed: %s", + __func__, strerror(errno)); + goto fail; + } + + skcipher->t = accept(skcipher->s, NULL, NULL); + if (skcipher->t < 0) { + wpa_printf(MSG_ERROR, "%s: accept on AF_ALG socket failed: %s", + __func__, strerror(errno)); + goto fail; + } + + return skcipher; +fail: + linux_af_alg_skcipher_deinit(skcipher); + return NULL; +} + + +static int linux_af_alg_skcipher_oper(struct linux_af_alg_skcipher *skcipher, + int enc, const u8 *in, u8 *out) +{ + char buf[CMSG_SPACE(sizeof(u32))]; + struct iovec io[1]; + struct msghdr msg; + struct cmsghdr *hdr; + ssize_t ret; + u32 *op; + + io[0].iov_base = (void *) in; + io[0].iov_len = AES_BLOCK_SIZE; + os_memset(&msg, 0, sizeof(msg)); + os_memset(buf, 0, sizeof(buf)); + msg.msg_control = buf; + msg.msg_controllen = CMSG_SPACE(sizeof(u32)); + msg.msg_iov = io; + msg.msg_iovlen = 1; + hdr = CMSG_FIRSTHDR(&msg); + hdr->cmsg_level = SOL_ALG; + hdr->cmsg_type = ALG_SET_OP; + hdr->cmsg_len = CMSG_LEN(sizeof(u32)); + op = (u32 *) CMSG_DATA(hdr); + *op = enc ? ALG_OP_ENCRYPT : ALG_OP_DECRYPT; + + ret = sendmsg(skcipher->t, &msg, 0); + if (ret < 0) { + wpa_printf(MSG_ERROR, "%s: sendmsg failed: %s", + __func__, strerror(errno)); + return -1; + } + + ret = read(skcipher->t, out, AES_BLOCK_SIZE); + if (ret < 0) { + wpa_printf(MSG_ERROR, "%s: read failed: %s", + __func__, strerror(errno)); + return -1; + } + if (ret < AES_BLOCK_SIZE) { + wpa_printf(MSG_ERROR, + "%s: read did not return full data (%d/%d)", + __func__, (int) ret, AES_BLOCK_SIZE); + return -1; + } + + return 0; +} + + +void * aes_encrypt_init(const u8 *key, size_t len) +{ + return linux_af_alg_skcipher("ecb(aes)", key, len); +} + + +int aes_encrypt(void *ctx, const u8 *plain, u8 *crypt) +{ + struct linux_af_alg_skcipher *skcipher = ctx; + + return linux_af_alg_skcipher_oper(skcipher, 1, plain, crypt); +} + + +void aes_encrypt_deinit(void *ctx) +{ + linux_af_alg_skcipher_deinit(ctx); +} + + +void * aes_decrypt_init(const u8 *key, size_t len) +{ + return linux_af_alg_skcipher("ecb(aes)", key, len); +} + + +int aes_decrypt(void *ctx, const u8 *crypt, u8 *plain) +{ + struct linux_af_alg_skcipher *skcipher = ctx; + + return linux_af_alg_skcipher_oper(skcipher, 0, crypt, plain); +} + + +void aes_decrypt_deinit(void *ctx) +{ + linux_af_alg_skcipher_deinit(ctx); +} + + +int rc4_skip(const u8 *key, size_t keylen, size_t skip, + u8 *data, size_t data_len) +{ + struct linux_af_alg_skcipher *skcipher; + u8 *skip_buf; + char buf[CMSG_SPACE(sizeof(u32))]; + struct iovec io[2]; + struct msghdr msg; + struct cmsghdr *hdr; + ssize_t ret; + u32 *op; + + skip_buf = os_zalloc(skip + 1); + if (!skip_buf) + return -1; + skcipher = linux_af_alg_skcipher("ecb(arc4)", key, keylen); + if (!skcipher) { + os_free(skip_buf); + return -1; + } + + io[0].iov_base = skip_buf; + io[0].iov_len = skip; + io[1].iov_base = data; + io[1].iov_len = data_len; + os_memset(&msg, 0, sizeof(msg)); + os_memset(buf, 0, sizeof(buf)); + msg.msg_control = buf; + msg.msg_controllen = CMSG_SPACE(sizeof(u32)); + msg.msg_iov = io; + msg.msg_iovlen = 2; + hdr = CMSG_FIRSTHDR(&msg); + hdr->cmsg_level = SOL_ALG; + hdr->cmsg_type = ALG_SET_OP; + hdr->cmsg_len = CMSG_LEN(sizeof(u32)); + op = (u32 *) CMSG_DATA(hdr); + *op = ALG_OP_ENCRYPT; + + ret = sendmsg(skcipher->t, &msg, 0); + if (ret < 0) { + wpa_printf(MSG_ERROR, "%s: sendmsg failed: %s", + __func__, strerror(errno)); + os_free(skip_buf); + linux_af_alg_skcipher_deinit(skcipher); + return -1; + } + os_free(skip_buf); + + msg.msg_control = NULL; + msg.msg_controllen = 0; + ret = recvmsg(skcipher->t, &msg, 0); + if (ret < 0) { + wpa_printf(MSG_ERROR, "%s: recvmsg failed: %s", + __func__, strerror(errno)); + linux_af_alg_skcipher_deinit(skcipher); + return -1; + } + linux_af_alg_skcipher_deinit(skcipher); + + if ((size_t) ret < skip + data_len) { + wpa_printf(MSG_ERROR, + "%s: recvmsg did not return full data (%d/%d)", + __func__, (int) ret, (int) (skip + data_len)); + return -1; + } + + return 0; +} + + +int des_encrypt(const u8 *clear, const u8 *key, u8 *cypher) +{ + u8 pkey[8], next, tmp; + int i; + struct linux_af_alg_skcipher *skcipher; + char buf[CMSG_SPACE(sizeof(u32))]; + struct iovec io[1]; + struct msghdr msg; + struct cmsghdr *hdr; + ssize_t ret; + u32 *op; + int res = -1; + + /* Add parity bits to the key */ + next = 0; + for (i = 0; i < 7; i++) { + tmp = key[i]; + pkey[i] = (tmp >> i) | next | 1; + next = tmp << (7 - i); + } + pkey[i] = next | 1; + + skcipher = linux_af_alg_skcipher("ecb(des)", pkey, sizeof(pkey)); + if (!skcipher) + goto fail; + + io[0].iov_base = (void *) clear; + io[0].iov_len = 8; + os_memset(&msg, 0, sizeof(msg)); + os_memset(buf, 0, sizeof(buf)); + msg.msg_control = buf; + msg.msg_controllen = CMSG_SPACE(sizeof(u32)); + msg.msg_iov = io; + msg.msg_iovlen = 1; + hdr = CMSG_FIRSTHDR(&msg); + hdr->cmsg_level = SOL_ALG; + hdr->cmsg_type = ALG_SET_OP; + hdr->cmsg_len = CMSG_LEN(sizeof(u32)); + op = (u32 *) CMSG_DATA(hdr); + *op = ALG_OP_ENCRYPT; + + ret = sendmsg(skcipher->t, &msg, 0); + if (ret < 0) { + wpa_printf(MSG_ERROR, "%s: sendmsg failed: %s", + __func__, strerror(errno)); + goto fail; + } + + ret = read(skcipher->t, cypher, 8); + if (ret < 0) { + wpa_printf(MSG_ERROR, "%s: read failed: %s", + __func__, strerror(errno)); + goto fail; + } + if (ret < 8) { + wpa_printf(MSG_ERROR, + "%s: read did not return full data (%d/8)", + __func__, (int) ret); + goto fail; + } + + res = 0; +fail: + linux_af_alg_skcipher_deinit(skcipher); + return res; +} + + +static int aes_128_cbc_oper(const u8 *key, int enc, const u8 *iv, + u8 *data, size_t data_len) +{ + struct linux_af_alg_skcipher *skcipher; + char buf[100]; + struct iovec io[1]; + struct msghdr msg; + struct cmsghdr *hdr; + ssize_t ret; + u32 *op; + struct af_alg_iv *alg_iv; + size_t iv_len = AES_BLOCK_SIZE; + + skcipher = linux_af_alg_skcipher("cbc(aes)", key, 16); + if (!skcipher) + return -1; + + io[0].iov_base = (void *) data; + io[0].iov_len = data_len; + os_memset(&msg, 0, sizeof(msg)); + os_memset(buf, 0, sizeof(buf)); + msg.msg_control = buf; + msg.msg_controllen = CMSG_SPACE(sizeof(u32)) + + CMSG_SPACE(sizeof(*alg_iv) + iv_len); + msg.msg_iov = io; + msg.msg_iovlen = 1; + + hdr = CMSG_FIRSTHDR(&msg); + hdr->cmsg_level = SOL_ALG; + hdr->cmsg_type = ALG_SET_OP; + hdr->cmsg_len = CMSG_LEN(sizeof(u32)); + op = (u32 *) CMSG_DATA(hdr); + *op = enc ? ALG_OP_ENCRYPT : ALG_OP_DECRYPT; + + hdr = CMSG_NXTHDR(&msg, hdr); + hdr->cmsg_level = SOL_ALG; + hdr->cmsg_type = ALG_SET_IV; + hdr->cmsg_len = CMSG_SPACE(sizeof(*alg_iv) + iv_len); + alg_iv = (struct af_alg_iv *) CMSG_DATA(hdr); + alg_iv->ivlen = iv_len; + os_memcpy(alg_iv->iv, iv, iv_len); + + ret = sendmsg(skcipher->t, &msg, 0); + if (ret < 0) { + wpa_printf(MSG_ERROR, "%s: sendmsg failed: %s", + __func__, strerror(errno)); + linux_af_alg_skcipher_deinit(skcipher); + return -1; + } + + ret = recvmsg(skcipher->t, &msg, 0); + if (ret < 0) { + wpa_printf(MSG_ERROR, "%s: recvmsg failed: %s", + __func__, strerror(errno)); + linux_af_alg_skcipher_deinit(skcipher); + return -1; + } + if ((size_t) ret < data_len) { + wpa_printf(MSG_ERROR, + "%s: recvmsg not return full data (%d/%d)", + __func__, (int) ret, (int) data_len); + linux_af_alg_skcipher_deinit(skcipher); + return -1; + } + + linux_af_alg_skcipher_deinit(skcipher); + return 0; +} + + +int aes_128_cbc_encrypt(const u8 *key, const u8 *iv, u8 *data, size_t data_len) +{ + return aes_128_cbc_oper(key, 1, iv, data, data_len); +} + + +int aes_128_cbc_decrypt(const u8 *key, const u8 *iv, u8 *data, size_t data_len) +{ + return aes_128_cbc_oper(key, 0, iv, data, data_len); +} + + +int omac1_aes_vector(const u8 *key, size_t key_len, size_t num_elem, + const u8 *addr[], const size_t *len, u8 *mac) +{ + return linux_af_alg_hash_vector("cmac(aes)", key, key_len, num_elem, + addr, len, mac, AES_BLOCK_SIZE); +} + + +int omac1_aes_128_vector(const u8 *key, size_t num_elem, + const u8 *addr[], const size_t *len, u8 *mac) +{ + return omac1_aes_vector(key, 16, num_elem, addr, len, mac); +} + + +int omac1_aes_128(const u8 *key, const u8 *data, size_t data_len, u8 *mac) +{ + return omac1_aes_128_vector(key, 1, &data, &data_len, mac); +} + + +int omac1_aes_256(const u8 *key, const u8 *data, size_t data_len, u8 *mac) +{ + return omac1_aes_vector(key, 32, 1, &data, &data_len, mac); +} + + +int aes_unwrap(const u8 *kek, size_t kek_len, int n, const u8 *cipher, + u8 *plain) +{ + struct linux_af_alg_skcipher *skcipher; + char buf[100]; + struct iovec io[1]; + struct msghdr msg; + struct cmsghdr *hdr; + ssize_t ret; + u32 *op; + struct af_alg_iv *alg_iv; + size_t iv_len = 8; + + skcipher = linux_af_alg_skcipher("kw(aes)", kek, kek_len); + if (!skcipher) + return -1; + + io[0].iov_base = (void *) (cipher + iv_len); + io[0].iov_len = n * 8; + os_memset(&msg, 0, sizeof(msg)); + os_memset(buf, 0, sizeof(buf)); + msg.msg_control = buf; + msg.msg_controllen = CMSG_SPACE(sizeof(u32)) + + CMSG_SPACE(sizeof(*alg_iv) + iv_len); + msg.msg_iov = io; + msg.msg_iovlen = 1; + + hdr = CMSG_FIRSTHDR(&msg); + hdr->cmsg_level = SOL_ALG; + hdr->cmsg_type = ALG_SET_OP; + hdr->cmsg_len = CMSG_LEN(sizeof(u32)); + op = (u32 *) CMSG_DATA(hdr); + *op = ALG_OP_DECRYPT; + + hdr = CMSG_NXTHDR(&msg, hdr); + hdr->cmsg_level = SOL_ALG; + hdr->cmsg_type = ALG_SET_IV; + hdr->cmsg_len = CMSG_SPACE(sizeof(*alg_iv) + iv_len); + alg_iv = (struct af_alg_iv *) CMSG_DATA(hdr); + alg_iv->ivlen = iv_len; + os_memcpy(alg_iv->iv, cipher, iv_len); + + ret = sendmsg(skcipher->t, &msg, 0); + if (ret < 0) { + wpa_printf(MSG_ERROR, "%s: sendmsg failed: %s", + __func__, strerror(errno)); + return -1; + } + + ret = read(skcipher->t, plain, n * 8); + if (ret < 0) { + wpa_printf(MSG_ERROR, "%s: read failed: %s", + __func__, strerror(errno)); + linux_af_alg_skcipher_deinit(skcipher); + return -1; + } + if (ret < n * 8) { + wpa_printf(MSG_ERROR, + "%s: read not return full data (%d/%d)", + __func__, (int) ret, n * 8); + linux_af_alg_skcipher_deinit(skcipher); + return -1; + } + + linux_af_alg_skcipher_deinit(skcipher); + return 0; +} + + +struct crypto_cipher { + struct linux_af_alg_skcipher *skcipher; +}; + + +struct crypto_cipher * crypto_cipher_init(enum crypto_cipher_alg alg, + const u8 *iv, const u8 *key, + size_t key_len) +{ + struct crypto_cipher *ctx; + const char *name; + struct af_alg_iv *alg_iv; + size_t iv_len = 0; + char buf[100]; + struct msghdr msg; + struct cmsghdr *hdr; + ssize_t ret; + + ctx = os_zalloc(sizeof(*ctx)); + if (!ctx) + return NULL; + + switch (alg) { + case CRYPTO_CIPHER_ALG_RC4: + name = "ecb(arc4)"; + break; + case CRYPTO_CIPHER_ALG_AES: + name = "cbc(aes)"; + iv_len = AES_BLOCK_SIZE; + break; + case CRYPTO_CIPHER_ALG_3DES: + name = "cbc(des3_ede)"; + iv_len = 8; + break; + case CRYPTO_CIPHER_ALG_DES: + name = "cbc(des)"; + iv_len = 8; + break; + default: + os_free(ctx); + return NULL; + } + + ctx->skcipher = linux_af_alg_skcipher(name, key, key_len); + if (!ctx->skcipher) { + os_free(ctx); + return NULL; + } + + if (iv && iv_len) { + os_memset(&msg, 0, sizeof(msg)); + os_memset(buf, 0, sizeof(buf)); + msg.msg_control = buf; + msg.msg_controllen = CMSG_SPACE(sizeof(*alg_iv) + iv_len); + hdr = CMSG_FIRSTHDR(&msg); + hdr->cmsg_level = SOL_ALG; + hdr->cmsg_type = ALG_SET_IV; + hdr->cmsg_len = CMSG_SPACE(sizeof(*alg_iv) + iv_len); + alg_iv = (struct af_alg_iv *) CMSG_DATA(hdr); + alg_iv->ivlen = iv_len; + os_memcpy(alg_iv->iv, iv, iv_len); + + ret = sendmsg(ctx->skcipher->t, &msg, 0); + if (ret < 0) { + wpa_printf(MSG_ERROR, "%s: sendmsg failed: %s", + __func__, strerror(errno)); + linux_af_alg_skcipher_deinit(ctx->skcipher); + os_free(ctx); + return NULL; + } + } + + return ctx; +} + + +static int crypto_cipher_oper(struct crypto_cipher *ctx, u32 type, const u8 *in, + u8 *out, size_t len) +{ + char buf[CMSG_SPACE(sizeof(u32))]; + struct iovec io[1]; + struct msghdr msg; + struct cmsghdr *hdr; + ssize_t ret; + u32 *op; + + io[0].iov_base = (void *) in; + io[0].iov_len = len; + os_memset(&msg, 0, sizeof(msg)); + os_memset(buf, 0, sizeof(buf)); + msg.msg_control = buf; + msg.msg_controllen = CMSG_SPACE(sizeof(u32)); + msg.msg_iov = io; + msg.msg_iovlen = 1; + hdr = CMSG_FIRSTHDR(&msg); + hdr->cmsg_level = SOL_ALG; + hdr->cmsg_type = ALG_SET_OP; + hdr->cmsg_len = CMSG_LEN(sizeof(u32)); + op = (u32 *) CMSG_DATA(hdr); + *op = type; + + ret = sendmsg(ctx->skcipher->t, &msg, 0); + if (ret < 0) { + wpa_printf(MSG_ERROR, "%s: sendmsg failed: %s", + __func__, strerror(errno)); + return -1; + } + + ret = read(ctx->skcipher->t, out, len); + if (ret < 0) { + wpa_printf(MSG_ERROR, "%s: read failed: %s", + __func__, strerror(errno)); + return -1; + } + if (ret < (ssize_t) len) { + wpa_printf(MSG_ERROR, + "%s: read did not return full data (%d/%d)", + __func__, (int) ret, (int) len); + return -1; + } + + return 0; +} + + +int crypto_cipher_encrypt(struct crypto_cipher *ctx, const u8 *plain, + u8 *crypt, size_t len) +{ + return crypto_cipher_oper(ctx, ALG_OP_ENCRYPT, plain, crypt, len); +} + + +int crypto_cipher_decrypt(struct crypto_cipher *ctx, const u8 *crypt, + u8 *plain, size_t len) +{ + return crypto_cipher_oper(ctx, ALG_OP_DECRYPT, crypt, plain, len); +} + + +void crypto_cipher_deinit(struct crypto_cipher *ctx) +{ + if (ctx) { + linux_af_alg_skcipher_deinit(ctx->skcipher); + os_free(ctx); + } +} + + +int crypto_global_init(void) +{ + return 0; +} + + +void crypto_global_deinit(void) +{ +} diff --git a/contrib/wpa/src/crypto/crypto_module_tests.c b/contrib/wpa/src/crypto/crypto_module_tests.c index ffd23942e32d..1cc73d8ec16e 100644 --- a/contrib/wpa/src/crypto/crypto_module_tests.c +++ b/contrib/wpa/src/crypto/crypto_module_tests.c @@ -17,6 +17,7 @@ #include "crypto/crypto.h" #include "crypto/sha1.h" #include "crypto/sha256.h" +#include "crypto/sha384.h" static int test_siv(void) @@ -92,7 +93,7 @@ static int test_siv(void) addr[0] = ad; len[0] = sizeof(ad); - if (aes_siv_encrypt(key, plaintext, sizeof(plaintext), + if (aes_siv_encrypt(key, sizeof(key), plaintext, sizeof(plaintext), 1, addr, len, out)) { wpa_printf(MSG_ERROR, "AES-SIV mode encryption failed"); return 1; @@ -103,7 +104,8 @@ static int test_siv(void) return 1; } - if (aes_siv_decrypt(key, iv_c, sizeof(iv_c), 1, addr, len, out)) { + if (aes_siv_decrypt(key, sizeof(key), iv_c, sizeof(iv_c), + 1, addr, len, out)) { wpa_printf(MSG_ERROR, "AES-SIV mode decryption failed"); return 1; } @@ -121,7 +123,8 @@ static int test_siv(void) addr[2] = nonce_2; len[2] = sizeof(nonce_2); - if (aes_siv_encrypt(key_2, plaintext_2, sizeof(plaintext_2), + if (aes_siv_encrypt(key_2, sizeof(key_2), + plaintext_2, sizeof(plaintext_2), 3, addr, len, out)) { wpa_printf(MSG_ERROR, "AES-SIV mode encryption failed"); return 1; @@ -132,7 +135,8 @@ static int test_siv(void) return 1; } - if (aes_siv_decrypt(key_2, iv_c_2, sizeof(iv_c_2), 3, addr, len, out)) { + if (aes_siv_decrypt(key_2, sizeof(key_2), iv_c_2, sizeof(iv_c_2), + 3, addr, len, out)) { wpa_printf(MSG_ERROR, "AES-SIV mode decryption failed"); return 1; } @@ -1292,13 +1296,14 @@ static const struct { }; static const struct hmac_test { - u8 key[80]; + u8 key[150]; size_t key_len; - u8 data[128]; + u8 data[160]; size_t data_len; - u8 hash[32]; + u8 hash[32]; /* HMAC-SHA-256 */ + u8 hash384[48]; /* HMAC-SHA-384 */ } hmac_tests[] = { - /* draft-ietf-ipsec-ciph-sha-256-01.txt */ + /* draft-ietf-ipsec-ciph-sha-256-01.txt; RFC 4231 */ { { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, @@ -1313,7 +1318,8 @@ static const struct hmac_test { 0x4d, 0xd9, 0x39, 0x75, 0x0f, 0x7a, 0x06, 0x6a, 0x7f, 0x98, 0xcc, 0x13, 0x1c, 0xb1, 0x6a, 0x66, 0x92, 0x75, 0x90, 0x21, 0xcf, 0xab, 0x81, 0x81 - } + }, + { } }, { { @@ -1330,7 +1336,8 @@ static const struct hmac_test { 0x18, 0x4b, 0xa7, 0x31, 0x31, 0xc5, 0x3c, 0xae, 0xe6, 0x98, 0xe3, 0x61, 0x19, 0x42, 0x11, 0x49, 0xea, 0x8c, 0x71, 0x24, 0x56, 0x69, 0x7d, 0x30 - } + }, + { } }, { { @@ -1348,7 +1355,8 @@ static const struct hmac_test { 0xd3, 0xee, 0xb3, 0xe7, 0x73, 0xd9, 0x5a, 0xab, 0x73, 0xac, 0xf0, 0xfd, 0x06, 0x04, 0x47, 0xa5, 0xeb, 0x45, 0x95, 0xbf, 0x33, 0xa9, 0xd1, 0xa3 - } + }, + { } }, { { @@ -1365,9 +1373,34 @@ static const struct hmac_test { 0x99, 0x03, 0xa0, 0xf1, 0xcf, 0x2b, 0xbd, 0xc5, 0xba, 0x0a, 0xa3, 0xf3, 0xd9, 0xae, 0x3c, 0x1c, 0x7a, 0x3b, 0x16, 0x96, 0xa0, 0xb6, 0x8c, 0xf7 + }, + { } + }, + { /* RFC 4231 - Test Case 1 */ + { + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, + 0x0b, 0x0b, 0x0b, 0x0b + }, + 20, + "Hi There", + 8, + { + 0xb0, 0x34, 0x4c, 0x61, 0xd8, 0xdb, 0x38, 0x53, + 0x5c, 0xa8, 0xaf, 0xce, 0xaf, 0x0b, 0xf1, 0x2b, + 0x88, 0x1d, 0xc2, 0x00, 0xc9, 0x83, 0x3d, 0xa7, + 0x26, 0xe9, 0x37, 0x6c, 0x2e, 0x32, 0xcf, 0xf7 + }, + { + 0xaf, 0xd0, 0x39, 0x44, 0xd8, 0x48, 0x95, 0x62, + 0x6b, 0x08, 0x25, 0xf4, 0xab, 0x46, 0x90, 0x7f, + 0x15, 0xf9, 0xda, 0xdb, 0xe4, 0x10, 0x1e, 0xc6, + 0x82, 0xaa, 0x03, 0x4c, 0x7c, 0xeb, 0xc5, 0x9c, + 0xfa, 0xea, 0x9e, 0xa9, 0x07, 0x6e, 0xde, 0x7f, + 0x4a, 0xf1, 0x52, 0xe8, 0xb2, 0xfa, 0x9c, 0xb6 } }, - { + { /* RFC 4231 - Test Case 2 */ "Jefe", 4, "what do ya want for nothing?", @@ -1377,6 +1410,14 @@ static const struct hmac_test { 0x6a, 0x04, 0x24, 0x26, 0x08, 0x95, 0x75, 0xc7, 0x5a, 0x00, 0x3f, 0x08, 0x9d, 0x27, 0x39, 0x83, 0x9d, 0xec, 0x58, 0xb9, 0x64, 0xec, 0x38, 0x43 + }, + { + 0xaf, 0x45, 0xd2, 0xe3, 0x76, 0x48, 0x40, 0x31, + 0x61, 0x7f, 0x78, 0xd2, 0xb5, 0x8a, 0x6b, 0x1b, + 0x9c, 0x7e, 0xf4, 0x64, 0xf5, 0xa0, 0x1b, 0x47, + 0xe4, 0x2e, 0xc3, 0x73, 0x63, 0x22, 0x44, 0x5e, + 0x8e, 0x22, 0x40, 0xca, 0x5e, 0x69, 0xe2, 0xc7, + 0x8b, 0x32, 0x39, 0xec, 0xfa, 0xb2, 0x16, 0x49 } }, { @@ -1402,6 +1443,39 @@ static const struct hmac_test { 0x91, 0xe5, 0x3a, 0xba, 0x30, 0x92, 0xf9, 0x62, 0xe5, 0x49, 0xfe, 0x6c, 0xe9, 0xed, 0x7f, 0xdc, 0x43, 0x19, 0x1f, 0xbd, 0xe4, 0x5c, 0x30, 0xb0 + }, + { } + }, + { /* RFC 4231 - Test Case 3 */ + { + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa + }, + 20, + { + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd + }, + 50, + { + 0x77, 0x3e, 0xa9, 0x1e, 0x36, 0x80, 0x0e, 0x46, + 0x85, 0x4d, 0xb8, 0xeb, 0xd0, 0x91, 0x81, 0xa7, + 0x29, 0x59, 0x09, 0x8b, 0x3e, 0xf8, 0xc1, 0x22, + 0xd9, 0x63, 0x55, 0x14, 0xce, 0xd5, 0x65, 0xfe + }, + { + 0x88, 0x06, 0x26, 0x08, 0xd3, 0xe6, 0xad, 0x8a, + 0x0a, 0xa2, 0xac, 0xe0, 0x14, 0xc8, 0xa8, 0x6f, + 0x0a, 0xa6, 0x35, 0xd9, 0x47, 0xac, 0x9f, 0xeb, + 0xe8, 0x3e, 0xf4, 0xe5, 0x59, 0x66, 0x14, 0x4b, + 0x2a, 0x5a, 0xb3, 0x9d, 0xc1, 0x38, 0x14, 0xb9, + 0x4e, 0x3a, 0xb6, 0xe1, 0x01, 0xa3, 0x4f, 0x27 } }, { @@ -1428,6 +1502,40 @@ static const struct hmac_test { 0x4c, 0x66, 0xde, 0xe0, 0xf8, 0xf0, 0x74, 0x55, 0x6e, 0xc4, 0xaf, 0x55, 0xef, 0x07, 0x99, 0x85, 0x41, 0x46, 0x8e, 0xb4, 0x9b, 0xd2, 0xe9, 0x17 + }, + { } + }, + { /* RFC 4231 - Test Case 4 */ + { + 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, + 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, + 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, + 0x19, + }, + 25, + { + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd + }, + 50, + { + 0x82, 0x55, 0x8a, 0x38, 0x9a, 0x44, 0x3c, 0x0e, + 0xa4, 0xcc, 0x81, 0x98, 0x99, 0xf2, 0x08, 0x3a, + 0x85, 0xf0, 0xfa, 0xa3, 0xe5, 0x78, 0xf8, 0x07, + 0x7a, 0x2e, 0x3f, 0xf4, 0x67, 0x29, 0x66, 0x5b + }, + { + 0x3e, 0x8a, 0x69, 0xb7, 0x78, 0x3c, 0x25, 0x85, + 0x19, 0x33, 0xab, 0x62, 0x90, 0xaf, 0x6c, 0xa7, + 0x7a, 0x99, 0x81, 0x48, 0x08, 0x50, 0x00, 0x9c, + 0xc5, 0x57, 0x7c, 0x6e, 0x1f, 0x57, 0x3b, 0x4e, + 0x68, 0x01, 0xdd, 0x23, 0xc4, 0xa7, 0xd6, 0x79, + 0xcc, 0xf8, 0xa3, 0x86, 0xc6, 0x74, 0xcf, 0xfb } }, { @@ -1445,7 +1553,8 @@ static const struct hmac_test { 0x1a, 0xb9, 0xc3, 0x74, 0x9a, 0x5f, 0x1c, 0x17, 0xd4, 0xf5, 0x89, 0x66, 0x8a, 0x58, 0x7b, 0x27, 0x00, 0xa9, 0xc9, 0x7c, 0x11, 0x93, 0xcf, 0x42 - } + }, + { } }, { { @@ -1468,6 +1577,45 @@ static const struct hmac_test { 0xf8, 0x0a, 0x96, 0xf7, 0x8e, 0x65, 0x38, 0xdb, 0xe2, 0xe7, 0xb8, 0x20, 0xe3, 0xdd, 0x97, 0x0e, 0x7d, 0xdd, 0x39, 0x09, 0x1b, 0x32, 0x35, 0x2f + }, + { } + }, + { /* RFC 4231 - Test Case 6 */ + { + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa + }, + 131, + "Test Using Larger Than Block-Size Key - Hash Key First", + 54, + { + 0x60, 0xe4, 0x31, 0x59, 0x1e, 0xe0, 0xb6, 0x7f, + 0x0d, 0x8a, 0x26, 0xaa, 0xcb, 0xf5, 0xb7, 0x7f, + 0x8e, 0x0b, 0xc6, 0x21, 0x37, 0x28, 0xc5, 0x14, + 0x05, 0x46, 0x04, 0x0f, 0x0e, 0xe3, 0x7f, 0x54 + }, + { + 0x4e, 0xce, 0x08, 0x44, 0x85, 0x81, 0x3e, 0x90, + 0x88, 0xd2, 0xc6, 0x3a, 0x04, 0x1b, 0xc5, 0xb4, + 0x4f, 0x9e, 0xf1, 0x01, 0x2a, 0x2b, 0x58, 0x8f, + 0x3c, 0xd1, 0x1f, 0x05, 0x03, 0x3a, 0xc4, 0xc6, + 0x0c, 0x2e, 0xf6, 0xab, 0x40, 0x30, 0xfe, 0x82, + 0x96, 0x24, 0x8d, 0xf1, 0x63, 0xf4, 0x49, 0x52 } }, { @@ -1492,6 +1640,45 @@ static const struct hmac_test { 0xc8, 0x48, 0x1a, 0x5c, 0xa4, 0x82, 0x5b, 0xc8, 0x84, 0xd3, 0xe7, 0xa1, 0xff, 0x98, 0xa2, 0xfc, 0x2a, 0xc7, 0xd8, 0xe0, 0x64, 0xc3, 0xb2, 0xe6 + }, + { } + }, + { /* RFC 4231 - Test Case 7 */ + { + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa + }, + 131, + "This is a test using a larger than block-size key and a larger than block-size data. The key needs to be hashed before being used by the HMAC algorithm.", + 152, + { + 0x9b, 0x09, 0xff, 0xa7, 0x1b, 0x94, 0x2f, 0xcb, + 0x27, 0x63, 0x5f, 0xbc, 0xd5, 0xb0, 0xe9, 0x44, + 0xbf, 0xdc, 0x63, 0x64, 0x4f, 0x07, 0x13, 0x93, + 0x8a, 0x7f, 0x51, 0x53, 0x5c, 0x3a, 0x35, 0xe2 + }, + { + 0x66, 0x17, 0x17, 0x8e, 0x94, 0x1f, 0x02, 0x0d, + 0x35, 0x1e, 0x2f, 0x25, 0x4e, 0x8f, 0xd3, 0x2c, + 0x60, 0x24, 0x20, 0xfe, 0xb0, 0xb8, 0xfb, 0x9a, + 0xdc, 0xce, 0xbb, 0x82, 0x46, 0x1e, 0x99, 0xc5, + 0xa6, 0x78, 0xcc, 0x31, 0xe7, 0x99, 0x17, 0x6d, + 0x38, 0x60, 0xe6, 0x11, 0x0c, 0x46, 0x52, 0x3e } } }; @@ -1606,6 +1793,96 @@ static int test_sha256(void) } +static int test_sha384(void) +{ +#ifdef CONFIG_SHA384 + unsigned int i; + u8 hash[48]; + const u8 *addr[2]; + size_t len[2]; + int errors = 0; + const char *data = "hello"; + const u8 hash_res[] = { + 0x59, 0xe1, 0x74, 0x87, 0x77, 0x44, 0x8c, 0x69, + 0xde, 0x6b, 0x80, 0x0d, 0x7a, 0x33, 0xbb, 0xfb, + 0x9f, 0xf1, 0xb4, 0x63, 0xe4, 0x43, 0x54, 0xc3, + 0x55, 0x3b, 0xcd, 0xb9, 0xc6, 0x66, 0xfa, 0x90, + 0x12, 0x5a, 0x3c, 0x79, 0xf9, 0x03, 0x97, 0xbd, + 0xf5, 0xf6, 0xa1, 0x3d, 0xe8, 0x28, 0x68, 0x4f + }; + + addr[0] = (const u8 *) data; + len[0] = 5; + if (sha384_vector(1, addr, len, hash) < 0 || + os_memcmp(hash, hash_res, 48) != 0) { + wpa_printf(MSG_INFO, "SHA384 test case 1: FAIL"); + errors++; + } else { + wpa_printf(MSG_INFO, "SHA384 test case 1: OK"); + } + + addr[0] = (const u8 *) data; + len[0] = 4; + addr[1] = (const u8 *) data + 4; + len[1] = 1; + if (sha384_vector(2, addr, len, hash) < 0 || + os_memcmp(hash, hash_res, 48) != 0) { + wpa_printf(MSG_INFO, "SHA384 test case 2: FAIL"); + errors++; + } else { + wpa_printf(MSG_INFO, "SHA384 test case 2: OK"); + } + + for (i = 0; i < ARRAY_SIZE(hmac_tests); i++) { + const struct hmac_test *t = &hmac_tests[i]; + + if (t->hash384[0] == 0 && t->hash384[1] == 0 && + t->hash384[2] == 0 && t->hash384[3] == 0) + continue; + wpa_printf(MSG_INFO, "HMAC-SHA384 test case %d:", i + 1); + + if (hmac_sha384(t->key, t->key_len, t->data, t->data_len, + hash) < 0 || + os_memcmp(hash, t->hash384, 48) != 0) { + wpa_printf(MSG_INFO, " FAIL"); + errors++; + } else + wpa_printf(MSG_INFO, " OK"); + + addr[0] = t->data; + len[0] = t->data_len; + if (hmac_sha384_vector(t->key, t->key_len, 1, addr, len, + hash) < 0 || + os_memcmp(hash, t->hash384, 48) != 0) { + wpa_printf(MSG_INFO, " FAIL"); + errors++; + } else + wpa_printf(MSG_INFO, " OK"); + + if (len[0]) { + addr[0] = t->data; + len[0] = 1; + addr[1] = t->data + 1; + len[1] = t->data_len - 1; + if (hmac_sha384_vector(t->key, t->key_len, 2, addr, len, + hash) < 0 || + os_memcmp(hash, t->hash384, 48) != 0) { + wpa_printf(MSG_INFO, " FAIL"); + errors++; + } else + wpa_printf(MSG_INFO, " OK"); + } + } + + if (!errors) + wpa_printf(MSG_INFO, "SHA384 test cases passed"); + return errors; +#else /* CONFIG_SHA384 */ + return 0; +#endif /* CONFIG_SHA384 */ +} + + static int test_fips186_2_prf(void) { /* http://csrc.nist.gov/encryption/dss/Examples-1024bit.pdf */ @@ -1635,6 +1912,135 @@ static int test_fips186_2_prf(void) } +static int test_extract_expand_hkdf(void) +{ + u8 prk[SHA256_MAC_LEN]; + u8 okm[82]; + + /* RFC 5869, A.1 */ + u8 ikm1[22] = { + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b + }; + u8 salt1[13] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0a, 0x0b, 0x0c + }; + u8 info1[10] = { + 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, + 0xf8, 0xf9 + }; + u8 prk1[32] = { + 0x07, 0x77, 0x09, 0x36, 0x2c, 0x2e, 0x32, 0xdf, + 0x0d, 0xdc, 0x3f, 0x0d, 0xc4, 0x7b, 0xba, 0x63, + 0x90, 0xb6, 0xc7, 0x3b, 0xb5, 0x0f, 0x9c, 0x31, + 0x22, 0xec, 0x84, 0x4a, 0xd7, 0xc2, 0xb3, 0xe5 + }; + u8 okm1[42] = { + 0x3c, 0xb2, 0x5f, 0x25, 0xfa, 0xac, 0xd5, 0x7a, + 0x90, 0x43, 0x4f, 0x64, 0xd0, 0x36, 0x2f, 0x2a, + 0x2d, 0x2d, 0x0a, 0x90, 0xcf, 0x1a, 0x5a, 0x4c, + 0x5d, 0xb0, 0x2d, 0x56, 0xec, 0xc4, 0xc5, 0xbf, + 0x34, 0x00, 0x72, 0x08, 0xd5, 0xb8, 0x87, 0x18, + 0x58, 0x65 + }; + + /* RFC 5869, A.2 */ + u8 ikm2[80] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, + 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, + 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, + 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, + 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, + 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, + 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f + }; + u8 salt2[80] = { + 0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, + 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, + 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77, + 0x78, 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f, + 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87, + 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f, + 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, + 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f, + 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7, + 0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf + }; + u8 info2[80] = { + 0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7, + 0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf, + 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, + 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf, + 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7, + 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf, + 0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7, + 0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef, + 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, + 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff + }; + u8 prk2[32] = { + 0x06, 0xa6, 0xb8, 0x8c, 0x58, 0x53, 0x36, 0x1a, + 0x06, 0x10, 0x4c, 0x9c, 0xeb, 0x35, 0xb4, 0x5c, + 0xef, 0x76, 0x00, 0x14, 0x90, 0x46, 0x71, 0x01, + 0x4a, 0x19, 0x3f, 0x40, 0xc1, 0x5f, 0xc2, 0x44 + }; + u8 okm2[82] = { + 0xb1, 0x1e, 0x39, 0x8d, 0xc8, 0x03, 0x27, 0xa1, + 0xc8, 0xe7, 0xf7, 0x8c, 0x59, 0x6a, 0x49, 0x34, + 0x4f, 0x01, 0x2e, 0xda, 0x2d, 0x4e, 0xfa, 0xd8, + 0xa0, 0x50, 0xcc, 0x4c, 0x19, 0xaf, 0xa9, 0x7c, + 0x59, 0x04, 0x5a, 0x99, 0xca, 0xc7, 0x82, 0x72, + 0x71, 0xcb, 0x41, 0xc6, 0x5e, 0x59, 0x0e, 0x09, + 0xda, 0x32, 0x75, 0x60, 0x0c, 0x2f, 0x09, 0xb8, + 0x36, 0x77, 0x93, 0xa9, 0xac, 0xa3, 0xdb, 0x71, + 0xcc, 0x30, 0xc5, 0x81, 0x79, 0xec, 0x3e, 0x87, + 0xc1, 0x4c, 0x01, 0xd5, 0xc1, 0xf3, 0x43, 0x4f, + 0x1d, 0x87 + }; + + wpa_printf(MSG_INFO, "Testing Extract-and-Expand HKDF (RFC 5869)"); + + wpa_printf(MSG_INFO, "RFC 5869 - Test Case 1"); + if (hmac_sha256(salt1, sizeof(salt1), ikm1, sizeof(ikm1), prk) < 0) + return -1; + if (os_memcmp(prk, prk1, SHA256_MAC_LEN) != 0) { + wpa_printf(MSG_INFO, "HKDF-Extract mismatch in PRK"); + return -1; + } + if (hmac_sha256_kdf(prk1, sizeof(prk1), NULL, info1, sizeof(info1), + okm, sizeof(okm1)) < 0) + return -1; + if (os_memcmp(okm, okm1, sizeof(okm1)) != 0) { + wpa_printf(MSG_INFO, "HKDF-Expand mismatch in OKM"); + return -1; + } + + wpa_printf(MSG_INFO, "RFC 5869 - Test Case 2"); + if (hmac_sha256(salt2, sizeof(salt2), ikm2, sizeof(ikm2), prk) < 0) + return -1; + if (os_memcmp(prk, prk2, SHA256_MAC_LEN) != 0) { + wpa_printf(MSG_INFO, "HKDF-Extract mismatch in PRK"); + return -1; + } + if (hmac_sha256_kdf(prk2, sizeof(prk2), NULL, info2, sizeof(info2), + okm, sizeof(okm2)) < 0) + return -1; + if (os_memcmp(okm, okm2, sizeof(okm2)) != 0) { + wpa_printf(MSG_INFO, "HKDF-Expand mismatch in OKM"); + return -1; + } + + wpa_printf(MSG_INFO, "Extract-and-Expand HKDF test cases passed"); + + return 0; +} + + static int test_ms_funcs(void) { #ifndef CONFIG_FIPS @@ -1751,7 +2157,9 @@ int crypto_module_tests(void) test_md5() || test_sha1() || test_sha256() || + test_sha384() || test_fips186_2_prf() || + test_extract_expand_hkdf() || test_ms_funcs()) ret = -1; diff --git a/contrib/wpa/src/crypto/crypto_nettle.c b/contrib/wpa/src/crypto/crypto_nettle.c new file mode 100644 index 000000000000..4e31bc801132 --- /dev/null +++ b/contrib/wpa/src/crypto/crypto_nettle.c @@ -0,0 +1,437 @@ +/* + * Wrapper functions for libnettle and libgmp + * Copyright (c) 2017, Jouni Malinen <j@w1.fi> + * + * This software may be distributed under the terms of the BSD license. + * See README for more details. + */ + +#include "includes.h" +#include <nettle/nettle-meta.h> +#include <nettle/des.h> +#undef des_encrypt +#include <nettle/hmac.h> +#include <nettle/aes.h> +#undef aes_encrypt +#undef aes_decrypt +#include <nettle/arcfour.h> +#include <nettle/bignum.h> + +#include "common.h" +#include "md5.h" +#include "sha1.h" +#include "sha256.h" +#include "sha384.h" +#include "sha512.h" +#include "crypto.h" + + +int des_encrypt(const u8 *clear, const u8 *key, u8 *cypher) +{ + struct des_ctx ctx; + u8 pkey[8], next, tmp; + int i; + + /* Add parity bits to the key */ + next = 0; + for (i = 0; i < 7; i++) { + tmp = key[i]; + pkey[i] = (tmp >> i) | next | 1; + next = tmp << (7 - i); + } + pkey[i] = next | 1; + + nettle_des_set_key(&ctx, pkey); + nettle_des_encrypt(&ctx, DES_BLOCK_SIZE, cypher, clear); + os_memset(&ctx, 0, sizeof(ctx)); + return 0; +} + + +static int nettle_digest_vector(const struct nettle_hash *alg, size_t num_elem, + const u8 *addr[], const size_t *len, u8 *mac) +{ + void *ctx; + size_t i; + + if (TEST_FAIL()) + return -1; + + ctx = os_malloc(alg->context_size); + if (!ctx) + return -1; + alg->init(ctx); + for (i = 0; i < num_elem; i++) + alg->update(ctx, len[i], addr[i]); + alg->digest(ctx, alg->digest_size, mac); + bin_clear_free(ctx, alg->context_size); + return 0; +} + + +int md4_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac) +{ + return nettle_digest_vector(&nettle_md4, num_elem, addr, len, mac); +} + + +int md5_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac) +{ + return nettle_digest_vector(&nettle_md5, num_elem, addr, len, mac); +} + + +int sha1_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac) +{ + return nettle_digest_vector(&nettle_sha1, num_elem, addr, len, mac); +} + + +int sha256_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac) +{ + return nettle_digest_vector(&nettle_sha256, num_elem, addr, len, mac); +} + + +int sha384_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac) +{ + return nettle_digest_vector(&nettle_sha384, num_elem, addr, len, mac); +} + + +int sha512_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac) +{ + return nettle_digest_vector(&nettle_sha512, num_elem, addr, len, mac); +} + + +int hmac_md5_vector(const u8 *key, size_t key_len, size_t num_elem, + const u8 *addr[], const size_t *len, u8 *mac) +{ + struct hmac_md5_ctx ctx; + size_t i; + + if (TEST_FAIL()) + return -1; + + hmac_md5_set_key(&ctx, key_len, key); + for (i = 0; i < num_elem; i++) + hmac_md5_update(&ctx, len[i], addr[i]); + hmac_md5_digest(&ctx, MD5_DIGEST_SIZE, mac); + os_memset(&ctx, 0, sizeof(ctx)); + return 0; +} + + +int hmac_md5(const u8 *key, size_t key_len, const u8 *data, size_t data_len, + u8 *mac) +{ + return hmac_md5_vector(key, key_len, 1, &data, &data_len, mac); +} + + +int hmac_sha1_vector(const u8 *key, size_t key_len, size_t num_elem, + const u8 *addr[], const size_t *len, u8 *mac) +{ + struct hmac_sha1_ctx ctx; + size_t i; + + if (TEST_FAIL()) + return -1; + + hmac_sha1_set_key(&ctx, key_len, key); + for (i = 0; i < num_elem; i++) + hmac_sha1_update(&ctx, len[i], addr[i]); + hmac_sha1_digest(&ctx, SHA1_DIGEST_SIZE, mac); + os_memset(&ctx, 0, sizeof(ctx)); + return 0; +} + + +int hmac_sha1(const u8 *key, size_t key_len, const u8 *data, size_t data_len, + u8 *mac) +{ + return hmac_sha1_vector(key, key_len, 1, &data, &data_len, mac); +} + + +#ifdef CONFIG_SHA256 + +int hmac_sha256_vector(const u8 *key, size_t key_len, size_t num_elem, + const u8 *addr[], const size_t *len, u8 *mac) +{ + struct hmac_sha256_ctx ctx; + size_t i; + + if (TEST_FAIL()) + return -1; + + hmac_sha256_set_key(&ctx, key_len, key); + for (i = 0; i < num_elem; i++) + hmac_sha256_update(&ctx, len[i], addr[i]); + hmac_sha256_digest(&ctx, SHA256_DIGEST_SIZE, mac); + os_memset(&ctx, 0, sizeof(ctx)); + return 0; +} + + +int hmac_sha256(const u8 *key, size_t key_len, const u8 *data, + size_t data_len, u8 *mac) +{ + return hmac_sha256_vector(key, key_len, 1, &data, &data_len, mac); +} + +#endif /* CONFIG_SHA256 */ + + +#ifdef CONFIG_SHA384 + +int hmac_sha384_vector(const u8 *key, size_t key_len, size_t num_elem, + const u8 *addr[], const size_t *len, u8 *mac) +{ + struct hmac_sha384_ctx ctx; + size_t i; + + if (TEST_FAIL()) + return -1; + + hmac_sha384_set_key(&ctx, key_len, key); + for (i = 0; i < num_elem; i++) + hmac_sha384_update(&ctx, len[i], addr[i]); + hmac_sha384_digest(&ctx, SHA384_DIGEST_SIZE, mac); + os_memset(&ctx, 0, sizeof(ctx)); + return 0; +} + + +int hmac_sha384(const u8 *key, size_t key_len, const u8 *data, + size_t data_len, u8 *mac) +{ + return hmac_sha384_vector(key, key_len, 1, &data, &data_len, mac); +} + +#endif /* CONFIG_SHA384 */ + + +#ifdef CONFIG_SHA512 + +int hmac_sha512_vector(const u8 *key, size_t key_len, size_t num_elem, + const u8 *addr[], const size_t *len, u8 *mac) +{ + struct hmac_sha512_ctx ctx; + size_t i; + + if (TEST_FAIL()) + return -1; + + hmac_sha512_set_key(&ctx, key_len, key); + for (i = 0; i < num_elem; i++) + hmac_sha512_update(&ctx, len[i], addr[i]); + hmac_sha512_digest(&ctx, SHA512_DIGEST_SIZE, mac); + os_memset(&ctx, 0, sizeof(ctx)); + return 0; +} + + +int hmac_sha512(const u8 *key, size_t key_len, const u8 *data, + size_t data_len, u8 *mac) +{ + return hmac_sha512_vector(key, key_len, 1, &data, &data_len, mac); +} + +#endif /* CONFIG_SHA512 */ + + +void * aes_encrypt_init(const u8 *key, size_t len) +{ + struct aes_ctx *ctx; + + if (TEST_FAIL()) + return NULL; + ctx = os_malloc(sizeof(*ctx)); + if (!ctx) + return NULL; + + nettle_aes_set_encrypt_key(ctx, len, key); + + return ctx; +} + + +int aes_encrypt(void *ctx, const u8 *plain, u8 *crypt) +{ + struct aes_ctx *actx = ctx; + nettle_aes_encrypt(actx, AES_BLOCK_SIZE, crypt, plain); + return 0; +} + + +void aes_encrypt_deinit(void *ctx) +{ + struct aes_ctx *actx = ctx; + bin_clear_free(actx, sizeof(*actx)); +} + + +void * aes_decrypt_init(const u8 *key, size_t len) +{ + struct aes_ctx *ctx; + + if (TEST_FAIL()) + return NULL; + ctx = os_malloc(sizeof(*ctx)); + if (!ctx) + return NULL; + + nettle_aes_set_decrypt_key(ctx, len, key); + + return ctx; +} + + +int aes_decrypt(void *ctx, const u8 *crypt, u8 *plain) +{ + struct aes_ctx *actx = ctx; + nettle_aes_decrypt(actx, AES_BLOCK_SIZE, plain, crypt); + return 0; +} + + +void aes_decrypt_deinit(void *ctx) +{ + struct aes_ctx *actx = ctx; + bin_clear_free(actx, sizeof(*actx)); +} + + +int crypto_dh_init(u8 generator, const u8 *prime, size_t prime_len, u8 *privkey, + u8 *pubkey) +{ + size_t pubkey_len, pad; + + if (os_get_random(privkey, prime_len) < 0) + return -1; + if (os_memcmp(privkey, prime, prime_len) > 0) { + /* Make sure private value is smaller than prime */ + privkey[0] = 0; + } + + pubkey_len = prime_len; + if (crypto_mod_exp(&generator, 1, privkey, prime_len, prime, prime_len, + pubkey, &pubkey_len) < 0) + return -1; + if (pubkey_len < prime_len) { + pad = prime_len - pubkey_len; + os_memmove(pubkey + pad, pubkey, pubkey_len); + os_memset(pubkey, 0, pad); + } + + return 0; +} + + +int crypto_dh_derive_secret(u8 generator, const u8 *prime, size_t prime_len, + const u8 *privkey, size_t privkey_len, + const u8 *pubkey, size_t pubkey_len, + u8 *secret, size_t *len) +{ + return crypto_mod_exp(pubkey, pubkey_len, privkey, privkey_len, + prime, prime_len, secret, len); +} + + +int crypto_mod_exp(const u8 *base, size_t base_len, + const u8 *power, size_t power_len, + const u8 *modulus, size_t modulus_len, + u8 *result, size_t *result_len) +{ + mpz_t bn_base, bn_exp, bn_modulus, bn_result; + int ret = -1; + size_t len; + + mpz_inits(bn_base, bn_exp, bn_modulus, bn_result, NULL); + mpz_import(bn_base, base_len, 1, 1, 1, 0, base); + mpz_import(bn_exp, power_len, 1, 1, 1, 0, power); + mpz_import(bn_modulus, modulus_len, 1, 1, 1, 0, modulus); + + mpz_powm(bn_result, bn_base, bn_exp, bn_modulus); + len = mpz_sizeinbase(bn_result, 2); + len = (len + 7) / 8; + if (*result_len < len) + goto error; + mpz_export(result, result_len, 1, 1, 1, 0, bn_result); + ret = 0; + +error: + mpz_clears(bn_base, bn_exp, bn_modulus, bn_result, NULL); + return ret; +} + + +struct crypto_cipher { + enum crypto_cipher_alg alg; + union { + struct arcfour_ctx arcfour_ctx; + } u; +}; + + +struct crypto_cipher * crypto_cipher_init(enum crypto_cipher_alg alg, + const u8 *iv, const u8 *key, + size_t key_len) +{ + struct crypto_cipher *ctx; + + ctx = os_zalloc(sizeof(*ctx)); + if (!ctx) + return NULL; + + ctx->alg = alg; + + switch (alg) { + case CRYPTO_CIPHER_ALG_RC4: + nettle_arcfour_set_key(&ctx->u.arcfour_ctx, key_len, key); + break; + default: + os_free(ctx); + return NULL; + } + + return ctx; +} + + +int crypto_cipher_encrypt(struct crypto_cipher *ctx, const u8 *plain, + u8 *crypt, size_t len) +{ + switch (ctx->alg) { + case CRYPTO_CIPHER_ALG_RC4: + nettle_arcfour_crypt(&ctx->u.arcfour_ctx, len, crypt, plain); + break; + default: + return -1; + } + + return 0; +} + + +int crypto_cipher_decrypt(struct crypto_cipher *ctx, const u8 *crypt, + u8 *plain, size_t len) +{ + switch (ctx->alg) { + case CRYPTO_CIPHER_ALG_RC4: + nettle_arcfour_crypt(&ctx->u.arcfour_ctx, len, plain, crypt); + break; + default: + return -1; + } + + return 0; +} + + +void crypto_cipher_deinit(struct crypto_cipher *ctx) +{ + bin_clear_free(ctx, sizeof(*ctx)); +} diff --git a/contrib/wpa/src/crypto/crypto_none.c b/contrib/wpa/src/crypto/crypto_none.c index 011f3f35a055..547919418af9 100644 --- a/contrib/wpa/src/crypto/crypto_none.c +++ b/contrib/wpa/src/crypto/crypto_none.c @@ -18,6 +18,7 @@ int md4_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac) } -void des_encrypt(const u8 *clear, const u8 *key, u8 *cypher) +int des_encrypt(const u8 *clear, const u8 *key, u8 *cypher) { + return 0; } diff --git a/contrib/wpa/src/crypto/crypto_openssl.c b/contrib/wpa/src/crypto/crypto_openssl.c index 19e0e2be87be..f89053a89d67 100644 --- a/contrib/wpa/src/crypto/crypto_openssl.c +++ b/contrib/wpa/src/crypto/crypto_openssl.c @@ -1,6 +1,6 @@ /* * Wrapper functions for OpenSSL libcrypto - * Copyright (c) 2004-2015, Jouni Malinen <j@w1.fi> + * Copyright (c) 2004-2017, Jouni Malinen <j@w1.fi> * * This software may be distributed under the terms of the BSD license. * See README for more details. @@ -29,11 +29,14 @@ #include "sha1.h" #include "sha256.h" #include "sha384.h" +#include "sha512.h" #include "md5.h" #include "aes_wrap.h" #include "crypto.h" -#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) +#if OPENSSL_VERSION_NUMBER < 0x10100000L || \ + (defined(LIBRESSL_VERSION_NUMBER) && \ + LIBRESSL_VERSION_NUMBER < 0x20700000L) /* Compatibility wrappers for older versions. */ static HMAC_CTX * HMAC_CTX_new(void) @@ -79,7 +82,9 @@ static void EVP_MD_CTX_free(EVP_MD_CTX *ctx) static BIGNUM * get_group5_prime(void) { -#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) +#if OPENSSL_VERSION_NUMBER >= 0x10100000L && \ + !(defined(LIBRESSL_VERSION_NUMBER) && \ + LIBRESSL_VERSION_NUMBER < 0x20700000L) return BN_get_rfc3526_prime_1536(NULL); #elif !defined(OPENSSL_IS_BORINGSSL) return get_rfc3526_prime_1536(NULL); @@ -109,6 +114,9 @@ static BIGNUM * get_group5_prime(void) #ifdef OPENSSL_NO_SHA256 #define NO_SHA256_WRAPPER #endif +#ifdef OPENSSL_NO_SHA512 +#define NO_SHA384_WRAPPER +#endif static int openssl_digest_vector(const EVP_MD *type, size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac) @@ -158,7 +166,7 @@ int md4_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac) #endif /* CONFIG_FIPS */ -void des_encrypt(const u8 *clear, const u8 *key, u8 *cypher) +int des_encrypt(const u8 *clear, const u8 *key, u8 *cypher) { u8 pkey[8], next, tmp; int i; @@ -176,6 +184,7 @@ void des_encrypt(const u8 *clear, const u8 *key, u8 *cypher) DES_set_key((DES_cblock *) &pkey, &ks); DES_ecb_encrypt((DES_cblock *) clear, (DES_cblock *) cypher, &ks, DES_ENCRYPT); + return 0; } @@ -243,15 +252,31 @@ int sha256_vector(size_t num_elem, const u8 *addr[], const size_t *len, #endif /* NO_SHA256_WRAPPER */ +#ifndef NO_SHA384_WRAPPER +int sha384_vector(size_t num_elem, const u8 *addr[], const size_t *len, + u8 *mac) +{ + return openssl_digest_vector(EVP_sha384(), num_elem, addr, len, mac); +} +#endif /* NO_SHA384_WRAPPER */ + + +#ifndef NO_SHA512_WRAPPER +int sha512_vector(size_t num_elem, const u8 *addr[], const size_t *len, + u8 *mac) +{ + return openssl_digest_vector(EVP_sha512(), num_elem, addr, len, mac); +} +#endif /* NO_SHA512_WRAPPER */ + + static const EVP_CIPHER * aes_get_evp_cipher(size_t keylen) { switch (keylen) { case 16: return EVP_aes_128_ecb(); -#ifndef OPENSSL_IS_BORINGSSL case 24: return EVP_aes_192_ecb(); -#endif /* OPENSSL_IS_BORINGSSL */ case 32: return EVP_aes_256_ecb(); } @@ -269,8 +294,11 @@ void * aes_encrypt_init(const u8 *key, size_t len) return NULL; type = aes_get_evp_cipher(len); - if (type == NULL) + if (!type) { + wpa_printf(MSG_INFO, "%s: Unsupported len=%u", + __func__, (unsigned int) len); return NULL; + } ctx = EVP_CIPHER_CTX_new(); if (ctx == NULL) @@ -284,14 +312,16 @@ void * aes_encrypt_init(const u8 *key, size_t len) } -void aes_encrypt(void *ctx, const u8 *plain, u8 *crypt) +int aes_encrypt(void *ctx, const u8 *plain, u8 *crypt) { EVP_CIPHER_CTX *c = ctx; int clen = 16; if (EVP_EncryptUpdate(c, crypt, &clen, plain, 16) != 1) { wpa_printf(MSG_ERROR, "OpenSSL: EVP_EncryptUpdate failed: %s", ERR_error_string(ERR_get_error(), NULL)); + return -1; } + return 0; } @@ -321,8 +351,11 @@ void * aes_decrypt_init(const u8 *key, size_t len) return NULL; type = aes_get_evp_cipher(len); - if (type == NULL) + if (!type) { + wpa_printf(MSG_INFO, "%s: Unsupported len=%u", + __func__, (unsigned int) len); return NULL; + } ctx = EVP_CIPHER_CTX_new(); if (ctx == NULL) @@ -336,14 +369,16 @@ void * aes_decrypt_init(const u8 *key, size_t len) } -void aes_decrypt(void *ctx, const u8 *crypt, u8 *plain) +int aes_decrypt(void *ctx, const u8 *crypt, u8 *plain) { EVP_CIPHER_CTX *c = ctx; int plen = 16; if (EVP_DecryptUpdate(c, plain, &plen, crypt, 16) != 1) { wpa_printf(MSG_ERROR, "OpenSSL: EVP_DecryptUpdate failed: %s", ERR_error_string(ERR_get_error(), NULL)); + return -1; } + return 0; } @@ -372,6 +407,8 @@ int aes_wrap(const u8 *kek, size_t kek_len, int n, const u8 *plain, u8 *cipher) AES_KEY actx; int res; + if (TEST_FAIL()) + return -1; if (AES_set_encrypt_key(kek, kek_len << 3, &actx)) return -1; res = AES_wrap_key(&actx, NULL, cipher, plain, n * 8); @@ -386,6 +423,8 @@ int aes_unwrap(const u8 *kek, size_t kek_len, int n, const u8 *cipher, AES_KEY actx; int res; + if (TEST_FAIL()) + return -1; if (AES_set_decrypt_key(kek, kek_len << 3, &actx)) return -1; res = AES_unwrap_key(&actx, NULL, plain, cipher, (n + 1) * 8); @@ -452,6 +491,42 @@ int aes_128_cbc_decrypt(const u8 *key, const u8 *iv, u8 *data, size_t data_len) } +int crypto_dh_init(u8 generator, const u8 *prime, size_t prime_len, u8 *privkey, + u8 *pubkey) +{ + size_t pubkey_len, pad; + + if (os_get_random(privkey, prime_len) < 0) + return -1; + if (os_memcmp(privkey, prime, prime_len) > 0) { + /* Make sure private value is smaller than prime */ + privkey[0] = 0; + } + + pubkey_len = prime_len; + if (crypto_mod_exp(&generator, 1, privkey, prime_len, prime, prime_len, + pubkey, &pubkey_len) < 0) + return -1; + if (pubkey_len < prime_len) { + pad = prime_len - pubkey_len; + os_memmove(pubkey + pad, pubkey, pubkey_len); + os_memset(pubkey, 0, pad); + } + + return 0; +} + + +int crypto_dh_derive_secret(u8 generator, const u8 *prime, size_t prime_len, + const u8 *privkey, size_t privkey_len, + const u8 *pubkey, size_t pubkey_len, + u8 *secret, size_t *len) +{ + return crypto_mod_exp(pubkey, pubkey_len, privkey, privkey_len, + prime, prime_len, secret, len); +} + + int crypto_mod_exp(const u8 *base, size_t base_len, const u8 *power, size_t power_len, const u8 *modulus, size_t modulus_len, @@ -611,7 +686,9 @@ void crypto_cipher_deinit(struct crypto_cipher *ctx) void * dh5_init(struct wpabuf **priv, struct wpabuf **publ) { -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || \ + (defined(LIBRESSL_VERSION_NUMBER) && \ + LIBRESSL_VERSION_NUMBER < 0x20700000L) DH *dh; struct wpabuf *pubkey = NULL, *privkey = NULL; size_t publen, privlen; @@ -712,7 +789,9 @@ err: void * dh5_init_fixed(const struct wpabuf *priv, const struct wpabuf *publ) { -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || \ + (defined(LIBRESSL_VERSION_NUMBER) && \ + LIBRESSL_VERSION_NUMBER < 0x20700000L) DH *dh; dh = DH_new(); @@ -1016,7 +1095,7 @@ int hmac_sha384_vector(const u8 *key, size_t key_len, size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac) { return openssl_hmac_vector(EVP_sha384(), key, key_len, num_elem, addr, - len, mac, 32); + len, mac, 48); } @@ -1029,6 +1108,25 @@ int hmac_sha384(const u8 *key, size_t key_len, const u8 *data, #endif /* CONFIG_SHA384 */ +#ifdef CONFIG_SHA512 + +int hmac_sha512_vector(const u8 *key, size_t key_len, size_t num_elem, + const u8 *addr[], const size_t *len, u8 *mac) +{ + return openssl_hmac_vector(EVP_sha512(), key, key_len, num_elem, addr, + len, mac, 64); +} + + +int hmac_sha512(const u8 *key, size_t key_len, const u8 *data, + size_t data_len, u8 *mac) +{ + return hmac_sha512_vector(key, key_len, 1, &data, &data_len, mac); +} + +#endif /* CONFIG_SHA512 */ + + int crypto_get_random(void *buf, size_t len) { if (RAND_bytes(buf, len) != 1) @@ -1150,6 +1248,12 @@ int crypto_bignum_to_bin(const struct crypto_bignum *a, } +int crypto_bignum_rand(struct crypto_bignum *r, const struct crypto_bignum *m) +{ + return BN_rand_range((BIGNUM *) r, (const BIGNUM *) m) == 1 ? 0 : -1; +} + + int crypto_bignum_add(const struct crypto_bignum *a, const struct crypto_bignum *b, struct crypto_bignum *c) @@ -1275,6 +1379,15 @@ int crypto_bignum_mulmod(const struct crypto_bignum *a, } +int crypto_bignum_rshift(const struct crypto_bignum *a, int n, + struct crypto_bignum *r) +{ + /* Note: BN_rshift() does not modify the first argument even though it + * has not been marked const. */ + return BN_rshift((BIGNUM *) a, (BIGNUM *) r, n) == 1 ? 0 : -1; +} + + int crypto_bignum_cmp(const struct crypto_bignum *a, const struct crypto_bignum *b) { @@ -1300,6 +1413,12 @@ int crypto_bignum_is_one(const struct crypto_bignum *a) } +int crypto_bignum_is_odd(const struct crypto_bignum *a) +{ + return BN_is_odd((const BIGNUM *) a); +} + + int crypto_bignum_legendre(const struct crypto_bignum *a, const struct crypto_bignum *p) { @@ -1343,6 +1462,7 @@ fail: struct crypto_ec { EC_GROUP *group; + int nid; BN_CTX *bnctx; BIGNUM *prime; BIGNUM *order; @@ -1400,6 +1520,7 @@ struct crypto_ec * crypto_ec_init(int group) if (e == NULL) return NULL; + e->nid = nid; e->bnctx = BN_CTX_new(); e->group = EC_GROUP_new_by_curve_name(nid); e->prime = BN_new(); @@ -1432,6 +1553,13 @@ void crypto_ec_deinit(struct crypto_ec *e) } +int crypto_ec_cofactor(struct crypto_ec *e, struct crypto_bignum *cofactor) +{ + return EC_GROUP_get_cofactor(e->group, (BIGNUM *) cofactor, + e->bnctx) == 0 ? -1 : 0; +} + + struct crypto_ec_point * crypto_ec_point_init(struct crypto_ec *e) { if (TEST_FAIL()) @@ -1454,6 +1582,12 @@ size_t crypto_ec_prime_len_bits(struct crypto_ec *e) } +size_t crypto_ec_order_len(struct crypto_ec *e) +{ + return BN_num_bytes(e->order); +} + + const struct crypto_bignum * crypto_ec_get_prime(struct crypto_ec *e) { return (const struct crypto_bignum *) e->prime; @@ -1475,6 +1609,16 @@ void crypto_ec_point_deinit(struct crypto_ec_point *p, int clear) } +int crypto_ec_point_x(struct crypto_ec *e, const struct crypto_ec_point *p, + struct crypto_bignum *x) +{ + return EC_POINT_get_affine_coordinates_GFp(e->group, + (const EC_POINT *) p, + (BIGNUM *) x, NULL, + e->bnctx) == 1 ? 0 : -1; +} + + int crypto_ec_point_to_bin(struct crypto_ec *e, const struct crypto_ec_point *point, u8 *x, u8 *y) { @@ -1640,4 +1784,228 @@ int crypto_ec_point_cmp(const struct crypto_ec *e, (const EC_POINT *) b, e->bnctx); } + +struct crypto_ecdh { + struct crypto_ec *ec; + EVP_PKEY *pkey; +}; + +struct crypto_ecdh * crypto_ecdh_init(int group) +{ + struct crypto_ecdh *ecdh; + EVP_PKEY *params = NULL; + EC_KEY *ec_params; + EVP_PKEY_CTX *kctx = NULL; + + ecdh = os_zalloc(sizeof(*ecdh)); + if (!ecdh) + goto fail; + + ecdh->ec = crypto_ec_init(group); + if (!ecdh->ec) + goto fail; + + ec_params = EC_KEY_new_by_curve_name(ecdh->ec->nid); + if (!ec_params) { + wpa_printf(MSG_ERROR, + "OpenSSL: Failed to generate EC_KEY parameters"); + goto fail; + } + EC_KEY_set_asn1_flag(ec_params, OPENSSL_EC_NAMED_CURVE); + params = EVP_PKEY_new(); + if (!params || EVP_PKEY_set1_EC_KEY(params, ec_params) != 1) { + wpa_printf(MSG_ERROR, + "OpenSSL: Failed to generate EVP_PKEY parameters"); + goto fail; + } + + kctx = EVP_PKEY_CTX_new(params, NULL); + if (!kctx) + goto fail; + + if (EVP_PKEY_keygen_init(kctx) != 1) { + wpa_printf(MSG_ERROR, + "OpenSSL: EVP_PKEY_keygen_init failed: %s", + ERR_error_string(ERR_get_error(), NULL)); + goto fail; + } + + if (EVP_PKEY_keygen(kctx, &ecdh->pkey) != 1) { + wpa_printf(MSG_ERROR, "OpenSSL: EVP_PKEY_keygen failed: %s", + ERR_error_string(ERR_get_error(), NULL)); + goto fail; + } + +done: + EVP_PKEY_free(params); + EVP_PKEY_CTX_free(kctx); + + return ecdh; +fail: + crypto_ecdh_deinit(ecdh); + ecdh = NULL; + goto done; +} + + +struct wpabuf * crypto_ecdh_get_pubkey(struct crypto_ecdh *ecdh, int inc_y) +{ + struct wpabuf *buf = NULL; + EC_KEY *eckey; + const EC_POINT *pubkey; + BIGNUM *x, *y = NULL; + int len = BN_num_bytes(ecdh->ec->prime); + int res; + + eckey = EVP_PKEY_get1_EC_KEY(ecdh->pkey); + if (!eckey) + return NULL; + + pubkey = EC_KEY_get0_public_key(eckey); + if (!pubkey) + return NULL; + + x = BN_new(); + if (inc_y) { + y = BN_new(); + if (!y) + goto fail; + } + buf = wpabuf_alloc(inc_y ? 2 * len : len); + if (!x || !buf) + goto fail; + + if (EC_POINT_get_affine_coordinates_GFp(ecdh->ec->group, pubkey, + x, y, ecdh->ec->bnctx) != 1) { + wpa_printf(MSG_ERROR, + "OpenSSL: EC_POINT_get_affine_coordinates_GFp failed: %s", + ERR_error_string(ERR_get_error(), NULL)); + goto fail; + } + + res = crypto_bignum_to_bin((struct crypto_bignum *) x, + wpabuf_put(buf, len), len, len); + if (res < 0) + goto fail; + + if (inc_y) { + res = crypto_bignum_to_bin((struct crypto_bignum *) y, + wpabuf_put(buf, len), len, len); + if (res < 0) + goto fail; + } + +done: + BN_clear_free(x); + BN_clear_free(y); + EC_KEY_free(eckey); + + return buf; +fail: + wpabuf_free(buf); + buf = NULL; + goto done; +} + + +struct wpabuf * crypto_ecdh_set_peerkey(struct crypto_ecdh *ecdh, int inc_y, + const u8 *key, size_t len) +{ + BIGNUM *x, *y = NULL; + EVP_PKEY_CTX *ctx = NULL; + EVP_PKEY *peerkey = NULL; + struct wpabuf *secret = NULL; + size_t secret_len; + EC_POINT *pub; + EC_KEY *eckey = NULL; + + x = BN_bin2bn(key, inc_y ? len / 2 : len, NULL); + pub = EC_POINT_new(ecdh->ec->group); + if (!x || !pub) + goto fail; + + if (inc_y) { + y = BN_bin2bn(key + len / 2, len / 2, NULL); + if (!y) + goto fail; + if (!EC_POINT_set_affine_coordinates_GFp(ecdh->ec->group, pub, + x, y, + ecdh->ec->bnctx)) { + wpa_printf(MSG_ERROR, + "OpenSSL: EC_POINT_set_affine_coordinates_GFp failed: %s", + ERR_error_string(ERR_get_error(), NULL)); + goto fail; + } + } else if (!EC_POINT_set_compressed_coordinates_GFp(ecdh->ec->group, + pub, x, 0, + ecdh->ec->bnctx)) { + wpa_printf(MSG_ERROR, + "OpenSSL: EC_POINT_set_compressed_coordinates_GFp failed: %s", + ERR_error_string(ERR_get_error(), NULL)); + goto fail; + } + + if (!EC_POINT_is_on_curve(ecdh->ec->group, pub, ecdh->ec->bnctx)) { + wpa_printf(MSG_ERROR, + "OpenSSL: ECDH peer public key is not on curve"); + goto fail; + } + + eckey = EC_KEY_new_by_curve_name(ecdh->ec->nid); + if (!eckey || EC_KEY_set_public_key(eckey, pub) != 1) { + wpa_printf(MSG_ERROR, + "OpenSSL: EC_KEY_set_public_key failed: %s", + ERR_error_string(ERR_get_error(), NULL)); + goto fail; + } + + peerkey = EVP_PKEY_new(); + if (!peerkey || EVP_PKEY_set1_EC_KEY(peerkey, eckey) != 1) + goto fail; + + ctx = EVP_PKEY_CTX_new(ecdh->pkey, NULL); + if (!ctx || EVP_PKEY_derive_init(ctx) != 1 || + EVP_PKEY_derive_set_peer(ctx, peerkey) != 1 || + EVP_PKEY_derive(ctx, NULL, &secret_len) != 1) { + wpa_printf(MSG_ERROR, + "OpenSSL: EVP_PKEY_derive(1) failed: %s", + ERR_error_string(ERR_get_error(), NULL)); + goto fail; + } + + secret = wpabuf_alloc(secret_len); + if (!secret) + goto fail; + if (EVP_PKEY_derive(ctx, wpabuf_put(secret, secret_len), + &secret_len) != 1) { + wpa_printf(MSG_ERROR, + "OpenSSL: EVP_PKEY_derive(2) failed: %s", + ERR_error_string(ERR_get_error(), NULL)); + goto fail; + } + +done: + BN_free(x); + BN_free(y); + EC_KEY_free(eckey); + EC_POINT_free(pub); + EVP_PKEY_CTX_free(ctx); + EVP_PKEY_free(peerkey); + return secret; +fail: + wpabuf_free(secret); + secret = NULL; + goto done; +} + + +void crypto_ecdh_deinit(struct crypto_ecdh *ecdh) +{ + if (ecdh) { + crypto_ec_deinit(ecdh->ec); + EVP_PKEY_free(ecdh->pkey); + os_free(ecdh); + } +} + #endif /* CONFIG_ECC */ diff --git a/contrib/wpa/src/crypto/crypto_wolfssl.c b/contrib/wpa/src/crypto/crypto_wolfssl.c new file mode 100644 index 000000000000..b5a1e3fa31bc --- /dev/null +++ b/contrib/wpa/src/crypto/crypto_wolfssl.c @@ -0,0 +1,1791 @@ +/* + * Wrapper functions for libwolfssl + * Copyright (c) 2004-2017, Jouni Malinen <j@w1.fi> + * + * This software may be distributed under the terms of the BSD license. + * See README for more details. + */ + +#include "includes.h" + +#include "common.h" +#include "crypto.h" + +/* wolfSSL headers */ +#include <wolfssl/options.h> +#include <wolfssl/wolfcrypt/md4.h> +#include <wolfssl/wolfcrypt/md5.h> +#include <wolfssl/wolfcrypt/sha.h> +#include <wolfssl/wolfcrypt/sha256.h> +#include <wolfssl/wolfcrypt/sha512.h> +#include <wolfssl/wolfcrypt/hmac.h> +#include <wolfssl/wolfcrypt/pwdbased.h> +#include <wolfssl/wolfcrypt/arc4.h> +#include <wolfssl/wolfcrypt/des3.h> +#include <wolfssl/wolfcrypt/aes.h> +#include <wolfssl/wolfcrypt/dh.h> +#include <wolfssl/wolfcrypt/cmac.h> +#include <wolfssl/wolfcrypt/ecc.h> +#include <wolfssl/openssl/bn.h> + + +#ifndef CONFIG_FIPS + +int md4_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac) +{ + Md4 md4; + size_t i; + + if (TEST_FAIL()) + return -1; + + wc_InitMd4(&md4); + + for (i = 0; i < num_elem; i++) + wc_Md4Update(&md4, addr[i], len[i]); + + wc_Md4Final(&md4, mac); + + return 0; +} + + +int md5_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac) +{ + wc_Md5 md5; + size_t i; + + if (TEST_FAIL()) + return -1; + + wc_InitMd5(&md5); + + for (i = 0; i < num_elem; i++) + wc_Md5Update(&md5, addr[i], len[i]); + + wc_Md5Final(&md5, mac); + + return 0; +} + +#endif /* CONFIG_FIPS */ + + +int sha1_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac) +{ + wc_Sha sha; + size_t i; + + if (TEST_FAIL()) + return -1; + + wc_InitSha(&sha); + + for (i = 0; i < num_elem; i++) + wc_ShaUpdate(&sha, addr[i], len[i]); + + wc_ShaFinal(&sha, mac); + + return 0; +} + + +#ifndef NO_SHA256_WRAPPER +int sha256_vector(size_t num_elem, const u8 *addr[], const size_t *len, + u8 *mac) +{ + wc_Sha256 sha256; + size_t i; + + if (TEST_FAIL()) + return -1; + + wc_InitSha256(&sha256); + + for (i = 0; i < num_elem; i++) + wc_Sha256Update(&sha256, addr[i], len[i]); + + wc_Sha256Final(&sha256, mac); + + return 0; +} +#endif /* NO_SHA256_WRAPPER */ + + +#ifdef CONFIG_SHA384 +int sha384_vector(size_t num_elem, const u8 *addr[], const size_t *len, + u8 *mac) +{ + wc_Sha384 sha384; + size_t i; + + if (TEST_FAIL()) + return -1; + + wc_InitSha384(&sha384); + + for (i = 0; i < num_elem; i++) + wc_Sha384Update(&sha384, addr[i], len[i]); + + wc_Sha384Final(&sha384, mac); + + return 0; +} +#endif /* CONFIG_SHA384 */ + + +#ifdef CONFIG_SHA512 +int sha512_vector(size_t num_elem, const u8 *addr[], const size_t *len, + u8 *mac) +{ + wc_Sha512 sha512; + size_t i; + + if (TEST_FAIL()) + return -1; + + wc_InitSha512(&sha512); + + for (i = 0; i < num_elem; i++) + wc_Sha512Update(&sha512, addr[i], len[i]); + + wc_Sha512Final(&sha512, mac); + + return 0; +} +#endif /* CONFIG_SHA512 */ + + +static int wolfssl_hmac_vector(int type, const u8 *key, + size_t key_len, size_t num_elem, + const u8 *addr[], const size_t *len, u8 *mac, + unsigned int mdlen) +{ + Hmac hmac; + size_t i; + + (void) mdlen; + + if (TEST_FAIL()) + return -1; + + if (wc_HmacSetKey(&hmac, type, key, (word32) key_len) != 0) + return -1; + for (i = 0; i < num_elem; i++) + if (wc_HmacUpdate(&hmac, addr[i], len[i]) != 0) + return -1; + if (wc_HmacFinal(&hmac, mac) != 0) + return -1; + return 0; +} + + +#ifndef CONFIG_FIPS + +int hmac_md5_vector(const u8 *key, size_t key_len, size_t num_elem, + const u8 *addr[], const size_t *len, u8 *mac) +{ + return wolfssl_hmac_vector(WC_MD5, key, key_len, num_elem, addr, len, + mac, 16); +} + + +int hmac_md5(const u8 *key, size_t key_len, const u8 *data, size_t data_len, + u8 *mac) +{ + return hmac_md5_vector(key, key_len, 1, &data, &data_len, mac); +} + +#endif /* CONFIG_FIPS */ + + +int hmac_sha1_vector(const u8 *key, size_t key_len, size_t num_elem, + const u8 *addr[], const size_t *len, u8 *mac) +{ + return wolfssl_hmac_vector(WC_SHA, key, key_len, num_elem, addr, len, + mac, 20); +} + + +int hmac_sha1(const u8 *key, size_t key_len, const u8 *data, size_t data_len, + u8 *mac) +{ + return hmac_sha1_vector(key, key_len, 1, &data, &data_len, mac); +} + + +#ifdef CONFIG_SHA256 + +int hmac_sha256_vector(const u8 *key, size_t key_len, size_t num_elem, + const u8 *addr[], const size_t *len, u8 *mac) +{ + return wolfssl_hmac_vector(WC_SHA256, key, key_len, num_elem, addr, len, + mac, 32); +} + + +int hmac_sha256(const u8 *key, size_t key_len, const u8 *data, + size_t data_len, u8 *mac) +{ + return hmac_sha256_vector(key, key_len, 1, &data, &data_len, mac); +} + +#endif /* CONFIG_SHA256 */ + + +#ifdef CONFIG_SHA384 + +int hmac_sha384_vector(const u8 *key, size_t key_len, size_t num_elem, + const u8 *addr[], const size_t *len, u8 *mac) +{ + return wolfssl_hmac_vector(WC_SHA384, key, key_len, num_elem, addr, len, + mac, 48); +} + + +int hmac_sha384(const u8 *key, size_t key_len, const u8 *data, + size_t data_len, u8 *mac) +{ + return hmac_sha384_vector(key, key_len, 1, &data, &data_len, mac); +} + +#endif /* CONFIG_SHA384 */ + + +#ifdef CONFIG_SHA512 + +int hmac_sha512_vector(const u8 *key, size_t key_len, size_t num_elem, + const u8 *addr[], const size_t *len, u8 *mac) +{ + return wolfssl_hmac_vector(WC_SHA512, key, key_len, num_elem, addr, len, + mac, 64); +} + + +int hmac_sha512(const u8 *key, size_t key_len, const u8 *data, + size_t data_len, u8 *mac) +{ + return hmac_sha512_vector(key, key_len, 1, &data, &data_len, mac); +} + +#endif /* CONFIG_SHA512 */ + + +int pbkdf2_sha1(const char *passphrase, const u8 *ssid, size_t ssid_len, + int iterations, u8 *buf, size_t buflen) +{ + if (wc_PBKDF2(buf, (const byte*)passphrase, os_strlen(passphrase), ssid, + ssid_len, iterations, buflen, WC_SHA) != 0) + return -1; + return 0; +} + + +#ifdef CONFIG_DES +int des_encrypt(const u8 *clear, const u8 *key, u8 *cypher) +{ + Des des; + u8 pkey[8], next, tmp; + int i; + + /* Add parity bits to the key */ + next = 0; + for (i = 0; i < 7; i++) { + tmp = key[i]; + pkey[i] = (tmp >> i) | next | 1; + next = tmp << (7 - i); + } + pkey[i] = next | 1; + + wc_Des_SetKey(&des, pkey, NULL, DES_ENCRYPTION); + wc_Des_EcbEncrypt(&des, cypher, clear, DES_BLOCK_SIZE); + + return 0; +} +#endif /* CONFIG_DES */ + + +void * aes_encrypt_init(const u8 *key, size_t len) +{ + Aes *aes; + + if (TEST_FAIL()) + return NULL; + + aes = os_malloc(sizeof(Aes)); + if (!aes) + return NULL; + + if (wc_AesSetKey(aes, key, len, NULL, AES_ENCRYPTION) < 0) { + os_free(aes); + return NULL; + } + + return aes; +} + + +int aes_encrypt(void *ctx, const u8 *plain, u8 *crypt) +{ + wc_AesEncryptDirect(ctx, crypt, plain); + return 0; +} + + +void aes_encrypt_deinit(void *ctx) +{ + os_free(ctx); +} + + +void * aes_decrypt_init(const u8 *key, size_t len) +{ + Aes *aes; + + if (TEST_FAIL()) + return NULL; + + aes = os_malloc(sizeof(Aes)); + if (!aes) + return NULL; + + if (wc_AesSetKey(aes, key, len, NULL, AES_DECRYPTION) < 0) { + os_free(aes); + return NULL; + } + + return aes; +} + + +int aes_decrypt(void *ctx, const u8 *crypt, u8 *plain) +{ + wc_AesDecryptDirect(ctx, plain, crypt); + return 0; +} + + +void aes_decrypt_deinit(void *ctx) +{ + os_free(ctx); +} + + +int aes_128_cbc_encrypt(const u8 *key, const u8 *iv, u8 *data, size_t data_len) +{ + Aes aes; + int ret; + + if (TEST_FAIL()) + return -1; + + ret = wc_AesSetKey(&aes, key, 16, iv, AES_ENCRYPTION); + if (ret != 0) + return -1; + + ret = wc_AesCbcEncrypt(&aes, data, data, data_len); + if (ret != 0) + return -1; + return 0; +} + + +int aes_128_cbc_decrypt(const u8 *key, const u8 *iv, u8 *data, size_t data_len) +{ + Aes aes; + int ret; + + if (TEST_FAIL()) + return -1; + + ret = wc_AesSetKey(&aes, key, 16, iv, AES_DECRYPTION); + if (ret != 0) + return -1; + + ret = wc_AesCbcDecrypt(&aes, data, data, data_len); + if (ret != 0) + return -1; + return 0; +} + + +int aes_wrap(const u8 *kek, size_t kek_len, int n, const u8 *plain, u8 *cipher) +{ + int ret; + + if (TEST_FAIL()) + return -1; + + ret = wc_AesKeyWrap(kek, kek_len, plain, n * 8, cipher, (n + 1) * 8, + NULL); + return ret != (n + 1) * 8 ? -1 : 0; +} + + +int aes_unwrap(const u8 *kek, size_t kek_len, int n, const u8 *cipher, + u8 *plain) +{ + int ret; + + if (TEST_FAIL()) + return -1; + + ret = wc_AesKeyUnWrap(kek, kek_len, cipher, (n + 1) * 8, plain, n * 8, + NULL); + return ret != n * 8 ? -1 : 0; +} + + +#ifndef CONFIG_NO_RC4 +int rc4_skip(const u8 *key, size_t keylen, size_t skip, u8 *data, + size_t data_len) +{ +#ifndef NO_RC4 + Arc4 arc4; + unsigned char skip_buf[16]; + + wc_Arc4SetKey(&arc4, key, keylen); + + while (skip >= sizeof(skip_buf)) { + size_t len = skip; + + if (len > sizeof(skip_buf)) + len = sizeof(skip_buf); + wc_Arc4Process(&arc4, skip_buf, skip_buf, len); + skip -= len; + } + + wc_Arc4Process(&arc4, data, data, data_len); + + return 0; +#else /* NO_RC4 */ + return -1; +#endif /* NO_RC4 */ +} +#endif /* CONFIG_NO_RC4 */ + + +#if defined(EAP_IKEV2) || defined(EAP_IKEV2_DYNAMIC) \ + || defined(EAP_SERVER_IKEV2) +union wolfssl_cipher { + Aes aes; + Des3 des3; + Arc4 arc4; +}; + +struct crypto_cipher { + enum crypto_cipher_alg alg; + union wolfssl_cipher enc; + union wolfssl_cipher dec; +}; + +struct crypto_cipher * crypto_cipher_init(enum crypto_cipher_alg alg, + const u8 *iv, const u8 *key, + size_t key_len) +{ + struct crypto_cipher *ctx; + + ctx = os_zalloc(sizeof(*ctx)); + if (!ctx) + return NULL; + + switch (alg) { +#ifndef CONFIG_NO_RC4 +#ifndef NO_RC4 + case CRYPTO_CIPHER_ALG_RC4: + wc_Arc4SetKey(&ctx->enc.arc4, key, key_len); + wc_Arc4SetKey(&ctx->dec.arc4, key, key_len); + break; +#endif /* NO_RC4 */ +#endif /* CONFIG_NO_RC4 */ +#ifndef NO_AES + case CRYPTO_CIPHER_ALG_AES: + switch (key_len) { + case 16: + case 24: + case 32: + break; + default: + os_free(ctx); + return NULL; + } + if (wc_AesSetKey(&ctx->enc.aes, key, key_len, iv, + AES_ENCRYPTION) || + wc_AesSetKey(&ctx->dec.aes, key, key_len, iv, + AES_DECRYPTION)) { + os_free(ctx); + return NULL; + } + break; +#endif /* NO_AES */ +#ifndef NO_DES3 + case CRYPTO_CIPHER_ALG_3DES: + if (key_len != DES3_KEYLEN || + wc_Des3_SetKey(&ctx->enc.des3, key, iv, DES_ENCRYPTION) || + wc_Des3_SetKey(&ctx->dec.des3, key, iv, DES_DECRYPTION)) { + os_free(ctx); + return NULL; + } + break; +#endif /* NO_DES3 */ + case CRYPTO_CIPHER_ALG_RC2: + case CRYPTO_CIPHER_ALG_DES: + default: + os_free(ctx); + return NULL; + } + + ctx->alg = alg; + + return ctx; +} + + +int crypto_cipher_encrypt(struct crypto_cipher *ctx, const u8 *plain, + u8 *crypt, size_t len) +{ + switch (ctx->alg) { +#ifndef CONFIG_NO_RC4 +#ifndef NO_RC4 + case CRYPTO_CIPHER_ALG_RC4: + wc_Arc4Process(&ctx->enc.arc4, crypt, plain, len); + return 0; +#endif /* NO_RC4 */ +#endif /* CONFIG_NO_RC4 */ +#ifndef NO_AES + case CRYPTO_CIPHER_ALG_AES: + if (wc_AesCbcEncrypt(&ctx->enc.aes, crypt, plain, len) != 0) + return -1; + return 0; +#endif /* NO_AES */ +#ifndef NO_DES3 + case CRYPTO_CIPHER_ALG_3DES: + if (wc_Des3_CbcEncrypt(&ctx->enc.des3, crypt, plain, len) != 0) + return -1; + return 0; +#endif /* NO_DES3 */ + default: + return -1; + } + return -1; +} + + +int crypto_cipher_decrypt(struct crypto_cipher *ctx, const u8 *crypt, + u8 *plain, size_t len) +{ + switch (ctx->alg) { +#ifndef CONFIG_NO_RC4 +#ifndef NO_RC4 + case CRYPTO_CIPHER_ALG_RC4: + wc_Arc4Process(&ctx->dec.arc4, plain, crypt, len); + return 0; +#endif /* NO_RC4 */ +#endif /* CONFIG_NO_RC4 */ +#ifndef NO_AES + case CRYPTO_CIPHER_ALG_AES: + if (wc_AesCbcDecrypt(&ctx->dec.aes, plain, crypt, len) != 0) + return -1; + return 0; +#endif /* NO_AES */ +#ifndef NO_DES3 + case CRYPTO_CIPHER_ALG_3DES: + if (wc_Des3_CbcDecrypt(&ctx->dec.des3, plain, crypt, len) != 0) + return -1; + return 0; +#endif /* NO_DES3 */ + default: + return -1; + } + return -1; +} + + +void crypto_cipher_deinit(struct crypto_cipher *ctx) +{ + os_free(ctx); +} + +#endif + + +#ifdef CONFIG_WPS_NFC + +static const unsigned char RFC3526_PRIME_1536[] = { + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2, + 0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, + 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6, + 0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, + 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D, + 0xF2, 0x5F, 0x14, 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, + 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9, + 0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, + 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11, + 0x7C, 0x4B, 0x1F, 0xE6, 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, + 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, 0x98, 0xDA, 0x48, 0x36, + 0x1C, 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, + 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62, 0xF3, 0x56, + 0x20, 0x85, 0x52, 0xBB, 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, + 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, 0xF1, 0x74, 0x6C, 0x08, + 0xCA, 0x23, 0x73, 0x27, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF +}; + +static const unsigned char RFC3526_GENERATOR_1536[] = { + 0x02 +}; + +#define RFC3526_LEN sizeof(RFC3526_PRIME_1536) + + +void * dh5_init(struct wpabuf **priv, struct wpabuf **publ) +{ + WC_RNG rng; + DhKey *ret = NULL; + DhKey *dh = NULL; + struct wpabuf *privkey = NULL; + struct wpabuf *pubkey = NULL; + word32 priv_sz, pub_sz; + + *priv = NULL; + wpabuf_free(*publ); + *publ = NULL; + + dh = XMALLOC(sizeof(DhKey), NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (!dh) + return NULL; + wc_InitDhKey(dh); + + if (wc_InitRng(&rng) != 0) { + XFREE(dh, NULL, DYNAMIC_TYPE_TMP_BUFFER); + return NULL; + } + + privkey = wpabuf_alloc(RFC3526_LEN); + pubkey = wpabuf_alloc(RFC3526_LEN); + if (!privkey || !pubkey) + goto done; + + if (wc_DhSetKey(dh, RFC3526_PRIME_1536, sizeof(RFC3526_PRIME_1536), + RFC3526_GENERATOR_1536, sizeof(RFC3526_GENERATOR_1536)) + != 0) + goto done; + + if (wc_DhGenerateKeyPair(dh, &rng, wpabuf_mhead(privkey), &priv_sz, + wpabuf_mhead(pubkey), &pub_sz) != 0) + goto done; + + wpabuf_put(privkey, priv_sz); + wpabuf_put(pubkey, pub_sz); + + ret = dh; + *priv = privkey; + *publ = pubkey; + dh = NULL; + privkey = NULL; + pubkey = NULL; +done: + wpabuf_clear_free(pubkey); + wpabuf_clear_free(privkey); + if (dh) { + wc_FreeDhKey(dh); + XFREE(dh, NULL, DYNAMIC_TYPE_TMP_BUFFER); + } + wc_FreeRng(&rng); + return ret; +} + + +void * dh5_init_fixed(const struct wpabuf *priv, const struct wpabuf *publ) +{ + DhKey *ret = NULL; + DhKey *dh; + byte *secret; + word32 secret_sz; + + dh = XMALLOC(sizeof(DhKey), NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (!dh) + return NULL; + wc_InitDhKey(dh); + + secret = XMALLOC(RFC3526_LEN, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (!secret) + goto done; + + if (wc_DhSetKey(dh, RFC3526_PRIME_1536, sizeof(RFC3526_PRIME_1536), + RFC3526_GENERATOR_1536, sizeof(RFC3526_GENERATOR_1536)) + != 0) + goto done; + + if (wc_DhAgree(dh, secret, &secret_sz, wpabuf_head(priv), + wpabuf_len(priv), RFC3526_GENERATOR_1536, + sizeof(RFC3526_GENERATOR_1536)) != 0) + goto done; + + if (secret_sz != wpabuf_len(publ) || + os_memcmp(secret, wpabuf_head(publ), secret_sz) != 0) + goto done; + + ret = dh; + dh = NULL; +done: + if (dh) { + wc_FreeDhKey(dh); + XFREE(dh, NULL, DYNAMIC_TYPE_TMP_BUFFER); + } + XFREE(secret, NULL, DYNAMIC_TYPE_TMP_BUFFER); + return ret; +} + + +struct wpabuf * dh5_derive_shared(void *ctx, const struct wpabuf *peer_public, + const struct wpabuf *own_private) +{ + struct wpabuf *ret = NULL; + struct wpabuf *secret; + word32 secret_sz; + + secret = wpabuf_alloc(RFC3526_LEN); + if (!secret) + goto done; + + if (wc_DhAgree(ctx, wpabuf_mhead(secret), &secret_sz, + wpabuf_head(own_private), wpabuf_len(own_private), + wpabuf_head(peer_public), wpabuf_len(peer_public)) != 0) + goto done; + + wpabuf_put(secret, secret_sz); + + ret = secret; + secret = NULL; +done: + wpabuf_clear_free(secret); + return ret; +} + + +void dh5_free(void *ctx) +{ + if (!ctx) + return; + + wc_FreeDhKey(ctx); + XFREE(ctx, NULL, DYNAMIC_TYPE_TMP_BUFFER); +} + +#endif /* CONFIG_WPS_NFC */ + + +int crypto_dh_init(u8 generator, const u8 *prime, size_t prime_len, u8 *privkey, + u8 *pubkey) +{ + int ret = -1; + WC_RNG rng; + DhKey *dh = NULL; + word32 priv_sz, pub_sz; + + if (TEST_FAIL()) + return -1; + + dh = os_malloc(sizeof(DhKey)); + if (!dh) + return -1; + wc_InitDhKey(dh); + + if (wc_InitRng(&rng) != 0) { + os_free(dh); + return -1; + } + + if (wc_DhSetKey(dh, prime, prime_len, &generator, 1) != 0) + goto done; + + if (wc_DhGenerateKeyPair(dh, &rng, privkey, &priv_sz, pubkey, &pub_sz) + != 0) + goto done; + + if (priv_sz < prime_len) { + size_t pad_sz = prime_len - priv_sz; + + os_memmove(privkey + pad_sz, privkey, priv_sz); + os_memset(privkey, 0, pad_sz); + } + + if (pub_sz < prime_len) { + size_t pad_sz = prime_len - pub_sz; + + os_memmove(pubkey + pad_sz, pubkey, pub_sz); + os_memset(pubkey, 0, pad_sz); + } + ret = 0; +done: + wc_FreeDhKey(dh); + os_free(dh); + wc_FreeRng(&rng); + return ret; +} + + +int crypto_dh_derive_secret(u8 generator, const u8 *prime, size_t prime_len, + const u8 *privkey, size_t privkey_len, + const u8 *pubkey, size_t pubkey_len, + u8 *secret, size_t *len) +{ + int ret = -1; + DhKey *dh; + word32 secret_sz; + + dh = os_malloc(sizeof(DhKey)); + if (!dh) + return -1; + wc_InitDhKey(dh); + + if (wc_DhSetKey(dh, prime, prime_len, &generator, 1) != 0) + goto done; + + if (wc_DhAgree(dh, secret, &secret_sz, privkey, privkey_len, pubkey, + pubkey_len) != 0) + goto done; + + *len = secret_sz; + ret = 0; +done: + wc_FreeDhKey(dh); + os_free(dh); + return ret; +} + + +#ifdef CONFIG_FIPS +int crypto_get_random(void *buf, size_t len) +{ + int ret = 0; + WC_RNG rng; + + if (wc_InitRng(&rng) != 0) + return -1; + if (wc_RNG_GenerateBlock(&rng, buf, len) != 0) + ret = -1; + wc_FreeRng(&rng); + return ret; +} +#endif /* CONFIG_FIPS */ + + +#if defined(EAP_PWD) || defined(EAP_SERVER_PWD) +struct crypto_hash { + Hmac hmac; + int size; +}; + + +struct crypto_hash * crypto_hash_init(enum crypto_hash_alg alg, const u8 *key, + size_t key_len) +{ + struct crypto_hash *ret = NULL; + struct crypto_hash *hash; + int type; + + hash = os_zalloc(sizeof(*hash)); + if (!hash) + goto done; + + switch (alg) { +#ifndef NO_MD5 + case CRYPTO_HASH_ALG_HMAC_MD5: + hash->size = 16; + type = WC_MD5; + break; +#endif /* NO_MD5 */ +#ifndef NO_SHA + case CRYPTO_HASH_ALG_HMAC_SHA1: + type = WC_SHA; + hash->size = 20; + break; +#endif /* NO_SHA */ +#ifdef CONFIG_SHA256 +#ifndef NO_SHA256 + case CRYPTO_HASH_ALG_HMAC_SHA256: + type = WC_SHA256; + hash->size = 32; + break; +#endif /* NO_SHA256 */ +#endif /* CONFIG_SHA256 */ + default: + goto done; + } + + if (wc_HmacSetKey(&hash->hmac, type, key, key_len) != 0) + goto done; + + ret = hash; + hash = NULL; +done: + os_free(hash); + return ret; +} + + +void crypto_hash_update(struct crypto_hash *ctx, const u8 *data, size_t len) +{ + if (!ctx) + return; + wc_HmacUpdate(&ctx->hmac, data, len); +} + + +int crypto_hash_finish(struct crypto_hash *ctx, u8 *mac, size_t *len) +{ + int ret = 0; + + if (!ctx) + return -2; + + if (!mac || !len) + goto done; + + if (wc_HmacFinal(&ctx->hmac, mac) != 0) { + ret = -1; + goto done; + } + + *len = ctx->size; + ret = 0; +done: + bin_clear_free(ctx, sizeof(*ctx)); + return ret; +} + +#endif + + +int omac1_aes_vector(const u8 *key, size_t key_len, size_t num_elem, + const u8 *addr[], const size_t *len, u8 *mac) +{ + Cmac cmac; + size_t i; + word32 sz; + + if (TEST_FAIL()) + return -1; + + if (wc_InitCmac(&cmac, key, key_len, WC_CMAC_AES, NULL) != 0) + return -1; + + for (i = 0; i < num_elem; i++) + if (wc_CmacUpdate(&cmac, addr[i], len[i]) != 0) + return -1; + + sz = AES_BLOCK_SIZE; + if (wc_CmacFinal(&cmac, mac, &sz) != 0 || sz != AES_BLOCK_SIZE) + return -1; + + return 0; +} + + +int omac1_aes_128_vector(const u8 *key, size_t num_elem, + const u8 *addr[], const size_t *len, u8 *mac) +{ + return omac1_aes_vector(key, 16, num_elem, addr, len, mac); +} + + +int omac1_aes_128(const u8 *key, const u8 *data, size_t data_len, u8 *mac) +{ + return omac1_aes_128_vector(key, 1, &data, &data_len, mac); +} + + +int omac1_aes_256(const u8 *key, const u8 *data, size_t data_len, u8 *mac) +{ + return omac1_aes_vector(key, 32, 1, &data, &data_len, mac); +} + + +struct crypto_bignum * crypto_bignum_init(void) +{ + mp_int *a; + + if (TEST_FAIL()) + return NULL; + + a = os_malloc(sizeof(*a)); + if (!a || mp_init(a) != MP_OKAY) { + os_free(a); + a = NULL; + } + + return (struct crypto_bignum *) a; +} + + +struct crypto_bignum * crypto_bignum_init_set(const u8 *buf, size_t len) +{ + mp_int *a; + + if (TEST_FAIL()) + return NULL; + + a = (mp_int *) crypto_bignum_init(); + if (!a) + return NULL; + + if (mp_read_unsigned_bin(a, buf, len) != MP_OKAY) { + os_free(a); + a = NULL; + } + + return (struct crypto_bignum *) a; +} + + +void crypto_bignum_deinit(struct crypto_bignum *n, int clear) +{ + if (!n) + return; + + if (clear) + mp_forcezero((mp_int *) n); + mp_clear((mp_int *) n); + os_free((mp_int *) n); +} + + +int crypto_bignum_to_bin(const struct crypto_bignum *a, + u8 *buf, size_t buflen, size_t padlen) +{ + int num_bytes, offset; + + if (TEST_FAIL()) + return -1; + + if (padlen > buflen) + return -1; + + num_bytes = (mp_count_bits((mp_int *) a) + 7) / 8; + if ((size_t) num_bytes > buflen) + return -1; + if (padlen > (size_t) num_bytes) + offset = padlen - num_bytes; + else + offset = 0; + + os_memset(buf, 0, offset); + mp_to_unsigned_bin((mp_int *) a, buf + offset); + + return num_bytes + offset; +} + + +int crypto_bignum_rand(struct crypto_bignum *r, const struct crypto_bignum *m) +{ + int ret = 0; + WC_RNG rng; + + if (wc_InitRng(&rng) != 0) + return -1; + if (mp_rand_prime((mp_int *) r, + (mp_count_bits((mp_int *) m) + 7) / 8 * 2, + &rng, NULL) != 0) + ret = -1; + if (ret == 0 && + mp_mod((mp_int *) r, (mp_int *) m, (mp_int *) r) != 0) + ret = -1; + wc_FreeRng(&rng); + return ret; +} + + +int crypto_bignum_add(const struct crypto_bignum *a, + const struct crypto_bignum *b, + struct crypto_bignum *r) +{ + return mp_add((mp_int *) a, (mp_int *) b, + (mp_int *) r) == MP_OKAY ? 0 : -1; +} + + +int crypto_bignum_mod(const struct crypto_bignum *a, + const struct crypto_bignum *m, + struct crypto_bignum *r) +{ + return mp_mod((mp_int *) a, (mp_int *) m, + (mp_int *) r) == MP_OKAY ? 0 : -1; +} + + +int crypto_bignum_exptmod(const struct crypto_bignum *b, + const struct crypto_bignum *e, + const struct crypto_bignum *m, + struct crypto_bignum *r) +{ + if (TEST_FAIL()) + return -1; + + return mp_exptmod((mp_int *) b, (mp_int *) e, (mp_int *) m, + (mp_int *) r) == MP_OKAY ? 0 : -1; +} + + +int crypto_bignum_inverse(const struct crypto_bignum *a, + const struct crypto_bignum *m, + struct crypto_bignum *r) +{ + if (TEST_FAIL()) + return -1; + + return mp_invmod((mp_int *) a, (mp_int *) m, + (mp_int *) r) == MP_OKAY ? 0 : -1; +} + + +int crypto_bignum_sub(const struct crypto_bignum *a, + const struct crypto_bignum *b, + struct crypto_bignum *r) +{ + if (TEST_FAIL()) + return -1; + + return mp_add((mp_int *) a, (mp_int *) b, + (mp_int *) r) == MP_OKAY ? 0 : -1; +} + + +int crypto_bignum_div(const struct crypto_bignum *a, + const struct crypto_bignum *b, + struct crypto_bignum *d) +{ + if (TEST_FAIL()) + return -1; + + return mp_div((mp_int *) a, (mp_int *) b, (mp_int *) d, + NULL) == MP_OKAY ? 0 : -1; +} + + +int crypto_bignum_mulmod(const struct crypto_bignum *a, + const struct crypto_bignum *b, + const struct crypto_bignum *m, + struct crypto_bignum *d) +{ + if (TEST_FAIL()) + return -1; + + return mp_mulmod((mp_int *) a, (mp_int *) b, (mp_int *) m, + (mp_int *) d) == MP_OKAY ? 0 : -1; +} + + +int crypto_bignum_rshift(const struct crypto_bignum *a, int n, + struct crypto_bignum *r) +{ + if (mp_copy((mp_int *) a, (mp_int *) r) != MP_OKAY) + return -1; + mp_rshb((mp_int *) r, n); + return 0; +} + + +int crypto_bignum_cmp(const struct crypto_bignum *a, + const struct crypto_bignum *b) +{ + return mp_cmp((mp_int *) a, (mp_int *) b); +} + + +int crypto_bignum_bits(const struct crypto_bignum *a) +{ + return mp_count_bits((mp_int *) a); +} + + +int crypto_bignum_is_zero(const struct crypto_bignum *a) +{ + return mp_iszero((mp_int *) a); +} + + +int crypto_bignum_is_one(const struct crypto_bignum *a) +{ + return mp_isone((const mp_int *) a); +} + +int crypto_bignum_is_odd(const struct crypto_bignum *a) +{ + return mp_isodd((mp_int *) a); +} + + +int crypto_bignum_legendre(const struct crypto_bignum *a, + const struct crypto_bignum *p) +{ + mp_int t; + int ret; + int res = -2; + + if (TEST_FAIL()) + return -2; + + if (mp_init(&t) != MP_OKAY) + return -2; + + /* t = (p-1) / 2 */ + ret = mp_sub_d((mp_int *) p, 1, &t); + if (ret == MP_OKAY) + mp_rshb(&t, 1); + if (ret == MP_OKAY) + ret = mp_exptmod((mp_int *) a, &t, (mp_int *) p, &t); + if (ret == MP_OKAY) { + if (mp_isone(&t)) + res = 1; + else if (mp_iszero(&t)) + res = 0; + else + res = -1; + } + + mp_clear(&t); + return res; +} + + +#ifdef CONFIG_ECC + +int ecc_map(ecc_point *, mp_int *, mp_digit); +int ecc_projective_add_point(ecc_point *P, ecc_point *Q, ecc_point *R, + mp_int *a, mp_int *modulus, mp_digit mp); + +struct crypto_ec { + ecc_key key; + mp_int a; + mp_int prime; + mp_int order; + mp_digit mont_b; + mp_int b; +}; + + +struct crypto_ec * crypto_ec_init(int group) +{ + int built = 0; + struct crypto_ec *e; + int curve_id; + + /* Map from IANA registry for IKE D-H groups to OpenSSL NID */ + switch (group) { + case 19: + curve_id = ECC_SECP256R1; + break; + case 20: + curve_id = ECC_SECP384R1; + break; + case 21: + curve_id = ECC_SECP521R1; + break; + case 25: + curve_id = ECC_SECP192R1; + break; + case 26: + curve_id = ECC_SECP224R1; + break; +#ifdef HAVE_ECC_BRAINPOOL + case 27: + curve_id = ECC_BRAINPOOLP224R1; + break; + case 28: + curve_id = ECC_BRAINPOOLP256R1; + break; + case 29: + curve_id = ECC_BRAINPOOLP384R1; + break; + case 30: + curve_id = ECC_BRAINPOOLP512R1; + break; +#endif /* HAVE_ECC_BRAINPOOL */ + default: + return NULL; + } + + e = os_zalloc(sizeof(*e)); + if (!e) + return NULL; + + if (wc_ecc_init(&e->key) != 0 || + wc_ecc_set_curve(&e->key, 0, curve_id) != 0 || + mp_init(&e->a) != MP_OKAY || + mp_init(&e->prime) != MP_OKAY || + mp_init(&e->order) != MP_OKAY || + mp_init(&e->b) != MP_OKAY || + mp_read_radix(&e->a, e->key.dp->Af, 16) != MP_OKAY || + mp_read_radix(&e->b, e->key.dp->Bf, 16) != MP_OKAY || + mp_read_radix(&e->prime, e->key.dp->prime, 16) != MP_OKAY || + mp_read_radix(&e->order, e->key.dp->order, 16) != MP_OKAY || + mp_montgomery_setup(&e->prime, &e->mont_b) != MP_OKAY) + goto done; + + built = 1; +done: + if (!built) { + crypto_ec_deinit(e); + e = NULL; + } + return e; +} + + +void crypto_ec_deinit(struct crypto_ec* e) +{ + if (!e) + return; + + mp_clear(&e->b); + mp_clear(&e->order); + mp_clear(&e->prime); + mp_clear(&e->a); + wc_ecc_free(&e->key); + os_free(e); +} + + +int crypto_ec_cofactor(struct crypto_ec *e, struct crypto_bignum *cofactor) +{ + if (!e || !cofactor) + return -1; + + mp_set((mp_int *) cofactor, e->key.dp->cofactor); + return 0; +} + + +struct crypto_ec_point * crypto_ec_point_init(struct crypto_ec *e) +{ + if (TEST_FAIL()) + return NULL; + if (!e) + return NULL; + return (struct crypto_ec_point *) wc_ecc_new_point(); +} + + +size_t crypto_ec_prime_len(struct crypto_ec *e) +{ + return (mp_count_bits(&e->prime) + 7) / 8; +} + + +size_t crypto_ec_prime_len_bits(struct crypto_ec *e) +{ + return mp_count_bits(&e->prime); +} + + +size_t crypto_ec_order_len(struct crypto_ec *e) +{ + return (mp_count_bits(&e->order) + 7) / 8; +} + + +const struct crypto_bignum * crypto_ec_get_prime(struct crypto_ec *e) +{ + return (const struct crypto_bignum *) &e->prime; +} + + +const struct crypto_bignum * crypto_ec_get_order(struct crypto_ec *e) +{ + return (const struct crypto_bignum *) &e->order; +} + + +void crypto_ec_point_deinit(struct crypto_ec_point *p, int clear) +{ + ecc_point *point = (ecc_point *) p; + + if (!p) + return; + + if (clear) { + mp_forcezero(point->x); + mp_forcezero(point->y); + mp_forcezero(point->z); + } + wc_ecc_del_point(point); +} + + +int crypto_ec_point_x(struct crypto_ec *e, const struct crypto_ec_point *p, + struct crypto_bignum *x) +{ + return mp_copy(((ecc_point *) p)->x, (mp_int *) x) == MP_OKAY ? 0 : -1; +} + + +int crypto_ec_point_to_bin(struct crypto_ec *e, + const struct crypto_ec_point *point, u8 *x, u8 *y) +{ + ecc_point *p = (ecc_point *) point; + + if (TEST_FAIL()) + return -1; + + if (!mp_isone(p->z)) { + if (ecc_map(p, &e->prime, e->mont_b) != MP_OKAY) + return -1; + } + + if (x) { + if (crypto_bignum_to_bin((struct crypto_bignum *)p->x, x, + e->key.dp->size, + e->key.dp->size) <= 0) + return -1; + } + + if (y) { + if (crypto_bignum_to_bin((struct crypto_bignum *) p->y, y, + e->key.dp->size, + e->key.dp->size) <= 0) + return -1; + } + + return 0; +} + + +struct crypto_ec_point * crypto_ec_point_from_bin(struct crypto_ec *e, + const u8 *val) +{ + ecc_point *point = NULL; + int loaded = 0; + + if (TEST_FAIL()) + return NULL; + + point = wc_ecc_new_point(); + if (!point) + goto done; + + if (mp_read_unsigned_bin(point->x, val, e->key.dp->size) != MP_OKAY) + goto done; + val += e->key.dp->size; + if (mp_read_unsigned_bin(point->y, val, e->key.dp->size) != MP_OKAY) + goto done; + mp_set(point->z, 1); + + loaded = 1; +done: + if (!loaded) { + wc_ecc_del_point(point); + point = NULL; + } + return (struct crypto_ec_point *) point; +} + + +int crypto_ec_point_add(struct crypto_ec *e, const struct crypto_ec_point *a, + const struct crypto_ec_point *b, + struct crypto_ec_point *c) +{ + mp_int mu; + ecc_point *ta = NULL, *tb = NULL; + ecc_point *pa = (ecc_point *) a, *pb = (ecc_point *) b; + mp_int *modulus = &e->prime; + int ret; + + if (TEST_FAIL()) + return -1; + + ret = mp_init(&mu); + if (ret != MP_OKAY) + return -1; + + ret = mp_montgomery_calc_normalization(&mu, modulus); + if (ret != MP_OKAY) { + mp_clear(&mu); + return -1; + } + + if (!mp_isone(&mu)) { + ta = wc_ecc_new_point(); + if (!ta) { + mp_clear(&mu); + return -1; + } + tb = wc_ecc_new_point(); + if (!tb) { + wc_ecc_del_point(ta); + mp_clear(&mu); + return -1; + } + + if (mp_mulmod(pa->x, &mu, modulus, ta->x) != MP_OKAY || + mp_mulmod(pa->y, &mu, modulus, ta->y) != MP_OKAY || + mp_mulmod(pa->z, &mu, modulus, ta->z) != MP_OKAY || + mp_mulmod(pb->x, &mu, modulus, tb->x) != MP_OKAY || + mp_mulmod(pb->y, &mu, modulus, tb->y) != MP_OKAY || + mp_mulmod(pb->z, &mu, modulus, tb->z) != MP_OKAY) { + ret = -1; + goto end; + } + pa = ta; + pb = tb; + } + + ret = ecc_projective_add_point(pa, pb, (ecc_point *) c, &e->a, + &e->prime, e->mont_b); + if (ret != 0) { + ret = -1; + goto end; + } + + if (ecc_map((ecc_point *) c, &e->prime, e->mont_b) != MP_OKAY) + ret = -1; + else + ret = 0; +end: + wc_ecc_del_point(tb); + wc_ecc_del_point(ta); + mp_clear(&mu); + return ret; +} + + +int crypto_ec_point_mul(struct crypto_ec *e, const struct crypto_ec_point *p, + const struct crypto_bignum *b, + struct crypto_ec_point *res) +{ + int ret; + + if (TEST_FAIL()) + return -1; + + ret = wc_ecc_mulmod((mp_int *) b, (ecc_point *) p, (ecc_point *) res, + &e->a, &e->prime, 1); + return ret == 0 ? 0 : -1; +} + + +int crypto_ec_point_invert(struct crypto_ec *e, struct crypto_ec_point *p) +{ + ecc_point *point = (ecc_point *) p; + + if (TEST_FAIL()) + return -1; + + if (mp_sub(&e->prime, point->y, point->y) != MP_OKAY) + return -1; + + return 0; +} + + +int crypto_ec_point_solve_y_coord(struct crypto_ec *e, + struct crypto_ec_point *p, + const struct crypto_bignum *x, int y_bit) +{ + byte buf[1 + 2 * MAX_ECC_BYTES]; + int ret; + int prime_len = crypto_ec_prime_len(e); + + if (TEST_FAIL()) + return -1; + + buf[0] = y_bit ? ECC_POINT_COMP_ODD : ECC_POINT_COMP_EVEN; + ret = crypto_bignum_to_bin(x, buf + 1, prime_len, prime_len); + if (ret <= 0) + return -1; + ret = wc_ecc_import_point_der(buf, 1 + 2 * ret, e->key.idx, + (ecc_point *) p); + if (ret != 0) + return -1; + + return 0; +} + + +struct crypto_bignum * +crypto_ec_point_compute_y_sqr(struct crypto_ec *e, + const struct crypto_bignum *x) +{ + mp_int *y2 = NULL; + mp_int t; + int calced = 0; + + if (TEST_FAIL()) + return NULL; + + if (mp_init(&t) != MP_OKAY) + return NULL; + + y2 = (mp_int *) crypto_bignum_init(); + if (!y2) + goto done; + + if (mp_sqrmod((mp_int *) x, &e->prime, y2) != 0 || + mp_mulmod((mp_int *) x, y2, &e->prime, y2) != 0 || + mp_mulmod((mp_int *) x, &e->a, &e->prime, &t) != 0 || + mp_addmod(y2, &t, &e->prime, y2) != 0 || + mp_addmod(y2, &e->b, &e->prime, y2) != 0) + goto done; + + calced = 1; +done: + if (!calced) { + if (y2) { + mp_clear(y2); + os_free(y2); + } + mp_clear(&t); + } + + return (struct crypto_bignum *) y2; +} + + +int crypto_ec_point_is_at_infinity(struct crypto_ec *e, + const struct crypto_ec_point *p) +{ + return wc_ecc_point_is_at_infinity((ecc_point *) p); +} + + +int crypto_ec_point_is_on_curve(struct crypto_ec *e, + const struct crypto_ec_point *p) +{ + return wc_ecc_is_point((ecc_point *) p, &e->a, &e->b, &e->prime) == + MP_OKAY; +} + + +int crypto_ec_point_cmp(const struct crypto_ec *e, + const struct crypto_ec_point *a, + const struct crypto_ec_point *b) +{ + return wc_ecc_cmp_point((ecc_point *) a, (ecc_point *) b); +} + + +struct crypto_ecdh { + struct crypto_ec *ec; +}; + +struct crypto_ecdh * crypto_ecdh_init(int group) +{ + struct crypto_ecdh *ecdh = NULL; + WC_RNG rng; + int ret; + + if (wc_InitRng(&rng) != 0) + goto fail; + + ecdh = os_zalloc(sizeof(*ecdh)); + if (!ecdh) + goto fail; + + ecdh->ec = crypto_ec_init(group); + if (!ecdh->ec) + goto fail; + + ret = wc_ecc_make_key_ex(&rng, ecdh->ec->key.dp->size, &ecdh->ec->key, + ecdh->ec->key.dp->id); + if (ret < 0) + goto fail; + +done: + wc_FreeRng(&rng); + + return ecdh; +fail: + crypto_ecdh_deinit(ecdh); + ecdh = NULL; + goto done; +} + + +void crypto_ecdh_deinit(struct crypto_ecdh *ecdh) +{ + if (ecdh) { + crypto_ec_deinit(ecdh->ec); + os_free(ecdh); + } +} + + +struct wpabuf * crypto_ecdh_get_pubkey(struct crypto_ecdh *ecdh, int inc_y) +{ + struct wpabuf *buf = NULL; + int ret; + int len = ecdh->ec->key.dp->size; + + buf = wpabuf_alloc(inc_y ? 2 * len : len); + if (!buf) + goto fail; + + ret = crypto_bignum_to_bin((struct crypto_bignum *) + ecdh->ec->key.pubkey.x, wpabuf_put(buf, len), + len, len); + if (ret < 0) + goto fail; + if (inc_y) { + ret = crypto_bignum_to_bin((struct crypto_bignum *) + ecdh->ec->key.pubkey.y, + wpabuf_put(buf, len), len, len); + if (ret < 0) + goto fail; + } + +done: + return buf; +fail: + wpabuf_free(buf); + buf = NULL; + goto done; +} + + +struct wpabuf * crypto_ecdh_set_peerkey(struct crypto_ecdh *ecdh, int inc_y, + const u8 *key, size_t len) +{ + int ret; + struct wpabuf *pubkey = NULL; + struct wpabuf *secret = NULL; + word32 key_len = ecdh->ec->key.dp->size; + ecc_point *point = NULL; + size_t need_key_len = inc_y ? 2 * key_len : key_len; + + if (len < need_key_len) + goto fail; + pubkey = wpabuf_alloc(1 + 2 * key_len); + if (!pubkey) + goto fail; + wpabuf_put_u8(pubkey, inc_y ? ECC_POINT_UNCOMP : ECC_POINT_COMP_EVEN); + wpabuf_put_data(pubkey, key, need_key_len); + + point = wc_ecc_new_point(); + if (!point) + goto fail; + + ret = wc_ecc_import_point_der(wpabuf_mhead(pubkey), 1 + 2 * key_len, + ecdh->ec->key.idx, point); + if (ret != MP_OKAY) + goto fail; + + secret = wpabuf_alloc(key_len); + if (!secret) + goto fail; + + ret = wc_ecc_shared_secret_ex(&ecdh->ec->key, point, + wpabuf_put(secret, key_len), &key_len); + if (ret != MP_OKAY) + goto fail; + +done: + wc_ecc_del_point(point); + wpabuf_free(pubkey); + return secret; +fail: + wpabuf_free(secret); + secret = NULL; + goto done; +} + +#endif /* CONFIG_ECC */ diff --git a/contrib/wpa/src/crypto/des-internal.c b/contrib/wpa/src/crypto/des-internal.c index dec39ef8c61d..4ed6957802b0 100644 --- a/contrib/wpa/src/crypto/des-internal.c +++ b/contrib/wpa/src/crypto/des-internal.c @@ -48,7 +48,7 @@ static const u32 bytebit[8] = { - 0200, 0100, 040, 020, 010, 04, 02, 01 + 0200, 0100, 040, 020, 010, 04, 02, 01 }; static const u32 bigbyte[24] = @@ -58,22 +58,22 @@ static const u32 bigbyte[24] = 0x8000UL, 0x4000UL, 0x2000UL, 0x1000UL, 0x800UL, 0x400UL, 0x200UL, 0x100UL, 0x80UL, 0x40UL, 0x20UL, 0x10UL, - 0x8UL, 0x4UL, 0x2UL, 0x1L + 0x8UL, 0x4UL, 0x2UL, 0x1L }; /* Use the key schedule specific in the standard (ANSI X3.92-1981) */ static const u8 pc1[56] = { - 56, 48, 40, 32, 24, 16, 8, 0, 57, 49, 41, 33, 25, 17, - 9, 1, 58, 50, 42, 34, 26, 18, 10, 2, 59, 51, 43, 35, + 56, 48, 40, 32, 24, 16, 8, 0, 57, 49, 41, 33, 25, 17, + 9, 1, 58, 50, 42, 34, 26, 18, 10, 2, 59, 51, 43, 35, 62, 54, 46, 38, 30, 22, 14, 6, 61, 53, 45, 37, 29, 21, - 13, 5, 60, 52, 44, 36, 28, 20, 12, 4, 27, 19, 11, 3 + 13, 5, 60, 52, 44, 36, 28, 20, 12, 4, 27, 19, 11, 3 }; static const u8 totrot[16] = { 1, 2, 4, 6, - 8, 10, 12, 14, - 15, 17, 19, 21, + 8, 10, 12, 14, + 15, 17, 19, 21, 23, 25, 27, 28 }; @@ -396,7 +396,7 @@ static void desfunc(u32 *block, const u32 *keys) /* wpa_supplicant/hostapd specific wrapper */ -void des_encrypt(const u8 *clear, const u8 *key, u8 *cypher) +int des_encrypt(const u8 *clear, const u8 *key, u8 *cypher) { u8 pkey[8], next, tmp; int i; @@ -421,6 +421,7 @@ void des_encrypt(const u8 *clear, const u8 *key, u8 *cypher) os_memset(pkey, 0, sizeof(pkey)); os_memset(ek, 0, sizeof(ek)); + return 0; } diff --git a/contrib/wpa/src/crypto/dh_groups.c b/contrib/wpa/src/crypto/dh_groups.c index 7912361ff8c6..a9b770ec1f16 100644 --- a/contrib/wpa/src/crypto/dh_groups.c +++ b/contrib/wpa/src/crypto/dh_groups.c @@ -1151,7 +1151,7 @@ static const u8 dh_group24_order[] = { { id, dh_group ## id ## _generator, sizeof(dh_group ## id ## _generator), \ dh_group ## id ## _prime, sizeof(dh_group ## id ## _prime), \ dh_group ## id ## _order, sizeof(dh_group ## id ## _order), safe } - + static const struct dh_group dh_groups[] = { DH_GROUP(5, 1), @@ -1203,19 +1203,6 @@ struct wpabuf * dh_init(const struct dh_group *dh, struct wpabuf **priv) if (*priv == NULL) return NULL; - if (random_get_bytes(wpabuf_put(*priv, dh->prime_len), dh->prime_len)) - { - wpabuf_clear_free(*priv); - *priv = NULL; - return NULL; - } - - if (os_memcmp(wpabuf_head(*priv), dh->prime, dh->prime_len) > 0) { - /* Make sure private value is smaller than prime */ - *(wpabuf_mhead_u8(*priv)) = 0; - } - wpa_hexdump_buf_key(MSG_DEBUG, "DH: private value", *priv); - pv_len = dh->prime_len; pv = wpabuf_alloc(pv_len); if (pv == NULL) { @@ -1223,17 +1210,17 @@ struct wpabuf * dh_init(const struct dh_group *dh, struct wpabuf **priv) *priv = NULL; return NULL; } - if (crypto_mod_exp(dh->generator, dh->generator_len, - wpabuf_head(*priv), wpabuf_len(*priv), - dh->prime, dh->prime_len, wpabuf_mhead(pv), - &pv_len) < 0) { + if (crypto_dh_init(*dh->generator, dh->prime, dh->prime_len, + wpabuf_mhead(*priv), wpabuf_mhead(pv)) < 0) { wpabuf_clear_free(pv); - wpa_printf(MSG_INFO, "DH: crypto_mod_exp failed"); + wpa_printf(MSG_INFO, "DH: crypto_dh_init failed"); wpabuf_clear_free(*priv); *priv = NULL; return NULL; } - wpabuf_put(pv, pv_len); + wpabuf_put(*priv, dh->prime_len); + wpabuf_put(pv, dh->prime_len); + wpa_hexdump_buf_key(MSG_DEBUG, "DH: private value", *priv); wpa_hexdump_buf(MSG_DEBUG, "DH: public value", pv); return pv; @@ -1261,12 +1248,14 @@ struct wpabuf * dh_derive_shared(const struct wpabuf *peer_public, shared = wpabuf_alloc(shared_len); if (shared == NULL) return NULL; - if (crypto_mod_exp(wpabuf_head(peer_public), wpabuf_len(peer_public), - wpabuf_head(own_private), wpabuf_len(own_private), - dh->prime, dh->prime_len, - wpabuf_mhead(shared), &shared_len) < 0) { + if (crypto_dh_derive_secret(*dh->generator, dh->prime, dh->prime_len, + wpabuf_head(own_private), + wpabuf_len(own_private), + wpabuf_head(peer_public), + wpabuf_len(peer_public), + wpabuf_mhead(shared), &shared_len) < 0) { wpabuf_clear_free(shared); - wpa_printf(MSG_INFO, "DH: crypto_mod_exp failed"); + wpa_printf(MSG_INFO, "DH: crypto_dh_derive_secret failed"); return NULL; } wpabuf_put(shared, shared_len); diff --git a/contrib/wpa/src/crypto/fips_prf_wolfssl.c b/contrib/wpa/src/crypto/fips_prf_wolfssl.c new file mode 100644 index 000000000000..feb39db5a6d9 --- /dev/null +++ b/contrib/wpa/src/crypto/fips_prf_wolfssl.c @@ -0,0 +1,87 @@ +/* + * FIPS 186-2 PRF for libcrypto + * Copyright (c) 2004-2017, Jouni Malinen <j@w1.fi> + * + * This software may be distributed under the terms of the BSD license. + * See README for more details. + */ + +#include "includes.h" +#include <wolfssl/options.h> +#include <wolfssl/wolfcrypt/sha.h> + +#include "common.h" +#include "crypto.h" + + +static void sha1_transform(u32 *state, const u8 data[64]) +{ + wc_Sha sha; + + os_memset(&sha, 0, sizeof(sha)); + sha.digest[0] = state[0]; + sha.digest[1] = state[1]; + sha.digest[2] = state[2]; + sha.digest[3] = state[3]; + sha.digest[4] = state[4]; + wc_ShaUpdate(&sha, data, 64); + state[0] = sha.digest[0]; + state[1] = sha.digest[1]; + state[2] = sha.digest[2]; + state[3] = sha.digest[3]; + state[4] = sha.digest[4]; +} + + +int fips186_2_prf(const u8 *seed, size_t seed_len, u8 *x, size_t xlen) +{ + u8 xkey[64]; + u32 t[5], _t[5]; + int i, j, m, k; + u8 *xpos = x; + u32 carry; + + if (seed_len < sizeof(xkey)) + os_memset(xkey + seed_len, 0, sizeof(xkey) - seed_len); + else + seed_len = sizeof(xkey); + + /* FIPS 186-2 + change notice 1 */ + + os_memcpy(xkey, seed, seed_len); + t[0] = 0x67452301; + t[1] = 0xEFCDAB89; + t[2] = 0x98BADCFE; + t[3] = 0x10325476; + t[4] = 0xC3D2E1F0; + + m = xlen / 40; + for (j = 0; j < m; j++) { + /* XSEED_j = 0 */ + for (i = 0; i < 2; i++) { + /* XVAL = (XKEY + XSEED_j) mod 2^b */ + + /* w_i = G(t, XVAL) */ + os_memcpy(_t, t, 20); + sha1_transform(_t, xkey); + WPA_PUT_BE32(xpos, _t[0]); + WPA_PUT_BE32(xpos + 4, _t[1]); + WPA_PUT_BE32(xpos + 8, _t[2]); + WPA_PUT_BE32(xpos + 12, _t[3]); + WPA_PUT_BE32(xpos + 16, _t[4]); + + /* XKEY = (1 + XKEY + w_i) mod 2^b */ + carry = 1; + for (k = 19; k >= 0; k--) { + carry += xkey[k] + xpos[k]; + xkey[k] = carry & 0xff; + carry >>= 8; + } + + xpos += 20; + } + /* x_j = w_0|w_1 */ + } + + return 0; +} diff --git a/contrib/wpa/src/crypto/ms_funcs.c b/contrib/wpa/src/crypto/ms_funcs.c index d0d6a96af2bc..aff7d33f4ea4 100644 --- a/contrib/wpa/src/crypto/ms_funcs.c +++ b/contrib/wpa/src/crypto/ms_funcs.c @@ -140,17 +140,20 @@ int hash_nt_password_hash(const u8 *password_hash, u8 *password_hash_hash) * @challenge: 8-octet Challenge (IN) * @password_hash: 16-octet PasswordHash (IN) * @response: 24-octet Response (OUT) + * Returns: 0 on success, -1 on failure */ -void challenge_response(const u8 *challenge, const u8 *password_hash, - u8 *response) +int challenge_response(const u8 *challenge, const u8 *password_hash, + u8 *response) { u8 zpwd[7]; - des_encrypt(challenge, password_hash, response); - des_encrypt(challenge, password_hash + 7, response + 8); + + if (des_encrypt(challenge, password_hash, response) < 0 || + des_encrypt(challenge, password_hash + 7, response + 8) < 0) + return -1; zpwd[0] = password_hash[14]; zpwd[1] = password_hash[15]; os_memset(zpwd + 2, 0, 5); - des_encrypt(challenge, zpwd, response + 16); + return des_encrypt(challenge, zpwd, response + 16); } @@ -175,9 +178,9 @@ int generate_nt_response(const u8 *auth_challenge, const u8 *peer_challenge, if (challenge_hash(peer_challenge, auth_challenge, username, username_len, challenge) || - nt_password_hash(password, password_len, password_hash)) + nt_password_hash(password, password_len, password_hash) || + challenge_response(challenge, password_hash, response)) return -1; - challenge_response(challenge, password_hash, response); return 0; } @@ -202,9 +205,9 @@ int generate_nt_response_pwhash(const u8 *auth_challenge, if (challenge_hash(peer_challenge, auth_challenge, username, username_len, - challenge)) + challenge) || + challenge_response(challenge, password_hash, response)) return -1; - challenge_response(challenge, password_hash, response); return 0; } @@ -304,9 +307,10 @@ int nt_challenge_response(const u8 *challenge, const u8 *password, size_t password_len, u8 *response) { u8 password_hash[16]; - if (nt_password_hash(password, password_len, password_hash)) + + if (nt_password_hash(password, password_len, password_hash) || + challenge_response(challenge, password_hash, response)) return -1; - challenge_response(challenge, password_hash, response); return 0; } @@ -487,12 +491,15 @@ int new_password_encrypted_with_old_nt_password_hash( * @password_hash: 16-octer PasswordHash (IN) * @block: 16-octet Block (IN) * @cypher: 16-octer Cypher (OUT) + * Returns: 0 on success, -1 on failure */ -void nt_password_hash_encrypted_with_block(const u8 *password_hash, - const u8 *block, u8 *cypher) +int nt_password_hash_encrypted_with_block(const u8 *password_hash, + const u8 *block, u8 *cypher) { - des_encrypt(password_hash, block, cypher); - des_encrypt(password_hash + 8, block + 7, cypher + 8); + if (des_encrypt(password_hash, block, cypher) < 0 || + des_encrypt(password_hash + 8, block + 7, cypher + 8) < 0) + return -1; + return 0; } @@ -515,10 +522,10 @@ int old_nt_password_hash_encrypted_with_new_nt_password_hash( if (nt_password_hash(old_password, old_password_len, old_password_hash) || nt_password_hash(new_password, new_password_len, - new_password_hash)) + new_password_hash) || + nt_password_hash_encrypted_with_block(old_password_hash, + new_password_hash, + encrypted_password_hash)) return -1; - nt_password_hash_encrypted_with_block(old_password_hash, - new_password_hash, - encrypted_password_hash); return 0; } diff --git a/contrib/wpa/src/crypto/ms_funcs.h b/contrib/wpa/src/crypto/ms_funcs.h index b5b5918e1a55..b8d55f05326c 100644 --- a/contrib/wpa/src/crypto/ms_funcs.h +++ b/contrib/wpa/src/crypto/ms_funcs.h @@ -31,8 +31,8 @@ int generate_authenticator_response_pwhash( int nt_challenge_response(const u8 *challenge, const u8 *password, size_t password_len, u8 *response); -void challenge_response(const u8 *challenge, const u8 *password_hash, - u8 *response); +int challenge_response(const u8 *challenge, const u8 *password_hash, + u8 *response); int challenge_hash(const u8 *peer_challenge, const u8 *auth_challenge, const u8 *username, size_t username_len, u8 *challenge); int nt_password_hash(const u8 *password, size_t password_len, @@ -50,8 +50,8 @@ int __must_check new_password_encrypted_with_old_nt_password_hash( const u8 *new_password, size_t new_password_len, const u8 *old_password, size_t old_password_len, u8 *encrypted_pw_block); -void nt_password_hash_encrypted_with_block(const u8 *password_hash, - const u8 *block, u8 *cypher); +int nt_password_hash_encrypted_with_block(const u8 *password_hash, + const u8 *block, u8 *cypher); int old_nt_password_hash_encrypted_with_new_nt_password_hash( const u8 *new_password, size_t new_password_len, const u8 *old_password, size_t old_password_len, diff --git a/contrib/wpa/src/crypto/random.c b/contrib/wpa/src/crypto/random.c index 3a86a93a46a8..c278d9cb9de9 100644 --- a/contrib/wpa/src/crypto/random.c +++ b/contrib/wpa/src/crypto/random.c @@ -54,7 +54,6 @@ static int random_fd = -1; static unsigned int own_pool_ready = 0; #define RANDOM_ENTROPY_SIZE 20 static char *random_entropy_file = NULL; -static int random_entropy_file_read = 0; #define MIN_COLLECT_ENTROPY 1000 static unsigned int entropy = 0; @@ -66,6 +65,9 @@ static void random_write_entropy(void); static u32 __ROL32(u32 x, u32 y) { + if (y == 0) + return x; + return (x << (y & 31)) | (x >> (32 - (y & 31))); } @@ -354,7 +356,6 @@ static void random_read_entropy(void) own_pool_ready = (u8) buf[0]; random_add_randomness(buf + 1, RANDOM_ENTROPY_SIZE); - random_entropy_file_read = 1; os_free(buf); wpa_printf(MSG_DEBUG, "random: Added entropy from %s " "(own_pool_ready=%u)", diff --git a/contrib/wpa/src/crypto/sha1-internal.c b/contrib/wpa/src/crypto/sha1-internal.c index ffcba66af652..a4917070f196 100644 --- a/contrib/wpa/src/crypto/sha1-internal.c +++ b/contrib/wpa/src/crypto/sha1-internal.c @@ -53,7 +53,7 @@ By Steve Reid <sreid@sea-to-sky.net> 100% Public Domain ----------------- -Modified 7/98 +Modified 7/98 By James H. Brown <jbrown@burgoyne.com> Still 100% Public Domain @@ -75,7 +75,7 @@ Since the file IO in main() reads 16K at a time, any file 8K or larger would be guaranteed to generate the wrong hash (e.g. Test Vector #3, a million "a"s). -I also changed the declaration of variables i & j in SHA1Update to +I also changed the declaration of variables i & j in SHA1Update to unsigned long from unsigned int for the same reason. These changes should make no difference to any 32 bit implementations since @@ -102,7 +102,7 @@ Still 100% public domain Modified 4/01 By Saul Kravitz <Saul.Kravitz@celera.com> Still 100% PD -Modified to run on Compaq Alpha hardware. +Modified to run on Compaq Alpha hardware. ----------------- Modified 4/01 @@ -162,7 +162,7 @@ void SHAPrintContext(SHA1_CTX *context, char *msg) { printf("%s (%d,%d) %x %x %x %x %x\n", msg, - context->count[0], context->count[1], + context->count[0], context->count[1], context->state[0], context->state[1], context->state[2], diff --git a/contrib/wpa/src/crypto/sha256-internal.c b/contrib/wpa/src/crypto/sha256-internal.c index 86a548ee472d..ff1e2ba1686d 100644 --- a/contrib/wpa/src/crypto/sha256-internal.c +++ b/contrib/wpa/src/crypto/sha256-internal.c @@ -69,7 +69,7 @@ static const unsigned long K[64] = { ( ((((unsigned long) (x) & 0xFFFFFFFFUL) >> (unsigned long) ((y) & 31)) | \ ((unsigned long) (x) << (unsigned long) (32 - ((y) & 31)))) & 0xFFFFFFFFUL) #define Ch(x,y,z) (z ^ (x & (y ^ z))) -#define Maj(x,y,z) (((x | y) & z) | (x & y)) +#define Maj(x,y,z) (((x | y) & z) | (x & y)) #define S(x, n) RORc((x), (n)) #define R(x, n) (((x)&0xFFFFFFFFUL)>>(n)) #define Sigma0(x) (S(x, 2) ^ S(x, 13) ^ S(x, 22)) @@ -100,7 +100,7 @@ static int sha256_compress(struct sha256_state *md, unsigned char *buf) for (i = 16; i < 64; i++) { W[i] = Gamma1(W[i - 2]) + W[i - 7] + Gamma0(W[i - 15]) + W[i - 16]; - } + } /* Compress */ #define RND(a,b,c,d,e,f,g,h,i) \ @@ -111,7 +111,7 @@ static int sha256_compress(struct sha256_state *md, unsigned char *buf) for (i = 0; i < 64; ++i) { RND(S[0], S[1], S[2], S[3], S[4], S[5], S[6], S[7], i); - t = S[7]; S[7] = S[6]; S[6] = S[5]; S[5] = S[4]; + t = S[7]; S[7] = S[6]; S[6] = S[5]; S[5] = S[4]; S[4] = S[3]; S[3] = S[2]; S[2] = S[1]; S[1] = S[0]; S[0] = t; } diff --git a/contrib/wpa/src/crypto/sha256-kdf.c b/contrib/wpa/src/crypto/sha256-kdf.c index e7509ce41aba..af7d954d8a44 100644 --- a/contrib/wpa/src/crypto/sha256-kdf.c +++ b/contrib/wpa/src/crypto/sha256-kdf.c @@ -1,6 +1,6 @@ /* - * HMAC-SHA256 KDF (RFC 5295) - * Copyright (c) 2014, Jouni Malinen <j@w1.fi> + * HMAC-SHA256 KDF (RFC 5295) and HKDF-Expand(SHA256) (RFC 5869) + * Copyright (c) 2014-2017, Jouni Malinen <j@w1.fi> * * This software may be distributed under the terms of the BSD license. * See README for more details. @@ -16,7 +16,8 @@ * hmac_sha256_kdf - HMAC-SHA256 based KDF (RFC 5295) * @secret: Key for KDF * @secret_len: Length of the key in bytes - * @label: A unique label for each purpose of the KDF + * @label: A unique label for each purpose of the KDF or %NULL to select + * RFC 5869 HKDF-Expand() with arbitrary seed (= info) * @seed: Seed value to bind into the key * @seed_len: Length of the seed * @out: Buffer for the generated pseudo-random key @@ -24,7 +25,9 @@ * Returns: 0 on success, -1 on failure. * * This function is used to derive new, cryptographically separate keys from a - * given key in ERP. This KDF is defined in RFC 5295, Chapter 3.1.2. + * given key in ERP. This KDF is defined in RFC 5295, Chapter 3.1.2. When used + * with label = NULL and seed = info, this matches HKDF-Expand() defined in + * RFC 5869, Chapter 2.3. */ int hmac_sha256_kdf(const u8 *secret, size_t secret_len, const char *label, const u8 *seed, size_t seed_len, @@ -38,8 +41,13 @@ int hmac_sha256_kdf(const u8 *secret, size_t secret_len, addr[0] = T; len[0] = SHA256_MAC_LEN; - addr[1] = (const unsigned char *) label; - len[1] = os_strlen(label) + 1; + if (label) { + addr[1] = (const unsigned char *) label; + len[1] = os_strlen(label) + 1; + } else { + addr[1] = (const u8 *) ""; + len[1] = 0; + } addr[2] = seed; len[2] = seed_len; addr[3] = &iter; diff --git a/contrib/wpa/src/crypto/sha384-kdf.c b/contrib/wpa/src/crypto/sha384-kdf.c new file mode 100644 index 000000000000..1d196279086e --- /dev/null +++ b/contrib/wpa/src/crypto/sha384-kdf.c @@ -0,0 +1,87 @@ +/* + * HMAC-SHA384 KDF (RFC 5295) and HKDF-Expand(SHA384) (RFC 5869) + * Copyright (c) 2014-2017, Jouni Malinen <j@w1.fi> + * + * This software may be distributed under the terms of the BSD license. + * See README for more details. + */ + +#include "includes.h" + +#include "common.h" +#include "sha384.h" + + +/** + * hmac_sha384_kdf - HMAC-SHA384 based KDF (RFC 5295) + * @secret: Key for KDF + * @secret_len: Length of the key in bytes + * @label: A unique label for each purpose of the KDF or %NULL to select + * RFC 5869 HKDF-Expand() with arbitrary seed (= info) + * @seed: Seed value to bind into the key + * @seed_len: Length of the seed + * @out: Buffer for the generated pseudo-random key + * @outlen: Number of bytes of key to generate + * Returns: 0 on success, -1 on failure. + * + * This function is used to derive new, cryptographically separate keys from a + * given key in ERP. This KDF is defined in RFC 5295, Chapter 3.1.2. When used + * with label = NULL and seed = info, this matches HKDF-Expand() defined in + * RFC 5869, Chapter 2.3. + */ +int hmac_sha384_kdf(const u8 *secret, size_t secret_len, + const char *label, const u8 *seed, size_t seed_len, + u8 *out, size_t outlen) +{ + u8 T[SHA384_MAC_LEN]; + u8 iter = 1; + const unsigned char *addr[4]; + size_t len[4]; + size_t pos, clen; + + addr[0] = T; + len[0] = SHA384_MAC_LEN; + if (label) { + addr[1] = (const unsigned char *) label; + len[1] = os_strlen(label) + 1; + } else { + addr[1] = (const u8 *) ""; + len[1] = 0; + } + addr[2] = seed; + len[2] = seed_len; + addr[3] = &iter; + len[3] = 1; + + if (hmac_sha384_vector(secret, secret_len, 3, &addr[1], &len[1], T) < 0) + return -1; + + pos = 0; + for (;;) { + clen = outlen - pos; + if (clen > SHA384_MAC_LEN) + clen = SHA384_MAC_LEN; + os_memcpy(out + pos, T, clen); + pos += clen; + + if (pos == outlen) + break; + + if (iter == 255) { + os_memset(out, 0, outlen); + os_memset(T, 0, SHA384_MAC_LEN); + return -1; + } + iter++; + + if (hmac_sha384_vector(secret, secret_len, 4, addr, len, T) < 0) + { + os_memset(out, 0, outlen); + os_memset(T, 0, SHA384_MAC_LEN); + return -1; + } + } + + os_memset(T, 0, SHA384_MAC_LEN); + return 0; +} diff --git a/contrib/wpa/src/crypto/sha384-prf.c b/contrib/wpa/src/crypto/sha384-prf.c index 653920ba283d..03e3cb353a3d 100644 --- a/contrib/wpa/src/crypto/sha384-prf.c +++ b/contrib/wpa/src/crypto/sha384-prf.c @@ -1,6 +1,6 @@ /* * SHA384-based KDF (IEEE 802.11ac) - * Copyright (c) 2003-2015, Jouni Malinen <j@w1.fi> + * Copyright (c) 2003-2017, Jouni Malinen <j@w1.fi> * * This software may be distributed under the terms of the BSD license. * See README for more details. @@ -22,14 +22,16 @@ * @data_len: Length of the data * @buf: Buffer for the generated pseudo-random key * @buf_len: Number of bytes of key to generate + * Returns: 0 on success, -1 on failure * * This function is used to derive new, cryptographically separate keys from a * given key. */ -void sha384_prf(const u8 *key, size_t key_len, const char *label, - const u8 *data, size_t data_len, u8 *buf, size_t buf_len) +int sha384_prf(const u8 *key, size_t key_len, const char *label, + const u8 *data, size_t data_len, u8 *buf, size_t buf_len) { - sha384_prf_bits(key, key_len, label, data, data_len, buf, buf_len * 8); + return sha384_prf_bits(key, key_len, label, data, data_len, buf, + buf_len * 8); } @@ -42,15 +44,16 @@ void sha384_prf(const u8 *key, size_t key_len, const char *label, * @data_len: Length of the data * @buf: Buffer for the generated pseudo-random key * @buf_len: Number of bits of key to generate + * Returns: 0 on success, -1 on failure * * This function is used to derive new, cryptographically separate keys from a * given key. If the requested buf_len is not divisible by eight, the least * significant 1-7 bits of the last octet in the output are not part of the * requested output. */ -void sha384_prf_bits(const u8 *key, size_t key_len, const char *label, - const u8 *data, size_t data_len, u8 *buf, - size_t buf_len_bits) +int sha384_prf_bits(const u8 *key, size_t key_len, const char *label, + const u8 *data, size_t data_len, u8 *buf, + size_t buf_len_bits) { u16 counter = 1; size_t pos, plen; @@ -75,11 +78,14 @@ void sha384_prf_bits(const u8 *key, size_t key_len, const char *label, plen = buf_len - pos; WPA_PUT_LE16(counter_le, counter); if (plen >= SHA384_MAC_LEN) { - hmac_sha384_vector(key, key_len, 4, addr, len, - &buf[pos]); + if (hmac_sha384_vector(key, key_len, 4, addr, len, + &buf[pos]) < 0) + return -1; pos += SHA384_MAC_LEN; } else { - hmac_sha384_vector(key, key_len, 4, addr, len, hash); + if (hmac_sha384_vector(key, key_len, 4, addr, len, + hash) < 0) + return -1; os_memcpy(&buf[pos], hash, plen); pos += plen; break; @@ -97,4 +103,6 @@ void sha384_prf_bits(const u8 *key, size_t key_len, const char *label, } os_memset(hash, 0, sizeof(hash)); + + return 0; } diff --git a/contrib/wpa/src/crypto/sha384.c b/contrib/wpa/src/crypto/sha384.c new file mode 100644 index 000000000000..ee136ce99b7e --- /dev/null +++ b/contrib/wpa/src/crypto/sha384.c @@ -0,0 +1,104 @@ +/* + * SHA-384 hash implementation and interface functions + * Copyright (c) 2003-2017, Jouni Malinen <j@w1.fi> + * + * This software may be distributed under the terms of the BSD license. + * See README for more details. + */ + +#include "includes.h" + +#include "common.h" +#include "sha384.h" +#include "crypto.h" + + +/** + * hmac_sha384_vector - HMAC-SHA384 over data vector (RFC 2104) + * @key: Key for HMAC operations + * @key_len: Length of the key in bytes + * @num_elem: Number of elements in the data vector + * @addr: Pointers to the data areas + * @len: Lengths of the data blocks + * @mac: Buffer for the hash (48 bytes) + * Returns: 0 on success, -1 on failure + */ +int hmac_sha384_vector(const u8 *key, size_t key_len, size_t num_elem, + const u8 *addr[], const size_t *len, u8 *mac) +{ + unsigned char k_pad[128]; /* padding - key XORd with ipad/opad */ + unsigned char tk[48]; + const u8 *_addr[6]; + size_t _len[6], i; + + if (num_elem > 5) { + /* + * Fixed limit on the number of fragments to avoid having to + * allocate memory (which could fail). + */ + return -1; + } + + /* if key is longer than 128 bytes reset it to key = SHA384(key) */ + if (key_len > 128) { + if (sha384_vector(1, &key, &key_len, tk) < 0) + return -1; + key = tk; + key_len = 48; + } + + /* the HMAC_SHA384 transform looks like: + * + * SHA384(K XOR opad, SHA384(K XOR ipad, text)) + * + * where K is an n byte key + * ipad is the byte 0x36 repeated 128 times + * opad is the byte 0x5c repeated 128 times + * and text is the data being protected */ + + /* start out by storing key in ipad */ + os_memset(k_pad, 0, sizeof(k_pad)); + os_memcpy(k_pad, key, key_len); + /* XOR key with ipad values */ + for (i = 0; i < 128; i++) + k_pad[i] ^= 0x36; + + /* perform inner SHA384 */ + _addr[0] = k_pad; + _len[0] = 128; + for (i = 0; i < num_elem; i++) { + _addr[i + 1] = addr[i]; + _len[i + 1] = len[i]; + } + if (sha384_vector(1 + num_elem, _addr, _len, mac) < 0) + return -1; + + os_memset(k_pad, 0, sizeof(k_pad)); + os_memcpy(k_pad, key, key_len); + /* XOR key with opad values */ + for (i = 0; i < 128; i++) + k_pad[i] ^= 0x5c; + + /* perform outer SHA384 */ + _addr[0] = k_pad; + _len[0] = 128; + _addr[1] = mac; + _len[1] = SHA384_MAC_LEN; + return sha384_vector(2, _addr, _len, mac); +} + + +/** + * hmac_sha384 - HMAC-SHA384 over data buffer (RFC 2104) + * @key: Key for HMAC operations + * @key_len: Length of the key in bytes + * @data: Pointers to the data area + * @data_len: Length of the data area + * @mac: Buffer for the hash (48 bytes) + * Returns: 0 on success, -1 on failure + */ +int hmac_sha384(const u8 *key, size_t key_len, const u8 *data, + size_t data_len, u8 *mac) +{ + return hmac_sha384_vector(key, key_len, 1, &data, &data_len, mac); +} diff --git a/contrib/wpa/src/crypto/sha384.h b/contrib/wpa/src/crypto/sha384.h index 3deafa59ec29..2241425385c3 100644 --- a/contrib/wpa/src/crypto/sha384.h +++ b/contrib/wpa/src/crypto/sha384.h @@ -1,6 +1,6 @@ /* * SHA384 hash implementation and interface functions - * Copyright (c) 2015, Jouni Malinen <j@w1.fi> + * Copyright (c) 2015-2017, Jouni Malinen <j@w1.fi> * * This software may be distributed under the terms of the BSD license. * See README for more details. @@ -15,10 +15,13 @@ int hmac_sha384_vector(const u8 *key, size_t key_len, size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac); int hmac_sha384(const u8 *key, size_t key_len, const u8 *data, size_t data_len, u8 *mac); -void sha384_prf(const u8 *key, size_t key_len, const char *label, - const u8 *data, size_t data_len, u8 *buf, size_t buf_len); -void sha384_prf_bits(const u8 *key, size_t key_len, const char *label, - const u8 *data, size_t data_len, u8 *buf, - size_t buf_len_bits); +int sha384_prf(const u8 *key, size_t key_len, const char *label, + const u8 *data, size_t data_len, u8 *buf, size_t buf_len); +int sha384_prf_bits(const u8 *key, size_t key_len, const char *label, + const u8 *data, size_t data_len, u8 *buf, + size_t buf_len_bits); +int hmac_sha384_kdf(const u8 *secret, size_t secret_len, + const char *label, const u8 *seed, size_t seed_len, + u8 *out, size_t outlen); #endif /* SHA384_H */ diff --git a/contrib/wpa/src/crypto/sha512-kdf.c b/contrib/wpa/src/crypto/sha512-kdf.c new file mode 100644 index 000000000000..8b71f9b0e4f9 --- /dev/null +++ b/contrib/wpa/src/crypto/sha512-kdf.c @@ -0,0 +1,87 @@ +/* + * HMAC-SHA512 KDF (RFC 5295) and HKDF-Expand(SHA512) (RFC 5869) + * Copyright (c) 2014-2017, Jouni Malinen <j@w1.fi> + * + * This software may be distributed under the terms of the BSD license. + * See README for more details. + */ + +#include "includes.h" + +#include "common.h" +#include "sha512.h" + + +/** + * hmac_sha512_kdf - HMAC-SHA512 based KDF (RFC 5295) + * @secret: Key for KDF + * @secret_len: Length of the key in bytes + * @label: A unique label for each purpose of the KDF or %NULL to select + * RFC 5869 HKDF-Expand() with arbitrary seed (= info) + * @seed: Seed value to bind into the key + * @seed_len: Length of the seed + * @out: Buffer for the generated pseudo-random key + * @outlen: Number of bytes of key to generate + * Returns: 0 on success, -1 on failure. + * + * This function is used to derive new, cryptographically separate keys from a + * given key in ERP. This KDF is defined in RFC 5295, Chapter 3.1.2. When used + * with label = NULL and seed = info, this matches HKDF-Expand() defined in + * RFC 5869, Chapter 2.3. + */ +int hmac_sha512_kdf(const u8 *secret, size_t secret_len, + const char *label, const u8 *seed, size_t seed_len, + u8 *out, size_t outlen) +{ + u8 T[SHA512_MAC_LEN]; + u8 iter = 1; + const unsigned char *addr[4]; + size_t len[4]; + size_t pos, clen; + + addr[0] = T; + len[0] = SHA512_MAC_LEN; + if (label) { + addr[1] = (const unsigned char *) label; + len[1] = os_strlen(label) + 1; + } else { + addr[1] = (const u8 *) ""; + len[1] = 0; + } + addr[2] = seed; + len[2] = seed_len; + addr[3] = &iter; + len[3] = 1; + + if (hmac_sha512_vector(secret, secret_len, 3, &addr[1], &len[1], T) < 0) + return -1; + + pos = 0; + for (;;) { + clen = outlen - pos; + if (clen > SHA512_MAC_LEN) + clen = SHA512_MAC_LEN; + os_memcpy(out + pos, T, clen); + pos += clen; + + if (pos == outlen) + break; + + if (iter == 255) { + os_memset(out, 0, outlen); + os_memset(T, 0, SHA512_MAC_LEN); + return -1; + } + iter++; + + if (hmac_sha512_vector(secret, secret_len, 4, addr, len, T) < 0) + { + os_memset(out, 0, outlen); + os_memset(T, 0, SHA512_MAC_LEN); + return -1; + } + } + + os_memset(T, 0, SHA512_MAC_LEN); + return 0; +} diff --git a/contrib/wpa/src/crypto/sha512-prf.c b/contrib/wpa/src/crypto/sha512-prf.c new file mode 100644 index 000000000000..3b2ad889d6ef --- /dev/null +++ b/contrib/wpa/src/crypto/sha512-prf.c @@ -0,0 +1,108 @@ +/* + * SHA512-based KDF (IEEE 802.11ac) + * Copyright (c) 2003-2017, Jouni Malinen <j@w1.fi> + * + * This software may be distributed under the terms of the BSD license. + * See README for more details. + */ + +#include "includes.h" + +#include "common.h" +#include "sha512.h" +#include "crypto.h" + + +/** + * sha512_prf - SHA512-based Key derivation function (IEEE 802.11ac, 11.6.1.7.2) + * @key: Key for KDF + * @key_len: Length of the key in bytes + * @label: A unique label for each purpose of the PRF + * @data: Extra data to bind into the key + * @data_len: Length of the data + * @buf: Buffer for the generated pseudo-random key + * @buf_len: Number of bytes of key to generate + * Returns: 0 on success, -1 on failure + * + * This function is used to derive new, cryptographically separate keys from a + * given key. + */ +int sha512_prf(const u8 *key, size_t key_len, const char *label, + const u8 *data, size_t data_len, u8 *buf, size_t buf_len) +{ + return sha512_prf_bits(key, key_len, label, data, data_len, buf, + buf_len * 8); +} + + +/** + * sha512_prf_bits - IEEE Std 802.11ac-2013, 11.6.1.7.2 Key derivation function + * @key: Key for KDF + * @key_len: Length of the key in bytes + * @label: A unique label for each purpose of the PRF + * @data: Extra data to bind into the key + * @data_len: Length of the data + * @buf: Buffer for the generated pseudo-random key + * @buf_len: Number of bits of key to generate + * Returns: 0 on success, -1 on failure + * + * This function is used to derive new, cryptographically separate keys from a + * given key. If the requested buf_len is not divisible by eight, the least + * significant 1-7 bits of the last octet in the output are not part of the + * requested output. + */ +int sha512_prf_bits(const u8 *key, size_t key_len, const char *label, + const u8 *data, size_t data_len, u8 *buf, + size_t buf_len_bits) +{ + u16 counter = 1; + size_t pos, plen; + u8 hash[SHA512_MAC_LEN]; + const u8 *addr[4]; + size_t len[4]; + u8 counter_le[2], length_le[2]; + size_t buf_len = (buf_len_bits + 7) / 8; + + addr[0] = counter_le; + len[0] = 2; + addr[1] = (u8 *) label; + len[1] = os_strlen(label); + addr[2] = data; + len[2] = data_len; + addr[3] = length_le; + len[3] = sizeof(length_le); + + WPA_PUT_LE16(length_le, buf_len_bits); + pos = 0; + while (pos < buf_len) { + plen = buf_len - pos; + WPA_PUT_LE16(counter_le, counter); + if (plen >= SHA512_MAC_LEN) { + if (hmac_sha512_vector(key, key_len, 4, addr, len, + &buf[pos]) < 0) + return -1; + pos += SHA512_MAC_LEN; + } else { + if (hmac_sha512_vector(key, key_len, 4, addr, len, + hash) < 0) + return -1; + os_memcpy(&buf[pos], hash, plen); + pos += plen; + break; + } + counter++; + } + + /* + * Mask out unused bits in the last octet if it does not use all the + * bits. + */ + if (buf_len_bits % 8) { + u8 mask = 0xff << (8 - buf_len_bits % 8); + buf[pos - 1] &= mask; + } + + os_memset(hash, 0, sizeof(hash)); + + return 0; +} diff --git a/contrib/wpa/src/crypto/sha512.h b/contrib/wpa/src/crypto/sha512.h new file mode 100644 index 000000000000..8e64c8b116fa --- /dev/null +++ b/contrib/wpa/src/crypto/sha512.h @@ -0,0 +1,27 @@ +/* + * SHA512 hash implementation and interface functions + * Copyright (c) 2015-2017, Jouni Malinen <j@w1.fi> + * + * This software may be distributed under the terms of the BSD license. + * See README for more details. + */ + +#ifndef SHA512_H +#define SHA512_H + +#define SHA512_MAC_LEN 64 + +int hmac_sha512_vector(const u8 *key, size_t key_len, size_t num_elem, + const u8 *addr[], const size_t *len, u8 *mac); +int hmac_sha512(const u8 *key, size_t key_len, const u8 *data, + size_t data_len, u8 *mac); +int sha512_prf(const u8 *key, size_t key_len, const char *label, + const u8 *data, size_t data_len, u8 *buf, size_t buf_len); +int sha512_prf_bits(const u8 *key, size_t key_len, const char *label, + const u8 *data, size_t data_len, u8 *buf, + size_t buf_len_bits); +int hmac_sha512_kdf(const u8 *secret, size_t secret_len, + const char *label, const u8 *seed, size_t seed_len, + u8 *out, size_t outlen); + +#endif /* SHA512_H */ diff --git a/contrib/wpa/src/crypto/tls.h b/contrib/wpa/src/crypto/tls.h index 11d504a97fc0..481b34681d7b 100644 --- a/contrib/wpa/src/crypto/tls.h +++ b/contrib/wpa/src/crypto/tls.h @@ -41,6 +41,7 @@ enum tls_fail_reason { TLS_FAIL_SERVER_CHAIN_PROBE = 8, TLS_FAIL_DOMAIN_SUFFIX_MISMATCH = 9, TLS_FAIL_DOMAIN_MISMATCH = 10, + TLS_FAIL_INSUFFICIENT_KEY_LEN = 11, }; @@ -63,6 +64,7 @@ union tls_event_data { size_t hash_len; const char *altsubject[TLS_MAX_ALT_SUBJECT]; int num_altsubject; + const char *serial_num; } peer_cert; struct { @@ -80,6 +82,7 @@ struct tls_config { int cert_in_cb; const char *openssl_ciphers; unsigned int tls_session_lifetime; + unsigned int tls_flags; void (*event_cb)(void *ctx, enum tls_event ev, union tls_event_data *data); @@ -97,6 +100,9 @@ struct tls_config { #define TLS_CONN_DISABLE_TLSv1_0 BIT(8) #define TLS_CONN_EXT_CERT_CHECK BIT(9) #define TLS_CONN_REQUIRE_OCSP_ALL BIT(10) +#define TLS_CONN_SUITEB BIT(11) +#define TLS_CONN_SUITEB_NO_ECDH BIT(12) +#define TLS_CONN_DISABLE_TLSv1_3 BIT(13) /** * struct tls_connection_params - Parameters for TLS connection @@ -248,6 +254,18 @@ void tls_connection_deinit(void *tls_ctx, struct tls_connection *conn); int tls_connection_established(void *tls_ctx, struct tls_connection *conn); /** + * tls_connection_peer_serial_num - Fetch peer certificate serial number + * @tls_ctx: TLS context data from tls_init() + * @conn: Connection context data from tls_connection_init() + * Returns: Allocated string buffer containing the peer certificate serial + * number or %NULL on error. + * + * The caller is responsible for freeing the returned buffer with os_free(). + */ +char * tls_connection_peer_serial_num(void *tls_ctx, + struct tls_connection *conn); + +/** * tls_connection_shutdown - Shutdown TLS connection * @tls_ctx: TLS context data from tls_init() * @conn: Connection context data from tls_connection_init() diff --git a/contrib/wpa/src/crypto/tls_gnutls.c b/contrib/wpa/src/crypto/tls_gnutls.c index 200f0eda931a..36dafd2603f0 100644 --- a/contrib/wpa/src/crypto/tls_gnutls.c +++ b/contrib/wpa/src/crypto/tls_gnutls.c @@ -1,6 +1,6 @@ /* * SSL/TLS interface functions for GnuTLS - * Copyright (c) 2004-2011, Jouni Malinen <j@w1.fi> + * Copyright (c) 2004-2017, Jouni Malinen <j@w1.fi> * * This software may be distributed under the terms of the BSD license. * See README for more details. @@ -295,6 +295,14 @@ int tls_connection_established(void *ssl_ctx, struct tls_connection *conn) } +char * tls_connection_peer_serial_num(void *tls_ctx, + struct tls_connection *conn) +{ + /* TODO */ + return NULL; +} + + int tls_connection_shutdown(void *ssl_ctx, struct tls_connection *conn) { struct tls_global *global = ssl_ctx; @@ -346,6 +354,9 @@ int tls_connection_set_params(void *tls_ctx, struct tls_connection *conn, const struct tls_connection_params *params) { int ret; + const char *err; + char prio_buf[100]; + const char *prio = NULL; if (conn == NULL || params == NULL) return -1; @@ -397,12 +408,60 @@ int tls_connection_set_params(void *tls_ctx, struct tls_connection *conn, conn->flags = params->flags; + if (params->flags & (TLS_CONN_DISABLE_TLSv1_0 | + TLS_CONN_DISABLE_TLSv1_1 | + TLS_CONN_DISABLE_TLSv1_2)) { + os_snprintf(prio_buf, sizeof(prio_buf), + "NORMAL:-VERS-SSL3.0%s%s%s", + params->flags & TLS_CONN_DISABLE_TLSv1_0 ? + ":-VERS-TLS1.0" : "", + params->flags & TLS_CONN_DISABLE_TLSv1_1 ? + ":-VERS-TLS1.1" : "", + params->flags & TLS_CONN_DISABLE_TLSv1_2 ? + ":-VERS-TLS1.2" : ""); + prio = prio_buf; + } + if (params->openssl_ciphers) { - wpa_printf(MSG_INFO, "GnuTLS: openssl_ciphers not supported"); - return -1; + if (os_strcmp(params->openssl_ciphers, "SUITEB128") == 0) { + prio = "SUITEB128"; + } else if (os_strcmp(params->openssl_ciphers, + "SUITEB192") == 0) { + prio = "SUITEB192"; + } else if ((params->flags & TLS_CONN_SUITEB) && + os_strcmp(params->openssl_ciphers, + "ECDHE-RSA-AES256-GCM-SHA384") == 0) { + prio = "NONE:+VERS-TLS1.2:+AEAD:+ECDHE-RSA:+AES-256-GCM:+SIGN-RSA-SHA384:+CURVE-SECP384R1:+COMP-NULL"; + } else if (os_strcmp(params->openssl_ciphers, + "ECDHE-RSA-AES256-GCM-SHA384") == 0) { + prio = "NONE:+VERS-TLS1.2:+AEAD:+ECDHE-RSA:+AES-256-GCM:+SIGN-RSA-SHA384:+CURVE-SECP384R1:+COMP-NULL"; + } else if (os_strcmp(params->openssl_ciphers, + "DHE-RSA-AES256-GCM-SHA384") == 0) { + prio = "NONE:+VERS-TLS1.2:+AEAD:+DHE-RSA:+AES-256-GCM:+SIGN-RSA-SHA384:+CURVE-SECP384R1:+COMP-NULL:%PROFILE_HIGH"; + } else if (os_strcmp(params->openssl_ciphers, + "ECDHE-ECDSA-AES256-GCM-SHA384") == 0) { + prio = "NONE:+VERS-TLS1.2:+AEAD:+ECDHE-ECDSA:+AES-256-GCM:+SIGN-RSA-SHA384:+CURVE-SECP384R1:+COMP-NULL"; + } else { + wpa_printf(MSG_INFO, + "GnuTLS: openssl_ciphers not supported"); + return -1; + } + } else if (params->flags & TLS_CONN_SUITEB) { + prio = "NONE:+VERS-TLS1.2:+AEAD:+ECDHE-ECDSA:+ECDHE-RSA:+DHE-RSA:+AES-256-GCM:+SIGN-RSA-SHA384:+CURVE-SECP384R1:+COMP-NULL:%PROFILE_HIGH"; } - /* TODO: gnutls_certificate_set_verify_flags(xcred, flags); + if (prio) { + wpa_printf(MSG_DEBUG, "GnuTLS: Set priority string: %s", prio); + ret = gnutls_priority_set_direct(conn->session, prio, &err); + if (ret < 0) { + wpa_printf(MSG_ERROR, + "GnuTLS: Priority string failure at '%s'", + err); + return -1; + } + } + + /* TODO: gnutls_certificate_set_verify_flags(xcred, flags); * to force peer validation(?) */ if (params->ca_cert) { @@ -425,6 +484,13 @@ int tls_connection_set_params(void *tls_ctx, struct tls_connection *conn, gnutls_strerror(ret)); return -1; } + wpa_printf(MSG_DEBUG, + "GnuTLS: Successfully read CA cert '%s' in PEM format", + params->ca_cert); + } else { + wpa_printf(MSG_DEBUG, + "GnuTLS: Successfully read CA cert '%s' in DER format", + params->ca_cert); } } else if (params->ca_cert_blob) { gnutls_datum_t ca; @@ -472,6 +538,9 @@ int tls_connection_set_params(void *tls_ctx, struct tls_connection *conn, } if (params->client_cert && params->private_key) { + wpa_printf(MSG_DEBUG, + "GnuTLS: Try to parse client cert '%s' and key '%s' in DER format", + params->client_cert, params->private_key); #if GNUTLS_VERSION_NUMBER >= 0x03010b ret = gnutls_certificate_set_x509_key_file2( conn->xcred, params->client_cert, params->private_key, @@ -483,8 +552,9 @@ int tls_connection_set_params(void *tls_ctx, struct tls_connection *conn, GNUTLS_X509_FMT_DER); #endif if (ret < 0) { - wpa_printf(MSG_DEBUG, "Failed to read client cert/key " - "in DER format: %s", gnutls_strerror(ret)); + wpa_printf(MSG_DEBUG, + "GnuTLS: Failed to read client cert/key in DER format (%s) - try in PEM format", + gnutls_strerror(ret)); #if GNUTLS_VERSION_NUMBER >= 0x03010b ret = gnutls_certificate_set_x509_key_file2( conn->xcred, params->client_cert, @@ -501,11 +571,19 @@ int tls_connection_set_params(void *tls_ctx, struct tls_connection *conn, gnutls_strerror(ret)); return ret; } + wpa_printf(MSG_DEBUG, + "GnuTLS: Successfully read client cert/key in PEM format"); + } else { + wpa_printf(MSG_DEBUG, + "GnuTLS: Successfully read client cert/key in DER format"); } } else if (params->private_key) { int pkcs12_ok = 0; #ifdef PKCS12_FUNCS /* Try to load in PKCS#12 format */ + wpa_printf(MSG_DEBUG, + "GnuTLS: Try to parse client cert/key '%s'in PKCS#12 DER format", + params->private_key); ret = gnutls_certificate_set_x509_simple_pkcs12_file( conn->xcred, params->private_key, GNUTLS_X509_FMT_DER, params->private_key_passwd); @@ -1333,6 +1411,7 @@ struct wpabuf * tls_connection_handshake(void *tls_ctx, ret = gnutls_handshake(conn->session); if (ret < 0) { gnutls_alert_description_t alert; + union tls_event_data ev; switch (ret) { case GNUTLS_E_AGAIN: @@ -1343,14 +1422,29 @@ struct wpabuf * tls_connection_handshake(void *tls_ctx, conn->push_buf = wpabuf_alloc(0); } break; + case GNUTLS_E_DH_PRIME_UNACCEPTABLE: + wpa_printf(MSG_DEBUG, "GnuTLS: Unacceptable DH prime"); + if (conn->global->event_cb) { + os_memset(&ev, 0, sizeof(ev)); + ev.alert.is_local = 1; + ev.alert.type = "fatal"; + ev.alert.description = "insufficient security"; + conn->global->event_cb(conn->global->cb_ctx, + TLS_ALERT, &ev); + } + /* + * Could send a TLS Alert to the server, but for now, + * simply terminate handshake. + */ + conn->failed++; + conn->write_alerts++; + break; case GNUTLS_E_FATAL_ALERT_RECEIVED: alert = gnutls_alert_get(conn->session); wpa_printf(MSG_DEBUG, "%s - received fatal '%s' alert", __func__, gnutls_alert_get_name(alert)); conn->read_alerts++; if (conn->global->event_cb != NULL) { - union tls_event_data ev; - os_memset(&ev, 0, sizeof(ev)); ev.alert.is_local = 0; ev.alert.type = gnutls_alert_get_name(alert); @@ -1501,16 +1595,53 @@ int tls_connection_set_cipher_list(void *tls_ctx, struct tls_connection *conn, int tls_get_version(void *ssl_ctx, struct tls_connection *conn, char *buf, size_t buflen) { - /* TODO */ - return -1; + gnutls_protocol_t ver; + + ver = gnutls_protocol_get_version(conn->session); + if (ver == GNUTLS_TLS1_0) + os_strlcpy(buf, "TLSv1", buflen); + else if (ver == GNUTLS_TLS1_1) + os_strlcpy(buf, "TLSv1.1", buflen); + else if (ver == GNUTLS_TLS1_2) + os_strlcpy(buf, "TLSv1.2", buflen); + else + return -1; + return 0; } int tls_get_cipher(void *ssl_ctx, struct tls_connection *conn, char *buf, size_t buflen) { - /* TODO */ - buf[0] = '\0'; + gnutls_cipher_algorithm_t cipher; + gnutls_kx_algorithm_t kx; + gnutls_mac_algorithm_t mac; + const char *kx_str, *cipher_str, *mac_str; + int res; + + cipher = gnutls_cipher_get(conn->session); + cipher_str = gnutls_cipher_get_name(cipher); + if (!cipher_str) + cipher_str = ""; + + kx = gnutls_kx_get(conn->session); + kx_str = gnutls_kx_get_name(kx); + if (!kx_str) + kx_str = ""; + + mac = gnutls_mac_get(conn->session); + mac_str = gnutls_mac_get_name(mac); + if (!mac_str) + mac_str = ""; + + if (kx == GNUTLS_KX_RSA) + res = os_snprintf(buf, buflen, "%s-%s", cipher_str, mac_str); + else + res = os_snprintf(buf, buflen, "%s-%s-%s", + kx_str, cipher_str, mac_str); + if (os_snprintf_error(buflen, res)) + return -1; + return 0; } diff --git a/contrib/wpa/src/crypto/tls_internal.c b/contrib/wpa/src/crypto/tls_internal.c index c7cb5ded331f..d289c9442ceb 100644 --- a/contrib/wpa/src/crypto/tls_internal.c +++ b/contrib/wpa/src/crypto/tls_internal.c @@ -177,6 +177,14 @@ int tls_connection_established(void *tls_ctx, struct tls_connection *conn) } +char * tls_connection_peer_serial_num(void *tls_ctx, + struct tls_connection *conn) +{ + /* TODO */ + return NULL; +} + + int tls_connection_shutdown(void *tls_ctx, struct tls_connection *conn) { #ifdef CONFIG_TLS_INTERNAL_CLIENT diff --git a/contrib/wpa/src/crypto/tls_none.c b/contrib/wpa/src/crypto/tls_none.c index dd5681e9ca3c..5d0c6bda1547 100644 --- a/contrib/wpa/src/crypto/tls_none.c +++ b/contrib/wpa/src/crypto/tls_none.c @@ -45,6 +45,13 @@ int tls_connection_established(void *tls_ctx, struct tls_connection *conn) } +char * tls_connection_peer_serial_num(void *tls_ctx, + struct tls_connection *conn) +{ + return NULL; +} + + int tls_connection_shutdown(void *tls_ctx, struct tls_connection *conn) { return -1; diff --git a/contrib/wpa/src/crypto/tls_openssl.c b/contrib/wpa/src/crypto/tls_openssl.c index 23ac64b48cd9..0d5ebda699f0 100644 --- a/contrib/wpa/src/crypto/tls_openssl.c +++ b/contrib/wpa/src/crypto/tls_openssl.c @@ -59,7 +59,8 @@ typedef int stack_index_t; #endif /* SSL_set_tlsext_status_type */ #if (OPENSSL_VERSION_NUMBER < 0x10100000L || \ - defined(LIBRESSL_VERSION_NUMBER)) && \ + (defined(LIBRESSL_VERSION_NUMBER) && \ + LIBRESSL_VERSION_NUMBER < 0x20700000L)) && \ !defined(BORINGSSL_API_VERSION) /* * SSL_get_client_random() and SSL_get_server_random() were added in OpenSSL @@ -103,6 +104,21 @@ static size_t SSL_SESSION_get_master_key(const SSL_SESSION *session, #endif +#if OPENSSL_VERSION_NUMBER < 0x10100000L +#ifdef CONFIG_SUITEB +static int RSA_bits(const RSA *r) +{ + return BN_num_bits(r->n); +} +#endif /* CONFIG_SUITEB */ + + +static const unsigned char * ASN1_STRING_get0_data(const ASN1_STRING *x) +{ + return ASN1_STRING_data((ASN1_STRING *) x); +} +#endif + #ifdef ANDROID #include <openssl/pem.h> #include <keystore/keystore_get.h> @@ -222,6 +238,8 @@ struct tls_connection { unsigned int server_cert_only:1; unsigned int invalid_hb_used:1; unsigned int success_data:1; + unsigned int client_hello_generated:1; + unsigned int server:1; u8 srv_cert_hash[32]; @@ -233,6 +251,9 @@ struct tls_connection { unsigned char client_random[SSL3_RANDOM_SIZE]; unsigned char server_random[SSL3_RANDOM_SIZE]; + + u16 cipher_suite; + int server_dh_prime_len; }; @@ -919,7 +940,9 @@ void * tls_init(const struct tls_config *conf) } #endif /* OPENSSL_FIPS */ #endif /* CONFIG_FIPS */ -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || \ + (defined(LIBRESSL_VERSION_NUMBER) && \ + LIBRESSL_VERSION_NUMBER < 0x20700000L) SSL_load_error_strings(); SSL_library_init(); #ifndef OPENSSL_NO_SHA256 @@ -972,6 +995,14 @@ void * tls_init(const struct tls_config *conf) SSL_CTX_set_options(ssl, SSL_OP_NO_SSLv2); SSL_CTX_set_options(ssl, SSL_OP_NO_SSLv3); +#ifdef SSL_MODE_NO_AUTO_CHAIN + /* Number of deployed use cases assume the default OpenSSL behavior of + * auto chaining the local certificate is in use. BoringSSL removed this + * functionality by default, so we need to restore it here to avoid + * breaking existing use cases. */ + SSL_CTX_clear_mode(ssl, SSL_MODE_NO_AUTO_CHAIN); +#endif /* SSL_MODE_NO_AUTO_CHAIN */ + SSL_CTX_set_info_callback(ssl, ssl_info_cb); SSL_CTX_set_app_data(ssl, context); if (data->tls_session_lifetime > 0) { @@ -999,8 +1030,10 @@ void * tls_init(const struct tls_config *conf) #ifndef OPENSSL_NO_ENGINE wpa_printf(MSG_DEBUG, "ENGINE: Loading dynamic engine"); +#if OPENSSL_VERSION_NUMBER < 0x10100000L ERR_load_ENGINE_strings(); ENGINE_load_dynamic(); +#endif /* OPENSSL_VERSION_NUMBER */ if (conf && (conf->opensc_engine_path || conf->pkcs11_engine_path || @@ -1017,7 +1050,7 @@ void * tls_init(const struct tls_config *conf) if (conf && conf->openssl_ciphers) ciphers = conf->openssl_ciphers; else - ciphers = "DEFAULT:!EXP:!LOW"; + ciphers = TLS_DEFAULT_CIPHERS; if (SSL_CTX_set_cipher_list(ssl, ciphers) != 1) { wpa_printf(MSG_ERROR, "OpenSSL: Failed to set cipher string '%s'", @@ -1043,7 +1076,9 @@ void tls_deinit(void *ssl_ctx) tls_openssl_ref_count--; if (tls_openssl_ref_count == 0) { -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || \ + (defined(LIBRESSL_VERSION_NUMBER) && \ + LIBRESSL_VERSION_NUMBER < 0x20700000L) #ifndef OPENSSL_NO_ENGINE ENGINE_cleanup(); #endif /* OPENSSL_NO_ENGINE */ @@ -1296,6 +1331,95 @@ static const char * openssl_handshake_type(int content_type, const u8 *buf, } +#ifdef CONFIG_SUITEB + +static void check_server_hello(struct tls_connection *conn, + const u8 *pos, const u8 *end) +{ + size_t payload_len, id_len; + + /* + * Parse ServerHello to get the selected cipher suite since OpenSSL does + * not make it cleanly available during handshake and we need to know + * whether DHE was selected. + */ + + if (end - pos < 3) + return; + payload_len = WPA_GET_BE24(pos); + pos += 3; + + if ((size_t) (end - pos) < payload_len) + return; + end = pos + payload_len; + + /* Skip Version and Random */ + if (end - pos < 2 + SSL3_RANDOM_SIZE) + return; + pos += 2 + SSL3_RANDOM_SIZE; + + /* Skip Session ID */ + if (end - pos < 1) + return; + id_len = *pos++; + if ((size_t) (end - pos) < id_len) + return; + pos += id_len; + + if (end - pos < 2) + return; + conn->cipher_suite = WPA_GET_BE16(pos); + wpa_printf(MSG_DEBUG, "OpenSSL: Server selected cipher suite 0x%x", + conn->cipher_suite); +} + + +static void check_server_key_exchange(SSL *ssl, struct tls_connection *conn, + const u8 *pos, const u8 *end) +{ + size_t payload_len; + u16 dh_len; + BIGNUM *p; + int bits; + + if (!(conn->flags & TLS_CONN_SUITEB)) + return; + + /* DHE is enabled only with DHE-RSA-AES256-GCM-SHA384 */ + if (conn->cipher_suite != 0x9f) + return; + + if (end - pos < 3) + return; + payload_len = WPA_GET_BE24(pos); + pos += 3; + + if ((size_t) (end - pos) < payload_len) + return; + end = pos + payload_len; + + if (end - pos < 2) + return; + dh_len = WPA_GET_BE16(pos); + pos += 2; + + if ((size_t) (end - pos) < dh_len) + return; + p = BN_bin2bn(pos, dh_len, NULL); + if (!p) + return; + + bits = BN_num_bits(p); + BN_free(p); + + conn->server_dh_prime_len = bits; + wpa_printf(MSG_DEBUG, "OpenSSL: Server DH prime length: %d bits", + conn->server_dh_prime_len); +} + +#endif /* CONFIG_SUITEB */ + + static void tls_msg_cb(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg) { @@ -1322,6 +1446,18 @@ static void tls_msg_cb(int write_p, int version, int content_type, conn->invalid_hb_used = 1; } } + +#ifdef CONFIG_SUITEB + /* + * Need to parse these handshake messages to be able to check DH prime + * length since OpenSSL does not expose the new cipher suite and DH + * parameters during handshake (e.g., for cert_cb() callback). + */ + if (content_type == 22 && pos && len > 0 && pos[0] == 2) + check_server_hello(conn, pos + 1, pos + len); + if (content_type == 22 && pos && len > 0 && pos[0] == 12) + check_server_key_exchange(ssl, conn, pos + 1, pos + len); +#endif /* CONFIG_SUITEB */ } @@ -1410,6 +1546,31 @@ int tls_connection_established(void *ssl_ctx, struct tls_connection *conn) } +char * tls_connection_peer_serial_num(void *tls_ctx, + struct tls_connection *conn) +{ + ASN1_INTEGER *ser; + char *serial_num; + size_t len; + + if (!conn->peer_cert) + return NULL; + + ser = X509_get_serialNumber(conn->peer_cert); + if (!ser) + return NULL; + + len = ASN1_STRING_length(ser) * 2 + 1; + serial_num = os_malloc(len); + if (!serial_num) + return NULL; + wpa_snprintf_hex_uppercase(serial_num, len, + ASN1_STRING_get0_data(ser), + ASN1_STRING_length(ser)); + return serial_num; +} + + int tls_connection_shutdown(void *ssl_ctx, struct tls_connection *conn) { if (conn == NULL) @@ -1694,6 +1855,8 @@ static void openssl_tls_cert_event(struct tls_connection *conn, GENERAL_NAME *gen; void *ext; stack_index_t i; + ASN1_INTEGER *ser; + char serial_num[128]; #ifdef CONFIG_SHA256 u8 hash[32]; #endif /* CONFIG_SHA256 */ @@ -1722,6 +1885,14 @@ static void openssl_tls_cert_event(struct tls_connection *conn, ev.peer_cert.depth = depth; ev.peer_cert.subject = subject; + ser = X509_get_serialNumber(err_cert); + if (ser) { + wpa_snprintf_hex_uppercase(serial_num, sizeof(serial_num), + ASN1_STRING_get0_data(ser), + ASN1_STRING_length(ser)); + ev.peer_cert.serial_num = serial_num; + } + ext = X509_get_ext_d2i(err_cert, NID_subject_alt_name, NULL, NULL); for (i = 0; ext && i < sk_GENERAL_NAME_num(ext); i++) { char *pos; @@ -1916,6 +2087,37 @@ static int tls_verify_cb(int preverify_ok, X509_STORE_CTX *x509_ctx) TLS_FAIL_SERVER_CHAIN_PROBE); } +#ifdef CONFIG_SUITEB + if (conn->flags & TLS_CONN_SUITEB) { + EVP_PKEY *pk; + RSA *rsa; + int len = -1; + + pk = X509_get_pubkey(err_cert); + if (pk) { + rsa = EVP_PKEY_get1_RSA(pk); + if (rsa) { + len = RSA_bits(rsa); + RSA_free(rsa); + } + EVP_PKEY_free(pk); + } + + if (len >= 0) { + wpa_printf(MSG_DEBUG, + "OpenSSL: RSA modulus size: %d bits", len); + if (len < 3072) { + preverify_ok = 0; + openssl_tls_fail_event( + conn, err_cert, err, + depth, buf, + "Insufficient RSA modulus size", + TLS_FAIL_INSUFFICIENT_KEY_LEN); + } + } + } +#endif /* CONFIG_SUITEB */ + #ifdef OPENSSL_IS_BORINGSSL if (depth == 0 && (conn->flags & TLS_CONN_REQUEST_OCSP) && preverify_ok) { @@ -2249,15 +2451,48 @@ static int tls_connection_set_subject_match(struct tls_connection *conn, } -static void tls_set_conn_flags(SSL *ssl, unsigned int flags) +#ifdef CONFIG_SUITEB +#if OPENSSL_VERSION_NUMBER >= 0x10002000L +static int suiteb_cert_cb(SSL *ssl, void *arg) +{ + struct tls_connection *conn = arg; + + /* + * This cert_cb() is not really the best location for doing a + * constraint check for the ServerKeyExchange message, but this seems to + * be the only place where the current OpenSSL sequence can be + * terminated cleanly with an TLS alert going out to the server. + */ + + if (!(conn->flags & TLS_CONN_SUITEB)) + return 1; + + /* DHE is enabled only with DHE-RSA-AES256-GCM-SHA384 */ + if (conn->cipher_suite != 0x9f) + return 1; + + if (conn->server_dh_prime_len >= 3072) + return 1; + + wpa_printf(MSG_DEBUG, + "OpenSSL: Server DH prime length (%d bits) not sufficient for Suite B RSA - reject handshake", + conn->server_dh_prime_len); + return 0; +} +#endif /* OPENSSL_VERSION_NUMBER */ +#endif /* CONFIG_SUITEB */ + + +static int tls_set_conn_flags(struct tls_connection *conn, unsigned int flags, + const char *openssl_ciphers) { + SSL *ssl = conn->ssl; + #ifdef SSL_OP_NO_TICKET if (flags & TLS_CONN_DISABLE_SESSION_TICKET) SSL_set_options(ssl, SSL_OP_NO_TICKET); -#ifdef SSL_clear_options else SSL_clear_options(ssl, SSL_OP_NO_TICKET); -#endif /* SSL_clear_options */ #endif /* SSL_OP_NO_TICKET */ #ifdef SSL_OP_NO_TLSv1 @@ -2278,6 +2513,118 @@ static void tls_set_conn_flags(SSL *ssl, unsigned int flags) else SSL_clear_options(ssl, SSL_OP_NO_TLSv1_2); #endif /* SSL_OP_NO_TLSv1_2 */ +#ifdef SSL_OP_NO_TLSv1_3 + if (flags & TLS_CONN_DISABLE_TLSv1_3) + SSL_set_options(ssl, SSL_OP_NO_TLSv1_3); + else + SSL_clear_options(ssl, SSL_OP_NO_TLSv1_3); +#endif /* SSL_OP_NO_TLSv1_3 */ +#ifdef CONFIG_SUITEB +#ifdef OPENSSL_IS_BORINGSSL + /* Start with defaults from BoringSSL */ + SSL_CTX_set_verify_algorithm_prefs(conn->ssl_ctx, NULL, 0); +#endif /* OPENSSL_IS_BORINGSSL */ +#if OPENSSL_VERSION_NUMBER >= 0x10002000L + if (flags & TLS_CONN_SUITEB_NO_ECDH) { + const char *ciphers = "DHE-RSA-AES256-GCM-SHA384"; + + if (openssl_ciphers) { + wpa_printf(MSG_DEBUG, + "OpenSSL: Override ciphers for Suite B (no ECDH): %s", + openssl_ciphers); + ciphers = openssl_ciphers; + } + if (SSL_set_cipher_list(ssl, ciphers) != 1) { + wpa_printf(MSG_INFO, + "OpenSSL: Failed to set Suite B ciphers"); + return -1; + } + } else if (flags & TLS_CONN_SUITEB) { + EC_KEY *ecdh; + const char *ciphers = + "ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384"; + int nid[1] = { NID_secp384r1 }; + + if (openssl_ciphers) { + wpa_printf(MSG_DEBUG, + "OpenSSL: Override ciphers for Suite B: %s", + openssl_ciphers); + ciphers = openssl_ciphers; + } + if (SSL_set_cipher_list(ssl, ciphers) != 1) { + wpa_printf(MSG_INFO, + "OpenSSL: Failed to set Suite B ciphers"); + return -1; + } + + if (SSL_set1_curves(ssl, nid, 1) != 1) { + wpa_printf(MSG_INFO, + "OpenSSL: Failed to set Suite B curves"); + return -1; + } + + ecdh = EC_KEY_new_by_curve_name(NID_secp384r1); + if (!ecdh || SSL_set_tmp_ecdh(ssl, ecdh) != 1) { + EC_KEY_free(ecdh); + wpa_printf(MSG_INFO, + "OpenSSL: Failed to set ECDH parameter"); + return -1; + } + EC_KEY_free(ecdh); + } + if (flags & (TLS_CONN_SUITEB | TLS_CONN_SUITEB_NO_ECDH)) { +#ifdef OPENSSL_IS_BORINGSSL + uint16_t sigalgs[1] = { SSL_SIGN_RSA_PKCS1_SHA384 }; + + if (SSL_CTX_set_verify_algorithm_prefs(conn->ssl_ctx, sigalgs, + 1) != 1) { + wpa_printf(MSG_INFO, + "OpenSSL: Failed to set Suite B sigalgs"); + return -1; + } +#else /* OPENSSL_IS_BORINGSSL */ + /* ECDSA+SHA384 if need to add EC support here */ + if (SSL_set1_sigalgs_list(ssl, "RSA+SHA384") != 1) { + wpa_printf(MSG_INFO, + "OpenSSL: Failed to set Suite B sigalgs"); + return -1; + } +#endif /* OPENSSL_IS_BORINGSSL */ + + SSL_set_options(ssl, SSL_OP_NO_TLSv1); + SSL_set_options(ssl, SSL_OP_NO_TLSv1_1); + SSL_set_cert_cb(ssl, suiteb_cert_cb, conn); + } +#else /* OPENSSL_VERSION_NUMBER < 0x10002000L */ + if (flags & (TLS_CONN_SUITEB | TLS_CONN_SUITEB_NO_ECDH)) { + wpa_printf(MSG_ERROR, + "OpenSSL: Suite B RSA case not supported with this OpenSSL version"); + return -1; + } +#endif /* OPENSSL_VERSION_NUMBER */ + +#ifdef OPENSSL_IS_BORINGSSL + if (openssl_ciphers && os_strcmp(openssl_ciphers, "SUITEB192") == 0) { + uint16_t sigalgs[1] = { SSL_SIGN_ECDSA_SECP384R1_SHA384 }; + int nid[1] = { NID_secp384r1 }; + + if (SSL_set1_curves(ssl, nid, 1) != 1) { + wpa_printf(MSG_INFO, + "OpenSSL: Failed to set Suite B curves"); + return -1; + } + + if (SSL_CTX_set_verify_algorithm_prefs(conn->ssl_ctx, sigalgs, + 1) != 1) { + wpa_printf(MSG_INFO, + "OpenSSL: Failed to set Suite B sigalgs"); + return -1; + } + } +#endif /* OPENSSL_IS_BORINGSSL */ +#endif /* CONFIG_SUITEB */ + + return 0; } @@ -2301,7 +2648,8 @@ int tls_connection_set_verify(void *ssl_ctx, struct tls_connection *conn, SSL_set_verify(conn->ssl, SSL_VERIFY_NONE, NULL); } - tls_set_conn_flags(conn->ssl, flags); + if (tls_set_conn_flags(conn, flags, NULL) < 0) + return -1; conn->flags = flags; SSL_set_accept_state(conn->ssl); @@ -2334,7 +2682,7 @@ static int tls_connection_client_cert(struct tls_connection *conn, return 0; #ifdef PKCS12_FUNCS -#if OPENSSL_VERSION_NUMBER < 0x10002000L +#if OPENSSL_VERSION_NUMBER < 0x10002000L || defined(LIBRESSL_VERSION_NUMBER) /* * Clear previously set extra chain certificates, if any, from PKCS#12 * processing in tls_parse_pkcs12() to allow OpenSSL to build a new @@ -2365,13 +2713,24 @@ static int tls_connection_client_cert(struct tls_connection *conn, int ret = -1; if (bio) { x509 = PEM_read_bio_X509(bio, NULL, NULL, NULL); - BIO_free(bio); } if (x509) { if (SSL_use_certificate(conn->ssl, x509) == 1) ret = 0; X509_free(x509); } + + /* Read additional certificates into the chain. */ + while (bio) { + x509 = PEM_read_bio_X509(bio, NULL, NULL, NULL); + if (x509) { + /* Takes ownership of x509 */ + SSL_add0_chain_cert(conn->ssl, x509); + } else { + BIO_free(bio); + bio = NULL; + } + } return ret; } #endif /* ANDROID */ @@ -2430,16 +2789,6 @@ static int tls_global_client_cert(struct tls_data *data, } -static int tls_passwd_cb(char *buf, int size, int rwflag, void *password) -{ - if (password == NULL) { - return 0; - } - os_strlcpy(buf, (char *) password, size); - return os_strlen(buf); -} - - #ifdef PKCS12_FUNCS static int tls_parse_pkcs12(struct tls_data *data, SSL *ssl, PKCS12 *p12, const char *passwd) @@ -2758,6 +3107,64 @@ static int tls_connection_engine_private_key(struct tls_connection *conn) } +#ifndef OPENSSL_NO_STDIO +static int tls_passwd_cb(char *buf, int size, int rwflag, void *password) +{ + if (!password) + return 0; + os_strlcpy(buf, (const char *) password, size); + return os_strlen(buf); +} +#endif /* OPENSSL_NO_STDIO */ + + +static int tls_use_private_key_file(struct tls_data *data, SSL *ssl, + const char *private_key, + const char *private_key_passwd) +{ +#ifndef OPENSSL_NO_STDIO + BIO *bio; + EVP_PKEY *pkey; + int ret; + + /* First try ASN.1 (DER). */ + bio = BIO_new_file(private_key, "r"); + if (!bio) + return -1; + pkey = d2i_PrivateKey_bio(bio, NULL); + BIO_free(bio); + + if (pkey) { + wpa_printf(MSG_DEBUG, "OpenSSL: %s (DER) --> loaded", __func__); + } else { + /* Try PEM with the provided password. */ + bio = BIO_new_file(private_key, "r"); + if (!bio) + return -1; + pkey = PEM_read_bio_PrivateKey(bio, NULL, tls_passwd_cb, + (void *) private_key_passwd); + BIO_free(bio); + if (!pkey) + return -1; + wpa_printf(MSG_DEBUG, "OpenSSL: %s (PEM) --> loaded", __func__); + /* Clear errors from the previous failed load. */ + ERR_clear_error(); + } + + if (ssl) + ret = SSL_use_PrivateKey(ssl, pkey); + else + ret = SSL_CTX_use_PrivateKey(data->ssl, pkey); + + EVP_PKEY_free(pkey); + return ret == 1 ? 0 : -1; +#else /* OPENSSL_NO_STDIO */ + wpa_printf(MSG_DEBUG, "OpenSSL: %s - OPENSSL_NO_STDIO", __func__); + return -1; +#endif /* OPENSSL_NO_STDIO */ +} + + static int tls_connection_private_key(struct tls_data *data, struct tls_connection *conn, const char *private_key, @@ -2765,23 +3172,11 @@ static int tls_connection_private_key(struct tls_data *data, const u8 *private_key_blob, size_t private_key_blob_len) { - SSL_CTX *ssl_ctx = data->ssl; - char *passwd; int ok; if (private_key == NULL && private_key_blob == NULL) return 0; - if (private_key_passwd) { - passwd = os_strdup(private_key_passwd); - if (passwd == NULL) - return -1; - } else - passwd = NULL; - - SSL_CTX_set_default_passwd_cb(ssl_ctx, tls_passwd_cb); - SSL_CTX_set_default_passwd_cb_userdata(ssl_ctx, passwd); - ok = 0; while (private_key_blob) { if (SSL_use_PrivateKey_ASN1(EVP_PKEY_RSA, conn->ssl, @@ -2812,7 +3207,8 @@ static int tls_connection_private_key(struct tls_data *data, } if (tls_read_pkcs12_blob(data, conn->ssl, private_key_blob, - private_key_blob_len, passwd) == 0) { + private_key_blob_len, + private_key_passwd) == 0) { wpa_printf(MSG_DEBUG, "OpenSSL: PKCS#12 as blob --> " "OK"); ok = 1; @@ -2823,29 +3219,14 @@ static int tls_connection_private_key(struct tls_data *data, } while (!ok && private_key) { -#ifndef OPENSSL_NO_STDIO - if (SSL_use_PrivateKey_file(conn->ssl, private_key, - SSL_FILETYPE_ASN1) == 1) { - wpa_printf(MSG_DEBUG, "OpenSSL: " - "SSL_use_PrivateKey_File (DER) --> OK"); + if (tls_use_private_key_file(data, conn->ssl, private_key, + private_key_passwd) == 0) { ok = 1; break; } - if (SSL_use_PrivateKey_file(conn->ssl, private_key, - SSL_FILETYPE_PEM) == 1) { - wpa_printf(MSG_DEBUG, "OpenSSL: " - "SSL_use_PrivateKey_File (PEM) --> OK"); - ok = 1; - break; - } -#else /* OPENSSL_NO_STDIO */ - wpa_printf(MSG_DEBUG, "OpenSSL: %s - OPENSSL_NO_STDIO", - __func__); -#endif /* OPENSSL_NO_STDIO */ - - if (tls_read_pkcs12(data, conn->ssl, private_key, passwd) - == 0) { + if (tls_read_pkcs12(data, conn->ssl, private_key, + private_key_passwd) == 0) { wpa_printf(MSG_DEBUG, "OpenSSL: Reading PKCS#12 file " "--> OK"); ok = 1; @@ -2865,12 +3246,9 @@ static int tls_connection_private_key(struct tls_data *data, if (!ok) { tls_show_errors(MSG_INFO, __func__, "Failed to load private key"); - os_free(passwd); return -1; } ERR_clear_error(); - SSL_CTX_set_default_passwd_cb(ssl_ctx, NULL); - os_free(passwd); if (!SSL_check_private_key(conn->ssl)) { tls_show_errors(MSG_INFO, __func__, "Private key failed " @@ -2888,37 +3266,19 @@ static int tls_global_private_key(struct tls_data *data, const char *private_key_passwd) { SSL_CTX *ssl_ctx = data->ssl; - char *passwd; if (private_key == NULL) return 0; - if (private_key_passwd) { - passwd = os_strdup(private_key_passwd); - if (passwd == NULL) - return -1; - } else - passwd = NULL; - - SSL_CTX_set_default_passwd_cb(ssl_ctx, tls_passwd_cb); - SSL_CTX_set_default_passwd_cb_userdata(ssl_ctx, passwd); - if ( -#ifndef OPENSSL_NO_STDIO - SSL_CTX_use_PrivateKey_file(ssl_ctx, private_key, - SSL_FILETYPE_ASN1) != 1 && - SSL_CTX_use_PrivateKey_file(ssl_ctx, private_key, - SSL_FILETYPE_PEM) != 1 && -#endif /* OPENSSL_NO_STDIO */ - tls_read_pkcs12(data, NULL, private_key, passwd)) { + if (tls_use_private_key_file(data, NULL, private_key, + private_key_passwd) && + tls_read_pkcs12(data, NULL, private_key, private_key_passwd)) { tls_show_errors(MSG_INFO, __func__, "Failed to load private key"); - os_free(passwd); ERR_clear_error(); return -1; } - os_free(passwd); ERR_clear_error(); - SSL_CTX_set_default_passwd_cb(ssl_ctx, NULL); if (!SSL_CTX_check_private_key(ssl_ctx)) { tls_show_errors(MSG_INFO, __func__, @@ -3105,7 +3465,9 @@ int tls_connection_get_random(void *ssl_ctx, struct tls_connection *conn, #ifdef OPENSSL_NEED_EAP_FAST_PRF static int openssl_get_keyblock_size(SSL *ssl) { -#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) +#if OPENSSL_VERSION_NUMBER < 0x10100000L || \ + (defined(LIBRESSL_VERSION_NUMBER) && \ + LIBRESSL_VERSION_NUMBER < 0x20700000L) const EVP_CIPHER *c; const EVP_MD *h; int md_size; @@ -3252,8 +3614,7 @@ int tls_connection_get_eap_fast_key(void *tls_ctx, struct tls_connection *conn, static struct wpabuf * -openssl_handshake(struct tls_connection *conn, const struct wpabuf *in_data, - int server) +openssl_handshake(struct tls_connection *conn, const struct wpabuf *in_data) { int res; struct wpabuf *out_data; @@ -3271,7 +3632,7 @@ openssl_handshake(struct tls_connection *conn, const struct wpabuf *in_data, } /* Initiate TLS handshake or continue the existing handshake */ - if (server) + if (conn->server) res = SSL_accept(conn->ssl); else res = SSL_connect(conn->ssl); @@ -3286,8 +3647,57 @@ openssl_handshake(struct tls_connection *conn, const struct wpabuf *in_data, else { tls_show_errors(MSG_INFO, __func__, "SSL_connect"); conn->failed++; + if (!conn->server && !conn->client_hello_generated) { + /* The server would not understand TLS Alert + * before ClientHello, so simply terminate + * handshake on this type of error case caused + * by a likely internal error like no ciphers + * available. */ + wpa_printf(MSG_DEBUG, + "OpenSSL: Could not generate ClientHello"); + conn->write_alerts++; + return NULL; + } + } + } + + if (!conn->server && !conn->failed) + conn->client_hello_generated = 1; + +#ifdef CONFIG_SUITEB + if ((conn->flags & TLS_CONN_SUITEB) && !conn->server && + os_strncmp(SSL_get_cipher(conn->ssl), "DHE-", 4) == 0 && + conn->server_dh_prime_len < 3072) { + struct tls_context *context = conn->context; + + /* + * This should not be reached since earlier cert_cb should have + * terminated the handshake. Keep this check here for extra + * protection if anything goes wrong with the more low-level + * checks based on having to parse the TLS handshake messages. + */ + wpa_printf(MSG_DEBUG, + "OpenSSL: Server DH prime length: %d bits", + conn->server_dh_prime_len); + + if (context->event_cb) { + union tls_event_data ev; + + os_memset(&ev, 0, sizeof(ev)); + ev.alert.is_local = 1; + ev.alert.type = "fatal"; + ev.alert.description = "insufficient security"; + context->event_cb(context->cb_ctx, TLS_ALERT, &ev); } + /* + * Could send a TLS Alert to the server, but for now, simply + * terminate handshake. + */ + conn->failed++; + conn->write_alerts++; + return NULL; } +#endif /* CONFIG_SUITEB */ /* Get the TLS handshake data to be sent to the server */ res = BIO_ctrl_pending(conn->ssl_out); @@ -3358,14 +3768,14 @@ openssl_get_appl_data(struct tls_connection *conn, size_t max_len) static struct wpabuf * openssl_connection_handshake(struct tls_connection *conn, const struct wpabuf *in_data, - struct wpabuf **appl_data, int server) + struct wpabuf **appl_data) { struct wpabuf *out_data; if (appl_data) *appl_data = NULL; - out_data = openssl_handshake(conn, in_data, server); + out_data = openssl_handshake(conn, in_data); if (out_data == NULL) return NULL; if (conn->invalid_hb_used) { @@ -3402,7 +3812,7 @@ tls_connection_handshake(void *ssl_ctx, struct tls_connection *conn, const struct wpabuf *in_data, struct wpabuf **appl_data) { - return openssl_connection_handshake(conn, in_data, appl_data, 0); + return openssl_connection_handshake(conn, in_data, appl_data); } @@ -3411,7 +3821,8 @@ struct wpabuf * tls_connection_server_handshake(void *tls_ctx, const struct wpabuf *in_data, struct wpabuf **appl_data) { - return openssl_connection_handshake(conn, in_data, appl_data, 1); + conn->server = 1; + return openssl_connection_handshake(conn, in_data, appl_data); } @@ -3506,7 +3917,7 @@ struct wpabuf * tls_connection_decrypt(void *tls_ctx, int tls_connection_resumed(void *ssl_ctx, struct tls_connection *conn) { - return conn ? SSL_cache_hit(conn->ssl) : 0; + return conn ? SSL_session_reused(conn->ssl) : 0; } @@ -3747,7 +4158,7 @@ static int ocsp_resp_cb(SSL *s, void *arg) { struct tls_connection *conn = arg; const unsigned char *p; - int len, status, reason; + int len, status, reason, res; OCSP_RESPONSE *rsp; OCSP_BASICRESP *basic; OCSP_CERTID *id; @@ -3842,16 +4253,33 @@ static int ocsp_resp_cb(SSL *s, void *arg) return 0; } - id = OCSP_cert_to_id(NULL, conn->peer_cert, conn->peer_issuer); + id = OCSP_cert_to_id(EVP_sha256(), conn->peer_cert, conn->peer_issuer); if (!id) { - wpa_printf(MSG_DEBUG, "OpenSSL: Could not create OCSP certificate identifier"); + wpa_printf(MSG_DEBUG, + "OpenSSL: Could not create OCSP certificate identifier (SHA256)"); OCSP_BASICRESP_free(basic); OCSP_RESPONSE_free(rsp); return 0; } - if (!OCSP_resp_find_status(basic, id, &status, &reason, &produced_at, - &this_update, &next_update)) { + res = OCSP_resp_find_status(basic, id, &status, &reason, &produced_at, + &this_update, &next_update); + if (!res) { + id = OCSP_cert_to_id(NULL, conn->peer_cert, conn->peer_issuer); + if (!id) { + wpa_printf(MSG_DEBUG, + "OpenSSL: Could not create OCSP certificate identifier (SHA1)"); + OCSP_BASICRESP_free(basic); + OCSP_RESPONSE_free(rsp); + return 0; + } + + res = OCSP_resp_find_status(basic, id, &status, &reason, + &produced_at, &this_update, + &next_update); + } + + if (!res) { wpa_printf(MSG_INFO, "OpenSSL: Could not find current server certificate from OCSP response%s", (conn->flags & TLS_CONN_REQUIRE_OCSP) ? "" : " (OCSP not required)"); @@ -3935,6 +4363,7 @@ int tls_connection_set_params(void *tls_ctx, struct tls_connection *conn, const char *cert_id = params->cert_id; const char *ca_cert_id = params->ca_cert_id; const char *engine_id = params->engine ? params->engine_id : NULL; + const char *ciphers; if (conn == NULL) return -1; @@ -3976,7 +4405,7 @@ int tls_connection_set_params(void *tls_ctx, struct tls_connection *conn, engine_id = "pkcs11"; #if defined(EAP_FAST) || defined(EAP_FAST_DYNAMIC) || defined(EAP_SERVER_FAST) -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) if (params->flags & TLS_CONN_EAP_FAST) { wpa_printf(MSG_DEBUG, "OpenSSL: Use TLSv1_method() for EAP-FAST"); @@ -3987,6 +4416,17 @@ int tls_connection_set_params(void *tls_ctx, struct tls_connection *conn, } } #endif +#if OPENSSL_VERSION_NUMBER >= 0x10101000L +#ifdef SSL_OP_NO_TLSv1_3 + if (params->flags & TLS_CONN_EAP_FAST) { + /* Need to disable TLS v1.3 at least for now since OpenSSL 1.1.1 + * refuses to start the handshake with the modified ciphersuite + * list (no TLS v1.3 ciphersuites included) for EAP-FAST. */ + wpa_printf(MSG_DEBUG, "OpenSSL: Disable TLSv1.3 for EAP-FAST"); + SSL_set_options(conn->ssl, SSL_OP_NO_TLSv1_3); + } +#endif /* SSL_OP_NO_TLSv1_3 */ +#endif #endif /* EAP_FAST || EAP_FAST_DYNAMIC || EAP_SERVER_FAST */ while ((err = ERR_get_error())) { @@ -4045,15 +4485,27 @@ int tls_connection_set_params(void *tls_ctx, struct tls_connection *conn, return -1; } - if (params->openssl_ciphers && - SSL_set_cipher_list(conn->ssl, params->openssl_ciphers) != 1) { + ciphers = params->openssl_ciphers; +#ifdef CONFIG_SUITEB +#ifdef OPENSSL_IS_BORINGSSL + if (ciphers && os_strcmp(ciphers, "SUITEB192") == 0) { + /* BoringSSL removed support for SUITEB192, so need to handle + * this with hardcoded ciphersuite and additional checks for + * other parameters. */ + ciphers = "ECDHE-ECDSA-AES256-GCM-SHA384"; + } +#endif /* OPENSSL_IS_BORINGSSL */ +#endif /* CONFIG_SUITEB */ + if (ciphers && SSL_set_cipher_list(conn->ssl, ciphers) != 1) { wpa_printf(MSG_INFO, "OpenSSL: Failed to set cipher string '%s'", - params->openssl_ciphers); + ciphers); return -1; } - tls_set_conn_flags(conn->ssl, params->flags); + if (tls_set_conn_flags(conn, params->flags, + params->openssl_ciphers) < 0) + return -1; #ifdef OPENSSL_IS_BORINGSSL if (params->flags & TLS_CONN_REQUEST_OCSP) { @@ -4120,10 +4572,8 @@ int tls_global_set_params(void *tls_ctx, #ifdef SSL_OP_NO_TICKET if (params->flags & TLS_CONN_DISABLE_SESSION_TICKET) SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_TICKET); -#ifdef SSL_CTX_clear_options else SSL_CTX_clear_options(ssl_ctx, SSL_OP_NO_TICKET); -#endif /* SSL_clear_options */ #endif /* SSL_OP_NO_TICKET */ #ifdef HAVE_OCSP @@ -4159,7 +4609,9 @@ static int tls_sess_sec_cb(SSL *s, void *secret, int *secret_len, struct tls_connection *conn = arg; int ret; -#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) +#if OPENSSL_VERSION_NUMBER < 0x10100000L || \ + (defined(LIBRESSL_VERSION_NUMBER) && \ + LIBRESSL_VERSION_NUMBER < 0x20700000L) if (conn == NULL || conn->session_ticket_cb == NULL) return 0; @@ -4212,11 +4664,10 @@ static int tls_session_ticket_ext_cb(SSL *s, const unsigned char *data, wpa_hexdump(MSG_DEBUG, "OpenSSL: ClientHello SessionTicket " "extension", data, len); - conn->session_ticket = os_malloc(len); + conn->session_ticket = os_memdup(data, len); if (conn->session_ticket == NULL) return 0; - os_memcpy(conn->session_ticket, data, len); conn->session_ticket_len = len; return 1; diff --git a/contrib/wpa/src/crypto/tls_wolfssl.c b/contrib/wpa/src/crypto/tls_wolfssl.c new file mode 100644 index 000000000000..cc8c704466d2 --- /dev/null +++ b/contrib/wpa/src/crypto/tls_wolfssl.c @@ -0,0 +1,2175 @@ +/* + * SSL/TLS interface functions for wolfSSL TLS case + * Copyright (c) 2004-2017, Jouni Malinen <j@w1.fi> + * + * This software may be distributed under the terms of the BSD license. + * See README for more details. + */ + +#include "includes.h" + +#include "common.h" +#include "crypto.h" +#include "crypto/sha1.h" +#include "crypto/sha256.h" +#include "tls.h" + +/* wolfSSL includes */ +#include <wolfssl/options.h> +#include <wolfssl/ssl.h> +#include <wolfssl/error-ssl.h> +#include <wolfssl/wolfcrypt/asn.h> + +#if defined(EAP_FAST) || defined(EAP_FAST_DYNAMIC) || defined(EAP_SERVER_FAST) +#define HAVE_AESGCM +#include <wolfssl/wolfcrypt/aes.h> +#endif + +#if !defined(CONFIG_FIPS) && \ + (defined(EAP_FAST) || defined(EAP_FAST_DYNAMIC) || \ + defined(EAP_SERVER_FAST)) +#define WOLFSSL_NEED_EAP_FAST_PRF +#endif + +#define SECRET_LEN 48 +#define RAN_LEN 32 +#define SESSION_TICKET_LEN 256 + +static int tls_ref_count = 0; + +static int tls_ex_idx_session = 0; + + +/* tls input data for wolfSSL Read Callback */ +struct tls_in_data { + const struct wpabuf *in_data; + size_t consumed; /* how many bytes have we used already */ +}; + +/* tls output data for wolfSSL Write Callback */ +struct tls_out_data { + struct wpabuf *out_data; +}; + +struct tls_context { + void (*event_cb)(void *ctx, enum tls_event ev, + union tls_event_data *data); + void *cb_ctx; + int cert_in_cb; + char *ocsp_stapling_response; +}; + +static struct tls_context *tls_global = NULL; + +/* wolfssl tls_connection */ +struct tls_connection { + struct tls_context *context; + WOLFSSL *ssl; + int read_alerts; + int write_alerts; + int failed; + struct tls_in_data input; + struct tls_out_data output; + char *subject_match; + char *alt_subject_match; + char *suffix_match; + char *domain_match; + + u8 srv_cert_hash[32]; + + unsigned char client_random[RAN_LEN]; + unsigned char server_random[RAN_LEN]; + unsigned int flags; +#if defined(EAP_FAST) || defined(EAP_FAST_DYNAMIC) || defined(EAP_SERVER_FAST) + tls_session_ticket_cb session_ticket_cb; + void *session_ticket_cb_ctx; + byte session_ticket[SESSION_TICKET_LEN]; +#endif + unsigned int ca_cert_verify:1; + unsigned int cert_probe:1; + unsigned int server_cert_only:1; + unsigned int success_data:1; + + WOLFSSL_X509 *peer_cert; + WOLFSSL_X509 *peer_issuer; + WOLFSSL_X509 *peer_issuer_issuer; +}; + + +static struct tls_context * tls_context_new(const struct tls_config *conf) +{ + struct tls_context *context = os_zalloc(sizeof(*context)); + + if (!context) + return NULL; + + if (conf) { + context->event_cb = conf->event_cb; + context->cb_ctx = conf->cb_ctx; + context->cert_in_cb = conf->cert_in_cb; + } + + return context; +} + + +static void wolfssl_reset_in_data(struct tls_in_data *in, + const struct wpabuf *buf) +{ + /* old one not owned by us so don't free */ + in->in_data = buf; + in->consumed = 0; +} + + +static void wolfssl_reset_out_data(struct tls_out_data *out) +{ + /* old one not owned by us so don't free */ + out->out_data = wpabuf_alloc_copy("", 0); +} + + +/* wolfSSL I/O Receive CallBack */ +static int wolfssl_receive_cb(WOLFSSL *ssl, char *buf, int sz, void *ctx) +{ + size_t get = sz; + struct tls_in_data *data = ctx; + + if (!data) + return -1; + + if (get > (wpabuf_len(data->in_data) - data->consumed)) + get = wpabuf_len(data->in_data) - data->consumed; + + os_memcpy(buf, wpabuf_head(data->in_data) + data->consumed, get); + data->consumed += get; + + if (get == 0) + return -2; /* WANT_READ */ + + return (int) get; +} + + +/* wolfSSL I/O Send CallBack */ +static int wolfssl_send_cb(WOLFSSL *ssl, char *buf, int sz, void *ctx) +{ + struct wpabuf *tmp; + struct tls_out_data *data = ctx; + + if (!data) + return -1; + + wpa_printf(MSG_DEBUG, "SSL: adding %d bytes", sz); + + tmp = wpabuf_alloc_copy(buf, sz); + if (!tmp) + return -1; + data->out_data = wpabuf_concat(data->out_data, tmp); + if (!data->out_data) + return -1; + + return sz; +} + + +static void remove_session_cb(WOLFSSL_CTX *ctx, WOLFSSL_SESSION *sess) +{ + struct wpabuf *buf; + + buf = wolfSSL_SESSION_get_ex_data(sess, tls_ex_idx_session); + if (!buf) + return; + wpa_printf(MSG_DEBUG, + "wolfSSL: Free application session data %p (sess %p)", + buf, sess); + wpabuf_free(buf); + + wolfSSL_SESSION_set_ex_data(sess, tls_ex_idx_session, NULL); +} + + +void * tls_init(const struct tls_config *conf) +{ + WOLFSSL_CTX *ssl_ctx; + struct tls_context *context; + const char *ciphers; + +#ifdef DEBUG_WOLFSSL + wolfSSL_Debugging_ON(); +#endif /* DEBUG_WOLFSSL */ + + context = tls_context_new(conf); + if (!context) + return NULL; + + if (tls_ref_count == 0) { + tls_global = context; + + if (wolfSSL_Init() < 0) + return NULL; + /* wolfSSL_Debugging_ON(); */ + } + + tls_ref_count++; + + /* start as client */ + ssl_ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()); + if (!ssl_ctx) { + tls_ref_count--; + if (context != tls_global) + os_free(context); + if (tls_ref_count == 0) { + os_free(tls_global); + tls_global = NULL; + } + } + wolfSSL_SetIORecv(ssl_ctx, wolfssl_receive_cb); + wolfSSL_SetIOSend(ssl_ctx, wolfssl_send_cb); + wolfSSL_CTX_set_ex_data(ssl_ctx, 0, context); + + if (conf->tls_session_lifetime > 0) { + wolfSSL_CTX_set_quiet_shutdown(ssl_ctx, 1); + wolfSSL_CTX_set_session_cache_mode(ssl_ctx, + SSL_SESS_CACHE_SERVER); + wolfSSL_CTX_set_timeout(ssl_ctx, conf->tls_session_lifetime); + wolfSSL_CTX_sess_set_remove_cb(ssl_ctx, remove_session_cb); + } else { + wolfSSL_CTX_set_session_cache_mode(ssl_ctx, + SSL_SESS_CACHE_CLIENT); + } + + if (conf && conf->openssl_ciphers) + ciphers = conf->openssl_ciphers; + else + ciphers = "ALL"; + if (wolfSSL_CTX_set_cipher_list(ssl_ctx, ciphers) != 1) { + wpa_printf(MSG_ERROR, + "wolfSSL: Failed to set cipher string '%s'", + ciphers); + tls_deinit(ssl_ctx); + return NULL; + } + + return ssl_ctx; +} + + +void tls_deinit(void *ssl_ctx) +{ + struct tls_context *context = wolfSSL_CTX_get_ex_data(ssl_ctx, 0); + + if (context != tls_global) + os_free(context); + + wolfSSL_CTX_free((WOLFSSL_CTX *) ssl_ctx); + + tls_ref_count--; + if (tls_ref_count == 0) { + wolfSSL_Cleanup(); + os_free(tls_global); + tls_global = NULL; + } +} + + +int tls_get_errors(void *tls_ctx) +{ +#ifdef DEBUG_WOLFSSL +#if 0 + unsigned long err; + + err = wolfSSL_ERR_peek_last_error_line(NULL, NULL); + if (err != 0) { + wpa_printf(MSG_INFO, "TLS - SSL error: %s", + wolfSSL_ERR_error_string(err, NULL)); + return 1; + } +#endif +#endif /* DEBUG_WOLFSSL */ + return 0; +} + + +struct tls_connection * tls_connection_init(void *tls_ctx) +{ + WOLFSSL_CTX *ssl_ctx = tls_ctx; + struct tls_connection *conn; + + wpa_printf(MSG_DEBUG, "SSL: connection init"); + + conn = os_zalloc(sizeof(*conn)); + if (!conn) + return NULL; + conn->ssl = wolfSSL_new(ssl_ctx); + if (!conn->ssl) { + os_free(conn); + return NULL; + } + + wolfSSL_SetIOReadCtx(conn->ssl, &conn->input); + wolfSSL_SetIOWriteCtx(conn->ssl, &conn->output); + wolfSSL_set_ex_data(conn->ssl, 0, conn); + conn->context = wolfSSL_CTX_get_ex_data(ssl_ctx, 0); + + /* Need randoms post-hanshake for EAP-FAST, export key and deriving + * session ID in EAP methods. */ + wolfSSL_KeepArrays(conn->ssl); + wolfSSL_KeepHandshakeResources(conn->ssl); + wolfSSL_UseClientSuites(conn->ssl); + + return conn; +} + + +void tls_connection_deinit(void *tls_ctx, struct tls_connection *conn) +{ + if (!conn) + return; + + wpa_printf(MSG_DEBUG, "SSL: connection deinit"); + + /* parts */ + wolfSSL_free(conn->ssl); + os_free(conn->subject_match); + os_free(conn->alt_subject_match); + os_free(conn->suffix_match); + os_free(conn->domain_match); + + /* self */ + os_free(conn); +} + + +int tls_connection_established(void *tls_ctx, struct tls_connection *conn) +{ + return conn ? wolfSSL_is_init_finished(conn->ssl) : 0; +} + + +char * tls_connection_peer_serial_num(void *tls_ctx, + struct tls_connection *conn) +{ + /* TODO */ + return NULL; +} + + +int tls_connection_shutdown(void *tls_ctx, struct tls_connection *conn) +{ + WOLFSSL_SESSION *session; + + if (!conn) + return -1; + + wpa_printf(MSG_DEBUG, "SSL: connection shutdown"); + + /* Set quiet as OpenSSL does */ + wolfSSL_set_quiet_shutdown(conn->ssl, 1); + wolfSSL_shutdown(conn->ssl); + + session = wolfSSL_get_session(conn->ssl); + if (wolfSSL_clear(conn->ssl) != 1) + return -1; + wolfSSL_set_session(conn->ssl, session); + + return 0; +} + + +static int tls_connection_set_subject_match(struct tls_connection *conn, + const char *subject_match, + const char *alt_subject_match, + const char *suffix_match, + const char *domain_match) +{ + os_free(conn->subject_match); + conn->subject_match = NULL; + if (subject_match) { + conn->subject_match = os_strdup(subject_match); + if (!conn->subject_match) + return -1; + } + + os_free(conn->alt_subject_match); + conn->alt_subject_match = NULL; + if (alt_subject_match) { + conn->alt_subject_match = os_strdup(alt_subject_match); + if (!conn->alt_subject_match) + return -1; + } + + os_free(conn->suffix_match); + conn->suffix_match = NULL; + if (suffix_match) { + conn->suffix_match = os_strdup(suffix_match); + if (!conn->suffix_match) + return -1; + } + + os_free(conn->domain_match); + conn->domain_match = NULL; + if (domain_match) { + conn->domain_match = os_strdup(domain_match); + if (!conn->domain_match) + return -1; + } + + return 0; +} + + +static int tls_connection_dh(struct tls_connection *conn, const char *dh_file, + const u8 *dh_blob, size_t blob_len) +{ + if (!dh_file && !dh_blob) + return 0; + + wolfSSL_set_accept_state(conn->ssl); + + if (dh_blob) { + if (wolfSSL_SetTmpDH_buffer(conn->ssl, dh_blob, blob_len, + SSL_FILETYPE_ASN1) < 0) { + wpa_printf(MSG_INFO, "SSL: use DH DER blob failed"); + return -1; + } + wpa_printf(MSG_DEBUG, "SSL: use DH blob OK"); + return 0; + } + + if (dh_file) { + wpa_printf(MSG_INFO, "SSL: use DH PEM file: %s", dh_file); + if (wolfSSL_SetTmpDH_file(conn->ssl, dh_file, + SSL_FILETYPE_PEM) < 0) { + wpa_printf(MSG_INFO, "SSL: use DH PEM file failed"); + if (wolfSSL_SetTmpDH_file(conn->ssl, dh_file, + SSL_FILETYPE_ASN1) < 0) { + wpa_printf(MSG_INFO, + "SSL: use DH DER file failed"); + return -1; + } + } + wpa_printf(MSG_DEBUG, "SSL: use DH file OK"); + return 0; + } + + return 0; +} + + +static int tls_connection_client_cert(struct tls_connection *conn, + const char *client_cert, + const u8 *client_cert_blob, + size_t blob_len) +{ + if (!client_cert && !client_cert_blob) + return 0; + + if (client_cert_blob) { + if (wolfSSL_use_certificate_chain_buffer_format( + conn->ssl, client_cert_blob, blob_len, + SSL_FILETYPE_ASN1) < 0) { + wpa_printf(MSG_INFO, + "SSL: use client cert DER blob failed"); + return -1; + } + wpa_printf(MSG_DEBUG, "SSL: use client cert blob OK"); + return 0; + } + + if (client_cert) { + if (wolfSSL_use_certificate_chain_file(conn->ssl, + client_cert) < 0) { + wpa_printf(MSG_INFO, + "SSL: use client cert PEM file failed"); + if (wolfSSL_use_certificate_chain_file_format( + conn->ssl, client_cert, + SSL_FILETYPE_ASN1) < 0) { + wpa_printf(MSG_INFO, + "SSL: use client cert DER file failed"); + return -1; + } + } + wpa_printf(MSG_DEBUG, "SSL: use client cert file OK"); + return 0; + } + + return 0; +} + + +static int tls_passwd_cb(char *buf, int size, int rwflag, void *password) +{ + if (!password) + return 0; + os_strlcpy(buf, (char *) password, size); + return os_strlen(buf); +} + + +static int tls_connection_private_key(void *tls_ctx, + struct tls_connection *conn, + const char *private_key, + const char *private_key_passwd, + const u8 *private_key_blob, + size_t blob_len) +{ + WOLFSSL_CTX *ctx = tls_ctx; + char *passwd = NULL; + int ok = 0; + + if (!private_key && !private_key_blob) + return 0; + + if (private_key_passwd) { + passwd = os_strdup(private_key_passwd); + if (!passwd) + return -1; + } + + wolfSSL_CTX_set_default_passwd_cb(ctx, tls_passwd_cb); + wolfSSL_CTX_set_default_passwd_cb_userdata(ctx, passwd); + + if (private_key_blob) { + if (wolfSSL_use_PrivateKey_buffer(conn->ssl, + private_key_blob, blob_len, + SSL_FILETYPE_ASN1) < 0) { + wpa_printf(MSG_INFO, + "SSL: use private DER blob failed"); + } else { + wpa_printf(MSG_DEBUG, "SSL: use private key blob OK"); + ok = 1; + } + } + + if (!ok && private_key) { + if (wolfSSL_use_PrivateKey_file(conn->ssl, private_key, + SSL_FILETYPE_PEM) < 0) { + wpa_printf(MSG_INFO, + "SSL: use private key PEM file failed"); + if (wolfSSL_use_PrivateKey_file(conn->ssl, private_key, + SSL_FILETYPE_ASN1) < 0) + { + wpa_printf(MSG_INFO, + "SSL: use private key DER file failed"); + } else { + ok = 1; + } + } else { + ok = 1; + } + + if (ok) + wpa_printf(MSG_DEBUG, "SSL: use private key file OK"); + } + + wolfSSL_CTX_set_default_passwd_cb(ctx, NULL); + os_free(passwd); + + if (!ok) + return -1; + + return 0; +} + + +static int tls_match_alt_subject_component(WOLFSSL_X509 *cert, int type, + const char *value, size_t len) +{ + WOLFSSL_ASN1_OBJECT *gen; + void *ext; + int found = 0; + int i; + + ext = wolfSSL_X509_get_ext_d2i(cert, ALT_NAMES_OID, NULL, NULL); + + for (i = 0; ext && i < wolfSSL_sk_num(ext); i++) { + gen = wolfSSL_sk_value(ext, i); + if (gen->type != type) + continue; + if (os_strlen((char *) gen->obj) == len && + os_memcmp(value, gen->obj, len) == 0) + found++; + } + + wolfSSL_sk_ASN1_OBJECT_free(ext); + + return found; +} + + +static int tls_match_alt_subject(WOLFSSL_X509 *cert, const char *match) +{ + int type; + const char *pos, *end; + size_t len; + + pos = match; + do { + if (os_strncmp(pos, "EMAIL:", 6) == 0) { + type = GEN_EMAIL; + pos += 6; + } else if (os_strncmp(pos, "DNS:", 4) == 0) { + type = GEN_DNS; + pos += 4; + } else if (os_strncmp(pos, "URI:", 4) == 0) { + type = GEN_URI; + pos += 4; + } else { + wpa_printf(MSG_INFO, + "TLS: Invalid altSubjectName match '%s'", + pos); + return 0; + } + end = os_strchr(pos, ';'); + while (end) { + if (os_strncmp(end + 1, "EMAIL:", 6) == 0 || + os_strncmp(end + 1, "DNS:", 4) == 0 || + os_strncmp(end + 1, "URI:", 4) == 0) + break; + end = os_strchr(end + 1, ';'); + } + if (end) + len = end - pos; + else + len = os_strlen(pos); + if (tls_match_alt_subject_component(cert, type, pos, len) > 0) + return 1; + pos = end + 1; + } while (end); + + return 0; +} + + +static int domain_suffix_match(const char *val, size_t len, const char *match, + int full) +{ + size_t i, match_len; + + /* Check for embedded nuls that could mess up suffix matching */ + for (i = 0; i < len; i++) { + if (val[i] == '\0') { + wpa_printf(MSG_DEBUG, + "TLS: Embedded null in a string - reject"); + return 0; + } + } + + match_len = os_strlen(match); + if (match_len > len || (full && match_len != len)) + return 0; + + if (os_strncasecmp(val + len - match_len, match, match_len) != 0) + return 0; /* no match */ + + if (match_len == len) + return 1; /* exact match */ + + if (val[len - match_len - 1] == '.') + return 1; /* full label match completes suffix match */ + + wpa_printf(MSG_DEBUG, "TLS: Reject due to incomplete label match"); + return 0; +} + + +static int tls_match_suffix(WOLFSSL_X509 *cert, const char *match, int full) +{ + WOLFSSL_ASN1_OBJECT *gen; + void *ext; + int i; + int j; + int dns_name = 0; + WOLFSSL_X509_NAME *name; + + wpa_printf(MSG_DEBUG, "TLS: Match domain against %s%s", + full ? "" : "suffix ", match); + + ext = wolfSSL_X509_get_ext_d2i(cert, ALT_NAMES_OID, NULL, NULL); + + for (j = 0; ext && j < wolfSSL_sk_num(ext); j++) { + gen = wolfSSL_sk_value(ext, j); + if (gen->type != ALT_NAMES_OID) + continue; + dns_name++; + wpa_hexdump_ascii(MSG_DEBUG, "TLS: Certificate dNSName", + gen->obj, os_strlen((char *)gen->obj)); + if (domain_suffix_match((const char *) gen->obj, + os_strlen((char *) gen->obj), match, + full) == 1) { + wpa_printf(MSG_DEBUG, "TLS: %s in dNSName found", + full ? "Match" : "Suffix match"); + wolfSSL_sk_ASN1_OBJECT_free(ext); + return 1; + } + } + wolfSSL_sk_ASN1_OBJECT_free(ext); + + if (dns_name) { + wpa_printf(MSG_DEBUG, "TLS: None of the dNSName(s) matched"); + return 0; + } + + name = wolfSSL_X509_get_subject_name(cert); + i = -1; + for (;;) { + WOLFSSL_X509_NAME_ENTRY *e; + WOLFSSL_ASN1_STRING *cn; + + i = wolfSSL_X509_NAME_get_index_by_NID(name, ASN_COMMON_NAME, + i); + if (i == -1) + break; + e = wolfSSL_X509_NAME_get_entry(name, i); + if (!e) + continue; + cn = wolfSSL_X509_NAME_ENTRY_get_data(e); + if (!cn) + continue; + wpa_hexdump_ascii(MSG_DEBUG, "TLS: Certificate commonName", + cn->data, cn->length); + if (domain_suffix_match(cn->data, cn->length, match, full) == 1) + { + wpa_printf(MSG_DEBUG, "TLS: %s in commonName found", + full ? "Match" : "Suffix match"); + return 1; + } + } + + wpa_printf(MSG_DEBUG, "TLS: No CommonName %smatch found", + full ? "" : "suffix "); + return 0; +} + + +static enum tls_fail_reason wolfssl_tls_fail_reason(int err) +{ + switch (err) { + case X509_V_ERR_CERT_REVOKED: + return TLS_FAIL_REVOKED; + case ASN_BEFORE_DATE_E: + case X509_V_ERR_CERT_NOT_YET_VALID: + case X509_V_ERR_CRL_NOT_YET_VALID: + return TLS_FAIL_NOT_YET_VALID; + case ASN_AFTER_DATE_E: + case X509_V_ERR_CERT_HAS_EXPIRED: + case X509_V_ERR_CRL_HAS_EXPIRED: + return TLS_FAIL_EXPIRED; + case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: + case X509_V_ERR_UNABLE_TO_GET_CRL: + case X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER: + case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: + case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: + case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: + case X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE: + case X509_V_ERR_CERT_CHAIN_TOO_LONG: + case X509_V_ERR_PATH_LENGTH_EXCEEDED: + case X509_V_ERR_INVALID_CA: + return TLS_FAIL_UNTRUSTED; + case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: + case X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE: + case X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY: + case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: + case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: + case X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD: + case X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD: + case X509_V_ERR_CERT_UNTRUSTED: + case X509_V_ERR_CERT_REJECTED: + return TLS_FAIL_BAD_CERTIFICATE; + default: + return TLS_FAIL_UNSPECIFIED; + } +} + + +static const char * wolfssl_tls_err_string(int err, const char *err_str) +{ + switch (err) { + case ASN_BEFORE_DATE_E: + return "certificate is not yet valid"; + case ASN_AFTER_DATE_E: + return "certificate has expired"; + default: + return err_str; + } +} + + +static struct wpabuf * get_x509_cert(WOLFSSL_X509 *cert) +{ + struct wpabuf *buf = NULL; + const u8 *data; + int cert_len; + + data = wolfSSL_X509_get_der(cert, &cert_len); + if (!data) + buf = wpabuf_alloc_copy(data, cert_len); + + return buf; +} + + +static void wolfssl_tls_fail_event(struct tls_connection *conn, + WOLFSSL_X509 *err_cert, int err, int depth, + const char *subject, const char *err_str, + enum tls_fail_reason reason) +{ + union tls_event_data ev; + struct wpabuf *cert = NULL; + struct tls_context *context = conn->context; + + if (!context->event_cb) + return; + + cert = get_x509_cert(err_cert); + os_memset(&ev, 0, sizeof(ev)); + ev.cert_fail.reason = reason != TLS_FAIL_UNSPECIFIED ? + reason : wolfssl_tls_fail_reason(err); + ev.cert_fail.depth = depth; + ev.cert_fail.subject = subject; + ev.cert_fail.reason_txt = wolfssl_tls_err_string(err, err_str); + ev.cert_fail.cert = cert; + context->event_cb(context->cb_ctx, TLS_CERT_CHAIN_FAILURE, &ev); + wpabuf_free(cert); +} + + +static void wolfssl_tls_cert_event(struct tls_connection *conn, + WOLFSSL_X509 *err_cert, int depth, + const char *subject) +{ + struct wpabuf *cert = NULL; + union tls_event_data ev; + struct tls_context *context = conn->context; + char *alt_subject[TLS_MAX_ALT_SUBJECT]; + int alt, num_alt_subject = 0; + WOLFSSL_ASN1_OBJECT *gen; + void *ext; + int i; +#ifdef CONFIG_SHA256 + u8 hash[32]; +#endif /* CONFIG_SHA256 */ + + if (!context->event_cb) + return; + + os_memset(&ev, 0, sizeof(ev)); + if (conn->cert_probe || (conn->flags & TLS_CONN_EXT_CERT_CHECK) || + context->cert_in_cb) { + cert = get_x509_cert(err_cert); + ev.peer_cert.cert = cert; + } + +#ifdef CONFIG_SHA256 + if (cert) { + const u8 *addr[1]; + size_t len[1]; + + addr[0] = wpabuf_head(cert); + len[0] = wpabuf_len(cert); + if (sha256_vector(1, addr, len, hash) == 0) { + ev.peer_cert.hash = hash; + ev.peer_cert.hash_len = sizeof(hash); + } + } +#endif /* CONFIG_SHA256 */ + + ev.peer_cert.depth = depth; + ev.peer_cert.subject = subject; + + ext = wolfSSL_X509_get_ext_d2i(err_cert, ALT_NAMES_OID, NULL, NULL); + for (i = 0; ext && i < wolfSSL_sk_num(ext); i++) { + char *pos; + + if (num_alt_subject == TLS_MAX_ALT_SUBJECT) + break; + gen = wolfSSL_sk_value((void *) ext, i); + if (gen->type != GEN_EMAIL && + gen->type != GEN_DNS && + gen->type != GEN_URI) + continue; + + pos = os_malloc(10 + os_strlen((char *) gen->obj) + 1); + if (!pos) + break; + alt_subject[num_alt_subject++] = pos; + + switch (gen->type) { + case GEN_EMAIL: + os_memcpy(pos, "EMAIL:", 6); + pos += 6; + break; + case GEN_DNS: + os_memcpy(pos, "DNS:", 4); + pos += 4; + break; + case GEN_URI: + os_memcpy(pos, "URI:", 4); + pos += 4; + break; + } + + os_memcpy(pos, gen->obj, os_strlen((char *)gen->obj)); + pos += os_strlen((char *)gen->obj); + *pos = '\0'; + } + wolfSSL_sk_ASN1_OBJECT_free(ext); + + for (alt = 0; alt < num_alt_subject; alt++) + ev.peer_cert.altsubject[alt] = alt_subject[alt]; + ev.peer_cert.num_altsubject = num_alt_subject; + + context->event_cb(context->cb_ctx, TLS_PEER_CERTIFICATE, &ev); + wpabuf_free(cert); + for (alt = 0; alt < num_alt_subject; alt++) + os_free(alt_subject[alt]); +} + + +static int tls_verify_cb(int preverify_ok, WOLFSSL_X509_STORE_CTX *x509_ctx) +{ + char buf[256]; + WOLFSSL_X509 *err_cert; + int err, depth; + WOLFSSL *ssl; + struct tls_connection *conn; + struct tls_context *context; + char *match, *altmatch, *suffix_match, *domain_match; + const char *err_str; + + err_cert = wolfSSL_X509_STORE_CTX_get_current_cert(x509_ctx); + if (!err_cert) { + wpa_printf(MSG_DEBUG, "wolfSSL: No Cert"); + return 0; + } + + err = wolfSSL_X509_STORE_CTX_get_error(x509_ctx); + depth = wolfSSL_X509_STORE_CTX_get_error_depth(x509_ctx); + ssl = wolfSSL_X509_STORE_CTX_get_ex_data( + x509_ctx, wolfSSL_get_ex_data_X509_STORE_CTX_idx()); + wolfSSL_X509_NAME_oneline(wolfSSL_X509_get_subject_name(err_cert), buf, + sizeof(buf)); + + conn = wolfSSL_get_ex_data(ssl, 0); + if (!conn) { + wpa_printf(MSG_DEBUG, "wolfSSL: No ex_data"); + return 0; + } + + if (depth == 0) + conn->peer_cert = err_cert; + else if (depth == 1) + conn->peer_issuer = err_cert; + else if (depth == 2) + conn->peer_issuer_issuer = err_cert; + + context = conn->context; + match = conn->subject_match; + altmatch = conn->alt_subject_match; + suffix_match = conn->suffix_match; + domain_match = conn->domain_match; + + if (!preverify_ok && !conn->ca_cert_verify) + preverify_ok = 1; + if (!preverify_ok && depth > 0 && conn->server_cert_only) + preverify_ok = 1; + if (!preverify_ok && (conn->flags & TLS_CONN_DISABLE_TIME_CHECKS) && + (err == X509_V_ERR_CERT_HAS_EXPIRED || + err == ASN_AFTER_DATE_E || err == ASN_BEFORE_DATE_E || + err == X509_V_ERR_CERT_NOT_YET_VALID)) { + wpa_printf(MSG_DEBUG, + "wolfSSL: Ignore certificate validity time mismatch"); + preverify_ok = 1; + } + + err_str = wolfSSL_X509_verify_cert_error_string(err); + +#ifdef CONFIG_SHA256 + /* + * Do not require preverify_ok so we can explicity allow otherwise + * invalid pinned server certificates. + */ + if (depth == 0 && conn->server_cert_only) { + struct wpabuf *cert; + + cert = get_x509_cert(err_cert); + if (!cert) { + wpa_printf(MSG_DEBUG, + "wolfSSL: Could not fetch server certificate data"); + preverify_ok = 0; + } else { + u8 hash[32]; + const u8 *addr[1]; + size_t len[1]; + + addr[0] = wpabuf_head(cert); + len[0] = wpabuf_len(cert); + if (sha256_vector(1, addr, len, hash) < 0 || + os_memcmp(conn->srv_cert_hash, hash, 32) != 0) { + err_str = "Server certificate mismatch"; + err = X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN; + preverify_ok = 0; + } else if (!preverify_ok) { + /* + * Certificate matches pinned certificate, allow + * regardless of other problems. + */ + wpa_printf(MSG_DEBUG, + "wolfSSL: Ignore validation issues for a pinned server certificate"); + preverify_ok = 1; + } + wpabuf_free(cert); + } + } +#endif /* CONFIG_SHA256 */ + + if (!preverify_ok) { + wpa_printf(MSG_WARNING, + "TLS: Certificate verification failed, error %d (%s) depth %d for '%s'", + err, err_str, depth, buf); + wolfssl_tls_fail_event(conn, err_cert, err, depth, buf, + err_str, TLS_FAIL_UNSPECIFIED); + return preverify_ok; + } + + wpa_printf(MSG_DEBUG, + "TLS: %s - preverify_ok=%d err=%d (%s) ca_cert_verify=%d depth=%d buf='%s'", + __func__, preverify_ok, err, err_str, + conn->ca_cert_verify, depth, buf); + if (depth == 0 && match && os_strstr(buf, match) == NULL) { + wpa_printf(MSG_WARNING, + "TLS: Subject '%s' did not match with '%s'", + buf, match); + preverify_ok = 0; + wolfssl_tls_fail_event(conn, err_cert, err, depth, buf, + "Subject mismatch", + TLS_FAIL_SUBJECT_MISMATCH); + } else if (depth == 0 && altmatch && + !tls_match_alt_subject(err_cert, altmatch)) { + wpa_printf(MSG_WARNING, + "TLS: altSubjectName match '%s' not found", + altmatch); + preverify_ok = 0; + wolfssl_tls_fail_event(conn, err_cert, err, depth, buf, + "AltSubject mismatch", + TLS_FAIL_ALTSUBJECT_MISMATCH); + } else if (depth == 0 && suffix_match && + !tls_match_suffix(err_cert, suffix_match, 0)) { + wpa_printf(MSG_WARNING, + "TLS: Domain suffix match '%s' not found", + suffix_match); + preverify_ok = 0; + wolfssl_tls_fail_event(conn, err_cert, err, depth, buf, + "Domain suffix mismatch", + TLS_FAIL_DOMAIN_SUFFIX_MISMATCH); + } else if (depth == 0 && domain_match && + !tls_match_suffix(err_cert, domain_match, 1)) { + wpa_printf(MSG_WARNING, "TLS: Domain match '%s' not found", + domain_match); + preverify_ok = 0; + wolfssl_tls_fail_event(conn, err_cert, err, depth, buf, + "Domain mismatch", + TLS_FAIL_DOMAIN_MISMATCH); + } else { + wolfssl_tls_cert_event(conn, err_cert, depth, buf); + } + + if (conn->cert_probe && preverify_ok && depth == 0) { + wpa_printf(MSG_DEBUG, + "wolfSSL: Reject server certificate on probe-only run"); + preverify_ok = 0; + wolfssl_tls_fail_event(conn, err_cert, err, depth, buf, + "Server certificate chain probe", + TLS_FAIL_SERVER_CHAIN_PROBE); + } + +#ifdef HAVE_OCSP_WOLFSSL + if (depth == 0 && (conn->flags & TLS_CONN_REQUEST_OCSP) && + preverify_ok) { + enum ocsp_result res; + + res = check_ocsp_resp(conn->ssl_ctx, conn->ssl, err_cert, + conn->peer_issuer, + conn->peer_issuer_issuer); + if (res == OCSP_REVOKED) { + preverify_ok = 0; + wolfssl_tls_fail_event(conn, err_cert, err, depth, buf, + "certificate revoked", + TLS_FAIL_REVOKED); + if (err == X509_V_OK) + X509_STORE_CTX_set_error( + x509_ctx, X509_V_ERR_CERT_REVOKED); + } else if (res != OCSP_GOOD && + (conn->flags & TLS_CONN_REQUIRE_OCSP)) { + preverify_ok = 0; + wolfssl_tls_fail_event(conn, err_cert, err, depth, buf, + "bad certificate status response", + TLS_FAIL_UNSPECIFIED); + } + } +#endif /* HAVE_OCSP_WOLFSSL */ + if (depth == 0 && preverify_ok && context->event_cb != NULL) + context->event_cb(context->cb_ctx, + TLS_CERT_CHAIN_SUCCESS, NULL); + + return preverify_ok; +} + + +static int tls_connection_ca_cert(void *tls_ctx, struct tls_connection *conn, + const char *ca_cert, + const u8 *ca_cert_blob, size_t blob_len, + const char *ca_path) +{ + WOLFSSL_CTX *ctx = tls_ctx; + + wolfSSL_set_verify(conn->ssl, SSL_VERIFY_PEER, tls_verify_cb); + conn->ca_cert_verify = 1; + + if (ca_cert && os_strncmp(ca_cert, "probe://", 8) == 0) { + wpa_printf(MSG_DEBUG, + "wolfSSL: Probe for server certificate chain"); + conn->cert_probe = 1; + conn->ca_cert_verify = 0; + return 0; + } + + if (ca_cert && os_strncmp(ca_cert, "hash://", 7) == 0) { +#ifdef CONFIG_SHA256 + const char *pos = ca_cert + 7; + + if (os_strncmp(pos, "server/sha256/", 14) != 0) { + wpa_printf(MSG_DEBUG, + "wolfSSL: Unsupported ca_cert hash value '%s'", + ca_cert); + return -1; + } + pos += 14; + if (os_strlen(pos) != 32 * 2) { + wpa_printf(MSG_DEBUG, + "wolfSSL: Unexpected SHA256 hash length in ca_cert '%s'", + ca_cert); + return -1; + } + if (hexstr2bin(pos, conn->srv_cert_hash, 32) < 0) { + wpa_printf(MSG_DEBUG, + "wolfSSL: Invalid SHA256 hash value in ca_cert '%s'", + ca_cert); + return -1; + } + conn->server_cert_only = 1; + wpa_printf(MSG_DEBUG, + "wolfSSL: Checking only server certificate match"); + return 0; +#else /* CONFIG_SHA256 */ + wpa_printf(MSG_INFO, + "No SHA256 included in the build - cannot validate server certificate hash"); + return -1; +#endif /* CONFIG_SHA256 */ + } + + if (ca_cert_blob) { + if (wolfSSL_CTX_load_verify_buffer(ctx, ca_cert_blob, blob_len, + SSL_FILETYPE_ASN1) != + SSL_SUCCESS) { + wpa_printf(MSG_INFO, "SSL: failed to load CA blob"); + return -1; + } + wpa_printf(MSG_DEBUG, "SSL: use CA cert blob OK"); + return 0; + } + + if (ca_cert || ca_path) { + WOLFSSL_X509_STORE *cm = wolfSSL_X509_STORE_new(); + + if (!cm) { + wpa_printf(MSG_INFO, + "SSL: failed to create certificate store"); + return -1; + } + wolfSSL_CTX_set_cert_store(ctx, cm); + + if (wolfSSL_CTX_load_verify_locations(ctx, ca_cert, ca_path) != + SSL_SUCCESS) { + wpa_printf(MSG_INFO, + "SSL: failed to load ca_cert as PEM"); + + if (!ca_cert) + return -1; + + if (wolfSSL_CTX_der_load_verify_locations( + ctx, ca_cert, SSL_FILETYPE_ASN1) != + SSL_SUCCESS) { + wpa_printf(MSG_INFO, + "SSL: failed to load ca_cert as DER"); + return -1; + } + } + return 0; + } + + conn->ca_cert_verify = 0; + return 0; +} + + +static void tls_set_conn_flags(WOLFSSL *ssl, unsigned int flags) +{ +#ifdef HAVE_SESSION_TICKET +#if 0 + if (!(flags & TLS_CONN_DISABLE_SESSION_TICKET)) + wolfSSL_UseSessionTicket(ssl); +#endif +#endif /* HAVE_SESSION_TICKET */ + + if (flags & TLS_CONN_DISABLE_TLSv1_0) + wolfSSL_set_options(ssl, SSL_OP_NO_TLSv1); + if (flags & TLS_CONN_DISABLE_TLSv1_1) + wolfSSL_set_options(ssl, SSL_OP_NO_TLSv1_1); + if (flags & TLS_CONN_DISABLE_TLSv1_2) + wolfSSL_set_options(ssl, SSL_OP_NO_TLSv1_2); +} + + +int tls_connection_set_params(void *tls_ctx, struct tls_connection *conn, + const struct tls_connection_params *params) +{ + wpa_printf(MSG_DEBUG, "SSL: set params"); + + if (tls_connection_set_subject_match(conn, params->subject_match, + params->altsubject_match, + params->suffix_match, + params->domain_match) < 0) { + wpa_printf(MSG_INFO, "Error setting subject match"); + return -1; + } + + if (tls_connection_ca_cert(tls_ctx, conn, params->ca_cert, + params->ca_cert_blob, + params->ca_cert_blob_len, + params->ca_path) < 0) { + wpa_printf(MSG_INFO, "Error setting CA cert"); + return -1; + } + + if (tls_connection_client_cert(conn, params->client_cert, + params->client_cert_blob, + params->client_cert_blob_len) < 0) { + wpa_printf(MSG_INFO, "Error setting client cert"); + return -1; + } + + if (tls_connection_private_key(tls_ctx, conn, params->private_key, + params->private_key_passwd, + params->private_key_blob, + params->private_key_blob_len) < 0) { + wpa_printf(MSG_INFO, "Error setting private key"); + return -1; + } + + if (tls_connection_dh(conn, params->dh_file, params->dh_blob, + params->dh_blob_len) < 0) { + wpa_printf(MSG_INFO, "Error setting DH"); + return -1; + } + + if (params->openssl_ciphers && + wolfSSL_set_cipher_list(conn->ssl, params->openssl_ciphers) != 1) { + wpa_printf(MSG_INFO, + "wolfSSL: Failed to set cipher string '%s'", + params->openssl_ciphers); + return -1; + } + + tls_set_conn_flags(conn->ssl, params->flags); + +#ifdef HAVE_CERTIFICATE_STATUS_REQUEST + if (params->flags & TLS_CONN_REQUEST_OCSP) { + if (wolfSSL_UseOCSPStapling(conn->ssl, WOLFSSL_CSR_OCSP, + WOLFSSL_CSR_OCSP_USE_NONCE) != + SSL_SUCCESS) + return -1; + wolfSSL_CTX_EnableOCSP(tls_ctx, 0); + } +#endif /* HAVE_CERTIFICATE_STATUS_REQUEST */ +#ifdef HAVE_CERTIFICATE_STATUS_REQUEST_V2 + if (params->flags & TLS_CONN_REQUEST_OCSP) { + if (wolfSSL_UseOCSPStaplingV2(conn->ssl, + WOLFSSL_CSR2_OCSP_MULTI, 0) != + SSL_SUCCESS) + return -1; + wolfSSL_CTX_EnableOCSP(tls_ctx, 0); + } +#endif /* HAVE_CERTIFICATE_STATUS_REQUEST_V2 */ +#if !defined(HAVE_CERTIFICATE_STATUS_REQUEST) && \ + !defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2) +#ifdef HAVE_OCSP + if (params->flags & TLS_CONN_REQUEST_OCSP) + wolfSSL_CTX_EnableOCSP(ctx, 0); +#else /* HAVE_OCSP */ + if (params->flags & TLS_CONN_REQUIRE_OCSP) { + wpa_printf(MSG_INFO, + "wolfSSL: No OCSP support included - reject configuration"); + return -1; + } + if (params->flags & TLS_CONN_REQUEST_OCSP) { + wpa_printf(MSG_DEBUG, + "wolfSSL: No OCSP support included - allow optional OCSP case to continue"); + } +#endif /* HAVE_OCSP */ +#endif /* !HAVE_CERTIFICATE_STATUS_REQUEST && + * !HAVE_CERTIFICATE_STATUS_REQUEST_V2 */ + + conn->flags = params->flags; + + return 0; +} + + +static int tls_global_ca_cert(void *ssl_ctx, const char *ca_cert) +{ + WOLFSSL_CTX *ctx = ssl_ctx; + + if (ca_cert) { + if (wolfSSL_CTX_load_verify_locations(ctx, ca_cert, NULL) != 1) + { + wpa_printf(MSG_WARNING, + "Failed to load root certificates"); + return -1; + } + + wpa_printf(MSG_DEBUG, + "TLS: Trusted root certificate(s) loaded"); + } + + return 0; +} + + +static int tls_global_client_cert(void *ssl_ctx, const char *client_cert) +{ + WOLFSSL_CTX *ctx = ssl_ctx; + + if (!client_cert) + return 0; + + if (wolfSSL_CTX_use_certificate_chain_file_format(ctx, client_cert, + SSL_FILETYPE_ASN1) != + SSL_SUCCESS && + wolfSSL_CTX_use_certificate_chain_file(ctx, client_cert) != + SSL_SUCCESS) { + wpa_printf(MSG_INFO, "Failed to load client certificate"); + return -1; + } + + wpa_printf(MSG_DEBUG, "SSL: Loaded global client certificate: %s", + client_cert); + + return 0; +} + + +static int tls_global_private_key(void *ssl_ctx, const char *private_key, + const char *private_key_passwd) +{ + WOLFSSL_CTX *ctx = ssl_ctx; + char *passwd = NULL; + int ret = 0; + + if (!private_key) + return 0; + + if (private_key_passwd) { + passwd = os_strdup(private_key_passwd); + if (!passwd) + return -1; + } + + wolfSSL_CTX_set_default_passwd_cb(ctx, tls_passwd_cb); + wolfSSL_CTX_set_default_passwd_cb_userdata(ctx, passwd); + + if (wolfSSL_CTX_use_PrivateKey_file(ctx, private_key, + SSL_FILETYPE_ASN1) != 1 && + wolfSSL_CTX_use_PrivateKey_file(ctx, private_key, + SSL_FILETYPE_PEM) != 1) { + wpa_printf(MSG_INFO, "Failed to load private key"); + ret = -1; + } + + wpa_printf(MSG_DEBUG, "SSL: Loaded global private key"); + + os_free(passwd); + wolfSSL_CTX_set_default_passwd_cb(ctx, NULL); + + return ret; +} + + +static int tls_global_dh(void *ssl_ctx, const char *dh_file, + const u8 *dh_blob, size_t blob_len) +{ + WOLFSSL_CTX *ctx = ssl_ctx; + + if (!dh_file && !dh_blob) + return 0; + + if (dh_blob) { + if (wolfSSL_CTX_SetTmpDH_buffer(ctx, dh_blob, blob_len, + SSL_FILETYPE_ASN1) < 0) { + wpa_printf(MSG_INFO, + "SSL: global use DH DER blob failed"); + return -1; + } + wpa_printf(MSG_DEBUG, "SSL: global use DH blob OK"); + return 0; + } + + if (dh_file) { + if (wolfSSL_CTX_SetTmpDH_file(ctx, dh_file, SSL_FILETYPE_PEM) < + 0) { + wpa_printf(MSG_INFO, + "SSL: global use DH PEM file failed"); + if (wolfSSL_CTX_SetTmpDH_file(ctx, dh_file, + SSL_FILETYPE_ASN1) < 0) { + wpa_printf(MSG_INFO, + "SSL: global use DH DER file failed"); + return -1; + } + } + wpa_printf(MSG_DEBUG, "SSL: global use DH file OK"); + return 0; + } + + return 0; +} + + +#ifdef HAVE_OCSP + +int ocsp_status_cb(void *unused, const char *url, int url_sz, + unsigned char *request, int request_sz, + unsigned char **response) +{ + size_t len; + + (void) unused; + + if (!url) { + wpa_printf(MSG_DEBUG, + "wolfSSL: OCSP status callback - no response configured"); + *response = NULL; + return 0; + } + + *response = (unsigned char *) os_readfile(url, &len); + if (!*response) { + wpa_printf(MSG_DEBUG, + "wolfSSL: OCSP status callback - could not read response file"); + return -1; + } + wpa_printf(MSG_DEBUG, + "wolfSSL: OCSP status callback - send cached response"); + return len; +} + + +void ocsp_resp_free_cb(void *ocsp_stapling_response, unsigned char *response) +{ + os_free(response); +} + +#endif /* HAVE_OCSP */ + + +int tls_global_set_params(void *tls_ctx, + const struct tls_connection_params *params) +{ + wpa_printf(MSG_DEBUG, "SSL: global set params"); + + if (tls_global_ca_cert(tls_ctx, params->ca_cert) < 0) { + wpa_printf(MSG_INFO, "SSL: Failed to load ca cert file '%s'", + params->ca_cert); + return -1; + } + + if (tls_global_client_cert(tls_ctx, params->client_cert) < 0) { + wpa_printf(MSG_INFO, + "SSL: Failed to load client cert file '%s'", + params->client_cert); + return -1; + } + + if (tls_global_private_key(tls_ctx, params->private_key, + params->private_key_passwd) < 0) { + wpa_printf(MSG_INFO, + "SSL: Failed to load private key file '%s'", + params->private_key); + return -1; + } + + if (tls_global_dh(tls_ctx, params->dh_file, params->dh_blob, + params->dh_blob_len) < 0) { + wpa_printf(MSG_INFO, "SSL: Failed to load DH file '%s'", + params->dh_file); + return -1; + } + + if (params->openssl_ciphers && + wolfSSL_CTX_set_cipher_list(tls_ctx, + params->openssl_ciphers) != 1) { + wpa_printf(MSG_INFO, + "wolfSSL: Failed to set cipher string '%s'", + params->openssl_ciphers); + return -1; + } + +#ifdef HAVE_SESSION_TICKET + /* Session ticket is off by default - can't disable once on. */ + if (!(params->flags & TLS_CONN_DISABLE_SESSION_TICKET)) + wolfSSL_CTX_UseSessionTicket(tls_ctx); +#endif /* HAVE_SESSION_TICKET */ + +#ifdef HAVE_OCSP + if (params->ocsp_stapling_response) { + wolfSSL_CTX_SetOCSP_OverrideURL(tls_ctx, + params->ocsp_stapling_response); + wolfSSL_CTX_SetOCSP_Cb(tls_ctx, ocsp_status_cb, + ocsp_resp_free_cb, NULL); + } +#endif /* HAVE_OCSP */ + + return 0; +} + + +int tls_global_set_verify(void *tls_ctx, int check_crl) +{ + wpa_printf(MSG_DEBUG, "SSL: global set verify: %d", check_crl); + + if (check_crl) { + /* Hack to Enable CRLs. */ + wolfSSL_CTX_LoadCRLBuffer(tls_ctx, NULL, 0, SSL_FILETYPE_PEM); + } + + return 0; +} + + +int tls_connection_set_verify(void *ssl_ctx, struct tls_connection *conn, + int verify_peer, unsigned int flags, + const u8 *session_ctx, size_t session_ctx_len) +{ + if (!conn) + return -1; + + wpa_printf(MSG_DEBUG, "SSL: set verify: %d", verify_peer); + + if (verify_peer) { + conn->ca_cert_verify = 1; + wolfSSL_set_verify(conn->ssl, SSL_VERIFY_PEER | + SSL_VERIFY_FAIL_IF_NO_PEER_CERT, + tls_verify_cb); + } else { + conn->ca_cert_verify = 0; + wolfSSL_set_verify(conn->ssl, SSL_VERIFY_NONE, NULL); + } + + wolfSSL_set_accept_state(conn->ssl); + + /* TODO: do we need to fake a session like OpenSSL does here? */ + + return 0; +} + + +static struct wpabuf * wolfssl_handshake(struct tls_connection *conn, + const struct wpabuf *in_data, + int server) +{ + int res; + + wolfssl_reset_out_data(&conn->output); + + /* Initiate TLS handshake or continue the existing handshake */ + if (server) { + wolfSSL_set_accept_state(conn->ssl); + res = wolfSSL_accept(conn->ssl); + wpa_printf(MSG_DEBUG, "SSL: wolfSSL_accept: %d", res); + } else { + wolfSSL_set_connect_state(conn->ssl); + res = wolfSSL_connect(conn->ssl); + wpa_printf(MSG_DEBUG, "SSL: wolfSSL_connect: %d", res); + } + + if (res != 1) { + int err = wolfSSL_get_error(conn->ssl, res); + + if (err == SSL_ERROR_WANT_READ) { + wpa_printf(MSG_DEBUG, + "SSL: wolfSSL_connect - want more data"); + } else if (err == SSL_ERROR_WANT_WRITE) { + wpa_printf(MSG_DEBUG, + "SSL: wolfSSL_connect - want to write"); + } else { + char msg[80]; + + wpa_printf(MSG_DEBUG, + "SSL: wolfSSL_connect - failed %s", + wolfSSL_ERR_error_string(err, msg)); + conn->failed++; + } + } + + return conn->output.out_data; +} + + +static struct wpabuf * wolfssl_get_appl_data(struct tls_connection *conn, + size_t max_len) +{ + int res; + struct wpabuf *appl_data = wpabuf_alloc(max_len + 100); + + if (!appl_data) + return NULL; + + res = wolfSSL_read(conn->ssl, wpabuf_mhead(appl_data), + wpabuf_size(appl_data)); + if (res < 0) { + int err = wolfSSL_get_error(conn->ssl, res); + + if (err == SSL_ERROR_WANT_READ || err == SSL_ERROR_WANT_WRITE) { + wpa_printf(MSG_DEBUG, + "SSL: No Application Data included"); + } else { + char msg[80]; + + wpa_printf(MSG_DEBUG, + "Failed to read possible Application Data %s", + wolfSSL_ERR_error_string(err, msg)); + } + + wpabuf_free(appl_data); + return NULL; + } + + wpabuf_put(appl_data, res); + wpa_hexdump_buf_key(MSG_MSGDUMP, + "SSL: Application Data in Finished message", + appl_data); + return appl_data; +} + + +static struct wpabuf * +wolfssl_connection_handshake(struct tls_connection *conn, + const struct wpabuf *in_data, + struct wpabuf **appl_data, int server) +{ + struct wpabuf *out_data; + + wolfssl_reset_in_data(&conn->input, in_data); + + if (appl_data) + *appl_data = NULL; + + out_data = wolfssl_handshake(conn, in_data, server); + if (!out_data) + return NULL; + + if (wolfSSL_is_init_finished(conn->ssl)) { + wpa_printf(MSG_DEBUG, + "wolfSSL: Handshake finished - resumed=%d", + tls_connection_resumed(NULL, conn)); + if (appl_data && in_data) + *appl_data = wolfssl_get_appl_data(conn, + wpabuf_len(in_data)); + } + + return out_data; +} + + +struct wpabuf * tls_connection_handshake(void *tls_ctx, + struct tls_connection *conn, + const struct wpabuf *in_data, + struct wpabuf **appl_data) +{ + return wolfssl_connection_handshake(conn, in_data, appl_data, 0); +} + + +struct wpabuf * tls_connection_server_handshake(void *tls_ctx, + struct tls_connection *conn, + const struct wpabuf *in_data, + struct wpabuf **appl_data) +{ + return wolfssl_connection_handshake(conn, in_data, appl_data, 1); +} + + +struct wpabuf * tls_connection_encrypt(void *tls_ctx, + struct tls_connection *conn, + const struct wpabuf *in_data) +{ + int res; + + if (!conn) + return NULL; + + wpa_printf(MSG_DEBUG, "SSL: encrypt: %ld bytes", wpabuf_len(in_data)); + + wolfssl_reset_out_data(&conn->output); + + res = wolfSSL_write(conn->ssl, wpabuf_head(in_data), + wpabuf_len(in_data)); + if (res < 0) { + int err = wolfSSL_get_error(conn->ssl, res); + char msg[80]; + + wpa_printf(MSG_INFO, "Encryption failed - SSL_write: %s", + wolfSSL_ERR_error_string(err, msg)); + return NULL; + } + + return conn->output.out_data; +} + + +struct wpabuf * tls_connection_decrypt(void *tls_ctx, + struct tls_connection *conn, + const struct wpabuf *in_data) +{ + int res; + struct wpabuf *buf; + + if (!conn) + return NULL; + + wpa_printf(MSG_DEBUG, "SSL: decrypt"); + + wolfssl_reset_in_data(&conn->input, in_data); + + /* Read decrypted data for further processing */ + /* + * Even though we try to disable TLS compression, it is possible that + * this cannot be done with all TLS libraries. Add extra buffer space + * to handle the possibility of the decrypted data being longer than + * input data. + */ + buf = wpabuf_alloc((wpabuf_len(in_data) + 500) * 3); + if (!buf) + return NULL; + res = wolfSSL_read(conn->ssl, wpabuf_mhead(buf), wpabuf_size(buf)); + if (res < 0) { + wpa_printf(MSG_INFO, "Decryption failed - SSL_read"); + wpabuf_free(buf); + return NULL; + } + wpabuf_put(buf, res); + + wpa_printf(MSG_DEBUG, "SSL: decrypt: %ld bytes", wpabuf_len(buf)); + + return buf; +} + + +int tls_connection_resumed(void *tls_ctx, struct tls_connection *conn) +{ + return conn ? wolfSSL_session_reused(conn->ssl) : 0; +} + + +int tls_connection_set_cipher_list(void *tls_ctx, struct tls_connection *conn, + u8 *ciphers) +{ + char buf[128], *pos, *end; + u8 *c; + int ret; + + if (!conn || !conn->ssl || !ciphers) + return -1; + + buf[0] = '\0'; + pos = buf; + end = pos + sizeof(buf); + + c = ciphers; + while (*c != TLS_CIPHER_NONE) { + const char *suite; + + switch (*c) { + case TLS_CIPHER_RC4_SHA: + suite = "RC4-SHA"; + break; + case TLS_CIPHER_AES128_SHA: + suite = "AES128-SHA"; + break; + case TLS_CIPHER_RSA_DHE_AES128_SHA: + suite = "DHE-RSA-AES128-SHA"; + break; + case TLS_CIPHER_ANON_DH_AES128_SHA: + suite = "ADH-AES128-SHA"; + break; + case TLS_CIPHER_RSA_DHE_AES256_SHA: + suite = "DHE-RSA-AES256-SHA"; + break; + case TLS_CIPHER_AES256_SHA: + suite = "AES256-SHA"; + break; + default: + wpa_printf(MSG_DEBUG, + "TLS: Unsupported cipher selection: %d", *c); + return -1; + } + ret = os_snprintf(pos, end - pos, ":%s", suite); + if (os_snprintf_error(end - pos, ret)) + break; + pos += ret; + + c++; + } + + wpa_printf(MSG_DEBUG, "wolfSSL: cipher suites: %s", buf + 1); + + if (wolfSSL_set_cipher_list(conn->ssl, buf + 1) != 1) { + wpa_printf(MSG_DEBUG, "Cipher suite configuration failed"); + return -1; + } + + return 0; +} + + +int tls_get_cipher(void *tls_ctx, struct tls_connection *conn, + char *buf, size_t buflen) +{ + WOLFSSL_CIPHER *cipher; + const char *name; + + if (!conn || !conn->ssl) + return -1; + + cipher = wolfSSL_get_current_cipher(conn->ssl); + if (!cipher) + return -1; + + name = wolfSSL_CIPHER_get_name(cipher); + if (!name) + return -1; + + if (os_strcmp(name, "SSL_RSA_WITH_RC4_128_SHA") == 0) + os_strlcpy(buf, "RC4-SHA", buflen); + else if (os_strcmp(name, "TLS_RSA_WITH_AES_128_CBC_SHA") == 0) + os_strlcpy(buf, "AES128-SHA", buflen); + else if (os_strcmp(name, "TLS_DHE_RSA_WITH_AES_128_CBC_SHA") == 0) + os_strlcpy(buf, "DHE-RSA-AES128-SHA", buflen); + else if (os_strcmp(name, "TLS_DH_anon_WITH_AES_128_CBC_SHA") == 0) + os_strlcpy(buf, "ADH-AES128-SHA", buflen); + else if (os_strcmp(name, "TLS_DHE_RSA_WITH_AES_256_CBC_SHA") == 0) + os_strlcpy(buf, "DHE-RSA-AES256-SHA", buflen); + else if (os_strcmp(name, "TLS_RSA_WITH_AES_256_CBC_SHA") == 0) + os_strlcpy(buf, "AES256-SHA", buflen); + else + os_strlcpy(buf, name, buflen); + + return 0; +} + + +int tls_connection_enable_workaround(void *tls_ctx, + struct tls_connection *conn) +{ + /* no empty fragments in wolfSSL for now */ + return 0; +} + + +int tls_connection_get_failed(void *tls_ctx, struct tls_connection *conn) +{ + if (!conn) + return -1; + + return conn->failed; +} + + +int tls_connection_get_read_alerts(void *tls_ctx, struct tls_connection *conn) +{ + if (!conn) + return -1; + + /* TODO: this is not incremented anywhere */ + return conn->read_alerts; +} + + +int tls_connection_get_write_alerts(void *tls_ctx, + struct tls_connection *conn) +{ + if (!conn) + return -1; + + /* TODO: this is not incremented anywhere */ + return conn->write_alerts; +} + + + +int tls_get_library_version(char *buf, size_t buf_len) +{ + return os_snprintf(buf, buf_len, "wolfSSL build=%s run=%s", + WOLFSSL_VERSION, wolfSSL_lib_version()); +} + +int tls_get_version(void *ssl_ctx, struct tls_connection *conn, + char *buf, size_t buflen) +{ + const char *name; + + if (!conn || !conn->ssl) + return -1; + + name = wolfSSL_get_version(conn->ssl); + if (!name) + return -1; + + os_strlcpy(buf, name, buflen); + return 0; +} + + +int tls_connection_get_random(void *ssl_ctx, struct tls_connection *conn, + struct tls_random *keys) +{ + WOLFSSL *ssl; + + if (!conn || !keys) + return -1; + ssl = conn->ssl; + if (!ssl) + return -1; + + os_memset(keys, 0, sizeof(*keys)); + keys->client_random = conn->client_random; + keys->client_random_len = wolfSSL_get_client_random( + ssl, conn->client_random, sizeof(conn->client_random)); + keys->server_random = conn->server_random; + keys->server_random_len = wolfSSL_get_server_random( + ssl, conn->server_random, sizeof(conn->server_random)); + + return 0; +} + + +int tls_connection_export_key(void *tls_ctx, struct tls_connection *conn, + const char *label, u8 *out, size_t out_len) +{ + if (!conn || wolfSSL_make_eap_keys(conn->ssl, out, out_len, label) != 0) + return -1; + return 0; +} + + +#define SEED_LEN (RAN_LEN + RAN_LEN) + +int tls_connection_get_eap_fast_key(void *tls_ctx, struct tls_connection *conn, + u8 *out, size_t out_len) +{ + byte seed[SEED_LEN]; + int ret = -1; + WOLFSSL *ssl; + byte *tmp_out; + byte *_out; + int skip = 0; + byte *master_key; + unsigned int master_key_len; + byte *server_random; + unsigned int server_len; + byte *client_random; + unsigned int client_len; + + if (!conn || !conn->ssl) + return -1; + ssl = conn->ssl; + + skip = 2 * (wolfSSL_GetKeySize(ssl) + wolfSSL_GetHmacSize(ssl) + + wolfSSL_GetIVSize(ssl)); + + tmp_out = os_malloc(skip + out_len); + if (!tmp_out) + return -1; + _out = tmp_out; + + wolfSSL_get_keys(ssl, &master_key, &master_key_len, &server_random, + &server_len, &client_random, &client_len); + os_memcpy(seed, server_random, RAN_LEN); + os_memcpy(seed + RAN_LEN, client_random, RAN_LEN); + + if (wolfSSL_GetVersion(ssl) == WOLFSSL_TLSV1_2) { + tls_prf_sha256(master_key, master_key_len, + "key expansion", seed, sizeof(seed), + _out, skip + out_len); + ret = 0; + } else { + ret = tls_prf_sha1_md5(master_key, master_key_len, + "key expansion", seed, sizeof(seed), + _out, skip + out_len); + } + + os_memset(master_key, 0, master_key_len); + if (ret == 0) + os_memcpy(out, _out + skip, out_len); + bin_clear_free(tmp_out, skip + out_len); + + return ret; +} + + +#if defined(EAP_FAST) || defined(EAP_FAST_DYNAMIC) || defined(EAP_SERVER_FAST) + +int tls_connection_client_hello_ext(void *ssl_ctx, struct tls_connection *conn, + int ext_type, const u8 *data, + size_t data_len) +{ + (void) ssl_ctx; + + if (!conn || !conn->ssl || ext_type != 35) + return -1; + + if (wolfSSL_set_SessionTicket(conn->ssl, data, + (unsigned int) data_len) != 1) + return -1; + + return 0; +} + + +static int tls_sess_sec_cb(WOLFSSL *s, void *secret, int *secret_len, void *arg) +{ + struct tls_connection *conn = arg; + int ret; + unsigned char client_random[RAN_LEN]; + unsigned char server_random[RAN_LEN]; + word32 ticket_len = sizeof(conn->session_ticket); + + if (!conn || !conn->session_ticket_cb) + return 1; + + if (wolfSSL_get_client_random(s, client_random, + sizeof(client_random)) == 0 || + wolfSSL_get_server_random(s, server_random, + sizeof(server_random)) == 0 || + wolfSSL_get_SessionTicket(s, conn->session_ticket, + &ticket_len) != 1) + return 1; + + if (ticket_len == 0) + return 0; + + ret = conn->session_ticket_cb(conn->session_ticket_cb_ctx, + conn->session_ticket, ticket_len, + client_random, server_random, secret); + if (ret <= 0) + return 1; + + *secret_len = SECRET_LEN; + return 0; +} + +#endif /* EAP_FAST || EAP_FAST_DYNAMIC || EAP_SERVER_FAST */ + + +int tls_connection_set_session_ticket_cb(void *tls_ctx, + struct tls_connection *conn, + tls_session_ticket_cb cb, + void *ctx) +{ +#if defined(EAP_FAST) || defined(EAP_FAST_DYNAMIC) || defined(EAP_SERVER_FAST) + conn->session_ticket_cb = cb; + conn->session_ticket_cb_ctx = ctx; + + if (cb) { + if (wolfSSL_set_session_secret_cb(conn->ssl, tls_sess_sec_cb, + conn) != 1) + return -1; + } else { + if (wolfSSL_set_session_secret_cb(conn->ssl, NULL, NULL) != 1) + return -1; + } + + return 0; +#else /* EAP_FAST || EAP_FAST_DYNAMIC || EAP_SERVER_FAST */ + return -1; +#endif /* EAP_FAST || EAP_FAST_DYNAMIC || EAP_SERVER_FAST */ +} + + +void tls_connection_set_success_data_resumed(struct tls_connection *conn) +{ + wpa_printf(MSG_DEBUG, + "wolfSSL: Success data accepted for resumed session"); +} + + +void tls_connection_remove_session(struct tls_connection *conn) +{ + WOLFSSL_SESSION *sess; + + sess = wolfSSL_get_session(conn->ssl); + if (!sess) + return; + + wolfSSL_SSL_SESSION_set_timeout(sess, 0); + wpa_printf(MSG_DEBUG, + "wolfSSL: Removed cached session to disable session resumption"); +} + + +void tls_connection_set_success_data(struct tls_connection *conn, + struct wpabuf *data) +{ + WOLFSSL_SESSION *sess; + struct wpabuf *old; + + wpa_printf(MSG_DEBUG, "wolfSSL: Set success data"); + + sess = wolfSSL_get_session(conn->ssl); + if (!sess) { + wpa_printf(MSG_DEBUG, + "wolfSSL: No session found for success data"); + goto fail; + } + + old = wolfSSL_SESSION_get_ex_data(sess, tls_ex_idx_session); + if (old) { + wpa_printf(MSG_DEBUG, "wolfSSL: Replacing old success data %p", + old); + wpabuf_free(old); + } + if (wolfSSL_SESSION_set_ex_data(sess, tls_ex_idx_session, data) != 1) + goto fail; + + wpa_printf(MSG_DEBUG, "wolfSSL: Stored success data %p", data); + conn->success_data = 1; + return; + +fail: + wpa_printf(MSG_INFO, "wolfSSL: Failed to store success data"); + wpabuf_free(data); +} + + +const struct wpabuf * +tls_connection_get_success_data(struct tls_connection *conn) +{ + WOLFSSL_SESSION *sess; + + wpa_printf(MSG_DEBUG, "wolfSSL: Get success data"); + + sess = wolfSSL_get_session(conn->ssl); + if (!sess) + return NULL; + return wolfSSL_SESSION_get_ex_data(sess, tls_ex_idx_session); +} diff --git a/contrib/wpa/src/drivers/driver.h b/contrib/wpa/src/drivers/driver.h index a449cc934735..4ac9f16a0efc 100644 --- a/contrib/wpa/src/drivers/driver.h +++ b/contrib/wpa/src/drivers/driver.h @@ -1,6 +1,6 @@ /* * Driver interface definition - * Copyright (c) 2003-2015, Jouni Malinen <j@w1.fi> + * Copyright (c) 2003-2017, Jouni Malinen <j@w1.fi> * * This software may be distributed under the terms of the BSD license. * See README for more details. @@ -21,6 +21,10 @@ #include "common/defs.h" #include "common/ieee802_11_defs.h" +#include "common/wpa_common.h" +#ifdef CONFIG_MACSEC +#include "pae/ieee802_1x_kay.h" +#endif /* CONFIG_MACSEC */ #include "utils/list.h" #define HOSTAPD_CHAN_DISABLED 0x00000001 @@ -61,6 +65,10 @@ /* Filter unicast IP packets encrypted using the GTK */ #define WPA_DATA_FRAME_FILTER_FLAG_GTK BIT(2) +#define HOSTAPD_DFS_REGION_FCC 1 +#define HOSTAPD_DFS_REGION_ETSI 2 +#define HOSTAPD_DFS_REGION_JP 3 + /** * enum reg_change_initiator - Regulatory change initiator */ @@ -133,6 +141,29 @@ struct hostapd_channel_data { unsigned int dfs_cac_ms; }; +#define HE_MAX_NUM_SS 8 +#define HE_MAX_PHY_CAPAB_SIZE 3 + +/** + * struct he_ppe_threshold - IEEE 802.11ax HE PPE Threshold + */ +struct he_ppe_threshold { + u32 numss_m1; + u32 ru_count; + u32 ppet16_ppet8_ru3_ru0[HE_MAX_NUM_SS]; +}; + +/** + * struct he_capabilities - IEEE 802.11ax HE capabilities + */ +struct he_capabilities { + u8 he_supported; + u32 phy_cap[HE_MAX_PHY_CAPAB_SIZE]; + u32 mac_cap; + u32 mcs; + struct he_ppe_threshold ppet; +}; + #define HOSTAPD_MODE_FLAG_HT_INFO_KNOWN BIT(0) #define HOSTAPD_MODE_FLAG_VHT_INFO_KNOWN BIT(1) @@ -191,6 +222,11 @@ struct hostapd_hw_modes { u8 vht_mcs_set[8]; unsigned int flags; /* HOSTAPD_MODE_FLAG_* */ + + /** + * he_capab - HE (IEEE 802.11ax) capabilities + */ + struct he_capabilities he_capab; }; @@ -233,6 +269,9 @@ struct hostapd_hw_modes { * @est_throughput: Estimated throughput in kbps (this is calculated during * scan result processing if left zero by the driver wrapper) * @snr: Signal-to-noise ratio in dB (calculated during scan result processing) + * @parent_tsf: Time when the Beacon/Probe Response frame was received in terms + * of TSF of the BSS specified by %tsf_bssid. + * @tsf_bssid: The BSS that %parent_tsf TSF time refers to. * @ie_len: length of the following IE field in octets * @beacon_ie_len: length of the following Beacon IE field in octets * @@ -263,6 +302,8 @@ struct wpa_scan_res { unsigned int age; unsigned int est_throughput; int snr; + u64 parent_tsf; + u8 tsf_bssid[ETH_ALEN]; size_t ie_len; size_t beacon_ie_len; /* Followed by ie_len + beacon_ie_len octets of IE data */ @@ -447,6 +488,15 @@ struct wpa_driver_scan_params { unsigned int sched_scan_plans_num; /** + * sched_scan_start_delay - Delay to use before starting the first scan + * + * Delay (in seconds) before scheduling first scan plan cycle. The + * driver may ignore this parameter and start immediately (or at any + * other time), if this feature is not supported. + */ + u32 sched_scan_start_delay; + + /** * bssid - Specific BSSID to scan for * * This optional parameter can be used to replace the default wildcard @@ -455,6 +505,80 @@ struct wpa_driver_scan_params { */ const u8 *bssid; + /** + * scan_cookie - Unique identification representing the scan request + * + * This scan_cookie carries a unique identification representing the + * scan request if the host driver/kernel supports concurrent scan + * requests. This cookie is returned from the corresponding driver + * interface. + * + * Note: Unlike other parameters in this structure, scan_cookie is used + * only to return information instead of setting parameters for the + * scan. + */ + u64 scan_cookie; + + /** + * duration - Dwell time on each channel + * + * This optional parameter can be used to set the dwell time on each + * channel. In TUs. + */ + u16 duration; + + /** + * duration_mandatory - Whether the specified duration is mandatory + * + * If this is set, the duration specified by the %duration field is + * mandatory (and the driver should reject the scan request if it is + * unable to comply with the specified duration), otherwise it is the + * maximum duration and the actual duration may be shorter. + */ + unsigned int duration_mandatory:1; + + /** + * relative_rssi_set - Whether relative RSSI parameters are set + */ + unsigned int relative_rssi_set:1; + + /** + * relative_rssi - Relative RSSI for reporting better BSSs + * + * Amount of RSSI by which a BSS should be better than the current + * connected BSS to report the new BSS to user space. + */ + s8 relative_rssi; + + /** + * relative_adjust_band - Band to which RSSI should be adjusted + * + * The relative_adjust_rssi should be added to the band specified + * by relative_adjust_band. + */ + enum set_band relative_adjust_band; + + /** + * relative_adjust_rssi - RSSI to be added to relative_adjust_band + * + * An amount of relative_band_rssi should be added to the BSSs that + * belong to the band specified by relative_adjust_band while comparing + * with other bands for BSS reporting. + */ + s8 relative_adjust_rssi; + + /** + * oce_scan + * + * Enable the following OCE scan features: (WFA OCE TechSpec v1.0) + * - Accept broadcast Probe Response frame. + * - Probe Request frame deferral and suppression. + * - Max Channel Time - driver fills FILS request params IE with + * Maximum Channel Time. + * - Send 1st Probe Request frame in rate of minimum 5.5 Mbps. + */ + unsigned int oce_scan:1; + /* * NOTE: Whenever adding new parameters here, please make sure * wpa_scan_clone_params() and wpa_scan_free_params() get updated with @@ -485,17 +609,18 @@ struct wpa_driver_auth_params { int p2p; /** - * sae_data - SAE elements for Authentication frame + * auth_data - Additional elements for Authentication frame * * This buffer starts with the Authentication transaction sequence - * number field. If SAE is not used, this pointer is %NULL. + * number field. If no special handling of such elements is needed, this + * pointer is %NULL. This is used with SAE and FILS. */ - const u8 *sae_data; + const u8 *auth_data; /** - * sae_data_len - Length of sae_data buffer in octets + * auth_data_len - Length of auth_data buffer in octets */ - size_t sae_data_len; + size_t auth_data_len; }; /** @@ -577,6 +702,68 @@ struct hostapd_freq_params { }; /** + * struct wpa_driver_sta_auth_params - Authentication parameters + * Data for struct wpa_driver_ops::sta_auth(). + */ +struct wpa_driver_sta_auth_params { + + /** + * own_addr - Source address and BSSID for authentication frame + */ + const u8 *own_addr; + + /** + * addr - MAC address of the station to associate + */ + const u8 *addr; + + /** + * seq - authentication sequence number + */ + u16 seq; + + /** + * status - authentication response status code + */ + u16 status; + + /** + * ie - authentication frame ie buffer + */ + const u8 *ie; + + /** + * len - ie buffer length + */ + size_t len; + + /** + * fils_auth - Indicates whether FILS authentication is being performed + */ + int fils_auth; + + /** + * fils_anonce - ANonce (required for FILS) + */ + u8 fils_anonce[WPA_NONCE_LEN]; + + /** + * fils_snonce - SNonce (required for FILS) + */ + u8 fils_snonce[WPA_NONCE_LEN]; + + /** + * fils_kek - key for encryption (required for FILS) + */ + u8 fils_kek[WPA_KEK_MAX_LEN]; + + /** + * fils_kek_len - Length of the fils_kek in octets (required for FILS) + */ + size_t fils_kek_len; +}; + +/** * struct wpa_driver_associate_params - Association parameters * Data for struct wpa_driver_ops::associate(). */ @@ -639,7 +826,7 @@ struct wpa_driver_associate_params { * WPA information element to be included in (Re)Association * Request (including information element id and length). Use * of this WPA IE is optional. If the driver generates the WPA - * IE, it can use pairwise_suite, group_suite, and + * IE, it can use pairwise_suite, group_suite, group_mgmt_suite, and * key_mgmt_suite to select proper algorithms. In this case, * the driver has to notify wpa_supplicant about the used WPA * IE by generating an event that the interface code will @@ -679,6 +866,13 @@ struct wpa_driver_associate_params { unsigned int group_suite; /** + * mgmt_group_suite - Selected group management cipher suite (WPA_CIPHER_*) + * + * This is usually ignored if @wpa_ie is used. + */ + unsigned int mgmt_group_suite; + + /** * key_mgmt_suite - Selected key management suite (WPA_KEY_MGMT_*) * * This is usually ignored if @wpa_ie is used. @@ -717,43 +911,6 @@ struct wpa_driver_associate_params { enum mfp_options mgmt_frame_protection; /** - * ft_ies - IEEE 802.11r / FT information elements - * If the supplicant is using IEEE 802.11r (FT) and has the needed keys - * for fast transition, this parameter is set to include the IEs that - * are to be sent in the next FT Authentication Request message. - * update_ft_ies() handler is called to update the IEs for further - * FT messages in the sequence. - * - * The driver should use these IEs only if the target AP is advertising - * the same mobility domain as the one included in the MDIE here. - * - * In ap_scan=2 mode, the driver can use these IEs when moving to a new - * AP after the initial association. These IEs can only be used if the - * target AP is advertising support for FT and is using the same MDIE - * and SSID as the current AP. - * - * The driver is responsible for reporting the FT IEs received from the - * AP's response using wpa_supplicant_event() with EVENT_FT_RESPONSE - * type. update_ft_ies() handler will then be called with the FT IEs to - * include in the next frame in the authentication sequence. - */ - const u8 *ft_ies; - - /** - * ft_ies_len - Length of ft_ies in bytes - */ - size_t ft_ies_len; - - /** - * ft_md - FT Mobility domain (6 octets) (also included inside ft_ies) - * - * This value is provided to allow the driver interface easier access - * to the current mobility domain. This value is set to %NULL if no - * mobility domain is currently active. - */ - const u8 *ft_md; - - /** * passphrase - RSN passphrase for PSK * * This value is made available only for WPA/WPA2-Personal (PSK) and @@ -882,6 +1039,64 @@ struct wpa_driver_associate_params { * AP as usual. Valid for DMG network only. */ int pbss; + + /** + * fils_kek - KEK for FILS association frame protection (AES-SIV) + */ + const u8 *fils_kek; + + /** + * fils_kek_len: Length of fils_kek in bytes + */ + size_t fils_kek_len; + + /** + * fils_nonces - Nonces for FILS association frame protection + * (AES-SIV AAD) + */ + const u8 *fils_nonces; + + /** + * fils_nonces_len: Length of fils_nonce in bytes + */ + size_t fils_nonces_len; + + /** + * fils_erp_username - Username part of keyName-NAI + */ + const u8 *fils_erp_username; + + /** + * fils_erp_username_len - Length of fils_erp_username in bytes + */ + size_t fils_erp_username_len; + + /** + * fils_erp_realm - Realm/domain name to use in FILS ERP + */ + const u8 *fils_erp_realm; + + /** + * fils_erp_realm_len - Length of fils_erp_realm in bytes + */ + size_t fils_erp_realm_len; + + /** + * fils_erp_next_seq_num - The next sequence number to use in FILS ERP + * messages + */ + u16 fils_erp_next_seq_num; + + /** + * fils_erp_rrk - Re-authentication root key (rRK) for the keyName-NAI + * specified by fils_erp_username@fils_erp_realm. + */ + const u8 *fils_erp_rrk; + + /** + * fils_erp_rrk_len - Length of fils_erp_rrk in bytes + */ + size_t fils_erp_rrk_len; }; enum hide_ssid { @@ -940,6 +1155,22 @@ struct wpa_driver_ap_params { int *basic_rates; /** + * beacon_rate: Beacon frame data rate + * + * This parameter can be used to set a specific Beacon frame data rate + * for the BSS. The interpretation of this value depends on the + * rate_type (legacy: in 100 kbps units, HT: HT-MCS, VHT: VHT-MCS). If + * beacon_rate == 0 and rate_type == 0 (BEACON_RATE_LEGACY), the default + * Beacon frame data rate is used. + */ + unsigned int beacon_rate; + + /** + * beacon_rate_type: Beacon data rate type (legacy/HT/VHT) + */ + enum beacon_rate_type rate_type; + + /** * proberesp - Probe Response template * * This is used by drivers that reply to Probe Requests internally in @@ -1115,6 +1346,27 @@ struct wpa_driver_ap_params { * infrastructure BSS. Valid only for DMG network. */ int pbss; + + /** + * multicast_to_unicast - Whether to use multicast_to_unicast + * + * If this is non-zero, the AP is requested to perform multicast to + * unicast conversion for ARP, IPv4, and IPv6 frames (possibly within + * 802.1Q). If enabled, such frames are to be sent to each station + * separately, with the DA replaced by their own MAC address rather + * than the group address. + * + * Note that this may break certain expectations of the receiver, such + * as the ability to drop unicast IP packets received within multicast + * L2 frames, or the ability to not send ICMP destination unreachable + * messages for packets received in L2 multicast (which is required, + * but the receiver can't tell the difference if this new option is + * enabled.) + * + * This also doesn't implement the 802.11 DMS (directed multicast + * service). + */ + int multicast_to_unicast; }; struct wpa_driver_mesh_bss_params { @@ -1122,6 +1374,7 @@ struct wpa_driver_mesh_bss_params { #define WPA_DRIVER_MESH_CONF_FLAG_PEER_LINK_TIMEOUT 0x00000002 #define WPA_DRIVER_MESH_CONF_FLAG_MAX_PEER_LINKS 0x00000004 #define WPA_DRIVER_MESH_CONF_FLAG_HT_OP_MODE 0x00000008 +#define WPA_DRIVER_MESH_CONF_FLAG_RSSI_THRESHOLD 0x00000010 /* * TODO: Other mesh configuration parameters would go here. * See NL80211_MESHCONF_* for all the mesh config parameters. @@ -1130,6 +1383,7 @@ struct wpa_driver_mesh_bss_params { int auto_plinks; int peer_link_timeout; int max_peer_links; + int rssi_threshold; u16 ht_opmode; }; @@ -1164,6 +1418,12 @@ struct wpa_driver_capa { #define WPA_DRIVER_CAPA_KEY_MGMT_WAPI_PSK 0x00000080 #define WPA_DRIVER_CAPA_KEY_MGMT_SUITE_B 0x00000100 #define WPA_DRIVER_CAPA_KEY_MGMT_SUITE_B_192 0x00000200 +#define WPA_DRIVER_CAPA_KEY_MGMT_OWE 0x00000400 +#define WPA_DRIVER_CAPA_KEY_MGMT_DPP 0x00000800 +#define WPA_DRIVER_CAPA_KEY_MGMT_FILS_SHA256 0x00001000 +#define WPA_DRIVER_CAPA_KEY_MGMT_FILS_SHA384 0x00002000 +#define WPA_DRIVER_CAPA_KEY_MGMT_FT_FILS_SHA256 0x00004000 +#define WPA_DRIVER_CAPA_KEY_MGMT_FT_FILS_SHA384 0x00008000 /** Bitfield of supported key management suites */ unsigned int key_mgmt; @@ -1286,6 +1546,39 @@ struct wpa_driver_capa { #define WPA_DRIVER_FLAGS_FULL_AP_CLIENT_STATE 0x0000010000000000ULL /** Driver supports P2P Listen offload */ #define WPA_DRIVER_FLAGS_P2P_LISTEN_OFFLOAD 0x0000020000000000ULL +/** Driver supports FILS */ +#define WPA_DRIVER_FLAGS_SUPPORT_FILS 0x0000040000000000ULL +/** Driver supports Beacon frame TX rate configuration (legacy rates) */ +#define WPA_DRIVER_FLAGS_BEACON_RATE_LEGACY 0x0000080000000000ULL +/** Driver supports Beacon frame TX rate configuration (HT rates) */ +#define WPA_DRIVER_FLAGS_BEACON_RATE_HT 0x0000100000000000ULL +/** Driver supports Beacon frame TX rate configuration (VHT rates) */ +#define WPA_DRIVER_FLAGS_BEACON_RATE_VHT 0x0000200000000000ULL +/** Driver supports mgmt_tx with random TX address in non-connected state */ +#define WPA_DRIVER_FLAGS_MGMT_TX_RANDOM_TA 0x0000400000000000ULL +/** Driver supports mgmt_tx with random TX addr in connected state */ +#define WPA_DRIVER_FLAGS_MGMT_TX_RANDOM_TA_CONNECTED 0x0000800000000000ULL +/** Driver supports better BSS reporting with sched_scan in connected mode */ +#define WPA_DRIVER_FLAGS_SCHED_SCAN_RELATIVE_RSSI 0x0001000000000000ULL +/** Driver supports HE capabilities */ +#define WPA_DRIVER_FLAGS_HE_CAPABILITIES 0x0002000000000000ULL +/** Driver supports FILS shared key offload */ +#define WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD 0x0004000000000000ULL +/** Driver supports all OCE STA specific mandatory features */ +#define WPA_DRIVER_FLAGS_OCE_STA 0x0008000000000000ULL +/** Driver supports all OCE AP specific mandatory features */ +#define WPA_DRIVER_FLAGS_OCE_AP 0x0010000000000000ULL +/** + * Driver supports all OCE STA-CFON specific mandatory features only. + * If a driver sets this bit but not the %WPA_DRIVER_FLAGS_OCE_AP, the + * userspace shall assume that this driver may not support all OCE AP + * functionality but can support only OCE STA-CFON functionality. + */ +#define WPA_DRIVER_FLAGS_OCE_STA_CFON 0x0020000000000000ULL +/** Driver supports MFP-optional in the connect command */ +#define WPA_DRIVER_FLAGS_MFP_OPTIONAL 0x0040000000000000ULL +/** Driver is a self-managed regulatory device */ +#define WPA_DRIVER_FLAGS_SELF_MANAGED_REGULATORY 0x0080000000000000ULL u64 flags; #define FULL_AP_CLIENT_STATE_SUPP(drv_flags) \ @@ -1386,6 +1679,11 @@ struct wpa_driver_capa { */ #define WPA_DRIVER_FLAGS_SUPPORT_RRM 0x00000010 +/** Driver supports setting the scan dwell time */ +#define WPA_DRIVER_FLAGS_SUPPORT_SET_SCAN_DWELL 0x00000020 +/** Driver supports Beacon Report Measurement */ +#define WPA_DRIVER_FLAGS_SUPPORT_BEACON_REPORT 0x00000040 + u32 rrm_flags; /* Driver concurrency capabilities */ @@ -1402,18 +1700,35 @@ struct wpa_driver_capa { struct hostapd_data; +#define STA_DRV_DATA_TX_MCS BIT(0) +#define STA_DRV_DATA_RX_MCS BIT(1) +#define STA_DRV_DATA_TX_VHT_MCS BIT(2) +#define STA_DRV_DATA_RX_VHT_MCS BIT(3) +#define STA_DRV_DATA_TX_VHT_NSS BIT(4) +#define STA_DRV_DATA_RX_VHT_NSS BIT(5) +#define STA_DRV_DATA_TX_SHORT_GI BIT(6) +#define STA_DRV_DATA_RX_SHORT_GI BIT(7) +#define STA_DRV_DATA_LAST_ACK_RSSI BIT(8) + struct hostap_sta_driver_data { unsigned long rx_packets, tx_packets; unsigned long long rx_bytes, tx_bytes; int bytes_64bit; /* whether 64-bit byte counters are supported */ unsigned long current_tx_rate; + unsigned long current_rx_rate; unsigned long inactive_msec; - unsigned long flags; + unsigned long flags; /* bitfield of STA_DRV_DATA_* */ unsigned long num_ps_buf_frames; unsigned long tx_retry_failed; unsigned long tx_retry_count; - int last_rssi; - int last_ack_rssi; + s8 last_ack_rssi; + s8 signal; + u8 rx_vhtmcs; + u8 tx_vhtmcs; + u8 rx_mcs; + u8 tx_mcs; + u8 rx_vht_nss; + u8 tx_vht_nss; }; struct hostapd_sta_add_params { @@ -1576,6 +1891,17 @@ enum wnm_oper { WNM_SLEEP_TFS_IE_DEL /* AP delete the TFS IE */ }; +/* enum smps_mode - SMPS mode definitions */ +enum smps_mode { + SMPS_AUTOMATIC, + SMPS_OFF, + SMPS_DYNAMIC, + SMPS_STATIC, + + /* Keep last */ + SMPS_INVALID, +}; + /* enum chan_width - Channel width definitions */ enum chan_width { CHAN_WIDTH_20_NOHT, @@ -1587,8 +1913,21 @@ enum chan_width { CHAN_WIDTH_UNKNOWN }; +#define WPA_INVALID_NOISE 9999 + /** * struct wpa_signal_info - Information about channel signal quality + * @frequency: control frequency + * @above_threshold: true if the above threshold was crossed + * (relevant for a CQM event) + * @current_signal: in dBm + * @avg_signal: in dBm + * @avg_beacon_signal: in dBm + * @current_noise: %WPA_INVALID_NOISE if not supported + * @current_txrate: current TX rate + * @chanwidth: channel width + * @center_frq1: center frequency for the first segment + * @center_frq2: center frequency for the second segment (if relevant) */ struct wpa_signal_info { u32 frequency; @@ -1720,6 +2059,67 @@ struct drv_acs_params { const int *freq_list; }; +struct wpa_bss_trans_info { + u8 mbo_transition_reason; + u8 n_candidates; + u8 *bssid; +}; + +struct wpa_bss_candidate_info { + u8 num; + struct candidate_list { + u8 bssid[ETH_ALEN]; + u8 is_accept; + u32 reject_reason; + } *candidates; +}; + +struct wpa_pmkid_params { + const u8 *bssid; + const u8 *ssid; + size_t ssid_len; + const u8 *fils_cache_id; + const u8 *pmkid; + const u8 *pmk; + size_t pmk_len; +}; + +/* Mask used to specify which connection parameters have to be updated */ +enum wpa_drv_update_connect_params_mask { + WPA_DRV_UPDATE_ASSOC_IES = BIT(0), + WPA_DRV_UPDATE_FILS_ERP_INFO = BIT(1), + WPA_DRV_UPDATE_AUTH_TYPE = BIT(2), +}; + +/** + * struct external_auth - External authentication trigger parameters + * + * These are used across the external authentication request and event + * interfaces. + * @action: Action type / trigger for external authentication. Only significant + * for the event interface. + * @bssid: BSSID of the peer with which the authentication has to happen. Used + * by both the request and event interface. + * @ssid: SSID of the AP. Used by both the request and event interface. + * @ssid_len: SSID length in octets. + * @key_mgmt_suite: AKM suite of the respective authentication. Optional for + * the request interface. + * @status: Status code, %WLAN_STATUS_SUCCESS for successful authentication, + * use %WLAN_STATUS_UNSPECIFIED_FAILURE if wpa_supplicant cannot give + * the real status code for failures. Used only for the request interface + * from user space to the driver. + */ +struct external_auth { + enum { + EXT_AUTH_START, + EXT_AUTH_ABORT, + } action; + u8 bssid[ETH_ALEN]; + u8 ssid[SSID_MAX_LEN]; + size_t ssid_len; + unsigned int key_mgmt_suite; + u16 status; +}; /** * struct wpa_driver_ops - Driver interface API definition @@ -1902,13 +2302,14 @@ struct wpa_driver_ops { /** * add_pmkid - Add PMKSA cache entry to the driver * @priv: private driver interface data - * @bssid: BSSID for the PMKSA cache entry - * @pmkid: PMKID for the PMKSA cache entry + * @params: PMKSA parameters * * Returns: 0 on success, -1 on failure * * This function is called when a new PMK is received, as a result of - * either normal authentication or RSN pre-authentication. + * either normal authentication or RSN pre-authentication. The PMKSA + * parameters are either a set of bssid, pmkid, and pmk; or a set of + * ssid, fils_cache_id, pmkid, and pmk. * * If the driver generates RSN IE, i.e., it does not use wpa_ie in * associate(), add_pmkid() can be used to add new PMKSA cache entries @@ -1916,18 +2317,18 @@ struct wpa_driver_ops { * driver_ops function does not need to be implemented. Likewise, if * the driver does not support WPA, this function is not needed. */ - int (*add_pmkid)(void *priv, const u8 *bssid, const u8 *pmkid); + int (*add_pmkid)(void *priv, struct wpa_pmkid_params *params); /** * remove_pmkid - Remove PMKSA cache entry to the driver * @priv: private driver interface data - * @bssid: BSSID for the PMKSA cache entry - * @pmkid: PMKID for the PMKSA cache entry + * @params: PMKSA parameters * * Returns: 0 on success, -1 on failure * * This function is called when the supplicant drops a PMKSA cache - * entry for any reason. + * entry for any reason. The PMKSA parameters are either a set of + * bssid and pmkid; or a set of ssid, fils_cache_id, and pmkid. * * If the driver generates RSN IE, i.e., it does not use wpa_ie in * associate(), remove_pmkid() can be used to synchronize PMKSA caches @@ -1936,7 +2337,7 @@ struct wpa_driver_ops { * implemented. Likewise, if the driver does not support WPA, this * function is not needed. */ - int (*remove_pmkid)(void *priv, const u8 *bssid, const u8 *pmkid); + int (*remove_pmkid)(void *priv, struct wpa_pmkid_params *params); /** * flush_pmkid - Flush PMKSA cache @@ -2051,12 +2452,13 @@ struct wpa_driver_ops { * @priv: Private driver interface data * @num_modes: Variable for returning the number of returned modes * flags: Variable for returning hardware feature flags + * @dfs: Variable for returning DFS region (HOSTAPD_DFS_REGION_*) * Returns: Pointer to allocated hardware data on success or %NULL on * failure. Caller is responsible for freeing this. */ struct hostapd_hw_modes * (*get_hw_feature_data)(void *priv, u16 *num_modes, - u16 *flags); + u16 *flags, u8 *dfs); /** * send_mlme - Send management frame from MLME @@ -2673,6 +3075,9 @@ struct wpa_driver_ops { * transmitted on that channel; alternatively the frame may be sent on * the current operational channel (if in associated state in station * mode or while operating as an AP.) + * + * If @src differs from the device MAC address, use of a random + * transmitter address is requested for this message exchange. */ int (*send_action)(void *priv, unsigned int freq, unsigned int wait, const u8 *dst, const u8 *src, const u8 *bssid, @@ -3058,19 +3463,13 @@ struct wpa_driver_ops { /** * sta_auth - Station authentication indication - * @priv: Private driver interface data - * @own_addr: Source address and BSSID for authentication frame - * @addr: MAC address of the station to associate - * @seq: authentication sequence number - * @status: authentication response status code - * @ie: authentication frame ie buffer - * @len: ie buffer length + * @priv: private driver interface data + * @params: Station authentication parameters * - * This function indicates the driver to send Authentication frame - * to the station. + * Returns: 0 on success, -1 on failure */ - int (*sta_auth)(void *priv, const u8 *own_addr, const u8 *addr, - u16 seq, u16 status, const u8 *ie, size_t len); + int (*sta_auth)(void *priv, + struct wpa_driver_sta_auth_params *params); /** * add_tspec - Add traffic stream @@ -3282,6 +3681,17 @@ struct wpa_driver_ops { int (*roaming)(void *priv, int allowed, const u8 *bssid); /** + * disable_fils - Enable/disable FILS feature + * @priv: Private driver interface data + * @disable: 0-enable and 1-disable FILS feature + * Returns: 0 on success, -1 on failure + * + * This callback can be used to configure driver and below layers to + * enable/disable all FILS features. + */ + int (*disable_fils)(void *priv, int disable); + + /** * set_mac_addr - Set MAC address * @priv: Private driver interface data * @addr: MAC address to use or %NULL for setting back to permanent @@ -3295,6 +3705,14 @@ struct wpa_driver_ops { int (*macsec_deinit)(void *priv); /** + * macsec_get_capability - Inform MKA of this driver's capability + * @priv: Private driver interface data + * @cap: Driver's capability + * Returns: 0 on success, -1 on failure + */ + int (*macsec_get_capability)(void *priv, enum macsec_cap *cap); + + /** * enable_protect_frames - Set protect frames status * @priv: Private driver interface data * @enabled: TRUE = protect frames enabled @@ -3304,6 +3722,15 @@ struct wpa_driver_ops { int (*enable_protect_frames)(void *priv, Boolean enabled); /** + * enable_encrypt - Set encryption status + * @priv: Private driver interface data + * @enabled: TRUE = encrypt outgoing traffic + * FALSE = integrity-only protection on outgoing traffic + * Returns: 0 on success, -1 on failure (or if not supported) + */ + int (*enable_encrypt)(void *priv, Boolean enabled); + + /** * set_replay_protect - Set replay protect status and window size * @priv: Private driver interface data * @enabled: TRUE = replay protect enabled @@ -3333,155 +3760,129 @@ struct wpa_driver_ops { /** * get_receive_lowest_pn - Get receive lowest pn * @priv: Private driver interface data - * @channel: secure channel - * @an: association number - * @lowest_pn: lowest accept pn + * @sa: secure association * Returns: 0 on success, -1 on failure (or if not supported) */ - int (*get_receive_lowest_pn)(void *priv, u32 channel, u8 an, - u32 *lowest_pn); + int (*get_receive_lowest_pn)(void *priv, struct receive_sa *sa); /** * get_transmit_next_pn - Get transmit next pn * @priv: Private driver interface data - * @channel: secure channel - * @an: association number - * @next_pn: next pn + * @sa: secure association * Returns: 0 on success, -1 on failure (or if not supported) */ - int (*get_transmit_next_pn)(void *priv, u32 channel, u8 an, - u32 *next_pn); + int (*get_transmit_next_pn)(void *priv, struct transmit_sa *sa); /** * set_transmit_next_pn - Set transmit next pn * @priv: Private driver interface data - * @channel: secure channel - * @an: association number - * @next_pn: next pn + * @sa: secure association * Returns: 0 on success, -1 on failure (or if not supported) */ - int (*set_transmit_next_pn)(void *priv, u32 channel, u8 an, - u32 next_pn); - - /** - * get_available_receive_sc - get available receive channel - * @priv: Private driver interface data - * @channel: secure channel - * Returns: 0 on success, -1 on failure (or if not supported) - */ - int (*get_available_receive_sc)(void *priv, u32 *channel); + int (*set_transmit_next_pn)(void *priv, struct transmit_sa *sa); /** * create_receive_sc - create secure channel for receiving * @priv: Private driver interface data - * @channel: secure channel - * @sci_addr: secure channel identifier - address - * @sci_port: secure channel identifier - port + * @sc: secure channel * @conf_offset: confidentiality offset (0, 30, or 50) * @validation: frame validation policy (0 = Disabled, 1 = Checked, * 2 = Strict) * Returns: 0 on success, -1 on failure (or if not supported) */ - int (*create_receive_sc)(void *priv, u32 channel, const u8 *sci_addr, - u16 sci_port, unsigned int conf_offset, + int (*create_receive_sc)(void *priv, struct receive_sc *sc, + unsigned int conf_offset, int validation); /** * delete_receive_sc - delete secure connection for receiving * @priv: private driver interface data from init() - * @channel: secure channel + * @sc: secure channel * Returns: 0 on success, -1 on failure */ - int (*delete_receive_sc)(void *priv, u32 channel); + int (*delete_receive_sc)(void *priv, struct receive_sc *sc); /** * create_receive_sa - create secure association for receive * @priv: private driver interface data from init() - * @channel: secure channel - * @an: association number - * @lowest_pn: the lowest packet number can be received - * @sak: the secure association key + * @sa: secure association * Returns: 0 on success, -1 on failure */ - int (*create_receive_sa)(void *priv, u32 channel, u8 an, - u32 lowest_pn, const u8 *sak); + int (*create_receive_sa)(void *priv, struct receive_sa *sa); /** - * enable_receive_sa - enable the SA for receive - * @priv: private driver interface data from init() - * @channel: secure channel - * @an: association number + * delete_receive_sa - Delete secure association for receive + * @priv: Private driver interface data from init() + * @sa: Secure association * Returns: 0 on success, -1 on failure */ - int (*enable_receive_sa)(void *priv, u32 channel, u8 an); + int (*delete_receive_sa)(void *priv, struct receive_sa *sa); /** - * disable_receive_sa - disable SA for receive + * enable_receive_sa - enable the SA for receive * @priv: private driver interface data from init() - * @channel: secure channel index - * @an: association number + * @sa: secure association * Returns: 0 on success, -1 on failure */ - int (*disable_receive_sa)(void *priv, u32 channel, u8 an); + int (*enable_receive_sa)(void *priv, struct receive_sa *sa); /** - * get_available_transmit_sc - get available transmit channel - * @priv: Private driver interface data - * @channel: secure channel - * Returns: 0 on success, -1 on failure (or if not supported) + * disable_receive_sa - disable SA for receive + * @priv: private driver interface data from init() + * @sa: secure association + * Returns: 0 on success, -1 on failure */ - int (*get_available_transmit_sc)(void *priv, u32 *channel); + int (*disable_receive_sa)(void *priv, struct receive_sa *sa); /** * create_transmit_sc - create secure connection for transmit * @priv: private driver interface data from init() - * @channel: secure channel - * @sci_addr: secure channel identifier - address - * @sci_port: secure channel identifier - port + * @sc: secure channel + * @conf_offset: confidentiality offset (0, 30, or 50) * Returns: 0 on success, -1 on failure */ - int (*create_transmit_sc)(void *priv, u32 channel, const u8 *sci_addr, - u16 sci_port, unsigned int conf_offset); + int (*create_transmit_sc)(void *priv, struct transmit_sc *sc, + unsigned int conf_offset); /** * delete_transmit_sc - delete secure connection for transmit * @priv: private driver interface data from init() - * @channel: secure channel + * @sc: secure channel * Returns: 0 on success, -1 on failure */ - int (*delete_transmit_sc)(void *priv, u32 channel); + int (*delete_transmit_sc)(void *priv, struct transmit_sc *sc); /** * create_transmit_sa - create secure association for transmit * @priv: private driver interface data from init() - * @channel: secure channel index - * @an: association number - * @next_pn: the packet number used as next transmit packet - * @confidentiality: True if the SA is to provide confidentiality - * as well as integrity - * @sak: the secure association key + * @sa: secure association + * Returns: 0 on success, -1 on failure + */ + int (*create_transmit_sa)(void *priv, struct transmit_sa *sa); + + /** + * delete_transmit_sa - Delete secure association for transmit + * @priv: Private driver interface data from init() + * @sa: Secure association * Returns: 0 on success, -1 on failure */ - int (*create_transmit_sa)(void *priv, u32 channel, u8 an, u32 next_pn, - Boolean confidentiality, const u8 *sak); + int (*delete_transmit_sa)(void *priv, struct transmit_sa *sa); /** * enable_transmit_sa - enable SA for transmit * @priv: private driver interface data from init() - * @channel: secure channel - * @an: association number + * @sa: secure association * Returns: 0 on success, -1 on failure */ - int (*enable_transmit_sa)(void *priv, u32 channel, u8 an); + int (*enable_transmit_sa)(void *priv, struct transmit_sa *sa); /** * disable_transmit_sa - disable SA for transmit * @priv: private driver interface data from init() - * @channel: secure channel - * @an: association number + * @sa: secure association * Returns: 0 on success, -1 on failure */ - int (*disable_transmit_sa)(void *priv, u32 channel, u8 an); + int (*disable_transmit_sa)(void *priv, struct transmit_sa *sa); #endif /* CONFIG_MACSEC */ /** @@ -3555,9 +3956,12 @@ struct wpa_driver_ops { /** * abort_scan - Request the driver to abort an ongoing scan * @priv: Private driver interface data + * @scan_cookie: Cookie identifying the scan request. This is used only + * when the vendor interface QCA_NL80211_VENDOR_SUBCMD_TRIGGER_SCAN + * was used to trigger scan. Otherwise, 0 is used. * Returns 0 on success, -1 on failure */ - int (*abort_scan)(void *priv); + int (*abort_scan)(void *priv, u64 scan_cookie); /** * configure_data_frame_filters - Request to configure frame filters @@ -3623,8 +4027,72 @@ struct wpa_driver_ops { */ int (*set_default_scan_ies)(void *priv, const u8 *ies, size_t ies_len); -}; + /** + * set_tdls_mode - Set TDLS trigger mode to the host driver + * @priv: Private driver interface data + * @tdls_external_control: Represents if TDLS external trigger control + * mode is enabled/disabled. + * + * This optional callback can be used to configure the TDLS external + * trigger control mode to the host driver. + */ + int (*set_tdls_mode)(void *priv, int tdls_external_control); + /** + * get_bss_transition_status - Get candidate BSS's transition status + * @priv: Private driver interface data + * @params: Candidate BSS list + * + * Get the accept or reject reason code for a list of BSS transition + * candidates. + */ + struct wpa_bss_candidate_info * + (*get_bss_transition_status)(void *priv, + struct wpa_bss_trans_info *params); + /** + * ignore_assoc_disallow - Configure driver to ignore assoc_disallow + * @priv: Private driver interface data + * @ignore_disallow: 0 to not ignore, 1 to ignore + * Returns: 0 on success, -1 on failure + */ + int (*ignore_assoc_disallow)(void *priv, int ignore_disallow); + + /** + * set_bssid_blacklist - Set blacklist of BSSIDs to the driver + * @priv: Private driver interface data + * @num_bssid: Number of blacklist BSSIDs + * @bssids: List of blacklisted BSSIDs + */ + int (*set_bssid_blacklist)(void *priv, unsigned int num_bssid, + const u8 *bssid); + + /** + * update_connect_params - Update the connection parameters + * @priv: Private driver interface data + * @params: Association parameters + * @mask: Bit mask indicating which parameters in @params have to be + * updated + * Returns: 0 on success, -1 on failure + * + * Update the connection parameters when in connected state so that the + * driver uses the updated parameters for subsequent roaming. This is + * used only with drivers that implement internal BSS selection and + * roaming. + */ + int (*update_connect_params)( + void *priv, struct wpa_driver_associate_params *params, + enum wpa_drv_update_connect_params_mask mask); + + /** + * send_external_auth_status - Indicate the status of external + * authentication processing to the host driver. + * @priv: Private driver interface data + * @params: Status of authentication processing. + * Returns: 0 on success, -1 on failure + */ + int (*send_external_auth_status)(void *priv, + struct external_auth *params); +}; /** * enum wpa_event_type - Event type for wpa_supplicant_event() calls @@ -3734,17 +4202,6 @@ enum wpa_event_type { EVENT_PMKID_CANDIDATE, /** - * EVENT_STKSTART - Request STK handshake (MLME-STKSTART.request) - * - * This event can be used to inform wpa_supplicant about desire to set - * up secure direct link connection between two stations as defined in - * IEEE 802.11e with a new PeerKey mechanism that replaced the original - * STAKey negotiation. The caller will need to set peer address for the - * event. - */ - EVENT_STKSTART, - - /** * EVENT_TDLS - Request TDLS operation * * This event can be used to request a TDLS operation to be performed. @@ -4043,7 +4500,7 @@ enum wpa_event_type { * EVENT_DFS_CAC_ABORTED - Notify that channel availability check has been aborted * * The CAC was not successful, and the channel remains in the previous - * state. This may happen due to a radar beeing detected or other + * state. This may happen due to a radar being detected or other * external influences. */ EVENT_DFS_CAC_ABORTED, @@ -4112,6 +4569,65 @@ enum wpa_event_type { * EVENT_P2P_LO_STOP - Notify that P2P listen offload is stopped */ EVENT_P2P_LO_STOP, + + /** + * EVENT_BEACON_LOSS - Beacon loss detected + * + * This event indicates that no Beacon frames has been received from + * the current AP. This may indicate that the AP is not anymore in + * range. + */ + EVENT_BEACON_LOSS, + + /** + * EVENT_DFS_PRE_CAC_EXPIRED - Notify that channel availability check + * done previously (Pre-CAC) on the channel has expired. This would + * normally be on a non-ETSI DFS regulatory domain. DFS state of the + * channel will be moved from available to usable. A new CAC has to be + * performed before start operating on this channel. + */ + EVENT_DFS_PRE_CAC_EXPIRED, + + /** + * EVENT_EXTERNAL_AUTH - This event interface is used by host drivers + * that do not define separate commands for authentication and + * association (~WPA_DRIVER_FLAGS_SME) but offload the 802.11 + * authentication to wpa_supplicant. This event carries all the + * necessary information from the host driver for the authentication to + * happen. + */ + EVENT_EXTERNAL_AUTH, + + /** + * EVENT_PORT_AUTHORIZED - Notification that a connection is authorized + * + * This event should be indicated when the driver completes the 4-way + * handshake. This event should be preceded by an EVENT_ASSOC that + * indicates the completion of IEEE 802.11 association. + */ + EVENT_PORT_AUTHORIZED, + + /** + * EVENT_STATION_OPMODE_CHANGED - Notify STA's HT/VHT operation mode + * change event. + */ + EVENT_STATION_OPMODE_CHANGED, + + /** + * EVENT_INTERFACE_MAC_CHANGED - Notify that interface MAC changed + * + * This event is emitted when the MAC changes while the interface is + * enabled. When an interface was disabled and becomes enabled, it + * must be always assumed that the MAC possibly changed. + */ + EVENT_INTERFACE_MAC_CHANGED, + + /** + * EVENT_WDS_STA_INTERFACE_STATUS - Notify WDS STA interface status + * + * This event is emitted when an interface is added/removed for WDS STA. + */ + EVENT_WDS_STA_INTERFACE_STATUS, }; @@ -4204,6 +4720,16 @@ union wpa_event_data { size_t resp_ies_len; /** + * resp_frame - (Re)Association Response frame + */ + const u8 *resp_frame; + + /** + * resp_frame_len - (Re)Association Response frame length + */ + size_t resp_frame_len; + + /** * beacon_ies - Beacon or Probe Response IEs * * Optional Beacon/ProbeResp data: IEs included in Beacon or @@ -4280,6 +4806,8 @@ union wpa_event_data { /** * ptk_kek - The derived PTK KEK + * This is used in key management offload and also in FILS SK + * offload. */ const u8 *ptk_kek; @@ -4293,6 +4821,36 @@ union wpa_event_data { * 0 = unknown, 1 = unchanged, 2 = changed */ u8 subnet_status; + + /** + * The following information is used in FILS SK offload + * @fils_erp_next_seq_num + * @fils_pmk + * @fils_pmk_len + * @fils_pmkid + */ + + /** + * fils_erp_next_seq_num - The next sequence number to use in + * FILS ERP messages + */ + u16 fils_erp_next_seq_num; + + /** + * fils_pmk - A new PMK if generated in case of FILS + * authentication + */ + const u8 *fils_pmk; + + /** + * fils_pmk_len - Length of fils_pmk + */ + size_t fils_pmk_len; + + /** + * fils_pmkid - PMKID used or generated in FILS authentication + */ + const u8 *fils_pmkid; } assoc_info; /** @@ -4389,13 +4947,6 @@ union wpa_event_data { } pmkid_candidate; /** - * struct stkstart - Data for EVENT_STKSTART - */ - struct stkstart { - u8 peer[ETH_ALEN]; - } stkstart; - - /** * struct tdls - Data for EVENT_TDLS */ struct tdls { @@ -4503,6 +5054,17 @@ union wpa_event_data { * than explicit rejection response from the AP. */ int timed_out; + + /** + * timeout_reason - Reason for the timeout + */ + const char *timeout_reason; + + /** + * fils_erp_next_seq_num - The next sequence number to use in + * FILS ERP messages + */ + u16 fils_erp_next_seq_num; } assoc_reject; struct timeout_event { @@ -4586,6 +5148,11 @@ union wpa_event_data { * @external_scan: Whether the scan info is for an external scan * @nl_scan_event: 1 if the source of this scan event is a normal scan, * 0 if the source of the scan event is a vendor scan + * @scan_start_tsf: Time when the scan started in terms of TSF of the + * BSS that the interface that requested the scan is connected to + * (if available). + * @scan_start_tsf_bssid: The BSSID according to which %scan_start_tsf + * is set. */ struct scan_info { int aborted; @@ -4595,6 +5162,8 @@ union wpa_event_data { size_t num_ssids; int external_scan; int nl_scan_event; + u64 scan_start_tsf; + u8 scan_start_tsf_bssid[ETH_ALEN]; } scan_info; /** @@ -4684,9 +5253,12 @@ union wpa_event_data { /** * struct low_ack - Data for EVENT_STATION_LOW_ACK events * @addr: station address + * @num_packets: Number of packets lost (consecutive packets not + * acknowledged) */ struct low_ack { u8 addr[ETH_ALEN]; + u32 num_packets; } low_ack; /** @@ -4858,6 +5430,37 @@ union wpa_event_data { P2P_LO_STOPPED_REASON_NOT_SUPPORTED, } reason_code; } p2p_lo_stop; + + /* For EVENT_EXTERNAL_AUTH */ + struct external_auth external_auth; + + /** + * struct sta_opmode - Station's operation mode change event + * @addr: The station MAC address + * @smps_mode: SMPS mode of the station + * @chan_width: Channel width of the station + * @rx_nss: RX_NSS of the station + * + * This is used as data with EVENT_STATION_OPMODE_CHANGED. + */ + struct sta_opmode { + const u8 *addr; + enum smps_mode smps_mode; + enum chan_width chan_width; + u8 rx_nss; + } sta_opmode; + + /** + * struct wds_sta_interface - Data for EVENT_WDS_STA_INTERFACE_STATUS. + */ + struct wds_sta_interface { + const u8 *sta_addr; + const char *ifname; + enum { + INTERFACE_ADDED, + INTERFACE_REMOVED + } istatus; + } wds_sta_interface; }; /** @@ -4973,6 +5576,10 @@ extern const struct wpa_driver_ops wpa_driver_wired_ops; /* driver_wired.c */ /* driver_macsec_qca.c */ extern const struct wpa_driver_ops wpa_driver_macsec_qca_ops; #endif /* CONFIG_DRIVER_MACSEC_QCA */ +#ifdef CONFIG_DRIVER_MACSEC_LINUX +/* driver_macsec_linux.c */ +extern const struct wpa_driver_ops wpa_driver_macsec_linux_ops; +#endif /* CONFIG_DRIVER_MACSEC_LINUX */ #ifdef CONFIG_DRIVER_ROBOSWITCH /* driver_roboswitch.c */ extern const struct wpa_driver_ops wpa_driver_roboswitch_ops; diff --git a/contrib/wpa/src/drivers/driver_common.c b/contrib/wpa/src/drivers/driver_common.c index c7107ba899b0..ac0916e4061f 100644 --- a/contrib/wpa/src/drivers/driver_common.c +++ b/contrib/wpa/src/drivers/driver_common.c @@ -1,6 +1,6 @@ /* * Common driver-related functions - * Copyright (c) 2003-2011, Jouni Malinen <j@w1.fi> + * Copyright (c) 2003-2017, Jouni Malinen <j@w1.fi> * * This software may be distributed under the terms of the BSD license. * See README for more details. @@ -35,7 +35,6 @@ const char * event_to_string(enum wpa_event_type event) E2S(ASSOCINFO); E2S(INTERFACE_STATUS); E2S(PMKID_CANDIDATE); - E2S(STKSTART); E2S(TDLS); E2S(FT_RESPONSE); E2S(IBSS_RSN_START); @@ -81,6 +80,13 @@ const char * event_to_string(enum wpa_event_type event) E2S(ACS_CHANNEL_SELECTED); E2S(DFS_CAC_STARTED); E2S(P2P_LO_STOP); + E2S(BEACON_LOSS); + E2S(DFS_PRE_CAC_EXPIRED); + E2S(EXTERNAL_AUTH); + E2S(PORT_AUTHORIZED); + E2S(STATION_OPMODE_CHANGED); + E2S(INTERFACE_MAC_CHANGED); + E2S(WDS_STA_INTERFACE_STATUS); } return "UNKNOWN"; @@ -267,6 +273,19 @@ const char * driver_flag_to_string(u64 flag) DF2S(OFFCHANNEL_SIMULTANEOUS); DF2S(FULL_AP_CLIENT_STATE); DF2S(P2P_LISTEN_OFFLOAD); + DF2S(SUPPORT_FILS); + DF2S(BEACON_RATE_LEGACY); + DF2S(BEACON_RATE_HT); + DF2S(BEACON_RATE_VHT); + DF2S(MGMT_TX_RANDOM_TA); + DF2S(MGMT_TX_RANDOM_TA_CONNECTED); + DF2S(SCHED_SCAN_RELATIVE_RSSI); + DF2S(HE_CAPABILITIES); + DF2S(FILS_SK_OFFLOAD); + DF2S(OCE_STA); + DF2S(OCE_AP); + DF2S(OCE_STA_CFON); + DF2S(MFP_OPTIONAL); } return "UNKNOWN"; #undef DF2S diff --git a/contrib/wpa/src/drivers/driver_macsec_linux.c b/contrib/wpa/src/drivers/driver_macsec_linux.c new file mode 100644 index 000000000000..4f6629f5aaa2 --- /dev/null +++ b/contrib/wpa/src/drivers/driver_macsec_linux.c @@ -0,0 +1,1310 @@ +/* + * Driver interaction with Linux MACsec kernel module + * Copyright (c) 2016, Sabrina Dubroca <sd@queasysnail.net> and Red Hat, Inc. + * + * This software may be distributed under the terms of the BSD license. + * See README for more details. + */ + +#include "includes.h" +#include <sys/ioctl.h> +#include <net/if.h> +#include <netpacket/packet.h> +#include <net/if_arp.h> +#include <net/if.h> +#include <netlink/netlink.h> +#include <netlink/genl/genl.h> +#include <netlink/genl/ctrl.h> +#include <netlink/route/link.h> +#include <netlink/route/link/macsec.h> +#include <linux/if_macsec.h> +#include <inttypes.h> + +#include "utils/common.h" +#include "utils/eloop.h" +#include "pae/ieee802_1x_kay.h" +#include "driver.h" +#include "driver_wired_common.h" + +#define DRV_PREFIX "macsec_linux: " + +#define UNUSED_SCI 0xffffffffffffffff + +struct cb_arg { + struct macsec_drv_data *drv; + u32 *pn; + int ifindex; + u8 txsa; + u8 rxsa; + u64 rxsci; +}; + +struct macsec_genl_ctx { + struct nl_sock *sk; + int macsec_genl_id; + struct cb_arg cb_arg; +}; + +struct macsec_drv_data { + struct driver_wired_common_data common; + struct rtnl_link *link; + struct nl_cache *link_cache; + struct nl_sock *sk; + struct macsec_genl_ctx ctx; + + struct netlink_data *netlink; + struct nl_handle *nl; + char ifname[IFNAMSIZ + 1]; + int ifi; + int parent_ifi; + + Boolean created_link; + + Boolean controlled_port_enabled; + Boolean controlled_port_enabled_set; + + Boolean protect_frames; + Boolean protect_frames_set; + + Boolean encrypt; + Boolean encrypt_set; + + Boolean replay_protect; + Boolean replay_protect_set; + + u32 replay_window; + + u8 encoding_sa; + Boolean encoding_sa_set; +}; + + +static int dump_callback(struct nl_msg *msg, void *argp); + + +static struct nl_msg * msg_prepare(enum macsec_nl_commands cmd, + const struct macsec_genl_ctx *ctx, + unsigned int ifindex) +{ + struct nl_msg *msg; + + msg = nlmsg_alloc(); + if (!msg) { + wpa_printf(MSG_ERROR, DRV_PREFIX "failed to alloc message"); + return NULL; + } + + if (!genlmsg_put(msg, 0, 0, ctx->macsec_genl_id, 0, 0, cmd, 0)) { + wpa_printf(MSG_ERROR, DRV_PREFIX "failed to put header"); + goto nla_put_failure; + } + + NLA_PUT_U32(msg, MACSEC_ATTR_IFINDEX, ifindex); + + return msg; + +nla_put_failure: + nlmsg_free(msg); + return NULL; +} + + +static int nla_put_rxsc_config(struct nl_msg *msg, u64 sci) +{ + struct nlattr *nest = nla_nest_start(msg, MACSEC_ATTR_RXSC_CONFIG); + + if (!nest) + return -1; + + NLA_PUT_U64(msg, MACSEC_RXSC_ATTR_SCI, sci); + + nla_nest_end(msg, nest); + + return 0; + +nla_put_failure: + return -1; +} + + +static int init_genl_ctx(struct macsec_drv_data *drv) +{ + struct macsec_genl_ctx *ctx = &drv->ctx; + + ctx->sk = nl_socket_alloc(); + if (!ctx->sk) { + wpa_printf(MSG_ERROR, DRV_PREFIX "failed to alloc genl socket"); + return -1; + } + + if (genl_connect(ctx->sk) < 0) { + wpa_printf(MSG_ERROR, + DRV_PREFIX "connection to genl socket failed"); + goto out_free; + } + + ctx->macsec_genl_id = genl_ctrl_resolve(ctx->sk, "macsec"); + if (ctx->macsec_genl_id < 0) { + wpa_printf(MSG_ERROR, DRV_PREFIX "genl resolve failed"); + goto out_free; + } + + memset(&ctx->cb_arg, 0, sizeof(ctx->cb_arg)); + ctx->cb_arg.drv = drv; + + nl_socket_modify_cb(ctx->sk, NL_CB_VALID, NL_CB_CUSTOM, dump_callback, + &ctx->cb_arg); + + return 0; + +out_free: + nl_socket_free(ctx->sk); + ctx->sk = NULL; + return -1; +} + + +static int try_commit(struct macsec_drv_data *drv) +{ + int err; + + if (!drv->sk) + return 0; + + if (!drv->link) + return 0; + + if (drv->controlled_port_enabled_set) { + struct rtnl_link *change = rtnl_link_alloc(); + + if (!change) + return -1; + + rtnl_link_set_name(change, drv->ifname); + + if (drv->controlled_port_enabled) + rtnl_link_set_flags(change, IFF_UP); + else + rtnl_link_unset_flags(change, IFF_UP); + + err = rtnl_link_change(drv->sk, change, change, 0); + if (err < 0) + return err; + + rtnl_link_put(change); + + drv->controlled_port_enabled_set = FALSE; + } + + if (drv->protect_frames_set) + rtnl_link_macsec_set_protect(drv->link, drv->protect_frames); + + if (drv->encrypt_set) + rtnl_link_macsec_set_encrypt(drv->link, drv->encrypt); + + if (drv->replay_protect_set) { + rtnl_link_macsec_set_replay_protect(drv->link, + drv->replay_protect); + if (drv->replay_protect) + rtnl_link_macsec_set_window(drv->link, + drv->replay_window); + } + + if (drv->encoding_sa_set) + rtnl_link_macsec_set_encoding_sa(drv->link, drv->encoding_sa); + + err = rtnl_link_add(drv->sk, drv->link, 0); + if (err < 0) + return err; + + drv->protect_frames_set = FALSE; + drv->encrypt_set = FALSE; + drv->replay_protect_set = FALSE; + + return 0; +} + + +static void macsec_drv_wpa_deinit(void *priv) +{ + struct macsec_drv_data *drv = priv; + + driver_wired_deinit_common(&drv->common); + os_free(drv); +} + + +static int macsec_check_macsec(void) +{ + struct nl_sock *sk; + int err = -1; + + sk = nl_socket_alloc(); + if (!sk) { + wpa_printf(MSG_ERROR, DRV_PREFIX "failed to alloc genl socket"); + return -1; + } + + if (genl_connect(sk) < 0) { + wpa_printf(MSG_ERROR, + DRV_PREFIX "connection to genl socket failed"); + goto out_free; + } + + if (genl_ctrl_resolve(sk, "macsec") < 0) { + wpa_printf(MSG_ERROR, + DRV_PREFIX "genl resolve failed - macsec kernel module not present?"); + goto out_free; + } + + err = 0; + +out_free: + nl_socket_free(sk); + return err; +} + + +static void * macsec_drv_wpa_init(void *ctx, const char *ifname) +{ + struct macsec_drv_data *drv; + + if (macsec_check_macsec() < 0) + return NULL; + + drv = os_zalloc(sizeof(*drv)); + if (!drv) + return NULL; + + if (driver_wired_init_common(&drv->common, ifname, ctx) < 0) { + os_free(drv); + return NULL; + } + + return drv; +} + + +static int macsec_drv_macsec_init(void *priv, struct macsec_init_params *params) +{ + struct macsec_drv_data *drv = priv; + int err; + + wpa_printf(MSG_DEBUG, "%s", __func__); + + drv->sk = nl_socket_alloc(); + if (!drv->sk) + return -1; + + err = nl_connect(drv->sk, NETLINK_ROUTE); + if (err < 0) { + wpa_printf(MSG_ERROR, DRV_PREFIX + "Unable to connect NETLINK_ROUTE socket: %s", + strerror(errno)); + goto sock; + } + + err = rtnl_link_alloc_cache(drv->sk, AF_UNSPEC, &drv->link_cache); + if (err < 0) { + wpa_printf(MSG_ERROR, DRV_PREFIX "Unable to get link cache: %s", + strerror(errno)); + goto sock; + } + + drv->parent_ifi = rtnl_link_name2i(drv->link_cache, drv->common.ifname); + if (drv->parent_ifi == 0) { + wpa_printf(MSG_ERROR, DRV_PREFIX + "couldn't find ifindex for interface %s", + drv->common.ifname); + goto cache; + } + + err = init_genl_ctx(drv); + if (err < 0) + goto cache; + + return 0; + +cache: + nl_cache_free(drv->link_cache); + drv->link_cache = NULL; +sock: + nl_socket_free(drv->sk); + drv->sk = NULL; + return -1; +} + + +static int macsec_drv_macsec_deinit(void *priv) +{ + struct macsec_drv_data *drv = priv; + + wpa_printf(MSG_DEBUG, "%s", __func__); + + if (drv->sk) + nl_socket_free(drv->sk); + drv->sk = NULL; + + if (drv->link_cache) + nl_cache_free(drv->link_cache); + drv->link_cache = NULL; + + if (drv->ctx.sk) + nl_socket_free(drv->ctx.sk); + + return 0; +} + + +static int macsec_drv_get_capability(void *priv, enum macsec_cap *cap) +{ + wpa_printf(MSG_DEBUG, "%s", __func__); + + *cap = MACSEC_CAP_INTEG_AND_CONF; + + return 0; +} + + +/** + * macsec_drv_enable_protect_frames - Set protect frames status + * @priv: Private driver interface data + * @enabled: TRUE = protect frames enabled + * FALSE = protect frames disabled + * Returns: 0 on success, -1 on failure (or if not supported) + */ +static int macsec_drv_enable_protect_frames(void *priv, Boolean enabled) +{ + struct macsec_drv_data *drv = priv; + + wpa_printf(MSG_DEBUG, "%s -> %s", __func__, enabled ? "TRUE" : "FALSE"); + + drv->protect_frames_set = TRUE; + drv->protect_frames = enabled; + + return try_commit(drv); +} + + +/** + * macsec_drv_enable_encrypt - Set protect frames status + * @priv: Private driver interface data + * @enabled: TRUE = protect frames enabled + * FALSE = protect frames disabled + * Returns: 0 on success, -1 on failure (or if not supported) + */ +static int macsec_drv_enable_encrypt(void *priv, Boolean enabled) +{ + struct macsec_drv_data *drv = priv; + + wpa_printf(MSG_DEBUG, "%s -> %s", __func__, enabled ? "TRUE" : "FALSE"); + + drv->encrypt_set = TRUE; + drv->encrypt = enabled; + + return try_commit(drv); +} + + +/** + * macsec_drv_set_replay_protect - Set replay protect status and window size + * @priv: Private driver interface data + * @enabled: TRUE = replay protect enabled + * FALSE = replay protect disabled + * @window: replay window size, valid only when replay protect enabled + * Returns: 0 on success, -1 on failure (or if not supported) + */ +static int macsec_drv_set_replay_protect(void *priv, Boolean enabled, + u32 window) +{ + struct macsec_drv_data *drv = priv; + + wpa_printf(MSG_DEBUG, "%s -> %s, %u", __func__, + enabled ? "TRUE" : "FALSE", window); + + drv->replay_protect_set = TRUE; + drv->replay_protect = enabled; + if (enabled) + drv->replay_window = window; + + return try_commit(drv); +} + + +/** + * macsec_drv_set_current_cipher_suite - Set current cipher suite + * @priv: Private driver interface data + * @cs: EUI64 identifier + * Returns: 0 on success, -1 on failure (or if not supported) + */ +static int macsec_drv_set_current_cipher_suite(void *priv, u64 cs) +{ + wpa_printf(MSG_DEBUG, "%s -> %016" PRIx64, __func__, cs); + return 0; +} + + +/** + * macsec_drv_enable_controlled_port - Set controlled port status + * @priv: Private driver interface data + * @enabled: TRUE = controlled port enabled + * FALSE = controlled port disabled + * Returns: 0 on success, -1 on failure (or if not supported) + */ +static int macsec_drv_enable_controlled_port(void *priv, Boolean enabled) +{ + struct macsec_drv_data *drv = priv; + + wpa_printf(MSG_DEBUG, "%s -> %s", __func__, enabled ? "TRUE" : "FALSE"); + + drv->controlled_port_enabled = enabled; + drv->controlled_port_enabled_set = TRUE; + + return try_commit(drv); +} + + +static struct nla_policy sa_policy[MACSEC_SA_ATTR_MAX + 1] = { + [MACSEC_SA_ATTR_AN] = { .type = NLA_U8 }, + [MACSEC_SA_ATTR_ACTIVE] = { .type = NLA_U8 }, + [MACSEC_SA_ATTR_PN] = { .type = NLA_U32 }, + [MACSEC_SA_ATTR_KEYID] = { .type = NLA_BINARY }, +}; + +static struct nla_policy sc_policy[MACSEC_RXSC_ATTR_MAX + 1] = { + [MACSEC_RXSC_ATTR_SCI] = { .type = NLA_U64 }, + [MACSEC_RXSC_ATTR_ACTIVE] = { .type = NLA_U8 }, + [MACSEC_RXSC_ATTR_SA_LIST] = { .type = NLA_NESTED }, +}; + +static struct nla_policy main_policy[MACSEC_ATTR_MAX + 1] = { + [MACSEC_ATTR_IFINDEX] = { .type = NLA_U32 }, + [MACSEC_ATTR_SECY] = { .type = NLA_NESTED }, + [MACSEC_ATTR_TXSA_LIST] = { .type = NLA_NESTED }, + [MACSEC_ATTR_RXSC_LIST] = { .type = NLA_NESTED }, +}; + +static int dump_callback(struct nl_msg *msg, void *argp) +{ + struct nlmsghdr *ret_hdr = nlmsg_hdr(msg); + struct nlattr *tb_msg[MACSEC_ATTR_MAX + 1]; + struct cb_arg *arg = (struct cb_arg *) argp; + struct genlmsghdr *gnlh = (struct genlmsghdr *) nlmsg_data(ret_hdr); + int err; + + if (ret_hdr->nlmsg_type != arg->drv->ctx.macsec_genl_id) + return 0; + + err = nla_parse(tb_msg, MACSEC_ATTR_MAX, genlmsg_attrdata(gnlh, 0), + genlmsg_attrlen(gnlh, 0), main_policy); + if (err < 0) + return 0; + + if (!tb_msg[MACSEC_ATTR_IFINDEX]) + return 0; + + if (nla_get_u32(tb_msg[MACSEC_ATTR_IFINDEX]) != (u32) arg->ifindex) + return 0; + + if (arg->txsa < 4 && !tb_msg[MACSEC_ATTR_TXSA_LIST]) { + return 0; + } else if (arg->txsa < 4) { + struct nlattr *nla; + int rem; + + nla_for_each_nested(nla, tb_msg[MACSEC_ATTR_TXSA_LIST], rem) { + struct nlattr *tb[MACSEC_SA_ATTR_MAX + 1]; + + err = nla_parse_nested(tb, MACSEC_SA_ATTR_MAX, nla, + sa_policy); + if (err < 0) + continue; + if (!tb[MACSEC_SA_ATTR_AN]) + continue; + if (nla_get_u8(tb[MACSEC_SA_ATTR_AN]) != arg->txsa) + continue; + if (!tb[MACSEC_SA_ATTR_PN]) + return 0; + *arg->pn = nla_get_u32(tb[MACSEC_SA_ATTR_PN]); + return 0; + } + + return 0; + } + + if (arg->rxsci == UNUSED_SCI) + return 0; + + if (tb_msg[MACSEC_ATTR_RXSC_LIST]) { + struct nlattr *nla; + int rem; + + nla_for_each_nested(nla, tb_msg[MACSEC_ATTR_RXSC_LIST], rem) { + struct nlattr *tb[MACSEC_RXSC_ATTR_MAX + 1]; + + err = nla_parse_nested(tb, MACSEC_RXSC_ATTR_MAX, nla, + sc_policy); + if (err < 0) + return 0; + if (!tb[MACSEC_RXSC_ATTR_SCI]) + continue; + if (nla_get_u64(tb[MACSEC_RXSC_ATTR_SCI]) != arg->rxsci) + continue; + if (!tb[MACSEC_RXSC_ATTR_SA_LIST]) + return 0; + + nla_for_each_nested(nla, tb[MACSEC_RXSC_ATTR_SA_LIST], + rem) { + struct nlattr *tb_sa[MACSEC_SA_ATTR_MAX + 1]; + + err = nla_parse_nested(tb_sa, + MACSEC_SA_ATTR_MAX, nla, + sa_policy); + if (err < 0) + continue; + if (!tb_sa[MACSEC_SA_ATTR_AN]) + continue; + if (nla_get_u8(tb_sa[MACSEC_SA_ATTR_AN]) != + arg->rxsa) + continue; + if (!tb_sa[MACSEC_SA_ATTR_PN]) + return 0; + *arg->pn = + nla_get_u32(tb_sa[MACSEC_SA_ATTR_PN]); + + return 0; + } + + return 0; + } + + return 0; + } + + return 0; +} + + +static int nl_send_recv(struct nl_sock *sk, struct nl_msg *msg) +{ + int ret; + + ret = nl_send_auto_complete(sk, msg); + if (ret < 0) { + wpa_printf(MSG_ERROR, DRV_PREFIX "%s: failed to send: %d (%s)", + __func__, ret, nl_geterror(-ret)); + return ret; + } + + ret = nl_recvmsgs_default(sk); + if (ret < 0) { + wpa_printf(MSG_ERROR, DRV_PREFIX "%s: failed to recv: %d (%s)", + __func__, ret, nl_geterror(-ret)); + } + + return ret; +} + + +static int do_dump(struct macsec_drv_data *drv, u8 txsa, u64 rxsci, u8 rxsa, + u32 *pn) +{ + struct macsec_genl_ctx *ctx = &drv->ctx; + struct nl_msg *msg; + int ret = 1; + + ctx->cb_arg.ifindex = drv->ifi; + ctx->cb_arg.rxsci = rxsci; + ctx->cb_arg.rxsa = rxsa; + ctx->cb_arg.txsa = txsa; + ctx->cb_arg.pn = pn; + + msg = nlmsg_alloc(); + if (!msg) { + wpa_printf(MSG_ERROR, DRV_PREFIX "%s: failed to alloc message", + __func__); + return 1; + } + + if (!genlmsg_put(msg, NL_AUTO_PORT, NL_AUTO_SEQ, ctx->macsec_genl_id, 0, + NLM_F_DUMP, MACSEC_CMD_GET_TXSC, 0)) { + wpa_printf(MSG_ERROR, DRV_PREFIX "%s: failed to put header", + __func__); + goto out_free_msg; + } + + ret = nl_send_recv(ctx->sk, msg); + if (ret < 0) + wpa_printf(MSG_ERROR, + DRV_PREFIX "failed to communicate: %d (%s)", + ret, nl_geterror(-ret)); + + ctx->cb_arg.pn = NULL; + +out_free_msg: + nlmsg_free(msg); + return ret; +} + + +/** + * macsec_drv_get_receive_lowest_pn - Get receive lowest PN + * @priv: Private driver interface data + * @sa: secure association + * Returns: 0 on success, -1 on failure (or if not supported) + */ +static int macsec_drv_get_receive_lowest_pn(void *priv, struct receive_sa *sa) +{ + struct macsec_drv_data *drv = priv; + int err; + + wpa_printf(MSG_DEBUG, DRV_PREFIX "%s", __func__); + + err = do_dump(drv, 0xff, mka_sci_u64(&sa->sc->sci), sa->an, + &sa->lowest_pn); + wpa_printf(MSG_DEBUG, DRV_PREFIX "%s: result %d", __func__, + sa->lowest_pn); + + return err; +} + + +/** + * macsec_drv_get_transmit_next_pn - Get transmit next PN + * @priv: Private driver interface data + * @sa: secure association + * Returns: 0 on success, -1 on failure (or if not supported) + */ +static int macsec_drv_get_transmit_next_pn(void *priv, struct transmit_sa *sa) +{ + struct macsec_drv_data *drv = priv; + int err; + + wpa_printf(MSG_DEBUG, "%s", __func__); + + err = do_dump(drv, sa->an, UNUSED_SCI, 0xff, &sa->next_pn); + wpa_printf(MSG_DEBUG, DRV_PREFIX "%s: err %d result %d", __func__, err, + sa->next_pn); + return err; +} + + +/** + * macsec_drv_set_transmit_next_pn - Set transmit next pn + * @priv: Private driver interface data + * @sa: secure association + * Returns: 0 on success, -1 on failure (or if not supported) + */ +static int macsec_drv_set_transmit_next_pn(void *priv, struct transmit_sa *sa) +{ + struct macsec_drv_data *drv = priv; + struct macsec_genl_ctx *ctx = &drv->ctx; + struct nl_msg *msg; + struct nlattr *nest; + int ret = -1; + + wpa_printf(MSG_DEBUG, "%s -> %d: %d", __func__, sa->an, sa->next_pn); + + msg = msg_prepare(MACSEC_CMD_UPD_TXSA, ctx, drv->ifi); + if (!msg) + return ret; + + nest = nla_nest_start(msg, MACSEC_ATTR_SA_CONFIG); + if (!nest) + goto nla_put_failure; + + NLA_PUT_U8(msg, MACSEC_SA_ATTR_AN, sa->an); + NLA_PUT_U32(msg, MACSEC_SA_ATTR_PN, sa->next_pn); + + nla_nest_end(msg, nest); + + ret = nl_send_recv(ctx->sk, msg); + if (ret < 0) { + wpa_printf(MSG_ERROR, + DRV_PREFIX "failed to communicate: %d (%s)", + ret, nl_geterror(-ret)); + } + +nla_put_failure: + nlmsg_free(msg); + return ret; +} + + +#define SCISTR MACSTR "::%hx" +#define SCI2STR(addr, port) MAC2STR(addr), htons(port) + +/** + * macsec_drv_create_receive_sc - Create secure channel for receiving + * @priv: Private driver interface data + * @sc: secure channel + * @sci_addr: secure channel identifier - address + * @sci_port: secure channel identifier - port + * @conf_offset: confidentiality offset (0, 30, or 50) + * @validation: frame validation policy (0 = Disabled, 1 = Checked, + * 2 = Strict) + * Returns: 0 on success, -1 on failure (or if not supported) + */ +static int macsec_drv_create_receive_sc(void *priv, struct receive_sc *sc, + unsigned int conf_offset, + int validation) +{ + struct macsec_drv_data *drv = priv; + struct macsec_genl_ctx *ctx = &drv->ctx; + struct nl_msg *msg; + int ret = -1; + + wpa_printf(MSG_DEBUG, "%s -> " SCISTR, __func__, + SCI2STR(sc->sci.addr, sc->sci.port)); + + msg = msg_prepare(MACSEC_CMD_ADD_RXSC, ctx, drv->ifi); + if (!msg) + return ret; + + if (nla_put_rxsc_config(msg, mka_sci_u64(&sc->sci))) + goto nla_put_failure; + + ret = nl_send_recv(ctx->sk, msg); + if (ret < 0) { + wpa_printf(MSG_ERROR, + DRV_PREFIX "%s: failed to communicate: %d (%s)", + __func__, ret, nl_geterror(-ret)); + } + +nla_put_failure: + nlmsg_free(msg); + return ret; +} + + +/** + * macsec_drv_delete_receive_sc - Delete secure connection for receiving + * @priv: private driver interface data from init() + * @sc: secure channel + * Returns: 0 on success, -1 on failure + */ +static int macsec_drv_delete_receive_sc(void *priv, struct receive_sc *sc) +{ + struct macsec_drv_data *drv = priv; + struct macsec_genl_ctx *ctx = &drv->ctx; + struct nl_msg *msg; + int ret = -1; + + wpa_printf(MSG_DEBUG, "%s -> " SCISTR, __func__, + SCI2STR(sc->sci.addr, sc->sci.port)); + + msg = msg_prepare(MACSEC_CMD_DEL_RXSC, ctx, drv->ifi); + if (!msg) + return ret; + + if (nla_put_rxsc_config(msg, mka_sci_u64(&sc->sci))) + goto nla_put_failure; + + ret = nl_send_recv(ctx->sk, msg); + if (ret < 0) { + wpa_printf(MSG_ERROR, + DRV_PREFIX "%s: failed to communicate: %d (%s)", + __func__, ret, nl_geterror(-ret)); + } + +nla_put_failure: + nlmsg_free(msg); + return ret; +} + + +/** + * macsec_drv_create_receive_sa - Create secure association for receive + * @priv: private driver interface data from init() + * @sa: secure association + * Returns: 0 on success, -1 on failure + */ +static int macsec_drv_create_receive_sa(void *priv, struct receive_sa *sa) +{ + struct macsec_drv_data *drv = priv; + struct macsec_genl_ctx *ctx = &drv->ctx; + struct nl_msg *msg; + struct nlattr *nest; + int ret = -1; + + wpa_printf(MSG_DEBUG, "%s -> %d on " SCISTR, __func__, sa->an, + SCI2STR(sa->sc->sci.addr, sa->sc->sci.port)); + + msg = msg_prepare(MACSEC_CMD_ADD_RXSA, ctx, drv->ifi); + if (!msg) + return ret; + + if (nla_put_rxsc_config(msg, mka_sci_u64(&sa->sc->sci))) + goto nla_put_failure; + + nest = nla_nest_start(msg, MACSEC_ATTR_SA_CONFIG); + if (!nest) + goto nla_put_failure; + + NLA_PUT_U8(msg, MACSEC_SA_ATTR_AN, sa->an); + NLA_PUT_U8(msg, MACSEC_SA_ATTR_ACTIVE, sa->enable_receive); + NLA_PUT_U32(msg, MACSEC_SA_ATTR_PN, sa->next_pn); + NLA_PUT(msg, MACSEC_SA_ATTR_KEYID, sizeof(sa->pkey->key_identifier), + &sa->pkey->key_identifier); + NLA_PUT(msg, MACSEC_SA_ATTR_KEY, sa->pkey->key_len, sa->pkey->key); + + nla_nest_end(msg, nest); + + ret = nl_send_recv(ctx->sk, msg); + if (ret < 0) { + wpa_printf(MSG_ERROR, + DRV_PREFIX "%s: failed to communicate: %d (%s)", + __func__, ret, nl_geterror(-ret)); + } + +nla_put_failure: + nlmsg_free(msg); + return ret; +} + + +/** + * macsec_drv_delete_receive_sa - Delete secure association for receive + * @priv: private driver interface data from init() + * @sa: secure association + * Returns: 0 on success, -1 on failure + */ +static int macsec_drv_delete_receive_sa(void *priv, struct receive_sa *sa) +{ + struct macsec_drv_data *drv = priv; + struct macsec_genl_ctx *ctx = &drv->ctx; + struct nl_msg *msg; + struct nlattr *nest; + int ret = -1; + + wpa_printf(MSG_DEBUG, "%s -> %d on " SCISTR, __func__, sa->an, + SCI2STR(sa->sc->sci.addr, sa->sc->sci.port)); + + msg = msg_prepare(MACSEC_CMD_DEL_RXSA, ctx, drv->ifi); + if (!msg) + return ret; + + if (nla_put_rxsc_config(msg, mka_sci_u64(&sa->sc->sci))) + goto nla_put_failure; + + nest = nla_nest_start(msg, MACSEC_ATTR_SA_CONFIG); + if (!nest) + goto nla_put_failure; + + NLA_PUT_U8(msg, MACSEC_SA_ATTR_AN, sa->an); + + nla_nest_end(msg, nest); + + ret = nl_send_recv(ctx->sk, msg); + if (ret < 0) { + wpa_printf(MSG_ERROR, + DRV_PREFIX "%s: failed to communicate: %d (%s)", + __func__, ret, nl_geterror(-ret)); + } + +nla_put_failure: + nlmsg_free(msg); + return ret; +} + + +static int set_active_rx_sa(const struct macsec_genl_ctx *ctx, int ifindex, + u64 sci, unsigned char an, Boolean state) +{ + struct nl_msg *msg; + struct nlattr *nest; + int ret = -1; + + msg = msg_prepare(MACSEC_CMD_UPD_RXSA, ctx, ifindex); + if (!msg) + return ret; + + if (nla_put_rxsc_config(msg, sci)) + goto nla_put_failure; + + nest = nla_nest_start(msg, MACSEC_ATTR_SA_CONFIG); + if (!nest) + goto nla_put_failure; + + NLA_PUT_U8(msg, MACSEC_SA_ATTR_AN, an); + NLA_PUT_U8(msg, MACSEC_SA_ATTR_ACTIVE, !!state); + + nla_nest_end(msg, nest); + + ret = nl_send_recv(ctx->sk, msg); + if (ret < 0) + wpa_printf(MSG_ERROR, + DRV_PREFIX "%s: failed to communicate: %d (%s)", + __func__, ret, nl_geterror(-ret)); + +nla_put_failure: + nlmsg_free(msg); + return ret; +} + + +/** + * macsec_drv_enable_receive_sa - Enable the SA for receive + * @priv: private driver interface data from init() + * @sa: secure association + * Returns: 0 on success, -1 on failure + */ +static int macsec_drv_enable_receive_sa(void *priv, struct receive_sa *sa) +{ + struct macsec_drv_data *drv = priv; + struct macsec_genl_ctx *ctx = &drv->ctx; + + wpa_printf(MSG_DEBUG, "%s -> %d on " SCISTR, __func__, sa->an, + SCI2STR(sa->sc->sci.addr, sa->sc->sci.port)); + + return set_active_rx_sa(ctx, drv->ifi, mka_sci_u64(&sa->sc->sci), + sa->an, TRUE); +} + + +/** + * macsec_drv_disable_receive_sa - Disable SA for receive + * @priv: private driver interface data from init() + * @sa: secure association + * Returns: 0 on success, -1 on failure + */ +static int macsec_drv_disable_receive_sa(void *priv, struct receive_sa *sa) +{ + struct macsec_drv_data *drv = priv; + struct macsec_genl_ctx *ctx = &drv->ctx; + + wpa_printf(MSG_DEBUG, "%s -> %d on " SCISTR, __func__, sa->an, + SCI2STR(sa->sc->sci.addr, sa->sc->sci.port)); + + return set_active_rx_sa(ctx, drv->ifi, mka_sci_u64(&sa->sc->sci), + sa->an, FALSE); +} + + +static struct rtnl_link * lookup_sc(struct nl_cache *cache, int parent, u64 sci) +{ + struct rtnl_link *needle; + void *match; + + needle = rtnl_link_macsec_alloc(); + if (!needle) + return NULL; + + rtnl_link_set_link(needle, parent); + rtnl_link_macsec_set_sci(needle, sci); + + match = nl_cache_find(cache, (struct nl_object *) needle); + rtnl_link_put(needle); + + return (struct rtnl_link *) match; +} + + +/** + * macsec_drv_create_transmit_sc - Create secure connection for transmit + * @priv: private driver interface data from init() + * @sc: secure channel + * @conf_offset: confidentiality offset + * Returns: 0 on success, -1 on failure + */ +static int macsec_drv_create_transmit_sc( + void *priv, struct transmit_sc *sc, + unsigned int conf_offset) +{ + struct macsec_drv_data *drv = priv; + struct rtnl_link *link; + char *ifname; + u64 sci; + int err; + + wpa_printf(MSG_DEBUG, "%s", __func__); + + if (!drv->sk) { + wpa_printf(MSG_ERROR, DRV_PREFIX "NULL rtnl socket"); + return -1; + } + + link = rtnl_link_macsec_alloc(); + if (!link) { + wpa_printf(MSG_ERROR, DRV_PREFIX "couldn't allocate link"); + return -1; + } + + rtnl_link_set_link(link, drv->parent_ifi); + + sci = mka_sci_u64(&sc->sci); + rtnl_link_macsec_set_sci(link, sci); + + drv->created_link = TRUE; + + err = rtnl_link_add(drv->sk, link, NLM_F_CREATE); + if (err == -NLE_BUSY) { + wpa_printf(MSG_INFO, + DRV_PREFIX "link already exists, using it"); + drv->created_link = FALSE; + } else if (err < 0) { + rtnl_link_put(link); + wpa_printf(MSG_ERROR, DRV_PREFIX "couldn't create link: err %d", + err); + return err; + } + + rtnl_link_put(link); + + nl_cache_refill(drv->sk, drv->link_cache); + link = lookup_sc(drv->link_cache, drv->parent_ifi, sci); + if (!link) { + wpa_printf(MSG_ERROR, DRV_PREFIX "couldn't find link"); + return -1; + } + + drv->ifi = rtnl_link_get_ifindex(link); + ifname = rtnl_link_get_name(link); + os_strlcpy(drv->ifname, ifname, sizeof(drv->ifname)); + rtnl_link_put(link); + + drv->link = rtnl_link_macsec_alloc(); + if (!drv->link) { + wpa_printf(MSG_ERROR, DRV_PREFIX "couldn't allocate link"); + return -1; + } + + rtnl_link_set_name(drv->link, drv->ifname); + + /* In case some settings have already been done but we couldn't apply + * them. */ + return try_commit(drv); +} + + +/** + * macsec_drv_delete_transmit_sc - Delete secure connection for transmit + * @priv: private driver interface data from init() + * @sc: secure channel + * Returns: 0 on success, -1 on failure + */ +static int macsec_drv_delete_transmit_sc(void *priv, struct transmit_sc *sc) +{ + struct macsec_drv_data *drv = priv; + int err; + + wpa_printf(MSG_DEBUG, "%s", __func__); + + if (!drv->sk) + return 0; + + if (!drv->created_link) { + rtnl_link_put(drv->link); + drv->link = NULL; + wpa_printf(MSG_DEBUG, DRV_PREFIX + "we didn't create the link, leave it alone"); + return 0; + } + + err = rtnl_link_delete(drv->sk, drv->link); + if (err < 0) + wpa_printf(MSG_ERROR, DRV_PREFIX "couldn't delete link"); + rtnl_link_put(drv->link); + drv->link = NULL; + + return err; +} + + +/** + * macsec_drv_create_transmit_sa - Create secure association for transmit + * @priv: private driver interface data from init() + * @sa: secure association + * Returns: 0 on success, -1 on failure + */ +static int macsec_drv_create_transmit_sa(void *priv, struct transmit_sa *sa) +{ + struct macsec_drv_data *drv = priv; + struct macsec_genl_ctx *ctx = &drv->ctx; + struct nl_msg *msg; + struct nlattr *nest; + int ret = -1; + + wpa_printf(MSG_DEBUG, "%s -> %d", __func__, sa->an); + + msg = msg_prepare(MACSEC_CMD_ADD_TXSA, ctx, drv->ifi); + if (!msg) + return ret; + + nest = nla_nest_start(msg, MACSEC_ATTR_SA_CONFIG); + if (!nest) + goto nla_put_failure; + + NLA_PUT_U8(msg, MACSEC_SA_ATTR_AN, sa->an); + NLA_PUT_U32(msg, MACSEC_SA_ATTR_PN, sa->next_pn); + NLA_PUT(msg, MACSEC_SA_ATTR_KEYID, sizeof(sa->pkey->key_identifier), + &sa->pkey->key_identifier); + NLA_PUT(msg, MACSEC_SA_ATTR_KEY, sa->pkey->key_len, sa->pkey->key); + NLA_PUT_U8(msg, MACSEC_SA_ATTR_ACTIVE, sa->enable_transmit); + + nla_nest_end(msg, nest); + + ret = nl_send_recv(ctx->sk, msg); + if (ret < 0) { + wpa_printf(MSG_ERROR, + DRV_PREFIX "%s: failed to communicate: %d (%s)", + __func__, ret, nl_geterror(-ret)); + } + +nla_put_failure: + nlmsg_free(msg); + return ret; +} + + +/** + * macsec_drv_delete_transmit_sa - Delete secure association for transmit + * @priv: private driver interface data from init() + * @sa: secure association + * Returns: 0 on success, -1 on failure + */ +static int macsec_drv_delete_transmit_sa(void *priv, struct transmit_sa *sa) +{ + struct macsec_drv_data *drv = priv; + struct macsec_genl_ctx *ctx = &drv->ctx; + struct nl_msg *msg; + struct nlattr *nest; + int ret = -1; + + wpa_printf(MSG_DEBUG, "%s -> %d", __func__, sa->an); + + msg = msg_prepare(MACSEC_CMD_DEL_TXSA, ctx, drv->ifi); + if (!msg) + return ret; + + nest = nla_nest_start(msg, MACSEC_ATTR_SA_CONFIG); + if (!nest) + goto nla_put_failure; + + NLA_PUT_U8(msg, MACSEC_SA_ATTR_AN, sa->an); + + nla_nest_end(msg, nest); + + ret = nl_send_recv(ctx->sk, msg); + if (ret < 0) { + wpa_printf(MSG_ERROR, + DRV_PREFIX "%s: failed to communicate: %d (%s)", + __func__, ret, nl_geterror(-ret)); + } + +nla_put_failure: + nlmsg_free(msg); + return ret; +} + + +static int set_active_tx_sa(const struct macsec_genl_ctx *ctx, int ifindex, + unsigned char an, Boolean state) +{ + struct nl_msg *msg; + struct nlattr *nest; + int ret = -1; + + msg = msg_prepare(MACSEC_CMD_UPD_TXSA, ctx, ifindex); + if (!msg) + return ret; + + nest = nla_nest_start(msg, MACSEC_ATTR_SA_CONFIG); + if (!nest) + goto nla_put_failure; + + NLA_PUT_U8(msg, MACSEC_SA_ATTR_AN, an); + NLA_PUT_U8(msg, MACSEC_SA_ATTR_ACTIVE, !!state); + + nla_nest_end(msg, nest); + + ret = nl_send_recv(ctx->sk, msg); + if (ret < 0) { + wpa_printf(MSG_ERROR, + DRV_PREFIX "%s: failed to communicate: %d (%s)", + __func__, ret, nl_geterror(-ret)); + } + +nla_put_failure: + nlmsg_free(msg); + return ret; +} + + +/** + * macsec_drv_enable_transmit_sa - Enable SA for transmit + * @priv: private driver interface data from init() + * @sa: secure association + * Returns: 0 on success, -1 on failure + */ +static int macsec_drv_enable_transmit_sa(void *priv, struct transmit_sa *sa) +{ + struct macsec_drv_data *drv = priv; + struct macsec_genl_ctx *ctx = &drv->ctx; + int ret; + + wpa_printf(MSG_DEBUG, "%s -> %d", __func__, sa->an); + + ret = set_active_tx_sa(ctx, drv->ifi, sa->an, TRUE); + if (ret < 0) { + wpa_printf(MSG_ERROR, DRV_PREFIX "failed to enable txsa"); + return ret; + } + + drv->encoding_sa_set = TRUE; + drv->encoding_sa = sa->an; + + return try_commit(drv); +} + + +/** + * macsec_drv_disable_transmit_sa - Disable SA for transmit + * @priv: private driver interface data from init() + * @sa: secure association + * Returns: 0 on success, -1 on failure + */ +static int macsec_drv_disable_transmit_sa(void *priv, struct transmit_sa *sa) +{ + struct macsec_drv_data *drv = priv; + struct macsec_genl_ctx *ctx = &drv->ctx; + + wpa_printf(MSG_DEBUG, "%s -> %d", __func__, sa->an); + + return set_active_tx_sa(ctx, drv->ifi, sa->an, FALSE); +} + + +const struct wpa_driver_ops wpa_driver_macsec_linux_ops = { + .name = "macsec_linux", + .desc = "MACsec Ethernet driver for Linux", + .get_ssid = driver_wired_get_ssid, + .get_bssid = driver_wired_get_bssid, + .get_capa = driver_wired_get_capa, + .init = macsec_drv_wpa_init, + .deinit = macsec_drv_wpa_deinit, + + .macsec_init = macsec_drv_macsec_init, + .macsec_deinit = macsec_drv_macsec_deinit, + .macsec_get_capability = macsec_drv_get_capability, + .enable_protect_frames = macsec_drv_enable_protect_frames, + .enable_encrypt = macsec_drv_enable_encrypt, + .set_replay_protect = macsec_drv_set_replay_protect, + .set_current_cipher_suite = macsec_drv_set_current_cipher_suite, + .enable_controlled_port = macsec_drv_enable_controlled_port, + .get_receive_lowest_pn = macsec_drv_get_receive_lowest_pn, + .get_transmit_next_pn = macsec_drv_get_transmit_next_pn, + .set_transmit_next_pn = macsec_drv_set_transmit_next_pn, + .create_receive_sc = macsec_drv_create_receive_sc, + .delete_receive_sc = macsec_drv_delete_receive_sc, + .create_receive_sa = macsec_drv_create_receive_sa, + .delete_receive_sa = macsec_drv_delete_receive_sa, + .enable_receive_sa = macsec_drv_enable_receive_sa, + .disable_receive_sa = macsec_drv_disable_receive_sa, + .create_transmit_sc = macsec_drv_create_transmit_sc, + .delete_transmit_sc = macsec_drv_delete_transmit_sc, + .create_transmit_sa = macsec_drv_create_transmit_sa, + .delete_transmit_sa = macsec_drv_delete_transmit_sa, + .enable_transmit_sa = macsec_drv_enable_transmit_sa, + .disable_transmit_sa = macsec_drv_disable_transmit_sa, +}; diff --git a/contrib/wpa/src/drivers/driver_macsec_qca.c b/contrib/wpa/src/drivers/driver_macsec_qca.c index 826d3cc62133..8372393f26c2 100644 --- a/contrib/wpa/src/drivers/driver_macsec_qca.c +++ b/contrib/wpa/src/drivers/driver_macsec_qca.c @@ -29,7 +29,9 @@ #include "utils/eloop.h" #include "common/defs.h" #include "common/ieee802_1x_defs.h" +#include "pae/ieee802_1x_kay.h" #include "driver.h" +#include "driver_wired_common.h" #include "nss_macsec_secy.h" #include "nss_macsec_secy_rx.h" @@ -37,6 +39,9 @@ #define MAXSC 16 +#define SAK_128_LEN 16 +#define SAK_256_LEN 32 + /* TCI field definition */ #define TCI_ES 0x40 #define TCI_SC 0x20 @@ -52,17 +57,14 @@ #pragma pack(pop) #endif /* _MSC_VER */ -static const u8 pae_group_addr[ETH_ALEN] = -{ 0x01, 0x80, 0xc2, 0x00, 0x00, 0x03 }; +struct channel_map { + struct ieee802_1x_mka_sci sci; +}; struct macsec_qca_data { - char ifname[IFNAMSIZ + 1]; - u32 secy_id; - void *ctx; + struct driver_wired_common_data common; - int sock; /* raw packet socket for driver access */ - int pf_sock; - int membership, multi, iff_allmulti, iff_up; + u32 secy_id; /* shadow */ Boolean always_include_sci; @@ -71,192 +73,10 @@ struct macsec_qca_data { Boolean protect_frames; Boolean replay_protect; u32 replay_window; -}; - - -static int macsec_qca_multicast_membership(int sock, int ifindex, - const u8 *addr, int add) -{ -#ifdef __linux__ - struct packet_mreq mreq; - - if (sock < 0) - return -1; - - os_memset(&mreq, 0, sizeof(mreq)); - mreq.mr_ifindex = ifindex; - mreq.mr_type = PACKET_MR_MULTICAST; - mreq.mr_alen = ETH_ALEN; - os_memcpy(mreq.mr_address, addr, ETH_ALEN); - - if (setsockopt(sock, SOL_PACKET, - add ? PACKET_ADD_MEMBERSHIP : PACKET_DROP_MEMBERSHIP, - &mreq, sizeof(mreq)) < 0) { - wpa_printf(MSG_ERROR, "setsockopt: %s", strerror(errno)); - return -1; - } - return 0; -#else /* __linux__ */ - return -1; -#endif /* __linux__ */ -} - - -static int macsec_qca_get_ssid(void *priv, u8 *ssid) -{ - ssid[0] = 0; - return 0; -} - - -static int macsec_qca_get_bssid(void *priv, u8 *bssid) -{ - /* Report PAE group address as the "BSSID" for macsec connection. */ - os_memcpy(bssid, pae_group_addr, ETH_ALEN); - return 0; -} - - -static int macsec_qca_get_capa(void *priv, struct wpa_driver_capa *capa) -{ - os_memset(capa, 0, sizeof(*capa)); - capa->flags = WPA_DRIVER_FLAGS_WIRED; - return 0; -} - - -static int macsec_qca_get_ifflags(const char *ifname, int *flags) -{ - struct ifreq ifr; - int s; - - s = socket(PF_INET, SOCK_DGRAM, 0); - if (s < 0) { - wpa_printf(MSG_ERROR, "socket: %s", strerror(errno)); - return -1; - } - - os_memset(&ifr, 0, sizeof(ifr)); - os_strlcpy(ifr.ifr_name, ifname, IFNAMSIZ); - if (ioctl(s, SIOCGIFFLAGS, (caddr_t) &ifr) < 0) { - wpa_printf(MSG_ERROR, "ioctl[SIOCGIFFLAGS]: %s", - strerror(errno)); - close(s); - return -1; - } - close(s); - *flags = ifr.ifr_flags & 0xffff; - return 0; -} - - -static int macsec_qca_set_ifflags(const char *ifname, int flags) -{ - struct ifreq ifr; - int s; - - s = socket(PF_INET, SOCK_DGRAM, 0); - if (s < 0) { - wpa_printf(MSG_ERROR, "socket: %s", strerror(errno)); - return -1; - } - - os_memset(&ifr, 0, sizeof(ifr)); - os_strlcpy(ifr.ifr_name, ifname, IFNAMSIZ); - ifr.ifr_flags = flags & 0xffff; - if (ioctl(s, SIOCSIFFLAGS, (caddr_t) &ifr) < 0) { - wpa_printf(MSG_ERROR, "ioctl[SIOCSIFFLAGS]: %s", - strerror(errno)); - close(s); - return -1; - } - close(s); - return 0; -} - -#if defined(__FreeBSD__) || defined(__DragonFly__) || defined(__FreeBSD_kernel__) -static int macsec_qca_get_ifstatus(const char *ifname, int *status) -{ - struct ifmediareq ifmr; - int s; - - s = socket(PF_INET, SOCK_DGRAM, 0); - if (s < 0) { - wpa_print(MSG_ERROR, "socket: %s", strerror(errno)); - return -1; - } - - os_memset(&ifmr, 0, sizeof(ifmr)); - os_strlcpy(ifmr.ifm_name, ifname, IFNAMSIZ); - if (ioctl(s, SIOCGIFMEDIA, (caddr_t) &ifmr) < 0) { - wpa_printf(MSG_ERROR, "ioctl[SIOCGIFMEDIA]: %s", - strerror(errno)); - close(s); - return -1; - } - close(s); - *status = (ifmr.ifm_status & (IFM_ACTIVE | IFM_AVALID)) == - (IFM_ACTIVE | IFM_AVALID); - - return 0; -} -#endif /* defined(__FreeBSD__) || defined(__DragonFly__) || defined(FreeBSD_kernel__) */ - - -static int macsec_qca_multi(const char *ifname, const u8 *addr, int add) -{ - struct ifreq ifr; - int s; - -#ifdef __sun__ - return -1; -#endif /* __sun__ */ - - s = socket(PF_INET, SOCK_DGRAM, 0); - if (s < 0) { - wpa_printf(MSG_ERROR, "socket: %s", strerror(errno)); - return -1; - } - - os_memset(&ifr, 0, sizeof(ifr)); - os_strlcpy(ifr.ifr_name, ifname, IFNAMSIZ); -#ifdef __linux__ - ifr.ifr_hwaddr.sa_family = AF_UNSPEC; - os_memcpy(ifr.ifr_hwaddr.sa_data, addr, ETH_ALEN); -#endif /* __linux__ */ -#if defined(__FreeBSD__) || defined(__DragonFly__) || defined(__FreeBSD_kernel__) - { - struct sockaddr_dl *dlp; - dlp = (struct sockaddr_dl *) &ifr.ifr_addr; - dlp->sdl_len = sizeof(struct sockaddr_dl); - dlp->sdl_family = AF_LINK; - dlp->sdl_index = 0; - dlp->sdl_nlen = 0; - dlp->sdl_alen = ETH_ALEN; - dlp->sdl_slen = 0; - os_memcpy(LLADDR(dlp), addr, ETH_ALEN); - } -#endif /* defined(__FreeBSD__) || defined(__DragonFly__) || defined(FreeBSD_kernel__) */ -#if defined(__NetBSD__) || defined(__OpenBSD__) || defined(__APPLE__) - { - struct sockaddr *sap; - sap = (struct sockaddr *) &ifr.ifr_addr; - sap->sa_len = sizeof(struct sockaddr); - sap->sa_family = AF_UNSPEC; - os_memcpy(sap->sa_data, addr, ETH_ALEN); - } -#endif /* defined(__NetBSD__) || defined(__OpenBSD__) || defined(__APPLE__) */ - - if (ioctl(s, add ? SIOCADDMULTI : SIOCDELMULTI, (caddr_t) &ifr) < 0) { - wpa_printf(MSG_ERROR, "ioctl[SIOC{ADD/DEL}MULTI]: %s", - strerror(errno)); - close(s); - return -1; - } - close(s); - return 0; -} + struct channel_map receive_channel_map[MAXSC]; + struct channel_map transmit_channel_map[MAXSC]; +}; static void __macsec_drv_init(struct macsec_qca_data *drv) @@ -309,76 +129,23 @@ static void __macsec_drv_deinit(struct macsec_qca_data *drv) static void * macsec_qca_init(void *ctx, const char *ifname) { struct macsec_qca_data *drv; - int flags; drv = os_zalloc(sizeof(*drv)); if (drv == NULL) return NULL; - os_strlcpy(drv->ifname, ifname, sizeof(drv->ifname)); - drv->ctx = ctx; /* Board specific settings */ - if (os_memcmp("eth2", drv->ifname, 4) == 0) + if (os_memcmp("eth2", ifname, 4) == 0) drv->secy_id = 1; - else if (os_memcmp("eth3", drv->ifname, 4) == 0) + else if (os_memcmp("eth3", ifname, 4) == 0) drv->secy_id = 2; else drv->secy_id = -1; -#ifdef __linux__ - drv->pf_sock = socket(PF_PACKET, SOCK_DGRAM, 0); - if (drv->pf_sock < 0) - wpa_printf(MSG_ERROR, "socket(PF_PACKET): %s", strerror(errno)); -#else /* __linux__ */ - drv->pf_sock = -1; -#endif /* __linux__ */ - - if (macsec_qca_get_ifflags(ifname, &flags) == 0 && - !(flags & IFF_UP) && - macsec_qca_set_ifflags(ifname, flags | IFF_UP) == 0) { - drv->iff_up = 1; - } - - if (macsec_qca_multicast_membership(drv->pf_sock, - if_nametoindex(drv->ifname), - pae_group_addr, 1) == 0) { - wpa_printf(MSG_DEBUG, - "%s: Added multicast membership with packet socket", - __func__); - drv->membership = 1; - } else if (macsec_qca_multi(ifname, pae_group_addr, 1) == 0) { - wpa_printf(MSG_DEBUG, - "%s: Added multicast membership with SIOCADDMULTI", - __func__); - drv->multi = 1; - } else if (macsec_qca_get_ifflags(ifname, &flags) < 0) { - wpa_printf(MSG_INFO, "%s: Could not get interface flags", - __func__); + if (driver_wired_init_common(&drv->common, ifname, ctx) < 0) { os_free(drv); return NULL; - } else if (flags & IFF_ALLMULTI) { - wpa_printf(MSG_DEBUG, - "%s: Interface is already configured for multicast", - __func__); - } else if (macsec_qca_set_ifflags(ifname, flags | IFF_ALLMULTI) < 0) { - wpa_printf(MSG_INFO, "%s: Failed to enable allmulti", - __func__); - os_free(drv); - return NULL; - } else { - wpa_printf(MSG_DEBUG, "%s: Enabled allmulti mode", __func__); - drv->iff_allmulti = 1; } -#if defined(__FreeBSD__) || defined(__DragonFly__) || defined(__FreeBSD_kernel__) - { - int status; - wpa_printf(MSG_DEBUG, "%s: waiting for link to become active", - __func__); - while (macsec_qca_get_ifstatus(ifname, &status) == 0 && - status == 0) - sleep(1); - } -#endif /* defined(__FreeBSD__) || defined(__DragonFly__) || defined(FreeBSD_kernel__) */ return drv; } @@ -387,42 +154,8 @@ static void * macsec_qca_init(void *ctx, const char *ifname) static void macsec_qca_deinit(void *priv) { struct macsec_qca_data *drv = priv; - int flags; - - if (drv->membership && - macsec_qca_multicast_membership(drv->pf_sock, - if_nametoindex(drv->ifname), - pae_group_addr, 0) < 0) { - wpa_printf(MSG_DEBUG, - "%s: Failed to remove PAE multicast group (PACKET)", - __func__); - } - - if (drv->multi && - macsec_qca_multi(drv->ifname, pae_group_addr, 0) < 0) { - wpa_printf(MSG_DEBUG, - "%s: Failed to remove PAE multicast group (SIOCDELMULTI)", - __func__); - } - - if (drv->iff_allmulti && - (macsec_qca_get_ifflags(drv->ifname, &flags) < 0 || - macsec_qca_set_ifflags(drv->ifname, flags & ~IFF_ALLMULTI) < 0)) { - wpa_printf(MSG_DEBUG, "%s: Failed to disable allmulti mode", - __func__); - } - - if (drv->iff_up && - macsec_qca_get_ifflags(drv->ifname, &flags) == 0 && - (flags & IFF_UP) && - macsec_qca_set_ifflags(drv->ifname, flags & ~IFF_UP) < 0) { - wpa_printf(MSG_DEBUG, "%s: Failed to set the interface down", - __func__); - } - - if (drv->pf_sock != -1) - close(drv->pf_sock); + driver_wired_deinit_common(&drv->common); os_free(drv); } @@ -457,6 +190,16 @@ static int macsec_qca_macsec_deinit(void *priv) } +static int macsec_qca_get_capability(void *priv, enum macsec_cap *cap) +{ + wpa_printf(MSG_DEBUG, "%s", __func__); + + *cap = MACSEC_CAP_INTEG_AND_CONF_0_30_50; + + return 0; +} + + static int macsec_qca_enable_protect_frames(void *priv, Boolean enabled) { struct macsec_qca_data *drv = priv; @@ -486,19 +229,32 @@ static int macsec_qca_set_replay_protect(void *priv, Boolean enabled, } +static fal_cipher_suite_e macsec_qca_cs_type_get(u64 cs) +{ + if (cs == CS_ID_GCM_AES_128) + return FAL_CIPHER_SUITE_AES_GCM_128; + if (cs == CS_ID_GCM_AES_256) + return FAL_CIPHER_SUITE_AES_GCM_256; + return FAL_CIPHER_SUITE_MAX; +} + + static int macsec_qca_set_current_cipher_suite(void *priv, u64 cs) { - if (cs != CS_ID_GCM_AES_128) { + struct macsec_qca_data *drv = priv; + fal_cipher_suite_e cs_type; + + if (cs != CS_ID_GCM_AES_128 && cs != CS_ID_GCM_AES_256) { wpa_printf(MSG_ERROR, "%s: NOT supported CipherSuite: %016" PRIx64, __func__, cs); return -1; } - /* Support default Cipher Suite 0080020001000001 (GCM-AES-128) */ - wpa_printf(MSG_DEBUG, "%s: default support aes-gcm-128", __func__); + wpa_printf(MSG_DEBUG, "%s: CipherSuite: %016" PRIx64, __func__, cs); - return 0; + cs_type = macsec_qca_cs_type_get(cs); + return nss_macsec_secy_cipher_suite_set(drv->secy_id, cs_type); } @@ -515,16 +271,82 @@ static int macsec_qca_enable_controlled_port(void *priv, Boolean enabled) } -static int macsec_qca_get_receive_lowest_pn(void *priv, u32 channel, u8 an, - u32 *lowest_pn) +static int macsec_qca_lookup_channel(struct channel_map *map, + struct ieee802_1x_mka_sci *sci, + u32 *channel) +{ + u32 i; + + for (i = 0; i < MAXSC; i++) { + if (os_memcmp(&map[i].sci, sci, + sizeof(struct ieee802_1x_mka_sci)) == 0) { + *channel = i; + return 0; + } + } + + return -1; +} + + +static void macsec_qca_register_channel(struct channel_map *map, + struct ieee802_1x_mka_sci *sci, + u32 channel) +{ + os_memcpy(&map[channel].sci, sci, sizeof(struct ieee802_1x_mka_sci)); +} + + +static int macsec_qca_lookup_receive_channel(struct macsec_qca_data *drv, + struct receive_sc *sc, + u32 *channel) +{ + return macsec_qca_lookup_channel(drv->receive_channel_map, &sc->sci, + channel); +} + + +static void macsec_qca_register_receive_channel(struct macsec_qca_data *drv, + struct receive_sc *sc, + u32 channel) +{ + macsec_qca_register_channel(drv->receive_channel_map, &sc->sci, + channel); +} + + +static int macsec_qca_lookup_transmit_channel(struct macsec_qca_data *drv, + struct transmit_sc *sc, + u32 *channel) +{ + return macsec_qca_lookup_channel(drv->transmit_channel_map, &sc->sci, + channel); +} + + +static void macsec_qca_register_transmit_channel(struct macsec_qca_data *drv, + struct transmit_sc *sc, + u32 channel) +{ + macsec_qca_register_channel(drv->transmit_channel_map, &sc->sci, + channel); +} + + +static int macsec_qca_get_receive_lowest_pn(void *priv, struct receive_sa *sa) { struct macsec_qca_data *drv = priv; int ret = 0; u32 next_pn = 0; bool enabled = FALSE; u32 win; + u32 channel; + + ret = macsec_qca_lookup_receive_channel(priv, sa->sc, &channel); + if (ret != 0) + return ret; - ret += nss_macsec_secy_rx_sa_next_pn_get(drv->secy_id, channel, an, + ret += nss_macsec_secy_rx_sa_next_pn_get(drv->secy_id, channel, sa->an, &next_pn); ret += nss_macsec_secy_rx_sc_replay_protect_get(drv->secy_id, channel, &enabled); @@ -532,40 +354,49 @@ static int macsec_qca_get_receive_lowest_pn(void *priv, u32 channel, u8 an, channel, &win); if (enabled) - *lowest_pn = (next_pn > win) ? (next_pn - win) : 1; + sa->lowest_pn = (next_pn > win) ? (next_pn - win) : 1; else - *lowest_pn = next_pn; + sa->lowest_pn = next_pn; - wpa_printf(MSG_DEBUG, "%s: lpn=0x%x", __func__, *lowest_pn); + wpa_printf(MSG_DEBUG, "%s: lpn=0x%x", __func__, sa->lowest_pn); return ret; } -static int macsec_qca_get_transmit_next_pn(void *priv, u32 channel, u8 an, - u32 *next_pn) +static int macsec_qca_get_transmit_next_pn(void *priv, struct transmit_sa *sa) { struct macsec_qca_data *drv = priv; int ret = 0; + u32 channel; - ret += nss_macsec_secy_tx_sa_next_pn_get(drv->secy_id, channel, an, - next_pn); + ret = macsec_qca_lookup_transmit_channel(priv, sa->sc, &channel); + if (ret != 0) + return ret; - wpa_printf(MSG_DEBUG, "%s: npn=0x%x", __func__, *next_pn); + ret += nss_macsec_secy_tx_sa_next_pn_get(drv->secy_id, channel, sa->an, + &sa->next_pn); + + wpa_printf(MSG_DEBUG, "%s: npn=0x%x", __func__, sa->next_pn); return ret; } -int macsec_qca_set_transmit_next_pn(void *priv, u32 channel, u8 an, u32 next_pn) +static int macsec_qca_set_transmit_next_pn(void *priv, struct transmit_sa *sa) { struct macsec_qca_data *drv = priv; int ret = 0; + u32 channel; + + ret = macsec_qca_lookup_transmit_channel(priv, sa->sc, &channel); + if (ret != 0) + return ret; - ret += nss_macsec_secy_tx_sa_next_pn_set(drv->secy_id, channel, an, - next_pn); + ret += nss_macsec_secy_tx_sa_next_pn_set(drv->secy_id, channel, sa->an, + sa->next_pn); - wpa_printf(MSG_INFO, "%s: npn=0x%x", __func__, next_pn); + wpa_printf(MSG_INFO, "%s: npn=0x%x", __func__, sa->next_pn); return ret; } @@ -598,8 +429,7 @@ static int macsec_qca_get_available_receive_sc(void *priv, u32 *channel) } -static int macsec_qca_create_receive_sc(void *priv, u32 channel, - const u8 *sci_addr, u16 sci_port, +static int macsec_qca_create_receive_sc(void *priv, struct receive_sc *sc, unsigned int conf_offset, int validation) { @@ -608,6 +438,13 @@ static int macsec_qca_create_receive_sc(void *priv, u32 channel, fal_rx_prc_lut_t entry; fal_rx_sc_validate_frame_e vf; enum validate_frames validate_frames = validation; + u32 channel; + const u8 *sci_addr = sc->sci.addr; + u16 sci_port = be_to_host16(sc->sci.port); + + ret = macsec_qca_get_available_receive_sc(priv, &channel); + if (ret != 0) + return ret; wpa_printf(MSG_DEBUG, "%s: channel=%d", __func__, channel); @@ -615,8 +452,8 @@ static int macsec_qca_create_receive_sc(void *priv, u32 channel, os_memset(&entry, 0, sizeof(entry)); os_memcpy(entry.sci, sci_addr, ETH_ALEN); - entry.sci[6] = (sci_port >> 8) & 0xf; - entry.sci[7] = sci_port & 0xf; + entry.sci[6] = (sci_port >> 8) & 0xff; + entry.sci[7] = sci_port & 0xff; entry.sci_mask = 0xf; entry.valid = 1; @@ -642,15 +479,22 @@ static int macsec_qca_create_receive_sc(void *priv, u32 channel, channel, drv->replay_window); + macsec_qca_register_receive_channel(drv, sc, channel); + return ret; } -static int macsec_qca_delete_receive_sc(void *priv, u32 channel) +static int macsec_qca_delete_receive_sc(void *priv, struct receive_sc *sc) { struct macsec_qca_data *drv = priv; - int ret = 0; + int ret; fal_rx_prc_lut_t entry; + u32 channel; + + ret = macsec_qca_lookup_receive_channel(priv, sc, &channel); + if (ret != 0) + return ret; wpa_printf(MSG_DEBUG, "%s: channel=%d", __func__, channel); @@ -664,49 +508,91 @@ static int macsec_qca_delete_receive_sc(void *priv, u32 channel) } -static int macsec_qca_create_receive_sa(void *priv, u32 channel, u8 an, - u32 lowest_pn, const u8 *sak) +static int macsec_qca_create_receive_sa(void *priv, struct receive_sa *sa) { struct macsec_qca_data *drv = priv; - int ret = 0; + int ret; fal_rx_sak_t rx_sak; int i = 0; + u32 channel; + fal_rx_prc_lut_t entry; + u32 offset; + + ret = macsec_qca_lookup_receive_channel(priv, sa->sc, &channel); + if (ret != 0) + return ret; wpa_printf(MSG_DEBUG, "%s, channel=%d, an=%d, lpn=0x%x", - __func__, channel, an, lowest_pn); + __func__, channel, sa->an, sa->lowest_pn); os_memset(&rx_sak, 0, sizeof(rx_sak)); - for (i = 0; i < 16; i++) - rx_sak.sak[i] = sak[15 - i]; + rx_sak.sak_len = sa->pkey->key_len; + if (sa->pkey->key_len == SAK_128_LEN) { + for (i = 0; i < 16; i++) + rx_sak.sak[i] = sa->pkey->key[15 - i]; + } else if (sa->pkey->key_len == SAK_256_LEN) { + for (i = 0; i < 16; i++) { + rx_sak.sak1[i] = sa->pkey->key[15 - i]; + rx_sak.sak[i] = sa->pkey->key[31 - i]; + } + } else { + return -1; + } - ret += nss_macsec_secy_rx_sa_create(drv->secy_id, channel, an); - ret += nss_macsec_secy_rx_sak_set(drv->secy_id, channel, an, &rx_sak); + if (sa->pkey->confidentiality_offset == CONFIDENTIALITY_OFFSET_0) + offset = 0; + else if (sa->pkey->confidentiality_offset == CONFIDENTIALITY_OFFSET_30) + offset = 30; + else if (sa->pkey->confidentiality_offset == CONFIDENTIALITY_OFFSET_50) + offset = 50; + else + return -1; + ret += nss_macsec_secy_rx_prc_lut_get(drv->secy_id, channel, &entry); + entry.offset = offset; + ret += nss_macsec_secy_rx_prc_lut_set(drv->secy_id, channel, &entry); + ret += nss_macsec_secy_rx_sa_create(drv->secy_id, channel, sa->an); + ret += nss_macsec_secy_rx_sak_set(drv->secy_id, channel, sa->an, + &rx_sak); return ret; } -static int macsec_qca_enable_receive_sa(void *priv, u32 channel, u8 an) +static int macsec_qca_enable_receive_sa(void *priv, struct receive_sa *sa) { struct macsec_qca_data *drv = priv; - int ret = 0; + int ret; + u32 channel; + + ret = macsec_qca_lookup_receive_channel(priv, sa->sc, &channel); + if (ret != 0) + return ret; - wpa_printf(MSG_DEBUG, "%s: channel=%d, an=%d", __func__, channel, an); + wpa_printf(MSG_DEBUG, "%s: channel=%d, an=%d", __func__, channel, + sa->an); - ret += nss_macsec_secy_rx_sa_en_set(drv->secy_id, channel, an, TRUE); + ret += nss_macsec_secy_rx_sa_en_set(drv->secy_id, channel, sa->an, + TRUE); return ret; } -static int macsec_qca_disable_receive_sa(void *priv, u32 channel, u8 an) +static int macsec_qca_disable_receive_sa(void *priv, struct receive_sa *sa) { struct macsec_qca_data *drv = priv; - int ret = 0; + int ret; + u32 channel; + + ret = macsec_qca_lookup_receive_channel(priv, sa->sc, &channel); + if (ret != 0) + return ret; - wpa_printf(MSG_DEBUG, "%s: channel=%d, an=%d", __func__, channel, an); + wpa_printf(MSG_DEBUG, "%s: channel=%d, an=%d", __func__, channel, + sa->an); - ret += nss_macsec_secy_rx_sa_en_set(drv->secy_id, channel, an, FALSE); + ret += nss_macsec_secy_rx_sa_en_set(drv->secy_id, channel, sa->an, + FALSE); return ret; } @@ -715,14 +601,12 @@ static int macsec_qca_disable_receive_sa(void *priv, u32 channel, u8 an) static int macsec_qca_get_available_transmit_sc(void *priv, u32 *channel) { struct macsec_qca_data *drv = priv; - int ret = 0; u32 sc_ch = 0; bool in_use = FALSE; for (sc_ch = 0; sc_ch < MAXSC; sc_ch++) { - ret = nss_macsec_secy_tx_sc_in_used_get(drv->secy_id, sc_ch, - &in_use); - if (ret) + if (nss_macsec_secy_tx_sc_in_used_get(drv->secy_id, sc_ch, + &in_use)) continue; if (!in_use) { @@ -739,14 +623,19 @@ static int macsec_qca_get_available_transmit_sc(void *priv, u32 *channel) } -static int macsec_qca_create_transmit_sc(void *priv, u32 channel, - const u8 *sci_addr, u16 sci_port, +static int macsec_qca_create_transmit_sc(void *priv, struct transmit_sc *sc, unsigned int conf_offset) { struct macsec_qca_data *drv = priv; - int ret = 0; + int ret; fal_tx_class_lut_t entry; u8 psci[ETH_ALEN + 2]; + u32 channel; + u16 sci_port = be_to_host16(sc->sci.port); + + ret = macsec_qca_get_available_transmit_sc(priv, &channel); + if (ret != 0) + return ret; wpa_printf(MSG_DEBUG, "%s: channel=%d", __func__, channel); @@ -757,9 +646,9 @@ static int macsec_qca_create_transmit_sc(void *priv, u32 channel, entry.action = FAL_TX_CLASS_ACTION_FORWARD; entry.channel = channel; - os_memcpy(psci, sci_addr, ETH_ALEN); - psci[6] = (sci_port >> 8) & 0xf; - psci[7] = sci_port & 0xf; + os_memcpy(psci, sc->sci.addr, ETH_ALEN); + psci[6] = (sci_port >> 8) & 0xff; + psci[7] = sci_port & 0xff; ret += nss_macsec_secy_tx_class_lut_set(drv->secy_id, channel, &entry); ret += nss_macsec_secy_tx_sc_create(drv->secy_id, channel, psci, 8); @@ -769,15 +658,22 @@ static int macsec_qca_create_transmit_sc(void *priv, u32 channel, channel, conf_offset); + macsec_qca_register_transmit_channel(drv, sc, channel); + return ret; } -static int macsec_qca_delete_transmit_sc(void *priv, u32 channel) +static int macsec_qca_delete_transmit_sc(void *priv, struct transmit_sc *sc) { struct macsec_qca_data *drv = priv; - int ret = 0; + int ret; fal_tx_class_lut_t entry; + u32 channel; + + ret = macsec_qca_lookup_transmit_channel(priv, sc, &channel); + if (ret != 0) + return ret; wpa_printf(MSG_DEBUG, "%s: channel=%d", __func__, channel); @@ -791,19 +687,23 @@ static int macsec_qca_delete_transmit_sc(void *priv, u32 channel) } -static int macsec_qca_create_transmit_sa(void *priv, u32 channel, u8 an, - u32 next_pn, Boolean confidentiality, - const u8 *sak) +static int macsec_qca_create_transmit_sa(void *priv, struct transmit_sa *sa) { struct macsec_qca_data *drv = priv; - int ret = 0; + int ret; u8 tci = 0; fal_tx_sak_t tx_sak; int i; + u32 channel; + u32 offset; + + ret = macsec_qca_lookup_transmit_channel(priv, sa->sc, &channel); + if (ret != 0) + return ret; wpa_printf(MSG_DEBUG, "%s: channel=%d, an=%d, next_pn=0x%x, confidentiality=%d", - __func__, channel, an, next_pn, confidentiality); + __func__, channel, sa->an, sa->next_pn, sa->confidentiality); if (drv->always_include_sci) tci |= TCI_SC; @@ -812,45 +712,81 @@ static int macsec_qca_create_transmit_sa(void *priv, u32 channel, u8 an, else if (drv->use_scb) tci |= TCI_SCB; - if (confidentiality) + if (sa->confidentiality) tci |= TCI_E | TCI_C; os_memset(&tx_sak, 0, sizeof(tx_sak)); - for (i = 0; i < 16; i++) - tx_sak.sak[i] = sak[15 - i]; + tx_sak.sak_len = sa->pkey->key_len; + if (sa->pkey->key_len == SAK_128_LEN) { + for (i = 0; i < 16; i++) + tx_sak.sak[i] = sa->pkey->key[15 - i]; + } else if (sa->pkey->key_len == SAK_256_LEN) { + for (i = 0; i < 16; i++) { + tx_sak.sak1[i] = sa->pkey->key[15 - i]; + tx_sak.sak[i] = sa->pkey->key[31 - i]; + } + } else { + return -1; + } - ret += nss_macsec_secy_tx_sa_next_pn_set(drv->secy_id, channel, an, - next_pn); - ret += nss_macsec_secy_tx_sak_set(drv->secy_id, channel, an, &tx_sak); + if (sa->pkey->confidentiality_offset == CONFIDENTIALITY_OFFSET_0) + offset = 0; + else if (sa->pkey->confidentiality_offset == CONFIDENTIALITY_OFFSET_30) + offset = 30; + else if (sa->pkey->confidentiality_offset == CONFIDENTIALITY_OFFSET_50) + offset = 50; + else + return -1; + ret += nss_macsec_secy_tx_sc_confidentiality_offset_set(drv->secy_id, + channel, + offset); + ret += nss_macsec_secy_tx_sa_next_pn_set(drv->secy_id, channel, sa->an, + sa->next_pn); + ret += nss_macsec_secy_tx_sak_set(drv->secy_id, channel, sa->an, + &tx_sak); ret += nss_macsec_secy_tx_sc_tci_7_2_set(drv->secy_id, channel, (tci >> 2)); - ret += nss_macsec_secy_tx_sc_an_set(drv->secy_id, channel, an); + ret += nss_macsec_secy_tx_sc_an_set(drv->secy_id, channel, sa->an); return ret; } -static int macsec_qca_enable_transmit_sa(void *priv, u32 channel, u8 an) +static int macsec_qca_enable_transmit_sa(void *priv, struct transmit_sa *sa) { struct macsec_qca_data *drv = priv; - int ret = 0; + int ret; + u32 channel; - wpa_printf(MSG_DEBUG, "%s: channel=%d, an=%d", __func__, channel, an); + ret = macsec_qca_lookup_transmit_channel(priv, sa->sc, &channel); + if (ret != 0) + return ret; - ret += nss_macsec_secy_tx_sa_en_set(drv->secy_id, channel, an, TRUE); + wpa_printf(MSG_DEBUG, "%s: channel=%d, an=%d", __func__, channel, + sa->an); + + ret += nss_macsec_secy_tx_sa_en_set(drv->secy_id, channel, sa->an, + TRUE); return ret; } -static int macsec_qca_disable_transmit_sa(void *priv, u32 channel, u8 an) +static int macsec_qca_disable_transmit_sa(void *priv, struct transmit_sa *sa) { struct macsec_qca_data *drv = priv; - int ret = 0; + int ret; + u32 channel; + + ret = macsec_qca_lookup_transmit_channel(priv, sa->sc, &channel); + if (ret != 0) + return ret; - wpa_printf(MSG_DEBUG, "%s: channel=%d, an=%d", __func__, channel, an); + wpa_printf(MSG_DEBUG, "%s: channel=%d, an=%d", __func__, channel, + sa->an); - ret += nss_macsec_secy_tx_sa_en_set(drv->secy_id, channel, an, FALSE); + ret += nss_macsec_secy_tx_sa_en_set(drv->secy_id, channel, sa->an, + FALSE); return ret; } @@ -859,14 +795,15 @@ static int macsec_qca_disable_transmit_sa(void *priv, u32 channel, u8 an) const struct wpa_driver_ops wpa_driver_macsec_qca_ops = { .name = "macsec_qca", .desc = "QCA MACsec Ethernet driver", - .get_ssid = macsec_qca_get_ssid, - .get_bssid = macsec_qca_get_bssid, - .get_capa = macsec_qca_get_capa, + .get_ssid = driver_wired_get_ssid, + .get_bssid = driver_wired_get_bssid, + .get_capa = driver_wired_get_capa, .init = macsec_qca_init, .deinit = macsec_qca_deinit, .macsec_init = macsec_qca_macsec_init, .macsec_deinit = macsec_qca_macsec_deinit, + .macsec_get_capability = macsec_qca_get_capability, .enable_protect_frames = macsec_qca_enable_protect_frames, .set_replay_protect = macsec_qca_set_replay_protect, .set_current_cipher_suite = macsec_qca_set_current_cipher_suite, @@ -874,13 +811,11 @@ const struct wpa_driver_ops wpa_driver_macsec_qca_ops = { .get_receive_lowest_pn = macsec_qca_get_receive_lowest_pn, .get_transmit_next_pn = macsec_qca_get_transmit_next_pn, .set_transmit_next_pn = macsec_qca_set_transmit_next_pn, - .get_available_receive_sc = macsec_qca_get_available_receive_sc, .create_receive_sc = macsec_qca_create_receive_sc, .delete_receive_sc = macsec_qca_delete_receive_sc, .create_receive_sa = macsec_qca_create_receive_sa, .enable_receive_sa = macsec_qca_enable_receive_sa, .disable_receive_sa = macsec_qca_disable_receive_sa, - .get_available_transmit_sc = macsec_qca_get_available_transmit_sc, .create_transmit_sc = macsec_qca_create_transmit_sc, .delete_transmit_sc = macsec_qca_delete_transmit_sc, .create_transmit_sa = macsec_qca_create_transmit_sa, diff --git a/contrib/wpa/src/drivers/driver_ndis.c b/contrib/wpa/src/drivers/driver_ndis.c index 7c86edd3d145..9a08e5772328 100644 --- a/contrib/wpa/src/drivers/driver_ndis.c +++ b/contrib/wpa/src/drivers/driver_ndis.c @@ -1221,12 +1221,16 @@ static int wpa_driver_ndis_set_pmkid(struct wpa_driver_ndis_data *drv) } -static int wpa_driver_ndis_add_pmkid(void *priv, const u8 *bssid, - const u8 *pmkid) +static int wpa_driver_ndis_add_pmkid(void *priv, + struct wpa_pmkid_params *params) { struct wpa_driver_ndis_data *drv = priv; struct ndis_pmkid_entry *entry, *prev; + const u8 *bssid = params->bssid; + const u8 *pmkid = params->pmkid; + if (!bssid || !pmkid) + return -1; if (drv->no_of_pmkid == 0) return 0; @@ -1262,12 +1266,16 @@ static int wpa_driver_ndis_add_pmkid(void *priv, const u8 *bssid, } -static int wpa_driver_ndis_remove_pmkid(void *priv, const u8 *bssid, - const u8 *pmkid) +static int wpa_driver_ndis_remove_pmkid(void *priv, + struct wpa_pmkid_params *params) { struct wpa_driver_ndis_data *drv = priv; struct ndis_pmkid_entry *entry, *prev; + const u8 *bssid = params->bssid; + const u8 *pmkid = params->pmkid; + if (!bssid || !pmkid) + return -1; if (drv->no_of_pmkid == 0) return 0; diff --git a/contrib/wpa/src/drivers/driver_nl80211.h b/contrib/wpa/src/drivers/driver_nl80211.h index d0ec48c9f973..bc562ba7a8cc 100644 --- a/contrib/wpa/src/drivers/driver_nl80211.h +++ b/contrib/wpa/src/drivers/driver_nl80211.h @@ -60,11 +60,13 @@ struct i802_bss { char brname[IFNAMSIZ]; unsigned int beacon_set:1; unsigned int added_if_into_bridge:1; + unsigned int already_in_bridge:1; unsigned int added_bridge:1; unsigned int in_deinit:1; unsigned int wdev_id_set:1; unsigned int added_if:1; unsigned int static_ap:1; + unsigned int use_nl_connect:1; u8 addr[ETH_ALEN]; @@ -73,11 +75,12 @@ struct i802_bss { int if_dynamic; void *ctx; - struct nl_handle *nl_preq, *nl_mgmt; + struct nl_handle *nl_preq, *nl_mgmt, *nl_connect; struct nl_cb *nl_cb; struct nl80211_wiphy_data *wiphy_data; struct dl_list wiphy_list; + u8 rand_addr[ETH_ALEN]; }; struct wpa_driver_nl80211_data { @@ -160,6 +163,9 @@ struct wpa_driver_nl80211_data { unsigned int scan_vendor_cmd_avail:1; unsigned int connect_reassoc:1; unsigned int set_wifi_conf_vendor_cmd_avail:1; + unsigned int he_capab_vendor_cmd_avail:1; + unsigned int fetch_bss_trans_status:1; + unsigned int roam_vendor_cmd_avail:1; u64 vendor_scan_cookie; u64 remain_on_chan_cookie; @@ -208,6 +214,8 @@ struct wpa_driver_nl80211_data { * (NL80211_CMD_VENDOR). 0 if no pending scan request. */ int last_scan_cmd; + + struct he_capabilities he_capab; }; struct nl_msg; @@ -228,6 +236,7 @@ int nl80211_create_iface(struct wpa_driver_nl80211_data *drv, void *arg, int use_existing); void nl80211_remove_iface(struct wpa_driver_nl80211_data *drv, int ifidx); unsigned int nl80211_get_assoc_freq(struct wpa_driver_nl80211_data *drv); +int nl80211_get_assoc_ssid(struct wpa_driver_nl80211_data *drv, u8 *ssid); enum chan_width convert2width(int width); void nl80211_mark_disconnected(struct wpa_driver_nl80211_data *drv); struct i802_bss * get_bss_ifindex(struct wpa_driver_nl80211_data *drv, @@ -244,7 +253,8 @@ int wpa_driver_nl80211_set_mode(struct i802_bss *bss, enum nl80211_iftype nlmode); int wpa_driver_nl80211_mlme(struct wpa_driver_nl80211_data *drv, const u8 *addr, int cmd, u16 reason_code, - int local_state_change); + int local_state_change, + struct nl_handle *nl_connect); int nl80211_create_monitor_interface(struct wpa_driver_nl80211_data *drv); void nl80211_remove_monitor_interface(struct wpa_driver_nl80211_data *drv); @@ -254,7 +264,8 @@ int nl80211_send_monitor(struct wpa_driver_nl80211_data *drv, int wpa_driver_nl80211_capa(struct wpa_driver_nl80211_data *drv); struct hostapd_hw_modes * -nl80211_get_hw_feature_data(void *priv, u16 *num_modes, u16 *flags); +nl80211_get_hw_feature_data(void *priv, u16 *num_modes, u16 *flags, + u8 *dfs_domain); int process_global_event(struct nl_msg *msg, void *arg); int process_bss_event(struct nl_msg *msg, void *arg); @@ -282,15 +293,6 @@ int wpa_driver_set_ap_wps_p2p_ie(void *priv, const struct wpabuf *beacon, /* driver_nl80211_scan.c */ -struct nl80211_bss_info_arg { - struct wpa_driver_nl80211_data *drv; - struct wpa_scan_results *res; - unsigned int assoc_freq; - unsigned int ibss_freq; - u8 assoc_bssid[ETH_ALEN]; -}; - -int bss_info_handler(struct nl_msg *msg, void *arg); void wpa_driver_nl80211_scan_timeout(void *eloop_ctx, void *timeout_ctx); int wpa_driver_nl80211_scan(struct i802_bss *bss, struct wpa_driver_scan_params *params); @@ -299,7 +301,7 @@ int wpa_driver_nl80211_sched_scan(void *priv, int wpa_driver_nl80211_stop_sched_scan(void *priv); struct wpa_scan_results * wpa_driver_nl80211_get_scan_results(void *priv); void nl80211_dump_scan(struct wpa_driver_nl80211_data *drv); -int wpa_driver_nl80211_abort_scan(void *priv); +int wpa_driver_nl80211_abort_scan(void *priv, u64 scan_cookie); int wpa_driver_nl80211_vendor_scan(struct i802_bss *bss, struct wpa_driver_scan_params *params); int nl80211_set_default_scan_ies(void *priv, const u8 *ies, size_t ies_len); diff --git a/contrib/wpa/src/drivers/driver_nl80211_capa.c b/contrib/wpa/src/drivers/driver_nl80211_capa.c index 6adc3f6d33dc..7b360d209aba 100644 --- a/contrib/wpa/src/drivers/driver_nl80211_capa.c +++ b/contrib/wpa/src/drivers/driver_nl80211_capa.c @@ -12,8 +12,8 @@ #include <netlink/genl/genl.h> #include "utils/common.h" -#include "common/ieee802_11_defs.h" #include "common/ieee802_11_common.h" +#include "common/wpa_common.h" #include "common/qca-vendor.h" #include "common/qca-vendor-attr.h" #include "driver_nl80211.h" @@ -266,40 +266,40 @@ static void wiphy_info_cipher_suites(struct wiphy_info_data *info, c >> 24, (c >> 16) & 0xff, (c >> 8) & 0xff, c & 0xff); switch (c) { - case WLAN_CIPHER_SUITE_CCMP_256: + case RSN_CIPHER_SUITE_CCMP_256: info->capa->enc |= WPA_DRIVER_CAPA_ENC_CCMP_256; break; - case WLAN_CIPHER_SUITE_GCMP_256: + case RSN_CIPHER_SUITE_GCMP_256: info->capa->enc |= WPA_DRIVER_CAPA_ENC_GCMP_256; break; - case WLAN_CIPHER_SUITE_CCMP: + case RSN_CIPHER_SUITE_CCMP: info->capa->enc |= WPA_DRIVER_CAPA_ENC_CCMP; break; - case WLAN_CIPHER_SUITE_GCMP: + case RSN_CIPHER_SUITE_GCMP: info->capa->enc |= WPA_DRIVER_CAPA_ENC_GCMP; break; - case WLAN_CIPHER_SUITE_TKIP: + case RSN_CIPHER_SUITE_TKIP: info->capa->enc |= WPA_DRIVER_CAPA_ENC_TKIP; break; - case WLAN_CIPHER_SUITE_WEP104: + case RSN_CIPHER_SUITE_WEP104: info->capa->enc |= WPA_DRIVER_CAPA_ENC_WEP104; break; - case WLAN_CIPHER_SUITE_WEP40: + case RSN_CIPHER_SUITE_WEP40: info->capa->enc |= WPA_DRIVER_CAPA_ENC_WEP40; break; - case WLAN_CIPHER_SUITE_AES_CMAC: + case RSN_CIPHER_SUITE_AES_128_CMAC: info->capa->enc |= WPA_DRIVER_CAPA_ENC_BIP; break; - case WLAN_CIPHER_SUITE_BIP_GMAC_128: + case RSN_CIPHER_SUITE_BIP_GMAC_128: info->capa->enc |= WPA_DRIVER_CAPA_ENC_BIP_GMAC_128; break; - case WLAN_CIPHER_SUITE_BIP_GMAC_256: + case RSN_CIPHER_SUITE_BIP_GMAC_256: info->capa->enc |= WPA_DRIVER_CAPA_ENC_BIP_GMAC_256; break; - case WLAN_CIPHER_SUITE_BIP_CMAC_256: + case RSN_CIPHER_SUITE_BIP_CMAC_256: info->capa->enc |= WPA_DRIVER_CAPA_ENC_BIP_CMAC_256; break; - case WLAN_CIPHER_SUITE_NO_GROUP_ADDR: + case RSN_CIPHER_SUITE_NO_GROUP_ADDRESSED: info->capa->enc |= WPA_DRIVER_CAPA_ENC_GTK_NOT_USED; break; } @@ -362,6 +362,72 @@ static void wiphy_info_ext_feature_flags(struct wiphy_info_data *info, if (ext_feature_isset(ext_features, len, NL80211_EXT_FEATURE_RRM)) capa->rrm_flags |= WPA_DRIVER_FLAGS_SUPPORT_RRM; + + if (ext_feature_isset(ext_features, len, NL80211_EXT_FEATURE_FILS_STA)) + capa->flags |= WPA_DRIVER_FLAGS_SUPPORT_FILS; + + if (ext_feature_isset(ext_features, len, + NL80211_EXT_FEATURE_BEACON_RATE_LEGACY)) + capa->flags |= WPA_DRIVER_FLAGS_BEACON_RATE_LEGACY; + + if (ext_feature_isset(ext_features, len, + NL80211_EXT_FEATURE_BEACON_RATE_HT)) + capa->flags |= WPA_DRIVER_FLAGS_BEACON_RATE_HT; + + if (ext_feature_isset(ext_features, len, + NL80211_EXT_FEATURE_BEACON_RATE_VHT)) + capa->flags |= WPA_DRIVER_FLAGS_BEACON_RATE_VHT; + + if (ext_feature_isset(ext_features, len, + NL80211_EXT_FEATURE_SET_SCAN_DWELL)) + capa->rrm_flags |= WPA_DRIVER_FLAGS_SUPPORT_SET_SCAN_DWELL; + + if (ext_feature_isset(ext_features, len, + NL80211_EXT_FEATURE_SCAN_START_TIME) && + ext_feature_isset(ext_features, len, + NL80211_EXT_FEATURE_BSS_PARENT_TSF) && + ext_feature_isset(ext_features, len, + NL80211_EXT_FEATURE_SET_SCAN_DWELL)) + capa->rrm_flags |= WPA_DRIVER_FLAGS_SUPPORT_BEACON_REPORT; + if (ext_feature_isset(ext_features, len, + NL80211_EXT_FEATURE_MGMT_TX_RANDOM_TA)) + capa->flags |= WPA_DRIVER_FLAGS_MGMT_TX_RANDOM_TA; + if (ext_feature_isset(ext_features, len, + NL80211_EXT_FEATURE_MGMT_TX_RANDOM_TA_CONNECTED)) + capa->flags |= WPA_DRIVER_FLAGS_MGMT_TX_RANDOM_TA_CONNECTED; + if (ext_feature_isset(ext_features, len, + NL80211_EXT_FEATURE_SCHED_SCAN_RELATIVE_RSSI)) + capa->flags |= WPA_DRIVER_FLAGS_SCHED_SCAN_RELATIVE_RSSI; + if (ext_feature_isset(ext_features, len, + NL80211_EXT_FEATURE_FILS_SK_OFFLOAD)) + capa->flags |= WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD; + + if (ext_feature_isset(ext_features, len, + NL80211_EXT_FEATURE_4WAY_HANDSHAKE_STA_PSK) && + ext_feature_isset(ext_features, len, + NL80211_EXT_FEATURE_4WAY_HANDSHAKE_STA_1X)) + capa->flags |= WPA_DRIVER_FLAGS_4WAY_HANDSHAKE; + + if (ext_feature_isset(ext_features, len, + NL80211_EXT_FEATURE_MFP_OPTIONAL)) + capa->flags |= WPA_DRIVER_FLAGS_MFP_OPTIONAL; + + if (ext_feature_isset(ext_features, len, + NL80211_EXT_FEATURE_DFS_OFFLOAD)) + capa->flags |= WPA_DRIVER_FLAGS_DFS_OFFLOAD; + +#ifdef CONFIG_MBO + if (ext_feature_isset(ext_features, len, + NL80211_EXT_FEATURE_FILS_MAX_CHANNEL_TIME) && + ext_feature_isset(ext_features, len, + NL80211_EXT_FEATURE_ACCEPT_BCAST_PROBE_RESP) && + ext_feature_isset(ext_features, len, + NL80211_EXT_FEATURE_OCE_PROBE_REQ_HIGH_TX_RATE) && + ext_feature_isset( + ext_features, len, + NL80211_EXT_FEATURE_OCE_PROBE_REQ_DEFERRAL_SUPPRESSION)) + capa->flags |= WPA_DRIVER_FLAGS_OCE_STA; +#endif /* CONFIG_MBO */ } @@ -510,23 +576,22 @@ static void wiphy_info_extended_capab(struct wpa_driver_nl80211_data *drv, nl80211_iftype_str(capa->iftype)); len = nla_len(tb1[NL80211_ATTR_EXT_CAPA]); - capa->ext_capa = os_malloc(len); + capa->ext_capa = os_memdup(nla_data(tb1[NL80211_ATTR_EXT_CAPA]), + len); if (!capa->ext_capa) goto err; - os_memcpy(capa->ext_capa, nla_data(tb1[NL80211_ATTR_EXT_CAPA]), - len); capa->ext_capa_len = len; wpa_hexdump(MSG_DEBUG, "nl80211: Extended capabilities", capa->ext_capa, capa->ext_capa_len); len = nla_len(tb1[NL80211_ATTR_EXT_CAPA_MASK]); - capa->ext_capa_mask = os_malloc(len); + capa->ext_capa_mask = + os_memdup(nla_data(tb1[NL80211_ATTR_EXT_CAPA_MASK]), + len); if (!capa->ext_capa_mask) goto err; - os_memcpy(capa->ext_capa_mask, - nla_data(tb1[NL80211_ATTR_EXT_CAPA_MASK]), len); wpa_hexdump(MSG_DEBUG, "nl80211: Extended capabilities mask", capa->ext_capa_mask, capa->ext_capa_len); @@ -708,6 +773,15 @@ static int wiphy_info_handler(struct nl_msg *msg, void *arg) case QCA_NL80211_VENDOR_SUBCMD_SET_WIFI_CONFIGURATION: drv->set_wifi_conf_vendor_cmd_avail = 1; break; + case QCA_NL80211_VENDOR_SUBCMD_GET_HE_CAPABILITIES: + drv->he_capab_vendor_cmd_avail = 1; + break; + case QCA_NL80211_VENDOR_SUBCMD_FETCH_BSS_TRANSITION_STATUS: + drv->fetch_bss_trans_status = 1; + break; + case QCA_NL80211_VENDOR_SUBCMD_ROAM: + drv->roam_vendor_cmd_avail = 1; + break; #endif /* CONFIG_DRIVER_NL80211_QCA */ } } @@ -744,6 +818,9 @@ static int wiphy_info_handler(struct nl_msg *msg, void *arg) capa->max_csa_counters = nla_get_u8(tb[NL80211_ATTR_MAX_CSA_COUNTERS]); + if (tb[NL80211_ATTR_WIPHY_SELF_MANAGED_REG]) + capa->flags |= WPA_DRIVER_FLAGS_SELF_MANAGED_REGULATORY; + return NL_SKIP; } @@ -877,6 +954,100 @@ static void qca_nl80211_check_dfs_capa(struct wpa_driver_nl80211_data *drv) } +static int qca_nl80211_he_capab_handler(struct nl_msg *msg, void *arg) +{ + struct nlattr *tb[NL80211_ATTR_MAX + 1]; + struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); + struct he_capabilities *he_capab = arg; + struct nlattr *nl_vend; + struct nlattr *tb_vendor[QCA_WLAN_VENDOR_ATTR_HE_CAPABILITIES_MAX + 1]; + size_t len; + + nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), + genlmsg_attrlen(gnlh, 0), NULL); + + if (!tb[NL80211_ATTR_VENDOR_DATA]) + return NL_SKIP; + + nl_vend = tb[NL80211_ATTR_VENDOR_DATA]; + nla_parse(tb_vendor, QCA_WLAN_VENDOR_ATTR_HE_CAPABILITIES_MAX, + nla_data(nl_vend), nla_len(nl_vend), NULL); + + if (tb_vendor[QCA_WLAN_VENDOR_ATTR_HE_SUPPORTED]) { + u8 he_supported; + + he_supported = nla_get_u8( + tb_vendor[QCA_WLAN_VENDOR_ATTR_HE_SUPPORTED]); + wpa_printf(MSG_DEBUG, "nl80211: HE capabilities supported: %u", + he_supported); + he_capab->he_supported = he_supported; + if (!he_supported) + return NL_SKIP; + } + + if (tb_vendor[QCA_WLAN_VENDOR_ATTR_PHY_CAPAB]) { + len = nla_len(tb_vendor[QCA_WLAN_VENDOR_ATTR_PHY_CAPAB]); + + if (len > sizeof(he_capab->phy_cap)) + len = sizeof(he_capab->phy_cap); + os_memcpy(he_capab->phy_cap, + nla_data(tb_vendor[QCA_WLAN_VENDOR_ATTR_PHY_CAPAB]), + len); + } + + if (tb_vendor[QCA_WLAN_VENDOR_ATTR_MAC_CAPAB]) + he_capab->mac_cap = + nla_get_u32(tb_vendor[QCA_WLAN_VENDOR_ATTR_MAC_CAPAB]); + + if (tb_vendor[QCA_WLAN_VENDOR_ATTR_HE_MCS]) + he_capab->mcs = + nla_get_u32(tb_vendor[QCA_WLAN_VENDOR_ATTR_HE_MCS]); + + if (tb_vendor[QCA_WLAN_VENDOR_ATTR_NUM_SS]) + he_capab->ppet.numss_m1 = + nla_get_u32(tb_vendor[QCA_WLAN_VENDOR_ATTR_NUM_SS]); + + if (tb_vendor[QCA_WLAN_VENDOR_ATTR_RU_IDX_MASK]) + he_capab->ppet.ru_count = + nla_get_u32(tb_vendor[QCA_WLAN_VENDOR_ATTR_RU_IDX_MASK]); + + if (tb_vendor[QCA_WLAN_VENDOR_ATTR_PPE_THRESHOLD]) { + len = nla_len(tb_vendor[QCA_WLAN_VENDOR_ATTR_PPE_THRESHOLD]); + + if (len > sizeof(he_capab->ppet.ppet16_ppet8_ru3_ru0)) + len = sizeof(he_capab->ppet.ppet16_ppet8_ru3_ru0); + os_memcpy(he_capab->ppet.ppet16_ppet8_ru3_ru0, + nla_data(tb_vendor[QCA_WLAN_VENDOR_ATTR_PPE_THRESHOLD]), + len); + } + + return NL_SKIP; +} + + +static void qca_nl80211_check_he_capab(struct wpa_driver_nl80211_data *drv) +{ + struct nl_msg *msg; + int ret; + + if (!drv->he_capab_vendor_cmd_avail) + return; + + if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) || + nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) || + nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD, + QCA_NL80211_VENDOR_SUBCMD_GET_HE_CAPABILITIES)) { + nlmsg_free(msg); + return; + } + + ret = send_and_recv_msgs(drv, msg, qca_nl80211_he_capab_handler, + &drv->he_capab); + if (!ret && drv->he_capab.he_supported) + drv->capa.flags |= WPA_DRIVER_FLAGS_HE_CAPABILITIES; +} + + struct features_info { u8 *flags; size_t flags_len; @@ -973,6 +1144,12 @@ static void qca_nl80211_get_features(struct wpa_driver_nl80211_data *drv) drv->capa.flags |= WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS; if (check_feature(QCA_WLAN_VENDOR_FEATURE_P2P_LISTEN_OFFLOAD, &info)) drv->capa.flags |= WPA_DRIVER_FLAGS_P2P_LISTEN_OFFLOAD; + if (check_feature(QCA_WLAN_VENDOR_FEATURE_OCE_STA, &info)) + drv->capa.flags |= WPA_DRIVER_FLAGS_OCE_STA; + if (check_feature(QCA_WLAN_VENDOR_FEATURE_OCE_AP, &info)) + drv->capa.flags |= WPA_DRIVER_FLAGS_OCE_AP; + if (check_feature(QCA_WLAN_VENDOR_FEATURE_OCE_STA_CFON, &info)) + drv->capa.flags |= WPA_DRIVER_FLAGS_OCE_STA_CFON; os_free(info.flags); } @@ -994,7 +1171,19 @@ int wpa_driver_nl80211_capa(struct wpa_driver_nl80211_data *drv) WPA_DRIVER_CAPA_KEY_MGMT_WPA2 | WPA_DRIVER_CAPA_KEY_MGMT_WPA2_PSK | WPA_DRIVER_CAPA_KEY_MGMT_SUITE_B | - WPA_DRIVER_CAPA_KEY_MGMT_SUITE_B_192; + WPA_DRIVER_CAPA_KEY_MGMT_SUITE_B_192 | + WPA_DRIVER_CAPA_KEY_MGMT_OWE | + WPA_DRIVER_CAPA_KEY_MGMT_DPP; + + if (drv->capa.flags & WPA_DRIVER_FLAGS_SME) + drv->capa.key_mgmt |= WPA_DRIVER_CAPA_KEY_MGMT_FILS_SHA256 | + WPA_DRIVER_CAPA_KEY_MGMT_FILS_SHA384 | + WPA_DRIVER_CAPA_KEY_MGMT_FT_FILS_SHA256 | + WPA_DRIVER_CAPA_KEY_MGMT_FT_FILS_SHA384; + else if (drv->capa.flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD) + drv->capa.key_mgmt |= WPA_DRIVER_CAPA_KEY_MGMT_FILS_SHA256 | + WPA_DRIVER_CAPA_KEY_MGMT_FILS_SHA384; + drv->capa.auth = WPA_DRIVER_AUTH_OPEN | WPA_DRIVER_AUTH_SHARED | WPA_DRIVER_AUTH_LEAP; @@ -1046,8 +1235,10 @@ int wpa_driver_nl80211_capa(struct wpa_driver_nl80211_data *drv) drv->capa.flags &= ~WPA_DRIVER_FLAGS_EAPOL_TX_STATUS; #ifdef CONFIG_DRIVER_NL80211_QCA - qca_nl80211_check_dfs_capa(drv); + if (!(info.capa->flags & WPA_DRIVER_FLAGS_DFS_OFFLOAD)) + qca_nl80211_check_dfs_capa(drv); qca_nl80211_get_features(drv); + qca_nl80211_check_he_capab(drv); /* * To enable offchannel simultaneous support in wpa_supplicant, the @@ -1069,6 +1260,7 @@ struct phy_info_arg { struct hostapd_hw_modes *modes; int last_mode, last_chan_idx; int failed; + u8 dfs_domain; }; static void phy_info_ht_capa(struct hostapd_hw_modes *mode, struct nlattr *capa, @@ -1388,14 +1580,13 @@ wpa_driver_nl80211_postprocess_modes(struct hostapd_hw_modes *modes, mode11g = &modes[mode11g_idx]; mode->num_channels = mode11g->num_channels; - mode->channels = os_malloc(mode11g->num_channels * + mode->channels = os_memdup(mode11g->channels, + mode11g->num_channels * sizeof(struct hostapd_channel_data)); if (mode->channels == NULL) { (*num_modes)--; return modes; /* Could not add 802.11b mode */ } - os_memcpy(mode->channels, mode11g->channels, - mode11g->num_channels * sizeof(struct hostapd_channel_data)); mode->num_rates = 0; mode->rates = os_malloc(4 * sizeof(int)); @@ -1598,6 +1789,20 @@ static void nl80211_reg_rule_vht(struct nlattr *tb[], } +static void nl80211_set_dfs_domain(enum nl80211_dfs_regions region, + u8 *dfs_domain) +{ + if (region == NL80211_DFS_FCC) + *dfs_domain = HOSTAPD_DFS_REGION_FCC; + else if (region == NL80211_DFS_ETSI) + *dfs_domain = HOSTAPD_DFS_REGION_ETSI; + else if (region == NL80211_DFS_JP) + *dfs_domain = HOSTAPD_DFS_REGION_JP; + else + *dfs_domain = 0; +} + + static const char * dfs_domain_name(enum nl80211_dfs_regions region) { switch (region) { @@ -1644,6 +1849,7 @@ static int nl80211_get_reg(struct nl_msg *msg, void *arg) if (tb_msg[NL80211_ATTR_DFS_REGION]) { enum nl80211_dfs_regions dfs_domain; dfs_domain = nla_get_u8(tb_msg[NL80211_ATTR_DFS_REGION]); + nl80211_set_dfs_domain(dfs_domain, &results->dfs_domain); wpa_printf(MSG_DEBUG, "nl80211: Regulatory information - country=%s (%s)", (char *) nla_data(tb_msg[NL80211_ATTR_REG_ALPHA2]), dfs_domain_name(dfs_domain)); @@ -1715,12 +1921,20 @@ static int nl80211_set_regulatory_flags(struct wpa_driver_nl80211_data *drv, return -ENOMEM; nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_REG); + if (drv->capa.flags & WPA_DRIVER_FLAGS_SELF_MANAGED_REGULATORY) { + if (nla_put_u32(msg, NL80211_ATTR_WIPHY, drv->wiphy_idx)) { + nlmsg_free(msg); + return -1; + } + } + return send_and_recv_msgs(drv, msg, nl80211_get_reg, results); } struct hostapd_hw_modes * -nl80211_get_hw_feature_data(void *priv, u16 *num_modes, u16 *flags) +nl80211_get_hw_feature_data(void *priv, u16 *num_modes, u16 *flags, + u8 *dfs_domain) { u32 feat; struct i802_bss *bss = priv; @@ -1732,10 +1946,12 @@ nl80211_get_hw_feature_data(void *priv, u16 *num_modes, u16 *flags) .modes = NULL, .last_mode = -1, .failed = 0, + .dfs_domain = 0, }; *num_modes = 0; *flags = 0; + *dfs_domain = 0; feat = get_nl80211_protocol_features(drv); if (feat & NL80211_PROTOCOL_FEATURE_SPLIT_WIPHY_DUMP) @@ -1756,8 +1972,12 @@ nl80211_get_hw_feature_data(void *priv, u16 *num_modes, u16 *flags) os_free(result.modes[i].rates); } os_free(result.modes); + *num_modes = 0; return NULL; } + + *dfs_domain = result.dfs_domain; + return wpa_driver_nl80211_postprocess_modes(result.modes, num_modes); } diff --git a/contrib/wpa/src/drivers/driver_nl80211_event.c b/contrib/wpa/src/drivers/driver_nl80211_event.c index 762e3acc2807..205b4cd4b082 100644 --- a/contrib/wpa/src/drivers/driver_nl80211_event.c +++ b/contrib/wpa/src/drivers/driver_nl80211_event.c @@ -1,6 +1,6 @@ /* * Driver interaction with Linux nl80211/cfg80211 - Event processing - * Copyright (c) 2002-2014, Jouni Malinen <j@w1.fi> + * Copyright (c) 2002-2017, Jouni Malinen <j@w1.fi> * Copyright (c) 2007, Johannes Berg <johannes@sipsolutions.net> * Copyright (c) 2009-2010, Atheros Communications * @@ -131,6 +131,11 @@ static const char * nl80211_command_to_string(enum nl80211_commands cmd) C2S(NL80211_CMD_SET_QOS_MAP) C2S(NL80211_CMD_ADD_TX_TS) C2S(NL80211_CMD_DEL_TX_TS) + C2S(NL80211_CMD_WIPHY_REG_CHANGE) + C2S(NL80211_CMD_PORT_AUTHORIZED) + C2S(NL80211_CMD_EXTERNAL_AUTH) + C2S(NL80211_CMD_STA_OPMODE_CHANGED) + C2S(NL80211_CMD_CONTROL_PORT_FRAME) default: return "NL80211_CMD_UNKNOWN"; } @@ -206,6 +211,7 @@ static void mlme_event_assoc(struct wpa_driver_nl80211_data *drv, const struct ieee80211_mgmt *mgmt; union wpa_event_data event; u16 status; + int ssid_len; if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME) && drv->force_connect_cmd) { @@ -247,6 +253,8 @@ static void mlme_event_assoc(struct wpa_driver_nl80211_data *drv, os_memcpy(drv->prev_bssid, mgmt->sa, ETH_ALEN); os_memset(&event, 0, sizeof(event)); + event.assoc_info.resp_frame = frame; + event.assoc_info.resp_frame_len = len; if (len > 24 + sizeof(mgmt->u.assoc_resp)) { event.assoc_info.resp_ies = (u8 *) mgmt->u.assoc_resp.variable; event.assoc_info.resp_ies_len = @@ -255,6 +263,16 @@ static void mlme_event_assoc(struct wpa_driver_nl80211_data *drv, event.assoc_info.freq = drv->assoc_freq; + /* When this association was initiated outside of wpa_supplicant, + * drv->ssid needs to be set here to satisfy later checking. */ + ssid_len = nl80211_get_assoc_ssid(drv, drv->ssid); + if (ssid_len > 0) { + drv->ssid_len = ssid_len; + wpa_printf(MSG_DEBUG, + "nl80211: Set drv->ssid based on scan res info to '%s'", + wpa_ssid_txt(drv->ssid, drv->ssid_len)); + } + nl80211_parse_wmm_params(wmm, &event.assoc_info.wmm_params); wpa_supplicant_event(drv->ctx, EVENT_ASSOC, &event); @@ -266,15 +284,20 @@ static void mlme_event_connect(struct wpa_driver_nl80211_data *drv, struct nlattr *addr, struct nlattr *req_ie, struct nlattr *resp_ie, struct nlattr *timed_out, + struct nlattr *timeout_reason, struct nlattr *authorized, struct nlattr *key_replay_ctr, struct nlattr *ptk_kck, struct nlattr *ptk_kek, - struct nlattr *subnet_status) + struct nlattr *subnet_status, + struct nlattr *fils_erp_next_seq_num, + struct nlattr *fils_pmk, + struct nlattr *fils_pmkid) { union wpa_event_data event; - const u8 *ssid; + const u8 *ssid = NULL; u16 status_code; + int ssid_len; if (drv->capa.flags & WPA_DRIVER_FLAGS_SME) { /* @@ -324,6 +347,27 @@ static void mlme_event_connect(struct wpa_driver_nl80211_data *drv, } event.assoc_reject.status_code = status_code; event.assoc_reject.timed_out = timed_out != NULL; + if (timed_out && timeout_reason) { + enum nl80211_timeout_reason reason; + + reason = nla_get_u32(timeout_reason); + switch (reason) { + case NL80211_TIMEOUT_SCAN: + event.assoc_reject.timeout_reason = "scan"; + break; + case NL80211_TIMEOUT_AUTH: + event.assoc_reject.timeout_reason = "auth"; + break; + case NL80211_TIMEOUT_ASSOC: + event.assoc_reject.timeout_reason = "assoc"; + break; + default: + break; + } + } + if (fils_erp_next_seq_num) + event.assoc_reject.fils_erp_next_seq_num = + nla_get_u16(fils_erp_next_seq_num); wpa_supplicant_event(drv->ctx, EVENT_ASSOC_REJECT, &event); return; } @@ -345,6 +389,10 @@ static void mlme_event_connect(struct wpa_driver_nl80211_data *drv, if (ssid && ssid[1] > 0 && ssid[1] <= 32) { drv->ssid_len = ssid[1]; os_memcpy(drv->ssid, ssid + 2, ssid[1]); + wpa_printf(MSG_DEBUG, + "nl80211: Set drv->ssid based on req_ie to '%s'", + wpa_ssid_txt(drv->ssid, + drv->ssid_len)); } } } @@ -355,6 +403,16 @@ static void mlme_event_connect(struct wpa_driver_nl80211_data *drv, event.assoc_info.freq = nl80211_get_assoc_freq(drv); + if ((!ssid || ssid[1] == 0 || ssid[1] > 32) && + (ssid_len = nl80211_get_assoc_ssid(drv, drv->ssid)) > 0) { + /* When this connection was initiated outside of wpa_supplicant, + * drv->ssid needs to be set here to satisfy later checking. */ + drv->ssid_len = ssid_len; + wpa_printf(MSG_DEBUG, + "nl80211: Set drv->ssid based on scan res info to '%s'", + wpa_ssid_txt(drv->ssid, drv->ssid_len)); + } + if (authorized && nla_get_u8(authorized)) { event.assoc_info.authorized = 1; wpa_printf(MSG_DEBUG, "nl80211: connection authorized"); @@ -383,6 +441,18 @@ static void mlme_event_connect(struct wpa_driver_nl80211_data *drv, event.assoc_info.subnet_status = nla_get_u8(subnet_status); } + if (fils_erp_next_seq_num) + event.assoc_info.fils_erp_next_seq_num = + nla_get_u16(fils_erp_next_seq_num); + + if (fils_pmk) { + event.assoc_info.fils_pmk = nla_data(fils_pmk); + event.assoc_info.fils_pmk_len = nla_len(fils_pmk); + } + + if (fils_pmkid) + event.assoc_info.fils_pmkid = nla_data(fils_pmkid); + wpa_supplicant_event(drv->ctx, EVENT_ASSOC, &event); } @@ -516,6 +586,7 @@ static void mlme_event_ch_switch(struct wpa_driver_nl80211_data *drv, data.ch_switch.cf2 = nla_get_u32(cf2); bss->freq = data.ch_switch.freq; + drv->assoc_freq = data.ch_switch.freq; wpa_supplicant_event(bss->ctx, EVENT_CH_SWITCH, &data); } @@ -607,7 +678,7 @@ static void mlme_event_mgmt_tx_status(struct wpa_driver_nl80211_data *drv, cookie_val = nla_get_u64(cookie); wpa_printf(MSG_DEBUG, "nl80211: Action TX status:" - " cookie=0%llx%s (ack=%d)", + " cookie=0x%llx%s (ack=%d)", (long long unsigned int) cookie_val, cookie_val == drv->send_action_cookie ? " (match)" : " (unknown)", ack != NULL); @@ -683,12 +754,12 @@ static void mlme_event_deauth_disassoc(struct wpa_driver_nl80211_data *drv, * disconnection event for the old AP may show up after * we have started connection with the new AP. */ - wpa_printf(MSG_DEBUG, - "nl80211: Ignore deauth/disassoc event from old AP " - MACSTR - " when already connecting with " MACSTR, - MAC2STR(bssid), - MAC2STR(drv->auth_attempt_bssid)); + wpa_printf(MSG_DEBUG, + "nl80211: Ignore deauth/disassoc event from old AP " + MACSTR + " when already connecting with " MACSTR, + MAC2STR(bssid), + MAC2STR(drv->auth_attempt_bssid)); return; } @@ -831,6 +902,8 @@ static void mlme_event(struct i802_bss *bss, MAC2STR(data + 4 + ETH_ALEN)); if (cmd != NL80211_CMD_FRAME_TX_STATUS && !(data[4] & 0x01) && os_memcmp(bss->addr, data + 4, ETH_ALEN) != 0 && + (is_zero_ether_addr(bss->rand_addr) || + os_memcmp(bss->rand_addr, data + 4, ETH_ALEN) != 0) && os_memcmp(bss->addr, data + 4 + ETH_ALEN, ETH_ALEN) != 0) { wpa_printf(MSG_MSGDUMP, "nl80211: %s: Ignore MLME frame event " "for foreign address", bss->ifname); @@ -1081,6 +1154,16 @@ static void send_scan_event(struct wpa_driver_nl80211_data *drv, int aborted, wpa_printf(MSG_DEBUG, "nl80211: Scan included frequencies:%s", msg); } + + if (tb[NL80211_ATTR_SCAN_START_TIME_TSF] && + tb[NL80211_ATTR_SCAN_START_TIME_TSF_BSSID]) { + info->scan_start_tsf = + nla_get_u64(tb[NL80211_ATTR_SCAN_START_TIME_TSF]); + os_memcpy(info->scan_start_tsf_bssid, + nla_data(tb[NL80211_ATTR_SCAN_START_TIME_TSF_BSSID]), + ETH_ALEN); + } + wpa_supplicant_event(drv->ctx, EVENT_SCAN_RESULTS, &event); } @@ -1093,6 +1176,10 @@ static void nl80211_cqm_event(struct wpa_driver_nl80211_data *drv, [NL80211_ATTR_CQM_RSSI_HYST] = { .type = NLA_U8 }, [NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT] = { .type = NLA_U32 }, [NL80211_ATTR_CQM_PKT_LOSS_EVENT] = { .type = NLA_U32 }, + [NL80211_ATTR_CQM_TXE_RATE] = { .type = NLA_U32 }, + [NL80211_ATTR_CQM_TXE_PKTS] = { .type = NLA_U32 }, + [NL80211_ATTR_CQM_TXE_INTVL] = { .type = NLA_U32 }, + [NL80211_ATTR_CQM_BEACON_LOSS_EVENT] = { .type = NLA_FLAG }, }; struct nlattr *cqm[NL80211_ATTR_CQM_MAX + 1]; enum nl80211_cqm_rssi_threshold_event event; @@ -1114,12 +1201,39 @@ static void nl80211_cqm_event(struct wpa_driver_nl80211_data *drv, return; os_memcpy(ed.low_ack.addr, nla_data(tb[NL80211_ATTR_MAC]), ETH_ALEN); + ed.low_ack.num_packets = + nla_get_u32(cqm[NL80211_ATTR_CQM_PKT_LOSS_EVENT]); + wpa_printf(MSG_DEBUG, "nl80211: Packet loss event for " MACSTR + " (num_packets %u)", + MAC2STR(ed.low_ack.addr), ed.low_ack.num_packets); wpa_supplicant_event(drv->ctx, EVENT_STATION_LOW_ACK, &ed); return; } - if (cqm[NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT] == NULL) + if (cqm[NL80211_ATTR_CQM_BEACON_LOSS_EVENT]) { + wpa_printf(MSG_DEBUG, "nl80211: Beacon loss event"); + wpa_supplicant_event(drv->ctx, EVENT_BEACON_LOSS, NULL); + return; + } + + if (cqm[NL80211_ATTR_CQM_TXE_RATE] && + cqm[NL80211_ATTR_CQM_TXE_PKTS] && + cqm[NL80211_ATTR_CQM_TXE_INTVL] && + cqm[NL80211_ATTR_MAC]) { + wpa_printf(MSG_DEBUG, "nl80211: CQM TXE event for " MACSTR + " (rate: %u pkts: %u interval: %u)", + MAC2STR((u8 *) nla_data(cqm[NL80211_ATTR_MAC])), + nla_get_u32(cqm[NL80211_ATTR_CQM_TXE_RATE]), + nla_get_u32(cqm[NL80211_ATTR_CQM_TXE_PKTS]), + nla_get_u32(cqm[NL80211_ATTR_CQM_TXE_INTVL])); + return; + } + + if (cqm[NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT] == NULL) { + wpa_printf(MSG_DEBUG, + "nl80211: Not a CQM RSSI threshold event"); return; + } event = nla_get_u32(cqm[NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT]); if (event == NL80211_CQM_RSSI_THRESHOLD_EVENT_HIGH) { @@ -1130,8 +1244,12 @@ static void nl80211_cqm_event(struct wpa_driver_nl80211_data *drv, wpa_printf(MSG_DEBUG, "nl80211: Connection quality monitor " "event: RSSI low"); ed.signal_change.above_threshold = 0; - } else + } else { + wpa_printf(MSG_DEBUG, + "nl80211: Unknown CQM RSSI threshold event: %d", + event); return; + } res = nl80211_get_link_signal(drv, &sig); if (res == 0) { @@ -1473,6 +1591,13 @@ static void nl80211_radar_event(struct wpa_driver_nl80211_data *drv, case NL80211_RADAR_NOP_FINISHED: wpa_supplicant_event(drv->ctx, EVENT_DFS_NOP_FINISHED, &data); break; + case NL80211_RADAR_PRE_CAC_EXPIRED: + wpa_supplicant_event(drv->ctx, EVENT_DFS_PRE_CAC_EXPIRED, + &data); + break; + case NL80211_RADAR_CAC_STARTED: + wpa_supplicant_event(drv->ctx, EVENT_DFS_CAC_STARTED, &data); + break; default: wpa_printf(MSG_DEBUG, "nl80211: Unknown radar event %d " "received", event_type); @@ -1650,12 +1775,15 @@ static void qca_nl80211_key_mgmt_auth(struct wpa_driver_nl80211_data *drv, tb[QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_BSSID], tb[QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_REQ_IE], tb[QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_RESP_IE], - NULL, + NULL, NULL, tb[QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_AUTHORIZED], tb[QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_KEY_REPLAY_CTR], tb[QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_PTK_KCK], tb[QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_PTK_KEK], - tb[QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_SUBNET_STATUS]); + tb[QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_SUBNET_STATUS], + tb[QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_FILS_ERP_NEXT_SEQ_NUM], + tb[QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_PMK], + tb[QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_PMKID]); } @@ -2055,6 +2183,146 @@ static void nl80211_reg_change_event(struct wpa_driver_nl80211_data *drv, } +static void nl80211_external_auth(struct wpa_driver_nl80211_data *drv, + struct nlattr **tb) +{ + union wpa_event_data event; + enum nl80211_external_auth_action act; + + if (!tb[NL80211_ATTR_AKM_SUITES] || + !tb[NL80211_ATTR_EXTERNAL_AUTH_ACTION] || + !tb[NL80211_ATTR_BSSID] || + !tb[NL80211_ATTR_SSID]) + return; + + os_memset(&event, 0, sizeof(event)); + act = nla_get_u32(tb[NL80211_ATTR_EXTERNAL_AUTH_ACTION]); + switch (act) { + case NL80211_EXTERNAL_AUTH_START: + event.external_auth.action = EXT_AUTH_START; + break; + case NL80211_EXTERNAL_AUTH_ABORT: + event.external_auth.action = EXT_AUTH_ABORT; + break; + default: + return; + } + + event.external_auth.key_mgmt_suite = + nla_get_u32(tb[NL80211_ATTR_AKM_SUITES]); + + event.external_auth.ssid_len = nla_len(tb[NL80211_ATTR_SSID]); + if (event.external_auth.ssid_len > SSID_MAX_LEN) + return; + os_memcpy(event.external_auth.ssid, nla_data(tb[NL80211_ATTR_SSID]), + event.external_auth.ssid_len); + + os_memcpy(event.external_auth.bssid, nla_data(tb[NL80211_ATTR_BSSID]), + ETH_ALEN); + + wpa_printf(MSG_DEBUG, + "nl80211: External auth action: %u, AKM: 0x%x", + event.external_auth.action, + event.external_auth.key_mgmt_suite); + wpa_supplicant_event(drv->ctx, EVENT_EXTERNAL_AUTH, &event); +} + + +static void nl80211_port_authorized(struct wpa_driver_nl80211_data *drv, + struct nlattr **tb) +{ + const u8 *addr; + + if (!tb[NL80211_ATTR_MAC] || + nla_len(tb[NL80211_ATTR_MAC]) != ETH_ALEN) { + wpa_printf(MSG_DEBUG, + "nl80211: Ignore port authorized event without BSSID"); + return; + } + + addr = nla_data(tb[NL80211_ATTR_MAC]); + if (os_memcmp(addr, drv->bssid, ETH_ALEN) != 0) { + wpa_printf(MSG_DEBUG, + "nl80211: Ignore port authorized event for " MACSTR + " (not the currently connected BSSID " MACSTR ")", + MAC2STR(addr), MAC2STR(drv->bssid)); + return; + } + + wpa_supplicant_event(drv->ctx, EVENT_PORT_AUTHORIZED, NULL); +} + + +static void nl80211_sta_opmode_change_event(struct wpa_driver_nl80211_data *drv, + struct nlattr **tb) +{ + union wpa_event_data ed; + u8 smps_mode, max_bw; + + if (!tb[NL80211_ATTR_MAC] || + (!tb[NL80211_ATTR_CHANNEL_WIDTH] && + !tb[NL80211_ATTR_SMPS_MODE] && + !tb[NL80211_ATTR_NSS])) + return; + + ed.sta_opmode.smps_mode = SMPS_INVALID; + ed.sta_opmode.chan_width = CHAN_WIDTH_UNKNOWN; + ed.sta_opmode.rx_nss = 0xff; + ed.sta_opmode.addr = nla_data(tb[NL80211_ATTR_MAC]); + + if (tb[NL80211_ATTR_SMPS_MODE]) { + smps_mode = nla_get_u8(tb[NL80211_ATTR_SMPS_MODE]); + switch (smps_mode) { + case NL80211_SMPS_OFF: + ed.sta_opmode.smps_mode = SMPS_OFF; + break; + case NL80211_SMPS_STATIC: + ed.sta_opmode.smps_mode = SMPS_STATIC; + break; + case NL80211_SMPS_DYNAMIC: + ed.sta_opmode.smps_mode = SMPS_DYNAMIC; + break; + default: + ed.sta_opmode.smps_mode = SMPS_INVALID; + break; + } + } + + if (tb[NL80211_ATTR_CHANNEL_WIDTH]) { + max_bw = nla_get_u32(tb[NL80211_ATTR_CHANNEL_WIDTH]); + switch (max_bw) { + case NL80211_CHAN_WIDTH_20_NOHT: + ed.sta_opmode.chan_width = CHAN_WIDTH_20_NOHT; + break; + case NL80211_CHAN_WIDTH_20: + ed.sta_opmode.chan_width = CHAN_WIDTH_20; + break; + case NL80211_CHAN_WIDTH_40: + ed.sta_opmode.chan_width = CHAN_WIDTH_40; + break; + case NL80211_CHAN_WIDTH_80: + ed.sta_opmode.chan_width = CHAN_WIDTH_80; + break; + case NL80211_CHAN_WIDTH_80P80: + ed.sta_opmode.chan_width = CHAN_WIDTH_80P80; + break; + case NL80211_CHAN_WIDTH_160: + ed.sta_opmode.chan_width = CHAN_WIDTH_160; + break; + default: + ed.sta_opmode.chan_width = CHAN_WIDTH_UNKNOWN; + break; + + } + } + + if (tb[NL80211_ATTR_NSS]) + ed.sta_opmode.rx_nss = nla_get_u8(tb[NL80211_ATTR_NSS]); + + wpa_supplicant_event(drv->ctx, EVENT_STATION_OPMODE_CHANGED, &ed); +} + + static void do_process_drv_event(struct i802_bss *bss, int cmd, struct nlattr **tb) { @@ -2113,9 +2381,10 @@ static void do_process_drv_event(struct i802_bss *bss, int cmd, case NL80211_CMD_NEW_SCAN_RESULTS: wpa_dbg(drv->ctx, MSG_DEBUG, "nl80211: New scan results available"); + if (drv->last_scan_cmd != NL80211_CMD_VENDOR) + drv->scan_state = SCAN_COMPLETED; drv->scan_complete_events = 1; if (drv->last_scan_cmd == NL80211_CMD_TRIGGER_SCAN) { - drv->scan_state = SCAN_COMPLETED; eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv, drv->ctx); drv->last_scan_cmd = 0; @@ -2132,8 +2401,9 @@ static void do_process_drv_event(struct i802_bss *bss, int cmd, break; case NL80211_CMD_SCAN_ABORTED: wpa_dbg(drv->ctx, MSG_DEBUG, "nl80211: Scan aborted"); - if (drv->last_scan_cmd == NL80211_CMD_TRIGGER_SCAN) { + if (drv->last_scan_cmd != NL80211_CMD_VENDOR) drv->scan_state = SCAN_ABORTED; + if (drv->last_scan_cmd == NL80211_CMD_TRIGGER_SCAN) { /* * Need to indicate that scan results are available in * order not to make wpa_supplicant stop its scanning. @@ -2168,7 +2438,13 @@ static void do_process_drv_event(struct i802_bss *bss, int cmd, tb[NL80211_ATTR_REQ_IE], tb[NL80211_ATTR_RESP_IE], tb[NL80211_ATTR_TIMED_OUT], - NULL, NULL, NULL, NULL, NULL); + tb[NL80211_ATTR_TIMEOUT_REASON], + NULL, NULL, NULL, + tb[NL80211_ATTR_FILS_KEK], + NULL, + tb[NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM], + tb[NL80211_ATTR_PMK], + tb[NL80211_ATTR_PMKID]); break; case NL80211_CMD_CH_SWITCH_NOTIFY: mlme_event_ch_switch(drv, @@ -2200,6 +2476,7 @@ static void do_process_drv_event(struct i802_bss *bss, int cmd, nl80211_cqm_event(drv, tb); break; case NL80211_CMD_REG_CHANGE: + case NL80211_CMD_WIPHY_REG_CHANGE: nl80211_reg_change_event(drv, tb); break; case NL80211_CMD_REG_BEACON_HINT: @@ -2245,6 +2522,12 @@ static void do_process_drv_event(struct i802_bss *bss, int cmd, case NL80211_CMD_NEW_PEER_CANDIDATE: nl80211_new_peer_candidate(drv, tb); break; + case NL80211_CMD_PORT_AUTHORIZED: + nl80211_port_authorized(drv, tb); + break; + case NL80211_CMD_STA_OPMODE_CHANGED: + nl80211_sta_opmode_change_event(drv, tb); + break; default: wpa_dbg(drv->ctx, MSG_DEBUG, "nl80211: Ignored unknown event " "(cmd=%d)", cmd); @@ -2259,10 +2542,11 @@ int process_global_event(struct nl_msg *msg, void *arg) struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); struct nlattr *tb[NL80211_ATTR_MAX + 1]; struct wpa_driver_nl80211_data *drv, *tmp; - int ifidx = -1; + int ifidx = -1, wiphy_idx = -1, wiphy_idx_rx = -1; struct i802_bss *bss; u64 wdev_id = 0; int wdev_id_set = 0; + int wiphy_idx_set = 0; nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), genlmsg_attrlen(gnlh, 0), NULL); @@ -2272,13 +2556,19 @@ int process_global_event(struct nl_msg *msg, void *arg) else if (tb[NL80211_ATTR_WDEV]) { wdev_id = nla_get_u64(tb[NL80211_ATTR_WDEV]); wdev_id_set = 1; + } else if (tb[NL80211_ATTR_WIPHY]) { + wiphy_idx_rx = nla_get_u32(tb[NL80211_ATTR_WIPHY]); + wiphy_idx_set = 1; } dl_list_for_each_safe(drv, tmp, &global->interfaces, struct wpa_driver_nl80211_data, list) { for (bss = drv->first_bss; bss; bss = bss->next) { - if ((ifidx == -1 && !wdev_id_set) || + if (wiphy_idx_set) + wiphy_idx = nl80211_get_wiphy_index(bss); + if ((ifidx == -1 && !wiphy_idx_set && !wdev_id_set) || ifidx == bss->ifindex || + (wiphy_idx_set && wiphy_idx == wiphy_idx_rx) || (wdev_id_set && bss->wdev_id_set && wdev_id == bss->wdev_id)) { do_process_drv_event(bss, gnlh->cmd, tb); @@ -2323,6 +2613,9 @@ int process_bss_event(struct nl_msg *msg, void *arg) case NL80211_CMD_UNEXPECTED_4ADDR_FRAME: nl80211_spurious_frame(bss, tb, 1); break; + case NL80211_CMD_EXTERNAL_AUTH: + nl80211_external_auth(bss->drv, tb); + break; default: wpa_printf(MSG_DEBUG, "nl80211: Ignored unknown event " "(cmd=%d)", gnlh->cmd); diff --git a/contrib/wpa/src/drivers/driver_nl80211_monitor.c b/contrib/wpa/src/drivers/driver_nl80211_monitor.c index 9376d1143800..f25cd792464a 100644 --- a/contrib/wpa/src/drivers/driver_nl80211_monitor.c +++ b/contrib/wpa/src/drivers/driver_nl80211_monitor.c @@ -361,8 +361,17 @@ int nl80211_create_monitor_interface(struct wpa_driver_nl80211_data *drv) */ snprintf(buf, IFNAMSIZ, "mon-%s", drv->first_bss->ifname + 4); } else { + int ret; + /* Non-P2P interface with AP functionality. */ - snprintf(buf, IFNAMSIZ, "mon.%s", drv->first_bss->ifname); + ret = os_snprintf(buf, IFNAMSIZ, "mon.%s", + drv->first_bss->ifname); + if (ret >= (int) sizeof(buf)) + wpa_printf(MSG_DEBUG, + "nl80211: Monitor interface name has been truncated to %s", + buf); + else if (ret < 0) + return ret; } buf[IFNAMSIZ - 1] = '\0'; diff --git a/contrib/wpa/src/drivers/driver_nl80211_scan.c b/contrib/wpa/src/drivers/driver_nl80211_scan.c index c115b6b31b7d..33a8d359848f 100644 --- a/contrib/wpa/src/drivers/driver_nl80211_scan.c +++ b/contrib/wpa/src/drivers/driver_nl80211_scan.c @@ -10,6 +10,7 @@ */ #include "includes.h" +#include <time.h> #include <netlink/genl/genl.h> #include "utils/common.h" @@ -20,6 +21,14 @@ #include "driver_nl80211.h" +#define MAX_NL80211_NOISE_FREQS 50 + +struct nl80211_noise_info { + u32 freq[MAX_NL80211_NOISE_FREQS]; + s8 noise[MAX_NL80211_NOISE_FREQS]; + unsigned int count; +}; + static int get_noise_for_scan_results(struct nl_msg *msg, void *arg) { struct nlattr *tb[NL80211_ATTR_MAX + 1]; @@ -29,9 +38,10 @@ static int get_noise_for_scan_results(struct nl_msg *msg, void *arg) [NL80211_SURVEY_INFO_FREQUENCY] = { .type = NLA_U32 }, [NL80211_SURVEY_INFO_NOISE] = { .type = NLA_U8 }, }; - struct wpa_scan_results *scan_results = arg; - struct wpa_scan_res *scan_res; - size_t i; + struct nl80211_noise_info *info = arg; + + if (info->count >= MAX_NL80211_NOISE_FREQS) + return NL_STOP; nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), genlmsg_attrlen(gnlh, 0), NULL); @@ -55,34 +65,81 @@ static int get_noise_for_scan_results(struct nl_msg *msg, void *arg) if (!sinfo[NL80211_SURVEY_INFO_FREQUENCY]) return NL_SKIP; - for (i = 0; i < scan_results->num; ++i) { - scan_res = scan_results->res[i]; - if (!scan_res) - continue; - if ((int) nla_get_u32(sinfo[NL80211_SURVEY_INFO_FREQUENCY]) != - scan_res->freq) - continue; - if (!(scan_res->flags & WPA_SCAN_NOISE_INVALID)) - continue; - scan_res->noise = (s8) - nla_get_u8(sinfo[NL80211_SURVEY_INFO_NOISE]); - scan_res->flags &= ~WPA_SCAN_NOISE_INVALID; - } + info->freq[info->count] = + nla_get_u32(sinfo[NL80211_SURVEY_INFO_FREQUENCY]); + info->noise[info->count] = + (s8) nla_get_u8(sinfo[NL80211_SURVEY_INFO_NOISE]); + info->count++; return NL_SKIP; } static int nl80211_get_noise_for_scan_results( - struct wpa_driver_nl80211_data *drv, - struct wpa_scan_results *scan_res) + struct wpa_driver_nl80211_data *drv, struct nl80211_noise_info *info) { struct nl_msg *msg; + os_memset(info, 0, sizeof(*info)); msg = nl80211_drv_msg(drv, NLM_F_DUMP, NL80211_CMD_GET_SURVEY); - return send_and_recv_msgs(drv, msg, get_noise_for_scan_results, - scan_res); + return send_and_recv_msgs(drv, msg, get_noise_for_scan_results, info); +} + + +static int nl80211_abort_scan(struct i802_bss *bss) +{ + int ret; + struct nl_msg *msg; + struct wpa_driver_nl80211_data *drv = bss->drv; + + wpa_printf(MSG_DEBUG, "nl80211: Abort scan"); + msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_ABORT_SCAN); + ret = send_and_recv_msgs(drv, msg, NULL, NULL); + if (ret) { + wpa_printf(MSG_DEBUG, "nl80211: Abort scan failed: ret=%d (%s)", + ret, strerror(-ret)); + } + return ret; +} + + +#ifdef CONFIG_DRIVER_NL80211_QCA +static int nl80211_abort_vendor_scan(struct wpa_driver_nl80211_data *drv, + u64 scan_cookie) +{ + struct nl_msg *msg; + struct nlattr *params; + int ret; + + wpa_printf(MSG_DEBUG, "nl80211: Abort vendor scan with cookie 0x%llx", + (long long unsigned int) scan_cookie); + + msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR); + if (!msg || + nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) || + nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD, + QCA_NL80211_VENDOR_SUBCMD_ABORT_SCAN) || + !(params = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) || + nla_put_u64(msg, QCA_WLAN_VENDOR_ATTR_SCAN_COOKIE, scan_cookie)) + goto fail; + + nla_nest_end(msg, params); + + ret = send_and_recv_msgs(drv, msg, NULL, NULL); + msg = NULL; + if (ret) { + wpa_printf(MSG_INFO, + "nl80211: Aborting vendor scan with cookie 0x%llx failed: ret=%d (%s)", + (long long unsigned int) scan_cookie, ret, + strerror(-ret)); + goto fail; + } + return 0; +fail: + nlmsg_free(msg); + return -1; } +#endif /* CONFIG_DRIVER_NL80211_QCA */ /** @@ -98,7 +155,13 @@ void wpa_driver_nl80211_scan_timeout(void *eloop_ctx, void *timeout_ctx) struct wpa_driver_nl80211_data *drv = eloop_ctx; wpa_printf(MSG_DEBUG, "nl80211: Scan timeout - try to abort it"); - if (!wpa_driver_nl80211_abort_scan(drv->first_bss)) +#ifdef CONFIG_DRIVER_NL80211_QCA + if (drv->vendor_scan_cookie && + nl80211_abort_vendor_scan(drv, drv->vendor_scan_cookie) == 0) + return; +#endif /* CONFIG_DRIVER_NL80211_QCA */ + if (!drv->vendor_scan_cookie && + nl80211_abort_scan(drv->first_bss) == 0) return; wpa_printf(MSG_DEBUG, "nl80211: Failed to abort scan"); @@ -206,6 +269,34 @@ nl80211_scan_common(struct i802_bss *bss, u8 cmd, } } + if (params->duration) { + if (!(drv->capa.rrm_flags & + WPA_DRIVER_FLAGS_SUPPORT_SET_SCAN_DWELL) || + nla_put_u16(msg, NL80211_ATTR_MEASUREMENT_DURATION, + params->duration)) + goto fail; + + if (params->duration_mandatory && + nla_put_flag(msg, + NL80211_ATTR_MEASUREMENT_DURATION_MANDATORY)) + goto fail; + } + + if (params->oce_scan) { + wpa_printf(MSG_DEBUG, + "nl80211: Add NL80211_SCAN_FLAG_FILS_MAX_CHANNEL_TIME"); + wpa_printf(MSG_DEBUG, + "nl80211: Add NL80211_SCAN_FLAG_ACCEPT_BCAST_PROBE_RESP"); + wpa_printf(MSG_DEBUG, + "nl80211: Add NL80211_SCAN_FLAG_OCE_PROBE_REQ_MIN_TX_RATE"); + wpa_printf(MSG_DEBUG, + "nl80211: Add NL80211_SCAN_FLAG_OCE_PROBE_REQ_DEFERRAL_SUPPRESSION"); + scan_flags |= NL80211_SCAN_FLAG_FILS_MAX_CHANNEL_TIME | + NL80211_SCAN_FLAG_ACCEPT_BCAST_PROBE_RESP | + NL80211_SCAN_FLAG_OCE_PROBE_REQ_HIGH_TX_RATE | + NL80211_SCAN_FLAG_OCE_PROBE_REQ_DEFERRAL_SUPPRESSION; + } + if (scan_flags && nla_put_u32(msg, NL80211_ATTR_SCAN_FLAGS, scan_flags)) goto fail; @@ -487,6 +578,44 @@ int wpa_driver_nl80211_sched_scan(void *priv, nla_nest_end(msg, match_sets); } + if (params->relative_rssi_set) { + struct nl80211_bss_select_rssi_adjust rssi_adjust; + + os_memset(&rssi_adjust, 0, sizeof(rssi_adjust)); + wpa_printf(MSG_DEBUG, "nl80211: Relative RSSI: %d", + params->relative_rssi); + if (nla_put_u32(msg, NL80211_ATTR_SCHED_SCAN_RELATIVE_RSSI, + params->relative_rssi)) + goto fail; + + if (params->relative_adjust_rssi) { + int pref_band_set = 1; + + switch (params->relative_adjust_band) { + case WPA_SETBAND_5G: + rssi_adjust.band = NL80211_BAND_5GHZ; + break; + case WPA_SETBAND_2G: + rssi_adjust.band = NL80211_BAND_2GHZ; + break; + default: + pref_band_set = 0; + break; + } + rssi_adjust.delta = params->relative_adjust_rssi; + + if (pref_band_set && + nla_put(msg, NL80211_ATTR_SCHED_SCAN_RSSI_ADJUST, + sizeof(rssi_adjust), &rssi_adjust)) + goto fail; + } + } + + if (params->sched_scan_start_delay && + nla_put_u32(msg, NL80211_ATTR_SCHED_SCAN_DELAY, + params->sched_scan_start_delay)) + goto fail; + ret = send_and_recv_msgs(drv, msg, NULL, NULL); /* TODO: if we get an error here, we should fall back to normal scan */ @@ -562,7 +691,9 @@ static int nl80211_scan_filtered(struct wpa_driver_nl80211_data *drv, } -int bss_info_handler(struct nl_msg *msg, void *arg) +static struct wpa_scan_res * +nl80211_parse_bss_info(struct wpa_driver_nl80211_data *drv, + struct nl_msg *msg) { struct nlattr *tb[NL80211_ATTR_MAX + 1]; struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); @@ -579,50 +710,22 @@ int bss_info_handler(struct nl_msg *msg, void *arg) [NL80211_BSS_STATUS] = { .type = NLA_U32 }, [NL80211_BSS_SEEN_MS_AGO] = { .type = NLA_U32 }, [NL80211_BSS_BEACON_IES] = { .type = NLA_UNSPEC }, + [NL80211_BSS_PARENT_TSF] = { .type = NLA_U64 }, + [NL80211_BSS_PARENT_BSSID] = { .type = NLA_UNSPEC }, + [NL80211_BSS_LAST_SEEN_BOOTTIME] = { .type = NLA_U64 }, }; - struct nl80211_bss_info_arg *_arg = arg; - struct wpa_scan_results *res = _arg->res; - struct wpa_scan_res **tmp; struct wpa_scan_res *r; const u8 *ie, *beacon_ie; size_t ie_len, beacon_ie_len; u8 *pos; - size_t i; nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), genlmsg_attrlen(gnlh, 0), NULL); if (!tb[NL80211_ATTR_BSS]) - return NL_SKIP; + return NULL; if (nla_parse_nested(bss, NL80211_BSS_MAX, tb[NL80211_ATTR_BSS], bss_policy)) - return NL_SKIP; - if (bss[NL80211_BSS_STATUS]) { - enum nl80211_bss_status status; - status = nla_get_u32(bss[NL80211_BSS_STATUS]); - if (status == NL80211_BSS_STATUS_ASSOCIATED && - bss[NL80211_BSS_FREQUENCY]) { - _arg->assoc_freq = - nla_get_u32(bss[NL80211_BSS_FREQUENCY]); - wpa_printf(MSG_DEBUG, "nl80211: Associated on %u MHz", - _arg->assoc_freq); - } - if (status == NL80211_BSS_STATUS_IBSS_JOINED && - bss[NL80211_BSS_FREQUENCY]) { - _arg->ibss_freq = - nla_get_u32(bss[NL80211_BSS_FREQUENCY]); - wpa_printf(MSG_DEBUG, "nl80211: IBSS-joined on %u MHz", - _arg->ibss_freq); - } - if (status == NL80211_BSS_STATUS_ASSOCIATED && - bss[NL80211_BSS_BSSID]) { - os_memcpy(_arg->assoc_bssid, - nla_data(bss[NL80211_BSS_BSSID]), ETH_ALEN); - wpa_printf(MSG_DEBUG, "nl80211: Associated with " - MACSTR, MAC2STR(_arg->assoc_bssid)); - } - } - if (!res) - return NL_SKIP; + return NULL; if (bss[NL80211_BSS_INFORMATION_ELEMENTS]) { ie = nla_data(bss[NL80211_BSS_INFORMATION_ELEMENTS]); ie_len = nla_len(bss[NL80211_BSS_INFORMATION_ELEMENTS]); @@ -638,13 +741,13 @@ int bss_info_handler(struct nl_msg *msg, void *arg) beacon_ie_len = 0; } - if (nl80211_scan_filtered(_arg->drv, ie ? ie : beacon_ie, + if (nl80211_scan_filtered(drv, ie ? ie : beacon_ie, ie ? ie_len : beacon_ie_len)) - return NL_SKIP; + return NULL; r = os_zalloc(sizeof(*r) + ie_len + beacon_ie_len); if (r == NULL) - return NL_SKIP; + return NULL; if (bss[NL80211_BSS_BSSID]) os_memcpy(r->bssid, nla_data(bss[NL80211_BSS_BSSID]), ETH_ALEN); @@ -673,6 +776,23 @@ int bss_info_handler(struct nl_msg *msg, void *arg) } if (bss[NL80211_BSS_SEEN_MS_AGO]) r->age = nla_get_u32(bss[NL80211_BSS_SEEN_MS_AGO]); + if (bss[NL80211_BSS_LAST_SEEN_BOOTTIME]) { + u64 boottime; + struct timespec ts; + +#ifndef CLOCK_BOOTTIME +#define CLOCK_BOOTTIME 7 +#endif + if (clock_gettime(CLOCK_BOOTTIME, &ts) == 0) { + /* Use more accurate boottime information to update the + * scan result age since the driver reports this and + * CLOCK_BOOTTIME is available. */ + boottime = nla_get_u64( + bss[NL80211_BSS_LAST_SEEN_BOOTTIME]); + r->age = ((u64) ts.tv_sec * 1000000000 + + ts.tv_nsec - boottime) / 1000000; + } + } r->ie_len = ie_len; pos = (u8 *) (r + 1); if (ie) { @@ -695,40 +815,36 @@ int bss_info_handler(struct nl_msg *msg, void *arg) } } - /* - * cfg80211 maintains separate BSS table entries for APs if the same - * BSSID,SSID pair is seen on multiple channels. wpa_supplicant does - * not use frequency as a separate key in the BSS table, so filter out - * duplicated entries. Prefer associated BSS entry in such a case in - * order to get the correct frequency into the BSS table. Similarly, - * prefer newer entries over older. - */ - for (i = 0; i < res->num; i++) { - const u8 *s1, *s2; - if (os_memcmp(res->res[i]->bssid, r->bssid, ETH_ALEN) != 0) - continue; + if (bss[NL80211_BSS_PARENT_TSF] && bss[NL80211_BSS_PARENT_BSSID]) { + r->parent_tsf = nla_get_u64(bss[NL80211_BSS_PARENT_TSF]); + os_memcpy(r->tsf_bssid, nla_data(bss[NL80211_BSS_PARENT_BSSID]), + ETH_ALEN); + } - s1 = get_ie((u8 *) (res->res[i] + 1), - res->res[i]->ie_len, WLAN_EID_SSID); - s2 = get_ie((u8 *) (r + 1), r->ie_len, WLAN_EID_SSID); - if (s1 == NULL || s2 == NULL || s1[1] != s2[1] || - os_memcmp(s1, s2, 2 + s1[1]) != 0) - continue; + return r; +} - /* Same BSSID,SSID was already included in scan results */ - wpa_printf(MSG_DEBUG, "nl80211: Remove duplicated scan result " - "for " MACSTR, MAC2STR(r->bssid)); - if (((r->flags & WPA_SCAN_ASSOCIATED) && - !(res->res[i]->flags & WPA_SCAN_ASSOCIATED)) || - r->age < res->res[i]->age) { - os_free(res->res[i]); - res->res[i] = r; - } else - os_free(r); +struct nl80211_bss_info_arg { + struct wpa_driver_nl80211_data *drv; + struct wpa_scan_results *res; +}; + +static int bss_info_handler(struct nl_msg *msg, void *arg) +{ + struct nl80211_bss_info_arg *_arg = arg; + struct wpa_scan_results *res = _arg->res; + struct wpa_scan_res **tmp; + struct wpa_scan_res *r; + + r = nl80211_parse_bss_info(_arg->drv, msg); + if (!r) return NL_SKIP; - } + if (!res) { + os_free(r); + return NL_SKIP; + } tmp = os_realloc_array(res->res, res->num + 1, sizeof(struct wpa_scan_res *)); if (tmp == NULL) { @@ -750,7 +866,32 @@ static void clear_state_mismatch(struct wpa_driver_nl80211_data *drv, "mismatch (" MACSTR ")", MAC2STR(addr)); wpa_driver_nl80211_mlme(drv, addr, NL80211_CMD_DEAUTHENTICATE, - WLAN_REASON_PREV_AUTH_NOT_VALID, 1); + WLAN_REASON_PREV_AUTH_NOT_VALID, 1, + NULL); + } +} + + +static void nl80211_check_bss_status(struct wpa_driver_nl80211_data *drv, + struct wpa_scan_res *r) +{ + if (!(r->flags & WPA_SCAN_ASSOCIATED)) + return; + + wpa_printf(MSG_DEBUG, "nl80211: Scan results indicate BSS status with " + MACSTR " as associated", MAC2STR(r->bssid)); + if (is_sta_interface(drv->nlmode) && !drv->associated) { + wpa_printf(MSG_DEBUG, + "nl80211: Local state (not associated) does not match with BSS state"); + clear_state_mismatch(drv, r->bssid); + } else if (is_sta_interface(drv->nlmode) && + os_memcmp(drv->bssid, r->bssid, ETH_ALEN) != 0) { + wpa_printf(MSG_DEBUG, + "nl80211: Local state (associated with " MACSTR + ") does not match with BSS state", + MAC2STR(drv->bssid)); + clear_state_mismatch(drv, r->bssid); + clear_state_mismatch(drv, drv->bssid); } } @@ -760,31 +901,22 @@ static void wpa_driver_nl80211_check_bss_status( { size_t i; - for (i = 0; i < res->num; i++) { - struct wpa_scan_res *r = res->res[i]; - - if (r->flags & WPA_SCAN_ASSOCIATED) { - wpa_printf(MSG_DEBUG, "nl80211: Scan results " - "indicate BSS status with " MACSTR - " as associated", - MAC2STR(r->bssid)); - if (is_sta_interface(drv->nlmode) && - !drv->associated) { - wpa_printf(MSG_DEBUG, "nl80211: Local state " - "(not associated) does not match " - "with BSS state"); - clear_state_mismatch(drv, r->bssid); - } else if (is_sta_interface(drv->nlmode) && - os_memcmp(drv->bssid, r->bssid, ETH_ALEN) != - 0) { - wpa_printf(MSG_DEBUG, "nl80211: Local state " - "(associated with " MACSTR ") does " - "not match with BSS state", - MAC2STR(drv->bssid)); - clear_state_mismatch(drv, r->bssid); - clear_state_mismatch(drv, drv->bssid); - } - } + for (i = 0; i < res->num; i++) + nl80211_check_bss_status(drv, res->res[i]); +} + + +static void nl80211_update_scan_res_noise(struct wpa_scan_res *res, + struct nl80211_noise_info *info) +{ + unsigned int i; + + for (i = 0; res && i < info->count; i++) { + if ((int) info->freq[i] != res->freq || + !(res->flags & WPA_SCAN_NOISE_INVALID)) + continue; + res->noise = info->noise[i]; + res->flags &= ~WPA_SCAN_NOISE_INVALID; } } @@ -810,9 +942,17 @@ nl80211_get_scan_results(struct wpa_driver_nl80211_data *drv) arg.res = res; ret = send_and_recv_msgs(drv, msg, bss_info_handler, &arg); if (ret == 0) { + struct nl80211_noise_info info; + wpa_printf(MSG_DEBUG, "nl80211: Received scan results (%lu " "BSSes)", (unsigned long) res->num); - nl80211_get_noise_for_scan_results(drv, res); + if (nl80211_get_noise_for_scan_results(drv, &info) == 0) { + size_t i; + + for (i = 0; i < res->num; ++i) + nl80211_update_scan_res_noise(res->res[i], + &info); + } return res; } wpa_printf(MSG_DEBUG, "nl80211: Scan result fetch failed: ret=%d " @@ -840,45 +980,57 @@ struct wpa_scan_results * wpa_driver_nl80211_get_scan_results(void *priv) } -void nl80211_dump_scan(struct wpa_driver_nl80211_data *drv) +struct nl80211_dump_scan_ctx { + struct wpa_driver_nl80211_data *drv; + int idx; +}; + +static int nl80211_dump_scan_handler(struct nl_msg *msg, void *arg) { - struct wpa_scan_results *res; - size_t i; + struct nl80211_dump_scan_ctx *ctx = arg; + struct wpa_scan_res *r; - res = nl80211_get_scan_results(drv); - if (res == NULL) { - wpa_printf(MSG_DEBUG, "nl80211: Failed to get scan results"); - return; - } + r = nl80211_parse_bss_info(ctx->drv, msg); + if (!r) + return NL_SKIP; + wpa_printf(MSG_DEBUG, "nl80211: %d " MACSTR " %d%s", + ctx->idx, MAC2STR(r->bssid), r->freq, + r->flags & WPA_SCAN_ASSOCIATED ? " [assoc]" : ""); + ctx->idx++; + os_free(r); + return NL_SKIP; +} - wpa_printf(MSG_DEBUG, "nl80211: Scan result dump"); - for (i = 0; i < res->num; i++) { - struct wpa_scan_res *r = res->res[i]; - wpa_printf(MSG_DEBUG, "nl80211: %d/%d " MACSTR "%s", - (int) i, (int) res->num, MAC2STR(r->bssid), - r->flags & WPA_SCAN_ASSOCIATED ? " [assoc]" : ""); - } - wpa_scan_results_free(res); +void nl80211_dump_scan(struct wpa_driver_nl80211_data *drv) +{ + struct nl_msg *msg; + struct nl80211_dump_scan_ctx ctx; + + wpa_printf(MSG_DEBUG, "nl80211: Scan result dump"); + ctx.drv = drv; + ctx.idx = 0; + msg = nl80211_cmd_msg(drv->first_bss, NLM_F_DUMP, NL80211_CMD_GET_SCAN); + if (msg) + send_and_recv_msgs(drv, msg, nl80211_dump_scan_handler, &ctx); } -int wpa_driver_nl80211_abort_scan(void *priv) +int wpa_driver_nl80211_abort_scan(void *priv, u64 scan_cookie) { struct i802_bss *bss = priv; +#ifdef CONFIG_DRIVER_NL80211_QCA struct wpa_driver_nl80211_data *drv = bss->drv; - int ret; - struct nl_msg *msg; - - wpa_printf(MSG_DEBUG, "nl80211: Abort scan"); - msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_ABORT_SCAN); - ret = send_and_recv_msgs(drv, msg, NULL, NULL); - if (ret) { - wpa_printf(MSG_DEBUG, "nl80211: Abort scan failed: ret=%d (%s)", - ret, strerror(-ret)); - } - return ret; + /* + * If scan_cookie is zero, a normal scan through kernel (cfg80211) + * was triggered, hence abort the cfg80211 scan instead of the vendor + * scan. + */ + if (drv->scan_vendor_cmd_avail && scan_cookie) + return nl80211_abort_vendor_scan(drv, scan_cookie); +#endif /* CONFIG_DRIVER_NL80211_QCA */ + return nl80211_abort_scan(bss); } @@ -1015,7 +1167,7 @@ int wpa_driver_nl80211_vendor_scan(struct i802_bss *bss, } if (scan_flags && - nla_put_u32(msg, NL80211_ATTR_SCAN_FLAGS, scan_flags)) + nla_put_u32(msg, QCA_WLAN_VENDOR_ATTR_SCAN_FLAGS, scan_flags)) goto fail; if (params->p2p_probe) { @@ -1043,6 +1195,14 @@ int wpa_driver_nl80211_vendor_scan(struct i802_bss *bss, goto fail; } + if (params->bssid) { + wpa_printf(MSG_DEBUG, "nl80211: Scan for a specific BSSID: " + MACSTR, MAC2STR(params->bssid)); + if (nla_put(msg, QCA_WLAN_VENDOR_ATTR_SCAN_BSSID, ETH_ALEN, + params->bssid)) + goto fail; + } + nla_nest_end(msg, attr); ret = send_and_recv_msgs(drv, msg, scan_cookie_handler, &cookie); @@ -1056,6 +1216,8 @@ int wpa_driver_nl80211_vendor_scan(struct i802_bss *bss, drv->vendor_scan_cookie = cookie; drv->scan_state = SCAN_REQUESTED; + /* Pass the cookie to the caller to help distinguish the scans. */ + params->scan_cookie = cookie; wpa_printf(MSG_DEBUG, "nl80211: Vendor scan requested (ret=%d) - scan timeout 30 seconds, scan cookie:0x%llx", diff --git a/contrib/wpa/src/drivers/driver_privsep.c b/contrib/wpa/src/drivers/driver_privsep.c index 43d41937d474..a3f0837e1569 100644 --- a/contrib/wpa/src/drivers/driver_privsep.c +++ b/contrib/wpa/src/drivers/driver_privsep.c @@ -97,15 +97,31 @@ static int wpa_priv_cmd(struct wpa_driver_privsep_data *drv, int cmd, return 0; } - + static int wpa_driver_privsep_scan(void *priv, struct wpa_driver_scan_params *params) { struct wpa_driver_privsep_data *drv = priv; - const u8 *ssid = params->ssids[0].ssid; - size_t ssid_len = params->ssids[0].ssid_len; + struct privsep_cmd_scan scan; + size_t i; + wpa_printf(MSG_DEBUG, "%s: priv=%p", __func__, priv); - return wpa_priv_cmd(drv, PRIVSEP_CMD_SCAN, ssid, ssid_len, + os_memset(&scan, 0, sizeof(scan)); + scan.num_ssids = params->num_ssids; + for (i = 0; i < params->num_ssids; i++) { + if (!params->ssids[i].ssid) + continue; + scan.ssid_lens[i] = params->ssids[i].ssid_len; + os_memcpy(scan.ssids[i], params->ssids[i].ssid, + scan.ssid_lens[i]); + } + + for (i = 0; i < PRIVSEP_MAX_SCAN_FREQS && + params->freqs && params->freqs[i]; i++) + scan.freqs[i] = params->freqs[i]; + scan.num_freqs = i; + + return wpa_priv_cmd(drv, PRIVSEP_CMD_SCAN, &scan, sizeof(scan), NULL, NULL); } @@ -168,12 +184,15 @@ wpa_driver_privsep_get_scan_results2(void *priv) if (len < 0 || len > 10000 || len > end - pos) break; - r = os_malloc(len); + r = os_memdup(pos, len); if (r == NULL) break; - os_memcpy(r, pos, len); pos += len; - if (sizeof(*r) + r->ie_len > (size_t) len) { + if (sizeof(*r) + r->ie_len + r->beacon_ie_len > (size_t) len) { + wpa_printf(MSG_ERROR, + "privsep: Invalid scan result len (%d + %d + %d > %d)", + (int) sizeof(*r), (int) r->ie_len, + (int) r->beacon_ie_len, len); os_free(r); break; } @@ -234,7 +253,7 @@ static int wpa_driver_privsep_authenticate( __func__, priv, params->freq, MAC2STR(params->bssid), params->auth_alg, params->local_state_change, params->p2p); - buflen = sizeof(*data) + params->ie_len + params->sae_data_len; + buflen = sizeof(*data) + params->ie_len + params->auth_data_len; data = os_zalloc(buflen); if (data == NULL) return -1; @@ -259,8 +278,8 @@ static int wpa_driver_privsep_authenticate( os_memcpy(pos, params->ie, params->ie_len); pos += params->ie_len; } - if (params->sae_data_len) - os_memcpy(pos, params->sae_data, params->sae_data_len); + if (params->auth_data_len) + os_memcpy(pos, params->auth_data, params->auth_data_len); res = wpa_priv_cmd(drv, PRIVSEP_CMD_AUTHENTICATE, data, buflen, NULL, NULL); @@ -464,19 +483,6 @@ static void wpa_driver_privsep_event_pmkid_candidate(void *ctx, u8 *buf, } -static void wpa_driver_privsep_event_stkstart(void *ctx, u8 *buf, size_t len) -{ - union wpa_event_data data; - - if (len != ETH_ALEN) - return; - - os_memset(&data, 0, sizeof(data)); - os_memcpy(data.stkstart.peer, buf, ETH_ALEN); - wpa_supplicant_event(ctx, EVENT_STKSTART, &data); -} - - static void wpa_driver_privsep_event_ft_response(void *ctx, u8 *buf, size_t len) { @@ -570,10 +576,6 @@ static void wpa_driver_privsep_receive(int sock, void *eloop_ctx, wpa_driver_privsep_event_pmkid_candidate(drv->ctx, event_buf, event_len); break; - case PRIVSEP_EVENT_STKSTART: - wpa_driver_privsep_event_stkstart(drv->ctx, event_buf, - event_len); - break; case PRIVSEP_EVENT_FT_RESPONSE: wpa_driver_privsep_event_ft_response(drv->ctx, event_buf, event_len); diff --git a/contrib/wpa/src/drivers/driver_wired.c b/contrib/wpa/src/drivers/driver_wired.c index 422a22064ebe..c7537b7c35eb 100644 --- a/contrib/wpa/src/drivers/driver_wired.c +++ b/contrib/wpa/src/drivers/driver_wired.c @@ -12,6 +12,7 @@ #include "common.h" #include "eloop.h" #include "driver.h" +#include "driver_wired_common.h" #include <sys/ioctl.h> #undef IFNAMSIZ @@ -42,20 +43,12 @@ struct ieee8023_hdr { #pragma pack(pop) #endif /* _MSC_VER */ -static const u8 pae_group_addr[ETH_ALEN] = -{ 0x01, 0x80, 0xc2, 0x00, 0x00, 0x03 }; - struct wpa_driver_wired_data { - char ifname[IFNAMSIZ + 1]; - void *ctx; + struct driver_wired_common_data common; - int sock; /* raw packet socket for driver access */ int dhcp_sock; /* socket for dhcp packets */ int use_pae_group_addr; - - int pf_sock; - int membership, multi, iff_allmulti, iff_up; }; @@ -83,34 +76,6 @@ struct dhcp_message { }; -static int wired_multicast_membership(int sock, int ifindex, - const u8 *addr, int add) -{ -#ifdef __linux__ - struct packet_mreq mreq; - - if (sock < 0) - return -1; - - os_memset(&mreq, 0, sizeof(mreq)); - mreq.mr_ifindex = ifindex; - mreq.mr_type = PACKET_MR_MULTICAST; - mreq.mr_alen = ETH_ALEN; - os_memcpy(mreq.mr_address, addr, ETH_ALEN); - - if (setsockopt(sock, SOL_PACKET, - add ? PACKET_ADD_MEMBERSHIP : PACKET_DROP_MEMBERSHIP, - &mreq, sizeof(mreq)) < 0) { - wpa_printf(MSG_ERROR, "setsockopt: %s", strerror(errno)); - return -1; - } - return 0; -#else /* __linux__ */ - return -1; -#endif /* __linux__ */ -} - - #ifdef __linux__ static void handle_data(void *ctx, unsigned char *buf, size_t len) { @@ -131,16 +96,16 @@ static void handle_data(void *ctx, unsigned char *buf, size_t len) hdr = (struct ieee8023_hdr *) buf; switch (ntohs(hdr->ethertype)) { - case ETH_P_PAE: - wpa_printf(MSG_MSGDUMP, "Received EAPOL packet"); - sa = hdr->src; - os_memset(&event, 0, sizeof(event)); - event.new_sta.addr = sa; - wpa_supplicant_event(ctx, EVENT_NEW_STA, &event); - - pos = (u8 *) (hdr + 1); - left = len - sizeof(*hdr); - drv_event_eapol_rx(ctx, sa, pos, left); + case ETH_P_PAE: + wpa_printf(MSG_MSGDUMP, "Received EAPOL packet"); + sa = hdr->src; + os_memset(&event, 0, sizeof(event)); + event.new_sta.addr = sa; + wpa_supplicant_event(ctx, EVENT_NEW_STA, &event); + + pos = (u8 *) (hdr + 1); + left = len - sizeof(*hdr); + drv_event_eapol_rx(ctx, sa, pos, left); break; default: @@ -208,21 +173,22 @@ static int wired_init_sockets(struct wpa_driver_wired_data *drv, u8 *own_addr) struct sockaddr_in addr2; int n = 1; - drv->sock = socket(PF_PACKET, SOCK_RAW, htons(ETH_P_PAE)); - if (drv->sock < 0) { + drv->common.sock = socket(PF_PACKET, SOCK_RAW, htons(ETH_P_PAE)); + if (drv->common.sock < 0) { wpa_printf(MSG_ERROR, "socket[PF_PACKET,SOCK_RAW]: %s", strerror(errno)); return -1; } - if (eloop_register_read_sock(drv->sock, handle_read, drv->ctx, NULL)) { + if (eloop_register_read_sock(drv->common.sock, handle_read, + drv->common.ctx, NULL)) { wpa_printf(MSG_INFO, "Could not register read socket"); return -1; } os_memset(&ifr, 0, sizeof(ifr)); - os_strlcpy(ifr.ifr_name, drv->ifname, sizeof(ifr.ifr_name)); - if (ioctl(drv->sock, SIOCGIFINDEX, &ifr) != 0) { + os_strlcpy(ifr.ifr_name, drv->common.ifname, sizeof(ifr.ifr_name)); + if (ioctl(drv->common.sock, SIOCGIFINDEX, &ifr) != 0) { wpa_printf(MSG_ERROR, "ioctl(SIOCGIFINDEX): %s", strerror(errno)); return -1; @@ -234,13 +200,14 @@ static int wired_init_sockets(struct wpa_driver_wired_data *drv, u8 *own_addr) wpa_printf(MSG_DEBUG, "Opening raw packet socket for ifindex %d", addr.sll_ifindex); - if (bind(drv->sock, (struct sockaddr *) &addr, sizeof(addr)) < 0) { + if (bind(drv->common.sock, (struct sockaddr *) &addr, sizeof(addr)) < 0) + { wpa_printf(MSG_ERROR, "bind: %s", strerror(errno)); return -1; } /* filter multicast address */ - if (wired_multicast_membership(drv->sock, ifr.ifr_ifindex, + if (wired_multicast_membership(drv->common.sock, ifr.ifr_ifindex, pae_group_addr, 1) < 0) { wpa_printf(MSG_ERROR, "wired: Failed to add multicast group " "membership"); @@ -248,8 +215,8 @@ static int wired_init_sockets(struct wpa_driver_wired_data *drv, u8 *own_addr) } os_memset(&ifr, 0, sizeof(ifr)); - os_strlcpy(ifr.ifr_name, drv->ifname, sizeof(ifr.ifr_name)); - if (ioctl(drv->sock, SIOCGIFHWADDR, &ifr) != 0) { + os_strlcpy(ifr.ifr_name, drv->common.ifname, sizeof(ifr.ifr_name)); + if (ioctl(drv->common.sock, SIOCGIFHWADDR, &ifr) != 0) { wpa_printf(MSG_ERROR, "ioctl(SIOCGIFHWADDR): %s", strerror(errno)); return -1; @@ -269,8 +236,8 @@ static int wired_init_sockets(struct wpa_driver_wired_data *drv, u8 *own_addr) return -1; } - if (eloop_register_read_sock(drv->dhcp_sock, handle_dhcp, drv->ctx, - NULL)) { + if (eloop_register_read_sock(drv->dhcp_sock, handle_dhcp, + drv->common.ctx, NULL)) { wpa_printf(MSG_INFO, "Could not register read socket"); return -1; } @@ -294,7 +261,7 @@ static int wired_init_sockets(struct wpa_driver_wired_data *drv, u8 *own_addr) } os_memset(&ifr, 0, sizeof(ifr)); - os_strlcpy(ifr.ifr_ifrn.ifrn_name, drv->ifname, IFNAMSIZ); + os_strlcpy(ifr.ifr_ifrn.ifrn_name, drv->common.ifname, IFNAMSIZ); if (setsockopt(drv->dhcp_sock, SOL_SOCKET, SO_BINDTODEVICE, (char *) &ifr, sizeof(ifr)) < 0) { wpa_printf(MSG_ERROR, @@ -343,7 +310,7 @@ static int wired_send_eapol(void *priv, const u8 *addr, pos = (u8 *) (hdr + 1); os_memcpy(pos, data, data_len); - res = send(drv->sock, (u8 *) hdr, len, 0); + res = send(drv->common.sock, (u8 *) hdr, len, 0); os_free(hdr); if (res < 0) { @@ -368,8 +335,9 @@ static void * wired_driver_hapd_init(struct hostapd_data *hapd, return NULL; } - drv->ctx = hapd; - os_strlcpy(drv->ifname, params->ifname, sizeof(drv->ifname)); + drv->common.ctx = hapd; + os_strlcpy(drv->common.ifname, params->ifname, + sizeof(drv->common.ifname)); drv->use_pae_group_addr = params->use_pae_group_addr; if (wired_init_sockets(drv, params->own_addr)) { @@ -385,9 +353,9 @@ static void wired_driver_hapd_deinit(void *priv) { struct wpa_driver_wired_data *drv = priv; - if (drv->sock >= 0) { - eloop_unregister_read_sock(drv->sock); - close(drv->sock); + if (drv->common.sock >= 0) { + eloop_unregister_read_sock(drv->common.sock); + close(drv->common.sock); } if (drv->dhcp_sock >= 0) { @@ -399,227 +367,18 @@ static void wired_driver_hapd_deinit(void *priv) } -static int wpa_driver_wired_get_ssid(void *priv, u8 *ssid) -{ - ssid[0] = 0; - return 0; -} - - -static int wpa_driver_wired_get_bssid(void *priv, u8 *bssid) -{ - /* Report PAE group address as the "BSSID" for wired connection. */ - os_memcpy(bssid, pae_group_addr, ETH_ALEN); - return 0; -} - - -static int wpa_driver_wired_get_capa(void *priv, struct wpa_driver_capa *capa) -{ - os_memset(capa, 0, sizeof(*capa)); - capa->flags = WPA_DRIVER_FLAGS_WIRED; - return 0; -} - - -static int wpa_driver_wired_get_ifflags(const char *ifname, int *flags) -{ - struct ifreq ifr; - int s; - - s = socket(PF_INET, SOCK_DGRAM, 0); - if (s < 0) { - wpa_printf(MSG_ERROR, "socket: %s", strerror(errno)); - return -1; - } - - os_memset(&ifr, 0, sizeof(ifr)); - os_strlcpy(ifr.ifr_name, ifname, IFNAMSIZ); - if (ioctl(s, SIOCGIFFLAGS, (caddr_t) &ifr) < 0) { - wpa_printf(MSG_ERROR, "ioctl[SIOCGIFFLAGS]: %s", - strerror(errno)); - close(s); - return -1; - } - close(s); - *flags = ifr.ifr_flags & 0xffff; - return 0; -} - - -static int wpa_driver_wired_set_ifflags(const char *ifname, int flags) -{ - struct ifreq ifr; - int s; - - s = socket(PF_INET, SOCK_DGRAM, 0); - if (s < 0) { - wpa_printf(MSG_ERROR, "socket: %s", strerror(errno)); - return -1; - } - - os_memset(&ifr, 0, sizeof(ifr)); - os_strlcpy(ifr.ifr_name, ifname, IFNAMSIZ); - ifr.ifr_flags = flags & 0xffff; - if (ioctl(s, SIOCSIFFLAGS, (caddr_t) &ifr) < 0) { - wpa_printf(MSG_ERROR, "ioctl[SIOCSIFFLAGS]: %s", - strerror(errno)); - close(s); - return -1; - } - close(s); - return 0; -} - - -#if defined(__FreeBSD__) || defined(__DragonFly__) || defined(__FreeBSD_kernel__) -static int wpa_driver_wired_get_ifstatus(const char *ifname, int *status) -{ - struct ifmediareq ifmr; - int s; - - s = socket(PF_INET, SOCK_DGRAM, 0); - if (s < 0) { - wpa_printf(MSG_ERROR, "socket: %s", strerror(errno)); - return -1; - } - - os_memset(&ifmr, 0, sizeof(ifmr)); - os_strlcpy(ifmr.ifm_name, ifname, IFNAMSIZ); - if (ioctl(s, SIOCGIFMEDIA, (caddr_t) &ifmr) < 0) { - wpa_printf(MSG_ERROR, "ioctl[SIOCGIFMEDIA]: %s", - strerror(errno)); - close(s); - return -1; - } - close(s); - *status = (ifmr.ifm_status & (IFM_ACTIVE | IFM_AVALID)) == - (IFM_ACTIVE | IFM_AVALID); - - return 0; -} -#endif /* defined(__FreeBSD__) || defined(__DragonFly__) || defined(FreeBSD_kernel__) */ - - -static int wpa_driver_wired_multi(const char *ifname, const u8 *addr, int add) -{ - struct ifreq ifr; - int s; - -#ifdef __sun__ - return -1; -#endif /* __sun__ */ - - s = socket(PF_INET, SOCK_DGRAM, 0); - if (s < 0) { - wpa_printf(MSG_ERROR, "socket: %s", strerror(errno)); - return -1; - } - - os_memset(&ifr, 0, sizeof(ifr)); - os_strlcpy(ifr.ifr_name, ifname, IFNAMSIZ); -#ifdef __linux__ - ifr.ifr_hwaddr.sa_family = AF_UNSPEC; - os_memcpy(ifr.ifr_hwaddr.sa_data, addr, ETH_ALEN); -#endif /* __linux__ */ -#if defined(__FreeBSD__) || defined(__DragonFly__) || defined(__FreeBSD_kernel__) - { - struct sockaddr_dl *dlp; - dlp = (struct sockaddr_dl *) &ifr.ifr_addr; - dlp->sdl_len = sizeof(struct sockaddr_dl); - dlp->sdl_family = AF_LINK; - dlp->sdl_index = 0; - dlp->sdl_nlen = 0; - dlp->sdl_alen = ETH_ALEN; - dlp->sdl_slen = 0; - os_memcpy(LLADDR(dlp), addr, ETH_ALEN); - } -#endif /* defined(__FreeBSD__) || defined(__DragonFly__) || defined(FreeBSD_kernel__) */ -#if defined(__NetBSD__) || defined(__OpenBSD__) || defined(__APPLE__) - { - struct sockaddr *sap; - sap = (struct sockaddr *) &ifr.ifr_addr; - sap->sa_len = sizeof(struct sockaddr); - sap->sa_family = AF_UNSPEC; - os_memcpy(sap->sa_data, addr, ETH_ALEN); - } -#endif /* defined(__NetBSD__) || defined(__OpenBSD__) || defined(__APPLE__) */ - - if (ioctl(s, add ? SIOCADDMULTI : SIOCDELMULTI, (caddr_t) &ifr) < 0) { - wpa_printf(MSG_ERROR, "ioctl[SIOC{ADD/DEL}MULTI]: %s", - strerror(errno)); - close(s); - return -1; - } - close(s); - return 0; -} - - static void * wpa_driver_wired_init(void *ctx, const char *ifname) { struct wpa_driver_wired_data *drv; - int flags; drv = os_zalloc(sizeof(*drv)); if (drv == NULL) return NULL; - os_strlcpy(drv->ifname, ifname, sizeof(drv->ifname)); - drv->ctx = ctx; - -#ifdef __linux__ - drv->pf_sock = socket(PF_PACKET, SOCK_DGRAM, 0); - if (drv->pf_sock < 0) - wpa_printf(MSG_ERROR, "socket(PF_PACKET): %s", strerror(errno)); -#else /* __linux__ */ - drv->pf_sock = -1; -#endif /* __linux__ */ - if (wpa_driver_wired_get_ifflags(ifname, &flags) == 0 && - !(flags & IFF_UP) && - wpa_driver_wired_set_ifflags(ifname, flags | IFF_UP) == 0) { - drv->iff_up = 1; - } - - if (wired_multicast_membership(drv->pf_sock, - if_nametoindex(drv->ifname), - pae_group_addr, 1) == 0) { - wpa_printf(MSG_DEBUG, "%s: Added multicast membership with " - "packet socket", __func__); - drv->membership = 1; - } else if (wpa_driver_wired_multi(ifname, pae_group_addr, 1) == 0) { - wpa_printf(MSG_DEBUG, "%s: Added multicast membership with " - "SIOCADDMULTI", __func__); - drv->multi = 1; - } else if (wpa_driver_wired_get_ifflags(ifname, &flags) < 0) { - wpa_printf(MSG_INFO, "%s: Could not get interface " - "flags", __func__); - os_free(drv); - return NULL; - } else if (flags & IFF_ALLMULTI) { - wpa_printf(MSG_DEBUG, "%s: Interface is already configured " - "for multicast", __func__); - } else if (wpa_driver_wired_set_ifflags(ifname, - flags | IFF_ALLMULTI) < 0) { - wpa_printf(MSG_INFO, "%s: Failed to enable allmulti", - __func__); + if (driver_wired_init_common(&drv->common, ifname, ctx) < 0) { os_free(drv); return NULL; - } else { - wpa_printf(MSG_DEBUG, "%s: Enabled allmulti mode", - __func__); - drv->iff_allmulti = 1; } -#if defined(__FreeBSD__) || defined(__DragonFly__) || defined(__FreeBSD_kernel__) - { - int status; - wpa_printf(MSG_DEBUG, "%s: waiting for link to become active", - __func__); - while (wpa_driver_wired_get_ifstatus(ifname, &status) == 0 && - status == 0) - sleep(1); - } -#endif /* defined(__FreeBSD__) || defined(__DragonFly__) || defined(FreeBSD_kernel__) */ return drv; } @@ -628,41 +387,8 @@ static void * wpa_driver_wired_init(void *ctx, const char *ifname) static void wpa_driver_wired_deinit(void *priv) { struct wpa_driver_wired_data *drv = priv; - int flags; - - if (drv->membership && - wired_multicast_membership(drv->pf_sock, - if_nametoindex(drv->ifname), - pae_group_addr, 0) < 0) { - wpa_printf(MSG_DEBUG, "%s: Failed to remove PAE multicast " - "group (PACKET)", __func__); - } - - if (drv->multi && - wpa_driver_wired_multi(drv->ifname, pae_group_addr, 0) < 0) { - wpa_printf(MSG_DEBUG, "%s: Failed to remove PAE multicast " - "group (SIOCDELMULTI)", __func__); - } - - if (drv->iff_allmulti && - (wpa_driver_wired_get_ifflags(drv->ifname, &flags) < 0 || - wpa_driver_wired_set_ifflags(drv->ifname, - flags & ~IFF_ALLMULTI) < 0)) { - wpa_printf(MSG_DEBUG, "%s: Failed to disable allmulti mode", - __func__); - } - - if (drv->iff_up && - wpa_driver_wired_get_ifflags(drv->ifname, &flags) == 0 && - (flags & IFF_UP) && - wpa_driver_wired_set_ifflags(drv->ifname, flags & ~IFF_UP) < 0) { - wpa_printf(MSG_DEBUG, "%s: Failed to set the interface down", - __func__); - } - - if (drv->pf_sock != -1) - close(drv->pf_sock); + driver_wired_deinit_common(&drv->common); os_free(drv); } @@ -673,9 +399,9 @@ const struct wpa_driver_ops wpa_driver_wired_ops = { .hapd_init = wired_driver_hapd_init, .hapd_deinit = wired_driver_hapd_deinit, .hapd_send_eapol = wired_send_eapol, - .get_ssid = wpa_driver_wired_get_ssid, - .get_bssid = wpa_driver_wired_get_bssid, - .get_capa = wpa_driver_wired_get_capa, + .get_ssid = driver_wired_get_ssid, + .get_bssid = driver_wired_get_bssid, + .get_capa = driver_wired_get_capa, .init = wpa_driver_wired_init, .deinit = wpa_driver_wired_deinit, }; diff --git a/contrib/wpa/src/drivers/driver_wired_common.c b/contrib/wpa/src/drivers/driver_wired_common.c new file mode 100644 index 000000000000..a860b1c7db35 --- /dev/null +++ b/contrib/wpa/src/drivers/driver_wired_common.c @@ -0,0 +1,322 @@ +/* + * Common functions for Wired Ethernet driver interfaces + * Copyright (c) 2005-2009, Jouni Malinen <j@w1.fi> + * Copyright (c) 2004, Gunter Burchardt <tira@isx.de> + * + * This software may be distributed under the terms of the BSD license. + * See README for more details. + */ + +#include "includes.h" + +#include "common.h" +#include "eloop.h" +#include "driver.h" +#include "driver_wired_common.h" + +#include <sys/ioctl.h> +#include <net/if.h> +#ifdef __linux__ +#include <netpacket/packet.h> +#include <net/if_arp.h> +#include <net/if.h> +#endif /* __linux__ */ +#if defined(__FreeBSD__) || defined(__DragonFly__) || defined(__FreeBSD_kernel__) +#include <net/if_dl.h> +#include <net/if_media.h> +#endif /* defined(__FreeBSD__) || defined(__DragonFly__) || defined(__FreeBSD_kernel__) */ +#ifdef __sun__ +#include <sys/sockio.h> +#endif /* __sun__ */ + + +static int driver_wired_get_ifflags(const char *ifname, int *flags) +{ + struct ifreq ifr; + int s; + + s = socket(PF_INET, SOCK_DGRAM, 0); + if (s < 0) { + wpa_printf(MSG_ERROR, "socket: %s", strerror(errno)); + return -1; + } + + os_memset(&ifr, 0, sizeof(ifr)); + os_strlcpy(ifr.ifr_name, ifname, IFNAMSIZ); + if (ioctl(s, SIOCGIFFLAGS, (caddr_t) &ifr) < 0) { + wpa_printf(MSG_ERROR, "ioctl[SIOCGIFFLAGS]: %s", + strerror(errno)); + close(s); + return -1; + } + close(s); + *flags = ifr.ifr_flags & 0xffff; + return 0; +} + + +static int driver_wired_set_ifflags(const char *ifname, int flags) +{ + struct ifreq ifr; + int s; + + s = socket(PF_INET, SOCK_DGRAM, 0); + if (s < 0) { + wpa_printf(MSG_ERROR, "socket: %s", strerror(errno)); + return -1; + } + + os_memset(&ifr, 0, sizeof(ifr)); + os_strlcpy(ifr.ifr_name, ifname, IFNAMSIZ); + ifr.ifr_flags = flags & 0xffff; + if (ioctl(s, SIOCSIFFLAGS, (caddr_t) &ifr) < 0) { + wpa_printf(MSG_ERROR, "ioctl[SIOCSIFFLAGS]: %s", + strerror(errno)); + close(s); + return -1; + } + close(s); + return 0; +} + + +static int driver_wired_multi(const char *ifname, const u8 *addr, int add) +{ + struct ifreq ifr; + int s; + +#ifdef __sun__ + return -1; +#endif /* __sun__ */ + + s = socket(PF_INET, SOCK_DGRAM, 0); + if (s < 0) { + wpa_printf(MSG_ERROR, "socket: %s", strerror(errno)); + return -1; + } + + os_memset(&ifr, 0, sizeof(ifr)); + os_strlcpy(ifr.ifr_name, ifname, IFNAMSIZ); +#ifdef __linux__ + ifr.ifr_hwaddr.sa_family = AF_UNSPEC; + os_memcpy(ifr.ifr_hwaddr.sa_data, addr, ETH_ALEN); +#endif /* __linux__ */ +#if defined(__FreeBSD__) || defined(__DragonFly__) || defined(__FreeBSD_kernel__) + { + struct sockaddr_dl *dlp; + + dlp = (struct sockaddr_dl *) &ifr.ifr_addr; + dlp->sdl_len = sizeof(struct sockaddr_dl); + dlp->sdl_family = AF_LINK; + dlp->sdl_index = 0; + dlp->sdl_nlen = 0; + dlp->sdl_alen = ETH_ALEN; + dlp->sdl_slen = 0; + os_memcpy(LLADDR(dlp), addr, ETH_ALEN); + } +#endif /* defined(__FreeBSD__) || defined(__DragonFly__) || defined(FreeBSD_kernel__) */ +#if defined(__NetBSD__) || defined(__OpenBSD__) || defined(__APPLE__) + { + struct sockaddr *sap; + + sap = (struct sockaddr *) &ifr.ifr_addr; + sap->sa_len = sizeof(struct sockaddr); + sap->sa_family = AF_UNSPEC; + os_memcpy(sap->sa_data, addr, ETH_ALEN); + } +#endif /* defined(__NetBSD__) || defined(__OpenBSD__) || defined(__APPLE__) */ + + if (ioctl(s, add ? SIOCADDMULTI : SIOCDELMULTI, (caddr_t) &ifr) < 0) { + wpa_printf(MSG_ERROR, "ioctl[SIOC{ADD/DEL}MULTI]: %s", + strerror(errno)); + close(s); + return -1; + } + close(s); + return 0; +} + + +int wired_multicast_membership(int sock, int ifindex, const u8 *addr, int add) +{ +#ifdef __linux__ + struct packet_mreq mreq; + + if (sock < 0) + return -1; + + os_memset(&mreq, 0, sizeof(mreq)); + mreq.mr_ifindex = ifindex; + mreq.mr_type = PACKET_MR_MULTICAST; + mreq.mr_alen = ETH_ALEN; + os_memcpy(mreq.mr_address, addr, ETH_ALEN); + + if (setsockopt(sock, SOL_PACKET, + add ? PACKET_ADD_MEMBERSHIP : PACKET_DROP_MEMBERSHIP, + &mreq, sizeof(mreq)) < 0) { + wpa_printf(MSG_ERROR, "setsockopt: %s", strerror(errno)); + return -1; + } + return 0; +#else /* __linux__ */ + return -1; +#endif /* __linux__ */ +} + + +int driver_wired_get_ssid(void *priv, u8 *ssid) +{ + ssid[0] = 0; + return 0; +} + + +int driver_wired_get_bssid(void *priv, u8 *bssid) +{ + /* Report PAE group address as the "BSSID" for wired connection. */ + os_memcpy(bssid, pae_group_addr, ETH_ALEN); + return 0; +} + + +int driver_wired_get_capa(void *priv, struct wpa_driver_capa *capa) +{ + os_memset(capa, 0, sizeof(*capa)); + capa->flags = WPA_DRIVER_FLAGS_WIRED; + return 0; +} + + +#if defined(__FreeBSD__) || defined(__DragonFly__) || defined(__FreeBSD_kernel__) +static int driver_wired_get_ifstatus(const char *ifname, int *status) +{ + struct ifmediareq ifmr; + int s; + + s = socket(PF_INET, SOCK_DGRAM, 0); + if (s < 0) { + wpa_printf(MSG_ERROR, "socket: %s", strerror(errno)); + return -1; + } + + os_memset(&ifmr, 0, sizeof(ifmr)); + os_strlcpy(ifmr.ifm_name, ifname, IFNAMSIZ); + if (ioctl(s, SIOCGIFMEDIA, (caddr_t) &ifmr) < 0) { + wpa_printf(MSG_ERROR, "ioctl[SIOCGIFMEDIA]: %s", + strerror(errno)); + close(s); + return -1; + } + close(s); + *status = (ifmr.ifm_status & (IFM_ACTIVE | IFM_AVALID)) == + (IFM_ACTIVE | IFM_AVALID); + + return 0; +} +#endif /* defined(__FreeBSD__) || defined(__DragonFly__) || defined(FreeBSD_kernel__) */ + + +int driver_wired_init_common(struct driver_wired_common_data *common, + const char *ifname, void *ctx) +{ + int flags; + + os_strlcpy(common->ifname, ifname, sizeof(common->ifname)); + common->ctx = ctx; + +#ifdef __linux__ + common->pf_sock = socket(PF_PACKET, SOCK_DGRAM, 0); + if (common->pf_sock < 0) + wpa_printf(MSG_ERROR, "socket(PF_PACKET): %s", strerror(errno)); +#else /* __linux__ */ + common->pf_sock = -1; +#endif /* __linux__ */ + + if (driver_wired_get_ifflags(ifname, &flags) == 0 && + !(flags & IFF_UP) && + driver_wired_set_ifflags(ifname, flags | IFF_UP) == 0) + common->iff_up = 1; + + if (wired_multicast_membership(common->pf_sock, + if_nametoindex(common->ifname), + pae_group_addr, 1) == 0) { + wpa_printf(MSG_DEBUG, + "%s: Added multicast membership with packet socket", + __func__); + common->membership = 1; + } else if (driver_wired_multi(ifname, pae_group_addr, 1) == 0) { + wpa_printf(MSG_DEBUG, + "%s: Added multicast membership with SIOCADDMULTI", + __func__); + common->multi = 1; + } else if (driver_wired_get_ifflags(ifname, &flags) < 0) { + wpa_printf(MSG_INFO, "%s: Could not get interface flags", + __func__); + return -1; + } else if (flags & IFF_ALLMULTI) { + wpa_printf(MSG_DEBUG, + "%s: Interface is already configured for multicast", + __func__); + } else if (driver_wired_set_ifflags(ifname, + flags | IFF_ALLMULTI) < 0) { + wpa_printf(MSG_INFO, "%s: Failed to enable allmulti", __func__); + return -1; + } else { + wpa_printf(MSG_DEBUG, "%s: Enabled allmulti mode", __func__); + common->iff_allmulti = 1; + } +#if defined(__FreeBSD__) || defined(__DragonFly__) || defined(__FreeBSD_kernel__) + { + int status; + + wpa_printf(MSG_DEBUG, "%s: waiting for link to become active", + __func__); + while (driver_wired_get_ifstatus(ifname, &status) == 0 && + status == 0) + sleep(1); + } +#endif /* defined(__FreeBSD__) || defined(__DragonFly__) || defined(FreeBSD_kernel__) */ + + return 0; +} + + +void driver_wired_deinit_common(struct driver_wired_common_data *common) +{ + int flags; + + if (common->membership && + wired_multicast_membership(common->pf_sock, + if_nametoindex(common->ifname), + pae_group_addr, 0) < 0) { + wpa_printf(MSG_DEBUG, + "%s: Failed to remove PAE multicast group (PACKET)", + __func__); + } + + if (common->multi && + driver_wired_multi(common->ifname, pae_group_addr, 0) < 0) { + wpa_printf(MSG_DEBUG, + "%s: Failed to remove PAE multicast group (SIOCDELMULTI)", + __func__); + } + + if (common->iff_allmulti && + (driver_wired_get_ifflags(common->ifname, &flags) < 0 || + driver_wired_set_ifflags(common->ifname, + flags & ~IFF_ALLMULTI) < 0)) { + wpa_printf(MSG_DEBUG, "%s: Failed to disable allmulti mode", + __func__); + } + + if (common->iff_up && + driver_wired_get_ifflags(common->ifname, &flags) == 0 && + (flags & IFF_UP) && + driver_wired_set_ifflags(common->ifname, flags & ~IFF_UP) < 0) { + wpa_printf(MSG_DEBUG, "%s: Failed to set the interface down", + __func__); + } + + if (common->pf_sock != -1) + close(common->pf_sock); +} diff --git a/contrib/wpa/src/drivers/driver_wired_common.h b/contrib/wpa/src/drivers/driver_wired_common.h new file mode 100644 index 000000000000..2bb0710bb275 --- /dev/null +++ b/contrib/wpa/src/drivers/driver_wired_common.h @@ -0,0 +1,34 @@ +/* + * Common definitions for Wired Ethernet driver interfaces + * Copyright (c) 2005-2009, Jouni Malinen <j@w1.fi> + * Copyright (c) 2004, Gunter Burchardt <tira@isx.de> + * + * This software may be distributed under the terms of the BSD license. + * See README for more details. + */ + +#ifndef DRIVER_WIRED_COMMON_H +#define DRIVER_WIRED_COMMON_H + +struct driver_wired_common_data { + char ifname[IFNAMSIZ + 1]; + void *ctx; + + int sock; /* raw packet socket for driver access */ + int pf_sock; + int membership, multi, iff_allmulti, iff_up; +}; + +static const u8 pae_group_addr[ETH_ALEN] = +{ 0x01, 0x80, 0xc2, 0x00, 0x00, 0x03 }; + +int wired_multicast_membership(int sock, int ifindex, const u8 *addr, int add); +int driver_wired_get_ssid(void *priv, u8 *ssid); +int driver_wired_get_bssid(void *priv, u8 *bssid); +int driver_wired_get_capa(void *priv, struct wpa_driver_capa *capa); + +int driver_wired_init_common(struct driver_wired_common_data *common, + const char *ifname, void *ctx); +void driver_wired_deinit_common(struct driver_wired_common_data *common); + +#endif /* DRIVER_WIRED_COMMON_H */ diff --git a/contrib/wpa/src/drivers/drivers.c b/contrib/wpa/src/drivers/drivers.c index 00773a7113f6..e95df6ddb20a 100644 --- a/contrib/wpa/src/drivers/drivers.c +++ b/contrib/wpa/src/drivers/drivers.c @@ -34,6 +34,9 @@ const struct wpa_driver_ops *const wpa_drivers[] = #ifdef CONFIG_DRIVER_WIRED &wpa_driver_wired_ops, #endif /* CONFIG_DRIVER_WIRED */ +#ifdef CONFIG_DRIVER_MACSEC_LINUX + &wpa_driver_macsec_linux_ops, +#endif /* CONFIG_DRIVER_MACSEC_LINUX */ #ifdef CONFIG_DRIVER_MACSEC_QCA &wpa_driver_macsec_qca_ops, #endif /* CONFIG_DRIVER_MACSEC_QCA */ diff --git a/contrib/wpa/src/eap_common/eap_eke_common.c b/contrib/wpa/src/eap_common/eap_eke_common.c index 621746821538..bfe8811e33f2 100644 --- a/contrib/wpa/src/eap_common/eap_eke_common.c +++ b/contrib/wpa/src/eap_common/eap_eke_common.c @@ -161,7 +161,6 @@ int eap_eke_dh_init(u8 group, u8 *ret_priv, u8 *ret_pub) int generator; u8 gen; const struct dh_group *dh; - size_t pub_len, i; generator = eap_eke_dh_generator(group); dh = eap_eke_dh_group(group); @@ -169,33 +168,11 @@ int eap_eke_dh_init(u8 group, u8 *ret_priv, u8 *ret_pub) return -1; gen = generator; - /* x = random number 2 .. p-1 */ - if (random_get_bytes(ret_priv, dh->prime_len)) - return -1; - if (os_memcmp(ret_priv, dh->prime, dh->prime_len) > 0) { - /* Make sure private value is smaller than prime */ - ret_priv[0] = 0; - } - for (i = 0; i < dh->prime_len - 1; i++) { - if (ret_priv[i]) - break; - } - if (i == dh->prime_len - 1 && (ret_priv[i] == 0 || ret_priv[i] == 1)) + if (crypto_dh_init(gen, dh->prime, dh->prime_len, ret_priv, + ret_pub) < 0) return -1; wpa_hexdump_key(MSG_DEBUG, "EAP-EKE: DH private value", ret_priv, dh->prime_len); - - /* y = g ^ x (mod p) */ - pub_len = dh->prime_len; - if (crypto_mod_exp(&gen, 1, ret_priv, dh->prime_len, - dh->prime, dh->prime_len, ret_pub, &pub_len) < 0) - return -1; - if (pub_len < dh->prime_len) { - size_t pad = dh->prime_len - pub_len; - os_memmove(ret_pub + pad, ret_pub, pub_len); - os_memset(ret_pub, 0, pad); - } - wpa_hexdump(MSG_DEBUG, "EAP-EKE: DH public value", ret_pub, dh->prime_len); @@ -421,8 +398,9 @@ int eap_eke_shared_secret(struct eap_eke_session *sess, const u8 *key, /* SharedSecret = prf(0+, g ^ (x_s * x_p) (mod p)) */ len = dh->prime_len; - if (crypto_mod_exp(peer_pub, dh->prime_len, dhpriv, dh->prime_len, - dh->prime, dh->prime_len, modexp, &len) < 0) + if (crypto_dh_derive_secret(*dh->generator, dh->prime, dh->prime_len, + dhpriv, dh->prime_len, peer_pub, + dh->prime_len, modexp, &len) < 0) return -1; if (len < dh->prime_len) { size_t pad = dh->prime_len - len; diff --git a/contrib/wpa/src/eap_common/eap_fast_common.c b/contrib/wpa/src/eap_common/eap_fast_common.c index 9ef671c41c7d..57990d254a6a 100644 --- a/contrib/wpa/src/eap_common/eap_fast_common.c +++ b/contrib/wpa/src/eap_common/eap_fast_common.c @@ -79,7 +79,7 @@ void eap_fast_derive_master_secret(const u8 *pac_key, const u8 *server_random, /* * RFC 4851, Section 5.1: - * master_secret = T-PRF(PAC-Key, "PAC to master secret label hash", + * master_secret = T-PRF(PAC-Key, "PAC to master secret label hash", * server_random + client_random, 48) */ os_memcpy(seed, server_random, TLS_RANDOM_LEN); diff --git a/contrib/wpa/src/eap_common/eap_pwd_common.c b/contrib/wpa/src/eap_common/eap_pwd_common.c index 67f8f7098c4b..88c6595887ab 100644 --- a/contrib/wpa/src/eap_common/eap_pwd_common.c +++ b/contrib/wpa/src/eap_common/eap_pwd_common.c @@ -81,6 +81,27 @@ static int eap_pwd_kdf(const u8 *key, size_t keylen, const u8 *label, } +EAP_PWD_group * get_eap_pwd_group(u16 num) +{ + EAP_PWD_group *grp; + + grp = os_zalloc(sizeof(EAP_PWD_group)); + if (!grp) + return NULL; + grp->group = crypto_ec_init(num); + if (!grp->group) { + wpa_printf(MSG_INFO, "EAP-pwd: unable to create EC group"); + os_free(grp); + return NULL; + } + + grp->group_num = num; + wpa_printf(MSG_INFO, "EAP-pwd: provisioned group %d", num); + + return grp; +} + + /* * compute a "random" secret point on an elliptic curve based * on the password and identities. @@ -91,105 +112,71 @@ int compute_password_element(EAP_PWD_group *grp, u16 num, const u8 *id_peer, size_t id_peer_len, const u8 *token) { - BIGNUM *x_candidate = NULL, *rnd = NULL, *cofactor = NULL; + struct crypto_bignum *qr = NULL, *qnr = NULL, *one = NULL; + struct crypto_bignum *tmp1 = NULL, *tmp2 = NULL, *pm1 = NULL; struct crypto_hash *hash; unsigned char pwe_digest[SHA256_MAC_LEN], *prfbuf = NULL, ctr; - int nid, is_odd, ret = 0; + int is_odd, ret = 0, check, found = 0; size_t primebytelen, primebitlen; + struct crypto_bignum *x_candidate = NULL, *rnd = NULL, *cofactor = NULL; + const struct crypto_bignum *prime; - switch (num) { /* from IANA registry for IKE D-H groups */ - case 19: - nid = NID_X9_62_prime256v1; - break; - case 20: - nid = NID_secp384r1; - break; - case 21: - nid = NID_secp521r1; - break; -#ifndef OPENSSL_IS_BORINGSSL - case 25: - nid = NID_X9_62_prime192v1; - break; -#endif /* OPENSSL_IS_BORINGSSL */ - case 26: - nid = NID_secp224r1; - break; -#ifdef NID_brainpoolP224r1 - case 27: - nid = NID_brainpoolP224r1; - break; -#endif /* NID_brainpoolP224r1 */ -#ifdef NID_brainpoolP256r1 - case 28: - nid = NID_brainpoolP256r1; - break; -#endif /* NID_brainpoolP256r1 */ -#ifdef NID_brainpoolP384r1 - case 29: - nid = NID_brainpoolP384r1; - break; -#endif /* NID_brainpoolP384r1 */ -#ifdef NID_brainpoolP512r1 - case 30: - nid = NID_brainpoolP512r1; - break; -#endif /* NID_brainpoolP512r1 */ - default: - wpa_printf(MSG_INFO, "EAP-pwd: unsupported group %d", num); + if (grp->pwe) return -1; - } - grp->pwe = NULL; - grp->order = NULL; - grp->prime = NULL; - - if ((grp->group = EC_GROUP_new_by_curve_name(nid)) == NULL) { - wpa_printf(MSG_INFO, "EAP-pwd: unable to create EC_GROUP"); - goto fail; - } - - if (((rnd = BN_new()) == NULL) || - ((cofactor = BN_new()) == NULL) || - ((grp->pwe = EC_POINT_new(grp->group)) == NULL) || - ((grp->order = BN_new()) == NULL) || - ((grp->prime = BN_new()) == NULL) || - ((x_candidate = BN_new()) == NULL)) { + prime = crypto_ec_get_prime(grp->group); + cofactor = crypto_bignum_init(); + grp->pwe = crypto_ec_point_init(grp->group); + tmp1 = crypto_bignum_init(); + pm1 = crypto_bignum_init(); + one = crypto_bignum_init_set((const u8 *) "\x01", 1); + if (!cofactor || !grp->pwe || !tmp1 || !pm1 || !one) { wpa_printf(MSG_INFO, "EAP-pwd: unable to create bignums"); goto fail; } - if (!EC_GROUP_get_curve_GFp(grp->group, grp->prime, NULL, NULL, NULL)) - { - wpa_printf(MSG_INFO, "EAP-pwd: unable to get prime for GFp " - "curve"); - goto fail; - } - if (!EC_GROUP_get_order(grp->group, grp->order, NULL)) { - wpa_printf(MSG_INFO, "EAP-pwd: unable to get order for curve"); - goto fail; - } - if (!EC_GROUP_get_cofactor(grp->group, cofactor, NULL)) { + if (crypto_ec_cofactor(grp->group, cofactor) < 0) { wpa_printf(MSG_INFO, "EAP-pwd: unable to get cofactor for " "curve"); goto fail; } - primebitlen = BN_num_bits(grp->prime); - primebytelen = BN_num_bytes(grp->prime); + primebitlen = crypto_ec_prime_len_bits(grp->group); + primebytelen = crypto_ec_prime_len(grp->group); if ((prfbuf = os_malloc(primebytelen)) == NULL) { wpa_printf(MSG_INFO, "EAP-pwd: unable to malloc space for prf " "buffer"); goto fail; } - os_memset(prfbuf, 0, primebytelen); - ctr = 0; - while (1) { - if (ctr > 30) { - wpa_printf(MSG_INFO, "EAP-pwd: unable to find random " - "point on curve for group %d, something's " - "fishy", num); + if (crypto_bignum_sub(prime, one, pm1) < 0) + goto fail; + + /* get a random quadratic residue and nonresidue */ + while (!qr || !qnr) { + int res; + + if (crypto_bignum_rand(tmp1, prime) < 0) goto fail; + res = crypto_bignum_legendre(tmp1, prime); + if (!qr && res == 1) { + qr = tmp1; + tmp1 = crypto_bignum_init(); + } else if (!qnr && res == -1) { + qnr = tmp1; + tmp1 = crypto_bignum_init(); } + if (!tmp1) + goto fail; + } + + os_memset(prfbuf, 0, primebytelen); + ctr = 0; + + /* + * Run through the hunting-and-pecking loop 40 times to mask the time + * necessary to find PWE. The odds of PWE not being found in 40 loops is + * roughly 1 in 1 trillion. + */ + while (ctr < 40) { ctr++; /* @@ -207,15 +194,25 @@ int compute_password_element(EAP_PWD_group *grp, u16 num, eap_pwd_h_update(hash, &ctr, sizeof(ctr)); eap_pwd_h_final(hash, pwe_digest); - BN_bin2bn(pwe_digest, SHA256_MAC_LEN, rnd); - + crypto_bignum_deinit(rnd, 1); + rnd = crypto_bignum_init_set(pwe_digest, SHA256_MAC_LEN); + if (!rnd) { + wpa_printf(MSG_INFO, "EAP-pwd: unable to create rnd"); + goto fail; + } if (eap_pwd_kdf(pwe_digest, SHA256_MAC_LEN, (u8 *) "EAP-pwd Hunting And Pecking", os_strlen("EAP-pwd Hunting And Pecking"), prfbuf, primebitlen) < 0) goto fail; - BN_bin2bn(prfbuf, primebytelen, x_candidate); + crypto_bignum_deinit(x_candidate, 1); + x_candidate = crypto_bignum_init_set(prfbuf, primebytelen); + if (!x_candidate) { + wpa_printf(MSG_INFO, + "EAP-pwd: unable to create x_candidate"); + goto fail; + } /* * eap_pwd_kdf() returns a string of bits 0..primebitlen but @@ -224,97 +221,157 @@ int compute_password_element(EAP_PWD_group *grp, u16 num, * then excessive bits-- those _after_ primebitlen-- so now * we have to shift right the amount we masked off. */ - if (primebitlen % 8) - BN_rshift(x_candidate, x_candidate, - (8 - (primebitlen % 8))); + if ((primebitlen % 8) && + crypto_bignum_rshift(x_candidate, + (8 - (primebitlen % 8)), + x_candidate) < 0) + goto fail; - if (BN_ucmp(x_candidate, grp->prime) >= 0) + if (crypto_bignum_cmp(x_candidate, prime) >= 0) continue; wpa_hexdump(MSG_DEBUG, "EAP-pwd: x_candidate", prfbuf, primebytelen); /* - * need to unambiguously identify the solution, if there is - * one... + * compute y^2 using the equation of the curve + * + * y^2 = x^3 + ax + b */ - if (BN_is_odd(rnd)) - is_odd = 1; - else - is_odd = 0; + tmp2 = crypto_ec_point_compute_y_sqr(grp->group, x_candidate); + if (!tmp2) + goto fail; /* - * solve the quadratic equation, if it's not solvable then we - * don't have a point + * mask tmp2 so doing legendre won't leak timing info + * + * tmp1 is a random number between 1 and p-1 */ - if (!EC_POINT_set_compressed_coordinates_GFp(grp->group, - grp->pwe, - x_candidate, - is_odd, NULL)) - continue; + if (crypto_bignum_rand(tmp1, pm1) < 0 || + crypto_bignum_mulmod(tmp2, tmp1, prime, tmp2) < 0 || + crypto_bignum_mulmod(tmp2, tmp1, prime, tmp2) < 0) + goto fail; + /* - * If there's a solution to the equation then the point must be - * on the curve so why check again explicitly? OpenSSL code - * says this is required by X9.62. We're not X9.62 but it can't - * hurt just to be sure. + * Now tmp2 (y^2) is masked, all values between 1 and p-1 + * are equally probable. Multiplying by r^2 does not change + * whether or not tmp2 is a quadratic residue, just masks it. + * + * Flip a coin, multiply by the random quadratic residue or the + * random quadratic nonresidue and record heads or tails. */ - if (!EC_POINT_is_on_curve(grp->group, grp->pwe, NULL)) { - wpa_printf(MSG_INFO, "EAP-pwd: point is not on curve"); - continue; + if (crypto_bignum_is_odd(tmp1)) { + crypto_bignum_mulmod(tmp2, qr, prime, tmp2); + check = 1; + } else { + crypto_bignum_mulmod(tmp2, qnr, prime, tmp2); + check = -1; } - if (BN_cmp(cofactor, BN_value_one())) { - /* make sure the point is not in a small sub-group */ - if (!EC_POINT_mul(grp->group, grp->pwe, NULL, grp->pwe, - cofactor, NULL)) { - wpa_printf(MSG_INFO, "EAP-pwd: cannot " - "multiply generator by order"); + /* + * Now it's safe to do legendre, if check is 1 then it's + * a straightforward test (multiplying by qr does not + * change result), if check is -1 then it's the opposite test + * (multiplying a qr by qnr would make a qnr). + */ + if (crypto_bignum_legendre(tmp2, prime) == check) { + if (found == 1) + continue; + + /* need to unambiguously identify the solution */ + is_odd = crypto_bignum_is_odd(rnd); + + /* + * We know x_candidate is a quadratic residue so set + * it here. + */ + if (crypto_ec_point_solve_y_coord(grp->group, grp->pwe, + x_candidate, + is_odd) != 0) { + wpa_printf(MSG_INFO, + "EAP-pwd: Could not solve for y"); continue; } - if (EC_POINT_is_at_infinity(grp->group, grp->pwe)) { - wpa_printf(MSG_INFO, "EAP-pwd: point is at " - "infinity"); + + /* + * If there's a solution to the equation then the point + * must be on the curve so why check again explicitly? + * OpenSSL code says this is required by X9.62. We're + * not X9.62 but it can't hurt just to be sure. + */ + if (!crypto_ec_point_is_on_curve(grp->group, + grp->pwe)) { + wpa_printf(MSG_INFO, + "EAP-pwd: point is not on curve"); continue; } + + if (!crypto_bignum_is_one(cofactor)) { + /* make sure the point is not in a small + * sub-group */ + if (crypto_ec_point_mul(grp->group, grp->pwe, + cofactor, + grp->pwe) != 0) { + wpa_printf(MSG_INFO, + "EAP-pwd: cannot multiply generator by order"); + continue; + } + if (crypto_ec_point_is_at_infinity(grp->group, + grp->pwe)) { + wpa_printf(MSG_INFO, + "EAP-pwd: point is at infinity"); + continue; + } + } + wpa_printf(MSG_DEBUG, + "EAP-pwd: found a PWE in %d tries", ctr); + found = 1; } - /* if we got here then we have a new generator. */ - break; } - wpa_printf(MSG_DEBUG, "EAP-pwd: found a PWE in %d tries", ctr); - grp->group_num = num; + if (found == 0) { + wpa_printf(MSG_INFO, + "EAP-pwd: unable to find random point on curve for group %d, something's fishy", + num); + goto fail; + } if (0) { fail: - EC_GROUP_free(grp->group); - grp->group = NULL; - EC_POINT_clear_free(grp->pwe); + crypto_ec_point_deinit(grp->pwe, 1); grp->pwe = NULL; - BN_clear_free(grp->order); - grp->order = NULL; - BN_clear_free(grp->prime); - grp->prime = NULL; ret = 1; } /* cleanliness and order.... */ - BN_clear_free(cofactor); - BN_clear_free(x_candidate); - BN_clear_free(rnd); + crypto_bignum_deinit(cofactor, 1); + crypto_bignum_deinit(x_candidate, 1); + crypto_bignum_deinit(rnd, 1); + crypto_bignum_deinit(pm1, 0); + crypto_bignum_deinit(tmp1, 1); + crypto_bignum_deinit(tmp2, 1); + crypto_bignum_deinit(qr, 1); + crypto_bignum_deinit(qnr, 1); + crypto_bignum_deinit(one, 0); os_free(prfbuf); return ret; } -int compute_keys(EAP_PWD_group *grp, BN_CTX *bnctx, const BIGNUM *k, - const BIGNUM *peer_scalar, const BIGNUM *server_scalar, +int compute_keys(EAP_PWD_group *grp, const struct crypto_bignum *k, + const struct crypto_bignum *peer_scalar, + const struct crypto_bignum *server_scalar, const u8 *confirm_peer, const u8 *confirm_server, const u32 *ciphersuite, u8 *msk, u8 *emsk, u8 *session_id) { struct crypto_hash *hash; u8 mk[SHA256_MAC_LEN], *cruft; u8 msk_emsk[EAP_MSK_LEN + EAP_EMSK_LEN]; - int offset; + size_t prime_len, order_len; + + prime_len = crypto_ec_prime_len(grp->group); + order_len = crypto_ec_order_len(grp->group); - if ((cruft = os_malloc(BN_num_bytes(grp->prime))) == NULL) + cruft = os_malloc(prime_len); + if (!cruft) return -1; /* @@ -328,14 +385,10 @@ int compute_keys(EAP_PWD_group *grp, BN_CTX *bnctx, const BIGNUM *k, return -1; } eap_pwd_h_update(hash, (const u8 *) ciphersuite, sizeof(u32)); - offset = BN_num_bytes(grp->order) - BN_num_bytes(peer_scalar); - os_memset(cruft, 0, BN_num_bytes(grp->prime)); - BN_bn2bin(peer_scalar, cruft + offset); - eap_pwd_h_update(hash, cruft, BN_num_bytes(grp->order)); - offset = BN_num_bytes(grp->order) - BN_num_bytes(server_scalar); - os_memset(cruft, 0, BN_num_bytes(grp->prime)); - BN_bn2bin(server_scalar, cruft + offset); - eap_pwd_h_update(hash, cruft, BN_num_bytes(grp->order)); + crypto_bignum_to_bin(peer_scalar, cruft, order_len, order_len); + eap_pwd_h_update(hash, cruft, order_len); + crypto_bignum_to_bin(server_scalar, cruft, order_len, order_len); + eap_pwd_h_update(hash, cruft, order_len); eap_pwd_h_final(hash, &session_id[1]); /* then compute MK = H(k | confirm-peer | confirm-server) */ @@ -344,10 +397,8 @@ int compute_keys(EAP_PWD_group *grp, BN_CTX *bnctx, const BIGNUM *k, os_free(cruft); return -1; } - offset = BN_num_bytes(grp->prime) - BN_num_bytes(k); - os_memset(cruft, 0, BN_num_bytes(grp->prime)); - BN_bn2bin(k, cruft + offset); - eap_pwd_h_update(hash, cruft, BN_num_bytes(grp->prime)); + crypto_bignum_to_bin(k, cruft, prime_len, prime_len); + eap_pwd_h_update(hash, cruft, prime_len); os_free(cruft); eap_pwd_h_update(hash, confirm_peer, SHA256_MAC_LEN); eap_pwd_h_update(hash, confirm_server, SHA256_MAC_LEN); diff --git a/contrib/wpa/src/eap_common/eap_pwd_common.h b/contrib/wpa/src/eap_common/eap_pwd_common.h index a0d717edfe7a..6b07cf8f797c 100644 --- a/contrib/wpa/src/eap_common/eap_pwd_common.h +++ b/contrib/wpa/src/eap_common/eap_pwd_common.h @@ -9,20 +9,14 @@ #ifndef EAP_PWD_COMMON_H #define EAP_PWD_COMMON_H -#include <openssl/bn.h> -#include <openssl/ec.h> -#include <openssl/evp.h> - /* * definition of a finite cyclic group * TODO: support one based on a prime field */ typedef struct group_definition_ { u16 group_num; - EC_GROUP *group; - EC_POINT *pwe; - BIGNUM *order; - BIGNUM *prime; + struct crypto_ec *group; + struct crypto_ec_point *pwe; } EAP_PWD_group; /* @@ -52,17 +46,22 @@ struct eap_pwd_id { u8 prep; #define EAP_PWD_PREP_NONE 0 #define EAP_PWD_PREP_MS 1 +#define EAP_PWD_PREP_SSHA1 3 +#define EAP_PWD_PREP_SSHA256 4 +#define EAP_PWD_PREP_SSHA512 5 u8 identity[0]; /* length inferred from payload */ } STRUCT_PACKED; /* common routines */ +EAP_PWD_group * get_eap_pwd_group(u16 num); int compute_password_element(EAP_PWD_group *grp, u16 num, const u8 *password, size_t password_len, const u8 *id_server, size_t id_server_len, const u8 *id_peer, size_t id_peer_len, const u8 *token); -int compute_keys(EAP_PWD_group *grp, BN_CTX *bnctx, const BIGNUM *k, - const BIGNUM *peer_scalar, const BIGNUM *server_scalar, +int compute_keys(EAP_PWD_group *grp, const struct crypto_bignum *k, + const struct crypto_bignum *peer_scalar, + const struct crypto_bignum *server_scalar, const u8 *confirm_peer, const u8 *confirm_server, const u32 *ciphersuite, u8 *msk, u8 *emsk, u8 *session_id); struct crypto_hash * eap_pwd_h_init(void); diff --git a/contrib/wpa/src/eap_common/eap_sim_common.c b/contrib/wpa/src/eap_common/eap_sim_common.c index 2adc3b376a8e..6290c35f1a6b 100644 --- a/contrib/wpa/src/eap_common/eap_sim_common.c +++ b/contrib/wpa/src/eap_common/eap_sim_common.c @@ -175,7 +175,7 @@ int eap_sim_verify_mac(const u8 *k_aut, const struct wpabuf *req, mac > wpabuf_head_u8(req) + wpabuf_len(req) - EAP_SIM_MAC_LEN) return -1; - tmp = os_malloc(wpabuf_len(req)); + tmp = os_memdup(wpabuf_head(req), wpabuf_len(req)); if (tmp == NULL) return -1; @@ -185,7 +185,6 @@ int eap_sim_verify_mac(const u8 *k_aut, const struct wpabuf *req, len[1] = extra_len; /* HMAC-SHA1-128 */ - os_memcpy(tmp, wpabuf_head(req), wpabuf_len(req)); os_memset(tmp + (mac - wpabuf_head_u8(req)), 0, EAP_SIM_MAC_LEN); wpa_hexdump(MSG_MSGDUMP, "EAP-SIM: Verify MAC - msg", tmp, wpabuf_len(req)); @@ -370,7 +369,7 @@ int eap_sim_verify_mac_sha256(const u8 *k_aut, const struct wpabuf *req, mac > wpabuf_head_u8(req) + wpabuf_len(req) - EAP_SIM_MAC_LEN) return -1; - tmp = os_malloc(wpabuf_len(req)); + tmp = os_memdup(wpabuf_head(req), wpabuf_len(req)); if (tmp == NULL) return -1; @@ -380,7 +379,6 @@ int eap_sim_verify_mac_sha256(const u8 *k_aut, const struct wpabuf *req, len[1] = extra_len; /* HMAC-SHA-256-128 */ - os_memcpy(tmp, wpabuf_head(req), wpabuf_len(req)); os_memset(tmp + (mac - wpabuf_head_u8(req)), 0, EAP_SIM_MAC_LEN); wpa_hexdump(MSG_MSGDUMP, "EAP-AKA': Verify MAC - msg", tmp, wpabuf_len(req)); @@ -943,10 +941,9 @@ u8 * eap_sim_parse_encr(const u8 *k_encr, const u8 *encr_data, return NULL; } - decrypted = os_malloc(encr_data_len); + decrypted = os_memdup(encr_data, encr_data_len); if (decrypted == NULL) return NULL; - os_memcpy(decrypted, encr_data, encr_data_len); if (aes_128_cbc_decrypt(k_encr, iv, decrypted, encr_data_len)) { os_free(decrypted); diff --git a/contrib/wpa/src/eap_peer/eap.c b/contrib/wpa/src/eap_peer/eap.c index 9110ca5b9cfd..974c475ff2d4 100644 --- a/contrib/wpa/src/eap_peer/eap.c +++ b/contrib/wpa/src/eap_peer/eap.c @@ -95,6 +95,14 @@ static void eap_notify_status(struct eap_sm *sm, const char *status, } +static void eap_report_error(struct eap_sm *sm, int error_code) +{ + wpa_printf(MSG_DEBUG, "EAP: Error notification: %d", error_code); + if (sm->eapol_cb->notify_eap_error) + sm->eapol_cb->notify_eap_error(sm->eapol_ctx, error_code); +} + + static void eap_sm_free_key(struct eap_sm *sm) { if (sm->eapKeyData) { @@ -121,15 +129,17 @@ static void eap_deinit_prev_method(struct eap_sm *sm, const char *txt) /** - * eap_allowed_method - Check whether EAP method is allowed + * eap_config_allowed_method - Check whether EAP method is allowed * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init() + * @config: EAP configuration * @vendor: Vendor-Id for expanded types or 0 = IETF for legacy types * @method: EAP type * Returns: 1 = allowed EAP method, 0 = not allowed */ -int eap_allowed_method(struct eap_sm *sm, int vendor, u32 method) +static int eap_config_allowed_method(struct eap_sm *sm, + struct eap_peer_config *config, + int vendor, u32 method) { - struct eap_peer_config *config = eap_get_config(sm); int i; struct eap_method_type *m; @@ -146,6 +156,57 @@ int eap_allowed_method(struct eap_sm *sm, int vendor, u32 method) } +/** + * eap_allowed_method - Check whether EAP method is allowed + * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init() + * @vendor: Vendor-Id for expanded types or 0 = IETF for legacy types + * @method: EAP type + * Returns: 1 = allowed EAP method, 0 = not allowed + */ +int eap_allowed_method(struct eap_sm *sm, int vendor, u32 method) +{ + return eap_config_allowed_method(sm, eap_get_config(sm), vendor, + method); +} + + +#if defined(PCSC_FUNCS) || defined(CONFIG_EAP_PROXY) +static int eap_sm_append_3gpp_realm(struct eap_sm *sm, char *imsi, + size_t max_len, size_t *imsi_len, + int mnc_len) +{ + char *pos, mnc[4]; + + if (*imsi_len + 36 > max_len) { + wpa_printf(MSG_WARNING, "No room for realm in IMSI buffer"); + return -1; + } + + if (mnc_len != 2 && mnc_len != 3) + mnc_len = 3; + + if (mnc_len == 2) { + mnc[0] = '0'; + mnc[1] = imsi[3]; + mnc[2] = imsi[4]; + } else if (mnc_len == 3) { + mnc[0] = imsi[3]; + mnc[1] = imsi[4]; + mnc[2] = imsi[5]; + } + mnc[3] = '\0'; + + pos = imsi + *imsi_len; + pos += os_snprintf(pos, imsi + max_len - pos, + "@wlan.mnc%s.mcc%c%c%c.3gppnetwork.org", + mnc, imsi[0], imsi[1], imsi[2]); + *imsi_len = pos - imsi; + + return 0; +} +#endif /* PCSC_FUNCS || CONFIG_EAP_PROXY */ + + /* * This state initializes state machine variables when the machine is * activated (portEnabled = TRUE). This is also used when re-starting @@ -371,9 +432,8 @@ nak: #ifdef CONFIG_ERP -static char * eap_home_realm(struct eap_sm *sm) +static char * eap_get_realm(struct eap_sm *sm, struct eap_peer_config *config) { - struct eap_peer_config *config = eap_get_config(sm); char *realm; size_t i, realm_len; @@ -413,7 +473,51 @@ static char * eap_home_realm(struct eap_sm *sm) } } - return os_strdup(""); +#ifdef CONFIG_EAP_PROXY + /* When identity is not provided in the config, build the realm from + * IMSI for eap_proxy based methods. + */ + if (!config->identity && !config->anonymous_identity && + sm->eapol_cb->get_imsi && + (eap_config_allowed_method(sm, config, EAP_VENDOR_IETF, + EAP_TYPE_SIM) || + eap_config_allowed_method(sm, config, EAP_VENDOR_IETF, + EAP_TYPE_AKA) || + eap_config_allowed_method(sm, config, EAP_VENDOR_IETF, + EAP_TYPE_AKA_PRIME))) { + char imsi[100]; + size_t imsi_len; + int mnc_len, pos; + + wpa_printf(MSG_DEBUG, "EAP: Build realm from IMSI (eap_proxy)"); + mnc_len = sm->eapol_cb->get_imsi(sm->eapol_ctx, config->sim_num, + imsi, &imsi_len); + if (mnc_len < 0) + return NULL; + + pos = imsi_len + 1; /* points to the beginning of the realm */ + if (eap_sm_append_3gpp_realm(sm, imsi, sizeof(imsi), &imsi_len, + mnc_len) < 0) { + wpa_printf(MSG_WARNING, "Could not append realm"); + return NULL; + } + + realm = os_strdup(&imsi[pos]); + if (!realm) + return NULL; + + wpa_printf(MSG_DEBUG, "EAP: Generated realm '%s'", realm); + return realm; + } +#endif /* CONFIG_EAP_PROXY */ + + return NULL; +} + + +static char * eap_home_realm(struct eap_sm *sm) +{ + return eap_get_realm(sm, eap_get_config(sm)); } @@ -469,6 +573,89 @@ static void eap_erp_remove_keys_realm(struct eap_sm *sm, const char *realm) } } + +int eap_peer_update_erp_next_seq_num(struct eap_sm *sm, u16 next_seq_num) +{ + struct eap_erp_key *erp; + char *home_realm; + + home_realm = eap_home_realm(sm); + if (!home_realm || os_strlen(home_realm) == 0) { + os_free(home_realm); + return -1; + } + + erp = eap_erp_get_key(sm, home_realm); + if (!erp) { + wpa_printf(MSG_DEBUG, + "EAP: Failed to find ERP key for realm: %s", + home_realm); + os_free(home_realm); + return -1; + } + + if ((u32) next_seq_num < erp->next_seq) { + /* Sequence number has wrapped around, clear this ERP + * info and do a full auth next time. + */ + eap_peer_erp_free_key(erp); + } else { + erp->next_seq = (u32) next_seq_num; + } + + os_free(home_realm); + return 0; +} + + +int eap_peer_get_erp_info(struct eap_sm *sm, struct eap_peer_config *config, + const u8 **username, size_t *username_len, + const u8 **realm, size_t *realm_len, + u16 *erp_next_seq_num, const u8 **rrk, + size_t *rrk_len) +{ + struct eap_erp_key *erp; + char *home_realm; + char *pos; + + if (config) + home_realm = eap_get_realm(sm, config); + else + home_realm = eap_home_realm(sm); + if (!home_realm || os_strlen(home_realm) == 0) { + os_free(home_realm); + return -1; + } + + erp = eap_erp_get_key(sm, home_realm); + os_free(home_realm); + if (!erp) + return -1; + + if (erp->next_seq >= 65536) + return -1; /* SEQ has range of 0..65535 */ + + pos = os_strchr(erp->keyname_nai, '@'); + if (!pos) + return -1; /* this cannot really happen */ + *username_len = pos - erp->keyname_nai; + *username = (u8 *) erp->keyname_nai; + + pos++; + *realm_len = os_strlen(pos); + *realm = (u8 *) pos; + + *erp_next_seq_num = (u16) erp->next_seq; + + *rrk_len = erp->rRK_len; + *rrk = erp->rRK; + + if (*username_len == 0 || *realm_len == 0 || *rrk_len == 0) + return -1; + + return 0; +} + #endif /* CONFIG_ERP */ @@ -483,13 +670,20 @@ void eap_peer_erp_free_keys(struct eap_sm *sm) } -static void eap_peer_erp_init(struct eap_sm *sm) +/* Note: If ext_session and/or ext_emsk are passed to this function, they are + * expected to point to allocated memory and those allocations will be freed + * unconditionally. */ +void eap_peer_erp_init(struct eap_sm *sm, u8 *ext_session_id, + size_t ext_session_id_len, u8 *ext_emsk, + size_t ext_emsk_len) { #ifdef CONFIG_ERP u8 *emsk = NULL; size_t emsk_len = 0; + u8 *session_id = NULL; + size_t session_id_len = 0; u8 EMSKname[EAP_EMSK_NAME_LEN]; - u8 len[2]; + u8 len[2], ctx[3]; char *realm; size_t realm_len, nai_buf_len; struct eap_erp_key *erp = NULL; @@ -497,7 +691,7 @@ static void eap_peer_erp_init(struct eap_sm *sm) realm = eap_home_realm(sm); if (!realm) - return; + goto fail; realm_len = os_strlen(realm); wpa_printf(MSG_DEBUG, "EAP: Realm for ERP keyName-NAI: %s", realm); eap_erp_remove_keys_realm(sm, realm); @@ -517,7 +711,13 @@ static void eap_peer_erp_init(struct eap_sm *sm) if (erp == NULL) goto fail; - emsk = sm->m->get_emsk(sm, sm->eap_method_priv, &emsk_len); + if (ext_emsk) { + emsk = ext_emsk; + emsk_len = ext_emsk_len; + } else { + emsk = sm->m->get_emsk(sm, sm->eap_method_priv, &emsk_len); + } + if (!emsk || emsk_len == 0 || emsk_len > ERP_MAX_KEY_LEN) { wpa_printf(MSG_DEBUG, "EAP: No suitable EMSK available for ERP"); @@ -526,10 +726,23 @@ static void eap_peer_erp_init(struct eap_sm *sm) wpa_hexdump_key(MSG_DEBUG, "EAP: EMSK", emsk, emsk_len); - WPA_PUT_BE16(len, 8); - if (hmac_sha256_kdf(sm->eapSessionId, sm->eapSessionIdLen, "EMSK", - len, sizeof(len), - EMSKname, EAP_EMSK_NAME_LEN) < 0) { + if (ext_session_id) { + session_id = ext_session_id; + session_id_len = ext_session_id_len; + } else { + session_id = sm->eapSessionId; + session_id_len = sm->eapSessionIdLen; + } + + if (!session_id || session_id_len == 0) { + wpa_printf(MSG_DEBUG, + "EAP: No suitable session id available for ERP"); + goto fail; + } + + WPA_PUT_BE16(len, EAP_EMSK_NAME_LEN); + if (hmac_sha256_kdf(session_id, session_id_len, "EMSK", len, + sizeof(len), EMSKname, EAP_EMSK_NAME_LEN) < 0) { wpa_printf(MSG_DEBUG, "EAP: Could not derive EMSKname"); goto fail; } @@ -550,9 +763,11 @@ static void eap_peer_erp_init(struct eap_sm *sm) erp->rRK_len = emsk_len; wpa_hexdump_key(MSG_DEBUG, "EAP: ERP rRK", erp->rRK, erp->rRK_len); + ctx[0] = EAP_ERP_CS_HMAC_SHA256_128; + WPA_PUT_BE16(&ctx[1], erp->rRK_len); if (hmac_sha256_kdf(erp->rRK, erp->rRK_len, - "EAP Re-authentication Integrity Key@ietf.org", - len, sizeof(len), erp->rIK, erp->rRK_len) < 0) { + "Re-authentication Integrity Key@ietf.org", + ctx, sizeof(ctx), erp->rIK, erp->rRK_len) < 0) { wpa_printf(MSG_DEBUG, "EAP: Could not derive rIK for ERP"); goto fail; } @@ -563,7 +778,11 @@ static void eap_peer_erp_init(struct eap_sm *sm) dl_list_add(&sm->erp_keys, &erp->list); erp = NULL; fail: - bin_clear_free(emsk, emsk_len); + if (ext_emsk) + bin_clear_free(ext_emsk, ext_emsk_len); + else + bin_clear_free(emsk, emsk_len); + bin_clear_free(ext_session_id, ext_session_id_len); bin_clear_free(erp, sizeof(*erp)); os_free(realm); #endif /* CONFIG_ERP */ @@ -571,8 +790,7 @@ fail: #ifdef CONFIG_ERP -static int eap_peer_erp_reauth_start(struct eap_sm *sm, - const struct eap_hdr *hdr, size_t len) +struct wpabuf * eap_peer_build_erp_reauth_start(struct eap_sm *sm, u8 eap_id) { char *realm; struct eap_erp_key *erp; @@ -581,16 +799,16 @@ static int eap_peer_erp_reauth_start(struct eap_sm *sm, realm = eap_home_realm(sm); if (!realm) - return -1; + return NULL; erp = eap_erp_get_key(sm, realm); os_free(realm); realm = NULL; if (!erp) - return -1; + return NULL; if (erp->next_seq >= 65536) - return -1; /* SEQ has range of 0..65535 */ + return NULL; /* SEQ has range of 0..65535 */ /* TODO: check rRK lifetime expiration */ @@ -599,9 +817,9 @@ static int eap_peer_erp_reauth_start(struct eap_sm *sm, msg = eap_msg_alloc(EAP_VENDOR_IETF, (EapType) EAP_ERP_TYPE_REAUTH, 1 + 2 + 2 + os_strlen(erp->keyname_nai) + 1 + 16, - EAP_CODE_INITIATE, hdr->identifier); + EAP_CODE_INITIATE, eap_id); if (msg == NULL) - return -1; + return NULL; wpabuf_put_u8(msg, 0x20); /* Flags: R=0 B=0 L=1 */ wpabuf_put_be16(msg, erp->next_seq); @@ -615,13 +833,28 @@ static int eap_peer_erp_reauth_start(struct eap_sm *sm, if (hmac_sha256(erp->rIK, erp->rIK_len, wpabuf_head(msg), wpabuf_len(msg), hash) < 0) { wpabuf_free(msg); - return -1; + return NULL; } wpabuf_put_data(msg, hash, 16); - wpa_printf(MSG_DEBUG, "EAP: Sending EAP-Initiate/Re-auth"); sm->erp_seq = erp->next_seq; erp->next_seq++; + + wpa_hexdump_buf(MSG_DEBUG, "ERP: EAP-Initiate/Re-auth", msg); + + return msg; +} + + +static int eap_peer_erp_reauth_start(struct eap_sm *sm, u8 eap_id) +{ + struct wpabuf *msg; + + msg = eap_peer_build_erp_reauth_start(sm, eap_id); + if (!msg) + return -1; + + wpa_printf(MSG_DEBUG, "EAP: Sending EAP-Initiate/Re-auth"); wpabuf_free(sm->eapRespData); sm->eapRespData = msg; sm->reauthInit = TRUE; @@ -691,8 +924,6 @@ SM_STATE(EAP, METHOD) if (sm->m->isKeyAvailable && sm->m->getKey && sm->m->isKeyAvailable(sm, sm->eap_method_priv)) { - struct eap_peer_config *config = eap_get_config(sm); - eap_sm_free_key(sm); sm->eapKeyData = sm->m->getKey(sm, sm->eap_method_priv, &sm->eapKeyDataLen); @@ -705,8 +936,6 @@ SM_STATE(EAP, METHOD) wpa_hexdump(MSG_DEBUG, "EAP: Session-Id", sm->eapSessionId, sm->eapSessionIdLen); } - if (config->erp && sm->m->get_emsk && sm->eapSessionId) - eap_peer_erp_init(sm); } } @@ -804,6 +1033,8 @@ SM_STATE(EAP, RETRANSMIT) */ SM_STATE(EAP, SUCCESS) { + struct eap_peer_config *config = eap_get_config(sm); + SM_ENTRY(EAP, SUCCESS); if (sm->eapKeyData != NULL) sm->eapKeyAvailable = TRUE; @@ -826,6 +1057,11 @@ SM_STATE(EAP, SUCCESS) wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_SUCCESS "EAP authentication completed successfully"); + + if (config->erp && sm->m->get_emsk && sm->eapSessionId && + sm->m->isKeyAvailable && + sm->m->isKeyAvailable(sm, sm->eap_method_priv)) + eap_peer_erp_init(sm, NULL, 0, NULL, 0); } @@ -1276,48 +1512,6 @@ static int mnc_len_from_imsi(const char *imsi) } -static int eap_sm_append_3gpp_realm(struct eap_sm *sm, char *imsi, - size_t max_len, size_t *imsi_len) -{ - int mnc_len; - char *pos, mnc[4]; - - if (*imsi_len + 36 > max_len) { - wpa_printf(MSG_WARNING, "No room for realm in IMSI buffer"); - return -1; - } - - /* MNC (2 or 3 digits) */ - mnc_len = scard_get_mnc_len(sm->scard_ctx); - if (mnc_len < 0) - mnc_len = mnc_len_from_imsi(imsi); - if (mnc_len < 0) { - wpa_printf(MSG_INFO, "Failed to get MNC length from (U)SIM " - "assuming 3"); - mnc_len = 3; - } - - if (mnc_len == 2) { - mnc[0] = '0'; - mnc[1] = imsi[3]; - mnc[2] = imsi[4]; - } else if (mnc_len == 3) { - mnc[0] = imsi[3]; - mnc[1] = imsi[4]; - mnc[2] = imsi[5]; - } - mnc[3] = '\0'; - - pos = imsi + *imsi_len; - pos += os_snprintf(pos, imsi + max_len - pos, - "@wlan.mnc%s.mcc%c%c%c.3gppnetwork.org", - mnc, imsi[0], imsi[1], imsi[2]); - *imsi_len = pos - imsi; - - return 0; -} - - static int eap_sm_imsi_identity(struct eap_sm *sm, struct eap_peer_config *conf) { @@ -1325,7 +1519,7 @@ static int eap_sm_imsi_identity(struct eap_sm *sm, char imsi[100]; size_t imsi_len; struct eap_method_type *m = conf->eap_methods; - int i; + int i, mnc_len; imsi_len = sizeof(imsi); if (scard_get_imsi(sm->scard_ctx, imsi, &imsi_len)) { @@ -1340,7 +1534,18 @@ static int eap_sm_imsi_identity(struct eap_sm *sm, return -1; } - if (eap_sm_append_3gpp_realm(sm, imsi, sizeof(imsi), &imsi_len) < 0) { + /* MNC (2 or 3 digits) */ + mnc_len = scard_get_mnc_len(sm->scard_ctx); + if (mnc_len < 0) + mnc_len = mnc_len_from_imsi(imsi); + if (mnc_len < 0) { + wpa_printf(MSG_INFO, "Failed to get MNC length from (U)SIM " + "assuming 3"); + mnc_len = 3; + } + + if (eap_sm_append_3gpp_realm(sm, imsi, sizeof(imsi), &imsi_len, + mnc_len) < 0) { wpa_printf(MSG_WARNING, "Could not add realm to SIM identity"); return -1; } @@ -1566,7 +1771,7 @@ static void eap_peer_initiate(struct eap_sm *sm, const struct eap_hdr *hdr, /* TODO: Derivation of domain specific keys for local ER */ } - if (eap_peer_erp_reauth_start(sm, hdr, len) == 0) + if (eap_peer_erp_reauth_start(sm, hdr->identifier) == 0) return; invalid: @@ -1577,8 +1782,7 @@ invalid: } -static void eap_peer_finish(struct eap_sm *sm, const struct eap_hdr *hdr, - size_t len) +void eap_peer_finish(struct eap_sm *sm, const struct eap_hdr *hdr, size_t len) { #ifdef CONFIG_ERP const u8 *pos = (const u8 *) (hdr + 1); @@ -1828,6 +2032,15 @@ static void eap_sm_parseEapReq(struct eap_sm *sm, const struct wpabuf *req) case EAP_CODE_FAILURE: wpa_printf(MSG_DEBUG, "EAP: Received EAP-Failure"); eap_notify_status(sm, "completion", "failure"); + + /* Get the error code from method */ + if (sm->m && sm->m->get_error_code) { + int error_code; + + error_code = sm->m->get_error_code(sm->eap_method_priv); + if (error_code != NO_EAP_METHOD_ERROR) + eap_report_error(sm, error_code); + } sm->rxFailure = TRUE; break; case EAP_CODE_INITIATE: @@ -2231,6 +2444,7 @@ static void eap_sm_request(struct eap_sm *sm, enum wpa_ctrl_req_type field, config->pending_req_passphrase++; break; case WPA_CTRL_REQ_SIM: + config->pending_req_sim++; txt = msg; break; case WPA_CTRL_REQ_EXT_CERT_CHECK: diff --git a/contrib/wpa/src/eap_peer/eap.h b/contrib/wpa/src/eap_peer/eap.h index 1a645af8b200..d0837e37a0e0 100644 --- a/contrib/wpa/src/eap_peer/eap.h +++ b/contrib/wpa/src/eap_peer/eap.h @@ -246,12 +246,37 @@ struct eapol_callbacks { void (*notify_status)(void *ctx, const char *status, const char *parameter); + /** + * notify_eap_error - Report EAP method error code + * @ctx: eapol_ctx from eap_peer_sm_init() call + * @error_code: Error code from the used EAP method + */ + void (*notify_eap_error)(void *ctx, int error_code); + #ifdef CONFIG_EAP_PROXY /** * eap_proxy_cb - Callback signifying any updates from eap_proxy * @ctx: eapol_ctx from eap_peer_sm_init() call */ void (*eap_proxy_cb)(void *ctx); + + /** + * eap_proxy_notify_sim_status - Notification of SIM status change + * @ctx: eapol_ctx from eap_peer_sm_init() call + * @sim_state: One of enum value from sim_state + */ + void (*eap_proxy_notify_sim_status)(void *ctx, + enum eap_proxy_sim_state sim_state); + + /** + * get_imsi - Get the IMSI value from eap_proxy + * @ctx: eapol_ctx from eap_peer_sm_init() call + * @sim_num: SIM/USIM number to get the IMSI value for + * @imsi: Buffer for IMSI value + * @len: Buffer for returning IMSI length in octets + * Returns: MNC length (2 or 3) or -1 on error + */ + int (*get_imsi)(void *ctx, int sim_num, char *imsi, size_t *len); #endif /* CONFIG_EAP_PROXY */ /** @@ -348,6 +373,16 @@ void eap_sm_set_ext_pw_ctx(struct eap_sm *sm, struct ext_password_data *ext); void eap_set_anon_id(struct eap_sm *sm, const u8 *id, size_t len); int eap_peer_was_failure_expected(struct eap_sm *sm); void eap_peer_erp_free_keys(struct eap_sm *sm); +struct wpabuf * eap_peer_build_erp_reauth_start(struct eap_sm *sm, u8 eap_id); +void eap_peer_finish(struct eap_sm *sm, const struct eap_hdr *hdr, size_t len); +int eap_peer_get_erp_info(struct eap_sm *sm, struct eap_peer_config *config, + const u8 **username, size_t *username_len, + const u8 **realm, size_t *realm_len, u16 *erp_seq_num, + const u8 **rrk, size_t *rrk_len); +int eap_peer_update_erp_next_seq_num(struct eap_sm *sm, u16 seq_num); +void eap_peer_erp_init(struct eap_sm *sm, u8 *ext_session_id, + size_t ext_session_id_len, u8 *ext_emsk, + size_t ext_emsk_len); #endif /* IEEE8021X_EAPOL */ diff --git a/contrib/wpa/src/eap_peer/eap_aka.c b/contrib/wpa/src/eap_peer/eap_aka.c index 0bac62dee523..a4441413f0dd 100644 --- a/contrib/wpa/src/eap_peer/eap_aka.c +++ b/contrib/wpa/src/eap_peer/eap_aka.c @@ -48,11 +48,15 @@ struct eap_aka_data { struct wpabuf *id_msgs; int prev_id; int result_ind, use_result_ind; + int use_pseudonym; u8 eap_method; u8 *network_name; size_t network_name_len; u16 kdf; int kdf_negotiation; + u16 last_kdf_attrs[EAP_AKA_PRIME_KDF_MAX]; + size_t last_kdf_count; + int error_code; }; @@ -96,12 +100,16 @@ static void * eap_aka_init(struct eap_sm *sm) data->eap_method = EAP_TYPE_AKA; + /* Zero is a valid error code, so we need to initialize */ + data->error_code = NO_EAP_METHOD_ERROR; + eap_aka_state(data, CONTINUE); data->prev_id = -1; data->result_ind = phase1 && os_strstr(phase1, "result_ind=1") != NULL; - if (config && config->anonymous_identity) { + data->use_pseudonym = !sm->init_phase2; + if (config && config->anonymous_identity && data->use_pseudonym) { data->pseudonym = os_malloc(config->anonymous_identity_len); if (data->pseudonym) { os_memcpy(data->pseudonym, config->anonymous_identity, @@ -350,7 +358,8 @@ static void eap_aka_clear_identities(struct eap_sm *sm, os_free(data->pseudonym); data->pseudonym = NULL; data->pseudonym_len = 0; - eap_set_anon_id(sm, NULL, 0); + if (data->use_pseudonym) + eap_set_anon_id(sm, NULL, 0); } if ((id & CLEAR_REAUTH_ID) && data->reauth_id) { wpa_printf(MSG_DEBUG, "EAP-AKA: forgetting old reauth_id"); @@ -405,20 +414,21 @@ static int eap_aka_learn_ids(struct eap_sm *sm, struct eap_aka_data *data, realm, realm_len); } data->pseudonym_len = attr->next_pseudonym_len + realm_len; - eap_set_anon_id(sm, data->pseudonym, data->pseudonym_len); + if (data->use_pseudonym) + eap_set_anon_id(sm, data->pseudonym, + data->pseudonym_len); } if (attr->next_reauth_id) { os_free(data->reauth_id); - data->reauth_id = os_malloc(attr->next_reauth_id_len); + data->reauth_id = os_memdup(attr->next_reauth_id, + attr->next_reauth_id_len); if (data->reauth_id == NULL) { wpa_printf(MSG_INFO, "EAP-AKA: (encr) No memory for " "next reauth_id"); data->reauth_id_len = 0; return -1; } - os_memcpy(data->reauth_id, attr->next_reauth_id, - attr->next_reauth_id_len); data->reauth_id_len = attr->next_reauth_id_len; wpa_hexdump_ascii(MSG_DEBUG, "EAP-AKA: (encr) AT_NEXT_REAUTH_ID", @@ -570,7 +580,7 @@ static struct wpabuf * eap_aka_authentication_reject(struct eap_aka_data *data, static struct wpabuf * eap_aka_synchronization_failure( - struct eap_aka_data *data, u8 id) + struct eap_aka_data *data, u8 id, struct eap_sim_attrs *attr) { struct eap_sim_msg *msg; @@ -584,6 +594,15 @@ static struct wpabuf * eap_aka_synchronization_failure( wpa_printf(MSG_DEBUG, " AT_AUTS"); eap_sim_msg_add_full(msg, EAP_SIM_AT_AUTS, data->auts, EAP_AKA_AUTS_LEN); + if (data->eap_method == EAP_TYPE_AKA_PRIME) { + size_t i; + + for (i = 0; i < attr->kdf_count; i++) { + wpa_printf(MSG_DEBUG, " AT_KDF"); + eap_sim_msg_add(msg, EAP_SIM_AT_KDF, attr->kdf[i], + NULL, 0); + } + } return eap_sim_msg_finish(msg, data->eap_method, NULL, NULL, 0); } @@ -817,9 +836,13 @@ static struct wpabuf * eap_aka_prime_kdf_neg(struct eap_aka_data *data, size_t i; for (i = 0; i < attr->kdf_count; i++) { - if (attr->kdf[i] == EAP_AKA_PRIME_KDF) + if (attr->kdf[i] == EAP_AKA_PRIME_KDF) { + os_memcpy(data->last_kdf_attrs, attr->kdf, + sizeof(u16) * attr->kdf_count); + data->last_kdf_count = attr->kdf_count; return eap_aka_prime_kdf_select(data, id, EAP_AKA_PRIME_KDF); + } } /* No matching KDF found - fail authentication as if AUTN had been @@ -840,26 +863,32 @@ static int eap_aka_prime_kdf_valid(struct eap_aka_data *data, * of the selected KDF into the beginning of the list. */ if (data->kdf_negotiation) { + /* When the peer receives the new EAP-Request/AKA'-Challenge + * message, must check only requested change occurred in the + * list of AT_KDF attributes. If there are any other changes, + * the peer must behave like the case that AT_MAC had been + * incorrect and authentication is failed. These are defined in + * EAP-AKA' specification RFC 5448, Section 3.2. */ if (attr->kdf[0] != data->kdf) { wpa_printf(MSG_WARNING, "EAP-AKA': The server did not " "accept the selected KDF"); - return 0; + return -1; } - for (i = 1; i < attr->kdf_count; i++) { - if (attr->kdf[i] == data->kdf) - break; - } - if (i == attr->kdf_count && - attr->kdf_count < EAP_AKA_PRIME_KDF_MAX) { - wpa_printf(MSG_WARNING, "EAP-AKA': The server did not " - "duplicate the selected KDF"); - return 0; + if (attr->kdf_count > EAP_AKA_PRIME_KDF_MAX || + attr->kdf_count != data->last_kdf_count + 1) { + wpa_printf(MSG_WARNING, + "EAP-AKA': The length of KDF attributes is wrong"); + return -1; } - /* TODO: should check that the list is identical to the one - * used in the previous Challenge message apart from the added - * entry in the beginning. */ + for (i = 1; i < attr->kdf_count; i++) { + if (attr->kdf[i] != data->last_kdf_attrs[i - 1]) { + wpa_printf(MSG_WARNING, + "EAP-AKA': The KDF attributes except selected KDF are not same as original one"); + return -1; + } + } } for (i = data->kdf ? 1 : 0; i < attr->kdf_count; i++) { @@ -908,22 +937,25 @@ static struct wpabuf * eap_aka_process_challenge(struct eap_sm *sm, return eap_aka_authentication_reject(data, id); } os_free(data->network_name); - data->network_name = os_malloc(attr->kdf_input_len); + data->network_name = os_memdup(attr->kdf_input, + attr->kdf_input_len); if (data->network_name == NULL) { wpa_printf(MSG_WARNING, "EAP-AKA': No memory for " "storing Network Name"); return eap_aka_authentication_reject(data, id); } - os_memcpy(data->network_name, attr->kdf_input, - attr->kdf_input_len); data->network_name_len = attr->kdf_input_len; wpa_hexdump_ascii(MSG_DEBUG, "EAP-AKA': Network Name " "(AT_KDF_INPUT)", data->network_name, data->network_name_len); /* TODO: check Network Name per 3GPP.33.402 */ - if (!eap_aka_prime_kdf_valid(data, attr)) + res = eap_aka_prime_kdf_valid(data, attr); + if (res == 0) return eap_aka_authentication_reject(data, id); + else if (res == -1) + return eap_aka_client_error( + data, id, EAP_AKA_UNABLE_TO_PROCESS_PACKET); if (attr->kdf[0] != EAP_AKA_PRIME_KDF) return eap_aka_prime_kdf_neg(data, id, attr); @@ -966,7 +998,7 @@ static struct wpabuf * eap_aka_process_challenge(struct eap_sm *sm, } else if (res == -2) { wpa_printf(MSG_WARNING, "EAP-AKA: UMTS authentication " "failed (AUTN seq# -> AUTS)"); - return eap_aka_synchronization_failure(data, id); + return eap_aka_synchronization_failure(data, id, attr); } else if (res > 0) { wpa_printf(MSG_DEBUG, "EAP-AKA: Wait for external USIM processing"); return NULL; @@ -997,8 +1029,17 @@ static struct wpabuf * eap_aka_process_challenge(struct eap_sm *sm, } else if (data->pseudonym) { identity = data->pseudonym; identity_len = data->pseudonym_len; - } else - identity = eap_get_config_identity(sm, &identity_len); + } else { + struct eap_peer_config *config; + + config = eap_get_config(sm); + if (config && config->imsi_identity) { + identity = config->imsi_identity; + identity_len = config->imsi_identity_len; + } else { + identity = eap_get_config_identity(sm, &identity_len); + } + } wpa_hexdump_ascii(MSG_DEBUG, "EAP-AKA: Selected identity for MK " "derivation", identity, identity_len); if (data->eap_method == EAP_TYPE_AKA_PRIME) { @@ -1143,6 +1184,7 @@ static struct wpabuf * eap_aka_process_notification( eap_sim_report_notification(sm->msg_ctx, attr->notification, 1); if (attr->notification >= 0 && attr->notification < 32768) { + data->error_code = attr->notification; eap_aka_state(data, FAILURE); } else if (attr->notification == EAP_SIM_SUCCESS && data->state == RESULT_SUCCESS) @@ -1437,12 +1479,11 @@ static u8 * eap_aka_getKey(struct eap_sm *sm, void *priv, size_t *len) if (data->state != SUCCESS) return NULL; - key = os_malloc(EAP_SIM_KEYING_DATA_LEN); + key = os_memdup(data->msk, EAP_SIM_KEYING_DATA_LEN); if (key == NULL) return NULL; *len = EAP_SIM_KEYING_DATA_LEN; - os_memcpy(key, data->msk, EAP_SIM_KEYING_DATA_LEN); return key; } @@ -1478,17 +1519,33 @@ static u8 * eap_aka_get_emsk(struct eap_sm *sm, void *priv, size_t *len) if (data->state != SUCCESS) return NULL; - key = os_malloc(EAP_EMSK_LEN); + key = os_memdup(data->emsk, EAP_EMSK_LEN); if (key == NULL) return NULL; *len = EAP_EMSK_LEN; - os_memcpy(key, data->emsk, EAP_EMSK_LEN); return key; } +static int eap_aka_get_error_code(void *priv) +{ + struct eap_aka_data *data = priv; + int current_data_error; + + if (!data) + return NO_EAP_METHOD_ERROR; + + current_data_error = data->error_code; + + /* Now reset for next transaction */ + data->error_code = NO_EAP_METHOD_ERROR; + + return current_data_error; +} + + int eap_peer_aka_register(void) { struct eap_method *eap; @@ -1509,6 +1566,7 @@ int eap_peer_aka_register(void) eap->init_for_reauth = eap_aka_init_for_reauth; eap->get_identity = eap_aka_get_identity; eap->get_emsk = eap_aka_get_emsk; + eap->get_error_code = eap_aka_get_error_code; return eap_peer_method_register(eap); } @@ -1536,6 +1594,7 @@ int eap_peer_aka_prime_register(void) eap->init_for_reauth = eap_aka_init_for_reauth; eap->get_identity = eap_aka_get_identity; eap->get_emsk = eap_aka_get_emsk; + eap->get_error_code = eap_aka_get_error_code; return eap_peer_method_register(eap); } diff --git a/contrib/wpa/src/eap_peer/eap_config.h b/contrib/wpa/src/eap_peer/eap_config.h index f98007263b33..d416afd56d59 100644 --- a/contrib/wpa/src/eap_peer/eap_config.h +++ b/contrib/wpa/src/eap_peer/eap_config.h @@ -46,6 +46,9 @@ struct eap_peer_config { */ size_t anonymous_identity_len; + u8 *imsi_identity; + size_t imsi_identity_len; + /** * password - Password string for EAP * @@ -628,6 +631,15 @@ struct eap_peer_config { int pending_req_passphrase; /** + * pending_req_sim - Pending SIM request + * + * This field should not be set in configuration step. It is only used + * internally when control interface is used to request needed + * information. + */ + int pending_req_sim; + + /** * pending_req_otp - Whether there is a pending OTP request * * This field should not be set in configuration step. It is only used diff --git a/contrib/wpa/src/eap_peer/eap_eke.c b/contrib/wpa/src/eap_peer/eap_eke.c index f899f653fdca..0de7d6cbf49b 100644 --- a/contrib/wpa/src/eap_peer/eap_eke.c +++ b/contrib/wpa/src/eap_peer/eap_eke.c @@ -85,12 +85,11 @@ static void * eap_eke_init(struct eap_sm *sm) identity = eap_get_config_identity(sm, &identity_len); if (identity) { - data->peerid = os_malloc(identity_len); + data->peerid = os_memdup(identity, identity_len); if (data->peerid == NULL) { eap_eke_deinit(sm, data); return NULL; } - os_memcpy(data->peerid, identity, identity_len); data->peerid_len = identity_len; } @@ -310,12 +309,11 @@ static struct wpabuf * eap_eke_process_id(struct eap_eke_data *data, wpa_hexdump_ascii(MSG_DEBUG, "EAP-EKE: Server Identity", pos, end - pos); os_free(data->serverid); - data->serverid = os_malloc(end - pos); + data->serverid = os_memdup(pos, end - pos); if (data->serverid == NULL) { return eap_eke_build_fail(data, ret, id, EAP_EKE_FAIL_PRIVATE_INTERNAL_ERROR); } - os_memcpy(data->serverid, pos, end - pos); data->serverid_len = end - pos; wpa_printf(MSG_DEBUG, "EAP-EKE: Sending EAP-EKE-ID/Response"); @@ -717,10 +715,9 @@ static u8 * eap_eke_getKey(struct eap_sm *sm, void *priv, size_t *len) if (data->state != SUCCESS) return NULL; - key = os_malloc(EAP_MSK_LEN); + key = os_memdup(data->msk, EAP_MSK_LEN); if (key == NULL) return NULL; - os_memcpy(key, data->msk, EAP_MSK_LEN); *len = EAP_MSK_LEN; return key; @@ -735,10 +732,9 @@ static u8 * eap_eke_get_emsk(struct eap_sm *sm, void *priv, size_t *len) if (data->state != SUCCESS) return NULL; - key = os_malloc(EAP_EMSK_LEN); + key = os_memdup(data->emsk, EAP_EMSK_LEN); if (key == NULL) return NULL; - os_memcpy(key, data->emsk, EAP_EMSK_LEN); *len = EAP_EMSK_LEN; return key; diff --git a/contrib/wpa/src/eap_peer/eap_fast.c b/contrib/wpa/src/eap_peer/eap_fast.c index 964ebe74fede..74cec7dd583f 100644 --- a/contrib/wpa/src/eap_peer/eap_fast.c +++ b/contrib/wpa/src/eap_peer/eap_fast.c @@ -484,7 +484,8 @@ static int eap_fast_phase2_request(struct eap_sm *sm, if (*resp == NULL && config && (config->pending_req_identity || config->pending_req_password || - config->pending_req_otp || config->pending_req_new_password)) { + config->pending_req_otp || config->pending_req_new_password || + config->pending_req_sim)) { wpabuf_free(data->pending_phase2_req); data->pending_phase2_req = wpabuf_alloc_copy(hdr, len); } else if (*resp == NULL) @@ -1677,6 +1678,10 @@ static Boolean eap_fast_has_reauth_data(struct eap_sm *sm, void *priv) static void eap_fast_deinit_for_reauth(struct eap_sm *sm, void *priv) { struct eap_fast_data *data = priv; + + if (data->phase2_priv && data->phase2_method && + data->phase2_method->deinit_for_reauth) + data->phase2_method->deinit_for_reauth(sm, data->phase2_priv); os_free(data->key_block_p); data->key_block_p = NULL; wpabuf_free(data->pending_phase2_req); @@ -1744,12 +1749,11 @@ static u8 * eap_fast_getKey(struct eap_sm *sm, void *priv, size_t *len) if (!data->success) return NULL; - key = os_malloc(EAP_FAST_KEY_LEN); + key = os_memdup(data->key_data, EAP_FAST_KEY_LEN); if (key == NULL) return NULL; *len = EAP_FAST_KEY_LEN; - os_memcpy(key, data->key_data, EAP_FAST_KEY_LEN); return key; } @@ -1763,12 +1767,11 @@ static u8 * eap_fast_get_session_id(struct eap_sm *sm, void *priv, size_t *len) if (!data->success || !data->session_id) return NULL; - id = os_malloc(data->id_len); + id = os_memdup(data->session_id, data->id_len); if (id == NULL) return NULL; *len = data->id_len; - os_memcpy(id, data->session_id, data->id_len); return id; } @@ -1782,12 +1785,11 @@ static u8 * eap_fast_get_emsk(struct eap_sm *sm, void *priv, size_t *len) if (!data->success) return NULL; - key = os_malloc(EAP_EMSK_LEN); + key = os_memdup(data->emsk, EAP_EMSK_LEN); if (key == NULL) return NULL; *len = EAP_EMSK_LEN; - os_memcpy(key, data->emsk, EAP_EMSK_LEN); return key; } diff --git a/contrib/wpa/src/eap_peer/eap_fast_pac.c b/contrib/wpa/src/eap_peer/eap_fast_pac.c index c81586035513..7d674c8c0a70 100644 --- a/contrib/wpa/src/eap_peer/eap_fast_pac.c +++ b/contrib/wpa/src/eap_peer/eap_fast_pac.c @@ -114,10 +114,9 @@ static int eap_fast_copy_buf(u8 **dst, size_t *dst_len, const u8 *src, size_t src_len) { if (src) { - *dst = os_malloc(src_len); + *dst = os_memdup(src, src_len); if (*dst == NULL) return -1; - os_memcpy(*dst, src, src_len); *dst_len = src_len; } return 0; @@ -720,19 +719,17 @@ static void eap_fast_pac_get_a_id(struct eap_fast_pac *pac) if (type == PAC_TYPE_A_ID) { os_free(pac->a_id); - pac->a_id = os_malloc(len); + pac->a_id = os_memdup(pos, len); if (pac->a_id == NULL) break; - os_memcpy(pac->a_id, pos, len); pac->a_id_len = len; } if (type == PAC_TYPE_A_ID_INFO) { os_free(pac->a_id_info); - pac->a_id_info = os_malloc(len); + pac->a_id_info = os_memdup(pos, len); if (pac->a_id_info == NULL) break; - os_memcpy(pac->a_id_info, pos, len); pac->a_id_info_len = len; } @@ -820,10 +817,9 @@ int eap_fast_load_pac_bin(struct eap_sm *sm, struct eap_fast_pac **pac_root, if (val > end - pos) goto parse_fail; pac->pac_opaque_len = val; - pac->pac_opaque = os_malloc(pac->pac_opaque_len); + pac->pac_opaque = os_memdup(pos, pac->pac_opaque_len); if (pac->pac_opaque == NULL) goto parse_fail; - os_memcpy(pac->pac_opaque, pos, pac->pac_opaque_len); pos += pac->pac_opaque_len; if (2 > end - pos) goto parse_fail; @@ -832,10 +828,9 @@ int eap_fast_load_pac_bin(struct eap_sm *sm, struct eap_fast_pac **pac_root, if (val > end - pos) goto parse_fail; pac->pac_info_len = val; - pac->pac_info = os_malloc(pac->pac_info_len); + pac->pac_info = os_memdup(pos, pac->pac_info_len); if (pac->pac_info == NULL) goto parse_fail; - os_memcpy(pac->pac_info, pos, pac->pac_info_len); pos += pac->pac_info_len; eap_fast_pac_get_a_id(pac); diff --git a/contrib/wpa/src/eap_peer/eap_gpsk.c b/contrib/wpa/src/eap_peer/eap_gpsk.c index 177cbccf5850..f9c4d3773bf7 100644 --- a/contrib/wpa/src/eap_peer/eap_gpsk.c +++ b/contrib/wpa/src/eap_peer/eap_gpsk.c @@ -96,12 +96,11 @@ static void * eap_gpsk_init(struct eap_sm *sm) identity = eap_get_config_identity(sm, &identity_len); if (identity) { - data->id_peer = os_malloc(identity_len); + data->id_peer = os_memdup(identity, identity_len); if (data->id_peer == NULL) { eap_gpsk_deinit(sm, data); return NULL; } - os_memcpy(data->id_peer, identity, identity_len); data->id_peer_len = identity_len; } @@ -117,12 +116,11 @@ static void * eap_gpsk_init(struct eap_sm *sm) } } - data->psk = os_malloc(password_len); + data->psk = os_memdup(password, password_len); if (data->psk == NULL) { eap_gpsk_deinit(sm, data); return NULL; } - os_memcpy(data->psk, password, password_len); data->psk_len = password_len; return data; @@ -158,12 +156,11 @@ static const u8 * eap_gpsk_process_id_server(struct eap_gpsk_data *data, return NULL; } os_free(data->id_server); - data->id_server = os_malloc(alen); + data->id_server = os_memdup(pos, alen); if (data->id_server == NULL) { wpa_printf(MSG_DEBUG, "EAP-GPSK: No memory for ID_Server"); return NULL; } - os_memcpy(data->id_server, pos, alen); data->id_server_len = alen; wpa_hexdump_ascii(MSG_DEBUG, "EAP-GPSK: ID_Server", data->id_server, data->id_server_len); @@ -722,10 +719,9 @@ static u8 * eap_gpsk_getKey(struct eap_sm *sm, void *priv, size_t *len) if (data->state != SUCCESS) return NULL; - key = os_malloc(EAP_MSK_LEN); + key = os_memdup(data->msk, EAP_MSK_LEN); if (key == NULL) return NULL; - os_memcpy(key, data->msk, EAP_MSK_LEN); *len = EAP_MSK_LEN; return key; @@ -740,10 +736,9 @@ static u8 * eap_gpsk_get_emsk(struct eap_sm *sm, void *priv, size_t *len) if (data->state != SUCCESS) return NULL; - key = os_malloc(EAP_EMSK_LEN); + key = os_memdup(data->emsk, EAP_EMSK_LEN); if (key == NULL) return NULL; - os_memcpy(key, data->emsk, EAP_EMSK_LEN); *len = EAP_EMSK_LEN; return key; @@ -758,10 +753,9 @@ static u8 * eap_gpsk_get_session_id(struct eap_sm *sm, void *priv, size_t *len) if (data->state != SUCCESS) return NULL; - sid = os_malloc(data->id_len); + sid = os_memdup(data->session_id, data->id_len); if (sid == NULL) return NULL; - os_memcpy(sid, data->session_id, data->id_len); *len = data->id_len; return sid; diff --git a/contrib/wpa/src/eap_peer/eap_i.h b/contrib/wpa/src/eap_peer/eap_i.h index 6ab24834d654..096f0f28efca 100644 --- a/contrib/wpa/src/eap_peer/eap_i.h +++ b/contrib/wpa/src/eap_peer/eap_i.h @@ -14,6 +14,8 @@ #include "eap_peer/eap.h" #include "eap_common/eap_common.h" +#define NO_EAP_METHOD_ERROR (-1) + /* RFC 4137 - EAP Peer state machine */ typedef enum { @@ -206,6 +208,17 @@ struct eap_method { const u8 * (*get_identity)(struct eap_sm *sm, void *priv, size_t *len); /** + * get_error_code - Get the latest EAP method error code + * @priv: Pointer to private EAP method data from eap_method::init() + * Returns: An int for the EAP method specific error code if exists or + * NO_EAP_METHOD_ERROR otherwise. + * + * This method is an optional handler that only EAP methods that need to + * report their error code need to implement. + */ + int (*get_error_code)(void *priv); + + /** * free - Free EAP method data * @method: Pointer to the method data registered with * eap_peer_method_register(). diff --git a/contrib/wpa/src/eap_peer/eap_ikev2.c b/contrib/wpa/src/eap_peer/eap_ikev2.c index 390f0ec8cf4d..6ddf50835ade 100644 --- a/contrib/wpa/src/eap_peer/eap_ikev2.c +++ b/contrib/wpa/src/eap_peer/eap_ikev2.c @@ -83,18 +83,16 @@ static void * eap_ikev2_init(struct eap_sm *sm) if (data->ikev2.key_pad == NULL) goto failed; data->ikev2.key_pad_len = 21; - data->ikev2.IDr = os_malloc(identity_len); + data->ikev2.IDr = os_memdup(identity, identity_len); if (data->ikev2.IDr == NULL) goto failed; - os_memcpy(data->ikev2.IDr, identity, identity_len); data->ikev2.IDr_len = identity_len; password = eap_get_config_password(sm, &password_len); if (password) { - data->ikev2.shared_secret = os_malloc(password_len); + data->ikev2.shared_secret = os_memdup(password, password_len); if (data->ikev2.shared_secret == NULL) goto failed; - os_memcpy(data->ikev2.shared_secret, password, password_len); data->ikev2.shared_secret_len = password_len; } diff --git a/contrib/wpa/src/eap_peer/eap_leap.c b/contrib/wpa/src/eap_peer/eap_leap.c index ff6fa4afd2f7..233b9eeb1f83 100644 --- a/contrib/wpa/src/eap_peer/eap_leap.c +++ b/contrib/wpa/src/eap_peer/eap_leap.c @@ -115,10 +115,14 @@ static struct wpabuf * eap_leap_process_request(struct eap_sm *sm, void *priv, wpabuf_put_u8(resp, 0); /* unused */ wpabuf_put_u8(resp, LEAP_RESPONSE_LEN); rpos = wpabuf_put(resp, LEAP_RESPONSE_LEN); - if (pwhash) - challenge_response(challenge, password, rpos); - else - nt_challenge_response(challenge, password, password_len, rpos); + if ((pwhash && challenge_response(challenge, password, rpos)) || + (!pwhash && + nt_challenge_response(challenge, password, password_len, rpos))) { + wpa_printf(MSG_DEBUG, "EAP-LEAP: Failed to derive response"); + ret->ignore = TRUE; + wpabuf_free(resp); + return NULL; + } os_memcpy(data->peer_response, rpos, LEAP_RESPONSE_LEN); wpa_hexdump(MSG_MSGDUMP, "EAP-LEAP: Response", rpos, LEAP_RESPONSE_LEN); @@ -239,7 +243,10 @@ static struct wpabuf * eap_leap_process_response(struct eap_sm *sm, void *priv, return NULL; } } - challenge_response(data->ap_challenge, pw_hash_hash, expected); + if (challenge_response(data->ap_challenge, pw_hash_hash, expected)) { + ret->ignore = TRUE; + return NULL; + } ret->methodState = METHOD_DONE; ret->allowNotifications = FALSE; diff --git a/contrib/wpa/src/eap_peer/eap_mschapv2.c b/contrib/wpa/src/eap_peer/eap_mschapv2.c index ce2227d388ef..877495cf3ac7 100644 --- a/contrib/wpa/src/eap_peer/eap_mschapv2.c +++ b/contrib/wpa/src/eap_peer/eap_mschapv2.c @@ -109,23 +109,21 @@ static void * eap_mschapv2_init(struct eap_sm *sm) return NULL; if (sm->peer_challenge) { - data->peer_challenge = os_malloc(MSCHAPV2_CHAL_LEN); + data->peer_challenge = os_memdup(sm->peer_challenge, + MSCHAPV2_CHAL_LEN); if (data->peer_challenge == NULL) { eap_mschapv2_deinit(sm, data); return NULL; } - os_memcpy(data->peer_challenge, sm->peer_challenge, - MSCHAPV2_CHAL_LEN); } if (sm->auth_challenge) { - data->auth_challenge = os_malloc(MSCHAPV2_CHAL_LEN); + data->auth_challenge = os_memdup(sm->auth_challenge, + MSCHAPV2_CHAL_LEN); if (data->auth_challenge == NULL) { eap_mschapv2_deinit(sm, data); return NULL; } - os_memcpy(data->auth_challenge, sm->auth_challenge, - MSCHAPV2_CHAL_LEN); } data->phase2 = sm->init_phase2; @@ -567,11 +565,11 @@ static struct wpabuf * eap_mschapv2_change_password( if (pwhash) { u8 new_password_hash[16]; if (nt_password_hash(new_password, new_password_len, - new_password_hash)) + new_password_hash) || + nt_password_hash_encrypted_with_block(password, + new_password_hash, + cp->encr_hash)) goto fail; - nt_password_hash_encrypted_with_block(password, - new_password_hash, - cp->encr_hash); } else { if (old_nt_password_hash_encrypted_with_new_nt_password_hash( new_password, new_password_len, diff --git a/contrib/wpa/src/eap_peer/eap_pax.c b/contrib/wpa/src/eap_peer/eap_pax.c index a7012d2870cf..3cef1c8800a2 100644 --- a/contrib/wpa/src/eap_peer/eap_pax.c +++ b/contrib/wpa/src/eap_peer/eap_pax.c @@ -69,12 +69,11 @@ static void * eap_pax_init(struct eap_sm *sm) return NULL; data->state = PAX_INIT; - data->cid = os_malloc(identity_len); + data->cid = os_memdup(identity, identity_len); if (data->cid == NULL) { eap_pax_deinit(sm, data); return NULL; } - os_memcpy(data->cid, identity, identity_len); data->cid_len = identity_len; os_memcpy(data->ak, password, EAP_PAX_AK_LEN); diff --git a/contrib/wpa/src/eap_peer/eap_peap.c b/contrib/wpa/src/eap_peer/eap_peap.c index 45ba38168d4f..34075b1d9af6 100644 --- a/contrib/wpa/src/eap_peer/eap_peap.c +++ b/contrib/wpa/src/eap_peer/eap_peap.c @@ -726,7 +726,8 @@ static int eap_peap_phase2_request(struct eap_sm *sm, if (*resp == NULL && (config->pending_req_identity || config->pending_req_password || - config->pending_req_otp || config->pending_req_new_password)) { + config->pending_req_otp || config->pending_req_new_password || + config->pending_req_sim)) { wpabuf_free(data->pending_phase2_req); data->pending_phase2_req = wpabuf_alloc_copy(hdr, len); } @@ -1082,7 +1083,7 @@ static struct wpabuf * eap_peap_process(struct eap_sm *sm, void *priv, eap_peer_tls_derive_key(sm, &data->ssl, label, EAP_TLS_KEY_LEN); if (data->key_data) { - wpa_hexdump_key(MSG_DEBUG, + wpa_hexdump_key(MSG_DEBUG, "EAP-PEAP: Derived key", data->key_data, EAP_TLS_KEY_LEN); @@ -1163,6 +1164,10 @@ static Boolean eap_peap_has_reauth_data(struct eap_sm *sm, void *priv) static void eap_peap_deinit_for_reauth(struct eap_sm *sm, void *priv) { struct eap_peap_data *data = priv; + + if (data->phase2_priv && data->phase2_method && + data->phase2_method->deinit_for_reauth) + data->phase2_method->deinit_for_reauth(sm, data->phase2_priv); wpabuf_free(data->pending_phase2_req); data->pending_phase2_req = NULL; wpabuf_free(data->pending_resp); @@ -1267,12 +1272,11 @@ static u8 * eap_peap_get_session_id(struct eap_sm *sm, void *priv, size_t *len) if (data->session_id == NULL || !data->phase2_success) return NULL; - id = os_malloc(data->id_len); + id = os_memdup(data->session_id, data->id_len); if (id == NULL) return NULL; *len = data->id_len; - os_memcpy(id, data->session_id, data->id_len); return id; } diff --git a/contrib/wpa/src/eap_peer/eap_proxy.h b/contrib/wpa/src/eap_peer/eap_proxy.h index 23cdbe698b3c..9d8e57026722 100644 --- a/contrib/wpa/src/eap_peer/eap_proxy.h +++ b/contrib/wpa/src/eap_peer/eap_proxy.h @@ -20,7 +20,7 @@ enum eap_proxy_status { }; struct eap_proxy_sm * -eap_proxy_init(void *eapol_ctx, struct eapol_callbacks *eapol_cb, +eap_proxy_init(void *eapol_ctx, const struct eapol_callbacks *eapol_cb, void *msg_ctx); void eap_proxy_deinit(struct eap_proxy_sm *eap_proxy); @@ -40,10 +40,16 @@ eap_proxy_packet_update(struct eap_proxy_sm *eap_proxy, u8 *eapReqData, int eap_proxy_sm_get_status(struct eap_proxy_sm *sm, char *buf, size_t buflen, int verbose); -int eap_proxy_get_imsi(struct eap_proxy_sm *eap_proxy, char *imsi_buf, - size_t *imsi_len); +int eap_proxy_get_imsi(struct eap_proxy_sm *eap_proxy, int sim_num, + char *imsi_buf, size_t *imsi_len); int eap_proxy_notify_config(struct eap_proxy_sm *sm, struct eap_peer_config *config); +u8 * eap_proxy_get_eap_session_id(struct eap_proxy_sm *sm, size_t *len); + +u8 * eap_proxy_get_emsk(struct eap_proxy_sm *sm, size_t *len); + +void eap_proxy_sm_abort(struct eap_proxy_sm *sm); + #endif /* EAP_PROXY_H */ diff --git a/contrib/wpa/src/eap_peer/eap_proxy_dummy.c b/contrib/wpa/src/eap_peer/eap_proxy_dummy.c index d84f01234ed5..2cc05c92cdfc 100644 --- a/contrib/wpa/src/eap_peer/eap_proxy_dummy.c +++ b/contrib/wpa/src/eap_peer/eap_proxy_dummy.c @@ -12,7 +12,7 @@ #include "eap_proxy.h" struct eap_proxy_sm * -eap_proxy_init(void *eapol_ctx, struct eapol_callbacks *eapol_cb, +eap_proxy_init(void *eapol_ctx, const struct eapol_callbacks *eapol_cb, void *msg_ctx) { return NULL; @@ -63,8 +63,8 @@ int eap_proxy_sm_get_status(struct eap_proxy_sm *sm, char *buf, size_t buflen, } -int eap_proxy_get_imsi(struct eap_proxy_sm *eap_proxy, char *imsi_buf, - size_t *imsi_len) +int eap_proxy_get_imsi(struct eap_proxy_sm *eap_proxy, int sim_num, + char *imsi_buf, size_t *imsi_len) { return -1; } @@ -75,3 +75,20 @@ int eap_proxy_notify_config(struct eap_proxy_sm *sm, { return -1; } + + +u8 * eap_proxy_get_eap_session_id(struct eap_proxy_sm *sm, size_t *len) +{ + return NULL; +} + + +u8 * eap_proxy_get_emsk(struct eap_proxy_sm *sm, size_t *len) +{ + return NULL; +} + + +void eap_proxy_sm_abort(struct eap_proxy_sm *sm) +{ +} diff --git a/contrib/wpa/src/eap_peer/eap_psk.c b/contrib/wpa/src/eap_peer/eap_psk.c index ac18c158ad8b..eea9430d2406 100644 --- a/contrib/wpa/src/eap_peer/eap_psk.c +++ b/contrib/wpa/src/eap_peer/eap_psk.c @@ -116,14 +116,13 @@ static struct wpabuf * eap_psk_process_1(struct eap_psk_data *data, os_memcpy(data->rand_s, hdr1->rand_s, EAP_PSK_RAND_LEN); os_free(data->id_s); data->id_s_len = len - sizeof(*hdr1); - data->id_s = os_malloc(data->id_s_len); + data->id_s = os_memdup(hdr1 + 1, data->id_s_len); if (data->id_s == NULL) { wpa_printf(MSG_ERROR, "EAP-PSK: Failed to allocate memory for " "ID_S (len=%lu)", (unsigned long) data->id_s_len); ret->ignore = TRUE; return NULL; } - os_memcpy(data->id_s, (u8 *) (hdr1 + 1), data->id_s_len); wpa_hexdump_ascii(MSG_DEBUG, "EAP-PSK: ID_S", data->id_s, data->id_s_len); @@ -273,13 +272,12 @@ static struct wpabuf * eap_psk_process_3(struct eap_psk_data *data, wpabuf_head(reqData), 5); wpa_hexdump(MSG_MSGDUMP, "EAP-PSK: PCHANNEL - cipher msg", msg, left); - decrypted = os_malloc(left); + decrypted = os_memdup(msg, left); if (decrypted == NULL) { ret->methodState = METHOD_DONE; ret->decision = DECISION_FAIL; return NULL; } - os_memcpy(decrypted, msg, left); if (aes_128_eax_decrypt(data->tek, nonce, sizeof(nonce), wpabuf_head(reqData), @@ -425,12 +423,11 @@ static u8 * eap_psk_getKey(struct eap_sm *sm, void *priv, size_t *len) if (data->state != PSK_DONE) return NULL; - key = os_malloc(EAP_MSK_LEN); + key = os_memdup(data->msk, EAP_MSK_LEN); if (key == NULL) return NULL; *len = EAP_MSK_LEN; - os_memcpy(key, data->msk, EAP_MSK_LEN); return key; } @@ -466,12 +463,11 @@ static u8 * eap_psk_get_emsk(struct eap_sm *sm, void *priv, size_t *len) if (data->state != PSK_DONE) return NULL; - key = os_malloc(EAP_EMSK_LEN); + key = os_memdup(data->emsk, EAP_EMSK_LEN); if (key == NULL) return NULL; *len = EAP_EMSK_LEN; - os_memcpy(key, data->emsk, EAP_EMSK_LEN); return key; } diff --git a/contrib/wpa/src/eap_peer/eap_pwd.c b/contrib/wpa/src/eap_peer/eap_pwd.c index d2bc981cd06b..761c16af996a 100644 --- a/contrib/wpa/src/eap_peer/eap_pwd.c +++ b/contrib/wpa/src/eap_peer/eap_pwd.c @@ -9,8 +9,11 @@ #include "includes.h" #include "common.h" +#include "crypto/sha1.h" #include "crypto/sha256.h" +#include "crypto/sha512.h" #include "crypto/ms_funcs.h" +#include "crypto/crypto.h" #include "eap_peer/eap_i.h" #include "eap_common/eap_pwd_common.h" @@ -28,6 +31,8 @@ struct eap_pwd_data { size_t password_len; int password_hash; u16 group_num; + u8 prep; + u8 token[4]; EAP_PWD_group *grp; struct wpabuf *inbuf; @@ -36,18 +41,16 @@ struct eap_pwd_data { size_t out_frag_pos; size_t mtu; - BIGNUM *k; - BIGNUM *private_value; - BIGNUM *server_scalar; - BIGNUM *my_scalar; - EC_POINT *my_element; - EC_POINT *server_element; + struct crypto_bignum *k; + struct crypto_bignum *private_value; + struct crypto_bignum *server_scalar; + struct crypto_bignum *my_scalar; + struct crypto_ec_point *my_element; + struct crypto_ec_point *server_element; u8 msk[EAP_MSK_LEN]; u8 emsk[EAP_EMSK_LEN]; u8 session_id[1 + SHA256_MAC_LEN]; - - BN_CTX *bnctx; }; @@ -107,15 +110,8 @@ static void * eap_pwd_init(struct eap_sm *sm) return NULL; } - if ((data->bnctx = BN_CTX_new()) == NULL) { - wpa_printf(MSG_INFO, "EAP-PWD: bn context allocation fail"); - os_free(data); - return NULL; - } - if ((data->id_peer = os_malloc(identity_len)) == NULL) { wpa_printf(MSG_INFO, "EAP-PWD: memory allocation id fail"); - BN_CTX_free(data->bnctx); os_free(data); return NULL; } @@ -125,7 +121,6 @@ static void * eap_pwd_init(struct eap_sm *sm) if ((data->password = os_malloc(password_len)) == NULL) { wpa_printf(MSG_INFO, "EAP-PWD: memory allocation psk fail"); - BN_CTX_free(data->bnctx); bin_clear_free(data->id_peer, data->id_peer_len); os_free(data); return NULL; @@ -152,21 +147,18 @@ static void eap_pwd_deinit(struct eap_sm *sm, void *priv) { struct eap_pwd_data *data = priv; - BN_clear_free(data->private_value); - BN_clear_free(data->server_scalar); - BN_clear_free(data->my_scalar); - BN_clear_free(data->k); - BN_CTX_free(data->bnctx); - EC_POINT_clear_free(data->my_element); - EC_POINT_clear_free(data->server_element); + crypto_bignum_deinit(data->private_value, 1); + crypto_bignum_deinit(data->server_scalar, 1); + crypto_bignum_deinit(data->my_scalar, 1); + crypto_bignum_deinit(data->k, 1); + crypto_ec_point_deinit(data->my_element, 1); + crypto_ec_point_deinit(data->server_element, 1); bin_clear_free(data->id_peer, data->id_peer_len); bin_clear_free(data->id_server, data->id_server_len); bin_clear_free(data->password, data->password_len); if (data->grp) { - EC_GROUP_free(data->grp->group); - EC_POINT_clear_free(data->grp->pwe); - BN_clear_free(data->grp->order); - BN_clear_free(data->grp->prime); + crypto_ec_deinit(data->grp->group); + crypto_ec_point_deinit(data->grp->pwe, 1); os_free(data->grp); } wpabuf_free(data->inbuf); @@ -183,11 +175,10 @@ static u8 * eap_pwd_getkey(struct eap_sm *sm, void *priv, size_t *len) if (data->state != SUCCESS) return NULL; - key = os_malloc(EAP_MSK_LEN); + key = os_memdup(data->msk, EAP_MSK_LEN); if (key == NULL) return NULL; - os_memcpy(key, data->msk, EAP_MSK_LEN); *len = EAP_MSK_LEN; return key; @@ -202,11 +193,10 @@ static u8 * eap_pwd_get_session_id(struct eap_sm *sm, void *priv, size_t *len) if (data->state != SUCCESS) return NULL; - id = os_malloc(1 + SHA256_MAC_LEN); + id = os_memdup(data->session_id, 1 + SHA256_MAC_LEN); if (id == NULL) return NULL; - os_memcpy(id, data->session_id, 1 + SHA256_MAC_LEN); *len = 1 + SHA256_MAC_LEN; return id; @@ -220,10 +210,6 @@ eap_pwd_perform_id_exchange(struct eap_sm *sm, struct eap_pwd_data *data, const u8 *payload, size_t payload_len) { struct eap_pwd_id *id; - const u8 *password; - size_t password_len; - u8 pwhashhash[16]; - int res; if (data->state != PWD_ID_Req) { ret->ignore = TRUE; @@ -250,7 +236,10 @@ eap_pwd_perform_id_exchange(struct eap_sm *sm, struct eap_pwd_data *data, } if (id->prep != EAP_PWD_PREP_NONE && - id->prep != EAP_PWD_PREP_MS) { + id->prep != EAP_PWD_PREP_MS && + id->prep != EAP_PWD_PREP_SSHA1 && + id->prep != EAP_PWD_PREP_SSHA256 && + id->prep != EAP_PWD_PREP_SSHA512) { wpa_printf(MSG_DEBUG, "EAP-PWD: Unsupported password pre-processing technique (Prep=%u)", id->prep); @@ -268,6 +257,15 @@ eap_pwd_perform_id_exchange(struct eap_sm *sm, struct eap_pwd_data *data, wpa_printf(MSG_DEBUG, "EAP-PWD (peer): using group %d", data->group_num); + data->prep = id->prep; + os_memcpy(data->token, id->token, sizeof(id->token)); + + if (data->id_server || data->grp) { + wpa_printf(MSG_INFO, "EAP-pwd: data was already allocated"); + eap_pwd_state(data, FAILURE); + return; + } + data->id_server = os_malloc(payload_len - sizeof(struct eap_pwd_id)); if (data->id_server == NULL) { wpa_printf(MSG_INFO, "EAP-PWD: memory allocation id fail"); @@ -279,7 +277,7 @@ eap_pwd_perform_id_exchange(struct eap_sm *sm, struct eap_pwd_data *data, wpa_hexdump_ascii(MSG_INFO, "EAP-PWD (peer): server sent id of", data->id_server, data->id_server_len); - data->grp = os_zalloc(sizeof(EAP_PWD_group)); + data->grp = get_eap_pwd_group(data->group_num); if (data->grp == NULL) { wpa_printf(MSG_INFO, "EAP-PWD: failed to allocate memory for " "group"); @@ -287,13 +285,74 @@ eap_pwd_perform_id_exchange(struct eap_sm *sm, struct eap_pwd_data *data, return; } - if (id->prep == EAP_PWD_PREP_MS) { + data->outbuf = wpabuf_alloc(sizeof(struct eap_pwd_id) + + data->id_peer_len); + if (data->outbuf == NULL) { + eap_pwd_state(data, FAILURE); + return; + } + wpabuf_put_be16(data->outbuf, data->group_num); + wpabuf_put_u8(data->outbuf, EAP_PWD_DEFAULT_RAND_FUNC); + wpabuf_put_u8(data->outbuf, EAP_PWD_DEFAULT_PRF); + wpabuf_put_data(data->outbuf, id->token, sizeof(id->token)); + wpabuf_put_u8(data->outbuf, id->prep); + wpabuf_put_data(data->outbuf, data->id_peer, data->id_peer_len); + + eap_pwd_state(data, PWD_Commit_Req); +} + + +static void +eap_pwd_perform_commit_exchange(struct eap_sm *sm, struct eap_pwd_data *data, + struct eap_method_ret *ret, + const struct wpabuf *reqData, + const u8 *payload, size_t payload_len) +{ + struct crypto_ec_point *K = NULL, *point = NULL; + struct crypto_bignum *mask = NULL, *cofactor = NULL; + const u8 *ptr = payload; + u8 *scalar = NULL, *element = NULL; + size_t prime_len, order_len; + const u8 *password; + size_t password_len; + u8 pwhashhash[16]; + const u8 *salt_pwd[2]; + size_t salt_pwd_len[2], exp_len; + u8 salt_len, salthashpwd[64]; /* 64 = SHA512_DIGEST_LENGTH */ + int res; + + if (data->state != PWD_Commit_Req) { + ret->ignore = TRUE; + goto fin; + } + + if (!data->grp) { + wpa_printf(MSG_DEBUG, + "EAP-PWD (client): uninitialized EAP-pwd group"); + ret->ignore = TRUE; + goto fin; + } + + prime_len = crypto_ec_prime_len(data->grp->group); + order_len = crypto_ec_order_len(data->grp->group); + + switch (data->prep) { + case EAP_PWD_PREP_MS: + wpa_printf(MSG_DEBUG, + "EAP-pwd commit request, password prep is MS"); #ifdef CONFIG_FIPS wpa_printf(MSG_ERROR, "EAP-PWD (peer): MS password hash not supported in FIPS mode"); eap_pwd_state(data, FAILURE); return; #else /* CONFIG_FIPS */ + if (payload_len != 2 * prime_len + order_len) { + wpa_printf(MSG_INFO, + "EAP-pwd: Unexpected Commit payload length %u (expected %u)", + (unsigned int) payload_len, + (unsigned int) (2 * prime_len + order_len)); + goto fin; + } if (data->password_hash) { res = hash_nt_password_hash(data->password, pwhashhash); } else { @@ -314,9 +373,139 @@ eap_pwd_perform_id_exchange(struct eap_sm *sm, struct eap_pwd_data *data, password = pwhashhash; password_len = sizeof(pwhashhash); #endif /* CONFIG_FIPS */ - } else { + break; + case EAP_PWD_PREP_SSHA1: + wpa_printf(MSG_DEBUG, + "EAP-pwd commit request, password prep is salted sha1"); + if (payload_len < 1 || *ptr == 0) { + wpa_printf(MSG_DEBUG, "EAP-pwd: Invalid Salt-len"); + goto fin; + } + salt_len = *ptr++; + exp_len = 1 + salt_len + 2 * prime_len + order_len; + if (payload_len != exp_len) { + wpa_printf(MSG_INFO, + "EAP-pwd: Unexpected Commit payload length %u (expected %u)", + (unsigned int) payload_len, + (unsigned int) exp_len); + goto fin; + } + + /* salted-password = Hash(password | salt) */ + wpa_hexdump_key(MSG_DEBUG, "EAP-pwd: Unsalted password", + data->password, data->password_len); + wpa_hexdump(MSG_DEBUG, "EAP-pwd: Salt", ptr, salt_len); + salt_pwd[0] = data->password; + salt_pwd[1] = ptr; + salt_pwd_len[0] = data->password_len; + salt_pwd_len[1] = salt_len; + if (sha1_vector(2, salt_pwd, salt_pwd_len, salthashpwd) < 0) + goto fin; + + wpa_printf(MSG_DEBUG, + "EAP-pwd: sha1 hashed %d byte salt with password", + (int) salt_len); + ptr += salt_len; + password = salthashpwd; + password_len = SHA1_MAC_LEN; + wpa_hexdump_key(MSG_DEBUG, "EAP-pwd: Salted password", + password, password_len); + break; + case EAP_PWD_PREP_SSHA256: + wpa_printf(MSG_DEBUG, + "EAP-pwd commit request, password prep is salted sha256"); + if (payload_len < 1 || *ptr == 0) { + wpa_printf(MSG_DEBUG, "EAP-pwd: Invalid Salt-len"); + goto fin; + } + salt_len = *ptr++; + exp_len = 1 + salt_len + 2 * prime_len + order_len; + if (payload_len != exp_len) { + wpa_printf(MSG_INFO, + "EAP-pwd: Unexpected Commit payload length %u (expected %u)", + (unsigned int) payload_len, + (unsigned int) exp_len); + goto fin; + } + + /* salted-password = Hash(password | salt) */ + wpa_hexdump_key(MSG_DEBUG, "EAP-pwd: Unsalted password", + data->password, data->password_len); + wpa_hexdump(MSG_DEBUG, "EAP-pwd: Salt", ptr, salt_len); + salt_pwd[0] = data->password; + salt_pwd[1] = ptr; + salt_pwd_len[0] = data->password_len; + salt_pwd_len[1] = salt_len; + if (sha256_vector(2, salt_pwd, salt_pwd_len, salthashpwd) < 0) + goto fin; + + ptr += salt_len; + password = salthashpwd; + password_len = SHA256_MAC_LEN; + wpa_hexdump_key(MSG_DEBUG, "EAP-pwd: Salted password", + password, password_len); + break; +#ifdef CONFIG_SHA512 + case EAP_PWD_PREP_SSHA512: + wpa_printf(MSG_DEBUG, + "EAP-pwd commit request, password prep is salted sha512"); + if (payload_len < 1 || *ptr == 0) { + wpa_printf(MSG_DEBUG, "EAP-pwd: Invalid Salt-len"); + goto fin; + } + salt_len = *ptr++; + exp_len = 1 + salt_len + 2 * prime_len + order_len; + if (payload_len != exp_len) { + wpa_printf(MSG_INFO, + "EAP-pwd: Unexpected Commit payload length %u (expected %u)", + (unsigned int) payload_len, + (unsigned int) exp_len); + goto fin; + } + + /* salted-password = Hash(password | salt) */ + wpa_hexdump_key(MSG_DEBUG, "EAP-pwd: Unsalted password", + data->password, data->password_len); + wpa_hexdump(MSG_DEBUG, "EAP-pwd: Salt", ptr, salt_len); + salt_pwd[0] = data->password; + salt_pwd[1] = ptr; + salt_pwd_len[0] = data->password_len; + salt_pwd_len[1] = salt_len; + if (sha512_vector(2, salt_pwd, salt_pwd_len, salthashpwd) < 0) + goto fin; + + ptr += salt_len; + password = salthashpwd; + password_len = SHA512_MAC_LEN; + wpa_hexdump_key(MSG_DEBUG, "EAP-pwd: Salted password", + password, password_len); + break; +#endif /* CONFIG_SHA512 */ + case EAP_PWD_PREP_NONE: + wpa_printf(MSG_DEBUG, + "EAP-pwd commit request, password prep is NONE"); + if (data->password_hash) { + wpa_printf(MSG_DEBUG, + "EAP-PWD: Unhashed password not available"); + eap_pwd_state(data, FAILURE); + return; + } + if (payload_len != 2 * prime_len + order_len) { + wpa_printf(MSG_INFO, + "EAP-pwd: Unexpected Commit payload length %u (expected %u)", + (unsigned int) payload_len, + (unsigned int) (2 * prime_len + order_len)); + goto fin; + } password = data->password; password_len = data->password_len; + break; + default: + wpa_printf(MSG_DEBUG, + "EAP-pwd: Unsupported password pre-processing technique (Prep=%u)", + data->prep); + eap_pwd_state(data, FAILURE); + return; } /* compute PWE */ @@ -324,8 +513,9 @@ eap_pwd_perform_id_exchange(struct eap_sm *sm, struct eap_pwd_data *data, password, password_len, data->id_server, data->id_server_len, data->id_peer, data->id_peer_len, - id->token); + data->token); os_memset(pwhashhash, 0, sizeof(pwhashhash)); + os_memset(salthashpwd, 0, sizeof(salthashpwd)); if (res) { wpa_printf(MSG_INFO, "EAP-PWD (peer): unable to compute PWE"); eap_pwd_state(data, FAILURE); @@ -333,134 +523,86 @@ eap_pwd_perform_id_exchange(struct eap_sm *sm, struct eap_pwd_data *data, } wpa_printf(MSG_DEBUG, "EAP-PWD (peer): computed %d bit PWE...", - BN_num_bits(data->grp->prime)); - - data->outbuf = wpabuf_alloc(sizeof(struct eap_pwd_id) + - data->id_peer_len); - if (data->outbuf == NULL) { - eap_pwd_state(data, FAILURE); - return; - } - wpabuf_put_be16(data->outbuf, data->group_num); - wpabuf_put_u8(data->outbuf, EAP_PWD_DEFAULT_RAND_FUNC); - wpabuf_put_u8(data->outbuf, EAP_PWD_DEFAULT_PRF); - wpabuf_put_data(data->outbuf, id->token, sizeof(id->token)); - wpabuf_put_u8(data->outbuf, EAP_PWD_PREP_NONE); - wpabuf_put_data(data->outbuf, data->id_peer, data->id_peer_len); - - eap_pwd_state(data, PWD_Commit_Req); -} - - -static void -eap_pwd_perform_commit_exchange(struct eap_sm *sm, struct eap_pwd_data *data, - struct eap_method_ret *ret, - const struct wpabuf *reqData, - const u8 *payload, size_t payload_len) -{ - EC_POINT *K = NULL, *point = NULL; - BIGNUM *mask = NULL, *x = NULL, *y = NULL, *cofactor = NULL; - u16 offset; - u8 *ptr, *scalar = NULL, *element = NULL; - size_t prime_len, order_len; - - if (data->state != PWD_Commit_Req) { - ret->ignore = TRUE; - goto fin; - } - - prime_len = BN_num_bytes(data->grp->prime); - order_len = BN_num_bytes(data->grp->order); - - if (payload_len != 2 * prime_len + order_len) { - wpa_printf(MSG_INFO, - "EAP-pwd: Unexpected Commit payload length %u (expected %u)", - (unsigned int) payload_len, - (unsigned int) (2 * prime_len + order_len)); - goto fin; - } - - if (((data->private_value = BN_new()) == NULL) || - ((data->my_element = EC_POINT_new(data->grp->group)) == NULL) || - ((cofactor = BN_new()) == NULL) || - ((data->my_scalar = BN_new()) == NULL) || - ((mask = BN_new()) == NULL)) { + (int) crypto_ec_prime_len_bits(data->grp->group)); + + data->private_value = crypto_bignum_init(); + data->my_element = crypto_ec_point_init(data->grp->group); + cofactor = crypto_bignum_init(); + data->my_scalar = crypto_bignum_init(); + mask = crypto_bignum_init(); + if (!data->private_value || !data->my_element || !cofactor || + !data->my_scalar || !mask) { wpa_printf(MSG_INFO, "EAP-PWD (peer): scalar allocation fail"); goto fin; } - if (!EC_GROUP_get_cofactor(data->grp->group, cofactor, NULL)) { + if (crypto_ec_cofactor(data->grp->group, cofactor) < 0) { wpa_printf(MSG_INFO, "EAP-pwd (peer): unable to get cofactor " "for curve"); goto fin; } - if (BN_rand_range(data->private_value, data->grp->order) != 1 || - BN_rand_range(mask, data->grp->order) != 1 || - BN_add(data->my_scalar, data->private_value, mask) != 1 || - BN_mod(data->my_scalar, data->my_scalar, data->grp->order, - data->bnctx) != 1) { + if (crypto_bignum_rand(data->private_value, + crypto_ec_get_order(data->grp->group)) < 0 || + crypto_bignum_rand(mask, + crypto_ec_get_order(data->grp->group)) < 0 || + crypto_bignum_add(data->private_value, mask, + data->my_scalar) < 0 || + crypto_bignum_mod(data->my_scalar, + crypto_ec_get_order(data->grp->group), + data->my_scalar) < 0) { wpa_printf(MSG_INFO, "EAP-pwd (peer): unable to get randomness"); goto fin; } - if (!EC_POINT_mul(data->grp->group, data->my_element, NULL, - data->grp->pwe, mask, data->bnctx)) { + if (crypto_ec_point_mul(data->grp->group, data->grp->pwe, mask, + data->my_element) < 0) { wpa_printf(MSG_INFO, "EAP-PWD (peer): element allocation " "fail"); eap_pwd_state(data, FAILURE); goto fin; } - if (!EC_POINT_invert(data->grp->group, data->my_element, data->bnctx)) - { + if (crypto_ec_point_invert(data->grp->group, data->my_element) < 0) { wpa_printf(MSG_INFO, "EAP-PWD (peer): element inversion fail"); goto fin; } - if (((x = BN_new()) == NULL) || - ((y = BN_new()) == NULL)) { - wpa_printf(MSG_INFO, "EAP-PWD (peer): point allocation fail"); - goto fin; - } - /* process the request */ - if (((data->server_scalar = BN_new()) == NULL) || - ((data->k = BN_new()) == NULL) || - ((K = EC_POINT_new(data->grp->group)) == NULL) || - ((point = EC_POINT_new(data->grp->group)) == NULL) || - ((data->server_element = EC_POINT_new(data->grp->group)) == NULL)) - { + data->k = crypto_bignum_init(); + K = crypto_ec_point_init(data->grp->group); + point = crypto_ec_point_init(data->grp->group); + if (!data->k || !K || !point) { wpa_printf(MSG_INFO, "EAP-PWD (peer): peer data allocation " "fail"); goto fin; } /* element, x then y, followed by scalar */ - ptr = (u8 *) payload; - BN_bin2bn(ptr, BN_num_bytes(data->grp->prime), x); - ptr += BN_num_bytes(data->grp->prime); - BN_bin2bn(ptr, BN_num_bytes(data->grp->prime), y); - ptr += BN_num_bytes(data->grp->prime); - BN_bin2bn(ptr, BN_num_bytes(data->grp->order), data->server_scalar); - if (!EC_POINT_set_affine_coordinates_GFp(data->grp->group, - data->server_element, x, y, - data->bnctx)) { + data->server_element = crypto_ec_point_from_bin(data->grp->group, ptr); + if (!data->server_element) { wpa_printf(MSG_INFO, "EAP-PWD (peer): setting peer element " "fail"); goto fin; } + ptr += prime_len * 2; + data->server_scalar = crypto_bignum_init_set(ptr, order_len); + if (!data->server_scalar) { + wpa_printf(MSG_INFO, + "EAP-PWD (peer): setting peer scalar fail"); + goto fin; + } /* check to ensure server's element is not in a small sub-group */ - if (BN_cmp(cofactor, BN_value_one())) { - if (!EC_POINT_mul(data->grp->group, point, NULL, - data->server_element, cofactor, NULL)) { + if (!crypto_bignum_is_one(cofactor)) { + if (crypto_ec_point_mul(data->grp->group, data->server_element, + cofactor, point) < 0) { wpa_printf(MSG_INFO, "EAP-PWD (peer): cannot multiply " "server element by order!\n"); goto fin; } - if (EC_POINT_is_at_infinity(data->grp->group, point)) { + if (crypto_ec_point_is_at_infinity(data->grp->group, point)) { wpa_printf(MSG_INFO, "EAP-PWD (peer): server element " "is at infinity!\n"); goto fin; @@ -468,21 +610,20 @@ eap_pwd_perform_commit_exchange(struct eap_sm *sm, struct eap_pwd_data *data, } /* compute the shared key, k */ - if ((!EC_POINT_mul(data->grp->group, K, NULL, data->grp->pwe, - data->server_scalar, data->bnctx)) || - (!EC_POINT_add(data->grp->group, K, K, data->server_element, - data->bnctx)) || - (!EC_POINT_mul(data->grp->group, K, NULL, K, data->private_value, - data->bnctx))) { + if (crypto_ec_point_mul(data->grp->group, data->grp->pwe, + data->server_scalar, K) < 0 || + crypto_ec_point_add(data->grp->group, K, data->server_element, + K) < 0 || + crypto_ec_point_mul(data->grp->group, K, data->private_value, + K) < 0) { wpa_printf(MSG_INFO, "EAP-PWD (peer): computing shared key " "fail"); goto fin; } /* ensure that the shared key isn't in a small sub-group */ - if (BN_cmp(cofactor, BN_value_one())) { - if (!EC_POINT_mul(data->grp->group, K, NULL, K, cofactor, - NULL)) { + if (!crypto_bignum_is_one(cofactor)) { + if (crypto_ec_point_mul(data->grp->group, K, cofactor, K) < 0) { wpa_printf(MSG_INFO, "EAP-PWD (peer): cannot multiply " "shared key point by order"); goto fin; @@ -495,30 +636,22 @@ eap_pwd_perform_commit_exchange(struct eap_sm *sm, struct eap_pwd_data *data, * never going to happen it is a simple and safe check "just to be * sure" so let's be safe. */ - if (EC_POINT_is_at_infinity(data->grp->group, K)) { + if (crypto_ec_point_is_at_infinity(data->grp->group, K)) { wpa_printf(MSG_INFO, "EAP-PWD (peer): shared key point is at " "infinity!\n"); goto fin; } - if (!EC_POINT_get_affine_coordinates_GFp(data->grp->group, K, data->k, - NULL, data->bnctx)) { + if (crypto_ec_point_x(data->grp->group, K, data->k) < 0) { wpa_printf(MSG_INFO, "EAP-PWD (peer): unable to extract " "shared secret from point"); goto fin; } /* now do the response */ - if (!EC_POINT_get_affine_coordinates_GFp(data->grp->group, - data->my_element, x, y, - data->bnctx)) { - wpa_printf(MSG_INFO, "EAP-PWD (peer): point assignment fail"); - goto fin; - } - - if (((scalar = os_malloc(BN_num_bytes(data->grp->order))) == NULL) || - ((element = os_malloc(BN_num_bytes(data->grp->prime) * 2)) == - NULL)) { + scalar = os_zalloc(order_len); + element = os_zalloc(prime_len * 2); + if (!scalar || !element) { wpa_printf(MSG_INFO, "EAP-PWD (peer): data allocation fail"); goto fin; } @@ -528,36 +661,28 @@ eap_pwd_perform_commit_exchange(struct eap_sm *sm, struct eap_pwd_data *data, * sufficiently smaller than the prime or order might need pre-pending * with zeros. */ - os_memset(scalar, 0, BN_num_bytes(data->grp->order)); - os_memset(element, 0, BN_num_bytes(data->grp->prime) * 2); - offset = BN_num_bytes(data->grp->order) - - BN_num_bytes(data->my_scalar); - BN_bn2bin(data->my_scalar, scalar + offset); - - offset = BN_num_bytes(data->grp->prime) - BN_num_bytes(x); - BN_bn2bin(x, element + offset); - offset = BN_num_bytes(data->grp->prime) - BN_num_bytes(y); - BN_bn2bin(y, element + BN_num_bytes(data->grp->prime) + offset); - - data->outbuf = wpabuf_alloc(BN_num_bytes(data->grp->order) + - 2 * BN_num_bytes(data->grp->prime)); + crypto_bignum_to_bin(data->my_scalar, scalar, order_len, order_len); + if (crypto_ec_point_to_bin(data->grp->group, data->my_element, element, + element + prime_len) != 0) { + wpa_printf(MSG_INFO, "EAP-PWD (peer): point assignment fail"); + goto fin; + } + + data->outbuf = wpabuf_alloc(order_len + 2 * prime_len); if (data->outbuf == NULL) goto fin; /* we send the element as (x,y) follwed by the scalar */ - wpabuf_put_data(data->outbuf, element, - 2 * BN_num_bytes(data->grp->prime)); - wpabuf_put_data(data->outbuf, scalar, BN_num_bytes(data->grp->order)); + wpabuf_put_data(data->outbuf, element, 2 * prime_len); + wpabuf_put_data(data->outbuf, scalar, order_len); fin: os_free(scalar); os_free(element); - BN_clear_free(x); - BN_clear_free(y); - BN_clear_free(mask); - BN_clear_free(cofactor); - EC_POINT_clear_free(K); - EC_POINT_clear_free(point); + crypto_bignum_deinit(mask, 1); + crypto_bignum_deinit(cofactor, 1); + crypto_ec_point_deinit(K, 1); + crypto_ec_point_deinit(point, 1); if (data->outbuf == NULL) eap_pwd_state(data, FAILURE); else @@ -571,12 +696,11 @@ eap_pwd_perform_confirm_exchange(struct eap_sm *sm, struct eap_pwd_data *data, const struct wpabuf *reqData, const u8 *payload, size_t payload_len) { - BIGNUM *x = NULL, *y = NULL; - struct crypto_hash *hash; + struct crypto_hash *hash = NULL; u32 cs; u16 grp; u8 conf[SHA256_MAC_LEN], *cruft = NULL, *ptr; - int offset; + size_t prime_len = 0, order_len = 0; if (data->state != PWD_Confirm_Req) { ret->ignore = TRUE; @@ -590,6 +714,9 @@ eap_pwd_perform_confirm_exchange(struct eap_sm *sm, struct eap_pwd_data *data, goto fin; } + prime_len = crypto_ec_prime_len(data->grp->group); + order_len = crypto_ec_order_len(data->grp->group); + /* * first build up the ciphersuite which is group | random_function | * prf @@ -602,9 +729,9 @@ eap_pwd_perform_confirm_exchange(struct eap_sm *sm, struct eap_pwd_data *data, ptr += sizeof(u8); *ptr = EAP_PWD_DEFAULT_PRF; - /* each component of the cruft will be at most as big as the prime */ - if (((cruft = os_malloc(BN_num_bytes(data->grp->prime))) == NULL) || - ((x = BN_new()) == NULL) || ((y = BN_new()) == NULL)) { + /* each component of the point will be at most as big as the prime */ + cruft = os_malloc(prime_len * 2); + if (!cruft) { wpa_printf(MSG_INFO, "EAP-PWD (server): confirm allocation " "fail"); goto fin; @@ -622,65 +749,41 @@ eap_pwd_perform_confirm_exchange(struct eap_sm *sm, struct eap_pwd_data *data, * zero the memory each time because this is mod prime math and some * value may start with a few zeros and the previous one did not. */ - os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); - offset = BN_num_bytes(data->grp->prime) - BN_num_bytes(data->k); - BN_bn2bin(data->k, cruft + offset); - eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->prime)); + crypto_bignum_to_bin(data->k, cruft, prime_len, prime_len); + eap_pwd_h_update(hash, cruft, prime_len); /* server element: x, y */ - if (!EC_POINT_get_affine_coordinates_GFp(data->grp->group, - data->server_element, x, y, - data->bnctx)) { + if (crypto_ec_point_to_bin(data->grp->group, data->server_element, + cruft, cruft + prime_len) != 0) { wpa_printf(MSG_INFO, "EAP-PWD (server): confirm point " "assignment fail"); goto fin; } - os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); - offset = BN_num_bytes(data->grp->prime) - BN_num_bytes(x); - BN_bn2bin(x, cruft + offset); - eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->prime)); - os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); - offset = BN_num_bytes(data->grp->prime) - BN_num_bytes(y); - BN_bn2bin(y, cruft + offset); - eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->prime)); + eap_pwd_h_update(hash, cruft, prime_len * 2); /* server scalar */ - os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); - offset = BN_num_bytes(data->grp->order) - - BN_num_bytes(data->server_scalar); - BN_bn2bin(data->server_scalar, cruft + offset); - eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->order)); + crypto_bignum_to_bin(data->server_scalar, cruft, order_len, order_len); + eap_pwd_h_update(hash, cruft, order_len); /* my element: x, y */ - if (!EC_POINT_get_affine_coordinates_GFp(data->grp->group, - data->my_element, x, y, - data->bnctx)) { + if (crypto_ec_point_to_bin(data->grp->group, data->my_element, cruft, + cruft + prime_len) != 0) { wpa_printf(MSG_INFO, "EAP-PWD (server): confirm point " "assignment fail"); goto fin; } - - os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); - offset = BN_num_bytes(data->grp->prime) - BN_num_bytes(x); - BN_bn2bin(x, cruft + offset); - eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->prime)); - os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); - offset = BN_num_bytes(data->grp->prime) - BN_num_bytes(y); - BN_bn2bin(y, cruft + offset); - eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->prime)); + eap_pwd_h_update(hash, cruft, prime_len * 2); /* my scalar */ - os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); - offset = BN_num_bytes(data->grp->order) - - BN_num_bytes(data->my_scalar); - BN_bn2bin(data->my_scalar, cruft + offset); - eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->order)); + crypto_bignum_to_bin(data->my_scalar, cruft, order_len, order_len); + eap_pwd_h_update(hash, cruft, order_len); /* the ciphersuite */ eap_pwd_h_update(hash, (u8 *) &cs, sizeof(u32)); /* random function fin */ eap_pwd_h_final(hash, conf); + hash = NULL; ptr = (u8 *) payload; if (os_memcmp_const(conf, ptr, SHA256_MAC_LEN)) { @@ -700,66 +803,43 @@ eap_pwd_perform_confirm_exchange(struct eap_sm *sm, struct eap_pwd_data *data, goto fin; /* k */ - os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); - offset = BN_num_bytes(data->grp->prime) - BN_num_bytes(data->k); - BN_bn2bin(data->k, cruft + offset); - eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->prime)); + crypto_bignum_to_bin(data->k, cruft, prime_len, prime_len); + eap_pwd_h_update(hash, cruft, prime_len); /* my element */ - if (!EC_POINT_get_affine_coordinates_GFp(data->grp->group, - data->my_element, x, y, - data->bnctx)) { + if (crypto_ec_point_to_bin(data->grp->group, data->my_element, cruft, + cruft + prime_len) != 0) { wpa_printf(MSG_INFO, "EAP-PWD (peer): confirm point " "assignment fail"); goto fin; } - os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); - offset = BN_num_bytes(data->grp->prime) - BN_num_bytes(x); - BN_bn2bin(x, cruft + offset); - eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->prime)); - os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); - offset = BN_num_bytes(data->grp->prime) - BN_num_bytes(y); - BN_bn2bin(y, cruft + offset); - eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->prime)); + eap_pwd_h_update(hash, cruft, prime_len * 2); /* my scalar */ - os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); - offset = BN_num_bytes(data->grp->order) - - BN_num_bytes(data->my_scalar); - BN_bn2bin(data->my_scalar, cruft + offset); - eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->order)); + crypto_bignum_to_bin(data->my_scalar, cruft, order_len, order_len); + eap_pwd_h_update(hash, cruft, order_len); /* server element: x, y */ - if (!EC_POINT_get_affine_coordinates_GFp(data->grp->group, - data->server_element, x, y, - data->bnctx)) { + if (crypto_ec_point_to_bin(data->grp->group, data->server_element, + cruft, cruft + prime_len) != 0) { wpa_printf(MSG_INFO, "EAP-PWD (peer): confirm point " "assignment fail"); goto fin; } - os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); - offset = BN_num_bytes(data->grp->prime) - BN_num_bytes(x); - BN_bn2bin(x, cruft + offset); - eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->prime)); - os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); - offset = BN_num_bytes(data->grp->prime) - BN_num_bytes(y); - BN_bn2bin(y, cruft + offset); - eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->prime)); + eap_pwd_h_update(hash, cruft, prime_len * 2); /* server scalar */ - os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); - offset = BN_num_bytes(data->grp->order) - - BN_num_bytes(data->server_scalar); - BN_bn2bin(data->server_scalar, cruft + offset); - eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->order)); + crypto_bignum_to_bin(data->server_scalar, cruft, order_len, order_len); + eap_pwd_h_update(hash, cruft, order_len); /* the ciphersuite */ eap_pwd_h_update(hash, (u8 *) &cs, sizeof(u32)); /* all done */ eap_pwd_h_final(hash, conf); + hash = NULL; - if (compute_keys(data->grp, data->bnctx, data->k, + if (compute_keys(data->grp, data->k, data->my_scalar, data->server_scalar, conf, ptr, &cs, data->msk, data->emsk, data->session_id) < 0) { wpa_printf(MSG_INFO, "EAP-PWD (peer): unable to compute MSK | " @@ -774,10 +854,7 @@ eap_pwd_perform_confirm_exchange(struct eap_sm *sm, struct eap_pwd_data *data, wpabuf_put_data(data->outbuf, conf, SHA256_MAC_LEN); fin: - if (data->grp) - bin_clear_free(cruft, BN_num_bytes(data->grp->prime)); - BN_clear_free(x); - BN_clear_free(y); + bin_clear_free(cruft, prime_len * 2); if (data->outbuf == NULL) { ret->methodState = METHOD_DONE; ret->decision = DECISION_FAIL; @@ -785,6 +862,10 @@ fin: } else { eap_pwd_state(data, SUCCESS_ON_FRAG_COMPLETION); } + + /* clean allocated memory */ + if (hash) + eap_pwd_h_final(hash, conf); } diff --git a/contrib/wpa/src/eap_peer/eap_sake.c b/contrib/wpa/src/eap_peer/eap_sake.c index 330febbefd78..0a6ce255af4d 100644 --- a/contrib/wpa/src/eap_peer/eap_sake.c +++ b/contrib/wpa/src/eap_peer/eap_sake.c @@ -85,12 +85,11 @@ static void * eap_sake_init(struct eap_sm *sm) identity = eap_get_config_identity(sm, &identity_len); if (identity) { - data->peerid = os_malloc(identity_len); + data->peerid = os_memdup(identity, identity_len); if (data->peerid == NULL) { eap_sake_deinit(sm, data); return NULL; } - os_memcpy(data->peerid, identity, identity_len); data->peerid_len = identity_len; } @@ -230,10 +229,9 @@ static struct wpabuf * eap_sake_process_challenge(struct eap_sm *sm, if (attr.serverid) { wpa_hexdump_ascii(MSG_MSGDUMP, "EAP-SAKE: SERVERID", attr.serverid, attr.serverid_len); - data->serverid = os_malloc(attr.serverid_len); + data->serverid = os_memdup(attr.serverid, attr.serverid_len); if (data->serverid == NULL) return NULL; - os_memcpy(data->serverid, attr.serverid, attr.serverid_len); data->serverid_len = attr.serverid_len; } @@ -450,10 +448,9 @@ static u8 * eap_sake_getKey(struct eap_sm *sm, void *priv, size_t *len) if (data->state != SUCCESS) return NULL; - key = os_malloc(EAP_MSK_LEN); + key = os_memdup(data->msk, EAP_MSK_LEN); if (key == NULL) return NULL; - os_memcpy(key, data->msk, EAP_MSK_LEN); *len = EAP_MSK_LEN; return key; @@ -490,10 +487,9 @@ static u8 * eap_sake_get_emsk(struct eap_sm *sm, void *priv, size_t *len) if (data->state != SUCCESS) return NULL; - key = os_malloc(EAP_EMSK_LEN); + key = os_memdup(data->emsk, EAP_EMSK_LEN); if (key == NULL) return NULL; - os_memcpy(key, data->emsk, EAP_EMSK_LEN); *len = EAP_EMSK_LEN; return key; diff --git a/contrib/wpa/src/eap_peer/eap_sim.c b/contrib/wpa/src/eap_peer/eap_sim.c index b97c95db196f..ba5eea9ddfa2 100644 --- a/contrib/wpa/src/eap_peer/eap_sim.c +++ b/contrib/wpa/src/eap_peer/eap_sim.c @@ -46,6 +46,8 @@ struct eap_sim_data { CONTINUE, RESULT_SUCCESS, SUCCESS, FAILURE } state; int result_ind, use_result_ind; + int use_pseudonym; + int error_code; }; @@ -93,6 +95,9 @@ static void * eap_sim_init(struct eap_sm *sm) return NULL; } + /* Zero is a valid error code, so we need to initialize */ + data->error_code = NO_EAP_METHOD_ERROR; + data->min_num_chal = 2; if (config && config->phase1) { char *pos = os_strstr(config->phase1, "sim_min_num_chal="); @@ -115,7 +120,8 @@ static void * eap_sim_init(struct eap_sm *sm) NULL; } - if (config && config->anonymous_identity) { + data->use_pseudonym = !sm->init_phase2; + if (config && config->anonymous_identity && data->use_pseudonym) { data->pseudonym = os_malloc(config->anonymous_identity_len); if (data->pseudonym) { os_memcpy(data->pseudonym, config->anonymous_identity, @@ -372,7 +378,8 @@ static void eap_sim_clear_identities(struct eap_sm *sm, os_free(data->pseudonym); data->pseudonym = NULL; data->pseudonym_len = 0; - eap_set_anon_id(sm, NULL, 0); + if (data->use_pseudonym) + eap_set_anon_id(sm, NULL, 0); } if ((id & CLEAR_REAUTH_ID) && data->reauth_id) { wpa_printf(MSG_DEBUG, "EAP-SIM: forgetting old reauth_id"); @@ -427,20 +434,21 @@ static int eap_sim_learn_ids(struct eap_sm *sm, struct eap_sim_data *data, realm, realm_len); } data->pseudonym_len = attr->next_pseudonym_len + realm_len; - eap_set_anon_id(sm, data->pseudonym, data->pseudonym_len); + if (data->use_pseudonym) + eap_set_anon_id(sm, data->pseudonym, + data->pseudonym_len); } if (attr->next_reauth_id) { os_free(data->reauth_id); - data->reauth_id = os_malloc(attr->next_reauth_id_len); + data->reauth_id = os_memdup(attr->next_reauth_id, + attr->next_reauth_id_len); if (data->reauth_id == NULL) { wpa_printf(MSG_INFO, "EAP-SIM: (encr) No memory for " "next reauth_id"); data->reauth_id_len = 0; return -1; } - os_memcpy(data->reauth_id, attr->next_reauth_id, - attr->next_reauth_id_len); data->reauth_id_len = attr->next_reauth_id_len; wpa_hexdump_ascii(MSG_DEBUG, "EAP-SIM: (encr) AT_NEXT_REAUTH_ID", @@ -635,14 +643,13 @@ static struct wpabuf * eap_sim_process_start(struct eap_sm *sm, } os_free(data->ver_list); - data->ver_list = os_malloc(attr->version_list_len); + data->ver_list = os_memdup(attr->version_list, attr->version_list_len); if (data->ver_list == NULL) { wpa_printf(MSG_DEBUG, "EAP-SIM: Failed to allocate " "memory for version list"); return eap_sim_client_error(data, id, EAP_SIM_UNABLE_TO_PROCESS_PACKET); } - os_memcpy(data->ver_list, attr->version_list, attr->version_list_len); data->ver_list_len = attr->version_list_len; pos = data->ver_list; for (i = 0; i < data->ver_list_len / 2; i++) { @@ -764,8 +771,17 @@ static struct wpabuf * eap_sim_process_challenge(struct eap_sm *sm, } else if (data->pseudonym) { identity = data->pseudonym; identity_len = data->pseudonym_len; - } else - identity = eap_get_config_identity(sm, &identity_len); + } else { + struct eap_peer_config *config; + + config = eap_get_config(sm); + if (config && config->imsi_identity) { + identity = config->imsi_identity; + identity_len = config->imsi_identity_len; + } else { + identity = eap_get_config_identity(sm, &identity_len); + } + } wpa_hexdump_ascii(MSG_DEBUG, "EAP-SIM: Selected identity for MK " "derivation", identity, identity_len); eap_sim_derive_mk(identity, identity_len, data->nonce_mt, @@ -908,6 +924,7 @@ static struct wpabuf * eap_sim_process_notification( eap_sim_report_notification(sm->msg_ctx, attr->notification, 0); if (attr->notification >= 0 && attr->notification < 32768) { + data->error_code = attr->notification; eap_sim_state(data, FAILURE); } else if (attr->notification == EAP_SIM_SUCCESS && data->state == RESULT_SUCCESS) @@ -1181,12 +1198,11 @@ static u8 * eap_sim_getKey(struct eap_sm *sm, void *priv, size_t *len) if (data->state != SUCCESS) return NULL; - key = os_malloc(EAP_SIM_KEYING_DATA_LEN); + key = os_memdup(data->msk, EAP_SIM_KEYING_DATA_LEN); if (key == NULL) return NULL; *len = EAP_SIM_KEYING_DATA_LEN; - os_memcpy(key, data->msk, EAP_SIM_KEYING_DATA_LEN); return key; } @@ -1223,17 +1239,33 @@ static u8 * eap_sim_get_emsk(struct eap_sm *sm, void *priv, size_t *len) if (data->state != SUCCESS) return NULL; - key = os_malloc(EAP_EMSK_LEN); + key = os_memdup(data->emsk, EAP_EMSK_LEN); if (key == NULL) return NULL; *len = EAP_EMSK_LEN; - os_memcpy(key, data->emsk, EAP_EMSK_LEN); return key; } +static int eap_sim_get_error_code(void *priv) +{ + struct eap_sim_data *data = priv; + int current_data_error; + + if (!data) + return NO_EAP_METHOD_ERROR; + + current_data_error = data->error_code; + + /* Now reset for next transaction */ + data->error_code = NO_EAP_METHOD_ERROR; + + return current_data_error; +} + + int eap_peer_sim_register(void) { struct eap_method *eap; @@ -1254,6 +1286,7 @@ int eap_peer_sim_register(void) eap->init_for_reauth = eap_sim_init_for_reauth; eap->get_identity = eap_sim_get_identity; eap->get_emsk = eap_sim_get_emsk; + eap->get_error_code = eap_sim_get_error_code; return eap_peer_method_register(eap); } diff --git a/contrib/wpa/src/eap_peer/eap_tls.c b/contrib/wpa/src/eap_peer/eap_tls.c index ca2354f8a785..cb747026cb8a 100644 --- a/contrib/wpa/src/eap_peer/eap_tls.c +++ b/contrib/wpa/src/eap_peer/eap_tls.c @@ -173,14 +173,31 @@ static struct wpabuf * eap_tls_failure(struct eap_sm *sm, static void eap_tls_success(struct eap_sm *sm, struct eap_tls_data *data, struct eap_method_ret *ret) { + const char *label; + wpa_printf(MSG_DEBUG, "EAP-TLS: Done"); - ret->methodState = METHOD_DONE; - ret->decision = DECISION_UNCOND_SUCC; + if (data->ssl.tls_out) { + wpa_printf(MSG_DEBUG, "EAP-TLS: Fragment(s) remaining"); + return; + } + + if (data->ssl.tls_v13) { + label = "EXPORTER_EAP_TLS_Key_Material"; + + /* A possible NewSessionTicket may be received before + * EAP-Success, so need to allow it to be received. */ + ret->methodState = METHOD_MAY_CONT; + ret->decision = DECISION_COND_SUCC; + } else { + label = "client EAP encryption"; + + ret->methodState = METHOD_DONE; + ret->decision = DECISION_UNCOND_SUCC; + } eap_tls_free_key(data); - data->key_data = eap_peer_tls_derive_key(sm, &data->ssl, - "client EAP encryption", + data->key_data = eap_peer_tls_derive_key(sm, &data->ssl, label, EAP_TLS_KEY_LEN + EAP_EMSK_LEN); if (data->key_data) { @@ -338,12 +355,11 @@ static u8 * eap_tls_getKey(struct eap_sm *sm, void *priv, size_t *len) if (data->key_data == NULL) return NULL; - key = os_malloc(EAP_TLS_KEY_LEN); + key = os_memdup(data->key_data, EAP_TLS_KEY_LEN); if (key == NULL) return NULL; *len = EAP_TLS_KEY_LEN; - os_memcpy(key, data->key_data, EAP_TLS_KEY_LEN); return key; } @@ -357,12 +373,11 @@ static u8 * eap_tls_get_emsk(struct eap_sm *sm, void *priv, size_t *len) if (data->key_data == NULL) return NULL; - key = os_malloc(EAP_EMSK_LEN); + key = os_memdup(data->key_data + EAP_TLS_KEY_LEN, EAP_EMSK_LEN); if (key == NULL) return NULL; *len = EAP_EMSK_LEN; - os_memcpy(key, data->key_data + EAP_TLS_KEY_LEN, EAP_EMSK_LEN); return key; } @@ -376,12 +391,11 @@ static u8 * eap_tls_get_session_id(struct eap_sm *sm, void *priv, size_t *len) if (data->session_id == NULL) return NULL; - id = os_malloc(data->id_len); + id = os_memdup(data->session_id, data->id_len); if (id == NULL) return NULL; *len = data->id_len; - os_memcpy(id, data->session_id, data->id_len); return id; } diff --git a/contrib/wpa/src/eap_peer/eap_tls_common.c b/contrib/wpa/src/eap_peer/eap_tls_common.c index 0dcb9c138f81..0de131526a51 100644 --- a/contrib/wpa/src/eap_peer/eap_tls_common.c +++ b/contrib/wpa/src/eap_peer/eap_tls_common.c @@ -80,10 +80,22 @@ static void eap_tls_params_flags(struct tls_connection_params *params, params->flags |= TLS_CONN_DISABLE_TLSv1_2; if (os_strstr(txt, "tls_disable_tlsv1_2=0")) params->flags &= ~TLS_CONN_DISABLE_TLSv1_2; + if (os_strstr(txt, "tls_disable_tlsv1_3=1")) + params->flags |= TLS_CONN_DISABLE_TLSv1_3; + if (os_strstr(txt, "tls_disable_tlsv1_3=0")) + params->flags &= ~TLS_CONN_DISABLE_TLSv1_3; if (os_strstr(txt, "tls_ext_cert_check=1")) params->flags |= TLS_CONN_EXT_CERT_CHECK; if (os_strstr(txt, "tls_ext_cert_check=0")) params->flags &= ~TLS_CONN_EXT_CERT_CHECK; + if (os_strstr(txt, "tls_suiteb=1")) + params->flags |= TLS_CONN_SUITEB; + if (os_strstr(txt, "tls_suiteb=0")) + params->flags &= ~TLS_CONN_SUITEB; + if (os_strstr(txt, "tls_suiteb_no_ecdh=1")) + params->flags |= TLS_CONN_SUITEB_NO_ECDH; + if (os_strstr(txt, "tls_suiteb_no_ecdh=0")) + params->flags &= ~TLS_CONN_SUITEB_NO_ECDH; } @@ -151,6 +163,23 @@ static int eap_tls_params_from_conf(struct eap_sm *sm, */ params->flags |= TLS_CONN_DISABLE_SESSION_TICKET; } + if (data->eap_type == EAP_TYPE_FAST || + data->eap_type == EAP_TYPE_TTLS || + data->eap_type == EAP_TYPE_PEAP) { + /* The current EAP peer implementation is not yet ready for the + * TLS v1.3 changes, so disable this by default for now. */ + params->flags |= TLS_CONN_DISABLE_TLSv1_3; + } + if (data->eap_type == EAP_TYPE_TLS) { + /* While the current EAP-TLS implementation is more or less + * complete for TLS v1.3, there has been no interoperability + * testing with other implementations, so disable for by default + * for now until there has been chance to confirm that no + * significant interoperability issues show up with TLS version + * update. + */ + params->flags |= TLS_CONN_DISABLE_TLSv1_3; + } if (phase2) { wpa_printf(MSG_DEBUG, "TLS: using phase2 config options"); eap_tls_params_from_conf2(params, config); @@ -358,6 +387,13 @@ u8 * eap_peer_tls_derive_session_id(struct eap_sm *sm, struct tls_random keys; u8 *out; + if (eap_type == EAP_TYPE_TLS && data->tls_v13) { + *len = 64; + return eap_peer_tls_derive_key(sm, data, + "EXPORTER_EAP_TLS_Session-Id", + 64); + } + if (tls_connection_get_random(sm->ssl_ctx, data->conn, &keys) || keys.client_random == NULL || keys.server_random == NULL) return NULL; @@ -661,6 +697,8 @@ int eap_peer_tls_process_helper(struct eap_sm *sm, struct eap_ssl_data *data, * the AS. */ int res = eap_tls_process_input(sm, data, in_data, out_data); + char buf[20]; + if (res) { /* * Input processing failed (res = -1) or more data is @@ -673,6 +711,12 @@ int eap_peer_tls_process_helper(struct eap_sm *sm, struct eap_ssl_data *data, * The incoming message has been reassembled and processed. The * response was allocated into data->tls_out buffer. */ + + if (tls_get_version(data->ssl_ctx, data->conn, + buf, sizeof(buf)) == 0) { + wpa_printf(MSG_DEBUG, "SSL: Using TLS version %s", buf); + data->tls_v13 = os_strcmp(buf, "TLSv1.3") == 0; + } } if (data->tls_out == NULL) { diff --git a/contrib/wpa/src/eap_peer/eap_tls_common.h b/contrib/wpa/src/eap_peer/eap_tls_common.h index acd2b783617f..306e6a98bc3f 100644 --- a/contrib/wpa/src/eap_peer/eap_tls_common.h +++ b/contrib/wpa/src/eap_peer/eap_tls_common.h @@ -73,6 +73,11 @@ struct eap_ssl_data { * eap_type - EAP method used in Phase 1 (EAP_TYPE_TLS/PEAP/TTLS/FAST) */ u8 eap_type; + + /** + * tls_v13 - Whether TLS v1.3 or newer is used + */ + int tls_v13; }; diff --git a/contrib/wpa/src/eap_peer/eap_ttls.c b/contrib/wpa/src/eap_peer/eap_ttls.c index 92f94dcd6019..f18788ce8cb5 100644 --- a/contrib/wpa/src/eap_peer/eap_ttls.c +++ b/contrib/wpa/src/eap_peer/eap_ttls.c @@ -458,7 +458,7 @@ static int eap_ttls_phase2_request_eap(struct eap_sm *sm, if (*resp == NULL && (config->pending_req_identity || config->pending_req_password || - config->pending_req_otp)) { + config->pending_req_otp || config->pending_req_sim)) { return 0; } @@ -624,12 +624,28 @@ static int eap_ttls_phase2_request_mschap(struct eap_sm *sm, os_memset(pos, 0, 24); /* LM-Response */ pos += 24; if (pwhash) { - challenge_response(challenge, password, pos); /* NT-Response */ + /* NT-Response */ + if (challenge_response(challenge, password, pos)) { + wpa_printf(MSG_ERROR, + "EAP-TTLS/MSCHAP: Failed derive password hash"); + wpabuf_free(msg); + os_free(challenge); + return -1; + } + wpa_hexdump_key(MSG_DEBUG, "EAP-TTLS: MSCHAP password hash", password, 16); } else { - nt_challenge_response(challenge, password, password_len, - pos); /* NT-Response */ + /* NT-Response */ + if (nt_challenge_response(challenge, password, password_len, + pos)) { + wpa_printf(MSG_ERROR, + "EAP-TTLS/MSCHAP: Failed derive password"); + wpabuf_free(msg); + os_free(challenge); + return -1; + } + wpa_hexdump_ascii_key(MSG_DEBUG, "EAP-TTLS: MSCHAP password", password, password_len); } @@ -870,13 +886,12 @@ static int eap_ttls_parse_attr_eap(const u8 *dpos, size_t dlen, { wpa_printf(MSG_DEBUG, "EAP-TTLS: AVP - EAP Message"); if (parse->eapdata == NULL) { - parse->eapdata = os_malloc(dlen); + parse->eapdata = os_memdup(dpos, dlen); if (parse->eapdata == NULL) { wpa_printf(MSG_WARNING, "EAP-TTLS: Failed to allocate " "memory for Phase 2 EAP data"); return -1; } - os_memcpy(parse->eapdata, dpos, dlen); parse->eap_len = dlen; } else { u8 *neweap = os_realloc(parse->eapdata, parse->eap_len + dlen); @@ -1280,7 +1295,8 @@ static int eap_ttls_process_decrypted(struct eap_sm *sm, } else if (config->pending_req_identity || config->pending_req_password || config->pending_req_otp || - config->pending_req_new_password) { + config->pending_req_new_password || + config->pending_req_sim) { wpabuf_free(data->pending_phase2_req); data->pending_phase2_req = wpabuf_dup(in_decrypted); } @@ -1317,7 +1333,8 @@ static int eap_ttls_implicit_identity_request(struct eap_sm *sm, (config->pending_req_identity || config->pending_req_password || config->pending_req_otp || - config->pending_req_new_password)) { + config->pending_req_new_password || + config->pending_req_sim)) { /* * Use empty buffer to force implicit request * processing when EAP request is re-processed after @@ -1537,7 +1554,7 @@ static int eap_ttls_process_handshake(struct eap_sm *sm, } -static void eap_ttls_check_auth_status(struct eap_sm *sm, +static void eap_ttls_check_auth_status(struct eap_sm *sm, struct eap_ttls_data *data, struct eap_method_ret *ret) { @@ -1648,6 +1665,10 @@ static Boolean eap_ttls_has_reauth_data(struct eap_sm *sm, void *priv) static void eap_ttls_deinit_for_reauth(struct eap_sm *sm, void *priv) { struct eap_ttls_data *data = priv; + + if (data->phase2_priv && data->phase2_method && + data->phase2_method->deinit_for_reauth) + data->phase2_method->deinit_for_reauth(sm, data->phase2_priv); wpabuf_free(data->pending_phase2_req); data->pending_phase2_req = NULL; wpabuf_free(data->pending_resp); @@ -1739,12 +1760,11 @@ static u8 * eap_ttls_getKey(struct eap_sm *sm, void *priv, size_t *len) if (data->key_data == NULL || !data->phase2_success) return NULL; - key = os_malloc(EAP_TLS_KEY_LEN); + key = os_memdup(data->key_data, EAP_TLS_KEY_LEN); if (key == NULL) return NULL; *len = EAP_TLS_KEY_LEN; - os_memcpy(key, data->key_data, EAP_TLS_KEY_LEN); return key; } @@ -1758,12 +1778,11 @@ static u8 * eap_ttls_get_session_id(struct eap_sm *sm, void *priv, size_t *len) if (data->session_id == NULL || !data->phase2_success) return NULL; - id = os_malloc(data->id_len); + id = os_memdup(data->session_id, data->id_len); if (id == NULL) return NULL; *len = data->id_len; - os_memcpy(id, data->session_id, data->id_len); return id; } @@ -1777,12 +1796,11 @@ static u8 * eap_ttls_get_emsk(struct eap_sm *sm, void *priv, size_t *len) if (data->key_data == NULL) return NULL; - key = os_malloc(EAP_EMSK_LEN); + key = os_memdup(data->key_data + EAP_TLS_KEY_LEN, EAP_EMSK_LEN); if (key == NULL) return NULL; *len = EAP_EMSK_LEN; - os_memcpy(key, data->key_data + EAP_TLS_KEY_LEN, EAP_EMSK_LEN); return key; } diff --git a/contrib/wpa/src/eap_peer/ikev2.c b/contrib/wpa/src/eap_peer/ikev2.c index ca6502ea02e7..7bd97b1b997e 100644 --- a/contrib/wpa/src/eap_peer/ikev2.c +++ b/contrib/wpa/src/eap_peer/ikev2.c @@ -476,10 +476,9 @@ static int ikev2_process_idi(struct ikev2_responder_data *data, wpa_printf(MSG_DEBUG, "IKEV2: IDi ID Type %d", id_type); wpa_hexdump_ascii(MSG_DEBUG, "IKEV2: IDi", idi, idi_len); os_free(data->IDi); - data->IDi = os_malloc(idi_len); + data->IDi = os_memdup(idi, idi_len); if (data->IDi == NULL) return -1; - os_memcpy(data->IDi, idi, idi_len); data->IDi_len = idi_len; data->IDi_type = id_type; diff --git a/contrib/wpa/src/eap_peer/tncc.c b/contrib/wpa/src/eap_peer/tncc.c index 0c5caa7dd522..a9bafe2886c0 100644 --- a/contrib/wpa/src/eap_peer/tncc.c +++ b/contrib/wpa/src/eap_peer/tncc.c @@ -126,12 +126,10 @@ static TNC_Result TNC_TNCC_ReportMessageTypes( imc = tnc_imc[imcID]; os_free(imc->supported_types); - imc->supported_types = - os_malloc(typeCount * sizeof(TNC_MessageType)); + imc->supported_types = os_memdup(supportedTypes, + typeCount * sizeof(TNC_MessageType)); if (imc->supported_types == NULL) return TNC_RESULT_FATAL; - os_memcpy(imc->supported_types, supportedTypes, - typeCount * sizeof(TNC_MessageType)); imc->num_supported_types = typeCount; return TNC_RESULT_SUCCESS; diff --git a/contrib/wpa/src/eap_server/eap.h b/contrib/wpa/src/eap_server/eap.h index 69eaab8de946..4fbc661c22fe 100644 --- a/contrib/wpa/src/eap_server/eap.h +++ b/contrib/wpa/src/eap_server/eap.h @@ -31,6 +31,8 @@ struct eap_user { size_t password_len; int password_hash; /* whether password is hashed with * nt_password_hash() */ + u8 *salt; + size_t salt_len; int phase2; int force_version; unsigned int remediation:1; @@ -38,6 +40,7 @@ struct eap_user { int ttls_auth; /* bitfield of * EAP_TTLS_AUTH_{PAP,CHAP,MSCHAP,MSCHAPV2} */ struct hostapd_radius_attr *accept_attr; + u32 t_c_timestamp; }; struct eap_eapol_interface { @@ -132,6 +135,7 @@ struct eap_config { size_t server_id_len; int erp; unsigned int tls_session_lifetime; + unsigned int tls_flags; #ifdef CONFIG_TESTING_OPTIONS u32 tls_test_flags; @@ -148,10 +152,12 @@ void eap_sm_notify_cached(struct eap_sm *sm); void eap_sm_pending_cb(struct eap_sm *sm); int eap_sm_method_pending(struct eap_sm *sm); const u8 * eap_get_identity(struct eap_sm *sm, size_t *len); +const char * eap_get_serial_num(struct eap_sm *sm); struct eap_eapol_interface * eap_get_interface(struct eap_sm *sm); void eap_server_clear_identity(struct eap_sm *sm); void eap_server_mschap_rx_callback(struct eap_sm *sm, const char *source, const u8 *username, size_t username_len, const u8 *challenge, const u8 *response); +void eap_erp_update_identity(struct eap_sm *sm, const u8 *eap, size_t len); #endif /* EAP_H */ diff --git a/contrib/wpa/src/eap_server/eap_i.h b/contrib/wpa/src/eap_server/eap_i.h index c90443d19cb9..cf8a9f0d98e1 100644 --- a/contrib/wpa/src/eap_server/eap_i.h +++ b/contrib/wpa/src/eap_server/eap_i.h @@ -159,6 +159,7 @@ struct eap_sm { void *eap_method_priv; u8 *identity; size_t identity_len; + char *serial_num; /* Whether Phase 2 method should validate identity match */ int require_identity_match; int lastId; /* Identifier used in the last EAP-Packet */ @@ -211,6 +212,7 @@ struct eap_sm { Boolean try_initiate_reauth; int erp; unsigned int tls_session_lifetime; + unsigned int tls_flags; #ifdef CONFIG_TESTING_OPTIONS u32 tls_test_flags; diff --git a/contrib/wpa/src/eap_server/eap_server.c b/contrib/wpa/src/eap_server/eap_server.c index 84ecafc7ca3e..38a1b5c9ee22 100644 --- a/contrib/wpa/src/eap_server/eap_server.c +++ b/contrib/wpa/src/eap_server/eap_server.c @@ -326,6 +326,9 @@ SM_STATE(EAP, RETRANSMIT) if (eap_copy_buf(&sm->eap_if.eapReqData, sm->lastReqData) == 0) sm->eap_if.eapReq = TRUE; } + + wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_RETRANSMIT MACSTR, + MAC2STR(sm->peer_addr)); } @@ -415,7 +418,7 @@ static void eap_server_erp_init(struct eap_sm *sm) u8 *emsk = NULL; size_t emsk_len = 0; u8 EMSKname[EAP_EMSK_NAME_LEN]; - u8 len[2]; + u8 len[2], ctx[3]; const char *domain; size_t domain_len, nai_buf_len; struct eap_server_erp_key *erp = NULL; @@ -452,7 +455,7 @@ static void eap_server_erp_init(struct eap_sm *sm) wpa_hexdump_key(MSG_DEBUG, "EAP: EMSK", emsk, emsk_len); - WPA_PUT_BE16(len, 8); + WPA_PUT_BE16(len, EAP_EMSK_NAME_LEN); if (hmac_sha256_kdf(sm->eap_if.eapSessionId, sm->eap_if.eapSessionIdLen, "EMSK", len, sizeof(len), EMSKname, EAP_EMSK_NAME_LEN) < 0) { @@ -476,9 +479,11 @@ static void eap_server_erp_init(struct eap_sm *sm) erp->rRK_len = emsk_len; wpa_hexdump_key(MSG_DEBUG, "EAP: ERP rRK", erp->rRK, erp->rRK_len); + ctx[0] = EAP_ERP_CS_HMAC_SHA256_128; + WPA_PUT_BE16(&ctx[1], erp->rRK_len); if (hmac_sha256_kdf(erp->rRK, erp->rRK_len, - "EAP Re-authentication Integrity Key@ietf.org", - len, sizeof(len), erp->rIK, erp->rRK_len) < 0) { + "Re-authentication Integrity Key@ietf.org", + ctx, sizeof(ctx), erp->rIK, erp->rRK_len) < 0) { wpa_printf(MSG_DEBUG, "EAP: Could not derive rIK for ERP"); goto fail; } @@ -632,6 +637,9 @@ SM_STATE(EAP, TIMEOUT_FAILURE) SM_ENTRY(EAP, TIMEOUT_FAILURE); sm->eap_if.eapTimeout = TRUE; + + wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_TIMEOUT_FAILURE MACSTR, + MAC2STR(sm->peer_addr)); } @@ -1009,6 +1017,9 @@ SM_STATE(EAP, RETRANSMIT2) if (eap_copy_buf(&sm->eap_if.eapReqData, sm->lastReqData) == 0) sm->eap_if.eapReq = TRUE; } + + wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_RETRANSMIT2 MACSTR, + MAC2STR(sm->peer_addr)); } @@ -1099,6 +1110,9 @@ SM_STATE(EAP, TIMEOUT_FAILURE2) SM_ENTRY(EAP, TIMEOUT_FAILURE2); sm->eap_if.eapTimeout = TRUE; + + wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_TIMEOUT_FAILURE2 MACSTR, + MAC2STR(sm->peer_addr)); } @@ -1108,6 +1122,9 @@ SM_STATE(EAP, FAILURE2) eap_copy_buf(&sm->eap_if.eapReqData, sm->eap_if.aaaEapReqData); sm->eap_if.eapFail = TRUE; + + wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_FAILURE2 MACSTR, + MAC2STR(sm->peer_addr)); } @@ -1134,6 +1151,9 @@ SM_STATE(EAP, SUCCESS2) * started properly. */ sm->start_reauth = TRUE; + + wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_SUCCESS2 MACSTR, + MAC2STR(sm->peer_addr)); } @@ -1800,6 +1820,8 @@ static void eap_user_free(struct eap_user *user) return; bin_clear_free(user->password, user->password_len); user->password = NULL; + bin_clear_free(user->salt, user->salt_len); + user->salt = NULL; os_free(user); } @@ -1866,6 +1888,7 @@ struct eap_sm * eap_server_sm_init(void *eapol_ctx, sm->server_id_len = conf->server_id_len; sm->erp = conf->erp; sm->tls_session_lifetime = conf->tls_session_lifetime; + sm->tls_flags = conf->tls_flags; #ifdef CONFIG_TESTING_OPTIONS sm->tls_test_flags = conf->tls_test_flags; @@ -1897,6 +1920,7 @@ void eap_server_sm_deinit(struct eap_sm *sm) wpabuf_free(sm->lastReqData); wpabuf_free(sm->eap_if.eapRespData); os_free(sm->identity); + os_free(sm->serial_num); os_free(sm->pac_opaque_encr_key); os_free(sm->eap_fast_a_id); os_free(sm->eap_fast_a_id_info); @@ -1969,6 +1993,55 @@ const u8 * eap_get_identity(struct eap_sm *sm, size_t *len) /** + * eap_get_serial_num - Get the serial number of user certificate + * @sm: Pointer to EAP state machine allocated with eap_server_sm_init() + * Returns: Pointer to the serial number or %NULL if not available + */ +const char * eap_get_serial_num(struct eap_sm *sm) +{ + return sm->serial_num; +} + + +void eap_erp_update_identity(struct eap_sm *sm, const u8 *eap, size_t len) +{ +#ifdef CONFIG_ERP + const struct eap_hdr *hdr; + const u8 *pos, *end; + struct erp_tlvs parse; + + if (len < sizeof(*hdr) + 1) + return; + hdr = (const struct eap_hdr *) eap; + end = eap + len; + pos = (const u8 *) (hdr + 1); + if (hdr->code != EAP_CODE_INITIATE || *pos != EAP_ERP_TYPE_REAUTH) + return; + pos++; + if (pos + 3 > end) + return; + + /* Skip Flags and SEQ */ + pos += 3; + + if (erp_parse_tlvs(pos, end, &parse, 1) < 0 || !parse.keyname) + return; + wpa_hexdump_ascii(MSG_DEBUG, + "EAP: Update identity based on EAP-Initiate/Re-auth keyName-NAI", + parse.keyname, parse.keyname_len); + os_free(sm->identity); + sm->identity = os_malloc(parse.keyname_len); + if (sm->identity) { + os_memcpy(sm->identity, parse.keyname, parse.keyname_len); + sm->identity_len = parse.keyname_len; + } else { + sm->identity_len = 0; + } +#endif /* CONFIG_ERP */ +} + + +/** * eap_get_interface - Get pointer to EAP-EAPOL interface data * @sm: Pointer to EAP state machine allocated with eap_server_sm_init() * Returns: Pointer to the EAP-EAPOL interface data diff --git a/contrib/wpa/src/eap_server/eap_server_aka.c b/contrib/wpa/src/eap_server/eap_server_aka.c index a8bb5eae6b56..175021163c1d 100644 --- a/contrib/wpa/src/eap_server/eap_server_aka.c +++ b/contrib/wpa/src/eap_server/eap_server_aka.c @@ -1261,10 +1261,9 @@ static u8 * eap_aka_getKey(struct eap_sm *sm, void *priv, size_t *len) if (data->state != SUCCESS) return NULL; - key = os_malloc(EAP_SIM_KEYING_DATA_LEN); + key = os_memdup(data->msk, EAP_SIM_KEYING_DATA_LEN); if (key == NULL) return NULL; - os_memcpy(key, data->msk, EAP_SIM_KEYING_DATA_LEN); *len = EAP_SIM_KEYING_DATA_LEN; return key; } @@ -1278,10 +1277,9 @@ static u8 * eap_aka_get_emsk(struct eap_sm *sm, void *priv, size_t *len) if (data->state != SUCCESS) return NULL; - key = os_malloc(EAP_EMSK_LEN); + key = os_memdup(data->emsk, EAP_EMSK_LEN); if (key == NULL) return NULL; - os_memcpy(key, data->emsk, EAP_EMSK_LEN); *len = EAP_EMSK_LEN; return key; } diff --git a/contrib/wpa/src/eap_server/eap_server_eke.c b/contrib/wpa/src/eap_server/eap_server_eke.c index 1eba8f515648..71580bf7bf52 100644 --- a/contrib/wpa/src/eap_server/eap_server_eke.c +++ b/contrib/wpa/src/eap_server/eap_server_eke.c @@ -467,13 +467,12 @@ static void eap_eke_process_identity(struct eap_sm *sm, data->peerid_type = *pos++; os_free(data->peerid); - data->peerid = os_malloc(end - pos); + data->peerid = os_memdup(pos, end - pos); if (data->peerid == NULL) { wpa_printf(MSG_INFO, "EAP-EKE: Failed to allocate memory for peerid"); eap_eke_fail(data, EAP_EKE_FAIL_PRIVATE_INTERNAL_ERROR); return; } - os_memcpy(data->peerid, pos, end - pos); data->peerid_len = end - pos; wpa_printf(MSG_DEBUG, "EAP-EKE: Peer IDType %u", data->peerid_type); wpa_hexdump_ascii(MSG_DEBUG, "EAP-EKE: Peer Identity", @@ -731,10 +730,9 @@ static u8 * eap_eke_getKey(struct eap_sm *sm, void *priv, size_t *len) if (data->state != SUCCESS) return NULL; - key = os_malloc(EAP_MSK_LEN); + key = os_memdup(data->msk, EAP_MSK_LEN); if (key == NULL) return NULL; - os_memcpy(key, data->msk, EAP_MSK_LEN); *len = EAP_MSK_LEN; return key; @@ -749,10 +747,9 @@ static u8 * eap_eke_get_emsk(struct eap_sm *sm, void *priv, size_t *len) if (data->state != SUCCESS) return NULL; - key = os_malloc(EAP_EMSK_LEN); + key = os_memdup(data->emsk, EAP_EMSK_LEN); if (key == NULL) return NULL; - os_memcpy(key, data->emsk, EAP_EMSK_LEN); *len = EAP_EMSK_LEN; return key; diff --git a/contrib/wpa/src/eap_server/eap_server_fast.c b/contrib/wpa/src/eap_server/eap_server_fast.c index 20491726880e..a63f820465c8 100644 --- a/contrib/wpa/src/eap_server/eap_server_fast.c +++ b/contrib/wpa/src/eap_server/eap_server_fast.c @@ -471,12 +471,11 @@ static void * eap_fast_init(struct eap_sm *sm) eap_fast_reset(sm, data); return NULL; } - data->srv_id = os_malloc(sm->eap_fast_a_id_len); + data->srv_id = os_memdup(sm->eap_fast_a_id, sm->eap_fast_a_id_len); if (data->srv_id == NULL) { eap_fast_reset(sm, data); return NULL; } - os_memcpy(data->srv_id, sm->eap_fast_a_id, sm->eap_fast_a_id_len); data->srv_id_len = sm->eap_fast_a_id_len; if (sm->eap_fast_a_id_info == NULL) { @@ -561,7 +560,7 @@ static int eap_fast_phase1_done(struct eap_sm *sm, struct eap_fast_data *data) return -1; } data->anon_provisioning = os_strstr(cipher, "ADH") != NULL; - + if (data->anon_provisioning) { wpa_printf(MSG_DEBUG, "EAP-FAST: Anonymous provisioning"); eap_fast_derive_key_provisioning(sm, data); @@ -789,7 +788,7 @@ static struct wpabuf * eap_fast_build_pac(struct eap_sm *sm, /* A-ID (inside PAC-Info) */ eap_fast_put_tlv(buf, PAC_TYPE_A_ID, data->srv_id, data->srv_id_len); - + /* Note: headers may be misaligned after A-ID */ if (sm->identity) { @@ -1517,7 +1516,7 @@ static void eap_fast_process_msg(struct eap_sm *sm, void *priv, if (eap_fast_process_phase1(sm, data)) break; - /* fall through to PHASE2_START */ + /* fall through */ case PHASE2_START: eap_fast_process_phase2_start(sm, data); break; diff --git a/contrib/wpa/src/eap_server/eap_server_gpsk.c b/contrib/wpa/src/eap_server/eap_server_gpsk.c index 94e74ec9b2f7..fb3d11748c8c 100644 --- a/contrib/wpa/src/eap_server/eap_server_gpsk.c +++ b/contrib/wpa/src/eap_server/eap_server_gpsk.c @@ -269,13 +269,12 @@ static void eap_gpsk_process_gpsk_2(struct eap_sm *sm, return; } os_free(data->id_peer); - data->id_peer = os_malloc(alen); + data->id_peer = os_memdup(pos, alen); if (data->id_peer == NULL) { wpa_printf(MSG_DEBUG, "EAP-GPSK: Not enough memory to store " "%d-octet ID_Peer", alen); return; } - os_memcpy(data->id_peer, pos, alen); data->id_peer_len = alen; wpa_hexdump_ascii(MSG_DEBUG, "EAP-GPSK: ID_Peer", data->id_peer, data->id_peer_len); @@ -575,10 +574,9 @@ static u8 * eap_gpsk_getKey(struct eap_sm *sm, void *priv, size_t *len) if (data->state != SUCCESS) return NULL; - key = os_malloc(EAP_MSK_LEN); + key = os_memdup(data->msk, EAP_MSK_LEN); if (key == NULL) return NULL; - os_memcpy(key, data->msk, EAP_MSK_LEN); *len = EAP_MSK_LEN; return key; @@ -593,10 +591,9 @@ static u8 * eap_gpsk_get_emsk(struct eap_sm *sm, void *priv, size_t *len) if (data->state != SUCCESS) return NULL; - key = os_malloc(EAP_EMSK_LEN); + key = os_memdup(data->emsk, EAP_EMSK_LEN); if (key == NULL) return NULL; - os_memcpy(key, data->emsk, EAP_EMSK_LEN); *len = EAP_EMSK_LEN; return key; @@ -618,10 +615,9 @@ static u8 * eap_gpsk_get_session_id(struct eap_sm *sm, void *priv, size_t *len) if (data->state != SUCCESS) return NULL; - sid = os_malloc(data->id_len); + sid = os_memdup(data->session_id, data->id_len); if (sid == NULL) return NULL; - os_memcpy(sid, data->session_id, data->id_len); *len = data->id_len; return sid; diff --git a/contrib/wpa/src/eap_server/eap_server_gtc.c b/contrib/wpa/src/eap_server/eap_server_gtc.c index 193a8517ac08..fcccbcbd5efa 100644 --- a/contrib/wpa/src/eap_server/eap_server_gtc.c +++ b/contrib/wpa/src/eap_server/eap_server_gtc.c @@ -141,12 +141,11 @@ static void eap_gtc_process(struct eap_sm *sm, void *priv, } else { os_free(sm->identity); sm->identity_len = pos2 - pos; - sm->identity = os_malloc(sm->identity_len); + sm->identity = os_memdup(pos, sm->identity_len); if (sm->identity == NULL) { data->state = FAILURE; return; } - os_memcpy(sm->identity, pos, sm->identity_len); } if (eap_user_get(sm, sm->identity, sm->identity_len, 1) != 0) { diff --git a/contrib/wpa/src/eap_server/eap_server_ikev2.c b/contrib/wpa/src/eap_server/eap_server_ikev2.c index 3a249d141e0c..32e6872045c5 100644 --- a/contrib/wpa/src/eap_server/eap_server_ikev2.c +++ b/contrib/wpa/src/eap_server/eap_server_ikev2.c @@ -103,10 +103,9 @@ static void * eap_ikev2_init(struct eap_sm *sm) data->ikev2.proposal.encr = ENCR_AES_CBC; data->ikev2.proposal.dh = DH_GROUP2_1024BIT_MODP; - data->ikev2.IDi = os_malloc(sm->server_id_len); + data->ikev2.IDi = os_memdup(sm->server_id, sm->server_id_len); if (data->ikev2.IDi == NULL) goto failed; - os_memcpy(data->ikev2.IDi, sm->server_id, sm->server_id_len); data->ikev2.IDi_len = sm->server_id_len; data->ikev2.get_shared_secret = eap_ikev2_get_shared_secret; @@ -224,7 +223,7 @@ static struct wpabuf * eap_ikev2_buildReq(struct eap_sm *sm, void *priv, u8 id) } data->out_used = 0; } - /* pass through */ + /* fall through */ case WAIT_FRAG_ACK: return eap_ikev2_build_msg(data, id); case FRAG_ACK: diff --git a/contrib/wpa/src/eap_server/eap_server_mschapv2.c b/contrib/wpa/src/eap_server/eap_server_mschapv2.c index 460cd9c82ff5..6c47bb636aab 100644 --- a/contrib/wpa/src/eap_server/eap_server_mschapv2.c +++ b/contrib/wpa/src/eap_server/eap_server_mschapv2.c @@ -71,13 +71,12 @@ static void * eap_mschapv2_init(struct eap_sm *sm) } if (sm->peer_challenge) { - data->peer_challenge = os_malloc(CHALLENGE_LEN); + data->peer_challenge = os_memdup(sm->peer_challenge, + CHALLENGE_LEN); if (data->peer_challenge == NULL) { os_free(data); return NULL; } - os_memcpy(data->peer_challenge, sm->peer_challenge, - CHALLENGE_LEN); } return data; diff --git a/contrib/wpa/src/eap_server/eap_server_pax.c b/contrib/wpa/src/eap_server/eap_server_pax.c index 782b8c316537..3257789695cd 100644 --- a/contrib/wpa/src/eap_server/eap_server_pax.c +++ b/contrib/wpa/src/eap_server/eap_server_pax.c @@ -327,13 +327,12 @@ static void eap_pax_process_std_2(struct eap_sm *sm, } data->cid_len = cid_len; os_free(data->cid); - data->cid = os_malloc(data->cid_len); + data->cid = os_memdup(pos + 2, data->cid_len); if (data->cid == NULL) { wpa_printf(MSG_INFO, "EAP-PAX: Failed to allocate memory for " "CID"); return; } - os_memcpy(data->cid, pos + 2, data->cid_len); pos += 2 + data->cid_len; left -= 2 + data->cid_len; wpa_hexdump_ascii(MSG_MSGDUMP, "EAP-PAX: CID", diff --git a/contrib/wpa/src/eap_server/eap_server_psk.c b/contrib/wpa/src/eap_server/eap_server_psk.c index 857d421393bc..0eab89339ff6 100644 --- a/contrib/wpa/src/eap_server/eap_server_psk.c +++ b/contrib/wpa/src/eap_server/eap_server_psk.c @@ -236,13 +236,12 @@ static void eap_psk_process_2(struct eap_sm *sm, left -= sizeof(*resp); os_free(data->id_p); - data->id_p = os_malloc(left); + data->id_p = os_memdup(cpos, left); if (data->id_p == NULL) { wpa_printf(MSG_INFO, "EAP-PSK: Failed to allocate memory for " "ID_P"); return; } - os_memcpy(data->id_p, cpos, left); data->id_p_len = left; wpa_hexdump_ascii(MSG_MSGDUMP, "EAP-PSK: ID_P", data->id_p, data->id_p_len); @@ -371,10 +370,9 @@ static void eap_psk_process_4(struct eap_sm *sm, pos += 16; left -= 16; - decrypted = os_malloc(left); + decrypted = os_memdup(pos, left); if (decrypted == NULL) return; - os_memcpy(decrypted, pos, left); if (aes_128_eax_decrypt(data->tek, nonce, sizeof(nonce), wpabuf_head(respData), 22, decrypted, left, @@ -450,10 +448,9 @@ static u8 * eap_psk_getKey(struct eap_sm *sm, void *priv, size_t *len) if (data->state != SUCCESS) return NULL; - key = os_malloc(EAP_MSK_LEN); + key = os_memdup(data->msk, EAP_MSK_LEN); if (key == NULL) return NULL; - os_memcpy(key, data->msk, EAP_MSK_LEN); *len = EAP_MSK_LEN; return key; @@ -468,10 +465,9 @@ static u8 * eap_psk_get_emsk(struct eap_sm *sm, void *priv, size_t *len) if (data->state != SUCCESS) return NULL; - key = os_malloc(EAP_EMSK_LEN); + key = os_memdup(data->emsk, EAP_EMSK_LEN); if (key == NULL) return NULL; - os_memcpy(key, data->emsk, EAP_EMSK_LEN); *len = EAP_EMSK_LEN; return key; diff --git a/contrib/wpa/src/eap_server/eap_server_pwd.c b/contrib/wpa/src/eap_server/eap_server_pwd.c index 64bf708e039a..d0fa54a3aba7 100644 --- a/contrib/wpa/src/eap_server/eap_server_pwd.c +++ b/contrib/wpa/src/eap_server/eap_server_pwd.c @@ -11,6 +11,7 @@ #include "common.h" #include "crypto/sha256.h" #include "crypto/ms_funcs.h" +#include "crypto/crypto.h" #include "eap_server/eap_i.h" #include "eap_common/eap_pwd_common.h" @@ -26,8 +27,11 @@ struct eap_pwd_data { u8 *password; size_t password_len; int password_hash; + u8 *salt; + size_t salt_len; u32 token; u16 group_num; + u8 password_prep; EAP_PWD_group *grp; struct wpabuf *inbuf; @@ -36,20 +40,18 @@ struct eap_pwd_data { size_t out_frag_pos; size_t mtu; - BIGNUM *k; - BIGNUM *private_value; - BIGNUM *peer_scalar; - BIGNUM *my_scalar; - EC_POINT *my_element; - EC_POINT *peer_element; + struct crypto_bignum *k; + struct crypto_bignum *private_value; + struct crypto_bignum *peer_scalar; + struct crypto_bignum *my_scalar; + struct crypto_ec_point *my_element; + struct crypto_ec_point *peer_element; u8 my_confirm[SHA256_MAC_LEN]; u8 msk[EAP_MSK_LEN]; u8 emsk[EAP_EMSK_LEN]; u8 session_id[1 + SHA256_MAC_LEN]; - - BN_CTX *bnctx; }; @@ -116,13 +118,17 @@ static void * eap_pwd_init(struct eap_sm *sm) os_memcpy(data->password, sm->user->password, data->password_len); data->password_hash = sm->user->password_hash; - data->bnctx = BN_CTX_new(); - if (data->bnctx == NULL) { - wpa_printf(MSG_INFO, "EAP-PWD: bn context allocation fail"); - bin_clear_free(data->password, data->password_len); - bin_clear_free(data->id_server, data->id_server_len); - os_free(data); - return NULL; + data->salt_len = sm->user->salt_len; + if (data->salt_len) { + data->salt = os_memdup(sm->user->salt, sm->user->salt_len); + if (!data->salt) { + wpa_printf(MSG_INFO, + "EAP-pwd: Memory allocation of salt failed"); + bin_clear_free(data->id_server, data->id_server_len); + bin_clear_free(data->password, data->password_len); + os_free(data); + return NULL; + } } data->in_frag_pos = data->out_frag_pos = 0; @@ -138,21 +144,19 @@ static void eap_pwd_reset(struct eap_sm *sm, void *priv) { struct eap_pwd_data *data = priv; - BN_clear_free(data->private_value); - BN_clear_free(data->peer_scalar); - BN_clear_free(data->my_scalar); - BN_clear_free(data->k); - BN_CTX_free(data->bnctx); - EC_POINT_clear_free(data->my_element); - EC_POINT_clear_free(data->peer_element); + crypto_bignum_deinit(data->private_value, 1); + crypto_bignum_deinit(data->peer_scalar, 1); + crypto_bignum_deinit(data->my_scalar, 1); + crypto_bignum_deinit(data->k, 1); + crypto_ec_point_deinit(data->my_element, 1); + crypto_ec_point_deinit(data->peer_element, 1); bin_clear_free(data->id_peer, data->id_peer_len); bin_clear_free(data->id_server, data->id_server_len); bin_clear_free(data->password, data->password_len); + bin_clear_free(data->salt, data->salt_len); if (data->grp) { - EC_GROUP_free(data->grp->group); - EC_POINT_clear_free(data->grp->pwe); - BN_clear_free(data->grp->order); - BN_clear_free(data->grp->prime); + crypto_ec_deinit(data->grp->group); + crypto_ec_point_deinit(data->grp->pwe, 1); os_free(data->grp); } wpabuf_free(data->inbuf); @@ -185,12 +189,45 @@ static void eap_pwd_build_id_req(struct eap_sm *sm, struct eap_pwd_data *data, return; } + wpa_hexdump_key(MSG_DEBUG, "EAP-pwd (server): password", + data->password, data->password_len); + if (data->salt_len) + wpa_hexdump(MSG_DEBUG, "EAP-pwd (server): salt", + data->salt, data->salt_len); + + /* + * If this is a salted password then figure out how it was hashed + * based on the length. + */ + if (data->salt_len) { + switch (data->password_len) { + case 20: + data->password_prep = EAP_PWD_PREP_SSHA1; + break; + case 32: + data->password_prep = EAP_PWD_PREP_SSHA256; + break; + case 64: + data->password_prep = EAP_PWD_PREP_SSHA512; + break; + default: + wpa_printf(MSG_INFO, + "EAP-pwd (server): bad size %d for salted password", + (int) data->password_len); + eap_pwd_state(data, FAILURE); + return; + } + } else { + /* Otherwise, figure out whether it's MS hashed or plain */ + data->password_prep = data->password_hash ? EAP_PWD_PREP_MS : + EAP_PWD_PREP_NONE; + } + wpabuf_put_be16(data->outbuf, data->group_num); wpabuf_put_u8(data->outbuf, EAP_PWD_DEFAULT_RAND_FUNC); wpabuf_put_u8(data->outbuf, EAP_PWD_DEFAULT_PRF); wpabuf_put_data(data->outbuf, &data->token, sizeof(data->token)); - wpabuf_put_u8(data->outbuf, data->password_hash ? EAP_PWD_PREP_MS : - EAP_PWD_PREP_NONE); + wpabuf_put_u8(data->outbuf, data->password_prep); wpabuf_put_data(data->outbuf, data->id_server, data->id_server_len); } @@ -198,9 +235,9 @@ static void eap_pwd_build_id_req(struct eap_sm *sm, struct eap_pwd_data *data, static void eap_pwd_build_commit_req(struct eap_sm *sm, struct eap_pwd_data *data, u8 id) { - BIGNUM *mask = NULL, *x = NULL, *y = NULL; + struct crypto_bignum *mask = NULL; u8 *scalar = NULL, *element = NULL; - u16 offset; + size_t prime_len, order_len; wpa_printf(MSG_DEBUG, "EAP-pwd: Commit/Request"); /* @@ -210,93 +247,82 @@ static void eap_pwd_build_commit_req(struct eap_sm *sm, if (data->out_frag_pos) return; - if (((data->private_value = BN_new()) == NULL) || - ((data->my_element = EC_POINT_new(data->grp->group)) == NULL) || - ((data->my_scalar = BN_new()) == NULL) || - ((mask = BN_new()) == NULL)) { + prime_len = crypto_ec_prime_len(data->grp->group); + order_len = crypto_ec_order_len(data->grp->group); + + data->private_value = crypto_bignum_init(); + data->my_element = crypto_ec_point_init(data->grp->group); + data->my_scalar = crypto_bignum_init(); + mask = crypto_bignum_init(); + if (!data->private_value || !data->my_element || !data->my_scalar || + !mask) { wpa_printf(MSG_INFO, "EAP-PWD (server): scalar allocation " "fail"); goto fin; } - if (BN_rand_range(data->private_value, data->grp->order) != 1 || - BN_rand_range(mask, data->grp->order) != 1 || - BN_add(data->my_scalar, data->private_value, mask) != 1 || - BN_mod(data->my_scalar, data->my_scalar, data->grp->order, - data->bnctx) != 1) { + if (crypto_bignum_rand(data->private_value, + crypto_ec_get_order(data->grp->group)) < 0 || + crypto_bignum_rand(mask, + crypto_ec_get_order(data->grp->group)) < 0 || + crypto_bignum_add(data->private_value, mask, data->my_scalar) < 0 || + crypto_bignum_mod(data->my_scalar, + crypto_ec_get_order(data->grp->group), + data->my_scalar) < 0) { wpa_printf(MSG_INFO, "EAP-pwd (server): unable to get randomness"); goto fin; } - if (!EC_POINT_mul(data->grp->group, data->my_element, NULL, - data->grp->pwe, mask, data->bnctx)) { + if (crypto_ec_point_mul(data->grp->group, data->grp->pwe, mask, + data->my_element) < 0) { wpa_printf(MSG_INFO, "EAP-PWD (server): element allocation " "fail"); eap_pwd_state(data, FAILURE); goto fin; } - if (!EC_POINT_invert(data->grp->group, data->my_element, data->bnctx)) - { + if (crypto_ec_point_invert(data->grp->group, data->my_element) < 0) { wpa_printf(MSG_INFO, "EAP-PWD (server): element inversion " "fail"); goto fin; } - BN_clear_free(mask); - if (((x = BN_new()) == NULL) || - ((y = BN_new()) == NULL)) { - wpa_printf(MSG_INFO, "EAP-PWD (server): point allocation " - "fail"); + scalar = os_malloc(order_len); + element = os_malloc(prime_len * 2); + if (!scalar || !element) { + wpa_printf(MSG_INFO, "EAP-PWD (server): data allocation fail"); goto fin; } - if (!EC_POINT_get_affine_coordinates_GFp(data->grp->group, - data->my_element, x, y, - data->bnctx)) { + + if (crypto_ec_point_to_bin(data->grp->group, data->my_element, element, + element + prime_len) < 0) { wpa_printf(MSG_INFO, "EAP-PWD (server): point assignment " "fail"); goto fin; } - if (((scalar = os_malloc(BN_num_bytes(data->grp->order))) == NULL) || - ((element = os_malloc(BN_num_bytes(data->grp->prime) * 2)) == - NULL)) { - wpa_printf(MSG_INFO, "EAP-PWD (server): data allocation fail"); - goto fin; - } + crypto_bignum_to_bin(data->my_scalar, scalar, order_len, order_len); - /* - * bignums occupy as little memory as possible so one that is - * sufficiently smaller than the prime or order might need pre-pending - * with zeros. - */ - os_memset(scalar, 0, BN_num_bytes(data->grp->order)); - os_memset(element, 0, BN_num_bytes(data->grp->prime) * 2); - offset = BN_num_bytes(data->grp->order) - - BN_num_bytes(data->my_scalar); - BN_bn2bin(data->my_scalar, scalar + offset); - - offset = BN_num_bytes(data->grp->prime) - BN_num_bytes(x); - BN_bn2bin(x, element + offset); - offset = BN_num_bytes(data->grp->prime) - BN_num_bytes(y); - BN_bn2bin(y, element + BN_num_bytes(data->grp->prime) + offset); - - data->outbuf = wpabuf_alloc(2 * BN_num_bytes(data->grp->prime) + - BN_num_bytes(data->grp->order)); + data->outbuf = wpabuf_alloc(2 * prime_len + order_len + + (data->salt ? 1 + data->salt_len : 0)); if (data->outbuf == NULL) goto fin; + /* If we're doing salted password prep, add the salt */ + if (data->salt_len) { + wpabuf_put_u8(data->outbuf, data->salt_len); + wpabuf_put_data(data->outbuf, data->salt, data->salt_len); + } + /* We send the element as (x,y) followed by the scalar */ - wpabuf_put_data(data->outbuf, element, - 2 * BN_num_bytes(data->grp->prime)); - wpabuf_put_data(data->outbuf, scalar, BN_num_bytes(data->grp->order)); + wpabuf_put_data(data->outbuf, element, 2 * prime_len); + wpabuf_put_data(data->outbuf, scalar, order_len); fin: + crypto_bignum_deinit(mask, 1); os_free(scalar); os_free(element); - BN_clear_free(x); - BN_clear_free(y); if (data->outbuf == NULL) eap_pwd_state(data, FAILURE); } @@ -305,11 +331,10 @@ fin: static void eap_pwd_build_confirm_req(struct eap_sm *sm, struct eap_pwd_data *data, u8 id) { - BIGNUM *x = NULL, *y = NULL; struct crypto_hash *hash; u8 conf[SHA256_MAC_LEN], *cruft = NULL, *ptr; u16 grp; - int offset; + size_t prime_len, order_len; wpa_printf(MSG_DEBUG, "EAP-pwd: Confirm/Request"); /* @@ -319,9 +344,12 @@ static void eap_pwd_build_confirm_req(struct eap_sm *sm, if (data->out_frag_pos) return; + prime_len = crypto_ec_prime_len(data->grp->group); + order_len = crypto_ec_order_len(data->grp->group); + /* Each component of the cruft will be at most as big as the prime */ - if (((cruft = os_malloc(BN_num_bytes(data->grp->prime))) == NULL) || - ((x = BN_new()) == NULL) || ((y = BN_new()) == NULL)) { + cruft = os_malloc(prime_len * 2); + if (!cruft) { wpa_printf(MSG_INFO, "EAP-PWD (server): debug allocation " "fail"); goto fin; @@ -341,64 +369,38 @@ static void eap_pwd_build_confirm_req(struct eap_sm *sm, * * First is k */ - os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); - offset = BN_num_bytes(data->grp->prime) - BN_num_bytes(data->k); - BN_bn2bin(data->k, cruft + offset); - eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->prime)); + crypto_bignum_to_bin(data->k, cruft, prime_len, prime_len); + eap_pwd_h_update(hash, cruft, prime_len); /* server element: x, y */ - if (!EC_POINT_get_affine_coordinates_GFp(data->grp->group, - data->my_element, x, y, - data->bnctx)) { + if (crypto_ec_point_to_bin(data->grp->group, data->my_element, cruft, + cruft + prime_len) < 0) { wpa_printf(MSG_INFO, "EAP-PWD (server): confirm point " "assignment fail"); goto fin; } - - os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); - offset = BN_num_bytes(data->grp->prime) - BN_num_bytes(x); - BN_bn2bin(x, cruft + offset); - eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->prime)); - os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); - offset = BN_num_bytes(data->grp->prime) - BN_num_bytes(y); - BN_bn2bin(y, cruft + offset); - eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->prime)); + eap_pwd_h_update(hash, cruft, prime_len * 2); /* server scalar */ - os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); - offset = BN_num_bytes(data->grp->order) - - BN_num_bytes(data->my_scalar); - BN_bn2bin(data->my_scalar, cruft + offset); - eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->order)); + crypto_bignum_to_bin(data->my_scalar, cruft, order_len, order_len); + eap_pwd_h_update(hash, cruft, order_len); /* peer element: x, y */ - if (!EC_POINT_get_affine_coordinates_GFp(data->grp->group, - data->peer_element, x, y, - data->bnctx)) { + if (crypto_ec_point_to_bin(data->grp->group, data->peer_element, cruft, + cruft + prime_len) < 0) { wpa_printf(MSG_INFO, "EAP-PWD (server): confirm point " "assignment fail"); goto fin; } - - os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); - offset = BN_num_bytes(data->grp->prime) - BN_num_bytes(x); - BN_bn2bin(x, cruft + offset); - eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->prime)); - os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); - offset = BN_num_bytes(data->grp->prime) - BN_num_bytes(y); - BN_bn2bin(y, cruft + offset); - eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->prime)); + eap_pwd_h_update(hash, cruft, prime_len * 2); /* peer scalar */ - os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); - offset = BN_num_bytes(data->grp->order) - - BN_num_bytes(data->peer_scalar); - BN_bn2bin(data->peer_scalar, cruft + offset); - eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->order)); + crypto_bignum_to_bin(data->peer_scalar, cruft, order_len, order_len); + eap_pwd_h_update(hash, cruft, order_len); /* ciphersuite */ grp = htons(data->group_num); - os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); + os_memset(cruft, 0, prime_len); ptr = cruft; os_memcpy(ptr, &grp, sizeof(u16)); ptr += sizeof(u16); @@ -419,9 +421,7 @@ static void eap_pwd_build_confirm_req(struct eap_sm *sm, wpabuf_put_data(data->outbuf, conf, SHA256_MAC_LEN); fin: - bin_clear_free(cruft, BN_num_bytes(data->grp->prime)); - BN_clear_free(x); - BN_clear_free(y); + bin_clear_free(cruft, prime_len * 2); if (data->outbuf == NULL) eap_pwd_state(data, FAILURE); } @@ -602,11 +602,16 @@ static void eap_pwd_process_id_resp(struct eap_sm *sm, if ((data->group_num != be_to_host16(id->group_num)) || (id->random_function != EAP_PWD_DEFAULT_RAND_FUNC) || (os_memcmp(id->token, (u8 *)&data->token, sizeof(data->token))) || - (id->prf != EAP_PWD_DEFAULT_PRF)) { + (id->prf != EAP_PWD_DEFAULT_PRF) || + (id->prep != data->password_prep)) { wpa_printf(MSG_INFO, "EAP-pwd: peer changed parameters"); eap_pwd_state(data, FAILURE); return; } + if (data->id_peer || data->grp) { + wpa_printf(MSG_INFO, "EAP-pwd: data was already allocated"); + return; + } data->id_peer = os_malloc(payload_len - sizeof(struct eap_pwd_id)); if (data->id_peer == NULL) { wpa_printf(MSG_INFO, "EAP-PWD: memory allocation id fail"); @@ -617,14 +622,19 @@ static void eap_pwd_process_id_resp(struct eap_sm *sm, wpa_hexdump_ascii(MSG_DEBUG, "EAP-PWD (server): peer sent id of", data->id_peer, data->id_peer_len); - data->grp = os_zalloc(sizeof(EAP_PWD_group)); + data->grp = get_eap_pwd_group(data->group_num); if (data->grp == NULL) { wpa_printf(MSG_INFO, "EAP-PWD: failed to allocate memory for " "group"); return; } - if (data->password_hash) { + /* + * If it's PREP_MS then hash the password again, otherwise regardless + * of the prep the client is doing, the password we have is the one to + * use to generate the password element. + */ + if (data->password_prep == EAP_PWD_PREP_MS) { res = hash_nt_password_hash(data->password, pwhashhash); if (res) return; @@ -647,7 +657,7 @@ static void eap_pwd_process_id_resp(struct eap_sm *sm, return; } wpa_printf(MSG_DEBUG, "EAP-PWD (server): computed %d bit PWE...", - BN_num_bits(data->grp->prime)); + (int) crypto_ec_prime_len_bits(data->grp->group)); eap_pwd_state(data, PWD_Commit_Req); } @@ -657,16 +667,16 @@ static void eap_pwd_process_commit_resp(struct eap_sm *sm, struct eap_pwd_data *data, const u8 *payload, size_t payload_len) { - u8 *ptr; - BIGNUM *x = NULL, *y = NULL, *cofactor = NULL; - EC_POINT *K = NULL, *point = NULL; + const u8 *ptr; + struct crypto_bignum *cofactor = NULL; + struct crypto_ec_point *K = NULL, *point = NULL; int res = 0; size_t prime_len, order_len; wpa_printf(MSG_DEBUG, "EAP-pwd: Received commit response"); - prime_len = BN_num_bytes(data->grp->prime); - order_len = BN_num_bytes(data->grp->order); + prime_len = crypto_ec_prime_len(data->grp->group); + order_len = crypto_ec_order_len(data->grp->group); if (payload_len != 2 * prime_len + order_len) { wpa_printf(MSG_INFO, @@ -676,49 +686,47 @@ eap_pwd_process_commit_resp(struct eap_sm *sm, struct eap_pwd_data *data, goto fin; } - if (((data->peer_scalar = BN_new()) == NULL) || - ((data->k = BN_new()) == NULL) || - ((cofactor = BN_new()) == NULL) || - ((x = BN_new()) == NULL) || - ((y = BN_new()) == NULL) || - ((point = EC_POINT_new(data->grp->group)) == NULL) || - ((K = EC_POINT_new(data->grp->group)) == NULL) || - ((data->peer_element = EC_POINT_new(data->grp->group)) == NULL)) { + data->k = crypto_bignum_init(); + cofactor = crypto_bignum_init(); + point = crypto_ec_point_init(data->grp->group); + K = crypto_ec_point_init(data->grp->group); + if (!data->k || !cofactor || !point || !K) { wpa_printf(MSG_INFO, "EAP-PWD (server): peer data allocation " "fail"); goto fin; } - if (!EC_GROUP_get_cofactor(data->grp->group, cofactor, NULL)) { + if (crypto_ec_cofactor(data->grp->group, cofactor) < 0) { wpa_printf(MSG_INFO, "EAP-PWD (server): unable to get " "cofactor for curve"); goto fin; } /* element, x then y, followed by scalar */ - ptr = (u8 *) payload; - BN_bin2bn(ptr, BN_num_bytes(data->grp->prime), x); - ptr += BN_num_bytes(data->grp->prime); - BN_bin2bn(ptr, BN_num_bytes(data->grp->prime), y); - ptr += BN_num_bytes(data->grp->prime); - BN_bin2bn(ptr, BN_num_bytes(data->grp->order), data->peer_scalar); - if (!EC_POINT_set_affine_coordinates_GFp(data->grp->group, - data->peer_element, x, y, - data->bnctx)) { + ptr = payload; + data->peer_element = crypto_ec_point_from_bin(data->grp->group, ptr); + if (!data->peer_element) { wpa_printf(MSG_INFO, "EAP-PWD (server): setting peer element " "fail"); goto fin; } + ptr += prime_len * 2; + data->peer_scalar = crypto_bignum_init_set(ptr, order_len); + if (!data->peer_scalar) { + wpa_printf(MSG_INFO, "EAP-PWD (server): peer data allocation " + "fail"); + goto fin; + } /* check to ensure peer's element is not in a small sub-group */ - if (BN_cmp(cofactor, BN_value_one())) { - if (!EC_POINT_mul(data->grp->group, point, NULL, - data->peer_element, cofactor, NULL)) { + if (!crypto_bignum_is_one(cofactor)) { + if (crypto_ec_point_mul(data->grp->group, data->peer_element, + cofactor, point) != 0) { wpa_printf(MSG_INFO, "EAP-PWD (server): cannot " "multiply peer element by order"); goto fin; } - if (EC_POINT_is_at_infinity(data->grp->group, point)) { + if (crypto_ec_point_is_at_infinity(data->grp->group, point)) { wpa_printf(MSG_INFO, "EAP-PWD (server): peer element " "is at infinity!\n"); goto fin; @@ -726,21 +734,21 @@ eap_pwd_process_commit_resp(struct eap_sm *sm, struct eap_pwd_data *data, } /* compute the shared key, k */ - if ((!EC_POINT_mul(data->grp->group, K, NULL, data->grp->pwe, - data->peer_scalar, data->bnctx)) || - (!EC_POINT_add(data->grp->group, K, K, data->peer_element, - data->bnctx)) || - (!EC_POINT_mul(data->grp->group, K, NULL, K, data->private_value, - data->bnctx))) { + if ((crypto_ec_point_mul(data->grp->group, data->grp->pwe, + data->peer_scalar, K) < 0) || + (crypto_ec_point_add(data->grp->group, K, data->peer_element, + K) < 0) || + (crypto_ec_point_mul(data->grp->group, K, data->private_value, + K) < 0)) { wpa_printf(MSG_INFO, "EAP-PWD (server): computing shared key " "fail"); goto fin; } /* ensure that the shared key isn't in a small sub-group */ - if (BN_cmp(cofactor, BN_value_one())) { - if (!EC_POINT_mul(data->grp->group, K, NULL, K, cofactor, - NULL)) { + if (!crypto_bignum_is_one(cofactor)) { + if (crypto_ec_point_mul(data->grp->group, K, cofactor, + K) != 0) { wpa_printf(MSG_INFO, "EAP-PWD (server): cannot " "multiply shared key point by order!\n"); goto fin; @@ -753,13 +761,12 @@ eap_pwd_process_commit_resp(struct eap_sm *sm, struct eap_pwd_data *data, * never going to happen it is a simple and safe check "just to be * sure" so let's be safe. */ - if (EC_POINT_is_at_infinity(data->grp->group, K)) { + if (crypto_ec_point_is_at_infinity(data->grp->group, K)) { wpa_printf(MSG_INFO, "EAP-PWD (server): shared key point is " "at infinity"); goto fin; } - if (!EC_POINT_get_affine_coordinates_GFp(data->grp->group, K, data->k, - NULL, data->bnctx)) { + if (crypto_ec_point_x(data->grp->group, K, data->k)) { wpa_printf(MSG_INFO, "EAP-PWD (server): unable to extract " "shared secret from secret point"); goto fin; @@ -767,11 +774,9 @@ eap_pwd_process_commit_resp(struct eap_sm *sm, struct eap_pwd_data *data, res = 1; fin: - EC_POINT_clear_free(K); - EC_POINT_clear_free(point); - BN_clear_free(cofactor); - BN_clear_free(x); - BN_clear_free(y); + crypto_ec_point_deinit(K, 1); + crypto_ec_point_deinit(point, 1); + crypto_bignum_deinit(cofactor, 1); if (res) eap_pwd_state(data, PWD_Confirm_Req); @@ -784,12 +789,14 @@ static void eap_pwd_process_confirm_resp(struct eap_sm *sm, struct eap_pwd_data *data, const u8 *payload, size_t payload_len) { - BIGNUM *x = NULL, *y = NULL; struct crypto_hash *hash; u32 cs; u16 grp; u8 conf[SHA256_MAC_LEN], *cruft = NULL, *ptr; - int offset; + size_t prime_len, order_len; + + prime_len = crypto_ec_prime_len(data->grp->group); + order_len = crypto_ec_order_len(data->grp->group); if (payload_len != SHA256_MAC_LEN) { wpa_printf(MSG_INFO, @@ -808,8 +815,8 @@ eap_pwd_process_confirm_resp(struct eap_sm *sm, struct eap_pwd_data *data, *ptr = EAP_PWD_DEFAULT_PRF; /* each component of the cruft will be at most as big as the prime */ - if (((cruft = os_malloc(BN_num_bytes(data->grp->prime))) == NULL) || - ((x = BN_new()) == NULL) || ((y = BN_new()) == NULL)) { + cruft = os_malloc(prime_len * 2); + if (!cruft) { wpa_printf(MSG_INFO, "EAP-PWD (peer): allocation fail"); goto fin; } @@ -823,62 +830,36 @@ eap_pwd_process_confirm_resp(struct eap_sm *sm, struct eap_pwd_data *data, goto fin; /* k */ - os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); - offset = BN_num_bytes(data->grp->prime) - BN_num_bytes(data->k); - BN_bn2bin(data->k, cruft + offset); - eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->prime)); + crypto_bignum_to_bin(data->k, cruft, prime_len, prime_len); + eap_pwd_h_update(hash, cruft, prime_len); /* peer element: x, y */ - if (!EC_POINT_get_affine_coordinates_GFp(data->grp->group, - data->peer_element, x, y, - data->bnctx)) { + if (crypto_ec_point_to_bin(data->grp->group, data->peer_element, cruft, + cruft + prime_len) < 0) { wpa_printf(MSG_INFO, "EAP-PWD (server): confirm point " "assignment fail"); goto fin; } - os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); - offset = BN_num_bytes(data->grp->prime) - BN_num_bytes(x); - BN_bn2bin(x, cruft + offset); - eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->prime)); - os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); - offset = BN_num_bytes(data->grp->prime) - BN_num_bytes(y); - BN_bn2bin(y, cruft + offset); - eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->prime)); + eap_pwd_h_update(hash, cruft, prime_len * 2); /* peer scalar */ - os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); - offset = BN_num_bytes(data->grp->order) - - BN_num_bytes(data->peer_scalar); - BN_bn2bin(data->peer_scalar, cruft + offset); - eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->order)); + crypto_bignum_to_bin(data->peer_scalar, cruft, order_len, order_len); + eap_pwd_h_update(hash, cruft, order_len); /* server element: x, y */ - if (!EC_POINT_get_affine_coordinates_GFp(data->grp->group, - data->my_element, x, y, - data->bnctx)) { + if (crypto_ec_point_to_bin(data->grp->group, data->my_element, cruft, + cruft + prime_len) < 0) { wpa_printf(MSG_INFO, "EAP-PWD (server): confirm point " "assignment fail"); goto fin; } - - os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); - offset = BN_num_bytes(data->grp->prime) - BN_num_bytes(x); - BN_bn2bin(x, cruft + offset); - eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->prime)); - os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); - offset = BN_num_bytes(data->grp->prime) - BN_num_bytes(y); - BN_bn2bin(y, cruft + offset); - eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->prime)); + eap_pwd_h_update(hash, cruft, prime_len * 2); /* server scalar */ - os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); - offset = BN_num_bytes(data->grp->order) - - BN_num_bytes(data->my_scalar); - BN_bn2bin(data->my_scalar, cruft + offset); - eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->order)); + crypto_bignum_to_bin(data->my_scalar, cruft, order_len, order_len); + eap_pwd_h_update(hash, cruft, order_len); /* ciphersuite */ - os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); eap_pwd_h_update(hash, (u8 *) &cs, sizeof(u32)); /* all done */ @@ -892,7 +873,7 @@ eap_pwd_process_confirm_resp(struct eap_sm *sm, struct eap_pwd_data *data, } wpa_printf(MSG_DEBUG, "EAP-pwd (server): confirm verified"); - if (compute_keys(data->grp, data->bnctx, data->k, + if (compute_keys(data->grp, data->k, data->peer_scalar, data->my_scalar, conf, data->my_confirm, &cs, data->msk, data->emsk, data->session_id) < 0) @@ -901,9 +882,7 @@ eap_pwd_process_confirm_resp(struct eap_sm *sm, struct eap_pwd_data *data, eap_pwd_state(data, SUCCESS); fin: - bin_clear_free(cruft, BN_num_bytes(data->grp->prime)); - BN_clear_free(x); - BN_clear_free(y); + bin_clear_free(cruft, prime_len * 2); } @@ -1033,11 +1012,10 @@ static u8 * eap_pwd_getkey(struct eap_sm *sm, void *priv, size_t *len) if (data->state != SUCCESS) return NULL; - key = os_malloc(EAP_MSK_LEN); + key = os_memdup(data->msk, EAP_MSK_LEN); if (key == NULL) return NULL; - os_memcpy(key, data->msk, EAP_MSK_LEN); *len = EAP_MSK_LEN; return key; @@ -1052,11 +1030,10 @@ static u8 * eap_pwd_get_emsk(struct eap_sm *sm, void *priv, size_t *len) if (data->state != SUCCESS) return NULL; - key = os_malloc(EAP_EMSK_LEN); + key = os_memdup(data->emsk, EAP_EMSK_LEN); if (key == NULL) return NULL; - os_memcpy(key, data->emsk, EAP_EMSK_LEN); *len = EAP_EMSK_LEN; return key; @@ -1085,11 +1062,10 @@ static u8 * eap_pwd_get_session_id(struct eap_sm *sm, void *priv, size_t *len) if (data->state != SUCCESS) return NULL; - id = os_malloc(1 + SHA256_MAC_LEN); + id = os_memdup(data->session_id, 1 + SHA256_MAC_LEN); if (id == NULL) return NULL; - os_memcpy(id, data->session_id, 1 + SHA256_MAC_LEN); *len = 1 + SHA256_MAC_LEN; return id; @@ -1127,4 +1103,3 @@ int eap_server_pwd_register(void) return eap_server_method_register(eap); } - diff --git a/contrib/wpa/src/eap_server/eap_server_sake.c b/contrib/wpa/src/eap_server/eap_server_sake.c index 84d0e0be4dd1..66183f5f5c04 100644 --- a/contrib/wpa/src/eap_server/eap_server_sake.c +++ b/contrib/wpa/src/eap_server/eap_server_sake.c @@ -326,10 +326,9 @@ static void eap_sake_process_challenge(struct eap_sm *sm, data->peerid = NULL; data->peerid_len = 0; if (attr.peerid) { - data->peerid = os_malloc(attr.peerid_len); + data->peerid = os_memdup(attr.peerid, attr.peerid_len); if (data->peerid == NULL) return; - os_memcpy(data->peerid, attr.peerid, attr.peerid_len); data->peerid_len = attr.peerid_len; } @@ -460,10 +459,9 @@ static u8 * eap_sake_getKey(struct eap_sm *sm, void *priv, size_t *len) if (data->state != SUCCESS) return NULL; - key = os_malloc(EAP_MSK_LEN); + key = os_memdup(data->msk, EAP_MSK_LEN); if (key == NULL) return NULL; - os_memcpy(key, data->msk, EAP_MSK_LEN); *len = EAP_MSK_LEN; return key; @@ -478,10 +476,9 @@ static u8 * eap_sake_get_emsk(struct eap_sm *sm, void *priv, size_t *len) if (data->state != SUCCESS) return NULL; - key = os_malloc(EAP_EMSK_LEN); + key = os_memdup(data->emsk, EAP_EMSK_LEN); if (key == NULL) return NULL; - os_memcpy(key, data->emsk, EAP_EMSK_LEN); *len = EAP_EMSK_LEN; return key; diff --git a/contrib/wpa/src/eap_server/eap_server_sim.c b/contrib/wpa/src/eap_server/eap_server_sim.c index 3a6ed795c768..10637d4c66b9 100644 --- a/contrib/wpa/src/eap_server/eap_server_sim.c +++ b/contrib/wpa/src/eap_server/eap_server_sim.c @@ -787,10 +787,9 @@ static u8 * eap_sim_getKey(struct eap_sm *sm, void *priv, size_t *len) if (data->state != SUCCESS) return NULL; - key = os_malloc(EAP_SIM_KEYING_DATA_LEN); + key = os_memdup(data->msk, EAP_SIM_KEYING_DATA_LEN); if (key == NULL) return NULL; - os_memcpy(key, data->msk, EAP_SIM_KEYING_DATA_LEN); *len = EAP_SIM_KEYING_DATA_LEN; return key; } @@ -804,10 +803,9 @@ static u8 * eap_sim_get_emsk(struct eap_sm *sm, void *priv, size_t *len) if (data->state != SUCCESS) return NULL; - key = os_malloc(EAP_EMSK_LEN); + key = os_memdup(data->emsk, EAP_EMSK_LEN); if (key == NULL) return NULL; - os_memcpy(key, data->emsk, EAP_EMSK_LEN); *len = EAP_EMSK_LEN; return key; } diff --git a/contrib/wpa/src/eap_server/eap_server_tls.c b/contrib/wpa/src/eap_server/eap_server_tls.c index 7249858844ef..8b9e53c61d79 100644 --- a/contrib/wpa/src/eap_server/eap_server_tls.c +++ b/contrib/wpa/src/eap_server/eap_server_tls.c @@ -302,17 +302,22 @@ static u8 * eap_tls_getKey(struct eap_sm *sm, void *priv, size_t *len) { struct eap_tls_data *data = priv; u8 *eapKeyData; + const char *label; if (data->state != SUCCESS) return NULL; - eapKeyData = eap_server_tls_derive_key(sm, &data->ssl, - "client EAP encryption", - EAP_TLS_KEY_LEN); + if (data->ssl.tls_v13) + label = "EXPORTER_EAP_TLS_Key_Material"; + else + label = "client EAP encryption"; + eapKeyData = eap_server_tls_derive_key(sm, &data->ssl, label, + EAP_TLS_KEY_LEN + EAP_EMSK_LEN); if (eapKeyData) { *len = EAP_TLS_KEY_LEN; wpa_hexdump(MSG_DEBUG, "EAP-TLS: Derived key", eapKeyData, EAP_TLS_KEY_LEN); + os_memset(eapKeyData + EAP_TLS_KEY_LEN, 0, EAP_EMSK_LEN); } else { wpa_printf(MSG_DEBUG, "EAP-TLS: Failed to derive key"); } @@ -325,12 +330,16 @@ static u8 * eap_tls_get_emsk(struct eap_sm *sm, void *priv, size_t *len) { struct eap_tls_data *data = priv; u8 *eapKeyData, *emsk; + const char *label; if (data->state != SUCCESS) return NULL; - eapKeyData = eap_server_tls_derive_key(sm, &data->ssl, - "client EAP encryption", + if (data->ssl.tls_v13) + label = "EXPORTER_EAP_TLS_Key_Material"; + else + label = "client EAP encryption"; + eapKeyData = eap_server_tls_derive_key(sm, &data->ssl, label, EAP_TLS_KEY_LEN + EAP_EMSK_LEN); if (eapKeyData) { emsk = os_malloc(EAP_EMSK_LEN); diff --git a/contrib/wpa/src/eap_server/eap_server_tls_common.c b/contrib/wpa/src/eap_server/eap_server_tls_common.c index 69096954b826..0ae7867fccf7 100644 --- a/contrib/wpa/src/eap_server/eap_server_tls_common.c +++ b/contrib/wpa/src/eap_server/eap_server_tls_common.c @@ -47,7 +47,7 @@ int eap_server_tls_ssl_init(struct eap_sm *sm, struct eap_ssl_data *data, int verify_peer, int eap_type) { u8 session_ctx[8]; - unsigned int flags = 0; + unsigned int flags = sm->tls_flags; if (sm->ssl_ctx == NULL) { wpa_printf(MSG_ERROR, "TLS context not initialized - cannot use TLS-based EAP method"); @@ -107,7 +107,7 @@ void eap_server_tls_ssl_deinit(struct eap_sm *sm, struct eap_ssl_data *data) u8 * eap_server_tls_derive_key(struct eap_sm *sm, struct eap_ssl_data *data, - char *label, size_t len) + const char *label, size_t len) { u8 *out; @@ -145,6 +145,13 @@ u8 * eap_server_tls_derive_session_id(struct eap_sm *sm, struct tls_random keys; u8 *out; + if (eap_type == EAP_TYPE_TLS && data->tls_v13) { + *len = 64; + return eap_server_tls_derive_key(sm, data, + "EXPORTER_EAP_TLS_Session-Id", + 64); + } + if (tls_connection_get_random(sm->ssl_ctx, data->conn, &keys)) return NULL; @@ -305,6 +312,8 @@ static int eap_server_tls_process_fragment(struct eap_ssl_data *data, int eap_server_tls_phase1(struct eap_sm *sm, struct eap_ssl_data *data) { + char buf[20]; + if (data->tls_out) { /* This should not happen.. */ wpa_printf(MSG_INFO, "SSL: pending tls_out data when " @@ -327,6 +336,16 @@ int eap_server_tls_phase1(struct eap_sm *sm, struct eap_ssl_data *data) return -1; } + if (tls_get_version(sm->ssl_ctx, data->conn, buf, sizeof(buf)) == 0) { + wpa_printf(MSG_DEBUG, "SSL: Using TLS version %s", buf); + data->tls_v13 = os_strcmp(buf, "TLSv1.3") == 0; + } + + if (!sm->serial_num && + tls_connection_established(sm->ssl_ctx, data->conn)) + sm->serial_num = tls_connection_peer_serial_num(sm->ssl_ctx, + data->conn); + return 0; } @@ -373,7 +392,7 @@ static int eap_server_tls_reassemble(struct eap_ssl_data *data, u8 flags, if (data->tls_in && eap_server_tls_process_cont(data, *pos, end - *pos) < 0) return -1; - + if (flags & EAP_TLS_FLAGS_MORE_FRAGMENTS) { if (eap_server_tls_process_fragment(data, flags, tls_msg_len, *pos, end - *pos) < 0) diff --git a/contrib/wpa/src/eap_server/eap_server_ttls.c b/contrib/wpa/src/eap_server/eap_server_ttls.c index a53633f8f1fe..b14996b0b990 100644 --- a/contrib/wpa/src/eap_server/eap_server_ttls.c +++ b/contrib/wpa/src/eap_server/eap_server_ttls.c @@ -228,14 +228,13 @@ static int eap_ttls_avp_parse(struct wpabuf *buf, struct eap_ttls_avp *parse) if (vendor_id == 0 && avp_code == RADIUS_ATTR_EAP_MESSAGE) { wpa_printf(MSG_DEBUG, "EAP-TTLS: AVP - EAP Message"); if (parse->eap == NULL) { - parse->eap = os_malloc(dlen); + parse->eap = os_memdup(dpos, dlen); if (parse->eap == NULL) { wpa_printf(MSG_WARNING, "EAP-TTLS: " "failed to allocate memory " "for Phase 2 EAP data"); goto fail; } - os_memcpy(parse->eap, dpos, dlen); parse->eap_len = dlen; } else { u8 *neweap = os_realloc(parse->eap, @@ -372,7 +371,7 @@ static void eap_ttls_reset(struct eap_sm *sm, void *priv) static struct wpabuf * eap_ttls_build_start(struct eap_sm *sm, struct eap_ttls_data *data, u8 id) -{ +{ struct wpabuf *req; req = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_TTLS, 1, @@ -666,11 +665,14 @@ static void eap_ttls_process_phase2_mschap(struct eap_sm *sm, } os_free(chal); - if (sm->user->password_hash) - challenge_response(challenge, sm->user->password, nt_response); - else - nt_challenge_response(challenge, sm->user->password, - sm->user->password_len, nt_response); + if ((sm->user->password_hash && + challenge_response(challenge, sm->user->password, nt_response)) || + (!sm->user->password_hash && + nt_challenge_response(challenge, sm->user->password, + sm->user->password_len, nt_response))) { + eap_ttls_state(data, FAILURE); + return; + } if (os_memcmp_const(nt_response, response + 2 + 24, 24) == 0) { wpa_printf(MSG_DEBUG, "EAP-TTLS/MSCHAP: Correct response"); @@ -1051,12 +1053,11 @@ static void eap_ttls_process_phase2(struct eap_sm *sm, } os_free(sm->identity); - sm->identity = os_malloc(parse.user_name_len); + sm->identity = os_memdup(parse.user_name, parse.user_name_len); if (sm->identity == NULL) { eap_ttls_state(data, FAILURE); goto done; } - os_memcpy(sm->identity, parse.user_name, parse.user_name_len); sm->identity_len = parse.user_name_len; if (eap_user_get(sm, parse.user_name, parse.user_name_len, 1) != 0) { diff --git a/contrib/wpa/src/eap_server/eap_server_wsc.c b/contrib/wpa/src/eap_server/eap_server_wsc.c index 7d9d285c39d0..4a5cb980afac 100644 --- a/contrib/wpa/src/eap_server/eap_server_wsc.c +++ b/contrib/wpa/src/eap_server/eap_server_wsc.c @@ -257,7 +257,7 @@ static struct wpabuf * eap_wsc_buildReq(struct eap_sm *sm, void *priv, u8 id) } data->out_used = 0; } - /* pass through */ + /* fall through */ case WAIT_FRAG_ACK: return eap_wsc_build_msg(data, id); case FRAG_ACK: diff --git a/contrib/wpa/src/eap_server/eap_tls_common.h b/contrib/wpa/src/eap_server/eap_tls_common.h index dc943eb207d7..31f6e72d779a 100644 --- a/contrib/wpa/src/eap_server/eap_tls_common.h +++ b/contrib/wpa/src/eap_server/eap_tls_common.h @@ -50,6 +50,11 @@ struct eap_ssl_data { enum { MSG, FRAG_ACK, WAIT_FRAG_ACK } state; struct wpabuf tmpbuf; + + /** + * tls_v13 - Whether TLS v1.3 or newer is used + */ + int tls_v13; }; @@ -73,7 +78,7 @@ int eap_server_tls_ssl_init(struct eap_sm *sm, struct eap_ssl_data *data, int verify_peer, int eap_type); void eap_server_tls_ssl_deinit(struct eap_sm *sm, struct eap_ssl_data *data); u8 * eap_server_tls_derive_key(struct eap_sm *sm, struct eap_ssl_data *data, - char *label, size_t len); + const char *label, size_t len); u8 * eap_server_tls_derive_session_id(struct eap_sm *sm, struct eap_ssl_data *data, u8 eap_type, size_t *len); diff --git a/contrib/wpa/src/eap_server/ikev2.c b/contrib/wpa/src/eap_server/ikev2.c index 5385cd89246f..0e9210e67b50 100644 --- a/contrib/wpa/src/eap_server/ikev2.c +++ b/contrib/wpa/src/eap_server/ikev2.c @@ -544,10 +544,9 @@ static int ikev2_process_idr(struct ikev2_initiator_data *data, } os_free(data->IDr); } - data->IDr = os_malloc(idr_len); + data->IDr = os_memdup(idr, idr_len); if (data->IDr == NULL) return -1; - os_memcpy(data->IDr, idr, idr_len); data->IDr_len = idr_len; data->IDr_type = id_type; @@ -1147,10 +1146,9 @@ static struct wpabuf * ikev2_build_sa_auth(struct ikev2_initiator_data *data) return NULL; } else { os_free(data->shared_secret); - data->shared_secret = os_malloc(secret_len); + data->shared_secret = os_memdup(secret, secret_len); if (data->shared_secret == NULL) return NULL; - os_memcpy(data->shared_secret, secret, secret_len); data->shared_secret_len = secret_len; } diff --git a/contrib/wpa/src/eap_server/tncs.c b/contrib/wpa/src/eap_server/tncs.c index cfcbd3ed828c..942a195761ac 100644 --- a/contrib/wpa/src/eap_server/tncs.c +++ b/contrib/wpa/src/eap_server/tncs.c @@ -161,12 +161,10 @@ static TNC_Result TNC_TNCS_ReportMessageTypes( if (imv == NULL) return TNC_RESULT_INVALID_PARAMETER; os_free(imv->supported_types); - imv->supported_types = - os_malloc(typeCount * sizeof(TNC_MessageType)); + imv->supported_types = os_memdup(supportedTypes, + typeCount * sizeof(TNC_MessageType)); if (imv->supported_types == NULL) return TNC_RESULT_FATAL; - os_memcpy(imv->supported_types, supportedTypes, - typeCount * sizeof(TNC_MessageType)); imv->num_supported_types = typeCount; return TNC_RESULT_SUCCESS; diff --git a/contrib/wpa/src/eapol_auth/eapol_auth_sm.c b/contrib/wpa/src/eapol_auth/eapol_auth_sm.c index ff673bb2e785..36074d3e0474 100644 --- a/contrib/wpa/src/eapol_auth/eapol_auth_sm.c +++ b/contrib/wpa/src/eapol_auth/eapol_auth_sm.c @@ -848,6 +848,7 @@ eapol_auth_alloc(struct eapol_authenticator *eapol, const u8 *addr, eap_conf.server_id_len = eapol->conf.server_id_len; eap_conf.erp = eapol->conf.erp; eap_conf.tls_session_lifetime = eapol->conf.tls_session_lifetime; + eap_conf.tls_flags = eapol->conf.tls_flags; sm->eap = eap_server_sm_init(sm, &eapol_cb, &eap_conf); if (sm->eap == NULL) { eapol_auth_free(sm); @@ -1197,30 +1198,27 @@ static int eapol_auth_conf_clone(struct eapol_auth_config *dst, dst->server_id = src->server_id; dst->server_id_len = src->server_id_len; if (src->eap_req_id_text) { - dst->eap_req_id_text = os_malloc(src->eap_req_id_text_len); + dst->eap_req_id_text = os_memdup(src->eap_req_id_text, + src->eap_req_id_text_len); if (dst->eap_req_id_text == NULL) return -1; - os_memcpy(dst->eap_req_id_text, src->eap_req_id_text, - src->eap_req_id_text_len); dst->eap_req_id_text_len = src->eap_req_id_text_len; } else { dst->eap_req_id_text = NULL; dst->eap_req_id_text_len = 0; } if (src->pac_opaque_encr_key) { - dst->pac_opaque_encr_key = os_malloc(16); + dst->pac_opaque_encr_key = os_memdup(src->pac_opaque_encr_key, + 16); if (dst->pac_opaque_encr_key == NULL) goto fail; - os_memcpy(dst->pac_opaque_encr_key, src->pac_opaque_encr_key, - 16); } else dst->pac_opaque_encr_key = NULL; if (src->eap_fast_a_id) { - dst->eap_fast_a_id = os_malloc(src->eap_fast_a_id_len); + dst->eap_fast_a_id = os_memdup(src->eap_fast_a_id, + src->eap_fast_a_id_len); if (dst->eap_fast_a_id == NULL) goto fail; - os_memcpy(dst->eap_fast_a_id, src->eap_fast_a_id, - src->eap_fast_a_id_len); dst->eap_fast_a_id_len = src->eap_fast_a_id_len; } else dst->eap_fast_a_id = NULL; @@ -1249,6 +1247,7 @@ static int eapol_auth_conf_clone(struct eapol_auth_config *dst, dst->erp_send_reauth_start = src->erp_send_reauth_start; dst->erp = src->erp; dst->tls_session_lifetime = src->tls_session_lifetime; + dst->tls_flags = src->tls_flags; return 0; diff --git a/contrib/wpa/src/eapol_auth/eapol_auth_sm.h b/contrib/wpa/src/eapol_auth/eapol_auth_sm.h index e1974e4354da..44f3f31cc601 100644 --- a/contrib/wpa/src/eapol_auth/eapol_auth_sm.h +++ b/contrib/wpa/src/eapol_auth/eapol_auth_sm.h @@ -28,6 +28,7 @@ struct eapol_auth_config { char *erp_domain; /* a copy of this will be allocated */ int erp; /* Whether ERP is enabled on authentication server */ unsigned int tls_session_lifetime; + unsigned int tls_flags; u8 *pac_opaque_encr_key; u8 *eap_fast_a_id; size_t eap_fast_a_id_len; diff --git a/contrib/wpa/src/eapol_supp/eapol_supp_sm.c b/contrib/wpa/src/eapol_supp/eapol_supp_sm.c index 65460fc3bec0..9f029b0d3710 100644 --- a/contrib/wpa/src/eapol_supp/eapol_supp_sm.c +++ b/contrib/wpa/src/eapol_supp/eapol_supp_sm.c @@ -16,6 +16,7 @@ #include "crypto/md5.h" #include "common/eapol_common.h" #include "eap_peer/eap.h" +#include "eap_peer/eap_config.h" #include "eap_peer/eap_proxy.h" #include "eapol_supp_sm.h" @@ -95,7 +96,7 @@ struct eapol_sm { SUPP_BE_RECEIVE = 4, SUPP_BE_RESPONSE = 5, SUPP_BE_FAIL = 6, - SUPP_BE_TIMEOUT = 7, + SUPP_BE_TIMEOUT = 7, SUPP_BE_SUCCESS = 8 } SUPP_BE_state; /* dot1xSuppBackendPaeState */ /* Variables */ @@ -250,6 +251,8 @@ SM_STATE(SUPP_PAE, CONNECTING) if (sm->eapTriggerStart) send_start = 1; + if (sm->ctx->preauth) + send_start = 1; sm->eapTriggerStart = FALSE; if (send_start) { @@ -490,9 +493,24 @@ SM_STATE(SUPP_BE, SUCCESS) #ifdef CONFIG_EAP_PROXY if (sm->use_eap_proxy) { if (eap_proxy_key_available(sm->eap_proxy)) { + u8 *session_id, *emsk; + size_t session_id_len, emsk_len; + /* New key received - clear IEEE 802.1X EAPOL-Key replay * counter */ sm->replay_counter_valid = FALSE; + + session_id = eap_proxy_get_eap_session_id( + sm->eap_proxy, &session_id_len); + emsk = eap_proxy_get_emsk(sm->eap_proxy, &emsk_len); + if (sm->config->erp && session_id && emsk) { + eap_peer_erp_init(sm->eap, session_id, + session_id_len, emsk, + emsk_len); + } else { + os_free(session_id); + bin_clear_free(emsk, emsk_len); + } } return; } @@ -897,6 +915,9 @@ static void eapol_sm_abortSupp(struct eapol_sm *sm) wpabuf_free(sm->eapReqData); sm->eapReqData = NULL; eap_sm_abort(sm->eap); +#ifdef CONFIG_EAP_PROXY + eap_proxy_sm_abort(sm->eap_proxy); +#endif /* CONFIG_EAP_PROXY */ } @@ -1998,7 +2019,17 @@ static void eapol_sm_notify_status(void *ctx, const char *status, } +static void eapol_sm_notify_eap_error(void *ctx, int error_code) +{ + struct eapol_sm *sm = ctx; + + if (sm->ctx->eap_error_cb) + sm->ctx->eap_error_cb(sm->ctx->ctx, error_code); +} + + #ifdef CONFIG_EAP_PROXY + static void eapol_sm_eap_proxy_cb(void *ctx) { struct eapol_sm *sm = ctx; @@ -2006,6 +2037,18 @@ static void eapol_sm_eap_proxy_cb(void *ctx) if (sm->ctx->eap_proxy_cb) sm->ctx->eap_proxy_cb(sm->ctx->ctx); } + + +static void +eapol_sm_eap_proxy_notify_sim_status(void *ctx, + enum eap_proxy_sim_state sim_state) +{ + struct eapol_sm *sm = ctx; + + if (sm->ctx->eap_proxy_notify_sim_status) + sm->ctx->eap_proxy_notify_sim_status(sm->ctx->ctx, sim_state); +} + #endif /* CONFIG_EAP_PROXY */ @@ -2032,8 +2075,11 @@ static const struct eapol_callbacks eapol_cb = eapol_sm_eap_param_needed, eapol_sm_notify_cert, eapol_sm_notify_status, + eapol_sm_notify_eap_error, #ifdef CONFIG_EAP_PROXY eapol_sm_eap_proxy_cb, + eapol_sm_eap_proxy_notify_sim_status, + eapol_sm_get_eap_proxy_imsi, #endif /* CONFIG_EAP_PROXY */ eapol_sm_set_anon_id }; @@ -2141,16 +2187,16 @@ int eapol_sm_failed(struct eapol_sm *sm) } -int eapol_sm_get_eap_proxy_imsi(struct eapol_sm *sm, char *imsi, size_t *len) -{ #ifdef CONFIG_EAP_PROXY +int eapol_sm_get_eap_proxy_imsi(void *ctx, int sim_num, char *imsi, size_t *len) +{ + struct eapol_sm *sm = ctx; + if (sm->eap_proxy == NULL) return -1; - return eap_proxy_get_imsi(sm->eap_proxy, imsi, len); -#else /* CONFIG_EAP_PROXY */ - return -1; -#endif /* CONFIG_EAP_PROXY */ + return eap_proxy_get_imsi(sm->eap_proxy, sim_num, imsi, len); } +#endif /* CONFIG_EAP_PROXY */ void eapol_sm_erp_flush(struct eapol_sm *sm) @@ -2158,3 +2204,56 @@ void eapol_sm_erp_flush(struct eapol_sm *sm) if (sm) eap_peer_erp_free_keys(sm->eap); } + + +struct wpabuf * eapol_sm_build_erp_reauth_start(struct eapol_sm *sm) +{ +#ifdef CONFIG_ERP + if (!sm) + return NULL; + return eap_peer_build_erp_reauth_start(sm->eap, 0); +#else /* CONFIG_ERP */ + return NULL; +#endif /* CONFIG_ERP */ +} + + +void eapol_sm_process_erp_finish(struct eapol_sm *sm, const u8 *buf, + size_t len) +{ +#ifdef CONFIG_ERP + if (!sm) + return; + eap_peer_finish(sm->eap, (const struct eap_hdr *) buf, len); +#endif /* CONFIG_ERP */ +} + + +int eapol_sm_update_erp_next_seq_num(struct eapol_sm *sm, u16 next_seq_num) +{ +#ifdef CONFIG_ERP + if (!sm) + return -1; + return eap_peer_update_erp_next_seq_num(sm->eap, next_seq_num); +#else /* CONFIG_ERP */ + return -1; +#endif /* CONFIG_ERP */ +} + + +int eapol_sm_get_erp_info(struct eapol_sm *sm, struct eap_peer_config *config, + const u8 **username, size_t *username_len, + const u8 **realm, size_t *realm_len, + u16 *erp_next_seq_num, const u8 **rrk, + size_t *rrk_len) +{ +#ifdef CONFIG_ERP + if (!sm) + return -1; + return eap_peer_get_erp_info(sm->eap, config, username, username_len, + realm, realm_len, erp_next_seq_num, rrk, + rrk_len); +#else /* CONFIG_ERP */ + return -1; +#endif /* CONFIG_ERP */ +} diff --git a/contrib/wpa/src/eapol_supp/eapol_supp_sm.h b/contrib/wpa/src/eapol_supp/eapol_supp_sm.h index 1309ff7547e8..74f40bb1cd63 100644 --- a/contrib/wpa/src/eapol_supp/eapol_supp_sm.h +++ b/contrib/wpa/src/eapol_supp/eapol_supp_sm.h @@ -271,12 +271,27 @@ struct eapol_ctx { void (*status_cb)(void *ctx, const char *status, const char *parameter); + /** + * eap_error_cb - Notification of EAP method error + * @ctx: Callback context (ctx) + * @error_code: EAP method error code + */ + void (*eap_error_cb)(void *ctx, int error_code); + #ifdef CONFIG_EAP_PROXY /** * eap_proxy_cb - Callback signifying any updates from eap_proxy * @ctx: eapol_ctx from eap_peer_sm_init() call */ void (*eap_proxy_cb)(void *ctx); + + /** + * eap_proxy_notify_sim_status - Notification of SIM status change + * @ctx: eapol_ctx from eap_peer_sm_init() call + * @status: One of enum value from sim_state + */ + void (*eap_proxy_notify_sim_status)(void *ctx, + enum eap_proxy_sim_state sim_state); #endif /* CONFIG_EAP_PROXY */ /** @@ -328,7 +343,18 @@ void eapol_sm_set_ext_pw_ctx(struct eapol_sm *sm, struct ext_password_data *ext); int eapol_sm_failed(struct eapol_sm *sm); void eapol_sm_erp_flush(struct eapol_sm *sm); -int eapol_sm_get_eap_proxy_imsi(struct eapol_sm *sm, char *imsi, size_t *len); +struct wpabuf * eapol_sm_build_erp_reauth_start(struct eapol_sm *sm); +void eapol_sm_process_erp_finish(struct eapol_sm *sm, const u8 *buf, + size_t len); +int eapol_sm_get_eap_proxy_imsi(void *ctx, int sim_num, char *imsi, + size_t *len); +int eapol_sm_update_erp_next_seq_num(struct eapol_sm *sm, u16 next_seq_num); +int eapol_sm_get_erp_info(struct eapol_sm *sm, struct eap_peer_config *config, + const u8 **username, size_t *username_len, + const u8 **realm, size_t *realm_len, + u16 *erp_next_seq_num, const u8 **rrk, + size_t *rrk_len); + #else /* IEEE8021X_EAPOL */ static inline struct eapol_sm *eapol_sm_init(struct eapol_ctx *ctx) { @@ -438,6 +464,28 @@ static inline int eapol_sm_failed(struct eapol_sm *sm) static inline void eapol_sm_erp_flush(struct eapol_sm *sm) { } +static inline struct wpabuf * +eapol_sm_build_erp_reauth_start(struct eapol_sm *sm) +{ + return NULL; +} +static inline void eapol_sm_process_erp_finish(struct eapol_sm *sm, + const u8 *buf, size_t len) +{ +} +static inline int eapol_sm_update_erp_next_seq_num(struct eapol_sm *sm, + u16 next_seq_num) +{ + return -1; +} +static inline int +eapol_sm_get_erp_info(struct eapol_sm *sm, struct eap_peer_config *config, + const u8 **username, size_t *username_len, + const u8 **realm, size_t *realm_len, + u16 *erp_next_seq_num, const u8 **rrk, size_t *rrk_len) +{ + return -1; +} #endif /* IEEE8021X_EAPOL */ #endif /* EAPOL_SUPP_SM_H */ diff --git a/contrib/wpa/src/fst/fst_ctrl_aux.h b/contrib/wpa/src/fst/fst_ctrl_aux.h index e2133f5062bd..0aff5d061eae 100644 --- a/contrib/wpa/src/fst/fst_ctrl_aux.h +++ b/contrib/wpa/src/fst/fst_ctrl_aux.h @@ -35,6 +35,17 @@ enum fst_event_type { * more info */ }; +enum fst_reason { + REASON_TEARDOWN, + REASON_SETUP, + REASON_SWITCH, + REASON_STT, + REASON_REJECT, + REASON_ERROR_PARAMS, + REASON_RESET, + REASON_DETACH_IFACE, +}; + enum fst_initiator { FST_INITIATOR_UNDEFINED, FST_INITIATOR_LOCAL, @@ -57,16 +68,7 @@ union fst_event_extra { enum fst_session_state new_state; union fst_session_state_switch_extra { struct { - enum fst_reason { - REASON_TEARDOWN, - REASON_SETUP, - REASON_SWITCH, - REASON_STT, - REASON_REJECT, - REASON_ERROR_PARAMS, - REASON_RESET, - REASON_DETACH_IFACE, - } reason; + enum fst_reason reason; u8 reject_code; /* REASON_REJECT */ /* REASON_SWITCH, * REASON_TEARDOWN, diff --git a/contrib/wpa/src/fst/fst_ctrl_iface.c b/contrib/wpa/src/fst/fst_ctrl_iface.c index 7820e586629f..7df3362b6e93 100644 --- a/contrib/wpa/src/fst/fst_ctrl_iface.c +++ b/contrib/wpa/src/fst/fst_ctrl_iface.c @@ -49,7 +49,7 @@ static Boolean format_session_state_extra(const union fst_event_extra *extra, if (ss->extra.to_initial.reject_code != WLAN_STATUS_SUCCESS) os_snprintf(reject_str, sizeof(reject_str), "%u", ss->extra.to_initial.reject_code); - /* no break */ + /* fall through */ case REASON_TEARDOWN: case REASON_SWITCH: switch (ss->extra.to_initial.initiator) { diff --git a/contrib/wpa/src/fst/fst_group.c b/contrib/wpa/src/fst/fst_group.c index 321d40d50cd2..a4ae016d9163 100644 --- a/contrib/wpa/src/fst/fst_group.c +++ b/contrib/wpa/src/fst/fst_group.c @@ -29,7 +29,7 @@ static void fst_dump_mb_ies(const char *group_id, const char *ifname, const struct multi_band_ie *mbie = (const struct multi_band_ie *) p; WPA_ASSERT(mbie->eid == WLAN_EID_MULTI_BAND); - WPA_ASSERT(2 + mbie->len >= sizeof(*mbie)); + WPA_ASSERT(2U + mbie->len >= sizeof(*mbie)); fst_printf(MSG_WARNING, "%s: %s: mb_ctrl=%u band_id=%u op_class=%u chan=%u bssid=" diff --git a/contrib/wpa/src/fst/fst_iface.h b/contrib/wpa/src/fst/fst_iface.h index 0eb27325a2b8..cbaa7d81788d 100644 --- a/contrib/wpa/src/fst/fst_iface.h +++ b/contrib/wpa/src/fst/fst_iface.h @@ -106,7 +106,7 @@ static inline void fst_iface_update_mb_ie(struct fst_iface *i, const u8 *addr, const u8 *buf, size_t size) { - return i->iface_obj.update_mb_ie(i->iface_obj.ctx, addr, buf, size); + i->iface_obj.update_mb_ie(i->iface_obj.ctx, addr, buf, size); } static inline const u8 * fst_iface_get_peer_first(struct fst_iface *i, diff --git a/contrib/wpa/src/fst/fst_session.c b/contrib/wpa/src/fst/fst_session.c index 76e2c78f4ff6..a02a93e76e43 100644 --- a/contrib/wpa/src/fst/fst_session.c +++ b/contrib/wpa/src/fst/fst_session.c @@ -756,8 +756,6 @@ struct fst_session * fst_session_create(struct fst_group *g) struct fst_session *s; u32 id; - WPA_ASSERT(!is_zero_ether_addr(own_addr)); - id = fst_find_free_session_id(); if (id == FST_INVALID_SESSION_ID) { fst_printf(MSG_ERROR, "Cannot assign new session ID"); diff --git a/contrib/wpa/src/l2_packet/l2_packet.h b/contrib/wpa/src/l2_packet/l2_packet.h index 2a452458214b..53871774b4e7 100644 --- a/contrib/wpa/src/l2_packet/l2_packet.h +++ b/contrib/wpa/src/l2_packet/l2_packet.h @@ -42,6 +42,7 @@ struct l2_ethhdr { enum l2_packet_filter_type { L2_PACKET_FILTER_DHCP, L2_PACKET_FILTER_NDISC, + L2_PACKET_FILTER_PKTTYPE, }; /** diff --git a/contrib/wpa/src/l2_packet/l2_packet_privsep.c b/contrib/wpa/src/l2_packet/l2_packet_privsep.c index e26ca20a8625..ce86802c2353 100644 --- a/contrib/wpa/src/l2_packet/l2_packet_privsep.c +++ b/contrib/wpa/src/l2_packet/l2_packet_privsep.c @@ -51,7 +51,7 @@ static int wpa_priv_cmd(struct l2_packet_data *l2, int cmd, return 0; } - + int l2_packet_get_own_addr(struct l2_packet_data *l2, u8 *addr) { os_memcpy(addr, l2->own_addr, ETH_ALEN); @@ -258,7 +258,7 @@ void l2_packet_deinit(struct l2_packet_data *l2) unlink(l2->own_socket_path); os_free(l2->own_socket_path); } - + os_free(l2); } diff --git a/contrib/wpa/src/p2p/p2p.c b/contrib/wpa/src/p2p/p2p.c index 996b4e824986..b4660c4f9616 100644 --- a/contrib/wpa/src/p2p/p2p.c +++ b/contrib/wpa/src/p2p/p2p.c @@ -711,6 +711,7 @@ int p2p_add_device(struct p2p_data *p2p, const u8 *addr, int freq, struct p2p_message msg; const u8 *p2p_dev_addr; int wfd_changed; + int dev_name_changed; int i; struct os_reltime time_now; @@ -821,6 +822,9 @@ int p2p_add_device(struct p2p_data *p2p, const u8 *addr, int freq, } dev->info.level = level; + dev_name_changed = os_strncmp(dev->info.device_name, msg.device_name, + WPS_DEV_NAME_MAX_LEN) != 0; + p2p_copy_wps_info(p2p, dev, 0, &msg); for (i = 0; i < P2P_MAX_WPS_VENDOR_EXT; i++) { @@ -839,9 +843,12 @@ int p2p_add_device(struct p2p_data *p2p, const u8 *addr, int freq, wfd_changed = p2p_compare_wfd_info(dev, &msg); - if (msg.wfd_subelems) { + if (wfd_changed) { wpabuf_free(dev->info.wfd_subelems); - dev->info.wfd_subelems = wpabuf_dup(msg.wfd_subelems); + if (msg.wfd_subelems) + dev->info.wfd_subelems = wpabuf_dup(msg.wfd_subelems); + else + dev->info.wfd_subelems = NULL; } if (scan_res) { @@ -855,6 +862,7 @@ int p2p_add_device(struct p2p_data *p2p, const u8 *addr, int freq, p2p_update_peer_vendor_elems(dev, ies, ies_len); if (dev->flags & P2P_DEV_REPORTED && !wfd_changed && + !dev_name_changed && (!msg.adv_service_instance || (dev->flags & P2P_DEV_P2PS_REPORTED))) return 0; @@ -1002,8 +1010,16 @@ static void p2p_search(struct p2p_data *p2p) } p2p->cfg->stop_listen(p2p->cfg->cb_ctx); - if (p2p->find_type == P2P_FIND_PROGRESSIVE && - (freq = p2p_get_next_prog_freq(p2p)) > 0) { + if (p2p->find_pending_full && + (p2p->find_type == P2P_FIND_PROGRESSIVE || + p2p->find_type == P2P_FIND_START_WITH_FULL)) { + type = P2P_SCAN_FULL; + p2p_dbg(p2p, "Starting search (pending full scan)"); + p2p->find_pending_full = 0; + } else if ((p2p->find_type == P2P_FIND_PROGRESSIVE && + (freq = p2p_get_next_prog_freq(p2p)) > 0) || + (p2p->find_type == P2P_FIND_START_WITH_FULL && + (freq = p2p->find_specified_freq) > 0)) { type = P2P_SCAN_SOCIAL_PLUS_ONE; p2p_dbg(p2p, "Starting search (+ freq %u)", freq); } else { @@ -1165,12 +1181,11 @@ int p2p_find(struct p2p_data *p2p, unsigned int timeout, p2p_free_req_dev_types(p2p); if (req_dev_types && num_req_dev_types) { - p2p->req_dev_types = os_malloc(num_req_dev_types * + p2p->req_dev_types = os_memdup(req_dev_types, + num_req_dev_types * WPS_DEV_TYPE_LEN); if (p2p->req_dev_types == NULL) return -1; - os_memcpy(p2p->req_dev_types, req_dev_types, - num_req_dev_types * WPS_DEV_TYPE_LEN); p2p->num_req_dev_types = num_req_dev_types; } @@ -1227,7 +1242,12 @@ int p2p_find(struct p2p_data *p2p, unsigned int timeout, p2p->pending_listen_freq = 0; } p2p->cfg->stop_listen(p2p->cfg->cb_ctx); + p2p->find_pending_full = 0; p2p->find_type = type; + if (freq != 2412 && freq != 2437 && freq != 2462 && freq != 60480) + p2p->find_specified_freq = freq; + else + p2p->find_specified_freq = 0; p2p_device_clear_reported(p2p); os_memset(p2p->sd_query_no_ack, 0, ETH_ALEN); p2p_set_state(p2p, P2P_SEARCH); @@ -1243,7 +1263,7 @@ int p2p_find(struct p2p_data *p2p, unsigned int timeout, if (freq > 0) { /* * Start with the specified channel and then move to - * social channels only scans. + * scans for social channels and this specific channel. */ res = p2p->cfg->p2p_scan(p2p->cfg->cb_ctx, P2P_SCAN_SPECIFIC, freq, @@ -1272,6 +1292,9 @@ int p2p_find(struct p2p_data *p2p, unsigned int timeout, if (res != 0 && p2p->p2p_scan_running) { p2p_dbg(p2p, "Failed to start p2p_scan - another p2p_scan was already running"); /* wait for the previous p2p_scan to complete */ + if (type == P2P_FIND_PROGRESSIVE || + (type == P2P_FIND_START_WITH_FULL && freq == 0)) + p2p->find_pending_full = 1; res = 0; /* do not report failure */ } else if (res != 0) { p2p_dbg(p2p, "Failed to start p2p_scan"); @@ -1833,6 +1856,7 @@ void p2p_go_complete(struct p2p_data *p2p, struct p2p_device *peer) p2p_clear_timeout(p2p); p2p->ssid_set = 0; peer->go_neg_req_sent = 0; + peer->flags &= ~P2P_DEV_PEER_WAITING_RESPONSE; peer->wps_method = WPS_NOT_READY; peer->oob_pw_id = 0; wpabuf_free(peer->go_neg_conf); @@ -2822,6 +2846,7 @@ void p2p_service_flush_asp(struct p2p_data *p2p) } p2p->p2ps_adv_list = NULL; + p2ps_prov_free(p2p); p2p_dbg(p2p, "All ASP advertisements flushed"); } @@ -2983,6 +3008,7 @@ void p2p_deinit(struct p2p_data *p2p) wpabuf_free(p2p->wfd_dev_info); wpabuf_free(p2p->wfd_assoc_bssid); wpabuf_free(p2p->wfd_coupled_sink_info); + wpabuf_free(p2p->wfd_r2_dev_info); #endif /* CONFIG_WIFI_DISPLAY */ eloop_cancel_timeout(p2p_scan_timeout, p2p, NULL); @@ -3022,6 +3048,10 @@ void p2p_flush(struct p2p_data *p2p) os_free(p2p->after_scan_tx); p2p->after_scan_tx = NULL; p2p->ssid_set = 0; + p2ps_prov_free(p2p); + p2p_reset_pending_pd(p2p); + p2p->override_pref_op_class = 0; + p2p->override_pref_channel = 0; } @@ -3859,6 +3889,19 @@ int p2p_listen_end(struct p2p_data *p2p, unsigned int freq) if (p2p->in_listen) return 0; /* Internal timeout will trigger the next step */ + if (p2p->state == P2P_WAIT_PEER_CONNECT && p2p->go_neg_peer && + p2p->pending_listen_freq) { + /* + * Better wait a bit if the driver is unable to start + * offchannel operation for some reason to continue with + * P2P_WAIT_PEER_(IDLE/CONNECT) state transitions. + */ + p2p_dbg(p2p, + "Listen operation did not seem to start - delay idle phase to avoid busy loop"); + p2p_set_timeout(p2p, 0, 100000); + return 1; + } + if (p2p->state == P2P_CONNECT_LISTEN && p2p->go_neg_peer) { if (p2p->go_neg_peer->connect_reqs >= 120) { p2p_dbg(p2p, "Timeout on sending GO Negotiation Request without getting response"); @@ -4803,11 +4846,10 @@ int p2p_set_pref_chan(struct p2p_data *p2p, unsigned int num_pref_chan, struct p2p_channel *n; if (pref_chan) { - n = os_malloc(num_pref_chan * sizeof(struct p2p_channel)); + n = os_memdup(pref_chan, + num_pref_chan * sizeof(struct p2p_channel)); if (n == NULL) return -1; - os_memcpy(n, pref_chan, - num_pref_chan * sizeof(struct p2p_channel)); } else n = NULL; @@ -5129,6 +5171,20 @@ int p2p_set_wfd_dev_info(struct p2p_data *p2p, const struct wpabuf *elem) } +int p2p_set_wfd_r2_dev_info(struct p2p_data *p2p, const struct wpabuf *elem) +{ + wpabuf_free(p2p->wfd_r2_dev_info); + if (elem) { + p2p->wfd_r2_dev_info = wpabuf_dup(elem); + if (p2p->wfd_r2_dev_info == NULL) + return -1; + } else + p2p->wfd_r2_dev_info = NULL; + + return 0; +} + + int p2p_set_wfd_assoc_bssid(struct p2p_data *p2p, const struct wpabuf *elem) { wpabuf_free(p2p->wfd_assoc_bssid); @@ -5510,6 +5566,14 @@ void p2p_set_own_pref_freq_list(struct p2p_data *p2p, } +void p2p_set_override_pref_op_chan(struct p2p_data *p2p, u8 op_class, + u8 chan) +{ + p2p->override_pref_op_class = op_class; + p2p->override_pref_channel = chan; +} + + struct wpabuf * p2p_build_probe_resp_template(struct p2p_data *p2p, unsigned int freq) { diff --git a/contrib/wpa/src/p2p/p2p.h b/contrib/wpa/src/p2p/p2p.h index 7b18dcfc3ff3..fac5ce05ae6e 100644 --- a/contrib/wpa/src/p2p/p2p.h +++ b/contrib/wpa/src/p2p/p2p.h @@ -2266,6 +2266,7 @@ int p2p_set_wfd_ie_prov_disc_req(struct p2p_data *p2p, struct wpabuf *ie); int p2p_set_wfd_ie_prov_disc_resp(struct p2p_data *p2p, struct wpabuf *ie); int p2p_set_wfd_ie_go_neg(struct p2p_data *p2p, struct wpabuf *ie); int p2p_set_wfd_dev_info(struct p2p_data *p2p, const struct wpabuf *elem); +int p2p_set_wfd_r2_dev_info(struct p2p_data *p2p, const struct wpabuf *elem); int p2p_set_wfd_assoc_bssid(struct p2p_data *p2p, const struct wpabuf *elem); int p2p_set_wfd_coupled_sink_info(struct p2p_data *p2p, const struct wpabuf *elem); @@ -2373,6 +2374,8 @@ void p2p_expire_peers(struct p2p_data *p2p); void p2p_set_own_pref_freq_list(struct p2p_data *p2p, const unsigned int *pref_freq_list, unsigned int size); +void p2p_set_override_pref_op_chan(struct p2p_data *p2p, u8 op_class, + u8 chan); /** * p2p_group_get_common_freqs - Get the group common frequencies diff --git a/contrib/wpa/src/p2p/p2p_go_neg.c b/contrib/wpa/src/p2p/p2p_go_neg.c index 9f0b3f3d37a4..65ab4b8d3fd6 100644 --- a/contrib/wpa/src/p2p/p2p_go_neg.c +++ b/contrib/wpa/src/p2p/p2p_go_neg.c @@ -315,7 +315,12 @@ static struct wpabuf * p2p_build_go_neg_resp(struct p2p_data *p2p, group_capab); p2p_buf_add_go_intent(buf, (p2p->go_intent << 1) | tie_breaker); p2p_buf_add_config_timeout(buf, p2p->go_timeout, p2p->client_timeout); - if (peer && peer->go_state == REMOTE_GO && !p2p->num_pref_freq) { + if (p2p->override_pref_op_class) { + p2p_dbg(p2p, "Override operating channel preference"); + p2p_buf_add_operating_channel(buf, p2p->cfg->country, + p2p->override_pref_op_class, + p2p->override_pref_channel); + } else if (peer && peer->go_state == REMOTE_GO && !p2p->num_pref_freq) { p2p_dbg(p2p, "Omit Operating Channel attribute"); } else { p2p_buf_add_operating_channel(buf, p2p->cfg->country, @@ -562,26 +567,11 @@ static void p2p_check_pref_chan_no_recv(struct p2p_data *p2p, int go, * also supported by the peer device. */ for (i = 0; i < size && !found; i++) { - /* - * Make sure that the common frequency is: - * 1. Supported by peer - * 2. Allowed for P2P use. - */ + /* Make sure that the common frequency is supported by peer. */ oper_freq = freq_list[i]; if (p2p_freq_to_channel(oper_freq, &op_class, - &op_channel) < 0) { - p2p_dbg(p2p, "Unsupported frequency %u MHz", oper_freq); - continue; - } - if (!p2p_channels_includes(&p2p->cfg->channels, - op_class, op_channel) && - (go || !p2p_channels_includes(&p2p->cfg->cli_channels, - op_class, op_channel))) { - p2p_dbg(p2p, - "Freq %u MHz (oper_class %u channel %u) not allowed for P2P", - oper_freq, op_class, op_channel); - break; - } + &op_channel) < 0) + continue; /* cannot happen due to earlier check */ for (j = 0; j < msg->channel_list_len; j++) { if (op_channel != msg->channel_list[j]) @@ -602,8 +592,7 @@ static void p2p_check_pref_chan_no_recv(struct p2p_data *p2p, int go, oper_freq); } else { p2p_dbg(p2p, - "None of our preferred channels are supported by peer!. Use: %d MHz for oper_channel", - dev->oper_freq); + "None of our preferred channels are supported by peer!"); } } @@ -629,29 +618,9 @@ static void p2p_check_pref_chan_recv(struct p2p_data *p2p, int go, msg->pref_freq_list[2 * j + 1]); if (freq_list[i] != oper_freq) continue; - - /* - * Make sure that the found frequency is: - * 1. Supported - * 2. Allowed for P2P use. - */ if (p2p_freq_to_channel(oper_freq, &op_class, - &op_channel) < 0) { - p2p_dbg(p2p, "Unsupported frequency %u MHz", - oper_freq); - continue; - } - - if (!p2p_channels_includes(&p2p->cfg->channels, - op_class, op_channel) && - (go || - !p2p_channels_includes(&p2p->cfg->cli_channels, - op_class, op_channel))) { - p2p_dbg(p2p, - "Freq %u MHz (oper_class %u channel %u) not allowed for P2P", - oper_freq, op_class, op_channel); - break; - } + &op_channel) < 0) + continue; /* cannot happen */ p2p->op_reg_class = op_class; p2p->op_channel = op_channel; os_memcpy(&p2p->channels, &p2p->cfg->channels, @@ -666,9 +635,7 @@ static void p2p_check_pref_chan_recv(struct p2p_data *p2p, int go, "Freq %d MHz is a common preferred channel for both peer and local, use it as operating channel", oper_freq); } else { - p2p_dbg(p2p, - "No common preferred channels found! Use: %d MHz for oper_channel", - dev->oper_freq); + p2p_dbg(p2p, "No common preferred channels found!"); } } @@ -679,6 +646,8 @@ void p2p_check_pref_chan(struct p2p_data *p2p, int go, unsigned int freq_list[P2P_MAX_PREF_CHANNELS], size; unsigned int i; u8 op_class, op_channel; + char txt[100], *pos, *end; + int res; /* * Use the preferred channel list from the driver only if there is no @@ -694,6 +663,39 @@ void p2p_check_pref_chan(struct p2p_data *p2p, int go, if (p2p->cfg->get_pref_freq_list(p2p->cfg->cb_ctx, go, &size, freq_list)) return; + /* Filter out frequencies that are not acceptable for P2P use */ + i = 0; + while (i < size) { + if (p2p_freq_to_channel(freq_list[i], &op_class, + &op_channel) < 0 || + (!p2p_channels_includes(&p2p->cfg->channels, + op_class, op_channel) && + (go || !p2p_channels_includes(&p2p->cfg->cli_channels, + op_class, op_channel)))) { + p2p_dbg(p2p, + "Ignore local driver frequency preference %u MHz since it is not acceptable for P2P use (go=%d)", + freq_list[i], go); + if (size - i - 1 > 0) + os_memmove(&freq_list[i], &freq_list[i + 1], size - i - 1); + size--; + continue; + } + + /* Preferred frequency is acceptable for P2P use */ + i++; + } + + pos = txt; + end = pos + sizeof(txt); + for (i = 0; i < size; i++) { + res = os_snprintf(pos, end - pos, " %u", freq_list[i]); + if (os_snprintf_error(end - pos, res)) + break; + pos += res; + } + *pos = '\0'; + p2p_dbg(p2p, "Local driver frequency preference (size=%u):%s", + size, txt); /* * Check if peer's preference of operating channel is in @@ -703,20 +705,14 @@ void p2p_check_pref_chan(struct p2p_data *p2p, int go, if (freq_list[i] == (unsigned int) dev->oper_freq) break; } - if (i != size) { + if (i != size && + p2p_freq_to_channel(freq_list[i], &op_class, &op_channel) == 0) { /* Peer operating channel preference matches our preference */ - if (p2p_freq_to_channel(freq_list[i], &op_class, &op_channel) < - 0) { - p2p_dbg(p2p, - "Peer operating channel preference is unsupported frequency %u MHz", - freq_list[i]); - } else { - p2p->op_reg_class = op_class; - p2p->op_channel = op_channel; - os_memcpy(&p2p->channels, &p2p->cfg->channels, - sizeof(struct p2p_channels)); - return; - } + p2p->op_reg_class = op_class; + p2p->op_channel = op_channel; + os_memcpy(&p2p->channels, &p2p->cfg->channels, + sizeof(struct p2p_channels)); + return; } p2p_dbg(p2p, diff --git a/contrib/wpa/src/p2p/p2p_group.c b/contrib/wpa/src/p2p/p2p_group.c index 051b4e391505..16c28a0d95ee 100644 --- a/contrib/wpa/src/p2p/p2p_group.c +++ b/contrib/wpa/src/p2p/p2p_group.c @@ -367,6 +367,8 @@ wifi_display_build_go_ie(struct p2p_group *group) return NULL; if (group->p2p->wfd_dev_info) wpabuf_put_buf(wfd_subelems, group->p2p->wfd_dev_info); + if (group->p2p->wfd_r2_dev_info) + wpabuf_put_buf(wfd_subelems, group->p2p->wfd_r2_dev_info); if (group->p2p->wfd_assoc_bssid) wpabuf_put_buf(wfd_subelems, group->p2p->wfd_assoc_bssid); diff --git a/contrib/wpa/src/p2p/p2p_i.h b/contrib/wpa/src/p2p/p2p_i.h index 47524d4991a5..6a4d751c090a 100644 --- a/contrib/wpa/src/p2p/p2p_i.h +++ b/contrib/wpa/src/p2p/p2p_i.h @@ -437,9 +437,11 @@ struct p2p_data { int inv_persistent; enum p2p_discovery_type find_type; + int find_specified_freq; unsigned int last_p2p_find_timeout; u8 last_prog_scan_class; u8 last_prog_scan_chan; + unsigned int find_pending_full:1; int p2p_scan_running; enum p2p_after_scan { P2P_AFTER_SCAN_NOTHING, @@ -545,6 +547,7 @@ struct p2p_data { struct wpabuf *wfd_dev_info; struct wpabuf *wfd_assoc_bssid; struct wpabuf *wfd_coupled_sink_info; + struct wpabuf *wfd_r2_dev_info; #endif /* CONFIG_WIFI_DISPLAY */ u16 authorized_oob_dev_pw_id; @@ -553,6 +556,10 @@ struct p2p_data { unsigned int pref_freq_list[P2P_MAX_PREF_CHANNELS]; unsigned int num_pref_freq; + + /* Override option for preferred operating channel in GO Negotiation */ + u8 override_pref_op_class; + u8 override_pref_channel; }; /** diff --git a/contrib/wpa/src/p2p/p2p_pd.c b/contrib/wpa/src/p2p/p2p_pd.c index 93a0535f873a..3994ec03f86b 100644 --- a/contrib/wpa/src/p2p/p2p_pd.c +++ b/contrib/wpa/src/p2p/p2p_pd.c @@ -1163,6 +1163,9 @@ out: msg.group_id, msg.group_id_len); } + if (reject != P2P_SC_FAIL_INFO_CURRENTLY_UNAVAILABLE) + p2ps_prov_free(p2p); + if (reject == P2P_SC_SUCCESS) { switch (config_methods) { case WPS_CONFIG_DISPLAY: @@ -1581,7 +1584,7 @@ out: report_config_methods); if (p2p->state == P2P_PD_DURING_FIND) { - p2p_clear_timeout(p2p); + p2p_stop_listen_for_freq(p2p, 0); p2p_continue_find(p2p); } } diff --git a/contrib/wpa/src/p2p/p2p_sd.c b/contrib/wpa/src/p2p/p2p_sd.c index a8bc5ba7f344..b9e753f20516 100644 --- a/contrib/wpa/src/p2p/p2p_sd.c +++ b/contrib/wpa/src/p2p/p2p_sd.c @@ -426,6 +426,7 @@ void p2p_sd_response(struct p2p_data *p2p, int freq, const u8 *dst, { struct wpabuf *resp; size_t max_len; + unsigned int wait_time = 200; /* * In the 60 GHz, we have a smaller maximum frame length for management @@ -460,6 +461,7 @@ void p2p_sd_response(struct p2p_data *p2p, int freq, const u8 *dst, 1, p2p->srv_update_indic, NULL); } else { p2p_dbg(p2p, "SD response fits in initial response"); + wait_time = 0; /* no more SD frames in the sequence */ resp = p2p_build_sd_response(dialog_token, WLAN_STATUS_SUCCESS, 0, p2p->srv_update_indic, resp_tlvs); @@ -470,7 +472,7 @@ void p2p_sd_response(struct p2p_data *p2p, int freq, const u8 *dst, p2p->pending_action_state = P2P_NO_PENDING_ACTION; if (p2p_send_action(p2p, freq, dst, p2p->cfg->dev_addr, p2p->cfg->dev_addr, - wpabuf_head(resp), wpabuf_len(resp), 200) < 0) + wpabuf_head(resp), wpabuf_len(resp), wait_time) < 0) p2p_dbg(p2p, "Failed to send Action frame"); wpabuf_free(resp); @@ -623,6 +625,7 @@ void p2p_rx_gas_comeback_req(struct p2p_data *p2p, const u8 *sa, u8 dialog_token; size_t frag_len, max_len; int more = 0; + unsigned int wait_time = 200; wpa_hexdump(MSG_DEBUG, "P2P: RX GAS Comeback Request", data, len); if (len < 1) @@ -675,12 +678,13 @@ void p2p_rx_gas_comeback_req(struct p2p_data *p2p, const u8 *sa, p2p_dbg(p2p, "All fragments of SD response sent"); wpabuf_free(p2p->sd_resp); p2p->sd_resp = NULL; + wait_time = 0; /* no more SD frames in the sequence */ } p2p->pending_action_state = P2P_NO_PENDING_ACTION; if (p2p_send_action(p2p, rx_freq, sa, p2p->cfg->dev_addr, p2p->cfg->dev_addr, - wpabuf_head(resp), wpabuf_len(resp), 200) < 0) + wpabuf_head(resp), wpabuf_len(resp), wait_time) < 0) p2p_dbg(p2p, "Failed to send Action frame"); wpabuf_free(resp); diff --git a/contrib/wpa/src/pae/ieee802_1x_cp.c b/contrib/wpa/src/pae/ieee802_1x_cp.c index e294e6466285..360fcd3f5fcd 100644 --- a/contrib/wpa/src/pae/ieee802_1x_cp.c +++ b/contrib/wpa/src/pae/ieee802_1x_cp.c @@ -159,6 +159,7 @@ SM_STATE(CP, ALLOWED) secy_cp_control_enable_port(sm->kay, sm->controlled_port_enabled); secy_cp_control_protect_frames(sm->kay, sm->protect_frames); + secy_cp_control_encrypt(sm->kay, sm->kay->macsec_encrypt); secy_cp_control_validate_frames(sm->kay, sm->validate_frames); secy_cp_control_replay(sm->kay, sm->replay_protect, sm->replay_window); } @@ -177,6 +178,7 @@ SM_STATE(CP, AUTHENTICATED) secy_cp_control_enable_port(sm->kay, sm->controlled_port_enabled); secy_cp_control_protect_frames(sm->kay, sm->protect_frames); + secy_cp_control_encrypt(sm->kay, sm->kay->macsec_encrypt); secy_cp_control_validate_frames(sm->kay, sm->validate_frames); secy_cp_control_replay(sm->kay, sm->replay_protect, sm->replay_window); } @@ -203,6 +205,7 @@ SM_STATE(CP, SECURED) secy_cp_control_confidentiality_offset(sm->kay, sm->confidentiality_offset); secy_cp_control_protect_frames(sm->kay, sm->protect_frames); + secy_cp_control_encrypt(sm->kay, sm->kay->macsec_encrypt); secy_cp_control_validate_frames(sm->kay, sm->validate_frames); secy_cp_control_replay(sm->kay, sm->replay_protect, sm->replay_window); } @@ -466,6 +469,7 @@ struct ieee802_1x_cp_sm * ieee802_1x_cp_sm_init(struct ieee802_1x_kay *kay) wpa_printf(MSG_DEBUG, "CP: state machine created"); secy_cp_control_protect_frames(sm->kay, sm->protect_frames); + secy_cp_control_encrypt(sm->kay, sm->kay->macsec_encrypt); secy_cp_control_validate_frames(sm->kay, sm->validate_frames); secy_cp_control_replay(sm->kay, sm->replay_protect, sm->replay_window); secy_cp_control_enable_port(sm->kay, sm->controlled_port_enabled); diff --git a/contrib/wpa/src/pae/ieee802_1x_kay.c b/contrib/wpa/src/pae/ieee802_1x_kay.c index a8e7efc9b3bd..cda23fcab41a 100644 --- a/contrib/wpa/src/pae/ieee802_1x_kay.c +++ b/contrib/wpa/src/pae/ieee802_1x_kay.c @@ -45,6 +45,14 @@ static struct macsec_ciphersuite cipher_suite_tbl[] = { .sak_len = DEFAULT_SA_KEY_LEN, .index = 0, }, + /* GCM-AES-256 */ + { + .id = CS_ID_GCM_AES_256, + .name = CS_NAME_GCM_AES_256, + .capable = MACSEC_CAP_INTEG_AND_CONF_0_30_50, + .sak_len = 32, + .index = 1 /* index */ + }, }; #define CS_TABLE_SIZE (ARRAY_SIZE(cipher_suite_tbl)) #define DEFAULT_CS_INDEX 0 @@ -245,13 +253,15 @@ ieee802_1x_mka_dump_sak_use_body(struct ieee802_1x_mka_sak_use_body *body) * ieee802_1x_kay_get_participant - */ static struct ieee802_1x_mka_participant * -ieee802_1x_kay_get_participant(struct ieee802_1x_kay *kay, const u8 *ckn) +ieee802_1x_kay_get_participant(struct ieee802_1x_kay *kay, const u8 *ckn, + size_t len) { struct ieee802_1x_mka_participant *participant; dl_list_for_each(participant, &kay->participant_list, struct ieee802_1x_mka_participant, list) { - if (os_memcmp(participant->ckn.name, ckn, + if (participant->ckn.len == len && + os_memcmp(participant->ckn.name, ckn, participant->ckn.len) == 0) return participant; } @@ -379,6 +389,17 @@ ieee802_1x_kay_get_cipher_suite(struct ieee802_1x_mka_participant *participant, } +u64 mka_sci_u64(struct ieee802_1x_mka_sci *sci) +{ + struct ieee802_1x_mka_sci tmp; + + os_memcpy(tmp.addr, sci->addr, ETH_ALEN); + tmp.port = sci->port; + + return *((u64 *) &tmp); +} + + static Boolean sci_equal(const struct ieee802_1x_mka_sci *a, const struct ieee802_1x_mka_sci *b) { @@ -411,6 +432,8 @@ ieee802_1x_kay_get_peer_sci(struct ieee802_1x_mka_participant *participant, } +static void ieee802_1x_kay_use_data_key(struct data_key *pkey); + /** * ieee802_1x_kay_init_receive_sa - */ @@ -429,6 +452,7 @@ ieee802_1x_kay_init_receive_sa(struct receive_sc *psc, u8 an, u32 lowest_pn, return NULL; } + ieee802_1x_kay_use_data_key(key); psa->pkey = key; psa->lowest_pn = lowest_pn; psa->next_pn = lowest_pn; @@ -440,18 +464,21 @@ ieee802_1x_kay_init_receive_sa(struct receive_sc *psc, u8 an, u32 lowest_pn, dl_list_add(&psc->sa_list, &psa->list); wpa_printf(MSG_DEBUG, - "KaY: Create receive SA(AN: %hhu lowest_pn: %u of SC(channel: %d)", - an, lowest_pn, psc->channel); + "KaY: Create receive SA(AN: %hhu lowest_pn: %u of SC", + an, lowest_pn); return psa; } +static void ieee802_1x_kay_deinit_data_key(struct data_key *pkey); + /** * ieee802_1x_kay_deinit_receive_sa - */ static void ieee802_1x_kay_deinit_receive_sa(struct receive_sa *psa) { + ieee802_1x_kay_deinit_data_key(psa->pkey); psa->pkey = NULL; wpa_printf(MSG_DEBUG, "KaY: Delete receive SA(an: %hhu) of SC", @@ -465,8 +492,7 @@ static void ieee802_1x_kay_deinit_receive_sa(struct receive_sa *psa) * ieee802_1x_kay_init_receive_sc - */ static struct receive_sc * -ieee802_1x_kay_init_receive_sc(const struct ieee802_1x_mka_sci *psci, - int channel) +ieee802_1x_kay_init_receive_sc(const struct ieee802_1x_mka_sci *psci) { struct receive_sc *psc; @@ -480,19 +506,27 @@ ieee802_1x_kay_init_receive_sc(const struct ieee802_1x_mka_sci *psci, } os_memcpy(&psc->sci, psci, sizeof(psc->sci)); - psc->channel = channel; os_get_time(&psc->created_time); psc->receiving = FALSE; dl_list_init(&psc->sa_list); - wpa_printf(MSG_DEBUG, "KaY: Create receive SC(channel: %d)", channel); + wpa_printf(MSG_DEBUG, "KaY: Create receive SC"); wpa_hexdump(MSG_DEBUG, "SCI: ", (u8 *)psci, sizeof(*psci)); return psc; } +static void ieee802_1x_delete_receive_sa(struct ieee802_1x_kay *kay, + struct receive_sa *sa) +{ + secy_disable_receive_sa(kay, sa); + secy_delete_receive_sa(kay, sa); + ieee802_1x_kay_deinit_receive_sa(sa); +} + + /** * ieee802_1x_kay_deinit_receive_sc - **/ @@ -502,14 +536,13 @@ ieee802_1x_kay_deinit_receive_sc( { struct receive_sa *psa, *pre_sa; - wpa_printf(MSG_DEBUG, "KaY: Delete receive SC(channel: %d)", - psc->channel); + wpa_printf(MSG_DEBUG, "KaY: Delete receive SC"); dl_list_for_each_safe(psa, pre_sa, &psc->sa_list, struct receive_sa, - list) { - secy_disable_receive_sa(participant->kay, psa); - ieee802_1x_kay_deinit_receive_sa(psa); - } + list) + ieee802_1x_delete_receive_sa(participant->kay, psa); + dl_list_del(&psc->list); + secy_delete_receive_sc(participant->kay, psc); os_free(psc); } @@ -552,7 +585,6 @@ ieee802_1x_kay_create_live_peer(struct ieee802_1x_mka_participant *participant, { struct ieee802_1x_kay_peer *peer; struct receive_sc *rxsc; - u32 sc_ch = 0; peer = ieee802_1x_kay_create_peer(mi, mn); if (!peer) @@ -561,9 +593,7 @@ ieee802_1x_kay_create_live_peer(struct ieee802_1x_mka_participant *participant, os_memcpy(&peer->sci, &participant->current_peer_sci, sizeof(peer->sci)); - secy_get_available_receive_sc(participant->kay, &sc_ch); - - rxsc = ieee802_1x_kay_init_receive_sc(&peer->sci, sc_ch); + rxsc = ieee802_1x_kay_init_receive_sc(&peer->sci); if (!rxsc) { os_free(peer); return NULL; @@ -611,12 +641,12 @@ ieee802_1x_kay_move_live_peer(struct ieee802_1x_mka_participant *participant, { struct ieee802_1x_kay_peer *peer; struct receive_sc *rxsc; - u32 sc_ch = 0; peer = ieee802_1x_kay_get_potential_peer(participant, mi); + if (!peer) + return NULL; - rxsc = ieee802_1x_kay_init_receive_sc(&participant->current_peer_sci, - sc_ch); + rxsc = ieee802_1x_kay_init_receive_sc(&participant->current_peer_sci); if (!rxsc) return NULL; @@ -631,8 +661,6 @@ ieee802_1x_kay_move_live_peer(struct ieee802_1x_mka_participant *participant, dl_list_del(&peer->list); dl_list_add_tail(&participant->live_peers, &peer->list); - secy_get_available_receive_sc(participant->kay, &sc_ch); - dl_list_add(&participant->rxsc_list, &rxsc->list); secy_create_receive_sc(participant->kay, rxsc); @@ -730,6 +758,8 @@ ieee802_1x_mka_decode_basic_body(struct ieee802_1x_kay *kay, const u8 *mka_msg, struct ieee802_1x_mka_participant *participant; const struct ieee802_1x_mka_basic_body *body; struct ieee802_1x_kay_peer *peer; + size_t ckn_len; + size_t body_len; body = (const struct ieee802_1x_mka_basic_body *) mka_msg; @@ -743,7 +773,15 @@ ieee802_1x_mka_decode_basic_body(struct ieee802_1x_kay *kay, const u8 *mka_msg, return NULL; } - participant = ieee802_1x_kay_get_participant(kay, body->ckn); + body_len = get_mka_param_body_len(body); + if (body_len < sizeof(struct ieee802_1x_mka_basic_body) - MKA_HDR_LEN) { + wpa_printf(MSG_DEBUG, "KaY: Too small body length %zu", + body_len); + return NULL; + } + ckn_len = body_len - + (sizeof(struct ieee802_1x_mka_basic_body) - MKA_HDR_LEN); + participant = ieee802_1x_kay_get_participant(kay, body->ckn, ckn_len); if (!participant) { wpa_printf(MSG_DEBUG, "Peer is not included in my CA"); return NULL; @@ -946,21 +984,19 @@ ieee802_1x_mka_i_in_peerlist(struct ieee802_1x_mka_participant *participant, body_len = get_mka_param_body_len(hdr); body_type = get_mka_param_body_type(hdr); - if (body_type != MKA_LIVE_PEER_LIST && - body_type != MKA_POTENTIAL_PEER_LIST) - continue; - - ieee802_1x_mka_dump_peer_body( - (struct ieee802_1x_mka_peer_body *)pos); - - if (left_len < (MKA_HDR_LEN + body_len + DEFAULT_ICV_LEN)) { + if (left_len < (MKA_HDR_LEN + MKA_ALIGN_LENGTH(body_len) + DEFAULT_ICV_LEN)) { wpa_printf(MSG_ERROR, "KaY: MKA Peer Packet Body Length (%zu bytes) is less than the Parameter Set Header Length (%zu bytes) + the Parameter Set Body Length (%zu bytes) + %d bytes of ICV", left_len, MKA_HDR_LEN, - body_len, DEFAULT_ICV_LEN); - continue; + MKA_ALIGN_LENGTH(body_len), + DEFAULT_ICV_LEN); + return FALSE; } + if (body_type != MKA_LIVE_PEER_LIST && + body_type != MKA_POTENTIAL_PEER_LIST) + continue; + if ((body_len % 16) != 0) { wpa_printf(MSG_ERROR, "KaY: MKA Peer Packet Body Length (%zu bytes) should be a multiple of 16 octets", @@ -968,6 +1004,9 @@ ieee802_1x_mka_i_in_peerlist(struct ieee802_1x_mka_participant *participant, continue; } + ieee802_1x_mka_dump_peer_body( + (struct ieee802_1x_mka_peer_body *)pos); + for (i = 0; i < body_len; i += sizeof(struct ieee802_1x_mka_peer_id)) { const struct ieee802_1x_mka_peer_id *peer_mi; @@ -1312,8 +1351,8 @@ ieee802_1x_mka_decode_sak_use_body( } } - /* check old key is valid */ - if (body->otx || body->orx) { + /* check old key is valid (but only if we remember our old key) */ + if (participant->oki.kn != 0 && (body->otx || body->orx)) { if (os_memcmp(participant->oki.mi, body->osrv_mi, sizeof(participant->oki.mi)) != 0 || be_to_host32(body->okn) != participant->oki.kn || @@ -1544,7 +1583,7 @@ ieee802_1x_mka_decode_dist_sak_body( ieee802_1x_cp_connect_authenticated(kay->cp); ieee802_1x_cp_sm_step(kay->cp); wpa_printf(MSG_WARNING, "KaY:The Key server advise no MACsec"); - participant->to_use_sak = TRUE; + participant->to_use_sak = FALSE; return 0; } @@ -1595,7 +1634,8 @@ ieee802_1x_mka_decode_dist_sak_body( os_free(unwrap_sak); return -1; } - wpa_hexdump(MSG_DEBUG, "\tAES Key Unwrap of SAK:", unwrap_sak, sak_len); + wpa_hexdump_key(MSG_DEBUG, "\tAES Key Unwrap of SAK:", + unwrap_sak, sak_len); sa_key = os_zalloc(sizeof(*sa_key)); if (!sa_key) { @@ -1614,6 +1654,7 @@ ieee802_1x_mka_decode_dist_sak_body( sa_key->an = body->dan; ieee802_1x_kay_init_data_key(sa_key); + ieee802_1x_kay_use_data_key(sa_key); dl_list_add(&participant->sak_list, &sa_key->list); ieee802_1x_cp_set_ciphersuite(kay->cp, cs->id); @@ -1625,6 +1666,7 @@ ieee802_1x_mka_decode_dist_sak_body( ieee802_1x_cp_signal_newsak(kay->cp); ieee802_1x_cp_sm_step(kay->cp); + kay->rcvd_keys++; participant->to_use_sak = TRUE; return 0; @@ -1875,7 +1917,17 @@ static struct mka_param_body_handler mka_body_handler[] = { /** - * ieee802_1x_kay_deinit_data_key - + * ieee802_1x_kay_use_data_key - Take reference on a key + */ +static void ieee802_1x_kay_use_data_key(struct data_key *pkey) +{ + pkey->user++; +} + + +/** + * ieee802_1x_kay_deinit_data_key - Release reference on a key and + * free if there are no remaining users */ static void ieee802_1x_kay_deinit_data_key(struct data_key *pkey) { @@ -1886,7 +1938,6 @@ static void ieee802_1x_kay_deinit_data_key(struct data_key *pkey) if (pkey->user > 1) return; - dl_list_del(&pkey->list); os_free(pkey->key); os_free(pkey); } @@ -1975,7 +2026,7 @@ ieee802_1x_kay_generate_new_sak(struct ieee802_1x_mka_participant *participant) wpa_printf(MSG_ERROR, "KaY: SAK Length not support"); goto fail; } - wpa_hexdump(MSG_DEBUG, "KaY: generated new SAK", key, key_len); + wpa_hexdump_key(MSG_DEBUG, "KaY: generated new SAK", key, key_len); os_free(context); context = NULL; @@ -1996,7 +2047,9 @@ ieee802_1x_kay_generate_new_sak(struct ieee802_1x_mka_participant *participant) participant->new_key = sa_key; + ieee802_1x_kay_use_data_key(sa_key); dl_list_add(&participant->sak_list, &sa_key->list); + ieee802_1x_cp_set_ciphersuite(kay->cp, cs->id); ieee802_1x_cp_sm_step(kay->cp); ieee802_1x_cp_set_offset(kay->cp, kay->macsec_confidentiality); @@ -2049,6 +2102,7 @@ ieee802_1x_kay_elect_key_server(struct ieee802_1x_mka_participant *participant) struct ieee802_1x_kay_peer *key_server = NULL; struct ieee802_1x_kay *kay = participant->kay; Boolean i_is_key_server; + int priority_comparison; if (participant->is_obliged_key_server) { participant->new_sak = TRUE; @@ -2079,8 +2133,14 @@ ieee802_1x_kay_elect_key_server(struct ieee802_1x_mka_participant *participant) tmp.key_server_priority = kay->actor_priority; os_memcpy(&tmp.sci, &kay->actor_sci, sizeof(tmp.sci)); - if (compare_priorities(&tmp, key_server) < 0) + priority_comparison = compare_priorities(&tmp, key_server); + if (priority_comparison < 0) { i_is_key_server = TRUE; + } else if (priority_comparison == 0) { + wpa_printf(MSG_WARNING, + "KaY: Cannot elect key server between me and peer, duplicate MAC detected"); + key_server = NULL; + } } else if (participant->can_be_key_server) { i_is_key_server = TRUE; } @@ -2280,6 +2340,16 @@ ieee802_1x_participant_send_mkpdu( static void ieee802_1x_kay_deinit_transmit_sa(struct transmit_sa *psa); + +static void ieee802_1x_delete_transmit_sa(struct ieee802_1x_kay *kay, + struct transmit_sa *sa) +{ + secy_disable_transmit_sa(kay, sa); + secy_delete_transmit_sa(kay, sa); + ieee802_1x_kay_deinit_transmit_sa(sa); +} + + /** * ieee802_1x_participant_timer - */ @@ -2323,7 +2393,6 @@ static void ieee802_1x_participant_timer(void *eloop_ctx, void *timeout_ctx) &participant->rxsc_list, struct receive_sc, list) { if (sci_equal(&rxsc->sci, &peer->sci)) { - secy_delete_receive_sc(kay, rxsc); ieee802_1x_kay_deinit_receive_sc( participant, rxsc); } @@ -2340,7 +2409,13 @@ static void ieee802_1x_participant_timer(void *eloop_ctx, void *timeout_ctx) participant->advised_capability = MACSEC_CAP_NOT_IMPLEMENTED; participant->to_use_sak = FALSE; - kay->authenticated = TRUE; + participant->ltx = FALSE; + participant->lrx = FALSE; + participant->otx = FALSE; + participant->orx = FALSE; + participant->is_key_server = FALSE; + participant->is_elected = FALSE; + kay->authenticated = FALSE; kay->secured = FALSE; kay->failed = FALSE; kay->ltx_kn = 0; @@ -2354,11 +2429,10 @@ static void ieee802_1x_participant_timer(void *eloop_ctx, void *timeout_ctx) dl_list_for_each_safe(txsa, pre_txsa, &participant->txsc->sa_list, struct transmit_sa, list) { - secy_disable_transmit_sa(kay, txsa); - ieee802_1x_kay_deinit_transmit_sa(txsa); + ieee802_1x_delete_transmit_sa(kay, txsa); } - ieee802_1x_cp_connect_authenticated(kay->cp); + ieee802_1x_cp_connect_pending(kay->cp); ieee802_1x_cp_sm_step(kay->cp); } else { ieee802_1x_kay_elect_key_server(participant); @@ -2385,7 +2459,8 @@ static void ieee802_1x_participant_timer(void *eloop_ctx, void *timeout_ctx) participant->new_sak = FALSE; } - if (participant->retry_count < MAX_RETRY_CNT) { + if (participant->retry_count < MAX_RETRY_CNT || + participant->mode == PSK) { ieee802_1x_participant_send_mkpdu(participant); participant->retry_count++; } @@ -2429,6 +2504,7 @@ ieee802_1x_kay_init_transmit_sa(struct transmit_sc *psc, u8 an, u32 next_PN, psa->confidentiality = FALSE; psa->an = an; + ieee802_1x_kay_use_data_key(key); psa->pkey = key; psa->next_pn = next_PN; psa->sc = psc; @@ -2438,8 +2514,8 @@ ieee802_1x_kay_init_transmit_sa(struct transmit_sc *psc, u8 an, u32 next_PN, dl_list_add(&psc->sa_list, &psa->list); wpa_printf(MSG_DEBUG, - "KaY: Create transmit SA(an: %hhu, next_PN: %u) of SC(channel: %d)", - an, next_PN, psc->channel); + "KaY: Create transmit SA(an: %hhu, next_PN: %u) of SC", + an, next_PN); return psa; } @@ -2450,6 +2526,7 @@ ieee802_1x_kay_init_transmit_sa(struct transmit_sc *psc, u8 an, u32 next_PN, */ static void ieee802_1x_kay_deinit_transmit_sa(struct transmit_sa *psa) { + ieee802_1x_kay_deinit_data_key(psa->pkey); psa->pkey = NULL; wpa_printf(MSG_DEBUG, "KaY: Delete transmit SA(an: %hhu) of SC", @@ -2463,8 +2540,7 @@ static void ieee802_1x_kay_deinit_transmit_sa(struct transmit_sa *psa) * init_transmit_sc - */ static struct transmit_sc * -ieee802_1x_kay_init_transmit_sc(const struct ieee802_1x_mka_sci *sci, - int channel) +ieee802_1x_kay_init_transmit_sc(const struct ieee802_1x_mka_sci *sci) { struct transmit_sc *psc; @@ -2474,7 +2550,6 @@ ieee802_1x_kay_init_transmit_sc(const struct ieee802_1x_mka_sci *sci, return NULL; } os_memcpy(&psc->sci, sci, sizeof(psc->sci)); - psc->channel = channel; os_get_time(&psc->created_time); psc->transmitting = FALSE; @@ -2482,7 +2557,7 @@ ieee802_1x_kay_init_transmit_sc(const struct ieee802_1x_mka_sci *sci, psc->enciphering_sa = FALSE; dl_list_init(&psc->sa_list); - wpa_printf(MSG_DEBUG, "KaY: Create transmit SC(channel: %d)", channel); + wpa_printf(MSG_DEBUG, "KaY: Create transmit SC"); wpa_hexdump(MSG_DEBUG, "SCI: ", (u8 *)sci , sizeof(*sci)); return psc; @@ -2498,14 +2573,11 @@ ieee802_1x_kay_deinit_transmit_sc( { struct transmit_sa *psa, *tmp; - wpa_printf(MSG_DEBUG, "KaY: Delete transmit SC(channel: %d)", - psc->channel); - dl_list_for_each_safe(psa, tmp, &psc->sa_list, struct transmit_sa, - list) { - secy_disable_transmit_sa(participant->kay, psa); - ieee802_1x_kay_deinit_transmit_sa(psa); - } + wpa_printf(MSG_DEBUG, "KaY: Delete transmit SC"); + dl_list_for_each_safe(psa, tmp, &psc->sa_list, struct transmit_sa, list) + ieee802_1x_delete_transmit_sa(participant->kay, psa); + secy_delete_transmit_sc(participant->kay, psc); os_free(psc); } @@ -2582,6 +2654,32 @@ int ieee802_1x_kay_set_old_sa_attr(struct ieee802_1x_kay *kay, } +static struct transmit_sa * lookup_txsa_by_an(struct transmit_sc *txsc, u8 an) +{ + struct transmit_sa *txsa; + + dl_list_for_each(txsa, &txsc->sa_list, struct transmit_sa, list) { + if (txsa->an == an) + return txsa; + } + + return NULL; +} + + +static struct receive_sa * lookup_rxsa_by_an(struct receive_sc *rxsc, u8 an) +{ + struct receive_sa *rxsa; + + dl_list_for_each(rxsa, &rxsc->sa_list, struct receive_sa, list) { + if (rxsa->an == an) + return rxsa; + } + + return NULL; +} + + /** * ieee802_1x_kay_create_sas - */ @@ -2616,6 +2714,9 @@ int ieee802_1x_kay_create_sas(struct ieee802_1x_kay *kay, } dl_list_for_each(rxsc, &principal->rxsc_list, struct receive_sc, list) { + while ((rxsa = lookup_rxsa_by_an(rxsc, latest_sak->an)) != NULL) + ieee802_1x_delete_receive_sa(kay, rxsa); + rxsa = ieee802_1x_kay_init_receive_sa(rxsc, latest_sak->an, 1, latest_sak); if (!rxsa) @@ -2624,6 +2725,10 @@ int ieee802_1x_kay_create_sas(struct ieee802_1x_kay *kay, secy_create_receive_sa(kay, rxsa); } + while ((txsa = lookup_txsa_by_an(principal->txsc, latest_sak->an)) != + NULL) + ieee802_1x_delete_transmit_sa(kay, txsa); + txsa = ieee802_1x_kay_init_transmit_sa(principal->txsc, latest_sak->an, 1, latest_sak); if (!txsa) @@ -2657,20 +2762,16 @@ int ieee802_1x_kay_delete_sas(struct ieee802_1x_kay *kay, /* remove the transmit sa */ dl_list_for_each_safe(txsa, pre_txsa, &principal->txsc->sa_list, struct transmit_sa, list) { - if (is_ki_equal(&txsa->pkey->key_identifier, ki)) { - secy_disable_transmit_sa(kay, txsa); - ieee802_1x_kay_deinit_transmit_sa(txsa); - } + if (is_ki_equal(&txsa->pkey->key_identifier, ki)) + ieee802_1x_delete_transmit_sa(kay, txsa); } /* remove the receive sa */ dl_list_for_each(rxsc, &principal->rxsc_list, struct receive_sc, list) { dl_list_for_each_safe(rxsa, pre_rxsa, &rxsc->sa_list, struct receive_sa, list) { - if (is_ki_equal(&rxsa->pkey->key_identifier, ki)) { - secy_disable_receive_sa(kay, rxsa); - ieee802_1x_kay_deinit_receive_sa(rxsa); - } + if (is_ki_equal(&rxsa->pkey->key_identifier, ki)) + ieee802_1x_delete_receive_sa(kay, rxsa); } } @@ -2678,6 +2779,7 @@ int ieee802_1x_kay_delete_sas(struct ieee802_1x_kay *kay, dl_list_for_each_safe(sa_key, pre_key, &principal->sak_list, struct data_key, list) { if (is_ki_equal(&sa_key->key_identifier, ki)) { + dl_list_del(&sa_key->list); ieee802_1x_kay_deinit_data_key(sa_key); break; } @@ -2759,7 +2861,7 @@ int ieee802_1x_kay_enable_new_info(struct ieee802_1x_kay *kay) if (!principal) return -1; - if (principal->retry_count < MAX_RETRY_CNT) { + if (principal->retry_count < MAX_RETRY_CNT || principal->mode == PSK) { ieee802_1x_participant_send_mkpdu(principal); principal->retry_count++; } @@ -2782,6 +2884,7 @@ static int ieee802_1x_kay_mkpdu_sanity_check(struct ieee802_1x_kay *kay, size_t mka_msg_len; struct ieee802_1x_mka_participant *participant; size_t body_len; + size_t ckn_len; u8 icv[MAX_ICV_LEN]; u8 *msg_icv; @@ -2821,8 +2924,22 @@ static int ieee802_1x_kay_mkpdu_sanity_check(struct ieee802_1x_kay *kay, return -1; } + if (body_len < sizeof(struct ieee802_1x_mka_basic_body) - MKA_HDR_LEN) { + wpa_printf(MSG_DEBUG, "KaY: Too small body length %zu", + body_len); + return -1; + } + ckn_len = body_len - + (sizeof(struct ieee802_1x_mka_basic_body) - MKA_HDR_LEN); + if (ckn_len < 1 || ckn_len > MAX_CKN_LEN) { + wpa_printf(MSG_ERROR, + "KaY: Received EAPOL-MKA CKN Length (%zu bytes) is out of range (<= %u bytes)", + ckn_len, MAX_CKN_LEN); + return -1; + } + /* CKN should be owned by I */ - participant = ieee802_1x_kay_get_participant(kay, body->ckn); + participant = ieee802_1x_kay_get_participant(kay, body->ckn, ckn_len); if (!participant) { wpa_printf(MSG_DEBUG, "CKN is not included in my CA"); return -1; @@ -2945,7 +3062,7 @@ static int ieee802_1x_kay_decode_mkpdu(struct ieee802_1x_kay *kay, "KaY: MKA Peer Packet Body Length (%zu bytes) is less than the Parameter Set Header Length (%zu bytes) + the Parameter Set Body Length (%zu bytes) + %d bytes of ICV", left_len, MKA_HDR_LEN, body_len, DEFAULT_ICV_LEN); - continue; + return -1; } if (handled[body_type]) @@ -3020,13 +3137,14 @@ static void kay_l2_receive(void *ctx, const u8 *src_addr, const u8 *buf, */ struct ieee802_1x_kay * ieee802_1x_kay_init(struct ieee802_1x_kay_ctx *ctx, enum macsec_policy policy, - const char *ifname, const u8 *addr) + u16 port, u8 priority, const char *ifname, const u8 *addr) { struct ieee802_1x_kay *kay; kay = os_zalloc(sizeof(*kay)); if (!kay) { wpa_printf(MSG_ERROR, "KaY-%s: out of memory", __func__); + os_free(ctx); return NULL; } @@ -3042,8 +3160,8 @@ ieee802_1x_kay_init(struct ieee802_1x_kay_ctx *ctx, enum macsec_policy policy, os_strlcpy(kay->if_name, ifname, IFNAMSIZ); os_memcpy(kay->actor_sci.addr, addr, ETH_ALEN); - kay->actor_sci.port = host_to_be16(0x0001); - kay->actor_priority = DEFAULT_PRIO_NOT_KEY_SERVER; + kay->actor_sci.port = host_to_be16(port ? port : 0x0001); + kay->actor_priority = priority; /* While actor acts as a key server, shall distribute sakey */ kay->dist_kn = 1; @@ -3060,7 +3178,12 @@ ieee802_1x_kay_init(struct ieee802_1x_kay_ctx *ctx, enum macsec_policy policy, dl_list_init(&kay->participant_list); - if (policy == DO_NOT_SECURE) { + if (policy != DO_NOT_SECURE && + secy_get_capability(kay, &kay->macsec_capable) < 0) + goto error; + + if (policy == DO_NOT_SECURE || + kay->macsec_capable == MACSEC_CAP_NOT_IMPLEMENTED) { kay->macsec_capable = MACSEC_CAP_NOT_IMPLEMENTED; kay->macsec_desired = FALSE; kay->macsec_protect = FALSE; @@ -3069,29 +3192,32 @@ ieee802_1x_kay_init(struct ieee802_1x_kay_ctx *ctx, enum macsec_policy policy, kay->macsec_replay_window = 0; kay->macsec_confidentiality = CONFIDENTIALITY_NONE; } else { - kay->macsec_capable = MACSEC_CAP_INTEG_AND_CONF_0_30_50; kay->macsec_desired = TRUE; kay->macsec_protect = TRUE; + kay->macsec_encrypt = policy == SHOULD_ENCRYPT; kay->macsec_validate = Strict; kay->macsec_replay_protect = FALSE; kay->macsec_replay_window = 0; - kay->macsec_confidentiality = CONFIDENTIALITY_OFFSET_0; + if (kay->macsec_capable >= MACSEC_CAP_INTEG_AND_CONF) + kay->macsec_confidentiality = CONFIDENTIALITY_OFFSET_0; + else + kay->macsec_confidentiality = CONFIDENTIALITY_NONE; } wpa_printf(MSG_DEBUG, "KaY: state machine created"); /* Initialize the SecY must be prio to CP, as CP will control SecY */ - secy_init_macsec(kay); - secy_get_available_transmit_sc(kay, &kay->sc_ch); + if (secy_init_macsec(kay) < 0) { + wpa_printf(MSG_DEBUG, "KaY: Could not initialize MACsec"); + goto error; + } wpa_printf(MSG_DEBUG, "KaY: secy init macsec done"); /* init CP */ kay->cp = ieee802_1x_cp_sm_init(kay); - if (kay->cp == NULL) { - ieee802_1x_kay_deinit(kay); - return NULL; - } + if (kay->cp == NULL) + goto error; if (policy == DO_NOT_SECURE) { ieee802_1x_cp_connect_authenticated(kay->cp); @@ -3102,12 +3228,15 @@ ieee802_1x_kay_init(struct ieee802_1x_kay_ctx *ctx, enum macsec_policy policy, if (kay->l2_mka == NULL) { wpa_printf(MSG_WARNING, "KaY: Failed to initialize L2 packet processing for MKA packet"); - ieee802_1x_kay_deinit(kay); - return NULL; + goto error; } } return kay; + +error: + ieee802_1x_kay_deinit(kay); + return NULL; } @@ -3148,8 +3277,9 @@ ieee802_1x_kay_deinit(struct ieee802_1x_kay *kay) * ieee802_1x_kay_create_mka - */ struct ieee802_1x_mka_participant * -ieee802_1x_kay_create_mka(struct ieee802_1x_kay *kay, struct mka_key_name *ckn, - struct mka_key *cak, u32 life, +ieee802_1x_kay_create_mka(struct ieee802_1x_kay *kay, + const struct mka_key_name *ckn, + const struct mka_key *cak, u32 life, enum mka_created_mode mode, Boolean is_authenticator) { struct ieee802_1x_mka_participant *participant; @@ -3243,8 +3373,7 @@ ieee802_1x_kay_create_mka(struct ieee802_1x_kay *kay, struct mka_key_name *ckn, dl_list_init(&participant->sak_list); participant->new_key = NULL; dl_list_init(&participant->rxsc_list); - participant->txsc = ieee802_1x_kay_init_transmit_sc(&kay->actor_sci, - kay->sc_ch); + participant->txsc = ieee802_1x_kay_init_transmit_sc(&kay->actor_sci); secy_cp_control_protect_frames(kay, kay->macsec_protect); secy_cp_control_replay(kay, kay->macsec_replay_protect, kay->macsec_replay_window); @@ -3281,8 +3410,17 @@ ieee802_1x_kay_create_mka(struct ieee802_1x_kay *kay, struct mka_key_name *ckn, usecs = os_random() % (MKA_HELLO_TIME * 1000); eloop_register_timeout(0, usecs, ieee802_1x_participant_timer, participant, NULL); - participant->mka_life = MKA_LIFE_TIME / 1000 + time(NULL) + - usecs / 1000000; + + /* Disable MKA lifetime for PSK mode. + * The peer(s) can take a long time to come up, because we + * create a "standby" MKA, and we need it to remain live until + * some peer appears. + */ + if (mode != PSK) { + participant->mka_life = MKA_LIFE_TIME / 1000 + time(NULL) + + usecs / 1000000; + } + participant->mode = mode; return participant; @@ -3309,7 +3447,7 @@ ieee802_1x_kay_delete_mka(struct ieee802_1x_kay *kay, struct mka_key_name *ckn) wpa_printf(MSG_DEBUG, "KaY: participant removed"); /* get the participant */ - participant = ieee802_1x_kay_get_participant(kay, ckn->name); + participant = ieee802_1x_kay_get_participant(kay, ckn->name, ckn->len); if (!participant) { wpa_hexdump(MSG_DEBUG, "KaY: participant is not found", ckn->name, ckn->len); @@ -3340,16 +3478,13 @@ ieee802_1x_kay_delete_mka(struct ieee802_1x_kay *kay, struct mka_key_name *ckn) sak = dl_list_entry(participant->sak_list.next, struct data_key, list); dl_list_del(&sak->list); - os_free(sak->key); - os_free(sak); + ieee802_1x_kay_deinit_data_key(sak); } while (!dl_list_empty(&participant->rxsc_list)) { rxsc = dl_list_entry(participant->rxsc_list.next, struct receive_sc, list); - secy_delete_receive_sc(kay, rxsc); ieee802_1x_kay_deinit_receive_sc(participant, rxsc); } - secy_delete_transmit_sc(kay, participant->txsc); ieee802_1x_kay_deinit_transmit_sc(participant, participant->txsc); os_memset(&participant->cak, 0, sizeof(participant->cak)); @@ -3371,7 +3506,7 @@ void ieee802_1x_kay_mka_participate(struct ieee802_1x_kay *kay, if (!kay || !ckn) return; - participant = ieee802_1x_kay_get_participant(kay, ckn->name); + participant = ieee802_1x_kay_get_participant(kay, ckn->name, ckn->len); if (!participant) return; @@ -3409,6 +3544,7 @@ ieee802_1x_kay_change_cipher_suite(struct ieee802_1x_kay *kay, unsigned int cs_index) { struct ieee802_1x_mka_participant *participant; + enum macsec_cap secy_cap; if (!kay) return -1; @@ -3427,6 +3563,12 @@ ieee802_1x_kay_change_cipher_suite(struct ieee802_1x_kay *kay, kay->macsec_csindex = cs_index; kay->macsec_capable = cipher_suite_tbl[kay->macsec_csindex].capable; + if (secy_get_capability(kay, &secy_cap) < 0) + return -3; + + if (kay->macsec_capable > secy_cap) + kay->macsec_capable = secy_cap; + participant = ieee802_1x_kay_get_principal_participant(kay); if (participant) { wpa_printf(MSG_INFO, "KaY: Cipher Suite changed"); @@ -3435,3 +3577,51 @@ ieee802_1x_kay_change_cipher_suite(struct ieee802_1x_kay *kay, return 0; } + + +#ifdef CONFIG_CTRL_IFACE +/** + * ieee802_1x_kay_get_status - Get IEEE 802.1X KaY status details + * @sm: Pointer to KaY allocated with ieee802_1x_kay_init() + * @buf: Buffer for status information + * @buflen: Maximum buffer length + * @verbose: Whether to include verbose status information + * Returns: Number of bytes written to buf. + * + * Query KAY status information. This function fills in a text area with current + * status information. If the buffer (buf) is not large enough, status + * information will be truncated to fit the buffer. + */ +int ieee802_1x_kay_get_status(struct ieee802_1x_kay *kay, char *buf, + size_t buflen) +{ + int len; + + if (!kay) + return 0; + + len = os_snprintf(buf, buflen, + "PAE KaY status=%s\n" + "Authenticated=%s\n" + "Secured=%s\n" + "Failed=%s\n" + "Actor Priority=%u\n" + "Key Server Priority=%u\n" + "Is Key Server=%s\n" + "Number of Keys Distributed=%u\n" + "Number of Keys Received=%u\n", + kay->active ? "Active" : "Not-Active", + kay->authenticated ? "Yes" : "No", + kay->secured ? "Yes" : "No", + kay->failed ? "Yes" : "No", + kay->actor_priority, + kay->key_server_priority, + kay->is_key_server ? "Yes" : "No", + kay->dist_kn - 1, + kay->rcvd_keys); + if (os_snprintf_error(buflen, len)) + return 0; + + return len; +} +#endif /* CONFIG_CTRL_IFACE */ diff --git a/contrib/wpa/src/pae/ieee802_1x_kay.h b/contrib/wpa/src/pae/ieee802_1x_kay.h index afbaa336cbda..b2650596cae3 100644 --- a/contrib/wpa/src/pae/ieee802_1x_kay.h +++ b/contrib/wpa/src/pae/ieee802_1x_kay.h @@ -15,7 +15,7 @@ struct macsec_init_params; -#define MI_LEN 12 +#define MI_LEN 12 /* 96-bit Member Identifier */ #define MAX_KEY_LEN 32 /* 32 bytes, 256 bits */ #define MAX_CKN_LEN 32 /* 32 bytes, 256 bits */ @@ -24,6 +24,12 @@ struct macsec_init_params; #define MKA_LIFE_TIME 6000 #define MKA_SAK_RETIRE_TIME 3000 +/** + * struct ieee802_1x_mka_ki - Key Identifier (KI) + * @mi: Key Server's Member Identifier + * @kn: Key Number, assigned by the Key Server + * IEEE 802.1X-2010 9.8 SAK generation, distribution, and selection + */ struct ieee802_1x_mka_ki { u8 mi[MI_LEN]; u32 kn; @@ -49,6 +55,84 @@ enum mka_created_mode { EAP_EXCHANGE, }; +struct data_key { + u8 *key; + int key_len; + struct ieee802_1x_mka_ki key_identifier; + enum confidentiality_offset confidentiality_offset; + u8 an; + Boolean transmits; + Boolean receives; + struct os_time created_time; + u32 next_pn; + + /* not defined data */ + Boolean rx_latest; + Boolean tx_latest; + + int user; + + struct dl_list list; +}; + +/* TransmitSC in IEEE Std 802.1AE-2006, Figure 10-6 */ +struct transmit_sc { + struct ieee802_1x_mka_sci sci; /* const SCI sci */ + Boolean transmitting; /* bool transmitting (read only) */ + + struct os_time created_time; /* Time createdTime */ + + u8 encoding_sa; /* AN encodingSA (read only) */ + u8 enciphering_sa; /* AN encipheringSA (read only) */ + + /* not defined data */ + struct dl_list list; + struct dl_list sa_list; +}; + +/* TransmitSA in IEEE Std 802.1AE-2006, Figure 10-6 */ +struct transmit_sa { + Boolean in_use; /* bool inUse (read only) */ + u32 next_pn; /* PN nextPN (read only) */ + struct os_time created_time; /* Time createdTime */ + + Boolean enable_transmit; /* bool EnableTransmit */ + + u8 an; + Boolean confidentiality; + struct data_key *pkey; + + struct transmit_sc *sc; + struct dl_list list; /* list entry in struct transmit_sc::sa_list */ +}; + +/* ReceiveSC in IEEE Std 802.1AE-2006, Figure 10-6 */ +struct receive_sc { + struct ieee802_1x_mka_sci sci; /* const SCI sci */ + Boolean receiving; /* bool receiving (read only) */ + + struct os_time created_time; /* Time createdTime */ + + struct dl_list list; + struct dl_list sa_list; +}; + +/* ReceiveSA in IEEE Std 802.1AE-2006, Figure 10-6 */ +struct receive_sa { + Boolean enable_receive; /* bool enableReceive */ + Boolean in_use; /* bool inUse (read only) */ + + u32 next_pn; /* PN nextPN (read only) */ + u32 lowest_pn; /* PN lowestPN (read only) */ + u8 an; + struct os_time created_time; + + struct data_key *pkey; + struct receive_sc *sc; /* list entry in struct receive_sc::sa_list */ + + struct dl_list list; +}; + struct ieee802_1x_kay_ctx { /* pointer to arbitrary upper level context */ void *ctx; @@ -56,34 +140,30 @@ struct ieee802_1x_kay_ctx { /* abstract wpa driver interface */ int (*macsec_init)(void *ctx, struct macsec_init_params *params); int (*macsec_deinit)(void *ctx); + int (*macsec_get_capability)(void *priv, enum macsec_cap *cap); int (*enable_protect_frames)(void *ctx, Boolean enabled); + int (*enable_encrypt)(void *ctx, Boolean enabled); int (*set_replay_protect)(void *ctx, Boolean enabled, u32 window); int (*set_current_cipher_suite)(void *ctx, u64 cs); int (*enable_controlled_port)(void *ctx, Boolean enabled); - int (*get_receive_lowest_pn)(void *ctx, u32 channel, u8 an, - u32 *lowest_pn); - int (*get_transmit_next_pn)(void *ctx, u32 channel, u8 an, - u32 *next_pn); - int (*set_transmit_next_pn)(void *ctx, u32 channel, u8 an, u32 next_pn); - int (*get_available_receive_sc)(void *ctx, u32 *channel); - int (*create_receive_sc)(void *ctx, u32 channel, - struct ieee802_1x_mka_sci *sci, + int (*get_receive_lowest_pn)(void *ctx, struct receive_sa *sa); + int (*get_transmit_next_pn)(void *ctx, struct transmit_sa *sa); + int (*set_transmit_next_pn)(void *ctx, struct transmit_sa *sa); + int (*create_receive_sc)(void *ctx, struct receive_sc *sc, enum validate_frames vf, enum confidentiality_offset co); - int (*delete_receive_sc)(void *ctx, u32 channel); - int (*create_receive_sa)(void *ctx, u32 channel, u8 an, u32 lowest_pn, - const u8 *sak); - int (*enable_receive_sa)(void *ctx, u32 channel, u8 an); - int (*disable_receive_sa)(void *ctx, u32 channel, u8 an); - int (*get_available_transmit_sc)(void *ctx, u32 *channel); - int (*create_transmit_sc)(void *ctx, u32 channel, - const struct ieee802_1x_mka_sci *sci, + int (*delete_receive_sc)(void *ctx, struct receive_sc *sc); + int (*create_receive_sa)(void *ctx, struct receive_sa *sa); + int (*delete_receive_sa)(void *ctx, struct receive_sa *sa); + int (*enable_receive_sa)(void *ctx, struct receive_sa *sa); + int (*disable_receive_sa)(void *ctx, struct receive_sa *sa); + int (*create_transmit_sc)(void *ctx, struct transmit_sc *sc, enum confidentiality_offset co); - int (*delete_transmit_sc)(void *ctx, u32 channel); - int (*create_transmit_sa)(void *ctx, u32 channel, u8 an, u32 next_pn, - Boolean confidentiality, const u8 *sak); - int (*enable_transmit_sa)(void *ctx, u32 channel, u8 an); - int (*disable_transmit_sa)(void *ctx, u32 channel, u8 an); + int (*delete_transmit_sc)(void *ctx, struct transmit_sc *sc); + int (*create_transmit_sa)(void *ctx, struct transmit_sa *sa); + int (*delete_transmit_sa)(void *ctx, struct transmit_sa *sa); + int (*enable_transmit_sa)(void *ctx, struct transmit_sa *sa); + int (*disable_transmit_sa)(void *ctx, struct transmit_sa *sa); }; struct ieee802_1x_kay { @@ -102,6 +182,7 @@ struct ieee802_1x_kay { enum macsec_cap macsec_capable; Boolean macsec_desired; Boolean macsec_protect; + Boolean macsec_encrypt; Boolean macsec_replay_protect; u32 macsec_replay_window; enum validate_frames macsec_validate; @@ -127,12 +208,12 @@ struct ieee802_1x_kay { int mka_algindex; /* MKA alg table index */ u32 dist_kn; + u32 rcvd_keys; u8 dist_an; time_t dist_time; u8 mka_version; u8 algo_agility[4]; - u32 sc_ch; u32 pn_exhaustion; Boolean port_enable; @@ -151,14 +232,17 @@ struct ieee802_1x_kay { }; +u64 mka_sci_u64(struct ieee802_1x_mka_sci *sci); + struct ieee802_1x_kay * ieee802_1x_kay_init(struct ieee802_1x_kay_ctx *ctx, enum macsec_policy policy, - const char *ifname, const u8 *addr); + u16 port, u8 priority, const char *ifname, const u8 *addr); void ieee802_1x_kay_deinit(struct ieee802_1x_kay *kay); struct ieee802_1x_mka_participant * ieee802_1x_kay_create_mka(struct ieee802_1x_kay *kay, - struct mka_key_name *ckn, struct mka_key *cak, + const struct mka_key_name *ckn, + const struct mka_key *cak, u32 life, enum mka_created_mode mode, Boolean is_authenticator); void ieee802_1x_kay_delete_mka(struct ieee802_1x_kay *kay, @@ -185,5 +269,7 @@ int ieee802_1x_kay_enable_tx_sas(struct ieee802_1x_kay *kay, int ieee802_1x_kay_enable_rx_sas(struct ieee802_1x_kay *kay, struct ieee802_1x_mka_ki *lki); int ieee802_1x_kay_enable_new_info(struct ieee802_1x_kay *kay); +int ieee802_1x_kay_get_status(struct ieee802_1x_kay *kay, char *buf, + size_t buflen); #endif /* IEEE802_1X_KAY_H */ diff --git a/contrib/wpa/src/pae/ieee802_1x_kay_i.h b/contrib/wpa/src/pae/ieee802_1x_kay_i.h index 622282e97c51..bc522d89852b 100644 --- a/contrib/wpa/src/pae/ieee802_1x_kay_i.h +++ b/contrib/wpa/src/pae/ieee802_1x_kay_i.h @@ -54,88 +54,6 @@ struct ieee802_1x_kay_peer { struct dl_list list; }; -struct data_key { - u8 *key; - int key_len; - struct ieee802_1x_mka_ki key_identifier; - enum confidentiality_offset confidentiality_offset; - u8 an; - Boolean transmits; - Boolean receives; - struct os_time created_time; - u32 next_pn; - - /* not defined data */ - Boolean rx_latest; - Boolean tx_latest; - - int user; /* FIXME: to indicate if it can be delete safely */ - - struct dl_list list; -}; - -/* TransmitSC in IEEE Std 802.1AE-2006, Figure 10-6 */ -struct transmit_sc { - struct ieee802_1x_mka_sci sci; /* const SCI sci */ - Boolean transmitting; /* bool transmitting (read only) */ - - struct os_time created_time; /* Time createdTime */ - - u8 encoding_sa; /* AN encodingSA (read only) */ - u8 enciphering_sa; /* AN encipheringSA (read only) */ - - /* not defined data */ - unsigned int channel; - - struct dl_list list; - struct dl_list sa_list; -}; - -/* TransmitSA in IEEE Std 802.1AE-2006, Figure 10-6 */ -struct transmit_sa { - Boolean in_use; /* bool inUse (read only) */ - u32 next_pn; /* PN nextPN (read only) */ - struct os_time created_time; /* Time createdTime */ - - Boolean enable_transmit; /* bool EnableTransmit */ - - u8 an; - Boolean confidentiality; - struct data_key *pkey; - - struct transmit_sc *sc; - struct dl_list list; /* list entry in struct transmit_sc::sa_list */ -}; - -/* ReceiveSC in IEEE Std 802.1AE-2006, Figure 10-6 */ -struct receive_sc { - struct ieee802_1x_mka_sci sci; /* const SCI sci */ - Boolean receiving; /* bool receiving (read only) */ - - struct os_time created_time; /* Time createdTime */ - - unsigned int channel; - - struct dl_list list; - struct dl_list sa_list; -}; - -/* ReceiveSA in IEEE Std 802.1AE-2006, Figure 10-6 */ -struct receive_sa { - Boolean enable_receive; /* bool enableReceive */ - Boolean in_use; /* bool inUse (read only) */ - - u32 next_pn; /* PN nextPN (read only) */ - u32 lowest_pn; /* PN lowestPN (read only) */ - u8 an; - struct os_time created_time; - - struct data_key *pkey; - struct receive_sc *sc; /* list entry in struct receive_sc::sa_list */ - - struct dl_list list; -}; - struct macsec_ciphersuite { u64 id; char name[32]; @@ -175,6 +93,7 @@ struct ieee802_1x_mka_participant { Boolean active; Boolean participant; Boolean retain; + enum mka_created_mode mode; enum { DEFAULT, DISABLED, ON_OPER_UP, ALWAYS } activate; @@ -250,6 +169,22 @@ struct ieee802_1x_mka_hdr { #define MKA_HDR_LEN sizeof(struct ieee802_1x_mka_hdr) +/** + * struct ieee802_1x_mka_basic_body - Basic Parameter Set (Figure 11-8) + * @version: MKA Version Identifier + * @priority: Key Server Priority + * @length: Parameter set body length + * @macsec_capability: MACsec capability, as defined in ieee802_1x_defs.h + * @macsec_desired: the participant wants MACsec to be used to protect frames + * (9.6.1) + * @key_server: the participant has not decided that another participant is or + * will be the key server (9.5.1) + * @length1: Parameter set body length (cont) + * @actor_mi: Actor's Member Identifier + * @actor_mn: Actor's Message Number + * @algo_agility: Algorithm Agility parameter + * @ckn: CAK Name + */ struct ieee802_1x_mka_basic_body { /* octet 1 */ u8 version; @@ -279,6 +214,14 @@ struct ieee802_1x_mka_basic_body { u8 ckn[0]; }; +/** + * struct ieee802_1x_mka_peer_body - Live Peer List and Potential Peer List + * parameter sets (Figure 11-9) + * @type: Parameter set type (1 or 2) + * @length: Parameter set body length + * @length1: Parameter set body length (cont) + * @peer: array of (MI, MN) pairs + */ struct ieee802_1x_mka_peer_body { /* octet 1 */ u8 type; @@ -299,6 +242,28 @@ struct ieee802_1x_mka_peer_body { /* followed by Peers */ }; +/** + * struct ieee802_1x_mka_sak_use_body - MACsec SAK Use parameter set (Figure + * 11-10) + * @type: MKA message type + * @lan: latest key AN + * @ltx: latest key TX + * @lrx: latest key RX + * @oan: old key AN + * @otx: old key TX + * @orx: old key RX + * @ptx: plain TX, ie protectFrames is False + * @prx: plain RX, ie validateFrames is not Strict + * @delay_protect: True if LPNs are being reported sufficiently frequently to + * allow the recipient to provide data delay protection. If False, the LPN + * can be reported as zero. + * @lsrv_mi: latest key server MI + * @lkn: latest key number (together with MI, form the KI) + * @llpn: latest lowest acceptable PN (LPN) + * @osrv_mi: old key server MI + * @okn: old key number (together with MI, form the KI) + * @olpn: old lowest acceptable PN (LPN) + */ struct ieee802_1x_mka_sak_use_body { /* octet 1 */ u8 type; @@ -352,7 +317,21 @@ struct ieee802_1x_mka_sak_use_body { be32 olpn; }; - +/** + * struct ieee802_1x_mka_dist_sak_body - Distributed SAK parameter set + * (GCM-AES-128, Figure 11-11) + * @type: Parameter set type (4) + * @length: Parameter set body length + * @length1: Parameter set body length (cont) + * Total parameter body length values: + * - 0 for plain text + * - 28 for GCM-AES-128 + * - 36 or more for other cipher suites + * @confid_offset: confidentiality offset, as defined in ieee802_1x_defs.h + * @dan: distributed AN (0 for plain text) + * @kn: Key Number + * @sak: AES Key Wrap of SAK (see 9.8) + */ struct ieee802_1x_mka_dist_sak_body { /* octet 1 */ u8 type; @@ -385,6 +364,41 @@ struct ieee802_1x_mka_dist_sak_body { u8 sak[0]; }; +/** + * struct ieee802_1x_mka_dist_cak_body - Distributed CAK parameter set (Figure + * 11-13) + * @type: Parameter set type (5) + * @length: Parameter set body length + * @length1: Parameter set body length (cont) + * Total parameter body length values: + * - 0 for plain text + * - 28 for GCM-AES-128 + * - 36 or more for other cipher suites + * @cak: AES Key Wrap of CAK (see 9.8) + * @ckn: CAK Name + */ +struct ieee802_1x_mka_dist_cak_body { + /* octet 1 */ + u8 type; + /* octet 2 */ + u8 reserve; + /* octet 3 */ +#if __BYTE_ORDER == __LITTLE_ENDIAN + u8 length:4; + u8 reserve1:4; +#elif __BYTE_ORDER == __BIG_ENDIAN + u8 reserve1:4; + u8 length:4; +#endif + /* octet 4 */ + u8 length1; + + /* octet 5 - 28 */ + u8 cak[24]; + + /* followed by CAK Name, 29- */ + u8 ckn[0]; +}; struct ieee802_1x_mka_icv_body { /* octet 1 */ diff --git a/contrib/wpa/src/pae/ieee802_1x_secy_ops.c b/contrib/wpa/src/pae/ieee802_1x_secy_ops.c index 2d12911dbfcf..ab5339bb2046 100644 --- a/contrib/wpa/src/pae/ieee802_1x_secy_ops.c +++ b/contrib/wpa/src/pae/ieee802_1x_secy_ops.c @@ -45,6 +45,26 @@ int secy_cp_control_protect_frames(struct ieee802_1x_kay *kay, Boolean enabled) } +int secy_cp_control_encrypt(struct ieee802_1x_kay *kay, Boolean enabled) +{ + struct ieee802_1x_kay_ctx *ops; + + if (!kay) { + wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__); + return -1; + } + + ops = kay->ctx; + if (!ops || !ops->enable_encrypt) { + wpa_printf(MSG_ERROR, + "KaY: secy enable_encrypt operation not supported"); + return -1; + } + + return ops->enable_encrypt(ops->ctx, enabled); +} + + int secy_cp_control_replay(struct ieee802_1x_kay *kay, Boolean enabled, u32 win) { struct ieee802_1x_kay_ctx *ops; @@ -113,55 +133,48 @@ int secy_cp_control_enable_port(struct ieee802_1x_kay *kay, Boolean enabled) } -int secy_get_receive_lowest_pn(struct ieee802_1x_kay *kay, - struct receive_sa *rxsa) +int secy_get_capability(struct ieee802_1x_kay *kay, enum macsec_cap *cap) { struct ieee802_1x_kay_ctx *ops; - if (!kay || !rxsa) { + if (!kay) { wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__); return -1; } ops = kay->ctx; - if (!ops || !ops->get_receive_lowest_pn) { + if (!ops || !ops->macsec_get_capability) { wpa_printf(MSG_ERROR, - "KaY: secy get_receive_lowest_pn operation not supported"); + "KaY: secy macsec_get_capability operation not supported"); return -1; } - return ops->get_receive_lowest_pn(ops->ctx, - rxsa->sc->channel, - rxsa->an, - &rxsa->lowest_pn); + return ops->macsec_get_capability(ops->ctx, cap); } -int secy_get_transmit_next_pn(struct ieee802_1x_kay *kay, - struct transmit_sa *txsa) +int secy_get_receive_lowest_pn(struct ieee802_1x_kay *kay, + struct receive_sa *rxsa) { struct ieee802_1x_kay_ctx *ops; - if (!kay || !txsa) { + if (!kay || !rxsa) { wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__); return -1; } ops = kay->ctx; - if (!ops || !ops->get_transmit_next_pn) { + if (!ops || !ops->get_receive_lowest_pn) { wpa_printf(MSG_ERROR, "KaY: secy get_receive_lowest_pn operation not supported"); return -1; } - return ops->get_transmit_next_pn(ops->ctx, - txsa->sc->channel, - txsa->an, - &txsa->next_pn); + return ops->get_receive_lowest_pn(ops->ctx, rxsa); } -int secy_set_transmit_next_pn(struct ieee802_1x_kay *kay, +int secy_get_transmit_next_pn(struct ieee802_1x_kay *kay, struct transmit_sa *txsa) { struct ieee802_1x_kay_ctx *ops; @@ -172,36 +185,34 @@ int secy_set_transmit_next_pn(struct ieee802_1x_kay *kay, } ops = kay->ctx; - if (!ops || !ops->set_transmit_next_pn) { + if (!ops || !ops->get_transmit_next_pn) { wpa_printf(MSG_ERROR, "KaY: secy get_receive_lowest_pn operation not supported"); return -1; } - return ops->set_transmit_next_pn(ops->ctx, - txsa->sc->channel, - txsa->an, - txsa->next_pn); + return ops->get_transmit_next_pn(ops->ctx, txsa); } -int secy_get_available_receive_sc(struct ieee802_1x_kay *kay, u32 *channel) +int secy_set_transmit_next_pn(struct ieee802_1x_kay *kay, + struct transmit_sa *txsa) { struct ieee802_1x_kay_ctx *ops; - if (!kay) { + if (!kay || !txsa) { wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__); return -1; } ops = kay->ctx; - if (!ops || !ops->get_available_receive_sc) { + if (!ops || !ops->set_transmit_next_pn) { wpa_printf(MSG_ERROR, - "KaY: secy get_available_receive_sc operation not supported"); + "KaY: secy get_receive_lowest_pn operation not supported"); return -1; } - return ops->get_available_receive_sc(ops->ctx, channel); + return ops->set_transmit_next_pn(ops->ctx, txsa); } @@ -221,8 +232,7 @@ int secy_create_receive_sc(struct ieee802_1x_kay *kay, struct receive_sc *rxsc) return -1; } - return ops->create_receive_sc(ops->ctx, rxsc->channel, &rxsc->sci, - kay->vf, kay->co); + return ops->create_receive_sc(ops->ctx, rxsc, kay->vf, kay->co); } @@ -242,7 +252,7 @@ int secy_delete_receive_sc(struct ieee802_1x_kay *kay, struct receive_sc *rxsc) return -1; } - return ops->delete_receive_sc(ops->ctx, rxsc->channel); + return ops->delete_receive_sc(ops->ctx, rxsc); } @@ -262,12 +272,11 @@ int secy_create_receive_sa(struct ieee802_1x_kay *kay, struct receive_sa *rxsa) return -1; } - return ops->create_receive_sa(ops->ctx, rxsa->sc->channel, rxsa->an, - rxsa->lowest_pn, rxsa->pkey->key); + return ops->create_receive_sa(ops->ctx, rxsa); } -int secy_enable_receive_sa(struct ieee802_1x_kay *kay, struct receive_sa *rxsa) +int secy_delete_receive_sa(struct ieee802_1x_kay *kay, struct receive_sa *rxsa) { struct ieee802_1x_kay_ctx *ops; @@ -277,19 +286,17 @@ int secy_enable_receive_sa(struct ieee802_1x_kay *kay, struct receive_sa *rxsa) } ops = kay->ctx; - if (!ops || !ops->enable_receive_sa) { + if (!ops || !ops->delete_receive_sa) { wpa_printf(MSG_ERROR, - "KaY: secy enable_receive_sa operation not supported"); + "KaY: secy delete_receive_sa operation not supported"); return -1; } - rxsa->enable_receive = TRUE; - - return ops->enable_receive_sa(ops->ctx, rxsa->sc->channel, rxsa->an); + return ops->delete_receive_sa(ops->ctx, rxsa); } -int secy_disable_receive_sa(struct ieee802_1x_kay *kay, struct receive_sa *rxsa) +int secy_enable_receive_sa(struct ieee802_1x_kay *kay, struct receive_sa *rxsa) { struct ieee802_1x_kay_ctx *ops; @@ -299,35 +306,37 @@ int secy_disable_receive_sa(struct ieee802_1x_kay *kay, struct receive_sa *rxsa) } ops = kay->ctx; - if (!ops || !ops->disable_receive_sa) { + if (!ops || !ops->enable_receive_sa) { wpa_printf(MSG_ERROR, - "KaY: secy disable_receive_sa operation not supported"); + "KaY: secy enable_receive_sa operation not supported"); return -1; } - rxsa->enable_receive = FALSE; + rxsa->enable_receive = TRUE; - return ops->disable_receive_sa(ops->ctx, rxsa->sc->channel, rxsa->an); + return ops->enable_receive_sa(ops->ctx, rxsa); } -int secy_get_available_transmit_sc(struct ieee802_1x_kay *kay, u32 *channel) +int secy_disable_receive_sa(struct ieee802_1x_kay *kay, struct receive_sa *rxsa) { struct ieee802_1x_kay_ctx *ops; - if (!kay) { + if (!kay || !rxsa) { wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__); return -1; } ops = kay->ctx; - if (!ops || !ops->get_available_transmit_sc) { + if (!ops || !ops->disable_receive_sa) { wpa_printf(MSG_ERROR, - "KaY: secy get_available_transmit_sc operation not supported"); + "KaY: secy disable_receive_sa operation not supported"); return -1; } - return ops->get_available_transmit_sc(ops->ctx, channel); + rxsa->enable_receive = FALSE; + + return ops->disable_receive_sa(ops->ctx, rxsa); } @@ -348,8 +357,7 @@ int secy_create_transmit_sc(struct ieee802_1x_kay *kay, return -1; } - return ops->create_transmit_sc(ops->ctx, txsc->channel, &txsc->sci, - kay->co); + return ops->create_transmit_sc(ops->ctx, txsc, kay->co); } @@ -370,7 +378,7 @@ int secy_delete_transmit_sc(struct ieee802_1x_kay *kay, return -1; } - return ops->delete_transmit_sc(ops->ctx, txsc->channel); + return ops->delete_transmit_sc(ops->ctx, txsc); } @@ -391,9 +399,28 @@ int secy_create_transmit_sa(struct ieee802_1x_kay *kay, return -1; } - return ops->create_transmit_sa(ops->ctx, txsa->sc->channel, txsa->an, - txsa->next_pn, txsa->confidentiality, - txsa->pkey->key); + return ops->create_transmit_sa(ops->ctx, txsa); +} + + +int secy_delete_transmit_sa(struct ieee802_1x_kay *kay, + struct transmit_sa *txsa) +{ + struct ieee802_1x_kay_ctx *ops; + + if (!kay || !txsa) { + wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__); + return -1; + } + + ops = kay->ctx; + if (!ops || !ops->delete_transmit_sa) { + wpa_printf(MSG_ERROR, + "KaY: secy delete_transmit_sa operation not supported"); + return -1; + } + + return ops->delete_transmit_sa(ops->ctx, txsa); } @@ -416,7 +443,7 @@ int secy_enable_transmit_sa(struct ieee802_1x_kay *kay, txsa->enable_transmit = TRUE; - return ops->enable_transmit_sa(ops->ctx, txsa->sc->channel, txsa->an); + return ops->enable_transmit_sa(ops->ctx, txsa); } @@ -439,7 +466,7 @@ int secy_disable_transmit_sa(struct ieee802_1x_kay *kay, txsa->enable_transmit = FALSE; - return ops->disable_transmit_sa(ops->ctx, txsa->sc->channel, txsa->an); + return ops->disable_transmit_sa(ops->ctx, txsa); } diff --git a/contrib/wpa/src/pae/ieee802_1x_secy_ops.h b/contrib/wpa/src/pae/ieee802_1x_secy_ops.h index f5057ee11958..9fb29c3ddfa0 100644 --- a/contrib/wpa/src/pae/ieee802_1x_secy_ops.h +++ b/contrib/wpa/src/pae/ieee802_1x_secy_ops.h @@ -13,10 +13,6 @@ #include "common/ieee802_1x_defs.h" struct ieee802_1x_kay_conf; -struct receive_sa; -struct transmit_sa; -struct receive_sc; -struct transmit_sc; int secy_init_macsec(struct ieee802_1x_kay *kay); int secy_deinit_macsec(struct ieee802_1x_kay *kay); @@ -25,6 +21,7 @@ int secy_deinit_macsec(struct ieee802_1x_kay *kay); int secy_cp_control_validate_frames(struct ieee802_1x_kay *kay, enum validate_frames vf); int secy_cp_control_protect_frames(struct ieee802_1x_kay *kay, Boolean flag); +int secy_cp_control_encrypt(struct ieee802_1x_kay *kay, Boolean enabled); int secy_cp_control_replay(struct ieee802_1x_kay *kay, Boolean flag, u32 win); int secy_cp_control_current_cipher_suite(struct ieee802_1x_kay *kay, u64 cs); int secy_cp_control_confidentiality_offset(struct ieee802_1x_kay *kay, @@ -32,27 +29,29 @@ int secy_cp_control_confidentiality_offset(struct ieee802_1x_kay *kay, int secy_cp_control_enable_port(struct ieee802_1x_kay *kay, Boolean flag); /****** KaY -> SecY *******/ +int secy_get_capability(struct ieee802_1x_kay *kay, enum macsec_cap *cap); int secy_get_receive_lowest_pn(struct ieee802_1x_kay *kay, struct receive_sa *rxsa); int secy_get_transmit_next_pn(struct ieee802_1x_kay *kay, struct transmit_sa *txsa); int secy_set_transmit_next_pn(struct ieee802_1x_kay *kay, struct transmit_sa *txsa); -int secy_get_available_receive_sc(struct ieee802_1x_kay *kay, u32 *channel); int secy_create_receive_sc(struct ieee802_1x_kay *kay, struct receive_sc *rxsc); int secy_delete_receive_sc(struct ieee802_1x_kay *kay, struct receive_sc *rxsc); int secy_create_receive_sa(struct ieee802_1x_kay *kay, struct receive_sa *rxsa); +int secy_delete_receive_sa(struct ieee802_1x_kay *kay, struct receive_sa *rxsa); int secy_enable_receive_sa(struct ieee802_1x_kay *kay, struct receive_sa *rxsa); int secy_disable_receive_sa(struct ieee802_1x_kay *kay, struct receive_sa *rxsa); -int secy_get_available_transmit_sc(struct ieee802_1x_kay *kay, u32 *channel); int secy_create_transmit_sc(struct ieee802_1x_kay *kay, struct transmit_sc *txsc); int secy_delete_transmit_sc(struct ieee802_1x_kay *kay, struct transmit_sc *txsc); int secy_create_transmit_sa(struct ieee802_1x_kay *kay, struct transmit_sa *txsa); +int secy_delete_transmit_sa(struct ieee802_1x_kay *kay, + struct transmit_sa *txsa); int secy_enable_transmit_sa(struct ieee802_1x_kay *kay, struct transmit_sa *txsa); int secy_disable_transmit_sa(struct ieee802_1x_kay *kay, diff --git a/contrib/wpa/src/radius/radius.c b/contrib/wpa/src/radius/radius.c index 407e4f8b9614..07240ea2243d 100644 --- a/contrib/wpa/src/radius/radius.c +++ b/contrib/wpa/src/radius/radius.c @@ -210,7 +210,7 @@ static const struct radius_attr_type radius_attrs[] = { RADIUS_ATTR_ACCT_MULTI_SESSION_ID, "Acct-Multi-Session-Id", RADIUS_ATTR_TEXT }, { RADIUS_ATTR_ACCT_LINK_COUNT, "Acct-Link-Count", RADIUS_ATTR_INT32 }, - { RADIUS_ATTR_ACCT_INPUT_GIGAWORDS, "Acct-Input-Gigawords", + { RADIUS_ATTR_ACCT_INPUT_GIGAWORDS, "Acct-Input-Gigawords", RADIUS_ATTR_INT32 }, { RADIUS_ATTR_ACCT_OUTPUT_GIGAWORDS, "Acct-Output-Gigawords", RADIUS_ATTR_INT32 }, @@ -250,6 +250,8 @@ static const struct radius_attr_type radius_attrs[] = { RADIUS_ATTR_MOBILITY_DOMAIN_ID, "Mobility-Domain-Id", RADIUS_ATTR_INT32 }, { RADIUS_ATTR_WLAN_HESSID, "WLAN-HESSID", RADIUS_ATTR_TEXT }, + { RADIUS_ATTR_WLAN_REASON_CODE, "WLAN-Reason-Code", + RADIUS_ATTR_INT32 }, { RADIUS_ATTR_WLAN_PAIRWISE_CIPHER, "WLAN-Pairwise-Cipher", RADIUS_ATTR_HEXDUMP }, { RADIUS_ATTR_WLAN_GROUP_CIPHER, "WLAN-Group-Cipher", @@ -631,6 +633,9 @@ struct radius_attr_hdr *radius_msg_add_attr(struct radius_msg *msg, u8 type, size_t buf_needed; struct radius_attr_hdr *attr; + if (TEST_FAIL()) + return NULL; + if (data_len > RADIUS_MAX_ATTR_LEN) { wpa_printf(MSG_ERROR, "radius_msg_add_attr: too long attribute (%lu bytes)", (unsigned long) data_len); @@ -960,10 +965,9 @@ static u8 *radius_msg_get_vendor_attr(struct radius_msg *msg, u32 vendor, } len = vhdr->vendor_length - sizeof(*vhdr); - data = os_malloc(len); + data = os_memdup(pos + sizeof(*vhdr), len); if (data == NULL) return NULL; - os_memcpy(data, pos + sizeof(*vhdr), len); if (alen) *alen = len; return data; @@ -1040,12 +1044,11 @@ static u8 * decrypt_ms_key(const u8 *key, size_t len, return NULL; } - res = os_malloc(plain[0]); + res = os_memdup(plain + 1, plain[0]); if (res == NULL) { os_free(plain); return NULL; } - os_memcpy(res, plain + 1, plain[0]); if (reslen) *reslen = plain[0]; os_free(plain); @@ -1594,10 +1597,9 @@ char * radius_msg_get_tunnel_password(struct radius_msg *msg, int *keylen, goto out; /* alloc writable memory for decryption */ - buf = os_malloc(fdlen); + buf = os_memdup(fdata, fdlen); if (buf == NULL) goto out; - os_memcpy(buf, fdata, fdlen); buflen = fdlen; /* init pointers */ @@ -1684,12 +1686,11 @@ int radius_copy_class(struct radius_class_data *dst, dst->count = 0; for (i = 0; i < src->count; i++) { - dst->attr[i].data = os_malloc(src->attr[i].len); + dst->attr[i].data = os_memdup(src->attr[i].data, + src->attr[i].len); if (dst->attr[i].data == NULL) break; dst->count++; - os_memcpy(dst->attr[i].data, src->attr[i].data, - src->attr[i].len); dst->attr[i].len = src->attr[i].len; } diff --git a/contrib/wpa/src/radius/radius.h b/contrib/wpa/src/radius/radius.h index cd510d2c88e2..630c0f9d0bc5 100644 --- a/contrib/wpa/src/radius/radius.h +++ b/contrib/wpa/src/radius/radius.h @@ -102,8 +102,13 @@ enum { RADIUS_ATTR_USER_NAME = 1, RADIUS_ATTR_EXTENDED_LOCATION_POLICY_RULES = 130, RADIUS_ATTR_LOCATION_CAPABLE = 131, RADIUS_ATTR_REQUESTED_LOCATION_INFO = 132, + RADIUS_ATTR_GSS_ACCEPTOR_SERVICE_NAME = 164, + RADIUS_ATTR_GSS_ACCEPTOR_HOST_NAME = 165, + RADIUS_ATTR_GSS_ACCEPTOR_SERVICE_SPECIFICS = 166, + RADIUS_ATTR_GSS_ACCEPTOR_REALM_NAME = 167, RADIUS_ATTR_MOBILITY_DOMAIN_ID = 177, RADIUS_ATTR_WLAN_HESSID = 181, + RADIUS_ATTR_WLAN_REASON_CODE = 185, RADIUS_ATTR_WLAN_PAIRWISE_CIPHER = 186, RADIUS_ATTR_WLAN_GROUP_CIPHER = 187, RADIUS_ATTR_WLAN_AKM_SUITE = 188, @@ -193,6 +198,11 @@ enum { RADIUS_VENDOR_ATTR_WFA_HS20_STA_VERSION = 3, RADIUS_VENDOR_ATTR_WFA_HS20_DEAUTH_REQ = 4, RADIUS_VENDOR_ATTR_WFA_HS20_SESSION_INFO_URL = 5, + RADIUS_VENDOR_ATTR_WFA_HS20_ROAMING_CONSORTIUM = 6, + RADIUS_VENDOR_ATTR_WFA_HS20_T_C_FILENAME = 7, + RADIUS_VENDOR_ATTR_WFA_HS20_TIMESTAMP = 8, + RADIUS_VENDOR_ATTR_WFA_HS20_T_C_FILTERING = 9, + RADIUS_VENDOR_ATTR_WFA_HS20_T_C_URL = 10, }; #ifdef _MSC_VER diff --git a/contrib/wpa/src/radius/radius_client.c b/contrib/wpa/src/radius/radius_client.c index 06c804d132fd..a87ee745eb28 100644 --- a/contrib/wpa/src/radius/radius_client.c +++ b/contrib/wpa/src/radius/radius_client.c @@ -904,13 +904,13 @@ static void radius_client_receive(int sock, void *eloop_ctx, void *sock_ctx) switch (res) { case RADIUS_RX_PROCESSED: radius_msg_free(msg); - /* continue */ + /* fall through */ case RADIUS_RX_QUEUED: radius_client_msg_free(req); return; case RADIUS_RX_INVALID_AUTHENTICATOR: invalid_authenticator++; - /* continue */ + /* fall through */ case RADIUS_RX_UNKNOWN: /* continue with next handler */ break; diff --git a/contrib/wpa/src/radius/radius_das.c b/contrib/wpa/src/radius/radius_das.c index 8a3d7e0324bc..aaa3fc26723a 100644 --- a/contrib/wpa/src/radius/radius_das.c +++ b/contrib/wpa/src/radius/radius_das.c @@ -27,6 +27,7 @@ struct radius_das_data { void *ctx; enum radius_das_res (*disconnect)(void *ctx, struct radius_das_attrs *attr); + enum radius_das_res (*coa)(void *ctx, struct radius_das_attrs *attr); }; @@ -161,6 +162,10 @@ static struct radius_msg * radius_das_disconnect(struct radius_das_data *das, abuf, from_port); error = 508; break; + case RADIUS_DAS_COA_FAILED: + /* not used with Disconnect-Request */ + error = 405; + break; case RADIUS_DAS_SUCCESS: error = 0; break; @@ -184,6 +189,195 @@ fail: } +static struct radius_msg * radius_das_coa(struct radius_das_data *das, + struct radius_msg *msg, + const char *abuf, int from_port) +{ + struct radius_hdr *hdr; + struct radius_msg *reply; + u8 allowed[] = { + RADIUS_ATTR_USER_NAME, + RADIUS_ATTR_NAS_IP_ADDRESS, + RADIUS_ATTR_CALLING_STATION_ID, + RADIUS_ATTR_NAS_IDENTIFIER, + RADIUS_ATTR_ACCT_SESSION_ID, + RADIUS_ATTR_ACCT_MULTI_SESSION_ID, + RADIUS_ATTR_EVENT_TIMESTAMP, + RADIUS_ATTR_MESSAGE_AUTHENTICATOR, + RADIUS_ATTR_CHARGEABLE_USER_IDENTITY, +#ifdef CONFIG_HS20 + RADIUS_ATTR_VENDOR_SPECIFIC, +#endif /* CONFIG_HS20 */ +#ifdef CONFIG_IPV6 + RADIUS_ATTR_NAS_IPV6_ADDRESS, +#endif /* CONFIG_IPV6 */ + 0 + }; + int error = 405; + u8 attr; + enum radius_das_res res; + struct radius_das_attrs attrs; + u8 *buf; + size_t len; + char tmp[100]; + u8 sta_addr[ETH_ALEN]; + + hdr = radius_msg_get_hdr(msg); + + if (!das->coa) { + wpa_printf(MSG_INFO, "DAS: CoA not supported"); + goto fail; + } + + attr = radius_msg_find_unlisted_attr(msg, allowed); + if (attr) { + wpa_printf(MSG_INFO, + "DAS: Unsupported attribute %u in CoA-Request from %s:%d", + attr, abuf, from_port); + error = 401; + goto fail; + } + + os_memset(&attrs, 0, sizeof(attrs)); + + if (radius_msg_get_attr_ptr(msg, RADIUS_ATTR_NAS_IP_ADDRESS, + &buf, &len, NULL) == 0) { + if (len != 4) { + wpa_printf(MSG_INFO, "DAS: Invalid NAS-IP-Address from %s:%d", + abuf, from_port); + error = 407; + goto fail; + } + attrs.nas_ip_addr = buf; + } + +#ifdef CONFIG_IPV6 + if (radius_msg_get_attr_ptr(msg, RADIUS_ATTR_NAS_IPV6_ADDRESS, + &buf, &len, NULL) == 0) { + if (len != 16) { + wpa_printf(MSG_INFO, "DAS: Invalid NAS-IPv6-Address from %s:%d", + abuf, from_port); + error = 407; + goto fail; + } + attrs.nas_ipv6_addr = buf; + } +#endif /* CONFIG_IPV6 */ + + if (radius_msg_get_attr_ptr(msg, RADIUS_ATTR_NAS_IDENTIFIER, + &buf, &len, NULL) == 0) { + attrs.nas_identifier = buf; + attrs.nas_identifier_len = len; + } + + if (radius_msg_get_attr_ptr(msg, RADIUS_ATTR_CALLING_STATION_ID, + &buf, &len, NULL) == 0) { + if (len >= sizeof(tmp)) + len = sizeof(tmp) - 1; + os_memcpy(tmp, buf, len); + tmp[len] = '\0'; + if (hwaddr_aton2(tmp, sta_addr) < 0) { + wpa_printf(MSG_INFO, "DAS: Invalid Calling-Station-Id " + "'%s' from %s:%d", tmp, abuf, from_port); + error = 407; + goto fail; + } + attrs.sta_addr = sta_addr; + } + + if (radius_msg_get_attr_ptr(msg, RADIUS_ATTR_USER_NAME, + &buf, &len, NULL) == 0) { + attrs.user_name = buf; + attrs.user_name_len = len; + } + + if (radius_msg_get_attr_ptr(msg, RADIUS_ATTR_ACCT_SESSION_ID, + &buf, &len, NULL) == 0) { + attrs.acct_session_id = buf; + attrs.acct_session_id_len = len; + } + + if (radius_msg_get_attr_ptr(msg, RADIUS_ATTR_ACCT_MULTI_SESSION_ID, + &buf, &len, NULL) == 0) { + attrs.acct_multi_session_id = buf; + attrs.acct_multi_session_id_len = len; + } + + if (radius_msg_get_attr_ptr(msg, RADIUS_ATTR_CHARGEABLE_USER_IDENTITY, + &buf, &len, NULL) == 0) { + attrs.cui = buf; + attrs.cui_len = len; + } + +#ifdef CONFIG_HS20 + if (radius_msg_get_attr_ptr(msg, RADIUS_ATTR_VENDOR_SPECIFIC, + &buf, &len, NULL) == 0) { + if (len < 10 || WPA_GET_BE32(buf) != RADIUS_VENDOR_ID_WFA || + buf[4] != RADIUS_VENDOR_ATTR_WFA_HS20_T_C_FILTERING || + buf[5] < 6) { + wpa_printf(MSG_INFO, + "DAS: Unsupported attribute %u in CoA-Request from %s:%d", + attr, abuf, from_port); + error = 401; + goto fail; + } + attrs.hs20_t_c_filtering = &buf[6]; + } + + if (!attrs.hs20_t_c_filtering) { + wpa_printf(MSG_INFO, + "DAS: No supported authorization change attribute in CoA-Request from %s:%d", + abuf, from_port); + error = 402; + goto fail; + } +#endif /* CONFIG_HS20 */ + + res = das->coa(das->ctx, &attrs); + switch (res) { + case RADIUS_DAS_NAS_MISMATCH: + wpa_printf(MSG_INFO, "DAS: NAS mismatch from %s:%d", + abuf, from_port); + error = 403; + break; + case RADIUS_DAS_SESSION_NOT_FOUND: + wpa_printf(MSG_INFO, + "DAS: Session not found for request from %s:%d", + abuf, from_port); + error = 503; + break; + case RADIUS_DAS_MULTI_SESSION_MATCH: + wpa_printf(MSG_INFO, + "DAS: Multiple sessions match for request from %s:%d", + abuf, from_port); + error = 508; + break; + case RADIUS_DAS_COA_FAILED: + wpa_printf(MSG_INFO, "DAS: CoA failed for request from %s:%d", + abuf, from_port); + error = 407; + break; + case RADIUS_DAS_SUCCESS: + error = 0; + break; + } + +fail: + reply = radius_msg_new(error ? RADIUS_CODE_COA_NAK : + RADIUS_CODE_COA_ACK, hdr->identifier); + if (!reply) + return NULL; + + if (error && + !radius_msg_add_attr_int32(reply, RADIUS_ATTR_ERROR_CAUSE, error)) { + radius_msg_free(reply); + return NULL; + } + + return reply; +} + + static void radius_das_receive(int sock, void *eloop_ctx, void *sock_ctx) { struct radius_das_data *das = eloop_ctx; @@ -219,7 +413,8 @@ static void radius_das_receive(int sock, void *eloop_ctx, void *sock_ctx) wpa_printf(MSG_DEBUG, "DAS: Received %d bytes from %s:%d", len, abuf, from_port); - if (das->client_addr.u.v4.s_addr != from.sin.sin_addr.s_addr) { + if (das->client_addr.u.v4.s_addr && + das->client_addr.u.v4.s_addr != from.sin.sin_addr.s_addr) { wpa_printf(MSG_DEBUG, "DAS: Drop message from unknown client"); return; } @@ -270,19 +465,7 @@ static void radius_das_receive(int sock, void *eloop_ctx, void *sock_ctx) reply = radius_das_disconnect(das, msg, abuf, from_port); break; case RADIUS_CODE_COA_REQUEST: - /* TODO */ - reply = radius_msg_new(RADIUS_CODE_COA_NAK, - hdr->identifier); - if (reply == NULL) - break; - - /* Unsupported Service */ - if (!radius_msg_add_attr_int32(reply, RADIUS_ATTR_ERROR_CAUSE, - 405)) { - radius_msg_free(reply); - reply = NULL; - break; - } + reply = radius_das_coa(das, msg, abuf, from_port); break; default: wpa_printf(MSG_DEBUG, "DAS: Unexpected RADIUS code %u in " @@ -369,17 +552,17 @@ radius_das_init(struct radius_das_conf *conf) conf->require_message_authenticator; das->ctx = conf->ctx; das->disconnect = conf->disconnect; + das->coa = conf->coa; os_memcpy(&das->client_addr, conf->client_addr, sizeof(das->client_addr)); - das->shared_secret = os_malloc(conf->shared_secret_len); + das->shared_secret = os_memdup(conf->shared_secret, + conf->shared_secret_len); if (das->shared_secret == NULL) { radius_das_deinit(das); return NULL; } - os_memcpy(das->shared_secret, conf->shared_secret, - conf->shared_secret_len); das->shared_secret_len = conf->shared_secret_len; das->sock = radius_das_open_socket(conf->port); diff --git a/contrib/wpa/src/radius/radius_das.h b/contrib/wpa/src/radius/radius_das.h index 9863fdc1eaca..233d662f631b 100644 --- a/contrib/wpa/src/radius/radius_das.h +++ b/contrib/wpa/src/radius/radius_das.h @@ -16,6 +16,7 @@ enum radius_das_res { RADIUS_DAS_NAS_MISMATCH, RADIUS_DAS_SESSION_NOT_FOUND, RADIUS_DAS_MULTI_SESSION_MATCH, + RADIUS_DAS_COA_FAILED, }; struct radius_das_attrs { @@ -35,6 +36,9 @@ struct radius_das_attrs { size_t acct_multi_session_id_len; const u8 *cui; size_t cui_len; + + /* Authorization changes */ + const u8 *hs20_t_c_filtering; }; struct radius_das_conf { @@ -48,6 +52,7 @@ struct radius_das_conf { void *ctx; enum radius_das_res (*disconnect)(void *ctx, struct radius_das_attrs *attr); + enum radius_das_res (*coa)(void *ctx, struct radius_das_attrs *attr); }; struct radius_das_data * diff --git a/contrib/wpa/src/radius/radius_server.c b/contrib/wpa/src/radius/radius_server.c index 744283c7dc9d..e3afc0d53298 100644 --- a/contrib/wpa/src/radius/radius_server.c +++ b/contrib/wpa/src/radius/radius_server.c @@ -26,9 +26,14 @@ #define RADIUS_SESSION_TIMEOUT 60 /** + * RADIUS_SESSION_MAINTAIN - Completed session expiration timeout in seconds + */ +#define RADIUS_SESSION_MAINTAIN 5 + +/** * RADIUS_MAX_SESSION - Maximum number of active sessions */ -#define RADIUS_MAX_SESSION 100 +#define RADIUS_MAX_SESSION 1000 /** * RADIUS_MAX_MSG_LEN - Maximum message length for incoming RADIUS messages @@ -75,6 +80,7 @@ struct radius_session { struct eap_eapol_interface *eap_if; char *username; /* from User-Name attribute */ char *nas_ip; + u8 mac_addr[ETH_ALEN]; /* from Calling-Station-Id attribute */ struct radius_msg *last_msg; char *last_from_addr; @@ -87,8 +93,11 @@ struct radius_session { unsigned int remediation:1; unsigned int macacl:1; + unsigned int t_c_filtering:1; struct hostapd_radius_attr *accept_attr; + + u32 t_c_timestamp; /* Last read T&C timestamp from user DB */ }; /** @@ -106,6 +115,14 @@ struct radius_client { int shared_secret_len; struct radius_session *sessions; struct radius_server_counters counters; + + u8 next_dac_identifier; + struct radius_msg *pending_dac_coa_req; + u8 pending_dac_coa_id; + u8 pending_dac_coa_addr[ETH_ALEN]; + struct radius_msg *pending_dac_disconnect_req; + u8 pending_dac_disconnect_id; + u8 pending_dac_disconnect_addr[ETH_ALEN]; }; /** @@ -267,6 +284,8 @@ struct radius_server_data { unsigned int tls_session_lifetime; + unsigned int tls_flags; + /** * wps - Wi-Fi Protected Setup context * @@ -339,6 +358,8 @@ struct radius_server_data { char *subscr_remediation_url; u8 subscr_remediation_method; + char *t_c_server_url; + #ifdef CONFIG_SQLITE sqlite3 *db; #endif /* CONFIG_SQLITE */ @@ -621,8 +642,8 @@ radius_server_get_new_session(struct radius_server_data *data, struct radius_client *client, struct radius_msg *msg, const char *from_addr) { - u8 *user; - size_t user_len; + u8 *user, *id; + size_t user_len, id_len; int res; struct radius_session *sess; struct eap_config eap_conf; @@ -657,17 +678,32 @@ radius_server_get_new_session(struct radius_server_data *data, sess->username = os_malloc(user_len * 4 + 1); if (sess->username == NULL) { - radius_server_session_free(data, sess); + radius_server_session_remove(data, sess); return NULL; } printf_encode(sess->username, user_len * 4 + 1, user, user_len); sess->nas_ip = os_strdup(from_addr); if (sess->nas_ip == NULL) { - radius_server_session_free(data, sess); + radius_server_session_remove(data, sess); return NULL; } + if (radius_msg_get_attr_ptr(msg, RADIUS_ATTR_CALLING_STATION_ID, &id, + &id_len, NULL) == 0) { + char buf[3 * ETH_ALEN]; + + os_memset(buf, 0, sizeof(buf)); + if (id_len >= sizeof(buf)) + id_len = sizeof(buf) - 1; + os_memcpy(buf, id, id_len); + if (hwaddr_aton2(buf, sess->mac_addr) < 0) + os_memset(sess->mac_addr, 0, ETH_ALEN); + else + RADIUS_DEBUG("Calling-Station-Id: " MACSTR, + MAC2STR(sess->mac_addr)); + } + srv_log(sess, "New session created"); os_memset(&eap_conf, 0, sizeof(eap_conf)); @@ -691,13 +727,14 @@ radius_server_get_new_session(struct radius_server_data *data, eap_conf.server_id_len = os_strlen(data->server_id); eap_conf.erp = data->erp; eap_conf.tls_session_lifetime = data->tls_session_lifetime; + eap_conf.tls_flags = data->tls_flags; radius_server_testing_options(sess, &eap_conf); sess->eap = eap_server_sm_init(sess, &radius_server_eapol_cb, &eap_conf); if (sess->eap == NULL) { RADIUS_DEBUG("Failed to initialize EAP state machine for the " "new session"); - radius_server_session_free(data, sess); + radius_server_session_remove(data, sess); return NULL; } sess->eap_if = eap_get_interface(sess->eap); @@ -710,6 +747,125 @@ radius_server_get_new_session(struct radius_server_data *data, } +#ifdef CONFIG_HS20 +static void radius_srv_hs20_t_c_pending(struct radius_session *sess) +{ +#ifdef CONFIG_SQLITE + char *sql; + char addr[3 * ETH_ALEN], *id_str; + const u8 *id; + size_t id_len; + + if (!sess->server->db || !sess->eap || + is_zero_ether_addr(sess->mac_addr)) + return; + + os_snprintf(addr, sizeof(addr), MACSTR, MAC2STR(sess->mac_addr)); + + id = eap_get_identity(sess->eap, &id_len); + if (!id) + return; + id_str = os_malloc(id_len + 1); + if (!id_str) + return; + os_memcpy(id_str, id, id_len); + id_str[id_len] = '\0'; + + sql = sqlite3_mprintf("INSERT OR REPLACE INTO pending_tc (mac_addr,identity) VALUES (%Q,%Q)", + addr, id_str); + os_free(id_str); + if (!sql) + return; + + if (sqlite3_exec(sess->server->db, sql, NULL, NULL, NULL) != + SQLITE_OK) { + RADIUS_ERROR("Failed to add pending_tc entry into sqlite database: %s", + sqlite3_errmsg(sess->server->db)); + } + sqlite3_free(sql); +#endif /* CONFIG_SQLITE */ +} +#endif /* CONFIG_HS20 */ + + +static void radius_server_add_session(struct radius_session *sess) +{ +#ifdef CONFIG_SQLITE + char *sql; + char addr_txt[ETH_ALEN * 3]; + struct os_time now; + + if (!sess->server->db) + return; + + + os_snprintf(addr_txt, sizeof(addr_txt), MACSTR, + MAC2STR(sess->mac_addr)); + + os_get_time(&now); + sql = sqlite3_mprintf("INSERT OR REPLACE INTO current_sessions(mac_addr,identity,start_time,nas,hs20_t_c_filtering) VALUES (%Q,%Q,%d,%Q,%u)", + addr_txt, sess->username, now.sec, + sess->nas_ip, sess->t_c_filtering); + if (sql) { + if (sqlite3_exec(sess->server->db, sql, NULL, NULL, + NULL) != SQLITE_OK) { + RADIUS_ERROR("Failed to add current_sessions entry into sqlite database: %s", + sqlite3_errmsg(sess->server->db)); + } + sqlite3_free(sql); + } +#endif /* CONFIG_SQLITE */ +} + + +static void db_update_last_msk(struct radius_session *sess, const char *msk) +{ +#ifdef CONFIG_RADIUS_TEST +#ifdef CONFIG_SQLITE + char *sql = NULL; + char *id_str = NULL; + const u8 *id; + size_t id_len; + const char *serial_num; + + if (!sess->server->db) + return; + + serial_num = eap_get_serial_num(sess->eap); + if (serial_num) { + id_len = 5 + os_strlen(serial_num) + 1; + id_str = os_malloc(id_len); + if (!id_str) + return; + os_snprintf(id_str, id_len, "cert-%s", serial_num); + } else { + id = eap_get_identity(sess->eap, &id_len); + if (!id) + return; + id_str = os_malloc(id_len + 1); + if (!id_str) + return; + os_memcpy(id_str, id, id_len); + id_str[id_len] = '\0'; + } + + sql = sqlite3_mprintf("UPDATE users SET last_msk=%Q WHERE identity=%Q", + msk, id_str); + os_free(id_str); + if (!sql) + return; + + if (sqlite3_exec(sess->server->db, sql, NULL, NULL, NULL) != + SQLITE_OK) { + RADIUS_DEBUG("Failed to update last_msk: %s", + sqlite3_errmsg(sess->server->db)); + } + sqlite3_free(sql); +#endif /* CONFIG_SQLITE */ +#endif /* CONFIG_RADIUS_TEST */ +} + + static struct radius_msg * radius_server_encapsulate_eap(struct radius_server_data *data, struct radius_client *client, @@ -720,6 +876,7 @@ radius_server_encapsulate_eap(struct radius_server_data *data, int code; unsigned int sess_id; struct radius_hdr *hdr = radius_msg_get_hdr(request); + u16 reason = WLAN_REASON_IEEE_802_1X_AUTH_FAILED; if (sess->eap_if->eapFail) { sess->eap_if->eapFail = FALSE; @@ -754,9 +911,18 @@ radius_server_encapsulate_eap(struct radius_server_data *data, if (code == RADIUS_CODE_ACCESS_ACCEPT && sess->eap_if->eapKeyData) { int len; #ifdef CONFIG_RADIUS_TEST + char buf[2 * 64 + 1]; + + len = sess->eap_if->eapKeyDataLen; + if (len > 64) + len = 64; + len = wpa_snprintf_hex(buf, sizeof(buf), + sess->eap_if->eapKeyData, len); + buf[len] = '\0'; + if (data->dump_msk_file) { FILE *f; - char buf[2 * 64 + 1]; + f = fopen(data->dump_msk_file, "a"); if (f) { len = sess->eap_if->eapKeyDataLen; @@ -770,6 +936,8 @@ radius_server_encapsulate_eap(struct radius_server_data *data, fclose(f); } } + + db_update_last_msk(sess, buf); #endif /* CONFIG_RADIUS_TEST */ if (sess->eap_if->eapKeyDataLen > 64) { len = 32; @@ -812,6 +980,61 @@ radius_server_encapsulate_eap(struct radius_server_data *data, RADIUS_DEBUG("Failed to add WFA-HS20-SubscrRem"); } } + + if (code == RADIUS_CODE_ACCESS_ACCEPT && sess->t_c_filtering) { + u8 buf[4] = { 0x01, 0x00, 0x00, 0x00 }; /* E=1 */ + const char *url = data->t_c_server_url, *pos; + char *url2, *end2, *pos2; + size_t url_len; + + if (!radius_msg_add_wfa( + msg, RADIUS_VENDOR_ATTR_WFA_HS20_T_C_FILTERING, + buf, sizeof(buf))) { + RADIUS_DEBUG("Failed to add WFA-HS20-T-C-Filtering"); + radius_msg_free(msg); + return NULL; + } + + if (!url) { + RADIUS_DEBUG("No t_c_server_url configured"); + radius_msg_free(msg); + return NULL; + } + + pos = os_strstr(url, "@1@"); + if (!pos) { + RADIUS_DEBUG("No @1@ macro in t_c_server_url"); + radius_msg_free(msg); + return NULL; + } + + url_len = os_strlen(url) + ETH_ALEN * 3 - 1 - 3; + url2 = os_malloc(url_len + 1); + if (!url2) { + RADIUS_DEBUG("Failed to allocate room for T&C Server URL"); + os_free(url2); + radius_msg_free(msg); + return NULL; + } + pos2 = url2; + end2 = url2 + url_len + 1; + os_memcpy(pos2, url, pos - url); + pos2 += pos - url; + os_snprintf(pos2, end2 - pos2, MACSTR, MAC2STR(sess->mac_addr)); + pos2 += ETH_ALEN * 3 - 1; + os_memcpy(pos2, pos + 3, os_strlen(pos + 3)); + if (!radius_msg_add_wfa(msg, + RADIUS_VENDOR_ATTR_WFA_HS20_T_C_URL, + (const u8 *) url2, url_len)) { + RADIUS_DEBUG("Failed to add WFA-HS20-T-C-URL"); + os_free(url2); + radius_msg_free(msg); + return NULL; + } + os_free(url2); + + radius_srv_hs20_t_c_pending(sess); + } #endif /* CONFIG_HS20 */ if (radius_msg_copy_attr(msg, request, RADIUS_ATTR_PROXY_STATE) < 0) { @@ -833,12 +1056,24 @@ radius_server_encapsulate_eap(struct radius_server_data *data, } } + if (code == RADIUS_CODE_ACCESS_REJECT) { + if (radius_msg_add_attr_int32(msg, RADIUS_ATTR_WLAN_REASON_CODE, + reason) < 0) { + RADIUS_DEBUG("Failed to add WLAN-Reason-Code attribute"); + radius_msg_free(msg); + return NULL; + } + } + if (radius_msg_finish_srv(msg, (u8 *) client->shared_secret, client->shared_secret_len, hdr->authenticator) < 0) { RADIUS_DEBUG("Failed to add Message-Authenticator attribute"); } + if (code == RADIUS_CODE_ACCESS_ACCEPT) + radius_server_add_session(sess); + return msg; } @@ -985,6 +1220,51 @@ static int radius_server_reject(struct radius_server_data *data, } +static void radius_server_hs20_t_c_check(struct radius_session *sess, + struct radius_msg *msg) +{ +#ifdef CONFIG_HS20 + u8 *buf, *pos, *end, type, sublen, *timestamp = NULL; + size_t len; + + buf = NULL; + for (;;) { + if (radius_msg_get_attr_ptr(msg, RADIUS_ATTR_VENDOR_SPECIFIC, + &buf, &len, buf) < 0) + break; + if (len < 6) + continue; + pos = buf; + end = buf + len; + if (WPA_GET_BE32(pos) != RADIUS_VENDOR_ID_WFA) + continue; + pos += 4; + + type = *pos++; + sublen = *pos++; + if (sublen < 2) + continue; /* invalid length */ + sublen -= 2; /* skip header */ + if (pos + sublen > end) + continue; /* invalid WFA VSA */ + + if (type == RADIUS_VENDOR_ATTR_WFA_HS20_TIMESTAMP && len >= 4) { + timestamp = pos; + break; + } + } + + if (!timestamp) + return; + RADIUS_DEBUG("HS20-Timestamp: %u", WPA_GET_BE32(timestamp)); + if (sess->t_c_timestamp != WPA_GET_BE32(timestamp)) { + RADIUS_DEBUG("Last read T&C timestamp does not match HS20-Timestamp --> require filtering"); + sess->t_c_filtering = 1; + } +#endif /* CONFIG_HS20 */ +} + + static int radius_server_request(struct radius_server_data *data, struct radius_msg *msg, struct sockaddr *from, socklen_t fromlen, @@ -1057,7 +1337,7 @@ static int radius_server_request(struct radius_server_data *data, "message"); return -1; } - + eap = radius_msg_get_eap(msg); if (eap == NULL && sess->macacl) { reply = radius_server_macacl(data, client, sess, msg); @@ -1115,10 +1395,15 @@ static int radius_server_request(struct radius_server_data *data, if (sess->eap_if->eapSuccess || sess->eap_if->eapFail) is_complete = 1; - if (sess->eap_if->eapFail) + if (sess->eap_if->eapFail) { srv_log(sess, "EAP authentication failed"); - else if (sess->eap_if->eapSuccess) + db_update_last_msk(sess, "FAIL"); + } else if (sess->eap_if->eapSuccess) { srv_log(sess, "EAP authentication succeeded"); + } + + if (sess->eap_if->eapSuccess) + radius_server_hs20_t_c_check(sess, msg); reply = radius_server_encapsulate_eap(data, client, sess, msg); @@ -1172,7 +1457,7 @@ send_reply: sess->sess_id); eloop_cancel_timeout(radius_server_session_remove_timeout, data, sess); - eloop_register_timeout(10, 0, + eloop_register_timeout(RADIUS_SESSION_MAINTAIN, 0, radius_server_session_remove_timeout, data, sess); } @@ -1181,6 +1466,116 @@ send_reply: } +static void +radius_server_receive_disconnect_resp(struct radius_server_data *data, + struct radius_client *client, + struct radius_msg *msg, int ack) +{ + struct radius_hdr *hdr; + + if (!client->pending_dac_disconnect_req) { + RADIUS_DEBUG("Ignore unexpected Disconnect response"); + radius_msg_free(msg); + return; + } + + hdr = radius_msg_get_hdr(msg); + if (hdr->identifier != client->pending_dac_disconnect_id) { + RADIUS_DEBUG("Ignore unexpected Disconnect response with unexpected identifier %u (expected %u)", + hdr->identifier, + client->pending_dac_disconnect_id); + radius_msg_free(msg); + return; + } + + if (radius_msg_verify(msg, (const u8 *) client->shared_secret, + client->shared_secret_len, + client->pending_dac_disconnect_req, 0)) { + RADIUS_DEBUG("Ignore Disconnect response with invalid authenticator"); + radius_msg_free(msg); + return; + } + + RADIUS_DEBUG("Disconnect-%s received for " MACSTR, + ack ? "ACK" : "NAK", + MAC2STR(client->pending_dac_disconnect_addr)); + + radius_msg_free(msg); + radius_msg_free(client->pending_dac_disconnect_req); + client->pending_dac_disconnect_req = NULL; +} + + +static void radius_server_receive_coa_resp(struct radius_server_data *data, + struct radius_client *client, + struct radius_msg *msg, int ack) +{ + struct radius_hdr *hdr; +#ifdef CONFIG_SQLITE + char addrtxt[3 * ETH_ALEN]; + char *sql; + int res; +#endif /* CONFIG_SQLITE */ + + if (!client->pending_dac_coa_req) { + RADIUS_DEBUG("Ignore unexpected CoA response"); + radius_msg_free(msg); + return; + } + + hdr = radius_msg_get_hdr(msg); + if (hdr->identifier != client->pending_dac_coa_id) { + RADIUS_DEBUG("Ignore unexpected CoA response with unexpected identifier %u (expected %u)", + hdr->identifier, + client->pending_dac_coa_id); + radius_msg_free(msg); + return; + } + + if (radius_msg_verify(msg, (const u8 *) client->shared_secret, + client->shared_secret_len, + client->pending_dac_coa_req, 0)) { + RADIUS_DEBUG("Ignore CoA response with invalid authenticator"); + radius_msg_free(msg); + return; + } + + RADIUS_DEBUG("CoA-%s received for " MACSTR, + ack ? "ACK" : "NAK", + MAC2STR(client->pending_dac_coa_addr)); + + radius_msg_free(msg); + radius_msg_free(client->pending_dac_coa_req); + client->pending_dac_coa_req = NULL; + +#ifdef CONFIG_SQLITE + if (!data->db) + return; + + os_snprintf(addrtxt, sizeof(addrtxt), MACSTR, + MAC2STR(client->pending_dac_coa_addr)); + + if (ack) { + sql = sqlite3_mprintf("UPDATE current_sessions SET hs20_t_c_filtering=0, waiting_coa_ack=0, coa_ack_received=1 WHERE mac_addr=%Q", + addrtxt); + } else { + sql = sqlite3_mprintf("UPDATE current_sessions SET waiting_coa_ack=0 WHERE mac_addr=%Q", + addrtxt); + } + if (!sql) + return; + + res = sqlite3_exec(data->db, sql, NULL, NULL, NULL); + sqlite3_free(sql); + if (res != SQLITE_OK) { + RADIUS_ERROR("Failed to update current_sessions entry: %s", + sqlite3_errmsg(data->db)); + return; + } +#endif /* CONFIG_SQLITE */ +} + + static void radius_server_receive_auth(int sock, void *eloop_ctx, void *sock_ctx) { @@ -1261,6 +1656,26 @@ static void radius_server_receive_auth(int sock, void *eloop_ctx, radius_msg_dump(msg); } + if (radius_msg_get_hdr(msg)->code == RADIUS_CODE_DISCONNECT_ACK) { + radius_server_receive_disconnect_resp(data, client, msg, 1); + return; + } + + if (radius_msg_get_hdr(msg)->code == RADIUS_CODE_DISCONNECT_NAK) { + radius_server_receive_disconnect_resp(data, client, msg, 0); + return; + } + + if (radius_msg_get_hdr(msg)->code == RADIUS_CODE_COA_ACK) { + radius_server_receive_coa_resp(data, client, msg, 1); + return; + } + + if (radius_msg_get_hdr(msg)->code == RADIUS_CODE_COA_NAK) { + radius_server_receive_coa_resp(data, client, msg, 0); + return; + } + if (radius_msg_get_hdr(msg)->code != RADIUS_CODE_ACCESS_REQUEST) { RADIUS_DEBUG("Unexpected RADIUS code %d", radius_msg_get_hdr(msg)->code); @@ -1521,6 +1936,8 @@ static void radius_server_free_clients(struct radius_server_data *data, radius_server_free_sessions(data, prev->sessions); os_free(prev->shared_secret); + radius_msg_free(prev->pending_dac_coa_req); + radius_msg_free(prev->pending_dac_disconnect_req); os_free(prev); } } @@ -1749,6 +2166,7 @@ radius_server_init(struct radius_server_conf *conf) data->erp = conf->erp; data->erp_domain = conf->erp_domain; data->tls_session_lifetime = conf->tls_session_lifetime; + data->tls_flags = conf->tls_flags; if (conf->subscr_remediation_url) { data->subscr_remediation_url = @@ -1756,6 +2174,9 @@ radius_server_init(struct radius_server_conf *conf) } data->subscr_remediation_method = conf->subscr_remediation_method; + if (conf->t_c_server_url) + data->t_c_server_url = os_strdup(conf->t_c_server_url); + #ifdef CONFIG_SQLITE if (conf->sqlite_file) { if (sqlite3_open(conf->sqlite_file, &data->db)) { @@ -1872,6 +2293,7 @@ void radius_server_deinit(struct radius_server_data *data) os_free(data->dump_msk_file); #endif /* CONFIG_RADIUS_TEST */ os_free(data->subscr_remediation_url); + os_free(data->t_c_server_url); #ifdef CONFIG_SQLITE if (data->db) @@ -2040,6 +2462,7 @@ static int radius_server_get_eap_user(void *ctx, const u8 *identity, sess->accept_attr = user->accept_attr; sess->remediation = user->remediation; sess->macacl = user->macacl; + sess->t_c_timestamp = user->t_c_timestamp; } if (ret) { @@ -2166,3 +2589,212 @@ void radius_server_eap_pending_cb(struct radius_server_data *data, void *ctx) radius_msg_free(msg); } + + +#ifdef CONFIG_SQLITE + +struct db_session_fields { + char *identity; + char *nas; + int hs20_t_c_filtering; + int waiting_coa_ack; + int coa_ack_received; +}; + + +static int get_db_session_fields(void *ctx, int argc, char *argv[], char *col[]) +{ + struct db_session_fields *fields = ctx; + int i; + + for (i = 0; i < argc; i++) { + if (!argv[i]) + continue; + + RADIUS_DEBUG("Session DB: %s=%s", col[i], argv[i]); + + if (os_strcmp(col[i], "identity") == 0) { + os_free(fields->identity); + fields->identity = os_strdup(argv[i]); + } else if (os_strcmp(col[i], "nas") == 0) { + os_free(fields->nas); + fields->nas = os_strdup(argv[i]); + } else if (os_strcmp(col[i], "hs20_t_c_filtering") == 0) { + fields->hs20_t_c_filtering = atoi(argv[i]); + } else if (os_strcmp(col[i], "waiting_coa_ack") == 0) { + fields->waiting_coa_ack = atoi(argv[i]); + } else if (os_strcmp(col[i], "coa_ack_received") == 0) { + fields->coa_ack_received = atoi(argv[i]); + } + } + + return 0; +} + + +static void free_db_session_fields(struct db_session_fields *fields) +{ + os_free(fields->identity); + fields->identity = NULL; + os_free(fields->nas); + fields->nas = NULL; +} + +#endif /* CONFIG_SQLITE */ + + +int radius_server_dac_request(struct radius_server_data *data, const char *req) +{ +#ifdef CONFIG_SQLITE + char *sql; + int res; + int disconnect; + const char *pos = req; + u8 addr[ETH_ALEN]; + char addrtxt[3 * ETH_ALEN]; + int t_c_clear = 0; + struct db_session_fields fields; + struct sockaddr_in das; + struct radius_client *client; + struct radius_msg *msg; + struct wpabuf *buf; + u8 identifier; + struct os_time now; + + if (!data) + return -1; + + /* req: <disconnect|coa> <MAC Address> [t_c_clear] */ + + if (os_strncmp(pos, "disconnect ", 11) == 0) { + disconnect = 1; + pos += 11; + } else if (os_strncmp(req, "coa ", 4) == 0) { + disconnect = 0; + pos += 4; + } else { + return -1; + } + + if (hwaddr_aton(pos, addr)) + return -1; + pos = os_strchr(pos, ' '); + if (pos) { + if (os_strstr(pos, "t_c_clear")) + t_c_clear = 1; + } + + if (!disconnect && !t_c_clear) { + RADIUS_ERROR("DAC request for CoA without any authorization change"); + return -1; + } + + if (!data->db) { + RADIUS_ERROR("SQLite database not in use"); + return -1; + } + + os_snprintf(addrtxt, sizeof(addrtxt), MACSTR, MAC2STR(addr)); + + sql = sqlite3_mprintf("SELECT * FROM current_sessions WHERE mac_addr=%Q", + addrtxt); + if (!sql) + return -1; + + os_memset(&fields, 0, sizeof(fields)); + res = sqlite3_exec(data->db, sql, get_db_session_fields, &fields, NULL); + sqlite3_free(sql); + if (res != SQLITE_OK) { + RADIUS_ERROR("Failed to find matching current_sessions entry from sqlite database: %s", + sqlite3_errmsg(data->db)); + free_db_session_fields(&fields); + return -1; + } + + if (!fields.nas) { + RADIUS_ERROR("No NAS information found from current_sessions"); + free_db_session_fields(&fields); + return -1; + } + + os_memset(&das, 0, sizeof(das)); + das.sin_family = AF_INET; + das.sin_addr.s_addr = inet_addr(fields.nas); + das.sin_port = htons(3799); + + free_db_session_fields(&fields); + + client = radius_server_get_client(data, &das.sin_addr, 0); + if (!client) { + RADIUS_ERROR("No NAS information available to protect the packet"); + return -1; + } + + identifier = client->next_dac_identifier++; + + msg = radius_msg_new(disconnect ? RADIUS_CODE_DISCONNECT_REQUEST : + RADIUS_CODE_COA_REQUEST, identifier); + if (!msg) + return -1; + + os_snprintf(addrtxt, sizeof(addrtxt), RADIUS_802_1X_ADDR_FORMAT, + MAC2STR(addr)); + if (!radius_msg_add_attr(msg, RADIUS_ATTR_CALLING_STATION_ID, + (u8 *) addrtxt, os_strlen(addrtxt))) { + RADIUS_ERROR("Could not add Calling-Station-Id"); + radius_msg_free(msg); + return -1; + } + + if (!disconnect && t_c_clear) { + u8 val[4] = { 0x00, 0x00, 0x00, 0x00 }; /* E=0 */ + + if (!radius_msg_add_wfa( + msg, RADIUS_VENDOR_ATTR_WFA_HS20_T_C_FILTERING, + val, sizeof(val))) { + RADIUS_DEBUG("Failed to add WFA-HS20-T-C-Filtering"); + radius_msg_free(msg); + return -1; + } + } + + os_get_time(&now); + if (!radius_msg_add_attr_int32(msg, RADIUS_ATTR_EVENT_TIMESTAMP, + now.sec)) { + RADIUS_ERROR("Failed to add Event-Timestamp attribute"); + radius_msg_free(msg); + return -1; + } + + radius_msg_finish_acct(msg, (u8 *) client->shared_secret, + client->shared_secret_len); + + if (wpa_debug_level <= MSG_MSGDUMP) + radius_msg_dump(msg); + + buf = radius_msg_get_buf(msg); + if (sendto(data->auth_sock, wpabuf_head(buf), wpabuf_len(buf), 0, + (struct sockaddr *) &das, sizeof(das)) < 0) { + RADIUS_ERROR("Failed to send packet - sendto: %s", + strerror(errno)); + radius_msg_free(msg); + return -1; + } + + if (disconnect) { + radius_msg_free(client->pending_dac_disconnect_req); + client->pending_dac_disconnect_req = msg; + client->pending_dac_disconnect_id = identifier; + os_memcpy(client->pending_dac_disconnect_addr, addr, ETH_ALEN); + } else { + radius_msg_free(client->pending_dac_coa_req); + client->pending_dac_coa_req = msg; + client->pending_dac_coa_id = identifier; + os_memcpy(client->pending_dac_coa_addr, addr, ETH_ALEN); + } + + return 0; +#else /* CONFIG_SQLITE */ + return -1; +#endif /* CONFIG_SQLITE */ +} diff --git a/contrib/wpa/src/radius/radius_server.h b/contrib/wpa/src/radius/radius_server.h index 7a25802c8152..167bbf5b2881 100644 --- a/contrib/wpa/src/radius/radius_server.h +++ b/contrib/wpa/src/radius/radius_server.h @@ -172,6 +172,8 @@ struct radius_server_conf { unsigned int tls_session_lifetime; + unsigned int tls_flags; + /** * wps - Wi-Fi Protected Setup context * @@ -231,6 +233,8 @@ struct radius_server_conf { char *subscr_remediation_url; u8 subscr_remediation_method; + + char *t_c_server_url; }; @@ -244,5 +248,6 @@ int radius_server_get_mib(struct radius_server_data *data, char *buf, size_t buflen); void radius_server_eap_pending_cb(struct radius_server_data *data, void *ctx); +int radius_server_dac_request(struct radius_server_data *data, const char *req); #endif /* RADIUS_SERVER_H */ diff --git a/contrib/wpa/src/rsn_supp/peerkey.c b/contrib/wpa/src/rsn_supp/peerkey.c deleted file mode 100644 index 79764d94b902..000000000000 --- a/contrib/wpa/src/rsn_supp/peerkey.c +++ /dev/null @@ -1,1155 +0,0 @@ -/* - * WPA Supplicant - PeerKey for Direct Link Setup (DLS) - * Copyright (c) 2006-2015, Jouni Malinen <j@w1.fi> - * - * This software may be distributed under the terms of the BSD license. - * See README for more details. - */ - -#include "includes.h" - -#ifdef CONFIG_PEERKEY - -#include "common.h" -#include "eloop.h" -#include "crypto/sha1.h" -#include "crypto/sha256.h" -#include "crypto/random.h" -#include "common/ieee802_11_defs.h" -#include "wpa.h" -#include "wpa_i.h" -#include "wpa_ie.h" -#include "peerkey.h" - - -static u8 * wpa_add_ie(u8 *pos, const u8 *ie, size_t ie_len) -{ - os_memcpy(pos, ie, ie_len); - return pos + ie_len; -} - - -static u8 * wpa_add_kde(u8 *pos, u32 kde, const u8 *data, size_t data_len) -{ - *pos++ = WLAN_EID_VENDOR_SPECIFIC; - *pos++ = RSN_SELECTOR_LEN + data_len; - RSN_SELECTOR_PUT(pos, kde); - pos += RSN_SELECTOR_LEN; - os_memcpy(pos, data, data_len); - pos += data_len; - return pos; -} - - -static void wpa_supplicant_smk_timeout(void *eloop_ctx, void *timeout_ctx) -{ -#if 0 - struct wpa_sm *sm = eloop_ctx; - struct wpa_peerkey *peerkey = timeout_ctx; -#endif - /* TODO: time out SMK and any STK that was generated using this SMK */ -} - - -static void wpa_supplicant_peerkey_free(struct wpa_sm *sm, - struct wpa_peerkey *peerkey) -{ - eloop_cancel_timeout(wpa_supplicant_smk_timeout, sm, peerkey); - os_free(peerkey); -} - - -static int wpa_supplicant_send_smk_error(struct wpa_sm *sm, const u8 *dst, - const u8 *peer, - u16 mui, u16 error_type, int ver) -{ - size_t rlen; - struct wpa_eapol_key *err; - struct wpa_eapol_key_192 *err192; - struct rsn_error_kde error; - u8 *rbuf, *pos; - size_t kde_len; - u16 key_info; - - kde_len = 2 + RSN_SELECTOR_LEN + sizeof(error); - if (peer) - kde_len += 2 + RSN_SELECTOR_LEN + ETH_ALEN; - - rbuf = wpa_sm_alloc_eapol(sm, IEEE802_1X_TYPE_EAPOL_KEY, - NULL, sizeof(*err) + kde_len, &rlen, - (void *) &err); - if (rbuf == NULL) - return -1; - err192 = (struct wpa_eapol_key_192 *) err; - - err->type = EAPOL_KEY_TYPE_RSN; - key_info = ver | WPA_KEY_INFO_SMK_MESSAGE | WPA_KEY_INFO_MIC | - WPA_KEY_INFO_SECURE | WPA_KEY_INFO_ERROR | - WPA_KEY_INFO_REQUEST; - WPA_PUT_BE16(err->key_info, key_info); - WPA_PUT_BE16(err->key_length, 0); - os_memcpy(err->replay_counter, sm->request_counter, - WPA_REPLAY_COUNTER_LEN); - inc_byte_array(sm->request_counter, WPA_REPLAY_COUNTER_LEN); - - WPA_PUT_BE16(err->key_data_length, (u16) kde_len); - pos = (u8 *) (err + 1); - - if (peer) { - /* Peer MAC Address KDE */ - pos = wpa_add_kde(pos, RSN_KEY_DATA_MAC_ADDR, peer, ETH_ALEN); - } - - /* Error KDE */ - error.mui = host_to_be16(mui); - error.error_type = host_to_be16(error_type); - wpa_add_kde(pos, RSN_KEY_DATA_ERROR, (u8 *) &error, sizeof(error)); - - if (peer) { - wpa_printf(MSG_DEBUG, "RSN: Sending EAPOL-Key SMK Error (peer " - MACSTR " mui %d error_type %d)", - MAC2STR(peer), mui, error_type); - } else { - wpa_printf(MSG_DEBUG, "RSN: Sending EAPOL-Key SMK Error " - "(mui %d error_type %d)", mui, error_type); - } - - wpa_eapol_key_send(sm, sm->ptk.kck, sm->ptk.kck_len, ver, dst, - ETH_P_EAPOL, rbuf, rlen, err192->key_mic); - - return 0; -} - - -static int wpa_supplicant_send_smk_m3(struct wpa_sm *sm, - const unsigned char *src_addr, - const struct wpa_eapol_key *key, - int ver, struct wpa_peerkey *peerkey) -{ - size_t rlen; - struct wpa_eapol_key *reply; - struct wpa_eapol_key_192 *reply192; - u8 *rbuf, *pos; - size_t kde_len; - u16 key_info; - - /* KDEs: Peer RSN IE, Initiator MAC Address, Initiator Nonce */ - kde_len = peerkey->rsnie_p_len + - 2 + RSN_SELECTOR_LEN + ETH_ALEN + - 2 + RSN_SELECTOR_LEN + WPA_NONCE_LEN; - - rbuf = wpa_sm_alloc_eapol(sm, IEEE802_1X_TYPE_EAPOL_KEY, - NULL, sizeof(*reply) + kde_len, &rlen, - (void *) &reply); - if (rbuf == NULL) - return -1; - reply192 = (struct wpa_eapol_key_192 *) reply; - - reply->type = EAPOL_KEY_TYPE_RSN; - key_info = ver | WPA_KEY_INFO_SMK_MESSAGE | WPA_KEY_INFO_MIC | - WPA_KEY_INFO_SECURE; - WPA_PUT_BE16(reply->key_info, key_info); - WPA_PUT_BE16(reply->key_length, 0); - os_memcpy(reply->replay_counter, key->replay_counter, - WPA_REPLAY_COUNTER_LEN); - - os_memcpy(reply->key_nonce, peerkey->pnonce, WPA_NONCE_LEN); - - WPA_PUT_BE16(reply->key_data_length, (u16) kde_len); - pos = (u8 *) (reply + 1); - - /* Peer RSN IE */ - pos = wpa_add_ie(pos, peerkey->rsnie_p, peerkey->rsnie_p_len); - - /* Initiator MAC Address KDE */ - pos = wpa_add_kde(pos, RSN_KEY_DATA_MAC_ADDR, peerkey->addr, ETH_ALEN); - - /* Initiator Nonce */ - wpa_add_kde(pos, RSN_KEY_DATA_NONCE, peerkey->inonce, WPA_NONCE_LEN); - - wpa_printf(MSG_DEBUG, "RSN: Sending EAPOL-Key SMK M3"); - wpa_eapol_key_send(sm, sm->ptk.kck, sm->ptk.kck_len, ver, src_addr, - ETH_P_EAPOL, rbuf, rlen, reply192->key_mic); - - return 0; -} - - -static int wpa_supplicant_process_smk_m2( - struct wpa_sm *sm, const unsigned char *src_addr, - const struct wpa_eapol_key *key, size_t extra_len, int ver) -{ - struct wpa_peerkey *peerkey; - struct wpa_eapol_ie_parse kde; - struct wpa_ie_data ie; - int cipher; - struct rsn_ie_hdr *hdr; - u8 *pos; - - wpa_printf(MSG_DEBUG, "RSN: Received SMK M2"); - - if (!sm->peerkey_enabled || sm->proto != WPA_PROTO_RSN) { - wpa_printf(MSG_INFO, "RSN: SMK handshake not allowed for " - "the current network"); - return -1; - } - - if (wpa_supplicant_parse_ies((const u8 *) (key + 1), extra_len, &kde) < - 0) { - wpa_printf(MSG_INFO, "RSN: Failed to parse KDEs in SMK M2"); - return -1; - } - - if (kde.rsn_ie == NULL || kde.mac_addr == NULL || - kde.mac_addr_len < ETH_ALEN) { - wpa_printf(MSG_INFO, "RSN: No RSN IE or MAC address KDE in " - "SMK M2"); - return -1; - } - - wpa_printf(MSG_DEBUG, "RSN: SMK M2 - SMK initiator " MACSTR, - MAC2STR(kde.mac_addr)); - - if (kde.rsn_ie_len > PEERKEY_MAX_IE_LEN) { - wpa_printf(MSG_INFO, "RSN: Too long Initiator RSN IE in SMK " - "M2"); - return -1; - } - - if (wpa_parse_wpa_ie_rsn(kde.rsn_ie, kde.rsn_ie_len, &ie) < 0) { - wpa_printf(MSG_INFO, "RSN: Failed to parse RSN IE in SMK M2"); - return -1; - } - - cipher = wpa_pick_pairwise_cipher(ie.pairwise_cipher & - sm->allowed_pairwise_cipher, 0); - if (cipher < 0) { - wpa_printf(MSG_INFO, "RSN: No acceptable cipher in SMK M2"); - wpa_supplicant_send_smk_error(sm, src_addr, kde.mac_addr, - STK_MUI_SMK, STK_ERR_CPHR_NS, - ver); - return -1; - } - wpa_printf(MSG_DEBUG, "RSN: Using %s for PeerKey", - wpa_cipher_txt(cipher)); - - /* TODO: find existing entry and if found, use that instead of adding - * a new one; how to handle the case where both ends initiate at the - * same time? */ - peerkey = os_zalloc(sizeof(*peerkey)); - if (peerkey == NULL) - return -1; - os_memcpy(peerkey->addr, kde.mac_addr, ETH_ALEN); - os_memcpy(peerkey->inonce, key->key_nonce, WPA_NONCE_LEN); - os_memcpy(peerkey->rsnie_i, kde.rsn_ie, kde.rsn_ie_len); - peerkey->rsnie_i_len = kde.rsn_ie_len; - peerkey->cipher = cipher; - peerkey->akmp = ie.key_mgmt; - - if (random_get_bytes(peerkey->pnonce, WPA_NONCE_LEN)) { - wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, - "WPA: Failed to get random data for PNonce"); - wpa_supplicant_peerkey_free(sm, peerkey); - return -1; - } - - hdr = (struct rsn_ie_hdr *) peerkey->rsnie_p; - hdr->elem_id = WLAN_EID_RSN; - WPA_PUT_LE16(hdr->version, RSN_VERSION); - pos = (u8 *) (hdr + 1); - /* Group Suite can be anything for SMK RSN IE; receiver will just - * ignore it. */ - RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_CCMP); - pos += RSN_SELECTOR_LEN; - /* Include only the selected cipher in pairwise cipher suite */ - WPA_PUT_LE16(pos, 1); - pos += 2; - RSN_SELECTOR_PUT(pos, wpa_cipher_to_suite(WPA_PROTO_RSN, cipher)); - pos += RSN_SELECTOR_LEN; - - hdr->len = (pos - peerkey->rsnie_p) - 2; - peerkey->rsnie_p_len = pos - peerkey->rsnie_p; - wpa_hexdump(MSG_DEBUG, "WPA: RSN IE for SMK handshake", - peerkey->rsnie_p, peerkey->rsnie_p_len); - - wpa_supplicant_send_smk_m3(sm, src_addr, key, ver, peerkey); - - peerkey->next = sm->peerkey; - sm->peerkey = peerkey; - - return 0; -} - - -/** - * rsn_smkid - Derive SMK identifier - * @smk: Station master key (32 bytes) - * @pnonce: Peer Nonce - * @mac_p: Peer MAC address - * @inonce: Initiator Nonce - * @mac_i: Initiator MAC address - * @akmp: Negotiated AKM - * - * 8.5.1.4 Station to station (STK) key hierarchy - * SMKID = HMAC-SHA1-128(SMK, "SMK Name" || PNonce || MAC_P || INonce || MAC_I) - */ -static void rsn_smkid(const u8 *smk, const u8 *pnonce, const u8 *mac_p, - const u8 *inonce, const u8 *mac_i, u8 *smkid, - int akmp) -{ - char *title = "SMK Name"; - const u8 *addr[5]; - const size_t len[5] = { 8, WPA_NONCE_LEN, ETH_ALEN, WPA_NONCE_LEN, - ETH_ALEN }; - unsigned char hash[SHA256_MAC_LEN]; - - addr[0] = (u8 *) title; - addr[1] = pnonce; - addr[2] = mac_p; - addr[3] = inonce; - addr[4] = mac_i; - -#ifdef CONFIG_IEEE80211W - if (wpa_key_mgmt_sha256(akmp)) - hmac_sha256_vector(smk, PMK_LEN, 5, addr, len, hash); - else -#endif /* CONFIG_IEEE80211W */ - hmac_sha1_vector(smk, PMK_LEN, 5, addr, len, hash); - os_memcpy(smkid, hash, PMKID_LEN); -} - - -static void wpa_supplicant_send_stk_1_of_4(struct wpa_sm *sm, - struct wpa_peerkey *peerkey) -{ - size_t mlen; - struct wpa_eapol_key *msg; - u8 *mbuf; - size_t kde_len; - u16 key_info, ver; - - kde_len = 2 + RSN_SELECTOR_LEN + PMKID_LEN; - - mbuf = wpa_sm_alloc_eapol(sm, IEEE802_1X_TYPE_EAPOL_KEY, NULL, - sizeof(*msg) + kde_len, &mlen, - (void *) &msg); - if (mbuf == NULL) - return; - - msg->type = EAPOL_KEY_TYPE_RSN; - - if (peerkey->cipher != WPA_CIPHER_TKIP) - ver = WPA_KEY_INFO_TYPE_HMAC_SHA1_AES; - else - ver = WPA_KEY_INFO_TYPE_HMAC_MD5_RC4; - - key_info = ver | WPA_KEY_INFO_KEY_TYPE | WPA_KEY_INFO_ACK; - WPA_PUT_BE16(msg->key_info, key_info); - - if (peerkey->cipher != WPA_CIPHER_TKIP) - WPA_PUT_BE16(msg->key_length, 16); - else - WPA_PUT_BE16(msg->key_length, 32); - - os_memcpy(msg->replay_counter, peerkey->replay_counter, - WPA_REPLAY_COUNTER_LEN); - inc_byte_array(peerkey->replay_counter, WPA_REPLAY_COUNTER_LEN); - - WPA_PUT_BE16(msg->key_data_length, kde_len); - wpa_add_kde((u8 *) (msg + 1), RSN_KEY_DATA_PMKID, - peerkey->smkid, PMKID_LEN); - - if (random_get_bytes(peerkey->inonce, WPA_NONCE_LEN)) { - wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, - "RSN: Failed to get random data for INonce (STK)"); - os_free(mbuf); - return; - } - wpa_hexdump(MSG_DEBUG, "RSN: INonce for STK 4-Way Handshake", - peerkey->inonce, WPA_NONCE_LEN); - os_memcpy(msg->key_nonce, peerkey->inonce, WPA_NONCE_LEN); - - wpa_printf(MSG_DEBUG, "RSN: Sending EAPOL-Key STK 1/4 to " MACSTR, - MAC2STR(peerkey->addr)); - wpa_eapol_key_send(sm, NULL, 0, ver, peerkey->addr, ETH_P_EAPOL, - mbuf, mlen, NULL); -} - - -static void wpa_supplicant_send_stk_3_of_4(struct wpa_sm *sm, - struct wpa_peerkey *peerkey) -{ - size_t mlen; - struct wpa_eapol_key *msg; - u8 *mbuf, *pos; - size_t kde_len; - u16 key_info, ver; - be32 lifetime; - - kde_len = peerkey->rsnie_i_len + - 2 + RSN_SELECTOR_LEN + sizeof(lifetime); - - mbuf = wpa_sm_alloc_eapol(sm, IEEE802_1X_TYPE_EAPOL_KEY, NULL, - sizeof(*msg) + kde_len, &mlen, - (void *) &msg); - if (mbuf == NULL) - return; - - msg->type = EAPOL_KEY_TYPE_RSN; - - if (peerkey->cipher != WPA_CIPHER_TKIP) - ver = WPA_KEY_INFO_TYPE_HMAC_SHA1_AES; - else - ver = WPA_KEY_INFO_TYPE_HMAC_MD5_RC4; - - key_info = ver | WPA_KEY_INFO_KEY_TYPE | WPA_KEY_INFO_ACK | - WPA_KEY_INFO_MIC | WPA_KEY_INFO_SECURE; - WPA_PUT_BE16(msg->key_info, key_info); - - if (peerkey->cipher != WPA_CIPHER_TKIP) - WPA_PUT_BE16(msg->key_length, 16); - else - WPA_PUT_BE16(msg->key_length, 32); - - os_memcpy(msg->replay_counter, peerkey->replay_counter, - WPA_REPLAY_COUNTER_LEN); - inc_byte_array(peerkey->replay_counter, WPA_REPLAY_COUNTER_LEN); - - WPA_PUT_BE16(msg->key_data_length, kde_len); - pos = (u8 *) (msg + 1); - pos = wpa_add_ie(pos, peerkey->rsnie_i, peerkey->rsnie_i_len); - lifetime = host_to_be32(peerkey->lifetime); - wpa_add_kde(pos, RSN_KEY_DATA_LIFETIME, - (u8 *) &lifetime, sizeof(lifetime)); - - os_memcpy(msg->key_nonce, peerkey->inonce, WPA_NONCE_LEN); - - wpa_printf(MSG_DEBUG, "RSN: Sending EAPOL-Key STK 3/4 to " MACSTR, - MAC2STR(peerkey->addr)); - wpa_eapol_key_send(sm, peerkey->stk.kck, peerkey->stk.kck_len, ver, - peerkey->addr, ETH_P_EAPOL, mbuf, mlen, - msg->key_mic); -} - - -static int wpa_supplicant_process_smk_m4(struct wpa_peerkey *peerkey, - struct wpa_eapol_ie_parse *kde) -{ - wpa_printf(MSG_DEBUG, "RSN: Received SMK M4 (Initiator " MACSTR ")", - MAC2STR(kde->mac_addr)); - - if (os_memcmp(kde->smk + PMK_LEN, peerkey->pnonce, WPA_NONCE_LEN) != 0) - { - wpa_printf(MSG_INFO, "RSN: PNonce in SMK KDE does not " - "match with the one used in SMK M3"); - return -1; - } - - if (os_memcmp(kde->nonce, peerkey->inonce, WPA_NONCE_LEN) != 0) { - wpa_printf(MSG_INFO, "RSN: INonce in SMK M4 did not " - "match with the one received in SMK M2"); - return -1; - } - - return 0; -} - - -static int wpa_supplicant_process_smk_m5(struct wpa_sm *sm, - const unsigned char *src_addr, - const struct wpa_eapol_key *key, - int ver, - struct wpa_peerkey *peerkey, - struct wpa_eapol_ie_parse *kde) -{ - int cipher; - struct wpa_ie_data ie; - - wpa_printf(MSG_DEBUG, "RSN: Received SMK M5 (Peer " MACSTR ")", - MAC2STR(kde->mac_addr)); - if (kde->rsn_ie == NULL || kde->rsn_ie_len > PEERKEY_MAX_IE_LEN || - wpa_parse_wpa_ie_rsn(kde->rsn_ie, kde->rsn_ie_len, &ie) < 0) { - wpa_printf(MSG_INFO, "RSN: No RSN IE in SMK M5"); - /* TODO: abort negotiation */ - return -1; - } - - if (os_memcmp(key->key_nonce, peerkey->inonce, WPA_NONCE_LEN) != 0) { - wpa_printf(MSG_INFO, "RSN: Key Nonce in SMK M5 does " - "not match with INonce used in SMK M1"); - return -1; - } - - if (os_memcmp(kde->smk + PMK_LEN, peerkey->inonce, WPA_NONCE_LEN) != 0) - { - wpa_printf(MSG_INFO, "RSN: INonce in SMK KDE does not " - "match with the one used in SMK M1"); - return -1; - } - - os_memcpy(peerkey->rsnie_p, kde->rsn_ie, kde->rsn_ie_len); - peerkey->rsnie_p_len = kde->rsn_ie_len; - os_memcpy(peerkey->pnonce, kde->nonce, WPA_NONCE_LEN); - - cipher = wpa_pick_pairwise_cipher(ie.pairwise_cipher & - sm->allowed_pairwise_cipher, 0); - if (cipher < 0) { - wpa_printf(MSG_INFO, "RSN: SMK Peer STA " MACSTR " selected " - "unacceptable cipher", MAC2STR(kde->mac_addr)); - wpa_supplicant_send_smk_error(sm, src_addr, kde->mac_addr, - STK_MUI_SMK, STK_ERR_CPHR_NS, - ver); - /* TODO: abort negotiation */ - return -1; - } - wpa_printf(MSG_DEBUG, "RSN: Using %s for PeerKey", - wpa_cipher_txt(cipher)); - peerkey->cipher = cipher; - - return 0; -} - - -static int wpa_supplicant_process_smk_m45( - struct wpa_sm *sm, const unsigned char *src_addr, - const struct wpa_eapol_key *key, size_t extra_len, int ver) -{ - struct wpa_peerkey *peerkey; - struct wpa_eapol_ie_parse kde; - u32 lifetime; - - if (!sm->peerkey_enabled || sm->proto != WPA_PROTO_RSN) { - wpa_printf(MSG_DEBUG, "RSN: SMK handshake not allowed for " - "the current network"); - return -1; - } - - if (wpa_supplicant_parse_ies((const u8 *) (key + 1), extra_len, &kde) < - 0) { - wpa_printf(MSG_INFO, "RSN: Failed to parse KDEs in SMK M4/M5"); - return -1; - } - - if (kde.mac_addr == NULL || kde.mac_addr_len < ETH_ALEN || - kde.nonce == NULL || kde.nonce_len < WPA_NONCE_LEN || - kde.smk == NULL || kde.smk_len < PMK_LEN + WPA_NONCE_LEN || - kde.lifetime == NULL || kde.lifetime_len < 4) { - wpa_printf(MSG_INFO, "RSN: No MAC Address, Nonce, SMK, or " - "Lifetime KDE in SMK M4/M5"); - return -1; - } - - for (peerkey = sm->peerkey; peerkey; peerkey = peerkey->next) { - if (os_memcmp(peerkey->addr, kde.mac_addr, ETH_ALEN) == 0 && - os_memcmp(peerkey->initiator ? peerkey->inonce : - peerkey->pnonce, - key->key_nonce, WPA_NONCE_LEN) == 0) - break; - } - if (peerkey == NULL) { - wpa_printf(MSG_INFO, "RSN: No matching SMK handshake found " - "for SMK M4/M5: peer " MACSTR, - MAC2STR(kde.mac_addr)); - return -1; - } - - if (peerkey->initiator) { - if (wpa_supplicant_process_smk_m5(sm, src_addr, key, ver, - peerkey, &kde) < 0) - return -1; - } else { - if (wpa_supplicant_process_smk_m4(peerkey, &kde) < 0) - return -1; - } - - os_memcpy(peerkey->smk, kde.smk, PMK_LEN); - peerkey->smk_complete = 1; - wpa_hexdump_key(MSG_DEBUG, "RSN: SMK", peerkey->smk, PMK_LEN); - lifetime = WPA_GET_BE32(kde.lifetime); - wpa_printf(MSG_DEBUG, "RSN: SMK lifetime %u seconds", lifetime); - if (lifetime > 1000000000) - lifetime = 1000000000; /* avoid overflowing eloop time */ - peerkey->lifetime = lifetime; - eloop_register_timeout(lifetime, 0, wpa_supplicant_smk_timeout, - sm, peerkey); - - if (peerkey->initiator) { - rsn_smkid(peerkey->smk, peerkey->pnonce, peerkey->addr, - peerkey->inonce, sm->own_addr, peerkey->smkid, - peerkey->akmp); - wpa_supplicant_send_stk_1_of_4(sm, peerkey); - } else { - rsn_smkid(peerkey->smk, peerkey->pnonce, sm->own_addr, - peerkey->inonce, peerkey->addr, peerkey->smkid, - peerkey->akmp); - } - wpa_hexdump(MSG_DEBUG, "RSN: SMKID", peerkey->smkid, PMKID_LEN); - - return 0; -} - - -static int wpa_supplicant_process_smk_error( - struct wpa_sm *sm, const unsigned char *src_addr, - const struct wpa_eapol_key *key, size_t extra_len) -{ - struct wpa_eapol_ie_parse kde; - struct rsn_error_kde error; - u8 peer[ETH_ALEN]; - u16 error_type; - - wpa_printf(MSG_DEBUG, "RSN: Received SMK Error"); - - if (!sm->peerkey_enabled || sm->proto != WPA_PROTO_RSN) { - wpa_printf(MSG_DEBUG, "RSN: SMK handshake not allowed for " - "the current network"); - return -1; - } - - if (wpa_supplicant_parse_ies((const u8 *) (key + 1), extra_len, &kde) < - 0) { - wpa_printf(MSG_INFO, "RSN: Failed to parse KDEs in SMK Error"); - return -1; - } - - if (kde.error == NULL || kde.error_len < sizeof(error)) { - wpa_printf(MSG_INFO, "RSN: No Error KDE in SMK Error"); - return -1; - } - - if (kde.mac_addr && kde.mac_addr_len >= ETH_ALEN) - os_memcpy(peer, kde.mac_addr, ETH_ALEN); - else - os_memset(peer, 0, ETH_ALEN); - os_memcpy(&error, kde.error, sizeof(error)); - error_type = be_to_host16(error.error_type); - wpa_msg(sm->ctx->msg_ctx, MSG_INFO, - "RSN: SMK Error KDE received: MUI %d error_type %d peer " - MACSTR, - be_to_host16(error.mui), error_type, - MAC2STR(peer)); - - if (kde.mac_addr && - (error_type == STK_ERR_STA_NR || error_type == STK_ERR_STA_NRSN || - error_type == STK_ERR_CPHR_NS)) { - struct wpa_peerkey *peerkey; - - for (peerkey = sm->peerkey; peerkey; peerkey = peerkey->next) { - if (os_memcmp(peerkey->addr, kde.mac_addr, ETH_ALEN) == - 0) - break; - } - if (peerkey == NULL) { - wpa_printf(MSG_DEBUG, "RSN: No matching SMK handshake " - "found for SMK Error"); - return -1; - } - /* TODO: abort SMK/STK handshake and remove all related keys */ - } - - return 0; -} - - -static void wpa_supplicant_process_stk_1_of_4(struct wpa_sm *sm, - struct wpa_peerkey *peerkey, - const struct wpa_eapol_key *key, - u16 ver, const u8 *key_data, - size_t key_data_len) -{ - struct wpa_eapol_ie_parse ie; - size_t kde_buf_len; - struct wpa_ptk *stk; - u8 buf[8], *kde_buf, *pos; - be32 lifetime; - - wpa_printf(MSG_DEBUG, "RSN: RX message 1 of STK 4-Way Handshake from " - MACSTR " (ver=%d)", MAC2STR(peerkey->addr), ver); - - os_memset(&ie, 0, sizeof(ie)); - - /* RSN: msg 1/4 should contain SMKID for the selected SMK */ - wpa_hexdump(MSG_DEBUG, "RSN: msg 1/4 key data", key_data, key_data_len); - if (wpa_supplicant_parse_ies(key_data, key_data_len, &ie) < 0 || - ie.pmkid == NULL) { - wpa_printf(MSG_DEBUG, "RSN: No SMKID in STK 1/4"); - return; - } - if (os_memcmp_const(ie.pmkid, peerkey->smkid, PMKID_LEN) != 0) { - wpa_hexdump(MSG_DEBUG, "RSN: Unknown SMKID in STK 1/4", - ie.pmkid, PMKID_LEN); - return; - } - - if (random_get_bytes(peerkey->pnonce, WPA_NONCE_LEN)) { - wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, - "RSN: Failed to get random data for PNonce"); - return; - } - wpa_hexdump(MSG_DEBUG, "WPA: Renewed PNonce", - peerkey->pnonce, WPA_NONCE_LEN); - - /* Calculate STK which will be stored as a temporary STK until it has - * been verified when processing message 3/4. */ - stk = &peerkey->tstk; - wpa_pmk_to_ptk(peerkey->smk, PMK_LEN, "Peer key expansion", - sm->own_addr, peerkey->addr, - peerkey->pnonce, key->key_nonce, - stk, peerkey->akmp, peerkey->cipher); - /* Supplicant: swap tx/rx Mic keys */ - os_memcpy(buf, &stk->tk[16], 8); - os_memcpy(&stk->tk[16], &stk->tk[24], 8); - os_memcpy(&stk->tk[24], buf, 8); - peerkey->tstk_set = 1; - - kde_buf_len = peerkey->rsnie_p_len + - 2 + RSN_SELECTOR_LEN + sizeof(lifetime) + - 2 + RSN_SELECTOR_LEN + PMKID_LEN; - kde_buf = os_malloc(kde_buf_len); - if (kde_buf == NULL) - return; - pos = kde_buf; - pos = wpa_add_ie(pos, peerkey->rsnie_p, peerkey->rsnie_p_len); - lifetime = host_to_be32(peerkey->lifetime); - pos = wpa_add_kde(pos, RSN_KEY_DATA_LIFETIME, - (u8 *) &lifetime, sizeof(lifetime)); - wpa_add_kde(pos, RSN_KEY_DATA_PMKID, peerkey->smkid, PMKID_LEN); - - if (wpa_supplicant_send_2_of_4(sm, peerkey->addr, key, ver, - peerkey->pnonce, kde_buf, kde_buf_len, - stk)) { - os_free(kde_buf); - return; - } - os_free(kde_buf); - - os_memcpy(peerkey->inonce, key->key_nonce, WPA_NONCE_LEN); -} - - -static void wpa_supplicant_update_smk_lifetime(struct wpa_sm *sm, - struct wpa_peerkey *peerkey, - struct wpa_eapol_ie_parse *kde) -{ - u32 lifetime; - - if (kde->lifetime == NULL || kde->lifetime_len < sizeof(lifetime)) - return; - - lifetime = WPA_GET_BE32(kde->lifetime); - - if (lifetime >= peerkey->lifetime) { - wpa_printf(MSG_DEBUG, "RSN: Peer used SMK lifetime %u seconds " - "which is larger than or equal to own value %u " - "seconds - ignored", lifetime, peerkey->lifetime); - return; - } - - wpa_printf(MSG_DEBUG, "RSN: Peer used shorter SMK lifetime %u seconds " - "(own was %u seconds) - updated", - lifetime, peerkey->lifetime); - peerkey->lifetime = lifetime; - - eloop_cancel_timeout(wpa_supplicant_smk_timeout, sm, peerkey); - eloop_register_timeout(lifetime, 0, wpa_supplicant_smk_timeout, - sm, peerkey); -} - - -static void wpa_supplicant_process_stk_2_of_4(struct wpa_sm *sm, - struct wpa_peerkey *peerkey, - const struct wpa_eapol_key *key, - u16 ver, const u8 *key_data, - size_t key_data_len) -{ - struct wpa_eapol_ie_parse kde; - - wpa_printf(MSG_DEBUG, "RSN: RX message 2 of STK 4-Way Handshake from " - MACSTR " (ver=%d)", MAC2STR(peerkey->addr), ver); - - os_memset(&kde, 0, sizeof(kde)); - - /* RSN: msg 2/4 should contain SMKID for the selected SMK and RSN IE - * from the peer. It may also include Lifetime KDE. */ - wpa_hexdump(MSG_DEBUG, "RSN: msg 2/4 key data", key_data, key_data_len); - if (wpa_supplicant_parse_ies(key_data, key_data_len, &kde) < 0 || - kde.pmkid == NULL || kde.rsn_ie == NULL) { - wpa_printf(MSG_DEBUG, "RSN: No SMKID or RSN IE in STK 2/4"); - return; - } - - if (os_memcmp_const(kde.pmkid, peerkey->smkid, PMKID_LEN) != 0) { - wpa_hexdump(MSG_DEBUG, "RSN: Unknown SMKID in STK 2/4", - kde.pmkid, PMKID_LEN); - return; - } - - if (kde.rsn_ie_len != peerkey->rsnie_p_len || - os_memcmp(kde.rsn_ie, peerkey->rsnie_p, kde.rsn_ie_len) != 0) { - wpa_printf(MSG_INFO, "RSN: Peer RSN IE in SMK and STK " - "handshakes did not match"); - wpa_hexdump(MSG_DEBUG, "RSN: Peer RSN IE in SMK handshake", - peerkey->rsnie_p, peerkey->rsnie_p_len); - wpa_hexdump(MSG_DEBUG, "RSN: Peer RSN IE in STK handshake", - kde.rsn_ie, kde.rsn_ie_len); - return; - } - - wpa_supplicant_update_smk_lifetime(sm, peerkey, &kde); - - wpa_supplicant_send_stk_3_of_4(sm, peerkey); - os_memcpy(peerkey->pnonce, key->key_nonce, WPA_NONCE_LEN); -} - - -static void wpa_supplicant_process_stk_3_of_4(struct wpa_sm *sm, - struct wpa_peerkey *peerkey, - const struct wpa_eapol_key *key, - u16 ver, const u8 *key_data, - size_t key_data_len) -{ - struct wpa_eapol_ie_parse kde; - size_t key_len; - const u8 *_key; - u8 key_buf[32], rsc[6]; - - wpa_printf(MSG_DEBUG, "RSN: RX message 3 of STK 4-Way Handshake from " - MACSTR " (ver=%d)", MAC2STR(peerkey->addr), ver); - - os_memset(&kde, 0, sizeof(kde)); - - /* RSN: msg 3/4 should contain Initiator RSN IE. It may also include - * Lifetime KDE. */ - wpa_hexdump(MSG_DEBUG, "RSN: msg 3/4 key data", key_data, key_data_len); - if (wpa_supplicant_parse_ies(key_data, key_data_len, &kde) < 0) { - wpa_printf(MSG_DEBUG, "RSN: Failed to parse key data in " - "STK 3/4"); - return; - } - - if (kde.rsn_ie_len != peerkey->rsnie_i_len || - os_memcmp(kde.rsn_ie, peerkey->rsnie_i, kde.rsn_ie_len) != 0) { - wpa_printf(MSG_INFO, "RSN: Initiator RSN IE in SMK and STK " - "handshakes did not match"); - wpa_hexdump(MSG_DEBUG, "RSN: Initiator RSN IE in SMK " - "handshake", - peerkey->rsnie_i, peerkey->rsnie_i_len); - wpa_hexdump(MSG_DEBUG, "RSN: Initiator RSN IE in STK " - "handshake", - kde.rsn_ie, kde.rsn_ie_len); - return; - } - - if (os_memcmp(peerkey->inonce, key->key_nonce, WPA_NONCE_LEN) != 0) { - wpa_printf(MSG_WARNING, "RSN: INonce from message 1 of STK " - "4-Way Handshake differs from 3 of STK 4-Way " - "Handshake - drop packet (src=" MACSTR ")", - MAC2STR(peerkey->addr)); - return; - } - - wpa_supplicant_update_smk_lifetime(sm, peerkey, &kde); - - if (wpa_supplicant_send_4_of_4(sm, peerkey->addr, key, ver, - WPA_GET_BE16(key->key_info), - &peerkey->stk)) - return; - - _key = peerkey->stk.tk; - if (peerkey->cipher == WPA_CIPHER_TKIP) { - /* Swap Tx/Rx keys for Michael MIC */ - os_memcpy(key_buf, _key, 16); - os_memcpy(key_buf + 16, _key + 24, 8); - os_memcpy(key_buf + 24, _key + 16, 8); - _key = key_buf; - key_len = 32; - } else - key_len = 16; - - os_memset(rsc, 0, 6); - if (wpa_sm_set_key(sm, peerkey->cipher, peerkey->addr, 0, 1, - rsc, sizeof(rsc), _key, key_len) < 0) { - os_memset(key_buf, 0, sizeof(key_buf)); - wpa_printf(MSG_WARNING, "RSN: Failed to set STK to the " - "driver."); - return; - } - os_memset(key_buf, 0, sizeof(key_buf)); -} - - -static void wpa_supplicant_process_stk_4_of_4(struct wpa_sm *sm, - struct wpa_peerkey *peerkey, - const struct wpa_eapol_key *key, - u16 ver) -{ - u8 rsc[6]; - - wpa_printf(MSG_DEBUG, "RSN: RX message 4 of STK 4-Way Handshake from " - MACSTR " (ver=%d)", MAC2STR(peerkey->addr), ver); - - os_memset(rsc, 0, 6); - if (wpa_sm_set_key(sm, peerkey->cipher, peerkey->addr, 0, 1, - rsc, sizeof(rsc), peerkey->stk.tk, - peerkey->cipher == WPA_CIPHER_TKIP ? 32 : 16) < 0) { - wpa_printf(MSG_WARNING, "RSN: Failed to set STK to the " - "driver."); - return; - } -} - - -/** - * peerkey_verify_eapol_key_mic - Verify PeerKey MIC - * @sm: Pointer to WPA state machine data from wpa_sm_init() - * @peerkey: Pointer to the PeerKey data for the peer - * @key: Pointer to the EAPOL-Key frame header - * @ver: Version bits from EAPOL-Key Key Info - * @buf: Pointer to the beginning of EAPOL-Key frame - * @len: Length of the EAPOL-Key frame - * Returns: 0 on success, -1 on failure - */ -int peerkey_verify_eapol_key_mic(struct wpa_sm *sm, - struct wpa_peerkey *peerkey, - struct wpa_eapol_key_192 *key, u16 ver, - const u8 *buf, size_t len) -{ - u8 mic[WPA_EAPOL_KEY_MIC_MAX_LEN]; - size_t mic_len = 16; - int ok = 0; - - if (peerkey->initiator && !peerkey->stk_set) { - wpa_pmk_to_ptk(peerkey->smk, PMK_LEN, "Peer key expansion", - sm->own_addr, peerkey->addr, - peerkey->inonce, key->key_nonce, - &peerkey->stk, peerkey->akmp, peerkey->cipher); - peerkey->stk_set = 1; - } - - os_memcpy(mic, key->key_mic, mic_len); - if (peerkey->tstk_set) { - os_memset(key->key_mic, 0, mic_len); - wpa_eapol_key_mic(peerkey->tstk.kck, peerkey->tstk.kck_len, - sm->key_mgmt, ver, buf, len, key->key_mic); - if (os_memcmp_const(mic, key->key_mic, mic_len) != 0) { - wpa_printf(MSG_WARNING, "RSN: Invalid EAPOL-Key MIC " - "when using TSTK - ignoring TSTK"); - } else { - ok = 1; - peerkey->tstk_set = 0; - peerkey->stk_set = 1; - os_memcpy(&peerkey->stk, &peerkey->tstk, - sizeof(peerkey->stk)); - os_memset(&peerkey->tstk, 0, sizeof(peerkey->tstk)); - } - } - - if (!ok && peerkey->stk_set) { - os_memset(key->key_mic, 0, mic_len); - wpa_eapol_key_mic(peerkey->stk.kck, peerkey->stk.kck_len, - sm->key_mgmt, ver, buf, len, key->key_mic); - if (os_memcmp_const(mic, key->key_mic, mic_len) != 0) { - wpa_printf(MSG_WARNING, "RSN: Invalid EAPOL-Key MIC " - "- dropping packet"); - return -1; - } - ok = 1; - } - - if (!ok) { - wpa_printf(MSG_WARNING, "RSN: Could not verify EAPOL-Key MIC " - "- dropping packet"); - return -1; - } - - os_memcpy(peerkey->replay_counter, key->replay_counter, - WPA_REPLAY_COUNTER_LEN); - peerkey->replay_counter_set = 1; - return 0; -} - - -/** - * wpa_sm_stkstart - Send EAPOL-Key Request for STK handshake (STK M1) - * @sm: Pointer to WPA state machine data from wpa_sm_init() - * @peer: MAC address of the peer STA - * Returns: 0 on success, or -1 on failure - * - * Send an EAPOL-Key Request to the current authenticator to start STK - * handshake with the peer. - */ -int wpa_sm_stkstart(struct wpa_sm *sm, const u8 *peer) -{ - size_t rlen, kde_len; - struct wpa_eapol_key *req; - int key_info, ver; - u8 bssid[ETH_ALEN], *rbuf, *pos, *count_pos; - u16 count; - struct rsn_ie_hdr *hdr; - struct wpa_peerkey *peerkey; - struct wpa_ie_data ie; - - if (sm->proto != WPA_PROTO_RSN || !sm->ptk_set || !sm->peerkey_enabled) - return -1; - - if (sm->ap_rsn_ie && - wpa_parse_wpa_ie_rsn(sm->ap_rsn_ie, sm->ap_rsn_ie_len, &ie) == 0 && - !(ie.capabilities & WPA_CAPABILITY_PEERKEY_ENABLED)) { - wpa_printf(MSG_DEBUG, "RSN: Current AP does not support STK"); - return -1; - } - - if (sm->pairwise_cipher != WPA_CIPHER_TKIP) - ver = WPA_KEY_INFO_TYPE_HMAC_SHA1_AES; - else - ver = WPA_KEY_INFO_TYPE_HMAC_MD5_RC4; - - if (wpa_sm_get_bssid(sm, bssid) < 0) { - wpa_printf(MSG_WARNING, "Failed to read BSSID for EAPOL-Key " - "SMK M1"); - return -1; - } - - /* TODO: find existing entry and if found, use that instead of adding - * a new one */ - peerkey = os_zalloc(sizeof(*peerkey)); - if (peerkey == NULL) - return -1; - peerkey->initiator = 1; - os_memcpy(peerkey->addr, peer, ETH_ALEN); - peerkey->akmp = sm->key_mgmt; - - /* SMK M1: - * EAPOL-Key(S=1, M=1, A=0, I=0, K=0, SM=1, KeyRSC=0, Nonce=INonce, - * MIC=MIC, DataKDs=(RSNIE_I, MAC_P KDE)) - */ - - hdr = (struct rsn_ie_hdr *) peerkey->rsnie_i; - hdr->elem_id = WLAN_EID_RSN; - WPA_PUT_LE16(hdr->version, RSN_VERSION); - pos = (u8 *) (hdr + 1); - /* Group Suite can be anything for SMK RSN IE; receiver will just - * ignore it. */ - RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_CCMP); - pos += RSN_SELECTOR_LEN; - count_pos = pos; - pos += 2; - - count = rsn_cipher_put_suites(pos, sm->allowed_pairwise_cipher); - pos += count * RSN_SELECTOR_LEN; - WPA_PUT_LE16(count_pos, count); - - hdr->len = (pos - peerkey->rsnie_i) - 2; - peerkey->rsnie_i_len = pos - peerkey->rsnie_i; - wpa_hexdump(MSG_DEBUG, "WPA: RSN IE for SMK handshake", - peerkey->rsnie_i, peerkey->rsnie_i_len); - - kde_len = peerkey->rsnie_i_len + 2 + RSN_SELECTOR_LEN + ETH_ALEN; - - rbuf = wpa_sm_alloc_eapol(sm, IEEE802_1X_TYPE_EAPOL_KEY, NULL, - sizeof(*req) + kde_len, &rlen, - (void *) &req); - if (rbuf == NULL) { - wpa_supplicant_peerkey_free(sm, peerkey); - return -1; - } - - req->type = EAPOL_KEY_TYPE_RSN; - key_info = WPA_KEY_INFO_SMK_MESSAGE | WPA_KEY_INFO_MIC | - WPA_KEY_INFO_SECURE | WPA_KEY_INFO_REQUEST | ver; - WPA_PUT_BE16(req->key_info, key_info); - WPA_PUT_BE16(req->key_length, 0); - os_memcpy(req->replay_counter, sm->request_counter, - WPA_REPLAY_COUNTER_LEN); - inc_byte_array(sm->request_counter, WPA_REPLAY_COUNTER_LEN); - - if (random_get_bytes(peerkey->inonce, WPA_NONCE_LEN)) { - wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, - "WPA: Failed to get random data for INonce"); - os_free(rbuf); - wpa_supplicant_peerkey_free(sm, peerkey); - return -1; - } - os_memcpy(req->key_nonce, peerkey->inonce, WPA_NONCE_LEN); - wpa_hexdump(MSG_DEBUG, "WPA: INonce for SMK handshake", - req->key_nonce, WPA_NONCE_LEN); - - WPA_PUT_BE16(req->key_data_length, (u16) kde_len); - pos = (u8 *) (req + 1); - - /* Initiator RSN IE */ - pos = wpa_add_ie(pos, peerkey->rsnie_i, peerkey->rsnie_i_len); - /* Peer MAC address KDE */ - wpa_add_kde(pos, RSN_KEY_DATA_MAC_ADDR, peer, ETH_ALEN); - - wpa_printf(MSG_INFO, "RSN: Sending EAPOL-Key SMK M1 Request (peer " - MACSTR ")", MAC2STR(peer)); - wpa_eapol_key_send(sm, sm->ptk.kck, sm->ptk.kck_len, ver, bssid, - ETH_P_EAPOL, rbuf, rlen, req->key_mic); - - peerkey->next = sm->peerkey; - sm->peerkey = peerkey; - - return 0; -} - - -/** - * peerkey_deinit - Free PeerKey values - * @sm: Pointer to WPA state machine data from wpa_sm_init() - */ -void peerkey_deinit(struct wpa_sm *sm) -{ - struct wpa_peerkey *prev, *peerkey = sm->peerkey; - while (peerkey) { - prev = peerkey; - peerkey = peerkey->next; - wpa_supplicant_peerkey_free(sm, prev); - } - sm->peerkey = NULL; -} - - -void peerkey_rx_eapol_4way(struct wpa_sm *sm, struct wpa_peerkey *peerkey, - struct wpa_eapol_key *key, u16 key_info, u16 ver, - const u8 *key_data, size_t key_data_len) -{ - if ((key_info & (WPA_KEY_INFO_MIC | WPA_KEY_INFO_ACK)) == - (WPA_KEY_INFO_MIC | WPA_KEY_INFO_ACK)) { - /* 3/4 STK 4-Way Handshake */ - wpa_supplicant_process_stk_3_of_4(sm, peerkey, key, ver, - key_data, key_data_len); - } else if (key_info & WPA_KEY_INFO_ACK) { - /* 1/4 STK 4-Way Handshake */ - wpa_supplicant_process_stk_1_of_4(sm, peerkey, key, ver, - key_data, key_data_len); - } else if (key_info & WPA_KEY_INFO_SECURE) { - /* 4/4 STK 4-Way Handshake */ - wpa_supplicant_process_stk_4_of_4(sm, peerkey, key, ver); - } else { - /* 2/4 STK 4-Way Handshake */ - wpa_supplicant_process_stk_2_of_4(sm, peerkey, key, ver, - key_data, key_data_len); - } -} - - -void peerkey_rx_eapol_smk(struct wpa_sm *sm, const u8 *src_addr, - struct wpa_eapol_key *key, size_t extra_len, - u16 key_info, u16 ver) -{ - if (key_info & WPA_KEY_INFO_ERROR) { - /* SMK Error */ - wpa_supplicant_process_smk_error(sm, src_addr, key, extra_len); - } else if (key_info & WPA_KEY_INFO_ACK) { - /* SMK M2 */ - wpa_supplicant_process_smk_m2(sm, src_addr, key, extra_len, - ver); - } else { - /* SMK M4 or M5 */ - wpa_supplicant_process_smk_m45(sm, src_addr, key, extra_len, - ver); - } -} - -#endif /* CONFIG_PEERKEY */ diff --git a/contrib/wpa/src/rsn_supp/peerkey.h b/contrib/wpa/src/rsn_supp/peerkey.h deleted file mode 100644 index 6ccd948baace..000000000000 --- a/contrib/wpa/src/rsn_supp/peerkey.h +++ /dev/null @@ -1,82 +0,0 @@ -/* - * WPA Supplicant - PeerKey for Direct Link Setup (DLS) - * Copyright (c) 2006-2015, Jouni Malinen <j@w1.fi> - * - * This software may be distributed under the terms of the BSD license. - * See README for more details. - */ - -#ifndef PEERKEY_H -#define PEERKEY_H - -#define PEERKEY_MAX_IE_LEN 80 -struct wpa_peerkey { - struct wpa_peerkey *next; - int initiator; /* whether this end was initator for SMK handshake */ - u8 addr[ETH_ALEN]; /* other end MAC address */ - u8 inonce[WPA_NONCE_LEN]; /* Initiator Nonce */ - u8 pnonce[WPA_NONCE_LEN]; /* Peer Nonce */ - u8 rsnie_i[PEERKEY_MAX_IE_LEN]; /* Initiator RSN IE */ - size_t rsnie_i_len; - u8 rsnie_p[PEERKEY_MAX_IE_LEN]; /* Peer RSN IE */ - size_t rsnie_p_len; - u8 smk[PMK_LEN]; - int smk_complete; - u8 smkid[PMKID_LEN]; - u32 lifetime; - int cipher; /* Selected cipher (WPA_CIPHER_*) */ - u8 replay_counter[WPA_REPLAY_COUNTER_LEN]; - int replay_counter_set; - int akmp; - - struct wpa_ptk stk, tstk; - int stk_set, tstk_set; -}; - - -#ifdef CONFIG_PEERKEY - -int peerkey_verify_eapol_key_mic(struct wpa_sm *sm, - struct wpa_peerkey *peerkey, - struct wpa_eapol_key_192 *key, u16 ver, - const u8 *buf, size_t len); -void peerkey_rx_eapol_4way(struct wpa_sm *sm, struct wpa_peerkey *peerkey, - struct wpa_eapol_key *key, u16 key_info, u16 ver, - const u8 *key_data, size_t key_data_len); -void peerkey_rx_eapol_smk(struct wpa_sm *sm, const u8 *src_addr, - struct wpa_eapol_key *key, size_t extra_len, - u16 key_info, u16 ver); -void peerkey_deinit(struct wpa_sm *sm); - -#else /* CONFIG_PEERKEY */ - -static inline int -peerkey_verify_eapol_key_mic(struct wpa_sm *sm, - struct wpa_peerkey *peerkey, - struct wpa_eapol_key *key, u16 ver, - const u8 *buf, size_t len) -{ - return -1; -} - -static inline void -peerkey_rx_eapol_4way(struct wpa_sm *sm, struct wpa_peerkey *peerkey, - struct wpa_eapol_key *key, u16 key_info, u16 ver, - const u8 *key_data, size_t key_data_len) -{ -} - -static inline void -peerkey_rx_eapol_smk(struct wpa_sm *sm, const u8 *src_addr, - struct wpa_eapol_key *key, size_t extra_len, - u16 key_info, u16 ver) -{ -} - -static inline void peerkey_deinit(struct wpa_sm *sm) -{ -} - -#endif /* CONFIG_PEERKEY */ - -#endif /* PEERKEY_H */ diff --git a/contrib/wpa/src/rsn_supp/pmksa_cache.c b/contrib/wpa/src/rsn_supp/pmksa_cache.c index 3d8d12223c26..fdd522087dbc 100644 --- a/contrib/wpa/src/rsn_supp/pmksa_cache.c +++ b/contrib/wpa/src/rsn_supp/pmksa_cache.c @@ -43,7 +43,10 @@ static void pmksa_cache_free_entry(struct rsn_pmksa_cache *pmksa, struct rsn_pmksa_cache_entry *entry, enum pmksa_free_reason reason) { - wpa_sm_remove_pmkid(pmksa->sm, entry->aa, entry->pmkid); + wpa_sm_remove_pmkid(pmksa->sm, entry->network_ctx, entry->aa, + entry->pmkid, + entry->fils_cache_id_set ? entry->fils_cache_id : + NULL); pmksa->pmksa_count--; pmksa->free_cb(entry, pmksa->ctx, reason); _pmksa_cache_free_entry(entry); @@ -93,7 +96,7 @@ static void pmksa_cache_set_expiration(struct rsn_pmksa_cache *pmksa) eloop_register_timeout(sec + 1, 0, pmksa_cache_expire, pmksa, NULL); entry = pmksa->sm->cur_pmksa ? pmksa->sm->cur_pmksa : - pmksa_cache_get(pmksa, pmksa->sm->bssid, NULL, NULL); + pmksa_cache_get(pmksa, pmksa->sm->bssid, NULL, NULL, 0); if (entry) { sec = pmksa->pmksa->reauth_time - now.sec; if (sec < 0) @@ -116,6 +119,7 @@ static void pmksa_cache_set_expiration(struct rsn_pmksa_cache *pmksa) * @spa: Supplicant address * @network_ctx: Network configuration context for this PMK * @akmp: WPA_KEY_MGMT_* used in key derivation + * @cache_id: Pointer to FILS Cache Identifier or %NULL if not advertised * Returns: Pointer to the added PMKSA cache entry or %NULL on error * * This function create a PMKSA entry for a new PMK and adds it to the PMKSA @@ -126,9 +130,10 @@ static void pmksa_cache_set_expiration(struct rsn_pmksa_cache *pmksa) struct rsn_pmksa_cache_entry * pmksa_cache_add(struct rsn_pmksa_cache *pmksa, const u8 *pmk, size_t pmk_len, const u8 *pmkid, const u8 *kck, size_t kck_len, - const u8 *aa, const u8 *spa, void *network_ctx, int akmp) + const u8 *aa, const u8 *spa, void *network_ctx, int akmp, + const u8 *cache_id) { - struct rsn_pmksa_cache_entry *entry, *pos, *prev; + struct rsn_pmksa_cache_entry *entry; struct os_reltime now; if (pmk_len > PMK_LEN_MAX) @@ -149,24 +154,38 @@ pmksa_cache_add(struct rsn_pmksa_cache *pmksa, const u8 *pmk, size_t pmk_len, else if (wpa_key_mgmt_suite_b(akmp)) rsn_pmkid_suite_b(kck, kck_len, aa, spa, entry->pmkid); else - rsn_pmkid(pmk, pmk_len, aa, spa, entry->pmkid, - wpa_key_mgmt_sha256(akmp)); + rsn_pmkid(pmk, pmk_len, aa, spa, entry->pmkid, akmp); os_get_reltime(&now); entry->expiration = now.sec + pmksa->sm->dot11RSNAConfigPMKLifetime; entry->reauth_time = now.sec + pmksa->sm->dot11RSNAConfigPMKLifetime * pmksa->sm->dot11RSNAConfigPMKReauthThreshold / 100; entry->akmp = akmp; + if (cache_id) { + entry->fils_cache_id_set = 1; + os_memcpy(entry->fils_cache_id, cache_id, FILS_CACHE_ID_LEN); + } os_memcpy(entry->aa, aa, ETH_ALEN); entry->network_ctx = network_ctx; + return pmksa_cache_add_entry(pmksa, entry); +} + + +struct rsn_pmksa_cache_entry * +pmksa_cache_add_entry(struct rsn_pmksa_cache *pmksa, + struct rsn_pmksa_cache_entry *entry) +{ + struct rsn_pmksa_cache_entry *pos, *prev; + /* Replace an old entry for the same Authenticator (if found) with the * new entry */ pos = pmksa->pmksa; prev = NULL; while (pos) { - if (os_memcmp(aa, pos->aa, ETH_ALEN) == 0) { - if (pos->pmk_len == pmk_len && - os_memcmp_const(pos->pmk, pmk, pmk_len) == 0 && + if (os_memcmp(entry->aa, pos->aa, ETH_ALEN) == 0) { + if (pos->pmk_len == entry->pmk_len && + os_memcmp_const(pos->pmk, entry->pmk, + entry->pmk_len) == 0 && os_memcmp_const(pos->pmkid, entry->pmkid, PMKID_LEN) == 0) { wpa_printf(MSG_DEBUG, "WPA: reusing previous " @@ -192,8 +211,8 @@ pmksa_cache_add(struct rsn_pmksa_cache *pmksa, const u8 *pmk, size_t pmk_len, "the current AP and any PMKSA cache entry " "that was based on the old PMK"); if (!pos->opportunistic) - pmksa_cache_flush(pmksa, network_ctx, pos->pmk, - pos->pmk_len); + pmksa_cache_flush(pmksa, entry->network_ctx, + pos->pmk, pos->pmk_len); pmksa_cache_free_entry(pmksa, pos, PMKSA_REPLACE); break; } @@ -244,8 +263,10 @@ pmksa_cache_add(struct rsn_pmksa_cache *pmksa, const u8 *pmk, size_t pmk_len, } pmksa->pmksa_count++; wpa_printf(MSG_DEBUG, "RSN: Added PMKSA cache entry for " MACSTR - " network_ctx=%p", MAC2STR(entry->aa), network_ctx); - wpa_sm_add_pmkid(pmksa->sm, entry->aa, entry->pmkid); + " network_ctx=%p", MAC2STR(entry->aa), entry->network_ctx); + wpa_sm_add_pmkid(pmksa->sm, entry->network_ctx, entry->aa, entry->pmkid, + entry->fils_cache_id_set ? entry->fils_cache_id : NULL, + entry->pmk, entry->pmk_len); return entry; } @@ -320,17 +341,20 @@ void pmksa_cache_deinit(struct rsn_pmksa_cache *pmksa) * @aa: Authenticator address or %NULL to match any * @pmkid: PMKID or %NULL to match any * @network_ctx: Network context or %NULL to match any + * @akmp: Specific AKMP to search for or 0 for any * Returns: Pointer to PMKSA cache entry or %NULL if no match was found */ struct rsn_pmksa_cache_entry * pmksa_cache_get(struct rsn_pmksa_cache *pmksa, const u8 *aa, const u8 *pmkid, - const void *network_ctx) + const void *network_ctx, + int akmp) { struct rsn_pmksa_cache_entry *entry = pmksa->pmksa; while (entry) { if ((aa == NULL || os_memcmp(entry->aa, aa, ETH_ALEN) == 0) && (pmkid == NULL || os_memcmp(entry->pmkid, pmkid, PMKID_LEN) == 0) && + (!akmp || akmp == entry->akmp) && (network_ctx == NULL || network_ctx == entry->network_ctx)) return entry; entry = entry->next; @@ -345,16 +369,19 @@ pmksa_cache_clone_entry(struct rsn_pmksa_cache *pmksa, const u8 *aa) { struct rsn_pmksa_cache_entry *new_entry; + os_time_t old_expiration = old_entry->expiration; new_entry = pmksa_cache_add(pmksa, old_entry->pmk, old_entry->pmk_len, NULL, NULL, 0, aa, pmksa->sm->own_addr, - old_entry->network_ctx, old_entry->akmp); + old_entry->network_ctx, old_entry->akmp, + old_entry->fils_cache_id_set ? + old_entry->fils_cache_id : NULL); if (new_entry == NULL) return NULL; /* TODO: reorder entries based on expiration time? */ - new_entry->expiration = old_entry->expiration; + new_entry->expiration = old_expiration; new_entry->opportunistic = 1; return new_entry; @@ -366,6 +393,7 @@ pmksa_cache_clone_entry(struct rsn_pmksa_cache *pmksa, * @pmksa: Pointer to PMKSA cache data from pmksa_cache_init() * @network_ctx: Network configuration context * @aa: Authenticator address for the new AP + * @akmp: Specific AKMP to search for or 0 for any * Returns: Pointer to a new PMKSA cache entry or %NULL if not available * * Try to create a new PMKSA cache entry opportunistically by guessing that the @@ -374,7 +402,7 @@ pmksa_cache_clone_entry(struct rsn_pmksa_cache *pmksa, */ struct rsn_pmksa_cache_entry * pmksa_cache_get_opportunistic(struct rsn_pmksa_cache *pmksa, void *network_ctx, - const u8 *aa) + const u8 *aa, int akmp) { struct rsn_pmksa_cache_entry *entry = pmksa->pmksa; @@ -382,7 +410,8 @@ pmksa_cache_get_opportunistic(struct rsn_pmksa_cache *pmksa, void *network_ctx, if (network_ctx == NULL) return NULL; while (entry) { - if (entry->network_ctx == network_ctx) { + if (entry->network_ctx == network_ctx && + (!akmp || entry->akmp == akmp)) { entry = pmksa_cache_clone_entry(pmksa, entry, aa); if (entry) { wpa_printf(MSG_DEBUG, "RSN: added " @@ -397,6 +426,24 @@ pmksa_cache_get_opportunistic(struct rsn_pmksa_cache *pmksa, void *network_ctx, } +static struct rsn_pmksa_cache_entry * +pmksa_cache_get_fils_cache_id(struct rsn_pmksa_cache *pmksa, + const void *network_ctx, const u8 *cache_id) +{ + struct rsn_pmksa_cache_entry *entry; + + for (entry = pmksa->pmksa; entry; entry = entry->next) { + if (network_ctx == entry->network_ctx && + entry->fils_cache_id_set && + os_memcmp(cache_id, entry->fils_cache_id, + FILS_CACHE_ID_LEN) == 0) + return entry; + } + + return NULL; +} + + /** * pmksa_cache_get_current - Get the current used PMKSA entry * @sm: Pointer to WPA state machine data from wpa_sm_init() @@ -429,33 +476,44 @@ void pmksa_cache_clear_current(struct wpa_sm *sm) * @bssid: BSSID for PMKSA or %NULL if not used * @network_ctx: Network configuration context * @try_opportunistic: Whether to allow opportunistic PMKSA caching + * @fils_cache_id: Pointer to FILS Cache Identifier or %NULL if not used * Returns: 0 if PMKSA was found or -1 if no matching entry was found */ int pmksa_cache_set_current(struct wpa_sm *sm, const u8 *pmkid, const u8 *bssid, void *network_ctx, - int try_opportunistic) + int try_opportunistic, const u8 *fils_cache_id, + int akmp) { struct rsn_pmksa_cache *pmksa = sm->pmksa; wpa_printf(MSG_DEBUG, "RSN: PMKSA cache search - network_ctx=%p " - "try_opportunistic=%d", network_ctx, try_opportunistic); + "try_opportunistic=%d akmp=0x%x", + network_ctx, try_opportunistic, akmp); if (pmkid) wpa_hexdump(MSG_DEBUG, "RSN: Search for PMKID", pmkid, PMKID_LEN); if (bssid) wpa_printf(MSG_DEBUG, "RSN: Search for BSSID " MACSTR, MAC2STR(bssid)); + if (fils_cache_id) + wpa_printf(MSG_DEBUG, + "RSN: Search for FILS Cache Identifier %02x%02x", + fils_cache_id[0], fils_cache_id[1]); sm->cur_pmksa = NULL; if (pmkid) sm->cur_pmksa = pmksa_cache_get(pmksa, NULL, pmkid, - network_ctx); + network_ctx, akmp); if (sm->cur_pmksa == NULL && bssid) sm->cur_pmksa = pmksa_cache_get(pmksa, bssid, NULL, - network_ctx); + network_ctx, akmp); if (sm->cur_pmksa == NULL && try_opportunistic && bssid) sm->cur_pmksa = pmksa_cache_get_opportunistic(pmksa, network_ctx, - bssid); + bssid, akmp); + if (sm->cur_pmksa == NULL && fils_cache_id) + sm->cur_pmksa = pmksa_cache_get_fils_cache_id(pmksa, + network_ctx, + fils_cache_id); if (sm->cur_pmksa) { wpa_hexdump(MSG_DEBUG, "RSN: PMKSA cache entry found - PMKID", sm->cur_pmksa->pmkid, PMKID_LEN); @@ -482,11 +540,20 @@ int pmksa_cache_list(struct rsn_pmksa_cache *pmksa, char *buf, size_t len) char *pos = buf; struct rsn_pmksa_cache_entry *entry; struct os_reltime now; + int cache_id_used = 0; + + for (entry = pmksa->pmksa; entry; entry = entry->next) { + if (entry->fils_cache_id_set) { + cache_id_used = 1; + break; + } + } os_get_reltime(&now); ret = os_snprintf(pos, buf + len - pos, "Index / AA / PMKID / expiration (in seconds) / " - "opportunistic\n"); + "opportunistic%s\n", + cache_id_used ? " / FILS Cache Identifier" : ""); if (os_snprintf_error(buf + len - pos, ret)) return pos - buf; pos += ret; @@ -501,18 +568,36 @@ int pmksa_cache_list(struct rsn_pmksa_cache *pmksa, char *buf, size_t len) pos += ret; pos += wpa_snprintf_hex(pos, buf + len - pos, entry->pmkid, PMKID_LEN); - ret = os_snprintf(pos, buf + len - pos, " %d %d\n", + ret = os_snprintf(pos, buf + len - pos, " %d %d", (int) (entry->expiration - now.sec), entry->opportunistic); if (os_snprintf_error(buf + len - pos, ret)) return pos - buf; pos += ret; + if (entry->fils_cache_id_set) { + ret = os_snprintf(pos, buf + len - pos, " %02x%02x", + entry->fils_cache_id[0], + entry->fils_cache_id[1]); + if (os_snprintf_error(buf + len - pos, ret)) + return pos - buf; + pos += ret; + } + ret = os_snprintf(pos, buf + len - pos, "\n"); + if (os_snprintf_error(buf + len - pos, ret)) + return pos - buf; + pos += ret; entry = entry->next; } return pos - buf; } +struct rsn_pmksa_cache_entry * pmksa_cache_head(struct rsn_pmksa_cache *pmksa) +{ + return pmksa->pmksa; +} + + /** * pmksa_cache_init - Initialize PMKSA cache * @free_cb: Callback function to be called when a PMKSA cache entry is freed diff --git a/contrib/wpa/src/rsn_supp/pmksa_cache.h b/contrib/wpa/src/rsn_supp/pmksa_cache.h index daede6dac7fe..6c49fa9248fb 100644 --- a/contrib/wpa/src/rsn_supp/pmksa_cache.h +++ b/contrib/wpa/src/rsn_supp/pmksa_cache.h @@ -21,6 +21,14 @@ struct rsn_pmksa_cache_entry { int akmp; /* WPA_KEY_MGMT_* */ u8 aa[ETH_ALEN]; + /* + * If FILS Cache Identifier is included (fils_cache_id_set), this PMKSA + * cache entry is applicable to all BSSs (any BSSID/aa[]) that + * advertise the same FILS Cache Identifier within the same ESS. + */ + u8 fils_cache_id[2]; + unsigned int fils_cache_id_set:1; + os_time_t reauth_time; /** @@ -53,20 +61,27 @@ pmksa_cache_init(void (*free_cb)(struct rsn_pmksa_cache_entry *entry, void pmksa_cache_deinit(struct rsn_pmksa_cache *pmksa); struct rsn_pmksa_cache_entry * pmksa_cache_get(struct rsn_pmksa_cache *pmksa, const u8 *aa, const u8 *pmkid, - const void *network_ctx); + const void *network_ctx, + int akmp); int pmksa_cache_list(struct rsn_pmksa_cache *pmksa, char *buf, size_t len); +struct rsn_pmksa_cache_entry * pmksa_cache_head(struct rsn_pmksa_cache *pmksa); struct rsn_pmksa_cache_entry * pmksa_cache_add(struct rsn_pmksa_cache *pmksa, const u8 *pmk, size_t pmk_len, const u8 *pmkid, const u8 *kck, size_t kck_len, - const u8 *aa, const u8 *spa, void *network_ctx, int akmp); + const u8 *aa, const u8 *spa, void *network_ctx, int akmp, + const u8 *cache_id); +struct rsn_pmksa_cache_entry * +pmksa_cache_add_entry(struct rsn_pmksa_cache *pmksa, + struct rsn_pmksa_cache_entry *entry); struct rsn_pmksa_cache_entry * pmksa_cache_get_current(struct wpa_sm *sm); void pmksa_cache_clear_current(struct wpa_sm *sm); int pmksa_cache_set_current(struct wpa_sm *sm, const u8 *pmkid, const u8 *bssid, void *network_ctx, - int try_opportunistic); + int try_opportunistic, const u8 *fils_cache_id, + int akmp); struct rsn_pmksa_cache_entry * pmksa_cache_get_opportunistic(struct rsn_pmksa_cache *pmksa, - void *network_ctx, const u8 *aa); + void *network_ctx, const u8 *aa, int akmp); void pmksa_cache_flush(struct rsn_pmksa_cache *pmksa, void *network_ctx, const u8 *pmk, size_t pmk_len); @@ -86,7 +101,7 @@ static inline void pmksa_cache_deinit(struct rsn_pmksa_cache *pmksa) static inline struct rsn_pmksa_cache_entry * pmksa_cache_get(struct rsn_pmksa_cache *pmksa, const u8 *aa, const u8 *pmkid, - const void *network_ctx) + const void *network_ctx, int akmp) { return NULL; } @@ -104,9 +119,23 @@ static inline int pmksa_cache_list(struct rsn_pmksa_cache *pmksa, char *buf, } static inline struct rsn_pmksa_cache_entry * +pmksa_cache_head(struct rsn_pmksa_cache *pmksa) +{ + return NULL; +} + +static inline struct rsn_pmksa_cache_entry * +pmksa_cache_add_entry(struct rsn_pmksa_cache *pmksa, + struct rsn_pmksa_cache_entry *entry) +{ + return NULL; +} + +static inline struct rsn_pmksa_cache_entry * pmksa_cache_add(struct rsn_pmksa_cache *pmksa, const u8 *pmk, size_t pmk_len, const u8 *pmkid, const u8 *kck, size_t kck_len, - const u8 *aa, const u8 *spa, void *network_ctx, int akmp) + const u8 *aa, const u8 *spa, void *network_ctx, int akmp, + const u8 *cache_id) { return NULL; } @@ -118,7 +147,9 @@ static inline void pmksa_cache_clear_current(struct wpa_sm *sm) static inline int pmksa_cache_set_current(struct wpa_sm *sm, const u8 *pmkid, const u8 *bssid, void *network_ctx, - int try_opportunistic) + int try_opportunistic, + const u8 *fils_cache_id, + int akmp) { return -1; } diff --git a/contrib/wpa/src/rsn_supp/preauth.c b/contrib/wpa/src/rsn_supp/preauth.c index 4c9a4fb8b14c..d0c43f464e27 100644 --- a/contrib/wpa/src/rsn_supp/preauth.c +++ b/contrib/wpa/src/rsn_supp/preauth.c @@ -97,7 +97,7 @@ static void rsn_preauth_eapol_cb(struct eapol_sm *eapol, NULL, 0, sm->preauth_bssid, sm->own_addr, sm->network_ctx, - WPA_KEY_MGMT_IEEE8021X); + WPA_KEY_MGMT_IEEE8021X, NULL); } else { wpa_msg(sm->ctx->msg_ctx, MSG_INFO, "RSN: failed to get master session key from " @@ -323,7 +323,7 @@ void rsn_preauth_candidate_process(struct wpa_sm *sm) dl_list_for_each_safe(candidate, n, &sm->pmksa_candidates, struct rsn_pmksa_candidate, list) { struct rsn_pmksa_cache_entry *p = NULL; - p = pmksa_cache_get(sm->pmksa, candidate->bssid, NULL, NULL); + p = pmksa_cache_get(sm->pmksa, candidate->bssid, NULL, NULL, 0); if (os_memcmp(sm->bssid, candidate->bssid, ETH_ALEN) != 0 && (p == NULL || p->opportunistic)) { wpa_msg(sm->ctx->msg_ctx, MSG_DEBUG, "RSN: PMKSA " @@ -342,7 +342,8 @@ void rsn_preauth_candidate_process(struct wpa_sm *sm) /* Some drivers (e.g., NDIS) expect to get notified about the * PMKIDs again, so report the existing data now. */ if (p) { - wpa_sm_add_pmkid(sm, candidate->bssid, p->pmkid); + wpa_sm_add_pmkid(sm, NULL, candidate->bssid, p->pmkid, + NULL, p->pmk, p->pmk_len); } dl_list_del(&candidate->list); @@ -371,7 +372,7 @@ void pmksa_candidate_add(struct wpa_sm *sm, const u8 *bssid, if (sm->network_ctx && sm->proactive_key_caching) pmksa_cache_get_opportunistic(sm->pmksa, sm->network_ctx, - bssid); + bssid, 0); if (!preauth) { wpa_printf(MSG_DEBUG, "RSN: Ignored PMKID candidate without " @@ -482,7 +483,7 @@ void rsn_preauth_scan_result(struct wpa_sm *sm, const u8 *bssid, if (wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie)) return; - pmksa = pmksa_cache_get(sm->pmksa, bssid, NULL, NULL); + pmksa = pmksa_cache_get(sm->pmksa, bssid, NULL, NULL, 0); if (pmksa && (!pmksa->opportunistic || !(ie.capabilities & WPA_CAPABILITY_PREAUTH))) return; diff --git a/contrib/wpa/src/rsn_supp/tdls.c b/contrib/wpa/src/rsn_supp/tdls.c index 9eb973860049..345b0c84d871 100644 --- a/contrib/wpa/src/rsn_supp/tdls.c +++ b/contrib/wpa/src/rsn_supp/tdls.c @@ -35,6 +35,7 @@ #define TDLS_TESTING_DECLINE_RESP BIT(9) #define TDLS_TESTING_IGNORE_AP_PROHIBIT BIT(10) #define TDLS_TESTING_WRONG_MIC BIT(11) +#define TDLS_TESTING_DOUBLE_TPK_M2 BIT(12) unsigned int tdls_testing = 0; #endif /* CONFIG_TDLS_TESTING */ @@ -303,10 +304,9 @@ static int wpa_tdls_tpk_send(struct wpa_sm *sm, const u8 *dest, u8 action_code, peer->sm_tmr.peer_capab = peer_capab; peer->sm_tmr.buf_len = msg_len; os_free(peer->sm_tmr.buf); - peer->sm_tmr.buf = os_malloc(msg_len); + peer->sm_tmr.buf = os_memdup(msg, msg_len); if (peer->sm_tmr.buf == NULL) return -1; - os_memcpy(peer->sm_tmr.buf, msg, msg_len); wpa_printf(MSG_DEBUG, "TDLS: Retry timeout registered " "(action_code=%u)", action_code); @@ -413,8 +413,9 @@ static void wpa_tdls_generate_tpk(struct wpa_tdls_peer *peer, size_t len[2]; u8 data[3 * ETH_ALEN]; - /* IEEE Std 802.11z-2010 8.5.9.1: - * TPK-Key-Input = SHA-256(min(SNonce, ANonce) || max(SNonce, ANonce)) + /* IEEE Std 802.11-2016 12.7.9.2: + * TPK-Key-Input = Hash(min(SNonce, ANonce) || max(SNonce, ANonce)) + * Hash = SHA-256 for TDLS */ len[0] = WPA_NONCE_LEN; len[1] = WPA_NONCE_LEN; @@ -432,11 +433,8 @@ static void wpa_tdls_generate_tpk(struct wpa_tdls_peer *peer, key_input, SHA256_MAC_LEN); /* - * TPK-Key-Data = KDF-N_KEY(TPK-Key-Input, "TDLS PMK", - * min(MAC_I, MAC_R) || max(MAC_I, MAC_R) || BSSID || N_KEY) - * TODO: is N_KEY really included in KDF Context and if so, in which - * presentation format (little endian 16-bit?) is it used? It gets - * added by the KDF anyway.. + * TPK = KDF-Hash-Length(TPK-Key-Input, "TDLS PMK", + * min(MAC_I, MAC_R) || max(MAC_I, MAC_R) || BSSID) */ if (os_memcmp(own_addr, peer->addr, ETH_ALEN) < 0) { @@ -1220,9 +1218,10 @@ skip_ies: #ifdef CONFIG_TDLS_TESTING if (tdls_testing & TDLS_TESTING_DIFF_BSSID) { + struct wpa_tdls_lnkid *l = (struct wpa_tdls_lnkid *) pos; + wpa_printf(MSG_DEBUG, "TDLS: Testing - use incorrect BSSID in " "Link Identifier"); - struct wpa_tdls_lnkid *l = (struct wpa_tdls_lnkid *) pos; wpa_tdls_linkid(sm, peer, l); l->bssid[5] ^= 0x01; pos += sizeof(*l); @@ -2126,6 +2125,13 @@ skip_add_peer: goto error; } +#ifdef CONFIG_TDLS_TESTING + if (tdls_testing & TDLS_TESTING_DOUBLE_TPK_M2) { + wpa_printf(MSG_INFO, "TDLS: Testing - Send another TPK M2"); + wpa_tdls_send_tpk_m2(sm, src_addr, dtoken, lnkid, peer); + } +#endif /* CONFIG_TDLS_TESTING */ + return 0; error: @@ -2153,11 +2159,11 @@ static int wpa_tdls_enable_link(struct wpa_sm *sm, struct wpa_tdls_peer *peer) eloop_register_timeout(lifetime, 0, wpa_tdls_tpk_timeout, sm, peer); #ifdef CONFIG_TDLS_TESTING - if (tdls_testing & TDLS_TESTING_NO_TPK_EXPIRATION) { - wpa_printf(MSG_DEBUG, "TDLS: Testing - disable TPK " - "expiration"); - eloop_cancel_timeout(wpa_tdls_tpk_timeout, sm, peer); - } + if (tdls_testing & TDLS_TESTING_NO_TPK_EXPIRATION) { + wpa_printf(MSG_DEBUG, + "TDLS: Testing - disable TPK expiration"); + eloop_cancel_timeout(wpa_tdls_tpk_timeout, sm, peer); + } #endif /* CONFIG_TDLS_TESTING */ } @@ -2912,14 +2918,14 @@ void wpa_tdls_disassoc(struct wpa_sm *sm) static int wpa_tdls_prohibited(struct ieee802_11_elems *elems) { /* bit 38 - TDLS Prohibited */ - return !!(elems->ext_capab[2 + 4] & 0x40); + return !!(elems->ext_capab[4] & 0x40); } static int wpa_tdls_chan_switch_prohibited(struct ieee802_11_elems *elems) { /* bit 39 - TDLS Channel Switch Prohibited */ - return !!(elems->ext_capab[2 + 4] & 0x80); + return !!(elems->ext_capab[4] & 0x80); } @@ -2932,7 +2938,7 @@ void wpa_tdls_ap_ies(struct wpa_sm *sm, const u8 *ies, size_t len) if (ies == NULL || ieee802_11_parse_elems(ies, len, &elems, 0) == ParseFailed || - elems.ext_capab == NULL || elems.ext_capab_len < 2 + 5) + elems.ext_capab == NULL || elems.ext_capab_len < 5) return; sm->tdls_prohibited = wpa_tdls_prohibited(&elems); @@ -2951,7 +2957,7 @@ void wpa_tdls_assoc_resp_ies(struct wpa_sm *sm, const u8 *ies, size_t len) if (ies == NULL || ieee802_11_parse_elems(ies, len, &elems, 0) == ParseFailed || - elems.ext_capab == NULL || elems.ext_capab_len < 2 + 5) + elems.ext_capab == NULL || elems.ext_capab_len < 5) return; if (!sm->tdls_prohibited && wpa_tdls_prohibited(&elems)) { diff --git a/contrib/wpa/src/rsn_supp/wpa.c b/contrib/wpa/src/rsn_supp/wpa.c index dcd75272151f..e0c913074c63 100644 --- a/contrib/wpa/src/rsn_supp/wpa.c +++ b/contrib/wpa/src/rsn_supp/wpa.c @@ -1,6 +1,6 @@ /* * WPA Supplicant - WPA state machine and EAPOL-Key processing - * Copyright (c) 2003-2015, Jouni Malinen <j@w1.fi> + * Copyright (c) 2003-2018, Jouni Malinen <j@w1.fi> * Copyright(c) 2015 Intel Deutschland GmbH * * This software may be distributed under the terms of the BSD license. @@ -10,10 +10,17 @@ #include "includes.h" #include "common.h" +#include "crypto/aes.h" #include "crypto/aes_wrap.h" #include "crypto/crypto.h" #include "crypto/random.h" +#include "crypto/aes_siv.h" +#include "crypto/sha256.h" +#include "crypto/sha384.h" +#include "crypto/sha512.h" #include "common/ieee802_11_defs.h" +#include "common/ieee802_11_common.h" +#include "eap_common/eap_defs.h" #include "eapol_supp/eapol_supp_sm.h" #include "wpa.h" #include "eloop.h" @@ -21,7 +28,6 @@ #include "pmksa_cache.h" #include "wpa_i.h" #include "wpa_ie.h" -#include "peerkey.h" static const u8 null_rsc[8] = { 0, 0, 0, 0, 0, 0, 0, 0 }; @@ -30,8 +36,7 @@ static const u8 null_rsc[8] = { 0, 0, 0, 0, 0, 0, 0, 0 }; /** * wpa_eapol_key_send - Send WPA/RSN EAPOL-Key message * @sm: Pointer to WPA state machine data from wpa_sm_init() - * @kck: Key Confirmation Key (KCK, part of PTK) - * @kck_len: KCK length in octets + * @ptk: PTK for Key Confirmation/Encryption Key * @ver: Version field from Key Info * @dest: Destination address for the frame * @proto: Ethertype (usually ETH_P_EAPOL) @@ -40,13 +45,16 @@ static const u8 null_rsc[8] = { 0, 0, 0, 0, 0, 0, 0, 0 }; * @key_mic: Pointer to the buffer to which the EAPOL-Key MIC is written * Returns: >= 0 on success, < 0 on failure */ -int wpa_eapol_key_send(struct wpa_sm *sm, const u8 *kck, size_t kck_len, +int wpa_eapol_key_send(struct wpa_sm *sm, struct wpa_ptk *ptk, int ver, const u8 *dest, u16 proto, u8 *msg, size_t msg_len, u8 *key_mic) { int ret = -1; - size_t mic_len = wpa_mic_len(sm->key_mgmt); + size_t mic_len = wpa_mic_len(sm->key_mgmt, sm->pmk_len); + wpa_printf(MSG_DEBUG, "WPA: Send EAPOL-Key frame to " MACSTR + " ver=%d mic_len=%d key_mgmt=0x%x", + MAC2STR(dest), ver, (int) mic_len, sm->key_mgmt); if (is_zero_ether_addr(dest) && is_zero_ether_addr(sm->bssid)) { /* * Association event was not yet received; try to fetch @@ -64,16 +72,89 @@ int wpa_eapol_key_send(struct wpa_sm *sm, const u8 *kck, size_t kck_len, MAC2STR(dest)); } } - if (key_mic && - wpa_eapol_key_mic(kck, kck_len, sm->key_mgmt, ver, msg, msg_len, - key_mic)) { - wpa_msg(sm->ctx->msg_ctx, MSG_ERROR, - "WPA: Failed to generate EAPOL-Key version %d key_mgmt 0x%x MIC", - ver, sm->key_mgmt); + + if (mic_len) { + if (key_mic && (!ptk || !ptk->kck_len)) + goto out; + + if (key_mic && + wpa_eapol_key_mic(ptk->kck, ptk->kck_len, sm->key_mgmt, ver, + msg, msg_len, key_mic)) { + wpa_msg(sm->ctx->msg_ctx, MSG_ERROR, + "WPA: Failed to generate EAPOL-Key version %d key_mgmt 0x%x MIC", + ver, sm->key_mgmt); + goto out; + } + if (ptk) + wpa_hexdump_key(MSG_DEBUG, "WPA: KCK", + ptk->kck, ptk->kck_len); + wpa_hexdump(MSG_DEBUG, "WPA: Derived Key MIC", + key_mic, mic_len); + } else { +#ifdef CONFIG_FILS + /* AEAD cipher - Key MIC field not used */ + struct ieee802_1x_hdr *s_hdr, *hdr; + struct wpa_eapol_key *s_key, *key; + u8 *buf, *s_key_data, *key_data; + size_t buf_len = msg_len + AES_BLOCK_SIZE; + size_t key_data_len; + u16 eapol_len; + const u8 *aad[1]; + size_t aad_len[1]; + + if (!ptk || !ptk->kek_len) + goto out; + + key_data_len = msg_len - sizeof(struct ieee802_1x_hdr) - + sizeof(struct wpa_eapol_key) - 2; + + buf = os_malloc(buf_len); + if (!buf) + goto out; + + os_memcpy(buf, msg, msg_len); + hdr = (struct ieee802_1x_hdr *) buf; + key = (struct wpa_eapol_key *) (hdr + 1); + key_data = ((u8 *) (key + 1)) + 2; + + /* Update EAPOL header to include AES-SIV overhead */ + eapol_len = be_to_host16(hdr->length); + eapol_len += AES_BLOCK_SIZE; + hdr->length = host_to_be16(eapol_len); + + /* Update Key Data Length field to include AES-SIV overhead */ + WPA_PUT_BE16((u8 *) (key + 1), AES_BLOCK_SIZE + key_data_len); + + s_hdr = (struct ieee802_1x_hdr *) msg; + s_key = (struct wpa_eapol_key *) (s_hdr + 1); + s_key_data = ((u8 *) (s_key + 1)) + 2; + + wpa_hexdump_key(MSG_DEBUG, "WPA: Plaintext Key Data", + s_key_data, key_data_len); + + wpa_hexdump_key(MSG_DEBUG, "WPA: KEK", ptk->kek, ptk->kek_len); + /* AES-SIV AAD from EAPOL protocol version field (inclusive) to + * to Key Data (exclusive). */ + aad[0] = buf; + aad_len[0] = key_data - buf; + if (aes_siv_encrypt(ptk->kek, ptk->kek_len, + s_key_data, key_data_len, + 1, aad, aad_len, key_data) < 0) { + os_free(buf); + goto out; + } + + wpa_hexdump(MSG_DEBUG, "WPA: Encrypted Key Data from SIV", + key_data, AES_BLOCK_SIZE + key_data_len); + + os_free(msg); + msg = buf; + msg_len = buf_len; +#else /* CONFIG_FILS */ goto out; +#endif /* CONFIG_FILS */ } - wpa_hexdump_key(MSG_DEBUG, "WPA: KCK", kck, kck_len); - wpa_hexdump(MSG_DEBUG, "WPA: Derived Key MIC", key_mic, mic_len); + wpa_hexdump(MSG_MSGDUMP, "WPA: TX EAPOL-Key", msg, msg_len); ret = wpa_sm_ether_send(sm, dest, proto, msg, msg_len); eapol_sm_notify_tx_eapol_key(sm->eapol); @@ -97,12 +178,10 @@ void wpa_sm_key_request(struct wpa_sm *sm, int error, int pairwise) { size_t mic_len, hdrlen, rlen; struct wpa_eapol_key *reply; - struct wpa_eapol_key_192 *reply192; int key_info, ver; - u8 bssid[ETH_ALEN], *rbuf, *key_mic; + u8 bssid[ETH_ALEN], *rbuf, *key_mic, *mic; - if (sm->key_mgmt == WPA_KEY_MGMT_OSEN || - wpa_key_mgmt_suite_b(sm->key_mgmt)) + if (wpa_use_akm_defined(sm->key_mgmt)) ver = WPA_KEY_INFO_TYPE_AKM_DEFINED; else if (wpa_key_mgmt_ft(sm->key_mgmt) || wpa_key_mgmt_sha256(sm->key_mgmt)) @@ -118,20 +197,21 @@ void wpa_sm_key_request(struct wpa_sm *sm, int error, int pairwise) return; } - mic_len = wpa_mic_len(sm->key_mgmt); - hdrlen = mic_len == 24 ? sizeof(*reply192) : sizeof(*reply); + mic_len = wpa_mic_len(sm->key_mgmt, sm->pmk_len); + hdrlen = sizeof(*reply) + mic_len + 2; rbuf = wpa_sm_alloc_eapol(sm, IEEE802_1X_TYPE_EAPOL_KEY, NULL, hdrlen, &rlen, (void *) &reply); if (rbuf == NULL) return; - reply192 = (struct wpa_eapol_key_192 *) reply; reply->type = (sm->proto == WPA_PROTO_RSN || sm->proto == WPA_PROTO_OSEN) ? EAPOL_KEY_TYPE_RSN : EAPOL_KEY_TYPE_WPA; key_info = WPA_KEY_INFO_REQUEST | ver; if (sm->ptk_set) - key_info |= WPA_KEY_INFO_MIC | WPA_KEY_INFO_SECURE; + key_info |= WPA_KEY_INFO_SECURE; + if (sm->ptk_set && mic_len) + key_info |= WPA_KEY_INFO_MIC; if (error) key_info |= WPA_KEY_INFO_ERROR; if (pairwise) @@ -142,21 +222,19 @@ void wpa_sm_key_request(struct wpa_sm *sm, int error, int pairwise) WPA_REPLAY_COUNTER_LEN); inc_byte_array(sm->request_counter, WPA_REPLAY_COUNTER_LEN); - if (mic_len == 24) - WPA_PUT_BE16(reply192->key_data_length, 0); - else - WPA_PUT_BE16(reply->key_data_length, 0); + mic = (u8 *) (reply + 1); + WPA_PUT_BE16(mic + mic_len, 0); if (!(key_info & WPA_KEY_INFO_MIC)) key_mic = NULL; else - key_mic = reply192->key_mic; /* same offset in reply */ + key_mic = mic; wpa_msg(sm->ctx->msg_ctx, MSG_INFO, "WPA: Sending EAPOL-Key Request (error=%d " "pairwise=%d ptk_set=%d len=%lu)", error, pairwise, sm->ptk_set, (unsigned long) rlen); - wpa_eapol_key_send(sm, sm->ptk.kck, sm->ptk.kck_len, ver, bssid, - ETH_P_EAPOL, rbuf, rlen, key_mic); + wpa_eapol_key_send(sm, &sm->ptk, ver, bssid, ETH_P_EAPOL, rbuf, rlen, + key_mic); } @@ -190,7 +268,7 @@ static int wpa_supplicant_get_pmk(struct wpa_sm *sm, * event before receiving this 1/4 message, so try to find a * matching PMKSA cache entry here. */ sm->cur_pmksa = pmksa_cache_get(sm->pmksa, src_addr, pmkid, - NULL); + NULL, 0); if (sm->cur_pmksa) { wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "RSN: found matching PMKID from PMKSA cache"); @@ -210,11 +288,23 @@ static int wpa_supplicant_get_pmk(struct wpa_sm *sm, eapol_sm_notify_cached(sm->eapol); #ifdef CONFIG_IEEE80211R sm->xxkey_len = 0; +#ifdef CONFIG_SAE + if (sm->key_mgmt == WPA_KEY_MGMT_FT_SAE && + sm->pmk_len == PMK_LEN) { + /* Need to allow FT key derivation to proceed with + * PMK from SAE being used as the XXKey in cases where + * the PMKID in msg 1/4 matches the PMKSA entry that was + * just added based on SAE authentication for the + * initial mobility domain association. */ + os_memcpy(sm->xxkey, sm->pmk, sm->pmk_len); + sm->xxkey_len = sm->pmk_len; + } +#endif /* CONFIG_SAE */ #endif /* CONFIG_IEEE80211R */ } else if (wpa_key_mgmt_wpa_ieee8021x(sm->key_mgmt) && sm->eapol) { int res, pmk_len; - if (sm->key_mgmt & WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) + if (wpa_key_mgmt_sha384(sm->key_mgmt)) pmk_len = PMK_LEN_SUITE_B_192; else pmk_len = PMK_LEN; @@ -233,14 +323,28 @@ static int wpa_supplicant_get_pmk(struct wpa_sm *sm, u8 buf[2 * PMK_LEN]; if (eapol_sm_get_key(sm->eapol, buf, 2 * PMK_LEN) == 0) { - os_memcpy(sm->xxkey, buf + PMK_LEN, PMK_LEN); - sm->xxkey_len = PMK_LEN; + if (wpa_key_mgmt_sha384(sm->key_mgmt)) { + os_memcpy(sm->xxkey, buf, + SHA384_MAC_LEN); + sm->xxkey_len = SHA384_MAC_LEN; + } else { + os_memcpy(sm->xxkey, buf + PMK_LEN, + PMK_LEN); + sm->xxkey_len = PMK_LEN; + } os_memset(buf, 0, sizeof(buf)); } #endif /* CONFIG_IEEE80211R */ } if (res == 0) { struct rsn_pmksa_cache_entry *sa = NULL; + const u8 *fils_cache_id = NULL; + +#ifdef CONFIG_FILS + if (sm->fils_cache_id_set) + fils_cache_id = sm->fils_cache_id; +#endif /* CONFIG_FILS */ + wpa_hexdump_key(MSG_DEBUG, "WPA: PMK from EAPOL state " "machines", sm->pmk, pmk_len); sm->pmk_len = pmk_len; @@ -253,11 +357,12 @@ static int wpa_supplicant_get_pmk(struct wpa_sm *sm, NULL, 0, src_addr, sm->own_addr, sm->network_ctx, - sm->key_mgmt); + sm->key_mgmt, + fils_cache_id); } if (!sm->cur_pmksa && pmkid && - pmksa_cache_get(sm->pmksa, src_addr, pmkid, NULL)) - { + pmksa_cache_get(sm->pmksa, src_addr, pmkid, NULL, + 0)) { wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "RSN: the new PMK matches with the " "PMKID"); @@ -341,9 +446,9 @@ int wpa_supplicant_send_2_of_4(struct wpa_sm *sm, const unsigned char *dst, { size_t mic_len, hdrlen, rlen; struct wpa_eapol_key *reply; - struct wpa_eapol_key_192 *reply192; u8 *rbuf, *key_mic; u8 *rsn_ie_buf = NULL; + u16 key_info; if (wpa_ie == NULL) { wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, "WPA: No wpa_ie set - " @@ -383,8 +488,8 @@ int wpa_supplicant_send_2_of_4(struct wpa_sm *sm, const unsigned char *dst, wpa_hexdump(MSG_DEBUG, "WPA: WPA IE for msg 2/4", wpa_ie, wpa_ie_len); - mic_len = wpa_mic_len(sm->key_mgmt); - hdrlen = mic_len == 24 ? sizeof(*reply192) : sizeof(*reply); + mic_len = wpa_mic_len(sm->key_mgmt, sm->pmk_len); + hdrlen = sizeof(*reply) + mic_len + 2; rbuf = wpa_sm_alloc_eapol(sm, IEEE802_1X_TYPE_EAPOL_KEY, NULL, hdrlen + wpa_ie_len, &rlen, (void *) &reply); @@ -392,13 +497,16 @@ int wpa_supplicant_send_2_of_4(struct wpa_sm *sm, const unsigned char *dst, os_free(rsn_ie_buf); return -1; } - reply192 = (struct wpa_eapol_key_192 *) reply; reply->type = (sm->proto == WPA_PROTO_RSN || sm->proto == WPA_PROTO_OSEN) ? EAPOL_KEY_TYPE_RSN : EAPOL_KEY_TYPE_WPA; - WPA_PUT_BE16(reply->key_info, - ver | WPA_KEY_INFO_KEY_TYPE | WPA_KEY_INFO_MIC); + key_info = ver | WPA_KEY_INFO_KEY_TYPE; + if (mic_len) + key_info |= WPA_KEY_INFO_MIC; + else + key_info |= WPA_KEY_INFO_ENCR_KEY_DATA; + WPA_PUT_BE16(reply->key_info, key_info); if (sm->proto == WPA_PROTO_RSN || sm->proto == WPA_PROTO_OSEN) WPA_PUT_BE16(reply->key_length, 0); else @@ -408,21 +516,16 @@ int wpa_supplicant_send_2_of_4(struct wpa_sm *sm, const unsigned char *dst, wpa_hexdump(MSG_DEBUG, "WPA: Replay Counter", reply->replay_counter, WPA_REPLAY_COUNTER_LEN); - key_mic = reply192->key_mic; /* same offset for reply and reply192 */ - if (mic_len == 24) { - WPA_PUT_BE16(reply192->key_data_length, wpa_ie_len); - os_memcpy(reply192 + 1, wpa_ie, wpa_ie_len); - } else { - WPA_PUT_BE16(reply->key_data_length, wpa_ie_len); - os_memcpy(reply + 1, wpa_ie, wpa_ie_len); - } + key_mic = (u8 *) (reply + 1); + WPA_PUT_BE16(key_mic + mic_len, wpa_ie_len); /* Key Data Length */ + os_memcpy(key_mic + mic_len + 2, wpa_ie, wpa_ie_len); /* Key Data */ os_free(rsn_ie_buf); os_memcpy(reply->key_nonce, nonce, WPA_NONCE_LEN); wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "WPA: Sending EAPOL-Key 2/4"); - return wpa_eapol_key_send(sm, ptk->kck, ptk->kck_len, ver, dst, - ETH_P_EAPOL, rbuf, rlen, key_mic); + return wpa_eapol_key_send(sm, ptk, ver, dst, ETH_P_EAPOL, rbuf, rlen, + key_mic); } @@ -500,7 +603,8 @@ static void wpa_supplicant_process_1_of_4(struct wpa_sm *sm, /* Calculate PTK which will be stored as a temporary PTK until it has * been verified when processing message 3/4. */ ptk = &sm->tptk; - wpa_derive_ptk(sm, src_addr, key, ptk); + if (wpa_derive_ptk(sm, src_addr, key, ptk) < 0) + goto failed; if (sm->pairwise_cipher == WPA_CIPHER_TKIP) { u8 buf[8]; /* Supplicant: swap tx/rx Mic keys */ @@ -571,7 +675,9 @@ static void wpa_supplicant_key_neg_complete(struct wpa_sm *sm, sm, addr, MLME_SETPROTECTION_PROTECT_TYPE_RX_TX, MLME_SETPROTECTION_KEY_TYPE_PAIRWISE); eapol_sm_notify_portValid(sm->eapol, TRUE); - if (wpa_key_mgmt_wpa_psk(sm->key_mgmt)) + if (wpa_key_mgmt_wpa_psk(sm->key_mgmt) || + sm->key_mgmt == WPA_KEY_MGMT_DPP || + sm->key_mgmt == WPA_KEY_MGMT_OWE) eapol_sm_notify_eap_success(sm->eapol, TRUE); /* * Start preauthentication after a short wait to avoid a @@ -638,6 +744,11 @@ static int wpa_supplicant_install_ptk(struct wpa_sm *sm, alg = wpa_cipher_to_alg(sm->pairwise_cipher); keylen = wpa_cipher_key_len(sm->pairwise_cipher); + if (keylen <= 0 || (unsigned int) keylen != sm->ptk.tk_len) { + wpa_printf(MSG_DEBUG, "WPA: TK length mismatch: %d != %lu", + keylen, (long unsigned int) sm->ptk.tk_len); + return -1; + } rsclen = wpa_cipher_rsc_len(sm->pairwise_cipher); if (sm->proto == WPA_PROTO_RSN || sm->proto == WPA_PROTO_OSEN) { @@ -658,6 +769,7 @@ static int wpa_supplicant_install_ptk(struct wpa_sm *sm, /* TK is not needed anymore in supplicant */ os_memset(sm->ptk.tk, 0, WPA_TK_MAX_LEN); + sm->ptk.tk_len = 0; sm->ptk.installed = 1; if (sm->wpa_ptk_rekey) { @@ -895,7 +1007,7 @@ static int wpa_supplicant_install_igtk(struct wpa_sm *sm, } wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, - "WPA: IGTK keyid %d pn %02x%02x%02x%02x%02x%02x", + "WPA: IGTK keyid %d pn " COMPACT_MACSTR, keyidx, MAC2STR(igtk->pn)); wpa_hexdump_key(MSG_DEBUG, "WPA: IGTK", igtk->igtk, len); if (keyidx > 4095) { @@ -1203,22 +1315,24 @@ int wpa_supplicant_send_4_of_4(struct wpa_sm *sm, const unsigned char *dst, { size_t mic_len, hdrlen, rlen; struct wpa_eapol_key *reply; - struct wpa_eapol_key_192 *reply192; u8 *rbuf, *key_mic; - mic_len = wpa_mic_len(sm->key_mgmt); - hdrlen = mic_len == 24 ? sizeof(*reply192) : sizeof(*reply); + mic_len = wpa_mic_len(sm->key_mgmt, sm->pmk_len); + hdrlen = sizeof(*reply) + mic_len + 2; rbuf = wpa_sm_alloc_eapol(sm, IEEE802_1X_TYPE_EAPOL_KEY, NULL, hdrlen, &rlen, (void *) &reply); if (rbuf == NULL) return -1; - reply192 = (struct wpa_eapol_key_192 *) reply; reply->type = (sm->proto == WPA_PROTO_RSN || sm->proto == WPA_PROTO_OSEN) ? EAPOL_KEY_TYPE_RSN : EAPOL_KEY_TYPE_WPA; key_info &= WPA_KEY_INFO_SECURE; - key_info |= ver | WPA_KEY_INFO_KEY_TYPE | WPA_KEY_INFO_MIC; + key_info |= ver | WPA_KEY_INFO_KEY_TYPE; + if (mic_len) + key_info |= WPA_KEY_INFO_MIC; + else + key_info |= WPA_KEY_INFO_ENCR_KEY_DATA; WPA_PUT_BE16(reply->key_info, key_info); if (sm->proto == WPA_PROTO_RSN || sm->proto == WPA_PROTO_OSEN) WPA_PUT_BE16(reply->key_length, 0); @@ -1227,15 +1341,12 @@ int wpa_supplicant_send_4_of_4(struct wpa_sm *sm, const unsigned char *dst, os_memcpy(reply->replay_counter, key->replay_counter, WPA_REPLAY_COUNTER_LEN); - key_mic = reply192->key_mic; /* same offset for reply and reply192 */ - if (mic_len == 24) - WPA_PUT_BE16(reply192->key_data_length, 0); - else - WPA_PUT_BE16(reply->key_data_length, 0); + key_mic = (u8 *) (reply + 1); + WPA_PUT_BE16(key_mic + mic_len, 0); wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "WPA: Sending EAPOL-Key 4/4"); - return wpa_eapol_key_send(sm, ptk->kck, ptk->kck_len, ver, dst, - ETH_P_EAPOL, rbuf, rlen, key_mic); + return wpa_eapol_key_send(sm, ptk, ver, dst, ETH_P_EAPOL, rbuf, rlen, + key_mic); } @@ -1350,13 +1461,19 @@ static void wpa_supplicant_process_3_of_4(struct wpa_sm *sm, if (ie.gtk) wpa_sm_set_rekey_offload(sm); - if (sm->proto == WPA_PROTO_RSN && wpa_key_mgmt_suite_b(sm->key_mgmt)) { + /* Add PMKSA cache entry for Suite B AKMs here since PMKID can be + * calculated only after KCK has been derived. Though, do not replace an + * existing PMKSA entry after each 4-way handshake (i.e., new KCK/PMKID) + * to avoid unnecessary changes of PMKID while continuing to use the + * same PMK. */ + if (sm->proto == WPA_PROTO_RSN && wpa_key_mgmt_suite_b(sm->key_mgmt) && + !sm->cur_pmksa) { struct rsn_pmksa_cache_entry *sa; sa = pmksa_cache_add(sm->pmksa, sm->pmk, sm->pmk_len, NULL, sm->ptk.kck, sm->ptk.kck_len, sm->bssid, sm->own_addr, - sm->network_ctx, sm->key_mgmt); + sm->network_ctx, sm->key_mgmt, NULL); if (!sm->cur_pmksa) sm->cur_pmksa = sa; } @@ -1378,7 +1495,8 @@ static int wpa_supplicant_process_1_of_2_rsn(struct wpa_sm *sm, int maxkeylen; struct wpa_eapol_ie_parse ie; - wpa_hexdump(MSG_DEBUG, "RSN: msg 1/2 key data", keydata, keydatalen); + wpa_hexdump_key(MSG_DEBUG, "RSN: msg 1/2 key data", + keydata, keydatalen); if (wpa_supplicant_parse_ies(keydata, keydatalen, &ie) < 0) return -1; if (ie.gtk && !(key_info & WPA_KEY_INFO_ENCR_KEY_DATA)) { @@ -1512,22 +1630,24 @@ static int wpa_supplicant_send_2_of_2(struct wpa_sm *sm, { size_t mic_len, hdrlen, rlen; struct wpa_eapol_key *reply; - struct wpa_eapol_key_192 *reply192; u8 *rbuf, *key_mic; - mic_len = wpa_mic_len(sm->key_mgmt); - hdrlen = mic_len == 24 ? sizeof(*reply192) : sizeof(*reply); + mic_len = wpa_mic_len(sm->key_mgmt, sm->pmk_len); + hdrlen = sizeof(*reply) + mic_len + 2; rbuf = wpa_sm_alloc_eapol(sm, IEEE802_1X_TYPE_EAPOL_KEY, NULL, hdrlen, &rlen, (void *) &reply); if (rbuf == NULL) return -1; - reply192 = (struct wpa_eapol_key_192 *) reply; reply->type = (sm->proto == WPA_PROTO_RSN || sm->proto == WPA_PROTO_OSEN) ? EAPOL_KEY_TYPE_RSN : EAPOL_KEY_TYPE_WPA; key_info &= WPA_KEY_INFO_KEY_INDEX_MASK; - key_info |= ver | WPA_KEY_INFO_MIC | WPA_KEY_INFO_SECURE; + key_info |= ver | WPA_KEY_INFO_SECURE; + if (mic_len) + key_info |= WPA_KEY_INFO_MIC; + else + key_info |= WPA_KEY_INFO_ENCR_KEY_DATA; WPA_PUT_BE16(reply->key_info, key_info); if (sm->proto == WPA_PROTO_RSN || sm->proto == WPA_PROTO_OSEN) WPA_PUT_BE16(reply->key_length, 0); @@ -1536,15 +1656,12 @@ static int wpa_supplicant_send_2_of_2(struct wpa_sm *sm, os_memcpy(reply->replay_counter, key->replay_counter, WPA_REPLAY_COUNTER_LEN); - key_mic = reply192->key_mic; /* same offset for reply and reply192 */ - if (mic_len == 24) - WPA_PUT_BE16(reply192->key_data_length, 0); - else - WPA_PUT_BE16(reply->key_data_length, 0); + key_mic = (u8 *) (reply + 1); + WPA_PUT_BE16(key_mic + mic_len, 0); wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "WPA: Sending EAPOL-Key 2/2"); - return wpa_eapol_key_send(sm, sm->ptk.kck, sm->ptk.kck_len, ver, - sm->bssid, ETH_P_EAPOL, rbuf, rlen, key_mic); + return wpa_eapol_key_send(sm, &sm->ptk, ver, sm->bssid, ETH_P_EAPOL, + rbuf, rlen, key_mic); } @@ -1559,7 +1676,7 @@ static void wpa_supplicant_process_1_of_2(struct wpa_sm *sm, struct wpa_gtk_data gd; const u8 *key_rsc; - if (!sm->msg_3_of_4_ok) { + if (!sm->msg_3_of_4_ok && !wpa_fils_is_completed(sm)) { wpa_msg(sm->ctx->msg_ctx, MSG_INFO, "WPA: Group Key Handshake started prior to completion of 4-way handshake"); goto failed; @@ -1620,20 +1737,21 @@ failed: static int wpa_supplicant_verify_eapol_key_mic(struct wpa_sm *sm, - struct wpa_eapol_key_192 *key, + struct wpa_eapol_key *key, u16 ver, const u8 *buf, size_t len) { u8 mic[WPA_EAPOL_KEY_MIC_MAX_LEN]; int ok = 0; - size_t mic_len = wpa_mic_len(sm->key_mgmt); + size_t mic_len = wpa_mic_len(sm->key_mgmt, sm->pmk_len); - os_memcpy(mic, key->key_mic, mic_len); + os_memcpy(mic, key + 1, mic_len); if (sm->tptk_set) { - os_memset(key->key_mic, 0, mic_len); - wpa_eapol_key_mic(sm->tptk.kck, sm->tptk.kck_len, sm->key_mgmt, - ver, buf, len, key->key_mic); - if (os_memcmp_const(mic, key->key_mic, mic_len) != 0) { + os_memset(key + 1, 0, mic_len); + if (wpa_eapol_key_mic(sm->tptk.kck, sm->tptk.kck_len, + sm->key_mgmt, + ver, buf, len, (u8 *) (key + 1)) < 0 || + os_memcmp_const(mic, key + 1, mic_len) != 0) { wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, "WPA: Invalid EAPOL-Key MIC " "when using TPTK - ignoring TPTK"); @@ -1643,14 +1761,23 @@ static int wpa_supplicant_verify_eapol_key_mic(struct wpa_sm *sm, sm->ptk_set = 1; os_memcpy(&sm->ptk, &sm->tptk, sizeof(sm->ptk)); os_memset(&sm->tptk, 0, sizeof(sm->tptk)); + /* + * This assures the same TPTK in sm->tptk can never be + * copied twice to sm->ptk as the new PTK. In + * combination with the installed flag in the wpa_ptk + * struct, this assures the same PTK is only installed + * once. + */ + sm->renew_snonce = 1; } } if (!ok && sm->ptk_set) { - os_memset(key->key_mic, 0, mic_len); - wpa_eapol_key_mic(sm->ptk.kck, sm->ptk.kck_len, sm->key_mgmt, - ver, buf, len, key->key_mic); - if (os_memcmp_const(mic, key->key_mic, mic_len) != 0) { + os_memset(key + 1, 0, mic_len); + if (wpa_eapol_key_mic(sm->ptk.kck, sm->ptk.kck_len, + sm->key_mgmt, + ver, buf, len, (u8 *) (key + 1)) < 0 || + os_memcmp_const(mic, key + 1, mic_len) != 0) { wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, "WPA: Invalid EAPOL-Key MIC - " "dropping packet"); @@ -1675,7 +1802,8 @@ static int wpa_supplicant_verify_eapol_key_mic(struct wpa_sm *sm, /* Decrypt RSN EAPOL-Key key data (RC4 or AES-WRAP) */ static int wpa_supplicant_decrypt_key_data(struct wpa_sm *sm, - struct wpa_eapol_key *key, u16 ver, + struct wpa_eapol_key *key, + size_t mic_len, u16 ver, u8 *key_data, size_t *key_data_len) { wpa_hexdump(MSG_DEBUG, "RSN: encrypted key data", @@ -1696,6 +1824,8 @@ static int wpa_supplicant_decrypt_key_data(struct wpa_sm *sm, return -1; #else /* CONFIG_NO_RC4 */ u8 ek[32]; + + wpa_printf(MSG_DEBUG, "WPA: Decrypt Key Data using RC4"); os_memcpy(ek, key->key_iv, 16); os_memcpy(ek + 16, sm->ptk.kek, sm->ptk.kek_len); if (rc4_skip(ek, 32, 256, key_data, *key_data_len)) { @@ -1708,9 +1838,12 @@ static int wpa_supplicant_decrypt_key_data(struct wpa_sm *sm, #endif /* CONFIG_NO_RC4 */ } else if (ver == WPA_KEY_INFO_TYPE_HMAC_SHA1_AES || ver == WPA_KEY_INFO_TYPE_AES_128_CMAC || - sm->key_mgmt == WPA_KEY_MGMT_OSEN || - wpa_key_mgmt_suite_b(sm->key_mgmt)) { + wpa_use_aes_key_wrap(sm->key_mgmt)) { u8 *buf; + + wpa_printf(MSG_DEBUG, + "WPA: Decrypt Key Data using AES-UNWRAP (KEK length %u)", + (unsigned int) sm->ptk.kek_len); if (*key_data_len < 8 || *key_data_len % 8) { wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, "WPA: Unsupported AES-WRAP len %u", @@ -1734,7 +1867,7 @@ static int wpa_supplicant_decrypt_key_data(struct wpa_sm *sm, } os_memcpy(key_data, buf, *key_data_len); bin_clear_free(buf, *key_data_len); - WPA_PUT_BE16(key->key_data_length, *key_data_len); + WPA_PUT_BE16(((u8 *) (key + 1)) + mic_len, *key_data_len); } else { wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, "WPA: Unsupported key_info type %d", ver); @@ -1797,6 +1930,76 @@ static void wpa_eapol_key_dump(struct wpa_sm *sm, } +#ifdef CONFIG_FILS +static int wpa_supp_aead_decrypt(struct wpa_sm *sm, u8 *buf, size_t buf_len, + size_t *key_data_len) +{ + struct wpa_ptk *ptk; + struct ieee802_1x_hdr *hdr; + struct wpa_eapol_key *key; + u8 *pos, *tmp; + const u8 *aad[1]; + size_t aad_len[1]; + + if (*key_data_len < AES_BLOCK_SIZE) { + wpa_printf(MSG_INFO, "No room for AES-SIV data in the frame"); + return -1; + } + + if (sm->tptk_set) + ptk = &sm->tptk; + else if (sm->ptk_set) + ptk = &sm->ptk; + else + return -1; + + hdr = (struct ieee802_1x_hdr *) buf; + key = (struct wpa_eapol_key *) (hdr + 1); + pos = (u8 *) (key + 1); + pos += 2; /* Pointing at the Encrypted Key Data field */ + + tmp = os_malloc(*key_data_len); + if (!tmp) + return -1; + + /* AES-SIV AAD from EAPOL protocol version field (inclusive) to + * to Key Data (exclusive). */ + aad[0] = buf; + aad_len[0] = pos - buf; + if (aes_siv_decrypt(ptk->kek, ptk->kek_len, pos, *key_data_len, + 1, aad, aad_len, tmp) < 0) { + wpa_printf(MSG_INFO, "Invalid AES-SIV data in the frame"); + bin_clear_free(tmp, *key_data_len); + return -1; + } + + /* AEAD decryption and validation completed successfully */ + (*key_data_len) -= AES_BLOCK_SIZE; + wpa_hexdump_key(MSG_DEBUG, "WPA: Decrypted Key Data", + tmp, *key_data_len); + + /* Replace Key Data field with the decrypted version */ + os_memcpy(pos, tmp, *key_data_len); + pos -= 2; /* Key Data Length field */ + WPA_PUT_BE16(pos, *key_data_len); + bin_clear_free(tmp, *key_data_len); + + if (sm->tptk_set) { + sm->tptk_set = 0; + sm->ptk_set = 1; + os_memcpy(&sm->ptk, &sm->tptk, sizeof(sm->ptk)); + os_memset(&sm->tptk, 0, sizeof(sm->tptk)); + } + + os_memcpy(sm->rx_replay_counter, key->replay_counter, + WPA_REPLAY_COUNTER_LEN); + sm->rx_replay_counter_set = 1; + + return 0; +} +#endif /* CONFIG_FILS */ + + /** * wpa_sm_rx_eapol - Process received WPA EAPOL frames * @sm: Pointer to WPA state machine data from wpa_sm_init() @@ -1819,20 +2022,18 @@ int wpa_sm_rx_eapol(struct wpa_sm *sm, const u8 *src_addr, size_t plen, data_len, key_data_len; const struct ieee802_1x_hdr *hdr; struct wpa_eapol_key *key; - struct wpa_eapol_key_192 *key192; u16 key_info, ver; u8 *tmp = NULL; int ret = -1; - struct wpa_peerkey *peerkey = NULL; - u8 *key_data; + u8 *mic, *key_data; size_t mic_len, keyhdrlen; #ifdef CONFIG_IEEE80211R sm->ft_completed = 0; #endif /* CONFIG_IEEE80211R */ - mic_len = wpa_mic_len(sm->key_mgmt); - keyhdrlen = mic_len == 24 ? sizeof(*key192) : sizeof(*key); + mic_len = wpa_mic_len(sm->key_mgmt, sm->pmk_len); + keyhdrlen = sizeof(*key) + mic_len + 2; if (len < sizeof(*hdr) + keyhdrlen) { wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, @@ -1879,17 +2080,12 @@ int wpa_sm_rx_eapol(struct wpa_sm *sm, const u8 *src_addr, * Make a copy of the frame since we need to modify the buffer during * MAC validation and Key Data decryption. */ - tmp = os_malloc(data_len); + tmp = os_memdup(buf, data_len); if (tmp == NULL) goto out; - os_memcpy(tmp, buf, data_len); key = (struct wpa_eapol_key *) (tmp + sizeof(struct ieee802_1x_hdr)); - key192 = (struct wpa_eapol_key_192 *) - (tmp + sizeof(struct ieee802_1x_hdr)); - if (mic_len == 24) - key_data = (u8 *) (key192 + 1); - else - key_data = (u8 *) (key + 1); + mic = (u8 *) (key + 1); + key_data = mic + mic_len + 2; if (key->type != EAPOL_KEY_TYPE_WPA && key->type != EAPOL_KEY_TYPE_RSN) { @@ -1900,11 +2096,8 @@ int wpa_sm_rx_eapol(struct wpa_sm *sm, const u8 *src_addr, goto out; } - if (mic_len == 24) - key_data_len = WPA_GET_BE16(key192->key_data_length); - else - key_data_len = WPA_GET_BE16(key->key_data_length); - wpa_eapol_key_dump(sm, key, key_data_len, key192->key_mic, mic_len); + key_data_len = WPA_GET_BE16(mic + mic_len); + wpa_eapol_key_dump(sm, key, key_data_len, mic, mic_len); if (key_data_len > plen - keyhdrlen) { wpa_msg(sm->ctx->msg_ctx, MSG_INFO, "WPA: Invalid EAPOL-Key " @@ -1922,23 +2115,14 @@ int wpa_sm_rx_eapol(struct wpa_sm *sm, const u8 *src_addr, ver != WPA_KEY_INFO_TYPE_AES_128_CMAC && #endif /* CONFIG_IEEE80211R || CONFIG_IEEE80211W */ ver != WPA_KEY_INFO_TYPE_HMAC_SHA1_AES && - !wpa_key_mgmt_suite_b(sm->key_mgmt) && - sm->key_mgmt != WPA_KEY_MGMT_OSEN) { + !wpa_use_akm_defined(sm->key_mgmt)) { wpa_msg(sm->ctx->msg_ctx, MSG_INFO, "WPA: Unsupported EAPOL-Key descriptor version %d", ver); goto out; } - if (sm->key_mgmt == WPA_KEY_MGMT_OSEN && - ver != WPA_KEY_INFO_TYPE_AKM_DEFINED) { - wpa_msg(sm->ctx->msg_ctx, MSG_INFO, - "OSEN: Unsupported EAPOL-Key descriptor version %d", - ver); - goto out; - } - - if (wpa_key_mgmt_suite_b(sm->key_mgmt) && + if (wpa_use_akm_defined(sm->key_mgmt) && ver != WPA_KEY_INFO_TYPE_AKM_DEFINED) { wpa_msg(sm->ctx->msg_ctx, MSG_INFO, "RSN: Unsupported EAPOL-Key descriptor version %d (expected AKM defined = 0)", @@ -1949,7 +2133,8 @@ int wpa_sm_rx_eapol(struct wpa_sm *sm, const u8 *src_addr, #ifdef CONFIG_IEEE80211R if (wpa_key_mgmt_ft(sm->key_mgmt)) { /* IEEE 802.11r uses a new key_info type (AES-128-CMAC). */ - if (ver != WPA_KEY_INFO_TYPE_AES_128_CMAC) { + if (ver != WPA_KEY_INFO_TYPE_AES_128_CMAC && + !wpa_use_akm_defined(sm->key_mgmt)) { wpa_msg(sm->ctx->msg_ctx, MSG_INFO, "FT: AP did not use AES-128-CMAC"); goto out; @@ -1959,8 +2144,7 @@ int wpa_sm_rx_eapol(struct wpa_sm *sm, const u8 *src_addr, #ifdef CONFIG_IEEE80211W if (wpa_key_mgmt_sha256(sm->key_mgmt)) { if (ver != WPA_KEY_INFO_TYPE_AES_128_CMAC && - sm->key_mgmt != WPA_KEY_MGMT_OSEN && - !wpa_key_mgmt_suite_b(sm->key_mgmt)) { + !wpa_use_akm_defined(sm->key_mgmt)) { wpa_msg(sm->ctx->msg_ctx, MSG_INFO, "WPA: AP did not use the " "negotiated AES-128-CMAC"); @@ -1969,7 +2153,7 @@ int wpa_sm_rx_eapol(struct wpa_sm *sm, const u8 *src_addr, } else #endif /* CONFIG_IEEE80211W */ if (sm->pairwise_cipher == WPA_CIPHER_CCMP && - !wpa_key_mgmt_suite_b(sm->key_mgmt) && + !wpa_use_akm_defined(sm->key_mgmt) && ver != WPA_KEY_INFO_TYPE_HMAC_SHA1_AES) { wpa_msg(sm->ctx->msg_ctx, MSG_INFO, "WPA: CCMP is used, but EAPOL-Key " @@ -1989,7 +2173,7 @@ int wpa_sm_rx_eapol(struct wpa_sm *sm, const u8 *src_addr, } else goto out; } else if (sm->pairwise_cipher == WPA_CIPHER_GCMP && - !wpa_key_mgmt_suite_b(sm->key_mgmt) && + !wpa_use_akm_defined(sm->key_mgmt) && ver != WPA_KEY_INFO_TYPE_HMAC_SHA1_AES) { wpa_msg(sm->ctx->msg_ctx, MSG_INFO, "WPA: GCMP is used, but EAPOL-Key " @@ -1997,44 +2181,7 @@ int wpa_sm_rx_eapol(struct wpa_sm *sm, const u8 *src_addr, goto out; } -#ifdef CONFIG_PEERKEY - for (peerkey = sm->peerkey; peerkey; peerkey = peerkey->next) { - if (os_memcmp(peerkey->addr, src_addr, ETH_ALEN) == 0) - break; - } - - if (!(key_info & WPA_KEY_INFO_SMK_MESSAGE) && peerkey) { - if (!peerkey->initiator && peerkey->replay_counter_set && - os_memcmp(key->replay_counter, peerkey->replay_counter, - WPA_REPLAY_COUNTER_LEN) <= 0) { - wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, - "RSN: EAPOL-Key Replay Counter did not " - "increase (STK) - dropping packet"); - goto out; - } else if (peerkey->initiator) { - u8 _tmp[WPA_REPLAY_COUNTER_LEN]; - os_memcpy(_tmp, key->replay_counter, - WPA_REPLAY_COUNTER_LEN); - inc_byte_array(_tmp, WPA_REPLAY_COUNTER_LEN); - if (os_memcmp(_tmp, peerkey->replay_counter, - WPA_REPLAY_COUNTER_LEN) != 0) { - wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, - "RSN: EAPOL-Key Replay " - "Counter did not match (STK) - " - "dropping packet"); - goto out; - } - } - } - - if (peerkey && peerkey->initiator && (key_info & WPA_KEY_INFO_ACK)) { - wpa_msg(sm->ctx->msg_ctx, MSG_INFO, - "RSN: Ack bit in key_info from STK peer"); - goto out; - } -#endif /* CONFIG_PEERKEY */ - - if (!peerkey && sm->rx_replay_counter_set && + if (sm->rx_replay_counter_set && os_memcmp(key->replay_counter, sm->rx_replay_counter, WPA_REPLAY_COUNTER_LEN) <= 0) { wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, @@ -2043,11 +2190,13 @@ int wpa_sm_rx_eapol(struct wpa_sm *sm, const u8 *src_addr, goto out; } - if (!(key_info & (WPA_KEY_INFO_ACK | WPA_KEY_INFO_SMK_MESSAGE)) -#ifdef CONFIG_PEERKEY - && (peerkey == NULL || !peerkey->initiator) -#endif /* CONFIG_PEERKEY */ - ) { + if (key_info & WPA_KEY_INFO_SMK_MESSAGE) { + wpa_msg(sm->ctx->msg_ctx, MSG_INFO, + "WPA: Unsupported SMK bit in key_info"); + goto out; + } + + if (!(key_info & WPA_KEY_INFO_ACK)) { wpa_msg(sm->ctx->msg_ctx, MSG_INFO, "WPA: No Ack bit in key_info"); goto out; @@ -2059,19 +2208,19 @@ int wpa_sm_rx_eapol(struct wpa_sm *sm, const u8 *src_addr, goto out; } - if ((key_info & WPA_KEY_INFO_MIC) && !peerkey && - wpa_supplicant_verify_eapol_key_mic(sm, key192, ver, tmp, data_len)) + if ((key_info & WPA_KEY_INFO_MIC) && + wpa_supplicant_verify_eapol_key_mic(sm, key, ver, tmp, data_len)) goto out; -#ifdef CONFIG_PEERKEY - if ((key_info & WPA_KEY_INFO_MIC) && peerkey && - peerkey_verify_eapol_key_mic(sm, peerkey, key192, ver, tmp, - data_len)) - goto out; -#endif /* CONFIG_PEERKEY */ +#ifdef CONFIG_FILS + if (!mic_len && (key_info & WPA_KEY_INFO_ENCR_KEY_DATA)) { + if (wpa_supp_aead_decrypt(sm, tmp, data_len, &key_data_len)) + goto out; + } +#endif /* CONFIG_FILS */ if ((sm->proto == WPA_PROTO_RSN || sm->proto == WPA_PROTO_OSEN) && - (key_info & WPA_KEY_INFO_ENCR_KEY_DATA)) { + (key_info & WPA_KEY_INFO_ENCR_KEY_DATA) && mic_len) { /* * Only decrypt the Key Data field if the frame's authenticity * was verified. When using AES-SIV (FILS), the MIC flag is not @@ -2083,7 +2232,8 @@ int wpa_sm_rx_eapol(struct wpa_sm *sm, const u8 *src_addr, "WPA: Ignore EAPOL-Key with encrypted but unauthenticated data"); goto out; } - if (wpa_supplicant_decrypt_key_data(sm, key, ver, key_data, + if (wpa_supplicant_decrypt_key_data(sm, key, mic_len, + ver, key_data, &key_data_len)) goto out; } @@ -2095,11 +2245,8 @@ int wpa_sm_rx_eapol(struct wpa_sm *sm, const u8 *src_addr, "non-zero key index"); goto out; } - if (peerkey) { - /* PeerKey 4-Way Handshake */ - peerkey_rx_eapol_4way(sm, peerkey, key, key_info, ver, - key_data, key_data_len); - } else if (key_info & WPA_KEY_INFO_MIC) { + if (key_info & (WPA_KEY_INFO_MIC | + WPA_KEY_INFO_ENCR_KEY_DATA)) { /* 3/4 4-Way Handshake */ wpa_supplicant_process_3_of_4(sm, key, ver, key_data, key_data_len); @@ -2109,19 +2256,16 @@ int wpa_sm_rx_eapol(struct wpa_sm *sm, const u8 *src_addr, ver, key_data, key_data_len); } - } else if (key_info & WPA_KEY_INFO_SMK_MESSAGE) { - /* PeerKey SMK Handshake */ - peerkey_rx_eapol_smk(sm, src_addr, key, key_data_len, key_info, - ver); } else { - if (key_info & WPA_KEY_INFO_MIC) { + if ((mic_len && (key_info & WPA_KEY_INFO_MIC)) || + (!mic_len && (key_info & WPA_KEY_INFO_ENCR_KEY_DATA))) { /* 1/2 Group Key Handshake */ wpa_supplicant_process_1_of_2(sm, src_addr, key, key_data, key_data_len, ver); } else { wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, - "WPA: EAPOL-Key (Group) without Mic bit - " + "WPA: EAPOL-Key (Group) without Mic/Encr bit - " "dropped"); } } @@ -2296,6 +2440,7 @@ static void wpa_sm_pmksa_free_cb(struct rsn_pmksa_cache_entry *entry, } if (deauth) { + sm->pmk_len = 0; os_memset(sm->pmk, 0, sizeof(sm->pmk)); wpa_sm_deauthenticate(sm, WLAN_REASON_UNSPECIFIED); } @@ -2353,13 +2498,21 @@ void wpa_sm_deinit(struct wpa_sm *sm) os_free(sm->ap_rsn_ie); wpa_sm_drop_sa(sm); os_free(sm->ctx); - peerkey_deinit(sm); #ifdef CONFIG_IEEE80211R os_free(sm->assoc_resp_ies); #endif /* CONFIG_IEEE80211R */ #ifdef CONFIG_TESTING_OPTIONS wpabuf_free(sm->test_assoc_ie); #endif /* CONFIG_TESTING_OPTIONS */ +#ifdef CONFIG_FILS_SK_PFS + crypto_ecdh_deinit(sm->fils_ecdh); +#endif /* CONFIG_FILS_SK_PFS */ +#ifdef CONFIG_FILS + wpabuf_free(sm->fils_ft_ies); +#endif /* CONFIG_FILS */ +#ifdef CONFIG_OWE + crypto_ecdh_deinit(sm->owe_ecdh); +#endif /* CONFIG_OWE */ os_free(sm); } @@ -2403,6 +2556,16 @@ void wpa_sm_notify_assoc(struct wpa_sm *sm, const u8 *bssid) clear_keys = 0; } #endif /* CONFIG_IEEE80211R */ +#ifdef CONFIG_FILS + if (sm->fils_completed) { + /* + * Clear portValid to kick EAPOL state machine to re-enter + * AUTHENTICATED state to get the EAPOL port Authorized. + */ + wpa_supplicant_key_neg_complete(sm, sm->bssid, 1); + clear_keys = 0; + } +#endif /* CONFIG_FILS */ if (clear_keys) { /* @@ -2443,7 +2606,6 @@ void wpa_sm_notify_disassoc(struct wpa_sm *sm) { eloop_cancel_timeout(wpa_sm_start_preauth, sm, NULL); eloop_cancel_timeout(wpa_sm_rekey_ptk, sm, NULL); - peerkey_deinit(sm); rsn_preauth_deinit(sm); pmksa_cache_clear_current(sm); if (wpa_sm_get_state(sm) == WPA_4WAY_HANDSHAKE) @@ -2451,6 +2613,9 @@ void wpa_sm_notify_disassoc(struct wpa_sm *sm) #ifdef CONFIG_TDLS wpa_tdls_disassoc(sm); #endif /* CONFIG_TDLS */ +#ifdef CONFIG_FILS + sm->fils_completed = 0; +#endif /* CONFIG_FILS */ #ifdef CONFIG_IEEE80211R sm->ft_reassoc_completed = 0; #endif /* CONFIG_IEEE80211R */ @@ -2459,6 +2624,7 @@ void wpa_sm_notify_disassoc(struct wpa_sm *sm) wpa_sm_drop_sa(sm); sm->msg_3_of_4_ok = 0; + os_memset(sm->bssid, 0, ETH_ALEN); } @@ -2478,6 +2644,8 @@ void wpa_sm_set_pmk(struct wpa_sm *sm, const u8 *pmk, size_t pmk_len, if (sm == NULL) return; + wpa_hexdump_key(MSG_DEBUG, "WPA: Set PMK based on external data", + pmk, pmk_len); sm->pmk_len = pmk_len; os_memcpy(sm->pmk, pmk, pmk_len); @@ -2490,7 +2658,7 @@ void wpa_sm_set_pmk(struct wpa_sm *sm, const u8 *pmk, size_t pmk_len, if (bssid) { pmksa_cache_add(sm->pmksa, pmk, pmk_len, pmkid, NULL, 0, bssid, sm->own_addr, - sm->network_ctx, sm->key_mgmt); + sm->network_ctx, sm->key_mgmt, NULL); } } @@ -2508,11 +2676,15 @@ void wpa_sm_set_pmk_from_pmksa(struct wpa_sm *sm) return; if (sm->cur_pmksa) { + wpa_hexdump_key(MSG_DEBUG, + "WPA: Set PMK based on current PMKSA", + sm->cur_pmksa->pmk, sm->cur_pmksa->pmk_len); sm->pmk_len = sm->cur_pmksa->pmk_len; os_memcpy(sm->pmk, sm->cur_pmksa->pmk, sm->pmk_len); } else { - sm->pmk_len = PMK_LEN; - os_memset(sm->pmk, 0, PMK_LEN); + wpa_printf(MSG_DEBUG, "WPA: No current PMKSA - clear PMK"); + sm->pmk_len = 0; + os_memset(sm->pmk, 0, PMK_LEN_MAX); } } @@ -2560,7 +2732,6 @@ void wpa_sm_set_config(struct wpa_sm *sm, struct rsn_supp_config *config) if (config) { sm->network_ctx = config->network_ctx; - sm->peerkey_enabled = config->peerkey_enabled; sm->allowed_pairwise_cipher = config->allowed_pairwise_cipher; sm->proactive_key_caching = config->proactive_key_caching; sm->eap_workaround = config->eap_workaround; @@ -2573,9 +2744,17 @@ void wpa_sm_set_config(struct wpa_sm *sm, struct rsn_supp_config *config) sm->wpa_ptk_rekey = config->wpa_ptk_rekey; sm->p2p = config->p2p; sm->wpa_rsc_relaxation = config->wpa_rsc_relaxation; +#ifdef CONFIG_FILS + if (config->fils_cache_id) { + sm->fils_cache_id_set = 1; + os_memcpy(sm->fils_cache_id, config->fils_cache_id, + FILS_CACHE_ID_LEN); + } else { + sm->fils_cache_id_set = 0; + } +#endif /* CONFIG_FILS */ } else { sm->network_ctx = NULL; - sm->peerkey_enabled = 0; sm->allowed_pairwise_cipher = 0; sm->proactive_key_caching = 0; sm->eap_workaround = 0; @@ -2728,9 +2907,12 @@ int wpa_sm_get_status(struct wpa_sm *sm, char *buf, size_t buflen, >= 0 && rsn.capabilities & (WPA_CAPABILITY_MFPR | WPA_CAPABILITY_MFPC)) { - ret = os_snprintf(pos, end - pos, "pmf=%d\n", + ret = os_snprintf(pos, end - pos, "pmf=%d\n" + "mgmt_group_cipher=%s\n", (rsn.capabilities & - WPA_CAPABILITY_MFPR) ? 2 : 1); + WPA_CAPABILITY_MFPR) ? 2 : 1, + wpa_cipher_txt( + sm->mgmt_group_cipher)); if (os_snprintf_error(end - pos, ret)) return pos - buf; pos += ret; @@ -2796,12 +2978,15 @@ int wpa_sm_set_assoc_wpa_ie_default(struct wpa_sm *sm, u8 *wpa_ie, * the correct version of the IE even if PMKSA caching is * aborted (which would remove PMKID from IE generation). */ - sm->assoc_wpa_ie = os_malloc(*wpa_ie_len); + sm->assoc_wpa_ie = os_memdup(wpa_ie, *wpa_ie_len); if (sm->assoc_wpa_ie == NULL) return -1; - os_memcpy(sm->assoc_wpa_ie, wpa_ie, *wpa_ie_len); sm->assoc_wpa_ie_len = *wpa_ie_len; + } else { + wpa_hexdump(MSG_DEBUG, + "WPA: Leave previously set WPA IE default", + sm->assoc_wpa_ie, sm->assoc_wpa_ie_len); } return 0; @@ -2832,11 +3017,10 @@ int wpa_sm_set_assoc_wpa_ie(struct wpa_sm *sm, const u8 *ie, size_t len) sm->assoc_wpa_ie_len = 0; } else { wpa_hexdump(MSG_DEBUG, "WPA: set own WPA/RSN IE", ie, len); - sm->assoc_wpa_ie = os_malloc(len); + sm->assoc_wpa_ie = os_memdup(ie, len); if (sm->assoc_wpa_ie == NULL) return -1; - os_memcpy(sm->assoc_wpa_ie, ie, len); sm->assoc_wpa_ie_len = len; } @@ -2867,11 +3051,10 @@ int wpa_sm_set_ap_wpa_ie(struct wpa_sm *sm, const u8 *ie, size_t len) sm->ap_wpa_ie_len = 0; } else { wpa_hexdump(MSG_DEBUG, "WPA: set AP WPA IE", ie, len); - sm->ap_wpa_ie = os_malloc(len); + sm->ap_wpa_ie = os_memdup(ie, len); if (sm->ap_wpa_ie == NULL) return -1; - os_memcpy(sm->ap_wpa_ie, ie, len); sm->ap_wpa_ie_len = len; } @@ -2902,11 +3085,10 @@ int wpa_sm_set_ap_rsn_ie(struct wpa_sm *sm, const u8 *ie, size_t len) sm->ap_rsn_ie_len = 0; } else { wpa_hexdump(MSG_DEBUG, "WPA: set AP RSN IE", ie, len); - sm->ap_rsn_ie = os_malloc(len); + sm->ap_rsn_ie = os_memdup(ie, len); if (sm->ap_rsn_ie == NULL) return -1; - os_memcpy(sm->ap_rsn_ie, ie, len); sm->ap_rsn_ie_len = len; } @@ -2945,11 +3127,43 @@ int wpa_sm_pmksa_cache_list(struct wpa_sm *sm, char *buf, size_t len) } +struct rsn_pmksa_cache_entry * wpa_sm_pmksa_cache_head(struct wpa_sm *sm) +{ + return pmksa_cache_head(sm->pmksa); +} + + +struct rsn_pmksa_cache_entry * +wpa_sm_pmksa_cache_add_entry(struct wpa_sm *sm, + struct rsn_pmksa_cache_entry * entry) +{ + return pmksa_cache_add_entry(sm->pmksa, entry); +} + + +void wpa_sm_pmksa_cache_add(struct wpa_sm *sm, const u8 *pmk, size_t pmk_len, + const u8 *pmkid, const u8 *bssid, + const u8 *fils_cache_id) +{ + sm->cur_pmksa = pmksa_cache_add(sm->pmksa, pmk, pmk_len, pmkid, NULL, 0, + bssid, sm->own_addr, sm->network_ctx, + sm->key_mgmt, fils_cache_id); +} + + +int wpa_sm_pmksa_exists(struct wpa_sm *sm, const u8 *bssid, + const void *network_ctx) +{ + return pmksa_cache_get(sm->pmksa, bssid, NULL, network_ctx, 0) != NULL; +} + + void wpa_sm_drop_sa(struct wpa_sm *sm) { wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "WPA: Clear old PMK and PTK"); sm->ptk_set = 0; sm->tptk_set = 0; + sm->pmk_len = 0; os_memset(sm->pmk, 0, sizeof(sm->pmk)); os_memset(&sm->ptk, 0, sizeof(sm->ptk)); os_memset(&sm->tptk, 0, sizeof(sm->tptk)); @@ -2961,8 +3175,11 @@ void wpa_sm_drop_sa(struct wpa_sm *sm) #endif /* CONFIG_IEEE80211W */ #ifdef CONFIG_IEEE80211R os_memset(sm->xxkey, 0, sizeof(sm->xxkey)); + sm->xxkey_len = 0; os_memset(sm->pmk_r0, 0, sizeof(sm->pmk_r0)); + sm->pmk_r0_len = 0; os_memset(sm->pmk_r1, 0, sizeof(sm->pmk_r1)); + sm->pmk_r1_len = 0; #endif /* CONFIG_IEEE80211R */ } @@ -3047,27 +3264,6 @@ int wpa_wnmsleep_install_key(struct wpa_sm *sm, u8 subelem_id, u8 *buf) #endif /* CONFIG_WNM */ -#ifdef CONFIG_PEERKEY -int wpa_sm_rx_eapol_peerkey(struct wpa_sm *sm, const u8 *src_addr, - const u8 *buf, size_t len) -{ - struct wpa_peerkey *peerkey; - - for (peerkey = sm->peerkey; peerkey; peerkey = peerkey->next) { - if (os_memcmp(peerkey->addr, src_addr, ETH_ALEN) == 0) - break; - } - - if (!peerkey) - return 0; - - wpa_sm_rx_eapol(sm, src_addr, buf, len); - - return 1; -} -#endif /* CONFIG_PEERKEY */ - - #ifdef CONFIG_P2P int wpa_sm_get_p2p_ip_addr(struct wpa_sm *sm, u8 *buf) @@ -3112,9 +3308,1130 @@ void wpa_sm_set_ptk_kck_kek(struct wpa_sm *sm, #ifdef CONFIG_TESTING_OPTIONS + void wpa_sm_set_test_assoc_ie(struct wpa_sm *sm, struct wpabuf *buf) { wpabuf_free(sm->test_assoc_ie); sm->test_assoc_ie = buf; } + + +const u8 * wpa_sm_get_anonce(struct wpa_sm *sm) +{ + return sm->anonce; +} + #endif /* CONFIG_TESTING_OPTIONS */ + + +unsigned int wpa_sm_get_key_mgmt(struct wpa_sm *sm) +{ + return sm->key_mgmt; +} + + +#ifdef CONFIG_FILS + +struct wpabuf * fils_build_auth(struct wpa_sm *sm, int dh_group, const u8 *md) +{ + struct wpabuf *buf = NULL; + struct wpabuf *erp_msg; + struct wpabuf *pub = NULL; + + erp_msg = eapol_sm_build_erp_reauth_start(sm->eapol); + if (!erp_msg && !sm->cur_pmksa) { + wpa_printf(MSG_DEBUG, + "FILS: Neither ERP EAP-Initiate/Re-auth nor PMKSA cache entry is available - skip FILS"); + goto fail; + } + + wpa_printf(MSG_DEBUG, "FILS: Try to use FILS (erp=%d pmksa_cache=%d)", + erp_msg != NULL, sm->cur_pmksa != NULL); + + sm->fils_completed = 0; + + if (!sm->assoc_wpa_ie) { + wpa_printf(MSG_INFO, "FILS: No own RSN IE set for FILS"); + goto fail; + } + + if (random_get_bytes(sm->fils_nonce, FILS_NONCE_LEN) < 0 || + random_get_bytes(sm->fils_session, FILS_SESSION_LEN) < 0) + goto fail; + + wpa_hexdump(MSG_DEBUG, "FILS: Generated FILS Nonce", + sm->fils_nonce, FILS_NONCE_LEN); + wpa_hexdump(MSG_DEBUG, "FILS: Generated FILS Session", + sm->fils_session, FILS_SESSION_LEN); + +#ifdef CONFIG_FILS_SK_PFS + sm->fils_dh_group = dh_group; + if (dh_group) { + crypto_ecdh_deinit(sm->fils_ecdh); + sm->fils_ecdh = crypto_ecdh_init(dh_group); + if (!sm->fils_ecdh) { + wpa_printf(MSG_INFO, + "FILS: Could not initialize ECDH with group %d", + dh_group); + goto fail; + } + pub = crypto_ecdh_get_pubkey(sm->fils_ecdh, 1); + if (!pub) + goto fail; + wpa_hexdump_buf(MSG_DEBUG, "FILS: Element (DH public key)", + pub); + sm->fils_dh_elem_len = wpabuf_len(pub); + } +#endif /* CONFIG_FILS_SK_PFS */ + + buf = wpabuf_alloc(1000 + sm->assoc_wpa_ie_len + + (pub ? wpabuf_len(pub) : 0)); + if (!buf) + goto fail; + + /* Fields following the Authentication algorithm number field */ + + /* Authentication Transaction seq# */ + wpabuf_put_le16(buf, 1); + + /* Status Code */ + wpabuf_put_le16(buf, WLAN_STATUS_SUCCESS); + + /* TODO: FILS PK */ +#ifdef CONFIG_FILS_SK_PFS + if (dh_group) { + /* Finite Cyclic Group */ + wpabuf_put_le16(buf, dh_group); + /* Element */ + wpabuf_put_buf(buf, pub); + } +#endif /* CONFIG_FILS_SK_PFS */ + + /* RSNE */ + wpa_hexdump(MSG_DEBUG, "FILS: RSNE in FILS Authentication frame", + sm->assoc_wpa_ie, sm->assoc_wpa_ie_len); + wpabuf_put_data(buf, sm->assoc_wpa_ie, sm->assoc_wpa_ie_len); + + if (md) { + /* MDE when using FILS for FT initial association */ + struct rsn_mdie *mdie; + + wpabuf_put_u8(buf, WLAN_EID_MOBILITY_DOMAIN); + wpabuf_put_u8(buf, sizeof(*mdie)); + mdie = wpabuf_put(buf, sizeof(*mdie)); + os_memcpy(mdie->mobility_domain, md, MOBILITY_DOMAIN_ID_LEN); + mdie->ft_capab = 0; + } + + /* FILS Nonce */ + wpabuf_put_u8(buf, WLAN_EID_EXTENSION); /* Element ID */ + wpabuf_put_u8(buf, 1 + FILS_NONCE_LEN); /* Length */ + /* Element ID Extension */ + wpabuf_put_u8(buf, WLAN_EID_EXT_FILS_NONCE); + wpabuf_put_data(buf, sm->fils_nonce, FILS_NONCE_LEN); + + /* FILS Session */ + wpabuf_put_u8(buf, WLAN_EID_EXTENSION); /* Element ID */ + wpabuf_put_u8(buf, 1 + FILS_SESSION_LEN); /* Length */ + /* Element ID Extension */ + wpabuf_put_u8(buf, WLAN_EID_EXT_FILS_SESSION); + wpabuf_put_data(buf, sm->fils_session, FILS_SESSION_LEN); + + /* FILS Wrapped Data */ + sm->fils_erp_pmkid_set = 0; + if (erp_msg) { + wpabuf_put_u8(buf, WLAN_EID_EXTENSION); /* Element ID */ + wpabuf_put_u8(buf, 1 + wpabuf_len(erp_msg)); /* Length */ + /* Element ID Extension */ + wpabuf_put_u8(buf, WLAN_EID_EXT_FILS_WRAPPED_DATA); + wpabuf_put_buf(buf, erp_msg); + /* Calculate pending PMKID here so that we do not need to + * maintain a copy of the EAP-Initiate/Reauth message. */ + if (fils_pmkid_erp(sm->key_mgmt, wpabuf_head(erp_msg), + wpabuf_len(erp_msg), + sm->fils_erp_pmkid) == 0) + sm->fils_erp_pmkid_set = 1; + } + + wpa_hexdump_buf(MSG_DEBUG, "RSN: FILS fields for Authentication frame", + buf); + +fail: + wpabuf_free(erp_msg); + wpabuf_free(pub); + return buf; +} + + +int fils_process_auth(struct wpa_sm *sm, const u8 *bssid, const u8 *data, + size_t len) +{ + const u8 *pos, *end; + struct ieee802_11_elems elems; + struct wpa_ie_data rsn; + int pmkid_match = 0; + u8 ick[FILS_ICK_MAX_LEN]; + size_t ick_len; + int res; + struct wpabuf *dh_ss = NULL; + const u8 *g_sta = NULL; + size_t g_sta_len = 0; + const u8 *g_ap = NULL; + size_t g_ap_len = 0; + struct wpabuf *pub = NULL; + + os_memcpy(sm->bssid, bssid, ETH_ALEN); + + wpa_hexdump(MSG_DEBUG, "FILS: Authentication frame fields", + data, len); + pos = data; + end = data + len; + + /* TODO: FILS PK */ +#ifdef CONFIG_FILS_SK_PFS + if (sm->fils_dh_group) { + u16 group; + + /* Using FILS PFS */ + + /* Finite Cyclic Group */ + if (end - pos < 2) { + wpa_printf(MSG_DEBUG, + "FILS: No room for Finite Cyclic Group"); + goto fail; + } + group = WPA_GET_LE16(pos); + pos += 2; + if (group != sm->fils_dh_group) { + wpa_printf(MSG_DEBUG, + "FILS: Unexpected change in Finite Cyclic Group: %u (expected %u)", + group, sm->fils_dh_group); + goto fail; + } + + /* Element */ + if ((size_t) (end - pos) < sm->fils_dh_elem_len) { + wpa_printf(MSG_DEBUG, "FILS: No room for Element"); + goto fail; + } + + if (!sm->fils_ecdh) { + wpa_printf(MSG_DEBUG, "FILS: No ECDH state available"); + goto fail; + } + dh_ss = crypto_ecdh_set_peerkey(sm->fils_ecdh, 1, pos, + sm->fils_dh_elem_len); + if (!dh_ss) { + wpa_printf(MSG_DEBUG, "FILS: ECDH operation failed"); + goto fail; + } + wpa_hexdump_buf_key(MSG_DEBUG, "FILS: DH_SS", dh_ss); + g_ap = pos; + g_ap_len = sm->fils_dh_elem_len; + pos += sm->fils_dh_elem_len; + } +#endif /* CONFIG_FILS_SK_PFS */ + + wpa_hexdump(MSG_DEBUG, "FILS: Remaining IEs", pos, end - pos); + if (ieee802_11_parse_elems(pos, end - pos, &elems, 1) == ParseFailed) { + wpa_printf(MSG_DEBUG, "FILS: Could not parse elements"); + goto fail; + } + + /* RSNE */ + wpa_hexdump(MSG_DEBUG, "FILS: RSN element", elems.rsn_ie, + elems.rsn_ie_len); + if (!elems.rsn_ie || + wpa_parse_wpa_ie_rsn(elems.rsn_ie - 2, elems.rsn_ie_len + 2, + &rsn) < 0) { + wpa_printf(MSG_DEBUG, "FILS: No RSN element"); + goto fail; + } + + if (!elems.fils_nonce) { + wpa_printf(MSG_DEBUG, "FILS: No FILS Nonce field"); + goto fail; + } + os_memcpy(sm->fils_anonce, elems.fils_nonce, FILS_NONCE_LEN); + wpa_hexdump(MSG_DEBUG, "FILS: ANonce", sm->fils_anonce, FILS_NONCE_LEN); + +#ifdef CONFIG_IEEE80211R + if (wpa_key_mgmt_ft(sm->key_mgmt)) { + struct wpa_ft_ies parse; + + if (!elems.mdie || !elems.ftie) { + wpa_printf(MSG_DEBUG, "FILS+FT: No MDE or FTE"); + goto fail; + } + + if (wpa_ft_parse_ies(pos, end - pos, &parse, + wpa_key_mgmt_sha384(sm->key_mgmt)) < 0) { + wpa_printf(MSG_DEBUG, "FILS+FT: Failed to parse IEs"); + goto fail; + } + + if (!parse.r0kh_id) { + wpa_printf(MSG_DEBUG, + "FILS+FT: No R0KH-ID subelem in FTE"); + goto fail; + } + os_memcpy(sm->r0kh_id, parse.r0kh_id, parse.r0kh_id_len); + sm->r0kh_id_len = parse.r0kh_id_len; + wpa_hexdump_ascii(MSG_DEBUG, "FILS+FT: R0KH-ID", + sm->r0kh_id, sm->r0kh_id_len); + + if (!parse.r1kh_id) { + wpa_printf(MSG_DEBUG, + "FILS+FT: No R1KH-ID subelem in FTE"); + goto fail; + } + os_memcpy(sm->r1kh_id, parse.r1kh_id, FT_R1KH_ID_LEN); + wpa_hexdump(MSG_DEBUG, "FILS+FT: R1KH-ID", + sm->r1kh_id, FT_R1KH_ID_LEN); + + /* TODO: Check MDE and FTE payload */ + + wpabuf_free(sm->fils_ft_ies); + sm->fils_ft_ies = wpabuf_alloc(2 + elems.mdie_len + + 2 + elems.ftie_len); + if (!sm->fils_ft_ies) + goto fail; + wpabuf_put_data(sm->fils_ft_ies, elems.mdie - 2, + 2 + elems.mdie_len); + wpabuf_put_data(sm->fils_ft_ies, elems.ftie - 2, + 2 + elems.ftie_len); + } else { + wpabuf_free(sm->fils_ft_ies); + sm->fils_ft_ies = NULL; + } +#endif /* CONFIG_IEEE80211R */ + + /* PMKID List */ + if (rsn.pmkid && rsn.num_pmkid > 0) { + wpa_hexdump(MSG_DEBUG, "FILS: PMKID List", + rsn.pmkid, rsn.num_pmkid * PMKID_LEN); + + if (rsn.num_pmkid != 1) { + wpa_printf(MSG_DEBUG, "FILS: Invalid PMKID selection"); + goto fail; + } + wpa_hexdump(MSG_DEBUG, "FILS: PMKID", rsn.pmkid, PMKID_LEN); + if (os_memcmp(sm->cur_pmksa->pmkid, rsn.pmkid, PMKID_LEN) != 0) + { + wpa_printf(MSG_DEBUG, "FILS: PMKID mismatch"); + wpa_hexdump(MSG_DEBUG, "FILS: Expected PMKID", + sm->cur_pmksa->pmkid, PMKID_LEN); + goto fail; + } + wpa_printf(MSG_DEBUG, + "FILS: Matching PMKID - continue using PMKSA caching"); + pmkid_match = 1; + } + if (!pmkid_match && sm->cur_pmksa) { + wpa_printf(MSG_DEBUG, + "FILS: No PMKID match - cannot use cached PMKSA entry"); + sm->cur_pmksa = NULL; + } + + /* FILS Session */ + if (!elems.fils_session) { + wpa_printf(MSG_DEBUG, "FILS: No FILS Session element"); + goto fail; + } + wpa_hexdump(MSG_DEBUG, "FILS: FILS Session", elems.fils_session, + FILS_SESSION_LEN); + if (os_memcmp(sm->fils_session, elems.fils_session, FILS_SESSION_LEN) + != 0) { + wpa_printf(MSG_DEBUG, "FILS: Session mismatch"); + wpa_hexdump(MSG_DEBUG, "FILS: Expected FILS Session", + sm->fils_session, FILS_SESSION_LEN); + goto fail; + } + + /* FILS Wrapped Data */ + if (!sm->cur_pmksa && elems.fils_wrapped_data) { + u8 rmsk[ERP_MAX_KEY_LEN]; + size_t rmsk_len; + + wpa_hexdump(MSG_DEBUG, "FILS: Wrapped Data", + elems.fils_wrapped_data, + elems.fils_wrapped_data_len); + eapol_sm_process_erp_finish(sm->eapol, elems.fils_wrapped_data, + elems.fils_wrapped_data_len); + if (eapol_sm_failed(sm->eapol)) + goto fail; + + rmsk_len = ERP_MAX_KEY_LEN; + res = eapol_sm_get_key(sm->eapol, rmsk, rmsk_len); + if (res == PMK_LEN) { + rmsk_len = PMK_LEN; + res = eapol_sm_get_key(sm->eapol, rmsk, rmsk_len); + } + if (res) + goto fail; + + res = fils_rmsk_to_pmk(sm->key_mgmt, rmsk, rmsk_len, + sm->fils_nonce, sm->fils_anonce, + dh_ss ? wpabuf_head(dh_ss) : NULL, + dh_ss ? wpabuf_len(dh_ss) : 0, + sm->pmk, &sm->pmk_len); + os_memset(rmsk, 0, sizeof(rmsk)); + + /* Don't use DHss in PTK derivation if PMKSA caching is not + * used. */ + wpabuf_clear_free(dh_ss); + dh_ss = NULL; + + if (res) + goto fail; + + if (!sm->fils_erp_pmkid_set) { + wpa_printf(MSG_DEBUG, "FILS: PMKID not available"); + goto fail; + } + wpa_hexdump(MSG_DEBUG, "FILS: PMKID", sm->fils_erp_pmkid, + PMKID_LEN); + wpa_printf(MSG_DEBUG, "FILS: ERP processing succeeded - add PMKSA cache entry for the result"); + sm->cur_pmksa = pmksa_cache_add(sm->pmksa, sm->pmk, sm->pmk_len, + sm->fils_erp_pmkid, NULL, 0, + sm->bssid, sm->own_addr, + sm->network_ctx, sm->key_mgmt, + NULL); + } + + if (!sm->cur_pmksa) { + wpa_printf(MSG_DEBUG, + "FILS: No remaining options to continue FILS authentication"); + goto fail; + } + + if (fils_pmk_to_ptk(sm->pmk, sm->pmk_len, sm->own_addr, sm->bssid, + sm->fils_nonce, sm->fils_anonce, + dh_ss ? wpabuf_head(dh_ss) : NULL, + dh_ss ? wpabuf_len(dh_ss) : 0, + &sm->ptk, ick, &ick_len, + sm->key_mgmt, sm->pairwise_cipher, + sm->fils_ft, &sm->fils_ft_len) < 0) { + wpa_printf(MSG_DEBUG, "FILS: Failed to derive PTK"); + goto fail; + } + + wpabuf_clear_free(dh_ss); + dh_ss = NULL; + + sm->ptk_set = 1; + sm->tptk_set = 0; + os_memset(&sm->tptk, 0, sizeof(sm->tptk)); + +#ifdef CONFIG_FILS_SK_PFS + if (sm->fils_dh_group) { + if (!sm->fils_ecdh) { + wpa_printf(MSG_INFO, "FILS: ECDH not initialized"); + goto fail; + } + pub = crypto_ecdh_get_pubkey(sm->fils_ecdh, 1); + if (!pub) + goto fail; + wpa_hexdump_buf(MSG_DEBUG, "FILS: gSTA", pub); + g_sta = wpabuf_head(pub); + g_sta_len = wpabuf_len(pub); + if (!g_ap) { + wpa_printf(MSG_INFO, "FILS: gAP not available"); + goto fail; + } + wpa_hexdump(MSG_DEBUG, "FILS: gAP", g_ap, g_ap_len); + } +#endif /* CONFIG_FILS_SK_PFS */ + + res = fils_key_auth_sk(ick, ick_len, sm->fils_nonce, + sm->fils_anonce, sm->own_addr, sm->bssid, + g_sta, g_sta_len, g_ap, g_ap_len, + sm->key_mgmt, sm->fils_key_auth_sta, + sm->fils_key_auth_ap, + &sm->fils_key_auth_len); + wpabuf_free(pub); + os_memset(ick, 0, sizeof(ick)); + return res; +fail: + wpabuf_free(pub); + wpabuf_clear_free(dh_ss); + return -1; +} + + +#ifdef CONFIG_IEEE80211R +static int fils_ft_build_assoc_req_rsne(struct wpa_sm *sm, struct wpabuf *buf) +{ + struct rsn_ie_hdr *rsnie; + u16 capab; + u8 *pos; + int use_sha384 = wpa_key_mgmt_sha384(sm->key_mgmt); + + /* RSNIE[PMKR0Name/PMKR1Name] */ + rsnie = wpabuf_put(buf, sizeof(*rsnie)); + rsnie->elem_id = WLAN_EID_RSN; + WPA_PUT_LE16(rsnie->version, RSN_VERSION); + + /* Group Suite Selector */ + if (!wpa_cipher_valid_group(sm->group_cipher)) { + wpa_printf(MSG_WARNING, "FT: Invalid group cipher (%d)", + sm->group_cipher); + return -1; + } + pos = wpabuf_put(buf, RSN_SELECTOR_LEN); + RSN_SELECTOR_PUT(pos, wpa_cipher_to_suite(WPA_PROTO_RSN, + sm->group_cipher)); + + /* Pairwise Suite Count */ + wpabuf_put_le16(buf, 1); + + /* Pairwise Suite List */ + if (!wpa_cipher_valid_pairwise(sm->pairwise_cipher)) { + wpa_printf(MSG_WARNING, "FT: Invalid pairwise cipher (%d)", + sm->pairwise_cipher); + return -1; + } + pos = wpabuf_put(buf, RSN_SELECTOR_LEN); + RSN_SELECTOR_PUT(pos, wpa_cipher_to_suite(WPA_PROTO_RSN, + sm->pairwise_cipher)); + + /* Authenticated Key Management Suite Count */ + wpabuf_put_le16(buf, 1); + + /* Authenticated Key Management Suite List */ + pos = wpabuf_put(buf, RSN_SELECTOR_LEN); + if (sm->key_mgmt == WPA_KEY_MGMT_FT_FILS_SHA256) + RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FT_FILS_SHA256); + else if (sm->key_mgmt == WPA_KEY_MGMT_FT_FILS_SHA384) + RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FT_FILS_SHA384); + else { + wpa_printf(MSG_WARNING, + "FILS+FT: Invalid key management type (%d)", + sm->key_mgmt); + return -1; + } + + /* RSN Capabilities */ + capab = 0; +#ifdef CONFIG_IEEE80211W + if (sm->mgmt_group_cipher == WPA_CIPHER_AES_128_CMAC) + capab |= WPA_CAPABILITY_MFPC; +#endif /* CONFIG_IEEE80211W */ + wpabuf_put_le16(buf, capab); + + /* PMKID Count */ + wpabuf_put_le16(buf, 1); + + /* PMKID List [PMKR1Name] */ + wpa_hexdump_key(MSG_DEBUG, "FILS+FT: XXKey (FILS-FT)", + sm->fils_ft, sm->fils_ft_len); + wpa_hexdump_ascii(MSG_DEBUG, "FILS+FT: SSID", sm->ssid, sm->ssid_len); + wpa_hexdump(MSG_DEBUG, "FILS+FT: MDID", + sm->mobility_domain, MOBILITY_DOMAIN_ID_LEN); + wpa_hexdump_ascii(MSG_DEBUG, "FILS+FT: R0KH-ID", + sm->r0kh_id, sm->r0kh_id_len); + if (wpa_derive_pmk_r0(sm->fils_ft, sm->fils_ft_len, sm->ssid, + sm->ssid_len, sm->mobility_domain, + sm->r0kh_id, sm->r0kh_id_len, sm->own_addr, + sm->pmk_r0, sm->pmk_r0_name, use_sha384) < 0) { + wpa_printf(MSG_WARNING, "FILS+FT: Could not derive PMK-R0"); + return -1; + } + sm->pmk_r0_len = use_sha384 ? SHA384_MAC_LEN : PMK_LEN; + wpa_hexdump_key(MSG_DEBUG, "FILS+FT: PMK-R0", + sm->pmk_r0, sm->pmk_r0_len); + wpa_hexdump(MSG_DEBUG, "FILS+FT: PMKR0Name", + sm->pmk_r0_name, WPA_PMK_NAME_LEN); + wpa_printf(MSG_DEBUG, "FILS+FT: R1KH-ID: " MACSTR, + MAC2STR(sm->r1kh_id)); + pos = wpabuf_put(buf, WPA_PMK_NAME_LEN); + if (wpa_derive_pmk_r1_name(sm->pmk_r0_name, sm->r1kh_id, sm->own_addr, + pos, use_sha384) < 0) { + wpa_printf(MSG_WARNING, "FILS+FT: Could not derive PMKR1Name"); + return -1; + } + wpa_hexdump(MSG_DEBUG, "FILS+FT: PMKR1Name", pos, WPA_PMK_NAME_LEN); + +#ifdef CONFIG_IEEE80211W + if (sm->mgmt_group_cipher == WPA_CIPHER_AES_128_CMAC) { + /* Management Group Cipher Suite */ + pos = wpabuf_put(buf, RSN_SELECTOR_LEN); + RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_AES_128_CMAC); + } +#endif /* CONFIG_IEEE80211W */ + + rsnie->len = ((u8 *) wpabuf_put(buf, 0) - (u8 *) rsnie) - 2; + return 0; +} +#endif /* CONFIG_IEEE80211R */ + + +struct wpabuf * fils_build_assoc_req(struct wpa_sm *sm, const u8 **kek, + size_t *kek_len, const u8 **snonce, + const u8 **anonce, + const struct wpabuf **hlp, + unsigned int num_hlp) +{ + struct wpabuf *buf; + size_t len; + unsigned int i; + + len = 1000; +#ifdef CONFIG_IEEE80211R + if (sm->fils_ft_ies) + len += wpabuf_len(sm->fils_ft_ies); + if (wpa_key_mgmt_ft(sm->key_mgmt)) + len += 256; +#endif /* CONFIG_IEEE80211R */ + for (i = 0; hlp && i < num_hlp; i++) + len += 10 + wpabuf_len(hlp[i]); + buf = wpabuf_alloc(len); + if (!buf) + return NULL; + +#ifdef CONFIG_IEEE80211R + if (wpa_key_mgmt_ft(sm->key_mgmt) && sm->fils_ft_ies) { + /* MDE and FTE when using FILS+FT */ + wpabuf_put_buf(buf, sm->fils_ft_ies); + /* RSNE with PMKR1Name in PMKID field */ + if (fils_ft_build_assoc_req_rsne(sm, buf) < 0) { + wpabuf_free(buf); + return NULL; + } + } +#endif /* CONFIG_IEEE80211R */ + + /* FILS Session */ + wpabuf_put_u8(buf, WLAN_EID_EXTENSION); /* Element ID */ + wpabuf_put_u8(buf, 1 + FILS_SESSION_LEN); /* Length */ + /* Element ID Extension */ + wpabuf_put_u8(buf, WLAN_EID_EXT_FILS_SESSION); + wpabuf_put_data(buf, sm->fils_session, FILS_SESSION_LEN); + + /* Everything after FILS Session element gets encrypted in the driver + * with KEK. The buffer returned from here is the plaintext version. */ + + /* TODO: FILS Public Key */ + + /* FILS Key Confirm */ + wpabuf_put_u8(buf, WLAN_EID_EXTENSION); /* Element ID */ + wpabuf_put_u8(buf, 1 + sm->fils_key_auth_len); /* Length */ + /* Element ID Extension */ + wpabuf_put_u8(buf, WLAN_EID_EXT_FILS_KEY_CONFIRM); + wpabuf_put_data(buf, sm->fils_key_auth_sta, sm->fils_key_auth_len); + + /* FILS HLP Container */ + for (i = 0; hlp && i < num_hlp; i++) { + const u8 *pos = wpabuf_head(hlp[i]); + size_t left = wpabuf_len(hlp[i]); + + wpabuf_put_u8(buf, WLAN_EID_EXTENSION); /* Element ID */ + if (left <= 254) + len = 1 + left; + else + len = 255; + wpabuf_put_u8(buf, len); /* Length */ + /* Element ID Extension */ + wpabuf_put_u8(buf, WLAN_EID_EXT_FILS_HLP_CONTAINER); + /* Destination MAC Address, Source MAC Address, HLP Packet. + * HLP Packet is in MSDU format (i.e., included the LLC/SNAP + * header when LPD is used). */ + wpabuf_put_data(buf, pos, len - 1); + pos += len - 1; + left -= len - 1; + while (left) { + wpabuf_put_u8(buf, WLAN_EID_FRAGMENT); + len = left > 255 ? 255 : left; + wpabuf_put_u8(buf, len); + wpabuf_put_data(buf, pos, len); + pos += len; + left -= len; + } + } + + /* TODO: FILS IP Address Assignment */ + + wpa_hexdump_buf(MSG_DEBUG, "FILS: Association Request plaintext", buf); + + *kek = sm->ptk.kek; + *kek_len = sm->ptk.kek_len; + wpa_hexdump_key(MSG_DEBUG, "FILS: KEK for AEAD", *kek, *kek_len); + *snonce = sm->fils_nonce; + wpa_hexdump(MSG_DEBUG, "FILS: SNonce for AEAD AAD", + *snonce, FILS_NONCE_LEN); + *anonce = sm->fils_anonce; + wpa_hexdump(MSG_DEBUG, "FILS: ANonce for AEAD AAD", + *anonce, FILS_NONCE_LEN); + + return buf; +} + + +static void fils_process_hlp_resp(struct wpa_sm *sm, const u8 *resp, size_t len) +{ + const u8 *pos, *end; + + wpa_hexdump(MSG_MSGDUMP, "FILS: HLP response", resp, len); + if (len < 2 * ETH_ALEN) + return; + pos = resp + 2 * ETH_ALEN; + end = resp + len; + if (end - pos >= 6 && + os_memcmp(pos, "\xaa\xaa\x03\x00\x00\x00", 6) == 0) + pos += 6; /* Remove SNAP/LLC header */ + wpa_sm_fils_hlp_rx(sm, resp, resp + ETH_ALEN, pos, end - pos); +} + + +static void fils_process_hlp_container(struct wpa_sm *sm, const u8 *pos, + size_t len) +{ + const u8 *end = pos + len; + u8 *tmp, *tmp_pos; + + /* Check if there are any FILS HLP Container elements */ + while (end - pos >= 2) { + if (2 + pos[1] > end - pos) + return; + if (pos[0] == WLAN_EID_EXTENSION && + pos[1] >= 1 + 2 * ETH_ALEN && + pos[2] == WLAN_EID_EXT_FILS_HLP_CONTAINER) + break; + pos += 2 + pos[1]; + } + if (end - pos < 2) + return; /* No FILS HLP Container elements */ + + tmp = os_malloc(end - pos); + if (!tmp) + return; + + while (end - pos >= 2) { + if (2 + pos[1] > end - pos || + pos[0] != WLAN_EID_EXTENSION || + pos[1] < 1 + 2 * ETH_ALEN || + pos[2] != WLAN_EID_EXT_FILS_HLP_CONTAINER) + break; + tmp_pos = tmp; + os_memcpy(tmp_pos, pos + 3, pos[1] - 1); + tmp_pos += pos[1] - 1; + pos += 2 + pos[1]; + + /* Add possible fragments */ + while (end - pos >= 2 && pos[0] == WLAN_EID_FRAGMENT && + 2 + pos[1] <= end - pos) { + os_memcpy(tmp_pos, pos + 2, pos[1]); + tmp_pos += pos[1]; + pos += 2 + pos[1]; + } + + fils_process_hlp_resp(sm, tmp, tmp_pos - tmp); + } + + os_free(tmp); +} + + +int fils_process_assoc_resp(struct wpa_sm *sm, const u8 *resp, size_t len) +{ + const struct ieee80211_mgmt *mgmt; + const u8 *end, *ie_start; + struct ieee802_11_elems elems; + int keylen, rsclen; + enum wpa_alg alg; + struct wpa_gtk_data gd; + int maxkeylen; + struct wpa_eapol_ie_parse kde; + + if (!sm || !sm->ptk_set) { + wpa_printf(MSG_DEBUG, "FILS: No KEK available"); + return -1; + } + + if (!wpa_key_mgmt_fils(sm->key_mgmt)) { + wpa_printf(MSG_DEBUG, "FILS: Not a FILS AKM"); + return -1; + } + + if (sm->fils_completed) { + wpa_printf(MSG_DEBUG, + "FILS: Association has already been completed for this FILS authentication - ignore unexpected retransmission"); + return -1; + } + + wpa_hexdump(MSG_DEBUG, "FILS: (Re)Association Response frame", + resp, len); + + mgmt = (const struct ieee80211_mgmt *) resp; + if (len < IEEE80211_HDRLEN + sizeof(mgmt->u.assoc_resp)) + return -1; + + end = resp + len; + /* Same offset for Association Response and Reassociation Response */ + ie_start = mgmt->u.assoc_resp.variable; + + if (ieee802_11_parse_elems(ie_start, end - ie_start, &elems, 1) == + ParseFailed) { + wpa_printf(MSG_DEBUG, + "FILS: Failed to parse decrypted elements"); + goto fail; + } + + if (!elems.fils_session) { + wpa_printf(MSG_DEBUG, "FILS: No FILS Session element"); + return -1; + } + if (os_memcmp(elems.fils_session, sm->fils_session, + FILS_SESSION_LEN) != 0) { + wpa_printf(MSG_DEBUG, "FILS: FILS Session mismatch"); + wpa_hexdump(MSG_DEBUG, "FILS: Received FILS Session", + elems.fils_session, FILS_SESSION_LEN); + wpa_hexdump(MSG_DEBUG, "FILS: Expected FILS Session", + sm->fils_session, FILS_SESSION_LEN); + } + + /* TODO: FILS Public Key */ + + if (!elems.fils_key_confirm) { + wpa_printf(MSG_DEBUG, "FILS: No FILS Key Confirm element"); + goto fail; + } + if (elems.fils_key_confirm_len != sm->fils_key_auth_len) { + wpa_printf(MSG_DEBUG, + "FILS: Unexpected Key-Auth length %d (expected %d)", + elems.fils_key_confirm_len, + (int) sm->fils_key_auth_len); + goto fail; + } + if (os_memcmp(elems.fils_key_confirm, sm->fils_key_auth_ap, + sm->fils_key_auth_len) != 0) { + wpa_printf(MSG_DEBUG, "FILS: Key-Auth mismatch"); + wpa_hexdump(MSG_DEBUG, "FILS: Received Key-Auth", + elems.fils_key_confirm, + elems.fils_key_confirm_len); + wpa_hexdump(MSG_DEBUG, "FILS: Expected Key-Auth", + sm->fils_key_auth_ap, sm->fils_key_auth_len); + goto fail; + } + + /* Key Delivery */ + if (!elems.key_delivery) { + wpa_printf(MSG_DEBUG, "FILS: No Key Delivery element"); + goto fail; + } + + /* Parse GTK and set the key to the driver */ + os_memset(&gd, 0, sizeof(gd)); + if (wpa_supplicant_parse_ies(elems.key_delivery + WPA_KEY_RSC_LEN, + elems.key_delivery_len - WPA_KEY_RSC_LEN, + &kde) < 0) { + wpa_printf(MSG_DEBUG, "FILS: Failed to parse KDEs"); + goto fail; + } + if (!kde.gtk) { + wpa_printf(MSG_DEBUG, "FILS: No GTK KDE"); + goto fail; + } + maxkeylen = gd.gtk_len = kde.gtk_len - 2; + if (wpa_supplicant_check_group_cipher(sm, sm->group_cipher, + gd.gtk_len, maxkeylen, + &gd.key_rsc_len, &gd.alg)) + goto fail; + + wpa_hexdump_key(MSG_DEBUG, "FILS: Received GTK", kde.gtk, kde.gtk_len); + gd.keyidx = kde.gtk[0] & 0x3; + gd.tx = wpa_supplicant_gtk_tx_bit_workaround(sm, + !!(kde.gtk[0] & BIT(2))); + if (kde.gtk_len - 2 > sizeof(gd.gtk)) { + wpa_printf(MSG_DEBUG, "FILS: Too long GTK in GTK KDE (len=%lu)", + (unsigned long) kde.gtk_len - 2); + goto fail; + } + os_memcpy(gd.gtk, kde.gtk + 2, kde.gtk_len - 2); + + wpa_printf(MSG_DEBUG, "FILS: Set GTK to driver"); + if (wpa_supplicant_install_gtk(sm, &gd, elems.key_delivery, 0) < 0) { + wpa_printf(MSG_DEBUG, "FILS: Failed to set GTK"); + goto fail; + } + + if (ieee80211w_set_keys(sm, &kde) < 0) { + wpa_printf(MSG_DEBUG, "FILS: Failed to set IGTK"); + goto fail; + } + + alg = wpa_cipher_to_alg(sm->pairwise_cipher); + keylen = wpa_cipher_key_len(sm->pairwise_cipher); + if (keylen <= 0 || (unsigned int) keylen != sm->ptk.tk_len) { + wpa_printf(MSG_DEBUG, "FILS: TK length mismatch: %u != %lu", + keylen, (long unsigned int) sm->ptk.tk_len); + goto fail; + } + rsclen = wpa_cipher_rsc_len(sm->pairwise_cipher); + wpa_hexdump_key(MSG_DEBUG, "FILS: Set TK to driver", + sm->ptk.tk, keylen); + if (wpa_sm_set_key(sm, alg, sm->bssid, 0, 1, null_rsc, rsclen, + sm->ptk.tk, keylen) < 0) { + wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, + "FILS: Failed to set PTK to the driver (alg=%d keylen=%d bssid=" + MACSTR ")", + alg, keylen, MAC2STR(sm->bssid)); + goto fail; + } + + /* TODO: TK could be cleared after auth frame exchange now that driver + * takes care of association frame encryption/decryption. */ + /* TK is not needed anymore in supplicant */ + os_memset(sm->ptk.tk, 0, WPA_TK_MAX_LEN); + sm->ptk.tk_len = 0; + sm->ptk.installed = 1; + + /* FILS HLP Container */ + fils_process_hlp_container(sm, ie_start, end - ie_start); + + /* TODO: FILS IP Address Assignment */ + + wpa_printf(MSG_DEBUG, "FILS: Auth+Assoc completed successfully"); + sm->fils_completed = 1; + + return 0; +fail: + return -1; +} + + +void wpa_sm_set_reset_fils_completed(struct wpa_sm *sm, int set) +{ + if (sm) + sm->fils_completed = !!set; +} + +#endif /* CONFIG_FILS */ + + +int wpa_fils_is_completed(struct wpa_sm *sm) +{ +#ifdef CONFIG_FILS + return sm && sm->fils_completed; +#else /* CONFIG_FILS */ + return 0; +#endif /* CONFIG_FILS */ +} + + +#ifdef CONFIG_OWE + +struct wpabuf * owe_build_assoc_req(struct wpa_sm *sm, u16 group) +{ + struct wpabuf *ie = NULL, *pub = NULL; + size_t prime_len; + + if (group == 19) + prime_len = 32; + else if (group == 20) + prime_len = 48; + else if (group == 21) + prime_len = 66; + else + return NULL; + + crypto_ecdh_deinit(sm->owe_ecdh); + sm->owe_ecdh = crypto_ecdh_init(group); + if (!sm->owe_ecdh) + goto fail; + sm->owe_group = group; + pub = crypto_ecdh_get_pubkey(sm->owe_ecdh, 0); + pub = wpabuf_zeropad(pub, prime_len); + if (!pub) + goto fail; + + ie = wpabuf_alloc(5 + wpabuf_len(pub)); + if (!ie) + goto fail; + wpabuf_put_u8(ie, WLAN_EID_EXTENSION); + wpabuf_put_u8(ie, 1 + 2 + wpabuf_len(pub)); + wpabuf_put_u8(ie, WLAN_EID_EXT_OWE_DH_PARAM); + wpabuf_put_le16(ie, group); + wpabuf_put_buf(ie, pub); + wpabuf_free(pub); + wpa_hexdump_buf(MSG_DEBUG, "OWE: Diffie-Hellman Parameter element", + ie); + + return ie; +fail: + wpabuf_free(pub); + crypto_ecdh_deinit(sm->owe_ecdh); + sm->owe_ecdh = NULL; + return NULL; +} + + +int owe_process_assoc_resp(struct wpa_sm *sm, const u8 *bssid, + const u8 *resp_ies, size_t resp_ies_len) +{ + struct ieee802_11_elems elems; + u16 group; + struct wpabuf *secret, *pub, *hkey; + int res; + u8 prk[SHA512_MAC_LEN], pmkid[SHA512_MAC_LEN]; + const char *info = "OWE Key Generation"; + const u8 *addr[2]; + size_t len[2]; + size_t hash_len, prime_len; + struct wpa_ie_data data; + + if (!resp_ies || + ieee802_11_parse_elems(resp_ies, resp_ies_len, &elems, 1) == + ParseFailed) { + wpa_printf(MSG_INFO, + "OWE: Could not parse Association Response frame elements"); + return -1; + } + + if (sm->cur_pmksa && elems.rsn_ie && + wpa_parse_wpa_ie_rsn(elems.rsn_ie - 2, 2 + elems.rsn_ie_len, + &data) == 0 && + data.num_pmkid == 1 && data.pmkid && + os_memcmp(sm->cur_pmksa->pmkid, data.pmkid, PMKID_LEN) == 0) { + wpa_printf(MSG_DEBUG, "OWE: Use PMKSA caching"); + wpa_sm_set_pmk_from_pmksa(sm); + return 0; + } + + if (!elems.owe_dh) { + wpa_printf(MSG_INFO, + "OWE: No Diffie-Hellman Parameter element found in Association Response frame"); + return -1; + } + + group = WPA_GET_LE16(elems.owe_dh); + if (group != sm->owe_group) { + wpa_printf(MSG_INFO, + "OWE: Unexpected Diffie-Hellman group in response: %u", + group); + return -1; + } + + if (!sm->owe_ecdh) { + wpa_printf(MSG_INFO, "OWE: No ECDH state available"); + return -1; + } + + if (group == 19) + prime_len = 32; + else if (group == 20) + prime_len = 48; + else if (group == 21) + prime_len = 66; + else + return -1; + + secret = crypto_ecdh_set_peerkey(sm->owe_ecdh, 0, + elems.owe_dh + 2, + elems.owe_dh_len - 2); + secret = wpabuf_zeropad(secret, prime_len); + if (!secret) { + wpa_printf(MSG_DEBUG, "OWE: Invalid peer DH public key"); + return -1; + } + wpa_hexdump_buf_key(MSG_DEBUG, "OWE: DH shared secret", secret); + + /* prk = HKDF-extract(C | A | group, z) */ + + pub = crypto_ecdh_get_pubkey(sm->owe_ecdh, 0); + if (!pub) { + wpabuf_clear_free(secret); + return -1; + } + + /* PMKID = Truncate-128(Hash(C | A)) */ + addr[0] = wpabuf_head(pub); + len[0] = wpabuf_len(pub); + addr[1] = elems.owe_dh + 2; + len[1] = elems.owe_dh_len - 2; + if (group == 19) { + res = sha256_vector(2, addr, len, pmkid); + hash_len = SHA256_MAC_LEN; + } else if (group == 20) { + res = sha384_vector(2, addr, len, pmkid); + hash_len = SHA384_MAC_LEN; + } else if (group == 21) { + res = sha512_vector(2, addr, len, pmkid); + hash_len = SHA512_MAC_LEN; + } else { + res = -1; + hash_len = 0; + } + pub = wpabuf_zeropad(pub, prime_len); + if (res < 0 || !pub) { + wpabuf_free(pub); + wpabuf_clear_free(secret); + return -1; + } + + hkey = wpabuf_alloc(wpabuf_len(pub) + elems.owe_dh_len - 2 + 2); + if (!hkey) { + wpabuf_free(pub); + wpabuf_clear_free(secret); + return -1; + } + + wpabuf_put_buf(hkey, pub); /* C */ + wpabuf_free(pub); + wpabuf_put_data(hkey, elems.owe_dh + 2, elems.owe_dh_len - 2); /* A */ + wpabuf_put_le16(hkey, sm->owe_group); /* group */ + if (group == 19) + res = hmac_sha256(wpabuf_head(hkey), wpabuf_len(hkey), + wpabuf_head(secret), wpabuf_len(secret), prk); + else if (group == 20) + res = hmac_sha384(wpabuf_head(hkey), wpabuf_len(hkey), + wpabuf_head(secret), wpabuf_len(secret), prk); + else if (group == 21) + res = hmac_sha512(wpabuf_head(hkey), wpabuf_len(hkey), + wpabuf_head(secret), wpabuf_len(secret), prk); + wpabuf_clear_free(hkey); + wpabuf_clear_free(secret); + if (res < 0) + return -1; + + wpa_hexdump_key(MSG_DEBUG, "OWE: prk", prk, hash_len); + + /* PMK = HKDF-expand(prk, "OWE Key Generation", n) */ + + if (group == 19) + res = hmac_sha256_kdf(prk, hash_len, NULL, (const u8 *) info, + os_strlen(info), sm->pmk, hash_len); + else if (group == 20) + res = hmac_sha384_kdf(prk, hash_len, NULL, (const u8 *) info, + os_strlen(info), sm->pmk, hash_len); + else if (group == 21) + res = hmac_sha512_kdf(prk, hash_len, NULL, (const u8 *) info, + os_strlen(info), sm->pmk, hash_len); + os_memset(prk, 0, SHA512_MAC_LEN); + if (res < 0) { + sm->pmk_len = 0; + return -1; + } + sm->pmk_len = hash_len; + + wpa_hexdump_key(MSG_DEBUG, "OWE: PMK", sm->pmk, sm->pmk_len); + wpa_hexdump(MSG_DEBUG, "OWE: PMKID", pmkid, PMKID_LEN); + pmksa_cache_add(sm->pmksa, sm->pmk, sm->pmk_len, pmkid, NULL, 0, + bssid, sm->own_addr, sm->network_ctx, sm->key_mgmt, + NULL); + + return 0; +} + +#endif /* CONFIG_OWE */ + + +void wpa_sm_set_fils_cache_id(struct wpa_sm *sm, const u8 *fils_cache_id) +{ +#ifdef CONFIG_FILS + if (sm && fils_cache_id) { + sm->fils_cache_id_set = 1; + os_memcpy(sm->fils_cache_id, fils_cache_id, FILS_CACHE_ID_LEN); + } +#endif /* CONFIG_FILS */ +} diff --git a/contrib/wpa/src/rsn_supp/wpa.h b/contrib/wpa/src/rsn_supp/wpa.h index 0b7477f31bc7..21f4b17815e9 100644 --- a/contrib/wpa/src/rsn_supp/wpa.h +++ b/contrib/wpa/src/rsn_supp/wpa.h @@ -25,7 +25,7 @@ struct wpa_sm_ctx { void (*set_state)(void *ctx, enum wpa_states state); enum wpa_states (*get_state)(void *ctx); - void (*deauthenticate)(void * ctx, int reason_code); + void (*deauthenticate)(void * ctx, int reason_code); int (*set_key)(void *ctx, enum wpa_alg alg, const u8 *addr, int key_idx, int set_tx, const u8 *seq, size_t seq_len, @@ -38,8 +38,11 @@ struct wpa_sm_ctx { void (*cancel_auth_timeout)(void *ctx); u8 * (*alloc_eapol)(void *ctx, u8 type, const void *data, u16 data_len, size_t *msg_len, void **data_pos); - int (*add_pmkid)(void *ctx, const u8 *bssid, const u8 *pmkid); - int (*remove_pmkid)(void *ctx, const u8 *bssid, const u8 *pmkid); + int (*add_pmkid)(void *ctx, void *network_ctx, const u8 *bssid, + const u8 *pmkid, const u8 *fils_cache_id, + const u8 *pmk, size_t pmk_len); + int (*remove_pmkid)(void *ctx, void *network_ctx, const u8 *bssid, + const u8 *pmkid, const u8 *fils_cache_id); void (*set_config_blob)(void *ctx, struct wpa_config_blob *blob); const struct wpa_config_blob * (*get_config_blob)(void *ctx, const char *name); @@ -77,6 +80,8 @@ struct wpa_sm_ctx { const u8 *kck, size_t kck_len, const u8 *replay_ctr); int (*key_mgmt_set_pmk)(void *ctx, const u8 *pmk, size_t pmk_len); + void (*fils_hlp_rx)(void *ctx, const u8 *dst, const u8 *src, + const u8 *pkt, size_t pkt_len); }; @@ -95,7 +100,6 @@ enum wpa_sm_conf_params { struct rsn_supp_config { void *network_ctx; - int peerkey_enabled; int allowed_pairwise_cipher; /* bitfield of WPA_CIPHER_* */ int proactive_key_caching; int eap_workaround; @@ -105,6 +109,7 @@ struct rsn_supp_config { int wpa_ptk_rekey; int p2p; int wpa_rsc_relaxation; + const u8 *fils_cache_id; }; #ifndef CONFIG_NO_WPA @@ -147,6 +152,15 @@ int wpa_sm_rx_eapol(struct wpa_sm *sm, const u8 *src_addr, const u8 *buf, size_t len); int wpa_sm_parse_own_wpa_ie(struct wpa_sm *sm, struct wpa_ie_data *data); int wpa_sm_pmksa_cache_list(struct wpa_sm *sm, char *buf, size_t len); +struct rsn_pmksa_cache_entry * wpa_sm_pmksa_cache_head(struct wpa_sm *sm); +struct rsn_pmksa_cache_entry * +wpa_sm_pmksa_cache_add_entry(struct wpa_sm *sm, + struct rsn_pmksa_cache_entry * entry); +void wpa_sm_pmksa_cache_add(struct wpa_sm *sm, const u8 *pmk, size_t pmk_len, + const u8 *pmkid, const u8 *bssid, + const u8 *fils_cache_id); +int wpa_sm_pmksa_exists(struct wpa_sm *sm, const u8 *bssid, + const void *network_ctx); void wpa_sm_drop_sa(struct wpa_sm *sm); int wpa_sm_has_ptk(struct wpa_sm *sm); @@ -160,6 +174,7 @@ void wpa_sm_set_rx_replay_ctr(struct wpa_sm *sm, const u8 *rx_replay_counter); void wpa_sm_set_ptk_kck_kek(struct wpa_sm *sm, const u8 *ptk_kck, size_t ptk_kck_len, const u8 *ptk_kek, size_t ptk_kek_len); +int wpa_fils_is_completed(struct wpa_sm *sm); #else /* CONFIG_NO_WPA */ @@ -327,29 +342,20 @@ static inline void wpa_sm_set_ptk_kck_kek(struct wpa_sm *sm, const u8 *ptk_kck, { } -#endif /* CONFIG_NO_WPA */ - -#ifdef CONFIG_PEERKEY -int wpa_sm_stkstart(struct wpa_sm *sm, const u8 *peer); -int wpa_sm_rx_eapol_peerkey(struct wpa_sm *sm, const u8 *src_addr, - const u8 *buf, size_t len); -#else /* CONFIG_PEERKEY */ -static inline int wpa_sm_stkstart(struct wpa_sm *sm, const u8 *peer) -{ - return -1; -} - -static inline int wpa_sm_rx_eapol_peerkey(struct wpa_sm *sm, const u8 *src_addr, - const u8 *buf, size_t len) +static inline int wpa_fils_is_completed(struct wpa_sm *sm) { return 0; } -#endif /* CONFIG_PEERKEY */ + +#endif /* CONFIG_NO_WPA */ #ifdef CONFIG_IEEE80211R int wpa_sm_set_ft_params(struct wpa_sm *sm, const u8 *ies, size_t ies_len); int wpa_ft_prepare_auth_request(struct wpa_sm *sm, const u8 *mdie); +int wpa_ft_add_mdie(struct wpa_sm *sm, u8 *ies, size_t ies_len, + const u8 *mdie); +const u8 * wpa_sm_get_ft_md(struct wpa_sm *sm); int wpa_ft_process_response(struct wpa_sm *sm, const u8 *ies, size_t ies_len, int ft_action, const u8 *target_ap, const u8 *ric_ies, size_t ric_ies_len); @@ -374,6 +380,12 @@ static inline int wpa_ft_prepare_auth_request(struct wpa_sm *sm, return 0; } +static inline int wpa_ft_add_mdie(struct wpa_sm *sm, u8 *ies, size_t ies_len, + const u8 *mdie) +{ + return 0; +} + static inline int wpa_ft_process_response(struct wpa_sm *sm, const u8 *ies, size_t ies_len, int ft_action, const u8 *target_ap) @@ -425,5 +437,24 @@ extern unsigned int tdls_testing; int wpa_wnmsleep_install_key(struct wpa_sm *sm, u8 subelem_id, u8 *buf); void wpa_sm_set_test_assoc_ie(struct wpa_sm *sm, struct wpabuf *buf); +const u8 * wpa_sm_get_anonce(struct wpa_sm *sm); +unsigned int wpa_sm_get_key_mgmt(struct wpa_sm *sm); + +struct wpabuf * fils_build_auth(struct wpa_sm *sm, int dh_group, const u8 *md); +int fils_process_auth(struct wpa_sm *sm, const u8 *bssid, const u8 *data, + size_t len); +struct wpabuf * fils_build_assoc_req(struct wpa_sm *sm, const u8 **kek, + size_t *kek_len, const u8 **snonce, + const u8 **anonce, + const struct wpabuf **hlp, + unsigned int num_hlp); +int fils_process_assoc_resp(struct wpa_sm *sm, const u8 *resp, size_t len); + +struct wpabuf * owe_build_assoc_req(struct wpa_sm *sm, u16 group); +int owe_process_assoc_resp(struct wpa_sm *sm, const u8 *bssid, + const u8 *resp_ies, size_t resp_ies_len); + +void wpa_sm_set_reset_fils_completed(struct wpa_sm *sm, int set); +void wpa_sm_set_fils_cache_id(struct wpa_sm *sm, const u8 *fils_cache_id); #endif /* WPA_H */ diff --git a/contrib/wpa/src/rsn_supp/wpa_ft.c b/contrib/wpa/src/rsn_supp/wpa_ft.c index d45bb4585e50..b8d60e3208d0 100644 --- a/contrib/wpa/src/rsn_supp/wpa_ft.c +++ b/contrib/wpa/src/rsn_supp/wpa_ft.c @@ -1,6 +1,6 @@ /* * WPA Supplicant - IEEE 802.11r - Fast BSS Transition - * Copyright (c) 2006-2015, Jouni Malinen <j@w1.fi> + * Copyright (c) 2006-2018, Jouni Malinen <j@w1.fi> * * This software may be distributed under the terms of the BSD license. * See README for more details. @@ -10,6 +10,7 @@ #include "common.h" #include "crypto/aes_wrap.h" +#include "crypto/sha384.h" #include "crypto/random.h" #include "common/ieee802_11_defs.h" #include "common/ieee802_11_common.h" @@ -23,6 +24,7 @@ int wpa_derive_ptk_ft(struct wpa_sm *sm, const unsigned char *src_addr, { u8 ptk_name[WPA_PMK_NAME_LEN]; const u8 *anonce = key->key_nonce; + int use_sha384 = wpa_key_mgmt_sha384(sm->key_mgmt); if (sm->xxkey_len == 0) { wpa_printf(MSG_DEBUG, "FT: XXKey not available for key " @@ -30,21 +32,26 @@ int wpa_derive_ptk_ft(struct wpa_sm *sm, const unsigned char *src_addr, return -1; } - wpa_derive_pmk_r0(sm->xxkey, sm->xxkey_len, sm->ssid, - sm->ssid_len, sm->mobility_domain, - sm->r0kh_id, sm->r0kh_id_len, sm->own_addr, - sm->pmk_r0, sm->pmk_r0_name); - wpa_hexdump_key(MSG_DEBUG, "FT: PMK-R0", sm->pmk_r0, PMK_LEN); + sm->pmk_r0_len = use_sha384 ? SHA384_MAC_LEN : PMK_LEN; + if (wpa_derive_pmk_r0(sm->xxkey, sm->xxkey_len, sm->ssid, + sm->ssid_len, sm->mobility_domain, + sm->r0kh_id, sm->r0kh_id_len, sm->own_addr, + sm->pmk_r0, sm->pmk_r0_name, use_sha384) < 0) + return -1; + wpa_hexdump_key(MSG_DEBUG, "FT: PMK-R0", sm->pmk_r0, sm->pmk_r0_len); wpa_hexdump(MSG_DEBUG, "FT: PMKR0Name", sm->pmk_r0_name, WPA_PMK_NAME_LEN); - wpa_derive_pmk_r1(sm->pmk_r0, sm->pmk_r0_name, sm->r1kh_id, - sm->own_addr, sm->pmk_r1, sm->pmk_r1_name); - wpa_hexdump_key(MSG_DEBUG, "FT: PMK-R1", sm->pmk_r1, PMK_LEN); + sm->pmk_r1_len = sm->pmk_r0_len; + if (wpa_derive_pmk_r1(sm->pmk_r0, sm->pmk_r0_len, sm->pmk_r0_name, + sm->r1kh_id, sm->own_addr, sm->pmk_r1, + sm->pmk_r1_name) < 0) + return -1; + wpa_hexdump_key(MSG_DEBUG, "FT: PMK-R1", sm->pmk_r1, sm->pmk_r1_len); wpa_hexdump(MSG_DEBUG, "FT: PMKR1Name", sm->pmk_r1_name, WPA_PMK_NAME_LEN); - return wpa_pmk_r1_to_ptk(sm->pmk_r1, sm->snonce, anonce, sm->own_addr, - sm->bssid, sm->pmk_r1_name, ptk, ptk_name, - sm->key_mgmt, sm->pairwise_cipher); + return wpa_pmk_r1_to_ptk(sm->pmk_r1, sm->pmk_r1_len, sm->snonce, anonce, + sm->own_addr, sm->bssid, sm->pmk_r1_name, ptk, + ptk_name, sm->key_mgmt, sm->pairwise_cipher); } @@ -58,11 +65,13 @@ int wpa_derive_ptk_ft(struct wpa_sm *sm, const unsigned char *src_addr, int wpa_sm_set_ft_params(struct wpa_sm *sm, const u8 *ies, size_t ies_len) { struct wpa_ft_ies ft; + int use_sha384; if (sm == NULL) return 0; - if (wpa_ft_parse_ies(ies, ies_len, &ft) < 0) + use_sha384 = wpa_key_mgmt_sha384(sm->key_mgmt); + if (wpa_ft_parse_ies(ies, ies_len, &ft, use_sha384) < 0) return -1; if (ft.mdie && ft.mdie_len < MOBILITY_DOMAIN_ID_LEN + 1) @@ -146,16 +155,17 @@ static u8 * wpa_ft_gen_req_ies(struct wpa_sm *sm, size_t *len, const u8 *ap_mdie) { size_t buf_len; - u8 *buf, *pos, *ftie_len, *ftie_pos; + u8 *buf, *pos, *ftie_len, *ftie_pos, *fte_mic, *elem_count; struct rsn_mdie *mdie; - struct rsn_ftie *ftie; struct rsn_ie_hdr *rsnie; u16 capab; + int mdie_len; sm->ft_completed = 0; sm->ft_reassoc_completed = 0; - buf_len = 2 + sizeof(struct rsn_mdie) + 2 + sizeof(struct rsn_ftie) + + buf_len = 2 + sizeof(struct rsn_mdie) + 2 + + sizeof(struct rsn_ftie_sha384) + 2 + sm->r0kh_id_len + ric_ies_len + 100; buf = os_zalloc(buf_len); if (buf == NULL) @@ -201,10 +211,20 @@ static u8 * wpa_ft_gen_req_ies(struct wpa_sm *sm, size_t *len, /* Authenticated Key Management Suite List */ if (sm->key_mgmt == WPA_KEY_MGMT_FT_IEEE8021X) RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FT_802_1X); +#ifdef CONFIG_SHA384 + else if (sm->key_mgmt == WPA_KEY_MGMT_FT_IEEE8021X_SHA384) + RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FT_802_1X_SHA384); +#endif /* CONFIG_SHA384 */ else if (sm->key_mgmt == WPA_KEY_MGMT_FT_PSK) RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FT_PSK); else if (sm->key_mgmt == WPA_KEY_MGMT_FT_SAE) RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FT_SAE); +#ifdef CONFIG_FILS + else if (sm->key_mgmt == WPA_KEY_MGMT_FT_FILS_SHA256) + RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FT_FILS_SHA256); + else if (sm->key_mgmt == WPA_KEY_MGMT_FT_FILS_SHA384) + RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FT_FILS_SHA384); +#endif /* CONFIG_FILS */ else { wpa_printf(MSG_WARNING, "FT: Invalid key management type (%d)", sm->key_mgmt); @@ -216,7 +236,10 @@ static u8 * wpa_ft_gen_req_ies(struct wpa_sm *sm, size_t *len, /* RSN Capabilities */ capab = 0; #ifdef CONFIG_IEEE80211W - if (sm->mgmt_group_cipher == WPA_CIPHER_AES_128_CMAC) + if (sm->mgmt_group_cipher == WPA_CIPHER_AES_128_CMAC || + sm->mgmt_group_cipher == WPA_CIPHER_BIP_GMAC_128 || + sm->mgmt_group_cipher == WPA_CIPHER_BIP_GMAC_256 || + sm->mgmt_group_cipher == WPA_CIPHER_BIP_CMAC_256) capab |= WPA_CAPABILITY_MFPC; #endif /* CONFIG_IEEE80211W */ WPA_PUT_LE16(pos, capab); @@ -231,34 +254,63 @@ static u8 * wpa_ft_gen_req_ies(struct wpa_sm *sm, size_t *len, pos += WPA_PMK_NAME_LEN; #ifdef CONFIG_IEEE80211W - if (sm->mgmt_group_cipher == WPA_CIPHER_AES_128_CMAC) { - /* Management Group Cipher Suite */ + /* Management Group Cipher Suite */ + switch (sm->mgmt_group_cipher) { + case WPA_CIPHER_AES_128_CMAC: RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_AES_128_CMAC); pos += RSN_SELECTOR_LEN; + break; + case WPA_CIPHER_BIP_GMAC_128: + RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_BIP_GMAC_128); + pos += RSN_SELECTOR_LEN; + break; + case WPA_CIPHER_BIP_GMAC_256: + RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_BIP_GMAC_256); + pos += RSN_SELECTOR_LEN; + break; + case WPA_CIPHER_BIP_CMAC_256: + RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_BIP_CMAC_256); + pos += RSN_SELECTOR_LEN; + break; } #endif /* CONFIG_IEEE80211W */ rsnie->len = (pos - (u8 *) rsnie) - 2; /* MDIE */ - *pos++ = WLAN_EID_MOBILITY_DOMAIN; - *pos++ = sizeof(*mdie); - mdie = (struct rsn_mdie *) pos; - pos += sizeof(*mdie); - os_memcpy(mdie->mobility_domain, sm->mobility_domain, - MOBILITY_DOMAIN_ID_LEN); - mdie->ft_capab = ap_mdie && ap_mdie[1] >= 3 ? ap_mdie[4] : - sm->mdie_ft_capab; + mdie_len = wpa_ft_add_mdie(sm, pos, buf_len - (pos - buf), ap_mdie); + if (mdie_len <= 0) { + os_free(buf); + return NULL; + } + mdie = (struct rsn_mdie *) (pos + 2); + pos += mdie_len; /* FTIE[SNonce, [R1KH-ID,] R0KH-ID ] */ ftie_pos = pos; *pos++ = WLAN_EID_FAST_BSS_TRANSITION; ftie_len = pos++; - ftie = (struct rsn_ftie *) pos; - pos += sizeof(*ftie); - os_memcpy(ftie->snonce, sm->snonce, WPA_NONCE_LEN); - if (anonce) - os_memcpy(ftie->anonce, anonce, WPA_NONCE_LEN); + if (wpa_key_mgmt_sha384(sm->key_mgmt)) { + struct rsn_ftie_sha384 *ftie; + + ftie = (struct rsn_ftie_sha384 *) pos; + fte_mic = ftie->mic; + elem_count = &ftie->mic_control[1]; + pos += sizeof(*ftie); + os_memcpy(ftie->snonce, sm->snonce, WPA_NONCE_LEN); + if (anonce) + os_memcpy(ftie->anonce, anonce, WPA_NONCE_LEN); + } else { + struct rsn_ftie *ftie; + + ftie = (struct rsn_ftie *) pos; + fte_mic = ftie->mic; + elem_count = &ftie->mic_control[1]; + pos += sizeof(*ftie); + os_memcpy(ftie->snonce, sm->snonce, WPA_NONCE_LEN); + if (anonce) + os_memcpy(ftie->anonce, anonce, WPA_NONCE_LEN); + } if (kck) { /* R1KH-ID sub-element in third FT message */ *pos++ = FTIE_SUBELEM_R1KH_ID; @@ -292,13 +344,12 @@ static u8 * wpa_ft_gen_req_ies(struct wpa_sm *sm, size_t *len, * RIC-Request (if present) */ /* Information element count */ - ftie->mic_control[1] = 3 + ieee802_11_ie_count(ric_ies, - ric_ies_len); + *elem_count = 3 + ieee802_11_ie_count(ric_ies, ric_ies_len); if (wpa_ft_mic(kck, kck_len, sm->own_addr, target_ap, 5, ((u8 *) mdie) - 2, 2 + sizeof(*mdie), ftie_pos, 2 + *ftie_len, (u8 *) rsnie, 2 + rsnie->len, ric_ies, - ric_ies_len, ftie->mic) < 0) { + ric_ies_len, fte_mic) < 0) { wpa_printf(MSG_INFO, "FT: Failed to calculate MIC"); os_free(buf); return NULL; @@ -367,6 +418,37 @@ int wpa_ft_prepare_auth_request(struct wpa_sm *sm, const u8 *mdie) } +int wpa_ft_add_mdie(struct wpa_sm *sm, u8 *buf, size_t buf_len, + const u8 *ap_mdie) +{ + u8 *pos = buf; + struct rsn_mdie *mdie; + + if (buf_len < 2 + sizeof(*mdie)) { + wpa_printf(MSG_INFO, + "FT: Failed to add MDIE: short buffer, length=%zu", + buf_len); + return 0; + } + + *pos++ = WLAN_EID_MOBILITY_DOMAIN; + *pos++ = sizeof(*mdie); + mdie = (struct rsn_mdie *) pos; + os_memcpy(mdie->mobility_domain, sm->mobility_domain, + MOBILITY_DOMAIN_ID_LEN); + mdie->ft_capab = ap_mdie && ap_mdie[1] >= 3 ? ap_mdie[4] : + sm->mdie_ft_capab; + + return 2 + sizeof(*mdie); +} + + +const u8 * wpa_sm_get_ft_md(struct wpa_sm *sm) +{ + return sm->mobility_domain; +} + + int wpa_ft_process_response(struct wpa_sm *sm, const u8 *ies, size_t ies_len, int ft_action, const u8 *target_ap, const u8 *ric_ies, size_t ric_ies_len) @@ -375,10 +457,13 @@ int wpa_ft_process_response(struct wpa_sm *sm, const u8 *ies, size_t ies_len, size_t ft_ies_len; struct wpa_ft_ies parse; struct rsn_mdie *mdie; - struct rsn_ftie *ftie; u8 ptk_name[WPA_PMK_NAME_LEN]; int ret; const u8 *bssid; + const u8 *kck; + size_t kck_len; + int use_sha384 = wpa_key_mgmt_sha384(sm->key_mgmt); + const u8 *anonce, *snonce; wpa_hexdump(MSG_DEBUG, "FT: Response IEs", ies, ies_len); wpa_hexdump(MSG_DEBUG, "FT: RIC IEs", ric_ies, ric_ies_len); @@ -404,7 +489,7 @@ int wpa_ft_process_response(struct wpa_sm *sm, const u8 *ies, size_t ies_len, return -1; } - if (wpa_ft_parse_ies(ies, ies_len, &parse) < 0) { + if (wpa_ft_parse_ies(ies, ies_len, &parse, use_sha384) < 0) { wpa_printf(MSG_DEBUG, "FT: Failed to parse IEs"); return -1; } @@ -417,16 +502,34 @@ int wpa_ft_process_response(struct wpa_sm *sm, const u8 *ies, size_t ies_len, return -1; } - ftie = (struct rsn_ftie *) parse.ftie; - if (ftie == NULL || parse.ftie_len < sizeof(*ftie)) { - wpa_printf(MSG_DEBUG, "FT: Invalid FTIE"); - return -1; + if (use_sha384) { + struct rsn_ftie_sha384 *ftie; + + ftie = (struct rsn_ftie_sha384 *) parse.ftie; + if (!ftie || parse.ftie_len < sizeof(*ftie)) { + wpa_printf(MSG_DEBUG, "FT: Invalid FTIE"); + return -1; + } + + anonce = ftie->anonce; + snonce = ftie->snonce; + } else { + struct rsn_ftie *ftie; + + ftie = (struct rsn_ftie *) parse.ftie; + if (!ftie || parse.ftie_len < sizeof(*ftie)) { + wpa_printf(MSG_DEBUG, "FT: Invalid FTIE"); + return -1; + } + + anonce = ftie->anonce; + snonce = ftie->snonce; } - if (os_memcmp(ftie->snonce, sm->snonce, WPA_NONCE_LEN) != 0) { + if (os_memcmp(snonce, sm->snonce, WPA_NONCE_LEN) != 0) { wpa_printf(MSG_DEBUG, "FT: SNonce mismatch in FTIE"); wpa_hexdump(MSG_DEBUG, "FT: Received SNonce", - ftie->snonce, WPA_NONCE_LEN); + snonce, WPA_NONCE_LEN); wpa_hexdump(MSG_DEBUG, "FT: Expected SNonce", sm->snonce, WPA_NONCE_LEN); return -1; @@ -465,23 +568,34 @@ int wpa_ft_process_response(struct wpa_sm *sm, const u8 *ies, size_t ies_len, os_memcpy(sm->r1kh_id, parse.r1kh_id, FT_R1KH_ID_LEN); wpa_hexdump(MSG_DEBUG, "FT: R1KH-ID", sm->r1kh_id, FT_R1KH_ID_LEN); wpa_hexdump(MSG_DEBUG, "FT: SNonce", sm->snonce, WPA_NONCE_LEN); - wpa_hexdump(MSG_DEBUG, "FT: ANonce", ftie->anonce, WPA_NONCE_LEN); - os_memcpy(sm->anonce, ftie->anonce, WPA_NONCE_LEN); - wpa_derive_pmk_r1(sm->pmk_r0, sm->pmk_r0_name, sm->r1kh_id, - sm->own_addr, sm->pmk_r1, sm->pmk_r1_name); - wpa_hexdump_key(MSG_DEBUG, "FT: PMK-R1", sm->pmk_r1, PMK_LEN); + wpa_hexdump(MSG_DEBUG, "FT: ANonce", anonce, WPA_NONCE_LEN); + os_memcpy(sm->anonce, anonce, WPA_NONCE_LEN); + if (wpa_derive_pmk_r1(sm->pmk_r0, sm->pmk_r0_len, sm->pmk_r0_name, + sm->r1kh_id, sm->own_addr, sm->pmk_r1, + sm->pmk_r1_name) < 0) + return -1; + sm->pmk_r1_len = sm->pmk_r0_len; + wpa_hexdump_key(MSG_DEBUG, "FT: PMK-R1", sm->pmk_r1, sm->pmk_r1_len); wpa_hexdump(MSG_DEBUG, "FT: PMKR1Name", sm->pmk_r1_name, WPA_PMK_NAME_LEN); bssid = target_ap; - if (wpa_pmk_r1_to_ptk(sm->pmk_r1, sm->snonce, ftie->anonce, - sm->own_addr, bssid, sm->pmk_r1_name, &sm->ptk, - ptk_name, sm->key_mgmt, sm->pairwise_cipher) < 0) + if (wpa_pmk_r1_to_ptk(sm->pmk_r1, sm->pmk_r1_len, sm->snonce, + anonce, sm->own_addr, bssid, + sm->pmk_r1_name, &sm->ptk, ptk_name, sm->key_mgmt, + sm->pairwise_cipher) < 0) return -1; - ft_ies = wpa_ft_gen_req_ies(sm, &ft_ies_len, ftie->anonce, + if (wpa_key_mgmt_fils(sm->key_mgmt)) { + kck = sm->ptk.kck2; + kck_len = sm->ptk.kck2_len; + } else { + kck = sm->ptk.kck; + kck_len = sm->ptk.kck_len; + } + ft_ies = wpa_ft_gen_req_ies(sm, &ft_ies_len, anonce, sm->pmk_r1_name, - sm->ptk.kck, sm->ptk.kck_len, bssid, + kck, kck_len, bssid, ric_ies, ric_ies_len, parse.mdie ? parse.mdie - 2 : NULL); if (ft_ies) { @@ -544,6 +658,16 @@ static int wpa_ft_process_gtk_subelem(struct wpa_sm *sm, const u8 *gtk_elem, int keyidx; enum wpa_alg alg; size_t gtk_len, keylen, rsc_len; + const u8 *kek; + size_t kek_len; + + if (wpa_key_mgmt_fils(sm->key_mgmt)) { + kek = sm->ptk.kek2; + kek_len = sm->ptk.kek2_len; + } else { + kek = sm->ptk.kek; + kek_len = sm->ptk.kek_len; + } if (gtk_elem == NULL) { wpa_printf(MSG_DEBUG, "FT: No GTK included in FTIE"); @@ -560,8 +684,7 @@ static int wpa_ft_process_gtk_subelem(struct wpa_sm *sm, const u8 *gtk_elem, return -1; } gtk_len = gtk_elem_len - 19; - if (aes_unwrap(sm->ptk.kek, sm->ptk.kek_len, gtk_len / 8, gtk_elem + 11, - gtk)) { + if (aes_unwrap(kek, kek_len, gtk_len / 8, gtk_elem + 11, gtk)) { wpa_printf(MSG_WARNING, "FT: AES unwrap failed - could not " "decrypt GTK"); return -1; @@ -615,10 +738,24 @@ static int wpa_ft_process_gtk_subelem(struct wpa_sm *sm, const u8 *gtk_elem, static int wpa_ft_process_igtk_subelem(struct wpa_sm *sm, const u8 *igtk_elem, size_t igtk_elem_len) { - u8 igtk[WPA_IGTK_LEN]; + u8 igtk[WPA_IGTK_MAX_LEN]; + size_t igtk_len; u16 keyidx; + const u8 *kek; + size_t kek_len; - if (sm->mgmt_group_cipher != WPA_CIPHER_AES_128_CMAC) + if (wpa_key_mgmt_fils(sm->key_mgmt)) { + kek = sm->ptk.kek2; + kek_len = sm->ptk.kek2_len; + } else { + kek = sm->ptk.kek; + kek_len = sm->ptk.kek_len; + } + + if (sm->mgmt_group_cipher != WPA_CIPHER_AES_128_CMAC && + sm->mgmt_group_cipher != WPA_CIPHER_BIP_GMAC_128 && + sm->mgmt_group_cipher != WPA_CIPHER_BIP_GMAC_256 && + sm->mgmt_group_cipher != WPA_CIPHER_BIP_CMAC_256) return 0; if (igtk_elem == NULL) { @@ -629,19 +766,19 @@ static int wpa_ft_process_igtk_subelem(struct wpa_sm *sm, const u8 *igtk_elem, wpa_hexdump_key(MSG_DEBUG, "FT: Received IGTK in Reassoc Resp", igtk_elem, igtk_elem_len); - if (igtk_elem_len != 2 + 6 + 1 + WPA_IGTK_LEN + 8) { + igtk_len = wpa_cipher_key_len(sm->mgmt_group_cipher); + if (igtk_elem_len != 2 + 6 + 1 + igtk_len + 8) { wpa_printf(MSG_DEBUG, "FT: Invalid IGTK sub-elem " "length %lu", (unsigned long) igtk_elem_len); return -1; } - if (igtk_elem[8] != WPA_IGTK_LEN) { + if (igtk_elem[8] != igtk_len) { wpa_printf(MSG_DEBUG, "FT: Invalid IGTK sub-elem Key Length " "%d", igtk_elem[8]); return -1; } - if (aes_unwrap(sm->ptk.kek, sm->ptk.kek_len, WPA_IGTK_LEN / 8, - igtk_elem + 9, igtk)) { + if (aes_unwrap(kek, kek_len, igtk_len / 8, igtk_elem + 9, igtk)) { wpa_printf(MSG_WARNING, "FT: AES unwrap failed - could not " "decrypt IGTK"); return -1; @@ -652,13 +789,16 @@ static int wpa_ft_process_igtk_subelem(struct wpa_sm *sm, const u8 *igtk_elem, keyidx = WPA_GET_LE16(igtk_elem); wpa_hexdump_key(MSG_DEBUG, "FT: IGTK from Reassoc Resp", igtk, - WPA_IGTK_LEN); - if (wpa_sm_set_key(sm, WPA_ALG_IGTK, broadcast_ether_addr, keyidx, 0, - igtk_elem + 2, 6, igtk, WPA_IGTK_LEN) < 0) { + igtk_len); + if (wpa_sm_set_key(sm, wpa_cipher_to_alg(sm->mgmt_group_cipher), + broadcast_ether_addr, keyidx, 0, + igtk_elem + 2, 6, igtk, igtk_len) < 0) { wpa_printf(MSG_WARNING, "WPA: Failed to set IGTK to the " "driver."); + os_memset(igtk, 0, sizeof(igtk)); return -1; } + os_memset(igtk, 0, sizeof(igtk)); return 0; } @@ -670,9 +810,13 @@ int wpa_ft_validate_reassoc_resp(struct wpa_sm *sm, const u8 *ies, { struct wpa_ft_ies parse; struct rsn_mdie *mdie; - struct rsn_ftie *ftie; unsigned int count; u8 mic[WPA_EAPOL_KEY_MIC_MAX_LEN]; + const u8 *kck; + size_t kck_len; + int use_sha384 = wpa_key_mgmt_sha384(sm->key_mgmt); + const u8 *anonce, *snonce, *fte_mic; + u8 fte_elem_count; wpa_hexdump(MSG_DEBUG, "FT: Response IEs", ies, ies_len); @@ -687,7 +831,7 @@ int wpa_ft_validate_reassoc_resp(struct wpa_sm *sm, const u8 *ies, return 0; } - if (wpa_ft_parse_ies(ies, ies_len, &parse) < 0) { + if (wpa_ft_parse_ies(ies, ies_len, &parse, use_sha384) < 0) { wpa_printf(MSG_DEBUG, "FT: Failed to parse IEs"); return -1; } @@ -700,25 +844,47 @@ int wpa_ft_validate_reassoc_resp(struct wpa_sm *sm, const u8 *ies, return -1; } - ftie = (struct rsn_ftie *) parse.ftie; - if (ftie == NULL || parse.ftie_len < sizeof(*ftie)) { - wpa_printf(MSG_DEBUG, "FT: Invalid FTIE"); - return -1; + if (use_sha384) { + struct rsn_ftie_sha384 *ftie; + + ftie = (struct rsn_ftie_sha384 *) parse.ftie; + if (!ftie || parse.ftie_len < sizeof(*ftie)) { + wpa_printf(MSG_DEBUG, "FT: Invalid FTIE"); + return -1; + } + + anonce = ftie->anonce; + snonce = ftie->snonce; + fte_elem_count = ftie->mic_control[1]; + fte_mic = ftie->mic; + } else { + struct rsn_ftie *ftie; + + ftie = (struct rsn_ftie *) parse.ftie; + if (!ftie || parse.ftie_len < sizeof(*ftie)) { + wpa_printf(MSG_DEBUG, "FT: Invalid FTIE"); + return -1; + } + + anonce = ftie->anonce; + snonce = ftie->snonce; + fte_elem_count = ftie->mic_control[1]; + fte_mic = ftie->mic; } - if (os_memcmp(ftie->snonce, sm->snonce, WPA_NONCE_LEN) != 0) { + if (os_memcmp(snonce, sm->snonce, WPA_NONCE_LEN) != 0) { wpa_printf(MSG_DEBUG, "FT: SNonce mismatch in FTIE"); wpa_hexdump(MSG_DEBUG, "FT: Received SNonce", - ftie->snonce, WPA_NONCE_LEN); + snonce, WPA_NONCE_LEN); wpa_hexdump(MSG_DEBUG, "FT: Expected SNonce", sm->snonce, WPA_NONCE_LEN); return -1; } - if (os_memcmp(ftie->anonce, sm->anonce, WPA_NONCE_LEN) != 0) { + if (os_memcmp(anonce, sm->anonce, WPA_NONCE_LEN) != 0) { wpa_printf(MSG_DEBUG, "FT: ANonce mismatch in FTIE"); wpa_hexdump(MSG_DEBUG, "FT: Received ANonce", - ftie->anonce, WPA_NONCE_LEN); + anonce, WPA_NONCE_LEN); wpa_hexdump(MSG_DEBUG, "FT: Expected ANonce", sm->anonce, WPA_NONCE_LEN); return -1; @@ -763,14 +929,22 @@ int wpa_ft_validate_reassoc_resp(struct wpa_sm *sm, const u8 *ies, count = 3; if (parse.ric) count += ieee802_11_ie_count(parse.ric, parse.ric_len); - if (ftie->mic_control[1] != count) { + if (fte_elem_count != count) { wpa_printf(MSG_DEBUG, "FT: Unexpected IE count in MIC " "Control: received %u expected %u", - ftie->mic_control[1], count); + fte_elem_count, count); return -1; } - if (wpa_ft_mic(sm->ptk.kck, sm->ptk.kck_len, sm->own_addr, src_addr, 6, + if (wpa_key_mgmt_fils(sm->key_mgmt)) { + kck = sm->ptk.kck2; + kck_len = sm->ptk.kck2_len; + } else { + kck = sm->ptk.kck; + kck_len = sm->ptk.kck_len; + } + + if (wpa_ft_mic(kck, kck_len, sm->own_addr, src_addr, 6, parse.mdie - 2, parse.mdie_len + 2, parse.ftie - 2, parse.ftie_len + 2, parse.rsn - 2, parse.rsn_len + 2, @@ -780,9 +954,9 @@ int wpa_ft_validate_reassoc_resp(struct wpa_sm *sm, const u8 *ies, return -1; } - if (os_memcmp_const(mic, ftie->mic, 16) != 0) { + if (os_memcmp_const(mic, fte_mic, 16) != 0) { wpa_printf(MSG_DEBUG, "FT: Invalid MIC in FTIE"); - wpa_hexdump(MSG_MSGDUMP, "FT: Received MIC", ftie->mic, 16); + wpa_hexdump(MSG_MSGDUMP, "FT: Received MIC", fte_mic, 16); wpa_hexdump(MSG_MSGDUMP, "FT: Calculated MIC", mic, 16); return -1; } diff --git a/contrib/wpa/src/rsn_supp/wpa_i.h b/contrib/wpa/src/rsn_supp/wpa_i.h index 56f88dcdd899..b94b17a85a3a 100644 --- a/contrib/wpa/src/rsn_supp/wpa_i.h +++ b/contrib/wpa/src/rsn_supp/wpa_i.h @@ -1,6 +1,6 @@ /* * Internal WPA/RSN supplicant state machine definitions - * Copyright (c) 2004-2015, Jouni Malinen <j@w1.fi> + * Copyright (c) 2004-2018, Jouni Malinen <j@w1.fi> * * This software may be distributed under the terms of the BSD license. * See README for more details. @@ -11,7 +11,6 @@ #include "utils/list.h" -struct wpa_peerkey; struct wpa_tdls_peer; struct wpa_eapol_key; @@ -57,7 +56,6 @@ struct wpa_sm { int fast_reauth; /* whether EAP fast re-authentication is enabled */ void *network_ctx; - int peerkey_enabled; int allowed_pairwise_cipher; /* bitfield of WPA_CIPHER_* */ int proactive_key_caching; int eap_workaround; @@ -94,9 +92,6 @@ struct wpa_sm { u8 *ap_wpa_ie, *ap_rsn_ie; size_t ap_wpa_ie_len, ap_rsn_ie_len; -#ifdef CONFIG_PEERKEY - struct wpa_peerkey *peerkey; -#endif /* CONFIG_PEERKEY */ #ifdef CONFIG_TDLS struct wpa_tdls_peer *tdls; int tdls_prohibited; @@ -117,11 +112,14 @@ struct wpa_sm { #endif /* CONFIG_TDLS */ #ifdef CONFIG_IEEE80211R - u8 xxkey[PMK_LEN]; /* PSK or the second 256 bits of MSK */ + u8 xxkey[PMK_LEN_MAX]; /* PSK or the second 256 bits of MSK, or the + * first 384 bits of MSK */ size_t xxkey_len; - u8 pmk_r0[PMK_LEN]; + u8 pmk_r0[PMK_LEN_MAX]; + size_t pmk_r0_len; u8 pmk_r0_name[WPA_PMK_NAME_LEN]; - u8 pmk_r1[PMK_LEN]; + u8 pmk_r1[PMK_LEN_MAX]; + size_t pmk_r1_len; u8 pmk_r1_name[WPA_PMK_NAME_LEN]; u8 mobility_domain[MOBILITY_DOMAIN_ID_LEN]; u8 r0kh_id[FT_R0KH_ID_MAX_LEN]; @@ -144,6 +142,31 @@ struct wpa_sm { #ifdef CONFIG_TESTING_OPTIONS struct wpabuf *test_assoc_ie; #endif /* CONFIG_TESTING_OPTIONS */ + +#ifdef CONFIG_FILS + u8 fils_nonce[FILS_NONCE_LEN]; + u8 fils_session[FILS_SESSION_LEN]; + u8 fils_anonce[FILS_NONCE_LEN]; + u8 fils_key_auth_ap[FILS_MAX_KEY_AUTH_LEN]; + u8 fils_key_auth_sta[FILS_MAX_KEY_AUTH_LEN]; + size_t fils_key_auth_len; + unsigned int fils_completed:1; + unsigned int fils_erp_pmkid_set:1; + unsigned int fils_cache_id_set:1; + u8 fils_erp_pmkid[PMKID_LEN]; + u8 fils_cache_id[FILS_CACHE_ID_LEN]; + struct crypto_ecdh *fils_ecdh; + int fils_dh_group; + size_t fils_dh_elem_len; + struct wpabuf *fils_ft_ies; + u8 fils_ft[FILS_FT_MAX_LEN]; + size_t fils_ft_len; +#endif /* CONFIG_FILS */ + +#ifdef CONFIG_OWE + struct crypto_ecdh *owe_ecdh; + u16 owe_group; +#endif /* CONFIG_OWE */ }; @@ -215,18 +238,23 @@ static inline u8 * wpa_sm_alloc_eapol(struct wpa_sm *sm, u8 type, msg_len, data_pos); } -static inline int wpa_sm_add_pmkid(struct wpa_sm *sm, const u8 *bssid, - const u8 *pmkid) +static inline int wpa_sm_add_pmkid(struct wpa_sm *sm, void *network_ctx, + const u8 *bssid, const u8 *pmkid, + const u8 *cache_id, const u8 *pmk, + size_t pmk_len) { WPA_ASSERT(sm->ctx->add_pmkid); - return sm->ctx->add_pmkid(sm->ctx->ctx, bssid, pmkid); + return sm->ctx->add_pmkid(sm->ctx->ctx, network_ctx, bssid, pmkid, + cache_id, pmk, pmk_len); } -static inline int wpa_sm_remove_pmkid(struct wpa_sm *sm, const u8 *bssid, - const u8 *pmkid) +static inline int wpa_sm_remove_pmkid(struct wpa_sm *sm, void *network_ctx, + const u8 *bssid, const u8 *pmkid, + const u8 *cache_id) { WPA_ASSERT(sm->ctx->remove_pmkid); - return sm->ctx->remove_pmkid(sm->ctx->ctx, bssid, pmkid); + return sm->ctx->remove_pmkid(sm->ctx->ctx, network_ctx, bssid, pmkid, + cache_id); } static inline int wpa_sm_mlme_setprotection(struct wpa_sm *sm, const u8 *addr, @@ -359,7 +387,16 @@ static inline int wpa_sm_key_mgmt_set_pmk(struct wpa_sm *sm, return sm->ctx->key_mgmt_set_pmk(sm->ctx->ctx, pmk, pmk_len); } -int wpa_eapol_key_send(struct wpa_sm *sm, const u8 *kck, size_t kck_len, +static inline void wpa_sm_fils_hlp_rx(struct wpa_sm *sm, + const u8 *dst, const u8 *src, + const u8 *pkt, size_t pkt_len) +{ + if (sm->ctx->fils_hlp_rx) + sm->ctx->fils_hlp_rx(sm->ctx->ctx, dst, src, pkt, pkt_len); +} + + +int wpa_eapol_key_send(struct wpa_sm *sm, struct wpa_ptk *ptk, int ver, const u8 *dest, u16 proto, u8 *msg, size_t msg_len, u8 *key_mic); int wpa_supplicant_send_2_of_4(struct wpa_sm *sm, const unsigned char *dst, diff --git a/contrib/wpa/src/rsn_supp/wpa_ie.c b/contrib/wpa/src/rsn_supp/wpa_ie.c index c44844ec583b..a3410d15447a 100644 --- a/contrib/wpa/src/rsn_supp/wpa_ie.c +++ b/contrib/wpa/src/rsn_supp/wpa_ie.c @@ -1,6 +1,6 @@ /* * wpa_supplicant - WPA/RSN IE and KDE processing - * Copyright (c) 2003-2015, Jouni Malinen <j@w1.fi> + * Copyright (c) 2003-2018, Jouni Malinen <j@w1.fi> * * This software may be distributed under the terms of the BSD license. * See README for more details. @@ -161,6 +161,10 @@ static int wpa_gen_wpa_ie_rsn(u8 *rsn_ie, size_t rsn_ie_len, #ifdef CONFIG_IEEE80211R } else if (key_mgmt == WPA_KEY_MGMT_FT_IEEE8021X) { RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FT_802_1X); +#ifdef CONFIG_SHA384 + } else if (key_mgmt == WPA_KEY_MGMT_FT_IEEE8021X_SHA384) { + RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FT_802_1X_SHA384); +#endif /* CONFIG_SHA384 */ } else if (key_mgmt == WPA_KEY_MGMT_FT_PSK) { RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FT_PSK); #endif /* CONFIG_IEEE80211R */ @@ -180,6 +184,30 @@ static int wpa_gen_wpa_ie_rsn(u8 *rsn_ie, size_t rsn_ie_len, RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_802_1X_SUITE_B_192); } else if (key_mgmt == WPA_KEY_MGMT_IEEE8021X_SUITE_B) { RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_802_1X_SUITE_B); +#ifdef CONFIG_FILS + } else if (key_mgmt & WPA_KEY_MGMT_FILS_SHA256) { + RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FILS_SHA256); + } else if (key_mgmt & WPA_KEY_MGMT_FILS_SHA384) { + RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FILS_SHA384); +#ifdef CONFIG_IEEE80211R + } else if (key_mgmt & WPA_KEY_MGMT_FT_FILS_SHA256) { + RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FT_FILS_SHA256); + } else if (key_mgmt & WPA_KEY_MGMT_FT_FILS_SHA384) { + RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FT_FILS_SHA384); +#endif /* CONFIG_IEEE80211R */ +#endif /* CONFIG_FILS */ +#ifdef CONFIG_OWE + } else if (key_mgmt & WPA_KEY_MGMT_OWE) { + RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_OWE); +#endif /* CONFIG_OWE */ +#ifdef CONFIG_DPP + } else if (key_mgmt & WPA_KEY_MGMT_DPP) { + RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_DPP); +#endif /* CONFIG_DPP */ +#ifdef CONFIG_HS20 + } else if (key_mgmt & WPA_KEY_MGMT_OSEN) { + RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_OSEN); +#endif /* CONFIG_HS20 */ } else { wpa_printf(MSG_WARNING, "Invalid key management type (%d).", key_mgmt); @@ -405,44 +433,6 @@ static int wpa_parse_generic(const u8 *pos, const u8 *end, return 0; } -#ifdef CONFIG_PEERKEY - if (pos[1] > RSN_SELECTOR_LEN + 2 && - RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_SMK) { - ie->smk = pos + 2 + RSN_SELECTOR_LEN; - ie->smk_len = pos[1] - RSN_SELECTOR_LEN; - wpa_hexdump_key(MSG_DEBUG, "WPA: SMK in EAPOL-Key", - pos, pos[1] + 2); - return 0; - } - - if (pos[1] > RSN_SELECTOR_LEN + 2 && - RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_NONCE) { - ie->nonce = pos + 2 + RSN_SELECTOR_LEN; - ie->nonce_len = pos[1] - RSN_SELECTOR_LEN; - wpa_hexdump(MSG_DEBUG, "WPA: Nonce in EAPOL-Key", - pos, pos[1] + 2); - return 0; - } - - if (pos[1] > RSN_SELECTOR_LEN + 2 && - RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_LIFETIME) { - ie->lifetime = pos + 2 + RSN_SELECTOR_LEN; - ie->lifetime_len = pos[1] - RSN_SELECTOR_LEN; - wpa_hexdump(MSG_DEBUG, "WPA: Lifetime in EAPOL-Key", - pos, pos[1] + 2); - return 0; - } - - if (pos[1] > RSN_SELECTOR_LEN + 2 && - RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_ERROR) { - ie->error = pos + 2 + RSN_SELECTOR_LEN; - ie->error_len = pos[1] - RSN_SELECTOR_LEN; - wpa_hexdump(MSG_DEBUG, "WPA: Error in EAPOL-Key", - pos, pos[1] + 2); - return 0; - } -#endif /* CONFIG_PEERKEY */ - #ifdef CONFIG_IEEE80211W if (pos[1] > RSN_SELECTOR_LEN + 2 && RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_IGTK) { diff --git a/contrib/wpa/src/rsn_supp/wpa_ie.h b/contrib/wpa/src/rsn_supp/wpa_ie.h index fe95af0abc51..0e72af56029e 100644 --- a/contrib/wpa/src/rsn_supp/wpa_ie.h +++ b/contrib/wpa/src/rsn_supp/wpa_ie.h @@ -21,16 +21,6 @@ struct wpa_eapol_ie_parse { size_t gtk_len; const u8 *mac_addr; size_t mac_addr_len; -#ifdef CONFIG_PEERKEY - const u8 *smk; - size_t smk_len; - const u8 *nonce; - size_t nonce_len; - const u8 *lifetime; - size_t lifetime_len; - const u8 *error; - size_t error_len; -#endif /* CONFIG_PEERKEY */ #ifdef CONFIG_IEEE80211W const u8 *igtk; size_t igtk_len; diff --git a/contrib/wpa/src/tls/libtommath.c b/contrib/wpa/src/tls/libtommath.c index 8bc824f20dcd..4f7a14823d72 100644 --- a/contrib/wpa/src/tls/libtommath.c +++ b/contrib/wpa/src/tls/libtommath.c @@ -116,7 +116,7 @@ typedef int mp_err; #define MP_PREC 32 /* default digits of precision */ #else #define MP_PREC 8 /* default digits of precision */ - #endif + #endif #endif /* size of comba arrays, should be at least 2 * 2**(BITS_PER_WORD - BITS_PER_DIGIT*2) */ @@ -274,8 +274,8 @@ static int s_mp_add (mp_int * a, mp_int * b, mp_int * c) *tmpc++ &= MP_MASK; } - /* now copy higher words if any, that is in A+B - * if A or B has more digits add those in + /* now copy higher words if any, that is in A+B + * if A or B has more digits add those in */ if (min != max) { for (; i < max; i++) { @@ -499,29 +499,29 @@ static int mp_mul (mp_int * a, mp_int * b, mp_int * c) #ifdef BN_MP_TOOM_MUL_C if (MIN (a->used, b->used) >= TOOM_MUL_CUTOFF) { res = mp_toom_mul(a, b, c); - } else + } else #endif #ifdef BN_MP_KARATSUBA_MUL_C /* use Karatsuba? */ if (MIN (a->used, b->used) >= KARATSUBA_MUL_CUTOFF) { res = mp_karatsuba_mul (a, b, c); - } else + } else #endif { /* can we use the fast multiplier? * - * The fast multiplier can be used if the output will - * have less than MP_WARRAY digits and the number of + * The fast multiplier can be used if the output will + * have less than MP_WARRAY digits and the number of * digits won't affect carry propagation */ #ifdef BN_FAST_S_MP_MUL_DIGS_C int digs = a->used + b->used + 1; if ((digs < MP_WARRAY) && - MIN(a->used, b->used) <= + MIN(a->used, b->used) <= (1 << ((CHAR_BIT * sizeof (mp_word)) - (2 * DIGIT_BIT)))) { res = fast_s_mp_mul_digs (a, b, c, digs); - } else + } else #endif #ifdef BN_S_MP_MUL_DIGS_C res = s_mp_mul (a, b, c); /* uses s_mp_mul_digs */ @@ -629,7 +629,7 @@ static int mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y) err = mp_exptmod(&tmpG, &tmpX, P, Y); mp_clear_multi(&tmpG, &tmpX, NULL); return err; -#else +#else #error mp_exptmod would always fail /* no invmod */ return MP_VAL; @@ -658,7 +658,7 @@ static int mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y) dr = mp_reduce_is_2k(P) << 1; } #endif - + /* if the modulus is odd or dr != 0 use the montgomery method */ #ifdef BN_MP_EXPTMOD_FAST_C if (mp_isodd (P) == 1 || dr != 0) { @@ -693,7 +693,7 @@ static int mp_cmp (mp_int * a, mp_int * b) return MP_GT; } } - + /* compare digits */ if (a->sign == MP_NEG) { /* if negative compare opposite direction */ @@ -779,7 +779,7 @@ static int mp_invmod_slow (mp_int * a, mp_int * b, mp_int * c) } /* init temps */ - if ((res = mp_init_multi(&x, &y, &u, &v, + if ((res = mp_init_multi(&x, &y, &u, &v, &A, &B, &C, &D, NULL)) != MP_OKAY) { return res; } @@ -906,14 +906,14 @@ top: goto LBL_ERR; } } - + /* too big */ while (mp_cmp_mag(&C, b) != MP_LT) { if ((res = mp_sub(&C, b, &C)) != MP_OKAY) { goto LBL_ERR; } } - + /* C is now the inverse */ mp_exch (&C, c); res = MP_OKAY; @@ -933,7 +933,7 @@ static int mp_cmp_mag (mp_int * a, mp_int * b) if (a->used > b->used) { return MP_GT; } - + if (a->used < b->used) { return MP_LT; } @@ -1199,8 +1199,8 @@ static void mp_rshd (mp_int * a, int b) /* top [offset into digits] */ top = a->dp + b; - /* this is implemented as a sliding window where - * the window is b-digits long and digits from + /* this is implemented as a sliding window where + * the window is b-digits long and digits from * the top of the window are copied to the bottom * * e.g. @@ -1218,13 +1218,13 @@ static void mp_rshd (mp_int * a, int b) *bottom++ = 0; } } - + /* remove excess digits */ a->used -= b; } -/* swap the elements of two integers, for cases where you can't simply swap the +/* swap the elements of two integers, for cases where you can't simply swap the * mp_int pointers around */ static void mp_exch (mp_int * a, mp_int * b) @@ -1237,7 +1237,7 @@ static void mp_exch (mp_int * a, mp_int * b) } -/* trim unused digits +/* trim unused digits * * This is used to ensure that leading zero digits are * trimed and the leading "used" digit will be non-zero @@ -1298,7 +1298,7 @@ static int mp_grow (mp_int * a, int size) #ifdef BN_MP_ABS_C -/* b = |a| +/* b = |a| * * Simple function copies the input and fixes the sign to positive */ @@ -1434,7 +1434,7 @@ static int mp_mul_2d (mp_int * a, int b, mp_int * c) /* set the carry to the carry bits of the current word */ r = rr; } - + /* set final carry */ if (r != 0) { c->dp[(c->used)++] = r; @@ -1446,7 +1446,7 @@ static int mp_mul_2d (mp_int * a, int b, mp_int * c) #ifdef BN_MP_INIT_MULTI_C -static int mp_init_multi(mp_int *mp, ...) +static int mp_init_multi(mp_int *mp, ...) { mp_err res = MP_OKAY; /* Assume ok until proven otherwise */ int n = 0; /* Number of ok inits */ @@ -1460,11 +1460,11 @@ static int mp_init_multi(mp_int *mp, ...) succeeded in init-ing, then return error. */ va_list clean_args; - + /* end the current list */ va_end(args); - - /* now start cleaning up */ + + /* now start cleaning up */ cur_arg = mp; va_start(clean_args, mp); while (n--) { @@ -1484,7 +1484,7 @@ static int mp_init_multi(mp_int *mp, ...) #ifdef BN_MP_CLEAR_MULTI_C -static void mp_clear_multi(mp_int *mp, ...) +static void mp_clear_multi(mp_int *mp, ...) { mp_int* next_mp = mp; va_list args; @@ -1558,7 +1558,7 @@ static int mp_count_bits (mp_int * a) /* get number of digits and add that */ r = (a->used - 1) * DIGIT_BIT; - + /* take the last digit and count the bits in it */ q = a->dp[a->used - 1]; while (q > ((mp_digit) 0)) { @@ -1628,7 +1628,7 @@ static int mp_div(mp_int * a, mp_int * b, mp_int * c, mp_int * d) } return res; } - + /* init our temps */ if ((res = mp_init_multi(&ta, &tb, &tq, &q, NULL)) != MP_OKAY) { return res; @@ -1638,7 +1638,7 @@ static int mp_div(mp_int * a, mp_int * b, mp_int * c, mp_int * d) mp_set(&tq, 1); n = mp_count_bits(a) - mp_count_bits(b); if (((res = mp_abs(a, &ta)) != MP_OKAY) || - ((res = mp_abs(b, &tb)) != MP_OKAY) || + ((res = mp_abs(b, &tb)) != MP_OKAY) || ((res = mp_mul_2d(&tb, n, &tb)) != MP_OKAY) || ((res = mp_mul_2d(&tq, n, &tq)) != MP_OKAY)) { goto LBL_ERR; @@ -1675,17 +1675,17 @@ LBL_ERR: #else -/* integer signed division. +/* integer signed division. * c*b + d == a [e.g. a/b, c=quotient, d=remainder] * HAC pp.598 Algorithm 14.20 * - * Note that the description in HAC is horribly - * incomplete. For example, it doesn't consider - * the case where digits are removed from 'x' in - * the inner loop. It also doesn't consider the + * Note that the description in HAC is horribly + * incomplete. For example, it doesn't consider + * the case where digits are removed from 'x' in + * the inner loop. It also doesn't consider the * case that y has fewer than three digits, etc.. * - * The overall algorithm is as described as + * The overall algorithm is as described as * 14.20 from HAC but fixed to treat these cases. */ static int mp_div (mp_int * a, mp_int * b, mp_int * c, mp_int * d) @@ -1775,7 +1775,7 @@ static int mp_div (mp_int * a, mp_int * b, mp_int * c, mp_int * d) continue; } - /* step 3.1 if xi == yt then set q{i-t-1} to b-1, + /* step 3.1 if xi == yt then set q{i-t-1} to b-1, * otherwise set q{i-t-1} to (xi*b + x{i-1})/yt */ if (x.dp[i] == y.dp[t]) { q.dp[i - t - 1] = ((((mp_digit)1) << DIGIT_BIT) - 1); @@ -1789,10 +1789,10 @@ static int mp_div (mp_int * a, mp_int * b, mp_int * c, mp_int * d) q.dp[i - t - 1] = (mp_digit) (tmp & (mp_word) (MP_MASK)); } - /* while (q{i-t-1} * (yt * b + y{t-1})) > - xi * b**2 + xi-1 * b + xi-2 - - do q{i-t-1} -= 1; + /* while (q{i-t-1} * (yt * b + y{t-1})) > + xi * b**2 + xi-1 * b + xi-2 + + do q{i-t-1} -= 1; */ q.dp[i - t - 1] = (q.dp[i - t - 1] + 1) & MP_MASK; do { @@ -1843,10 +1843,10 @@ static int mp_div (mp_int * a, mp_int * b, mp_int * c, mp_int * d) } } - /* now q is the quotient and x is the remainder - * [which we have to normalize] + /* now q is the quotient and x is the remainder + * [which we have to normalize] */ - + /* get sign before writing to c */ x.sign = x.used == 0 ? MP_ZPOS : a->sign; @@ -1914,7 +1914,7 @@ static int s_mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y, int red /* init M array */ /* init first cell */ if ((err = mp_init(&M[1])) != MP_OKAY) { - return err; + return err; } /* now init the second half of the array */ @@ -1932,7 +1932,7 @@ static int s_mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y, int red if ((err = mp_init (&mu)) != MP_OKAY) { goto LBL_M; } - + if (redmode == 0) { if ((err = mp_reduce_setup (&mu, P)) != MP_OKAY) { goto LBL_MU; @@ -1943,22 +1943,22 @@ static int s_mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y, int red goto LBL_MU; } redux = mp_reduce_2k_l; - } + } /* create M table * - * The M table contains powers of the base, + * The M table contains powers of the base, * e.g. M[x] = G**x mod P * - * The first half of the table is not + * The first half of the table is not * computed though accept for M[0] and M[1] */ if ((err = mp_mod (G, P, &M[1])) != MP_OKAY) { goto LBL_MU; } - /* compute the value at M[1<<(winsize-1)] by squaring - * M[1] (winsize-1) times + /* compute the value at M[1<<(winsize-1)] by squaring + * M[1] (winsize-1) times */ if ((err = mp_copy (&M[1], &M[1 << (winsize - 1)])) != MP_OKAY) { goto LBL_MU; @@ -1966,7 +1966,7 @@ static int s_mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y, int red for (x = 0; x < (winsize - 1); x++) { /* square it */ - if ((err = mp_sqr (&M[1 << (winsize - 1)], + if ((err = mp_sqr (&M[1 << (winsize - 1)], &M[1 << (winsize - 1)])) != MP_OKAY) { goto LBL_MU; } @@ -2117,18 +2117,18 @@ static int mp_sqr (mp_int * a, mp_int * b) if (a->used >= TOOM_SQR_CUTOFF) { res = mp_toom_sqr(a, b); /* Karatsuba? */ - } else + } else #endif #ifdef BN_MP_KARATSUBA_SQR_C if (a->used >= KARATSUBA_SQR_CUTOFF) { res = mp_karatsuba_sqr (a, b); - } else + } else #endif { #ifdef BN_FAST_S_MP_SQR_C /* can we use the fast comba multiplier? */ - if ((a->used * 2 + 1) < MP_WARRAY && - a->used < + if ((a->used * 2 + 1) < MP_WARRAY && + a->used < (1 << (sizeof(mp_word) * CHAR_BIT - 2*DIGIT_BIT - 1))) { res = fast_s_mp_sqr (a, b); } else @@ -2145,7 +2145,7 @@ if (a->used >= KARATSUBA_SQR_CUTOFF) { } -/* reduces a modulo n where n is of the form 2**p - d +/* reduces a modulo n where n is of the form 2**p - d This differs from reduce_2k since "d" can be larger than a single digit. */ @@ -2153,33 +2153,33 @@ static int mp_reduce_2k_l(mp_int *a, mp_int *n, mp_int *d) { mp_int q; int p, res; - + if ((res = mp_init(&q)) != MP_OKAY) { return res; } - - p = mp_count_bits(n); + + p = mp_count_bits(n); top: /* q = a/2**p, a = a mod 2**p */ if ((res = mp_div_2d(a, p, &q, a)) != MP_OKAY) { goto ERR; } - + /* q = q * d */ - if ((res = mp_mul(&q, d, &q)) != MP_OKAY) { + if ((res = mp_mul(&q, d, &q)) != MP_OKAY) { goto ERR; } - + /* a = a + q */ if ((res = s_mp_add(a, &q, a)) != MP_OKAY) { goto ERR; } - + if (mp_cmp_mag(a, n) != MP_LT) { s_mp_sub(a, n, a); goto top; } - + ERR: mp_clear(&q); return res; @@ -2191,26 +2191,26 @@ static int mp_reduce_2k_setup_l(mp_int *a, mp_int *d) { int res; mp_int tmp; - + if ((res = mp_init(&tmp)) != MP_OKAY) { return res; } - + if ((res = mp_2expt(&tmp, mp_count_bits(a))) != MP_OKAY) { goto ERR; } - + if ((res = s_mp_sub(&tmp, a, d)) != MP_OKAY) { goto ERR; } - + ERR: mp_clear(&tmp); return res; } -/* computes a = 2**b +/* computes a = 2**b * * Simple algorithm which zeroes the int, grows it then just sets one bit * as required. @@ -2243,7 +2243,7 @@ static int mp_2expt (mp_int * a, int b) static int mp_reduce_setup (mp_int * a, mp_int * b) { int res; - + if ((res = mp_2expt (a, b->used * 2 * DIGIT_BIT)) != MP_OKAY) { return res; } @@ -2251,7 +2251,7 @@ static int mp_reduce_setup (mp_int * a, mp_int * b) } -/* reduces x mod m, assumes 0 < x < m**2, mu is +/* reduces x mod m, assumes 0 < x < m**2, mu is * precomputed via mp_reduce_setup. * From HAC pp.604 Algorithm 14.42 */ @@ -2266,7 +2266,7 @@ static int mp_reduce (mp_int * x, mp_int * m, mp_int * mu) } /* q1 = x / b**(k-1) */ - mp_rshd (&q, um - 1); + mp_rshd (&q, um - 1); /* according to HAC this optimization is ok */ if (((unsigned long) um) > (((mp_digit)1) << (DIGIT_BIT - 1))) { @@ -2282,8 +2282,8 @@ static int mp_reduce (mp_int * x, mp_int * m, mp_int * mu) if ((res = fast_s_mp_mul_high_digs (&q, mu, &q, um)) != MP_OKAY) { goto CLEANUP; } -#else - { +#else + { #error mp_reduce would always fail res = MP_VAL; goto CLEANUP; @@ -2292,7 +2292,7 @@ static int mp_reduce (mp_int * x, mp_int * m, mp_int * mu) } /* q3 = q2 / b**(k+1) */ - mp_rshd (&q, um + 1); + mp_rshd (&q, um + 1); /* x = x mod b**(k+1), quick (no division) */ if ((res = mp_mod_2d (x, DIGIT_BIT * (um + 1), x)) != MP_OKAY) { @@ -2326,7 +2326,7 @@ static int mp_reduce (mp_int * x, mp_int * m, mp_int * mu) goto CLEANUP; } } - + CLEANUP: mp_clear (&q); @@ -2335,7 +2335,7 @@ CLEANUP: /* multiplies |a| * |b| and only computes up to digs digits of result - * HAC pp. 595, Algorithm 14.12 Modified so you can control how + * HAC pp. 595, Algorithm 14.12 Modified so you can control how * many digits of output are created. */ static int s_mp_mul_digs (mp_int * a, mp_int * b, mp_int * c, int digs) @@ -2349,7 +2349,7 @@ static int s_mp_mul_digs (mp_int * a, mp_int * b, mp_int * c, int digs) #ifdef BN_FAST_S_MP_MUL_DIGS_C /* can we use the fast multiplier? */ if (((digs) < MP_WARRAY) && - MIN (a->used, b->used) < + MIN (a->used, b->used) < (1 << ((CHAR_BIT * sizeof (mp_word)) - (2 * DIGIT_BIT)))) { return fast_s_mp_mul_digs (a, b, c, digs); } @@ -2372,10 +2372,10 @@ static int s_mp_mul_digs (mp_int * a, mp_int * b, mp_int * c, int digs) /* setup some aliases */ /* copy of the digit from a used within the nested loop */ tmpx = a->dp[ix]; - + /* an alias for the destination shifted ix places */ tmpt = t.dp + ix; - + /* an alias for the digits of b */ tmpy = b->dp; @@ -2409,15 +2409,15 @@ static int s_mp_mul_digs (mp_int * a, mp_int * b, mp_int * c, int digs) #ifdef BN_FAST_S_MP_MUL_DIGS_C /* Fast (comba) multiplier * - * This is the fast column-array [comba] multiplier. It is - * designed to compute the columns of the product first - * then handle the carries afterwards. This has the effect + * This is the fast column-array [comba] multiplier. It is + * designed to compute the columns of the product first + * then handle the carries afterwards. This has the effect * of making the nested loops that compute the columns very * simple and schedulable on super-scalar processors. * - * This has been modified to produce a variable number of - * digits of output so if say only a half-product is required - * you don't have to compute the upper half (a feature + * This has been modified to produce a variable number of + * digits of output so if say only a half-product is required + * you don't have to compute the upper half (a feature * required for fast Barrett reduction). * * Based on Algorithm 14.12 on pp.595 of HAC. @@ -2441,7 +2441,7 @@ static int fast_s_mp_mul_digs (mp_int * a, mp_int * b, mp_int * c, int digs) /* clear the carry */ _W = 0; - for (ix = 0; ix < pa; ix++) { + for (ix = 0; ix < pa; ix++) { int tx, ty; int iy; mp_digit *tmpx, *tmpy; @@ -2454,7 +2454,7 @@ static int fast_s_mp_mul_digs (mp_int * a, mp_int * b, mp_int * c, int digs) tmpx = a->dp + tx; tmpy = b->dp + ty; - /* this is the number of times the loop will iterrate, essentially + /* this is the number of times the loop will iterrate, essentially while (tx++ < a->used && ty-- >= 0) { ... } */ iy = MIN(a->used-tx, ty+1); @@ -2501,8 +2501,8 @@ static int mp_init_size (mp_int * a, int size) int x; /* pad size so there are always extra digits */ - size += (MP_PREC * 2) - (size % MP_PREC); - + size += (MP_PREC * 2) - (size % MP_PREC); + /* alloc mem */ a->dp = OPT_CAST(mp_digit) XMALLOC (sizeof (mp_digit) * size); if (a->dp == NULL) { @@ -2556,7 +2556,7 @@ static int s_mp_sqr (mp_int * a, mp_int * b) /* alias for where to store the results */ tmpt = t.dp + (2*ix + 1); - + for (iy = ix + 1; iy < pa; iy++) { /* first calculate the product */ r = ((mp_word)tmpx) * ((mp_word)a->dp[iy]); @@ -2863,24 +2863,24 @@ static int mp_mul_2(mp_int * a, mp_int * b) /* alias for source */ tmpa = a->dp; - + /* alias for dest */ tmpb = b->dp; /* carry */ r = 0; for (x = 0; x < a->used; x++) { - - /* get what will be the *next* carry bit from the - * MSB of the current digit + + /* get what will be the *next* carry bit from the + * MSB of the current digit */ rr = *tmpa >> ((mp_digit)(DIGIT_BIT - 1)); - + /* now shift up this digit, add in the carry [from the previous] */ *tmpb++ = ((*tmpa++ << ((mp_digit)1)) | r) & MP_MASK; - - /* copy the carry that would be from the source - * digit into the next iteration + + /* copy the carry that would be from the source + * digit into the next iteration */ r = rr; } @@ -2892,8 +2892,8 @@ static int mp_mul_2(mp_int * a, mp_int * b) ++(b->used); } - /* now zero any excess digits on the destination - * that we didn't write to + /* now zero any excess digits on the destination + * that we didn't write to */ tmpb = b->dp + b->used; for (x = b->used; x < oldused; x++) { @@ -3011,7 +3011,7 @@ static int mp_exptmod_fast (mp_int * G, mp_int * X, mp_int * P, mp_int * Y, int /* determine and setup reduction code */ if (redmode == 0) { -#ifdef BN_MP_MONTGOMERY_SETUP_C +#ifdef BN_MP_MONTGOMERY_SETUP_C /* now setup montgomery */ if ((err = mp_montgomery_setup (P, &mp)) != MP_OKAY) { goto LBL_M; @@ -3026,7 +3026,7 @@ static int mp_exptmod_fast (mp_int * G, mp_int * X, mp_int * P, mp_int * Y, int if (((P->used * 2 + 1) < MP_WARRAY) && P->used < (1 << ((CHAR_BIT * sizeof (mp_word)) - (2 * DIGIT_BIT)))) { redux = fast_mp_montgomery_reduce; - } else + } else #endif { #ifdef BN_MP_MONTGOMERY_REDUCE_C @@ -3077,7 +3077,7 @@ static int mp_exptmod_fast (mp_int * G, mp_int * X, mp_int * P, mp_int * Y, int if ((err = mp_montgomery_calc_normalization (&res, P)) != MP_OKAY) { goto LBL_RES; } -#else +#else err = MP_VAL; goto LBL_RES; #endif @@ -3245,10 +3245,10 @@ LBL_M: #ifdef BN_FAST_S_MP_SQR_C /* the jist of squaring... - * you do like mult except the offset of the tmpx [one that - * starts closer to zero] can't equal the offset of tmpy. + * you do like mult except the offset of the tmpx [one that + * starts closer to zero] can't equal the offset of tmpy. * So basically you set up iy like before then you min it with - * (ty-tx) so that it never happens. You double all those + * (ty-tx) so that it never happens. You double all those * you add in the inner loop After that loop you do the squares and add them in. @@ -3270,7 +3270,7 @@ static int fast_s_mp_sqr (mp_int * a, mp_int * b) /* number of output digits to produce */ W1 = 0; - for (ix = 0; ix < pa; ix++) { + for (ix = 0; ix < pa; ix++) { int tx, ty, iy; mp_word _W; mp_digit *tmpy; @@ -3291,7 +3291,7 @@ static int fast_s_mp_sqr (mp_int * a, mp_int * b) */ iy = MIN(a->used-tx, ty+1); - /* now for squaring tx can never equal ty + /* now for squaring tx can never equal ty * we halve the distance since they approach at a rate of 2x * and we have to round because odd cases need to be executed */ diff --git a/contrib/wpa/src/tls/rsa.c b/contrib/wpa/src/tls/rsa.c index 0b7b530bc37c..3525eb9919db 100644 --- a/contrib/wpa/src/tls/rsa.c +++ b/contrib/wpa/src/tls/rsa.c @@ -80,7 +80,7 @@ crypto_rsa_import_public_key(const u8 *buf, size_t len) * PKCS #1, 7.1: * RSAPublicKey ::= SEQUENCE { * modulus INTEGER, -- n - * publicExponent INTEGER -- e + * publicExponent INTEGER -- e * } */ diff --git a/contrib/wpa/src/tls/tlsv1_client.c b/contrib/wpa/src/tls/tlsv1_client.c index 9bc0d211f48d..76e19746b020 100644 --- a/contrib/wpa/src/tls/tlsv1_client.c +++ b/contrib/wpa/src/tls/tlsv1_client.c @@ -264,7 +264,7 @@ failed: * @in_data: Pointer to plaintext data to be encrypted * @in_len: Input buffer length * @out_data: Pointer to output buffer (encrypted TLS data) - * @out_len: Maximum out_data length + * @out_len: Maximum out_data length * Returns: Number of bytes written to out_data, -1 on failure * * This function is used after TLS handshake has been completed successfully to diff --git a/contrib/wpa/src/tls/tlsv1_client_read.c b/contrib/wpa/src/tls/tlsv1_client_read.c index 244c3cb06082..e66f1a98896d 100644 --- a/contrib/wpa/src/tls/tlsv1_client_read.c +++ b/contrib/wpa/src/tls/tlsv1_client_read.c @@ -685,10 +685,9 @@ static int tlsv1_process_diffie_hellman(struct tlsv1_client *conn, pos, conn->dh_p_len); goto fail; } - conn->dh_p = os_malloc(conn->dh_p_len); + conn->dh_p = os_memdup(pos, conn->dh_p_len); if (conn->dh_p == NULL) goto fail; - os_memcpy(conn->dh_p, pos, conn->dh_p_len); pos += conn->dh_p_len; wpa_hexdump(MSG_DEBUG, "TLSv1: DH p (prime)", conn->dh_p, conn->dh_p_len); @@ -700,10 +699,9 @@ static int tlsv1_process_diffie_hellman(struct tlsv1_client *conn, if (val == 0 || val > (size_t) (end - pos)) goto fail; conn->dh_g_len = val; - conn->dh_g = os_malloc(conn->dh_g_len); + conn->dh_g = os_memdup(pos, conn->dh_g_len); if (conn->dh_g == NULL) goto fail; - os_memcpy(conn->dh_g, pos, conn->dh_g_len); pos += conn->dh_g_len; wpa_hexdump(MSG_DEBUG, "TLSv1: DH g (generator)", conn->dh_g, conn->dh_g_len); @@ -717,10 +715,9 @@ static int tlsv1_process_diffie_hellman(struct tlsv1_client *conn, if (val == 0 || val > (size_t) (end - pos)) goto fail; conn->dh_ys_len = val; - conn->dh_ys = os_malloc(conn->dh_ys_len); + conn->dh_ys = os_memdup(pos, conn->dh_ys_len); if (conn->dh_ys == NULL) goto fail; - os_memcpy(conn->dh_ys, pos, conn->dh_ys_len); pos += conn->dh_ys_len; wpa_hexdump(MSG_DEBUG, "TLSv1: DH Ys (server's public value)", conn->dh_ys, conn->dh_ys_len); diff --git a/contrib/wpa/src/tls/tlsv1_common.c b/contrib/wpa/src/tls/tlsv1_common.c index 6b28417e499c..e178915a454d 100644 --- a/contrib/wpa/src/tls/tlsv1_common.c +++ b/contrib/wpa/src/tls/tlsv1_common.c @@ -21,7 +21,7 @@ * RFC 2246 Section 9: Mandatory to implement TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA * Add support for commonly used cipher suites; don't bother with exportable * suites. - */ + */ static const struct tls_cipher_suite tls_cipher_suites[] = { { TLS_NULL_WITH_NULL_NULL, TLS_KEY_X_NULL, TLS_CIPHER_NULL, @@ -482,21 +482,21 @@ int tls_verify_signature(u16 tls_version, struct crypto_public_key *pk, os_memcmp(buf, "\x30\x31\x30\x0d\x06\x09\x60\x86\x48\x01" "\x65\x03\x04\x02\x01\x05\x00\x04\x20", 19) == 0) { - wpa_printf(MSG_DEBUG, "TLSv1.2: DigestAlgorithn = SHA-256"); + wpa_printf(MSG_DEBUG, "TLSv1.2: DigestAlgorithm = SHA-256"); decrypted = buf + 19; buflen -= 19; } else if (buflen >= 19 + 48 && os_memcmp(buf, "\x30\x41\x30\x0d\x06\x09\x60\x86\x48\x01" "\x65\x03\x04\x02\x02\x05\x00\x04\x30", 19) == 0) { - wpa_printf(MSG_DEBUG, "TLSv1.2: DigestAlgorithn = SHA-384"); + wpa_printf(MSG_DEBUG, "TLSv1.2: DigestAlgorithm = SHA-384"); decrypted = buf + 19; buflen -= 19; } else if (buflen >= 19 + 64 && os_memcmp(buf, "\x30\x51\x30\x0d\x06\x09\x60\x86\x48\x01" "\x65\x03\x04\x02\x03\x05\x00\x04\x40", 19) == 0) { - wpa_printf(MSG_DEBUG, "TLSv1.2: DigestAlgorithn = SHA-512"); + wpa_printf(MSG_DEBUG, "TLSv1.2: DigestAlgorithm = SHA-512"); decrypted = buf + 19; buflen -= 19; diff --git a/contrib/wpa/src/tls/tlsv1_cred.c b/contrib/wpa/src/tls/tlsv1_cred.c index 52c1ae0143da..842e5dd728c7 100644 --- a/contrib/wpa/src/tls/tlsv1_cred.c +++ b/contrib/wpa/src/tls/tlsv1_cred.c @@ -1166,10 +1166,9 @@ static int tlsv1_set_dhparams_der(struct tlsv1_credentials *cred, if (hdr.length == 0) return -1; os_free(cred->dh_p); - cred->dh_p = os_malloc(hdr.length); + cred->dh_p = os_memdup(hdr.payload, hdr.length); if (cred->dh_p == NULL) return -1; - os_memcpy(cred->dh_p, hdr.payload, hdr.length); cred->dh_p_len = hdr.length; pos = hdr.payload + hdr.length; @@ -1188,10 +1187,9 @@ static int tlsv1_set_dhparams_der(struct tlsv1_credentials *cred, if (hdr.length == 0) return -1; os_free(cred->dh_g); - cred->dh_g = os_malloc(hdr.length); + cred->dh_g = os_memdup(hdr.payload, hdr.length); if (cred->dh_g == NULL) return -1; - os_memcpy(cred->dh_g, hdr.payload, hdr.length); cred->dh_g_len = hdr.length; return 0; diff --git a/contrib/wpa/src/tls/tlsv1_server.c b/contrib/wpa/src/tls/tlsv1_server.c index ba47337bcbb1..540696904095 100644 --- a/contrib/wpa/src/tls/tlsv1_server.c +++ b/contrib/wpa/src/tls/tlsv1_server.c @@ -216,7 +216,7 @@ failed: * @in_data: Pointer to plaintext data to be encrypted * @in_len: Input buffer length * @out_data: Pointer to output buffer (encrypted TLS data) - * @out_len: Maximum out_data length + * @out_len: Maximum out_data length * Returns: Number of bytes written to out_data, -1 on failure * * This function is used after TLS handshake has been completed successfully to diff --git a/contrib/wpa/src/tls/x509v3.c b/contrib/wpa/src/tls/x509v3.c index 75f222c4f249..f80c9a358bf5 100644 --- a/contrib/wpa/src/tls/x509v3.c +++ b/contrib/wpa/src/tls/x509v3.c @@ -274,13 +274,12 @@ static int x509_parse_public_key(const u8 *buf, size_t len, */ } os_free(cert->public_key); - cert->public_key = os_malloc(hdr.length - 1); + cert->public_key = os_memdup(pos + 1, hdr.length - 1); if (cert->public_key == NULL) { wpa_printf(MSG_DEBUG, "X509: Failed to allocate memory for " "public key"); return -1; } - os_memcpy(cert->public_key, pos + 1, hdr.length - 1); cert->public_key_len = hdr.length - 1; wpa_hexdump(MSG_MSGDUMP, "X509: subjectPublicKey", cert->public_key, cert->public_key_len); @@ -925,10 +924,9 @@ static int x509_parse_alt_name_ip(struct x509_name *name, /* iPAddress OCTET STRING */ wpa_hexdump(MSG_MSGDUMP, "X509: altName - iPAddress", pos, len); os_free(name->ip); - name->ip = os_malloc(len); + name->ip = os_memdup(pos, len); if (name->ip == NULL) return -1; - os_memcpy(name->ip, pos, len); name->ip_len = len; return 0; } @@ -1700,14 +1698,13 @@ struct x509_certificate * x509_certificate_parse(const u8 *buf, size_t len) return NULL; } os_free(cert->sign_value); - cert->sign_value = os_malloc(hdr.length - 1); + cert->sign_value = os_memdup(pos + 1, hdr.length - 1); if (cert->sign_value == NULL) { wpa_printf(MSG_DEBUG, "X509: Failed to allocate memory for " "signatureValue"); x509_certificate_free(cert); return NULL; } - os_memcpy(cert->sign_value, pos + 1, hdr.length - 1); cert->sign_value_len = hdr.length - 1; wpa_hexdump(MSG_MSGDUMP, "X509: signature", cert->sign_value, cert->sign_value_len); @@ -2039,7 +2036,7 @@ int x509_certificate_chain_validate(struct x509_certificate *trusted, for (cert = chain, idx = 0; cert; cert = cert->next, idx++) { cert->issuer_trusted = 0; - x509_name_string(&cert->subject, buf, sizeof(buf)); + x509_name_string(&cert->subject, buf, sizeof(buf)); wpa_printf(MSG_DEBUG, "X509: %lu: %s", idx, buf); if (chain_trusted) @@ -2063,11 +2060,11 @@ int x509_certificate_chain_validate(struct x509_certificate *trusted, wpa_printf(MSG_DEBUG, "X509: Certificate " "chain issuer name mismatch"); x509_name_string(&cert->issuer, buf, - sizeof(buf)); + sizeof(buf)); wpa_printf(MSG_DEBUG, "X509: cert issuer: %s", buf); x509_name_string(&cert->next->subject, buf, - sizeof(buf)); + sizeof(buf)); wpa_printf(MSG_DEBUG, "X509: next cert " "subject: %s", buf); *reason = X509_VALIDATE_CERTIFICATE_UNKNOWN; diff --git a/contrib/wpa/src/utils/base64.c b/contrib/wpa/src/utils/base64.c index d44f290e5684..8eb4ba127d48 100644 --- a/contrib/wpa/src/utils/base64.c +++ b/contrib/wpa/src/utils/base64.c @@ -13,21 +13,14 @@ static const unsigned char base64_table[65] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; +static const unsigned char base64_url_table[65] = + "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_"; -/** - * base64_encode - Base64 encode - * @src: Data to be encoded - * @len: Length of the data to be encoded - * @out_len: Pointer to output length variable, or %NULL if not used - * Returns: Allocated buffer of out_len bytes of encoded data, - * or %NULL on failure - * - * Caller is responsible for freeing the returned buffer. Returned buffer is - * nul terminated to make it easier to use as a C string. The nul terminator is - * not included in out_len. - */ -unsigned char * base64_encode(const unsigned char *src, size_t len, - size_t *out_len) + +static unsigned char * base64_gen_encode(const unsigned char *src, size_t len, + size_t *out_len, + const unsigned char *table, + int add_pad) { unsigned char *out, *pos; const unsigned char *end, *in; @@ -35,7 +28,8 @@ unsigned char * base64_encode(const unsigned char *src, size_t len, int line_len; olen = len * 4 / 3 + 4; /* 3-byte blocks to 4-byte */ - olen += olen / 72; /* line feeds */ + if (add_pad) + olen += olen / 72; /* line feeds */ olen++; /* nul termination */ if (olen < len) return NULL; /* integer overflow */ @@ -48,35 +42,35 @@ unsigned char * base64_encode(const unsigned char *src, size_t len, pos = out; line_len = 0; while (end - in >= 3) { - *pos++ = base64_table[(in[0] >> 2) & 0x3f]; - *pos++ = base64_table[(((in[0] & 0x03) << 4) | - (in[1] >> 4)) & 0x3f]; - *pos++ = base64_table[(((in[1] & 0x0f) << 2) | - (in[2] >> 6)) & 0x3f]; - *pos++ = base64_table[in[2] & 0x3f]; + *pos++ = table[(in[0] >> 2) & 0x3f]; + *pos++ = table[(((in[0] & 0x03) << 4) | (in[1] >> 4)) & 0x3f]; + *pos++ = table[(((in[1] & 0x0f) << 2) | (in[2] >> 6)) & 0x3f]; + *pos++ = table[in[2] & 0x3f]; in += 3; line_len += 4; - if (line_len >= 72) { + if (add_pad && line_len >= 72) { *pos++ = '\n'; line_len = 0; } } if (end - in) { - *pos++ = base64_table[(in[0] >> 2) & 0x3f]; + *pos++ = table[(in[0] >> 2) & 0x3f]; if (end - in == 1) { - *pos++ = base64_table[((in[0] & 0x03) << 4) & 0x3f]; - *pos++ = '='; + *pos++ = table[((in[0] & 0x03) << 4) & 0x3f]; + if (add_pad) + *pos++ = '='; } else { - *pos++ = base64_table[(((in[0] & 0x03) << 4) | - (in[1] >> 4)) & 0x3f]; - *pos++ = base64_table[((in[1] & 0x0f) << 2) & 0x3f]; + *pos++ = table[(((in[0] & 0x03) << 4) | + (in[1] >> 4)) & 0x3f]; + *pos++ = table[((in[1] & 0x0f) << 2) & 0x3f]; } - *pos++ = '='; + if (add_pad) + *pos++ = '='; line_len += 4; } - if (line_len) + if (add_pad && line_len) *pos++ = '\n'; *pos = '\0'; @@ -86,26 +80,18 @@ unsigned char * base64_encode(const unsigned char *src, size_t len, } -/** - * base64_decode - Base64 decode - * @src: Data to be decoded - * @len: Length of the data to be decoded - * @out_len: Pointer to output length variable - * Returns: Allocated buffer of out_len bytes of decoded data, - * or %NULL on failure - * - * Caller is responsible for freeing the returned buffer. - */ -unsigned char * base64_decode(const unsigned char *src, size_t len, - size_t *out_len) +static unsigned char * base64_gen_decode(const unsigned char *src, size_t len, + size_t *out_len, + const unsigned char *table) { unsigned char dtable[256], *out, *pos, block[4], tmp; size_t i, count, olen; int pad = 0; + size_t extra_pad; os_memset(dtable, 0x80, 256); for (i = 0; i < sizeof(base64_table) - 1; i++) - dtable[base64_table[i]] = (unsigned char) i; + dtable[table[i]] = (unsigned char) i; dtable['='] = 0; count = 0; @@ -114,21 +100,28 @@ unsigned char * base64_decode(const unsigned char *src, size_t len, count++; } - if (count == 0 || count % 4) + if (count == 0) return NULL; + extra_pad = (4 - count % 4) % 4; - olen = count / 4 * 3; + olen = (count + extra_pad) / 4 * 3; pos = out = os_malloc(olen); if (out == NULL) return NULL; count = 0; - for (i = 0; i < len; i++) { - tmp = dtable[src[i]]; + for (i = 0; i < len + extra_pad; i++) { + unsigned char val; + + if (i >= len) + val = '='; + else + val = src[i]; + tmp = dtable[val]; if (tmp == 0x80) continue; - if (src[i] == '=') + if (val == '=') pad++; block[count] = tmp; count++; @@ -155,3 +148,53 @@ unsigned char * base64_decode(const unsigned char *src, size_t len, *out_len = pos - out; return out; } + + +/** + * base64_encode - Base64 encode + * @src: Data to be encoded + * @len: Length of the data to be encoded + * @out_len: Pointer to output length variable, or %NULL if not used + * Returns: Allocated buffer of out_len bytes of encoded data, + * or %NULL on failure + * + * Caller is responsible for freeing the returned buffer. Returned buffer is + * nul terminated to make it easier to use as a C string. The nul terminator is + * not included in out_len. + */ +unsigned char * base64_encode(const unsigned char *src, size_t len, + size_t *out_len) +{ + return base64_gen_encode(src, len, out_len, base64_table, 1); +} + + +unsigned char * base64_url_encode(const unsigned char *src, size_t len, + size_t *out_len, int add_pad) +{ + return base64_gen_encode(src, len, out_len, base64_url_table, add_pad); +} + + +/** + * base64_decode - Base64 decode + * @src: Data to be decoded + * @len: Length of the data to be decoded + * @out_len: Pointer to output length variable + * Returns: Allocated buffer of out_len bytes of decoded data, + * or %NULL on failure + * + * Caller is responsible for freeing the returned buffer. + */ +unsigned char * base64_decode(const unsigned char *src, size_t len, + size_t *out_len) +{ + return base64_gen_decode(src, len, out_len, base64_table); +} + + +unsigned char * base64_url_decode(const unsigned char *src, size_t len, + size_t *out_len) +{ + return base64_gen_decode(src, len, out_len, base64_url_table); +} diff --git a/contrib/wpa/src/utils/base64.h b/contrib/wpa/src/utils/base64.h index aa21fd0fc1b7..5a72c3ebf522 100644 --- a/contrib/wpa/src/utils/base64.h +++ b/contrib/wpa/src/utils/base64.h @@ -13,5 +13,9 @@ unsigned char * base64_encode(const unsigned char *src, size_t len, size_t *out_len); unsigned char * base64_decode(const unsigned char *src, size_t len, size_t *out_len); +unsigned char * base64_url_encode(const unsigned char *src, size_t len, + size_t *out_len, int add_pad); +unsigned char * base64_url_decode(const unsigned char *src, size_t len, + size_t *out_len); #endif /* BASE64_H */ diff --git a/contrib/wpa/src/utils/browser-wpadebug.c b/contrib/wpa/src/utils/browser-wpadebug.c index 59ba4d1e02d8..dfb4b67977f8 100644 --- a/contrib/wpa/src/utils/browser-wpadebug.c +++ b/contrib/wpa/src/utils/browser-wpadebug.c @@ -52,7 +52,7 @@ static void http_req(void *ctx, struct http_request *req) eloop_terminate(); return; } - wpabuf_put_str(resp, "User input completed"); + wpabuf_put_str(resp, "HTTP/1.1\r\n\r\nUser input completed"); if (done) { eloop_cancel_timeout(browser_timeout, NULL, NULL); @@ -97,6 +97,7 @@ int hs20_web_browser(const char *url) if (pid == 0) { /* run the external command in the child process */ char *argv[14]; + char *envp[] = { "PATH=/system/bin:/vendor/bin", NULL }; argv[0] = "browser-wpadebug"; argv[1] = "start"; @@ -113,8 +114,8 @@ int hs20_web_browser(const char *url) argv[12] = "-3"; /* USER_CURRENT_OR_SELF */ argv[13] = NULL; - execv("/system/bin/am", argv); - wpa_printf(MSG_ERROR, "execv: %s", strerror(errno)); + execve("/system/bin/am", argv, envp); + wpa_printf(MSG_ERROR, "execve: %s", strerror(errno)); exit(0); return -1; } diff --git a/contrib/wpa/src/utils/common.c b/contrib/wpa/src/utils/common.c index 04a533a05902..1eb33705bef3 100644 --- a/contrib/wpa/src/utils/common.c +++ b/contrib/wpa/src/utils/common.c @@ -1200,3 +1200,24 @@ int str_starts(const char *str, const char *start) { return os_strncmp(str, start, os_strlen(start)) == 0; } + + +/** + * rssi_to_rcpi - Convert RSSI to RCPI + * @rssi: RSSI to convert + * Returns: RCPI corresponding to the given RSSI value, or 255 if not available. + * + * It's possible to estimate RCPI based on RSSI in dBm. This calculation will + * not reflect the correct value for high rates, but it's good enough for Action + * frames which are transmitted with up to 24 Mbps rates. + */ +u8 rssi_to_rcpi(int rssi) +{ + if (!rssi) + return 255; /* not available */ + if (rssi < -110) + return 0; + if (rssi > 0) + return 220; + return (rssi + 110) * 2; +} diff --git a/contrib/wpa/src/utils/common.h b/contrib/wpa/src/utils/common.h index 77856774d215..f824d001aeab 100644 --- a/contrib/wpa/src/utils/common.h +++ b/contrib/wpa/src/utils/common.h @@ -53,6 +53,15 @@ static inline unsigned int bswap_32(unsigned int v) } #endif /* __APPLE__ */ +#ifdef __rtems__ +#include <rtems/endian.h> +#define __BYTE_ORDER BYTE_ORDER +#define __LITTLE_ENDIAN LITTLE_ENDIAN +#define __BIG_ENDIAN BIG_ENDIAN +#define bswap_16 CPU_swap_u16 +#define bswap_32 CPU_swap_u32 +#endif /* __rtems__ */ + #ifdef CONFIG_NATIVE_WINDOWS #include <winsock.h> @@ -141,6 +150,7 @@ static inline unsigned int wpa_swap_32(unsigned int v) #define host_to_le32(n) (n) #define be_to_host32(n) wpa_swap_32(n) #define host_to_be32(n) wpa_swap_32(n) +#define host_to_le64(n) (n) #define WPA_BYTE_SWAP_DEFINED @@ -331,6 +341,9 @@ static inline void WPA_PUT_LE64(u8 *a, u64 val) #ifndef ETH_P_RRB #define ETH_P_RRB 0x890D #endif /* ETH_P_RRB */ +#ifndef ETH_P_OUI +#define ETH_P_OUI 0x88B7 +#endif /* ETH_P_OUI */ #ifdef __GNUC__ @@ -423,6 +436,7 @@ void perror(const char *s); #define __bitwise __attribute__((bitwise)) #else #define __force +#undef __bitwise #define __bitwise #endif @@ -552,6 +566,7 @@ int is_ctrl_char(char c); int str_starts(const char *str, const char *start); +u8 rssi_to_rcpi(int rssi); /* * gcc 4.4 ends up generating strict-aliasing warnings about some very common diff --git a/contrib/wpa/src/utils/crc32.c b/contrib/wpa/src/utils/crc32.c new file mode 100644 index 000000000000..12d9e2a7008e --- /dev/null +++ b/contrib/wpa/src/utils/crc32.c @@ -0,0 +1,85 @@ +/* + * 32-bit CRC for FCS calculation + * Copyright (c) 2010, Jouni Malinen <j@w1.fi> + * + * This software may be distributed under the terms of the BSD license. + * See README for more details. + */ + +#include "utils/includes.h" + +#include "utils/common.h" +#include "utils/crc32.h" + +/* + * IEEE 802.11 FCS CRC32 + * G(x) = x^32 + x^26 + x^23 + x^22 + x^16 + x^12 + x^11 + x^10 + x^8 + x^7 + + * x^5 + x^4 + x^2 + x + 1 + */ +static const u32 crc32_table[256] = { + 0x00000000, 0x77073096, 0xee0e612c, 0x990951ba, 0x076dc419, + 0x706af48f, 0xe963a535, 0x9e6495a3, 0x0edb8832, 0x79dcb8a4, + 0xe0d5e91e, 0x97d2d988, 0x09b64c2b, 0x7eb17cbd, 0xe7b82d07, + 0x90bf1d91, 0x1db71064, 0x6ab020f2, 0xf3b97148, 0x84be41de, + 0x1adad47d, 0x6ddde4eb, 0xf4d4b551, 0x83d385c7, 0x136c9856, + 0x646ba8c0, 0xfd62f97a, 0x8a65c9ec, 0x14015c4f, 0x63066cd9, + 0xfa0f3d63, 0x8d080df5, 0x3b6e20c8, 0x4c69105e, 0xd56041e4, + 0xa2677172, 0x3c03e4d1, 0x4b04d447, 0xd20d85fd, 0xa50ab56b, + 0x35b5a8fa, 0x42b2986c, 0xdbbbc9d6, 0xacbcf940, 0x32d86ce3, + 0x45df5c75, 0xdcd60dcf, 0xabd13d59, 0x26d930ac, 0x51de003a, + 0xc8d75180, 0xbfd06116, 0x21b4f4b5, 0x56b3c423, 0xcfba9599, + 0xb8bda50f, 0x2802b89e, 0x5f058808, 0xc60cd9b2, 0xb10be924, + 0x2f6f7c87, 0x58684c11, 0xc1611dab, 0xb6662d3d, 0x76dc4190, + 0x01db7106, 0x98d220bc, 0xefd5102a, 0x71b18589, 0x06b6b51f, + 0x9fbfe4a5, 0xe8b8d433, 0x7807c9a2, 0x0f00f934, 0x9609a88e, + 0xe10e9818, 0x7f6a0dbb, 0x086d3d2d, 0x91646c97, 0xe6635c01, + 0x6b6b51f4, 0x1c6c6162, 0x856530d8, 0xf262004e, 0x6c0695ed, + 0x1b01a57b, 0x8208f4c1, 0xf50fc457, 0x65b0d9c6, 0x12b7e950, + 0x8bbeb8ea, 0xfcb9887c, 0x62dd1ddf, 0x15da2d49, 0x8cd37cf3, + 0xfbd44c65, 0x4db26158, 0x3ab551ce, 0xa3bc0074, 0xd4bb30e2, + 0x4adfa541, 0x3dd895d7, 0xa4d1c46d, 0xd3d6f4fb, 0x4369e96a, + 0x346ed9fc, 0xad678846, 0xda60b8d0, 0x44042d73, 0x33031de5, + 0xaa0a4c5f, 0xdd0d7cc9, 0x5005713c, 0x270241aa, 0xbe0b1010, + 0xc90c2086, 0x5768b525, 0x206f85b3, 0xb966d409, 0xce61e49f, + 0x5edef90e, 0x29d9c998, 0xb0d09822, 0xc7d7a8b4, 0x59b33d17, + 0x2eb40d81, 0xb7bd5c3b, 0xc0ba6cad, 0xedb88320, 0x9abfb3b6, + 0x03b6e20c, 0x74b1d29a, 0xead54739, 0x9dd277af, 0x04db2615, + 0x73dc1683, 0xe3630b12, 0x94643b84, 0x0d6d6a3e, 0x7a6a5aa8, + 0xe40ecf0b, 0x9309ff9d, 0x0a00ae27, 0x7d079eb1, 0xf00f9344, + 0x8708a3d2, 0x1e01f268, 0x6906c2fe, 0xf762575d, 0x806567cb, + 0x196c3671, 0x6e6b06e7, 0xfed41b76, 0x89d32be0, 0x10da7a5a, + 0x67dd4acc, 0xf9b9df6f, 0x8ebeeff9, 0x17b7be43, 0x60b08ed5, + 0xd6d6a3e8, 0xa1d1937e, 0x38d8c2c4, 0x4fdff252, 0xd1bb67f1, + 0xa6bc5767, 0x3fb506dd, 0x48b2364b, 0xd80d2bda, 0xaf0a1b4c, + 0x36034af6, 0x41047a60, 0xdf60efc3, 0xa867df55, 0x316e8eef, + 0x4669be79, 0xcb61b38c, 0xbc66831a, 0x256fd2a0, 0x5268e236, + 0xcc0c7795, 0xbb0b4703, 0x220216b9, 0x5505262f, 0xc5ba3bbe, + 0xb2bd0b28, 0x2bb45a92, 0x5cb36a04, 0xc2d7ffa7, 0xb5d0cf31, + 0x2cd99e8b, 0x5bdeae1d, 0x9b64c2b0, 0xec63f226, 0x756aa39c, + 0x026d930a, 0x9c0906a9, 0xeb0e363f, 0x72076785, 0x05005713, + 0x95bf4a82, 0xe2b87a14, 0x7bb12bae, 0x0cb61b38, 0x92d28e9b, + 0xe5d5be0d, 0x7cdcefb7, 0x0bdbdf21, 0x86d3d2d4, 0xf1d4e242, + 0x68ddb3f8, 0x1fda836e, 0x81be16cd, 0xf6b9265b, 0x6fb077e1, + 0x18b74777, 0x88085ae6, 0xff0f6a70, 0x66063bca, 0x11010b5c, + 0x8f659eff, 0xf862ae69, 0x616bffd3, 0x166ccf45, 0xa00ae278, + 0xd70dd2ee, 0x4e048354, 0x3903b3c2, 0xa7672661, 0xd06016f7, + 0x4969474d, 0x3e6e77db, 0xaed16a4a, 0xd9d65adc, 0x40df0b66, + 0x37d83bf0, 0xa9bcae53, 0xdebb9ec5, 0x47b2cf7f, 0x30b5ffe9, + 0xbdbdf21c, 0xcabac28a, 0x53b39330, 0x24b4a3a6, 0xbad03605, + 0xcdd70693, 0x54de5729, 0x23d967bf, 0xb3667a2e, 0xc4614ab8, + 0x5d681b02, 0x2a6f2b94, 0xb40bbe37, 0xc30c8ea1, 0x5a05df1b, + 0x2d02ef8d +}; + + +u32 crc32(const u8 *frame, size_t frame_len) +{ + size_t i; + u32 crc; + + crc = 0xFFFFFFFF; + for (i = 0; i < frame_len; i++) + crc = crc32_table[(crc ^ frame[i]) & 0xff] ^ (crc >> 8); + + return ~crc; +} diff --git a/contrib/wpa/src/utils/crc32.h b/contrib/wpa/src/utils/crc32.h new file mode 100644 index 000000000000..dc31399beb63 --- /dev/null +++ b/contrib/wpa/src/utils/crc32.h @@ -0,0 +1,14 @@ +/* + * 32-bit CRC for FCS calculation + * Copyright (c) 2010, Jouni Malinen <j@w1.fi> + * + * This software may be distributed under the terms of the BSD license. + * See README for more details. + */ + +#ifndef CRC32_H +#define CRC32_H + +u32 crc32(const u8 *frame, size_t frame_len); + +#endif /* CRC32_H */ diff --git a/contrib/wpa/src/utils/eloop.h b/contrib/wpa/src/utils/eloop.h index 97af16f0130a..04ee6d1837b6 100644 --- a/contrib/wpa/src/utils/eloop.h +++ b/contrib/wpa/src/utils/eloop.h @@ -45,16 +45,16 @@ typedef void (*eloop_sock_handler)(int sock, void *eloop_ctx, void *sock_ctx); /** * eloop_event_handler - eloop generic event callback type * @eloop_ctx: Registered callback context data (eloop_data) - * @sock_ctx: Registered callback context data (user_data) + * @user_ctx: Registered callback context data (user_data) */ -typedef void (*eloop_event_handler)(void *eloop_data, void *user_ctx); +typedef void (*eloop_event_handler)(void *eloop_ctx, void *user_ctx); /** * eloop_timeout_handler - eloop timeout event callback type * @eloop_ctx: Registered callback context data (eloop_data) - * @sock_ctx: Registered callback context data (user_data) + * @user_ctx: Registered callback context data (user_data) */ -typedef void (*eloop_timeout_handler)(void *eloop_data, void *user_ctx); +typedef void (*eloop_timeout_handler)(void *eloop_ctx, void *user_ctx); /** * eloop_signal_handler - eloop signal event callback type diff --git a/contrib/wpa/src/utils/http_curl.c b/contrib/wpa/src/utils/http_curl.c index a06aae8d9b9d..58519ea8d248 100644 --- a/contrib/wpa/src/utils/http_curl.c +++ b/contrib/wpa/src/utils/http_curl.c @@ -486,12 +486,11 @@ static void add_logo(struct http_ctx *ctx, struct http_cert *hcert, return; n->hash_len = ASN1_STRING_length(hash->hashValue); - n->hash = os_malloc(n->hash_len); + n->hash = os_memdup(ASN1_STRING_data(hash->hashValue), n->hash_len); if (n->hash == NULL) { os_free(n->alg_oid); return; } - os_memcpy(n->hash, ASN1_STRING_data(hash->hashValue), n->hash_len); len = ASN1_STRING_length(uri); n->uri = os_malloc(len + 1); @@ -987,7 +986,7 @@ static int curl_cb_ssl_verify(int preverify_ok, X509_STORE_CTX *x509_ctx) ssl = X509_STORE_CTX_get_ex_data(x509_ctx, SSL_get_ex_data_X509_STORE_CTX_idx()); - ssl_ctx = ssl->ctx; + ssl_ctx = SSL_get_SSL_CTX(ssl); ctx = SSL_CTX_get_app_data(ssl_ctx); wpa_printf(MSG_DEBUG, "curl_cb_ssl_verify, preverify_ok: %d", @@ -1095,7 +1094,7 @@ static int ocsp_resp_cb(SSL *s, void *arg) { struct http_ctx *ctx = arg; const unsigned char *p; - int len, status, reason; + int len, status, reason, res; OCSP_RESPONSE *rsp; OCSP_BASICRESP *basic; OCSP_CERTID *id; @@ -1200,17 +1199,36 @@ static int ocsp_resp_cb(SSL *s, void *arg) return 0; } - id = OCSP_cert_to_id(NULL, ctx->peer_cert, ctx->peer_issuer); + id = OCSP_cert_to_id(EVP_sha256(), ctx->peer_cert, ctx->peer_issuer); if (!id) { - wpa_printf(MSG_DEBUG, "OpenSSL: Could not create OCSP certificate identifier"); + wpa_printf(MSG_DEBUG, + "OpenSSL: Could not create OCSP certificate identifier (SHA256)"); OCSP_BASICRESP_free(basic); OCSP_RESPONSE_free(rsp); ctx->last_err = "Could not create OCSP certificate identifier"; return 0; } - if (!OCSP_resp_find_status(basic, id, &status, &reason, &produced_at, - &this_update, &next_update)) { + res = OCSP_resp_find_status(basic, id, &status, &reason, &produced_at, + &this_update, &next_update); + if (!res) { + id = OCSP_cert_to_id(NULL, ctx->peer_cert, ctx->peer_issuer); + if (!id) { + wpa_printf(MSG_DEBUG, + "OpenSSL: Could not create OCSP certificate identifier (SHA1)"); + OCSP_BASICRESP_free(basic); + OCSP_RESPONSE_free(rsp); + ctx->last_err = + "Could not create OCSP certificate identifier"; + return 0; + } + + res = OCSP_resp_find_status(basic, id, &status, &reason, + &produced_at, &this_update, + &next_update); + } + + if (!res) { wpa_printf(MSG_INFO, "OpenSSL: Could not find current server certificate from OCSP response%s", (ctx->ocsp == MANDATORY_OCSP) ? "" : " (OCSP not required)"); diff --git a/contrib/wpa/src/utils/json.c b/contrib/wpa/src/utils/json.c new file mode 100644 index 000000000000..b9130d3a65ab --- /dev/null +++ b/contrib/wpa/src/utils/json.c @@ -0,0 +1,569 @@ +/* + * JavaScript Object Notation (JSON) parser (RFC7159) + * Copyright (c) 2017, Qualcomm Atheros, Inc. + * + * This software may be distributed under the terms of the BSD license. + * See README for more details. + */ + +#include "includes.h" + +#include "common.h" +#include "base64.h" +#include "json.h" + +#define JSON_MAX_DEPTH 10 +#define JSON_MAX_TOKENS 500 + + +void json_escape_string(char *txt, size_t maxlen, const char *data, size_t len) +{ + char *end = txt + maxlen; + size_t i; + + for (i = 0; i < len; i++) { + if (txt + 4 >= end) + break; + + switch (data[i]) { + case '\"': + *txt++ = '\\'; + *txt++ = '\"'; + break; + case '\\': + *txt++ = '\\'; + *txt++ = '\\'; + break; + case '\n': + *txt++ = '\\'; + *txt++ = 'n'; + break; + case '\r': + *txt++ = '\\'; + *txt++ = 'r'; + break; + case '\t': + *txt++ = '\\'; + *txt++ = 't'; + break; + default: + if (data[i] >= 32 && data[i] <= 126) { + *txt++ = data[i]; + } else { + txt += os_snprintf(txt, end - txt, "\\u%04x", + data[i]); + } + break; + } + } + + *txt = '\0'; +} + + +static char * json_parse_string(const char **json_pos, const char *end) +{ + const char *pos = *json_pos; + char *str, *spos, *s_end; + size_t max_len, buf_len; + u8 bin[2]; + + pos++; /* skip starting quote */ + + max_len = end - pos + 1; + buf_len = max_len > 10 ? 10 : max_len; + str = os_malloc(buf_len); + if (!str) + return NULL; + spos = str; + s_end = str + buf_len; + + for (; pos < end; pos++) { + if (buf_len < max_len && s_end - spos < 3) { + char *tmp; + int idx; + + idx = spos - str; + buf_len *= 2; + if (buf_len > max_len) + buf_len = max_len; + tmp = os_realloc(str, buf_len); + if (!tmp) + goto fail; + str = tmp; + spos = str + idx; + s_end = str + buf_len; + } + + switch (*pos) { + case '\"': /* end string */ + *spos = '\0'; + /* caller will move to the next position */ + *json_pos = pos; + return str; + case '\\': + pos++; + switch (*pos) { + case '"': + case '\\': + case '/': + *spos++ = *pos; + break; + case 'n': + *spos++ = '\n'; + break; + case 'r': + *spos++ = '\r'; + break; + case 't': + *spos++ = '\t'; + break; + case 'u': + if (end - pos < 5 || + hexstr2bin(pos + 1, bin, 2) < 0 || + bin[1] == 0x00) { + wpa_printf(MSG_DEBUG, + "JSON: Invalid \\u escape"); + goto fail; + } + if (bin[0] == 0x00) { + *spos++ = bin[1]; + } else { + *spos++ = bin[0]; + *spos++ = bin[1]; + } + pos += 4; + break; + default: + wpa_printf(MSG_DEBUG, + "JSON: Unknown escape '%c'", *pos); + goto fail; + } + break; + default: + *spos++ = *pos; + break; + } + } + +fail: + os_free(str); + return NULL; +} + + +static int json_parse_number(const char **json_pos, const char *end, + int *ret_val) +{ + const char *pos = *json_pos; + size_t len; + char *str; + + for (; pos < end; pos++) { + if (*pos != '-' && (*pos < '0' || *pos > '9')) { + pos--; + break; + } + } + if (pos < *json_pos) + return -1; + len = pos - *json_pos + 1; + str = os_malloc(len + 1); + if (!str) + return -1; + os_memcpy(str, *json_pos, len); + str[len] = '\0'; + + *ret_val = atoi(str); + os_free(str); + *json_pos = pos; + return 0; +} + + +static int json_check_tree_state(struct json_token *token) +{ + if (!token) + return 0; + if (json_check_tree_state(token->child) < 0 || + json_check_tree_state(token->sibling) < 0) + return -1; + if (token->state != JSON_COMPLETED) { + wpa_printf(MSG_DEBUG, + "JSON: Unexpected token state %d (name=%s type=%d)", + token->state, token->name ? token->name : "N/A", + token->type); + return -1; + } + return 0; +} + + +static struct json_token * json_alloc_token(unsigned int *tokens) +{ + (*tokens)++; + if (*tokens > JSON_MAX_TOKENS) { + wpa_printf(MSG_DEBUG, "JSON: Maximum token limit exceeded"); + return NULL; + } + return os_zalloc(sizeof(struct json_token)); +} + + +struct json_token * json_parse(const char *data, size_t data_len) +{ + struct json_token *root = NULL, *curr_token = NULL, *token = NULL; + const char *pos, *end; + char *str; + int num; + unsigned int depth = 0; + unsigned int tokens = 0; + + pos = data; + end = data + data_len; + + for (; pos < end; pos++) { + switch (*pos) { + case '[': /* start array */ + case '{': /* start object */ + if (!curr_token) { + token = json_alloc_token(&tokens); + if (!token) + goto fail; + if (!root) + root = token; + } else if (curr_token->state == JSON_WAITING_VALUE) { + token = curr_token; + } else if (curr_token->parent && + curr_token->parent->type == JSON_ARRAY && + curr_token->parent->state == JSON_STARTED && + curr_token->state == JSON_EMPTY) { + token = curr_token; + } else { + wpa_printf(MSG_DEBUG, + "JSON: Invalid state for start array/object"); + goto fail; + } + depth++; + if (depth > JSON_MAX_DEPTH) { + wpa_printf(MSG_DEBUG, + "JSON: Max depth exceeded"); + goto fail; + } + token->type = *pos == '[' ? JSON_ARRAY : JSON_OBJECT; + token->state = JSON_STARTED; + token->child = json_alloc_token(&tokens); + if (!token->child) + goto fail; + curr_token = token->child; + curr_token->parent = token; + curr_token->state = JSON_EMPTY; + break; + case ']': /* end array */ + case '}': /* end object */ + if (!curr_token || !curr_token->parent || + curr_token->parent->state != JSON_STARTED) { + wpa_printf(MSG_DEBUG, + "JSON: Invalid state for end array/object"); + goto fail; + } + depth--; + curr_token = curr_token->parent; + if ((*pos == ']' && + curr_token->type != JSON_ARRAY) || + (*pos == '}' && + curr_token->type != JSON_OBJECT)) { + wpa_printf(MSG_DEBUG, + "JSON: Array/Object mismatch"); + goto fail; + } + if (curr_token->child->state == JSON_EMPTY && + !curr_token->child->child && + !curr_token->child->sibling) { + /* Remove pending child token since the + * array/object was empty. */ + json_free(curr_token->child); + curr_token->child = NULL; + } + curr_token->state = JSON_COMPLETED; + break; + case '\"': /* string */ + str = json_parse_string(&pos, end); + if (!str) + goto fail; + if (!curr_token) { + token = json_alloc_token(&tokens); + if (!token) + goto fail; + token->type = JSON_STRING; + token->string = str; + token->state = JSON_COMPLETED; + } else if (curr_token->parent && + curr_token->parent->type == JSON_ARRAY && + curr_token->parent->state == JSON_STARTED && + curr_token->state == JSON_EMPTY) { + curr_token->string = str; + curr_token->state = JSON_COMPLETED; + curr_token->type = JSON_STRING; + wpa_printf(MSG_MSGDUMP, + "JSON: String value: '%s'", + curr_token->string); + } else if (curr_token->state == JSON_EMPTY) { + curr_token->type = JSON_VALUE; + curr_token->name = str; + curr_token->state = JSON_STARTED; + } else if (curr_token->state == JSON_WAITING_VALUE) { + curr_token->string = str; + curr_token->state = JSON_COMPLETED; + curr_token->type = JSON_STRING; + wpa_printf(MSG_MSGDUMP, + "JSON: String value: '%s' = '%s'", + curr_token->name, + curr_token->string); + } else { + wpa_printf(MSG_DEBUG, + "JSON: Invalid state for a string"); + os_free(str); + goto fail; + } + break; + case ' ': + case '\t': + case '\r': + case '\n': + /* ignore whitespace */ + break; + case ':': /* name/value separator */ + if (!curr_token || curr_token->state != JSON_STARTED) + goto fail; + curr_token->state = JSON_WAITING_VALUE; + break; + case ',': /* member separator */ + if (!curr_token) + goto fail; + curr_token->sibling = json_alloc_token(&tokens); + if (!curr_token->sibling) + goto fail; + curr_token->sibling->parent = curr_token->parent; + curr_token = curr_token->sibling; + curr_token->state = JSON_EMPTY; + break; + case 't': /* true */ + case 'f': /* false */ + case 'n': /* null */ + if (!((end - pos >= 4 && + os_strncmp(pos, "true", 4) == 0) || + (end - pos >= 5 && + os_strncmp(pos, "false", 5) == 0) || + (end - pos >= 4 && + os_strncmp(pos, "null", 4) == 0))) { + wpa_printf(MSG_DEBUG, + "JSON: Invalid literal name"); + goto fail; + } + if (!curr_token) { + token = json_alloc_token(&tokens); + if (!token) + goto fail; + curr_token = token; + } else if (curr_token->state == JSON_WAITING_VALUE) { + wpa_printf(MSG_MSGDUMP, + "JSON: Literal name: '%s' = %c", + curr_token->name, *pos); + } else if (curr_token->parent && + curr_token->parent->type == JSON_ARRAY && + curr_token->parent->state == JSON_STARTED && + curr_token->state == JSON_EMPTY) { + wpa_printf(MSG_MSGDUMP, + "JSON: Literal name: %c", *pos); + } else { + wpa_printf(MSG_DEBUG, + "JSON: Invalid state for a literal name"); + goto fail; + } + switch (*pos) { + case 't': + curr_token->type = JSON_BOOLEAN; + curr_token->number = 1; + pos += 3; + break; + case 'f': + curr_token->type = JSON_BOOLEAN; + curr_token->number = 0; + pos += 4; + break; + case 'n': + curr_token->type = JSON_NULL; + pos += 3; + break; + } + curr_token->state = JSON_COMPLETED; + break; + case '-': + case '0': + case '1': + case '2': + case '3': + case '4': + case '5': + case '6': + case '7': + case '8': + case '9': + /* number */ + if (json_parse_number(&pos, end, &num) < 0) + goto fail; + if (!curr_token) { + token = json_alloc_token(&tokens); + if (!token) + goto fail; + token->type = JSON_NUMBER; + token->number = num; + token->state = JSON_COMPLETED; + } else if (curr_token->state == JSON_WAITING_VALUE) { + curr_token->number = num; + curr_token->state = JSON_COMPLETED; + curr_token->type = JSON_NUMBER; + wpa_printf(MSG_MSGDUMP, + "JSON: Number value: '%s' = '%d'", + curr_token->name, + curr_token->number); + } else if (curr_token->parent && + curr_token->parent->type == JSON_ARRAY && + curr_token->parent->state == JSON_STARTED && + curr_token->state == JSON_EMPTY) { + curr_token->number = num; + curr_token->state = JSON_COMPLETED; + curr_token->type = JSON_NUMBER; + wpa_printf(MSG_MSGDUMP, + "JSON: Number value: %d", + curr_token->number); + } else { + wpa_printf(MSG_DEBUG, + "JSON: Invalid state for a number"); + goto fail; + } + break; + default: + wpa_printf(MSG_DEBUG, + "JSON: Unexpected JSON character: %c", *pos); + goto fail; + } + + if (!root) + root = token; + if (!curr_token) + curr_token = token; + } + + if (json_check_tree_state(root) < 0) { + wpa_printf(MSG_DEBUG, "JSON: Incomplete token in the tree"); + goto fail; + } + + return root; +fail: + wpa_printf(MSG_DEBUG, "JSON: Parsing failed"); + json_free(root); + return NULL; +} + + +void json_free(struct json_token *json) +{ + if (!json) + return; + json_free(json->child); + json_free(json->sibling); + os_free(json->name); + os_free(json->string); + os_free(json); +} + + +struct json_token * json_get_member(struct json_token *json, const char *name) +{ + struct json_token *token, *ret = NULL; + + if (!json || json->type != JSON_OBJECT) + return NULL; + /* Return last matching entry */ + for (token = json->child; token; token = token->sibling) { + if (token->name && os_strcmp(token->name, name) == 0) + ret = token; + } + return ret; +} + + +struct wpabuf * json_get_member_base64url(struct json_token *json, + const char *name) +{ + struct json_token *token; + unsigned char *buf; + size_t buflen; + struct wpabuf *ret; + + token = json_get_member(json, name); + if (!token || token->type != JSON_STRING) + return NULL; + buf = base64_url_decode((const unsigned char *) token->string, + os_strlen(token->string), &buflen); + if (!buf) + return NULL; + ret = wpabuf_alloc_ext_data(buf, buflen); + if (!ret) + os_free(buf); + + return ret; +} + + +static const char * json_type_str(enum json_type type) +{ + switch (type) { + case JSON_VALUE: + return "VALUE"; + case JSON_OBJECT: + return "OBJECT"; + case JSON_ARRAY: + return "ARRAY"; + case JSON_STRING: + return "STRING"; + case JSON_NUMBER: + return "NUMBER"; + case JSON_BOOLEAN: + return "BOOLEAN"; + case JSON_NULL: + return "NULL"; + } + return "??"; +} + + +static void json_print_token(struct json_token *token, int depth, + char *buf, size_t buflen) +{ + size_t len; + int ret; + + if (!token) + return; + len = os_strlen(buf); + ret = os_snprintf(buf + len, buflen - len, "[%d:%s:%s]", + depth, json_type_str(token->type), + token->name ? token->name : ""); + if (os_snprintf_error(buflen - len, ret)) { + buf[len] = '\0'; + return; + } + json_print_token(token->child, depth + 1, buf, buflen); + json_print_token(token->sibling, depth, buf, buflen); +} + + +void json_print_tree(struct json_token *root, char *buf, size_t buflen) +{ + buf[0] = '\0'; + json_print_token(root, 1, buf, buflen); +} diff --git a/contrib/wpa/src/utils/json.h b/contrib/wpa/src/utils/json.h new file mode 100644 index 000000000000..8faa95d8bf20 --- /dev/null +++ b/contrib/wpa/src/utils/json.h @@ -0,0 +1,42 @@ +/* + * JavaScript Object Notation (JSON) parser (RFC7159) + * Copyright (c) 2017, Qualcomm Atheros, Inc. + * + * This software may be distributed under the terms of the BSD license. + * See README for more details. + */ + +#ifndef JSON_H +#define JSON_H + +struct json_token { + enum json_type { + JSON_VALUE, + JSON_OBJECT, + JSON_ARRAY, + JSON_STRING, + JSON_NUMBER, + JSON_BOOLEAN, + JSON_NULL, + } type; + enum json_parsing_state { + JSON_EMPTY, + JSON_STARTED, + JSON_WAITING_VALUE, + JSON_COMPLETED, + } state; + char *name; + char *string; + int number; + struct json_token *parent, *child, *sibling; +}; + +void json_escape_string(char *txt, size_t maxlen, const char *data, size_t len); +struct json_token * json_parse(const char *data, size_t data_len); +void json_free(struct json_token *json); +struct json_token * json_get_member(struct json_token *json, const char *name); +struct wpabuf * json_get_member_base64url(struct json_token *json, + const char *name); +void json_print_tree(struct json_token *root, char *buf, size_t buflen); + +#endif /* JSON_H */ diff --git a/contrib/wpa/src/utils/os.h b/contrib/wpa/src/utils/os.h index e8f0b792738a..21ba5c3ff85b 100644 --- a/contrib/wpa/src/utils/os.h +++ b/contrib/wpa/src/utils/os.h @@ -614,6 +614,18 @@ size_t os_strlcpy(char *dest, const char *src, size_t siz); */ int os_memcmp_const(const void *a, const void *b, size_t len); + +/** + * os_memdup - Allocate duplicate of passed memory chunk + * @src: Source buffer to duplicate + * @len: Length of source buffer + * Returns: %NULL if allocation failed, copy of src buffer otherwise + * + * This function allocates a memory block like os_malloc() would, and + * copies the given source buffer into it. + */ +void * os_memdup(const void *src, size_t len); + /** * os_exec - Execute an external program * @program: Path to the program diff --git a/contrib/wpa/src/utils/os_none.c b/contrib/wpa/src/utils/os_none.c index 0c3214d32ce5..e74f206a2c5a 100644 --- a/contrib/wpa/src/utils/os_none.c +++ b/contrib/wpa/src/utils/os_none.c @@ -114,6 +114,12 @@ void * os_zalloc(size_t size) } +void * os_memdup(const void *src, size_t n) +{ + return NULL; +} + + #ifdef OS_NO_C_LIB_DEFINES void * os_malloc(size_t size) { diff --git a/contrib/wpa/src/utils/os_unix.c b/contrib/wpa/src/utils/os_unix.c index a8cc7cb4bb7c..23bc6cb54dc3 100644 --- a/contrib/wpa/src/utils/os_unix.c +++ b/contrib/wpa/src/utils/os_unix.c @@ -80,6 +80,9 @@ int os_get_reltime(struct os_reltime *t) struct timespec ts; int res; + if (TEST_FAIL()) + return -1; + while (1) { res = clock_gettime(clock_id, &ts); if (res == 0) { @@ -532,6 +535,16 @@ int os_memcmp_const(const void *a, const void *b, size_t len) } +void * os_memdup(const void *src, size_t len) +{ + void *r = os_malloc(len); + + if (r) + os_memcpy(r, src, len); + return r; +} + + #ifdef WPA_TRACE #if defined(WPA_TRACE_BFD) && defined(CONFIG_TESTING_OPTIONS) @@ -564,6 +577,8 @@ static int testing_fail_alloc(void) i++; if (i < res && os_strcmp(func[i], "os_strdup") == 0) i++; + if (i < res && os_strcmp(func[i], "os_memdup") == 0) + i++; pos = wpa_trace_fail_func; diff --git a/contrib/wpa/src/utils/os_win32.c b/contrib/wpa/src/utils/os_win32.c index dea27b9f2ad8..f9e4b308ea5f 100644 --- a/contrib/wpa/src/utils/os_win32.c +++ b/contrib/wpa/src/utils/os_win32.c @@ -283,3 +283,13 @@ int os_exec(const char *program, const char *arg, int wait_completion) { return -1; } + + +void * os_memdup(const void *src, size_t len) +{ + void *r = os_malloc(len); + + if (r) + os_memcpy(r, src, len); + return r; +} diff --git a/contrib/wpa/src/utils/trace.c b/contrib/wpa/src/utils/trace.c index d72cf604f8e9..e0b5b0bb99f5 100644 --- a/contrib/wpa/src/utils/trace.c +++ b/contrib/wpa/src/utils/trace.c @@ -6,6 +6,10 @@ * See README for more details. */ +#ifdef WPA_TRACE_BFD +#define _GNU_SOURCE +#include <link.h> +#endif /* WPA_TRACE_BCD */ #include "includes.h" #include "common.h" @@ -25,6 +29,28 @@ static struct dl_list active_references = static char *prg_fname = NULL; static bfd *cached_abfd = NULL; static asymbol **syms = NULL; +static unsigned long start_offset; +static int start_offset_looked_up; + + +static int callback(struct dl_phdr_info *info, size_t size, void *data) +{ + /* + * dl_iterate_phdr(3): + * "The first object visited by callback is the main program." + */ + start_offset = info->dlpi_addr; + + /* + * dl_iterate_phdr(3): + * "The dl_iterate_phdr() function walks through the list of an + * application's shared objects and calls the function callback + * once for each object, until either all shared objects have + * been processed or callback returns a nonzero value." + */ + return 1; +} + static void get_prg_fname(void) { @@ -160,7 +186,7 @@ static void wpa_trace_bfd_addr(void *pc) if (abfd == NULL) return; - data.pc = (bfd_hostptr_t) pc; + data.pc = (bfd_hostptr_t) (pc - start_offset); data.found = FALSE; bfd_map_over_sections(abfd, find_addr_sect, &data); @@ -201,7 +227,7 @@ static const char * wpa_trace_bfd_addr2func(void *pc) if (abfd == NULL) return NULL; - data.pc = (bfd_hostptr_t) pc; + data.pc = (bfd_hostptr_t) (pc - start_offset); data.found = FALSE; bfd_map_over_sections(abfd, find_addr_sect, &data); @@ -233,6 +259,11 @@ static void wpa_trace_bfd_init(void) wpa_printf(MSG_INFO, "Failed to read symbols"); return; } + + if (!start_offset_looked_up) { + dl_iterate_phdr(callback, NULL); + start_offset_looked_up = 1; + } } @@ -268,7 +299,7 @@ size_t wpa_trace_calling_func(const char *buf[], size_t len) for (i = 0; i < btrace_num; i++) { struct bfd_data data; - data.pc = (bfd_hostptr_t) btrace_res[i]; + data.pc = (bfd_hostptr_t) (btrace_res[i] - start_offset); data.found = FALSE; bfd_map_over_sections(abfd, find_addr_sect, &data); diff --git a/contrib/wpa/src/utils/utils_module_tests.c b/contrib/wpa/src/utils/utils_module_tests.c index abdb79c9879c..1b8ff82b4173 100644 --- a/contrib/wpa/src/utils/utils_module_tests.c +++ b/contrib/wpa/src/utils/utils_module_tests.c @@ -16,6 +16,7 @@ #include "utils/base64.h" #include "utils/ip_addr.h" #include "utils/eloop.h" +#include "utils/json.h" #include "utils/module_tests.h" @@ -839,6 +840,85 @@ static int eloop_tests(void) } +#ifdef CONFIG_JSON +struct json_test_data { + const char *json; + const char *tree; +}; + +static const struct json_test_data json_test_cases[] = { + { "{}", "[1:OBJECT:]" }, + { "[]", "[1:ARRAY:]" }, + { "{", NULL }, + { "[", NULL }, + { "}", NULL }, + { "]", NULL }, + { "[[]]", "[1:ARRAY:][2:ARRAY:]" }, + { "{\"t\":\"test\"}", "[1:OBJECT:][2:STRING:t]" }, + { "{\"t\":123}", "[1:OBJECT:][2:NUMBER:t]" }, + { "{\"t\":true}", "[1:OBJECT:][2:BOOLEAN:t]" }, + { "{\"t\":false}", "[1:OBJECT:][2:BOOLEAN:t]" }, + { "{\"t\":null}", "[1:OBJECT:][2:NULL:t]" }, + { "{\"t\":truetrue}", NULL }, + { "\"test\"", "[1:STRING:]" }, + { "123", "[1:NUMBER:]" }, + { "true", "[1:BOOLEAN:]" }, + { "false", "[1:BOOLEAN:]" }, + { "null", "[1:NULL:]" }, + { "truetrue", NULL }, + { " {\t\n\r\"a\"\n:\r1\n,\n\"b\":3\n}\n", + "[1:OBJECT:][2:NUMBER:a][2:NUMBER:b]" }, + { ",", NULL }, + { "{,}", NULL }, + { "[,]", NULL }, + { ":", NULL }, + { "{:}", NULL }, + { "[:]", NULL }, + { "{ \"\\u005c\" : \"\\u005c\" }", "[1:OBJECT:][2:STRING:\\]" }, + { "[{},{}]", "[1:ARRAY:][2:OBJECT:][2:OBJECT:]" }, + { "[1,2]", "[1:ARRAY:][2:NUMBER:][2:NUMBER:]" }, + { "[\"1\",\"2\"]", "[1:ARRAY:][2:STRING:][2:STRING:]" }, + { "[true,false]", "[1:ARRAY:][2:BOOLEAN:][2:BOOLEAN:]" }, +}; +#endif /* CONFIG_JSON */ + + +static int json_tests(void) +{ +#ifdef CONFIG_JSON + unsigned int i; + struct json_token *root; + char buf[1000]; + + wpa_printf(MSG_INFO, "JSON tests"); + + for (i = 0; i < ARRAY_SIZE(json_test_cases); i++) { + const struct json_test_data *test = &json_test_cases[i]; + int res = 0; + + root = json_parse(test->json, os_strlen(test->json)); + if ((root && !test->tree) || (!root && test->tree)) { + wpa_printf(MSG_INFO, "JSON test %u failed", i); + res = -1; + } else if (root) { + json_print_tree(root, buf, sizeof(buf)); + if (os_strcmp(buf, test->tree) != 0) { + wpa_printf(MSG_INFO, + "JSON test %u tree mismatch: %s %s", + i, buf, test->tree); + res = -1; + } + } + json_free(root); + if (res < 0) + return -1; + + } +#endif /* CONFIG_JSON */ + return 0; +} + + int utils_module_tests(void) { int ret = 0; @@ -855,6 +935,7 @@ int utils_module_tests(void) wpabuf_tests() < 0 || ip_addr_tests() < 0 || eloop_tests() < 0 || + json_tests() < 0 || int_array_tests() < 0) ret = -1; diff --git a/contrib/wpa/src/utils/uuid.c b/contrib/wpa/src/utils/uuid.c index 0f224f976b80..98e43d02f68b 100644 --- a/contrib/wpa/src/utils/uuid.c +++ b/contrib/wpa/src/utils/uuid.c @@ -9,6 +9,7 @@ #include "includes.h" #include "common.h" +#include "crypto/sha256.h" #include "uuid.h" int uuid_str2bin(const char *str, u8 *bin) @@ -69,3 +70,27 @@ int is_nil_uuid(const u8 *uuid) return 0; return 1; } + + +int uuid_random(u8 *uuid) +{ + struct os_time t; + u8 hash[SHA256_MAC_LEN]; + + /* Use HMAC-SHA256 and timestamp as context to avoid exposing direct + * os_get_random() output in the UUID field. */ + os_get_time(&t); + if (os_get_random(uuid, UUID_LEN) < 0 || + hmac_sha256(uuid, UUID_LEN, (const u8 *) &t, sizeof(t), hash) < 0) + return -1; + + os_memcpy(uuid, hash, UUID_LEN); + + /* Version: 4 = random */ + uuid[6] = (4 << 4) | (uuid[6] & 0x0f); + + /* Variant specified in RFC 4122 */ + uuid[8] = 0x80 | (uuid[8] & 0x3f); + + return 0; +} diff --git a/contrib/wpa/src/utils/uuid.h b/contrib/wpa/src/utils/uuid.h index 5e860cbc5936..6e20210f99b9 100644 --- a/contrib/wpa/src/utils/uuid.h +++ b/contrib/wpa/src/utils/uuid.h @@ -14,5 +14,6 @@ int uuid_str2bin(const char *str, u8 *bin); int uuid_bin2str(const u8 *bin, char *str, size_t max_len); int is_nil_uuid(const u8 *uuid); +int uuid_random(u8 *uuid); #endif /* UUID_H */ diff --git a/contrib/wpa/src/utils/wpa_debug.c b/contrib/wpa/src/utils/wpa_debug.c index f7acf6b9f698..a56462b8bbdc 100644 --- a/contrib/wpa/src/utils/wpa_debug.c +++ b/contrib/wpa/src/utils/wpa_debug.c @@ -13,7 +13,7 @@ #ifdef CONFIG_DEBUG_SYSLOG #include <syslog.h> -static int wpa_debug_syslog = 0; +int wpa_debug_syslog = 0; #endif /* CONFIG_DEBUG_SYSLOG */ #ifdef CONFIG_DEBUG_LINUX_TRACING @@ -58,6 +58,10 @@ static int wpa_to_android_level(int level) #ifndef CONFIG_NO_STDOUT_DEBUG #ifdef CONFIG_DEBUG_FILE +#include <sys/types.h> +#include <sys/stat.h> +#include <fcntl.h> + static FILE *out_file = NULL; #endif /* CONFIG_DEBUG_FILE */ @@ -539,6 +543,8 @@ int wpa_debug_reopen_file(void) int wpa_debug_open_file(const char *path) { #ifdef CONFIG_DEBUG_FILE + int out_fd; + if (!path) return 0; @@ -548,10 +554,28 @@ int wpa_debug_open_file(const char *path) last_path = os_strdup(path); } - out_file = fopen(path, "a"); + out_fd = open(path, O_CREAT | O_APPEND | O_WRONLY, + S_IRUSR | S_IWUSR | S_IRGRP); + if (out_fd < 0) { + wpa_printf(MSG_ERROR, + "%s: Failed to open output file descriptor, using standard output", + __func__); + return -1; + } + +#ifdef __linux__ + if (fcntl(out_fd, F_SETFD, FD_CLOEXEC) < 0) { + wpa_printf(MSG_DEBUG, + "%s: Failed to set FD_CLOEXEC - continue without: %s", + __func__, strerror(errno)); + } +#endif /* __linux__ */ + + out_file = fdopen(out_fd, "a"); if (out_file == NULL) { wpa_printf(MSG_ERROR, "wpa_debug_open_file: Failed to open " "output file, using standard output"); + close(out_fd); return -1; } #ifndef _WIN32 diff --git a/contrib/wpa/src/utils/wpa_debug.h b/contrib/wpa/src/utils/wpa_debug.h index 17d8f963802e..1fe0b7db7482 100644 --- a/contrib/wpa/src/utils/wpa_debug.h +++ b/contrib/wpa/src/utils/wpa_debug.h @@ -14,6 +14,9 @@ extern int wpa_debug_level; extern int wpa_debug_show_keys; extern int wpa_debug_timestamp; +#ifdef CONFIG_DEBUG_SYSLOG +extern int wpa_debug_syslog; +#endif /* CONFIG_DEBUG_SYSLOG */ /* Debugging function - conditional printf and hex dump. Driver wrappers can * use these for debugging purposes. */ diff --git a/contrib/wpa/src/utils/wpabuf.c b/contrib/wpa/src/utils/wpabuf.c index 96cb25cc1764..77ee47288007 100644 --- a/contrib/wpa/src/utils/wpabuf.c +++ b/contrib/wpa/src/utils/wpabuf.c @@ -244,15 +244,13 @@ struct wpabuf * wpabuf_concat(struct wpabuf *a, struct wpabuf *b) if (a) len += wpabuf_len(a); - if (b) - len += wpabuf_len(b); + len += wpabuf_len(b); n = wpabuf_alloc(len); if (n) { if (a) wpabuf_put_buf(n, a); - if (b) - wpabuf_put_buf(n, b); + wpabuf_put_buf(n, b); } wpabuf_free(a); diff --git a/contrib/wpa/src/utils/xml-utils.c b/contrib/wpa/src/utils/xml-utils.c index 4916d29765f9..dae91fee46f6 100644 --- a/contrib/wpa/src/utils/xml-utils.c +++ b/contrib/wpa/src/utils/xml-utils.c @@ -246,10 +246,10 @@ static void node_to_tnds(struct xml_node_ctx *ctx, xml_node_t *out, xml_node_create_text(ctx, tnds, NULL, "Path", uri); val = get_val(ctx, node); - if (val) { - xml_node_create_text(ctx, tnds, NULL, "Value", val); - xml_node_get_text_free(ctx, val); - } + if (val || !xml_node_first_child(ctx, node)) + xml_node_create_text(ctx, tnds, NULL, "Value", + val ? val : ""); + xml_node_get_text_free(ctx, val); new_uri = add_path(uri, name); node_to_tnds(ctx, new_uri ? out : tnds, node, new_uri); diff --git a/contrib/wpa/src/wps/wps.c b/contrib/wpa/src/wps/wps.c index fade6b6905dc..8d228270ff10 100644 --- a/contrib/wpa/src/wps/wps.c +++ b/contrib/wpa/src/wps/wps.c @@ -51,12 +51,11 @@ struct wps_data * wps_init(const struct wps_config *cfg) } if (cfg->pin) { data->dev_pw_id = cfg->dev_pw_id; - data->dev_password = os_malloc(cfg->pin_len); + data->dev_password = os_memdup(cfg->pin, cfg->pin_len); if (data->dev_password == NULL) { os_free(data); return NULL; } - os_memcpy(data->dev_password, cfg->pin, cfg->pin_len); data->dev_password_len = cfg->pin_len; wpa_hexdump_key(MSG_DEBUG, "WPS: AP PIN dev_password", data->dev_password, data->dev_password_len); @@ -75,14 +74,12 @@ struct wps_data * wps_init(const struct wps_config *cfg) data->dev_pw_id = cfg->wps->ap_nfc_dev_pw_id; data->dev_password = - os_malloc(wpabuf_len(cfg->wps->ap_nfc_dev_pw)); + os_memdup(wpabuf_head(cfg->wps->ap_nfc_dev_pw), + wpabuf_len(cfg->wps->ap_nfc_dev_pw)); if (data->dev_password == NULL) { os_free(data); return NULL; } - os_memcpy(data->dev_password, - wpabuf_head(cfg->wps->ap_nfc_dev_pw), - wpabuf_len(cfg->wps->ap_nfc_dev_pw)); data->dev_password_len = wpabuf_len(cfg->wps->ap_nfc_dev_pw); wpa_hexdump_key(MSG_DEBUG, "WPS: NFC dev_password", data->dev_password, data->dev_password_len); @@ -124,15 +121,14 @@ struct wps_data * wps_init(const struct wps_config *cfg) if (cfg->new_ap_settings) { data->new_ap_settings = - os_malloc(sizeof(*data->new_ap_settings)); + os_memdup(cfg->new_ap_settings, + sizeof(*data->new_ap_settings)); if (data->new_ap_settings == NULL) { bin_clear_free(data->dev_password, data->dev_password_len); os_free(data); return NULL; } - os_memcpy(data->new_ap_settings, cfg->new_ap_settings, - sizeof(*data->new_ap_settings)); } if (cfg->peer_addr) diff --git a/contrib/wpa/src/wps/wps_common.c b/contrib/wpa/src/wps/wps_common.c index 2e3472177de9..bcae1ba5887b 100644 --- a/contrib/wpa/src/wps/wps_common.c +++ b/contrib/wpa/src/wps/wps_common.c @@ -654,6 +654,7 @@ int wps_nfc_gen_dh(struct wpabuf **pubkey, struct wpabuf **privkey) pub = wpabuf_zeropad(pub, 192); if (pub == NULL) { wpabuf_free(priv); + dh5_free(dh_ctx); return -1; } wpa_hexdump_buf(MSG_DEBUG, "WPS: Generated new DH pubkey", pub); diff --git a/contrib/wpa/src/wps/wps_er.c b/contrib/wpa/src/wps/wps_er.c index b840acd924a7..affd6a4af38a 100644 --- a/contrib/wpa/src/wps/wps_er.c +++ b/contrib/wpa/src/wps/wps_er.c @@ -322,11 +322,10 @@ static int wps_er_ap_use_cached_settings(struct wps_er *er, if (!s) return -1; - ap->ap_settings = os_malloc(sizeof(*ap->ap_settings)); + ap->ap_settings = os_memdup(&s->ap_settings, sizeof(*ap->ap_settings)); if (ap->ap_settings == NULL) return -1; - os_memcpy(ap->ap_settings, &s->ap_settings, sizeof(*ap->ap_settings)); wpa_printf(MSG_DEBUG, "WPS ER: Use cached AP settings"); return 0; } @@ -1958,10 +1957,9 @@ int wps_er_set_config(struct wps_er *er, const u8 *uuid, const u8 *addr, } os_free(ap->ap_settings); - ap->ap_settings = os_malloc(sizeof(*cred)); + ap->ap_settings = os_memdup(cred, sizeof(*cred)); if (ap->ap_settings == NULL) return -1; - os_memcpy(ap->ap_settings, cred, sizeof(*cred)); ap->ap_settings->cred_attr = NULL; wpa_printf(MSG_DEBUG, "WPS ER: Updated local AP settings based set " "config request"); @@ -2018,10 +2016,9 @@ int wps_er_config(struct wps_er *er, const u8 *uuid, const u8 *addr, } os_free(ap->ap_settings); - ap->ap_settings = os_malloc(sizeof(*cred)); + ap->ap_settings = os_memdup(cred, sizeof(*cred)); if (ap->ap_settings == NULL) return -1; - os_memcpy(ap->ap_settings, cred, sizeof(*cred)); ap->ap_settings->cred_attr = NULL; if (wps_er_send_get_device_info(ap, wps_er_ap_config_m1) < 0) diff --git a/contrib/wpa/src/wps/wps_registrar.c b/contrib/wpa/src/wps/wps_registrar.c index fac8bd837f2f..379925e3f0a9 100644 --- a/contrib/wpa/src/wps/wps_registrar.c +++ b/contrib/wpa/src/wps/wps_registrar.c @@ -748,12 +748,11 @@ int wps_registrar_add_pin(struct wps_registrar *reg, const u8 *addr, p->wildcard_uuid = 1; else os_memcpy(p->uuid, uuid, WPS_UUID_LEN); - p->pin = os_malloc(pin_len); + p->pin = os_memdup(pin, pin_len); if (p->pin == NULL) { os_free(p); return -1; } - os_memcpy(p->pin, pin, pin_len); p->pin_len = pin_len; if (timeout) { @@ -881,6 +880,7 @@ static const u8 * wps_registrar_get_pin(struct wps_registrar *reg, const u8 *uuid, size_t *pin_len) { struct wps_uuid_pin *pin, *found = NULL; + int wildcard = 0; wps_registrar_expire_pins(reg); @@ -900,7 +900,7 @@ static const u8 * wps_registrar_get_pin(struct wps_registrar *reg, pin->wildcard_uuid == 2) { wpa_printf(MSG_DEBUG, "WPS: Found a wildcard " "PIN. Assigned it for this UUID-E"); - pin->wildcard_uuid++; + wildcard = 1; os_memcpy(pin->uuid, uuid, WPS_UUID_LEN); found = pin; break; @@ -922,6 +922,8 @@ static const u8 * wps_registrar_get_pin(struct wps_registrar *reg, } *pin_len = found->pin_len; found->flags |= PIN_LOCKED; + if (wildcard) + found->wildcard_uuid++; return found->pin; } @@ -1404,10 +1406,9 @@ static int wps_get_dev_password(struct wps_data *wps) return -1; } - wps->dev_password = os_malloc(pin_len); + wps->dev_password = os_memdup(pin, pin_len); if (wps->dev_password == NULL) return -1; - os_memcpy(wps->dev_password, pin, pin_len); wps->dev_password_len = pin_len; return 0; diff --git a/contrib/wpa/wpa_supplicant/Android.mk b/contrib/wpa/wpa_supplicant/Android.mk index a8d6a7f944e9..a6809956d86f 100644 --- a/contrib/wpa/wpa_supplicant/Android.mk +++ b/contrib/wpa/wpa_supplicant/Android.mk @@ -92,7 +92,10 @@ OBJS += eap_register.c OBJS += src/utils/common.c OBJS += src/utils/wpa_debug.c OBJS += src/utils/wpabuf.c +OBJS += src/utils/bitfield.c OBJS += wmm_ac.c +OBJS += op_classes.c +OBJS += rrm.c OBJS_p = wpa_passphrase.c OBJS_p += src/utils/common.c OBJS_p += src/utils/wpa_debug.c @@ -221,8 +224,6 @@ ifdef CONFIG_MESH NEED_80211_COMMON=y NEED_SHA256=y NEED_AES_SIV=y -NEED_AES_OMAC1=y -NEED_AES_CTR=y CONFIG_SAE=y CONFIG_AP=y L_CFLAGS += -DCONFIG_MESH @@ -238,6 +239,47 @@ NEED_ECC=y NEED_DH_GROUPS=y endif +ifdef CONFIG_DPP +L_CFLAGS += -DCONFIG_DPP +OBJS += src/common/dpp.c +OBJS += dpp_supplicant.c +NEED_AES_SIV=y +NEED_HMAC_SHA256_KDF=y +NEED_HMAC_SHA384_KDF=y +NEED_HMAC_SHA512_KDF=y +NEED_SHA256=y +NEED_SHA384=y +NEED_SHA512=y +NEED_JSON=y +NEED_GAS_SERVER=y +NEED_BASE64=y +endif + +ifdef CONFIG_OWE +L_CFLAGS += -DCONFIG_OWE +NEED_ECC=y +NEED_HMAC_SHA256_KDF=y +NEED_HMAC_SHA384_KDF=y +NEED_HMAC_SHA512_KDF=y +NEED_SHA256=y +NEED_SHA384=y +NEED_SHA512=y +endif + +ifdef CONFIG_FILS +L_CFLAGS += -DCONFIG_FILS +NEED_SHA384=y +NEED_AES_SIV=y +ifdef CONFIG_FILS_SK_PFS +L_CFLAGS += -DCONFIG_FILS_SK_PFS +NEED_ECC=y +endif +endif + +ifdef CONFIG_MBO +CONFIG_WNM=y +endif + ifdef CONFIG_WNM L_CFLAGS += -DCONFIG_WNM OBJS += wnm_sta.c @@ -254,15 +296,14 @@ ifdef CONFIG_TDLS_TESTING L_CFLAGS += -DCONFIG_TDLS_TESTING endif -ifdef CONFIG_PEERKEY -L_CFLAGS += -DCONFIG_PEERKEY +ifdef CONFIG_PMKSA_CACHE_EXTERNAL +L_CFLAGS += -DCONFIG_PMKSA_CACHE_EXTERNAL endif ifndef CONFIG_NO_WPA OBJS += src/rsn_supp/wpa.c OBJS += src/rsn_supp/preauth.c OBJS += src/rsn_supp/pmksa_cache.c -OBJS += src/rsn_supp/peerkey.c OBJS += src/rsn_supp/wpa_ie.c OBJS += src/common/wpa_common.c NEED_AES=y @@ -294,7 +335,6 @@ OBJS += src/p2p/p2p_invitation.c OBJS += src/p2p/p2p_dev_disc.c OBJS += src/p2p/p2p_group.c OBJS += src/ap/p2p_hostapd.c -OBJS += src/utils/bitfield.c L_CFLAGS += -DCONFIG_P2P NEED_GAS=y NEED_OFFCHANNEL=y @@ -640,6 +680,7 @@ L_CFLAGS += -DEAP_PWD OBJS += src/eap_peer/eap_pwd.c src/eap_common/eap_pwd_common.c CONFIG_IEEE8021X_EAPOL=y NEED_SHA256=y +NEED_ECC=y endif ifdef CONFIG_EAP_EKE @@ -811,13 +852,20 @@ OBJS += src/ap/ieee802_11_ht.c ifdef CONFIG_IEEE80211AC OBJS += src/ap/ieee802_11_vht.c endif +ifdef CONFIG_IEEE80211AX +OBJS += src/ap/ieee802_11_he.c endif -ifdef CONFIG_WNM +endif +ifdef CONFIG_WNM_AP +L_CFLAGS += -DCONFIG_WNM_AP OBJS += src/ap/wnm_ap.c endif ifdef CONFIG_MBO OBJS += src/ap/mbo_ap.c endif +ifdef CONFIG_FILS +OBJS += src/ap/fils_hlp.c +endif ifdef CONFIG_CTRL_IFACE OBJS += src/ap/ctrl_iface_ap.c endif @@ -832,11 +880,9 @@ L_CFLAGS += -DCONFIG_IEEE80211N ifdef CONFIG_IEEE80211AC L_CFLAGS += -DCONFIG_IEEE80211AC endif +ifdef CONFIG_IEEE80211AX +L_CFLAGS += -DCONFIG_IEEE80211AX endif - -ifdef CONFIG_MBO -OBJS += mbo.c -L_CFLAGS += -DCONFIG_MBO endif ifdef NEED_AP_MLME @@ -852,6 +898,10 @@ L_CFLAGS += -DEAP_SERVER_WSC OBJS += src/ap/wps_hostapd.c OBJS += src/eap_server/eap_server_wsc.c endif +ifdef CONFIG_DPP +OBJS += src/ap/dpp_hostapd.c +OBJS += src/ap/gas_query_ap.c +endif ifdef CONFIG_INTERWORKING OBJS += src/ap/gas_serv.c endif @@ -860,18 +910,21 @@ OBJS += src/ap/hs20.c endif endif +ifdef CONFIG_MBO +OBJS += mbo.c +L_CFLAGS += -DCONFIG_MBO +endif + +ifdef CONFIG_TESTING_OPTIONS +L_CFLAGS += -DCONFIG_TESTING_OPTIONS +endif + ifdef NEED_RSN_AUTHENTICATOR L_CFLAGS += -DCONFIG_NO_RADIUS NEED_AES_WRAP=y OBJS += src/ap/wpa_auth.c OBJS += src/ap/wpa_auth_ie.c OBJS += src/ap/pmksa_cache_auth.c -ifdef CONFIG_IEEE80211R -OBJS += src/ap/wpa_auth_ft.c -endif -ifdef CONFIG_PEERKEY -OBJS += src/ap/peerkey_auth.c -endif endif ifdef CONFIG_ACS @@ -971,25 +1024,40 @@ ifdef CONFIG_TLS_ADD_DL LIBS += -ldl LIBS_p += -ldl endif +ifndef CONFIG_TLS_DEFAULT_CIPHERS +CONFIG_TLS_DEFAULT_CIPHERS = "DEFAULT:!EXP:!LOW" +endif +L_CFLAGS += -DTLS_DEFAULT_CIPHERS=\"$(CONFIG_TLS_DEFAULT_CIPHERS)\" endif ifeq ($(CONFIG_TLS), gnutls) +ifndef CONFIG_CRYPTO +# default to libgcrypt +CONFIG_CRYPTO=gnutls +endif ifdef TLS_FUNCS OBJS += src/crypto/tls_gnutls.c LIBS += -lgnutls -lgpg-error endif -OBJS += src/crypto/crypto_gnutls.c -OBJS_p += src/crypto/crypto_gnutls.c +OBJS += src/crypto/crypto_$(CONFIG_CRYPTO).c +OBJS_p += src/crypto/crypto_$(CONFIG_CRYPTO).c ifdef NEED_FIPS186_2_PRF OBJS += src/crypto/fips_prf_internal.c OBJS += src/crypto/sha1-internal.c endif +ifeq ($(CONFIG_CRYPTO), gnutls) LIBS += -lgcrypt LIBS_p += -lgcrypt -CONFIG_INTERNAL_SHA256=y CONFIG_INTERNAL_RC4=y CONFIG_INTERNAL_DH_GROUP5=y endif +ifeq ($(CONFIG_CRYPTO), nettle) +LIBS += -lnettle -lgmp +LIBS_p += -lnettle -lgmp +CONFIG_INTERNAL_RC4=y +CONFIG_INTERNAL_DH_GROUP5=y +endif +endif ifeq ($(CONFIG_TLS), internal) ifndef CONFIG_CRYPTO @@ -1131,6 +1199,12 @@ endif ifdef NEED_AES_EAX AESOBJS += src/crypto/aes-eax.c NEED_AES_CTR=y +NEED_AES_OMAC1=y +endif +ifdef NEED_AES_SIV +AESOBJS += src/crypto/aes-siv.c +NEED_AES_CTR=y +NEED_AES_OMAC1=y endif ifdef NEED_AES_CTR AESOBJS += src/crypto/aes-ctr.c @@ -1163,9 +1237,6 @@ ifdef CONFIG_INTERNAL_AES AESOBJS += src/crypto/aes-internal-enc.c endif endif -ifdef NEED_AES_SIV -AESOBJS += src/crypto/aes-siv.c -endif ifdef NEED_AES OBJS += $(AESOBJS) endif @@ -1173,8 +1244,10 @@ endif SHA1OBJS = ifdef NEED_SHA1 ifneq ($(CONFIG_TLS), openssl) +ifneq ($(CONFIG_TLS), gnutls) SHA1OBJS += src/crypto/sha1.c endif +endif SHA1OBJS += src/crypto/sha1-prf.c ifdef CONFIG_INTERNAL_SHA1 SHA1OBJS += src/crypto/sha1-internal.c @@ -1200,9 +1273,11 @@ endif MD5OBJS = ifndef CONFIG_FIPS ifneq ($(CONFIG_TLS), openssl) +ifneq ($(CONFIG_TLS), gnutls) MD5OBJS += src/crypto/md5.c endif endif +endif ifdef NEED_MD5 ifdef CONFIG_INTERNAL_MD5 MD5OBJS += src/crypto/md5-internal.c @@ -1240,8 +1315,10 @@ SHA256OBJS = # none by default ifdef NEED_SHA256 L_CFLAGS += -DCONFIG_SHA256 ifneq ($(CONFIG_TLS), openssl) +ifneq ($(CONFIG_TLS), gnutls) SHA256OBJS += src/crypto/sha256.c endif +endif SHA256OBJS += src/crypto/sha256-prf.c ifdef CONFIG_INTERNAL_SHA256 SHA256OBJS += src/crypto/sha256-internal.c @@ -1261,12 +1338,34 @@ ifdef NEED_HMAC_SHA256_KDF L_CFLAGS += -DCONFIG_HMAC_SHA256_KDF SHA256OBJS += src/crypto/sha256-kdf.c endif +ifdef NEED_HMAC_SHA384_KDF +L_CFLAGS += -DCONFIG_HMAC_SHA384_KDF +SHA256OBJS += src/crypto/sha384-kdf.c +endif +ifdef NEED_HMAC_SHA512_KDF +L_CFLAGS += -DCONFIG_HMAC_SHA512_KDF +SHA256OBJS += src/crypto/sha512-kdf.c +endif OBJS += $(SHA256OBJS) endif ifdef NEED_SHA384 L_CFLAGS += -DCONFIG_SHA384 +ifneq ($(CONFIG_TLS), openssl) +ifneq ($(CONFIG_TLS), gnutls) +OBJS += src/crypto/sha384.c +endif +endif OBJS += src/crypto/sha384-prf.c endif +ifdef NEED_SHA512 +L_CFLAGS += -DCONFIG_SHA512 +ifneq ($(CONFIG_TLS), openssl) +ifneq ($(CONFIG_TLS), gnutls) +OBJS += src/crypto/sha512.c +endif +endif +OBJS += src/crypto/sha512-prf.c +endif ifdef NEED_DH_GROUPS OBJS += src/crypto/dh_groups.c @@ -1490,6 +1589,12 @@ OBJS += src/utils/ext_password.c L_CFLAGS += -DCONFIG_EXT_PASSWORD endif +ifdef NEED_GAS_SERVER +OBJS += src/common/gas_server.c +L_CFLAGS += -DCONFIG_GAS_SERVER +NEED_GAS=y +endif + ifdef NEED_GAS OBJS += src/common/gas.c OBJS += gas_query.c @@ -1502,6 +1607,11 @@ OBJS += offchannel.c L_CFLAGS += -DCONFIG_OFFCHANNEL endif +ifdef NEED_JSON +OBJS += src/utils/json.c +L_CFLAGS += -DCONFIG_JSON +endif + OBJS += src/drivers/driver_common.c OBJS += wpa_supplicant.c events.c blacklist.c wpas_glue.c scan.c @@ -1580,9 +1690,7 @@ endif # With BoringSSL we need libkeystore-engine in order to provide access to # keystore keys. -ifneq (,$(wildcard external/boringssl/flavor.mk)) LOCAL_SHARED_LIBRARIES += libkeystore-engine -endif ifdef CONFIG_DRIVER_NL80211 ifneq ($(wildcard external/libnl),) diff --git a/contrib/wpa/wpa_supplicant/ChangeLog b/contrib/wpa/wpa_supplicant/ChangeLog index f28055f4093e..bf4daaa4cb1e 100644 --- a/contrib/wpa/wpa_supplicant/ChangeLog +++ b/contrib/wpa/wpa_supplicant/ChangeLog @@ -1,5 +1,75 @@ ChangeLog for wpa_supplicant +2018-12-02 - v2.7 + * fixed WPA packet number reuse with replayed messages and key + reinstallation + [https://w1.fi/security/2017-1/] (CVE-2017-13077, CVE-2017-13078, + CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, + CVE-2017-13086, CVE-2017-13087, CVE-2017-13088) + * fixed unauthenticated EAPOL-Key decryption in wpa_supplicant + [https://w1.fi/security/2018-1/] (CVE-2018-14526) + * added support for FILS (IEEE 802.11ai) shared key authentication + * added support for OWE (Opportunistic Wireless Encryption, RFC 8110; + and transition mode defined by WFA) + * added support for DPP (Wi-Fi Device Provisioning Protocol) + * added support for RSA 3k key case with Suite B 192-bit level + * fixed Suite B PMKSA caching not to update PMKID during each 4-way + handshake + * fixed EAP-pwd pre-processing with PasswordHashHash + * added EAP-pwd client support for salted passwords + * fixed a regression in TDLS prohibited bit validation + * started to use estimated throughput to avoid undesired signal + strength based roaming decision + * MACsec/MKA: + - new macsec_linux driver interface support for the Linux + kernel macsec module + - number of fixes and extensions + * added support for external persistent storage of PMKSA cache + (PMKSA_GET/PMKSA_ADD control interface commands; and + MESH_PMKSA_GET/MESH_PMKSA_SET for the mesh case) + * fixed mesh channel configuration pri/sec switch case + * added support for beacon report + * large number of other fixes, cleanup, and extensions + * added support for randomizing local address for GAS queries + (gas_rand_mac_addr parameter) + * fixed EAP-SIM/AKA/AKA' ext auth cases within TLS tunnel + * added option for using random WPS UUID (auto_uuid=1) + * added SHA256-hash support for OCSP certificate matching + * fixed EAP-AKA' to add AT_KDF into Synchronization-Failure + * fixed a regression in RSN pre-authentication candidate selection + * added option to configure allowed group management cipher suites + (group_mgmt network profile parameter) + * removed all PeerKey functionality + * fixed nl80211 AP and mesh mode configuration regression with + Linux 4.15 and newer + * added ap_isolate configuration option for AP mode + * added support for nl80211 to offload 4-way handshake into the driver + * added support for using wolfSSL cryptographic library + * SAE + - added support for configuring SAE password separately of the + WPA2 PSK/passphrase + - fixed PTK and EAPOL-Key integrity and key-wrap algorithm selection + for SAE; + note: this is not backwards compatible, i.e., both the AP and + station side implementations will need to be update at the same + time to maintain interoperability + - added support for Password Identifier + - fixed FT-SAE PMKID matching + * Hotspot 2.0 + - added support for fetching of Operator Icon Metadata ANQP-element + - added support for Roaming Consortium Selection element + - added support for Terms and Conditions + - added support for OSEN connection in a shared RSN BSS + - added support for fetching Venue URL information + * added support for using OpenSSL 1.1.1 + * FT + - disabled PMKSA caching with FT since it is not fully functional + - added support for SHA384 based AKM + - added support for BIP ciphers BIP-CMAC-256, BIP-GMAC-128, + BIP-GMAC-256 in addition to previously supported BIP-CMAC-128 + - fixed additional IE inclusion in Reassociation Request frame when + using FT protocol + 2016-10-02 - v2.6 * fixed WNM Sleep Mode processing when PMF is not enabled [http://w1.fi/security/2015-6/] (CVE-2015-5310) diff --git a/contrib/wpa/wpa_supplicant/README b/contrib/wpa/wpa_supplicant/README index 11ab01a9c171..2a3265f21eaa 100644 --- a/contrib/wpa/wpa_supplicant/README +++ b/contrib/wpa/wpa_supplicant/README @@ -1,7 +1,7 @@ WPA Supplicant ============== -Copyright (c) 2003-2016, Jouni Malinen <j@w1.fi> and contributors +Copyright (c) 2003-2018, Jouni Malinen <j@w1.fi> and contributors All Rights Reserved. This program is licensed under the BSD license (the one with @@ -83,7 +83,7 @@ Supported WPA/IEEE 802.11i features: authentication) (following methods are supported, but since they do not generate keying material, they cannot be used with WPA or IEEE 802.1X WEP keying) - * EAP-MD5-Challenge + * EAP-MD5-Challenge * EAP-MSCHAPv2 * EAP-GTC * EAP-OTP @@ -965,6 +965,17 @@ wpa_priv can control multiple interface with one process, but it is also possible to run multiple wpa_priv processes at the same time, if desired. +It should be noted that the interface used between wpa_supplicant and +wpa_priv does not include all the capabilities of the wpa_supplicant +driver interface and at times, this interface lacks update especially +for recent addition. Consequently, use of wpa_priv does come with the +price of somewhat reduced available functionality. The next section +describing how wpa_supplicant can be used with reduced privileges +without having to handle the complexity of separate wpa_priv. While that +approve does not provide separation for network admin capabilities, it +does allow other root privileges to be dropped without the drawbacks of +the wpa_priv process. + Linux capabilities instead of privileged process ------------------------------------------------ diff --git a/contrib/wpa/wpa_supplicant/README-HS20 b/contrib/wpa/wpa_supplicant/README-HS20 index e4eed2074f91..334287101c92 100644 --- a/contrib/wpa/wpa_supplicant/README-HS20 +++ b/contrib/wpa/wpa_supplicant/README-HS20 @@ -197,6 +197,20 @@ Credentials can be pre-configured for automatic network selection: # pre-configured with the credential since the NAI Realm information # may not be available or fetched. # +# required_roaming_consortium: Required Roaming Consortium OI +# If required_roaming_consortium_len is non-zero, this field contains the +# Roaming Consortium OI that is required to be advertised by the AP for +# the credential to be considered matching. +# +# roaming_consortiums: Roaming Consortium OI(s) memberships +# This string field contains one or more comma delimited OIs (hexdump) +# identifying the roaming consortiums of which the provider is a member. +# The list is sorted from the most preferred one to the least preferred +# one. A match between the Roaming Consortium OIs advertised by an AP and +# the OIs in this list indicates that successful authentication is +# possible. +# (Hotspot 2.0 PerProviderSubscription/<X+>/HomeSP/RoamingConsortiumOI) +# # eap: Pre-configured EAP method # This optional field can be used to specify which EAP method will be # used with this credential. If not set, the EAP method is selected @@ -295,6 +309,7 @@ Credentials can be pre-configured for automatic network selection: # ca_cert="/etc/wpa_supplicant/ca.pem" # domain="example.com" # roaming_consortium=223344 +# roaming_consortiums="112233,4455667788,aabbcc" # eap=TTLS # phase2="auth=MSCHAPV2" #} @@ -591,7 +606,7 @@ network={ Hotspot 2.0 connection with external network selection ------------------------------------------------------ -When an component controlling wpa_supplicant takes care of Interworking +When a component controlling wpa_supplicant takes care of Interworking network selection, following configuration and network profile parameters can be used to configure a temporary network profile for a Hotspot 2.0 connection (e.g., with SET, ADD_NETWORK, SET_NETWORK, and @@ -613,6 +628,7 @@ network={ eap=TTLS phase2="auth=MSCHAPV2" update_identifier=54321 + roaming_consortium_selection=112233 #ocsp=2 } @@ -628,4 +644,5 @@ update_identifier: PPS/UpdateIdentifier ca_cert: from the downloaded trust root based on PPS information eap: Credential/UsernamePassword/EAPMethod or NAI Realm list phase2: Credential/UsernamePassword/EAPMethod or NAI Realm list +roaming_consortium_selection: Matching OI from HomeSP/RoamingConsortiumOI ocsp: Credential/CheckAAAServerCertStatus diff --git a/contrib/wpa/wpa_supplicant/android.config b/contrib/wpa/wpa_supplicant/android.config index 02505bb991aa..c97f591311d3 100644 --- a/contrib/wpa/wpa_supplicant/android.config +++ b/contrib/wpa/wpa_supplicant/android.config @@ -1,9 +1,9 @@ # Example wpa_supplicant build time configuration # # This file lists the configuration options that are used when building the -# hostapd binary. All lines starting with # are ignored. Configuration option -# lines must be commented out complete, if they are not to be included, i.e., -# just setting VARIABLE=n is not disabling that variable. +# wpa_supplicant binary. All lines starting with # are ignored. Configuration +# option lines must be commented out complete, if they are not to be included, +# i.e., just setting VARIABLE=n is not disabling that variable. # # This file is included in Makefile, so variables like CFLAGS and LIBS can also # be modified from here. In most cases, these lines should use += in order not @@ -91,10 +91,9 @@ CONFIG_EAP_PEAP=y CONFIG_EAP_TTLS=y # EAP-FAST -# Note: Default OpenSSL package does not include support for all the -# functionality needed for EAP-FAST. If EAP-FAST is enabled with OpenSSL, -# the OpenSSL library must be patched (openssl-0.9.8d-tls-extensions.patch) -# to add the needed functions. +# Note: If OpenSSL is used as the TLS library, OpenSSL 1.0 or newer is needed +# for EAP-FAST support. Older OpenSSL releases would need to be patched, e.g., +# with openssl-0.9.8x-tls-extensions.patch, to add the needed functions. #CONFIG_EAP_FAST=y # EAP-GTC @@ -152,6 +151,9 @@ CONFIG_WPS_NFC=y # EAP-IKEv2 #CONFIG_EAP_IKEV2=y +# EAP-EKE +#CONFIG_EAP_EKE=y + # PKCS#12 (PFX) support (used to read private key and certificate file from # a file that usually has extension .p12 or .pfx) CONFIG_PKCS12=y @@ -176,8 +178,10 @@ CONFIG_SMARTCARD=y # Select control interface backend for external programs, e.g, wpa_cli: # unix = UNIX domain sockets (default for Linux/*BSD) # udp = UDP sockets using localhost (127.0.0.1) +# udp6 = UDP IPv6 sockets using localhost (::1) # named_pipe = Windows Named Pipe (default for Windows) # udp-remote = UDP sockets with remote access (only for tests systems/purpose) +# udp6-remote = UDP IPv6 sockets with remote access (only for tests purpose) # y = use default (backwards compatibility) # If this option is commented out, control interface is not included in the # build. @@ -254,6 +258,9 @@ CONFIG_ELOOP=eloop # Should we use epoll instead of select? Select is used by default. #CONFIG_ELOOP_EPOLL=y +# Should we use kqueue instead of select? Select is used by default. +#CONFIG_ELOOP_KQUEUE=y + # Select layer 2 packet implementation # linux = Linux packet socket (default) # pcap = libpcap/libdnet/WinPcap @@ -263,8 +270,11 @@ CONFIG_ELOOP=eloop # none = Empty template CONFIG_L2_PACKET=linux -# PeerKey handshake for Station to Station Link (IEEE 802.11e DLS) -CONFIG_PEERKEY=y +# Disable Linux packet socket workaround applicable for station interface +# in a bridge for EAPOL frames. This should be uncommented only if the kernel +# is known to not have the regression issue in packet socket behavior with +# bridge interfaces (commit 'bridge: respect RFC2863 operational state')'). +#CONFIG_NO_LINUX_PACKET_SOCKET_WAR=y # IEEE 802.11w (management frame protection), also known as PMF # Driver support is also needed for IEEE 802.11w. @@ -291,6 +301,10 @@ CONFIG_IEEE80211W=y # will be used) #CONFIG_TLSV12=y +# Select which ciphers to use by default with OpenSSL if the user does not +# specify them. +#CONFIG_TLS_DEFAULT_CIPHERS="DEFAULT:!EXP:!LOW" + # If CONFIG_TLS=internal is used, additional library and include paths are # needed for LibTomMath. Alternatively, an integrated, minimal version of # LibTomMath can be used. See beginning of libtommath.c for details on benefits @@ -349,7 +363,7 @@ CONFIG_IEEE80211W=y # amount of memory/flash. #CONFIG_DYNAMIC_EAP_METHODS=y -# IEEE Std 802.11r-2008 (Fast BSS Transition) +# IEEE Std 802.11r-2008 (Fast BSS Transition) for station mode CONFIG_IEEE80211R=y # Add support for writing debug log to a file (/tmp/wpa_supplicant-log-#.txt) @@ -424,11 +438,21 @@ CONFIG_ANDROID_LOG=y # disabled. This will save some in binary size and CPU use. However, this # should only be considered for builds that are known to be used on devices # that meet the requirements described above. -#CONFIG_NO_RANDOM_POOL=y + +# Wpa_supplicant's random pool is not necessary on Android. Randomness is +# already provided by the entropymixer service which ensures sufficient +# entropy is maintained across reboots. Commit b410eb1913 'Initialize +# /dev/urandom earlier in boot' seeds /dev/urandom with that entropy before +# either wpa_supplicant or hostapd are run. +CONFIG_NO_RANDOM_POOL=y # IEEE 802.11n (High Throughput) support (mainly for AP mode) CONFIG_IEEE80211N=y +# IEEE 802.11ac (Very High Throughput) support (mainly for AP mode) +# (depends on CONFIG_IEEE80211N) +#CONFIG_IEEE80211AC=y + # Wireless Network Management (IEEE Std 802.11v-2011) # Note: This is experimental and not complete implementation. CONFIG_WNM=y @@ -442,6 +466,9 @@ CONFIG_INTERWORKING=y # Hotspot 2.0 CONFIG_HS20=y +# Enable interface matching in wpa_supplicant +#CONFIG_MATCH_IFACE=y + # Disable roaming in wpa_supplicant CONFIG_NO_ROAMING=y @@ -489,4 +516,36 @@ CONFIG_WIFI_DISPLAY=y # Support Multi Band Operation #CONFIG_MBO=y +# Fast Initial Link Setup (FILS) (IEEE 802.11ai) +# Note: This is an experimental and not yet complete implementation. This +# should not be enabled for production use. +#CONFIG_FILS=y + +# Support RSN on IBSS networks +# This is needed to be able to use mode=1 network profile with proto=RSN and +# key_mgmt=WPA-PSK (i.e., full key management instead of WPA-None). +#CONFIG_IBSS_RSN=y + +# External PMKSA cache control +# This can be used to enable control interface commands that allow the current +# PMKSA cache entries to be fetched and new entries to be added. +#CONFIG_PMKSA_CACHE_EXTERNAL=y + +# Mesh Networking (IEEE 802.11s) +#CONFIG_MESH=y + +# Background scanning modules +# These can be used to request wpa_supplicant to perform background scanning +# operations for roaming within an ESS (same SSID). See the bgscan parameter in +# the wpa_supplicant.conf file for more details. +# Periodic background scans based on signal strength +#CONFIG_BGSCAN_SIMPLE=y +# Learn channels used by the network and try to avoid bgscans on other +# channels (experimental) +#CONFIG_BGSCAN_LEARN=y + +# Opportunistic Wireless Encryption (OWE) +# Experimental implementation of draft-harkins-owe-07.txt +#CONFIG_OWE=y + include $(wildcard $(LOCAL_PATH)/android_config_*.inc) diff --git a/contrib/wpa/wpa_supplicant/ap.c b/contrib/wpa/wpa_supplicant/ap.c index 5afb772ba192..ea846a0fad4b 100644 --- a/contrib/wpa/wpa_supplicant/ap.c +++ b/contrib/wpa/wpa_supplicant/ap.c @@ -46,23 +46,50 @@ static void wpas_wps_ap_pin_timeout(void *eloop_data, void *user_ctx); #ifdef CONFIG_IEEE80211N static void wpas_conf_ap_vht(struct wpa_supplicant *wpa_s, + struct wpa_ssid *ssid, struct hostapd_config *conf, struct hostapd_hw_modes *mode) { #ifdef CONFIG_P2P u8 center_chan = 0; u8 channel = conf->channel; +#endif /* CONFIG_P2P */ if (!conf->secondary_channel) goto no_vht; + /* Use the maximum oper channel width if it's given. */ + if (ssid->max_oper_chwidth) + conf->vht_oper_chwidth = ssid->max_oper_chwidth; + + ieee80211_freq_to_chan(ssid->vht_center_freq2, + &conf->vht_oper_centr_freq_seg1_idx); + + if (!ssid->p2p_group) { + if (!ssid->vht_center_freq1 || + conf->vht_oper_chwidth == VHT_CHANWIDTH_USE_HT) + goto no_vht; + ieee80211_freq_to_chan(ssid->vht_center_freq1, + &conf->vht_oper_centr_freq_seg0_idx); + wpa_printf(MSG_DEBUG, "VHT seg0 index %d for AP", + conf->vht_oper_centr_freq_seg0_idx); + return; + } + +#ifdef CONFIG_P2P switch (conf->vht_oper_chwidth) { case VHT_CHANWIDTH_80MHZ: case VHT_CHANWIDTH_80P80MHZ: center_chan = wpas_p2p_get_vht80_center(wpa_s, mode, channel); + wpa_printf(MSG_DEBUG, + "VHT center channel %u for 80 or 80+80 MHz bandwidth", + center_chan); break; case VHT_CHANWIDTH_160MHZ: center_chan = wpas_p2p_get_vht160_center(wpa_s, mode, channel); + wpa_printf(MSG_DEBUG, + "VHT center channel %u for 160 MHz bandwidth", + center_chan); break; default: /* @@ -72,10 +99,17 @@ static void wpas_conf_ap_vht(struct wpa_supplicant *wpa_s, */ conf->vht_oper_chwidth = VHT_CHANWIDTH_160MHZ; center_chan = wpas_p2p_get_vht160_center(wpa_s, mode, channel); - if (!center_chan) { + if (center_chan) { + wpa_printf(MSG_DEBUG, + "VHT center channel %u for auto-selected 160 MHz bandwidth", + center_chan); + } else { conf->vht_oper_chwidth = VHT_CHANWIDTH_80MHZ; center_chan = wpas_p2p_get_vht80_center(wpa_s, mode, channel); + wpa_printf(MSG_DEBUG, + "VHT center channel %u for auto-selected 80 MHz bandwidth", + center_chan); } break; } @@ -83,15 +117,17 @@ static void wpas_conf_ap_vht(struct wpa_supplicant *wpa_s, goto no_vht; conf->vht_oper_centr_freq_seg0_idx = center_chan; + wpa_printf(MSG_DEBUG, "VHT seg0 index %d for P2P GO", + conf->vht_oper_centr_freq_seg0_idx); return; +#endif /* CONFIG_P2P */ no_vht: - conf->vht_oper_centr_freq_seg0_idx = - channel + conf->secondary_channel * 2; -#else /* CONFIG_P2P */ + wpa_printf(MSG_DEBUG, + "No VHT higher bandwidth support for the selected channel %d", + conf->channel); conf->vht_oper_centr_freq_seg0_idx = conf->channel + conf->secondary_channel * 2; -#endif /* CONFIG_P2P */ conf->vht_oper_chwidth = VHT_CHANWIDTH_USE_HT; } #endif /* CONFIG_IEEE80211N */ @@ -123,6 +159,11 @@ int wpa_supplicant_conf_ap_ht(struct wpa_supplicant *wpa_s, if (wpa_s->hw.modes) { struct hostapd_hw_modes *mode = NULL; int i, no_ht = 0; + + wpa_printf(MSG_DEBUG, + "Determining HT/VHT options based on driver capabilities (freq=%u chan=%u)", + ssid->frequency, conf->channel); + for (i = 0; i < wpa_s->hw.num_modes; i++) { if (wpa_s->hw.modes[i].mode == conf->hw_mode) { mode = &wpa_s->hw.modes[i]; @@ -131,27 +172,54 @@ int wpa_supplicant_conf_ap_ht(struct wpa_supplicant *wpa_s, } #ifdef CONFIG_HT_OVERRIDES - if (ssid->disable_ht) { + if (ssid->disable_ht) + ssid->ht = 0; +#endif /* CONFIG_HT_OVERRIDES */ + + if (!ssid->ht) { + wpa_printf(MSG_DEBUG, + "HT not enabled in network profile"); conf->ieee80211n = 0; conf->ht_capab = 0; no_ht = 1; } -#endif /* CONFIG_HT_OVERRIDES */ if (!no_ht && mode && mode->ht_capab) { + wpa_printf(MSG_DEBUG, + "Enable HT support (p2p_group=%d 11a=%d ht40_hw_capab=%d ssid->ht40=%d)", + ssid->p2p_group, + conf->hw_mode == HOSTAPD_MODE_IEEE80211A, + !!(mode->ht_capab & + HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET), + ssid->ht40); conf->ieee80211n = 1; #ifdef CONFIG_P2P - if (conf->hw_mode == HOSTAPD_MODE_IEEE80211A && + if (ssid->p2p_group && + conf->hw_mode == HOSTAPD_MODE_IEEE80211A && (mode->ht_capab & HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET) && - ssid->ht40) + ssid->ht40) { conf->secondary_channel = wpas_p2p_get_ht40_mode(wpa_s, mode, conf->channel); + wpa_printf(MSG_DEBUG, + "HT secondary channel offset %d for P2P group", + conf->secondary_channel); + } +#endif /* CONFIG_P2P */ + + if (!ssid->p2p_group && + (mode->ht_capab & + HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET)) { + conf->secondary_channel = ssid->ht40; + wpa_printf(MSG_DEBUG, + "HT secondary channel offset %d for AP", + conf->secondary_channel); + } + if (conf->secondary_channel) conf->ht_capab |= HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET; -#endif /* CONFIG_P2P */ /* * white-list capabilities that won't cause issues @@ -168,7 +236,8 @@ int wpa_supplicant_conf_ap_ht(struct wpa_supplicant *wpa_s, if (mode->vht_capab && ssid->vht) { conf->ieee80211ac = 1; - wpas_conf_ap_vht(wpa_s, conf, mode); + conf->vht_capab |= mode->vht_capab; + wpas_conf_ap_vht(wpa_s, ssid, conf, mode); } } } @@ -229,11 +298,13 @@ static int wpa_supplicant_conf_ap(struct wpa_supplicant *wpa_s, } #endif /* CONFIG_ACS */ - if (ieee80211_is_dfs(ssid->frequency) && wpa_s->conf->country[0]) { + if (ieee80211_is_dfs(ssid->frequency, wpa_s->hw.modes, + wpa_s->hw.num_modes) && wpa_s->conf->country[0]) { conf->ieee80211h = 1; conf->ieee80211d = 1; conf->country[0] = wpa_s->conf->country[0]; conf->country[1] = wpa_s->conf->country[1]; + conf->country[2] = ' '; } #ifdef CONFIG_P2P @@ -316,17 +387,34 @@ static int wpa_supplicant_conf_ap(struct wpa_supplicant *wpa_s, for (i = 0; i < NUM_WEP_KEYS; i++) { if (ssid->wep_key_len[i] == 0) continue; - wep->key[i] = os_malloc(ssid->wep_key_len[i]); + wep->key[i] = os_memdup(ssid->wep_key[i], + ssid->wep_key_len[i]); if (wep->key[i] == NULL) return -1; - os_memcpy(wep->key[i], ssid->wep_key[i], - ssid->wep_key_len[i]); wep->len[i] = ssid->wep_key_len[i]; } wep->idx = ssid->wep_tx_keyidx; wep->keys_set = 1; } + if (wpa_s->conf->go_interworking) { + wpa_printf(MSG_DEBUG, + "P2P: Enable Interworking with access_network_type: %d", + wpa_s->conf->go_access_network_type); + bss->interworking = wpa_s->conf->go_interworking; + bss->access_network_type = wpa_s->conf->go_access_network_type; + bss->internet = wpa_s->conf->go_internet; + if (wpa_s->conf->go_venue_group) { + wpa_printf(MSG_DEBUG, + "P2P: Venue group: %d Venue type: %d", + wpa_s->conf->go_venue_group, + wpa_s->conf->go_venue_type); + bss->venue_group = wpa_s->conf->go_venue_group; + bss->venue_type = wpa_s->conf->go_venue_type; + bss->venue_info_set = 1; + } + } + if (ssid->ap_max_inactivity) bss->ap_max_inactivity = ssid->ap_max_inactivity; @@ -461,6 +549,9 @@ no_wps: else bss->max_num_sta = wpa_s->conf->max_num_sta; + if (!bss->isolate) + bss->isolate = wpa_s->conf->ap_isolate; + bss->disassoc_low_ack = wpa_s->conf->disassoc_low_ack; if (wpa_s->conf->ap_vendor_elements) { @@ -585,9 +676,18 @@ static void wpas_ap_configured_cb(void *ctx) { struct wpa_supplicant *wpa_s = ctx; + wpa_printf(MSG_DEBUG, "AP interface setup completed - state %s", + hostapd_state_text(wpa_s->ap_iface->state)); + if (wpa_s->ap_iface->state == HAPD_IFACE_DISABLED) { + wpa_supplicant_ap_deinit(wpa_s); + return; + } + #ifdef CONFIG_ACS - if (wpa_s->current_ssid && wpa_s->current_ssid->acs) + if (wpa_s->current_ssid && wpa_s->current_ssid->acs) { wpa_s->assoc_freq = wpa_s->ap_iface->freq; + wpa_s->current_ssid->frequency = wpa_s->ap_iface->freq; + } #endif /* CONFIG_ACS */ wpa_supplicant_set_state(wpa_s, WPA_COMPLETED); @@ -662,7 +762,8 @@ int wpa_supplicant_create_ap(struct wpa_supplicant *wpa_s, else params.uapsd = -1; - if (ieee80211_is_dfs(params.freq.freq)) + if (ieee80211_is_dfs(params.freq.freq, wpa_s->hw.modes, + wpa_s->hw.num_modes)) params.freq.freq = 0; /* set channel after CAC */ if (params.p2p) @@ -692,13 +793,6 @@ int wpa_supplicant_create_ap(struct wpa_supplicant *wpa_s, return -1; } - /* Use the maximum oper channel width if it's given. */ - if (ssid->max_oper_chwidth) - conf->vht_oper_chwidth = ssid->max_oper_chwidth; - - ieee80211_freq_to_chan(ssid->vht_center_freq2, - &conf->vht_oper_centr_freq_seg1_idx); - os_memcpy(wpa_s->ap_iface->conf->wmm_ac_params, wpa_s->conf->wmm_ac_params, sizeof(wpa_s->conf->wmm_ac_params)); @@ -777,6 +871,14 @@ int wpa_supplicant_create_ap(struct wpa_supplicant *wpa_s, os_memcpy(wpa_s->bssid, wpa_s->own_addr, ETH_ALEN); wpa_s->assoc_freq = ssid->frequency; +#if defined(CONFIG_P2P) && defined(CONFIG_ACS) + if (wpa_s->p2p_go_do_acs) { + wpa_s->ap_iface->conf->channel = 0; + wpa_s->ap_iface->conf->hw_mode = wpa_s->p2p_go_acs_band; + ssid->acs = 1; + } +#endif /* CONFIG_P2P && CONFIG_ACS */ + if (hostapd_setup_interface(wpa_s->ap_iface)) { wpa_printf(MSG_ERROR, "Failed to initialize AP interface"); wpa_supplicant_ap_deinit(wpa_s); @@ -1436,12 +1538,49 @@ void wpas_ap_pmksa_cache_flush(struct wpa_supplicant *wpa_s) if (wpa_s->ifmsh) hostapd_ctrl_iface_pmksa_flush(wpa_s->ifmsh->bss[0]); } + + +#ifdef CONFIG_PMKSA_CACHE_EXTERNAL +#ifdef CONFIG_MESH + +int wpas_ap_pmksa_cache_list_mesh(struct wpa_supplicant *wpa_s, const u8 *addr, + char *buf, size_t len) +{ + return hostapd_ctrl_iface_pmksa_list_mesh(wpa_s->ifmsh->bss[0], addr, + &buf[0], len); +} + + +int wpas_ap_pmksa_cache_add_external(struct wpa_supplicant *wpa_s, char *cmd) +{ + struct external_pmksa_cache *entry; + void *pmksa_cache; + + pmksa_cache = hostapd_ctrl_iface_pmksa_create_entry(wpa_s->own_addr, + cmd); + if (!pmksa_cache) + return -1; + + entry = os_zalloc(sizeof(struct external_pmksa_cache)); + if (!entry) + return -1; + + entry->pmksa_cache = pmksa_cache; + + dl_list_add(&wpa_s->mesh_external_pmksa_cache, &entry->list); + + return 0; +} + +#endif /* CONFIG_MESH */ +#endif /* CONFIG_PMKSA_CACHE_EXTERNAL */ + #endif /* CONFIG_CTRL_IFACE */ #ifdef NEED_AP_MLME -void wpas_event_dfs_radar_detected(struct wpa_supplicant *wpa_s, - struct dfs_event *radar) +void wpas_ap_event_dfs_radar_detected(struct wpa_supplicant *wpa_s, + struct dfs_event *radar) { if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0]) return; @@ -1453,8 +1592,8 @@ void wpas_event_dfs_radar_detected(struct wpa_supplicant *wpa_s, } -void wpas_event_dfs_cac_started(struct wpa_supplicant *wpa_s, - struct dfs_event *radar) +void wpas_ap_event_dfs_cac_started(struct wpa_supplicant *wpa_s, + struct dfs_event *radar) { if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0]) return; @@ -1465,8 +1604,8 @@ void wpas_event_dfs_cac_started(struct wpa_supplicant *wpa_s, } -void wpas_event_dfs_cac_finished(struct wpa_supplicant *wpa_s, - struct dfs_event *radar) +void wpas_ap_event_dfs_cac_finished(struct wpa_supplicant *wpa_s, + struct dfs_event *radar) { if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0]) return; @@ -1477,8 +1616,8 @@ void wpas_event_dfs_cac_finished(struct wpa_supplicant *wpa_s, } -void wpas_event_dfs_cac_aborted(struct wpa_supplicant *wpa_s, - struct dfs_event *radar) +void wpas_ap_event_dfs_cac_aborted(struct wpa_supplicant *wpa_s, + struct dfs_event *radar) { if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0]) return; @@ -1489,8 +1628,8 @@ void wpas_event_dfs_cac_aborted(struct wpa_supplicant *wpa_s, } -void wpas_event_dfs_cac_nop_finished(struct wpa_supplicant *wpa_s, - struct dfs_event *radar) +void wpas_ap_event_dfs_cac_nop_finished(struct wpa_supplicant *wpa_s, + struct dfs_event *radar) { if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0]) return; diff --git a/contrib/wpa/wpa_supplicant/ap.h b/contrib/wpa/wpa_supplicant/ap.h index 5a59ddcc1c93..447b551863a3 100644 --- a/contrib/wpa/wpa_supplicant/ap.h +++ b/contrib/wpa/wpa_supplicant/ap.h @@ -85,17 +85,20 @@ int wpas_ap_stop_ap(struct wpa_supplicant *wpa_s); int wpas_ap_pmksa_cache_list(struct wpa_supplicant *wpa_s, char *buf, size_t len); void wpas_ap_pmksa_cache_flush(struct wpa_supplicant *wpa_s); +int wpas_ap_pmksa_cache_list_mesh(struct wpa_supplicant *wpa_s, const u8 *addr, + char *buf, size_t len); +int wpas_ap_pmksa_cache_add_external(struct wpa_supplicant *wpa_s, char *cmd); -void wpas_event_dfs_radar_detected(struct wpa_supplicant *wpa_s, +void wpas_ap_event_dfs_radar_detected(struct wpa_supplicant *wpa_s, + struct dfs_event *radar); +void wpas_ap_event_dfs_cac_started(struct wpa_supplicant *wpa_s, struct dfs_event *radar); -void wpas_event_dfs_cac_started(struct wpa_supplicant *wpa_s, - struct dfs_event *radar); -void wpas_event_dfs_cac_finished(struct wpa_supplicant *wpa_s, - struct dfs_event *radar); -void wpas_event_dfs_cac_aborted(struct wpa_supplicant *wpa_s, - struct dfs_event *radar); -void wpas_event_dfs_cac_nop_finished(struct wpa_supplicant *wpa_s, - struct dfs_event *radar); +void wpas_ap_event_dfs_cac_finished(struct wpa_supplicant *wpa_s, + struct dfs_event *radar); +void wpas_ap_event_dfs_cac_aborted(struct wpa_supplicant *wpa_s, + struct dfs_event *radar); +void wpas_ap_event_dfs_cac_nop_finished(struct wpa_supplicant *wpa_s, + struct dfs_event *radar); void ap_periodic(struct wpa_supplicant *wpa_s); diff --git a/contrib/wpa/wpa_supplicant/autoscan.c b/contrib/wpa/wpa_supplicant/autoscan.c index 072a1d5414ae..5056a9300a87 100644 --- a/contrib/wpa/wpa_supplicant/autoscan.c +++ b/contrib/wpa/wpa_supplicant/autoscan.c @@ -47,11 +47,16 @@ int autoscan_init(struct wpa_supplicant *wpa_s, int req_scan) struct sched_scan_plan *scan_plans; /* Give preference to scheduled scan plans if supported/configured */ - if (wpa_s->sched_scan_plans) + if (wpa_s->sched_scan_plans) { + wpa_printf(MSG_DEBUG, + "autoscan: sched_scan_plans set - use it instead"); return 0; + } - if (wpa_s->autoscan && wpa_s->autoscan_priv) + if (wpa_s->autoscan && wpa_s->autoscan_priv) { + wpa_printf(MSG_DEBUG, "autoscan: Already initialized"); return 0; + } if (name == NULL) return 0; diff --git a/contrib/wpa/wpa_supplicant/bgscan.c b/contrib/wpa/wpa_supplicant/bgscan.c index 798b43c3fdf7..1ea640114c8e 100644 --- a/contrib/wpa/wpa_supplicant/bgscan.c +++ b/contrib/wpa/wpa_supplicant/bgscan.c @@ -34,8 +34,6 @@ int bgscan_init(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid, const struct bgscan_ops *ops = NULL; bgscan_deinit(wpa_s); - if (name == NULL) - return -1; params = os_strchr(name, ':'); if (params == NULL) { diff --git a/contrib/wpa/wpa_supplicant/bgscan_learn.c b/contrib/wpa/wpa_supplicant/bgscan_learn.c index a320cc43068c..cb732f709b9e 100644 --- a/contrib/wpa/wpa_supplicant/bgscan_learn.c +++ b/contrib/wpa/wpa_supplicant/bgscan_learn.c @@ -320,9 +320,6 @@ static int bgscan_learn_get_params(struct bgscan_learn_data *data, { const char *pos; - if (params == NULL) - return 0; - data->short_interval = atoi(params); pos = os_strchr(params, ':'); diff --git a/contrib/wpa/wpa_supplicant/bgscan_simple.c b/contrib/wpa/wpa_supplicant/bgscan_simple.c index a467cc5b9271..41a26df0d635 100644 --- a/contrib/wpa/wpa_supplicant/bgscan_simple.c +++ b/contrib/wpa/wpa_supplicant/bgscan_simple.c @@ -56,12 +56,7 @@ static void bgscan_simple_timeout(void *eloop_ctx, void *timeout_ctx) } else { if (data->scan_interval == data->short_interval) { data->short_scan_count++; - /* - * Spend at most the duration of a long scan interval - * scanning at the short scan interval. After that, - * revert to the long scan interval. - */ - if (data->short_scan_count > data->max_short_scans) { + if (data->short_scan_count >= data->max_short_scans) { data->scan_interval = data->long_interval; wpa_printf(MSG_DEBUG, "bgscan simple: Backing " "off to long scan interval"); @@ -85,9 +80,6 @@ static int bgscan_simple_get_params(struct bgscan_simple_data *data, { const char *pos; - if (params == NULL) - return 0; - data->short_interval = atoi(params); pos = os_strchr(params, ':'); diff --git a/contrib/wpa/wpa_supplicant/bss.c b/contrib/wpa/wpa_supplicant/bss.c index 3a8778db9058..3a41db98e5ba 100644 --- a/contrib/wpa/wpa_supplicant/bss.c +++ b/contrib/wpa/wpa_supplicant/bss.c @@ -93,6 +93,7 @@ static struct wpa_bss_anqp * wpa_bss_anqp_clone(struct wpa_bss_anqp *anqp) ANQP_DUP(nai_realm); ANQP_DUP(anqp_3gpp); ANQP_DUP(domain_name); + ANQP_DUP(fils_realm_info); #endif /* CONFIG_INTERWORKING */ #ifdef CONFIG_HS20 ANQP_DUP(hs20_capability_list); @@ -101,6 +102,8 @@ static struct wpa_bss_anqp * wpa_bss_anqp_clone(struct wpa_bss_anqp *anqp) ANQP_DUP(hs20_connection_capability); ANQP_DUP(hs20_operating_class); ANQP_DUP(hs20_osu_providers_list); + ANQP_DUP(hs20_operator_icon_metadata); + ANQP_DUP(hs20_osu_providers_nai_list); #endif /* CONFIG_HS20 */ #undef ANQP_DUP @@ -168,6 +171,7 @@ static void wpa_bss_anqp_free(struct wpa_bss_anqp *anqp) wpabuf_free(anqp->nai_realm); wpabuf_free(anqp->anqp_3gpp); wpabuf_free(anqp->domain_name); + wpabuf_free(anqp->fils_realm_info); while ((elem = dl_list_first(&anqp->anqp_elems, struct wpa_bss_anqp_elem, list))) { @@ -183,6 +187,8 @@ static void wpa_bss_anqp_free(struct wpa_bss_anqp *anqp) wpabuf_free(anqp->hs20_connection_capability); wpabuf_free(anqp->hs20_operating_class); wpabuf_free(anqp->hs20_osu_providers_list); + wpabuf_free(anqp->hs20_operator_icon_metadata); + wpabuf_free(anqp->hs20_osu_providers_nai_list); #endif /* CONFIG_HS20 */ os_free(anqp); @@ -267,9 +273,9 @@ struct wpa_bss * wpa_bss_get(struct wpa_supplicant *wpa_s, const u8 *bssid, } -static void calculate_update_time(const struct os_reltime *fetch_time, - unsigned int age_ms, - struct os_reltime *update_time) +void calculate_update_time(const struct os_reltime *fetch_time, + unsigned int age_ms, + struct os_reltime *update_time) { os_time_t usec; @@ -595,6 +601,42 @@ wpa_bss_update(struct wpa_supplicant *wpa_s, struct wpa_bss *bss, { u32 changes; + if (bss->last_update_idx == wpa_s->bss_update_idx) { + struct os_reltime update_time; + + /* + * Some drivers (e.g., cfg80211) include multiple BSS entries + * for the same BSS if that BSS's channel changes. The BSS list + * implementation in wpa_supplicant does not do that and we need + * to filter out the obsolete results here to make sure only the + * most current BSS information remains in the table. + */ + wpa_printf(MSG_DEBUG, "BSS: " MACSTR + " has multiple entries in the scan results - select the most current one", + MAC2STR(bss->bssid)); + calculate_update_time(fetch_time, res->age, &update_time); + wpa_printf(MSG_DEBUG, + "Previous last_update: %u.%06u (freq %d%s)", + (unsigned int) bss->last_update.sec, + (unsigned int) bss->last_update.usec, + bss->freq, + (bss->flags & WPA_BSS_ASSOCIATED) ? " assoc" : ""); + wpa_printf(MSG_DEBUG, "New last_update: %u.%06u (freq %d%s)", + (unsigned int) update_time.sec, + (unsigned int) update_time.usec, + res->freq, + (res->flags & WPA_SCAN_ASSOCIATED) ? " assoc" : ""); + if ((bss->flags & WPA_BSS_ASSOCIATED) || + (!(res->flags & WPA_SCAN_ASSOCIATED) && + !os_reltime_before(&bss->last_update, &update_time))) { + wpa_printf(MSG_DEBUG, + "Ignore this BSS entry since the previous update looks more current"); + return bss; + } + wpa_printf(MSG_DEBUG, + "Accept this BSS entry since it looks more current than the previous update"); + } + changes = wpa_bss_compare_res(bss, res); if (changes & WPA_BSS_FREQ_CHANGED_FLAG) wpa_printf(MSG_DEBUG, "BSS: " MACSTR " changed freq %d --> %d", @@ -1279,3 +1321,19 @@ int wpa_bss_get_bit_rates(const struct wpa_bss *bss, u8 **rates) *rates = r; return len; } + + +#ifdef CONFIG_FILS +const u8 * wpa_bss_get_fils_cache_id(struct wpa_bss *bss) +{ + const u8 *ie; + + if (bss) { + ie = wpa_bss_get_ie(bss, WLAN_EID_FILS_INDICATION); + if (ie && ie[1] >= 4 && WPA_GET_LE16(ie + 2) & BIT(7)) + return ie + 4; + } + + return NULL; +} +#endif /* CONFIG_FILS */ diff --git a/contrib/wpa/wpa_supplicant/bss.h b/contrib/wpa/wpa_supplicant/bss.h index 84e8fb07461e..5251b2c354e3 100644 --- a/contrib/wpa/wpa_supplicant/bss.h +++ b/contrib/wpa/wpa_supplicant/bss.h @@ -40,6 +40,7 @@ struct wpa_bss_anqp { struct wpabuf *nai_realm; struct wpabuf *anqp_3gpp; struct wpabuf *domain_name; + struct wpabuf *fils_realm_info; struct dl_list anqp_elems; /* list of struct wpa_bss_anqp_elem */ #endif /* CONFIG_INTERWORKING */ #ifdef CONFIG_HS20 @@ -49,6 +50,8 @@ struct wpa_bss_anqp { struct wpabuf *hs20_connection_capability; struct wpabuf *hs20_operating_class; struct wpabuf *hs20_osu_providers_list; + struct wpabuf *hs20_operator_icon_metadata; + struct wpabuf *hs20_osu_providers_nai_list; #endif /* CONFIG_HS20 */ }; @@ -144,6 +147,7 @@ int wpa_bss_get_max_rate(const struct wpa_bss *bss); int wpa_bss_get_bit_rates(const struct wpa_bss *bss, u8 **rates); struct wpa_bss_anqp * wpa_bss_anqp_alloc(void); int wpa_bss_anqp_unshare_alloc(struct wpa_bss *bss); +const u8 * wpa_bss_get_fils_cache_id(struct wpa_bss *bss); static inline int bss_is_dmg(const struct wpa_bss *bss) { @@ -167,4 +171,8 @@ static inline void wpa_bss_update_level(struct wpa_bss *bss, int new_level) bss->level = new_level; } +void calculate_update_time(const struct os_reltime *fetch_time, + unsigned int age_ms, + struct os_reltime *update_time); + #endif /* BSS_H */ diff --git a/contrib/wpa/wpa_supplicant/config.c b/contrib/wpa/wpa_supplicant/config.c index dd922caf80af..c43960697dc3 100644 --- a/contrib/wpa/wpa_supplicant/config.c +++ b/contrib/wpa/wpa_supplicant/config.c @@ -1,6 +1,6 @@ /* * WPA Supplicant / Configuration parser and common functions - * Copyright (c) 2003-2015, Jouni Malinen <j@w1.fi> + * Copyright (c) 2003-2018, Jouni Malinen <j@w1.fi> * * This software may be distributed under the terms of the BSD license. * See README for more details. @@ -11,6 +11,7 @@ #include "common.h" #include "utils/uuid.h" #include "utils/ip_addr.h" +#include "common/ieee802_1x_defs.h" #include "crypto/sha1.h" #include "rsn_supp/wpa.h" #include "eap_peer/eap.h" @@ -396,6 +397,50 @@ static char * wpa_config_write_bssid(const struct parse_data *data, #endif /* NO_CONFIG_WRITE */ +static int wpa_config_parse_bssid_hint(const struct parse_data *data, + struct wpa_ssid *ssid, int line, + const char *value) +{ + if (value[0] == '\0' || os_strcmp(value, "\"\"") == 0 || + os_strcmp(value, "any") == 0) { + ssid->bssid_hint_set = 0; + wpa_printf(MSG_MSGDUMP, "BSSID hint any"); + return 0; + } + if (hwaddr_aton(value, ssid->bssid_hint)) { + wpa_printf(MSG_ERROR, "Line %d: Invalid BSSID hint '%s'.", + line, value); + return -1; + } + ssid->bssid_hint_set = 1; + wpa_hexdump(MSG_MSGDUMP, "BSSID hint", ssid->bssid_hint, ETH_ALEN); + return 0; +} + + +#ifndef NO_CONFIG_WRITE +static char * wpa_config_write_bssid_hint(const struct parse_data *data, + struct wpa_ssid *ssid) +{ + char *value; + int res; + + if (!ssid->bssid_hint_set) + return NULL; + + value = os_malloc(20); + if (!value) + return NULL; + res = os_snprintf(value, 20, MACSTR, MAC2STR(ssid->bssid_hint)); + if (os_snprintf_error(20, res)) { + os_free(value); + return NULL; + } + return value; +} +#endif /* NO_CONFIG_WRITE */ + + static int wpa_config_parse_bssid_blacklist(const struct parse_data *data, struct wpa_ssid *ssid, int line, const char *value) @@ -690,6 +735,10 @@ static int wpa_config_parse_key_mgmt(const struct parse_data *data, val |= WPA_KEY_MGMT_FT_PSK; else if (os_strcmp(start, "FT-EAP") == 0) val |= WPA_KEY_MGMT_FT_IEEE8021X; +#ifdef CONFIG_SHA384 + else if (os_strcmp(start, "FT-EAP-SHA384") == 0) + val |= WPA_KEY_MGMT_FT_IEEE8021X_SHA384; +#endif /* CONFIG_SHA384 */ #endif /* CONFIG_IEEE80211R */ #ifdef CONFIG_IEEE80211W else if (os_strcmp(start, "WPA-PSK-SHA256") == 0) @@ -719,6 +768,26 @@ static int wpa_config_parse_key_mgmt(const struct parse_data *data, else if (os_strcmp(start, "WPA-EAP-SUITE-B-192") == 0) val |= WPA_KEY_MGMT_IEEE8021X_SUITE_B_192; #endif /* CONFIG_SUITEB192 */ +#ifdef CONFIG_FILS + else if (os_strcmp(start, "FILS-SHA256") == 0) + val |= WPA_KEY_MGMT_FILS_SHA256; + else if (os_strcmp(start, "FILS-SHA384") == 0) + val |= WPA_KEY_MGMT_FILS_SHA384; +#ifdef CONFIG_IEEE80211R + else if (os_strcmp(start, "FT-FILS-SHA256") == 0) + val |= WPA_KEY_MGMT_FT_FILS_SHA256; + else if (os_strcmp(start, "FT-FILS-SHA384") == 0) + val |= WPA_KEY_MGMT_FT_FILS_SHA384; +#endif /* CONFIG_IEEE80211R */ +#endif /* CONFIG_FILS */ +#ifdef CONFIG_OWE + else if (os_strcmp(start, "OWE") == 0) + val |= WPA_KEY_MGMT_OWE; +#endif /* CONFIG_OWE */ +#ifdef CONFIG_DPP + else if (os_strcmp(start, "DPP") == 0) + val |= WPA_KEY_MGMT_DPP; +#endif /* CONFIG_DPP */ else { wpa_printf(MSG_ERROR, "Line %d: invalid key_mgmt '%s'", line, start); @@ -827,6 +896,18 @@ static char * wpa_config_write_key_mgmt(const struct parse_data *data, } pos += ret; } + +#ifdef CONFIG_SHA384 + if (ssid->key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X_SHA384) { + ret = os_snprintf(pos, end - pos, "%sFT-EAP-SHA384", + pos == buf ? "" : " "); + if (os_snprintf_error(end - pos, ret)) { + end[-1] = '\0'; + return buf; + } + pos += ret; + } +#endif /* CONFIG_SHA384 */ #endif /* CONFIG_IEEE80211R */ #ifdef CONFIG_IEEE80211W @@ -921,6 +1002,47 @@ static char * wpa_config_write_key_mgmt(const struct parse_data *data, } #endif /* CONFIG_SUITEB192 */ +#ifdef CONFIG_FILS + if (ssid->key_mgmt & WPA_KEY_MGMT_FILS_SHA256) { + ret = os_snprintf(pos, end - pos, "%sFILS-SHA256", + pos == buf ? "" : " "); + if (os_snprintf_error(end - pos, ret)) { + end[-1] = '\0'; + return buf; + } + pos += ret; + } + if (ssid->key_mgmt & WPA_KEY_MGMT_FILS_SHA384) { + ret = os_snprintf(pos, end - pos, "%sFILS-SHA384", + pos == buf ? "" : " "); + if (os_snprintf_error(end - pos, ret)) { + end[-1] = '\0'; + return buf; + } + pos += ret; + } +#ifdef CONFIG_IEEE80211R + if (ssid->key_mgmt & WPA_KEY_MGMT_FT_FILS_SHA256) { + ret = os_snprintf(pos, end - pos, "%sFT-FILS-SHA256", + pos == buf ? "" : " "); + if (os_snprintf_error(end - pos, ret)) { + end[-1] = '\0'; + return buf; + } + pos += ret; + } + if (ssid->key_mgmt & WPA_KEY_MGMT_FT_FILS_SHA384) { + ret = os_snprintf(pos, end - pos, "%sFT-FILS-SHA384", + pos == buf ? "" : " "); + if (os_snprintf_error(end - pos, ret)) { + end[-1] = '\0'; + return buf; + } + pos += ret; + } +#endif /* CONFIG_IEEE80211R */ +#endif /* CONFIG_FILS */ + if (pos == buf) { os_free(buf); buf = NULL; @@ -1042,6 +1164,40 @@ static char * wpa_config_write_group(const struct parse_data *data, #endif /* NO_CONFIG_WRITE */ +static int wpa_config_parse_group_mgmt(const struct parse_data *data, + struct wpa_ssid *ssid, int line, + const char *value) +{ + int val; + + val = wpa_config_parse_cipher(line, value); + if (val == -1) + return -1; + + if (val & ~WPA_ALLOWED_GROUP_MGMT_CIPHERS) { + wpa_printf(MSG_ERROR, + "Line %d: not allowed group management cipher (0x%x).", + line, val); + return -1; + } + + if (ssid->group_mgmt_cipher == val) + return 1; + wpa_printf(MSG_MSGDUMP, "group_mgmt: 0x%x", val); + ssid->group_mgmt_cipher = val; + return 0; +} + + +#ifndef NO_CONFIG_WRITE +static char * wpa_config_write_group_mgmt(const struct parse_data *data, + struct wpa_ssid *ssid) +{ + return wpa_config_write_cipher(ssid->group_mgmt_cipher); +} +#endif /* NO_CONFIG_WRITE */ + + static int wpa_config_parse_auth_alg(const struct parse_data *data, struct wpa_ssid *ssid, int line, const char *value) @@ -1816,6 +1972,87 @@ static char * wpa_config_write_mesh_basic_rates(const struct parse_data *data, #endif /* CONFIG_MESH */ +#ifdef CONFIG_MACSEC + +static int wpa_config_parse_mka_cak(const struct parse_data *data, + struct wpa_ssid *ssid, int line, + const char *value) +{ + if (hexstr2bin(value, ssid->mka_cak, MACSEC_CAK_LEN) || + value[MACSEC_CAK_LEN * 2] != '\0') { + wpa_printf(MSG_ERROR, "Line %d: Invalid MKA-CAK '%s'.", + line, value); + return -1; + } + + ssid->mka_psk_set |= MKA_PSK_SET_CAK; + + wpa_hexdump_key(MSG_MSGDUMP, "MKA-CAK", ssid->mka_cak, MACSEC_CAK_LEN); + return 0; +} + + +static int wpa_config_parse_mka_ckn(const struct parse_data *data, + struct wpa_ssid *ssid, int line, + const char *value) +{ + if (hexstr2bin(value, ssid->mka_ckn, MACSEC_CKN_LEN) || + value[MACSEC_CKN_LEN * 2] != '\0') { + wpa_printf(MSG_ERROR, "Line %d: Invalid MKA-CKN '%s'.", + line, value); + return -1; + } + + ssid->mka_psk_set |= MKA_PSK_SET_CKN; + + wpa_hexdump_key(MSG_MSGDUMP, "MKA-CKN", ssid->mka_ckn, MACSEC_CKN_LEN); + return 0; +} + + +#ifndef NO_CONFIG_WRITE + +static char * wpa_config_write_mka_cak(const struct parse_data *data, + struct wpa_ssid *ssid) +{ + if (!(ssid->mka_psk_set & MKA_PSK_SET_CAK)) + return NULL; + + return wpa_config_write_string_hex(ssid->mka_cak, MACSEC_CAK_LEN); +} + + +static char * wpa_config_write_mka_ckn(const struct parse_data *data, + struct wpa_ssid *ssid) +{ + if (!(ssid->mka_psk_set & MKA_PSK_SET_CKN)) + return NULL; + return wpa_config_write_string_hex(ssid->mka_ckn, MACSEC_CKN_LEN); +} + +#endif /* NO_CONFIG_WRITE */ + +#endif /* CONFIG_MACSEC */ + + +static int wpa_config_parse_peerkey(const struct parse_data *data, + struct wpa_ssid *ssid, int line, + const char *value) +{ + wpa_printf(MSG_INFO, "NOTE: Obsolete peerkey parameter ignored"); + return 0; +} + + +#ifndef NO_CONFIG_WRITE +static char * wpa_config_write_peerkey(const struct parse_data *data, + struct wpa_ssid *ssid) +{ + return NULL; +} +#endif /* NO_CONFIG_WRITE */ + + /* Helper macros for network block parser */ #ifdef OFFSET @@ -1907,24 +2144,34 @@ static const struct parse_data ssid_fields[] = { { STR_RANGE(ssid, 0, SSID_MAX_LEN) }, { INT_RANGE(scan_ssid, 0, 1) }, { FUNC(bssid) }, + { FUNC(bssid_hint) }, { FUNC(bssid_blacklist) }, { FUNC(bssid_whitelist) }, { FUNC_KEY(psk) }, { INT(mem_only_psk) }, + { STR_KEY(sae_password) }, + { STR(sae_password_id) }, { FUNC(proto) }, { FUNC(key_mgmt) }, { INT(bg_scan_period) }, { FUNC(pairwise) }, { FUNC(group) }, + { FUNC(group_mgmt) }, { FUNC(auth_alg) }, { FUNC(scan_freq) }, { FUNC(freq_list) }, + { INT_RANGE(ht, 0, 1) }, + { INT_RANGE(vht, 0, 1) }, + { INT_RANGE(ht40, -1, 1) }, { INT_RANGE(max_oper_chwidth, VHT_CHANWIDTH_USE_HT, VHT_CHANWIDTH_80P80MHZ) }, + { INT(vht_center_freq1) }, + { INT(vht_center_freq2) }, #ifdef IEEE8021X_EAPOL { FUNC(eap) }, { STR_LENe(identity) }, { STR_LENe(anonymous_identity) }, + { STR_LENe(imsi_identity) }, { FUNC_KEY(password) }, { STRe(ca_cert) }, { STRe(ca_path) }, @@ -1981,6 +2228,7 @@ static const struct parse_data ssid_fields[] = { #ifdef CONFIG_MESH { INT_RANGE(mode, 0, 5) }, { INT_RANGE(no_auto_peer, 0, 1) }, + { INT_RANGE(mesh_rssi_threshold, -255, 1) }, #else /* CONFIG_MESH */ { INT_RANGE(mode, 0, 4) }, #endif /* CONFIG_MESH */ @@ -1990,7 +2238,7 @@ static const struct parse_data ssid_fields[] = { #ifdef CONFIG_IEEE80211W { INT_RANGE(ieee80211w, 0, 2) }, #endif /* CONFIG_IEEE80211W */ - { INT_RANGE(peerkey, 0, 1) }, + { FUNC(peerkey) /* obsolete - removed */ }, { INT_RANGE(mixed_cell, 0, 1) }, { INT_RANGE(frequency, 0, 65000) }, { INT_RANGE(fixed_freq, 0, 1) }, @@ -2050,13 +2298,28 @@ static const struct parse_data ssid_fields[] = { { INT(beacon_int) }, #ifdef CONFIG_MACSEC { INT_RANGE(macsec_policy, 0, 1) }, + { INT_RANGE(macsec_integ_only, 0, 1) }, + { INT_RANGE(macsec_port, 1, 65534) }, + { INT_RANGE(mka_priority, 0, 255) }, + { FUNC_KEY(mka_cak) }, + { FUNC_KEY(mka_ckn) }, #endif /* CONFIG_MACSEC */ #ifdef CONFIG_HS20 { INT(update_identifier) }, + { STR_RANGE(roaming_consortium_selection, 0, MAX_ROAMING_CONS_OI_LEN) }, #endif /* CONFIG_HS20 */ { INT_RANGE(mac_addr, 0, 2) }, { INT_RANGE(pbss, 0, 2) }, { INT_RANGE(wps_disabled, 0, 1) }, + { INT_RANGE(fils_dh_group, 0, 65535) }, +#ifdef CONFIG_DPP + { STR(dpp_connector) }, + { STR_LEN(dpp_netaccesskey) }, + { INT(dpp_netaccesskey_expiry) }, + { STR_LEN(dpp_csign) }, +#endif /* CONFIG_DPP */ + { INT_RANGE(owe_group, 0, 65535) }, + { INT_RANGE(owe_only, 0, 1) }, }; #undef OFFSET @@ -2168,6 +2431,7 @@ static void eap_peer_config_free(struct eap_peer_config *eap) os_free(eap->eap_methods); bin_clear_free(eap->identity, eap->identity_len); os_free(eap->anonymous_identity); + os_free(eap->imsi_identity); bin_clear_free(eap->password, eap->password_len); os_free(eap->ca_cert); os_free(eap->ca_path); @@ -2226,6 +2490,8 @@ void wpa_config_free_ssid(struct wpa_ssid *ssid) os_free(ssid->ssid); str_clear_free(ssid->passphrase); os_free(ssid->ext_psk); + str_clear_free(ssid->sae_password); + os_free(ssid->sae_password_id); #ifdef IEEE8021X_EAPOL eap_peer_config_free(&ssid->eap); #endif /* IEEE8021X_EAPOL */ @@ -2242,6 +2508,12 @@ void wpa_config_free_ssid(struct wpa_ssid *ssid) #ifdef CONFIG_MESH os_free(ssid->mesh_basic_rates); #endif /* CONFIG_MESH */ +#ifdef CONFIG_HS20 + os_free(ssid->roaming_consortium_selection); +#endif /* CONFIG_HS20 */ + os_free(ssid->dpp_connector); + bin_clear_free(ssid->dpp_netaccesskey, ssid->dpp_netaccesskey_len); + os_free(ssid->dpp_csign); while ((psk = dl_list_first(&ssid->psk_list, struct psk_list_entry, list))) { dl_list_del(&psk->list); @@ -2495,6 +2767,7 @@ void wpa_config_set_network_defaults(struct wpa_ssid *ssid) ssid->group_cipher = DEFAULT_GROUP; ssid->key_mgmt = DEFAULT_KEY_MGMT; ssid->bg_scan_period = DEFAULT_BG_SCAN_PERIOD; + ssid->ht = 1; #ifdef IEEE8021X_EAPOL ssid->eapol_flags = DEFAULT_EAPOL_FLAGS; ssid->eap_workaround = DEFAULT_EAP_WORKAROUND; @@ -2506,6 +2779,7 @@ void wpa_config_set_network_defaults(struct wpa_ssid *ssid) ssid->dot11MeshRetryTimeout = DEFAULT_MESH_RETRY_TIMEOUT; ssid->dot11MeshConfirmTimeout = DEFAULT_MESH_CONFIRM_TIMEOUT; ssid->dot11MeshHoldingTimeout = DEFAULT_MESH_HOLDING_TIMEOUT; + ssid->mesh_rssi_threshold = DEFAULT_MESH_RSSI_THRESHOLD; #endif /* CONFIG_MESH */ #ifdef CONFIG_HT_OVERRIDES ssid->disable_ht = DEFAULT_DISABLE_HT; @@ -2538,6 +2812,9 @@ void wpa_config_set_network_defaults(struct wpa_ssid *ssid) #ifdef CONFIG_IEEE80211W ssid->ieee80211w = MGMT_FRAME_PROTECTION_DEFAULT; #endif /* CONFIG_IEEE80211W */ +#ifdef CONFIG_MACSEC + ssid->mka_priority = DEFAULT_PRIO_NOT_KEY_SERVER; +#endif /* CONFIG_MACSEC */ ssid->mac_addr = -1; } @@ -2849,11 +3126,64 @@ static int wpa_config_set_cred_req_conn_capab(struct wpa_cred *cred, } +static int wpa_config_set_cred_roaming_consortiums(struct wpa_cred *cred, + const char *value) +{ + u8 roaming_consortiums[MAX_ROAMING_CONS][MAX_ROAMING_CONS_OI_LEN]; + size_t roaming_consortiums_len[MAX_ROAMING_CONS]; + unsigned int num_roaming_consortiums = 0; + const char *pos, *end; + size_t len; + + os_memset(roaming_consortiums, 0, sizeof(roaming_consortiums)); + os_memset(roaming_consortiums_len, 0, sizeof(roaming_consortiums_len)); + + for (pos = value;;) { + end = os_strchr(pos, ','); + len = end ? (size_t) (end - pos) : os_strlen(pos); + if (!end && len == 0) + break; + if (len == 0 || (len & 1) != 0 || + len / 2 > MAX_ROAMING_CONS_OI_LEN || + hexstr2bin(pos, + roaming_consortiums[num_roaming_consortiums], + len / 2) < 0) { + wpa_printf(MSG_INFO, + "Invalid roaming_consortiums entry: %s", + pos); + return -1; + } + roaming_consortiums_len[num_roaming_consortiums] = len / 2; + num_roaming_consortiums++; + + if (!end) + break; + + if (num_roaming_consortiums >= MAX_ROAMING_CONS) { + wpa_printf(MSG_INFO, + "Too many roaming_consortiums OIs"); + return -1; + } + + pos = end + 1; + } + + os_memcpy(cred->roaming_consortiums, roaming_consortiums, + sizeof(roaming_consortiums)); + os_memcpy(cred->roaming_consortiums_len, roaming_consortiums_len, + sizeof(roaming_consortiums_len)); + cred->num_roaming_consortiums = num_roaming_consortiums; + + return 0; +} + + int wpa_config_set_cred(struct wpa_cred *cred, const char *var, const char *value, int line) { char *val; size_t len; + int res; if (os_strcmp(var, "temporary") == 0) { cred->temporary = atoi(value); @@ -3076,6 +3406,16 @@ int wpa_config_set_cred(struct wpa_cred *cred, const char *var, return 0; } + if (os_strcmp(var, "roaming_consortiums") == 0) { + res = wpa_config_set_cred_roaming_consortiums(cred, val); + if (res < 0) + wpa_printf(MSG_ERROR, + "Line %d: invalid roaming_consortiums", + line); + os_free(val); + return res; + } + if (os_strcmp(var, "excluded_ssid") == 0) { struct excluded_ssid *e; @@ -3387,6 +3727,31 @@ char * wpa_config_get_cred_no_key(struct wpa_cred *cred, const char *var) return buf; } + if (os_strcmp(var, "roaming_consortiums") == 0) { + size_t buflen; + char *buf, *pos; + size_t i; + + if (!cred->num_roaming_consortiums) + return NULL; + buflen = cred->num_roaming_consortiums * + MAX_ROAMING_CONS_OI_LEN * 2 + 1; + buf = os_malloc(buflen); + if (!buf) + return NULL; + pos = buf; + for (i = 0; i < cred->num_roaming_consortiums; i++) { + if (i > 0) + *pos++ = ','; + pos += wpa_snprintf_hex( + pos, buf + buflen - pos, + cred->roaming_consortiums[i], + cred->roaming_consortiums_len[i]); + } + *pos = '\0'; + return buf; + } + if (os_strcmp(var, "excluded_ssid") == 0) { unsigned int i; char *buf, *end, *pos; @@ -3644,6 +4009,7 @@ struct wpa_config * wpa_config_alloc_empty(const char *ctrl_interface, config->bss_expiration_age = DEFAULT_BSS_EXPIRATION_AGE; config->bss_expiration_scan_count = DEFAULT_BSS_EXPIRATION_SCAN_COUNT; config->max_num_sta = DEFAULT_MAX_NUM_STA; + config->ap_isolate = DEFAULT_AP_ISOLATE; config->access_network_type = DEFAULT_ACCESS_NETWORK_TYPE; config->scan_cur_freq = DEFAULT_SCAN_CUR_FREQ; config->wmm_ac_params[0] = ac_be; @@ -3658,12 +4024,16 @@ struct wpa_config * wpa_config_alloc_empty(const char *ctrl_interface, #ifdef CONFIG_MBO config->mbo_cell_capa = DEFAULT_MBO_CELL_CAPA; + config->disassoc_imminent_rssi_threshold = + DEFAULT_DISASSOC_IMMINENT_RSSI_THRESHOLD; + config->oce = DEFAULT_OCE_SUPPORT; #endif /* CONFIG_MBO */ if (ctrl_interface) config->ctrl_interface = os_strdup(ctrl_interface); if (driver_param) config->driver_param = os_strdup(driver_param); + config->gas_rand_addr_lifetime = DEFAULT_RAND_ADDR_LIFETIME; return config; } @@ -4269,6 +4639,7 @@ static const struct global_parse_data global_fields[] = { { FUNC_NO_VAR(load_dynamic_eap), 0 }, #ifdef CONFIG_WPS { FUNC(uuid), CFG_CHANGED_UUID }, + { INT_RANGE(auto_uuid, 0, 1), 0 }, { STR_RANGE(device_name, 0, WPS_DEV_NAME_MAX_LEN), CFG_CHANGED_DEVICE_NAME }, { STR_RANGE(manufacturer, 0, 64), CFG_CHANGED_WPS_STRING }, @@ -4318,6 +4689,7 @@ static const struct global_parse_data global_fields[] = { { INT_RANGE(filter_ssids, 0, 1), 0 }, { INT_RANGE(filter_rssi, -100, 0), 0 }, { INT(max_num_sta), 0 }, + { INT_RANGE(ap_isolate, 0, 1), 0 }, { INT_RANGE(disassoc_low_ack, 0, 1), 0 }, #ifdef CONFIG_HS20 { INT_RANGE(hs20, 0, 1), 0 }, @@ -4325,6 +4697,11 @@ static const struct global_parse_data global_fields[] = { { INT_RANGE(interworking, 0, 1), 0 }, { FUNC(hessid), 0 }, { INT_RANGE(access_network_type, 0, 15), 0 }, + { INT_RANGE(go_interworking, 0, 1), 0 }, + { INT_RANGE(go_access_network_type, 0, 15), 0 }, + { INT_RANGE(go_internet, 0, 1), 0 }, + { INT_RANGE(go_venue_group, 0, 255), 0 }, + { INT_RANGE(go_venue_type, 0, 255), 0 }, { INT_RANGE(pbc_in_m1, 0, 1), 0 }, { STR(autoscan), 0 }, { INT_RANGE(wps_nfc_dev_pw_id, 0x10, 0xffff), @@ -4345,9 +4722,10 @@ static const struct global_parse_data global_fields[] = { { FUNC(freq_list), 0 }, { INT(scan_cur_freq), 0 }, { INT(sched_scan_interval), 0 }, + { INT(sched_scan_start_delay), 0 }, { INT(tdls_external_control), 0}, { STR(osu_dir), 0 }, - { STR(wowlan_triggers), 0 }, + { STR(wowlan_triggers), CFG_CHANGED_WOWLAN_TRIGGERS }, { INT(p2p_search_delay), 0}, { INT(mac_addr), 0 }, { INT(rand_addr_lifetime), 0 }, @@ -4361,16 +4739,23 @@ static const struct global_parse_data global_fields[] = { { INT_RANGE(fst_priority, 1, FST_MAX_PRIO_VALUE), 0 }, { INT_RANGE(fst_llt, 1, FST_MAX_LLT_MS), 0 }, #endif /* CONFIG_FST */ + { INT_RANGE(cert_in_cb, 0, 1), 0 }, { INT_RANGE(wpa_rsc_relaxation, 0, 1), 0 }, { STR(sched_scan_plans), CFG_CHANGED_SCHED_SCAN_PLANS }, #ifdef CONFIG_MBO { STR(non_pref_chan), 0 }, { INT_RANGE(mbo_cell_capa, MBO_CELL_CAPA_AVAILABLE, MBO_CELL_CAPA_NOT_SUPPORTED), 0 }, -#endif /*CONFIG_MBO */ + { INT_RANGE(disassoc_imminent_rssi_threshold, -120, 0), 0 }, + { INT_RANGE(oce, 0, 3), 0 }, +#endif /* CONFIG_MBO */ { INT(gas_address3), 0 }, { INT_RANGE(ftm_responder, 0, 1), 0 }, { INT_RANGE(ftm_initiator, 0, 1), 0 }, + { INT(gas_rand_addr_lifetime), 0 }, + { INT_RANGE(gas_rand_mac_addr, 0, 2), 0 }, + { INT_RANGE(dpp_config_processing, 0, 2), 0 }, + { INT_RANGE(coloc_intf_reporting, 0, 1), 0 }, }; #undef FUNC diff --git a/contrib/wpa/wpa_supplicant/config.h b/contrib/wpa/wpa_supplicant/config.h index 48e64be5da1a..cd7571f59329 100644 --- a/contrib/wpa/wpa_supplicant/config.h +++ b/contrib/wpa/wpa_supplicant/config.h @@ -32,6 +32,7 @@ #define DEFAULT_BSS_EXPIRATION_AGE 180 #define DEFAULT_BSS_EXPIRATION_SCAN_COUNT 2 #define DEFAULT_MAX_NUM_STA 128 +#define DEFAULT_AP_ISOLATE 0 #define DEFAULT_ACCESS_NETWORK_TYPE 15 #define DEFAULT_SCAN_CUR_FREQ 0 #define DEFAULT_P2P_SEARCH_DELAY 500 @@ -41,6 +42,8 @@ #define DEFAULT_P2P_GO_CTWINDOW 0 #define DEFAULT_WPA_RSC_RELAXATION 1 #define DEFAULT_MBO_CELL_CAPA MBO_CELL_CAPA_NOT_SUPPORTED +#define DEFAULT_DISASSOC_IMMINENT_RSSI_THRESHOLD -75 +#define DEFAULT_OCE_SUPPORT OCE_STA #include "config_ssid.h" #include "wps/wps.h" @@ -48,6 +51,9 @@ #include "common/ieee802_11_common.h" +#define MAX_ROAMING_CONS 36 +#define MAX_ROAMING_CONS_OI_LEN 15 + struct wpa_cred { /** * next - Next credential in the list @@ -222,10 +228,43 @@ struct wpa_cred { */ size_t roaming_consortium_len; + /** + * required_roaming_consortium - Required Roaming Consortium OI + * + * If required_roaming_consortium_len is non-zero, this field contains + * the Roaming Consortium OI that is required to be advertised by the AP + * for the credential to be considered matching. + */ u8 required_roaming_consortium[15]; + + /** + * required_roaming_consortium_len - Length of required_roaming_consortium + */ size_t required_roaming_consortium_len; /** + * roaming_consortiums - Roaming Consortium OI(s) memberships + * + * This field contains one or more OIs identifying the roaming + * consortiums of which the provider is a member. The list is sorted + * from the most preferred one to the least preferred one. A match + * between the Roaming Consortium OIs advertised by an AP and the OIs + * in this list indicates that successful authentication is possible. + * (Hotspot 2.0 PerProviderSubscription/<X+>/HomeSP/RoamingConsortiumOI) + */ + u8 roaming_consortiums[MAX_ROAMING_CONS][MAX_ROAMING_CONS_OI_LEN]; + + /** + * roaming_consortiums_len - Length on roaming_consortiums[i] + */ + size_t roaming_consortiums_len[MAX_ROAMING_CONS]; + + /** + * num_roaming_consortiums - Number of entries in roaming_consortiums + */ + unsigned int num_roaming_consortiums; + + /** * eap_method - EAP method to use * * Pre-configured EAP method to use with this credential or %NULL to @@ -334,6 +373,7 @@ struct wpa_cred { #define CFG_CHANGED_NFC_PASSWORD_TOKEN BIT(15) #define CFG_CHANGED_P2P_PASSPHRASE_LEN BIT(16) #define CFG_CHANGED_SCHED_SCAN_PLANS BIT(17) +#define CFG_CHANGED_WOWLAN_TRIGGERS BIT(18) /** * struct wpa_config - wpa_supplicant configuration data @@ -625,6 +665,13 @@ struct wpa_config { u8 uuid[16]; /** + * auto_uuid - Automatic UUID behavior + * 0 = generate static value based on the local MAC address (default) + * 1 = generate a random UUID every time wpa_supplicant starts + */ + int auto_uuid; + + /** * device_name - Device Name (WPS) * User-friendly description of device; up to 32 octets encoded in * UTF-8 @@ -833,6 +880,20 @@ struct wpa_config { unsigned int max_num_sta; /** + * ap_isolate - Whether to use client isolation feature + * + * Client isolation can be used to prevent low-level bridging of + * frames between associated stations in the BSS. By default, + * this bridging is allowed (ap_isolate=0); except in P2P GO case, + * where p2p_intra_bss parameter is used to determine whether to allow + * intra-BSS forwarding (ap_isolate = !p2p_intra_bss). + * + * 0 = do not enable AP isolation + * 1 = enable AP isolation + */ + int ap_isolate; + + /** * freq_list - Array of allowed scan frequencies or %NULL for all * * This is an optional zero-terminated array of frequencies in @@ -854,7 +915,7 @@ struct wpa_config { unsigned int changed_parameters; /** - * disassoc_low_ack - Disassocicate stations with massive packet loss + * disassoc_low_ack - Disassociate stations with massive packet loss */ int disassoc_low_ack; @@ -872,6 +933,34 @@ struct wpa_config { */ int access_network_type; + /** + * go_interworking - Whether Interworking for P2P GO is enabled + */ + int go_interworking; + + /** + * go_access_network_type - P2P GO Access Network Type + * + * This indicates which access network type to advertise if Interworking + * is enabled for P2P GO. + */ + int go_access_network_type; + + /** + * go_internet - Interworking: Internet connectivity (0 or 1) + */ + int go_internet; + + /** + * go_venue_group - Interworking: Venue group + */ + int go_venue_group; + + /** + * go_venue_type: Interworking: Venue type + */ + int go_venue_type; + /** * hessid - Homogenous ESS identifier * @@ -1096,6 +1185,15 @@ struct wpa_config { unsigned int sched_scan_interval; /** + * sched_scan_start_delay - Schedule scan start delay before first scan + * + * Delay (in seconds) before scheduling first scan plan cycle. The + * driver may ignore this parameter and start immediately (or at any + * other time), if this feature is not supported. + */ + unsigned int sched_scan_start_delay; + + /** * tdls_external_control - External control for TDLS setup requests * * Enable TDLS mode where external programs are given the control @@ -1291,6 +1389,19 @@ struct wpa_config { * mbo_cell_capa - Cellular capabilities for MBO */ enum mbo_cellular_capa mbo_cell_capa; + + /** + * disassoc_imminent_rssi_threshold - RSSI threshold of candidate AP + * when disassociation imminent is set. + */ + int disassoc_imminent_rssi_threshold; + + /** + * oce - Enable OCE in STA and/or STA-CFON mode + * - Set BIT(0) to enable OCE in non-AP STA mode + * - Set BIT(1) to enable OCE in STA-CFON mode + */ + unsigned int oce; #endif /* CONFIG_MBO */ /** @@ -1328,6 +1439,45 @@ struct wpa_config { * wpa_supplicant. */ int ftm_initiator; + + /** + * gas_rand_addr_lifetime - Lifetime of random MAC address for ANQP in + * seconds + */ + unsigned int gas_rand_addr_lifetime; + + /** + * gas_rand_mac_addr - GAS MAC address policy + * + * 0 = use permanent MAC address + * 1 = use random MAC address + * 2 = like 1, but maintain OUI (with local admin bit set) + */ + int gas_rand_mac_addr; + + /** + * dpp_config_processing - How to process DPP configuration + * + * 0 = report received configuration to an external program for + * processing; do not generate any network profile internally + * 1 = report received configuration to an external program and generate + * a network profile internally, but do not automatically connect + * to the created (disabled) profile; the network profile id is + * reported to external programs + * 2 = report received configuration to an external program, generate + * a network profile internally, try to connect to the created + * profile automatically + */ + int dpp_config_processing; + + /** + * coloc_intf_reporting - Colocated interference reporting + * + * dot11CoLocIntfReportingActivated + * 0 = disabled (false) + * 1 = enabled (true) + */ + int coloc_intf_reporting; }; diff --git a/contrib/wpa/wpa_supplicant/config_file.c b/contrib/wpa/wpa_supplicant/config_file.c index 7ae16545bebc..09115e19dc2d 100644 --- a/contrib/wpa/wpa_supplicant/config_file.c +++ b/contrib/wpa/wpa_supplicant/config_file.c @@ -19,6 +19,7 @@ #include "config.h" #include "base64.h" #include "uuid.h" +#include "common/ieee802_1x_defs.h" #include "p2p/p2p.h" #include "eap_peer/eap_methods.h" #include "eap_peer/eap.h" @@ -136,9 +137,13 @@ static int wpa_config_validate_network(struct wpa_ssid *ssid, int line) wpa_config_update_psk(ssid); } + if (ssid->disabled == 2) + ssid->p2p_persistent_group = 1; + if ((ssid->group_cipher & WPA_CIPHER_CCMP) && - !(ssid->pairwise_cipher & WPA_CIPHER_CCMP) && - !(ssid->pairwise_cipher & WPA_CIPHER_NONE)) { + !(ssid->pairwise_cipher & (WPA_CIPHER_CCMP | WPA_CIPHER_CCMP_256 | + WPA_CIPHER_GCMP | WPA_CIPHER_GCMP_256 | + WPA_CIPHER_NONE))) { /* Group cipher cannot be stronger than the pairwise cipher. */ wpa_printf(MSG_DEBUG, "Line %d: removed CCMP from group cipher" " list since it was not allowed for pairwise " @@ -308,7 +313,7 @@ static struct wpa_config_blob * wpa_config_read_blob(FILE *f, int *line, encoded_len += len; } - if (!end) { + if (!end || !encoded) { wpa_printf(MSG_ERROR, "Line %d: blob was not terminated " "properly", *line); os_free(encoded); @@ -393,7 +398,8 @@ struct wpa_config * wpa_config_read(const char *name, struct wpa_config *cfgp) if (f == NULL) { wpa_printf(MSG_ERROR, "Failed to open config file '%s', " "error: %s", name, strerror(errno)); - os_free(config); + if (config != cfgp) + os_free(config); return NULL; } @@ -459,7 +465,8 @@ struct wpa_config * wpa_config_read(const char *name, struct wpa_config *cfgp) #ifndef WPA_IGNORE_CONFIG_ERRORS if (errors) { - wpa_config_free(config); + if (config != cfgp) + wpa_config_free(config); config = NULL; head = NULL; } @@ -499,6 +506,17 @@ static void write_bssid(FILE *f, struct wpa_ssid *ssid) } +static void write_bssid_hint(FILE *f, struct wpa_ssid *ssid) +{ + char *value = wpa_config_get(ssid, "bssid_hint"); + + if (!value) + return; + fprintf(f, "\tbssid_hint=%s\n", value); + os_free(value); +} + + static void write_psk(FILE *f, struct wpa_ssid *ssid) { char *value; @@ -578,6 +596,22 @@ static void write_group(FILE *f, struct wpa_ssid *ssid) } +static void write_group_mgmt(FILE *f, struct wpa_ssid *ssid) +{ + char *value; + + if (!ssid->group_mgmt_cipher) + return; + + value = wpa_config_get(ssid, "group_mgmt"); + if (!value) + return; + if (value[0]) + fprintf(f, "\tgroup_mgmt=%s\n", value); + os_free(value); +} + + static void write_auth_alg(FILE *f, struct wpa_ssid *ssid) { char *value; @@ -662,6 +696,40 @@ static void write_psk_list(FILE *f, struct wpa_ssid *ssid) #endif /* CONFIG_P2P */ +#ifdef CONFIG_MACSEC + +static void write_mka_cak(FILE *f, struct wpa_ssid *ssid) +{ + char *value; + + if (!(ssid->mka_psk_set & MKA_PSK_SET_CAK)) + return; + + value = wpa_config_get(ssid, "mka_cak"); + if (!value) + return; + fprintf(f, "\tmka_cak=%s\n", value); + os_free(value); +} + + +static void write_mka_ckn(FILE *f, struct wpa_ssid *ssid) +{ + char *value; + + if (!(ssid->mka_psk_set & MKA_PSK_SET_CKN)) + return; + + value = wpa_config_get(ssid, "mka_ckn"); + if (!value) + return; + fprintf(f, "\tmka_ckn=%s\n", value); + os_free(value); +} + +#endif /* CONFIG_MACSEC */ + + static void wpa_config_write_network(FILE *f, struct wpa_ssid *ssid) { int i; @@ -675,15 +743,19 @@ static void wpa_config_write_network(FILE *f, struct wpa_ssid *ssid) STR(ssid); INT(scan_ssid); write_bssid(f, ssid); + write_bssid_hint(f, ssid); write_str(f, "bssid_blacklist", ssid); write_str(f, "bssid_whitelist", ssid); write_psk(f, ssid); INT(mem_only_psk); + STR(sae_password); + STR(sae_password_id); write_proto(f, ssid); write_key_mgmt(f, ssid); INT_DEF(bg_scan_period, DEFAULT_BG_SCAN_PERIOD); write_pairwise(f, ssid); write_group(f, ssid); + write_group_mgmt(f, ssid); write_auth_alg(f, ssid); STR(bgscan); STR(autoscan); @@ -692,6 +764,7 @@ static void wpa_config_write_network(FILE *f, struct wpa_ssid *ssid) write_eap(f, ssid); STR(identity); STR(anonymous_identity); + STR(imsi_identity); STR(password); STR(ca_cert); STR(ca_path); @@ -752,11 +825,16 @@ static void wpa_config_write_network(FILE *f, struct wpa_ssid *ssid) #endif /* CONFIG_ACS */ write_int(f, "proactive_key_caching", ssid->proactive_key_caching, -1); INT(disabled); - INT(peerkey); INT(mixed_cell); + INT(vht); + INT_DEF(ht, 1); + INT(ht40); INT(max_oper_chwidth); + INT(vht_center_freq1); + INT(vht_center_freq2); INT(pbss); INT(wps_disabled); + INT(fils_dh_group); #ifdef CONFIG_IEEE80211W write_int(f, "ieee80211w", ssid->ieee80211w, MGMT_FRAME_PROTECTION_DEFAULT); @@ -772,9 +850,15 @@ static void wpa_config_write_network(FILE *f, struct wpa_ssid *ssid) INT(beacon_int); #ifdef CONFIG_MACSEC INT(macsec_policy); + write_mka_cak(f, ssid); + write_mka_ckn(f, ssid); + INT(macsec_integ_only); + INT(macsec_port); + INT_DEF(mka_priority, DEFAULT_PRIO_NOT_KEY_SERVER); #endif /* CONFIG_MACSEC */ #ifdef CONFIG_HS20 INT(update_identifier); + STR(roaming_consortium_selection); #endif /* CONFIG_HS20 */ write_int(f, "mac_addr", ssid->mac_addr, -1); #ifdef CONFIG_MESH @@ -783,10 +867,19 @@ static void wpa_config_write_network(FILE *f, struct wpa_ssid *ssid) INT_DEF(dot11MeshRetryTimeout, DEFAULT_MESH_RETRY_TIMEOUT); INT_DEF(dot11MeshConfirmTimeout, DEFAULT_MESH_CONFIRM_TIMEOUT); INT_DEF(dot11MeshHoldingTimeout, DEFAULT_MESH_HOLDING_TIMEOUT); + INT_DEF(mesh_rssi_threshold, DEFAULT_MESH_RSSI_THRESHOLD); #endif /* CONFIG_MESH */ INT(wpa_ptk_rekey); INT(group_rekey); INT(ignore_broadcast_ssid); +#ifdef CONFIG_DPP + STR(dpp_connector); + STR(dpp_netaccesskey); + INT(dpp_netaccesskey_expiry); + STR(dpp_csign); +#endif /* CONFIG_DPP */ + INT(owe_group); + INT(owe_only); #ifdef CONFIG_HT_OVERRIDES INT_DEF(disable_ht, DEFAULT_DISABLE_HT); INT_DEF(disable_ht40, DEFAULT_DISABLE_HT40); @@ -949,6 +1042,20 @@ static void wpa_config_write_cred(FILE *f, struct wpa_cred *cred) fprintf(f, "\n"); } + if (cred->num_roaming_consortiums) { + size_t j; + + fprintf(f, "\troaming_consortiums=\""); + for (i = 0; i < cred->num_roaming_consortiums; i++) { + if (i > 0) + fprintf(f, ","); + for (j = 0; j < cred->roaming_consortiums_len[i]; j++) + fprintf(f, "%02x", + cred->roaming_consortiums[i][j]); + } + fprintf(f, "\"\n"); + } + if (cred->sim_num != DEFAULT_USER_SELECTED_SIM) fprintf(f, "\tsim_num=%d\n", cred->sim_num); } @@ -1039,6 +1146,8 @@ static void wpa_config_write_global(FILE *f, struct wpa_config *config) uuid_bin2str(config->uuid, buf, sizeof(buf)); fprintf(f, "uuid=%s\n", buf); } + if (config->auto_uuid) + fprintf(f, "auto_uuid=%d\n", config->auto_uuid); if (config->device_name) fprintf(f, "device_name=%s\n", config->device_name); if (config->manufacturer) @@ -1076,6 +1185,17 @@ static void wpa_config_write_global(FILE *f, struct wpa_config *config) } #endif /* CONFIG_WPS */ #ifdef CONFIG_P2P + { + int i; + char _buf[WPS_DEV_TYPE_BUFSIZE], *buf; + + for (i = 0; i < config->num_sec_device_types; i++) { + buf = wps_dev_type_bin2str(config->sec_device_type[i], + _buf, sizeof(_buf)); + if (buf) + fprintf(f, "sec_device_type=%s\n", buf); + } + } if (config->p2p_listen_reg_class) fprintf(f, "p2p_listen_reg_class=%d\n", config->p2p_listen_reg_class); @@ -1175,8 +1295,12 @@ static void wpa_config_write_global(FILE *f, struct wpa_config *config) config->bss_expiration_scan_count); if (config->filter_ssids) fprintf(f, "filter_ssids=%d\n", config->filter_ssids); + if (config->filter_rssi) + fprintf(f, "filter_rssi=%d\n", config->filter_rssi); if (config->max_num_sta != DEFAULT_MAX_NUM_STA) fprintf(f, "max_num_sta=%u\n", config->max_num_sta); + if (config->ap_isolate != DEFAULT_AP_ISOLATE) + fprintf(f, "ap_isolate=%u\n", config->ap_isolate); if (config->disassoc_low_ack) fprintf(f, "disassoc_low_ack=%d\n", config->disassoc_low_ack); #ifdef CONFIG_HS20 @@ -1191,6 +1315,17 @@ static void wpa_config_write_global(FILE *f, struct wpa_config *config) if (config->access_network_type != DEFAULT_ACCESS_NETWORK_TYPE) fprintf(f, "access_network_type=%d\n", config->access_network_type); + if (config->go_interworking) + fprintf(f, "go_interworking=%d\n", config->go_interworking); + if (config->go_access_network_type) + fprintf(f, "go_access_network_type=%d\n", + config->go_access_network_type); + if (config->go_internet) + fprintf(f, "go_internet=%d\n", config->go_internet); + if (config->go_venue_group) + fprintf(f, "go_venue_group=%d\n", config->go_venue_group); + if (config->go_venue_type) + fprintf(f, "go_venue_type=%d\n", config->go_venue_type); #endif /* CONFIG_INTERWORKING */ if (config->pbc_in_m1) fprintf(f, "pbc_in_m1=%d\n", config->pbc_in_m1); @@ -1226,7 +1361,7 @@ static void wpa_config_write_global(FILE *f, struct wpa_config *config) if (config->sae_groups) { int i; fprintf(f, "sae_groups="); - for (i = 0; config->sae_groups[i] >= 0; i++) { + for (i = 0; config->sae_groups[i] > 0; i++) { fprintf(f, "%s%d", i > 0 ? " " : "", config->sae_groups[i]); } @@ -1264,6 +1399,10 @@ static void wpa_config_write_global(FILE *f, struct wpa_config *config) fprintf(f, "sched_scan_interval=%u\n", config->sched_scan_interval); + if (config->sched_scan_start_delay) + fprintf(f, "sched_scan_start_delay=%u\n", + config->sched_scan_start_delay); + if (config->external_sim) fprintf(f, "external_sim=%d\n", config->external_sim); @@ -1278,6 +1417,9 @@ static void wpa_config_write_global(FILE *f, struct wpa_config *config) if (config->bgscan) fprintf(f, "bgscan=\"%s\"\n", config->bgscan); + if (config->autoscan) + fprintf(f, "autoscan=%s\n", config->autoscan); + if (config->p2p_search_delay != DEFAULT_P2P_SEARCH_DELAY) fprintf(f, "p2p_search_delay=%u\n", config->p2p_search_delay); @@ -1335,6 +1477,12 @@ static void wpa_config_write_global(FILE *f, struct wpa_config *config) fprintf(f, "non_pref_chan=%s\n", config->non_pref_chan); if (config->mbo_cell_capa != DEFAULT_MBO_CELL_CAPA) fprintf(f, "mbo_cell_capa=%u\n", config->mbo_cell_capa); + if (config->disassoc_imminent_rssi_threshold != + DEFAULT_DISASSOC_IMMINENT_RSSI_THRESHOLD) + fprintf(f, "disassoc_imminent_rssi_threshold=%d\n", + config->disassoc_imminent_rssi_threshold); + if (config->oce != DEFAULT_OCE_SUPPORT) + fprintf(f, "oce=%u\n", config->oce); #endif /* CONFIG_MBO */ if (config->gas_address3) @@ -1344,6 +1492,28 @@ static void wpa_config_write_global(FILE *f, struct wpa_config *config) fprintf(f, "ftm_responder=%d\n", config->ftm_responder); if (config->ftm_initiator) fprintf(f, "ftm_initiator=%d\n", config->ftm_initiator); + + if (config->osu_dir) + fprintf(f, "osu_dir=%s\n", config->osu_dir); + + if (config->fst_group_id) + fprintf(f, "fst_group_id=%s\n", config->fst_group_id); + if (config->fst_priority) + fprintf(f, "fst_priority=%d\n", config->fst_priority); + if (config->fst_llt) + fprintf(f, "fst_llt=%d\n", config->fst_llt); + + if (config->gas_rand_addr_lifetime != DEFAULT_RAND_ADDR_LIFETIME) + fprintf(f, "gas_rand_addr_lifetime=%u\n", + config->gas_rand_addr_lifetime); + if (config->gas_rand_mac_addr) + fprintf(f, "gas_rand_mac_addr=%d\n", config->gas_rand_mac_addr); + if (config->dpp_config_processing) + fprintf(f, "dpp_config_processing=%d\n", + config->dpp_config_processing); + if (config->coloc_intf_reporting) + fprintf(f, "coloc_intf_reporting=%d\n", + config->coloc_intf_reporting); } #endif /* CONFIG_NO_CONFIG_WRITE */ diff --git a/contrib/wpa/wpa_supplicant/config_ssid.h b/contrib/wpa/wpa_supplicant/config_ssid.h index 010b594af85e..d2a52d760089 100644 --- a/contrib/wpa/wpa_supplicant/config_ssid.h +++ b/contrib/wpa/wpa_supplicant/config_ssid.h @@ -28,6 +28,7 @@ #define DEFAULT_MESH_RETRY_TIMEOUT 40 #define DEFAULT_MESH_CONFIRM_TIMEOUT 40 #define DEFAULT_MESH_HOLDING_TIMEOUT 40 +#define DEFAULT_MESH_RSSI_THRESHOLD 1 /* no change */ #define DEFAULT_DISABLE_HT 0 #define DEFAULT_DISABLE_HT40 0 #define DEFAULT_DISABLE_SGI 0 @@ -146,6 +147,19 @@ struct wpa_ssid { int bssid_set; /** + * bssid_hint - BSSID hint + * + * If set, this is configured to the driver as a preferred initial BSSID + * while connecting to this network. + */ + u8 bssid_hint[ETH_ALEN]; + + /** + * bssid_hint_set - Whether BSSID hint is configured for this network + */ + int bssid_hint_set; + + /** * go_p2p_dev_addr - GO's P2P Device Address or all zeros if not set */ u8 go_p2p_dev_addr[ETH_ALEN]; @@ -170,6 +184,24 @@ struct wpa_ssid { char *passphrase; /** + * sae_password - SAE password + * + * This parameter can be used to set a password for SAE. By default, the + * passphrase value is used if this separate parameter is not used, but + * passphrase follows the WPA-PSK constraints (8..63 characters) even + * though SAE passwords do not have such constraints. + */ + char *sae_password; + + /** + * sae_password_id - SAE password identifier + * + * This parameter can be used to identify a specific SAE password. If + * not included, the default SAE password is used instead. + */ + char *sae_password_id; + + /** * ext_psk - PSK/passphrase name in external storage * * If this is set, PSK/passphrase will be fetched from external storage @@ -196,6 +228,15 @@ struct wpa_ssid { int group_cipher; /** + * group_mgmt_cipher - Bitfield of allowed group management ciphers + * + * This is a bitfield of WPA_CIPHER_AES_128_CMAC and WPA_CIPHER_BIP_* + * values. If 0, no constraint is used for the cipher, i.e., whatever + * the AP uses is accepted. + */ + int group_mgmt_cipher; + + /** * key_mgmt - Bitfield of allowed key management protocols * * WPA_KEY_MGMT_* @@ -392,17 +433,6 @@ struct wpa_ssid { int disabled_for_connect; /** - * peerkey - Whether PeerKey handshake for direct links is allowed - * - * This is only used when both RSN/WPA2 and IEEE 802.11e (QoS) are - * enabled. - * - * 0 = disabled (default) - * 1 = enabled - */ - int peerkey; - - /** * id_str - Network identifier string for external scripts * * This value is passed to external ctrl_iface monitors in @@ -470,12 +500,14 @@ struct wpa_ssid { int dot11MeshConfirmTimeout; /* msec */ int dot11MeshHoldingTimeout; /* msec */ + int ht; int ht40; int vht; - u8 max_oper_chwidth; + int max_oper_chwidth; + unsigned int vht_center_freq1; unsigned int vht_center_freq2; /** @@ -728,10 +760,71 @@ struct wpa_ssid { * determine whether to use a secure session or not. */ int macsec_policy; + + /** + * macsec_integ_only - Determines how MACsec are transmitted + * + * This setting applies only when MACsec is in use, i.e., + * - macsec_policy is enabled + * - the key server has decided to enable MACsec + * + * 0: Encrypt traffic (default) + * 1: Integrity only + */ + int macsec_integ_only; + + /** + * macsec_port - MACsec port (in SCI) + * + * Port component of the SCI. + * + * Range: 1-65534 (default: 1) + */ + int macsec_port; + + /** + * mka_priority - Priority of MKA Actor + * + * Range: 0-255 (default: 255) + */ + int mka_priority; + + /** + * mka_ckn - MKA pre-shared CKN + */ +#define MACSEC_CKN_LEN 32 + u8 mka_ckn[MACSEC_CKN_LEN]; + + /** + * mka_cak - MKA pre-shared CAK + */ +#define MACSEC_CAK_LEN 16 + u8 mka_cak[MACSEC_CAK_LEN]; + +#define MKA_PSK_SET_CKN BIT(0) +#define MKA_PSK_SET_CAK BIT(1) +#define MKA_PSK_SET (MKA_PSK_SET_CKN | MKA_PSK_SET_CAK) + /** + * mka_psk_set - Whether mka_ckn and mka_cak are set + */ + u8 mka_psk_set; #endif /* CONFIG_MACSEC */ #ifdef CONFIG_HS20 int update_identifier; + + /** + * roaming_consortium_selection - Roaming Consortium Selection + * + * The matching Roaming Consortium OI that was used to generate this + * network profile. + */ + u8 *roaming_consortium_selection; + + /** + * roaming_consortium_selection_len - roaming_consortium_selection len + */ + size_t roaming_consortium_selection_len; #endif /* CONFIG_HS20 */ unsigned int wps_run; @@ -758,12 +851,92 @@ struct wpa_ssid { int no_auto_peer; /** + * mesh_rssi_threshold - Set mesh parameter mesh_rssi_threshold (dBm) + * + * -255..-1 = threshold value in dBm + * 0 = not using RSSI threshold + * 1 = do not change driver default + */ + int mesh_rssi_threshold; + + /** * wps_disabled - WPS disabled in AP mode * * 0 = WPS enabled and configured (default) * 1 = WPS disabled */ int wps_disabled; + + /** + * fils_dh_group - FILS DH Group + * + * 0 = PFS disabled with FILS shared key authentication + * 1-65535 DH Group to use for FILS PFS + */ + int fils_dh_group; + + /** + * dpp_connector - DPP Connector (signedConnector as string) + */ + char *dpp_connector; + + /** + * dpp_netaccesskey - DPP netAccessKey (own private key) + */ + u8 *dpp_netaccesskey; + + /** + * dpp_netaccesskey_len - DPP netAccessKey length in octets + */ + size_t dpp_netaccesskey_len; + + /** + * net_access_key_expiry - DPP netAccessKey expiry in UNIX time stamp + * + * 0 indicates no expiration. + */ + unsigned int dpp_netaccesskey_expiry; + + /** + * dpp_csign - C-sign-key (Configurator public key) + */ + u8 *dpp_csign; + + /** + * dpp_csign_len - C-sign-key length in octets + */ + size_t dpp_csign_len; + + /** + * owe_group - OWE DH Group + * + * 0 = use default (19) first and then try all supported groups one by + * one if AP rejects the selected group + * 1-65535 DH Group to use for OWE + * + * Groups 19 (NIST P-256), 20 (NIST P-384), and 21 (NIST P-521) are + * currently supported. + */ + int owe_group; + + /** + * owe_only - OWE-only mode (disable transition mode) + * + * 0 = enable transition mode (allow connection to either OWE or open + * BSS) + * 1 = disable transition mode (allow connection only with OWE) + */ + int owe_only; + + /** + * owe_transition_bss_select_count - OWE transition BSS select count + * + * This is an internally used variable (i.e., not used in external + * configuration) to track the number of selection attempts done for + * OWE BSS in transition mode. This allows fallback to an open BSS if + * the selection attempts for OWE BSS exceed the configured threshold. + */ + int owe_transition_bss_select_count; }; #endif /* CONFIG_SSID_H */ diff --git a/contrib/wpa/wpa_supplicant/ctrl_iface.c b/contrib/wpa/wpa_supplicant/ctrl_iface.c index d814fdf7fd2d..77a3133d8d56 100644 --- a/contrib/wpa/wpa_supplicant/ctrl_iface.c +++ b/contrib/wpa/wpa_supplicant/ctrl_iface.c @@ -20,6 +20,9 @@ #include "common/ieee802_11_defs.h" #include "common/ieee802_11_common.h" #include "common/wpa_ctrl.h" +#ifdef CONFIG_DPP +#include "common/dpp.h" +#endif /* CONFIG_DPP */ #include "crypto/tls.h" #include "ap/hostapd.h" #include "eap_peer/eap.h" @@ -52,6 +55,7 @@ #include "offchannel.h" #include "drivers/driver.h" #include "mesh.h" +#include "dpp_supplicant.h" static int wpa_supplicant_global_iface_list(struct wpa_global *global, char *buf, int len); @@ -61,6 +65,7 @@ static int wpa_supplicant_global_iface_interfaces(struct wpa_global *global, static int * freq_range_to_channel_list(struct wpa_supplicant *wpa_s, char *val); + static int set_bssid_filter(struct wpa_supplicant *wpa_s, char *val) { char *pos; @@ -339,6 +344,75 @@ static int wpas_ctrl_iface_set_lci(struct wpa_supplicant *wpa_s, } +static int +wpas_ctrl_set_relative_rssi(struct wpa_supplicant *wpa_s, const char *cmd) +{ + int relative_rssi; + + if (os_strcmp(cmd, "disable") == 0) { + wpa_s->srp.relative_rssi_set = 0; + return 0; + } + + relative_rssi = atoi(cmd); + if (relative_rssi < 0 || relative_rssi > 100) + return -1; + wpa_s->srp.relative_rssi = relative_rssi; + wpa_s->srp.relative_rssi_set = 1; + return 0; +} + + +static int wpas_ctrl_set_relative_band_adjust(struct wpa_supplicant *wpa_s, + const char *cmd) +{ + char *pos; + int adjust_rssi; + + /* <band>:adjust_value */ + pos = os_strchr(cmd, ':'); + if (!pos) + return -1; + pos++; + adjust_rssi = atoi(pos); + if (adjust_rssi < -100 || adjust_rssi > 100) + return -1; + + if (os_strncmp(cmd, "2G", 2) == 0) + wpa_s->srp.relative_adjust_band = WPA_SETBAND_2G; + else if (os_strncmp(cmd, "5G", 2) == 0) + wpa_s->srp.relative_adjust_band = WPA_SETBAND_5G; + else + return -1; + + wpa_s->srp.relative_adjust_rssi = adjust_rssi; + + return 0; +} + + +static int wpas_ctrl_iface_set_ric_ies(struct wpa_supplicant *wpa_s, + const char *cmd) +{ + struct wpabuf *ric_ies; + + if (*cmd == '\0' || os_strcmp(cmd, "\"\"") == 0) { + wpabuf_free(wpa_s->ric_ies); + wpa_s->ric_ies = NULL; + return 0; + } + + ric_ies = wpabuf_parse_bin(cmd); + if (!ric_ies) + return -1; + + wpabuf_free(wpa_s->ric_ies); + wpa_s->ric_ies = ric_ies; + + return 0; +} + + static int wpa_supplicant_ctrl_iface_set(struct wpa_supplicant *wpa_s, char *cmd) { @@ -365,16 +439,29 @@ static int wpa_supplicant_ctrl_iface_set(struct wpa_supplicant *wpa_s, -1, -1, -1, atoi(value)); } else if (os_strcasecmp(cmd, "dot11RSNAConfigPMKLifetime") == 0) { if (wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME, - atoi(value))) + atoi(value))) { ret = -1; + } else { + value[-1] = '='; + wpa_config_process_global(wpa_s->conf, cmd, -1); + } } else if (os_strcasecmp(cmd, "dot11RSNAConfigPMKReauthThreshold") == 0) { if (wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD, - atoi(value))) + atoi(value))) { ret = -1; + } else { + value[-1] = '='; + wpa_config_process_global(wpa_s->conf, cmd, -1); + } } else if (os_strcasecmp(cmd, "dot11RSNAConfigSATimeout") == 0) { - if (wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT, atoi(value))) + if (wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT, + atoi(value))) { ret = -1; + } else { + value[-1] = '='; + wpa_config_process_global(wpa_s->conf, cmd, -1); + } } else if (os_strcasecmp(cmd, "wps_fragment_size") == 0) { wpa_s->wps_fragment_size = atoi(value); #ifdef CONFIG_WPS_TESTING @@ -494,6 +581,59 @@ static int wpa_supplicant_ctrl_iface_set(struct wpa_supplicant *wpa_s, ret = set_disallow_aps(wpa_s, value); } else if (os_strcasecmp(cmd, "no_keep_alive") == 0) { wpa_s->no_keep_alive = !!atoi(value); +#ifdef CONFIG_DPP + } else if (os_strcasecmp(cmd, "dpp_configurator_params") == 0) { + os_free(wpa_s->dpp_configurator_params); + wpa_s->dpp_configurator_params = os_strdup(value); + } else if (os_strcasecmp(cmd, "dpp_init_max_tries") == 0) { + wpa_s->dpp_init_max_tries = atoi(value); + } else if (os_strcasecmp(cmd, "dpp_init_retry_time") == 0) { + wpa_s->dpp_init_retry_time = atoi(value); + } else if (os_strcasecmp(cmd, "dpp_resp_wait_time") == 0) { + wpa_s->dpp_resp_wait_time = atoi(value); + } else if (os_strcasecmp(cmd, "dpp_resp_max_tries") == 0) { + wpa_s->dpp_resp_max_tries = atoi(value); + } else if (os_strcasecmp(cmd, "dpp_resp_retry_time") == 0) { + wpa_s->dpp_resp_retry_time = atoi(value); +#ifdef CONFIG_TESTING_OPTIONS + } else if (os_strcasecmp(cmd, "dpp_pkex_own_mac_override") == 0) { + if (hwaddr_aton(value, dpp_pkex_own_mac_override)) + ret = -1; + } else if (os_strcasecmp(cmd, "dpp_pkex_peer_mac_override") == 0) { + if (hwaddr_aton(value, dpp_pkex_peer_mac_override)) + ret = -1; + } else if (os_strcasecmp(cmd, "dpp_pkex_ephemeral_key_override") == 0) { + size_t hex_len = os_strlen(value); + + if (hex_len > + 2 * sizeof(dpp_pkex_ephemeral_key_override)) + ret = -1; + else if (hexstr2bin(value, dpp_pkex_ephemeral_key_override, + hex_len / 2)) + ret = -1; + else + dpp_pkex_ephemeral_key_override_len = hex_len / 2; + } else if (os_strcasecmp(cmd, "dpp_protocol_key_override") == 0) { + size_t hex_len = os_strlen(value); + + if (hex_len > 2 * sizeof(dpp_protocol_key_override)) + ret = -1; + else if (hexstr2bin(value, dpp_protocol_key_override, + hex_len / 2)) + ret = -1; + else + dpp_protocol_key_override_len = hex_len / 2; + } else if (os_strcasecmp(cmd, "dpp_nonce_override") == 0) { + size_t hex_len = os_strlen(value); + + if (hex_len > 2 * sizeof(dpp_nonce_override)) + ret = -1; + else if (hexstr2bin(value, dpp_nonce_override, hex_len / 2)) + ret = -1; + else + dpp_nonce_override_len = hex_len / 2; +#endif /* CONFIG_TESTING_OPTIONS */ +#endif /* CONFIG_DPP */ #ifdef CONFIG_TESTING_OPTIONS } else if (os_strcasecmp(cmd, "ext_mgmt_frame_handling") == 0) { wpa_s->ext_mgmt_frame_handling = !!atoi(value); @@ -515,9 +655,54 @@ static int wpa_supplicant_ctrl_iface_set(struct wpa_supplicant *wpa_s, wpa_s->ignore_auth_resp = !!atoi(value); } else if (os_strcasecmp(cmd, "ignore_assoc_disallow") == 0) { wpa_s->ignore_assoc_disallow = !!atoi(value); + wpa_drv_ignore_assoc_disallow(wpa_s, + wpa_s->ignore_assoc_disallow); } else if (os_strcasecmp(cmd, "reject_btm_req_reason") == 0) { wpa_s->reject_btm_req_reason = atoi(value); + } else if (os_strcasecmp(cmd, "get_pref_freq_list_override") == 0) { + os_free(wpa_s->get_pref_freq_list_override); + if (!value[0]) + wpa_s->get_pref_freq_list_override = NULL; + else + wpa_s->get_pref_freq_list_override = os_strdup(value); + } else if (os_strcasecmp(cmd, "sae_commit_override") == 0) { + wpabuf_free(wpa_s->sae_commit_override); + if (value[0] == '\0') + wpa_s->sae_commit_override = NULL; + else + wpa_s->sae_commit_override = wpabuf_parse_bin(value); +#ifdef CONFIG_DPP + } else if (os_strcasecmp(cmd, "dpp_config_obj_override") == 0) { + os_free(wpa_s->dpp_config_obj_override); + if (value[0] == '\0') + wpa_s->dpp_config_obj_override = NULL; + else + wpa_s->dpp_config_obj_override = os_strdup(value); + } else if (os_strcasecmp(cmd, "dpp_discovery_override") == 0) { + os_free(wpa_s->dpp_discovery_override); + if (value[0] == '\0') + wpa_s->dpp_discovery_override = NULL; + else + wpa_s->dpp_discovery_override = os_strdup(value); + } else if (os_strcasecmp(cmd, "dpp_groups_override") == 0) { + os_free(wpa_s->dpp_groups_override); + if (value[0] == '\0') + wpa_s->dpp_groups_override = NULL; + else + wpa_s->dpp_groups_override = os_strdup(value); + } else if (os_strcasecmp(cmd, + "dpp_ignore_netaccesskey_mismatch") == 0) { + wpa_s->dpp_ignore_netaccesskey_mismatch = atoi(value); + } else if (os_strcasecmp(cmd, "dpp_test") == 0) { + dpp_test = atoi(value); +#endif /* CONFIG_DPP */ #endif /* CONFIG_TESTING_OPTIONS */ +#ifdef CONFIG_FILS + } else if (os_strcasecmp(cmd, "disable_fils") == 0) { + wpa_s->disable_fils = !!atoi(value); + wpa_drv_disable_fils(wpa_s, wpa_s->disable_fils); + wpa_supplicant_set_default_scan_ies(wpa_s); +#endif /* CONFIG_FILS */ #ifndef CONFIG_NO_CONFIG_BLOBS } else if (os_strcmp(cmd, "blob") == 0) { ret = wpas_ctrl_set_blob(wpa_s, value); @@ -527,11 +712,53 @@ static int wpa_supplicant_ctrl_iface_set(struct wpa_supplicant *wpa_s, #ifdef CONFIG_MBO } else if (os_strcasecmp(cmd, "non_pref_chan") == 0) { ret = wpas_mbo_update_non_pref_chan(wpa_s, value); + if (ret == 0) { + value[-1] = '='; + wpa_config_process_global(wpa_s->conf, cmd, -1); + } } else if (os_strcasecmp(cmd, "mbo_cell_capa") == 0) { wpas_mbo_update_cell_capa(wpa_s, atoi(value)); + } else if (os_strcasecmp(cmd, "oce") == 0) { + wpa_s->conf->oce = atoi(value); + if (wpa_s->conf->oce) { + if ((wpa_s->conf->oce & OCE_STA) && + (wpa_s->drv_flags & WPA_DRIVER_FLAGS_OCE_STA)) + wpa_s->enable_oce = OCE_STA; + + if ((wpa_s->conf->oce & OCE_STA_CFON) && + (wpa_s->drv_flags & + WPA_DRIVER_FLAGS_OCE_STA_CFON)) { + /* TODO: Need to add STA-CFON support */ + wpa_printf(MSG_ERROR, + "OCE STA-CFON feature is not yet supported"); + return -1; + } + } else { + wpa_s->enable_oce = 0; + } + wpa_supplicant_set_default_scan_ies(wpa_s); #endif /* CONFIG_MBO */ } else if (os_strcasecmp(cmd, "lci") == 0) { ret = wpas_ctrl_iface_set_lci(wpa_s, value); + } else if (os_strcasecmp(cmd, "tdls_trigger_control") == 0) { + ret = wpa_drv_set_tdls_mode(wpa_s, atoi(value)); + } else if (os_strcasecmp(cmd, "relative_rssi") == 0) { + ret = wpas_ctrl_set_relative_rssi(wpa_s, value); + } else if (os_strcasecmp(cmd, "relative_band_adjust") == 0) { + ret = wpas_ctrl_set_relative_band_adjust(wpa_s, value); + } else if (os_strcasecmp(cmd, "ric_ies") == 0) { + ret = wpas_ctrl_iface_set_ric_ies(wpa_s, value); + } else if (os_strcasecmp(cmd, "roaming") == 0) { + ret = wpa_drv_roaming(wpa_s, atoi(value), NULL); +#ifdef CONFIG_WNM + } else if (os_strcasecmp(cmd, "coloc_intf_elems") == 0) { + struct wpabuf *elems; + + elems = wpabuf_parse_bin(value); + if (!elems) + return -1; + wnm_set_coloc_intf_elems(wpa_s, elems); +#endif /* CONFIG_WNM */ } else { value[-1] = '='; ret = wpa_config_process_global(wpa_s->conf, cmd, -1); @@ -577,6 +804,12 @@ static int wpa_supplicant_ctrl_iface_get(struct wpa_supplicant *wpa_s, #endif /* CONFIG_TESTING_GET_GTK */ } else if (os_strcmp(cmd, "tls_library") == 0) { res = tls_get_library_version(buf, buflen); +#ifdef CONFIG_TESTING_OPTIONS + } else if (os_strcmp(cmd, "anonce") == 0) { + return wpa_snprintf_hex(buf, buflen, + wpa_sm_get_anonce(wpa_s->wpa), + WPA_NONCE_LEN); +#endif /* CONFIG_TESTING_OPTIONS */ } else { res = wpa_config_get_value(cmd, wpa_s->conf, buf, buflen); } @@ -610,27 +843,6 @@ static int wpa_supplicant_ctrl_iface_preauth(struct wpa_supplicant *wpa_s, #endif /* IEEE8021X_EAPOL */ -#ifdef CONFIG_PEERKEY -/* MLME-STKSTART.request(peer) */ -static int wpa_supplicant_ctrl_iface_stkstart( - struct wpa_supplicant *wpa_s, char *addr) -{ - u8 peer[ETH_ALEN]; - - if (hwaddr_aton(addr, peer)) { - wpa_printf(MSG_DEBUG, "CTRL_IFACE STKSTART: invalid " - "address '%s'", addr); - return -1; - } - - wpa_printf(MSG_DEBUG, "CTRL_IFACE STKSTART " MACSTR, - MAC2STR(peer)); - - return wpa_sm_stkstart(wpa_s->wpa, peer); -} -#endif /* CONFIG_PEERKEY */ - - #ifdef CONFIG_TDLS static int wpa_supplicant_ctrl_iface_tdls_discover( @@ -1914,6 +2126,7 @@ static int wpa_supplicant_ctrl_iface_status(struct wpa_supplicant *wpa_s, #endif /* CONFIG_AP */ pos += wpa_sm_get_status(wpa_s->wpa, pos, end - pos, verbose); } +#ifdef CONFIG_SME #ifdef CONFIG_SAE if (wpa_s->wpa_state >= WPA_ASSOCIATED && #ifdef CONFIG_AP @@ -1927,6 +2140,7 @@ static int wpa_supplicant_ctrl_iface_status(struct wpa_supplicant *wpa_s, pos += ret; } #endif /* CONFIG_SAE */ +#endif /* CONFIG_SME */ ret = os_snprintf(pos, end - pos, "wpa_state=%s\n", wpa_supplicant_state_txt(wpa_s->wpa_state)); if (os_snprintf_error(end - pos, ret)) @@ -2048,6 +2262,12 @@ static int wpa_supplicant_ctrl_iface_status(struct wpa_supplicant *wpa_s, pos += res; } +#ifdef CONFIG_MACSEC + res = ieee802_1x_kay_get_status(wpa_s->kay, pos, end - pos); + if (res > 0) + pos += res; +#endif /* CONFIG_MACSEC */ + sess_id = eapol_sm_get_session_id(wpa_s->eapol, &sess_id_len); if (sess_id) { char *start = pos; @@ -2081,6 +2301,13 @@ static int wpa_supplicant_ctrl_iface_status(struct wpa_supplicant *wpa_s, } #endif /* CONFIG_WPS */ + if (wpa_s->ieee80211ac) { + ret = os_snprintf(pos, end - pos, "ieee80211ac=1\n"); + if (os_snprintf_error(end - pos, ret)) + return pos - buf; + pos += ret; + } + #ifdef ANDROID /* * Allow using the STATUS command with default behavior, say for debug, @@ -2437,6 +2664,59 @@ static char * wpa_supplicant_ie_txt(char *pos, char *end, const char *proto, } #endif /* CONFIG_SUITEB192 */ +#ifdef CONFIG_FILS + if (data.key_mgmt & WPA_KEY_MGMT_FILS_SHA256) { + ret = os_snprintf(pos, end - pos, "%sFILS-SHA256", + pos == start ? "" : "+"); + if (os_snprintf_error(end - pos, ret)) + return pos; + pos += ret; + } + if (data.key_mgmt & WPA_KEY_MGMT_FILS_SHA384) { + ret = os_snprintf(pos, end - pos, "%sFILS-SHA384", + pos == start ? "" : "+"); + if (os_snprintf_error(end - pos, ret)) + return pos; + pos += ret; + } +#ifdef CONFIG_IEEE80211R + if (data.key_mgmt & WPA_KEY_MGMT_FT_FILS_SHA256) { + ret = os_snprintf(pos, end - pos, "%sFT-FILS-SHA256", + pos == start ? "" : "+"); + if (os_snprintf_error(end - pos, ret)) + return pos; + pos += ret; + } + if (data.key_mgmt & WPA_KEY_MGMT_FT_FILS_SHA384) { + ret = os_snprintf(pos, end - pos, "%sFT-FILS-SHA384", + pos == start ? "" : "+"); + if (os_snprintf_error(end - pos, ret)) + return pos; + pos += ret; + } +#endif /* CONFIG_IEEE80211R */ +#endif /* CONFIG_FILS */ + +#ifdef CONFIG_OWE + if (data.key_mgmt & WPA_KEY_MGMT_OWE) { + ret = os_snprintf(pos, end - pos, "%sOWE", + pos == start ? "" : "+"); + if (os_snprintf_error(end - pos, ret)) + return pos; + pos += ret; + } +#endif /* CONFIG_OWE */ + +#ifdef CONFIG_DPP + if (data.key_mgmt & WPA_KEY_MGMT_DPP) { + ret = os_snprintf(pos, end - pos, "%sDPP", + pos == start ? "" : "+"); + if (os_snprintf_error(end - pos, ret)) + return pos; + pos += ret; + } +#endif /* CONFIG_DPP */ + if (data.key_mgmt & WPA_KEY_MGMT_OSEN) { ret = os_snprintf(pos, end - pos, "%sOSEN", pos == start ? "" : "+"); @@ -2512,7 +2792,7 @@ static int wpa_supplicant_ctrl_iface_scan_result( { char *pos, *end; int ret; - const u8 *ie, *ie2, *osen_ie, *p2p, *mesh; + const u8 *ie, *ie2, *osen_ie, *p2p, *mesh, *owe; mesh = wpa_bss_get_ie(bss, WLAN_EID_MESH_ID); p2p = wpa_bss_get_vendor_ie(bss, P2P_IE_VENDOR_TYPE); @@ -2543,6 +2823,14 @@ static int wpa_supplicant_ctrl_iface_scan_result( if (osen_ie) pos = wpa_supplicant_ie_txt(pos, end, "OSEN", osen_ie, 2 + osen_ie[1]); + owe = wpa_bss_get_vendor_ie(bss, OWE_IE_VENDOR_TYPE); + if (owe) { + ret = os_snprintf(pos, end - pos, + ie2 ? "[OWE-TRANS]" : "[OWE-TRANS-OPEN]"); + if (os_snprintf_error(end - pos, ret)) + return -1; + pos += ret; + } pos = wpa_supplicant_wps_ie_txt(wpa_s, pos, end, bss); if (!ie && !ie2 && !osen_ie && (bss->caps & IEEE80211_CAP_PRIVACY)) { ret = os_snprintf(pos, end - pos, "[WEP]"); @@ -2608,6 +2896,14 @@ static int wpa_supplicant_ctrl_iface_scan_result( pos += ret; } #endif /* CONFIG_HS20 */ +#ifdef CONFIG_FILS + if (wpa_bss_get_ie(bss, WLAN_EID_FILS_INDICATION)) { + ret = os_snprintf(pos, end - pos, "[FILS]"); + if (os_snprintf_error(end - pos, ret)) + return -1; + pos += ret; + } +#endif /* CONFIG_FILS */ #ifdef CONFIG_FST if (wpa_bss_get_ie(bss, WLAN_EID_MULTI_BAND)) { ret = os_snprintf(pos, end - pos, "[FST]"); @@ -2835,9 +3131,8 @@ static int wpa_supplicant_ctrl_iface_select_network( if (pos) { int *freqs = freq_range_to_channel_list(wpa_s, pos + 6); if (freqs) { - wpa_s->scan_req = MANUAL_SCAN_REQ; - os_free(wpa_s->manual_scan_freqs); - wpa_s->manual_scan_freqs = freqs; + os_free(wpa_s->select_network_scan_freqs); + wpa_s->select_network_scan_freqs = freqs; } } @@ -3012,6 +3307,7 @@ static int wpa_supplicant_ctrl_iface_update_network( return 0; /* No change to the previously configured value */ if (os_strcmp(name, "bssid") != 0 && + os_strcmp(name, "bssid_hint") != 0 && os_strcmp(name, "priority") != 0) { wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid); @@ -3647,6 +3943,50 @@ static int ctrl_iface_get_capability_key_mgmt(int res, char *strict, pos += ret; } #endif /* CONFIG_SUITEB192 */ +#ifdef CONFIG_OWE + if (capa->key_mgmt & WPA_DRIVER_CAPA_KEY_MGMT_OWE) { + ret = os_snprintf(pos, end - pos, " OWE"); + if (os_snprintf_error(end - pos, ret)) + return pos - buf; + pos += ret; + } +#endif /* CONFIG_OWE */ +#ifdef CONFIG_DPP + if (capa->key_mgmt & WPA_DRIVER_CAPA_KEY_MGMT_DPP) { + ret = os_snprintf(pos, end - pos, " DPP"); + if (os_snprintf_error(end - pos, ret)) + return pos - buf; + pos += ret; + } +#endif /* CONFIG_DPP */ +#ifdef CONFIG_FILS + if (capa->key_mgmt & WPA_DRIVER_CAPA_KEY_MGMT_FILS_SHA256) { + ret = os_snprintf(pos, end - pos, " FILS-SHA256"); + if (os_snprintf_error(end - pos, ret)) + return pos - buf; + pos += ret; + } + if (capa->key_mgmt & WPA_DRIVER_CAPA_KEY_MGMT_FILS_SHA384) { + ret = os_snprintf(pos, end - pos, " FILS-SHA384"); + if (os_snprintf_error(end - pos, ret)) + return pos - buf; + pos += ret; + } +#ifdef CONFIG_IEEE80211R + if (capa->key_mgmt & WPA_DRIVER_CAPA_KEY_MGMT_FT_FILS_SHA256) { + ret = os_snprintf(pos, end - pos, " FT-FILS-SHA256"); + if (os_snprintf_error(end - pos, ret)) + return pos - buf; + pos += ret; + } + if (capa->key_mgmt & WPA_DRIVER_CAPA_KEY_MGMT_FT_FILS_SHA384) { + ret = os_snprintf(pos, end - pos, " FT-FILS-SHA384"); + if (os_snprintf_error(end - pos, ret)) + return pos - buf; + pos += ret; + } +#endif /* CONFIG_IEEE80211R */ +#endif /* CONFIG_FILS */ return pos - buf; } @@ -3749,6 +4089,26 @@ static int ctrl_iface_get_capability_auth_alg(struct wpa_supplicant *wpa_s, } #endif /* CONFIG_SAE */ +#ifdef CONFIG_FILS + if (wpa_is_fils_supported(wpa_s)) { + ret = os_snprintf(pos, end - pos, "%sFILS_SK_WITHOUT_PFS", + pos == buf ? "" : " "); + if (os_snprintf_error(end - pos, ret)) + return pos - buf; + pos += ret; + } + +#ifdef CONFIG_FILS_SK_PFS + if (wpa_is_fils_sk_pfs_supported(wpa_s)) { + ret = os_snprintf(pos, end - pos, "%sFILS_SK_WITH_PFS", + pos == buf ? "" : " "); + if (os_snprintf_error(end - pos, ret)) + return pos - buf; + pos += ret; + } +#endif /* CONFIG_FILS_SK_PFS */ +#endif /* CONFIG_FILS */ + return pos - buf; } @@ -4006,6 +4366,27 @@ static int wpa_supplicant_ctrl_iface_get_capability( } #endif /* CONFIG_ACS */ +#ifdef CONFIG_FILS + if (os_strcmp(field, "fils") == 0) { +#ifdef CONFIG_FILS_SK_PFS + if (wpa_is_fils_supported(wpa_s) && + wpa_is_fils_sk_pfs_supported(wpa_s)) { + res = os_snprintf(buf, buflen, "FILS FILS-SK-PFS"); + if (os_snprintf_error(buflen, res)) + return -1; + return res; + } +#endif /* CONFIG_FILS_SK_PFS */ + + if (wpa_is_fils_supported(wpa_s)) { + res = os_snprintf(buf, buflen, "FILS"); + if (os_snprintf_error(buflen, res)) + return -1; + return res; + } + } +#endif /* CONFIG_FILS */ + wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown GET_CAPABILITY field '%s'", field); @@ -4048,13 +4429,85 @@ static char * anqp_add_hex(char *pos, char *end, const char *title, #endif /* CONFIG_INTERWORKING */ +#ifdef CONFIG_FILS +static int print_fils_indication(struct wpa_bss *bss, char *pos, char *end) +{ + char *start = pos; + const u8 *ie, *ie_end; + u16 info, realms; + int ret; + + ie = wpa_bss_get_ie(bss, WLAN_EID_FILS_INDICATION); + if (!ie) + return 0; + ie_end = ie + 2 + ie[1]; + ie += 2; + if (ie_end - ie < 2) + return -1; + + info = WPA_GET_LE16(ie); + ie += 2; + ret = os_snprintf(pos, end - pos, "fils_info=%04x\n", info); + if (os_snprintf_error(end - pos, ret)) + return 0; + pos += ret; + + if (info & BIT(7)) { + /* Cache Identifier Included */ + if (ie_end - ie < 2) + return -1; + ret = os_snprintf(pos, end - pos, "fils_cache_id=%02x%02x\n", + ie[0], ie[1]); + if (os_snprintf_error(end - pos, ret)) + return 0; + pos += ret; + ie += 2; + } + + if (info & BIT(8)) { + /* HESSID Included */ + if (ie_end - ie < ETH_ALEN) + return -1; + ret = os_snprintf(pos, end - pos, "fils_hessid=" MACSTR "\n", + MAC2STR(ie)); + if (os_snprintf_error(end - pos, ret)) + return 0; + pos += ret; + ie += ETH_ALEN; + } + + realms = (info & (BIT(3) | BIT(4) | BIT(5))) >> 3; + if (realms) { + if (ie_end - ie < realms * 2) + return -1; + ret = os_snprintf(pos, end - pos, "fils_realms="); + if (os_snprintf_error(end - pos, ret)) + return 0; + pos += ret; + + ret = wpa_snprintf_hex(pos, end - pos, ie, realms * 2); + if (ret <= 0) + return 0; + pos += ret; + ie += realms * 2; + ret = os_snprintf(pos, end - pos, "\n"); + if (os_snprintf_error(end - pos, ret)) + return 0; + pos += ret; + } + + return pos - start; +} +#endif /* CONFIG_FILS */ + + static int print_bss_info(struct wpa_supplicant *wpa_s, struct wpa_bss *bss, unsigned long mask, char *buf, size_t buflen) { size_t i; int ret; char *pos, *end; - const u8 *ie, *ie2, *osen_ie; + const u8 *ie, *ie2, *osen_ie, *mesh, *owe; pos = buf; end = buf + buflen; @@ -4163,18 +4616,30 @@ static int print_bss_info(struct wpa_supplicant *wpa_s, struct wpa_bss *bss, return 0; pos += ret; + mesh = wpa_bss_get_ie(bss, WLAN_EID_MESH_ID); + ie = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE); if (ie) pos = wpa_supplicant_ie_txt(pos, end, "WPA", ie, 2 + ie[1]); ie2 = wpa_bss_get_ie(bss, WLAN_EID_RSN); if (ie2) - pos = wpa_supplicant_ie_txt(pos, end, "WPA2", ie2, + pos = wpa_supplicant_ie_txt(pos, end, + mesh ? "RSN" : "WPA2", ie2, 2 + ie2[1]); osen_ie = wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE); if (osen_ie) pos = wpa_supplicant_ie_txt(pos, end, "OSEN", osen_ie, 2 + osen_ie[1]); + owe = wpa_bss_get_vendor_ie(bss, OWE_IE_VENDOR_TYPE); + if (owe) { + ret = os_snprintf( + pos, end - pos, + ie2 ? "[OWE-TRANS]" : "[OWE-TRANS-OPEN]"); + if (os_snprintf_error(end - pos, ret)) + return 0; + pos += ret; + } pos = wpa_supplicant_wps_ie_txt(wpa_s, pos, end, bss); if (!ie && !ie2 && !osen_ie && (bss->caps & IEEE80211_CAP_PRIVACY)) { @@ -4183,6 +4648,14 @@ static int print_bss_info(struct wpa_supplicant *wpa_s, struct wpa_bss *bss, return 0; pos += ret; } + + if (mesh) { + ret = os_snprintf(pos, end - pos, "[MESH]"); + if (os_snprintf_error(end - pos, ret)) + return 0; + pos += ret; + } + if (bss_is_dmg(bss)) { const char *s; ret = os_snprintf(pos, end - pos, "[DMG]"); @@ -4236,6 +4709,14 @@ static int print_bss_info(struct wpa_supplicant *wpa_s, struct wpa_bss *bss, pos += ret; } #endif /* CONFIG_HS20 */ +#ifdef CONFIG_FILS + if (wpa_bss_get_ie(bss, WLAN_EID_FILS_INDICATION)) { + ret = os_snprintf(pos, end - pos, "[FILS]"); + if (os_snprintf_error(end - pos, ret)) + return 0; + pos += ret; + } +#endif /* CONFIG_FILS */ ret = os_snprintf(pos, end - pos, "\n"); if (os_snprintf_error(end - pos, ret)) @@ -4320,6 +4801,8 @@ static int print_bss_info(struct wpa_supplicant *wpa_s, struct wpa_bss *bss, pos = anqp_add_hex(pos, end, "anqp_3gpp", anqp->anqp_3gpp); pos = anqp_add_hex(pos, end, "anqp_domain_name", anqp->domain_name); + pos = anqp_add_hex(pos, end, "anqp_fils_realm_info", + anqp->fils_realm_info); #ifdef CONFIG_HS20 pos = anqp_add_hex(pos, end, "hs20_capability_list", anqp->hs20_capability_list); @@ -4333,6 +4816,10 @@ static int print_bss_info(struct wpa_supplicant *wpa_s, struct wpa_bss *bss, anqp->hs20_operating_class); pos = anqp_add_hex(pos, end, "hs20_osu_providers_list", anqp->hs20_osu_providers_list); + pos = anqp_add_hex(pos, end, "hs20_operator_icon_metadata", + anqp->hs20_operator_icon_metadata); + pos = anqp_add_hex(pos, end, "hs20_osu_providers_nai_list", + anqp->hs20_osu_providers_nai_list); #endif /* CONFIG_HS20 */ dl_list_for_each(elem, &anqp->anqp_elems, @@ -4381,6 +4868,44 @@ static int print_bss_info(struct wpa_supplicant *wpa_s, struct wpa_bss *bss, } #endif /* CONFIG_FST */ + if (mask & WPA_BSS_MASK_UPDATE_IDX) { + ret = os_snprintf(pos, end - pos, "update_idx=%u\n", + bss->last_update_idx); + if (os_snprintf_error(end - pos, ret)) + return 0; + pos += ret; + } + + if ((mask & WPA_BSS_MASK_BEACON_IE) && bss->beacon_ie_len) { + ret = os_snprintf(pos, end - pos, "beacon_ie="); + if (os_snprintf_error(end - pos, ret)) + return 0; + pos += ret; + + ie = (const u8 *) (bss + 1); + ie += bss->ie_len; + for (i = 0; i < bss->beacon_ie_len; i++) { + ret = os_snprintf(pos, end - pos, "%02x", *ie++); + if (os_snprintf_error(end - pos, ret)) + return 0; + pos += ret; + } + + ret = os_snprintf(pos, end - pos, "\n"); + if (os_snprintf_error(end - pos, ret)) + return 0; + pos += ret; + } + +#ifdef CONFIG_FILS + if (mask & WPA_BSS_MASK_FILS_INDICATION) { + ret = print_fils_indication(bss, pos, end); + if (ret < 0) + return 0; + pos += ret; + } +#endif /* CONFIG_FILS */ + if (mask & WPA_BSS_MASK_DELIM) { ret = os_snprintf(pos, end - pos, "====\n"); if (os_snprintf_error(end - pos, ret)) @@ -4471,6 +4996,8 @@ static int wpa_supplicant_ctrl_iface_bss(struct wpa_supplicant *wpa_s, bss = dl_list_entry(next, struct wpa_bss, list_id); } + } else if (os_strncmp(cmd, "CURRENT", 7) == 0) { + bss = wpa_s->current_bss; #ifdef CONFIG_P2P } else if (os_strncmp(cmd, "p2p_dev_addr=", 13) == 0) { if (hwaddr_aton(cmd + 13, bssid) == 0) @@ -5768,13 +6295,21 @@ static int p2p_ctrl_group_add(struct wpa_supplicant *wpa_s, char *cmd) int ht40 = wpa_s->conf->p2p_go_ht40 || vht; int max_oper_chwidth, chwidth = 0, freq2 = 0; char *token, *context = NULL; +#ifdef CONFIG_ACS + int acs = 0; +#endif /* CONFIG_ACS */ while ((token = str_token(cmd, " ", &context))) { - if (sscanf(token, "freq=%d", &freq) == 1 || - sscanf(token, "freq2=%d", &freq2) == 1 || + if (sscanf(token, "freq2=%d", &freq2) == 1 || sscanf(token, "persistent=%d", &group_id) == 1 || sscanf(token, "max_oper_chwidth=%d", &chwidth) == 1) { continue; +#ifdef CONFIG_ACS + } else if (os_strcmp(token, "freq=acs") == 0) { + acs = 1; +#endif /* CONFIG_ACS */ + } else if (sscanf(token, "freq=%d", &freq) == 1) { + continue; } else if (os_strcmp(token, "ht40") == 0) { ht40 = 1; } else if (os_strcmp(token, "vht") == 0) { @@ -5790,6 +6325,24 @@ static int p2p_ctrl_group_add(struct wpa_supplicant *wpa_s, char *cmd) } } +#ifdef CONFIG_ACS + if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_ACS_OFFLOAD) && + (acs || freq == 2 || freq == 5)) { + if (freq == 2 && wpa_s->best_24_freq <= 0) { + wpa_s->p2p_go_acs_band = HOSTAPD_MODE_IEEE80211G; + wpa_s->p2p_go_do_acs = 1; + freq = 0; + } else if (freq == 5 && wpa_s->best_5_freq <= 0) { + wpa_s->p2p_go_acs_band = HOSTAPD_MODE_IEEE80211A; + wpa_s->p2p_go_do_acs = 1; + freq = 0; + } else { + wpa_s->p2p_go_acs_band = HOSTAPD_MODE_IEEE80211ANY; + wpa_s->p2p_go_do_acs = 1; + } + } +#endif /* CONFIG_ACS */ + max_oper_chwidth = parse_freq(chwidth, freq2); if (max_oper_chwidth < 0) return -1; @@ -5827,10 +6380,24 @@ static int p2p_ctrl_group_member(struct wpa_supplicant *wpa_s, const char *cmd, } +static int wpas_find_p2p_dev_addr_bss(struct wpa_global *global, + const u8 *p2p_dev_addr) +{ + struct wpa_supplicant *wpa_s; + + for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) { + if (wpa_bss_get_p2p_dev_addr(wpa_s, p2p_dev_addr)) + return 1; + } + + return 0; +} + + static int p2p_ctrl_peer(struct wpa_supplicant *wpa_s, char *cmd, char *buf, size_t buflen) { - u8 addr[ETH_ALEN], *addr_ptr; + u8 addr[ETH_ALEN], *addr_ptr, group_capab; int next, res; const struct p2p_peer_info *info; char *pos, *end; @@ -5859,6 +6426,16 @@ static int p2p_ctrl_peer(struct wpa_supplicant *wpa_s, char *cmd, info = p2p_get_peer_info(wpa_s->global->p2p, addr_ptr, next); if (info == NULL) return -1; + group_capab = info->group_capab; + + if (group_capab && + !wpas_find_p2p_dev_addr_bss(wpa_s->global, info->p2p_device_addr)) { + wpa_printf(MSG_DEBUG, + "P2P: Could not find any BSS with p2p_dev_addr " + MACSTR ", hence override group_capab from 0x%x to 0", + MAC2STR(info->p2p_device_addr), group_capab); + group_capab = 0; + } pos = buf; end = buf + buflen; @@ -5884,7 +6461,7 @@ static int p2p_ctrl_peer(struct wpa_supplicant *wpa_s, char *cmd, info->serial_number, info->config_methods, info->dev_capab, - info->group_capab, + group_capab, info->level); if (os_snprintf_error(end - pos, res)) return pos - buf; @@ -6165,6 +6742,20 @@ static int p2p_ctrl_set(struct wpa_supplicant *wpa_s, char *cmd) return 0; } + if (os_strcmp(cmd, "override_pref_op_chan") == 0) { + int op_class, chan; + + op_class = atoi(param); + param = os_strchr(param, ':'); + if (!param) + return -1; + param++; + chan = atoi(param); + p2p_set_override_pref_op_chan(wpa_s->global->p2p, op_class, + chan); + return 0; + } + wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown P2P_SET field value '%s'", cmd); @@ -6176,6 +6767,12 @@ static void p2p_ctrl_flush(struct wpa_supplicant *wpa_s) { os_memset(wpa_s->p2p_auth_invite, 0, ETH_ALEN); wpa_s->force_long_sd = 0; + +#ifdef CONFIG_TESTING_OPTIONS + os_free(wpa_s->get_pref_freq_list_override); + wpa_s->get_pref_freq_list_override = NULL; +#endif /* CONFIG_TESTING_OPTIONS */ + wpas_p2p_stop_find(wpa_s); wpa_s->parent->p2ps_method_config_any = 0; if (wpa_s->global->p2p) @@ -6383,7 +6980,7 @@ static int get_anqp(struct wpa_supplicant *wpa_s, char *dst) u16 id[MAX_ANQP_INFO_ID]; size_t num_id = 0; u32 subtypes = 0; - int get_cell_pref = 0; + u32 mbo_subtypes = 0; used = hwaddr_aton2(dst, dst_addr); if (used < 0) @@ -6404,9 +7001,10 @@ static int get_anqp(struct wpa_supplicant *wpa_s, char *dst) } else if (os_strncmp(pos, "mbo:", 4) == 0) { #ifdef CONFIG_MBO int num = atoi(pos + 4); - if (num != MBO_ANQP_SUBTYPE_CELL_CONN_PREF) + + if (num <= 0 || num > MAX_MBO_ANQP_SUBTYPE) return -1; - get_cell_pref = 1; + mbo_subtypes |= BIT(num); #else /* CONFIG_MBO */ return -1; #endif /* CONFIG_MBO */ @@ -6421,11 +7019,11 @@ static int get_anqp(struct wpa_supplicant *wpa_s, char *dst) pos++; } - if (num_id == 0) + if (num_id == 0 && !subtypes && !mbo_subtypes) return -1; return anqp_send_req(wpa_s, dst_addr, id, num_id, subtypes, - get_cell_pref); + mbo_subtypes); } @@ -6762,6 +7360,9 @@ static int wpa_supplicant_ctrl_iface_autoscan(struct wpa_supplicant *wpa_s, autoscan_init(wpa_s, 1); else if (state == WPA_SCANNING) wpa_supplicant_reinit_autoscan(wpa_s); + else + wpa_printf(MSG_DEBUG, "No autoscan update in state %s", + wpa_supplicant_state_txt(state)); return 0; } @@ -6824,26 +7425,41 @@ static int wpas_ctrl_iface_wnm_sleep(struct wpa_supplicant *wpa_s, char *cmd) static int wpas_ctrl_iface_wnm_bss_query(struct wpa_supplicant *wpa_s, char *cmd) { int query_reason, list = 0; + char *btm_candidates = NULL; query_reason = atoi(cmd); cmd = os_strchr(cmd, ' '); if (cmd) { - cmd++; - if (os_strncmp(cmd, "list", 4) == 0) { + if (os_strncmp(cmd, " list", 5) == 0) list = 1; - } else { - wpa_printf(MSG_DEBUG, "WNM Query: Invalid option %s", - cmd); - return -1; - } + else + btm_candidates = cmd; } wpa_printf(MSG_DEBUG, "CTRL_IFACE: WNM_BSS_QUERY query_reason=%d%s", query_reason, list ? " candidate list" : ""); - return wnm_send_bss_transition_mgmt_query(wpa_s, query_reason, list); + return wnm_send_bss_transition_mgmt_query(wpa_s, query_reason, + btm_candidates, + list); +} + + +static int wpas_ctrl_iface_coloc_intf_report(struct wpa_supplicant *wpa_s, + char *cmd) +{ + struct wpabuf *elems; + int ret; + + elems = wpabuf_parse_bin(cmd); + if (!elems) + return -1; + + ret = wnm_send_coloc_intf_report(wpa_s, 0, elems); + wpabuf_free(elems); + return ret; } #endif /* CONFIG_WNM */ @@ -6879,10 +7495,17 @@ static int wpa_supplicant_signal_poll(struct wpa_supplicant *wpa_s, char *buf, pos += ret; } - if (si.center_frq1 > 0 && si.center_frq2 > 0) { - ret = os_snprintf(pos, end - pos, - "CENTER_FRQ1=%d\nCENTER_FRQ2=%d\n", - si.center_frq1, si.center_frq2); + if (si.center_frq1 > 0) { + ret = os_snprintf(pos, end - pos, "CENTER_FRQ1=%d\n", + si.center_frq1); + if (os_snprintf_error(end - pos, ret)) + return -1; + pos += ret; + } + + if (si.center_frq2 > 0) { + ret = os_snprintf(pos, end - pos, "CENTER_FRQ2=%d\n", + si.center_frq2); if (os_snprintf_error(end - pos, ret)) return -1; pos += ret; @@ -6930,6 +7553,46 @@ static int wpas_ctrl_iface_signal_monitor(struct wpa_supplicant *wpa_s, } +#ifdef CONFIG_TESTING_OPTIONS +int wpas_ctrl_iface_get_pref_freq_list_override(struct wpa_supplicant *wpa_s, + enum wpa_driver_if_type if_type, + unsigned int *num, + unsigned int *freq_list) +{ + char *pos = wpa_s->get_pref_freq_list_override; + char *end; + unsigned int count = 0; + + /* Override string format: + * <if_type1>:<freq1>,<freq2>,... <if_type2>:... */ + + while (pos) { + if (atoi(pos) == (int) if_type) + break; + pos = os_strchr(pos, ' '); + if (pos) + pos++; + } + if (!pos) + return -1; + pos = os_strchr(pos, ':'); + if (!pos) + return -1; + pos++; + end = os_strchr(pos, ' '); + while (pos && (!end || pos < end) && count < *num) { + freq_list[count++] = atoi(pos); + pos = os_strchr(pos, ','); + if (pos) + pos++; + } + + *num = count; + return 0; +} +#endif /* CONFIG_TESTING_OPTIONS */ + + static int wpas_ctrl_iface_get_pref_freq_list( struct wpa_supplicant *wpa_s, char *cmd, char *buf, size_t buflen) { @@ -7116,7 +7779,8 @@ static void wpa_supplicant_ctrl_iface_flush(struct wpa_supplicant *wpa_s) wpa_dbg(wpa_s, MSG_DEBUG, "Flush all wpa_supplicant state"); - wpas_abort_ongoing_scan(wpa_s); + if (wpas_abort_ongoing_scan(wpa_s) == 0) + wpa_s->ignore_post_flush_scan_res = 1; if (wpa_s->wpa_state >= WPA_AUTHENTICATING) { /* @@ -7157,6 +7821,22 @@ static void wpa_supplicant_ctrl_iface_flush(struct wpa_supplicant *wpa_s) wpa_s->after_wps = 0; wpa_s->known_wps_freq = 0; +#ifdef CONFIG_DPP + wpas_dpp_deinit(wpa_s); + wpa_s->dpp_init_max_tries = 0; + wpa_s->dpp_init_retry_time = 0; + wpa_s->dpp_resp_wait_time = 0; + wpa_s->dpp_resp_max_tries = 0; + wpa_s->dpp_resp_retry_time = 0; +#ifdef CONFIG_TESTING_OPTIONS + os_memset(dpp_pkex_own_mac_override, 0, ETH_ALEN); + os_memset(dpp_pkex_peer_mac_override, 0, ETH_ALEN); + dpp_pkex_ephemeral_key_override_len = 0; + dpp_protocol_key_override_len = 0; + dpp_nonce_override_len = 0; +#endif /* CONFIG_TESTING_OPTIONS */ +#endif /* CONFIG_DPP */ + #ifdef CONFIG_TDLS #ifdef CONFIG_TDLS_TESTING tdls_testing = 0; @@ -7218,13 +7898,29 @@ static void wpa_supplicant_ctrl_iface_flush(struct wpa_supplicant *wpa_s) wpa_s->p2p_go_csa_on_inv = 0; wpa_s->ignore_auth_resp = 0; wpa_s->ignore_assoc_disallow = 0; + wpa_s->testing_resend_assoc = 0; wpa_s->reject_btm_req_reason = 0; wpa_sm_set_test_assoc_ie(wpa_s->wpa, NULL); + os_free(wpa_s->get_pref_freq_list_override); + wpa_s->get_pref_freq_list_override = NULL; + wpabuf_free(wpa_s->sae_commit_override); + wpa_s->sae_commit_override = NULL; +#ifdef CONFIG_DPP + os_free(wpa_s->dpp_config_obj_override); + wpa_s->dpp_config_obj_override = NULL; + os_free(wpa_s->dpp_discovery_override); + wpa_s->dpp_discovery_override = NULL; + os_free(wpa_s->dpp_groups_override); + wpa_s->dpp_groups_override = NULL; + dpp_test = DPP_TEST_DISABLED; +#endif /* CONFIG_DPP */ #endif /* CONFIG_TESTING_OPTIONS */ wpa_s->disconnected = 0; os_free(wpa_s->next_scan_freqs); wpa_s->next_scan_freqs = NULL; + os_free(wpa_s->select_network_scan_freqs); + wpa_s->select_network_scan_freqs = NULL; wpa_bss_flush(wpa_s); if (!dl_list_empty(&wpa_s->bss)) { @@ -7242,6 +7938,9 @@ static void wpa_supplicant_ctrl_iface_flush(struct wpa_supplicant *wpa_s) #ifdef CONFIG_SME wpa_s->sme.last_unprot_disconnect.sec = 0; #endif /* CONFIG_SME */ + + wpabuf_free(wpa_s->ric_ies); + wpa_s->ric_ies = NULL; } @@ -7539,6 +8238,19 @@ static void wpas_ctrl_scan(struct wpa_supplicant *wpa_s, char *params, goto done; } + pos = os_strstr(params, "bssid="); + if (pos) { + u8 bssid[ETH_ALEN]; + + pos += 6; + if (hwaddr_aton(pos, bssid)) { + wpa_printf(MSG_ERROR, "Invalid BSSID %s", pos); + *reply_len = -1; + goto done; + } + os_memcpy(wpa_s->next_scan_bssid, bssid, ETH_ALEN); + } + pos = params; while (pos && *pos != '\0') { if (os_strncmp(pos, "ssid ", 5) == 0) { @@ -7824,6 +8536,124 @@ static int wpas_ctrl_iface_mgmt_rx_process(struct wpa_supplicant *wpa_s, } +static int wpas_ctrl_iface_driver_scan_res(struct wpa_supplicant *wpa_s, + char *param) +{ + struct wpa_scan_res *res; + struct os_reltime now; + char *pos, *end; + int ret = -1; + + if (!param) + return -1; + + if (os_strcmp(param, "START") == 0) { + wpa_bss_update_start(wpa_s); + return 0; + } + + if (os_strcmp(param, "END") == 0) { + wpa_bss_update_end(wpa_s, NULL, 1); + return 0; + } + + if (os_strncmp(param, "BSS ", 4) != 0) + return -1; + param += 3; + + res = os_zalloc(sizeof(*res) + os_strlen(param) / 2); + if (!res) + return -1; + + pos = os_strstr(param, " flags="); + if (pos) + res->flags = strtol(pos + 7, NULL, 16); + + pos = os_strstr(param, " bssid="); + if (pos && hwaddr_aton(pos + 7, res->bssid)) + goto fail; + + pos = os_strstr(param, " freq="); + if (pos) + res->freq = atoi(pos + 6); + + pos = os_strstr(param, " beacon_int="); + if (pos) + res->beacon_int = atoi(pos + 12); + + pos = os_strstr(param, " caps="); + if (pos) + res->caps = strtol(pos + 6, NULL, 16); + + pos = os_strstr(param, " qual="); + if (pos) + res->qual = atoi(pos + 6); + + pos = os_strstr(param, " noise="); + if (pos) + res->noise = atoi(pos + 7); + + pos = os_strstr(param, " level="); + if (pos) + res->level = atoi(pos + 7); + + pos = os_strstr(param, " tsf="); + if (pos) + res->tsf = strtoll(pos + 5, NULL, 16); + + pos = os_strstr(param, " age="); + if (pos) + res->age = atoi(pos + 5); + + pos = os_strstr(param, " est_throughput="); + if (pos) + res->est_throughput = atoi(pos + 16); + + pos = os_strstr(param, " snr="); + if (pos) + res->snr = atoi(pos + 5); + + pos = os_strstr(param, " parent_tsf="); + if (pos) + res->parent_tsf = strtoll(pos + 7, NULL, 16); + + pos = os_strstr(param, " tsf_bssid="); + if (pos && hwaddr_aton(pos + 11, res->tsf_bssid)) + goto fail; + + pos = os_strstr(param, " ie="); + if (pos) { + pos += 4; + end = os_strchr(pos, ' '); + if (!end) + end = pos + os_strlen(pos); + res->ie_len = (end - pos) / 2; + if (hexstr2bin(pos, (u8 *) (res + 1), res->ie_len)) + goto fail; + } + + pos = os_strstr(param, " beacon_ie="); + if (pos) { + pos += 11; + end = os_strchr(pos, ' '); + if (!end) + end = pos + os_strlen(pos); + res->beacon_ie_len = (end - pos) / 2; + if (hexstr2bin(pos, ((u8 *) (res + 1)) + res->ie_len, + res->beacon_ie_len)) + goto fail; + } + + os_get_reltime(&now); + wpa_bss_update_scan_res(wpa_s, res, &now); + ret = 0; +fail: + os_free(res); + + return ret; +} + + static int wpas_ctrl_iface_driver_event(struct wpa_supplicant *wpa_s, char *cmd) { char *pos, *param; @@ -7854,6 +8684,8 @@ static int wpas_ctrl_iface_driver_event(struct wpa_supplicant *wpa_s, char *cmd) wpa_supplicant_event(wpa_s, ev, &event); os_free(event.freq_range.range); return 0; + } else if (os_strcmp(cmd, "SCAN_RES") == 0) { + return wpas_ctrl_iface_driver_scan_res(wpa_s, param); } else { wpa_dbg(wpa_s, MSG_DEBUG, "Testing - unknown driver event: %s", cmd); @@ -8218,6 +9050,79 @@ static int wpas_ctrl_test_assoc_ie(struct wpa_supplicant *wpa_s, return 0; } + +static int wpas_ctrl_reset_pn(struct wpa_supplicant *wpa_s) +{ + u8 zero[WPA_TK_MAX_LEN]; + + if (wpa_s->last_tk_alg == WPA_ALG_NONE) + return -1; + + wpa_printf(MSG_INFO, "TESTING: Reset PN"); + os_memset(zero, 0, sizeof(zero)); + + /* First, use a zero key to avoid any possible duplicate key avoidance + * in the driver. */ + if (wpa_drv_set_key(wpa_s, wpa_s->last_tk_alg, wpa_s->last_tk_addr, + wpa_s->last_tk_key_idx, 1, zero, 6, + zero, wpa_s->last_tk_len) < 0) + return -1; + + /* Set the previously configured key to reset its TSC/RSC */ + return wpa_drv_set_key(wpa_s, wpa_s->last_tk_alg, wpa_s->last_tk_addr, + wpa_s->last_tk_key_idx, 1, zero, 6, + wpa_s->last_tk, wpa_s->last_tk_len); +} + + +static int wpas_ctrl_key_request(struct wpa_supplicant *wpa_s, const char *cmd) +{ + const char *pos = cmd; + int error, pairwise; + + error = atoi(pos); + pos = os_strchr(pos, ' '); + if (!pos) + return -1; + pairwise = atoi(pos); + wpa_sm_key_request(wpa_s->wpa, error, pairwise); + return 0; +} + + +static int wpas_ctrl_resend_assoc(struct wpa_supplicant *wpa_s) +{ +#ifdef CONFIG_SME + struct wpa_driver_associate_params params; + int ret; + + os_memset(¶ms, 0, sizeof(params)); + params.bssid = wpa_s->bssid; + params.ssid = wpa_s->sme.ssid; + params.ssid_len = wpa_s->sme.ssid_len; + params.freq.freq = wpa_s->sme.freq; + if (wpa_s->last_assoc_req_wpa_ie) { + params.wpa_ie = wpabuf_head(wpa_s->last_assoc_req_wpa_ie); + params.wpa_ie_len = wpabuf_len(wpa_s->last_assoc_req_wpa_ie); + } + params.pairwise_suite = wpa_s->pairwise_cipher; + params.group_suite = wpa_s->group_cipher; + params.mgmt_group_suite = wpa_s->mgmt_group_cipher; + params.key_mgmt_suite = wpa_s->key_mgmt; + params.wpa_proto = wpa_s->wpa_proto; + params.mgmt_frame_protection = wpa_s->sme.mfp; + params.rrm_used = wpa_s->rrm.rrm_used; + if (wpa_s->sme.prev_bssid_set) + params.prev_bssid = wpa_s->sme.prev_bssid; + wpa_printf(MSG_INFO, "TESTING: Resend association request"); + ret = wpa_drv_associate(wpa_s, ¶ms); + wpa_s->testing_resend_assoc = 1; + return ret; +#else /* CONFIG_SME */ + return -1; +#endif /* CONFIG_SME */ +} + #endif /* CONFIG_TESTING_OPTIONS */ @@ -8641,6 +9546,248 @@ static void wpas_ctrl_iface_pmksa_flush(struct wpa_supplicant *wpa_s) } +#ifdef CONFIG_PMKSA_CACHE_EXTERNAL + +static int wpas_ctrl_iface_pmksa_get(struct wpa_supplicant *wpa_s, + const char *cmd, char *buf, size_t buflen) +{ + struct rsn_pmksa_cache_entry *entry; + struct wpa_ssid *ssid; + char *pos, *pos2, *end; + int ret; + struct os_reltime now; + + ssid = wpa_config_get_network(wpa_s->conf, atoi(cmd)); + if (!ssid) + return -1; + + pos = buf; + end = buf + buflen; + + os_get_reltime(&now); + + /* + * Entry format: + * <BSSID> <PMKID> <PMK> <reauth_time in seconds> + * <expiration in seconds> <akmp> <opportunistic> + * [FILS Cache Identifier] + */ + + for (entry = wpa_sm_pmksa_cache_head(wpa_s->wpa); entry; + entry = entry->next) { + if (entry->network_ctx != ssid) + continue; + + pos2 = pos; + ret = os_snprintf(pos2, end - pos2, MACSTR " ", + MAC2STR(entry->aa)); + if (os_snprintf_error(end - pos2, ret)) + break; + pos2 += ret; + + pos2 += wpa_snprintf_hex(pos2, end - pos2, entry->pmkid, + PMKID_LEN); + + ret = os_snprintf(pos2, end - pos2, " "); + if (os_snprintf_error(end - pos2, ret)) + break; + pos2 += ret; + + pos2 += wpa_snprintf_hex(pos2, end - pos2, entry->pmk, + entry->pmk_len); + + ret = os_snprintf(pos2, end - pos2, " %d %d %d %d", + (int) (entry->reauth_time - now.sec), + (int) (entry->expiration - now.sec), + entry->akmp, + entry->opportunistic); + if (os_snprintf_error(end - pos2, ret)) + break; + pos2 += ret; + + if (entry->fils_cache_id_set) { + ret = os_snprintf(pos2, end - pos2, " %02x%02x", + entry->fils_cache_id[0], + entry->fils_cache_id[1]); + if (os_snprintf_error(end - pos2, ret)) + break; + pos2 += ret; + } + + ret = os_snprintf(pos2, end - pos2, "\n"); + if (os_snprintf_error(end - pos2, ret)) + break; + pos2 += ret; + + pos = pos2; + } + + return pos - buf; +} + + +static int wpas_ctrl_iface_pmksa_add(struct wpa_supplicant *wpa_s, + char *cmd) +{ + struct rsn_pmksa_cache_entry *entry; + struct wpa_ssid *ssid; + char *pos, *pos2; + int ret = -1; + struct os_reltime now; + int reauth_time = 0, expiration = 0, i; + + /* + * Entry format: + * <network_id> <BSSID> <PMKID> <PMK> <reauth_time in seconds> + * <expiration in seconds> <akmp> <opportunistic> + * [FILS Cache Identifier] + */ + + ssid = wpa_config_get_network(wpa_s->conf, atoi(cmd)); + if (!ssid) + return -1; + + pos = os_strchr(cmd, ' '); + if (!pos) + return -1; + pos++; + + entry = os_zalloc(sizeof(*entry)); + if (!entry) + return -1; + + if (hwaddr_aton(pos, entry->aa)) + goto fail; + + pos = os_strchr(pos, ' '); + if (!pos) + goto fail; + pos++; + + if (hexstr2bin(pos, entry->pmkid, PMKID_LEN) < 0) + goto fail; + + pos = os_strchr(pos, ' '); + if (!pos) + goto fail; + pos++; + + pos2 = os_strchr(pos, ' '); + if (!pos2) + goto fail; + entry->pmk_len = (pos2 - pos) / 2; + if (entry->pmk_len < PMK_LEN || entry->pmk_len > PMK_LEN_MAX || + hexstr2bin(pos, entry->pmk, entry->pmk_len) < 0) + goto fail; + + pos = os_strchr(pos, ' '); + if (!pos) + goto fail; + pos++; + + if (sscanf(pos, "%d %d %d %d", &reauth_time, &expiration, + &entry->akmp, &entry->opportunistic) != 4) + goto fail; + for (i = 0; i < 4; i++) { + pos = os_strchr(pos, ' '); + if (!pos) { + if (i < 3) + goto fail; + break; + } + pos++; + } + if (pos) { + if (hexstr2bin(pos, entry->fils_cache_id, + FILS_CACHE_ID_LEN) < 0) + goto fail; + entry->fils_cache_id_set = 1; + } + os_get_reltime(&now); + entry->expiration = now.sec + expiration; + entry->reauth_time = now.sec + reauth_time; + + entry->network_ctx = ssid; + + wpa_sm_pmksa_cache_add_entry(wpa_s->wpa, entry); + entry = NULL; + ret = 0; +fail: + os_free(entry); + return ret; +} + + +#ifdef CONFIG_MESH + +static int wpas_ctrl_iface_mesh_pmksa_get(struct wpa_supplicant *wpa_s, + const char *cmd, char *buf, + size_t buflen) +{ + u8 spa[ETH_ALEN]; + + if (!wpa_s->ifmsh) + return -1; + + if (os_strcasecmp(cmd, "any") == 0) + return wpas_ap_pmksa_cache_list_mesh(wpa_s, NULL, buf, buflen); + + if (hwaddr_aton(cmd, spa)) + return -1; + + return wpas_ap_pmksa_cache_list_mesh(wpa_s, spa, buf, buflen); +} + + +static int wpas_ctrl_iface_mesh_pmksa_add(struct wpa_supplicant *wpa_s, + char *cmd) +{ + /* + * We do not check mesh interface existance because PMKSA should be + * stored before wpa_s->ifmsh creation to suppress commit message + * creation. + */ + return wpas_ap_pmksa_cache_add_external(wpa_s, cmd); +} + +#endif /* CONFIG_MESH */ +#endif /* CONFIG_PMKSA_CACHE_EXTERNAL */ + + +#ifdef CONFIG_FILS +static int wpas_ctrl_iface_fils_hlp_req_add(struct wpa_supplicant *wpa_s, + const char *cmd) +{ + struct fils_hlp_req *req; + const char *pos; + + /* format: <dst> <packet starting from ethertype> */ + + req = os_zalloc(sizeof(*req)); + if (!req) + return -1; + + if (hwaddr_aton(cmd, req->dst)) + goto fail; + + pos = os_strchr(cmd, ' '); + if (!pos) + goto fail; + pos++; + req->pkt = wpabuf_parse_bin(pos); + if (!req->pkt) + goto fail; + + dl_list_add_tail(&wpa_s->fils_hlp_req, &req->list); + return 0; +fail: + wpabuf_free(req->pkt); + os_free(req); + return -1; +} +#endif /* CONFIG_FILS */ + + static int wpas_ctrl_cmd_debug_level(const char *cmd) { if (os_strcmp(cmd, "PING") == 0 || @@ -8662,7 +9809,9 @@ char * wpa_supplicant_ctrl_iface_process(struct wpa_supplicant *wpa_s, int reply_len; if (os_strncmp(buf, WPA_CTRL_RSP, os_strlen(WPA_CTRL_RSP)) == 0 || - os_strncmp(buf, "SET_NETWORK ", 12) == 0) { + os_strncmp(buf, "SET_NETWORK ", 12) == 0 || + os_strncmp(buf, "PMKSA_ADD ", 10) == 0 || + os_strncmp(buf, "MESH_PMKSA_ADD ", 15) == 0) { if (wpa_debug_show_keys) wpa_dbg(wpa_s, MSG_DEBUG, "Control interface command '%s'", buf); @@ -8671,7 +9820,9 @@ char * wpa_supplicant_ctrl_iface_process(struct wpa_supplicant *wpa_s, "Control interface command '%s [REMOVED]'", os_strncmp(buf, WPA_CTRL_RSP, os_strlen(WPA_CTRL_RSP)) == 0 ? - WPA_CTRL_RSP : "SET_NETWORK"); + WPA_CTRL_RSP : + (os_strncmp(buf, "SET_NETWORK ", 12) == 0 ? + "SET_NETWORK" : "key-add")); } else if (os_strncmp(buf, "WPS_NFC_TAG_READ", 16) == 0 || os_strncmp(buf, "NFC_REPORT_HANDOVER", 19) == 0) { wpa_hexdump_ascii_key(MSG_DEBUG, "RX ctrl_iface", @@ -8715,6 +9866,22 @@ char * wpa_supplicant_ctrl_iface_process(struct wpa_supplicant *wpa_s, reply_len = wpas_ctrl_iface_pmksa(wpa_s, reply, reply_size); } else if (os_strcmp(buf, "PMKSA_FLUSH") == 0) { wpas_ctrl_iface_pmksa_flush(wpa_s); +#ifdef CONFIG_PMKSA_CACHE_EXTERNAL + } else if (os_strncmp(buf, "PMKSA_GET ", 10) == 0) { + reply_len = wpas_ctrl_iface_pmksa_get(wpa_s, buf + 10, + reply, reply_size); + } else if (os_strncmp(buf, "PMKSA_ADD ", 10) == 0) { + if (wpas_ctrl_iface_pmksa_add(wpa_s, buf + 10) < 0) + reply_len = -1; +#ifdef CONFIG_MESH + } else if (os_strncmp(buf, "MESH_PMKSA_GET ", 15) == 0) { + reply_len = wpas_ctrl_iface_mesh_pmksa_get(wpa_s, buf + 15, + reply, reply_size); + } else if (os_strncmp(buf, "MESH_PMKSA_ADD ", 15) == 0) { + if (wpas_ctrl_iface_mesh_pmksa_add(wpa_s, buf + 15) < 0) + reply_len = -1; +#endif /* CONFIG_MESH */ +#endif /* CONFIG_PMKSA_CACHE_EXTERNAL */ } else if (os_strncmp(buf, "SET ", 4) == 0) { if (wpa_supplicant_ctrl_iface_set(wpa_s, buf + 4)) reply_len = -1; @@ -8751,11 +9918,6 @@ char * wpa_supplicant_ctrl_iface_process(struct wpa_supplicant *wpa_s, if (wpa_supplicant_ctrl_iface_preauth(wpa_s, buf + 8)) reply_len = -1; #endif /* IEEE8021X_EAPOL */ -#ifdef CONFIG_PEERKEY - } else if (os_strncmp(buf, "STKSTART ", 9) == 0) { - if (wpa_supplicant_ctrl_iface_stkstart(wpa_s, buf + 9)) - reply_len = -1; -#endif /* CONFIG_PEERKEY */ #ifdef CONFIG_IEEE80211R } else if (os_strncmp(buf, "FT_DS ", 6) == 0) { if (wpa_supplicant_ctrl_iface_ft_ds(wpa_s, buf + 6)) @@ -9286,6 +10448,9 @@ char * wpa_supplicant_ctrl_iface_process(struct wpa_supplicant *wpa_s, } else if (os_strncmp(buf, "WNM_BSS_QUERY ", 14) == 0) { if (wpas_ctrl_iface_wnm_bss_query(wpa_s, buf + 14)) reply_len = -1; + } else if (os_strncmp(buf, "COLOC_INTF_REPORT ", 18) == 0) { + if (wpas_ctrl_iface_coloc_intf_report(wpa_s, buf + 18)) + reply_len = -1; #endif /* CONFIG_WNM */ } else if (os_strcmp(buf, "FLUSH") == 0) { wpa_supplicant_ctrl_iface_flush(wpa_s); @@ -9332,6 +10497,15 @@ char * wpa_supplicant_ctrl_iface_process(struct wpa_supplicant *wpa_s, } else if (os_strncmp(buf, "TEST_ASSOC_IE ", 14) == 0) { if (wpas_ctrl_test_assoc_ie(wpa_s, buf + 14) < 0) reply_len = -1; + } else if (os_strcmp(buf, "RESET_PN") == 0) { + if (wpas_ctrl_reset_pn(wpa_s) < 0) + reply_len = -1; + } else if (os_strncmp(buf, "KEY_REQUEST ", 12) == 0) { + if (wpas_ctrl_key_request(wpa_s, buf + 12) < 0) + reply_len = -1; + } else if (os_strcmp(buf, "RESEND_ASSOC") == 0) { + if (wpas_ctrl_resend_assoc(wpa_s) < 0) + reply_len = -1; #endif /* CONFIG_TESTING_OPTIONS */ } else if (os_strncmp(buf, "VENDOR_ELEM_ADD ", 16) == 0) { if (wpas_ctrl_vendor_elem_add(wpa_s, buf + 16) < 0) @@ -9353,6 +10527,97 @@ char * wpa_supplicant_ctrl_iface_process(struct wpa_supplicant *wpa_s, } else if (os_strncmp(buf, "GET_PREF_FREQ_LIST ", 19) == 0) { reply_len = wpas_ctrl_iface_get_pref_freq_list( wpa_s, buf + 19, reply, reply_size); +#ifdef CONFIG_FILS + } else if (os_strncmp(buf, "FILS_HLP_REQ_ADD ", 17) == 0) { + if (wpas_ctrl_iface_fils_hlp_req_add(wpa_s, buf + 17)) + reply_len = -1; + } else if (os_strcmp(buf, "FILS_HLP_REQ_FLUSH") == 0) { + wpas_flush_fils_hlp_req(wpa_s); +#endif /* CONFIG_FILS */ +#ifdef CONFIG_DPP + } else if (os_strncmp(buf, "DPP_QR_CODE ", 12) == 0) { + int res; + + res = wpas_dpp_qr_code(wpa_s, buf + 12); + if (res < 0) { + reply_len = -1; + } else { + reply_len = os_snprintf(reply, reply_size, "%d", res); + if (os_snprintf_error(reply_size, reply_len)) + reply_len = -1; + } + } else if (os_strncmp(buf, "DPP_BOOTSTRAP_GEN ", 18) == 0) { + int res; + + res = wpas_dpp_bootstrap_gen(wpa_s, buf + 18); + if (res < 0) { + reply_len = -1; + } else { + reply_len = os_snprintf(reply, reply_size, "%d", res); + if (os_snprintf_error(reply_size, reply_len)) + reply_len = -1; + } + } else if (os_strncmp(buf, "DPP_BOOTSTRAP_REMOVE ", 21) == 0) { + if (wpas_dpp_bootstrap_remove(wpa_s, buf + 21) < 0) + reply_len = -1; + } else if (os_strncmp(buf, "DPP_BOOTSTRAP_GET_URI ", 22) == 0) { + const char *uri; + + uri = wpas_dpp_bootstrap_get_uri(wpa_s, atoi(buf + 22)); + if (!uri) { + reply_len = -1; + } else { + reply_len = os_snprintf(reply, reply_size, "%s", uri); + if (os_snprintf_error(reply_size, reply_len)) + reply_len = -1; + } + } else if (os_strncmp(buf, "DPP_BOOTSTRAP_INFO ", 19) == 0) { + reply_len = wpas_dpp_bootstrap_info(wpa_s, atoi(buf + 19), + reply, reply_size); + } else if (os_strncmp(buf, "DPP_AUTH_INIT ", 14) == 0) { + if (wpas_dpp_auth_init(wpa_s, buf + 13) < 0) + reply_len = -1; + } else if (os_strncmp(buf, "DPP_LISTEN ", 11) == 0) { + if (wpas_dpp_listen(wpa_s, buf + 11) < 0) + reply_len = -1; + } else if (os_strcmp(buf, "DPP_STOP_LISTEN") == 0) { + wpas_dpp_stop(wpa_s); + wpas_dpp_listen_stop(wpa_s); + } else if (os_strncmp(buf, "DPP_CONFIGURATOR_ADD", 20) == 0) { + int res; + + res = wpas_dpp_configurator_add(wpa_s, buf + 20); + if (res < 0) { + reply_len = -1; + } else { + reply_len = os_snprintf(reply, reply_size, "%d", res); + if (os_snprintf_error(reply_size, reply_len)) + reply_len = -1; + } + } else if (os_strncmp(buf, "DPP_CONFIGURATOR_REMOVE ", 24) == 0) { + if (wpas_dpp_configurator_remove(wpa_s, buf + 24) < 0) + reply_len = -1; + } else if (os_strncmp(buf, "DPP_CONFIGURATOR_SIGN ", 22) == 0) { + if (wpas_dpp_configurator_sign(wpa_s, buf + 22) < 0) + reply_len = -1; + } else if (os_strncmp(buf, "DPP_CONFIGURATOR_GET_KEY ", 25) == 0) { + reply_len = wpas_dpp_configurator_get_key(wpa_s, atoi(buf + 25), + reply, reply_size); + } else if (os_strncmp(buf, "DPP_PKEX_ADD ", 13) == 0) { + int res; + + res = wpas_dpp_pkex_add(wpa_s, buf + 12); + if (res < 0) { + reply_len = -1; + } else { + reply_len = os_snprintf(reply, reply_size, "%d", res); + if (os_snprintf_error(reply_size, reply_len)) + reply_len = -1; + } + } else if (os_strncmp(buf, "DPP_PKEX_REMOVE ", 16) == 0) { + if (wpas_dpp_pkex_remove(wpa_s, buf + 16) < 0) + reply_len = -1; +#endif /* CONFIG_DPP */ } else { os_memcpy(reply, "UNKNOWN COMMAND\n", 16); reply_len = 16; @@ -9662,12 +10927,16 @@ static char * wpas_global_ctrl_iface_redir_p2p(struct wpa_global *global, "P2P_CANCEL", "P2P_PRESENCE_REQ", "P2P_EXT_LISTEN", +#ifdef CONFIG_AP + "STA-FIRST", +#endif /* CONFIG_AP */ NULL }; static const char * prefix[] = { #ifdef ANDROID "DRIVER ", #endif /* ANDROID */ + "GET_CAPABILITY ", "GET_NETWORK ", "REMOVE_NETWORK ", "P2P_FIND ", @@ -9699,6 +10968,10 @@ static char * wpas_global_ctrl_iface_redir_p2p(struct wpa_global *global, "NFC_REPORT_HANDOVER ", "P2P_ASP_PROVISION ", "P2P_ASP_PROVISION_RESP ", +#ifdef CONFIG_AP + "STA ", + "STA-NEXT ", +#endif /* CONFIG_AP */ NULL }; int found = 0; diff --git a/contrib/wpa/wpa_supplicant/ctrl_iface_named_pipe.c b/contrib/wpa/wpa_supplicant/ctrl_iface_named_pipe.c index 54e0e2fac583..9c0a47e63936 100644 --- a/contrib/wpa/wpa_supplicant/ctrl_iface_named_pipe.c +++ b/contrib/wpa/wpa_supplicant/ctrl_iface_named_pipe.c @@ -319,13 +319,12 @@ static void wpa_supplicant_ctrl_iface_rx(struct wpa_ctrl_dst *dst, size_t len) } os_free(dst->rsp_buf); - dst->rsp_buf = os_malloc(send_len); + dst->rsp_buf = os_memdup(send_buf, send_len); if (dst->rsp_buf == NULL) { ctrl_close_pipe(dst); os_free(reply); return; } - os_memcpy(dst->rsp_buf, send_buf, send_len); os_free(reply); if (!WriteFileEx(dst->pipe, dst->rsp_buf, send_len, &dst->overlap, @@ -739,13 +738,12 @@ static void wpa_supplicant_global_iface_rx(struct wpa_global_dst *dst, } os_free(dst->rsp_buf); - dst->rsp_buf = os_malloc(send_len); + dst->rsp_buf = os_memdup(send_buf, send_len); if (dst->rsp_buf == NULL) { global_close_pipe(dst); os_free(reply); return; } - os_memcpy(dst->rsp_buf, send_buf, send_len); os_free(reply); if (!WriteFileEx(dst->pipe, dst->rsp_buf, send_len, &dst->overlap, diff --git a/contrib/wpa/wpa_supplicant/ctrl_iface_udp.c b/contrib/wpa/wpa_supplicant/ctrl_iface_udp.c index 0dc0937ff0aa..8a6057a82bfe 100644 --- a/contrib/wpa/wpa_supplicant/ctrl_iface_udp.c +++ b/contrib/wpa/wpa_supplicant/ctrl_iface_udp.c @@ -219,7 +219,7 @@ static void wpa_supplicant_ctrl_iface_receive(int sock, void *eloop_ctx, { struct wpa_supplicant *wpa_s = eloop_ctx; struct ctrl_iface_priv *priv = sock_ctx; - char buf[256], *pos; + char buf[4096], *pos; int res; #ifdef CONFIG_CTRL_IFACE_UDP_IPV6 struct sockaddr_in6 from; @@ -600,7 +600,7 @@ static void wpa_supplicant_global_ctrl_iface_receive(int sock, void *eloop_ctx, { struct wpa_global *global = eloop_ctx; struct ctrl_iface_global_priv *priv = sock_ctx; - char buf[256], *pos; + char buf[4096], *pos; int res; #ifdef CONFIG_CTRL_IFACE_UDP_IPV6 struct sockaddr_in6 from; diff --git a/contrib/wpa/wpa_supplicant/ctrl_iface_unix.c b/contrib/wpa/wpa_supplicant/ctrl_iface_unix.c index 4db712fff7bb..b88c80a99551 100644 --- a/contrib/wpa/wpa_supplicant/ctrl_iface_unix.c +++ b/contrib/wpa/wpa_supplicant/ctrl_iface_unix.c @@ -103,7 +103,7 @@ static int wpa_supplicant_ctrl_iface_attach(struct dl_list *ctrl_dst, struct sockaddr_storage *from, socklen_t fromlen, int global) { - return ctrl_iface_attach(ctrl_dst, from, fromlen); + return ctrl_iface_attach(ctrl_dst, from, fromlen, NULL); } diff --git a/contrib/wpa/wpa_supplicant/dbus/dbus_new.c b/contrib/wpa/wpa_supplicant/dbus/dbus_new.c index 27b3012aede8..d4deb0fe35f0 100644 --- a/contrib/wpa/wpa_supplicant/dbus/dbus_new.c +++ b/contrib/wpa/wpa_supplicant/dbus/dbus_new.c @@ -793,6 +793,144 @@ nomem: #endif /* CONFIG_WPS */ + +#ifdef CONFIG_MESH + +void wpas_dbus_signal_mesh_group_started(struct wpa_supplicant *wpa_s, + struct wpa_ssid *ssid) +{ + struct wpas_dbus_priv *iface; + DBusMessage *msg; + DBusMessageIter iter, dict_iter; + + iface = wpa_s->global->dbus; + + /* Do nothing if the control interface is not turned on */ + if (!iface || !wpa_s->dbus_new_path) + return; + + msg = dbus_message_new_signal(wpa_s->dbus_new_path, + WPAS_DBUS_NEW_IFACE_MESH, + "MeshGroupStarted"); + if (!msg) + return; + + dbus_message_iter_init_append(msg, &iter); + if (!wpa_dbus_dict_open_write(&iter, &dict_iter) || + !wpa_dbus_dict_append_byte_array(&dict_iter, "SSID", + (const char *) ssid->ssid, + ssid->ssid_len) || + !wpa_dbus_dict_close_write(&iter, &dict_iter)) + wpa_printf(MSG_ERROR, "dbus: Failed to construct signal"); + else + dbus_connection_send(iface->con, msg, NULL); + dbus_message_unref(msg); +} + + +void wpas_dbus_signal_mesh_group_removed(struct wpa_supplicant *wpa_s, + const u8 *meshid, u8 meshid_len, + int reason) +{ + struct wpas_dbus_priv *iface; + DBusMessage *msg; + DBusMessageIter iter, dict_iter; + + iface = wpa_s->global->dbus; + + /* Do nothing if the control interface is not turned on */ + if (!iface || !wpa_s->dbus_new_path) + return; + + msg = dbus_message_new_signal(wpa_s->dbus_new_path, + WPAS_DBUS_NEW_IFACE_MESH, + "MeshGroupRemoved"); + if (!msg) + return; + + dbus_message_iter_init_append(msg, &iter); + if (!wpa_dbus_dict_open_write(&iter, &dict_iter) || + !wpa_dbus_dict_append_byte_array(&dict_iter, "SSID", + (const char *) meshid, + meshid_len) || + !wpa_dbus_dict_append_int32(&dict_iter, "DisconnectReason", + reason) || + !wpa_dbus_dict_close_write(&iter, &dict_iter)) + wpa_printf(MSG_ERROR, "dbus: Failed to construct signal"); + else + dbus_connection_send(iface->con, msg, NULL); + dbus_message_unref(msg); +} + + +void wpas_dbus_signal_mesh_peer_connected(struct wpa_supplicant *wpa_s, + const u8 *peer_addr) +{ + struct wpas_dbus_priv *iface; + DBusMessage *msg; + DBusMessageIter iter, dict_iter; + + iface = wpa_s->global->dbus; + + /* Do nothing if the control interface is not turned on */ + if (!iface || !wpa_s->dbus_new_path) + return; + + msg = dbus_message_new_signal(wpa_s->dbus_new_path, + WPAS_DBUS_NEW_IFACE_MESH, + "MeshPeerConnected"); + if (!msg) + return; + + dbus_message_iter_init_append(msg, &iter); + if (!wpa_dbus_dict_open_write(&iter, &dict_iter) || + !wpa_dbus_dict_append_byte_array(&dict_iter, "PeerAddress", + (const char *) peer_addr, + ETH_ALEN) || + !wpa_dbus_dict_close_write(&iter, &dict_iter)) + wpa_printf(MSG_ERROR, "dbus: Failed to construct signal"); + else + dbus_connection_send(iface->con, msg, NULL); + dbus_message_unref(msg); +} + + +void wpas_dbus_signal_mesh_peer_disconnected(struct wpa_supplicant *wpa_s, + const u8 *peer_addr, int reason) +{ + struct wpas_dbus_priv *iface; + DBusMessage *msg; + DBusMessageIter iter, dict_iter; + + iface = wpa_s->global->dbus; + + /* Do nothing if the control interface is not turned on */ + if (!iface || !wpa_s->dbus_new_path) + return; + + msg = dbus_message_new_signal(wpa_s->dbus_new_path, + WPAS_DBUS_NEW_IFACE_MESH, + "MeshPeerDisconnected"); + if (!msg) + return; + + dbus_message_iter_init_append(msg, &iter); + if (!wpa_dbus_dict_open_write(&iter, &dict_iter) || + !wpa_dbus_dict_append_byte_array(&dict_iter, "PeerAddress", + (const char *) peer_addr, + ETH_ALEN) || + !wpa_dbus_dict_append_int32(&dict_iter, "DisconnectReason", + reason) || + !wpa_dbus_dict_close_write(&iter, &dict_iter)) + wpa_printf(MSG_ERROR, "dbus: Failed to construct signal"); + else + dbus_connection_send(iface->con, msg, NULL); + dbus_message_unref(msg); +} + +#endif /* CONFIG_MESH */ + + void wpas_dbus_signal_certification(struct wpa_supplicant *wpa_s, int depth, const char *subject, const char *altsubject[], @@ -1256,9 +1394,12 @@ static void peer_groups_changed(struct wpa_supplicant *wpa_s) * @wpa_s: %wpa_supplicant network interface data * @client: this device is P2P client * @persistent: 0 - non persistent group, 1 - persistent group + * @ip: When group role is client, it contains local IP address, netmask, and + * GO's IP address, if assigned; otherwise, NULL */ void wpas_dbus_signal_p2p_group_started(struct wpa_supplicant *wpa_s, - int client, int persistent) + int client, int persistent, + const u8 *ip) { DBusMessage *msg; DBusMessageIter iter, dict_iter; @@ -1300,6 +1441,13 @@ void wpas_dbus_signal_p2p_group_started(struct wpa_supplicant *wpa_s, !wpa_dbus_dict_append_bool(&dict_iter, "persistent", persistent) || !wpa_dbus_dict_append_object_path(&dict_iter, "group_object", wpa_s->dbus_groupobj_path) || + (ip && + (!wpa_dbus_dict_append_byte_array(&dict_iter, "IpAddr", + (char *) ip, 4) || + !wpa_dbus_dict_append_byte_array(&dict_iter, "IpAddrMask", + (char *) ip + 4, 4) || + !wpa_dbus_dict_append_byte_array(&dict_iter, "IpAddrGo", + (char *) ip + 8, 4))) || !wpa_dbus_dict_close_write(&iter, &dict_iter)) { wpa_printf(MSG_ERROR, "dbus: Failed to construct signal"); } else { @@ -1879,6 +2027,9 @@ void wpas_dbus_signal_p2p_group_formation_failure(struct wpa_supplicant *wpa_s, if (iface == NULL) return; + if (wpa_s->p2p_mgmt) + wpa_s = wpa_s->parent; + msg = dbus_message_new_signal(wpa_s->dbus_new_path, WPAS_DBUS_NEW_IFACE_P2PDEVICE, "GroupFormationFailure"); @@ -1920,6 +2071,9 @@ void wpas_dbus_signal_p2p_invitation_received(struct wpa_supplicant *wpa_s, if (iface == NULL) return; + if (wpa_s->p2p_mgmt) + wpa_s = wpa_s->parent; + msg = dbus_message_new_signal(wpa_s->dbus_new_path, WPAS_DBUS_NEW_IFACE_P2PDEVICE, "InvitationReceived"); @@ -3071,6 +3225,20 @@ static const struct wpa_dbus_method_desc wpas_dbus_interface_methods[] = { END_ARGS } }, + { "TDLSChannelSwitch", WPAS_DBUS_NEW_IFACE_INTERFACE, + (WPADBusMethodHandler) wpas_dbus_handler_tdls_channel_switch, + { + { "args", "a{sv}", ARG_IN }, + END_ARGS + } + }, + { "TDLSCancelChannelSwitch", WPAS_DBUS_NEW_IFACE_INTERFACE, + (WPADBusMethodHandler) wpas_dbus_handler_tdls_cancel_channel_switch, + { + { "peer_address", "s", ARG_IN }, + END_ARGS + } + }, #endif /* CONFIG_TDLS */ { "VendorElemAdd", WPAS_DBUS_NEW_IFACE_INTERFACE, (WPADBusMethodHandler) wpas_dbus_handler_vendor_elem_add, @@ -3104,6 +3272,12 @@ static const struct wpa_dbus_method_desc wpas_dbus_interface_methods[] = { } }, #endif /* CONFIG_NO_CONFIG_WRITE */ + { "AbortScan", WPAS_DBUS_NEW_IFACE_INTERFACE, + (WPADBusMethodHandler) wpas_dbus_handler_abort_scan, + { + END_ARGS + } + }, { NULL, NULL, NULL, { END_ARGS } } }; @@ -3224,6 +3398,42 @@ static const struct wpa_dbus_property_desc wpas_dbus_interface_properties[] = { wpas_dbus_setter_config_methods, NULL }, + { + "DeviceName", WPAS_DBUS_NEW_IFACE_WPS, "s", + wpas_dbus_getter_wps_device_name, + wpas_dbus_setter_wps_device_name, + NULL + }, + { + "Manufacturer", WPAS_DBUS_NEW_IFACE_WPS, "s", + wpas_dbus_getter_wps_manufacturer, + wpas_dbus_setter_wps_manufacturer, + NULL + }, + { + "ModelName", WPAS_DBUS_NEW_IFACE_WPS, "s", + wpas_dbus_getter_wps_device_model_name, + wpas_dbus_setter_wps_device_model_name, + NULL + }, + { + "ModelNumber", WPAS_DBUS_NEW_IFACE_WPS, "s", + wpas_dbus_getter_wps_device_model_number, + wpas_dbus_setter_wps_device_model_number, + NULL + }, + { + "SerialNumber", WPAS_DBUS_NEW_IFACE_WPS, "s", + wpas_dbus_getter_wps_device_serial_number, + wpas_dbus_setter_wps_device_serial_number, + NULL + }, + { + "DeviceType", WPAS_DBUS_NEW_IFACE_WPS, "ay", + wpas_dbus_getter_wps_device_device_type, + wpas_dbus_setter_wps_device_device_type, + NULL + }, #endif /* CONFIG_WPS */ #ifdef CONFIG_P2P { "P2PDeviceConfig", WPAS_DBUS_NEW_IFACE_P2PDEVICE, "a{sv}", @@ -3267,6 +3477,18 @@ static const struct wpa_dbus_property_desc wpas_dbus_interface_properties[] = { NULL, NULL }, +#ifdef CONFIG_MESH + { "MeshPeers", WPAS_DBUS_NEW_IFACE_MESH, "aay", + wpas_dbus_getter_mesh_peers, + NULL, + NULL + }, + { "MeshGroup", WPAS_DBUS_NEW_IFACE_MESH, "ay", + wpas_dbus_getter_mesh_group, + NULL, + NULL + }, +#endif /* CONFIG_MESH */ { NULL, NULL, NULL, NULL, NULL, NULL } }; @@ -3544,6 +3766,32 @@ static const struct wpa_dbus_signal_desc wpas_dbus_interface_signals[] = { END_ARGS } }, +#ifdef CONFIG_MESH + { "MeshGroupStarted", WPAS_DBUS_NEW_IFACE_MESH, + { + { "args", "a{sv}", ARG_OUT }, + END_ARGS + } + }, + { "MeshGroupRemoved", WPAS_DBUS_NEW_IFACE_MESH, + { + { "args", "a{sv}", ARG_OUT }, + END_ARGS + } + }, + { "MeshPeerConnected", WPAS_DBUS_NEW_IFACE_MESH, + { + { "args", "a{sv}", ARG_OUT }, + END_ARGS + } + }, + { "MeshPeerDisconnected", WPAS_DBUS_NEW_IFACE_MESH, + { + { "args", "a{sv}", ARG_OUT }, + END_ARGS + } + }, +#endif /* CONFIG_MESH */ { NULL, NULL, { END_ARGS } } }; @@ -4012,7 +4260,13 @@ void wpas_dbus_signal_p2p_find_stopped(struct wpa_supplicant *wpa_s) iface = wpa_s->global->dbus; /* Do nothing if the control interface is not turned on */ - if (iface == NULL || !wpa_s->dbus_new_path) + if (iface == NULL) + return; + + if (wpa_s->p2p_mgmt) + wpa_s = wpa_s->parent; + + if (!wpa_s->dbus_new_path) return; msg = dbus_message_new_signal(wpa_s->dbus_new_path, diff --git a/contrib/wpa/wpa_supplicant/dbus/dbus_new.h b/contrib/wpa/wpa_supplicant/dbus/dbus_new.h index d64fceef718c..40ae133b225e 100644 --- a/contrib/wpa/wpa_supplicant/dbus/dbus_new.h +++ b/contrib/wpa/wpa_supplicant/dbus/dbus_new.h @@ -64,6 +64,8 @@ enum wpas_dbus_bss_prop { #define WPAS_DBUS_NEW_IFACE_P2PDEVICE \ WPAS_DBUS_NEW_IFACE_INTERFACE ".P2PDevice" +#define WPAS_DBUS_NEW_IFACE_MESH WPAS_DBUS_NEW_IFACE_INTERFACE ".Mesh" + /* * Groups correspond to P2P groups where this device is a GO (owner) */ @@ -190,7 +192,8 @@ void wpas_dbus_signal_p2p_go_neg_req(struct wpa_supplicant *wpa_s, const u8 *src, u16 dev_passwd_id, u8 go_intent); void wpas_dbus_signal_p2p_group_started(struct wpa_supplicant *wpa_s, - int client, int persistent); + int client, int persistent, + const u8 *ip); void wpas_dbus_signal_p2p_group_formation_failure(struct wpa_supplicant *wpa_s, const char *reason); void wpas_dbus_register_p2p_group(struct wpa_supplicant *wpa_s, @@ -237,6 +240,15 @@ void wpas_dbus_signal_p2p_invitation_received(struct wpa_supplicant *wpa_s, const u8 *sa, const u8 *dev_addr, const u8 *bssid, int id, int op_freq); +void wpas_dbus_signal_mesh_group_started(struct wpa_supplicant *wpa_s, + struct wpa_ssid *ssid); +void wpas_dbus_signal_mesh_group_removed(struct wpa_supplicant *wpa_s, + const u8 *meshid, u8 meshid_len, + int reason); +void wpas_dbus_signal_mesh_peer_connected(struct wpa_supplicant *wpa_s, + const u8 *peer_addr); +void wpas_dbus_signal_mesh_peer_disconnected(struct wpa_supplicant *wpa_s, + const u8 *peer_addr, int reason); #else /* CONFIG_CTRL_IFACE_DBUS_NEW */ @@ -400,7 +412,8 @@ static inline void wpas_dbus_signal_p2p_go_neg_req(struct wpa_supplicant *wpa_s, static inline void wpas_dbus_signal_p2p_group_started(struct wpa_supplicant *wpa_s, - int client, int persistent) + int client, int persistent, + const u8 *ip) { } @@ -551,6 +564,31 @@ void wpas_dbus_signal_p2p_invitation_received(struct wpa_supplicant *wpa_s, { } +static inline +void wpas_dbus_signal_mesh_group_started(struct wpa_supplicant *wpa_s, + struct wpa_ssid *ssid) +{ +} + +static inline +void wpas_dbus_signal_mesh_group_removed(struct wpa_supplicant *wpa_s, + const u8 *meshid, u8 meshid_len, + int reason) +{ +} + +static inline +void wpas_dbus_signal_mesh_peer_connected(struct wpa_supplicant *wpa_s, + const u8 *peer_addr) +{ +} + +static inline +void wpas_dbus_signal_mesh_peer_disconnected(struct wpa_supplicant *wpa_s, + const u8 *peer_addr, int reason) +{ +} + #endif /* CONFIG_CTRL_IFACE_DBUS_NEW */ #endif /* CTRL_IFACE_DBUS_H_NEW */ diff --git a/contrib/wpa/wpa_supplicant/dbus/dbus_new_handlers.c b/contrib/wpa/wpa_supplicant/dbus/dbus_new_handlers.c index e11dd36ca23c..94773b329133 100644 --- a/contrib/wpa/wpa_supplicant/dbus/dbus_new_handlers.c +++ b/contrib/wpa/wpa_supplicant/dbus/dbus_new_handlers.c @@ -28,6 +28,10 @@ #include "dbus_dict_helpers.h" #include "dbus_common_i.h" #include "drivers/driver.h" +#ifdef CONFIG_MESH +#include "ap/hostapd.h" +#include "ap/sta_info.h" +#endif /* CONFIG_MESH */ static const char * const debug_strings[] = { "excessive", "msgdump", "debug", "info", "warning", "error", NULL @@ -517,6 +521,27 @@ dbus_bool_t wpas_dbus_simple_array_array_property_getter(DBusMessageIter *iter, /** + * wpas_dbus_string_property_getter - Get string type property + * @iter: Message iter to use when appending arguments + * @val: Pointer to place holding property value, can be %NULL + * @error: On failure an error describing the failure + * Returns: TRUE if the request was successful, FALSE if it failed + * + * Generic getter for string type properties. %NULL is converted to an empty + * string. + */ +dbus_bool_t wpas_dbus_string_property_getter(DBusMessageIter *iter, + const void *val, + DBusError *error) +{ + if (!val) + val = ""; + return wpas_dbus_simple_property_getter(iter, DBUS_TYPE_STRING, + &val, error); +} + + +/** * wpas_dbus_handler_create_interface - Request registration of a network iface * @message: Pointer to incoming dbus message * @global: %wpa_supplicant global data structure @@ -955,8 +980,21 @@ dbus_bool_t wpas_dbus_getter_global_capabilities( const struct wpa_dbus_property_desc *property_desc, DBusMessageIter *iter, DBusError *error, void *user_data) { - const char *capabilities[5] = { NULL, NULL, NULL, NULL, NULL }; + const char *capabilities[10] = { NULL, NULL, NULL, NULL, NULL, NULL, + NULL, NULL, NULL, NULL }; size_t num_items = 0; +#ifdef CONFIG_FILS + struct wpa_global *global = user_data; + struct wpa_supplicant *wpa_s; + int fils_supported = 0, fils_sk_pfs_supported = 0; + + for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) { + if (wpa_is_fils_supported(wpa_s)) + fils_supported = 1; + if (wpa_is_fils_sk_pfs_supported(wpa_s)) + fils_sk_pfs_supported = 1; + } +#endif /* CONFIG_FILS */ #ifdef CONFIG_AP capabilities[num_items++] = "ap"; @@ -970,6 +1008,24 @@ dbus_bool_t wpas_dbus_getter_global_capabilities( #ifdef CONFIG_INTERWORKING capabilities[num_items++] = "interworking"; #endif /* CONFIG_INTERWORKING */ +#ifdef CONFIG_IEEE80211W + capabilities[num_items++] = "pmf"; +#endif /* CONFIG_IEEE80211W */ +#ifdef CONFIG_MESH + capabilities[num_items++] = "mesh"; +#endif /* CONFIG_MESH */ +#ifdef CONFIG_FILS + if (fils_supported) + capabilities[num_items++] = "fils"; + if (fils_sk_pfs_supported) + capabilities[num_items++] = "fils_sk_pfs"; +#endif /* CONFIG_FILS */ +#ifdef CONFIG_IEEE80211R + capabilities[num_items++] = "ft"; +#endif /* CONFIG_IEEE80211R */ +#ifdef CONFIG_SHA384 + capabilities[num_items++] = "sha384"; +#endif /* CONFIG_SHA384 */ return wpas_dbus_simple_array_property_getter(iter, DBUS_TYPE_STRING, @@ -1052,12 +1108,11 @@ static int wpas_dbus_get_scan_ssids(DBusMessage *message, DBusMessageIter *var, } if (len != 0) { - ssid = os_malloc(len); + ssid = os_memdup(val, len); if (ssid == NULL) { *reply = wpas_dbus_error_no_memory(message); return -1; } - os_memcpy(ssid, val, len); } else { /* Allow zero-length SSIDs */ ssid = NULL; @@ -1396,6 +1451,27 @@ out: } +/* + * wpas_dbus_handler_abort_scan - Request an ongoing scan to be aborted + * @message: Pointer to incoming dbus message + * @wpa_s: wpa_supplicant structure for a network interface + * Returns: Abort failed or no scan in progress DBus error message on failure + * or NULL otherwise. + * + * Handler function for "AbortScan" method call of network interface. + */ +DBusMessage * wpas_dbus_handler_abort_scan(DBusMessage *message, + struct wpa_supplicant *wpa_s) +{ + if (wpas_abort_ongoing_scan(wpa_s) < 0) + return dbus_message_new_error( + message, WPAS_DBUS_ERROR_IFACE_SCAN_ERROR, + "Abort failed or no scan in progress"); + + return NULL; +} + + /** * wpas_dbus_handler_signal_poll - Request immediate signal properties * @message: Pointer to incoming dbus message @@ -1903,13 +1979,12 @@ DBusMessage * wpas_dbus_handler_add_blob(DBusMessage *message, goto err; } - blob->data = os_malloc(blob_len); + blob->data = os_memdup(blob_data, blob_len); blob->name = os_strdup(blob_name); if (!blob->data || !blob->name) { reply = wpas_dbus_error_no_memory(message); goto err; } - os_memcpy(blob->data, blob_data, blob_len); blob->len = blob_len; wpa_config_set_blob(wpa_s->conf, blob); @@ -2270,6 +2345,156 @@ DBusMessage * wpas_dbus_handler_tdls_teardown(DBusMessage *message, return NULL; } +/* + * wpas_dbus_handler_tdls_channel_switch - Enable channel switching with TDLS peer + * @message: Pointer to incoming dbus message + * @wpa_s: wpa_supplicant structure for a network interface + * Returns: NULL indicating success or DBus error message on failure + * + * Handler function for "TDLSChannelSwitch" method call of network interface. + */ +DBusMessage * +wpas_dbus_handler_tdls_channel_switch(DBusMessage *message, + struct wpa_supplicant *wpa_s) +{ + DBusMessageIter iter, iter_dict; + struct wpa_dbus_dict_entry entry; + u8 peer[ETH_ALEN]; + struct hostapd_freq_params freq_params; + u8 oper_class = 0; + int ret; + int is_peer_present = 0; + + if (!wpa_tdls_is_external_setup(wpa_s->wpa)) { + wpa_printf(MSG_INFO, + "tdls_chanswitch: Only supported with external setup"); + return wpas_dbus_error_unknown_error(message, "TDLS is not using external setup"); + } + + os_memset(&freq_params, 0, sizeof(freq_params)); + + dbus_message_iter_init(message, &iter); + + if (!wpa_dbus_dict_open_read(&iter, &iter_dict, NULL)) + return wpas_dbus_error_invalid_args(message, NULL); + + while (wpa_dbus_dict_has_dict_entry(&iter_dict)) { + if (!wpa_dbus_dict_get_entry(&iter_dict, &entry)) + return wpas_dbus_error_invalid_args(message, NULL); + + if (os_strcmp(entry.key, "PeerAddress") == 0 && + entry.type == DBUS_TYPE_STRING) { + if (hwaddr_aton(entry.str_value, peer)) { + wpa_printf(MSG_DEBUG, + "tdls_chanswitch: Invalid address '%s'", + entry.str_value); + wpa_dbus_dict_entry_clear(&entry); + return wpas_dbus_error_invalid_args(message, + NULL); + } + + is_peer_present = 1; + } else if (os_strcmp(entry.key, "OperClass") == 0 && + entry.type == DBUS_TYPE_BYTE) { + oper_class = entry.byte_value; + } else if (os_strcmp(entry.key, "Frequency") == 0 && + entry.type == DBUS_TYPE_UINT32) { + freq_params.freq = entry.uint32_value; + } else if (os_strcmp(entry.key, "SecChannelOffset") == 0 && + entry.type == DBUS_TYPE_UINT32) { + freq_params.sec_channel_offset = entry.uint32_value; + } else if (os_strcmp(entry.key, "CenterFrequency1") == 0 && + entry.type == DBUS_TYPE_UINT32) { + freq_params.center_freq1 = entry.uint32_value; + } else if (os_strcmp(entry.key, "CenterFrequency2") == 0 && + entry.type == DBUS_TYPE_UINT32) { + freq_params.center_freq2 = entry.uint32_value; + } else if (os_strcmp(entry.key, "Bandwidth") == 0 && + entry.type == DBUS_TYPE_UINT32) { + freq_params.bandwidth = entry.uint32_value; + } else if (os_strcmp(entry.key, "HT") == 0 && + entry.type == DBUS_TYPE_BOOLEAN) { + freq_params.ht_enabled = entry.bool_value; + } else if (os_strcmp(entry.key, "VHT") == 0 && + entry.type == DBUS_TYPE_BOOLEAN) { + freq_params.vht_enabled = entry.bool_value; + } else { + wpa_dbus_dict_entry_clear(&entry); + return wpas_dbus_error_invalid_args(message, NULL); + } + + wpa_dbus_dict_entry_clear(&entry); + } + + if (oper_class == 0) { + wpa_printf(MSG_INFO, + "tdls_chanswitch: Invalid op class provided"); + return wpas_dbus_error_invalid_args( + message, "Invalid op class provided"); + } + + if (freq_params.freq == 0) { + wpa_printf(MSG_INFO, + "tdls_chanswitch: Invalid freq provided"); + return wpas_dbus_error_invalid_args(message, + "Invalid freq provided"); + } + + if (is_peer_present == 0) { + wpa_printf(MSG_DEBUG, + "tdls_chanswitch: peer address not provided"); + return wpas_dbus_error_invalid_args( + message, "peer address not provided"); + } + + wpa_printf(MSG_DEBUG, "dbus: TDLS_CHAN_SWITCH " MACSTR + " OP CLASS %d FREQ %d CENTER1 %d CENTER2 %d BW %d SEC_OFFSET %d%s%s", + MAC2STR(peer), oper_class, freq_params.freq, + freq_params.center_freq1, freq_params.center_freq2, + freq_params.bandwidth, freq_params.sec_channel_offset, + freq_params.ht_enabled ? " HT" : "", + freq_params.vht_enabled ? " VHT" : ""); + + ret = wpa_tdls_enable_chan_switch(wpa_s->wpa, peer, oper_class, + &freq_params); + if (ret) + return wpas_dbus_error_unknown_error( + message, "error processing TDLS channel switch"); + + return NULL; +} + +/* + * wpas_dbus_handler_tdls_cancel_channel_switch - Disable channel switching with TDLS peer + * @message: Pointer to incoming dbus message + * @wpa_s: wpa_supplicant structure for a network interface + * Returns: NULL indicating success or DBus error message on failure + * + * Handler function for "TDLSCancelChannelSwitch" method call of network + * interface. + */ +DBusMessage * +wpas_dbus_handler_tdls_cancel_channel_switch(DBusMessage *message, + struct wpa_supplicant *wpa_s) +{ + u8 peer[ETH_ALEN]; + DBusMessage *error_reply; + int ret; + + if (get_peer_hwaddr_helper(message, __func__, peer, &error_reply) < 0) + return error_reply; + + wpa_printf(MSG_DEBUG, "dbus: TDLS_CANCEL_CHAN_SWITCH " MACSTR, + MAC2STR(peer)); + + ret = wpa_tdls_disable_chan_switch(wpa_s->wpa, peer); + if (ret) + return wpas_dbus_error_unknown_error( + message, "error canceling TDLS channel switch"); + + return NULL; +} + #endif /* CONFIG_TDLS */ @@ -2468,6 +2693,28 @@ dbus_bool_t wpas_dbus_getter_capabilities( goto nomem; } + if (!wpa_dbus_dict_begin_string_array(&iter_dict, "GroupMgmt", + &iter_dict_entry, + &iter_dict_val, + &iter_array) || + (res == 0 && (capa.enc & WPA_DRIVER_CAPA_ENC_BIP) && + !wpa_dbus_dict_string_array_add_element( + &iter_array, "aes-128-cmac")) || + (res == 0 && (capa.enc & WPA_DRIVER_CAPA_ENC_BIP_GMAC_128) && + !wpa_dbus_dict_string_array_add_element( + &iter_array, "bip-gmac-128")) || + (res == 0 && (capa.enc & WPA_DRIVER_CAPA_ENC_BIP_GMAC_256) && + !wpa_dbus_dict_string_array_add_element( + &iter_array, "bip-gmac-256")) || + (res == 0 && (capa.enc & WPA_DRIVER_CAPA_ENC_BIP_CMAC_256) && + !wpa_dbus_dict_string_array_add_element( + &iter_array, "bip-cmac-256")) || + !wpa_dbus_dict_end_string_array(&iter_dict, + &iter_dict_entry, + &iter_dict_val, + &iter_array)) + goto nomem; + /***** key management */ if (res < 0) { const char *args[] = { @@ -2627,6 +2874,11 @@ dbus_bool_t wpas_dbus_getter_capabilities( !wpa_s->conf->p2p_disabled && !wpa_dbus_dict_string_array_add_element( &iter_array, "p2p")) || +#ifdef CONFIG_MESH + (res >= 0 && (capa.flags & WPA_DRIVER_FLAGS_MESH) && + !wpa_dbus_dict_string_array_add_element( + &iter_array, "mesh")) || +#endif /* CONFIG_MESH */ !wpa_dbus_dict_end_string_array(&iter_dict, &iter_dict_entry, &iter_dict_val, @@ -3086,10 +3338,8 @@ dbus_bool_t wpas_dbus_getter_ifname( DBusMessageIter *iter, DBusError *error, void *user_data) { struct wpa_supplicant *wpa_s = user_data; - const char *ifname = wpa_s->ifname; - return wpas_dbus_simple_property_getter(iter, DBUS_TYPE_STRING, - &ifname, error); + return wpas_dbus_string_property_getter(iter, wpa_s->ifname, error); } @@ -3107,7 +3357,6 @@ dbus_bool_t wpas_dbus_getter_driver( DBusMessageIter *iter, DBusError *error, void *user_data) { struct wpa_supplicant *wpa_s = user_data; - const char *driver; if (wpa_s->driver == NULL || wpa_s->driver->name == NULL) { wpa_printf(MSG_DEBUG, "%s[dbus]: wpa_s has no driver set", @@ -3117,9 +3366,8 @@ dbus_bool_t wpas_dbus_getter_driver( return FALSE; } - driver = wpa_s->driver->name; - return wpas_dbus_simple_property_getter(iter, DBUS_TYPE_STRING, - &driver, error); + return wpas_dbus_string_property_getter(iter, wpa_s->driver->name, + error); } @@ -3232,10 +3480,9 @@ dbus_bool_t wpas_dbus_getter_bridge_ifname( DBusMessageIter *iter, DBusError *error, void *user_data) { struct wpa_supplicant *wpa_s = user_data; - const char *bridge_ifname = wpa_s->bridge_ifname; - return wpas_dbus_simple_property_getter(iter, DBUS_TYPE_STRING, - &bridge_ifname, error); + return wpas_dbus_string_property_getter(iter, wpa_s->bridge_ifname, + error); } @@ -3253,13 +3500,8 @@ dbus_bool_t wpas_dbus_getter_config_file( DBusMessageIter *iter, DBusError *error, void *user_data) { struct wpa_supplicant *wpa_s = user_data; - char *confname = ""; - if (wpa_s->confname) - confname = wpa_s->confname; - - return wpas_dbus_simple_property_getter(iter, DBUS_TYPE_STRING, - &confname, error); + return wpas_dbus_string_property_getter(iter, wpa_s->confname, error); } @@ -3399,14 +3641,10 @@ dbus_bool_t wpas_dbus_getter_pkcs11_engine_path( DBusMessageIter *iter, DBusError *error, void *user_data) { struct wpa_supplicant *wpa_s = user_data; - const char *pkcs11_engine_path; - if (wpa_s->conf->pkcs11_engine_path == NULL) - pkcs11_engine_path = ""; - else - pkcs11_engine_path = wpa_s->conf->pkcs11_engine_path; - return wpas_dbus_simple_property_getter(iter, DBUS_TYPE_STRING, - &pkcs11_engine_path, error); + return wpas_dbus_string_property_getter(iter, + wpa_s->conf->pkcs11_engine_path, + error); } @@ -3424,14 +3662,10 @@ dbus_bool_t wpas_dbus_getter_pkcs11_module_path( DBusMessageIter *iter, DBusError *error, void *user_data) { struct wpa_supplicant *wpa_s = user_data; - const char *pkcs11_module_path; - if (wpa_s->conf->pkcs11_module_path == NULL) - pkcs11_module_path = ""; - else - pkcs11_module_path = wpa_s->conf->pkcs11_module_path; - return wpas_dbus_simple_property_getter(iter, DBUS_TYPE_STRING, - &pkcs11_module_path, error); + return wpas_dbus_string_property_getter(iter, + wpa_s->conf->pkcs11_module_path, + error); } @@ -3683,6 +3917,7 @@ dbus_bool_t wpas_dbus_getter_bss_mode( struct bss_handler_args *args = user_data; struct wpa_bss *res; const char *mode; + const u8 *mesh; res = get_bss_helper(args, error, __func__); if (!res) @@ -3696,9 +3931,15 @@ dbus_bool_t wpas_dbus_getter_bss_mode( case IEEE80211_CAP_DMG_AP: mode = "infrastructure"; break; + default: + mode = ""; + break; } } else { - if (res->caps & IEEE80211_CAP_IBSS) + mesh = wpa_bss_get_ie(res, WLAN_EID_MESH_ID); + if (mesh) + mode = "mesh"; + else if (res->caps & IEEE80211_CAP_IBSS) mode = "ad-hoc"; else mode = "infrastructure"; @@ -3826,7 +4067,7 @@ static dbus_bool_t wpas_dbus_get_bss_security_prop( DBusMessageIter iter_dict, variant_iter; const char *group; const char *pairwise[5]; /* max 5 pairwise ciphers is supported */ - const char *key_mgmt[9]; /* max 9 key managements may be supported */ + const char *key_mgmt[13]; /* max 13 key managements may be supported */ int n; if (!dbus_message_iter_open_container(iter, DBUS_TYPE_VARIANT, @@ -3858,6 +4099,16 @@ static dbus_bool_t wpas_dbus_get_bss_security_prop( if (ie_data->key_mgmt & WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) key_mgmt[n++] = "wpa-eap-suite-b-192"; #endif /* CONFIG_SUITEB192 */ +#ifdef CONFIG_FILS + if (ie_data->key_mgmt & WPA_KEY_MGMT_FILS_SHA256) + key_mgmt[n++] = "wpa-fils-sha256"; + if (ie_data->key_mgmt & WPA_KEY_MGMT_FILS_SHA384) + key_mgmt[n++] = "wpa-fils-sha384"; + if (ie_data->key_mgmt & WPA_KEY_MGMT_FT_FILS_SHA256) + key_mgmt[n++] = "wpa-ft-fils-sha256"; + if (ie_data->key_mgmt & WPA_KEY_MGMT_FT_FILS_SHA384) + key_mgmt[n++] = "wpa-ft-fils-sha384"; +#endif /* CONFIG_FILS */ if (ie_data->key_mgmt & WPA_KEY_MGMT_NONE) key_mgmt[n++] = "wpa-none"; @@ -4534,3 +4785,100 @@ DBusMessage * wpas_dbus_handler_vendor_elem_remove(DBusMessage *message, return dbus_message_new_error(message, DBUS_ERROR_INVALID_ARGS, "Not found"); } + + +#ifdef CONFIG_MESH + +/** + * wpas_dbus_getter_mesh_peers - Get connected mesh peers + * @iter: Pointer to incoming dbus message iter + * @error: Location to store error on failure + * @user_data: Function specific data + * Returns: TRUE on success, FALSE on failure + * + * Getter for "MeshPeers" property. + */ +dbus_bool_t wpas_dbus_getter_mesh_peers( + const struct wpa_dbus_property_desc *property_desc, + DBusMessageIter *iter, DBusError *error, void *user_data) +{ + struct wpa_supplicant *wpa_s = user_data; + struct hostapd_data *hapd; + struct sta_info *sta; + DBusMessageIter variant_iter, array_iter; + int i; + DBusMessageIter inner_array_iter; + + if (!wpa_s->ifmsh) + return FALSE; + hapd = wpa_s->ifmsh->bss[0]; + + if (!dbus_message_iter_open_container(iter, DBUS_TYPE_VARIANT, + DBUS_TYPE_ARRAY_AS_STRING + DBUS_TYPE_ARRAY_AS_STRING + DBUS_TYPE_BYTE_AS_STRING, + &variant_iter) || + !dbus_message_iter_open_container(&variant_iter, DBUS_TYPE_ARRAY, + DBUS_TYPE_ARRAY_AS_STRING + DBUS_TYPE_BYTE_AS_STRING, + &array_iter)) + return FALSE; + + for (sta = hapd->sta_list; sta; sta = sta->next) { + if (!dbus_message_iter_open_container( + &array_iter, DBUS_TYPE_ARRAY, + DBUS_TYPE_BYTE_AS_STRING, + &inner_array_iter)) + return FALSE; + + for (i = 0; i < ETH_ALEN; i++) { + if (!dbus_message_iter_append_basic(&inner_array_iter, + DBUS_TYPE_BYTE, + &(sta->addr[i]))) + return FALSE; + } + + if (!dbus_message_iter_close_container( + &array_iter, &inner_array_iter)) + return FALSE; + } + + if (!dbus_message_iter_close_container(&variant_iter, &array_iter) || + !dbus_message_iter_close_container(iter, &variant_iter)) + return FALSE; + + return TRUE; +} + + +/** + * wpas_dbus_getter_mesh_group - Get mesh group + * @iter: Pointer to incoming dbus message iter + * @error: Location to store error on failure + * @user_data: Function specific data + * Returns: TRUE on success, FALSE on failure + * + * Getter for "MeshGroup" property. + */ +dbus_bool_t wpas_dbus_getter_mesh_group( + const struct wpa_dbus_property_desc *property_desc, + DBusMessageIter *iter, DBusError *error, void *user_data) +{ + struct wpa_supplicant *wpa_s = user_data; + struct wpa_ssid *ssid = wpa_s->current_ssid; + + if (!wpa_s->ifmsh || !ssid) + return FALSE; + + if (!wpas_dbus_simple_array_property_getter(iter, DBUS_TYPE_BYTE, + (char *) ssid->ssid, + ssid->ssid_len, error)) { + dbus_set_error(error, DBUS_ERROR_FAILED, + "%s: error constructing reply", __func__); + return FALSE; + } + + return TRUE; +} + +#endif /* CONFIG_MESH */ diff --git a/contrib/wpa/wpa_supplicant/dbus/dbus_new_handlers.h b/contrib/wpa/wpa_supplicant/dbus/dbus_new_handlers.h index 1d6235d6f3e4..6f952cc39091 100644 --- a/contrib/wpa/wpa_supplicant/dbus/dbus_new_handlers.h +++ b/contrib/wpa/wpa_supplicant/dbus/dbus_new_handlers.h @@ -43,6 +43,10 @@ dbus_bool_t wpas_dbus_simple_array_array_property_getter(DBusMessageIter *iter, size_t array_len, DBusError *error); +dbus_bool_t wpas_dbus_string_property_getter(DBusMessageIter *iter, + const void *val, + DBusError *error); + DBusMessage * wpas_dbus_handler_create_interface(DBusMessage *message, struct wpa_global *global); @@ -70,6 +74,9 @@ DECLARE_ACCESSOR(wpas_dbus_setter_iface_global); DBusMessage * wpas_dbus_handler_scan(DBusMessage *message, struct wpa_supplicant *wpa_s); +DBusMessage * wpas_dbus_handler_abort_scan(DBusMessage *message, + struct wpa_supplicant *wpa_s); + DBusMessage * wpas_dbus_handler_signal_poll(DBusMessage *message, struct wpa_supplicant *wpa_s); @@ -186,6 +193,21 @@ DECLARE_ACCESSOR(wpas_dbus_getter_process_credentials); DECLARE_ACCESSOR(wpas_dbus_setter_process_credentials); DECLARE_ACCESSOR(wpas_dbus_getter_config_methods); DECLARE_ACCESSOR(wpas_dbus_setter_config_methods); +DECLARE_ACCESSOR(wpas_dbus_getter_wps_device_name); +DECLARE_ACCESSOR(wpas_dbus_setter_wps_device_name); +DECLARE_ACCESSOR(wpas_dbus_getter_wps_manufacturer); +DECLARE_ACCESSOR(wpas_dbus_setter_wps_manufacturer); +DECLARE_ACCESSOR(wpas_dbus_getter_wps_device_model_name); +DECLARE_ACCESSOR(wpas_dbus_setter_wps_device_model_name); +DECLARE_ACCESSOR(wpas_dbus_getter_wps_device_model_number); +DECLARE_ACCESSOR(wpas_dbus_setter_wps_device_model_number); +DECLARE_ACCESSOR(wpas_dbus_getter_wps_device_serial_number); +DECLARE_ACCESSOR(wpas_dbus_setter_wps_device_serial_number); +DECLARE_ACCESSOR(wpas_dbus_getter_wps_device_device_type); +DECLARE_ACCESSOR(wpas_dbus_setter_wps_device_device_type); + +DECLARE_ACCESSOR(wpas_dbus_getter_mesh_peers); +DECLARE_ACCESSOR(wpas_dbus_getter_mesh_group); DBusMessage * wpas_dbus_handler_tdls_discover(DBusMessage *message, struct wpa_supplicant *wpa_s); @@ -195,6 +217,12 @@ DBusMessage * wpas_dbus_handler_tdls_status(DBusMessage *message, struct wpa_supplicant *wpa_s); DBusMessage * wpas_dbus_handler_tdls_teardown(DBusMessage *message, struct wpa_supplicant *wpa_s); +DBusMessage * +wpas_dbus_handler_tdls_channel_switch(DBusMessage *message, + struct wpa_supplicant *wpa_s); +DBusMessage * +wpas_dbus_handler_tdls_cancel_channel_switch(DBusMessage *message, + struct wpa_supplicant *wpa_s); DBusMessage * wpas_dbus_handler_vendor_elem_add(DBusMessage *message, struct wpa_supplicant *wpa_s); diff --git a/contrib/wpa/wpa_supplicant/dbus/dbus_new_handlers_p2p.c b/contrib/wpa/wpa_supplicant/dbus/dbus_new_handlers_p2p.c index 73b9e20c20b0..9305b9a4f37d 100644 --- a/contrib/wpa/wpa_supplicant/dbus/dbus_new_handlers_p2p.c +++ b/contrib/wpa/wpa_supplicant/dbus/dbus_new_handlers_p2p.c @@ -28,6 +28,18 @@ #include "../p2p_supplicant.h" #include "../wifi_display.h" + +static int wpas_dbus_validate_dbus_ipaddr(struct wpa_dbus_dict_entry entry) +{ + if (entry.type != DBUS_TYPE_ARRAY || + entry.array_type != DBUS_TYPE_BYTE || + entry.array_len != 4) + return 0; + + return 1; +} + + /** * Parses out the mac address from the peer object path. * @peer_path - object path of the form @@ -78,6 +90,7 @@ DBusMessage * wpas_dbus_handler_p2p_find(DBusMessage *message, int num_req_dev_types = 0; unsigned int i; u8 *req_dev_types = NULL; + unsigned int freq = 0; dbus_message_iter_init(message, &iter); entry.key = NULL; @@ -122,6 +135,10 @@ DBusMessage * wpas_dbus_handler_p2p_find(DBusMessage *message, type = P2P_FIND_PROGRESSIVE; else goto error_clear; + } else if (os_strcmp(entry.key, "freq") == 0 && + (entry.type == DBUS_TYPE_INT32 || + entry.type == DBUS_TYPE_UINT32)) { + freq = entry.uint32_value; } else goto error_clear; wpa_dbus_dict_entry_clear(&entry); @@ -129,8 +146,11 @@ DBusMessage * wpas_dbus_handler_p2p_find(DBusMessage *message, wpa_s = wpa_s->global->p2p_init_wpa_s; - wpas_p2p_find(wpa_s, timeout, type, num_req_dev_types, req_dev_types, - NULL, 0, 0, NULL, 0); + if (wpas_p2p_find(wpa_s, timeout, type, num_req_dev_types, + req_dev_types, NULL, 0, 0, NULL, freq)) + reply = wpas_dbus_error_unknown_error( + message, "Could not start P2P find"); + os_free(req_dev_types); return reply; @@ -867,6 +887,35 @@ dbus_bool_t wpas_dbus_getter_p2p_device_config( goto err_no_mem; } + /* GO IP address */ + if (WPA_GET_BE32(wpa_s->conf->ip_addr_go) && + !wpa_dbus_dict_append_byte_array(&dict_iter, "IpAddrGo", + (char *) wpa_s->conf->ip_addr_go, + 4)) + goto err_no_mem; + + /* IP address mask */ + if (WPA_GET_BE32(wpa_s->conf->ip_addr_mask) && + !wpa_dbus_dict_append_byte_array(&dict_iter, "IpAddrMask", + (char *) wpa_s->conf->ip_addr_mask, + 4)) + goto err_no_mem; + + /* IP address start */ + if (WPA_GET_BE32(wpa_s->conf->ip_addr_start) && + !wpa_dbus_dict_append_byte_array(&dict_iter, "IpAddrStart", + (char *) + wpa_s->conf->ip_addr_start, + 4)) + goto err_no_mem; + + /* IP address end */ + if (WPA_GET_BE32(wpa_s->conf->ip_addr_end) && + !wpa_dbus_dict_append_byte_array(&dict_iter, "IpAddrEnd", + (char *) wpa_s->conf->ip_addr_end, + 4)) + goto err_no_mem; + /* Vendor Extensions */ for (i = 0; i < P2P_MAX_WPS_VENDOR_EXT; i++) { if (wpa_s->conf->wps_vendor_ext[i] == NULL) @@ -1051,6 +1100,26 @@ dbus_bool_t wpas_dbus_setter_p2p_device_config( wpa_s->conf->p2p_intra_bss = entry.bool_value; wpa_s->conf->changed_parameters |= CFG_CHANGED_P2P_INTRA_BSS; + } else if (os_strcmp(entry.key, "IpAddrGo") == 0) { + if (!wpas_dbus_validate_dbus_ipaddr(entry)) + goto error; + os_memcpy(wpa_s->conf->ip_addr_go, + entry.bytearray_value, 4); + } else if (os_strcmp(entry.key, "IpAddrMask") == 0) { + if (!wpas_dbus_validate_dbus_ipaddr(entry)) + goto error; + os_memcpy(wpa_s->conf->ip_addr_mask, + entry.bytearray_value, 4); + } else if (os_strcmp(entry.key, "IpAddrStart") == 0) { + if (!wpas_dbus_validate_dbus_ipaddr(entry)) + goto error; + os_memcpy(wpa_s->conf->ip_addr_start, + entry.bytearray_value, 4); + } else if (os_strcmp(entry.key, "IpAddrEnd") == 0) { + if (!wpas_dbus_validate_dbus_ipaddr(entry)) + goto error; + os_memcpy(wpa_s->conf->ip_addr_end, + entry.bytearray_value, 4); } else if (os_strcmp(entry.key, "GroupIdle") == 0 && entry.type == DBUS_TYPE_UINT32) wpa_s->conf->p2p_group_idle = entry.uint32_value; @@ -2286,19 +2355,12 @@ dbus_bool_t wpas_dbus_getter_p2p_group_passphrase( DBusMessageIter *iter, DBusError *error, void *user_data) { struct wpa_supplicant *wpa_s = user_data; - char *p_pass; struct wpa_ssid *ssid = wpa_s->current_ssid; if (ssid == NULL) return FALSE; - p_pass = ssid->passphrase; - if (!p_pass) - p_pass = ""; - - return wpas_dbus_simple_property_getter(iter, DBUS_TYPE_STRING, - &p_pass, error); - + return wpas_dbus_string_property_getter(iter, ssid->passphrase, error); } diff --git a/contrib/wpa/wpa_supplicant/dbus/dbus_new_handlers_wps.c b/contrib/wpa/wpa_supplicant/dbus/dbus_new_handlers_wps.c index f16e2290c7ed..f762b3f2ef5c 100644 --- a/contrib/wpa/wpa_supplicant/dbus/dbus_new_handlers_wps.c +++ b/contrib/wpa/wpa_supplicant/dbus/dbus_new_handlers_wps.c @@ -412,12 +412,10 @@ dbus_bool_t wpas_dbus_getter_config_methods( DBusMessageIter *iter, DBusError *error, void *user_data) { struct wpa_supplicant *wpa_s = user_data; - char *methods = wpa_s->conf->config_methods; - if (methods == NULL) - methods = ""; - return wpas_dbus_simple_property_getter(iter, DBUS_TYPE_STRING, - &methods, error); + return wpas_dbus_string_property_getter(iter, + wpa_s->conf->config_methods, + error); } @@ -454,3 +452,349 @@ dbus_bool_t wpas_dbus_setter_config_methods( return TRUE; } + + +/** + * wpas_dbus_getter_wps_device_name - Get current WPS device name + * @iter: Pointer to incoming dbus message iter + * @error: Location to store error on failure + * @user_data: Function specific data + * Returns: TRUE on success, FALSE on failure + * + * Getter for "DeviceName" property. + */ +dbus_bool_t wpas_dbus_getter_wps_device_name( + const struct wpa_dbus_property_desc *property_desc, + DBusMessageIter *iter, DBusError *error, void *user_data) +{ + struct wpa_supplicant *wpa_s = user_data; + + return wpas_dbus_string_property_getter(iter, wpa_s->conf->device_name, + error); +} + + +/** + * wpas_dbus_setter_wps_device_name - Set current WPS device name + * @iter: Pointer to incoming dbus message iter + * @error: Location to store error on failure + * @user_data: Function specific data + * Returns: TRUE on success, FALSE on failure + * + * Setter for "DeviceName" property. + */ +dbus_bool_t wpas_dbus_setter_wps_device_name( + const struct wpa_dbus_property_desc *property_desc, + DBusMessageIter *iter, DBusError *error, void *user_data) +{ + struct wpa_supplicant *wpa_s = user_data; + char *methods, *devname; + + if (!wpas_dbus_simple_property_setter(iter, error, DBUS_TYPE_STRING, + &methods)) + return FALSE; + + if (os_strlen(methods) > WPS_DEV_NAME_MAX_LEN) + return FALSE; + + devname = os_strdup(methods); + if (!devname) + return FALSE; + + os_free(wpa_s->conf->device_name); + wpa_s->conf->device_name = devname; + wpa_s->conf->changed_parameters |= CFG_CHANGED_DEVICE_NAME; + wpa_supplicant_update_config(wpa_s); + + return TRUE; +} + + +/** + * wpas_dbus_getter_wps_manufacturer - Get current manufacturer name + * @iter: Pointer to incoming dbus message iter + * @error: Location to store error on failure + * @user_data: Function specific data + * Returns: TRUE on success, FALSE on failure + * + * Getter for "Manufacturer" property. + */ +dbus_bool_t wpas_dbus_getter_wps_manufacturer( + const struct wpa_dbus_property_desc *property_desc, + DBusMessageIter *iter, DBusError *error, void *user_data) +{ + struct wpa_supplicant *wpa_s = user_data; + + return wpas_dbus_string_property_getter(iter, wpa_s->conf->manufacturer, + error); +} + + +/** + * wpas_dbus_setter_wps_manufacturer - Set current manufacturer name + * @iter: Pointer to incoming dbus message iter + * @error: Location to store error on failure + * @user_data: Function specific data + * Returns: TRUE on success, FALSE on failure + * + * Setter for "Manufacturer" property. + */ +dbus_bool_t wpas_dbus_setter_wps_manufacturer( + const struct wpa_dbus_property_desc *property_desc, + DBusMessageIter *iter, DBusError *error, void *user_data) +{ + struct wpa_supplicant *wpa_s = user_data; + char *methods, *manufacturer; + + if (!wpas_dbus_simple_property_setter(iter, error, DBUS_TYPE_STRING, + &methods)) + return FALSE; + + if (os_strlen(methods) > WPS_MANUFACTURER_MAX_LEN) + return FALSE; + + manufacturer = os_strdup(methods); + if (!manufacturer) + return FALSE; + + os_free(wpa_s->conf->manufacturer); + wpa_s->conf->manufacturer = manufacturer; + wpa_s->conf->changed_parameters |= CFG_CHANGED_WPS_STRING; + wpa_supplicant_update_config(wpa_s); + + return TRUE; +} + + +/** + * wpas_dbus_getter_wps_device_model_name - Get current device model name + * @iter: Pointer to incoming dbus message iter + * @error: Location to store error on failure + * @user_data: Function specific data + * Returns: TRUE on success, FALSE on failure + * + * Getter for "ModelName" property. + */ +dbus_bool_t wpas_dbus_getter_wps_device_model_name( + const struct wpa_dbus_property_desc *property_desc, + DBusMessageIter *iter, DBusError *error, void *user_data) +{ + struct wpa_supplicant *wpa_s = user_data; + + return wpas_dbus_string_property_getter(iter, wpa_s->conf->model_name, + error); +} + + +/** + * wpas_dbus_setter_wps_device_model_name - Set current device model name + * @iter: Pointer to incoming dbus message iter + * @error: Location to store error on failure + * @user_data: Function specific data + * Returns: TRUE on success, FALSE on failure + * + * Setter for "ModelName" property. + */ +dbus_bool_t wpas_dbus_setter_wps_device_model_name( + const struct wpa_dbus_property_desc *property_desc, + DBusMessageIter *iter, DBusError *error, void *user_data) +{ + struct wpa_supplicant *wpa_s = user_data; + char *methods, *model_name; + + if (!wpas_dbus_simple_property_setter(iter, error, DBUS_TYPE_STRING, + &methods)) + return FALSE; + + if (os_strlen(methods) > WPS_MODEL_NAME_MAX_LEN) + return FALSE; + + model_name = os_strdup(methods); + if (!model_name) + return FALSE; + os_free(wpa_s->conf->model_name); + wpa_s->conf->model_name = model_name; + wpa_s->conf->changed_parameters |= CFG_CHANGED_WPS_STRING; + wpa_supplicant_update_config(wpa_s); + + return TRUE; +} + + +/** + * wpas_dbus_getter_wps_device_model_number - Get current device model number + * @iter: Pointer to incoming dbus message iter + * @error: Location to store error on failure + * @user_data: Function specific data + * Returns: TRUE on success, FALSE on failure + * + * Getter for "ModelNumber" property. + */ +dbus_bool_t wpas_dbus_getter_wps_device_model_number( + const struct wpa_dbus_property_desc *property_desc, + DBusMessageIter *iter, DBusError *error, void *user_data) +{ + struct wpa_supplicant *wpa_s = user_data; + + return wpas_dbus_string_property_getter(iter, wpa_s->conf->model_number, + error); +} + + +/** + * wpas_dbus_setter_wps_device_model_number - Set current device model number + * @iter: Pointer to incoming dbus message iter + * @error: Location to store error on failure + * @user_data: Function specific data + * Returns: TRUE on success, FALSE on failure + * + * Setter for "ModelNumber" property. + */ +dbus_bool_t wpas_dbus_setter_wps_device_model_number( + const struct wpa_dbus_property_desc *property_desc, + DBusMessageIter *iter, DBusError *error, void *user_data) +{ + struct wpa_supplicant *wpa_s = user_data; + char *methods, *model_number; + + if (!wpas_dbus_simple_property_setter(iter, error, DBUS_TYPE_STRING, + &methods)) + return FALSE; + + if (os_strlen(methods) > WPS_MODEL_NUMBER_MAX_LEN) + return FALSE; + + model_number = os_strdup(methods); + if (!model_number) + return FALSE; + + os_free(wpa_s->conf->model_number); + wpa_s->conf->model_number = model_number; + wpa_s->conf->changed_parameters |= CFG_CHANGED_WPS_STRING; + wpa_supplicant_update_config(wpa_s); + + return TRUE; +} + + +/** + * wpas_dbus_getter_wps_device_serial_number - Get current device serial number + * @iter: Pointer to incoming dbus message iter + * @error: Location to store error on failure + * @user_data: Function specific data + * Returns: TRUE on success, FALSE on failure + * + * Getter for "SerialNumber" property. + */ +dbus_bool_t wpas_dbus_getter_wps_device_serial_number( + const struct wpa_dbus_property_desc *property_desc, + DBusMessageIter *iter, DBusError *error, void *user_data) +{ + struct wpa_supplicant *wpa_s = user_data; + + return wpas_dbus_string_property_getter(iter, + wpa_s->conf->serial_number, + error); +} + + +/** + * wpas_dbus_setter_wps_device_serial_number - Set current device serial number + * @iter: Pointer to incoming dbus message iter + * @error: Location to store error on failure + * @user_data: Function specific data + * Returns: TRUE on success, FALSE on failure + * + * Setter for "SerialNumber" property. + */ +dbus_bool_t wpas_dbus_setter_wps_device_serial_number( + const struct wpa_dbus_property_desc *property_desc, + DBusMessageIter *iter, DBusError *error, void *user_data) +{ + struct wpa_supplicant *wpa_s = user_data; + char *methods, *serial_number; + + if (!wpas_dbus_simple_property_setter(iter, error, DBUS_TYPE_STRING, + &methods)) + return FALSE; + + if (os_strlen(methods) > WPS_SERIAL_NUMBER_MAX_LEN) + return FALSE; + + serial_number = os_strdup(methods); + if (!serial_number) + return FALSE; + os_free(wpa_s->conf->serial_number); + wpa_s->conf->serial_number = serial_number; + wpa_s->conf->changed_parameters |= CFG_CHANGED_WPS_STRING; + wpa_supplicant_update_config(wpa_s); + + return TRUE; +} + + +/** + * wpas_dbus_getter_wps_device_device_type - Get current device type + * @iter: Pointer to incoming dbus message iter + * @error: Location to store error on failure + * @user_data: Function specific data + * Returns: TRUE on success, FALSE on failure + * + * Getter for "DeviceType" property. + */ +dbus_bool_t wpas_dbus_getter_wps_device_device_type( + const struct wpa_dbus_property_desc *property_desc, + DBusMessageIter *iter, DBusError *error, void *user_data) +{ + struct wpa_supplicant *wpa_s = user_data; + + if (!wpas_dbus_simple_array_property_getter(iter, DBUS_TYPE_BYTE, + (char *) + wpa_s->conf->device_type, + WPS_DEV_TYPE_LEN, error)) { + dbus_set_error(error, DBUS_ERROR_FAILED, + "%s: error constructing reply", __func__); + return FALSE; + } + + return TRUE; +} + + +/** + * wpas_dbus_setter_wps_device_device_type - Set current device type + * @iter: Pointer to incoming dbus message iter + * @error: Location to store error on failure + * @user_data: Function specific data + * Returns: TRUE on success, FALSE on failure + * + * Setter for "DeviceType" property. + */ +dbus_bool_t wpas_dbus_setter_wps_device_device_type( + const struct wpa_dbus_property_desc *property_desc, + DBusMessageIter *iter, DBusError *error, void *user_data) +{ + struct wpa_supplicant *wpa_s = user_data; + u8 *dev_type; + int dev_len; + DBusMessageIter variant, array_iter; + + if (dbus_message_iter_get_arg_type(iter) != DBUS_TYPE_VARIANT) + return FALSE; + + dbus_message_iter_recurse(iter, &variant); + if (dbus_message_iter_get_arg_type(&variant) != DBUS_TYPE_ARRAY) + return FALSE; + + dbus_message_iter_recurse(&variant, &array_iter); + dbus_message_iter_get_fixed_array(&array_iter, &dev_type, &dev_len); + + if (dev_len != WPS_DEV_TYPE_LEN) + return FALSE; + + os_memcpy(wpa_s->conf->device_type, dev_type, WPS_DEV_TYPE_LEN); + wpa_s->conf->changed_parameters |= CFG_CHANGED_DEVICE_TYPE; + wpa_supplicant_update_config(wpa_s); + + return TRUE; +} diff --git a/contrib/wpa/wpa_supplicant/defconfig b/contrib/wpa/wpa_supplicant/defconfig index 1d05198f849a..af281e56d2e1 100644 --- a/contrib/wpa/wpa_supplicant/defconfig +++ b/contrib/wpa/wpa_supplicant/defconfig @@ -1,9 +1,9 @@ # Example wpa_supplicant build time configuration # # This file lists the configuration options that are used when building the -# hostapd binary. All lines starting with # are ignored. Configuration option -# lines must be commented out complete, if they are not to be included, i.e., -# just setting VARIABLE=n is not disabling that variable. +# wpa_supplicant binary. All lines starting with # are ignored. Configuration +# option lines must be commented out complete, if they are not to be included, +# i.e., just setting VARIABLE=n is not disabling that variable. # # This file is included in Makefile, so variables like CFLAGS and LIBS can also # be modified from here. In most cases, these lines should use += in order not @@ -44,7 +44,7 @@ CONFIG_DRIVER_NL80211=y #CONFIG_LIBNL20=y # Use libnl 3.2 libraries (if this is selected, CONFIG_LIBNL20 is ignored) -#CONFIG_LIBNL32=y +CONFIG_LIBNL32=y # Driver interface for FreeBSD net80211 layer (e.g., Atheros driver) @@ -73,6 +73,12 @@ CONFIG_DRIVER_NL80211=y # Driver interface for wired Ethernet drivers CONFIG_DRIVER_WIRED=y +# Driver interface for MACsec capable Qualcomm Atheros drivers +#CONFIG_DRIVER_MACSEC_QCA=y + +# Driver interface for Linux MACsec drivers +#CONFIG_DRIVER_MACSEC_LINUX=y + # Driver interface for the Broadcom RoboSwitch family #CONFIG_DRIVER_ROBOSWITCH=y @@ -83,8 +89,8 @@ CONFIG_DRIVER_WIRED=y #LIBS += -lsocket -ldlpi -lnsl #LIBS_c += -lsocket -# Enable IEEE 802.1X Supplicant (automatically included if any EAP method is -# included) +# Enable IEEE 802.1X Supplicant (automatically included if any EAP method or +# MACsec is included) CONFIG_IEEE8021X_EAPOL=y # EAP-MD5 @@ -166,6 +172,9 @@ CONFIG_EAP_LEAP=y # EAP-EKE #CONFIG_EAP_EKE=y +# MACsec +#CONFIG_MACSEC=y + # PKCS#12 (PFX) support (used to read private key and certificate file from # a file that usually has extension .p12 or .pfx) CONFIG_PKCS12=y @@ -288,9 +297,6 @@ CONFIG_BACKEND=file # bridge interfaces (commit 'bridge: respect RFC2863 operational state')'). #CONFIG_NO_LINUX_PACKET_SOCKET_WAR=y -# PeerKey handshake for Station to Station Link (IEEE 802.11e DLS) -CONFIG_PEERKEY=y - # IEEE 802.11w (management frame protection), also known as PMF # Driver support is also needed for IEEE 802.11w. #CONFIG_IEEE80211W=y @@ -299,6 +305,7 @@ CONFIG_PEERKEY=y # openssl = OpenSSL (default) # gnutls = GnuTLS # internal = Internal TLSv1 implementation (experimental) +# linux = Linux kernel AF_ALG and internal TLSv1 implementation (experimental) # none = Empty template #CONFIG_TLS=openssl @@ -316,6 +323,10 @@ CONFIG_PEERKEY=y # will be used) #CONFIG_TLSV12=y +# Select which ciphers to use by default with OpenSSL if the user does not +# specify them. +#CONFIG_TLS_DEFAULT_CIPHERS="DEFAULT:!EXP:!LOW" + # If CONFIG_TLS=internal is used, additional library and include paths are # needed for LibTomMath. Alternatively, an integrated, minimal version of # LibTomMath can be used. See beginning of libtommath.c for details on benefits @@ -370,7 +381,7 @@ CONFIG_PEERKEY=y # amount of memory/flash. #CONFIG_DYNAMIC_EAP_METHODS=y -# IEEE Std 802.11r-2008 (Fast BSS Transition) +# IEEE Std 802.11r-2008 (Fast BSS Transition) for station mode #CONFIG_IEEE80211R=y # Add support for writing debug log to a file (/tmp/wpa_supplicant-log-#.txt) @@ -548,3 +559,37 @@ CONFIG_PEERKEY=y # Support Multi Band Operation #CONFIG_MBO=y + +# Fast Initial Link Setup (FILS) (IEEE 802.11ai) +# Note: This is an experimental and not yet complete implementation. This +# should not be enabled for production use. +#CONFIG_FILS=y +# FILS shared key authentication with PFS +#CONFIG_FILS_SK_PFS=y + +# Support RSN on IBSS networks +# This is needed to be able to use mode=1 network profile with proto=RSN and +# key_mgmt=WPA-PSK (i.e., full key management instead of WPA-None). +#CONFIG_IBSS_RSN=y + +# External PMKSA cache control +# This can be used to enable control interface commands that allow the current +# PMKSA cache entries to be fetched and new entries to be added. +#CONFIG_PMKSA_CACHE_EXTERNAL=y + +# Mesh Networking (IEEE 802.11s) +#CONFIG_MESH=y + +# Background scanning modules +# These can be used to request wpa_supplicant to perform background scanning +# operations for roaming within an ESS (same SSID). See the bgscan parameter in +# the wpa_supplicant.conf file for more details. +# Periodic background scans based on signal strength +#CONFIG_BGSCAN_SIMPLE=y +# Learn channels used by the network and try to avoid bgscans on other +# channels (experimental) +#CONFIG_BGSCAN_LEARN=y + +# Opportunistic Wireless Encryption (OWE) +# Experimental implementation of draft-harkins-owe-07.txt +#CONFIG_OWE=y diff --git a/contrib/wpa/wpa_supplicant/dpp_supplicant.c b/contrib/wpa/wpa_supplicant/dpp_supplicant.c new file mode 100644 index 000000000000..7bc46610a971 --- /dev/null +++ b/contrib/wpa/wpa_supplicant/dpp_supplicant.c @@ -0,0 +1,2613 @@ +/* + * wpa_supplicant - DPP + * Copyright (c) 2017, Qualcomm Atheros, Inc. + * Copyright (c) 2018, The Linux Foundation + * + * This software may be distributed under the terms of the BSD license. + * See README for more details. + */ + +#include "utils/includes.h" + +#include "utils/common.h" +#include "utils/eloop.h" +#include "common/dpp.h" +#include "common/gas.h" +#include "common/gas_server.h" +#include "rsn_supp/wpa.h" +#include "rsn_supp/pmksa_cache.h" +#include "wpa_supplicant_i.h" +#include "config.h" +#include "driver_i.h" +#include "offchannel.h" +#include "gas_query.h" +#include "bss.h" +#include "scan.h" +#include "notify.h" +#include "dpp_supplicant.h" + + +static int wpas_dpp_listen_start(struct wpa_supplicant *wpa_s, + unsigned int freq); +static void wpas_dpp_reply_wait_timeout(void *eloop_ctx, void *timeout_ctx); +static void wpas_dpp_auth_success(struct wpa_supplicant *wpa_s, int initiator); +static void wpas_dpp_tx_status(struct wpa_supplicant *wpa_s, + unsigned int freq, const u8 *dst, + const u8 *src, const u8 *bssid, + const u8 *data, size_t data_len, + enum offchannel_send_action_result result); +static void wpas_dpp_init_timeout(void *eloop_ctx, void *timeout_ctx); +static int wpas_dpp_auth_init_next(struct wpa_supplicant *wpa_s); +static void +wpas_dpp_tx_pkex_status(struct wpa_supplicant *wpa_s, + unsigned int freq, const u8 *dst, + const u8 *src, const u8 *bssid, + const u8 *data, size_t data_len, + enum offchannel_send_action_result result); + +static const u8 broadcast[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }; + +/* Use a hardcoded Transaction ID 1 in Peer Discovery frames since there is only + * a single transaction in progress at any point in time. */ +static const u8 TRANSACTION_ID = 1; + + +static struct dpp_configurator * +dpp_configurator_get_id(struct wpa_supplicant *wpa_s, unsigned int id) +{ + struct dpp_configurator *conf; + + dl_list_for_each(conf, &wpa_s->dpp_configurator, + struct dpp_configurator, list) { + if (conf->id == id) + return conf; + } + return NULL; +} + + +static unsigned int wpas_dpp_next_id(struct wpa_supplicant *wpa_s) +{ + struct dpp_bootstrap_info *bi; + unsigned int max_id = 0; + + dl_list_for_each(bi, &wpa_s->dpp_bootstrap, struct dpp_bootstrap_info, + list) { + if (bi->id > max_id) + max_id = bi->id; + } + return max_id + 1; +} + + +/** + * wpas_dpp_qr_code - Parse and add DPP bootstrapping info from a QR Code + * @wpa_s: Pointer to wpa_supplicant data + * @cmd: DPP URI read from a QR Code + * Returns: Identifier of the stored info or -1 on failure + */ +int wpas_dpp_qr_code(struct wpa_supplicant *wpa_s, const char *cmd) +{ + struct dpp_bootstrap_info *bi; + struct dpp_authentication *auth = wpa_s->dpp_auth; + + bi = dpp_parse_qr_code(cmd); + if (!bi) + return -1; + + bi->id = wpas_dpp_next_id(wpa_s); + dl_list_add(&wpa_s->dpp_bootstrap, &bi->list); + + if (auth && auth->response_pending && + dpp_notify_new_qr_code(auth, bi) == 1) { + wpa_printf(MSG_DEBUG, + "DPP: Sending out pending authentication response"); + wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR + " freq=%u type=%d", + MAC2STR(auth->peer_mac_addr), auth->curr_freq, + DPP_PA_AUTHENTICATION_RESP); + offchannel_send_action(wpa_s, auth->curr_freq, + auth->peer_mac_addr, wpa_s->own_addr, + broadcast, + wpabuf_head(auth->resp_msg), + wpabuf_len(auth->resp_msg), + 500, wpas_dpp_tx_status, 0); + } + + return bi->id; +} + + +static char * get_param(const char *cmd, const char *param) +{ + const char *pos, *end; + char *val; + size_t len; + + pos = os_strstr(cmd, param); + if (!pos) + return NULL; + + pos += os_strlen(param); + end = os_strchr(pos, ' '); + if (end) + len = end - pos; + else + len = os_strlen(pos); + val = os_malloc(len + 1); + if (!val) + return NULL; + os_memcpy(val, pos, len); + val[len] = '\0'; + return val; +} + + +int wpas_dpp_bootstrap_gen(struct wpa_supplicant *wpa_s, const char *cmd) +{ + char *chan = NULL, *mac = NULL, *info = NULL, *pk = NULL, *curve = NULL; + char *key = NULL; + u8 *privkey = NULL; + size_t privkey_len = 0; + size_t len; + int ret = -1; + struct dpp_bootstrap_info *bi; + + bi = os_zalloc(sizeof(*bi)); + if (!bi) + goto fail; + + if (os_strstr(cmd, "type=qrcode")) + bi->type = DPP_BOOTSTRAP_QR_CODE; + else if (os_strstr(cmd, "type=pkex")) + bi->type = DPP_BOOTSTRAP_PKEX; + else + goto fail; + + chan = get_param(cmd, " chan="); + mac = get_param(cmd, " mac="); + info = get_param(cmd, " info="); + curve = get_param(cmd, " curve="); + key = get_param(cmd, " key="); + + if (key) { + privkey_len = os_strlen(key) / 2; + privkey = os_malloc(privkey_len); + if (!privkey || + hexstr2bin(key, privkey, privkey_len) < 0) + goto fail; + } + + pk = dpp_keygen(bi, curve, privkey, privkey_len); + if (!pk) + goto fail; + + len = 4; /* "DPP:" */ + if (chan) { + if (dpp_parse_uri_chan_list(bi, chan) < 0) + goto fail; + len += 3 + os_strlen(chan); /* C:...; */ + } + if (mac) { + if (dpp_parse_uri_mac(bi, mac) < 0) + goto fail; + len += 3 + os_strlen(mac); /* M:...; */ + } + if (info) { + if (dpp_parse_uri_info(bi, info) < 0) + goto fail; + len += 3 + os_strlen(info); /* I:...; */ + } + len += 4 + os_strlen(pk); + bi->uri = os_malloc(len + 1); + if (!bi->uri) + goto fail; + os_snprintf(bi->uri, len + 1, "DPP:%s%s%s%s%s%s%s%s%sK:%s;;", + chan ? "C:" : "", chan ? chan : "", chan ? ";" : "", + mac ? "M:" : "", mac ? mac : "", mac ? ";" : "", + info ? "I:" : "", info ? info : "", info ? ";" : "", + pk); + bi->id = wpas_dpp_next_id(wpa_s); + dl_list_add(&wpa_s->dpp_bootstrap, &bi->list); + ret = bi->id; + bi = NULL; +fail: + os_free(curve); + os_free(pk); + os_free(chan); + os_free(mac); + os_free(info); + str_clear_free(key); + bin_clear_free(privkey, privkey_len); + dpp_bootstrap_info_free(bi); + return ret; +} + + +static struct dpp_bootstrap_info * +dpp_bootstrap_get_id(struct wpa_supplicant *wpa_s, unsigned int id) +{ + struct dpp_bootstrap_info *bi; + + dl_list_for_each(bi, &wpa_s->dpp_bootstrap, struct dpp_bootstrap_info, + list) { + if (bi->id == id) + return bi; + } + return NULL; +} + + +static int dpp_bootstrap_del(struct wpa_supplicant *wpa_s, unsigned int id) +{ + struct dpp_bootstrap_info *bi, *tmp; + int found = 0; + + dl_list_for_each_safe(bi, tmp, &wpa_s->dpp_bootstrap, + struct dpp_bootstrap_info, list) { + if (id && bi->id != id) + continue; + found = 1; + dl_list_del(&bi->list); + dpp_bootstrap_info_free(bi); + } + + if (id == 0) + return 0; /* flush succeeds regardless of entries found */ + return found ? 0 : -1; +} + + +int wpas_dpp_bootstrap_remove(struct wpa_supplicant *wpa_s, const char *id) +{ + unsigned int id_val; + + if (os_strcmp(id, "*") == 0) { + id_val = 0; + } else { + id_val = atoi(id); + if (id_val == 0) + return -1; + } + + return dpp_bootstrap_del(wpa_s, id_val); +} + + +const char * wpas_dpp_bootstrap_get_uri(struct wpa_supplicant *wpa_s, + unsigned int id) +{ + struct dpp_bootstrap_info *bi; + + bi = dpp_bootstrap_get_id(wpa_s, id); + if (!bi) + return NULL; + return bi->uri; +} + + +int wpas_dpp_bootstrap_info(struct wpa_supplicant *wpa_s, int id, + char *reply, int reply_size) +{ + struct dpp_bootstrap_info *bi; + + bi = dpp_bootstrap_get_id(wpa_s, id); + if (!bi) + return -1; + return os_snprintf(reply, reply_size, "type=%s\n" + "mac_addr=" MACSTR "\n" + "info=%s\n" + "num_freq=%u\n" + "curve=%s\n", + dpp_bootstrap_type_txt(bi->type), + MAC2STR(bi->mac_addr), + bi->info ? bi->info : "", + bi->num_freq, + bi->curve->name); +} + + +static void wpas_dpp_auth_resp_retry_timeout(void *eloop_ctx, void *timeout_ctx) +{ + struct wpa_supplicant *wpa_s = eloop_ctx; + struct dpp_authentication *auth = wpa_s->dpp_auth; + + if (!auth || !auth->resp_msg) + return; + + wpa_printf(MSG_DEBUG, + "DPP: Retry Authentication Response after timeout"); + wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR + " freq=%u type=%d", + MAC2STR(auth->peer_mac_addr), auth->curr_freq, + DPP_PA_AUTHENTICATION_RESP); + offchannel_send_action(wpa_s, auth->curr_freq, auth->peer_mac_addr, + wpa_s->own_addr, broadcast, + wpabuf_head(auth->resp_msg), + wpabuf_len(auth->resp_msg), + 500, wpas_dpp_tx_status, 0); +} + + +static void wpas_dpp_auth_resp_retry(struct wpa_supplicant *wpa_s) +{ + struct dpp_authentication *auth = wpa_s->dpp_auth; + unsigned int wait_time, max_tries; + + if (!auth || !auth->resp_msg) + return; + + if (wpa_s->dpp_resp_max_tries) + max_tries = wpa_s->dpp_resp_max_tries; + else + max_tries = 5; + auth->auth_resp_tries++; + if (auth->auth_resp_tries >= max_tries) { + wpa_printf(MSG_INFO, "DPP: No confirm received from initiator - stopping exchange"); + offchannel_send_action_done(wpa_s); + dpp_auth_deinit(wpa_s->dpp_auth); + wpa_s->dpp_auth = NULL; + return; + } + + if (wpa_s->dpp_resp_retry_time) + wait_time = wpa_s->dpp_resp_retry_time; + else + wait_time = 1000; + wpa_printf(MSG_DEBUG, + "DPP: Schedule retransmission of Authentication Response frame in %u ms", + wait_time); + eloop_cancel_timeout(wpas_dpp_auth_resp_retry_timeout, wpa_s, NULL); + eloop_register_timeout(wait_time / 1000, + (wait_time % 1000) * 1000, + wpas_dpp_auth_resp_retry_timeout, wpa_s, NULL); +} + + +static void wpas_dpp_tx_status(struct wpa_supplicant *wpa_s, + unsigned int freq, const u8 *dst, + const u8 *src, const u8 *bssid, + const u8 *data, size_t data_len, + enum offchannel_send_action_result result) +{ + const char *res_txt; + struct dpp_authentication *auth = wpa_s->dpp_auth; + + res_txt = result == OFFCHANNEL_SEND_ACTION_SUCCESS ? "SUCCESS" : + (result == OFFCHANNEL_SEND_ACTION_NO_ACK ? "no-ACK" : + "FAILED"); + wpa_printf(MSG_DEBUG, "DPP: TX status: freq=%u dst=" MACSTR + " result=%s", freq, MAC2STR(dst), res_txt); + wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX_STATUS "dst=" MACSTR + " freq=%u result=%s", MAC2STR(dst), freq, res_txt); + + if (!wpa_s->dpp_auth) { + wpa_printf(MSG_DEBUG, + "DPP: Ignore TX status since there is no ongoing authentication exchange"); + return; + } + + if (wpa_s->dpp_auth->remove_on_tx_status) { + wpa_printf(MSG_DEBUG, + "DPP: Terminate authentication exchange due to an earlier error"); + eloop_cancel_timeout(wpas_dpp_init_timeout, wpa_s, NULL); + eloop_cancel_timeout(wpas_dpp_reply_wait_timeout, wpa_s, NULL); + eloop_cancel_timeout(wpas_dpp_auth_resp_retry_timeout, wpa_s, + NULL); + offchannel_send_action_done(wpa_s); + dpp_auth_deinit(wpa_s->dpp_auth); + wpa_s->dpp_auth = NULL; + return; + } + + if (wpa_s->dpp_auth_ok_on_ack) + wpas_dpp_auth_success(wpa_s, 1); + + if (!is_broadcast_ether_addr(dst) && + result != OFFCHANNEL_SEND_ACTION_SUCCESS) { + wpa_printf(MSG_DEBUG, + "DPP: Unicast DPP Action frame was not ACKed"); + if (auth->waiting_auth_resp) { + /* In case of DPP Authentication Request frame, move to + * the next channel immediately. */ + offchannel_send_action_done(wpa_s); + wpas_dpp_auth_init_next(wpa_s); + return; + } + if (auth->waiting_auth_conf) { + wpas_dpp_auth_resp_retry(wpa_s); + return; + } + } + + if (!is_broadcast_ether_addr(dst) && auth->waiting_auth_resp && + result == OFFCHANNEL_SEND_ACTION_SUCCESS) { + /* Allow timeout handling to stop iteration if no response is + * received from a peer that has ACKed a request. */ + auth->auth_req_ack = 1; + } + + if (!wpa_s->dpp_auth_ok_on_ack && wpa_s->dpp_auth->neg_freq > 0 && + wpa_s->dpp_auth->curr_freq != wpa_s->dpp_auth->neg_freq) { + wpa_printf(MSG_DEBUG, + "DPP: Move from curr_freq %u MHz to neg_freq %u MHz for response", + wpa_s->dpp_auth->curr_freq, + wpa_s->dpp_auth->neg_freq); + offchannel_send_action_done(wpa_s); + wpas_dpp_listen_start(wpa_s, wpa_s->dpp_auth->neg_freq); + } + + if (wpa_s->dpp_auth_ok_on_ack) + wpa_s->dpp_auth_ok_on_ack = 0; +} + + +static void wpas_dpp_reply_wait_timeout(void *eloop_ctx, void *timeout_ctx) +{ + struct wpa_supplicant *wpa_s = eloop_ctx; + struct dpp_authentication *auth = wpa_s->dpp_auth; + unsigned int freq; + struct os_reltime now, diff; + unsigned int wait_time, diff_ms; + + if (!auth || !auth->waiting_auth_resp) + return; + + wait_time = wpa_s->dpp_resp_wait_time ? + wpa_s->dpp_resp_wait_time : 2000; + os_get_reltime(&now); + os_reltime_sub(&now, &wpa_s->dpp_last_init, &diff); + diff_ms = diff.sec * 1000 + diff.usec / 1000; + wpa_printf(MSG_DEBUG, + "DPP: Reply wait timeout - wait_time=%u diff_ms=%u", + wait_time, diff_ms); + + if (auth->auth_req_ack && diff_ms >= wait_time) { + /* Peer ACK'ed Authentication Request frame, but did not reply + * with Authentication Response frame within two seconds. */ + wpa_printf(MSG_INFO, + "DPP: No response received from responder - stopping initiation attempt"); + wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_AUTH_INIT_FAILED); + offchannel_send_action_done(wpa_s); + wpas_dpp_listen_stop(wpa_s); + dpp_auth_deinit(auth); + wpa_s->dpp_auth = NULL; + return; + } + + if (diff_ms >= wait_time) { + /* Authentication Request frame was not ACK'ed and no reply + * was receiving within two seconds. */ + wpa_printf(MSG_DEBUG, + "DPP: Continue Initiator channel iteration"); + offchannel_send_action_done(wpa_s); + wpas_dpp_listen_stop(wpa_s); + wpas_dpp_auth_init_next(wpa_s); + return; + } + + /* Driver did not support 2000 ms long wait_time with TX command, so + * schedule listen operation to continue waiting for the response. + * + * DPP listen operations continue until stopped, so simply schedule a + * new call to this function at the point when the two second reply + * wait has expired. */ + wait_time -= diff_ms; + + freq = auth->curr_freq; + if (auth->neg_freq > 0) + freq = auth->neg_freq; + wpa_printf(MSG_DEBUG, + "DPP: Continue reply wait on channel %u MHz for %u ms", + freq, wait_time); + wpa_s->dpp_in_response_listen = 1; + wpas_dpp_listen_start(wpa_s, freq); + + eloop_register_timeout(wait_time / 1000, (wait_time % 1000) * 1000, + wpas_dpp_reply_wait_timeout, wpa_s, NULL); +} + + +static void wpas_dpp_set_testing_options(struct wpa_supplicant *wpa_s, + struct dpp_authentication *auth) +{ +#ifdef CONFIG_TESTING_OPTIONS + if (wpa_s->dpp_config_obj_override) + auth->config_obj_override = + os_strdup(wpa_s->dpp_config_obj_override); + if (wpa_s->dpp_discovery_override) + auth->discovery_override = + os_strdup(wpa_s->dpp_discovery_override); + if (wpa_s->dpp_groups_override) + auth->groups_override = + os_strdup(wpa_s->dpp_groups_override); + auth->ignore_netaccesskey_mismatch = + wpa_s->dpp_ignore_netaccesskey_mismatch; +#endif /* CONFIG_TESTING_OPTIONS */ +} + + +static int wpas_dpp_set_configurator(struct wpa_supplicant *wpa_s, + struct dpp_authentication *auth, + const char *cmd) +{ + const char *pos, *end; + struct dpp_configuration *conf_sta = NULL, *conf_ap = NULL; + struct dpp_configurator *conf = NULL; + u8 ssid[32] = { "test" }; + size_t ssid_len = 4; + char pass[64] = { }; + size_t pass_len = 0; + u8 psk[PMK_LEN]; + int psk_set = 0; + char *group_id = NULL; + + if (!cmd) + return 0; + + wpa_printf(MSG_DEBUG, "DPP: Set configurator parameters: %s", cmd); + pos = os_strstr(cmd, " ssid="); + if (pos) { + pos += 6; + end = os_strchr(pos, ' '); + ssid_len = end ? (size_t) (end - pos) : os_strlen(pos); + ssid_len /= 2; + if (ssid_len > sizeof(ssid) || + hexstr2bin(pos, ssid, ssid_len) < 0) + goto fail; + } + + pos = os_strstr(cmd, " pass="); + if (pos) { + pos += 6; + end = os_strchr(pos, ' '); + pass_len = end ? (size_t) (end - pos) : os_strlen(pos); + pass_len /= 2; + if (pass_len > sizeof(pass) - 1 || pass_len < 8 || + hexstr2bin(pos, (u8 *) pass, pass_len) < 0) + goto fail; + } + + pos = os_strstr(cmd, " psk="); + if (pos) { + pos += 5; + if (hexstr2bin(pos, psk, PMK_LEN) < 0) + goto fail; + psk_set = 1; + } + + pos = os_strstr(cmd, " group_id="); + if (pos) { + size_t group_id_len; + + pos += 10; + end = os_strchr(pos, ' '); + group_id_len = end ? (size_t) (end - pos) : os_strlen(pos); + group_id = os_malloc(group_id_len + 1); + if (!group_id) + goto fail; + os_memcpy(group_id, pos, group_id_len); + group_id[group_id_len] = '\0'; + } + + if (os_strstr(cmd, " conf=sta-")) { + conf_sta = os_zalloc(sizeof(struct dpp_configuration)); + if (!conf_sta) + goto fail; + os_memcpy(conf_sta->ssid, ssid, ssid_len); + conf_sta->ssid_len = ssid_len; + if (os_strstr(cmd, " conf=sta-psk") || + os_strstr(cmd, " conf=sta-sae") || + os_strstr(cmd, " conf=sta-psk-sae")) { + if (os_strstr(cmd, " conf=sta-psk-sae")) + conf_sta->akm = DPP_AKM_PSK_SAE; + else if (os_strstr(cmd, " conf=sta-sae")) + conf_sta->akm = DPP_AKM_SAE; + else + conf_sta->akm = DPP_AKM_PSK; + if (psk_set) { + os_memcpy(conf_sta->psk, psk, PMK_LEN); + } else if (pass_len > 0) { + conf_sta->passphrase = os_strdup(pass); + if (!conf_sta->passphrase) + goto fail; + } else { + goto fail; + } + } else if (os_strstr(cmd, " conf=sta-dpp")) { + conf_sta->akm = DPP_AKM_DPP; + } else { + goto fail; + } + if (os_strstr(cmd, " group_id=")) { + conf_sta->group_id = group_id; + group_id = NULL; + } + } + + if (os_strstr(cmd, " conf=ap-")) { + conf_ap = os_zalloc(sizeof(struct dpp_configuration)); + if (!conf_ap) + goto fail; + os_memcpy(conf_ap->ssid, ssid, ssid_len); + conf_ap->ssid_len = ssid_len; + if (os_strstr(cmd, " conf=ap-psk") || + os_strstr(cmd, " conf=ap-sae") || + os_strstr(cmd, " conf=ap-psk-sae")) { + if (os_strstr(cmd, " conf=ap-psk-sae")) + conf_ap->akm = DPP_AKM_PSK_SAE; + else if (os_strstr(cmd, " conf=ap-sae")) + conf_ap->akm = DPP_AKM_SAE; + else + conf_ap->akm = DPP_AKM_PSK; + if (psk_set) { + os_memcpy(conf_ap->psk, psk, PMK_LEN); + } else { + conf_ap->passphrase = os_strdup(pass); + if (!conf_ap->passphrase) + goto fail; + } + } else if (os_strstr(cmd, " conf=ap-dpp")) { + conf_ap->akm = DPP_AKM_DPP; + } else { + goto fail; + } + if (os_strstr(cmd, " group_id=")) { + conf_ap->group_id = group_id; + group_id = NULL; + } + } + + pos = os_strstr(cmd, " expiry="); + if (pos) { + long int val; + + pos += 8; + val = strtol(pos, NULL, 0); + if (val <= 0) + goto fail; + if (conf_sta) + conf_sta->netaccesskey_expiry = val; + if (conf_ap) + conf_ap->netaccesskey_expiry = val; + } + + pos = os_strstr(cmd, " configurator="); + if (pos) { + pos += 14; + conf = dpp_configurator_get_id(wpa_s, atoi(pos)); + if (!conf) { + wpa_printf(MSG_INFO, + "DPP: Could not find the specified configurator"); + goto fail; + } + } + auth->conf_sta = conf_sta; + auth->conf_ap = conf_ap; + auth->conf = conf; + os_free(group_id); + return 0; + +fail: + wpa_msg(wpa_s, MSG_INFO, "DPP: Failed to set configurator parameters"); + dpp_configuration_free(conf_sta); + dpp_configuration_free(conf_ap); + os_free(group_id); + return -1; +} + + +static void wpas_dpp_init_timeout(void *eloop_ctx, void *timeout_ctx) +{ + struct wpa_supplicant *wpa_s = eloop_ctx; + + if (!wpa_s->dpp_auth) + return; + wpa_printf(MSG_DEBUG, "DPP: Retry initiation after timeout"); + wpas_dpp_auth_init_next(wpa_s); +} + + +static int wpas_dpp_auth_init_next(struct wpa_supplicant *wpa_s) +{ + struct dpp_authentication *auth = wpa_s->dpp_auth; + const u8 *dst; + unsigned int wait_time, max_wait_time, freq, max_tries, used; + struct os_reltime now, diff; + + wpa_s->dpp_in_response_listen = 0; + if (!auth) + return -1; + + if (auth->freq_idx == 0) + os_get_reltime(&wpa_s->dpp_init_iter_start); + + if (auth->freq_idx >= auth->num_freq) { + auth->num_freq_iters++; + if (wpa_s->dpp_init_max_tries) + max_tries = wpa_s->dpp_init_max_tries; + else + max_tries = 5; + if (auth->num_freq_iters >= max_tries || auth->auth_req_ack) { + wpa_printf(MSG_INFO, + "DPP: No response received from responder - stopping initiation attempt"); + wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_AUTH_INIT_FAILED); + eloop_cancel_timeout(wpas_dpp_reply_wait_timeout, + wpa_s, NULL); + offchannel_send_action_done(wpa_s); + dpp_auth_deinit(wpa_s->dpp_auth); + wpa_s->dpp_auth = NULL; + return -1; + } + auth->freq_idx = 0; + eloop_cancel_timeout(wpas_dpp_init_timeout, wpa_s, NULL); + if (wpa_s->dpp_init_retry_time) + wait_time = wpa_s->dpp_init_retry_time; + else + wait_time = 10000; + os_get_reltime(&now); + os_reltime_sub(&now, &wpa_s->dpp_init_iter_start, &diff); + used = diff.sec * 1000 + diff.usec / 1000; + if (used > wait_time) + wait_time = 0; + else + wait_time -= used; + wpa_printf(MSG_DEBUG, "DPP: Next init attempt in %u ms", + wait_time); + eloop_register_timeout(wait_time / 1000, + (wait_time % 1000) * 1000, + wpas_dpp_init_timeout, wpa_s, + NULL); + return 0; + } + freq = auth->freq[auth->freq_idx++]; + auth->curr_freq = freq; + + if (is_zero_ether_addr(auth->peer_bi->mac_addr)) + dst = broadcast; + else + dst = auth->peer_bi->mac_addr; + wpa_s->dpp_auth_ok_on_ack = 0; + eloop_cancel_timeout(wpas_dpp_reply_wait_timeout, wpa_s, NULL); + wait_time = wpa_s->max_remain_on_chan; + max_wait_time = wpa_s->dpp_resp_wait_time ? + wpa_s->dpp_resp_wait_time : 2000; + if (wait_time > max_wait_time) + wait_time = max_wait_time; + wait_time += 10; /* give the driver some extra time to complete */ + eloop_register_timeout(wait_time / 1000, (wait_time % 1000) * 1000, + wpas_dpp_reply_wait_timeout, + wpa_s, NULL); + wait_time -= 10; + if (auth->neg_freq > 0 && freq != auth->neg_freq) { + wpa_printf(MSG_DEBUG, + "DPP: Initiate on %u MHz and move to neg_freq %u MHz for response", + freq, auth->neg_freq); + } + wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d", + MAC2STR(dst), freq, DPP_PA_AUTHENTICATION_REQ); + auth->auth_req_ack = 0; + os_get_reltime(&wpa_s->dpp_last_init); + return offchannel_send_action(wpa_s, freq, dst, + wpa_s->own_addr, broadcast, + wpabuf_head(auth->req_msg), + wpabuf_len(auth->req_msg), + wait_time, wpas_dpp_tx_status, 0); +} + + +int wpas_dpp_auth_init(struct wpa_supplicant *wpa_s, const char *cmd) +{ + const char *pos; + struct dpp_bootstrap_info *peer_bi, *own_bi = NULL; + u8 allowed_roles = DPP_CAPAB_CONFIGURATOR; + unsigned int neg_freq = 0; + + wpa_s->dpp_gas_client = 0; + + pos = os_strstr(cmd, " peer="); + if (!pos) + return -1; + pos += 6; + peer_bi = dpp_bootstrap_get_id(wpa_s, atoi(pos)); + if (!peer_bi) { + wpa_printf(MSG_INFO, + "DPP: Could not find bootstrapping info for the identified peer"); + return -1; + } + + pos = os_strstr(cmd, " own="); + if (pos) { + pos += 5; + own_bi = dpp_bootstrap_get_id(wpa_s, atoi(pos)); + if (!own_bi) { + wpa_printf(MSG_INFO, + "DPP: Could not find bootstrapping info for the identified local entry"); + return -1; + } + + if (peer_bi->curve != own_bi->curve) { + wpa_printf(MSG_INFO, + "DPP: Mismatching curves in bootstrapping info (peer=%s own=%s)", + peer_bi->curve->name, own_bi->curve->name); + return -1; + } + } + + pos = os_strstr(cmd, " role="); + if (pos) { + pos += 6; + if (os_strncmp(pos, "configurator", 12) == 0) + allowed_roles = DPP_CAPAB_CONFIGURATOR; + else if (os_strncmp(pos, "enrollee", 8) == 0) + allowed_roles = DPP_CAPAB_ENROLLEE; + else if (os_strncmp(pos, "either", 6) == 0) + allowed_roles = DPP_CAPAB_CONFIGURATOR | + DPP_CAPAB_ENROLLEE; + else + goto fail; + } + + pos = os_strstr(cmd, " netrole="); + if (pos) { + pos += 9; + wpa_s->dpp_netrole_ap = os_strncmp(pos, "ap", 2) == 0; + } + + pos = os_strstr(cmd, " neg_freq="); + if (pos) + neg_freq = atoi(pos + 10); + + if (wpa_s->dpp_auth) { + eloop_cancel_timeout(wpas_dpp_init_timeout, wpa_s, NULL); + eloop_cancel_timeout(wpas_dpp_reply_wait_timeout, wpa_s, NULL); + eloop_cancel_timeout(wpas_dpp_auth_resp_retry_timeout, wpa_s, + NULL); + offchannel_send_action_done(wpa_s); + dpp_auth_deinit(wpa_s->dpp_auth); + } + wpa_s->dpp_auth = dpp_auth_init(wpa_s, peer_bi, own_bi, allowed_roles, + neg_freq, + wpa_s->hw.modes, wpa_s->hw.num_modes); + if (!wpa_s->dpp_auth) + goto fail; + wpas_dpp_set_testing_options(wpa_s, wpa_s->dpp_auth); + if (wpas_dpp_set_configurator(wpa_s, wpa_s->dpp_auth, cmd) < 0) { + dpp_auth_deinit(wpa_s->dpp_auth); + wpa_s->dpp_auth = NULL; + goto fail; + } + + wpa_s->dpp_auth->neg_freq = neg_freq; + + if (!is_zero_ether_addr(peer_bi->mac_addr)) + os_memcpy(wpa_s->dpp_auth->peer_mac_addr, peer_bi->mac_addr, + ETH_ALEN); + + return wpas_dpp_auth_init_next(wpa_s); +fail: + return -1; +} + + +struct wpas_dpp_listen_work { + unsigned int freq; + unsigned int duration; + struct wpabuf *probe_resp_ie; +}; + + +static void wpas_dpp_listen_work_free(struct wpas_dpp_listen_work *lwork) +{ + if (!lwork) + return; + os_free(lwork); +} + + +static void wpas_dpp_listen_work_done(struct wpa_supplicant *wpa_s) +{ + struct wpas_dpp_listen_work *lwork; + + if (!wpa_s->dpp_listen_work) + return; + + lwork = wpa_s->dpp_listen_work->ctx; + wpas_dpp_listen_work_free(lwork); + radio_work_done(wpa_s->dpp_listen_work); + wpa_s->dpp_listen_work = NULL; +} + + +static void dpp_start_listen_cb(struct wpa_radio_work *work, int deinit) +{ + struct wpa_supplicant *wpa_s = work->wpa_s; + struct wpas_dpp_listen_work *lwork = work->ctx; + + if (deinit) { + if (work->started) { + wpa_s->dpp_listen_work = NULL; + wpas_dpp_listen_stop(wpa_s); + } + wpas_dpp_listen_work_free(lwork); + return; + } + + wpa_s->dpp_listen_work = work; + + wpa_s->dpp_pending_listen_freq = lwork->freq; + + if (wpa_drv_remain_on_channel(wpa_s, lwork->freq, + wpa_s->max_remain_on_chan) < 0) { + wpa_printf(MSG_DEBUG, + "DPP: Failed to request the driver to remain on channel (%u MHz) for listen", + lwork->freq); + wpas_dpp_listen_work_done(wpa_s); + wpa_s->dpp_pending_listen_freq = 0; + return; + } + wpa_s->off_channel_freq = 0; + wpa_s->roc_waiting_drv_freq = lwork->freq; +} + + +static int wpas_dpp_listen_start(struct wpa_supplicant *wpa_s, + unsigned int freq) +{ + struct wpas_dpp_listen_work *lwork; + + if (wpa_s->dpp_listen_work) { + wpa_printf(MSG_DEBUG, + "DPP: Reject start_listen since dpp_listen_work already exists"); + return -1; + } + + if (wpa_s->dpp_listen_freq) + wpas_dpp_listen_stop(wpa_s); + wpa_s->dpp_listen_freq = freq; + + lwork = os_zalloc(sizeof(*lwork)); + if (!lwork) + return -1; + lwork->freq = freq; + + if (radio_add_work(wpa_s, freq, "dpp-listen", 0, dpp_start_listen_cb, + lwork) < 0) { + wpas_dpp_listen_work_free(lwork); + return -1; + } + + return 0; +} + + +int wpas_dpp_listen(struct wpa_supplicant *wpa_s, const char *cmd) +{ + int freq; + + freq = atoi(cmd); + if (freq <= 0) + return -1; + + if (os_strstr(cmd, " role=configurator")) + wpa_s->dpp_allowed_roles = DPP_CAPAB_CONFIGURATOR; + else if (os_strstr(cmd, " role=enrollee")) + wpa_s->dpp_allowed_roles = DPP_CAPAB_ENROLLEE; + else + wpa_s->dpp_allowed_roles = DPP_CAPAB_CONFIGURATOR | + DPP_CAPAB_ENROLLEE; + wpa_s->dpp_qr_mutual = os_strstr(cmd, " qr=mutual") != NULL; + wpa_s->dpp_netrole_ap = os_strstr(cmd, " netrole=ap") != NULL; + if (wpa_s->dpp_listen_freq == (unsigned int) freq) { + wpa_printf(MSG_DEBUG, "DPP: Already listening on %u MHz", + freq); + return 0; + } + + return wpas_dpp_listen_start(wpa_s, freq); +} + + +void wpas_dpp_listen_stop(struct wpa_supplicant *wpa_s) +{ + wpa_s->dpp_in_response_listen = 0; + if (!wpa_s->dpp_listen_freq) + return; + + wpa_printf(MSG_DEBUG, "DPP: Stop listen on %u MHz", + wpa_s->dpp_listen_freq); + wpa_drv_cancel_remain_on_channel(wpa_s); + wpa_s->dpp_listen_freq = 0; + wpas_dpp_listen_work_done(wpa_s); +} + + +void wpas_dpp_cancel_remain_on_channel_cb(struct wpa_supplicant *wpa_s, + unsigned int freq) +{ + wpas_dpp_listen_work_done(wpa_s); + + if (wpa_s->dpp_auth && wpa_s->dpp_in_response_listen) { + unsigned int new_freq; + + /* Continue listen with a new remain-on-channel */ + if (wpa_s->dpp_auth->neg_freq > 0) + new_freq = wpa_s->dpp_auth->neg_freq; + else + new_freq = wpa_s->dpp_auth->curr_freq; + wpa_printf(MSG_DEBUG, + "DPP: Continue wait on %u MHz for the ongoing DPP provisioning session", + new_freq); + wpas_dpp_listen_start(wpa_s, new_freq); + return; + } + + if (wpa_s->dpp_listen_freq) { + /* Continue listen with a new remain-on-channel */ + wpas_dpp_listen_start(wpa_s, wpa_s->dpp_listen_freq); + } +} + + +static void wpas_dpp_rx_auth_req(struct wpa_supplicant *wpa_s, const u8 *src, + const u8 *hdr, const u8 *buf, size_t len, + unsigned int freq) +{ + const u8 *r_bootstrap, *i_bootstrap; + u16 r_bootstrap_len, i_bootstrap_len; + struct dpp_bootstrap_info *bi, *own_bi = NULL, *peer_bi = NULL; + + wpa_printf(MSG_DEBUG, "DPP: Authentication Request from " MACSTR, + MAC2STR(src)); + + r_bootstrap = dpp_get_attr(buf, len, DPP_ATTR_R_BOOTSTRAP_KEY_HASH, + &r_bootstrap_len); + if (!r_bootstrap || r_bootstrap_len != SHA256_MAC_LEN) { + wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_FAIL + "Missing or invalid required Responder Bootstrapping Key Hash attribute"); + return; + } + wpa_hexdump(MSG_MSGDUMP, "DPP: Responder Bootstrapping Key Hash", + r_bootstrap, r_bootstrap_len); + + i_bootstrap = dpp_get_attr(buf, len, DPP_ATTR_I_BOOTSTRAP_KEY_HASH, + &i_bootstrap_len); + if (!i_bootstrap || i_bootstrap_len != SHA256_MAC_LEN) { + wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_FAIL + "Missing or invalid required Initiator Bootstrapping Key Hash attribute"); + return; + } + wpa_hexdump(MSG_MSGDUMP, "DPP: Initiator Bootstrapping Key Hash", + i_bootstrap, i_bootstrap_len); + + /* Try to find own and peer bootstrapping key matches based on the + * received hash values */ + dl_list_for_each(bi, &wpa_s->dpp_bootstrap, struct dpp_bootstrap_info, + list) { + if (!own_bi && bi->own && + os_memcmp(bi->pubkey_hash, r_bootstrap, + SHA256_MAC_LEN) == 0) { + wpa_printf(MSG_DEBUG, + "DPP: Found matching own bootstrapping information"); + own_bi = bi; + } + + if (!peer_bi && !bi->own && + os_memcmp(bi->pubkey_hash, i_bootstrap, + SHA256_MAC_LEN) == 0) { + wpa_printf(MSG_DEBUG, + "DPP: Found matching peer bootstrapping information"); + peer_bi = bi; + } + + if (own_bi && peer_bi) + break; + } + + if (!own_bi) { + wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_FAIL + "No matching own bootstrapping key found - ignore message"); + return; + } + + if (wpa_s->dpp_auth) { + wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_FAIL + "Already in DPP authentication exchange - ignore new one"); + return; + } + + wpa_s->dpp_gas_client = 0; + wpa_s->dpp_auth_ok_on_ack = 0; + wpa_s->dpp_auth = dpp_auth_req_rx(wpa_s, wpa_s->dpp_allowed_roles, + wpa_s->dpp_qr_mutual, + peer_bi, own_bi, freq, hdr, buf, len); + if (!wpa_s->dpp_auth) { + wpa_printf(MSG_DEBUG, "DPP: No response generated"); + return; + } + wpas_dpp_set_testing_options(wpa_s, wpa_s->dpp_auth); + if (wpas_dpp_set_configurator(wpa_s, wpa_s->dpp_auth, + wpa_s->dpp_configurator_params) < 0) { + dpp_auth_deinit(wpa_s->dpp_auth); + wpa_s->dpp_auth = NULL; + return; + } + os_memcpy(wpa_s->dpp_auth->peer_mac_addr, src, ETH_ALEN); + + if (wpa_s->dpp_listen_freq && + wpa_s->dpp_listen_freq != wpa_s->dpp_auth->curr_freq) { + wpa_printf(MSG_DEBUG, + "DPP: Stop listen on %u MHz to allow response on the request %u MHz", + wpa_s->dpp_listen_freq, wpa_s->dpp_auth->curr_freq); + wpas_dpp_listen_stop(wpa_s); + } + + wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d", + MAC2STR(src), wpa_s->dpp_auth->curr_freq, + DPP_PA_AUTHENTICATION_RESP); + offchannel_send_action(wpa_s, wpa_s->dpp_auth->curr_freq, + src, wpa_s->own_addr, broadcast, + wpabuf_head(wpa_s->dpp_auth->resp_msg), + wpabuf_len(wpa_s->dpp_auth->resp_msg), + 500, wpas_dpp_tx_status, 0); +} + + +static void wpas_dpp_start_gas_server(struct wpa_supplicant *wpa_s) +{ + /* TODO: stop wait and start ROC */ +} + + +static struct wpa_ssid * wpas_dpp_add_network(struct wpa_supplicant *wpa_s, + struct dpp_authentication *auth) +{ + struct wpa_ssid *ssid; + + ssid = wpa_config_add_network(wpa_s->conf); + if (!ssid) + return NULL; + wpas_notify_network_added(wpa_s, ssid); + wpa_config_set_network_defaults(ssid); + ssid->disabled = 1; + + ssid->ssid = os_malloc(auth->ssid_len); + if (!ssid->ssid) + goto fail; + os_memcpy(ssid->ssid, auth->ssid, auth->ssid_len); + ssid->ssid_len = auth->ssid_len; + + if (auth->connector) { + ssid->key_mgmt = WPA_KEY_MGMT_DPP; + ssid->ieee80211w = MGMT_FRAME_PROTECTION_REQUIRED; + ssid->dpp_connector = os_strdup(auth->connector); + if (!ssid->dpp_connector) + goto fail; + } + + if (auth->c_sign_key) { + ssid->dpp_csign = os_malloc(wpabuf_len(auth->c_sign_key)); + if (!ssid->dpp_csign) + goto fail; + os_memcpy(ssid->dpp_csign, wpabuf_head(auth->c_sign_key), + wpabuf_len(auth->c_sign_key)); + ssid->dpp_csign_len = wpabuf_len(auth->c_sign_key); + } + + if (auth->net_access_key) { + ssid->dpp_netaccesskey = + os_malloc(wpabuf_len(auth->net_access_key)); + if (!ssid->dpp_netaccesskey) + goto fail; + os_memcpy(ssid->dpp_netaccesskey, + wpabuf_head(auth->net_access_key), + wpabuf_len(auth->net_access_key)); + ssid->dpp_netaccesskey_len = wpabuf_len(auth->net_access_key); + ssid->dpp_netaccesskey_expiry = auth->net_access_key_expiry; + } + + if (!auth->connector) { + ssid->key_mgmt = 0; + if (auth->akm == DPP_AKM_PSK || auth->akm == DPP_AKM_PSK_SAE) + ssid->key_mgmt |= WPA_KEY_MGMT_PSK | + WPA_KEY_MGMT_PSK_SHA256 | WPA_KEY_MGMT_FT_PSK; + if (auth->akm == DPP_AKM_SAE || auth->akm == DPP_AKM_PSK_SAE) + ssid->key_mgmt |= WPA_KEY_MGMT_SAE | + WPA_KEY_MGMT_FT_SAE; + ssid->ieee80211w = MGMT_FRAME_PROTECTION_OPTIONAL; + if (auth->passphrase[0]) { + if (wpa_config_set_quoted(ssid, "psk", + auth->passphrase) < 0) + goto fail; + wpa_config_update_psk(ssid); + ssid->export_keys = 1; + } else { + ssid->psk_set = auth->psk_set; + os_memcpy(ssid->psk, auth->psk, PMK_LEN); + } + } + + return ssid; +fail: + wpas_notify_network_removed(wpa_s, ssid); + wpa_config_remove_network(wpa_s->conf, ssid->id); + return NULL; +} + + +static void wpas_dpp_process_config(struct wpa_supplicant *wpa_s, + struct dpp_authentication *auth) +{ + struct wpa_ssid *ssid; + + if (wpa_s->conf->dpp_config_processing < 1) + return; + + ssid = wpas_dpp_add_network(wpa_s, auth); + if (!ssid) + return; + + wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_NETWORK_ID "%d", ssid->id); + if (wpa_s->conf->dpp_config_processing < 2) + return; + + wpa_printf(MSG_DEBUG, "DPP: Trying to connect to the new network"); + ssid->disabled = 0; + wpa_s->disconnected = 0; + wpa_s->reassociate = 1; + wpa_s->scan_runs = 0; + wpa_s->normal_scans = 0; + wpa_supplicant_cancel_sched_scan(wpa_s); + wpa_supplicant_req_scan(wpa_s, 0, 0); +} + + +static void wpas_dpp_handle_config_obj(struct wpa_supplicant *wpa_s, + struct dpp_authentication *auth) +{ + wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_RECEIVED); + if (auth->ssid_len) + wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONFOBJ_SSID "%s", + wpa_ssid_txt(auth->ssid, auth->ssid_len)); + if (auth->connector) { + /* TODO: Save the Connector and consider using a command + * to fetch the value instead of sending an event with + * it. The Connector could end up being larger than what + * most clients are ready to receive as an event + * message. */ + wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONNECTOR "%s", + auth->connector); + } + if (auth->c_sign_key) { + char *hex; + size_t hexlen; + + hexlen = 2 * wpabuf_len(auth->c_sign_key) + 1; + hex = os_malloc(hexlen); + if (hex) { + wpa_snprintf_hex(hex, hexlen, + wpabuf_head(auth->c_sign_key), + wpabuf_len(auth->c_sign_key)); + wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_C_SIGN_KEY "%s", + hex); + os_free(hex); + } + } + if (auth->net_access_key) { + char *hex; + size_t hexlen; + + hexlen = 2 * wpabuf_len(auth->net_access_key) + 1; + hex = os_malloc(hexlen); + if (hex) { + wpa_snprintf_hex(hex, hexlen, + wpabuf_head(auth->net_access_key), + wpabuf_len(auth->net_access_key)); + if (auth->net_access_key_expiry) + wpa_msg(wpa_s, MSG_INFO, + DPP_EVENT_NET_ACCESS_KEY "%s %lu", hex, + (long unsigned) + auth->net_access_key_expiry); + else + wpa_msg(wpa_s, MSG_INFO, + DPP_EVENT_NET_ACCESS_KEY "%s", hex); + os_free(hex); + } + } + + wpas_dpp_process_config(wpa_s, auth); +} + + +static void wpas_dpp_gas_resp_cb(void *ctx, const u8 *addr, u8 dialog_token, + enum gas_query_result result, + const struct wpabuf *adv_proto, + const struct wpabuf *resp, u16 status_code) +{ + struct wpa_supplicant *wpa_s = ctx; + const u8 *pos; + struct dpp_authentication *auth = wpa_s->dpp_auth; + + wpa_s->dpp_gas_dialog_token = -1; + + if (!auth || !auth->auth_success) { + wpa_printf(MSG_DEBUG, "DPP: No matching exchange in progress"); + return; + } + if (result != GAS_QUERY_SUCCESS || + !resp || status_code != WLAN_STATUS_SUCCESS) { + wpa_printf(MSG_DEBUG, "DPP: GAS query did not succeed"); + goto fail; + } + + wpa_hexdump_buf(MSG_DEBUG, "DPP: Configuration Response adv_proto", + adv_proto); + wpa_hexdump_buf(MSG_DEBUG, "DPP: Configuration Response (GAS response)", + resp); + + if (wpabuf_len(adv_proto) != 10 || + !(pos = wpabuf_head(adv_proto)) || + pos[0] != WLAN_EID_ADV_PROTO || + pos[1] != 8 || + pos[3] != WLAN_EID_VENDOR_SPECIFIC || + pos[4] != 5 || + WPA_GET_BE24(&pos[5]) != OUI_WFA || + pos[8] != 0x1a || + pos[9] != 1) { + wpa_printf(MSG_DEBUG, + "DPP: Not a DPP Advertisement Protocol ID"); + goto fail; + } + + if (dpp_conf_resp_rx(auth, resp) < 0) { + wpa_printf(MSG_DEBUG, "DPP: Configuration attempt failed"); + goto fail; + } + + wpas_dpp_handle_config_obj(wpa_s, auth); + dpp_auth_deinit(wpa_s->dpp_auth); + wpa_s->dpp_auth = NULL; + return; + +fail: + wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_FAILED); + dpp_auth_deinit(wpa_s->dpp_auth); + wpa_s->dpp_auth = NULL; +} + + +static void wpas_dpp_start_gas_client(struct wpa_supplicant *wpa_s) +{ + struct dpp_authentication *auth = wpa_s->dpp_auth; + struct wpabuf *buf, *conf_req; + char json[100]; + int res; + + wpa_s->dpp_gas_client = 1; + os_snprintf(json, sizeof(json), + "{\"name\":\"Test\"," + "\"wi-fi_tech\":\"infra\"," + "\"netRole\":\"%s\"}", + wpa_s->dpp_netrole_ap ? "ap" : "sta"); +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_test == DPP_TEST_INVALID_CONFIG_ATTR_OBJ_CONF_REQ) { + wpa_printf(MSG_INFO, "DPP: TESTING - invalid Config Attr"); + json[29] = 'k'; /* replace "infra" with "knfra" */ + } +#endif /* CONFIG_TESTING_OPTIONS */ + wpa_printf(MSG_DEBUG, "DPP: GAS Config Attributes: %s", json); + + offchannel_send_action_done(wpa_s); + wpas_dpp_listen_stop(wpa_s); + + conf_req = dpp_build_conf_req(auth, json); + if (!conf_req) { + wpa_printf(MSG_DEBUG, + "DPP: No configuration request data available"); + return; + } + + buf = gas_build_initial_req(0, 10 + 2 + wpabuf_len(conf_req)); + if (!buf) { + wpabuf_free(conf_req); + return; + } + + /* Advertisement Protocol IE */ + wpabuf_put_u8(buf, WLAN_EID_ADV_PROTO); + wpabuf_put_u8(buf, 8); /* Length */ + wpabuf_put_u8(buf, 0x7f); + wpabuf_put_u8(buf, WLAN_EID_VENDOR_SPECIFIC); + wpabuf_put_u8(buf, 5); + wpabuf_put_be24(buf, OUI_WFA); + wpabuf_put_u8(buf, DPP_OUI_TYPE); + wpabuf_put_u8(buf, 0x01); + + /* GAS Query */ + wpabuf_put_le16(buf, wpabuf_len(conf_req)); + wpabuf_put_buf(buf, conf_req); + wpabuf_free(conf_req); + + wpa_printf(MSG_DEBUG, "DPP: GAS request to " MACSTR " (freq %u MHz)", + MAC2STR(auth->peer_mac_addr), auth->curr_freq); + + res = gas_query_req(wpa_s->gas, auth->peer_mac_addr, auth->curr_freq, + 1, buf, wpas_dpp_gas_resp_cb, wpa_s); + if (res < 0) { + wpa_msg(wpa_s, MSG_DEBUG, "GAS: Failed to send Query Request"); + wpabuf_free(buf); + } else { + wpa_printf(MSG_DEBUG, + "DPP: GAS query started with dialog token %u", res); + wpa_s->dpp_gas_dialog_token = res; + } +} + + +static void wpas_dpp_auth_success(struct wpa_supplicant *wpa_s, int initiator) +{ + wpa_printf(MSG_DEBUG, "DPP: Authentication succeeded"); + wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_AUTH_SUCCESS "init=%d", initiator); +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_test == DPP_TEST_STOP_AT_AUTH_CONF) { + wpa_printf(MSG_INFO, + "DPP: TESTING - stop at Authentication Confirm"); + if (wpa_s->dpp_auth->configurator) { + /* Prevent GAS response */ + wpa_s->dpp_auth->auth_success = 0; + } + return; + } +#endif /* CONFIG_TESTING_OPTIONS */ + + if (wpa_s->dpp_auth->configurator) + wpas_dpp_start_gas_server(wpa_s); + else + wpas_dpp_start_gas_client(wpa_s); +} + + +static void wpas_dpp_rx_auth_resp(struct wpa_supplicant *wpa_s, const u8 *src, + const u8 *hdr, const u8 *buf, size_t len, + unsigned int freq) +{ + struct dpp_authentication *auth = wpa_s->dpp_auth; + struct wpabuf *msg; + + wpa_printf(MSG_DEBUG, "DPP: Authentication Response from " MACSTR + " (freq %u MHz)", MAC2STR(src), freq); + + if (!auth) { + wpa_printf(MSG_DEBUG, + "DPP: No DPP Authentication in progress - drop"); + return; + } + + if (!is_zero_ether_addr(auth->peer_mac_addr) && + os_memcmp(src, auth->peer_mac_addr, ETH_ALEN) != 0) { + wpa_printf(MSG_DEBUG, "DPP: MAC address mismatch (expected " + MACSTR ") - drop", MAC2STR(auth->peer_mac_addr)); + return; + } + + eloop_cancel_timeout(wpas_dpp_reply_wait_timeout, wpa_s, NULL); + + if (auth->curr_freq != freq && auth->neg_freq == freq) { + wpa_printf(MSG_DEBUG, + "DPP: Responder accepted request for different negotiation channel"); + auth->curr_freq = freq; + } + + eloop_cancel_timeout(wpas_dpp_init_timeout, wpa_s, NULL); + msg = dpp_auth_resp_rx(auth, hdr, buf, len); + if (!msg) { + if (auth->auth_resp_status == DPP_STATUS_RESPONSE_PENDING) { + wpa_printf(MSG_DEBUG, + "DPP: Start wait for full response"); + offchannel_send_action_done(wpa_s); + wpas_dpp_listen_start(wpa_s, auth->curr_freq); + return; + } + wpa_printf(MSG_DEBUG, "DPP: No confirm generated"); + return; + } + os_memcpy(auth->peer_mac_addr, src, ETH_ALEN); + + wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d", + MAC2STR(src), auth->curr_freq, DPP_PA_AUTHENTICATION_CONF); + offchannel_send_action(wpa_s, auth->curr_freq, + src, wpa_s->own_addr, broadcast, + wpabuf_head(msg), wpabuf_len(msg), + 500, wpas_dpp_tx_status, 0); + wpabuf_free(msg); + wpa_s->dpp_auth_ok_on_ack = 1; +} + + +static void wpas_dpp_rx_auth_conf(struct wpa_supplicant *wpa_s, const u8 *src, + const u8 *hdr, const u8 *buf, size_t len) +{ + struct dpp_authentication *auth = wpa_s->dpp_auth; + + wpa_printf(MSG_DEBUG, "DPP: Authentication Confirmation from " MACSTR, + MAC2STR(src)); + + if (!auth) { + wpa_printf(MSG_DEBUG, + "DPP: No DPP Authentication in progress - drop"); + return; + } + + if (os_memcmp(src, auth->peer_mac_addr, ETH_ALEN) != 0) { + wpa_printf(MSG_DEBUG, "DPP: MAC address mismatch (expected " + MACSTR ") - drop", MAC2STR(auth->peer_mac_addr)); + return; + } + + if (dpp_auth_conf_rx(auth, hdr, buf, len) < 0) { + wpa_printf(MSG_DEBUG, "DPP: Authentication failed"); + return; + } + + wpas_dpp_auth_success(wpa_s, 0); +} + + +static void wpas_dpp_rx_peer_disc_resp(struct wpa_supplicant *wpa_s, + const u8 *src, + const u8 *buf, size_t len) +{ + struct wpa_ssid *ssid; + const u8 *connector, *trans_id, *status; + u16 connector_len, trans_id_len, status_len; + struct dpp_introduction intro; + struct rsn_pmksa_cache_entry *entry; + struct os_time now; + struct os_reltime rnow; + os_time_t expiry; + unsigned int seconds; + enum dpp_status_error res; + + wpa_printf(MSG_DEBUG, "DPP: Peer Discovery Response from " MACSTR, + MAC2STR(src)); + if (is_zero_ether_addr(wpa_s->dpp_intro_bssid) || + os_memcmp(src, wpa_s->dpp_intro_bssid, ETH_ALEN) != 0) { + wpa_printf(MSG_DEBUG, "DPP: Not waiting for response from " + MACSTR " - drop", MAC2STR(src)); + return; + } + offchannel_send_action_done(wpa_s); + + for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) { + if (ssid == wpa_s->dpp_intro_network) + break; + } + if (!ssid || !ssid->dpp_connector || !ssid->dpp_netaccesskey || + !ssid->dpp_csign) { + wpa_printf(MSG_DEBUG, + "DPP: Profile not found for network introduction"); + return; + } + + trans_id = dpp_get_attr(buf, len, DPP_ATTR_TRANSACTION_ID, + &trans_id_len); + if (!trans_id || trans_id_len != 1) { + wpa_printf(MSG_DEBUG, + "DPP: Peer did not include Transaction ID"); + wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_INTRO "peer=" MACSTR + " fail=missing_transaction_id", MAC2STR(src)); + goto fail; + } + if (trans_id[0] != TRANSACTION_ID) { + wpa_printf(MSG_DEBUG, + "DPP: Ignore frame with unexpected Transaction ID %u", + trans_id[0]); + wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_INTRO "peer=" MACSTR + " fail=transaction_id_mismatch", MAC2STR(src)); + goto fail; + } + + status = dpp_get_attr(buf, len, DPP_ATTR_STATUS, &status_len); + if (!status || status_len != 1) { + wpa_printf(MSG_DEBUG, "DPP: Peer did not include Status"); + wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_INTRO "peer=" MACSTR + " fail=missing_status", MAC2STR(src)); + goto fail; + } + if (status[0] != DPP_STATUS_OK) { + wpa_printf(MSG_DEBUG, + "DPP: Peer rejected network introduction: Status %u", + status[0]); + wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_INTRO "peer=" MACSTR + " status=%u", MAC2STR(src), status[0]); + goto fail; + } + + connector = dpp_get_attr(buf, len, DPP_ATTR_CONNECTOR, &connector_len); + if (!connector) { + wpa_printf(MSG_DEBUG, + "DPP: Peer did not include its Connector"); + wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_INTRO "peer=" MACSTR + " fail=missing_connector", MAC2STR(src)); + goto fail; + } + + res = dpp_peer_intro(&intro, ssid->dpp_connector, + ssid->dpp_netaccesskey, + ssid->dpp_netaccesskey_len, + ssid->dpp_csign, + ssid->dpp_csign_len, + connector, connector_len, &expiry); + if (res != DPP_STATUS_OK) { + wpa_printf(MSG_INFO, + "DPP: Network Introduction protocol resulted in failure"); + wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_INTRO "peer=" MACSTR + " fail=peer_connector_validation_failed", MAC2STR(src)); + goto fail; + } + + entry = os_zalloc(sizeof(*entry)); + if (!entry) + goto fail; + os_memcpy(entry->aa, src, ETH_ALEN); + os_memcpy(entry->pmkid, intro.pmkid, PMKID_LEN); + os_memcpy(entry->pmk, intro.pmk, intro.pmk_len); + entry->pmk_len = intro.pmk_len; + entry->akmp = WPA_KEY_MGMT_DPP; + if (expiry) { + os_get_time(&now); + seconds = expiry - now.sec; + } else { + seconds = 86400 * 7; + } + os_get_reltime(&rnow); + entry->expiration = rnow.sec + seconds; + entry->reauth_time = rnow.sec + seconds; + entry->network_ctx = ssid; + wpa_sm_pmksa_cache_add_entry(wpa_s->wpa, entry); + + wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_INTRO "peer=" MACSTR + " status=%u", MAC2STR(src), status[0]); + + wpa_printf(MSG_DEBUG, + "DPP: Try connection again after successful network introduction"); + if (wpa_supplicant_fast_associate(wpa_s) != 1) { + wpa_supplicant_cancel_sched_scan(wpa_s); + wpa_supplicant_req_scan(wpa_s, 0, 0); + } +fail: + os_memset(&intro, 0, sizeof(intro)); +} + + +static int wpas_dpp_allow_ir(struct wpa_supplicant *wpa_s, unsigned int freq) +{ + int i, j; + + if (!wpa_s->hw.modes) + return -1; + + for (i = 0; i < wpa_s->hw.num_modes; i++) { + struct hostapd_hw_modes *mode = &wpa_s->hw.modes[i]; + + for (j = 0; j < mode->num_channels; j++) { + struct hostapd_channel_data *chan = &mode->channels[j]; + + if (chan->freq != (int) freq) + continue; + + if (chan->flag & (HOSTAPD_CHAN_DISABLED | + HOSTAPD_CHAN_NO_IR | + HOSTAPD_CHAN_RADAR)) + continue; + + return 1; + } + } + + wpa_printf(MSG_DEBUG, + "DPP: Frequency %u MHz not supported or does not allow PKEX initiation in the current channel list", + freq); + + return 0; +} + + +static int wpas_dpp_pkex_next_channel(struct wpa_supplicant *wpa_s, + struct dpp_pkex *pkex) +{ + if (pkex->freq == 2437) + pkex->freq = 5745; + else if (pkex->freq == 5745) + pkex->freq = 5220; + else if (pkex->freq == 5220) + pkex->freq = 60480; + else + return -1; /* no more channels to try */ + + if (wpas_dpp_allow_ir(wpa_s, pkex->freq) == 1) { + wpa_printf(MSG_DEBUG, "DPP: Try to initiate on %u MHz", + pkex->freq); + return 0; + } + + /* Could not use this channel - try the next one */ + return wpas_dpp_pkex_next_channel(wpa_s, pkex); +} + + +static void wpas_dpp_pkex_retry_timeout(void *eloop_ctx, void *timeout_ctx) +{ + struct wpa_supplicant *wpa_s = eloop_ctx; + struct dpp_pkex *pkex = wpa_s->dpp_pkex; + + if (!pkex || !pkex->exchange_req) + return; + if (pkex->exch_req_tries >= 5) { + if (wpas_dpp_pkex_next_channel(wpa_s, pkex) < 0) { + wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_FAIL + "No response from PKEX peer"); + dpp_pkex_free(pkex); + wpa_s->dpp_pkex = NULL; + return; + } + pkex->exch_req_tries = 0; + } + + pkex->exch_req_tries++; + wpa_printf(MSG_DEBUG, "DPP: Retransmit PKEX Exchange Request (try %u)", + pkex->exch_req_tries); + wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d", + MAC2STR(broadcast), pkex->freq, DPP_PA_PKEX_EXCHANGE_REQ); + offchannel_send_action(wpa_s, pkex->freq, broadcast, + wpa_s->own_addr, broadcast, + wpabuf_head(pkex->exchange_req), + wpabuf_len(pkex->exchange_req), + pkex->exch_req_wait_time, + wpas_dpp_tx_pkex_status, 0); +} + + +static void +wpas_dpp_tx_pkex_status(struct wpa_supplicant *wpa_s, + unsigned int freq, const u8 *dst, + const u8 *src, const u8 *bssid, + const u8 *data, size_t data_len, + enum offchannel_send_action_result result) +{ + const char *res_txt; + struct dpp_pkex *pkex = wpa_s->dpp_pkex; + + res_txt = result == OFFCHANNEL_SEND_ACTION_SUCCESS ? "SUCCESS" : + (result == OFFCHANNEL_SEND_ACTION_NO_ACK ? "no-ACK" : + "FAILED"); + wpa_printf(MSG_DEBUG, "DPP: TX status: freq=%u dst=" MACSTR + " result=%s (PKEX)", + freq, MAC2STR(dst), res_txt); + wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX_STATUS "dst=" MACSTR + " freq=%u result=%s", MAC2STR(dst), freq, res_txt); + + if (!pkex) { + wpa_printf(MSG_DEBUG, + "DPP: Ignore TX status since there is no ongoing PKEX exchange"); + return; + } + + if (pkex->failed) { + wpa_printf(MSG_DEBUG, + "DPP: Terminate PKEX exchange due to an earlier error"); + if (pkex->t > pkex->own_bi->pkex_t) + pkex->own_bi->pkex_t = pkex->t; + dpp_pkex_free(pkex); + wpa_s->dpp_pkex = NULL; + return; + } + + if (pkex->exch_req_wait_time && pkex->exchange_req) { + /* Wait for PKEX Exchange Response frame and retry request if + * no response is seen. */ + eloop_cancel_timeout(wpas_dpp_pkex_retry_timeout, wpa_s, NULL); + eloop_register_timeout(pkex->exch_req_wait_time / 1000, + (pkex->exch_req_wait_time % 1000) * 1000, + wpas_dpp_pkex_retry_timeout, wpa_s, + NULL); + } +} + + +static void +wpas_dpp_rx_pkex_exchange_req(struct wpa_supplicant *wpa_s, const u8 *src, + const u8 *buf, size_t len, unsigned int freq) +{ + struct wpabuf *msg; + unsigned int wait_time; + + wpa_printf(MSG_DEBUG, "DPP: PKEX Exchange Request from " MACSTR, + MAC2STR(src)); + + /* TODO: Support multiple PKEX codes by iterating over all the enabled + * values here */ + + if (!wpa_s->dpp_pkex_code || !wpa_s->dpp_pkex_bi) { + wpa_printf(MSG_DEBUG, + "DPP: No PKEX code configured - ignore request"); + return; + } + + if (wpa_s->dpp_pkex) { + /* TODO: Support parallel operations */ + wpa_printf(MSG_DEBUG, + "DPP: Already in PKEX session - ignore new request"); + return; + } + + wpa_s->dpp_pkex = dpp_pkex_rx_exchange_req(wpa_s, wpa_s->dpp_pkex_bi, + wpa_s->own_addr, src, + wpa_s->dpp_pkex_identifier, + wpa_s->dpp_pkex_code, + buf, len); + if (!wpa_s->dpp_pkex) { + wpa_printf(MSG_DEBUG, + "DPP: Failed to process the request - ignore it"); + return; + } + + msg = wpa_s->dpp_pkex->exchange_resp; + wait_time = wpa_s->max_remain_on_chan; + if (wait_time > 2000) + wait_time = 2000; + wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d", + MAC2STR(src), freq, DPP_PA_PKEX_EXCHANGE_RESP); + offchannel_send_action(wpa_s, freq, src, wpa_s->own_addr, + broadcast, + wpabuf_head(msg), wpabuf_len(msg), + wait_time, wpas_dpp_tx_pkex_status, 0); +} + + +static void +wpas_dpp_rx_pkex_exchange_resp(struct wpa_supplicant *wpa_s, const u8 *src, + const u8 *buf, size_t len, unsigned int freq) +{ + struct wpabuf *msg; + unsigned int wait_time; + + wpa_printf(MSG_DEBUG, "DPP: PKEX Exchange Response from " MACSTR, + MAC2STR(src)); + + /* TODO: Support multiple PKEX codes by iterating over all the enabled + * values here */ + + if (!wpa_s->dpp_pkex || !wpa_s->dpp_pkex->initiator || + wpa_s->dpp_pkex->exchange_done) { + wpa_printf(MSG_DEBUG, "DPP: No matching PKEX session"); + return; + } + + eloop_cancel_timeout(wpas_dpp_pkex_retry_timeout, wpa_s, NULL); + wpa_s->dpp_pkex->exch_req_wait_time = 0; + + msg = dpp_pkex_rx_exchange_resp(wpa_s->dpp_pkex, src, buf, len); + if (!msg) { + wpa_printf(MSG_DEBUG, "DPP: Failed to process the response"); + return; + } + + wpa_printf(MSG_DEBUG, "DPP: Send PKEX Commit-Reveal Request to " MACSTR, + MAC2STR(src)); + + wait_time = wpa_s->max_remain_on_chan; + if (wait_time > 2000) + wait_time = 2000; + wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d", + MAC2STR(src), freq, DPP_PA_PKEX_COMMIT_REVEAL_REQ); + offchannel_send_action(wpa_s, freq, src, wpa_s->own_addr, + broadcast, + wpabuf_head(msg), wpabuf_len(msg), + wait_time, wpas_dpp_tx_pkex_status, 0); + wpabuf_free(msg); +} + + +static struct dpp_bootstrap_info * +wpas_dpp_pkex_finish(struct wpa_supplicant *wpa_s, const u8 *peer, + unsigned int freq) +{ + struct dpp_pkex *pkex = wpa_s->dpp_pkex; + struct dpp_bootstrap_info *bi; + + bi = os_zalloc(sizeof(*bi)); + if (!bi) + return NULL; + bi->id = wpas_dpp_next_id(wpa_s); + bi->type = DPP_BOOTSTRAP_PKEX; + os_memcpy(bi->mac_addr, peer, ETH_ALEN); + bi->num_freq = 1; + bi->freq[0] = freq; + bi->curve = pkex->own_bi->curve; + bi->pubkey = pkex->peer_bootstrap_key; + pkex->peer_bootstrap_key = NULL; + dpp_pkex_free(pkex); + wpa_s->dpp_pkex = NULL; + if (dpp_bootstrap_key_hash(bi) < 0) { + dpp_bootstrap_info_free(bi); + return NULL; + } + dl_list_add(&wpa_s->dpp_bootstrap, &bi->list); + return bi; +} + + +static void +wpas_dpp_rx_pkex_commit_reveal_req(struct wpa_supplicant *wpa_s, const u8 *src, + const u8 *hdr, const u8 *buf, size_t len, + unsigned int freq) +{ + struct wpabuf *msg; + unsigned int wait_time; + struct dpp_pkex *pkex = wpa_s->dpp_pkex; + + wpa_printf(MSG_DEBUG, "DPP: PKEX Commit-Reveal Request from " MACSTR, + MAC2STR(src)); + + if (!pkex || pkex->initiator || !pkex->exchange_done) { + wpa_printf(MSG_DEBUG, "DPP: No matching PKEX session"); + return; + } + + msg = dpp_pkex_rx_commit_reveal_req(pkex, hdr, buf, len); + if (!msg) { + wpa_printf(MSG_DEBUG, "DPP: Failed to process the request"); + if (pkex->failed) { + wpa_printf(MSG_DEBUG, "DPP: Terminate PKEX exchange"); + if (pkex->t > pkex->own_bi->pkex_t) + pkex->own_bi->pkex_t = pkex->t; + dpp_pkex_free(wpa_s->dpp_pkex); + wpa_s->dpp_pkex = NULL; + } + return; + } + + wpa_printf(MSG_DEBUG, "DPP: Send PKEX Commit-Reveal Response to " + MACSTR, MAC2STR(src)); + + wait_time = wpa_s->max_remain_on_chan; + if (wait_time > 2000) + wait_time = 2000; + wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d", + MAC2STR(src), freq, DPP_PA_PKEX_COMMIT_REVEAL_RESP); + offchannel_send_action(wpa_s, freq, src, wpa_s->own_addr, + broadcast, + wpabuf_head(msg), wpabuf_len(msg), + wait_time, wpas_dpp_tx_pkex_status, 0); + wpabuf_free(msg); + + wpas_dpp_pkex_finish(wpa_s, src, freq); +} + + +static void +wpas_dpp_rx_pkex_commit_reveal_resp(struct wpa_supplicant *wpa_s, const u8 *src, + const u8 *hdr, const u8 *buf, size_t len, + unsigned int freq) +{ + int res; + struct dpp_bootstrap_info *bi; + struct dpp_pkex *pkex = wpa_s->dpp_pkex; + char cmd[500]; + + wpa_printf(MSG_DEBUG, "DPP: PKEX Commit-Reveal Response from " MACSTR, + MAC2STR(src)); + + if (!pkex || !pkex->initiator || !pkex->exchange_done) { + wpa_printf(MSG_DEBUG, "DPP: No matching PKEX session"); + return; + } + + res = dpp_pkex_rx_commit_reveal_resp(pkex, hdr, buf, len); + if (res < 0) { + wpa_printf(MSG_DEBUG, "DPP: Failed to process the response"); + return; + } + + bi = wpas_dpp_pkex_finish(wpa_s, src, freq); + if (!bi) + return; + + os_snprintf(cmd, sizeof(cmd), " peer=%u %s", + bi->id, + wpa_s->dpp_pkex_auth_cmd ? wpa_s->dpp_pkex_auth_cmd : ""); + wpa_printf(MSG_DEBUG, + "DPP: Start authentication after PKEX with parameters: %s", + cmd); + if (wpas_dpp_auth_init(wpa_s, cmd) < 0) { + wpa_printf(MSG_DEBUG, + "DPP: Authentication initialization failed"); + return; + } +} + + +void wpas_dpp_rx_action(struct wpa_supplicant *wpa_s, const u8 *src, + const u8 *buf, size_t len, unsigned int freq) +{ + u8 crypto_suite; + enum dpp_public_action_frame_type type; + const u8 *hdr; + unsigned int pkex_t; + + if (len < DPP_HDR_LEN) + return; + if (WPA_GET_BE24(buf) != OUI_WFA || buf[3] != DPP_OUI_TYPE) + return; + hdr = buf; + buf += 4; + len -= 4; + crypto_suite = *buf++; + type = *buf++; + len -= 2; + + wpa_printf(MSG_DEBUG, + "DPP: Received DPP Public Action frame crypto suite %u type %d from " + MACSTR " freq=%u", + crypto_suite, type, MAC2STR(src), freq); + if (crypto_suite != 1) { + wpa_printf(MSG_DEBUG, "DPP: Unsupported crypto suite %u", + crypto_suite); + wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_RX "src=" MACSTR + " freq=%u type=%d ignore=unsupported-crypto-suite", + MAC2STR(src), freq, type); + return; + } + wpa_hexdump(MSG_MSGDUMP, "DPP: Received message attributes", buf, len); + if (dpp_check_attrs(buf, len) < 0) { + wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_RX "src=" MACSTR + " freq=%u type=%d ignore=invalid-attributes", + MAC2STR(src), freq, type); + return; + } + wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_RX "src=" MACSTR " freq=%u type=%d", + MAC2STR(src), freq, type); + + switch (type) { + case DPP_PA_AUTHENTICATION_REQ: + wpas_dpp_rx_auth_req(wpa_s, src, hdr, buf, len, freq); + break; + case DPP_PA_AUTHENTICATION_RESP: + wpas_dpp_rx_auth_resp(wpa_s, src, hdr, buf, len, freq); + break; + case DPP_PA_AUTHENTICATION_CONF: + wpas_dpp_rx_auth_conf(wpa_s, src, hdr, buf, len); + break; + case DPP_PA_PEER_DISCOVERY_RESP: + wpas_dpp_rx_peer_disc_resp(wpa_s, src, buf, len); + break; + case DPP_PA_PKEX_EXCHANGE_REQ: + wpas_dpp_rx_pkex_exchange_req(wpa_s, src, buf, len, freq); + break; + case DPP_PA_PKEX_EXCHANGE_RESP: + wpas_dpp_rx_pkex_exchange_resp(wpa_s, src, buf, len, freq); + break; + case DPP_PA_PKEX_COMMIT_REVEAL_REQ: + wpas_dpp_rx_pkex_commit_reveal_req(wpa_s, src, hdr, buf, len, + freq); + break; + case DPP_PA_PKEX_COMMIT_REVEAL_RESP: + wpas_dpp_rx_pkex_commit_reveal_resp(wpa_s, src, hdr, buf, len, + freq); + break; + default: + wpa_printf(MSG_DEBUG, + "DPP: Ignored unsupported frame subtype %d", type); + break; + } + + if (wpa_s->dpp_pkex) + pkex_t = wpa_s->dpp_pkex->t; + else if (wpa_s->dpp_pkex_bi) + pkex_t = wpa_s->dpp_pkex_bi->pkex_t; + else + pkex_t = 0; + if (pkex_t >= PKEX_COUNTER_T_LIMIT) { + wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_PKEX_T_LIMIT "id=0"); + wpas_dpp_pkex_remove(wpa_s, "*"); + } +} + + +static struct wpabuf * +wpas_dpp_gas_req_handler(void *ctx, const u8 *sa, const u8 *query, + size_t query_len) +{ + struct wpa_supplicant *wpa_s = ctx; + struct dpp_authentication *auth = wpa_s->dpp_auth; + struct wpabuf *resp; + + wpa_printf(MSG_DEBUG, "DPP: GAS request from " MACSTR, + MAC2STR(sa)); + if (!auth || !auth->auth_success || + os_memcmp(sa, auth->peer_mac_addr, ETH_ALEN) != 0) { + wpa_printf(MSG_DEBUG, "DPP: No matching exchange in progress"); + return NULL; + } + wpa_hexdump(MSG_DEBUG, + "DPP: Received Configuration Request (GAS Query Request)", + query, query_len); + wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_REQ_RX "src=" MACSTR, + MAC2STR(sa)); + resp = dpp_conf_req_rx(auth, query, query_len); + if (!resp) + wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_FAILED); + auth->conf_resp = resp; + return resp; +} + + +static void +wpas_dpp_gas_status_handler(void *ctx, struct wpabuf *resp, int ok) +{ + struct wpa_supplicant *wpa_s = ctx; + struct dpp_authentication *auth = wpa_s->dpp_auth; + + if (!auth) { + wpabuf_free(resp); + return; + } + if (auth->conf_resp != resp) { + wpa_printf(MSG_DEBUG, + "DPP: Ignore GAS status report (ok=%d) for unknown response", + ok); + wpabuf_free(resp); + return; + } + + wpa_printf(MSG_DEBUG, "DPP: Configuration exchange completed (ok=%d)", + ok); + eloop_cancel_timeout(wpas_dpp_reply_wait_timeout, wpa_s, NULL); + eloop_cancel_timeout(wpas_dpp_auth_resp_retry_timeout, wpa_s, NULL); + offchannel_send_action_done(wpa_s); + wpas_dpp_listen_stop(wpa_s); + if (ok) + wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_SENT); + else + wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_FAILED); + dpp_auth_deinit(wpa_s->dpp_auth); + wpa_s->dpp_auth = NULL; + wpabuf_free(resp); +} + + +static unsigned int wpas_dpp_next_configurator_id(struct wpa_supplicant *wpa_s) +{ + struct dpp_configurator *conf; + unsigned int max_id = 0; + + dl_list_for_each(conf, &wpa_s->dpp_configurator, + struct dpp_configurator, list) { + if (conf->id > max_id) + max_id = conf->id; + } + return max_id + 1; +} + + +int wpas_dpp_configurator_add(struct wpa_supplicant *wpa_s, const char *cmd) +{ + char *curve = NULL; + char *key = NULL; + u8 *privkey = NULL; + size_t privkey_len = 0; + int ret = -1; + struct dpp_configurator *conf = NULL; + + curve = get_param(cmd, " curve="); + key = get_param(cmd, " key="); + + if (key) { + privkey_len = os_strlen(key) / 2; + privkey = os_malloc(privkey_len); + if (!privkey || + hexstr2bin(key, privkey, privkey_len) < 0) + goto fail; + } + + conf = dpp_keygen_configurator(curve, privkey, privkey_len); + if (!conf) + goto fail; + + conf->id = wpas_dpp_next_configurator_id(wpa_s); + dl_list_add(&wpa_s->dpp_configurator, &conf->list); + ret = conf->id; + conf = NULL; +fail: + os_free(curve); + str_clear_free(key); + bin_clear_free(privkey, privkey_len); + dpp_configurator_free(conf); + return ret; +} + + +static int dpp_configurator_del(struct wpa_supplicant *wpa_s, unsigned int id) +{ + struct dpp_configurator *conf, *tmp; + int found = 0; + + dl_list_for_each_safe(conf, tmp, &wpa_s->dpp_configurator, + struct dpp_configurator, list) { + if (id && conf->id != id) + continue; + found = 1; + dl_list_del(&conf->list); + dpp_configurator_free(conf); + } + + if (id == 0) + return 0; /* flush succeeds regardless of entries found */ + return found ? 0 : -1; +} + + +int wpas_dpp_configurator_remove(struct wpa_supplicant *wpa_s, const char *id) +{ + unsigned int id_val; + + if (os_strcmp(id, "*") == 0) { + id_val = 0; + } else { + id_val = atoi(id); + if (id_val == 0) + return -1; + } + + return dpp_configurator_del(wpa_s, id_val); +} + + +int wpas_dpp_configurator_sign(struct wpa_supplicant *wpa_s, const char *cmd) +{ + struct dpp_authentication *auth; + int ret = -1; + char *curve = NULL; + + auth = os_zalloc(sizeof(*auth)); + if (!auth) + return -1; + + curve = get_param(cmd, " curve="); + wpas_dpp_set_testing_options(wpa_s, auth); + if (wpas_dpp_set_configurator(wpa_s, auth, cmd) == 0 && + dpp_configurator_own_config(auth, curve, 0) == 0) { + wpas_dpp_handle_config_obj(wpa_s, auth); + ret = 0; + } + + dpp_auth_deinit(auth); + os_free(curve); + + return ret; +} + + +int wpas_dpp_configurator_get_key(struct wpa_supplicant *wpa_s, unsigned int id, + char *buf, size_t buflen) +{ + struct dpp_configurator *conf; + + conf = dpp_configurator_get_id(wpa_s, id); + if (!conf) + return -1; + + return dpp_configurator_get_key(conf, buf, buflen); +} + + +static void +wpas_dpp_tx_introduction_status(struct wpa_supplicant *wpa_s, + unsigned int freq, const u8 *dst, + const u8 *src, const u8 *bssid, + const u8 *data, size_t data_len, + enum offchannel_send_action_result result) +{ + const char *res_txt; + + res_txt = result == OFFCHANNEL_SEND_ACTION_SUCCESS ? "SUCCESS" : + (result == OFFCHANNEL_SEND_ACTION_NO_ACK ? "no-ACK" : + "FAILED"); + wpa_printf(MSG_DEBUG, "DPP: TX status: freq=%u dst=" MACSTR + " result=%s (DPP Peer Discovery Request)", + freq, MAC2STR(dst), res_txt); + wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX_STATUS "dst=" MACSTR + " freq=%u result=%s", MAC2STR(dst), freq, res_txt); + /* TODO: Time out wait for response more quickly in error cases? */ +} + + +int wpas_dpp_check_connect(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid, + struct wpa_bss *bss) +{ + struct os_time now; + struct wpabuf *msg; + unsigned int wait_time; + + if (!(ssid->key_mgmt & WPA_KEY_MGMT_DPP) || !bss) + return 0; /* Not using DPP AKM - continue */ + if (wpa_sm_pmksa_exists(wpa_s->wpa, bss->bssid, ssid)) + return 0; /* PMKSA exists for DPP AKM - continue */ + + if (!ssid->dpp_connector || !ssid->dpp_netaccesskey || + !ssid->dpp_csign) { + wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_MISSING_CONNECTOR + "missing %s", + !ssid->dpp_connector ? "Connector" : + (!ssid->dpp_netaccesskey ? "netAccessKey" : + "C-sign-key")); + return -1; + } + + os_get_time(&now); + + if (ssid->dpp_netaccesskey_expiry && + (os_time_t) ssid->dpp_netaccesskey_expiry < now.sec) { + wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_MISSING_CONNECTOR + "netAccessKey expired"); + return -1; + } + + wpa_printf(MSG_DEBUG, + "DPP: Starting network introduction protocol to derive PMKSA for " + MACSTR, MAC2STR(bss->bssid)); + + msg = dpp_alloc_msg(DPP_PA_PEER_DISCOVERY_REQ, + 5 + 4 + os_strlen(ssid->dpp_connector)); + if (!msg) + return -1; + +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_test == DPP_TEST_NO_TRANSACTION_ID_PEER_DISC_REQ) { + wpa_printf(MSG_INFO, "DPP: TESTING - no Transaction ID"); + goto skip_trans_id; + } + if (dpp_test == DPP_TEST_INVALID_TRANSACTION_ID_PEER_DISC_REQ) { + wpa_printf(MSG_INFO, "DPP: TESTING - invalid Transaction ID"); + wpabuf_put_le16(msg, DPP_ATTR_TRANSACTION_ID); + wpabuf_put_le16(msg, 0); + goto skip_trans_id; + } +#endif /* CONFIG_TESTING_OPTIONS */ + + /* Transaction ID */ + wpabuf_put_le16(msg, DPP_ATTR_TRANSACTION_ID); + wpabuf_put_le16(msg, 1); + wpabuf_put_u8(msg, TRANSACTION_ID); + +#ifdef CONFIG_TESTING_OPTIONS +skip_trans_id: + if (dpp_test == DPP_TEST_NO_CONNECTOR_PEER_DISC_REQ) { + wpa_printf(MSG_INFO, "DPP: TESTING - no Connector"); + goto skip_connector; + } + if (dpp_test == DPP_TEST_INVALID_CONNECTOR_PEER_DISC_REQ) { + char *connector; + + wpa_printf(MSG_INFO, "DPP: TESTING - invalid Connector"); + connector = dpp_corrupt_connector_signature( + ssid->dpp_connector); + if (!connector) { + wpabuf_free(msg); + return -1; + } + wpabuf_put_le16(msg, DPP_ATTR_CONNECTOR); + wpabuf_put_le16(msg, os_strlen(connector)); + wpabuf_put_str(msg, connector); + os_free(connector); + goto skip_connector; + } +#endif /* CONFIG_TESTING_OPTIONS */ + + /* DPP Connector */ + wpabuf_put_le16(msg, DPP_ATTR_CONNECTOR); + wpabuf_put_le16(msg, os_strlen(ssid->dpp_connector)); + wpabuf_put_str(msg, ssid->dpp_connector); + +#ifdef CONFIG_TESTING_OPTIONS +skip_connector: +#endif /* CONFIG_TESTING_OPTIONS */ + + /* TODO: Timeout on AP response */ + wait_time = wpa_s->max_remain_on_chan; + if (wait_time > 2000) + wait_time = 2000; + wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d", + MAC2STR(bss->bssid), bss->freq, DPP_PA_PEER_DISCOVERY_REQ); + offchannel_send_action(wpa_s, bss->freq, bss->bssid, wpa_s->own_addr, + broadcast, + wpabuf_head(msg), wpabuf_len(msg), + wait_time, wpas_dpp_tx_introduction_status, 0); + wpabuf_free(msg); + + /* Request this connection attempt to terminate - new one will be + * started when network introduction protocol completes */ + os_memcpy(wpa_s->dpp_intro_bssid, bss->bssid, ETH_ALEN); + wpa_s->dpp_intro_network = ssid; + return 1; +} + + +int wpas_dpp_pkex_add(struct wpa_supplicant *wpa_s, const char *cmd) +{ + struct dpp_bootstrap_info *own_bi; + const char *pos, *end; + unsigned int wait_time; + + pos = os_strstr(cmd, " own="); + if (!pos) + return -1; + pos += 5; + own_bi = dpp_bootstrap_get_id(wpa_s, atoi(pos)); + if (!own_bi) { + wpa_printf(MSG_DEBUG, + "DPP: Identified bootstrap info not found"); + return -1; + } + if (own_bi->type != DPP_BOOTSTRAP_PKEX) { + wpa_printf(MSG_DEBUG, + "DPP: Identified bootstrap info not for PKEX"); + return -1; + } + wpa_s->dpp_pkex_bi = own_bi; + own_bi->pkex_t = 0; /* clear pending errors on new code */ + + os_free(wpa_s->dpp_pkex_identifier); + wpa_s->dpp_pkex_identifier = NULL; + pos = os_strstr(cmd, " identifier="); + if (pos) { + pos += 12; + end = os_strchr(pos, ' '); + if (!end) + return -1; + wpa_s->dpp_pkex_identifier = os_malloc(end - pos + 1); + if (!wpa_s->dpp_pkex_identifier) + return -1; + os_memcpy(wpa_s->dpp_pkex_identifier, pos, end - pos); + wpa_s->dpp_pkex_identifier[end - pos] = '\0'; + } + + pos = os_strstr(cmd, " code="); + if (!pos) + return -1; + os_free(wpa_s->dpp_pkex_code); + wpa_s->dpp_pkex_code = os_strdup(pos + 6); + if (!wpa_s->dpp_pkex_code) + return -1; + + if (os_strstr(cmd, " init=1")) { + struct dpp_pkex *pkex; + struct wpabuf *msg; + + wpa_printf(MSG_DEBUG, "DPP: Initiating PKEX"); + dpp_pkex_free(wpa_s->dpp_pkex); + wpa_s->dpp_pkex = dpp_pkex_init(wpa_s, own_bi, wpa_s->own_addr, + wpa_s->dpp_pkex_identifier, + wpa_s->dpp_pkex_code); + pkex = wpa_s->dpp_pkex; + if (!pkex) + return -1; + + msg = pkex->exchange_req; + wait_time = wpa_s->max_remain_on_chan; + if (wait_time > 2000) + wait_time = 2000; + pkex->freq = 2437; + wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR + " freq=%u type=%d", + MAC2STR(broadcast), pkex->freq, + DPP_PA_PKEX_EXCHANGE_REQ); + offchannel_send_action(wpa_s, pkex->freq, broadcast, + wpa_s->own_addr, broadcast, + wpabuf_head(msg), wpabuf_len(msg), + wait_time, wpas_dpp_tx_pkex_status, 0); + if (wait_time == 0) + wait_time = 2000; + pkex->exch_req_wait_time = wait_time; + pkex->exch_req_tries = 1; + } + + /* TODO: Support multiple PKEX info entries */ + + os_free(wpa_s->dpp_pkex_auth_cmd); + wpa_s->dpp_pkex_auth_cmd = os_strdup(cmd); + + return 1; +} + + +int wpas_dpp_pkex_remove(struct wpa_supplicant *wpa_s, const char *id) +{ + unsigned int id_val; + + if (os_strcmp(id, "*") == 0) { + id_val = 0; + } else { + id_val = atoi(id); + if (id_val == 0) + return -1; + } + + if ((id_val != 0 && id_val != 1) || !wpa_s->dpp_pkex_code) + return -1; + + /* TODO: Support multiple PKEX entries */ + os_free(wpa_s->dpp_pkex_code); + wpa_s->dpp_pkex_code = NULL; + os_free(wpa_s->dpp_pkex_identifier); + wpa_s->dpp_pkex_identifier = NULL; + os_free(wpa_s->dpp_pkex_auth_cmd); + wpa_s->dpp_pkex_auth_cmd = NULL; + wpa_s->dpp_pkex_bi = NULL; + /* TODO: Remove dpp_pkex only if it is for the identified PKEX code */ + dpp_pkex_free(wpa_s->dpp_pkex); + wpa_s->dpp_pkex = NULL; + return 0; +} + + +void wpas_dpp_stop(struct wpa_supplicant *wpa_s) +{ + dpp_auth_deinit(wpa_s->dpp_auth); + wpa_s->dpp_auth = NULL; + dpp_pkex_free(wpa_s->dpp_pkex); + wpa_s->dpp_pkex = NULL; + if (wpa_s->dpp_gas_client && wpa_s->dpp_gas_dialog_token >= 0) + gas_query_stop(wpa_s->gas, wpa_s->dpp_gas_dialog_token); +} + + +int wpas_dpp_init(struct wpa_supplicant *wpa_s) +{ + u8 adv_proto_id[7]; + + adv_proto_id[0] = WLAN_EID_VENDOR_SPECIFIC; + adv_proto_id[1] = 5; + WPA_PUT_BE24(&adv_proto_id[2], OUI_WFA); + adv_proto_id[5] = DPP_OUI_TYPE; + adv_proto_id[6] = 0x01; + + if (gas_server_register(wpa_s->gas_server, adv_proto_id, + sizeof(adv_proto_id), wpas_dpp_gas_req_handler, + wpas_dpp_gas_status_handler, wpa_s) < 0) + return -1; + dl_list_init(&wpa_s->dpp_bootstrap); + dl_list_init(&wpa_s->dpp_configurator); + wpa_s->dpp_init_done = 1; + return 0; +} + + +void wpas_dpp_deinit(struct wpa_supplicant *wpa_s) +{ +#ifdef CONFIG_TESTING_OPTIONS + os_free(wpa_s->dpp_config_obj_override); + wpa_s->dpp_config_obj_override = NULL; + os_free(wpa_s->dpp_discovery_override); + wpa_s->dpp_discovery_override = NULL; + os_free(wpa_s->dpp_groups_override); + wpa_s->dpp_groups_override = NULL; + wpa_s->dpp_ignore_netaccesskey_mismatch = 0; +#endif /* CONFIG_TESTING_OPTIONS */ + if (!wpa_s->dpp_init_done) + return; + eloop_cancel_timeout(wpas_dpp_pkex_retry_timeout, wpa_s, NULL); + eloop_cancel_timeout(wpas_dpp_reply_wait_timeout, wpa_s, NULL); + eloop_cancel_timeout(wpas_dpp_init_timeout, wpa_s, NULL); + eloop_cancel_timeout(wpas_dpp_auth_resp_retry_timeout, wpa_s, NULL); + offchannel_send_action_done(wpa_s); + wpas_dpp_listen_stop(wpa_s); + dpp_bootstrap_del(wpa_s, 0); + dpp_configurator_del(wpa_s, 0); + wpas_dpp_stop(wpa_s); + wpas_dpp_pkex_remove(wpa_s, "*"); + os_memset(wpa_s->dpp_intro_bssid, 0, ETH_ALEN); + os_free(wpa_s->dpp_configurator_params); + wpa_s->dpp_configurator_params = NULL; +} diff --git a/contrib/wpa/wpa_supplicant/dpp_supplicant.h b/contrib/wpa/wpa_supplicant/dpp_supplicant.h new file mode 100644 index 000000000000..5a4f06e2e97e --- /dev/null +++ b/contrib/wpa/wpa_supplicant/dpp_supplicant.h @@ -0,0 +1,39 @@ +/* + * wpa_supplicant - DPP + * Copyright (c) 2017, Qualcomm Atheros, Inc. + * + * This software may be distributed under the terms of the BSD license. + * See README for more details. + */ + +#ifndef DPP_SUPPLICANT_H +#define DPP_SUPPLICANT_H + +int wpas_dpp_qr_code(struct wpa_supplicant *wpa_s, const char *cmd); +int wpas_dpp_bootstrap_gen(struct wpa_supplicant *wpa_s, const char *cmd); +int wpas_dpp_bootstrap_remove(struct wpa_supplicant *wpa_s, const char *id); +const char * wpas_dpp_bootstrap_get_uri(struct wpa_supplicant *wpa_s, + unsigned int id); +int wpas_dpp_bootstrap_info(struct wpa_supplicant *wpa_s, int id, + char *reply, int reply_size); +int wpas_dpp_auth_init(struct wpa_supplicant *wpa_s, const char *cmd); +int wpas_dpp_listen(struct wpa_supplicant *wpa_s, const char *cmd); +void wpas_dpp_listen_stop(struct wpa_supplicant *wpa_s); +void wpas_dpp_cancel_remain_on_channel_cb(struct wpa_supplicant *wpa_s, + unsigned int freq); +void wpas_dpp_rx_action(struct wpa_supplicant *wpa_s, const u8 *src, + const u8 *buf, size_t len, unsigned int freq); +int wpas_dpp_configurator_add(struct wpa_supplicant *wpa_s, const char *cmd); +int wpas_dpp_configurator_remove(struct wpa_supplicant *wpa_s, const char *id); +int wpas_dpp_configurator_sign(struct wpa_supplicant *wpa_s, const char *cmd); +int wpas_dpp_configurator_get_key(struct wpa_supplicant *wpa_s, unsigned int id, + char *buf, size_t buflen); +int wpas_dpp_pkex_add(struct wpa_supplicant *wpa_s, const char *cmd); +int wpas_dpp_pkex_remove(struct wpa_supplicant *wpa_s, const char *id); +void wpas_dpp_stop(struct wpa_supplicant *wpa_s); +int wpas_dpp_init(struct wpa_supplicant *wpa_s); +void wpas_dpp_deinit(struct wpa_supplicant *wpa_s); +int wpas_dpp_check_connect(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid, + struct wpa_bss *bss); + +#endif /* DPP_SUPPLICANT_H */ diff --git a/contrib/wpa/wpa_supplicant/driver_i.h b/contrib/wpa/wpa_supplicant/driver_i.h index 220b7ba3ddca..078de23f794f 100644 --- a/contrib/wpa/wpa_supplicant/driver_i.h +++ b/contrib/wpa/wpa_supplicant/driver_i.h @@ -189,20 +189,19 @@ static inline int wpa_drv_deauthenticate(struct wpa_supplicant *wpa_s, } static inline int wpa_drv_add_pmkid(struct wpa_supplicant *wpa_s, - const u8 *bssid, const u8 *pmkid) + struct wpa_pmkid_params *params) { if (wpa_s->driver->add_pmkid) { - return wpa_s->driver->add_pmkid(wpa_s->drv_priv, bssid, pmkid); + return wpa_s->driver->add_pmkid(wpa_s->drv_priv, params); } return -1; } static inline int wpa_drv_remove_pmkid(struct wpa_supplicant *wpa_s, - const u8 *bssid, const u8 *pmkid) + struct wpa_pmkid_params *params) { if (wpa_s->driver->remove_pmkid) { - return wpa_s->driver->remove_pmkid(wpa_s->drv_priv, bssid, - pmkid); + return wpa_s->driver->remove_pmkid(wpa_s->drv_priv, params); } return -1; } @@ -276,11 +275,12 @@ static inline int wpa_drv_mlme_setprotection(struct wpa_supplicant *wpa_s, static inline struct hostapd_hw_modes * wpa_drv_get_hw_feature_data(struct wpa_supplicant *wpa_s, u16 *num_modes, - u16 *flags) + u16 *flags, u8 *dfs_domain) { if (wpa_s->driver->get_hw_feature_data) return wpa_s->driver->get_hw_feature_data(wpa_s->drv_priv, - num_modes, flags); + num_modes, flags, + dfs_domain); return NULL; } @@ -689,6 +689,14 @@ static inline int wpa_drv_roaming(struct wpa_supplicant *wpa_s, int allowed, return wpa_s->driver->roaming(wpa_s->drv_priv, allowed, bssid); } +static inline int wpa_drv_disable_fils(struct wpa_supplicant *wpa_s, + int disable) +{ + if (!wpa_s->driver->disable_fils) + return -1; + return wpa_s->driver->disable_fils(wpa_s->drv_priv, disable); +} + static inline int wpa_drv_set_mac_addr(struct wpa_supplicant *wpa_s, const u8 *addr) { @@ -715,6 +723,14 @@ static inline int wpa_drv_macsec_deinit(struct wpa_supplicant *wpa_s) return wpa_s->driver->macsec_deinit(wpa_s->drv_priv); } +static inline int wpa_drv_macsec_get_capability(struct wpa_supplicant *wpa_s, + enum macsec_cap *cap) +{ + if (!wpa_s->driver->macsec_get_capability) + return -1; + return wpa_s->driver->macsec_get_capability(wpa_s->drv_priv, cap); +} + static inline int wpa_drv_enable_protect_frames(struct wpa_supplicant *wpa_s, Boolean enabled) { @@ -723,6 +739,14 @@ static inline int wpa_drv_enable_protect_frames(struct wpa_supplicant *wpa_s, return wpa_s->driver->enable_protect_frames(wpa_s->drv_priv, enabled); } +static inline int wpa_drv_enable_encrypt(struct wpa_supplicant *wpa_s, + Boolean enabled) +{ + if (!wpa_s->driver->enable_encrypt) + return -1; + return wpa_s->driver->enable_encrypt(wpa_s->drv_priv, enabled); +} + static inline int wpa_drv_set_replay_protect(struct wpa_supplicant *wpa_s, Boolean enabled, u32 window) { @@ -749,145 +773,127 @@ static inline int wpa_drv_enable_controlled_port(struct wpa_supplicant *wpa_s, } static inline int wpa_drv_get_receive_lowest_pn(struct wpa_supplicant *wpa_s, - u32 channel, u8 an, - u32 *lowest_pn) + struct receive_sa *sa) { if (!wpa_s->driver->get_receive_lowest_pn) return -1; - return wpa_s->driver->get_receive_lowest_pn(wpa_s->drv_priv, channel, - an, lowest_pn); + return wpa_s->driver->get_receive_lowest_pn(wpa_s->drv_priv, sa); } static inline int wpa_drv_get_transmit_next_pn(struct wpa_supplicant *wpa_s, - u32 channel, u8 an, - u32 *next_pn) + struct transmit_sa *sa) { if (!wpa_s->driver->get_transmit_next_pn) return -1; - return wpa_s->driver->get_transmit_next_pn(wpa_s->drv_priv, channel, - an, next_pn); + return wpa_s->driver->get_transmit_next_pn(wpa_s->drv_priv, sa); } static inline int wpa_drv_set_transmit_next_pn(struct wpa_supplicant *wpa_s, - u32 channel, u8 an, - u32 next_pn) + struct transmit_sa *sa) { if (!wpa_s->driver->set_transmit_next_pn) return -1; - return wpa_s->driver->set_transmit_next_pn(wpa_s->drv_priv, channel, - an, next_pn); -} - -static inline int wpa_drv_get_available_receive_sc(struct wpa_supplicant *wpa_s, - u32 *channel) -{ - if (!wpa_s->driver->get_available_receive_sc) - return -1; - return wpa_s->driver->get_available_receive_sc(wpa_s->drv_priv, - channel); + return wpa_s->driver->set_transmit_next_pn(wpa_s->drv_priv, sa); } static inline int -wpa_drv_create_receive_sc(struct wpa_supplicant *wpa_s, u32 channel, - const u8 *sci_addr, u16 sci_port, +wpa_drv_create_receive_sc(struct wpa_supplicant *wpa_s, struct receive_sc *sc, unsigned int conf_offset, int validation) { if (!wpa_s->driver->create_receive_sc) return -1; - return wpa_s->driver->create_receive_sc(wpa_s->drv_priv, channel, - sci_addr, sci_port, conf_offset, - validation); + return wpa_s->driver->create_receive_sc(wpa_s->drv_priv, sc, + conf_offset, validation); } static inline int wpa_drv_delete_receive_sc(struct wpa_supplicant *wpa_s, - u32 channel) + struct receive_sc *sc) { if (!wpa_s->driver->delete_receive_sc) return -1; - return wpa_s->driver->delete_receive_sc(wpa_s->drv_priv, channel); + return wpa_s->driver->delete_receive_sc(wpa_s->drv_priv, sc); } static inline int wpa_drv_create_receive_sa(struct wpa_supplicant *wpa_s, - u32 channel, u8 an, - u32 lowest_pn, const u8 *sak) + struct receive_sa *sa) { if (!wpa_s->driver->create_receive_sa) return -1; - return wpa_s->driver->create_receive_sa(wpa_s->drv_priv, channel, an, - lowest_pn, sak); + return wpa_s->driver->create_receive_sa(wpa_s->drv_priv, sa); } -static inline int wpa_drv_enable_receive_sa(struct wpa_supplicant *wpa_s, - u32 channel, u8 an) +static inline int wpa_drv_delete_receive_sa(struct wpa_supplicant *wpa_s, + struct receive_sa *sa) { - if (!wpa_s->driver->enable_receive_sa) + if (!wpa_s->driver->delete_receive_sa) return -1; - return wpa_s->driver->enable_receive_sa(wpa_s->drv_priv, channel, an); + return wpa_s->driver->delete_receive_sa(wpa_s->drv_priv, sa); } -static inline int wpa_drv_disable_receive_sa(struct wpa_supplicant *wpa_s, - u32 channel, u8 an) +static inline int wpa_drv_enable_receive_sa(struct wpa_supplicant *wpa_s, + struct receive_sa *sa) { - if (!wpa_s->driver->disable_receive_sa) + if (!wpa_s->driver->enable_receive_sa) return -1; - return wpa_s->driver->disable_receive_sa(wpa_s->drv_priv, channel, an); + return wpa_s->driver->enable_receive_sa(wpa_s->drv_priv, sa); } -static inline int -wpa_drv_get_available_transmit_sc(struct wpa_supplicant *wpa_s, u32 *channel) +static inline int wpa_drv_disable_receive_sa(struct wpa_supplicant *wpa_s, + struct receive_sa *sa) { - if (!wpa_s->driver->get_available_transmit_sc) + if (!wpa_s->driver->disable_receive_sa) return -1; - return wpa_s->driver->get_available_transmit_sc(wpa_s->drv_priv, - channel); + return wpa_s->driver->disable_receive_sa(wpa_s->drv_priv, sa); } static inline int -wpa_drv_create_transmit_sc(struct wpa_supplicant *wpa_s, u32 channel, - const u8 *sci_addr, u16 sci_port, +wpa_drv_create_transmit_sc(struct wpa_supplicant *wpa_s, struct transmit_sc *sc, unsigned int conf_offset) { if (!wpa_s->driver->create_transmit_sc) return -1; - return wpa_s->driver->create_transmit_sc(wpa_s->drv_priv, channel, - sci_addr, sci_port, + return wpa_s->driver->create_transmit_sc(wpa_s->drv_priv, sc, conf_offset); } static inline int wpa_drv_delete_transmit_sc(struct wpa_supplicant *wpa_s, - u32 channel) + struct transmit_sc *sc) { if (!wpa_s->driver->delete_transmit_sc) return -1; - return wpa_s->driver->delete_transmit_sc(wpa_s->drv_priv, channel); + return wpa_s->driver->delete_transmit_sc(wpa_s->drv_priv, sc); } static inline int wpa_drv_create_transmit_sa(struct wpa_supplicant *wpa_s, - u32 channel, u8 an, - u32 next_pn, - Boolean confidentiality, - const u8 *sak) + struct transmit_sa *sa) { if (!wpa_s->driver->create_transmit_sa) return -1; - return wpa_s->driver->create_transmit_sa(wpa_s->drv_priv, channel, an, - next_pn, confidentiality, sak); + return wpa_s->driver->create_transmit_sa(wpa_s->drv_priv, sa); +} + +static inline int wpa_drv_delete_transmit_sa(struct wpa_supplicant *wpa_s, + struct transmit_sa *sa) +{ + if (!wpa_s->driver->delete_transmit_sa) + return -1; + return wpa_s->driver->delete_transmit_sa(wpa_s->drv_priv, sa); } static inline int wpa_drv_enable_transmit_sa(struct wpa_supplicant *wpa_s, - u32 channel, u8 an) + struct transmit_sa *sa) { if (!wpa_s->driver->enable_transmit_sa) return -1; - return wpa_s->driver->enable_transmit_sa(wpa_s->drv_priv, channel, an); + return wpa_s->driver->enable_transmit_sa(wpa_s->drv_priv, sa); } static inline int wpa_drv_disable_transmit_sa(struct wpa_supplicant *wpa_s, - u32 channel, u8 an) + struct transmit_sa *sa) { if (!wpa_s->driver->disable_transmit_sa) return -1; - return wpa_s->driver->disable_transmit_sa(wpa_s->drv_priv, channel, an); + return wpa_s->driver->disable_transmit_sa(wpa_s->drv_priv, sa); } #endif /* CONFIG_MACSEC */ @@ -904,6 +910,11 @@ static inline int wpa_drv_get_pref_freq_list(struct wpa_supplicant *wpa_s, unsigned int *num, unsigned int *freq_list) { +#ifdef CONFIG_TESTING_OPTIONS + if (wpa_s->get_pref_freq_list_override) + return wpas_ctrl_iface_get_pref_freq_list_override( + wpa_s, if_type, num, freq_list); +#endif /* CONFIG_TESTING_OPTIONS */ if (!wpa_s->driver->get_pref_freq_list) return -1; return wpa_s->driver->get_pref_freq_list(wpa_s->drv_priv, if_type, @@ -918,11 +929,12 @@ static inline int wpa_drv_set_prob_oper_freq(struct wpa_supplicant *wpa_s, return wpa_s->driver->set_prob_oper_freq(wpa_s->drv_priv, freq); } -static inline int wpa_drv_abort_scan(struct wpa_supplicant *wpa_s) +static inline int wpa_drv_abort_scan(struct wpa_supplicant *wpa_s, + u64 scan_cookie) { if (!wpa_s->driver->abort_scan) return -1; - return wpa_s->driver->abort_scan(wpa_s->drv_priv); + return wpa_s->driver->abort_scan(wpa_s->drv_priv, scan_cookie); } static inline int wpa_drv_configure_frame_filters(struct wpa_supplicant *wpa_s, @@ -976,4 +988,62 @@ static inline int wpa_drv_set_default_scan_ies(struct wpa_supplicant *wpa_s, return wpa_s->driver->set_default_scan_ies(wpa_s->drv_priv, ies, len); } +static inline int wpa_drv_set_tdls_mode(struct wpa_supplicant *wpa_s, + int tdls_external_control) +{ + if (!wpa_s->driver->set_tdls_mode) + return -1; + return wpa_s->driver->set_tdls_mode(wpa_s->drv_priv, + tdls_external_control); +} + +static inline struct wpa_bss_candidate_info * +wpa_drv_get_bss_trans_status(struct wpa_supplicant *wpa_s, + struct wpa_bss_trans_info *params) +{ + if (!wpa_s->driver->get_bss_transition_status) + return NULL; + return wpa_s->driver->get_bss_transition_status(wpa_s->drv_priv, + params); +} + +static inline int wpa_drv_ignore_assoc_disallow(struct wpa_supplicant *wpa_s, + int val) +{ + if (!wpa_s->driver->ignore_assoc_disallow) + return -1; + return wpa_s->driver->ignore_assoc_disallow(wpa_s->drv_priv, val); +} + +static inline int wpa_drv_set_bssid_blacklist(struct wpa_supplicant *wpa_s, + unsigned int num_bssid, + const u8 *bssids) +{ + if (!wpa_s->driver->set_bssid_blacklist) + return -1; + return wpa_s->driver->set_bssid_blacklist(wpa_s->drv_priv, num_bssid, + bssids); +} + +static inline int wpa_drv_update_connect_params( + struct wpa_supplicant *wpa_s, + struct wpa_driver_associate_params *params, + enum wpa_drv_update_connect_params_mask mask) +{ + if (!wpa_s->driver->update_connect_params) + return -1; + return wpa_s->driver->update_connect_params(wpa_s->drv_priv, params, + mask); +} + +static inline int +wpa_drv_send_external_auth_status(struct wpa_supplicant *wpa_s, + struct external_auth *params) +{ + if (!wpa_s->driver->send_external_auth_status) + return -1; + return wpa_s->driver->send_external_auth_status(wpa_s->drv_priv, + params); +} + #endif /* DRIVER_I_H */ diff --git a/contrib/wpa/wpa_supplicant/events.c b/contrib/wpa/wpa_supplicant/events.c index abe3b476773d..37d429d33022 100644 --- a/contrib/wpa/wpa_supplicant/events.c +++ b/contrib/wpa/wpa_supplicant/events.c @@ -1,6 +1,6 @@ /* * WPA Supplicant - Driver event processing - * Copyright (c) 2003-2015, Jouni Malinen <j@w1.fi> + * Copyright (c) 2003-2017, Jouni Malinen <j@w1.fi> * * This software may be distributed under the terms of the BSD license. * See README for more details. @@ -28,6 +28,7 @@ #include "notify.h" #include "common/ieee802_11_defs.h" #include "common/ieee802_11_common.h" +#include "common/gas_server.h" #include "crypto/random.h" #include "blacklist.h" #include "wpas_glue.h" @@ -46,6 +47,10 @@ #include "mesh.h" #include "mesh_mpm.h" #include "wmm_ac.h" +#include "dpp_supplicant.h" + + +#define MAX_OWE_TRANSITION_BSS_SELECT_COUNT 5 #ifndef CONFIG_NO_SCAN_PROCESSING @@ -54,8 +59,7 @@ static int wpas_select_network_from_last_scan(struct wpa_supplicant *wpa_s, #endif /* CONFIG_NO_SCAN_PROCESSING */ -static int wpas_temp_disabled(struct wpa_supplicant *wpa_s, - struct wpa_ssid *ssid) +int wpas_temp_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid) { struct os_reltime now; @@ -302,7 +306,9 @@ void wpa_supplicant_mark_disassoc(struct wpa_supplicant *wpa_s) eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE); eapol_sm_notify_portValid(wpa_s->eapol, FALSE); - if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) + if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) || + wpa_s->key_mgmt == WPA_KEY_MGMT_OWE || + wpa_s->key_mgmt == WPA_KEY_MGMT_DPP) eapol_sm_notify_eap_success(wpa_s->eapol, FALSE); wpa_s->ap_ies_from_associnfo = 0; wpa_s->current_ssid = NULL; @@ -311,6 +317,13 @@ void wpa_supplicant_mark_disassoc(struct wpa_supplicant *wpa_s) wpas_rrm_reset(wpa_s); wpa_s->wnmsleep_used = 0; + wnm_clear_coloc_intf_reporting(wpa_s); + +#ifdef CONFIG_TESTING_OPTIONS + wpa_s->last_tk_alg = WPA_ALG_NONE; + os_memset(wpa_s->last_tk, 0, sizeof(wpa_s->last_tk)); +#endif /* CONFIG_TESTING_OPTIONS */ + wpa_s->ieee80211ac = 0; } @@ -327,7 +340,7 @@ static void wpa_find_assoc_pmkid(struct wpa_supplicant *wpa_s) for (i = 0; i < ie.num_pmkid; i++) { pmksa_set = pmksa_cache_set_current(wpa_s->wpa, ie.pmkid + i * PMKID_LEN, - NULL, NULL, 0); + NULL, NULL, 0, NULL, 0); if (pmksa_set == 0) { eapol_sm_notify_pmkid_attempt(wpa_s->eapol); break; @@ -479,6 +492,11 @@ static int wpa_supplicant_match_privacy(struct wpa_bss *bss, return 1; #endif /* CONFIG_WPS */ +#ifdef CONFIG_OWE + if ((ssid->key_mgmt & WPA_KEY_MGMT_OWE) && !ssid->owe_only) + return 1; +#endif /* CONFIG_OWE */ + if (has_wep_key(ssid)) privacy = 1; @@ -503,7 +521,7 @@ static int wpa_supplicant_match_privacy(struct wpa_bss *bss, static int wpa_supplicant_ssid_bss_match(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid, - struct wpa_bss *bss) + struct wpa_bss *bss, int debug_print) { struct wpa_ie_data ie; int proto_match = 0; @@ -522,44 +540,59 @@ static int wpa_supplicant_ssid_bss_match(struct wpa_supplicant *wpa_s, (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)); rsn_ie = wpa_bss_get_ie(bss, WLAN_EID_RSN); - while ((ssid->proto & WPA_PROTO_RSN) && rsn_ie) { + while ((ssid->proto & (WPA_PROTO_RSN | WPA_PROTO_OSEN)) && rsn_ie) { proto_match++; if (wpa_parse_wpa_ie(rsn_ie, 2 + rsn_ie[1], &ie)) { - wpa_dbg(wpa_s, MSG_DEBUG, " skip RSN IE - parse " - "failed"); + if (debug_print) + wpa_dbg(wpa_s, MSG_DEBUG, + " skip RSN IE - parse failed"); break; } if (wep_ok && (ie.group_cipher & (WPA_CIPHER_WEP40 | WPA_CIPHER_WEP104))) { - wpa_dbg(wpa_s, MSG_DEBUG, " selected based on TSN " - "in RSN IE"); + if (debug_print) + wpa_dbg(wpa_s, MSG_DEBUG, + " selected based on TSN in RSN IE"); return 1; } - if (!(ie.proto & ssid->proto)) { - wpa_dbg(wpa_s, MSG_DEBUG, " skip RSN IE - proto " - "mismatch"); + if (!(ie.proto & ssid->proto) && + !(ssid->proto & WPA_PROTO_OSEN)) { + if (debug_print) + wpa_dbg(wpa_s, MSG_DEBUG, + " skip RSN IE - proto mismatch"); break; } if (!(ie.pairwise_cipher & ssid->pairwise_cipher)) { - wpa_dbg(wpa_s, MSG_DEBUG, " skip RSN IE - PTK " - "cipher mismatch"); + if (debug_print) + wpa_dbg(wpa_s, MSG_DEBUG, + " skip RSN IE - PTK cipher mismatch"); break; } if (!(ie.group_cipher & ssid->group_cipher)) { - wpa_dbg(wpa_s, MSG_DEBUG, " skip RSN IE - GTK " - "cipher mismatch"); + if (debug_print) + wpa_dbg(wpa_s, MSG_DEBUG, + " skip RSN IE - GTK cipher mismatch"); + break; + } + + if (ssid->group_mgmt_cipher && + !(ie.mgmt_group_cipher & ssid->group_mgmt_cipher)) { + if (debug_print) + wpa_dbg(wpa_s, MSG_DEBUG, + " skip RSN IE - group mgmt cipher mismatch"); break; } if (!(ie.key_mgmt & ssid->key_mgmt)) { - wpa_dbg(wpa_s, MSG_DEBUG, " skip RSN IE - key mgmt " - "mismatch"); + if (debug_print) + wpa_dbg(wpa_s, MSG_DEBUG, + " skip RSN IE - key mgmt mismatch"); break; } @@ -567,16 +600,18 @@ static int wpa_supplicant_ssid_bss_match(struct wpa_supplicant *wpa_s, if (!(ie.capabilities & WPA_CAPABILITY_MFPC) && wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) { - wpa_dbg(wpa_s, MSG_DEBUG, " skip RSN IE - no mgmt " - "frame protection"); + if (debug_print) + wpa_dbg(wpa_s, MSG_DEBUG, + " skip RSN IE - no mgmt frame protection"); break; } #endif /* CONFIG_IEEE80211W */ if ((ie.capabilities & WPA_CAPABILITY_MFPR) && wpas_get_ssid_pmf(wpa_s, ssid) == NO_MGMT_FRAME_PROTECTION) { - wpa_dbg(wpa_s, MSG_DEBUG, - " skip RSN IE - no mgmt frame protection enabled but AP requires it"); + if (debug_print) + wpa_dbg(wpa_s, MSG_DEBUG, + " skip RSN IE - no mgmt frame protection enabled but AP requires it"); break; } #ifdef CONFIG_MBO @@ -584,20 +619,25 @@ static int wpa_supplicant_ssid_bss_match(struct wpa_supplicant *wpa_s, wpas_mbo_get_bss_attr(bss, MBO_ATTR_ID_AP_CAPA_IND) && wpas_get_ssid_pmf(wpa_s, ssid) != NO_MGMT_FRAME_PROTECTION) { - wpa_dbg(wpa_s, MSG_DEBUG, - " skip RSN IE - no mgmt frame protection enabled on MBO AP"); + if (debug_print) + wpa_dbg(wpa_s, MSG_DEBUG, + " skip RSN IE - no mgmt frame protection enabled on MBO AP"); break; } #endif /* CONFIG_MBO */ - wpa_dbg(wpa_s, MSG_DEBUG, " selected based on RSN IE"); + if (debug_print) + wpa_dbg(wpa_s, MSG_DEBUG, + " selected based on RSN IE"); return 1; } #ifdef CONFIG_IEEE80211W - if (wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) { - wpa_dbg(wpa_s, MSG_DEBUG, - " skip - MFP Required but network not MFP Capable"); + if (wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED && + (!(ssid->key_mgmt & WPA_KEY_MGMT_OWE) || ssid->owe_only)) { + if (debug_print) + wpa_dbg(wpa_s, MSG_DEBUG, + " skip - MFP Required but network not MFP Capable"); return 0; } #endif /* CONFIG_IEEE80211W */ @@ -607,72 +647,110 @@ static int wpa_supplicant_ssid_bss_match(struct wpa_supplicant *wpa_s, proto_match++; if (wpa_parse_wpa_ie(wpa_ie, 2 + wpa_ie[1], &ie)) { - wpa_dbg(wpa_s, MSG_DEBUG, " skip WPA IE - parse " - "failed"); + if (debug_print) + wpa_dbg(wpa_s, MSG_DEBUG, + " skip WPA IE - parse failed"); break; } if (wep_ok && (ie.group_cipher & (WPA_CIPHER_WEP40 | WPA_CIPHER_WEP104))) { - wpa_dbg(wpa_s, MSG_DEBUG, " selected based on TSN " - "in WPA IE"); + if (debug_print) + wpa_dbg(wpa_s, MSG_DEBUG, + " selected based on TSN in WPA IE"); return 1; } if (!(ie.proto & ssid->proto)) { - wpa_dbg(wpa_s, MSG_DEBUG, " skip WPA IE - proto " - "mismatch"); + if (debug_print) + wpa_dbg(wpa_s, MSG_DEBUG, + " skip WPA IE - proto mismatch"); break; } if (!(ie.pairwise_cipher & ssid->pairwise_cipher)) { - wpa_dbg(wpa_s, MSG_DEBUG, " skip WPA IE - PTK " - "cipher mismatch"); + if (debug_print) + wpa_dbg(wpa_s, MSG_DEBUG, + " skip WPA IE - PTK cipher mismatch"); break; } if (!(ie.group_cipher & ssid->group_cipher)) { - wpa_dbg(wpa_s, MSG_DEBUG, " skip WPA IE - GTK " - "cipher mismatch"); + if (debug_print) + wpa_dbg(wpa_s, MSG_DEBUG, + " skip WPA IE - GTK cipher mismatch"); break; } if (!(ie.key_mgmt & ssid->key_mgmt)) { - wpa_dbg(wpa_s, MSG_DEBUG, " skip WPA IE - key mgmt " - "mismatch"); + if (debug_print) + wpa_dbg(wpa_s, MSG_DEBUG, + " skip WPA IE - key mgmt mismatch"); break; } - wpa_dbg(wpa_s, MSG_DEBUG, " selected based on WPA IE"); + if (debug_print) + wpa_dbg(wpa_s, MSG_DEBUG, + " selected based on WPA IE"); return 1; } if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && !wpa_ie && !rsn_ie) { - wpa_dbg(wpa_s, MSG_DEBUG, " allow for non-WPA IEEE 802.1X"); + if (debug_print) + wpa_dbg(wpa_s, MSG_DEBUG, + " allow for non-WPA IEEE 802.1X"); return 1; } +#ifdef CONFIG_OWE + if ((ssid->key_mgmt & WPA_KEY_MGMT_OWE) && !ssid->owe_only && + !wpa_ie && !rsn_ie) { + if (wpa_s->owe_transition_select && + wpa_bss_get_vendor_ie(bss, OWE_IE_VENDOR_TYPE) && + ssid->owe_transition_bss_select_count + 1 <= + MAX_OWE_TRANSITION_BSS_SELECT_COUNT) { + ssid->owe_transition_bss_select_count++; + if (debug_print) + wpa_dbg(wpa_s, MSG_DEBUG, + " skip OWE transition BSS (selection count %d does not exceed %d)", + ssid->owe_transition_bss_select_count, + MAX_OWE_TRANSITION_BSS_SELECT_COUNT); + wpa_s->owe_transition_search = 1; + return 0; + } + if (debug_print) + wpa_dbg(wpa_s, MSG_DEBUG, + " allow in OWE transition mode"); + return 1; + } +#endif /* CONFIG_OWE */ + if ((ssid->proto & (WPA_PROTO_WPA | WPA_PROTO_RSN)) && wpa_key_mgmt_wpa(ssid->key_mgmt) && proto_match == 0) { - wpa_dbg(wpa_s, MSG_DEBUG, " skip - no WPA/RSN proto match"); + if (debug_print) + wpa_dbg(wpa_s, MSG_DEBUG, + " skip - no WPA/RSN proto match"); return 0; } if ((ssid->key_mgmt & WPA_KEY_MGMT_OSEN) && wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE)) { - wpa_dbg(wpa_s, MSG_DEBUG, " allow in OSEN"); + if (debug_print) + wpa_dbg(wpa_s, MSG_DEBUG, " allow in OSEN"); return 1; } if (!wpa_key_mgmt_wpa(ssid->key_mgmt)) { - wpa_dbg(wpa_s, MSG_DEBUG, " allow in non-WPA/WPA2"); + if (debug_print) + wpa_dbg(wpa_s, MSG_DEBUG, " allow in non-WPA/WPA2"); return 1; } - wpa_dbg(wpa_s, MSG_DEBUG, " reject due to mismatch with " - "WPA/WPA2"); + if (debug_print) + wpa_dbg(wpa_s, MSG_DEBUG, + " reject due to mismatch with WPA/WPA2"); return 0; } @@ -692,7 +770,8 @@ static int freq_allowed(int *freqs, int freq) } -static int rate_match(struct wpa_supplicant *wpa_s, struct wpa_bss *bss) +static int rate_match(struct wpa_supplicant *wpa_s, struct wpa_bss *bss, + int debug_print) { const struct hostapd_hw_modes *mode = NULL, *modes; const u8 scan_ie[2] = { WLAN_EID_SUPP_RATES, WLAN_EID_EXT_SUPP_RATES }; @@ -749,9 +828,9 @@ static int rate_match(struct wpa_supplicant *wpa_s, struct wpa_bss *bss) if (flagged && ((rate_ie[j] & 0x7f) == BSS_MEMBERSHIP_SELECTOR_HT_PHY)) { if (!ht_supported(mode)) { - wpa_dbg(wpa_s, MSG_DEBUG, - " hardware does not support " - "HT PHY"); + if (debug_print) + wpa_dbg(wpa_s, MSG_DEBUG, + " hardware does not support HT PHY"); return 0; } continue; @@ -761,9 +840,9 @@ static int rate_match(struct wpa_supplicant *wpa_s, struct wpa_bss *bss) if (flagged && ((rate_ie[j] & 0x7f) == BSS_MEMBERSHIP_SELECTOR_VHT_PHY)) { if (!vht_supported(mode)) { - wpa_dbg(wpa_s, MSG_DEBUG, - " hardware does not support " - "VHT PHY"); + if (debug_print) + wpa_dbg(wpa_s, MSG_DEBUG, + " hardware does not support VHT PHY"); return 0; } continue; @@ -783,10 +862,11 @@ static int rate_match(struct wpa_supplicant *wpa_s, struct wpa_bss *bss) * order to join a BSS all required rates * have to be supported by the hardware. */ - wpa_dbg(wpa_s, MSG_DEBUG, - " hardware does not support required rate %d.%d Mbps (freq=%d mode==%d num_rates=%d)", - r / 10, r % 10, - bss->freq, mode->mode, mode->num_rates); + if (debug_print) + wpa_dbg(wpa_s, MSG_DEBUG, + " hardware does not support required rate %d.%d Mbps (freq=%d mode==%d num_rates=%d)", + r / 10, r % 10, + bss->freq, mode->mode, mode->num_rates); return 0; } } @@ -839,39 +919,124 @@ static int addr_in_list(const u8 *addr, const u8 *list, size_t num) } +static void owe_trans_ssid(struct wpa_supplicant *wpa_s, struct wpa_bss *bss, + const u8 **ret_ssid, size_t *ret_ssid_len) +{ +#ifdef CONFIG_OWE + const u8 *owe, *pos, *end, *bssid; + u8 ssid_len; + struct wpa_bss *open_bss; + + owe = wpa_bss_get_vendor_ie(bss, OWE_IE_VENDOR_TYPE); + if (!owe || !wpa_bss_get_ie(bss, WLAN_EID_RSN)) + return; + + pos = owe + 6; + end = owe + 2 + owe[1]; + + if (end - pos < ETH_ALEN + 1) + return; + bssid = pos; + pos += ETH_ALEN; + ssid_len = *pos++; + if (end - pos < ssid_len || ssid_len > SSID_MAX_LEN) + return; + + /* Match the profile SSID against the OWE transition mode SSID on the + * open network. */ + wpa_dbg(wpa_s, MSG_DEBUG, "OWE: transition mode BSSID: " MACSTR + " SSID: %s", MAC2STR(bssid), wpa_ssid_txt(pos, ssid_len)); + *ret_ssid = pos; + *ret_ssid_len = ssid_len; + + if (bss->ssid_len > 0) + return; + + open_bss = wpa_bss_get_bssid_latest(wpa_s, bssid); + if (!open_bss) + return; + if (ssid_len != open_bss->ssid_len || + os_memcmp(pos, open_bss->ssid, ssid_len) != 0) { + wpa_dbg(wpa_s, MSG_DEBUG, + "OWE: transition mode SSID mismatch: %s", + wpa_ssid_txt(open_bss->ssid, open_bss->ssid_len)); + return; + } + + owe = wpa_bss_get_vendor_ie(open_bss, OWE_IE_VENDOR_TYPE); + if (!owe || wpa_bss_get_ie(open_bss, WLAN_EID_RSN)) { + wpa_dbg(wpa_s, MSG_DEBUG, + "OWE: transition mode open BSS unexpected info"); + return; + } + + pos = owe + 6; + end = owe + 2 + owe[1]; + + if (end - pos < ETH_ALEN + 1) + return; + if (os_memcmp(pos, bss->bssid, ETH_ALEN) != 0) { + wpa_dbg(wpa_s, MSG_DEBUG, + "OWE: transition mode BSSID mismatch: " MACSTR, + MAC2STR(pos)); + return; + } + pos += ETH_ALEN; + ssid_len = *pos++; + if (end - pos < ssid_len || ssid_len > SSID_MAX_LEN) + return; + wpa_dbg(wpa_s, MSG_DEBUG, "OWE: learned transition mode OWE SSID: %s", + wpa_ssid_txt(pos, ssid_len)); + os_memcpy(bss->ssid, pos, ssid_len); + bss->ssid_len = ssid_len; +#endif /* CONFIG_OWE */ +} + + struct wpa_ssid * wpa_scan_res_match(struct wpa_supplicant *wpa_s, int i, struct wpa_bss *bss, struct wpa_ssid *group, - int only_first_ssid) + int only_first_ssid, int debug_print) { u8 wpa_ie_len, rsn_ie_len; int wpa; struct wpa_blacklist *e; const u8 *ie; struct wpa_ssid *ssid; - int osen; + int osen, rsn_osen = 0; #ifdef CONFIG_MBO const u8 *assoc_disallow; #endif /* CONFIG_MBO */ + const u8 *match_ssid; + size_t match_ssid_len; + struct wpa_ie_data data; ie = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE); wpa_ie_len = ie ? ie[1] : 0; ie = wpa_bss_get_ie(bss, WLAN_EID_RSN); rsn_ie_len = ie ? ie[1] : 0; + if (ie && wpa_parse_wpa_ie_rsn(ie, 2 + ie[1], &data) == 0 && + (data.key_mgmt & WPA_KEY_MGMT_OSEN)) + rsn_osen = 1; ie = wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE); osen = ie != NULL; - wpa_dbg(wpa_s, MSG_DEBUG, "%d: " MACSTR " ssid='%s' " - "wpa_ie_len=%u rsn_ie_len=%u caps=0x%x level=%d freq=%d %s%s%s", - i, MAC2STR(bss->bssid), wpa_ssid_txt(bss->ssid, bss->ssid_len), - wpa_ie_len, rsn_ie_len, bss->caps, bss->level, bss->freq, - wpa_bss_get_vendor_ie(bss, WPS_IE_VENDOR_TYPE) ? " wps" : "", - (wpa_bss_get_vendor_ie(bss, P2P_IE_VENDOR_TYPE) || - wpa_bss_get_vendor_ie_beacon(bss, P2P_IE_VENDOR_TYPE)) ? - " p2p" : "", - osen ? " osen=1" : ""); + if (debug_print) { + wpa_dbg(wpa_s, MSG_DEBUG, "%d: " MACSTR + " ssid='%s' wpa_ie_len=%u rsn_ie_len=%u caps=0x%x level=%d freq=%d %s%s%s", + i, MAC2STR(bss->bssid), + wpa_ssid_txt(bss->ssid, bss->ssid_len), + wpa_ie_len, rsn_ie_len, bss->caps, bss->level, + bss->freq, + wpa_bss_get_vendor_ie(bss, WPS_IE_VENDOR_TYPE) ? + " wps" : "", + (wpa_bss_get_vendor_ie(bss, P2P_IE_VENDOR_TYPE) || + wpa_bss_get_vendor_ie_beacon(bss, P2P_IE_VENDOR_TYPE)) + ? " p2p" : "", + osen ? " osen=1" : ""); + } e = wpa_blacklist_get(wpa_s, bss->bssid); if (e) { @@ -888,24 +1053,34 @@ struct wpa_ssid * wpa_scan_res_match(struct wpa_supplicant *wpa_s, limit = 0; } if (e->count > limit) { - wpa_dbg(wpa_s, MSG_DEBUG, " skip - blacklisted " - "(count=%d limit=%d)", e->count, limit); + if (debug_print) { + wpa_dbg(wpa_s, MSG_DEBUG, + " skip - blacklisted (count=%d limit=%d)", + e->count, limit); + } return NULL; } } - if (bss->ssid_len == 0) { - wpa_dbg(wpa_s, MSG_DEBUG, " skip - SSID not known"); + match_ssid = bss->ssid; + match_ssid_len = bss->ssid_len; + owe_trans_ssid(wpa_s, bss, &match_ssid, &match_ssid_len); + + if (match_ssid_len == 0) { + if (debug_print) + wpa_dbg(wpa_s, MSG_DEBUG, " skip - SSID not known"); return NULL; } if (disallowed_bssid(wpa_s, bss->bssid)) { - wpa_dbg(wpa_s, MSG_DEBUG, " skip - BSSID disallowed"); + if (debug_print) + wpa_dbg(wpa_s, MSG_DEBUG, " skip - BSSID disallowed"); return NULL; } - if (disallowed_ssid(wpa_s, bss->ssid, bss->ssid_len)) { - wpa_dbg(wpa_s, MSG_DEBUG, " skip - SSID disallowed"); + if (disallowed_ssid(wpa_s, match_ssid, match_ssid_len)) { + if (debug_print) + wpa_dbg(wpa_s, MSG_DEBUG, " skip - SSID disallowed"); return NULL; } @@ -916,21 +1091,25 @@ struct wpa_ssid * wpa_scan_res_match(struct wpa_supplicant *wpa_s, int res; if (wpas_network_disabled(wpa_s, ssid)) { - wpa_dbg(wpa_s, MSG_DEBUG, " skip - disabled"); + if (debug_print) + wpa_dbg(wpa_s, MSG_DEBUG, " skip - disabled"); continue; } res = wpas_temp_disabled(wpa_s, ssid); if (res > 0) { - wpa_dbg(wpa_s, MSG_DEBUG, " skip - disabled " - "temporarily for %d second(s)", res); + if (debug_print) + wpa_dbg(wpa_s, MSG_DEBUG, + " skip - disabled temporarily for %d second(s)", + res); continue; } #ifdef CONFIG_WPS if ((ssid->key_mgmt & WPA_KEY_MGMT_WPS) && e && e->count > 0) { - wpa_dbg(wpa_s, MSG_DEBUG, " skip - blacklisted " - "(WPS)"); + if (debug_print) + wpa_dbg(wpa_s, MSG_DEBUG, + " skip - blacklisted (WPS)"); continue; } @@ -954,15 +1133,19 @@ struct wpa_ssid * wpa_scan_res_match(struct wpa_supplicant *wpa_s, check_ssid = 0; if (check_ssid && - (bss->ssid_len != ssid->ssid_len || - os_memcmp(bss->ssid, ssid->ssid, bss->ssid_len) != 0)) { - wpa_dbg(wpa_s, MSG_DEBUG, " skip - SSID mismatch"); + (match_ssid_len != ssid->ssid_len || + os_memcmp(match_ssid, ssid->ssid, match_ssid_len) != 0)) { + if (debug_print) + wpa_dbg(wpa_s, MSG_DEBUG, + " skip - SSID mismatch"); continue; } if (ssid->bssid_set && os_memcmp(bss->bssid, ssid->bssid, ETH_ALEN) != 0) { - wpa_dbg(wpa_s, MSG_DEBUG, " skip - BSSID mismatch"); + if (debug_print) + wpa_dbg(wpa_s, MSG_DEBUG, + " skip - BSSID mismatch"); continue; } @@ -970,8 +1153,9 @@ struct wpa_ssid * wpa_scan_res_match(struct wpa_supplicant *wpa_s, if (ssid->num_bssid_blacklist && addr_in_list(bss->bssid, ssid->bssid_blacklist, ssid->num_bssid_blacklist)) { - wpa_dbg(wpa_s, MSG_DEBUG, - " skip - BSSID blacklisted"); + if (debug_print) + wpa_dbg(wpa_s, MSG_DEBUG, + " skip - BSSID blacklisted"); continue; } @@ -979,79 +1163,108 @@ struct wpa_ssid * wpa_scan_res_match(struct wpa_supplicant *wpa_s, if (ssid->num_bssid_whitelist && !addr_in_list(bss->bssid, ssid->bssid_whitelist, ssid->num_bssid_whitelist)) { - wpa_dbg(wpa_s, MSG_DEBUG, - " skip - BSSID not in whitelist"); + if (debug_print) + wpa_dbg(wpa_s, MSG_DEBUG, + " skip - BSSID not in whitelist"); continue; } - if (!wpa_supplicant_ssid_bss_match(wpa_s, ssid, bss)) + if (!wpa_supplicant_ssid_bss_match(wpa_s, ssid, bss, + debug_print)) continue; if (!osen && !wpa && !(ssid->key_mgmt & WPA_KEY_MGMT_NONE) && !(ssid->key_mgmt & WPA_KEY_MGMT_WPS) && + !(ssid->key_mgmt & WPA_KEY_MGMT_OWE) && !(ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)) { - wpa_dbg(wpa_s, MSG_DEBUG, " skip - non-WPA network " - "not allowed"); + if (debug_print) + wpa_dbg(wpa_s, MSG_DEBUG, + " skip - non-WPA network not allowed"); continue; } if (wpa && !wpa_key_mgmt_wpa(ssid->key_mgmt) && has_wep_key(ssid)) { - wpa_dbg(wpa_s, MSG_DEBUG, " skip - ignore WPA/WPA2 AP for WEP network block"); + if (debug_print) + wpa_dbg(wpa_s, MSG_DEBUG, + " skip - ignore WPA/WPA2 AP for WEP network block"); continue; } - if ((ssid->key_mgmt & WPA_KEY_MGMT_OSEN) && !osen) { - wpa_dbg(wpa_s, MSG_DEBUG, " skip - non-OSEN network " - "not allowed"); + if ((ssid->key_mgmt & WPA_KEY_MGMT_OSEN) && !osen && + !rsn_osen) { + if (debug_print) + wpa_dbg(wpa_s, MSG_DEBUG, + " skip - non-OSEN network not allowed"); continue; } if (!wpa_supplicant_match_privacy(bss, ssid)) { - wpa_dbg(wpa_s, MSG_DEBUG, " skip - privacy " - "mismatch"); + if (debug_print) + wpa_dbg(wpa_s, MSG_DEBUG, + " skip - privacy mismatch"); continue; } if (ssid->mode != IEEE80211_MODE_MESH && !bss_is_ess(bss) && !bss_is_pbss(bss)) { - wpa_dbg(wpa_s, MSG_DEBUG, - " skip - not ESS, PBSS, or MBSS"); + if (debug_print) + wpa_dbg(wpa_s, MSG_DEBUG, + " skip - not ESS, PBSS, or MBSS"); continue; } if (ssid->pbss != 2 && ssid->pbss != bss_is_pbss(bss)) { - wpa_dbg(wpa_s, MSG_DEBUG, " skip - PBSS mismatch (ssid %d bss %d)", - ssid->pbss, bss_is_pbss(bss)); + if (debug_print) + wpa_dbg(wpa_s, MSG_DEBUG, + " skip - PBSS mismatch (ssid %d bss %d)", + ssid->pbss, bss_is_pbss(bss)); continue; } if (!freq_allowed(ssid->freq_list, bss->freq)) { - wpa_dbg(wpa_s, MSG_DEBUG, " skip - frequency not " - "allowed"); + if (debug_print) + wpa_dbg(wpa_s, MSG_DEBUG, + " skip - frequency not allowed"); continue; } #ifdef CONFIG_MESH if (ssid->mode == IEEE80211_MODE_MESH && ssid->frequency > 0 && ssid->frequency != bss->freq) { - wpa_dbg(wpa_s, MSG_DEBUG, " skip - frequency not allowed (mesh)"); + if (debug_print) + wpa_dbg(wpa_s, MSG_DEBUG, + " skip - frequency not allowed (mesh)"); continue; } #endif /* CONFIG_MESH */ - if (!rate_match(wpa_s, bss)) { - wpa_dbg(wpa_s, MSG_DEBUG, " skip - rate sets do " - "not match"); + if (!rate_match(wpa_s, bss, debug_print)) { + if (debug_print) + wpa_dbg(wpa_s, MSG_DEBUG, + " skip - rate sets do not match"); continue; } +#ifndef CONFIG_IBSS_RSN + if (ssid->mode == WPAS_MODE_IBSS && + !(ssid->key_mgmt & (WPA_KEY_MGMT_NONE | + WPA_KEY_MGMT_WPA_NONE))) { + if (debug_print) + wpa_dbg(wpa_s, MSG_DEBUG, + " skip - IBSS RSN not supported in the build"); + continue; + } +#endif /* !CONFIG_IBSS_RSN */ + #ifdef CONFIG_P2P if (ssid->p2p_group && !wpa_bss_get_vendor_ie(bss, P2P_IE_VENDOR_TYPE) && !wpa_bss_get_vendor_ie_beacon(bss, P2P_IE_VENDOR_TYPE)) { - wpa_dbg(wpa_s, MSG_DEBUG, " skip - no P2P IE seen"); + if (debug_print) + wpa_dbg(wpa_s, MSG_DEBUG, + " skip - no P2P IE seen"); continue; } @@ -1061,20 +1274,26 @@ struct wpa_ssid * wpa_scan_res_match(struct wpa_supplicant *wpa_s, ie = wpa_bss_get_vendor_ie(bss, P2P_IE_VENDOR_TYPE); if (ie == NULL) { - wpa_dbg(wpa_s, MSG_DEBUG, " skip - no P2P element"); + if (debug_print) + wpa_dbg(wpa_s, MSG_DEBUG, + " skip - no P2P element"); continue; } p2p_ie = wpa_bss_get_vendor_ie_multi( bss, P2P_IE_VENDOR_TYPE); if (p2p_ie == NULL) { - wpa_dbg(wpa_s, MSG_DEBUG, " skip - could not fetch P2P element"); + if (debug_print) + wpa_dbg(wpa_s, MSG_DEBUG, + " skip - could not fetch P2P element"); continue; } if (p2p_parse_dev_addr_in_p2p_ie(p2p_ie, dev_addr) < 0 || os_memcmp(dev_addr, ssid->go_p2p_dev_addr, ETH_ALEN) != 0) { - wpa_dbg(wpa_s, MSG_DEBUG, " skip - no matching GO P2P Device Address in P2P element"); + if (debug_print) + wpa_dbg(wpa_s, MSG_DEBUG, + " skip - no matching GO P2P Device Address in P2P element"); wpabuf_free(p2p_ie); continue; } @@ -1094,8 +1313,9 @@ struct wpa_ssid * wpa_scan_res_match(struct wpa_supplicant *wpa_s, os_reltime_sub(&wpa_s->scan_min_time, &bss->last_update, &diff); - wpa_dbg(wpa_s, MSG_DEBUG, - " skip - scan result not recent enough (%u.%06u seconds too old)", + if (debug_print) + wpa_dbg(wpa_s, MSG_DEBUG, + " skip - scan result not recent enough (%u.%06u seconds too old)", (unsigned int) diff.sec, (unsigned int) diff.usec); continue; @@ -1108,15 +1328,17 @@ struct wpa_ssid * wpa_scan_res_match(struct wpa_supplicant *wpa_s, assoc_disallow = wpas_mbo_get_bss_attr( bss, MBO_ATTR_ID_ASSOC_DISALLOW); if (assoc_disallow && assoc_disallow[1] >= 1) { - wpa_dbg(wpa_s, MSG_DEBUG, - " skip - MBO association disallowed (reason %u)", + if (debug_print) + wpa_dbg(wpa_s, MSG_DEBUG, + " skip - MBO association disallowed (reason %u)", assoc_disallow[2]); continue; } if (wpa_is_bss_tmp_disallowed(wpa_s, bss->bssid)) { - wpa_dbg(wpa_s, MSG_DEBUG, - " skip - MBO retry delay has not passed yet"); + if (debug_print) + wpa_dbg(wpa_s, MSG_DEBUG, + " skip - MBO retry delay has not passed yet"); continue; } #ifdef CONFIG_TESTING_OPTIONS @@ -1124,6 +1346,19 @@ struct wpa_ssid * wpa_scan_res_match(struct wpa_supplicant *wpa_s, #endif /* CONFIG_TESTING_OPTIONS */ #endif /* CONFIG_MBO */ +#ifdef CONFIG_DPP + if ((ssid->key_mgmt & WPA_KEY_MGMT_DPP) && + !wpa_sm_pmksa_exists(wpa_s->wpa, bss->bssid, ssid) && + (!ssid->dpp_connector || + !ssid->dpp_netaccesskey || + !ssid->dpp_csign)) { + if (debug_print) + wpa_dbg(wpa_s, MSG_DEBUG, + " skip - no PMKSA entry for DPP"); + continue; + } +#endif /* CONFIG_DPP */ + /* Matching configuration found */ return ssid; } @@ -1141,6 +1376,25 @@ wpa_supplicant_select_bss(struct wpa_supplicant *wpa_s, { unsigned int i; + if (wpa_s->current_ssid) { + struct wpa_ssid *ssid; + + wpa_dbg(wpa_s, MSG_DEBUG, + "Scan results matching the currently selected network"); + for (i = 0; i < wpa_s->last_scan_res_used; i++) { + struct wpa_bss *bss = wpa_s->last_scan_res[i]; + + ssid = wpa_scan_res_match(wpa_s, i, bss, group, + only_first_ssid, 0); + if (ssid != wpa_s->current_ssid) + continue; + wpa_dbg(wpa_s, MSG_DEBUG, "%u: " MACSTR + " freq=%d level=%d snr=%d est_throughput=%u", + i, MAC2STR(bss->bssid), bss->freq, bss->level, + bss->snr, bss->est_throughput); + } + } + if (only_first_ssid) wpa_dbg(wpa_s, MSG_DEBUG, "Try to find BSS matching pre-selected network id=%d", group->id); @@ -1150,8 +1404,11 @@ wpa_supplicant_select_bss(struct wpa_supplicant *wpa_s, for (i = 0; i < wpa_s->last_scan_res_used; i++) { struct wpa_bss *bss = wpa_s->last_scan_res[i]; + + wpa_s->owe_transition_select = 1; *selected_ssid = wpa_scan_res_match(wpa_s, i, bss, group, - only_first_ssid); + only_first_ssid, 1); + wpa_s->owe_transition_select = 0; if (!*selected_ssid) continue; wpa_dbg(wpa_s, MSG_DEBUG, " selected BSS " MACSTR @@ -1332,6 +1589,17 @@ wpa_supplicant_pick_new_network(struct wpa_supplicant *wpa_s) { if (wpas_network_disabled(wpa_s, ssid)) continue; +#ifndef CONFIG_IBSS_RSN + if (ssid->mode == WPAS_MODE_IBSS && + !(ssid->key_mgmt & (WPA_KEY_MGMT_NONE | + WPA_KEY_MGMT_WPA_NONE))) { + wpa_msg(wpa_s, MSG_INFO, + "IBSS RSN not supported in the build - cannot use the profile for SSID '%s'", + wpa_ssid_txt(ssid->ssid, + ssid->ssid_len)); + continue; + } +#endif /* !CONFIG_IBSS_RSN */ if (ssid->mode == IEEE80211_MODE_IBSS || ssid->mode == IEEE80211_MODE_AP || ssid->mode == IEEE80211_MODE_MESH) @@ -1375,8 +1643,9 @@ static int wpa_supplicant_need_to_roam(struct wpa_supplicant *wpa_s, { struct wpa_bss *current_bss = NULL; #ifndef CONFIG_NO_ROAMING - int min_diff; + int min_diff, diff; int to_5ghz; + int cur_est, sel_est; #endif /* CONFIG_NO_ROAMING */ if (wpa_s->reassociate) @@ -1410,12 +1679,13 @@ static int wpa_supplicant_need_to_roam(struct wpa_supplicant *wpa_s, #ifndef CONFIG_NO_ROAMING wpa_dbg(wpa_s, MSG_DEBUG, "Considering within-ESS reassociation"); wpa_dbg(wpa_s, MSG_DEBUG, "Current BSS: " MACSTR - " level=%d snr=%d est_throughput=%u", - MAC2STR(current_bss->bssid), current_bss->level, + " freq=%d level=%d snr=%d est_throughput=%u", + MAC2STR(current_bss->bssid), + current_bss->freq, current_bss->level, current_bss->snr, current_bss->est_throughput); wpa_dbg(wpa_s, MSG_DEBUG, "Selected BSS: " MACSTR - " level=%d snr=%d est_throughput=%u", - MAC2STR(selected->bssid), selected->level, + " freq=%d level=%d snr=%d est_throughput=%u", + MAC2STR(selected->bssid), selected->freq, selected->level, selected->snr, selected->est_throughput); if (wpa_s->current_ssid->bssid_set && @@ -1441,6 +1711,14 @@ static int wpa_supplicant_need_to_roam(struct wpa_supplicant *wpa_s, return 0; } + if (current_bss->est_throughput > selected->est_throughput + 5000) { + wpa_dbg(wpa_s, MSG_DEBUG, + "Skip roam - Current BSS has better estimated throughput"); + return 0; + } + + cur_est = current_bss->est_throughput; + sel_est = selected->est_throughput; min_diff = 2; if (current_bss->level < 0) { if (current_bss->level < -85) @@ -1453,20 +1731,42 @@ static int wpa_supplicant_need_to_roam(struct wpa_supplicant *wpa_s, min_diff = 4; else min_diff = 5; + if (cur_est > sel_est * 1.5) + min_diff += 10; + else if (cur_est > sel_est * 1.2) + min_diff += 5; + else if (cur_est > sel_est * 1.1) + min_diff += 2; + else if (cur_est > sel_est) + min_diff++; } if (to_5ghz) { + int reduce = 2; + /* Make it easier to move to 5 GHz band */ - if (min_diff > 2) - min_diff -= 2; + if (sel_est > cur_est * 1.5) + reduce = 5; + else if (sel_est > cur_est * 1.2) + reduce = 4; + else if (sel_est > cur_est * 1.1) + reduce = 3; + + if (min_diff > reduce) + min_diff -= reduce; else min_diff = 0; } - if (abs(current_bss->level - selected->level) < min_diff) { - wpa_dbg(wpa_s, MSG_DEBUG, "Skip roam - too small difference " - "in signal level"); + diff = abs(current_bss->level - selected->level); + if (diff < min_diff) { + wpa_dbg(wpa_s, MSG_DEBUG, + "Skip roam - too small difference in signal level (%d < %d)", + diff, min_diff); return 0; } + wpa_dbg(wpa_s, MSG_DEBUG, + "Allow reassociation due to difference in signal level (%d >= %d)", + diff, min_diff); return 1; #else /* CONFIG_NO_ROAMING */ return 0; @@ -1474,11 +1774,18 @@ static int wpa_supplicant_need_to_roam(struct wpa_supplicant *wpa_s, } -/* Return != 0 if no scan results could be fetched or if scan results should not - * be shared with other virtual interfaces. */ +/* + * Return a negative value if no scan results could be fetched or if scan + * results should not be shared with other virtual interfaces. + * Return 0 if scan results were fetched and may be shared with other + * interfaces. + * Return 1 if scan results may be shared with other virtual interfaces but may + * not trigger any operations. + * Return 2 if the interface was removed and cannot be used. + */ static int _wpa_supplicant_event_scan_results(struct wpa_supplicant *wpa_s, union wpa_event_data *data, - int own_request) + int own_request, int update_only) { struct wpa_scan_results *scan_res = NULL; int ret = 0; @@ -1528,6 +1835,11 @@ static int _wpa_supplicant_event_scan_results(struct wpa_supplicant *wpa_s, } #endif /* CONFIG_NO_RANDOM_POOL */ + if (update_only) { + ret = 1; + goto scan_work_done; + } + if (own_request && wpa_s->scan_res_handler && !(data && data->scan_info.external_scan)) { void (*scan_res_handler)(struct wpa_supplicant *wpa_s, @@ -1536,7 +1848,7 @@ static int _wpa_supplicant_event_scan_results(struct wpa_supplicant *wpa_s, scan_res_handler = wpa_s->scan_res_handler; wpa_s->scan_res_handler = NULL; scan_res_handler(wpa_s, scan_res); - ret = -2; + ret = 1; goto scan_work_done; } @@ -1577,6 +1889,10 @@ static int _wpa_supplicant_event_scan_results(struct wpa_supplicant *wpa_s, if (sme_proc_obss_scan(wpa_s) > 0) goto scan_work_done; + if (own_request && + wpas_beacon_rep_scan_process(wpa_s, scan_res, &data->scan_info) > 0) + goto scan_work_done; + if ((wpa_s->conf->ap_scan == 2 && !wpas_wps_searching(wpa_s))) goto scan_work_done; @@ -1639,6 +1955,7 @@ static int wpas_select_network_from_last_scan(struct wpa_supplicant *wpa_s, if (wpa_s->p2p_mgmt) return 0; /* no normal connection on p2p_mgmt interface */ + wpa_s->owe_transition_search = 0; selected = wpa_supplicant_pick_network(wpa_s, &ssid); #ifdef CONFIG_MESH @@ -1672,8 +1989,9 @@ static int wpas_select_network_from_last_scan(struct wpa_supplicant *wpa_s, if (new_scan) wpa_supplicant_rsn_preauth_scan_results(wpa_s); /* - * Do not notify other virtual radios of scan results since we do not - * want them to start other associations at the same time. + * Do not allow other virtual radios to trigger operations based + * on these scan results since we do not want them to start + * other associations at the same time. */ return 1; } else { @@ -1739,6 +2057,17 @@ static int wpas_select_network_from_last_scan(struct wpa_supplicant *wpa_s, return 0; } #endif /* CONFIG_WPS */ +#ifdef CONFIG_OWE + if (wpa_s->owe_transition_search) { + wpa_dbg(wpa_s, MSG_DEBUG, + "OWE: Use shorter wait during transition mode search"); + timeout_sec = 0; + timeout_usec = 500000; + wpa_supplicant_req_new_scan(wpa_s, timeout_sec, + timeout_usec); + return 0; + } +#endif /* CONFIG_OWE */ if (wpa_supplicant_req_sched_scan(wpa_s)) wpa_supplicant_req_new_scan(wpa_s, timeout_sec, timeout_usec); @@ -1757,7 +2086,7 @@ static int wpa_supplicant_event_scan_results(struct wpa_supplicant *wpa_s, struct wpa_supplicant *ifs; int res; - res = _wpa_supplicant_event_scan_results(wpa_s, data, 1); + res = _wpa_supplicant_event_scan_results(wpa_s, data, 1, 0); if (res == 2) { /* * Interface may have been removed, so must not dereference @@ -1765,7 +2094,8 @@ static int wpa_supplicant_event_scan_results(struct wpa_supplicant *wpa_s, */ return 1; } - if (res != 0) { + + if (res < 0) { /* * If no scan results could be fetched, then no need to * notify those interfaces that did not actually request @@ -1785,7 +2115,10 @@ static int wpa_supplicant_event_scan_results(struct wpa_supplicant *wpa_s, if (ifs != wpa_s) { wpa_printf(MSG_DEBUG, "%s: Updating scan results from " "sibling", ifs->ifname); - _wpa_supplicant_event_scan_results(ifs, data, 0); + res = _wpa_supplicant_event_scan_results(ifs, data, 0, + res > 0); + if (res < 0) + return 0; } } @@ -1802,6 +2135,8 @@ int wpa_supplicant_fast_associate(struct wpa_supplicant *wpa_s) #else /* CONFIG_NO_SCAN_PROCESSING */ struct os_reltime now; + wpa_s->ignore_post_flush_scan_res = 0; + if (wpa_s->last_scan_res_used == 0) return -1; @@ -1981,9 +2316,9 @@ static int wpa_supplicant_event_associnfo(struct wpa_supplicant *wpa_s, { int l, len, found = 0, wpa_found, rsn_found; const u8 *p; -#ifdef CONFIG_IEEE80211R +#if defined(CONFIG_IEEE80211R) || defined(CONFIG_OWE) u8 bssid[ETH_ALEN]; -#endif /* CONFIG_IEEE80211R */ +#endif /* CONFIG_IEEE80211R || CONFIG_OWE */ wpa_dbg(wpa_s, MSG_DEBUG, "Association info event"); if (data->assoc_info.req_ies) @@ -2004,6 +2339,10 @@ static int wpa_supplicant_event_associnfo(struct wpa_supplicant *wpa_s, interworking_process_assoc_resp(wpa_s, data->assoc_info.resp_ies, data->assoc_info.resp_ies_len); #endif /* CONFIG_INTERWORKING */ + if (wpa_s->hw_capab == CAPAB_VHT && + get_ie(data->assoc_info.resp_ies, + data->assoc_info.resp_ies_len, WLAN_EID_VHT_CAP)) + wpa_s->ieee80211ac = 1; } if (data->assoc_info.beacon_ies) wpa_hexdump(MSG_DEBUG, "beacon_ies", @@ -2041,6 +2380,36 @@ static int wpa_supplicant_event_associnfo(struct wpa_supplicant *wpa_s, if (!found && data->assoc_info.req_ies) wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0); +#ifdef CONFIG_FILS +#ifdef CONFIG_SME + if ((wpa_s->sme.auth_alg == WPA_AUTH_ALG_FILS || + wpa_s->sme.auth_alg == WPA_AUTH_ALG_FILS_SK_PFS) && + (!data->assoc_info.resp_frame || + fils_process_assoc_resp(wpa_s->wpa, + data->assoc_info.resp_frame, + data->assoc_info.resp_frame_len) < 0)) { + wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_UNSPECIFIED); + return -1; + } +#endif /* CONFIG_SME */ + + /* Additional processing for FILS when SME is in driver */ + if (wpa_s->auth_alg == WPA_AUTH_ALG_FILS && + !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME)) + wpa_sm_set_reset_fils_completed(wpa_s->wpa, 1); +#endif /* CONFIG_FILS */ + +#ifdef CONFIG_OWE + if (wpa_s->key_mgmt == WPA_KEY_MGMT_OWE && + (wpa_drv_get_bssid(wpa_s, bssid) < 0 || + owe_process_assoc_resp(wpa_s->wpa, bssid, + data->assoc_info.resp_ies, + data->assoc_info.resp_ies_len) < 0)) { + wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_UNSPECIFIED); + return -1; + } +#endif /* CONFIG_OWE */ + #ifdef CONFIG_IEEE80211R #ifdef CONFIG_SME if (wpa_s->sme.auth_alg == WPA_AUTH_ALG_FT) { @@ -2262,6 +2631,13 @@ static void wpa_supplicant_event_assoc(struct wpa_supplicant *wpa_s, ft_completed = wpa_ft_is_completed(wpa_s->wpa); if (data && wpa_supplicant_event_associnfo(wpa_s, data) < 0) return; + /* + * FILS authentication can share the same mechanism to mark the + * connection fully authenticated, so set ft_completed also based on + * FILS result. + */ + if (!ft_completed) + ft_completed = wpa_fils_is_completed(wpa_s->wpa); if (wpa_drv_get_bssid(wpa_s, bssid) < 0) { wpa_dbg(wpa_s, MSG_ERROR, "Failed to get BSSID"); @@ -2331,7 +2707,9 @@ static void wpa_supplicant_event_assoc(struct wpa_supplicant *wpa_s, eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE); eapol_sm_notify_portValid(wpa_s->eapol, FALSE); } - if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) || ft_completed || + if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) || + wpa_s->key_mgmt == WPA_KEY_MGMT_DPP || + wpa_s->key_mgmt == WPA_KEY_MGMT_OWE || ft_completed || already_authorized) eapol_sm_notify_eap_success(wpa_s->eapol, FALSE); /* 802.1X::portControl = Auto */ @@ -2395,7 +2773,7 @@ static void wpa_supplicant_event_assoc(struct wpa_supplicant *wpa_s, struct os_reltime now, age; os_get_reltime(&now); os_reltime_sub(&now, &wpa_s->pending_eapol_rx_time, &age); - if (age.sec == 0 && age.usec < 100000 && + if (age.sec == 0 && age.usec < 200000 && os_memcmp(wpa_s->pending_eapol_rx_src, bssid, ETH_ALEN) == 0) { wpa_dbg(wpa_s, MSG_DEBUG, "Process pending EAPOL " @@ -2446,6 +2824,16 @@ static void wpa_supplicant_event_assoc(struct wpa_supplicant *wpa_s, if (wpa_s->reassoc_same_bss) wmm_ac_restore_tspecs(wpa_s); } + +#ifdef CONFIG_FILS + if (wpa_key_mgmt_fils(wpa_s->key_mgmt)) { + struct wpa_bss *bss = wpa_bss_get_bssid(wpa_s, bssid); + const u8 *fils_cache_id = wpa_bss_get_fils_cache_id(bss); + + if (fils_cache_id) + wpa_sm_set_fils_cache_id(wpa_s->wpa, fils_cache_id); + } +#endif /* CONFIG_FILS */ } @@ -2837,18 +3225,6 @@ wpa_supplicant_event_interface_status(struct wpa_supplicant *wpa_s, } -#ifdef CONFIG_PEERKEY -static void -wpa_supplicant_event_stkstart(struct wpa_supplicant *wpa_s, - union wpa_event_data *data) -{ - if (data == NULL) - return; - wpa_sm_stkstart(wpa_s->wpa, data->stkstart.peer); -} -#endif /* CONFIG_PEERKEY */ - - #ifdef CONFIG_TDLS static void wpa_supplicant_event_tdls(struct wpa_supplicant *wpa_s, union wpa_event_data *data) @@ -3211,6 +3587,7 @@ static void wpa_supplicant_update_channel_list( struct wpa_supplicant *wpa_s, struct channel_list_changed *info) { struct wpa_supplicant *ifs; + u8 dfs_domain; /* * To allow backwards compatibility with higher level layers that @@ -3235,7 +3612,7 @@ static void wpa_supplicant_update_channel_list( ifs->ifname); free_hw_features(ifs); ifs->hw.modes = wpa_drv_get_hw_feature_data( - ifs, &ifs->hw.num_modes, &ifs->hw.flags); + ifs, &ifs->hw.num_modes, &ifs->hw.flags, &dfs_domain); /* Restart PNO/sched_scan with updated channel list */ if (ifs->pno) { @@ -3310,6 +3687,15 @@ static void wpas_event_rx_mgmt_action(struct wpa_supplicant *wpa_s, return; #endif /* CONFIG_GAS */ +#ifdef CONFIG_GAS_SERVER + if ((mgmt->u.action.category == WLAN_ACTION_PUBLIC || + mgmt->u.action.category == WLAN_ACTION_PROTECTED_DUAL) && + gas_server_rx(wpa_s->gas_server, mgmt->da, mgmt->sa, mgmt->bssid, + mgmt->u.action.category, + payload, plen, freq) == 0) + return; +#endif /* CONFIG_GAS_SERVER */ + #ifdef CONFIG_TDLS if (category == WLAN_ACTION_PUBLIC && plen >= 4 && payload[0] == WLAN_TDLS_DISCOVERY_RESPONSE) { @@ -3338,6 +3724,7 @@ static void wpas_event_rx_mgmt_action(struct wpa_supplicant *wpa_s, if (category == WLAN_ACTION_RADIO_MEASUREMENT && payload[0] == WLAN_RRM_RADIO_MEASUREMENT_REQUEST) { wpas_rrm_handle_radio_measurement_request(wpa_s, mgmt->sa, + mgmt->da, payload + 1, plen - 1); return; @@ -3364,6 +3751,18 @@ static void wpas_event_rx_mgmt_action(struct wpa_supplicant *wpa_s, } #endif /* CONFIG_FST */ +#ifdef CONFIG_DPP + if (category == WLAN_ACTION_PUBLIC && plen >= 5 && + payload[0] == WLAN_PA_VENDOR_SPECIFIC && + WPA_GET_BE24(&payload[1]) == OUI_WFA && + payload[4] == DPP_OUI_TYPE) { + payload++; + plen--; + wpas_dpp_rx_action(wpa_s, mgmt->sa, payload, plen, freq); + return; + } +#endif /* CONFIG_DPP */ + wpas_p2p_rx_action(wpa_s, mgmt->da, mgmt->sa, mgmt->bssid, category, payload, plen, freq); if (wpa_s->ifmsh) @@ -3404,23 +3803,226 @@ static void wpa_supplicant_notify_avoid_freq(struct wpa_supplicant *wpa_s, } -static void wpa_supplicant_event_assoc_auth(struct wpa_supplicant *wpa_s, - union wpa_event_data *data) +static void wpa_supplicant_event_port_authorized(struct wpa_supplicant *wpa_s) { - wpa_dbg(wpa_s, MSG_DEBUG, - "Connection authorized by device, previous state %d", - wpa_s->wpa_state); if (wpa_s->wpa_state == WPA_ASSOCIATED) { wpa_supplicant_cancel_auth_timeout(wpa_s); wpa_supplicant_set_state(wpa_s, WPA_COMPLETED); eapol_sm_notify_portValid(wpa_s->eapol, TRUE); eapol_sm_notify_eap_success(wpa_s->eapol, TRUE); } +} + + +static unsigned int wpas_event_cac_ms(const struct wpa_supplicant *wpa_s, + int freq) +{ + size_t i; + int j; + + for (i = 0; i < wpa_s->hw.num_modes; i++) { + const struct hostapd_hw_modes *mode = &wpa_s->hw.modes[i]; + + for (j = 0; j < mode->num_channels; j++) { + const struct hostapd_channel_data *chan; + + chan = &mode->channels[j]; + if (chan->freq == freq) + return chan->dfs_cac_ms; + } + } + + return 0; +} + + +static void wpas_event_dfs_cac_started(struct wpa_supplicant *wpa_s, + struct dfs_event *radar) +{ +#if defined(NEED_AP_MLME) && defined(CONFIG_AP) + if (wpa_s->ap_iface) { + wpas_ap_event_dfs_cac_started(wpa_s, radar); + } else +#endif /* NEED_AP_MLME && CONFIG_AP */ + { + unsigned int cac_time = wpas_event_cac_ms(wpa_s, radar->freq); + + cac_time /= 1000; /* convert from ms to sec */ + if (!cac_time) + cac_time = 10 * 60; /* max timeout: 10 minutes */ + + /* Restart auth timeout: CAC time added to initial timeout */ + wpas_auth_timeout_restart(wpa_s, cac_time); + } +} + + +static void wpas_event_dfs_cac_finished(struct wpa_supplicant *wpa_s, + struct dfs_event *radar) +{ +#if defined(NEED_AP_MLME) && defined(CONFIG_AP) + if (wpa_s->ap_iface) { + wpas_ap_event_dfs_cac_finished(wpa_s, radar); + } else +#endif /* NEED_AP_MLME && CONFIG_AP */ + { + /* Restart auth timeout with original value after CAC is + * finished */ + wpas_auth_timeout_restart(wpa_s, 0); + } +} + + +static void wpas_event_dfs_cac_aborted(struct wpa_supplicant *wpa_s, + struct dfs_event *radar) +{ +#if defined(NEED_AP_MLME) && defined(CONFIG_AP) + if (wpa_s->ap_iface) { + wpas_ap_event_dfs_cac_aborted(wpa_s, radar); + } else +#endif /* NEED_AP_MLME && CONFIG_AP */ + { + /* Restart auth timeout with original value after CAC is + * aborted */ + wpas_auth_timeout_restart(wpa_s, 0); + } +} + + +static void wpa_supplicant_event_assoc_auth(struct wpa_supplicant *wpa_s, + union wpa_event_data *data) +{ + wpa_dbg(wpa_s, MSG_DEBUG, + "Connection authorized by device, previous state %d", + wpa_s->wpa_state); + + wpa_supplicant_event_port_authorized(wpa_s); + wpa_sm_set_rx_replay_ctr(wpa_s->wpa, data->assoc_info.key_replay_ctr); wpa_sm_set_ptk_kck_kek(wpa_s->wpa, data->assoc_info.ptk_kck, data->assoc_info.ptk_kck_len, data->assoc_info.ptk_kek, data->assoc_info.ptk_kek_len); +#ifdef CONFIG_FILS + if (wpa_s->auth_alg == WPA_AUTH_ALG_FILS) { + struct wpa_bss *bss = wpa_bss_get_bssid(wpa_s, wpa_s->bssid); + const u8 *fils_cache_id = wpa_bss_get_fils_cache_id(bss); + + /* Update ERP next sequence number */ + eapol_sm_update_erp_next_seq_num( + wpa_s->eapol, data->assoc_info.fils_erp_next_seq_num); + + if (data->assoc_info.fils_pmk && data->assoc_info.fils_pmkid) { + /* Add the new PMK and PMKID to the PMKSA cache */ + wpa_sm_pmksa_cache_add(wpa_s->wpa, + data->assoc_info.fils_pmk, + data->assoc_info.fils_pmk_len, + data->assoc_info.fils_pmkid, + wpa_s->bssid, fils_cache_id); + } else if (data->assoc_info.fils_pmkid) { + /* Update the current PMKSA used for this connection */ + pmksa_cache_set_current(wpa_s->wpa, + data->assoc_info.fils_pmkid, + NULL, NULL, 0, NULL, 0); + } + } +#endif /* CONFIG_FILS */ +} + + +static void wpas_event_assoc_reject(struct wpa_supplicant *wpa_s, + union wpa_event_data *data) +{ + const u8 *bssid = data->assoc_reject.bssid; + + if (!bssid || is_zero_ether_addr(bssid)) + bssid = wpa_s->pending_bssid; + + if (data->assoc_reject.bssid) + wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_ASSOC_REJECT + "bssid=" MACSTR " status_code=%u%s%s%s", + MAC2STR(data->assoc_reject.bssid), + data->assoc_reject.status_code, + data->assoc_reject.timed_out ? " timeout" : "", + data->assoc_reject.timeout_reason ? "=" : "", + data->assoc_reject.timeout_reason ? + data->assoc_reject.timeout_reason : ""); + else + wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_ASSOC_REJECT + "status_code=%u%s%s%s", + data->assoc_reject.status_code, + data->assoc_reject.timed_out ? " timeout" : "", + data->assoc_reject.timeout_reason ? "=" : "", + data->assoc_reject.timeout_reason ? + data->assoc_reject.timeout_reason : ""); + wpa_s->assoc_status_code = data->assoc_reject.status_code; + wpas_notify_assoc_status_code(wpa_s); + +#ifdef CONFIG_OWE + if (data->assoc_reject.status_code == + WLAN_STATUS_FINITE_CYCLIC_GROUP_NOT_SUPPORTED && + wpa_s->key_mgmt == WPA_KEY_MGMT_OWE && + wpa_s->current_ssid && + wpa_s->current_ssid->owe_group == 0 && + wpa_s->last_owe_group != 21) { + struct wpa_ssid *ssid = wpa_s->current_ssid; + struct wpa_bss *bss = wpa_s->current_bss; + + if (!bss) { + bss = wpa_supplicant_get_new_bss(wpa_s, bssid); + if (!bss) { + wpas_connection_failed(wpa_s, bssid); + wpa_supplicant_mark_disassoc(wpa_s); + return; + } + } + wpa_printf(MSG_DEBUG, "OWE: Try next supported DH group"); + wpas_connect_work_done(wpa_s); + wpa_supplicant_mark_disassoc(wpa_s); + wpa_supplicant_connect(wpa_s, bss, ssid); + return; + } +#endif /* CONFIG_OWE */ + + if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) { + sme_event_assoc_reject(wpa_s, data); + return; + } + + /* Driver-based SME cases */ + +#ifdef CONFIG_SAE + if (wpa_s->current_ssid && + wpa_key_mgmt_sae(wpa_s->current_ssid->key_mgmt) && + !data->assoc_reject.timed_out) { + wpa_dbg(wpa_s, MSG_DEBUG, "SAE: Drop PMKSA cache entry"); + wpa_sm_aborted_cached(wpa_s->wpa); + wpa_sm_pmksa_cache_flush(wpa_s->wpa, wpa_s->current_ssid); + } +#endif /* CONFIG_SAE */ + +#ifdef CONFIG_DPP + if (wpa_s->current_ssid && + wpa_s->current_ssid->key_mgmt == WPA_KEY_MGMT_DPP && + !data->assoc_reject.timed_out) { + wpa_dbg(wpa_s, MSG_DEBUG, "DPP: Drop PMKSA cache entry"); + wpa_sm_aborted_cached(wpa_s->wpa); + wpa_sm_pmksa_cache_flush(wpa_s->wpa, wpa_s->current_ssid); + } +#endif /* CONFIG_DPP */ + +#ifdef CONFIG_FILS + /* Update ERP next sequence number */ + if (wpa_s->auth_alg == WPA_AUTH_ALG_FILS) { + eapol_sm_update_erp_next_seq_num( + wpa_s->eapol, + data->assoc_reject.fils_erp_next_seq_num); + fils_connection_failure(wpa_s); + } +#endif /* CONFIG_FILS */ + + wpas_connection_failed(wpa_s, bssid); + wpa_supplicant_mark_disassoc(wpa_s); } @@ -3429,6 +4031,9 @@ void wpa_supplicant_event(void *ctx, enum wpa_event_type event, { struct wpa_supplicant *wpa_s = ctx; int resched; +#ifndef CONFIG_NO_STDOUT_DEBUG + int level = MSG_DEBUG; +#endif /* CONFIG_NO_STDOUT_DEBUG */ if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED && event != EVENT_INTERFACE_ENABLED && @@ -3442,9 +4047,6 @@ void wpa_supplicant_event(void *ctx, enum wpa_event_type event, } #ifndef CONFIG_NO_STDOUT_DEBUG -{ - int level = MSG_DEBUG; - if (event == EVENT_RX_MGMT && data->rx_mgmt.frame_len >= 24) { const struct ieee80211_hdr *hdr; u16 fc; @@ -3457,7 +4059,6 @@ void wpa_supplicant_event(void *ctx, enum wpa_event_type event, wpa_dbg(wpa_s, level, "Event %s (%d) received", event_to_string(event), event); -} #endif /* CONFIG_NO_STDOUT_DEBUG */ switch (event) { @@ -3477,9 +4078,18 @@ void wpa_supplicant_event(void *ctx, enum wpa_event_type event, "EVENT_ASSOC - ignore_auth_resp active!"); break; } + if (wpa_s->testing_resend_assoc) { + wpa_printf(MSG_INFO, + "EVENT_DEAUTH - testing_resend_assoc"); + break; + } #endif /* CONFIG_TESTING_OPTIONS */ wpa_supplicant_event_assoc(wpa_s, data); - if (data && data->assoc_info.authorized) + wpa_s->assoc_status_code = WLAN_STATUS_SUCCESS; + if (data && + (data->assoc_info.authorized || + (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) && + wpa_fils_is_completed(wpa_s->wpa)))) wpa_supplicant_event_assoc_auth(wpa_s, data); if (data) { wpa_msg(wpa_s, MSG_INFO, @@ -3498,6 +4108,11 @@ void wpa_supplicant_event(void *ctx, enum wpa_event_type event, "EVENT_DEAUTH - ignore_auth_resp active!"); break; } + if (wpa_s->testing_resend_assoc) { + wpa_printf(MSG_INFO, + "EVENT_DEAUTH - testing_resend_assoc"); + break; + } #endif /* CONFIG_TESTING_OPTIONS */ wpas_event_deauth(wpa_s, data ? &data->deauth_info : NULL); @@ -3570,11 +4185,6 @@ void wpa_supplicant_event(void *ctx, enum wpa_event_type event, case EVENT_PMKID_CANDIDATE: wpa_supplicant_event_pmkid_candidate(wpa_s, data); break; -#ifdef CONFIG_PEERKEY - case EVENT_STKSTART: - wpa_supplicant_event_stkstart(wpa_s, data); - break; -#endif /* CONFIG_PEERKEY */ #ifdef CONFIG_TDLS case EVENT_TDLS: wpa_supplicant_event_tdls(wpa_s, data); @@ -3596,28 +4206,7 @@ void wpa_supplicant_event(void *ctx, enum wpa_event_type event, break; #endif /* CONFIG_IBSS_RSN */ case EVENT_ASSOC_REJECT: - if (data->assoc_reject.bssid) - wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_ASSOC_REJECT - "bssid=" MACSTR " status_code=%u%s", - MAC2STR(data->assoc_reject.bssid), - data->assoc_reject.status_code, - data->assoc_reject.timed_out ? " timeout" : ""); - else - wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_ASSOC_REJECT - "status_code=%u%s", - data->assoc_reject.status_code, - data->assoc_reject.timed_out ? " timeout" : ""); - wpa_s->assoc_status_code = data->assoc_reject.status_code; - wpas_notify_assoc_status_code(wpa_s); - if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) - sme_event_assoc_reject(wpa_s, data); - else { - const u8 *bssid = data->assoc_reject.bssid; - if (bssid == NULL || is_zero_ether_addr(bssid)) - bssid = wpa_s->pending_bssid; - wpas_connection_failed(wpa_s, bssid); - wpa_supplicant_mark_disassoc(wpa_s); - } + wpas_event_assoc_reject(wpa_s, data); break; case EVENT_AUTH_TIMED_OUT: /* It is possible to get this event from earlier connection */ @@ -3719,6 +4308,7 @@ void wpa_supplicant_event(void *ctx, enum wpa_event_type event, ap_rx_from_unknown_sta(wpa_s, data->rx_from_unknown.addr, data->rx_from_unknown.wds); break; +#endif /* CONFIG_AP */ case EVENT_CH_SWITCH: if (!data || !wpa_s->current_ssid) break; @@ -3735,6 +4325,7 @@ void wpa_supplicant_event(void *ctx, enum wpa_event_type event, wpa_s->assoc_freq = data->ch_switch.freq; wpa_s->current_ssid->frequency = data->ch_switch.freq; +#ifdef CONFIG_AP if (wpa_s->current_ssid->mode == WPAS_MODE_AP || wpa_s->current_ssid->mode == WPAS_MODE_P2P_GO || wpa_s->current_ssid->mode == @@ -3746,14 +4337,25 @@ void wpa_supplicant_event(void *ctx, enum wpa_event_type event, data->ch_switch.cf1, data->ch_switch.cf2); } +#endif /* CONFIG_AP */ wpas_p2p_update_channel_list(wpa_s, WPAS_P2P_CHANNEL_UPDATE_CS); + wnm_clear_coloc_intf_reporting(wpa_s); break; +#ifdef CONFIG_AP #ifdef NEED_AP_MLME case EVENT_DFS_RADAR_DETECTED: if (data) - wpas_event_dfs_radar_detected(wpa_s, &data->dfs_event); + wpas_ap_event_dfs_radar_detected(wpa_s, + &data->dfs_event); break; + case EVENT_DFS_NOP_FINISHED: + if (data) + wpas_ap_event_dfs_cac_nop_finished(wpa_s, + &data->dfs_event); + break; +#endif /* NEED_AP_MLME */ +#endif /* CONFIG_AP */ case EVENT_DFS_CAC_STARTED: if (data) wpas_event_dfs_cac_started(wpa_s, &data->dfs_event); @@ -3766,13 +4368,6 @@ void wpa_supplicant_event(void *ctx, enum wpa_event_type event, if (data) wpas_event_dfs_cac_aborted(wpa_s, &data->dfs_event); break; - case EVENT_DFS_NOP_FINISHED: - if (data) - wpas_event_dfs_cac_nop_finished(wpa_s, - &data->dfs_event); - break; -#endif /* NEED_AP_MLME */ -#endif /* CONFIG_AP */ case EVENT_RX_MGMT: { u16 fc, stype; const struct ieee80211_mgmt *mgmt; @@ -3844,6 +4439,16 @@ void wpa_supplicant_event(void *ctx, enum wpa_event_type event, break; } +#ifdef CONFIG_SAE + if (stype == WLAN_FC_STYPE_AUTH && + !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) && + (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE)) { + sme_external_auth_mgmt_rx( + wpa_s, data->rx_mgmt.frame, + data->rx_mgmt.frame_len); + break; + } +#endif /* CONFIG_SAE */ wpa_dbg(wpa_s, MSG_DEBUG, "AP: ignore received " "management frame in non-AP mode"); break; @@ -3908,6 +4513,10 @@ void wpa_supplicant_event(void *ctx, enum wpa_event_type event, #endif /* CONFIG_OFFCHANNEL */ wpas_p2p_cancel_remain_on_channel_cb( wpa_s, data->remain_on_channel.freq); +#ifdef CONFIG_DPP + wpas_dpp_cancel_remain_on_channel_cb( + wpa_s, data->remain_on_channel.freq); +#endif /* CONFIG_DPP */ break; case EVENT_EAPOL_RX: wpa_supplicant_rx_eapol(wpa_s, data->eapol_rx.src, @@ -3929,6 +4538,9 @@ void wpa_supplicant_event(void *ctx, enum wpa_event_type event, data->signal_change.current_noise, data->signal_change.current_txrate); break; + case EVENT_INTERFACE_MAC_CHANGED: + wpa_supplicant_update_mac_addr(wpa_s); + break; case EVENT_INTERFACE_ENABLED: wpa_dbg(wpa_s, MSG_DEBUG, "Interface was enabled"); if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) { @@ -4129,12 +4741,14 @@ void wpa_supplicant_event(void *ctx, enum wpa_event_type event, #endif /* CONFIG_AP */ break; case EVENT_ACS_CHANNEL_SELECTED: +#ifdef CONFIG_AP #ifdef CONFIG_ACS if (!wpa_s->ap_iface) break; hostapd_acs_channel_selected(wpa_s->ap_iface->bss[0], &data->acs_selected_channels); #endif /* CONFIG_ACS */ +#endif /* CONFIG_AP */ break; case EVENT_P2P_LO_STOP: #ifdef CONFIG_P2P @@ -4144,6 +4758,36 @@ void wpa_supplicant_event(void *ctx, enum wpa_event_type event, data->p2p_lo_stop.reason_code); #endif /* CONFIG_P2P */ break; + case EVENT_BEACON_LOSS: + if (!wpa_s->current_bss || !wpa_s->current_ssid) + break; + wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_BEACON_LOSS); + bgscan_notify_beacon_loss(wpa_s); + break; + case EVENT_EXTERNAL_AUTH: +#ifdef CONFIG_SAE + if (!wpa_s->current_ssid) { + wpa_printf(MSG_DEBUG, "SAE: current_ssid is NULL"); + break; + } + sme_external_auth_trigger(wpa_s, data); +#endif /* CONFIG_SAE */ + break; + case EVENT_PORT_AUTHORIZED: + wpa_supplicant_event_port_authorized(wpa_s); + break; + case EVENT_STATION_OPMODE_CHANGED: +#ifdef CONFIG_AP + if (!wpa_s->ap_iface || !data) + break; + + hostapd_event_sta_opmode_changed(wpa_s->ap_iface->bss[0], + data->sta_opmode.addr, + data->sta_opmode.smps_mode, + data->sta_opmode.chan_width, + data->sta_opmode.rx_nss); +#endif /* CONFIG_AP */ + break; default: wpa_msg(wpa_s, MSG_INFO, "Unknown event %d", event); break; diff --git a/contrib/wpa/wpa_supplicant/examples/dpp-qrcode.py b/contrib/wpa/wpa_supplicant/examples/dpp-qrcode.py new file mode 100755 index 000000000000..e2a00c910812 --- /dev/null +++ b/contrib/wpa/wpa_supplicant/examples/dpp-qrcode.py @@ -0,0 +1,130 @@ +#!/usr/bin/python +# +# Example Android logcat to wpa_supplicant wrapper for QR Code scans +# Copyright (c) 2017, Qualcomm Atheros, Inc. +# +# This software may be distributed under the terms of the BSD license. +# See README for more details. + +import os +import sys +import argparse +import logging +import qrcode + +scriptsdir = os.path.dirname(os.path.realpath(sys.modules[__name__].__file__)) +sys.path.append(os.path.join(scriptsdir, '..', '..', 'wpaspy')) + +import wpaspy + +wpas_ctrl = '/var/run/wpa_supplicant' + +def wpas_connect(): + ifaces = [] + if os.path.isdir(wpas_ctrl): + try: + ifaces = [os.path.join(wpas_ctrl, i) for i in os.listdir(wpas_ctrl)] + except OSError, error: + print "Could not find wpa_supplicant: ", error + return None + + if len(ifaces) < 1: + print "No wpa_supplicant control interface found" + return None + + for ctrl in ifaces: + try: + wpas = wpaspy.Ctrl(ctrl) + return wpas + except Exception, e: + pass + return None + +def dpp_logcat(): + for line in iter(sys.stdin.readline, ''): + if "ResultHandler: Launching intent: Intent" not in line: + continue + if "act=android.intent.action.VIEW" not in line: + continue + uri = None + for val in line.split(' '): + if val.startswith('dat='): + uri = val.split('=', 1)[1] + break + if not uri: + continue + if not uri.startswith('DPP:'): + continue + print "Found DPP bootstrap info URI:" + print uri + wpas = wpas_connect() + if not wpas: + print "Could not connect to wpa_supplicant" + print + continue + res = wpas.request("DPP_QR_CODE " + uri); + try: + id = int(res) + except ValueError: + print "QR Code URI rejected" + continue + print "QR Code URI accepted - ID=%d" % id + print wpas.request("DPP_BOOTSTRAP_INFO %d" % id) + del wpas + +def dpp_display(curve): + wpas = wpas_connect() + if not wpas: + print "Could not connect to wpa_supplicant" + return + res = wpas.request("STATUS") + addr = None + for line in res.splitlines(): + if line.startswith("address="): + addr = line.split('=')[1] + break + cmd = "DPP_BOOTSTRAP_GEN type=qrcode" + cmd += " chan=81/1" + if addr: + cmd += " mac=" + addr.replace(':','') + if curve: + cmd += " curve=" + curve + res = wpas.request(cmd) + try: + id = int(res) + except ValueError: + print "Failed to generate bootstrap info URI" + return + print "Bootstrap information - ID=%d" % id + print wpas.request("DPP_BOOTSTRAP_INFO %d" % id) + uri = wpas.request("DPP_BOOTSTRAP_GET_URI %d" % id) + print uri + print "ID=%d" % id + qr = qrcode.QRCode(error_correction=qrcode.constants.ERROR_CORRECT_M, + border=3) + qr.add_data(uri, optimize=5) + qr.print_ascii(tty=True) + print "ID=%d" % id + del wpas + +def main(): + parser = argparse.ArgumentParser(description='Android logcat to wpa_supplicant integration for DPP QR Code operations') + parser.add_argument('-d', const=logging.DEBUG, default=logging.INFO, + action='store_const', dest='loglevel', + help='verbose debug output') + parser.add_argument('--curve', '-c', + help='set a specific curve (P-256, P-384, P-521, BP-256R1, BP-384R1, BP-512R1) for key generation') + parser.add_argument('command', choices=['logcat', + 'display'], + nargs='?') + args = parser.parse_args() + + logging.basicConfig(level=args.loglevel) + + if args.command == "logcat": + dpp_logcat() + elif args.command == "display": + dpp_display(args.curve) + +if __name__ == '__main__': + main() diff --git a/contrib/wpa/wpa_supplicant/examples/wps-ap-cli b/contrib/wpa/wpa_supplicant/examples/wps-ap-cli index cc2cff2ebc24..15d913ef1fae 100755 --- a/contrib/wpa/wpa_supplicant/examples/wps-ap-cli +++ b/contrib/wpa/wpa_supplicant/examples/wps-ap-cli @@ -14,12 +14,12 @@ pbc() enter_pin() { echo "Enter a PIN from a station to be enrolled to the network." - echo -n "Enrollee PIN: " + printf "Enrollee PIN: " read pin cpin=`$CLI wps_check_pin "$pin" | tail -1` if [ "$cpin" = "FAIL-CHECKSUM" ]; then echo "Checksum digit is not valid" - echo -n "Do you want to use this PIN (y/n)? " + printf "Do you want to use this PIN (y/n)? " read resp case "$resp" in y*) @@ -52,7 +52,7 @@ main_menu() echo "3: Show current configuration" echo "0: Exit wps-ap-cli" - echo -n "Command: " + printf "Command: " read cmd case "$cmd" in diff --git a/contrib/wpa/wpa_supplicant/gas_query.c b/contrib/wpa/wpa_supplicant/gas_query.c index 691de0345d13..f4f60c58bee5 100644 --- a/contrib/wpa/wpa_supplicant/gas_query.c +++ b/contrib/wpa/wpa_supplicant/gas_query.c @@ -42,6 +42,7 @@ struct gas_query_pending { unsigned int wait_comeback:1; unsigned int offchannel_tx_started:1; unsigned int retry:1; + unsigned int wildcard_bssid:1; int freq; u16 status_code; struct wpabuf *req; @@ -53,6 +54,7 @@ struct gas_query_pending { const struct wpabuf *adv_proto, const struct wpabuf *resp, u16 status_code); void *ctx; + u8 sa[ETH_ALEN]; }; /** @@ -63,6 +65,9 @@ struct gas_query { struct dl_list pending; /* struct gas_query_pending */ struct gas_query_pending *current; struct wpa_radio_work *work; + struct os_reltime last_mac_addr_rand; + int last_rand_sa_type; + u8 rand_addr[ETH_ALEN]; }; @@ -117,6 +122,8 @@ static const char * gas_result_txt(enum gas_query_result result) return "PEER_ERROR"; case GAS_QUERY_INTERNAL_ERROR: return "INTERNAL_ERROR"; + case GAS_QUERY_STOPPED: + return "STOPPED"; case GAS_QUERY_DELETED_AT_DEINIT: return "DELETED_AT_DEINIT"; } @@ -239,10 +246,17 @@ static void gas_query_tx_status(struct wpa_supplicant *wpa_s, } os_get_reltime(&query->last_oper); - if (result == OFFCHANNEL_SEND_ACTION_SUCCESS) { + if (result == OFFCHANNEL_SEND_ACTION_SUCCESS || + result == OFFCHANNEL_SEND_ACTION_NO_ACK) { eloop_cancel_timeout(gas_query_timeout, gas, query); - eloop_register_timeout(GAS_QUERY_TIMEOUT_PERIOD, 0, - gas_query_timeout, gas, query); + if (result == OFFCHANNEL_SEND_ACTION_NO_ACK) { + wpa_printf(MSG_DEBUG, "GAS: No ACK to GAS request"); + eloop_register_timeout(0, 250000, + gas_query_timeout, gas, query); + } else { + eloop_register_timeout(GAS_QUERY_TIMEOUT_PERIOD, 0, + gas_query_timeout, gas, query); + } if (query->wait_comeback && !query->retry) { eloop_cancel_timeout(gas_query_rx_comeback_timeout, gas, query); @@ -278,8 +292,9 @@ static int gas_query_tx(struct gas_query *gas, struct gas_query_pending *query, }; wpa_printf(MSG_DEBUG, "GAS: Send action frame to " MACSTR " len=%u " - "freq=%d prot=%d", MAC2STR(query->addr), - (unsigned int) wpabuf_len(req), query->freq, prot); + "freq=%d prot=%d using src addr " MACSTR, + MAC2STR(query->addr), (unsigned int) wpabuf_len(req), + query->freq, prot, MAC2STR(query->sa)); if (prot) { u8 *categ = wpabuf_mhead_u8(req); *categ = WLAN_ACTION_PROTECTED_DUAL; @@ -288,17 +303,20 @@ static int gas_query_tx(struct gas_query *gas, struct gas_query_pending *query, if (gas->wpa_s->max_remain_on_chan && wait_time > gas->wpa_s->max_remain_on_chan) wait_time = gas->wpa_s->max_remain_on_chan; - if (!gas->wpa_s->conf->gas_address3 || - (gas->wpa_s->current_ssid && - gas->wpa_s->wpa_state >= WPA_ASSOCIATED && - os_memcmp(query->addr, gas->wpa_s->bssid, ETH_ALEN) == 0)) + if (!query->wildcard_bssid && + (!gas->wpa_s->conf->gas_address3 || + (gas->wpa_s->current_ssid && + gas->wpa_s->wpa_state >= WPA_ASSOCIATED && + os_memcmp(query->addr, gas->wpa_s->bssid, ETH_ALEN) == 0))) bssid = query->addr; else bssid = wildcard_bssid; + res = offchannel_send_action(gas->wpa_s, query->freq, query->addr, - gas->wpa_s->own_addr, bssid, - wpabuf_head(req), wpabuf_len(req), - wait_time, gas_query_tx_status, 0); + query->sa, bssid, wpabuf_head(req), + wpabuf_len(req), wait_time, + gas_query_tx_status, 0); + if (res == 0) query->offchannel_tx_started = 1; return res; @@ -407,6 +425,7 @@ static void gas_query_rx_initial(struct gas_query *gas, } if (comeback_delay) { + eloop_cancel_timeout(gas_query_timeout, gas, query); query->wait_comeback = 1; gas_query_tx_comeback_req_delay(gas, query, comeback_delay); return; @@ -724,6 +743,58 @@ static int gas_query_new_dialog_token(struct gas_query *gas, const u8 *dst) } +static int gas_query_set_sa(struct gas_query *gas, + struct gas_query_pending *query) +{ + struct wpa_supplicant *wpa_s = gas->wpa_s; + struct os_reltime now; + + if (!wpa_s->conf->gas_rand_mac_addr || + !(wpa_s->current_bss ? + (wpa_s->drv_flags & + WPA_DRIVER_FLAGS_MGMT_TX_RANDOM_TA_CONNECTED) : + (wpa_s->drv_flags & WPA_DRIVER_FLAGS_MGMT_TX_RANDOM_TA))) { + /* Use own MAC address as the transmitter address */ + os_memcpy(query->sa, wpa_s->own_addr, ETH_ALEN); + return 0; + } + + os_get_reltime(&now); + + if (wpa_s->conf->gas_rand_mac_addr == gas->last_rand_sa_type && + gas->last_mac_addr_rand.sec != 0 && + !os_reltime_expired(&now, &gas->last_mac_addr_rand, + wpa_s->conf->gas_rand_addr_lifetime)) { + wpa_printf(MSG_DEBUG, + "GAS: Use the previously selected random transmitter address " + MACSTR, MAC2STR(gas->rand_addr)); + os_memcpy(query->sa, gas->rand_addr, ETH_ALEN); + return 0; + } + + if (wpa_s->conf->gas_rand_mac_addr == 1 && + random_mac_addr(gas->rand_addr) < 0) { + wpa_printf(MSG_ERROR, "GAS: Failed to get random address"); + return -1; + } + + if (wpa_s->conf->gas_rand_mac_addr == 2 && + random_mac_addr_keep_oui(gas->rand_addr) < 0) { + wpa_printf(MSG_ERROR, + "GAS: Failed to get random address with same OUI"); + return -1; + } + + wpa_printf(MSG_DEBUG, "GAS: Use a new random transmitter address " + MACSTR, MAC2STR(gas->rand_addr)); + os_memcpy(query->sa, gas->rand_addr, ETH_ALEN); + os_get_reltime(&gas->last_mac_addr_rand); + gas->last_rand_sa_type = wpa_s->conf->gas_rand_mac_addr; + + return 0; +} + + /** * gas_query_req - Request a GAS query * @gas: GAS query data from gas_query_init() @@ -736,7 +807,7 @@ static int gas_query_new_dialog_token(struct gas_query *gas, const u8 *dst) * Returns: dialog token (>= 0) on success or -1 on failure */ int gas_query_req(struct gas_query *gas, const u8 *dst, int freq, - struct wpabuf *req, + int wildcard_bssid, struct wpabuf *req, void (*cb)(void *ctx, const u8 *dst, u8 dialog_token, enum gas_query_result result, const struct wpabuf *adv_proto, @@ -758,8 +829,13 @@ int gas_query_req(struct gas_query *gas, const u8 *dst, int freq, return -1; query->gas = gas; + if (gas_query_set_sa(gas, query)) { + os_free(query); + return -1; + } os_memcpy(query->addr, dst, ETH_ALEN); query->dialog_token = dialog_token; + query->wildcard_bssid = !!wildcard_bssid; query->freq = freq; query->cb = cb; query->ctx = ctx; @@ -781,3 +857,27 @@ int gas_query_req(struct gas_query *gas, const u8 *dst, int freq, return dialog_token; } + + +int gas_query_stop(struct gas_query *gas, u8 dialog_token) +{ + struct gas_query_pending *query; + + dl_list_for_each(query, &gas->pending, struct gas_query_pending, list) { + if (query->dialog_token == dialog_token) { + if (!gas->work) { + /* The pending radio work has not yet been + * started, but the pending entry has a + * reference to the soon to be freed query. + * Need to remove that radio work now to avoid + * leaving behind a reference to freed memory. + */ + radio_remove_pending_work(gas->wpa_s, query); + } + gas_query_done(gas, query, GAS_QUERY_STOPPED); + return 0; + } + } + + return -1; +} diff --git a/contrib/wpa/wpa_supplicant/gas_query.h b/contrib/wpa/wpa_supplicant/gas_query.h index ef82097e2424..982c0f7ce60e 100644 --- a/contrib/wpa/wpa_supplicant/gas_query.h +++ b/contrib/wpa/wpa_supplicant/gas_query.h @@ -29,16 +29,18 @@ enum gas_query_result { GAS_QUERY_TIMEOUT, GAS_QUERY_PEER_ERROR, GAS_QUERY_INTERNAL_ERROR, + GAS_QUERY_STOPPED, GAS_QUERY_DELETED_AT_DEINIT }; int gas_query_req(struct gas_query *gas, const u8 *dst, int freq, - struct wpabuf *req, + int wildcard_bssid, struct wpabuf *req, void (*cb)(void *ctx, const u8 *dst, u8 dialog_token, enum gas_query_result result, const struct wpabuf *adv_proto, const struct wpabuf *resp, u16 status_code), void *ctx); +int gas_query_stop(struct gas_query *gas, u8 dialog_token); #else /* CONFIG_GAS */ diff --git a/contrib/wpa/wpa_supplicant/hs20_supplicant.c b/contrib/wpa/wpa_supplicant/hs20_supplicant.c index e88f147bbd1b..f4187900ed42 100644 --- a/contrib/wpa/wpa_supplicant/hs20_supplicant.c +++ b/contrib/wpa/wpa_supplicant/hs20_supplicant.c @@ -49,9 +49,12 @@ struct osu_provider { u8 bssid[ETH_ALEN]; u8 osu_ssid[SSID_MAX_LEN]; u8 osu_ssid_len; + u8 osu_ssid2[SSID_MAX_LEN]; + u8 osu_ssid2_len; char server_uri[256]; u32 osu_methods; /* bit 0 = OMA-DM, bit 1 = SOAP-XML SPP */ char osu_nai[256]; + char osu_nai2[256]; struct osu_lang_string friendly_name[OSU_MAX_ITEMS]; size_t friendly_name_count; struct osu_lang_string serv_desc[OSU_MAX_ITEMS]; @@ -118,6 +121,22 @@ void wpas_hs20_add_indication(struct wpabuf *buf, int pps_mo_id) } +void wpas_hs20_add_roam_cons_sel(struct wpabuf *buf, + const struct wpa_ssid *ssid) +{ + if (!ssid->roaming_consortium_selection || + !ssid->roaming_consortium_selection_len) + return; + + wpabuf_put_u8(buf, WLAN_EID_VENDOR_SPECIFIC); + wpabuf_put_u8(buf, 4 + ssid->roaming_consortium_selection_len); + wpabuf_put_be24(buf, OUI_WFA); + wpabuf_put_u8(buf, HS20_ROAMING_CONS_SEL_OUI_TYPE); + wpabuf_put_data(buf, ssid->roaming_consortium_selection, + ssid->roaming_consortium_selection_len); +} + + int is_hs20_network(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid, struct wpa_bss *bss) { @@ -248,7 +267,7 @@ int hs20_anqp_send_req(struct wpa_supplicant *wpa_s, const u8 *dst, u32 stypes, if (buf == NULL) return -1; - res = gas_query_req(wpa_s->gas, dst, freq, buf, anqp_resp_cb, wpa_s); + res = gas_query_req(wpa_s->gas, dst, freq, 0, buf, anqp_resp_cb, wpa_s); if (res < 0) { wpa_printf(MSG_DEBUG, "ANQP: Failed to send Query Request"); wpabuf_free(buf); @@ -429,10 +448,9 @@ static int hs20_process_icon_binary_file(struct wpa_supplicant *wpa_s, dl_list_for_each(icon, &wpa_s->icon_head, struct icon_entry, list) { if (icon->dialog_token == dialog_token && !icon->image && os_memcmp(icon->bssid, sa, ETH_ALEN) == 0) { - icon->image = os_malloc(slen); + icon->image = os_memdup(pos, slen); if (!icon->image) return -1; - os_memcpy(icon->image, pos, slen); icon->image_len = slen; hs20_remove_duplicate_icons(wpa_s, icon); wpa_msg(wpa_s, MSG_INFO, @@ -646,6 +664,25 @@ void hs20_parse_rx_hs20_anqp_resp(struct wpa_supplicant *wpa_s, wpa_s, NULL); } break; + case HS20_STYPE_OPERATOR_ICON_METADATA: + wpa_msg(wpa_s, MSG_INFO, RX_HS20_ANQP MACSTR + " Operator Icon Metadata", MAC2STR(sa)); + wpa_hexdump(MSG_DEBUG, "Operator Icon Metadata", pos, slen); + if (anqp) { + wpabuf_free(anqp->hs20_operator_icon_metadata); + anqp->hs20_operator_icon_metadata = + wpabuf_alloc_copy(pos, slen); + } + break; + case HS20_STYPE_OSU_PROVIDERS_NAI_LIST: + wpa_msg(wpa_s, MSG_INFO, RX_HS20_ANQP MACSTR + " OSU Providers NAI List", MAC2STR(sa)); + if (anqp) { + wpabuf_free(anqp->hs20_osu_providers_nai_list); + anqp->hs20_osu_providers_nai_list = + wpabuf_alloc_copy(pos, slen); + } + break; default: wpa_printf(MSG_DEBUG, "HS20: Unsupported subtype %u", subtype); break; @@ -725,8 +762,15 @@ static void hs20_osu_fetch_done(struct wpa_supplicant *wpa_s) wpa_ssid_txt(osu->osu_ssid, osu->osu_ssid_len)); } + if (osu->osu_ssid2_len) { + fprintf(f, "osu_ssid2=%s\n", + wpa_ssid_txt(osu->osu_ssid2, + osu->osu_ssid2_len)); + } if (osu->osu_nai[0]) fprintf(f, "osu_nai=%s\n", osu->osu_nai); + if (osu->osu_nai2[0]) + fprintf(f, "osu_nai2=%s\n", osu->osu_nai2); for (j = 0; j < osu->friendly_name_count; j++) { fprintf(f, "friendly_name=%s:%s\n", osu->friendly_name[j].lang, @@ -790,6 +834,7 @@ void hs20_next_osu_icon(struct wpa_supplicant *wpa_s) static void hs20_osu_add_prov(struct wpa_supplicant *wpa_s, struct wpa_bss *bss, const u8 *osu_ssid, u8 osu_ssid_len, + const u8 *osu_ssid2, u8 osu_ssid2_len, const u8 *pos, size_t len) { struct osu_provider *prov; @@ -811,6 +856,9 @@ static void hs20_osu_add_prov(struct wpa_supplicant *wpa_s, struct wpa_bss *bss, os_memcpy(prov->bssid, bss->bssid, ETH_ALEN); os_memcpy(prov->osu_ssid, osu_ssid, osu_ssid_len); prov->osu_ssid_len = osu_ssid_len; + if (osu_ssid2) + os_memcpy(prov->osu_ssid2, osu_ssid2, osu_ssid2_len); + prov->osu_ssid2_len = osu_ssid2_len; /* OSU Friendly Name Length */ if (end - pos < 2) { @@ -992,18 +1040,30 @@ void hs20_osu_icon_fetch(struct wpa_supplicant *wpa_s) struct wpabuf *prov_anqp; const u8 *pos, *end; u16 len; - const u8 *osu_ssid; - u8 osu_ssid_len; + const u8 *osu_ssid, *osu_ssid2; + u8 osu_ssid_len, osu_ssid2_len; u8 num_providers; hs20_free_osu_prov(wpa_s); dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) { + struct wpa_ie_data data; + const u8 *ie; + if (bss->anqp == NULL) continue; prov_anqp = bss->anqp->hs20_osu_providers_list; if (prov_anqp == NULL) continue; + ie = wpa_bss_get_ie(bss, WLAN_EID_RSN); + if (ie && wpa_parse_wpa_ie(ie, 2 + ie[1], &data) == 0 && + (data.key_mgmt & WPA_KEY_MGMT_OSEN)) { + osu_ssid2 = bss->ssid; + osu_ssid2_len = bss->ssid_len; + } else { + osu_ssid2 = NULL; + osu_ssid2_len = 0; + } wpa_printf(MSG_DEBUG, "HS 2.0: Parsing OSU Providers list from " MACSTR, MAC2STR(bss->bssid)); wpa_hexdump_buf(MSG_DEBUG, "HS 2.0: OSU Providers list", @@ -1045,7 +1105,8 @@ void hs20_osu_icon_fetch(struct wpa_supplicant *wpa_s) if (len > (unsigned int) (end - pos)) break; hs20_osu_add_prov(wpa_s, bss, osu_ssid, - osu_ssid_len, pos, len); + osu_ssid_len, osu_ssid2, + osu_ssid2_len, pos, len); pos += len; } @@ -1054,6 +1115,35 @@ void hs20_osu_icon_fetch(struct wpa_supplicant *wpa_s) "extra data after OSU Providers", (int) (end - pos)); } + + prov_anqp = bss->anqp->hs20_osu_providers_nai_list; + if (!prov_anqp) + continue; + wpa_printf(MSG_DEBUG, + "HS 2.0: Parsing OSU Providers NAI List from " + MACSTR, MAC2STR(bss->bssid)); + wpa_hexdump_buf(MSG_DEBUG, "HS 2.0: OSU Providers NAI List", + prov_anqp); + pos = wpabuf_head(prov_anqp); + end = pos + wpabuf_len(prov_anqp); + num_providers = 0; + while (end - pos > 0) { + len = *pos++; + if (end - pos < len) { + wpa_printf(MSG_DEBUG, + "HS 2.0: Not enough room for OSU_NAI"); + break; + } + if (num_providers >= wpa_s->osu_prov_count) { + wpa_printf(MSG_DEBUG, + "HS 2.0: Ignore unexpected OSU Provider NAI List entries"); + break; + } + os_memcpy(wpa_s->osu_prov[num_providers].osu_nai2, + pos, len); + pos += len; + num_providers++; + } } wpa_s->fetch_osu_icon_in_progress = 1; @@ -1207,6 +1297,18 @@ void hs20_rx_deauth_imminent_notice(struct wpa_supplicant *wpa_s, u8 code, } +void hs20_rx_t_c_acceptance(struct wpa_supplicant *wpa_s, const char *url) +{ + if (!wpa_sm_pmf_enabled(wpa_s->wpa)) { + wpa_printf(MSG_DEBUG, + "HS 2.0: Ignore Terms and Conditions Acceptance since PMF was not enabled"); + return; + } + + wpa_msg(wpa_s, MSG_INFO, HS20_T_C_ACCEPTANCE "%s", url); +} + + void hs20_init(struct wpa_supplicant *wpa_s) { dl_list_init(&wpa_s->icon_head); diff --git a/contrib/wpa/wpa_supplicant/hs20_supplicant.h b/contrib/wpa/wpa_supplicant/hs20_supplicant.h index 0dd559fdbf01..66fc540be3e4 100644 --- a/contrib/wpa/wpa_supplicant/hs20_supplicant.h +++ b/contrib/wpa/wpa_supplicant/hs20_supplicant.h @@ -10,6 +10,8 @@ void hs20_configure_frame_filters(struct wpa_supplicant *wpa_s); void wpas_hs20_add_indication(struct wpabuf *buf, int pps_mo_id); +void wpas_hs20_add_roam_cons_sel(struct wpabuf *buf, + const struct wpa_ssid *ssid); int hs20_anqp_send_req(struct wpa_supplicant *wpa_s, const u8 *dst, u32 stypes, const u8 *payload, size_t payload_len, int inmem); @@ -27,6 +29,7 @@ void hs20_rx_subscription_remediation(struct wpa_supplicant *wpa_s, const char *url, u8 osu_method); void hs20_rx_deauth_imminent_notice(struct wpa_supplicant *wpa_s, u8 code, u16 reauth_delay, const char *url); +void hs20_rx_t_c_acceptance(struct wpa_supplicant *wpa_s, const char *url); void hs20_free_osu_prov(struct wpa_supplicant *wpa_s); void hs20_next_osu_icon(struct wpa_supplicant *wpa_s); diff --git a/contrib/wpa/wpa_supplicant/ibss_rsn.c b/contrib/wpa/wpa_supplicant/ibss_rsn.c index 53d7d57bde35..00919d14a55e 100644 --- a/contrib/wpa/wpa_supplicant/ibss_rsn.c +++ b/contrib/wpa/wpa_supplicant/ibss_rsn.c @@ -259,9 +259,13 @@ static void auth_logger(void *ctx, const u8 *addr, logger_level level, static const u8 * auth_get_psk(void *ctx, const u8 *addr, - const u8 *p2p_dev_addr, const u8 *prev_psk) + const u8 *p2p_dev_addr, const u8 *prev_psk, + size_t *psk_len) { struct ibss_rsn *ibss_rsn = ctx; + + if (psk_len) + *psk_len = PMK_LEN; wpa_printf(MSG_DEBUG, "AUTH: %s (addr=" MACSTR " prev_psk=%p)", __func__, MAC2STR(addr), prev_psk); if (prev_psk) @@ -408,7 +412,15 @@ static int ibss_rsn_auth_init_group(struct ibss_rsn *ibss_rsn, const u8 *own_addr, struct wpa_ssid *ssid) { struct wpa_auth_config conf; - struct wpa_auth_callbacks cb; + static const struct wpa_auth_callbacks cb = { + .logger = auth_logger, + .set_eapol = auth_set_eapol, + .send_eapol = auth_send_eapol, + .get_psk = auth_get_psk, + .set_key = auth_set_key, + .for_each_sta = auth_for_each_sta, + .disconnect = ibss_rsn_disconnect, + }; wpa_printf(MSG_DEBUG, "AUTH: Initializing group state machine"); @@ -420,18 +432,10 @@ static int ibss_rsn_auth_init_group(struct ibss_rsn *ibss_rsn, conf.wpa_group = WPA_CIPHER_CCMP; conf.eapol_version = 2; conf.wpa_group_rekey = ssid->group_rekey ? ssid->group_rekey : 600; + conf.wpa_group_update_count = 4; + conf.wpa_pairwise_update_count = 4; - os_memset(&cb, 0, sizeof(cb)); - cb.ctx = ibss_rsn; - cb.logger = auth_logger; - cb.set_eapol = auth_set_eapol; - cb.send_eapol = auth_send_eapol; - cb.get_psk = auth_get_psk; - cb.set_key = auth_set_key; - cb.for_each_sta = auth_for_each_sta; - cb.disconnect = ibss_rsn_disconnect; - - ibss_rsn->auth_group = wpa_init(own_addr, &conf, &cb); + ibss_rsn->auth_group = wpa_init(own_addr, &conf, &cb, ibss_rsn); if (ibss_rsn->auth_group == NULL) { wpa_printf(MSG_DEBUG, "AUTH: wpa_init() failed"); return -1; @@ -458,7 +462,7 @@ static int ibss_rsn_auth_init(struct ibss_rsn *ibss_rsn, "\x00\x0f\xac\x04" "\x01\x00\x00\x0f\xac\x04" "\x01\x00\x00\x0f\xac\x02" - "\x00\x00", 22, NULL, 0) != + "\x00\x00", 22, NULL, 0, NULL, 0) != WPA_IE_OK) { wpa_printf(MSG_DEBUG, "AUTH: wpa_validate_wpa_ie() failed"); return -1; @@ -760,10 +764,9 @@ static int ibss_rsn_process_rx_eapol(struct ibss_rsn *ibss_rsn, if (supp < 0) return -1; - tmp = os_malloc(len); + tmp = os_memdup(buf, len); if (tmp == NULL) return -1; - os_memcpy(tmp, buf, len); if (supp) { peer->authentication_status |= IBSS_RSN_AUTH_EAPOL_BY_PEER; wpa_printf(MSG_DEBUG, "RSN: IBSS RX EAPOL for Supplicant from " @@ -838,6 +841,18 @@ static void ibss_rsn_handle_auth_1_of_2(struct ibss_rsn *ibss_rsn, MAC2STR(addr)); if (peer && + peer->authentication_status & (IBSS_RSN_SET_PTK_SUPP | + IBSS_RSN_SET_PTK_AUTH)) { + /* Clear the TK for this pair to allow recovery from the case + * where the peer STA has restarted and lost its key while we + * still have a pairwise key configured. */ + wpa_printf(MSG_DEBUG, "RSN: Clear pairwise key for peer " + MACSTR, MAC2STR(addr)); + wpa_drv_set_key(ibss_rsn->wpa_s, WPA_ALG_NONE, addr, 0, 0, + NULL, 0, NULL, 0); + } + + if (peer && peer->authentication_status & IBSS_RSN_AUTH_EAPOL_BY_PEER) { if (peer->own_auth_tx.sec) { struct os_reltime now, diff; diff --git a/contrib/wpa/wpa_supplicant/interworking.c b/contrib/wpa/wpa_supplicant/interworking.c index 1fb40c74e5cf..60c8be9a6c6a 100644 --- a/contrib/wpa/wpa_supplicant/interworking.c +++ b/contrib/wpa/wpa_supplicant/interworking.c @@ -106,10 +106,12 @@ static struct wpabuf * anqp_build_req(u16 info_ids[], size_t num_ids, if (buf == NULL) return NULL; - len_pos = gas_anqp_add_element(buf, ANQP_QUERY_LIST); - for (i = 0; i < num_ids; i++) - wpabuf_put_le16(buf, info_ids[i]); - gas_anqp_set_element_len(buf, len_pos); + if (num_ids > 0) { + len_pos = gas_anqp_add_element(buf, ANQP_QUERY_LIST); + for (i = 0; i < num_ids; i++) + wpabuf_put_le16(buf, info_ids[i]); + gas_anqp_set_element_len(buf, len_pos); + } if (extra) wpabuf_put_buf(buf, extra); @@ -146,6 +148,8 @@ static int cred_with_roaming_consortium(struct wpa_supplicant *wpa_s) return 1; if (cred->required_roaming_consortium_len) return 1; + if (cred->num_roaming_consortiums) + return 1; } return 0; } @@ -299,8 +303,10 @@ static int interworking_anqp_send_req(struct wpa_supplicant *wpa_s, wpabuf_put_u8(extra, HS20_STYPE_CONNECTION_CAPABILITY); if (all) wpabuf_put_u8(extra, HS20_STYPE_OPERATING_CLASS); - if (all) + if (all) { wpabuf_put_u8(extra, HS20_STYPE_OSU_PROVIDERS_LIST); + wpabuf_put_u8(extra, HS20_STYPE_OSU_PROVIDERS_NAI_LIST); + } gas_anqp_set_element_len(extra, len_pos); } #endif /* CONFIG_HS20 */ @@ -310,7 +316,7 @@ static int interworking_anqp_send_req(struct wpa_supplicant *wpa_s, if (buf == NULL) return -1; - res = gas_query_req(wpa_s->gas, bss->bssid, bss->freq, buf, + res = gas_query_req(wpa_s->gas, bss->bssid, bss->freq, 0, buf, interworking_anqp_resp_cb, wpa_s); if (res < 0) { wpa_msg(wpa_s, MSG_DEBUG, "ANQP: Failed to send Query Request"); @@ -1143,6 +1149,23 @@ static int roaming_consortium_match(const u8 *ie, const struct wpabuf *anqp, } +static int cred_roaming_consortiums_match(const u8 *ie, + const struct wpabuf *anqp, + const struct wpa_cred *cred) +{ + unsigned int i; + + for (i = 0; i < cred->num_roaming_consortiums; i++) { + if (roaming_consortium_match(ie, anqp, + cred->roaming_consortiums[i], + cred->roaming_consortiums_len[i])) + return 1; + } + + return 0; +} + + static int cred_no_required_oi_match(struct wpa_cred *cred, struct wpa_bss *bss) { const u8 *ie; @@ -1347,27 +1370,28 @@ static struct wpa_cred * interworking_credentials_available_roaming_consortium( { struct wpa_cred *cred, *selected = NULL; const u8 *ie; + const struct wpabuf *anqp; int is_excluded = 0; ie = wpa_bss_get_ie(bss, WLAN_EID_ROAMING_CONSORTIUM); + anqp = bss->anqp ? bss->anqp->roaming_consortium : NULL; - if (ie == NULL && - (bss->anqp == NULL || bss->anqp->roaming_consortium == NULL)) + if (!ie && !anqp) return NULL; if (wpa_s->conf->cred == NULL) return NULL; for (cred = wpa_s->conf->cred; cred; cred = cred->next) { - if (cred->roaming_consortium_len == 0) + if (cred->roaming_consortium_len == 0 && + cred->num_roaming_consortiums == 0) continue; - if (!roaming_consortium_match(ie, - bss->anqp ? - bss->anqp->roaming_consortium : - NULL, - cred->roaming_consortium, - cred->roaming_consortium_len)) + if ((cred->roaming_consortium_len == 0 || + !roaming_consortium_match(ie, anqp, + cred->roaming_consortium, + cred->roaming_consortium_len)) && + !cred_roaming_consortiums_match(ie, anqp, cred)) continue; if (cred_no_required_oi_match(cred, bss)) @@ -1533,6 +1557,9 @@ static int interworking_connect_roaming_consortium( struct wpa_bss *bss, int only_add) { struct wpa_ssid *ssid; + const u8 *ie; + const struct wpabuf *anqp; + unsigned int i; wpa_msg(wpa_s, MSG_DEBUG, "Interworking: Connect with " MACSTR " based on roaming consortium match", MAC2STR(bss->bssid)); @@ -1562,6 +1589,26 @@ static int interworking_connect_roaming_consortium( if (interworking_set_hs20_params(wpa_s, ssid) < 0) goto fail; + ie = wpa_bss_get_ie(bss, WLAN_EID_ROAMING_CONSORTIUM); + anqp = bss->anqp ? bss->anqp->roaming_consortium : NULL; + for (i = 0; (ie || anqp) && i < cred->num_roaming_consortiums; i++) { + if (!roaming_consortium_match( + ie, anqp, cred->roaming_consortiums[i], + cred->roaming_consortiums_len[i])) + continue; + + ssid->roaming_consortium_selection = + os_malloc(cred->roaming_consortiums_len[i]); + if (!ssid->roaming_consortium_selection) + goto fail; + os_memcpy(ssid->roaming_consortium_selection, + cred->roaming_consortiums[i], + cred->roaming_consortiums_len[i]); + ssid->roaming_consortium_selection_len = + cred->roaming_consortiums_len[i]; + break; + } + if (cred->eap_method == NULL) { wpa_msg(wpa_s, MSG_DEBUG, "Interworking: No EAP method set for credential using roaming consortium"); @@ -1769,9 +1816,10 @@ int interworking_connect(struct wpa_supplicant *wpa_s, struct wpa_bss *bss, switch (eap->method) { case EAP_TYPE_TTLS: if (eap->inner_method) { - os_snprintf(buf, sizeof(buf), "\"autheap=%s\"", - eap_get_name(EAP_VENDOR_IETF, - eap->inner_method)); + name = eap_get_name(EAP_VENDOR_IETF, eap->inner_method); + if (!name) + goto fail; + os_snprintf(buf, sizeof(buf), "\"autheap=%s\"", name); if (wpa_config_set(ssid, "phase2", buf, 0) < 0) goto fail; break; @@ -1894,7 +1942,7 @@ static struct wpa_cred * interworking_credentials_available_3gpp( size_t len; wpa_msg(wpa_s, MSG_DEBUG, "Interworking: IMSI not available - try to read again through eap_proxy"); - wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, + wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, -1, wpa_s->imsi, &len); if (wpa_s->mnc_len > 0) { @@ -2530,7 +2578,8 @@ static void interworking_select_network(struct wpa_supplicant *wpa_s) wpa_msg(wpa_s, MSG_INFO, INTERWORKING_SELECTED MACSTR, MAC2STR(selected->bssid)); interworking_connect(wpa_s, selected, 0); - } + } else if (wpa_s->wpa_state == WPA_SCANNING) + wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED); } @@ -2693,7 +2742,7 @@ void interworking_stop_fetch_anqp(struct wpa_supplicant *wpa_s) int anqp_send_req(struct wpa_supplicant *wpa_s, const u8 *dst, u16 info_ids[], size_t num_ids, u32 subtypes, - int get_cell_pref) + u32 mbo_subtypes) { struct wpabuf *buf; struct wpabuf *extra_buf = NULL; @@ -2727,13 +2776,14 @@ int anqp_send_req(struct wpa_supplicant *wpa_s, const u8 *dst, #endif /* CONFIG_HS20 */ #ifdef CONFIG_MBO - if (get_cell_pref) { + if (mbo_subtypes) { struct wpabuf *mbo; - mbo = mbo_build_anqp_buf(wpa_s, bss); + mbo = mbo_build_anqp_buf(wpa_s, bss, mbo_subtypes); if (mbo) { if (wpabuf_resize(&extra_buf, wpabuf_len(mbo))) { wpabuf_free(extra_buf); + wpabuf_free(mbo); return -1; } wpabuf_put_buf(extra_buf, mbo); @@ -2747,7 +2797,7 @@ int anqp_send_req(struct wpa_supplicant *wpa_s, const u8 *dst, if (buf == NULL) return -1; - res = gas_query_req(wpa_s->gas, dst, freq, buf, anqp_resp_cb, wpa_s); + res = gas_query_req(wpa_s->gas, dst, freq, 0, buf, anqp_resp_cb, wpa_s); if (res < 0) { wpa_msg(wpa_s, MSG_DEBUG, "ANQP: Failed to send Query Request"); wpabuf_free(buf); @@ -2796,6 +2846,31 @@ static void anqp_add_extra(struct wpa_supplicant *wpa_s, } +static void interworking_parse_venue_url(struct wpa_supplicant *wpa_s, + const u8 *data, size_t len) +{ + const u8 *pos = data, *end = data + len; + char url[255]; + + while (end - pos >= 2) { + u8 slen, num; + + slen = *pos++; + if (slen < 1 || slen > end - pos) { + wpa_printf(MSG_DEBUG, + "ANQP: Truncated Venue URL Duple field"); + return; + } + + num = *pos++; + os_memcpy(url, pos, slen - 1); + url[slen - 1] = '\0'; + wpa_msg(wpa_s, MSG_INFO, RX_VENUE_URL "%u %s", num, url); + pos += slen - 1; + } +} + + static void interworking_parse_rx_anqp_resp(struct wpa_supplicant *wpa_s, struct wpa_bss *bss, const u8 *sa, u16 info_id, @@ -2804,9 +2879,7 @@ static void interworking_parse_rx_anqp_resp(struct wpa_supplicant *wpa_s, { const u8 *pos = data; struct wpa_bss_anqp *anqp = NULL; -#ifdef CONFIG_HS20 u8 type; -#endif /* CONFIG_HS20 */ if (bss) anqp = bss->anqp; @@ -2892,12 +2965,35 @@ static void interworking_parse_rx_anqp_resp(struct wpa_supplicant *wpa_s, anqp->domain_name = wpabuf_alloc_copy(pos, slen); } break; +#ifdef CONFIG_FILS + case ANQP_FILS_REALM_INFO: + wpa_msg(wpa_s, MSG_INFO, RX_ANQP MACSTR + " FILS Realm Information", MAC2STR(sa)); + wpa_hexdump_ascii(MSG_MSGDUMP, "ANQP: FILS Realm Information", + pos, slen); + if (anqp) { + wpabuf_free(anqp->fils_realm_info); + anqp->fils_realm_info = wpabuf_alloc_copy(pos, slen); + } + break; +#endif /* CONFIG_FILS */ + case ANQP_VENUE_URL: + wpa_msg(wpa_s, MSG_INFO, RX_ANQP MACSTR " Venue URL", + MAC2STR(sa)); + anqp_add_extra(wpa_s, anqp, info_id, pos, slen); + + if (!wpa_sm_pmf_enabled(wpa_s->wpa)) { + wpa_printf(MSG_DEBUG, + "ANQP: Ignore Venue URL since PMF was not enabled"); + break; + } + interworking_parse_venue_url(wpa_s, pos, slen); + break; case ANQP_VENDOR_SPECIFIC: if (slen < 3) return; switch (WPA_GET_BE24(pos)) { -#ifdef CONFIG_HS20 case OUI_WFA: pos += 3; slen -= 3; @@ -2908,19 +3004,26 @@ static void interworking_parse_rx_anqp_resp(struct wpa_supplicant *wpa_s, slen--; switch (type) { +#ifdef CONFIG_HS20 case HS20_ANQP_OUI_TYPE: hs20_parse_rx_hs20_anqp_resp(wpa_s, bss, sa, pos, slen, dialog_token); break; +#endif /* CONFIG_HS20 */ +#ifdef CONFIG_MBO + case MBO_ANQP_OUI_TYPE: + mbo_parse_rx_anqp_resp(wpa_s, bss, sa, + pos, slen); + break; +#endif /* CONFIG_MBO */ default: wpa_msg(wpa_s, MSG_DEBUG, - "HS20: Unsupported ANQP vendor type %u", + "ANQP: Unsupported ANQP vendor type %u", type); break; } break; -#endif /* CONFIG_HS20 */ default: wpa_msg(wpa_s, MSG_DEBUG, "Interworking: Unsupported vendor-specific ANQP OUI %06x", @@ -3133,7 +3236,7 @@ int gas_send_request(struct wpa_supplicant *wpa_s, const u8 *dst, } else wpabuf_put_le16(buf, 0); - res = gas_query_req(wpa_s->gas, dst, freq, buf, gas_resp_cb, wpa_s); + res = gas_query_req(wpa_s->gas, dst, freq, 0, buf, gas_resp_cb, wpa_s); if (res < 0) { wpa_msg(wpa_s, MSG_DEBUG, "GAS: Failed to send Query Request"); wpabuf_free(buf); diff --git a/contrib/wpa/wpa_supplicant/interworking.h b/contrib/wpa/wpa_supplicant/interworking.h index 3d22292618b2..37ee2e904e48 100644 --- a/contrib/wpa/wpa_supplicant/interworking.h +++ b/contrib/wpa/wpa_supplicant/interworking.h @@ -13,7 +13,7 @@ enum gas_query_result; int anqp_send_req(struct wpa_supplicant *wpa_s, const u8 *dst, u16 info_ids[], size_t num_ids, u32 subtypes, - int get_cell_pref); + u32 mbo_subtypes); void anqp_resp_cb(void *ctx, const u8 *dst, u8 dialog_token, enum gas_query_result result, const struct wpabuf *adv_proto, diff --git a/contrib/wpa/wpa_supplicant/mbo.c b/contrib/wpa/wpa_supplicant/mbo.c index 7e049be3df41..5adf61e58bd0 100644 --- a/contrib/wpa/wpa_supplicant/mbo.c +++ b/contrib/wpa/wpa_supplicant/mbo.c @@ -38,6 +38,19 @@ static int wpas_mbo_validate_non_pref_chan(u8 oper_class, u8 chan, u8 reason) } +const u8 * mbo_attr_from_mbo_ie(const u8 *mbo_ie, enum mbo_attr_id attr) +{ + const u8 *mbo; + u8 ie_len = mbo_ie[1]; + + if (ie_len < MBO_IE_HEADER - 2) + return NULL; + mbo = mbo_ie + MBO_IE_HEADER; + + return get_ie(mbo, 2 + ie_len - MBO_IE_HEADER, attr); +} + + const u8 * wpas_mbo_get_bss_attr(struct wpa_bss *bss, enum mbo_attr_id attr) { const u8 *mbo, *end; @@ -149,12 +162,14 @@ static void wpas_mbo_non_pref_chan_attrs(struct wpa_supplicant *wpa_s, } -int wpas_mbo_ie(struct wpa_supplicant *wpa_s, u8 *buf, size_t len) +int wpas_mbo_ie(struct wpa_supplicant *wpa_s, u8 *buf, size_t len, + int add_oce_capa) { struct wpabuf *mbo; int res; - if (len < MBO_IE_HEADER + 3 + 7) + if (len < MBO_IE_HEADER + 3 + 7 + + ((wpa_s->enable_oce & OCE_STA) ? 3 : 0)) return 0; /* Leave room for the MBO IE header */ @@ -173,9 +188,16 @@ int wpas_mbo_ie(struct wpa_supplicant *wpa_s, u8 *buf, size_t len) wpabuf_put_u8(mbo, 1); wpabuf_put_u8(mbo, wpa_s->conf->mbo_cell_capa); + /* Add OCE capability indication attribute if OCE is enabled */ + if ((wpa_s->enable_oce & OCE_STA) && add_oce_capa) { + wpabuf_put_u8(mbo, OCE_ATTR_ID_CAPA_IND); + wpabuf_put_u8(mbo, 1); + wpabuf_put_u8(mbo, OCE_RELEASE); + } + res = mbo_add_ie(buf, len, wpabuf_head_u8(mbo), wpabuf_len(mbo)); if (!res) - wpa_printf(MSG_ERROR, "Failed to add MBO IE"); + wpa_printf(MSG_ERROR, "Failed to add MBO/OCE IE"); wpabuf_free(mbo); return res; @@ -277,11 +299,10 @@ int wpas_mbo_update_non_pref_chan(struct wpa_supplicant *wpa_s, non_pref_chan ? non_pref_chan : "N/A"); /* - * The shortest channel configuration is 10 characters - commas, 3 - * colons, and 4 values that one of them (oper_class) is 2 digits or - * more. + * The shortest channel configuration is 7 characters - 3 colons and + * 4 values. */ - if (!non_pref_chan || os_strlen(non_pref_chan) < 10) + if (!non_pref_chan || os_strlen(non_pref_chan) < 7) goto update; cmd = os_strdup(non_pref_chan); @@ -369,315 +390,30 @@ fail: void wpas_mbo_scan_ie(struct wpa_supplicant *wpa_s, struct wpabuf *ie) { + u8 *len; + wpabuf_put_u8(ie, WLAN_EID_VENDOR_SPECIFIC); - wpabuf_put_u8(ie, 7); + len = wpabuf_put(ie, 1); + wpabuf_put_be24(ie, OUI_WFA); wpabuf_put_u8(ie, MBO_OUI_TYPE); wpabuf_put_u8(ie, MBO_ATTR_ID_CELL_DATA_CAPA); wpabuf_put_u8(ie, 1); wpabuf_put_u8(ie, wpa_s->conf->mbo_cell_capa); -} - - -enum chan_allowed { - NOT_ALLOWED, ALLOWED -}; - -static enum chan_allowed allow_channel(struct hostapd_hw_modes *mode, u8 chan, - unsigned int *flags) -{ - int i; - - for (i = 0; i < mode->num_channels; i++) { - if (mode->channels[i].chan == chan) - break; + if (wpa_s->enable_oce & OCE_STA) { + wpabuf_put_u8(ie, OCE_ATTR_ID_CAPA_IND); + wpabuf_put_u8(ie, 1); + wpabuf_put_u8(ie, OCE_RELEASE); } - - if (i == mode->num_channels || - (mode->channels[i].flag & HOSTAPD_CHAN_DISABLED)) - return NOT_ALLOWED; - - if (flags) - *flags = mode->channels[i].flag; - - return ALLOWED; -} - - -static int get_center_80mhz(struct hostapd_hw_modes *mode, u8 channel) -{ - u8 center_channels[] = {42, 58, 106, 122, 138, 155}; - size_t i; - - if (mode->mode != HOSTAPD_MODE_IEEE80211A) - return 0; - - for (i = 0; i < ARRAY_SIZE(center_channels); i++) { - /* - * In 80 MHz, the bandwidth "spans" 12 channels (e.g., 36-48), - * so the center channel is 6 channels away from the start/end. - */ - if (channel >= center_channels[i] - 6 && - channel <= center_channels[i] + 6) - return center_channels[i]; - } - - return 0; -} - - -static enum chan_allowed verify_80mhz(struct hostapd_hw_modes *mode, u8 channel) -{ - u8 center_chan; - unsigned int i; - - center_chan = get_center_80mhz(mode, channel); - if (!center_chan) - return NOT_ALLOWED; - - /* check all the channels are available */ - for (i = 0; i < 4; i++) { - unsigned int flags; - u8 adj_chan = center_chan - 6 + i * 4; - - if (allow_channel(mode, adj_chan, &flags) == NOT_ALLOWED) - return NOT_ALLOWED; - - if ((i == 0 && !(flags & HOSTAPD_CHAN_VHT_10_70)) || - (i == 1 && !(flags & HOSTAPD_CHAN_VHT_30_50)) || - (i == 2 && !(flags & HOSTAPD_CHAN_VHT_50_30)) || - (i == 3 && !(flags & HOSTAPD_CHAN_VHT_70_10))) - return NOT_ALLOWED; - } - - return ALLOWED; -} - - -static int get_center_160mhz(struct hostapd_hw_modes *mode, u8 channel) -{ - u8 center_channels[] = { 50, 114 }; - unsigned int i; - - if (mode->mode != HOSTAPD_MODE_IEEE80211A) - return 0; - - for (i = 0; i < ARRAY_SIZE(center_channels); i++) { - /* - * In 160 MHz, the bandwidth "spans" 28 channels (e.g., 36-64), - * so the center channel is 14 channels away from the start/end. - */ - if (channel >= center_channels[i] - 14 && - channel <= center_channels[i] + 14) - return center_channels[i]; - } - - return 0; -} - - -static enum chan_allowed verify_160mhz(struct hostapd_hw_modes *mode, - u8 channel) -{ - u8 center_chan; - unsigned int i; - - center_chan = get_center_160mhz(mode, channel); - if (!center_chan) - return NOT_ALLOWED; - - /* Check all the channels are available */ - for (i = 0; i < 8; i++) { - unsigned int flags; - u8 adj_chan = center_chan - 14 + i * 4; - - if (allow_channel(mode, adj_chan, &flags) == NOT_ALLOWED) - return NOT_ALLOWED; - - if ((i == 0 && !(flags & HOSTAPD_CHAN_VHT_10_150)) || - (i == 1 && !(flags & HOSTAPD_CHAN_VHT_30_130)) || - (i == 2 && !(flags & HOSTAPD_CHAN_VHT_50_110)) || - (i == 3 && !(flags & HOSTAPD_CHAN_VHT_70_90)) || - (i == 4 && !(flags & HOSTAPD_CHAN_VHT_90_70)) || - (i == 5 && !(flags & HOSTAPD_CHAN_VHT_110_50)) || - (i == 6 && !(flags & HOSTAPD_CHAN_VHT_130_30)) || - (i == 7 && !(flags & HOSTAPD_CHAN_VHT_150_10))) - return NOT_ALLOWED; - } - - return ALLOWED; -} - - -static enum chan_allowed verify_channel(struct hostapd_hw_modes *mode, - u8 channel, u8 bw) -{ - unsigned int flag = 0; - enum chan_allowed res, res2; - - res2 = res = allow_channel(mode, channel, &flag); - if (bw == BW40MINUS) { - if (!(flag & HOSTAPD_CHAN_HT40MINUS)) - return NOT_ALLOWED; - res2 = allow_channel(mode, channel - 4, NULL); - } else if (bw == BW40PLUS) { - if (!(flag & HOSTAPD_CHAN_HT40PLUS)) - return NOT_ALLOWED; - res2 = allow_channel(mode, channel + 4, NULL); - } else if (bw == BW80) { - /* - * channel is a center channel and as such, not necessarily a - * valid 20 MHz channels. Override earlier allow_channel() - * result and use only the 80 MHz specific version. - */ - res2 = res = verify_80mhz(mode, channel); - } else if (bw == BW160) { - /* - * channel is a center channel and as such, not necessarily a - * valid 20 MHz channels. Override earlier allow_channel() - * result and use only the 160 MHz specific version. - */ - res2 = res = verify_160mhz(mode, channel); - } else if (bw == BW80P80) { - /* - * channel is a center channel and as such, not necessarily a - * valid 20 MHz channels. Override earlier allow_channel() - * result and use only the 80 MHz specific version. - */ - res2 = res = verify_80mhz(mode, channel); - } - - if (res == NOT_ALLOWED || res2 == NOT_ALLOWED) - return NOT_ALLOWED; - - return ALLOWED; -} - - -static int wpas_op_class_supported(struct wpa_supplicant *wpa_s, - const struct oper_class_map *op_class) -{ - int chan; - size_t i; - struct hostapd_hw_modes *mode; - int found; - - mode = get_mode(wpa_s->hw.modes, wpa_s->hw.num_modes, op_class->mode); - if (!mode) - return 0; - - if (op_class->op_class == 128) { - u8 channels[] = { 42, 58, 106, 122, 138, 155 }; - - for (i = 0; i < ARRAY_SIZE(channels); i++) { - if (verify_channel(mode, channels[i], op_class->bw) == - ALLOWED) - return 1; - } - - return 0; - } - - if (op_class->op_class == 129) { - /* Check if either 160 MHz channels is allowed */ - return verify_channel(mode, 50, op_class->bw) == ALLOWED || - verify_channel(mode, 114, op_class->bw) == ALLOWED; - } - - if (op_class->op_class == 130) { - /* Need at least two non-contiguous 80 MHz segments */ - found = 0; - - if (verify_channel(mode, 42, op_class->bw) == ALLOWED || - verify_channel(mode, 58, op_class->bw) == ALLOWED) - found++; - if (verify_channel(mode, 106, op_class->bw) == ALLOWED || - verify_channel(mode, 122, op_class->bw) == ALLOWED || - verify_channel(mode, 138, op_class->bw) == ALLOWED) - found++; - if (verify_channel(mode, 106, op_class->bw) == ALLOWED && - verify_channel(mode, 138, op_class->bw) == ALLOWED) - found++; - if (verify_channel(mode, 155, op_class->bw) == ALLOWED) - found++; - - if (found >= 2) - return 1; - - return 0; - } - - found = 0; - for (chan = op_class->min_chan; chan <= op_class->max_chan; - chan += op_class->inc) { - if (verify_channel(mode, chan, op_class->bw) == ALLOWED) { - found = 1; - break; - } - } - - return found; -} - - -int wpas_mbo_supp_op_class_ie(struct wpa_supplicant *wpa_s, int freq, u8 *pos, - size_t len) -{ - struct wpabuf *buf; - u8 op, current, chan; - u8 *ie_len; - int res; - - /* - * Assume 20 MHz channel for now. - * TODO: Use the secondary channel and VHT channel width that will be - * used after association. - */ - if (ieee80211_freq_to_channel_ext(freq, 0, VHT_CHANWIDTH_USE_HT, - ¤t, &chan) == NUM_HOSTAPD_MODES) - return 0; - - /* - * Need 3 bytes for EID, length, and current operating class, plus - * 1 byte for every other supported operating class. - */ - buf = wpabuf_alloc(global_op_class_size + 3); - if (!buf) - return 0; - - wpabuf_put_u8(buf, WLAN_EID_SUPPORTED_OPERATING_CLASSES); - /* Will set the length later, putting a placeholder */ - ie_len = wpabuf_put(buf, 1); - wpabuf_put_u8(buf, current); - - for (op = 0; global_op_class[op].op_class; op++) { - if (wpas_op_class_supported(wpa_s, &global_op_class[op])) - wpabuf_put_u8(buf, global_op_class[op].op_class); - } - - *ie_len = wpabuf_len(buf) - 2; - if (*ie_len < 2 || wpabuf_len(buf) > len) { - wpa_printf(MSG_ERROR, - "Failed to add supported operating classes IE"); - res = 0; - } else { - os_memcpy(pos, wpabuf_head(buf), wpabuf_len(buf)); - res = wpabuf_len(buf); - wpa_hexdump_buf(MSG_DEBUG, - "MBO: Added supported operating classes IE", - buf); - } - - wpabuf_free(buf); - return res; + *len = (u8 *) wpabuf_put(ie, 0) - len - 1; } void wpas_mbo_ie_trans_req(struct wpa_supplicant *wpa_s, const u8 *mbo_ie, size_t len) { - const u8 *pos, *cell_pref = NULL, *reason = NULL; + const u8 *pos, *cell_pref = NULL; u8 id, elen; u16 disallowed_sec = 0; @@ -712,7 +448,8 @@ void wpas_mbo_ie_trans_req(struct wpa_supplicant *wpa_s, const u8 *mbo_ie, if (elen != 1) goto fail; - reason = pos; + wpa_s->wnm_mbo_trans_reason_present = 1; + wpa_s->wnm_mbo_transition_reason = *pos; break; case MBO_ATTR_ID_ASSOC_RETRY_DELAY: if (elen != 2) @@ -726,6 +463,9 @@ void wpas_mbo_ie_trans_req(struct wpa_supplicant *wpa_s, const u8 *mbo_ie, } else if (wpa_s->wnm_mode & WNM_BSS_TM_REQ_DISASSOC_IMMINENT) { disallowed_sec = WPA_GET_LE16(pos); + wpa_printf(MSG_DEBUG, + "MBO: Association retry delay: %u", + disallowed_sec); } else { wpa_printf(MSG_DEBUG, "MBO: Association retry delay attribute not in disassoc imminent mode"); @@ -755,9 +495,9 @@ void wpas_mbo_ie_trans_req(struct wpa_supplicant *wpa_s, const u8 *mbo_ie, wpa_msg(wpa_s, MSG_INFO, MBO_CELL_PREFERENCE "preference=%u", *cell_pref); - if (reason) + if (wpa_s->wnm_mbo_trans_reason_present) wpa_msg(wpa_s, MSG_INFO, MBO_TRANSITION_REASON "reason=%u", - *reason); + wpa_s->wnm_mbo_transition_reason); if (disallowed_sec && wpa_s->current_bss) wpa_bss_tmp_disallow(wpa_s, wpa_s->current_bss->bssid, @@ -809,10 +549,11 @@ void wpas_mbo_update_cell_capa(struct wpa_supplicant *wpa_s, u8 mbo_cell_capa) struct wpabuf * mbo_build_anqp_buf(struct wpa_supplicant *wpa_s, - struct wpa_bss *bss) + struct wpa_bss *bss, u32 mbo_subtypes) { struct wpabuf *anqp_buf; u8 *len_pos; + u8 i; if (!wpa_bss_get_vendor_ie(bss, MBO_IE_VENDOR_TYPE)) { wpa_printf(MSG_INFO, "MBO: " MACSTR @@ -821,7 +562,8 @@ struct wpabuf * mbo_build_anqp_buf(struct wpa_supplicant *wpa_s, return NULL; } - anqp_buf = wpabuf_alloc(10); + /* Allocate size for the maximum case - all MBO subtypes are set */ + anqp_buf = wpabuf_alloc(9 + MAX_MBO_ANQP_SUBTYPE); if (!anqp_buf) return NULL; @@ -829,8 +571,43 @@ struct wpabuf * mbo_build_anqp_buf(struct wpa_supplicant *wpa_s, wpabuf_put_be24(anqp_buf, OUI_WFA); wpabuf_put_u8(anqp_buf, MBO_ANQP_OUI_TYPE); - wpabuf_put_u8(anqp_buf, MBO_ANQP_SUBTYPE_CELL_CONN_PREF); + wpabuf_put_u8(anqp_buf, MBO_ANQP_SUBTYPE_QUERY_LIST); + + /* The first valid MBO subtype is 1 */ + for (i = 1; i <= MAX_MBO_ANQP_SUBTYPE; i++) { + if (mbo_subtypes & BIT(i)) + wpabuf_put_u8(anqp_buf, i); + } + gas_anqp_set_element_len(anqp_buf, len_pos); return anqp_buf; } + + +void mbo_parse_rx_anqp_resp(struct wpa_supplicant *wpa_s, + struct wpa_bss *bss, const u8 *sa, + const u8 *data, size_t slen) +{ + const u8 *pos = data; + u8 subtype; + + if (slen < 1) + return; + + subtype = *pos++; + slen--; + + switch (subtype) { + case MBO_ANQP_SUBTYPE_CELL_CONN_PREF: + if (slen < 1) + break; + wpa_msg(wpa_s, MSG_INFO, RX_MBO_ANQP MACSTR + " cell_conn_pref=%u", MAC2STR(sa), *pos); + break; + default: + wpa_printf(MSG_DEBUG, "MBO: Unsupported ANQP subtype %u", + subtype); + break; + } +} diff --git a/contrib/wpa/wpa_supplicant/mesh.c b/contrib/wpa/wpa_supplicant/mesh.c index d67d3b2aa390..38b9fb320ca9 100644 --- a/contrib/wpa/wpa_supplicant/mesh.c +++ b/contrib/wpa/wpa_supplicant/mesh.c @@ -84,6 +84,7 @@ static struct mesh_conf * mesh_config_create(struct wpa_supplicant *wpa_s, MESH_CONF_SEC_AMPE; else conf->security |= MESH_CONF_SEC_NONE; +#ifdef CONFIG_IEEE80211W conf->ieee80211w = ssid->ieee80211w; if (conf->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT) { if (wpa_s->drv_enc & WPA_DRIVER_CAPA_ENC_BIP) @@ -91,6 +92,7 @@ static struct mesh_conf * mesh_config_create(struct wpa_supplicant *wpa_s, else conf->ieee80211w = NO_MGMT_FRAME_PROTECTION; } +#endif /* CONFIG_IEEE80211W */ cipher = wpa_pick_pairwise_cipher(ssid->pairwise_cipher, 0); if (cipher < 0 || cipher == WPA_CIPHER_TKIP) { @@ -146,7 +148,8 @@ static void wpas_mesh_copy_groups(struct hostapd_data *bss, static int wpa_supplicant_mesh_init(struct wpa_supplicant *wpa_s, - struct wpa_ssid *ssid) + struct wpa_ssid *ssid, + struct hostapd_freq_params *freq) { struct hostapd_iface *ifmsh; struct hostapd_data *bss; @@ -154,8 +157,10 @@ static int wpa_supplicant_mesh_init(struct wpa_supplicant *wpa_s, struct mesh_conf *mconf; int basic_rates_erp[] = { 10, 20, 55, 60, 110, 120, 240, -1 }; static int default_groups[] = { 19, 20, 21, 25, 26, -1 }; + const char *password; size_t len; int rate_len; + int frequency; if (!wpa_s->conf->user_mpm) { /* not much for us to do here */ @@ -164,7 +169,7 @@ static int wpa_supplicant_mesh_init(struct wpa_supplicant *wpa_s, return 0; } - wpa_s->ifmsh = ifmsh = os_zalloc(sizeof(*wpa_s->ifmsh)); + wpa_s->ifmsh = ifmsh = hostapd_alloc_iface(); if (!ifmsh) return -ENOMEM; @@ -175,17 +180,23 @@ static int wpa_supplicant_mesh_init(struct wpa_supplicant *wpa_s, if (!ifmsh->bss) goto out_free; - ifmsh->bss[0] = bss = os_zalloc(sizeof(struct hostapd_data)); + ifmsh->bss[0] = bss = hostapd_alloc_bss_data(NULL, NULL, NULL); if (!bss) goto out_free; - dl_list_init(&bss->nr_db); + ifmsh->bss[0]->msg_ctx = wpa_s; os_memcpy(bss->own_addr, wpa_s->own_addr, ETH_ALEN); bss->driver = wpa_s->driver; bss->drv_priv = wpa_s->drv_priv; bss->iface = ifmsh; bss->mesh_sta_free_cb = mesh_mpm_free_sta; - wpa_s->assoc_freq = ssid->frequency; + frequency = ssid->frequency; + if (frequency != freq->freq && + frequency == freq->freq + freq->sec_channel_offset * 20) { + wpa_printf(MSG_DEBUG, "mesh: pri/sec channels switched"); + frequency = freq->freq; + } + wpa_s->assoc_freq = frequency; wpa_s->current_ssid = ssid; /* setup an AP config for auth processing */ @@ -211,10 +222,10 @@ static int wpa_supplicant_mesh_init(struct wpa_supplicant *wpa_s, ifmsh->mconf = mconf; /* need conf->hw_mode for supported rates. */ - conf->hw_mode = ieee80211_freq_to_chan(ssid->frequency, &conf->channel); + conf->hw_mode = ieee80211_freq_to_chan(frequency, &conf->channel); if (conf->hw_mode == NUM_HOSTAPD_MODES) { wpa_printf(MSG_ERROR, "Unsupported mesh mode frequency: %d MHz", - ssid->frequency); + frequency); goto out_free; } if (ssid->ht40) @@ -225,13 +236,13 @@ static int wpa_supplicant_mesh_init(struct wpa_supplicant *wpa_s, case VHT_CHANWIDTH_80MHZ: case VHT_CHANWIDTH_80P80MHZ: ieee80211_freq_to_chan( - ssid->frequency, + frequency, &conf->vht_oper_centr_freq_seg0_idx); conf->vht_oper_centr_freq_seg0_idx += ssid->ht40 * 2; break; case VHT_CHANWIDTH_160MHZ: ieee80211_freq_to_chan( - ssid->frequency, + frequency, &conf->vht_oper_centr_freq_seg0_idx); conf->vht_oper_centr_freq_seg0_idx += ssid->ht40 * 2; conf->vht_oper_centr_freq_seg0_idx += 40 / 5; @@ -250,11 +261,10 @@ static int wpa_supplicant_mesh_init(struct wpa_supplicant *wpa_s, * advertised in beacons match the one in peering frames, sigh. */ if (conf->hw_mode == HOSTAPD_MODE_IEEE80211G) { - conf->basic_rates = os_malloc(sizeof(basic_rates_erp)); + conf->basic_rates = os_memdup(basic_rates_erp, + sizeof(basic_rates_erp)); if (!conf->basic_rates) goto out_free; - os_memcpy(conf->basic_rates, basic_rates_erp, - sizeof(basic_rates_erp)); } } else { rate_len = 0; @@ -283,7 +293,10 @@ static int wpa_supplicant_mesh_init(struct wpa_supplicant *wpa_s, } if (mconf->security != MESH_CONF_SEC_NONE) { - if (ssid->passphrase == NULL) { + password = ssid->sae_password; + if (!password) + password = ssid->passphrase; + if (!password) { wpa_printf(MSG_ERROR, "mesh: Passphrase for SAE not configured"); goto out_free; @@ -297,16 +310,15 @@ static int wpa_supplicant_mesh_init(struct wpa_supplicant *wpa_s, wpas_mesh_copy_groups(bss, wpa_s); } else { bss->conf->sae_groups = - os_malloc(sizeof(default_groups)); + os_memdup(default_groups, + sizeof(default_groups)); if (!bss->conf->sae_groups) goto out_free; - os_memcpy(bss->conf->sae_groups, default_groups, - sizeof(default_groups)); } - len = os_strlen(ssid->passphrase); + len = os_strlen(password); bss->conf->ssid.wpa_passphrase = - dup_binstr(ssid->passphrase, len); + dup_binstr(password, len); wpa_s->mesh_rsn = mesh_rsn_auth_init(wpa_s, mconf); if (!wpa_s->mesh_rsn) @@ -406,6 +418,10 @@ int wpa_supplicant_join_mesh(struct wpa_supplicant *wpa_s, else if (wpa_s->conf->dtim_period > 0) params.dtim_period = wpa_s->conf->dtim_period; params.conf.max_peer_links = wpa_s->conf->max_peer_links; + if (ssid->mesh_rssi_threshold < DEFAULT_MESH_RSSI_THRESHOLD) { + params.conf.rssi_threshold = ssid->mesh_rssi_threshold; + params.conf.flags |= WPA_DRIVER_MESH_CONF_FLAG_RSSI_THRESHOLD; + } if (ssid->key_mgmt & WPA_KEY_MGMT_SAE) { params.flags |= WPA_DRIVER_MESH_FLAG_SAE_AUTH; @@ -422,7 +438,7 @@ int wpa_supplicant_join_mesh(struct wpa_supplicant *wpa_s, } params.conf.peer_link_timeout = wpa_s->conf->mesh_max_inactivity; - if (wpa_supplicant_mesh_init(wpa_s, ssid)) { + if (wpa_supplicant_mesh_init(wpa_s, ssid, ¶ms.freq)) { wpa_msg(wpa_s, MSG_ERROR, "Failed to init mesh"); wpa_drv_leave_mesh(wpa_s); ret = -1; diff --git a/contrib/wpa/wpa_supplicant/mesh_mpm.c b/contrib/wpa/wpa_supplicant/mesh_mpm.c index d14c7e3b2045..eafb0af7b82a 100644 --- a/contrib/wpa/wpa_supplicant/mesh_mpm.c +++ b/contrib/wpa/wpa_supplicant/mesh_mpm.c @@ -11,6 +11,7 @@ #include "utils/common.h" #include "utils/eloop.h" #include "common/ieee802_11_defs.h" +#include "common/hw_features_common.h" #include "ap/hostapd.h" #include "ap/sta_info.h" #include "ap/ieee802_11.h" @@ -19,6 +20,7 @@ #include "driver_i.h" #include "mesh_mpm.h" #include "mesh_rsn.h" +#include "notify.h" struct mesh_peer_mgmt_ie { const u8 *proto_id; /* Mesh Peering Protocol Identifier (2 octets) */ @@ -220,13 +222,14 @@ static void mesh_mpm_send_plink_action(struct wpa_supplicant *wpa_s, if (!sta) return; - buf_len = 2 + /* capability info */ + buf_len = 2 + /* Category and Action */ + 2 + /* capability info */ 2 + /* AID */ 2 + 8 + /* supported rates */ 2 + (32 - 8) + 2 + 32 + /* mesh ID */ 2 + 7 + /* mesh config */ - 2 + 23 + /* peering management */ + 2 + 24 + /* peering management */ 2 + 96 + /* AMPE */ 2 + 16; /* MIC */ #ifdef CONFIG_IEEE80211N @@ -435,7 +438,7 @@ static void plink_timer(void *eloop_ctx, void *user_data) break; } reason = WLAN_REASON_MESH_MAX_RETRIES; - /* fall through on else */ + /* fall through */ case PLINK_CNF_RCVD: /* confirm timer */ @@ -646,6 +649,9 @@ static struct sta_info * mesh_mpm_add_peer(struct wpa_supplicant *wpa_s, struct mesh_conf *conf = wpa_s->ifmsh->mconf; struct hostapd_data *data = wpa_s->ifmsh->bss[0]; struct sta_info *sta; +#ifdef CONFIG_IEEE80211N + struct ieee80211_ht_operation *oper; +#endif /* CONFIG_IEEE80211N */ int ret; if (elems->mesh_config_len >= 7 && @@ -677,6 +683,17 @@ static struct sta_info * mesh_mpm_add_peer(struct wpa_supplicant *wpa_s, #ifdef CONFIG_IEEE80211N copy_sta_ht_capab(data, sta, elems->ht_capabilities); + + oper = (struct ieee80211_ht_operation *) elems->ht_operation; + if (oper && + !(oper->ht_param & HT_INFO_HT_PARAM_STA_CHNL_WIDTH) && + sta->ht_capabilities) { + wpa_msg(wpa_s, MSG_DEBUG, MACSTR + " does not support 40 MHz bandwidth", + MAC2STR(sta->addr)); + set_disable_ht40(sta->ht_capabilities, 1); + } + update_ht_state(data, sta); #endif /* CONFIG_IEEE80211N */ @@ -842,6 +859,9 @@ static void mesh_mpm_plink_estab(struct wpa_supplicant *wpa_s, /* Send ctrl event */ wpa_msg(wpa_s, MSG_INFO, MESH_PEER_CONNECTED MACSTR, MAC2STR(sta->addr)); + + /* Send D-Bus event */ + wpas_notify_mesh_peer_connected(wpa_s, sta->addr); } @@ -994,6 +1014,10 @@ static void mesh_mpm_fsm(struct wpa_supplicant *wpa_s, struct sta_info *sta, wpa_msg(wpa_s, MSG_INFO, MESH_PEER_DISCONNECTED MACSTR, MAC2STR(sta->addr)); + /* Send D-Bus event */ + wpas_notify_mesh_peer_disconnected(wpa_s, sta->addr, + reason); + hapd->num_plinks--; mesh_mpm_send_plink_action(wpa_s, sta, @@ -1135,7 +1159,7 @@ void mesh_mpm_action_rx(struct wpa_supplicant *wpa_s, */ if (!sta && action_field == PLINK_OPEN && (!(mconf->security & MESH_CONF_SEC_AMPE) || - wpa_auth_pmksa_get(hapd->wpa_auth, mgmt->sa))) + wpa_auth_pmksa_get(hapd->wpa_auth, mgmt->sa, NULL))) sta = mesh_mpm_add_peer(wpa_s, mgmt->sa, &elems); if (!sta) { diff --git a/contrib/wpa/wpa_supplicant/mesh_rsn.c b/contrib/wpa/wpa_supplicant/mesh_rsn.c index 27ab8cb36458..e74cb16b0725 100644 --- a/contrib/wpa/wpa_supplicant/mesh_rsn.c +++ b/contrib/wpa/wpa_supplicant/mesh_rsn.c @@ -75,12 +75,15 @@ static void auth_logger(void *ctx, const u8 *addr, logger_level level, static const u8 *auth_get_psk(void *ctx, const u8 *addr, - const u8 *p2p_dev_addr, const u8 *prev_psk) + const u8 *p2p_dev_addr, const u8 *prev_psk, + size_t *psk_len) { struct mesh_rsn *mesh_rsn = ctx; struct hostapd_data *hapd = mesh_rsn->wpa_s->ifmsh->bss[0]; struct sta_info *sta = ap_get_sta(hapd, addr); + if (psk_len) + *psk_len = PMK_LEN; wpa_printf(MSG_DEBUG, "AUTH: %s (addr=" MACSTR " prev_psk=%p)", __func__, MAC2STR(addr), prev_psk); @@ -140,7 +143,12 @@ static int __mesh_rsn_auth_init(struct mesh_rsn *rsn, const u8 *addr, enum mfp_options ieee80211w) { struct wpa_auth_config conf; - struct wpa_auth_callbacks cb; + static const struct wpa_auth_callbacks cb = { + .logger = auth_logger, + .get_psk = auth_get_psk, + .set_key = auth_set_key, + .start_ampe = auth_start_ampe, + }; u8 seq[6] = {}; wpa_printf(MSG_DEBUG, "AUTH: Initializing group state machine"); @@ -153,20 +161,15 @@ static int __mesh_rsn_auth_init(struct mesh_rsn *rsn, const u8 *addr, conf.wpa_group = rsn->group_cipher; conf.eapol_version = 0; conf.wpa_group_rekey = -1; + conf.wpa_group_update_count = 4; + conf.wpa_pairwise_update_count = 4; #ifdef CONFIG_IEEE80211W conf.ieee80211w = ieee80211w; if (ieee80211w != NO_MGMT_FRAME_PROTECTION) conf.group_mgmt_cipher = rsn->mgmt_group_cipher; #endif /* CONFIG_IEEE80211W */ - os_memset(&cb, 0, sizeof(cb)); - cb.ctx = rsn; - cb.logger = auth_logger; - cb.get_psk = auth_get_psk; - cb.set_key = auth_set_key; - cb.start_ampe = auth_start_ampe; - - rsn->auth = wpa_init(addr, &conf, &cb); + rsn->auth = wpa_init(addr, &conf, &cb, rsn); if (rsn->auth == NULL) { wpa_printf(MSG_DEBUG, "AUTH: wpa_init() failed"); return -1; @@ -224,6 +227,9 @@ struct mesh_rsn *mesh_rsn_auth_init(struct wpa_supplicant *wpa_s, struct hostapd_data *bss = wpa_s->ifmsh->bss[0]; const u8 *ie; size_t ie_len; +#ifdef CONFIG_PMKSA_CACHE_EXTERNAL + struct external_pmksa_cache *entry; +#endif /* CONFIG_PMKSA_CACHE_EXTERNAL */ mesh_rsn = os_zalloc(sizeof(*mesh_rsn)); if (mesh_rsn == NULL) @@ -242,6 +248,22 @@ struct mesh_rsn *mesh_rsn_auth_init(struct wpa_supplicant *wpa_s, bss->wpa_auth = mesh_rsn->auth; +#ifdef CONFIG_PMKSA_CACHE_EXTERNAL + while ((entry = dl_list_last(&wpa_s->mesh_external_pmksa_cache, + struct external_pmksa_cache, + list)) != NULL) { + int ret; + + ret = wpa_auth_pmksa_add_entry(bss->wpa_auth, + entry->pmksa_cache); + dl_list_del(&entry->list); + os_free(entry); + + if (ret < 0) + return NULL; + } +#endif /* CONFIG_PMKSA_CACHE_EXTERNAL */ + ie = wpa_auth_get_wpa_ie(mesh_rsn->auth, &ie_len); conf->rsn_ie = (u8 *) ie; conf->rsn_ie_len = ie_len; @@ -295,7 +317,12 @@ static int mesh_rsn_build_sae_commit(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid, struct sta_info *sta) { - if (ssid->passphrase == NULL) { + const char *password; + + password = ssid->sae_password; + if (!password) + password = ssid->passphrase; + if (!password) { wpa_msg(wpa_s, MSG_DEBUG, "SAE: No password available"); return -1; } @@ -305,9 +332,15 @@ static int mesh_rsn_build_sae_commit(struct wpa_supplicant *wpa_s, return -1; } + if (sta->sae->tmp && !sta->sae->tmp->pw_id && ssid->sae_password_id) { + sta->sae->tmp->pw_id = os_strdup(ssid->sae_password_id); + if (!sta->sae->tmp->pw_id) + return -1; + } return sae_prepare_commit(wpa_s->own_addr, sta->addr, - (u8 *) ssid->passphrase, - os_strlen(ssid->passphrase), sta->sae); + (u8 *) password, os_strlen(password), + ssid->sae_password_id, + sta->sae); } @@ -333,7 +366,7 @@ int mesh_rsn_auth_sae_sta(struct wpa_supplicant *wpa_s, return -1; } - pmksa = wpa_auth_pmksa_get(hapd->wpa_auth, sta->addr); + pmksa = wpa_auth_pmksa_get(hapd->wpa_auth, sta->addr, NULL); if (pmksa) { if (!sta->wpa_sm) sta->wpa_sm = wpa_auth_sta_init(hapd->wpa_auth, @@ -579,7 +612,7 @@ skip_keys: /* encrypt after MIC */ mic_payload = wpabuf_put(buf, 2 + len + AES_BLOCK_SIZE); - if (aes_siv_encrypt(sta->aek, ampe_ie, 2 + len, 3, + if (aes_siv_encrypt(sta->aek, sizeof(sta->aek), ampe_ie, 2 + len, 3, aad, aad_len, mic_payload)) { wpa_printf(MSG_ERROR, "protect frame: failed to encrypt"); ret = -ENOMEM; @@ -611,7 +644,7 @@ int mesh_rsn_process_ampe(struct wpa_supplicant *wpa_s, struct sta_info *sta, if (!sta->sae) { struct hostapd_data *hapd = wpa_s->ifmsh->bss[0]; - if (!wpa_auth_pmksa_get(hapd->wpa_auth, sta->addr)) { + if (!wpa_auth_pmksa_get(hapd->wpa_auth, sta->addr, NULL)) { wpa_printf(MSG_INFO, "Mesh RSN: SAE is not prepared yet"); return -1; @@ -650,7 +683,7 @@ int mesh_rsn_process_ampe(struct wpa_supplicant *wpa_s, struct sta_info *sta, os_memcpy(crypt, elems->mic, crypt_len); - if (aes_siv_decrypt(sta->aek, crypt, crypt_len, 3, + if (aes_siv_decrypt(sta->aek, sizeof(sta->aek), crypt, crypt_len, 3, aad, aad_len, ampe_buf)) { wpa_printf(MSG_ERROR, "Mesh RSN: frame verification failed!"); ret = -2; diff --git a/contrib/wpa/wpa_supplicant/notify.c b/contrib/wpa/wpa_supplicant/notify.c index 67e36ae34cb8..83df04f394c7 100644 --- a/contrib/wpa/wpa_supplicant/notify.c +++ b/contrib/wpa/wpa_supplicant/notify.c @@ -669,12 +669,12 @@ void wpas_notify_p2p_provision_discovery(struct wpa_supplicant *wpa_s, void wpas_notify_p2p_group_started(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid, int persistent, - int client) + int client, const u8 *ip) { /* Notify a group has been started */ wpas_dbus_register_p2p_group(wpa_s, ssid); - wpas_dbus_signal_p2p_group_started(wpa_s, client, persistent); + wpas_dbus_signal_p2p_group_started(wpa_s, client, persistent, ip); } @@ -816,6 +816,12 @@ void wpas_notify_eap_status(struct wpa_supplicant *wpa_s, const char *status, } +void wpas_notify_eap_error(struct wpa_supplicant *wpa_s, int error_code) +{ + wpa_msg(wpa_s, MSG_ERROR, WPA_EVENT_EAP_ERROR_CODE "%d", error_code); +} + + void wpas_notify_network_bssid_set_changed(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid) { @@ -850,3 +856,49 @@ void wpas_notify_network_type_changed(struct wpa_supplicant *wpa_s, } #endif /* CONFIG_P2P */ } + + +#ifdef CONFIG_MESH + +void wpas_notify_mesh_group_started(struct wpa_supplicant *wpa_s, + struct wpa_ssid *ssid) +{ + if (wpa_s->p2p_mgmt) + return; + + wpas_dbus_signal_mesh_group_started(wpa_s, ssid); +} + + +void wpas_notify_mesh_group_removed(struct wpa_supplicant *wpa_s, + const u8 *meshid, u8 meshid_len, + int reason_code) +{ + if (wpa_s->p2p_mgmt) + return; + + wpas_dbus_signal_mesh_group_removed(wpa_s, meshid, meshid_len, + reason_code); +} + + +void wpas_notify_mesh_peer_connected(struct wpa_supplicant *wpa_s, + const u8 *peer_addr) +{ + if (wpa_s->p2p_mgmt) + return; + + wpas_dbus_signal_mesh_peer_connected(wpa_s, peer_addr); +} + + +void wpas_notify_mesh_peer_disconnected(struct wpa_supplicant *wpa_s, + const u8 *peer_addr, int reason_code) +{ + if (wpa_s->p2p_mgmt) + return; + + wpas_dbus_signal_mesh_peer_disconnected(wpa_s, peer_addr, reason_code); +} + +#endif /* CONFIG_MESH */ diff --git a/contrib/wpa/wpa_supplicant/notify.h b/contrib/wpa/wpa_supplicant/notify.h index 8cce0f30c2a9..3ca933c7621a 100644 --- a/contrib/wpa/wpa_supplicant/notify.h +++ b/contrib/wpa/wpa_supplicant/notify.h @@ -114,7 +114,7 @@ void wpas_notify_p2p_provision_discovery(struct wpa_supplicant *wpa_s, unsigned int generated_pin); void wpas_notify_p2p_group_started(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid, int persistent, - int client); + int client, const u8 *ip); void wpas_notify_p2p_group_formation_failure(struct wpa_supplicant *wpa_s, const char *reason); void wpas_notify_persistent_group_added(struct wpa_supplicant *wpa_s, @@ -134,6 +134,7 @@ void wpas_notify_preq(struct wpa_supplicant *wpa_s, const u8 *ie, size_t ie_len, u32 ssi_signal); void wpas_notify_eap_status(struct wpa_supplicant *wpa_s, const char *status, const char *parameter); +void wpas_notify_eap_error(struct wpa_supplicant *wpa_s, int error_code); void wpas_notify_network_bssid_set_changed(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid); void wpas_notify_network_type_changed(struct wpa_supplicant *wpa_s, @@ -141,5 +142,14 @@ void wpas_notify_network_type_changed(struct wpa_supplicant *wpa_s, void wpas_notify_p2p_invitation_received(struct wpa_supplicant *wpa_s, const u8 *sa, const u8 *go_dev_addr, const u8 *bssid, int id, int op_freq); +void wpas_notify_mesh_group_started(struct wpa_supplicant *wpa_s, + struct wpa_ssid *ssid); +void wpas_notify_mesh_group_removed(struct wpa_supplicant *wpa_s, + const u8 *meshid, u8 meshid_len, + int reason_code); +void wpas_notify_mesh_peer_connected(struct wpa_supplicant *wpa_s, + const u8 *peer_addr); +void wpas_notify_mesh_peer_disconnected(struct wpa_supplicant *wpa_s, + const u8 *peer_addr, int reason_code); #endif /* NOTIFY_H */ diff --git a/contrib/wpa/wpa_supplicant/offchannel.c b/contrib/wpa/wpa_supplicant/offchannel.c index 26d41a4ad5c6..b74be7dad4ac 100644 --- a/contrib/wpa/wpa_supplicant/offchannel.c +++ b/contrib/wpa/wpa_supplicant/offchannel.c @@ -310,6 +310,8 @@ int offchannel_send_action(struct wpa_supplicant *wpa_s, unsigned int freq, iface = wpas_get_tx_interface(wpa_s, src); wpa_s->action_tx_wait_time = wait_time; + if (wait_time) + wpa_s->action_tx_wait_time_used = 1; ret = wpa_drv_send_action( iface, wpa_s->pending_action_freq, @@ -398,13 +400,14 @@ void offchannel_send_action_done(struct wpa_supplicant *wpa_s) wpabuf_free(wpa_s->pending_action_tx); wpa_s->pending_action_tx = NULL; if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_TX && - wpa_s->action_tx_wait_time) + (wpa_s->action_tx_wait_time || wpa_s->action_tx_wait_time_used)) wpa_drv_send_action_cancel_wait(wpa_s); else if (wpa_s->off_channel_freq || wpa_s->roc_waiting_drv_freq) { wpa_drv_cancel_remain_on_channel(wpa_s); wpa_s->off_channel_freq = 0; wpa_s->roc_waiting_drv_freq = 0; } + wpa_s->action_tx_wait_time_used = 0; } diff --git a/contrib/wpa/wpa_supplicant/op_classes.c b/contrib/wpa/wpa_supplicant/op_classes.c new file mode 100644 index 000000000000..d23b0094c440 --- /dev/null +++ b/contrib/wpa/wpa_supplicant/op_classes.c @@ -0,0 +1,325 @@ +/* + * Operating classes + * Copyright(c) 2015 Intel Deutschland GmbH + * Contact Information: + * Intel Linux Wireless <ilw@linux.intel.com> + * Intel Corporation, 5200 N.E. Elam Young Parkway, Hillsboro, OR 97124-6497 + * + * This software may be distributed under the terms of the BSD license. + * See README for more details. + */ + +#include "utils/includes.h" + +#include "utils/common.h" +#include "common/ieee802_11_common.h" +#include "wpa_supplicant_i.h" + + +static enum chan_allowed allow_channel(struct hostapd_hw_modes *mode, u8 chan, + unsigned int *flags) +{ + int i; + + for (i = 0; i < mode->num_channels; i++) { + if (mode->channels[i].chan == chan) + break; + } + + if (i == mode->num_channels || + (mode->channels[i].flag & HOSTAPD_CHAN_DISABLED)) + return NOT_ALLOWED; + + if (flags) + *flags = mode->channels[i].flag; + + if (mode->channels[i].flag & HOSTAPD_CHAN_NO_IR) + return NO_IR; + + return ALLOWED; +} + + +static int get_center_80mhz(struct hostapd_hw_modes *mode, u8 channel) +{ + u8 center_channels[] = { 42, 58, 106, 122, 138, 155 }; + size_t i; + + if (mode->mode != HOSTAPD_MODE_IEEE80211A) + return 0; + + for (i = 0; i < ARRAY_SIZE(center_channels); i++) { + /* + * In 80 MHz, the bandwidth "spans" 12 channels (e.g., 36-48), + * so the center channel is 6 channels away from the start/end. + */ + if (channel >= center_channels[i] - 6 && + channel <= center_channels[i] + 6) + return center_channels[i]; + } + + return 0; +} + + +static enum chan_allowed verify_80mhz(struct hostapd_hw_modes *mode, u8 channel) +{ + u8 center_chan; + unsigned int i; + unsigned int no_ir = 0; + + center_chan = get_center_80mhz(mode, channel); + if (!center_chan) + return NOT_ALLOWED; + + /* check all the channels are available */ + for (i = 0; i < 4; i++) { + unsigned int flags; + u8 adj_chan = center_chan - 6 + i * 4; + + if (allow_channel(mode, adj_chan, &flags) == NOT_ALLOWED) + return NOT_ALLOWED; + + if ((i == 0 && !(flags & HOSTAPD_CHAN_VHT_10_70)) || + (i == 1 && !(flags & HOSTAPD_CHAN_VHT_30_50)) || + (i == 2 && !(flags & HOSTAPD_CHAN_VHT_50_30)) || + (i == 3 && !(flags & HOSTAPD_CHAN_VHT_70_10))) + return NOT_ALLOWED; + + if (flags & HOSTAPD_CHAN_NO_IR) + no_ir = 1; + } + + if (no_ir) + return NO_IR; + + return ALLOWED; +} + + +static int get_center_160mhz(struct hostapd_hw_modes *mode, u8 channel) +{ + u8 center_channels[] = { 50, 114 }; + unsigned int i; + + if (mode->mode != HOSTAPD_MODE_IEEE80211A) + return 0; + + for (i = 0; i < ARRAY_SIZE(center_channels); i++) { + /* + * In 160 MHz, the bandwidth "spans" 28 channels (e.g., 36-64), + * so the center channel is 14 channels away from the start/end. + */ + if (channel >= center_channels[i] - 14 && + channel <= center_channels[i] + 14) + return center_channels[i]; + } + + return 0; +} + + +static enum chan_allowed verify_160mhz(struct hostapd_hw_modes *mode, + u8 channel) +{ + u8 center_chan; + unsigned int i; + unsigned int no_ir = 0; + + center_chan = get_center_160mhz(mode, channel); + if (!center_chan) + return NOT_ALLOWED; + + /* Check all the channels are available */ + for (i = 0; i < 8; i++) { + unsigned int flags; + u8 adj_chan = center_chan - 14 + i * 4; + + if (allow_channel(mode, adj_chan, &flags) == NOT_ALLOWED) + return NOT_ALLOWED; + + if ((i == 0 && !(flags & HOSTAPD_CHAN_VHT_10_150)) || + (i == 1 && !(flags & HOSTAPD_CHAN_VHT_30_130)) || + (i == 2 && !(flags & HOSTAPD_CHAN_VHT_50_110)) || + (i == 3 && !(flags & HOSTAPD_CHAN_VHT_70_90)) || + (i == 4 && !(flags & HOSTAPD_CHAN_VHT_90_70)) || + (i == 5 && !(flags & HOSTAPD_CHAN_VHT_110_50)) || + (i == 6 && !(flags & HOSTAPD_CHAN_VHT_130_30)) || + (i == 7 && !(flags & HOSTAPD_CHAN_VHT_150_10))) + return NOT_ALLOWED; + + if (flags & HOSTAPD_CHAN_NO_IR) + no_ir = 1; + } + + if (no_ir) + return NO_IR; + + return ALLOWED; +} + + +enum chan_allowed verify_channel(struct hostapd_hw_modes *mode, u8 channel, + u8 bw) +{ + unsigned int flag = 0; + enum chan_allowed res, res2; + + res2 = res = allow_channel(mode, channel, &flag); + if (bw == BW40MINUS) { + if (!(flag & HOSTAPD_CHAN_HT40MINUS)) + return NOT_ALLOWED; + res2 = allow_channel(mode, channel - 4, NULL); + } else if (bw == BW40PLUS) { + if (!(flag & HOSTAPD_CHAN_HT40PLUS)) + return NOT_ALLOWED; + res2 = allow_channel(mode, channel + 4, NULL); + } else if (bw == BW80) { + /* + * channel is a center channel and as such, not necessarily a + * valid 20 MHz channels. Override earlier allow_channel() + * result and use only the 80 MHz specific version. + */ + res2 = res = verify_80mhz(mode, channel); + } else if (bw == BW160) { + /* + * channel is a center channel and as such, not necessarily a + * valid 20 MHz channels. Override earlier allow_channel() + * result and use only the 160 MHz specific version. + */ + res2 = res = verify_160mhz(mode, channel); + } else if (bw == BW80P80) { + /* + * channel is a center channel and as such, not necessarily a + * valid 20 MHz channels. Override earlier allow_channel() + * result and use only the 80 MHz specific version. + */ + res2 = res = verify_80mhz(mode, channel); + } + + if (res == NOT_ALLOWED || res2 == NOT_ALLOWED) + return NOT_ALLOWED; + + if (res == NO_IR || res2 == NO_IR) + return NO_IR; + + return ALLOWED; +} + + +static int wpas_op_class_supported(struct wpa_supplicant *wpa_s, + const struct oper_class_map *op_class) +{ + int chan; + size_t i; + struct hostapd_hw_modes *mode; + int found; + + mode = get_mode(wpa_s->hw.modes, wpa_s->hw.num_modes, op_class->mode); + if (!mode) + return 0; + + if (op_class->op_class == 128) { + u8 channels[] = { 42, 58, 106, 122, 138, 155 }; + + for (i = 0; i < ARRAY_SIZE(channels); i++) { + if (verify_channel(mode, channels[i], op_class->bw) != + NOT_ALLOWED) + return 1; + } + + return 0; + } + + if (op_class->op_class == 129) { + /* Check if either 160 MHz channels is allowed */ + return verify_channel(mode, 50, op_class->bw) != NOT_ALLOWED || + verify_channel(mode, 114, op_class->bw) != NOT_ALLOWED; + } + + if (op_class->op_class == 130) { + /* Need at least two non-contiguous 80 MHz segments */ + found = 0; + + if (verify_channel(mode, 42, op_class->bw) != NOT_ALLOWED || + verify_channel(mode, 58, op_class->bw) != NOT_ALLOWED) + found++; + if (verify_channel(mode, 106, op_class->bw) != NOT_ALLOWED || + verify_channel(mode, 122, op_class->bw) != NOT_ALLOWED || + verify_channel(mode, 138, op_class->bw) != NOT_ALLOWED) + found++; + if (verify_channel(mode, 106, op_class->bw) != NOT_ALLOWED && + verify_channel(mode, 138, op_class->bw) != NOT_ALLOWED) + found++; + if (verify_channel(mode, 155, op_class->bw) != NOT_ALLOWED) + found++; + + if (found >= 2) + return 1; + + return 0; + } + + found = 0; + for (chan = op_class->min_chan; chan <= op_class->max_chan; + chan += op_class->inc) { + if (verify_channel(mode, chan, op_class->bw) != NOT_ALLOWED) { + found = 1; + break; + } + } + + return found; +} + + +size_t wpas_supp_op_class_ie(struct wpa_supplicant *wpa_s, int freq, u8 *pos, + size_t len) +{ + struct wpabuf *buf; + u8 op, current, chan; + u8 *ie_len; + size_t res; + + /* + * Assume 20 MHz channel for now. + * TODO: Use the secondary channel and VHT channel width that will be + * used after association. + */ + if (ieee80211_freq_to_channel_ext(freq, 0, VHT_CHANWIDTH_USE_HT, + ¤t, &chan) == NUM_HOSTAPD_MODES) + return 0; + + /* + * Need 3 bytes for EID, length, and current operating class, plus + * 1 byte for every other supported operating class. + */ + buf = wpabuf_alloc(global_op_class_size + 3); + if (!buf) + return 0; + + wpabuf_put_u8(buf, WLAN_EID_SUPPORTED_OPERATING_CLASSES); + /* Will set the length later, putting a placeholder */ + ie_len = wpabuf_put(buf, 1); + wpabuf_put_u8(buf, current); + + for (op = 0; global_op_class[op].op_class; op++) { + if (wpas_op_class_supported(wpa_s, &global_op_class[op])) + wpabuf_put_u8(buf, global_op_class[op].op_class); + } + + *ie_len = wpabuf_len(buf) - 2; + if (*ie_len < 2 || wpabuf_len(buf) > len) { + wpa_printf(MSG_ERROR, + "Failed to add supported operating classes IE"); + res = 0; + } else { + os_memcpy(pos, wpabuf_head(buf), wpabuf_len(buf)); + res = wpabuf_len(buf); + wpa_hexdump_buf(MSG_DEBUG, + "Added supported operating classes IE", buf); + } + + wpabuf_free(buf); + return res; +} diff --git a/contrib/wpa/wpa_supplicant/p2p_supplicant.c b/contrib/wpa/wpa_supplicant/p2p_supplicant.c index b1fdc2837ff0..c596d5ab6148 100644 --- a/contrib/wpa/wpa_supplicant/p2p_supplicant.c +++ b/contrib/wpa/wpa_supplicant/p2p_supplicant.c @@ -307,7 +307,14 @@ static void wpas_p2p_trigger_scan_cb(struct wpa_radio_work *work, int deinit) return; } + if (wpa_s->clear_driver_scan_cache) { + wpa_printf(MSG_DEBUG, + "Request driver to clear scan cache due to local BSS flush"); + params->only_new_results = 1; + } ret = wpa_drv_scan(wpa_s, params); + if (ret == 0) + wpa_s->curr_scan_cookie = params->scan_cookie; wpa_scan_free_params(params); work->ctx = NULL; if (ret) { @@ -320,6 +327,7 @@ static void wpas_p2p_trigger_scan_cb(struct wpa_radio_work *work, int deinit) os_get_reltime(&wpa_s->scan_trigger_time); wpa_s->scan_res_handler = wpas_p2p_scan_res_handler; wpa_s->own_scan_requested = 1; + wpa_s->clear_driver_scan_cache = 0; wpa_s->p2p_scan_work = work; } @@ -740,6 +748,7 @@ static u8 p2ps_group_capability(void *ctx, u8 incoming, u8 role, conncap = P2PS_SETUP_GROUP_OWNER; goto grp_owner; } + /* fall through */ default: return P2PS_SETUP_NONE; @@ -807,7 +816,7 @@ grp_owner: wpa_s->own_addr); } else if (!s && !go_wpa_s) { if (wpas_p2p_add_group_interface(wpa_s, - WPA_IF_P2P_GO) < 0) { + WPA_IF_P2P_GROUP) < 0) { wpa_printf(MSG_ERROR, "P2P: Failed to allocate a new interface for the group"); return P2PS_SETUP_NONE; @@ -1312,6 +1321,10 @@ static void wpas_group_formation_completed(struct wpa_supplicant *wpa_s, if (wpa_s->p2p_go_group_formation_completed) { wpa_s->global->p2p_group_formation = NULL; wpa_s->p2p_in_provisioning = 0; + } else if (wpa_s->p2p_in_provisioning && !success) { + wpa_msg(wpa_s, MSG_DEBUG, + "P2P: Stop provisioning state due to failure"); + wpa_s->p2p_in_provisioning = 0; } wpa_s->p2p_in_invitation = 0; wpa_s->group_formation_reported = 1; @@ -1383,7 +1396,7 @@ static void wpas_group_formation_completed(struct wpa_supplicant *wpa_s, } if (!client) { - wpas_notify_p2p_group_started(wpa_s, ssid, persistent, 0); + wpas_notify_p2p_group_started(wpa_s, ssid, persistent, 0, NULL); os_get_reltime(&wpa_s->global->p2p_go_wait_client); } } @@ -1701,14 +1714,23 @@ static void wpas_p2p_add_psk_list(struct wpa_supplicant *wpa_s, static void p2p_go_dump_common_freqs(struct wpa_supplicant *wpa_s) { + char buf[20 + P2P_MAX_CHANNELS * 6]; + char *pos, *end; unsigned int i; + int res; - wpa_dbg(wpa_s, MSG_DEBUG, "P2P: Common group frequencies (len=%u):", - wpa_s->p2p_group_common_freqs_num); + pos = buf; + end = pos + sizeof(buf); + for (i = 0; i < wpa_s->p2p_group_common_freqs_num; i++) { + res = os_snprintf(pos, end - pos, " %d", + wpa_s->p2p_group_common_freqs[i]); + if (os_snprintf_error(end - pos, res)) + break; + pos += res; + } + *pos = '\0'; - for (i = 0; i < wpa_s->p2p_group_common_freqs_num; i++) - wpa_dbg(wpa_s, MSG_DEBUG, "freq[%u]: %d", - i, wpa_s->p2p_group_common_freqs[i]); + wpa_dbg(wpa_s, MSG_DEBUG, "P2P: Common group frequencies:%s", buf); } @@ -1801,7 +1823,8 @@ static void p2p_go_configured(void *ctx, void *data) } wpas_notify_p2p_group_started(wpa_s, ssid, - params->persistent_group, 0); + params->persistent_group, 0, + NULL); wpas_p2p_cross_connect_setup(wpa_s); wpas_p2p_set_group_idle_timeout(wpa_s); @@ -1989,6 +2012,11 @@ do { \ d->wps_nfc_dh_pubkey = wpabuf_dup(s->wps_nfc_dh_pubkey); } d->p2p_cli_probe = s->p2p_cli_probe; + d->go_interworking = s->go_interworking; + d->go_access_network_type = s->go_access_network_type; + d->go_internet = s->go_internet; + d->go_venue_group = s->go_venue_group; + d->go_venue_type = s->go_venue_type; } @@ -3331,10 +3359,6 @@ static int wpas_p2p_default_channels(struct wpa_supplicant *wpa_s, } -enum chan_allowed { - NOT_ALLOWED, NO_IR, ALLOWED -}; - static int has_channel(struct wpa_global *global, struct hostapd_hw_modes *mode, u8 chan, int *flags) { @@ -5003,6 +5027,12 @@ static void wpas_p2p_join_scan_req(struct wpa_supplicant *wpa_s, int freq, params.extra_ies = wpabuf_head(ies); params.extra_ies_len = wpabuf_len(ies); + if (wpa_s->clear_driver_scan_cache) { + wpa_printf(MSG_DEBUG, + "Request driver to clear scan cache due to local BSS flush"); + params.only_new_results = 1; + } + /* * Run a scan to update BSS table and start Provision Discovery once * the new scan results become available. @@ -5012,6 +5042,7 @@ static void wpas_p2p_join_scan_req(struct wpa_supplicant *wpa_s, int freq, os_get_reltime(&wpa_s->scan_trigger_time); wpa_s->scan_res_handler = wpas_p2p_scan_res_join; wpa_s->own_scan_requested = 1; + wpa_s->clear_driver_scan_cache = 0; } wpabuf_free(ies); @@ -5183,7 +5214,8 @@ static int wpas_p2p_setup_freqs(struct wpa_supplicant *wpa_s, int freq, ret = p2p_supported_freq_cli(wpa_s->global->p2p, freq); if (!ret) { if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_DFS_OFFLOAD) && - ieee80211_is_dfs(freq)) { + ieee80211_is_dfs(freq, wpa_s->hw.modes, + wpa_s->hw.num_modes)) { /* * If freq is a DFS channel and DFS is offloaded * to the driver, allow P2P GO to use it. @@ -5236,9 +5268,11 @@ static int wpas_p2p_setup_freqs(struct wpa_supplicant *wpa_s, int freq, if (!res && max_pref_freq > 0) { *num_pref_freq = max_pref_freq; i = 0; - while (wpas_p2p_disallowed_freq(wpa_s->global, - pref_freq_list[i]) && - i < *num_pref_freq) { + while (i < *num_pref_freq && + (!p2p_supported_freq(wpa_s->global->p2p, + pref_freq_list[i]) || + wpas_p2p_disallowed_freq(wpa_s->global, + pref_freq_list[i]))) { wpa_printf(MSG_DEBUG, "P2P: preferred_freq_list[%d]=%d is disallowed", i, pref_freq_list[i]); @@ -5601,9 +5635,11 @@ static int wpas_p2p_select_go_freq(struct wpa_supplicant *wpa_s, int freq) &size, pref_freq_list); if (!res && size > 0) { i = 0; - while (wpas_p2p_disallowed_freq(wpa_s->global, - pref_freq_list[i]) && - i < size) { + while (i < size && + (!p2p_supported_freq(wpa_s->global->p2p, + pref_freq_list[i]) || + wpas_p2p_disallowed_freq(wpa_s->global, + pref_freq_list[i]))) { wpa_printf(MSG_DEBUG, "P2P: preferred_freq_list[%d]=%d is disallowed", i, pref_freq_list[i]); @@ -5667,7 +5703,8 @@ static int wpas_p2p_select_go_freq(struct wpa_supplicant *wpa_s, int freq) if (freq > 0 && !p2p_supported_freq_go(wpa_s->global->p2p, freq)) { if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_DFS_OFFLOAD) && - ieee80211_is_dfs(freq)) { + ieee80211_is_dfs(freq, wpa_s->hw.modes, + wpa_s->hw.num_modes)) { /* * If freq is a DFS channel and DFS is offloaded to the * driver, allow P2P GO to use it. @@ -5705,30 +5742,6 @@ static void wpas_p2p_select_go_freq_no_pref(struct wpa_supplicant *wpa_s, { unsigned int i, r; - /* first try some random selection of the social channels */ - if (os_get_random((u8 *) &r, sizeof(r)) < 0) - return; - - for (i = 0; i < 3; i++) { - params->freq = 2412 + ((r + i) % 3) * 25; - if (wpas_p2p_supported_freq_go(wpa_s, channels, params->freq)) - goto out; - } - - /* try all other channels in operating class 81 */ - for (i = 0; i < 11; i++) { - params->freq = 2412 + i * 5; - - /* skip social channels; covered in the previous loop */ - if (params->freq == 2412 || - params->freq == 2437 || - params->freq == 2462) - continue; - - if (wpas_p2p_supported_freq_go(wpa_s, channels, params->freq)) - goto out; - } - /* try all channels in operating class 115 */ for (i = 0; i < 4; i++) { params->freq = 5180 + i * 20; @@ -5763,6 +5776,30 @@ static void wpas_p2p_select_go_freq_no_pref(struct wpa_supplicant *wpa_s, goto out; } + /* try some random selection of the social channels */ + if (os_get_random((u8 *) &r, sizeof(r)) < 0) + return; + + for (i = 0; i < 3; i++) { + params->freq = 2412 + ((r + i) % 3) * 25; + if (wpas_p2p_supported_freq_go(wpa_s, channels, params->freq)) + goto out; + } + + /* try all other channels in operating class 81 */ + for (i = 0; i < 11; i++) { + params->freq = 2412 + i * 5; + + /* skip social channels; covered in the previous loop */ + if (params->freq == 2412 || + params->freq == 2437 || + params->freq == 2462) + continue; + + if (wpas_p2p_supported_freq_go(wpa_s, channels, params->freq)) + goto out; + } + params->freq = 0; wpa_printf(MSG_DEBUG, "P2P: No 2.4, 5, or 60 GHz channel allowed"); return; @@ -5772,6 +5809,19 @@ out: } +static int wpas_same_band(int freq1, int freq2) +{ + enum hostapd_hw_mode mode1, mode2; + u8 chan1, chan2; + + mode1 = ieee80211_freq_to_chan(freq1, &chan1); + mode2 = ieee80211_freq_to_chan(freq2, &chan2); + if (mode1 == NUM_HOSTAPD_MODES) + return 0; + return mode1 == mode2; +} + + static int wpas_p2p_init_go_params(struct wpa_supplicant *wpa_s, struct p2p_go_neg_results *params, int freq, int vht_center_freq2, int ht40, @@ -5822,12 +5872,31 @@ static int wpas_p2p_init_go_params(struct wpa_supplicant *wpa_s, /* try using the forced freq */ if (freq) { - if (!wpas_p2p_supported_freq_go(wpa_s, channels, freq)) { + if (wpas_p2p_disallowed_freq(wpa_s->global, freq) || + !freq_included(wpa_s, channels, freq)) { wpa_printf(MSG_DEBUG, - "P2P: Forced GO freq %d MHz not accepted", + "P2P: Forced GO freq %d MHz disallowed", freq); goto fail; } + if (!p2p_supported_freq_go(wpa_s->global->p2p, freq)) { + if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_DFS_OFFLOAD) && + ieee80211_is_dfs(freq, wpa_s->hw.modes, + wpa_s->hw.num_modes)) { + /* + * If freq is a DFS channel and DFS is offloaded + * to the driver, allow P2P GO to use it. + */ + wpa_printf(MSG_DEBUG, + "P2P: %s: The forced channel for GO (%u MHz) requires DFS and DFS is offloaded", + __func__, freq); + } else { + wpa_printf(MSG_DEBUG, + "P2P: The forced channel for GO (%u MHz) is not supported for P2P uses", + freq); + goto fail; + } + } for (i = 0; i < num; i++) { if (freqs[i].freq == freq) { @@ -5953,6 +6022,80 @@ static int wpas_p2p_init_go_params(struct wpa_supplicant *wpa_s, goto success; } + /* Try using a channel that allows VHT to be used with 80 MHz */ + if (wpa_s->hw.modes && wpa_s->p2p_group_common_freqs) { + for (i = 0; i < wpa_s->p2p_group_common_freqs_num; i++) { + enum hostapd_hw_mode mode; + struct hostapd_hw_modes *hwmode; + u8 chan; + + cand = wpa_s->p2p_group_common_freqs[i]; + mode = ieee80211_freq_to_chan(cand, &chan); + hwmode = get_mode(wpa_s->hw.modes, wpa_s->hw.num_modes, + mode); + if (!hwmode || + wpas_p2p_verify_channel(wpa_s, hwmode, chan, + BW80) != ALLOWED) + continue; + if (wpas_p2p_supported_freq_go(wpa_s, channels, cand)) { + params->freq = cand; + wpa_printf(MSG_DEBUG, + "P2P: Use freq %d MHz common with the peer and allowing VHT80", + params->freq); + goto success; + } + } + } + + /* Try using a channel that allows HT to be used with 40 MHz on the same + * band so that CSA can be used */ + if (wpa_s->current_ssid && wpa_s->hw.modes && + wpa_s->p2p_group_common_freqs) { + for (i = 0; i < wpa_s->p2p_group_common_freqs_num; i++) { + enum hostapd_hw_mode mode; + struct hostapd_hw_modes *hwmode; + u8 chan; + + cand = wpa_s->p2p_group_common_freqs[i]; + mode = ieee80211_freq_to_chan(cand, &chan); + hwmode = get_mode(wpa_s->hw.modes, wpa_s->hw.num_modes, + mode); + if (!wpas_same_band(wpa_s->current_ssid->frequency, + cand) || + !hwmode || + (wpas_p2p_verify_channel(wpa_s, hwmode, chan, + BW40MINUS) != ALLOWED && + wpas_p2p_verify_channel(wpa_s, hwmode, chan, + BW40PLUS) != ALLOWED)) + continue; + if (wpas_p2p_supported_freq_go(wpa_s, channels, cand)) { + params->freq = cand; + wpa_printf(MSG_DEBUG, + "P2P: Use freq %d MHz common with the peer, allowing HT40, and maintaining same band", + params->freq); + goto success; + } + } + } + + /* Try using one of the group common freqs on the same band so that CSA + * can be used */ + if (wpa_s->current_ssid && wpa_s->p2p_group_common_freqs) { + for (i = 0; i < wpa_s->p2p_group_common_freqs_num; i++) { + cand = wpa_s->p2p_group_common_freqs[i]; + if (!wpas_same_band(wpa_s->current_ssid->frequency, + cand)) + continue; + if (wpas_p2p_supported_freq_go(wpa_s, channels, cand)) { + params->freq = cand; + wpa_printf(MSG_DEBUG, + "P2P: Use freq %d MHz common with the peer and maintaining same band", + params->freq); + goto success; + } + } + } + /* Try using one of the group common freqs */ if (wpa_s->p2p_group_common_freqs) { for (i = 0; i < wpa_s->p2p_group_common_freqs_num; i++) { @@ -6022,6 +6165,12 @@ wpas_p2p_get_group_iface(struct wpa_supplicant *wpa_s, int addr_allocated, return NULL; } + if (go && wpa_s->p2p_go_do_acs) { + group_wpa_s->p2p_go_do_acs = wpa_s->p2p_go_do_acs; + group_wpa_s->p2p_go_acs_band = wpa_s->p2p_go_acs_band; + wpa_s->p2p_go_do_acs = 0; + } + wpa_dbg(wpa_s, MSG_DEBUG, "P2P: Use separate group interface %s", group_wpa_s->ifname); group_wpa_s->p2p_first_connection_timeout = 0; @@ -6059,31 +6208,16 @@ int wpas_p2p_group_add(struct wpa_supplicant *wpa_s, int persistent_group, wpa_printf(MSG_DEBUG, "P2P: Stop any on-going P2P FIND"); wpas_p2p_stop_find_oper(wpa_s); - freq = wpas_p2p_select_go_freq(wpa_s, freq); - if (freq < 0) - return -1; + if (!wpa_s->p2p_go_do_acs) { + freq = wpas_p2p_select_go_freq(wpa_s, freq); + if (freq < 0) + return -1; + } if (wpas_p2p_init_go_params(wpa_s, ¶ms, freq, vht_center_freq2, ht40, vht, max_oper_chwidth, NULL)) return -1; - if (params.freq && - !p2p_supported_freq_go(wpa_s->global->p2p, params.freq)) { - if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_DFS_OFFLOAD) && - ieee80211_is_dfs(params.freq)) { - /* - * If freq is a DFS channel and DFS is offloaded to the - * driver, allow P2P GO to use it. - */ - wpa_printf(MSG_DEBUG, - "P2P: %s: The forced channel for GO (%u MHz) is DFS, and DFS is offloaded to driver", - __func__, params.freq); - } else { - wpa_printf(MSG_DEBUG, - "P2P: The selected channel for GO (%u MHz) is not supported for P2P uses", - params.freq); - return -1; - } - } + p2p_go_params(wpa_s->global->p2p, ¶ms); params.persistent_group = persistent_group; @@ -6559,8 +6693,14 @@ int wpas_p2p_find(struct wpa_supplicant *wpa_s, unsigned int timeout, wpa_s->p2p_long_listen = 0; if (wpa_s->global->p2p_disabled || wpa_s->global->p2p == NULL || - wpa_s->p2p_in_provisioning) + wpa_s->p2p_in_provisioning) { + wpa_dbg(wpa_s, MSG_DEBUG, "P2P: Reject p2p_find operation%s%s", + (wpa_s->global->p2p_disabled || !wpa_s->global->p2p) ? + " (P2P disabled)" : "", + wpa_s->p2p_in_provisioning ? + " (p2p_in_provisioning)" : ""); return -1; + } wpa_supplicant_cancel_sched_scan(wpa_s); @@ -7005,7 +7145,7 @@ void wpas_p2p_completed(struct wpa_supplicant *wpa_s) wpas_p2p_store_persistent_group(wpa_s->p2pdev, ssid, go_dev_addr); - wpas_notify_p2p_group_started(wpa_s, ssid, persistent, 1); + wpas_notify_p2p_group_started(wpa_s, ssid, persistent, 1, ip); } @@ -9041,16 +9181,20 @@ static void wpas_p2p_consider_moving_one_go(struct wpa_supplicant *wpa_s, unsigned int i, invalid_freq = 0, policy_move = 0, flags = 0; unsigned int timeout; int freq; + int dfs_offload; wpas_p2p_go_update_common_freqs(wpa_s); freq = wpa_s->current_ssid->frequency; + dfs_offload = (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DFS_OFFLOAD) && + ieee80211_is_dfs(freq, wpa_s->hw.modes, wpa_s->hw.num_modes); for (i = 0, invalid_freq = 0; i < num; i++) { if (freqs[i].freq == freq) { flags = freqs[i].flags; /* The channel is invalid, must change it */ - if (!p2p_supported_freq_go(wpa_s->global->p2p, freq)) { + if (!p2p_supported_freq_go(wpa_s->global->p2p, freq) && + !dfs_offload) { wpa_dbg(wpa_s, MSG_DEBUG, "P2P: Freq=%d MHz no longer valid for GO", freq); @@ -9060,7 +9204,7 @@ static void wpas_p2p_consider_moving_one_go(struct wpa_supplicant *wpa_s, /* Freq is not used by any other station interface */ continue; } else if (!p2p_supported_freq(wpa_s->global->p2p, - freqs[i].freq)) { + freqs[i].freq) && !dfs_offload) { /* Freq is not valid for P2P use cases */ continue; } else if (wpa_s->conf->p2p_go_freq_change_policy == diff --git a/contrib/wpa/wpa_supplicant/preauth_test.c b/contrib/wpa/wpa_supplicant/preauth_test.c index f4bba98e2a82..f2fff550aa81 100644 --- a/contrib/wpa/wpa_supplicant/preauth_test.c +++ b/contrib/wpa/wpa_supplicant/preauth_test.c @@ -143,16 +143,19 @@ static int wpa_supplicant_mlme_setprotection(void *wpa_s, const u8 *addr, } -static int wpa_supplicant_add_pmkid(void *wpa_s, - const u8 *bssid, const u8 *pmkid) +static int wpa_supplicant_add_pmkid(void *wpa_s, void *network_ctx, + const u8 *bssid, const u8 *pmkid, + const u8 *fils_cache_id, + const u8 *pmk, size_t pmk_len) { printf("%s - not implemented\n", __func__); return -1; } -static int wpa_supplicant_remove_pmkid(void *wpa_s, - const u8 *bssid, const u8 *pmkid) +static int wpa_supplicant_remove_pmkid(void *wpa_s, void *network_ctx, + const u8 *bssid, const u8 *pmkid, + const u8 *fils_cache_id) { printf("%s - not implemented\n", __func__); return -1; @@ -344,8 +347,8 @@ int main(int argc, char *argv[]) if (preauth_test.auth_timed_out) ret = -2; else { - ret = pmksa_cache_set_current(wpa_s.wpa, NULL, bssid, NULL, 0) - ? 0 : -3; + ret = pmksa_cache_set_current(wpa_s.wpa, NULL, bssid, NULL, 0, + NULL, 0) ? 0 : -3; } test_eapol_clean(&wpa_s); diff --git a/contrib/wpa/wpa_supplicant/rrm.c b/contrib/wpa/wpa_supplicant/rrm.c new file mode 100644 index 000000000000..f4fbfa719352 --- /dev/null +++ b/contrib/wpa/wpa_supplicant/rrm.c @@ -0,0 +1,1460 @@ +/* + * wpa_supplicant - Radio Measurements + * Copyright (c) 2003-2016, Jouni Malinen <j@w1.fi> + * + * This software may be distributed under the terms of the BSD license. + * See README for more details. + */ + +#include "includes.h" + +#include "utils/common.h" +#include "utils/eloop.h" +#include "common/ieee802_11_common.h" +#include "wpa_supplicant_i.h" +#include "driver_i.h" +#include "bss.h" +#include "scan.h" +#include "p2p_supplicant.h" + + +static void wpas_rrm_neighbor_rep_timeout_handler(void *data, void *user_ctx) +{ + struct rrm_data *rrm = data; + + if (!rrm->notify_neighbor_rep) { + wpa_printf(MSG_ERROR, + "RRM: Unexpected neighbor report timeout"); + return; + } + + wpa_printf(MSG_DEBUG, "RRM: Notifying neighbor report - NONE"); + rrm->notify_neighbor_rep(rrm->neighbor_rep_cb_ctx, NULL); + + rrm->notify_neighbor_rep = NULL; + rrm->neighbor_rep_cb_ctx = NULL; +} + + +/* + * wpas_rrm_reset - Clear and reset all RRM data in wpa_supplicant + * @wpa_s: Pointer to wpa_supplicant + */ +void wpas_rrm_reset(struct wpa_supplicant *wpa_s) +{ + wpa_s->rrm.rrm_used = 0; + + eloop_cancel_timeout(wpas_rrm_neighbor_rep_timeout_handler, &wpa_s->rrm, + NULL); + if (wpa_s->rrm.notify_neighbor_rep) + wpas_rrm_neighbor_rep_timeout_handler(&wpa_s->rrm, NULL); + wpa_s->rrm.next_neighbor_rep_token = 1; + wpas_clear_beacon_rep_data(wpa_s); +} + + +/* + * wpas_rrm_process_neighbor_rep - Handle incoming neighbor report + * @wpa_s: Pointer to wpa_supplicant + * @report: Neighbor report buffer, prefixed by a 1-byte dialog token + * @report_len: Length of neighbor report buffer + */ +void wpas_rrm_process_neighbor_rep(struct wpa_supplicant *wpa_s, + const u8 *report, size_t report_len) +{ + struct wpabuf *neighbor_rep; + + wpa_hexdump(MSG_DEBUG, "RRM: New Neighbor Report", report, report_len); + if (report_len < 1) + return; + + if (report[0] != wpa_s->rrm.next_neighbor_rep_token - 1) { + wpa_printf(MSG_DEBUG, + "RRM: Discarding neighbor report with token %d (expected %d)", + report[0], wpa_s->rrm.next_neighbor_rep_token - 1); + return; + } + + eloop_cancel_timeout(wpas_rrm_neighbor_rep_timeout_handler, &wpa_s->rrm, + NULL); + + if (!wpa_s->rrm.notify_neighbor_rep) { + wpa_printf(MSG_ERROR, "RRM: Unexpected neighbor report"); + return; + } + + /* skipping the first byte, which is only an id (dialog token) */ + neighbor_rep = wpabuf_alloc(report_len - 1); + if (!neighbor_rep) { + wpas_rrm_neighbor_rep_timeout_handler(&wpa_s->rrm, NULL); + return; + } + wpabuf_put_data(neighbor_rep, report + 1, report_len - 1); + wpa_printf(MSG_DEBUG, "RRM: Notifying neighbor report (token = %d)", + report[0]); + wpa_s->rrm.notify_neighbor_rep(wpa_s->rrm.neighbor_rep_cb_ctx, + neighbor_rep); + wpa_s->rrm.notify_neighbor_rep = NULL; + wpa_s->rrm.neighbor_rep_cb_ctx = NULL; +} + + +#if defined(__CYGWIN__) || defined(CONFIG_NATIVE_WINDOWS) +/* Workaround different, undefined for Windows, error codes used here */ +#define ENOTCONN -1 +#define EOPNOTSUPP -1 +#define ECANCELED -1 +#endif + +/* Measurement Request element + Location Subject + Maximum Age subelement */ +#define MEASURE_REQUEST_LCI_LEN (3 + 1 + 4) +/* Measurement Request element + Location Civic Request */ +#define MEASURE_REQUEST_CIVIC_LEN (3 + 5) + + +/** + * wpas_rrm_send_neighbor_rep_request - Request a neighbor report from our AP + * @wpa_s: Pointer to wpa_supplicant + * @ssid: if not null, this is sent in the request. Otherwise, no SSID IE + * is sent in the request. + * @lci: if set, neighbor request will include LCI request + * @civic: if set, neighbor request will include civic location request + * @cb: Callback function to be called once the requested report arrives, or + * timed out after RRM_NEIGHBOR_REPORT_TIMEOUT seconds. + * In the former case, 'neighbor_rep' is a newly allocated wpabuf, and it's + * the requester's responsibility to free it. + * In the latter case NULL will be sent in 'neighbor_rep'. + * @cb_ctx: Context value to send the callback function + * Returns: 0 in case of success, negative error code otherwise + * + * In case there is a previous request which has not been answered yet, the + * new request fails. The caller may retry after RRM_NEIGHBOR_REPORT_TIMEOUT. + * Request must contain a callback function. + */ +int wpas_rrm_send_neighbor_rep_request(struct wpa_supplicant *wpa_s, + const struct wpa_ssid_value *ssid, + int lci, int civic, + void (*cb)(void *ctx, + struct wpabuf *neighbor_rep), + void *cb_ctx) +{ + struct wpabuf *buf; + const u8 *rrm_ie; + + if (wpa_s->wpa_state != WPA_COMPLETED || wpa_s->current_ssid == NULL) { + wpa_printf(MSG_DEBUG, "RRM: No connection, no RRM."); + return -ENOTCONN; + } + + if (!wpa_s->rrm.rrm_used) { + wpa_printf(MSG_DEBUG, "RRM: No RRM in current connection."); + return -EOPNOTSUPP; + } + + rrm_ie = wpa_bss_get_ie(wpa_s->current_bss, + WLAN_EID_RRM_ENABLED_CAPABILITIES); + if (!rrm_ie || !(wpa_s->current_bss->caps & IEEE80211_CAP_RRM) || + !(rrm_ie[2] & WLAN_RRM_CAPS_NEIGHBOR_REPORT)) { + wpa_printf(MSG_DEBUG, + "RRM: No network support for Neighbor Report."); + return -EOPNOTSUPP; + } + + /* Refuse if there's a live request */ + if (wpa_s->rrm.notify_neighbor_rep) { + wpa_printf(MSG_DEBUG, + "RRM: Currently handling previous Neighbor Report."); + return -EBUSY; + } + + /* 3 = action category + action code + dialog token */ + buf = wpabuf_alloc(3 + (ssid ? 2 + ssid->ssid_len : 0) + + (lci ? 2 + MEASURE_REQUEST_LCI_LEN : 0) + + (civic ? 2 + MEASURE_REQUEST_CIVIC_LEN : 0)); + if (buf == NULL) { + wpa_printf(MSG_DEBUG, + "RRM: Failed to allocate Neighbor Report Request"); + return -ENOMEM; + } + + wpa_printf(MSG_DEBUG, "RRM: Neighbor report request (for %s), token=%d", + (ssid ? wpa_ssid_txt(ssid->ssid, ssid->ssid_len) : ""), + wpa_s->rrm.next_neighbor_rep_token); + + wpabuf_put_u8(buf, WLAN_ACTION_RADIO_MEASUREMENT); + wpabuf_put_u8(buf, WLAN_RRM_NEIGHBOR_REPORT_REQUEST); + wpabuf_put_u8(buf, wpa_s->rrm.next_neighbor_rep_token); + if (ssid) { + wpabuf_put_u8(buf, WLAN_EID_SSID); + wpabuf_put_u8(buf, ssid->ssid_len); + wpabuf_put_data(buf, ssid->ssid, ssid->ssid_len); + } + + if (lci) { + /* IEEE P802.11-REVmc/D5.0 9.4.2.21 */ + wpabuf_put_u8(buf, WLAN_EID_MEASURE_REQUEST); + wpabuf_put_u8(buf, MEASURE_REQUEST_LCI_LEN); + + /* + * Measurement token; nonzero number that is unique among the + * Measurement Request elements in a particular frame. + */ + wpabuf_put_u8(buf, 1); /* Measurement Token */ + + /* + * Parallel, Enable, Request, and Report bits are 0, Duration is + * reserved. + */ + wpabuf_put_u8(buf, 0); /* Measurement Request Mode */ + wpabuf_put_u8(buf, MEASURE_TYPE_LCI); /* Measurement Type */ + + /* IEEE P802.11-REVmc/D5.0 9.4.2.21.10 - LCI request */ + /* Location Subject */ + wpabuf_put_u8(buf, LOCATION_SUBJECT_REMOTE); + + /* Optional Subelements */ + /* + * IEEE P802.11-REVmc/D5.0 Figure 9-170 + * The Maximum Age subelement is required, otherwise the AP can + * send only data that was determined after receiving the + * request. Setting it here to unlimited age. + */ + wpabuf_put_u8(buf, LCI_REQ_SUBELEM_MAX_AGE); + wpabuf_put_u8(buf, 2); + wpabuf_put_le16(buf, 0xffff); + } + + if (civic) { + /* IEEE P802.11-REVmc/D5.0 9.4.2.21 */ + wpabuf_put_u8(buf, WLAN_EID_MEASURE_REQUEST); + wpabuf_put_u8(buf, MEASURE_REQUEST_CIVIC_LEN); + + /* + * Measurement token; nonzero number that is unique among the + * Measurement Request elements in a particular frame. + */ + wpabuf_put_u8(buf, 2); /* Measurement Token */ + + /* + * Parallel, Enable, Request, and Report bits are 0, Duration is + * reserved. + */ + wpabuf_put_u8(buf, 0); /* Measurement Request Mode */ + /* Measurement Type */ + wpabuf_put_u8(buf, MEASURE_TYPE_LOCATION_CIVIC); + + /* IEEE P802.11-REVmc/D5.0 9.4.2.21.14: + * Location Civic request */ + /* Location Subject */ + wpabuf_put_u8(buf, LOCATION_SUBJECT_REMOTE); + wpabuf_put_u8(buf, 0); /* Civic Location Type: IETF RFC 4776 */ + /* Location Service Interval Units: Seconds */ + wpabuf_put_u8(buf, 0); + /* Location Service Interval: 0 - Only one report is requested + */ + wpabuf_put_le16(buf, 0); + /* No optional subelements */ + } + + wpa_s->rrm.next_neighbor_rep_token++; + + if (wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid, + wpa_s->own_addr, wpa_s->bssid, + wpabuf_head(buf), wpabuf_len(buf), 0) < 0) { + wpa_printf(MSG_DEBUG, + "RRM: Failed to send Neighbor Report Request"); + wpabuf_free(buf); + return -ECANCELED; + } + + wpa_s->rrm.neighbor_rep_cb_ctx = cb_ctx; + wpa_s->rrm.notify_neighbor_rep = cb; + eloop_register_timeout(RRM_NEIGHBOR_REPORT_TIMEOUT, 0, + wpas_rrm_neighbor_rep_timeout_handler, + &wpa_s->rrm, NULL); + + wpabuf_free(buf); + return 0; +} + + +static int wpas_rrm_report_elem(struct wpabuf **buf, u8 token, u8 mode, u8 type, + const u8 *data, size_t data_len) +{ + if (wpabuf_resize(buf, 5 + data_len)) + return -1; + + wpabuf_put_u8(*buf, WLAN_EID_MEASURE_REPORT); + wpabuf_put_u8(*buf, 3 + data_len); + wpabuf_put_u8(*buf, token); + wpabuf_put_u8(*buf, mode); + wpabuf_put_u8(*buf, type); + + if (data_len) + wpabuf_put_data(*buf, data, data_len); + + return 0; +} + + +static int +wpas_rrm_build_lci_report(struct wpa_supplicant *wpa_s, + const struct rrm_measurement_request_element *req, + struct wpabuf **buf) +{ + u8 subject; + u16 max_age = 0; + struct os_reltime t, diff; + unsigned long diff_l; + const u8 *subelem; + const u8 *request = req->variable; + size_t len = req->len - 3; + + if (len < 1) + return -1; + + if (!wpa_s->lci) + goto reject; + + subject = *request++; + len--; + + wpa_printf(MSG_DEBUG, "Measurement request location subject=%u", + subject); + + if (subject != LOCATION_SUBJECT_REMOTE) { + wpa_printf(MSG_INFO, + "Not building LCI report - bad location subject"); + return 0; + } + + /* Subelements are formatted exactly like elements */ + wpa_hexdump(MSG_DEBUG, "LCI request subelements", request, len); + subelem = get_ie(request, len, LCI_REQ_SUBELEM_MAX_AGE); + if (subelem && subelem[1] == 2) + max_age = WPA_GET_LE16(subelem + 2); + + if (os_get_reltime(&t)) + goto reject; + + os_reltime_sub(&t, &wpa_s->lci_time, &diff); + /* LCI age is calculated in 10th of a second units. */ + diff_l = diff.sec * 10 + diff.usec / 100000; + + if (max_age != 0xffff && max_age < diff_l) + goto reject; + + if (wpas_rrm_report_elem(buf, req->token, + MEASUREMENT_REPORT_MODE_ACCEPT, req->type, + wpabuf_head_u8(wpa_s->lci), + wpabuf_len(wpa_s->lci)) < 0) { + wpa_printf(MSG_DEBUG, "Failed to add LCI report element"); + return -1; + } + + return 0; + +reject: + if (!is_multicast_ether_addr(wpa_s->rrm.dst_addr) && + wpas_rrm_report_elem(buf, req->token, + MEASUREMENT_REPORT_MODE_REJECT_INCAPABLE, + req->type, NULL, 0) < 0) { + wpa_printf(MSG_DEBUG, "RRM: Failed to add report element"); + return -1; + } + + return 0; +} + + +static void wpas_rrm_send_msr_report_mpdu(struct wpa_supplicant *wpa_s, + const u8 *data, size_t len) +{ + struct wpabuf *report = wpabuf_alloc(len + 3); + + if (!report) + return; + + wpabuf_put_u8(report, WLAN_ACTION_RADIO_MEASUREMENT); + wpabuf_put_u8(report, WLAN_RRM_RADIO_MEASUREMENT_REPORT); + wpabuf_put_u8(report, wpa_s->rrm.token); + + wpabuf_put_data(report, data, len); + + if (wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid, + wpa_s->own_addr, wpa_s->bssid, + wpabuf_head(report), wpabuf_len(report), 0)) { + wpa_printf(MSG_ERROR, + "RRM: Radio measurement report failed: Sending Action frame failed"); + } + + wpabuf_free(report); +} + + +static void wpas_rrm_send_msr_report(struct wpa_supplicant *wpa_s, + struct wpabuf *buf) +{ + int len = wpabuf_len(buf); + const u8 *pos = wpabuf_head_u8(buf), *next = pos; + +#define MPDU_REPORT_LEN (int) (IEEE80211_MAX_MMPDU_SIZE - IEEE80211_HDRLEN - 3) + + while (len) { + int send_len = (len > MPDU_REPORT_LEN) ? next - pos : len; + + if (send_len == len || + (send_len + next[1] + 2) > MPDU_REPORT_LEN) { + wpas_rrm_send_msr_report_mpdu(wpa_s, pos, send_len); + len -= send_len; + pos = next; + } + + if (len) + next += next[1] + 2; + } +#undef MPDU_REPORT_LEN +} + + +static int wpas_add_channel(u8 op_class, u8 chan, u8 num_primary_channels, + int *freqs) +{ + size_t i; + + for (i = 0; i < num_primary_channels; i++) { + u8 primary_chan = chan - (2 * num_primary_channels - 2) + i * 4; + + freqs[i] = ieee80211_chan_to_freq(NULL, op_class, primary_chan); + /* ieee80211_chan_to_freq() is not really meant for this + * conversion of 20 MHz primary channel numbers for wider VHT + * channels, so handle those as special cases here for now. */ + if (freqs[i] < 0 && + (op_class == 128 || op_class == 129 || op_class == 130)) + freqs[i] = 5000 + 5 * primary_chan; + if (freqs[i] < 0) { + wpa_printf(MSG_DEBUG, + "Beacon Report: Invalid channel %u", + chan); + return -1; + } + } + + return 0; +} + + +static int * wpas_add_channels(const struct oper_class_map *op, + struct hostapd_hw_modes *mode, int active, + const u8 *channels, const u8 size) +{ + int *freqs, *next_freq; + u8 num_primary_channels, i; + u8 num_chans; + + num_chans = channels ? size : + (op->max_chan - op->min_chan) / op->inc + 1; + + if (op->bw == BW80 || op->bw == BW80P80) + num_primary_channels = 4; + else if (op->bw == BW160) + num_primary_channels = 8; + else + num_primary_channels = 1; + + /* one extra place for the zero-terminator */ + freqs = os_calloc(num_chans * num_primary_channels + 1, sizeof(*freqs)); + if (!freqs) { + wpa_printf(MSG_ERROR, + "Beacon Report: Failed to allocate freqs array"); + return NULL; + } + + next_freq = freqs; + for (i = 0; i < num_chans; i++) { + u8 chan = channels ? channels[i] : op->min_chan + i * op->inc; + enum chan_allowed res = verify_channel(mode, chan, op->bw); + + if (res == NOT_ALLOWED || (res == NO_IR && active)) + continue; + + if (wpas_add_channel(op->op_class, chan, num_primary_channels, + next_freq) < 0) { + os_free(freqs); + return NULL; + } + + next_freq += num_primary_channels; + } + + if (!freqs[0]) { + os_free(freqs); + return NULL; + } + + return freqs; +} + + +static int * wpas_op_class_freqs(const struct oper_class_map *op, + struct hostapd_hw_modes *mode, int active) +{ + u8 channels_80mhz[] = { 42, 58, 106, 122, 138, 155 }; + u8 channels_160mhz[] = { 50, 114 }; + + /* + * When adding all channels in the operating class, 80 + 80 MHz + * operating classes are like 80 MHz channels because we add all valid + * channels anyway. + */ + if (op->bw == BW80 || op->bw == BW80P80) + return wpas_add_channels(op, mode, active, channels_80mhz, + ARRAY_SIZE(channels_80mhz)); + + if (op->bw == BW160) + return wpas_add_channels(op, mode, active, channels_160mhz, + ARRAY_SIZE(channels_160mhz)); + + return wpas_add_channels(op, mode, active, NULL, 0); +} + + +static int * wpas_channel_report_freqs(struct wpa_supplicant *wpa_s, int active, + const char *country, const u8 *subelems, + size_t len) +{ + int *freqs = NULL, *new_freqs; + const u8 *end = subelems + len; + + while (end - subelems > 2) { + const struct oper_class_map *op; + const u8 *ap_chan_elem, *pos; + u8 left; + struct hostapd_hw_modes *mode; + + ap_chan_elem = get_ie(subelems, end - subelems, + WLAN_BEACON_REQUEST_SUBELEM_AP_CHANNEL); + if (!ap_chan_elem) + break; + pos = ap_chan_elem + 2; + left = ap_chan_elem[1]; + if (left < 1) + break; + subelems = ap_chan_elem + 2 + left; + + op = get_oper_class(country, *pos); + if (!op) { + wpa_printf(MSG_DEBUG, + "Beacon request: unknown operating class in AP Channel Report subelement %u", + *pos); + goto out; + } + pos++; + left--; + + mode = get_mode(wpa_s->hw.modes, wpa_s->hw.num_modes, op->mode); + if (!mode) + continue; + + /* + * For 80 + 80 MHz operating classes, this AP Channel Report + * element should be followed by another element specifying + * the second 80 MHz channel. For now just add this 80 MHz + * channel, the second 80 MHz channel will be added when the + * next element is parsed. + * TODO: Verify that this AP Channel Report element is followed + * by a corresponding AP Channel Report element as specified in + * IEEE Std 802.11-2016, 11.11.9.1. + */ + new_freqs = wpas_add_channels(op, mode, active, pos, left); + if (new_freqs) + int_array_concat(&freqs, new_freqs); + + os_free(new_freqs); + } + + return freqs; +out: + os_free(freqs); + return NULL; +} + + +static int * wpas_beacon_request_freqs(struct wpa_supplicant *wpa_s, + u8 op_class, u8 chan, int active, + const u8 *subelems, size_t len) +{ + int *freqs = NULL, *ext_freqs = NULL; + struct hostapd_hw_modes *mode; + const char *country = NULL; + const struct oper_class_map *op; + const u8 *elem; + + if (!wpa_s->current_bss) + return NULL; + elem = wpa_bss_get_ie(wpa_s->current_bss, WLAN_EID_COUNTRY); + if (elem && elem[1] >= 2) + country = (const char *) (elem + 2); + + op = get_oper_class(country, op_class); + if (!op) { + wpa_printf(MSG_DEBUG, + "Beacon request: invalid operating class %d", + op_class); + return NULL; + } + + mode = get_mode(wpa_s->hw.modes, wpa_s->hw.num_modes, op->mode); + if (!mode) + return NULL; + + switch (chan) { + case 0: + freqs = wpas_op_class_freqs(op, mode, active); + if (!freqs) + return NULL; + break; + case 255: + /* freqs will be added from AP channel subelements */ + break; + default: + freqs = wpas_add_channels(op, mode, active, &chan, 1); + if (!freqs) + return NULL; + break; + } + + ext_freqs = wpas_channel_report_freqs(wpa_s, active, country, subelems, + len); + if (ext_freqs) { + int_array_concat(&freqs, ext_freqs); + os_free(ext_freqs); + int_array_sort_unique(freqs); + } + + return freqs; +} + + +static int wpas_get_op_chan_phy(int freq, const u8 *ies, size_t ies_len, + u8 *op_class, u8 *chan, u8 *phy_type) +{ + const u8 *ie; + int sec_chan = 0, vht = 0; + struct ieee80211_ht_operation *ht_oper = NULL; + struct ieee80211_vht_operation *vht_oper = NULL; + u8 seg0, seg1; + + ie = get_ie(ies, ies_len, WLAN_EID_HT_OPERATION); + if (ie && ie[1] >= sizeof(struct ieee80211_ht_operation)) { + u8 sec_chan_offset; + + ht_oper = (struct ieee80211_ht_operation *) (ie + 2); + sec_chan_offset = ht_oper->ht_param & + HT_INFO_HT_PARAM_SECONDARY_CHNL_OFF_MASK; + if (sec_chan_offset == HT_INFO_HT_PARAM_SECONDARY_CHNL_ABOVE) + sec_chan = 1; + else if (sec_chan_offset == + HT_INFO_HT_PARAM_SECONDARY_CHNL_BELOW) + sec_chan = -1; + } + + ie = get_ie(ies, ies_len, WLAN_EID_VHT_OPERATION); + if (ie && ie[1] >= sizeof(struct ieee80211_vht_operation)) { + vht_oper = (struct ieee80211_vht_operation *) (ie + 2); + + switch (vht_oper->vht_op_info_chwidth) { + case 1: + seg0 = vht_oper->vht_op_info_chan_center_freq_seg0_idx; + seg1 = vht_oper->vht_op_info_chan_center_freq_seg1_idx; + if (seg1 && abs(seg1 - seg0) == 8) + vht = VHT_CHANWIDTH_160MHZ; + else if (seg1) + vht = VHT_CHANWIDTH_80P80MHZ; + else + vht = VHT_CHANWIDTH_80MHZ; + break; + case 2: + vht = VHT_CHANWIDTH_160MHZ; + break; + case 3: + vht = VHT_CHANWIDTH_80P80MHZ; + break; + default: + vht = VHT_CHANWIDTH_USE_HT; + break; + } + } + + if (ieee80211_freq_to_channel_ext(freq, sec_chan, vht, op_class, + chan) == NUM_HOSTAPD_MODES) { + wpa_printf(MSG_DEBUG, + "Cannot determine operating class and channel"); + return -1; + } + + *phy_type = ieee80211_get_phy_type(freq, ht_oper != NULL, + vht_oper != NULL); + if (*phy_type == PHY_TYPE_UNSPECIFIED) { + wpa_printf(MSG_DEBUG, "Cannot determine phy type"); + return -1; + } + + return 0; +} + + +static int wpas_beacon_rep_add_frame_body(struct bitfield *eids, + enum beacon_report_detail detail, + struct wpa_bss *bss, u8 *buf, + size_t buf_len) +{ + u8 *ies = (u8 *) (bss + 1); + size_t ies_len = bss->ie_len ? bss->ie_len : bss->beacon_ie_len; + u8 *pos = buf; + int rem_len; + + rem_len = 255 - sizeof(struct rrm_measurement_beacon_report) - + sizeof(struct rrm_measurement_report_element) - 2; + + if (detail > BEACON_REPORT_DETAIL_ALL_FIELDS_AND_ELEMENTS) { + wpa_printf(MSG_DEBUG, + "Beacon Request: Invalid reporting detail: %d", + detail); + return -1; + } + + if (detail == BEACON_REPORT_DETAIL_NONE) + return 0; + + /* + * Minimal frame body subelement size: EID(1) + length(1) + TSF(8) + + * beacon interval(2) + capabilities(2) = 14 bytes + */ + if (buf_len < 14) + return 0; + + *pos++ = WLAN_BEACON_REPORT_SUBELEM_FRAME_BODY; + /* The length will be filled later */ + pos++; + WPA_PUT_LE64(pos, bss->tsf); + pos += sizeof(bss->tsf); + WPA_PUT_LE16(pos, bss->beacon_int); + pos += 2; + WPA_PUT_LE16(pos, bss->caps); + pos += 2; + + rem_len -= pos - buf; + + /* + * According to IEEE Std 802.11-2016, 9.4.2.22.7, if the reported frame + * body subelement causes the element to exceed the maximum element + * size, the subelement is truncated so that the last IE is a complete + * IE. So even when required to report all IEs, add elements one after + * the other and stop once there is no more room in the measurement + * element. + */ + while (ies_len > 2 && 2U + ies[1] <= ies_len && rem_len > 0) { + if (detail == BEACON_REPORT_DETAIL_ALL_FIELDS_AND_ELEMENTS || + (eids && bitfield_is_set(eids, ies[0]))) { + u8 eid = ies[0], elen = ies[1]; + + if ((eid == WLAN_EID_TIM || eid == WLAN_EID_RSN) && + elen > 4) + elen = 4; + /* + * TODO: Truncate IBSS DFS element as described in + * IEEE Std 802.11-2016, 9.4.2.22.7. + */ + + if (2 + elen > buf + buf_len - pos || + 2 + elen > rem_len) + break; + + *pos++ = ies[0]; + *pos++ = elen; + os_memcpy(pos, ies + 2, elen); + pos += elen; + rem_len -= 2 + elen; + } + + ies_len -= 2 + ies[1]; + ies += 2 + ies[1]; + } + + /* Now the length is known */ + buf[1] = pos - buf - 2; + return pos - buf; +} + + +static int wpas_add_beacon_rep(struct wpa_supplicant *wpa_s, + struct wpabuf **wpa_buf, struct wpa_bss *bss, + u64 start, u64 parent_tsf) +{ + struct beacon_rep_data *data = &wpa_s->beacon_rep_data; + u8 *ie = (u8 *) (bss + 1); + size_t ie_len = bss->ie_len + bss->beacon_ie_len; + int ret; + u8 *buf; + struct rrm_measurement_beacon_report *rep; + + if (os_memcmp(data->bssid, broadcast_ether_addr, ETH_ALEN) != 0 && + os_memcmp(data->bssid, bss->bssid, ETH_ALEN) != 0) + return 0; + + if (data->ssid_len && + (data->ssid_len != bss->ssid_len || + os_memcmp(data->ssid, bss->ssid, bss->ssid_len) != 0)) + return 0; + + /* Maximum element length: beacon report element + reported frame body + * subelement + all IEs of the reported beacon */ + buf = os_malloc(sizeof(*rep) + 14 + ie_len); + if (!buf) + return -1; + + rep = (struct rrm_measurement_beacon_report *) buf; + if (wpas_get_op_chan_phy(bss->freq, ie, ie_len, &rep->op_class, + &rep->channel, &rep->report_info) < 0) { + ret = 0; + goto out; + } + + rep->start_time = host_to_le64(start); + rep->duration = host_to_le16(data->scan_params.duration); + rep->rcpi = rssi_to_rcpi(bss->level); + rep->rsni = 255; /* 255 indicates that RSNI is not available */ + os_memcpy(rep->bssid, bss->bssid, ETH_ALEN); + rep->antenna_id = 0; /* unknown */ + rep->parent_tsf = host_to_le32(parent_tsf); + + ret = wpas_beacon_rep_add_frame_body(data->eids, data->report_detail, + bss, rep->variable, 14 + ie_len); + if (ret < 0) + goto out; + + ret = wpas_rrm_report_elem(wpa_buf, wpa_s->beacon_rep_data.token, + MEASUREMENT_REPORT_MODE_ACCEPT, + MEASURE_TYPE_BEACON, buf, + ret + sizeof(*rep)); +out: + os_free(buf); + return ret; +} + + +static int wpas_beacon_rep_no_results(struct wpa_supplicant *wpa_s, + struct wpabuf **buf) +{ + return wpas_rrm_report_elem(buf, wpa_s->beacon_rep_data.token, + MEASUREMENT_REPORT_MODE_ACCEPT, + MEASURE_TYPE_BEACON, NULL, 0); +} + + +static void wpas_beacon_rep_table(struct wpa_supplicant *wpa_s, + struct wpabuf **buf) +{ + size_t i; + + for (i = 0; i < wpa_s->last_scan_res_used; i++) { + if (wpas_add_beacon_rep(wpa_s, buf, wpa_s->last_scan_res[i], + 0, 0) < 0) + break; + } + + if (!(*buf)) + wpas_beacon_rep_no_results(wpa_s, buf); + + wpa_hexdump_buf(MSG_DEBUG, "RRM: Radio Measurement report", *buf); +} + + +void wpas_rrm_refuse_request(struct wpa_supplicant *wpa_s) +{ + if (!is_multicast_ether_addr(wpa_s->rrm.dst_addr)) { + struct wpabuf *buf = NULL; + + if (wpas_rrm_report_elem(&buf, wpa_s->beacon_rep_data.token, + MEASUREMENT_REPORT_MODE_REJECT_REFUSED, + MEASURE_TYPE_BEACON, NULL, 0)) { + wpa_printf(MSG_ERROR, "RRM: Memory allocation failed"); + wpabuf_free(buf); + return; + } + + wpas_rrm_send_msr_report(wpa_s, buf); + wpabuf_free(buf); + } + + wpas_clear_beacon_rep_data(wpa_s); +} + + +static void wpas_rrm_scan_timeout(void *eloop_ctx, void *timeout_ctx) +{ + struct wpa_supplicant *wpa_s = eloop_ctx; + struct wpa_driver_scan_params *params = + &wpa_s->beacon_rep_data.scan_params; + u16 prev_duration = params->duration; + + if (!wpa_s->current_bss) + return; + + if (!(wpa_s->drv_rrm_flags & WPA_DRIVER_FLAGS_SUPPORT_SET_SCAN_DWELL) && + params->duration) { + wpa_printf(MSG_DEBUG, + "RRM: Cannot set scan duration due to missing driver support"); + params->duration = 0; + } + os_get_reltime(&wpa_s->beacon_rep_scan); + if (wpa_s->scanning || wpas_p2p_in_progress(wpa_s) || + wpa_supplicant_trigger_scan(wpa_s, params)) + wpas_rrm_refuse_request(wpa_s); + params->duration = prev_duration; +} + + +static int wpas_rm_handle_beacon_req_subelem(struct wpa_supplicant *wpa_s, + struct beacon_rep_data *data, + u8 sid, u8 slen, const u8 *subelem) +{ + u8 report_info, i; + + switch (sid) { + case WLAN_BEACON_REQUEST_SUBELEM_SSID: + if (!slen) { + wpa_printf(MSG_DEBUG, + "SSID subelement with zero length - wildcard SSID"); + break; + } + + if (slen > SSID_MAX_LEN) { + wpa_printf(MSG_DEBUG, + "Invalid SSID subelement length: %u", slen); + return -1; + } + + data->ssid_len = slen; + os_memcpy(data->ssid, subelem, data->ssid_len); + break; + case WLAN_BEACON_REQUEST_SUBELEM_INFO: + if (slen != 2) { + wpa_printf(MSG_DEBUG, + "Invalid reporting information subelement length: %u", + slen); + return -1; + } + + report_info = subelem[0]; + if (report_info != 0) { + wpa_printf(MSG_DEBUG, + "reporting information=%u is not supported", + report_info); + return 0; + } + break; + case WLAN_BEACON_REQUEST_SUBELEM_DETAIL: + if (slen != 1) { + wpa_printf(MSG_DEBUG, + "Invalid reporting detail subelement length: %u", + slen); + return -1; + } + + data->report_detail = subelem[0]; + if (data->report_detail > + BEACON_REPORT_DETAIL_ALL_FIELDS_AND_ELEMENTS) { + wpa_printf(MSG_DEBUG, "Invalid reporting detail: %u", + subelem[0]); + return -1; + } + + break; + case WLAN_BEACON_REQUEST_SUBELEM_REQUEST: + if (data->report_detail != + BEACON_REPORT_DETAIL_REQUESTED_ONLY) { + wpa_printf(MSG_DEBUG, + "Beacon request: request subelement is present but report detail is %u", + data->report_detail); + return -1; + } + + if (!slen) { + wpa_printf(MSG_DEBUG, + "Invalid request subelement length: %u", + slen); + return -1; + } + + if (data->eids) { + wpa_printf(MSG_DEBUG, + "Beacon Request: Request subelement appears more than once"); + return -1; + } + + data->eids = bitfield_alloc(255); + if (!data->eids) { + wpa_printf(MSG_DEBUG, "Failed to allocate EIDs bitmap"); + return -1; + } + + for (i = 0; i < slen; i++) + bitfield_set(data->eids, subelem[i]); + break; + case WLAN_BEACON_REQUEST_SUBELEM_AP_CHANNEL: + /* Skip - it will be processed when freqs are added */ + break; + default: + wpa_printf(MSG_DEBUG, + "Beacon request: Unknown subelement id %u", sid); + break; + } + + return 1; +} + + +/** + * Returns 0 if the next element can be processed, 1 if some operation was + * triggered, and -1 if processing failed (i.e., the element is in invalid + * format or an internal error occurred). + */ +static int +wpas_rm_handle_beacon_req(struct wpa_supplicant *wpa_s, + u8 elem_token, int duration_mandatory, + const struct rrm_measurement_beacon_request *req, + size_t len, struct wpabuf **buf) +{ + struct beacon_rep_data *data = &wpa_s->beacon_rep_data; + struct wpa_driver_scan_params *params = &data->scan_params; + const u8 *subelems; + size_t elems_len; + u16 rand_interval; + u32 interval_usec; + u32 _rand; + int ret = 0, res; + u8 reject_mode; + + if (len < sizeof(*req)) + return -1; + + if (req->mode != BEACON_REPORT_MODE_PASSIVE && + req->mode != BEACON_REPORT_MODE_ACTIVE && + req->mode != BEACON_REPORT_MODE_TABLE) + return 0; + + subelems = req->variable; + elems_len = len - sizeof(*req); + rand_interval = le_to_host16(req->rand_interval); + + os_free(params->freqs); + os_memset(params, 0, sizeof(*params)); + + data->token = elem_token; + + /* default reporting detail is all fixed length fields and all + * elements */ + data->report_detail = BEACON_REPORT_DETAIL_ALL_FIELDS_AND_ELEMENTS; + os_memcpy(data->bssid, req->bssid, ETH_ALEN); + + while (elems_len >= 2) { + if (subelems[1] > elems_len - 2) { + wpa_printf(MSG_DEBUG, + "Beacon Request: Truncated subelement"); + ret = -1; + goto out; + } + + res = wpas_rm_handle_beacon_req_subelem( + wpa_s, data, subelems[0], subelems[1], &subelems[2]); + if (res < 0) { + ret = res; + goto out; + } else if (!res) { + reject_mode = MEASUREMENT_REPORT_MODE_REJECT_INCAPABLE; + goto out_reject; + } + + elems_len -= 2 + subelems[1]; + subelems += 2 + subelems[1]; + } + + if (req->mode == BEACON_REPORT_MODE_TABLE) { + wpas_beacon_rep_table(wpa_s, buf); + goto out; + } + + params->freqs = wpas_beacon_request_freqs( + wpa_s, req->oper_class, req->channel, + req->mode == BEACON_REPORT_MODE_ACTIVE, + req->variable, len - sizeof(*req)); + if (!params->freqs) { + wpa_printf(MSG_DEBUG, "Beacon request: No valid channels"); + reject_mode = MEASUREMENT_REPORT_MODE_REJECT_REFUSED; + goto out_reject; + } + + params->duration = le_to_host16(req->duration); + params->duration_mandatory = duration_mandatory; + if (!params->duration) { + wpa_printf(MSG_DEBUG, "Beacon request: Duration is 0"); + ret = -1; + goto out; + } + + params->only_new_results = 1; + + if (req->mode == BEACON_REPORT_MODE_ACTIVE) { + params->ssids[params->num_ssids].ssid = data->ssid; + params->ssids[params->num_ssids++].ssid_len = data->ssid_len; + } + + if (os_get_random((u8 *) &_rand, sizeof(_rand)) < 0) + _rand = os_random(); + interval_usec = (_rand % (rand_interval + 1)) * 1024; + eloop_register_timeout(0, interval_usec, wpas_rrm_scan_timeout, wpa_s, + NULL); + return 1; +out_reject: + if (!is_multicast_ether_addr(wpa_s->rrm.dst_addr) && + wpas_rrm_report_elem(buf, elem_token, reject_mode, + MEASURE_TYPE_BEACON, NULL, 0) < 0) { + wpa_printf(MSG_DEBUG, "RRM: Failed to add report element"); + ret = -1; + } +out: + wpas_clear_beacon_rep_data(wpa_s); + return ret; +} + + +static int +wpas_rrm_handle_msr_req_element( + struct wpa_supplicant *wpa_s, + const struct rrm_measurement_request_element *req, + struct wpabuf **buf) +{ + int duration_mandatory; + + wpa_printf(MSG_DEBUG, "Measurement request type %d token %d", + req->type, req->token); + + if (req->mode & MEASUREMENT_REQUEST_MODE_ENABLE) { + /* Enable bit is not supported for now */ + wpa_printf(MSG_DEBUG, "RRM: Enable bit not supported, ignore"); + return 0; + } + + if ((req->mode & MEASUREMENT_REQUEST_MODE_PARALLEL) && + req->type > MEASURE_TYPE_RPI_HIST) { + /* Parallel measurements are not supported for now */ + wpa_printf(MSG_DEBUG, + "RRM: Parallel measurements are not supported, reject"); + goto reject; + } + + duration_mandatory = + !!(req->mode & MEASUREMENT_REQUEST_MODE_DURATION_MANDATORY); + + switch (req->type) { + case MEASURE_TYPE_LCI: + return wpas_rrm_build_lci_report(wpa_s, req, buf); + case MEASURE_TYPE_BEACON: + if (duration_mandatory && + !(wpa_s->drv_rrm_flags & + WPA_DRIVER_FLAGS_SUPPORT_SET_SCAN_DWELL)) { + wpa_printf(MSG_DEBUG, + "RRM: Driver does not support dwell time configuration - reject beacon report with mandatory duration"); + goto reject; + } + return wpas_rm_handle_beacon_req(wpa_s, req->token, + duration_mandatory, + (const void *) req->variable, + req->len - 3, buf); + default: + wpa_printf(MSG_INFO, + "RRM: Unsupported radio measurement type %u", + req->type); + break; + } + +reject: + if (!is_multicast_ether_addr(wpa_s->rrm.dst_addr) && + wpas_rrm_report_elem(buf, req->token, + MEASUREMENT_REPORT_MODE_REJECT_INCAPABLE, + req->type, NULL, 0) < 0) { + wpa_printf(MSG_DEBUG, "RRM: Failed to add report element"); + return -1; + } + + return 0; +} + + +static struct wpabuf * +wpas_rrm_process_msr_req_elems(struct wpa_supplicant *wpa_s, const u8 *pos, + size_t len) +{ + struct wpabuf *buf = NULL; + + while (len) { + const struct rrm_measurement_request_element *req; + int res; + + if (len < 2) { + wpa_printf(MSG_DEBUG, "RRM: Truncated element"); + goto out; + } + + req = (const struct rrm_measurement_request_element *) pos; + if (req->eid != WLAN_EID_MEASURE_REQUEST) { + wpa_printf(MSG_DEBUG, + "RRM: Expected Measurement Request element, but EID is %u", + req->eid); + goto out; + } + + if (req->len < 3) { + wpa_printf(MSG_DEBUG, "RRM: Element length too short"); + goto out; + } + + if (req->len > len - 2) { + wpa_printf(MSG_DEBUG, "RRM: Element length too long"); + goto out; + } + + res = wpas_rrm_handle_msr_req_element(wpa_s, req, &buf); + if (res < 0) + goto out; + + pos += req->len + 2; + len -= req->len + 2; + } + + return buf; + +out: + wpabuf_free(buf); + return NULL; +} + + +void wpas_rrm_handle_radio_measurement_request(struct wpa_supplicant *wpa_s, + const u8 *src, const u8 *dst, + const u8 *frame, size_t len) +{ + struct wpabuf *report; + + if (wpa_s->wpa_state != WPA_COMPLETED) { + wpa_printf(MSG_INFO, + "RRM: Ignoring radio measurement request: Not associated"); + return; + } + + if (!wpa_s->rrm.rrm_used) { + wpa_printf(MSG_INFO, + "RRM: Ignoring radio measurement request: Not RRM network"); + return; + } + + if (len < 3) { + wpa_printf(MSG_INFO, + "RRM: Ignoring too short radio measurement request"); + return; + } + + wpa_s->rrm.token = *frame; + os_memcpy(wpa_s->rrm.dst_addr, dst, ETH_ALEN); + + /* Number of repetitions is not supported */ + + report = wpas_rrm_process_msr_req_elems(wpa_s, frame + 3, len - 3); + if (!report) + return; + + wpas_rrm_send_msr_report(wpa_s, report); + wpabuf_free(report); +} + + +void wpas_rrm_handle_link_measurement_request(struct wpa_supplicant *wpa_s, + const u8 *src, + const u8 *frame, size_t len, + int rssi) +{ + struct wpabuf *buf; + const struct rrm_link_measurement_request *req; + struct rrm_link_measurement_report report; + + if (wpa_s->wpa_state != WPA_COMPLETED) { + wpa_printf(MSG_INFO, + "RRM: Ignoring link measurement request. Not associated"); + return; + } + + if (!wpa_s->rrm.rrm_used) { + wpa_printf(MSG_INFO, + "RRM: Ignoring link measurement request. Not RRM network"); + return; + } + + if (!(wpa_s->drv_rrm_flags & WPA_DRIVER_FLAGS_TX_POWER_INSERTION)) { + wpa_printf(MSG_INFO, + "RRM: Measurement report failed. TX power insertion not supported"); + return; + } + + req = (const struct rrm_link_measurement_request *) frame; + if (len < sizeof(*req)) { + wpa_printf(MSG_INFO, + "RRM: Link measurement report failed. Request too short"); + return; + } + + os_memset(&report, 0, sizeof(report)); + report.dialog_token = req->dialog_token; + report.tpc.eid = WLAN_EID_TPC_REPORT; + report.tpc.len = 2; + /* Note: The driver is expected to update report.tpc.tx_power and + * report.tpc.link_margin subfields when sending out this frame. + * Similarly, the driver would need to update report.rx_ant_id and + * report.tx_ant_id subfields. */ + report.rsni = 255; /* 255 indicates that RSNI is not available */ + report.rcpi = rssi_to_rcpi(rssi); + + /* action_category + action_code */ + buf = wpabuf_alloc(2 + sizeof(report)); + if (buf == NULL) { + wpa_printf(MSG_ERROR, + "RRM: Link measurement report failed. Buffer allocation failed"); + return; + } + + wpabuf_put_u8(buf, WLAN_ACTION_RADIO_MEASUREMENT); + wpabuf_put_u8(buf, WLAN_RRM_LINK_MEASUREMENT_REPORT); + wpabuf_put_data(buf, &report, sizeof(report)); + wpa_hexdump_buf(MSG_DEBUG, "RRM: Link measurement report", buf); + + if (wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, src, + wpa_s->own_addr, wpa_s->bssid, + wpabuf_head(buf), wpabuf_len(buf), 0)) { + wpa_printf(MSG_ERROR, + "RRM: Link measurement report failed. Send action failed"); + } + wpabuf_free(buf); +} + + +int wpas_beacon_rep_scan_process(struct wpa_supplicant *wpa_s, + struct wpa_scan_results *scan_res, + struct scan_info *info) +{ + size_t i = 0; + struct wpabuf *buf = NULL; + + if (!wpa_s->beacon_rep_data.token) + return 0; + + if (!wpa_s->current_bss) + goto out; + + /* If the measurement was aborted, don't report partial results */ + if (info->aborted) + goto out; + + wpa_printf(MSG_DEBUG, "RRM: TSF BSSID: " MACSTR " current BSS: " MACSTR, + MAC2STR(info->scan_start_tsf_bssid), + MAC2STR(wpa_s->current_bss->bssid)); + if ((wpa_s->drv_rrm_flags & WPA_DRIVER_FLAGS_SUPPORT_BEACON_REPORT) && + os_memcmp(info->scan_start_tsf_bssid, wpa_s->current_bss->bssid, + ETH_ALEN) != 0) { + wpa_printf(MSG_DEBUG, + "RRM: Ignore scan results due to mismatching TSF BSSID"); + goto out; + } + + for (i = 0; i < scan_res->num; i++) { + struct wpa_bss *bss = + wpa_bss_get_bssid(wpa_s, scan_res->res[i]->bssid); + + if (!bss) + continue; + + if ((wpa_s->drv_rrm_flags & + WPA_DRIVER_FLAGS_SUPPORT_BEACON_REPORT) && + os_memcmp(scan_res->res[i]->tsf_bssid, + wpa_s->current_bss->bssid, ETH_ALEN) != 0) { + wpa_printf(MSG_DEBUG, + "RRM: Ignore scan result for " MACSTR + " due to mismatching TSF BSSID" MACSTR, + MAC2STR(scan_res->res[i]->bssid), + MAC2STR(scan_res->res[i]->tsf_bssid)); + continue; + } + + /* + * Don't report results that were not received during the + * current measurement. + */ + if (!(wpa_s->drv_rrm_flags & + WPA_DRIVER_FLAGS_SUPPORT_BEACON_REPORT)) { + struct os_reltime update_time, diff; + + /* For now, allow 8 ms older results due to some + * unknown issue with cfg80211 BSS table updates during + * a scan with the current BSS. + * TODO: Fix this more properly to avoid having to have + * this type of hacks in place. */ + calculate_update_time(&scan_res->fetch_time, + scan_res->res[i]->age, + &update_time); + os_reltime_sub(&wpa_s->beacon_rep_scan, + &update_time, &diff); + if (os_reltime_before(&update_time, + &wpa_s->beacon_rep_scan) && + (diff.sec || diff.usec >= 8000)) { + wpa_printf(MSG_DEBUG, + "RRM: Ignore scan result for " MACSTR + " due to old update (age(ms) %u, calculated age %u.%06u seconds)", + MAC2STR(scan_res->res[i]->bssid), + scan_res->res[i]->age, + (unsigned int) diff.sec, + (unsigned int) diff.usec); + continue; + } + } else if (info->scan_start_tsf > + scan_res->res[i]->parent_tsf) { + continue; + } + + if (wpas_add_beacon_rep(wpa_s, &buf, bss, info->scan_start_tsf, + scan_res->res[i]->parent_tsf) < 0) + break; + } + + if (!buf && wpas_beacon_rep_no_results(wpa_s, &buf)) + goto out; + + wpa_hexdump_buf(MSG_DEBUG, "RRM: Radio Measurement report", buf); + + wpas_rrm_send_msr_report(wpa_s, buf); + wpabuf_free(buf); + +out: + wpas_clear_beacon_rep_data(wpa_s); + return 1; +} + + +void wpas_clear_beacon_rep_data(struct wpa_supplicant *wpa_s) +{ + struct beacon_rep_data *data = &wpa_s->beacon_rep_data; + + eloop_cancel_timeout(wpas_rrm_scan_timeout, wpa_s, NULL); + bitfield_free(data->eids); + os_free(data->scan_params.freqs); + os_memset(data, 0, sizeof(*data)); +} diff --git a/contrib/wpa/wpa_supplicant/scan.c b/contrib/wpa/wpa_supplicant/scan.c index fb8ebdf2ecc1..ee39e0c9228d 100644 --- a/contrib/wpa/wpa_supplicant/scan.c +++ b/contrib/wpa/wpa_supplicant/scan.c @@ -117,9 +117,19 @@ int wpa_supplicant_enabled_networks(struct wpa_supplicant *wpa_s) static void wpa_supplicant_assoc_try(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid) { + int min_temp_disabled = 0; + while (ssid) { - if (!wpas_network_disabled(wpa_s, ssid)) - break; + if (!wpas_network_disabled(wpa_s, ssid)) { + int temp_disabled = wpas_temp_disabled(wpa_s, ssid); + + if (temp_disabled <= 0) + break; + + if (!min_temp_disabled || + temp_disabled < min_temp_disabled) + min_temp_disabled = temp_disabled; + } ssid = ssid->next; } @@ -128,7 +138,7 @@ static void wpa_supplicant_assoc_try(struct wpa_supplicant *wpa_s, wpa_dbg(wpa_s, MSG_DEBUG, "wpa_supplicant_assoc_try: Reached " "end of scan list - go back to beginning"); wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN; - wpa_supplicant_req_scan(wpa_s, 0, 0); + wpa_supplicant_req_scan(wpa_s, min_temp_disabled, 0); return; } if (ssid->next) { @@ -176,10 +186,22 @@ static void wpas_trigger_scan_cb(struct wpa_radio_work *work, int deinit) params->only_new_results = 1; } ret = wpa_drv_scan(wpa_s, params); + /* + * Store the obtained vendor scan cookie (if any) in wpa_s context. + * The current design is to allow only one scan request on each + * interface, hence having this scan cookie stored in wpa_s context is + * fine for now. + * + * Revisit this logic if concurrent scan operations per interface + * is supported. + */ + if (ret == 0) + wpa_s->curr_scan_cookie = params->scan_cookie; wpa_scan_free_params(params); work->ctx = NULL; if (ret) { - int retry = wpa_s->last_scan_req != MANUAL_SCAN_REQ; + int retry = wpa_s->last_scan_req != MANUAL_SCAN_REQ && + !wpa_s->beacon_rep_data.token; if (wpa_s->disconnected) retry = 0; @@ -197,7 +219,14 @@ static void wpas_trigger_scan_cb(struct wpa_radio_work *work, int deinit) /* Restore scan_req since we will try to scan again */ wpa_s->scan_req = wpa_s->last_scan_req; wpa_supplicant_req_scan(wpa_s, 1, 0); + } else if (wpa_s->scan_res_handler) { + /* Clear the scan_res_handler */ + wpa_s->scan_res_handler = NULL; } + + if (wpa_s->beacon_rep_data.token) + wpas_rrm_refuse_request(wpa_s); + return; } @@ -426,6 +455,33 @@ static void wpas_add_interworking_elements(struct wpa_supplicant *wpa_s, #endif /* CONFIG_INTERWORKING */ +#ifdef CONFIG_MBO +static void wpas_fils_req_param_add_max_channel(struct wpa_supplicant *wpa_s, + struct wpabuf **ie) +{ + if (wpabuf_resize(ie, 5)) { + wpa_printf(MSG_DEBUG, + "Failed to allocate space for FILS Request Parameters element"); + return; + } + + /* FILS Request Parameters element */ + wpabuf_put_u8(*ie, WLAN_EID_EXTENSION); + wpabuf_put_u8(*ie, 3); /* FILS Request attribute length */ + wpabuf_put_u8(*ie, WLAN_EID_EXT_FILS_REQ_PARAMS); + /* Parameter control bitmap */ + wpabuf_put_u8(*ie, 0); + /* Max Channel Time field - contains the value of MaxChannelTime + * parameter of the MLME-SCAN.request primitive represented in units of + * TUs, as an unsigned integer. A Max Channel Time field value of 255 + * is used to indicate any duration of more than 254 TUs, or an + * unspecified or unknown duration. (IEEE Std 802.11ai-2016, 9.4.2.178) + */ + wpabuf_put_u8(*ie, 255); +} +#endif /* CONFIG_MBO */ + + void wpa_supplicant_set_default_scan_ies(struct wpa_supplicant *wpa_s) { struct wpabuf *default_ies = NULL; @@ -447,8 +503,10 @@ void wpa_supplicant_set_default_scan_ies(struct wpa_supplicant *wpa_s) wpabuf_put_data(default_ies, ext_capab, ext_capab_len); #ifdef CONFIG_MBO - /* Send cellular capabilities for potential MBO STAs */ - if (wpabuf_resize(&default_ies, 9) == 0) + if (wpa_s->enable_oce & OCE_STA) + wpas_fils_req_param_add_max_channel(wpa_s, &default_ies); + /* Send MBO and OCE capabilities */ + if (wpabuf_resize(&default_ies, 12) == 0) wpas_mbo_scan_ie(wpa_s, default_ies); #endif /* CONFIG_MBO */ @@ -488,6 +546,11 @@ static struct wpabuf * wpa_supplicant_extra_ies(struct wpa_supplicant *wpa_s) wpas_add_interworking_elements(wpa_s, extra_ie); #endif /* CONFIG_INTERWORKING */ +#ifdef CONFIG_MBO + if (wpa_s->enable_oce & OCE_STA) + wpas_fils_req_param_add_max_channel(wpa_s, &extra_ie); +#endif /* CONFIG_MBO */ + #ifdef CONFIG_WPS wps = wpas_wps_in_use(wpa_s, &req_type); @@ -529,8 +592,8 @@ static struct wpabuf * wpa_supplicant_extra_ies(struct wpa_supplicant *wpa_s) #endif /* CONFIG_FST */ #ifdef CONFIG_MBO - /* Send cellular capabilities for potential MBO STAs */ - if (wpabuf_resize(&extra_ie, 9) == 0) + /* Send MBO and OCE capabilities */ + if (wpabuf_resize(&extra_ie, 12) == 0) wpas_mbo_scan_ie(wpa_s, extra_ie); #endif /* CONFIG_MBO */ @@ -614,6 +677,87 @@ static void wpa_setband_scan_freqs(struct wpa_supplicant *wpa_s, } +static void wpa_add_scan_ssid(struct wpa_supplicant *wpa_s, + struct wpa_driver_scan_params *params, + size_t max_ssids, const u8 *ssid, size_t ssid_len) +{ + unsigned int j; + + for (j = 0; j < params->num_ssids; j++) { + if (params->ssids[j].ssid_len == ssid_len && + params->ssids[j].ssid && + os_memcmp(params->ssids[j].ssid, ssid, ssid_len) == 0) + return; /* already in the list */ + } + + if (params->num_ssids + 1 > max_ssids) { + wpa_printf(MSG_DEBUG, "Over max scan SSIDs for manual request"); + return; + } + + wpa_printf(MSG_DEBUG, "Scan SSID (manual request): %s", + wpa_ssid_txt(ssid, ssid_len)); + + params->ssids[params->num_ssids].ssid = ssid; + params->ssids[params->num_ssids].ssid_len = ssid_len; + params->num_ssids++; +} + + +static void wpa_add_owe_scan_ssid(struct wpa_supplicant *wpa_s, + struct wpa_driver_scan_params *params, + struct wpa_ssid *ssid, size_t max_ssids) +{ +#ifdef CONFIG_OWE + struct wpa_bss *bss; + + if (!(ssid->key_mgmt & WPA_KEY_MGMT_OWE)) + return; + + wpa_printf(MSG_DEBUG, "OWE: Look for transition mode AP. ssid=%s", + wpa_ssid_txt(ssid->ssid, ssid->ssid_len)); + + dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) { + const u8 *owe, *pos, *end; + const u8 *owe_ssid; + size_t owe_ssid_len; + + if (bss->ssid_len != ssid->ssid_len || + os_memcmp(bss->ssid, ssid->ssid, ssid->ssid_len) != 0) + continue; + + owe = wpa_bss_get_vendor_ie(bss, OWE_IE_VENDOR_TYPE); + if (!owe || owe[1] < 4) + continue; + + pos = owe + 6; + end = owe + 2 + owe[1]; + + /* Must include BSSID and ssid_len */ + if (end - pos < ETH_ALEN + 1) + return; + + /* Skip BSSID */ + pos += ETH_ALEN; + owe_ssid_len = *pos++; + owe_ssid = pos; + + if ((size_t) (end - pos) < owe_ssid_len || + owe_ssid_len > SSID_MAX_LEN) + return; + + wpa_printf(MSG_DEBUG, + "OWE: scan_ssids: transition mode OWE ssid=%s", + wpa_ssid_txt(owe_ssid, owe_ssid_len)); + + wpa_add_scan_ssid(wpa_s, params, max_ssids, + owe_ssid, owe_ssid_len); + return; + } +#endif /* CONFIG_OWE */ +} + + static void wpa_set_scan_ssids(struct wpa_supplicant *wpa_s, struct wpa_driver_scan_params *params, size_t max_ssids) @@ -628,33 +772,17 @@ static void wpa_set_scan_ssids(struct wpa_supplicant *wpa_s, max_ssids = max_ssids > 1 ? max_ssids - 1 : max_ssids; for (i = 0; i < wpa_s->scan_id_count; i++) { - unsigned int j; - ssid = wpa_config_get_network(wpa_s->conf, wpa_s->scan_id[i]); - if (!ssid || !ssid->scan_ssid) + if (!ssid) continue; - - for (j = 0; j < params->num_ssids; j++) { - if (params->ssids[j].ssid_len == ssid->ssid_len && - params->ssids[j].ssid && - os_memcmp(params->ssids[j].ssid, ssid->ssid, - ssid->ssid_len) == 0) - break; - } - if (j < params->num_ssids) - continue; /* already in the list */ - - if (params->num_ssids + 1 > max_ssids) { - wpa_printf(MSG_DEBUG, - "Over max scan SSIDs for manual request"); - break; - } - - wpa_printf(MSG_DEBUG, "Scan SSID (manual request): %s", - wpa_ssid_txt(ssid->ssid, ssid->ssid_len)); - params->ssids[params->num_ssids].ssid = ssid->ssid; - params->ssids[params->num_ssids].ssid_len = ssid->ssid_len; - params->num_ssids++; + if (ssid->scan_ssid) + wpa_add_scan_ssid(wpa_s, params, max_ssids, + ssid->ssid, ssid->ssid_len); + /* + * Also add the SSID of the OWE BSS, to allow discovery of + * transition mode APs more quickly. + */ + wpa_add_owe_scan_ssid(wpa_s, params, ssid, max_ssids); } wpa_s->scan_id_count = 0; @@ -703,10 +831,7 @@ static void wpa_supplicant_scan(void *eloop_ctx, void *timeout_ctx) size_t max_ssids; int connect_without_scan = 0; - if (wpa_s->pno || wpa_s->pno_sched_pending) { - wpa_dbg(wpa_s, MSG_DEBUG, "Skip scan - PNO is in progress"); - return; - } + wpa_s->ignore_post_flush_scan_res = 0; if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) { wpa_dbg(wpa_s, MSG_DEBUG, "Skip scan - interface disabled"); @@ -768,6 +893,21 @@ static void wpa_supplicant_scan(void *eloop_ctx, void *timeout_ctx) return; } + /* + * Don't cancel the scan based on ongoing PNO; defer it. Some scans are + * used for changing modes inside wpa_supplicant (roaming, + * auto-reconnect, etc). Discarding the scan might hurt these processes. + * The normal use case for PNO is to suspend the host immediately after + * starting PNO, so the periodic 100 ms attempts to run the scan do not + * normally happen in practice multiple times, i.e., this is simply + * restarting scanning once the host is woken up and PNO stopped. + */ + if (wpa_s->pno || wpa_s->pno_sched_pending) { + wpa_dbg(wpa_s, MSG_DEBUG, "Defer scan - PNO is in progress"); + wpa_supplicant_req_scan(wpa_s, 0, 100000); + return; + } + if (wpa_s->conf->ap_scan == 2) max_ssids = 1; else { @@ -909,6 +1049,17 @@ static void wpa_supplicant_scan(void *eloop_ctx, void *timeout_ctx) if (params.num_ssids + 1 >= max_ssids) break; } + + if (!wpas_network_disabled(wpa_s, ssid)) { + /* + * Also add the SSID of the OWE BSS, to allow + * discovery of transition mode APs more + * quickly. + */ + wpa_add_owe_scan_ssid(wpa_s, ¶ms, ssid, + max_ssids); + } + ssid = ssid->next; if (ssid == start) break; @@ -995,6 +1146,13 @@ ssid_list_set: wpa_s->manual_scan_freqs = NULL; } + if (params.freqs == NULL && wpa_s->select_network_scan_freqs) { + wpa_dbg(wpa_s, MSG_DEBUG, + "Limit select_network scan to specified channels"); + params.freqs = wpa_s->select_network_scan_freqs; + wpa_s->select_network_scan_freqs = NULL; + } + if (params.freqs == NULL && wpa_s->next_scan_freqs) { wpa_dbg(wpa_s, MSG_DEBUG, "Optimize scan based on previously " "generated frequency list"); @@ -1029,6 +1187,11 @@ ssid_list_set: } } +#ifdef CONFIG_MBO + if (wpa_s->enable_oce & OCE_STA) + params.oce_scan = 1; +#endif /* CONFIG_MBO */ + params.filter_ssids = wpa_supplicant_build_filter_ssids( wpa_s->conf, ¶ms.num_filter_ssids); if (extra_ie) { @@ -1047,7 +1210,8 @@ ssid_list_set: } #endif /* CONFIG_P2P */ - if (wpa_s->mac_addr_rand_enable & MAC_ADDR_RAND_SCAN) { + if ((wpa_s->mac_addr_rand_enable & MAC_ADDR_RAND_SCAN) && + wpa_s->wpa_state <= WPA_SCANNING) { params.mac_addr_rand = 1; if (wpa_s->mac_addr_scan) { params.mac_addr = wpa_s->mac_addr_scan; @@ -1225,6 +1389,26 @@ int wpa_supplicant_delayed_sched_scan(struct wpa_supplicant *wpa_s, } +static void +wpa_scan_set_relative_rssi_params(struct wpa_supplicant *wpa_s, + struct wpa_driver_scan_params *params) +{ + if (wpa_s->wpa_state != WPA_COMPLETED || + !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SCHED_SCAN_RELATIVE_RSSI) || + wpa_s->srp.relative_rssi_set == 0) + return; + + params->relative_rssi_set = 1; + params->relative_rssi = wpa_s->srp.relative_rssi; + + if (wpa_s->srp.relative_adjust_rssi == 0) + return; + + params->relative_adjust_band = wpa_s->srp.relative_adjust_band; + params->relative_adjust_rssi = wpa_s->srp.relative_adjust_rssi; +} + + /** * wpa_supplicant_req_sched_scan - Start a periodic scheduled scan * @wpa_s: Pointer to wpa_supplicant data @@ -1417,6 +1601,11 @@ int wpa_supplicant_req_sched_scan(struct wpa_supplicant *wpa_s) int_array_concat(¶ms.freqs, wpa_s->conf->freq_list); } +#ifdef CONFIG_MBO + if (wpa_s->enable_oce & OCE_STA) + params.oce_scan = 1; +#endif /* CONFIG_MBO */ + scan_params = ¶ms; scan: @@ -1458,18 +1647,24 @@ scan: params.sched_scan_plans_num = 1; } + params.sched_scan_start_delay = wpa_s->conf->sched_scan_start_delay; + if (ssid || !wpa_s->first_sched_scan) { wpa_dbg(wpa_s, MSG_DEBUG, - "Starting sched scan: interval %u timeout %d", + "Starting sched scan after %u seconds: interval %u timeout %d", + params.sched_scan_start_delay, params.sched_scan_plans[0].interval, wpa_s->sched_scan_timeout); } else { - wpa_dbg(wpa_s, MSG_DEBUG, "Starting sched scan (no timeout)"); + wpa_dbg(wpa_s, MSG_DEBUG, + "Starting sched scan after %u seconds (no timeout)", + params.sched_scan_start_delay); } wpa_setband_scan_freqs(wpa_s, scan_params); - if (wpa_s->mac_addr_rand_enable & MAC_ADDR_RAND_SCHED_SCAN) { + if ((wpa_s->mac_addr_rand_enable & MAC_ADDR_RAND_SCHED_SCAN) && + wpa_s->wpa_state <= WPA_SCANNING) { params.mac_addr_rand = 1; if (wpa_s->mac_addr_sched_scan) { params.mac_addr = wpa_s->mac_addr_sched_scan; @@ -1478,6 +1673,8 @@ scan: } } + wpa_scan_set_relative_rssi_params(wpa_s, scan_params); + ret = wpa_supplicant_start_sched_scan(wpa_s, scan_params); wpabuf_free(extra_ie); os_free(params.filter_ssids); @@ -1618,7 +1815,13 @@ static int wpa_scan_get_max_rate(const struct wpa_scan_res *res) */ const u8 * wpa_scan_get_ie(const struct wpa_scan_res *res, u8 ie) { - return get_ie((const u8 *) (res + 1), res->ie_len, ie); + size_t ie_len = res->ie_len; + + /* Use the Beacon frame IEs if res->ie_len is not available */ + if (!ie_len) + ie_len = res->beacon_ie_len; + + return get_ie((const u8 *) (res + 1), ie_len, ie); } @@ -1735,10 +1938,12 @@ struct wpabuf * wpa_scan_get_vendor_ie_multi(const struct wpa_scan_res *res, * This doc https://supportforums.cisco.com/docs/DOC-12954 says, "the general * rule of thumb is that any SNR above 20 is good." This one * http://www.cisco.com/en/US/tech/tk722/tk809/technologies_q_and_a_item09186a00805e9a96.shtml#qa23 - * recommends 25 as a minimum SNR for 54 Mbps data rate. 30 is chosen here as a - * conservative value. + * recommends 25 as a minimum SNR for 54 Mbps data rate. The estimates used in + * scan_est_throughput() allow even smaller SNR values for the maximum rates + * (21 for 54 Mbps, 22 for VHT80 MCS9, 24 for HT40 and HT20 MCS7). Use 25 as a + * somewhat conservative value here. */ -#define GREAT_SNR 30 +#define GREAT_SNR 25 #define IS_5GHZ(n) (n > 4000) @@ -1786,10 +1991,12 @@ static int wpa_scan_result_compar(const void *a, const void *b) } /* if SNR is close, decide by max rate or frequency band */ - if ((snr_a && snr_b && abs(snr_b - snr_a) < 5) || - (wa->qual && wb->qual && abs(wb->qual - wa->qual) < 10)) { + if (snr_a && snr_b && abs(snr_b - snr_a) < 7) { if (wa->est_throughput != wb->est_throughput) return wb->est_throughput - wa->est_throughput; + } + if ((snr_a && snr_b && abs(snr_b - snr_a) < 5) || + (wa->qual && wb->qual && abs(wb->qual - wa->qual) < 10)) { if (IS_5GHZ(wa->freq) ^ IS_5GHZ(wb->freq)) return IS_5GHZ(wa->freq) ? -1 : 1; } @@ -2177,10 +2384,22 @@ wpa_supplicant_get_scan_results(struct wpa_supplicant *wpa_s, } #endif /* CONFIG_WPS */ - qsort(scan_res->res, scan_res->num, sizeof(struct wpa_scan_res *), - compar); + if (scan_res->res) { + qsort(scan_res->res, scan_res->num, + sizeof(struct wpa_scan_res *), compar); + } dump_scan_res(scan_res); + if (wpa_s->ignore_post_flush_scan_res) { + /* FLUSH command aborted an ongoing scan and these are the + * results from the aborted scan. Do not process the results to + * maintain flushed state. */ + wpa_dbg(wpa_s, MSG_DEBUG, + "Do not update BSS table based on pending post-FLUSH scan results"); + wpa_s->ignore_post_flush_scan_res = 0; + return scan_res; + } + wpa_bss_update_start(wpa_s); for (i = 0; i < scan_res->num; i++) wpa_bss_update_scan_res(wpa_s, scan_res->res[i], @@ -2262,11 +2481,10 @@ wpa_scan_clone_params(const struct wpa_driver_scan_params *src) for (i = 0; i < src->num_ssids; i++) { if (src->ssids[i].ssid) { - n = os_malloc(src->ssids[i].ssid_len); + n = os_memdup(src->ssids[i].ssid, + src->ssids[i].ssid_len); if (n == NULL) goto failed; - os_memcpy(n, src->ssids[i].ssid, - src->ssids[i].ssid_len); params->ssids[i].ssid = n; params->ssids[i].ssid_len = src->ssids[i].ssid_len; } @@ -2274,30 +2492,26 @@ wpa_scan_clone_params(const struct wpa_driver_scan_params *src) params->num_ssids = src->num_ssids; if (src->extra_ies) { - n = os_malloc(src->extra_ies_len); + n = os_memdup(src->extra_ies, src->extra_ies_len); if (n == NULL) goto failed; - os_memcpy(n, src->extra_ies, src->extra_ies_len); params->extra_ies = n; params->extra_ies_len = src->extra_ies_len; } if (src->freqs) { int len = int_array_len(src->freqs); - params->freqs = os_malloc((len + 1) * sizeof(int)); + params->freqs = os_memdup(src->freqs, (len + 1) * sizeof(int)); if (params->freqs == NULL) goto failed; - os_memcpy(params->freqs, src->freqs, (len + 1) * sizeof(int)); } if (src->filter_ssids) { - params->filter_ssids = os_malloc(sizeof(*params->filter_ssids) * + params->filter_ssids = os_memdup(src->filter_ssids, + sizeof(*params->filter_ssids) * src->num_filter_ssids); if (params->filter_ssids == NULL) goto failed; - os_memcpy(params->filter_ssids, src->filter_ssids, - sizeof(*params->filter_ssids) * - src->num_filter_ssids); params->num_filter_ssids = src->num_filter_ssids; } @@ -2305,17 +2519,18 @@ wpa_scan_clone_params(const struct wpa_driver_scan_params *src) params->p2p_probe = src->p2p_probe; params->only_new_results = src->only_new_results; params->low_priority = src->low_priority; + params->duration = src->duration; + params->duration_mandatory = src->duration_mandatory; + params->oce_scan = src->oce_scan; if (src->sched_scan_plans_num > 0) { params->sched_scan_plans = - os_malloc(sizeof(*src->sched_scan_plans) * + os_memdup(src->sched_scan_plans, + sizeof(*src->sched_scan_plans) * src->sched_scan_plans_num); if (!params->sched_scan_plans) goto failed; - os_memcpy(params->sched_scan_plans, src->sched_scan_plans, - sizeof(*src->sched_scan_plans) * - src->sched_scan_plans_num); params->sched_scan_plans_num = src->sched_scan_plans_num; } @@ -2340,13 +2555,16 @@ wpa_scan_clone_params(const struct wpa_driver_scan_params *src) if (src->bssid) { u8 *bssid; - bssid = os_malloc(ETH_ALEN); + bssid = os_memdup(src->bssid, ETH_ALEN); if (!bssid) goto failed; - os_memcpy(bssid, src->bssid, ETH_ALEN); params->bssid = bssid; } + params->relative_rssi_set = src->relative_rssi_set; + params->relative_rssi = src->relative_rssi; + params->relative_adjust_band = src->relative_adjust_band; + params->relative_adjust_rssi = src->relative_adjust_rssi; return params; failed: @@ -2404,7 +2622,7 @@ int wpas_start_pno(struct wpa_supplicant *wpa_s) return 0; if ((wpa_s->wpa_state > WPA_SCANNING) && - (wpa_s->wpa_state <= WPA_COMPLETED)) { + (wpa_s->wpa_state < WPA_COMPLETED)) { wpa_printf(MSG_ERROR, "PNO: In assoc process"); return -EAGAIN; } @@ -2511,12 +2729,15 @@ int wpas_start_pno(struct wpa_supplicant *wpa_s) params.sched_scan_plans_num = 1; } + params.sched_scan_start_delay = wpa_s->conf->sched_scan_start_delay; + if (params.freqs == NULL && wpa_s->manual_sched_scan_freqs) { wpa_dbg(wpa_s, MSG_DEBUG, "Limit sched scan to specified channels"); params.freqs = wpa_s->manual_sched_scan_freqs; } - if (wpa_s->mac_addr_rand_enable & MAC_ADDR_RAND_PNO) { + if ((wpa_s->mac_addr_rand_enable & MAC_ADDR_RAND_PNO) && + wpa_s->wpa_state <= WPA_SCANNING) { params.mac_addr_rand = 1; if (wpa_s->mac_addr_pno) { params.mac_addr = wpa_s->mac_addr_pno; @@ -2524,6 +2745,8 @@ int wpas_start_pno(struct wpa_supplicant *wpa_s) } } + wpa_scan_set_relative_rssi_params(wpa_s, ¶ms); + ret = wpa_supplicant_start_sched_scan(wpa_s, ¶ms); os_free(params.filter_ssids); if (ret == 0) @@ -2614,18 +2837,20 @@ int wpas_mac_addr_rand_scan_set(struct wpa_supplicant *wpa_s, int wpas_abort_ongoing_scan(struct wpa_supplicant *wpa_s) { - int scan_work = !!wpa_s->scan_work; - -#ifdef CONFIG_P2P - scan_work |= !!wpa_s->p2p_scan_work; -#endif /* CONFIG_P2P */ + struct wpa_radio_work *work; + struct wpa_radio *radio = wpa_s->radio; - if (scan_work && wpa_s->own_scan_running) { + dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) { + if (work->wpa_s != wpa_s || !work->started || + (os_strcmp(work->type, "scan") != 0 && + os_strcmp(work->type, "p2p-scan") != 0)) + continue; wpa_dbg(wpa_s, MSG_DEBUG, "Abort an ongoing scan"); - return wpa_drv_abort_scan(wpa_s); + return wpa_drv_abort_scan(wpa_s, wpa_s->curr_scan_cookie); } - return 0; + wpa_dbg(wpa_s, MSG_DEBUG, "No ongoing scan/p2p-scan found to abort"); + return -1; } diff --git a/contrib/wpa/wpa_supplicant/sme.c b/contrib/wpa/wpa_supplicant/sme.c index 61fd3b24549c..39c80696a94c 100644 --- a/contrib/wpa/wpa_supplicant/sme.c +++ b/contrib/wpa/wpa_supplicant/sme.c @@ -72,7 +72,7 @@ static int sme_set_sae_group(struct wpa_supplicant *wpa_s) if (sae_set_group(&wpa_s->sme.sae, group) == 0) { wpa_dbg(wpa_s, MSG_DEBUG, "SME: Selected SAE group %d", wpa_s->sme.sae.group); - return 0; + return 0; } wpa_s->sme.sae_group_index++; } @@ -83,12 +83,29 @@ static int sme_set_sae_group(struct wpa_supplicant *wpa_s) static struct wpabuf * sme_auth_build_sae_commit(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid, - const u8 *bssid) + const u8 *bssid, int external) { struct wpabuf *buf; size_t len; - - if (ssid->passphrase == NULL) { + const char *password; + +#ifdef CONFIG_TESTING_OPTIONS + if (wpa_s->sae_commit_override) { + wpa_printf(MSG_DEBUG, "SAE: TESTING - commit override"); + buf = wpabuf_alloc(4 + wpabuf_len(wpa_s->sae_commit_override)); + if (!buf) + return NULL; + wpabuf_put_le16(buf, 1); /* Transaction seq# */ + wpabuf_put_le16(buf, WLAN_STATUS_SUCCESS); + wpabuf_put_buf(buf, wpa_s->sae_commit_override); + return buf; + } +#endif /* CONFIG_TESTING_OPTIONS */ + + password = ssid->sae_password; + if (!password) + password = ssid->passphrase; + if (!password) { wpa_printf(MSG_DEBUG, "SAE: No password available"); return NULL; } @@ -99,27 +116,32 @@ static struct wpabuf * sme_auth_build_sae_commit(struct wpa_supplicant *wpa_s, } if (sae_prepare_commit(wpa_s->own_addr, bssid, - (u8 *) ssid->passphrase, - os_strlen(ssid->passphrase), + (u8 *) password, os_strlen(password), + ssid->sae_password_id, &wpa_s->sme.sae) < 0) { wpa_printf(MSG_DEBUG, "SAE: Could not pick PWE"); return NULL; } len = wpa_s->sme.sae_token ? wpabuf_len(wpa_s->sme.sae_token) : 0; + if (ssid->sae_password_id) + len += 4 + os_strlen(ssid->sae_password_id); buf = wpabuf_alloc(4 + SAE_COMMIT_MAX_LEN + len); if (buf == NULL) return NULL; - - wpabuf_put_le16(buf, 1); /* Transaction seq# */ - wpabuf_put_le16(buf, WLAN_STATUS_SUCCESS); - sae_write_commit(&wpa_s->sme.sae, buf, wpa_s->sme.sae_token); + if (!external) { + wpabuf_put_le16(buf, 1); /* Transaction seq# */ + wpabuf_put_le16(buf, WLAN_STATUS_SUCCESS); + } + sae_write_commit(&wpa_s->sme.sae, buf, wpa_s->sme.sae_token, + ssid->sae_password_id); return buf; } -static struct wpabuf * sme_auth_build_sae_confirm(struct wpa_supplicant *wpa_s) +static struct wpabuf * sme_auth_build_sae_confirm(struct wpa_supplicant *wpa_s, + int external) { struct wpabuf *buf; @@ -127,8 +149,10 @@ static struct wpabuf * sme_auth_build_sae_confirm(struct wpa_supplicant *wpa_s) if (buf == NULL) return NULL; - wpabuf_put_le16(buf, 2); /* Transaction seq# */ - wpabuf_put_le16(buf, WLAN_STATUS_SUCCESS); + if (!external) { + wpabuf_put_le16(buf, 2); /* Transaction seq# */ + wpabuf_put_le16(buf, WLAN_STATUS_SUCCESS); + } sae_write_confirm(&wpa_s->sme.sae, buf); return buf; @@ -187,6 +211,10 @@ static void sme_auth_handle_rrm(struct wpa_supplicant *wpa_s, if (wpa_s->drv_rrm_flags & WPA_DRIVER_FLAGS_TX_POWER_INSERTION) *pos |= WLAN_RRM_CAPS_LINK_MEASUREMENT; + *pos |= WLAN_RRM_CAPS_BEACON_REPORT_PASSIVE | + WLAN_RRM_CAPS_BEACON_REPORT_ACTIVE | + WLAN_RRM_CAPS_BEACON_REPORT_TABLE; + if (wpa_s->lci) pos[1] |= WLAN_RRM_CAPS_LCI_MEASUREMENT; @@ -204,16 +232,18 @@ static void sme_send_authentication(struct wpa_supplicant *wpa_s, #ifdef CONFIG_IEEE80211R const u8 *ie; #endif /* CONFIG_IEEE80211R */ -#ifdef CONFIG_IEEE80211R +#if defined(CONFIG_IEEE80211R) || defined(CONFIG_FILS) const u8 *md = NULL; -#endif /* CONFIG_IEEE80211R */ +#endif /* CONFIG_IEEE80211R || CONFIG_FILS */ int i, bssid_changed; struct wpabuf *resp = NULL; u8 ext_capab[18]; int ext_capab_len; int skip_auth; + u8 *wpa_ie; + size_t wpa_ie_len; #ifdef CONFIG_MBO - const u8 *mbo; + const u8 *mbo_ie; #endif /* CONFIG_MBO */ if (bss == NULL) { @@ -300,13 +330,20 @@ static void sme_send_authentication(struct wpa_supplicant *wpa_s, wpa_bss_get_ie(bss, WLAN_EID_RSN)) && wpa_key_mgmt_wpa(ssid->key_mgmt)) { int try_opportunistic; + const u8 *cache_id = NULL; + try_opportunistic = (ssid->proactive_key_caching < 0 ? wpa_s->conf->okc : ssid->proactive_key_caching) && (ssid->proto & WPA_PROTO_RSN); +#ifdef CONFIG_FILS + if (wpa_key_mgmt_fils(ssid->key_mgmt)) + cache_id = wpa_bss_get_fils_cache_id(bss); +#endif /* CONFIG_FILS */ if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid, wpa_s->current_ssid, - try_opportunistic) == 0) + try_opportunistic, cache_id, + 0) == 0) eapol_sm_notify_pmkid_attempt(wpa_s->eapol); wpa_s->sme.assoc_req_ie_len = sizeof(wpa_s->sme.assoc_req_ie); if (wpa_supplicant_set_suites(wpa_s, bss, ssid, @@ -317,6 +354,20 @@ static void sme_send_authentication(struct wpa_supplicant *wpa_s, wpas_connect_work_done(wpa_s); return; } +#ifdef CONFIG_HS20 + } else if (wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE) && + (ssid->key_mgmt & WPA_KEY_MGMT_OSEN)) { + /* No PMKSA caching, but otherwise similar to RSN/WPA */ + wpa_s->sme.assoc_req_ie_len = sizeof(wpa_s->sme.assoc_req_ie); + if (wpa_supplicant_set_suites(wpa_s, bss, ssid, + wpa_s->sme.assoc_req_ie, + &wpa_s->sme.assoc_req_ie_len)) { + wpa_msg(wpa_s, MSG_WARNING, "SME: Failed to set WPA " + "key management and encryption suites"); + wpas_connect_work_done(wpa_s); + return; + } +#endif /* CONFIG_HS20 */ } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) { /* @@ -356,6 +407,28 @@ static void sme_send_authentication(struct wpa_supplicant *wpa_s, wpa_s->sme.assoc_req_ie_len = 0; } + /* In case the WPA vendor IE is used, it should be placed after all the + * non-vendor IEs, as the lower layer expects the IEs to be ordered as + * defined in the standard. Store the WPA IE so it can later be + * inserted at the correct location. + */ + wpa_ie = NULL; + wpa_ie_len = 0; + if (wpa_s->wpa_proto == WPA_PROTO_WPA) { + wpa_ie = os_memdup(wpa_s->sme.assoc_req_ie, + wpa_s->sme.assoc_req_ie_len); + if (wpa_ie) { + wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Storing WPA IE"); + + wpa_ie_len = wpa_s->sme.assoc_req_ie_len; + wpa_s->sme.assoc_req_ie_len = 0; + } else { + wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed copy WPA IE"); + wpas_connect_work_done(wpa_s); + return; + } + } + #ifdef CONFIG_IEEE80211R ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN); if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN) @@ -366,7 +439,12 @@ static void sme_send_authentication(struct wpa_supplicant *wpa_s, wpa_ft_prepare_auth_request(wpa_s->wpa, ie); } - if (md && wpa_key_mgmt_ft(ssid->key_mgmt)) { + if (md && !wpa_key_mgmt_ft(ssid->key_mgmt)) + md = NULL; + if (md) { + wpa_dbg(wpa_s, MSG_DEBUG, "SME: FT mobility domain %02x%02x", + md[0], md[1]); + if (wpa_s->sme.assoc_req_ie_len + 5 < sizeof(wpa_s->sme.assoc_req_ie)) { struct rsn_mdie *mdie; @@ -440,20 +518,10 @@ static void sme_send_authentication(struct wpa_supplicant *wpa_s, sme_auth_handle_rrm(wpa_s, bss); -#ifdef CONFIG_MBO - mbo = wpa_bss_get_vendor_ie(bss, MBO_IE_VENDOR_TYPE); - if (mbo) { - int len; - - len = wpas_mbo_supp_op_class_ie( - wpa_s, bss->freq, - wpa_s->sme.assoc_req_ie + wpa_s->sme.assoc_req_ie_len, - sizeof(wpa_s->sme.assoc_req_ie) - - wpa_s->sme.assoc_req_ie_len); - if (len > 0) - wpa_s->sme.assoc_req_ie_len += len; - } -#endif /* CONFIG_MBO */ + wpa_s->sme.assoc_req_ie_len += wpas_supp_op_class_ie( + wpa_s, bss->freq, + wpa_s->sme.assoc_req_ie + wpa_s->sme.assoc_req_ie_len, + sizeof(wpa_s->sme.assoc_req_ie) - wpa_s->sme.assoc_req_ie_len); if (params.p2p) wpa_drv_get_ext_capa(wpa_s, WPA_IF_P2P_CLIENT); @@ -477,12 +545,13 @@ static void sme_send_authentication(struct wpa_supplicant *wpa_s, if (is_hs20_network(wpa_s, ssid, bss)) { struct wpabuf *hs20; - hs20 = wpabuf_alloc(20); + hs20 = wpabuf_alloc(20 + MAX_ROAMING_CONS_OI_LEN); if (hs20) { int pps_mo_id = hs20_get_pps_mo_id(wpa_s, ssid); size_t len; wpas_hs20_add_indication(hs20, pps_mo_id); + wpas_hs20_add_roam_cons_sel(hs20, ssid); len = sizeof(wpa_s->sme.assoc_req_ie) - wpa_s->sme.assoc_req_ie_len; if (wpabuf_len(hs20) <= len) { @@ -496,6 +565,26 @@ static void sme_send_authentication(struct wpa_supplicant *wpa_s, } #endif /* CONFIG_HS20 */ + if (wpa_ie) { + size_t len; + + wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Reinsert WPA IE"); + + len = sizeof(wpa_s->sme.assoc_req_ie) - + wpa_s->sme.assoc_req_ie_len; + + if (len > wpa_ie_len) { + os_memcpy(wpa_s->sme.assoc_req_ie + + wpa_s->sme.assoc_req_ie_len, + wpa_ie, wpa_ie_len); + wpa_s->sme.assoc_req_ie_len += wpa_ie_len; + } else { + wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Failed to add WPA IE"); + } + + os_free(wpa_ie); + } + if (wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ]) { struct wpabuf *buf = wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ]; size_t len; @@ -511,13 +600,16 @@ static void sme_send_authentication(struct wpa_supplicant *wpa_s, } #ifdef CONFIG_MBO - if (mbo) { + mbo_ie = wpa_bss_get_vendor_ie(bss, MBO_IE_VENDOR_TYPE); + if (mbo_ie) { int len; len = wpas_mbo_ie(wpa_s, wpa_s->sme.assoc_req_ie + wpa_s->sme.assoc_req_ie_len, sizeof(wpa_s->sme.assoc_req_ie) - - wpa_s->sme.assoc_req_ie_len); + wpa_s->sme.assoc_req_ie_len, + !!mbo_attr_from_mbo_ie(mbo_ie, + OCE_ATTR_ID_CAPA_IND)); if (len >= 0) wpa_s->sme.assoc_req_ie_len += len; } @@ -525,10 +617,11 @@ static void sme_send_authentication(struct wpa_supplicant *wpa_s, #ifdef CONFIG_SAE if (!skip_auth && params.auth_alg == WPA_AUTH_ALG_SAE && - pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid, ssid, 0) == 0) - { + pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid, ssid, 0, + NULL, WPA_KEY_MGMT_SAE) == 0) { wpa_dbg(wpa_s, MSG_DEBUG, "PMKSA cache entry found - try to use PMKSA caching instead of new SAE authentication"); + wpa_sm_set_pmk_from_pmksa(wpa_s->wpa); params.auth_alg = WPA_AUTH_ALG_OPEN; wpa_s->sme.sae_pmksa_caching = 1; } @@ -536,19 +629,105 @@ static void sme_send_authentication(struct wpa_supplicant *wpa_s, if (!skip_auth && params.auth_alg == WPA_AUTH_ALG_SAE) { if (start) resp = sme_auth_build_sae_commit(wpa_s, ssid, - bss->bssid); + bss->bssid, 0); else - resp = sme_auth_build_sae_confirm(wpa_s); + resp = sme_auth_build_sae_confirm(wpa_s, 0); if (resp == NULL) { wpas_connection_failed(wpa_s, bss->bssid); return; } - params.sae_data = wpabuf_head(resp); - params.sae_data_len = wpabuf_len(resp); + params.auth_data = wpabuf_head(resp); + params.auth_data_len = wpabuf_len(resp); wpa_s->sme.sae.state = start ? SAE_COMMITTED : SAE_CONFIRMED; } #endif /* CONFIG_SAE */ + old_ssid = wpa_s->current_ssid; + wpa_s->current_ssid = ssid; + wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid); + wpa_supplicant_initiate_eapol(wpa_s); + +#ifdef CONFIG_FILS + /* TODO: FILS operations can in some cases be done between different + * network_ctx (i.e., same credentials can be used with multiple + * networks). */ + if (params.auth_alg == WPA_AUTH_ALG_OPEN && + wpa_key_mgmt_fils(ssid->key_mgmt)) { + const u8 *indic; + u16 fils_info; + const u8 *realm, *username, *rrk; + size_t realm_len, username_len, rrk_len; + u16 next_seq_num; + + /* + * Check FILS Indication element (FILS Information field) bits + * indicating supported authentication algorithms against local + * configuration (ssid->fils_dh_group). Try to use FILS + * authentication only if the AP supports the combination in the + * network profile. */ + indic = wpa_bss_get_ie(bss, WLAN_EID_FILS_INDICATION); + if (!indic || indic[1] < 2) { + wpa_printf(MSG_DEBUG, "SME: " MACSTR + " does not include FILS Indication element - cannot use FILS authentication with it", + MAC2STR(bss->bssid)); + goto no_fils; + } + + fils_info = WPA_GET_LE16(indic + 2); + if (ssid->fils_dh_group == 0 && !(fils_info & BIT(9))) { + wpa_printf(MSG_DEBUG, "SME: " MACSTR + " does not support FILS SK without PFS - cannot use FILS authentication with it", + MAC2STR(bss->bssid)); + goto no_fils; + } + if (ssid->fils_dh_group != 0 && !(fils_info & BIT(10))) { + wpa_printf(MSG_DEBUG, "SME: " MACSTR + " does not support FILS SK with PFS - cannot use FILS authentication with it", + MAC2STR(bss->bssid)); + goto no_fils; + } + + if (wpa_s->last_con_fail_realm && + eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap, + &username, &username_len, + &realm, &realm_len, &next_seq_num, + &rrk, &rrk_len) == 0 && + realm && realm_len == wpa_s->last_con_fail_realm_len && + os_memcmp(realm, wpa_s->last_con_fail_realm, + realm_len) == 0) { + wpa_printf(MSG_DEBUG, + "SME: FILS authentication for this realm failed last time - try to regenerate ERP key hierarchy"); + goto no_fils; + } + + if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid, + ssid, 0, + wpa_bss_get_fils_cache_id(bss), + 0) == 0) + wpa_printf(MSG_DEBUG, + "SME: Try to use FILS with PMKSA caching"); + resp = fils_build_auth(wpa_s->wpa, ssid->fils_dh_group, md); + if (resp) { + int auth_alg; + + if (ssid->fils_dh_group) + wpa_printf(MSG_DEBUG, + "SME: Try to use FILS SK authentication with PFS (DH Group %u)", + ssid->fils_dh_group); + else + wpa_printf(MSG_DEBUG, + "SME: Try to use FILS SK authentication without PFS"); + auth_alg = ssid->fils_dh_group ? + WPA_AUTH_ALG_FILS_SK_PFS : WPA_AUTH_ALG_FILS; + params.auth_alg = auth_alg; + params.auth_data = wpabuf_head(resp); + params.auth_data_len = wpabuf_len(resp); + wpa_s->sme.auth_alg = auth_alg; + } + } +no_fils: +#endif /* CONFIG_FILS */ + wpa_supplicant_cancel_sched_scan(wpa_s); wpa_supplicant_cancel_scan(wpa_s); @@ -556,12 +735,9 @@ static void sme_send_authentication(struct wpa_supplicant *wpa_s, " (SSID='%s' freq=%d MHz)", MAC2STR(params.bssid), wpa_ssid_txt(params.ssid, params.ssid_len), params.freq); + eapol_sm_notify_portValid(wpa_s->eapol, FALSE); wpa_clear_keys(wpa_s, bss->bssid); wpa_supplicant_set_state(wpa_s, WPA_AUTHENTICATING); - old_ssid = wpa_s->current_ssid; - wpa_s->current_ssid = ssid; - wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid); - wpa_supplicant_initiate_eapol(wpa_s); if (old_ssid != wpa_s->current_ssid) wpas_notify_network_changed(wpa_s); @@ -650,6 +826,10 @@ static void sme_auth_start_cb(struct wpa_radio_work *work, int deinit) return; } + /* Starting new connection, so clear the possibly used WPA IE from the + * previous association. */ + wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0); + sme_send_authentication(wpa_s, cwork->bss, cwork->ssid, 1); } @@ -700,8 +880,151 @@ void sme_authenticate(struct wpa_supplicant *wpa_s, #ifdef CONFIG_SAE +static int sme_external_auth_build_buf(struct wpabuf *buf, + struct wpabuf *params, + const u8 *sa, const u8 *da, + u16 auth_transaction, u16 seq_num) +{ + struct ieee80211_mgmt *resp; + + resp = wpabuf_put(buf, offsetof(struct ieee80211_mgmt, + u.auth.variable)); + + resp->frame_control = host_to_le16((WLAN_FC_TYPE_MGMT << 2) | + (WLAN_FC_STYPE_AUTH << 4)); + os_memcpy(resp->da, da, ETH_ALEN); + os_memcpy(resp->sa, sa, ETH_ALEN); + os_memcpy(resp->bssid, da, ETH_ALEN); + resp->u.auth.auth_alg = host_to_le16(WLAN_AUTH_SAE); + resp->seq_ctrl = host_to_le16(seq_num << 4); + resp->u.auth.auth_transaction = host_to_le16(auth_transaction); + resp->u.auth.status_code = host_to_le16(WLAN_STATUS_SUCCESS); + if (params) + wpabuf_put_buf(buf, params); + + return 0; +} + + +static void sme_external_auth_send_sae_commit(struct wpa_supplicant *wpa_s, + const u8 *bssid, + struct wpa_ssid *ssid) +{ + struct wpabuf *resp, *buf; + + resp = sme_auth_build_sae_commit(wpa_s, ssid, bssid, 1); + if (!resp) + return; + + wpa_s->sme.sae.state = SAE_COMMITTED; + buf = wpabuf_alloc(4 + SAE_COMMIT_MAX_LEN + wpabuf_len(resp)); + if (!buf) { + wpabuf_free(resp); + return; + } + + wpa_s->sme.seq_num++; + sme_external_auth_build_buf(buf, resp, wpa_s->own_addr, + bssid, 1, wpa_s->sme.seq_num); + wpa_drv_send_mlme(wpa_s, wpabuf_head(buf), wpabuf_len(buf), 1, 0); + wpabuf_free(resp); + wpabuf_free(buf); +} + + +static void sme_send_external_auth_status(struct wpa_supplicant *wpa_s, + u16 status) +{ + struct external_auth params; + + os_memset(¶ms, 0, sizeof(params)); + params.status = status; + os_memcpy(params.ssid, wpa_s->sme.ext_auth.ssid, + wpa_s->sme.ext_auth.ssid_len); + params.ssid_len = wpa_s->sme.ext_auth.ssid_len; + os_memcpy(params.bssid, wpa_s->sme.ext_auth.bssid, ETH_ALEN); + wpa_drv_send_external_auth_status(wpa_s, ¶ms); +} + + +static void sme_handle_external_auth_start(struct wpa_supplicant *wpa_s, + union wpa_event_data *data) +{ + struct wpa_ssid *ssid; + size_t ssid_str_len = data->external_auth.ssid_len; + u8 *ssid_str = data->external_auth.ssid; + + /* Get the SSID conf from the ssid string obtained */ + for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) { + if (!wpas_network_disabled(wpa_s, ssid) && + ssid_str_len == ssid->ssid_len && + os_memcmp(ssid_str, ssid->ssid, ssid_str_len) == 0 && + (ssid->key_mgmt & WPA_KEY_MGMT_SAE)) + break; + } + if (ssid) + sme_external_auth_send_sae_commit(wpa_s, + data->external_auth.bssid, + ssid); + else + sme_send_external_auth_status(wpa_s, + WLAN_STATUS_UNSPECIFIED_FAILURE); +} + + +static void sme_external_auth_send_sae_confirm(struct wpa_supplicant *wpa_s, + const u8 *da) +{ + struct wpabuf *resp, *buf; + + resp = sme_auth_build_sae_confirm(wpa_s, 1); + if (!resp) { + wpa_printf(MSG_DEBUG, "SAE: Confirm message buf alloc failure"); + return; + } + + wpa_s->sme.sae.state = SAE_CONFIRMED; + buf = wpabuf_alloc(4 + SAE_CONFIRM_MAX_LEN + wpabuf_len(resp)); + if (!buf) { + wpa_printf(MSG_DEBUG, "SAE: Auth Confirm buf alloc failure"); + wpabuf_free(resp); + return; + } + wpa_s->sme.seq_num++; + sme_external_auth_build_buf(buf, resp, wpa_s->own_addr, + da, 2, wpa_s->sme.seq_num); + wpa_drv_send_mlme(wpa_s, wpabuf_head(buf), wpabuf_len(buf), 1, 0); + wpabuf_free(resp); + wpabuf_free(buf); +} + + +void sme_external_auth_trigger(struct wpa_supplicant *wpa_s, + union wpa_event_data *data) +{ + if (RSN_SELECTOR_GET(&data->external_auth.key_mgmt_suite) != + RSN_AUTH_KEY_MGMT_SAE) + return; + + if (data->external_auth.action == EXT_AUTH_START) { + os_memcpy(&wpa_s->sme.ext_auth, data, + sizeof(struct external_auth)); + wpa_s->sme.seq_num = 0; + wpa_s->sme.sae.state = SAE_NOTHING; + wpa_s->sme.sae.send_confirm = 0; + wpa_s->sme.sae_group_index = 0; + sme_handle_external_auth_start(wpa_s, data); + } else if (data->external_auth.action == EXT_AUTH_ABORT) { + /* Report failure to driver for the wrong trigger */ + sme_send_external_auth_status(wpa_s, + WLAN_STATUS_UNSPECIFIED_FAILURE); + } +} + + static int sme_sae_auth(struct wpa_supplicant *wpa_s, u16 auth_transaction, - u16 status_code, const u8 *data, size_t len) + u16 status_code, const u8 *data, size_t len, + int external, const u8 *sa) { int *groups; @@ -711,7 +1034,7 @@ static int sme_sae_auth(struct wpa_supplicant *wpa_s, u16 auth_transaction, if (auth_transaction == 1 && status_code == WLAN_STATUS_ANTI_CLOGGING_TOKEN_REQ && wpa_s->sme.sae.state == SAE_COMMITTED && - wpa_s->current_bss && wpa_s->current_ssid) { + (external || wpa_s->current_bss) && wpa_s->current_ssid) { int default_groups[] = { 19, 20, 21, 25, 26, 0 }; u16 group; @@ -738,25 +1061,45 @@ static int sme_sae_auth(struct wpa_supplicant *wpa_s, u16 auth_transaction, wpabuf_free(wpa_s->sme.sae_token); wpa_s->sme.sae_token = wpabuf_alloc_copy(data + sizeof(le16), len - sizeof(le16)); - sme_send_authentication(wpa_s, wpa_s->current_bss, - wpa_s->current_ssid, 1); + if (!external) + sme_send_authentication(wpa_s, wpa_s->current_bss, + wpa_s->current_ssid, 1); + else + sme_external_auth_send_sae_commit( + wpa_s, wpa_s->sme.ext_auth.bssid, + wpa_s->current_ssid); return 0; } if (auth_transaction == 1 && status_code == WLAN_STATUS_FINITE_CYCLIC_GROUP_NOT_SUPPORTED && wpa_s->sme.sae.state == SAE_COMMITTED && - wpa_s->current_bss && wpa_s->current_ssid) { + (external || wpa_s->current_bss) && wpa_s->current_ssid) { wpa_dbg(wpa_s, MSG_DEBUG, "SME: SAE group not supported"); wpa_s->sme.sae_group_index++; if (sme_set_sae_group(wpa_s) < 0) return -1; /* no other groups enabled */ wpa_dbg(wpa_s, MSG_DEBUG, "SME: Try next enabled SAE group"); - sme_send_authentication(wpa_s, wpa_s->current_bss, - wpa_s->current_ssid, 1); + if (!external) + sme_send_authentication(wpa_s, wpa_s->current_bss, + wpa_s->current_ssid, 1); + else + sme_external_auth_send_sae_commit( + wpa_s, wpa_s->sme.ext_auth.bssid, + wpa_s->current_ssid); return 0; } + if (auth_transaction == 1 && + status_code == WLAN_STATUS_UNKNOWN_PASSWORD_IDENTIFIER) { + const u8 *bssid = sa ? sa : wpa_s->pending_bssid; + + wpa_msg(wpa_s, MSG_INFO, + WPA_EVENT_SAE_UNKNOWN_PASSWORD_IDENTIFIER MACSTR, + MAC2STR(bssid)); + return -1; + } + if (status_code != WLAN_STATUS_SUCCESS) return -1; @@ -766,7 +1109,7 @@ static int sme_sae_auth(struct wpa_supplicant *wpa_s, u16 auth_transaction, groups = wpa_s->conf->sae_groups; wpa_dbg(wpa_s, MSG_DEBUG, "SME SAE commit"); - if (wpa_s->current_bss == NULL || + if ((!external && wpa_s->current_bss == NULL) || wpa_s->current_ssid == NULL) return -1; if (wpa_s->sme.sae.state != SAE_COMMITTED) @@ -791,8 +1134,11 @@ static int sme_sae_auth(struct wpa_supplicant *wpa_s, u16 auth_transaction, wpabuf_free(wpa_s->sme.sae_token); wpa_s->sme.sae_token = NULL; - sme_send_authentication(wpa_s, wpa_s->current_bss, - wpa_s->current_ssid, 0); + if (!external) + sme_send_authentication(wpa_s, wpa_s->current_bss, + wpa_s->current_ssid, 0); + else + sme_external_auth_send_sae_confirm(wpa_s, sa); return 0; } else if (auth_transaction == 2) { wpa_dbg(wpa_s, MSG_DEBUG, "SME SAE confirm"); @@ -802,11 +1148,60 @@ static int sme_sae_auth(struct wpa_supplicant *wpa_s, u16 auth_transaction, return -1; wpa_s->sme.sae.state = SAE_ACCEPTED; sae_clear_temp_data(&wpa_s->sme.sae); + + if (external) { + /* Report success to driver */ + sme_send_external_auth_status(wpa_s, + WLAN_STATUS_SUCCESS); + } + return 1; } return -1; } + + +void sme_external_auth_mgmt_rx(struct wpa_supplicant *wpa_s, + const u8 *auth_frame, size_t len) +{ + const struct ieee80211_mgmt *header; + size_t auth_length; + + header = (const struct ieee80211_mgmt *) auth_frame; + auth_length = IEEE80211_HDRLEN + sizeof(header->u.auth); + + if (len < auth_length) { + /* Notify failure to the driver */ + sme_send_external_auth_status(wpa_s, + WLAN_STATUS_UNSPECIFIED_FAILURE); + return; + } + + if (le_to_host16(header->u.auth.auth_alg) == WLAN_AUTH_SAE) { + int res; + + res = sme_sae_auth( + wpa_s, le_to_host16(header->u.auth.auth_transaction), + le_to_host16(header->u.auth.status_code), + header->u.auth.variable, + len - auth_length, 1, header->sa); + if (res < 0) { + /* Notify failure to the driver */ + sme_send_external_auth_status( + wpa_s, WLAN_STATUS_UNSPECIFIED_FAILURE); + return; + } + if (res != 1) + return; + + wpa_printf(MSG_DEBUG, + "SME: SAE completed - setting PMK for 4-way handshake"); + wpa_sm_set_pmk(wpa_s->wpa, wpa_s->sme.sae.pmk, PMK_LEN, + wpa_s->sme.sae.pmkid, wpa_s->pending_bssid); + } +} + #endif /* CONFIG_SAE */ @@ -847,7 +1242,7 @@ void sme_event_auth(struct wpa_supplicant *wpa_s, union wpa_event_data *data) int res; res = sme_sae_auth(wpa_s, data->auth.auth_transaction, data->auth.status_code, data->auth.ies, - data->auth.ies_len); + data->auth.ies_len, 0, NULL); if (res < 0) { wpas_connection_failed(wpa_s, wpa_s->pending_bssid); wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED); @@ -875,12 +1270,19 @@ void sme_event_auth(struct wpa_supplicant *wpa_s, union wpa_event_data *data) } } wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_AUTH_REJECT MACSTR - " auth_type=%u auth_transaction=%u status_code=%u ie=%s", + " auth_type=%u auth_transaction=%u status_code=%u%s%s", MAC2STR(data->auth.peer), data->auth.auth_type, data->auth.auth_transaction, data->auth.status_code, - ie_txt); + ie_txt ? " ie=" : "", + ie_txt ? ie_txt : ""); os_free(ie_txt); +#ifdef CONFIG_FILS + if (wpa_s->sme.auth_alg == WPA_AUTH_ALG_FILS || + wpa_s->sme.auth_alg == WPA_AUTH_ALG_FILS_SK_PFS) + fils_connection_failure(wpa_s); +#endif /* CONFIG_FILS */ + if (data->auth.status_code != WLAN_STATUS_NOT_SUPPORTED_AUTH_ALG || wpa_s->sme.auth_alg == data->auth.auth_type || @@ -916,9 +1318,17 @@ void sme_event_auth(struct wpa_supplicant *wpa_s, union wpa_event_data *data) #ifdef CONFIG_IEEE80211R if (data->auth.auth_type == WLAN_AUTH_FT) { + const u8 *ric_ies = NULL; + size_t ric_ies_len = 0; + + if (wpa_s->ric_ies) { + ric_ies = wpabuf_head(wpa_s->ric_ies); + ric_ies_len = wpabuf_len(wpa_s->ric_ies); + } if (wpa_ft_process_response(wpa_s->wpa, data->auth.ies, data->auth.ies_len, 0, - data->auth.peer, NULL, 0) < 0) { + data->auth.peer, + ric_ies, ric_ies_len) < 0) { wpa_dbg(wpa_s, MSG_DEBUG, "SME: FT Authentication response processing failed"); wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_DISCONNECTED "bssid=" @@ -933,16 +1343,75 @@ void sme_event_auth(struct wpa_supplicant *wpa_s, union wpa_event_data *data) } #endif /* CONFIG_IEEE80211R */ +#ifdef CONFIG_FILS + if (data->auth.auth_type == WLAN_AUTH_FILS_SK || + data->auth.auth_type == WLAN_AUTH_FILS_SK_PFS) { + u16 expect_auth_type; + + expect_auth_type = wpa_s->sme.auth_alg == + WPA_AUTH_ALG_FILS_SK_PFS ? WLAN_AUTH_FILS_SK_PFS : + WLAN_AUTH_FILS_SK; + if (data->auth.auth_type != expect_auth_type) { + wpa_dbg(wpa_s, MSG_DEBUG, + "SME: FILS Authentication response used different auth alg (%u; expected %u)", + data->auth.auth_type, expect_auth_type); + wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_DISCONNECTED "bssid=" + MACSTR + " reason=%d locally_generated=1", + MAC2STR(wpa_s->pending_bssid), + WLAN_REASON_DEAUTH_LEAVING); + wpas_connection_failed(wpa_s, wpa_s->pending_bssid); + wpa_supplicant_mark_disassoc(wpa_s); + return; + } + + if (fils_process_auth(wpa_s->wpa, wpa_s->pending_bssid, + data->auth.ies, data->auth.ies_len) < 0) { + wpa_dbg(wpa_s, MSG_DEBUG, + "SME: FILS Authentication response processing failed"); + wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_DISCONNECTED "bssid=" + MACSTR + " reason=%d locally_generated=1", + MAC2STR(wpa_s->pending_bssid), + WLAN_REASON_DEAUTH_LEAVING); + wpas_connection_failed(wpa_s, wpa_s->pending_bssid); + wpa_supplicant_mark_disassoc(wpa_s); + return; + } + } +#endif /* CONFIG_FILS */ + sme_associate(wpa_s, ssid->mode, data->auth.peer, data->auth.auth_type); } +#ifdef CONFIG_FILS +#ifdef CONFIG_IEEE80211R +static void remove_ie(u8 *buf, size_t *len, u8 eid) +{ + u8 *pos, *next, *end; + + pos = (u8 *) get_ie(buf, *len, eid); + if (pos) { + next = pos + 2 + pos[1]; + end = buf + *len; + *len -= 2 + pos[1]; + os_memmove(pos, next, end - next); + } +} +#endif /* CONFIG_IEEE80211R */ +#endif /* CONFIG_FILS */ + + void sme_associate(struct wpa_supplicant *wpa_s, enum wpas_mode mode, const u8 *bssid, u16 auth_type) { struct wpa_driver_associate_params params; struct ieee802_11_elems elems; +#ifdef CONFIG_FILS + u8 nonces[2 * FILS_NONCE_LEN]; +#endif /* CONFIG_FILS */ #ifdef CONFIG_HT_OVERRIDES struct ieee80211_ht_capabilities htcaps; struct ieee80211_ht_capabilities htcaps_mask; @@ -953,6 +1422,138 @@ void sme_associate(struct wpa_supplicant *wpa_s, enum wpas_mode mode, #endif /* CONFIG_VHT_OVERRIDES */ os_memset(¶ms, 0, sizeof(params)); + +#ifdef CONFIG_FILS + if (auth_type == WLAN_AUTH_FILS_SK || + auth_type == WLAN_AUTH_FILS_SK_PFS) { + struct wpabuf *buf; + const u8 *snonce, *anonce; + const unsigned int max_hlp = 20; + struct wpabuf *hlp[max_hlp]; + unsigned int i, num_hlp = 0; + struct fils_hlp_req *req; + + dl_list_for_each(req, &wpa_s->fils_hlp_req, struct fils_hlp_req, + list) { + hlp[num_hlp] = wpabuf_alloc(2 * ETH_ALEN + 6 + + wpabuf_len(req->pkt)); + if (!hlp[num_hlp]) + break; + wpabuf_put_data(hlp[num_hlp], req->dst, ETH_ALEN); + wpabuf_put_data(hlp[num_hlp], wpa_s->own_addr, + ETH_ALEN); + wpabuf_put_data(hlp[num_hlp], + "\xaa\xaa\x03\x00\x00\x00", 6); + wpabuf_put_buf(hlp[num_hlp], req->pkt); + num_hlp++; + if (num_hlp >= max_hlp) + break; + } + + buf = fils_build_assoc_req(wpa_s->wpa, ¶ms.fils_kek, + ¶ms.fils_kek_len, &snonce, + &anonce, + (const struct wpabuf **) hlp, + num_hlp); + for (i = 0; i < num_hlp; i++) + wpabuf_free(hlp[i]); + if (!buf) + return; + wpa_hexdump(MSG_DEBUG, "FILS: assoc_req before FILS elements", + wpa_s->sme.assoc_req_ie, + wpa_s->sme.assoc_req_ie_len); +#ifdef CONFIG_IEEE80211R + if (wpa_key_mgmt_ft(wpa_s->key_mgmt)) { + /* Remove RSNE and MDE to allow them to be overridden + * with FILS+FT specific values from + * fils_build_assoc_req(). */ + remove_ie(wpa_s->sme.assoc_req_ie, + &wpa_s->sme.assoc_req_ie_len, + WLAN_EID_RSN); + wpa_hexdump(MSG_DEBUG, + "FILS: assoc_req after RSNE removal", + wpa_s->sme.assoc_req_ie, + wpa_s->sme.assoc_req_ie_len); + remove_ie(wpa_s->sme.assoc_req_ie, + &wpa_s->sme.assoc_req_ie_len, + WLAN_EID_MOBILITY_DOMAIN); + wpa_hexdump(MSG_DEBUG, + "FILS: assoc_req after MDE removal", + wpa_s->sme.assoc_req_ie, + wpa_s->sme.assoc_req_ie_len); + } +#endif /* CONFIG_IEEE80211R */ + /* TODO: Make wpa_s->sme.assoc_req_ie use dynamic allocation */ + if (wpa_s->sme.assoc_req_ie_len + wpabuf_len(buf) > + sizeof(wpa_s->sme.assoc_req_ie)) { + wpa_printf(MSG_ERROR, + "FILS: Not enough buffer room for own AssocReq elements"); + wpabuf_free(buf); + return; + } + os_memcpy(wpa_s->sme.assoc_req_ie + wpa_s->sme.assoc_req_ie_len, + wpabuf_head(buf), wpabuf_len(buf)); + wpa_s->sme.assoc_req_ie_len += wpabuf_len(buf); + wpabuf_free(buf); + wpa_hexdump(MSG_DEBUG, "FILS: assoc_req after FILS elements", + wpa_s->sme.assoc_req_ie, + wpa_s->sme.assoc_req_ie_len); + + os_memcpy(nonces, snonce, FILS_NONCE_LEN); + os_memcpy(nonces + FILS_NONCE_LEN, anonce, FILS_NONCE_LEN); + params.fils_nonces = nonces; + params.fils_nonces_len = sizeof(nonces); + } +#endif /* CONFIG_FILS */ + +#ifdef CONFIG_OWE +#ifdef CONFIG_TESTING_OPTIONS + if (get_ie_ext(wpa_s->sme.assoc_req_ie, wpa_s->sme.assoc_req_ie_len, + WLAN_EID_EXT_OWE_DH_PARAM)) { + wpa_printf(MSG_INFO, "TESTING: Override OWE DH element"); + } else +#endif /* CONFIG_TESTING_OPTIONS */ + if (auth_type == WLAN_AUTH_OPEN && + wpa_s->key_mgmt == WPA_KEY_MGMT_OWE) { + struct wpabuf *owe_ie; + u16 group; + + if (wpa_s->current_ssid && wpa_s->current_ssid->owe_group) { + group = wpa_s->current_ssid->owe_group; + } else if (wpa_s->assoc_status_code == + WLAN_STATUS_FINITE_CYCLIC_GROUP_NOT_SUPPORTED) { + if (wpa_s->last_owe_group == 19) + group = 20; + else if (wpa_s->last_owe_group == 20) + group = 21; + else + group = OWE_DH_GROUP; + } else { + group = OWE_DH_GROUP; + } + + wpa_s->last_owe_group = group; + wpa_printf(MSG_DEBUG, "OWE: Try to use group %u", group); + owe_ie = owe_build_assoc_req(wpa_s->wpa, group); + if (!owe_ie) { + wpa_printf(MSG_ERROR, + "OWE: Failed to build IE for Association Request frame"); + return; + } + if (wpa_s->sme.assoc_req_ie_len + wpabuf_len(owe_ie) > + sizeof(wpa_s->sme.assoc_req_ie)) { + wpa_printf(MSG_ERROR, + "OWE: Not enough buffer room for own Association Request frame elements"); + wpabuf_free(owe_ie); + return; + } + os_memcpy(wpa_s->sme.assoc_req_ie + wpa_s->sme.assoc_req_ie_len, + wpabuf_head(owe_ie), wpabuf_len(owe_ie)); + wpa_s->sme.assoc_req_ie_len += wpabuf_len(owe_ie); + wpabuf_free(owe_ie); + } +#endif /* CONFIG_OWE */ + params.bssid = bssid; params.ssid = wpa_s->sme.ssid; params.ssid_len = wpa_s->sme.ssid_len; @@ -962,8 +1563,11 @@ void sme_associate(struct wpa_supplicant *wpa_s, enum wpas_mode mode, params.wpa_ie = wpa_s->sme.assoc_req_ie_len ? wpa_s->sme.assoc_req_ie : NULL; params.wpa_ie_len = wpa_s->sme.assoc_req_ie_len; + wpa_hexdump(MSG_DEBUG, "SME: Association Request IEs", + params.wpa_ie, params.wpa_ie_len); params.pairwise_suite = wpa_s->pairwise_cipher; params.group_suite = wpa_s->group_cipher; + params.mgmt_group_suite = wpa_s->mgmt_group_cipher; params.key_mgmt_suite = wpa_s->key_mgmt; params.wpa_proto = wpa_s->wpa_proto; #ifdef CONFIG_HT_OVERRIDES @@ -981,9 +1585,85 @@ void sme_associate(struct wpa_supplicant *wpa_s, enum wpas_mode mode, wpa_supplicant_apply_vht_overrides(wpa_s, wpa_s->current_ssid, ¶ms); #endif /* CONFIG_VHT_OVERRIDES */ #ifdef CONFIG_IEEE80211R - if (auth_type == WLAN_AUTH_FT && wpa_s->sme.ft_ies) { + if (auth_type == WLAN_AUTH_FT && wpa_s->sme.ft_ies && + get_ie(wpa_s->sme.ft_ies, wpa_s->sme.ft_ies_len, + WLAN_EID_RIC_DATA)) { + /* There seems to be a pretty inconvenient bug in the Linux + * kernel IE splitting functionality when RIC is used. For now, + * skip correct behavior in IE construction here (i.e., drop the + * additional non-FT-specific IEs) to avoid kernel issues. This + * is fine since RIC is used only for testing purposes in the + * current implementation. */ + wpa_printf(MSG_INFO, + "SME: Linux kernel workaround - do not try to include additional IEs with RIC"); params.wpa_ie = wpa_s->sme.ft_ies; params.wpa_ie_len = wpa_s->sme.ft_ies_len; + } else if (auth_type == WLAN_AUTH_FT && wpa_s->sme.ft_ies) { + const u8 *rm_en, *pos, *end; + size_t rm_en_len = 0; + u8 *rm_en_dup = NULL, *wpos; + + /* Remove RSNE, MDE, FTE to allow them to be overridden with + * FT specific values */ + remove_ie(wpa_s->sme.assoc_req_ie, + &wpa_s->sme.assoc_req_ie_len, + WLAN_EID_RSN); + remove_ie(wpa_s->sme.assoc_req_ie, + &wpa_s->sme.assoc_req_ie_len, + WLAN_EID_MOBILITY_DOMAIN); + remove_ie(wpa_s->sme.assoc_req_ie, + &wpa_s->sme.assoc_req_ie_len, + WLAN_EID_FAST_BSS_TRANSITION); + rm_en = get_ie(wpa_s->sme.assoc_req_ie, + wpa_s->sme.assoc_req_ie_len, + WLAN_EID_RRM_ENABLED_CAPABILITIES); + if (rm_en) { + /* Need to remove RM Enabled Capabilities element as + * well temporarily, so that it can be placed between + * RSNE and MDE. */ + rm_en_len = 2 + rm_en[1]; + rm_en_dup = os_memdup(rm_en, rm_en_len); + remove_ie(wpa_s->sme.assoc_req_ie, + &wpa_s->sme.assoc_req_ie_len, + WLAN_EID_RRM_ENABLED_CAPABILITIES); + } + wpa_hexdump(MSG_DEBUG, + "SME: Association Request IEs after FT IE removal", + wpa_s->sme.assoc_req_ie, + wpa_s->sme.assoc_req_ie_len); + if (wpa_s->sme.assoc_req_ie_len + wpa_s->sme.ft_ies_len + + rm_en_len > sizeof(wpa_s->sme.assoc_req_ie)) { + wpa_printf(MSG_ERROR, + "SME: Not enough buffer room for FT IEs in Association Request frame"); + os_free(rm_en_dup); + return; + } + + os_memmove(wpa_s->sme.assoc_req_ie + wpa_s->sme.ft_ies_len + + rm_en_len, + wpa_s->sme.assoc_req_ie, + wpa_s->sme.assoc_req_ie_len); + pos = wpa_s->sme.ft_ies; + end = pos + wpa_s->sme.ft_ies_len; + wpos = wpa_s->sme.assoc_req_ie; + if (*pos == WLAN_EID_RSN) { + os_memcpy(wpos, pos, 2 + pos[1]); + wpos += 2 + pos[1]; + pos += 2 + pos[1]; + } + if (rm_en_dup) { + os_memcpy(wpos, rm_en_dup, rm_en_len); + wpos += rm_en_len; + os_free(rm_en_dup); + } + os_memcpy(wpos, pos, end - pos); + wpa_s->sme.assoc_req_ie_len += wpa_s->sme.ft_ies_len + + rm_en_len; + params.wpa_ie = wpa_s->sme.assoc_req_ie; + params.wpa_ie_len = wpa_s->sme.assoc_req_ie_len; + wpa_hexdump(MSG_DEBUG, + "SME: Association Request IEs after FT override", + params.wpa_ie, params.wpa_ie_len); } #endif /* CONFIG_IEEE80211R */ params.mode = mode; @@ -1038,6 +1718,14 @@ void sme_associate(struct wpa_supplicant *wpa_s, enum wpas_mode mode, eloop_register_timeout(SME_ASSOC_TIMEOUT, 0, sme_assoc_timer, wpa_s, NULL); + +#ifdef CONFIG_TESTING_OPTIONS + wpabuf_free(wpa_s->last_assoc_req_wpa_ie); + wpa_s->last_assoc_req_wpa_ie = NULL; + if (params.wpa_ie) + wpa_s->last_assoc_req_wpa_ie = + wpabuf_alloc_copy(params.wpa_ie, params.wpa_ie_len); +#endif /* CONFIG_TESTING_OPTIONS */ } @@ -1056,10 +1744,9 @@ int sme_update_ft_ies(struct wpa_supplicant *wpa_s, const u8 *md, os_memcpy(wpa_s->sme.mobility_domain, md, MOBILITY_DOMAIN_ID_LEN); wpa_hexdump(MSG_DEBUG, "SME: FT IEs", ies, ies_len); os_free(wpa_s->sme.ft_ies); - wpa_s->sme.ft_ies = os_malloc(ies_len); + wpa_s->sme.ft_ies = os_memdup(ies, ies_len); if (wpa_s->sme.ft_ies == NULL) return -1; - os_memcpy(wpa_s->sme.ft_ies, ies, ies_len); wpa_s->sme.ft_ies_len = ies_len; return 0; } @@ -1226,7 +1913,7 @@ void sme_clear_on_disassoc(struct wpa_supplicant *wpa_s) sae_clear_data(&wpa_s->sme.sae); #endif /* CONFIG_SAE */ #ifdef CONFIG_IEEE80211R - if (wpa_s->sme.ft_ies) + if (wpa_s->sme.ft_ies || wpa_s->sme.ft_used) sme_update_ft_ies(wpa_s, NULL, NULL, 0); #endif /* CONFIG_IEEE80211R */ } diff --git a/contrib/wpa/wpa_supplicant/sme.h b/contrib/wpa/wpa_supplicant/sme.h index fd5c3b4e1ed8..f3c822025574 100644 --- a/contrib/wpa/wpa_supplicant/sme.h +++ b/contrib/wpa/wpa_supplicant/sme.h @@ -38,6 +38,10 @@ void sme_deinit(struct wpa_supplicant *wpa_s); int sme_proc_obss_scan(struct wpa_supplicant *wpa_s); void sme_sched_obss_scan(struct wpa_supplicant *wpa_s, int enable); +void sme_external_auth_trigger(struct wpa_supplicant *wpa_s, + union wpa_event_data *data); +void sme_external_auth_mgmt_rx(struct wpa_supplicant *wpa_s, + const u8 *auth_frame, size_t len); #else /* CONFIG_SME */ @@ -113,6 +117,16 @@ static inline void sme_sched_obss_scan(struct wpa_supplicant *wpa_s, { } +static inline void sme_external_auth_trigger(struct wpa_supplicant *wpa_s, + union wpa_event_data *data) +{ +} + +static inline void sme_external_auth_mgmt_rx(struct wpa_supplicant *wpa_s, + const u8 *auth_frame, size_t len) +{ +} + #endif /* CONFIG_SME */ #endif /* SME_H */ diff --git a/contrib/wpa/wpa_supplicant/wifi_display.c b/contrib/wpa/wpa_supplicant/wifi_display.c index c363b21b92b1..c94e4610893a 100644 --- a/contrib/wpa/wpa_supplicant/wifi_display.c +++ b/contrib/wpa/wpa_supplicant/wifi_display.c @@ -86,6 +86,7 @@ static int wifi_display_update_wfd_ie(struct wpa_global *global) p2p_set_wfd_ie_prov_disc_resp(global->p2p, NULL); p2p_set_wfd_ie_go_neg(global->p2p, NULL); p2p_set_wfd_dev_info(global->p2p, NULL); + p2p_set_wfd_r2_dev_info(global->p2p, NULL); p2p_set_wfd_assoc_bssid(global->p2p, NULL); p2p_set_wfd_coupled_sink_info(global->p2p, NULL); return 0; @@ -93,6 +94,8 @@ static int wifi_display_update_wfd_ie(struct wpa_global *global) p2p_set_wfd_dev_info(global->p2p, global->wfd_subelem[WFD_SUBELEM_DEVICE_INFO]); + p2p_set_wfd_r2_dev_info( + global->p2p, global->wfd_subelem[WFD_SUBELEM_R2_DEVICE_INFO]); p2p_set_wfd_assoc_bssid( global->p2p, global->wfd_subelem[WFD_SUBELEM_ASSOCIATED_BSSID]); @@ -133,6 +136,11 @@ static int wifi_display_update_wfd_ie(struct wpa_global *global) if (global->wfd_subelem[WFD_SUBELEM_DEVICE_INFO]) len += wpabuf_len(global->wfd_subelem[ WFD_SUBELEM_DEVICE_INFO]); + + if (global->wfd_subelem[WFD_SUBELEM_R2_DEVICE_INFO]) + len += wpabuf_len(global->wfd_subelem[ + WFD_SUBELEM_R2_DEVICE_INFO]); + if (global->wfd_subelem[WFD_SUBELEM_ASSOCIATED_BSSID]) len += wpabuf_len(global->wfd_subelem[ WFD_SUBELEM_ASSOCIATED_BSSID]); @@ -151,6 +159,11 @@ static int wifi_display_update_wfd_ie(struct wpa_global *global) if (global->wfd_subelem[WFD_SUBELEM_DEVICE_INFO]) wpabuf_put_buf(buf, global->wfd_subelem[WFD_SUBELEM_DEVICE_INFO]); + + if (global->wfd_subelem[WFD_SUBELEM_R2_DEVICE_INFO]) + wpabuf_put_buf(buf, + global->wfd_subelem[WFD_SUBELEM_R2_DEVICE_INFO]); + if (global->wfd_subelem[WFD_SUBELEM_ASSOCIATED_BSSID]) wpabuf_put_buf(buf, global->wfd_subelem[ WFD_SUBELEM_ASSOCIATED_BSSID]); diff --git a/contrib/wpa/wpa_supplicant/wmm_ac.c b/contrib/wpa/wpa_supplicant/wmm_ac.c index 5625d36638b5..a88cc46f3956 100644 --- a/contrib/wpa/wpa_supplicant/wmm_ac.c +++ b/contrib/wpa/wpa_supplicant/wmm_ac.c @@ -87,13 +87,10 @@ static int wmm_ac_add_ts(struct wpa_supplicant *wpa_s, const u8 *addr, } /* copy tspec */ - _tspec = os_malloc(sizeof(*_tspec)); + _tspec = os_memdup(tspec, sizeof(*_tspec)); if (!_tspec) return -1; - /* store the admitted TSPEC */ - os_memcpy(_tspec, tspec, sizeof(*_tspec)); - if (dir != WMM_AC_DIR_DOWNLINK) { ret = wpa_drv_add_ts(wpa_s, tsid, addr, up, admitted_time); wpa_printf(MSG_DEBUG, diff --git a/contrib/wpa/wpa_supplicant/wnm_sta.c b/contrib/wpa/wpa_supplicant/wnm_sta.c index 67a07ff7b1e7..6b68fc9e3772 100644 --- a/contrib/wpa/wpa_supplicant/wnm_sta.c +++ b/contrib/wpa/wpa_supplicant/wnm_sta.c @@ -13,6 +13,7 @@ #include "common/ieee802_11_common.h" #include "common/wpa_ctrl.h" #include "rsn_supp/wpa.h" +#include "config.h" #include "wpa_supplicant_i.h" #include "driver_i.h" #include "scan.h" @@ -84,12 +85,11 @@ int ieee802_11_send_wnmsleep_req(struct wpa_supplicant *wpa_s, /* TFS IE(s) */ if (tfs_req) { wnmtfs_ie_len = wpabuf_len(tfs_req); - wnmtfs_ie = os_malloc(wnmtfs_ie_len); + wnmtfs_ie = os_memdup(wpabuf_head(tfs_req), wnmtfs_ie_len); if (wnmtfs_ie == NULL) { os_free(wnmsleep_ie); return -1; } - os_memcpy(wnmtfs_ie, wpabuf_head(tfs_req), wnmtfs_ie_len); } else { wnmtfs_ie = os_zalloc(MAX_TFS_IE_LEN); if (wnmtfs_ie == NULL) { @@ -338,6 +338,9 @@ void wnm_deallocate_memory(struct wpa_supplicant *wpa_s) wpa_s->wnm_num_neighbor_report = 0; os_free(wpa_s->wnm_neighbor_report_elements); wpa_s->wnm_neighbor_report_elements = NULL; + + wpabuf_free(wpa_s->coloc_intf_elems); + wpa_s->coloc_intf_elems = NULL; } @@ -501,10 +504,128 @@ static void wnm_parse_neighbor_report(struct wpa_supplicant *wpa_s, } +static void wnm_clear_acceptable(struct wpa_supplicant *wpa_s) +{ + unsigned int i; + + for (i = 0; i < wpa_s->wnm_num_neighbor_report; i++) + wpa_s->wnm_neighbor_report_elements[i].acceptable = 0; +} + + +static struct wpa_bss * get_first_acceptable(struct wpa_supplicant *wpa_s) +{ + unsigned int i; + struct neighbor_report *nei; + + for (i = 0; i < wpa_s->wnm_num_neighbor_report; i++) { + nei = &wpa_s->wnm_neighbor_report_elements[i]; + if (nei->acceptable) + return wpa_bss_get_bssid(wpa_s, nei->bssid); + } + + return NULL; +} + + +#ifdef CONFIG_MBO static struct wpa_bss * -compare_scan_neighbor_results(struct wpa_supplicant *wpa_s, os_time_t age_secs) +get_mbo_transition_candidate(struct wpa_supplicant *wpa_s, + enum mbo_transition_reject_reason *reason) { + struct wpa_bss *target = NULL; + struct wpa_bss_trans_info params; + struct wpa_bss_candidate_info *info = NULL; + struct neighbor_report *nei = wpa_s->wnm_neighbor_report_elements; + u8 *first_candidate_bssid = NULL, *pos; + unsigned int i; + + params.mbo_transition_reason = wpa_s->wnm_mbo_transition_reason; + params.n_candidates = 0; + params.bssid = os_calloc(wpa_s->wnm_num_neighbor_report, ETH_ALEN); + if (!params.bssid) + return NULL; + + pos = params.bssid; + for (i = 0; i < wpa_s->wnm_num_neighbor_report; nei++, i++) { + if (nei->is_first) + first_candidate_bssid = nei->bssid; + if (!nei->acceptable) + continue; + os_memcpy(pos, nei->bssid, ETH_ALEN); + pos += ETH_ALEN; + params.n_candidates++; + } + + if (!params.n_candidates) + goto end; + + info = wpa_drv_get_bss_trans_status(wpa_s, ¶ms); + if (!info) { + /* If failed to get candidate BSS transition status from driver, + * get the first acceptable candidate from wpa_supplicant. + */ + target = wpa_bss_get_bssid(wpa_s, params.bssid); + goto end; + } + + /* Get the first acceptable candidate from driver */ + for (i = 0; i < info->num; i++) { + if (info->candidates[i].is_accept) { + target = wpa_bss_get_bssid(wpa_s, + info->candidates[i].bssid); + goto end; + } + } + + /* If Disassociation Imminent is set and driver rejects all the + * candidate select first acceptable candidate which has + * rssi > disassoc_imminent_rssi_threshold + */ + if (wpa_s->wnm_mode & WNM_BSS_TM_REQ_DISASSOC_IMMINENT) { + for (i = 0; i < info->num; i++) { + target = wpa_bss_get_bssid(wpa_s, + info->candidates[i].bssid); + if (target && + (target->level < + wpa_s->conf->disassoc_imminent_rssi_threshold)) + continue; + goto end; + } + } + + /* While sending BTM reject use reason code of the first candidate + * received in BTM request frame + */ + if (reason) { + for (i = 0; i < info->num; i++) { + if (first_candidate_bssid && + os_memcmp(first_candidate_bssid, + info->candidates[i].bssid, ETH_ALEN) == 0) + { + *reason = info->candidates[i].reject_reason; + break; + } + } + } + + target = NULL; + +end: + os_free(params.bssid); + if (info) { + os_free(info->candidates); + os_free(info); + } + return target; +} +#endif /* CONFIG_MBO */ + +static struct wpa_bss * +compare_scan_neighbor_results(struct wpa_supplicant *wpa_s, os_time_t age_secs, + enum mbo_transition_reject_reason *reason) +{ u8 i; struct wpa_bss *bss = wpa_s->current_bss; struct wpa_bss *target; @@ -515,6 +636,8 @@ compare_scan_neighbor_results(struct wpa_supplicant *wpa_s, os_time_t age_secs) wpa_printf(MSG_DEBUG, "WNM: Current BSS " MACSTR " RSSI %d", MAC2STR(wpa_s->bssid), bss->level); + wnm_clear_acceptable(wpa_s); + for (i = 0; i < wpa_s->wnm_num_neighbor_report; i++) { struct neighbor_report *nei; @@ -564,7 +687,7 @@ compare_scan_neighbor_results(struct wpa_supplicant *wpa_s, os_time_t age_secs) if (wpa_s->current_ssid && !wpa_scan_res_match(wpa_s, 0, target, wpa_s->current_ssid, - 1)) { + 1, 0)) { wpa_printf(MSG_DEBUG, "Candidate BSS " MACSTR " (pref %d) does not match the current network profile", MAC2STR(nei->bssid), @@ -591,14 +714,26 @@ compare_scan_neighbor_results(struct wpa_supplicant *wpa_s, os_time_t age_secs) continue; } + nei->acceptable = 1; + } + +#ifdef CONFIG_MBO + if (wpa_s->wnm_mbo_trans_reason_present) + target = get_mbo_transition_candidate(wpa_s, reason); + else + target = get_first_acceptable(wpa_s); +#else /* CONFIG_MBO */ + target = get_first_acceptable(wpa_s); +#endif /* CONFIG_MBO */ + + if (target) { wpa_printf(MSG_DEBUG, "WNM: Found an acceptable preferred transition candidate BSS " MACSTR " (RSSI %d)", - MAC2STR(nei->bssid), target->level); - return target; + MAC2STR(target->bssid), target->level); } - return NULL; + return target; } @@ -651,36 +786,40 @@ static u32 wnm_get_bss_info(struct wpa_supplicant *wpa_s, struct wpa_bss *bss) } -static int wnm_add_nei_rep(u8 *buf, size_t len, const u8 *bssid, u32 bss_info, - u8 op_class, u8 chan, u8 phy_type, u8 pref) +static int wnm_add_nei_rep(struct wpabuf **buf, const u8 *bssid, + u32 bss_info, u8 op_class, u8 chan, u8 phy_type, + u8 pref) { - u8 *pos = buf; + if (wpabuf_len(*buf) + 18 > + IEEE80211_MAX_MMPDU_SIZE - IEEE80211_HDRLEN) { + wpa_printf(MSG_DEBUG, + "WNM: No room in frame for Neighbor Report element"); + return -1; + } - if (len < 18) { + if (wpabuf_resize(buf, 18) < 0) { wpa_printf(MSG_DEBUG, - "WNM: Not enough room for Neighbor Report element"); + "WNM: Failed to allocate memory for Neighbor Report element"); return -1; } - *pos++ = WLAN_EID_NEIGHBOR_REPORT; + wpabuf_put_u8(*buf, WLAN_EID_NEIGHBOR_REPORT); /* length: 13 for basic neighbor report + 3 for preference subelement */ - *pos++ = 16; - os_memcpy(pos, bssid, ETH_ALEN); - pos += ETH_ALEN; - WPA_PUT_LE32(pos, bss_info); - pos += 4; - *pos++ = op_class; - *pos++ = chan; - *pos++ = phy_type; - *pos++ = WNM_NEIGHBOR_BSS_TRANSITION_CANDIDATE; - *pos++ = 1; - *pos++ = pref; - return pos - buf; + wpabuf_put_u8(*buf, 16); + wpabuf_put_data(*buf, bssid, ETH_ALEN); + wpabuf_put_le32(*buf, bss_info); + wpabuf_put_u8(*buf, op_class); + wpabuf_put_u8(*buf, chan); + wpabuf_put_u8(*buf, phy_type); + wpabuf_put_u8(*buf, WNM_NEIGHBOR_BSS_TRANSITION_CANDIDATE); + wpabuf_put_u8(*buf, 1); + wpabuf_put_u8(*buf, pref); + return 0; } static int wnm_nei_rep_add_bss(struct wpa_supplicant *wpa_s, - struct wpa_bss *bss, u8 *buf, size_t len, + struct wpa_bss *bss, struct wpabuf **buf, u8 pref) { const u8 *ie; @@ -729,20 +868,19 @@ static int wnm_nei_rep_add_bss(struct wpa_supplicant *wpa_s, info = wnm_get_bss_info(wpa_s, bss); - return wnm_add_nei_rep(buf, len, bss->bssid, info, op_class, chan, - phy_type, pref); + return wnm_add_nei_rep(buf, bss->bssid, info, op_class, chan, phy_type, + pref); } -static int wnm_add_cand_list(struct wpa_supplicant *wpa_s, u8 *buf, size_t len) +static void wnm_add_cand_list(struct wpa_supplicant *wpa_s, struct wpabuf **buf) { - u8 *pos = buf; unsigned int i, pref = 255; struct os_reltime now; struct wpa_ssid *ssid = wpa_s->current_ssid; if (!ssid) - return 0; + return; /* * TODO: Define when scan results are no longer valid for the candidate @@ -750,7 +888,7 @@ static int wnm_add_cand_list(struct wpa_supplicant *wpa_s, u8 *buf, size_t len) */ os_get_reltime(&now); if (os_reltime_expired(&now, &wpa_s->last_scan, 10)) - return 0; + return; wpa_printf(MSG_DEBUG, "WNM: Add candidate list to BSS Transition Management Response frame"); @@ -758,93 +896,100 @@ static int wnm_add_cand_list(struct wpa_supplicant *wpa_s, u8 *buf, size_t len) struct wpa_bss *bss = wpa_s->last_scan_res[i]; int res; - if (wpa_scan_res_match(wpa_s, i, bss, ssid, 1)) { - res = wnm_nei_rep_add_bss(wpa_s, bss, pos, len, pref--); + if (wpa_scan_res_match(wpa_s, i, bss, ssid, 1, 0)) { + res = wnm_nei_rep_add_bss(wpa_s, bss, buf, pref--); if (res == -2) continue; /* could not build entry for BSS */ if (res < 0) break; /* no more room for candidates */ if (pref == 1) break; - - pos += res; - len -= res; } } - wpa_hexdump(MSG_DEBUG, - "WNM: BSS Transition Management Response candidate list", - buf, pos - buf); - - return pos - buf; + wpa_hexdump_buf(MSG_DEBUG, + "WNM: BSS Transition Management Response candidate list", + *buf); } +#define BTM_RESP_MIN_SIZE 5 + ETH_ALEN + static void wnm_send_bss_transition_mgmt_resp( struct wpa_supplicant *wpa_s, u8 dialog_token, - enum bss_trans_mgmt_status_code status, u8 delay, - const u8 *target_bssid) + enum bss_trans_mgmt_status_code status, + enum mbo_transition_reject_reason reason, + u8 delay, const u8 *target_bssid) { - u8 buf[2000], *pos; - struct ieee80211_mgmt *mgmt; - size_t len; + struct wpabuf *buf; int res; - wpa_printf(MSG_DEBUG, "WNM: Send BSS Transition Management Response " - "to " MACSTR " dialog_token=%u status=%u delay=%d", - MAC2STR(wpa_s->bssid), dialog_token, status, delay); + wpa_printf(MSG_DEBUG, + "WNM: Send BSS Transition Management Response to " MACSTR + " dialog_token=%u status=%u reason=%u delay=%d", + MAC2STR(wpa_s->bssid), dialog_token, status, reason, delay); if (!wpa_s->current_bss) { wpa_printf(MSG_DEBUG, "WNM: Current BSS not known - drop response"); return; } - mgmt = (struct ieee80211_mgmt *) buf; - os_memset(&buf, 0, sizeof(buf)); - os_memcpy(mgmt->da, wpa_s->bssid, ETH_ALEN); - os_memcpy(mgmt->sa, wpa_s->own_addr, ETH_ALEN); - os_memcpy(mgmt->bssid, wpa_s->bssid, ETH_ALEN); - mgmt->frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT, - WLAN_FC_STYPE_ACTION); - mgmt->u.action.category = WLAN_ACTION_WNM; - mgmt->u.action.u.bss_tm_resp.action = WNM_BSS_TRANS_MGMT_RESP; - mgmt->u.action.u.bss_tm_resp.dialog_token = dialog_token; - mgmt->u.action.u.bss_tm_resp.status_code = status; - mgmt->u.action.u.bss_tm_resp.bss_termination_delay = delay; - pos = mgmt->u.action.u.bss_tm_resp.variable; + buf = wpabuf_alloc(BTM_RESP_MIN_SIZE); + if (!buf) { + wpa_printf(MSG_DEBUG, + "WNM: Failed to allocate memory for BTM response"); + return; + } + + wpabuf_put_u8(buf, WLAN_ACTION_WNM); + wpabuf_put_u8(buf, WNM_BSS_TRANS_MGMT_RESP); + wpabuf_put_u8(buf, dialog_token); + wpabuf_put_u8(buf, status); + wpabuf_put_u8(buf, delay); if (target_bssid) { - os_memcpy(pos, target_bssid, ETH_ALEN); - pos += ETH_ALEN; + wpabuf_put_data(buf, target_bssid, ETH_ALEN); } else if (status == WNM_BSS_TM_ACCEPT) { /* * P802.11-REVmc clarifies that the Target BSSID field is always * present when status code is zero, so use a fake value here if * no BSSID is yet known. */ - os_memset(pos, 0, ETH_ALEN); - pos += ETH_ALEN; + wpabuf_put_data(buf, "\0\0\0\0\0\0", ETH_ALEN); } if (status == WNM_BSS_TM_ACCEPT) - pos += wnm_add_cand_list(wpa_s, pos, buf + sizeof(buf) - pos); + wnm_add_cand_list(wpa_s, &buf); #ifdef CONFIG_MBO - if (status != WNM_BSS_TM_ACCEPT) { - pos += wpas_mbo_ie_bss_trans_reject( - wpa_s, pos, buf + sizeof(buf) - pos, - MBO_TRANSITION_REJECT_REASON_UNSPECIFIED); + if (status != WNM_BSS_TM_ACCEPT && + wpa_bss_get_vendor_ie(wpa_s->current_bss, MBO_IE_VENDOR_TYPE)) { + u8 mbo[10]; + size_t ret; + + ret = wpas_mbo_ie_bss_trans_reject(wpa_s, mbo, sizeof(mbo), + reason); + if (ret) { + if (wpabuf_resize(&buf, ret) < 0) { + wpabuf_free(buf); + wpa_printf(MSG_DEBUG, + "WNM: Failed to allocate memory for MBO IE"); + return; + } + + wpabuf_put_data(buf, mbo, ret); + } } #endif /* CONFIG_MBO */ - len = pos - (u8 *) &mgmt->u.action.category; - res = wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid, wpa_s->own_addr, wpa_s->bssid, - &mgmt->u.action.category, len, 0); + wpabuf_head_u8(buf), wpabuf_len(buf), 0); if (res < 0) { wpa_printf(MSG_DEBUG, "WNM: Failed to send BSS Transition Management Response"); } + + wpabuf_free(buf); } @@ -863,10 +1008,10 @@ static void wnm_bss_tm_connect(struct wpa_supplicant *wpa_s, wpa_s->wnm_reply = 0; wpa_printf(MSG_DEBUG, "WNM: Sending successful BSS Transition Management Response"); - wnm_send_bss_transition_mgmt_resp(wpa_s, - wpa_s->wnm_dialog_token, - WNM_BSS_TM_ACCEPT, - 0, bss->bssid); + wnm_send_bss_transition_mgmt_resp( + wpa_s, wpa_s->wnm_dialog_token, WNM_BSS_TM_ACCEPT, + MBO_TRANSITION_REJECT_REASON_UNSPECIFIED, 0, + bss->bssid); } if (bss == wpa_s->current_bss) { @@ -888,6 +1033,8 @@ int wnm_scan_process(struct wpa_supplicant *wpa_s, int reply_on_fail) struct wpa_bss *bss; struct wpa_ssid *ssid = wpa_s->current_ssid; enum bss_trans_mgmt_status_code status = WNM_BSS_TM_REJECT_UNSPECIFIED; + enum mbo_transition_reject_reason reason = + MBO_TRANSITION_REJECT_REASON_UNSPECIFIED; if (!wpa_s->wnm_neighbor_report_elements) return 0; @@ -909,7 +1056,7 @@ int wnm_scan_process(struct wpa_supplicant *wpa_s, int reply_on_fail) } /* Compare the Neighbor Report and scan results */ - bss = compare_scan_neighbor_results(wpa_s, 0); + bss = compare_scan_neighbor_results(wpa_s, 0, &reason); if (!bss) { wpa_printf(MSG_DEBUG, "WNM: No BSS transition candidate match found"); status = WNM_BSS_TM_REJECT_NO_SUITABLE_CANDIDATES; @@ -930,7 +1077,7 @@ send_bss_resp_fail: wpa_s->wnm_reply = 0; wnm_send_bss_transition_mgmt_resp(wpa_s, wpa_s->wnm_dialog_token, - status, 0, NULL); + status, reason, 0, NULL); } wnm_deallocate_memory(wpa_s); @@ -1118,7 +1265,7 @@ static int wnm_fetch_scan_results(struct wpa_supplicant *wpa_s) return 0; } - bss = compare_scan_neighbor_results(wpa_s, WNM_SCAN_RESULT_AGE); + bss = compare_scan_neighbor_results(wpa_s, WNM_SCAN_RESULT_AGE, NULL); if (!bss) { wpa_dbg(wpa_s, MSG_DEBUG, "WNM: Comparison of scan results against transition candidates did not find matches"); @@ -1144,6 +1291,11 @@ static void ieee802_11_rx_bss_trans_mgmt_req(struct wpa_supplicant *wpa_s, if (end - pos < 5) return; +#ifdef CONFIG_MBO + wpa_s->wnm_mbo_trans_reason_present = 0; + wpa_s->wnm_mbo_transition_reason = 0; +#endif /* CONFIG_MBO */ + if (wpa_s->current_bss) beacon_int = wpa_s->current_bss->beacon_int; else @@ -1166,10 +1318,10 @@ static void ieee802_11_rx_bss_trans_mgmt_req(struct wpa_supplicant *wpa_s, wpa_printf(MSG_INFO, "WNM: Testing - reject BSS Transition Management Request: reject_btm_req_reason=%d", wpa_s->reject_btm_req_reason); - wnm_send_bss_transition_mgmt_resp(wpa_s, - wpa_s->wnm_dialog_token, - wpa_s->reject_btm_req_reason, - 0, NULL); + wnm_send_bss_transition_mgmt_resp( + wpa_s, wpa_s->wnm_dialog_token, + wpa_s->reject_btm_req_reason, + MBO_TRANSITION_REJECT_REASON_UNSPECIFIED, 0, NULL); return; } #endif /* CONFIG_MBO && CONFIG_TESTING_OPTIONS */ @@ -1248,6 +1400,15 @@ static void ieee802_11_rx_bss_trans_mgmt_req(struct wpa_supplicant *wpa_s, wpa_s->wnm_num_neighbor_report]; wnm_parse_neighbor_report(wpa_s, pos, len, rep); wpa_s->wnm_num_neighbor_report++; +#ifdef CONFIG_MBO + if (wpa_s->wnm_mbo_trans_reason_present && + wpa_s->wnm_num_neighbor_report == 1) { + rep->is_first = 1; + wpa_printf(MSG_DEBUG, + "WNM: First transition candidate is " + MACSTR, MAC2STR(rep->bssid)); + } +#endif /* CONFIG_MBO */ } pos += len; @@ -1259,7 +1420,8 @@ static void ieee802_11_rx_bss_trans_mgmt_req(struct wpa_supplicant *wpa_s, wnm_send_bss_transition_mgmt_resp( wpa_s, wpa_s->wnm_dialog_token, WNM_BSS_TM_REJECT_NO_SUITABLE_CANDIDATES, - 0, NULL); + MBO_TRANSITION_REJECT_REASON_UNSPECIFIED, 0, + NULL); return; } @@ -1322,19 +1484,21 @@ static void ieee802_11_rx_bss_trans_mgmt_req(struct wpa_supplicant *wpa_s, wpa_msg(wpa_s, MSG_INFO, "WNM: BSS Transition Management Request did not include candidates"); status = WNM_BSS_TM_REJECT_UNSPECIFIED; } - wnm_send_bss_transition_mgmt_resp(wpa_s, - wpa_s->wnm_dialog_token, - status, 0, NULL); + wnm_send_bss_transition_mgmt_resp( + wpa_s, wpa_s->wnm_dialog_token, status, + MBO_TRANSITION_REJECT_REASON_UNSPECIFIED, 0, NULL); } } +#define BTM_QUERY_MIN_SIZE 4 + int wnm_send_bss_transition_mgmt_query(struct wpa_supplicant *wpa_s, - u8 query_reason, int cand_list) + u8 query_reason, + const char *btm_candidates, + int cand_list) { - u8 buf[2000], *pos; - struct ieee80211_mgmt *mgmt; - size_t len; + struct wpabuf *buf; int ret; wpa_printf(MSG_DEBUG, "WNM: Send BSS Transition Management Query to " @@ -1342,28 +1506,43 @@ int wnm_send_bss_transition_mgmt_query(struct wpa_supplicant *wpa_s, MAC2STR(wpa_s->bssid), query_reason, cand_list ? " candidate list" : ""); - mgmt = (struct ieee80211_mgmt *) buf; - os_memset(&buf, 0, sizeof(buf)); - os_memcpy(mgmt->da, wpa_s->bssid, ETH_ALEN); - os_memcpy(mgmt->sa, wpa_s->own_addr, ETH_ALEN); - os_memcpy(mgmt->bssid, wpa_s->bssid, ETH_ALEN); - mgmt->frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT, - WLAN_FC_STYPE_ACTION); - mgmt->u.action.category = WLAN_ACTION_WNM; - mgmt->u.action.u.bss_tm_query.action = WNM_BSS_TRANS_MGMT_QUERY; - mgmt->u.action.u.bss_tm_query.dialog_token = 1; - mgmt->u.action.u.bss_tm_query.query_reason = query_reason; - pos = mgmt->u.action.u.bss_tm_query.variable; + buf = wpabuf_alloc(BTM_QUERY_MIN_SIZE); + if (!buf) + return -1; + + wpabuf_put_u8(buf, WLAN_ACTION_WNM); + wpabuf_put_u8(buf, WNM_BSS_TRANS_MGMT_QUERY); + wpabuf_put_u8(buf, 1); + wpabuf_put_u8(buf, query_reason); if (cand_list) - pos += wnm_add_cand_list(wpa_s, pos, buf + sizeof(buf) - pos); + wnm_add_cand_list(wpa_s, &buf); + + if (btm_candidates) { + const size_t max_len = 1000; + + ret = wpabuf_resize(&buf, max_len); + if (ret < 0) { + wpabuf_free(buf); + return ret; + } + + ret = ieee802_11_parse_candidate_list(btm_candidates, + wpabuf_put(buf, 0), + max_len); + if (ret < 0) { + wpabuf_free(buf); + return ret; + } - len = pos - (u8 *) &mgmt->u.action.category; + wpabuf_put(buf, ret); + } ret = wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid, wpa_s->own_addr, wpa_s->bssid, - &mgmt->u.action.category, len, 0); + wpabuf_head_u8(buf), wpabuf_len(buf), 0); + wpabuf_free(buf); return ret; } @@ -1468,6 +1647,32 @@ static void ieee802_11_rx_wnm_notif_req_wfa(struct wpa_supplicant *wpa_s, pos = next; continue; } + + if (ie == WLAN_EID_VENDOR_SPECIFIC && ie_len >= 5 && + WPA_GET_BE24(pos) == OUI_WFA && + pos[3] == HS20_WNM_T_C_ACCEPTANCE) { + const u8 *ie_end; + u8 url_len; + char *url; + + ie_end = pos + ie_len; + pos += 4; + url_len = *pos++; + wpa_printf(MSG_DEBUG, + "WNM: HS 2.0 Terms and Conditions Acceptance (URL Length %u)", + url_len); + if (url_len > ie_end - pos) + break; + url = os_malloc(url_len + 1); + if (!url) + break; + os_memcpy(url, pos, url_len); + url[url_len] = '\0'; + hs20_rx_t_c_acceptance(wpa_s, url); + os_free(url); + pos = next; + continue; + } #endif /* CONFIG_HS20 */ pos = next; @@ -1515,6 +1720,46 @@ static void ieee802_11_rx_wnm_notif_req(struct wpa_supplicant *wpa_s, } +static void ieee802_11_rx_wnm_coloc_intf_req(struct wpa_supplicant *wpa_s, + const u8 *sa, const u8 *frm, + int len) +{ + u8 dialog_token, req_info, auto_report, timeout; + + if (!wpa_s->conf->coloc_intf_reporting) + return; + + /* Dialog Token [1] | Request Info [1] */ + + if (len < 2) + return; + dialog_token = frm[0]; + req_info = frm[1]; + auto_report = req_info & 0x03; + timeout = req_info >> 2; + + wpa_dbg(wpa_s, MSG_DEBUG, + "WNM: Received Collocated Interference Request (dialog_token %u auto_report %u timeout %u sa " MACSTR ")", + dialog_token, auto_report, timeout, MAC2STR(sa)); + + if (dialog_token == 0) + return; /* only nonzero values are used for request */ + + if (wpa_s->wpa_state != WPA_COMPLETED || + os_memcmp(sa, wpa_s->bssid, ETH_ALEN) != 0) { + wpa_dbg(wpa_s, MSG_DEBUG, + "WNM: Collocated Interference Request frame not from current AP - ignore it"); + return; + } + + wpa_msg(wpa_s, MSG_INFO, COLOC_INTF_REQ "%u %u %u", + dialog_token, auto_report, timeout); + wpa_s->coloc_intf_dialog_token = dialog_token; + wpa_s->coloc_intf_auto_report = auto_report; + wpa_s->coloc_intf_timeout = timeout; +} + + void ieee802_11_rx_wnm_action(struct wpa_supplicant *wpa_s, const struct ieee80211_mgmt *mgmt, size_t len) { @@ -1548,8 +1793,75 @@ void ieee802_11_rx_wnm_action(struct wpa_supplicant *wpa_s, case WNM_NOTIFICATION_REQ: ieee802_11_rx_wnm_notif_req(wpa_s, mgmt->sa, pos, end - pos); break; + case WNM_COLLOCATED_INTERFERENCE_REQ: + ieee802_11_rx_wnm_coloc_intf_req(wpa_s, mgmt->sa, pos, + end - pos); + break; default: wpa_printf(MSG_ERROR, "WNM: Unknown request"); break; } } + + +int wnm_send_coloc_intf_report(struct wpa_supplicant *wpa_s, u8 dialog_token, + const struct wpabuf *elems) +{ + struct wpabuf *buf; + int ret; + + if (wpa_s->wpa_state < WPA_ASSOCIATED || !elems) + return -1; + + wpa_printf(MSG_DEBUG, "WNM: Send Collocated Interference Report to " + MACSTR " (dialog token %u)", + MAC2STR(wpa_s->bssid), dialog_token); + + buf = wpabuf_alloc(3 + wpabuf_len(elems)); + if (!buf) + return -1; + + wpabuf_put_u8(buf, WLAN_ACTION_WNM); + wpabuf_put_u8(buf, WNM_COLLOCATED_INTERFERENCE_REPORT); + wpabuf_put_u8(buf, dialog_token); + wpabuf_put_buf(buf, elems); + + ret = wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid, + wpa_s->own_addr, wpa_s->bssid, + wpabuf_head_u8(buf), wpabuf_len(buf), 0); + wpabuf_free(buf); + return ret; +} + + +void wnm_set_coloc_intf_elems(struct wpa_supplicant *wpa_s, + struct wpabuf *elems) +{ + wpabuf_free(wpa_s->coloc_intf_elems); + if (elems && wpabuf_len(elems) == 0) { + wpabuf_free(elems); + elems = NULL; + } + wpa_s->coloc_intf_elems = elems; + + if (wpa_s->conf->coloc_intf_reporting && wpa_s->coloc_intf_elems && + wpa_s->coloc_intf_dialog_token && + (wpa_s->coloc_intf_auto_report == 1 || + wpa_s->coloc_intf_auto_report == 3)) { + /* TODO: Check that there has not been less than + * wpa_s->coloc_intf_timeout * 200 TU from the last report. + */ + wnm_send_coloc_intf_report(wpa_s, + wpa_s->coloc_intf_dialog_token, + wpa_s->coloc_intf_elems); + } +} + + +void wnm_clear_coloc_intf_reporting(struct wpa_supplicant *wpa_s) +{ +#ifdef CONFIG_WNM + wpa_s->coloc_intf_dialog_token = 0; + wpa_s->coloc_intf_auto_report = 0; +#endif /* CONFIG_WNM */ +} diff --git a/contrib/wpa/wpa_supplicant/wnm_sta.h b/contrib/wpa/wpa_supplicant/wnm_sta.h index 81d815359634..29625f8ca943 100644 --- a/contrib/wpa/wpa_supplicant/wnm_sta.h +++ b/contrib/wpa/wpa_supplicant/wnm_sta.h @@ -43,6 +43,10 @@ struct neighbor_report { unsigned int rm_capab_present:1; unsigned int bearing_present:1; unsigned int bss_term_present:1; + unsigned int acceptable:1; +#ifdef CONFIG_MBO + unsigned int is_first:1; +#endif /* CONFIG_MBO */ struct measurement_pilot *meas_pilot; struct multiple_bssid *mul_bssid; int freq; @@ -56,13 +60,21 @@ void ieee802_11_rx_wnm_action(struct wpa_supplicant *wpa_s, const struct ieee80211_mgmt *mgmt, size_t len); int wnm_send_bss_transition_mgmt_query(struct wpa_supplicant *wpa_s, - u8 query_reason, int cand_list); + u8 query_reason, + const char *btm_candidates, + int cand_list); + void wnm_deallocate_memory(struct wpa_supplicant *wpa_s); +int wnm_send_coloc_intf_report(struct wpa_supplicant *wpa_s, u8 dialog_token, + const struct wpabuf *elems); +void wnm_set_coloc_intf_elems(struct wpa_supplicant *wpa_s, + struct wpabuf *elems); #ifdef CONFIG_WNM int wnm_scan_process(struct wpa_supplicant *wpa_s, int reply_on_fail); +void wnm_clear_coloc_intf_reporting(struct wpa_supplicant *wpa_s); #else /* CONFIG_WNM */ @@ -72,6 +84,10 @@ static inline int wnm_scan_process(struct wpa_supplicant *wpa_s, return 0; } +static inline void wnm_clear_coloc_intf_reporting(struct wpa_supplicant *wpa_s) +{ +} + #endif /* CONFIG_WNM */ #endif /* WNM_STA_H */ diff --git a/contrib/wpa/wpa_supplicant/wpa_cli.c b/contrib/wpa/wpa_supplicant/wpa_cli.c index a848b7737db5..779355440a01 100644 --- a/contrib/wpa/wpa_supplicant/wpa_cli.c +++ b/contrib/wpa/wpa_supplicant/wpa_cli.c @@ -1,6 +1,6 @@ /* * WPA Supplicant - command line interface for wpa_supplicant daemon - * Copyright (c) 2004-2016, Jouni Malinen <j@w1.fi> + * Copyright (c) 2004-2018, Jouni Malinen <j@w1.fi> * * This software may be distributed under the terms of the BSD license. * See README for more details. @@ -29,7 +29,7 @@ static const char *const wpa_cli_version = "wpa_cli v" VERSION_STR "\n" -"Copyright (c) 2004-2016, Jouni Malinen <j@w1.fi> and contributors"; +"Copyright (c) 2004-2018, Jouni Malinen <j@w1.fi> and contributors"; #define VENDOR_ELEM_FRAME_ID \ " 0: Probe Req (P2P), 1: Probe Resp (P2P) , 2: Probe Resp (GO), " \ @@ -60,6 +60,10 @@ static DEFINE_DL_LIST(p2p_peers); /* struct cli_txt_entry */ static DEFINE_DL_LIST(p2p_groups); /* struct cli_txt_entry */ static DEFINE_DL_LIST(ifnames); /* struct cli_txt_entry */ static DEFINE_DL_LIST(networks); /* struct cli_txt_entry */ +static DEFINE_DL_LIST(creds); /* struct cli_txt_entry */ +#ifdef CONFIG_AP +static DEFINE_DL_LIST(stations); /* struct cli_txt_entry */ +#endif /* CONFIG_AP */ static void print_help(const char *cmd); @@ -67,7 +71,9 @@ static void wpa_cli_mon_receive(int sock, void *eloop_ctx, void *sock_ctx); static void wpa_cli_close_connection(void); static char * wpa_cli_get_default_ifname(void); static char ** wpa_list_cmd_list(void); +static void update_creds(struct wpa_ctrl *ctrl); static void update_networks(struct wpa_ctrl *ctrl); +static void update_stations(struct wpa_ctrl *ctrl); static void usage(void) @@ -214,7 +220,7 @@ static void wpa_cli_msg_cb(char *msg, size_t len) } -static int _wpa_ctrl_command(struct wpa_ctrl *ctrl, char *cmd, int print) +static int _wpa_ctrl_command(struct wpa_ctrl *ctrl, const char *cmd, int print) { char buf[4096]; size_t len; @@ -250,7 +256,7 @@ static int _wpa_ctrl_command(struct wpa_ctrl *ctrl, char *cmd, int print) } -static int wpa_ctrl_command(struct wpa_ctrl *ctrl, char *cmd) +static int wpa_ctrl_command(struct wpa_ctrl *ctrl, const char *cmd) { return _wpa_ctrl_command(ctrl, cmd, 1); } @@ -331,6 +337,39 @@ static int wpa_cli_cmd_pmksa_flush(struct wpa_ctrl *ctrl, int argc, } +#ifdef CONFIG_PMKSA_CACHE_EXTERNAL + +static int wpa_cli_cmd_pmksa_get(struct wpa_ctrl *ctrl, int argc, char *argv[]) +{ + return wpa_cli_cmd(ctrl, "PMKSA_GET", 1, argc, argv); +} + + +static int wpa_cli_cmd_pmksa_add(struct wpa_ctrl *ctrl, int argc, char *argv[]) +{ + return wpa_cli_cmd(ctrl, "PMKSA_ADD", 8, argc, argv); +} + + +#ifdef CONFIG_MESH + +static int wpa_cli_mesh_cmd_pmksa_get(struct wpa_ctrl *ctrl, int argc, + char *argv[]) +{ + return wpa_cli_cmd(ctrl, "MESH_PMKSA_GET", 1, argc, argv); +} + + +static int wpa_cli_mesh_cmd_pmksa_add(struct wpa_ctrl *ctrl, int argc, + char *argv[]) +{ + return wpa_cli_cmd(ctrl, "MESH_PMKSA_ADD", 4, argc, argv); +} + +#endif /* CONFIG_MESH */ +#endif /* CONFIG_PMKSA_CACHE_EXTERNAL */ + + static int wpa_cli_cmd_help(struct wpa_ctrl *ctrl, int argc, char *argv[]) { print_help(argc > 0 ? argv[0] : NULL); @@ -437,11 +476,13 @@ static char ** wpa_cli_complete_set(const char *str, int pos) #endif /* CONFIG_P2P */ "country", "bss_max_count", "bss_expiration_age", "bss_expiration_scan_count", "filter_ssids", "filter_rssi", - "max_num_sta", "disassoc_low_ack", + "max_num_sta", "disassoc_low_ack", "ap_isolate", #ifdef CONFIG_HS20 "hs20", #endif /* CONFIG_HS20 */ "interworking", "hessid", "access_network_type", "pbc_in_m1", + "go_interworking", "go_access_network_type", "go_internet", + "go_venue_group", "go_venue_type", "autoscan", "wps_nfc_dev_pw_id", "wps_nfc_dh_pubkey", "wps_nfc_dh_privkey", "wps_nfc_dev_pw", "ext_password_backend", "p2p_go_max_inactivity", "auto_interworking", "okc", "pmf", @@ -455,6 +496,7 @@ static char ** wpa_cli_complete_set(const char *str, int pos) #ifdef CONFIG_TESTING_OPTIONS "ignore_auth_resp", #endif /* CONFIG_TESTING_OPTIONS */ + "relative_rssi", "relative_band_adjust", }; int i, num_fields = ARRAY_SIZE(fields); @@ -531,15 +573,18 @@ static char ** wpa_cli_complete_get(const char *str, int pos) #endif /* CONFIG_P2P */ "bss_max_count", "bss_expiration_age", "bss_expiration_scan_count", "filter_ssids", "filter_rssi", - "max_num_sta", "disassoc_low_ack", + "max_num_sta", "disassoc_low_ack", "ap_isolate", #ifdef CONFIG_HS20 "hs20", #endif /* CONFIG_HS20 */ "interworking", "access_network_type", "pbc_in_m1", "autoscan", + "go_interworking", "go_access_network_type", "go_internet", + "go_venue_group", "go_venue_type", "wps_nfc_dev_pw_id", "ext_password_backend", "p2p_go_max_inactivity", "auto_interworking", "okc", "pmf", "dtim_period", "beacon_int", "ignore_old_scan_res", "scan_cur_freq", "sched_scan_interval", + "sched_scan_start_delay", "tdls_external_control", "osu_dir", "wowlan_triggers", "p2p_search_delay", "mac_addr", "rand_addr_lifetime", "preassoc_mac_addr", "key_mgmt_offload", "passive_scan", @@ -639,13 +684,6 @@ static int wpa_cli_cmd_bss_flush(struct wpa_ctrl *ctrl, int argc, char *argv[]) } -static int wpa_cli_cmd_stkstart(struct wpa_ctrl *ctrl, int argc, - char *argv[]) -{ - return wpa_cli_cmd(ctrl, "STKSTART", 1, argc, argv); -} - - static int wpa_cli_cmd_ft_ds(struct wpa_ctrl *ctrl, int argc, char *argv[]) { return wpa_cli_cmd(ctrl, "FT_DS", 1, argc, argv); @@ -1332,7 +1370,8 @@ static const char *network_fields[] = { "ssid", "scan_ssid", "bssid", "bssid_blacklist", "bssid_whitelist", "psk", "proto", "key_mgmt", "bg_scan_period", "pairwise", "group", "auth_alg", "scan_freq", - "freq_list", "max_oper_chwidth", + "freq_list", "max_oper_chwidth", "ht40", "vht", "vht_center_freq1", + "vht_center_freq2", "ht", #ifdef IEEE8021X_EAPOL "eap", "identity", "anonymous_identity", "password", "ca_cert", "ca_path", "client_cert", "private_key", "private_key_passwd", @@ -1352,7 +1391,7 @@ static const char *network_fields[] = { "eap_workaround", "pac_file", "fragment_size", "ocsp", #endif /* IEEE8021X_EAPOL */ #ifdef CONFIG_MESH - "mode", "no_auto_peer", + "mode", "no_auto_peer", "mesh_rssi_threshold", #else /* CONFIG_MESH */ "mode", #endif /* CONFIG_MESH */ @@ -1360,7 +1399,7 @@ static const char *network_fields[] = { #ifdef CONFIG_IEEE80211W "ieee80211w", #endif /* CONFIG_IEEE80211W */ - "peerkey", "mixed_cell", "frequency", "fixed_freq", + "mixed_cell", "frequency", "fixed_freq", #ifdef CONFIG_MESH "mesh_basic_rates", "dot11MeshMaxRetries", "dot11MeshRetryTimeout", "dot11MeshConfirmTimeout", @@ -1386,6 +1425,9 @@ static const char *network_fields[] = { "ap_max_inactivity", "dtim_period", "beacon_int", #ifdef CONFIG_MACSEC "macsec_policy", + "macsec_integ_only", + "macsec_port", + "mka_priority", #endif /* CONFIG_MACSEC */ #ifdef CONFIG_HS20 "update_identifier", @@ -1479,14 +1521,56 @@ static int wpa_cli_cmd_list_creds(struct wpa_ctrl *ctrl, int argc, static int wpa_cli_cmd_add_cred(struct wpa_ctrl *ctrl, int argc, char *argv[]) { - return wpa_ctrl_command(ctrl, "ADD_CRED"); + int res = wpa_ctrl_command(ctrl, "ADD_CRED"); + if (interactive) + update_creds(ctrl); + return res; } static int wpa_cli_cmd_remove_cred(struct wpa_ctrl *ctrl, int argc, char *argv[]) { - return wpa_cli_cmd(ctrl, "REMOVE_CRED", 1, argc, argv); + int res = wpa_cli_cmd(ctrl, "REMOVE_CRED", 1, argc, argv); + if (interactive) + update_creds(ctrl); + return res; +} + + +static const char * const cred_fields[] = { + "temporary", "priority", "sp_priority", "pcsc", "eap", + "update_identifier", "min_dl_bandwidth_home", "min_ul_bandwidth_home", + "min_dl_bandwidth_roaming", "min_ul_bandwidth_roaming", "max_bss_load", + "req_conn_capab", "ocsp", "sim_num", "realm", "username", "password", + "ca_cert", "client_cert", "private_key", "private_key_passwd", "imsi", + "milenage", "domain_suffix_match", "domain", "phase1", "phase2", + "roaming_consortium", "required_roaming_consortium", "excluded_ssid", + "roaming_partner", "provisioning_sp" +}; + + +static char ** wpa_cli_complete_cred(const char *str, int pos) +{ + int arg = get_cmd_arg_num(str, pos); + int i, num_fields = ARRAY_SIZE(cred_fields); + char **res = NULL; + + switch (arg) { + case 1: + res = cli_txt_list_array(&creds); + break; + case 2: + res = os_calloc(num_fields + 1, sizeof(char *)); + if (res == NULL) + return NULL; + for (i = 0; i < num_fields; i++) { + res[i] = os_strdup(cred_fields[i]); + if (res[i] == NULL) + break; + } + } + return res; } @@ -1736,8 +1820,23 @@ static int wpa_cli_cmd_sta(struct wpa_ctrl *ctrl, int argc, char *argv[]) } -static int wpa_ctrl_command_sta(struct wpa_ctrl *ctrl, char *cmd, - char *addr, size_t addr_len) +static char ** wpa_cli_complete_sta(const char *str, int pos) +{ + int arg = get_cmd_arg_num(str, pos); + char **res = NULL; + + switch (arg) { + case 1: + res = cli_txt_list_array(&stations); + break; + } + + return res; +} + + +static int wpa_ctrl_command_sta(struct wpa_ctrl *ctrl, const char *cmd, + char *addr, size_t addr_len, int print) { char buf[4096], *pos; size_t len; @@ -1765,9 +1864,11 @@ static int wpa_ctrl_command_sta(struct wpa_ctrl *ctrl, char *cmd, } buf[len] = '\0'; - if (os_memcmp(buf, "FAIL", 4) == 0) + if (os_memcmp(buf, "FAIL", 4) == 0 || + os_memcmp(buf, "UNKNOWN COMMAND", 15) == 0) return -1; - printf("%s", buf); + if (print) + printf("%s", buf); pos = buf; while (*pos != '\0' && *pos != '\n') @@ -1782,16 +1883,33 @@ static int wpa_cli_cmd_all_sta(struct wpa_ctrl *ctrl, int argc, char *argv[]) { char addr[32], cmd[64]; - if (wpa_ctrl_command_sta(ctrl, "STA-FIRST", addr, sizeof(addr))) + if (wpa_ctrl_command_sta(ctrl, "STA-FIRST", addr, sizeof(addr), 1)) return 0; do { os_snprintf(cmd, sizeof(cmd), "STA-NEXT %s", addr); - } while (wpa_ctrl_command_sta(ctrl, cmd, addr, sizeof(addr)) == 0); + } while (wpa_ctrl_command_sta(ctrl, cmd, addr, sizeof(addr), 1) == 0); return -1; } +static int wpa_cli_cmd_list_sta(struct wpa_ctrl *ctrl, int argc, + char *argv[]) +{ + char addr[32], cmd[64]; + + if (wpa_ctrl_command_sta(ctrl, "STA-FIRST", addr, sizeof(addr), 0)) + return 0; + do { + if (os_strcmp(addr, "") != 0) + printf("%s\n", addr); + os_snprintf(cmd, sizeof(cmd), "STA-NEXT %s", addr); + } while (wpa_ctrl_command_sta(ctrl, cmd, addr, sizeof(addr), 0) == 0); + + return 0; +} + + static int wpa_cli_cmd_deauthenticate(struct wpa_ctrl *ctrl, int argc, char *argv[]) { @@ -1799,12 +1917,43 @@ static int wpa_cli_cmd_deauthenticate(struct wpa_ctrl *ctrl, int argc, } +static char ** wpa_cli_complete_deauthenticate(const char *str, int pos) +{ + int arg = get_cmd_arg_num(str, pos); + char **res = NULL; + + switch (arg) { + case 1: + res = cli_txt_list_array(&stations); + break; + } + + return res; +} + + static int wpa_cli_cmd_disassociate(struct wpa_ctrl *ctrl, int argc, char *argv[]) { return wpa_cli_cmd(ctrl, "DISASSOCIATE", 1, argc, argv); } + +static char ** wpa_cli_complete_disassociate(const char *str, int pos) +{ + int arg = get_cmd_arg_num(str, pos); + char **res = NULL; + + switch (arg) { + case 1: + res = cli_txt_list_array(&stations); + break; + } + + return res; +} + + static int wpa_cli_cmd_chanswitch(struct wpa_ctrl *ctrl, int argc, char *argv[]) { @@ -2176,7 +2325,7 @@ static char ** wpa_cli_complete_p2p_peer(const char *str, int pos) } -static int wpa_ctrl_command_p2p_peer(struct wpa_ctrl *ctrl, char *cmd, +static int wpa_ctrl_command_p2p_peer(struct wpa_ctrl *ctrl, const char *cmd, char *addr, size_t addr_len, int discovered) { @@ -2338,6 +2487,8 @@ static int wpa_cli_cmd_p2p_remove_client(struct wpa_ctrl *ctrl, int argc, return wpa_cli_cmd(ctrl, "P2P_REMOVE_CLIENT", 1, argc, argv); } +#endif /* CONFIG_P2P */ + static int wpa_cli_cmd_vendor_elem_add(struct wpa_ctrl *ctrl, int argc, char *argv[]) @@ -2359,7 +2510,6 @@ static int wpa_cli_cmd_vendor_elem_remove(struct wpa_ctrl *ctrl, int argc, return wpa_cli_cmd(ctrl, "VENDOR_ELEM_REMOVE", 2, argc, argv); } -#endif /* CONFIG_P2P */ #ifdef CONFIG_WIFI_DISPLAY @@ -2726,6 +2876,101 @@ static int wpa_cli_cmd_p2p_lo_stop(struct wpa_ctrl *ctrl, int argc, } +#ifdef CONFIG_DPP + +static int wpa_cli_cmd_dpp_qr_code(struct wpa_ctrl *ctrl, int argc, + char *argv[]) +{ + return wpa_cli_cmd(ctrl, "DPP_QR_CODE", 1, argc, argv); +} + + +static int wpa_cli_cmd_dpp_bootstrap_gen(struct wpa_ctrl *ctrl, int argc, + char *argv[]) +{ + return wpa_cli_cmd(ctrl, "DPP_BOOTSTRAP_GEN", 1, argc, argv); +} + + +static int wpa_cli_cmd_dpp_bootstrap_remove(struct wpa_ctrl *ctrl, int argc, + char *argv[]) +{ + return wpa_cli_cmd(ctrl, "DPP_BOOTSTRAP_REMOVE", 1, argc, argv); +} + + +static int wpa_cli_cmd_dpp_bootstrap_get_uri(struct wpa_ctrl *ctrl, int argc, + char *argv[]) +{ + return wpa_cli_cmd(ctrl, "DPP_BOOTSTRAP_GET_URI", 1, argc, argv); +} + + +static int wpa_cli_cmd_dpp_bootstrap_info(struct wpa_ctrl *ctrl, int argc, + char *argv[]) +{ + return wpa_cli_cmd(ctrl, "DPP_BOOTSTRAP_INFO", 1, argc, argv); +} + + +static int wpa_cli_cmd_dpp_auth_init(struct wpa_ctrl *ctrl, int argc, + char *argv[]) +{ + return wpa_cli_cmd(ctrl, "DPP_AUTH_INIT", 1, argc, argv); +} + + +static int wpa_cli_cmd_dpp_listen(struct wpa_ctrl *ctrl, int argc, + char *argv[]) +{ + return wpa_cli_cmd(ctrl, "DPP_LISTEN", 1, argc, argv); +} + + +static int wpa_cli_cmd_dpp_stop_listen(struct wpa_ctrl *ctrl, int argc, + char *argv[]) +{ + return wpa_ctrl_command(ctrl, "DPP_STOP_LISTEN"); +} + + +static int wpa_cli_cmd_dpp_configurator_add(struct wpa_ctrl *ctrl, int argc, + char *argv[]) +{ + return wpa_cli_cmd(ctrl, "DPP_CONFIGURATOR_ADD", 0, argc, argv); +} + + +static int wpa_cli_cmd_dpp_configurator_remove(struct wpa_ctrl *ctrl, int argc, + char *argv[]) +{ + return wpa_cli_cmd(ctrl, "DPP_CONFIGURATOR_REMOVE", 1, argc, argv); +} + + +static int wpa_cli_cmd_dpp_configurator_get_key(struct wpa_ctrl *ctrl, int argc, + char *argv[]) +{ + return wpa_cli_cmd(ctrl, "DPP_CONFIGURATOR_GET_KEY", 1, argc, argv); +} + + +static int wpa_cli_cmd_dpp_pkex_add(struct wpa_ctrl *ctrl, int argc, + char *argv[]) +{ + return wpa_cli_cmd(ctrl, "DPP_PKEX_ADD", 1, argc, argv); +} + + +static int wpa_cli_cmd_dpp_pkex_remove(struct wpa_ctrl *ctrl, int argc, + char *argv[]) +{ + return wpa_cli_cmd(ctrl, "DPP_PKEX_REMOVE", 1, argc, argv); +} + +#endif /* CONFIG_DPP */ + + enum wpa_cli_cmd_flags { cli_cmd_flag_none = 0x00, cli_cmd_flag_sensitive = 0x01 @@ -2798,6 +3043,22 @@ static const struct wpa_cli_cmd wpa_cli_commands[] = { { "pmksa_flush", wpa_cli_cmd_pmksa_flush, NULL, cli_cmd_flag_none, "= flush PMKSA cache entries" }, +#ifdef CONFIG_PMKSA_CACHE_EXTERNAL + { "pmksa_get", wpa_cli_cmd_pmksa_get, NULL, + cli_cmd_flag_none, + "<network_id> = fetch all stored PMKSA cache entries" }, + { "pmksa_add", wpa_cli_cmd_pmksa_add, NULL, + cli_cmd_flag_sensitive, + "<network_id> <BSSID> <PMKID> <PMK> <reauth_time in seconds> <expiration in seconds> <akmp> <opportunistic> = store PMKSA cache entry from external storage" }, +#ifdef CONFIG_MESH + { "mesh_pmksa_get", wpa_cli_mesh_cmd_pmksa_get, NULL, + cli_cmd_flag_none, + "<peer MAC address | any> = fetch all stored mesh PMKSA cache entries" }, + { "mesh_pmksa_add", wpa_cli_mesh_cmd_pmksa_add, NULL, + cli_cmd_flag_sensitive, + "<BSSID> <PMKID> <PMK> <expiration in seconds> = store mesh PMKSA cache entry from external storage" }, +#endif /* CONFIG_MESH */ +#endif /* CONFIG_PMKSA_CACHE_EXTERNAL */ { "reassociate", wpa_cli_cmd_reassociate, NULL, cli_cmd_flag_none, "= force reassociation" }, @@ -2807,30 +3068,30 @@ static const struct wpa_cli_cmd wpa_cli_commands[] = { { "preauthenticate", wpa_cli_cmd_preauthenticate, wpa_cli_complete_bss, cli_cmd_flag_none, "<BSSID> = force preauthentication" }, - { "identity", wpa_cli_cmd_identity, NULL, + { "identity", wpa_cli_cmd_identity, wpa_cli_complete_network_id, cli_cmd_flag_none, "<network id> <identity> = configure identity for an SSID" }, - { "password", wpa_cli_cmd_password, NULL, + { "password", wpa_cli_cmd_password, wpa_cli_complete_network_id, cli_cmd_flag_sensitive, "<network id> <password> = configure password for an SSID" }, - { "new_password", wpa_cli_cmd_new_password, NULL, - cli_cmd_flag_sensitive, + { "new_password", wpa_cli_cmd_new_password, + wpa_cli_complete_network_id, cli_cmd_flag_sensitive, "<network id> <password> = change password for an SSID" }, - { "pin", wpa_cli_cmd_pin, NULL, + { "pin", wpa_cli_cmd_pin, wpa_cli_complete_network_id, cli_cmd_flag_sensitive, "<network id> <pin> = configure pin for an SSID" }, - { "otp", wpa_cli_cmd_otp, NULL, + { "otp", wpa_cli_cmd_otp, wpa_cli_complete_network_id, cli_cmd_flag_sensitive, "<network id> <password> = configure one-time-password for an SSID" }, - { "passphrase", wpa_cli_cmd_passphrase, NULL, + { "passphrase", wpa_cli_cmd_passphrase, wpa_cli_complete_network_id, cli_cmd_flag_sensitive, "<network id> <passphrase> = configure private key passphrase\n" " for an SSID" }, - { "sim", wpa_cli_cmd_sim, NULL, + { "sim", wpa_cli_cmd_sim, wpa_cli_complete_network_id, cli_cmd_flag_sensitive, "<network id> <pin> = report SIM operation result" }, - { "bssid", wpa_cli_cmd_bssid, NULL, + { "bssid", wpa_cli_cmd_bssid, wpa_cli_complete_network_id, cli_cmd_flag_none, "<network id> <BSSID> = set preferred BSSID for an SSID" }, { "blacklist", wpa_cli_cmd_blacklist, wpa_cli_complete_bss, @@ -2884,10 +3145,10 @@ static const struct wpa_cli_cmd wpa_cli_commands[] = { { "remove_cred", wpa_cli_cmd_remove_cred, NULL, cli_cmd_flag_none, "<cred id> = remove a credential" }, - { "set_cred", wpa_cli_cmd_set_cred, NULL, + { "set_cred", wpa_cli_cmd_set_cred, wpa_cli_complete_cred, cli_cmd_flag_sensitive, "<cred id> <variable> <value> = set credential variables" }, - { "get_cred", wpa_cli_cmd_get_cred, NULL, + { "get_cred", wpa_cli_cmd_get_cred, wpa_cli_complete_cred, cli_cmd_flag_none, "<cred id> <variable> = get credential variables" }, { "save_config", wpa_cli_cmd_save_config, NULL, @@ -2951,9 +3212,6 @@ static const struct wpa_cli_cmd wpa_cli_commands[] = { { "bss_flush", wpa_cli_cmd_bss_flush, NULL, cli_cmd_flag_none, "<value> = set BSS flush age (0 by default)" }, - { "stkstart", wpa_cli_cmd_stkstart, NULL, - cli_cmd_flag_none, - "<addr> = request STK negotiation with <addr>" }, { "ft_ds", wpa_cli_cmd_ft_ds, wpa_cli_complete_bss, cli_cmd_flag_none, "<addr> = request over-the-DS FT with <addr>" }, @@ -3029,17 +3287,20 @@ static const struct wpa_cli_cmd wpa_cli_commands[] = { cli_cmd_flag_none, "<addr> = request RSN authentication with <addr> in IBSS" }, #ifdef CONFIG_AP - { "sta", wpa_cli_cmd_sta, NULL, + { "sta", wpa_cli_cmd_sta, wpa_cli_complete_sta, cli_cmd_flag_none, "<addr> = get information about an associated station (AP)" }, { "all_sta", wpa_cli_cmd_all_sta, NULL, cli_cmd_flag_none, "= get information about all associated stations (AP)" }, - { "deauthenticate", wpa_cli_cmd_deauthenticate, NULL, + { "list_sta", wpa_cli_cmd_list_sta, NULL, cli_cmd_flag_none, + "= list all stations (AP)" }, + { "deauthenticate", wpa_cli_cmd_deauthenticate, + wpa_cli_complete_deauthenticate, cli_cmd_flag_none, "<addr> = deauthenticate a station" }, - { "disassociate", wpa_cli_cmd_disassociate, NULL, - cli_cmd_flag_none, + { "disassociate", wpa_cli_cmd_disassociate, + wpa_cli_complete_disassociate, cli_cmd_flag_none, "<addr> = disassociate a station" }, { "chan_switch", wpa_cli_cmd_chanswitch, NULL, cli_cmd_flag_none, @@ -3168,6 +3429,7 @@ static const struct wpa_cli_cmd wpa_cli_commands[] = { { "p2p_remove_client", wpa_cli_cmd_p2p_remove_client, wpa_cli_complete_p2p_peer, cli_cmd_flag_none, "<address|iface=address> = remove a peer from all groups" }, +#endif /* CONFIG_P2P */ { "vendor_elem_add", wpa_cli_cmd_vendor_elem_add, NULL, cli_cmd_flag_none, "<frame id> <hexdump of elem(s)> = add vendor specific IEs to frame(s)\n" @@ -3180,7 +3442,6 @@ static const struct wpa_cli_cmd wpa_cli_commands[] = { cli_cmd_flag_none, "<frame id> <hexdump of elem(s)> = remove vendor specific IE(s) in frame(s)\n" VENDOR_ELEM_FRAME_ID }, -#endif /* CONFIG_P2P */ #ifdef CONFIG_WIFI_DISPLAY { "wfd_subelem_set", wpa_cli_cmd_wfd_subelem_set, NULL, cli_cmd_flag_none, @@ -3285,7 +3546,9 @@ static const struct wpa_cli_cmd wpa_cli_commands[] = { { "wnm_sleep", wpa_cli_cmd_wnm_sleep, NULL, cli_cmd_flag_none, "<enter/exit> [interval=#] = enter/exit WNM-Sleep mode" }, { "wnm_bss_query", wpa_cli_cmd_wnm_bss_query, NULL, cli_cmd_flag_none, - "<query reason> [list] = Send BSS Transition Management Query" }, + "<query reason> [list]" + " [neighbor=<BSSID>,<BSSID information>,<operating class>,<channel number>,<PHY type>[,<hexdump of optional subelements>]" + " = Send BSS Transition Management Query" }, #endif /* CONFIG_WNM */ { "raw", wpa_cli_cmd_raw, NULL, cli_cmd_flag_sensitive, "<params..> = Sent unprocessed command" }, @@ -3320,6 +3583,44 @@ static const struct wpa_cli_cmd wpa_cli_commands[] = { { "p2p_lo_stop", wpa_cli_cmd_p2p_lo_stop, NULL, cli_cmd_flag_none, "= stop P2P listen offload" }, +#ifdef CONFIG_DPP + { "dpp_qr_code", wpa_cli_cmd_dpp_qr_code, NULL, cli_cmd_flag_none, + "report a scanned DPP URI from a QR Code" }, + { "dpp_bootstrap_gen", wpa_cli_cmd_dpp_bootstrap_gen, NULL, + cli_cmd_flag_sensitive, + "type=<qrcode> [chan=..] [mac=..] [info=..] [curve=..] [key=..] = generate DPP bootstrap information" }, + { "dpp_bootstrap_remove", wpa_cli_cmd_dpp_bootstrap_remove, NULL, + cli_cmd_flag_none, + "*|<id> = remove DPP bootstrap information" }, + { "dpp_bootstrap_get_uri", wpa_cli_cmd_dpp_bootstrap_get_uri, NULL, + cli_cmd_flag_none, + "<id> = get DPP bootstrap URI" }, + { "dpp_bootstrap_info", wpa_cli_cmd_dpp_bootstrap_info, NULL, + cli_cmd_flag_none, + "<id> = show DPP bootstrap information" }, + { "dpp_auth_init", wpa_cli_cmd_dpp_auth_init, NULL, cli_cmd_flag_none, + "peer=<id> [own=<id>] = initiate DPP bootstrapping" }, + { "dpp_listen", wpa_cli_cmd_dpp_listen, NULL, cli_cmd_flag_none, + "<freq in MHz> = start DPP listen" }, + { "dpp_stop_listen", wpa_cli_cmd_dpp_stop_listen, NULL, + cli_cmd_flag_none, + "= stop DPP listen" }, + { "dpp_configurator_add", wpa_cli_cmd_dpp_configurator_add, NULL, + cli_cmd_flag_sensitive, + "[curve=..] [key=..] = add DPP configurator" }, + { "dpp_configurator_remove", wpa_cli_cmd_dpp_configurator_remove, NULL, + cli_cmd_flag_none, + "*|<id> = remove DPP configurator" }, + { "dpp_configurator_get_key", wpa_cli_cmd_dpp_configurator_get_key, + NULL, cli_cmd_flag_none, + "<id> = Get DPP configurator's private key" }, + { "dpp_pkex_add", wpa_cli_cmd_dpp_pkex_add, NULL, + cli_cmd_flag_sensitive, + "add PKEX code" }, + { "dpp_pkex_remove", wpa_cli_cmd_dpp_pkex_remove, NULL, + cli_cmd_flag_none, + "*|<id> = remove DPP pkex information" }, +#endif /* CONFIG_DPP */ { NULL, NULL, NULL, cli_cmd_flag_none, NULL } }; @@ -3638,6 +3939,10 @@ static void wpa_cli_action_process(const char *msg) wpa_cli_exec(action_file, ifname, pos); } else if (str_starts(pos, WPS_EVENT_SUCCESS)) { wpa_cli_exec(action_file, ifname, pos); + } else if (str_starts(pos, WPS_EVENT_ACTIVE)) { + wpa_cli_exec(action_file, ifname, pos); + } else if (str_starts(pos, WPS_EVENT_TIMEOUT)) { + wpa_cli_exec(action_file, ifname, pos); } else if (str_starts(pos, WPS_EVENT_FAIL)) { wpa_cli_exec(action_file, ifname, pos); } else if (str_starts(pos, AP_STA_CONNECTED)) { @@ -3650,6 +3955,8 @@ static void wpa_cli_action_process(const char *msg) wpa_cli_exec(action_file, ifname, pos); } else if (str_starts(pos, HS20_DEAUTH_IMMINENT_NOTICE)) { wpa_cli_exec(action_file, ifname, pos); + } else if (str_starts(pos, HS20_T_C_ACCEPTANCE)) { + wpa_cli_exec(action_file, ifname, pos); } else if (str_starts(pos, WPA_EVENT_TERMINATING)) { printf("wpa_supplicant is terminating - stop monitoring\n"); wpa_cli_quit = 1; @@ -3675,6 +3982,7 @@ static void wpa_cli_reconnect(void) edit_clear_line(); printf("\rConnection to wpa_supplicant re-established\n"); edit_redraw(); + update_stations(ctrl_conn); } } @@ -3897,7 +4205,7 @@ static void update_bssid_list(struct wpa_ctrl *ctrl) char buf[4096]; size_t len = sizeof(buf); int ret; - char *cmd = "BSS RANGE=ALL MASK=0x2"; + const char *cmd = "BSS RANGE=ALL MASK=0x2"; char *pos, *end; if (ctrl == NULL) @@ -3928,7 +4236,7 @@ static void update_ifnames(struct wpa_ctrl *ctrl) char buf[4096]; size_t len = sizeof(buf); int ret; - char *cmd = "INTERFACES"; + const char *cmd = "INTERFACES"; char *pos, *end; char txt[200]; @@ -3955,12 +4263,44 @@ static void update_ifnames(struct wpa_ctrl *ctrl) } +static void update_creds(struct wpa_ctrl *ctrl) +{ + char buf[4096]; + size_t len = sizeof(buf); + int ret; + const char *cmd = "LIST_CREDS"; + char *pos, *end; + int header = 1; + + cli_txt_list_flush(&creds); + + if (ctrl == NULL) + return; + ret = wpa_ctrl_request(ctrl, cmd, os_strlen(cmd), buf, &len, NULL); + if (ret < 0) + return; + buf[len] = '\0'; + + pos = buf; + while (pos) { + end = os_strchr(pos, '\n'); + if (end == NULL) + break; + *end = '\0'; + if (!header) + cli_txt_list_add_word(&creds, pos, '\t'); + header = 0; + pos = end + 1; + } +} + + static void update_networks(struct wpa_ctrl *ctrl) { char buf[4096]; size_t len = sizeof(buf); int ret; - char *cmd = "LIST_NETWORKS"; + const char *cmd = "LIST_NETWORKS"; char *pos, *end; int header = 1; @@ -3987,6 +4327,27 @@ static void update_networks(struct wpa_ctrl *ctrl) } +static void update_stations(struct wpa_ctrl *ctrl) +{ +#ifdef CONFIG_AP + char addr[32], cmd[64]; + + if (!ctrl || !interactive) + return; + + cli_txt_list_flush(&stations); + + if (wpa_ctrl_command_sta(ctrl, "STA-FIRST", addr, sizeof(addr), 0)) + return; + do { + if (os_strcmp(addr, "") != 0) + cli_txt_list_add(&stations, addr); + os_snprintf(cmd, sizeof(cmd), "STA-NEXT %s", addr); + } while (wpa_ctrl_command_sta(ctrl, cmd, addr, sizeof(addr), 0) == 0); +#endif /* CONFIG_AP */ +} + + static void try_connection(void *eloop_ctx, void *timeout_ctx) { if (ctrl_conn) @@ -4007,7 +4368,9 @@ static void try_connection(void *eloop_ctx, void *timeout_ctx) } update_bssid_list(ctrl_conn); + update_creds(ctrl_conn); update_networks(ctrl_conn); + update_stations(ctrl_conn); if (warning_displayed) printf("Connection established.\n"); @@ -4029,6 +4392,7 @@ static void wpa_cli_interactive(void) cli_txt_list_flush(&p2p_groups); cli_txt_list_flush(&bsses); cli_txt_list_flush(&ifnames); + cli_txt_list_flush(&creds); cli_txt_list_flush(&networks); if (edit_started) edit_deinit(hfile, wpa_cli_edit_filter_history_cb); @@ -4254,6 +4618,7 @@ int main(int argc, char *argv[]) "control interface\n"); } } + update_stations(ctrl_conn); } } diff --git a/contrib/wpa/wpa_supplicant/wpa_passphrase.c b/contrib/wpa/wpa_supplicant/wpa_passphrase.c index 9b568f0f7c67..adca1cce13ee 100644 --- a/contrib/wpa/wpa_supplicant/wpa_passphrase.c +++ b/contrib/wpa/wpa_supplicant/wpa_passphrase.c @@ -17,6 +17,7 @@ int main(int argc, char *argv[]) unsigned char psk[32]; int i; char *ssid, *passphrase, buf[64], *pos; + size_t len; if (argc < 2) { printf("usage: wpa_passphrase <ssid> [passphrase]\n" @@ -47,10 +48,15 @@ int main(int argc, char *argv[]) passphrase = buf; } - if (os_strlen(passphrase) < 8 || os_strlen(passphrase) > 63) { + len = os_strlen(passphrase); + if (len < 8 || len > 63) { printf("Passphrase must be 8..63 characters\n"); return 1; } + if (has_ctrl_char((u8 *) passphrase, len)) { + printf("Invalid passphrase character\n"); + return 1; + } pbkdf2_sha1(passphrase, (u8 *) ssid, os_strlen(ssid), 4096, psk, 32); diff --git a/contrib/wpa/wpa_supplicant/wpa_priv.c b/contrib/wpa/wpa_supplicant/wpa_priv.c index 511df4f18148..b3ad45eca516 100644 --- a/contrib/wpa/wpa_supplicant/wpa_priv.c +++ b/contrib/wpa/wpa_supplicant/wpa_priv.c @@ -21,6 +21,7 @@ #include "common/privsep_commands.h" #include "common/ieee802_11_defs.h" +#define WPA_PRIV_MAX_L2 3 struct wpa_priv_interface { struct wpa_priv_interface *next; @@ -35,11 +36,16 @@ struct wpa_priv_interface { void *drv_priv; void *drv_global_priv; struct sockaddr_un drv_addr; + socklen_t drv_addr_len; int wpas_registered; - /* TODO: add support for multiple l2 connections */ - struct l2_packet_data *l2; - struct sockaddr_un l2_addr; + struct l2_packet_data *l2[WPA_PRIV_MAX_L2]; + struct sockaddr_un l2_addr[WPA_PRIV_MAX_L2]; + socklen_t l2_addr_len[WPA_PRIV_MAX_L2]; + struct wpa_priv_l2 { + struct wpa_priv_interface *parent; + int idx; + } l2_ctx[WPA_PRIV_MAX_L2]; }; struct wpa_priv_global { @@ -48,8 +54,10 @@ struct wpa_priv_global { static void wpa_priv_cmd_register(struct wpa_priv_interface *iface, - struct sockaddr_un *from) + struct sockaddr_un *from, socklen_t fromlen) { + int i; + if (iface->drv_priv) { wpa_printf(MSG_DEBUG, "Cleaning up forgotten driver instance"); if (iface->driver->deinit) @@ -62,11 +70,13 @@ static void wpa_priv_cmd_register(struct wpa_priv_interface *iface, iface->wpas_registered = 0; } - if (iface->l2) { - wpa_printf(MSG_DEBUG, "Cleaning up forgotten l2_packet " - "instance"); - l2_packet_deinit(iface->l2); - iface->l2 = NULL; + for (i = 0; i < WPA_PRIV_MAX_L2; i++) { + if (iface->l2[i]) { + wpa_printf(MSG_DEBUG, + "Cleaning up forgotten l2_packet instance"); + l2_packet_deinit(iface->l2[i]); + iface->l2[i] = NULL; + } } if (iface->driver->init2) { @@ -96,7 +106,8 @@ static void wpa_priv_cmd_register(struct wpa_priv_interface *iface, wpa_printf(MSG_DEBUG, "Driver wrapper '%s' initialized for interface " "'%s'", iface->driver_name, iface->ifname); - os_memcpy(&iface->drv_addr, from, sizeof(iface->drv_addr)); + os_memcpy(&iface->drv_addr, from, fromlen); + iface->drv_addr_len = fromlen; iface->wpas_registered = 1; if (iface->driver->set_param && @@ -123,18 +134,43 @@ static void wpa_priv_cmd_unregister(struct wpa_priv_interface *iface, static void wpa_priv_cmd_scan(struct wpa_priv_interface *iface, - char *buf, size_t len) + void *buf, size_t len) { struct wpa_driver_scan_params params; + struct privsep_cmd_scan *scan; + unsigned int i; + int freqs[PRIVSEP_MAX_SCAN_FREQS + 1]; if (iface->drv_priv == NULL) return; + if (len < sizeof(*scan)) { + wpa_printf(MSG_DEBUG, "Invalid scan request"); + return; + } + + scan = buf; + os_memset(¶ms, 0, sizeof(params)); - if (len) { - params.ssids[0].ssid = (u8 *) buf; - params.ssids[0].ssid_len = len; - params.num_ssids = 1; + if (scan->num_ssids > WPAS_MAX_SCAN_SSIDS) { + wpa_printf(MSG_DEBUG, "Invalid scan request (num_ssids)"); + return; + } + params.num_ssids = scan->num_ssids; + for (i = 0; i < scan->num_ssids; i++) { + params.ssids[i].ssid = scan->ssids[i]; + params.ssids[i].ssid_len = scan->ssid_lens[i]; + } + + if (scan->num_freqs > PRIVSEP_MAX_SCAN_FREQS) { + wpa_printf(MSG_DEBUG, "Invalid scan request (num_freqs)"); + return; + } + if (scan->num_freqs) { + for (i = 0; i < scan->num_freqs; i++) + freqs[i] = scan->freqs[i]; + freqs[i] = 0; + params.freqs = freqs; } if (iface->driver->scan2) @@ -143,7 +179,8 @@ static void wpa_priv_cmd_scan(struct wpa_priv_interface *iface, static void wpa_priv_get_scan_results2(struct wpa_priv_interface *iface, - struct sockaddr_un *from) + struct sockaddr_un *from, + socklen_t fromlen) { struct wpa_scan_results *res; u8 *buf = NULL, *pos, *end; @@ -165,7 +202,7 @@ static void wpa_priv_get_scan_results2(struct wpa_priv_interface *iface, for (i = 0; i < res->num; i++) { struct wpa_scan_res *r = res->res[i]; - val = sizeof(*r) + r->ie_len; + val = sizeof(*r) + r->ie_len + r->beacon_ie_len; if (end - pos < (int) sizeof(int) + val) break; os_memcpy(pos, &val, sizeof(int)); @@ -174,8 +211,7 @@ static void wpa_priv_get_scan_results2(struct wpa_priv_interface *iface, pos += val; } - sendto(iface->fd, buf, pos - buf, 0, (struct sockaddr *) from, - sizeof(*from)); + sendto(iface->fd, buf, pos - buf, 0, (struct sockaddr *) from, fromlen); os_free(buf); wpa_scan_results_free(res); @@ -184,21 +220,21 @@ static void wpa_priv_get_scan_results2(struct wpa_priv_interface *iface, fail: os_free(buf); wpa_scan_results_free(res); - sendto(iface->fd, "", 0, 0, (struct sockaddr *) from, sizeof(*from)); + sendto(iface->fd, "", 0, 0, (struct sockaddr *) from, fromlen); } static void wpa_priv_cmd_get_scan_results(struct wpa_priv_interface *iface, - struct sockaddr_un *from) + struct sockaddr_un *from, + socklen_t fromlen) { if (iface->drv_priv == NULL) return; if (iface->driver->get_scan_results2) - wpa_priv_get_scan_results2(iface, from); + wpa_priv_get_scan_results2(iface, from, fromlen); else - sendto(iface->fd, "", 0, 0, (struct sockaddr *) from, - sizeof(*from)); + sendto(iface->fd, "", 0, 0, (struct sockaddr *) from, fromlen); } @@ -218,7 +254,7 @@ static void wpa_priv_cmd_authenticate(struct wpa_priv_interface *iface, } auth = buf; - if (sizeof(*auth) + auth->ie_len + auth->sae_data_len > len) { + if (sizeof(*auth) + auth->ie_len + auth->auth_data_len > len) { wpa_printf(MSG_DEBUG, "Authentication request overflow"); return; } @@ -244,9 +280,9 @@ static void wpa_priv_cmd_authenticate(struct wpa_priv_interface *iface, params.ie = (u8 *) (auth + 1); params.ie_len = auth->ie_len; } - if (auth->sae_data_len) { - params.sae_data = ((u8 *) (auth + 1)) + auth->ie_len; - params.sae_data_len = auth->sae_data_len; + if (auth->auth_data_len) { + params.auth_data = ((u8 *) (auth + 1)) + auth->ie_len; + params.auth_data_len = auth->auth_data_len; } res = iface->driver->authenticate(iface->drv_priv, ¶ms); @@ -303,7 +339,7 @@ static void wpa_priv_cmd_associate(struct wpa_priv_interface *iface, static void wpa_priv_cmd_get_bssid(struct wpa_priv_interface *iface, - struct sockaddr_un *from) + struct sockaddr_un *from, socklen_t fromlen) { u8 bssid[ETH_ALEN]; @@ -315,16 +351,16 @@ static void wpa_priv_cmd_get_bssid(struct wpa_priv_interface *iface, goto fail; sendto(iface->fd, bssid, ETH_ALEN, 0, (struct sockaddr *) from, - sizeof(*from)); + fromlen); return; fail: - sendto(iface->fd, "", 0, 0, (struct sockaddr *) from, sizeof(*from)); + sendto(iface->fd, "", 0, 0, (struct sockaddr *) from, fromlen); } static void wpa_priv_cmd_get_ssid(struct wpa_priv_interface *iface, - struct sockaddr_un *from) + struct sockaddr_un *from, socklen_t fromlen) { u8 ssid[sizeof(int) + SSID_MAX_LEN]; int res; @@ -335,17 +371,18 @@ static void wpa_priv_cmd_get_ssid(struct wpa_priv_interface *iface, if (iface->driver->get_ssid == NULL) goto fail; + os_memset(ssid, 0, sizeof(ssid)); res = iface->driver->get_ssid(iface->drv_priv, &ssid[sizeof(int)]); if (res < 0 || res > SSID_MAX_LEN) goto fail; os_memcpy(ssid, &res, sizeof(int)); sendto(iface->fd, ssid, sizeof(ssid), 0, (struct sockaddr *) from, - sizeof(*from)); + fromlen); return; fail: - sendto(iface->fd, "", 0, 0, (struct sockaddr *) from, sizeof(*from)); + sendto(iface->fd, "", 0, 0, (struct sockaddr *) from, fromlen); } @@ -378,7 +415,7 @@ static void wpa_priv_cmd_set_key(struct wpa_priv_interface *iface, static void wpa_priv_cmd_get_capa(struct wpa_priv_interface *iface, - struct sockaddr_un *from) + struct sockaddr_un *from, socklen_t fromlen) { struct wpa_driver_capa capa; @@ -394,18 +431,19 @@ static void wpa_priv_cmd_get_capa(struct wpa_priv_interface *iface, capa.extended_capa_mask = NULL; capa.extended_capa_len = 0; sendto(iface->fd, &capa, sizeof(capa), 0, (struct sockaddr *) from, - sizeof(*from)); + fromlen); return; fail: - sendto(iface->fd, "", 0, 0, (struct sockaddr *) from, sizeof(*from)); + sendto(iface->fd, "", 0, 0, (struct sockaddr *) from, fromlen); } static void wpa_priv_l2_rx(void *ctx, const u8 *src_addr, const u8 *buf, size_t len) { - struct wpa_priv_interface *iface = ctx; + struct wpa_priv_l2 *l2_ctx = ctx; + struct wpa_priv_interface *iface = l2_ctx->parent; struct msghdr msg; struct iovec io[2]; @@ -417,8 +455,8 @@ static void wpa_priv_l2_rx(void *ctx, const u8 *src_addr, const u8 *buf, os_memset(&msg, 0, sizeof(msg)); msg.msg_iov = io; msg.msg_iovlen = 2; - msg.msg_name = &iface->l2_addr; - msg.msg_namelen = sizeof(iface->l2_addr); + msg.msg_name = &iface->l2_addr[l2_ctx->idx]; + msg.msg_namelen = iface->l2_addr_len[l2_ctx->idx]; if (sendmsg(iface->fd, &msg, 0) < 0) { wpa_printf(MSG_ERROR, "sendmsg(l2 rx): %s", strerror(errno)); @@ -426,14 +464,23 @@ static void wpa_priv_l2_rx(void *ctx, const u8 *src_addr, const u8 *buf, } +static int wpa_priv_allowed_l2_proto(u16 proto) +{ + return proto == ETH_P_EAPOL || proto == ETH_P_RSN_PREAUTH || + proto == ETH_P_80211_ENCAP; +} + + static void wpa_priv_cmd_l2_register(struct wpa_priv_interface *iface, struct sockaddr_un *from, + socklen_t fromlen, void *buf, size_t len) { int *reg_cmd = buf; u8 own_addr[ETH_ALEN]; int res; u16 proto; + int idx; if (len != 2 * sizeof(int)) { wpa_printf(MSG_DEBUG, "Invalid l2_register length %lu", @@ -442,50 +489,69 @@ static void wpa_priv_cmd_l2_register(struct wpa_priv_interface *iface, } proto = reg_cmd[0]; - if (proto != ETH_P_EAPOL && proto != ETH_P_RSN_PREAUTH && - proto != ETH_P_80211_ENCAP) { + if (!wpa_priv_allowed_l2_proto(proto)) { wpa_printf(MSG_DEBUG, "Refused l2_packet connection for " "ethertype 0x%x", proto); return; } - if (iface->l2) { - wpa_printf(MSG_DEBUG, "Cleaning up forgotten l2_packet " - "instance"); - l2_packet_deinit(iface->l2); - iface->l2 = NULL; + for (idx = 0; idx < WPA_PRIV_MAX_L2; idx++) { + if (!iface->l2[idx]) + break; + } + if (idx == WPA_PRIV_MAX_L2) { + wpa_printf(MSG_DEBUG, "No free l2_packet connection found"); + return; } - os_memcpy(&iface->l2_addr, from, sizeof(iface->l2_addr)); + os_memcpy(&iface->l2_addr[idx], from, fromlen); + iface->l2_addr_len[idx] = fromlen; - iface->l2 = l2_packet_init(iface->ifname, NULL, proto, - wpa_priv_l2_rx, iface, reg_cmd[1]); - if (iface->l2 == NULL) { + iface->l2_ctx[idx].idx = idx; + iface->l2_ctx[idx].parent = iface; + iface->l2[idx] = l2_packet_init(iface->ifname, NULL, proto, + wpa_priv_l2_rx, &iface->l2_ctx[idx], + reg_cmd[1]); + if (!iface->l2[idx]) { wpa_printf(MSG_DEBUG, "Failed to initialize l2_packet " "instance for protocol %d", proto); return; } - if (l2_packet_get_own_addr(iface->l2, own_addr) < 0) { + if (l2_packet_get_own_addr(iface->l2[idx], own_addr) < 0) { wpa_printf(MSG_DEBUG, "Failed to get own address from " "l2_packet"); - l2_packet_deinit(iface->l2); - iface->l2 = NULL; + l2_packet_deinit(iface->l2[idx]); + iface->l2[idx] = NULL; return; } res = sendto(iface->fd, own_addr, ETH_ALEN, 0, - (struct sockaddr *) from, sizeof(*from)); - wpa_printf(MSG_DEBUG, "L2 registration: res=%d", res); + (struct sockaddr *) from, fromlen); + wpa_printf(MSG_DEBUG, "L2 registration[idx=%d]: res=%d", idx, res); } static void wpa_priv_cmd_l2_unregister(struct wpa_priv_interface *iface, - struct sockaddr_un *from) + struct sockaddr_un *from, + socklen_t fromlen) { - if (iface->l2) { - l2_packet_deinit(iface->l2); - iface->l2 = NULL; + int idx; + + for (idx = 0; idx < WPA_PRIV_MAX_L2; idx++) { + if (iface->l2_addr_len[idx] == fromlen && + os_memcmp(&iface->l2_addr[idx], from, fromlen) == 0) + break; + } + if (idx == WPA_PRIV_MAX_L2) { + wpa_printf(MSG_DEBUG, + "No registered l2_packet socket found for unregister request"); + return; + } + + if (iface->l2[idx]) { + l2_packet_deinit(iface->l2[idx]); + iface->l2[idx] = NULL; } } @@ -493,20 +559,36 @@ static void wpa_priv_cmd_l2_unregister(struct wpa_priv_interface *iface, static void wpa_priv_cmd_l2_notify_auth_start(struct wpa_priv_interface *iface, struct sockaddr_un *from) { - if (iface->l2) - l2_packet_notify_auth_start(iface->l2); + int idx; + + for (idx = 0; idx < WPA_PRIV_MAX_L2; idx++) { + if (iface->l2[idx]) + l2_packet_notify_auth_start(iface->l2[idx]); + } } static void wpa_priv_cmd_l2_send(struct wpa_priv_interface *iface, - struct sockaddr_un *from, + struct sockaddr_un *from, socklen_t fromlen, void *buf, size_t len) { u8 *dst_addr; u16 proto; int res; + int idx; - if (iface->l2 == NULL) + for (idx = 0; idx < WPA_PRIV_MAX_L2; idx++) { + if (iface->l2_addr_len[idx] == fromlen && + os_memcmp(&iface->l2_addr[idx], from, fromlen) == 0) + break; + } + if (idx == WPA_PRIV_MAX_L2) { + wpa_printf(MSG_DEBUG, + "No registered l2_packet socket found for send request"); + return; + } + + if (iface->l2[idx] == NULL) return; if (len < ETH_ALEN + 2) { @@ -518,15 +600,15 @@ static void wpa_priv_cmd_l2_send(struct wpa_priv_interface *iface, dst_addr = buf; os_memcpy(&proto, buf + ETH_ALEN, 2); - if (proto != ETH_P_EAPOL && proto != ETH_P_RSN_PREAUTH) { + if (!wpa_priv_allowed_l2_proto(proto)) { wpa_printf(MSG_DEBUG, "Refused l2_packet send for ethertype " "0x%x", proto); return; } - res = l2_packet_send(iface->l2, dst_addr, proto, buf + ETH_ALEN + 2, - len - ETH_ALEN - 2); - wpa_printf(MSG_DEBUG, "L2 send: res=%d", res); + res = l2_packet_send(iface->l2[idx], dst_addr, proto, + buf + ETH_ALEN + 2, len - ETH_ALEN - 2); + wpa_printf(MSG_DEBUG, "L2 send[idx=%d]: res=%d", idx, res); } @@ -571,7 +653,7 @@ static void wpa_priv_receive(int sock, void *eloop_ctx, void *sock_ctx) switch (cmd) { case PRIVSEP_CMD_REGISTER: - wpa_priv_cmd_register(iface, &from); + wpa_priv_cmd_register(iface, &from, fromlen); break; case PRIVSEP_CMD_UNREGISTER: wpa_priv_cmd_unregister(iface, &from); @@ -580,34 +662,35 @@ static void wpa_priv_receive(int sock, void *eloop_ctx, void *sock_ctx) wpa_priv_cmd_scan(iface, cmd_buf, cmd_len); break; case PRIVSEP_CMD_GET_SCAN_RESULTS: - wpa_priv_cmd_get_scan_results(iface, &from); + wpa_priv_cmd_get_scan_results(iface, &from, fromlen); break; case PRIVSEP_CMD_ASSOCIATE: wpa_priv_cmd_associate(iface, cmd_buf, cmd_len); break; case PRIVSEP_CMD_GET_BSSID: - wpa_priv_cmd_get_bssid(iface, &from); + wpa_priv_cmd_get_bssid(iface, &from, fromlen); break; case PRIVSEP_CMD_GET_SSID: - wpa_priv_cmd_get_ssid(iface, &from); + wpa_priv_cmd_get_ssid(iface, &from, fromlen); break; case PRIVSEP_CMD_SET_KEY: wpa_priv_cmd_set_key(iface, cmd_buf, cmd_len); break; case PRIVSEP_CMD_GET_CAPA: - wpa_priv_cmd_get_capa(iface, &from); + wpa_priv_cmd_get_capa(iface, &from, fromlen); break; case PRIVSEP_CMD_L2_REGISTER: - wpa_priv_cmd_l2_register(iface, &from, cmd_buf, cmd_len); + wpa_priv_cmd_l2_register(iface, &from, fromlen, + cmd_buf, cmd_len); break; case PRIVSEP_CMD_L2_UNREGISTER: - wpa_priv_cmd_l2_unregister(iface, &from); + wpa_priv_cmd_l2_unregister(iface, &from, fromlen); break; case PRIVSEP_CMD_L2_NOTIFY_AUTH_START: wpa_priv_cmd_l2_notify_auth_start(iface, &from); break; case PRIVSEP_CMD_L2_SEND: - wpa_priv_cmd_l2_send(iface, &from, cmd_buf, cmd_len); + wpa_priv_cmd_l2_send(iface, &from, fromlen, cmd_buf, cmd_len); break; case PRIVSEP_CMD_SET_COUNTRY: pos = cmd_buf; @@ -625,8 +708,14 @@ static void wpa_priv_receive(int sock, void *eloop_ctx, void *sock_ctx) static void wpa_priv_interface_deinit(struct wpa_priv_interface *iface) { - if (iface->drv_priv && iface->driver->deinit) - iface->driver->deinit(iface->drv_priv); + int i; + + if (iface->drv_priv) { + if (iface->driver->deinit) + iface->driver->deinit(iface->drv_priv); + if (iface->drv_global_priv) + iface->driver->global_deinit(iface->drv_global_priv); + } if (iface->fd >= 0) { eloop_unregister_read_sock(iface->fd); @@ -634,8 +723,10 @@ static void wpa_priv_interface_deinit(struct wpa_priv_interface *iface) unlink(iface->sock_name); } - if (iface->l2) - l2_packet_deinit(iface->l2); + for (i = 0; i < WPA_PRIV_MAX_L2; i++) { + if (iface->l2[i]) + l2_packet_deinit(iface->l2[i]); + } os_free(iface->ifname); os_free(iface->driver_name); @@ -777,7 +868,7 @@ static int wpa_priv_send_event(struct wpa_priv_interface *iface, int event, msg.msg_iov = io; msg.msg_iovlen = data ? 2 : 1; msg.msg_name = &iface->drv_addr; - msg.msg_namelen = sizeof(iface->drv_addr); + msg.msg_namelen = iface->drv_addr_len; if (sendmsg(iface->fd, &msg, 0) < 0) { wpa_printf(MSG_ERROR, "sendmsg(wpas_socket): %s", @@ -796,7 +887,7 @@ static void wpa_priv_send_auth(struct wpa_priv_interface *iface, struct privsep_event_auth *auth; u8 *buf, *pos; - buf = os_malloc(buflen); + buf = os_zalloc(buflen); if (buf == NULL) return; @@ -990,12 +1081,6 @@ void wpa_supplicant_event(void *ctx, enum wpa_event_type event, &data->pmkid_candidate, sizeof(struct pmkid_candidate)); break; - case EVENT_STKSTART: - if (data == NULL) - return; - wpa_priv_send_event(iface, PRIVSEP_EVENT_STKSTART, - &data->stkstart.peer, ETH_ALEN); - break; case EVENT_FT_RESPONSE: wpa_priv_send_ft_response(iface, data); break; @@ -1061,7 +1146,7 @@ void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr, msg.msg_iov = io; msg.msg_iovlen = 3; msg.msg_name = &iface->drv_addr; - msg.msg_namelen = sizeof(iface->drv_addr); + msg.msg_namelen = iface->drv_addr_len; if (sendmsg(iface->fd, &msg, 0) < 0) wpa_printf(MSG_ERROR, "sendmsg(wpas_socket): %s", @@ -1099,7 +1184,7 @@ static void wpa_priv_fd_workaround(void) static void usage(void) { printf("wpa_priv v" VERSION_STR "\n" - "Copyright (c) 2007-2016, Jouni Malinen <j@w1.fi> and " + "Copyright (c) 2007-2017, Jouni Malinen <j@w1.fi> and " "contributors\n" "\n" "usage:\n" diff --git a/contrib/wpa/wpa_supplicant/wpa_supplicant.c b/contrib/wpa/wpa_supplicant/wpa_supplicant.c index 7361ee96d1df..e587d7e3cd69 100644 --- a/contrib/wpa/wpa_supplicant/wpa_supplicant.c +++ b/contrib/wpa/wpa_supplicant/wpa_supplicant.c @@ -1,6 +1,6 @@ /* * WPA Supplicant - * Copyright (c) 2003-2016, Jouni Malinen <j@w1.fi> + * Copyright (c) 2003-2018, Jouni Malinen <j@w1.fi> * * This software may be distributed under the terms of the BSD license. * See README for more details. @@ -38,6 +38,7 @@ #include "common/wpa_ctrl.h" #include "common/ieee802_11_defs.h" #include "common/hw_features_common.h" +#include "common/gas_server.h" #include "p2p/p2p.h" #include "fst/fst.h" #include "blacklist.h" @@ -59,10 +60,15 @@ #include "wnm_sta.h" #include "wpas_kay.h" #include "mesh.h" +#include "dpp_supplicant.h" +#ifdef CONFIG_MESH +#include "ap/ap_config.h" +#include "ap/hostapd.h" +#endif /* CONFIG_MESH */ const char *const wpa_supplicant_version = "wpa_supplicant v" VERSION_STR "\n" -"Copyright (c) 2003-2016, Jouni Malinen <j@w1.fi> and contributors"; +"Copyright (c) 2003-2018, Jouni Malinen <j@w1.fi> and contributors"; const char *const wpa_supplicant_license = "This software may be distributed under the terms of the BSD license.\n" @@ -112,6 +118,13 @@ const char *const wpa_supplicant_full_license5 = "\n"; #endif /* CONFIG_NO_STDOUT_DEBUG */ + +static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx, void *timeout_ctx); +#if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL) +static void wpas_update_fils_connect_params(struct wpa_supplicant *wpa_s); +#endif /* CONFIG_FILS && IEEE8021X_EAPOL */ + + /* Configure default/group WEP keys for static WEP */ int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid) { @@ -230,10 +243,30 @@ void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s, wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec " "%d usec", sec, usec); eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL); + wpa_s->last_auth_timeout_sec = sec; eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL); } +/* + * wpas_auth_timeout_restart - Restart and change timeout for authentication + * @wpa_s: Pointer to wpa_supplicant data + * @sec_diff: difference in seconds applied to original timeout value + */ +void wpas_auth_timeout_restart(struct wpa_supplicant *wpa_s, int sec_diff) +{ + int new_sec = wpa_s->last_auth_timeout_sec + sec_diff; + + if (eloop_is_timeout_registered(wpa_supplicant_timeout, wpa_s, NULL)) { + wpa_dbg(wpa_s, MSG_DEBUG, + "Authentication timeout restart: %d sec", new_sec); + eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL); + eloop_register_timeout(new_sec, 0, wpa_supplicant_timeout, + wpa_s, NULL); + } +} + + /** * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout * @wpa_s: Pointer to wpa_supplicant data @@ -247,6 +280,9 @@ void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s) wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout"); eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL); wpa_blacklist_del(wpa_s, wpa_s->bssid); + os_free(wpa_s->last_con_fail_realm); + wpa_s->last_con_fail_realm = NULL; + wpa_s->last_con_fail_realm_len = 0; } @@ -329,7 +365,12 @@ void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s) eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf); - ieee802_1x_alloc_kay_sm(wpa_s, ssid); +#ifdef CONFIG_MACSEC + if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE && ssid->mka_psk_set) + ieee802_1x_create_preshared_mka(wpa_s, ssid); + else + ieee802_1x_alloc_kay_sm(wpa_s, ssid); +#endif /* CONFIG_MACSEC */ #endif /* IEEE8021X_EAPOL */ } @@ -409,12 +450,26 @@ static void free_bss_tmp_disallowed(struct wpa_supplicant *wpa_s) dl_list_for_each_safe(bss, prev, &wpa_s->bss_tmp_disallowed, struct wpa_bss_tmp_disallowed, list) { + eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout, wpa_s, bss); dl_list_del(&bss->list); os_free(bss); } } +void wpas_flush_fils_hlp_req(struct wpa_supplicant *wpa_s) +{ + struct fils_hlp_req *req; + + while ((req = dl_list_first(&wpa_s->fils_hlp_req, struct fils_hlp_req, + list)) != NULL) { + dl_list_del(&req->list); + wpabuf_free(req->pkt); + os_free(req); + } +} + + static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s) { int i; @@ -434,6 +489,10 @@ static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s) #ifdef CONFIG_TESTING_OPTIONS l2_packet_deinit(wpa_s->l2_test); wpa_s->l2_test = NULL; + os_free(wpa_s->get_pref_freq_list_override); + wpa_s->get_pref_freq_list_override = NULL; + wpabuf_free(wpa_s->last_assoc_req_wpa_ie); + wpa_s->last_assoc_req_wpa_ie = NULL; #endif /* CONFIG_TESTING_OPTIONS */ if (wpa_s->conf != NULL) { @@ -448,6 +507,10 @@ static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s) os_free(wpa_s->confanother); wpa_s->confanother = NULL; + os_free(wpa_s->last_con_fail_realm); + wpa_s->last_con_fail_realm = NULL; + wpa_s->last_con_fail_realm_len = 0; + wpa_sm_set_eapol(wpa_s->wpa, NULL); eapol_sm_deinit(wpa_s->eapol); wpa_s->eapol = NULL; @@ -506,6 +569,8 @@ static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s) os_free(wpa_s->manual_scan_freqs); wpa_s->manual_scan_freqs = NULL; + os_free(wpa_s->select_network_scan_freqs); + wpa_s->select_network_scan_freqs = NULL; os_free(wpa_s->manual_sched_scan_freqs); wpa_s->manual_sched_scan_freqs = NULL; @@ -524,6 +589,8 @@ static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s) radio_remove_works(wpa_s, "gas-query", 0); gas_query_deinit(wpa_s->gas); wpa_s->gas = NULL; + gas_server_deinit(wpa_s->gas_server); + wpa_s->gas_server = NULL; free_hw_features(wpa_s); @@ -580,6 +647,32 @@ static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s) wpabuf_free(wpa_s->lci); wpa_s->lci = NULL; + wpas_clear_beacon_rep_data(wpa_s); + +#ifdef CONFIG_PMKSA_CACHE_EXTERNAL +#ifdef CONFIG_MESH + { + struct external_pmksa_cache *entry; + + while ((entry = dl_list_last(&wpa_s->mesh_external_pmksa_cache, + struct external_pmksa_cache, + list)) != NULL) { + dl_list_del(&entry->list); + os_free(entry->pmksa_cache); + os_free(entry); + } + } +#endif /* CONFIG_MESH */ +#endif /* CONFIG_PMKSA_CACHE_EXTERNAL */ + + wpas_flush_fils_hlp_req(wpa_s); + + wpabuf_free(wpa_s->ric_ies); + wpa_s->ric_ies = NULL; + +#ifdef CONFIG_DPP + wpas_dpp_deinit(wpa_s); +#endif /* CONFIG_DPP */ } @@ -793,12 +886,24 @@ void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s, if (state == WPA_COMPLETED && wpa_s->new_connection) { struct wpa_ssid *ssid = wpa_s->current_ssid; + int fils_hlp_sent = 0; + +#ifdef CONFIG_SME + if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) && + wpa_auth_alg_fils(wpa_s->sme.auth_alg)) + fils_hlp_sent = 1; +#endif /* CONFIG_SME */ + if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) && + wpa_auth_alg_fils(wpa_s->auth_alg)) + fils_hlp_sent = 1; + #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG) wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to " - MACSTR " completed [id=%d id_str=%s]", + MACSTR " completed [id=%d id_str=%s%s]", MAC2STR(wpa_s->bssid), ssid ? ssid->id : -1, - ssid && ssid->id_str ? ssid->id_str : ""); + ssid && ssid->id_str ? ssid->id_str : "", + fils_hlp_sent ? " FILS_HLP_SENT" : ""); #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */ wpas_clear_temp_disabled(wpa_s, ssid, 1); wpa_blacklist_clear(wpa_s); @@ -813,6 +918,11 @@ void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s, wpas_p2p_completed(wpa_s); sme_sched_obss_scan(wpa_s, 1); + +#if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL) + if (!fils_hlp_sent && ssid && ssid->eap.erp) + wpas_update_fils_connect_params(wpa_s); +#endif /* CONFIG_FILS && IEEE8021X_EAPOL */ } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING || state == WPA_ASSOCIATED) { wpa_s->new_connection = 1; @@ -927,7 +1037,13 @@ int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s) "file '%s' - exiting", wpa_s->confname); return -1; } - wpa_config_read(wpa_s->confanother, conf); + if (wpa_s->confanother && + !wpa_config_read(wpa_s->confanother, conf)) { + wpa_msg(wpa_s, MSG_ERROR, + "Failed to parse the configuration file '%s' - exiting", + wpa_s->confanother); + return -1; + } conf->changed_parameters = (unsigned int) -1; @@ -953,7 +1069,9 @@ int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s) * TODO: should notify EAPOL SM about changes in opensc_engine_path, * pkcs11_engine_path, pkcs11_module_path, openssl_ciphers. */ - if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) { + if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) || + wpa_s->key_mgmt == WPA_KEY_MGMT_OWE || + wpa_s->key_mgmt == WPA_KEY_MGMT_DPP) { /* * Clear forced success to clear EAP state for next * authentication. @@ -1098,14 +1216,20 @@ int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s, wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0"); proto = WPA_PROTO_WPA; #ifdef CONFIG_HS20 - } else if (bss_osen && (ssid->proto & WPA_PROTO_OSEN)) { + } else if (bss_osen && (ssid->proto & WPA_PROTO_OSEN) && + wpa_parse_wpa_ie(bss_osen, 2 + bss_osen[1], &ie) == 0 && + (ie.group_cipher & ssid->group_cipher) && + (ie.pairwise_cipher & ssid->pairwise_cipher) && + (ie.key_mgmt & ssid->key_mgmt)) { wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using OSEN"); - /* TODO: parse OSEN element */ - os_memset(&ie, 0, sizeof(ie)); - ie.group_cipher = WPA_CIPHER_CCMP; - ie.pairwise_cipher = WPA_CIPHER_CCMP; - ie.key_mgmt = WPA_KEY_MGMT_OSEN; proto = WPA_PROTO_OSEN; + } else if (bss_rsn && (ssid->proto & WPA_PROTO_OSEN) && + wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 && + (ie.group_cipher & ssid->group_cipher) && + (ie.pairwise_cipher & ssid->pairwise_cipher) && + (ie.key_mgmt & ssid->key_mgmt)) { + wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using OSEN (within RSN)"); + proto = WPA_PROTO_RSN; #endif /* CONFIG_HS20 */ } else if (bss) { wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN"); @@ -1157,10 +1281,35 @@ int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s, ie.pairwise_cipher = ssid->pairwise_cipher; ie.key_mgmt = ssid->key_mgmt; #ifdef CONFIG_IEEE80211W - ie.mgmt_group_cipher = - ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION ? - WPA_CIPHER_AES_128_CMAC : 0; + ie.mgmt_group_cipher = 0; + if (ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION) { + if (ssid->group_mgmt_cipher & + WPA_CIPHER_BIP_GMAC_256) + ie.mgmt_group_cipher = + WPA_CIPHER_BIP_GMAC_256; + else if (ssid->group_mgmt_cipher & + WPA_CIPHER_BIP_CMAC_256) + ie.mgmt_group_cipher = + WPA_CIPHER_BIP_CMAC_256; + else if (ssid->group_mgmt_cipher & + WPA_CIPHER_BIP_GMAC_128) + ie.mgmt_group_cipher = + WPA_CIPHER_BIP_GMAC_128; + else + ie.mgmt_group_cipher = + WPA_CIPHER_AES_128_CMAC; + } #endif /* CONFIG_IEEE80211W */ +#ifdef CONFIG_OWE + if ((ssid->key_mgmt & WPA_KEY_MGMT_OWE) && + !ssid->owe_only && + !bss_wpa && !bss_rsn && !bss_osen) { + wpa_supplicant_set_non_wpa_policy(wpa_s, ssid); + wpa_s->wpa_proto = 0; + *wpa_ie_len = 0; + return 0; + } +#endif /* CONFIG_OWE */ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites " "based on configuration"); } else @@ -1233,10 +1382,46 @@ int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s, wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X with Suite B"); #endif /* CONFIG_SUITEB */ +#ifdef CONFIG_FILS +#ifdef CONFIG_IEEE80211R + } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA384) { + wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA384; + wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA384"); + } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA256) { + wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA256; + wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA256"); +#endif /* CONFIG_IEEE80211R */ + } else if (sel & WPA_KEY_MGMT_FILS_SHA384) { + wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA384; + wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA384"); + } else if (sel & WPA_KEY_MGMT_FILS_SHA256) { + wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA256; + wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA256"); +#endif /* CONFIG_FILS */ #ifdef CONFIG_IEEE80211R +#ifdef CONFIG_SHA384 + } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X_SHA384) { + wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X_SHA384; + wpa_dbg(wpa_s, MSG_DEBUG, + "WPA: using KEY_MGMT FT/802.1X-SHA384"); + if (pmksa_cache_get_current(wpa_s->wpa)) { + /* PMKSA caching with FT is not fully functional, so + * disable the case for now. */ + wpa_dbg(wpa_s, MSG_DEBUG, + "WPA: Disable PMKSA caching for FT/802.1X connection"); + pmksa_cache_clear_current(wpa_s->wpa); + } +#endif /* CONFIG_SHA384 */ } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) { wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X; wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X"); + if (pmksa_cache_get_current(wpa_s->wpa)) { + /* PMKSA caching with FT is not fully functional, so + * disable the case for now. */ + wpa_dbg(wpa_s, MSG_DEBUG, + "WPA: Disable PMKSA caching for FT/802.1X connection"); + pmksa_cache_clear_current(wpa_s->wpa); + } } else if (sel & WPA_KEY_MGMT_FT_PSK) { wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK; wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK"); @@ -1273,6 +1458,16 @@ int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s, wpa_s->key_mgmt = WPA_KEY_MGMT_OSEN; wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using KEY_MGMT OSEN"); #endif /* CONFIG_HS20 */ +#ifdef CONFIG_OWE + } else if (sel & WPA_KEY_MGMT_OWE) { + wpa_s->key_mgmt = WPA_KEY_MGMT_OWE; + wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT OWE"); +#endif /* CONFIG_OWE */ +#ifdef CONFIG_DPP + } else if (sel & WPA_KEY_MGMT_DPP) { + wpa_s->key_mgmt = WPA_KEY_MGMT_DPP; + wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT DPP"); +#endif /* CONFIG_DPP */ } else { wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select " "authenticated key management type"); @@ -1286,6 +1481,8 @@ int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s, #ifdef CONFIG_IEEE80211W sel = ie.mgmt_group_cipher; + if (ssid->group_mgmt_cipher) + sel &= ssid->group_mgmt_cipher; if (wpas_get_ssid_pmf(wpa_s, ssid) == NO_MGMT_FRAME_PROTECTION || !(ie.capabilities & WPA_CAPABILITY_MFPC)) sel = 0; @@ -1322,15 +1519,27 @@ int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s, if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) { int psk_set = 0; + int sae_only; + + sae_only = (ssid->key_mgmt & (WPA_KEY_MGMT_PSK | + WPA_KEY_MGMT_FT_PSK | + WPA_KEY_MGMT_PSK_SHA256)) == 0; - if (ssid->psk_set) { + if (ssid->psk_set && !sae_only) { + wpa_hexdump_key(MSG_MSGDUMP, "PSK (set in config)", + ssid->psk, PMK_LEN); wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN, NULL, NULL); psk_set = 1; } + + if (wpa_key_mgmt_sae(ssid->key_mgmt) && + (ssid->sae_password || ssid->passphrase)) + psk_set = 1; + #ifndef CONFIG_NO_PBKDF2 if (bss && ssid->bssid_set && ssid->ssid_len == 0 && - ssid->passphrase) { + ssid->passphrase && !sae_only) { u8 psk[PMK_LEN]; pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len, 4096, psk, PMK_LEN); @@ -1342,7 +1551,7 @@ int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s, } #endif /* CONFIG_NO_PBKDF2 */ #ifdef CONFIG_EXT_PASSWORD - if (ssid->ext_psk) { + if (ssid->ext_psk && !sae_only) { struct wpabuf *pw = ext_password_get(wpa_s->ext_pw, ssid->ext_psk); char pw_str[64 + 1]; @@ -1388,6 +1597,9 @@ int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s, ext_password_free(pw); return -1; } + wpa_hexdump_key(MSG_MSGDUMP, + "PSK (from external PSK)", + psk, PMK_LEN); wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL, NULL); psk_set = 1; @@ -1408,8 +1620,15 @@ int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s, if (!psk_set) { wpa_msg(wpa_s, MSG_INFO, "No PSK available for association"); + wpas_auth_failed(wpa_s, "NO_PSK_AVAILABLE"); return -1; } +#ifdef CONFIG_OWE + } else if (wpa_s->key_mgmt == WPA_KEY_MGMT_OWE) { + /* OWE Diffie-Hellman exchange in (Re)Association + * Request/Response frames set the PMK, so do not override it + * here. */ +#endif /* CONFIG_OWE */ } else wpa_sm_set_pmk_from_pmksa(wpa_s->wpa); @@ -1425,6 +1644,10 @@ static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx) case 0: /* Bits 0-7 */ break; case 1: /* Bits 8-15 */ + if (wpa_s->conf->coloc_intf_reporting) { + /* Bit 13 - Collocated Interference Reporting */ + *pos |= 0x20; + } break; case 2: /* Bits 16-23 */ #ifdef CONFIG_WNM @@ -1443,7 +1666,7 @@ static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx) break; case 4: /* Bits 32-39 */ #ifdef CONFIG_INTERWORKING - if (wpa_s->drv_flags / WPA_DRIVER_FLAGS_QOS_MAPPING) + if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_QOS_MAPPING) *pos |= 0x01; /* Bit 32 - QoS Map */ #endif /* CONFIG_INTERWORKING */ break; @@ -1466,6 +1689,12 @@ static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx) if (wpa_s->conf->ftm_initiator) *pos |= 0x80; /* Bit 71 - FTM initiator */ break; + case 9: /* Bits 72-79 */ +#ifdef CONFIG_FILS + if (!wpa_s->disable_fils) + *pos |= 0x01; +#endif /* CONFIG_FILS */ + break; } } @@ -1473,11 +1702,8 @@ static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx) int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf, size_t buflen) { u8 *pos = buf; - u8 len = 6, i; + u8 len = 10, i; - if (len < 9 && - (wpa_s->conf->ftm_initiator || wpa_s->conf->ftm_responder)) - len = 9; if (len < wpa_s->extended_capa_len) len = wpa_s->extended_capa_len; if (buflen < (size_t) len + 2) { @@ -1665,6 +1891,9 @@ void wpa_supplicant_associate(struct wpa_supplicant *wpa_s, wmm_ac_clear_saved_tspecs(wpa_s); wpa_s->reassoc_same_bss = 0; wpa_s->reassoc_same_ess = 0; +#ifdef CONFIG_TESTING_OPTIONS + wpa_s->testing_resend_assoc = 0; +#endif /* CONFIG_TESTING_OPTIONS */ if (wpa_s->last_ssid == ssid) { wpa_dbg(wpa_s, MSG_DEBUG, "Re-association to the same ESS"); @@ -1673,11 +1902,13 @@ void wpa_supplicant_associate(struct wpa_supplicant *wpa_s, wmm_ac_save_tspecs(wpa_s); wpa_s->reassoc_same_bss = 1; } - } else if (rand_style > 0) { + } + + if (rand_style > 0 && !wpa_s->reassoc_same_ess) { if (wpas_update_random_addr(wpa_s, rand_style) < 0) return; wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid); - } else if (wpa_s->mac_addr_changed) { + } else if (rand_style == 0 && wpa_s->mac_addr_changed) { if (wpa_drv_set_mac_addr(wpa_s, NULL) < 0) { wpa_msg(wpa_s, MSG_INFO, "Could not restore permanent MAC address"); @@ -1696,6 +1927,13 @@ void wpa_supplicant_associate(struct wpa_supplicant *wpa_s, #ifdef CONFIG_IBSS_RSN ibss_rsn_deinit(wpa_s->ibss_rsn); wpa_s->ibss_rsn = NULL; +#else /* CONFIG_IBSS_RSN */ + if (ssid->mode == WPAS_MODE_IBSS && + !(ssid->key_mgmt & (WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPA_NONE))) { + wpa_msg(wpa_s, MSG_INFO, + "IBSS RSN not supported in the build"); + return; + } #endif /* CONFIG_IBSS_RSN */ if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO || @@ -1737,6 +1975,7 @@ void wpa_supplicant_associate(struct wpa_supplicant *wpa_s, wpa_msg(wpa_s, MSG_INFO, MESH_GROUP_STARTED "ssid=\"%s\" id=%d", wpa_ssid_txt(ssid->ssid, ssid->ssid_len), ssid->id); + wpas_notify_mesh_group_started(wpa_s, ssid); #else /* CONFIG_MESH */ wpa_msg(wpa_s, MSG_ERROR, "mesh mode support not included in the build"); @@ -1744,6 +1983,20 @@ void wpa_supplicant_associate(struct wpa_supplicant *wpa_s, return; } + /* + * Set WPA state machine configuration to match the selected network now + * so that the information is available before wpas_start_assoc_cb() + * gets called. This is needed at least for RSN pre-authentication where + * candidate APs are added to a list based on scan result processing + * before completion of the first association. + */ + wpa_supplicant_rsn_supp_set_config(wpa_s, ssid); + +#ifdef CONFIG_DPP + if (wpas_dpp_check_connect(wpa_s, ssid, bss) != 0) + return; +#endif /* CONFIG_DPP */ + #ifdef CONFIG_TDLS if (bss) wpa_tdls_ap_ies(wpa_s->wpa, (const u8 *) (bss + 1), @@ -1766,6 +2019,13 @@ void wpa_supplicant_associate(struct wpa_supplicant *wpa_s, return; } +#ifdef CONFIG_SME + if (ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) { + /* Clear possibly set auth_alg, if any, from last attempt. */ + wpa_s->sme.auth_alg = WPA_AUTH_ALG_OPEN; + } +#endif /* CONFIG_SME */ + wpas_abort_ongoing_scan(wpa_s); cwork = os_zalloc(sizeof(*cwork)); @@ -1797,11 +2057,6 @@ static int drv_supports_vht(struct wpa_supplicant *wpa_s, u8 channel; int i; -#ifdef CONFIG_HT_OVERRIDES - if (ssid->disable_ht) - return 0; -#endif /* CONFIG_HT_OVERRIDES */ - hw_mode = ieee80211_freq_to_chan(ssid->frequency, &channel); if (hw_mode == NUM_HOSTAPD_MODES) return 0; @@ -2000,6 +2255,13 @@ void ibss_mesh_setup_freq(struct wpa_supplicant *wpa_s, vht_freq = *freq; +#ifdef CONFIG_VHT_OVERRIDES + if (ssid->disable_vht) { + freq->vht_enabled = 0; + return; + } +#endif /* CONFIG_VHT_OVERRIDES */ + vht_freq.vht_enabled = vht_supported(mode); if (!vht_freq.vht_enabled) return; @@ -2084,147 +2346,170 @@ void ibss_mesh_setup_freq(struct wpa_supplicant *wpa_s, } -static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit) +#ifdef CONFIG_FILS +static size_t wpas_add_fils_hlp_req(struct wpa_supplicant *wpa_s, u8 *ie_buf, + size_t ie_buf_len) { - struct wpa_connect_work *cwork = work->ctx; - struct wpa_bss *bss = cwork->bss; - struct wpa_ssid *ssid = cwork->ssid; - struct wpa_supplicant *wpa_s = work->wpa_s; - u8 wpa_ie[200]; - size_t wpa_ie_len; - int use_crypt, ret, i, bssid_changed; - int algs = WPA_AUTH_ALG_OPEN; - unsigned int cipher_pairwise, cipher_group; - struct wpa_driver_associate_params params; - int wep_keys_set = 0; - int assoc_failed = 0; - struct wpa_ssid *old_ssid; - u8 prev_bssid[ETH_ALEN]; -#ifdef CONFIG_HT_OVERRIDES - struct ieee80211_ht_capabilities htcaps; - struct ieee80211_ht_capabilities htcaps_mask; -#endif /* CONFIG_HT_OVERRIDES */ -#ifdef CONFIG_VHT_OVERRIDES - struct ieee80211_vht_capabilities vhtcaps; - struct ieee80211_vht_capabilities vhtcaps_mask; -#endif /* CONFIG_VHT_OVERRIDES */ -#ifdef CONFIG_MBO - const u8 *mbo = NULL; -#endif /* CONFIG_MBO */ + struct fils_hlp_req *req; + size_t rem_len, hdr_len, hlp_len, len, ie_len = 0; + const u8 *pos; + u8 *buf = ie_buf; - if (deinit) { - if (work->started) { - wpa_s->connect_work = NULL; + dl_list_for_each(req, &wpa_s->fils_hlp_req, struct fils_hlp_req, + list) { + rem_len = ie_buf_len - ie_len; + pos = wpabuf_head(req->pkt); + hdr_len = 1 + 2 * ETH_ALEN + 6; + hlp_len = wpabuf_len(req->pkt); - /* cancel possible auth. timeout */ - eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, - NULL); + if (rem_len < 2 + hdr_len + hlp_len) { + wpa_printf(MSG_ERROR, + "FILS: Cannot fit HLP - rem_len=%lu to_fill=%lu", + (unsigned long) rem_len, + (unsigned long) (2 + hdr_len + hlp_len)); + break; + } + + len = (hdr_len + hlp_len) > 255 ? 255 : hdr_len + hlp_len; + /* Element ID */ + *buf++ = WLAN_EID_EXTENSION; + /* Length */ + *buf++ = len; + /* Element ID Extension */ + *buf++ = WLAN_EID_EXT_FILS_HLP_CONTAINER; + /* Destination MAC address */ + os_memcpy(buf, req->dst, ETH_ALEN); + buf += ETH_ALEN; + /* Source MAC address */ + os_memcpy(buf, wpa_s->own_addr, ETH_ALEN); + buf += ETH_ALEN; + /* LLC/SNAP Header */ + os_memcpy(buf, "\xaa\xaa\x03\x00\x00\x00", 6); + buf += 6; + /* HLP Packet */ + os_memcpy(buf, pos, len - hdr_len); + buf += len - hdr_len; + pos += len - hdr_len; + + hlp_len -= len - hdr_len; + ie_len += 2 + len; + rem_len -= 2 + len; + + while (hlp_len) { + len = (hlp_len > 255) ? 255 : hlp_len; + if (rem_len < 2 + len) + break; + *buf++ = WLAN_EID_FRAGMENT; + *buf++ = len; + os_memcpy(buf, pos, len); + buf += len; + pos += len; + + hlp_len -= len; + ie_len += 2 + len; + rem_len -= 2 + len; } - wpas_connect_work_free(cwork); - return; } - wpa_s->connect_work = work; + return ie_len; +} - if (cwork->bss_removed || !wpas_valid_bss_ssid(wpa_s, bss, ssid) || - wpas_network_disabled(wpa_s, ssid)) { - wpa_dbg(wpa_s, MSG_DEBUG, "BSS/SSID entry for association not valid anymore - drop connection attempt"); - wpas_connect_work_done(wpa_s); - return; - } - os_memcpy(prev_bssid, wpa_s->bssid, ETH_ALEN); - os_memset(¶ms, 0, sizeof(params)); - wpa_s->reassociate = 0; - wpa_s->eap_expected_failure = 0; - if (bss && - (!wpas_driver_bss_selection(wpa_s) || wpas_wps_searching(wpa_s))) { -#ifdef CONFIG_IEEE80211R - const u8 *ie, *md = NULL; -#endif /* CONFIG_IEEE80211R */ - wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR - " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid), - wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq); - bssid_changed = !is_zero_ether_addr(wpa_s->bssid); - os_memset(wpa_s->bssid, 0, ETH_ALEN); - os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN); - if (bssid_changed) - wpas_notify_bssid_changed(wpa_s); -#ifdef CONFIG_IEEE80211R - ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN); - if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN) - md = ie + 2; - wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0); - if (md) { - /* Prepare for the next transition */ - wpa_ft_prepare_auth_request(wpa_s->wpa, ie); - } -#endif /* CONFIG_IEEE80211R */ -#ifdef CONFIG_WPS - } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) && - wpa_s->conf->ap_scan == 2 && - (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) { - /* Use ap_scan==1 style network selection to find the network - */ - wpas_connect_work_done(wpa_s); - wpa_s->scan_req = MANUAL_SCAN_REQ; - wpa_s->reassociate = 1; - wpa_supplicant_req_scan(wpa_s, 0, 0); - return; -#endif /* CONFIG_WPS */ - } else { - wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'", - wpa_ssid_txt(ssid->ssid, ssid->ssid_len)); - if (bss) - os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN); - else - os_memset(wpa_s->pending_bssid, 0, ETH_ALEN); - } - if (!wpa_s->pno) - wpa_supplicant_cancel_sched_scan(wpa_s); +int wpa_is_fils_supported(struct wpa_supplicant *wpa_s) +{ + return (((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) && + (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SUPPORT_FILS)) || + (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) && + (wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD))); +} - wpa_supplicant_cancel_scan(wpa_s); - /* Starting new association, so clear the possibly used WPA IE from the - * previous association. */ - wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0); +int wpa_is_fils_sk_pfs_supported(struct wpa_supplicant *wpa_s) +{ +#ifdef CONFIG_FILS_SK_PFS + return (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) && + (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SUPPORT_FILS); +#else /* CONFIG_FILS_SK_PFS */ + return 0; +#endif /* CONFIG_FILS_SK_PFS */ +} -#ifdef IEEE8021X_EAPOL - if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) { - if (ssid->leap) { - if (ssid->non_leap == 0) - algs = WPA_AUTH_ALG_LEAP; - else - algs |= WPA_AUTH_ALG_LEAP; - } +#endif /* CONFIG_FILS */ + + +static u8 * wpas_populate_assoc_ies( + struct wpa_supplicant *wpa_s, + struct wpa_bss *bss, struct wpa_ssid *ssid, + struct wpa_driver_associate_params *params, + enum wpa_drv_update_connect_params_mask *mask) +{ + u8 *wpa_ie; + size_t max_wpa_ie_len = 500; + size_t wpa_ie_len; + int algs = WPA_AUTH_ALG_OPEN; +#ifdef CONFIG_MBO + const u8 *mbo_ie; +#endif +#ifdef CONFIG_FILS + const u8 *realm, *username, *rrk; + size_t realm_len, username_len, rrk_len; + u16 next_seq_num; + struct fils_hlp_req *req; + + dl_list_for_each(req, &wpa_s->fils_hlp_req, struct fils_hlp_req, + list) { + max_wpa_ie_len += 3 + 2 * ETH_ALEN + 6 + wpabuf_len(req->pkt) + + 2 + 2 * wpabuf_len(req->pkt) / 255; } -#endif /* IEEE8021X_EAPOL */ - wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs); - if (ssid->auth_alg) { - algs = ssid->auth_alg; - wpa_dbg(wpa_s, MSG_DEBUG, "Overriding auth_alg selection: " - "0x%x", algs); +#endif /* CONFIG_FILS */ + + wpa_ie = os_malloc(max_wpa_ie_len); + if (!wpa_ie) { + wpa_printf(MSG_ERROR, + "Failed to allocate connect IE buffer for %lu bytes", + (unsigned long) max_wpa_ie_len); + return NULL; } if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) || wpa_bss_get_ie(bss, WLAN_EID_RSN)) && wpa_key_mgmt_wpa(ssid->key_mgmt)) { int try_opportunistic; + const u8 *cache_id = NULL; + try_opportunistic = (ssid->proactive_key_caching < 0 ? wpa_s->conf->okc : ssid->proactive_key_caching) && (ssid->proto & WPA_PROTO_RSN); +#ifdef CONFIG_FILS + if (wpa_key_mgmt_fils(ssid->key_mgmt)) + cache_id = wpa_bss_get_fils_cache_id(bss); +#endif /* CONFIG_FILS */ if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid, - ssid, try_opportunistic) == 0) + ssid, try_opportunistic, + cache_id, 0) == 0) eapol_sm_notify_pmkid_attempt(wpa_s->eapol); - wpa_ie_len = sizeof(wpa_ie); + wpa_ie_len = max_wpa_ie_len; if (wpa_supplicant_set_suites(wpa_s, bss, ssid, wpa_ie, &wpa_ie_len)) { wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA " "key management and encryption suites"); - wpas_connect_work_done(wpa_s); - return; + os_free(wpa_ie); + return NULL; } +#ifdef CONFIG_HS20 + } else if (bss && wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE) && + (ssid->key_mgmt & WPA_KEY_MGMT_OSEN)) { + /* No PMKSA caching, but otherwise similar to RSN/WPA */ + wpa_ie_len = max_wpa_ie_len; + if (wpa_supplicant_set_suites(wpa_s, bss, ssid, + wpa_ie, &wpa_ie_len)) { + wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA " + "key management and encryption suites"); + os_free(wpa_ie); + return NULL; + } +#endif /* CONFIG_HS20 */ } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss && wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) { /* @@ -2236,20 +2521,20 @@ static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit) wpa_ie_len = 0; wpa_s->wpa_proto = 0; } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) { - wpa_ie_len = sizeof(wpa_ie); + wpa_ie_len = max_wpa_ie_len; if (wpa_supplicant_set_suites(wpa_s, NULL, ssid, wpa_ie, &wpa_ie_len)) { wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA " "key management and encryption suites (no " "scan results)"); - wpas_connect_work_done(wpa_s); - return; + os_free(wpa_ie); + return NULL; } #ifdef CONFIG_WPS } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) { struct wpabuf *wps_ie; wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid)); - if (wps_ie && wpabuf_len(wps_ie) <= sizeof(wpa_ie)) { + if (wps_ie && wpabuf_len(wps_ie) <= max_wpa_ie_len) { wpa_ie_len = wpabuf_len(wps_ie); os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len); } else @@ -2257,9 +2542,9 @@ static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit) wpabuf_free(wps_ie); wpa_supplicant_set_non_wpa_policy(wpa_s, ssid); if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY)) - params.wps = WPS_MODE_PRIVACY; + params->wps = WPS_MODE_PRIVACY; else - params.wps = WPS_MODE_OPEN; + params->wps = WPS_MODE_OPEN; wpa_s->wpa_proto = 0; #endif /* CONFIG_WPS */ } else { @@ -2268,13 +2553,61 @@ static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit) wpa_s->wpa_proto = 0; } +#ifdef IEEE8021X_EAPOL + if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) { + if (ssid->leap) { + if (ssid->non_leap == 0) + algs = WPA_AUTH_ALG_LEAP; + else + algs |= WPA_AUTH_ALG_LEAP; + } + } + +#ifdef CONFIG_FILS + /* Clear FILS association */ + wpa_sm_set_reset_fils_completed(wpa_s->wpa, 0); + + if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD) && + ssid->eap.erp && wpa_key_mgmt_fils(wpa_s->key_mgmt) && + eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap, &username, + &username_len, &realm, &realm_len, + &next_seq_num, &rrk, &rrk_len) == 0 && + (!wpa_s->last_con_fail_realm || + wpa_s->last_con_fail_realm_len != realm_len || + os_memcmp(wpa_s->last_con_fail_realm, realm, realm_len) != 0)) { + algs = WPA_AUTH_ALG_FILS; + params->fils_erp_username = username; + params->fils_erp_username_len = username_len; + params->fils_erp_realm = realm; + params->fils_erp_realm_len = realm_len; + params->fils_erp_next_seq_num = next_seq_num; + params->fils_erp_rrk = rrk; + params->fils_erp_rrk_len = rrk_len; + + if (mask) + *mask |= WPA_DRV_UPDATE_FILS_ERP_INFO; + } +#endif /* CONFIG_FILS */ +#endif /* IEEE8021X_EAPOL */ +#ifdef CONFIG_SAE + if (wpa_s->key_mgmt & (WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE)) + algs = WPA_AUTH_ALG_SAE; +#endif /* CONFIG_SAE */ + + wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs); + if (ssid->auth_alg) { + algs = ssid->auth_alg; + wpa_dbg(wpa_s, MSG_DEBUG, + "Overriding auth_alg selection: 0x%x", algs); + } + #ifdef CONFIG_P2P if (wpa_s->global->p2p) { u8 *pos; size_t len; int res; pos = wpa_ie + wpa_ie_len; - len = sizeof(wpa_ie) - wpa_ie_len; + len = max_wpa_ie_len - wpa_ie_len; res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len, ssid->p2p_group); if (res >= 0) @@ -2299,21 +2632,12 @@ static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit) os_memset(wpa_s->p2p_ip_addr_info, 0, sizeof(wpa_s->p2p_ip_addr_info)); #endif /* CONFIG_P2P */ -#ifdef CONFIG_MBO if (bss) { - mbo = wpa_bss_get_vendor_ie(bss, MBO_IE_VENDOR_TYPE); - if (mbo) { - int len; - - len = wpas_mbo_supp_op_class_ie(wpa_s, bss->freq, - wpa_ie + wpa_ie_len, - sizeof(wpa_ie) - - wpa_ie_len); - if (len > 0) - wpa_ie_len += len; - } + wpa_ie_len += wpas_supp_op_class_ie(wpa_s, bss->freq, + wpa_ie + wpa_ie_len, + max_wpa_ie_len - + wpa_ie_len); } -#endif /* CONFIG_MBO */ /* * Workaround: Add Extended Capabilities element only if the AP @@ -2333,7 +2657,8 @@ static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit) int ext_capab_len; ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab, sizeof(ext_capab)); - if (ext_capab_len > 0) { + if (ext_capab_len > 0 && + wpa_ie_len + ext_capab_len <= max_wpa_ie_len) { u8 *pos = wpa_ie; if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN) pos += 2 + pos[1]; @@ -2348,13 +2673,14 @@ static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit) if (is_hs20_network(wpa_s, ssid, bss)) { struct wpabuf *hs20; - hs20 = wpabuf_alloc(20); + hs20 = wpabuf_alloc(20 + MAX_ROAMING_CONS_OI_LEN); if (hs20) { int pps_mo_id = hs20_get_pps_mo_id(wpa_s, ssid); size_t len; wpas_hs20_add_indication(hs20, pps_mo_id); - len = sizeof(wpa_ie) - wpa_ie_len; + wpas_hs20_add_roam_cons_sel(hs20, ssid); + len = max_wpa_ie_len - wpa_ie_len; if (wpabuf_len(hs20) <= len) { os_memcpy(wpa_ie + wpa_ie_len, wpabuf_head(hs20), wpabuf_len(hs20)); @@ -2371,7 +2697,7 @@ static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit) struct wpabuf *buf = wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ]; size_t len; - len = sizeof(wpa_ie) - wpa_ie_len; + len = max_wpa_ie_len - wpa_ie_len; if (wpabuf_len(buf) <= len) { os_memcpy(wpa_ie + wpa_ie_len, wpabuf_head(buf), wpabuf_len(buf)); @@ -2383,7 +2709,7 @@ static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit) if (wpa_s->fst_ies) { int fst_ies_len = wpabuf_len(wpa_s->fst_ies); - if (wpa_ie_len + fst_ies_len <= sizeof(wpa_ie)) { + if (wpa_ie_len + fst_ies_len <= max_wpa_ie_len) { os_memcpy(wpa_ie + wpa_ie_len, wpabuf_head(wpa_s->fst_ies), fst_ies_len); wpa_ie_len += fst_ies_len; @@ -2392,20 +2718,249 @@ static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit) #endif /* CONFIG_FST */ #ifdef CONFIG_MBO - if (mbo) { + mbo_ie = bss ? wpa_bss_get_vendor_ie(bss, MBO_IE_VENDOR_TYPE) : NULL; + if (mbo_ie) { int len; len = wpas_mbo_ie(wpa_s, wpa_ie + wpa_ie_len, - sizeof(wpa_ie) - wpa_ie_len); + max_wpa_ie_len - wpa_ie_len, + !!mbo_attr_from_mbo_ie(mbo_ie, + OCE_ATTR_ID_CAPA_IND)); if (len >= 0) wpa_ie_len += len; } #endif /* CONFIG_MBO */ +#ifdef CONFIG_FILS + if (algs == WPA_AUTH_ALG_FILS) { + size_t len; + + len = wpas_add_fils_hlp_req(wpa_s, wpa_ie + wpa_ie_len, + max_wpa_ie_len - wpa_ie_len); + wpa_ie_len += len; + } +#endif /* CONFIG_FILS */ + +#ifdef CONFIG_OWE +#ifdef CONFIG_TESTING_OPTIONS + if (get_ie_ext(wpa_ie, wpa_ie_len, WLAN_EID_EXT_OWE_DH_PARAM)) { + wpa_printf(MSG_INFO, "TESTING: Override OWE DH element"); + } else +#endif /* CONFIG_TESTING_OPTIONS */ + if (algs == WPA_AUTH_ALG_OPEN && + ssid->key_mgmt == WPA_KEY_MGMT_OWE) { + struct wpabuf *owe_ie; + u16 group; + + if (ssid->owe_group) { + group = ssid->owe_group; + } else if (wpa_s->assoc_status_code == + WLAN_STATUS_FINITE_CYCLIC_GROUP_NOT_SUPPORTED) { + if (wpa_s->last_owe_group == 19) + group = 20; + else if (wpa_s->last_owe_group == 20) + group = 21; + else + group = OWE_DH_GROUP; + } else { + group = OWE_DH_GROUP; + } + + wpa_s->last_owe_group = group; + wpa_printf(MSG_DEBUG, "OWE: Try to use group %u", group); + owe_ie = owe_build_assoc_req(wpa_s->wpa, group); + if (owe_ie && + wpabuf_len(owe_ie) <= max_wpa_ie_len - wpa_ie_len) { + os_memcpy(wpa_ie + wpa_ie_len, + wpabuf_head(owe_ie), wpabuf_len(owe_ie)); + wpa_ie_len += wpabuf_len(owe_ie); + wpabuf_free(owe_ie); + } + } +#endif /* CONFIG_OWE */ + +#ifdef CONFIG_IEEE80211R + /* + * Add MDIE under these conditions: the network profile allows FT, + * the AP supports FT, and the mobility domain ID matches. + */ + if (bss && wpa_key_mgmt_ft(wpa_sm_get_key_mgmt(wpa_s->wpa))) { + const u8 *mdie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN); + + if (mdie && mdie[1] >= MOBILITY_DOMAIN_ID_LEN) { + size_t len = 0; + const u8 *md = mdie + 2; + const u8 *wpa_md = wpa_sm_get_ft_md(wpa_s->wpa); + + if (os_memcmp(md, wpa_md, + MOBILITY_DOMAIN_ID_LEN) == 0) { + /* Add mobility domain IE */ + len = wpa_ft_add_mdie( + wpa_s->wpa, wpa_ie + wpa_ie_len, + max_wpa_ie_len - wpa_ie_len, mdie); + wpa_ie_len += len; + } +#ifdef CONFIG_SME + if (len > 0 && wpa_s->sme.ft_used && + wpa_sm_has_ptk(wpa_s->wpa)) { + wpa_dbg(wpa_s, MSG_DEBUG, + "SME: Trying to use FT over-the-air"); + algs |= WPA_AUTH_ALG_FT; + } +#endif /* CONFIG_SME */ + } + } +#endif /* CONFIG_IEEE80211R */ + + params->wpa_ie = wpa_ie; + params->wpa_ie_len = wpa_ie_len; + params->auth_alg = algs; + if (mask) + *mask |= WPA_DRV_UPDATE_ASSOC_IES | WPA_DRV_UPDATE_AUTH_TYPE; + + return wpa_ie; +} + + +#if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL) +static void wpas_update_fils_connect_params(struct wpa_supplicant *wpa_s) +{ + struct wpa_driver_associate_params params; + enum wpa_drv_update_connect_params_mask mask = 0; + u8 *wpa_ie; + + if (wpa_s->auth_alg != WPA_AUTH_ALG_OPEN) + return; /* nothing to do */ + + os_memset(¶ms, 0, sizeof(params)); + wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss, + wpa_s->current_ssid, ¶ms, &mask); + if (!wpa_ie) + return; + + if (params.auth_alg != WPA_AUTH_ALG_FILS) { + os_free(wpa_ie); + return; + } + + wpa_s->auth_alg = params.auth_alg; + wpa_drv_update_connect_params(wpa_s, ¶ms, mask); + os_free(wpa_ie); +} +#endif /* CONFIG_FILS && IEEE8021X_EAPOL */ + + +static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit) +{ + struct wpa_connect_work *cwork = work->ctx; + struct wpa_bss *bss = cwork->bss; + struct wpa_ssid *ssid = cwork->ssid; + struct wpa_supplicant *wpa_s = work->wpa_s; + u8 *wpa_ie; + int use_crypt, ret, i, bssid_changed; + unsigned int cipher_pairwise, cipher_group, cipher_group_mgmt; + struct wpa_driver_associate_params params; + int wep_keys_set = 0; + int assoc_failed = 0; + struct wpa_ssid *old_ssid; + u8 prev_bssid[ETH_ALEN]; +#ifdef CONFIG_HT_OVERRIDES + struct ieee80211_ht_capabilities htcaps; + struct ieee80211_ht_capabilities htcaps_mask; +#endif /* CONFIG_HT_OVERRIDES */ +#ifdef CONFIG_VHT_OVERRIDES + struct ieee80211_vht_capabilities vhtcaps; + struct ieee80211_vht_capabilities vhtcaps_mask; +#endif /* CONFIG_VHT_OVERRIDES */ + + if (deinit) { + if (work->started) { + wpa_s->connect_work = NULL; + + /* cancel possible auth. timeout */ + eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, + NULL); + } + wpas_connect_work_free(cwork); + return; + } + + wpa_s->connect_work = work; + + if (cwork->bss_removed || !wpas_valid_bss_ssid(wpa_s, bss, ssid) || + wpas_network_disabled(wpa_s, ssid)) { + wpa_dbg(wpa_s, MSG_DEBUG, "BSS/SSID entry for association not valid anymore - drop connection attempt"); + wpas_connect_work_done(wpa_s); + return; + } + + os_memcpy(prev_bssid, wpa_s->bssid, ETH_ALEN); + os_memset(¶ms, 0, sizeof(params)); + wpa_s->reassociate = 0; + wpa_s->eap_expected_failure = 0; + if (bss && + (!wpas_driver_bss_selection(wpa_s) || wpas_wps_searching(wpa_s))) { +#ifdef CONFIG_IEEE80211R + const u8 *ie, *md = NULL; +#endif /* CONFIG_IEEE80211R */ + wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR + " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid), + wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq); + bssid_changed = !is_zero_ether_addr(wpa_s->bssid); + os_memset(wpa_s->bssid, 0, ETH_ALEN); + os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN); + if (bssid_changed) + wpas_notify_bssid_changed(wpa_s); +#ifdef CONFIG_IEEE80211R + ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN); + if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN) + md = ie + 2; + wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0); + if (md) { + /* Prepare for the next transition */ + wpa_ft_prepare_auth_request(wpa_s->wpa, ie); + } +#endif /* CONFIG_IEEE80211R */ +#ifdef CONFIG_WPS + } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) && + wpa_s->conf->ap_scan == 2 && + (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) { + /* Use ap_scan==1 style network selection to find the network + */ + wpas_connect_work_done(wpa_s); + wpa_s->scan_req = MANUAL_SCAN_REQ; + wpa_s->reassociate = 1; + wpa_supplicant_req_scan(wpa_s, 0, 0); + return; +#endif /* CONFIG_WPS */ + } else { + wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'", + wpa_ssid_txt(ssid->ssid, ssid->ssid_len)); + if (bss) + os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN); + else + os_memset(wpa_s->pending_bssid, 0, ETH_ALEN); + } + if (!wpa_s->pno) + wpa_supplicant_cancel_sched_scan(wpa_s); + + wpa_supplicant_cancel_scan(wpa_s); + + /* Starting new association, so clear the possibly used WPA IE from the + * previous association. */ + wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0); + + wpa_ie = wpas_populate_assoc_ies(wpa_s, bss, ssid, ¶ms, NULL); + if (!wpa_ie) { + wpas_connect_work_done(wpa_s); + return; + } + wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL); use_crypt = 1; cipher_pairwise = wpa_s->pairwise_cipher; cipher_group = wpa_s->group_cipher; + cipher_group_mgmt = wpa_s->mgmt_group_cipher; if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE || wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) { if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) @@ -2443,12 +2998,14 @@ static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit) if (bss) { params.ssid = bss->ssid; params.ssid_len = bss->ssid_len; - if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) { + if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set || + wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) { wpa_printf(MSG_DEBUG, "Limit connection to BSSID " MACSTR " freq=%u MHz based on scan results " - "(bssid_set=%d)", + "(bssid_set=%d wps=%d)", MAC2STR(bss->bssid), bss->freq, - ssid->bssid_set); + ssid->bssid_set, + wpa_s->key_mgmt == WPA_KEY_MGMT_WPS); params.bssid = bss->bssid; params.freq.freq = bss->freq; } @@ -2456,6 +3013,9 @@ static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit) params.freq_hint = bss->freq; params.pbss = bss_is_pbss(bss); } else { + if (ssid->bssid_hint_set) + params.bssid_hint = ssid->bssid_hint; + params.ssid = ssid->ssid; params.ssid_len = ssid->ssid_len; params.pbss = (ssid->pbss != 2) ? ssid->pbss : 0; @@ -2480,13 +3040,12 @@ static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit) params.beacon_int = wpa_s->conf->beacon_int; } - params.wpa_ie = wpa_ie; - params.wpa_ie_len = wpa_ie_len; params.pairwise_suite = cipher_pairwise; params.group_suite = cipher_group; + params.mgmt_group_suite = cipher_group_mgmt; params.key_mgmt_suite = wpa_s->key_mgmt; params.wpa_proto = wpa_s->wpa_proto; - params.auth_alg = algs; + wpa_s->auth_alg = params.auth_alg; params.mode = ssid->mode; params.bg_scan_period = ssid->bg_scan_period; for (i = 0; i < NUM_WEP_KEYS; i++) { @@ -2536,6 +3095,11 @@ static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit) "MFP: require MFP"); params.mgmt_frame_protection = MGMT_FRAME_PROTECTION_REQUIRED; +#ifdef CONFIG_OWE + } else if (!rsn && (ssid->key_mgmt & WPA_KEY_MGMT_OWE) && + !ssid->owe_only) { + params.mgmt_frame_protection = NO_MGMT_FRAME_PROTECTION; +#endif /* CONFIG_OWE */ } } #endif /* CONFIG_IEEE80211W */ @@ -2578,6 +3142,7 @@ static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit) if (wpas_p2p_handle_frequency_conflicts( wpa_s, params.freq.freq, ssid) < 0) { wpas_connect_work_done(wpa_s); + os_free(wpa_ie); return; } } @@ -2589,6 +3154,7 @@ static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit) params.prev_bssid = prev_bssid; ret = wpa_drv_associate(wpa_s, ¶ms); + os_free(wpa_ie); if (ret < 0) { wpa_msg(wpa_s, MSG_INFO, "Association request to the driver " "failed"); @@ -2730,8 +3296,13 @@ void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s, #ifdef CONFIG_MESH if (wpa_s->ifmsh) { + struct mesh_conf *mconf; + + mconf = wpa_s->ifmsh->mconf; wpa_msg(wpa_s, MSG_INFO, MESH_GROUP_REMOVED "%s", wpa_s->ifname); + wpas_notify_mesh_group_removed(wpa_s, mconf->meshid, + mconf->meshid_len, reason_code); wpa_supplicant_leave_mesh(wpa_s); } #endif /* CONFIG_MESH */ @@ -2756,6 +3327,7 @@ static void wpa_supplicant_enable_one_network(struct wpa_supplicant *wpa_s, return; ssid->disabled = 0; + ssid->owe_transition_bss_select_count = 0; wpas_clear_temp_disabled(wpa_s, ssid, 1); wpas_notify_network_enabled_changed(wpa_s, ssid); @@ -2921,13 +3493,19 @@ void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s, wpas_notify_network_enabled_changed( wpa_s, other_ssid); } - if (wpa_s->current_ssid) + if (wpa_s->current_ssid) { + if (wpa_s->wpa_state >= WPA_AUTHENTICATING) + wpa_s->own_disconnect_req = 1; wpa_supplicant_deauthenticate( wpa_s, WLAN_REASON_DEAUTH_LEAVING); + } } else if (ssid->disabled != 2) { - if (ssid == wpa_s->current_ssid) + if (ssid == wpa_s->current_ssid) { + if (wpa_s->wpa_state >= WPA_AUTHENTICATING) + wpa_s->own_disconnect_req = 1; wpa_supplicant_deauthenticate( wpa_s, WLAN_REASON_DEAUTH_LEAVING); + } was_disabled = ssid->disabled; @@ -3013,6 +3591,9 @@ void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s, wpa_s->disconnected = 0; wpa_s->reassociate = 1; + wpa_s->last_owe_group = 0; + if (ssid) + ssid->owe_transition_bss_select_count = 0; if (wpa_s->connect_without_scan || wpa_supplicant_fast_associate(wpa_s) != 1) { @@ -3230,6 +3811,41 @@ int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level, } +#ifdef CONFIG_OWE +static int owe_trans_ssid_match(struct wpa_supplicant *wpa_s, const u8 *bssid, + const u8 *entry_ssid, size_t entry_ssid_len) +{ + const u8 *owe, *pos, *end; + u8 ssid_len; + struct wpa_bss *bss; + + /* Check network profile SSID aganst the SSID in the + * OWE Transition Mode element. */ + + bss = wpa_bss_get_bssid_latest(wpa_s, bssid); + if (!bss) + return 0; + + owe = wpa_bss_get_vendor_ie(bss, OWE_IE_VENDOR_TYPE); + if (!owe) + return 0; + + pos = owe + 6; + end = owe + 2 + owe[1]; + + if (end - pos < ETH_ALEN + 1) + return 0; + pos += ETH_ALEN; + ssid_len = *pos++; + if (end - pos < ssid_len || ssid_len > SSID_MAX_LEN) + return 0; + + return entry_ssid_len == ssid_len && + os_memcmp(pos, entry_ssid, ssid_len) == 0; +} +#endif /* CONFIG_OWE */ + + /** * wpa_supplicant_get_ssid - Get a pointer to the current network structure * @wpa_s: Pointer to wpa_supplicant data @@ -3278,6 +3894,15 @@ struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s) return entry; #endif /* CONFIG_WPS */ +#ifdef CONFIG_OWE + if (!wpas_network_disabled(wpa_s, entry) && + owe_trans_ssid_match(wpa_s, bssid, entry->ssid, + entry->ssid_len) && + (!entry->bssid_set || + os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)) + return entry; +#endif /* CONFIG_OWE */ + if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set && entry->ssid_len == 0 && os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0) @@ -3385,16 +4010,6 @@ void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr, } #endif /* CONFIG_TESTING_OPTIONS */ -#ifdef CONFIG_PEERKEY - if (wpa_s->wpa_state > WPA_ASSOCIATED && wpa_s->current_ssid && - wpa_s->current_ssid->peerkey && - !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) && - wpa_sm_rx_eapol_peerkey(wpa_s->wpa, src_addr, buf, len) == 1) { - wpa_dbg(wpa_s, MSG_DEBUG, "RSN: Processed PeerKey EAPOL-Key"); - return; - } -#endif /* CONFIG_PEERKEY */ - if (wpa_s->wpa_state < WPA_ASSOCIATED || (wpa_s->last_eapol_matches_bssid && #ifdef CONFIG_AP @@ -3505,6 +4120,8 @@ void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr, os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN); if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) && + wpa_s->key_mgmt != WPA_KEY_MGMT_OWE && + wpa_s->key_mgmt != WPA_KEY_MGMT_DPP && eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0) return; wpa_drv_poll(wpa_s); @@ -3534,6 +4151,11 @@ int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s) wpa_supplicant_rx_eapol, wpa_s, 0); if (wpa_s->l2 == NULL) return -1; + + if (l2_packet_set_packet_filter(wpa_s->l2, + L2_PACKET_FILTER_PKTTYPE)) + wpa_dbg(wpa_s, MSG_DEBUG, + "Failed to attach pkt_type filter"); } else { const u8 *addr = wpa_drv_get_mac_addr(wpa_s); if (addr) @@ -3673,6 +4295,7 @@ wpa_supplicant_alloc(struct wpa_supplicant *parent) wpa_s->sched_scanning = 0; dl_list_init(&wpa_s->bss_tmp_disallowed); + dl_list_init(&wpa_s->fils_hlp_req); return wpa_s; } @@ -3700,8 +4323,11 @@ static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s, wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs); for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) { + long v; + errno = 0; - long v = strtol(tmp, &end, 16); + v = strtol(tmp, &end, 16); + if (errno == 0) { wpa_msg(wpa_s, MSG_DEBUG, "htcap value[%i]: %ld end: %p tmp: %p", @@ -3811,18 +4437,10 @@ static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s, struct ieee80211_ht_capabilities *htcaps_mask, int disabled) { - /* Masking these out disables HT40 */ - le16 msk = host_to_le16(HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET | - HT_CAP_INFO_SHORT_GI40MHZ); - wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled); - if (disabled) - htcaps->ht_capabilities_info &= ~msk; - else - htcaps->ht_capabilities_info |= msk; - - htcaps_mask->ht_capabilities_info |= msk; + set_disable_ht40(htcaps, disabled); + set_disable_ht40(htcaps_mask, 0); return 0; } @@ -4098,10 +4716,14 @@ static int wpas_fst_send_action_cb(void *ctx, const u8 *da, struct wpabuf *data) { struct wpa_supplicant *wpa_s = ctx; - WPA_ASSERT(os_memcmp(wpa_s->bssid, da, ETH_ALEN) == 0); + if (os_memcmp(wpa_s->bssid, da, ETH_ALEN) != 0) { + wpa_printf(MSG_INFO, "FST:%s:bssid=" MACSTR " != da=" MACSTR, + __func__, MAC2STR(wpa_s->bssid), MAC2STR(da)); + return -1; + } return wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid, - wpa_s->own_addr, wpa_s->bssid, - wpabuf_head(data), wpabuf_len(data), + wpa_s->own_addr, wpa_s->bssid, + wpabuf_head(data), wpabuf_len(data), 0); } @@ -4289,7 +4911,7 @@ static void radio_work_free(struct wpa_radio_work *work) if (work->started) { work->wpa_s->radio->num_active_works--; wpa_dbg(work->wpa_s, MSG_DEBUG, - "radio_work_free('%s'@%p: num_active_works --> %u", + "radio_work_free('%s'@%p): num_active_works --> %u", work->type, work, work->wpa_s->radio->num_active_works); } @@ -4299,6 +4921,20 @@ static void radio_work_free(struct wpa_radio_work *work) } +static int radio_work_is_connect(struct wpa_radio_work *work) +{ + return os_strcmp(work->type, "sme-connect") == 0 || + os_strcmp(work->type, "connect") == 0; +} + + +static int radio_work_is_scan(struct wpa_radio_work *work) +{ + return os_strcmp(work->type, "scan") == 0 || + os_strcmp(work->type, "p2p-scan") == 0; +} + + static struct wpa_radio_work * radio_work_get_next_work(struct wpa_radio *radio) { struct wpa_radio_work *active_work = NULL; @@ -4328,8 +4964,7 @@ static struct wpa_radio_work * radio_work_get_next_work(struct wpa_radio *radio) return NULL; } - if (os_strcmp(active_work->type, "sme-connect") == 0 || - os_strcmp(active_work->type, "connect") == 0) { + if (radio_work_is_connect(active_work)) { /* * If the active work is either connect or sme-connect, * do not parallelize them with other radio works. @@ -4348,10 +4983,20 @@ static struct wpa_radio_work * radio_work_get_next_work(struct wpa_radio *radio) * If connect or sme-connect are enqueued, parallelize only * those operations ahead of them in the queue. */ - if (os_strcmp(tmp->type, "connect") == 0 || - os_strcmp(tmp->type, "sme-connect") == 0) + if (radio_work_is_connect(tmp)) break; + /* Serialize parallel scan and p2p_scan operations on the same + * interface since the driver_nl80211 mechanism for tracking + * scan cookies does not yet have support for this. */ + if (active_work->wpa_s == tmp->wpa_s && + radio_work_is_scan(active_work) && + radio_work_is_scan(tmp)) { + wpa_dbg(active_work->wpa_s, MSG_DEBUG, + "Do not start work '%s' when another work '%s' is already scheduled", + tmp->type, active_work->type); + continue; + } /* * Check that the radio works are distinct and * on different bands. @@ -4473,6 +5118,22 @@ void radio_remove_works(struct wpa_supplicant *wpa_s, } +void radio_remove_pending_work(struct wpa_supplicant *wpa_s, void *ctx) +{ + struct wpa_radio_work *work; + struct wpa_radio *radio = wpa_s->radio; + + dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) { + if (work->ctx != ctx) + continue; + wpa_dbg(wpa_s, MSG_DEBUG, "Free pending radio work '%s'@%p%s", + work->type, work, work->started ? " (started)" : ""); + radio_work_free(work); + break; + } +} + + static void radio_remove_interface(struct wpa_supplicant *wpa_s) { struct wpa_radio *radio = wpa_s->radio; @@ -4625,7 +5286,7 @@ radio_work_pending(struct wpa_supplicant *wpa_s, const char *type) static int wpas_init_driver(struct wpa_supplicant *wpa_s, - struct wpa_interface *iface) + const struct wpa_interface *iface) { const char *ifname, *driver, *rn; @@ -4673,11 +5334,47 @@ next_driver: } +#ifdef CONFIG_GAS_SERVER + +static void wpas_gas_server_tx_status(struct wpa_supplicant *wpa_s, + unsigned int freq, const u8 *dst, + const u8 *src, const u8 *bssid, + const u8 *data, size_t data_len, + enum offchannel_send_action_result result) +{ + wpa_printf(MSG_DEBUG, "GAS: TX status: freq=%u dst=" MACSTR + " result=%s", + freq, MAC2STR(dst), + result == OFFCHANNEL_SEND_ACTION_SUCCESS ? "SUCCESS" : + (result == OFFCHANNEL_SEND_ACTION_NO_ACK ? "no-ACK" : + "FAILED")); + gas_server_tx_status(wpa_s->gas_server, dst, data, data_len, + result == OFFCHANNEL_SEND_ACTION_SUCCESS); +} + + +static void wpas_gas_server_tx(void *ctx, int freq, const u8 *da, + struct wpabuf *buf, unsigned int wait_time) +{ + struct wpa_supplicant *wpa_s = ctx; + const u8 broadcast[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }; + + if (wait_time > wpa_s->max_remain_on_chan) + wait_time = wpa_s->max_remain_on_chan; + + offchannel_send_action(wpa_s, freq, da, wpa_s->own_addr, broadcast, + wpabuf_head(buf), wpabuf_len(buf), + wait_time, wpas_gas_server_tx_status, 0); +} + +#endif /* CONFIG_GAS_SERVER */ + static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s, - struct wpa_interface *iface) + const struct wpa_interface *iface) { struct wpa_driver_capa capa; int capa_res; + u8 dfs_domain; wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver " "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname, @@ -4707,7 +5404,13 @@ static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s, return -1; } wpa_s->confanother = os_rel2abs_path(iface->confanother); - wpa_config_read(wpa_s->confanother, wpa_s->conf); + if (wpa_s->confanother && + !wpa_config_read(wpa_s->confanother, wpa_s->conf)) { + wpa_printf(MSG_ERROR, + "Failed to read or parse configuration '%s'.", + wpa_s->confanother); + return -1; + } /* * Override ctrl_interface and driver_param if set on command @@ -4805,7 +5508,8 @@ static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s, wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s, &wpa_s->hw.num_modes, - &wpa_s->hw.flags); + &wpa_s->hw.flags, + &dfs_domain); if (wpa_s->hw.modes) { u16 i; @@ -4867,8 +5571,6 @@ static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s, */ if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) wpa_s->p2p_mgmt = iface->p2p_mgmt; - else - iface->p2p_mgmt = 1; if (wpa_s->num_multichan_concurrent == 0) wpa_s->num_multichan_concurrent = 1; @@ -4877,10 +5579,7 @@ static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s, return -1; #ifdef CONFIG_TDLS - if ((!iface->p2p_mgmt || - !(wpa_s->drv_flags & - WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) && - wpa_tdls_init(wpa_s->wpa)) + if (!iface->p2p_mgmt && wpa_tdls_init(wpa_s->wpa)) return -1; #endif /* CONFIG_TDLS */ @@ -4915,6 +5614,19 @@ static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s, if (wpas_wps_init(wpa_s)) return -1; +#ifdef CONFIG_GAS_SERVER + wpa_s->gas_server = gas_server_init(wpa_s, wpas_gas_server_tx); + if (!wpa_s->gas_server) { + wpa_printf(MSG_ERROR, "Failed to initialize GAS server"); + return -1; + } +#endif /* CONFIG_GAS_SERVER */ + +#ifdef CONFIG_DPP + if (wpas_dpp_init(wpa_s) < 0) + return -1; +#endif /* CONFIG_DPP */ + if (wpa_supplicant_init_eapol(wpa_s) < 0) return -1; wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol); @@ -4939,7 +5651,9 @@ static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s, return -1; } - if (iface->p2p_mgmt && wpas_p2p_init(wpa_s->global, wpa_s) < 0) { + if ((!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) || + wpa_s->p2p_mgmt) && + wpas_p2p_init(wpa_s->global, wpa_s) < 0) { wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P"); return -1; } @@ -4947,6 +5661,12 @@ static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s, if (wpa_bss_init(wpa_s) < 0) return -1; +#ifdef CONFIG_PMKSA_CACHE_EXTERNAL +#ifdef CONFIG_MESH + dl_list_init(&wpa_s->mesh_external_pmksa_cache); +#endif /* CONFIG_MESH */ +#endif /* CONFIG_PMKSA_CACHE_EXTERNAL */ + /* * Set Wake-on-WLAN triggers, if configured. * Note: We don't restore/remove the triggers on shutdown (it doesn't @@ -4958,8 +5678,8 @@ static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s, #ifdef CONFIG_EAP_PROXY { size_t len; - wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, wpa_s->imsi, - &len); + wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, -1, + wpa_s->imsi, &len); if (wpa_s->mnc_len > 0) { wpa_s->imsi[len] = '\0'; wpa_printf(MSG_DEBUG, "eap_proxy: IMSI %s (MNC length %d)", @@ -4984,6 +5704,17 @@ static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s, hs20_init(wpa_s); #endif /* CONFIG_HS20 */ #ifdef CONFIG_MBO + if (wpa_s->conf->oce) { + if ((wpa_s->conf->oce & OCE_STA) && + (wpa_s->drv_flags & WPA_DRIVER_FLAGS_OCE_STA)) + wpa_s->enable_oce = OCE_STA; + if ((wpa_s->conf->oce & OCE_STA_CFON) && + (wpa_s->drv_flags & WPA_DRIVER_FLAGS_OCE_STA_CFON)) { + /* TODO: Need to add STA-CFON support */ + wpa_printf(MSG_ERROR, + "OCE STA-CFON feature is not yet supported"); + } + } wpas_mbo_update_non_pref_chan(wpa_s, wpa_s->conf->non_pref_chan); #endif /* CONFIG_MBO */ @@ -5248,6 +5979,7 @@ int wpa_supplicant_remove_iface(struct wpa_global *global, #ifdef CONFIG_MESH unsigned int mesh_if_created = wpa_s->mesh_if_created; char *ifname = NULL; + struct wpa_supplicant *parent = wpa_s->parent; #endif /* CONFIG_MESH */ /* Remove interface from the global list of interfaces */ @@ -5283,7 +6015,7 @@ int wpa_supplicant_remove_iface(struct wpa_global *global, #ifdef CONFIG_MESH if (mesh_if_created) { - wpa_drv_if_remove(global->ifaces, WPA_IF_MESH, ifname); + wpa_drv_if_remove(parent, WPA_IF_MESH, ifname); os_free(ifname); } #endif /* CONFIG_MESH */ @@ -5647,6 +6379,16 @@ void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s) if (wpa_s->conf->changed_parameters & CFG_CHANGED_SCHED_SCAN_PLANS) wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans); + if (wpa_s->conf->changed_parameters & CFG_CHANGED_WOWLAN_TRIGGERS) { + struct wpa_driver_capa capa; + int res = wpa_drv_get_capa(wpa_s, &capa); + + if (res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0) + wpa_printf(MSG_ERROR, + "Failed to update wowlan_triggers to '%s'", + wpa_s->conf->wowlan_triggers); + } + #ifdef CONFIG_WPS wpas_wps_update_config(wpa_s); #endif /* CONFIG_WPS */ @@ -5806,6 +6548,35 @@ void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid) } +#ifdef CONFIG_FILS +void fils_connection_failure(struct wpa_supplicant *wpa_s) +{ + struct wpa_ssid *ssid = wpa_s->current_ssid; + const u8 *realm, *username, *rrk; + size_t realm_len, username_len, rrk_len; + u16 next_seq_num; + + if (!ssid || !ssid->eap.erp || !wpa_key_mgmt_fils(ssid->key_mgmt) || + eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap, + &username, &username_len, + &realm, &realm_len, &next_seq_num, + &rrk, &rrk_len) != 0 || + !realm) + return; + + wpa_hexdump_ascii(MSG_DEBUG, + "FILS: Store last connection failure realm", + realm, realm_len); + os_free(wpa_s->last_con_fail_realm); + wpa_s->last_con_fail_realm = os_malloc(realm_len); + if (wpa_s->last_con_fail_realm) { + wpa_s->last_con_fail_realm_len = realm_len; + os_memcpy(wpa_s->last_con_fail_realm, realm, realm_len); + } +} +#endif /* CONFIG_FILS */ + + int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s) { return wpa_s->conf->ap_scan == 2 || @@ -5876,6 +6647,7 @@ int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s, case WPA_CTRL_REQ_SIM: str_clear_free(eap->external_sim_resp); eap->external_sim_resp = os_strdup(value); + eap->pending_req_sim = 0; break; case WPA_CTRL_REQ_PSK_PASSPHRASE: if (wpa_config_set(ssid, "psk", value, 0) < 0) @@ -5944,6 +6716,7 @@ int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid) if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set && (!ssid->passphrase || ssid->ssid_len != 0) && !ssid->ext_psk && + !(wpa_key_mgmt_sae(ssid->key_mgmt) && ssid->sae_password) && !ssid->mem_only_psk) return 1; @@ -6128,6 +6901,7 @@ void wpas_request_connection(struct wpa_supplicant *wpa_s) wpa_s->extra_blacklist_count = 0; wpa_s->disconnected = 0; wpa_s->reassociate = 1; + wpa_s->last_owe_group = 0; if (wpa_supplicant_fast_associate(wpa_s) != 1) wpa_supplicant_req_scan(wpa_s, 0, 0); @@ -6254,489 +7028,6 @@ int get_shared_radio_freqs(struct wpa_supplicant *wpa_s, } -static void wpas_rrm_neighbor_rep_timeout_handler(void *data, void *user_ctx) -{ - struct rrm_data *rrm = data; - - if (!rrm->notify_neighbor_rep) { - wpa_printf(MSG_ERROR, - "RRM: Unexpected neighbor report timeout"); - return; - } - - wpa_printf(MSG_DEBUG, "RRM: Notifying neighbor report - NONE"); - rrm->notify_neighbor_rep(rrm->neighbor_rep_cb_ctx, NULL); - - rrm->notify_neighbor_rep = NULL; - rrm->neighbor_rep_cb_ctx = NULL; -} - - -/* - * wpas_rrm_reset - Clear and reset all RRM data in wpa_supplicant - * @wpa_s: Pointer to wpa_supplicant - */ -void wpas_rrm_reset(struct wpa_supplicant *wpa_s) -{ - wpa_s->rrm.rrm_used = 0; - - eloop_cancel_timeout(wpas_rrm_neighbor_rep_timeout_handler, &wpa_s->rrm, - NULL); - if (wpa_s->rrm.notify_neighbor_rep) - wpas_rrm_neighbor_rep_timeout_handler(&wpa_s->rrm, NULL); - wpa_s->rrm.next_neighbor_rep_token = 1; -} - - -/* - * wpas_rrm_process_neighbor_rep - Handle incoming neighbor report - * @wpa_s: Pointer to wpa_supplicant - * @report: Neighbor report buffer, prefixed by a 1-byte dialog token - * @report_len: Length of neighbor report buffer - */ -void wpas_rrm_process_neighbor_rep(struct wpa_supplicant *wpa_s, - const u8 *report, size_t report_len) -{ - struct wpabuf *neighbor_rep; - - wpa_hexdump(MSG_DEBUG, "RRM: New Neighbor Report", report, report_len); - if (report_len < 1) - return; - - if (report[0] != wpa_s->rrm.next_neighbor_rep_token - 1) { - wpa_printf(MSG_DEBUG, - "RRM: Discarding neighbor report with token %d (expected %d)", - report[0], wpa_s->rrm.next_neighbor_rep_token - 1); - return; - } - - eloop_cancel_timeout(wpas_rrm_neighbor_rep_timeout_handler, &wpa_s->rrm, - NULL); - - if (!wpa_s->rrm.notify_neighbor_rep) { - wpa_printf(MSG_ERROR, "RRM: Unexpected neighbor report"); - return; - } - - /* skipping the first byte, which is only an id (dialog token) */ - neighbor_rep = wpabuf_alloc(report_len - 1); - if (neighbor_rep == NULL) - return; - wpabuf_put_data(neighbor_rep, report + 1, report_len - 1); - wpa_printf(MSG_DEBUG, "RRM: Notifying neighbor report (token = %d)", - report[0]); - wpa_s->rrm.notify_neighbor_rep(wpa_s->rrm.neighbor_rep_cb_ctx, - neighbor_rep); - wpa_s->rrm.notify_neighbor_rep = NULL; - wpa_s->rrm.neighbor_rep_cb_ctx = NULL; -} - - -#if defined(__CYGWIN__) || defined(CONFIG_NATIVE_WINDOWS) -/* Workaround different, undefined for Windows, error codes used here */ -#define ENOTCONN -1 -#define EOPNOTSUPP -1 -#define ECANCELED -1 -#endif - -/* Measurement Request element + Location Subject + Maximum Age subelement */ -#define MEASURE_REQUEST_LCI_LEN (3 + 1 + 4) -/* Measurement Request element + Location Civic Request */ -#define MEASURE_REQUEST_CIVIC_LEN (3 + 5) - - -/** - * wpas_rrm_send_neighbor_rep_request - Request a neighbor report from our AP - * @wpa_s: Pointer to wpa_supplicant - * @ssid: if not null, this is sent in the request. Otherwise, no SSID IE - * is sent in the request. - * @lci: if set, neighbor request will include LCI request - * @civic: if set, neighbor request will include civic location request - * @cb: Callback function to be called once the requested report arrives, or - * timed out after RRM_NEIGHBOR_REPORT_TIMEOUT seconds. - * In the former case, 'neighbor_rep' is a newly allocated wpabuf, and it's - * the requester's responsibility to free it. - * In the latter case NULL will be sent in 'neighbor_rep'. - * @cb_ctx: Context value to send the callback function - * Returns: 0 in case of success, negative error code otherwise - * - * In case there is a previous request which has not been answered yet, the - * new request fails. The caller may retry after RRM_NEIGHBOR_REPORT_TIMEOUT. - * Request must contain a callback function. - */ -int wpas_rrm_send_neighbor_rep_request(struct wpa_supplicant *wpa_s, - const struct wpa_ssid_value *ssid, - int lci, int civic, - void (*cb)(void *ctx, - struct wpabuf *neighbor_rep), - void *cb_ctx) -{ - struct wpabuf *buf; - const u8 *rrm_ie; - - if (wpa_s->wpa_state != WPA_COMPLETED || wpa_s->current_ssid == NULL) { - wpa_printf(MSG_DEBUG, "RRM: No connection, no RRM."); - return -ENOTCONN; - } - - if (!wpa_s->rrm.rrm_used) { - wpa_printf(MSG_DEBUG, "RRM: No RRM in current connection."); - return -EOPNOTSUPP; - } - - rrm_ie = wpa_bss_get_ie(wpa_s->current_bss, - WLAN_EID_RRM_ENABLED_CAPABILITIES); - if (!rrm_ie || !(wpa_s->current_bss->caps & IEEE80211_CAP_RRM) || - !(rrm_ie[2] & WLAN_RRM_CAPS_NEIGHBOR_REPORT)) { - wpa_printf(MSG_DEBUG, - "RRM: No network support for Neighbor Report."); - return -EOPNOTSUPP; - } - - if (!cb) { - wpa_printf(MSG_DEBUG, - "RRM: Neighbor Report request must provide a callback."); - return -EINVAL; - } - - /* Refuse if there's a live request */ - if (wpa_s->rrm.notify_neighbor_rep) { - wpa_printf(MSG_DEBUG, - "RRM: Currently handling previous Neighbor Report."); - return -EBUSY; - } - - /* 3 = action category + action code + dialog token */ - buf = wpabuf_alloc(3 + (ssid ? 2 + ssid->ssid_len : 0) + - (lci ? 2 + MEASURE_REQUEST_LCI_LEN : 0) + - (civic ? 2 + MEASURE_REQUEST_CIVIC_LEN : 0)); - if (buf == NULL) { - wpa_printf(MSG_DEBUG, - "RRM: Failed to allocate Neighbor Report Request"); - return -ENOMEM; - } - - wpa_printf(MSG_DEBUG, "RRM: Neighbor report request (for %s), token=%d", - (ssid ? wpa_ssid_txt(ssid->ssid, ssid->ssid_len) : ""), - wpa_s->rrm.next_neighbor_rep_token); - - wpabuf_put_u8(buf, WLAN_ACTION_RADIO_MEASUREMENT); - wpabuf_put_u8(buf, WLAN_RRM_NEIGHBOR_REPORT_REQUEST); - wpabuf_put_u8(buf, wpa_s->rrm.next_neighbor_rep_token); - if (ssid) { - wpabuf_put_u8(buf, WLAN_EID_SSID); - wpabuf_put_u8(buf, ssid->ssid_len); - wpabuf_put_data(buf, ssid->ssid, ssid->ssid_len); - } - - if (lci) { - /* IEEE P802.11-REVmc/D5.0 9.4.2.21 */ - wpabuf_put_u8(buf, WLAN_EID_MEASURE_REQUEST); - wpabuf_put_u8(buf, MEASURE_REQUEST_LCI_LEN); - - /* - * Measurement token; nonzero number that is unique among the - * Measurement Request elements in a particular frame. - */ - wpabuf_put_u8(buf, 1); /* Measurement Token */ - - /* - * Parallel, Enable, Request, and Report bits are 0, Duration is - * reserved. - */ - wpabuf_put_u8(buf, 0); /* Measurement Request Mode */ - wpabuf_put_u8(buf, MEASURE_TYPE_LCI); /* Measurement Type */ - - /* IEEE P802.11-REVmc/D5.0 9.4.2.21.10 - LCI request */ - /* Location Subject */ - wpabuf_put_u8(buf, LOCATION_SUBJECT_REMOTE); - - /* Optional Subelements */ - /* - * IEEE P802.11-REVmc/D5.0 Figure 9-170 - * The Maximum Age subelement is required, otherwise the AP can - * send only data that was determined after receiving the - * request. Setting it here to unlimited age. - */ - wpabuf_put_u8(buf, LCI_REQ_SUBELEM_MAX_AGE); - wpabuf_put_u8(buf, 2); - wpabuf_put_le16(buf, 0xffff); - } - - if (civic) { - /* IEEE P802.11-REVmc/D5.0 9.4.2.21 */ - wpabuf_put_u8(buf, WLAN_EID_MEASURE_REQUEST); - wpabuf_put_u8(buf, MEASURE_REQUEST_CIVIC_LEN); - - /* - * Measurement token; nonzero number that is unique among the - * Measurement Request elements in a particular frame. - */ - wpabuf_put_u8(buf, 2); /* Measurement Token */ - - /* - * Parallel, Enable, Request, and Report bits are 0, Duration is - * reserved. - */ - wpabuf_put_u8(buf, 0); /* Measurement Request Mode */ - /* Measurement Type */ - wpabuf_put_u8(buf, MEASURE_TYPE_LOCATION_CIVIC); - - /* IEEE P802.11-REVmc/D5.0 9.4.2.21.14: - * Location Civic request */ - /* Location Subject */ - wpabuf_put_u8(buf, LOCATION_SUBJECT_REMOTE); - wpabuf_put_u8(buf, 0); /* Civic Location Type: IETF RFC 4776 */ - /* Location Service Interval Units: Seconds */ - wpabuf_put_u8(buf, 0); - /* Location Service Interval: 0 - Only one report is requested - */ - wpabuf_put_le16(buf, 0); - /* No optional subelements */ - } - - wpa_s->rrm.next_neighbor_rep_token++; - - if (wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid, - wpa_s->own_addr, wpa_s->bssid, - wpabuf_head(buf), wpabuf_len(buf), 0) < 0) { - wpa_printf(MSG_DEBUG, - "RRM: Failed to send Neighbor Report Request"); - wpabuf_free(buf); - return -ECANCELED; - } - - wpa_s->rrm.neighbor_rep_cb_ctx = cb_ctx; - wpa_s->rrm.notify_neighbor_rep = cb; - eloop_register_timeout(RRM_NEIGHBOR_REPORT_TIMEOUT, 0, - wpas_rrm_neighbor_rep_timeout_handler, - &wpa_s->rrm, NULL); - - wpabuf_free(buf); - return 0; -} - - -static struct wpabuf * wpas_rrm_build_lci_report(struct wpa_supplicant *wpa_s, - const u8 *request, size_t len, - struct wpabuf *report) -{ - u8 token, type, subject; - u16 max_age = 0; - struct os_reltime t, diff; - unsigned long diff_l; - u8 *ptoken; - const u8 *subelem; - - if (!wpa_s->lci || len < 3 + 4) - return report; - - token = *request++; - /* Measurement request mode isn't used */ - request++; - type = *request++; - subject = *request++; - - wpa_printf(MSG_DEBUG, - "Measurement request token %u type %u location subject %u", - token, type, subject); - - if (type != MEASURE_TYPE_LCI || subject != LOCATION_SUBJECT_REMOTE) { - wpa_printf(MSG_INFO, - "Not building LCI report - bad type or location subject"); - return report; - } - - /* Subelements are formatted exactly like elements */ - subelem = get_ie(request, len, LCI_REQ_SUBELEM_MAX_AGE); - if (subelem && subelem[1] == 2) - max_age = WPA_GET_LE16(subelem + 2); - - if (os_get_reltime(&t)) - return report; - - os_reltime_sub(&t, &wpa_s->lci_time, &diff); - /* LCI age is calculated in 10th of a second units. */ - diff_l = diff.sec * 10 + diff.usec / 100000; - - if (max_age != 0xffff && max_age < diff_l) - return report; - - if (wpabuf_resize(&report, 2 + wpabuf_len(wpa_s->lci))) - return report; - - wpabuf_put_u8(report, WLAN_EID_MEASURE_REPORT); - wpabuf_put_u8(report, wpabuf_len(wpa_s->lci)); - /* We'll override user's measurement token */ - ptoken = wpabuf_put(report, 0); - wpabuf_put_buf(report, wpa_s->lci); - *ptoken = token; - - return report; -} - - -void wpas_rrm_handle_radio_measurement_request(struct wpa_supplicant *wpa_s, - const u8 *src, - const u8 *frame, size_t len) -{ - struct wpabuf *buf, *report; - u8 token; - const u8 *ie, *end; - - if (wpa_s->wpa_state != WPA_COMPLETED) { - wpa_printf(MSG_INFO, - "RRM: Ignoring radio measurement request: Not associated"); - return; - } - - if (!wpa_s->rrm.rrm_used) { - wpa_printf(MSG_INFO, - "RRM: Ignoring radio measurement request: Not RRM network"); - return; - } - - if (len < 3) { - wpa_printf(MSG_INFO, - "RRM: Ignoring too short radio measurement request"); - return; - } - - end = frame + len; - - token = *frame++; - - /* Ignore number of repetitions because it's not used in LCI request */ - frame += 2; - - report = NULL; - while ((ie = get_ie(frame, end - frame, WLAN_EID_MEASURE_REQUEST)) && - ie[1] >= 3) { - u8 msmt_type; - - msmt_type = ie[4]; - wpa_printf(MSG_DEBUG, "RRM request %d", msmt_type); - - switch (msmt_type) { - case MEASURE_TYPE_LCI: - report = wpas_rrm_build_lci_report(wpa_s, ie + 2, ie[1], - report); - break; - default: - wpa_printf(MSG_INFO, - "RRM: Unsupported radio measurement request %d", - msmt_type); - break; - } - - frame = ie + ie[1] + 2; - } - - if (!report) - return; - - buf = wpabuf_alloc(3 + wpabuf_len(report)); - if (!buf) { - wpabuf_free(report); - return; - } - - wpabuf_put_u8(buf, WLAN_ACTION_RADIO_MEASUREMENT); - wpabuf_put_u8(buf, WLAN_RRM_RADIO_MEASUREMENT_REPORT); - wpabuf_put_u8(buf, token); - - wpabuf_put_buf(buf, report); - wpabuf_free(report); - - if (wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, src, - wpa_s->own_addr, wpa_s->bssid, - wpabuf_head(buf), wpabuf_len(buf), 0)) { - wpa_printf(MSG_ERROR, - "RRM: Radio measurement report failed: Sending Action frame failed"); - } - wpabuf_free(buf); -} - - -void wpas_rrm_handle_link_measurement_request(struct wpa_supplicant *wpa_s, - const u8 *src, - const u8 *frame, size_t len, - int rssi) -{ - struct wpabuf *buf; - const struct rrm_link_measurement_request *req; - struct rrm_link_measurement_report report; - - if (wpa_s->wpa_state != WPA_COMPLETED) { - wpa_printf(MSG_INFO, - "RRM: Ignoring link measurement request. Not associated"); - return; - } - - if (!wpa_s->rrm.rrm_used) { - wpa_printf(MSG_INFO, - "RRM: Ignoring link measurement request. Not RRM network"); - return; - } - - if (!(wpa_s->drv_rrm_flags & WPA_DRIVER_FLAGS_TX_POWER_INSERTION)) { - wpa_printf(MSG_INFO, - "RRM: Measurement report failed. TX power insertion not supported"); - return; - } - - req = (const struct rrm_link_measurement_request *) frame; - if (len < sizeof(*req)) { - wpa_printf(MSG_INFO, - "RRM: Link measurement report failed. Request too short"); - return; - } - - os_memset(&report, 0, sizeof(report)); - report.tpc.eid = WLAN_EID_TPC_REPORT; - report.tpc.len = 2; - report.rsni = 255; /* 255 indicates that RSNI is not available */ - report.dialog_token = req->dialog_token; - - /* - * It's possible to estimate RCPI based on RSSI in dBm. This - * calculation will not reflect the correct value for high rates, - * but it's good enough for Action frames which are transmitted - * with up to 24 Mbps rates. - */ - if (!rssi) - report.rcpi = 255; /* not available */ - else if (rssi < -110) - report.rcpi = 0; - else if (rssi > 0) - report.rcpi = 220; - else - report.rcpi = (rssi + 110) * 2; - - /* action_category + action_code */ - buf = wpabuf_alloc(2 + sizeof(report)); - if (buf == NULL) { - wpa_printf(MSG_ERROR, - "RRM: Link measurement report failed. Buffer allocation failed"); - return; - } - - wpabuf_put_u8(buf, WLAN_ACTION_RADIO_MEASUREMENT); - wpabuf_put_u8(buf, WLAN_RRM_LINK_MEASUREMENT_REPORT); - wpabuf_put_data(buf, &report, sizeof(report)); - wpa_hexdump(MSG_DEBUG, "RRM: Link measurement report:", - wpabuf_head(buf), wpabuf_len(buf)); - - if (wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, src, - wpa_s->own_addr, wpa_s->bssid, - wpabuf_head(buf), wpabuf_len(buf), 0)) { - wpa_printf(MSG_ERROR, - "RRM: Link measurement report failed. Send action failed"); - } - wpabuf_free(buf); -} - - struct wpa_supplicant * wpas_vendor_elem(struct wpa_supplicant *wpa_s, enum wpa_vendor_elem_frame frame) { @@ -6850,18 +7141,56 @@ wpa_bss_tmp_disallowed * wpas_get_disallowed_bss(struct wpa_supplicant *wpa_s, } +static int wpa_set_driver_tmp_disallow_list(struct wpa_supplicant *wpa_s) +{ + struct wpa_bss_tmp_disallowed *tmp; + unsigned int num_bssid = 0; + u8 *bssids; + int ret; + + bssids = os_malloc(dl_list_len(&wpa_s->bss_tmp_disallowed) * ETH_ALEN); + if (!bssids) + return -1; + dl_list_for_each(tmp, &wpa_s->bss_tmp_disallowed, + struct wpa_bss_tmp_disallowed, list) { + os_memcpy(&bssids[num_bssid * ETH_ALEN], tmp->bssid, + ETH_ALEN); + num_bssid++; + } + ret = wpa_drv_set_bssid_blacklist(wpa_s, num_bssid, bssids); + os_free(bssids); + return ret; +} + + +static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx, void *timeout_ctx) +{ + struct wpa_supplicant *wpa_s = eloop_ctx; + struct wpa_bss_tmp_disallowed *tmp, *bss = timeout_ctx; + + /* Make sure the bss is not already freed */ + dl_list_for_each(tmp, &wpa_s->bss_tmp_disallowed, + struct wpa_bss_tmp_disallowed, list) { + if (bss == tmp) { + dl_list_del(&tmp->list); + os_free(tmp); + wpa_set_driver_tmp_disallow_list(wpa_s); + break; + } + } +} + + void wpa_bss_tmp_disallow(struct wpa_supplicant *wpa_s, const u8 *bssid, unsigned int sec) { struct wpa_bss_tmp_disallowed *bss; - struct os_reltime until; - - os_get_reltime(&until); - until.sec += sec; bss = wpas_get_disallowed_bss(wpa_s, bssid); if (bss) { - bss->disallowed_until = until; + eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout, wpa_s, bss); + eloop_register_timeout(sec, 0, wpa_bss_tmp_disallow_timeout, + wpa_s, bss); return; } @@ -6872,27 +7201,20 @@ void wpa_bss_tmp_disallow(struct wpa_supplicant *wpa_s, const u8 *bssid, return; } - bss->disallowed_until = until; os_memcpy(bss->bssid, bssid, ETH_ALEN); dl_list_add(&wpa_s->bss_tmp_disallowed, &bss->list); + wpa_set_driver_tmp_disallow_list(wpa_s); + eloop_register_timeout(sec, 0, wpa_bss_tmp_disallow_timeout, + wpa_s, bss); } int wpa_is_bss_tmp_disallowed(struct wpa_supplicant *wpa_s, const u8 *bssid) { struct wpa_bss_tmp_disallowed *bss = NULL, *tmp, *prev; - struct os_reltime now, age; - - os_get_reltime(&now); dl_list_for_each_safe(tmp, prev, &wpa_s->bss_tmp_disallowed, struct wpa_bss_tmp_disallowed, list) { - if (!os_reltime_before(&now, &tmp->disallowed_until)) { - /* This BSS is not disallowed anymore */ - dl_list_del(&tmp->list); - os_free(tmp); - continue; - } if (os_memcmp(bssid, tmp->bssid, ETH_ALEN) == 0) { bss = tmp; break; @@ -6901,9 +7223,5 @@ int wpa_is_bss_tmp_disallowed(struct wpa_supplicant *wpa_s, const u8 *bssid) if (!bss) return 0; - os_reltime_sub(&bss->disallowed_until, &now, &age); - wpa_printf(MSG_DEBUG, - "BSS " MACSTR " disabled for %ld.%0ld seconds", - MAC2STR(bss->bssid), age.sec, age.usec); return 1; } diff --git a/contrib/wpa/wpa_supplicant/wpa_supplicant.conf b/contrib/wpa/wpa_supplicant/wpa_supplicant.conf index b2e49d8ae325..250b18720222 100644 --- a/contrib/wpa/wpa_supplicant/wpa_supplicant.conf +++ b/contrib/wpa/wpa_supplicant/wpa_supplicant.conf @@ -87,9 +87,7 @@ eapol_version=1 # parameters (e.g., WPA IE generation); this mode can also be used with # non-WPA drivers when using IEEE 802.1X mode; do not try to associate with # APs (i.e., external program needs to control association). This mode must -# also be used when using wired Ethernet drivers. -# Note: macsec_qca driver is one type of Ethernet driver which implements -# macsec feature. +# also be used when using wired Ethernet drivers (including MACsec). # 2: like 0, but associate with APs using security policy and SSID (but not # BSSID); this can be used, e.g., with ndiswrapper and NDIS drivers to # enable operation with hidden SSIDs and optimized roaming; in this mode, @@ -173,13 +171,13 @@ fast_reauth=1 # OpenSSL cipher string # # This is an OpenSSL specific configuration option for configuring the default -# ciphers. If not set, "DEFAULT:!EXP:!LOW" is used as the default. +# ciphers. If not set, the value configured at build time ("DEFAULT:!EXP:!LOW" +# by default) is used. # See https://www.openssl.org/docs/apps/ciphers.html for OpenSSL documentation # on cipher suite configuration. This is applicable only if wpa_supplicant is # built to use OpenSSL. #openssl_ciphers=DEFAULT:!EXP:!LOW - # Dynamic EAP methods # If EAP methods were built dynamically as shared object files, they need to be # loaded here before being used in the network blocks. By default, EAP methods @@ -208,9 +206,15 @@ fast_reauth=1 # Wi-Fi Protected Setup (WPS) parameters # Universally Unique IDentifier (UUID; see RFC 4122) of the device -# If not configured, UUID will be generated based on the local MAC address. +# If not configured, UUID will be generated based on the mechanism selected with +# the auto_uuid parameter. #uuid=12345678-9abc-def0-1234-56789abcdef0 +# Automatic UUID behavior +# 0 = generate static value based on the local MAC address (default) +# 1 = generate a random UUID every time wpa_supplicant starts +#auto_uuid=0 + # Device Name # User-friendly description of device; up to 32 octets encoded in UTF-8 #device_name=Wireless Client @@ -412,11 +416,50 @@ fast_reauth=1 # 2 = like 1, but maintain OUI (with local admin bit set) #preassoc_mac_addr=0 +# MAC address policy for GAS operations +# 0 = use permanent MAC address +# 1 = use random MAC address +# 2 = like 1, but maintain OUI (with local admin bit set) +#gas_rand_mac_addr=0 + +# Lifetime of GAS random MAC address in seconds (default: 60) +#gas_rand_addr_lifetime=60 + # Interworking (IEEE 802.11u) # Enable Interworking # interworking=1 +# Enable P2P GO advertisement of Interworking +# go_interworking=1 + +# P2P GO Interworking: Access Network Type +# 0 = Private network +# 1 = Private network with guest access +# 2 = Chargeable public network +# 3 = Free public network +# 4 = Personal device network +# 5 = Emergency services only network +# 14 = Test or experimental +# 15 = Wildcard +#go_access_network_type=0 + +# P2P GO Interworking: Whether the network provides connectivity to the Internet +# 0 = Unspecified +# 1 = Network provides connectivity to the Internet +#go_internet=1 + +# P2P GO Interworking: Group Venue Info (optional) +# The available values are defined in IEEE Std 802.11-2016, 9.4.1.35. +# Example values (group,type): +# 0,0 = Unspecified +# 1,7 = Convention Center +# 1,13 = Coffee Shop +# 2,0 = Unspecified Business +# 7,1 Private Residence +#go_venue_group=7 +#go_venue_type=1 + # Homogenous ESS identifier # If this is set, scans will be used to request response only from BSSes # belonging to the specified Homogeneous ESS. This is used only if interworking @@ -542,6 +585,20 @@ fast_reauth=1 # pre-configured with the credential since the NAI Realm information # may not be available or fetched. # +# required_roaming_consortium: Required Roaming Consortium OI +# If required_roaming_consortium_len is non-zero, this field contains the +# Roaming Consortium OI that is required to be advertised by the AP for +# the credential to be considered matching. +# +# roaming_consortiums: Roaming Consortium OI(s) memberships +# This string field contains one or more comma delimited OIs (hexdump) +# identifying the roaming consortiums of which the provider is a member. +# The list is sorted from the most preferred one to the least preferred +# one. A match between the Roaming Consortium OIs advertised by an AP and +# the OIs in this list indicates that successful authentication is +# possible. +# (Hotspot 2.0 PerProviderSubscription/<X+>/HomeSP/RoamingConsortiumOI) +# # eap: Pre-configured EAP method # This optional field can be used to specify which EAP method will be # used with this credential. If not set, the EAP method is selected @@ -669,7 +726,7 @@ fast_reauth=1 # Format: # non_pref_chan=<oper_class>:<chan>:<preference>:<reason> # Example: -# non_pref_chan="81:5:10:2 81:1:0:2 81:9:0:2" +# non_pref_chan=81:5:10:2 81:1:0:2 81:9:0:2 # MBO Cellular Data Capabilities # 1 = Cellular data connection available @@ -677,6 +734,13 @@ fast_reauth=1 # 3 = Not cellular capable (default) #mbo_cell_capa=3 +# Optimized Connectivity Experience (OCE) +# oce: Enable OCE features (bitmap) +# Set BIT(0) to Enable OCE in non-AP STA mode (default; disabled if the driver +# does not indicate support for OCE in STA mode) +# Set BIT(1) to Enable OCE in STA-CFON mode +#oce=1 + # network block # # Each network (usually AP's sharing the same SSID) is configured as a separate @@ -789,6 +853,7 @@ fast_reauth=1 # proto: list of accepted protocols # WPA = WPA/IEEE 802.11i/D3.0 # RSN = WPA2/IEEE 802.11i (also WPA2 can be used as an alias for RSN) +# Note that RSN is used also for WPA3. # If not set, this defaults to: WPA RSN # # key_mgmt: list of accepted authenticated key management protocols @@ -801,15 +866,23 @@ fast_reauth=1 # instead) # FT-PSK = Fast BSS Transition (IEEE 802.11r) with pre-shared key # FT-EAP = Fast BSS Transition (IEEE 802.11r) with EAP authentication +# FT-EAP-SHA384 = Fast BSS Transition (IEEE 802.11r) with EAP authentication +# and using SHA384 # WPA-PSK-SHA256 = Like WPA-PSK but using stronger SHA256-based algorithms # WPA-EAP-SHA256 = Like WPA-EAP but using stronger SHA256-based algorithms # SAE = Simultaneous authentication of equals; pre-shared key/password -based # authentication with stronger security than WPA-PSK especially when using -# not that strong password +# not that strong password; a.k.a. WPA3-Personal # FT-SAE = SAE with FT # WPA-EAP-SUITE-B = Suite B 128-bit level # WPA-EAP-SUITE-B-192 = Suite B 192-bit level # OSEN = Hotspot 2.0 Rel 2 online signup connection +# FILS-SHA256 = Fast Initial Link Setup with SHA256 +# FILS-SHA384 = Fast Initial Link Setup with SHA384 +# FT-FILS-SHA256 = FT and Fast Initial Link Setup with SHA256 +# FT-FILS-SHA384 = FT and Fast Initial Link Setup with SHA384 +# OWE = Opportunistic Wireless Encryption (a.k.a. Enhanced Open) +# DPP = Device Provisioning Protocol # If not set, this defaults to: WPA-PSK WPA-EAP # # ieee80211w: whether management frame protection is enabled @@ -843,6 +916,14 @@ fast_reauth=1 # WEP40 = WEP (Wired Equivalent Privacy) with 40-bit key [IEEE 802.11] # If not set, this defaults to: CCMP TKIP WEP104 WEP40 # +# group_mgmt: list of accepted group management ciphers for RSN (PMF) +# AES-128-CMAC = BIP-CMAC-128 +# BIP-GMAC-128 +# BIP-GMAC-256 +# BIP-CMAC-256 +# If not set, no constraint on the cipher, i.e., accept whichever cipher the AP +# indicates. +# # psk: WPA preshared key; 256-bit pre-shared key # The key used in WPA-PSK mode can be entered either as 64 hex-digits, i.e., # 32 bytes or as an ASCII passphrase (in which case, the real PSK will be @@ -860,22 +941,54 @@ fast_reauth=1 # 1 = do not store psk/passphrase to the configuration file #mem_only_psk=0 # +# sae_password: SAE password +# This parameter can be used to set a password for SAE. By default, the +# passphrase from the psk parameter is used if this separate parameter is not +# used, but psk follows the WPA-PSK constraints (8..63 characters) even though +# SAE passwords do not have such constraints. +# +# sae_password_id: SAE password identifier +# This parameter can be used to set an identifier for the SAE password. By +# default, no such identifier is used. If set, the specified identifier value +# is used by the other peer to select which password to use for authentication. +# # eapol_flags: IEEE 802.1X/EAPOL options (bit field) # Dynamic WEP key required for non-WPA mode # bit0 (1): require dynamically generated unicast WEP key # bit1 (2): require dynamically generated broadcast WEP key # (3 = require both keys; default) -# Note: When using wired authentication (including macsec_qca driver), +# Note: When using wired authentication (including MACsec drivers), # eapol_flags must be set to 0 for the authentication to be completed # successfully. # # macsec_policy: IEEE 802.1X/MACsec options -# This determines how sessions are secured with MACsec. It is currently -# applicable only when using the macsec_qca driver interface. +# This determines how sessions are secured with MACsec (only for MACsec +# drivers). # 0: MACsec not in use (default) # 1: MACsec enabled - Should secure, accept key server's advice to # determine whether to use a secure session or not. # +# macsec_integ_only: IEEE 802.1X/MACsec transmit mode +# This setting applies only when MACsec is in use, i.e., +# - macsec_policy is enabled +# - the key server has decided to enable MACsec +# 0: Encrypt traffic (default) +# 1: Integrity only +# +# macsec_port: IEEE 802.1X/MACsec port +# Port component of the SCI +# Range: 1-65534 (default: 1) +# +# mka_cak, mka_ckn, and mka_priority: IEEE 802.1X/MACsec pre-shared key mode +# This allows to configure MACsec with a pre-shared key using a (CAK,CKN) pair. +# In this mode, instances of wpa_supplicant can act as MACsec peers. The peer +# with lower priority will become the key server and start distributing SAKs. +# mka_cak (CAK = Secure Connectivity Association Key) takes a 16-bytes (128 bit) +# hex-string (32 hex-digits) +# mka_ckn (CKN = CAK Name) takes a 32-bytes (256 bit) hex-string (64 hex-digits) +# mka_priority (Priority of MKA Actor) is in 0..255 range with 255 being +# default priority +# # mixed_cell: This option can be used to configure whether so called mixed # cells, i.e., networks that use both plaintext and encryption in the same # SSID, are allowed when selecting a BSS from scan results. @@ -891,18 +1004,12 @@ fast_reauth=1 # hex without quotation, e.g., 0102030405) # wep_tx_keyidx: Default WEP key index (TX) (0..3) # -# peerkey: Whether PeerKey negotiation for direct links (IEEE 802.11e DLS) is -# allowed. This is only used with RSN/WPA2. -# 0 = disabled (default) -# 1 = enabled -#peerkey=1 -# # wpa_ptk_rekey: Maximum lifetime for PTK in seconds. This can be used to # enforce rekeying of PTK to mitigate some attacks against TKIP deficiencies. # # group_rekey: Group rekeying time in seconds. This value, if non-zero, is used # as the dot11RSNAConfigGroupRekeyTime parameter when operating in -# Authenticator role in IBSS. +# Authenticator role in IBSS, or in AP and mesh modes. # # Following fields are only used with internal EAP implementation. # eap: space-separated list of accepted EAP methods @@ -1101,12 +1208,17 @@ fast_reauth=1 # that have issues interoperating with updated TLS version) # tls_disable_tlsv1_2=1 - disable use of TLSv1.2 (a workaround for AAA servers # that have issues interoperating with updated TLS version) +# tls_disable_tlsv1_3=1 - disable use of TLSv1.3 (a workaround for AAA servers +# that have issues interoperating with updated TLS version) # tls_ext_cert_check=0 - No external server certificate validation (default) # tls_ext_cert_check=1 - External server certificate validation enabled; this # requires an external program doing validation of server certificate # chain when receiving CTRL-RSP-EXT_CERT_CHECK event from the control # interface and report the result of the validation with # CTRL-RSP_EXT_CERT_CHECK. +# tls_suiteb=0 - do not apply Suite B 192-bit constraints on TLS (default) +# tls_suiteb=1 - apply Suite B 192-bit constraints on TLS; this is used in +# particular when using Suite B with RSA keys of >= 3K (3072) bits # # Following certificate/private key fields are used in inner Phase2 # authentication when using EAP-TTLS or EAP-PEAP. @@ -1175,6 +1287,10 @@ fast_reauth=1 # update_identifier: PPS MO ID # (Hotspot 2.0 PerProviderSubscription/UpdateIdentifier) +# +# roaming_consortium_selection: Roaming Consortium Selection +# The matching Roaming Consortium OI that was used to generate this +# network profile. # Station inactivity limit # @@ -1204,6 +1320,11 @@ fast_reauth=1 # 1 = WPS disabled #wps_disabled=0 +# FILS DH Group +# 0 = PFS disabled with FILS shared key authentication (default) +# 1-65535 = DH Group to use for FILS PFS +#fils_dh_group=0 + # MAC address policy # 0 = use permanent MAC address # 1 = use random MAC address for each ESS connection @@ -1662,15 +1783,26 @@ network={ } -# Example MACsec configuration -#network={ -# key_mgmt=IEEE8021X -# eap=TTLS -# phase2="auth=PAP" -# anonymous_identity="anonymous@example.com" -# identity="user@example.com" -# password="secretr" -# ca_cert="/etc/cert/ca.pem" -# eapol_flags=0 -# macsec_policy=1 -#} +# Example configuration using EAP-TTLS for authentication and key +# generation for MACsec +network={ + key_mgmt=IEEE8021X + eap=TTLS + phase2="auth=PAP" + anonymous_identity="anonymous@example.com" + identity="user@example.com" + password="secretr" + ca_cert="/etc/cert/ca.pem" + eapol_flags=0 + macsec_policy=1 +} + +# Example configuration for MACsec with preshared key +network={ + key_mgmt=NONE + eapol_flags=0 + macsec_policy=1 + mka_cak=0123456789ABCDEF0123456789ABCDEF + mka_ckn=6162636465666768696A6B6C6D6E6F707172737475767778797A303132333435 + mka_priority=128 +} diff --git a/contrib/wpa/wpa_supplicant/wpa_supplicant_i.h b/contrib/wpa/wpa_supplicant/wpa_supplicant_i.h index ef9273d09a32..8b749f44e235 100644 --- a/contrib/wpa/wpa_supplicant/wpa_supplicant_i.h +++ b/contrib/wpa/wpa_supplicant/wpa_supplicant_i.h @@ -9,6 +9,7 @@ #ifndef WPA_SUPPLICANT_I_H #define WPA_SUPPLICANT_I_H +#include "utils/bitfield.h" #include "utils/list.h" #include "common/defs.h" #include "common/sae.h" @@ -295,7 +296,7 @@ struct wpa_global { #ifdef CONFIG_WIFI_DISPLAY int wifi_display; -#define MAX_WFD_SUBELEMS 10 +#define MAX_WFD_SUBELEMS 12 struct wpabuf *wfd_subelem[MAX_WFD_SUBELEMS]; #endif /* CONFIG_WIFI_DISPLAY */ @@ -344,6 +345,7 @@ int radio_add_work(struct wpa_supplicant *wpa_s, unsigned int freq, void radio_work_done(struct wpa_radio_work *work); void radio_remove_works(struct wpa_supplicant *wpa_s, const char *type, int remove_all); +void radio_remove_pending_work(struct wpa_supplicant *wpa_s, void *ctx); void radio_work_check_next(struct wpa_supplicant *wpa_s); struct wpa_radio_work * radio_work_pending(struct wpa_supplicant *wpa_s, const char *type); @@ -424,6 +426,12 @@ struct rrm_data { /* next_neighbor_rep_token - Next request's dialog token */ u8 next_neighbor_rep_token; + + /* token - Dialog token of the current radio measurement */ + u8 token; + + /* destination address of the current radio measurement request */ + u8 dst_addr[ETH_ALEN]; }; enum wpa_supplicant_test_failure { @@ -443,7 +451,28 @@ struct icon_entry { struct wpa_bss_tmp_disallowed { struct dl_list list; u8 bssid[ETH_ALEN]; - struct os_reltime disallowed_until; +}; + +struct beacon_rep_data { + u8 token; + struct wpa_driver_scan_params scan_params; + u8 ssid[SSID_MAX_LEN]; + size_t ssid_len; + u8 bssid[ETH_ALEN]; + enum beacon_report_detail report_detail; + struct bitfield *eids; +}; + + +struct external_pmksa_cache { + struct dl_list list; + void *pmksa_cache; +}; + +struct fils_hlp_req { + struct dl_list list; + u8 dst[ETH_ALEN]; + struct wpabuf *pkt; }; /** @@ -503,6 +532,8 @@ struct wpa_supplicant { struct wpa_bss *current_bss; int ap_ies_from_associnfo; unsigned int assoc_freq; + u8 *last_con_fail_realm; + size_t last_con_fail_realm_len; /* Selected configuration (based on Beacon/ProbeResp WPA IE) */ int pairwise_cipher; @@ -639,6 +670,7 @@ struct wpa_supplicant { struct os_reltime scan_min_time; int scan_runs; /* number of scan runs since WPS was started */ int *next_scan_freqs; + int *select_network_scan_freqs; int *manual_scan_freqs; int *manual_sched_scan_freqs; unsigned int manual_scan_passive:1; @@ -652,6 +684,12 @@ struct wpa_supplicant { int normal_scans; /* normal scans run before sched_scan */ int scan_for_connection; /* whether the scan request was triggered for * finding a connection */ + /* + * A unique cookie representing the vendor scan request. This cookie is + * returned from the driver interface. 0 indicates that there is no + * pending vendor scan request. + */ + u64 curr_scan_cookie; #define MAX_SCAN_ID 16 int scan_id[MAX_SCAN_ID]; unsigned int scan_id_count; @@ -705,6 +743,8 @@ struct wpa_supplicant { unsigned int mac_addr_changed:1; unsigned int added_vif:1; unsigned int wnmsleep_used:1; + unsigned int owe_transition_select:1; + unsigned int owe_transition_search:1; struct os_reltime last_mac_addr_change; int last_mac_addr_style; @@ -715,13 +755,15 @@ struct wpa_supplicant { int sta_uapsd; int set_ap_uapsd; int ap_uapsd; + int auth_alg; + u16 last_owe_group; #ifdef CONFIG_SME struct { u8 ssid[SSID_MAX_LEN]; size_t ssid_len; int freq; - u8 assoc_req_ie[200]; + u8 assoc_req_ie[1500]; size_t assoc_req_ie_len; int mfp; int ft_used; @@ -752,6 +794,8 @@ struct wpa_supplicant { struct wpabuf *sae_token; int sae_group_index; unsigned int sae_pmksa_caching:1; + u16 seq_num; + struct external_auth ext_auth; #endif /* CONFIG_SAE */ } sme; #endif /* CONFIG_SME */ @@ -770,6 +814,10 @@ struct wpa_supplicant { unsigned int mesh_if_created:1; unsigned int mesh_ht_enabled:1; unsigned int mesh_vht_enabled:1; +#ifdef CONFIG_PMKSA_CACHE_EXTERNAL + /* struct external_pmksa_cache::list */ + struct dl_list mesh_external_pmksa_cache; +#endif /* CONFIG_PMKSA_CACHE_EXTERNAL */ #endif /* CONFIG_MESH */ unsigned int off_channel_freq; @@ -789,6 +837,7 @@ struct wpa_supplicant { result); unsigned int roc_waiting_drv_freq; int action_tx_wait_time; + int action_tx_wait_time_used; int p2p_mgmt; @@ -856,6 +905,7 @@ struct wpa_supplicant { unsigned int p2p_auto_join:1; unsigned int p2p_auto_pd:1; + unsigned int p2p_go_do_acs:1; unsigned int p2p_persistent_group:1; unsigned int p2p_fallback_to_go_neg:1; unsigned int p2p_pd_before_go_neg:1; @@ -871,6 +921,7 @@ struct wpa_supplicant { unsigned int p2p_disable_ip_addr_req:1; unsigned int p2ps_method_config_any:1; unsigned int p2p_cli_probe:1; + enum hostapd_hw_mode p2p_go_acs_band; int p2p_persistent_go_freq; int p2p_persistent_id; int p2p_go_intent; @@ -923,6 +974,7 @@ struct wpa_supplicant { int best_overall_freq; struct gas_query *gas; + struct gas_server *gas_server; #ifdef CONFIG_INTERWORKING unsigned int fetch_anqp_in_progress:1; @@ -981,6 +1033,7 @@ struct wpa_supplicant { unsigned int wmm_ac_supported:1; unsigned int ext_work_in_progress:1; unsigned int own_disconnect_req:1; + unsigned int ignore_post_flush_scan_res:1; #define MAC_ADDR_RAND_SCAN BIT(0) #define MAC_ADDR_RAND_SCHED_SCAN BIT(1) @@ -1006,6 +1059,14 @@ struct wpa_supplicant { struct neighbor_report *wnm_neighbor_report_elements; struct os_reltime wnm_cand_valid_until; u8 wnm_cand_from_bss[ETH_ALEN]; + struct wpabuf *coloc_intf_elems; + u8 coloc_intf_dialog_token; + u8 coloc_intf_auto_report; + u8 coloc_intf_timeout; +#ifdef CONFIG_MBO + unsigned int wnm_mbo_trans_reason_present:1; + u8 wnm_mbo_transition_reason; +#endif /* CONFIG_MBO */ #endif /* CONFIG_WNM */ #ifdef CONFIG_TESTING_GET_GTK @@ -1024,10 +1085,19 @@ struct wpa_supplicant { struct l2_packet_data *l2_test; unsigned int extra_roc_dur; enum wpa_supplicant_test_failure test_failure; + char *get_pref_freq_list_override; unsigned int reject_btm_req_reason; unsigned int p2p_go_csa_on_inv:1; unsigned int ignore_auth_resp:1; unsigned int ignore_assoc_disallow:1; + unsigned int testing_resend_assoc:1; + struct wpabuf *sae_commit_override; + enum wpa_alg last_tk_alg; + u8 last_tk_addr[ETH_ALEN]; + int last_tk_key_idx; + u8 last_tk[WPA_TK_MAX_LEN]; + size_t last_tk_len; + struct wpabuf *last_assoc_req_wpa_ie; #endif /* CONFIG_TESTING_OPTIONS */ struct wmm_ac_assoc_data *wmm_ac_assoc_info; @@ -1038,6 +1108,7 @@ struct wpa_supplicant { u8 last_tspecs_count; struct rrm_data rrm; + struct beacon_rep_data beacon_rep_data; #ifdef CONFIG_FST struct fst_iface *fst; @@ -1055,6 +1126,14 @@ struct wpa_supplicant { } *non_pref_chan; size_t non_pref_chan_num; u8 mbo_wnm_token; + /** + * enable_oce - Enable OCE if it is enabled by user and device also + * supports OCE. + * User can enable OCE with wpa_config's 'oce' parameter as follows - + * - Set BIT(0) to enable OCE in non-AP STA mode. + * - Set BIT(1) to enable OCE in STA-CFON mode. + */ + u8 enable_oce; #endif /* CONFIG_MBO */ /* @@ -1069,6 +1148,92 @@ struct wpa_supplicant { */ struct wpabuf *lci; struct os_reltime lci_time; + + struct os_reltime beacon_rep_scan; + + /* FILS HLP requests (struct fils_hlp_req) */ + struct dl_list fils_hlp_req; + + struct sched_scan_relative_params { + /** + * relative_rssi_set - Enable relatively preferred BSS reporting + * + * 0 = Disable reporting relatively preferred BSSs + * 1 = Enable reporting relatively preferred BSSs + */ + int relative_rssi_set; + + /** + * relative_rssi - Relative RSSI for reporting better BSSs + * + * Amount of RSSI by which a BSS should be better than the + * current connected BSS so that the new BSS can be reported + * to user space. This applies to sched_scan operations. + */ + int relative_rssi; + + /** + * relative_adjust_band - Band in which RSSI is to be adjusted + */ + enum set_band relative_adjust_band; + + /** + * relative_adjust_rssi - RSSI adjustment + * + * An amount of relative_adjust_rssi should be added to the + * BSSs that belong to the relative_adjust_band while comparing + * with other bands for BSS reporting. + */ + int relative_adjust_rssi; + } srp; + + /* RIC elements for FT protocol */ + struct wpabuf *ric_ies; + + int last_auth_timeout_sec; + +#ifdef CONFIG_DPP + struct dl_list dpp_bootstrap; /* struct dpp_bootstrap_info */ + struct dl_list dpp_configurator; /* struct dpp_configurator */ + int dpp_init_done; + struct dpp_authentication *dpp_auth; + struct wpa_radio_work *dpp_listen_work; + unsigned int dpp_pending_listen_freq; + unsigned int dpp_listen_freq; + u8 dpp_allowed_roles; + int dpp_qr_mutual; + int dpp_netrole_ap; + int dpp_auth_ok_on_ack; + int dpp_in_response_listen; + int dpp_gas_client; + int dpp_gas_dialog_token; + u8 dpp_intro_bssid[ETH_ALEN]; + void *dpp_intro_network; + struct dpp_pkex *dpp_pkex; + struct dpp_bootstrap_info *dpp_pkex_bi; + char *dpp_pkex_code; + char *dpp_pkex_identifier; + char *dpp_pkex_auth_cmd; + char *dpp_configurator_params; + struct os_reltime dpp_last_init; + struct os_reltime dpp_init_iter_start; + unsigned int dpp_init_max_tries; + unsigned int dpp_init_retry_time; + unsigned int dpp_resp_wait_time; + unsigned int dpp_resp_max_tries; + unsigned int dpp_resp_retry_time; +#ifdef CONFIG_TESTING_OPTIONS + char *dpp_config_obj_override; + char *dpp_discovery_override; + char *dpp_groups_override; + unsigned int dpp_ignore_netaccesskey_mismatch:1; +#endif /* CONFIG_TESTING_OPTIONS */ +#endif /* CONFIG_DPP */ + +#ifdef CONFIG_FILS + unsigned int disable_fils:1; +#endif /* CONFIG_FILS */ + unsigned int ieee80211ac:1; }; @@ -1101,6 +1266,7 @@ void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s); void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr); void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s, int sec, int usec); +void wpas_auth_timeout_restart(struct wpa_supplicant *wpa_s, int sec_diff); void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s); void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s, enum wpa_states state); @@ -1158,6 +1324,7 @@ void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr, void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s); void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s); void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid); +void fils_connection_failure(struct wpa_supplicant *wpa_s); int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s); int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s); void wpas_auth_failed(struct wpa_supplicant *wpa_s, char *reason); @@ -1183,22 +1350,28 @@ int wpas_rrm_send_neighbor_rep_request(struct wpa_supplicant *wpa_s, struct wpabuf *neighbor_rep), void *cb_ctx); void wpas_rrm_handle_radio_measurement_request(struct wpa_supplicant *wpa_s, - const u8 *src, + const u8 *src, const u8 *dst, const u8 *frame, size_t len); void wpas_rrm_handle_link_measurement_request(struct wpa_supplicant *wpa_s, const u8 *src, const u8 *frame, size_t len, int rssi); +void wpas_rrm_refuse_request(struct wpa_supplicant *wpa_s); +int wpas_beacon_rep_scan_process(struct wpa_supplicant *wpa_s, + struct wpa_scan_results *scan_res, + struct scan_info *info); +void wpas_clear_beacon_rep_data(struct wpa_supplicant *wpa_s); +void wpas_flush_fils_hlp_req(struct wpa_supplicant *wpa_s); /* MBO functions */ -int wpas_mbo_ie(struct wpa_supplicant *wpa_s, u8 *buf, size_t len); +int wpas_mbo_ie(struct wpa_supplicant *wpa_s, u8 *buf, size_t len, + int add_oce_capa); +const u8 * mbo_attr_from_mbo_ie(const u8 *mbo_ie, enum mbo_attr_id attr); const u8 * wpas_mbo_get_bss_attr(struct wpa_bss *bss, enum mbo_attr_id attr); int wpas_mbo_update_non_pref_chan(struct wpa_supplicant *wpa_s, const char *non_pref_chan); void wpas_mbo_scan_ie(struct wpa_supplicant *wpa_s, struct wpabuf *ie); -int wpas_mbo_supp_op_class_ie(struct wpa_supplicant *wpa_s, int freq, u8 *pos, - size_t len); void wpas_mbo_ie_trans_req(struct wpa_supplicant *wpa_s, const u8 *ie, size_t len); size_t wpas_mbo_ie_bss_trans_reject(struct wpa_supplicant *wpa_s, u8 *pos, @@ -1206,7 +1379,20 @@ size_t wpas_mbo_ie_bss_trans_reject(struct wpa_supplicant *wpa_s, u8 *pos, enum mbo_transition_reject_reason reason); void wpas_mbo_update_cell_capa(struct wpa_supplicant *wpa_s, u8 mbo_cell_capa); struct wpabuf * mbo_build_anqp_buf(struct wpa_supplicant *wpa_s, - struct wpa_bss *bss); + struct wpa_bss *bss, u32 mbo_subtypes); +void mbo_parse_rx_anqp_resp(struct wpa_supplicant *wpa_s, + struct wpa_bss *bss, const u8 *sa, + const u8 *data, size_t slen); + +/* op_classes.c */ +enum chan_allowed { + NOT_ALLOWED, NO_IR, ALLOWED +}; + +enum chan_allowed verify_channel(struct hostapd_hw_modes *mode, u8 channel, + u8 bw); +size_t wpas_supp_op_class_ie(struct wpa_supplicant *wpa_s, int freq, u8 *pos, + size_t len); /** * wpa_supplicant_ctrl_iface_ctrl_rsp_handle - Handle a control response @@ -1238,6 +1424,7 @@ void wnm_bss_keep_alive_deinit(struct wpa_supplicant *wpa_s); int wpa_supplicant_fast_associate(struct wpa_supplicant *wpa_s); struct wpa_bss * wpa_supplicant_pick_network(struct wpa_supplicant *wpa_s, struct wpa_ssid **selected_ssid); +int wpas_temp_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid); /* eap_register.c */ int eap_register_methods(void); @@ -1296,6 +1483,14 @@ int wpa_is_bss_tmp_disallowed(struct wpa_supplicant *wpa_s, const u8 *bssid); struct wpa_ssid * wpa_scan_res_match(struct wpa_supplicant *wpa_s, int i, struct wpa_bss *bss, struct wpa_ssid *group, - int only_first_ssid); + int only_first_ssid, int debug_print); + +int wpas_ctrl_iface_get_pref_freq_list_override(struct wpa_supplicant *wpa_s, + enum wpa_driver_if_type if_type, + unsigned int *num, + unsigned int *freq_list); + +int wpa_is_fils_supported(struct wpa_supplicant *wpa_s); +int wpa_is_fils_sk_pfs_supported(struct wpa_supplicant *wpa_s); #endif /* WPA_SUPPLICANT_I_H */ diff --git a/contrib/wpa/wpa_supplicant/wpa_supplicant_template.conf b/contrib/wpa/wpa_supplicant/wpa_supplicant_template.conf index f3f2a6417d2e..f55227f82685 100644 --- a/contrib/wpa/wpa_supplicant/wpa_supplicant_template.conf +++ b/contrib/wpa/wpa_supplicant/wpa_supplicant_template.conf @@ -4,3 +4,4 @@ eapol_version=1 ap_scan=1 fast_reauth=1 pmf=1 +p2p_add_cli_chan=1 diff --git a/contrib/wpa/wpa_supplicant/wpas_glue.c b/contrib/wpa/wpa_supplicant/wpas_glue.c index f84c8b90ac2f..4634ed7fc368 100644 --- a/contrib/wpa/wpa_supplicant/wpas_glue.c +++ b/contrib/wpa/wpa_supplicant/wpas_glue.c @@ -10,6 +10,7 @@ #include "common.h" #include "eapol_supp/eapol_supp_sm.h" +#include "eap_peer/eap.h" #include "rsn_supp/wpa.h" #include "eloop.h" #include "config.h" @@ -145,6 +146,8 @@ static int wpa_supplicant_eapol_send(void *ctx, int type, const u8 *buf, * extra copy here */ if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) || + wpa_s->key_mgmt == WPA_KEY_MGMT_OWE || + wpa_s->key_mgmt == WPA_KEY_MGMT_DPP || wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) { /* Current SSID is not using IEEE 802.1X/EAP, so drop possible * EAPOL frames (mainly, EAPOL-Start) from EAPOL state @@ -499,6 +502,16 @@ static int wpa_supplicant_set_key(void *_wpa_s, enum wpa_alg alg, wpa_s->last_gtk_len = key_len; } #endif /* CONFIG_TESTING_GET_GTK */ +#ifdef CONFIG_TESTING_OPTIONS + if (addr && !is_broadcast_ether_addr(addr)) { + wpa_s->last_tk_alg = alg; + os_memcpy(wpa_s->last_tk_addr, addr, ETH_ALEN); + wpa_s->last_tk_key_idx = key_idx; + if (key) + os_memcpy(wpa_s->last_tk, key, key_len); + wpa_s->last_tk_len = key_len; + } +#endif /* CONFIG_TESTING_OPTIONS */ return wpa_drv_set_key(wpa_s, alg, addr, key_idx, set_tx, seq, seq_len, key, key_len); } @@ -513,17 +526,74 @@ static int wpa_supplicant_mlme_setprotection(void *wpa_s, const u8 *addr, } -static int wpa_supplicant_add_pmkid(void *wpa_s, - const u8 *bssid, const u8 *pmkid) +static struct wpa_ssid * wpas_get_network_ctx(struct wpa_supplicant *wpa_s, + void *network_ctx) +{ + struct wpa_ssid *ssid; + + for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) { + if (network_ctx == ssid) + return ssid; + } + + return NULL; +} + + +static int wpa_supplicant_add_pmkid(void *_wpa_s, void *network_ctx, + const u8 *bssid, const u8 *pmkid, + const u8 *fils_cache_id, + const u8 *pmk, size_t pmk_len) { - return wpa_drv_add_pmkid(wpa_s, bssid, pmkid); + struct wpa_supplicant *wpa_s = _wpa_s; + struct wpa_ssid *ssid; + struct wpa_pmkid_params params; + + os_memset(¶ms, 0, sizeof(params)); + ssid = wpas_get_network_ctx(wpa_s, network_ctx); + if (ssid) + wpa_msg(wpa_s, MSG_INFO, PMKSA_CACHE_ADDED MACSTR " %d", + MAC2STR(bssid), ssid->id); + if (ssid && fils_cache_id) { + params.ssid = ssid->ssid; + params.ssid_len = ssid->ssid_len; + params.fils_cache_id = fils_cache_id; + } else { + params.bssid = bssid; + } + + params.pmkid = pmkid; + params.pmk = pmk; + params.pmk_len = pmk_len; + + return wpa_drv_add_pmkid(wpa_s, ¶ms); } -static int wpa_supplicant_remove_pmkid(void *wpa_s, - const u8 *bssid, const u8 *pmkid) +static int wpa_supplicant_remove_pmkid(void *_wpa_s, void *network_ctx, + const u8 *bssid, const u8 *pmkid, + const u8 *fils_cache_id) { - return wpa_drv_remove_pmkid(wpa_s, bssid, pmkid); + struct wpa_supplicant *wpa_s = _wpa_s; + struct wpa_ssid *ssid; + struct wpa_pmkid_params params; + + os_memset(¶ms, 0, sizeof(params)); + ssid = wpas_get_network_ctx(wpa_s, network_ctx); + if (ssid) + wpa_msg(wpa_s, MSG_INFO, PMKSA_CACHE_REMOVED MACSTR " %d", + MAC2STR(bssid), ssid->id); + if (ssid && fils_cache_id) { + params.ssid = ssid->ssid; + params.ssid_len = ssid->ssid_len; + params.fils_cache_id = fils_cache_id; + } else { + params.bssid = bssid; + } + + params.pmkid = pmkid; + + return wpa_drv_remove_pmkid(wpa_s, ¶ms); } @@ -865,12 +935,13 @@ static void wpa_supplicant_eap_param_needed(void *ctx, #ifdef CONFIG_EAP_PROXY + static void wpa_supplicant_eap_proxy_cb(void *ctx) { struct wpa_supplicant *wpa_s = ctx; size_t len; - wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, + wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, -1, wpa_s->imsi, &len); if (wpa_s->mnc_len > 0) { wpa_s->imsi[len] = '\0'; @@ -880,6 +951,52 @@ static void wpa_supplicant_eap_proxy_cb(void *ctx) wpa_printf(MSG_DEBUG, "eap_proxy: IMSI not available"); } } + + +static void wpa_sm_sim_state_error_handler(struct wpa_supplicant *wpa_s) +{ + int i; + struct wpa_ssid *ssid; + const struct eap_method_type *eap_methods; + + if (!wpa_s->conf) + return; + + for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) { + eap_methods = ssid->eap.eap_methods; + if (!eap_methods) + continue; + + for (i = 0; eap_methods[i].method != EAP_TYPE_NONE; i++) { + if (eap_methods[i].vendor == EAP_VENDOR_IETF && + (eap_methods[i].method == EAP_TYPE_SIM || + eap_methods[i].method == EAP_TYPE_AKA || + eap_methods[i].method == EAP_TYPE_AKA_PRIME)) { + wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid); + break; + } + } + } +} + + +static void +wpa_supplicant_eap_proxy_notify_sim_status(void *ctx, + enum eap_proxy_sim_state sim_state) +{ + struct wpa_supplicant *wpa_s = ctx; + + wpa_printf(MSG_DEBUG, "eap_proxy: SIM card status %u", sim_state); + switch (sim_state) { + case SIM_STATE_ERROR: + wpa_sm_sim_state_error_handler(wpa_s); + break; + default: + wpa_printf(MSG_DEBUG, "eap_proxy: SIM card status unknown"); + break; + } +} + #endif /* CONFIG_EAP_PROXY */ @@ -921,6 +1038,14 @@ static void wpa_supplicant_status_cb(void *ctx, const char *status, } +static void wpa_supplicant_eap_error_cb(void *ctx, int error_code) +{ + struct wpa_supplicant *wpa_s = ctx; + + wpas_notify_eap_error(wpa_s, error_code); +} + + static void wpa_supplicant_set_anon_id(void *ctx, const u8 *id, size_t len) { struct wpa_supplicant *wpa_s = ctx; @@ -990,12 +1115,15 @@ int wpa_supplicant_init_eapol(struct wpa_supplicant *wpa_s) ctx->eap_param_needed = wpa_supplicant_eap_param_needed; #ifdef CONFIG_EAP_PROXY ctx->eap_proxy_cb = wpa_supplicant_eap_proxy_cb; + ctx->eap_proxy_notify_sim_status = + wpa_supplicant_eap_proxy_notify_sim_status; #endif /* CONFIG_EAP_PROXY */ ctx->port_cb = wpa_supplicant_port_cb; ctx->cb = wpa_supplicant_eapol_cb; ctx->cert_cb = wpa_supplicant_cert_cb; ctx->cert_in_cb = wpa_s->conf->cert_in_cb; ctx->status_cb = wpa_supplicant_status_cb; + ctx->eap_error_cb = wpa_supplicant_eap_error_cb; ctx->set_anon_id = wpa_supplicant_set_anon_id; ctx->cb_ctx = wpa_s; wpa_s->eapol = eapol_sm_init(ctx); @@ -1012,6 +1140,7 @@ int wpa_supplicant_init_eapol(struct wpa_supplicant *wpa_s) #ifndef CONFIG_NO_WPA + static void wpa_supplicant_set_rekey_offload(void *ctx, const u8 *kek, size_t kek_len, const u8 *kck, size_t kck_len, @@ -1035,6 +1164,25 @@ static int wpa_supplicant_key_mgmt_set_pmk(void *ctx, const u8 *pmk, else return 0; } + + +static void wpa_supplicant_fils_hlp_rx(void *ctx, const u8 *dst, const u8 *src, + const u8 *pkt, size_t pkt_len) +{ + struct wpa_supplicant *wpa_s = ctx; + char *hex; + size_t hexlen; + + hexlen = pkt_len * 2 + 1; + hex = os_malloc(hexlen); + if (!hex) + return; + wpa_snprintf_hex(hex, hexlen, pkt, pkt_len); + wpa_msg(wpa_s, MSG_INFO, FILS_HLP_RX "dst=" MACSTR " src=" MACSTR + " frame=%s", MAC2STR(dst), MAC2STR(src), hex); + os_free(hex); +} + #endif /* CONFIG_NO_WPA */ @@ -1084,6 +1232,7 @@ int wpa_supplicant_init_wpa(struct wpa_supplicant *wpa_s) #endif /* CONFIG_TDLS */ ctx->set_rekey_offload = wpa_supplicant_set_rekey_offload; ctx->key_mgmt_set_pmk = wpa_supplicant_key_mgmt_set_pmk; + ctx->fils_hlp_rx = wpa_supplicant_fils_hlp_rx; wpa_s->wpa = wpa_sm_init(ctx); if (wpa_s->wpa == NULL) { @@ -1105,7 +1254,6 @@ void wpa_supplicant_rsn_supp_set_config(struct wpa_supplicant *wpa_s, if (ssid) { os_memset(&conf, 0, sizeof(conf)); conf.network_ctx = ssid; - conf.peerkey_enabled = ssid->peerkey; conf.allowed_pairwise_cipher = ssid->pairwise_cipher; #ifdef IEEE8021X_EAPOL conf.proactive_key_caching = ssid->proactive_key_caching < 0 ? @@ -1133,6 +1281,11 @@ void wpa_supplicant_rsn_supp_set_config(struct wpa_supplicant *wpa_s, } #endif /* CONFIG_P2P */ conf.wpa_rsc_relaxation = wpa_s->conf->wpa_rsc_relaxation; +#ifdef CONFIG_FILS + if (wpa_key_mgmt_fils(wpa_s->key_mgmt)) + conf.fils_cache_id = + wpa_bss_get_fils_cache_id(wpa_s->current_bss); +#endif /* CONFIG_FILS */ } wpa_sm_set_config(wpa_s->wpa, ssid ? &conf : NULL); } diff --git a/contrib/wpa/wpa_supplicant/wpas_kay.c b/contrib/wpa/wpa_supplicant/wpas_kay.c index d6ec8c5090e9..d3d06b8ae231 100644 --- a/contrib/wpa/wpa_supplicant/wpas_kay.c +++ b/contrib/wpa/wpa_supplicant/wpas_kay.c @@ -5,7 +5,7 @@ * This software may be distributed under the terms of the BSD license. * See README for more details. */ -#include <openssl/ssl.h> + #include "utils/includes.h" #include "utils/common.h" @@ -38,12 +38,24 @@ static int wpas_macsec_deinit(void *priv) } +static int wpas_macsec_get_capability(void *priv, enum macsec_cap *cap) +{ + return wpa_drv_macsec_get_capability(priv, cap); +} + + static int wpas_enable_protect_frames(void *wpa_s, Boolean enabled) { return wpa_drv_enable_protect_frames(wpa_s, enabled); } +static int wpas_enable_encrypt(void *wpa_s, Boolean enabled) +{ + return wpa_drv_enable_encrypt(wpa_s, enabled); +} + + static int wpas_set_replay_protect(void *wpa_s, Boolean enabled, u32 window) { return wpa_drv_set_replay_protect(wpa_s, enabled, window); @@ -62,30 +74,21 @@ static int wpas_enable_controlled_port(void *wpa_s, Boolean enabled) } -static int wpas_get_receive_lowest_pn(void *wpa_s, u32 channel, - u8 an, u32 *lowest_pn) -{ - return wpa_drv_get_receive_lowest_pn(wpa_s, channel, an, lowest_pn); -} - - -static int wpas_get_transmit_next_pn(void *wpa_s, u32 channel, - u8 an, u32 *next_pn) +static int wpas_get_receive_lowest_pn(void *wpa_s, struct receive_sa *sa) { - return wpa_drv_get_transmit_next_pn(wpa_s, channel, an, next_pn); + return wpa_drv_get_receive_lowest_pn(wpa_s, sa); } -static int wpas_set_transmit_next_pn(void *wpa_s, u32 channel, - u8 an, u32 next_pn) +static int wpas_get_transmit_next_pn(void *wpa_s, struct transmit_sa *sa) { - return wpa_drv_set_transmit_next_pn(wpa_s, channel, an, next_pn); + return wpa_drv_get_transmit_next_pn(wpa_s, sa); } -static int wpas_get_available_receive_sc(void *wpa_s, u32 *channel) +static int wpas_set_transmit_next_pn(void *wpa_s, struct transmit_sa *sa) { - return wpa_drv_get_available_receive_sc(wpa_s, channel); + return wpa_drv_set_transmit_next_pn(wpa_s, sa); } @@ -103,83 +106,79 @@ static unsigned int conf_offset_val(enum confidentiality_offset co) } -static int wpas_create_receive_sc(void *wpa_s, u32 channel, - struct ieee802_1x_mka_sci *sci, +static int wpas_create_receive_sc(void *wpa_s, struct receive_sc *sc, enum validate_frames vf, enum confidentiality_offset co) { - return wpa_drv_create_receive_sc(wpa_s, channel, sci->addr, - be_to_host16(sci->port), - conf_offset_val(co), vf); + return wpa_drv_create_receive_sc(wpa_s, sc, conf_offset_val(co), vf); } -static int wpas_delete_receive_sc(void *wpa_s, u32 channel) +static int wpas_delete_receive_sc(void *wpa_s, struct receive_sc *sc) { - return wpa_drv_delete_receive_sc(wpa_s, channel); + return wpa_drv_delete_receive_sc(wpa_s, sc); } -static int wpas_create_receive_sa(void *wpa_s, u32 channel, u8 an, - u32 lowest_pn, const u8 *sak) +static int wpas_create_receive_sa(void *wpa_s, struct receive_sa *sa) { - return wpa_drv_create_receive_sa(wpa_s, channel, an, lowest_pn, sak); + return wpa_drv_create_receive_sa(wpa_s, sa); } -static int wpas_enable_receive_sa(void *wpa_s, u32 channel, u8 an) +static int wpas_delete_receive_sa(void *wpa_s, struct receive_sa *sa) { - return wpa_drv_enable_receive_sa(wpa_s, channel, an); + return wpa_drv_delete_receive_sa(wpa_s, sa); } -static int wpas_disable_receive_sa(void *wpa_s, u32 channel, u8 an) +static int wpas_enable_receive_sa(void *wpa_s, struct receive_sa *sa) { - return wpa_drv_disable_receive_sa(wpa_s, channel, an); + return wpa_drv_enable_receive_sa(wpa_s, sa); } -static int wpas_get_available_transmit_sc(void *wpa_s, u32 *channel) +static int wpas_disable_receive_sa(void *wpa_s, struct receive_sa *sa) { - return wpa_drv_get_available_transmit_sc(wpa_s, channel); + return wpa_drv_disable_receive_sa(wpa_s, sa); } static int -wpas_create_transmit_sc(void *wpa_s, u32 channel, - const struct ieee802_1x_mka_sci *sci, +wpas_create_transmit_sc(void *wpa_s, struct transmit_sc *sc, enum confidentiality_offset co) { - return wpa_drv_create_transmit_sc(wpa_s, channel, sci->addr, - be_to_host16(sci->port), - conf_offset_val(co)); + return wpa_drv_create_transmit_sc(wpa_s, sc, conf_offset_val(co)); +} + + +static int wpas_delete_transmit_sc(void *wpa_s, struct transmit_sc *sc) +{ + return wpa_drv_delete_transmit_sc(wpa_s, sc); } -static int wpas_delete_transmit_sc(void *wpa_s, u32 channel) +static int wpas_create_transmit_sa(void *wpa_s, struct transmit_sa *sa) { - return wpa_drv_delete_transmit_sc(wpa_s, channel); + return wpa_drv_create_transmit_sa(wpa_s, sa); } -static int wpas_create_transmit_sa(void *wpa_s, u32 channel, u8 an, - u32 next_pn, Boolean confidentiality, - const u8 *sak) +static int wpas_delete_transmit_sa(void *wpa_s, struct transmit_sa *sa) { - return wpa_drv_create_transmit_sa(wpa_s, channel, an, next_pn, - confidentiality, sak); + return wpa_drv_delete_transmit_sa(wpa_s, sa); } -static int wpas_enable_transmit_sa(void *wpa_s, u32 channel, u8 an) +static int wpas_enable_transmit_sa(void *wpa_s, struct transmit_sa *sa) { - return wpa_drv_enable_transmit_sa(wpa_s, channel, an); + return wpa_drv_enable_transmit_sa(wpa_s, sa); } -static int wpas_disable_transmit_sa(void *wpa_s, u32 channel, u8 an) +static int wpas_disable_transmit_sa(void *wpa_s, struct transmit_sa *sa) { - return wpa_drv_disable_transmit_sa(wpa_s, channel, an); + return wpa_drv_disable_transmit_sa(wpa_s, sa); } @@ -194,7 +193,14 @@ int ieee802_1x_alloc_kay_sm(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid) if (!ssid || ssid->macsec_policy == 0) return 0; - policy = ssid->macsec_policy == 1 ? SHOULD_SECURE : DO_NOT_SECURE; + if (ssid->macsec_policy == 1) { + if (ssid->macsec_integ_only == 1) + policy = SHOULD_SECURE; + else + policy = SHOULD_ENCRYPT; + } else { + policy = DO_NOT_SECURE; + } kay_ctx = os_zalloc(sizeof(*kay_ctx)); if (!kay_ctx) @@ -204,32 +210,34 @@ int ieee802_1x_alloc_kay_sm(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid) kay_ctx->macsec_init = wpas_macsec_init; kay_ctx->macsec_deinit = wpas_macsec_deinit; + kay_ctx->macsec_get_capability = wpas_macsec_get_capability; kay_ctx->enable_protect_frames = wpas_enable_protect_frames; + kay_ctx->enable_encrypt = wpas_enable_encrypt; kay_ctx->set_replay_protect = wpas_set_replay_protect; kay_ctx->set_current_cipher_suite = wpas_set_current_cipher_suite; kay_ctx->enable_controlled_port = wpas_enable_controlled_port; kay_ctx->get_receive_lowest_pn = wpas_get_receive_lowest_pn; kay_ctx->get_transmit_next_pn = wpas_get_transmit_next_pn; kay_ctx->set_transmit_next_pn = wpas_set_transmit_next_pn; - kay_ctx->get_available_receive_sc = wpas_get_available_receive_sc; kay_ctx->create_receive_sc = wpas_create_receive_sc; kay_ctx->delete_receive_sc = wpas_delete_receive_sc; kay_ctx->create_receive_sa = wpas_create_receive_sa; + kay_ctx->delete_receive_sa = wpas_delete_receive_sa; kay_ctx->enable_receive_sa = wpas_enable_receive_sa; kay_ctx->disable_receive_sa = wpas_disable_receive_sa; - kay_ctx->get_available_transmit_sc = wpas_get_available_transmit_sc; kay_ctx->create_transmit_sc = wpas_create_transmit_sc; kay_ctx->delete_transmit_sc = wpas_delete_transmit_sc; kay_ctx->create_transmit_sa = wpas_create_transmit_sa; + kay_ctx->delete_transmit_sa = wpas_delete_transmit_sa; kay_ctx->enable_transmit_sa = wpas_enable_transmit_sa; kay_ctx->disable_transmit_sa = wpas_disable_transmit_sa; - res = ieee802_1x_kay_init(kay_ctx, policy, wpa_s->ifname, + res = ieee802_1x_kay_init(kay_ctx, policy, ssid->macsec_port, + ssid->mka_priority, wpa_s->ifname, wpa_s->own_addr); - if (res == NULL) { - os_free(kay_ctx); + /* ieee802_1x_kay_init() frees kay_ctx on failure */ + if (res == NULL) return -1; - } wpa_s->kay = res; @@ -260,7 +268,7 @@ static int ieee802_1x_auth_get_session_id(struct wpa_supplicant *wpa_s, return -1; } - need_len = 1 + 2 * SSL3_RANDOM_SIZE; + need_len = 1 + 2 * 32 /* random size */; if (need_len > id_len) { wpa_printf(MSG_DEBUG, "EAP Session-Id not long enough"); return -1; @@ -377,3 +385,49 @@ fail: return res; } + + +void * ieee802_1x_create_preshared_mka(struct wpa_supplicant *wpa_s, + struct wpa_ssid *ssid) +{ + struct mka_key *cak; + struct mka_key_name *ckn; + void *res = NULL; + + if ((ssid->mka_psk_set & MKA_PSK_SET) != MKA_PSK_SET) + goto end; + + ckn = os_zalloc(sizeof(*ckn)); + if (!ckn) + goto end; + + cak = os_zalloc(sizeof(*cak)); + if (!cak) + goto free_ckn; + + if (ieee802_1x_alloc_kay_sm(wpa_s, ssid) < 0 || !wpa_s->kay) + goto free_cak; + + if (wpa_s->kay->policy == DO_NOT_SECURE) + goto dealloc; + + cak->len = MACSEC_CAK_LEN; + os_memcpy(cak->key, ssid->mka_cak, cak->len); + + ckn->len = MACSEC_CKN_LEN; + os_memcpy(ckn->name, ssid->mka_ckn, ckn->len); + + res = ieee802_1x_kay_create_mka(wpa_s->kay, ckn, cak, 0, PSK, FALSE); + if (res) + goto free_cak; + +dealloc: + /* Failed to create MKA */ + ieee802_1x_dealloc_kay_sm(wpa_s); +free_cak: + os_free(cak); +free_ckn: + os_free(ckn); +end: + return res; +} diff --git a/contrib/wpa/wpa_supplicant/wpas_kay.h b/contrib/wpa/wpa_supplicant/wpas_kay.h index b7236d0776c4..81f8e0ce329e 100644 --- a/contrib/wpa/wpa_supplicant/wpas_kay.h +++ b/contrib/wpa/wpa_supplicant/wpas_kay.h @@ -17,6 +17,9 @@ void * ieee802_1x_notify_create_actor(struct wpa_supplicant *wpa_s, const u8 *peer_addr); void ieee802_1x_dealloc_kay_sm(struct wpa_supplicant *wpa_s); +void * ieee802_1x_create_preshared_mka(struct wpa_supplicant *wpa_s, + struct wpa_ssid *ssid); + #else /* CONFIG_MACSEC */ static inline int ieee802_1x_alloc_kay_sm(struct wpa_supplicant *wpa_s, @@ -36,6 +39,13 @@ static inline void ieee802_1x_dealloc_kay_sm(struct wpa_supplicant *wpa_s) { } +static inline void * +ieee802_1x_create_preshared_mka(struct wpa_supplicant *wpa_s, + struct wpa_ssid *ssid) +{ + return 0; +} + #endif /* CONFIG_MACSEC */ #endif /* WPAS_KAY_H */ diff --git a/contrib/wpa/wpa_supplicant/wps_supplicant.c b/contrib/wpa/wpa_supplicant/wps_supplicant.c index 74a420c671d0..1a2677b8eea4 100644 --- a/contrib/wpa/wpa_supplicant/wps_supplicant.c +++ b/contrib/wpa/wpa_supplicant/wps_supplicant.c @@ -203,6 +203,9 @@ static void wpas_wps_security_workaround(struct wpa_supplicant *wpa_s, if (ssid->ssid == NULL) return; bss = wpa_bss_get(wpa_s, cred->mac_addr, ssid->ssid, ssid->ssid_len); + if (!bss) + bss = wpa_bss_get(wpa_s, wpa_s->bssid, + ssid->ssid, ssid->ssid_len); if (bss == NULL) { wpa_printf(MSG_DEBUG, "WPS: The AP was not found from BSS " "table - use credential as-is"); @@ -490,6 +493,16 @@ static int wpa_supplicant_wps_cred(void *ctx, ssid->pairwise_cipher |= WPA_CIPHER_GCMP; ssid->group_cipher |= WPA_CIPHER_GCMP; } + if (wpa_s->drv_capa_known && + (wpa_s->drv_enc & WPA_DRIVER_CAPA_ENC_GCMP_256)) { + ssid->pairwise_cipher |= WPA_CIPHER_GCMP_256; + ssid->group_cipher |= WPA_CIPHER_GCMP_256; + } + if (wpa_s->drv_capa_known && + (wpa_s->drv_enc & WPA_DRIVER_CAPA_ENC_CCMP_256)) { + ssid->pairwise_cipher |= WPA_CIPHER_CCMP_256; + ssid->group_cipher |= WPA_CIPHER_CCMP_256; + } break; } @@ -1027,10 +1040,9 @@ static struct wpa_ssid * wpas_wps_add_network(struct wpa_supplicant *wpa_s, continue; os_free(ssid->ssid); - ssid->ssid = os_malloc(bss->ssid_len); + ssid->ssid = os_memdup(bss->ssid, bss->ssid_len); if (ssid->ssid == NULL) break; - os_memcpy(ssid->ssid, bss->ssid, bss->ssid_len); ssid->ssid_len = bss->ssid_len; wpa_hexdump_ascii(MSG_DEBUG, "WPS: Picked SSID from " "scan results", @@ -1169,6 +1181,7 @@ int wpas_wps_start_pbc(struct wpa_supplicant *wpa_s, const u8 *bssid, return -1; if (wpa_s->wps_fragment_size) ssid->eap.fragment_size = wpa_s->wps_fragment_size; + wpa_supplicant_wps_event(wpa_s, WPS_EV_PBC_ACTIVE, NULL); eloop_register_timeout(WPS_PBC_WALK_TIME, 0, wpas_wps_timeout, wpa_s, NULL); wpas_wps_reassoc(wpa_s, ssid, bssid, 0); @@ -1481,6 +1494,9 @@ static void wpas_wps_set_uuid(struct wpa_supplicant *wpa_s, wpa_s->global->ifaces->wps->uuid, WPS_UUID_LEN); src = "from the first interface"; + } else if (wpa_s->conf->auto_uuid == 1) { + uuid_random(wps->uuid); + src = "based on random data"; } else { uuid_gen_mac_addr(wpa_s->own_addr, wps->uuid); src = "based on MAC address"; diff --git a/etc/mtree/BSD.debug.dist b/etc/mtree/BSD.debug.dist index 6381d9d8d9ea..704b4626c14b 100644 --- a/etc/mtree/BSD.debug.dist +++ b/etc/mtree/BSD.debug.dist @@ -19,6 +19,8 @@ .. geom .. + nvmecontrol + .. .. libexec .. diff --git a/etc/mtree/BSD.root.dist b/etc/mtree/BSD.root.dist index 79a649561f8e..d93280f580e1 100644 --- a/etc/mtree/BSD.root.dist +++ b/etc/mtree/BSD.root.dist @@ -88,6 +88,8 @@ .. geom .. + nvmecontrol + .. .. libexec resolvconf diff --git a/etc/mtree/BSD.usr.dist b/etc/mtree/BSD.usr.dist index 2e796cf0815e..966970f7dfc6 100644 --- a/etc/mtree/BSD.usr.dist +++ b/etc/mtree/BSD.usr.dist @@ -635,6 +635,8 @@ .. fr_FR.UTF-8 .. + ga_IE.UTF-8 + .. he_IL.UTF-8 .. hi_IN.ISCII-DEV diff --git a/gnu/usr.bin/binutils/Makefile b/gnu/usr.bin/binutils/Makefile index c05a5af2374d..191a8ad3d5c1 100644 --- a/gnu/usr.bin/binutils/Makefile +++ b/gnu/usr.bin/binutils/Makefile @@ -8,9 +8,13 @@ SUBDIR= doc\ libopcodes \ libbinutils \ as \ - ld \ objdump +# When we use ld.lld as /usr/bin/ld, do not install the non-ifunc-capable +# GNU binutils 2.17.50 ld. +.if ${MK_LLD_IS_LD} == "no" +SUBDIR+=ld +.endif SUBDIR_DEPEND_libbinutils=libbfd # for bfdver.h SUBDIR_DEPEND_as=libbfd libiberty libopcodes diff --git a/lib/geom/part/geom_part.c b/lib/geom/part/geom_part.c index 29c066c4714f..b21ebf7ef8d8 100644 --- a/lib/geom/part/geom_part.c +++ b/lib/geom/part/geom_part.c @@ -72,6 +72,7 @@ volatile sig_atomic_t undo_restore; #define GPART_PARAM_BOOTCODE "bootcode" #define GPART_PARAM_INDEX "index" #define GPART_PARAM_PARTCODE "partcode" +#define GPART_PARAM_SKIP_DSN "skip_dsn" static struct gclass *find_class(struct gmesh *, const char *); static struct ggeom * find_geom(struct gclass *, const char *); @@ -115,8 +116,9 @@ struct g_command PUBSYM(class_commands)[] = { { 'p', GPART_PARAM_PARTCODE, G_VAL_OPTIONAL, G_TYPE_STRING }, { 'i', GPART_PARAM_INDEX, G_VAL_OPTIONAL, G_TYPE_NUMBER }, { 'f', "flags", GPART_FLAGS, G_TYPE_STRING }, + { 'N', GPART_PARAM_SKIP_DSN, NULL, G_TYPE_BOOL }, G_OPT_SENTINEL }, - "[-b bootcode] [-p partcode -i index] [-f flags] geom" + "[-N] [-b bootcode] [-p partcode -i index] [-f flags] geom" }, { "commit", 0, gpart_issue, G_NULL_OPTS, "geom" diff --git a/lib/geom/part/gpart.8 b/lib/geom/part/gpart.8 index 76177892ceb1..80ea0a317d3a 100644 --- a/lib/geom/part/gpart.8 +++ b/lib/geom/part/gpart.8 @@ -49,6 +49,7 @@ .\" ==== BOOTCODE ==== .Nm .Cm bootcode +.Op Fl N .Op Fl b Ar bootcode .Op Fl p Ar partcode Fl i Ar index .Op Fl f Ar flags @@ -214,6 +215,14 @@ The .Cm bootcode command accepts these options: .Bl -tag -width 10n +.It Fl N +Don't preserve the Volume Serial Number for MBR. +MBR bootcode contains Volume Serial Number by default, and +.Nm +tries to preserve it when installing new bootstrap code. +This option allows to skip the preservation to help with some versions of +.Xr boot0 8 +that don't support Volume Serial Number. .It Fl b Ar bootcode Embed bootstrap code from the file .Ar bootcode diff --git a/lib/libc/amd64/Symbol.map b/lib/libc/amd64/Symbol.map index 7b1f7b7301ca..8b61122bbe5f 100644 --- a/lib/libc/amd64/Symbol.map +++ b/lib/libc/amd64/Symbol.map @@ -51,9 +51,7 @@ FBSD_1.0 { */ FBSDprivate_1.0 { /* PSEUDO syscalls */ - __sys_getlogin; _getlogin; - __sys_exit; _set_tp; ___longjmp; @@ -63,6 +61,5 @@ FBSDprivate_1.0 { signalcontext; __siglongjmp; _brk; - __sys_vfork; _vfork; }; diff --git a/lib/libc/amd64/string/memmove.S b/lib/libc/amd64/string/memmove.S index 9d6fa8a7e296..accc86440610 100644 --- a/lib/libc/amd64/string/memmove.S +++ b/lib/libc/amd64/string/memmove.S @@ -34,8 +34,6 @@ __FBSDID("$FreeBSD$"); /* * memmove(dst, src, cnt) * rdi, rsi, rdx - * Contains parts of bcopy written by: - * ws@tools.de (Wolfgang Solfrank, TooLs GmbH) +49-228-985800 */ /* @@ -44,11 +42,19 @@ __FBSDID("$FreeBSD$"); * rsi - source * rdx - count * - * The macro possibly clobbers the above and: rcx, r8. - * It does not clobber rax, r10 nor r11. + * The macro possibly clobbers the above and: rcx, r8, r9, 10 + * It does not clobber rax nor r11. */ .macro MEMMOVE erms overlap begin end \begin + + /* + * For sizes 0..32 all data is read before it is written, so there + * is no correctness issue with direction of copying. + */ + cmpq $32,%rcx + jbe 101632f + .if \overlap == 1 movq %rdi,%r8 subq %rsi,%r8 @@ -56,13 +62,10 @@ __FBSDID("$FreeBSD$"); jb 2f .endif - cmpq $32,%rcx - jb 1016f - cmpq $256,%rcx ja 1256f -1032: +103200: movq (%rsi),%rdx movq %rdx,(%rdi) movq 8(%rsi),%rdx @@ -75,71 +78,107 @@ __FBSDID("$FreeBSD$"); leaq 32(%rdi),%rdi subq $32,%rcx cmpq $32,%rcx - jae 1032b + jae 103200b cmpb $0,%cl - jne 1016f + jne 101632f \end ret ALIGN_TEXT -1016: +101632: cmpb $16,%cl - jl 1008f + jl 100816f movq (%rsi),%rdx + movq 8(%rsi),%r8 + movq -16(%rsi,%rcx),%r9 + movq -8(%rsi,%rcx),%r10 movq %rdx,(%rdi) - movq 8(%rsi),%rdx - movq %rdx,8(%rdi) - subb $16,%cl - jz 1000f - leaq 16(%rsi),%rsi - leaq 16(%rdi),%rdi -1008: + movq %r8,8(%rdi) + movq %r9,-16(%rdi,%rcx) + movq %r10,-8(%rdi,%rcx) + \end + ret + ALIGN_TEXT +100816: cmpb $8,%cl - jl 1004f + jl 100408f movq (%rsi),%rdx + movq -8(%rsi,%rcx),%r8 movq %rdx,(%rdi) - subb $8,%cl - jz 1000f - leaq 8(%rsi),%rsi - leaq 8(%rdi),%rdi -1004: + movq %r8,-8(%rdi,%rcx,) + \end + ret + ALIGN_TEXT +100408: cmpb $4,%cl - jl 1002f + jl 100204f movl (%rsi),%edx + movl -4(%rsi,%rcx),%r8d movl %edx,(%rdi) - subb $4,%cl - jz 1000f - leaq 4(%rsi),%rsi - leaq 4(%rdi),%rdi -1002: + movl %r8d,-4(%rdi,%rcx) + \end + ret + ALIGN_TEXT +100204: cmpb $2,%cl - jl 1001f - movw (%rsi),%dx + jl 100001f + movzwl (%rsi),%edx + movzwl -2(%rsi,%rcx),%r8d movw %dx,(%rdi) - subb $2,%cl - jz 1000f - leaq 2(%rsi),%rsi - leaq 2(%rdi),%rdi -1001: + movw %r8w,-2(%rdi,%rcx) + \end + ret + ALIGN_TEXT +100001: cmpb $1,%cl - jl 1000f + jl 100000f movb (%rsi),%dl movb %dl,(%rdi) -1000: +100000: \end ret ALIGN_TEXT 1256: + testb $15,%dil + jnz 100f +.if \erms == 1 + rep + movsb +.else + shrq $3,%rcx /* copy by 64-bit words */ + rep + movsq + movq %rdx,%rcx + andl $7,%ecx /* any bytes left? */ + jne 100408b +.endif + \end + ret +100: + movq (%rsi),%r8 + movq 8(%rsi),%r9 + movq %rdi,%r10 + movq %rdi,%rcx + andq $15,%rcx + leaq -16(%rdx,%rcx),%rdx + neg %rcx + leaq 16(%rdi,%rcx),%rdi + leaq 16(%rsi,%rcx),%rsi + movq %rdx,%rcx .if \erms == 1 rep movsb + movq %r8,(%r10) + movq %r9,8(%r10) .else shrq $3,%rcx /* copy by 64-bit words */ rep movsq + movq %r8,(%r10) + movq %r9,8(%r10) movq %rdx,%rcx - andb $7,%cl /* any bytes left? */ - jne 1004b + andl $7,%ecx /* any bytes left? */ + jne 100408b .endif \end ret @@ -150,24 +189,24 @@ __FBSDID("$FreeBSD$"); */ ALIGN_TEXT 2: - addq %rcx,%rdi - addq %rcx,%rsi + cmpq $256,%rcx + ja 2256f + + leaq -8(%rdi,%rcx),%rdi + leaq -8(%rsi,%rcx),%rsi cmpq $32,%rcx jb 2016f - cmpq $256,%rcx - ja 2256f - 2032: + movq (%rsi),%rdx + movq %rdx,(%rdi) movq -8(%rsi),%rdx movq %rdx,-8(%rdi) movq -16(%rsi),%rdx movq %rdx,-16(%rdi) movq -24(%rsi),%rdx movq %rdx,-24(%rdi) - movq -32(%rsi),%rdx - movq %rdx,-32(%rdi) leaq -32(%rsi),%rsi leaq -32(%rdi),%rdi subq $32,%rcx @@ -181,10 +220,10 @@ __FBSDID("$FreeBSD$"); 2016: cmpb $16,%cl jl 2008f + movq (%rsi),%rdx + movq %rdx,(%rdi) movq -8(%rsi),%rdx movq %rdx,-8(%rdi) - movq -16(%rsi),%rdx - movq %rdx,-16(%rdi) subb $16,%cl jz 2000f leaq -16(%rsi),%rsi @@ -192,8 +231,8 @@ __FBSDID("$FreeBSD$"); 2008: cmpb $8,%cl jl 2004f - movq -8(%rsi),%rdx - movq %rdx,-8(%rdi) + movq (%rsi),%rdx + movq %rdx,(%rdi) subb $8,%cl jz 2000f leaq -8(%rsi),%rsi @@ -201,8 +240,8 @@ __FBSDID("$FreeBSD$"); 2004: cmpb $4,%cl jl 2002f - movl -4(%rsi),%edx - movl %edx,-4(%rdi) + movl 4(%rsi),%edx + movl %edx,4(%rdi) subb $4,%cl jz 2000f leaq -4(%rsi),%rsi @@ -210,8 +249,8 @@ __FBSDID("$FreeBSD$"); 2002: cmpb $2,%cl jl 2001f - movw -2(%rsi),%dx - movw %dx,-2(%rdi) + movw 6(%rsi),%dx + movw %dx,6(%rdi) subb $2,%cl jz 2000f leaq -2(%rsi),%rsi @@ -219,38 +258,37 @@ __FBSDID("$FreeBSD$"); 2001: cmpb $1,%cl jl 2000f - movb -1(%rsi),%dl - movb %dl,-1(%rdi) + movb 7(%rsi),%dl + movb %dl,7(%rdi) 2000: \end ret ALIGN_TEXT 2256: - decq %rdi - decq %rsi std .if \erms == 1 + leaq -1(%rdi,%rcx),%rdi + leaq -1(%rsi,%rcx),%rsi rep movsb + cld .else - andq $7,%rcx /* any fractional bytes? */ - je 3f - rep - movsb -3: - movq %rdx,%rcx /* copy remainder by 32-bit words */ + leaq -8(%rdi,%rcx),%rdi + leaq -8(%rsi,%rcx),%rsi shrq $3,%rcx - subq $7,%rsi - subq $7,%rdi rep movsq -.endif cld + movq %rdx,%rcx + andb $7,%cl + jne 2004b +.endif \end ret .endif .endm + .macro MEMMOVE_BEGIN movq %rdi,%rax movq %rdx,%rcx diff --git a/lib/libc/arm/Symbol.map b/lib/libc/arm/Symbol.map index 6c3f2765f8b0..9950a56ee815 100644 --- a/lib/libc/arm/Symbol.map +++ b/lib/libc/arm/Symbol.map @@ -43,9 +43,7 @@ FBSD_1.4 { FBSDprivate_1.0 { /* PSEUDO syscalls */ - __sys_getlogin; _getlogin; - __sys_exit; _set_tp; __aeabi_read_tp; @@ -55,7 +53,6 @@ FBSDprivate_1.0 { signalcontext; _signalcontext; __siglongjmp; - __sys_vfork; _vfork; _brk; _sbrk; diff --git a/lib/libc/gen/elf_utils.c b/lib/libc/gen/elf_utils.c index 06c91e057487..417f1842aadd 100644 --- a/lib/libc/gen/elf_utils.c +++ b/lib/libc/gen/elf_utils.c @@ -47,8 +47,21 @@ __elf_phdr_match_addr(struct dl_phdr_info *phdr_info, void *addr) for (i = 0; i < phdr_info->dlpi_phnum; i++) { ph = &phdr_info->dlpi_phdr[i]; - if (ph->p_type != PT_LOAD || (ph->p_flags & PF_X) == 0) + if (ph->p_type != PT_LOAD) continue; + + /* ELFv1 ABI for powerpc64 passes function descriptor + * pointers around, not function pointers. The function + * descriptors live in .opd, which is a non-executable segment. + * The PF_X check would therefore make all address checks fail, + * causing a crash in some instances. Don't skip over + * non-executable segments in the ELFv1 powerpc64 case. + */ +#if !defined(__powerpc64__) || (defined(_CALL_ELF) && _CALL_ELF == 2) + if ((ph->p_flags & PF_X) == 0) + continue; +#endif + if (phdr_info->dlpi_addr + ph->p_vaddr <= (uintptr_t)addr && (uintptr_t)addr + sizeof(addr) < phdr_info->dlpi_addr + ph->p_vaddr + ph->p_memsz) diff --git a/lib/libc/gen/syslog.3 b/lib/libc/gen/syslog.3 index 5738d362bd0c..2cb2c0d198b3 100644 --- a/lib/libc/gen/syslog.3 +++ b/lib/libc/gen/syslog.3 @@ -28,7 +28,7 @@ .\" @(#)syslog.3 8.1 (Berkeley) 6/4/93 .\" $FreeBSD$ .\" -.Dd April 12, 2018 +.Dd November 25, 2018 .Dt SYSLOG 3 .Os .Sh NAME @@ -42,17 +42,18 @@ .Lb libc .Sh SYNOPSIS .In syslog.h -.In stdarg.h .Ft void .Fn syslog "int priority" "const char *message" "..." .Ft void -.Fn vsyslog "int priority" "const char *message" "va_list args" -.Ft void .Fn openlog "const char *ident" "int logopt" "int facility" .Ft void .Fn closelog void .Ft int .Fn setlogmask "int maskpri" +.In syslog.h +.In stdarg.h +.Ft void +.Fn vsyslog "int priority" "const char *message" "va_list args" .Sh DESCRIPTION The .Fn syslog diff --git a/lib/libc/i386/Symbol.map b/lib/libc/i386/Symbol.map index cdc2db6bb01a..1151a3352c23 100644 --- a/lib/libc/i386/Symbol.map +++ b/lib/libc/i386/Symbol.map @@ -48,9 +48,7 @@ FBSD_1.0 { FBSDprivate_1.0 { /* PSEUDO syscalls */ - __sys_getlogin; _getlogin; - __sys_exit; _set_tp; ___longjmp; @@ -59,7 +57,6 @@ FBSDprivate_1.0 { __signalcontext; signalcontext; __siglongjmp; - __sys_vfork; _vfork; _brk; }; diff --git a/lib/libc/mips/Symbol.map b/lib/libc/mips/Symbol.map index 4eba7eab57c2..9ee1d5fbd6a2 100644 --- a/lib/libc/mips/Symbol.map +++ b/lib/libc/mips/Symbol.map @@ -37,9 +37,7 @@ FBSD_1.3 { FBSDprivate_1.0 { /* PSEUDO syscalls */ - __sys_getlogin; _getlogin; - __sys_exit; _set_tp; ___longjmp; @@ -48,7 +46,6 @@ FBSDprivate_1.0 { signalcontext; _signalcontext; __siglongjmp; - __sys_vfork; _vfork; _brk; _sbrk; diff --git a/lib/libc/net/nscachedcli.c b/lib/libc/net/nscachedcli.c index 9e462b8dc39d..53f69dda7fbb 100644 --- a/lib/libc/net/nscachedcli.c +++ b/lib/libc/net/nscachedcli.c @@ -144,29 +144,27 @@ safe_read(struct cached_connection_ *connection, void *data, size_t data_size) static int send_credentials(struct cached_connection_ *connection, int type) { + union { + struct cmsghdr hdr; + char pad[CMSG_SPACE(sizeof(struct cmsgcred))]; + } cmsg; + struct msghdr mhdr; + struct iovec iov; struct kevent eventlist; int nevents; ssize_t result; int res; - struct msghdr cred_hdr; - struct iovec iov; - - struct { - struct cmsghdr hdr; - char cred[CMSG_SPACE(sizeof(struct cmsgcred))]; - } cmsg; - memset(&cmsg, 0, sizeof(cmsg)); - cmsg.hdr.cmsg_len = CMSG_LEN(sizeof(struct cmsgcred)); + cmsg.hdr.cmsg_len = CMSG_LEN(sizeof(struct cmsgcred)); cmsg.hdr.cmsg_level = SOL_SOCKET; cmsg.hdr.cmsg_type = SCM_CREDS; - memset(&cred_hdr, 0, sizeof(struct msghdr)); - cred_hdr.msg_iov = &iov; - cred_hdr.msg_iovlen = 1; - cred_hdr.msg_control = (caddr_t)&cmsg; - cred_hdr.msg_controllen = CMSG_SPACE(sizeof(struct cmsgcred)); + memset(&mhdr, 0, sizeof(mhdr)); + mhdr.msg_iov = &iov; + mhdr.msg_iovlen = 1; + mhdr.msg_control = &cmsg; + mhdr.msg_controllen = CMSG_SPACE(sizeof(struct cmsgcred)); iov.iov_base = &type; iov.iov_len = sizeof(int); @@ -178,8 +176,8 @@ send_credentials(struct cached_connection_ *connection, int type) nevents = _kevent(connection->write_queue, NULL, 0, &eventlist, 1, NULL); if (nevents == 1 && eventlist.filter == EVFILT_WRITE) { - result = (_sendmsg(connection->sockfd, &cred_hdr, - MSG_NOSIGNAL) == -1) ? -1 : 0; + result = _sendmsg(connection->sockfd, &mhdr, + MSG_NOSIGNAL) == -1 ? -1 : 0; EV_SET(&eventlist, connection->sockfd, EVFILT_WRITE, EV_ADD, 0, 0, NULL); _kevent(connection->write_queue, &eventlist, 1, NULL, 0, NULL); diff --git a/lib/libc/powerpc/Symbol.map b/lib/libc/powerpc/Symbol.map index 38f9bf579cfb..be6daf5d908e 100644 --- a/lib/libc/powerpc/Symbol.map +++ b/lib/libc/powerpc/Symbol.map @@ -43,9 +43,7 @@ FBSD_1.3 { FBSDprivate_1.0 { /* PSEUDO syscalls */ - __sys_getlogin; _getlogin; - __sys_exit; _set_tp; _fpgetsticky; diff --git a/lib/libc/powerpc64/Symbol.map b/lib/libc/powerpc64/Symbol.map index c1e2d9ce8e69..29bd6a544a61 100644 --- a/lib/libc/powerpc64/Symbol.map +++ b/lib/libc/powerpc64/Symbol.map @@ -39,9 +39,7 @@ FBSD_1.0 { FBSDprivate_1.0 { /* PSEUDO syscalls */ - __sys_getlogin; _getlogin; - __sys_exit; _set_tp; _fpgetsticky; diff --git a/lib/libc/sparc64/Symbol.map b/lib/libc/sparc64/Symbol.map index 551fae915158..1f05cbad34ed 100644 --- a/lib/libc/sparc64/Symbol.map +++ b/lib/libc/sparc64/Symbol.map @@ -68,9 +68,7 @@ FBSD_1.0 { FBSDprivate_1.0 { /* PSEUDO syscalls */ - __sys_getlogin; _getlogin; - __sys_exit; _set_tp; ___longjmp; @@ -79,11 +77,8 @@ FBSDprivate_1.0 { signalcontext; __signalcontext; __siglongjmp; - __sys_brk; _brk; - __sys_sbrk; _sbrk; - __sys_vfork; _vfork; /* used in src/lib/csu/sparc64/crt1.c */ diff --git a/lib/libc/sys/Makefile.inc b/lib/libc/sys/Makefile.inc index 31b0af4b7d82..bc8299eea8f2 100644 --- a/lib/libc/sys/Makefile.inc +++ b/lib/libc/sys/Makefile.inc @@ -184,7 +184,9 @@ MAN+= abort2.2 \ extattr_get_file.2 \ fcntl.2 \ ffclock.2 \ + fhlink.2 \ fhopen.2 \ + fhreadlink.2 \ flock.2 \ fork.2 \ fsync.2 \ @@ -395,7 +397,8 @@ MLINKS+=ffclock.2 ffclock_getcounter.2 \ MLINKS+=fhopen.2 fhstat.2 fhopen.2 fhstatfs.2 MLINKS+=fsync.2 fdatasync.2 MLINKS+=getdirentries.2 getdents.2 -MLINKS+=getfh.2 lgetfh.2 +MLINKS+=getfh.2 lgetfh.2 \ + getfh.2 getfhat.2 MLINKS+=getgid.2 getegid.2 MLINKS+=getitimer.2 setitimer.2 MLINKS+=getlogin.2 getlogin_r.3 diff --git a/lib/libc/sys/Symbol.map b/lib/libc/sys/Symbol.map index e2acb9344580..a48c693575f8 100644 --- a/lib/libc/sys/Symbol.map +++ b/lib/libc/sys/Symbol.map @@ -401,6 +401,13 @@ FBSD_1.5 { cpuset_setdomain; }; +FBSD_1.6 { + fhlink; + fhlinkat; + fhreadlink; + getfhat; +}; + FBSDprivate_1.0 { ___acl_aclcheck_fd; __sys___acl_aclcheck_fd; diff --git a/lib/libc/sys/fhlink.2 b/lib/libc/sys/fhlink.2 new file mode 100644 index 000000000000..d15ffb628ce8 --- /dev/null +++ b/lib/libc/sys/fhlink.2 @@ -0,0 +1,268 @@ +.\" SPDX-License-Identifier: BSD-2-Clause +.\" +.\" Copyright (c) 2018 Gandi +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $FreeBSD$ +.\" +.Dd November 29, 2018 +.Dt FHLINK 2 +.Os +.Sh NAME +.Nm fhlink , +.Nm fhlinkat +.Nd make a hard file link +.Sh LIBRARY +.Lb libc +.Sh SYNOPSIS +.In unistd.h +.Ft int +.Fn fhlink "fhandle_t *fhp" "const char *to" +.Ft int +.Fn fhlinkat "fhandle_t *fhp" "int tofd" "const char *to" +.Fc +.Sh DESCRIPTION +The +.Fn fhlink +system call +atomically creates the specified directory entry (hard link) +.Fa to +with the attributes of the underlying object pointed at by +.Fa fhp . +If the link is successful: the link count of the underlying object +is incremented; +.Fa fhp +and +.Fa to +share equal access and rights +to the +underlying object. +.Pp +If +.Fa fhp +is removed, the file +.Fa to +is not deleted and the link count of the +underlying object is +decremented. +.Pp +The object pointed at by the +.Fa fhp +argument +must exist for the hard link to +succeed and +both +.Fa fhp +and +.Fa to +must be in the same file system. +The +.Fa fhp +argument +may not be a directory. +.Pp +The +.Fn fhlinkat +system call is equivalent to +.Fa fhlink +except in the case where +.Fa to +is a relative paths. +In this case a relative path +.Fa to +is interpreted relative to +the directory associated with the file descriptor +.Fa tofd +instead of the current working directory. +.Pp +Values for +.Fa flag +are constructed by a bitwise-inclusive OR of flags from the following +list, defined in +.In fcntl.h : +.Bl -tag -width indent +.It Dv AT_SYMLINK_FOLLOW +If +.Fa fhp +names a symbolic link, a new link for the target of the symbolic link is +created. +.It Dv AT_BENEATH +Only allow to link to a file which is beneath of the topping directory. +See the description of the +.Dv O_BENEATH +flag in the +.Xr open 2 +manual page. +.El +.Pp +If +.Fn fhlinkat +is passed the special value +.Dv AT_FDCWD +in the +.Fa tofd +parameter, the current working directory is used for the +.Fa to +argument. +If +.Fa tofd +has value +.Dv AT_FDCWD , +the behavior is identical to a call to +.Fn link . +Unless +.Fa flag +contains the +.Dv AT_SYMLINK_FOLLOW +flag, if +.Fa fhp +names a symbolic link, a new link is created for the symbolic link +.Fa fhp +and not its target. +.Sh RETURN VALUES +.Rv -std link +.Sh ERRORS +The +.Fn fhlink +system call +will fail and no link will be created if: +.Bl -tag -width Er +.It Bq Er ENOTDIR +A component of +.Fa to +prefix is not a directory. +.It Bq Er ENAMETOOLONG +A component of +.Fa to +exceeded 255 characters, +or entire length of +.Fa to +name exceeded 1023 characters. +.It Bq Er ENOENT +A component of +.Fa to +prefix does not exist. +.It Bq Er EOPNOTSUPP +The file system containing the file pointed at by +.Fa fhp +does not support links. +.It Bq Er EMLINK +The link count of the file pointed at by +.Fa fhp +would exceed 32767. +.It Bq Er EACCES +A component of +.Fa to +prefix denies search permission. +.It Bq Er EACCES +The requested link requires writing in a directory with a mode +that denies write permission. +.It Bq Er ELOOP +Too many symbolic links were encountered in translating one of the pathnames. +.It Bq Er ENOENT +The file pointed at by +.Fa fhp +does not exist. +.It Bq Er EEXIST +The link named by +.Fa to +does exist. +.It Bq Er EPERM +The file pointed at by +.Fa fhp +is a directory. +.It Bq Er EPERM +The file pointed at by +.Fa fhp +has its immutable or append-only flag set, see the +.Xr chflags 2 +manual page for more information. +.It Bq Er EPERM +The parent directory of the file named by +.Fa to +has its immutable flag set. +.It Bq Er EXDEV +The link named by +.Fa to +and the file pointed at by +.Fa fhp +are on different file systems. +.It Bq Er ENOSPC +The directory in which the entry for the new link is being placed +cannot be extended because there is no space left on the file +system containing the directory. +.It Bq Er EDQUOT +The directory in which the entry for the new link +is being placed cannot be extended because the +user's quota of disk blocks on the file system +containing the directory has been exhausted. +.It Bq Er EIO +An I/O error occurred while reading from or writing to +the file system to make the directory entry. +.It Bq Er EROFS +The requested link requires writing in a directory on a read-only file +system. +.It Bq Er EFAULT +One of the pathnames specified +is outside the process's allocated address space. +.It Bq Er ESTALE +The file handle +.Fa fhp +is no longer valid +.El +.Pp +In addition to the errors returned by the +.Fn fhlink , +the +.Fn fhlinkat +system call may fail if: +.Bl -tag -width Er +.It Bq Er EBADF +The +.Fa fhp +or +.Fa to +argument does not specify an absolute path and the +.Fa tofd +argument, is not +.Dv AT_FDCWD +nor a valid file descriptor open for searching. +.It Bq Er EINVAL +The value of the +.Fa flag +argument is not valid. +.It Bq Er ENOTDIR +The +.Fa fhp +or +.Fa to +argument is not an absolute path and +.Fa tofd +is not +.Dv AT_FDCWD +nor a file descriptor associated with a directory. +.El +.Sh SEE ALSO +.Xr fhstat 2 , +.Xr fhreadlink 2 , +.Xr fhopen 2 , diff --git a/lib/libc/sys/fhreadlink.2 b/lib/libc/sys/fhreadlink.2 new file mode 100644 index 000000000000..599db0985eb3 --- /dev/null +++ b/lib/libc/sys/fhreadlink.2 @@ -0,0 +1,92 @@ +.\" SPDX-License-Identifier: BSD-2-Clause +.\" +.\" Copyright (c) 2018 Gandi +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $FreeBSD$ +.\" +.Dd November 29, 2018 +.Dt FHREADLINK 2 +.Os +.Sh NAME +.Nm fhreadlink +.Nd read value of a symbolic link +.Sh LIBRARY +.Lb libc +.Sh SYNOPSIS +.In sys/param.h +.In sys/mount.h +.Ft int +.Fn fhreadlink "fhandle_t *fhp" "char *buf" "size_t bufsize" +.Fc +.Sh DESCRIPTION +The +.Fn fhreadlink +system call +places the contents of the symbolic link +.Fa fhp +in the buffer +.Fa buf , +which has size +.Fa bufsiz . +The +.Fn fhreadlink +system call does not append a +.Dv NUL +character to +.Fa buf . +.Pp +.Sh RETURN VALUES +The call returns the count of characters placed in the buffer +if it succeeds, or a \-1 if an error occurs, placing the error +code in the global variable +.Va errno . +.Sh ERRORS +The +.Fn readlink +system call +will fail if: +.Bl -tag -width Er +.It Bq Er ENOENT +The named file does not exist. +.It Bq Er ELOOP +Too many symbolic links were encountered in translating the file handle +.Fa fhp . +.It Bq Er EINVAL +The named file is not a symbolic link. +.It Bq Er EIO +An I/O error occurred while reading from the file system. +.It Bq Er EFAULT +The +.Fa buf +argument +extends outside the process's allocated address space. +.It Bq Er ESTALE +The file handle +.Fa fhp +is no longer valid +.El +.El +.Sh SEE ALSO +.Xr fhstat 2 , +.Xr fhlink 2 , diff --git a/lib/libc/sys/getfh.2 b/lib/libc/sys/getfh.2 index 81e6c6a27396..1877a37a02bf 100644 --- a/lib/libc/sys/getfh.2 +++ b/lib/libc/sys/getfh.2 @@ -1,5 +1,6 @@ .\" Copyright (c) 1989, 1991, 1993 .\" The Regents of the University of California. All rights reserved. +.\" Copyright (c) 2018 Gandi .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions @@ -28,12 +29,13 @@ .\" @(#)getfh.2 8.1 (Berkeley) 6/9/93 .\" $FreeBSD$ .\" -.Dd April 14, 2011 +.Dd December 7, 2018 .Dt GETFH 2 .Os .Sh NAME .Nm getfh , -.Nm lgetfh +.Nm lgetfh , +.Nm getfhat .Nd get file handle .Sh LIBRARY .Lb libc @@ -44,6 +46,8 @@ .Fn getfh "const char *path" "fhandle_t *fhp" .Ft int .Fn lgetfh "const char *path" "fhandle_t *fhp" +.Ft int +.Fn getfhat "int fd" "const char *path" "fhandle_t *fhp" "int flag" .Sh DESCRIPTION The .Fn getfh @@ -51,6 +55,7 @@ system call returns a file handle for the specified file or directory in the file handle pointed to by .Fa fhp . +.Pp The .Fn lgetfh system call is like @@ -62,6 +67,85 @@ returns information about the link, while .Fn getfh returns information about the file the link references. +.Pp +The +.Fn getfhat +system call is equivalent to +.Fn getfh +and +.Fn lgetfh +except when the +.Fa path +specifies a relative or NULL path, or the +.Dv AT_BENEATH +flag is provided. +For +.Fn getfhat +and relative or NULL +.Fa path , +the status is retrieved from a file relative to +the directory associated with the file descriptor +.Fa fd +instead of the current working directory. +For +.Dv AT_BENEATH +and absolute +.Fa path , +the status is retrieved from a file specified by the +.Fa path , +but additional permission checks are performed, see below. +.Pp +The values for the +.Fa flag +are constructed by a bitwise-inclusive OR of flags from this list, +defined in +.In fcntl.h : +.Bl -tag -width indent +.It Dv AT_SYMLINK_NOFOLLOW +If +.Fa path +names a symbolic link, the status of the symbolic link is returned. +.It Dv AT_BENEATH +Only stat files and directories below the topping directory. +See the description of the +.Dv O_BENEATH +flag in the +.Xr open 2 +manual page. +.El +.Pp +If +.Fn getfhat +is passed the special value +.Dv AT_FDCWD +in the +.Fa fd +parameter, the current working directory is used and the behavior is +identical to a call to +.Fn getfth +or +.Fn lgetfh +respectively, depending on whether or not the +.Dv AT_SYMLINK_NOFOLLOW +bit is set in +.Fa flag . +.Pp +When +.Fn getfhat +is called with an absolute +.Fa path +without the +.Dv AT_BENEATH +flag, it ignores the +.Fa fd +argument. +When +.Dv AT_BENEATH +is specified with an absolute +.Fa path , +a directory passed by the +.Fa fd +argument is used as the topping point for the resolution. These system calls are restricted to the superuser. .Sh RETURN VALUES .Rv -std @@ -99,11 +183,49 @@ The .Fa fhp argument points to an invalid address. +.It Bq Er EFAULT +The +.Fa path +argument +points to an invalid address. .It Bq Er EIO An .Tn I/O error occurred while reading from or writing to the file system. +.It Bq Er ESTALE +The file handle +.Fa fhp +is no longer valid. .El +.Pp +In addition to the errors returned by +.Fn getfh , +and +.Fn lgetfh , +the +.Fn getfhat +system call may fail if: +.Bl -tag -width Er +.It Bq Er EBADF +The +.Fa path +argument does not specify an absolute path and the +.Fa fd +argument, is neither +.Dv AT_FDCWD +nor a valid file descriptor open for searching. +.It Bq Er EINVAL +The value of the +.Fa flag +argument is not valid. +.It Bq Er ENOTDIR +The +.Fa path +argument is not an absolute path and +.Fa fd +is neither +.Dv AT_FDCWD +nor a file descriptor associated with a directory. .Sh SEE ALSO .Xr fhopen 2 , .Xr open 2 , diff --git a/lib/libc/sys/stat.2 b/lib/libc/sys/stat.2 index f72dc0d0a117..a9e1a5c6e845 100644 --- a/lib/libc/sys/stat.2 +++ b/lib/libc/sys/stat.2 @@ -28,7 +28,7 @@ .\" @(#)stat.2 8.4 (Berkeley) 5/1/95 .\" $FreeBSD$ .\" -.Dd November 11, 2018 +.Dd December 5, 2018 .Dt STAT 2 .Os .Sh NAME @@ -193,45 +193,53 @@ are: .Bl -tag -width ".Va st_birthtim" .It Va st_atim Time when file data was last accessed. -Changed by the -.Xr mknod 2 , -.Xr utimes 2 , +Changed implicitly by syscalls such as .Xr read 2 and -.Xr readv 2 -system calls. +.Xr readv 2 , +and explicitly by +.Xr utimes 2 . .It Va st_mtim Time when file data was last modified. -Changed by the +Changed implicitly by syscalls such as +.Xr truncate 2 , +.Xr write 2 , +and +.Xr writev 2 , +and explicitly by +.Xr utimes 2 . +Also, any syscall which modifies directory content changes the +.Va st_mtim +for the affected directory. +For instance, +.Xr creat 2 , .Xr mkdir 2 , -.Xr mkfifo 2 , -.Xr mknod 2 , -.Xr utimes 2 , -.Xr write 2 +.Xr rename 2 , +.Xr link 2 , and -.Xr writev 2 -system calls. +.Xr unlink 2 . .It Va st_ctim Time when file status was last changed (inode data modification). -Changed by the +Changed implicitly by any syscall that affects file metadata, including +.Va st_mtim , +such as .Xr chflags 2 , .Xr chmod 2 , .Xr chown 2 , +.Xr truncate 2 , +.Xr utimes 2 , +and +.Xr write 2 . +Also, any syscall which modifies directory content changes the +.Va st_ctim +for the affected directory. +For instance, .Xr creat 2 , -.Xr link 2 , .Xr mkdir 2 , -.Xr mkfifo 2 , -.Xr mknod 2 , .Xr rename 2 , -.Xr rmdir 2 , -.Xr symlink 2 , -.Xr truncate 2 , -.Xr unlink 2 , -.Xr utimes 2 , -.Xr write 2 +.Xr link 2 , and -.Xr writev 2 -system calls. +.Xr unlink 2 . .It Va st_birthtim Time when the inode was created. .El diff --git a/lib/libcasper/services/cap_fileargs/cap_fileargs.c b/lib/libcasper/services/cap_fileargs/cap_fileargs.c index 0d9144231be6..fbaa8b52453e 100644 --- a/lib/libcasper/services/cap_fileargs/cap_fileargs.c +++ b/lib/libcasper/services/cap_fileargs/cap_fileargs.c @@ -363,7 +363,7 @@ open_file(const char *name) return (-1); if (caprightsp != NULL) { - if (cap_rights_limit(fd, caprightsp) < 0) { + if (cap_rights_limit(fd, caprightsp) < 0 && errno != ENOSYS) { serrno = errno; close(fd); errno = serrno; diff --git a/lib/libcasper/services/cap_syslog/cap_syslog.c b/lib/libcasper/services/cap_syslog/cap_syslog.c index 129e80945dd0..8309056bb160 100644 --- a/lib/libcasper/services/cap_syslog/cap_syslog.c +++ b/lib/libcasper/services/cap_syslog/cap_syslog.c @@ -198,4 +198,4 @@ syslog_command(const char *cmd, const nvlist_t *limits, nvlist_t *nvlin, return (0); } -CREATE_SERVICE("system.syslog", NULL, syslog_command, 0); +CREATE_SERVICE("system.syslog", NULL, syslog_command, CASPER_SERVICE_STDIO); diff --git a/lib/libedit/chartype.c b/lib/libedit/chartype.c index 44fb953f8581..a695bdc384ec 100644 --- a/lib/libedit/chartype.c +++ b/lib/libedit/chartype.c @@ -37,6 +37,7 @@ __RCSID("$NetBSD: chartype.c,v 1.23 2016/02/28 23:02:24 christos Exp $"); __FBSDID("$FreeBSD$"); #include <ctype.h> +#include <limits.h> #include <stdlib.h> #include <string.h> @@ -182,17 +183,13 @@ ct_decode_argv(int argc, const char *argv[], ct_buffer_t *conv) protected size_t ct_enc_width(Char c) { - /* UTF-8 encoding specific values */ - if (c < 0x80) - return 1; - else if (c < 0x0800) - return 2; - else if (c < 0x10000) - return 3; - else if (c < 0x110000) - return 4; - else - return 0; /* not a valid codepoint */ + mbstate_t ps = (mbstate_t){{0}}; + size_t len; + char cbuf[MB_LEN_MAX]; + len = ct_wcrtomb(cbuf, c, &ps); + if (len == (size_t)-1) + return (0); + return (len); } protected ssize_t diff --git a/lib/libedit/chartype.h b/lib/libedit/chartype.h index 9f5e7e407c8c..317740f0d404 100644 --- a/lib/libedit/chartype.h +++ b/lib/libedit/chartype.h @@ -56,6 +56,7 @@ #define ct_wctob wctob #define ct_wctomb wctomb +#define ct_wcrtomb wcrtomb #define ct_wctomb_reset wctomb(0,0) #define ct_wcstombs wcstombs #define ct_mbstowcs mbstowcs @@ -109,6 +110,7 @@ Width(wchar_t c) #define ct_wctob(w) ((int)(w)) #define ct_wctomb error +#define ct_wcrtomb error #define ct_wctomb_reset #define ct_wcstombs(a, b, c) (strncpy(a, b, c), strlen(a)) #define ct_mbstowcs(a, b, c) (strncpy(a, b, c), strlen(a)) diff --git a/lib/libedit/el.c b/lib/libedit/el.c index 81020b182708..ea5b9b78d2f3 100644 --- a/lib/libedit/el.c +++ b/lib/libedit/el.c @@ -99,10 +99,6 @@ el_init_fd(const char *prog, FILE *fin, FILE *fout, FILE *ferr, * Initialize all the modules. Order is important!!! */ el->el_flags = 0; - if (setlocale(LC_CTYPE, NULL) != NULL){ - if (strcmp(nl_langinfo(CODESET), "UTF-8") == 0) - el->el_flags |= CHARSET_IS_UTF8; - } if (terminal_init(el) == -1) { el_free(el->el_prog); @@ -293,7 +289,7 @@ FUN(el,set)(EditLine *el, int op, ...) void *ptr = va_arg(ap, void *); rv = hist_set(el, func, ptr); - if (!(el->el_flags & CHARSET_IS_UTF8)) + if (MB_CUR_MAX == 1) el->el_flags &= ~NARROW_HISTORY; break; } diff --git a/lib/libedit/el.h b/lib/libedit/el.h index d6b69fc179ef..8b728742911a 100644 --- a/lib/libedit/el.h +++ b/lib/libedit/el.h @@ -56,7 +56,6 @@ #define NO_TTY 0x02 #define EDIT_DISABLED 0x04 #define UNBUFFERED 0x08 -#define CHARSET_IS_UTF8 0x10 #define NARROW_HISTORY 0x40 typedef unsigned char el_action_t; /* Index to command array */ diff --git a/lib/libedit/read.c b/lib/libedit/read.c index 66e266b5f79b..054177348dd3 100644 --- a/lib/libedit/read.c +++ b/lib/libedit/read.c @@ -363,13 +363,7 @@ read_char(EditLine *el, wchar_t *cp) goto again; } case (size_t)-2: - /* - * We don't support other multibyte charsets. - * The second condition shouldn't happen - * and is here merely for additional safety. - */ - if ((el->el_flags & CHARSET_IS_UTF8) == 0 || - cbp >= MB_LEN_MAX) { + if (cbp >= MB_LEN_MAX) { errno = EILSEQ; *cp = L'\0'; return -1; diff --git a/lib/libfetch/common.c b/lib/libfetch/common.c index 74bc145f6873..80a63123abdb 100644 --- a/lib/libfetch/common.c +++ b/lib/libfetch/common.c @@ -189,9 +189,9 @@ fetch_default_port(const char *scheme) if ((se = getservbyname(scheme, "tcp")) != NULL) return (ntohs(se->s_port)); - if (strcasecmp(scheme, SCHEME_FTP) == 0) + if (strcmp(scheme, SCHEME_FTP) == 0) return (FTP_DEFAULT_PORT); - if (strcasecmp(scheme, SCHEME_HTTP) == 0) + if (strcmp(scheme, SCHEME_HTTP) == 0) return (HTTP_DEFAULT_PORT); return (0); } @@ -202,9 +202,9 @@ fetch_default_port(const char *scheme) int fetch_default_proxy_port(const char *scheme) { - if (strcasecmp(scheme, SCHEME_FTP) == 0) + if (strcmp(scheme, SCHEME_FTP) == 0) return (FTP_DEFAULT_PROXY_PORT); - if (strcasecmp(scheme, SCHEME_HTTP) == 0) + if (strcmp(scheme, SCHEME_HTTP) == 0) return (HTTP_DEFAULT_PROXY_PORT); return (0); } diff --git a/lib/libfetch/fetch.c b/lib/libfetch/fetch.c index ea8c33864706..b3ed702b3185 100644 --- a/lib/libfetch/fetch.c +++ b/lib/libfetch/fetch.c @@ -32,8 +32,10 @@ __FBSDID("$FreeBSD$"); #include <sys/param.h> -#include <sys/errno.h> +#include <netinet/in.h> + +#include <errno.h> #include <ctype.h> #include <stdio.h> #include <stdlib.h> @@ -81,13 +83,13 @@ fetchXGet(struct url *URL, struct url_stat *us, const char *flags) us->size = -1; us->atime = us->mtime = 0; } - if (strcasecmp(URL->scheme, SCHEME_FILE) == 0) + if (strcmp(URL->scheme, SCHEME_FILE) == 0) return (fetchXGetFile(URL, us, flags)); - else if (strcasecmp(URL->scheme, SCHEME_FTP) == 0) + else if (strcmp(URL->scheme, SCHEME_FTP) == 0) return (fetchXGetFTP(URL, us, flags)); - else if (strcasecmp(URL->scheme, SCHEME_HTTP) == 0) + else if (strcmp(URL->scheme, SCHEME_HTTP) == 0) return (fetchXGetHTTP(URL, us, flags)); - else if (strcasecmp(URL->scheme, SCHEME_HTTPS) == 0) + else if (strcmp(URL->scheme, SCHEME_HTTPS) == 0) return (fetchXGetHTTP(URL, us, flags)); url_seterr(URL_BAD_SCHEME); return (NULL); @@ -111,13 +113,13 @@ FILE * fetchPut(struct url *URL, const char *flags) { - if (strcasecmp(URL->scheme, SCHEME_FILE) == 0) + if (strcmp(URL->scheme, SCHEME_FILE) == 0) return (fetchPutFile(URL, flags)); - else if (strcasecmp(URL->scheme, SCHEME_FTP) == 0) + else if (strcmp(URL->scheme, SCHEME_FTP) == 0) return (fetchPutFTP(URL, flags)); - else if (strcasecmp(URL->scheme, SCHEME_HTTP) == 0) + else if (strcmp(URL->scheme, SCHEME_HTTP) == 0) return (fetchPutHTTP(URL, flags)); - else if (strcasecmp(URL->scheme, SCHEME_HTTPS) == 0) + else if (strcmp(URL->scheme, SCHEME_HTTPS) == 0) return (fetchPutHTTP(URL, flags)); url_seterr(URL_BAD_SCHEME); return (NULL); @@ -135,13 +137,13 @@ fetchStat(struct url *URL, struct url_stat *us, const char *flags) us->size = -1; us->atime = us->mtime = 0; } - if (strcasecmp(URL->scheme, SCHEME_FILE) == 0) + if (strcmp(URL->scheme, SCHEME_FILE) == 0) return (fetchStatFile(URL, us, flags)); - else if (strcasecmp(URL->scheme, SCHEME_FTP) == 0) + else if (strcmp(URL->scheme, SCHEME_FTP) == 0) return (fetchStatFTP(URL, us, flags)); - else if (strcasecmp(URL->scheme, SCHEME_HTTP) == 0) + else if (strcmp(URL->scheme, SCHEME_HTTP) == 0) return (fetchStatHTTP(URL, us, flags)); - else if (strcasecmp(URL->scheme, SCHEME_HTTPS) == 0) + else if (strcmp(URL->scheme, SCHEME_HTTPS) == 0) return (fetchStatHTTP(URL, us, flags)); url_seterr(URL_BAD_SCHEME); return (-1); @@ -155,13 +157,13 @@ struct url_ent * fetchList(struct url *URL, const char *flags) { - if (strcasecmp(URL->scheme, SCHEME_FILE) == 0) + if (strcmp(URL->scheme, SCHEME_FILE) == 0) return (fetchListFile(URL, flags)); - else if (strcasecmp(URL->scheme, SCHEME_FTP) == 0) + else if (strcmp(URL->scheme, SCHEME_FTP) == 0) return (fetchListFTP(URL, flags)); - else if (strcasecmp(URL->scheme, SCHEME_HTTP) == 0) + else if (strcmp(URL->scheme, SCHEME_HTTP) == 0) return (fetchListHTTP(URL, flags)); - else if (strcasecmp(URL->scheme, SCHEME_HTTPS) == 0) + else if (strcmp(URL->scheme, SCHEME_HTTPS) == 0) return (fetchListHTTP(URL, flags)); url_seterr(URL_BAD_SCHEME); return (NULL); @@ -345,7 +347,7 @@ fetchParseURL(const char *URL) char *doc; const char *p, *q; struct url *u; - int i; + int i, n; /* allocate struct url */ if ((u = calloc(1, sizeof(*u))) == NULL) { @@ -356,8 +358,10 @@ fetchParseURL(const char *URL) /* scheme name */ if ((p = strstr(URL, ":/"))) { - snprintf(u->scheme, URL_SCHEMELEN+1, - "%.*s", (int)(p - URL), URL); + if (p - URL > URL_SCHEMELEN) + goto ouch; + for (i = 0; URL + i < p; i++) + u->scheme[i] = tolower((unsigned char)URL[i]); URL = ++p; /* * Only one slash: no host, leave slash as part of document @@ -388,28 +392,37 @@ fetchParseURL(const char *URL) } /* hostname */ - if (*p == '[' && (q = strchr(p + 1, ']')) != NULL && - (*++q == '\0' || *q == '/' || *q == ':')) { - if ((i = q - p) > MAXHOSTNAMELEN) - i = MAXHOSTNAMELEN; - strncpy(u->host, p, i); - p = q; + if (*p == '[') { + q = p + 1 + strspn(p + 1, ":0123456789ABCDEFabcdef"); + if (*q++ != ']') + goto ouch; } else { - for (i = 0; *p && (*p != '/') && (*p != ':'); p++) - if (i < MAXHOSTNAMELEN) - u->host[i++] = *p; + /* valid characters in a DNS name */ + q = p + strspn(p, "-." "0123456789" + "ABCDEFGHIJKLMNOPQRSTUVWXYZ" "_" + "abcdefghijklmnopqrstuvwxyz"); } + if ((*q != '\0' && *q != '/' && *q != ':') || q - p > MAXHOSTNAMELEN) + goto ouch; + for (i = 0; p + i < q; i++) + u->host[i] = tolower((unsigned char)p[i]); + u->host[i] = '\0'; + p = q; /* port */ if (*p == ':') { - for (q = ++p; *q && (*q != '/'); q++) - if (isdigit((unsigned char)*q)) - u->port = u->port * 10 + (*q - '0'); - else { + for (n = 0, q = ++p; *q && (*q != '/'); q++) { + if (*q >= '0' && *q <= '9' && n < INT_MAX / 10) { + n = n * 10 + (*q - '0'); + } else { /* invalid port */ url_seterr(URL_BAD_PORT); goto ouch; } + } + if (n < 1 || n > IPPORT_MAX) + goto ouch; + u->port = n; p = q; } @@ -418,8 +431,8 @@ nohost: if (!*p) p = "/"; - if (strcasecmp(u->scheme, SCHEME_HTTP) == 0 || - strcasecmp(u->scheme, SCHEME_HTTPS) == 0) { + if (strcmp(u->scheme, SCHEME_HTTP) == 0 || + strcmp(u->scheme, SCHEME_HTTPS) == 0) { const char hexnums[] = "0123456789abcdef"; /* percent-escape whitespace. */ diff --git a/lib/libfetch/ftp.c b/lib/libfetch/ftp.c index 72165d63fd19..9a546f3fecad 100644 --- a/lib/libfetch/ftp.c +++ b/lib/libfetch/ftp.c @@ -1085,8 +1085,8 @@ ftp_get_proxy(struct url * url, const char *flags) } if (!purl->port) purl->port = fetch_default_proxy_port(purl->scheme); - if (strcasecmp(purl->scheme, SCHEME_FTP) == 0 || - strcasecmp(purl->scheme, SCHEME_HTTP) == 0) + if (strcmp(purl->scheme, SCHEME_FTP) == 0 || + strcmp(purl->scheme, SCHEME_HTTP) == 0) return (purl); fetchFreeURL(purl); } @@ -1104,7 +1104,8 @@ ftp_request(struct url *url, const char *op, struct url_stat *us, int oflag; /* check if we should use HTTP instead */ - if (purl && strcasecmp(purl->scheme, SCHEME_HTTP) == 0) { + if (purl && (strcmp(purl->scheme, SCHEME_HTTP) == 0 || + strcmp(purl->scheme, SCHEME_HTTPS) == 0)) { if (strcmp(op, "STAT") == 0) return (http_request(url, "HEAD", us, purl, flags)); else if (strcmp(op, "RETR") == 0) diff --git a/lib/libfetch/http.c b/lib/libfetch/http.c index 53b9d244b961..97788ddc32ab 100644 --- a/lib/libfetch/http.c +++ b/lib/libfetch/http.c @@ -1408,7 +1408,7 @@ http_connect(struct url *URL, struct url *purl, const char *flags) /* fetch_connect() has already set an error code */ return (NULL); init_http_headerbuf(&headerbuf); - if (strcasecmp(URL->scheme, SCHEME_HTTPS) == 0 && purl) { + if (strcmp(URL->scheme, SCHEME_HTTPS) == 0 && purl) { http_cmd(conn, "CONNECT %s:%d HTTP/1.1", URL->host, URL->port); http_cmd(conn, "Host: %s:%d", @@ -1436,7 +1436,7 @@ http_connect(struct url *URL, struct url *purl, const char *flags) } } while (h > hdr_end); } - if (strcasecmp(URL->scheme, SCHEME_HTTPS) == 0 && + if (strcmp(URL->scheme, SCHEME_HTTPS) == 0 && fetch_ssl(conn, URL, verbose) == -1) { /* grrr */ errno = EAUTH; @@ -1473,7 +1473,7 @@ http_get_proxy(struct url * url, const char *flags) strcpy(purl->scheme, SCHEME_HTTP); if (!purl->port) purl->port = fetch_default_proxy_port(purl->scheme); - if (strcasecmp(purl->scheme, SCHEME_HTTP) == 0) + if (strcmp(purl->scheme, SCHEME_HTTP) == 0) return (purl); fetchFreeURL(purl); } @@ -1617,7 +1617,7 @@ http_request_body(struct url *URL, const char *op, struct url_stat *us, if (verbose) fetch_info("requesting %s://%s%s", url->scheme, host, url->doc); - if (purl && strcasecmp(URL->scheme, SCHEME_HTTPS) != 0) { + if (purl && strcmp(url->scheme, SCHEME_HTTPS) != 0) { http_cmd(conn, "%s %s://%s%s HTTP/1.1", op, url->scheme, host, url->doc); } else { diff --git a/lib/libopenbsd/Makefile b/lib/libopenbsd/Makefile index afb41b393fbd..7b0f3778046c 100644 --- a/lib/libopenbsd/Makefile +++ b/lib/libopenbsd/Makefile @@ -2,10 +2,15 @@ PACKAGE=lib${LIB} LIB= openbsd -SRCS= getdtablecount.c \ - imsg-buffer.c \ +SRCS= imsg-buffer.c \ imsg.c \ ohash.c +.if !defined(BOOTSTRAPPING) +# Skip getdtablecount.c when bootstrapping since it doesn't compile for Linux +# and is not used by any of the bootstrap tools +SRCS+= getdtablecount.c +.endif + INTERNALLIB= CFLAGS+= -I${.CURDIR} diff --git a/lib/libprocstat/libprocstat.c b/lib/libprocstat/libprocstat.c index 99a9c50337e4..abba033a8c52 100644 --- a/lib/libprocstat/libprocstat.c +++ b/lib/libprocstat/libprocstat.c @@ -588,6 +588,10 @@ procstat_getfiles_kvm(struct procstat *procstat, struct kinfo_proc *kp, int mmap type = PS_FST_TYPE_PROCDESC; data = file.f_data; break; + case DTYPE_DEV: + type = PS_FST_TYPE_DEV; + data = file.f_data; + break; default: continue; } @@ -673,6 +677,7 @@ kinfo_type2fst(int kftype) } kftypes2fst[] = { { KF_TYPE_PROCDESC, PS_FST_TYPE_PROCDESC }, { KF_TYPE_CRYPTO, PS_FST_TYPE_CRYPTO }, + { KF_TYPE_DEV, PS_FST_TYPE_DEV }, { KF_TYPE_FIFO, PS_FST_TYPE_FIFO }, { KF_TYPE_KQUEUE, PS_FST_TYPE_KQUEUE }, { KF_TYPE_MQUEUE, PS_FST_TYPE_MQUEUE }, diff --git a/lib/libprocstat/libprocstat.h b/lib/libprocstat/libprocstat.h index 94024c850e68..6e03ef515444 100644 --- a/lib/libprocstat/libprocstat.h +++ b/lib/libprocstat/libprocstat.h @@ -71,6 +71,7 @@ #define PS_FST_TYPE_UNKNOWN 11 #define PS_FST_TYPE_NONE 12 #define PS_FST_TYPE_PROCDESC 13 +#define PS_FST_TYPE_DEV 14 /* * Special descriptor numbers. diff --git a/lib/libthr/Makefile b/lib/libthr/Makefile index 3068e8d28907..9b932cdb7aac 100644 --- a/lib/libthr/Makefile +++ b/lib/libthr/Makefile @@ -9,6 +9,7 @@ PACKAGE= clibs SHLIBDIR?= /lib .include <src.opts.mk> +MK_BIND_NOW= no MK_SSP= no LIB=thr diff --git a/lib/libthr/thread/thr_create.c b/lib/libthr/thread/thr_create.c index 69150ee6f8ea..dbd01f2e460a 100644 --- a/lib/libthr/thread/thr_create.c +++ b/lib/libthr/thread/thr_create.c @@ -73,8 +73,7 @@ _pthread_create(pthread_t * __restrict thread, */ if (_thr_isthreaded() == 0) { _malloc_first_thread(); - if (_thr_setthreaded(1)) - return (EAGAIN); + _thr_setthreaded(1); } curthread = _get_curthread(); diff --git a/lib/libthr/thread/thr_fork.c b/lib/libthr/thread/thr_fork.c index 5e63e6eec40b..8d969cbf9718 100644 --- a/lib/libthr/thread/thr_fork.c +++ b/lib/libthr/thread/thr_fork.c @@ -219,9 +219,9 @@ __thr_fork(void) _thr_rwl_rdlock(&_thr_atfork_lock); if (was_threaded) { - __isthreaded = 1; + _thr_setthreaded(1); _malloc_postfork(); - __isthreaded = 0; + _thr_setthreaded(0); } /* Ready to continue, unblock signals. */ diff --git a/lib/libthr/thread/thr_kern.c b/lib/libthr/thread/thr_kern.c index 77ccc6847828..1e6338657204 100644 --- a/lib/libthr/thread/thr_kern.c +++ b/lib/libthr/thread/thr_kern.c @@ -53,14 +53,10 @@ static struct wake_addr default_wake_addr; * This is called when the first thread (other than the initial * thread) is created. */ -int +void _thr_setthreaded(int threaded) { - if (((threaded == 0) ^ (__isthreaded == 0)) == 0) - return (0); - __isthreaded = threaded; - return (0); } void diff --git a/lib/libthr/thread/thr_private.h b/lib/libthr/thread/thr_private.h index eac8880b5d73..b2816c03b44b 100644 --- a/lib/libthr/thread/thr_private.h +++ b/lib/libthr/thread/thr_private.h @@ -776,7 +776,7 @@ extern struct pthread *_single_thread __hidden; * Function prototype definitions. */ __BEGIN_DECLS -int _thr_setthreaded(int) __hidden; +void _thr_setthreaded(int) __hidden; int _mutex_cv_lock(struct pthread_mutex *, int, bool) __hidden; int _mutex_cv_unlock(struct pthread_mutex *, int *, int *) __hidden; int _mutex_cv_attach(struct pthread_mutex *, int) __hidden; @@ -865,10 +865,6 @@ int __sys_openat(int, const char *, int, ...); /* #include <signal.h> */ #ifdef _SIGNAL_H_ -int __sys_kill(pid_t, int); -int __sys_sigaltstack(const struct sigaltstack *, struct sigaltstack *); -int __sys_sigpending(sigset_t *); -int __sys_sigreturn(const ucontext_t *); #ifndef _LIBC_PRIVATE_H_ int __sys_sigaction(int, const struct sigaction *, struct sigaction *); int __sys_sigprocmask(int, const sigset_t *, sigset_t *); @@ -899,8 +895,6 @@ int __sys_swapcontext(ucontext_t *oucp, const ucontext_t *ucp); /* #include <unistd.h> */ #ifdef _UNISTD_H_ -void __sys_exit(int); -pid_t __sys_getpid(void); #ifndef _LIBC_PRIVATE_H_ int __sys_close(int); int __sys_fork(void); diff --git a/lib/libthr/thread/thr_spinlock.c b/lib/libthr/thread/thr_spinlock.c index 8680a7229018..42077ce5d447 100644 --- a/lib/libthr/thread/thr_spinlock.c +++ b/lib/libthr/thread/thr_spinlock.c @@ -58,7 +58,7 @@ static int initialized; static void init_spinlock(spinlock_t *lck); /* - * These are for compatability only. Spinlocks of this type + * These are for compatibility only. Spinlocks of this type * are deprecated. */ @@ -76,7 +76,7 @@ __thr_spinlock(spinlock_t *lck) { struct spinlock_extra *_extra; - if (!__isthreaded) + if (!_thr_isthreaded()) PANIC("Spinlock called when not threaded."); if (!initialized) PANIC("Spinlocks not initialized."); diff --git a/lib/libufs/libufs.3 b/lib/libufs/libufs.3 index 595df91e0e95..f4f44a6d8de6 100644 --- a/lib/libufs/libufs.3 +++ b/lib/libufs/libufs.3 @@ -7,7 +7,7 @@ .\" .\" $FreeBSD$ .\" -.Dd January 19, 2018 +.Dd November 26, 2018 .Dt LIBUFS 3 .Os .Sh NAME @@ -53,6 +53,7 @@ field of .Vt "struct uufsd" to a string describing the error. .Sh SEE ALSO +.Xr berase 3 , .Xr bread 3 , .Xr bwrite 3 , .Xr cgget 3 , @@ -61,6 +62,10 @@ to a string describing the error. .Xr cgread1 3 , .Xr cgwrite 3 , .Xr cgwrite1 3 , +.Xr getinode 3 , +.Xr putinode 3 , +.Xr sbget 3 , +.Xr sbput 3 , .Xr sbread 3 , .Xr sbwrite 3 , .Xr ufs_disk_close 3 , diff --git a/lib/libufs/libufs.h b/lib/libufs/libufs.h index dbd378949877..9d1e7355c2f7 100644 --- a/lib/libufs/libufs.h +++ b/lib/libufs/libufs.h @@ -118,6 +118,12 @@ int ffs_sbput(void *, struct fs *, off_t, int (*)(void *, off_t, void *, int)); /* + * Request standard superblock location in ffs_sbget + */ +#define STDSB -1 /* Fail if check-hash is bad */ +#define STDSB_NOHASHFAIL -2 /* Ignore check-hash failure */ + +/* * block.c */ ssize_t bread(struct uufsd *, ufs2_daddr_t, void *, size_t); diff --git a/lib/libufs/sblock.c b/lib/libufs/sblock.c index 29ff258b6ebf..53c8d44f6d65 100644 --- a/lib/libufs/sblock.c +++ b/lib/libufs/sblock.c @@ -54,7 +54,7 @@ sbread(struct uufsd *disk) ERROR(disk, NULL); - if ((errno = sbget(disk->d_fd, &fs, -1)) != 0) { + if ((errno = sbget(disk->d_fd, &fs, STDSB)) != 0) { switch (errno) { case EIO: ERROR(disk, "non-existent or truncated superblock"); diff --git a/lib/libz/Makefile b/lib/libz/Makefile index 0ea87bb191ab..96c46c67265b 100644 --- a/lib/libz/Makefile +++ b/lib/libz/Makefile @@ -7,6 +7,7 @@ LIB= z SHLIBDIR?= /lib SHLIB_MAJOR= 6 MAN= zlib.3 zopen.3 +MLINKS+= zopen.3 zdopen.3 ZLIBSRC= ${SRCTOP}/contrib/zlib diff --git a/lib/libz/Symbol.map b/lib/libz/Symbol.map index 92b02b56d0eb..0a91537272c1 100644 --- a/lib/libz/Symbol.map +++ b/lib/libz/Symbol.map @@ -103,6 +103,10 @@ FBSD_1.2 { zopen; }; +FBSD_1.6 { + zdopen; +}; + ZLIBprivate_1.0 { _tr_align; _tr_flush_block; diff --git a/lib/libz/Versions.def b/lib/libz/Versions.def index d5f1816b2be8..9a67602185b8 100644 --- a/lib/libz/Versions.def +++ b/lib/libz/Versions.def @@ -15,6 +15,9 @@ ZLIB_1.2.9 { FBSD_1.2 { } ZLIB_1.2.4.0; +FBSD_1.6 { +} FBSD_1.2; + ZLIBprivate_1.0 { } ZLIB_1.2.4.0; diff --git a/lib/libz/zopen.3 b/lib/libz/zopen.3 index b56fb447a345..7677f300a8ae 100644 --- a/lib/libz/zopen.3 +++ b/lib/libz/zopen.3 @@ -23,7 +23,7 @@ .\" .\" $FreeBSD$ .\" -.Dd March 5, 2014 +.Dd December 6, 2018 .Dt ZOPEN 3 .Os .Sh NAME @@ -34,33 +34,44 @@ .Sh SYNOPSIS .Ft FILE * .Fn zopen "const char *path" "const char *mode" +.Ft FILE * +.Fn zdopen "int fd" "const char *mode" .Sh DESCRIPTION The .Fn zopen -opens a gzip file whose name is the string pointed to by +function opens a gzip file whose name is the string pointed to by .Fa path -and associates a stream with it. -It is a wrapper around +and returns a stream which can be used to access the uncompressed contents +of the file. +The +.Fn zdopen +variant takes a gzip file referenced by the file descriptor +.Fa fd , +analogous to +.Xr fdopen 3 . +They are wrappers around .Xr zlib 3 -and standard stream I/O APIs. +and the standard stream I/O APIs. .Pp The argument .Fa mode -have the same meaning as it does in +has the same meaning as it does in .Xr fopen 3 . .Pp The -.Nm -function will associate read, write, seek and close +.Fn zopen +and +.Fn zdopen +functions will associate the read, write, seek and close functions of .Xr zlib 3 -after successfully opened a file with -.Xr funopen 3 -so that they will be used to read or write the new stream. +with the returned stream. .Sh RETURN VALUES Upon successful completion -.Nm -returns a +.Fn zopen +and +.Fn zdopen +return a .Tn FILE pointer. Otherwise, @@ -70,26 +81,28 @@ is returned and the global variable is set to indicate the error. .Sh ERRORS In addition to the errors documented for -.Xr fopen 3 , -the -.Nm -function may also fail for: +.Xr fopen 3 +and +.Xr fdopen 3 , +the functions may also fail for: .Bl -tag -width Er .It Bq Er ENOMEM Insufficient memory is available. .El .Sh COMPATIBILITY -This implementation of -.Nm +The implementation of +.Fn zopen function first appeared in .Nx 1.6 and .Fx 4.5 . -The -.Nm -function may not be portable to systems other than +.Fn zdopen +first appeared in +.Fx 13.0 . +These functions may not be portable to systems other than .Fx . .Sh SEE ALSO +.Xr fdopen 3 , .Xr fopen 3 , .Xr funopen 3 , .Xr zlib 3 diff --git a/lib/libz/zopen.c b/lib/libz/zopen.c index cde022dcf0e6..a6ac99166128 100644 --- a/lib/libz/zopen.c +++ b/lib/libz/zopen.c @@ -9,6 +9,7 @@ __FBSDID("$FreeBSD$"); #include <zlib.h> FILE *zopen(const char *fname, const char *mode); +FILE *zdopen(int fd, const char *mode); /* convert arguments */ static int @@ -47,3 +48,18 @@ zopen(const char *fname, const char *mode) else return (funopen(gz, NULL, xgzwrite, xgzseek, xgzclose)); } + +FILE * +zdopen(int fd, const char *mode) +{ + gzFile gz; + + gz = gzdopen(fd, mode); + if (gz == NULL) + return (NULL); + + if (*mode == 'r') + return (funopen(gz, xgzread, NULL, xgzseek, xgzclose)); + else + return (funopen(gz, NULL, xgzwrite, xgzseek, xgzclose)); +} diff --git a/libexec/rtld-elf/Makefile b/libexec/rtld-elf/Makefile index 108c1ac03644..b0f02a7205e8 100644 --- a/libexec/rtld-elf/Makefile +++ b/libexec/rtld-elf/Makefile @@ -6,6 +6,7 @@ .include <src.opts.mk> PACKAGE= clibs +MK_BIND_NOW= no MK_SSP= no CONFS= libmap.conf diff --git a/libexec/rtld-elf/aarch64/reloc.c b/libexec/rtld-elf/aarch64/reloc.c index 3f2819c360e8..cd33f3e2a872 100644 --- a/libexec/rtld-elf/aarch64/reloc.c +++ b/libexec/rtld-elf/aarch64/reloc.c @@ -109,9 +109,8 @@ do_copy_relocations(Obj_Entry *dstobj) } } if (srcobj == NULL) { - _rtld_error( -"Undefined symbol \"%s\" referenced from COPY relocation in %s", - name, dstobj->path); + _rtld_error("Undefined symbol \"%s\" referenced from " + "COPY relocation in %s", name, dstobj->path); return (-1); } @@ -207,7 +206,8 @@ reloc_plt(Obj_Entry *obj) const Elf_Rela *relalim; const Elf_Rela *rela; - relalim = (const Elf_Rela *)((const char *)obj->pltrela + obj->pltrelasize); + relalim = (const Elf_Rela *)((const char *)obj->pltrela + + obj->pltrelasize); for (rela = obj->pltrela; rela < relalim; rela++) { Elf_Addr *where; @@ -223,6 +223,8 @@ reloc_plt(Obj_Entry *obj) case R_AARCH64_IRELATIVE: obj->irelative = true; break; + case R_AARCH64_NONE: + break; default: _rtld_error("Unknown relocation type %u in PLT", (unsigned int)ELF_R_TYPE(rela->r_info)); @@ -243,9 +245,12 @@ reloc_jmpslots(Obj_Entry *obj, int flags, RtldLockState *lockstate) const Elf_Rela *relalim; const Elf_Rela *rela; const Elf_Sym *def; - struct tls_data *tlsdesc; - relalim = (const Elf_Rela *)((const char *)obj->pltrela + obj->pltrelasize); + if (obj->jmpslots_done) + return (0); + + relalim = (const Elf_Rela *)((const char *)obj->pltrela + + obj->pltrelasize); for (rela = obj->pltrela; rela < relalim; rela++) { Elf_Addr *where, target; @@ -264,20 +269,9 @@ reloc_jmpslots(Obj_Entry *obj, int flags, RtldLockState *lockstate) reloc_jmpslot(where, target, defobj, obj, (const Elf_Rel *)rela); break; - case R_AARCH64_TLSDESC: - if (ELF_R_SYM(rela->r_info) != 0) { - tlsdesc = (struct tls_data *)where[1]; - if (tlsdesc->index == -1) - rtld_tlsdesc_handle_locked(tlsdesc, - SYMLOOK_IN_PLT | flags, lockstate); - } - break; - default: - _rtld_error("Unknown relocation type %x in jmpslot", - (unsigned int)ELF_R_TYPE(rela->r_info)); - return (-1); } } + obj->jmpslots_done = true; return (0); } @@ -399,6 +393,8 @@ reloc_non_plt(Obj_Entry *obj, Obj_Entry *obj_rtld, int flags, case R_AARCH64_ABS64: case R_AARCH64_GLOB_DAT: case R_AARCH64_TLS_TPREL64: + case R_AARCH64_TLS_DTPREL64: + case R_AARCH64_TLS_DTPMOD64: def = find_symdef(ELF_R_SYM(rela->r_info), obj, &defobj, flags, cache, lockstate); if (def == NULL) @@ -486,9 +482,24 @@ reloc_non_plt(Obj_Entry *obj, Obj_Entry *obj_rtld, int flags, *where = def->st_value + rela->r_addend + defobj->tlsoffset; break; + + /* + * !!! BEWARE !!! + * ARM ELF ABI defines TLS_DTPMOD64 as 1029, and TLS_DTPREL64 + * as 1028. But actual bfd linker and the glibc RTLD linker + * treats TLS_DTPMOD64 as 1028 and TLS_DTPREL64 1029. + */ + case R_AARCH64_TLS_DTPREL64: /* efectively is TLS_DTPMOD64 */ + *where += (Elf_Addr)defobj->tlsindex; + break; + case R_AARCH64_TLS_DTPMOD64: /* efectively is TLS_DTPREL64 */ + *where += (Elf_Addr)(def->st_value + rela->r_addend); + break; case R_AARCH64_RELATIVE: *where = (Elf_Addr)(obj->relocbase + rela->r_addend); break; + case R_AARCH64_NONE: + break; default: rtld_printf("%s: Unhandled relocation %lu\n", obj->path, ELF_R_TYPE(rela->r_info)); @@ -516,3 +527,15 @@ allocate_initial_tls(Obj_Entry *objs) asm volatile("msr tpidr_el0, %0" : : "r"(tp)); } + +void * +__tls_get_addr(tls_index* ti) +{ + char *p; + void *_tp; + + __asm __volatile("mrs %0, tpidr_el0" : "=r" (_tp)); + p = tls_get_addr_common((Elf_Addr **)(_tp), ti->ti_module, ti->ti_offset); + + return (p); +} diff --git a/libexec/rtld-elf/aarch64/rtld_start.S b/libexec/rtld-elf/aarch64/rtld_start.S index b9577dfccd75..fdf08baddb84 100644 --- a/libexec/rtld-elf/aarch64/rtld_start.S +++ b/libexec/rtld-elf/aarch64/rtld_start.S @@ -57,7 +57,7 @@ END(.rtld_start) ENTRY(_rtld_bind_start) .cfi_startproc mov x17, sp - + /* Save frame pointer and SP */ stp x29, x30, [sp, #-16]! mov x29, sp diff --git a/libexec/rtld-elf/rtld.c b/libexec/rtld-elf/rtld.c index fce99383f74e..80c78d9f21ca 100644 --- a/libexec/rtld-elf/rtld.c +++ b/libexec/rtld-elf/rtld.c @@ -111,6 +111,7 @@ static void init_pagesizes(Elf_Auxinfo **aux_info); static void init_rtld(caddr_t, Elf_Auxinfo **); static void initlist_add_neededs(Needed_Entry *, Objlist *); static void initlist_add_objects(Obj_Entry *, Obj_Entry *, Objlist *); +static int initlist_objects_ifunc(Objlist *, bool, int, RtldLockState *); static void linkmap_add(Obj_Entry *); static void linkmap_delete(Obj_Entry *); static void load_filtees(Obj_Entry *, int flags, RtldLockState *); @@ -119,6 +120,7 @@ static int load_needed_objects(Obj_Entry *, int); static int load_preload_objects(void); static Obj_Entry *load_object(const char *, int fd, const Obj_Entry *, int); static void map_stacks_exec(RtldLockState *); +static int obj_disable_relro(Obj_Entry *); static int obj_enforce_relro(Obj_Entry *); static Obj_Entry *obj_from_addr(const void *); static void objlist_call_fini(Objlist *, Obj_Entry *, RtldLockState *); @@ -143,8 +145,6 @@ static int relocate_object(Obj_Entry *obj, bool bind_now, Obj_Entry *rtldobj, static int relocate_objects(Obj_Entry *, bool, Obj_Entry *, int, RtldLockState *); static int resolve_object_ifunc(Obj_Entry *, bool, int, RtldLockState *); -static int resolve_objects_ifunc(Obj_Entry *first, bool bind_now, - int flags, RtldLockState *lockstate); static int rtld_dirname(const char *, char *); static int rtld_dirname_abs(const char *, char *); static void *rtld_dlopen(const char *name, int fd, int mode); @@ -730,16 +730,6 @@ _rtld(Elf_Addr *sp, func_ptr_type *exit_proc, Obj_Entry **objp) map_stacks_exec(NULL); - dbg("resolving ifuncs"); - if (resolve_objects_ifunc(obj_main, - ld_bind_now != NULL && *ld_bind_now != '\0', SYMLOOK_EARLY, - NULL) == -1) - rtld_die(); - - dbg("enforcing main obj relro"); - if (obj_enforce_relro(obj_main) == -1) - rtld_die(); - if (!obj_main->crt_no_init) { /* * Make sure we don't call the main program's init and fini @@ -758,6 +748,12 @@ _rtld(Elf_Addr *sp, func_ptr_type *exit_proc, Obj_Entry **objp) pre_init(); wlock_acquire(rtld_bind_lock, &lockstate); + + dbg("resolving ifuncs"); + if (initlist_objects_ifunc(&initlist, ld_bind_now != NULL && + *ld_bind_now != '\0', SYMLOOK_EARLY, &lockstate) == -1) + rtld_die(); + if (obj_main->crt_no_init) preinit_main(); objlist_call_init(&initlist, &lockstate); @@ -770,6 +766,11 @@ _rtld(Elf_Addr *sp, func_ptr_type *exit_proc, Obj_Entry **objp) if (ld_loadfltr || obj->z_loadfltr) load_filtees(obj, 0, &lockstate); } + + dbg("enforcing main obj relro"); + if (obj_enforce_relro(obj_main) == -1) + rtld_die(); + lock_release(rtld_bind_lock, &lockstate); dbg("transferring control to program entry point = %p", obj_main->entry); @@ -2243,9 +2244,7 @@ initlist_add_objects(Obj_Entry *obj, Obj_Entry *tail, Objlist *list) initlist_add_neededs(obj->needed_aux_filtees, list); /* Add the object to the init list. */ - if (obj->preinit_array != (Elf_Addr)NULL || obj->init != (Elf_Addr)NULL || - obj->init_array != (Elf_Addr)NULL) - objlist_push_tail(list, obj); + objlist_push_tail(list, obj); /* Add the object to the global fini list in the reverse order. */ if ((obj->fini != (Elf_Addr)NULL || obj->fini_array != (Elf_Addr)NULL) @@ -2894,11 +2893,9 @@ relocate_object(Obj_Entry *obj, bool bind_now, Obj_Entry *rtldobj, if (reloc_plt(obj) == -1) return (-1); /* Relocate the jump slots if we are doing immediate binding. */ - if (obj->bind_now || bind_now) { - if (reloc_jmpslots(obj, flags, lockstate) == -1 || - resolve_object_ifunc(obj, true, flags, lockstate) == -1) - return (-1); - } + if ((obj->bind_now || bind_now) && reloc_jmpslots(obj, flags, + lockstate) == -1) + return (-1); /* * Process the non-PLT IFUNC relocations. The relocations are @@ -2964,24 +2961,16 @@ static int resolve_object_ifunc(Obj_Entry *obj, bool bind_now, int flags, RtldLockState *lockstate) { + + if (obj->ifuncs_resolved) + return (0); + obj->ifuncs_resolved = true; if (obj->irelative && reloc_iresolve(obj, lockstate) == -1) return (-1); - if ((obj->bind_now || bind_now) && obj->gnu_ifunc && - reloc_gnu_ifunc(obj, flags, lockstate) == -1) - return (-1); - return (0); -} - -static int -resolve_objects_ifunc(Obj_Entry *first, bool bind_now, int flags, - RtldLockState *lockstate) -{ - Obj_Entry *obj; - - for (obj = first; obj != NULL; obj = TAILQ_NEXT(obj, next)) { - if (obj->marker) - continue; - if (resolve_object_ifunc(obj, bind_now, flags, lockstate) == -1) + if ((obj->bind_now || bind_now) && obj->gnu_ifunc) { + if (obj_disable_relro(obj) || + reloc_gnu_ifunc(obj, flags, lockstate) == -1 || + obj_enforce_relro(obj)) return (-1); } return (0); @@ -2992,9 +2981,13 @@ initlist_objects_ifunc(Objlist *list, bool bind_now, int flags, RtldLockState *lockstate) { Objlist_Entry *elm; + Obj_Entry *obj; STAILQ_FOREACH(elm, list, link) { - if (resolve_object_ifunc(elm->obj, bind_now, flags, + obj = elm->obj; + if (obj->marker) + continue; + if (resolve_object_ifunc(obj, bind_now, flags, lockstate) == -1) return (-1); } @@ -5354,19 +5347,33 @@ _rtld_is_dlopened(void *arg) return (res); } -int -obj_enforce_relro(Obj_Entry *obj) +static int +obj_remap_relro(Obj_Entry *obj, int prot) { if (obj->relro_size > 0 && mprotect(obj->relro_page, obj->relro_size, - PROT_READ) == -1) { - _rtld_error("%s: Cannot enforce relro protection: %s", - obj->path, rtld_strerror(errno)); + prot) == -1) { + _rtld_error("%s: Cannot set relro protection to %#x: %s", + obj->path, prot, rtld_strerror(errno)); return (-1); } return (0); } +static int +obj_disable_relro(Obj_Entry *obj) +{ + + return (obj_remap_relro(obj, PROT_READ | PROT_WRITE)); +} + +static int +obj_enforce_relro(Obj_Entry *obj) +{ + + return (obj_remap_relro(obj, PROT_READ)); +} + static void map_stacks_exec(RtldLockState *lockstate) { @@ -5618,3 +5625,25 @@ rtld_strerror(int errnum) return ("Unknown error"); return (sys_errlist[errnum]); } + +/* + * No ifunc relocations. + */ +void * +memset(void *dest, int c, size_t len) +{ + size_t i; + + for (i = 0; i < len; i++) + ((char *)dest)[i] = c; + return (dest); +} + +void +bzero(void *dest, size_t len) +{ + size_t i; + + for (i = 0; i < len; i++) + ((char *)dest)[i] = 0; +} diff --git a/libexec/rtld-elf/rtld.h b/libexec/rtld-elf/rtld.h index 335971eb13e5..c7b2b7a896d1 100644 --- a/libexec/rtld-elf/rtld.h +++ b/libexec/rtld-elf/rtld.h @@ -264,6 +264,7 @@ typedef struct Struct_Obj_Entry { bool irelative : 1; /* Object has R_MACHDEP_IRELATIVE relocs */ bool gnu_ifunc : 1; /* Object has references to STT_GNU_IFUNC */ bool non_plt_gnu_ifunc : 1; /* Object has non-plt IFUNC references */ + bool ifuncs_resolved : 1; /* Object ifuncs were already resolved */ bool crt_no_init : 1; /* Object' crt does not call _init/_fini */ bool valid_hash_sysv : 1; /* A valid System V hash hash tag is available */ bool valid_hash_gnu : 1; /* A valid GNU hash tag is available */ diff --git a/release/amd64/mkisoimages.sh b/release/amd64/mkisoimages.sh index 699ddab2e8b6..8a0aceb0eb9f 100644 --- a/release/amd64/mkisoimages.sh +++ b/release/amd64/mkisoimages.sh @@ -49,7 +49,7 @@ if [ "$1" = "-b" ]; then mkdir efi mount -t msdosfs /dev/$device efi mkdir -p efi/efi/boot - cp -p "$BASEBITSDIR/boot/loader.efi" efi/efi/boot/bootx64.efi + cp "$BASEBITSDIR/boot/loader.efi" efi/efi/boot/bootx64.efi umount efi rmdir efi mdconfig -d -u $device diff --git a/release/arm64/PINE64-LTS.conf b/release/arm64/PINE64-LTS.conf index 53c4d8d658cd..8d480007fe5b 100644 --- a/release/arm64/PINE64-LTS.conf +++ b/release/arm64/PINE64-LTS.conf @@ -14,7 +14,7 @@ KERNEL="GENERIC" MD_ARGS="-x 63 -y 255" NODOC=1 PART_SCHEME="MBR" -FDT_OVERLAYS="sun50i-a64-sid,sun50i-a64-ths,sun50i-a64-timer" +FDT_OVERLAYS="sun50i-a64-sid,sun50i-a64-ths,sun50i-a64-timer,sun50i-a64-opp" export BOARDNAME="PINE64-LTS" arm_install_uboot() { diff --git a/release/arm64/PINE64.conf b/release/arm64/PINE64.conf index 1bf16c8ee57a..fb7dd8725fb3 100644 --- a/release/arm64/PINE64.conf +++ b/release/arm64/PINE64.conf @@ -14,7 +14,7 @@ KERNEL="GENERIC" MD_ARGS="-x 63 -y 255" NODOC=1 PART_SCHEME="MBR" -FDT_OVERLAYS="sun50i-a64-sid,sun50i-a64-ths,sun50i-a64-timer" +FDT_OVERLAYS="sun50i-a64-sid,sun50i-a64-ths,sun50i-a64-timer,sun50i-a64-opp" export BOARDNAME="PINE64" arm_install_uboot() { diff --git a/release/arm64/PINEBOOK.conf b/release/arm64/PINEBOOK.conf new file mode 100644 index 000000000000..d0af1a37159f --- /dev/null +++ b/release/arm64/PINEBOOK.conf @@ -0,0 +1,42 @@ +#!/bin/sh +# +# $FreeBSD$ +# + +EMBEDDED_TARGET_ARCH="aarch64" +EMBEDDED_TARGET="arm64" +EMBEDDEDBUILD=1 +EMBEDDEDPORTS="sysutils/u-boot-pinebook" +FAT_SIZE="54m -b 1m" +FAT_TYPE="16" +IMAGE_SIZE="2560M" +KERNEL="GENERIC" +MD_ARGS="-x 63 -y 255" +NODOC=1 +PART_SCHEME="MBR" +FDT_OVERLAYS="sun50i-a64-sid,sun50i-a64-ths,sun50i-a64-timer,sun50i-a64-opp" +export BOARDNAME="PINEBOOK" + +arm_install_uboot() { + UBOOT_DIR="/usr/local/share/u-boot/u-boot-pinebook" + UBOOT_FILES="u-boot-sunxi-with-spl.bin" + chroot ${CHROOTDIR} dd if=${UBOOT_DIR}/${UBOOT_FILES} \ + of=/dev/${mddev} bs=1k seek=8 conv=sync + + return 0 +} + +arm_do_quirk() { + echo '# Enable quirk for trackpad' \ + >> ${CHROOTDIR}/${DESTDIR}/boot/loader.conf + echo 'usb_quirk_load=YES' \ + >> ${CHROOTDIR}/${DESTDIR}/boot/loader.conf + echo 'ums_load=YES' \ + >> ${CHROOTDIR}/${DESTDIR}/boot/loader.conf + echo 'hw.usb.quirk="0x258a 0x000c 0x0000 0xffff UQ_CFG_INDEX=1"' \ + >> ${CHROOTDIR}/${DESTDIR}/boot/loader.conf + # We want EFIFB but there is no node and so we cannot know + # which regulator is used for powering lcd/hdmi + echo 'hw.regulator.disable_unused=0' \ + >> ${CHROOTDIR}/${DESTDIR}/boot/loader.conf +} diff --git a/release/tools/arm.subr b/release/tools/arm.subr index 690adf18e56c..5b024334188e 100644 --- a/release/tools/arm.subr +++ b/release/tools/arm.subr @@ -174,6 +174,7 @@ arm_install_base() { arm64_setup_multicons arm_setup_fdt_overlays arm_setup_minimal_loader + arm_do_quirk echo '# Custom /etc/fstab for FreeBSD embedded images' \ > ${CHROOTDIR}/${DESTDIR}/etc/fstab @@ -238,3 +239,7 @@ arm_install_uboot() { return 0 } + +arm_do_quirk() { + # Override in the arm{,64}/BOARD.conf file. +} diff --git a/release/tools/gce.conf b/release/tools/gce.conf index 65a2a91fdb49..3c33579dd77e 100644 --- a/release/tools/gce.conf +++ b/release/tools/gce.conf @@ -49,7 +49,7 @@ aesni_load="YES" nvme_load="YES" EOF - echo '169.254.169.254 metadata.google.internal metadata' > \ + echo '169.254.169.254 metadata.google.internal metadata' >> \ ${DESTDIR}/etc/hosts # overwrite ntp.conf diff --git a/sbin/bectl/bectl.c b/sbin/bectl/bectl.c index f721948b0f9a..92c13956f8c7 100644 --- a/sbin/bectl/bectl.c +++ b/sbin/bectl/bectl.c @@ -66,22 +66,24 @@ usage(bool explicit) FILE *fp; fp = explicit ? stdout : stderr; - fprintf(fp, + fprintf(fp, "%s", "usage:\tbectl {-h | -? | subcommand [args...]}\n" +#if SOON + "\tbectl add (path)*\n" +#endif "\tbectl activate [-t] beName\n" - "\tbectl create [-e {nonActiveBe | -e beName@snapshot}] beName\n" - "\tbectl create beName@snapshot\n" + "\tbectl create [-r] [-e {nonActiveBe | beName@snapshot}] beName\n" + "\tbectl create [-r] beName@snapshot\n" "\tbectl destroy [-F] {beName | beName@snapshot}\n" "\tbectl export sourceBe\n" "\tbectl import targetBe\n" -#if SOON - "\tbectl add (path)*\n" -#endif - "\tbectl jail [{-b | -U}] [{-o key=value | -u key}]... bootenv [utility [argument ...]]\n" - "\tbectl list [-a] [-D] [-H] [-s]\n" + "\tbectl jail {-b | -U} [{-o key=value | -u key}]... " + "{jailID | jailName}\n" + "\t bootenv [utility [argument ...]]\n" + "\tbectl list [-DHas]\n" "\tbectl mount beName [mountpoint]\n" "\tbectl rename origBeName newBeName\n" - "\tbectl {ujail | unjail} ⟨jailID | jailName | bootenv)\n" + "\tbectl {ujail | unjail} {jailID | jailName} bootenv\n" "\tbectl {umount | unmount} [-f] beName\n"); return (explicit ? 0 : EX_USAGE); diff --git a/sbin/dump/main.c b/sbin/dump/main.c index 7301ca318d80..135b4fcfb64c 100644 --- a/sbin/dump/main.c +++ b/sbin/dump/main.c @@ -433,7 +433,7 @@ main(int argc, char *argv[]) msgtail("to %s\n", tape); sync(); - if ((ret = sbget(diskfd, &sblock, -1)) != 0) { + if ((ret = sbget(diskfd, &sblock, STDSB)) != 0) { switch (ret) { case ENOENT: warn("Cannot find file system superblock"); diff --git a/sbin/fsck_ffs/fsck.h b/sbin/fsck_ffs/fsck.h index ffe41be6cf3b..ed7e8f129c35 100644 --- a/sbin/fsck_ffs/fsck.h +++ b/sbin/fsck_ffs/fsck.h @@ -417,6 +417,7 @@ void blzero(int fd, ufs2_daddr_t blk, long size); void cacheino(union dinode *dp, ino_t inumber); void catch(int); void catchquit(int); +void cgdirty(struct bufarea *); int changeino(ino_t dir, const char *name, ino_t newnum); int check_cgmagic(int cg, struct bufarea *cgbp); int chkrange(ufs2_daddr_t blk, int cnt); diff --git a/sbin/fsck_ffs/fsutil.c b/sbin/fsck_ffs/fsutil.c index 91be4234ae48..117698a09c32 100644 --- a/sbin/fsck_ffs/fsutil.c +++ b/sbin/fsck_ffs/fsutil.c @@ -249,6 +249,24 @@ cglookup(int cg) } /* + * Mark a cylinder group buffer as dirty. + * Update its check-hash if they are enabled. + */ +void +cgdirty(struct bufarea *cgbp) +{ + struct cg *cg; + + cg = cgbp->b_un.b_cg; + if ((sblock.fs_metackhash & CK_CYLGRP) != 0) { + cg->cg_ckhash = 0; + cg->cg_ckhash = + calculate_crc32c(~0L, (void *)cg, sblock.fs_cgsize); + } + dirty(cgbp); +} + +/* * Attempt to flush a cylinder group cache entry. * Return whether the flush was successful. */ @@ -348,11 +366,11 @@ flush(int fd, struct bufarea *bp) if (bp != &sblk) pfatal("BUFFER %p DOES NOT MATCH SBLK %p\n", bp, &sblk); - if (sbput(fd, (struct fs *)bp->b_un.b_buf, 0) == 0) + if (sbput(fd, bp->b_un.b_fs, 0) == 0) fsmodified = 1; break; case BT_CYLGRP: - if (cgput(&disk, (struct cg *)bp->b_un.b_buf) == 0) + if (cgput(&disk, bp->b_un.b_cg) == 0) fsmodified = 1; break; default: @@ -740,7 +758,7 @@ check_cgmagic(int cg, struct bufarea *cgbp) cgp->cg_nextfreeoff = cgp->cg_clusteroff + howmany(fragstoblks(&sblock, sblock.fs_fpg), CHAR_BIT); } - dirty(cgbp); + cgdirty(cgbp); return (0); } @@ -782,7 +800,7 @@ allocblk(long frags) cgp->cg_cs.cs_nbfree--; else cgp->cg_cs.cs_nffree -= frags; - dirty(cgbp); + cgdirty(cgbp); return (i + j); } } diff --git a/sbin/fsck_ffs/inode.c b/sbin/fsck_ffs/inode.c index 3f1cab8b3bd5..a914be8b87a5 100644 --- a/sbin/fsck_ffs/inode.c +++ b/sbin/fsck_ffs/inode.c @@ -692,7 +692,7 @@ allocino(ino_t request, int type) default: return (0); } - dirty(cgbp); + cgdirty(cgbp); dp = ginode(ino); DIP_SET(dp, di_db[0], allocblk((long)1)); if (DIP(dp, di_db[0]) == 0) { diff --git a/sbin/fsck_ffs/pass1.c b/sbin/fsck_ffs/pass1.c index 40e5e6d07e14..c9064ea704e4 100644 --- a/sbin/fsck_ffs/pass1.c +++ b/sbin/fsck_ffs/pass1.c @@ -200,7 +200,7 @@ pass1(void) cgp->cg_initediblk = mininos; pwarn("CYLINDER GROUP %d: RESET FROM %ju TO %d %s\n", c, i, cgp->cg_initediblk, "VALID INODES"); - dirty(cgbp); + cgdirty(cgbp); } if (inosused < sblock.fs_ipg) continue; diff --git a/sbin/fsck_ffs/pass5.c b/sbin/fsck_ffs/pass5.c index 436d184c327b..674ca91e22f3 100644 --- a/sbin/fsck_ffs/pass5.c +++ b/sbin/fsck_ffs/pass5.c @@ -182,14 +182,19 @@ pass5(void) ckhash = cg->cg_ckhash; cg->cg_ckhash = 0; thishash = calculate_crc32c(~0L, cg, fs->fs_cgsize); - if (ckhash != thishash) + if (ckhash == thishash) { + cg->cg_ckhash = ckhash; + } else { pwarn("CG %d: BAD CHECK-HASH %#x vs %#x\n", c, ckhash, thishash); - cg->cg_ckhash = ckhash; + cg->cg_ckhash = thishash; + cgdirty(cgbp); + } } newcg->cg_time = cg->cg_time; newcg->cg_old_time = cg->cg_old_time; newcg->cg_unrefs = cg->cg_unrefs; + newcg->cg_ckhash = cg->cg_ckhash; newcg->cg_cgx = c; dbase = cgbase(fs, c); dmax = dbase + fs->fs_fpg; @@ -326,11 +331,6 @@ pass5(void) sump[run]++; } } - if ((fs->fs_metackhash & CK_CYLGRP) != 0) { - newcg->cg_ckhash = 0; - newcg->cg_ckhash = - calculate_crc32c(~0L, (void *)newcg, fs->fs_cgsize); - } if (bkgrdflag != 0) { cstotal.cs_nffree += cg->cg_cs.cs_nffree; @@ -352,14 +352,14 @@ pass5(void) } if (rewritecg) { memmove(cg, newcg, (size_t)fs->fs_cgsize); - dirty(cgbp); + cgdirty(cgbp); continue; } if (cursnapshot == 0 && memcmp(newcg, cg, basesize) != 0 && dofix(&idesc[2], "SUMMARY INFORMATION BAD")) { memmove(cg, newcg, (size_t)basesize); - dirty(cgbp); + cgdirty(cgbp); } if (bkgrdflag != 0 || usedsoftdep || debug) update_maps(cg, newcg, bkgrdflag); @@ -368,7 +368,7 @@ pass5(void) dofix(&idesc[1], "BLK(S) MISSING IN BIT MAPS")) { memmove(cg_inosused(cg), cg_inosused(newcg), (size_t)mapsize); - dirty(cgbp); + cgdirty(cgbp); } } if (cursnapshot == 0 && diff --git a/sbin/fsck_ffs/setup.c b/sbin/fsck_ffs/setup.c index 0cc943797c10..8599f6cde739 100644 --- a/sbin/fsck_ffs/setup.c +++ b/sbin/fsck_ffs/setup.c @@ -127,7 +127,7 @@ setup(char *dev) } } if ((fsreadfd = open(dev, O_RDONLY)) < 0 || - ufs_disk_fillout(&disk, dev) < 0) { + ufs_disk_fillout_blank(&disk, dev) < 0) { if (bkgrdflag) { unlink(snapname); bkgrdflag = 0; @@ -208,6 +208,13 @@ setup(char *dev) pwarn("USING ALTERNATE SUPERBLOCK AT %jd\n", bflag); bflag = 0; } + /* Save copy of things needed by libufs */ + memcpy(&disk.d_fs, &sblock, sblock.fs_sbsize); + disk.d_ufs = (sblock.fs_magic == FS_UFS1_MAGIC) ? 1 : 2; + disk.d_bsize = sblock.fs_fsize / fsbtodb(&sblock, 1); + disk.d_sblock = sblock.fs_sblockloc / disk.d_bsize; + disk.d_sbcsum = sblock.fs_csp; + if (skipclean && ckclean && sblock.fs_clean) { pwarn("FILE SYSTEM CLEAN; SKIPPING CHECKS\n"); return (-1); @@ -320,15 +327,13 @@ readsb(int listerr) int bad, ret; struct fs *fs; - super = bflag ? bflag * dev_bsize : -1; + super = bflag ? bflag * dev_bsize : STDSB; readcnt[sblk.b_type]++; if ((ret = sbget(fsreadfd, &fs, super)) != 0) { switch (ret) { case EINVAL: - fprintf(stderr, "The previous newfs operation " - "on this volume did not complete.\nYou must " - "complete newfs before using this volume.\n"); - exit(11); + /* Superblock check-hash failed */ + return (0); case ENOENT: if (bflag) fprintf(stderr, "%jd is not a file system " diff --git a/sbin/fsirand/fsirand.c b/sbin/fsirand/fsirand.c index f5e26571f903..8675f7c3fd33 100644 --- a/sbin/fsirand/fsirand.c +++ b/sbin/fsirand/fsirand.c @@ -126,7 +126,7 @@ fsirand(char *device) dp2 = NULL; /* Read in master superblock */ - if ((ret = sbget(devfd, &sblock, -1)) != 0) { + if ((ret = sbget(devfd, &sblock, STDSB)) != 0) { switch (ret) { case ENOENT: warn("Cannot find file system superblock"); diff --git a/sbin/ggate/ggated/ggated.c b/sbin/ggate/ggated/ggated.c index e52bdd7cdd15..f4279cbfaa13 100644 --- a/sbin/ggate/ggated/ggated.c +++ b/sbin/ggate/ggated/ggated.c @@ -591,6 +591,7 @@ sendfail(int sfd, int error, const char *fmt, ...) va_list ap; ssize_t data; + memset(&sinit, 0, sizeof(sinit)); sinit.gs_error = error; g_gate_swap2n_sinit(&sinit); data = g_gate_send(sfd, &sinit, sizeof(sinit), 0); diff --git a/sbin/growfs/growfs.c b/sbin/growfs/growfs.c index b75f377841ef..967cda3330d0 100644 --- a/sbin/growfs/growfs.c +++ b/sbin/growfs/growfs.c @@ -1449,7 +1449,7 @@ main(int argc, char **argv) /* * Read the current superblock, and take a backup. */ - if ((ret = sbget(fsi, &fs, -1)) != 0) { + if ((ret = sbget(fsi, &fs, STDSB)) != 0) { switch (ret) { case ENOENT: errx(1, "superblock not recognized"); diff --git a/sbin/ipfw/ipfw.8 b/sbin/ipfw/ipfw.8 index 6d95b955725b..79b874c3b00e 100644 --- a/sbin/ipfw/ipfw.8 +++ b/sbin/ipfw/ipfw.8 @@ -1,7 +1,7 @@ .\" .\" $FreeBSD$ .\" -.Dd November 13, 2018 +.Dd December 4, 2018 .Dt IPFW 8 .Os .Sh NAME @@ -310,10 +310,9 @@ i.e., omitting the "ip from any to any" string when this does not carry any additional information. .It Fl d When listing, show dynamic rules in addition to static ones. -.It Fl e -When listing and -.Fl d -is specified, also show expired dynamic rules. +.It Fl D +When listing, show only dynamic states. +When deleting, delete only dynamic states. .It Fl f Run without prompting for confirmation for commands that can cause problems if misused, i.e., @@ -4086,6 +4085,55 @@ option could be used to (re)mark user traffic, by adding the following to the appropriate place in ruleset: .Pp .Dl "ipfw add setdscp be ip from any to any dscp af11,af21" +.Ss SELECTIVE MIRRORING +If your network has network traffic analyzer +connected to your host directly via dedicated interface +or remotely via RSPAN vlan, you can selectively mirror +some ethernet layer2 frames to the analyzer. +.Pp +First, make sure your firewall is already configured and runs. +Then, enable layer2 processing if not already enabled: +.Pp +.Dl "sysctl net.link.ether.ipfw=1" +.Pp +Next, load needed additional kernel modules: +.Pp +.Dl "kldload ng_ether ng_ipfw" +.Pp +Optionally, make system load these modules automatically +at startup: +.Pp +.Dl sysrc kld_list+="ng_ether ng_ipfw" +.Pp +Next, configure +.Xr ng_ipfw 4 +kernel module to transmit mirrored copies of layer2 frames +out via vlan900 interface: +.Pp +.Dl "ngctl connect ipfw: vlan900: 1 lower" +.Pp +Think of "1" here as of "mirroring instance index" and vlan900 is its +destination. +You can have arbitrary number of instances. +Refer to +.Xr ng_ipfw 4 +for details. +.Pp +At last, actually start mirroring of selected frames using "instance 1". +For frames incoming from em0 interface: +.Pp +.Dl "ipfw add ngtee 1 ip from any to 192.168.0.1 layer2 in recv em0" +.Pp +For frames outgoing to em0 interface: +.Pp +.Dl "ipfw add ngtee 1 ip from any to 192.168.0.1 layer2 out xmit em0" +.Pp +For both incoming and outgoing frames while flowing through em0: +.Pp +.Dl "ipfw add ngtee 1 ip from any to 192.168.0.1 layer2 via em0" +.Pp +Make sure you do not perform mirroring for already duplicated frames +or kernel may hang as there is no safety net. .Ss DYNAMIC RULES In order to protect a site from flood attacks involving fake TCP packets, it is safer to use dynamic rules: @@ -4524,6 +4572,7 @@ can be changed in a similar way as for .Xr if_bridge 4 , .Xr ip 4 , .Xr ipfirewall 4 , +.Xr ng_ether 4 , .Xr ng_ipfw 4 , .Xr protocols 5 , .Xr services 5 , @@ -4531,6 +4580,7 @@ can be changed in a similar way as for .Xr kldload 8 , .Xr reboot 8 , .Xr sysctl 8 , +.Xr sysrc 8 , .Xr syslogd 8 .Sh HISTORY The diff --git a/sbin/ipfw/ipfw2.c b/sbin/ipfw/ipfw2.c index dfd472ac8a0c..1092d5e22719 100644 --- a/sbin/ipfw/ipfw2.c +++ b/sbin/ipfw/ipfw2.c @@ -2247,10 +2247,9 @@ show_dyn_state(struct cmdline_opts *co, struct format_opts *fo, uint16_t rulenum; char buf[INET6_ADDRSTRLEN]; - if (!co->do_expired) { - if (!d->expire && !(d->dyn_type == O_LIMIT_PARENT)) - return; - } + if (d->expire == 0 && d->dyn_type != O_LIMIT_PARENT) + return; + bcopy(&d->rule, &rulenum, sizeof(rulenum)); bprintf(bp, "%05d", rulenum); if (fo->pcwidth > 0 || fo->bcwidth > 0) { @@ -2292,6 +2291,33 @@ show_dyn_state(struct cmdline_opts *co, struct format_opts *fo, if (d->kidx != 0) bprintf(bp, " :%s", object_search_ctlv(fo->tstate, d->kidx, IPFW_TLV_STATE_NAME)); + +#define BOTH_SYN (TH_SYN | (TH_SYN << 8)) +#define BOTH_FIN (TH_FIN | (TH_FIN << 8)) + if (co->verbose) { + bprintf(bp, " state 0x%08x%s", d->state, + d->state ? " ": ","); + if (d->state & IPFW_DYN_ORPHANED) + bprintf(bp, "ORPHANED,"); + if ((d->state & BOTH_SYN) == BOTH_SYN) + bprintf(bp, "BOTH_SYN,"); + else { + if (d->state & TH_SYN) + bprintf(bp, "F_SYN,"); + if (d->state & (TH_SYN << 8)) + bprintf(bp, "R_SYN,"); + } + if ((d->state & BOTH_FIN) == BOTH_FIN) + bprintf(bp, "BOTH_FIN,"); + else { + if (d->state & TH_FIN) + bprintf(bp, "F_FIN,"); + if (d->state & (TH_FIN << 8)) + bprintf(bp, "R_FIN,"); + } + bprintf(bp, " f_ack 0x%x, r_ack 0x%x", d->ack_fwd, + d->ack_rev); + } } static int @@ -2695,7 +2721,8 @@ ipfw_list(int ac, char *av[], int show_counters) cfg = NULL; sfo.show_counters = show_counters; sfo.show_time = co.do_time; - sfo.flags = IPFW_CFG_GET_STATIC; + if (co.do_dynamic != 2) + sfo.flags |= IPFW_CFG_GET_STATIC; if (co.do_dynamic != 0) sfo.flags |= IPFW_CFG_GET_STATES; if ((sfo.show_counters | sfo.show_time) != 0) @@ -2740,17 +2767,15 @@ ipfw_show_config(struct cmdline_opts *co, struct format_opts *fo, fo->set_mask = cfg->set_mask; ctlv = (ipfw_obj_ctlv *)(cfg + 1); + if (ctlv->head.type == IPFW_TLV_TBLNAME_LIST) { + object_sort_ctlv(ctlv); + fo->tstate = ctlv; + readsz += ctlv->head.length; + ctlv = (ipfw_obj_ctlv *)((caddr_t)ctlv + ctlv->head.length); + } if (cfg->flags & IPFW_CFG_GET_STATIC) { /* We've requested static rules */ - if (ctlv->head.type == IPFW_TLV_TBLNAME_LIST) { - object_sort_ctlv(ctlv); - fo->tstate = ctlv; - readsz += ctlv->head.length; - ctlv = (ipfw_obj_ctlv *)((caddr_t)ctlv + - ctlv->head.length); - } - if (ctlv->head.type == IPFW_TLV_RULE_LIST) { rbase = (ipfw_obj_tlv *)(ctlv + 1); rcnt = ctlv->count; @@ -2777,10 +2802,12 @@ ipfw_show_config(struct cmdline_opts *co, struct format_opts *fo, if (ac == 0) { fo->first = 0; fo->last = IPFW_DEFAULT_RULE; - list_static_range(co, fo, &bp, rbase, rcnt); + if (cfg->flags & IPFW_CFG_GET_STATIC) + list_static_range(co, fo, &bp, rbase, rcnt); if (co->do_dynamic && dynsz > 0) { - printf("## Dynamic rules (%d %zu):\n", fo->dcnt, dynsz); + printf("## Dynamic rules (%d %zu):\n", fo->dcnt, + dynsz); list_dyn_range(co, fo, &bp, dynbase, dynsz); } @@ -2800,6 +2827,9 @@ ipfw_show_config(struct cmdline_opts *co, struct format_opts *fo, continue; } + if ((cfg->flags & IPFW_CFG_GET_STATIC) == 0) + continue; + if (list_static_range(co, fo, &bp, rbase, rcnt) == 0) { /* give precedence to other error(s) */ if (exitval == EX_OK) @@ -3313,6 +3343,8 @@ ipfw_delete(char *av[]) rt.flags |= IPFW_RCFLAG_SET; } } + if (co.do_dynamic == 2) + rt.flags |= IPFW_RCFLAG_DYNAMIC; i = do_range_cmd(IP_FW_XDEL, &rt); if (i != 0) { exitval = EX_UNAVAILABLE; @@ -3320,7 +3352,8 @@ ipfw_delete(char *av[]) continue; warn("rule %u: setsockopt(IP_FW_XDEL)", rt.start_rule); - } else if (rt.new_set == 0 && do_set == 0) { + } else if (rt.new_set == 0 && do_set == 0 && + co.do_dynamic != 2) { exitval = EX_UNAVAILABLE; if (co.do_quiet) continue; diff --git a/sbin/ipfw/ipfw2.h b/sbin/ipfw/ipfw2.h index bb0a4cdfdeb3..8e279389a1eb 100644 --- a/sbin/ipfw/ipfw2.h +++ b/sbin/ipfw/ipfw2.h @@ -37,8 +37,6 @@ struct cmdline_opts { int do_quiet; /* Be quiet in add and flush */ int do_pipe; /* this cmd refers to a pipe/queue/sched */ int do_nat; /* this cmd refers to a nat config */ - int do_dynamic; /* display dynamic rules */ - int do_expired; /* display expired dynamic rules */ int do_compact; /* show rules in compact mode */ int do_force; /* do not ask for confirmation */ int show_sets; /* display the set each rule belongs to */ @@ -48,6 +46,8 @@ struct cmdline_opts { /* The options below can have multiple values. */ + int do_dynamic; /* 1 - display dynamic rules */ + /* 2 - display/delete only dynamic rules */ int do_sort; /* field to sort results (0 = no) */ /* valid fields are 1 and above */ diff --git a/sbin/ipfw/main.c b/sbin/ipfw/main.c index befc1ec867d7..0a9791b77981 100644 --- a/sbin/ipfw/main.c +++ b/sbin/ipfw/main.c @@ -262,7 +262,7 @@ ipfw_main(int oldac, char **oldav) save_av = av; optind = optreset = 1; /* restart getopt() */ - while ((ch = getopt(ac, av, "abcdefhinNp:qs:STtv")) != -1) + while ((ch = getopt(ac, av, "abcdDefhinNp:qs:STtv")) != -1) switch (ch) { case 'a': do_acct = 1; @@ -281,8 +281,12 @@ ipfw_main(int oldac, char **oldav) co.do_dynamic = 1; break; + case 'D': + co.do_dynamic = 2; + break; + case 'e': - co.do_expired = 1; + /* nop for compatibility */ break; case 'f': diff --git a/sbin/nvmecontrol/Makefile b/sbin/nvmecontrol/Makefile index d436c2622f55..501dcaf8a5ec 100644 --- a/sbin/nvmecontrol/Makefile +++ b/sbin/nvmecontrol/Makefile @@ -3,9 +3,12 @@ PACKAGE=runtime PROG= nvmecontrol SRCS= nvmecontrol.c devlist.c firmware.c format.c identify.c identify_ext.c logpage.c \ - perftest.c reset.c ns.c nvme_util.c power.c nc_util.c wdc.c + perftest.c reset.c ns.c nvme_util.c power.c nc_util.c MAN= nvmecontrol.8 +LDFLAGS+= -rdynamic +SUBDIR= modules .PATH: ${SRCTOP}/sys/dev/nvme .include <bsd.prog.mk> +.include <bsd.subdir.mk> diff --git a/sbin/nvmecontrol/devlist.c b/sbin/nvmecontrol/devlist.c index a6f47383b366..3586b374f030 100644 --- a/sbin/nvmecontrol/devlist.c +++ b/sbin/nvmecontrol/devlist.c @@ -43,13 +43,8 @@ __FBSDID("$FreeBSD$"); #include "nvmecontrol.h" -static void -devlist_usage(void) -{ - fprintf(stderr, "usage:\n"); - fprintf(stderr, DEVLIST_USAGE); - exit(1); -} +#define DEVLIST_USAGE \ + "devlist\n" static inline uint32_t ns_get_sector_size(struct nvme_namespace_data *nsdata) @@ -64,8 +59,8 @@ ns_get_sector_size(struct nvme_namespace_data *nsdata) return (1 << lbads); } -void -devlist(int argc, char *argv[]) +static void +devlist(const struct nvme_function *nf, int argc, char *argv[]) { struct nvme_controller_data cdata; struct nvme_namespace_data nsdata; @@ -77,7 +72,7 @@ devlist(int argc, char *argv[]) while ((ch = getopt(argc, argv, "")) != -1) { switch ((char)ch) { default: - devlist_usage(); + usage(nf); } } @@ -124,3 +119,5 @@ devlist(int argc, char *argv[]) exit(1); } + +NVME_COMMAND(top, devlist, devlist, DEVLIST_USAGE); diff --git a/sbin/nvmecontrol/firmware.c b/sbin/nvmecontrol/firmware.c index 473da9b872d2..9692af99bcfe 100644 --- a/sbin/nvmecontrol/firmware.c +++ b/sbin/nvmecontrol/firmware.c @@ -50,6 +50,9 @@ __FBSDID("$FreeBSD$"); #include "nvmecontrol.h" +#define FIRMWARE_USAGE \ + "firmware [-s slot] [-f path_to_firmware] [-a] <controller id>\n" + static int slot_has_valid_firmware(int fd, int slot) { @@ -171,15 +174,7 @@ activate_firmware(int fd, int slot, int activate_action) } static void -firmware_usage(void) -{ - fprintf(stderr, "usage:\n"); - fprintf(stderr, FIRMWARE_USAGE); - exit(1); -} - -void -firmware(int argc, char *argv[]) +firmware(const struct nvme_function *nf, int argc, char *argv[]) { int fd = -1, slot = 0; int a_flag, s_flag, f_flag; @@ -206,18 +201,18 @@ firmware(int argc, char *argv[]) fprintf(stderr, "\"%s\" not valid slot.\n", optarg); - firmware_usage(); + usage(nf); } else if (slot == 0) { fprintf(stderr, "0 is not a valid slot number. " "Slot numbers start at 1.\n"); - firmware_usage(); + usage(nf); } else if (slot > 7) { fprintf(stderr, "Slot number %s specified which is " "greater than max allowed slot number of " "7.\n", optarg); - firmware_usage(); + usage(nf); } s_flag = true; break; @@ -230,20 +225,20 @@ firmware(int argc, char *argv[]) /* Check that a controller (and not a namespace) was specified. */ if (optind >= argc || strstr(argv[optind], NVME_NS_PREFIX) != NULL) - firmware_usage(); + usage(nf); if (!f_flag && !a_flag) { fprintf(stderr, "Neither a replace ([-f path_to_firmware]) nor " "activate ([-a]) firmware image action\n" "was specified.\n"); - firmware_usage(); + usage(nf); } if (!f_flag && a_flag && slot == 0) { fprintf(stderr, "Slot number to activate not specified.\n"); - firmware_usage(); + usage(nf); } controller = argv[optind]; @@ -338,3 +333,5 @@ firmware(int argc, char *argv[]) close(fd); exit(0); } + +NVME_COMMAND(top, firmware, firmware, FIRMWARE_USAGE); diff --git a/sbin/nvmecontrol/format.c b/sbin/nvmecontrol/format.c index 1463af1e45ae..08b355b7d230 100644 --- a/sbin/nvmecontrol/format.c +++ b/sbin/nvmecontrol/format.c @@ -43,16 +43,11 @@ __FBSDID("$FreeBSD$"); #include "nvmecontrol.h" -static void -format_usage(void) -{ - fprintf(stderr, "usage:\n"); - fprintf(stderr, FORMAT_USAGE); - exit(1); -} +#define FORMAT_USAGE \ + "format [-f fmt] [-m mset] [-p pi] [-l pil] [-E] [-C] <controller id|namespace id>\n" -void -format(int argc, char *argv[]) +static void +format(const struct nvme_function *nf, int argc, char *argv[]) { struct nvme_controller_data cd; struct nvme_namespace_data nsd; @@ -64,7 +59,7 @@ format(int argc, char *argv[]) int lbaf = -1, mset = -1, pi = -1, pil = -1, ses = 0; if (argc < 2) - format_usage(); + usage(nf); while ((ch = getopt(argc, argv, "f:m:p:l:EC")) != -1) { switch ((char)ch) { @@ -91,13 +86,13 @@ format(int argc, char *argv[]) ses = 2; break; default: - format_usage(); + usage(nf); } } /* Check that a controller or namespace was specified. */ if (optind >= argc) - format_usage(); + usage(nf); target = argv[optind]; /* @@ -185,3 +180,5 @@ format(int argc, char *argv[]) close(fd); exit(0); } + +NVME_COMMAND(top, format, format, FORMAT_USAGE); diff --git a/sbin/nvmecontrol/identify.c b/sbin/nvmecontrol/identify.c index 04a63aba28f8..297a58ea58bc 100644 --- a/sbin/nvmecontrol/identify.c +++ b/sbin/nvmecontrol/identify.c @@ -43,6 +43,9 @@ __FBSDID("$FreeBSD$"); #include "nvmecontrol.h" #include "nvmecontrol_ext.h" +#define IDENTIFY_USAGE \ + "identify [-x [-v]] <controller id|namespace id>\n" + static void print_namespace(struct nvme_namespace_data *nsdata) { @@ -147,15 +150,7 @@ print_namespace(struct nvme_namespace_data *nsdata) } static void -identify_usage(void) -{ - fprintf(stderr, "usage:\n"); - fprintf(stderr, IDENTIFY_USAGE); - exit(1); -} - -static void -identify_ctrlr(int argc, char *argv[]) +identify_ctrlr(const struct nvme_function *nf, int argc, char *argv[]) { struct nvme_controller_data cdata; int ch, fd, hexflag = 0, hexlength; @@ -170,13 +165,13 @@ identify_ctrlr(int argc, char *argv[]) hexflag = 1; break; default: - identify_usage(); + usage(nf); } } /* Check that a controller was specified. */ if (optind >= argc) - identify_usage(); + usage(nf); open_dev(argv[optind], &fd, 1, 1); read_controller_data(fd, &cdata); @@ -194,7 +189,7 @@ identify_ctrlr(int argc, char *argv[]) if (verboseflag == 1) { fprintf(stderr, "-v not currently supported without -x\n"); - identify_usage(); + usage(nf); } nvme_print_controller(&cdata); @@ -202,7 +197,7 @@ identify_ctrlr(int argc, char *argv[]) } static void -identify_ns(int argc, char *argv[]) +identify_ns(const struct nvme_function *nf,int argc, char *argv[]) { struct nvme_namespace_data nsdata; char path[64]; @@ -219,13 +214,13 @@ identify_ns(int argc, char *argv[]) hexflag = 1; break; default: - identify_usage(); + usage(nf); } } /* Check that a namespace was specified. */ if (optind >= argc) - identify_usage(); + usage(nf); /* * Check if the specified device node exists before continuing. @@ -258,26 +253,26 @@ identify_ns(int argc, char *argv[]) if (verboseflag == 1) { fprintf(stderr, "-v not currently supported without -x\n"); - identify_usage(); + usage(nf); } print_namespace(&nsdata); exit(0); } -void -identify(int argc, char *argv[]) +static void +identify(const struct nvme_function *nf, int argc, char *argv[]) { char *target; if (argc < 2) - identify_usage(); + usage(nf); while (getopt(argc, argv, "vx") != -1) ; /* Check that a controller or namespace was specified. */ if (optind >= argc) - identify_usage(); + usage(nf); target = argv[optind]; @@ -289,7 +284,9 @@ identify(int argc, char *argv[]) * otherwise, consider it a controller. */ if (strstr(target, NVME_NS_PREFIX) == NULL) - identify_ctrlr(argc, argv); + identify_ctrlr(nf, argc, argv); else - identify_ns(argc, argv); + identify_ns(nf, argc, argv); } + +NVME_COMMAND(top, identify, identify, IDENTIFY_USAGE); diff --git a/sbin/nvmecontrol/logpage.c b/sbin/nvmecontrol/logpage.c index 9e1e3103a1f6..2b1908dc1d19 100644 --- a/sbin/nvmecontrol/logpage.c +++ b/sbin/nvmecontrol/logpage.c @@ -48,18 +48,14 @@ __FBSDID("$FreeBSD$"); #include "nvmecontrol.h" -#define DEFAULT_SIZE (4096) -#define MAX_FW_SLOTS (7) +#define LOGPAGE_USAGE \ + "logpage <-p page_id> [-b] [-v vendor] [-x] <controller id|namespace id>\n" \ -typedef void (*print_fn_t)(const struct nvme_controller_data *cdata, void *buf, uint32_t size); +#define MAX_FW_SLOTS (7) -struct kv_name -{ - uint32_t key; - const char *name; -}; +SET_CONCAT_DEF(logpage, struct logpage_function); -static const char * +const char * kv_lookup(const struct kv_name *kv, size_t kv_count, uint32_t key) { static char bad[32]; @@ -195,7 +191,7 @@ print_log_error(const struct nvme_controller_data *cdata __unused, void *buf, ui } } -static void +void print_temp(uint16_t t) { printf("%u K, %2.2f C, %3.2f F\n", t, (float)t - 273.15, (float)t * 9 / 5 - 459.67); @@ -312,604 +308,40 @@ print_log_firmware(const struct nvme_controller_data *cdata, void *buf, uint32_t } /* - * Intel specific log pages from - * http://www.intel.com/content/dam/www/public/us/en/documents/product-specifications/ssd-dc-p3700-spec.pdf - * - * Though the version as of this date has a typo for the size of log page 0xca, - * offset 147: it is only 1 byte, not 6. - */ -static void -print_intel_temp_stats(const struct nvme_controller_data *cdata __unused, void *buf, uint32_t size __unused) -{ - struct intel_log_temp_stats *temp = buf; - - printf("Intel Temperature Log\n"); - printf("=====================\n"); - - printf("Current: "); - print_temp(temp->current); - printf("Overtemp Last Flags %#jx\n", (uintmax_t)temp->overtemp_flag_last); - printf("Overtemp Lifetime Flags %#jx\n", (uintmax_t)temp->overtemp_flag_life); - printf("Max Temperature "); - print_temp(temp->max_temp); - printf("Min Temperature "); - print_temp(temp->min_temp); - printf("Max Operating Temperature "); - print_temp(temp->max_oper_temp); - printf("Min Operating Temperature "); - print_temp(temp->min_oper_temp); - printf("Estimated Temperature Offset: %ju C/K\n", (uintmax_t)temp->est_offset); -} - -/* - * Format from Table 22, section 5.7 IO Command Latency Statistics. - * Read and write stats pages have identical encoding. - */ -static void -print_intel_read_write_lat_log(const struct nvme_controller_data *cdata __unused, void *buf, uint32_t size __unused) -{ - const char *walker = buf; - int i; - - printf("Major: %d\n", le16dec(walker + 0)); - printf("Minor: %d\n", le16dec(walker + 2)); - for (i = 0; i < 32; i++) - printf("%4dus-%4dus: %ju\n", i * 32, (i + 1) * 32, (uintmax_t)le32dec(walker + 4 + i * 4)); - for (i = 1; i < 32; i++) - printf("%4dms-%4dms: %ju\n", i, i + 1, (uintmax_t)le32dec(walker + 132 + i * 4)); - for (i = 1; i < 32; i++) - printf("%4dms-%4dms: %ju\n", i * 32, (i + 1) * 32, (uintmax_t)le32dec(walker + 256 + i * 4)); -} - -static void -print_intel_read_lat_log(const struct nvme_controller_data *cdata __unused, void *buf, uint32_t size) -{ - - printf("Intel Read Latency Log\n"); - printf("======================\n"); - print_intel_read_write_lat_log(cdata, buf, size); -} - -static void -print_intel_write_lat_log(const struct nvme_controller_data *cdata __unused, void *buf, uint32_t size) -{ - - printf("Intel Write Latency Log\n"); - printf("=======================\n"); - print_intel_read_write_lat_log(cdata, buf, size); -} - -/* - * Table 19. 5.4 SMART Attributes. Samsung also implements this and some extra data not documented. - */ -static void -print_intel_add_smart(const struct nvme_controller_data *cdata __unused, void *buf, uint32_t size __unused) -{ - uint8_t *walker = buf; - uint8_t *end = walker + 150; - const char *name; - uint64_t raw; - uint8_t normalized; - - static struct kv_name kv[] = - { - { 0xab, "Program Fail Count" }, - { 0xac, "Erase Fail Count" }, - { 0xad, "Wear Leveling Count" }, - { 0xb8, "End to End Error Count" }, - { 0xc7, "CRC Error Count" }, - { 0xe2, "Timed: Media Wear" }, - { 0xe3, "Timed: Host Read %" }, - { 0xe4, "Timed: Elapsed Time" }, - { 0xea, "Thermal Throttle Status" }, - { 0xf0, "Retry Buffer Overflows" }, - { 0xf3, "PLL Lock Loss Count" }, - { 0xf4, "NAND Bytes Written" }, - { 0xf5, "Host Bytes Written" }, - }; - - printf("Additional SMART Data Log\n"); - printf("=========================\n"); - /* - * walker[0] = Key - * walker[1,2] = reserved - * walker[3] = Normalized Value - * walker[4] = reserved - * walker[5..10] = Little Endian Raw value - * (or other represenations) - * walker[11] = reserved - */ - while (walker < end) { - name = kv_lookup(kv, nitems(kv), *walker); - normalized = walker[3]; - raw = le48dec(walker + 5); - switch (*walker){ - case 0: - break; - case 0xad: - printf("%-32s: %3d min: %u max: %u ave: %u\n", name, normalized, - le16dec(walker + 5), le16dec(walker + 7), le16dec(walker + 9)); - break; - case 0xe2: - printf("%-32s: %3d %.3f%%\n", name, normalized, raw / 1024.0); - break; - case 0xea: - printf("%-32s: %3d %d%% %d times\n", name, normalized, walker[5], le32dec(walker+6)); - break; - default: - printf("%-32s: %3d %ju\n", name, normalized, (uintmax_t)raw); - break; - } - walker += 12; - } -} - -/* - * HGST's 0xc1 page. This is a grab bag of additional data. Please see - * https://www.hgst.com/sites/default/files/resources/US_SN150_ProdManual.pdf - * https://www.hgst.com/sites/default/files/resources/US_SN100_ProdManual.pdf - * Appendix A for details - */ - -typedef void (*subprint_fn_t)(void *buf, uint16_t subtype, uint8_t res, uint32_t size); - -struct subpage_print -{ - uint16_t key; - subprint_fn_t fn; -}; - -static void print_hgst_info_write_errors(void *buf, uint16_t subtype, uint8_t res, uint32_t size); -static void print_hgst_info_read_errors(void *buf, uint16_t subtype, uint8_t res, uint32_t size); -static void print_hgst_info_verify_errors(void *buf, uint16_t subtype, uint8_t res, uint32_t size); -static void print_hgst_info_self_test(void *buf, uint16_t subtype, uint8_t res, uint32_t size); -static void print_hgst_info_background_scan(void *buf, uint16_t subtype, uint8_t res, uint32_t size); -static void print_hgst_info_erase_errors(void *buf, uint16_t subtype, uint8_t res, uint32_t size); -static void print_hgst_info_erase_counts(void *buf, uint16_t subtype, uint8_t res, uint32_t size); -static void print_hgst_info_temp_history(void *buf, uint16_t subtype, uint8_t res, uint32_t size); -static void print_hgst_info_ssd_perf(void *buf, uint16_t subtype, uint8_t res, uint32_t size); -static void print_hgst_info_firmware_load(void *buf, uint16_t subtype, uint8_t res, uint32_t size); - -static struct subpage_print hgst_subpage[] = { - { 0x02, print_hgst_info_write_errors }, - { 0x03, print_hgst_info_read_errors }, - { 0x05, print_hgst_info_verify_errors }, - { 0x10, print_hgst_info_self_test }, - { 0x15, print_hgst_info_background_scan }, - { 0x30, print_hgst_info_erase_errors }, - { 0x31, print_hgst_info_erase_counts }, - { 0x32, print_hgst_info_temp_history }, - { 0x37, print_hgst_info_ssd_perf }, - { 0x38, print_hgst_info_firmware_load }, -}; - -/* Print a subpage that is basically just key value pairs */ -static void -print_hgst_info_subpage_gen(void *buf, uint16_t subtype __unused, uint32_t size, - const struct kv_name *kv, size_t kv_count) -{ - uint8_t *wsp, *esp; - uint16_t ptype; - uint8_t plen; - uint64_t param; - int i; - - wsp = buf; - esp = wsp + size; - while (wsp < esp) { - ptype = le16dec(wsp); - wsp += 2; - wsp++; /* Flags, just ignore */ - plen = *wsp++; - param = 0; - for (i = 0; i < plen; i++) - param |= (uint64_t)*wsp++ << (i * 8); - printf(" %-30s: %jd\n", kv_lookup(kv, kv_count, ptype), (uintmax_t)param); - } -} - -static void -print_hgst_info_write_errors(void *buf, uint16_t subtype, uint8_t res __unused, uint32_t size) -{ - static struct kv_name kv[] = - { - { 0x0000, "Corrected Without Delay" }, - { 0x0001, "Corrected Maybe Delayed" }, - { 0x0002, "Re-Writes" }, - { 0x0003, "Errors Corrected" }, - { 0x0004, "Correct Algorithm Used" }, - { 0x0005, "Bytes Processed" }, - { 0x0006, "Uncorrected Errors" }, - { 0x8000, "Flash Write Commands" }, - { 0x8001, "HGST Special" }, - }; - - printf("Write Errors Subpage:\n"); - print_hgst_info_subpage_gen(buf, subtype, size, kv, nitems(kv)); -} - -static void -print_hgst_info_read_errors(void *buf, uint16_t subtype, uint8_t res __unused, uint32_t size) -{ - static struct kv_name kv[] = - { - { 0x0000, "Corrected Without Delay" }, - { 0x0001, "Corrected Maybe Delayed" }, - { 0x0002, "Re-Reads" }, - { 0x0003, "Errors Corrected" }, - { 0x0004, "Correct Algorithm Used" }, - { 0x0005, "Bytes Processed" }, - { 0x0006, "Uncorrected Errors" }, - { 0x8000, "Flash Read Commands" }, - { 0x8001, "XOR Recovered" }, - { 0x8002, "Total Corrected Bits" }, - }; - - printf("Read Errors Subpage:\n"); - print_hgst_info_subpage_gen(buf, subtype, size, kv, nitems(kv)); -} - -static void -print_hgst_info_verify_errors(void *buf, uint16_t subtype, uint8_t res __unused, uint32_t size) -{ - static struct kv_name kv[] = - { - { 0x0000, "Corrected Without Delay" }, - { 0x0001, "Corrected Maybe Delayed" }, - { 0x0002, "Re-Reads" }, - { 0x0003, "Errors Corrected" }, - { 0x0004, "Correct Algorithm Used" }, - { 0x0005, "Bytes Processed" }, - { 0x0006, "Uncorrected Errors" }, - { 0x8000, "Commands Processed" }, - }; - - printf("Verify Errors Subpage:\n"); - print_hgst_info_subpage_gen(buf, subtype, size, kv, nitems(kv)); -} - -static void -print_hgst_info_self_test(void *buf, uint16_t subtype __unused, uint8_t res __unused, uint32_t size) -{ - size_t i; - uint8_t *walker = buf; - uint16_t code, hrs; - uint32_t lba; - - printf("Self Test Subpage:\n"); - for (i = 0; i < size / 20; i++) { /* Each entry is 20 bytes */ - code = le16dec(walker); - walker += 2; - walker++; /* Ignore fixed flags */ - if (*walker == 0) /* Last entry is zero length */ - break; - if (*walker++ != 0x10) { - printf("Bad length for self test report\n"); - return; - } - printf(" %-30s: %d\n", "Recent Test", code); - printf(" %-28s: %#x\n", "Self-Test Results", *walker & 0xf); - printf(" %-28s: %#x\n", "Self-Test Code", (*walker >> 5) & 0x7); - walker++; - printf(" %-28s: %#x\n", "Self-Test Number", *walker++); - hrs = le16dec(walker); - walker += 2; - lba = le32dec(walker); - walker += 4; - printf(" %-28s: %u\n", "Total Power On Hrs", hrs); - printf(" %-28s: %#jx (%jd)\n", "LBA", (uintmax_t)lba, (uintmax_t)lba); - printf(" %-28s: %#x\n", "Sense Key", *walker++ & 0xf); - printf(" %-28s: %#x\n", "Additional Sense Code", *walker++); - printf(" %-28s: %#x\n", "Additional Sense Qualifier", *walker++); - printf(" %-28s: %#x\n", "Vendor Specific Detail", *walker++); - } -} - -static void -print_hgst_info_background_scan(void *buf, uint16_t subtype __unused, uint8_t res __unused, uint32_t size) -{ - uint8_t *walker = buf; - uint8_t status; - uint16_t code, nscan, progress; - uint32_t pom, nand; - - printf("Background Media Scan Subpage:\n"); - /* Decode the header */ - code = le16dec(walker); - walker += 2; - walker++; /* Ignore fixed flags */ - if (*walker++ != 0x10) { - printf("Bad length for background scan header\n"); - return; - } - if (code != 0) { - printf("Expceted code 0, found code %#x\n", code); - return; - } - pom = le32dec(walker); - walker += 4; - walker++; /* Reserved */ - status = *walker++; - nscan = le16dec(walker); - walker += 2; - progress = le16dec(walker); - walker += 2; - walker += 6; /* Reserved */ - printf(" %-30s: %d\n", "Power On Minutes", pom); - printf(" %-30s: %x (%s)\n", "BMS Status", status, - status == 0 ? "idle" : (status == 1 ? "active" : (status == 8 ? "suspended" : "unknown"))); - printf(" %-30s: %d\n", "Number of BMS", nscan); - printf(" %-30s: %d\n", "Progress Current BMS", progress); - /* Report retirements */ - if (walker - (uint8_t *)buf != 20) { - printf("Coding error, offset not 20\n"); - return; - } - size -= 20; - printf(" %-30s: %d\n", "BMS retirements", size / 0x18); - while (size > 0) { - code = le16dec(walker); - walker += 2; - walker++; - if (*walker++ != 0x14) { - printf("Bad length parameter\n"); - return; - } - pom = le32dec(walker); - walker += 4; - /* - * Spec sheet says the following are hard coded, if true, just - * print the NAND retirement. - */ - if (walker[0] == 0x41 && - walker[1] == 0x0b && - walker[2] == 0x01 && - walker[3] == 0x00 && - walker[4] == 0x00 && - walker[5] == 0x00 && - walker[6] == 0x00 && - walker[7] == 0x00) { - walker += 8; - walker += 4; /* Skip reserved */ - nand = le32dec(walker); - walker += 4; - printf(" %-30s: %d\n", "Retirement number", code); - printf(" %-28s: %#x\n", "NAND (C/T)BBBPPP", nand); - } else { - printf("Parameter %#x entry corrupt\n", code); - walker += 16; - } - } -} - -static void -print_hgst_info_erase_errors(void *buf, uint16_t subtype __unused, uint8_t res __unused, uint32_t size) -{ - static struct kv_name kv[] = - { - { 0x0000, "Corrected Without Delay" }, - { 0x0001, "Corrected Maybe Delayed" }, - { 0x0002, "Re-Erase" }, - { 0x0003, "Errors Corrected" }, - { 0x0004, "Correct Algorithm Used" }, - { 0x0005, "Bytes Processed" }, - { 0x0006, "Uncorrected Errors" }, - { 0x8000, "Flash Erase Commands" }, - { 0x8001, "Mfg Defect Count" }, - { 0x8002, "Grown Defect Count" }, - { 0x8003, "Erase Count -- User" }, - { 0x8004, "Erase Count -- System" }, - }; - - printf("Erase Errors Subpage:\n"); - print_hgst_info_subpage_gen(buf, subtype, size, kv, nitems(kv)); -} - -static void -print_hgst_info_erase_counts(void *buf, uint16_t subtype, uint8_t res __unused, uint32_t size) -{ - /* My drive doesn't export this -- so not coding up */ - printf("XXX: Erase counts subpage: %p, %#x %d\n", buf, subtype, size); -} - -static void -print_hgst_info_temp_history(void *buf, uint16_t subtype __unused, uint8_t res __unused, uint32_t size __unused) -{ - uint8_t *walker = buf; - uint32_t min; - - printf("Temperature History:\n"); - printf(" %-30s: %d C\n", "Current Temperature", *walker++); - printf(" %-30s: %d C\n", "Reference Temperature", *walker++); - printf(" %-30s: %d C\n", "Maximum Temperature", *walker++); - printf(" %-30s: %d C\n", "Minimum Temperature", *walker++); - min = le32dec(walker); - walker += 4; - printf(" %-30s: %d:%02d:00\n", "Max Temperature Time", min / 60, min % 60); - min = le32dec(walker); - walker += 4; - printf(" %-30s: %d:%02d:00\n", "Over Temperature Duration", min / 60, min % 60); - min = le32dec(walker); - walker += 4; - printf(" %-30s: %d:%02d:00\n", "Min Temperature Time", min / 60, min % 60); -} - -static void -print_hgst_info_ssd_perf(void *buf, uint16_t subtype __unused, uint8_t res, uint32_t size __unused) -{ - uint8_t *walker = buf; - uint64_t val; - - printf("SSD Performance Subpage Type %d:\n", res); - val = le64dec(walker); - walker += 8; - printf(" %-30s: %ju\n", "Host Read Commands", val); - val = le64dec(walker); - walker += 8; - printf(" %-30s: %ju\n", "Host Read Blocks", val); - val = le64dec(walker); - walker += 8; - printf(" %-30s: %ju\n", "Host Cache Read Hits Commands", val); - val = le64dec(walker); - walker += 8; - printf(" %-30s: %ju\n", "Host Cache Read Hits Blocks", val); - val = le64dec(walker); - walker += 8; - printf(" %-30s: %ju\n", "Host Read Commands Stalled", val); - val = le64dec(walker); - walker += 8; - printf(" %-30s: %ju\n", "Host Write Commands", val); - val = le64dec(walker); - walker += 8; - printf(" %-30s: %ju\n", "Host Write Blocks", val); - val = le64dec(walker); - walker += 8; - printf(" %-30s: %ju\n", "Host Write Odd Start Commands", val); - val = le64dec(walker); - walker += 8; - printf(" %-30s: %ju\n", "Host Write Odd End Commands", val); - val = le64dec(walker); - walker += 8; - printf(" %-30s: %ju\n", "Host Write Commands Stalled", val); - val = le64dec(walker); - walker += 8; - printf(" %-30s: %ju\n", "NAND Read Commands", val); - val = le64dec(walker); - walker += 8; - printf(" %-30s: %ju\n", "NAND Read Blocks", val); - val = le64dec(walker); - walker += 8; - printf(" %-30s: %ju\n", "NAND Write Commands", val); - val = le64dec(walker); - walker += 8; - printf(" %-30s: %ju\n", "NAND Write Blocks", val); - val = le64dec(walker); - walker += 8; - printf(" %-30s: %ju\n", "NAND Read Before Writes", val); -} - -static void -print_hgst_info_firmware_load(void *buf, uint16_t subtype __unused, uint8_t res __unused, uint32_t size __unused) -{ - uint8_t *walker = buf; - - printf("Firmware Load Subpage:\n"); - printf(" %-30s: %d\n", "Firmware Downloads", le32dec(walker)); -} - -static void -kv_indirect(void *buf, uint32_t subtype, uint8_t res, uint32_t size, struct subpage_print *sp, size_t nsp) -{ - size_t i; - - for (i = 0; i < nsp; i++, sp++) { - if (sp->key == subtype) { - sp->fn(buf, subtype, res, size); - return; - } - } - printf("No handler for page type %x\n", subtype); -} - -static void -print_hgst_info_log(const struct nvme_controller_data *cdata __unused, void *buf, uint32_t size __unused) -{ - uint8_t *walker, *end, *subpage; - int pages; - uint16_t len; - uint8_t subtype, res; - - printf("HGST Extra Info Log\n"); - printf("===================\n"); - - walker = buf; - pages = *walker++; - walker++; - len = le16dec(walker); - walker += 2; - end = walker + len; /* Length is exclusive of this header */ - - while (walker < end) { - subpage = walker + 4; - subtype = *walker++ & 0x3f; /* subtype */ - res = *walker++; /* Reserved */ - len = le16dec(walker); - walker += len + 2; /* Length, not incl header */ - if (walker > end) { - printf("Ooops! Off the end of the list\n"); - break; - } - kv_indirect(subpage, subtype, res, len, hgst_subpage, nitems(hgst_subpage)); - } -} - -/* * Table of log page printer / sizing. * - * This includes Intel specific pages that are widely implemented. * Make sure you keep all the pages of one vendor together so -v help * lists all the vendors pages. */ -static struct logpage_function { - uint8_t log_page; - const char *vendor; - const char *name; - print_fn_t print_fn; - size_t size; -} logfuncs[] = { - {NVME_LOG_ERROR, NULL, "Drive Error Log", - print_log_error, 0}, - {NVME_LOG_HEALTH_INFORMATION, NULL, "Health/SMART Data", - print_log_health, sizeof(struct nvme_health_information_page)}, - {NVME_LOG_FIRMWARE_SLOT, NULL, "Firmware Information", - print_log_firmware, sizeof(struct nvme_firmware_page)}, - {HGST_INFO_LOG, "hgst", "Detailed Health/SMART", - print_hgst_info_log, DEFAULT_SIZE}, - {HGST_INFO_LOG, "wdc", "Detailed Health/SMART", - print_hgst_info_log, DEFAULT_SIZE}, - {HGST_INFO_LOG, "wds", "Detailed Health/SMART", - print_hgst_info_log, DEFAULT_SIZE}, - {INTEL_LOG_TEMP_STATS, "intel", "Temperature Stats", - print_intel_temp_stats, sizeof(struct intel_log_temp_stats)}, - {INTEL_LOG_READ_LAT_LOG, "intel", "Read Latencies", - print_intel_read_lat_log, DEFAULT_SIZE}, - {INTEL_LOG_WRITE_LAT_LOG, "intel", "Write Latencies", - print_intel_write_lat_log, DEFAULT_SIZE}, - {INTEL_LOG_ADD_SMART, "intel", "Extra Health/SMART Data", - print_intel_add_smart, DEFAULT_SIZE}, - {INTEL_LOG_ADD_SMART, "samsung", "Extra Health/SMART Data", - print_intel_add_smart, DEFAULT_SIZE}, - - {0, NULL, NULL, NULL, 0}, -}; - -static void -logpage_usage(void) -{ - fprintf(stderr, "usage:\n"); - fprintf(stderr, LOGPAGE_USAGE); - exit(1); -} +NVME_LOGPAGE(error, + NVME_LOG_ERROR, NULL, "Drive Error Log", + print_log_error, 0); +NVME_LOGPAGE(health, + NVME_LOG_HEALTH_INFORMATION, NULL, "Health/SMART Data", + print_log_health, sizeof(struct nvme_health_information_page)); +NVME_LOGPAGE(fw, + NVME_LOG_FIRMWARE_SLOT, NULL, "Firmware Information", + print_log_firmware, sizeof(struct nvme_firmware_page)); static void logpage_help(void) { - struct logpage_function *f; + const struct logpage_function * const *f; const char *v; fprintf(stderr, "\n"); fprintf(stderr, "%-8s %-10s %s\n", "Page", "Vendor","Page Name"); fprintf(stderr, "-------- ---------- ----------\n"); - for (f = logfuncs; f->log_page > 0; f++) { - v = f->vendor == NULL ? "-" : f->vendor; - fprintf(stderr, "0x%02x %-10s %s\n", f->log_page, v, f->name); + for (f = logpage_begin(); f < logpage_limit(); f++) { + v = (*f)->vendor == NULL ? "-" : (*f)->vendor; + fprintf(stderr, "0x%02x %-10s %s\n", (*f)->log_page, v, (*f)->name); } exit(1); } -void -logpage(int argc, char *argv[]) +static void +logpage(const struct nvme_function *nf, int argc, char *argv[]) { int fd; int log_page = 0, pageflag = false; @@ -920,7 +352,7 @@ logpage(int argc, char *argv[]) uint32_t nsid, size; void *buf; const char *vendor = NULL; - struct logpage_function *f; + const struct logpage_function * const *f; struct nvme_controller_data cdata; print_fn_t print_fn; uint8_t ns_smart; @@ -940,7 +372,7 @@ logpage(int argc, char *argv[]) fprintf(stderr, "\"%s\" not valid log page id.\n", optarg); - logpage_usage(); + usage(nf); } pageflag = true; break; @@ -957,12 +389,12 @@ logpage(int argc, char *argv[]) if (!pageflag) { printf("Missing page_id (-p).\n"); - logpage_usage(); + usage(nf); } /* Check that a controller and/or namespace was specified. */ if (optind >= argc) - logpage_usage(); + usage(nf); if (strstr(argv[optind], NVME_NS_PREFIX) != NULL) { ns_specified = true; @@ -1002,18 +434,18 @@ logpage(int argc, char *argv[]) /* * See if there is a pretty print function for the specified log * page. If one isn't found, we just revert to the default - * (print_hex). If there was a vendor specified bt the user, and + * (print_hex). If there was a vendor specified by the user, and * the page is vendor specific, don't match the print function * unless the vendors match. */ - for (f = logfuncs; f->log_page > 0; f++) { - if (f->vendor != NULL && vendor != NULL && - strcmp(f->vendor, vendor) != 0) + for (f = logpage_begin(); f < logpage_limit(); f++) { + if ((*f)->vendor != NULL && vendor != NULL && + strcmp((*f)->vendor, vendor) != 0) continue; - if (log_page != f->log_page) + if (log_page != (*f)->log_page) continue; - print_fn = f->print_fn; - size = f->size; + print_fn = (*f)->print_fn; + size = (*f)->size; break; } } @@ -1031,3 +463,5 @@ logpage(int argc, char *argv[]) close(fd); exit(0); } + +NVME_COMMAND(top, logpage, logpage, LOGPAGE_USAGE); diff --git a/sbin/nvmecontrol/modules/Makefile b/sbin/nvmecontrol/modules/Makefile new file mode 100644 index 000000000000..e615eaffb8c9 --- /dev/null +++ b/sbin/nvmecontrol/modules/Makefile @@ -0,0 +1,5 @@ +# $FreeBSD$ + +SUBDIR= intel wdc + +.include <bsd.subdir.mk> diff --git a/sbin/nvmecontrol/modules/Makefile.inc b/sbin/nvmecontrol/modules/Makefile.inc new file mode 100644 index 000000000000..bdc25f711a67 --- /dev/null +++ b/sbin/nvmecontrol/modules/Makefile.inc @@ -0,0 +1,12 @@ +# $FreeBSD$ + +PACKAGE=runtime +NVMECONTROLDIR= ${SRCTOP}/sbin/nvmecontrol + +MK_INSTALLLIB= no +MK_PROFILE= no + +CFLAGS+= -I${NVMECONTROLDIR} + +SHLIB_NAME?= ${LIB}.so +LIBDIR= /lib/nvmecontrol diff --git a/sbin/nvmecontrol/modules/intel/Makefile b/sbin/nvmecontrol/modules/intel/Makefile new file mode 100644 index 000000000000..f2ba4f97aa3a --- /dev/null +++ b/sbin/nvmecontrol/modules/intel/Makefile @@ -0,0 +1,6 @@ +# $FreeBSD$ + +LIB= intel +SRCS= intel.c + +.include <bsd.lib.mk> diff --git a/sbin/nvmecontrol/modules/intel/intel.c b/sbin/nvmecontrol/modules/intel/intel.c new file mode 100644 index 000000000000..8e3ed9e06cb9 --- /dev/null +++ b/sbin/nvmecontrol/modules/intel/intel.c @@ -0,0 +1,195 @@ +/*- + * SPDX-License-Identifier: BSD-2-Clause-FreeBSD + * + * Copyright (c) 2013 EMC Corp. + * All rights reserved. + * + * Copyright (C) 2012-2013 Intel Corporation + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <sys/cdefs.h> +__FBSDID("$FreeBSD$"); + +#include <sys/param.h> +#include <sys/ioccom.h> + +#include <ctype.h> +#include <err.h> +#include <fcntl.h> +#include <stdbool.h> +#include <stddef.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <unistd.h> +#include <sys/endian.h> + +#include "nvmecontrol.h" + +/* + * Intel specific log pages from + * http://www.intel.com/content/dam/www/public/us/en/documents/product-specifications/ssd-dc-p3700-spec.pdf + * + * Though the version as of this date has a typo for the size of log page 0xca, + * offset 147: it is only 1 byte, not 6. + */ +static void +print_intel_temp_stats(const struct nvme_controller_data *cdata __unused, void *buf, uint32_t size __unused) +{ + struct intel_log_temp_stats *temp = buf; + + printf("Intel Temperature Log\n"); + printf("=====================\n"); + + printf("Current: "); + print_temp(temp->current); + printf("Overtemp Last Flags %#jx\n", (uintmax_t)temp->overtemp_flag_last); + printf("Overtemp Lifetime Flags %#jx\n", (uintmax_t)temp->overtemp_flag_life); + printf("Max Temperature "); + print_temp(temp->max_temp); + printf("Min Temperature "); + print_temp(temp->min_temp); + printf("Max Operating Temperature "); + print_temp(temp->max_oper_temp); + printf("Min Operating Temperature "); + print_temp(temp->min_oper_temp); + printf("Estimated Temperature Offset: %ju C/K\n", (uintmax_t)temp->est_offset); +} + +/* + * Format from Table 22, section 5.7 IO Command Latency Statistics. + * Read and write stats pages have identical encoding. + */ +static void +print_intel_read_write_lat_log(const struct nvme_controller_data *cdata __unused, void *buf, uint32_t size __unused) +{ + const char *walker = buf; + int i; + + printf("Major: %d\n", le16dec(walker + 0)); + printf("Minor: %d\n", le16dec(walker + 2)); + for (i = 0; i < 32; i++) + printf("%4dus-%4dus: %ju\n", i * 32, (i + 1) * 32, (uintmax_t)le32dec(walker + 4 + i * 4)); + for (i = 1; i < 32; i++) + printf("%4dms-%4dms: %ju\n", i, i + 1, (uintmax_t)le32dec(walker + 132 + i * 4)); + for (i = 1; i < 32; i++) + printf("%4dms-%4dms: %ju\n", i * 32, (i + 1) * 32, (uintmax_t)le32dec(walker + 256 + i * 4)); +} + +static void +print_intel_read_lat_log(const struct nvme_controller_data *cdata __unused, void *buf, uint32_t size) +{ + + printf("Intel Read Latency Log\n"); + printf("======================\n"); + print_intel_read_write_lat_log(cdata, buf, size); +} + +static void +print_intel_write_lat_log(const struct nvme_controller_data *cdata __unused, void *buf, uint32_t size) +{ + + printf("Intel Write Latency Log\n"); + printf("=======================\n"); + print_intel_read_write_lat_log(cdata, buf, size); +} + +/* + * Table 19. 5.4 SMART Attributes. Others also implement this and some extra data not documented. + */ +void +print_intel_add_smart(const struct nvme_controller_data *cdata __unused, void *buf, uint32_t size __unused) +{ + uint8_t *walker = buf; + uint8_t *end = walker + 150; + const char *name; + uint64_t raw; + uint8_t normalized; + + static struct kv_name kv[] = + { + { 0xab, "Program Fail Count" }, + { 0xac, "Erase Fail Count" }, + { 0xad, "Wear Leveling Count" }, + { 0xb8, "End to End Error Count" }, + { 0xc7, "CRC Error Count" }, + { 0xe2, "Timed: Media Wear" }, + { 0xe3, "Timed: Host Read %" }, + { 0xe4, "Timed: Elapsed Time" }, + { 0xea, "Thermal Throttle Status" }, + { 0xf0, "Retry Buffer Overflows" }, + { 0xf3, "PLL Lock Loss Count" }, + { 0xf4, "NAND Bytes Written" }, + { 0xf5, "Host Bytes Written" }, + }; + + printf("Additional SMART Data Log\n"); + printf("=========================\n"); + /* + * walker[0] = Key + * walker[1,2] = reserved + * walker[3] = Normalized Value + * walker[4] = reserved + * walker[5..10] = Little Endian Raw value + * (or other represenations) + * walker[11] = reserved + */ + while (walker < end) { + name = kv_lookup(kv, nitems(kv), *walker); + normalized = walker[3]; + raw = le48dec(walker + 5); + switch (*walker){ + case 0: + break; + case 0xad: + printf("%-32s: %3d min: %u max: %u ave: %u\n", name, normalized, + le16dec(walker + 5), le16dec(walker + 7), le16dec(walker + 9)); + break; + case 0xe2: + printf("%-32s: %3d %.3f%%\n", name, normalized, raw / 1024.0); + break; + case 0xea: + printf("%-32s: %3d %d%% %d times\n", name, normalized, walker[5], le32dec(walker+6)); + break; + default: + printf("%-32s: %3d %ju\n", name, normalized, (uintmax_t)raw); + break; + } + walker += 12; + } +} + +NVME_LOGPAGE(intel_temp, + INTEL_LOG_TEMP_STATS, "intel", "Temperature Stats", + print_intel_temp_stats, sizeof(struct intel_log_temp_stats)); +NVME_LOGPAGE(intel_rlat, + INTEL_LOG_READ_LAT_LOG, "intel", "Read Latencies", + print_intel_read_lat_log, DEFAULT_SIZE); +NVME_LOGPAGE(intel_wlat, + INTEL_LOG_WRITE_LAT_LOG, "intel", "Write Latencies", + print_intel_write_lat_log, DEFAULT_SIZE); +NVME_LOGPAGE(intel_smart, + INTEL_LOG_ADD_SMART, "intel", "Extra Health/SMART Data", + print_intel_add_smart, DEFAULT_SIZE); diff --git a/sbin/nvmecontrol/modules/wdc/Makefile b/sbin/nvmecontrol/modules/wdc/Makefile new file mode 100644 index 000000000000..40c77254fbea --- /dev/null +++ b/sbin/nvmecontrol/modules/wdc/Makefile @@ -0,0 +1,6 @@ +# $FreeBSD$ + +LIB= wdc +SRCS= wdc.c + +.include <bsd.lib.mk> diff --git a/sbin/nvmecontrol/modules/wdc/wdc.c b/sbin/nvmecontrol/modules/wdc/wdc.c new file mode 100644 index 000000000000..e6ec249addf8 --- /dev/null +++ b/sbin/nvmecontrol/modules/wdc/wdc.c @@ -0,0 +1,597 @@ +/*- + * Copyright (c) 2017 Netflix, Inc + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <sys/cdefs.h> +__FBSDID("$FreeBSD$"); + +#include <sys/param.h> +#include <sys/ioccom.h> +#include <sys/endian.h> + +#include <ctype.h> +#include <err.h> +#include <fcntl.h> +#include <stddef.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <unistd.h> + +#include "nvmecontrol.h" + +#define WDC_USAGE \ + "wdc (cap-diag)\n" + +NVME_CMD_DECLARE(wdc, struct nvme_function); + +#define WDC_NVME_TOC_SIZE 8 + +#define WDC_NVME_CAP_DIAG_OPCODE 0xe6 +#define WDC_NVME_CAP_DIAG_CMD 0x0000 + +static void wdc_cap_diag(const struct nvme_function *nf, int argc, char *argv[]); + +#define WDC_CAP_DIAG_USAGE "wdc cap-diag [-o path-template]\n" + +NVME_COMMAND(wdc, cap-diag, wdc_cap_diag, WDC_CAP_DIAG_USAGE); + +static void +wdc_append_serial_name(int fd, char *buf, size_t len, const char *suffix) +{ + struct nvme_controller_data cdata; + char sn[NVME_SERIAL_NUMBER_LENGTH + 1]; + char *walker; + + len -= strlen(buf); + buf += strlen(buf); + read_controller_data(fd, &cdata); + memcpy(sn, cdata.sn, NVME_SERIAL_NUMBER_LENGTH); + walker = sn + NVME_SERIAL_NUMBER_LENGTH - 1; + while (walker > sn && *walker == ' ') + walker--; + *++walker = '\0'; + snprintf(buf, len, "%s%s.bin", sn, suffix); +} + +static void +wdc_get_data(int fd, uint32_t opcode, uint32_t len, uint32_t off, uint32_t cmd, + uint8_t *buffer, size_t buflen) +{ + struct nvme_pt_command pt; + + memset(&pt, 0, sizeof(pt)); + pt.cmd.opc = opcode; + pt.cmd.cdw10 = htole32(len / sizeof(uint32_t)); /* - 1 like all the others ??? */ + pt.cmd.cdw11 = htole32(off / sizeof(uint32_t)); + pt.cmd.cdw12 = htole32(cmd); + pt.buf = buffer; + pt.len = buflen; + pt.is_read = 1; +// printf("opcode %#x cdw10(len) %#x cdw11(offset?) %#x cdw12(cmd/sub) %#x buflen %zd\n", +// (int)opcode, (int)cdw10, (int)cdw11, (int)cdw12, buflen); + + if (ioctl(fd, NVME_PASSTHROUGH_CMD, &pt) < 0) + err(1, "wdc_get_data request failed"); + if (nvme_completion_is_error(&pt.cpl)) + errx(1, "wdc_get_data request returned error"); +} + +static void +wdc_do_dump(int fd, char *tmpl, const char *suffix, uint32_t opcode, + uint32_t cmd, int len_off) +{ + int first; + int fd2; + uint8_t *buf; + uint32_t len, offset; + size_t resid; + + wdc_append_serial_name(fd, tmpl, MAXPATHLEN, suffix); + + /* XXX overwrite protection? */ + fd2 = open(tmpl, O_WRONLY | O_CREAT | O_TRUNC, 0644); + if (fd2 < 0) + err(1, "open %s", tmpl); + buf = aligned_alloc(PAGE_SIZE, NVME_MAX_XFER_SIZE); + if (buf == NULL) + errx(1, "Can't get buffer to read dump"); + offset = 0; + len = NVME_MAX_XFER_SIZE; + first = 1; + + do { + resid = len > NVME_MAX_XFER_SIZE ? NVME_MAX_XFER_SIZE : len; + wdc_get_data(fd, opcode, resid, offset, cmd, buf, resid); + + if (first) { + len = be32dec(buf + len_off); + if (len == 0) + errx(1, "No data for %s", suffix); + if (memcmp("E6LG", buf, 4) != 0) + printf("Expected header of E6LG, found '%4.4s' instead\n", + buf); + printf("Dumping %d bytes of version %d.%d log to %s\n", len, + buf[8], buf[9], tmpl); + /* + * Adjust amount to dump if total dump < 1MB, + * though it likely doesn't matter to the WDC + * analysis tools. + */ + if (resid > len) + resid = len; + first = 0; + } + if (write(fd2, buf, resid) != (ssize_t)resid) + err(1, "write"); + offset += resid; + len -= resid; + } while (len > 0); + free(buf); + close(fd2); +} + +static void +wdc_cap_diag(const struct nvme_function *nf, int argc, char *argv[]) +{ + char path_tmpl[MAXPATHLEN]; + int ch, fd; + + path_tmpl[0] = '\0'; + while ((ch = getopt(argc, argv, "o:")) != -1) { + switch ((char)ch) { + case 'o': + strlcpy(path_tmpl, optarg, MAXPATHLEN); + break; + default: + usage(nf); + } + } + /* Check that a controller was specified. */ + if (optind >= argc) + usage(nf); + open_dev(argv[optind], &fd, 1, 1); + + wdc_do_dump(fd, path_tmpl, "cap_diag", WDC_NVME_CAP_DIAG_OPCODE, + WDC_NVME_CAP_DIAG_CMD, 4); + + close(fd); + + exit(1); +} + +static void +wdc(const struct nvme_function *nf __unused, int argc, char *argv[]) +{ + + DISPATCH(argc, argv, wdc); +} + +/* + * HGST's 0xc1 page. This is a grab bag of additional data. Please see + * https://www.hgst.com/sites/default/files/resources/US_SN150_ProdManual.pdf + * https://www.hgst.com/sites/default/files/resources/US_SN100_ProdManual.pdf + * Appendix A for details + */ + +typedef void (*subprint_fn_t)(void *buf, uint16_t subtype, uint8_t res, uint32_t size); + +struct subpage_print +{ + uint16_t key; + subprint_fn_t fn; +}; + +static void print_hgst_info_write_errors(void *buf, uint16_t subtype, uint8_t res, uint32_t size); +static void print_hgst_info_read_errors(void *buf, uint16_t subtype, uint8_t res, uint32_t size); +static void print_hgst_info_verify_errors(void *buf, uint16_t subtype, uint8_t res, uint32_t size); +static void print_hgst_info_self_test(void *buf, uint16_t subtype, uint8_t res, uint32_t size); +static void print_hgst_info_background_scan(void *buf, uint16_t subtype, uint8_t res, uint32_t size); +static void print_hgst_info_erase_errors(void *buf, uint16_t subtype, uint8_t res, uint32_t size); +static void print_hgst_info_erase_counts(void *buf, uint16_t subtype, uint8_t res, uint32_t size); +static void print_hgst_info_temp_history(void *buf, uint16_t subtype, uint8_t res, uint32_t size); +static void print_hgst_info_ssd_perf(void *buf, uint16_t subtype, uint8_t res, uint32_t size); +static void print_hgst_info_firmware_load(void *buf, uint16_t subtype, uint8_t res, uint32_t size); + +static struct subpage_print hgst_subpage[] = { + { 0x02, print_hgst_info_write_errors }, + { 0x03, print_hgst_info_read_errors }, + { 0x05, print_hgst_info_verify_errors }, + { 0x10, print_hgst_info_self_test }, + { 0x15, print_hgst_info_background_scan }, + { 0x30, print_hgst_info_erase_errors }, + { 0x31, print_hgst_info_erase_counts }, + { 0x32, print_hgst_info_temp_history }, + { 0x37, print_hgst_info_ssd_perf }, + { 0x38, print_hgst_info_firmware_load }, +}; + +/* Print a subpage that is basically just key value pairs */ +static void +print_hgst_info_subpage_gen(void *buf, uint16_t subtype __unused, uint32_t size, + const struct kv_name *kv, size_t kv_count) +{ + uint8_t *wsp, *esp; + uint16_t ptype; + uint8_t plen; + uint64_t param; + int i; + + wsp = buf; + esp = wsp + size; + while (wsp < esp) { + ptype = le16dec(wsp); + wsp += 2; + wsp++; /* Flags, just ignore */ + plen = *wsp++; + param = 0; + for (i = 0; i < plen; i++) + param |= (uint64_t)*wsp++ << (i * 8); + printf(" %-30s: %jd\n", kv_lookup(kv, kv_count, ptype), (uintmax_t)param); + } +} + +static void +print_hgst_info_write_errors(void *buf, uint16_t subtype, uint8_t res __unused, uint32_t size) +{ + static struct kv_name kv[] = + { + { 0x0000, "Corrected Without Delay" }, + { 0x0001, "Corrected Maybe Delayed" }, + { 0x0002, "Re-Writes" }, + { 0x0003, "Errors Corrected" }, + { 0x0004, "Correct Algorithm Used" }, + { 0x0005, "Bytes Processed" }, + { 0x0006, "Uncorrected Errors" }, + { 0x8000, "Flash Write Commands" }, + { 0x8001, "HGST Special" }, + }; + + printf("Write Errors Subpage:\n"); + print_hgst_info_subpage_gen(buf, subtype, size, kv, nitems(kv)); +} + +static void +print_hgst_info_read_errors(void *buf, uint16_t subtype, uint8_t res __unused, uint32_t size) +{ + static struct kv_name kv[] = + { + { 0x0000, "Corrected Without Delay" }, + { 0x0001, "Corrected Maybe Delayed" }, + { 0x0002, "Re-Reads" }, + { 0x0003, "Errors Corrected" }, + { 0x0004, "Correct Algorithm Used" }, + { 0x0005, "Bytes Processed" }, + { 0x0006, "Uncorrected Errors" }, + { 0x8000, "Flash Read Commands" }, + { 0x8001, "XOR Recovered" }, + { 0x8002, "Total Corrected Bits" }, + }; + + printf("Read Errors Subpage:\n"); + print_hgst_info_subpage_gen(buf, subtype, size, kv, nitems(kv)); +} + +static void +print_hgst_info_verify_errors(void *buf, uint16_t subtype, uint8_t res __unused, uint32_t size) +{ + static struct kv_name kv[] = + { + { 0x0000, "Corrected Without Delay" }, + { 0x0001, "Corrected Maybe Delayed" }, + { 0x0002, "Re-Reads" }, + { 0x0003, "Errors Corrected" }, + { 0x0004, "Correct Algorithm Used" }, + { 0x0005, "Bytes Processed" }, + { 0x0006, "Uncorrected Errors" }, + { 0x8000, "Commands Processed" }, + }; + + printf("Verify Errors Subpage:\n"); + print_hgst_info_subpage_gen(buf, subtype, size, kv, nitems(kv)); +} + +static void +print_hgst_info_self_test(void *buf, uint16_t subtype __unused, uint8_t res __unused, uint32_t size) +{ + size_t i; + uint8_t *walker = buf; + uint16_t code, hrs; + uint32_t lba; + + printf("Self Test Subpage:\n"); + for (i = 0; i < size / 20; i++) { /* Each entry is 20 bytes */ + code = le16dec(walker); + walker += 2; + walker++; /* Ignore fixed flags */ + if (*walker == 0) /* Last entry is zero length */ + break; + if (*walker++ != 0x10) { + printf("Bad length for self test report\n"); + return; + } + printf(" %-30s: %d\n", "Recent Test", code); + printf(" %-28s: %#x\n", "Self-Test Results", *walker & 0xf); + printf(" %-28s: %#x\n", "Self-Test Code", (*walker >> 5) & 0x7); + walker++; + printf(" %-28s: %#x\n", "Self-Test Number", *walker++); + hrs = le16dec(walker); + walker += 2; + lba = le32dec(walker); + walker += 4; + printf(" %-28s: %u\n", "Total Power On Hrs", hrs); + printf(" %-28s: %#jx (%jd)\n", "LBA", (uintmax_t)lba, (uintmax_t)lba); + printf(" %-28s: %#x\n", "Sense Key", *walker++ & 0xf); + printf(" %-28s: %#x\n", "Additional Sense Code", *walker++); + printf(" %-28s: %#x\n", "Additional Sense Qualifier", *walker++); + printf(" %-28s: %#x\n", "Vendor Specific Detail", *walker++); + } +} + +static void +print_hgst_info_background_scan(void *buf, uint16_t subtype __unused, uint8_t res __unused, uint32_t size) +{ + uint8_t *walker = buf; + uint8_t status; + uint16_t code, nscan, progress; + uint32_t pom, nand; + + printf("Background Media Scan Subpage:\n"); + /* Decode the header */ + code = le16dec(walker); + walker += 2; + walker++; /* Ignore fixed flags */ + if (*walker++ != 0x10) { + printf("Bad length for background scan header\n"); + return; + } + if (code != 0) { + printf("Expceted code 0, found code %#x\n", code); + return; + } + pom = le32dec(walker); + walker += 4; + walker++; /* Reserved */ + status = *walker++; + nscan = le16dec(walker); + walker += 2; + progress = le16dec(walker); + walker += 2; + walker += 6; /* Reserved */ + printf(" %-30s: %d\n", "Power On Minutes", pom); + printf(" %-30s: %x (%s)\n", "BMS Status", status, + status == 0 ? "idle" : (status == 1 ? "active" : (status == 8 ? "suspended" : "unknown"))); + printf(" %-30s: %d\n", "Number of BMS", nscan); + printf(" %-30s: %d\n", "Progress Current BMS", progress); + /* Report retirements */ + if (walker - (uint8_t *)buf != 20) { + printf("Coding error, offset not 20\n"); + return; + } + size -= 20; + printf(" %-30s: %d\n", "BMS retirements", size / 0x18); + while (size > 0) { + code = le16dec(walker); + walker += 2; + walker++; + if (*walker++ != 0x14) { + printf("Bad length parameter\n"); + return; + } + pom = le32dec(walker); + walker += 4; + /* + * Spec sheet says the following are hard coded, if true, just + * print the NAND retirement. + */ + if (walker[0] == 0x41 && + walker[1] == 0x0b && + walker[2] == 0x01 && + walker[3] == 0x00 && + walker[4] == 0x00 && + walker[5] == 0x00 && + walker[6] == 0x00 && + walker[7] == 0x00) { + walker += 8; + walker += 4; /* Skip reserved */ + nand = le32dec(walker); + walker += 4; + printf(" %-30s: %d\n", "Retirement number", code); + printf(" %-28s: %#x\n", "NAND (C/T)BBBPPP", nand); + } else { + printf("Parameter %#x entry corrupt\n", code); + walker += 16; + } + } +} + +static void +print_hgst_info_erase_errors(void *buf, uint16_t subtype __unused, uint8_t res __unused, uint32_t size) +{ + static struct kv_name kv[] = + { + { 0x0000, "Corrected Without Delay" }, + { 0x0001, "Corrected Maybe Delayed" }, + { 0x0002, "Re-Erase" }, + { 0x0003, "Errors Corrected" }, + { 0x0004, "Correct Algorithm Used" }, + { 0x0005, "Bytes Processed" }, + { 0x0006, "Uncorrected Errors" }, + { 0x8000, "Flash Erase Commands" }, + { 0x8001, "Mfg Defect Count" }, + { 0x8002, "Grown Defect Count" }, + { 0x8003, "Erase Count -- User" }, + { 0x8004, "Erase Count -- System" }, + }; + + printf("Erase Errors Subpage:\n"); + print_hgst_info_subpage_gen(buf, subtype, size, kv, nitems(kv)); +} + +static void +print_hgst_info_erase_counts(void *buf, uint16_t subtype, uint8_t res __unused, uint32_t size) +{ + /* My drive doesn't export this -- so not coding up */ + printf("XXX: Erase counts subpage: %p, %#x %d\n", buf, subtype, size); +} + +static void +print_hgst_info_temp_history(void *buf, uint16_t subtype __unused, uint8_t res __unused, uint32_t size __unused) +{ + uint8_t *walker = buf; + uint32_t min; + + printf("Temperature History:\n"); + printf(" %-30s: %d C\n", "Current Temperature", *walker++); + printf(" %-30s: %d C\n", "Reference Temperature", *walker++); + printf(" %-30s: %d C\n", "Maximum Temperature", *walker++); + printf(" %-30s: %d C\n", "Minimum Temperature", *walker++); + min = le32dec(walker); + walker += 4; + printf(" %-30s: %d:%02d:00\n", "Max Temperature Time", min / 60, min % 60); + min = le32dec(walker); + walker += 4; + printf(" %-30s: %d:%02d:00\n", "Over Temperature Duration", min / 60, min % 60); + min = le32dec(walker); + walker += 4; + printf(" %-30s: %d:%02d:00\n", "Min Temperature Time", min / 60, min % 60); +} + +static void +print_hgst_info_ssd_perf(void *buf, uint16_t subtype __unused, uint8_t res, uint32_t size __unused) +{ + uint8_t *walker = buf; + uint64_t val; + + printf("SSD Performance Subpage Type %d:\n", res); + val = le64dec(walker); + walker += 8; + printf(" %-30s: %ju\n", "Host Read Commands", val); + val = le64dec(walker); + walker += 8; + printf(" %-30s: %ju\n", "Host Read Blocks", val); + val = le64dec(walker); + walker += 8; + printf(" %-30s: %ju\n", "Host Cache Read Hits Commands", val); + val = le64dec(walker); + walker += 8; + printf(" %-30s: %ju\n", "Host Cache Read Hits Blocks", val); + val = le64dec(walker); + walker += 8; + printf(" %-30s: %ju\n", "Host Read Commands Stalled", val); + val = le64dec(walker); + walker += 8; + printf(" %-30s: %ju\n", "Host Write Commands", val); + val = le64dec(walker); + walker += 8; + printf(" %-30s: %ju\n", "Host Write Blocks", val); + val = le64dec(walker); + walker += 8; + printf(" %-30s: %ju\n", "Host Write Odd Start Commands", val); + val = le64dec(walker); + walker += 8; + printf(" %-30s: %ju\n", "Host Write Odd End Commands", val); + val = le64dec(walker); + walker += 8; + printf(" %-30s: %ju\n", "Host Write Commands Stalled", val); + val = le64dec(walker); + walker += 8; + printf(" %-30s: %ju\n", "NAND Read Commands", val); + val = le64dec(walker); + walker += 8; + printf(" %-30s: %ju\n", "NAND Read Blocks", val); + val = le64dec(walker); + walker += 8; + printf(" %-30s: %ju\n", "NAND Write Commands", val); + val = le64dec(walker); + walker += 8; + printf(" %-30s: %ju\n", "NAND Write Blocks", val); + val = le64dec(walker); + walker += 8; + printf(" %-30s: %ju\n", "NAND Read Before Writes", val); +} + +static void +print_hgst_info_firmware_load(void *buf, uint16_t subtype __unused, uint8_t res __unused, uint32_t size __unused) +{ + uint8_t *walker = buf; + + printf("Firmware Load Subpage:\n"); + printf(" %-30s: %d\n", "Firmware Downloads", le32dec(walker)); +} + +static void +kv_indirect(void *buf, uint32_t subtype, uint8_t res, uint32_t size, struct subpage_print *sp, size_t nsp) +{ + size_t i; + + for (i = 0; i < nsp; i++, sp++) { + if (sp->key == subtype) { + sp->fn(buf, subtype, res, size); + return; + } + } + printf("No handler for page type %x\n", subtype); +} + +static void +print_hgst_info_log(const struct nvme_controller_data *cdata __unused, void *buf, uint32_t size __unused) +{ + uint8_t *walker, *end, *subpage; + int pages; + uint16_t len; + uint8_t subtype, res; + + printf("HGST Extra Info Log\n"); + printf("===================\n"); + + walker = buf; + pages = *walker++; + walker++; + len = le16dec(walker); + walker += 2; + end = walker + len; /* Length is exclusive of this header */ + + while (walker < end) { + subpage = walker + 4; + subtype = *walker++ & 0x3f; /* subtype */ + res = *walker++; /* Reserved */ + len = le16dec(walker); + walker += len + 2; /* Length, not incl header */ + if (walker > end) { + printf("Ooops! Off the end of the list\n"); + break; + } + kv_indirect(subpage, subtype, res, len, hgst_subpage, nitems(hgst_subpage)); + } +} + +NVME_LOGPAGE(hgst_info, + HGST_INFO_LOG, "hgst", "Detailed Health/SMART", + print_hgst_info_log, DEFAULT_SIZE); +NVME_LOGPAGE(wdc_info, + HGST_INFO_LOG, "wdc", "Detailed Health/SMART", + print_hgst_info_log, DEFAULT_SIZE); +NVME_COMMAND(top, wdc, wdc, WDC_USAGE); diff --git a/sbin/nvmecontrol/ns.c b/sbin/nvmecontrol/ns.c index bcc0da54dfe4..ce762d59fb37 100644 --- a/sbin/nvmecontrol/ns.c +++ b/sbin/nvmecontrol/ns.c @@ -41,64 +41,34 @@ __FBSDID("$FreeBSD$"); #include "nvmecontrol.h" +NVME_CMD_DECLARE(ns, struct nvme_function); + +#define NS_USAGE \ + "ns (create|delete|attach|detach)\n" + /* handles NVME_OPC_NAMESPACE_MANAGEMENT and ATTACHMENT admin cmds */ #define NSCREATE_USAGE \ -" nvmecontrol ns create -s size [-c cap] [-f fmt] [-m mset] [-n nmic] [-p pi] [-l pil] nvmeN\n" + "ns create -s size [-c cap] [-f fmt] [-m mset] [-n nmic] [-p pi] [-l pil] nvmeN\n" #define NSDELETE_USAGE \ -" nvmecontrol ns delete -n nsid nvmeN\n" + "ns delete -n nsid nvmeN\n" #define NSATTACH_USAGE \ -" nvmecontrol ns attach -n nsid [-c ctrlrid] nvmeN \n" + "ns attach -n nsid [-c ctrlrid] nvmeN \n" #define NSDETACH_USAGE \ -" nvmecontrol ns detach -n nsid [-c ctrlrid] nvmeN\n" - -void nscreate(int argc, char *argv[]); -void nsdelete(int argc, char *argv[]); -void nsattach(int argc, char *argv[]); -void nsdetach(int argc, char *argv[]); - -static struct nvme_function ns_funcs[] = { - {"create", nscreate, NSCREATE_USAGE}, - {"delete", nsdelete, NSDELETE_USAGE}, - {"attach", nsattach, NSATTACH_USAGE}, - {"detach", nsdetach, NSDETACH_USAGE}, - {NULL, NULL, NULL}, -}; + "ns detach -n nsid [-c ctrlrid] nvmeN\n" -static void -nscreate_usage(void) -{ - fprintf(stderr, "usage:\n"); - fprintf(stderr, NSCREATE_USAGE); - exit(1); -} +static void nscreate(const struct nvme_function *nf, int argc, char *argv[]); +static void nsdelete(const struct nvme_function *nf, int argc, char *argv[]); +static void nsattach(const struct nvme_function *nf, int argc, char *argv[]); +static void nsdetach(const struct nvme_function *nf, int argc, char *argv[]); -static void -nsdelete_usage(void) -{ - fprintf(stderr, "usage:\n"); - fprintf(stderr, NSDELETE_USAGE); - exit(1); -} - -static void -nsattach_usage(void) -{ - fprintf(stderr, "usage:\n"); - fprintf(stderr, NSATTACH_USAGE); - exit(1); -} - -static void -nsdetach_usage(void) -{ - fprintf(stderr, "usage:\n"); - fprintf(stderr, NSDETACH_USAGE); - exit(1); -} +NVME_COMMAND(ns, create, nscreate, NSCREATE_USAGE); +NVME_COMMAND(ns, delete, nsdelete, NSDELETE_USAGE); +NVME_COMMAND(ns, attach, nsattach, NSATTACH_USAGE); +NVME_COMMAND(ns, detach, nsdetach, NSDETACH_USAGE); struct ns_result_str { uint16_t res; @@ -139,8 +109,8 @@ get_res_str(uint16_t res) * 0x16 = Namespace ID unavailable (number namespaces exceeded) * 0xb = Thin Provisioning Not supported */ -void -nscreate(int argc, char *argv[]) +static void +nscreate(const struct nvme_function *nf, int argc, char *argv[]) { struct nvme_pt_command pt; struct nvme_controller_data cd; @@ -149,7 +119,7 @@ nscreate(int argc, char *argv[]) int ch, fd, result, lbaf = 0, mset = 0, nmic = -1, pi = 0, pil = 0; if (optind >= argc) - nscreate_usage(); + usage(nf); while ((ch = getopt(argc, argv, "s:c:f:m:n:p:l:")) != -1) { switch (ch) { @@ -175,17 +145,17 @@ nscreate(int argc, char *argv[]) pil = strtol(optarg, NULL, 0); break; default: - nscreate_usage(); + usage(nf); } } if (optind >= argc) - nscreate_usage(); + usage(nf); if (cap == -1) cap = nsze; if (nsze == -1 || cap == -1) - nscreate_usage(); + usage(nf); open_dev(argv[optind], &fd, 1, 1); read_controller_data(fd, &cd); @@ -234,8 +204,8 @@ nscreate(int argc, char *argv[]) exit(0); } -void -nsdelete(int argc, char *argv[]) +static void +nsdelete(const struct nvme_function *nf, int argc, char *argv[]) { struct nvme_pt_command pt; struct nvme_controller_data cd; @@ -243,7 +213,7 @@ nsdelete(int argc, char *argv[]) char buf[2]; if (optind >= argc) - nsdelete_usage(); + usage(nf); while ((ch = getopt(argc, argv, "n:")) != -1) { switch ((char)ch) { @@ -251,12 +221,12 @@ nsdelete(int argc, char *argv[]) nsid = strtol(optarg, (char **)NULL, 0); break; default: - nsdelete_usage(); + usage(nf); } } if (optind >= argc || nsid == -2) - nsdelete_usage(); + usage(nf); open_dev(argv[optind], &fd, 1, 1); read_controller_data(fd, &cd); @@ -301,8 +271,8 @@ nsdelete(int argc, char *argv[]) * * 0x2 Invalid Field can occur if ctrlrid d.n.e in system. */ -void -nsattach(int argc, char *argv[]) +static void +nsattach(const struct nvme_function *nf, int argc, char *argv[]) { struct nvme_pt_command pt; struct nvme_controller_data cd; @@ -311,7 +281,7 @@ nsattach(int argc, char *argv[]) uint16_t clist[2048]; if (optind >= argc) - nsattach_usage(); + usage(nf); while ((ch = getopt(argc, argv, "n:c:")) != -1) { switch (ch) { @@ -322,15 +292,15 @@ nsattach(int argc, char *argv[]) ctrlrid = strtol(optarg, (char **)NULL, 0); break; default: - nsattach_usage(); + usage(nf); } } if (optind >= argc) - nsattach_usage(); + usage(nf); if (nsid == -1 ) - nsattach_usage(); + usage(nf); open_dev(argv[optind], &fd, 1, 1); read_controller_data(fd, &cd); @@ -380,8 +350,8 @@ nsattach(int argc, char *argv[]) exit(0); } -void -nsdetach(int argc, char *argv[]) +static void +nsdetach(const struct nvme_function *nf, int argc, char *argv[]) { struct nvme_pt_command pt; struct nvme_controller_data cd; @@ -390,7 +360,7 @@ nsdetach(int argc, char *argv[]) uint16_t clist[2048]; if (optind >= argc) - nsdetach_usage(); + usage(nf); while ((ch = getopt(argc, argv, "n:c:")) != -1) { switch (ch) { @@ -401,15 +371,15 @@ nsdetach(int argc, char *argv[]) ctrlrid = strtol(optarg, (char **)NULL, 0); break; default: - nsdetach_usage(); + usage(nf); } } if (optind >= argc) - nsdetach_usage(); + usage(nf); if (nsid == -1) - nsdetach_usage(); + usage(nf); open_dev(argv[optind], &fd, 1, 1); read_controller_data(fd, &cd); @@ -466,9 +436,11 @@ nsdetach(int argc, char *argv[]) exit(0); } -void -ns(int argc, char *argv[]) +static void +ns(const struct nvme_function *nf __unused, int argc, char *argv[]) { - dispatch(argc, argv, ns_funcs); + DISPATCH(argc, argv, ns); } + +NVME_COMMAND(top, ns, ns, NS_USAGE); diff --git a/sbin/nvmecontrol/nvmecontrol.8 b/sbin/nvmecontrol/nvmecontrol.8 index 07bbf05b02ca..208aa588e9fd 100644 --- a/sbin/nvmecontrol/nvmecontrol.8 +++ b/sbin/nvmecontrol/nvmecontrol.8 @@ -34,7 +34,7 @@ .\" .\" $FreeBSD$ .\" -.Dd March 12, 2018 +.Dd December 7, 2018 .Dt NVMECONTROL 8 .Os .Sh NAME @@ -230,6 +230,19 @@ Set the current power mode. .Dl nvmecontrol power nvme0 .Pp Get the current power mode. +.Sh DYNAMIC LOADING +The directories +.Pa /lib/nvmecontrol +and +.Pa /usr/local/lib/nvmecontrol +are scanned for any .so files. +These files are loaded. +The members of the +.Va top +linker set are added to the top-level commands. +The members of the +.Va logpage +linker set are added to the logpage parsers. .Sh HISTORY The .Nm diff --git a/sbin/nvmecontrol/nvmecontrol.c b/sbin/nvmecontrol/nvmecontrol.c index 80f9af710674..3c706f5798fb 100644 --- a/sbin/nvmecontrol/nvmecontrol.c +++ b/sbin/nvmecontrol/nvmecontrol.c @@ -34,6 +34,8 @@ __FBSDID("$FreeBSD$"); #include <sys/stat.h> #include <ctype.h> +#include <dlfcn.h> +#include <dirent.h> #include <err.h> #include <errno.h> #include <fcntl.h> @@ -47,51 +49,99 @@ __FBSDID("$FreeBSD$"); #include "nvmecontrol.h" +SET_CONCAT_DEF(top, struct nvme_function); -static struct nvme_function funcs[] = { - {"devlist", devlist, DEVLIST_USAGE}, - {"identify", identify, IDENTIFY_USAGE}, - {"perftest", perftest, PERFTEST_USAGE}, - {"reset", reset, RESET_USAGE}, - {"logpage", logpage, LOGPAGE_USAGE}, - {"firmware", firmware, FIRMWARE_USAGE}, - {"format", format, FORMAT_USAGE}, - {"power", power, POWER_USAGE}, - {"wdc", wdc, WDC_USAGE}, - {"ns", ns, NS_USAGE}, - {NULL, NULL, NULL}, -}; +static void +print_usage(const struct nvme_function *f) +{ + const char *cp; + char ch; + bool need_prefix = true; + + cp = f->usage; + while (*cp) { + ch = *cp++; + if (need_prefix) { + if (ch != ' ') + fputs(" nvmecontrol ", stderr); + else + fputs(" ", stderr); + } + fputc(ch, stderr); + need_prefix = (ch == '\n'); + } + if (!need_prefix) + fputc('\n', stderr); +} -void -gen_usage(struct nvme_function *f) +static void +gen_usage_set(const struct nvme_function * const *f, const struct nvme_function * const *flimit) { fprintf(stderr, "usage:\n"); - while (f->name != NULL) { - fprintf(stderr, "%s", f->usage); + while (f < flimit) { + print_usage(*f); f++; } exit(1); } void -dispatch(int argc, char *argv[], struct nvme_function *tbl) +usage(const struct nvme_function *f) +{ + + fprintf(stderr, "usage:\n"); + print_usage(f); + exit(1); +} + +void +dispatch_set(int argc, char *argv[], const struct nvme_function * const *tbl, + const struct nvme_function * const *tbl_limit) { - struct nvme_function *f = tbl; + const struct nvme_function * const *f = tbl; if (argv[1] == NULL) { - gen_usage(tbl); + gen_usage_set(tbl, tbl_limit); return; } - while (f->name != NULL) { - if (strcmp(argv[1], f->name) == 0) - f->fn(argc-1, &argv[1]); + while (f < tbl_limit) { + if (strcmp(argv[1], (*f)->name) == 0) { + (*f)->fn(*f, argc-1, &argv[1]); + return; + } f++; } fprintf(stderr, "Unknown command: %s\n", argv[1]); - gen_usage(tbl); + gen_usage_set(tbl, tbl_limit); +} + +void +set_concat_add(struct set_concat *m, void *b, void *e) +{ + void **bp, **ep; + int add_n, cur_n; + + if (b == NULL) + return; + /* + * Args are really pointers to arrays of pointers, but C's + * casting rules kinda suck since you can't directly cast + * struct foo ** to a void **. + */ + bp = (void **)b; + ep = (void **)e; + add_n = ep - bp; + cur_n = 0; + if (m->begin != NULL) + cur_n = m->limit - m->begin; + m->begin = reallocarray(m->begin, cur_n + add_n, sizeof(void *)); + if (m->begin == NULL) + err(1, "expanding concat set"); + memcpy(m->begin + cur_n, bp, add_n * sizeof(void *)); + m->limit = m->begin + cur_n + add_n; } static void @@ -238,14 +288,64 @@ parse_ns_str(const char *ns_str, char *ctrlr_str, uint32_t *nsid) snprintf(ctrlr_str, nsloc - ns_str + 1, "%s", ns_str); } +/* + * Loads all the .so's from the specified directory. + */ +static void +load_dir(const char *dir) +{ + DIR *d; + struct dirent *dent; + char *path = NULL; + void *h; + + d = opendir(dir); + if (d == NULL) + return; + for (dent = readdir(d); dent != NULL; dent = readdir(d)) { + if (strcmp(".so", dent->d_name + dent->d_namlen - 3) != 0) + continue; + asprintf(&path, "%s/%s", dir, dent->d_name); + if (path == NULL) + err(1, "Can't malloc for path, giving up."); + if ((h = dlopen(path, RTLD_NOW | RTLD_GLOBAL)) == NULL) + warnx("Can't load %s: %s", path, dlerror()); + else { + /* + * Add in the top (for cli commands) and logpage (for + * logpage parsing) linker sets. We have to do this by + * hand because linker sets aren't automatically merged. + */ + void *begin, *limit; + begin = dlsym(h, "__start_set_top"); + limit = dlsym(h, "__stop_set_top"); + if (begin) + add_to_top(begin, limit); + begin = dlsym(h, "__start_set_logpage"); + limit = dlsym(h, "__stop_set_logpage"); + if (begin) + add_to_logpage(begin, limit); + } + free(path); + path = NULL; + } + closedir(d); +} + int main(int argc, char *argv[]) { + add_to_top(NVME_CMD_BEGIN(top), NVME_CMD_LIMIT(top)); + add_to_logpage(NVME_LOGPAGE_BEGIN, NVME_LOGPAGE_LIMIT); + + load_dir("/lib/nvmecontrol"); + load_dir("/usr/local/lib/nvmecontrol"); + if (argc < 2) - gen_usage(funcs); + gen_usage_set(top_begin(), top_limit()); - dispatch(argc, argv, funcs); + dispatch_set(argc, argv, top_begin(), top_limit()); return (0); } diff --git a/sbin/nvmecontrol/nvmecontrol.h b/sbin/nvmecontrol/nvmecontrol.h index ba2c04d7cbcc..23946e16b3f6 100644 --- a/sbin/nvmecontrol/nvmecontrol.h +++ b/sbin/nvmecontrol/nvmecontrol.h @@ -31,9 +31,11 @@ #ifndef __NVMECONTROL_H__ #define __NVMECONTROL_H__ +#include <sys/linker_set.h> #include <dev/nvme/nvme.h> -typedef void (*nvme_fn_t)(int argc, char *argv[]); +struct nvme_function; +typedef void (*nvme_fn_t)(const struct nvme_function *nf, int argc, char *argv[]); struct nvme_function { const char *name; @@ -41,52 +43,72 @@ struct nvme_function { const char *usage; }; -#define NVME_CTRLR_PREFIX "nvme" -#define NVME_NS_PREFIX "ns" - -#define DEVLIST_USAGE \ -" nvmecontrol devlist\n" - -#define IDENTIFY_USAGE \ -" nvmecontrol identify [-x [-v]] <controller id|namespace id>\n" - -#define PERFTEST_USAGE \ -" nvmecontrol perftest <-n num_threads> <-o read|write>\n" \ -" <-s size_in_bytes> <-t time_in_seconds>\n" \ -" <-i intr|wait> [-f refthread] [-p]\n" \ -" <namespace id>\n" - -#define RESET_USAGE \ -" nvmecontrol reset <controller id>\n" - -#define LOGPAGE_USAGE \ -" nvmecontrol logpage <-p page_id> [-b] [-v vendor] [-x] <controller id|namespace id>\n" \ +#define NVME_SETNAME(set) set +#define NVME_CMDSET(set, sym) DATA_SET(NVME_SETNAME(set), sym) +#define NVME_COMMAND(set, nam, function, usage_str) \ + static struct nvme_function function ## _nvme_cmd = \ + { .name = #nam, .fn = function, .usage = usage_str }; \ + NVME_CMDSET(set, function ## _nvme_cmd) +#define NVME_CMD_BEGIN(set) SET_BEGIN(NVME_SETNAME(set)) +#define NVME_CMD_LIMIT(set) SET_LIMIT(NVME_SETNAME(set)) +#define NVME_CMD_DECLARE(set, t) SET_DECLARE(NVME_SETNAME(set), t) + +typedef void (*print_fn_t)(const struct nvme_controller_data *cdata, void *buf, uint32_t size); + +struct logpage_function { + uint8_t log_page; + const char *vendor; + const char *name; + print_fn_t print_fn; + size_t size; +}; -#define FIRMWARE_USAGE \ -" nvmecontrol firmware [-s slot] [-f path_to_firmware] [-a] <controller id>\n" -#define FORMAT_USAGE \ -" nvmecontrol format [-f fmt] [-m mset] [-p pi] [-l pil] [-E] [-C] <controller id|namespace id>\n" +#define NVME_LOGPAGESET(sym) DATA_SET(NVME_SETNAME(logpage), sym) +#define NVME_LOGPAGE(unique, lp, vend, nam, fn, sz) \ + static struct logpage_function unique ## _lpf = { \ + .log_page = lp, \ + .vendor = vend, \ + .name = nam, \ + .print_fn = fn, \ + .size = sz, \ + } ; \ + NVME_LOGPAGESET(unique ## _lpf) +#define NVME_LOGPAGE_BEGIN SET_BEGIN(NVME_SETNAME(logpage)) +#define NVME_LOGPAGE_LIMIT SET_LIMIT(NVME_SETNAME(logpage)) +#define NVME_LOGPAGE_DECLARE(t) SET_DECLARE(NVME_SETNAME(logpage), t) + +#define DEFAULT_SIZE (4096) +struct kv_name { + uint32_t key; + const char *name; +}; -#define POWER_USAGE \ -" nvmecontrol power [-l] [-p new-state [-w workload-hint]] <controller id>\n" +const char *kv_lookup(const struct kv_name *kv, size_t kv_count, uint32_t key); -#define WDC_USAGE \ -" nvmecontrol wdc (cap-diag|drive-log|get-crash-dump|purge|purge-montior)\n" +NVME_CMD_DECLARE(top, struct nvme_function); +NVME_LOGPAGE_DECLARE(struct logpage_function); -#define NS_USAGE \ -" nvmecontrol ns (create|delete|attach|detach)\n" +struct set_concat { + void **begin; + void **limit; +}; +void set_concat_add(struct set_concat *m, void *begin, void *end); +#define SET_CONCAT_DEF(set, t) \ +static struct set_concat set ## _concat; \ +static inline const t * const *set ## _begin(void) { return ((const t * const *)set ## _concat.begin); } \ +static inline const t * const *set ## _limit(void) { return ((const t * const *)set ## _concat.limit); } \ +void add_to_ ## set(t **b, t **e) \ +{ \ + set_concat_add(&set ## _concat, b, e); \ +} +#define SET_CONCAT_DECL(set, t) \ + void add_to_ ## set(t **b, t **e) +SET_CONCAT_DECL(top, struct nvme_function); +SET_CONCAT_DECL(logpage, struct logpage_function); -void devlist(int argc, char *argv[]); -void identify(int argc, char *argv[]); -void perftest(int argc, char *argv[]); -void reset(int argc, char *argv[]); -void logpage(int argc, char *argv[]); -void firmware(int argc, char *argv[]); -void format(int argc, char *argv[]); -void power(int argc, char *argv[]); -void wdc(int argc, char *argv[]); -void ns(int argc, char *argv[]); +#define NVME_CTRLR_PREFIX "nvme" +#define NVME_NS_PREFIX "ns" int open_dev(const char *str, int *fd, int show_error, int exit_on_error); void parse_ns_str(const char *ns_str, char *ctrlr_str, uint32_t *nsid); @@ -95,8 +117,17 @@ void read_namespace_data(int fd, uint32_t nsid, struct nvme_namespace_data *nsda void print_hex(void *data, uint32_t length); void read_logpage(int fd, uint8_t log_page, uint32_t nsid, void *payload, uint32_t payload_size); -void gen_usage(struct nvme_function *); -void dispatch(int argc, char *argv[], struct nvme_function *f); +void print_temp(uint16_t t); +void print_intel_add_smart(const struct nvme_controller_data *cdata __unused, void *buf, uint32_t size __unused); + +void usage(const struct nvme_function *f); +void dispatch_set(int argc, char *argv[], const struct nvme_function * const *tbl, + const struct nvme_function * const *tbl_limit); + +#define DISPATCH(argc, argv, set) \ + dispatch_set(argc, argv, \ + (const struct nvme_function * const *)NVME_CMD_BEGIN(set), \ + (const struct nvme_function * const *)NVME_CMD_LIMIT(set)) \ /* Utility Routines */ /* diff --git a/sbin/nvmecontrol/perftest.c b/sbin/nvmecontrol/perftest.c index a97563eebc04..e5c86deb3aa8 100644 --- a/sbin/nvmecontrol/perftest.c +++ b/sbin/nvmecontrol/perftest.c @@ -45,6 +45,12 @@ __FBSDID("$FreeBSD$"); #include "nvmecontrol.h" +#define PERFTEST_USAGE \ + "perftest <-n num_threads> <-o read|write>\n" \ + " <-s size_in_bytes> <-t time_in_seconds>\n" \ + " <-i intr|wait> [-f refthread] [-p]\n" \ + " <namespace id>\n" + static void print_perftest(struct nvme_io_test *io_test, bool perthread) { @@ -69,15 +75,7 @@ print_perftest(struct nvme_io_test *io_test, bool perthread) } static void -perftest_usage(void) -{ - fprintf(stderr, "usage:\n"); - fprintf(stderr, PERFTEST_USAGE); - exit(1); -} - -void -perftest(int argc, char *argv[]) +perftest(const struct nvme_function *nf, int argc, char *argv[]) { struct nvme_io_test io_test; int fd; @@ -112,13 +110,13 @@ perftest(int argc, char *argv[]) fprintf(stderr, "\"%s\" not valid number of threads.\n", optarg); - perftest_usage(); + usage(nf); } else if (io_test.num_threads == 0 || io_test.num_threads > 128) { fprintf(stderr, "\"%s\" not valid number of threads.\n", optarg); - perftest_usage(); + usage(nf); } break; case 'o': @@ -131,7 +129,7 @@ perftest(int argc, char *argv[]) else { fprintf(stderr, "\"%s\" not valid opcode.\n", optarg); - perftest_usage(); + usage(nf); } break; case 'p': @@ -149,7 +147,7 @@ perftest(int argc, char *argv[]) } else { fprintf(stderr, "\"%s\" not valid size.\n", optarg); - perftest_usage(); + usage(nf); } break; case 't': @@ -159,14 +157,15 @@ perftest(int argc, char *argv[]) fprintf(stderr, "\"%s\" not valid time duration.\n", optarg); - perftest_usage(); + usage(nf); } break; } } if (!nflag || !oflag || !sflag || !tflag || optind >= argc) - perftest_usage(); + usage(nf); + open_dev(argv[optind], &fd, 1, 1); if (ioctl(fd, ioctl_cmd, &io_test) < 0) @@ -176,3 +175,5 @@ perftest(int argc, char *argv[]) print_perftest(&io_test, perthread); exit(0); } + +NVME_COMMAND(top, perftest, perftest, PERFTEST_USAGE); diff --git a/sbin/nvmecontrol/power.c b/sbin/nvmecontrol/power.c index 07bdcd521adf..3adbaf1d4eb2 100644 --- a/sbin/nvmecontrol/power.c +++ b/sbin/nvmecontrol/power.c @@ -44,13 +44,8 @@ __FBSDID("$FreeBSD$"); _Static_assert(sizeof(struct nvme_power_state) == 256 / NBBY, "nvme_power_state size wrong"); -static void -power_usage(void) -{ - fprintf(stderr, "usage:\n"); - fprintf(stderr, POWER_USAGE); - exit(1); -} +#define POWER_USAGE \ + "power [-l] [-p new-state [-w workload-hint]] <controller id>\n" static void power_list_one(int i, struct nvme_power_state *nps) @@ -133,8 +128,8 @@ power_show(int fd) printf("Current Power Mode is %d\n", pt.cpl.cdw0); } -void -power(int argc, char *argv[]) +static void +power(const struct nvme_function *nf, int argc, char *argv[]) { struct nvme_controller_data cdata; int ch, listflag = 0, powerflag = 0, power_val = 0, fd; @@ -151,28 +146,28 @@ power(int argc, char *argv[]) power_val = strtol(optarg, &end, 0); if (*end != '\0') { fprintf(stderr, "Invalid power state number: %s\n", optarg); - power_usage(); + usage(nf); } break; case 'w': workload = strtol(optarg, &end, 0); if (*end != '\0') { fprintf(stderr, "Invalid workload hint: %s\n", optarg); - power_usage(); + usage(nf); } break; default: - power_usage(); + usage(nf); } } /* Check that a controller was specified. */ if (optind >= argc) - power_usage(); + usage(nf); if (listflag && powerflag) { fprintf(stderr, "Can't set power and list power states\n"); - power_usage(); + usage(nf); } open_dev(argv[optind], &fd, 1, 1); @@ -193,3 +188,5 @@ out: close(fd); exit(0); } + +NVME_COMMAND(top, power, power, POWER_USAGE); diff --git a/sbin/nvmecontrol/reset.c b/sbin/nvmecontrol/reset.c index 7cb335928337..558a771c9bf5 100644 --- a/sbin/nvmecontrol/reset.c +++ b/sbin/nvmecontrol/reset.c @@ -41,29 +41,24 @@ __FBSDID("$FreeBSD$"); #include "nvmecontrol.h" -static void -reset_usage(void) -{ - fprintf(stderr, "usage:\n"); - fprintf(stderr, RESET_USAGE); - exit(1); -} +#define RESET_USAGE \ + "reset <controller id>\n" -void -reset(int argc, char *argv[]) +static void +reset(const struct nvme_function *nf, int argc, char *argv[]) { int ch, fd; while ((ch = getopt(argc, argv, "")) != -1) { switch ((char)ch) { default: - reset_usage(); + usage(nf); } } /* Check that a controller was specified. */ if (optind >= argc) - reset_usage(); + usage(nf); open_dev(argv[optind], &fd, 1, 1); if (ioctl(fd, NVME_RESET_CONTROLLER) < 0) @@ -71,3 +66,5 @@ reset(int argc, char *argv[]) exit(0); } + +NVME_COMMAND(top, reset, reset, RESET_USAGE); diff --git a/sbin/nvmecontrol/wdc.c b/sbin/nvmecontrol/wdc.c deleted file mode 100644 index 58ebe880a765..000000000000 --- a/sbin/nvmecontrol/wdc.c +++ /dev/null @@ -1,196 +0,0 @@ -/*- - * Copyright (c) 2017 Netflix, Inc - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include <sys/cdefs.h> -__FBSDID("$FreeBSD$"); - -#include <sys/param.h> -#include <sys/ioccom.h> -#include <sys/endian.h> - -#include <ctype.h> -#include <err.h> -#include <fcntl.h> -#include <stddef.h> -#include <stdio.h> -#include <stdlib.h> -#include <string.h> -#include <unistd.h> - -#include "nvmecontrol.h" - -#define WDC_NVME_TOC_SIZE 8 - -#define WDC_NVME_CAP_DIAG_OPCODE 0xe6 -#define WDC_NVME_CAP_DIAG_CMD 0x0000 - -static void wdc_cap_diag(int argc, char *argv[]); - -#define WDC_CAP_DIAG_USAGE "\tnvmecontrol wdc cap-diag [-o path-template]\n" - -static struct nvme_function wdc_funcs[] = { - {"cap-diag", wdc_cap_diag, WDC_CAP_DIAG_USAGE}, - {NULL, NULL, NULL}, -}; - -static void -wdc_append_serial_name(int fd, char *buf, size_t len, const char *suffix) -{ - struct nvme_controller_data cdata; - char sn[NVME_SERIAL_NUMBER_LENGTH + 1]; - char *walker; - - len -= strlen(buf); - buf += strlen(buf); - read_controller_data(fd, &cdata); - memcpy(sn, cdata.sn, NVME_SERIAL_NUMBER_LENGTH); - walker = sn + NVME_SERIAL_NUMBER_LENGTH - 1; - while (walker > sn && *walker == ' ') - walker--; - *++walker = '\0'; - snprintf(buf, len, "%s%s.bin", sn, suffix); -} - -static void -wdc_get_data(int fd, uint32_t opcode, uint32_t len, uint32_t off, uint32_t cmd, - uint8_t *buffer, size_t buflen) -{ - struct nvme_pt_command pt; - - memset(&pt, 0, sizeof(pt)); - pt.cmd.opc = opcode; - pt.cmd.cdw10 = htole32(len / sizeof(uint32_t)); /* - 1 like all the others ??? */ - pt.cmd.cdw11 = htole32(off / sizeof(uint32_t)); - pt.cmd.cdw12 = htole32(cmd); - pt.buf = buffer; - pt.len = buflen; - pt.is_read = 1; -// printf("opcode %#x cdw10(len) %#x cdw11(offset?) %#x cdw12(cmd/sub) %#x buflen %zd\n", -// (int)opcode, (int)cdw10, (int)cdw11, (int)cdw12, buflen); - - if (ioctl(fd, NVME_PASSTHROUGH_CMD, &pt) < 0) - err(1, "wdc_get_data request failed"); - if (nvme_completion_is_error(&pt.cpl)) - errx(1, "wdc_get_data request returned error"); -} - -static void -wdc_do_dump(int fd, char *tmpl, const char *suffix, uint32_t opcode, - uint32_t cmd, int len_off) -{ - int first; - int fd2; - uint8_t *buf; - uint32_t len, offset; - size_t resid; - - wdc_append_serial_name(fd, tmpl, MAXPATHLEN, suffix); - - /* XXX overwrite protection? */ - fd2 = open(tmpl, O_WRONLY | O_CREAT | O_TRUNC, 0644); - if (fd2 < 0) - err(1, "open %s", tmpl); - buf = aligned_alloc(PAGE_SIZE, NVME_MAX_XFER_SIZE); - if (buf == NULL) - errx(1, "Can't get buffer to read dump"); - offset = 0; - len = NVME_MAX_XFER_SIZE; - first = 1; - - do { - resid = len > NVME_MAX_XFER_SIZE ? NVME_MAX_XFER_SIZE : len; - wdc_get_data(fd, opcode, resid, offset, cmd, buf, resid); - - if (first) { - len = be32dec(buf + len_off); - if (len == 0) - errx(1, "No data for %s", suffix); - if (memcmp("E6LG", buf, 4) != 0) - printf("Expected header of E6LG, found '%4.4s' instead\n", - buf); - printf("Dumping %d bytes of version %d.%d log to %s\n", len, - buf[8], buf[9], tmpl); - /* - * Adjust amount to dump if total dump < 1MB, - * though it likely doesn't matter to the WDC - * analysis tools. - */ - if (resid > len) - resid = len; - first = 0; - } - if (write(fd2, buf, resid) != (ssize_t)resid) - err(1, "write"); - offset += resid; - len -= resid; - } while (len > 0); - free(buf); - close(fd2); -} - -static void -wdc_cap_diag_usage(void) -{ - fprintf(stderr, "usage:\n"); - fprintf(stderr, WDC_CAP_DIAG_USAGE); - exit(1); -} - -static void -wdc_cap_diag(int argc, char *argv[]) -{ - char path_tmpl[MAXPATHLEN]; - int ch, fd; - - path_tmpl[0] = '\0'; - while ((ch = getopt(argc, argv, "o:")) != -1) { - switch ((char)ch) { - case 'o': - strlcpy(path_tmpl, optarg, MAXPATHLEN); - break; - default: - wdc_cap_diag_usage(); - } - } - /* Check that a controller was specified. */ - if (optind >= argc) - wdc_cap_diag_usage(); - open_dev(argv[optind], &fd, 1, 1); - - wdc_do_dump(fd, path_tmpl, "cap_diag", WDC_NVME_CAP_DIAG_OPCODE, - WDC_NVME_CAP_DIAG_CMD, 4); - - close(fd); - - exit(1); -} - -void -wdc(int argc, char *argv[]) -{ - - dispatch(argc, argv, wdc_funcs); -} diff --git a/sbin/quotacheck/quotacheck.c b/sbin/quotacheck/quotacheck.c index 3b192a7a9585..9a01be11d9d0 100644 --- a/sbin/quotacheck/quotacheck.c +++ b/sbin/quotacheck/quotacheck.c @@ -321,7 +321,7 @@ chkquota(char *specname, struct quotafile *qfu, struct quotafile *qfg) } } sync(); - if ((ret = sbget(fi, &fs, -1)) != 0) { + if ((ret = sbget(fi, &fs, STDSB)) != 0) { switch (ret) { case ENOENT: warn("Cannot find file system superblock"); diff --git a/sbin/savecore/Makefile b/sbin/savecore/Makefile index d2fdd3d50979..ebf33455b9b8 100644 --- a/sbin/savecore/Makefile +++ b/sbin/savecore/Makefile @@ -2,7 +2,9 @@ PACKAGE=runtime CONFS= minfree -CONFSDIR= /var/crash +VAR_CRASH= /var/crash +VAR_CRASH_MODE= 0750 +CONFSDIR= VAR_CRASH PROG= savecore LIBADD= z xo MAN= savecore.8 diff --git a/share/colldef/Makefile b/share/colldef/Makefile index 21db46b3b4d4..f8db9608c47b 100644 --- a/share/colldef/Makefile +++ b/share/colldef/Makefile @@ -184,6 +184,7 @@ SAME+= en_US.UTF-8 nl_NL.UTF-8 SAME+= en_US.UTF-8 nl_BE.UTF-8 SAME+= en_US.UTF-8 it_IT.UTF-8 SAME+= en_US.UTF-8 it_CH.UTF-8 +SAME+= en_US.UTF-8 ga_IE.UTF-8 SAME+= en_US.UTF-8 fr_FR.UTF-8 SAME+= en_US.UTF-8 fr_CH.UTF-8 SAME+= en_US.UTF-8 fr_BE.UTF-8 diff --git a/share/ctypedef/Makefile b/share/ctypedef/Makefile index ab002fc82c92..d4ad9d24a85a 100644 --- a/share/ctypedef/Makefile +++ b/share/ctypedef/Makefile @@ -82,6 +82,7 @@ SAME+= C.UTF-8 hu_HU.UTF-8 SAME+= C.UTF-8 hr_HR.UTF-8 SAME+= C.UTF-8 hi_IN.UTF-8 SAME+= C.UTF-8 he_IL.UTF-8 +SAME+= C.UTF-8 ga_IE.UTF-8 SAME+= C.UTF-8 fr_FR.UTF-8 SAME+= C.UTF-8 fr_CH.UTF-8 SAME+= C.UTF-8 fr_CA.UTF-8 diff --git a/share/man/man4/Makefile b/share/man/man4/Makefile index 7849a31763a9..5a21af24f1ae 100644 --- a/share/man/man4/Makefile +++ b/share/man/man4/Makefile @@ -323,6 +323,7 @@ MAN= aac.4 \ ng_btsocket.4 \ ng_car.4 \ ng_ccatm.4 \ + ng_checksum.4 \ ng_cisco.4 \ ng_deflate.4 \ ng_device.4 \ diff --git a/share/man/man4/ddb.4 b/share/man/man4/ddb.4 index 42135af13d04..972e77416fba 100644 --- a/share/man/man4/ddb.4 +++ b/share/man/man4/ddb.4 @@ -60,7 +60,7 @@ .\" .\" $FreeBSD$ .\" -.Dd November 10, 2018 +.Dd November 30, 2018 .Dt DDB 4 .Os .Sh NAME @@ -108,8 +108,8 @@ If linked into the running kernel, it can be invoked locally with the .Ql debug .Xr keymap 5 -action, or by setting setting the -.Dv debug.kdb.enter +action, usually mapped to Ctrl+Alt+Esc, or by setting the +.Va debug.kdb.enter sysctl to 1. The debugger is also invoked on kernel .Xr panic 9 @@ -1207,17 +1207,17 @@ Userspace processes may inspect and manage capture state using .Xr sysctl 8 : .Pp -.Dv debug.ddb.capture.bufsize +.Va debug.ddb.capture.bufsize may be used to query or set the current capture buffer size. .Pp -.Dv debug.ddb.capture.maxbufsize +.Va debug.ddb.capture.maxbufsize may be used to query the compile-time limit on the capture buffer size. .Pp -.Dv debug.ddb.capture.bytes +.Va debug.ddb.capture.bytes may be used to query the number of bytes of output currently in the capture buffer. .Pp -.Dv debug.ddb.capture.data +.Va debug.ddb.capture.data returns the contents of the buffer as a string to an appropriately privileged process. .Pp @@ -1419,58 +1419,58 @@ Certain scripts are run automatically, if defined, for specific events. The follow scripts are run when various events occur: .Bl -tag -width kdb.enter.powerfail -.It Dv kdb.enter.acpi +.It Va kdb.enter.acpi The kernel debugger was entered as a result of an .Xr acpi 4 event. -.It Dv kdb.enter.bootflags +.It Va kdb.enter.bootflags The kernel debugger was entered at boot as a result of the debugger boot flag being set. -.It Dv kdb.enter.break +.It Va kdb.enter.break The kernel debugger was entered as a result of a serial or console break. -.It Dv kdb.enter.cam +.It Va kdb.enter.cam The kernel debugger was entered as a result of a .Xr CAM 4 event. -.It Dv kdb.enter.mac +.It Va kdb.enter.mac The kernel debugger was entered as a result of an assertion failure in the .Xr mac_test 4 module of the TrustedBSD MAC Framework. -.It Dv kdb.enter.ndis +.It Va kdb.enter.ndis The kernel debugger was entered as a result of an .Xr ndis 4 breakpoint event. -.It Dv kdb.enter.netgraph +.It Va kdb.enter.netgraph The kernel debugger was entered as a result of a .Xr netgraph 4 event. -.It Dv kdb.enter.panic +.It Va kdb.enter.panic .Xr panic 9 was called. -.It Dv kdb.enter.powerfail +.It Va kdb.enter.powerfail The kernel debugger was entered as a result of a powerfail NMI on the sparc64 platform. -.It Dv kdb.enter.powerpc +.It Va kdb.enter.powerpc The kernel debugger was entered as a result of an unimplemented interrupt type on the powerpc platform. -.It Dv kdb.enter.sysctl +.It Va kdb.enter.sysctl The kernel debugger was entered as a result of the -.Dv debug.kdb.enter +.Va debug.kdb.enter sysctl being set. -.It Dv kdb.enter.trapsig +.It Va kdb.enter.trapsig The kernel debugger was entered as a result of a trapsig event on the sparc64 platform. -.It Dv kdb.enter.unionfs +.It Va kdb.enter.unionfs The kernel debugger was entered as a result of an assertion failure in the union file system. -.It Dv kdb.enter.unknown +.It Va kdb.enter.unknown The kernel debugger was entered, but no reason has been set. -.It Dv kdb.enter.vfslock +.It Va kdb.enter.vfslock The kernel debugger was entered as a result of a VFS lock violation. -.It Dv kdb.enter.watchdog +.It Va kdb.enter.watchdog The kernel debugger was entered as a result of a watchdog firing. -.It Dv kdb.enter.witness +.It Va kdb.enter.witness The kernel debugger was entered as a result of a .Xr witness 4 violation. @@ -1480,14 +1480,14 @@ In the event that none of these scripts is found, .Nm will attempt to execute a default script: .Bl -tag -width kdb.enter.powerfail -.It Dv kdb.enter.default +.It Va kdb.enter.default The kernel debugger was entered, but a script exactly matching the reason for entering was not defined. This can be used as a catch-all to handle cases not specifically of interest; for example, -.Dv kdb.enter.witness +.Va kdb.enter.witness might be defined to have special handling, and -.Dv kdb.enter.default +.Va kdb.enter.default might be defined to simply panic and reboot. .El .Sh HINTS @@ -1507,7 +1507,7 @@ debugging. Modern server systems typically use IPMI to generate signals to enter the debugger. The -.Dv devel/ipmitool +.Va devel/ipmitool port can be used to send the .Cd chassis power diag command which delivers an NMI to the processor. @@ -1537,16 +1537,16 @@ and then releasing both. The break to enter the debugger behavior may be enabled at run-time by setting the .Xr sysctl 8 -.Dv debug.kdb.break_to_debugger +.Va debug.kdb.break_to_debugger to 1. The alternate sequence to enter the debugger behavior may be enabled at run-time by setting the .Xr sysctl 8 -.Dv debug.kdb.alt_break_to_debugger +.Va debug.kdb.alt_break_to_debugger to 1. The debugger may be entered by setting the .Xr sysctl 8 -.Dv debug.kdb.enter +.Va debug.kdb.enter to 1. .Sh FILES Header files mentioned in this manual page can be found below diff --git a/share/man/man4/muge.4 b/share/man/man4/muge.4 index 8c6f6859e297..3bb8810d81b0 100644 --- a/share/man/man4/muge.4 +++ b/share/man/man4/muge.4 @@ -35,10 +35,6 @@ To load the driver as a module at boot time, place the following line in .Bd -literal -offset indent if_muge_load="YES" .Ed -.Pp -.\" Alternatively, to compile this driver into the kernel, place the -.\" following lines in your kernel configuration file: -.Ed .Sh DESCRIPTION The .Nm diff --git a/share/man/man4/netdump.4 b/share/man/man4/netdump.4 index 4c47dbce72ce..4424dcd5ead6 100644 --- a/share/man/man4/netdump.4 +++ b/share/man/man4/netdump.4 @@ -24,7 +24,7 @@ .\" .\" $FreeBSD$ .\" -.Dd October 29, 2018 +.Dd December 5, 2018 .Dt NETDUMP 4 .Os .Sh NAME @@ -105,6 +105,8 @@ The following network drivers support netdump: .Xr em 4 , .Xr igb 4 , .Xr ix 4 , +.Xr ixl 4 , +.Xr mlx4en 4 , .Xr re 4 , .Xr vtnet 4 . .Sh SYSCTL VARIABLES diff --git a/share/man/man4/netmap.4 b/share/man/man4/netmap.4 index c282001dce3a..3ee7ccf13892 100644 --- a/share/man/man4/netmap.4 +++ b/share/man/man4/netmap.4 @@ -27,17 +27,12 @@ .\" .\" $FreeBSD$ .\" -.Dd October 28, 2018 +.Dd November 20, 2018 .Dt NETMAP 4 .Os .Sh NAME .Nm netmap .Nd a framework for fast packet I/O -.Nm VALE -.Nd a fast VirtuAl Local Ethernet using the netmap API -.Pp -.Nm netmap pipes -.Nd a shared memory packet transport channel .Sh SYNOPSIS .Cd device netmap .Sh DESCRIPTION @@ -79,7 +74,7 @@ with much less than one core on 10 Gbit/s NICs; 35-40 Mpps on 40 Gbit/s NICs (limited by the hardware); about 20 Mpps per core for VALE ports; and over 100 Mpps for -.Nm netmap pipes. +.Nm netmap pipes . NICs without native .Nm support can still use the API in emulated mode, @@ -108,9 +103,9 @@ synchronization and blocking I/O through a file descriptor and standard OS mechanisms such as .Xr select 2 , .Xr poll 2 , -.Xr epoll 2 , +.Xr kqueue 2 and -.Xr kqueue 2 . +.Xr epoll 7 . All types of .Nm netmap ports and the @@ -218,12 +213,6 @@ Non-blocking I/O is done with special and .Xr poll 2 on the file descriptor permit blocking I/O. -.Xr epoll 2 -and -.Xr kqueue 2 -are not supported on -.Nm -file descriptors. .Pp While a NIC is in .Nm @@ -244,7 +233,7 @@ which is the ultimate reference for the API. The main structures and fields are indicated below: .Bl -tag -width XXX -.It Dv struct netmap_if (one per interface) +.It Dv struct netmap_if (one per interface ) .Bd -literal struct netmap_if { ... @@ -267,14 +256,30 @@ NICs also have an extra tx/rx ring pair connected to the host stack. .Em NIOCREGIF can also request additional unbound buffers in the same memory space, to be used as temporary storage for packets. +The number of extra +buffers is specified in the +.Va arg.nr_arg3 +field. +On success, the kernel writes back to +.Va arg.nr_arg3 +the number of extra buffers actually allocated (they may be less +than the amount requested if the memory space ran out of buffers). .Pa ni_bufs_head -contains the index of the first of these free rings, +contains the index of the first of these extra buffers, which are connected in a list (the first uint32_t of each buffer being the index of the next buffer in the list). A .Dv 0 indicates the end of the list. -.It Dv struct netmap_ring (one per ring) +The application is free to modify +this list and use the buffers (i.e., binding them to the slots of a +netmap ring). +When closing the netmap file descriptor, +the kernel frees the buffers contained in the list pointed by +.Pa ni_bufs_head +, irrespectively of the buffers originally provided by the kernel on +.Em NIOCREGIF . +.It Dv struct netmap_ring (one per ring ) .Bd -literal struct netmap_ring { ... @@ -296,7 +301,7 @@ Implements transmit and receive rings, with read/write pointers, metadata and an array of .Em slots describing the buffers. -.It Dv struct netmap_slot (one per buffer) +.It Dv struct netmap_slot (one per buffer ) .Bd -literal struct netmap_slot { uint32_t buf_idx; /* buffer index */ @@ -371,7 +376,6 @@ during the execution of a netmap-related system call. The only exception are slots (and buffers) in the range .Va tail\ . . . head-1 , that are explicitly assigned to the kernel. -.Pp .Ss TRANSMIT RINGS On transmit rings, after a .Nm @@ -498,10 +502,9 @@ can be delayed indefinitely. This flag helps detect when packets have been sent and a file descriptor can be closed. .It NS_FORWARD -When a ring is in 'transparent' mode (see -.Sx TRANSPARENT MODE ) , -packets marked with this flag are forwarded to the other endpoint -at the next system call, thus restoring (in a selective way) +When a ring is in 'transparent' mode, +packets marked with this flag by the user application are forwarded to the +other endpoint at the next system call, thus restoring (in a selective way) the connection between a NIC and the host stack. .It NS_NO_LEARN tells the forwarding code that the source MAC address for this @@ -669,7 +672,7 @@ and does not need to be sequential. On return the pipe will only have a single ring pair with index 0, irrespective of the value of -.Va i. +.Va i . .El .Pp By default, a @@ -681,11 +684,14 @@ no write events are specified. The feature can be disabled by or-ing .Va NETMAP_NO_TX_POLL to the value written to -.Va nr_ringid. +.Va nr_ringid . When this feature is used, packets are transmitted only on .Va ioctl(NIOCTXSYNC) -or select()/poll() are called with a write event (POLLOUT/wfdset) or a full ring. +or +.Va select() / +.Va poll() +are called with a write event (POLLOUT/wfdset) or a full ring. .Pp When registering a virtual interface that is dynamically created to a .Xr vale 4 @@ -698,7 +704,7 @@ number of slots available for transmission. tells the hardware of consumed packets, and asks for newly available packets. .El -.Sh SELECT, POLL, EPOLL, KQUEUE. +.Sh SELECT, POLL, EPOLL, KQUEUE .Xr select 2 and .Xr poll 2 @@ -712,7 +718,7 @@ respectively when write (POLLOUT) and read (POLLIN) events are requested. Both block if no slots are available in the ring .Va ( ring->cur == ring->tail ) . Depending on the platform, -.Xr epoll 2 +.Xr epoll 7 and .Xr kqueue 2 are supported too. @@ -731,7 +737,10 @@ Passing the .Dv NETMAP_DO_RX_POLL flag to .Em NIOCREGIF updates receive rings even without read events. -Note that on epoll and kqueue, +Note that on +.Xr epoll 7 +and +.Xr kqueue 2 , .Dv NETMAP_NO_TX_POLL and .Dv NETMAP_DO_RX_POLL @@ -759,9 +768,9 @@ before .Pp The following functions are available: .Bl -tag -width XXXXX -.It Va struct nm_desc * nm_open(const char *ifname, const struct nmreq *req, uint64_t flags, const struct nm_desc *arg) +.It Va struct nm_desc * nm_open(const char *ifname, const struct nmreq *req, uint64_t flags, const struct nm_desc *arg ) similar to -.Xr pcap_open 3pcap , +.Xr pcap_open_live 3 , binds a file descriptor to a port. .Bl -tag -width XX .It Va ifname @@ -782,44 +791,50 @@ can be set to a combination of the following flags: .Va NETMAP_NO_TX_POLL , .Va NETMAP_DO_RX_POLL (copied into nr_ringid); -.Va NM_OPEN_NO_MMAP (if arg points to the same memory region, +.Va NM_OPEN_NO_MMAP +(if arg points to the same memory region, avoids the mmap and uses the values from it); -.Va NM_OPEN_IFNAME (ignores ifname and uses the values in arg); +.Va NM_OPEN_IFNAME +(ignores ifname and uses the values in arg); .Va NM_OPEN_ARG1 , .Va NM_OPEN_ARG2 , -.Va NM_OPEN_ARG3 (uses the fields from arg); -.Va NM_OPEN_RING_CFG (uses the ring number and sizes from arg). +.Va NM_OPEN_ARG3 +(uses the fields from arg); +.Va NM_OPEN_RING_CFG +(uses the ring number and sizes from arg). .El -.It Va int nm_close(struct nm_desc *d) +.It Va int nm_close(struct nm_desc *d ) closes the file descriptor, unmaps memory, frees resources. -.It Va int nm_inject(struct nm_desc *d, const void *buf, size_t size) -similar to pcap_inject(), pushes a packet to a ring, returns the size +.It Va int nm_inject(struct nm_desc *d, const void *buf, size_t size ) +similar to +.Va pcap_inject() , +pushes a packet to a ring, returns the size of the packet is successful, or 0 on error; -.It Va int nm_dispatch(struct nm_desc *d, int cnt, nm_cb_t cb, u_char *arg) -similar to pcap_dispatch(), applies a callback to incoming packets -.It Va u_char * nm_nextpkt(struct nm_desc *d, struct nm_pkthdr *hdr) -similar to pcap_next(), fetches the next packet +.It Va int nm_dispatch(struct nm_desc *d, int cnt, nm_cb_t cb, u_char *arg ) +similar to +.Va pcap_dispatch() , +applies a callback to incoming packets +.It Va u_char * nm_nextpkt(struct nm_desc *d, struct nm_pkthdr *hdr ) +similar to +.Va pcap_next() , +fetches the next packet .El .Sh SUPPORTED DEVICES .Nm natively supports the following devices: .Pp -On FreeBSD: +On +.Fx : .Xr cxgbe 4 , .Xr em 4 , -.Xr igb 4 , +.Xr iflib 4 +(providing igb, em and lem), .Xr ixgbe 4 , .Xr ixl 4 , -.Xr lem 4 , -.Xr re 4 . -.Pp -On Linux -.Xr e1000 4 , -.Xr e1000e 4 , -.Xr i40e 4 , -.Xr igb 4 , -.Xr ixgbe 4 , -.Xr r8169 4 . +.Xr re 4 , +.Xr vtnet 4 . +.Pp +On Linux e1000, e1000e, i40e, igb, ixgbe, ixgbevf, r8169, virtio_net, vmxnet3. .Pp NICs without native support can still be used in .Nm @@ -848,10 +863,11 @@ globally controls how netmap mode is implemented. .Sh SYSCTL VARIABLES AND MODULE PARAMETERS Some aspect of the operation of .Nm -are controlled through sysctl variables on FreeBSD +are controlled through sysctl variables on +.Fx .Em ( dev.netmap.* ) and module parameters on Linux -.Em ( /sys/module/netmap_lin/parameters/* ) : +.Em ( /sys/module/netmap/parameters/* ) : .Bl -tag -width indent .It Va dev.netmap.admode: 0 Controls the use of native or emulated adapter mode. @@ -861,6 +877,8 @@ Controls the use of native or emulated adapter mode. 1 forces native mode and fails if not available; .Pp 2 forces emulated hence never fails. +.It Va dev.netmap.generic_rings: 1 +Number of rings used for emulated netmap mode .It Va dev.netmap.generic_ringsize: 1024 Ring size used for emulated netmap mode .It Va dev.netmap.generic_mit: 100000 @@ -902,13 +920,15 @@ Batch size used when moving packets across a switch. Values above 64 generally guarantee good performance. +.It Va dev.netmap.ptnet_vnet_hdr: 1 +Allow ptnet devices to use virtio-net headers .El .Sh SYSTEM CALLS .Nm uses .Xr select 2 , .Xr poll 2 , -.Xr epoll 2 +.Xr epoll 7 and .Xr kqueue 2 to wake up processes when significant events occur, and @@ -1077,6 +1097,7 @@ with the network card or the host. .Xr vale-ctl 4 , .Xr bridge 8 , .Xr lb 8 , +.Xr nmreplay 8 , .Xr pkt-gen 8 .Pp .Pa http://info.iet.unipi.it/~luigi/netmap/ diff --git a/share/man/man4/nvme.4 b/share/man/man4/nvme.4 index 45025cfc32fe..e1b67e5ba5e4 100644 --- a/share/man/man4/nvme.4 +++ b/share/man/man4/nvme.4 @@ -33,7 +33,7 @@ .\" .\" $FreeBSD$ .\" -.Dd January 7, 2016 +.Dd December 7, 2018 .Dt NVME 4 .Os .Sh NAME @@ -70,6 +70,8 @@ Per-CPU IO queue pairs .It API for registering NVMe namespace consumers such as .Xr nvd 4 +or +.Xr nda 4 .It API for submitting NVM commands to namespaces .It @@ -163,6 +165,7 @@ with a completion entry that was posted by the controller. and completion queues to the console. .El .Sh SEE ALSO +.Xr nda 4 , .Xr nvd 4 , .Xr pci 4 , .Xr nvmecontrol 8 , diff --git a/share/man/man4/pfsync.4 b/share/man/man4/pfsync.4 index b12b3c8cdbe0..5b3159ff8292 100644 --- a/share/man/man4/pfsync.4 +++ b/share/man/man4/pfsync.4 @@ -26,7 +26,7 @@ .\" .\" $FreeBSD$ .\" -.Dd August 18, 2017 +.Dd December 6, 2018 .Dt PFSYNC 4 .Os .Sh NAME @@ -130,6 +130,13 @@ See .Xr carp 4 for more information. Default value is 240. +.It Va net.pfsync.pfsync_buckets +The number of +.Nm +buckets. +This affects the performance and memory tradeoff. +Defaults to twice the number of CPUs. +Change only if benchmarks show this helps on your workload. .El .Sh EXAMPLES .Nm diff --git a/share/man/man4/sfxge.4 b/share/man/man4/sfxge.4 index 589129792ceb..0c6ac4f8db22 100644 --- a/share/man/man4/sfxge.4 +++ b/share/man/man4/sfxge.4 @@ -52,7 +52,7 @@ sfxge_load="YES" The .Nm driver provides support for 10Gb Ethernet adapters based on -Solarflare SFC9000 family controllers. +Solarflare SFC9000 and XtremeScale X2 family controllers. The driver supports jumbo frames, transmit/receive checksum offload, TCP Segmentation Offload (TSO), Large Receive Offload (LRO), VLAN checksum offload, VLAN TSO, @@ -163,8 +163,8 @@ Period in milliseconds to refresh interface statistics from hardware. The accepted range is 0 to 65535, the default is 1000 (1 second). Use zero value to disable periodic statistics update. Supported on SFN8xxx series adapters with firmware v6.2.1.1033 and later and -SFN5xxx and SFN6xxx series adapters. -SFN7xxx series adapters and SFN8xxx series with earlier firmware use a +SFN5xxx, SFN6xxx and XtremeScale X2xxx series adapters. +SFN7xxx series adapters and sfN8xxx series with earlier firmware use a fixed 1000 milliseconds statistics update period. The period may also be changed after the driver is loaded using the sysctl .Va dev.sfxge.%d.stats_update_period_ms . diff --git a/share/man/man4/textdump.4 b/share/man/man4/textdump.4 index f3aa5bd05f72..c3c1dcad300a 100644 --- a/share/man/man4/textdump.4 +++ b/share/man/man4/textdump.4 @@ -27,7 +27,7 @@ .\" .\" $FreeBSD$ .\" -.Dd December 24, 2008 +.Dd November 30, 2018 .Dt TEXTDUMP 4 .Os .Sh NAME @@ -73,30 +73,30 @@ Captured .Xr ddb 4 output, if the capture facility has been used. May be disabled by clearing the -.Dv debug.ddb.textdump.do_ddb +.Va debug.ddb.textdump.do_ddb sysctl. .It Pa config.txt Kernel configuration, if .Cd options INCLUDE_CONFIG_FILE has been compiled into the kernel. May be disabled by clearing the -.Dv debug.ddb.textdump.do_config +.Va debug.ddb.textdump.do_config sysctl. .It Pa msgbuf.txt Kernel message buffer, including recent console output if the capture facility has been used. May be disabled by clearing the -.Dv debug.ddb.textdump.do_msgbuf +.Va debug.ddb.textdump.do_msgbuf sysctl. .It Pa panic.txt Kernel panic string, if the kernel panicked before the dump was generated. May be disabled by clearing the -.Dv debug.ddb.textdump.do_panic +.Va debug.ddb.textdump.do_panic sysctl. .It Pa version.txt Kernel version string. My be disabled by clearing the -.Dv debug.ddb.textdump.do_version +.Va debug.ddb.textdump.do_version sysctl. .El .Pp @@ -115,7 +115,7 @@ dump will be regular memory dumps; however, by using the command in .Xr ddb 4 , or by setting the -.Dv debug.ddb.textdump.pending +.Va debug.ddb.textdump.pending sysctl to 1 using .Xr sysctl 8 , it is possible to request that the next dump be a textdump. @@ -155,7 +155,7 @@ as well as other diagnostics useful to debug the textdump facility itself. .El .Sh EXAMPLES In the following example, the script -.Dv kdb.enter.panic +.Va kdb.enter.panic will run when the kernel debugger is entered as a result of a panic, enable output capture, dump several useful pieces of debugging information, and then invoke panic in order to force a kernel dump to be written out followed by a @@ -166,7 +166,7 @@ script kdb.enter.panic=textdump set; capture on; show allpcpu; bt; .Ed .Pp In the following example, the script -.Dv kdb.enter.witness +.Va kdb.enter.witness will run when the kernel debugger is entered as a result of a witness violation, printing lock-related information for the user: .Bd -literal -offset indent diff --git a/share/man/man4/vmci.4 b/share/man/man4/vmci.4 index 241aa5075962..afff97b7001c 100644 --- a/share/man/man4/vmci.4 +++ b/share/man/man4/vmci.4 @@ -54,8 +54,8 @@ In addition to this, the VMCI kernel API provides support for receiving events related to the state of the VMCI communication channels, and the virtual machine itself. .Sh SEE ALSO -.Xr pci 9 , -.Xr socket 2 +.Xr socket 2 , +.Xr pci 9 .Rs .%T "VMware vSockets Documentation" .%U https://www.vmware.com/support/developer/vmci-sdk/ diff --git a/share/man/man4/vxlan.4 b/share/man/man4/vxlan.4 index 5dac2b0a4e81..24c87998a2fc 100644 --- a/share/man/man4/vxlan.4 +++ b/share/man/man4/vxlan.4 @@ -108,7 +108,7 @@ forwarding table entry. When the .Nm interface is brought up, a -.Xr UDP 4 +.Xr udp 4 .Xr socket 9 is created based on the configuration, such as the local address for unicast mode or @@ -214,7 +214,6 @@ Once created, the .Nm interface can be configured with .Xr ifconfig 8 . -.Ed .Pp The following when placed in the file .Pa /etc/rc.conf @@ -224,6 +223,7 @@ to be created, and will configure the interface in unicast mode. .Bd -literal -offset indent cloned_interfaces="vxlan0" create_args_vxlan0="vxlanid 108 vxlanlocal 192.168.100.1 vxlanremote 192.168.100.2" +.Ed .Sh SEE ALSO .Xr inet 4 , .Xr inet6 4 , @@ -238,7 +238,7 @@ create_args_vxlan0="vxlanid 108 vxlanlocal 192.168.100.1 vxlanremote 192.168.100 .%D August 2014 .%O "RFC 7348" .Re -.Sh AUTHOR +.Sh AUTHORS .An -nosplit The .Nm diff --git a/share/man/man5/ext2fs.5 b/share/man/man5/ext2fs.5 index db792bb0c8c1..758eb0629b7b 100644 --- a/share/man/man5/ext2fs.5 +++ b/share/man/man5/ext2fs.5 @@ -26,7 +26,7 @@ .\" .\" $FreeBSD$ .\" -.Dd January 23, 2016 +.Dd December 4, 2018 .Dt EXT2FS 5 .Os .Sh NAME @@ -52,9 +52,10 @@ kernel to access and .Tn ext4 file systems. -The +Support for Extended Attributes in .Tn ext4 -support is read-only. +is experimental. +Journalling and encryption are currently not supported. .Sh EXAMPLES To mount a .Nm diff --git a/share/man/man5/src.conf.5 b/share/man/man5/src.conf.5 index 31d9fb4e9133..ca775507b338 100644 --- a/share/man/man5/src.conf.5 +++ b/share/man/man5/src.conf.5 @@ -1,6 +1,6 @@ .\" DO NOT EDIT-- this file is @generated by tools/build/options/makeman. .\" $FreeBSD$ -.Dd November 6, 2018 +.Dd November 26, 2018 .Dt SRC.CONF 5 .Os .Sh NAME @@ -149,7 +149,12 @@ Build all binaries with the flag set to indicate that the run-time loader should perform all relocation processing at process startup rather than on demand. .It Va WITHOUT_BINUTILS -Set to not build or install binutils (as, ld, and objdump) as part +Set to not build or install GNU +.Xr as 1 , +.Xr objdump 1 , +and for some CPU architectures +.Xr ld.bfd 1 +as part of the normal system build. The resulting system cannot build programs from source. .Pp @@ -162,7 +167,12 @@ When set, it enforces these options: .Va WITHOUT_GDB .El .It Va WITH_BINUTILS -Set to build and install binutils (as, ld, and objdump) as part +Set to build and install GNU +.Xr as 1 , +.Xr objdump 1 , +and for some CPU architectures +.Xr ld.bfd 1 +as part of the normal system build. .Pp This is a default setting on @@ -224,8 +234,8 @@ and related programs. .It Va WITHOUT_BSD_CPIO Set to not build the BSD licensed version of cpio based on .Xr libarchive 3 . -.It Va WITH_BSD_CRTBEGIN -Enable the BSD licensed +.It Va WITHOUT_BSD_CRTBEGIN +Disable the BSD licensed .Pa crtbegin.o and .Pa crtend.o . diff --git a/share/man/man7/build.7 b/share/man/man7/build.7 index 54811bf7e46a..70abff2a1bba 100644 --- a/share/man/man7/build.7 +++ b/share/man/man7/build.7 @@ -24,7 +24,7 @@ .\" .\" $FreeBSD$ .\" -.Dd November 10, 2018 +.Dd December 3, 2018 .Dt BUILD 7 .Os .Sh NAME @@ -804,7 +804,7 @@ system for the armv6 architecture on an amd64 host: .Bd -literal -offset indent cd /usr/src make TARGET_ARCH=armv6 buildworld buildkernel -make TARGET_ARCH=armv6 DESTDIR=/clients/arm64 installworld installkernel +make TARGET_ARCH=armv6 DESTDIR=/clients/arm installworld installkernel .Ed .Sh SEE ALSO .Xr cc 1 , diff --git a/share/man/man7/development.7 b/share/man/man7/development.7 index 1b871fc0fa0a..989513937b21 100644 --- a/share/man/man7/development.7 +++ b/share/man/man7/development.7 @@ -24,7 +24,7 @@ .\" .\" $FreeBSD$ .\" -.Dd November 16, 2018 +.Dd December 6, 2018 .Dt DEVELOPMENT 7 .Os .Sh NAME @@ -109,7 +109,7 @@ system: .Bd -literal -offset indent svnlite co https://svn.FreeBSD.org/base/head src cd src -make -j8 buildworld buildkernel installkernel +make -sj8 buildworld buildkernel installkernel shutdown -r now .Ed .Pp @@ -119,6 +119,45 @@ cd src make -j8 installworld reboot .Ed +.Pp +Rebuild and reinstall a single piece of userspace, in this +case +.Xr ls 1 : +.Bd -literal -offset indent +cd src/bin/ls +make clean all install +.Ed +.Pp +Quickly rebuild and reinstall the kernel, only recompiling the files +changed since last build; note that this will only work if the full kernel +build has been completed in the past, not on a fresh source tree: +.Bd -literal -offset indent +cd src +make -sj8 kernel KERNFAST=1 +.Ed +.Pp +To rebuild parts of +.Fx +for another CPU architecture, +first prepare your source tree by building the cross-toolchain: +.Bd -literal -offset indent +cd src +make -sj8 toolchain TARGET_ARCH=armv6 +.Ed +.Pp +Afterwards, to build and install a single piece of userspace, use: +.Bd -literal -offset indent +cd src/bin/ls +make buildenv TARGET_ARCH=armv6 +make clean all install DESTDIR=/clients/arm +.Ed +.Pp +Likewise, to quickly rebuild and reinstall the kernel, use: +.Bd -literal -offset indent +cd src +make buildenv TARGET_ARCH=armv6 +make -sj8 kernel KERNFAST=1 DESTDIR=/clients/arm +.Ed .Sh SEE ALSO .Xr svnlite 1 , .Xr witness 4 , diff --git a/share/man/man7/hier.7 b/share/man/man7/hier.7 index 3596077432a0..4681352fb6af 100644 --- a/share/man/man7/hier.7 +++ b/share/man/man7/hier.7 @@ -28,7 +28,7 @@ .\" @(#)hier.7 8.1 (Berkeley) 6/5/93 .\" $FreeBSD$ .\" -.Dd June 18, 2018 +.Dd December 6, 2018 .Dt HIER 7 .Os .Sh NAME @@ -144,10 +144,18 @@ and .Pa /sbin .Pp .Bl -tag -width "defaults/" -compact +.It Pa casper/ +service-specific +.Xr libcasper 3 +Capsicum support libraries .It Pa geom/ class-specific libraries for the .Xr geom 8 utility +.It Pa nvmecontrol/ +vendor-specific libraries to extend the +.Xr nvmecontrol 8 +utility .El .It Pa /libexec/ critical system utilities needed for binaries in diff --git a/share/misc/committers-ports.dot b/share/misc/committers-ports.dot index e5dfa5027ffc..99b6f3ba3b2a 100644 --- a/share/misc/committers-ports.dot +++ b/share/misc/committers-ports.dot @@ -33,6 +33,7 @@ asami [label="Satoshi Asami\nasami@FreeBSD.org\n1994/11/18\n2001/09/11"] billf [label="Bill Fumerola\nbillf@FreeBSD.org\n1998/11/11\n2006/12/14"] jmallett [label="Juli Mallett\njmallett@FreeBSD.org\n2003/01/16\n2006/08/10"] marcel [label="Marcel Moolenaar\nmarcel@FreeBSD.org\n1999/07/03\n2007/07/01"] +sobomax[label="Maxim Sobolev\nsobomax@FreeBSD.org\n2000/05/17\n2018/12/03"] steve [label="Steve Price\nsteve@FreeBSD.org\nxxxx/xx/xx\nxxxx/xx/xx"] will [label="Will Andrews\nwill@FreeBSD.org\n2000/03/20\n2006/09/01"] @@ -240,7 +241,6 @@ shurd [label="Stephen Hurd\nshurd@FreeBSD.org\n2014/06/14"] simon [label="Simon L. Nielsen\nsimon@FreeBSD.org\n2005/01/08"] skozlov [label="Sergey Kozlov\nskozlov@FreeBSD.org\n2018/09/21"] skreuzer [label="Steven Kreuzer\nskreuzer@FreeBSD.org\n2009/03/25"] -sobomax[label="Maxim Sobolev\nsobomax@FreeBSD.org\n2000/05/17"] sperber[label="Armin Pirkovitsch\nsperber@FreeBSD.org\n2012/04/15"] stas [label="Stanislav Sedov\nstas@FreeBSD.org\n2006/09/18"] stefan [label="Stefan Walter\nstefan@FreeBSD.org\n2006/05/07"] diff --git a/share/mk/src.opts.mk b/share/mk/src.opts.mk index fa9e8fa3939a..d95e2fdda7cc 100644 --- a/share/mk/src.opts.mk +++ b/share/mk/src.opts.mk @@ -386,6 +386,11 @@ BROKEN_OPTIONS+=HYPERV BROKEN_OPTIONS+=NVME .endif +# PowerPC and Sparc64 need extra crt*.o files +.if ${__T:Mpowerpc*} || ${__T:Msparc64} +BROKEN_OPTIONS+=BSD_CRTBEGIN +.endif + .include <bsd.mkopt.mk> # diff --git a/share/monetdef/Makefile b/share/monetdef/Makefile index c351c110db01..f209c5951ee8 100644 --- a/share/monetdef/Makefile +++ b/share/monetdef/Makefile @@ -31,7 +31,6 @@ LOCALES+= en_GB.US-ASCII LOCALES+= en_GB.UTF-8 LOCALES+= en_IE.ISO8859-1 LOCALES+= en_IE.ISO8859-15 -LOCALES+= en_IE.UTF-8 LOCALES+= en_NZ.UTF-8 LOCALES+= en_PH.UTF-8 LOCALES+= en_SG.UTF-8 @@ -47,6 +46,7 @@ LOCALES+= fr_CA.UTF-8 LOCALES+= fr_CH.ISO8859-15 LOCALES+= fr_CH.UTF-8 LOCALES+= fr_FR.UTF-8 +LOCALES+= ga_IE.UTF-8 LOCALES+= he_IL.UTF-8 LOCALES+= hi_IN.ISCII-DEV LOCALES+= hi_IN.UTF-8 @@ -156,6 +156,7 @@ SAME+= en_CA.UTF-8 en_CA.ISO8859-1 SAME+= en_GB.ISO8859-15 en_GB.ISO8859-1 SAME+= zh_HK.UTF-8 en_HK.UTF-8 SAME+= zh_HK.UTF-8 en_HK.ISO8859-1 +SAME+= ga_IE.UTF-8 en_IE.UTF-8 SAME+= en_NZ.UTF-8 en_NZ.US-ASCII SAME+= en_NZ.UTF-8 en_NZ.ISO8859-15 SAME+= en_NZ.UTF-8 en_NZ.ISO8859-1 diff --git a/share/monetdef/en_IE.UTF-8.src b/share/monetdef/ga_IE.UTF-8.src index c5bdc6707ae1..c5bdc6707ae1 100644 --- a/share/monetdef/en_IE.UTF-8.src +++ b/share/monetdef/ga_IE.UTF-8.src diff --git a/share/msgdef/Makefile b/share/msgdef/Makefile index 4c0e6d981e75..d58d9f61314e 100644 --- a/share/msgdef/Makefile +++ b/share/msgdef/Makefile @@ -28,6 +28,7 @@ LOCALES+= eu_ES.UTF-8 LOCALES+= fi_FI.ISO8859-15 LOCALES+= fi_FI.UTF-8 LOCALES+= fr_FR.UTF-8 +LOCALES+= ga_IE.UTF-8 LOCALES+= he_IL.UTF-8 LOCALES+= hi_IN.ISCII-DEV LOCALES+= hi_IN.UTF-8 diff --git a/share/msgdef/ga_IE.UTF-8.src b/share/msgdef/ga_IE.UTF-8.src new file mode 100644 index 000000000000..ae07e475043b --- /dev/null +++ b/share/msgdef/ga_IE.UTF-8.src @@ -0,0 +1,17 @@ +# Warning: Do not edit. This file is automatically generated from the +# tools in /usr/src/tools/tools/locale. The data is obtained from the +# CLDR project, obtained from http://cldr.unicode.org/ +# ----------------------------------------------------------------------------- +# +# yesexpr +^(([tT]([áÁ])?)|([tT])|([yY]([eE][sS])?)|([yY])) +# +# noexpr +^(([nN]([íÍ][lL])?)|([nN])|([nN]([oO])?)|([nN])) +# +# yesstr +tá:t:TÁ:T:yes:y:YES:Y +# +# nostr +níl:n:NÍL:N:no:n:NO:N +# EOF diff --git a/share/numericdef/Makefile b/share/numericdef/Makefile index 6cde18a098f4..f4cff6a90c31 100644 --- a/share/numericdef/Makefile +++ b/share/numericdef/Makefile @@ -105,6 +105,7 @@ SAME+= en_US.UTF-8 ja_JP.UTF-8 SAME+= en_US.UTF-8 ja_JP.SJIS SAME+= en_US.UTF-8 ja_JP.eucJP SAME+= en_US.UTF-8 he_IL.UTF-8 +SAME+= en_US.UTF-8 ga_IE.UTF-8 SAME+= en_US.UTF-8 es_MX.UTF-8 SAME+= en_US.UTF-8 es_MX.ISO8859-1 SAME+= en_US.UTF-8 en_US.US-ASCII diff --git a/share/termcap/termcap b/share/termcap/termcap index 8565a3de1472..8ad231b941a8 100644 --- a/share/termcap/termcap +++ b/share/termcap/termcap @@ -2787,6 +2787,17 @@ SW|screen-w|VT 100/ANSI X3.64 virtual terminal with 132 cols:\ screen-256color|VT 100/ANSI X3.64 terminal with 256 colors:\ :Co#256:pa#32767:\ :AB=\E[48;5;%dm:AF=\E[38;5;%dm:tc=screen: + +ecma+italics|ECMA-48 italics:\ + :ZH=\E[3m:ZR=\E[23m: + +tmux|tmux terminal multiplexer:\ + :so=\E[7m:se=\E[27m:\ + :tc=ecma+italics:tc=screen: +tmux-256color|tmux with 256 colors:\ + :so=\E[7m:se=\E[27m:\ + :tc=ecma+italics:tc=screen-256color: + # $XTermId: termcap,v 1.78 2009/11/09 00:24:26 tom Exp $ # # Note: @@ -2829,7 +2840,8 @@ xterm-basic|modern xterm common:\ :me=\E[m:ml=\El:mr=\E[7m:mu=\Em:nd=\E[C:op=\E[39;49m:\ :rc=\E8:rs=\E[!p\E[?3;4l\E[4l\E>:sc=\E7:se=\E[27m:sf=^J:\ :so=\E[7m:sr=\EM:st=\EH:\ - :ue=\E[24m:up=\E[A:us=\E[4m:ve=\E[?12l\E[?25h:vi=\E[?25l:vs=\E[?12;25h: + :ue=\E[24m:up=\E[A:us=\E[4m:ve=\E[?12l\E[?25h:vi=\E[?25l:vs=\E[?12;25h:\ + :tc=ecma+italics: # The xterm-new description has all of the features, but is not completely # compatible with vt220. If you are using a Sun or PC keyboard, set the diff --git a/share/timedef/Makefile b/share/timedef/Makefile index 657a5d6aedc2..345a1eb6ac6c 100644 --- a/share/timedef/Makefile +++ b/share/timedef/Makefile @@ -58,6 +58,7 @@ LOCALES+= fr_CH.ISO8859-15 LOCALES+= fr_CH.UTF-8 LOCALES+= fr_FR.ISO8859-15 LOCALES+= fr_FR.UTF-8 +LOCALES+= ga_IE.UTF-8 LOCALES+= he_IL.UTF-8 LOCALES+= hi_IN.ISCII-DEV LOCALES+= hi_IN.UTF-8 diff --git a/share/timedef/ga_IE.UTF-8.src b/share/timedef/ga_IE.UTF-8.src new file mode 100644 index 000000000000..e96517942b40 --- /dev/null +++ b/share/timedef/ga_IE.UTF-8.src @@ -0,0 +1,83 @@ +# +# Short month names +Ean +Fea +Már +Abr +Bea +Mei +Iul +Lún +Mnf +Drf +Sam +Nol +# +# Long month names (as in a date) +Mí Eanair +Mí na Feabhra +Mí an Mhárta +Mí Aibreáin +Mí na Bealtaine +Mí an Mheithimh +Mí Iúil +Mí na Lúnasa +Mí Meán Fhómhair +Mí Deireadh Fómhair +Mí na Samhna +Mí na Nollag +# +# Short weekday names +Dom +Lua +Már +Céa +Déa +Aoi +Sat +# +# Long weekday names +Dé Domhnaigh +Dé Luain +Dé Máirt +Dé Céadaoin +Déardaoin +Dé hAoine +Dé Sathairn +# +# X_fmt +%H:%M:%S +# +# x_fmt +%d/%m/%Y +# +# c_fmt +%a %e %b %X %Y +# +# AM/PM +r.n. +i.n. +# +# date_fmt +%a %e %b %Y %X %Z +# +# Long month names (without case ending) +Mí Eanair +Mí na Feabhra +Mí an Mhárta +Mí Aibreáin +Mí na Bealtaine +Mí an Mheithimh +Mí Iúil +Mí na Lúnasa +Mí Meán Fhómhair +Mí Deireadh Fómhair +Mí na Samhna +Mí na Nollag +# +# md_order +dm +# +# ampm_fmt +%I:%M:%S %p +# EOF diff --git a/stand/common/bcache.c b/stand/common/bcache.c index 39e8e35a559d..5affaf5f0fd9 100644 --- a/stand/common/bcache.c +++ b/stand/common/bcache.c @@ -476,12 +476,12 @@ command_bcache(int argc, char *argv[]) return(CMD_ERROR); } - printf("\ncache blocks: %d\n", bcache_total_nblks); - printf("cache blocksz: %d\n", bcache_blksize); - printf("cache readahead: %d\n", bcache_rablks); - printf("unit cache blocks: %d\n", bcache_unit_nblks); - printf("cached units: %d\n", bcache_units); - printf("%d ops %d bypasses %d hits %d misses\n", bcache_ops, + printf("\ncache blocks: %u\n", bcache_total_nblks); + printf("cache blocksz: %u\n", bcache_blksize); + printf("cache readahead: %u\n", bcache_rablks); + printf("unit cache blocks: %u\n", bcache_unit_nblks); + printf("cached units: %u\n", bcache_units); + printf("%u ops %d bypasses %u hits %u misses\n", bcache_ops, bcache_bypasses, bcache_hits, bcache_misses); return(CMD_OK); } diff --git a/stand/common/interp_forth.c b/stand/common/interp_forth.c index 31ba1f7c2967..19d66cdf3f4d 100644 --- a/stand/common/interp_forth.c +++ b/stand/common/interp_forth.c @@ -142,9 +142,10 @@ bf_command(FICL_VM *vm) switch (result) { case CMD_CRIT: printf("%s\n", command_errmsg); + command_errmsg = NULL; break; case CMD_FATAL: - panic("%s\n", command_errmsg); + panic("%s", command_errmsg); } free(line); diff --git a/stand/defs.mk b/stand/defs.mk index 7ee0922858b9..0d66fba0cf69 100644 --- a/stand/defs.mk +++ b/stand/defs.mk @@ -1,12 +1,12 @@ # $FreeBSD$ -.include <src.opts.mk> - -WARNS?=1 - .if !defined(__BOOT_DEFS_MK__) __BOOT_DEFS_MK__=${MFILE} +# We need to define all the MK_ options before including src.opts.mk +# because it includes bsd.own.mk which needs the right MK_ values, +# espeically MK_CTF. + MK_CTF= no MK_SSP= no MK_PROFILE= no @@ -16,6 +16,10 @@ NO_PIC= INTERNALLIB= .endif +.include <src.opts.mk> + +WARNS?= 1 + BOOTSRC= ${SRCTOP}/stand EFISRC= ${BOOTSRC}/efi EFIINC= ${EFISRC}/include @@ -115,6 +119,11 @@ CFLAGS+= -march=rv64imac -mabi=lp64 CFLAGS+= -msoft-float .endif +# -msoft-float seems to be insufficient for powerpcspe +.if ${MACHINE_ARCH} == "powerpcspe" +CFLAGS+= -mno-spe +.endif + .if ${MACHINE_CPUARCH} == "i386" || (${MACHINE_CPUARCH} == "amd64" && ${DO32:U0} == 1) CFLAGS+= -march=i386 CFLAGS.gcc+= -mpreferred-stack-boundary=2 diff --git a/stand/efi/libefi/efi_console.c b/stand/efi/libefi/efi_console.c index c8275030a2a6..de1e3a711649 100644 --- a/stand/efi/libefi/efi_console.c +++ b/stand/efi/libefi/efi_console.c @@ -51,7 +51,8 @@ void HO(void); void end_term(void); #endif -static EFI_INPUT_KEY key_cur; +#define KEYBUFSZ 10 +static unsigned keybuf[KEYBUFSZ]; /* keybuf for extended codes */ static int key_pending; static void efi_cons_probe(struct console *); @@ -438,55 +439,120 @@ efi_cons_putchar(int c) #endif } -int -efi_cons_getchar() +static int +keybuf_getchar(void) { - EFI_INPUT_KEY key; - EFI_STATUS status; - UINTN junk; - - if (key_pending) { - key = key_cur; - key_pending = 0; - } else { - /* Try to read a key stroke. We wait for one if none is pending. */ - status = conin->ReadKeyStroke(conin, &key); - while (status == EFI_NOT_READY) { - /* Some EFI implementation (u-boot for example) do not support WaitForKey */ - if (conin->WaitForKey != NULL) - BS->WaitForEvent(1, &conin->WaitForKey, &junk); - status = conin->ReadKeyStroke(conin, &key); + int i, c = 0; + + for (i = 0; i < KEYBUFSZ; i++) { + if (keybuf[i] != 0) { + c = keybuf[i]; + keybuf[i] = 0; + break; } } - switch (key.ScanCode) { - case 0x17: /* ESC */ - return (0x1b); /* esc */ + return (c); +} + +static bool +keybuf_ischar(void) +{ + int i; + + for (i = 0; i < KEYBUFSZ; i++) { + if (keybuf[i] != 0) + return (true); } + return (false); +} - /* this can return */ - return (key.UnicodeChar); +/* + * We are not reading input before keybuf is empty, so we are safe + * just to fill keybuf from the beginning. + */ +static void +keybuf_inschar(EFI_INPUT_KEY *key) +{ + + switch (key->ScanCode) { + case 0x1: /* UP */ + keybuf[0] = 0x1b; /* esc */ + keybuf[1] = '['; + keybuf[2] = 'A'; + break; + case 0x2: /* DOWN */ + keybuf[0] = 0x1b; /* esc */ + keybuf[1] = '['; + keybuf[2] = 'B'; + break; + case 0x3: /* RIGHT */ + keybuf[0] = 0x1b; /* esc */ + keybuf[1] = '['; + keybuf[2] = 'C'; + break; + case 0x4: /* LEFT */ + keybuf[0] = 0x1b; /* esc */ + keybuf[1] = '['; + keybuf[2] = 'D'; + break; + case 0x17: + keybuf[0] = 0x1b; /* esc */ + break; + default: + keybuf[0] = key->UnicodeChar; + break; + } } -int -efi_cons_poll() +static bool +efi_readkey(void) { - EFI_INPUT_KEY key; EFI_STATUS status; + EFI_INPUT_KEY key; - if (conin->WaitForKey == NULL) { - if (key_pending) - return (1); - status = conin->ReadKeyStroke(conin, &key); - if (status == EFI_SUCCESS) { - key_cur = key; - key_pending = 1; - } - return (key_pending); + status = conin->ReadKeyStroke(conin, &key); + if (status == EFI_SUCCESS) { + keybuf_inschar(&key); + return (true); } + return (false); +} + +int +efi_cons_getchar(void) +{ + int c; + + if ((c = keybuf_getchar()) != 0) + return (c); + + key_pending = 0; + + if (efi_readkey()) + return (keybuf_getchar()); + + return (-1); +} + +int +efi_cons_poll(void) +{ + + if (keybuf_ischar() || key_pending) + return (1); + + /* + * Some EFI implementation (u-boot for example) do not support + * WaitForKey(). + * CheckEvent() can clear the signaled state. + */ + if (conin->WaitForKey == NULL) + key_pending = efi_readkey(); + else + key_pending = BS->CheckEvent(conin->WaitForKey) == EFI_SUCCESS; - /* This can clear the signaled state. */ - return (BS->CheckEvent(conin->WaitForKey) == EFI_SUCCESS); + return (key_pending); } /* Plain direct access to EFI OutputString(). */ diff --git a/stand/i386/btx/lib/Makefile b/stand/i386/btx/lib/Makefile index 2988f4297660..a9e2e4350a55 100644 --- a/stand/i386/btx/lib/Makefile +++ b/stand/i386/btx/lib/Makefile @@ -4,7 +4,7 @@ PROG= crt0.o INTERNALPROG= -SRCS= btxcsu.S btxsys.s btxv86.s +SRCS= btxcsu.S btxsys.S btxv86.S CFLAGS+=-I${BOOTSRC}/i386/common LDFLAGS+=-Wl,-r diff --git a/stand/i386/btx/lib/btxsys.s b/stand/i386/btx/lib/btxsys.S index 9c77b4295e7c..9c77b4295e7c 100644 --- a/stand/i386/btx/lib/btxsys.s +++ b/stand/i386/btx/lib/btxsys.S diff --git a/stand/i386/btx/lib/btxv86.s b/stand/i386/btx/lib/btxv86.S index 0d7d1116322d..0d7d1116322d 100644 --- a/stand/i386/btx/lib/btxv86.s +++ b/stand/i386/btx/lib/btxv86.S diff --git a/stand/i386/common/bootargs.h b/stand/i386/common/bootargs.h index df558072f37f..5a6fef85a8c8 100644 --- a/stand/i386/common/bootargs.h +++ b/stand/i386/common/bootargs.h @@ -18,10 +18,11 @@ #ifndef _BOOT_I386_ARGS_H_ #define _BOOT_I386_ARGS_H_ -#define KARGS_FLAGS_CD 0x1 -#define KARGS_FLAGS_PXE 0x2 -#define KARGS_FLAGS_ZFS 0x4 -#define KARGS_FLAGS_EXTARG 0x8 /* variably sized extended argument */ +#define KARGS_FLAGS_CD 0x0001 /* .bootdev is a bios CD dev */ +#define KARGS_FLAGS_PXE 0x0002 /* .pxeinfo is valid */ +#define KARGS_FLAGS_ZFS 0x0004 /* .zfspool is valid, EXTARG is zfs_boot_args */ +#define KARGS_FLAGS_EXTARG 0x0008 /* variably sized extended argument */ +#define KARGS_FLAGS_GELI 0x0010 /* EXTARG is geli_boot_args */ #define BOOTARGS_SIZE 24 /* sizeof(struct bootargs) */ #define BA_BOOTFLAGS 8 /* offsetof(struct bootargs, bootflags) */ @@ -43,6 +44,24 @@ #ifndef __ASSEMBLER__ +/* + * This struct describes the contents of the stack on entry to btxldr.S. This + * is the data that follows the return address, so it begins at 4(%esp). On + * the sending side, this data is passed as individual args to __exec(). On the + * receiving side, code in btxldr.S copies the data from the entry stack to a + * known fixed location in the new address space. Then, btxcsu.S sets the + * global variable __args to point to that known fixed location before calling + * main(), which casts __args to a struct bootargs pointer to access the data. + * The btxldr.S code is aware of KARGS_FLAGS_EXTARG, and if it's set, the extra + * args data is copied along with the other bootargs from the entry stack to the + * fixed location in the new address space. + * + * The bootinfo field is actually a pointer to a bootinfo struct that has been + * converted to uint32_t using VTOP(). On the receiving side it must be + * converted back to a pointer using PTOV(). Code in btxldr.S is aware of this + * field and if it's non-NULL it copies the data it points to into another known + * fixed location, and adjusts the bootinfo field to point to that new location. + */ struct bootargs { uint32_t howto; @@ -66,11 +85,15 @@ struct bootargs #ifdef LOADER_GELI_SUPPORT #include <crypto/intake.h> +#include "geliboot.h" #endif -struct geli_boot_args +/* + * geli_boot_data is embedded in geli_boot_args (passed from gptboot to loader) + * and in zfs_boot_args (passed from zfsboot and gptzfsboot to loader). + */ +struct geli_boot_data { - uint32_t size; union { char gelipw[256]; struct { @@ -88,6 +111,49 @@ struct geli_boot_args }; }; +#ifdef LOADER_GELI_SUPPORT + +static inline void +export_geli_boot_data(struct geli_boot_data *gbdata) +{ + + gbdata->notapw = '\0'; + gbdata->keybuf_sentinel = KEYBUF_SENTINEL; + gbdata->keybuf = malloc(sizeof(struct keybuf) + + (GELI_MAX_KEYS * sizeof(struct keybuf_ent))); + geli_export_key_buffer(gbdata->keybuf); +} + +static inline void +import_geli_boot_data(struct geli_boot_data *gbdata) +{ + + if (gbdata->gelipw[0] != '\0') { + setenv("kern.geom.eli.passphrase", gbdata->gelipw, 1); + explicit_bzero(gbdata->gelipw, sizeof(gbdata->gelipw)); + } else if (gbdata->keybuf_sentinel == KEYBUF_SENTINEL) { + geli_import_key_buffer(gbdata->keybuf); + } +} +#endif /* LOADER_GELI_SUPPORT */ + +struct geli_boot_args +{ + uint32_t size; + struct geli_boot_data gelidata; +}; + +struct zfs_boot_args +{ + uint32_t size; + uint32_t reserved; + uint64_t pool; + uint64_t root; + uint64_t primary_pool; + uint64_t primary_vdev; + struct geli_boot_data gelidata; +}; + #endif /*__ASSEMBLER__*/ #endif /* !_BOOT_I386_ARGS_H_ */ diff --git a/stand/i386/gptboot/gptboot.c b/stand/i386/gptboot/gptboot.c index 5553364090f1..d9e11864c0a4 100644 --- a/stand/i386/gptboot/gptboot.c +++ b/stand/i386/gptboot/gptboot.c @@ -81,7 +81,6 @@ uint32_t opts; static const char *const dev_nm[NDEV] = {"ad", "da", "fd"}; static const unsigned char dev_maj[NDEV] = {30, 4, 2}; -static struct dsk dsk; static char kname[1024]; static int comspeed = SIOSPD; static struct bootinfo bootinfo; @@ -115,7 +114,6 @@ static int vdev_read(void *vdev __unused, void *priv, off_t off, void *buf, #ifdef LOADER_GELI_SUPPORT #include "geliboot.h" static char gelipw[GELI_PW_MAXLEN]; -static struct keybuf *gelibuf; #endif struct gptdsk { @@ -481,17 +479,18 @@ load(void) #ifdef LOADER_GELI_SUPPORT geliargs.size = sizeof(geliargs); explicit_bzero(gelipw, sizeof(gelipw)); - gelibuf = malloc(sizeof(struct keybuf) + - (GELI_MAX_KEYS * sizeof(struct keybuf_ent))); - geli_export_key_buffer(gelibuf); - geliargs.notapw = '\0'; - geliargs.keybuf_sentinel = KEYBUF_SENTINEL; - geliargs.keybuf = gelibuf; + export_geli_boot_data(&geliargs.gelidata); #endif + /* + * Note that the geliargs struct is passed by value, not by pointer. + * Code in btxldr.S copies the values from the entry stack to a fixed + * location within loader(8) at startup due to the presence of the + * KARGS_FLAGS_EXTARG flag. + */ __exec((caddr_t)addr, RB_BOOTINFO | (opts & RBX_MASK), MAKEBOOTDEV(dev_maj[gdsk.dsk.type], gdsk.dsk.part + 1, gdsk.dsk.unit, 0xff), #ifdef LOADER_GELI_SUPPORT - KARGS_FLAGS_EXTARG, 0, 0, VTOP(&bootinfo), geliargs + KARGS_FLAGS_GELI | KARGS_FLAGS_EXTARG, 0, 0, VTOP(&bootinfo), geliargs #else 0, 0, 0, VTOP(&bootinfo) #endif @@ -569,22 +568,22 @@ parse_cmds(char *cmdstr, int *dskupdated) arg[1] != dev_nm[i][1]; i++) if (i == NDEV - 1) return (-1); - dsk.type = i; + gdsk.dsk.type = i; arg += 3; - dsk.unit = *arg - '0'; - if (arg[1] != 'p' || dsk.unit > 9) + gdsk.dsk.unit = *arg - '0'; + if (arg[1] != 'p' || gdsk.dsk.unit > 9) return (-1); arg += 2; - dsk.part = *arg - '0'; - if (dsk.part < 1 || dsk.part > 9) + gdsk.dsk.part = *arg - '0'; + if (gdsk.dsk.part < 1 || gdsk.dsk.part > 9) return (-1); arg++; if (arg[0] != ')') return (-1); arg++; if (drv == -1) - drv = dsk.unit; - dsk.drive = (dsk.type <= TYPE_MAXHARD + drv = gdsk.dsk.unit; + gdsk.dsk.drive = (gdsk.dsk.type <= TYPE_MAXHARD ? DRV_HARD : 0) + drv; *dskupdated = 1; } diff --git a/stand/i386/kgzldr/Makefile b/stand/i386/kgzldr/Makefile index 281f1c9f1ba0..96ba94ee535f 100644 --- a/stand/i386/kgzldr/Makefile +++ b/stand/i386/kgzldr/Makefile @@ -7,7 +7,7 @@ STRIP= BINMODE=${LIBMODE} BINDIR= ${LIBDIR} -SRCS= start.s boot.c subr_inflate.c lib.c crt.s sio.s +SRCS= start.S boot.c subr_inflate.c lib.c crt.S sio.S CFLAGS= -Os CFLAGS+=-DKZIP NO_SHARED= @@ -15,6 +15,6 @@ LDFLAGS+=-Wl,-r .PATH: ${SYSDIR}/kern BOOT_COMCONSOLE_PORT?= 0x3f8 -AFLAGS+=--defsym SIO_PRT=${BOOT_COMCONSOLE_PORT} +ACFLAGS+=-Wa,-defsym,SIO_PRT=${BOOT_COMCONSOLE_PORT} .include <bsd.prog.mk> diff --git a/stand/i386/kgzldr/crt.s b/stand/i386/kgzldr/crt.S index cfb479fd2d84..cfb479fd2d84 100644 --- a/stand/i386/kgzldr/crt.s +++ b/stand/i386/kgzldr/crt.S diff --git a/stand/i386/kgzldr/sio.s b/stand/i386/kgzldr/sio.S index ff174eb0b71b..ff174eb0b71b 100644 --- a/stand/i386/kgzldr/sio.s +++ b/stand/i386/kgzldr/sio.S diff --git a/stand/i386/kgzldr/start.s b/stand/i386/kgzldr/start.S index 550fa526d946..550fa526d946 100644 --- a/stand/i386/kgzldr/start.s +++ b/stand/i386/kgzldr/start.S diff --git a/stand/i386/libi386/Makefile b/stand/i386/libi386/Makefile index f92558edae3a..21f821f281d0 100644 --- a/stand/i386/libi386/Makefile +++ b/stand/i386/libi386/Makefile @@ -4,11 +4,11 @@ LIB= i386 -SRCS= biosacpi.c bioscd.c biosdisk.c biosmem.c biospnp.c \ +SRCS= biosacpi.c biosdisk.c biosmem.c biospnp.c \ biospci.c biossmap.c bootinfo.c bootinfo32.c bootinfo64.c \ comconsole.c devicename.c elf32_freebsd.c \ elf64_freebsd.c multiboot.c multiboot_tramp.S relocater_tramp.S \ - i386_copy.c i386_module.c nullconsole.c pxe.c pxetramp.s \ + i386_copy.c i386_module.c nullconsole.c pxe.c pxetramp.S \ smbios.c time.c vidconsole.c amd64_tramp.S spinconsole.c .PATH: ${ZFSSRC} SRCS+= devicename_stubs.c diff --git a/stand/i386/libi386/bioscd.c b/stand/i386/libi386/bioscd.c deleted file mode 100644 index b1ad44597263..000000000000 --- a/stand/i386/libi386/bioscd.c +++ /dev/null @@ -1,432 +0,0 @@ -/*- - * Copyright (c) 1998 Michael Smith <msmith@freebsd.org> - * Copyright (c) 2001 John H. Baldwin <jhb@FreeBSD.org> - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include <sys/cdefs.h> -__FBSDID("$FreeBSD$"); - -/* - * BIOS CD device handling for CD's that have been booted off of via no - * emulation booting as defined in the El Torito standard. - * - * Ideas and algorithms from: - * - * - FreeBSD libi386/biosdisk.c - * - */ - -#include <stand.h> - -#include <sys/param.h> -#include <machine/bootinfo.h> - -#include <stdarg.h> - -#include <bootstrap.h> -#include <btxv86.h> -#include <edd.h> -#include "libi386.h" - -#define BIOSCD_SECSIZE 2048 -#define BUFSIZE (1 * BIOSCD_SECSIZE) -#define MAXBCDEV 1 - -/* Major numbers for devices we frontend for. */ -#define ACDMAJOR 117 -#define CDMAJOR 15 - -#ifdef DISK_DEBUG -# define DEBUG(fmt, args...) printf("%s: " fmt "\n" , __func__ , ## args) -#else -# define DEBUG(fmt, args...) -#endif - -struct specification_packet { - u_char sp_size; - u_char sp_bootmedia; - u_char sp_drive; - u_char sp_controller; - u_int sp_lba; - u_short sp_devicespec; - u_short sp_buffersegment; - u_short sp_loadsegment; - u_short sp_sectorcount; - u_short sp_cylsec; - u_char sp_head; -}; - -/* - * List of BIOS devices, translation from disk unit number to - * BIOS unit number. - */ -static struct bcinfo { - int bc_unit; /* BIOS unit number */ - struct specification_packet bc_sp; - int bc_open; /* reference counter */ - void *bc_bcache; /* buffer cache data */ -} bcinfo [MAXBCDEV]; -static int nbcinfo = 0; - -#define BC(dev) (bcinfo[(dev)->dd.d_unit]) - -static int bc_read(int unit, daddr_t dblk, int blks, caddr_t dest); -static int bc_init(void); -static int bc_strategy(void *devdata, int flag, daddr_t dblk, - size_t size, char *buf, size_t *rsize); -static int bc_realstrategy(void *devdata, int flag, daddr_t dblk, - size_t size, char *buf, size_t *rsize); -static int bc_open(struct open_file *f, ...); -static int bc_close(struct open_file *f); -static int bc_print(int verbose); - -struct devsw bioscd = { - "cd", - DEVT_CD, - bc_init, - bc_strategy, - bc_open, - bc_close, - noioctl, - bc_print, - NULL -}; - -/* - * Translate between BIOS device numbers and our private unit numbers. - */ -int -bc_bios2unit(int biosdev) -{ - int i; - - DEBUG("looking for bios device 0x%x", biosdev); - for (i = 0; i < nbcinfo; i++) { - DEBUG("bc unit %d is BIOS device 0x%x", i, bcinfo[i].bc_unit); - if (bcinfo[i].bc_unit == biosdev) - return(i); - } - return(-1); -} - -int -bc_unit2bios(int unit) -{ - if ((unit >= 0) && (unit < nbcinfo)) - return(bcinfo[unit].bc_unit); - return(-1); -} - -/* - * We can't quiz, we have to be told what device to use, so this functoin - * doesn't do anything. Instead, the loader calls bc_add() with the BIOS - * device number to add. - */ -static int -bc_init(void) -{ - - return (0); -} - -int -bc_add(int biosdev) -{ - - if (nbcinfo >= MAXBCDEV) - return (-1); - bcinfo[nbcinfo].bc_unit = biosdev; - v86.ctl = V86_FLAGS; - v86.addr = 0x13; - v86.eax = 0x4b01; - v86.edx = biosdev; - v86.ds = VTOPSEG(&bcinfo[nbcinfo].bc_sp); - v86.esi = VTOPOFF(&bcinfo[nbcinfo].bc_sp); - v86int(); - if ((v86.eax & 0xff00) != 0) - return (-1); - - printf("BIOS CD is cd%d\n", nbcinfo); - nbcinfo++; - bcache_add_dev(nbcinfo); /* register cd device in bcache */ - return(0); -} - -/* - * Print information about disks - */ -static int -bc_print(int verbose) -{ - char line[80]; - int i, ret = 0; - - if (nbcinfo == 0) - return (0); - - printf("%s devices:", bioscd.dv_name); - if ((ret = pager_output("\n")) != 0) - return (ret); - - for (i = 0; i < nbcinfo; i++) { - snprintf(line, sizeof(line), " cd%d: Device 0x%x\n", i, - bcinfo[i].bc_sp.sp_devicespec); - if ((ret = pager_output(line)) != 0) - break; - } - return (ret); -} - -/* - * Attempt to open the disk described by (dev) for use by (f). - */ -static int -bc_open(struct open_file *f, ...) -{ - va_list ap; - struct i386_devdesc *dev; - - va_start(ap, f); - dev = va_arg(ap, struct i386_devdesc *); - va_end(ap); - if (dev->dd.d_unit >= nbcinfo) { - DEBUG("attempt to open nonexistent disk"); - return(ENXIO); - } - - BC(dev).bc_open++; - if (BC(dev).bc_bcache == NULL) - BC(dev).bc_bcache = bcache_allocate(); - return(0); -} - -static int -bc_close(struct open_file *f) -{ - struct i386_devdesc *dev; - - dev = (struct i386_devdesc *)f->f_devdata; - BC(dev).bc_open--; - if (BC(dev).bc_open == 0) { - bcache_free(BC(dev).bc_bcache); - BC(dev).bc_bcache = NULL; - } - return(0); -} - -static int -bc_strategy(void *devdata, int rw, daddr_t dblk, size_t size, - char *buf, size_t *rsize) -{ - struct bcache_devdata bcd; - struct i386_devdesc *dev; - - dev = (struct i386_devdesc *)devdata; - bcd.dv_strategy = bc_realstrategy; - bcd.dv_devdata = devdata; - bcd.dv_cache = BC(dev).bc_bcache; - - return (bcache_strategy(&bcd, rw, dblk, size, buf, rsize)); -} - -static int -bc_realstrategy(void *devdata, int rw, daddr_t dblk, size_t size, - char *buf, size_t *rsize) -{ - struct i386_devdesc *dev; - int unit; - int blks; - - if (size % BIOSCD_SECSIZE) - return (EINVAL); - - if ((rw & F_MASK) != F_READ) - return(EROFS); - dev = (struct i386_devdesc *)devdata; - unit = dev->dd.d_unit; - blks = size / BIOSCD_SECSIZE; - if (dblk % (BIOSCD_SECSIZE / DEV_BSIZE) != 0) - return (EINVAL); - dblk /= (BIOSCD_SECSIZE / DEV_BSIZE); - DEBUG("read %d from %lld to %p", blks, dblk, buf); - - if (rsize) - *rsize = 0; - if ((blks = bc_read(unit, dblk, blks, buf)) < 0) { - DEBUG("read error"); - return (EIO); - } else { - if (size / BIOSCD_SECSIZE > blks) { - if (rsize) - *rsize = blks * BIOSCD_SECSIZE; - return (0); - } - } - if (rsize) - *rsize = size; - return (0); -} - -/* return negative value for an error, otherwise blocks read */ -static int -bc_read(int unit, daddr_t dblk, int blks, caddr_t dest) -{ - u_int maxfer, resid, result, retry, x; - caddr_t bbuf, p, xp; - static struct edd_packet packet; - int biosdev; -#ifdef DISK_DEBUG - int error; -#endif - - /* Just in case some idiot actually tries to read -1 blocks... */ - if (blks < 0) - return (-1); - - /* If nothing to do, just return succcess. */ - if (blks == 0) - return (0); - - /* Decide whether we have to bounce */ - if (VTOP(dest) >> 20 != 0) { - /* - * The destination buffer is above first 1MB of - * physical memory so we have to arrange a suitable - * bounce buffer. - */ - x = V86_IO_BUFFER_SIZE / BIOSCD_SECSIZE; - x = min(x, (unsigned)blks); - bbuf = PTOV(V86_IO_BUFFER); - maxfer = x; - } else { - bbuf = NULL; - maxfer = 0; - } - - biosdev = bc_unit2bios(unit); - resid = blks; - p = dest; - - while (resid > 0) { - if (bbuf) - xp = bbuf; - else - xp = p; - x = resid; - if (maxfer > 0) - x = min(x, maxfer); - - /* - * Loop retrying the operation a couple of times. The BIOS - * may also retry. - */ - for (retry = 0; retry < 3; retry++) { - /* If retrying, reset the drive */ - if (retry > 0) { - v86.ctl = V86_FLAGS; - v86.addr = 0x13; - v86.eax = 0; - v86.edx = biosdev; - v86int(); - } - - packet.len = sizeof(struct edd_packet); - packet.count = x; - packet.off = VTOPOFF(xp); - packet.seg = VTOPSEG(xp); - packet.lba = dblk; - v86.ctl = V86_FLAGS; - v86.addr = 0x13; - v86.eax = 0x4200; - v86.edx = biosdev; - v86.ds = VTOPSEG(&packet); - v86.esi = VTOPOFF(&packet); - v86int(); - result = V86_CY(v86.efl); - if (result == 0) - break; - /* fall back to 1 sector read */ - x = 1; - } - -#ifdef DISK_DEBUG - error = (v86.eax >> 8) & 0xff; -#endif - DEBUG("%d sectors from %lld to %p (0x%x) %s", x, dblk, p, - VTOP(p), result ? "failed" : "ok"); - DEBUG("unit %d status 0x%x", unit, error); - - /* still an error? break off */ - if (result != 0) - break; - - if (bbuf != NULL) - bcopy(bbuf, p, x * BIOSCD_SECSIZE); - p += (x * BIOSCD_SECSIZE); - dblk += x; - resid -= x; - } - -/* hexdump(dest, (blks * BIOSCD_SECSIZE)); */ - - if (blks - resid == 0) - return (-1); /* read failed */ - - return (blks - resid); -} - -/* - * Return a suitable dev_t value for (dev). - */ -int -bc_getdev(struct i386_devdesc *dev) -{ - int biosdev, unit; - int major; - int rootdev; - - unit = dev->dd.d_unit; - biosdev = bc_unit2bios(unit); - DEBUG("unit %d BIOS device %d", unit, biosdev); - if (biosdev == -1) /* not a BIOS device */ - return(-1); - - /* - * XXX: Need to examine device spec here to figure out if SCSI or - * ATAPI. No idea on how to figure out device number. All we can - * really pass to the kernel is what bus and device on which bus we - * were booted from, which dev_t isn't well suited to since those - * number don't match to unit numbers very well. We may just need - * to engage in a hack where we pass -C to the boot args if we are - * the boot device. - */ - major = ACDMAJOR; - unit = 0; /* XXX */ - - /* XXX: Assume partition 'a'. */ - rootdev = MAKEBOOTDEV(major, 0, unit, 0); - DEBUG("dev is 0x%x\n", rootdev); - return(rootdev); -} diff --git a/stand/i386/libi386/biosdisk.c b/stand/i386/libi386/biosdisk.c index ef2e3fb56e39..3deba27e9faa 100644 --- a/stand/i386/libi386/biosdisk.c +++ b/stand/i386/libi386/biosdisk.c @@ -40,9 +40,11 @@ __FBSDID("$FreeBSD$"); #include <sys/disk.h> #include <sys/limits.h> +#include <sys/queue.h> #include <stand.h> #include <machine/bootinfo.h> #include <stdarg.h> +#include <stdbool.h> #include <bootstrap.h> #include <btxv86.h> @@ -59,6 +61,8 @@ __FBSDID("$FreeBSD$"); #define WFDMAJOR 1 #define FDMAJOR 2 #define DAMAJOR 4 +#define ACDMAJOR 117 +#define CDMAJOR 15 #ifdef DISK_DEBUG #define DEBUG(fmt, args...) printf("%s: " fmt "\n", __func__, ## args) @@ -66,12 +70,27 @@ __FBSDID("$FreeBSD$"); #define DEBUG(fmt, args...) #endif +struct specification_packet { + uint8_t sp_size; + uint8_t sp_bootmedia; + uint8_t sp_drive; + uint8_t sp_controller; + uint32_t sp_lba; + uint16_t sp_devicespec; + uint16_t sp_buffersegment; + uint16_t sp_loadsegment; + uint16_t sp_sectorcount; + uint16_t sp_cylsec; + uint8_t sp_head; +}; + /* * List of BIOS devices, translation from disk unit number to * BIOS unit number. */ -static struct bdinfo +typedef struct bdinfo { + STAILQ_ENTRY(bdinfo) bd_link; /* link in device list */ int bd_unit; /* BIOS unit number */ int bd_cyl; /* BIOS geometry */ int bd_hds; @@ -83,25 +102,30 @@ static struct bdinfo #define BD_MODEEDD (BD_MODEEDD1 | BD_MODEEDD3) #define BD_MODEMASK 0x0003 #define BD_FLOPPY 0x0004 -#define BD_NO_MEDIA 0x0008 +#define BD_CDROM 0x0008 +#define BD_NO_MEDIA 0x0010 int bd_type; /* BIOS 'drive type' (floppy only) */ uint16_t bd_sectorsize; /* Sector size */ uint64_t bd_sectors; /* Disk size */ int bd_open; /* reference counter */ void *bd_bcache; /* buffer cache data */ -} bdinfo [MAXBDDEV]; -static int nbdinfo = 0; +} bdinfo_t; -#define BD(dev) (bdinfo[(dev)->dd.d_unit]) #define BD_RD 0 #define BD_WR 1 -static void bd_io_workaround(struct disk_devdesc *dev); +typedef STAILQ_HEAD(bdinfo_list, bdinfo) bdinfo_list_t; +static bdinfo_list_t fdinfo = STAILQ_HEAD_INITIALIZER(fdinfo); +static bdinfo_list_t cdinfo = STAILQ_HEAD_INITIALIZER(cdinfo); +static bdinfo_list_t hdinfo = STAILQ_HEAD_INITIALIZER(hdinfo); -static int bd_io(struct disk_devdesc *, daddr_t, int, caddr_t, int); -static int bd_int13probe(struct bdinfo *bd); +static void bd_io_workaround(bdinfo_t *); +static int bd_io(struct disk_devdesc *, bdinfo_t *, daddr_t, int, caddr_t, int); +static bool bd_int13probe(bdinfo_t *); static int bd_init(void); +static int cd_init(void); +static int fd_init(void); static int bd_strategy(void *devdata, int flag, daddr_t dblk, size_t size, char *buf, size_t *rsize); static int bd_realstrategy(void *devdata, int flag, daddr_t dblk, size_t size, @@ -110,42 +134,120 @@ static int bd_open(struct open_file *f, ...); static int bd_close(struct open_file *f); static int bd_ioctl(struct open_file *f, u_long cmd, void *data); static int bd_print(int verbose); +static int cd_print(int verbose); +static int fd_print(int verbose); + +struct devsw biosfd = { + .dv_name = "fd", + .dv_type = DEVT_FD, + .dv_init = fd_init, + .dv_strategy = bd_strategy, + .dv_open = bd_open, + .dv_close = bd_close, + .dv_ioctl = bd_ioctl, + .dv_print = fd_print, + .dv_cleanup = NULL +}; + +struct devsw bioscd = { + .dv_name = "cd", + .dv_type = DEVT_CD, + .dv_init = cd_init, + .dv_strategy = bd_strategy, + .dv_open = bd_open, + .dv_close = bd_close, + .dv_ioctl = bd_ioctl, + .dv_print = cd_print, + .dv_cleanup = NULL +}; -struct devsw biosdisk = { - "disk", - DEVT_DISK, - bd_init, - bd_strategy, - bd_open, - bd_close, - bd_ioctl, - bd_print, - NULL +struct devsw bioshd = { + .dv_name = "disk", + .dv_type = DEVT_DISK, + .dv_init = bd_init, + .dv_strategy = bd_strategy, + .dv_open = bd_open, + .dv_close = bd_close, + .dv_ioctl = bd_ioctl, + .dv_print = bd_print, + .dv_cleanup = NULL }; +static bdinfo_list_t * +bd_get_bdinfo_list(struct devsw *dev) +{ + if (dev->dv_type == DEVT_DISK) + return (&hdinfo); + if (dev->dv_type == DEVT_CD) + return (&cdinfo); + if (dev->dv_type == DEVT_FD) + return (&fdinfo); + return (NULL); +} + +/* XXX this gets called way way too often, investigate */ +static bdinfo_t * +bd_get_bdinfo(struct devdesc *dev) +{ + bdinfo_list_t *bdi; + bdinfo_t *bd = NULL; + int unit; + + bdi = bd_get_bdinfo_list(dev->d_dev); + if (bdi == NULL) + return (bd); + + unit = 0; + STAILQ_FOREACH(bd, bdi, bd_link) { + if (unit == dev->d_unit) + return (bd); + unit++; + } + return (bd); +} + /* * Translate between BIOS device numbers and our private unit numbers. */ int bd_bios2unit(int biosdev) { - int i; + bdinfo_list_t *bdi[] = { &fdinfo, &cdinfo, &hdinfo, NULL }; + bdinfo_t *bd; + int i, unit; DEBUG("looking for bios device 0x%x", biosdev); - for (i = 0; i < nbdinfo; i++) { - DEBUG("bd unit %d is BIOS device 0x%x", i, bdinfo[i].bd_unit); - if (bdinfo[i].bd_unit == biosdev) - return (i); + for (i = 0; bdi[i] != NULL; i++) { + unit = 0; + STAILQ_FOREACH(bd, bdi[i], bd_link) { + if (bd->bd_unit == biosdev) { + DEBUG("bd unit %d is BIOS device 0x%x", unit, + bd->bd_unit); + return (unit); + } + unit++; + } } return (-1); } int -bd_unit2bios(int unit) +bd_unit2bios(struct i386_devdesc *dev) { + bdinfo_list_t *bdi; + bdinfo_t *bd; + int unit; + + bdi = bd_get_bdinfo_list(dev->dd.d_dev); + if (bdi == NULL) + return (-1); - if ((unit >= 0) && (unit < nbdinfo)) - return (bdinfo[unit].bd_unit); + unit = 0; + STAILQ_FOREACH(bd, bdi, bd_link) { + if (unit == dev->dd.d_unit) + return (bd->bd_unit); + unit++; + } return (-1); } @@ -153,42 +255,128 @@ bd_unit2bios(int unit) * Quiz the BIOS for disk devices, save a little info about them. */ static int -bd_init(void) +fd_init(void) { - int base, unit, nfd = 0; + int unit; + bdinfo_t *bd; - /* sequence 0, 0x80 */ - for (base = 0; base <= 0x80; base += 0x80) { - for (unit = base; (nbdinfo < MAXBDDEV); unit++) { -#ifndef VIRTUALBOX - /* - * Check the BIOS equipment list for number - * of fixed disks. - */ - if (base == 0x80 && - (nfd >= *(unsigned char *)PTOV(BIOS_NUMDRIVES))) - break; -#endif - bdinfo[nbdinfo].bd_open = 0; - bdinfo[nbdinfo].bd_bcache = NULL; - bdinfo[nbdinfo].bd_unit = unit; - bdinfo[nbdinfo].bd_flags = unit < 0x80 ? BD_FLOPPY: 0; - if (!bd_int13probe(&bdinfo[nbdinfo])) - break; + for (unit = 0; unit < MAXBDDEV; unit++) { + if ((bd = calloc(1, sizeof(*bd))) == NULL) + break; + bd->bd_flags = BD_FLOPPY; + bd->bd_unit = unit; + if (!bd_int13probe(bd)) { + free(bd); + break; + } + if (bd->bd_sectors == 0) + bd->bd_flags |= BD_NO_MEDIA; + + printf("BIOS drive %c: is %s%d\n", ('A' + unit), + biosfd.dv_name, unit); + + STAILQ_INSERT_TAIL(&fdinfo, bd, bd_link); + } + + bcache_add_dev(unit); + return (0); +} - /* XXX we need "disk aliases" to make this simpler */ - printf("BIOS drive %c: is disk%d\n", (unit < 0x80) ? - ('A' + unit): ('C' + unit - 0x80), nbdinfo); - nbdinfo++; - if (base == 0x80) - nfd++; +static int +bd_init(void) +{ + int base, unit; + bdinfo_t *bd; + + base = 0x80; + for (unit = 0; unit < *(unsigned char *)PTOV(BIOS_NUMDRIVES); unit++) { + /* + * Check the BIOS equipment list for number of fixed disks. + */ + if ((bd = calloc(1, sizeof(*bd))) == NULL) + break; + bd->bd_unit = base + unit; + if (!bd_int13probe(bd)) { + free(bd); + break; } + + printf("BIOS drive %c: is %s%d\n", ('C' + unit), + bioshd.dv_name, unit); + + STAILQ_INSERT_TAIL(&hdinfo, bd, bd_link); } - bcache_add_dev(nbdinfo); + bcache_add_dev(unit); return (0); } /* + * We can't quiz, we have to be told what device to use, so this function + * doesn't do anything. Instead, the loader calls bc_add() with the BIOS + * device number to add. + */ +static int +cd_init(void) +{ + + return (0); +} + +int +bc_add(int biosdev) +{ + bdinfo_t *bd; + struct specification_packet bc_sp; + int nbcinfo = 0; + + if (!STAILQ_EMPTY(&cdinfo)) + return (-1); + + v86.ctl = V86_FLAGS; + v86.addr = 0x13; + v86.eax = 0x4b01; + v86.edx = biosdev; + v86.ds = VTOPSEG(&bc_sp); + v86.esi = VTOPOFF(&bc_sp); + v86int(); + if ((v86.eax & 0xff00) != 0) + return (-1); + + if ((bd = calloc(1, sizeof(*bd))) == NULL) + return (-1); + + bd->bd_flags = BD_CDROM; + bd->bd_unit = biosdev; + + /* + * Ignore result from bd_int13probe(), we will use local + * workaround below. + */ + (void)bd_int13probe(bd); + + if (bd->bd_cyl == 0) { + bd->bd_cyl = ((bc_sp.sp_cylsec & 0xc0) << 2) + + ((bc_sp.sp_cylsec & 0xff00) >> 8) + 1; + } + if (bd->bd_hds == 0) + bd->bd_hds = bc_sp.sp_head + 1; + if (bd->bd_sec == 0) + bd->bd_sec = bc_sp.sp_cylsec & 0x3f; + if (bd->bd_sectors == 0) + bd->bd_sectors = (uint64_t)bd->bd_cyl * bd->bd_hds * bd->bd_sec; + + /* Still no size? use 7.961GB */ + if (bd->bd_sectors == 0) + bd->bd_sectors = 4173824; + + STAILQ_INSERT_TAIL(&cdinfo, bd, bd_link); + printf("BIOS CD is cd%d\n", nbcinfo); + nbcinfo++; + bcache_add_dev(nbcinfo); /* register cd device in bcache */ + return(0); +} + +/* * Return EDD version or 0 if EDD is not supported on this drive. */ static int @@ -306,11 +494,10 @@ bd_get_diskinfo_ext(struct bdinfo *bd) /* * Try to detect a device supported by the legacy int13 BIOS */ -static int -bd_int13probe(struct bdinfo *bd) +static bool +bd_int13probe(bdinfo_t *bd) { - int edd; - int ret; + int edd, ret; bd->bd_flags &= ~BD_NO_MEDIA; @@ -340,7 +527,7 @@ bd_int13probe(struct bdinfo *bd) v86.edx = bd->bd_unit; v86int(); if (V86_CY(v86.efl) || (v86.eax & 0x300) == 0) - return (0); + return (false); } ret = 1; @@ -354,7 +541,6 @@ bd_int13probe(struct bdinfo *bd) bd->bd_cyl = 80; bd->bd_hds = 2; bd->bd_sec = 18; - bd->bd_type = 4; bd->bd_sectors = 2880; /* Since we are there, there most likely is no media */ bd->bd_flags |= BD_NO_MEDIA; @@ -362,6 +548,10 @@ bd_int13probe(struct bdinfo *bd) } if (ret != 0) { + /* CD is special case, bc_add() has its own fallback. */ + if ((bd->bd_flags & BD_CDROM) != 0) + return (true); + if (bd->bd_sectors != 0 && edd != 0) { bd->bd_sec = 63; bd->bd_hds = 255; @@ -369,9 +559,18 @@ bd_int13probe(struct bdinfo *bd) (bd->bd_sectors + bd->bd_sec * bd->bd_hds - 1) / bd->bd_sec * bd->bd_hds; } else { + const char *dv_name; + + if ((bd->bd_flags & BD_FLOPPY) != 0) + dv_name = biosfd.dv_name; + else if ((bd->bd_flags & BD_CDROM) != 0) + dv_name = bioscd.dv_name; + else + dv_name = bioshd.dv_name; + printf("Can not get information about %s unit %#x\n", - biosdisk.dv_name, bd->bd_unit); - return (0); + dv_name, bd->bd_unit); + return (false); } } @@ -383,54 +582,86 @@ bd_int13probe(struct bdinfo *bd) if (bd->bd_sectors == 0) bd->bd_sectors = (uint64_t)bd->bd_cyl * bd->bd_hds * bd->bd_sec; - DEBUG("unit 0x%x geometry %d/%d/%d", bd->bd_unit, bd->bd_cyl, + DEBUG("unit 0x%x geometry %d/%d/%d\n", bd->bd_unit, bd->bd_cyl, bd->bd_hds, bd->bd_sec); - return (1); + return (true); +} + +static int +bd_count(bdinfo_list_t *bdi) +{ + bdinfo_t *bd; + int i; + + i = 0; + STAILQ_FOREACH(bd, bdi, bd_link) + i++; + return (i); } /* * Print information about disks */ static int -bd_print(int verbose) +bd_print_common(struct devsw *dev, bdinfo_list_t *bdi, int verbose) { - static char line[80]; - struct disk_devdesc dev; + char line[80]; + struct disk_devdesc devd; + bdinfo_t *bd; int i, ret = 0; + char drive; - if (nbdinfo == 0) + if (STAILQ_EMPTY(bdi)) return (0); - printf("%s devices:", biosdisk.dv_name); + printf("%s devices:", dev->dv_name); if ((ret = pager_output("\n")) != 0) return (ret); - for (i = 0; i < nbdinfo; i++) { + i = -1; + STAILQ_FOREACH(bd, bdi, bd_link) { + i++; + + switch (dev->dv_type) { + case DEVT_FD: + drive = 'A'; + break; + case DEVT_CD: + drive = 'C' + bd_count(&hdinfo); + break; + default: + drive = 'C'; + break; + } + snprintf(line, sizeof(line), - " disk%d: BIOS drive %c (%s%ju X %u):\n", i, - (bdinfo[i].bd_unit < 0x80) ? ('A' + bdinfo[i].bd_unit): - ('C' + bdinfo[i].bd_unit - 0x80), - (bdinfo[i].bd_flags & BD_NO_MEDIA) == BD_NO_MEDIA ? + " %s%d: BIOS drive %c (%s%ju X %u):\n", + dev->dv_name, i, drive + i, + (bd->bd_flags & BD_NO_MEDIA) == BD_NO_MEDIA ? "no media, " : "", - (uintmax_t)bdinfo[i].bd_sectors, - bdinfo[i].bd_sectorsize); + (uintmax_t)bd->bd_sectors, + bd->bd_sectorsize); if ((ret = pager_output(line)) != 0) break; - if ((bdinfo[i].bd_flags & BD_NO_MEDIA) == BD_NO_MEDIA) + if ((bd->bd_flags & BD_NO_MEDIA) == BD_NO_MEDIA) continue; - dev.dd.d_dev = &biosdisk; - dev.dd.d_unit = i; - dev.d_slice = -1; - dev.d_partition = -1; - if (disk_open(&dev, - bdinfo[i].bd_sectorsize * bdinfo[i].bd_sectors, - bdinfo[i].bd_sectorsize) == 0) { - snprintf(line, sizeof(line), " disk%d", i); - ret = disk_print(&dev, line, verbose); - disk_close(&dev); + if (dev->dv_type != DEVT_DISK) + continue; + + devd.dd.d_dev = dev; + devd.dd.d_unit = i; + devd.d_slice = -1; + devd.d_partition = -1; + if (disk_open(&devd, + bd->bd_sectorsize * bd->bd_sectors, + bd->bd_sectorsize) == 0) { + snprintf(line, sizeof(line), " %s%d", + dev->dv_name, i); + ret = disk_print(&devd, line, verbose); + disk_close(&devd); if (ret != 0) break; } @@ -438,6 +669,24 @@ bd_print(int verbose) return (ret); } +static int +fd_print(int verbose) +{ + return (bd_print_common(&biosfd, &fdinfo, verbose)); +} + +static int +bd_print(int verbose) +{ + return (bd_print_common(&bioshd, &hdinfo, verbose)); +} + +static int +cd_print(int verbose) +{ + return (bd_print_common(&bioscd, &cdinfo, verbose)); +} + /* * Read disk size from partition. * This is needed to work around buggy BIOS systems returning @@ -448,21 +697,26 @@ bd_print(int verbose) static uint64_t bd_disk_get_sectors(struct disk_devdesc *dev) { + bdinfo_t *bd; struct disk_devdesc disk; uint64_t size; + bd = bd_get_bdinfo(&dev->dd); + if (bd == NULL) + return (0); + disk.dd.d_dev = dev->dd.d_dev; disk.dd.d_unit = dev->dd.d_unit; disk.d_slice = -1; disk.d_partition = -1; disk.d_offset = 0; - size = BD(dev).bd_sectors * BD(dev).bd_sectorsize; - if (disk_open(&disk, size, BD(dev).bd_sectorsize) == 0) { + size = bd->bd_sectors * bd->bd_sectorsize; + if (disk_open(&disk, size, bd->bd_sectorsize) == 0) { (void) disk_ioctl(&disk, DIOCGMEDIASIZE, &size); disk_close(&disk); } - return (size / BD(dev).bd_sectorsize); + return (size / bd->bd_sectorsize); } /* @@ -478,6 +732,7 @@ bd_disk_get_sectors(struct disk_devdesc *dev) static int bd_open(struct open_file *f, ...) { + bdinfo_t *bd; struct disk_devdesc *dev; va_list ap; int rc; @@ -486,29 +741,33 @@ bd_open(struct open_file *f, ...) dev = va_arg(ap, struct disk_devdesc *); va_end(ap); - if (dev->dd.d_unit < 0 || dev->dd.d_unit >= nbdinfo) + bd = bd_get_bdinfo(&dev->dd); + if (bd == NULL) return (EIO); - if ((BD(dev).bd_flags & BD_NO_MEDIA) == BD_NO_MEDIA) { - if (!bd_int13probe(&BD(dev))) + if ((bd->bd_flags & BD_NO_MEDIA) == BD_NO_MEDIA) { + if (!bd_int13probe(bd)) return (EIO); - if ((BD(dev).bd_flags & BD_NO_MEDIA) == BD_NO_MEDIA) + if ((bd->bd_flags & BD_NO_MEDIA) == BD_NO_MEDIA) return (EIO); } - if (BD(dev).bd_bcache == NULL) - BD(dev).bd_bcache = bcache_allocate(); - - if (BD(dev).bd_open == 0) - BD(dev).bd_sectors = bd_disk_get_sectors(dev); - BD(dev).bd_open++; - - rc = disk_open(dev, BD(dev).bd_sectors * BD(dev).bd_sectorsize, - BD(dev).bd_sectorsize); - if (rc != 0) { - BD(dev).bd_open--; - if (BD(dev).bd_open == 0) { - bcache_free(BD(dev).bd_bcache); - BD(dev).bd_bcache = NULL; + if (bd->bd_bcache == NULL) + bd->bd_bcache = bcache_allocate(); + + if (bd->bd_open == 0) + bd->bd_sectors = bd_disk_get_sectors(dev); + bd->bd_open++; + + rc = 0; + if (dev->dd.d_dev->dv_type == DEVT_DISK) { + rc = disk_open(dev, bd->bd_sectors * bd->bd_sectorsize, + bd->bd_sectorsize); + if (rc != 0) { + bd->bd_open--; + if (bd->bd_open == 0) { + bcache_free(bd->bd_bcache); + bd->bd_bcache = NULL; + } } } return (rc); @@ -518,34 +777,48 @@ static int bd_close(struct open_file *f) { struct disk_devdesc *dev; + bdinfo_t *bd; + int rc = 0; dev = (struct disk_devdesc *)f->f_devdata; - BD(dev).bd_open--; - if (BD(dev).bd_open == 0) { - bcache_free(BD(dev).bd_bcache); - BD(dev).bd_bcache = NULL; + bd = bd_get_bdinfo(&dev->dd); + if (bd == NULL) + return (EIO); + + bd->bd_open--; + if (bd->bd_open == 0) { + bcache_free(bd->bd_bcache); + bd->bd_bcache = NULL; } - return (disk_close(dev)); + if (dev->dd.d_dev->dv_type == DEVT_DISK) + rc = disk_close(dev); + return (rc); } static int bd_ioctl(struct open_file *f, u_long cmd, void *data) { + bdinfo_t *bd; struct disk_devdesc *dev; int rc; dev = (struct disk_devdesc *)f->f_devdata; + bd = bd_get_bdinfo(&dev->dd); + if (bd == NULL) + return (EIO); - rc = disk_ioctl(dev, cmd, data); - if (rc != ENOTTY) - return (rc); + if (dev->dd.d_dev->dv_type == DEVT_DISK) { + rc = disk_ioctl(dev, cmd, data); + if (rc != ENOTTY) + return (rc); + } switch (cmd) { case DIOCGSECTORSIZE: - *(uint32_t *)data = BD(dev).bd_sectorsize; + *(uint32_t *)data = bd->bd_sectorsize; break; case DIOCGMEDIASIZE: - *(uint64_t *)data = BD(dev).bd_sectors * BD(dev).bd_sectorsize; + *(uint64_t *)data = bd->bd_sectors * bd->bd_sectorsize; break; default: return (ENOTTY); @@ -557,14 +830,27 @@ static int bd_strategy(void *devdata, int rw, daddr_t dblk, size_t size, char *buf, size_t *rsize) { + bdinfo_t *bd; struct bcache_devdata bcd; struct disk_devdesc *dev; + daddr_t offset; dev = (struct disk_devdesc *)devdata; + bd = bd_get_bdinfo(&dev->dd); + if (bd == NULL) + return (EINVAL); + bcd.dv_strategy = bd_realstrategy; bcd.dv_devdata = devdata; - bcd.dv_cache = BD(dev).bd_bcache; - return (bcache_strategy(&bcd, rw, dblk + dev->d_offset, size, + bcd.dv_cache = bd->bd_bcache; + + offset = 0; + if (dev->dd.d_dev->dv_type == DEVT_DISK) { + + offset = dev->d_offset * bd->bd_sectorsize; + offset /= BIOSDISK_SECSIZE; + } + return (bcache_strategy(&bcd, rw, dblk + offset, size, buf, rsize)); } @@ -573,12 +859,14 @@ bd_realstrategy(void *devdata, int rw, daddr_t dblk, size_t size, char *buf, size_t *rsize) { struct disk_devdesc *dev = (struct disk_devdesc *)devdata; - uint64_t disk_blocks, offset; + bdinfo_t *bd; + uint64_t disk_blocks, offset, d_offset; size_t blks, blkoff, bsize, rest; caddr_t bbuf; int rc; - if ((BD(dev).bd_flags & BD_NO_MEDIA) == BD_NO_MEDIA) + bd = bd_get_bdinfo(&dev->dd); + if (bd == NULL || (bd->bd_flags & BD_NO_MEDIA) == BD_NO_MEDIA) return (EIO); /* @@ -596,8 +884,8 @@ bd_realstrategy(void *devdata, int rw, daddr_t dblk, size_t size, DEBUG("open_disk %p", dev); offset = dblk * BIOSDISK_SECSIZE; - dblk = offset / BD(dev).bd_sectorsize; - blkoff = offset % BD(dev).bd_sectorsize; + dblk = offset / bd->bd_sectorsize; + blkoff = offset % bd->bd_sectorsize; /* * Check the value of the size argument. We do have quite small @@ -610,8 +898,8 @@ bd_realstrategy(void *devdata, int rw, daddr_t dblk, size_t size, return (EIO); } - blks = size / BD(dev).bd_sectorsize; - if (blks == 0 || (size % BD(dev).bd_sectorsize) != 0) + blks = size / bd->bd_sectorsize; + if (blks == 0 || (size % bd->bd_sectorsize) != 0) blks++; if (dblk > dblk + blks) @@ -624,44 +912,48 @@ bd_realstrategy(void *devdata, int rw, daddr_t dblk, size_t size, * Get disk blocks, this value is either for whole disk or for * partition. */ - if (disk_ioctl(dev, DIOCGMEDIASIZE, &disk_blocks) == 0) { - /* DIOCGMEDIASIZE does return bytes. */ - disk_blocks /= BD(dev).bd_sectorsize; - } else { - /* We should not get here. Just try to survive. */ - disk_blocks = BD(dev).bd_sectors - dev->d_offset; + d_offset = 0; + disk_blocks = 0; + if (dev->dd.d_dev->dv_type == DEVT_DISK) { + if (disk_ioctl(dev, DIOCGMEDIASIZE, &disk_blocks) == 0) { + /* DIOCGMEDIASIZE does return bytes. */ + disk_blocks /= bd->bd_sectorsize; + } + d_offset = dev->d_offset; } + if (disk_blocks == 0) + disk_blocks = bd->bd_sectors - d_offset; /* Validate source block address. */ - if (dblk < dev->d_offset || dblk >= dev->d_offset + disk_blocks) + if (dblk < d_offset || dblk >= d_offset + disk_blocks) return (EIO); /* * Truncate if we are crossing disk or partition end. */ - if (dblk + blks >= dev->d_offset + disk_blocks) { - blks = dev->d_offset + disk_blocks - dblk; - size = blks * BD(dev).bd_sectorsize; + if (dblk + blks >= d_offset + disk_blocks) { + blks = d_offset + disk_blocks - dblk; + size = blks * bd->bd_sectorsize; DEBUG("short I/O %d", blks); } - if (V86_IO_BUFFER_SIZE / BD(dev).bd_sectorsize == 0) - panic("BUG: Real mode buffer is too small\n"); + if (V86_IO_BUFFER_SIZE / bd->bd_sectorsize == 0) + panic("BUG: Real mode buffer is too small"); bbuf = PTOV(V86_IO_BUFFER); rest = size; while (blks > 0) { - int x = min(blks, V86_IO_BUFFER_SIZE / BD(dev).bd_sectorsize); + int x = min(blks, V86_IO_BUFFER_SIZE / bd->bd_sectorsize); switch (rw & F_MASK) { case F_READ: DEBUG("read %d from %lld to %p", x, dblk, buf); - bsize = BD(dev).bd_sectorsize * x - blkoff; + bsize = bd->bd_sectorsize * x - blkoff; if (rest < bsize) bsize = rest; - if ((rc = bd_io(dev, dblk, x, bbuf, BD_RD)) != 0) + if ((rc = bd_io(dev, bd, dblk, x, bbuf, BD_RD)) != 0) return (EIO); bcopy(bbuf + blkoff, buf, bsize); @@ -674,27 +966,27 @@ bd_realstrategy(void *devdata, int rw, daddr_t dblk, size_t size, * bbuf. */ x = 1; - bsize = BD(dev).bd_sectorsize - blkoff; + bsize = bd->bd_sectorsize - blkoff; bsize = min(bsize, rest); - rc = bd_io(dev, dblk, x, bbuf, BD_RD); - } else if (rest < BD(dev).bd_sectorsize) { + rc = bd_io(dev, bd, dblk, x, bbuf, BD_RD); + } else if (rest < bd->bd_sectorsize) { /* * The remaining block is not full * sector. Read 1 sector to bbuf. */ x = 1; bsize = rest; - rc = bd_io(dev, dblk, x, bbuf, BD_RD); + rc = bd_io(dev, bd, dblk, x, bbuf, BD_RD); } else { /* We can write full sector(s). */ - bsize = BD(dev).bd_sectorsize * x; + bsize = bd->bd_sectorsize * x; } /* * Put your Data In, Put your Data out, * Put your Data In, and shake it all about */ bcopy(buf, bbuf + blkoff, bsize); - if ((rc = bd_io(dev, dblk, x, bbuf, BD_WR)) != 0) + if ((rc = bd_io(dev, bd, dblk, x, bbuf, BD_WR)) != 0) return (EIO); break; @@ -716,7 +1008,7 @@ bd_realstrategy(void *devdata, int rw, daddr_t dblk, size_t size, } static int -bd_edd_io(struct disk_devdesc *dev, daddr_t dblk, int blks, caddr_t dest, +bd_edd_io(bdinfo_t *bd, daddr_t dblk, int blks, caddr_t dest, int dowrite) { static struct edd_packet packet; @@ -733,7 +1025,7 @@ bd_edd_io(struct disk_devdesc *dev, daddr_t dblk, int blks, caddr_t dest, v86.eax = 0x4300; else v86.eax = 0x4200; - v86.edx = BD(dev).bd_unit; + v86.edx = bd->bd_unit; v86.ds = VTOPSEG(&packet); v86.esi = VTOPOFF(&packet); v86int(); @@ -743,17 +1035,17 @@ bd_edd_io(struct disk_devdesc *dev, daddr_t dblk, int blks, caddr_t dest, } static int -bd_chs_io(struct disk_devdesc *dev, daddr_t dblk, int blks, caddr_t dest, +bd_chs_io(bdinfo_t *bd, daddr_t dblk, int blks, caddr_t dest, int dowrite) { uint32_t x, bpc, cyl, hd, sec; - bpc = BD(dev).bd_sec * BD(dev).bd_hds; /* blocks per cylinder */ + bpc = bd->bd_sec * bd->bd_hds; /* blocks per cylinder */ x = dblk; cyl = x / bpc; /* block # / blocks per cylinder */ x %= bpc; /* block offset into cylinder */ - hd = x / BD(dev).bd_sec; /* offset / blocks per track */ - sec = x % BD(dev).bd_sec; /* offset into track */ + hd = x / bd->bd_sec; /* offset / blocks per track */ + sec = x % bd->bd_sec; /* offset into track */ /* correct sector number for 1-based BIOS numbering */ sec++; @@ -770,7 +1062,7 @@ bd_chs_io(struct disk_devdesc *dev, daddr_t dblk, int blks, caddr_t dest, else v86.eax = 0x200 | blks; v86.ecx = ((cyl & 0xff) << 8) | ((cyl & 0x300) >> 2) | sec; - v86.edx = (hd << 8) | BD(dev).bd_unit; + v86.edx = (hd << 8) | bd->bd_unit; v86.es = VTOPSEG(dest); v86.ebx = VTOPOFF(dest); v86int(); @@ -780,16 +1072,16 @@ bd_chs_io(struct disk_devdesc *dev, daddr_t dblk, int blks, caddr_t dest, } static void -bd_io_workaround(struct disk_devdesc *dev) +bd_io_workaround(bdinfo_t *bd) { uint8_t buf[8 * 1024]; - bd_edd_io(dev, 0xffffffff, 1, (caddr_t)buf, BD_RD); + bd_edd_io(bd, 0xffffffff, 1, (caddr_t)buf, BD_RD); } static int -bd_io(struct disk_devdesc *dev, daddr_t dblk, int blks, caddr_t dest, - int dowrite) +bd_io(struct disk_devdesc *dev, bdinfo_t *bd, daddr_t dblk, int blks, + caddr_t dest, int dowrite) { int result, retry; @@ -809,20 +1101,20 @@ bd_io(struct disk_devdesc *dev, daddr_t dblk, int blks, caddr_t dest, * may also retry. */ if (dowrite == BD_RD && dblk >= 0x100000000) - bd_io_workaround(dev); + bd_io_workaround(bd); for (retry = 0; retry < 3; retry++) { - if (BD(dev).bd_flags & BD_MODEEDD) - result = bd_edd_io(dev, dblk, blks, dest, dowrite); + if (bd->bd_flags & BD_MODEEDD) + result = bd_edd_io(bd, dblk, blks, dest, dowrite); else - result = bd_chs_io(dev, dblk, blks, dest, dowrite); + result = bd_chs_io(bd, dblk, blks, dest, dowrite); if (result == 0) { - if (BD(dev).bd_flags & BD_NO_MEDIA) - BD(dev).bd_flags &= ~BD_NO_MEDIA; + if (bd->bd_flags & BD_NO_MEDIA) + bd->bd_flags &= ~BD_NO_MEDIA; break; } - bd_reset_disk(BD(dev).bd_unit); + bd_reset_disk(bd->bd_unit); /* * Error codes: @@ -832,12 +1124,12 @@ bd_io(struct disk_devdesc *dev, daddr_t dblk, int blks, caddr_t dest, * There is no reason to repeat the IO with errors above. */ if (result == 0x20 || result == 0x31 || result == 0x80) { - BD(dev).bd_flags |= BD_NO_MEDIA; + bd->bd_flags |= BD_NO_MEDIA; break; } } - if (result != 0 && (BD(dev).bd_flags & BD_NO_MEDIA) == 0) { + if (result != 0 && (bd->bd_flags & BD_NO_MEDIA) == 0) { if (dowrite == BD_WR) { printf("%s%d: Write %d sector(s) from %p (0x%x) " "to %lld: 0x%x\n", dev->dd.d_dev->dv_name, @@ -893,26 +1185,40 @@ int bd_getdev(struct i386_devdesc *d) { struct disk_devdesc *dev; + bdinfo_t *bd; int biosdev; int major; int rootdev; char *nip, *cp; - int i, unit; + int i, unit, slice, partition; + + /* XXX: Assume partition 'a'. */ + slice = 0; + partition = 0; dev = (struct disk_devdesc *)d; - biosdev = bd_unit2bios(dev->dd.d_unit); + bd = bd_get_bdinfo(&dev->dd); + if (bd == NULL) + return (-1); + + biosdev = bd_unit2bios(d); DEBUG("unit %d BIOS device %d", dev->dd.d_unit, biosdev); if (biosdev == -1) /* not a BIOS device */ return (-1); - if (disk_open(dev, BD(dev).bd_sectors * BD(dev).bd_sectorsize, - BD(dev).bd_sectorsize) != 0) /* oops, not a viable device */ - return (-1); - else - disk_close(dev); + + if (dev->dd.d_dev->dv_type == DEVT_DISK) { + if (disk_open(dev, bd->bd_sectors * bd->bd_sectorsize, + bd->bd_sectorsize) != 0) /* oops, not a viable device */ + return (-1); + else + disk_close(dev); + slice = dev->d_slice + 1; + partition = dev->d_partition; + } if (biosdev < 0x80) { /* floppy (or emulated floppy) or ATAPI device */ - if (bdinfo[dev->dd.d_unit].bd_type == DT_ATAPI) { + if (bd->bd_type == DT_ATAPI) { /* is an ATAPI disk */ major = WFDMAJOR; } else { @@ -926,6 +1232,20 @@ bd_getdev(struct i386_devdesc *d) /* default root disk unit number */ unit = biosdev & 0x7f; + if (dev->dd.d_dev->dv_type == DEVT_CD) { + /* + * XXX: Need to examine device spec here to figure out if + * SCSI or ATAPI. No idea on how to figure out device number. + * All we can really pass to the kernel is what bus and device + * on which bus we were booted from, which dev_t isn't well + * suited to since those number don't match to unit numbers + * very well. We may just need to engage in a hack where + * we pass -C to the boot args if we are the boot device. + */ + major = ACDMAJOR; + unit = 0; /* XXX */ + } + /* XXX a better kludge to set the root disk unit number */ if ((nip = getenv("root_disk_unit")) != NULL) { i = strtol(nip, &cp, 0); @@ -934,7 +1254,7 @@ bd_getdev(struct i386_devdesc *d) unit = i; } - rootdev = MAKEBOOTDEV(major, dev->d_slice + 1, unit, dev->d_partition); + rootdev = MAKEBOOTDEV(major, slice, unit, partition); DEBUG("dev is 0x%x\n", rootdev); return (rootdev); } diff --git a/stand/i386/libi386/bootinfo32.c b/stand/i386/libi386/bootinfo32.c index 58881b705f9e..e6a92a2164d7 100644 --- a/stand/i386/libi386/bootinfo32.c +++ b/stand/i386/libi386/bootinfo32.c @@ -176,14 +176,9 @@ bi_load32(char *args, int *howtop, int *bootdevp, vm_offset_t *bip, vm_offset_t switch(rootdev->dd.d_dev->dv_type) { case DEVT_CD: - /* Pass in BIOS device number. */ - bi.bi_bios_dev = bc_unit2bios(rootdev->dd.d_unit); - bootdevnr = bc_getdev(rootdev); - break; - case DEVT_DISK: /* pass in the BIOS device number of the current disk */ - bi.bi_bios_dev = bd_unit2bios(rootdev->dd.d_unit); + bi.bi_bios_dev = bd_unit2bios(rootdev); bootdevnr = bd_getdev(rootdev); break; diff --git a/stand/i386/libi386/libi386.h b/stand/i386/libi386/libi386.h index 8fcb3e37a66b..561460c17590 100644 --- a/stand/i386/libi386/libi386.h +++ b/stand/i386/libi386/libi386.h @@ -91,17 +91,15 @@ extern struct devdesc currdev; /* our current device */ /* exported devices XXX rename? */ extern struct devsw bioscd; -extern struct devsw biosdisk; +extern struct devsw biosfd; +extern struct devsw bioshd; extern struct devsw pxedisk; extern struct fs_ops pxe_fsops; int bc_add(int biosdev); /* Register CD booted from. */ -int bc_getdev(struct i386_devdesc *dev); /* return dev_t for (dev) */ -int bc_bios2unit(int biosdev); /* xlate BIOS device -> bioscd unit */ -int bc_unit2bios(int unit); /* xlate bioscd unit -> BIOS device */ uint32_t bd_getbigeom(int bunit); /* return geometry in bootinfo format */ int bd_bios2unit(int biosdev); /* xlate BIOS device -> biosdisk unit */ -int bd_unit2bios(int unit); /* xlate biosdisk unit -> BIOS device */ +int bd_unit2bios(struct i386_devdesc *); /* xlate biosdisk -> BIOS device */ int bd_getdev(struct i386_devdesc *dev); /* return dev_t for (dev) */ ssize_t i386_copyin(const void *src, vm_offset_t dest, const size_t len); diff --git a/stand/i386/libi386/pxetramp.s b/stand/i386/libi386/pxetramp.S index dcf1441aeb24..dcf1441aeb24 100644 --- a/stand/i386/libi386/pxetramp.s +++ b/stand/i386/libi386/pxetramp.S diff --git a/stand/i386/loader/chain.c b/stand/i386/loader/chain.c index 4e04cc4a23fc..43ba2697e938 100644 --- a/stand/i386/loader/chain.c +++ b/stand/i386/loader/chain.c @@ -113,7 +113,7 @@ command_chain(int argc, char *argv[]) relocater_data[0].dest = 0x7C00; relocater_data[0].size = size; - relocator_edx = bd_unit2bios(rootdev->dd.d_unit); + relocator_edx = bd_unit2bios(rootdev); relocator_esi = relocater_size; relocator_ds = 0; relocator_es = 0; diff --git a/stand/i386/loader/conf.c b/stand/i386/loader/conf.c index 1e62e401793d..a3c676a6b549 100644 --- a/stand/i386/loader/conf.c +++ b/stand/i386/loader/conf.c @@ -51,8 +51,9 @@ extern struct devsw fwohci; /* Exported for libstand */ struct devsw *devsw[] = { + &biosfd, &bioscd, - &biosdisk, + &bioshd, #if defined(LOADER_NFS_SUPPORT) || defined(LOADER_TFTP_SUPPORT) &pxedisk, #endif diff --git a/stand/i386/loader/main.c b/stand/i386/loader/main.c index fd6507da9b6a..a7d1e82fd488 100644 --- a/stand/i386/loader/main.c +++ b/stand/i386/loader/main.c @@ -73,6 +73,7 @@ void exit(int code); #ifdef LOADER_GELI_SUPPORT #include "geliboot.h" struct geli_boot_args *gargs; +struct geli_boot_data *gbdata; #endif #ifdef LOADER_ZFS_SUPPORT struct zfs_boot_args *zargs; @@ -169,37 +170,49 @@ main(void) #ifdef LOADER_ZFS_SUPPORT archsw.arch_zfs_probe = i386_zfs_probe; -#ifdef LOADER_GELI_SUPPORT - if ((kargs->bootflags & KARGS_FLAGS_EXTARG) != 0) { + /* + * zfsboot and gptzfsboot have always passed KARGS_FLAGS_ZFS, so if that is + * set along with KARGS_FLAGS_EXTARG we know we can interpret the extarg + * data as a struct zfs_boot_args. + */ +#define KARGS_EXTARGS_ZFS (KARGS_FLAGS_EXTARG | KARGS_FLAGS_ZFS) + + if ((kargs->bootflags & KARGS_EXTARGS_ZFS) == KARGS_EXTARGS_ZFS) { zargs = (struct zfs_boot_args *)(kargs + 1); - if (zargs != NULL && zargs->size >= offsetof(struct zfs_boot_args, gelipw)) { - if (zargs->size >= offsetof(struct zfs_boot_args, keybuf_sentinel) && - zargs->keybuf_sentinel == KEYBUF_SENTINEL) { - geli_import_key_buffer(zargs->keybuf); - } - if (zargs->gelipw[0] != '\0') { - setenv("kern.geom.eli.passphrase", zargs->gelipw, 1); - explicit_bzero(zargs->gelipw, sizeof(zargs->gelipw)); - } - } } -#endif /* LOADER_GELI_SUPPORT */ -#else /* !LOADER_ZFS_SUPPORT */ +#endif /* LOADER_ZFS_SUPPORT */ + #ifdef LOADER_GELI_SUPPORT - if ((kargs->bootflags & KARGS_FLAGS_EXTARG) != 0) { + /* + * If we decided earlier that we have zfs_boot_args extarg data, and it is + * big enough to contain the embedded geli data (the early zfs_boot_args + * structs weren't), then init the gbdata pointer accordingly. If there is + * extarg data which isn't zfs_boot_args data, determine whether it is + * geli_boot_args data. Recent versions of gptboot set KARGS_FLAGS_GELI to + * indicate that. Earlier versions didn't, but we presume that's what we + * have if the extarg size exactly matches the size of the geli_boot_args + * struct during that pre-flag era. + */ +#define LEGACY_GELI_ARGS_SIZE 260 /* This can never change */ + +#ifdef LOADER_ZFS_SUPPORT + if (zargs != NULL) { + if (zargs->size > offsetof(struct zfs_boot_args, gelidata)) { + gbdata = &zargs->gelidata; + } + } else +#endif /* LOADER_ZFS_SUPPORT */ + if ((kargs->bootflags & KARGS_FLAGS_EXTARG) != 0) { gargs = (struct geli_boot_args *)(kargs + 1); - if (gargs != NULL && gargs->size >= offsetof(struct geli_boot_args, gelipw)) { - if (gargs->keybuf_sentinel == KEYBUF_SENTINEL) { - geli_import_key_buffer(gargs->keybuf); - } - if (gargs->gelipw[0] != '\0') { - setenv("kern.geom.eli.passphrase", gargs->gelipw, 1); - explicit_bzero(gargs->gelipw, sizeof(gargs->gelipw)); - } + if ((kargs->bootflags & KARGS_FLAGS_GELI) || + gargs->size == LEGACY_GELI_ARGS_SIZE) { + gbdata = &gargs->gelidata; } } + + if (gbdata != NULL) + import_geli_boot_data(gbdata); #endif /* LOADER_GELI_SUPPORT */ -#endif /* LOADER_ZFS_SUPPORT */ /* * March through the device switch probing for things. @@ -251,14 +264,14 @@ extract_currdev(void) int biosdev = -1; /* Assume we are booting from a BIOS disk by default */ - new_currdev.dd.d_dev = &biosdisk; + new_currdev.dd.d_dev = &bioshd; /* new-style boot loaders such as pxeldr and cdldr */ if (kargs->bootinfo == 0) { if ((kargs->bootflags & KARGS_FLAGS_CD) != 0) { /* we are booting from a CD with cdboot */ new_currdev.dd.d_dev = &bioscd; - new_currdev.dd.d_unit = bc_bios2unit(initial_bootdev); + new_currdev.dd.d_unit = bd_bios2unit(initial_bootdev); } else if ((kargs->bootflags & KARGS_FLAGS_PXE) != 0) { /* we are booting from pxeldr */ new_currdev.dd.d_dev = &pxedisk; @@ -271,11 +284,7 @@ extract_currdev(void) } #ifdef LOADER_ZFS_SUPPORT } else if ((kargs->bootflags & KARGS_FLAGS_ZFS) != 0) { - zargs = NULL; - /* check for new style extended argument */ - if ((kargs->bootflags & KARGS_FLAGS_EXTARG) != 0) - zargs = (struct zfs_boot_args *)(kargs + 1); - + /* zargs was set in main() if we have new style extended argument */ if (zargs != NULL && zargs->size >= offsetof(struct zfs_boot_args, primary_pool)) { /* sufficient data is provided */ @@ -318,7 +327,7 @@ extract_currdev(void) * If we are booting off of a BIOS disk and we didn't succeed in determining * which one we booted off of, just use disk0: as a reasonable default. */ - if ((new_currdev.dd.d_dev->dv_type == biosdisk.dv_type) && + if ((new_currdev.dd.d_dev->dv_type == bioshd.dv_type) && ((new_currdev.dd.d_unit = bd_bios2unit(biosdev)) == -1)) { printf("Can't work out which disk we are booting from.\n" "Guessed BIOS device 0x%x not found by probes, defaulting to disk0:\n", biosdev); @@ -390,18 +399,16 @@ static void i386_zfs_probe(void) { char devname[32]; - int unit; + struct i386_devdesc dev; /* * Open all the disks we can find and see if we can reconstruct * ZFS pools from them. */ - for (unit = 0; unit < MAXBDDEV; unit++) { - if (bd_unit2bios(unit) == -1) - break; - if (bd_unit2bios(unit) < 0x80) - continue; - sprintf(devname, "disk%d:", unit); + dev.dd.d_dev = &bioshd; + for (dev.dd.d_unit = 0; bd_unit2bios(&dev) >= 0; dev.dd.d_unit++) { + snprintf(devname, sizeof(devname), "%s%d:", bioshd.dv_name, + dev.dd.d_unit); zfs_probe_dev(devname, NULL); } } diff --git a/stand/i386/mbr/Makefile b/stand/i386/mbr/Makefile index 26018ffb1378..dca202cb815b 100644 --- a/stand/i386/mbr/Makefile +++ b/stand/i386/mbr/Makefile @@ -3,14 +3,14 @@ PROG= mbr STRIP= BINMODE=${NOBINMODE} -SRCS= ${PROG}.s +SRCS= ${PROG}.S # MBR flags: 0x80 -- try packet interface (also known as EDD or LBA) BOOT_MBR_FLAGS?= 0x80 ORG= 0x600 -AFLAGS+=--defsym FLAGS=${BOOT_MBR_FLAGS} +ACFLAGS+=-Wa,-defsym,FLAGS=${BOOT_MBR_FLAGS} LDFLAGS+=${LDFLAGS_BIN} .include <bsd.prog.mk> diff --git a/stand/i386/mbr/mbr.s b/stand/i386/mbr/mbr.S index 3cfc20dd58e1..3cfc20dd58e1 100644 --- a/stand/i386/mbr/mbr.s +++ b/stand/i386/mbr/mbr.S diff --git a/stand/i386/pmbr/Makefile b/stand/i386/pmbr/Makefile index bfd6209f0406..e09bb610fc18 100644 --- a/stand/i386/pmbr/Makefile +++ b/stand/i386/pmbr/Makefile @@ -3,11 +3,13 @@ PROG= pmbr STRIP= BINMODE=${NOBINMODE} -SRCS= ${PROG}.s +SRCS= ${PROG}.S + +BOOT_MBR_FLAGS?= 0 ORG= 0x600 -AFLAGS+=--defsym FLAGS=${BOOT_MBR_FLAGS} +ACFLAGS+=-Wa,-defsym,FLAGS=${BOOT_MBR_FLAGS} LDFLAGS+=${LDFLAGS_BIN} .include <bsd.prog.mk> diff --git a/stand/i386/pmbr/pmbr.s b/stand/i386/pmbr/pmbr.S index 1a758812edd3..1a758812edd3 100644 --- a/stand/i386/pmbr/pmbr.s +++ b/stand/i386/pmbr/pmbr.S diff --git a/stand/i386/pxeldr/pxeboot.8 b/stand/i386/pxeldr/pxeboot.8 index 7d7d65ccaaad..c9fa434b3028 100644 --- a/stand/i386/pxeldr/pxeboot.8 +++ b/stand/i386/pxeldr/pxeboot.8 @@ -24,7 +24,7 @@ .\" .\" $FreeBSD$ .\" -.Dd May 27, 2017 +.Dd November 25, 2018 .Dt PXEBOOT 8 .Os .Sh NAME diff --git a/stand/i386/zfsboot/zfsboot.c b/stand/i386/zfsboot/zfsboot.c index e88527757158..28a9e9a39760 100644 --- a/stand/i386/zfsboot/zfsboot.c +++ b/stand/i386/zfsboot/zfsboot.c @@ -129,7 +129,6 @@ int main(void); #ifdef LOADER_GELI_SUPPORT #include "geliboot.h" static char gelipw[GELI_PW_MAXLEN]; -static struct keybuf *gelibuf; #endif struct zfsdsk { @@ -993,18 +992,17 @@ load(void) zfsargs.primary_pool = primary_spa->spa_guid; #ifdef LOADER_GELI_SUPPORT explicit_bzero(gelipw, sizeof(gelipw)); - gelibuf = malloc(sizeof(struct keybuf) + (GELI_MAX_KEYS * sizeof(struct keybuf_ent))); - geli_export_key_buffer(gelibuf); - zfsargs.notapw = '\0'; - zfsargs.keybuf_sentinel = KEYBUF_SENTINEL; - zfsargs.keybuf = gelibuf; -#else - zfsargs.gelipw[0] = '\0'; + export_geli_boot_data(&zfsargs.gelidata); #endif if (primary_vdev != NULL) zfsargs.primary_vdev = primary_vdev->v_guid; else printf("failed to detect primary vdev\n"); + /* + * Note that the zfsargs struct is passed by value, not by pointer. Code in + * btxldr.S copies the values from the entry stack to a fixed location + * within loader(8) at startup due to the presence of KARGS_FLAGS_EXTARG. + */ __exec((caddr_t)addr, RB_BOOTINFO | (opts & RBX_MASK), bootdev, KARGS_FLAGS_ZFS | KARGS_FLAGS_EXTARG, diff --git a/stand/libsa/arp.c b/stand/libsa/arp.c index 3d298fff2058..7d49559b4e04 100644 --- a/stand/libsa/arp.c +++ b/stand/libsa/arp.c @@ -120,7 +120,7 @@ arpwhohas(struct iodesc *d, struct in_addr addr) arpsend, &wbuf.data, sizeof(wbuf.data), arprecv, &pkt, (void **)&ah, NULL); if (i == -1) { - panic("arp: no response for %s\n", + panic("arp: no response for %s", inet_ntoa(addr)); } diff --git a/stand/libsa/assert.c b/stand/libsa/assert.c index 8eec63a4729a..74b9fb4bacbf 100644 --- a/stand/libsa/assert.c +++ b/stand/libsa/assert.c @@ -35,10 +35,10 @@ void __assert(const char *func, const char *file, int line, const char *expression) { if (func == NULL) - panic("Assertion failed: (%s), file %s, line %d.\n", + panic("Assertion failed: (%s), file %s, line %d.", expression, file, line); else panic( - "Assertion failed: (%s), function %s, file %s, line %d.\n", + "Assertion failed: (%s), function %s, file %s, line %d.", expression, func, file, line); } diff --git a/stand/libsa/bzipfs.c b/stand/libsa/bzipfs.c index ff1514efeed3..47380ae72e5e 100644 --- a/stand/libsa/bzipfs.c +++ b/stand/libsa/bzipfs.c @@ -360,7 +360,7 @@ bzf_stat(struct open_file *f, struct stat *sb) void bz_internal_error(int errorcode) { - panic("bzipfs: critical error %d in bzip2 library occured\n", errorcode); + panic("bzipfs: critical error %d in bzip2 library occured", errorcode); } #ifdef REGRESSION diff --git a/stand/libsa/netif.c b/stand/libsa/netif.c index 105f9a31ab5d..d255cc663d5a 100644 --- a/stand/libsa/netif.c +++ b/stand/libsa/netif.c @@ -182,7 +182,7 @@ netif_attach(struct netif *nif, struct iodesc *desc, void *machdep_hint) desc->io_netif = nif; #ifdef PARANOID if (drv->netif_init == NULL) - panic("%s%d: no netif_init support\n", drv->netif_bname, + panic("%s%d: no netif_init support", drv->netif_bname, nif->nif_unit); #endif drv->netif_init(desc, machdep_hint); @@ -201,7 +201,7 @@ netif_detach(struct netif *nif) #endif #ifdef PARANOID if (drv->netif_end == NULL) - panic("%s%d: no netif_end support\n", drv->netif_bname, + panic("%s%d: no netif_end support", drv->netif_bname, nif->nif_unit); #endif drv->netif_end(nif); @@ -222,7 +222,7 @@ netif_get(struct iodesc *desc, void **pkt, time_t timo) #endif #ifdef PARANOID if (drv->netif_get == NULL) - panic("%s%d: no netif_get support\n", drv->netif_bname, + panic("%s%d: no netif_get support", drv->netif_bname, nif->nif_unit); #endif rv = drv->netif_get(desc, pkt, timo); @@ -249,7 +249,7 @@ netif_put(struct iodesc *desc, void *pkt, size_t len) #endif #ifdef PARANOID if (drv->netif_put == NULL) - panic("%s%d: no netif_put support\n", drv->netif_bname, + panic("%s%d: no netif_put support", drv->netif_bname, nif->nif_unit); #endif rv = drv->netif_put(desc, pkt, len); diff --git a/stand/libsa/sbrk.c b/stand/libsa/sbrk.c index 00787fc54945..2f169ea60f66 100644 --- a/stand/libsa/sbrk.c +++ b/stand/libsa/sbrk.c @@ -53,7 +53,7 @@ sbrk(int incr) char *ret; if (heapbase == 0) - panic("No heap setup\n"); + panic("No heap setup"); if ((heapsize + incr) <= maxheap) { ret = (char *)heapbase + heapsize; diff --git a/stand/libsa/ufs.c b/stand/libsa/ufs.c index 204bc969f968..317d6e9fdb1c 100644 --- a/stand/libsa/ufs.c +++ b/stand/libsa/ufs.c @@ -140,6 +140,11 @@ static int ufs_use_sa_read(void *, off_t, void **, int); /* from ffs_subr.c */ int ffs_sbget(void *, struct fs **, off_t, char *, int (*)(void *, off_t, void **, int)); +/* + * Request standard superblock location in ffs_sbget + */ +#define STDSB -1 /* Fail if check-hash is bad */ +#define STDSB_NOHASHFAIL -2 /* Ignore check-hash failure */ /* * Read a new inode into a file structure. @@ -519,7 +524,8 @@ ufs_open(upath, f) /* read super block */ twiddle(1); - if ((rc = ffs_sbget(f, &fs, -1, "stand", ufs_use_sa_read)) != 0) + if ((rc = ffs_sbget(f, &fs, STDSB_NOHASHFAIL, "stand", + ufs_use_sa_read)) != 0) goto out; fp->f_fs = fs; /* diff --git a/stand/libsa/zfs/libzfs.h b/stand/libsa/zfs/libzfs.h index dcbab89fa441..fef59e1bb13a 100644 --- a/stand/libsa/zfs/libzfs.h +++ b/stand/libsa/zfs/libzfs.h @@ -44,31 +44,6 @@ struct zfs_devdesc { #include <crypto/intake.h> #endif -struct zfs_boot_args -{ - uint32_t size; - uint32_t reserved; - uint64_t pool; - uint64_t root; - uint64_t primary_pool; - uint64_t primary_vdev; - union { - char gelipw[256]; - struct { - char notapw; /* - * single null byte to stop keybuf - * being interpreted as a password - */ - uint32_t keybuf_sentinel; -#ifdef LOADER_GELI_SUPPORT - struct keybuf *keybuf; -#else - void *keybuf; -#endif - }; - }; -}; - int zfs_parsedev(struct zfs_devdesc *dev, const char *devspec, const char **path); char *zfs_fmtdev(void *vdev); diff --git a/stand/uboot/common/main.c b/stand/uboot/common/main.c index c7ca501c7a45..50a12cd425fb 100644 --- a/stand/uboot/common/main.c +++ b/stand/uboot/common/main.c @@ -497,6 +497,9 @@ main(int argc, char **argv) do_interact: setenv("LINES", "24", 1); /* optional */ setenv("prompt", "loader>", 1); +#ifdef __powerpc__ + setenv("usefdt", "1", 1); +#endif archsw.arch_loadaddr = uboot_loadaddr; archsw.arch_getdev = uboot_getdev; diff --git a/stand/uboot/lib/copy.c b/stand/uboot/lib/copy.c index 131b88d85861..7fd5fd671c02 100644 --- a/stand/uboot/lib/copy.c +++ b/stand/uboot/lib/copy.c @@ -133,7 +133,7 @@ uboot_loadaddr(u_int type, void *data, uint64_t addr) } } if (biggest_size == 0) - panic("Not enough DRAM to load kernel\n"); + panic("Not enough DRAM to load kernel"); #if 0 printf("Loading kernel into region 0x%08jx-0x%08jx (%ju MiB)\n", (uintmax_t)biggest_block, diff --git a/stand/uboot/lib/net.c b/stand/uboot/lib/net.c index a0d1cb4f4583..2e1b9ab4caa4 100644 --- a/stand/uboot/lib/net.c +++ b/stand/uboot/lib/net.c @@ -324,7 +324,7 @@ net_init(struct iodesc *desc, void *machdep_hint) sc = nif->nif_devdata = &uboot_softc; if ((err = ub_dev_open(sc->sc_handle)) != 0) - panic("%s%d: initialisation failed with error %d\n", + panic("%s%d: initialisation failed with error %d", nif->nif_driver->netif_bname, nif->nif_unit, err); /* Get MAC address */ @@ -359,6 +359,6 @@ net_end(struct netif *nif) int err; if ((err = ub_dev_close(sc->sc_handle)) != 0) - panic("%s%d: net_end failed with error %d\n", + panic("%s%d: net_end failed with error %d", nif->nif_driver->netif_bname, nif->nif_unit, err); } diff --git a/sys/amd64/amd64/machdep.c b/sys/amd64/amd64/machdep.c index 55db65ffc63c..19c67567629f 100644 --- a/sys/amd64/amd64/machdep.c +++ b/sys/amd64/amd64/machdep.c @@ -392,7 +392,6 @@ sendsig(sig_t catcher, ksiginfo_t *ksi, sigset_t *mask) sf.sf_uc.uc_mcontext.mc_gsbase = pcb->pcb_gsbase; bzero(sf.sf_uc.uc_mcontext.mc_spare, sizeof(sf.sf_uc.uc_mcontext.mc_spare)); - bzero(sf.sf_uc.__spare__, sizeof(sf.sf_uc.__spare__)); /* Allocate space for the signal handler context. */ if ((td->td_pflags & TDP_ALTSTACK) != 0 && !oonstack && @@ -2046,6 +2045,7 @@ fill_regs(struct thread *td, struct reg *regs) int fill_frame_regs(struct trapframe *tp, struct reg *regs) { + regs->r_r15 = tp->tf_r15; regs->r_r14 = tp->tf_r14; regs->r_r13 = tp->tf_r13; @@ -2077,6 +2077,8 @@ fill_frame_regs(struct trapframe *tp, struct reg *regs) regs->r_fs = 0; regs->r_gs = 0; } + regs->r_err = 0; + regs->r_trapno = 0; return (0); } diff --git a/sys/amd64/amd64/pmap.c b/sys/amd64/amd64/pmap.c index bd72f801ca97..737dc632e3ce 100644 --- a/sys/amd64/amd64/pmap.c +++ b/sys/amd64/amd64/pmap.c @@ -8441,9 +8441,10 @@ pmap_large_unmap(void *svaa, vm_size_t len) KASSERT((va & PDPMASK) == 0, ("PDPMASK bit set, va %#lx pdpe %#lx pdp %#lx", va, (u_long)pdpe, pdp)); - KASSERT(len <= NBPDP, - ("len < NBPDP, sva %#lx va %#lx pdpe %#lx pdp %#lx " - "len %#lx", sva, va, (u_long)pdpe, pdp, len)); + KASSERT(va + NBPDP <= sva + len, + ("unmap covers partial 1GB page, sva %#lx va %#lx " + "pdpe %#lx pdp %#lx len %#lx", sva, va, + (u_long)pdpe, pdp, len)); *pdpe = 0; inc = NBPDP; continue; @@ -8457,9 +8458,10 @@ pmap_large_unmap(void *svaa, vm_size_t len) KASSERT((va & PDRMASK) == 0, ("PDRMASK bit set, va %#lx pde %#lx pd %#lx", va, (u_long)pde, pd)); - KASSERT(len <= NBPDR, - ("len < NBPDR, sva %#lx va %#lx pde %#lx pd %#lx " - "len %#lx", sva, va, (u_long)pde, pd, len)); + KASSERT(va + NBPDR <= sva + len, + ("unmap covers partial 2MB page, sva %#lx va %#lx " + "pde %#lx pd %#lx len %#lx", sva, va, (u_long)pde, + pd, len)); pde_store(pde, 0); inc = NBPDR; m = PHYS_TO_VM_PAGE(DMAP_TO_PHYS((vm_offset_t)pde)); diff --git a/sys/amd64/amd64/support.S b/sys/amd64/amd64/support.S index 1bb82ef43b97..05e5f988f2b6 100644 --- a/sys/amd64/amd64/support.S +++ b/sys/amd64/amd64/support.S @@ -197,8 +197,6 @@ END(memcmp) /* * memmove(dst, src, cnt) * rdi, rsi, rdx - * Adapted from bcopy written by: - * ws@tools.de (Wolfgang Solfrank, TooLs GmbH) +49-228-985800 */ /* @@ -207,11 +205,19 @@ END(memcmp) * rsi - source * rdx - count * - * The macro possibly clobbers the above and: rcx, r8. - * It does not clobber rax, r10 nor r11. + * The macro possibly clobbers the above and: rcx, r8, r9, 10 + * It does not clobber rax nor r11. */ .macro MEMMOVE erms overlap begin end \begin + + /* + * For sizes 0..32 all data is read before it is written, so there + * is no correctness issue with direction of copying. + */ + cmpq $32,%rcx + jbe 101632f + .if \overlap == 1 movq %rdi,%r8 subq %rsi,%r8 @@ -219,13 +225,10 @@ END(memcmp) jb 2f .endif - cmpq $32,%rcx - jb 1016f - cmpq $256,%rcx ja 1256f -1032: +103200: movq (%rsi),%rdx movq %rdx,(%rdi) movq 8(%rsi),%rdx @@ -238,61 +241,69 @@ END(memcmp) leaq 32(%rdi),%rdi subq $32,%rcx cmpq $32,%rcx - jae 1032b + jae 103200b cmpb $0,%cl - jne 1016f + jne 101632f \end ret ALIGN_TEXT -1016: +101632: cmpb $16,%cl - jl 1008f + jl 100816f movq (%rsi),%rdx + movq 8(%rsi),%r8 + movq -16(%rsi,%rcx),%r9 + movq -8(%rsi,%rcx),%r10 movq %rdx,(%rdi) - movq 8(%rsi),%rdx - movq %rdx,8(%rdi) - subb $16,%cl - jz 1000f - leaq 16(%rsi),%rsi - leaq 16(%rdi),%rdi -1008: + movq %r8,8(%rdi) + movq %r9,-16(%rdi,%rcx) + movq %r10,-8(%rdi,%rcx) + \end + ret + ALIGN_TEXT +100816: cmpb $8,%cl - jl 1004f + jl 100408f movq (%rsi),%rdx + movq -8(%rsi,%rcx),%r8 movq %rdx,(%rdi) - subb $8,%cl - jz 1000f - leaq 8(%rsi),%rsi - leaq 8(%rdi),%rdi -1004: + movq %r8,-8(%rdi,%rcx,) + \end + ret + ALIGN_TEXT +100408: cmpb $4,%cl - jl 1002f + jl 100204f movl (%rsi),%edx + movl -4(%rsi,%rcx),%r8d movl %edx,(%rdi) - subb $4,%cl - jz 1000f - leaq 4(%rsi),%rsi - leaq 4(%rdi),%rdi -1002: + movl %r8d,-4(%rdi,%rcx) + \end + ret + ALIGN_TEXT +100204: cmpb $2,%cl - jl 1001f - movw (%rsi),%dx + jl 100001f + movzwl (%rsi),%edx + movzwl -2(%rsi,%rcx),%r8d movw %dx,(%rdi) - subb $2,%cl - jz 1000f - leaq 2(%rsi),%rsi - leaq 2(%rdi),%rdi -1001: + movw %r8w,-2(%rdi,%rcx) + \end + ret + ALIGN_TEXT +100001: cmpb $1,%cl - jl 1000f + jl 100000f movb (%rsi),%dl movb %dl,(%rdi) -1000: +100000: \end ret ALIGN_TEXT 1256: + testb $15,%dil + jnz 100f .if \erms == 1 rep movsb @@ -301,8 +312,36 @@ END(memcmp) rep movsq movq %rdx,%rcx - andb $7,%cl /* any bytes left? */ - jne 1004b + andl $7,%ecx /* any bytes left? */ + jne 100408b +.endif + \end + ret +100: + movq (%rsi),%r8 + movq 8(%rsi),%r9 + movq %rdi,%r10 + movq %rdi,%rcx + andq $15,%rcx + leaq -16(%rdx,%rcx),%rdx + neg %rcx + leaq 16(%rdi,%rcx),%rdi + leaq 16(%rsi,%rcx),%rsi + movq %rdx,%rcx +.if \erms == 1 + rep + movsb + movq %r8,(%r10) + movq %r9,8(%r10) +.else + shrq $3,%rcx /* copy by 64-bit words */ + rep + movsq + movq %r8,(%r10) + movq %r9,8(%r10) + movq %rdx,%rcx + andl $7,%ecx /* any bytes left? */ + jne 100408b .endif \end ret @@ -313,24 +352,24 @@ END(memcmp) */ ALIGN_TEXT 2: - addq %rcx,%rdi - addq %rcx,%rsi + cmpq $256,%rcx + ja 2256f + + leaq -8(%rdi,%rcx),%rdi + leaq -8(%rsi,%rcx),%rsi cmpq $32,%rcx jb 2016f - cmpq $256,%rcx - ja 2256f - 2032: + movq (%rsi),%rdx + movq %rdx,(%rdi) movq -8(%rsi),%rdx movq %rdx,-8(%rdi) movq -16(%rsi),%rdx movq %rdx,-16(%rdi) movq -24(%rsi),%rdx movq %rdx,-24(%rdi) - movq -32(%rsi),%rdx - movq %rdx,-32(%rdi) leaq -32(%rsi),%rsi leaq -32(%rdi),%rdi subq $32,%rcx @@ -344,10 +383,10 @@ END(memcmp) 2016: cmpb $16,%cl jl 2008f + movq (%rsi),%rdx + movq %rdx,(%rdi) movq -8(%rsi),%rdx movq %rdx,-8(%rdi) - movq -16(%rsi),%rdx - movq %rdx,-16(%rdi) subb $16,%cl jz 2000f leaq -16(%rsi),%rsi @@ -355,8 +394,8 @@ END(memcmp) 2008: cmpb $8,%cl jl 2004f - movq -8(%rsi),%rdx - movq %rdx,-8(%rdi) + movq (%rsi),%rdx + movq %rdx,(%rdi) subb $8,%cl jz 2000f leaq -8(%rsi),%rsi @@ -364,8 +403,8 @@ END(memcmp) 2004: cmpb $4,%cl jl 2002f - movl -4(%rsi),%edx - movl %edx,-4(%rdi) + movl 4(%rsi),%edx + movl %edx,4(%rdi) subb $4,%cl jz 2000f leaq -4(%rsi),%rsi @@ -373,8 +412,8 @@ END(memcmp) 2002: cmpb $2,%cl jl 2001f - movw -2(%rsi),%dx - movw %dx,-2(%rdi) + movw 6(%rsi),%dx + movw %dx,6(%rdi) subb $2,%cl jz 2000f leaq -2(%rsi),%rsi @@ -382,33 +421,31 @@ END(memcmp) 2001: cmpb $1,%cl jl 2000f - movb -1(%rsi),%dl - movb %dl,-1(%rdi) + movb 7(%rsi),%dl + movb %dl,7(%rdi) 2000: \end ret ALIGN_TEXT 2256: - decq %rdi - decq %rsi std .if \erms == 1 + leaq -1(%rdi,%rcx),%rdi + leaq -1(%rsi,%rcx),%rsi rep movsb + cld .else - andq $7,%rcx /* any fractional bytes? */ - je 3f - rep - movsb -3: - movq %rdx,%rcx /* copy remainder by 32-bit words */ + leaq -8(%rdi,%rcx),%rdi + leaq -8(%rsi,%rcx),%rsi shrq $3,%rcx - subq $7,%rsi - subq $7,%rdi rep movsq -.endif cld + movq %rdx,%rcx + andb $7,%cl + jne 2004b +.endif \end ret .endif @@ -1118,7 +1155,6 @@ ENTRY(suword16_nosmap) movw %si,(%rdi) xorl %eax,%eax - movq PCPU(CURPCB),%rcx /* restore trashed register */ movq %rax,PCB_ONFAULT(%rcx) POP_FRAME_POINTER ret @@ -1137,7 +1173,6 @@ ENTRY(suword16_smap) movw %si,(%rdi) clac xorl %eax,%eax - movq PCPU(CURPCB),%rcx /* restore trashed register */ movq %rax,PCB_ONFAULT(%rcx) POP_FRAME_POINTER ret @@ -1155,7 +1190,6 @@ ENTRY(subyte_nosmap) movl %esi,%eax movb %al,(%rdi) xorl %eax,%eax - movq PCPU(CURPCB),%rcx /* restore trashed register */ movq %rax,PCB_ONFAULT(%rcx) POP_FRAME_POINTER ret @@ -1175,7 +1209,6 @@ ENTRY(subyte_smap) movb %al,(%rdi) clac xorl %eax,%eax - movq PCPU(CURPCB),%rcx /* restore trashed register */ movq %rax,PCB_ONFAULT(%rcx) POP_FRAME_POINTER ret diff --git a/sys/amd64/ia32/ia32_reg.c b/sys/amd64/ia32/ia32_reg.c index 093737f7f8e8..4a068b7f61e2 100644 --- a/sys/amd64/ia32/ia32_reg.c +++ b/sys/amd64/ia32/ia32_reg.c @@ -105,6 +105,8 @@ fill_regs32(struct thread *td, struct reg32 *regs) regs->r_eflags = tp->tf_rflags; regs->r_esp = tp->tf_rsp; regs->r_ss = tp->tf_ss; + regs->r_err = 0; + regs->r_trapno = 0; return (0); } diff --git a/sys/amd64/ia32/ia32_signal.c b/sys/amd64/ia32/ia32_signal.c index f0ed9bd3eb0c..90c9d8de6ed5 100644 --- a/sys/amd64/ia32/ia32_signal.c +++ b/sys/amd64/ia32/ia32_signal.c @@ -261,11 +261,11 @@ freebsd32_getcontext(struct thread *td, struct freebsd32_getcontext_args *uap) if (uap->ucp == NULL) ret = EINVAL; else { + bzero(&uc, sizeof(uc)); ia32_get_mcontext(td, &uc.uc_mcontext, GET_MC_CLEAR_RET); PROC_LOCK(td->td_proc); uc.uc_sigmask = td->td_sigmask; PROC_UNLOCK(td->td_proc); - bzero(&uc.__spare__, sizeof(uc.__spare__)); ret = copyout(&uc, uap->ucp, UC_COPY_SIZE); } return (ret); @@ -275,7 +275,7 @@ int freebsd32_setcontext(struct thread *td, struct freebsd32_setcontext_args *uap) { struct ia32_ucontext uc; - int ret; + int ret; if (uap->ucp == NULL) ret = EINVAL; @@ -296,11 +296,12 @@ int freebsd32_swapcontext(struct thread *td, struct freebsd32_swapcontext_args *uap) { struct ia32_ucontext uc; - int ret; + int ret; if (uap->oucp == NULL || uap->ucp == NULL) ret = EINVAL; else { + bzero(&uc, sizeof(uc)); ia32_get_mcontext(td, &uc.uc_mcontext, GET_MC_CLEAR_RET); PROC_LOCK(td->td_proc); uc.uc_sigmask = td->td_sigmask; @@ -620,7 +621,6 @@ ia32_sendsig(sig_t catcher, ksiginfo_t *ksi, sigset_t *mask) fpstate_drop(td); sf.sf_uc.uc_mcontext.mc_fsbase = td->td_pcb->pcb_fsbase; sf.sf_uc.uc_mcontext.mc_gsbase = td->td_pcb->pcb_gsbase; - bzero(sf.sf_uc.__spare__, sizeof(sf.sf_uc.__spare__)); /* Allocate space for the signal handler context. */ if ((td->td_pflags & TDP_ALTSTACK) != 0 && !oonstack && diff --git a/sys/arm/allwinner/aw_usbphy.c b/sys/arm/allwinner/aw_usbphy.c index e658ad77ac2f..0b8bcf539602 100644 --- a/sys/arm/allwinner/aw_usbphy.c +++ b/sys/arm/allwinner/aw_usbphy.c @@ -389,8 +389,11 @@ awusbphy_set_mode(struct phynode *phynode, int mode) phy = phynode_get_id(phynode); sc = device_get_softc(dev); - if (phy != 0) - return (EINVAL); + if (phy != 0) { + if (mode != PHY_USB_MODE_HOST) + return (EINVAL); + return (0); + } switch (mode) { case PHY_USB_MODE_HOST: diff --git a/sys/arm/arm/machdep.c b/sys/arm/arm/machdep.c index dde6ab0f6c9c..4755c1aa506a 100644 --- a/sys/arm/arm/machdep.c +++ b/sys/arm/arm/machdep.c @@ -641,6 +641,7 @@ sendsig(catcher, ksi, mask) /* make the stack aligned */ fp = (struct sigframe *)STACKALIGN(fp); /* Populate the siginfo frame. */ + bzero(&frame, sizeof(frame)); get_mcontext(td, &frame.sf_uc.uc_mcontext, 0); #ifdef VFP get_vfpcontext(td, &frame.sf_vfp); @@ -652,9 +653,9 @@ sendsig(catcher, ksi, mask) #endif frame.sf_si = ksi->ksi_info; frame.sf_uc.uc_sigmask = *mask; - frame.sf_uc.uc_stack.ss_flags = (td->td_pflags & TDP_ALTSTACK ) - ? ((onstack) ? SS_ONSTACK : 0) : SS_DISABLE; frame.sf_uc.uc_stack = td->td_sigstk; + frame.sf_uc.uc_stack.ss_flags = (td->td_pflags & TDP_ALTSTACK) != 0 ? + (onstack ? SS_ONSTACK : 0) : SS_DISABLE; mtx_unlock(&psp->ps_mtx); PROC_UNLOCK(td->td_proc); diff --git a/sys/arm/arm/machdep_kdb.c b/sys/arm/arm/machdep_kdb.c index f70c1f15d245..4b3224a0e7ca 100644 --- a/sys/arm/arm/machdep_kdb.c +++ b/sys/arm/arm/machdep_kdb.c @@ -104,6 +104,7 @@ fill_regs(struct thread *td, struct reg *regs) regs->r_cpsr = tf->tf_spsr; return (0); } + int fill_fpregs(struct thread *td, struct fpreg *regs) { @@ -134,8 +135,11 @@ set_fpregs(struct thread *td, struct fpreg *regs) int fill_dbregs(struct thread *td, struct dbreg *regs) { + + bzero(regs, sizeof(*regs)); return (0); } + int set_dbregs(struct thread *td, struct dbreg *regs) { diff --git a/sys/arm/arm/physmem.c b/sys/arm/arm/physmem.c index 8a97f9883451..52ccf3b03f41 100644 --- a/sys/arm/arm/physmem.c +++ b/sys/arm/arm/physmem.c @@ -265,7 +265,7 @@ regions_to_avail(vm_paddr_t *avail, uint32_t exflags, size_t maxavail, if (pavail != NULL) *pavail = availmem; if (prealmem != NULL) - *prealmem = realmem; + *prealmem = totalmem; return (acnt); } diff --git a/sys/arm/arm/pmap-v6.c b/sys/arm/arm/pmap-v6.c index ceedc75cb941..8a2c4c167f3e 100644 --- a/sys/arm/arm/pmap-v6.c +++ b/sys/arm/arm/pmap-v6.c @@ -3037,7 +3037,7 @@ get_pv_entry(pmap_t pmap, boolean_t try) if (ratecheck(&lastprint, &printinterval)) printf("Approaching the limit on PV entries, consider " "increasing either the vm.pmap.shpgperproc or the " - "vm.pmap.pv_entry_max tunable.\n"); + "vm.pmap.pv_entries tunable.\n"); retry: pc = TAILQ_FIRST(&pmap->pm_pvchunk); if (pc != NULL) { diff --git a/sys/arm/include/atomic-v6.h b/sys/arm/include/atomic-v6.h index b0cb40806269..d4d4792a1d42 100644 --- a/sys/arm/include/atomic-v6.h +++ b/sys/arm/include/atomic-v6.h @@ -435,7 +435,7 @@ atomic_fetchadd_64(volatile uint64_t *p, uint64_t val) __asm __volatile( "1: \n" - " ldrexd %Q[tmp], %R[tmp], [%[ptr]] \n" + " ldrexd %Q[ret], %R[ret], [%[ptr]] \n" " adds %Q[tmp], %Q[ret], %Q[val] \n" " adc %R[tmp], %R[ret], %R[val] \n" " strexd %[exf], %Q[tmp], %R[tmp], [%[ptr]] \n" diff --git a/sys/arm/mv/mv_pci_ctrl.c b/sys/arm/mv/mv_pci_ctrl.c index ae12f897f212..4071ad40fafd 100644 --- a/sys/arm/mv/mv_pci_ctrl.c +++ b/sys/arm/mv/mv_pci_ctrl.c @@ -97,6 +97,7 @@ static device_method_t mv_pcib_ctrl_methods[] = { DEVMETHOD(bus_alloc_resource, mv_pcib_ctrl_alloc_resource), DEVMETHOD(bus_release_resource, bus_generic_release_resource), DEVMETHOD(bus_activate_resource, bus_generic_activate_resource), + DEVMETHOD(bus_deactivate_resource, bus_generic_deactivate_resource), DEVMETHOD(bus_setup_intr, bus_generic_setup_intr), /* ofw_bus interface */ diff --git a/sys/arm/ti/ti_pruss.c b/sys/arm/ti/ti_pruss.c index 1ac039205b6f..f755f9be16b3 100644 --- a/sys/arm/ti/ti_pruss.c +++ b/sys/arm/ti/ti_pruss.c @@ -704,7 +704,7 @@ ti_pruss_mmap(struct cdev *cdev, vm_ooffset_t offset, vm_paddr_t *paddr, device_t dev = cdev->si_drv1; struct ti_pruss_softc *sc = device_get_softc(dev); - if (offset > rman_get_size(sc->sc_mem_res)) + if (offset >= rman_get_size(sc->sc_mem_res)) return (ENOSPC); *paddr = rman_get_start(sc->sc_mem_res) + offset; *memattr = VM_MEMATTR_UNCACHEABLE; diff --git a/sys/arm64/acpica/acpi_machdep.c b/sys/arm64/acpica/acpi_machdep.c index 28216a86b382..3d423e910a32 100644 --- a/sys/arm64/acpica/acpi_machdep.c +++ b/sys/arm64/acpica/acpi_machdep.c @@ -233,3 +233,16 @@ acpi_map_addr(struct acpi_generic_address *addr, bus_space_tag_t *tag, return (bus_space_map(*tag, phys, size, 0, handle)); } + +#if MAXMEMDOM > 1 +static void +parse_pxm_tables(void *dummy) +{ + + acpi_pxm_init(MAXCPU, (vm_paddr_t)1 << 40); + acpi_pxm_parse_tables(); + acpi_pxm_set_mem_locality(); +} +SYSINIT(parse_pxm_tables, SI_SUB_VM - 1, SI_ORDER_FIRST, parse_pxm_tables, + NULL); +#endif diff --git a/sys/arm64/arm64/machdep.c b/sys/arm64/arm64/machdep.c index 613dcbc53a09..a6592dd75a46 100644 --- a/sys/arm64/arm64/machdep.c +++ b/sys/arm64/arm64/machdep.c @@ -656,13 +656,14 @@ sendsig(sig_t catcher, ksiginfo_t *ksi, sigset_t *mask) fp = (struct sigframe *)STACKALIGN(fp); /* Fill in the frame to copy out */ + bzero(&frame, sizeof(frame)); get_mcontext(td, &frame.sf_uc.uc_mcontext, 0); get_fpcontext(td, &frame.sf_uc.uc_mcontext); frame.sf_si = ksi->ksi_info; frame.sf_uc.uc_sigmask = *mask; - frame.sf_uc.uc_stack.ss_flags = (td->td_pflags & TDP_ALTSTACK) ? - ((onstack) ? SS_ONSTACK : 0) : SS_DISABLE; frame.sf_uc.uc_stack = td->td_sigstk; + frame.sf_uc.uc_stack.ss_flags = (td->td_pflags & TDP_ALTSTACK) != 0 ? + (onstack ? SS_ONSTACK : 0) : SS_DISABLE; mtx_unlock(&psp->ps_mtx); PROC_UNLOCK(td->td_proc); diff --git a/sys/arm64/arm64/mp_machdep.c b/sys/arm64/arm64/mp_machdep.c index ef17ca422771..b887aed3d19b 100644 --- a/sys/arm64/arm64/mp_machdep.c +++ b/sys/arm64/arm64/mp_machdep.c @@ -442,13 +442,15 @@ madt_handler(ACPI_SUBTABLE_HEADER *entry, void *arg) { ACPI_MADT_GENERIC_INTERRUPT *intr; u_int *cpuid; + u_int id; switch(entry->Type) { case ACPI_MADT_TYPE_GENERIC_INTERRUPT: intr = (ACPI_MADT_GENERIC_INTERRUPT *)entry; cpuid = arg; - - start_cpu((*cpuid), intr->ArmMpidr); + id = *cpuid; + start_cpu(id, intr->ArmMpidr); + __pcpu[id].pc_acpi_id = intr->Uid; (*cpuid)++; break; default: @@ -478,6 +480,12 @@ cpu_init_acpi(void) madt_handler, &cpuid); acpi_unmap_table(madt); + +#if MAXMEMDOM > 1 + /* set proximity info */ + acpi_pxm_set_cpu_locality(); + acpi_pxm_free(); +#endif } #endif diff --git a/sys/arm64/conf/GENERIC b/sys/arm64/conf/GENERIC index c626727d5209..0c71c5265e70 100644 --- a/sys/arm64/conf/GENERIC +++ b/sys/arm64/conf/GENERIC @@ -108,6 +108,7 @@ options SOC_CAVM_THUNDERX options SOC_HISI_HI6220 options SOC_BRCM_BCM2837 options SOC_ROCKCHIP_RK3328 +options SOC_ROCKCHIP_RK3399 options SOC_XILINX_ZYNQ # Timer drivers @@ -209,6 +210,8 @@ device bcm2835_bsc # Broadcom BCM283x I2C bus device iicbus device iic device twsi # Allwinner I2C controller +device rk_i2c # RockChip I2C controller +device syr827 # Silergy SYR827 PMIC # Clock and reset controllers device aw_ccu # Allwinner clock controller @@ -225,6 +228,7 @@ device aw_wdog # Allwinner Watchdog # Power management controllers device axp81x # X-Powers AXP81x PMIC +device rk805 # RockChip RK805 PMIC # EFUSE device aw_sid # Allwinner Secure ID EFUSE @@ -242,6 +246,11 @@ device kbdmux device vt_efifb +# EVDEV support +device evdev # input event device support +options EVDEV_SUPPORT # evdev support in legacy drivers +device uinput # install /dev/uinput cdev + # Pseudo devices. device crypto # core crypto support device loop # Network loopback @@ -276,4 +285,4 @@ options FDT device acpi # DTBs -makeoptions MODULES_EXTRA="dtb/allwinner" +makeoptions MODULES_EXTRA="dtb/allwinner dtb/rockchip" diff --git a/sys/arm64/rockchip/clk/rk3328_cru.c b/sys/arm64/rockchip/clk/rk3328_cru.c index 5371c72ea875..afcabd5f75ed 100644 --- a/sys/arm64/rockchip/clk/rk3328_cru.c +++ b/sys/arm64/rockchip/clk/rk3328_cru.c @@ -973,23 +973,23 @@ static struct rk_clk_composite_def i2c3 = { static struct rk_clk rk3328_clks[] = { { - .type = RK_CLK_PLL, + .type = RK3328_CLK_PLL, .clk.pll = &apll }, { - .type = RK_CLK_PLL, + .type = RK3328_CLK_PLL, .clk.pll = &dpll }, { - .type = RK_CLK_PLL, + .type = RK3328_CLK_PLL, .clk.pll = &cpll }, { - .type = RK_CLK_PLL, + .type = RK3328_CLK_PLL, .clk.pll = &gpll }, { - .type = RK_CLK_PLL, + .type = RK3328_CLK_PLL, .clk.pll = &npll }, diff --git a/sys/arm64/rockchip/clk/rk3399_cru.c b/sys/arm64/rockchip/clk/rk3399_cru.c new file mode 100644 index 000000000000..e8185f2b1efc --- /dev/null +++ b/sys/arm64/rockchip/clk/rk3399_cru.c @@ -0,0 +1,1535 @@ +/*- + * SPDX-License-Identifier: BSD-2-Clause-FreeBSD + * + * Copyright (c) 2018 Emmanuel Vadot <manu@freebsd.org> + * Copyright (c) 2018 Greg V <greg@unrelenting.technology> + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED + * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + */ + +#include <sys/cdefs.h> +__FBSDID("$FreeBSD$"); + +#include <sys/param.h> +#include <sys/systm.h> +#include <sys/bus.h> +#include <sys/rman.h> +#include <sys/kernel.h> +#include <sys/module.h> +#include <machine/bus.h> + +#include <dev/fdt/simplebus.h> + +#include <dev/ofw/ofw_bus.h> +#include <dev/ofw/ofw_bus_subr.h> + +#include <dev/extres/clk/clk_div.h> +#include <dev/extres/clk/clk_fixed.h> +#include <dev/extres/clk/clk_mux.h> + +#include <arm64/rockchip/clk/rk_cru.h> + +/* GATES */ + +#define PCLK_GPIO2 336 +#define PCLK_GPIO3 337 +#define PCLK_GPIO4 338 +#define PCLK_I2C1 341 +#define PCLK_I2C2 342 +#define PCLK_I2C3 343 +#define PCLK_I2C5 344 +#define PCLK_I2C6 345 +#define PCLK_I2C7 346 + +static struct rk_cru_gate rk3399_gates[] = { + /* CRU_CLKGATE_CON0 */ + CRU_GATE(0, "clk_core_l_lpll_src", "lpll", 0x300, 0) + CRU_GATE(0, "clk_core_l_bpll_src", "bpll", 0x300, 1) + CRU_GATE(0, "clk_core_l_dpll_src", "dpll", 0x300, 2) + CRU_GATE(0, "clk_core_l_gpll_src", "gpll", 0x300, 3) + + /* CRU_CLKGATE_CON1 */ + CRU_GATE(0, "clk_core_b_lpll_src", "lpll", 0x304, 0) + CRU_GATE(0, "clk_core_b_bpll_src", "bpll", 0x304, 1) + CRU_GATE(0, "clk_core_b_dpll_src", "dpll", 0x304, 2) + CRU_GATE(0, "clk_core_b_gpll_src", "gpll", 0x304, 3) + + /* CRU_CLKGATE_CON5 */ + CRU_GATE(0, "cpll_aclk_perihp_src", "cpll", 0x314, 0) + CRU_GATE(0, "gpll_aclk_perihp_src", "gpll", 0x314, 1) + + /* CRU_CLKGATE_CON7 */ + CRU_GATE(0, "gpll_aclk_perilp0_src", "gpll", 0x31C, 0) + CRU_GATE(0, "cpll_aclk_perilp0_src", "cpll", 0x31C, 1) + + /* CRU_CLKGATE_CON8 */ + CRU_GATE(0, "hclk_perilp1_cpll_src", "cpll", 0x320, 1) + CRU_GATE(0, "hclk_perilp1_gpll_src", "gpll", 0x320, 0) + + /* CRU_CLKGATE_CON22 */ + CRU_GATE(PCLK_I2C7, "pclk_rki2c7", "pclk_perilp1", 0x358, 5) + CRU_GATE(PCLK_I2C1, "pclk_rki2c1", "pclk_perilp1", 0x358, 6) + CRU_GATE(PCLK_I2C5, "pclk_rki2c5", "pclk_perilp1", 0x358, 7) + CRU_GATE(PCLK_I2C6, "pclk_rki2c6", "pclk_perilp1", 0x358, 8) + CRU_GATE(PCLK_I2C2, "pclk_rki2c2", "pclk_perilp1", 0x358, 9) + CRU_GATE(PCLK_I2C3, "pclk_rki2c3", "pclk_perilp1", 0x358, 10) + + /* CRU_CLKGATE_CON31 */ + CRU_GATE(PCLK_GPIO2, "pclk_gpio2", "pclk_alive", 0x37c, 3) + CRU_GATE(PCLK_GPIO3, "pclk_gpio3", "pclk_alive", 0x37c, 4) + CRU_GATE(PCLK_GPIO4, "pclk_gpio4", "pclk_alive", 0x37c, 5) +}; + + +/* + * PLLs + */ + +#define PLL_APLLL 1 +#define PLL_APLLB 2 +#define PLL_DPLL 3 +#define PLL_CPLL 4 +#define PLL_GPLL 5 +#define PLL_NPLL 6 +#define PLL_VPLL 7 + +static struct rk_clk_pll_rate rk3399_pll_rates[] = { + { + .freq = 2208000000, + .refdiv = 1, + .fbdiv = 92, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 2184000000, + .refdiv = 1, + .fbdiv = 91, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 2160000000, + .refdiv = 1, + .fbdiv = 90, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 2136000000, + .refdiv = 1, + .fbdiv = 89, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 2112000000, + .refdiv = 1, + .fbdiv = 88, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 2088000000, + .refdiv = 1, + .fbdiv = 87, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 2064000000, + .refdiv = 1, + .fbdiv = 86, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 2040000000, + .refdiv = 1, + .fbdiv = 85, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 2016000000, + .refdiv = 1, + .fbdiv = 84, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1992000000, + .refdiv = 1, + .fbdiv = 83, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1968000000, + .refdiv = 1, + .fbdiv = 82, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1944000000, + .refdiv = 1, + .fbdiv = 81, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1920000000, + .refdiv = 1, + .fbdiv = 80, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1896000000, + .refdiv = 1, + .fbdiv = 79, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1872000000, + .refdiv = 1, + .fbdiv = 78, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1848000000, + .refdiv = 1, + .fbdiv = 77, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1824000000, + .refdiv = 1, + .fbdiv = 76, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1800000000, + .refdiv = 1, + .fbdiv = 75, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1776000000, + .refdiv = 1, + .fbdiv = 74, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1752000000, + .refdiv = 1, + .fbdiv = 73, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1728000000, + .refdiv = 1, + .fbdiv = 72, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1704000000, + .refdiv = 1, + .fbdiv = 71, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1680000000, + .refdiv = 1, + .fbdiv = 70, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1656000000, + .refdiv = 1, + .fbdiv = 69, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1632000000, + .refdiv = 1, + .fbdiv = 68, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1608000000, + .refdiv = 1, + .fbdiv = 67, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1600000000, + .refdiv = 3, + .fbdiv = 200, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1584000000, + .refdiv = 1, + .fbdiv = 66, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1560000000, + .refdiv = 1, + .fbdiv = 65, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1536000000, + .refdiv = 1, + .fbdiv = 64, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1512000000, + .refdiv = 1, + .fbdiv = 63, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1488000000, + .refdiv = 1, + .fbdiv = 62, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1464000000, + .refdiv = 1, + .fbdiv = 61, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1440000000, + .refdiv = 1, + .fbdiv = 60, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1416000000, + .refdiv = 1, + .fbdiv = 59, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1392000000, + .refdiv = 1, + .fbdiv = 58, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1368000000, + .refdiv = 1, + .fbdiv = 57, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1344000000, + .refdiv = 1, + .fbdiv = 56, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1320000000, + .refdiv = 1, + .fbdiv = 55, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1296000000, + .refdiv = 1, + .fbdiv = 54, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1272000000, + .refdiv = 1, + .fbdiv = 53, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1248000000, + .refdiv = 1, + .fbdiv = 52, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1200000000, + .refdiv = 1, + .fbdiv = 50, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1188000000, + .refdiv = 2, + .fbdiv = 99, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1104000000, + .refdiv = 1, + .fbdiv = 46, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1100000000, + .refdiv = 12, + .fbdiv = 550, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1008000000, + .refdiv = 1, + .fbdiv = 84, + .postdiv1 = 2, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1000000000, + .refdiv = 1, + .fbdiv = 125, + .postdiv1 = 3, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 984000000, + .refdiv = 1, + .fbdiv = 82, + .postdiv1 = 2, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 960000000, + .refdiv = 1, + .fbdiv = 80, + .postdiv1 = 2, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 936000000, + .refdiv = 1, + .fbdiv = 78, + .postdiv1 = 2, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 912000000, + .refdiv = 1, + .fbdiv = 76, + .postdiv1 = 2, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 900000000, + .refdiv = 4, + .fbdiv = 300, + .postdiv1 = 2, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 888000000, + .refdiv = 1, + .fbdiv = 74, + .postdiv1 = 2, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 864000000, + .refdiv = 1, + .fbdiv = 72, + .postdiv1 = 2, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 840000000, + .refdiv = 1, + .fbdiv = 70, + .postdiv1 = 2, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 816000000, + .refdiv = 1, + .fbdiv = 68, + .postdiv1 = 2, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 800000000, + .refdiv = 1, + .fbdiv = 100, + .postdiv1 = 3, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 700000000, + .refdiv = 6, + .fbdiv = 350, + .postdiv1 = 2, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 696000000, + .refdiv = 1, + .fbdiv = 58, + .postdiv1 = 2, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 676000000, + .refdiv = 3, + .fbdiv = 169, + .postdiv1 = 2, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 600000000, + .refdiv = 1, + .fbdiv = 75, + .postdiv1 = 3, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 594000000, + .refdiv = 1, + .fbdiv = 99, + .postdiv1 = 4, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 533250000, + .refdiv = 8, + .fbdiv = 711, + .postdiv1 = 4, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 504000000, + .refdiv = 1, + .fbdiv = 63, + .postdiv1 = 3, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 500000000, + .refdiv = 6, + .fbdiv = 250, + .postdiv1 = 2, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 408000000, + .refdiv = 1, + .fbdiv = 68, + .postdiv1 = 2, + .postdiv2 = 2, + .dsmpd = 1, + }, + { + .freq = 312000000, + .refdiv = 1, + .fbdiv = 52, + .postdiv1 = 2, + .postdiv2 = 2, + .dsmpd = 1, + }, + { + .freq = 297000000, + .refdiv = 1, + .fbdiv = 99, + .postdiv1 = 4, + .postdiv2 = 2, + .dsmpd = 1, + }, + { + .freq = 216000000, + .refdiv = 1, + .fbdiv = 72, + .postdiv1 = 4, + .postdiv2 = 2, + .dsmpd = 1, + }, + { + .freq = 148500000, + .refdiv = 1, + .fbdiv = 99, + .postdiv1 = 4, + .postdiv2 = 4, + .dsmpd = 1, + }, + { + .freq = 106500000, + .refdiv = 1, + .fbdiv = 71, + .postdiv1 = 4, + .postdiv2 = 4, + .dsmpd = 1, + }, + { + .freq = 96000000, + .refdiv = 1, + .fbdiv = 64, + .postdiv1 = 4, + .postdiv2 = 4, + .dsmpd = 1, + }, + { + .freq = 74250000, + .refdiv = 2, + .fbdiv = 99, + .postdiv1 = 4, + .postdiv2 = 4, + .dsmpd = 1, + }, + { + .freq = 65000000, + .refdiv = 1, + .fbdiv = 65, + .postdiv1 = 6, + .postdiv2 = 4, + .dsmpd = 1, + }, + { + .freq = 54000000, + .refdiv = 1, + .fbdiv = 54, + .postdiv1 = 6, + .postdiv2 = 4, + .dsmpd = 1, + }, + { + .freq = 27000000, + .refdiv = 1, + .fbdiv = 27, + .postdiv1 = 6, + .postdiv2 = 4, + .dsmpd = 1, + }, + {}, +}; + +static const char *pll_parents[] = {"xin24m"}; + +static struct rk_clk_pll_def lpll = { + .clkdef = { + .id = PLL_APLLL, + .name = "lpll", + .parent_names = pll_parents, + .parent_cnt = nitems(pll_parents), + }, + .base_offset = 0x00, + .gate_offset = 0x300, + .gate_shift = 0, + .flags = RK_CLK_PLL_HAVE_GATE, + .rates = rk3399_pll_rates, +}; + +static struct rk_clk_pll_def bpll = { + .clkdef = { + .id = PLL_APLLB, + .name = "bpll", + .parent_names = pll_parents, + .parent_cnt = nitems(pll_parents), + }, + .base_offset = 0x20, + .gate_offset = 0x300, + .gate_shift = 1, + .flags = RK_CLK_PLL_HAVE_GATE, + .rates = rk3399_pll_rates, +}; + +static struct rk_clk_pll_def dpll = { + .clkdef = { + .id = PLL_DPLL, + .name = "dpll", + .parent_names = pll_parents, + .parent_cnt = nitems(pll_parents), + }, + .base_offset = 0x40, + .gate_offset = 0x300, + .gate_shift = 2, + .flags = RK_CLK_PLL_HAVE_GATE, + .rates = rk3399_pll_rates, +}; + + +static struct rk_clk_pll_def cpll = { + .clkdef = { + .id = PLL_CPLL, + .name = "cpll", + .parent_names = pll_parents, + .parent_cnt = nitems(pll_parents), + }, + .base_offset = 0x60, + .rates = rk3399_pll_rates, +}; + +static struct rk_clk_pll_def gpll = { + .clkdef = { + .id = PLL_GPLL, + .name = "gpll", + .parent_names = pll_parents, + .parent_cnt = nitems(pll_parents), + }, + .base_offset = 0x80, + .gate_offset = 0x300, + .gate_shift = 3, + .flags = RK_CLK_PLL_HAVE_GATE, + .rates = rk3399_pll_rates, +}; + +static struct rk_clk_pll_def npll = { + .clkdef = { + .id = PLL_NPLL, + .name = "npll", + .parent_names = pll_parents, + .parent_cnt = nitems(pll_parents), + }, + .base_offset = 0xa0, + .rates = rk3399_pll_rates, +}; + +static struct rk_clk_pll_def vpll = { + .clkdef = { + .id = PLL_VPLL, + .name = "vpll", + .parent_names = pll_parents, + .parent_cnt = nitems(pll_parents), + }, + .base_offset = 0xc0, + .rates = rk3399_pll_rates, +}; + +#define ACLK_PERIHP 192 +#define HCLK_PERIHP 448 +#define PCLK_PERIHP 320 + +static const char *aclk_perihp_parents[] = {"cpll_aclk_perihp_src", "gpll_aclk_perihp_src"}; + +static struct rk_clk_composite_def aclk_perihp = { + .clkdef = { + .id = ACLK_PERIHP, + .name = "aclk_perihp", + .parent_names = aclk_perihp_parents, + .parent_cnt = nitems(aclk_perihp_parents), + }, + /* CRU_CLKSEL_CON14 */ + .muxdiv_offset = 0x138, + + .mux_shift = 7, + .mux_width = 1, + + .div_shift = 0, + .div_width = 5, + + /* CRU_CLKGATE_CON5 */ + .gate_offset = 0x314, + .gate_shift = 2, + + .flags = RK_CLK_COMPOSITE_HAVE_MUX | RK_CLK_COMPOSITE_HAVE_GATE, +}; + +static const char *hclk_pclk_perihp_parents[] = {"aclk_perihp"}; + +static struct rk_clk_composite_def hclk_perihp = { + .clkdef = { + .id = HCLK_PERIHP, + .name = "hclk_perihp", + .parent_names = hclk_pclk_perihp_parents, + .parent_cnt = nitems(hclk_pclk_perihp_parents), + }, + /* CRU_CLKSEL_CON14 */ + .muxdiv_offset = 0x138, + + .div_shift = 8, + .div_width = 2, + + /* CRU_CLKGATE_CON5 */ + .gate_offset = 0x314, + .gate_shift = 3, + + .flags = RK_CLK_COMPOSITE_HAVE_MUX | RK_CLK_COMPOSITE_HAVE_GATE, +}; + +static struct rk_clk_composite_def pclk_perihp = { + .clkdef = { + .id = PCLK_PERIHP, + .name = "pclk_perihp", + .parent_names = hclk_pclk_perihp_parents, + .parent_cnt = nitems(hclk_pclk_perihp_parents), + }, + /* CRU_CLKSEL_CON14 */ + .muxdiv_offset = 0x138, + + .div_shift = 12, + .div_width = 3, + + /* CRU_CLKGATE_CON5 */ + .gate_offset = 0x314, + .gate_shift = 4, + + .flags = RK_CLK_COMPOSITE_HAVE_MUX | RK_CLK_COMPOSITE_HAVE_GATE, +}; + +#define ACLK_PERILP0 194 +#define HCLK_PERILP0 449 +#define PCLK_PERILP0 322 + +static const char *aclk_perilp0_parents[] = {"cpll_aclk_perilp0_src", "gpll_aclk_perilp0_src"}; + +static struct rk_clk_composite_def aclk_perilp0 = { + .clkdef = { + .id = ACLK_PERILP0, + .name = "aclk_perilp0", + .parent_names = aclk_perilp0_parents, + .parent_cnt = nitems(aclk_perilp0_parents), + }, + /* CRU_CLKSEL_CON14 */ + .muxdiv_offset = 0x15C, + + .mux_shift = 7, + .mux_width = 1, + + .div_shift = 0, + .div_width = 5, + + /* CRU_CLKGATE_CON7 */ + .gate_offset = 0x31C, + .gate_shift = 2, + + .flags = RK_CLK_COMPOSITE_HAVE_MUX | RK_CLK_COMPOSITE_HAVE_GATE, +}; + +static const char *hclk_pclk_perilp0_parents[] = {"aclk_perilp0"}; + +static struct rk_clk_composite_def hclk_perilp0 = { + .clkdef = { + .id = HCLK_PERILP0, + .name = "hclk_perilp0", + .parent_names = hclk_pclk_perilp0_parents, + .parent_cnt = nitems(hclk_pclk_perilp0_parents), + }, + /* CRU_CLKSEL_CON23 */ + .muxdiv_offset = 0x15C, + + .div_shift = 8, + .div_width = 2, + + /* CRU_CLKGATE_CON7 */ + .gate_offset = 0x31C, + .gate_shift = 3, + + .flags = RK_CLK_COMPOSITE_HAVE_MUX | RK_CLK_COMPOSITE_HAVE_GATE, +}; + +static struct rk_clk_composite_def pclk_perilp0 = { + .clkdef = { + .id = PCLK_PERILP0, + .name = "pclk_perilp0", + .parent_names = hclk_pclk_perilp0_parents, + .parent_cnt = nitems(hclk_pclk_perilp0_parents), + }, + /* CRU_CLKSEL_CON23 */ + .muxdiv_offset = 0x15C, + + .div_shift = 12, + .div_width = 3, + + /* CRU_CLKGATE_CON7 */ + .gate_offset = 0x31C, + .gate_shift = 4, + + .flags = RK_CLK_COMPOSITE_HAVE_MUX | RK_CLK_COMPOSITE_HAVE_GATE, +}; + +/* + * misc + */ +#define PCLK_ALIVE 390 + +static const char *alive_parents[] = {"gpll"}; + +static struct rk_clk_composite_def pclk_alive = { + .clkdef = { + .id = PCLK_ALIVE, + .name = "pclk_alive", + .parent_names = alive_parents, + .parent_cnt = nitems(alive_parents), + }, + /* CRU_CLKSEL_CON57 */ + .muxdiv_offset = 0x01e4, + + .div_shift = 0, + .div_width = 5, +}; + +#define HCLK_PERILP1 450 +#define PCLK_PERILP1 323 + +static const char *hclk_perilp1_parents[] = {"cpll", "gpll"}; + +static struct rk_clk_composite_def hclk_perilp1 = { + .clkdef = { + .id = HCLK_PERILP1, + .name = "hclk_perilp1", + .parent_names = hclk_perilp1_parents, + .parent_cnt = nitems(hclk_perilp1_parents), + }, + /* CRU_CLKSEL_CON25 */ + .muxdiv_offset = 0x164, + .mux_shift = 7, + .mux_width = 1, + + .div_shift = 0, + .div_width = 5, + + .flags = RK_CLK_COMPOSITE_HAVE_MUX, +}; + +static const char *pclk_perilp1_parents[] = {"hclk_perilp1"}; + +static struct rk_clk_composite_def pclk_perilp1 = { + .clkdef = { + .id = PCLK_PERILP1, + .name = "pclk_perilp1", + .parent_names = pclk_perilp1_parents, + .parent_cnt = nitems(pclk_perilp1_parents), + }, + /* CRU_CLKSEL_CON25 */ + .muxdiv_offset = 0x164, + + .div_shift = 8, + .div_width = 3, + + /* CRU_CLKGATE_CON8 */ + .gate_offset = 0x320, + .gate_shift = 2, + + .flags = RK_CLK_COMPOSITE_HAVE_GATE, +}; + +/* + * i2c + */ +static const char *i2c_parents[] = {"cpll", "gpll"}; + +#define SCLK_I2C1 65 +#define SCLK_I2C2 66 +#define SCLK_I2C3 67 +#define SCLK_I2C5 68 +#define SCLK_I2C6 69 +#define SCLK_I2C7 70 + +static struct rk_clk_composite_def i2c1 = { + .clkdef = { + .id = SCLK_I2C1, + .name = "clk_i2c1", + .parent_names = i2c_parents, + .parent_cnt = nitems(i2c_parents), + }, + /* CRU_CLKSEL_CON61 */ + .muxdiv_offset = 0x01f4, + .mux_shift = 7, + .mux_width = 1, + + .div_shift = 0, + .div_width = 7, + + /* CRU_CLKGATE_CON10 */ + .gate_offset = 0x0328, + .gate_shift = 0, + + .flags = RK_CLK_COMPOSITE_HAVE_MUX | RK_CLK_COMPOSITE_HAVE_GATE, +}; + +static struct rk_clk_composite_def i2c2 = { + .clkdef = { + .id = SCLK_I2C2, + .name = "clk_i2c2", + .parent_names = i2c_parents, + .parent_cnt = nitems(i2c_parents), + }, + /* CRU_CLKSEL_CON62 */ + .muxdiv_offset = 0x01f8, + .mux_shift = 7, + .mux_width = 1, + + .div_shift = 0, + .div_width = 7, + + /* CRU_CLKGATE_CON10 */ + .gate_offset = 0x0328, + .gate_shift = 2, + + .flags = RK_CLK_COMPOSITE_HAVE_MUX | RK_CLK_COMPOSITE_HAVE_GATE, +}; + +static struct rk_clk_composite_def i2c3 = { + .clkdef = { + .id = SCLK_I2C3, + .name = "clk_i2c3", + .parent_names = i2c_parents, + .parent_cnt = nitems(i2c_parents), + }, + /* CRU_CLKSEL_CON63 */ + .muxdiv_offset = 0x01fc, + .mux_shift = 7, + .mux_width = 1, + + .div_shift = 0, + .div_width = 7, + + /* CRU_CLKGATE_CON10 */ + .gate_offset = 0x0328, + .gate_shift = 4, + + .flags = RK_CLK_COMPOSITE_HAVE_MUX | RK_CLK_COMPOSITE_HAVE_GATE, +}; + +static struct rk_clk_composite_def i2c5 = { + .clkdef = { + .id = SCLK_I2C5, + .name = "clk_i2c5", + .parent_names = i2c_parents, + .parent_cnt = nitems(i2c_parents), + }, + /* CRU_CLKSEL_CON61 */ + .muxdiv_offset = 0x01f4, + .mux_shift = 15, + .mux_width = 1, + + .div_shift = 8, + .div_width = 7, + + /* CRU_CLKGATE_CON10 */ + .gate_offset = 0x0328, + .gate_shift = 1, + + .flags = RK_CLK_COMPOSITE_HAVE_MUX | RK_CLK_COMPOSITE_HAVE_GATE, +}; + +static struct rk_clk_composite_def i2c6 = { + .clkdef = { + .id = SCLK_I2C6, + .name = "clk_i2c6", + .parent_names = i2c_parents, + .parent_cnt = nitems(i2c_parents), + }, + /* CRU_CLKSEL_CON62 */ + .muxdiv_offset = 0x01f8, + .mux_shift = 15, + .mux_width = 1, + + .div_shift = 8, + .div_width = 7, + + /* CRU_CLKGATE_CON10 */ + .gate_offset = 0x0328, + .gate_shift = 3, + + .flags = RK_CLK_COMPOSITE_HAVE_MUX | RK_CLK_COMPOSITE_HAVE_GATE, +}; + +static struct rk_clk_composite_def i2c7 = { + .clkdef = { + .id = SCLK_I2C7, + .name = "clk_i2c7", + .parent_names = i2c_parents, + .parent_cnt = nitems(i2c_parents), + }, + /* CRU_CLKSEL_CON63 */ + .muxdiv_offset = 0x01fc, + .mux_shift = 15, + .mux_width = 1, + + .div_shift = 8, + .div_width = 7, + + /* CRU_CLKGATE_CON10 */ + .gate_offset = 0x0328, + .gate_shift = 5, + + .flags = RK_CLK_COMPOSITE_HAVE_MUX | RK_CLK_COMPOSITE_HAVE_GATE, +}; + +/* + * ARM CPU clocks (LITTLE and big) + */ +#define ARMCLKL 8 +#define ARMCLKB 9 + +static const char *armclk_parents[] = {"lpll", "bpll", "dpll", "gpll"}; + +static struct rk_clk_armclk_rates rk3399_armclkl_rates[] = { + { + .freq = 1800000000, + .div = 1, + }, + { + .freq = 1704000000, + .div = 1, + }, + { + .freq = 1608000000, + .div = 1, + }, + { + .freq = 1512000000, + .div = 1, + }, + { + .freq = 1488000000, + .div = 1, + }, + { + .freq = 1416000000, + .div = 1, + }, + { + .freq = 1200000000, + .div = 1, + }, + { + .freq = 1008000000, + .div = 1, + }, + { + .freq = 816000000, + .div = 1, + }, + { + .freq = 696000000, + .div = 1, + }, + { + .freq = 600000000, + .div = 1, + }, + { + .freq = 408000000, + .div = 1, + }, + { + .freq = 312000000, + .div = 1, + }, + { + .freq = 216000000, + .div = 1, + }, + { + .freq = 96000000, + .div = 1, + }, +}; + +static struct rk_clk_armclk_def armclk_l = { + .clkdef = { + .id = ARMCLKL, + .name = "armclkl", + .parent_names = armclk_parents, + .parent_cnt = nitems(armclk_parents), + }, + /* CRU_CLKSEL_CON0 */ + .muxdiv_offset = 0x100, + .mux_shift = 6, + .mux_width = 2, + + .div_shift = 0, + .div_width = 5, + + .flags = RK_CLK_COMPOSITE_HAVE_MUX, + .main_parent = 0, + .alt_parent = 3, + + .rates = rk3399_armclkl_rates, + .nrates = nitems(rk3399_armclkl_rates), +}; + +static struct rk_clk_armclk_rates rk3399_armclkb_rates[] = { + { + .freq = 2208000000, + .div = 1, + }, + { + .freq = 2184000000, + .div = 1, + }, + { + .freq = 2088000000, + .div = 1, + }, + { + .freq = 2040000000, + .div = 1, + }, + { + .freq = 2016000000, + .div = 1, + }, + { + .freq = 1992000000, + .div = 1, + }, + { + .freq = 1896000000, + .div = 1, + }, + { + .freq = 1800000000, + .div = 1, + }, + { + .freq = 1704000000, + .div = 1, + }, + { + .freq = 1608000000, + .div = 1, + }, + { + .freq = 1512000000, + .div = 1, + }, + { + .freq = 1488000000, + .div = 1, + }, + { + .freq = 1416000000, + .div = 1, + }, + { + .freq = 1200000000, + .div = 1, + }, + { + .freq = 1008000000, + .div = 1, + }, + { + .freq = 816000000, + .div = 1, + }, + { + .freq = 696000000, + .div = 1, + }, + { + .freq = 600000000, + .div = 1, + }, + { + .freq = 408000000, + .div = 1, + }, + { + .freq = 312000000, + .div = 1, + }, + { + .freq = 216000000, + .div = 1, + }, + { + .freq = 96000000, + .div = 1, + }, +}; + +static struct rk_clk_armclk_def armclk_b = { + .clkdef = { + .id = ARMCLKB, + .name = "armclkb", + .parent_names = armclk_parents, + .parent_cnt = nitems(armclk_parents), + }, + .muxdiv_offset = 0x108, + .mux_shift = 6, + .mux_width = 2, + + .div_shift = 0, + .div_width = 5, + + .flags = RK_CLK_COMPOSITE_HAVE_MUX, + .main_parent = 1, + .alt_parent = 3, + + .rates = rk3399_armclkb_rates, + .nrates = nitems(rk3399_armclkb_rates), +}; + +static struct rk_clk rk3399_clks[] = { + { + .type = RK3399_CLK_PLL, + .clk.pll = &lpll + }, + { + .type = RK3399_CLK_PLL, + .clk.pll = &bpll + }, + { + .type = RK3399_CLK_PLL, + .clk.pll = &dpll + }, + { + .type = RK3399_CLK_PLL, + .clk.pll = &cpll + }, + { + .type = RK3399_CLK_PLL, + .clk.pll = &gpll + }, + { + .type = RK3399_CLK_PLL, + .clk.pll = &npll + }, + { + .type = RK3399_CLK_PLL, + .clk.pll = &vpll + }, + + { + .type = RK_CLK_COMPOSITE, + .clk.composite = &aclk_perihp, + }, + { + .type = RK_CLK_COMPOSITE, + .clk.composite = &hclk_perihp, + }, + { + .type = RK_CLK_COMPOSITE, + .clk.composite = &pclk_perihp, + }, + { + .type = RK_CLK_COMPOSITE, + .clk.composite = &aclk_perilp0, + }, + { + .type = RK_CLK_COMPOSITE, + .clk.composite = &hclk_perilp0, + }, + { + .type = RK_CLK_COMPOSITE, + .clk.composite = &pclk_perilp0, + }, + { + .type = RK_CLK_COMPOSITE, + .clk.composite = &pclk_alive, + }, + { + .type = RK_CLK_COMPOSITE, + .clk.composite = &hclk_perilp1, + }, + { + .type = RK_CLK_COMPOSITE, + .clk.composite = &pclk_perilp1, + }, + { + .type = RK_CLK_COMPOSITE, + .clk.composite = &i2c1, + }, + { + .type = RK_CLK_COMPOSITE, + .clk.composite = &i2c2, + }, + { + .type = RK_CLK_COMPOSITE, + .clk.composite = &i2c3, + }, + { + .type = RK_CLK_COMPOSITE, + .clk.composite = &i2c5, + }, + { + .type = RK_CLK_COMPOSITE, + .clk.composite = &i2c6, + }, + { + .type = RK_CLK_COMPOSITE, + .clk.composite = &i2c7, + }, + + { + .type = RK_CLK_ARMCLK, + .clk.armclk = &armclk_l, + }, + { + .type = RK_CLK_ARMCLK, + .clk.armclk = &armclk_b, + }, +}; + +static int +rk3399_cru_probe(device_t dev) +{ + + if (!ofw_bus_status_okay(dev)) + return (ENXIO); + + if (ofw_bus_is_compatible(dev, "rockchip,rk3399-cru")) { + device_set_desc(dev, "Rockchip RK3399 Clock and Reset Unit"); + return (BUS_PROBE_DEFAULT); + } + + return (ENXIO); +} + +static int +rk3399_cru_attach(device_t dev) +{ + struct rk_cru_softc *sc; + + sc = device_get_softc(dev); + sc->dev = dev; + + sc->gates = rk3399_gates; + sc->ngates = nitems(rk3399_gates); + + sc->clks = rk3399_clks; + sc->nclks = nitems(rk3399_clks); + + return (rk_cru_attach(dev)); +} + +static device_method_t rk3399_cru_methods[] = { + /* Device interface */ + DEVMETHOD(device_probe, rk3399_cru_probe), + DEVMETHOD(device_attach, rk3399_cru_attach), + + DEVMETHOD_END +}; + +static devclass_t rk3399_cru_devclass; + +DEFINE_CLASS_1(rk3399_cru, rk3399_cru_driver, rk3399_cru_methods, + sizeof(struct rk_cru_softc), rk_cru_driver); + +EARLY_DRIVER_MODULE(rk3399_cru, simplebus, rk3399_cru_driver, + rk3399_cru_devclass, 0, 0, BUS_PASS_BUS + BUS_PASS_ORDER_MIDDLE); diff --git a/sys/arm64/rockchip/clk/rk3399_pmucru.c b/sys/arm64/rockchip/clk/rk3399_pmucru.c new file mode 100644 index 000000000000..d85885cf1f0b --- /dev/null +++ b/sys/arm64/rockchip/clk/rk3399_pmucru.c @@ -0,0 +1,866 @@ +/*- + * SPDX-License-Identifier: BSD-2-Clause-FreeBSD + * + * Copyright (c) 2018 Emmanuel Vadot <manu@freebsd.org> + * Copyright (c) 2018 Greg V <greg@unrelenting.technology> + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED + * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + */ + +#include <sys/cdefs.h> +__FBSDID("$FreeBSD$"); + +#include <sys/param.h> +#include <sys/systm.h> +#include <sys/bus.h> +#include <sys/rman.h> +#include <sys/kernel.h> +#include <sys/module.h> +#include <machine/bus.h> + +#include <dev/fdt/simplebus.h> + +#include <dev/ofw/ofw_bus.h> +#include <dev/ofw/ofw_bus_subr.h> + +#include <dev/extres/clk/clk_div.h> +#include <dev/extres/clk/clk_fixed.h> +#include <dev/extres/clk/clk_mux.h> + +#include <arm64/rockchip/clk/rk_cru.h> + +/* GATES */ + +#define PCLK_PMU 20 +#define PCLK_GPIO0_PMU 23 +#define PCLK_GPIO1_PMU 24 +#define PCLK_I2C0_PMU 27 +#define PCLK_I2C4_PMU 28 +#define PCLK_I2C8_PMU 29 + +static struct rk_cru_gate rk3399_pmu_gates[] = { + /* PMUCRU_CLKGATE_CON1 */ + CRU_GATE(PCLK_PMU, "pclk_pmu", "pclk_pmu_src", 0x104, 0) + CRU_GATE(PCLK_GPIO0_PMU, "pclk_gpio0_pmu", "pclk_pmu_src", 0x104, 3) + CRU_GATE(PCLK_GPIO1_PMU, "pclk_gpio1_pmu", "pclk_pmu_src", 0x104, 4) + CRU_GATE(PCLK_I2C0_PMU, "pclk_i2c0_pmu", "pclk_pmu_src", 0x104, 7) + CRU_GATE(PCLK_I2C4_PMU, "pclk_i2c4_pmu", "pclk_pmu_src", 0x104, 8) + CRU_GATE(PCLK_I2C8_PMU, "pclk_i2c8_pmu", "pclk_pmu_src", 0x104, 9) +}; + + +/* + * PLLs + */ + +#define PLL_PPLL 1 + +static struct rk_clk_pll_rate rk3399_pll_rates[] = { + { + .freq = 2208000000, + .refdiv = 1, + .fbdiv = 92, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 2184000000, + .refdiv = 1, + .fbdiv = 91, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 2160000000, + .refdiv = 1, + .fbdiv = 90, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 2136000000, + .refdiv = 1, + .fbdiv = 89, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 2112000000, + .refdiv = 1, + .fbdiv = 88, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 2088000000, + .refdiv = 1, + .fbdiv = 87, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 2064000000, + .refdiv = 1, + .fbdiv = 86, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 2040000000, + .refdiv = 1, + .fbdiv = 85, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 2016000000, + .refdiv = 1, + .fbdiv = 84, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1992000000, + .refdiv = 1, + .fbdiv = 83, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1968000000, + .refdiv = 1, + .fbdiv = 82, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1944000000, + .refdiv = 1, + .fbdiv = 81, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1920000000, + .refdiv = 1, + .fbdiv = 80, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1896000000, + .refdiv = 1, + .fbdiv = 79, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1872000000, + .refdiv = 1, + .fbdiv = 78, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1848000000, + .refdiv = 1, + .fbdiv = 77, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1824000000, + .refdiv = 1, + .fbdiv = 76, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1800000000, + .refdiv = 1, + .fbdiv = 75, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1776000000, + .refdiv = 1, + .fbdiv = 74, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1752000000, + .refdiv = 1, + .fbdiv = 73, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1728000000, + .refdiv = 1, + .fbdiv = 72, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1704000000, + .refdiv = 1, + .fbdiv = 71, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1680000000, + .refdiv = 1, + .fbdiv = 70, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1656000000, + .refdiv = 1, + .fbdiv = 69, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1632000000, + .refdiv = 1, + .fbdiv = 68, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1608000000, + .refdiv = 1, + .fbdiv = 67, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1600000000, + .refdiv = 3, + .fbdiv = 200, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1584000000, + .refdiv = 1, + .fbdiv = 66, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1560000000, + .refdiv = 1, + .fbdiv = 65, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1536000000, + .refdiv = 1, + .fbdiv = 64, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1512000000, + .refdiv = 1, + .fbdiv = 63, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1488000000, + .refdiv = 1, + .fbdiv = 62, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1464000000, + .refdiv = 1, + .fbdiv = 61, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1440000000, + .refdiv = 1, + .fbdiv = 60, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1416000000, + .refdiv = 1, + .fbdiv = 59, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1392000000, + .refdiv = 1, + .fbdiv = 58, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1368000000, + .refdiv = 1, + .fbdiv = 57, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1344000000, + .refdiv = 1, + .fbdiv = 56, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1320000000, + .refdiv = 1, + .fbdiv = 55, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1296000000, + .refdiv = 1, + .fbdiv = 54, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1272000000, + .refdiv = 1, + .fbdiv = 53, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1248000000, + .refdiv = 1, + .fbdiv = 52, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1200000000, + .refdiv = 1, + .fbdiv = 50, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1188000000, + .refdiv = 2, + .fbdiv = 99, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1104000000, + .refdiv = 1, + .fbdiv = 46, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1100000000, + .refdiv = 12, + .fbdiv = 550, + .postdiv1 = 1, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1008000000, + .refdiv = 1, + .fbdiv = 84, + .postdiv1 = 2, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 1000000000, + .refdiv = 1, + .fbdiv = 125, + .postdiv1 = 3, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 984000000, + .refdiv = 1, + .fbdiv = 82, + .postdiv1 = 2, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 960000000, + .refdiv = 1, + .fbdiv = 80, + .postdiv1 = 2, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 936000000, + .refdiv = 1, + .fbdiv = 78, + .postdiv1 = 2, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 912000000, + .refdiv = 1, + .fbdiv = 76, + .postdiv1 = 2, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 900000000, + .refdiv = 4, + .fbdiv = 300, + .postdiv1 = 2, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 888000000, + .refdiv = 1, + .fbdiv = 74, + .postdiv1 = 2, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 864000000, + .refdiv = 1, + .fbdiv = 72, + .postdiv1 = 2, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 840000000, + .refdiv = 1, + .fbdiv = 70, + .postdiv1 = 2, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 816000000, + .refdiv = 1, + .fbdiv = 68, + .postdiv1 = 2, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 800000000, + .refdiv = 1, + .fbdiv = 100, + .postdiv1 = 3, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 700000000, + .refdiv = 6, + .fbdiv = 350, + .postdiv1 = 2, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 696000000, + .refdiv = 1, + .fbdiv = 58, + .postdiv1 = 2, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 676000000, + .refdiv = 3, + .fbdiv = 169, + .postdiv1 = 2, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 600000000, + .refdiv = 1, + .fbdiv = 75, + .postdiv1 = 3, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 594000000, + .refdiv = 1, + .fbdiv = 99, + .postdiv1 = 4, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 533250000, + .refdiv = 8, + .fbdiv = 711, + .postdiv1 = 4, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 504000000, + .refdiv = 1, + .fbdiv = 63, + .postdiv1 = 3, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 500000000, + .refdiv = 6, + .fbdiv = 250, + .postdiv1 = 2, + .postdiv2 = 1, + .dsmpd = 1, + }, + { + .freq = 408000000, + .refdiv = 1, + .fbdiv = 68, + .postdiv1 = 2, + .postdiv2 = 2, + .dsmpd = 1, + }, + { + .freq = 312000000, + .refdiv = 1, + .fbdiv = 52, + .postdiv1 = 2, + .postdiv2 = 2, + .dsmpd = 1, + }, + { + .freq = 297000000, + .refdiv = 1, + .fbdiv = 99, + .postdiv1 = 4, + .postdiv2 = 2, + .dsmpd = 1, + }, + { + .freq = 216000000, + .refdiv = 1, + .fbdiv = 72, + .postdiv1 = 4, + .postdiv2 = 2, + .dsmpd = 1, + }, + { + .freq = 148500000, + .refdiv = 1, + .fbdiv = 99, + .postdiv1 = 4, + .postdiv2 = 4, + .dsmpd = 1, + }, + { + .freq = 106500000, + .refdiv = 1, + .fbdiv = 71, + .postdiv1 = 4, + .postdiv2 = 4, + .dsmpd = 1, + }, + { + .freq = 96000000, + .refdiv = 1, + .fbdiv = 64, + .postdiv1 = 4, + .postdiv2 = 4, + .dsmpd = 1, + }, + { + .freq = 74250000, + .refdiv = 2, + .fbdiv = 99, + .postdiv1 = 4, + .postdiv2 = 4, + .dsmpd = 1, + }, + { + .freq = 65000000, + .refdiv = 1, + .fbdiv = 65, + .postdiv1 = 6, + .postdiv2 = 4, + .dsmpd = 1, + }, + { + .freq = 54000000, + .refdiv = 1, + .fbdiv = 54, + .postdiv1 = 6, + .postdiv2 = 4, + .dsmpd = 1, + }, + { + .freq = 27000000, + .refdiv = 1, + .fbdiv = 27, + .postdiv1 = 6, + .postdiv2 = 4, + .dsmpd = 1, + }, + {}, +}; + +static const char *pll_parents[] = {"xin24m"}; + +static struct rk_clk_pll_def ppll = { + .clkdef = { + .id = PLL_PPLL, + .name = "ppll", + .parent_names = pll_parents, + .parent_cnt = nitems(pll_parents), + }, + .base_offset = 0x00, + + .rates = rk3399_pll_rates, +}; + +static const char *pmu_parents[] = {"ppll"}; + +#define PCLK_PMU_SRC 19 + +static struct rk_clk_composite_def pclk_pmu_src = { + .clkdef = { + .id = PCLK_PMU_SRC, + .name = "pclk_pmu_src", + .parent_names = pmu_parents, + .parent_cnt = nitems(pmu_parents), + }, + /* PMUCRU_CLKSEL_CON0 */ + .muxdiv_offset = 0x80, + + .div_shift = 0, + .div_width = 5, +}; + + +#define SCLK_I2C0_PMU 9 +#define SCLK_I2C4_PMU 10 +#define SCLK_I2C8_PMU 11 + +static struct rk_clk_composite_def i2c0 = { + .clkdef = { + .id = SCLK_I2C0_PMU, + .name = "clk_i2c0_pmu", + .parent_names = pmu_parents, + .parent_cnt = nitems(pmu_parents), + }, + /* PMUCRU_CLKSEL_CON2 */ + .muxdiv_offset = 0x88, + + .div_shift = 0, + .div_width = 7, + + /* PMUCRU_CLKGATE_CON0 */ + .gate_offset = 0x100, + .gate_shift = 9, + + .flags = RK_CLK_COMPOSITE_HAVE_GATE, +}; + +static struct rk_clk_composite_def i2c8 = { + .clkdef = { + .id = SCLK_I2C8_PMU, + .name = "clk_i2c8_pmu", + .parent_names = pmu_parents, + .parent_cnt = nitems(pmu_parents), + }, + /* PMUCRU_CLKSEL_CON2 */ + .muxdiv_offset = 0x88, + + .div_shift = 8, + .div_width = 7, + + /* PMUCRU_CLKGATE_CON0 */ + .gate_offset = 0x100, + .gate_shift = 11, + + .flags = RK_CLK_COMPOSITE_HAVE_GATE, +}; + +static struct rk_clk_composite_def i2c4 = { + .clkdef = { + .id = SCLK_I2C4_PMU, + .name = "clk_i2c4_pmu", + .parent_names = pmu_parents, + .parent_cnt = nitems(pmu_parents), + }, + /* PMUCRU_CLKSEL_CON3 */ + .muxdiv_offset = 0x8c, + + .div_shift = 0, + .div_width = 7, + + /* PMUCRU_CLKGATE_CON0 */ + .gate_offset = 0x100, + .gate_shift = 10, + + .flags = RK_CLK_COMPOSITE_HAVE_GATE, +}; + +static struct rk_clk rk3399_pmu_clks[] = { + { + .type = RK3399_CLK_PLL, + .clk.pll = &ppll + }, + + { + .type = RK_CLK_COMPOSITE, + .clk.composite = &pclk_pmu_src + }, + { + .type = RK_CLK_COMPOSITE, + .clk.composite = &i2c0 + }, + { + .type = RK_CLK_COMPOSITE, + .clk.composite = &i2c4 + }, + { + .type = RK_CLK_COMPOSITE, + .clk.composite = &i2c8 + }, +}; + +static int +rk3399_pmucru_probe(device_t dev) +{ + + if (!ofw_bus_status_okay(dev)) + return (ENXIO); + + if (ofw_bus_is_compatible(dev, "rockchip,rk3399-pmucru")) { + device_set_desc(dev, "Rockchip RK3399 PMU Clock and Reset Unit"); + return (BUS_PROBE_DEFAULT); + } + + return (ENXIO); +} + +static int +rk3399_pmucru_attach(device_t dev) +{ + struct rk_cru_softc *sc; + + sc = device_get_softc(dev); + sc->dev = dev; + + sc->gates = rk3399_pmu_gates; + sc->ngates = nitems(rk3399_pmu_gates); + + sc->clks = rk3399_pmu_clks; + sc->nclks = nitems(rk3399_pmu_clks); + + return (rk_cru_attach(dev)); +} + +static device_method_t rk3399_pmucru_methods[] = { + /* Device interface */ + DEVMETHOD(device_probe, rk3399_pmucru_probe), + DEVMETHOD(device_attach, rk3399_pmucru_attach), + + DEVMETHOD_END +}; + +static devclass_t rk3399_pmucru_devclass; + +DEFINE_CLASS_1(rk3399_pmucru, rk3399_pmucru_driver, rk3399_pmucru_methods, + sizeof(struct rk_cru_softc), rk_cru_driver); + +EARLY_DRIVER_MODULE(rk3399_pmucru, simplebus, rk3399_pmucru_driver, + rk3399_pmucru_devclass, 0, 0, BUS_PASS_BUS + BUS_PASS_ORDER_MIDDLE); diff --git a/sys/arm64/rockchip/clk/rk_clk_armclk.c b/sys/arm64/rockchip/clk/rk_clk_armclk.c index 9734fb579b22..0e2ef4b46a12 100644 --- a/sys/arm64/rockchip/clk/rk_clk_armclk.c +++ b/sys/arm64/rockchip/clk/rk_clk_armclk.c @@ -163,18 +163,18 @@ rk_clk_armclk_set_freq(struct clknode *clk, uint64_t fparent, uint64_t *fout, if (rate == sc->nrates) return (0); - err = clknode_set_freq(p_main, best_p, 0, 1); - if (err != 0) - printf("Cannot set %s to %lu\n", - clknode_get_name(p_main), - best_p); - if ((flags & CLK_SET_DRYRUN) != 0) { *fout = best; *stop = 1; return (0); } + err = clknode_set_freq(p_main, best_p, 0, 1); + if (err != 0) + printf("Cannot set %s to %lu\n", + clknode_get_name(p_main), + best_p); + DEVICE_LOCK(clk); READ4(clk, sc->muxdiv_offset, &val); val &= ~sc->div_mask; diff --git a/sys/arm64/rockchip/clk/rk_clk_composite.c b/sys/arm64/rockchip/clk/rk_clk_composite.c index ee8c66c03b70..bc550a8e766e 100644 --- a/sys/arm64/rockchip/clk/rk_clk_composite.c +++ b/sys/arm64/rockchip/clk/rk_clk_composite.c @@ -126,7 +126,7 @@ rk_clk_composite_set_mux(struct clknode *clk, int index) DEVICE_LOCK(clk); READ4(clk, sc->muxdiv_offset, &val); - val &= ~(sc->mux_mask >> sc->mux_shift); + val &= ~sc->mux_mask; val |= index << sc->mux_shift; WRITE4(clk, sc->muxdiv_offset, val); DEVICE_UNLOCK(clk); diff --git a/sys/arm64/rockchip/clk/rk_clk_pll.c b/sys/arm64/rockchip/clk/rk_clk_pll.c index 8cf013f21d05..b304d5381480 100644 --- a/sys/arm64/rockchip/clk/rk_clk_pll.c +++ b/sys/arm64/rockchip/clk/rk_clk_pll.c @@ -65,46 +65,6 @@ struct rk_clk_pll_sc { #define DEVICE_UNLOCK(_clk) \ CLKDEV_DEVICE_UNLOCK(clknode_get_device(_clk)) -#define RK_CLK_PLL_FBDIV_OFFSET 0 -#define RK_CLK_PLL_FBDIV_SHIFT 0 -#define RK_CLK_PLL_FBDIV_MASK 0xFFF - -#define RK_CLK_PLL_POSTDIV1_OFFSET 0 -#define RK_CLK_PLL_POSTDIV1_SHIFT 12 -#define RK_CLK_PLL_POSTDIV1_MASK 0x7000 - -#define RK_CLK_PLL_DSMPD_OFFSET 4 -#define RK_CLK_PLL_DSMPD_SHIFT 12 -#define RK_CLK_PLL_DSMPD_MASK 0x1000 - -#define RK_CLK_PLL_REFDIV_OFFSET 4 -#define RK_CLK_PLL_REFDIV_SHIFT 0 -#define RK_CLK_PLL_REFDIV_MASK 0x3F - -#define RK_CLK_PLL_POSTDIV2_OFFSET 4 -#define RK_CLK_PLL_POSTDIV2_SHIFT 6 -#define RK_CLK_PLL_POSTDIV2_MASK 0x1C0 - -#define RK_CLK_PLL_FRAC_OFFSET 8 -#define RK_CLK_PLL_FRAC_SHIFT 0 -#define RK_CLK_PLL_FRAC_MASK 0xFFFFFF - -#define RK_CLK_PLL_LOCK_MASK 0x400 - -#define RK_CLK_PLL_WRITE_MASK 0xFFFF0000 - -static int -rk_clk_pll_init(struct clknode *clk, device_t dev) -{ - struct rk_clk_pll_sc *sc; - - sc = clknode_get_softc(clk); - - clknode_init_parent_idx(clk, 0); - - return (0); -} - static int rk_clk_pll_set_gate(struct clknode *clk, bool enable) { @@ -128,8 +88,48 @@ rk_clk_pll_set_gate(struct clknode *clk, bool enable) return (0); } +#define RK3328_CLK_PLL_FBDIV_OFFSET 0 +#define RK3328_CLK_PLL_FBDIV_SHIFT 0 +#define RK3328_CLK_PLL_FBDIV_MASK 0xFFF + +#define RK3328_CLK_PLL_POSTDIV1_OFFSET 0 +#define RK3328_CLK_PLL_POSTDIV1_SHIFT 12 +#define RK3328_CLK_PLL_POSTDIV1_MASK 0x7000 + +#define RK3328_CLK_PLL_DSMPD_OFFSET 4 +#define RK3328_CLK_PLL_DSMPD_SHIFT 12 +#define RK3328_CLK_PLL_DSMPD_MASK 0x1000 + +#define RK3328_CLK_PLL_REFDIV_OFFSET 4 +#define RK3328_CLK_PLL_REFDIV_SHIFT 0 +#define RK3328_CLK_PLL_REFDIV_MASK 0x3F + +#define RK3328_CLK_PLL_POSTDIV2_OFFSET 4 +#define RK3328_CLK_PLL_POSTDIV2_SHIFT 6 +#define RK3328_CLK_PLL_POSTDIV2_MASK 0x1C0 + +#define RK3328_CLK_PLL_FRAC_OFFSET 8 +#define RK3328_CLK_PLL_FRAC_SHIFT 0 +#define RK3328_CLK_PLL_FRAC_MASK 0xFFFFFF + +#define RK3328_CLK_PLL_LOCK_MASK 0x400 + +#define RK3328_CLK_PLL_WRITE_MASK 0xFFFF0000 + +static int +rk3328_clk_pll_init(struct clknode *clk, device_t dev) +{ + struct rk_clk_pll_sc *sc; + + sc = clknode_get_softc(clk); + + clknode_init_parent_idx(clk, 0); + + return (0); +} + static int -rk_clk_pll_recalc(struct clknode *clk, uint64_t *freq) +rk3328_clk_pll_recalc(struct clknode *clk, uint64_t *freq) { struct rk_clk_pll_sc *sc; uint64_t rate; @@ -145,14 +145,14 @@ rk_clk_pll_recalc(struct clknode *clk, uint64_t *freq) READ4(clk, sc->base_offset + 4, &raw2); READ4(clk, sc->base_offset + 8, &raw3); - fbdiv = (raw1 & RK_CLK_PLL_FBDIV_MASK) >> RK_CLK_PLL_FBDIV_SHIFT; - postdiv1 = (raw1 & RK_CLK_PLL_POSTDIV1_MASK) >> RK_CLK_PLL_POSTDIV1_SHIFT; + fbdiv = (raw1 & RK3328_CLK_PLL_FBDIV_MASK) >> RK3328_CLK_PLL_FBDIV_SHIFT; + postdiv1 = (raw1 & RK3328_CLK_PLL_POSTDIV1_MASK) >> RK3328_CLK_PLL_POSTDIV1_SHIFT; - dsmpd = (raw2 & RK_CLK_PLL_DSMPD_MASK) >> RK_CLK_PLL_DSMPD_SHIFT; - refdiv = (raw2 & RK_CLK_PLL_REFDIV_MASK) >> RK_CLK_PLL_REFDIV_SHIFT; - postdiv2 = (raw2 & RK_CLK_PLL_POSTDIV2_MASK) >> RK_CLK_PLL_POSTDIV2_SHIFT; + dsmpd = (raw2 & RK3328_CLK_PLL_DSMPD_MASK) >> RK3328_CLK_PLL_DSMPD_SHIFT; + refdiv = (raw2 & RK3328_CLK_PLL_REFDIV_MASK) >> RK3328_CLK_PLL_REFDIV_SHIFT; + postdiv2 = (raw2 & RK3328_CLK_PLL_POSTDIV2_MASK) >> RK3328_CLK_PLL_POSTDIV2_SHIFT; - frac = (raw3 & RK_CLK_PLL_FRAC_MASK) >> RK_CLK_PLL_FRAC_SHIFT; + frac = (raw3 & RK3328_CLK_PLL_FRAC_MASK) >> RK3328_CLK_PLL_FRAC_SHIFT; DEVICE_UNLOCK(clk); @@ -174,7 +174,7 @@ rk_clk_pll_recalc(struct clknode *clk, uint64_t *freq) } static int -rk_clk_pll_set_freq(struct clknode *clk, uint64_t fparent, uint64_t *fout, +rk3328_clk_pll_set_freq(struct clknode *clk, uint64_t fparent, uint64_t *fout, int flags, int *stop) { struct rk_clk_pll_rate *rates; @@ -204,24 +204,24 @@ rk_clk_pll_set_freq(struct clknode *clk, uint64_t fparent, uint64_t *fout, /* Setting postdiv1 and fbdiv */ READ4(clk, sc->base_offset, ®); - reg &= ~(RK_CLK_PLL_POSTDIV1_MASK | RK_CLK_PLL_FBDIV_MASK); - reg |= rates->postdiv1 << RK_CLK_PLL_POSTDIV1_SHIFT; - reg |= rates->fbdiv << RK_CLK_PLL_FBDIV_SHIFT; - WRITE4(clk, sc->base_offset, reg | RK_CLK_PLL_WRITE_MASK); + reg &= ~(RK3328_CLK_PLL_POSTDIV1_MASK | RK3328_CLK_PLL_FBDIV_MASK); + reg |= rates->postdiv1 << RK3328_CLK_PLL_POSTDIV1_SHIFT; + reg |= rates->fbdiv << RK3328_CLK_PLL_FBDIV_SHIFT; + WRITE4(clk, sc->base_offset, reg | RK3328_CLK_PLL_WRITE_MASK); /* Setting dsmpd, postdiv2 and refdiv */ READ4(clk, sc->base_offset + 0x4, ®); - reg &= ~(RK_CLK_PLL_DSMPD_MASK | RK_CLK_PLL_POSTDIV2_MASK | - RK_CLK_PLL_REFDIV_MASK); - reg |= rates->dsmpd << RK_CLK_PLL_DSMPD_SHIFT; - reg |= rates->postdiv2 << RK_CLK_PLL_POSTDIV2_SHIFT; - reg |= rates->refdiv << RK_CLK_PLL_REFDIV_SHIFT; - WRITE4(clk, sc->base_offset + 0x4, reg | RK_CLK_PLL_WRITE_MASK); + reg &= ~(RK3328_CLK_PLL_DSMPD_MASK | RK3328_CLK_PLL_POSTDIV2_MASK | + RK3328_CLK_PLL_REFDIV_MASK); + reg |= rates->dsmpd << RK3328_CLK_PLL_DSMPD_SHIFT; + reg |= rates->postdiv2 << RK3328_CLK_PLL_POSTDIV2_SHIFT; + reg |= rates->refdiv << RK3328_CLK_PLL_REFDIV_SHIFT; + WRITE4(clk, sc->base_offset + 0x4, reg | RK3328_CLK_PLL_WRITE_MASK); /* Setting frac */ READ4(clk, sc->base_offset + 0x8, ®); - reg &= ~RK_CLK_PLL_FRAC_MASK; - reg |= rates->frac << RK_CLK_PLL_FRAC_SHIFT; + reg &= ~RK3328_CLK_PLL_FRAC_MASK; + reg |= rates->frac << RK3328_CLK_PLL_FRAC_SHIFT; WRITE4(clk, sc->base_offset + 0x8, reg); /* Setting to normal mode */ @@ -232,7 +232,218 @@ rk_clk_pll_set_freq(struct clknode *clk, uint64_t fparent, uint64_t *fout, /* Reading lock */ for (timeout = 1000; timeout; timeout--) { READ4(clk, sc->base_offset + 0x4, ®); - if ((reg & RK_CLK_PLL_LOCK_MASK) == 0) + if ((reg & RK3328_CLK_PLL_LOCK_MASK) == 0) + break; + DELAY(1); + } + + DEVICE_UNLOCK(clk); + + *stop = 1; + return (0); +} + +static clknode_method_t rk3328_clk_pll_clknode_methods[] = { + /* Device interface */ + CLKNODEMETHOD(clknode_init, rk3328_clk_pll_init), + CLKNODEMETHOD(clknode_set_gate, rk_clk_pll_set_gate), + CLKNODEMETHOD(clknode_recalc_freq, rk3328_clk_pll_recalc), + CLKNODEMETHOD(clknode_set_freq, rk3328_clk_pll_set_freq), + CLKNODEMETHOD_END +}; + +DEFINE_CLASS_1(rk3328_clk_pll_clknode, rk3328_clk_pll_clknode_class, + rk3328_clk_pll_clknode_methods, sizeof(struct rk_clk_pll_sc), clknode_class); + +int +rk3328_clk_pll_register(struct clkdom *clkdom, struct rk_clk_pll_def *clkdef) +{ + struct clknode *clk; + struct rk_clk_pll_sc *sc; + + clk = clknode_create(clkdom, &rk3328_clk_pll_clknode_class, + &clkdef->clkdef); + if (clk == NULL) + return (1); + + sc = clknode_get_softc(clk); + + sc->base_offset = clkdef->base_offset; + sc->gate_offset = clkdef->gate_offset; + sc->gate_shift = clkdef->gate_shift; + sc->mode_reg = clkdef->mode_reg; + sc->mode_val = clkdef->mode_val; + sc->flags = clkdef->flags; + sc->rates = clkdef->rates; + sc->frac_rates = clkdef->frac_rates; + + clknode_register(clkdom, clk); + + return (0); +} + +#define RK3399_CLK_PLL_FBDIV_OFFSET 0 +#define RK3399_CLK_PLL_FBDIV_SHIFT 0 +#define RK3399_CLK_PLL_FBDIV_MASK 0xFFF + +#define RK3399_CLK_PLL_POSTDIV2_OFFSET 4 +#define RK3399_CLK_PLL_POSTDIV2_SHIFT 12 +#define RK3399_CLK_PLL_POSTDIV2_MASK 0x7000 + +#define RK3399_CLK_PLL_POSTDIV1_OFFSET 4 +#define RK3399_CLK_PLL_POSTDIV1_SHIFT 8 +#define RK3399_CLK_PLL_POSTDIV1_MASK 0x700 + +#define RK3399_CLK_PLL_REFDIV_OFFSET 4 +#define RK3399_CLK_PLL_REFDIV_SHIFT 0 +#define RK3399_CLK_PLL_REFDIV_MASK 0x3F + +#define RK3399_CLK_PLL_FRAC_OFFSET 8 +#define RK3399_CLK_PLL_FRAC_SHIFT 0 +#define RK3399_CLK_PLL_FRAC_MASK 0xFFFFFF + +#define RK3399_CLK_PLL_DSMPD_OFFSET 0xC +#define RK3399_CLK_PLL_DSMPD_SHIFT 3 +#define RK3399_CLK_PLL_DSMPD_MASK 0x8 + +#define RK3399_CLK_PLL_LOCK_OFFSET 8 +#define RK3399_CLK_PLL_LOCK_MASK 0x400 + +#define RK3399_CLK_PLL_MODE_OFFSET 0xC +#define RK3399_CLK_PLL_MODE_MASK 0x300 +#define RK3399_CLK_PLL_MODE_SLOW 0 +#define RK3399_CLK_PLL_MODE_NORMAL 1 +#define RK3399_CLK_PLL_MODE_DEEPSLOW 2 +#define RK3399_CLK_PLL_MODE_SHIFT 8 + +#define RK3399_CLK_PLL_WRITE_MASK 0xFFFF0000 + +static int +rk3399_clk_pll_init(struct clknode *clk, device_t dev) +{ + struct rk_clk_pll_sc *sc; + uint32_t reg; + + sc = clknode_get_softc(clk); + + /* Setting to normal mode */ + READ4(clk, sc->base_offset + RK3399_CLK_PLL_MODE_OFFSET, ®); + reg &= ~RK3399_CLK_PLL_MODE_MASK; + reg |= RK3399_CLK_PLL_MODE_NORMAL << RK3399_CLK_PLL_MODE_SHIFT; + WRITE4(clk, sc->base_offset + RK3399_CLK_PLL_MODE_OFFSET, + reg | RK3399_CLK_PLL_WRITE_MASK); + + clknode_init_parent_idx(clk, 0); + + return (0); +} + +static int +rk3399_clk_pll_recalc(struct clknode *clk, uint64_t *freq) +{ + struct rk_clk_pll_sc *sc; + uint64_t rate; + uint32_t dsmpd, refdiv, fbdiv; + uint32_t postdiv1, postdiv2, frac; + uint32_t raw1, raw2, raw3, raw4; + + sc = clknode_get_softc(clk); + + DEVICE_LOCK(clk); + READ4(clk, sc->base_offset, &raw1); + READ4(clk, sc->base_offset + 4, &raw2); + READ4(clk, sc->base_offset + 8, &raw3); + READ4(clk, sc->base_offset + 0xC, &raw4); + DEVICE_UNLOCK(clk); + + fbdiv = (raw1 & RK3399_CLK_PLL_FBDIV_MASK) >> RK3399_CLK_PLL_FBDIV_SHIFT; + + postdiv1 = (raw2 & RK3399_CLK_PLL_POSTDIV1_MASK) >> RK3399_CLK_PLL_POSTDIV1_SHIFT; + postdiv2 = (raw2 & RK3399_CLK_PLL_POSTDIV2_MASK) >> RK3399_CLK_PLL_POSTDIV2_SHIFT; + refdiv = (raw2 & RK3399_CLK_PLL_REFDIV_MASK) >> RK3399_CLK_PLL_REFDIV_SHIFT; + + frac = (raw3 & RK3399_CLK_PLL_FRAC_MASK) >> RK3399_CLK_PLL_FRAC_SHIFT; + + dsmpd = (raw4 & RK3399_CLK_PLL_DSMPD_MASK) >> RK3399_CLK_PLL_DSMPD_SHIFT; + + rate = *freq * fbdiv / refdiv; + if (dsmpd == 0) { + /* Fractional mode */ + uint64_t frac_rate; + + frac_rate = *freq * frac / refdiv; + rate += frac_rate >> 24; + } + + *freq = rate / postdiv1 / postdiv2; + + if (*freq % 2) + *freq = *freq + 1; + + return (0); +} + +static int +rk3399_clk_pll_set_freq(struct clknode *clk, uint64_t fparent, uint64_t *fout, + int flags, int *stop) +{ + struct rk_clk_pll_rate *rates; + struct rk_clk_pll_sc *sc; + uint32_t reg; + int timeout; + + sc = clknode_get_softc(clk); + + if (sc->rates) + rates = sc->rates; + else if (sc->frac_rates) + rates = sc->frac_rates; + else + return (EINVAL); + + for (; rates->freq; rates++) { + if (rates->freq == *fout) + break; + } + if (rates->freq == 0) { + *stop = 1; + return (EINVAL); + } + + DEVICE_LOCK(clk); + + /* Setting fbdiv */ + READ4(clk, sc->base_offset, ®); + reg &= ~RK3399_CLK_PLL_FBDIV_MASK; + reg |= rates->fbdiv << RK3399_CLK_PLL_FBDIV_SHIFT; + WRITE4(clk, sc->base_offset, reg | RK3399_CLK_PLL_WRITE_MASK); + + /* Setting postdiv1, postdiv2 and refdiv */ + READ4(clk, sc->base_offset + 0x4, ®); + reg &= ~(RK3399_CLK_PLL_POSTDIV1_MASK | RK3399_CLK_PLL_POSTDIV2_MASK | + RK3399_CLK_PLL_REFDIV_MASK); + reg |= rates->postdiv1 << RK3399_CLK_PLL_POSTDIV1_SHIFT; + reg |= rates->postdiv2 << RK3399_CLK_PLL_POSTDIV2_SHIFT; + reg |= rates->refdiv << RK3399_CLK_PLL_REFDIV_SHIFT; + WRITE4(clk, sc->base_offset + 0x4, reg | RK3399_CLK_PLL_WRITE_MASK); + + /* Setting frac */ + READ4(clk, sc->base_offset + 0x8, ®); + reg &= ~RK3399_CLK_PLL_FRAC_MASK; + reg |= rates->frac << RK3399_CLK_PLL_FRAC_SHIFT; + WRITE4(clk, sc->base_offset + 0x8, reg | RK3399_CLK_PLL_WRITE_MASK); + + /* Setting to normal mode and dsmpd */ + READ4(clk, sc->base_offset + 0xC, ®); + reg &= ~RK3399_CLK_PLL_MODE_MASK; + reg |= RK3399_CLK_PLL_MODE_NORMAL << RK3399_CLK_PLL_MODE_SHIFT; + reg |= rates->dsmpd << RK3399_CLK_PLL_DSMPD_SHIFT; + WRITE4(clk, sc->base_offset + 0xC, reg | RK3399_CLK_PLL_WRITE_MASK); + + /* Reading lock */ + for (timeout = 1000; timeout; timeout--) { + READ4(clk, sc->base_offset + RK3399_CLK_PLL_LOCK_OFFSET, ®); + if ((reg & RK3399_CLK_PLL_LOCK_MASK) == 0) break; DELAY(1); } @@ -243,25 +454,25 @@ rk_clk_pll_set_freq(struct clknode *clk, uint64_t fparent, uint64_t *fout, return (0); } -static clknode_method_t rk_clk_pll_clknode_methods[] = { +static clknode_method_t rk3399_clk_pll_clknode_methods[] = { /* Device interface */ - CLKNODEMETHOD(clknode_init, rk_clk_pll_init), + CLKNODEMETHOD(clknode_init, rk3399_clk_pll_init), CLKNODEMETHOD(clknode_set_gate, rk_clk_pll_set_gate), - CLKNODEMETHOD(clknode_recalc_freq, rk_clk_pll_recalc), - CLKNODEMETHOD(clknode_set_freq, rk_clk_pll_set_freq), + CLKNODEMETHOD(clknode_recalc_freq, rk3399_clk_pll_recalc), + CLKNODEMETHOD(clknode_set_freq, rk3399_clk_pll_set_freq), CLKNODEMETHOD_END }; -DEFINE_CLASS_1(rk_clk_pll_clknode, rk_clk_pll_clknode_class, - rk_clk_pll_clknode_methods, sizeof(struct rk_clk_pll_sc), clknode_class); +DEFINE_CLASS_1(rk3399_clk_pll_clknode, rk3399_clk_pll_clknode_class, + rk3399_clk_pll_clknode_methods, sizeof(struct rk_clk_pll_sc), clknode_class); int -rk_clk_pll_register(struct clkdom *clkdom, struct rk_clk_pll_def *clkdef) +rk3399_clk_pll_register(struct clkdom *clkdom, struct rk_clk_pll_def *clkdef) { struct clknode *clk; struct rk_clk_pll_sc *sc; - clk = clknode_create(clkdom, &rk_clk_pll_clknode_class, + clk = clknode_create(clkdom, &rk3399_clk_pll_clknode_class, &clkdef->clkdef); if (clk == NULL) return (1); diff --git a/sys/arm64/rockchip/clk/rk_clk_pll.h b/sys/arm64/rockchip/clk/rk_clk_pll.h index 99db261eb9cf..0c45f8baea66 100644 --- a/sys/arm64/rockchip/clk/rk_clk_pll.h +++ b/sys/arm64/rockchip/clk/rk_clk_pll.h @@ -63,6 +63,7 @@ struct rk_clk_pll_def { #define RK_CLK_PLL_MASK 0xFFFF0000 -int rk_clk_pll_register(struct clkdom *clkdom, struct rk_clk_pll_def *clkdef); +int rk3328_clk_pll_register(struct clkdom *clkdom, struct rk_clk_pll_def *clkdef); +int rk3399_clk_pll_register(struct clkdom *clkdom, struct rk_clk_pll_def *clkdef); #endif /* _RK_CLK_PLL_H_ */ diff --git a/sys/arm64/rockchip/clk/rk_cru.c b/sys/arm64/rockchip/clk/rk_cru.c index d4a8c1ddc9b4..14b401334c42 100644 --- a/sys/arm64/rockchip/clk/rk_cru.c +++ b/sys/arm64/rockchip/clk/rk_cru.c @@ -220,8 +220,11 @@ rk_cru_attach(device_t dev) switch (sc->clks[i].type) { case RK_CLK_UNDEFINED: break; - case RK_CLK_PLL: - rk_clk_pll_register(sc->clkdom, sc->clks[i].clk.pll); + case RK3328_CLK_PLL: + rk3328_clk_pll_register(sc->clkdom, sc->clks[i].clk.pll); + break; + case RK3399_CLK_PLL: + rk3399_clk_pll_register(sc->clkdom, sc->clks[i].clk.pll); break; case RK_CLK_COMPOSITE: rk_clk_composite_register(sc->clkdom, diff --git a/sys/arm64/rockchip/clk/rk_cru.h b/sys/arm64/rockchip/clk/rk_cru.h index e9326ab415e9..9a2cf17d3db7 100644 --- a/sys/arm64/rockchip/clk/rk_cru.h +++ b/sys/arm64/rockchip/clk/rk_cru.h @@ -61,7 +61,8 @@ struct rk_cru_gate { enum rk_clk_type { RK_CLK_UNDEFINED = 0, - RK_CLK_PLL, + RK3328_CLK_PLL, + RK3399_CLK_PLL, RK_CLK_COMPOSITE, RK_CLK_MUX, RK_CLK_ARMCLK, diff --git a/sys/arm64/rockchip/if_dwc_rk.c b/sys/arm64/rockchip/if_dwc_rk.c index f0b54f841211..3a5cbdab8044 100644 --- a/sys/arm64/rockchip/if_dwc_rk.c +++ b/sys/arm64/rockchip/if_dwc_rk.c @@ -80,8 +80,31 @@ rk3328_set_delays(struct syscon *grf, phandle_t node) rx = ((rx & RK3328_GRF_MAC_CON0_TX_MASK) << RK3328_GRF_MAC_CON0_RX_SHIFT); - /* Disable delays as values conflict between DTS */ - /* SYSCON_WRITE_4(grf, RK3328_GRF_MAC_CON0, tx | rx | 0xFFFF0000); */ + SYSCON_WRITE_4(grf, RK3328_GRF_MAC_CON0, tx | rx | 0xFFFF0000); +} + +#define RK3399_GRF_SOC_CON6 0xc218 +#define RK3399_GRF_SOC_CON6_TX_MASK 0x7F +#define RK3399_GRF_SOC_CON6_TX_SHIFT 0 +#define RK3399_GRF_SOC_CON6_RX_MASK 0x7F +#define RK3399_GRF_SOC_CON6_RX_SHIFT 8 + +static void +rk3399_set_delays(struct syscon *grf, phandle_t node) +{ + uint32_t tx, rx; + + if (OF_getencprop(node, "tx_delay", &tx, sizeof(tx)) <= 0) + tx = 0x30; + if (OF_getencprop(node, "rx_delay", &rx, sizeof(rx)) <= 0) + rx = 0x10; + + tx = ((tx & RK3399_GRF_SOC_CON6_TX_MASK) << + RK3399_GRF_SOC_CON6_TX_SHIFT); + rx = ((rx & RK3399_GRF_SOC_CON6_TX_MASK) << + RK3399_GRF_SOC_CON6_RX_SHIFT); + + SYSCON_WRITE_4(grf, RK3399_GRF_SOC_CON6, tx | rx | 0xFFFF0000); } static int @@ -90,7 +113,8 @@ if_dwc_rk_probe(device_t dev) if (!ofw_bus_status_okay(dev)) return (ENXIO); - if (!ofw_bus_is_compatible(dev, "rockchip,rk3328-gmac")) + if (!(ofw_bus_is_compatible(dev, "rockchip,rk3328-gmac") || + ofw_bus_is_compatible(dev, "rockchip,rk3399-gmac"))) return (ENXIO); device_set_desc(dev, "Rockchip Gigabit Ethernet Controller"); @@ -111,7 +135,12 @@ if_dwc_rk_init(device_t dev) return (ENXIO); } - rk3328_set_delays(grf, node); +#ifdef notyet + if (ofw_bus_is_compatible(dev, "rockchip,rk3399-gmac")) + rk3399_set_delays(grf, node); + else if (ofw_bus_is_compatible(dev, "rockchip,rk3328-gmac")) + rk3328_set_delays(grf, node); +#endif /* Mode should be set according to dtb property */ diff --git a/sys/arm64/rockchip/rk805.c b/sys/arm64/rockchip/rk805.c new file mode 100644 index 000000000000..2d189ad76a4e --- /dev/null +++ b/sys/arm64/rockchip/rk805.c @@ -0,0 +1,490 @@ +/*- + * SPDX-License-Identifier: BSD-2-Clause-FreeBSD + * + * Copyright (c) 2018 Emmanuel Vadot <manu@FreeBSD.org> + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <sys/cdefs.h> +__FBSDID("$FreeBSD$"); + +#include <sys/param.h> +#include <sys/bus.h> +#include <sys/kernel.h> +#include <sys/module.h> +#include <sys/mutex.h> +#include <sys/rman.h> +#include <machine/bus.h> + +#include <dev/iicbus/iiconf.h> +#include <dev/iicbus/iicbus.h> + +#include <dev/ofw/ofw_bus.h> +#include <dev/ofw/ofw_bus_subr.h> + +#include <dev/extres/regulator/regulator.h> + +#include <arm64/rockchip/rk805reg.h> + +#include "regdev_if.h" + +MALLOC_DEFINE(M_RK805_REG, "RK805 regulator", "RK805 power regulator"); + +enum rk_pmic_type { + RK805 = 1, + RK808, +}; + +static struct ofw_compat_data compat_data[] = { + {"rockchip,rk805", RK805}, + {"rockchip,rk808", RK808}, + {NULL, 0} +}; + +struct rk805_regdef { + intptr_t id; + char *name; + uint8_t enable_reg; + uint8_t enable_mask; + uint8_t voltage_reg; + uint8_t voltage_mask; + int voltage_min; + int voltage_max; + int voltage_step; + int voltage_nstep; +}; + +struct rk805_reg_sc { + struct regnode *regnode; + device_t base_dev; + struct rk805_regdef *def; + phandle_t xref; + struct regnode_std_param *param; +}; + +struct rk805_softc { + device_t dev; + struct mtx mtx; + struct resource * res[1]; + void * intrcookie; + struct intr_config_hook intr_hook; + enum rk_pmic_type type; + + struct rk805_reg_sc **regs; + int nregs; +}; + +static struct rk805_regdef rk805_regdefs[] = { + { + .id = RK805_DCDC1, + .name = "DCDC_REG1", + .enable_reg = RK805_DCDC_EN, + .enable_mask = 0x11, + .voltage_reg = RK805_DCDC1_ON_VSEL, + .voltage_mask = 0x3F, + .voltage_min = 712500, + .voltage_max = 1450000, + .voltage_step = 12500, + .voltage_nstep = 64, + }, + { + .id = RK805_DCDC2, + .name = "DCDC_REG2", + .enable_reg = RK805_DCDC_EN, + .enable_mask = 0x22, + .voltage_reg = RK805_DCDC2_ON_VSEL, + .voltage_mask = 0x3F, + .voltage_min = 712500, + .voltage_max = 1450000, + .voltage_step = 12500, + .voltage_nstep = 64, + }, + { + .id = RK805_DCDC3, + .name = "DCDC_REG3", + .enable_reg = RK805_DCDC_EN, + .enable_mask = 0x44, + }, + { + .id = RK805_DCDC4, + .name = "DCDC_REG4", + .enable_reg = RK805_DCDC_EN, + .enable_mask = 0x88, + .voltage_reg = RK805_DCDC4_ON_VSEL, + .voltage_mask = 0x3F, + .voltage_min = 800000, + .voltage_max = 3500000, + .voltage_step = 100000, + .voltage_nstep = 28, + }, +}; + +static struct rk805_regdef rk808_regdefs[] = { + { + .id = RK805_DCDC1, + .name = "DCDC_REG1", + .enable_reg = RK805_DCDC_EN, + .enable_mask = 0x1, + .voltage_reg = RK805_DCDC1_ON_VSEL, + .voltage_mask = 0x3F, + .voltage_min = 712500, + .voltage_max = 1500000, + .voltage_step = 12500, + .voltage_nstep = 64, + }, + { + .id = RK805_DCDC2, + .name = "DCDC_REG2", + .enable_reg = RK805_DCDC_EN, + .enable_mask = 0x2, + .voltage_reg = RK805_DCDC2_ON_VSEL, + .voltage_mask = 0x3F, + .voltage_min = 712500, + .voltage_max = 1500000, + .voltage_step = 12500, + .voltage_nstep = 64, + }, + { + .id = RK805_DCDC3, + .name = "DCDC_REG3", + .enable_reg = RK805_DCDC_EN, + .enable_mask = 0x4, + }, + { + .id = RK805_DCDC4, + .name = "DCDC_REG4", + .enable_reg = RK805_DCDC_EN, + .enable_mask = 0x8, + .voltage_reg = RK805_DCDC4_ON_VSEL, + .voltage_mask = 0xF, + .voltage_min = 1800000, + .voltage_max = 3300000, + .voltage_step = 100000, + .voltage_nstep = 16, + }, +}; + +static int +rk805_read(device_t dev, uint8_t reg, uint8_t *data, uint8_t size) +{ + + return (iicdev_readfrom(dev, reg, data, size, IIC_INTRWAIT)); +} + +static int +rk805_write(device_t dev, uint8_t reg, uint8_t data) +{ + struct iic_msg msg; + uint8_t buf[2]; + + buf[0] = reg; + buf[1] = data; + msg.slave = iicbus_get_addr(dev); + msg.flags = IIC_M_WR; + msg.buf = buf; + msg.len = sizeof(buf); + + return (iicbus_transfer_excl(dev, &msg, 1, IIC_INTRWAIT)); +} + +static int +rk805_regnode_init(struct regnode *regnode) +{ + return (0); +} + +static int +rk805_regnode_enable(struct regnode *regnode, bool enable, int *udelay) +{ + struct rk805_reg_sc *sc; + uint8_t val; + + sc = regnode_get_softc(regnode); + + rk805_read(sc->base_dev, sc->def->enable_reg, &val, 1); + if (enable) + val |= sc->def->enable_mask; + else + val &= ~sc->def->enable_mask; + rk805_write(sc->base_dev, sc->def->enable_reg, val); + + *udelay = 0; + + return (0); +} + +static void +rk805_regnode_reg_to_voltage(struct rk805_reg_sc *sc, uint8_t val, int *uv) +{ + if (val < sc->def->voltage_nstep) + *uv = sc->def->voltage_min + val * sc->def->voltage_step; + else + *uv = sc->def->voltage_min + + (sc->def->voltage_nstep * sc->def->voltage_step); +} + +static int +rk805_regnode_voltage_to_reg(struct rk805_reg_sc *sc, int min_uvolt, + int max_uvolt, uint8_t *val) +{ + uint8_t nval; + int nstep, uvolt; + + nval = 0; + uvolt = sc->def->voltage_min; + + for (nstep = 0; nstep < sc->def->voltage_nstep && uvolt < min_uvolt; + nstep++) { + ++nval; + uvolt += sc->def->voltage_step; + } + if (uvolt > max_uvolt) + return (EINVAL); + + *val = nval; + return (0); +} + +static int +rk805_regnode_set_voltage(struct regnode *regnode, int min_uvolt, + int max_uvolt, int *udelay) +{ + struct rk805_reg_sc *sc; + uint8_t val; + + sc = regnode_get_softc(regnode); + + if (!sc->def->voltage_step) + return (ENXIO); + + rk805_read(sc->base_dev, sc->def->voltage_reg, &val, 1); + printf("rk805_set_voltage: Current value for %x: %x\n", sc->def->voltage_reg, val); + if (rk805_regnode_voltage_to_reg(sc, min_uvolt, max_uvolt, &val) != 0) + return (ERANGE); + + printf("rk805_set_voltage: Setting %x to %x\n", sc->def->voltage_reg, val); + rk805_write(sc->base_dev, sc->def->voltage_reg, val); + + rk805_read(sc->base_dev, sc->def->voltage_reg, &val, 1); + printf("rk805_set_voltage: Set value for %x: %x\n", sc->def->voltage_reg, val); + + *udelay = 0; + + return (0); +} + +static int +rk805_regnode_get_voltage(struct regnode *regnode, int *uvolt) +{ + struct rk805_reg_sc *sc; + uint8_t val; + + sc = regnode_get_softc(regnode); + + if (!sc->def->voltage_step) + return (ENXIO); + + rk805_read(sc->base_dev, sc->def->voltage_reg, &val, 1); + rk805_regnode_reg_to_voltage(sc, val & sc->def->voltage_mask, uvolt); + + return (0); +} + +static regnode_method_t rk805_regnode_methods[] = { + /* Regulator interface */ + REGNODEMETHOD(regnode_init, rk805_regnode_init), + REGNODEMETHOD(regnode_enable, rk805_regnode_enable), + REGNODEMETHOD(regnode_set_voltage, rk805_regnode_set_voltage), + REGNODEMETHOD(regnode_get_voltage, rk805_regnode_get_voltage), + REGNODEMETHOD_END +}; +DEFINE_CLASS_1(rk805_regnode, rk805_regnode_class, rk805_regnode_methods, + sizeof(struct rk805_reg_sc), regnode_class); + +static struct rk805_reg_sc * +rk805_reg_attach(device_t dev, phandle_t node, + struct rk805_regdef *def) +{ + struct rk805_reg_sc *reg_sc; + struct regnode_init_def initdef; + struct regnode *regnode; + + memset(&initdef, 0, sizeof(initdef)); + if (regulator_parse_ofw_stdparam(dev, node, &initdef) != 0) { + device_printf(dev, "cannot create regulator\n"); + return (NULL); + } + if (initdef.std_param.min_uvolt == 0) + initdef.std_param.min_uvolt = def->voltage_min; + if (initdef.std_param.max_uvolt == 0) + initdef.std_param.max_uvolt = def->voltage_max; + initdef.id = def->id; + initdef.ofw_node = node; + regnode = regnode_create(dev, &rk805_regnode_class, &initdef); + if (regnode == NULL) { + device_printf(dev, "cannot create regulator\n"); + return (NULL); + } + + reg_sc = regnode_get_softc(regnode); + reg_sc->regnode = regnode; + reg_sc->base_dev = dev; + reg_sc->def = def; + reg_sc->xref = OF_xref_from_node(node); + reg_sc->param = regnode_get_stdparam(regnode); + + regnode_register(regnode); + + return (reg_sc); +} + +static int +rk805_probe(device_t dev) +{ + if (!ofw_bus_status_okay(dev)) + return (ENXIO); + + if (ofw_bus_search_compatible(dev, compat_data)->ocd_data == 0) + return (ENXIO); + + device_set_desc(dev, "RockChip RK805 PMIC"); + return (BUS_PROBE_DEFAULT); +} + +static void +rk805_start(void *pdev) +{ + struct rk805_softc *sc; + device_t dev; + uint8_t data[2]; + int err; + + dev = pdev; + sc = device_get_softc(dev); + sc->dev = dev; + + /* No version register in RK808 */ + if (bootverbose && sc->type == RK805) { + err = rk805_read(dev, RK805_CHIP_NAME, data, 1); + if (err != 0) { + device_printf(dev, "Cannot read chip name reg\n"); + return; + } + err = rk805_read(dev, RK805_CHIP_VER, data + 1, 1); + if (err != 0) { + device_printf(dev, "Cannot read chip version reg\n"); + return; + } + device_printf(dev, "Chip Name: %x\n", + data[0] << 4 | ((data[1] >> 4) & 0xf)); + device_printf(dev, "Chip Version: %x\n", data[1] & 0xf); + } + + config_intrhook_disestablish(&sc->intr_hook); +} + +static int +rk805_attach(device_t dev) +{ + struct rk805_softc *sc; + struct rk805_reg_sc *reg; + struct rk805_regdef *regdefs; + phandle_t rnode, child; + int i; + + sc = device_get_softc(dev); + + sc->intr_hook.ich_func = rk805_start; + sc->intr_hook.ich_arg = dev; + + if (config_intrhook_establish(&sc->intr_hook) != 0) + return (ENOMEM); + + sc->regs = malloc(sizeof(struct rk805_reg_sc *) * sc->nregs, + M_RK805_REG, M_WAITOK | M_ZERO); + + sc->type = ofw_bus_search_compatible(dev, compat_data)->ocd_data; + switch (sc->type) { + case RK805: + regdefs = rk805_regdefs; + sc->nregs = nitems(rk805_regdefs); + break; + case RK808: + regdefs = rk808_regdefs; + sc->nregs = nitems(rk808_regdefs); + break; + } + + rnode = ofw_bus_find_child(ofw_bus_get_node(dev), "regulators"); + if (rnode > 0) { + for (i = 0; i < sc->nregs; i++) { + child = ofw_bus_find_child(rnode, + regdefs[i].name); + if (child == 0) + continue; + reg = rk805_reg_attach(dev, child, ®defs[i]); + if (reg == NULL) { + device_printf(dev, + "cannot attach regulator %s\n", + regdefs[i].name); + continue; + } + sc->regs[i] = reg; + if (bootverbose) + device_printf(dev, "Regulator %s attached\n", + regdefs[i].name); + } + } + + return (0); +} + +static int +rk805_detach(device_t dev) +{ + + /* We cannot detach regulators */ + return (EBUSY); +} + +static device_method_t rk805_methods[] = { + DEVMETHOD(device_probe, rk805_probe), + DEVMETHOD(device_attach, rk805_attach), + DEVMETHOD(device_detach, rk805_detach), + + DEVMETHOD_END +}; + +static driver_t rk805_driver = { + "rk805_pmu", + rk805_methods, + sizeof(struct rk805_softc), +}; + +static devclass_t rk805_devclass; + +EARLY_DRIVER_MODULE(rk805, iicbus, rk805_driver, rk805_devclass, 0, 0, + BUS_PASS_INTERRUPT + BUS_PASS_ORDER_LAST); +MODULE_DEPEND(rk805, iicbus, IICBUS_MINVER, IICBUS_PREFVER, IICBUS_MAXVER); +MODULE_VERSION(rk805, 1); diff --git a/tools/KSE/ksetest/simplelock.h b/sys/arm64/rockchip/rk805reg.h index 2dae6abd5d08..42cd79976842 100644 --- a/tools/KSE/ksetest/simplelock.h +++ b/sys/arm64/rockchip/rk805reg.h @@ -1,5 +1,7 @@ /*- - * Copyright (c) 2002 David Xu (davidxu@freebsd.org). + * SPDX-License-Identifier: BSD-2-Clause-FreeBSD + * + * Copyright (c) 2018 Emmanuel Vadot <manu@FreeBSD.org> * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -26,34 +28,63 @@ * $FreeBSD$ */ -#ifndef _SIMPLELOCK_H -#define _SIMPLELOCK_H -#include <machine/asmacros.h> -#include <machine/atomic.h> +#ifndef _RK805REG_H_ +#define _RK805REG_H_ -struct simplelock { - int s_lock; -}; +#define RK805_CHIP_NAME 0x17 +#define RK805_CHIP_VER 0x18 +#define RK805_OTP_VER 0x19 -static inline void -simplelock_init(struct simplelock *lock) -{ - lock->s_lock = 0; -} +#define RK805_DCDC_EN 0x23 +#define RK808_LDO_EN 0x24 +#define RK805_SLEEP_DCDC_EN 0x25 +#define RK805_SLEEP_LDO_EN 0x26 +#define RK805_LDO_EN 0x27 +#define RK805_SLEEP_LDO_LP_EN 0x2A -static inline void -simplelock_lock(struct simplelock *lock) -{ - while (!atomic_cmpset_int(&lock->s_lock, 0, 1)) - ; -} +#define RK805_DCDC1_CONFIG 0x2E +#define RK805_DCDC1_ON_VSEL 0x2F +#define RK805_DCDC1_SLEEP_VSEL 0x30 +#define RK805_DCDC2_CONFIG 0x32 +#define RK805_DCDC2_ON_VSEL 0x33 +#define RK805_DCDC2_SLEEP_VSEL 0x34 +#define RK805_DCDC3_CONFIG 0x36 +#define RK805_DCDC4_CONFIG 0x37 +#define RK805_DCDC4_ON_VSEL 0x38 +#define RK805_DCDC4_SLEEP_VSEL 0x39 +#define RK805_LDO1_ON_VSEL 0x3B +#define RK805_LDO1_SLEEP_VSEL 0x3C +#define RK805_LDO2_ON_VSEL 0x3D +#define RK805_LDO2_SLEEP_VSEL 0x3E +#define RK805_LDO3_ON_VSEL 0x3F +#define RK805_LDO3_SLEEP_VSEL 0x40 -static inline void -simplelock_unlock(struct simplelock *lock) -{ - atomic_store_rel_int(&lock->s_lock, 0); -} +enum rk805_regulator { + RK805_DCDC1, + RK805_DCDC2, + RK805_DCDC3, + RK805_DCDC4, + RK805_LDO1, + RK805_LDO2, + RK805_LDO3, +}; -#endif +enum rk808_regulator { + RK808_DCDC1, + RK808_DCDC2, + RK808_DCDC3, + RK808_DCDC4, + RK808_LDO1, + RK808_LDO2, + RK808_LDO3, + RK808_LDO4, + RK808_LDO5, + RK808_LDO6, + RK808_LDO7, + RK808_LDO8, + RK808_SWITCH1, + RK808_SWITCH2, +}; +#endif /* _RK805REG_H_ */ diff --git a/sys/arm64/rockchip/rk_grf.c b/sys/arm64/rockchip/rk_grf.c index e529834d44d3..4e233135c794 100644 --- a/sys/arm64/rockchip/rk_grf.c +++ b/sys/arm64/rockchip/rk_grf.c @@ -50,6 +50,10 @@ static struct ofw_compat_data compat_data[] = { #ifdef SOC_ROCKCHIP_RK3328 {"rockchip,rk3328-grf", 1}, #endif +#ifdef SOC_ROCKCHIP_RK3399 + {"rockchip,rk3399-grf", 1}, + {"rockchip,rk3399-pmugrf", 1}, +#endif {NULL, 0} }; diff --git a/sys/arm64/rockchip/rk_i2c.c b/sys/arm64/rockchip/rk_i2c.c index 26053b07ce24..7773a07ecd33 100644 --- a/sys/arm64/rockchip/rk_i2c.c +++ b/sys/arm64/rockchip/rk_i2c.c @@ -146,6 +146,9 @@ static struct ofw_compat_data compat_data[] = { #ifdef SOC_ROCKCHIP_RK3328 {"rockchip,rk3328-i2c", 1}, #endif +#ifdef SOC_ROCKCHIP_RK3399 + {"rockchip,rk3399-i2c", 1}, +#endif {NULL, 0} }; @@ -168,15 +171,15 @@ static int rk_i2c_detach(device_t dev); static uint32_t rk_i2c_get_clkdiv(struct rk_i2c_softc *sc, uint64_t speed) { - uint64_t pclk_freq; + uint64_t sclk_freq; uint32_t clkdiv; int err; - err = clk_get_freq(sc->pclk, &pclk_freq); + err = clk_get_freq(sc->sclk, &sclk_freq); if (err != 0) return (err); - clkdiv = (pclk_freq / speed / RK_I2C_CLKDIV_MUL / 2) - 1; + clkdiv = (sclk_freq / speed / RK_I2C_CLKDIV_MUL / 2) - 1; clkdiv &= RK_I2C_CLKDIVL_MASK; clkdiv = clkdiv << RK_I2C_CLKDIVH_SHIFT | clkdiv; @@ -417,7 +420,6 @@ rk_i2c_transfer(device_t dev, struct iic_msg *msgs, uint32_t nmsgs) /* Write slave address */ reg = msgs[i].slave | RK_I2C_MRXADDR_VALID(0); RK_I2C_WRITE(sc, RK_I2C_MRXADDR, reg); - /* Write slave register address */ for (j = 0, reg = 0; j < msgs[i].len; j++) { reg |= (msgs[i].buf[j] & 0xff) << (j * 8); @@ -509,6 +511,8 @@ rk_i2c_attach(device_t dev) return (ENXIO); } + clk_set_assigned(dev, ofw_bus_get_node(dev)); + /* Activate the module clocks. */ error = clk_get_by_ofw_name(dev, 0, "i2c", &sc->sclk); if (error != 0) { diff --git a/sys/arm64/rockchip/rk_pinctrl.c b/sys/arm64/rockchip/rk_pinctrl.c index 46d8a40a56fd..aed896027584 100644 --- a/sys/arm64/rockchip/rk_pinctrl.c +++ b/sys/arm64/rockchip/rk_pinctrl.c @@ -58,6 +58,9 @@ __FBSDID("$FreeBSD$"); #include "opt_soc.h" struct rk_pinctrl_pin_drive { + uint32_t bank; + uint32_t subbank; + uint32_t offset; uint32_t value; uint32_t ma; }; @@ -78,6 +81,8 @@ struct rk_pinctrl_pin_fixup { uint32_t mask; }; +struct rk_pinctrl_softc; + struct rk_pinctrl_conf { struct rk_pinctrl_bank *iomux_conf; uint32_t iomux_nbanks; @@ -85,14 +90,15 @@ struct rk_pinctrl_conf { uint32_t npin_fixup; struct rk_pinctrl_pin_drive *pin_drive; uint32_t npin_drive; - uint32_t pd_offset; - uint32_t drive_offset; + uint32_t (*get_pd_offset)(struct rk_pinctrl_softc *, uint32_t); + struct syscon *(*get_syscon)(struct rk_pinctrl_softc *, uint32_t); }; struct rk_pinctrl_softc { struct simplebus_softc simplebus_sc; device_t dev; struct syscon *grf; + struct syscon *pmu; struct rk_pinctrl_conf *conf; }; @@ -219,40 +225,319 @@ static struct rk_pinctrl_pin_fixup rk3328_pin_fixup[] = { }, }; +#define RK_PINDRIVE(_bank, _subbank, _offset, _value, _ma) \ + { \ + .bank = _bank, \ + .subbank = _subbank, \ + .offset = _offset, \ + .value = _value, \ + .ma = _ma, \ + }, + static struct rk_pinctrl_pin_drive rk3328_pin_drive[] = { + RK_PINDRIVE(0, 0, 0x200, 0, 2) + RK_PINDRIVE(0, 0, 0x200, 1, 4) + RK_PINDRIVE(0, 0, 0x200, 2, 8) + RK_PINDRIVE(0, 0, 0x200, 3, 12) + + RK_PINDRIVE(0, 1, 0x204, 0, 2) + RK_PINDRIVE(0, 1, 0x204, 1, 4) + RK_PINDRIVE(0, 1, 0x204, 2, 8) + RK_PINDRIVE(0, 1, 0x204, 3, 12) + + RK_PINDRIVE(0, 2, 0x208, 0, 2) + RK_PINDRIVE(0, 2, 0x208, 1, 4) + RK_PINDRIVE(0, 2, 0x208, 2, 8) + RK_PINDRIVE(0, 2, 0x208, 3, 12) + + RK_PINDRIVE(0, 3, 0x20C, 0, 2) + RK_PINDRIVE(0, 3, 0x20C, 1, 4) + RK_PINDRIVE(0, 3, 0x20C, 2, 8) + RK_PINDRIVE(0, 3, 0x20C, 3, 12) + + RK_PINDRIVE(1, 0, 0x210, 0, 2) + RK_PINDRIVE(1, 0, 0x210, 1, 4) + RK_PINDRIVE(1, 0, 0x210, 2, 8) + RK_PINDRIVE(1, 0, 0x210, 3, 12) + + RK_PINDRIVE(1, 1, 0x214, 0, 2) + RK_PINDRIVE(1, 1, 0x214, 1, 4) + RK_PINDRIVE(1, 1, 0x214, 2, 8) + RK_PINDRIVE(1, 1, 0x214, 3, 12) + + RK_PINDRIVE(1, 2, 0x218, 0, 2) + RK_PINDRIVE(1, 2, 0x218, 1, 4) + RK_PINDRIVE(1, 2, 0x218, 2, 8) + RK_PINDRIVE(1, 2, 0x218, 3, 12) + + RK_PINDRIVE(1, 3, 0x21C, 0, 2) + RK_PINDRIVE(1, 3, 0x21C, 1, 4) + RK_PINDRIVE(1, 3, 0x21C, 2, 8) + RK_PINDRIVE(1, 3, 0x21C, 3, 12) + + RK_PINDRIVE(2, 0, 0x220, 0, 2) + RK_PINDRIVE(2, 0, 0x220, 1, 4) + RK_PINDRIVE(2, 0, 0x220, 2, 8) + RK_PINDRIVE(2, 0, 0x220, 3, 12) + + RK_PINDRIVE(2, 1, 0x224, 0, 2) + RK_PINDRIVE(2, 1, 0x224, 1, 4) + RK_PINDRIVE(2, 1, 0x224, 2, 8) + RK_PINDRIVE(2, 1, 0x224, 3, 12) + + RK_PINDRIVE(2, 2, 0x228, 0, 2) + RK_PINDRIVE(2, 2, 0x228, 1, 4) + RK_PINDRIVE(2, 2, 0x228, 2, 8) + RK_PINDRIVE(2, 2, 0x228, 3, 12) + + RK_PINDRIVE(2, 3, 0x22C, 0, 2) + RK_PINDRIVE(2, 3, 0x22C, 1, 4) + RK_PINDRIVE(2, 3, 0x22C, 2, 8) + RK_PINDRIVE(2, 3, 0x22C, 3, 12) + + RK_PINDRIVE(3, 0, 0x230, 0, 2) + RK_PINDRIVE(3, 0, 0x230, 1, 4) + RK_PINDRIVE(3, 0, 0x230, 2, 8) + RK_PINDRIVE(3, 0, 0x230, 3, 12) + + RK_PINDRIVE(3, 1, 0x234, 0, 2) + RK_PINDRIVE(3, 1, 0x234, 1, 4) + RK_PINDRIVE(3, 1, 0x234, 2, 8) + RK_PINDRIVE(3, 1, 0x234, 3, 12) + + RK_PINDRIVE(3, 2, 0x238, 0, 2) + RK_PINDRIVE(3, 2, 0x238, 1, 4) + RK_PINDRIVE(3, 2, 0x238, 2, 8) + RK_PINDRIVE(3, 2, 0x238, 3, 12) + + RK_PINDRIVE(3, 3, 0x23C, 0, 2) + RK_PINDRIVE(3, 3, 0x23C, 1, 4) + RK_PINDRIVE(3, 3, 0x23C, 2, 8) + RK_PINDRIVE(3, 3, 0x23C, 3, 12) +}; + +static uint32_t +rk3328_get_pd_offset(struct rk_pinctrl_softc *sc, uint32_t bank) +{ + return (0x100); +} + +static struct syscon * +rk3328_get_syscon(struct rk_pinctrl_softc *sc, uint32_t bank) +{ + return (sc->grf); +} + +struct rk_pinctrl_conf rk3328_conf = { + .iomux_conf = rk3328_iomux_bank, + .iomux_nbanks = nitems(rk3328_iomux_bank), + .pin_fixup = rk3328_pin_fixup, + .npin_fixup = nitems(rk3328_pin_fixup), + .pin_drive = rk3328_pin_drive, + .npin_drive = nitems(rk3328_pin_drive), + .get_pd_offset = rk3328_get_pd_offset, + .get_syscon = rk3328_get_syscon, +}; + +static struct rk_pinctrl_bank rk3399_iomux_bank[] = { + { + .bank_num = 0, + .subbank_num = 0, + .offset = 0x00, + .nbits = 2, + }, + { + .bank_num = 0, + .subbank_num = 1, + .offset = 0x04, + .nbits = 2, + }, + { + .bank_num = 0, + .subbank_num = 2, + .offset = 0x08, + .nbits = 2, + }, + { + .bank_num = 0, + .subbank_num = 3, + .offset = 0x0c, + .nbits = 2, + }, + { + .bank_num = 1, + .subbank_num = 0, + .offset = 0x10, + .nbits = 2, + }, + { + .bank_num = 1, + .subbank_num = 1, + .offset = 0x14, + .nbits = 2, + }, { - .value = 0, - .ma = 2, + .bank_num = 1, + .subbank_num = 2, + .offset = 0x18, + .nbits = 2, }, { - .value = 1, - .ma = 4, + .bank_num = 1, + .subbank_num = 3, + .offset = 0x1c, + .nbits = 2, }, { - .value = 2, - .ma = 8, + .bank_num = 2, + .subbank_num = 0, + .offset = 0xe000, + .nbits = 2, }, { - .value = 3, - .ma = 12, + .bank_num = 2, + .subbank_num = 1, + .offset = 0xe004, + .nbits = 2, + }, + { + .bank_num = 2, + .subbank_num = 2, + .offset = 0xe008, + .nbits = 2, + }, + { + .bank_num = 2, + .subbank_num = 3, + .offset = 0xe00c, + .nbits = 2, + }, + { + .bank_num = 3, + .subbank_num = 0, + .offset = 0xe010, + .nbits = 2, + }, + { + .bank_num = 3, + .subbank_num = 1, + .offset = 0xe014, + .nbits = 2, + }, + { + .bank_num = 3, + .subbank_num = 2, + .offset = 0xe018, + .nbits = 2, + }, + { + .bank_num = 3, + .subbank_num = 3, + .offset = 0xe01c, + .nbits = 2, + }, + { + .bank_num = 4, + .subbank_num = 0, + .offset = 0xe020, + .nbits = 2, + }, + { + .bank_num = 4, + .subbank_num = 1, + .offset = 0xe024, + .nbits = 2, + }, + { + .bank_num = 4, + .subbank_num = 2, + .offset = 0xe028, + .nbits = 2, + }, + { + .bank_num = 4, + .subbank_num = 3, + .offset = 0xe02c, + .nbits = 2, }, }; -struct rk_pinctrl_conf rk3328_conf = { - .iomux_conf = rk3328_iomux_bank, - .iomux_nbanks = nitems(rk3328_iomux_bank), - .pin_fixup = rk3328_pin_fixup, - .npin_fixup = nitems(rk3328_pin_fixup), - .pin_drive = rk3328_pin_drive, - .npin_drive = nitems(rk3328_pin_drive), - .pd_offset = 0x100, - .drive_offset = 0x200, +static struct rk_pinctrl_pin_fixup rk3399_pin_fixup[] = {}; + +static struct rk_pinctrl_pin_drive rk3399_pin_drive[] = { + /* GPIO0A */ + RK_PINDRIVE(0, 0, 0x80, 0, 5) + RK_PINDRIVE(0, 0, 0x80, 1, 10) + RK_PINDRIVE(0, 0, 0x80, 2, 15) + RK_PINDRIVE(0, 0, 0x80, 3, 20) + + /* GPIOB */ + RK_PINDRIVE(0, 1, 0x88, 0, 5) + RK_PINDRIVE(0, 1, 0x88, 1, 10) + RK_PINDRIVE(0, 1, 0x88, 2, 15) + RK_PINDRIVE(0, 1, 0x88, 3, 20) + + /* GPIO1A */ + RK_PINDRIVE(1, 0, 0xA0, 0, 3) + RK_PINDRIVE(1, 0, 0xA0, 1, 6) + RK_PINDRIVE(1, 0, 0xA0, 2, 9) + RK_PINDRIVE(1, 0, 0xA0, 3, 12) + + /* GPIO1B */ + RK_PINDRIVE(1, 1, 0xA8, 0, 3) + RK_PINDRIVE(1, 1, 0xA8, 1, 6) + RK_PINDRIVE(1, 1, 0xA8, 2, 9) + RK_PINDRIVE(1, 1, 0xA8, 3, 12) + + /* GPIO1C */ + RK_PINDRIVE(1, 2, 0xB0, 0, 3) + RK_PINDRIVE(1, 2, 0xB0, 1, 6) + RK_PINDRIVE(1, 2, 0xB0, 2, 9) + RK_PINDRIVE(1, 2, 0xB0, 3, 12) + + /* GPIO1D */ + RK_PINDRIVE(1, 3, 0xB8, 0, 3) + RK_PINDRIVE(1, 3, 0xB8, 1, 6) + RK_PINDRIVE(1, 3, 0xB8, 2, 9) + RK_PINDRIVE(1, 3, 0xB8, 3, 12) +}; + +static uint32_t +rk3399_get_pd_offset(struct rk_pinctrl_softc *sc, uint32_t bank) +{ + if (bank < 2) + return (0x40); + + return (0xe040); +} + +static struct syscon * +rk3399_get_syscon(struct rk_pinctrl_softc *sc, uint32_t bank) +{ + if (bank < 2) + return (sc->pmu); + + return (sc->grf); +} + +struct rk_pinctrl_conf rk3399_conf = { + .iomux_conf = rk3399_iomux_bank, + .iomux_nbanks = nitems(rk3399_iomux_bank), + .pin_fixup = rk3399_pin_fixup, + .npin_fixup = nitems(rk3399_pin_fixup), + .pin_drive = rk3399_pin_drive, + .npin_drive = nitems(rk3399_pin_drive), + .get_pd_offset = rk3399_get_pd_offset, + .get_syscon = rk3399_get_syscon, }; static struct ofw_compat_data compat_data[] = { #ifdef SOC_ROCKCHIP_RK3328 {"rockchip,rk3328-pinctrl", (uintptr_t)&rk3328_conf}, #endif +#ifdef SOC_ROCKCHIP_RK3399 + {"rockchip,rk3399-pinctrl", (uintptr_t)&rk3399_conf}, +#endif {NULL, 0} }; @@ -270,7 +555,7 @@ rk_pinctrl_parse_bias(phandle_t node) } static int rk_pinctrl_parse_drive(struct rk_pinctrl_softc *sc, phandle_t node, - uint32_t *drive) + uint32_t bank, uint32_t subbank, uint32_t *drive, uint32_t *offset) { uint32_t value; int i; @@ -280,11 +565,15 @@ static int rk_pinctrl_parse_drive(struct rk_pinctrl_softc *sc, phandle_t node, return (-1); /* Map to the correct drive value */ - for (i = 0; i < sc->conf->npin_drive; i++) + for (i = 0; i < sc->conf->npin_drive; i++) { + if (sc->conf->pin_drive[i].bank != bank && + sc->conf->pin_drive[i].subbank != subbank) + continue; if (sc->conf->pin_drive[i].ma == value) { *drive = sc->conf->pin_drive[i].value; return (0); } + } return (-1); } @@ -310,6 +599,7 @@ static void rk_pinctrl_configure_pin(struct rk_pinctrl_softc *sc, uint32_t *pindata) { phandle_t pin_conf; + struct syscon *syscon; uint32_t bank, subbank, pin, function, bias; uint32_t bit, mask, reg, drive; int i; @@ -331,6 +621,9 @@ rk_pinctrl_configure_pin(struct rk_pinctrl_softc *sc, uint32_t *pindata) return; } + /* Find syscon */ + syscon = sc->conf->get_syscon(sc, bank); + /* Parse pin function */ reg = sc->conf->iomux_conf[i].offset; switch (sc->conf->iomux_conf[i].nbits) { @@ -347,27 +640,24 @@ rk_pinctrl_configure_pin(struct rk_pinctrl_softc *sc, uint32_t *pindata) break; } rk_pinctrl_get_fixup(sc, bank, pin, ®, &mask, &bit); - SYSCON_WRITE_4(sc->grf, reg, function << bit | mask); + SYSCON_WRITE_4(syscon, reg, function << bit | mask); /* Pull-Up/Down */ bias = rk_pinctrl_parse_bias(pin_conf); if (bias >= 0) { - reg = sc->conf->pd_offset; + reg = sc->conf->get_pd_offset(sc, bank); reg += bank * 0x10 + ((pin / 8) * 0x4); bit = (pin % 8) * 2; mask = (0x3 << bit) << 16; - SYSCON_WRITE_4(sc->grf, reg, bias << bit | mask); + SYSCON_WRITE_4(syscon, reg, bias << bit | mask); } /* Drive Strength */ - if (rk_pinctrl_parse_drive(sc, pin_conf, &drive) == 0) { - reg = sc->conf->drive_offset; - - reg += bank * 0x10 + ((pin / 8) * 0x4); + if (rk_pinctrl_parse_drive(sc, pin_conf, bank, subbank, &drive, ®) == 0) { bit = (pin % 8) * 2; mask = (0x3 << bit) << 16; - SYSCON_WRITE_4(sc->grf, reg, bias << bit | mask); + SYSCON_WRITE_4(syscon, reg, bias << bit | mask); } } @@ -426,6 +716,16 @@ rk_pinctrl_attach(device_t dev) return (ENXIO); } + // RK3399 has banks in PMU. RK3328 does not have a PMU. + if (ofw_bus_node_is_compatible(node, "rockchip,rk3399-pinctrl")) { + if (OF_hasprop(node, "rockchip,pmu") && + syscon_get_by_ofw_property(dev, node, + "rockchip,pmu", &sc->pmu) != 0) { + device_printf(dev, "cannot get pmu driver handle\n"); + return (ENXIO); + } + } + sc->conf = (struct rk_pinctrl_conf *)ofw_bus_search_compatible(dev, compat_data)->ocd_data; diff --git a/sys/cam/cam_iosched.c b/sys/cam/cam_iosched.c index 1818870436db..790ef4fa43b8 100644 --- a/sys/cam/cam_iosched.c +++ b/sys/cam/cam_iosched.c @@ -277,6 +277,10 @@ struct cam_iosched_softc { /* scheduler flags < 16, user flags >= 16 */ uint32_t flags; int sort_io_queue; + int trim_goal; /* # of trims to queue before sending */ + int trim_ticks; /* Max ticks to hold trims */ + int last_trim_tick; /* Last 'tick' time ld a trim */ + int queued_trims; /* Number of trims in the queue */ #ifdef CAM_IOSCHED_DYNAMIC int read_bias; /* Read bias setting */ int current_read_bias; /* Current read bias state */ @@ -751,6 +755,22 @@ cam_iosched_has_io(struct cam_iosched_softc *isc) static inline bool cam_iosched_has_more_trim(struct cam_iosched_softc *isc) { + + /* + * If we've set a trim_goal, then if we exceed that allow trims + * to be passed back to the driver. If we've also set a tick timeout + * allow trims back to the driver. Otherwise, don't allow trims yet. + */ + if (isc->trim_goal > 0) { + if (isc->queued_trims >= isc->trim_goal) + return true; + if (isc->queued_trims > 0 && + isc->trim_ticks > 0 && + ticks - isc->last_trim_tick > isc->trim_ticks) + return true; + return false; + } + return !(isc->flags & CAM_IOSCHED_FLAG_TRIM_ACTIVE) && bioq_first(&isc->trim_queue); } @@ -1131,14 +1151,21 @@ cam_iosched_fini(struct cam_iosched_softc *isc) void cam_iosched_sysctl_init(struct cam_iosched_softc *isc, struct sysctl_ctx_list *ctx, struct sysctl_oid *node) { -#ifdef CAM_IOSCHED_DYNAMIC struct sysctl_oid_list *n; -#endif - SYSCTL_ADD_INT(ctx, SYSCTL_CHILDREN(node), + n = SYSCTL_CHILDREN(node); + SYSCTL_ADD_INT(ctx, n, OID_AUTO, "sort_io_queue", CTLFLAG_RW | CTLFLAG_MPSAFE, &isc->sort_io_queue, 0, "Sort IO queue to try and optimise disk access patterns"); + SYSCTL_ADD_INT(ctx, n, + OID_AUTO, "trim_goal", CTLFLAG_RW, + &isc->trim_goal, 0, + "Number of trims to try to accumulate before sending to hardware"); + SYSCTL_ADD_INT(ctx, n, + OID_AUTO, "trim_ticks", CTLFLAG_RW, + &isc->trim_goal, 0, + "IO Schedul qaunta to hold back trims for when accumulating"); #ifdef CAM_IOSCHED_DYNAMIC if (!do_dynamic_iosched) @@ -1193,6 +1220,41 @@ cam_iosched_set_latfcn(struct cam_iosched_softc *isc, } /* + * Client drivers can set two parameters. "goal" is the number of BIO_DELETEs + * that will be queued up before iosched will "release" the trims to the client + * driver to wo with what they will (usually combine as many as possible). If we + * don't get this many, after trim_ticks we'll submit the I/O anyway with + * whatever we have. We do need an I/O of some kind of to clock the deferred + * trims out to disk. Since we will eventually get a write for the super block + * or something before we shutdown, the trims will complete. To be safe, when a + * BIO_FLUSH is presented to the iosched work queue, we set the ticks time far + * enough in the past so we'll present the BIO_DELETEs to the client driver. + * There might be a race if no BIO_DELETESs were queued, a BIO_FLUSH comes in + * and then a BIO_DELETE is sent down. No know client does this, and there's + * already a race between an ordered BIO_FLUSH and any BIO_DELETEs in flight, + * but no client depends on the ordering being honored. + * + * XXX I'm not sure what the interaction between UFS direct BIOs and the BUF + * flushing on shutdown. I think there's bufs that would be dependent on the BIO + * finishing to write out at least metadata, so we'll be fine. To be safe, keep + * the number of ticks low (less than maybe 10s) to avoid shutdown races. + */ + +void +cam_iosched_set_trim_goal(struct cam_iosched_softc *isc, int goal) +{ + + isc->trim_goal = goal; +} + +void +cam_iosched_set_trim_ticks(struct cam_iosched_softc *isc, int trim_ticks) +{ + + isc->trim_ticks = trim_ticks; +} + +/* * Flush outstanding I/O. Consumers of this library don't know all the * queues we may keep, so this allows all I/O to be flushed in one * convenient call. @@ -1240,7 +1302,7 @@ cam_iosched_get_write(struct cam_iosched_softc *isc) "Reads present and current_read_bias is %d queued " "writes %d queued reads %d\n", isc->current_read_bias, isc->write_stats.queued, - isc->read_stats.queued); + isc->read_stats.queued); isc->current_read_bias--; /* We're not limiting writes, per se, just doing reads first */ return NULL; @@ -1281,6 +1343,9 @@ void cam_iosched_put_back_trim(struct cam_iosched_softc *isc, struct bio *bp) { bioq_insert_head(&isc->trim_queue, bp); + if (isc->queued_trims == 0) + isc->last_trim_tick = ticks; + isc->queued_trims++; #ifdef CAM_IOSCHED_DYNAMIC isc->trim_stats.queued++; isc->trim_stats.total--; /* since we put it back, don't double count */ @@ -1304,6 +1369,8 @@ cam_iosched_next_trim(struct cam_iosched_softc *isc) if (bp == NULL) return NULL; bioq_remove(&isc->trim_queue, bp); + isc->queued_trims--; + isc->last_trim_tick = ticks; /* Reset the tick timer when we take trims */ #ifdef CAM_IOSCHED_DYNAMIC isc->trim_stats.queued--; isc->trim_stats.total++; @@ -1326,14 +1393,18 @@ cam_iosched_get_trim(struct cam_iosched_softc *isc) if (!cam_iosched_has_more_trim(isc)) return NULL; #ifdef CAM_IOSCHED_DYNAMIC + /* + * If pending read, prefer that based on current read bias setting. The + * read bias is shared for both writes and TRIMs, but on TRIMs the bias + * is for a combined TRIM not a single TRIM request that's come in. + */ if (do_dynamic_iosched) { - /* - * If pending read, prefer that based on current read bias - * setting. The read bias is shared for both writes and - * TRIMs, but on TRIMs the bias is for a combined TRIM - * not a single TRIM request that's come in. - */ if (bioq_first(&isc->bio_queue) && isc->current_read_bias) { + if (iosched_debug) + printf("Reads present and current_read_bias is %d" + " queued trims %d queued reads %d\n", + isc->current_read_bias, isc->trim_stats.queued, + isc->read_stats.queued); isc->current_read_bias--; /* We're not limiting TRIMS, per se, just doing reads first */ return NULL; @@ -1426,12 +1497,22 @@ cam_iosched_queue_work(struct cam_iosched_softc *isc, struct bio *bp) { /* - * Put all trims on the trim queue sorted, since we know - * that the collapsing code requires this. Otherwise put - * the work on the bio queue. + * If we get a BIO_FLUSH, and we're doing delayed BIO_DELETEs then we + * set the last tick time to one less than the current ticks minus the + * delay to force the BIO_DELETEs to be presented to the client driver. + */ + if (bp->bio_cmd == BIO_FLUSH && isc->trim_ticks > 0) + isc->last_trim_tick = ticks - isc->trim_ticks - 1; + + /* + * Put all trims on the trim queue. Otherwise put the work on the bio + * queue. */ if (bp->bio_cmd == BIO_DELETE) { bioq_insert_tail(&isc->trim_queue, bp); + if (isc->queued_trims == 0) + isc->last_trim_tick = ticks; + isc->queued_trims++; #ifdef CAM_IOSCHED_DYNAMIC isc->trim_stats.in++; isc->trim_stats.queued++; diff --git a/sys/cam/cam_iosched.h b/sys/cam/cam_iosched.h index 4fa7fe3b915e..49909351a45a 100644 --- a/sys/cam/cam_iosched.h +++ b/sys/cam/cam_iosched.h @@ -101,6 +101,7 @@ void cam_iosched_clr_work_flags(struct cam_iosched_softc *isc, uint32_t flags); void cam_iosched_trim_done(struct cam_iosched_softc *isc); int cam_iosched_bio_complete(struct cam_iosched_softc *isc, struct bio *bp, union ccb *done_ccb); void cam_iosched_set_latfcn(struct cam_iosched_softc *isc, cam_iosched_latfcn_t, void *); - +void cam_iosched_set_trim_goal(struct cam_iosched_softc *isc, int goal); +void cam_iosched_set_trim_ticks(struct cam_iosched_softc *isc, int ticks); #endif #endif diff --git a/sys/cam/cam_xpt.c b/sys/cam/cam_xpt.c index 3ce61e7f6198..0679ca9cea49 100644 --- a/sys/cam/cam_xpt.c +++ b/sys/cam/cam_xpt.c @@ -129,7 +129,7 @@ struct xpt_softc { TAILQ_HEAD(,cam_eb) xpt_busses; u_int bus_generation; - struct intr_config_hook *xpt_config_hook; + struct intr_config_hook xpt_config_hook; int boot_delay; struct callout boot_callout; @@ -982,17 +982,8 @@ xpt_init(void *dummy) /* * Register a callback for when interrupts are enabled. */ - xsoftc.xpt_config_hook = - (struct intr_config_hook *)malloc(sizeof(struct intr_config_hook), - M_CAMXPT, M_NOWAIT | M_ZERO); - if (xsoftc.xpt_config_hook == NULL) { - printf("xpt_init: Cannot malloc config hook " - "- failing attach\n"); - return (ENOMEM); - } - xsoftc.xpt_config_hook->ich_func = xpt_config; - if (config_intrhook_establish(xsoftc.xpt_config_hook) != 0) { - free (xsoftc.xpt_config_hook, M_CAMXPT); + xsoftc.xpt_config_hook.ich_func = xpt_config; + if (config_intrhook_establish(&xsoftc.xpt_config_hook) != 0) { printf("xpt_init: config_intrhook_establish failed " "- failing attach\n"); } @@ -5245,9 +5236,7 @@ xpt_finishconfig_task(void *context, int pending) xpt_for_all_devices(xptpassannouncefunc, NULL); /* Release our hook so that the boot can continue. */ - config_intrhook_disestablish(xsoftc.xpt_config_hook); - free(xsoftc.xpt_config_hook, M_CAMXPT); - xsoftc.xpt_config_hook = NULL; + config_intrhook_disestablish(&xsoftc.xpt_config_hook); free(context, M_CAMXPT); } diff --git a/sys/cam/scsi/scsi_da.c b/sys/cam/scsi/scsi_da.c index 9a52812fbf4c..423444094c30 100644 --- a/sys/cam/scsi/scsi_da.c +++ b/sys/cam/scsi/scsi_da.c @@ -2472,6 +2472,11 @@ daprobedone(struct cam_periph *periph, union ccb *ccb) printf("%s%d: %s\n", periph->periph_name, periph->unit_number, buf); } + if ((softc->disk->d_flags & DISKFLAG_WRITE_PROTECT) != 0 && + (softc->flags & DA_FLAG_ANNOUNCED) == 0) { + printf("%s%d: Write Protected\n", periph->periph_name, + periph->unit_number); + } /* * Since our peripheral may be invalidated by an error diff --git a/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/spa.c b/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/spa.c index 3a25d8463d33..64c52df2b029 100644 --- a/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/spa.c +++ b/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/spa.c @@ -615,9 +615,7 @@ spa_prop_validate(spa_t *spa, nvlist_t *props) /* * Must be ZPL, and its property settings - * must be supported by GRUB (compression - * is not gzip, and large blocks or large - * dnodes are not used). + * must be supported. */ if (dmu_objset_type(os) != DMU_OST_ZFS) { @@ -628,12 +626,6 @@ spa_prop_validate(spa_t *spa, nvlist_t *props) &propval)) == 0 && !BOOTFS_COMPRESS_VALID(propval)) { error = SET_ERROR(ENOTSUP); - } else if ((error = - dsl_prop_get_int_ds(dmu_objset_ds(os), - zfs_prop_to_name(ZFS_PROP_DNODESIZE), - &propval)) == 0 && - propval != ZFS_DNSIZE_LEGACY) { - error = SET_ERROR(ENOTSUP); } else { objnum = dmu_objset_id(os); } diff --git a/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_ioctl.c b/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_ioctl.c index e24e964f026a..3f6204c9bfb5 100644 --- a/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_ioctl.c +++ b/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_ioctl.c @@ -4208,16 +4208,6 @@ zfs_check_settable(const char *dsname, nvpair_t *pair, cred_t *cr) intval != ZFS_DNSIZE_LEGACY) { spa_t *spa; - /* - * If this is a bootable dataset then - * we don't allow large (>512B) dnodes, - * because GRUB doesn't support them. - */ - if (zfs_is_bootfs(dsname) && - intval != ZFS_DNSIZE_LEGACY) { - return (SET_ERROR(EDOM)); - } - if ((err = spa_open(dsname, &spa, FTAG)) != 0) return (err); diff --git a/sys/compat/cloudabi32/cloudabi32_module.c b/sys/compat/cloudabi32/cloudabi32_module.c index 001c673a7d7a..51beae7519ac 100644 --- a/sys/compat/cloudabi32/cloudabi32_module.c +++ b/sys/compat/cloudabi32/cloudabi32_module.c @@ -54,7 +54,7 @@ cloudabi32_copyout_strings(struct image_params *imgp) /* Copy out program arguments. */ args = imgp->args; - len = args->begin_envv - args->begin_argv; + len = exec_args_get_begin_envv(args) - args->begin_argv; begin = rounddown2(imgp->sysent->sv_usrstack - len, sizeof(register_t)); copyout(args->begin_argv, (void *)begin, len); return ((register_t *)begin); @@ -109,7 +109,8 @@ cloudabi32_fixup(register_t **stack_base, struct image_params *imgp) * exec_copyin_data_fds(). Undo this by reducing the length. */ args = (Elf32_Auxargs *)imgp->auxargs; - argdatalen = imgp->args->begin_envv - imgp->args->begin_argv; + argdatalen = exec_args_get_begin_envv(imgp->args) - + imgp->args->begin_argv; if (argdatalen > 0) --argdatalen; diff --git a/sys/compat/cloudabi64/cloudabi64_module.c b/sys/compat/cloudabi64/cloudabi64_module.c index 9c71b87b08f4..fd0be086aac3 100644 --- a/sys/compat/cloudabi64/cloudabi64_module.c +++ b/sys/compat/cloudabi64/cloudabi64_module.c @@ -54,7 +54,7 @@ cloudabi64_copyout_strings(struct image_params *imgp) /* Copy out program arguments. */ args = imgp->args; - len = args->begin_envv - args->begin_argv; + len = exec_args_get_begin_envv(args) - args->begin_argv; begin = rounddown2(imgp->sysent->sv_usrstack - len, sizeof(register_t)); copyout(args->begin_argv, (void *)begin, len); return ((register_t *)begin); @@ -109,7 +109,8 @@ cloudabi64_fixup(register_t **stack_base, struct image_params *imgp) * exec_copyin_data_fds(). Undo this by reducing the length. */ args = (Elf64_Auxargs *)imgp->auxargs; - argdatalen = imgp->args->begin_envv - imgp->args->begin_argv; + argdatalen = exec_args_get_begin_envv(imgp->args) - + imgp->args->begin_argv; if (argdatalen > 0) --argdatalen; diff --git a/sys/compat/freebsd32/freebsd32_misc.c b/sys/compat/freebsd32/freebsd32_misc.c index 3c2cdec819b0..d596eb4d6acf 100644 --- a/sys/compat/freebsd32/freebsd32_misc.c +++ b/sys/compat/freebsd32/freebsd32_misc.c @@ -337,7 +337,6 @@ freebsd32_exec_copyin_args(struct image_args *args, const char *fname, { char *argp, *envp; u_int32_t *p32, arg; - size_t length; int error; bzero(args, sizeof(*args)); @@ -355,19 +354,9 @@ freebsd32_exec_copyin_args(struct image_args *args, const char *fname, /* * Copy the file name. */ - if (fname != NULL) { - args->fname = args->buf; - error = (segflg == UIO_SYSSPACE) ? - copystr(fname, args->fname, PATH_MAX, &length) : - copyinstr(fname, args->fname, PATH_MAX, &length); - if (error != 0) - goto err_exit; - } else - length = 0; - - args->begin_argv = args->buf + length; - args->endp = args->begin_argv; - args->stringspace = ARG_MAX; + error = exec_args_add_fname(args, fname, segflg); + if (error != 0) + goto err_exit; /* * extract arguments first @@ -380,19 +369,11 @@ freebsd32_exec_copyin_args(struct image_args *args, const char *fname, if (arg == 0) break; argp = PTRIN(arg); - error = copyinstr(argp, args->endp, args->stringspace, &length); - if (error) { - if (error == ENAMETOOLONG) - error = E2BIG; + error = exec_args_add_arg(args, argp, UIO_USERSPACE); + if (error != 0) goto err_exit; - } - args->stringspace -= length; - args->endp += length; - args->argc++; } - args->begin_envv = args->endp; - /* * extract environment strings */ @@ -405,16 +386,9 @@ freebsd32_exec_copyin_args(struct image_args *args, const char *fname, if (arg == 0) break; envp = PTRIN(arg); - error = copyinstr(envp, args->endp, args->stringspace, - &length); - if (error) { - if (error == ENAMETOOLONG) - error = E2BIG; + error = exec_args_add_env(args, envp, UIO_USERSPACE); + if (error != 0) goto err_exit; - } - args->stringspace -= length; - args->endp += length; - args->envc++; } } diff --git a/sys/compat/freebsd32/freebsd32_syscall.h b/sys/compat/freebsd32/freebsd32_syscall.h index 9529b769969d..fe159abb7ca6 100644 --- a/sys/compat/freebsd32/freebsd32_syscall.h +++ b/sys/compat/freebsd32/freebsd32_syscall.h @@ -490,4 +490,8 @@ #define FREEBSD32_SYS_freebsd32_cpuset_getdomain 561 #define FREEBSD32_SYS_freebsd32_cpuset_setdomain 562 #define FREEBSD32_SYS_getrandom 563 -#define FREEBSD32_SYS_MAXSYSCALL 564 +#define FREEBSD32_SYS_getfhat 564 +#define FREEBSD32_SYS_fhlink 565 +#define FREEBSD32_SYS_fhlinkat 566 +#define FREEBSD32_SYS_fhreadlink 567 +#define FREEBSD32_SYS_MAXSYSCALL 568 diff --git a/sys/compat/freebsd32/freebsd32_syscalls.c b/sys/compat/freebsd32/freebsd32_syscalls.c index c6b14c8f027b..38a6de2849f8 100644 --- a/sys/compat/freebsd32/freebsd32_syscalls.c +++ b/sys/compat/freebsd32/freebsd32_syscalls.c @@ -600,4 +600,8 @@ const char *freebsd32_syscallnames[] = { "freebsd32_cpuset_getdomain", /* 561 = freebsd32_cpuset_getdomain */ "freebsd32_cpuset_setdomain", /* 562 = freebsd32_cpuset_setdomain */ "getrandom", /* 563 = getrandom */ + "getfhat", /* 564 = getfhat */ + "fhlink", /* 565 = fhlink */ + "fhlinkat", /* 566 = fhlinkat */ + "fhreadlink", /* 567 = fhreadlink */ }; diff --git a/sys/compat/freebsd32/freebsd32_sysent.c b/sys/compat/freebsd32/freebsd32_sysent.c index efc53374e48f..ab15c9fd6306 100644 --- a/sys/compat/freebsd32/freebsd32_sysent.c +++ b/sys/compat/freebsd32/freebsd32_sysent.c @@ -647,4 +647,8 @@ struct sysent freebsd32_sysent[] = { { AS(freebsd32_cpuset_getdomain_args), (sy_call_t *)freebsd32_cpuset_getdomain, AUE_NULL, NULL, 0, 0, 0, SY_THR_STATIC }, /* 561 = freebsd32_cpuset_getdomain */ { AS(freebsd32_cpuset_setdomain_args), (sy_call_t *)freebsd32_cpuset_setdomain, AUE_NULL, NULL, 0, 0, 0, SY_THR_STATIC }, /* 562 = freebsd32_cpuset_setdomain */ { AS(getrandom_args), (sy_call_t *)sys_getrandom, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, /* 563 = getrandom */ + { AS(getfhat_args), (sy_call_t *)sys_getfhat, AUE_NULL, NULL, 0, 0, 0, SY_THR_STATIC }, /* 564 = getfhat */ + { AS(fhlink_args), (sy_call_t *)sys_fhlink, AUE_NULL, NULL, 0, 0, 0, SY_THR_STATIC }, /* 565 = fhlink */ + { AS(fhlinkat_args), (sy_call_t *)sys_fhlinkat, AUE_NULL, NULL, 0, 0, 0, SY_THR_STATIC }, /* 566 = fhlinkat */ + { AS(fhreadlink_args), (sy_call_t *)sys_fhreadlink, AUE_NULL, NULL, 0, 0, 0, SY_THR_STATIC }, /* 567 = fhreadlink */ }; diff --git a/sys/compat/freebsd32/freebsd32_systrace_args.c b/sys/compat/freebsd32/freebsd32_systrace_args.c index efe526910d58..93fb82cb4615 100644 --- a/sys/compat/freebsd32/freebsd32_systrace_args.c +++ b/sys/compat/freebsd32/freebsd32_systrace_args.c @@ -3274,6 +3274,42 @@ systrace_args(int sysnum, void *params, uint64_t *uarg, int *n_args) *n_args = 3; break; } + /* getfhat */ + case 564: { + struct getfhat_args *p = params; + iarg[0] = p->fd; /* int */ + uarg[1] = (intptr_t) p->path; /* char * */ + uarg[2] = (intptr_t) p->fhp; /* struct fhandle * */ + iarg[3] = p->flags; /* int */ + *n_args = 4; + break; + } + /* fhlink */ + case 565: { + struct fhlink_args *p = params; + uarg[0] = (intptr_t) p->fhp; /* struct fhandle * */ + uarg[1] = (intptr_t) p->to; /* const char * */ + *n_args = 2; + break; + } + /* fhlinkat */ + case 566: { + struct fhlinkat_args *p = params; + uarg[0] = (intptr_t) p->fhp; /* struct fhandle * */ + iarg[1] = p->tofd; /* int */ + uarg[2] = (intptr_t) p->to; /* const char * */ + *n_args = 3; + break; + } + /* fhreadlink */ + case 567: { + struct fhreadlink_args *p = params; + uarg[0] = (intptr_t) p->fhp; /* struct fhandle * */ + uarg[1] = (intptr_t) p->buf; /* char * */ + uarg[2] = p->bufsize; /* size_t */ + *n_args = 3; + break; + } default: *n_args = 0; break; @@ -8805,6 +8841,70 @@ systrace_entry_setargdesc(int sysnum, int ndx, char *desc, size_t descsz) break; }; break; + /* getfhat */ + case 564: + switch(ndx) { + case 0: + p = "int"; + break; + case 1: + p = "userland char *"; + break; + case 2: + p = "userland struct fhandle *"; + break; + case 3: + p = "int"; + break; + default: + break; + }; + break; + /* fhlink */ + case 565: + switch(ndx) { + case 0: + p = "userland struct fhandle *"; + break; + case 1: + p = "userland const char *"; + break; + default: + break; + }; + break; + /* fhlinkat */ + case 566: + switch(ndx) { + case 0: + p = "userland struct fhandle *"; + break; + case 1: + p = "int"; + break; + case 2: + p = "userland const char *"; + break; + default: + break; + }; + break; + /* fhreadlink */ + case 567: + switch(ndx) { + case 0: + p = "userland struct fhandle *"; + break; + case 1: + p = "userland char *"; + break; + case 2: + p = "size_t"; + break; + default: + break; + }; + break; default: break; }; @@ -10654,6 +10754,26 @@ systrace_return_setargdesc(int sysnum, int ndx, char *desc, size_t descsz) if (ndx == 0 || ndx == 1) p = "int"; break; + /* getfhat */ + case 564: + if (ndx == 0 || ndx == 1) + p = "int"; + break; + /* fhlink */ + case 565: + if (ndx == 0 || ndx == 1) + p = "int"; + break; + /* fhlinkat */ + case 566: + if (ndx == 0 || ndx == 1) + p = "int"; + break; + /* fhreadlink */ + case 567: + if (ndx == 0 || ndx == 1) + p = "int"; + break; default: break; }; diff --git a/sys/compat/freebsd32/syscalls.master b/sys/compat/freebsd32/syscalls.master index c7d53ff7675d..567e5677d412 100644 --- a/sys/compat/freebsd32/syscalls.master +++ b/sys/compat/freebsd32/syscalls.master @@ -1138,5 +1138,12 @@ int policy); } 563 AUE_NULL NOPROTO { int getrandom(void *buf, size_t buflen, \ unsigned int flags); } +564 AUE_NULL NOPROTO { int getfhat( int fd, char *path, \ + struct fhandle *fhp, int flags); } +565 AUE_NULL NOPROTO { int fhlink( struct fhandle *fhp, const char *to ); } +566 AUE_NULL NOPROTO { int fhlinkat( struct fhandle *fhp, int tofd, \ + const char *to); } +567 AUE_NULL NOPROTO { int fhreadlink( struct fhandle *fhp, char *buf, \ + size_t bufsize); } ; vim: syntax=off diff --git a/sys/compat/linuxkpi/common/include/asm/atomic-long.h b/sys/compat/linuxkpi/common/include/asm/atomic-long.h index d7f839f2541f..ee24c9a8f333 100644 --- a/sys/compat/linuxkpi/common/include/asm/atomic-long.h +++ b/sys/compat/linuxkpi/common/include/asm/atomic-long.h @@ -78,7 +78,15 @@ atomic_long_dec(atomic_long_t *v) static inline long atomic_long_xchg(atomic_long_t *v, long val) { +#if defined(__i386__) || defined(__amd64__) || defined(__aarch64__) return atomic_swap_long(&v->counter, val); +#else + long ret = atomic_long_read(v); + + while (!atomic_fcmpset_long(&v->counter, &ret, val)) + ; + return (ret); +#endif } static inline long diff --git a/sys/compat/linuxkpi/common/include/linux/cdev.h b/sys/compat/linuxkpi/common/include/linux/cdev.h index 045c16d5da0c..1b5f66edd759 100644 --- a/sys/compat/linuxkpi/common/include/linux/cdev.h +++ b/sys/compat/linuxkpi/common/include/linux/cdev.h @@ -36,6 +36,8 @@ #include <linux/kdev_t.h> #include <linux/list.h> +#include <asm/atomic-long.h> + struct file_operations; struct inode; struct module; @@ -50,6 +52,7 @@ struct linux_cdev { struct cdev *cdev; dev_t dev; const struct file_operations *ops; + atomic_long_t refs; }; static inline void @@ -58,6 +61,7 @@ cdev_init(struct linux_cdev *cdev, const struct file_operations *ops) kobject_init(&cdev->kobj, &linux_cdev_static_ktype); cdev->ops = ops; + atomic_long_set(&cdev->refs, 0); } static inline struct linux_cdev * @@ -130,13 +134,13 @@ cdev_add_ext(struct linux_cdev *cdev, dev_t dev, uid_t uid, gid_t gid, int mode) return (0); } +void linux_destroy_dev(struct linux_cdev *); + static inline void cdev_del(struct linux_cdev *cdev) { - if (cdev->cdev) { - destroy_dev(cdev->cdev); - cdev->cdev = NULL; - } + + linux_destroy_dev(cdev); kobject_put(&cdev->kobj); } diff --git a/sys/compat/linuxkpi/common/include/linux/fs.h b/sys/compat/linuxkpi/common/include/linux/fs.h index 0b82db7be17f..0889be6efe70 100644 --- a/sys/compat/linuxkpi/common/include/linux/fs.h +++ b/sys/compat/linuxkpi/common/include/linux/fs.h @@ -2,7 +2,7 @@ * Copyright (c) 2010 Isilon Systems, Inc. * Copyright (c) 2010 iX Systems, Inc. * Copyright (c) 2010 Panasas, Inc. - * Copyright (c) 2013-2017 Mellanox Technologies, Ltd. + * Copyright (c) 2013-2018 Mellanox Technologies, Ltd. * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -55,6 +55,7 @@ struct vm_area_struct; struct poll_table_struct; struct files_struct; struct pfs_node; +struct linux_cdev; #define inode vnode #define i_cdev v_rdev @@ -105,6 +106,9 @@ struct linux_file { /* protects f_selinfo.si_note */ spinlock_t f_kqlock; struct linux_file_wait_queue f_wait_queue; + + /* pointer to associated character device, if any */ + struct linux_cdev *f_cdev; }; #define file linux_file diff --git a/sys/compat/linuxkpi/common/include/linux/idr.h b/sys/compat/linuxkpi/common/include/linux/idr.h index 3018f393ed35..51219087cb98 100644 --- a/sys/compat/linuxkpi/common/include/linux/idr.h +++ b/sys/compat/linuxkpi/common/include/linux/idr.h @@ -122,7 +122,15 @@ void ida_simple_remove(struct ida *ida, unsigned int id); static inline int ida_get_new(struct ida *ida, int *p_id) { + return (ida_get_new_above(ida, 0, p_id)); } +static inline bool +ida_is_empty(struct ida *ida) +{ + + return (idr_is_empty(&ida->idr)); +} + #endif /* _LINUX_IDR_H_ */ diff --git a/sys/compat/linuxkpi/common/include/linux/inetdevice.h b/sys/compat/linuxkpi/common/include/linux/inetdevice.h index bffb938af76c..e47fe43d2f9f 100644 --- a/sys/compat/linuxkpi/common/include/linux/inetdevice.h +++ b/sys/compat/linuxkpi/common/include/linux/inetdevice.h @@ -59,37 +59,32 @@ ip_dev_find(struct vnet *vnet, uint32_t addr) } static inline struct net_device * -ip6_dev_find(struct vnet *vnet, struct in6_addr addr) +ip6_dev_find(struct vnet *vnet, struct in6_addr addr, uint16_t scope_id) { struct sockaddr_in6 sin6; - struct ifaddr *ifa = NULL; - struct ifnet *ifp = NULL; - int x; + struct ifaddr *ifa; + struct ifnet *ifp; memset(&sin6, 0, sizeof(sin6)); sin6.sin6_addr = addr; sin6.sin6_len = sizeof(sin6); sin6.sin6_family = AF_INET6; - NET_EPOCH_ENTER(); - CURVNET_SET_QUIET(vnet); if (IN6_IS_SCOPE_LINKLOCAL(&addr) || IN6_IS_ADDR_MC_INTFACELOCAL(&addr)) { - /* XXX need to search all scope ID's */ - for (x = 0; x <= V_if_index && x < 65536; x++) { - sin6.sin6_addr.s6_addr16[1] = htons(x); - ifa = ifa_ifwithaddr((struct sockaddr *)&sin6); - if (ifa != NULL) - break; - } - } else { - ifa = ifa_ifwithaddr((struct sockaddr *)&sin6); + /* embed the IPv6 scope ID */ + sin6.sin6_addr.s6_addr16[1] = htons(scope_id); } + NET_EPOCH_ENTER(); + CURVNET_SET_QUIET(vnet); + ifa = ifa_ifwithaddr((struct sockaddr *)&sin6); + CURVNET_RESTORE(); if (ifa != NULL) { ifp = ifa->ifa_ifp; if_ref(ifp); + } else { + ifp = NULL; } NET_EPOCH_EXIT(); - CURVNET_RESTORE(); return (ifp); } diff --git a/sys/compat/linuxkpi/common/include/linux/netdevice.h b/sys/compat/linuxkpi/common/include/linux/netdevice.h index c3546a1f456f..141d71c7ff39 100644 --- a/sys/compat/linuxkpi/common/include/linux/netdevice.h +++ b/sys/compat/linuxkpi/common/include/linux/netdevice.h @@ -77,7 +77,7 @@ dev_get_by_index(struct vnet *vnet, int if_index) #define netif_running(dev) !!((dev)->if_drv_flags & IFF_DRV_RUNNING) #define netif_oper_up(dev) !!((dev)->if_flags & IFF_UP) -#define netif_carrier_ok(dev) netif_running(dev) +#define netif_carrier_ok(dev) ((dev)->if_link_state == LINK_STATE_UP) static inline void * netdev_priv(const struct net_device *dev) diff --git a/sys/compat/linuxkpi/common/include/linux/pci.h b/sys/compat/linuxkpi/common/include/linux/pci.h index 446d2869006a..a83278923427 100644 --- a/sys/compat/linuxkpi/common/include/linux/pci.h +++ b/sys/compat/linuxkpi/common/include/linux/pci.h @@ -601,9 +601,11 @@ pci_enable_msix_range(struct pci_dev *dev, struct msix_entry *entries, return (nvec); } -static inline int pci_channel_offline(struct pci_dev *pdev) +static inline int +pci_channel_offline(struct pci_dev *pdev) { - return false; + + return (pci_get_vendor(pdev->dev.bsddev) == 0xffff); } static inline int pci_enable_sriov(struct pci_dev *dev, int nr_virtfn) diff --git a/sys/compat/linuxkpi/common/src/linux_compat.c b/sys/compat/linuxkpi/common/src/linux_compat.c index 1cae0fcf1427..a93e087cb14c 100644 --- a/sys/compat/linuxkpi/common/src/linux_compat.c +++ b/sys/compat/linuxkpi/common/src/linux_compat.c @@ -49,6 +49,7 @@ __FBSDID("$FreeBSD$"); #include <sys/rwlock.h> #include <sys/mman.h> #include <sys/stack.h> +#include <sys/user.h> #include <vm/vm.h> #include <vm/pmap.h> @@ -698,12 +699,20 @@ linux_dev_fdopen(struct cdev *dev, int fflags, struct thread *td, struct file *f filp->f_flags = file->f_flag; filp->f_vnode = file->f_vnode; filp->_file = file; + filp->f_cdev = ldev; linux_set_current(td); + /* get a reference on the Linux character device */ + if (atomic_long_add_unless(&ldev->refs, 1, -1L) == 0) { + kfree(filp); + return (EINVAL); + } + if (filp->f_op->open) { error = -filp->f_op->open(file->f_vnode, filp); if (error) { + atomic_long_dec(&ldev->refs); kfree(filp); return (error); } @@ -1395,6 +1404,10 @@ linux_file_close(struct file *file, struct thread *td) funsetown(&filp->f_sigio); if (filp->f_vnode != NULL) vdrop(filp->f_vnode); + if (filp->f_cdev != NULL) { + /* put a reference on the Linux character device */ + atomic_long_dec(&filp->f_cdev->refs); + } kfree(filp); return (error); @@ -1546,8 +1559,24 @@ static int linux_file_fill_kinfo(struct file *fp, struct kinfo_file *kif, struct filedesc *fdp) { + struct linux_file *filp; + struct vnode *vp; + int error; - return (0); + filp = fp->f_data; + vp = filp->f_vnode; + if (vp == NULL) { + error = 0; + kif->kf_type = KF_TYPE_DEV; + } else { + vref(vp); + FILEDESC_SUNLOCK(fdp); + error = vn_fill_kinfo_vnode(vp, kif); + vrele(vp); + kif->kf_type = KF_TYPE_VNODE; + FILEDESC_SLOCK(fdp); + } + return (error); } unsigned int @@ -1930,8 +1959,7 @@ linux_cdev_release(struct kobject *kobj) cdev = container_of(kobj, struct linux_cdev, kobj); parent = kobj->parent; - if (cdev->cdev) - destroy_dev(cdev->cdev); + linux_destroy_dev(cdev); kfree(cdev); kobject_put(parent); } @@ -1944,11 +1972,27 @@ linux_cdev_static_release(struct kobject *kobj) cdev = container_of(kobj, struct linux_cdev, kobj); parent = kobj->parent; - if (cdev->cdev) - destroy_dev(cdev->cdev); + linux_destroy_dev(cdev); kobject_put(parent); } +void +linux_destroy_dev(struct linux_cdev *cdev) +{ + + if (cdev->cdev == NULL) + return; + + atomic_long_dec(&cdev->refs); + + /* wait for all open files to be closed */ + while (atomic_long_read(&cdev->refs) != -1L) + pause("ldevdrn", hz); + + destroy_dev(cdev->cdev); + cdev->cdev = NULL; +} + const struct kobj_type linux_cdev_ktype = { .release = linux_cdev_release, }; diff --git a/sys/compat/linuxkpi/common/src/linux_pci.c b/sys/compat/linuxkpi/common/src/linux_pci.c index 0c3d82550106..899256bdacc8 100644 --- a/sys/compat/linuxkpi/common/src/linux_pci.c +++ b/sys/compat/linuxkpi/common/src/linux_pci.c @@ -199,6 +199,7 @@ linux_pci_detach(device_t dev) spin_lock(&pci_lock); list_del(&pdev->links); spin_unlock(&pci_lock); + device_set_desc(dev, NULL); put_device(&pdev->dev); return (0); diff --git a/sys/conf/files b/sys/conf/files index f2c5498d455a..df7cf0d2e3d6 100644 --- a/sys/conf/files +++ b/sys/conf/files @@ -1382,6 +1382,8 @@ dev/cxgb/sys/uipc_mvec.c optional cxgb pci \ compile-with "${NORMAL_C} -I$S/dev/cxgb" dev/cxgb/cxgb_t3fw.c optional cxgb cxgb_t3fw \ compile-with "${NORMAL_C} -I$S/dev/cxgb" +dev/cxgbe/t4_clip.c optional cxgbe pci \ + compile-with "${NORMAL_C} -I$S/dev/cxgbe" dev/cxgbe/t4_filter.c optional cxgbe pci \ compile-with "${NORMAL_C} -I$S/dev/cxgbe" dev/cxgbe/t4_if.m optional cxgbe pci @@ -1825,6 +1827,7 @@ dev/iicbus/ds13rtc.c optional ds13rtc | ds133x | ds1374 dev/iicbus/ds1672.c optional ds1672 dev/iicbus/ds3231.c optional ds3231 dev/iicbus/rtc8583.c optional rtc8583 +dev/iicbus/syr827.c optional ext_resources syr827 dev/iicbus/icee.c optional icee dev/iicbus/if_ic.c optional ic dev/iicbus/iic.c optional iic @@ -2515,17 +2518,19 @@ dev/nand/nandsim_swap.c optional nandsim nand dev/nand/nfc_if.m optional nand dev/netmap/if_ptnet.c optional netmap inet dev/netmap/netmap.c optional netmap +dev/netmap/netmap_bdg.c optional netmap dev/netmap/netmap_freebsd.c optional netmap dev/netmap/netmap_generic.c optional netmap +dev/netmap/netmap_kloop.c optional netmap +dev/netmap/netmap_legacy.c optional netmap dev/netmap/netmap_mbq.c optional netmap dev/netmap/netmap_mem2.c optional netmap dev/netmap/netmap_monitor.c optional netmap +dev/netmap/netmap_null.c optional netmap dev/netmap/netmap_offloadings.c optional netmap dev/netmap/netmap_pipe.c optional netmap dev/netmap/netmap_pt.c optional netmap dev/netmap/netmap_vale.c optional netmap -dev/netmap/netmap_legacy.c optional netmap -dev/netmap/netmap_bdg.c optional netmap # compile-with "${NORMAL_C} -Wconversion -Wextra" dev/nfsmb/nfsmb.c optional nfsmb pci dev/nge/if_nge.c optional nge @@ -3283,7 +3288,7 @@ dev/usb/net/if_urndis.c optional urndis dev/usb/net/ruephy.c optional rue dev/usb/net/usb_ethernet.c optional uether | aue | axe | axge | cdce | \ cue | ipheth | kue | mos | rue | \ - smsc | udav | ure | urndis + smsc | udav | ure | urndis | muge dev/usb/net/uhso.c optional uhso # # USB WLAN drivers @@ -4056,7 +4061,6 @@ libkern/timingsafe_bcmp.c standard libkern/zlib.c optional crypto | geom_uzip | ipsec | \ ipsec_support | mxge | netgraph_deflate | ddb_ctf | gzio net/altq/altq_cbq.c optional altq -net/altq/altq_cdnr.c optional altq net/altq/altq_codel.c optional altq net/altq/altq_hfsc.c optional altq net/altq/altq_fairq.c optional altq @@ -4769,6 +4773,8 @@ dev/mlx5/mlx5_core/mlx5_vsc.c optional mlx5 pci \ compile-with "${OFED_C}" dev/mlx5/mlx5_core/mlx5_wq.c optional mlx5 pci \ compile-with "${OFED_C}" +dev/mlx5/mlx5_lib/mlx5_gid.c optional mlx5 pci \ + compile-with "${OFED_C}" dev/mlx5/mlx5_en/mlx5_en_ethtool.c optional mlx5en pci inet inet6 \ compile-with "${OFED_C}" diff --git a/sys/conf/files.amd64 b/sys/conf/files.amd64 index 8c09cf6617a0..8722cdeb4be5 100644 --- a/sys/conf/files.amd64 +++ b/sys/conf/files.amd64 @@ -203,6 +203,7 @@ dev/acpica/acpi_pci_link.c optional acpi pci dev/acpica/acpi_pcib.c optional acpi pci dev/acpica/acpi_pcib_acpi.c optional acpi pci dev/acpica/acpi_pcib_pci.c optional acpi pci +dev/acpica/acpi_pxm.c optional acpi dev/acpica/acpi_timer.c optional acpi dev/acpi_support/acpi_wmi_if.m standard dev/agp/agp_amd64.c optional agp @@ -413,6 +414,7 @@ dev/qlnx/qlnxe/qlnx_os.c optional qlnxe pci \ compile-with "${LINUXKPI_C}" dev/sfxge/common/ef10_ev.c optional sfxge pci dev/sfxge/common/ef10_filter.c optional sfxge pci +dev/sfxge/common/ef10_image.c optional sfxge pci dev/sfxge/common/ef10_intr.c optional sfxge pci dev/sfxge/common/ef10_mac.c optional sfxge pci dev/sfxge/common/ef10_mcdi.c optional sfxge pci @@ -438,11 +440,13 @@ dev/sfxge/common/efx_phy.c optional sfxge pci dev/sfxge/common/efx_port.c optional sfxge pci dev/sfxge/common/efx_rx.c optional sfxge pci dev/sfxge/common/efx_sram.c optional sfxge pci +dev/sfxge/common/efx_tunnel.c optional sfxge pci dev/sfxge/common/efx_tx.c optional sfxge pci dev/sfxge/common/efx_vpd.c optional sfxge pci dev/sfxge/common/hunt_nic.c optional sfxge pci dev/sfxge/common/mcdi_mon.c optional sfxge pci dev/sfxge/common/medford_nic.c optional sfxge pci +dev/sfxge/common/medford2_nic.c optional sfxge pci dev/sfxge/common/siena_mac.c optional sfxge pci dev/sfxge/common/siena_mcdi.c optional sfxge pci dev/sfxge/common/siena_nic.c optional sfxge pci diff --git a/sys/conf/files.arm64 b/sys/conf/files.arm64 index 010fbc7460c7..81f23062e5d0 100644 --- a/sys/conf/files.arm64 +++ b/sys/conf/files.arm64 @@ -188,6 +188,7 @@ dev/acpica/acpi_bus_if.m optional acpi dev/acpica/acpi_if.m optional acpi dev/acpica/acpi_pci_link.c optional acpi pci dev/acpica/acpi_pcib.c optional acpi pci +dev/acpica/acpi_pxm.c optional acpi dev/ahci/ahci_generic.c optional ahci dev/axgbe/if_axgbe.c optional axgbe dev/axgbe/xgbe-desc.c optional axgbe @@ -252,17 +253,20 @@ cddl/dev/dtrace/aarch64/dtrace_asm.S optional dtrace compile-with "${DTRACE_S} cddl/dev/dtrace/aarch64/dtrace_subr.c optional dtrace compile-with "${DTRACE_C}" cddl/dev/fbt/aarch64/fbt_isa.c optional dtrace_fbt | dtraceall compile-with "${FBT_C}" -arm64/rockchip/rk_i2c.c optional rk_i2c fdt soc_rockchip_rk3328 -arm64/rockchip/rk_grf.c optional fdt soc_rockchip_rk3328 -arm64/rockchip/rk_pinctrl.c optional fdt soc_rockchip_rk3328 -arm64/rockchip/rk_gpio.c optional fdt soc_rockchip_rk3328 -arm64/rockchip/clk/rk_cru.c optional fdt soc_rockchip_rk3328 -arm64/rockchip/clk/rk_clk_armclk.c optional fdt soc_rockchip_rk3328 -arm64/rockchip/clk/rk_clk_composite.c optional fdt soc_rockchip_rk3328 -arm64/rockchip/clk/rk_clk_gate.c optional fdt soc_rockchip_rk3328 -arm64/rockchip/clk/rk_clk_mux.c optional fdt soc_rockchip_rk3328 -arm64/rockchip/clk/rk_clk_pll.c optional fdt soc_rockchip_rk3328 +arm64/rockchip/rk_i2c.c optional rk_i2c fdt soc_rockchip_rk3328 soc_rockchip_rk3399 +arm64/rockchip/rk805.c optional rk805 fdt soc_rockchip_rk3328 +arm64/rockchip/rk_grf.c optional fdt soc_rockchip_rk3328 soc_rockchip_rk3399 +arm64/rockchip/rk_pinctrl.c optional fdt soc_rockchip_rk3328 soc_rockchip_rk3399 +arm64/rockchip/rk_gpio.c optional fdt soc_rockchip_rk3328 soc_rockchip_rk3399 +arm64/rockchip/clk/rk_cru.c optional fdt soc_rockchip_rk3328 soc_rockchip_rk3399 +arm64/rockchip/clk/rk_clk_armclk.c optional fdt soc_rockchip_rk3328 soc_rockchip_rk3399 +arm64/rockchip/clk/rk_clk_composite.c optional fdt soc_rockchip_rk3328 soc_rockchip_rk3399 +arm64/rockchip/clk/rk_clk_gate.c optional fdt soc_rockchip_rk3328 soc_rockchip_rk3399 +arm64/rockchip/clk/rk_clk_mux.c optional fdt soc_rockchip_rk3328 soc_rockchip_rk3399 +arm64/rockchip/clk/rk_clk_pll.c optional fdt soc_rockchip_rk3328 soc_rockchip_rk3399 arm64/rockchip/clk/rk3328_cru.c optional fdt soc_rockchip_rk3328 -arm64/rockchip/if_dwc_rk.c optional dwc_rk fdt soc_rockchip_rk3328 +arm64/rockchip/clk/rk3399_cru.c optional fdt soc_rockchip_rk3399 +arm64/rockchip/clk/rk3399_pmucru.c optional fdt soc_rockchip_rk3399 +arm64/rockchip/if_dwc_rk.c optional dwc_rk fdt soc_rockchip_rk3328 soc_rockchip_rk3399 dev/dwc/if_dwc.c optional dwc_rk dev/dwc/if_dwc_if.m optional dwc_rk diff --git a/sys/conf/files.i386 b/sys/conf/files.i386 index cf432355056f..08d987586a74 100644 --- a/sys/conf/files.i386 +++ b/sys/conf/files.i386 @@ -332,6 +332,7 @@ dev/vmware/vmci/vmci_resource.c optional vmci dev/acpica/acpi_if.m standard dev/acpica/acpi_hpet.c optional acpi dev/acpica/acpi_timer.c optional acpi +dev/acpica/acpi_pxm.c optional acpi dev/acpi_support/acpi_wmi_if.m standard dev/wbwd/wbwd.c optional wbwd dev/isci/isci.c optional isci diff --git a/sys/conf/newvers.sh b/sys/conf/newvers.sh index a2c8c1ccebda..643ccb73fb32 100644 --- a/sys/conf/newvers.sh +++ b/sys/conf/newvers.sh @@ -86,7 +86,7 @@ git_tree_modified() local fifo fifo=$(mktemp -u) - mkfifo -m 600 $fifo + mkfifo -m 600 $fifo || exit 1 $git_cmd --work-tree=${VCSTOP} diff-index HEAD > $fifo & while read smode dmode ssha dsha status file; do if ! expr $dsha : '^00*$' >/dev/null; then diff --git a/sys/conf/options.arm64 b/sys/conf/options.arm64 index 8abe09fae999..2de222a6e218 100644 --- a/sys/conf/options.arm64 +++ b/sys/conf/options.arm64 @@ -20,4 +20,5 @@ SOC_BRCM_BCM2837 opt_soc.h SOC_CAVM_THUNDERX opt_soc.h SOC_HISI_HI6220 opt_soc.h SOC_ROCKCHIP_RK3328 opt_soc.h +SOC_ROCKCHIP_RK3399 opt_soc.h SOC_XILINX_ZYNQ opt_soc.h diff --git a/sys/contrib/ck/include/gcc/sparcv9/ck_pr.h b/sys/contrib/ck/include/gcc/sparcv9/ck_pr.h index 7dc7172557b6..b60e199d3dc5 100644 --- a/sys/contrib/ck/include/gcc/sparcv9/ck_pr.h +++ b/sys/contrib/ck/include/gcc/sparcv9/ck_pr.h @@ -136,11 +136,26 @@ CK_PR_STORE_S(int, int, "stsw") #undef CK_PR_STORE_S #undef CK_PR_STORE +/* Use the appropriate address space for atomics within the FreeBSD kernel. */ +#if defined(__FreeBSD__) && defined(_KERNEL) +#include <sys/cdefs.h> +#include <machine/atomic.h> +#define CK_PR_INS_CAS "casa" +#define CK_PR_INS_CASX "casxa" +#define CK_PR_INS_SWAP "swapa" +#define CK_PR_ASI_ATOMIC __XSTRING(__ASI_ATOMIC) +#else +#define CK_PR_INS_CAS "cas" +#define CK_PR_INS_CASX "casx" +#define CK_PR_INS_SWAP "swap" +#define CK_PR_ASI_ATOMIC "" +#endif + CK_CC_INLINE static bool ck_pr_cas_64_value(uint64_t *target, uint64_t compare, uint64_t set, uint64_t *value) { - __asm__ __volatile__("casx [%1], %2, %0" + __asm__ __volatile__(CK_PR_INS_CASX " [%1] " CK_PR_ASI_ATOMIC ", %2, %0" : "+&r" (set) : "r" (target), "r" (compare) @@ -154,7 +169,7 @@ CK_CC_INLINE static bool ck_pr_cas_64(uint64_t *target, uint64_t compare, uint64_t set) { - __asm__ __volatile__("casx [%1], %2, %0" + __asm__ __volatile__(CK_PR_INS_CASX " [%1] " CK_PR_ASI_ATOMIC ", %2, %0" : "+&r" (set) : "r" (target), "r" (compare) @@ -181,7 +196,7 @@ ck_pr_cas_ptr_value(void *target, void *compare, void *set, void *previous) CK_CC_INLINE static bool \ ck_pr_cas_##N##_value(T *target, T compare, T set, T *value) \ { \ - __asm__ __volatile__("cas [%1], %2, %0" \ + __asm__ __volatile__(CK_PR_INS_CAS " [%1] " CK_PR_ASI_ATOMIC ", %2, %0" \ : "+&r" (set) \ : "r" (target), \ "r" (compare) \ @@ -192,7 +207,7 @@ ck_pr_cas_ptr_value(void *target, void *compare, void *set, void *previous) CK_CC_INLINE static bool \ ck_pr_cas_##N(T *target, T compare, T set) \ { \ - __asm__ __volatile__("cas [%1], %2, %0" \ + __asm__ __volatile__(CK_PR_INS_CAS " [%1] " CK_PR_ASI_ATOMIC ", %2, %0" \ : "+&r" (set) \ : "r" (target), \ "r" (compare) \ @@ -211,7 +226,7 @@ CK_PR_CAS(int, int) ck_pr_fas_##N(T *target, T update) \ { \ \ - __asm__ __volatile__("swap [%1], %0" \ + __asm__ __volatile__(CK_PR_INS_SWAP " [%1] " CK_PR_ASI_ATOMIC ", %0" \ : "+&r" (update) \ : "r" (target) \ : "memory"); \ @@ -224,5 +239,10 @@ CK_PR_FAS(32, uint32_t) #undef CK_PR_FAS +#undef CK_PR_INS_CAS +#undef CK_PR_INS_CASX +#undef CK_PR_INS_SWAP +#undef CK_PR_ASI_ATOMIC + #endif /* CK_PR_SPARCV9_H */ diff --git a/sys/contrib/ipfilter/netinet/ip_compat.h b/sys/contrib/ipfilter/netinet/ip_compat.h index 0c583b71d363..e1370342d023 100644 --- a/sys/contrib/ipfilter/netinet/ip_compat.h +++ b/sys/contrib/ipfilter/netinet/ip_compat.h @@ -758,16 +758,6 @@ typedef struct tcpiphdr tcpiphdr_t; #endif #define IPMINLEN(i, h) ((i)->ip_len >= (IP_HL(i) * 4 + sizeof(struct h))) - -/* - * XXX - This is one of those *awful* hacks which nobody likes - */ -#ifdef ultrix -#define A_A -#else -#define A_A & -#endif - #define TCPF_ALL (TH_FIN|TH_SYN|TH_RST|TH_PUSH|TH_ACK|TH_URG|\ TH_ECN|TH_CWR) @@ -1411,10 +1401,6 @@ typedef struct tcpiphdr tcpiphdr_t; #undef ICMP_MAXTYPE #define ICMP_MAXTYPE 18 -#ifndef IFNAMSIZ -#define IFNAMSIZ 16 -#endif - #ifndef LOG_FTP # define LOG_FTP (11<<3) #endif diff --git a/sys/contrib/ipfilter/netinet/ip_fil.h b/sys/contrib/ipfilter/netinet/ip_fil.h index 35d7f6af1c8c..5e352619dfd2 100644 --- a/sys/contrib/ipfilter/netinet/ip_fil.h +++ b/sys/contrib/ipfilter/netinet/ip_fil.h @@ -1026,11 +1026,7 @@ typedef struct iplog { #define IPLOG_SIZE sizeof(iplog_t) typedef struct ipflog { -#if (defined(NetBSD) && (NetBSD <= 1991011) && (NetBSD >= 199603)) || \ - (defined(OpenBSD) && (OpenBSD >= 199603)) -#else - u_int fl_unit; -#endif + u_int fl_unit; u_32_t fl_rule; u_32_t fl_flags; u_32_t fl_lflags; diff --git a/sys/contrib/ipfilter/netinet/ip_fil_freebsd.c b/sys/contrib/ipfilter/netinet/ip_fil_freebsd.c index 9711d51e4683..23899b60c6c6 100644 --- a/sys/contrib/ipfilter/netinet/ip_fil_freebsd.c +++ b/sys/contrib/ipfilter/netinet/ip_fil_freebsd.c @@ -85,7 +85,6 @@ static const char rcsid[] = "@(#)$Id$"; #endif extern int ip_optcopy __P((struct ip *, struct ip *)); - # ifdef IPFILTER_M_IPFILTER MALLOC_DEFINE(M_IPFILTER, "ipfilter", "IP Filter packet filter data structures"); # endif @@ -477,11 +476,7 @@ ipf_send_ip(fin, m) IP_HL_A(ip, sizeof(*oip) >> 2); ip->ip_tos = oip->ip_tos; ip->ip_id = fin->fin_ip->ip_id; -#if defined(FreeBSD) && (__FreeBSD_version > 460000) - ip->ip_off = htons(path_mtu_discovery ? IP_DF : 0); -#else - ip->ip_off = 0; -#endif + ip->ip_off = htons(V_path_mtu_discovery ? IP_DF : 0); ip->ip_ttl = V_ip_defttl; ip->ip_sum = 0; break; @@ -542,12 +537,7 @@ ipf_send_icmp_err(type, fin, dst) code = fin->fin_icode; #ifdef USE_INET6 -#if 0 - /* XXX Fix an off by one error: s/>/>=/ - was: - if ((code < 0) || (code > sizeof(icmptoicmp6unreach)/sizeof(int))) - Fix obtained from NetBSD ip_fil_netbsd.c r1.4: */ -#endif + /* See NetBSD ip_fil_netbsd.c r1.4: */ if ((code < 0) || (code >= sizeof(icmptoicmp6unreach)/sizeof(int))) return -1; #endif diff --git a/sys/contrib/ipfilter/netinet/ip_log.c b/sys/contrib/ipfilter/netinet/ip_log.c index d1fd01feebb6..2d600840a971 100644 --- a/sys/contrib/ipfilter/netinet/ip_log.c +++ b/sys/contrib/ipfilter/netinet/ip_log.c @@ -97,14 +97,8 @@ struct file; #include <netinet/in.h> #ifdef __sgi # include <sys/ddi.h> -# ifdef IFF_DRVRLOCK /* IRIX6 */ -# include <sys/hashing.h> -# endif #endif -#if !defined(__hpux) && !defined(linux) && \ - !(defined(__sgi) && !defined(IFF_DRVRLOCK)) /*IRIX<6*/ # include <netinet/in_var.h> -#endif #include <netinet/in_systm.h> #include <netinet/ip.h> #include <netinet/tcp.h> diff --git a/sys/contrib/rdma/krping/krping_dev.c b/sys/contrib/rdma/krping/krping_dev.c index b1e009bf51b1..342c5b0065f3 100644 --- a/sys/contrib/rdma/krping/krping_dev.c +++ b/sys/contrib/rdma/krping/krping_dev.c @@ -187,7 +187,7 @@ krping_write(struct cdev *dev, struct uio *uio, int ioflag) err = uiomove(cp, amt, uio); if (err) { uprintf("Write failed: bad address!\n"); - return err; + goto done; } cp += amt; remain -= amt; @@ -195,7 +195,8 @@ krping_write(struct cdev *dev, struct uio *uio, int ioflag) if (uio->uio_resid != 0) { uprintf("Message too big. max size is %d!\n", BUFFERSIZE); - return EMSGSIZE; + err = EMSGSIZE; + goto done; } /* null terminate and remove the \n */ @@ -204,6 +205,7 @@ krping_write(struct cdev *dev, struct uio *uio, int ioflag) krpingmsg->len = (unsigned long)(cp - krpingmsg->msg); uprintf("krping: write string = |%s|\n", krpingmsg->msg); err = krping_doit(krpingmsg->msg); +done: free(krpingmsg, M_DEVBUF); return(err); } diff --git a/sys/contrib/vchiq/interface/compat/vchi_bsd.h b/sys/contrib/vchiq/interface/compat/vchi_bsd.h index a02bca452756..e8886e6e9283 100644 --- a/sys/contrib/vchiq/interface/compat/vchi_bsd.h +++ b/sys/contrib/vchiq/interface/compat/vchi_bsd.h @@ -162,10 +162,6 @@ struct mutex { */ typedef struct rwlock rwlock_t; -#if defined(SX_ADAPTIVESPIN) && !defined(SX_NOADAPTIVE) -#define SX_NOADAPTIVE SX_ADAPTIVESPIN -#endif - #define DEFINE_RWLOCK(name) \ struct rwlock name; \ SX_SYSINIT(name, &name, #name) diff --git a/sys/dev/acpi_support/atk0110.c b/sys/dev/acpi_support/atk0110.c index e6dd8e86cf53..1f589ae4bd91 100644 --- a/sys/dev/acpi_support/atk0110.c +++ b/sys/dev/acpi_support/atk0110.c @@ -129,7 +129,7 @@ aibs_probe(device_t dev) rv = ACPI_ID_PROBE(device_get_parent(dev), dev, aibs_hids, NULL); if (rv <= 0 ) device_set_desc(dev, "ASUSTeK AI Booster (ACPI ASOC ATK0110)"); - return (0); + return (rv); } static int diff --git a/sys/dev/acpica/acpi.c b/sys/dev/acpica/acpi.c index d0192eddcd15..8ba2f397d8df 100644 --- a/sys/dev/acpica/acpi.c +++ b/sys/dev/acpica/acpi.c @@ -2203,8 +2203,6 @@ acpi_DeviceIsPresent(device_t dev) h = acpi_get_handle(dev); if (h == NULL) return (FALSE); - status = acpi_GetInteger(h, "_STA", &s); - /* * Certain Treadripper boards always returns 0 for FreeBSD because it * only returns non-zero for the OS string "Windows 2015". Otherwise it @@ -2214,9 +2212,14 @@ acpi_DeviceIsPresent(device_t dev) if (acpi_MatchHid(h, "AMDI0020") || acpi_MatchHid(h, "AMDI0010")) return (TRUE); - /* If no _STA method, must be present */ + status = acpi_GetInteger(h, "_STA", &s); + + /* + * If no _STA method or if it failed, then assume that + * the device is present. + */ if (ACPI_FAILURE(status)) - return (status == AE_NOT_FOUND ? TRUE : FALSE); + return (TRUE); return (ACPI_DEVICE_PRESENT(s) ? TRUE : FALSE); } @@ -2236,9 +2239,12 @@ acpi_BatteryIsPresent(device_t dev) return (FALSE); status = acpi_GetInteger(h, "_STA", &s); - /* If no _STA method, must be present */ + /* + * If no _STA method or if it failed, then assume that + * the device is present. + */ if (ACPI_FAILURE(status)) - return (status == AE_NOT_FOUND ? TRUE : FALSE); + return (TRUE); return (ACPI_BATTERY_PRESENT(s) ? TRUE : FALSE); } @@ -2284,7 +2290,7 @@ acpi_MatchHid(ACPI_HANDLE h, const char *hid) ACPI_FAILURE(AcpiGetObjectInfo(h, &devinfo))) return (ACPI_MATCHHID_NOMATCH); - ret = FALSE; + ret = ACPI_MATCHHID_NOMATCH; if ((devinfo->Valid & ACPI_VALID_HID) != 0 && strcmp(hid, devinfo->HardwareId.String) == 0) ret = ACPI_MATCHHID_HID; diff --git a/sys/dev/acpica/acpi_ec.c b/sys/dev/acpica/acpi_ec.c index a21dbc963af7..218c3b106d68 100644 --- a/sys/dev/acpica/acpi_ec.c +++ b/sys/dev/acpica/acpi_ec.c @@ -362,7 +362,8 @@ acpi_ec_probe(device_t dev) ret = 0; goto out; - } + } else + ecdt = 0; ret = ACPI_ID_PROBE(device_get_parent(dev), dev, ec_ids, NULL); if (ret > 0) @@ -382,6 +383,22 @@ acpi_ec_probe(device_t dev) if (ACPI_FAILURE(status)) params->uid = 0; + /* + * Check for a duplicate probe. This can happen when a probe via ECDT + * succeeded already. If this is a duplicate, disable this device. + * + * NB: It would seem device_disable would be sufficient to not get + * duplicated devices, and ENXIO isn't needed, however, device_probe() only + * checks DF_ENABLED at the start and so disabling it here is too late to + * prevent device_attach() from being called. + */ + peer = devclass_get_device(acpi_ec_devclass, params->uid); + if (peer != NULL && device_is_alive(peer)) { + device_disable(dev); + ret = ENXIO; + goto out; + } + status = acpi_GetInteger(h, "_GLK", ¶ms->glk); if (ACPI_FAILURE(status)) params->glk = 0; @@ -422,16 +439,6 @@ acpi_ec_probe(device_t dev) /* Store the values we got from the namespace for attach. */ acpi_set_private(dev, params); - /* - * Check for a duplicate probe. This can happen when a probe via ECDT - * succeeded already. If this is a duplicate, disable this device. - */ - peer = devclass_get_device(acpi_ec_devclass, params->uid); - if (peer == NULL || !device_is_alive(peer)) - ret = 0; - else - device_disable(dev); - if (buf.Pointer) AcpiOsFree(buf.Pointer); out: diff --git a/sys/dev/acpica/acpi_hpet.c b/sys/dev/acpica/acpi_hpet.c index 4fca980f8c3b..38304034c259 100644 --- a/sys/dev/acpica/acpi_hpet.c +++ b/sys/dev/acpica/acpi_hpet.c @@ -396,7 +396,7 @@ hpet_mmap(struct cdev *cdev, vm_ooffset_t offset, vm_paddr_t *paddr, struct hpet_softc *sc; sc = cdev->si_drv1; - if (offset > rman_get_size(sc->mem_res)) + if (offset >= rman_get_size(sc->mem_res)) return (EINVAL); if (!sc->mmap_allow_write && (nprot & PROT_WRITE)) return (EPERM); diff --git a/sys/dev/acpica/acpi_pxm.c b/sys/dev/acpica/acpi_pxm.c new file mode 100644 index 000000000000..a4dbbfbf2a4b --- /dev/null +++ b/sys/dev/acpica/acpi_pxm.c @@ -0,0 +1,697 @@ +/*- + * SPDX-License-Identifier: BSD-2-Clause-FreeBSD + * + * Copyright (c) 2010 Hudson River Trading LLC + * Written by: John H. Baldwin <jhb@FreeBSD.org> + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <sys/cdefs.h> +__FBSDID("$FreeBSD$"); + +#include "opt_vm.h" + +#include <sys/param.h> +#include <sys/systm.h> +#include <sys/bus.h> +#include <sys/kernel.h> +#include <sys/lock.h> +#include <sys/mutex.h> +#include <sys/smp.h> +#include <sys/vmmeter.h> +#include <vm/vm.h> +#include <vm/pmap.h> +#include <vm/vm_param.h> +#include <vm/vm_page.h> +#include <vm/vm_phys.h> + +#include <contrib/dev/acpica/include/acpi.h> +#include <contrib/dev/acpica/include/aclocal.h> +#include <contrib/dev/acpica/include/actables.h> + +#include <machine/md_var.h> + +#include <dev/acpica/acpivar.h> + +#if MAXMEMDOM > 1 +static struct cpu_info { + int enabled:1; + int has_memory:1; + int domain; + int id; +} *cpus; + +static int max_cpus; +static int last_cpu; + +struct mem_affinity mem_info[VM_PHYSSEG_MAX + 1]; +int num_mem; + +static ACPI_TABLE_SRAT *srat; +static vm_paddr_t srat_physaddr; + +static int domain_pxm[MAXMEMDOM]; +static int ndomain; +static vm_paddr_t maxphyaddr; + +static ACPI_TABLE_SLIT *slit; +static vm_paddr_t slit_physaddr; +static int vm_locality_table[MAXMEMDOM * MAXMEMDOM]; + +static void srat_walk_table(acpi_subtable_handler *handler, void *arg); + +/* + * SLIT parsing. + */ + +static void +slit_parse_table(ACPI_TABLE_SLIT *s) +{ + int i, j; + int i_domain, j_domain; + int offset = 0; + uint8_t e; + + /* + * This maps the SLIT data into the VM-domain centric view. + * There may be sparse entries in the PXM namespace, so + * remap them to a VM-domain ID and if it doesn't exist, + * skip it. + * + * It should result in a packed 2d array of VM-domain + * locality information entries. + */ + + if (bootverbose) + printf("SLIT.Localities: %d\n", (int) s->LocalityCount); + for (i = 0; i < s->LocalityCount; i++) { + i_domain = acpi_map_pxm_to_vm_domainid(i); + if (i_domain < 0) + continue; + + if (bootverbose) + printf("%d: ", i); + for (j = 0; j < s->LocalityCount; j++) { + j_domain = acpi_map_pxm_to_vm_domainid(j); + if (j_domain < 0) + continue; + e = s->Entry[i * s->LocalityCount + j]; + if (bootverbose) + printf("%d ", (int) e); + /* 255 == "no locality information" */ + if (e == 255) + vm_locality_table[offset] = -1; + else + vm_locality_table[offset] = e; + offset++; + } + if (bootverbose) + printf("\n"); + } +} + +/* + * Look for an ACPI System Locality Distance Information Table ("SLIT") + */ +static int +parse_slit(void) +{ + + if (resource_disabled("slit", 0)) { + return (-1); + } + + slit_physaddr = acpi_find_table(ACPI_SIG_SLIT); + if (slit_physaddr == 0) { + return (-1); + } + + /* + * Make a pass over the table to populate the cpus[] and + * mem_info[] tables. + */ + slit = acpi_map_table(slit_physaddr, ACPI_SIG_SLIT); + slit_parse_table(slit); + acpi_unmap_table(slit); + slit = NULL; + + return (0); +} + +/* + * SRAT parsing. + */ + +/* + * Returns true if a memory range overlaps with at least one range in + * phys_avail[]. + */ +static int +overlaps_phys_avail(vm_paddr_t start, vm_paddr_t end) +{ + int i; + + for (i = 0; phys_avail[i] != 0 && phys_avail[i + 1] != 0; i += 2) { + if (phys_avail[i + 1] <= start) + continue; + if (phys_avail[i] < end) + return (1); + break; + } + return (0); +} + +/* + * On x86 we can use the cpuid to index the cpus array, but on arm64 + * we have an ACPI Processor UID with a larger range. + * + * Use this variable to indicate if the cpus can be stored by index. + */ +#ifdef __aarch64__ +static const int cpus_use_indexing = 0; +#else +static const int cpus_use_indexing = 1; +#endif + +/* + * Find CPU by processor ID (APIC ID on x86, Processor UID on arm64) + */ +static struct cpu_info * +cpu_find(int cpuid) +{ + int i; + + if (cpus_use_indexing) { + if (cpuid <= last_cpu && cpus[cpuid].enabled) + return (&cpus[cpuid]); + } else { + for (i = 0; i <= last_cpu; i++) + if (cpus[i].id == cpuid) + return (&cpus[i]); + } + return (NULL); +} + +/* + * Find CPU by pcpu pointer. + */ +static struct cpu_info * +cpu_get_info(struct pcpu *pc) +{ + struct cpu_info *cpup; + int id; + +#ifdef __aarch64__ + id = pc->pc_acpi_id; +#else + id = pc->pc_apic_id; +#endif + cpup = cpu_find(id); + if (cpup == NULL) + panic("SRAT: CPU with ID %u is not known", id); + return (cpup); +} + +/* + * Add proximity information for a new CPU. + */ +static struct cpu_info * +cpu_add(int cpuid, int domain) +{ + struct cpu_info *cpup; + + if (cpus_use_indexing) { + if (cpuid >= max_cpus) + return (NULL); + last_cpu = imax(last_cpu, cpuid); + cpup = &cpus[cpuid]; + } else { + if (last_cpu >= max_cpus - 1) + return (NULL); + cpup = &cpus[++last_cpu]; + } + cpup->domain = domain; + cpup->id = cpuid; + cpup->enabled = 1; + return (cpup); +} + +static void +srat_parse_entry(ACPI_SUBTABLE_HEADER *entry, void *arg) +{ + ACPI_SRAT_CPU_AFFINITY *cpu; + ACPI_SRAT_X2APIC_CPU_AFFINITY *x2apic; + ACPI_SRAT_MEM_AFFINITY *mem; + ACPI_SRAT_GICC_AFFINITY *gicc; + static struct cpu_info *cpup; + int domain, i, slot; + + switch (entry->Type) { + case ACPI_SRAT_TYPE_CPU_AFFINITY: + cpu = (ACPI_SRAT_CPU_AFFINITY *)entry; + domain = cpu->ProximityDomainLo | + cpu->ProximityDomainHi[0] << 8 | + cpu->ProximityDomainHi[1] << 16 | + cpu->ProximityDomainHi[2] << 24; + if (bootverbose) + printf("SRAT: Found CPU APIC ID %u domain %d: %s\n", + cpu->ApicId, domain, + (cpu->Flags & ACPI_SRAT_CPU_ENABLED) ? + "enabled" : "disabled"); + if (!(cpu->Flags & ACPI_SRAT_CPU_ENABLED)) + break; + cpup = cpu_find(cpu->ApicId); + if (cpup != NULL) { + printf("SRAT: Duplicate local APIC ID %u\n", + cpu->ApicId); + *(int *)arg = ENXIO; + break; + } + cpup = cpu_add(cpu->ApicId, domain); + if (cpup == NULL) + printf("SRAT: Ignoring local APIC ID %u (too high)\n", + cpu->ApicId); + break; + case ACPI_SRAT_TYPE_X2APIC_CPU_AFFINITY: + x2apic = (ACPI_SRAT_X2APIC_CPU_AFFINITY *)entry; + if (bootverbose) + printf("SRAT: Found CPU APIC ID %u domain %d: %s\n", + x2apic->ApicId, x2apic->ProximityDomain, + (x2apic->Flags & ACPI_SRAT_CPU_ENABLED) ? + "enabled" : "disabled"); + if (!(x2apic->Flags & ACPI_SRAT_CPU_ENABLED)) + break; + KASSERT(cpu_find(x2apic->ApicId) == NULL, + ("Duplicate local APIC ID %u", x2apic->ApicId)); + cpup = cpu_add(x2apic->ApicId, x2apic->ProximityDomain); + if (cpup == NULL) + printf("SRAT: Ignoring local APIC ID %u (too high)\n", + x2apic->ApicId); + break; + case ACPI_SRAT_TYPE_GICC_AFFINITY: + gicc = (ACPI_SRAT_GICC_AFFINITY *)entry; + if (bootverbose) + printf("SRAT: Found CPU UID %u domain %d: %s\n", + gicc->AcpiProcessorUid, gicc->ProximityDomain, + (gicc->Flags & ACPI_SRAT_GICC_ENABLED) ? + "enabled" : "disabled"); + if (!(gicc->Flags & ACPI_SRAT_GICC_ENABLED)) + break; + KASSERT(cpu_find(gicc->AcpiProcessorUid) == NULL, + ("Duplicate CPU UID %u", gicc->AcpiProcessorUid)); + cpup = cpu_add(gicc->AcpiProcessorUid, gicc->ProximityDomain); + if (cpup == NULL) + printf("SRAT: Ignoring CPU UID %u (too high)\n", + gicc->AcpiProcessorUid); + break; + case ACPI_SRAT_TYPE_MEMORY_AFFINITY: + mem = (ACPI_SRAT_MEM_AFFINITY *)entry; + if (bootverbose) + printf( + "SRAT: Found memory domain %d addr 0x%jx len 0x%jx: %s\n", + mem->ProximityDomain, (uintmax_t)mem->BaseAddress, + (uintmax_t)mem->Length, + (mem->Flags & ACPI_SRAT_MEM_ENABLED) ? + "enabled" : "disabled"); + if (!(mem->Flags & ACPI_SRAT_MEM_ENABLED)) + break; + if (mem->BaseAddress >= maxphyaddr || + !overlaps_phys_avail(mem->BaseAddress, + mem->BaseAddress + mem->Length)) { + printf("SRAT: Ignoring memory at addr 0x%jx\n", + (uintmax_t)mem->BaseAddress); + break; + } + if (num_mem == VM_PHYSSEG_MAX) { + printf("SRAT: Too many memory regions\n"); + *(int *)arg = ENXIO; + break; + } + slot = num_mem; + for (i = 0; i < num_mem; i++) { + if (mem_info[i].end <= mem->BaseAddress) + continue; + if (mem_info[i].start < + (mem->BaseAddress + mem->Length)) { + printf("SRAT: Overlapping memory entries\n"); + *(int *)arg = ENXIO; + return; + } + slot = i; + } + for (i = num_mem; i > slot; i--) + mem_info[i] = mem_info[i - 1]; + mem_info[slot].start = mem->BaseAddress; + mem_info[slot].end = mem->BaseAddress + mem->Length; + mem_info[slot].domain = mem->ProximityDomain; + num_mem++; + break; + } +} + +/* + * Ensure each memory domain has at least one CPU and that each CPU + * has at least one memory domain. + */ +static int +check_domains(void) +{ + int found, i, j; + + for (i = 0; i < num_mem; i++) { + found = 0; + for (j = 0; j <= last_cpu; j++) + if (cpus[j].enabled && + cpus[j].domain == mem_info[i].domain) { + cpus[j].has_memory = 1; + found++; + } + if (!found) { + printf("SRAT: No CPU found for memory domain %d\n", + mem_info[i].domain); + return (ENXIO); + } + } + for (i = 0; i <= last_cpu; i++) + if (cpus[i].enabled && !cpus[i].has_memory) { + found = 0; + for (j = 0; j < num_mem && !found; j++) { + if (mem_info[j].domain == cpus[i].domain) + found = 1; + } + if (!found) { + if (bootverbose) + printf("SRAT: mem dom %d is empty\n", + cpus[i].domain); + mem_info[num_mem].start = 0; + mem_info[num_mem].end = 0; + mem_info[num_mem].domain = cpus[i].domain; + num_mem++; + } + } + return (0); +} + +/* + * Check that the SRAT memory regions cover all of the regions in + * phys_avail[]. + */ +static int +check_phys_avail(void) +{ + vm_paddr_t address; + int i, j; + + /* j is the current offset into phys_avail[]. */ + address = phys_avail[0]; + j = 0; + for (i = 0; i < num_mem; i++) { + /* + * Consume as many phys_avail[] entries as fit in this + * region. + */ + while (address >= mem_info[i].start && + address <= mem_info[i].end) { + /* + * If we cover the rest of this phys_avail[] entry, + * advance to the next entry. + */ + if (phys_avail[j + 1] <= mem_info[i].end) { + j += 2; + if (phys_avail[j] == 0 && + phys_avail[j + 1] == 0) { + return (0); + } + address = phys_avail[j]; + } else + address = mem_info[i].end + 1; + } + } + printf("SRAT: No memory region found for 0x%jx - 0x%jx\n", + (uintmax_t)phys_avail[j], (uintmax_t)phys_avail[j + 1]); + return (ENXIO); +} + +/* + * Renumber the memory domains to be compact and zero-based if not + * already. Returns an error if there are too many domains. + */ +static int +renumber_domains(void) +{ + int i, j, slot; + + /* Enumerate all the domains. */ + ndomain = 0; + for (i = 0; i < num_mem; i++) { + /* See if this domain is already known. */ + for (j = 0; j < ndomain; j++) { + if (domain_pxm[j] >= mem_info[i].domain) + break; + } + if (j < ndomain && domain_pxm[j] == mem_info[i].domain) + continue; + + if (ndomain >= MAXMEMDOM) { + ndomain = 1; + printf("SRAT: Too many memory domains\n"); + return (EFBIG); + } + + /* Insert the new domain at slot 'j'. */ + slot = j; + for (j = ndomain; j > slot; j--) + domain_pxm[j] = domain_pxm[j - 1]; + domain_pxm[slot] = mem_info[i].domain; + ndomain++; + } + + /* Renumber each domain to its index in the sorted 'domain_pxm' list. */ + for (i = 0; i < ndomain; i++) { + /* + * If the domain is already the right value, no need + * to renumber. + */ + if (domain_pxm[i] == i) + continue; + + /* Walk the cpu[] and mem_info[] arrays to renumber. */ + for (j = 0; j < num_mem; j++) + if (mem_info[j].domain == domain_pxm[i]) + mem_info[j].domain = i; + for (j = 0; j <= last_cpu; j++) + if (cpus[j].enabled && cpus[j].domain == domain_pxm[i]) + cpus[j].domain = i; + } + + return (0); +} + +/* + * Look for an ACPI System Resource Affinity Table ("SRAT"), + * allocate space for cpu information, and initialize globals. + */ +int +acpi_pxm_init(int ncpus, vm_paddr_t maxphys) +{ + unsigned int idx, size; + vm_paddr_t addr; + + if (resource_disabled("srat", 0)) + return (-1); + + max_cpus = ncpus; + last_cpu = -1; + maxphyaddr = maxphys; + srat_physaddr = acpi_find_table(ACPI_SIG_SRAT); + if (srat_physaddr == 0) + return (-1); + + /* + * Allocate data structure: + * + * Find the last physical memory region and steal some memory from + * it. This is done because at this point in the boot process + * malloc is still not usable. + */ + for (idx = 0; phys_avail[idx + 1] != 0; idx += 2); + KASSERT(idx != 0, ("phys_avail is empty!")); + idx -= 2; + + size = sizeof(*cpus) * max_cpus; + addr = trunc_page(phys_avail[idx + 1] - size); + KASSERT(addr >= phys_avail[idx], + ("Not enough memory for SRAT table items")); + phys_avail[idx + 1] = addr - 1; + + /* + * We cannot rely on PHYS_TO_DMAP because this code is also used in + * i386, so use pmap_mapbios to map the memory, this will end up using + * the default memory attribute (WB), and the DMAP when available. + */ + cpus = (struct cpu_info *)pmap_mapbios(addr, size); + bzero(cpus, size); + return (0); +} + +static int +parse_srat(void) +{ + int error; + + /* + * Make a pass over the table to populate the cpus[] and + * mem_info[] tables. + */ + srat = acpi_map_table(srat_physaddr, ACPI_SIG_SRAT); + error = 0; + srat_walk_table(srat_parse_entry, &error); + acpi_unmap_table(srat); + srat = NULL; + if (error || check_domains() != 0 || check_phys_avail() != 0 || + renumber_domains() != 0) { + srat_physaddr = 0; + return (-1); + } + + return (0); +} + +static void +init_mem_locality(void) +{ + int i; + + /* + * For now, assume -1 == "no locality information for + * this pairing. + */ + for (i = 0; i < MAXMEMDOM * MAXMEMDOM; i++) + vm_locality_table[i] = -1; +} + +/* + * Parse SRAT and SLIT to save proximity info. Don't do + * anything if SRAT is not available. + */ +void +acpi_pxm_parse_tables(void) +{ + + if (srat_physaddr == 0) + return; + if (parse_srat() < 0) + return; + init_mem_locality(); + (void)parse_slit(); +} + +/* + * Use saved data from SRAT/SLIT to update memory locality. + */ +void +acpi_pxm_set_mem_locality(void) +{ + + if (srat_physaddr == 0) + return; + vm_phys_register_domains(ndomain, mem_info, vm_locality_table); +} + +static void +srat_walk_table(acpi_subtable_handler *handler, void *arg) +{ + + acpi_walk_subtables(srat + 1, (char *)srat + srat->Header.Length, + handler, arg); +} + +/* + * Setup per-CPU domain IDs from information saved in 'cpus'. + */ +void +acpi_pxm_set_cpu_locality(void) +{ + struct cpu_info *cpu; + struct pcpu *pc; + u_int i; + + if (srat_physaddr == 0) + return; + for (i = 0; i < MAXCPU; i++) { + if (CPU_ABSENT(i)) + continue; + pc = pcpu_find(i); + KASSERT(pc != NULL, ("no pcpu data for CPU %u", i)); + cpu = cpu_get_info(pc); + pc->pc_domain = vm_ndomains > 1 ? cpu->domain : 0; + CPU_SET(i, &cpuset_domain[pc->pc_domain]); + if (bootverbose) + printf("SRAT: CPU %u has memory domain %d\n", i, + pc->pc_domain); + } +} + +/* + * Free data structures allocated during acpi_pxm_init. + */ +void +acpi_pxm_free(void) +{ + + if (srat_physaddr == 0) + return; + pmap_unmapbios((vm_offset_t)cpus, sizeof(*cpus) * max_cpus); + srat_physaddr = 0; + cpus = NULL; +} + +/* + * Map a _PXM value to a VM domain ID. + * + * Returns the domain ID, or -1 if no domain ID was found. + */ +int +acpi_map_pxm_to_vm_domainid(int pxm) +{ + int i; + + for (i = 0; i < ndomain; i++) { + if (domain_pxm[i] == pxm) + return (vm_ndomains > 1 ? i : 0); + } + + return (-1); +} + +#else /* MAXMEMDOM == 1 */ + +int +acpi_map_pxm_to_vm_domainid(int pxm) +{ + + return (-1); +} + +#endif /* MAXMEMDOM > 1 */ diff --git a/sys/dev/acpica/acpivar.h b/sys/dev/acpica/acpivar.h index a586670eb782..cf347faf35e1 100644 --- a/sys/dev/acpica/acpivar.h +++ b/sys/dev/acpica/acpivar.h @@ -526,6 +526,15 @@ ACPI_HANDLE acpi_GetReference(ACPI_HANDLE scope, ACPI_OBJECT *obj); SYSCTL_DECL(_debug_acpi); /* + * Parse and use proximity information in SRAT and SLIT. + */ +int acpi_pxm_init(int ncpus, vm_paddr_t maxphys); +void acpi_pxm_parse_tables(void); +void acpi_pxm_set_mem_locality(void); +void acpi_pxm_set_cpu_locality(void); +void acpi_pxm_free(void); + +/* * Map a PXM to a VM domain. * * Returns the VM domain ID if found, or -1 if not found / invalid. diff --git a/sys/dev/altera/avgen/altera_avgen.c b/sys/dev/altera/avgen/altera_avgen.c index 88b441cc8b16..86f45ea42f4a 100644 --- a/sys/dev/altera/avgen/altera_avgen.c +++ b/sys/dev/altera/avgen/altera_avgen.c @@ -229,6 +229,7 @@ altera_avgen_mmap(struct cdev *dev, vm_ooffset_t offset, vm_paddr_t *paddr, return (EACCES); } if (trunc_page(offset) == offset && + offset + PAGE_SIZE > offset && rman_get_size(sc->avg_res) >= offset + PAGE_SIZE) { *paddr = rman_get_start(sc->avg_res) + offset; *memattr = VM_MEMATTR_UNCACHEABLE; diff --git a/sys/dev/cxgbe/adapter.h b/sys/dev/cxgbe/adapter.h index 261395ab439f..6f9fc82ab9be 100644 --- a/sys/dev/cxgbe/adapter.h +++ b/sys/dev/cxgbe/adapter.h @@ -82,6 +82,8 @@ prefetch(void *x) #define CTLTYPE_U64 CTLTYPE_QUAD #endif +SYSCTL_DECL(_hw_cxgbe); + struct adapter; typedef struct adapter adapter_t; @@ -172,6 +174,7 @@ enum { DF_DUMP_MBOX = (1 << 0), /* Log all mbox cmd/rpl. */ DF_LOAD_FW_ANYTIME = (1 << 1), /* Allow LOAD_FW after init */ DF_DISABLE_TCB_CACHE = (1 << 2), /* Disable TCB cache (T6+) */ + DF_DISABLE_CFG_RETRY = (1 << 3), /* Disable fallback config */ }; #define IS_DOOMED(vi) ((vi)->flags & DOOMED) @@ -769,6 +772,8 @@ struct devnames { const char *vf_ifnet_name; }; +struct clip_entry; + struct adapter { SLIST_ENTRY(adapter) link; device_t dev; @@ -815,6 +820,10 @@ struct adapter { struct port_info *port[MAX_NPORTS]; uint8_t chan_map[MAX_NCHAN]; /* channel -> port */ + struct mtx clip_table_lock; + TAILQ_HEAD(, clip_entry) clip_table; + int clip_gen; + void *tom_softc; /* (struct tom_data *) */ struct tom_tunables tt; struct t4_offload_policy *policy; diff --git a/sys/dev/cxgbe/common/common.h b/sys/dev/cxgbe/common/common.h index ada4fa4fa775..e072a6759a69 100644 --- a/sys/dev/cxgbe/common/common.h +++ b/sys/dev/cxgbe/common/common.h @@ -605,6 +605,7 @@ int t4_flash_erase_sectors(struct adapter *adapter, int start, int end); int t4_flash_cfg_addr(struct adapter *adapter); int t4_load_cfg(struct adapter *adapter, const u8 *cfg_data, unsigned int size); int t4_get_fw_version(struct adapter *adapter, u32 *vers); +int t4_get_fw_hdr(struct adapter *adapter, struct fw_hdr *hdr); int t4_get_bs_version(struct adapter *adapter, u32 *vers); int t4_get_tp_version(struct adapter *adapter, u32 *vers); int t4_get_exprom_version(struct adapter *adapter, u32 *vers); @@ -736,11 +737,9 @@ int t4_fw_hello(struct adapter *adap, unsigned int mbox, unsigned int evt_mbox, int t4_fw_bye(struct adapter *adap, unsigned int mbox); int t4_fw_reset(struct adapter *adap, unsigned int mbox, int reset); int t4_fw_halt(struct adapter *adap, unsigned int mbox, int force); -int t4_fw_restart(struct adapter *adap, unsigned int mbox, int reset); +int t4_fw_restart(struct adapter *adap, unsigned int mbox); int t4_fw_upgrade(struct adapter *adap, unsigned int mbox, const u8 *fw_data, unsigned int size, int force); -int t4_fw_forceinstall(struct adapter *adap, const u8 *fw_data, - unsigned int size); int t4_fw_initialize(struct adapter *adap, unsigned int mbox); int t4_query_params(struct adapter *adap, unsigned int mbox, unsigned int pf, unsigned int vf, unsigned int nparams, const u32 *params, diff --git a/sys/dev/cxgbe/common/t4_hw.c b/sys/dev/cxgbe/common/t4_hw.c index cec8ebbf00e7..90317e500424 100644 --- a/sys/dev/cxgbe/common/t4_hw.c +++ b/sys/dev/cxgbe/common/t4_hw.c @@ -3321,6 +3321,19 @@ int t4_get_fw_version(struct adapter *adapter, u32 *vers) } /** + * t4_get_fw_hdr - read the firmware header + * @adapter: the adapter + * @hdr: where to place the version + * + * Reads the FW header from flash into caller provided buffer. + */ +int t4_get_fw_hdr(struct adapter *adapter, struct fw_hdr *hdr) +{ + return t4_read_flash(adapter, FLASH_FW_START, + sizeof (*hdr) / sizeof (uint32_t), (uint32_t *)hdr, 1); +} + +/** * t4_get_bs_version - read the firmware bootstrap version * @adapter: the adapter * @vers: where to place the version @@ -6900,7 +6913,7 @@ int t4_fw_halt(struct adapter *adap, unsigned int mbox, int force) * If a legitimate mailbox is provided, issue a RESET command * with a HALT indication. */ - if (mbox <= M_PCIE_FW_MASTER) { + if (adap->flags & FW_OK && mbox <= M_PCIE_FW_MASTER) { struct fw_reset_cmd c; memset(&c, 0, sizeof(c)); @@ -6939,64 +6952,24 @@ int t4_fw_halt(struct adapter *adap, unsigned int mbox, int force) /** * t4_fw_restart - restart the firmware by taking the uP out of RESET * @adap: the adapter - * @reset: if we want to do a RESET to restart things * * Restart firmware previously halted by t4_fw_halt(). On successful * return the previous PF Master remains as the new PF Master and there * is no need to issue a new HELLO command, etc. - * - * We do this in two ways: - * - * 1. If we're dealing with newer firmware we'll simply want to take - * the chip's microprocessor out of RESET. This will cause the - * firmware to start up from its start vector. And then we'll loop - * until the firmware indicates it's started again (PCIE_FW.HALT - * reset to 0) or we timeout. - * - * 2. If we're dealing with older firmware then we'll need to RESET - * the chip since older firmware won't recognize the PCIE_FW.HALT - * flag and automatically RESET itself on startup. */ -int t4_fw_restart(struct adapter *adap, unsigned int mbox, int reset) +int t4_fw_restart(struct adapter *adap, unsigned int mbox) { - if (reset) { - /* - * Since we're directing the RESET instead of the firmware - * doing it automatically, we need to clear the PCIE_FW.HALT - * bit. - */ - t4_set_reg_field(adap, A_PCIE_FW, F_PCIE_FW_HALT, 0); - - /* - * If we've been given a valid mailbox, first try to get the - * firmware to do the RESET. If that works, great and we can - * return success. Otherwise, if we haven't been given a - * valid mailbox or the RESET command failed, fall back to - * hitting the chip with a hammer. - */ - if (mbox <= M_PCIE_FW_MASTER) { - t4_set_reg_field(adap, A_CIM_BOOT_CFG, F_UPCRST, 0); - msleep(100); - if (t4_fw_reset(adap, mbox, - F_PIORST | F_PIORSTMODE) == 0) - return 0; - } + int ms; - t4_write_reg(adap, A_PL_RST, F_PIORST | F_PIORSTMODE); - msleep(2000); - } else { - int ms; - - t4_set_reg_field(adap, A_CIM_BOOT_CFG, F_UPCRST, 0); - for (ms = 0; ms < FW_CMD_MAX_TIMEOUT; ) { - if (!(t4_read_reg(adap, A_PCIE_FW) & F_PCIE_FW_HALT)) - return FW_SUCCESS; - msleep(100); - ms += 100; - } - return -ETIMEDOUT; + t4_set_reg_field(adap, A_CIM_BOOT_CFG, F_UPCRST, 0); + for (ms = 0; ms < FW_CMD_MAX_TIMEOUT; ) { + if (!(t4_read_reg(adap, A_PCIE_FW) & F_PCIE_FW_HALT)) + return FW_SUCCESS; + msleep(100); + ms += 100; } - return 0; + + return -ETIMEDOUT; } /** @@ -7026,7 +6999,7 @@ int t4_fw_upgrade(struct adapter *adap, unsigned int mbox, const struct fw_hdr *fw_hdr = (const struct fw_hdr *)fw_data; unsigned int bootstrap = be32_to_cpu(fw_hdr->magic) == FW_HDR_MAGIC_BOOTSTRAP; - int reset, ret; + int ret; if (!t4_fw_matches_chip(adap, fw_hdr)) return -EINVAL; @@ -7041,41 +7014,7 @@ int t4_fw_upgrade(struct adapter *adap, unsigned int mbox, if (ret < 0 || bootstrap) return ret; - /* - * Older versions of the firmware don't understand the new - * PCIE_FW.HALT flag and so won't know to perform a RESET when they - * restart. So for newly loaded older firmware we'll have to do the - * RESET for it so it starts up on a clean slate. We can tell if - * the newly loaded firmware will handle this right by checking - * its header flags to see if it advertises the capability. - */ - reset = ((be32_to_cpu(fw_hdr->flags) & FW_HDR_FLAGS_RESET_HALT) == 0); - return t4_fw_restart(adap, mbox, reset); -} - -/* - * Card doesn't have a firmware, install one. - */ -int t4_fw_forceinstall(struct adapter *adap, const u8 *fw_data, - unsigned int size) -{ - const struct fw_hdr *fw_hdr = (const struct fw_hdr *)fw_data; - unsigned int bootstrap = - be32_to_cpu(fw_hdr->magic) == FW_HDR_MAGIC_BOOTSTRAP; - int ret; - - if (!t4_fw_matches_chip(adap, fw_hdr) || bootstrap) - return -EINVAL; - - t4_set_reg_field(adap, A_CIM_BOOT_CFG, F_UPCRST, F_UPCRST); - t4_write_reg(adap, A_PCIE_FW, 0); /* Clobber internal state */ - ret = t4_load_fw(adap, fw_data, size); - if (ret < 0) - return ret; - t4_write_reg(adap, A_PL_RST, F_PIORST | F_PIORSTMODE); - msleep(1000); - - return (0); + return t4_fw_restart(adap, mbox); } /** diff --git a/sys/dev/cxgbe/cxgbei/cxgbei.c b/sys/dev/cxgbe/cxgbei/cxgbei.c index 0a4f4ab304c6..17a16fb51993 100644 --- a/sys/dev/cxgbe/cxgbei/cxgbei.c +++ b/sys/dev/cxgbe/cxgbei/cxgbei.c @@ -449,9 +449,9 @@ do_rx_iscsi_ddp(struct sge_iq *iq, const struct rss_header *rss, struct mbuf *m) struct icl_pdu *ip0; ip0 = icl_cxgbei_new_pdu(M_NOWAIT); - icl_cxgbei_new_pdu_set_conn(ip0, ic); if (ip0 == NULL) CXGBE_UNIMPLEMENTED("PDU allocation failure"); + icl_cxgbei_new_pdu_set_conn(ip0, ic); icp0 = ip_to_icp(ip0); icp0->icp_seq = 0; /* XXX */ icp0->icp_flags = ICPF_RX_HDR | ICPF_RX_STATUS; diff --git a/sys/dev/cxgbe/t4_clip.c b/sys/dev/cxgbe/t4_clip.c new file mode 100644 index 000000000000..d7959e19db80 --- /dev/null +++ b/sys/dev/cxgbe/t4_clip.c @@ -0,0 +1,395 @@ +/*- + * SPDX-License-Identifier: BSD-2-Clause-FreeBSD + * + * Copyright (c) 2012 Chelsio Communications, Inc. + * All rights reserved. + * Written by: Navdeep Parhar <np@FreeBSD.org> + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <sys/cdefs.h> +__FBSDID("$FreeBSD$"); + +#include "opt_inet.h" +#include "opt_inet6.h" + +#include <sys/types.h> +#include <sys/ck.h> +#include <sys/eventhandler.h> +#include <sys/malloc.h> +#include <sys/rmlock.h> +#include <sys/sbuf.h> +#include <sys/socket.h> +#include <sys/taskqueue.h> +#include <net/if.h> +#include <net/if_var.h> +#include <netinet/in.h> +#include <netinet6/in6_var.h> +#include <netinet6/scope6_var.h> + +#include "common/common.h" +#include "t4_clip.h" + +#if defined(INET6) +static int add_lip(struct adapter *, struct in6_addr *); +static int delete_lip(struct adapter *, struct in6_addr *); +static struct clip_entry *search_lip(struct adapter *, struct in6_addr *); +static void update_clip(struct adapter *, void *); +static void t4_clip_task(void *, int); +static void update_clip_table(struct adapter *); + +static int in6_ifaddr_gen; +static eventhandler_tag ifaddr_evhandler; +static struct timeout_task clip_task; + +static int +add_lip(struct adapter *sc, struct in6_addr *lip) +{ + struct fw_clip_cmd c; + + ASSERT_SYNCHRONIZED_OP(sc); + mtx_assert(&sc->clip_table_lock, MA_OWNED); + + memset(&c, 0, sizeof(c)); + c.op_to_write = htonl(V_FW_CMD_OP(FW_CLIP_CMD) | F_FW_CMD_REQUEST | + F_FW_CMD_WRITE); + c.alloc_to_len16 = htonl(F_FW_CLIP_CMD_ALLOC | FW_LEN16(c)); + c.ip_hi = *(uint64_t *)&lip->s6_addr[0]; + c.ip_lo = *(uint64_t *)&lip->s6_addr[8]; + + return (-t4_wr_mbox_ns(sc, sc->mbox, &c, sizeof(c), &c)); +} + +static int +delete_lip(struct adapter *sc, struct in6_addr *lip) +{ + struct fw_clip_cmd c; + + ASSERT_SYNCHRONIZED_OP(sc); + mtx_assert(&sc->clip_table_lock, MA_OWNED); + + memset(&c, 0, sizeof(c)); + c.op_to_write = htonl(V_FW_CMD_OP(FW_CLIP_CMD) | F_FW_CMD_REQUEST | + F_FW_CMD_READ); + c.alloc_to_len16 = htonl(F_FW_CLIP_CMD_FREE | FW_LEN16(c)); + c.ip_hi = *(uint64_t *)&lip->s6_addr[0]; + c.ip_lo = *(uint64_t *)&lip->s6_addr[8]; + + return (-t4_wr_mbox_ns(sc, sc->mbox, &c, sizeof(c), &c)); +} + +static struct clip_entry * +search_lip(struct adapter *sc, struct in6_addr *lip) +{ + struct clip_entry *ce; + + mtx_assert(&sc->clip_table_lock, MA_OWNED); + + TAILQ_FOREACH(ce, &sc->clip_table, link) { + if (IN6_ARE_ADDR_EQUAL(&ce->lip, lip)) + return (ce); + } + + return (NULL); +} +#endif + +struct clip_entry * +t4_hold_lip(struct adapter *sc, struct in6_addr *lip, struct clip_entry *ce) +{ + +#ifdef INET6 + mtx_lock(&sc->clip_table_lock); + if (ce == NULL) + ce = search_lip(sc, lip); + if (ce != NULL) + ce->refcount++; + mtx_unlock(&sc->clip_table_lock); + + return (ce); +#else + return (NULL); +#endif +} + +void +t4_release_lip(struct adapter *sc, struct clip_entry *ce) +{ + +#ifdef INET6 + mtx_lock(&sc->clip_table_lock); + KASSERT(search_lip(sc, &ce->lip) == ce, + ("%s: CLIP entry %p p not in CLIP table.", __func__, ce)); + KASSERT(ce->refcount > 0, + ("%s: CLIP entry %p has refcount 0", __func__, ce)); + --ce->refcount; + mtx_unlock(&sc->clip_table_lock); +#endif +} + +#ifdef INET6 +void +t4_init_clip_table(struct adapter *sc) +{ + + mtx_init(&sc->clip_table_lock, "CLIP table lock", NULL, MTX_DEF); + TAILQ_INIT(&sc->clip_table); + sc->clip_gen = -1; + + /* + * Don't bother forcing an update of the clip table when the + * adapter is initialized. Before an interface can be used it + * must be assigned an address which will trigger the event + * handler to update the table. + */ +} + +static void +update_clip(struct adapter *sc, void *arg __unused) +{ + + if (begin_synchronized_op(sc, NULL, HOLD_LOCK, "t4clip")) + return; + + if (mtx_initialized(&sc->clip_table_lock)) + update_clip_table(sc); + + end_synchronized_op(sc, LOCK_HELD); +} + +static void +t4_clip_task(void *arg, int count) +{ + + t4_iterate(update_clip, NULL); +} + +static void +update_clip_table(struct adapter *sc) +{ + struct rm_priotracker in6_ifa_tracker; + struct in6_ifaddr *ia; + struct in6_addr *lip, tlip; + TAILQ_HEAD(, clip_entry) stale; + struct clip_entry *ce, *ce_temp; + struct vi_info *vi; + int rc, gen, i, j; + uintptr_t last_vnet; + + ASSERT_SYNCHRONIZED_OP(sc); + + IN6_IFADDR_RLOCK(&in6_ifa_tracker); + mtx_lock(&sc->clip_table_lock); + + gen = atomic_load_acq_int(&in6_ifaddr_gen); + if (gen == sc->clip_gen) + goto done; + + TAILQ_INIT(&stale); + TAILQ_CONCAT(&stale, &sc->clip_table, link); + + /* + * last_vnet optimizes the common cases where all if_vnet = NULL (no + * VIMAGE) or all if_vnet = vnet0. + */ + last_vnet = (uintptr_t)(-1); + for_each_port(sc, i) + for_each_vi(sc->port[i], j, vi) { + if (last_vnet == (uintptr_t)vi->ifp->if_vnet) + continue; + + /* XXX: races with if_vmove */ + CURVNET_SET(vi->ifp->if_vnet); + CK_STAILQ_FOREACH(ia, &V_in6_ifaddrhead, ia_link) { + lip = &ia->ia_addr.sin6_addr; + + KASSERT(!IN6_IS_ADDR_MULTICAST(lip), + ("%s: mcast address in in6_ifaddr list", __func__)); + + if (IN6_IS_ADDR_LOOPBACK(lip)) + continue; + if (IN6_IS_SCOPE_EMBED(lip)) { + /* Remove the embedded scope */ + tlip = *lip; + lip = &tlip; + in6_clearscope(lip); + } + /* + * XXX: how to weed out the link local address for the + * loopback interface? It's fe80::1 usually (always?). + */ + + /* + * If it's in the main list then we already know it's + * not stale. + */ + TAILQ_FOREACH(ce, &sc->clip_table, link) { + if (IN6_ARE_ADDR_EQUAL(&ce->lip, lip)) + goto next; + } + + /* + * If it's in the stale list we should move it to the + * main list. + */ + TAILQ_FOREACH(ce, &stale, link) { + if (IN6_ARE_ADDR_EQUAL(&ce->lip, lip)) { + TAILQ_REMOVE(&stale, ce, link); + TAILQ_INSERT_TAIL(&sc->clip_table, ce, + link); + goto next; + } + } + + /* A new IP6 address; add it to the CLIP table */ + ce = malloc(sizeof(*ce), M_CXGBE, M_NOWAIT); + memcpy(&ce->lip, lip, sizeof(ce->lip)); + ce->refcount = 0; + rc = add_lip(sc, lip); + if (rc == 0) + TAILQ_INSERT_TAIL(&sc->clip_table, ce, link); + else { + char ip[INET6_ADDRSTRLEN]; + + inet_ntop(AF_INET6, &ce->lip, &ip[0], + sizeof(ip)); + log(LOG_ERR, "%s: could not add %s (%d)\n", + __func__, ip, rc); + free(ce, M_CXGBE); + } +next: + continue; + } + CURVNET_RESTORE(); + last_vnet = (uintptr_t)vi->ifp->if_vnet; + } + + /* + * Remove stale addresses (those no longer in V_in6_ifaddrhead) that are + * no longer referenced by the driver. + */ + TAILQ_FOREACH_SAFE(ce, &stale, link, ce_temp) { + if (ce->refcount == 0) { + rc = delete_lip(sc, &ce->lip); + if (rc == 0) { + TAILQ_REMOVE(&stale, ce, link); + free(ce, M_CXGBE); + } else { + char ip[INET6_ADDRSTRLEN]; + + inet_ntop(AF_INET6, &ce->lip, &ip[0], + sizeof(ip)); + log(LOG_ERR, "%s: could not delete %s (%d)\n", + __func__, ip, rc); + } + } + } + /* The ones that are still referenced need to stay in the CLIP table */ + TAILQ_CONCAT(&sc->clip_table, &stale, link); + + sc->clip_gen = gen; +done: + mtx_unlock(&sc->clip_table_lock); + IN6_IFADDR_RUNLOCK(&in6_ifa_tracker); +} + +void +t4_destroy_clip_table(struct adapter *sc) +{ + struct clip_entry *ce, *ce_temp; + + if (mtx_initialized(&sc->clip_table_lock)) { + mtx_lock(&sc->clip_table_lock); + TAILQ_FOREACH_SAFE(ce, &sc->clip_table, link, ce_temp) { + KASSERT(ce->refcount == 0, + ("%s: CLIP entry %p still in use (%d)", __func__, + ce, ce->refcount)); + TAILQ_REMOVE(&sc->clip_table, ce, link); + delete_lip(sc, &ce->lip); + free(ce, M_CXGBE); + } + mtx_unlock(&sc->clip_table_lock); + mtx_destroy(&sc->clip_table_lock); + } +} + +static void +t4_tom_ifaddr_event(void *arg __unused, struct ifnet *ifp) +{ + + atomic_add_rel_int(&in6_ifaddr_gen, 1); + taskqueue_enqueue_timeout(taskqueue_thread, &clip_task, -hz / 4); +} + +int +sysctl_clip(SYSCTL_HANDLER_ARGS) +{ + struct adapter *sc = arg1; + struct clip_entry *ce; + struct sbuf *sb; + int rc, header = 0; + char ip[INET6_ADDRSTRLEN]; + + rc = sysctl_wire_old_buffer(req, 0); + if (rc != 0) + return (rc); + + sb = sbuf_new_for_sysctl(NULL, NULL, 4096, req); + if (sb == NULL) + return (ENOMEM); + + mtx_lock(&sc->clip_table_lock); + TAILQ_FOREACH(ce, &sc->clip_table, link) { + if (header == 0) { + sbuf_printf(sb, "%-40s %-5s", "IP address", "Users"); + header = 1; + } + inet_ntop(AF_INET6, &ce->lip, &ip[0], sizeof(ip)); + + sbuf_printf(sb, "\n%-40s %5u", ip, ce->refcount); + } + mtx_unlock(&sc->clip_table_lock); + + rc = sbuf_finish(sb); + sbuf_delete(sb); + + return (rc); +} + +void +t4_clip_modload(void) +{ + + TIMEOUT_TASK_INIT(taskqueue_thread, &clip_task, 0, t4_clip_task, NULL); + ifaddr_evhandler = EVENTHANDLER_REGISTER(ifaddr_event, + t4_tom_ifaddr_event, NULL, EVENTHANDLER_PRI_ANY); +} + +void +t4_clip_modunload(void) +{ + + EVENTHANDLER_DEREGISTER(ifaddr_event, ifaddr_evhandler); + taskqueue_cancel_timeout(taskqueue_thread, &clip_task, NULL); +} +#endif diff --git a/tools/KSE/rr/simplelock.h b/sys/dev/cxgbe/t4_clip.h index 2dae6abd5d08..8d9acdb86fa5 100644 --- a/tools/KSE/rr/simplelock.h +++ b/sys/dev/cxgbe/t4_clip.h @@ -1,6 +1,9 @@ /*- - * Copyright (c) 2002 David Xu (davidxu@freebsd.org). + * SPDX-License-Identifier: BSD-2-Clause-FreeBSD + * + * Copyright (c) 2012 Chelsio Communications, Inc. * All rights reserved. + * Written by: Navdeep Parhar <np@FreeBSD.org> * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -26,34 +29,23 @@ * $FreeBSD$ */ -#ifndef _SIMPLELOCK_H -#define _SIMPLELOCK_H - -#include <machine/asmacros.h> -#include <machine/atomic.h> +#ifndef __T4_CLIP_H +#define __T4_CLIP_H -struct simplelock { - int s_lock; +struct clip_entry { + TAILQ_ENTRY(clip_entry) link; + struct in6_addr lip; /* local IPv6 address */ + u_int refcount; }; -static inline void -simplelock_init(struct simplelock *lock) -{ - lock->s_lock = 0; -} - -static inline void -simplelock_lock(struct simplelock *lock) -{ - while (!atomic_cmpset_int(&lock->s_lock, 0, 1)) - ; -} - -static inline void -simplelock_unlock(struct simplelock *lock) -{ - atomic_store_rel_int(&lock->s_lock, 0); -} +void t4_clip_modload(void); +void t4_clip_modunload(void); +void t4_init_clip_table(struct adapter *); +void t4_destroy_clip_table(struct adapter *); +struct clip_entry *t4_hold_lip(struct adapter *, struct in6_addr *, + struct clip_entry *); +void t4_release_lip(struct adapter *, struct clip_entry *); -#endif +int sysctl_clip(SYSCTL_HANDLER_ARGS); +#endif /* __T4_CLIP_H */ diff --git a/sys/dev/cxgbe/t4_main.c b/sys/dev/cxgbe/t4_main.c index f215fefb8d0c..f9fd4bda2804 100644 --- a/sys/dev/cxgbe/t4_main.c +++ b/sys/dev/cxgbe/t4_main.c @@ -82,6 +82,7 @@ __FBSDID("$FreeBSD$"); #include "common/t4_regs.h" #include "common/t4_regs_values.h" #include "cudbg/cudbg.h" +#include "t4_clip.h" #include "t4_ioctl.h" #include "t4_l2t.h" #include "t4_mp_ring.h" @@ -253,110 +254,150 @@ SLIST_HEAD(, uld_info) t4_uld_list; * Tunables applicable to both T4 and T5 are under hw.cxgbe. Those specific to * T5 are under hw.cxl. */ +SYSCTL_NODE(_hw, OID_AUTO, cxgbe, CTLFLAG_RD, 0, "cxgbe(4) parameters"); +SYSCTL_NODE(_hw, OID_AUTO, cxl, CTLFLAG_RD, 0, "cxgbe(4) T5+ parameters"); +SYSCTL_NODE(_hw_cxgbe, OID_AUTO, toe, CTLFLAG_RD, 0, "cxgbe(4) TOE parameters"); /* * Number of queues for tx and rx, NIC and offload. */ #define NTXQ 16 int t4_ntxq = -NTXQ; -TUNABLE_INT("hw.cxgbe.ntxq", &t4_ntxq); +SYSCTL_INT(_hw_cxgbe, OID_AUTO, ntxq, CTLFLAG_RDTUN, &t4_ntxq, 0, + "Number of TX queues per port"); TUNABLE_INT("hw.cxgbe.ntxq10g", &t4_ntxq); /* Old name, undocumented */ #define NRXQ 8 int t4_nrxq = -NRXQ; -TUNABLE_INT("hw.cxgbe.nrxq", &t4_nrxq); +SYSCTL_INT(_hw_cxgbe, OID_AUTO, nrxq, CTLFLAG_RDTUN, &t4_nrxq, 0, + "Number of RX queues per port"); TUNABLE_INT("hw.cxgbe.nrxq10g", &t4_nrxq); /* Old name, undocumented */ #define NTXQ_VI 1 static int t4_ntxq_vi = -NTXQ_VI; -TUNABLE_INT("hw.cxgbe.ntxq_vi", &t4_ntxq_vi); +SYSCTL_INT(_hw_cxgbe, OID_AUTO, ntxq_vi, CTLFLAG_RDTUN, &t4_ntxq_vi, 0, + "Number of TX queues per VI"); #define NRXQ_VI 1 static int t4_nrxq_vi = -NRXQ_VI; -TUNABLE_INT("hw.cxgbe.nrxq_vi", &t4_nrxq_vi); +SYSCTL_INT(_hw_cxgbe, OID_AUTO, nrxq_vi, CTLFLAG_RDTUN, &t4_nrxq_vi, 0, + "Number of RX queues per VI"); static int t4_rsrv_noflowq = 0; -TUNABLE_INT("hw.cxgbe.rsrv_noflowq", &t4_rsrv_noflowq); +SYSCTL_INT(_hw_cxgbe, OID_AUTO, rsrv_noflowq, CTLFLAG_RDTUN, &t4_rsrv_noflowq, + 0, "Reserve TX queue 0 of each VI for non-flowid packets"); #if defined(TCP_OFFLOAD) || defined(RATELIMIT) #define NOFLDTXQ 8 static int t4_nofldtxq = -NOFLDTXQ; -TUNABLE_INT("hw.cxgbe.nofldtxq", &t4_nofldtxq); +SYSCTL_INT(_hw_cxgbe, OID_AUTO, nofldtxq, CTLFLAG_RDTUN, &t4_nofldtxq, 0, + "Number of offload TX queues per port"); #define NOFLDRXQ 2 static int t4_nofldrxq = -NOFLDRXQ; -TUNABLE_INT("hw.cxgbe.nofldrxq", &t4_nofldrxq); +SYSCTL_INT(_hw_cxgbe, OID_AUTO, nofldrxq, CTLFLAG_RDTUN, &t4_nofldrxq, 0, + "Number of offload RX queues per port"); #define NOFLDTXQ_VI 1 static int t4_nofldtxq_vi = -NOFLDTXQ_VI; -TUNABLE_INT("hw.cxgbe.nofldtxq_vi", &t4_nofldtxq_vi); +SYSCTL_INT(_hw_cxgbe, OID_AUTO, nofldtxq_vi, CTLFLAG_RDTUN, &t4_nofldtxq_vi, 0, + "Number of offload TX queues per VI"); #define NOFLDRXQ_VI 1 static int t4_nofldrxq_vi = -NOFLDRXQ_VI; -TUNABLE_INT("hw.cxgbe.nofldrxq_vi", &t4_nofldrxq_vi); +SYSCTL_INT(_hw_cxgbe, OID_AUTO, nofldrxq_vi, CTLFLAG_RDTUN, &t4_nofldrxq_vi, 0, + "Number of offload RX queues per VI"); #define TMR_IDX_OFLD 1 int t4_tmr_idx_ofld = TMR_IDX_OFLD; -TUNABLE_INT("hw.cxgbe.holdoff_timer_idx_ofld", &t4_tmr_idx_ofld); +SYSCTL_INT(_hw_cxgbe, OID_AUTO, holdoff_timer_idx_ofld, CTLFLAG_RDTUN, + &t4_tmr_idx_ofld, 0, "Holdoff timer index for offload queues"); #define PKTC_IDX_OFLD (-1) int t4_pktc_idx_ofld = PKTC_IDX_OFLD; -TUNABLE_INT("hw.cxgbe.holdoff_pktc_idx_ofld", &t4_pktc_idx_ofld); +SYSCTL_INT(_hw_cxgbe, OID_AUTO, holdoff_pktc_idx_ofld, CTLFLAG_RDTUN, + &t4_pktc_idx_ofld, 0, "holdoff packet counter index for offload queues"); /* 0 means chip/fw default, non-zero number is value in microseconds */ static u_long t4_toe_keepalive_idle = 0; -TUNABLE_ULONG("hw.cxgbe.toe.keepalive_idle", &t4_toe_keepalive_idle); +SYSCTL_ULONG(_hw_cxgbe_toe, OID_AUTO, keepalive_idle, CTLFLAG_RDTUN, + &t4_toe_keepalive_idle, 0, "TOE keepalive idle timer (us)"); /* 0 means chip/fw default, non-zero number is value in microseconds */ static u_long t4_toe_keepalive_interval = 0; -TUNABLE_ULONG("hw.cxgbe.toe.keepalive_interval", &t4_toe_keepalive_interval); +SYSCTL_ULONG(_hw_cxgbe_toe, OID_AUTO, keepalive_interval, CTLFLAG_RDTUN, + &t4_toe_keepalive_interval, 0, "TOE keepalive interval timer (us)"); /* 0 means chip/fw default, non-zero number is # of keepalives before abort */ static int t4_toe_keepalive_count = 0; -TUNABLE_INT("hw.cxgbe.toe.keepalive_count", &t4_toe_keepalive_count); +SYSCTL_INT(_hw_cxgbe_toe, OID_AUTO, keepalive_count, CTLFLAG_RDTUN, + &t4_toe_keepalive_count, 0, "Number of TOE keepalive probes before abort"); /* 0 means chip/fw default, non-zero number is value in microseconds */ static u_long t4_toe_rexmt_min = 0; -TUNABLE_ULONG("hw.cxgbe.toe.rexmt_min", &t4_toe_rexmt_min); +SYSCTL_ULONG(_hw_cxgbe_toe, OID_AUTO, rexmt_min, CTLFLAG_RDTUN, + &t4_toe_rexmt_min, 0, "Minimum TOE retransmit interval (us)"); /* 0 means chip/fw default, non-zero number is value in microseconds */ static u_long t4_toe_rexmt_max = 0; -TUNABLE_ULONG("hw.cxgbe.toe.rexmt_max", &t4_toe_rexmt_max); +SYSCTL_ULONG(_hw_cxgbe_toe, OID_AUTO, rexmt_max, CTLFLAG_RDTUN, + &t4_toe_rexmt_max, 0, "Maximum TOE retransmit interval (us)"); /* 0 means chip/fw default, non-zero number is # of rexmt before abort */ static int t4_toe_rexmt_count = 0; -TUNABLE_INT("hw.cxgbe.toe.rexmt_count", &t4_toe_rexmt_count); +SYSCTL_INT(_hw_cxgbe_toe, OID_AUTO, rexmt_count, CTLFLAG_RDTUN, + &t4_toe_rexmt_count, 0, "Number of TOE retransmissions before abort"); /* -1 means chip/fw default, other values are raw backoff values to use */ static int t4_toe_rexmt_backoff[16] = { -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1 }; -TUNABLE_INT("hw.cxgbe.toe.rexmt_backoff.0", &t4_toe_rexmt_backoff[0]); -TUNABLE_INT("hw.cxgbe.toe.rexmt_backoff.1", &t4_toe_rexmt_backoff[1]); -TUNABLE_INT("hw.cxgbe.toe.rexmt_backoff.2", &t4_toe_rexmt_backoff[2]); -TUNABLE_INT("hw.cxgbe.toe.rexmt_backoff.3", &t4_toe_rexmt_backoff[3]); -TUNABLE_INT("hw.cxgbe.toe.rexmt_backoff.4", &t4_toe_rexmt_backoff[4]); -TUNABLE_INT("hw.cxgbe.toe.rexmt_backoff.5", &t4_toe_rexmt_backoff[5]); -TUNABLE_INT("hw.cxgbe.toe.rexmt_backoff.6", &t4_toe_rexmt_backoff[6]); -TUNABLE_INT("hw.cxgbe.toe.rexmt_backoff.7", &t4_toe_rexmt_backoff[7]); -TUNABLE_INT("hw.cxgbe.toe.rexmt_backoff.8", &t4_toe_rexmt_backoff[8]); -TUNABLE_INT("hw.cxgbe.toe.rexmt_backoff.9", &t4_toe_rexmt_backoff[9]); -TUNABLE_INT("hw.cxgbe.toe.rexmt_backoff.10", &t4_toe_rexmt_backoff[10]); -TUNABLE_INT("hw.cxgbe.toe.rexmt_backoff.11", &t4_toe_rexmt_backoff[11]); -TUNABLE_INT("hw.cxgbe.toe.rexmt_backoff.12", &t4_toe_rexmt_backoff[12]); -TUNABLE_INT("hw.cxgbe.toe.rexmt_backoff.13", &t4_toe_rexmt_backoff[13]); -TUNABLE_INT("hw.cxgbe.toe.rexmt_backoff.14", &t4_toe_rexmt_backoff[14]); -TUNABLE_INT("hw.cxgbe.toe.rexmt_backoff.15", &t4_toe_rexmt_backoff[15]); +SYSCTL_NODE(_hw_cxgbe_toe, OID_AUTO, rexmt_backoff, CTLFLAG_RD, 0, + "cxgbe(4) TOE retransmit backoff values"); +SYSCTL_INT(_hw_cxgbe_toe_rexmt_backoff, OID_AUTO, 0, CTLFLAG_RDTUN, + &t4_toe_rexmt_backoff[0], 0, ""); +SYSCTL_INT(_hw_cxgbe_toe_rexmt_backoff, OID_AUTO, 1, CTLFLAG_RDTUN, + &t4_toe_rexmt_backoff[1], 0, ""); +SYSCTL_INT(_hw_cxgbe_toe_rexmt_backoff, OID_AUTO, 2, CTLFLAG_RDTUN, + &t4_toe_rexmt_backoff[2], 0, ""); +SYSCTL_INT(_hw_cxgbe_toe_rexmt_backoff, OID_AUTO, 3, CTLFLAG_RDTUN, + &t4_toe_rexmt_backoff[3], 0, ""); +SYSCTL_INT(_hw_cxgbe_toe_rexmt_backoff, OID_AUTO, 4, CTLFLAG_RDTUN, + &t4_toe_rexmt_backoff[4], 0, ""); +SYSCTL_INT(_hw_cxgbe_toe_rexmt_backoff, OID_AUTO, 5, CTLFLAG_RDTUN, + &t4_toe_rexmt_backoff[5], 0, ""); +SYSCTL_INT(_hw_cxgbe_toe_rexmt_backoff, OID_AUTO, 6, CTLFLAG_RDTUN, + &t4_toe_rexmt_backoff[6], 0, ""); +SYSCTL_INT(_hw_cxgbe_toe_rexmt_backoff, OID_AUTO, 7, CTLFLAG_RDTUN, + &t4_toe_rexmt_backoff[7], 0, ""); +SYSCTL_INT(_hw_cxgbe_toe_rexmt_backoff, OID_AUTO, 8, CTLFLAG_RDTUN, + &t4_toe_rexmt_backoff[8], 0, ""); +SYSCTL_INT(_hw_cxgbe_toe_rexmt_backoff, OID_AUTO, 9, CTLFLAG_RDTUN, + &t4_toe_rexmt_backoff[9], 0, ""); +SYSCTL_INT(_hw_cxgbe_toe_rexmt_backoff, OID_AUTO, 10, CTLFLAG_RDTUN, + &t4_toe_rexmt_backoff[10], 0, ""); +SYSCTL_INT(_hw_cxgbe_toe_rexmt_backoff, OID_AUTO, 11, CTLFLAG_RDTUN, + &t4_toe_rexmt_backoff[11], 0, ""); +SYSCTL_INT(_hw_cxgbe_toe_rexmt_backoff, OID_AUTO, 12, CTLFLAG_RDTUN, + &t4_toe_rexmt_backoff[12], 0, ""); +SYSCTL_INT(_hw_cxgbe_toe_rexmt_backoff, OID_AUTO, 13, CTLFLAG_RDTUN, + &t4_toe_rexmt_backoff[13], 0, ""); +SYSCTL_INT(_hw_cxgbe_toe_rexmt_backoff, OID_AUTO, 14, CTLFLAG_RDTUN, + &t4_toe_rexmt_backoff[14], 0, ""); +SYSCTL_INT(_hw_cxgbe_toe_rexmt_backoff, OID_AUTO, 15, CTLFLAG_RDTUN, + &t4_toe_rexmt_backoff[15], 0, ""); #endif #ifdef DEV_NETMAP #define NNMTXQ_VI 2 static int t4_nnmtxq_vi = -NNMTXQ_VI; -TUNABLE_INT("hw.cxgbe.nnmtxq_vi", &t4_nnmtxq_vi); +SYSCTL_INT(_hw_cxgbe, OID_AUTO, nnmtxq_vi, CTLFLAG_RDTUN, &t4_nnmtxq_vi, 0, + "Number of netmap TX queues per VI"); #define NNMRXQ_VI 2 static int t4_nnmrxq_vi = -NNMRXQ_VI; -TUNABLE_INT("hw.cxgbe.nnmrxq_vi", &t4_nnmrxq_vi); +SYSCTL_INT(_hw_cxgbe, OID_AUTO, nnmrxq_vi, CTLFLAG_RDTUN, &t4_nnmrxq_vi, 0, + "Number of netmap RX queues per VI"); #endif /* @@ -364,28 +405,33 @@ TUNABLE_INT("hw.cxgbe.nnmrxq_vi", &t4_nnmrxq_vi); */ #define TMR_IDX 1 int t4_tmr_idx = TMR_IDX; -TUNABLE_INT("hw.cxgbe.holdoff_timer_idx", &t4_tmr_idx); +SYSCTL_INT(_hw_cxgbe, OID_AUTO, holdoff_timer_idx, CTLFLAG_RDTUN, &t4_tmr_idx, + 0, "Holdoff timer index"); TUNABLE_INT("hw.cxgbe.holdoff_timer_idx_10G", &t4_tmr_idx); /* Old name */ #define PKTC_IDX (-1) int t4_pktc_idx = PKTC_IDX; -TUNABLE_INT("hw.cxgbe.holdoff_pktc_idx", &t4_pktc_idx); +SYSCTL_INT(_hw_cxgbe, OID_AUTO, holdoff_pktc_idx, CTLFLAG_RDTUN, &t4_pktc_idx, + 0, "Holdoff packet counter index"); TUNABLE_INT("hw.cxgbe.holdoff_pktc_idx_10G", &t4_pktc_idx); /* Old name */ /* * Size (# of entries) of each tx and rx queue. */ unsigned int t4_qsize_txq = TX_EQ_QSIZE; -TUNABLE_INT("hw.cxgbe.qsize_txq", &t4_qsize_txq); +SYSCTL_INT(_hw_cxgbe, OID_AUTO, qsize_txq, CTLFLAG_RDTUN, &t4_qsize_txq, 0, + "Number of descriptors in each TX queue"); unsigned int t4_qsize_rxq = RX_IQ_QSIZE; -TUNABLE_INT("hw.cxgbe.qsize_rxq", &t4_qsize_rxq); +SYSCTL_INT(_hw_cxgbe, OID_AUTO, qsize_rxq, CTLFLAG_RDTUN, &t4_qsize_rxq, 0, + "Number of descriptors in each RX queue"); /* * Interrupt types allowed (bits 0, 1, 2 = INTx, MSI, MSI-X respectively). */ int t4_intr_types = INTR_MSIX | INTR_MSI | INTR_INTX; -TUNABLE_INT("hw.cxgbe.interrupt_types", &t4_intr_types); +SYSCTL_INT(_hw_cxgbe, OID_AUTO, interrupt_types, CTLFLAG_RDTUN, &t4_intr_types, + 0, "Interrupt types allowed (bit 0 = INTx, 1 = MSI, 2 = MSI-X)"); /* * Configuration file. All the _CF names here are special. @@ -396,7 +442,8 @@ TUNABLE_INT("hw.cxgbe.interrupt_types", &t4_intr_types); #define UWIRE_CF "uwire" #define FPGA_CF "fpga" static char t4_cfg_file[32] = DEFAULT_CF; -TUNABLE_STR("hw.cxgbe.config_file", t4_cfg_file, sizeof(t4_cfg_file)); +SYSCTL_STRING(_hw_cxgbe, OID_AUTO, config_file, CTLFLAG_RDTUN, t4_cfg_file, + sizeof(t4_cfg_file), "Firmware configuration file"); /* * PAUSE settings (bit 0, 1, 2 = rx_pause, tx_pause, pause_autoneg respectively). @@ -408,7 +455,9 @@ TUNABLE_STR("hw.cxgbe.config_file", t4_cfg_file, sizeof(t4_cfg_file)); * Otherwise rx_pause/tx_pause are applied forcibly. */ static int t4_pause_settings = PAUSE_RX | PAUSE_TX | PAUSE_AUTONEG; -TUNABLE_INT("hw.cxgbe.pause_settings", &t4_pause_settings); +SYSCTL_INT(_hw_cxgbe, OID_AUTO, pause_settings, CTLFLAG_RDTUN, + &t4_pause_settings, 0, + "PAUSE settings (bit 0 = rx_pause, 1 = tx_pause, 2 = pause_autoneg)"); /* * Forward Error Correction settings (bit 0, 1 = RS, BASER respectively). @@ -416,7 +465,8 @@ TUNABLE_INT("hw.cxgbe.pause_settings", &t4_pause_settings); * 0 to disable FEC. */ static int t4_fec = -1; -TUNABLE_INT("hw.cxgbe.fec", &t4_fec); +SYSCTL_INT(_hw_cxgbe, OID_AUTO, fec, CTLFLAG_RDTUN, &t4_fec, 0, + "Forward Error Correction (bit 0 = RS, bit 1 = BASER_RS)"); /* * Link autonegotiation. @@ -425,28 +475,33 @@ TUNABLE_INT("hw.cxgbe.fec", &t4_fec); * 1 to enable. */ static int t4_autoneg = -1; -TUNABLE_INT("hw.cxgbe.autoneg", &t4_autoneg); +SYSCTL_INT(_hw_cxgbe, OID_AUTO, autoneg, CTLFLAG_RDTUN, &t4_autoneg, 0, + "Link autonegotiation"); /* * Firmware auto-install by driver during attach (0, 1, 2 = prohibited, allowed, * encouraged respectively). */ static unsigned int t4_fw_install = 1; -TUNABLE_INT("hw.cxgbe.fw_install", &t4_fw_install); +SYSCTL_INT(_hw_cxgbe, OID_AUTO, fw_install, CTLFLAG_RDTUN, &t4_fw_install, 0, + "Firmware auto-install (0 = prohibited, 1 = allowed, 2 = encouraged)"); /* * ASIC features that will be used. Disable the ones you don't want so that the * chip resources aren't wasted on features that will not be used. */ static int t4_nbmcaps_allowed = 0; -TUNABLE_INT("hw.cxgbe.nbmcaps_allowed", &t4_nbmcaps_allowed); +SYSCTL_INT(_hw_cxgbe, OID_AUTO, nbmcaps_allowed, CTLFLAG_RDTUN, + &t4_nbmcaps_allowed, 0, "Default NBM capabilities"); static int t4_linkcaps_allowed = 0; /* No DCBX, PPP, etc. by default */ -TUNABLE_INT("hw.cxgbe.linkcaps_allowed", &t4_linkcaps_allowed); +SYSCTL_INT(_hw_cxgbe, OID_AUTO, linkcaps_allowed, CTLFLAG_RDTUN, + &t4_linkcaps_allowed, 0, "Default link capabilities"); static int t4_switchcaps_allowed = FW_CAPS_CONFIG_SWITCH_INGRESS | FW_CAPS_CONFIG_SWITCH_EGRESS; -TUNABLE_INT("hw.cxgbe.switchcaps_allowed", &t4_switchcaps_allowed); +SYSCTL_INT(_hw_cxgbe, OID_AUTO, switchcaps_allowed, CTLFLAG_RDTUN, + &t4_switchcaps_allowed, 0, "Default switch capabilities"); #ifdef RATELIMIT static int t4_niccaps_allowed = FW_CAPS_CONFIG_NIC | @@ -455,28 +510,37 @@ static int t4_niccaps_allowed = FW_CAPS_CONFIG_NIC | static int t4_niccaps_allowed = FW_CAPS_CONFIG_NIC | FW_CAPS_CONFIG_NIC_HASHFILTER; #endif -TUNABLE_INT("hw.cxgbe.niccaps_allowed", &t4_niccaps_allowed); +SYSCTL_INT(_hw_cxgbe, OID_AUTO, niccaps_allowed, CTLFLAG_RDTUN, + &t4_niccaps_allowed, 0, "Default NIC capabilities"); static int t4_toecaps_allowed = -1; -TUNABLE_INT("hw.cxgbe.toecaps_allowed", &t4_toecaps_allowed); +SYSCTL_INT(_hw_cxgbe, OID_AUTO, toecaps_allowed, CTLFLAG_RDTUN, + &t4_toecaps_allowed, 0, "Default TCP offload capabilities"); static int t4_rdmacaps_allowed = -1; -TUNABLE_INT("hw.cxgbe.rdmacaps_allowed", &t4_rdmacaps_allowed); +SYSCTL_INT(_hw_cxgbe, OID_AUTO, rdmacaps_allowed, CTLFLAG_RDTUN, + &t4_rdmacaps_allowed, 0, "Default RDMA capabilities"); static int t4_cryptocaps_allowed = -1; -TUNABLE_INT("hw.cxgbe.cryptocaps_allowed", &t4_cryptocaps_allowed); +SYSCTL_INT(_hw_cxgbe, OID_AUTO, cryptocaps_allowed, CTLFLAG_RDTUN, + &t4_cryptocaps_allowed, 0, "Default crypto capabilities"); static int t4_iscsicaps_allowed = -1; -TUNABLE_INT("hw.cxgbe.iscsicaps_allowed", &t4_iscsicaps_allowed); +SYSCTL_INT(_hw_cxgbe, OID_AUTO, iscsicaps_allowed, CTLFLAG_RDTUN, + &t4_iscsicaps_allowed, 0, "Default iSCSI capabilities"); static int t4_fcoecaps_allowed = 0; -TUNABLE_INT("hw.cxgbe.fcoecaps_allowed", &t4_fcoecaps_allowed); +SYSCTL_INT(_hw_cxgbe, OID_AUTO, fcoecaps_allowed, CTLFLAG_RDTUN, + &t4_fcoecaps_allowed, 0, "Default FCoE capabilities"); static int t5_write_combine = 0; -TUNABLE_INT("hw.cxl.write_combine", &t5_write_combine); +SYSCTL_INT(_hw_cxl, OID_AUTO, write_combine, CTLFLAG_RDTUN, &t5_write_combine, + 0, "Use WC instead of UC for BAR2"); static int t4_num_vis = 1; -TUNABLE_INT("hw.cxgbe.num_vis", &t4_num_vis); +SYSCTL_INT(_hw_cxgbe, OID_AUTO, num_vis, CTLFLAG_RDTUN, &t4_num_vis, 0, + "Number of VIs per port"); + /* * PCIe Relaxed Ordering. * -1: driver should figure out a good value. @@ -485,17 +549,22 @@ TUNABLE_INT("hw.cxgbe.num_vis", &t4_num_vis); * 2: leave RO alone. */ static int pcie_relaxed_ordering = -1; -TUNABLE_INT("hw.cxgbe.pcie_relaxed_ordering", &pcie_relaxed_ordering); +SYSCTL_INT(_hw_cxgbe, OID_AUTO, pcie_relaxed_ordering, CTLFLAG_RDTUN, + &pcie_relaxed_ordering, 0, + "PCIe Relaxed Ordering: 0 = disable, 1 = enable, 2 = leave alone"); static int t4_panic_on_fatal_err = 0; -TUNABLE_INT("hw.cxgbe.panic_on_fatal_err", &t4_panic_on_fatal_err); +SYSCTL_INT(_hw_cxgbe, OID_AUTO, panic_on_fatal_err, CTLFLAG_RDTUN, + &t4_panic_on_fatal_err, 0, "panic on fatal firmware errors"); #ifdef TCP_OFFLOAD /* * TOE tunables. */ static int t4_cop_managed_offloading = 0; -TUNABLE_INT("hw.cxgbe.cop_managed_offloading", &t4_cop_managed_offloading); +SYSCTL_INT(_hw_cxgbe, OID_AUTO, cop_managed_offloading, CTLFLAG_RDTUN, + &t4_cop_managed_offloading, 0, + "COP (Connection Offload Policy) controls all TOE offload"); #endif /* Functions used by VIs to obtain unique MAC addresses for each VI. */ @@ -535,9 +604,8 @@ static int validate_mt_off_len(struct adapter *, int, uint32_t, uint32_t, uint32_t *); static int fixup_devlog_params(struct adapter *); static int cfg_itype_and_nqueues(struct adapter *, struct intrs_and_queues *); -static int prep_firmware(struct adapter *); -static int partition_resources(struct adapter *, const struct firmware *, - const char *); +static int contact_firmware(struct adapter *); +static int partition_resources(struct adapter *); static int get_params__pre_init(struct adapter *); static int get_params__post_init(struct adapter *); static int set_params__post_init(struct adapter *); @@ -990,11 +1058,22 @@ t4_attach(device_t dev) } #endif - /* Prepare the firmware for operation */ - rc = prep_firmware(sc); + /* Contact the firmware and try to become the master driver. */ + rc = contact_firmware(sc); + if (rc != 0) + goto done; /* error message displayed already */ + MPASS(sc->flags & FW_OK); + + rc = get_params__pre_init(sc); if (rc != 0) goto done; /* error message displayed already */ + if (sc->flags & MASTER_PF) { + rc = partition_resources(sc); + if (rc != 0) + goto done; /* error message displayed already */ + } + rc = get_params__post_init(sc); if (rc != 0) goto done; /* error message displayed already */ @@ -1153,6 +1232,9 @@ t4_attach(device_t dev) #ifdef RATELIMIT t4_init_etid_table(sc); #endif +#ifdef INET6 + t4_init_clip_table(sc); +#endif if (sc->vres.key.size != 0) sc->key_map = vmem_create("T4TLS key map", sc->vres.key.start, sc->vres.key.size, 32, 0, M_FIRSTFIT | M_WAITOK); @@ -1443,6 +1525,9 @@ t4_detach_common(device_t dev) #endif if (sc->key_map) vmem_destroy(sc->key_map); +#ifdef INET6 + t4_destroy_clip_table(sc); +#endif #if defined(TCP_OFFLOAD) || defined(RATELIMIT) free(sc->sge.ofld_txq, M_CXGBE); @@ -1565,10 +1650,6 @@ cxgbe_vi_attach(device_t dev, struct vi_info *vi) if (vi->nofldrxq != 0) ifp->if_capabilities |= IFCAP_TOE; #endif -#ifdef DEV_NETMAP - if (vi->nnmrxq != 0) - ifp->if_capabilities |= IFCAP_NETMAP; -#endif #ifdef RATELIMIT if (is_ethoffload(vi->pi->adapter) && vi->nofldtxq != 0) { ifp->if_capabilities |= IFCAP_TXRTLMT; @@ -1588,7 +1669,7 @@ cxgbe_vi_attach(device_t dev, struct vi_info *vi) ether_ifattach(ifp, vi->hw_addr); #ifdef DEV_NETMAP - if (ifp->if_capabilities & IFCAP_NETMAP) + if (vi->nnmrxq != 0) cxgbe_nm_attach(vi); #endif sb = sbuf_new_auto(); @@ -3334,27 +3415,85 @@ fw_compatible(const struct fw_hdr *hdr1, const struct fw_hdr *hdr2) return (0); } +static int +load_fw_module(struct adapter *sc, const struct firmware **dcfg, + const struct firmware **fw) +{ + struct fw_info *fw_info; + + *dcfg = NULL; + if (fw != NULL) + *fw = NULL; + + fw_info = find_fw_info(chip_id(sc)); + if (fw_info == NULL) { + device_printf(sc->dev, + "unable to look up firmware information for chip %d.\n", + chip_id(sc)); + return (EINVAL); + } + + *dcfg = firmware_get(fw_info->kld_name); + if (*dcfg != NULL) { + if (fw != NULL) + *fw = firmware_get(fw_info->fw_mod_name); + return (0); + } + + return (ENOENT); +} + +static void +unload_fw_module(struct adapter *sc, const struct firmware *dcfg, + const struct firmware *fw) +{ + + if (fw != NULL) + firmware_put(fw, FIRMWARE_UNLOAD); + if (dcfg != NULL) + firmware_put(dcfg, FIRMWARE_UNLOAD); +} + /* - * The firmware in the KLD is usable, but should it be installed? This routine - * explains itself in detail if it indicates the KLD firmware should be - * installed. + * Return values: + * 0 means no firmware install attempted. + * ERESTART means a firmware install was attempted and was successful. + * +ve errno means a firmware install was attempted but failed. */ static int -should_install_kld_fw(struct adapter *sc, int card_fw_usable, int k, int c) +install_kld_firmware(struct adapter *sc, struct fw_hdr *card_fw, + const struct fw_hdr *drv_fw, const char *reason, int *already) { - const char *reason; + const struct firmware *cfg, *fw; + const uint32_t c = be32toh(card_fw->fw_ver); + const uint32_t d = be32toh(drv_fw->fw_ver); + uint32_t k; + int rc; + + if (reason != NULL) + goto install; + + if ((sc->flags & FW_OK) == 0) { + + if (c == 0xffffffff) { + reason = "missing"; + goto install; + } + + return (0); + } - if (!card_fw_usable) { + if (!fw_compatible(card_fw, drv_fw)) { reason = "incompatible or unusable"; goto install; } - if (k > c) { + if (d > c) { reason = "older than the version bundled with this driver"; goto install; } - if (t4_fw_install == 2 && k != c) { + if (t4_fw_install == 2 && d != c) { reason = "different than the version bundled with this driver"; goto install; } @@ -3362,10 +3501,13 @@ should_install_kld_fw(struct adapter *sc, int card_fw_usable, int k, int c) return (0); install: + if ((*already)++) + return (0); + if (t4_fw_install == 0) { device_printf(sc->dev, "firmware on card (%u.%u.%u.%u) is %s, " - "but the driver is prohibited from installing a different " - "firmware on the card.\n", + "but the driver is prohibited from installing a firmware " + "on the card.\n", G_FW_HDR_FW_VER_MAJOR(c), G_FW_HDR_FW_VER_MINOR(c), G_FW_HDR_FW_VER_MICRO(c), G_FW_HDR_FW_VER_BUILD(c), reason); @@ -3376,29 +3518,57 @@ install: "installing firmware %u.%u.%u.%u on card.\n", G_FW_HDR_FW_VER_MAJOR(c), G_FW_HDR_FW_VER_MINOR(c), G_FW_HDR_FW_VER_MICRO(c), G_FW_HDR_FW_VER_BUILD(c), reason, - G_FW_HDR_FW_VER_MAJOR(k), G_FW_HDR_FW_VER_MINOR(k), - G_FW_HDR_FW_VER_MICRO(k), G_FW_HDR_FW_VER_BUILD(k)); + G_FW_HDR_FW_VER_MAJOR(d), G_FW_HDR_FW_VER_MINOR(d), + G_FW_HDR_FW_VER_MICRO(d), G_FW_HDR_FW_VER_BUILD(d)); + + rc = load_fw_module(sc, &cfg, &fw); + if (rc != 0 || fw == NULL) { + device_printf(sc->dev, + "failed to load firmware module: %d. cfg %p, fw %p\n", rc, + cfg, fw); + rc = sc->flags & FW_OK ? 0 : ENOENT; + goto done; + } + k = be32toh(((const struct fw_hdr *)fw->data)->fw_ver); + if (k != d) { + device_printf(sc->dev, + "firmware in KLD (%u.%u.%u.%u) is not what the driver was " + "compiled with and will not be used.\n", + G_FW_HDR_FW_VER_MAJOR(k), G_FW_HDR_FW_VER_MINOR(k), + G_FW_HDR_FW_VER_MICRO(k), G_FW_HDR_FW_VER_BUILD(k)); + rc = sc->flags & FW_OK ? 0 : EINVAL; + goto done; + } - return (1); + rc = -t4_fw_upgrade(sc, sc->mbox, fw->data, fw->datasize, 0); + if (rc != 0) { + device_printf(sc->dev, "failed to install firmware: %d\n", rc); + } else { + /* Installed successfully, update the cached header too. */ + rc = ERESTART; + memcpy(card_fw, fw->data, sizeof(*card_fw)); + } +done: + unload_fw_module(sc, cfg, fw); + + return (rc); } /* - * Establish contact with the firmware and determine if we are the master driver - * or not, and whether we are responsible for chip initialization. + * Establish contact with the firmware and attempt to become the master driver. + * + * A firmware will be installed to the card if needed (if the driver is allowed + * to do so). */ static int -prep_firmware(struct adapter *sc) +contact_firmware(struct adapter *sc) { - const struct firmware *fw = NULL, *default_cfg; - int rc, pf, card_fw_usable, kld_fw_usable, need_fw_reset = 1; + int rc, already = 0; enum dev_state state; struct fw_info *fw_info; struct fw_hdr *card_fw; /* fw on the card */ - const struct fw_hdr *kld_fw; /* fw in the KLD */ - const struct fw_hdr *drv_fw; /* fw header the driver was compiled - against */ + const struct fw_hdr *drv_fw; /* fw bundled with the driver */ - /* This is the firmware whose headers the driver was compiled against */ fw_info = find_fw_info(chip_id(sc)); if (fw_info == NULL) { device_printf(sc->dev, @@ -3408,186 +3578,167 @@ prep_firmware(struct adapter *sc) } drv_fw = &fw_info->fw_hdr; - /* - * The firmware KLD contains many modules. The KLD name is also the - * name of the module that contains the default config file. - */ - default_cfg = firmware_get(fw_info->kld_name); - - /* This is the firmware in the KLD */ - fw = firmware_get(fw_info->fw_mod_name); - if (fw != NULL) { - kld_fw = (const void *)fw->data; - kld_fw_usable = fw_compatible(drv_fw, kld_fw); - } else { - kld_fw = NULL; - kld_fw_usable = 0; - } - /* Read the header of the firmware on the card */ card_fw = malloc(sizeof(*card_fw), M_CXGBE, M_ZERO | M_WAITOK); - rc = -t4_read_flash(sc, FLASH_FW_START, - sizeof (*card_fw) / sizeof (uint32_t), (uint32_t *)card_fw, 1); - if (rc == 0) { - card_fw_usable = fw_compatible(drv_fw, (const void*)card_fw); - if (card_fw->fw_ver == be32toh(0xffffffff)) { - uint32_t d = be32toh(kld_fw->fw_ver); - - if (!kld_fw_usable) { - device_printf(sc->dev, - "no firmware on the card and no usable " - "firmware bundled with the driver.\n"); - rc = EIO; - goto done; - } else if (t4_fw_install == 0) { - device_printf(sc->dev, - "no firmware on the card and the driver " - "is prohibited from installing new " - "firmware.\n"); - rc = EIO; - goto done; - } - - device_printf(sc->dev, "no firmware on the card, " - "installing firmware %d.%d.%d.%d\n", - G_FW_HDR_FW_VER_MAJOR(d), G_FW_HDR_FW_VER_MINOR(d), - G_FW_HDR_FW_VER_MICRO(d), G_FW_HDR_FW_VER_BUILD(d)); - rc = t4_fw_forceinstall(sc, fw->data, fw->datasize); - if (rc < 0) { - rc = -rc; - device_printf(sc->dev, - "firmware install failed: %d.\n", rc); - goto done; - } - memcpy(card_fw, kld_fw, sizeof(*card_fw)); - card_fw_usable = 1; - need_fw_reset = 0; - } - } else { +restart: + rc = -t4_get_fw_hdr(sc, card_fw); + if (rc != 0) { device_printf(sc->dev, - "Unable to read card's firmware header: %d\n", rc); - card_fw_usable = 0; + "unable to read firmware header from card's flash: %d\n", + rc); + goto done; } - /* Contact firmware. */ + rc = install_kld_firmware(sc, card_fw, drv_fw, NULL, &already); + if (rc == ERESTART) + goto restart; + if (rc != 0) + goto done; + rc = t4_fw_hello(sc, sc->mbox, sc->mbox, MASTER_MAY, &state); if (rc < 0 || state == DEV_STATE_ERR) { rc = -rc; device_printf(sc->dev, - "failed to connect to the firmware: %d, %d.\n", rc, state); + "failed to connect to the firmware: %d, %d. " + "PCIE_FW 0x%08x\n", rc, state, t4_read_reg(sc, A_PCIE_FW)); +#if 0 + if (install_kld_firmware(sc, card_fw, drv_fw, + "not responding properly to HELLO", &already) == ERESTART) + goto restart; +#endif goto done; } - pf = rc; - if (pf == sc->mbox) + MPASS(be32toh(card_fw->flags) & FW_HDR_FLAGS_RESET_HALT); + sc->flags |= FW_OK; /* The firmware responded to the FW_HELLO. */ + + if (rc == sc->pf) { sc->flags |= MASTER_PF; - else if (state == DEV_STATE_UNINIT) { + rc = install_kld_firmware(sc, card_fw, drv_fw, NULL, &already); + if (rc == ERESTART) + rc = 0; + else if (rc != 0) + goto done; + } else if (state == DEV_STATE_UNINIT) { /* * We didn't get to be the master so we definitely won't be * configuring the chip. It's a bug if someone else hasn't * configured it already. */ device_printf(sc->dev, "couldn't be master(%d), " - "device not already initialized either(%d).\n", rc, state); + "device not already initialized either(%d). " + "PCIE_FW 0x%08x\n", rc, state, t4_read_reg(sc, A_PCIE_FW)); rc = EPROTO; goto done; - } - - if (card_fw_usable && card_fw->fw_ver == drv_fw->fw_ver && - (!kld_fw_usable || kld_fw->fw_ver == drv_fw->fw_ver)) { + } else { /* - * Common case: the firmware on the card is an exact match and - * the KLD is an exact match too, or the KLD is - * absent/incompatible. Note that t4_fw_install = 2 is ignored - * here -- use cxgbetool loadfw if you want to reinstall the - * same firmware as the one on the card. + * Some other PF is the master and has configured the chip. + * This is allowed but untested. */ - } else if (kld_fw_usable && state == DEV_STATE_UNINIT && - should_install_kld_fw(sc, card_fw_usable, be32toh(kld_fw->fw_ver), - be32toh(card_fw->fw_ver))) { + device_printf(sc->dev, "PF%d is master, device state %d. " + "PCIE_FW 0x%08x\n", rc, state, t4_read_reg(sc, A_PCIE_FW)); + snprintf(sc->cfg_file, sizeof(sc->cfg_file), "pf%d", rc); + sc->cfcsum = 0; + rc = 0; + } +done: + if (rc != 0 && sc->flags & FW_OK) { + t4_fw_bye(sc, sc->mbox); + sc->flags &= ~FW_OK; + } + free(card_fw, M_CXGBE); + return (rc); +} - rc = -t4_fw_upgrade(sc, sc->mbox, fw->data, fw->datasize, 0); - if (rc != 0) { +static int +copy_cfg_file_to_card(struct adapter *sc, char *cfg_file, + uint32_t mtype, uint32_t moff) +{ + struct fw_info *fw_info; + const struct firmware *dcfg, *rcfg = NULL; + const uint32_t *cfdata; + uint32_t cflen, addr; + int rc; + + load_fw_module(sc, &dcfg, NULL); + + /* Card specific interpretation of "default". */ + if (strncmp(cfg_file, DEFAULT_CF, sizeof(t4_cfg_file)) == 0) { + if (pci_get_device(sc->dev) == 0x440a) + snprintf(cfg_file, sizeof(t4_cfg_file), UWIRE_CF); + if (is_fpga(sc)) + snprintf(cfg_file, sizeof(t4_cfg_file), FPGA_CF); + } + + if (strncmp(cfg_file, DEFAULT_CF, sizeof(t4_cfg_file)) == 0) { + if (dcfg == NULL) { device_printf(sc->dev, - "failed to install firmware: %d\n", rc); + "KLD with default config is not available.\n"); + rc = ENOENT; goto done; } + cfdata = dcfg->data; + cflen = dcfg->datasize & ~3; + } else { + char s[32]; - /* Installed successfully, update the cached header too. */ - memcpy(card_fw, kld_fw, sizeof(*card_fw)); - card_fw_usable = 1; - need_fw_reset = 0; /* already reset as part of load_fw */ - } - - if (!card_fw_usable) { - uint32_t d, c, k; + fw_info = find_fw_info(chip_id(sc)); + if (fw_info == NULL) { + device_printf(sc->dev, + "unable to look up firmware information for chip %d.\n", + chip_id(sc)); + rc = EINVAL; + goto done; + } + snprintf(s, sizeof(s), "%s_%s", fw_info->kld_name, cfg_file); - d = ntohl(drv_fw->fw_ver); - c = ntohl(card_fw->fw_ver); - k = kld_fw ? ntohl(kld_fw->fw_ver) : 0; + rcfg = firmware_get(s); + if (rcfg == NULL) { + device_printf(sc->dev, + "unable to load module \"%s\" for configuration " + "profile \"%s\".\n", s, cfg_file); + rc = ENOENT; + goto done; + } + cfdata = rcfg->data; + cflen = rcfg->datasize & ~3; + } - device_printf(sc->dev, "Cannot find a usable firmware: " - "fw_install %d, chip state %d, " - "driver compiled with %d.%d.%d.%d, " - "card has %d.%d.%d.%d, KLD has %d.%d.%d.%d\n", - t4_fw_install, state, - G_FW_HDR_FW_VER_MAJOR(d), G_FW_HDR_FW_VER_MINOR(d), - G_FW_HDR_FW_VER_MICRO(d), G_FW_HDR_FW_VER_BUILD(d), - G_FW_HDR_FW_VER_MAJOR(c), G_FW_HDR_FW_VER_MINOR(c), - G_FW_HDR_FW_VER_MICRO(c), G_FW_HDR_FW_VER_BUILD(c), - G_FW_HDR_FW_VER_MAJOR(k), G_FW_HDR_FW_VER_MINOR(k), - G_FW_HDR_FW_VER_MICRO(k), G_FW_HDR_FW_VER_BUILD(k)); + if (cflen > FLASH_CFG_MAX_SIZE) { + device_printf(sc->dev, + "config file too long (%d, max allowed is %d).\n", + cflen, FLASH_CFG_MAX_SIZE); rc = EINVAL; goto done; } - /* Reset device */ - if (need_fw_reset && - (rc = -t4_fw_reset(sc, sc->mbox, F_PIORSTMODE | F_PIORST)) != 0) { - device_printf(sc->dev, "firmware reset failed: %d.\n", rc); - if (rc != ETIMEDOUT && rc != EIO) - t4_fw_bye(sc, sc->mbox); + rc = validate_mt_off_len(sc, mtype, moff, cflen, &addr); + if (rc != 0) { + device_printf(sc->dev, + "%s: addr (%d/0x%x) or len %d is not valid: %d.\n", + __func__, mtype, moff, cflen, rc); + rc = EINVAL; goto done; } - sc->flags |= FW_OK; - - rc = get_params__pre_init(sc); - if (rc != 0) - goto done; /* error message displayed already */ - - /* Partition adapter resources as specified in the config file. */ - if (state == DEV_STATE_UNINIT) { - - KASSERT(sc->flags & MASTER_PF, - ("%s: trying to change chip settings when not master.", - __func__)); - - rc = partition_resources(sc, default_cfg, fw_info->kld_name); - if (rc != 0) - goto done; /* error message displayed already */ - - t4_tweak_chip_settings(sc); - - /* get basic stuff going */ - rc = -t4_fw_initialize(sc, sc->mbox); - if (rc != 0) { - device_printf(sc->dev, "fw init failed: %d.\n", rc); - goto done; - } - } else { - snprintf(sc->cfg_file, sizeof(sc->cfg_file), "pf%d", pf); - sc->cfcsum = 0; - } - + write_via_memwin(sc, 2, addr, cfdata, cflen); done: - free(card_fw, M_CXGBE); - if (fw != NULL) - firmware_put(fw, FIRMWARE_UNLOAD); - if (default_cfg != NULL) - firmware_put(default_cfg, FIRMWARE_UNLOAD); - + if (rcfg != NULL) + firmware_put(rcfg, FIRMWARE_UNLOAD); + unload_fw_module(sc, dcfg, NULL); return (rc); } +struct caps_allowed { + uint16_t nbmcaps; + uint16_t linkcaps; + uint16_t switchcaps; + uint16_t niccaps; + uint16_t toecaps; + uint16_t rdmacaps; + uint16_t cryptocaps; + uint16_t iscsicaps; + uint16_t fcoecaps; +}; + #define FW_PARAM_DEV(param) \ (V_FW_PARAMS_MNEM(FW_PARAMS_MNEM_DEV) | \ V_FW_PARAMS_PARAM_X(FW_PARAMS_PARAM_DEV_##param)) @@ -3596,78 +3747,39 @@ done: V_FW_PARAMS_PARAM_X(FW_PARAMS_PARAM_PFVF_##param)) /* - * Partition chip resources for use between various PFs, VFs, etc. + * Provide a configuration profile to the firmware and have it initialize the + * chip accordingly. This may involve uploading a configuration file to the + * card. */ static int -partition_resources(struct adapter *sc, const struct firmware *default_cfg, - const char *name_prefix) +apply_cfg_and_initialize(struct adapter *sc, char *cfg_file, + const struct caps_allowed *caps_allowed) { - const struct firmware *cfg = NULL; - int rc = 0; + int rc; struct fw_caps_config_cmd caps; - uint32_t mtype, moff, finicsum, cfcsum; - - /* - * Figure out what configuration file to use. Pick the default config - * file for the card if the user hasn't specified one explicitly. - */ - snprintf(sc->cfg_file, sizeof(sc->cfg_file), "%s", t4_cfg_file); - if (strncmp(t4_cfg_file, DEFAULT_CF, sizeof(t4_cfg_file)) == 0) { - /* Card specific overrides go here. */ - if (pci_get_device(sc->dev) == 0x440a) - snprintf(sc->cfg_file, sizeof(sc->cfg_file), UWIRE_CF); - if (is_fpga(sc)) - snprintf(sc->cfg_file, sizeof(sc->cfg_file), FPGA_CF); - } else if (strncmp(t4_cfg_file, BUILTIN_CF, sizeof(t4_cfg_file)) == 0) - goto use_built_in_config; /* go straight to config. */ - - /* - * We need to load another module if the profile is anything except - * "default" or "flash". - */ - if (strncmp(sc->cfg_file, DEFAULT_CF, sizeof(sc->cfg_file)) != 0 && - strncmp(sc->cfg_file, FLASH_CF, sizeof(sc->cfg_file)) != 0) { - char s[32]; - - snprintf(s, sizeof(s), "%s_%s", name_prefix, sc->cfg_file); - cfg = firmware_get(s); - if (cfg == NULL) { - if (default_cfg != NULL) { - device_printf(sc->dev, - "unable to load module \"%s\" for " - "configuration profile \"%s\", will use " - "the default config file instead.\n", - s, sc->cfg_file); - snprintf(sc->cfg_file, sizeof(sc->cfg_file), - "%s", DEFAULT_CF); - } else { - device_printf(sc->dev, - "unable to load module \"%s\" for " - "configuration profile \"%s\", will use " - "the config file on the card's flash " - "instead.\n", s, sc->cfg_file); - snprintf(sc->cfg_file, sizeof(sc->cfg_file), - "%s", FLASH_CF); - } - } - } + uint32_t mtype, moff, finicsum, cfcsum, param, val; - if (strncmp(sc->cfg_file, DEFAULT_CF, sizeof(sc->cfg_file)) == 0 && - default_cfg == NULL) { - device_printf(sc->dev, - "default config file not available, will use the config " - "file on the card's flash instead.\n"); - snprintf(sc->cfg_file, sizeof(sc->cfg_file), "%s", FLASH_CF); + rc = -t4_fw_reset(sc, sc->mbox, F_PIORSTMODE | F_PIORST); + if (rc != 0) { + device_printf(sc->dev, "firmware reset failed: %d.\n", rc); + return (rc); } - if (strncmp(sc->cfg_file, FLASH_CF, sizeof(sc->cfg_file)) != 0) { - u_int cflen; - const uint32_t *cfdata; - uint32_t param, val, addr; - - KASSERT(cfg != NULL || default_cfg != NULL, - ("%s: no config to upload", __func__)); - + bzero(&caps, sizeof(caps)); + caps.op_to_write = htobe32(V_FW_CMD_OP(FW_CAPS_CONFIG_CMD) | + F_FW_CMD_REQUEST | F_FW_CMD_READ); + if (strncmp(cfg_file, BUILTIN_CF, sizeof(t4_cfg_file)) == 0) { + mtype = 0; + moff = 0; + caps.cfvalid_to_len16 = htobe32(FW_LEN16(caps)); + } else if (strncmp(cfg_file, FLASH_CF, sizeof(t4_cfg_file)) == 0) { + mtype = FW_MEMTYPE_FLASH; + moff = t4_flash_cfg_addr(sc); + caps.cfvalid_to_len16 = htobe32(F_FW_CAPS_CONFIG_CMD_CFVALID | + V_FW_CAPS_CONFIG_CMD_MEMTYPE_CF(mtype) | + V_FW_CAPS_CONFIG_CMD_MEMADDR64K_CF(moff >> 16) | + FW_LEN16(caps)); + } else { /* * Ask the firmware where it wants us to upload the config file. */ @@ -3681,110 +3793,52 @@ partition_resources(struct adapter *sc, const struct firmware *default_cfg, } mtype = G_FW_PARAMS_PARAM_Y(val); moff = G_FW_PARAMS_PARAM_Z(val) << 16; + caps.cfvalid_to_len16 = htobe32(F_FW_CAPS_CONFIG_CMD_CFVALID | + V_FW_CAPS_CONFIG_CMD_MEMTYPE_CF(mtype) | + V_FW_CAPS_CONFIG_CMD_MEMADDR64K_CF(moff >> 16) | + FW_LEN16(caps)); - /* - * XXX: sheer laziness. We deliberately added 4 bytes of - * useless stuffing/comments at the end of the config file so - * it's ok to simply throw away the last remaining bytes when - * the config file is not an exact multiple of 4. This also - * helps with the validate_mt_off_len check. - */ - if (cfg != NULL) { - cflen = cfg->datasize & ~3; - cfdata = cfg->data; - } else { - cflen = default_cfg->datasize & ~3; - cfdata = default_cfg->data; - } - - if (cflen > FLASH_CFG_MAX_SIZE) { - device_printf(sc->dev, - "config file too long (%d, max allowed is %d). " - "Will try to use the config on the card, if any.\n", - cflen, FLASH_CFG_MAX_SIZE); - goto use_config_on_flash; - } - - rc = validate_mt_off_len(sc, mtype, moff, cflen, &addr); + rc = copy_cfg_file_to_card(sc, cfg_file, mtype, moff); if (rc != 0) { device_printf(sc->dev, - "%s: addr (%d/0x%x) or len %d is not valid: %d. " - "Will try to use the config on the card, if any.\n", - __func__, mtype, moff, cflen, rc); - goto use_config_on_flash; + "failed to upload config file to card: %d.\n", rc); + goto done; } - write_via_memwin(sc, 2, addr, cfdata, cflen); - } else { -use_config_on_flash: - mtype = FW_MEMTYPE_FLASH; - moff = t4_flash_cfg_addr(sc); } - - bzero(&caps, sizeof(caps)); - caps.op_to_write = htobe32(V_FW_CMD_OP(FW_CAPS_CONFIG_CMD) | - F_FW_CMD_REQUEST | F_FW_CMD_READ); - caps.cfvalid_to_len16 = htobe32(F_FW_CAPS_CONFIG_CMD_CFVALID | - V_FW_CAPS_CONFIG_CMD_MEMTYPE_CF(mtype) | - V_FW_CAPS_CONFIG_CMD_MEMADDR64K_CF(moff >> 16) | FW_LEN16(caps)); rc = -t4_wr_mbox(sc, sc->mbox, &caps, sizeof(caps), &caps); if (rc != 0) { - device_printf(sc->dev, - "failed to pre-process config file: %d " - "(mtype %d, moff 0x%x). Will reset the firmware and retry " - "with the built-in configuration.\n", rc, mtype, moff); - - rc = -t4_fw_reset(sc, sc->mbox, F_PIORSTMODE | F_PIORST); - if (rc != 0) { - device_printf(sc->dev, - "firmware reset failed: %d.\n", rc); - if (rc != ETIMEDOUT && rc != EIO) { - t4_fw_bye(sc, sc->mbox); - sc->flags &= ~FW_OK; - } - goto done; - } - snprintf(sc->cfg_file, sizeof(sc->cfg_file), "%s", "built-in"); -use_built_in_config: - bzero(&caps, sizeof(caps)); - caps.op_to_write = htobe32(V_FW_CMD_OP(FW_CAPS_CONFIG_CMD) | - F_FW_CMD_REQUEST | F_FW_CMD_READ); - caps.cfvalid_to_len16 = htobe32(FW_LEN16(caps)); - rc = t4_wr_mbox(sc, sc->mbox, &caps, sizeof(caps), &caps); - if (rc != 0) { - device_printf(sc->dev, - "built-in configuration failed: %d.\n", rc); - goto done; - } + device_printf(sc->dev, "failed to pre-process config file: %d " + "(mtype %d, moff 0x%x).\n", rc, mtype, moff); + goto done; } finicsum = be32toh(caps.finicsum); - cfcsum = be32toh(caps.cfcsum); + cfcsum = be32toh(caps.cfcsum); /* actual */ if (finicsum != cfcsum) { device_printf(sc->dev, "WARNING: config file checksum mismatch: %08x %08x\n", finicsum, cfcsum); } sc->cfcsum = cfcsum; - -#define LIMIT_CAPS(x) do { \ - caps.x &= htobe16(t4_##x##_allowed); \ -} while (0) + snprintf(sc->cfg_file, sizeof(sc->cfg_file), "%s", cfg_file); /* * Let the firmware know what features will (not) be used so it can tune * things accordingly. */ - LIMIT_CAPS(nbmcaps); - LIMIT_CAPS(linkcaps); - LIMIT_CAPS(switchcaps); - LIMIT_CAPS(niccaps); - LIMIT_CAPS(toecaps); - LIMIT_CAPS(rdmacaps); - LIMIT_CAPS(cryptocaps); - LIMIT_CAPS(iscsicaps); - LIMIT_CAPS(fcoecaps); +#define LIMIT_CAPS(x) do { \ + caps.x##caps &= htobe16(caps_allowed->x##caps); \ +} while (0) + LIMIT_CAPS(nbm); + LIMIT_CAPS(link); + LIMIT_CAPS(switch); + LIMIT_CAPS(nic); + LIMIT_CAPS(toe); + LIMIT_CAPS(rdma); + LIMIT_CAPS(crypto); + LIMIT_CAPS(iscsi); + LIMIT_CAPS(fcoe); #undef LIMIT_CAPS - if (caps.niccaps & htobe16(FW_CAPS_CONFIG_NIC_HASHFILTER)) { /* * TOE and hashfilters are mutually exclusive. It is a config @@ -3806,10 +3860,67 @@ use_built_in_config: if (rc != 0) { device_printf(sc->dev, "failed to process config file: %d.\n", rc); + goto done; + } + + t4_tweak_chip_settings(sc); + + /* get basic stuff going */ + rc = -t4_fw_initialize(sc, sc->mbox); + if (rc != 0) { + device_printf(sc->dev, "fw_initialize failed: %d.\n", rc); + goto done; } done: - if (cfg != NULL) - firmware_put(cfg, FIRMWARE_UNLOAD); + return (rc); +} + +/* + * Partition chip resources for use between various PFs, VFs, etc. + */ +static int +partition_resources(struct adapter *sc) +{ + char cfg_file[sizeof(t4_cfg_file)]; + struct caps_allowed caps_allowed; + int rc; + bool fallback; + + /* Only the master driver gets to configure the chip resources. */ + MPASS(sc->flags & MASTER_PF); + +#define COPY_CAPS(x) do { \ + caps_allowed.x##caps = t4_##x##caps_allowed; \ +} while (0) + bzero(&caps_allowed, sizeof(caps_allowed)); + COPY_CAPS(nbm); + COPY_CAPS(link); + COPY_CAPS(switch); + COPY_CAPS(nic); + COPY_CAPS(toe); + COPY_CAPS(rdma); + COPY_CAPS(crypto); + COPY_CAPS(iscsi); + COPY_CAPS(fcoe); + fallback = sc->debug_flags & DF_DISABLE_CFG_RETRY ? false : true; + snprintf(cfg_file, sizeof(cfg_file), "%s", t4_cfg_file); +retry: + rc = apply_cfg_and_initialize(sc, cfg_file, &caps_allowed); + if (rc != 0 && fallback) { + device_printf(sc->dev, + "failed (%d) to configure card with \"%s\" profile, " + "will fall back to a basic configuration and retry.\n", + rc, cfg_file); + snprintf(cfg_file, sizeof(cfg_file), "%s", BUILTIN_CF); + bzero(&caps_allowed, sizeof(caps_allowed)); + COPY_CAPS(nbm); + COPY_CAPS(link); + COPY_CAPS(switch); + COPY_CAPS(nic); + fallback = false; + goto retry; + } +#undef COPY_CAPS return (rc); } @@ -5900,6 +6011,12 @@ t4_sysctls(struct adapter *sc) CTLTYPE_STRING | CTLFLAG_RD, sc, 0, sysctl_smt, "A", "hardware source MAC table"); +#ifdef INET6 + SYSCTL_ADD_PROC(ctx, children, OID_AUTO, "clip", + CTLTYPE_STRING | CTLFLAG_RD, sc, 0, + sysctl_clip, "A", "active CLIP table entries"); +#endif + SYSCTL_ADD_PROC(ctx, children, OID_AUTO, "lb_stats", CTLTYPE_STRING | CTLFLAG_RD, sc, 0, sysctl_lb_stats, "A", "loopback statistics"); @@ -6210,7 +6327,7 @@ cxgbe_sysctls(struct port_info *pi) SYSCTL_ADD_PROC(ctx, children, OID_AUTO, "pause_settings", CTLTYPE_STRING | CTLFLAG_RW, pi, 0, sysctl_pause_settings, "A", - "PAUSE settings (bit 0 = rx_pause, bit 1 = tx_pause)"); + "PAUSE settings (bit 0 = rx_pause, 1 = tx_pause, 2 = pause_autoneg)"); SYSCTL_ADD_PROC(ctx, children, OID_AUTO, "fec", CTLTYPE_STRING | CTLFLAG_RW, pi, 0, sysctl_fec, "A", "Forward Error Correction (bit 0 = RS, bit 1 = BASER_RS)"); @@ -10456,6 +10573,9 @@ mod_event(module_t mod, int cmd, void *arg) sx_init(&t4_uld_list_lock, "T4/T5 ULDs"); SLIST_INIT(&t4_uld_list); #endif +#ifdef INET6 + t4_clip_modload(); +#endif t4_tracer_modload(); tweak_tunables(); } @@ -10495,6 +10615,9 @@ mod_event(module_t mod, int cmd, void *arg) if (t4_sge_extfree_refs() == 0) { t4_tracer_modunload(); +#ifdef INET6 + t4_clip_modunload(); +#endif #ifdef TCP_OFFLOAD sx_destroy(&t4_uld_list_lock); #endif diff --git a/sys/dev/cxgbe/t4_netmap.c b/sys/dev/cxgbe/t4_netmap.c index a27d54ec07f6..62ae895dff5f 100644 --- a/sys/dev/cxgbe/t4_netmap.c +++ b/sys/dev/cxgbe/t4_netmap.c @@ -57,8 +57,6 @@ __FBSDID("$FreeBSD$"); extern int fl_pad; /* XXXNM */ -SYSCTL_NODE(_hw, OID_AUTO, cxgbe, CTLFLAG_RD, 0, "cxgbe netmap parameters"); - /* * 0 = normal netmap rx * 1 = black hole @@ -87,7 +85,9 @@ SYSCTL_INT(_hw_cxgbe, OID_AUTO, nm_holdoff_tmr_idx, CTLFLAG_RWTUN, * 1: no backpressure, drop packets for the congested queue immediately. */ static int nm_cong_drop = 1; -TUNABLE_INT("hw.cxgbe.nm_cong_drop", &nm_cong_drop); +SYSCTL_INT(_hw_cxgbe, OID_AUTO, nm_cong_drop, CTLFLAG_RDTUN, + &nm_cong_drop, 0, + "Congestion control for netmap rx queues (0 = backpressure, 1 = drop"); int starve_fl = 0; SYSCTL_INT(_hw_cxgbe, OID_AUTO, starve_fl, CTLFLAG_RWTUN, @@ -982,7 +982,7 @@ cxgbe_nm_attach(struct vi_info *vi) na.nm_register = cxgbe_netmap_reg; na.num_tx_rings = vi->nnmtxq; na.num_rx_rings = vi->nnmrxq; - netmap_attach(&na); + netmap_attach(&na); /* This adds IFCAP_NETMAP to if_capabilities */ } void diff --git a/sys/dev/cxgbe/t4_sge.c b/sys/dev/cxgbe/t4_sge.c index 3660e333654e..2b227194ff19 100644 --- a/sys/dev/cxgbe/t4_sge.c +++ b/sys/dev/cxgbe/t4_sge.c @@ -90,7 +90,8 @@ __FBSDID("$FreeBSD$"); * 0-7 are valid values. */ static int fl_pktshift = 0; -TUNABLE_INT("hw.cxgbe.fl_pktshift", &fl_pktshift); +SYSCTL_INT(_hw_cxgbe, OID_AUTO, fl_pktshift, CTLFLAG_RDTUN, &fl_pktshift, 0, + "payload DMA offset in rx buffer (bytes)"); /* * Pad ethernet payload up to this boundary. @@ -99,7 +100,8 @@ TUNABLE_INT("hw.cxgbe.fl_pktshift", &fl_pktshift); * Any power of 2 from 32 to 4096 (both inclusive) is also a valid value. */ int fl_pad = -1; -TUNABLE_INT("hw.cxgbe.fl_pad", &fl_pad); +SYSCTL_INT(_hw_cxgbe, OID_AUTO, fl_pad, CTLFLAG_RDTUN, &fl_pad, 0, + "payload pad boundary (bytes)"); /* * Status page length. @@ -107,7 +109,8 @@ TUNABLE_INT("hw.cxgbe.fl_pad", &fl_pad); * 64 or 128 are the only other valid values. */ static int spg_len = -1; -TUNABLE_INT("hw.cxgbe.spg_len", &spg_len); +SYSCTL_INT(_hw_cxgbe, OID_AUTO, spg_len, CTLFLAG_RDTUN, &spg_len, 0, + "status page size (bytes)"); /* * Congestion drops. @@ -116,7 +119,8 @@ TUNABLE_INT("hw.cxgbe.spg_len", &spg_len); * 1: no backpressure, drop packets for the congested queue immediately. */ static int cong_drop = 0; -TUNABLE_INT("hw.cxgbe.cong_drop", &cong_drop); +SYSCTL_INT(_hw_cxgbe, OID_AUTO, cong_drop, CTLFLAG_RDTUN, &cong_drop, 0, + "Congestion control for RX queues (0 = backpressure, 1 = drop"); /* * Deliver multiple frames in the same free list buffer if they fit. @@ -125,7 +129,8 @@ TUNABLE_INT("hw.cxgbe.cong_drop", &cong_drop); * 1: enable buffer packing. */ static int buffer_packing = -1; -TUNABLE_INT("hw.cxgbe.buffer_packing", &buffer_packing); +SYSCTL_INT(_hw_cxgbe, OID_AUTO, buffer_packing, CTLFLAG_RDTUN, &buffer_packing, + 0, "Enable buffer packing"); /* * Start next frame in a packed buffer at this boundary. @@ -134,7 +139,8 @@ TUNABLE_INT("hw.cxgbe.buffer_packing", &buffer_packing); * T5: 16, or a power of 2 from 64 to 4096 (both inclusive) is a valid value. */ static int fl_pack = -1; -TUNABLE_INT("hw.cxgbe.fl_pack", &fl_pack); +SYSCTL_INT(_hw_cxgbe, OID_AUTO, fl_pack, CTLFLAG_RDTUN, &fl_pack, 0, + "payload pack boundary (bytes)"); /* * Allow the driver to create mbuf(s) in a cluster allocated for rx. @@ -142,20 +148,24 @@ TUNABLE_INT("hw.cxgbe.fl_pack", &fl_pack); * 1: ok to create mbuf(s) within a cluster if there is room. */ static int allow_mbufs_in_cluster = 1; -TUNABLE_INT("hw.cxgbe.allow_mbufs_in_cluster", &allow_mbufs_in_cluster); +SYSCTL_INT(_hw_cxgbe, OID_AUTO, allow_mbufs_in_cluster, CTLFLAG_RDTUN, + &allow_mbufs_in_cluster, 0, + "Allow driver to create mbufs within a rx cluster"); /* * Largest rx cluster size that the driver is allowed to allocate. */ static int largest_rx_cluster = MJUM16BYTES; -TUNABLE_INT("hw.cxgbe.largest_rx_cluster", &largest_rx_cluster); +SYSCTL_INT(_hw_cxgbe, OID_AUTO, largest_rx_cluster, CTLFLAG_RDTUN, + &largest_rx_cluster, 0, "Largest rx cluster (bytes)"); /* * Size of cluster allocation that's most likely to succeed. The driver will * fall back to this size if it fails to allocate clusters larger than this. */ static int safest_rx_cluster = PAGE_SIZE; -TUNABLE_INT("hw.cxgbe.safest_rx_cluster", &safest_rx_cluster); +SYSCTL_INT(_hw_cxgbe, OID_AUTO, safest_rx_cluster, CTLFLAG_RDTUN, + &safest_rx_cluster, 0, "Safe rx cluster (bytes)"); #ifdef RATELIMIT /* @@ -168,10 +178,12 @@ TUNABLE_INT("hw.cxgbe.safest_rx_cluster", &safest_rx_cluster); * 3: 1us */ static int tsclk = -1; -TUNABLE_INT("hw.cxgbe.tsclk", &tsclk); +SYSCTL_INT(_hw_cxgbe, OID_AUTO, tsclk, CTLFLAG_RDTUN, &tsclk, 0, + "Control TCP timestamp rewriting when using pacing"); static int eo_max_backlog = 1024 * 1024; -TUNABLE_INT("hw.cxgbe.eo_max_backlog", &eo_max_backlog); +SYSCTL_INT(_hw_cxgbe, OID_AUTO, eo_max_backlog, CTLFLAG_RDTUN, &eo_max_backlog, + 0, "Maximum backlog of ratelimited data per flow"); #endif /* @@ -179,19 +191,22 @@ TUNABLE_INT("hw.cxgbe.eo_max_backlog", &eo_max_backlog); * 1 and 3-17 (both inclusive) are legal values. */ static int tscale = 1; -TUNABLE_INT("hw.cxgbe.tscale", &tscale); +SYSCTL_INT(_hw_cxgbe, OID_AUTO, tscale, CTLFLAG_RDTUN, &tscale, 0, + "Interrupt holdoff timer scale on T6+"); /* * Number of LRO entries in the lro_ctrl structure per rx queue. */ static int lro_entries = TCP_LRO_ENTRIES; -TUNABLE_INT("hw.cxgbe.lro_entries", &lro_entries); +SYSCTL_INT(_hw_cxgbe, OID_AUTO, lro_entries, CTLFLAG_RDTUN, &lro_entries, 0, + "Number of LRO entries per RX queue"); /* * This enables presorting of frames before they're fed into tcp_lro_rx. */ static int lro_mbufs = 0; -TUNABLE_INT("hw.cxgbe.lro_mbufs", &lro_mbufs); +SYSCTL_INT(_hw_cxgbe, OID_AUTO, lro_mbufs, CTLFLAG_RDTUN, &lro_mbufs, 0, + "Enable presorting of LRO frames"); struct txpkts { u_int wr_type; /* type 0 or type 1 */ @@ -686,8 +701,10 @@ t4_tweak_chip_settings(struct adapter *sc) KASSERT(nitems(sge_flbuf_sizes) <= SGE_FLBUF_SIZES, ("%s: hw buffer size table too big", __func__)); + t4_write_reg(sc, A_SGE_FL_BUFFER_SIZE0, 4096); + t4_write_reg(sc, A_SGE_FL_BUFFER_SIZE1, 65536); for (i = 0; i < min(nitems(sge_flbuf_sizes), SGE_FLBUF_SIZES); i++) { - t4_write_reg(sc, A_SGE_FL_BUFFER_SIZE0 + (4 * i), + t4_write_reg(sc, A_SGE_FL_BUFFER_SIZE15 - (4 * i), sge_flbuf_sizes[i]); } diff --git a/sys/dev/cxgbe/tom/t4_connect.c b/sys/dev/cxgbe/tom/t4_connect.c index 6b377b0e876c..d552b0d426a8 100644 --- a/sys/dev/cxgbe/tom/t4_connect.c +++ b/sys/dev/cxgbe/tom/t4_connect.c @@ -62,6 +62,7 @@ __FBSDID("$FreeBSD$"); #include "common/t4_msg.h" #include "common/t4_regs.h" #include "common/t4_regs_values.h" +#include "t4_clip.h" #include "tom/t4_tom_l2t.h" #include "tom/t4_tom.h" @@ -316,7 +317,6 @@ t4_connect(struct toedev *tod, struct socket *so, struct rtentry *rt, struct sockaddr *nam) { struct adapter *sc = tod->tod_softc; - struct tom_data *td = tod_td(tod); struct toepcb *toep = NULL; struct wrqe *wr = NULL; struct ifnet *rt_ifp = rt->rt_ifp; @@ -409,7 +409,7 @@ t4_connect(struct toedev *tod, struct socket *so, struct rtentry *rt, if ((inp->inp_vflag & INP_IPV6) == 0) DONT_OFFLOAD_ACTIVE_OPEN(ENOTSUP); - toep->ce = hold_lip(td, &inp->in6p_laddr, NULL); + toep->ce = t4_hold_lip(sc, &inp->in6p_laddr, NULL); if (toep->ce == NULL) DONT_OFFLOAD_ACTIVE_OPEN(ENOENT); @@ -496,7 +496,7 @@ failed: if (toep->l2te) t4_l2t_release(toep->l2te); if (toep->ce) - release_lip(td, toep->ce); + t4_release_lip(sc, toep->ce); free_toepcb(toep); } diff --git a/sys/dev/cxgbe/tom/t4_listen.c b/sys/dev/cxgbe/tom/t4_listen.c index 0416ba4417f6..3f5850c96d5a 100644 --- a/sys/dev/cxgbe/tom/t4_listen.c +++ b/sys/dev/cxgbe/tom/t4_listen.c @@ -68,6 +68,7 @@ __FBSDID("$FreeBSD$"); #include "common/common.h" #include "common/t4_msg.h" #include "common/t4_regs.h" +#include "t4_clip.h" #include "tom/t4_tom_l2t.h" #include "tom/t4_tom.h" @@ -212,9 +213,7 @@ alloc_lctx(struct adapter *sc, struct inpcb *inp, struct vi_info *vi) if (inp->inp_vflag & INP_IPV6 && !IN6_ARE_ADDR_EQUAL(&in6addr_any, &inp->in6p_laddr)) { - struct tom_data *td = sc->tom_softc; - - lctx->ce = hold_lip(td, &inp->in6p_laddr, NULL); + lctx->ce = t4_hold_lip(sc, &inp->in6p_laddr, NULL); if (lctx->ce == NULL) { free(lctx, M_CXGBE); return (NULL); @@ -238,7 +237,6 @@ static int free_lctx(struct adapter *sc, struct listen_ctx *lctx) { struct inpcb *inp = lctx->inp; - struct tom_data *td = sc->tom_softc; INP_WLOCK_ASSERT(inp); KASSERT(lctx->refcount == 0, @@ -251,7 +249,7 @@ free_lctx(struct adapter *sc, struct listen_ctx *lctx) __func__, lctx->stid, lctx, lctx->inp); if (lctx->ce) - release_lip(td, lctx->ce); + t4_release_lip(sc, lctx->ce); free_stid(sc, lctx); free(lctx, M_CXGBE); @@ -1675,7 +1673,7 @@ reset: MPASS(so->so_vnet == lctx->vnet); toep->vnet = lctx->vnet; if (inc.inc_flags & INC_ISIPV6) - toep->ce = hold_lip(sc->tom_softc, &inc.inc6_laddr, lctx->ce); + toep->ce = t4_hold_lip(sc, &inc.inc6_laddr, lctx->ce); /* * This is for the unlikely case where the syncache entry that we added diff --git a/sys/dev/cxgbe/tom/t4_tom.c b/sys/dev/cxgbe/tom/t4_tom.c index 1d9adee49427..ec8d5c22478a 100644 --- a/sys/dev/cxgbe/tom/t4_tom.c +++ b/sys/dev/cxgbe/tom/t4_tom.c @@ -71,6 +71,7 @@ __FBSDID("$FreeBSD$"); #include "common/t4_regs.h" #include "common/t4_regs_values.h" #include "common/t4_tcb.h" +#include "t4_clip.h" #include "tom/t4_tom_l2t.h" #include "tom/t4_tom.h" #include "tom/t4_tls.h" @@ -99,21 +100,9 @@ static struct uld_info tom_uld_info = { static void release_offload_resources(struct toepcb *); static int alloc_tid_tabs(struct tid_info *); static void free_tid_tabs(struct tid_info *); -static int add_lip(struct adapter *, struct in6_addr *); -static int delete_lip(struct adapter *, struct in6_addr *); -static struct clip_entry *search_lip(struct tom_data *, struct in6_addr *); -static void init_clip_table(struct adapter *, struct tom_data *); -static void update_clip(struct adapter *, void *); -static void t4_clip_task(void *, int); -static void update_clip_table(struct adapter *, struct tom_data *); -static void destroy_clip_table(struct adapter *, struct tom_data *); static void free_tom_data(struct adapter *, struct tom_data *); static void reclaim_wr_resources(void *, int); -static int in6_ifaddr_gen; -static eventhandler_tag ifaddr_evhandler; -static struct timeout_task clip_task; - struct toepcb * alloc_toepcb(struct vi_info *vi, int txqid, int rxqid, int flags) { @@ -315,7 +304,7 @@ release_offload_resources(struct toepcb *toep) } if (toep->ce) - release_lip(td, toep->ce); + t4_release_lip(sc, toep->ce); if (toep->tc_idx != -1) t4_release_cl_rl(sc, toep->vi->pi->port_id, toep->tc_idx); @@ -822,266 +811,6 @@ failed: return (rc); } -static int -add_lip(struct adapter *sc, struct in6_addr *lip) -{ - struct fw_clip_cmd c; - - ASSERT_SYNCHRONIZED_OP(sc); - /* mtx_assert(&td->clip_table_lock, MA_OWNED); */ - - memset(&c, 0, sizeof(c)); - c.op_to_write = htonl(V_FW_CMD_OP(FW_CLIP_CMD) | F_FW_CMD_REQUEST | - F_FW_CMD_WRITE); - c.alloc_to_len16 = htonl(F_FW_CLIP_CMD_ALLOC | FW_LEN16(c)); - c.ip_hi = *(uint64_t *)&lip->s6_addr[0]; - c.ip_lo = *(uint64_t *)&lip->s6_addr[8]; - - return (-t4_wr_mbox_ns(sc, sc->mbox, &c, sizeof(c), &c)); -} - -static int -delete_lip(struct adapter *sc, struct in6_addr *lip) -{ - struct fw_clip_cmd c; - - ASSERT_SYNCHRONIZED_OP(sc); - /* mtx_assert(&td->clip_table_lock, MA_OWNED); */ - - memset(&c, 0, sizeof(c)); - c.op_to_write = htonl(V_FW_CMD_OP(FW_CLIP_CMD) | F_FW_CMD_REQUEST | - F_FW_CMD_READ); - c.alloc_to_len16 = htonl(F_FW_CLIP_CMD_FREE | FW_LEN16(c)); - c.ip_hi = *(uint64_t *)&lip->s6_addr[0]; - c.ip_lo = *(uint64_t *)&lip->s6_addr[8]; - - return (-t4_wr_mbox_ns(sc, sc->mbox, &c, sizeof(c), &c)); -} - -static struct clip_entry * -search_lip(struct tom_data *td, struct in6_addr *lip) -{ - struct clip_entry *ce; - - mtx_assert(&td->clip_table_lock, MA_OWNED); - - TAILQ_FOREACH(ce, &td->clip_table, link) { - if (IN6_ARE_ADDR_EQUAL(&ce->lip, lip)) - return (ce); - } - - return (NULL); -} - -struct clip_entry * -hold_lip(struct tom_data *td, struct in6_addr *lip, struct clip_entry *ce) -{ - - mtx_lock(&td->clip_table_lock); - if (ce == NULL) - ce = search_lip(td, lip); - if (ce != NULL) - ce->refcount++; - mtx_unlock(&td->clip_table_lock); - - return (ce); -} - -void -release_lip(struct tom_data *td, struct clip_entry *ce) -{ - - mtx_lock(&td->clip_table_lock); - KASSERT(search_lip(td, &ce->lip) == ce, - ("%s: CLIP entry %p p not in CLIP table.", __func__, ce)); - KASSERT(ce->refcount > 0, - ("%s: CLIP entry %p has refcount 0", __func__, ce)); - --ce->refcount; - mtx_unlock(&td->clip_table_lock); -} - -static void -init_clip_table(struct adapter *sc, struct tom_data *td) -{ - - ASSERT_SYNCHRONIZED_OP(sc); - - mtx_init(&td->clip_table_lock, "CLIP table lock", NULL, MTX_DEF); - TAILQ_INIT(&td->clip_table); - td->clip_gen = -1; - - update_clip_table(sc, td); -} - -static void -update_clip(struct adapter *sc, void *arg __unused) -{ - - if (begin_synchronized_op(sc, NULL, HOLD_LOCK, "t4tomuc")) - return; - - if (uld_active(sc, ULD_TOM)) - update_clip_table(sc, sc->tom_softc); - - end_synchronized_op(sc, LOCK_HELD); -} - -static void -t4_clip_task(void *arg, int count) -{ - - t4_iterate(update_clip, NULL); -} - -static void -update_clip_table(struct adapter *sc, struct tom_data *td) -{ - struct rm_priotracker in6_ifa_tracker; - struct in6_ifaddr *ia; - struct in6_addr *lip, tlip; - struct clip_head stale; - struct clip_entry *ce, *ce_temp; - struct vi_info *vi; - int rc, gen, i, j; - uintptr_t last_vnet; - - ASSERT_SYNCHRONIZED_OP(sc); - - IN6_IFADDR_RLOCK(&in6_ifa_tracker); - mtx_lock(&td->clip_table_lock); - - gen = atomic_load_acq_int(&in6_ifaddr_gen); - if (gen == td->clip_gen) - goto done; - - TAILQ_INIT(&stale); - TAILQ_CONCAT(&stale, &td->clip_table, link); - - /* - * last_vnet optimizes the common cases where all if_vnet = NULL (no - * VIMAGE) or all if_vnet = vnet0. - */ - last_vnet = (uintptr_t)(-1); - for_each_port(sc, i) - for_each_vi(sc->port[i], j, vi) { - if (last_vnet == (uintptr_t)vi->ifp->if_vnet) - continue; - - /* XXX: races with if_vmove */ - CURVNET_SET(vi->ifp->if_vnet); - CK_STAILQ_FOREACH(ia, &V_in6_ifaddrhead, ia_link) { - lip = &ia->ia_addr.sin6_addr; - - KASSERT(!IN6_IS_ADDR_MULTICAST(lip), - ("%s: mcast address in in6_ifaddr list", __func__)); - - if (IN6_IS_ADDR_LOOPBACK(lip)) - continue; - if (IN6_IS_SCOPE_EMBED(lip)) { - /* Remove the embedded scope */ - tlip = *lip; - lip = &tlip; - in6_clearscope(lip); - } - /* - * XXX: how to weed out the link local address for the - * loopback interface? It's fe80::1 usually (always?). - */ - - /* - * If it's in the main list then we already know it's - * not stale. - */ - TAILQ_FOREACH(ce, &td->clip_table, link) { - if (IN6_ARE_ADDR_EQUAL(&ce->lip, lip)) - goto next; - } - - /* - * If it's in the stale list we should move it to the - * main list. - */ - TAILQ_FOREACH(ce, &stale, link) { - if (IN6_ARE_ADDR_EQUAL(&ce->lip, lip)) { - TAILQ_REMOVE(&stale, ce, link); - TAILQ_INSERT_TAIL(&td->clip_table, ce, - link); - goto next; - } - } - - /* A new IP6 address; add it to the CLIP table */ - ce = malloc(sizeof(*ce), M_CXGBE, M_NOWAIT); - memcpy(&ce->lip, lip, sizeof(ce->lip)); - ce->refcount = 0; - rc = add_lip(sc, lip); - if (rc == 0) - TAILQ_INSERT_TAIL(&td->clip_table, ce, link); - else { - char ip[INET6_ADDRSTRLEN]; - - inet_ntop(AF_INET6, &ce->lip, &ip[0], - sizeof(ip)); - log(LOG_ERR, "%s: could not add %s (%d)\n", - __func__, ip, rc); - free(ce, M_CXGBE); - } -next: - continue; - } - CURVNET_RESTORE(); - last_vnet = (uintptr_t)vi->ifp->if_vnet; - } - - /* - * Remove stale addresses (those no longer in V_in6_ifaddrhead) that are - * no longer referenced by the driver. - */ - TAILQ_FOREACH_SAFE(ce, &stale, link, ce_temp) { - if (ce->refcount == 0) { - rc = delete_lip(sc, &ce->lip); - if (rc == 0) { - TAILQ_REMOVE(&stale, ce, link); - free(ce, M_CXGBE); - } else { - char ip[INET6_ADDRSTRLEN]; - - inet_ntop(AF_INET6, &ce->lip, &ip[0], - sizeof(ip)); - log(LOG_ERR, "%s: could not delete %s (%d)\n", - __func__, ip, rc); - } - } - } - /* The ones that are still referenced need to stay in the CLIP table */ - TAILQ_CONCAT(&td->clip_table, &stale, link); - - td->clip_gen = gen; -done: - mtx_unlock(&td->clip_table_lock); - IN6_IFADDR_RUNLOCK(&in6_ifa_tracker); -} - -static void -destroy_clip_table(struct adapter *sc, struct tom_data *td) -{ - struct clip_entry *ce, *ce_temp; - - if (mtx_initialized(&td->clip_table_lock)) { - mtx_lock(&td->clip_table_lock); - TAILQ_FOREACH_SAFE(ce, &td->clip_table, link, ce_temp) { - KASSERT(ce->refcount == 0, - ("%s: CLIP entry %p still in use (%d)", __func__, - ce, ce->refcount)); - TAILQ_REMOVE(&td->clip_table, ce, link); - delete_lip(sc, &ce->lip); - free(ce, M_CXGBE); - } - mtx_unlock(&td->clip_table_lock); - mtx_destroy(&td->clip_table_lock); - } -} - static void free_tom_data(struct adapter *sc, struct tom_data *td) { @@ -1094,7 +823,6 @@ free_tom_data(struct adapter *sc, struct tom_data *td) ("%s: lctx hash table is not empty.", __func__)); t4_free_ppod_region(&td->pr); - destroy_clip_table(sc, td); if (td->listen_mask != 0) hashdestroy(td->listen_hash, M_CXGBE, td->listen_mask); @@ -1369,9 +1097,6 @@ t4_tom_activate(struct adapter *sc) t4_set_reg_field(sc, A_ULP_RX_TDDP_TAGMASK, V_TDDPTAGMASK(M_TDDPTAGMASK), td->pr.pr_tag_mask); - /* CLIP table for IPv6 offload */ - init_clip_table(sc, td); - /* toedev ops */ tod = &td->tod; init_toedev(tod); @@ -1449,14 +1174,6 @@ t4_tom_deactivate(struct adapter *sc) return (rc); } -static void -t4_tom_ifaddr_event(void *arg __unused, struct ifnet *ifp) -{ - - atomic_add_rel_int(&in6_ifaddr_gen, 1); - taskqueue_enqueue_timeout(taskqueue_thread, &clip_task, -hz / 4); -} - static int t4_aio_queue_tom(struct socket *so, struct kaiocb *job) { @@ -1524,10 +1241,6 @@ t4_tom_mod_load(void) toe6_protosw.pr_ctloutput = t4_ctloutput_tom; toe6_protosw.pr_usrreqs = &toe6_usrreqs; - TIMEOUT_TASK_INIT(taskqueue_thread, &clip_task, 0, t4_clip_task, NULL); - ifaddr_evhandler = EVENTHANDLER_REGISTER(ifaddr_event, - t4_tom_ifaddr_event, NULL, EVENTHANDLER_PRI_ANY); - return (t4_register_uld(&tom_uld_info)); } @@ -1552,11 +1265,6 @@ t4_tom_mod_unload(void) if (t4_unregister_uld(&tom_uld_info) == EBUSY) return (EBUSY); - if (ifaddr_evhandler) { - EVENTHANDLER_DEREGISTER(ifaddr_event, ifaddr_evhandler); - taskqueue_cancel_timeout(taskqueue_thread, &clip_task, NULL); - } - t4_tls_mod_unload(); t4_ddp_mod_unload(); diff --git a/sys/dev/cxgbe/tom/t4_tom.h b/sys/dev/cxgbe/tom/t4_tom.h index 94ab7142f1bf..44312cde201b 100644 --- a/sys/dev/cxgbe/tom/t4_tom.h +++ b/sys/dev/cxgbe/tom/t4_tom.h @@ -259,13 +259,6 @@ struct listen_ctx { TAILQ_HEAD(, synq_entry) synq; }; -struct clip_entry { - TAILQ_ENTRY(clip_entry) link; - struct in6_addr lip; /* local IPv6 address */ - u_int refcount; -}; - -TAILQ_HEAD(clip_head, clip_entry); struct tom_data { struct toedev tod; @@ -280,10 +273,6 @@ struct tom_data { struct ppod_region pr; - struct mtx clip_table_lock; - struct clip_head clip_table; - int clip_gen; - /* WRs that will not be sent to the chip because L2 resolution failed */ struct mtx unsent_wr_lock; STAILQ_HEAD(, wrqe) unsent_wr_list; @@ -342,9 +331,6 @@ int select_ulp_mode(struct socket *, struct adapter *, struct offload_settings *); void set_ulp_mode(struct toepcb *, int); int negative_advice(int); -struct clip_entry *hold_lip(struct tom_data *, struct in6_addr *, - struct clip_entry *); -void release_lip(struct tom_data *, struct clip_entry *); /* t4_connect.c */ void t4_init_connect_cpl_handlers(void); diff --git a/sys/dev/evdev/evdev_utils.c b/sys/dev/evdev/evdev_utils.c index d4b41e014fd3..14ddb30e9414 100644 --- a/sys/dev/evdev/evdev_utils.c +++ b/sys/dev/evdev/evdev_utils.c @@ -250,12 +250,15 @@ evdev_scancode2key(int *state, int scancode) */ *state = 0; if ((scancode & 0x7f) == 0x1D) - *state = 0x1D; + *state = scancode; return (NONE); /* NOT REACHED */ case 0x1D: /* pause / break */ + case 0x9D: + if ((*state ^ scancode) & 0x80) + return (NONE); *state = 0; - if (scancode != 0x45) + if ((scancode & 0x7f) != 0x45) return (NONE); keycode = KEY_PAUSE; break; diff --git a/sys/dev/extres/clk/clk.c b/sys/dev/extres/clk/clk.c index b319d6751282..100ffd75c952 100644 --- a/sys/dev/extres/clk/clk.c +++ b/sys/dev/extres/clk/clk.c @@ -1297,7 +1297,7 @@ clk_set_assigned_rates(device_t dev, clk_t clk, uint32_t freq) { int rv; - rv = clk_set_freq(clk, freq, 0); + rv = clk_set_freq(clk, freq, CLK_SET_ROUND_DOWN | CLK_SET_ROUND_UP); if (rv != 0) { device_printf(dev, "Failed to set %s to a frequency of %u\n", clk_get_name(clk), freq); @@ -1330,9 +1330,9 @@ clk_set_assigned(device_t dev, phandle_t node) if (nrates <= 0) nrates = 0; - nparents = ofw_bus_parse_xref_list_get_length(node, - "assigned-clock-parents", "#clock-cells", &nparents); - + if (ofw_bus_parse_xref_list_get_length(node, + "assigned-clock-parents", "#clock-cells", &nparents) != 0) + nparents = -1; for (i = 0; i < nclocks; i++) { /* First get the clock we are supposed to modify */ rv = clk_get_by_ofw_index_prop(dev, 0, "assigned-clocks", diff --git a/sys/dev/extres/regulator/regulator_fixed.c b/sys/dev/extres/regulator/regulator_fixed.c index 1362d3a236cc..5c510bf5d321 100644 --- a/sys/dev/extres/regulator/regulator_fixed.c +++ b/sys/dev/extres/regulator/regulator_fixed.c @@ -145,7 +145,6 @@ regnode_fixed_init(struct regnode *regnode) struct regnode_fixed_sc *sc; struct gpiobus_pin *pin; uint32_t flags; - bool enable; int rv; sc = regnode_get_softc(regnode); @@ -158,14 +157,15 @@ regnode_fixed_init(struct regnode *regnode) flags = GPIO_PIN_OUTPUT; if (sc->gpio_open_drain) flags |= GPIO_PIN_OPENDRAIN; - enable = sc->param->boot_on || sc->param->always_on; - if (!sc->param->enable_active_high) - enable = !enable; - rv = GPIO_PIN_SET(pin->dev, pin->pin, enable); - if (rv != 0) { - device_printf(dev, "Cannot set GPIO pin: %d\n", pin->pin); - return (rv); + if (sc->param->boot_on || sc->param->always_on) { + rv = GPIO_PIN_SET(pin->dev, pin->pin, sc->param->enable_active_high); + if (rv != 0) { + device_printf(dev, "Cannot set GPIO pin: %d\n", + pin->pin); + return (rv); + } } + rv = GPIO_PIN_SETFLAGS(pin->dev, pin->pin, flags); if (rv != 0) { device_printf(dev, "Cannot configure GPIO pin: %d\n", pin->pin); diff --git a/sys/dev/iicbus/syr827.c b/sys/dev/iicbus/syr827.c new file mode 100644 index 000000000000..3bd6419d0df8 --- /dev/null +++ b/sys/dev/iicbus/syr827.c @@ -0,0 +1,354 @@ +/*- + * SPDX-License-Identifier: BSD-2-Clause-FreeBSD + * + * Copyright (c) 2016 Jared McNeill <jmcneill@invisible.ca> + * Copyright (c) 2018 Emmanuel Vadot <manu@FreeBSD.org> + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <sys/cdefs.h> +__FBSDID("$FreeBSD$"); + +#include <sys/param.h> +#include <sys/systm.h> +#include <sys/bus.h> +#include <sys/rman.h> +#include <sys/kernel.h> +#include <sys/reboot.h> +#include <sys/module.h> + +#include <dev/iicbus/iicbus.h> +#include <dev/iicbus/iiconf.h> + +#include <dev/ofw/ofw_bus.h> +#include <dev/ofw/ofw_bus_subr.h> + +#include <dev/extres/regulator/regulator.h> + +#include "iicbus_if.h" +#include "regdev_if.h" + +#define VSEL0 0x00 +#define VSEL1 0x01 + +#define VSEL_BUCK_EN (1 << 7) +#define VSEL_NSEL_MASK 0x3F +#define VSEL_VOLTAGE_BASE 712500 /* uV */ +#define VSEL_VOLTAGE_STEP 12500 /* uV */ + +#define ID1 0x03 +#define ID1_VENDOR_MASK 0xE0 +#define ID1_VENDOR_SHIFT 5 +#define ID1_DIE_MASK 0xF + +#define ID2 0x4 +#define ID2_DIE_REV_MASK 0xF + +static struct ofw_compat_data compat_data[] = { + { "silergy,syr827", 1 }, + { NULL, 0 } +}; + +struct syr827_reg_sc { + struct regnode *regnode; + device_t base_dev; + phandle_t xref; + struct regnode_std_param *param; + + int volt_reg; + int suspend_reg; +}; + +struct syr827_softc { + uint16_t addr; + struct intr_config_hook intr_hook; + + /* Regulator */ + struct syr827_reg_sc *reg; +}; + +static int +syr827_read(device_t dev, uint8_t reg, uint8_t *data, uint8_t size) +{ + struct syr827_softc *sc; + struct iic_msg msg[2]; + + sc = device_get_softc(dev); + + msg[0].slave = sc->addr; + msg[0].flags = IIC_M_WR; + msg[0].len = 1; + msg[0].buf = ® + + msg[1].slave = sc->addr; + msg[1].flags = IIC_M_RD; + msg[1].len = size; + msg[1].buf = data; + + return (iicbus_transfer(dev, msg, 2)); +} + +static int +syr827_write(device_t dev, uint8_t reg, uint8_t val) +{ + struct syr827_softc *sc; + struct iic_msg msg; + uint8_t buffer[2]; + + sc = device_get_softc(dev); + + buffer[0] = reg; + buffer[1] = val; + + msg.slave = sc->addr; + msg.flags = IIC_M_WR; + msg.len = 2; + msg.buf = buffer; + + return (iicbus_transfer(dev, &msg, 1)); +} + +static int +syr827_regnode_init(struct regnode *regnode) +{ + return (0); +} + +static int +syr827_regnode_enable(struct regnode *regnode, bool enable, int *udelay) +{ + struct syr827_reg_sc *sc; + uint8_t val; + + sc = regnode_get_softc(regnode); + + syr827_read(sc->base_dev, sc->volt_reg, &val, 1); + if (enable) + val &= ~VSEL_BUCK_EN; + else + val |= VSEL_BUCK_EN; + syr827_write(sc->base_dev, sc->volt_reg, val); + + *udelay = sc->param->ramp_delay; + + return (0); +} + +static int +syr827_regnode_set_voltage(struct regnode *regnode, int min_uvolt, + int max_uvolt, int *udelay) +{ + struct syr827_reg_sc *sc; + int cur_uvolt; + uint8_t val; + + sc = regnode_get_softc(regnode); + + /* Get current voltage */ + syr827_read(sc->base_dev, sc->volt_reg, &val, 1); + cur_uvolt = (val & VSEL_NSEL_MASK) * VSEL_VOLTAGE_STEP + + VSEL_VOLTAGE_BASE; + + /* Set new voltage */ + val &= ~VSEL_NSEL_MASK; + val |= ((min_uvolt - VSEL_VOLTAGE_BASE) / VSEL_VOLTAGE_STEP); + syr827_write(sc->base_dev, sc->volt_reg, val); + + /* Time to delay is based on the number of voltage steps */ + *udelay = sc->param->ramp_delay * + (abs(cur_uvolt - min_uvolt) / VSEL_VOLTAGE_STEP); + + return (0); +} + +static int +syr827_regnode_get_voltage(struct regnode *regnode, int *uvolt) +{ + struct syr827_reg_sc *sc; + uint8_t val; + + sc = regnode_get_softc(regnode); + + syr827_read(sc->base_dev, sc->volt_reg, &val, 1); + *uvolt = (val & VSEL_NSEL_MASK) * VSEL_VOLTAGE_STEP + + VSEL_VOLTAGE_BASE; + + return (0); +} + +static regnode_method_t syr827_regnode_methods[] = { + /* Regulator interface */ + REGNODEMETHOD(regnode_init, syr827_regnode_init), + REGNODEMETHOD(regnode_enable, syr827_regnode_enable), + REGNODEMETHOD(regnode_set_voltage, syr827_regnode_set_voltage), + REGNODEMETHOD(regnode_get_voltage, syr827_regnode_get_voltage), + REGNODEMETHOD_END +}; +DEFINE_CLASS_1(syr827_regnode, syr827_regnode_class, syr827_regnode_methods, + sizeof(struct syr827_reg_sc), regnode_class); + +static struct syr827_reg_sc * +syr827_reg_attach(device_t dev, phandle_t node) +{ + struct syr827_reg_sc *reg_sc; + struct regnode_init_def initdef; + struct regnode *regnode; + int suspend_reg; + + memset(&initdef, 0, sizeof(initdef)); + regulator_parse_ofw_stdparam(dev, node, &initdef); + initdef.id = 0; + initdef.ofw_node = node; + regnode = regnode_create(dev, &syr827_regnode_class, &initdef); + if (regnode == NULL) { + device_printf(dev, "cannot create regulator\n"); + return (NULL); + } + + reg_sc = regnode_get_softc(regnode); + reg_sc->regnode = regnode; + reg_sc->base_dev = dev; + reg_sc->xref = OF_xref_from_node(node); + reg_sc->param = regnode_get_stdparam(regnode); + + if (OF_getencprop(node, "fcs,suspend-voltage-selector", &suspend_reg, + sizeof(uint32_t)) <= 0) + suspend_reg = 0; + + switch (suspend_reg) { + case 0: + reg_sc->suspend_reg = VSEL0; + reg_sc->volt_reg = VSEL1; + break; + case 1: + reg_sc->suspend_reg = VSEL1; + reg_sc->volt_reg = VSEL0; + break; + } + + regnode_register(regnode); + + return (reg_sc); +} + +static int +syr827_regdev_map(device_t dev, phandle_t xref, int ncells, pcell_t *cells, + intptr_t *num) +{ + struct syr827_softc *sc; + + sc = device_get_softc(dev); + + if (sc->reg->xref != xref) + return (ENXIO); + + *num = 0; + + return (0); +} + +static int +syr827_probe(device_t dev) +{ + if (!ofw_bus_status_okay(dev)) + return (ENXIO); + + if (ofw_bus_search_compatible(dev, compat_data)->ocd_data == 0) + return (ENXIO); + + device_set_desc(dev, "Silergy SYR827 regulator"); + + return (BUS_PROBE_DEFAULT); +} + +static void +syr827_start(void *pdev) +{ + struct syr827_softc *sc; + device_t dev; + uint8_t val; + + dev = pdev; + sc = device_get_softc(dev); + + if (bootverbose) { + syr827_read(dev, ID1, &val, 1); + device_printf(dev, "Vendor ID: %x, DIE ID: %x\n", + (val & ID1_VENDOR_MASK) >> ID1_VENDOR_SHIFT, + val & ID1_DIE_MASK); + syr827_read(dev, ID2, &val, 1); + device_printf(dev, "DIE Rev: %x\n", val & ID2_DIE_REV_MASK); + } + + config_intrhook_disestablish(&sc->intr_hook); +} + +static int +syr827_attach(device_t dev) +{ + struct syr827_softc *sc; + phandle_t node; + + sc = device_get_softc(dev); + node = ofw_bus_get_node(dev); + + sc->addr = iicbus_get_addr(dev); + + sc->intr_hook.ich_func = syr827_start; + sc->intr_hook.ich_arg = dev; + + if (config_intrhook_establish(&sc->intr_hook) != 0) + return (ENOMEM); + + sc->reg = syr827_reg_attach(dev, node); + if (sc->reg == NULL) { + device_printf(dev, "cannot attach regulator\n"); + return (ENXIO); + } + + return (0); +} + +static device_method_t syr827_methods[] = { + /* Device interface */ + DEVMETHOD(device_probe, syr827_probe), + DEVMETHOD(device_attach, syr827_attach), + + /* Regdev interface */ + DEVMETHOD(regdev_map, syr827_regdev_map), + + DEVMETHOD_END +}; + +static driver_t syr827_driver = { + "syr827", + syr827_methods, + sizeof(struct syr827_softc), +}; + +static devclass_t syr827_devclass; + +EARLY_DRIVER_MODULE(syr827, iicbus, syr827_driver, syr827_devclass, 0, 0, + BUS_PASS_RESOURCE); +MODULE_VERSION(syr827, 1); +MODULE_DEPEND(syr827, iicbus, 1, 1, 1); diff --git a/sys/dev/ixgbe/ix_txrx.c b/sys/dev/ixgbe/ix_txrx.c index 63a29d69d5f9..45690b2afcf7 100644 --- a/sys/dev/ixgbe/ix_txrx.c +++ b/sys/dev/ixgbe/ix_txrx.c @@ -297,6 +297,8 @@ ixgbe_isc_txd_credits_update(void *arg, uint16_t txqid, bool clear) ntxd = scctx->isc_ntxd[0]; do { delta = (int32_t)cur - (int32_t)prev; + if (prev == 0 && cur == 0) + delta += 1; if (delta < 0) delta += ntxd; diff --git a/sys/dev/ixl/ixl_txrx.c b/sys/dev/ixl/ixl_txrx.c index ec14ab14ee8f..ea215f272d9f 100644 --- a/sys/dev/ixl/ixl_txrx.c +++ b/sys/dev/ixl/ixl_txrx.c @@ -516,7 +516,13 @@ ixl_isc_txd_credits_update_dwb(void *arg, uint16_t txqid, bool clear) ntxd = scctx->isc_ntxd[0]; do { delta = (int32_t)cur - (int32_t)prev; + /* + * XXX This appears to be a hack for first-packet. + * A correct fix would prevent prev == cur in the first place. + */ MPASS(prev == 0 || delta != 0); + if (prev == 0 && cur == 0) + delta += 1; if (delta < 0) delta += ntxd; #if 0 diff --git a/sys/dev/mlx4/device.h b/sys/dev/mlx4/device.h index 9d4c461ada4a..0af8fce5e634 100644 --- a/sys/dev/mlx4/device.h +++ b/sys/dev/mlx4/device.h @@ -877,6 +877,8 @@ struct mlx4_dev { u64 regid_allmulti_array[MLX4_MAX_PORTS + 1]; struct mlx4_vf_dev *dev_vfs; u8 uar_page_shift; + struct sysctl_ctx_list hw_ctx; + char fw_str[64]; }; struct mlx4_clock_params { diff --git a/sys/dev/mlx4/driver.h b/sys/dev/mlx4/driver.h index a12d6a508ef0..9768e56ee1b1 100644 --- a/sys/dev/mlx4/driver.h +++ b/sys/dev/mlx4/driver.h @@ -101,4 +101,7 @@ static inline u64 mlx4_mac_to_u64(const u8 *addr) return mac; } +void mlx4_disable_interrupts(struct mlx4_dev *); +void mlx4_poll_interrupts(struct mlx4_dev *); + #endif /* MLX4_DRIVER_H */ diff --git a/sys/dev/mlx4/mlx4_core/mlx4.h b/sys/dev/mlx4/mlx4_core/mlx4.h index 691cdcef75d3..1d869ca4b6e0 100644 --- a/sys/dev/mlx4/mlx4_core/mlx4.h +++ b/sys/dev/mlx4/mlx4_core/mlx4.h @@ -53,8 +53,8 @@ #define DRV_NAME "mlx4_core" #define PFX DRV_NAME ": " -#define DRV_VERSION "3.4.1" -#define DRV_RELDATE "October 2017" +#define DRV_VERSION "3.5.0" +#define DRV_RELDATE "November 2018" #define MLX4_FS_UDP_UC_EN (1 << 1) #define MLX4_FS_TCP_UC_EN (1 << 2) diff --git a/sys/dev/mlx4/mlx4_core/mlx4_cmd.c b/sys/dev/mlx4/mlx4_core/mlx4_cmd.c index 6f972a0f3da1..36f73822607b 100644 --- a/sys/dev/mlx4/mlx4_core/mlx4_cmd.c +++ b/sys/dev/mlx4/mlx4_core/mlx4_cmd.c @@ -961,6 +961,8 @@ static int mlx4_MAD_IFC_wrapper(struct mlx4_dev *dev, int slave, if (!err && slave != mlx4_master_func_num(dev)) { u8 *state = outsmp->data + PORT_STATE_OFFSET; + if (port < 1 || port > dev->caps.num_ports) + return -EINVAL; *state = (*state & 0xf0) | vf_port_state(dev, port, slave); slave_cap_mask = priv->mfunc.master.slave_state[slave].ib_cap_mask[port]; memcpy(outsmp->data + PORT_CAPABILITY_LOCATION_IN_SMP, &slave_cap_mask, 4); @@ -968,8 +970,12 @@ static int mlx4_MAD_IFC_wrapper(struct mlx4_dev *dev, int slave, return err; } if (smp->attr_id == IB_SMP_ATTR_GUID_INFO) { - __be64 guid = mlx4_get_admin_guid(dev, slave, - port); + __be64 guid; + + if (port < 1 || port > dev->caps.num_ports) + return -EINVAL; + + guid = mlx4_get_admin_guid(dev, slave, port); /* set the PF admin guid to the FW/HW burned * GUID, if it wasn't yet set diff --git a/sys/dev/mlx4/mlx4_core/mlx4_eq.c b/sys/dev/mlx4/mlx4_core/mlx4_eq.c index 5b331f9a34b9..dc23a7afb712 100644 --- a/sys/dev/mlx4/mlx4_core/mlx4_eq.c +++ b/sys/dev/mlx4/mlx4_core/mlx4_eq.c @@ -1535,3 +1535,34 @@ void mlx4_release_eq(struct mlx4_dev *dev, int vec) } EXPORT_SYMBOL(mlx4_release_eq); +void +mlx4_disable_interrupts(struct mlx4_dev *dev) +{ + struct mlx4_priv *priv = container_of(dev, struct mlx4_priv, dev); + int i; + + if (dev->flags & MLX4_FLAG_MSI_X) { + for (i = 0; i < (dev->caps.num_comp_vectors + 1); ++i) + disable_irq(priv->eq_table.eq[i].irq); + } else { + disable_irq(dev->persist->pdev->irq); + } +} +EXPORT_SYMBOL(mlx4_disable_interrupts); + +void +mlx4_poll_interrupts(struct mlx4_dev *dev) +{ + struct mlx4_priv *priv = container_of(dev, struct mlx4_priv, dev); + int i; + + if (dev->flags & MLX4_FLAG_MSI_X) { + for (i = 0; i < (dev->caps.num_comp_vectors + 1); ++i) { + mlx4_msi_x_interrupt(priv->eq_table.eq[i].irq, + priv->eq_table.eq + i); + } + } else { + mlx4_interrupt(dev->persist->pdev->irq, dev); + } +} +EXPORT_SYMBOL(mlx4_poll_interrupts); diff --git a/sys/dev/mlx4/mlx4_core/mlx4_icm.c b/sys/dev/mlx4/mlx4_core/mlx4_icm.c index 3e3b25a0f6b6..f92dfe2e24e6 100644 --- a/sys/dev/mlx4/mlx4_core/mlx4_icm.c +++ b/sys/dev/mlx4/mlx4_core/mlx4_icm.c @@ -411,7 +411,7 @@ int mlx4_init_icm_table(struct mlx4_dev *dev, struct mlx4_icm_table *table, size = (u64) nobj * obj_size; for (i = 0; i * MLX4_TABLE_CHUNK_SIZE < reserved * obj_size; ++i) { chunk_size = MLX4_TABLE_CHUNK_SIZE; - if ((i + 1) * MLX4_TABLE_CHUNK_SIZE > size) + if ((u64) (i + 1) * MLX4_TABLE_CHUNK_SIZE > size) chunk_size = PAGE_ALIGN(size - i * MLX4_TABLE_CHUNK_SIZE); diff --git a/sys/dev/mlx4/mlx4_core/mlx4_intf.c b/sys/dev/mlx4/mlx4_core/mlx4_intf.c index 2791cb1ce717..76dadca00875 100644 --- a/sys/dev/mlx4/mlx4_core/mlx4_intf.c +++ b/sys/dev/mlx4/mlx4_core/mlx4_intf.c @@ -62,8 +62,11 @@ static void mlx4_add_device(struct mlx4_interface *intf, struct mlx4_priv *priv) spin_lock_irq(&priv->ctx_lock); list_add_tail(&dev_ctx->list, &priv->ctx_list); spin_unlock_irq(&priv->ctx_lock); - if (intf->activate) + if (intf->activate) { + CURVNET_SET_QUIET(vnet0); intf->activate(&priv->dev, dev_ctx->context); + CURVNET_RESTORE(); + } } else kfree(dev_ctx); } diff --git a/sys/dev/mlx4/mlx4_core/mlx4_main.c b/sys/dev/mlx4/mlx4_core/mlx4_main.c index dd650033d135..321c3b1f7555 100644 --- a/sys/dev/mlx4/mlx4_core/mlx4_main.c +++ b/sys/dev/mlx4/mlx4_core/mlx4_main.c @@ -121,6 +121,9 @@ MODULE_PARM_DESC(enable_4k_uar, #define RESET_PERSIST_MASK_FLAGS (MLX4_FLAG_SRIOV) +static char mlx4_description[] = "Mellanox driver" + " (" DRV_VERSION ")"; + static char mlx4_version[] = DRV_NAME ": Mellanox ConnectX core driver v" DRV_VERSION " (" DRV_RELDATE ")\n"; @@ -1893,6 +1896,7 @@ static void unmap_internal_clock(struct mlx4_dev *dev) static void mlx4_close_hca(struct mlx4_dev *dev) { + sysctl_ctx_free(&dev->hw_ctx); unmap_internal_clock(dev); unmap_bf_area(dev); if (mlx4_is_slave(dev)) @@ -2208,7 +2212,7 @@ static int mlx4_init_hca(struct mlx4_dev *dev) { struct mlx4_priv *priv = mlx4_priv(dev); struct mlx4_adapter adapter; - struct mlx4_dev_cap dev_cap; + struct mlx4_dev_cap dev_cap = {}; struct mlx4_profile profile; struct mlx4_init_hca_param init_hca; u64 icm_size; @@ -3745,9 +3749,13 @@ err_disable_pdev: static int mlx4_init_one(struct pci_dev *pdev, const struct pci_device_id *id) { - struct mlx4_priv *priv; - struct mlx4_dev *dev; - int ret; + + struct sysctl_ctx_list *ctx; + struct sysctl_oid *node; + struct sysctl_oid_list *node_list; + struct mlx4_priv *priv; + struct mlx4_dev *dev; + int ret; printk_once(KERN_INFO "%s", mlx4_version); @@ -3773,10 +3781,31 @@ static int mlx4_init_one(struct pci_dev *pdev, const struct pci_device_id *id) if (ret) { kfree(dev->persist); kfree(priv); + return ret; } else { + device_set_desc(pdev->dev.bsddev, mlx4_description); pci_save_state(pdev->dev.bsddev); } + snprintf(dev->fw_str, sizeof(dev->fw_str), "%d.%d.%d", + (int) (dev->caps.fw_ver >> 32), + (int) (dev->caps.fw_ver >> 16) & 0xffff, + (int) (dev->caps.fw_ver & 0xffff)); + + ctx = &dev->hw_ctx; + sysctl_ctx_init(ctx); + node = SYSCTL_ADD_NODE(ctx,SYSCTL_CHILDREN(pdev->dev.kobj.oidp), + OID_AUTO, "hw" , CTLFLAG_RD, 0, "mlx4 dev hw information"); + if (node != NULL) { + node_list = SYSCTL_CHILDREN(node); + SYSCTL_ADD_STRING(ctx, node_list, OID_AUTO, + "fw_version", CTLFLAG_RD, dev->fw_str, 0, + "Device firmware version"); + SYSCTL_ADD_STRING(ctx, node_list, OID_AUTO, + "board_id", CTLFLAG_RD, dev->board_id, 0, + "Device board identifier"); + } + return ret; } @@ -3883,6 +3912,13 @@ static void mlx4_remove_one(struct pci_dev *pdev) persist->interface_state |= MLX4_INTERFACE_STATE_DELETION; mutex_unlock(&persist->interface_state_mutex); + /* + * Clear the device description to avoid use after free, + * because the bsddev is not destroyed when this module is + * unloaded: + */ + device_set_desc(pdev->dev.bsddev, NULL); + /* Disabling SR-IOV is not allowed while there are active vf's */ if (mlx4_is_master(dev) && dev->flags & MLX4_FLAG_SRIOV) { active_vfs = mlx4_how_many_lives_vf(dev); diff --git a/sys/dev/mlx4/mlx4_en/en.h b/sys/dev/mlx4/mlx4_en/en.h index b4abecb84c24..fb765a698c6c 100644 --- a/sys/dev/mlx4/mlx4_en/en.h +++ b/sys/dev/mlx4/mlx4_en/en.h @@ -54,6 +54,7 @@ #include <dev/mlx4/cmd.h> #include <netinet/tcp_lro.h> +#include <netinet/netdump/netdump.h> #include "en_port.h" #include <dev/mlx4/stats.h> @@ -74,6 +75,15 @@ #define MAX_RX_RINGS 128 #define MIN_RX_RINGS 4 #define TXBB_SIZE 64 + +#ifndef MLX4_EN_MAX_RX_SEGS +#define MLX4_EN_MAX_RX_SEGS 1 /* or 8 */ +#endif + +#ifndef MLX4_EN_MAX_RX_BYTES +#define MLX4_EN_MAX_RX_BYTES MCLBYTES +#endif + #define HEADROOM (2048 / TXBB_SIZE + 1) #define INIT_OWNER_BIT 0xffffffff #define STAMP_STRIDE 64 @@ -271,10 +281,8 @@ struct mlx4_en_tx_ring { u32 doorbell_qpn; u8 *buf; u16 poll_cnt; - int blocked; struct mlx4_en_tx_info *tx_info; u8 queue_index; - struct buf_ring *br; u32 last_nr_txbb; struct mlx4_qp qp; struct mlx4_qp_context context; @@ -298,10 +306,12 @@ struct mlx4_en_tx_ring { }; struct mlx4_en_rx_desc { - /* actual number of entries depends on rx ring stride */ - struct mlx4_wqe_data_seg data[0]; + struct mlx4_wqe_data_seg data[MLX4_EN_MAX_RX_SEGS]; }; +/* the size of the structure above must be power of two */ +CTASSERT(powerof2(sizeof(struct mlx4_en_rx_desc))); + struct mlx4_en_rx_mbuf { bus_dmamap_t dma_map; struct mbuf *mbuf; @@ -310,7 +320,7 @@ struct mlx4_en_rx_mbuf { struct mlx4_en_rx_spare { bus_dmamap_t dma_map; struct mbuf *mbuf; - u64 paddr_be; + bus_dma_segment_t segs[MLX4_EN_MAX_RX_SEGS]; }; struct mlx4_en_rx_ring { @@ -320,7 +330,6 @@ struct mlx4_en_rx_ring { u32 size ; /* number of Rx descs*/ u32 actual_size; u32 size_mask; - u16 stride; u16 log_stride; u16 cqn; /* index of port CQ associated with this ring */ u32 prod; @@ -328,6 +337,7 @@ struct mlx4_en_rx_ring { u32 buf_size; u8 fcs_del; u32 rx_mb_size; + u32 rx_mr_key_be; int qpn; u8 *buf; struct mlx4_en_rx_mbuf *mbuf; @@ -560,7 +570,6 @@ struct mlx4_en_priv { int registered; int gone; int allocated; - int stride; unsigned char current_mac[ETH_ALEN + 2]; u64 mac; int mac_index; @@ -786,6 +795,7 @@ int mlx4_en_arm_cq(struct mlx4_en_priv *priv, struct mlx4_en_cq *cq); void mlx4_en_tx_irq(struct mlx4_cq *mcq); u16 mlx4_en_select_queue(struct net_device *dev, struct mbuf *mb); +int mlx4_en_xmit(struct mlx4_en_priv *priv, int tx_ind, struct mbuf **mbp); int mlx4_en_transmit(struct ifnet *dev, struct mbuf *m); int mlx4_en_create_tx_ring(struct mlx4_en_priv *priv, struct mlx4_en_tx_ring **pring, @@ -805,8 +815,7 @@ int mlx4_en_create_rx_ring(struct mlx4_en_priv *priv, u32 size, int node); void mlx4_en_destroy_rx_ring(struct mlx4_en_priv *priv, struct mlx4_en_rx_ring **pring, - u32 size, u16 stride); -void mlx4_en_tx_que(void *context, int pending); + u32 size); void mlx4_en_rx_que(void *context, int pending); int mlx4_en_activate_rx_rings(struct mlx4_en_priv *priv); void mlx4_en_deactivate_rx_ring(struct mlx4_en_priv *priv, diff --git a/sys/dev/mlx4/mlx4_en/mlx4_en_cq.c b/sys/dev/mlx4/mlx4_en/mlx4_en_cq.c index f19ce2f1e1ef..1b198778bfdd 100644 --- a/sys/dev/mlx4/mlx4_en/mlx4_en_cq.c +++ b/sys/dev/mlx4/mlx4_en/mlx4_en_cq.c @@ -44,6 +44,10 @@ static void mlx4_en_cq_event(struct mlx4_cq *cq, enum mlx4_event event) return; } +static void mlx4_en_tx_que(void *arg, int pending) +{ + +} int mlx4_en_create_cq(struct mlx4_en_priv *priv, struct mlx4_en_cq **pcq, diff --git a/sys/dev/mlx4/mlx4_en/mlx4_en_netdev.c b/sys/dev/mlx4/mlx4_en/mlx4_en_netdev.c index ca7e0d74e59f..ecddc21bec3b 100644 --- a/sys/dev/mlx4/mlx4_en/mlx4_en_netdev.c +++ b/sys/dev/mlx4/mlx4_en/mlx4_en_netdev.c @@ -53,6 +53,8 @@ #include "en.h" #include "en_port.h" +NETDUMP_DEFINE(mlx4_en); + static void mlx4_en_sysctl_stat(struct mlx4_en_priv *priv); static void mlx4_en_sysctl_conf(struct mlx4_en_priv *priv); @@ -1574,9 +1576,12 @@ static void mlx4_en_restart(struct work_struct *work) if (priv->blocked == 0 || priv->port_up == 0) return; for (i = 0; i < priv->tx_ring_num; i++) { + int watchdog_time; + ring = priv->tx_ring[i]; - if (ring->blocked && - ring->watchdog_time + MLX4_EN_WATCHDOG_TIMEOUT < ticks) + watchdog_time = READ_ONCE(ring->watchdog_time); + if (watchdog_time != 0 && + time_after(ticks, ring->watchdog_time)) goto reset; } return; @@ -1678,7 +1683,7 @@ void mlx4_en_free_resources(struct mlx4_en_priv *priv) for (i = 0; i < priv->rx_ring_num; i++) { if (priv->rx_ring[i]) mlx4_en_destroy_rx_ring(priv, &priv->rx_ring[i], - priv->prof->rx_ring_size, priv->stride); + priv->prof->rx_ring_size); if (priv->rx_cq[i]) mlx4_en_destroy_cq(priv, &priv->rx_cq[i]); } @@ -1729,8 +1734,7 @@ err: for (i = 0; i < priv->rx_ring_num; i++) { if (priv->rx_ring[i]) mlx4_en_destroy_rx_ring(priv, &priv->rx_ring[i], - prof->rx_ring_size, - priv->stride); + prof->rx_ring_size); if (priv->rx_cq[i]) mlx4_en_destroy_cq(priv, &priv->rx_cq[i]); } @@ -2232,9 +2236,6 @@ int mlx4_en_init_netdev(struct mlx4_en_dev *mdev, int port, goto out; } - priv->stride = roundup_pow_of_two(sizeof(struct mlx4_en_rx_desc) + - DS_SIZE); - mlx4_en_sysctl_conf(priv); err = mlx4_en_alloc_resources(priv); @@ -2308,6 +2309,8 @@ int mlx4_en_init_netdev(struct mlx4_en_dev *mdev, int port, ifmedia_add(&priv->media, IFM_ETHER | IFM_AUTO, 0, NULL); ifmedia_set(&priv->media, IFM_ETHER | IFM_AUTO); + NETDUMP_SET(dev, mlx4_en); + en_warn(priv, "Using %d TX rings\n", prof->tx_ring_num); en_warn(priv, "Using %d RX rings\n", prof->rx_ring_num); @@ -2889,3 +2892,54 @@ static void mlx4_en_sysctl_stat(struct mlx4_en_priv *priv) CTLFLAG_RD, &rx_ring->errors, 0, "RX soft errors"); } } + +#ifdef NETDUMP +static void +mlx4_en_netdump_init(struct ifnet *dev, int *nrxr, int *ncl, int *clsize) +{ + struct mlx4_en_priv *priv; + + priv = if_getsoftc(dev); + mutex_lock(&priv->mdev->state_lock); + *nrxr = priv->rx_ring_num; + *ncl = NETDUMP_MAX_IN_FLIGHT; + *clsize = priv->rx_mb_size; + mutex_unlock(&priv->mdev->state_lock); +} + +static void +mlx4_en_netdump_event(struct ifnet *dev, enum netdump_ev event) +{ +} + +static int +mlx4_en_netdump_transmit(struct ifnet *dev, struct mbuf *m) +{ + struct mlx4_en_priv *priv; + int err; + + priv = if_getsoftc(dev); + if ((if_getdrvflags(dev) & (IFF_DRV_RUNNING | IFF_DRV_OACTIVE)) != + IFF_DRV_RUNNING || !priv->link_state) + return (ENOENT); + + err = mlx4_en_xmit(priv, 0, &m); + if (err != 0 && m != NULL) + m_freem(m); + return (err); +} + +static int +mlx4_en_netdump_poll(struct ifnet *dev, int count) +{ + struct mlx4_en_priv *priv; + + priv = if_getsoftc(dev); + if ((if_getdrvflags(dev) & IFF_DRV_RUNNING) == 0 || !priv->link_state) + return (ENOENT); + + mlx4_poll_interrupts(priv->mdev->dev); + + return (0); +} +#endif /* NETDUMP */ diff --git a/sys/dev/mlx4/mlx4_en/mlx4_en_port.c b/sys/dev/mlx4/mlx4_en/mlx4_en_port.c index 4f3b29b5b296..7e8d2c1550e4 100644 --- a/sys/dev/mlx4/mlx4_en/mlx4_en_port.c +++ b/sys/dev/mlx4/mlx4_en/mlx4_en_port.c @@ -256,7 +256,6 @@ int mlx4_en_DUMP_ETH_STATS(struct mlx4_en_dev *mdev, u8 port, u8 reset) priv->pkstats.rx_length_errors = be32_to_cpu(mlx4_en_stats->RdropLength); priv->pkstats.rx_over_errors = be32_to_cpu(mlx4_en_stats->RdropOvflw); priv->pkstats.rx_crc_errors = be32_to_cpu(mlx4_en_stats->RCRC); - priv->pkstats.rx_dropped = be32_to_cpu(mlx4_en_stats->RdropOvflw); priv->pkstats.tx_dropped = be32_to_cpu(mlx4_en_stats->TDROP); /* RX stats */ diff --git a/sys/dev/mlx4/mlx4_en/mlx4_en_rx.c b/sys/dev/mlx4/mlx4_en/mlx4_en_rx.c index 7266cfa83ad6..c9222e1df55c 100644 --- a/sys/dev/mlx4/mlx4_en/mlx4_en_rx.c +++ b/sys/dev/mlx4/mlx4_en/mlx4_en_rx.c @@ -44,14 +44,13 @@ #include "en.h" - +#if (MLX4_EN_MAX_RX_SEGS == 1) static void mlx4_en_init_rx_desc(struct mlx4_en_priv *priv, struct mlx4_en_rx_ring *ring, int index) { - struct mlx4_en_rx_desc *rx_desc = (struct mlx4_en_rx_desc *) - (ring->buf + (ring->stride * index)); - int possible_frags; + struct mlx4_en_rx_desc *rx_desc = + ((struct mlx4_en_rx_desc *)ring->buf) + index; int i; /* Set size and memtype fields */ @@ -63,38 +62,75 @@ static void mlx4_en_init_rx_desc(struct mlx4_en_priv *priv, * stride, remaining (unused) fragments must be padded with * null address/size and a special memory key: */ - possible_frags = (ring->stride - sizeof(struct mlx4_en_rx_desc)) / DS_SIZE; - for (i = 1; i < possible_frags; i++) { + for (i = 1; i < MLX4_EN_MAX_RX_SEGS; i++) { rx_desc->data[i].byte_count = 0; rx_desc->data[i].lkey = cpu_to_be32(MLX4_EN_MEMTYPE_PAD); rx_desc->data[i].addr = 0; } } +#endif + +static inline struct mbuf * +mlx4_en_alloc_mbuf(struct mlx4_en_rx_ring *ring) +{ + struct mbuf *mb; + +#if (MLX4_EN_MAX_RX_SEGS == 1) + mb = m_getjcl(M_NOWAIT, MT_DATA, M_PKTHDR, ring->rx_mb_size); + if (likely(mb != NULL)) + mb->m_pkthdr.len = mb->m_len = ring->rx_mb_size; +#else + mb = m_getjcl(M_NOWAIT, MT_DATA, M_PKTHDR, MLX4_EN_MAX_RX_BYTES); + if (likely(mb != NULL)) { + struct mbuf *mb_head = mb; + int i; + + mb->m_len = MLX4_EN_MAX_RX_BYTES; + mb->m_pkthdr.len = MLX4_EN_MAX_RX_BYTES; + + for (i = 1; i != MLX4_EN_MAX_RX_SEGS; i++) { + if (mb_head->m_pkthdr.len >= ring->rx_mb_size) + break; + mb = (mb->m_next = m_getjcl(M_NOWAIT, MT_DATA, 0, MLX4_EN_MAX_RX_BYTES)); + if (unlikely(mb == NULL)) { + m_freem(mb_head); + return (NULL); + } + mb->m_len = MLX4_EN_MAX_RX_BYTES; + mb_head->m_pkthdr.len += MLX4_EN_MAX_RX_BYTES; + } + /* rewind to first mbuf in chain */ + mb = mb_head; + } +#endif + return (mb); +} static int -mlx4_en_alloc_buf(struct mlx4_en_rx_ring *ring, - __be64 *pdma, struct mlx4_en_rx_mbuf *mb_list) +mlx4_en_alloc_buf(struct mlx4_en_rx_ring *ring, struct mlx4_en_rx_desc *rx_desc, + struct mlx4_en_rx_mbuf *mb_list) { - bus_dma_segment_t segs[1]; + bus_dma_segment_t segs[MLX4_EN_MAX_RX_SEGS]; bus_dmamap_t map; struct mbuf *mb; int nsegs; int err; +#if (MLX4_EN_MAX_RX_SEGS != 1) + int i; +#endif /* try to allocate a new spare mbuf */ if (unlikely(ring->spare.mbuf == NULL)) { - mb = m_getjcl(M_NOWAIT, MT_DATA, M_PKTHDR, ring->rx_mb_size); + mb = mlx4_en_alloc_mbuf(ring); if (unlikely(mb == NULL)) return (-ENOMEM); - /* setup correct length */ - mb->m_pkthdr.len = mb->m_len = ring->rx_mb_size; /* make sure IP header gets aligned */ m_adj(mb, MLX4_NET_IP_ALIGN); /* load spare mbuf into BUSDMA */ err = -bus_dmamap_load_mbuf_sg(ring->dma_tag, ring->spare.dma_map, - mb, segs, &nsegs, BUS_DMA_NOWAIT); + mb, ring->spare.segs, &nsegs, BUS_DMA_NOWAIT); if (unlikely(err != 0)) { m_freem(mb); return (err); @@ -102,8 +138,14 @@ mlx4_en_alloc_buf(struct mlx4_en_rx_ring *ring, /* store spare info */ ring->spare.mbuf = mb; - ring->spare.paddr_be = cpu_to_be64(segs[0].ds_addr); +#if (MLX4_EN_MAX_RX_SEGS != 1) + /* zero remaining segs */ + for (i = nsegs; i != MLX4_EN_MAX_RX_SEGS; i++) { + ring->spare.segs[i].ds_addr = 0; + ring->spare.segs[i].ds_len = 0; + } +#endif bus_dmamap_sync(ring->dma_tag, ring->spare.dma_map, BUS_DMASYNC_PREREAD); } @@ -115,13 +157,10 @@ mlx4_en_alloc_buf(struct mlx4_en_rx_ring *ring, bus_dmamap_unload(ring->dma_tag, mb_list->dma_map); } - mb = m_getjcl(M_NOWAIT, MT_DATA, M_PKTHDR, ring->rx_mb_size); + mb = mlx4_en_alloc_mbuf(ring); if (unlikely(mb == NULL)) goto use_spare; - /* setup correct length */ - mb->m_pkthdr.len = mb->m_len = ring->rx_mb_size; - /* make sure IP header gets aligned */ m_adj(mb, MLX4_NET_IP_ALIGN); @@ -132,7 +171,20 @@ mlx4_en_alloc_buf(struct mlx4_en_rx_ring *ring, goto use_spare; } - *pdma = cpu_to_be64(segs[0].ds_addr); +#if (MLX4_EN_MAX_RX_SEGS == 1) + rx_desc->data[0].addr = cpu_to_be64(segs[0].ds_addr); +#else + for (i = 0; i != nsegs; i++) { + rx_desc->data[i].byte_count = cpu_to_be32(segs[i].ds_len); + rx_desc->data[i].lkey = ring->rx_mr_key_be; + rx_desc->data[i].addr = cpu_to_be64(segs[i].ds_addr); + } + for (; i != MLX4_EN_MAX_RX_SEGS; i++) { + rx_desc->data[i].byte_count = 0; + rx_desc->data[i].lkey = cpu_to_be32(MLX4_EN_MEMTYPE_PAD); + rx_desc->data[i].addr = 0; + } +#endif mb_list->mbuf = mb; bus_dmamap_sync(ring->dma_tag, mb_list->dma_map, BUS_DMASYNC_PREREAD); @@ -149,7 +201,21 @@ use_spare: ring->spare.mbuf = NULL; /* store physical address */ - *pdma = ring->spare.paddr_be; +#if (MLX4_EN_MAX_RX_SEGS == 1) + rx_desc->data[0].addr = cpu_to_be64(ring->spare.segs[0].ds_addr); +#else + for (i = 0; i != MLX4_EN_MAX_RX_SEGS; i++) { + if (ring->spare.segs[i].ds_len != 0) { + rx_desc->data[i].byte_count = cpu_to_be32(ring->spare.segs[i].ds_len); + rx_desc->data[i].lkey = ring->rx_mr_key_be; + rx_desc->data[i].addr = cpu_to_be64(ring->spare.segs[i].ds_addr); + } else { + rx_desc->data[i].byte_count = 0; + rx_desc->data[i].lkey = cpu_to_be32(MLX4_EN_MEMTYPE_PAD); + rx_desc->data[i].addr = 0; + } + } +#endif return (0); } @@ -167,13 +233,13 @@ static int mlx4_en_prepare_rx_desc(struct mlx4_en_priv *priv, struct mlx4_en_rx_ring *ring, int index) { - struct mlx4_en_rx_desc *rx_desc = (struct mlx4_en_rx_desc *) - (ring->buf + (index * ring->stride)); + struct mlx4_en_rx_desc *rx_desc = + ((struct mlx4_en_rx_desc *)ring->buf) + index; struct mlx4_en_rx_mbuf *mb_list = ring->mbuf + index; mb_list->mbuf = NULL; - if (mlx4_en_alloc_buf(ring, &rx_desc->data[0].addr, mb_list)) { + if (mlx4_en_alloc_buf(ring, rx_desc, mb_list)) { priv->port_stats.rx_alloc_failed++; return (-ENOMEM); } @@ -321,7 +387,7 @@ int mlx4_en_create_rx_ring(struct mlx4_en_priv *priv, BUS_SPACE_MAXADDR, /* highaddr */ NULL, NULL, /* filter, filterarg */ MJUM16BYTES, /* maxsize */ - 1, /* nsegments */ + MLX4_EN_MAX_RX_SEGS, /* nsegments */ MJUM16BYTES, /* maxsegsize */ 0, /* flags */ NULL, NULL, /* lockfunc, lockfuncarg */ @@ -334,10 +400,9 @@ int mlx4_en_create_rx_ring(struct mlx4_en_priv *priv, ring->cons = 0; ring->size = size; ring->size_mask = size - 1; - ring->stride = roundup_pow_of_two( - sizeof(struct mlx4_en_rx_desc) + DS_SIZE); - ring->log_stride = ffs(ring->stride) - 1; - ring->buf_size = ring->size * ring->stride + TXBB_SIZE; + + ring->log_stride = ilog2(sizeof(struct mlx4_en_rx_desc)); + ring->buf_size = (ring->size * sizeof(struct mlx4_en_rx_desc)) + TXBB_SIZE; tmp = size * sizeof(struct mlx4_en_rx_mbuf); @@ -398,11 +463,11 @@ err_ring: int mlx4_en_activate_rx_rings(struct mlx4_en_priv *priv) { struct mlx4_en_rx_ring *ring; +#if (MLX4_EN_MAX_RX_SEGS == 1) int i; +#endif int ring_ind; int err; - int stride = roundup_pow_of_two( - sizeof(struct mlx4_en_rx_desc) + DS_SIZE); for (ring_ind = 0; ring_ind < priv->rx_ring_num; ring_ind++) { ring = priv->rx_ring[ring_ind]; @@ -413,8 +478,7 @@ int mlx4_en_activate_rx_rings(struct mlx4_en_priv *priv) ring->cqn = priv->rx_cq[ring_ind]->mcq.cqn; ring->rx_mb_size = priv->rx_mb_size; - ring->stride = stride; - if (ring->stride <= TXBB_SIZE) { + if (sizeof(struct mlx4_en_rx_desc) <= TXBB_SIZE) { /* Stamp first unused send wqe */ __be32 *ptr = (__be32 *)ring->buf; __be32 stamp = cpu_to_be32(1 << STAMP_SHIFT); @@ -423,15 +487,18 @@ int mlx4_en_activate_rx_rings(struct mlx4_en_priv *priv) ring->buf += TXBB_SIZE; } - ring->log_stride = ffs(ring->stride) - 1; - ring->buf_size = ring->size * ring->stride; + ring->log_stride = ilog2(sizeof(struct mlx4_en_rx_desc)); + ring->buf_size = ring->size * sizeof(struct mlx4_en_rx_desc); memset(ring->buf, 0, ring->buf_size); mlx4_en_update_rx_prod_db(ring); +#if (MLX4_EN_MAX_RX_SEGS == 1) /* Initialize all descriptors */ for (i = 0; i < ring->size; i++) mlx4_en_init_rx_desc(priv, ring, i); +#endif + ring->rx_mr_key_be = cpu_to_be32(priv->mdev->mr.key); #ifdef INET /* Configure lro mngr */ @@ -466,7 +533,7 @@ err_buffers: while (ring_ind >= 0) { ring = priv->rx_ring[ring_ind]; - if (ring->stride <= TXBB_SIZE) + if (sizeof(struct mlx4_en_rx_desc) <= TXBB_SIZE) ring->buf -= TXBB_SIZE; ring_ind--; } @@ -477,14 +544,14 @@ err_buffers: void mlx4_en_destroy_rx_ring(struct mlx4_en_priv *priv, struct mlx4_en_rx_ring **pring, - u32 size, u16 stride) + u32 size) { struct mlx4_en_dev *mdev = priv->mdev; struct mlx4_en_rx_ring *ring = *pring; uint32_t x; mlx4_en_unmap_buffer(&ring->wqres.buf); - mlx4_free_hwq_res(mdev->dev, &ring->wqres, size * stride + TXBB_SIZE); + mlx4_free_hwq_res(mdev->dev, &ring->wqres, size * sizeof(struct mlx4_en_rx_desc) + TXBB_SIZE); for (x = 0; x != size; x++) bus_dmamap_destroy(ring->dma_tag, ring->mbuf[x].dma_map); /* free spare mbuf, if any */ @@ -511,7 +578,7 @@ void mlx4_en_deactivate_rx_ring(struct mlx4_en_priv *priv, tcp_lro_free(&ring->lro); #endif mlx4_en_free_rx_buf(priv, ring); - if (ring->stride <= TXBB_SIZE) + if (sizeof(struct mlx4_en_rx_desc) <= TXBB_SIZE) ring->buf -= TXBB_SIZE; } @@ -557,21 +624,61 @@ mlx4_en_rx_mb(struct mlx4_en_priv *priv, struct mlx4_en_rx_ring *ring, struct mlx4_en_rx_desc *rx_desc, struct mlx4_en_rx_mbuf *mb_list, int length) { +#if (MLX4_EN_MAX_RX_SEGS != 1) + struct mbuf *mb_head; +#endif struct mbuf *mb; + /* optimise reception of small packets */ + if (length <= (MHLEN - MLX4_NET_IP_ALIGN) && + (mb = m_gethdr(M_NOWAIT, MT_DATA)) != NULL) { + + /* set packet length */ + mb->m_pkthdr.len = mb->m_len = length; + + /* make sure IP header gets aligned */ + mb->m_data += MLX4_NET_IP_ALIGN; + + bus_dmamap_sync(ring->dma_tag, mb_list->dma_map, + BUS_DMASYNC_POSTREAD); + + bcopy(mtod(mb_list->mbuf, caddr_t), mtod(mb, caddr_t), length); + + return (mb); + } + /* get mbuf */ mb = mb_list->mbuf; /* collect used fragment while atomically replacing it */ - if (mlx4_en_alloc_buf(ring, &rx_desc->data[0].addr, mb_list)) + if (mlx4_en_alloc_buf(ring, rx_desc, mb_list)) return (NULL); /* range check hardware computed value */ - if (unlikely(length > mb->m_len)) - length = mb->m_len; + if (unlikely(length > mb->m_pkthdr.len)) + length = mb->m_pkthdr.len; +#if (MLX4_EN_MAX_RX_SEGS == 1) /* update total packet length in packet header */ mb->m_len = mb->m_pkthdr.len = length; +#else + mb->m_pkthdr.len = length; + for (mb_head = mb; mb != NULL; mb = mb->m_next) { + if (mb->m_len > length) + mb->m_len = length; + length -= mb->m_len; + if (likely(length == 0)) { + if (likely(mb->m_next != NULL)) { + /* trim off empty mbufs */ + m_freem(mb->m_next); + mb->m_next = NULL; + } + break; + } + } + /* rewind to first mbuf in chain */ + mb = mb_head; +#endif return (mb); } @@ -660,8 +767,7 @@ int mlx4_en_process_rx_cq(struct net_device *dev, struct mlx4_en_cq *cq, int bud while (XNOR(cqe->owner_sr_opcode & MLX4_CQE_OWNER_MASK, cons_index & size)) { mb_list = ring->mbuf + index; - rx_desc = (struct mlx4_en_rx_desc *) - (ring->buf + (index << ring->log_stride)); + rx_desc = ((struct mlx4_en_rx_desc *)ring->buf) + index; /* * make sure we read the CQE after we read the ownership bit @@ -830,7 +936,7 @@ static int mlx4_en_config_rss_qp(struct mlx4_en_priv *priv, int qpn, qp->event = mlx4_en_sqp_event; memset(context, 0, sizeof *context); - mlx4_en_fill_qp_context(priv, ring->actual_size, ring->stride, 0, 0, + mlx4_en_fill_qp_context(priv, ring->actual_size, sizeof(struct mlx4_en_rx_desc), 0, 0, qpn, ring->cqn, -1, context); context->db_rec_addr = cpu_to_be64(ring->wqres.db.dma); diff --git a/sys/dev/mlx4/mlx4_en/mlx4_en_tx.c b/sys/dev/mlx4/mlx4_en/mlx4_en_tx.c index a3692712767a..e07964f3225e 100644 --- a/sys/dev/mlx4/mlx4_en/mlx4_en_tx.c +++ b/sys/dev/mlx4/mlx4_en/mlx4_en_tx.c @@ -94,15 +94,6 @@ int mlx4_en_create_tx_ring(struct mlx4_en_priv *priv, mtx_init(&ring->tx_lock.m, "mlx4 tx", NULL, MTX_DEF); mtx_init(&ring->comp_lock.m, "mlx4 comp", NULL, MTX_DEF); - /* Allocate the buf ring */ - ring->br = buf_ring_alloc(MLX4_EN_DEF_TX_QUEUE_SIZE, M_DEVBUF, - M_WAITOK, &ring->tx_lock.m); - if (ring->br == NULL) { - en_err(priv, "Failed allocating tx_info ring\n"); - err = -ENOMEM; - goto err_free_dma_tag; - } - tmp = size * sizeof(struct mlx4_en_tx_info); ring->tx_info = kzalloc_node(tmp, GFP_KERNEL, node); if (!ring->tx_info) { @@ -190,8 +181,6 @@ err_dma_map: err_info: vfree(ring->tx_info); err_ring: - buf_ring_free(ring->br, M_DEVBUF); -err_free_dma_tag: bus_dma_tag_destroy(ring->dma_tag); done: kfree(ring); @@ -206,7 +195,6 @@ void mlx4_en_destroy_tx_ring(struct mlx4_en_priv *priv, uint32_t x; en_dbg(DRV, priv, "Destroying tx ring, qpn: %d\n", ring->qpn); - buf_ring_free(ring->br, M_DEVBUF); if (ring->bf_enabled) mlx4_bf_free(mdev->dev, &ring->bf); mlx4_qp_remove(mdev->dev, &ring->qp); @@ -236,8 +224,8 @@ int mlx4_en_activate_tx_ring(struct mlx4_en_priv *priv, ring->cons = 0xffffffff; ring->last_nr_txbb = 1; ring->poll_cnt = 0; - ring->blocked = 0; memset(ring->buf, 0, ring->buf_size); + ring->watchdog_time = 0; ring->qp_state = MLX4_QP_STATE_RST; ring->doorbell_qpn = ring->qp.qpn << 8; @@ -429,14 +417,6 @@ static int mlx4_en_process_tx_cq(struct net_device *dev, wmb(); ring->cons += txbbs_skipped; - /* Wakeup Tx queue if it was stopped and ring is not full */ - if (unlikely(ring->blocked) && !mlx4_en_tx_ring_is_full(ring)) { - ring->blocked = 0; - if (atomic_fetchadd_int(&priv->blocked, -1) == 1) - atomic_clear_int(&dev->if_drv_flags ,IFF_DRV_OACTIVE); - priv->port_stats.wake_queue++; - ring->wake_queue++; - } return (0); } @@ -648,7 +628,7 @@ static void mlx4_bf_copy(void __iomem *dst, volatile unsigned long *src, unsigne __iowrite64_copy(dst, __DEVOLATILE(void *, src), bytecnt / 8); } -static int mlx4_en_xmit(struct mlx4_en_priv *priv, int tx_ind, struct mbuf **mbp) +int mlx4_en_xmit(struct mlx4_en_priv *priv, int tx_ind, struct mbuf **mbp) { enum { DS_FACT = TXBB_SIZE / DS_SIZE_ALIGNMENT, @@ -682,15 +662,6 @@ static int mlx4_en_xmit(struct mlx4_en_priv *priv, int tx_ind, struct mbuf **mbp /* check if TX ring is full */ if (unlikely(mlx4_en_tx_ring_is_full(ring))) { - /* every full native Tx ring stops queue */ - if (ring->blocked == 0) - atomic_add_int(&priv->blocked, 1); - /* Set HW-queue-is-full flag */ - atomic_set_int(&ifp->if_drv_flags, IFF_DRV_OACTIVE); - priv->port_stats.queue_stopped++; - ring->blocked = 1; - ring->queue_stopped++; - /* Use interrupts to find out when queue opened */ mlx4_en_arm_cq(priv, priv->tx_cq[tx_ind]); return (ENOBUFS); @@ -956,73 +927,28 @@ tx_drop: } static int -mlx4_en_transmit_locked(struct ifnet *dev, int tx_ind, struct mbuf *m) +mlx4_en_transmit_locked(struct ifnet *ifp, int tx_ind, struct mbuf *mb) { - struct mlx4_en_priv *priv = netdev_priv(dev); - struct mlx4_en_tx_ring *ring; - struct mbuf *next; - int enqueued, err = 0; - - ring = priv->tx_ring[tx_ind]; - if ((dev->if_drv_flags & (IFF_DRV_RUNNING | IFF_DRV_OACTIVE)) != - IFF_DRV_RUNNING || priv->port_up == 0) { - if (m != NULL) - err = drbr_enqueue(dev, ring->br, m); - return (err); - } + struct mlx4_en_priv *priv = netdev_priv(ifp); + struct mlx4_en_tx_ring *ring = priv->tx_ring[tx_ind]; + int err = 0; - enqueued = 0; - if (m != NULL) - /* - * If we can't insert mbuf into drbr, try to xmit anyway. - * We keep the error we got so we could return that after xmit. - */ - err = drbr_enqueue(dev, ring->br, m); - - /* Process the queue */ - while ((next = drbr_peek(dev, ring->br)) != NULL) { - if (mlx4_en_xmit(priv, tx_ind, &next) != 0) { - if (next == NULL) { - drbr_advance(dev, ring->br); - } else { - drbr_putback(dev, ring->br, next); - } - break; - } - drbr_advance(dev, ring->br); - enqueued++; - if ((dev->if_drv_flags & IFF_DRV_RUNNING) == 0) - break; + if (unlikely((ifp->if_drv_flags & IFF_DRV_RUNNING) == 0 || + READ_ONCE(priv->port_up) == 0)) { + m_freem(mb); + return (ENETDOWN); } - if (enqueued > 0) - ring->watchdog_time = ticks; - - return (err); -} - -void -mlx4_en_tx_que(void *context, int pending) -{ - struct mlx4_en_tx_ring *ring; - struct mlx4_en_priv *priv; - struct net_device *dev; - struct mlx4_en_cq *cq; - int tx_ind; - cq = context; - dev = cq->dev; - priv = dev->if_softc; - tx_ind = cq->ring; - ring = priv->tx_ring[tx_ind]; - - if (priv->port_up != 0 && - (dev->if_drv_flags & IFF_DRV_RUNNING) != 0) { - mlx4_en_xmit_poll(priv, tx_ind); - spin_lock(&ring->tx_lock); - if (!drbr_empty(dev, ring->br)) - mlx4_en_transmit_locked(dev, tx_ind, NULL); - spin_unlock(&ring->tx_lock); + if (mlx4_en_xmit(priv, tx_ind, &mb) != 0) { + /* NOTE: m_freem() is NULL safe */ + m_freem(mb); + err = ENOBUFS; + if (ring->watchdog_time == 0) + ring->watchdog_time = ticks + MLX4_EN_WATCHDOG_TIMEOUT; + } else { + ring->watchdog_time = 0; } + return (err); } int @@ -1030,7 +956,6 @@ mlx4_en_transmit(struct ifnet *dev, struct mbuf *m) { struct mlx4_en_priv *priv = netdev_priv(dev); struct mlx4_en_tx_ring *ring; - struct mlx4_en_cq *cq; int i, err = 0; if (priv->port_up == 0) { @@ -1047,16 +972,14 @@ mlx4_en_transmit(struct ifnet *dev, struct mbuf *m) } ring = priv->tx_ring[i]; - if (spin_trylock(&ring->tx_lock)) { - err = mlx4_en_transmit_locked(dev, i, m); - spin_unlock(&ring->tx_lock); - /* Poll CQ here */ - mlx4_en_xmit_poll(priv, i); - } else { - err = drbr_enqueue(dev, ring->br, m); - cq = priv->tx_cq[i]; - taskqueue_enqueue(cq->tq, &cq->cq_task); - } + + spin_lock(&ring->tx_lock); + + err = mlx4_en_transmit_locked(dev, i, m); + spin_unlock(&ring->tx_lock); + + /* Poll CQ here */ + mlx4_en_xmit_poll(priv, i); #if __FreeBSD_version >= 1100000 if (unlikely(err != 0)) @@ -1072,18 +995,9 @@ void mlx4_en_qflush(struct ifnet *dev) { struct mlx4_en_priv *priv = netdev_priv(dev); - struct mlx4_en_tx_ring *ring; - struct mbuf *m; if (priv->port_up == 0) return; - for (int i = 0; i < priv->tx_ring_num; i++) { - ring = priv->tx_ring[i]; - spin_lock(&ring->tx_lock); - while ((m = buf_ring_dequeue_sc(ring->br)) != NULL) - m_freem(m); - spin_unlock(&ring->tx_lock); - } if_qflush(dev); } diff --git a/sys/dev/mlx4/mlx4_ib/mlx4_ib_main.c b/sys/dev/mlx4/mlx4_ib/mlx4_ib_main.c index d33750fdb7be..d08e6733b3b3 100644 --- a/sys/dev/mlx4/mlx4_ib/mlx4_ib_main.c +++ b/sys/dev/mlx4/mlx4_ib/mlx4_ib_main.c @@ -64,9 +64,9 @@ #define DRV_NAME MLX4_IB_DRV_NAME #ifndef DRV_VERSION -#define DRV_VERSION "3.4.1" +#define DRV_VERSION "3.5.0" #endif -#define DRV_RELDATE "February 2018" +#define DRV_RELDATE "November 2018" #define MLX4_IB_FLOW_MAX_PRIO 0xFFF #define MLX4_IB_FLOW_QPN_MASK 0xFFFFFF diff --git a/sys/dev/mlx5/device.h b/sys/dev/mlx5/device.h index 07d753cea19d..47e19bfb69d8 100644 --- a/sys/dev/mlx5/device.h +++ b/sys/dev/mlx5/device.h @@ -1034,6 +1034,12 @@ enum mlx5_qcam_feature_groups { #define MLX5_CAP_QCAM_FEATURE(mdev, fld) \ MLX5_GET(qcam_reg, (mdev)->caps.qcam, qos_feature_cap_mask.feature_cap.fld) +#define MLX5_CAP_FPGA(mdev, cap) \ + MLX5_GET(fpga_cap, (mdev)->caps.fpga, cap) + +#define MLX5_CAP64_FPGA(mdev, cap) \ + MLX5_GET64(fpga_cap, (mdev)->caps.fpga, cap) + enum { MLX5_CMD_STAT_OK = 0x0, MLX5_CMD_STAT_INT_ERR = 0x1, diff --git a/sys/dev/mlx5/driver.h b/sys/dev/mlx5/driver.h index 15bcb3cc3ae4..9ef4eeaf7cdd 100644 --- a/sys/dev/mlx5/driver.h +++ b/sys/dev/mlx5/driver.h @@ -40,6 +40,7 @@ #include <linux/slab.h> #include <linux/vmalloc.h> #include <linux/radix-tree.h> +#include <linux/idr.h> #include <dev/mlx5/device.h> #include <dev/mlx5/doorbell.h> @@ -131,6 +132,10 @@ enum { MLX5_REG_DCBX_PARAM = 0x4020, MLX5_REG_DCBX_APP = 0x4021, MLX5_REG_PCAP = 0x5001, + MLX5_REG_FPGA_CAP = 0x4022, + MLX5_REG_FPGA_CTRL = 0x4023, + MLX5_REG_FPGA_ACCESS_REG = 0x4024, + MLX5_REG_FPGA_SHELL_CNTR = 0x4025, MLX5_REG_PMTU = 0x5003, MLX5_REG_PTYS = 0x5004, MLX5_REG_PAOS = 0x5006, @@ -146,6 +151,7 @@ enum { MLX5_REG_PMLP = 0x5002, MLX5_REG_NODE_DESC = 0x6001, MLX5_REG_HOST_ENDIANNESS = 0x7004, + MLX5_REG_MTMP = 0x900a, MLX5_REG_MCIA = 0x9014, MLX5_REG_MPCNT = 0x9051, }; @@ -327,6 +333,11 @@ struct mlx5_traffic_counter { u64 octets; }; +enum mlx5_cmd_mode { + MLX5_CMD_MODE_POLLING, + MLX5_CMD_MODE_EVENTS +}; + struct mlx5_cmd_stats { u64 sum; u64 n; @@ -370,8 +381,9 @@ struct mlx5_cmd { struct workqueue_struct *wq; struct semaphore sem; struct semaphore pages_sem; - int mode; - struct mlx5_cmd_work_ent *ent_arr[MLX5_MAX_COMMANDS]; + enum mlx5_cmd_mode mode; + struct mlx5_cmd_work_ent * volatile ent_arr[MLX5_MAX_COMMANDS]; + volatile enum mlx5_cmd_mode ent_mode[MLX5_MAX_COMMANDS]; struct mlx5_cmd_debug dbg; struct cmd_msg_cache cache; int checksum_disabled; @@ -398,6 +410,13 @@ struct mlx5_buf { u8 load_done; }; +struct mlx5_frag_buf { + struct mlx5_buf_list *frags; + int npages; + int size; + u8 page_shift; +}; + struct mlx5_eq { struct mlx5_core_dev *dev; __be32 __iomem *doorbell; @@ -436,6 +455,20 @@ struct mlx5_core_sig_ctx { u32 sigerr_count; }; +enum { + MLX5_MKEY_MR = 1, + MLX5_MKEY_MW, + MLX5_MKEY_MR_USER, +}; + +struct mlx5_core_mkey { + u64 iova; + u64 size; + u32 key; + u32 pd; + u32 type; +}; + struct mlx5_core_mr { u64 iova; u64 size; @@ -462,8 +495,8 @@ struct mlx5_core_srq { struct mlx5_core_rsc_common common; /* must be first */ u32 srqn; int max; - int max_gs; - int max_avail_gather; + size_t max_gs; + size_t max_avail_gather; int wqe_shift; void (*event)(struct mlx5_core_srq *, int); atomic_t refcount; @@ -639,6 +672,14 @@ enum mlx5_pci_status { MLX5_PCI_STATUS_ENABLED, }; +#define MLX5_MAX_RESERVED_GIDS 8 + +struct mlx5_rsvd_gids { + unsigned int start; + unsigned int count; + struct ida ida; +}; + struct mlx5_special_contexts { int resd_lkey; }; @@ -657,6 +698,7 @@ struct mlx5_core_dev { u32 hca_caps_max[MLX5_CAP_NUM][MLX5_UN_SZ_DW(hca_cap_union)]; struct { u32 qcam[MLX5_ST_SZ_DW(qcam_reg)]; + u32 fpga[MLX5_ST_SZ_DW(fpga_cap)]; } caps; phys_addr_t iseg_base; struct mlx5_init_seg __iomem *iseg; @@ -685,6 +727,14 @@ struct mlx5_core_dev { struct sysctl_ctx_list sysctl_ctx; int msix_eqvec; + + struct { + struct mlx5_rsvd_gids reserved_gids; + atomic_t roce_en; + } roce; +#ifdef CONFIG_MLX5_FPGA + struct mlx5_fpga_device *fpga; +#endif }; enum { @@ -923,7 +973,7 @@ void mlx5_unmap_free_uar(struct mlx5_core_dev *mdev, struct mlx5_uar *uar); void mlx5_health_cleanup(struct mlx5_core_dev *dev); int mlx5_health_init(struct mlx5_core_dev *dev); void mlx5_start_health_poll(struct mlx5_core_dev *dev); -void mlx5_stop_health_poll(struct mlx5_core_dev *dev); +void mlx5_stop_health_poll(struct mlx5_core_dev *dev, bool disable_health); void mlx5_drain_health_wq(struct mlx5_core_dev *dev); void mlx5_drain_health_recovery(struct mlx5_core_dev *dev); void mlx5_trigger_health_work(struct mlx5_core_dev *dev); @@ -984,7 +1034,7 @@ void mlx5_cq_completion(struct mlx5_core_dev *dev, u32 cqn); void mlx5_rsc_event(struct mlx5_core_dev *dev, u32 rsn, int event_type); void mlx5_srq_event(struct mlx5_core_dev *dev, u32 srqn, int event_type); struct mlx5_core_srq *mlx5_core_get_srq(struct mlx5_core_dev *dev, u32 srqn); -void mlx5_cmd_comp_handler(struct mlx5_core_dev *dev, u32 vector); +void mlx5_cmd_comp_handler(struct mlx5_core_dev *dev, u64 vector, enum mlx5_cmd_mode mode); void mlx5_cq_event(struct mlx5_core_dev *dev, u32 cqn, int event_type); int mlx5_create_map_eq(struct mlx5_core_dev *dev, struct mlx5_eq *eq, u8 vecidx, int nent, u64 mask, const char *name, struct mlx5_uar *uar); @@ -1100,6 +1150,11 @@ void *mlx5_get_protocol_dev(struct mlx5_core_dev *mdev, int protocol); int mlx5_register_interface(struct mlx5_interface *intf); void mlx5_unregister_interface(struct mlx5_interface *intf); +unsigned int mlx5_core_reserved_gids_count(struct mlx5_core_dev *dev); +int mlx5_core_roce_gid_set(struct mlx5_core_dev *dev, unsigned int index, + u8 roce_version, u8 roce_l3_type, const u8 *gid, + const u8 *mac, bool vlan, u16 vlan_id); + struct mlx5_profile { u64 mask; u8 log_max_qp; diff --git a/sys/dev/mlx5/mlx5_accel/ipsec.h b/sys/dev/mlx5/mlx5_accel/ipsec.h new file mode 100644 index 000000000000..55008b2bbcf5 --- /dev/null +++ b/sys/dev/mlx5/mlx5_accel/ipsec.h @@ -0,0 +1,139 @@ +/*- + * Copyright (c) 2017 Mellanox Technologies. All rights reserved. + * + * This software is available to you under a choice of one of two + * licenses. You may choose to be licensed under the terms of the GNU + * General Public License (GPL) Version 2, available from the file + * COPYING in the main directory of this source tree, or the + * OpenIB.org BSD license below: + * + * Redistribution and use in source and binary forms, with or + * without modification, are permitted provided that the following + * conditions are met: + * + * - Redistributions of source code must retain the above + * copyright notice, this list of conditions and the following + * disclaimer. + * + * - Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials + * provided with the distribution. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS + * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN + * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + * SOFTWARE. + * + * $FreeBSD$ + */ + +#ifndef __MLX5_ACCEL_IPSEC_H__ +#define __MLX5_ACCEL_IPSEC_H__ + +#ifdef CONFIG_MLX5_ACCEL + +#include <dev/mlx5/driver.h> + +enum { + MLX5_ACCEL_IPSEC_DEVICE = BIT(1), + MLX5_ACCEL_IPSEC_IPV6 = BIT(2), + MLX5_ACCEL_IPSEC_ESP = BIT(3), + MLX5_ACCEL_IPSEC_LSO = BIT(4), +}; + +#define MLX5_IPSEC_SADB_IP_AH BIT(7) +#define MLX5_IPSEC_SADB_IP_ESP BIT(6) +#define MLX5_IPSEC_SADB_SA_VALID BIT(5) +#define MLX5_IPSEC_SADB_SPI_EN BIT(4) +#define MLX5_IPSEC_SADB_DIR_SX BIT(3) +#define MLX5_IPSEC_SADB_IPV6 BIT(2) + +enum { + MLX5_IPSEC_CMD_ADD_SA = 0, + MLX5_IPSEC_CMD_DEL_SA = 1, +}; + +enum mlx5_accel_ipsec_enc_mode { + MLX5_IPSEC_SADB_MODE_NONE = 0, + MLX5_IPSEC_SADB_MODE_AES_GCM_128_AUTH_128 = 1, + MLX5_IPSEC_SADB_MODE_AES_GCM_256_AUTH_128 = 3, +}; + +#define MLX5_IPSEC_DEV(mdev) (mlx5_accel_ipsec_device_caps(mdev) & \ + MLX5_ACCEL_IPSEC_DEVICE) + +struct mlx5_accel_ipsec_sa { + __be32 cmd; + u8 key_enc[32]; + u8 key_auth[32]; + __be32 sip[4]; + __be32 dip[4]; + union { + struct { + __be32 reserved; + u8 salt_iv[8]; + __be32 salt; + } __packed gcm; + struct { + u8 salt[16]; + } __packed cbc; + }; + __be32 spi; + __be32 sw_sa_handle; + __be16 tfclen; + u8 enc_mode; + u8 sip_masklen; + u8 dip_masklen; + u8 flags; + u8 reserved[2]; +} __packed; + +/** + * mlx5_accel_ipsec_sa_cmd_exec - Execute an IPSec SADB command + * @mdev: mlx5 device + * @cmd: command to execute + * May be called from atomic context. Returns context pointer, or error + * Caller must eventually call mlx5_accel_ipsec_sa_cmd_wait from non-atomic + * context, to cleanup the context pointer + */ +void *mlx5_accel_ipsec_sa_cmd_exec(struct mlx5_core_dev *mdev, + struct mlx5_accel_ipsec_sa *cmd); + +/** + * mlx5_accel_ipsec_sa_cmd_wait - Wait for command execution completion + * @context: Context pointer returned from call to mlx5_accel_ipsec_sa_cmd_exec + * Sleeps (killable) until command execution is complete. + * Returns the command result, or -EINTR if killed + */ +int mlx5_accel_ipsec_sa_cmd_wait(void *context); + +u32 mlx5_accel_ipsec_device_caps(struct mlx5_core_dev *mdev); + +unsigned int mlx5_accel_ipsec_counters_count(struct mlx5_core_dev *mdev); +int mlx5_accel_ipsec_counters_read(struct mlx5_core_dev *mdev, u64 *counters, + unsigned int count); + +int mlx5_accel_ipsec_init(struct mlx5_core_dev *mdev); +void mlx5_accel_ipsec_cleanup(struct mlx5_core_dev *mdev); + +#else + +#define MLX5_IPSEC_DEV(mdev) false + +static inline int mlx5_accel_ipsec_init(struct mlx5_core_dev *mdev) +{ + return 0; +} + +static inline void mlx5_accel_ipsec_cleanup(struct mlx5_core_dev *mdev) +{ +} + +#endif + +#endif /* __MLX5_ACCEL_IPSEC_H__ */ diff --git a/sys/dev/mlx5/mlx5_core/mlx5_cmd.c b/sys/dev/mlx5/mlx5_core/mlx5_cmd.c index 1dede310fee1..03d4615de6f5 100644 --- a/sys/dev/mlx5/mlx5_core/mlx5_cmd.c +++ b/sys/dev/mlx5/mlx5_core/mlx5_cmd.c @@ -50,11 +50,6 @@ enum { }; enum { - CMD_MODE_POLLING, - CMD_MODE_EVENTS -}; - -enum { NUM_LONG_LISTS = 2, NUM_MED_LISTS = 64, LONG_LIST_SIZE = (2ULL * 1024 * 1024 * 1024 / PAGE_SIZE) * 8 + 16 + @@ -160,6 +155,8 @@ static int alloc_ent(struct mlx5_cmd_work_ent *ent) ent->busy = 1; ent->idx = ret; clear_bit(ent->idx, &cmd->bitmask); + cmd->ent_mode[ent->idx] = + ent->polling ? MLX5_CMD_MODE_POLLING : MLX5_CMD_MODE_EVENTS; cmd->ent_arr[ent->idx] = ent; } spin_unlock_irqrestore(&cmd->alloc_lock, flags); @@ -172,6 +169,8 @@ static void free_ent(struct mlx5_cmd *cmd, int idx) unsigned long flags; spin_lock_irqsave(&cmd->alloc_lock, flags); + cmd->ent_arr[idx] = NULL; /* safety clear */ + cmd->ent_mode[idx] = MLX5_CMD_MODE_POLLING; /* reset mode */ set_bit(idx, &cmd->bitmask); spin_unlock_irqrestore(&cmd->alloc_lock, flags); } @@ -786,7 +785,7 @@ static void cb_timeout_handler(struct work_struct *work) mlx5_core_warn(dev, "%s(0x%x) timeout. Will cause a leak of a command resource\n", mlx5_command_str(msg_to_opcode(ent->in)), msg_to_opcode(ent->in)); - mlx5_cmd_comp_handler(dev, 1UL << ent->idx); + mlx5_cmd_comp_handler(dev, 1UL << ent->idx, MLX5_CMD_MODE_EVENTS); } static void complete_command(struct mlx5_cmd_work_ent *ent) @@ -897,11 +896,12 @@ static void cmd_work_handler(struct work_struct *work) mlx5_fwp_flush(cmd->cmd_page); iowrite32be(1 << ent->idx, &dev->iseg->cmd_dbell); mmiowb(); - /* if not in polling don't use ent after this point*/ - if (cmd->mode == CMD_MODE_POLLING || poll_cmd) { + + /* if not in polling don't use ent after this point */ + if (poll_cmd) { poll_timeout(ent); /* make sure we read the descriptor after ownership is SW */ - mlx5_cmd_comp_handler(dev, 1U << ent->idx); + mlx5_cmd_comp_handler(dev, 1U << ent->idx, MLX5_CMD_MODE_POLLING); } } @@ -938,15 +938,13 @@ static const char *deliv_status_to_str(u8 status) static int wait_func(struct mlx5_core_dev *dev, struct mlx5_cmd_work_ent *ent) { int timeout = msecs_to_jiffies(MLX5_CMD_TIMEOUT_MSEC); - struct mlx5_cmd *cmd = &dev->cmd; int err; - if (cmd->mode == CMD_MODE_POLLING || ent->polling) { + if (ent->polling) { wait_for_completion(&ent->done); - err = ent->ret; } else if (!wait_for_completion_timeout(&ent->done, timeout)) { ent->ret = -ETIMEDOUT; - mlx5_cmd_comp_handler(dev, 1UL << ent->idx); + mlx5_cmd_comp_handler(dev, 1UL << ent->idx, MLX5_CMD_MODE_EVENTS); } err = ent->ret; @@ -988,7 +986,7 @@ static int mlx5_cmd_invoke(struct mlx5_core_dev *dev, struct mlx5_cmd_msg *in, if (IS_ERR(ent)) return PTR_ERR(ent); - ent->polling = force_polling; + ent->polling = force_polling || (cmd->mode == MLX5_CMD_MODE_POLLING); if (!callback) init_completion(&ent->done); @@ -1158,12 +1156,12 @@ static void mlx5_cmd_change_mod(struct mlx5_core_dev *dev, int mode) void mlx5_cmd_use_events(struct mlx5_core_dev *dev) { - mlx5_cmd_change_mod(dev, CMD_MODE_EVENTS); + mlx5_cmd_change_mod(dev, MLX5_CMD_MODE_EVENTS); } void mlx5_cmd_use_polling(struct mlx5_core_dev *dev) { - mlx5_cmd_change_mod(dev, CMD_MODE_POLLING); + mlx5_cmd_change_mod(dev, MLX5_CMD_MODE_POLLING); } static void free_msg(struct mlx5_core_dev *dev, struct mlx5_cmd_msg *msg) @@ -1179,10 +1177,13 @@ static void free_msg(struct mlx5_core_dev *dev, struct mlx5_cmd_msg *msg) } } -void mlx5_cmd_comp_handler(struct mlx5_core_dev *dev, u32 vector) +void mlx5_cmd_comp_handler(struct mlx5_core_dev *dev, u64 vector_flags, + enum mlx5_cmd_mode cmd_mode) { struct mlx5_cmd *cmd = &dev->cmd; struct mlx5_cmd_work_ent *ent; + bool triggered = (vector_flags & MLX5_TRIGGERED_CMD_COMP) ? 1 : 0; + u32 vector = vector_flags; /* discard flags in the upper dword */ int i; /* make sure data gets read from RAM */ @@ -1191,7 +1192,13 @@ void mlx5_cmd_comp_handler(struct mlx5_core_dev *dev, u32 vector) while (vector != 0) { i = ffs(vector) - 1; vector &= ~(1U << i); + /* check command mode */ + if (cmd->ent_mode[i] != cmd_mode) + continue; ent = cmd->ent_arr[i]; + /* check if command was already handled */ + if (ent == NULL) + continue; if (ent->callback) cancel_delayed_work(&ent->cb_timeout_work); ent->ts2 = ktime_get_ns(); @@ -1206,7 +1213,7 @@ void mlx5_cmd_comp_handler(struct mlx5_core_dev *dev, u32 vector) else ent->ret = 0; ent->status = ent->lay->status_own >> 1; - if (vector & MLX5_TRIGGERED_CMD_COMP) + if (triggered) ent->status = MLX5_DRIVER_STATUS_ABORTED; else ent->status = ent->lay->status_own >> 1; @@ -1543,7 +1550,7 @@ int mlx5_cmd_init(struct mlx5_core_dev *dev) mlx5_core_dbg(dev, "descriptor at dma 0x%llx\n", (unsigned long long)(cmd->dma)); - cmd->mode = CMD_MODE_POLLING; + cmd->mode = MLX5_CMD_MODE_POLLING; err = create_msg_cache(dev); if (err) { diff --git a/sys/dev/mlx5/mlx5_core/mlx5_core.h b/sys/dev/mlx5/mlx5_core/mlx5_core.h index 7e5e0deddc87..61419ca43612 100644 --- a/sys/dev/mlx5/mlx5_core/mlx5_core.h +++ b/sys/dev/mlx5/mlx5_core/mlx5_core.h @@ -34,9 +34,9 @@ #define DRIVER_NAME "mlx5_core" #ifndef DRIVER_VERSION -#define DRIVER_VERSION "3.4.2" +#define DRIVER_VERSION "3.5.0" #endif -#define DRIVER_RELDATE "July 2018" +#define DRIVER_RELDATE "November 2018" extern int mlx5_core_debug_mask; @@ -85,6 +85,9 @@ void mlx5_enter_error_state(struct mlx5_core_dev *dev, bool force); void mlx5_disable_device(struct mlx5_core_dev *dev); void mlx5_recover_device(struct mlx5_core_dev *dev); +int mlx5_register_device(struct mlx5_core_dev *dev); +void mlx5_unregister_device(struct mlx5_core_dev *dev); + void mlx5e_init(void); void mlx5e_cleanup(void); @@ -103,4 +106,6 @@ struct mlx5_crspace_regmap { extern struct pci_driver mlx5_core_driver; +SYSCTL_DECL(_hw_mlx5); + #endif /* __MLX5_CORE_H__ */ diff --git a/sys/dev/mlx5/mlx5_core/mlx5_eq.c b/sys/dev/mlx5/mlx5_core/mlx5_eq.c index faa56515d499..27b791029dfd 100644 --- a/sys/dev/mlx5/mlx5_core/mlx5_eq.c +++ b/sys/dev/mlx5/mlx5_core/mlx5_eq.c @@ -254,8 +254,10 @@ static int mlx5_eq_int(struct mlx5_core_dev *dev, struct mlx5_eq *eq) break; case MLX5_EVENT_TYPE_CMD: - if (dev->state != MLX5_DEVICE_STATE_INTERNAL_ERROR) - mlx5_cmd_comp_handler(dev, be32_to_cpu(eqe->data.cmd.vector)); + if (dev->state != MLX5_DEVICE_STATE_INTERNAL_ERROR) { + mlx5_cmd_comp_handler(dev, be32_to_cpu(eqe->data.cmd.vector), + MLX5_CMD_MODE_EVENTS); + } break; case MLX5_EVENT_TYPE_PORT_CHANGE: diff --git a/sys/dev/mlx5/mlx5_core/mlx5_fs_tree.c b/sys/dev/mlx5/mlx5_core/mlx5_fs_tree.c index d0ffa44387ca..8ae5a46b9e9f 100644 --- a/sys/dev/mlx5/mlx5_core/mlx5_fs_tree.c +++ b/sys/dev/mlx5/mlx5_core/mlx5_fs_tree.c @@ -1601,9 +1601,10 @@ static char *get_dest_name(struct mlx5_flow_destination *dest) case MLX5_FLOW_CONTEXT_DEST_TYPE_TIR: snprintf(name, 20, "dest_%s_%u", "tir", dest->tir_num); return name; + default: + kfree(name); + return NULL; } - - return NULL; } /* assumed fg is locked */ diff --git a/sys/dev/mlx5/mlx5_core/mlx5_health.c b/sys/dev/mlx5/mlx5_core/mlx5_health.c index d7f70e65b92e..3602260bbb4c 100644 --- a/sys/dev/mlx5/mlx5_core/mlx5_health.c +++ b/sys/dev/mlx5/mlx5_core/mlx5_health.c @@ -59,6 +59,11 @@ enum { MLX5_SENSOR_FW_SYND_RFR = 5, }; +static int mlx5_fw_reset_enable = 1; +SYSCTL_INT(_hw_mlx5, OID_AUTO, fw_reset_enable, CTLFLAG_RWTUN, + &mlx5_fw_reset_enable, 0, + "Enable firmware reset"); + static int lock_sem_sw_reset(struct mlx5_core_dev *dev) { int ret; @@ -136,7 +141,7 @@ static void mlx5_trigger_cmd_completions(struct mlx5_core_dev *dev) spin_unlock_irqrestore(&dev->cmd.alloc_lock, flags); mlx5_core_dbg(dev, "vector 0x%jx\n", (uintmax_t)vector); - mlx5_cmd_comp_handler(dev, vector); + mlx5_cmd_comp_handler(dev, vector, MLX5_CMD_MODE_EVENTS); return; no_trig: @@ -180,10 +185,13 @@ static u32 check_fatal_sensors(struct mlx5_core_dev *dev) static void reset_fw_if_needed(struct mlx5_core_dev *dev) { - bool supported = (ioread32be(&dev->iseg->initializing) >> - MLX5_FW_RESET_SUPPORTED_OFFSET) & 1; + bool supported; u32 cmdq_addr, fatal_error; + if (!mlx5_fw_reset_enable) + return; + supported = (ioread32be(&dev->iseg->initializing) >> + MLX5_FW_RESET_SUPPORTED_OFFSET) & 1; if (!supported) return; @@ -269,7 +277,7 @@ void mlx5_enter_error_state(struct mlx5_core_dev *dev, bool force) mlx5_core_err(dev, "system error event triggered\n"); err_state_done: - mlx5_core_event(dev, MLX5_DEV_EVENT_SYS_ERROR, 0); + mlx5_core_event(dev, MLX5_DEV_EVENT_SYS_ERROR, 1); mutex_unlock(&dev->intf_state_mutex); } @@ -516,9 +524,17 @@ void mlx5_start_health_poll(struct mlx5_core_dev *dev) round_jiffies(jiffies + MLX5_HEALTH_POLL_INTERVAL)); } -void mlx5_stop_health_poll(struct mlx5_core_dev *dev) +void mlx5_stop_health_poll(struct mlx5_core_dev *dev, bool disable_health) { struct mlx5_core_health *health = &dev->priv.health; + unsigned long flags; + + if (disable_health) { + spin_lock_irqsave(&health->wq_lock, flags); + set_bit(MLX5_DROP_NEW_HEALTH_WORK, &health->flags); + set_bit(MLX5_DROP_NEW_RECOVERY_WORK, &health->flags); + spin_unlock_irqrestore(&health->wq_lock, flags); + } del_timer_sync(&health->timer); } diff --git a/sys/dev/mlx5/mlx5_core/mlx5_main.c b/sys/dev/mlx5/mlx5_core/mlx5_main.c index df18c11121b3..8c34b92f9e4e 100644 --- a/sys/dev/mlx5/mlx5_core/mlx5_main.c +++ b/sys/dev/mlx5/mlx5_core/mlx5_main.c @@ -41,9 +41,13 @@ #include <dev/mlx5/srq.h> #include <linux/delay.h> #include <dev/mlx5/mlx5_ifc.h> +#include <dev/mlx5/mlx5_fpga/core.h> +#include <dev/mlx5/mlx5_lib/mlx5.h> #include "mlx5_core.h" #include "fs_core.h" +static const char mlx5_version[] = "Mellanox Core driver " + DRIVER_VERSION " (" DRIVER_RELDATE ")"; MODULE_AUTHOR("Eli Cohen <eli@mellanox.com>"); MODULE_DESCRIPTION("Mellanox Connect-IB, ConnectX-4 core driver"); MODULE_LICENSE("Dual BSD/GPL"); @@ -61,6 +65,8 @@ static int prof_sel = MLX5_DEFAULT_PROF; module_param_named(prof_sel, prof_sel, int, 0444); MODULE_PARM_DESC(prof_sel, "profile selector. Valid range 0 - 2"); +SYSCTL_NODE(_hw, OID_AUTO, mlx5, CTLFLAG_RW, 0, "mlx5 HW controls"); + #define NUMA_NO_NODE -1 static LIST_HEAD(intf_list); @@ -730,7 +736,8 @@ static void mlx5_remove_device(struct mlx5_interface *intf, struct mlx5_priv *pr } } -static int mlx5_register_device(struct mlx5_core_dev *dev) +int +mlx5_register_device(struct mlx5_core_dev *dev) { struct mlx5_priv *priv = &dev->priv; struct mlx5_interface *intf; @@ -744,7 +751,8 @@ static int mlx5_register_device(struct mlx5_core_dev *dev) return 0; } -static void mlx5_unregister_device(struct mlx5_core_dev *dev) +void +mlx5_unregister_device(struct mlx5_core_dev *dev) { struct mlx5_priv *priv = &dev->priv; struct mlx5_interface *intf; @@ -908,6 +916,9 @@ static int mlx5_init_once(struct mlx5_core_dev *dev, struct mlx5_priv *priv) mlx5_init_srq_table(dev); mlx5_init_mr_table(dev); + mlx5_init_reserved_gids(dev); + mlx5_fpga_init(dev); + #ifdef RATELIMIT err = mlx5_init_rl_table(dev); if (err) { @@ -937,6 +948,8 @@ static void mlx5_cleanup_once(struct mlx5_core_dev *dev) #ifdef RATELIMIT mlx5_cleanup_rl_table(dev); #endif + mlx5_fpga_cleanup(dev); + mlx5_cleanup_reserved_gids(dev); mlx5_cleanup_mr_table(dev); mlx5_cleanup_srq_table(dev); mlx5_cleanup_qp_table(dev); @@ -1071,6 +1084,12 @@ static int mlx5_load_one(struct mlx5_core_dev *dev, struct mlx5_priv *priv, goto err_free_comp_eqs; } + err = mlx5_fpga_device_start(dev); + if (err) { + dev_err(&pdev->dev, "fpga device start failed %d\n", err); + goto err_fpga_start; + } + err = mlx5_register_device(dev); if (err) { dev_err(&pdev->dev, "mlx5_register_device failed %d\n", err); @@ -1084,6 +1103,7 @@ out: mutex_unlock(&dev->intf_state_mutex); return 0; +err_fpga_start: err_fs: mlx5_cleanup_fs(dev); @@ -1105,7 +1125,7 @@ err_cleanup_once: mlx5_cleanup_once(dev); err_stop_poll: - mlx5_stop_health_poll(dev); + mlx5_stop_health_poll(dev, boot); if (mlx5_cmd_teardown_hca(dev)) { device_printf((&dev->pdev->dev)->bsddev, "ERR: ""tear_down_hca failed, skip cleanup\n"); goto out_err; @@ -1148,6 +1168,7 @@ static int mlx5_unload_one(struct mlx5_core_dev *dev, struct mlx5_priv *priv, mlx5_unregister_device(dev); + mlx5_fpga_device_stop(dev); mlx5_cleanup_fs(dev); unmap_bf_area(dev); mlx5_wait_for_reclaim_vfs_pages(dev); @@ -1157,7 +1178,7 @@ static int mlx5_unload_one(struct mlx5_core_dev *dev, struct mlx5_priv *priv, mlx5_disable_msix(dev); if (cleanup) mlx5_cleanup_once(dev); - mlx5_stop_health_poll(dev); + mlx5_stop_health_poll(dev, cleanup); err = mlx5_cmd_teardown_hca(dev); if (err) { device_printf((&dev->pdev->dev)->bsddev, "ERR: ""tear_down_hca failed, skip cleanup\n"); @@ -1211,13 +1232,16 @@ static int init_one(struct pci_dev *pdev, priv->pci_dev_data = id->driver_data; if (prof_sel < 0 || prof_sel >= ARRAY_SIZE(profiles)) { - printf("mlx5_core: WARN: ""selected profile out of range, selecting default (%d)\n", MLX5_DEFAULT_PROF); + device_printf(bsddev, "WARN: selected profile out of range, selecting default (%d)\n", MLX5_DEFAULT_PROF); prof_sel = MLX5_DEFAULT_PROF; } dev->profile = &profiles[prof_sel]; dev->pdev = pdev; dev->event = mlx5_core_event; + /* Set desc */ + device_set_desc(bsddev, mlx5_version); + sysctl_ctx_init(&dev->sysctl_ctx); SYSCTL_ADD_INT(&dev->sysctl_ctx, SYSCTL_CHILDREN(device_get_sysctl_tree(bsddev)), @@ -1226,38 +1250,38 @@ static int init_one(struct pci_dev *pdev, INIT_LIST_HEAD(&priv->ctx_list); spin_lock_init(&priv->ctx_lock); - mutex_init(&dev->pci_status_mutex); - mutex_init(&dev->intf_state_mutex); + mutex_init(&dev->pci_status_mutex); + mutex_init(&dev->intf_state_mutex); err = mlx5_pci_init(dev, priv); if (err) { - device_printf((&pdev->dev)->bsddev, "ERR: ""mlx5_pci_init failed %d\n", err); + device_printf(bsddev, "ERR: mlx5_pci_init failed %d\n", err); goto clean_dev; } - err = mlx5_health_init(dev); - if (err) { - device_printf((&pdev->dev)->bsddev, "ERR: ""mlx5_health_init failed %d\n", err); - goto close_pci; - } + err = mlx5_health_init(dev); + if (err) { + device_printf(bsddev, "ERR: mlx5_health_init failed %d\n", err); + goto close_pci; + } mlx5_pagealloc_init(dev); err = mlx5_load_one(dev, priv, true); if (err) { - device_printf((&pdev->dev)->bsddev, "ERR: ""mlx5_register_device failed %d\n", err); + device_printf(bsddev, "ERR: mlx5_load_one failed %d\n", err); goto clean_health; } mlx5_fwdump_prep(dev); - pci_save_state(pdev->dev.bsddev); + pci_save_state(bsddev); return 0; clean_health: mlx5_pagealloc_cleanup(dev); - mlx5_health_cleanup(dev); + mlx5_health_cleanup(dev); close_pci: - mlx5_pci_close(dev, priv); + mlx5_pci_close(dev, priv); clean_dev: sysctl_ctx_free(&dev->sysctl_ctx); kfree(dev); @@ -1404,6 +1428,12 @@ static int mlx5_try_fast_unload(struct mlx5_core_dev *dev) return -EAGAIN; } + /* Panic tear down fw command will stop the PCI bus communication + * with the HCA, so the health polll is no longer needed. + */ + mlx5_drain_health_wq(dev); + mlx5_stop_health_poll(dev, false); + err = mlx5_cmd_force_teardown_hca(dev); if (err) { mlx5_core_dbg(dev, "Firmware couldn't do fast unload error: %d\n", err); diff --git a/sys/dev/mlx5/mlx5_core/mlx5_mr.c b/sys/dev/mlx5/mlx5_core/mlx5_mr.c index 4e17e630409f..26da2653537c 100644 --- a/sys/dev/mlx5/mlx5_core/mlx5_mr.c +++ b/sys/dev/mlx5/mlx5_core/mlx5_mr.c @@ -1,5 +1,5 @@ /*- - * Copyright (c) 2013-2017, Mellanox Technologies, Ltd. All rights reserved. + * Copyright (c) 2013-2018, Mellanox Technologies, Ltd. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -30,6 +30,11 @@ #include <dev/mlx5/driver.h> #include "mlx5_core.h" +static int mlx5_relaxed_ordering_write; +SYSCTL_INT(_hw_mlx5, OID_AUTO, relaxed_ordering_write, CTLFLAG_RWTUN, + &mlx5_relaxed_ordering_write, 0, + "Set to enable relaxed ordering for PCIe writes"); + void mlx5_init_mr_table(struct mlx5_core_dev *dev) { struct mlx5_mr_table *table = &dev->priv.mr_table; @@ -63,6 +68,14 @@ int mlx5_core_create_mkey_cb(struct mlx5_core_dev *dev, mkc = MLX5_ADDR_OF(create_mkey_in, in, memory_key_mkey_entry); MLX5_SET(create_mkey_in, in, opcode, MLX5_CMD_OP_CREATE_MKEY); MLX5_SET(mkc, mkc, mkey_7_0, key); + + if (mlx5_relaxed_ordering_write != 0) { + if (MLX5_CAP_GEN(dev, relaxed_ordering_write)) + MLX5_SET(mkc, mkc, relaxed_ordering_write, 1); + else + return (-EPROTONOSUPPORT); + } + if (callback) return mlx5_cmd_exec_cb(dev, in, inlen, out, outlen, callback, context); diff --git a/sys/dev/mlx5/mlx5_core/mlx5_pagealloc.c b/sys/dev/mlx5/mlx5_core/mlx5_pagealloc.c index d20e6479d0f6..0fac6e9d304c 100644 --- a/sys/dev/mlx5/mlx5_core/mlx5_pagealloc.c +++ b/sys/dev/mlx5/mlx5_core/mlx5_pagealloc.c @@ -128,7 +128,7 @@ mlx5_fwp_alloc(struct mlx5_core_dev *dev, gfp_t flags, unsigned num) /* load memory into DMA */ MLX5_DMA_LOCK(dev); - err = bus_dmamap_load( + (void) bus_dmamap_load( dev->cmd.dma_tag, fwp[x].dma_map, fwp[x].virt_addr, MLX5_ADAPTER_PAGE_SIZE, &mlx5_fwp_load_mem_cb, fwp + x, BUS_DMA_WAITOK | BUS_DMA_COHERENT); @@ -153,6 +153,7 @@ failure: bus_dmamem_free(dev->cmd.dma_tag, fwp[x].virt_addr, fwp[x].dma_map); } sx_xunlock(&dev->cmd.dma_sx); + kfree(fwp); return (NULL); } diff --git a/sys/dev/mlx5/mlx5_core/mlx5_port.c b/sys/dev/mlx5/mlx5_core/mlx5_port.c index ae6700a3a994..e56f522105b4 100644 --- a/sys/dev/mlx5/mlx5_core/mlx5_port.c +++ b/sys/dev/mlx5/mlx5_core/mlx5_port.c @@ -1,5 +1,5 @@ /*- - * Copyright (c) 2013-2017, Mellanox Technologies, Ltd. All rights reserved. + * Copyright (c) 2013-2018, Mellanox Technologies, Ltd. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -810,7 +810,7 @@ int mlx5_query_port_cong_params(struct mlx5_core_dev *mdev, int protocol, static int mlx5_query_port_qetcr_reg(struct mlx5_core_dev *mdev, u32 *out, int outlen) { - u32 in[MLX5_ST_SZ_DW(qtct_reg)]; + u32 in[MLX5_ST_SZ_DW(qetc_reg)]; if (!MLX5_CAP_GEN(mdev, ets)) return -ENOTSUPP; @@ -831,7 +831,7 @@ EXPORT_SYMBOL_GPL(mlx5_max_tc); static int mlx5_set_port_qetcr_reg(struct mlx5_core_dev *mdev, u32 *in, int inlen) { - u32 out[MLX5_ST_SZ_DW(qtct_reg)]; + u32 out[MLX5_ST_SZ_DW(qetc_reg)]; if (!MLX5_CAP_GEN(mdev, ets)) return -ENOTSUPP; @@ -932,6 +932,74 @@ int mlx5_set_port_prio_tc(struct mlx5_core_dev *mdev, int prio_index, } EXPORT_SYMBOL_GPL(mlx5_set_port_prio_tc); +int mlx5_set_port_tc_group(struct mlx5_core_dev *mdev, const u8 *tc_group) +{ + u32 in[MLX5_ST_SZ_DW(qetc_reg)] = {}; + int i; + + for (i = 0; i <= mlx5_max_tc(mdev); i++) { + MLX5_SET(qetc_reg, in, tc_configuration[i].g, 1); + MLX5_SET(qetc_reg, in, tc_configuration[i].group, tc_group[i]); + } + + return mlx5_set_port_qetcr_reg(mdev, in, sizeof(in)); +} +EXPORT_SYMBOL_GPL(mlx5_set_port_tc_group); + +int mlx5_query_port_tc_group(struct mlx5_core_dev *mdev, + u8 tc, u8 *tc_group) +{ + u32 out[MLX5_ST_SZ_DW(qetc_reg)]; + void *ets_tcn_conf; + int err; + + err = mlx5_query_port_qetcr_reg(mdev, out, sizeof(out)); + if (err) + return err; + + ets_tcn_conf = MLX5_ADDR_OF(qetc_reg, out, + tc_configuration[tc]); + + *tc_group = MLX5_GET(ets_tcn_config_reg, ets_tcn_conf, + group); + + return 0; +} +EXPORT_SYMBOL_GPL(mlx5_query_port_tc_group); + +int mlx5_set_port_tc_bw_alloc(struct mlx5_core_dev *mdev, const u8 *tc_bw) +{ + u32 in[MLX5_ST_SZ_DW(qetc_reg)] = {}; + int i; + + for (i = 0; i <= mlx5_max_tc(mdev); i++) { + MLX5_SET(qetc_reg, in, tc_configuration[i].b, 1); + MLX5_SET(qetc_reg, in, tc_configuration[i].bw_allocation, tc_bw[i]); + } + + return mlx5_set_port_qetcr_reg(mdev, in, sizeof(in)); +} +EXPORT_SYMBOL_GPL(mlx5_set_port_tc_bw_alloc); + +int mlx5_query_port_tc_bw_alloc(struct mlx5_core_dev *mdev, u8 *bw_pct) +{ + u32 out[MLX5_ST_SZ_DW(qetc_reg)]; + void *ets_tcn_conf; + int err; + int i; + + err = mlx5_query_port_qetcr_reg(mdev, out, sizeof(out)); + if (err) + return err; + + for (i = 0; i <= mlx5_max_tc(mdev); i++) { + ets_tcn_conf = MLX5_ADDR_OF(qetc_reg, out, tc_configuration[i]); + bw_pct[i] = MLX5_GET(ets_tcn_config_reg, ets_tcn_conf, bw_allocation); + } + return 0; +} +EXPORT_SYMBOL_GPL(mlx5_query_port_tc_bw_alloc); + int mlx5_modify_port_cong_params(struct mlx5_core_dev *mdev, void *in, int in_size) { @@ -1078,3 +1146,39 @@ out: kfree(out); return err; } + +int mlx5_query_pddr_range_info(struct mlx5_core_dev *mdev, u8 local_port, u8 *is_er_type) +{ + u32 pddr_reg[MLX5_ST_SZ_DW(pddr_reg)] = {}; + int sz = MLX5_ST_SZ_BYTES(pddr_reg); + int error; + u8 ecc; + u8 ci; + + MLX5_SET(pddr_reg, pddr_reg, local_port, local_port); + MLX5_SET(pddr_reg, pddr_reg, page_select, 3 /* module info page */); + + error = mlx5_core_access_reg(mdev, pddr_reg, sz, pddr_reg, sz, + MLX5_ACCESS_REG_SUMMARY_CTRL_ID_PDDR, 0, 0); + if (error != 0) + return (error); + + ecc = MLX5_GET(pddr_reg, pddr_reg, page_data.pddr_module_info.ethernet_compliance_code); + ci = MLX5_GET(pddr_reg, pddr_reg, page_data.pddr_module_info.cable_identifier); + + switch (ci) { + case 0: /* QSFP28 */ + case 1: /* QSFP+ */ + *is_er_type = 0; + break; + case 2: /* SFP28/SFP+ */ + case 3: /* QSA (QSFP->SFP) */ + *is_er_type = ((ecc & (1 << 7)) != 0); + break; + default: + *is_er_type = 0; + break; + } + return (0); +} +EXPORT_SYMBOL_GPL(mlx5_query_pddr_range_info); diff --git a/sys/dev/mlx5/mlx5_core/mlx5_vport.c b/sys/dev/mlx5/mlx5_core/mlx5_vport.c index f32677da083a..f9e70c8939f4 100644 --- a/sys/dev/mlx5/mlx5_core/mlx5_vport.c +++ b/sys/dev/mlx5/mlx5_core/mlx5_vport.c @@ -222,20 +222,28 @@ int mlx5_query_nic_vport_min_inline(struct mlx5_core_dev *mdev, } EXPORT_SYMBOL_GPL(mlx5_query_nic_vport_min_inline); -void mlx5_query_min_inline(struct mlx5_core_dev *mdev, - u8 *min_inline_mode) +int mlx5_query_min_inline(struct mlx5_core_dev *mdev, + u8 *min_inline_mode) { + int err; + switch (MLX5_CAP_ETH(mdev, wqe_inline_mode)) { case MLX5_CAP_INLINE_MODE_L2: *min_inline_mode = MLX5_INLINE_MODE_L2; + err = 0; break; case MLX5_CAP_INLINE_MODE_VPORT_CONTEXT: - mlx5_query_nic_vport_min_inline(mdev, 0, min_inline_mode); + err = mlx5_query_nic_vport_min_inline(mdev, 0, min_inline_mode); break; case MLX5_CAP_INLINE_MODE_NOT_REQUIRED: *min_inline_mode = MLX5_INLINE_MODE_NONE; + err = 0; + break; + default: + err = -EINVAL; break; } + return err; } EXPORT_SYMBOL_GPL(mlx5_query_min_inline); @@ -1597,8 +1605,8 @@ int mlx5_query_vport_counter(struct mlx5_core_dev *dev, err = mlx5_cmd_exec(dev, in, in_sz, out, out_size); - kvfree(in); ex: + kvfree(in); return err; } EXPORT_SYMBOL_GPL(mlx5_query_vport_counter); diff --git a/sys/dev/mlx5/mlx5_core/wq.h b/sys/dev/mlx5/mlx5_core/wq.h index 01edd5715aa5..13f26b0dd9a1 100644 --- a/sys/dev/mlx5/mlx5_core/wq.h +++ b/sys/dev/mlx5/mlx5_core/wq.h @@ -42,6 +42,12 @@ struct mlx5_wq_ctrl { struct mlx5_db db; }; +struct mlx5_frag_wq_ctrl { + struct mlx5_core_dev *mdev; + struct mlx5_frag_buf frag_buf; + struct mlx5_db db; +}; + struct mlx5_wq_cyc { void *buf; __be32 *db; @@ -49,6 +55,11 @@ struct mlx5_wq_cyc { u8 log_stride; }; +struct mlx5_wq_qp { + struct mlx5_wq_cyc rq; + struct mlx5_wq_cyc sq; +}; + struct mlx5_cqwq { void *buf; __be32 *db; diff --git a/sys/dev/mlx5/mlx5_en/en.h b/sys/dev/mlx5/mlx5_en/en.h index 73f0268ca270..e90acdde1105 100644 --- a/sys/dev/mlx5/mlx5_en/en.h +++ b/sys/dev/mlx5/mlx5_en/en.h @@ -178,7 +178,8 @@ typedef void (mlx5e_cq_comp_t)(struct mlx5_core_cq *); m(+1, u64 tx_csum_offload, "tx_csum_offload", "Transmit checksum offload packets") \ m(+1, u64 tx_queue_dropped, "tx_queue_dropped", "Transmit queue dropped") \ m(+1, u64 tx_defragged, "tx_defragged", "Transmit queue defragged") \ - m(+1, u64 rx_wqe_err, "rx_wqe_err", "Receive WQE errors") + m(+1, u64 rx_wqe_err, "rx_wqe_err", "Receive WQE errors") \ + m(+1, u64 tx_jumbo_packets, "tx_jumbo_packets", "TX packets greater than 1518 octets") #define MLX5E_VPORT_STATS_NUM (0 MLX5E_VPORT_STATS(MLX5E_STATS_COUNT)) @@ -378,9 +379,10 @@ struct mlx5e_port_stats_debug { #define MLX5E_RQ_STATS(m) \ m(+1, u64 packets, "packets", "Received packets") \ + m(+1, u64 bytes, "bytes", "Received bytes") \ m(+1, u64 csum_none, "csum_none", "Received packets") \ - m(+1, u64 lro_packets, "lro_packets", "Received packets") \ - m(+1, u64 lro_bytes, "lro_bytes", "Received packets") \ + m(+1, u64 lro_packets, "lro_packets", "Received LRO packets") \ + m(+1, u64 lro_bytes, "lro_bytes", "Received LRO bytes") \ m(+1, u64 sw_lro_queued, "sw_lro_queued", "Packets queued for SW LRO") \ m(+1, u64 sw_lro_flushed, "sw_lro_flushed", "Packets flushed from SW LRO") \ m(+1, u64 wqe_err, "wqe_err", "Received packets") @@ -395,6 +397,7 @@ struct mlx5e_rq_stats { #define MLX5E_SQ_STATS(m) \ m(+1, u64 packets, "packets", "Transmitted packets") \ + m(+1, u64 bytes, "bytes", "Transmitted bytes") \ m(+1, u64 tso_packets, "tso_packets", "Transmitted packets") \ m(+1, u64 tso_bytes, "tso_bytes", "Transmitted bytes") \ m(+1, u64 csum_offload_none, "csum_offload_none", "Transmitted packets") \ @@ -472,7 +475,6 @@ struct mlx5e_params { m(+1, u64 tx_coalesce_usecs, "tx_coalesce_usecs", "Limit in usec for joining tx packets") \ m(+1, u64 tx_coalesce_pkts, "tx_coalesce_pkts", "Maximum number of tx packets to join") \ m(+1, u64 tx_coalesce_mode, "tx_coalesce_mode", "0: EQE mode 1: CQE mode") \ - m(+1, u64 tx_bufring_disable, "tx_bufring_disable", "0: Enable bufring 1: Disable bufring") \ m(+1, u64 tx_completion_fact, "tx_completion_fact", "1..MAX: Completion event ratio") \ m(+1, u64 tx_completion_fact_max, "tx_completion_fact_max", "Maximum completion event ratio") \ m(+1, u64 hw_lro, "hw_lro", "set to enable hw_lro") \ @@ -492,6 +494,7 @@ struct mlx5e_params_ethtool { u64 arg [0]; MLX5E_PARAMS(MLX5E_STATS_VAR) u64 max_bw_value[IEEE_8021QAZ_MAX_TCS]; + u8 max_bw_share[IEEE_8021QAZ_MAX_TCS]; u8 prio_tc[IEEE_8021QAZ_MAX_TCS]; u8 dscp2prio[MLX5_MAX_SUPPORTED_DSCP]; u8 trust_state; @@ -577,6 +580,11 @@ enum { MLX5E_SQ_FULL }; +struct mlx5e_snd_tag { + struct m_snd_tag m_snd_tag; /* send tag */ + u32 type; /* tag type */ +}; + struct mlx5e_sq { /* data path */ struct mtx lock; @@ -595,7 +603,7 @@ struct mlx5e_sq { #define MLX5E_CEV_STATE_INITIAL 0 /* timer not started */ #define MLX5E_CEV_STATE_SEND_NOPS 1 /* send NOPs */ #define MLX5E_CEV_STATE_HOLD_NOPS 2 /* don't send NOPs yet */ - u16 stopped; /* set if SQ is stopped */ + u16 running; /* set if SQ is running */ struct callout cev_callout; union { u32 d32[2]; @@ -604,8 +612,6 @@ struct mlx5e_sq { struct mlx5e_sq_stats stats; struct mlx5e_cq cq; - struct task sq_task; - struct taskqueue *sq_tq; /* pointers to per packet info: write@xmit, read@completion */ struct mlx5e_sq_mbuf *mbuf; @@ -620,13 +626,14 @@ struct mlx5e_sq { u32 mkey_be; u16 max_inline; u8 min_inline_mode; - u8 vlan_inline_cap; + u8 min_insert_caps; +#define MLX5E_INSERT_VLAN 1 +#define MLX5E_INSERT_NON_VLAN 2 /* control path */ struct mlx5_wq_ctrl wq_ctrl; struct mlx5e_priv *priv; int tc; - unsigned int queue_state; } __aligned(MLX5E_CACHELINE_SIZE); static inline bool @@ -638,11 +645,27 @@ mlx5e_sq_has_room_for(struct mlx5e_sq *sq, u16 n) return ((sq->wq.sz_m1 & (cc - pc)) >= n || cc == pc); } +static inline u32 +mlx5e_sq_queue_level(struct mlx5e_sq *sq) +{ + u16 cc; + u16 pc; + + if (sq == NULL) + return (0); + + cc = sq->cc; + pc = sq->pc; + + return (((sq->wq.sz_m1 & (pc - cc)) * + IF_SND_QUEUE_LEVEL_MAX) / sq->wq.sz_m1); +} + struct mlx5e_channel { /* data path */ struct mlx5e_rq rq; + struct mlx5e_snd_tag tag; struct mlx5e_sq sq[MLX5E_MAX_TX_NUM_TC]; - struct ifnet *ifp; u32 mkey_be; u8 num_tc; @@ -768,8 +791,8 @@ struct mlx5e_priv { u32 pdn; u32 tdn; struct mlx5_core_mr mr; + volatile unsigned int channel_refs; - struct mlx5e_channel *volatile *channel; u32 tisn[MLX5E_MAX_TX_NUM_TC]; u32 rqtn; u32 tirn[MLX5E_NUM_TT]; @@ -794,7 +817,6 @@ struct mlx5e_priv { struct sysctl_oid *sysctl_hw; int sysctl_debug; struct mlx5e_stats stats; - struct sysctl_ctx_list sysctl_ctx_channel_debug; int counter_set_id; struct workqueue_struct *wq; @@ -815,6 +837,8 @@ struct mlx5e_priv { int clbr_curr; struct mlx5e_clbr_point clbr_points[2]; u_int clbr_gen; + + struct mlx5e_channel channel[]; }; #define MLX5E_NET_IP_ALIGN 2 @@ -844,19 +868,6 @@ struct mlx5e_eeprom { u32 *data; }; -/* - * This structure contains rate limit extension to the IEEE 802.1Qaz ETS - * managed object. - * Values are 64 bits long and specified in Kbps to enable usage over both - * slow and very fast networks. - * - * @tc_maxrate: maximal tc tx bandwidth indexed by traffic class - */ -struct ieee_maxrate { - __u64 tc_maxrate[IEEE_8021QAZ_MAX_TCS]; -}; - - #define MLX5E_FLD_MAX(typ, fld) ((1ULL << __mlx5_bit_sz(typ, fld)) - 1ULL) int mlx5e_xmit(struct ifnet *, struct mbuf *); @@ -868,7 +879,6 @@ void mlx5e_cq_error_event(struct mlx5_core_cq *mcq, int event); void mlx5e_rx_cq_comp(struct mlx5_core_cq *); void mlx5e_tx_cq_comp(struct mlx5_core_cq *); struct mlx5_cqe64 *mlx5e_get_cqe(struct mlx5e_cq *cq); -void mlx5e_tx_que(void *context, int pending); int mlx5e_open_flow_table(struct mlx5e_priv *priv); void mlx5e_close_flow_table(struct mlx5e_priv *priv); @@ -921,6 +931,24 @@ mlx5e_cq_arm(struct mlx5e_cq *cq, spinlock_t *dblock) mlx5_cq_arm(mcq, MLX5_CQ_DB_REQ_NOT, mcq->uar->map, dblock, cq->wq.cc); } +static inline void +mlx5e_ref_channel(struct mlx5e_priv *priv) +{ + + KASSERT(priv->channel_refs < INT_MAX, + ("Channel refs will overflow")); + atomic_fetchadd_int(&priv->channel_refs, 1); +} + +static inline void +mlx5e_unref_channel(struct mlx5e_priv *priv) +{ + + KASSERT(priv->channel_refs > 0, + ("Channel refs is not greater than zero")); + atomic_fetchadd_int(&priv->channel_refs, -1); +} + extern const struct ethtool_ops mlx5e_ethtool_ops; void mlx5e_create_ethtool(struct mlx5e_priv *); void mlx5e_create_stats(struct sysctl_ctx_list *, @@ -941,6 +969,7 @@ void mlx5e_drain_sq(struct mlx5e_sq *); void mlx5e_modify_tx_dma(struct mlx5e_priv *priv, uint8_t value); void mlx5e_modify_rx_dma(struct mlx5e_priv *priv, uint8_t value); void mlx5e_resume_sq(struct mlx5e_sq *sq); -u8 mlx5e_params_calculate_tx_min_inline(struct mlx5_core_dev *mdev); +void mlx5e_update_sq_inline(struct mlx5e_sq *sq); +void mlx5e_refresh_sq_inline(struct mlx5e_priv *priv); #endif /* _MLX5_EN_H_ */ diff --git a/sys/dev/mlx5/mlx5_en/en_rl.h b/sys/dev/mlx5/mlx5_en/en_rl.h index 4e2c6c539857..41f71f8da4b8 100644 --- a/sys/dev/mlx5/mlx5_en/en_rl.h +++ b/sys/dev/mlx5/mlx5_en/en_rl.h @@ -129,7 +129,7 @@ struct mlx5e_rl_channel_param { }; struct mlx5e_rl_channel { - struct m_snd_tag m_snd_tag; + struct mlx5e_snd_tag tag; STAILQ_ENTRY(mlx5e_rl_channel) entry; struct mlx5e_sq * volatile sq; struct mlx5e_rl_worker *worker; @@ -166,6 +166,7 @@ struct mlx5e_rl_priv_data { int mlx5e_rl_init(struct mlx5e_priv *priv); void mlx5e_rl_cleanup(struct mlx5e_priv *priv); +void mlx5e_rl_refresh_sq_inline(struct mlx5e_rl_priv_data *rl); if_snd_tag_alloc_t mlx5e_rl_snd_tag_alloc; if_snd_tag_modify_t mlx5e_rl_snd_tag_modify; if_snd_tag_query_t mlx5e_rl_snd_tag_query; diff --git a/sys/dev/mlx5/mlx5_en/mlx5_en_ethtool.c b/sys/dev/mlx5/mlx5_en/mlx5_en_ethtool.c index 85b1fe85617f..e86efa55d688 100644 --- a/sys/dev/mlx5/mlx5_en/mlx5_en_ethtool.c +++ b/sys/dev/mlx5/mlx5_en/mlx5_en_ethtool.c @@ -121,6 +121,29 @@ done: } static int +mlx5e_get_max_alloc(struct mlx5e_priv *priv) +{ + struct mlx5_core_dev *mdev = priv->mdev; + int err; + int x; + + PRIV_LOCK(priv); + err = -mlx5_query_port_tc_bw_alloc(mdev, priv->params_ethtool.max_bw_share); + if (err == 0) { + /* set default value */ + for (x = 0; x != IEEE_8021QAZ_MAX_TCS; x++) { + priv->params_ethtool.max_bw_share[x] = + 100 / IEEE_8021QAZ_MAX_TCS; + } + err = -mlx5_set_port_tc_bw_alloc(mdev, + priv->params_ethtool.max_bw_share); + } + PRIV_UNLOCK(priv); + + return (err); +} + +static int mlx5e_get_dscp(struct mlx5e_priv *priv) { struct mlx5_core_dev *mdev = priv->mdev; @@ -144,56 +167,119 @@ done: return (err); } +static void +mlx5e_tc_get_parameters(struct mlx5e_priv *priv, + u64 *new_bw_value, u8 *max_bw_value, u8 *max_bw_unit) +{ + const u64 upper_limit_mbps = 255 * MLX5E_100MB; + const u64 upper_limit_gbps = 255 * MLX5E_1GB; + u64 temp; + int i; + + memset(max_bw_value, 0, IEEE_8021QAZ_MAX_TCS); + memset(max_bw_unit, 0, IEEE_8021QAZ_MAX_TCS); + + for (i = 0; i <= mlx5_max_tc(priv->mdev); i++) { + temp = (new_bw_value != NULL) ? + new_bw_value[i] : priv->params_ethtool.max_bw_value[i]; + + if (!temp) { + max_bw_unit[i] = MLX5_BW_NO_LIMIT; + } else if (temp > upper_limit_gbps) { + max_bw_unit[i] = MLX5_BW_NO_LIMIT; + } else if (temp <= upper_limit_mbps) { + max_bw_value[i] = howmany(temp, MLX5E_100MB); + max_bw_unit[i] = MLX5_100_MBPS_UNIT; + } else { + max_bw_value[i] = howmany(temp, MLX5E_1GB); + max_bw_unit[i] = MLX5_GBPS_UNIT; + } + } +} + static int mlx5e_tc_maxrate_handler(SYSCTL_HANDLER_ARGS) { struct mlx5e_priv *priv = arg1; - int prio_index = arg2; struct mlx5_core_dev *mdev = priv->mdev; u8 max_bw_unit[IEEE_8021QAZ_MAX_TCS]; u8 max_bw_value[IEEE_8021QAZ_MAX_TCS]; - int i, err; - u64 bw_val; - u64 result = priv->params_ethtool.max_bw_value[prio_index]; - const u64 upper_limit_mbps = 255 * MLX5E_100MB; - const u64 upper_limit_gbps = 255 * MLX5E_1GB; + u64 new_bw_value[IEEE_8021QAZ_MAX_TCS]; + u8 max_rates = mlx5_max_tc(mdev) + 1; + u8 x; + int err; PRIV_LOCK(priv); - err = sysctl_handle_64(oidp, &result, 0, req); - if (err || !req->newptr || - result == priv->params_ethtool.max_bw_value[prio_index]) + err = SYSCTL_OUT(req, priv->params_ethtool.max_bw_value, + sizeof(priv->params_ethtool.max_bw_value[0]) * max_rates); + if (err || !req->newptr) goto done; - - if (result % MLX5E_100MB) { - err = ERANGE; + err = SYSCTL_IN(req, new_bw_value, + sizeof(new_bw_value[0]) * max_rates); + if (err) goto done; + + /* range check input value */ + for (x = 0; x != max_rates; x++) { + if (new_bw_value[x] % MLX5E_100MB) { + err = ERANGE; + goto done; + } } - memset(max_bw_value, 0, sizeof(max_bw_value)); - memset(max_bw_unit, 0, sizeof(max_bw_unit)); + mlx5e_tc_get_parameters(priv, new_bw_value, max_bw_value, max_bw_unit); - for (i = 0; i <= mlx5_max_tc(mdev); i++) { - bw_val = (i == prio_index) ? result : priv->params_ethtool.max_bw_value[i]; + err = -mlx5_modify_port_tc_rate_limit(mdev, max_bw_value, max_bw_unit); + if (err) + goto done; - if (!bw_val) { - max_bw_unit[i] = MLX5_BW_NO_LIMIT; - } else if (bw_val > upper_limit_gbps) { - result = 0; - max_bw_unit[i] = MLX5_BW_NO_LIMIT; - } else if (bw_val <= upper_limit_mbps) { - max_bw_value[i] = howmany(bw_val, MLX5E_100MB); - max_bw_unit[i] = MLX5_100_MBPS_UNIT; - } else { - max_bw_value[i] = howmany(bw_val, MLX5E_1GB); - max_bw_unit[i] = MLX5_GBPS_UNIT; + memcpy(priv->params_ethtool.max_bw_value, new_bw_value, + sizeof(priv->params_ethtool.max_bw_value)); +done: + PRIV_UNLOCK(priv); + return (err); +} + +static int +mlx5e_tc_rate_share_handler(SYSCTL_HANDLER_ARGS) +{ + struct mlx5e_priv *priv = arg1; + struct mlx5_core_dev *mdev = priv->mdev; + u8 max_bw_share[IEEE_8021QAZ_MAX_TCS]; + u8 max_rates = mlx5_max_tc(mdev) + 1; + int i; + int err; + int sum; + + PRIV_LOCK(priv); + err = SYSCTL_OUT(req, priv->params_ethtool.max_bw_share, max_rates); + if (err || !req->newptr) + goto done; + err = SYSCTL_IN(req, max_bw_share, max_rates); + if (err) + goto done; + + /* range check input value */ + for (sum = i = 0; i != max_rates; i++) { + if (max_bw_share[i] < 1 || max_bw_share[i] > 100) { + err = ERANGE; + goto done; } + sum += max_bw_share[i]; } - err = -mlx5_modify_port_tc_rate_limit(mdev, max_bw_value, max_bw_unit); + /* sum of values should be as close to 100 as possible */ + if (sum < (100 - max_rates + 1) || sum > 100) { + err = ERANGE; + goto done; + } + + err = -mlx5_set_port_tc_bw_alloc(mdev, max_bw_share); if (err) goto done; - priv->params_ethtool.max_bw_value[prio_index] = result; + memcpy(priv->params_ethtool.max_bw_share, max_bw_share, + sizeof(priv->params_ethtool.max_bw_share)); done: PRIV_UNLOCK(priv); return (err); @@ -217,7 +303,6 @@ mlx5e_get_prio_tc(struct mlx5e_priv *priv) if (err) break; } - PRIV_UNLOCK(priv); return (err); } @@ -229,9 +314,10 @@ mlx5e_prio_to_tc_handler(SYSCTL_HANDLER_ARGS) int prio_index = arg2; struct mlx5_core_dev *mdev = priv->mdev; int err; - uint8_t result = priv->params_ethtool.prio_tc[prio_index]; + uint8_t result; PRIV_LOCK(priv); + result = priv->params_ethtool.prio_tc[prio_index]; err = sysctl_handle_8(oidp, &result, 0, req); if (err || !req->newptr || result == priv->params_ethtool.prio_tc[prio_index]) @@ -288,6 +374,12 @@ mlx5e_trust_state_handler(SYSCTL_HANDLER_ARGS) goto done; priv->params_ethtool.trust_state = result; + + /* update inline mode */ + mlx5e_refresh_sq_inline(priv); +#ifdef RATELIMIT + mlx5e_rl_refresh_sq_inline(&priv->rl); +#endif done: PRIV_UNLOCK(priv); return (err); @@ -577,21 +669,24 @@ mlx5e_ethtool_handler(SYSCTL_HANDLER_ARGS) mlx5e_close_locked(priv->ifp); /* import HW LRO mode */ - if (priv->params_ethtool.hw_lro != 0) { - if ((priv->ifp->if_capenable & IFCAP_LRO) && - MLX5_CAP_ETH(priv->mdev, lro_cap)) { - priv->params.hw_lro_en = 1; - priv->params_ethtool.hw_lro = 1; + if (priv->params_ethtool.hw_lro != 0 && + MLX5_CAP_ETH(priv->mdev, lro_cap)) { + priv->params_ethtool.hw_lro = 1; + /* check if feature should actually be enabled */ + if (priv->ifp->if_capenable & IFCAP_LRO) { + priv->params.hw_lro_en = true; } else { - priv->params.hw_lro_en = 0; - priv->params_ethtool.hw_lro = 0; - error = EINVAL; + priv->params.hw_lro_en = false; - if_printf(priv->ifp, "Can't enable HW LRO: " - "The HW or SW LRO feature is disabled\n"); + if_printf(priv->ifp, "To enable HW LRO " + "please also enable LRO via ifconfig(8).\n"); } } else { - priv->params.hw_lro_en = 0; + /* return an error if HW does not support this feature */ + if (priv->params_ethtool.hw_lro != 0) + error = EINVAL; + priv->params.hw_lro_en = false; + priv->params_ethtool.hw_lro = 0; } /* restart network interface, if any */ if (was_opened) @@ -617,18 +712,6 @@ mlx5e_ethtool_handler(SYSCTL_HANDLER_ARGS) mlx5e_open_locked(priv->ifp); break; - case MLX5_PARAM_OFFSET(tx_bufring_disable): - /* rangecheck input value */ - priv->params_ethtool.tx_bufring_disable = - priv->params_ethtool.tx_bufring_disable ? 1 : 0; - - /* reconfigure the sendqueues, if any */ - if (was_opened) { - mlx5e_close_locked(priv->ifp); - mlx5e_open_locked(priv->ifp); - } - break; - case MLX5_PARAM_OFFSET(tx_completion_fact): /* network interface must be down */ if (was_opened) @@ -955,7 +1038,7 @@ mlx5e_ethtool_debug_channel_info(SYSCTL_HANDLER_ARGS) if (test_bit(MLX5E_STATE_OPENED, &priv->state) == 0) goto out; for (i = 0; i < priv->params.num_channels; i++) { - c = priv->channel[i]; + c = &priv->channel[i]; rq = &c->rq; sbuf_printf(&sb, "channel %d rq %d cq %d\n", c->ix, rq->rqn, rq->cq.mcq.cqn); @@ -976,33 +1059,34 @@ static int mlx5e_ethtool_debug_stats(SYSCTL_HANDLER_ARGS) { struct mlx5e_priv *priv = arg1; - int error, sys_debug; + int sys_debug; + int error; + PRIV_LOCK(priv); sys_debug = priv->sysctl_debug; - error = sysctl_handle_int(oidp, &priv->sysctl_debug, 0, req); + error = sysctl_handle_int(oidp, &sys_debug, 0, req); if (error != 0 || !req->newptr) - return (error); - priv->sysctl_debug = priv->sysctl_debug != 0; + goto done; + sys_debug = sys_debug ? 1 : 0; if (sys_debug == priv->sysctl_debug) - return (0); + goto done; - PRIV_LOCK(priv); - if (priv->sysctl_debug) { + if ((priv->sysctl_debug = sys_debug)) { mlx5e_create_stats(&priv->stats.port_stats_debug.ctx, SYSCTL_CHILDREN(priv->sysctl_ifnet), "debug_stats", mlx5e_port_stats_debug_desc, MLX5E_PORT_STATS_DEBUG_NUM, priv->stats.port_stats_debug.arg); - SYSCTL_ADD_PROC(&priv->sysctl_ctx_channel_debug, + SYSCTL_ADD_PROC(&priv->stats.port_stats_debug.ctx, SYSCTL_CHILDREN(priv->sysctl_ifnet), OID_AUTO, "hw_ctx_debug", CTLFLAG_RD | CTLFLAG_MPSAFE | CTLTYPE_STRING, priv, 0, mlx5e_ethtool_debug_channel_info, "S", ""); } else { sysctl_ctx_free(&priv->stats.port_stats_debug.ctx); - sysctl_ctx_free(&priv->sysctl_ctx_channel_debug); } +done: PRIV_UNLOCK(priv); - return (0); + return (error); } static void @@ -1151,33 +1235,37 @@ mlx5e_create_ethtool(struct mlx5e_priv *priv) qos_node = SYSCTL_ADD_NODE(&priv->sysctl_ctx, SYSCTL_CHILDREN(node), OID_AUTO, "qos", CTLFLAG_RW, NULL, "Quality Of Service configuration"); - if (node == NULL) - return; - - /* Prioriry rate limit support */ - if (mlx5e_getmaxrate(priv)) + if (qos_node == NULL) return; - for (i = 0; i <= mlx5_max_tc(mdev); i++) { - char name[32]; - snprintf(name, sizeof(name), "tc_%d_max_rate", i); + /* Priority rate limit support */ + if (mlx5e_getmaxrate(priv) == 0) { SYSCTL_ADD_PROC(&priv->sysctl_ctx, SYSCTL_CHILDREN(qos_node), - OID_AUTO, name, CTLTYPE_U64 | CTLFLAG_RW | CTLFLAG_MPSAFE, - priv, i, mlx5e_tc_maxrate_handler, "QU", - "Max rate for priority, specified in kilobits, where kilo=1000, \ - max_rate must be divisible by 100000"); + OID_AUTO, "tc_max_rate", CTLTYPE_U64 | CTLFLAG_RWTUN | CTLFLAG_MPSAFE, + priv, 0, mlx5e_tc_maxrate_handler, "QU", + "Max rate for priority, specified in kilobits, where kilo=1000, " + "max_rate must be divisible by 100000"); } - if (mlx5e_get_prio_tc(priv)) - return; - - for (i = 0; i <= mlx5_max_tc(mdev); i++) { - char name[32]; - snprintf(name, sizeof(name), "prio_%d_to_tc", i); + /* Bandwidth limiting by ratio */ + if (mlx5e_get_max_alloc(priv) == 0) { SYSCTL_ADD_PROC(&priv->sysctl_ctx, SYSCTL_CHILDREN(qos_node), - OID_AUTO, name, CTLTYPE_U8 | CTLFLAG_RW | CTLFLAG_MPSAFE, + OID_AUTO, "tc_rate_share", CTLTYPE_U8 | CTLFLAG_RWTUN | CTLFLAG_MPSAFE, + priv, 0, mlx5e_tc_rate_share_handler, "QU", + "Specify bandwidth ratio from 1 to 100 " + "for the available traffic classes"); + } + + /* Priority to traffic class mapping */ + if (mlx5e_get_prio_tc(priv) == 0) { + for (i = 0; i <= mlx5_max_tc(mdev); i++) { + char name[32]; + snprintf(name, sizeof(name), "prio_%d_to_tc", i); + SYSCTL_ADD_PROC(&priv->sysctl_ctx, SYSCTL_CHILDREN(qos_node), + OID_AUTO, name, CTLTYPE_U8 | CTLFLAG_RWTUN | CTLFLAG_MPSAFE, priv, i, mlx5e_prio_to_tc_handler, "CU", "Set priority to traffic class"); + } } /* DSCP support */ diff --git a/sys/dev/mlx5/mlx5_en/mlx5_en_main.c b/sys/dev/mlx5/mlx5_en/mlx5_en_main.c index 916ebe72c46c..47c209ace586 100644 --- a/sys/dev/mlx5/mlx5_en/mlx5_en_main.c +++ b/sys/dev/mlx5/mlx5_en/mlx5_en_main.c @@ -1,5 +1,5 @@ /*- - * Copyright (c) 2015 Mellanox Technologies. All rights reserved. + * Copyright (c) 2015-2018 Mellanox Technologies. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,11 +31,12 @@ #include <machine/atomic.h> #ifndef ETH_DRIVER_VERSION -#define ETH_DRIVER_VERSION "3.4.2" +#define ETH_DRIVER_VERSION "3.5.0" #endif +#define DRIVER_RELDATE "November 2018" -char mlx5e_version[] = "Mellanox Ethernet driver" - " (" ETH_DRIVER_VERSION ")"; +static const char mlx5e_version[] = "mlx5en: Mellanox Ethernet driver " + ETH_DRIVER_VERSION " (" DRIVER_RELDATE ")\n"; static int mlx5e_get_wqe_sz(struct mlx5e_priv *priv, u32 *wqe_sz, u32 *nsegs); @@ -159,8 +160,6 @@ static const struct { MALLOC_DEFINE(M_MLX5EN, "MLX5EN", "MLX5 Ethernet"); -static SYSCTL_NODE(_hw, OID_AUTO, mlx5, CTLFLAG_RW, 0, "MLX5 driver parameters"); - static void mlx5e_update_carrier(struct mlx5e_priv *priv) { @@ -169,6 +168,7 @@ mlx5e_update_carrier(struct mlx5e_priv *priv) u32 eth_proto_oper; int error; u8 port_state; + u8 is_er_type; u8 i; port_state = mlx5_query_vport_state(mdev, @@ -197,10 +197,33 @@ mlx5e_update_carrier(struct mlx5e_priv *priv) if (mlx5e_mode_table[i].baudrate == 0) continue; if (MLX5E_PROT_MASK(i) & eth_proto_oper) { + u32 subtype = mlx5e_mode_table[i].subtype; + priv->ifp->if_baudrate = mlx5e_mode_table[i].baudrate; - priv->media_active_last = - mlx5e_mode_table[i].subtype | IFM_ETHER | IFM_FDX; + + switch (subtype) { + case IFM_10G_ER: + error = mlx5_query_pddr_range_info(mdev, 1, &is_er_type); + if (error != 0) { + if_printf(priv->ifp, "%s: query port pddr failed: %d\n", + __func__, error); + } + if (error != 0 || is_er_type == 0) + subtype = IFM_10G_LR; + break; + case IFM_40G_LR4: + error = mlx5_query_pddr_range_info(mdev, 1, &is_er_type); + if (error != 0) { + if_printf(priv->ifp, "%s: query port pddr failed: %d\n", + __func__, error); + } + if (error == 0 && is_er_type != 0) + subtype = IFM_40G_ER4; + break; + } + priv->media_active_last = subtype | IFM_ETHER | IFM_FDX; + break; } } if_link_state_change(priv->ifp, LINK_STATE_UP); @@ -224,6 +247,15 @@ mlx5e_find_link_mode(u32 subtype) u32 i; u32 link_mode = 0; + switch (subtype) { + case IFM_10G_LR: + subtype = IFM_10G_ER; + break; + case IFM_40G_ER4: + subtype = IFM_40G_LR4; + break; + } + for (i = 0; i < MLX5E_LINK_MODES_NUMBER; ++i) { if (mlx5e_mode_table[i].baudrate == 0) continue; @@ -440,7 +472,6 @@ mlx5e_update_stats_work(struct work_struct *work) update_stats_work); struct mlx5_core_dev *mdev = priv->mdev; struct mlx5e_vport_stats *s = &priv->stats.vport; - struct mlx5e_rq_stats *rq_stats; struct mlx5e_sq_stats *sq_stats; struct buf_ring *sq_br; #if (__FreeBSD_version < 1100000) @@ -474,9 +505,9 @@ mlx5e_update_stats_work(struct work_struct *work) /* Collect firts the SW counters and then HW for consistency */ for (i = 0; i < priv->params.num_channels; i++) { - struct mlx5e_rq *rq = &priv->channel[i]->rq; - - rq_stats = &priv->channel[i]->rq.stats; + struct mlx5e_channel *pch = priv->channel + i; + struct mlx5e_rq *rq = &pch->rq; + struct mlx5e_rq_stats *rq_stats = &pch->rq.stats; /* collect stats from LRO */ rq_stats->sw_lro_queued = rq->lro.lro_queued; @@ -489,8 +520,8 @@ mlx5e_update_stats_work(struct work_struct *work) rx_wqe_err += rq_stats->wqe_err; for (j = 0; j < priv->num_tc; j++) { - sq_stats = &priv->channel[i]->sq[j].stats; - sq_br = priv->channel[i]->sq[j].br; + sq_stats = &pch->sq[j].stats; + sq_br = pch->sq[j].br; tso_packets += sq_stats->tso_packets; tso_bytes += sq_stats->tso_bytes; @@ -502,6 +533,12 @@ mlx5e_update_stats_work(struct work_struct *work) } } + s->tx_jumbo_packets = + priv->stats.port_stats_debug.p1519to2047octets + + priv->stats.port_stats_debug.p2048to4095octets + + priv->stats.port_stats_debug.p4096to8191octets + + priv->stats.port_stats_debug.p8192to10239octets; + /* update counters */ s->tso_packets = tso_packets; s->tso_bytes = tso_bytes; @@ -848,7 +885,7 @@ mlx5e_create_rq(struct mlx5e_channel *c, wq_sz = mlx5_wq_ll_get_size(&rq->wq); - err = -tcp_lro_init_args(&rq->lro, c->ifp, TCP_LRO_ENTRIES, wq_sz); + err = -tcp_lro_init_args(&rq->lro, c->tag.m_snd_tag.ifp, TCP_LRO_ENTRIES, wq_sz); if (err) goto err_rq_wq_destroy; @@ -878,7 +915,7 @@ mlx5e_create_rq(struct mlx5e_channel *c, #endif } - rq->ifp = c->ifp; + rq->ifp = c->tag.m_snd_tag.ifp; rq->channel = c; rq->ix = c->ix; @@ -1120,6 +1157,52 @@ static const char *mlx5e_sq_stats_desc[] = { MLX5E_SQ_STATS(MLX5E_STATS_DESC) }; +void +mlx5e_update_sq_inline(struct mlx5e_sq *sq) +{ + sq->max_inline = sq->priv->params.tx_max_inline; + sq->min_inline_mode = sq->priv->params.tx_min_inline_mode; + + /* + * Check if trust state is DSCP or if inline mode is NONE which + * indicates CX-5 or newer hardware. + */ + if (sq->priv->params_ethtool.trust_state != MLX5_QPTS_TRUST_PCP || + sq->min_inline_mode == MLX5_INLINE_MODE_NONE) { + if (MLX5_CAP_ETH(sq->priv->mdev, wqe_vlan_insert)) + sq->min_insert_caps = MLX5E_INSERT_VLAN | MLX5E_INSERT_NON_VLAN; + else + sq->min_insert_caps = MLX5E_INSERT_NON_VLAN; + } else { + sq->min_insert_caps = 0; + } +} + +static void +mlx5e_refresh_sq_inline_sub(struct mlx5e_priv *priv, struct mlx5e_channel *c) +{ + int i; + + for (i = 0; i != c->num_tc; i++) { + mtx_lock(&c->sq[i].lock); + mlx5e_update_sq_inline(&c->sq[i]); + mtx_unlock(&c->sq[i].lock); + } +} + +void +mlx5e_refresh_sq_inline(struct mlx5e_priv *priv) +{ + int i; + + /* check if channels are closed */ + if (test_bit(MLX5E_STATE_OPENED, &priv->state) == 0) + return; + + for (i = 0; i < priv->params.num_channels; i++) + mlx5e_refresh_sq_inline_sub(priv, &priv->channel[i]); +} + static int mlx5e_create_sq(struct mlx5e_channel *c, int tc, @@ -1129,13 +1212,8 @@ mlx5e_create_sq(struct mlx5e_channel *c, struct mlx5e_priv *priv = c->priv; struct mlx5_core_dev *mdev = priv->mdev; char buffer[16]; - void *sqc = param->sqc; void *sqc_wq = MLX5_ADDR_OF(sqc, sqc, wq); -#ifdef RSS - cpuset_t cpu_mask; - int cpu_id; -#endif int err; /* Create DMA descriptor TAG */ @@ -1174,41 +1252,9 @@ mlx5e_create_sq(struct mlx5e_channel *c, sq->ifp = priv->ifp; sq->priv = priv; sq->tc = tc; - sq->max_inline = priv->params.tx_max_inline; - sq->min_inline_mode = priv->params.tx_min_inline_mode; - sq->vlan_inline_cap = MLX5_CAP_ETH(mdev, wqe_vlan_insert); - - /* check if we should allocate a second packet buffer */ - if (priv->params_ethtool.tx_bufring_disable == 0) { - sq->br = buf_ring_alloc(MLX5E_SQ_TX_QUEUE_SIZE, M_MLX5EN, - M_WAITOK, &sq->lock); - if (sq->br == NULL) { - if_printf(c->ifp, "%s: Failed allocating sq drbr buffer\n", - __func__); - err = -ENOMEM; - goto err_free_sq_db; - } - sq->sq_tq = taskqueue_create_fast("mlx5e_que", M_WAITOK, - taskqueue_thread_enqueue, &sq->sq_tq); - if (sq->sq_tq == NULL) { - if_printf(c->ifp, "%s: Failed allocating taskqueue\n", - __func__); - err = -ENOMEM; - goto err_free_drbr; - } + mlx5e_update_sq_inline(sq); - TASK_INIT(&sq->sq_task, 0, mlx5e_tx_que, sq); -#ifdef RSS - cpu_id = rss_getcpu(c->ix % rss_getnumbuckets()); - CPU_SETOF(cpu_id, &cpu_mask); - taskqueue_start_threads_cpuset(&sq->sq_tq, 1, PI_NET, &cpu_mask, - "%s TX SQ%d.%d CPU%d", c->ifp->if_xname, c->ix, tc, cpu_id); -#else - taskqueue_start_threads(&sq->sq_tq, 1, PI_NET, - "%s TX SQ%d.%d", c->ifp->if_xname, c->ix, tc); -#endif - } snprintf(buffer, sizeof(buffer), "txstat%dtc%d", c->ix, tc); mlx5e_create_stats(&sq->stats.ctx, SYSCTL_CHILDREN(priv->sysctl_ifnet), buffer, mlx5e_sq_stats_desc, MLX5E_SQ_STATS_NUM, @@ -1216,10 +1262,6 @@ mlx5e_create_sq(struct mlx5e_channel *c, return (0); -err_free_drbr: - buf_ring_free(sq->br, M_MLX5EN); -err_free_sq_db: - mlx5e_free_sq_db(sq); err_sq_wq_destroy: mlx5_wq_destroy(&sq->wq_ctrl); @@ -1241,12 +1283,6 @@ mlx5e_destroy_sq(struct mlx5e_sq *sq) mlx5e_free_sq_db(sq); mlx5_wq_destroy(&sq->wq_ctrl); mlx5_unmap_free_uar(sq->priv->mdev, &sq->uar); - if (sq->sq_tq != NULL) { - taskqueue_drain(sq->sq_tq, &sq->sq_task); - taskqueue_free(sq->sq_tq); - } - if (sq->br != NULL) - buf_ring_free(sq->br, M_MLX5EN); } int @@ -1345,7 +1381,7 @@ mlx5e_open_sq(struct mlx5e_channel *c, if (err) goto err_disable_sq; - WRITE_ONCE(sq->queue_state, MLX5E_SQ_READY); + WRITE_ONCE(sq->running, 1); return (0); @@ -1421,19 +1457,20 @@ mlx5e_drain_sq(struct mlx5e_sq *sq) /* * Check if already stopped. * - * NOTE: The "stopped" variable is only written when both the - * priv's configuration lock and the SQ's lock is locked. It - * can therefore safely be read when only one of the two locks - * is locked. This function is always called when the priv's - * configuration lock is locked. + * NOTE: Serialization of this function is managed by the + * caller ensuring the priv's state lock is locked or in case + * of rate limit support, a single thread manages drain and + * resume of SQs. The "running" variable can therefore safely + * be read without any locks. */ - if (sq->stopped != 0) + if (READ_ONCE(sq->running) == 0) return; - mtx_lock(&sq->lock); - /* don't put more packets into the SQ */ - sq->stopped = 1; + WRITE_ONCE(sq->running, 0); + + /* serialize access to DMA rings */ + mtx_lock(&sq->lock); /* teardown event factor timer, if any */ sq->cev_next_state = MLX5E_CEV_STATE_HOLD_NOPS; @@ -1727,16 +1764,17 @@ mlx5e_chan_mtx_destroy(struct mlx5e_channel *c) static int mlx5e_open_channel(struct mlx5e_priv *priv, int ix, struct mlx5e_channel_param *cparam, - struct mlx5e_channel *volatile *cp) + struct mlx5e_channel *c) { - struct mlx5e_channel *c; int err; - c = malloc(sizeof(*c), M_MLX5EN, M_WAITOK | M_ZERO); + memset(c, 0, sizeof(*c)); + c->priv = priv; c->ix = ix; - c->cpu = 0; - c->ifp = priv->ifp; + /* setup send tag */ + c->tag.m_snd_tag.ifp = priv->ifp; + c->tag.type = IF_SND_TAG_TYPE_UNLIMITED; c->mkey_be = cpu_to_be32(priv->mr.key); c->num_tc = priv->num_tc; @@ -1762,9 +1800,6 @@ mlx5e_open_channel(struct mlx5e_priv *priv, int ix, if (err) goto err_close_sqs; - /* store channel pointer */ - *cp = c; - /* poll receive queue initially */ c->rq.cq.mcq.comp(&c->rq.cq.mcq); @@ -1782,39 +1817,24 @@ err_close_tx_cqs: err_free: /* destroy mutexes */ mlx5e_chan_mtx_destroy(c); - free(c, M_MLX5EN); return (err); } static void -mlx5e_close_channel(struct mlx5e_channel *volatile *pp) +mlx5e_close_channel(struct mlx5e_channel *c) { - struct mlx5e_channel *c = *pp; - - /* check if channel is already closed */ - if (c == NULL) - return; mlx5e_close_rq(&c->rq); } static void -mlx5e_close_channel_wait(struct mlx5e_channel *volatile *pp) +mlx5e_close_channel_wait(struct mlx5e_channel *c) { - struct mlx5e_channel *c = *pp; - - /* check if channel is already closed */ - if (c == NULL) - return; - /* ensure channel pointer is no longer used */ - *pp = NULL; - mlx5e_close_rq_wait(&c->rq); mlx5e_close_sqs_wait(c); mlx5e_close_cq(&c->rq.cq); mlx5e_close_tx_cqs(c); /* destroy mutexes */ mlx5e_chan_mtx_destroy(c); - free(c, M_MLX5EN); } static int @@ -1971,14 +1991,10 @@ static int mlx5e_open_channels(struct mlx5e_priv *priv) { struct mlx5e_channel_param cparam; - void *ptr; int err; int i; int j; - priv->channel = malloc(priv->params.num_channels * - sizeof(struct mlx5e_channel *), M_MLX5EN, M_WAITOK | M_ZERO); - mlx5e_build_channel_param(priv, &cparam); for (i = 0; i < priv->params.num_channels; i++) { err = mlx5e_open_channel(priv, i, &cparam, &priv->channel[i]); @@ -1987,47 +2003,29 @@ mlx5e_open_channels(struct mlx5e_priv *priv) } for (j = 0; j < priv->params.num_channels; j++) { - err = mlx5e_wait_for_min_rx_wqes(&priv->channel[j]->rq); + err = mlx5e_wait_for_min_rx_wqes(&priv->channel[j].rq); if (err) goto err_close_channels; } - return (0); err_close_channels: - for (i--; i >= 0; i--) { + while (i--) { mlx5e_close_channel(&priv->channel[i]); mlx5e_close_channel_wait(&priv->channel[i]); } - - /* remove "volatile" attribute from "channel" pointer */ - ptr = __DECONST(void *, priv->channel); - priv->channel = NULL; - - free(ptr, M_MLX5EN); - return (err); } static void mlx5e_close_channels(struct mlx5e_priv *priv) { - void *ptr; int i; - if (priv->channel == NULL) - return; - for (i = 0; i < priv->params.num_channels; i++) mlx5e_close_channel(&priv->channel[i]); for (i = 0; i < priv->params.num_channels; i++) mlx5e_close_channel_wait(&priv->channel[i]); - - /* remove "volatile" attribute from "channel" pointer */ - ptr = __DECONST(void *, priv->channel); - priv->channel = NULL; - - free(ptr, M_MLX5EN); } static int @@ -2093,9 +2091,6 @@ mlx5e_refresh_channel_params_sub(struct mlx5e_priv *priv, struct mlx5e_channel * int err; int i; - if (c == NULL) - return (EINVAL); - err = mlx5e_refresh_rq_params(priv, &c->rq); if (err) goto done; @@ -2114,13 +2109,14 @@ mlx5e_refresh_channel_params(struct mlx5e_priv *priv) { int i; - if (priv->channel == NULL) + /* check if channels are closed */ + if (test_bit(MLX5E_STATE_OPENED, &priv->state) == 0) return (EINVAL); for (i = 0; i < priv->params.num_channels; i++) { int err; - err = mlx5e_refresh_channel_params_sub(priv, priv->channel[i]); + err = mlx5e_refresh_channel_params_sub(priv, &priv->channel[i]); if (err) return (err); } @@ -2214,7 +2210,7 @@ mlx5e_open_rqt(struct mlx5e_priv *priv) /* apply receive side scaling stride, if any */ ix -= ix % (int)priv->params.channels_rsss; - MLX5_SET(rqtc, rqtc, rq_num[i], priv->channel[ix]->rq.rqn); + MLX5_SET(rqtc, rqtc, rq_num[i], priv->channel[ix].rq.rqn); } MLX5_SET(create_rqt_in, in, opcode, MLX5_CMD_OP_CREATE_RQT); @@ -2281,7 +2277,7 @@ mlx5e_build_tir_ctx(struct mlx5e_priv *priv, u32 * tirc, int tt) MLX5_SET(tirc, tirc, disp_type, MLX5_TIRC_DISP_TYPE_DIRECT); MLX5_SET(tirc, tirc, inline_rqn, - priv->channel[0]->rq.rqn); + priv->channel[0].rq.rqn); break; default: MLX5_SET(tirc, tirc, disp_type, @@ -2897,12 +2893,18 @@ mlx5e_ioctl(struct ifnet *ifp, u_long command, caddr_t data) bool need_restart = false; ifp->if_capenable ^= IFCAP_LRO; + + /* figure out if updating HW LRO is needed */ if (!(ifp->if_capenable & IFCAP_LRO)) { if (priv->params.hw_lro_en) { priv->params.hw_lro_en = false; need_restart = true; - /* Not sure this is the correct way */ - priv->params_ethtool.hw_lro = priv->params.hw_lro_en; + } + } else { + if (priv->params.hw_lro_en == false && + priv->params_ethtool.hw_lro != 0) { + priv->params.hw_lro_en = true; + need_restart = true; } } if (was_opened && need_restart) { @@ -3029,18 +3031,24 @@ mlx5e_check_required_hca_cap(struct mlx5_core_dev *mdev) static u16 mlx5e_get_max_inline_cap(struct mlx5_core_dev *mdev) { - int bf_buf_size = (1 << MLX5_CAP_GEN(mdev, log_bf_reg_size)) / 2; + uint32_t bf_buf_size = (1U << MLX5_CAP_GEN(mdev, log_bf_reg_size)) / 2U; + + bf_buf_size -= sizeof(struct mlx5e_tx_wqe) - 2; - return bf_buf_size - - sizeof(struct mlx5e_tx_wqe) + - 2 /*sizeof(mlx5e_tx_wqe.inline_hdr_start)*/; + /* verify against driver hardware limit */ + if (bf_buf_size > MLX5E_MAX_TX_INLINE) + bf_buf_size = MLX5E_MAX_TX_INLINE; + + return (bf_buf_size); } -static void +static int mlx5e_build_ifp_priv(struct mlx5_core_dev *mdev, struct mlx5e_priv *priv, int num_comp_vectors) { + int err; + /* * TODO: Consider link speed for setting "log_sq_size", * "log_rq_size" and "cq_moderation_xxx": @@ -3072,7 +3080,10 @@ mlx5e_build_ifp_priv(struct mlx5_core_dev *mdev, priv->params.default_vlan_prio = 0; priv->counter_set_id = -1; priv->params.tx_max_inline = mlx5e_get_max_inline_cap(mdev); - mlx5_query_min_inline(mdev, &priv->params.tx_min_inline_mode); + + err = mlx5_query_min_inline(mdev, &priv->params.tx_min_inline_mode); + if (err) + return (err); /* * hw lro is currently defaulted to off. when it won't anymore we @@ -3095,6 +3106,8 @@ mlx5e_build_ifp_priv(struct mlx5_core_dev *mdev, INIT_WORK(&priv->update_stats_work, mlx5e_update_stats_work); INIT_WORK(&priv->update_carrier_work, mlx5e_update_carrier_work); INIT_WORK(&priv->set_rx_mode_work, mlx5e_set_rx_mode_work); + + return (0); } static int @@ -3201,7 +3214,7 @@ mlx5e_resume_sq(struct mlx5e_sq *sq) int err; /* check if already enabled */ - if (sq->stopped == 0) + if (READ_ONCE(sq->running) != 0) return; err = mlx5e_modify_sq(sq, MLX5_SQC_STATE_ERR, @@ -3224,11 +3237,8 @@ mlx5e_resume_sq(struct mlx5e_sq *sq) "mlx5e_modify_sq() from RST to RDY failed: %d\n", err); } - mtx_lock(&sq->lock); sq->cev_next_state = MLX5E_CEV_STATE_INITIAL; - sq->stopped = 0; - mtx_unlock(&sq->lock); - + WRITE_ONCE(sq->running, 1); } static void @@ -3299,18 +3309,14 @@ mlx5e_modify_tx_dma(struct mlx5e_priv *priv, uint8_t value) { int i; - if (priv->channel == NULL) + if (test_bit(MLX5E_STATE_OPENED, &priv->state) == 0) return; for (i = 0; i < priv->params.num_channels; i++) { - - if (!priv->channel[i]) - continue; - if (value) - mlx5e_disable_tx_dma(priv->channel[i]); + mlx5e_disable_tx_dma(&priv->channel[i]); else - mlx5e_enable_tx_dma(priv->channel[i]); + mlx5e_enable_tx_dma(&priv->channel[i]); } } @@ -3319,35 +3325,17 @@ mlx5e_modify_rx_dma(struct mlx5e_priv *priv, uint8_t value) { int i; - if (priv->channel == NULL) + if (test_bit(MLX5E_STATE_OPENED, &priv->state) == 0) return; for (i = 0; i < priv->params.num_channels; i++) { - - if (!priv->channel[i]) - continue; - if (value) - mlx5e_disable_rx_dma(priv->channel[i]); + mlx5e_disable_rx_dma(&priv->channel[i]); else - mlx5e_enable_rx_dma(priv->channel[i]); + mlx5e_enable_rx_dma(&priv->channel[i]); } } -u8 -mlx5e_params_calculate_tx_min_inline(struct mlx5_core_dev *mdev) -{ - u8 min_inline_mode; - - min_inline_mode = MLX5_INLINE_MODE_L2; - mlx5_query_min_inline(mdev, &min_inline_mode); - if (min_inline_mode == MLX5_INLINE_MODE_NONE && - !MLX5_CAP_ETH(mdev, wqe_vlan_insert)) - min_inline_mode = MLX5_INLINE_MODE_L2; - - return (min_inline_mode); -} - static void mlx5e_add_hw_stats(struct mlx5e_priv *priv) { @@ -3532,6 +3520,141 @@ mlx5e_setup_pauseframes(struct mlx5e_priv *priv) PRIV_UNLOCK(priv); } +static int +mlx5e_ul_snd_tag_alloc(struct ifnet *ifp, + union if_snd_tag_alloc_params *params, + struct m_snd_tag **ppmt) +{ + struct mlx5e_priv *priv; + struct mlx5e_channel *pch; + + priv = ifp->if_softc; + + if (unlikely(priv->gone || params->hdr.flowtype == M_HASHTYPE_NONE)) { + return (EOPNOTSUPP); + } else { + /* keep this code synced with mlx5e_select_queue() */ + u32 ch = priv->params.num_channels; +#ifdef RSS + u32 temp; + + if (rss_hash2bucket(params->hdr.flowid, + params->hdr.flowtype, &temp) == 0) + ch = temp % ch; + else +#endif + ch = (params->hdr.flowid % 128) % ch; + + /* + * NOTE: The channels array is only freed at detach + * and it safe to return a pointer to the send tag + * inside the channels structure as long as we + * reference the priv. + */ + pch = priv->channel + ch; + + /* check if send queue is not running */ + if (unlikely(pch->sq[0].running == 0)) + return (ENXIO); + mlx5e_ref_channel(priv); + *ppmt = &pch->tag.m_snd_tag; + return (0); + } +} + +static int +mlx5e_ul_snd_tag_query(struct m_snd_tag *pmt, union if_snd_tag_query_params *params) +{ + struct mlx5e_channel *pch = + container_of(pmt, struct mlx5e_channel, tag.m_snd_tag); + + params->unlimited.max_rate = -1ULL; + params->unlimited.queue_level = mlx5e_sq_queue_level(&pch->sq[0]); + return (0); +} + +static void +mlx5e_ul_snd_tag_free(struct m_snd_tag *pmt) +{ + struct mlx5e_channel *pch = + container_of(pmt, struct mlx5e_channel, tag.m_snd_tag); + + mlx5e_unref_channel(pch->priv); +} + +static int +mlx5e_snd_tag_alloc(struct ifnet *ifp, + union if_snd_tag_alloc_params *params, + struct m_snd_tag **ppmt) +{ + + switch (params->hdr.type) { +#ifdef RATELIMIT + case IF_SND_TAG_TYPE_RATE_LIMIT: + return (mlx5e_rl_snd_tag_alloc(ifp, params, ppmt)); +#endif + case IF_SND_TAG_TYPE_UNLIMITED: + return (mlx5e_ul_snd_tag_alloc(ifp, params, ppmt)); + default: + return (EOPNOTSUPP); + } +} + +static int +mlx5e_snd_tag_modify(struct m_snd_tag *pmt, union if_snd_tag_modify_params *params) +{ + struct mlx5e_snd_tag *tag = + container_of(pmt, struct mlx5e_snd_tag, m_snd_tag); + + switch (tag->type) { +#ifdef RATELIMIT + case IF_SND_TAG_TYPE_RATE_LIMIT: + return (mlx5e_rl_snd_tag_modify(pmt, params)); +#endif + case IF_SND_TAG_TYPE_UNLIMITED: + default: + return (EOPNOTSUPP); + } +} + +static int +mlx5e_snd_tag_query(struct m_snd_tag *pmt, union if_snd_tag_query_params *params) +{ + struct mlx5e_snd_tag *tag = + container_of(pmt, struct mlx5e_snd_tag, m_snd_tag); + + switch (tag->type) { +#ifdef RATELIMIT + case IF_SND_TAG_TYPE_RATE_LIMIT: + return (mlx5e_rl_snd_tag_query(pmt, params)); +#endif + case IF_SND_TAG_TYPE_UNLIMITED: + return (mlx5e_ul_snd_tag_query(pmt, params)); + default: + return (EOPNOTSUPP); + } +} + +static void +mlx5e_snd_tag_free(struct m_snd_tag *pmt) +{ + struct mlx5e_snd_tag *tag = + container_of(pmt, struct mlx5e_snd_tag, m_snd_tag); + + switch (tag->type) { +#ifdef RATELIMIT + case IF_SND_TAG_TYPE_RATE_LIMIT: + mlx5e_rl_snd_tag_free(pmt); + break; +#endif + case IF_SND_TAG_TYPE_UNLIMITED: + mlx5e_ul_snd_tag_free(pmt); + break; + default: + break; + } +} + static void * mlx5e_create_ifp(struct mlx5_core_dev *mdev) { @@ -3549,7 +3672,13 @@ mlx5e_create_ifp(struct mlx5_core_dev *mdev) mlx5_core_dbg(mdev, "mlx5e_check_required_hca_cap() failed\n"); return (NULL); } - priv = malloc(sizeof(*priv), M_MLX5EN, M_WAITOK | M_ZERO); + /* + * Try to allocate the priv and make room for worst-case + * number of channel structures: + */ + priv = malloc(sizeof(*priv) + + (sizeof(priv->channel[0]) * mdev->priv.eq_table.num_comp_vectors), + M_MLX5EN, M_WAITOK | M_ZERO); mlx5e_priv_mtx_init(priv); ifp = priv->ifp = if_alloc(IFT_ETHER); @@ -3579,13 +3708,11 @@ mlx5e_create_ifp(struct mlx5_core_dev *mdev) ifp->if_capabilities |= IFCAP_LRO; ifp->if_capabilities |= IFCAP_TSO | IFCAP_VLAN_HWTSO; ifp->if_capabilities |= IFCAP_HWSTATS | IFCAP_HWRXTSTMP; -#ifdef RATELIMIT ifp->if_capabilities |= IFCAP_TXRTLMT; - ifp->if_snd_tag_alloc = mlx5e_rl_snd_tag_alloc; - ifp->if_snd_tag_free = mlx5e_rl_snd_tag_free; - ifp->if_snd_tag_modify = mlx5e_rl_snd_tag_modify; - ifp->if_snd_tag_query = mlx5e_rl_snd_tag_query; -#endif + ifp->if_snd_tag_alloc = mlx5e_snd_tag_alloc; + ifp->if_snd_tag_free = mlx5e_snd_tag_free; + ifp->if_snd_tag_modify = mlx5e_snd_tag_modify; + ifp->if_snd_tag_query = mlx5e_snd_tag_query; /* set TSO limits so that we don't have to drop TX packets */ ifp->if_hw_tsomax = MLX5E_MAX_TX_PAYLOAD_SIZE - (ETHER_HDR_LEN + ETHER_VLAN_ENCAP_LEN); @@ -3601,8 +3728,6 @@ mlx5e_create_ifp(struct mlx5_core_dev *mdev) if (ifp->if_capenable & IFCAP_TXCSUM_IPV6) ifp->if_hwassist |= (CSUM_UDP_IPV6 | CSUM_TCP_IPV6); - sysctl_ctx_init(&priv->sysctl_ctx_channel_debug); - /* ifnet sysctl tree */ sysctl_ctx_init(&priv->sysctl_ctx); priv->sysctl_ifnet = SYSCTL_ADD_NODE(&priv->sysctl_ctx, SYSCTL_STATIC_CHILDREN(_dev), @@ -3627,7 +3752,12 @@ mlx5e_create_ifp(struct mlx5_core_dev *mdev) mlx5_core_err(mdev, "SYSCTL_ADD_NODE() failed\n"); goto err_free_sysctl; } - mlx5e_build_ifp_priv(mdev, priv, ncv); + + err = mlx5e_build_ifp_priv(mdev, priv, ncv); + if (err) { + mlx5_core_err(mdev, "mlx5e_build_ifp_priv() failed (%d)\n", err); + goto err_free_sysctl; + } snprintf(unit, sizeof(unit), "mce%u_wq", device_get_unit(mdev->pdev->dev.bsddev)); @@ -3681,9 +3811,6 @@ mlx5e_create_ifp(struct mlx5_core_dev *mdev) /* set default MTU */ mlx5e_set_dev_port_mtu(ifp, ifp->if_mtu); - /* Set desc */ - device_set_desc(mdev->pdev->dev.bsddev, mlx5e_version); - /* Set default media status */ priv->media_status_last = IFM_AVALID; priv->media_active_last = IFM_ETHER | IFM_AUTO | @@ -3717,6 +3844,17 @@ mlx5e_create_ifp(struct mlx5_core_dev *mdev) } } + /* Additional supported medias */ + ifmedia_add(&priv->media, IFM_10G_LR | IFM_ETHER, 0, NULL); + ifmedia_add(&priv->media, IFM_10G_LR | + IFM_ETHER | IFM_FDX | + IFM_ETH_RXPAUSE | IFM_ETH_TXPAUSE, 0, NULL); + + ifmedia_add(&priv->media, IFM_40G_ER4 | IFM_ETHER, 0, NULL); + ifmedia_add(&priv->media, IFM_40G_ER4 | + IFM_ETHER | IFM_FDX | + IFM_ETH_RXPAUSE | IFM_ETH_TXPAUSE, 0, NULL); + ifmedia_add(&priv->media, IFM_ETHER | IFM_AUTO, 0, NULL); ifmedia_add(&priv->media, IFM_ETHER | IFM_AUTO | IFM_FDX | IFM_ETH_RXPAUSE | IFM_ETH_TXPAUSE, 0, NULL); @@ -3780,8 +3918,8 @@ err_free_wq: err_free_sysctl: sysctl_ctx_free(&priv->sysctl_ctx); - sysctl_ctx_free(&priv->sysctl_ctx_channel_debug); - + if (priv->sysctl_debug) + sysctl_ctx_free(&priv->stats.port_stats_debug.ctx); if_free(ifp); err_free_priv: @@ -3799,13 +3937,6 @@ mlx5e_destroy_ifp(struct mlx5_core_dev *mdev, void *vpriv) /* don't allow more IOCTLs */ priv->gone = 1; - /* - * Clear the device description to avoid use after free, - * because the bsddev is not destroyed when this module is - * unloaded: - */ - device_set_desc(mdev->pdev->dev.bsddev, NULL); - /* XXX wait a bit to allow IOCTL handlers to complete */ pause("W", hz); @@ -3836,6 +3967,13 @@ mlx5e_destroy_ifp(struct mlx5_core_dev *mdev, void *vpriv) mlx5e_close_locked(ifp); PRIV_UNLOCK(priv); + /* wait for all unlimited send tags to go away */ + while (priv->channel_refs != 0) { + if_printf(priv->ifp, "Waiting for all unlimited connections " + "to terminate\n"); + pause("W", hz); + } + /* unregister device */ ifmedia_removeall(&priv->media); ether_ifdetach(ifp); @@ -3845,13 +3983,11 @@ mlx5e_destroy_ifp(struct mlx5_core_dev *mdev, void *vpriv) mlx5e_rl_cleanup(priv); #endif /* destroy all remaining sysctl nodes */ - if (priv->sysctl_debug) { - sysctl_ctx_free(&priv->sysctl_ctx_channel_debug); - sysctl_ctx_free(&priv->stats.port_stats_debug.ctx); - } sysctl_ctx_free(&priv->stats.vport.ctx); sysctl_ctx_free(&priv->stats.pport.ctx); sysctl_ctx_free(&priv->sysctl_ctx); + if (priv->sysctl_debug) + sysctl_ctx_free(&priv->stats.port_stats_debug.ctx); mlx5_core_destroy_mkey(priv->mdev, &priv->mr); mlx5_dealloc_transport_domain(priv->mdev, priv->tdn); @@ -3891,6 +4027,14 @@ mlx5e_cleanup(void) mlx5_unregister_interface(&mlx5e_interface); } +static void +mlx5e_show_version(void __unused *arg) +{ + + printf("%s", mlx5e_version); +} +SYSINIT(mlx5e_show_version, SI_SUB_DRIVERS, SI_ORDER_ANY, mlx5e_show_version, NULL); + module_init_order(mlx5e_init, SI_ORDER_THIRD); module_exit_order(mlx5e_cleanup, SI_ORDER_THIRD); diff --git a/sys/dev/mlx5/mlx5_en/mlx5_en_rl.c b/sys/dev/mlx5/mlx5_en/mlx5_en_rl.c index 4dac7377cef1..80b38028703a 100644 --- a/sys/dev/mlx5/mlx5_en/mlx5_en_rl.c +++ b/sys/dev/mlx5/mlx5_en/mlx5_en_rl.c @@ -137,9 +137,8 @@ mlx5e_rl_create_sq(struct mlx5e_priv *priv, struct mlx5e_sq *sq, sq->mkey_be = cpu_to_be32(priv->mr.key); sq->ifp = priv->ifp; sq->priv = priv; - sq->max_inline = priv->params.tx_max_inline; - sq->min_inline_mode = priv->params.tx_min_inline_mode; - sq->vlan_inline_cap = MLX5_CAP_ETH(mdev, wqe_vlan_insert); + + mlx5e_update_sq_inline(sq); return (0); @@ -421,7 +420,6 @@ mlx5e_rlw_channel_set_rate_locked(struct mlx5e_rl_worker *rlw, if (rate == 0) { /* rate doesn't exist, fallback to unlimited */ - error = EINVAL; index = 0; rate = 0; atomic_add_64(&rlw->priv->rl.stats.tx_modify_rate_failure, 1ULL); @@ -460,9 +458,9 @@ mlx5e_rlw_channel_set_rate_locked(struct mlx5e_rl_worker *rlw, howmany(rate, 1000), burst); } - /* set new rate */ + /* set new rate, if SQ is running */ sq = channel->sq; - if (sq != NULL) { + if (sq != NULL && READ_ONCE(sq->running) != 0) { error = mlx5e_rl_modify_sq(sq, index); if (error != 0) atomic_add_64(&rlw->priv->rl.stats.tx_modify_rate_failure, 1ULL); @@ -843,7 +841,8 @@ mlx5e_rl_init(struct mlx5e_priv *priv) for (i = 0; i < rl->param.tx_channels_per_worker_def; i++) { struct mlx5e_rl_channel *channel = rlw->channels + i; channel->worker = rlw; - channel->m_snd_tag.ifp = priv->ifp; + channel->tag.m_snd_tag.ifp = priv->ifp; + channel->tag.type = IF_SND_TAG_TYPE_RATE_LIMIT; STAILQ_INSERT_TAIL(&rlw->index_list_head, channel, entry); } MLX5E_RL_WORKER_UNLOCK(rlw); @@ -1040,17 +1039,21 @@ mlx5e_rl_modify(struct mlx5e_rl_worker *rlw, struct mlx5e_rl_channel *channel, u } static int -mlx5e_rl_query(struct mlx5e_rl_worker *rlw, struct mlx5e_rl_channel *channel, uint64_t *prate) +mlx5e_rl_query(struct mlx5e_rl_worker *rlw, struct mlx5e_rl_channel *channel, + union if_snd_tag_query_params *params) { int retval; MLX5E_RL_WORKER_LOCK(rlw); switch (channel->state) { case MLX5E_RL_ST_USED: - *prate = channel->last_rate; + params->rate_limit.max_rate = channel->last_rate; + params->rate_limit.queue_level = mlx5e_sq_queue_level(channel->sq); retval = 0; break; case MLX5E_RL_ST_MODIFY: + params->rate_limit.max_rate = channel->last_rate; + params->rate_limit.queue_level = mlx5e_sq_queue_level(channel->sq); retval = EBUSY; break; default: @@ -1122,7 +1125,7 @@ mlx5e_rl_snd_tag_alloc(struct ifnet *ifp, } /* store pointer to mbuf tag */ - *ppmt = &channel->m_snd_tag; + *ppmt = &channel->tag.m_snd_tag; done: return (error); } @@ -1132,7 +1135,7 @@ int mlx5e_rl_snd_tag_modify(struct m_snd_tag *pmt, union if_snd_tag_modify_params *params) { struct mlx5e_rl_channel *channel = - container_of(pmt, struct mlx5e_rl_channel, m_snd_tag); + container_of(pmt, struct mlx5e_rl_channel, tag.m_snd_tag); return (mlx5e_rl_modify(channel->worker, channel, params->rate_limit.max_rate)); } @@ -1141,16 +1144,16 @@ int mlx5e_rl_snd_tag_query(struct m_snd_tag *pmt, union if_snd_tag_query_params *params) { struct mlx5e_rl_channel *channel = - container_of(pmt, struct mlx5e_rl_channel, m_snd_tag); + container_of(pmt, struct mlx5e_rl_channel, tag.m_snd_tag); - return (mlx5e_rl_query(channel->worker, channel, ¶ms->rate_limit.max_rate)); + return (mlx5e_rl_query(channel->worker, channel, params)); } void mlx5e_rl_snd_tag_free(struct m_snd_tag *pmt) { struct mlx5e_rl_channel *channel = - container_of(pmt, struct mlx5e_rl_channel, m_snd_tag); + container_of(pmt, struct mlx5e_rl_channel, tag.m_snd_tag); mlx5e_rl_free(channel->worker, channel); } @@ -1234,6 +1237,32 @@ mlx5e_rl_refresh_channel_params(struct mlx5e_rl_priv_data *rl) return (0); } +void +mlx5e_rl_refresh_sq_inline(struct mlx5e_rl_priv_data *rl) +{ + uint64_t x; + uint64_t y; + + for (y = 0; y != rl->param.tx_worker_threads_def; y++) { + struct mlx5e_rl_worker *rlw = rl->workers + y; + + for (x = 0; x != rl->param.tx_channels_per_worker_def; x++) { + struct mlx5e_rl_channel *channel; + struct mlx5e_sq *sq; + + channel = rlw->channels + x; + sq = channel->sq; + + if (sq == NULL) + continue; + + mtx_lock(&sq->lock); + mlx5e_update_sq_inline(sq); + mtx_unlock(&sq->lock); + } + } +} + static int mlx5e_rl_tx_limit_add(struct mlx5e_rl_priv_data *rl, uint64_t value) { diff --git a/sys/dev/mlx5/mlx5_en/mlx5_en_rx.c b/sys/dev/mlx5/mlx5_en/mlx5_en_rx.c index cbd7e00a35b9..079c5ddb11a7 100644 --- a/sys/dev/mlx5/mlx5_en/mlx5_en_rx.c +++ b/sys/dev/mlx5/mlx5_en/mlx5_en_rx.c @@ -482,6 +482,7 @@ mlx5e_poll_rx_cq(struct mlx5e_rq *rq, int budget) } mlx5e_build_rx_mbuf(cqe, rq, mb, byte_cnt); + rq->stats.bytes += byte_cnt; rq->stats.packets++; #if !defined(HAVE_TCP_LRO_RX) diff --git a/sys/dev/mlx5/mlx5_en/mlx5_en_tx.c b/sys/dev/mlx5/mlx5_en/mlx5_en_tx.c index 40d8157c6771..f5585cb80b30 100644 --- a/sys/dev/mlx5/mlx5_en/mlx5_en_tx.c +++ b/sys/dev/mlx5/mlx5_en/mlx5_en_tx.c @@ -1,5 +1,5 @@ /*- - * Copyright (c) 2015 Mellanox Technologies. All rights reserved. + * Copyright (c) 2015-2018 Mellanox Technologies. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -78,20 +78,54 @@ SYSINIT(mlx5e_hash_init, SI_SUB_RANDOM, SI_ORDER_ANY, &mlx5e_hash_init, NULL); #endif static struct mlx5e_sq * +mlx5e_select_queue_by_send_tag(struct ifnet *ifp, struct mbuf *mb) +{ + struct mlx5e_snd_tag *ptag; + struct mlx5e_sq *sq; + + /* check for route change */ + if (mb->m_pkthdr.snd_tag->ifp != ifp) + return (NULL); + + /* get pointer to sendqueue */ + ptag = container_of(mb->m_pkthdr.snd_tag, + struct mlx5e_snd_tag, m_snd_tag); + + switch (ptag->type) { +#ifdef RATELIMIT + case IF_SND_TAG_TYPE_RATE_LIMIT: + sq = container_of(ptag, + struct mlx5e_rl_channel, tag)->sq; + break; +#endif + case IF_SND_TAG_TYPE_UNLIMITED: + sq = &container_of(ptag, + struct mlx5e_channel, tag)->sq[0]; + KASSERT(({ + struct mlx5e_priv *priv = ifp->if_softc; + priv->channel_refs > 0; }), + ("mlx5e_select_queue: Channel refs are zero for unlimited tag")); + break; + default: + sq = NULL; + break; + } + + /* check if valid */ + if (sq != NULL && READ_ONCE(sq->running) != 0) + return (sq); + + return (NULL); +} + +static struct mlx5e_sq * mlx5e_select_queue(struct ifnet *ifp, struct mbuf *mb) { struct mlx5e_priv *priv = ifp->if_softc; - struct mlx5e_channel * volatile *ppch; - struct mlx5e_channel *pch; + struct mlx5e_sq *sq; u32 ch; u32 tc; - ppch = priv->channel; - - /* check if channels are successfully opened */ - if (unlikely(ppch == NULL)) - return (NULL); - /* obtain VLAN information if present */ if (mb->m_flags & M_VLANTAG) { tc = (mb->m_pkthdr.ether_vtag >> 13); @@ -103,25 +137,6 @@ mlx5e_select_queue(struct ifnet *ifp, struct mbuf *mb) ch = priv->params.num_channels; -#ifdef RATELIMIT - if (mb->m_pkthdr.snd_tag != NULL) { - struct mlx5e_sq *sq; - - /* check for route change */ - if (mb->m_pkthdr.snd_tag->ifp != ifp) - return (NULL); - - /* get pointer to sendqueue */ - sq = container_of(mb->m_pkthdr.snd_tag, - struct mlx5e_rl_channel, m_snd_tag)->sq; - - /* check if valid */ - if (sq != NULL && sq->stopped == 0) - return (sq); - - /* FALLTHROUGH */ - } -#endif /* check if flowid is set */ if (M_HASHTYPE_GET(mb) != M_HASHTYPE_NONE) { #ifdef RSS @@ -146,57 +161,61 @@ mlx5e_select_queue(struct ifnet *ifp, struct mbuf *mb) #endif } - /* check if channel is allocated and not stopped */ - pch = ppch[ch]; - if (likely(pch != NULL && pch->sq[tc].stopped == 0)) - return (&pch->sq[tc]); + /* check if send queue is running */ + sq = &priv->channel[ch].sq[tc]; + if (likely(READ_ONCE(sq->running) != 0)) + return (sq); return (NULL); } static inline u16 -mlx5e_get_inline_hdr_size(struct mlx5e_sq *sq, struct mbuf *mb) +mlx5e_get_l2_header_size(struct mlx5e_sq *sq, struct mbuf *mb) { + struct ether_vlan_header *eh; + uint16_t eth_type; + int min_inline; - switch(sq->min_inline_mode) { - case MLX5_INLINE_MODE_NONE: - /* - * When inline mode is NONE, we do not need to copy - * headers into WQEs, except when vlan tag framing is - * requested. Hardware might offload vlan tagging on - * transmit. This is a separate capability, which is - * known to be disabled on ConnectX-5 due to a hardware - * bug RM 931383. If vlan_inline_cap is not present and - * the packet has vlan tag, fall back to inlining. - */ - if ((mb->m_flags & M_VLANTAG) != 0 && - sq->vlan_inline_cap == 0) - break; - return (0); - case MLX5_INLINE_MODE_L2: + eh = mtod(mb, struct ether_vlan_header *); + if (unlikely(mb->m_len < ETHER_HDR_LEN)) { + goto max_inline; + } else if (eh->evl_encap_proto == htons(ETHERTYPE_VLAN)) { + if (unlikely(mb->m_len < (ETHER_HDR_LEN + ETHER_VLAN_ENCAP_LEN))) + goto max_inline; + eth_type = ntohs(eh->evl_proto); + min_inline = ETHER_HDR_LEN + ETHER_VLAN_ENCAP_LEN; + } else { + eth_type = ntohs(eh->evl_encap_proto); + min_inline = ETHER_HDR_LEN; + } + + switch (eth_type) { + case ETHERTYPE_IP: + case ETHERTYPE_IPV6: /* - * Due to hardware limitations, when trust mode is - * DSCP, the hardware may request MLX5_INLINE_MODE_L2 - * while it really needs all L2 headers and the 4 first - * bytes of the IP header (which include the - * TOS/traffic-class). - * - * To avoid doing a firmware command for querying the - * trust state and parsing the mbuf for doing - * unnecessary checks (VLAN/eth_type) in the fast path, - * we are going for the worth case (22 Bytes) if - * the mb->m_pkthdr.len allows it. + * Make sure the TOS(IPv4) or traffic class(IPv6) + * field gets inlined. Else the SQ may stall. */ - if (mb->m_pkthdr.len > ETHER_HDR_LEN + - ETHER_VLAN_ENCAP_LEN + 4) - return (MIN(sq->max_inline, ETHER_HDR_LEN + - ETHER_VLAN_ENCAP_LEN + 4)); + min_inline += 4; break; + default: + goto max_inline; } - return (MIN(sq->max_inline, mb->m_pkthdr.len)); + + /* + * m_copydata() will be used on the remaining header which + * does not need to reside within the first m_len bytes of + * data: + */ + if (mb->m_pkthdr.len < min_inline) + goto max_inline; + return (min_inline); + +max_inline: + return (MIN(mb->m_pkthdr.len, sq->max_inline)); } static int -mlx5e_get_header_size(struct mbuf *mb) +mlx5e_get_full_header_size(struct mbuf *mb) { struct ether_vlan_header *eh; struct tcphdr *th; @@ -210,31 +229,46 @@ mlx5e_get_header_size(struct mbuf *mb) if (mb->m_len < ETHER_HDR_LEN) return (0); if (eh->evl_encap_proto == htons(ETHERTYPE_VLAN)) { + if (mb->m_len < (ETHER_HDR_LEN + ETHER_VLAN_ENCAP_LEN)) + return (0); eth_type = ntohs(eh->evl_proto); eth_hdr_len = ETHER_HDR_LEN + ETHER_VLAN_ENCAP_LEN; } else { eth_type = ntohs(eh->evl_encap_proto); eth_hdr_len = ETHER_HDR_LEN; } - if (mb->m_len < eth_hdr_len) - return (0); switch (eth_type) { case ETHERTYPE_IP: ip = (struct ip *)(mb->m_data + eth_hdr_len); if (mb->m_len < eth_hdr_len + sizeof(*ip)) return (0); - if (ip->ip_p != IPPROTO_TCP) + switch (ip->ip_p) { + case IPPROTO_TCP: + ip_hlen = ip->ip_hl << 2; + eth_hdr_len += ip_hlen; + break; + case IPPROTO_UDP: + ip_hlen = ip->ip_hl << 2; + eth_hdr_len += ip_hlen + 8; + goto done; + default: return (0); - ip_hlen = ip->ip_hl << 2; - eth_hdr_len += ip_hlen; + } break; case ETHERTYPE_IPV6: ip6 = (struct ip6_hdr *)(mb->m_data + eth_hdr_len); if (mb->m_len < eth_hdr_len + sizeof(*ip6)) return (0); - if (ip6->ip6_nxt != IPPROTO_TCP) + switch (ip6->ip6_nxt) { + case IPPROTO_TCP: + eth_hdr_len += sizeof(*ip6); + break; + case IPPROTO_UDP: + eth_hdr_len += sizeof(*ip6) + 8; + goto done; + default: return (0); - eth_hdr_len += sizeof(*ip6); + } break; default: return (0); @@ -244,15 +278,17 @@ mlx5e_get_header_size(struct mbuf *mb) th = (struct tcphdr *)(mb->m_data + eth_hdr_len); tcp_hlen = th->th_off << 2; eth_hdr_len += tcp_hlen; - if (mb->m_len < eth_hdr_len) +done: + /* + * m_copydata() will be used on the remaining header which + * does not need to reside within the first m_len bytes of + * data: + */ + if (mb->m_pkthdr.len < eth_hdr_len) return (0); return (eth_hdr_len); } -/* - * The return value is not going back to the stack because of - * the drbr - */ static int mlx5e_sq_xmit(struct mlx5e_sq *sq, struct mbuf **mbp) { @@ -269,13 +305,9 @@ mlx5e_sq_xmit(struct mlx5e_sq *sq, struct mbuf **mbp) u16 pi; u8 opcode; - /* - * Return ENOBUFS if the queue is full, this may trigger reinsertion - * of the mbuf into the drbr (see mlx5e_xmit_locked) - */ - if (unlikely(!mlx5e_sq_has_room_for(sq, 2 * MLX5_SEND_WQE_MAX_WQEBBS))) { + /* Return ENOBUFS if the queue is full */ + if (unlikely(!mlx5e_sq_has_room_for(sq, 2 * MLX5_SEND_WQE_MAX_WQEBBS))) return (ENOBUFS); - } /* Align SQ edge with NOPs to avoid WQE wrap around */ pi = ((~sq->pc) & sq->wq.sz_m1); @@ -314,7 +346,11 @@ mlx5e_sq_xmit(struct mlx5e_sq *sq, struct mbuf **mbp) wqe->eth.mss = cpu_to_be16(mss); opcode = MLX5_OPCODE_LSO; - ihs = mlx5e_get_header_size(mb); + ihs = mlx5e_get_full_header_size(mb); + if (unlikely(ihs == 0)) { + err = EINVAL; + goto tx_drop; + } payload_len = mb->m_pkthdr.len - ihs; if (payload_len == 0) num_pkts = 1; @@ -326,46 +362,72 @@ mlx5e_sq_xmit(struct mlx5e_sq *sq, struct mbuf **mbp) sq->stats.tso_bytes += payload_len; } else { opcode = MLX5_OPCODE_SEND; - ihs = mlx5e_get_inline_hdr_size(sq, mb); + + switch (sq->min_inline_mode) { + case MLX5_INLINE_MODE_IP: + case MLX5_INLINE_MODE_TCP_UDP: + ihs = mlx5e_get_full_header_size(mb); + if (unlikely(ihs == 0)) + ihs = mlx5e_get_l2_header_size(sq, mb); + break; + case MLX5_INLINE_MODE_L2: + ihs = mlx5e_get_l2_header_size(sq, mb); + break; + case MLX5_INLINE_MODE_NONE: + /* FALLTHROUGH */ + default: + if ((mb->m_flags & M_VLANTAG) != 0 && + (sq->min_insert_caps & MLX5E_INSERT_VLAN) != 0) { + /* inlining VLAN data is not required */ + wqe->eth.vlan_cmd = htons(0x8000); /* bit 0 CVLAN */ + wqe->eth.vlan_hdr = htons(mb->m_pkthdr.ether_vtag); + ihs = 0; + } else if ((mb->m_flags & M_VLANTAG) == 0 && + (sq->min_insert_caps & MLX5E_INSERT_NON_VLAN) != 0) { + /* inlining non-VLAN data is not required */ + ihs = 0; + } else { + /* we are forced to inlining L2 header, if any */ + ihs = mlx5e_get_l2_header_size(sq, mb); + } + break; + } sq->mbuf[pi].num_bytes = max_t (unsigned int, mb->m_pkthdr.len, ETHER_MIN_LEN - ETHER_CRC_LEN); } - if (ihs == 0) { - if ((mb->m_flags & M_VLANTAG) != 0) { - wqe->eth.vlan_cmd = htons(0x8000); /* bit 0 CVLAN */ - wqe->eth.vlan_hdr = htons(mb->m_pkthdr.ether_vtag); - } else { - wqe->eth.inline_hdr_sz = 0; + + if (likely(ihs == 0)) { + /* nothing to inline */ + } else if (unlikely(ihs > sq->max_inline)) { + /* inline header size is too big */ + err = EINVAL; + goto tx_drop; + } else if ((mb->m_flags & M_VLANTAG) != 0) { + struct ether_vlan_header *eh = (struct ether_vlan_header *) + wqe->eth.inline_hdr_start; + + /* Range checks */ + if (unlikely(ihs > (MLX5E_MAX_TX_INLINE - ETHER_VLAN_ENCAP_LEN))) + ihs = (MLX5E_MAX_TX_INLINE - ETHER_VLAN_ENCAP_LEN); + else if (unlikely(ihs < ETHER_HDR_LEN)) { + err = EINVAL; + goto tx_drop; } + m_copydata(mb, 0, ETHER_HDR_LEN, (caddr_t)eh); + m_adj(mb, ETHER_HDR_LEN); + /* Insert 4 bytes VLAN tag into data stream */ + eh->evl_proto = eh->evl_encap_proto; + eh->evl_encap_proto = htons(ETHERTYPE_VLAN); + eh->evl_tag = htons(mb->m_pkthdr.ether_vtag); + /* Copy rest of header data, if any */ + m_copydata(mb, 0, ihs - ETHER_HDR_LEN, (caddr_t)(eh + 1)); + m_adj(mb, ihs - ETHER_HDR_LEN); + /* Extend header by 4 bytes */ + ihs += ETHER_VLAN_ENCAP_LEN; + wqe->eth.inline_hdr_sz = cpu_to_be16(ihs); } else { - if ((mb->m_flags & M_VLANTAG) != 0) { - struct ether_vlan_header *eh = (struct ether_vlan_header - *)wqe->eth.inline_hdr_start; - - /* Range checks */ - if (ihs > (MLX5E_MAX_TX_INLINE - ETHER_VLAN_ENCAP_LEN)) - ihs = (MLX5E_MAX_TX_INLINE - - ETHER_VLAN_ENCAP_LEN); - else if (ihs < ETHER_HDR_LEN) { - err = EINVAL; - goto tx_drop; - } - m_copydata(mb, 0, ETHER_HDR_LEN, (caddr_t)eh); - m_adj(mb, ETHER_HDR_LEN); - /* Insert 4 bytes VLAN tag into data stream */ - eh->evl_proto = eh->evl_encap_proto; - eh->evl_encap_proto = htons(ETHERTYPE_VLAN); - eh->evl_tag = htons(mb->m_pkthdr.ether_vtag); - /* Copy rest of header data, if any */ - m_copydata(mb, 0, ihs - ETHER_HDR_LEN, (caddr_t)(eh + - 1)); - m_adj(mb, ihs - ETHER_HDR_LEN); - /* Extend header by 4 bytes */ - ihs += ETHER_VLAN_ENCAP_LEN; - } else { - m_copydata(mb, 0, ihs, wqe->eth.inline_hdr_start); - m_adj(mb, ihs); - } + m_copydata(mb, 0, ihs, wqe->eth.inline_hdr_start); + m_adj(mb, ihs); wqe->eth.inline_hdr_sz = cpu_to_be16(ihs); } @@ -432,7 +494,10 @@ mlx5e_sq_xmit(struct mlx5e_sq *sq, struct mbuf **mbp) sq->mbuf[pi].num_wqebbs = DIV_ROUND_UP(ds_cnt, MLX5_SEND_WQEBB_NUM_DS); sq->pc += sq->mbuf[pi].num_wqebbs; + /* Count all traffic going out */ sq->stats.packets++; + sq->stats.bytes += sq->mbuf[pi].num_bytes; + *mbp = NULL; /* safety clear */ return (0); @@ -497,72 +562,15 @@ mlx5e_poll_tx_cq(struct mlx5e_sq *sq, int budget) atomic_thread_fence_rel(); sq->cc = sqcc; - - if (sq->sq_tq != NULL && - atomic_cmpset_int(&sq->queue_state, MLX5E_SQ_FULL, MLX5E_SQ_READY)) - taskqueue_enqueue(sq->sq_tq, &sq->sq_task); } static int mlx5e_xmit_locked(struct ifnet *ifp, struct mlx5e_sq *sq, struct mbuf *mb) { - struct mbuf *next; int err = 0; - if (likely(mb != NULL)) { - /* - * If we can't insert mbuf into drbr, try to xmit anyway. - * We keep the error we got so we could return that after xmit. - */ - err = drbr_enqueue(ifp, sq->br, mb); - } - - /* - * Check if the network interface is closed or if the SQ is - * being stopped: - */ if (unlikely((ifp->if_drv_flags & IFF_DRV_RUNNING) == 0 || - sq->stopped != 0)) - return (err); - - /* Process the queue */ - while ((next = drbr_peek(ifp, sq->br)) != NULL) { - if (mlx5e_sq_xmit(sq, &next) != 0) { - if (next != NULL) { - drbr_putback(ifp, sq->br, next); - atomic_store_rel_int(&sq->queue_state, MLX5E_SQ_FULL); - break; - } - } - drbr_advance(ifp, sq->br); - } - /* Check if we need to write the doorbell */ - if (likely(sq->doorbell.d64 != 0)) { - mlx5e_tx_notify_hw(sq, sq->doorbell.d32, 0); - sq->doorbell.d64 = 0; - } - /* - * Check if we need to start the event timer which flushes the - * transmit ring on timeout: - */ - if (unlikely(sq->cev_next_state == MLX5E_CEV_STATE_INITIAL && - sq->cev_factor != 1)) { - /* start the timer */ - mlx5e_sq_cev_timeout(sq); - } else { - /* don't send NOPs yet */ - sq->cev_next_state = MLX5E_CEV_STATE_HOLD_NOPS; - } - return (err); -} - -static int -mlx5e_xmit_locked_no_br(struct ifnet *ifp, struct mlx5e_sq *sq, struct mbuf *mb) -{ - int err = 0; - - if (unlikely((ifp->if_drv_flags & IFF_DRV_RUNNING) == 0 || - sq->stopped != 0)) { + READ_ONCE(sq->running) == 0)) { m_freem(mb); return (ENETDOWN); } @@ -601,41 +609,38 @@ mlx5e_xmit(struct ifnet *ifp, struct mbuf *mb) struct mlx5e_sq *sq; int ret; - sq = mlx5e_select_queue(ifp, mb); - if (unlikely(sq == NULL)) { -#ifdef RATELIMIT - /* Check for route change */ - if (mb->m_pkthdr.snd_tag != NULL && - mb->m_pkthdr.snd_tag->ifp != ifp) { + if (mb->m_pkthdr.snd_tag != NULL) { + sq = mlx5e_select_queue_by_send_tag(ifp, mb); + if (unlikely(sq == NULL)) { + /* Check for route change */ + if (mb->m_pkthdr.snd_tag->ifp != ifp) { + /* Free mbuf */ + m_freem(mb); + + /* + * Tell upper layers about route + * change and to re-transmit this + * packet: + */ + return (EAGAIN); + } + goto select_queue; + } + } else { +select_queue: + sq = mlx5e_select_queue(ifp, mb); + if (unlikely(sq == NULL)) { /* Free mbuf */ m_freem(mb); - /* - * Tell upper layers about route change and to - * re-transmit this packet: - */ - return (EAGAIN); + /* Invalid send queue */ + return (ENXIO); } -#endif - /* Free mbuf */ - m_freem(mb); - - /* Invalid send queue */ - return (ENXIO); } - if (unlikely(sq->br == NULL)) { - /* rate limited traffic */ - mtx_lock(&sq->lock); - ret = mlx5e_xmit_locked_no_br(ifp, sq, mb); - mtx_unlock(&sq->lock); - } else if (mtx_trylock(&sq->lock)) { - ret = mlx5e_xmit_locked(ifp, sq, mb); - mtx_unlock(&sq->lock); - } else { - ret = drbr_enqueue(ifp, sq->br, mb); - taskqueue_enqueue(sq->sq_tq, &sq->sq_task); - } + mtx_lock(&sq->lock); + ret = mlx5e_xmit_locked(ifp, sq, mb); + mtx_unlock(&sq->lock); return (ret); } @@ -650,17 +655,3 @@ mlx5e_tx_cq_comp(struct mlx5_core_cq *mcq) mlx5e_cq_arm(&sq->cq, MLX5_GET_DOORBELL_LOCK(&sq->priv->doorbell_lock)); mtx_unlock(&sq->comp_lock); } - -void -mlx5e_tx_que(void *context, int pending) -{ - struct mlx5e_sq *sq = context; - struct ifnet *ifp = sq->ifp; - - if (ifp->if_drv_flags & IFF_DRV_RUNNING) { - mtx_lock(&sq->lock); - if (!drbr_empty(ifp, sq->br)) - mlx5e_xmit_locked(ifp, sq, NULL); - mtx_unlock(&sq->lock); - } -} diff --git a/sys/dev/mlx5/mlx5_fpga/cmd.h b/sys/dev/mlx5/mlx5_fpga/cmd.h new file mode 100644 index 000000000000..830793597d60 --- /dev/null +++ b/sys/dev/mlx5/mlx5_fpga/cmd.h @@ -0,0 +1,86 @@ +/*- + * Copyright (c) 2017, Mellanox Technologies, Ltd. All rights reserved. + * + * This software is available to you under a choice of one of two + * licenses. You may choose to be licensed under the terms of the GNU + * General Public License (GPL) Version 2, available from the file + * COPYING in the main directory of this source tree, or the + * OpenIB.org BSD license below: + * + * Redistribution and use in source and binary forms, with or + * without modification, are permitted provided that the following + * conditions are met: + * + * - Redistributions of source code must retain the above + * copyright notice, this list of conditions and the following + * disclaimer. + * + * - Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials + * provided with the distribution. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS + * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN + * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + * SOFTWARE. + * + * $FreeBSD$ + */ + +#ifndef __MLX5_FPGA_H__ +#define __MLX5_FPGA_H__ + +#include <linux/in6.h> +#include <dev/mlx5/driver.h> +#include <dev/mlx5/mlx5io.h> + +enum mlx5_fpga_qpc_field_select { + MLX5_FPGA_QPC_STATE = BIT(0), +}; + +struct mlx5_fpga_qp_counters { + u64 rx_ack_packets; + u64 rx_send_packets; + u64 tx_ack_packets; + u64 tx_send_packets; + u64 rx_total_drop; +}; + +struct mlx5_fpga_shell_counters { + u64 ddr_read_requests; + u64 ddr_write_requests; + u64 ddr_read_bytes; + u64 ddr_write_bytes; +}; + +int mlx5_fpga_caps(struct mlx5_core_dev *dev); +int mlx5_fpga_query(struct mlx5_core_dev *dev, struct mlx5_fpga_query *query); +int mlx5_fpga_query_mtmp(struct mlx5_core_dev *dev, + struct mlx5_fpga_temperature *temp); +int mlx5_fpga_ctrl_op(struct mlx5_core_dev *dev, u8 op); +int mlx5_fpga_access_reg(struct mlx5_core_dev *dev, u8 size, u64 addr, + void *buf, bool write); +int mlx5_fpga_sbu_caps(struct mlx5_core_dev *dev, void *caps, int size); +int mlx5_fpga_load(struct mlx5_core_dev *dev, enum mlx5_fpga_image image); +int mlx5_fpga_image_select(struct mlx5_core_dev *dev, + enum mlx5_fpga_image image); +int mlx5_fpga_ctrl_connect(struct mlx5_core_dev *dev, + enum mlx5_fpga_connect *connect); +int mlx5_fpga_shell_counters(struct mlx5_core_dev *dev, bool clear, + struct mlx5_fpga_shell_counters *data); + +int mlx5_fpga_create_qp(struct mlx5_core_dev *dev, void *fpga_qpc, + u32 *fpga_qpn); +int mlx5_fpga_modify_qp(struct mlx5_core_dev *dev, u32 fpga_qpn, + enum mlx5_fpga_qpc_field_select fields, void *fpga_qpc); +int mlx5_fpga_query_qp(struct mlx5_core_dev *dev, u32 fpga_qpn, void *fpga_qpc); +int mlx5_fpga_query_qp_counters(struct mlx5_core_dev *dev, u32 fpga_qpn, + bool clear, struct mlx5_fpga_qp_counters *data); +int mlx5_fpga_destroy_qp(struct mlx5_core_dev *dev, u32 fpga_qpn); + +#endif /* __MLX5_FPGA_H__ */ diff --git a/sys/dev/mlx5/mlx5_fpga/conn.h b/sys/dev/mlx5/mlx5_fpga/conn.h new file mode 100644 index 000000000000..d888f1ad311c --- /dev/null +++ b/sys/dev/mlx5/mlx5_fpga/conn.h @@ -0,0 +1,97 @@ +/*- + * Copyright (c) 2017 Mellanox Technologies. All rights reserved. + * + * This software is available to you under a choice of one of two + * licenses. You may choose to be licensed under the terms of the GNU + * General Public License (GPL) Version 2, available from the file + * COPYING in the main directory of this source tree, or the + * OpenIB.org BSD license below: + * + * Redistribution and use in source and binary forms, with or + * without modification, are permitted provided that the following + * conditions are met: + * + * - Redistributions of source code must retain the above + * copyright notice, this list of conditions and the following + * disclaimer. + * + * - Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials + * provided with the distribution. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS + * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN + * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + * SOFTWARE. + * + * $FreeBSD$ + */ + +#ifndef __MLX5_FPGA_CONN_H__ +#define __MLX5_FPGA_CONN_H__ + +#include <dev/mlx5/cq.h> +#include <dev/mlx5/qp.h> +#include <dev/mlx5/mlx5_fpga/core.h> +#include <dev/mlx5/mlx5_fpga/sdk.h> +#include <dev/mlx5/mlx5_core/wq.h> +#include <linux/interrupt.h> + +struct mlx5_fpga_conn { + struct mlx5_fpga_device *fdev; + + void (*recv_cb)(void *cb_arg, struct mlx5_fpga_dma_buf *buf); + void *cb_arg; + + /* FPGA QP */ + u32 fpga_qpc[MLX5_ST_SZ_DW(fpga_qpc)]; + u32 fpga_qpn; + + /* CQ */ + struct { + struct mlx5_cqwq wq; + struct mlx5_frag_wq_ctrl wq_ctrl; + struct mlx5_core_cq mcq; + struct tasklet_struct tasklet; + } cq; + + /* QP */ + struct { + bool active; + int sgid_index; + struct mlx5_wq_qp wq; + struct mlx5_wq_ctrl wq_ctrl; + struct mlx5_core_qp mqp; + struct { + spinlock_t lock; /* Protects all SQ state */ + unsigned int pc; + unsigned int cc; + unsigned int size; + struct mlx5_fpga_dma_buf **bufs; + struct list_head backlog; + } sq; + struct { + unsigned int pc; + unsigned int cc; + unsigned int size; + struct mlx5_fpga_dma_buf **bufs; + } rq; + } qp; +}; + +int mlx5_fpga_conn_device_init(struct mlx5_fpga_device *fdev); +void mlx5_fpga_conn_device_cleanup(struct mlx5_fpga_device *fdev); +struct mlx5_fpga_conn * +mlx5_fpga_conn_create(struct mlx5_fpga_device *fdev, + struct mlx5_fpga_conn_attr *attr, + enum mlx5_ifc_fpga_qp_type qp_type); +void mlx5_fpga_conn_destroy(struct mlx5_fpga_conn *conn); +int mlx5_fpga_conn_send(struct mlx5_fpga_conn *conn, + struct mlx5_fpga_dma_buf *buf); + +#endif /* __MLX5_FPGA_CONN_H__ */ diff --git a/sys/dev/mlx5/mlx5_fpga/core.h b/sys/dev/mlx5/mlx5_fpga/core.h new file mode 100644 index 000000000000..cb3dc05524f5 --- /dev/null +++ b/sys/dev/mlx5/mlx5_fpga/core.h @@ -0,0 +1,141 @@ +/*- + * Copyright (c) 2017, Mellanox Technologies, Ltd. All rights reserved. + * + * This software is available to you under a choice of one of two + * licenses. You may choose to be licensed under the terms of the GNU + * General Public License (GPL) Version 2, available from the file + * COPYING in the main directory of this source tree, or the + * OpenIB.org BSD license below: + * + * Redistribution and use in source and binary forms, with or + * without modification, are permitted provided that the following + * conditions are met: + * + * - Redistributions of source code must retain the above + * copyright notice, this list of conditions and the following + * disclaimer. + * + * - Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials + * provided with the distribution. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS + * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN + * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + * SOFTWARE. + * + * $FreeBSD$ + */ + +#ifndef __MLX5_FPGA_CORE_H__ +#define __MLX5_FPGA_CORE_H__ + +#ifdef CONFIG_MLX5_FPGA + +#include <dev/mlx5/mlx5_fpga/cmd.h> +#include <dev/mlx5/mlx5_fpga/sdk.h> + +/* Represents client-specific and Innova device-specific information */ +struct mlx5_fpga_client_data { + struct list_head list; + struct mlx5_fpga_client *client; + void *data; + bool added; +}; + +enum mlx5_fdev_state { + MLX5_FDEV_STATE_SUCCESS = 0, + MLX5_FDEV_STATE_FAILURE = 1, + MLX5_FDEV_STATE_IN_PROGRESS = 2, + MLX5_FDEV_STATE_DISCONNECTED = 3, + MLX5_FDEV_STATE_NONE = 0xFFFF, +}; + +/* Represents an Innova device */ +struct mlx5_fpga_device { + struct mlx5_core_dev *mdev; + struct completion load_event; + spinlock_t state_lock; /* Protects state transitions */ + enum mlx5_fdev_state fdev_state; + enum mlx5_fpga_status image_status; + enum mlx5_fpga_image last_admin_image; + enum mlx5_fpga_image last_oper_image; + + /* QP Connection resources */ + struct { + u32 pdn; + struct mlx5_core_mkey mkey; + struct mlx5_uars_page *uar; + } conn_res; + + struct mlx5_fpga_ipsec *ipsec; + + struct list_head list; + struct list_head client_data_list; + + /* Shell Transactions state */ + struct mlx5_fpga_conn *shell_conn; + struct mlx5_fpga_trans_device_state *trans; +}; + +#define mlx5_fpga_dbg(__adev, format, ...) \ + dev_dbg(&(__adev)->mdev->pdev->dev, "FPGA: %s:%d:(pid %d): " format, \ + __func__, __LINE__, current->pid, ##__VA_ARGS__) + +#define mlx5_fpga_err(__adev, format, ...) \ + dev_err(&(__adev)->mdev->pdev->dev, "FPGA: %s:%d:(pid %d): " format, \ + __func__, __LINE__, current->pid, ##__VA_ARGS__) + +#define mlx5_fpga_warn(__adev, format, ...) \ + dev_warn(&(__adev)->mdev->pdev->dev, "FPGA: %s:%d:(pid %d): " format, \ + __func__, __LINE__, current->pid, ##__VA_ARGS__) + +#define mlx5_fpga_warn_ratelimited(__adev, format, ...) \ + dev_warn_ratelimited(&(__adev)->mdev->pdev->dev, "FPGA: %s:%d: " \ + format, __func__, __LINE__, ##__VA_ARGS__) + +#define mlx5_fpga_notice(__adev, format, ...) \ + dev_notice(&(__adev)->mdev->pdev->dev, "FPGA: " format, ##__VA_ARGS__) + +#define mlx5_fpga_info(__adev, format, ...) \ + dev_info(&(__adev)->mdev->pdev->dev, "FPGA: " format, ##__VA_ARGS__) + +int mlx5_fpga_init(struct mlx5_core_dev *mdev); +void mlx5_fpga_cleanup(struct mlx5_core_dev *mdev); +int mlx5_fpga_device_start(struct mlx5_core_dev *mdev); +void mlx5_fpga_device_stop(struct mlx5_core_dev *mdev); +void mlx5_fpga_event(struct mlx5_core_dev *mdev, u8 event, void *data); + +#else + +static inline int mlx5_fpga_init(struct mlx5_core_dev *mdev) +{ + return 0; +} + +static inline void mlx5_fpga_cleanup(struct mlx5_core_dev *mdev) +{ +} + +static inline int mlx5_fpga_device_start(struct mlx5_core_dev *mdev) +{ + return 0; +} + +static inline void mlx5_fpga_device_stop(struct mlx5_core_dev *mdev) +{ +} + +static inline void mlx5_fpga_event(struct mlx5_core_dev *mdev, u8 event, + void *data) +{ +} + +#endif + +#endif /* __MLX5_FPGA_CORE_H__ */ diff --git a/sys/dev/mlx5/mlx5_fpga/ipsec.h b/sys/dev/mlx5/mlx5_fpga/ipsec.h new file mode 100644 index 000000000000..856d72ec0d41 --- /dev/null +++ b/sys/dev/mlx5/mlx5_fpga/ipsec.h @@ -0,0 +1,95 @@ +/*- + * Copyright (c) 2017 Mellanox Technologies. All rights reserved. + * + * This software is available to you under a choice of one of two + * licenses. You may choose to be licensed under the terms of the GNU + * General Public License (GPL) Version 2, available from the file + * COPYING in the main directory of this source tree, or the + * OpenIB.org BSD license below: + * + * Redistribution and use in source and binary forms, with or + * without modification, are permitted provided that the following + * conditions are met: + * + * - Redistributions of source code must retain the above + * copyright notice, this list of conditions and the following + * disclaimer. + * + * - Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials + * provided with the distribution. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS + * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN + * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + * SOFTWARE. + * + * $FreeBSD$ + */ + +#ifndef __MLX5_FPGA_IPSEC_H__ +#define __MLX5_FPGA_IPSEC_H__ + +#include <dev/mlx5/mlx5_accel/ipsec.h> + +#ifdef CONFIG_MLX5_FPGA + +void *mlx5_fpga_ipsec_sa_cmd_exec(struct mlx5_core_dev *mdev, + struct mlx5_accel_ipsec_sa *cmd); +int mlx5_fpga_ipsec_sa_cmd_wait(void *context); + +u32 mlx5_fpga_ipsec_device_caps(struct mlx5_core_dev *mdev); +unsigned int mlx5_fpga_ipsec_counters_count(struct mlx5_core_dev *mdev); +int mlx5_fpga_ipsec_counters_read(struct mlx5_core_dev *mdev, u64 *counters, + unsigned int counters_count); + +int mlx5_fpga_ipsec_init(struct mlx5_core_dev *mdev); +void mlx5_fpga_ipsec_cleanup(struct mlx5_core_dev *mdev); + +#else + +static inline void *mlx5_fpga_ipsec_sa_cmd_exec(struct mlx5_core_dev *mdev, + struct mlx5_accel_ipsec_sa *cmd) +{ + return ERR_PTR(-EOPNOTSUPP); +} + +static inline int mlx5_fpga_ipsec_sa_cmd_wait(void *context) +{ + return -EOPNOTSUPP; +} + +static inline u32 mlx5_fpga_ipsec_device_caps(struct mlx5_core_dev *mdev) +{ + return 0; +} + +static inline unsigned int +mlx5_fpga_ipsec_counters_count(struct mlx5_core_dev *mdev) +{ + return 0; +} + +static inline int mlx5_fpga_ipsec_counters_read(struct mlx5_core_dev *mdev, + u64 *counters) +{ + return 0; +} + +static inline int mlx5_fpga_ipsec_init(struct mlx5_core_dev *mdev) +{ + return 0; +} + +static inline void mlx5_fpga_ipsec_cleanup(struct mlx5_core_dev *mdev) +{ +} + +#endif /* CONFIG_MLX5_FPGA */ + +#endif /* __MLX5_FPGA_SADB_H__ */ diff --git a/sys/dev/mlx5/mlx5_fpga/mlx5_ifc_fpga.h b/sys/dev/mlx5/mlx5_fpga/mlx5_ifc_fpga.h new file mode 100644 index 000000000000..5682525405fa --- /dev/null +++ b/sys/dev/mlx5/mlx5_fpga/mlx5_ifc_fpga.h @@ -0,0 +1,502 @@ +/*- + * Copyright (c) 2017, Mellanox Technologies, Ltd. All rights reserved. + * + * This software is available to you under a choice of one of two + * licenses. You may choose to be licensed under the terms of the GNU + * General Public License (GPL) Version 2, available from the file + * COPYING in the main directory of this source tree, or the + * OpenIB.org BSD license below: + * + * Redistribution and use in source and binary forms, with or + * without modification, are permitted provided that the following + * conditions are met: + * + * - Redistributions of source code must retain the above + * copyright notice, this list of conditions and the following + * disclaimer. + * + * - Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials + * provided with the distribution. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS + * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN + * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + * SOFTWARE. + * + * $FreeBSD$ + */ + +#ifndef MLX5_IFC_FPGA_H +#define MLX5_IFC_FPGA_H + +enum { + MLX5_FPGA_CAP_SANDBOX_VENDOR_ID_MLNX = 0x2c9, +}; + +enum { + MLX5_FPGA_CAP_SANDBOX_PRODUCT_ID_EXAMPLE = 0x1, + MLX5_FPGA_CAP_SANDBOX_PRODUCT_ID_IPSEC = 0x2, + MLX5_FPGA_CAP_SANDBOX_PRODUCT_ID_TLS = 0x3, +}; + +enum { + MLX5_FPGA_SHELL_CAPS_QP_TYPE_SHELL_QP = 0x1, + MLX5_FPGA_SHELL_CAPS_QP_TYPE_SANDBOX_QP = 0x2, +}; + +struct mlx5_ifc_fpga_shell_caps_bits { + u8 max_num_qps[0x10]; + u8 reserved_at_10[0x8]; + u8 total_rcv_credits[0x8]; + + u8 reserved_at_20[0xe]; + u8 qp_type[0x2]; + u8 reserved_at_30[0x5]; + u8 rae[0x1]; + u8 rwe[0x1]; + u8 rre[0x1]; + u8 reserved_at_38[0x4]; + u8 dc[0x1]; + u8 ud[0x1]; + u8 uc[0x1]; + u8 rc[0x1]; + + u8 reserved_at_40[0x1a]; + u8 log_ddr_size[0x6]; + + u8 max_fpga_qp_msg_size[0x20]; + + u8 reserved_at_80[0x180]; +}; + +struct mlx5_ifc_fpga_cap_bits { + u8 fpga_id[0x8]; + u8 fpga_device[0x18]; + + u8 register_file_ver[0x20]; + + u8 fpga_ctrl_modify[0x1]; + u8 reserved_at_41[0x5]; + u8 access_reg_query_mode[0x2]; + u8 reserved_at_48[0x6]; + u8 access_reg_modify_mode[0x2]; + u8 reserved_at_50[0x10]; + + u8 reserved_at_60[0x20]; + + u8 image_version[0x20]; + + u8 image_date[0x20]; + + u8 image_time[0x20]; + + u8 shell_version[0x20]; + + u8 reserved_at_100[0x80]; + + struct mlx5_ifc_fpga_shell_caps_bits shell_caps; + + u8 reserved_at_380[0x8]; + u8 ieee_vendor_id[0x18]; + + u8 sandbox_product_version[0x10]; + u8 sandbox_product_id[0x10]; + + u8 sandbox_basic_caps[0x20]; + + u8 reserved_at_3e0[0x10]; + u8 sandbox_extended_caps_len[0x10]; + + u8 sandbox_extended_caps_addr[0x40]; + + u8 fpga_ddr_start_addr[0x40]; + + u8 fpga_cr_space_start_addr[0x40]; + + u8 fpga_ddr_size[0x20]; + + u8 fpga_cr_space_size[0x20]; + + u8 reserved_at_500[0x300]; +}; + +enum { + MLX5_FPGA_CTRL_OPERATION_LOAD = 0x1, + MLX5_FPGA_CTRL_OPERATION_RESET = 0x2, + MLX5_FPGA_CTRL_OPERATION_FLASH_SELECT = 0x3, + MLX5_FPGA_CTRL_OPERATION_SANDBOX_BYPASS_ON = 0x4, + MLX5_FPGA_CTRL_OPERATION_SANDBOX_BYPASS_OFF = 0x5, + MLX5_FPGA_CTRL_OPERATION_RESET_SANDBOX = 0x6, + MLX5_FPGA_CTRL_OPERATION_DISCONNECT = 0x9, + MLX5_FPGA_CTRL_OPERATION_CONNECT = 0xA, +}; + +struct mlx5_ifc_fpga_ctrl_bits { + u8 reserved_at_0[0x8]; + u8 operation[0x8]; + u8 reserved_at_10[0x8]; + u8 status[0x8]; + + u8 reserved_at_20[0x8]; + u8 flash_select_admin[0x8]; + u8 reserved_at_30[0x8]; + u8 flash_select_oper[0x8]; + + u8 reserved_at_40[0x40]; +}; + +enum { + MLX5_FPGA_ERROR_EVENT_SYNDROME_CORRUPTED_DDR = 0x1, + MLX5_FPGA_ERROR_EVENT_SYNDROME_FLASH_TIMEOUT = 0x2, + MLX5_FPGA_ERROR_EVENT_SYNDROME_INTERNAL_LINK_ERROR = 0x3, + MLX5_FPGA_ERROR_EVENT_SYNDROME_WATCHDOG_FAILURE = 0x4, + MLX5_FPGA_ERROR_EVENT_SYNDROME_I2C_FAILURE = 0x5, + MLX5_FPGA_ERROR_EVENT_SYNDROME_IMAGE_CHANGED = 0x6, + MLX5_FPGA_ERROR_EVENT_SYNDROME_TEMPERATURE_CRITICAL = 0x7, +}; + +struct mlx5_ifc_fpga_error_event_bits { + u8 reserved_at_0[0x40]; + + u8 reserved_at_40[0x18]; + u8 syndrome[0x8]; + + u8 reserved_at_60[0x80]; +}; + +#define MLX5_FPGA_ACCESS_REG_SIZE_MAX 64 + +struct mlx5_ifc_fpga_access_reg_bits { + u8 reserved_at_0[0x20]; + + u8 reserved_at_20[0x10]; + u8 size[0x10]; + + u8 address[0x40]; + + u8 data[0][0x8]; +}; + +enum mlx5_ifc_fpga_qp_state { + MLX5_FPGA_QPC_STATE_INIT = 0x0, + MLX5_FPGA_QPC_STATE_ACTIVE = 0x1, + MLX5_FPGA_QPC_STATE_ERROR = 0x2, +}; + +enum mlx5_ifc_fpga_qp_type { + MLX5_FPGA_QPC_QP_TYPE_SHELL_QP = 0x0, + MLX5_FPGA_QPC_QP_TYPE_SANDBOX_QP = 0x1, +}; + +enum mlx5_ifc_fpga_qp_service_type { + MLX5_FPGA_QPC_ST_RC = 0x0, +}; + +struct mlx5_ifc_fpga_qpc_bits { + u8 state[0x4]; + u8 reserved_at_4[0x1b]; + u8 qp_type[0x1]; + + u8 reserved_at_20[0x4]; + u8 st[0x4]; + u8 reserved_at_28[0x10]; + u8 traffic_class[0x8]; + + u8 ether_type[0x10]; + u8 prio[0x3]; + u8 dei[0x1]; + u8 vid[0xc]; + + u8 reserved_at_60[0x20]; + + u8 reserved_at_80[0x8]; + u8 next_rcv_psn[0x18]; + + u8 reserved_at_a0[0x8]; + u8 next_send_psn[0x18]; + + u8 reserved_at_c0[0x10]; + u8 pkey[0x10]; + + u8 reserved_at_e0[0x8]; + u8 remote_qpn[0x18]; + + u8 reserved_at_100[0x15]; + u8 rnr_retry[0x3]; + u8 reserved_at_118[0x5]; + u8 retry_count[0x3]; + + u8 reserved_at_120[0x20]; + + u8 reserved_at_140[0x10]; + u8 remote_mac_47_32[0x10]; + + u8 remote_mac_31_0[0x20]; + + u8 remote_ip[16][0x8]; + + u8 reserved_at_200[0x40]; + + u8 reserved_at_240[0x10]; + u8 fpga_mac_47_32[0x10]; + + u8 fpga_mac_31_0[0x20]; + + u8 fpga_ip[16][0x8]; +}; + +struct mlx5_ifc_fpga_create_qp_in_bits { + u8 opcode[0x10]; + u8 reserved_at_10[0x10]; + + u8 reserved_at_20[0x10]; + u8 op_mod[0x10]; + + u8 reserved_at_40[0x40]; + + struct mlx5_ifc_fpga_qpc_bits fpga_qpc; +}; + +struct mlx5_ifc_fpga_create_qp_out_bits { + u8 status[0x8]; + u8 reserved_at_8[0x18]; + + u8 syndrome[0x20]; + + u8 reserved_at_40[0x8]; + u8 fpga_qpn[0x18]; + + u8 reserved_at_60[0x20]; + + struct mlx5_ifc_fpga_qpc_bits fpga_qpc; +}; + +struct mlx5_ifc_fpga_modify_qp_in_bits { + u8 opcode[0x10]; + u8 reserved_at_10[0x10]; + + u8 reserved_at_20[0x10]; + u8 op_mod[0x10]; + + u8 reserved_at_40[0x8]; + u8 fpga_qpn[0x18]; + + u8 field_select[0x20]; + + struct mlx5_ifc_fpga_qpc_bits fpga_qpc; +}; + +struct mlx5_ifc_fpga_modify_qp_out_bits { + u8 status[0x8]; + u8 reserved_at_8[0x18]; + + u8 syndrome[0x20]; + + u8 reserved_at_40[0x40]; +}; + +struct mlx5_ifc_fpga_query_qp_in_bits { + u8 opcode[0x10]; + u8 reserved_at_10[0x10]; + + u8 reserved_at_20[0x10]; + u8 op_mod[0x10]; + + u8 reserved_at_40[0x8]; + u8 fpga_qpn[0x18]; + + u8 reserved_at_60[0x20]; +}; + +struct mlx5_ifc_fpga_query_qp_out_bits { + u8 status[0x8]; + u8 reserved_at_8[0x18]; + + u8 syndrome[0x20]; + + u8 reserved_at_40[0x40]; + + struct mlx5_ifc_fpga_qpc_bits fpga_qpc; +}; + +struct mlx5_ifc_fpga_query_qp_counters_in_bits { + u8 opcode[0x10]; + u8 reserved_at_10[0x10]; + + u8 reserved_at_20[0x10]; + u8 op_mod[0x10]; + + u8 clear[0x1]; + u8 reserved_at_41[0x7]; + u8 fpga_qpn[0x18]; + + u8 reserved_at_60[0x20]; +}; + +struct mlx5_ifc_fpga_query_qp_counters_out_bits { + u8 status[0x8]; + u8 reserved_at_8[0x18]; + + u8 syndrome[0x20]; + + u8 reserved_at_40[0x40]; + + u8 rx_ack_packets[0x40]; + + u8 rx_send_packets[0x40]; + + u8 tx_ack_packets[0x40]; + + u8 tx_send_packets[0x40]; + + u8 rx_total_drop[0x40]; + + u8 reserved_at_1c0[0x1c0]; +}; + +struct mlx5_ifc_fpga_destroy_qp_in_bits { + u8 opcode[0x10]; + u8 reserved_at_10[0x10]; + + u8 reserved_at_20[0x10]; + u8 op_mod[0x10]; + + u8 reserved_at_40[0x8]; + u8 fpga_qpn[0x18]; + + u8 reserved_at_60[0x20]; +}; + +struct mlx5_ifc_fpga_destroy_qp_out_bits { + u8 status[0x8]; + u8 reserved_at_8[0x18]; + + u8 syndrome[0x20]; + + u8 reserved_at_40[0x40]; +}; + +struct mlx5_ifc_ipsec_extended_cap_bits { + u8 encapsulation[0x20]; + + u8 reserved_0[0x15]; + u8 ipv4_fragment[0x1]; + u8 ipv6[0x1]; + u8 esn[0x1]; + u8 lso[0x1]; + u8 transport_and_tunnel_mode[0x1]; + u8 tunnel_mode[0x1]; + u8 transport_mode[0x1]; + u8 ah_esp[0x1]; + u8 esp[0x1]; + u8 ah[0x1]; + u8 ipv4_options[0x1]; + + u8 auth_alg[0x20]; + + u8 enc_alg[0x20]; + + u8 sa_cap[0x20]; + + u8 reserved_1[0x10]; + u8 number_of_ipsec_counters[0x10]; + + u8 ipsec_counters_addr_low[0x20]; + u8 ipsec_counters_addr_high[0x20]; +}; + +struct mlx5_ifc_ipsec_counters_bits { + u8 dec_in_packets[0x40]; + + u8 dec_out_packets[0x40]; + + u8 dec_bypass_packets[0x40]; + + u8 enc_in_packets[0x40]; + + u8 enc_out_packets[0x40]; + + u8 enc_bypass_packets[0x40]; + + u8 drop_dec_packets[0x40]; + + u8 failed_auth_dec_packets[0x40]; + + u8 drop_enc_packets[0x40]; + + u8 success_add_sa[0x40]; + + u8 fail_add_sa[0x40]; + + u8 success_delete_sa[0x40]; + + u8 fail_delete_sa[0x40]; + + u8 dropped_cmd[0x40]; +}; + +struct mlx5_ifc_fpga_shell_counters_bits { + u8 reserved_0[0x20]; + + u8 clear[0x1]; + u8 reserved_1[0x1f]; + + u8 reserved_2[0x40]; + + u8 ddr_read_requests[0x40]; + + u8 ddr_write_requests[0x40]; + + u8 ddr_read_bytes[0x40]; + + u8 ddr_write_bytes[0x40]; + + u8 reserved_3[0x200]; +}; + +enum { + MLX5_FPGA_SHELL_QP_PACKET_TYPE_DDR_READ = 0x0, + MLX5_FPGA_SHELL_QP_PACKET_TYPE_DDR_WRITE = 0x1, + MLX5_FPGA_SHELL_QP_PACKET_TYPE_DDR_READ_RESPONSE = 0x2, + MLX5_FPGA_SHELL_QP_PACKET_TYPE_DDR_WRITE_RESPONSE = 0x3, +}; + +struct mlx5_ifc_fpga_shell_qp_packet_bits { + u8 version[0x4]; + u8 syndrome[0x4]; + u8 reserved_at_8[0x4]; + u8 type[0x4]; + u8 reserved_at_10[0x8]; + u8 tid[0x8]; + + u8 len[0x20]; + + u8 address[0x40]; + + u8 data[0][0x8]; +}; + +enum { + MLX5_FPGA_QP_ERROR_EVENT_SYNDROME_RETRY_COUNTER_EXPIRED = 0x1, + MLX5_FPGA_QP_ERROR_EVENT_SYNDROME_RNR_EXPIRED = 0x2, +}; + +struct mlx5_ifc_fpga_qp_error_event_bits { + u8 reserved_0[0x40]; + + u8 reserved_1[0x18]; + u8 syndrome[0x8]; + + u8 reserved_2[0x60]; + + u8 reserved_3[0x8]; + u8 fpga_qpn[0x18]; +}; + +#endif /* MLX5_IFC_FPGA_H */ diff --git a/sys/dev/mlx5/mlx5_fpga/mlx5fpga_cmd.c b/sys/dev/mlx5/mlx5_fpga/mlx5fpga_cmd.c new file mode 100644 index 000000000000..cc9e2dc1047e --- /dev/null +++ b/sys/dev/mlx5/mlx5_fpga/mlx5fpga_cmd.c @@ -0,0 +1,349 @@ +/*- + * Copyright (c) 2017, Mellanox Technologies. All rights reserved. + * + * This software is available to you under a choice of one of two + * licenses. You may choose to be licensed under the terms of the GNU + * General Public License (GPL) Version 2, available from the file + * COPYING in the main directory of this source tree, or the + * OpenIB.org BSD license below: + * + * Redistribution and use in source and binary forms, with or + * without modification, are permitted provided that the following + * conditions are met: + * + * - Redistributions of source code must retain the above + * copyright notice, this list of conditions and the following + * disclaimer. + * + * - Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials + * provided with the distribution. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS + * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN + * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + * SOFTWARE. + * + * $FreeBSD$ + */ + +#include <dev/mlx5/cmd.h> +#include <dev/mlx5/driver.h> +#include <dev/mlx5/device.h> +#include <dev/mlx5/mlx5_core/mlx5_core.h> +#include <dev/mlx5/mlx5_fpga/cmd.h> +#include <dev/mlx5/mlx5_fpga/core.h> + +#define MLX5_FPGA_ACCESS_REG_SZ (MLX5_ST_SZ_DW(fpga_access_reg) + \ + MLX5_FPGA_ACCESS_REG_SIZE_MAX) + +int mlx5_fpga_access_reg(struct mlx5_core_dev *dev, u8 size, u64 addr, + void *buf, bool write) +{ + u32 in[MLX5_FPGA_ACCESS_REG_SZ] = {0}; + u32 out[MLX5_FPGA_ACCESS_REG_SZ]; + int err; + + if (size & 3) + return -EINVAL; + if (addr & 3) + return -EINVAL; + if (size > MLX5_FPGA_ACCESS_REG_SIZE_MAX) + return -EINVAL; + + MLX5_SET(fpga_access_reg, in, size, size); + MLX5_SET64(fpga_access_reg, in, address, addr); + if (write) + memcpy(MLX5_ADDR_OF(fpga_access_reg, in, data), buf, size); + + err = mlx5_core_access_reg(dev, in, sizeof(in), out, sizeof(out), + MLX5_REG_FPGA_ACCESS_REG, 0, write); + if (err) + return err; + + if (!write) + memcpy(buf, MLX5_ADDR_OF(fpga_access_reg, out, data), size); + + return 0; +} + +int mlx5_fpga_caps(struct mlx5_core_dev *dev) +{ + u32 in[MLX5_ST_SZ_DW(fpga_cap)] = {0}; + + return mlx5_core_access_reg(dev, in, sizeof(in), dev->caps.fpga, + MLX5_ST_SZ_BYTES(fpga_cap), + MLX5_REG_FPGA_CAP, 0, 0); +} + +int mlx5_fpga_ctrl_op(struct mlx5_core_dev *dev, u8 op) +{ + u32 in[MLX5_ST_SZ_DW(fpga_ctrl)] = {0}; + u32 out[MLX5_ST_SZ_DW(fpga_ctrl)]; + + MLX5_SET(fpga_ctrl, in, operation, op); + + return mlx5_core_access_reg(dev, in, sizeof(in), out, sizeof(out), + MLX5_REG_FPGA_CTRL, 0, true); +} + +int mlx5_fpga_sbu_caps(struct mlx5_core_dev *dev, void *caps, int size) +{ + unsigned int cap_size = MLX5_CAP_FPGA(dev, sandbox_extended_caps_len); + u64 addr = MLX5_CAP64_FPGA(dev, sandbox_extended_caps_addr); + unsigned int read; + int ret = 0; + + if (cap_size > size) { + mlx5_core_warn(dev, "Not enough buffer %u for FPGA SBU caps %u", + size, cap_size); + return -EINVAL; + } + + while (cap_size > 0) { + read = min_t(unsigned int, cap_size, + MLX5_FPGA_ACCESS_REG_SIZE_MAX); + + ret = mlx5_fpga_access_reg(dev, read, addr, caps, false); + if (ret) { + mlx5_core_warn(dev, "Error reading FPGA SBU caps %u bytes at address %#jx: %d", + read, (uintmax_t)addr, ret); + return ret; + } + + cap_size -= read; + addr += read; + caps += read; + } + + return ret; +} + +static int mlx5_fpga_ctrl_write(struct mlx5_core_dev *dev, u8 op, + enum mlx5_fpga_image image) +{ + u32 in[MLX5_ST_SZ_DW(fpga_ctrl)] = {0}; + u32 out[MLX5_ST_SZ_DW(fpga_ctrl)]; + + MLX5_SET(fpga_ctrl, in, operation, op); + MLX5_SET(fpga_ctrl, in, flash_select_admin, image); + + return mlx5_core_access_reg(dev, in, sizeof(in), out, sizeof(out), + MLX5_REG_FPGA_CTRL, 0, true); +} + +int mlx5_fpga_load(struct mlx5_core_dev *dev, enum mlx5_fpga_image image) +{ + return mlx5_fpga_ctrl_write(dev, MLX5_FPGA_CTRL_OPERATION_LOAD, image); +} + +int mlx5_fpga_image_select(struct mlx5_core_dev *dev, + enum mlx5_fpga_image image) +{ + return mlx5_fpga_ctrl_write(dev, MLX5_FPGA_CTRL_OPERATION_FLASH_SELECT, image); +} + +int mlx5_fpga_query(struct mlx5_core_dev *dev, struct mlx5_fpga_query *query) +{ + u32 in[MLX5_ST_SZ_DW(fpga_ctrl)] = {0}; + u32 out[MLX5_ST_SZ_DW(fpga_ctrl)]; + int err; + + err = mlx5_core_access_reg(dev, in, sizeof(in), out, sizeof(out), + MLX5_REG_FPGA_CTRL, 0, false); + if (err) + return err; + + query->image_status = MLX5_GET(fpga_ctrl, out, status); + query->admin_image = MLX5_GET(fpga_ctrl, out, flash_select_admin); + query->oper_image = MLX5_GET(fpga_ctrl, out, flash_select_oper); + return 0; +} + +int mlx5_fpga_ctrl_connect(struct mlx5_core_dev *dev, + enum mlx5_fpga_connect *connect) +{ + u32 in[MLX5_ST_SZ_DW(fpga_ctrl)] = {0}; + u32 out[MLX5_ST_SZ_DW(fpga_ctrl)]; + int status; + int err; + + if (*connect == MLX5_FPGA_CONNECT_QUERY) { + err = mlx5_core_access_reg(dev, in, sizeof(in), out, + sizeof(out), MLX5_REG_FPGA_CTRL, + 0, false); + if (err) + return err; + status = MLX5_GET(fpga_ctrl, out, status); + *connect = (status == MLX5_FDEV_STATE_DISCONNECTED) ? + MLX5_FPGA_CONNECT_DISCONNECT : + MLX5_FPGA_CONNECT_CONNECT; + } else { + MLX5_SET(fpga_ctrl, in, operation, *connect); + err = mlx5_core_access_reg(dev, in, sizeof(in), out, + sizeof(out), MLX5_REG_FPGA_CTRL, + 0, true); + } + return err; +} + +int mlx5_fpga_query_mtmp(struct mlx5_core_dev *dev, + struct mlx5_fpga_temperature *temp) +{ + u32 in[MLX5_ST_SZ_DW(mtmp_reg)] = {0}; + u32 out[MLX5_ST_SZ_DW(mtmp_reg)] = {0}; + int err; + + MLX5_SET(mtmp_reg, in, sensor_index, temp->index); + MLX5_SET(mtmp_reg, in, i, + ((temp->index < MLX5_FPGA_INTERNAL_SENSORS_LOW) || + (temp->index > MLX5_FPGA_INTERNAL_SENSORS_HIGH)) ? 1 : 0); + + err = mlx5_core_access_reg(dev, in, sizeof(in), out, sizeof(out), + MLX5_REG_MTMP, 0, false); + if (err) + return err; + + temp->index = MLX5_GET(mtmp_reg, out, sensor_index); + temp->temperature = MLX5_GET(mtmp_reg, out, temperature); + temp->mte = MLX5_GET(mtmp_reg, out, mte); + temp->max_temperature = MLX5_GET(mtmp_reg, out, max_temperature); + temp->tee = MLX5_GET(mtmp_reg, out, tee); + temp->temperature_threshold_hi = MLX5_GET(mtmp_reg, out, + temperature_threshold_hi); + temp->temperature_threshold_lo = MLX5_GET(mtmp_reg, out, + temperature_threshold_lo); + memcpy(temp->sensor_name, MLX5_ADDR_OF(mtmp_reg, out, sensor_name), + MLX5_FLD_SZ_BYTES(mtmp_reg, sensor_name)); + + return 0; +} + +int mlx5_fpga_create_qp(struct mlx5_core_dev *dev, void *fpga_qpc, + u32 *fpga_qpn) +{ + u32 in[MLX5_ST_SZ_DW(fpga_create_qp_in)] = {0}; + u32 out[MLX5_ST_SZ_DW(fpga_create_qp_out)]; + int ret; + + MLX5_SET(fpga_create_qp_in, in, opcode, MLX5_CMD_OP_FPGA_CREATE_QP); + memcpy(MLX5_ADDR_OF(fpga_create_qp_in, in, fpga_qpc), fpga_qpc, + MLX5_FLD_SZ_BYTES(fpga_create_qp_in, fpga_qpc)); + + ret = mlx5_cmd_exec(dev, in, sizeof(in), out, sizeof(out)); + if (ret) + return ret; + + memcpy(fpga_qpc, MLX5_ADDR_OF(fpga_create_qp_out, out, fpga_qpc), + MLX5_FLD_SZ_BYTES(fpga_create_qp_out, fpga_qpc)); + *fpga_qpn = MLX5_GET(fpga_create_qp_out, out, fpga_qpn); + return ret; +} + +int mlx5_fpga_modify_qp(struct mlx5_core_dev *dev, u32 fpga_qpn, + enum mlx5_fpga_qpc_field_select fields, + void *fpga_qpc) +{ + u32 in[MLX5_ST_SZ_DW(fpga_modify_qp_in)] = {0}; + u32 out[MLX5_ST_SZ_DW(fpga_modify_qp_out)]; + + MLX5_SET(fpga_modify_qp_in, in, opcode, MLX5_CMD_OP_FPGA_MODIFY_QP); + MLX5_SET(fpga_modify_qp_in, in, field_select, fields); + MLX5_SET(fpga_modify_qp_in, in, fpga_qpn, fpga_qpn); + memcpy(MLX5_ADDR_OF(fpga_modify_qp_in, in, fpga_qpc), fpga_qpc, + MLX5_FLD_SZ_BYTES(fpga_modify_qp_in, fpga_qpc)); + + return mlx5_cmd_exec(dev, in, sizeof(in), out, sizeof(out)); +} + +int mlx5_fpga_query_qp(struct mlx5_core_dev *dev, + u32 fpga_qpn, void *fpga_qpc) +{ + u32 in[MLX5_ST_SZ_DW(fpga_query_qp_in)] = {0}; + u32 out[MLX5_ST_SZ_DW(fpga_query_qp_out)]; + int ret; + + MLX5_SET(fpga_query_qp_in, in, opcode, MLX5_CMD_OP_FPGA_QUERY_QP); + MLX5_SET(fpga_query_qp_in, in, fpga_qpn, fpga_qpn); + + ret = mlx5_cmd_exec(dev, in, sizeof(in), out, sizeof(out)); + if (ret) + return ret; + + memcpy(fpga_qpc, MLX5_ADDR_OF(fpga_query_qp_out, out, fpga_qpc), + MLX5_FLD_SZ_BYTES(fpga_query_qp_out, fpga_qpc)); + return ret; +} + +int mlx5_fpga_destroy_qp(struct mlx5_core_dev *dev, u32 fpga_qpn) +{ + u32 in[MLX5_ST_SZ_DW(fpga_destroy_qp_in)] = {0}; + u32 out[MLX5_ST_SZ_DW(fpga_destroy_qp_out)]; + + MLX5_SET(fpga_destroy_qp_in, in, opcode, MLX5_CMD_OP_FPGA_DESTROY_QP); + MLX5_SET(fpga_destroy_qp_in, in, fpga_qpn, fpga_qpn); + + return mlx5_cmd_exec(dev, in, sizeof(in), out, sizeof(out)); +} + +int mlx5_fpga_query_qp_counters(struct mlx5_core_dev *dev, u32 fpga_qpn, + bool clear, struct mlx5_fpga_qp_counters *data) +{ + u32 in[MLX5_ST_SZ_DW(fpga_query_qp_counters_in)] = {0}; + u32 out[MLX5_ST_SZ_DW(fpga_query_qp_counters_out)]; + int ret; + + MLX5_SET(fpga_query_qp_counters_in, in, opcode, + MLX5_CMD_OP_FPGA_QUERY_QP_COUNTERS); + MLX5_SET(fpga_query_qp_counters_in, in, clear, clear); + MLX5_SET(fpga_query_qp_counters_in, in, fpga_qpn, fpga_qpn); + + ret = mlx5_cmd_exec(dev, in, sizeof(in), out, sizeof(out)); + if (ret) + return ret; + + data->rx_ack_packets = MLX5_GET64(fpga_query_qp_counters_out, out, + rx_ack_packets); + data->rx_send_packets = MLX5_GET64(fpga_query_qp_counters_out, out, + rx_send_packets); + data->tx_ack_packets = MLX5_GET64(fpga_query_qp_counters_out, out, + tx_ack_packets); + data->tx_send_packets = MLX5_GET64(fpga_query_qp_counters_out, out, + tx_send_packets); + data->rx_total_drop = MLX5_GET64(fpga_query_qp_counters_out, out, + rx_total_drop); + + return ret; +} + +int mlx5_fpga_shell_counters(struct mlx5_core_dev *dev, bool clear, + struct mlx5_fpga_shell_counters *data) +{ + u32 in[MLX5_ST_SZ_DW(fpga_shell_counters)] = {0}; + u32 out[MLX5_ST_SZ_DW(fpga_shell_counters)]; + int err; + + MLX5_SET(fpga_shell_counters, in, clear, clear); + err = mlx5_core_access_reg(dev, in, sizeof(in), out, sizeof(out), + MLX5_REG_FPGA_SHELL_CNTR, 0, false); + if (err) + goto out; + if (data) { + data->ddr_read_requests = MLX5_GET64(fpga_shell_counters, out, + ddr_read_requests); + data->ddr_write_requests = MLX5_GET64(fpga_shell_counters, out, + ddr_write_requests); + data->ddr_read_bytes = MLX5_GET64(fpga_shell_counters, out, + ddr_read_bytes); + data->ddr_write_bytes = MLX5_GET64(fpga_shell_counters, out, + ddr_write_bytes); + } + +out: + return err; +} diff --git a/sys/dev/mlx5/mlx5_fpga/mlx5fpga_conn.c b/sys/dev/mlx5/mlx5_fpga/mlx5fpga_conn.c new file mode 100644 index 000000000000..c2a03bbf5717 --- /dev/null +++ b/sys/dev/mlx5/mlx5_fpga/mlx5fpga_conn.c @@ -0,0 +1,1042 @@ +/*- + * Copyright (c) 2017 Mellanox Technologies. All rights reserved. + * + * This software is available to you under a choice of one of two + * licenses. You may choose to be licensed under the terms of the GNU + * General Public License (GPL) Version 2, available from the file + * COPYING in the main directory of this source tree, or the + * OpenIB.org BSD license below: + * + * Redistribution and use in source and binary forms, with or + * without modification, are permitted provided that the following + * conditions are met: + * + * - Redistributions of source code must retain the above + * copyright notice, this list of conditions and the following + * disclaimer. + * + * - Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials + * provided with the distribution. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS + * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN + * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + * SOFTWARE. + * + * $FreeBSD$ + */ + +#include <linux/etherdevice.h> +#include <dev/mlx5/vport.h> +#include <dev/mlx5/mlx5_core/mlx5_core.h> +#include <dev/mlx5/mlx5_lib/mlx5.h> +#include <dev/mlx5/mlx5_fpga/core.h> +#include <dev/mlx5/mlx5_fpga/conn.h> + +#define MLX5_FPGA_PKEY 0xFFFF +#define MLX5_FPGA_PKEY_INDEX 0 /* RoCE PKEY 0xFFFF is always at index 0 */ +#define MLX5_FPGA_RECV_SIZE 2048 +#define MLX5_FPGA_PORT_NUM 1 +#define MLX5_FPGA_CQ_BUDGET 64 + +static int mlx5_fpga_conn_map_buf(struct mlx5_fpga_conn *conn, + struct mlx5_fpga_dma_buf *buf) +{ + struct device *dma_device; + int err = 0; + + if (unlikely(!buf->sg[0].data)) + goto out; + + dma_device = &conn->fdev->mdev->pdev->dev; + buf->sg[0].dma_addr = dma_map_single(dma_device, buf->sg[0].data, + buf->sg[0].size, buf->dma_dir); + err = dma_mapping_error(dma_device, buf->sg[0].dma_addr); + if (unlikely(err)) { + mlx5_fpga_warn(conn->fdev, "DMA error on sg 0: %d\n", err); + err = -ENOMEM; + goto out; + } + + if (!buf->sg[1].data) + goto out; + + buf->sg[1].dma_addr = dma_map_single(dma_device, buf->sg[1].data, + buf->sg[1].size, buf->dma_dir); + err = dma_mapping_error(dma_device, buf->sg[1].dma_addr); + if (unlikely(err)) { + mlx5_fpga_warn(conn->fdev, "DMA error on sg 1: %d\n", err); + dma_unmap_single(dma_device, buf->sg[0].dma_addr, + buf->sg[0].size, buf->dma_dir); + err = -ENOMEM; + } + +out: + return err; +} + +static void mlx5_fpga_conn_unmap_buf(struct mlx5_fpga_conn *conn, + struct mlx5_fpga_dma_buf *buf) +{ + struct device *dma_device; + + dma_device = &conn->fdev->mdev->pdev->dev; + if (buf->sg[1].data) + dma_unmap_single(dma_device, buf->sg[1].dma_addr, + buf->sg[1].size, buf->dma_dir); + + if (likely(buf->sg[0].data)) + dma_unmap_single(dma_device, buf->sg[0].dma_addr, + buf->sg[0].size, buf->dma_dir); +} + +static int mlx5_fpga_conn_post_recv(struct mlx5_fpga_conn *conn, + struct mlx5_fpga_dma_buf *buf) +{ + struct mlx5_wqe_data_seg *data; + unsigned int ix; + int err = 0; + + err = mlx5_fpga_conn_map_buf(conn, buf); + if (unlikely(err)) + goto out; + + if (unlikely(conn->qp.rq.pc - conn->qp.rq.cc >= conn->qp.rq.size)) { + mlx5_fpga_conn_unmap_buf(conn, buf); + return -EBUSY; + } + + ix = conn->qp.rq.pc & (conn->qp.rq.size - 1); + data = mlx5_wq_cyc_get_wqe(&conn->qp.wq.rq, ix); + data->byte_count = cpu_to_be32(buf->sg[0].size); + data->lkey = cpu_to_be32(conn->fdev->conn_res.mkey.key); + data->addr = cpu_to_be64(buf->sg[0].dma_addr); + + conn->qp.rq.pc++; + conn->qp.rq.bufs[ix] = buf; + + /* Make sure that descriptors are written before doorbell record. */ + dma_wmb(); + *conn->qp.wq.rq.db = cpu_to_be32(conn->qp.rq.pc & 0xffff); +out: + return err; +} + +static void mlx5_fpga_conn_notify_hw(struct mlx5_fpga_conn *conn, void *wqe) +{ + /* ensure wqe is visible to device before updating doorbell record */ + dma_wmb(); + *conn->qp.wq.sq.db = cpu_to_be32(conn->qp.sq.pc); + /* Make sure that doorbell record is visible before ringing */ + wmb(); + mlx5_write64(wqe, conn->fdev->conn_res.uar->map + MLX5_BF_OFFSET, NULL); +} + +static void mlx5_fpga_conn_post_send(struct mlx5_fpga_conn *conn, + struct mlx5_fpga_dma_buf *buf) +{ + struct mlx5_wqe_ctrl_seg *ctrl; + struct mlx5_wqe_data_seg *data; + unsigned int ix, sgi; + int size = 1; + + ix = conn->qp.sq.pc & (conn->qp.sq.size - 1); + + ctrl = mlx5_wq_cyc_get_wqe(&conn->qp.wq.sq, ix); + data = (void *)(ctrl + 1); + + for (sgi = 0; sgi < ARRAY_SIZE(buf->sg); sgi++) { + if (!buf->sg[sgi].data) + break; + data->byte_count = cpu_to_be32(buf->sg[sgi].size); + data->lkey = cpu_to_be32(conn->fdev->conn_res.mkey.key); + data->addr = cpu_to_be64(buf->sg[sgi].dma_addr); + data++; + size++; + } + + ctrl->imm = 0; + ctrl->fm_ce_se = MLX5_WQE_CTRL_CQ_UPDATE; + ctrl->opmod_idx_opcode = cpu_to_be32(((conn->qp.sq.pc & 0xffff) << 8) | + MLX5_OPCODE_SEND); + ctrl->qpn_ds = cpu_to_be32(size | (conn->qp.mqp.qpn << 8)); + + conn->qp.sq.pc++; + conn->qp.sq.bufs[ix] = buf; + mlx5_fpga_conn_notify_hw(conn, ctrl); +} + +int mlx5_fpga_conn_send(struct mlx5_fpga_conn *conn, + struct mlx5_fpga_dma_buf *buf) +{ + unsigned long flags; + int err; + + if (!conn->qp.active) + return -ENOTCONN; + + err = mlx5_fpga_conn_map_buf(conn, buf); + if (err) + return err; + + spin_lock_irqsave(&conn->qp.sq.lock, flags); + + if (conn->qp.sq.pc - conn->qp.sq.cc >= conn->qp.sq.size) { + list_add_tail(&buf->list, &conn->qp.sq.backlog); + goto out_unlock; + } + + mlx5_fpga_conn_post_send(conn, buf); + +out_unlock: + spin_unlock_irqrestore(&conn->qp.sq.lock, flags); + return err; +} + +static int mlx5_fpga_conn_post_recv_buf(struct mlx5_fpga_conn *conn) +{ + struct mlx5_fpga_dma_buf *buf; + int err; + + buf = kzalloc(sizeof(*buf) + MLX5_FPGA_RECV_SIZE, 0); + if (!buf) + return -ENOMEM; + + buf->sg[0].data = (void *)(buf + 1); + buf->sg[0].size = MLX5_FPGA_RECV_SIZE; + buf->dma_dir = DMA_FROM_DEVICE; + + err = mlx5_fpga_conn_post_recv(conn, buf); + if (err) + kfree(buf); + + return err; +} + +static int mlx5_fpga_conn_create_mkey(struct mlx5_core_dev *mdev, u32 pdn, + struct mlx5_core_mkey *mkey) +{ + int inlen = MLX5_ST_SZ_BYTES(create_mkey_in); + void *mkc; + u32 *in; + int err; + + in = kvzalloc(inlen, GFP_KERNEL); + if (!in) + return -ENOMEM; + + mkc = MLX5_ADDR_OF(create_mkey_in, in, memory_key_mkey_entry); + MLX5_SET(mkc, mkc, access_mode_1_0, MLX5_MKC_ACCESS_MODE_PA); + MLX5_SET(mkc, mkc, lw, 1); + MLX5_SET(mkc, mkc, lr, 1); + + MLX5_SET(mkc, mkc, pd, pdn); + MLX5_SET(mkc, mkc, length64, 1); + MLX5_SET(mkc, mkc, qpn, 0xffffff); + + err = mlx5_core_create_mkey(mdev, mkey, in, inlen); + + kvfree(in); + return err; +} + +static void mlx5_fpga_conn_rq_cqe(struct mlx5_fpga_conn *conn, + struct mlx5_cqe64 *cqe, u8 status) +{ + struct mlx5_fpga_dma_buf *buf; + int ix, err; + + ix = be16_to_cpu(cqe->wqe_counter) & (conn->qp.rq.size - 1); + buf = conn->qp.rq.bufs[ix]; + conn->qp.rq.bufs[ix] = NULL; + if (!status) + buf->sg[0].size = be32_to_cpu(cqe->byte_cnt); + conn->qp.rq.cc++; + + if (unlikely(status && (status != MLX5_CQE_SYNDROME_WR_FLUSH_ERR))) + mlx5_fpga_warn(conn->fdev, "RQ buf %p on FPGA QP %u completion status %d\n", + buf, conn->fpga_qpn, status); + else + mlx5_fpga_dbg(conn->fdev, "RQ buf %p on FPGA QP %u completion status %d\n", + buf, conn->fpga_qpn, status); + + mlx5_fpga_conn_unmap_buf(conn, buf); + + if (unlikely(status || !conn->qp.active)) { + conn->qp.active = false; + kfree(buf); + return; + } + + mlx5_fpga_dbg(conn->fdev, "Message with %u bytes received successfully\n", + buf->sg[0].size); + conn->recv_cb(conn->cb_arg, buf); + + buf->sg[0].size = MLX5_FPGA_RECV_SIZE; + err = mlx5_fpga_conn_post_recv(conn, buf); + if (unlikely(err)) { + mlx5_fpga_warn(conn->fdev, + "Failed to re-post recv buf: %d\n", err); + kfree(buf); + } +} + +static void mlx5_fpga_conn_sq_cqe(struct mlx5_fpga_conn *conn, + struct mlx5_cqe64 *cqe, u8 status) +{ + struct mlx5_fpga_dma_buf *buf, *nextbuf; + unsigned long flags; + int ix; + + spin_lock_irqsave(&conn->qp.sq.lock, flags); + + ix = be16_to_cpu(cqe->wqe_counter) & (conn->qp.sq.size - 1); + buf = conn->qp.sq.bufs[ix]; + conn->qp.sq.bufs[ix] = NULL; + conn->qp.sq.cc++; + + /* Handle backlog still under the spinlock to ensure message post order */ + if (unlikely(!list_empty(&conn->qp.sq.backlog))) { + if (likely(conn->qp.active)) { + nextbuf = list_first_entry(&conn->qp.sq.backlog, + struct mlx5_fpga_dma_buf, list); + list_del(&nextbuf->list); + mlx5_fpga_conn_post_send(conn, nextbuf); + } + } + + spin_unlock_irqrestore(&conn->qp.sq.lock, flags); + + if (unlikely(status && (status != MLX5_CQE_SYNDROME_WR_FLUSH_ERR))) + mlx5_fpga_warn(conn->fdev, "SQ buf %p on FPGA QP %u completion status %d\n", + buf, conn->fpga_qpn, status); + else + mlx5_fpga_dbg(conn->fdev, "SQ buf %p on FPGA QP %u completion status %d\n", + buf, conn->fpga_qpn, status); + + mlx5_fpga_conn_unmap_buf(conn, buf); + + if (likely(buf->complete)) + buf->complete(conn, conn->fdev, buf, status); + + if (unlikely(status)) + conn->qp.active = false; +} + +static void mlx5_fpga_conn_handle_cqe(struct mlx5_fpga_conn *conn, + struct mlx5_cqe64 *cqe) +{ + u8 opcode, status = 0; + + opcode = cqe->op_own >> 4; + + switch (opcode) { + case MLX5_CQE_REQ_ERR: + status = ((struct mlx5_err_cqe *)cqe)->syndrome; + /* Fall through */ + case MLX5_CQE_REQ: + mlx5_fpga_conn_sq_cqe(conn, cqe, status); + break; + + case MLX5_CQE_RESP_ERR: + status = ((struct mlx5_err_cqe *)cqe)->syndrome; + /* Fall through */ + case MLX5_CQE_RESP_SEND: + mlx5_fpga_conn_rq_cqe(conn, cqe, status); + break; + default: + mlx5_fpga_warn(conn->fdev, "Unexpected cqe opcode %u\n", + opcode); + } +} + +static void mlx5_fpga_conn_arm_cq(struct mlx5_fpga_conn *conn) +{ + mlx5_cq_arm(&conn->cq.mcq, MLX5_CQ_DB_REQ_NOT, + conn->fdev->conn_res.uar->map, conn->cq.wq.cc); +} + +static void mlx5_fpga_conn_cq_event(struct mlx5_core_cq *mcq, + enum mlx5_event event) +{ + struct mlx5_fpga_conn *conn; + + conn = container_of(mcq, struct mlx5_fpga_conn, cq.mcq); + mlx5_fpga_warn(conn->fdev, "CQ event %u on CQ #%u\n", event, mcq->cqn); +} + +static void mlx5_fpga_conn_event(struct mlx5_core_qp *mqp, int event) +{ + struct mlx5_fpga_conn *conn; + + conn = container_of(mqp, struct mlx5_fpga_conn, qp.mqp); + mlx5_fpga_warn(conn->fdev, "QP event %u on QP #%u\n", event, mqp->qpn); +} + +static inline void mlx5_fpga_conn_cqes(struct mlx5_fpga_conn *conn, + unsigned int budget) +{ + struct mlx5_cqe64 *cqe; + + while (budget) { + cqe = mlx5_cqwq_get_cqe(&conn->cq.wq); + if (!cqe) + break; + + budget--; + mlx5_cqwq_pop(&conn->cq.wq); + mlx5_fpga_conn_handle_cqe(conn, cqe); + mlx5_cqwq_update_db_record(&conn->cq.wq); + } + if (!budget) { + tasklet_schedule(&conn->cq.tasklet); + return; + } + + mlx5_fpga_dbg(conn->fdev, "Re-arming CQ with cc# %u\n", conn->cq.wq.cc); + /* ensure cq space is freed before enabling more cqes */ + wmb(); + mlx5_fpga_conn_arm_cq(conn); +} + +static void mlx5_fpga_conn_cq_tasklet(unsigned long data) +{ + struct mlx5_fpga_conn *conn = (void *)data; + + if (unlikely(!conn->qp.active)) + return; + mlx5_fpga_conn_cqes(conn, MLX5_FPGA_CQ_BUDGET); +} + +static void mlx5_fpga_conn_cq_complete(struct mlx5_core_cq *mcq) +{ + struct mlx5_fpga_conn *conn; + + conn = container_of(mcq, struct mlx5_fpga_conn, cq.mcq); + if (unlikely(!conn->qp.active)) + return; + mlx5_fpga_conn_cqes(conn, MLX5_FPGA_CQ_BUDGET); +} + +static int mlx5_fpga_conn_create_cq(struct mlx5_fpga_conn *conn, int cq_size) +{ + struct mlx5_fpga_device *fdev = conn->fdev; + struct mlx5_core_dev *mdev = fdev->mdev; + u32 temp_cqc[MLX5_ST_SZ_DW(cqc)] = {0}; + struct mlx5_wq_param wqp; + struct mlx5_cqe64 *cqe; + int inlen, err, eqn; + unsigned int irqn; + void *cqc, *in; + __be64 *pas; + u32 i; + + cq_size = roundup_pow_of_two(cq_size); + MLX5_SET(cqc, temp_cqc, log_cq_size, ilog2(cq_size)); + + wqp.buf_numa_node = mdev->priv.numa_node; + wqp.db_numa_node = mdev->priv.numa_node; + + err = mlx5_cqwq_create(mdev, &wqp, temp_cqc, &conn->cq.wq, + &conn->cq.wq_ctrl); + if (err) + return err; + + for (i = 0; i < mlx5_cqwq_get_size(&conn->cq.wq); i++) { + cqe = mlx5_cqwq_get_wqe(&conn->cq.wq, i); + cqe->op_own = MLX5_CQE_INVALID << 4 | MLX5_CQE_OWNER_MASK; + } + + inlen = MLX5_ST_SZ_BYTES(create_cq_in) + + sizeof(u64) * conn->cq.wq_ctrl.frag_buf.npages; + in = kvzalloc(inlen, GFP_KERNEL); + if (!in) { + err = -ENOMEM; + goto err_cqwq; + } + + err = mlx5_vector2eqn(mdev, smp_processor_id(), &eqn, &irqn); + if (err) + goto err_cqwq; + + cqc = MLX5_ADDR_OF(create_cq_in, in, cq_context); + MLX5_SET(cqc, cqc, log_cq_size, ilog2(cq_size)); + MLX5_SET(cqc, cqc, c_eqn, eqn); + MLX5_SET(cqc, cqc, uar_page, fdev->conn_res.uar->index); + MLX5_SET(cqc, cqc, log_page_size, conn->cq.wq_ctrl.frag_buf.page_shift - + MLX5_ADAPTER_PAGE_SHIFT); + MLX5_SET64(cqc, cqc, dbr_addr, conn->cq.wq_ctrl.db.dma); + + pas = (__be64 *)MLX5_ADDR_OF(create_cq_in, in, pas); + mlx5_fill_page_frag_array(&conn->cq.wq_ctrl.frag_buf, pas); + + err = mlx5_core_create_cq(mdev, &conn->cq.mcq, in, inlen); + kvfree(in); + + if (err) + goto err_cqwq; + + conn->cq.mcq.cqe_sz = 64; + conn->cq.mcq.set_ci_db = conn->cq.wq_ctrl.db.db; + conn->cq.mcq.arm_db = conn->cq.wq_ctrl.db.db + 1; + *conn->cq.mcq.set_ci_db = 0; + *conn->cq.mcq.arm_db = 0; + conn->cq.mcq.vector = 0; + conn->cq.mcq.comp = mlx5_fpga_conn_cq_complete; + conn->cq.mcq.event = mlx5_fpga_conn_cq_event; + conn->cq.mcq.irqn = irqn; + conn->cq.mcq.uar = fdev->conn_res.uar; + tasklet_init(&conn->cq.tasklet, mlx5_fpga_conn_cq_tasklet, + (unsigned long)conn); + + mlx5_fpga_dbg(fdev, "Created CQ #0x%x\n", conn->cq.mcq.cqn); + + goto out; + +err_cqwq: + mlx5_cqwq_destroy(&conn->cq.wq_ctrl); +out: + return err; +} + +static void mlx5_fpga_conn_destroy_cq(struct mlx5_fpga_conn *conn) +{ + tasklet_disable(&conn->cq.tasklet); + tasklet_kill(&conn->cq.tasklet); + mlx5_core_destroy_cq(conn->fdev->mdev, &conn->cq.mcq); + mlx5_cqwq_destroy(&conn->cq.wq_ctrl); +} + +static int mlx5_fpga_conn_create_wq(struct mlx5_fpga_conn *conn, void *qpc) +{ + struct mlx5_fpga_device *fdev = conn->fdev; + struct mlx5_core_dev *mdev = fdev->mdev; + struct mlx5_wq_param wqp; + + wqp.buf_numa_node = mdev->priv.numa_node; + wqp.db_numa_node = mdev->priv.numa_node; + + return mlx5_wq_qp_create(mdev, &wqp, qpc, &conn->qp.wq, + &conn->qp.wq_ctrl); +} + +static int mlx5_fpga_conn_create_qp(struct mlx5_fpga_conn *conn, + unsigned int tx_size, unsigned int rx_size) +{ + struct mlx5_fpga_device *fdev = conn->fdev; + struct mlx5_core_dev *mdev = fdev->mdev; + u32 temp_qpc[MLX5_ST_SZ_DW(qpc)] = {0}; + void *in = NULL, *qpc; + int err, inlen; + + conn->qp.rq.pc = 0; + conn->qp.rq.cc = 0; + conn->qp.rq.size = roundup_pow_of_two(rx_size); + conn->qp.sq.pc = 0; + conn->qp.sq.cc = 0; + conn->qp.sq.size = roundup_pow_of_two(tx_size); + + MLX5_SET(qpc, temp_qpc, log_rq_stride, ilog2(MLX5_SEND_WQE_DS) - 4); + MLX5_SET(qpc, temp_qpc, log_rq_size, ilog2(conn->qp.rq.size)); + MLX5_SET(qpc, temp_qpc, log_sq_size, ilog2(conn->qp.sq.size)); + err = mlx5_fpga_conn_create_wq(conn, temp_qpc); + if (err) + goto out; + + conn->qp.rq.bufs = kvzalloc(sizeof(conn->qp.rq.bufs[0]) * + conn->qp.rq.size, GFP_KERNEL); + if (!conn->qp.rq.bufs) { + err = -ENOMEM; + goto err_wq; + } + + conn->qp.sq.bufs = kvzalloc(sizeof(conn->qp.sq.bufs[0]) * + conn->qp.sq.size, GFP_KERNEL); + if (!conn->qp.sq.bufs) { + err = -ENOMEM; + goto err_rq_bufs; + } + + inlen = MLX5_ST_SZ_BYTES(create_qp_in) + + MLX5_FLD_SZ_BYTES(create_qp_in, pas[0]) * + conn->qp.wq_ctrl.buf.npages; + in = kvzalloc(inlen, GFP_KERNEL); + if (!in) { + err = -ENOMEM; + goto err_sq_bufs; + } + + qpc = MLX5_ADDR_OF(create_qp_in, in, qpc); + MLX5_SET(qpc, qpc, uar_page, fdev->conn_res.uar->index); + MLX5_SET(qpc, qpc, log_page_size, + conn->qp.wq_ctrl.buf.page_shift - MLX5_ADAPTER_PAGE_SHIFT); + MLX5_SET(qpc, qpc, fre, 1); + MLX5_SET(qpc, qpc, rlky, 1); + MLX5_SET(qpc, qpc, st, MLX5_QP_ST_RC); + MLX5_SET(qpc, qpc, pm_state, MLX5_QP_PM_MIGRATED); + MLX5_SET(qpc, qpc, pd, fdev->conn_res.pdn); + MLX5_SET(qpc, qpc, log_rq_stride, ilog2(MLX5_SEND_WQE_DS) - 4); + MLX5_SET(qpc, qpc, log_rq_size, ilog2(conn->qp.rq.size)); + MLX5_SET(qpc, qpc, rq_type, MLX5_NON_ZERO_RQ); + MLX5_SET(qpc, qpc, log_sq_size, ilog2(conn->qp.sq.size)); + MLX5_SET(qpc, qpc, cqn_snd, conn->cq.mcq.cqn); + MLX5_SET(qpc, qpc, cqn_rcv, conn->cq.mcq.cqn); + MLX5_SET64(qpc, qpc, dbr_addr, conn->qp.wq_ctrl.db.dma); + if (MLX5_CAP_GEN(mdev, cqe_version) == 1) + MLX5_SET(qpc, qpc, user_index, 0xFFFFFF); + + mlx5_fill_page_array(&conn->qp.wq_ctrl.buf, + (__be64 *)MLX5_ADDR_OF(create_qp_in, in, pas)); + + err = mlx5_core_create_qp(mdev, &conn->qp.mqp, in, inlen); + if (err) + goto err_sq_bufs; + + conn->qp.mqp.event = mlx5_fpga_conn_event; + mlx5_fpga_dbg(fdev, "Created QP #0x%x\n", conn->qp.mqp.qpn); + + goto out; + +err_sq_bufs: + kvfree(conn->qp.sq.bufs); +err_rq_bufs: + kvfree(conn->qp.rq.bufs); +err_wq: + mlx5_wq_destroy(&conn->qp.wq_ctrl); +out: + kvfree(in); + return err; +} + +static void mlx5_fpga_conn_free_recv_bufs(struct mlx5_fpga_conn *conn) +{ + int ix; + + for (ix = 0; ix < conn->qp.rq.size; ix++) { + if (!conn->qp.rq.bufs[ix]) + continue; + mlx5_fpga_conn_unmap_buf(conn, conn->qp.rq.bufs[ix]); + kfree(conn->qp.rq.bufs[ix]); + conn->qp.rq.bufs[ix] = NULL; + } +} + +static void mlx5_fpga_conn_flush_send_bufs(struct mlx5_fpga_conn *conn) +{ + struct mlx5_fpga_dma_buf *buf, *temp; + int ix; + + for (ix = 0; ix < conn->qp.sq.size; ix++) { + buf = conn->qp.sq.bufs[ix]; + if (!buf) + continue; + conn->qp.sq.bufs[ix] = NULL; + mlx5_fpga_conn_unmap_buf(conn, buf); + if (!buf->complete) + continue; + buf->complete(conn, conn->fdev, buf, MLX5_CQE_SYNDROME_WR_FLUSH_ERR); + } + list_for_each_entry_safe(buf, temp, &conn->qp.sq.backlog, list) { + mlx5_fpga_conn_unmap_buf(conn, buf); + if (!buf->complete) + continue; + buf->complete(conn, conn->fdev, buf, MLX5_CQE_SYNDROME_WR_FLUSH_ERR); + } +} + +static void mlx5_fpga_conn_destroy_qp(struct mlx5_fpga_conn *conn) +{ + mlx5_core_destroy_qp(conn->fdev->mdev, &conn->qp.mqp); + mlx5_fpga_conn_free_recv_bufs(conn); + mlx5_fpga_conn_flush_send_bufs(conn); + kvfree(conn->qp.sq.bufs); + kvfree(conn->qp.rq.bufs); + mlx5_wq_destroy(&conn->qp.wq_ctrl); +} + +static inline int mlx5_fpga_conn_reset_qp(struct mlx5_fpga_conn *conn) +{ + struct mlx5_core_dev *mdev = conn->fdev->mdev; + + mlx5_fpga_dbg(conn->fdev, "Modifying QP %u to RST\n", conn->qp.mqp.qpn); + + return mlx5_core_qp_modify(mdev, MLX5_CMD_OP_2RST_QP, 0, NULL, + &conn->qp.mqp); +} + +static inline int mlx5_fpga_conn_init_qp(struct mlx5_fpga_conn *conn) +{ + struct mlx5_fpga_device *fdev = conn->fdev; + struct mlx5_core_dev *mdev = fdev->mdev; + u32 *qpc = NULL; + int err; + + mlx5_fpga_dbg(conn->fdev, "Modifying QP %u to INIT\n", conn->qp.mqp.qpn); + + qpc = kzalloc(MLX5_ST_SZ_BYTES(qpc), GFP_KERNEL); + if (!qpc) { + err = -ENOMEM; + goto out; + } + + MLX5_SET(qpc, qpc, st, MLX5_QP_ST_RC); + MLX5_SET(qpc, qpc, pm_state, MLX5_QP_PM_MIGRATED); + MLX5_SET(qpc, qpc, primary_address_path.pkey_index, MLX5_FPGA_PKEY_INDEX); + MLX5_SET(qpc, qpc, primary_address_path.port, MLX5_FPGA_PORT_NUM); + MLX5_SET(qpc, qpc, pd, conn->fdev->conn_res.pdn); + MLX5_SET(qpc, qpc, cqn_snd, conn->cq.mcq.cqn); + MLX5_SET(qpc, qpc, cqn_rcv, conn->cq.mcq.cqn); + MLX5_SET64(qpc, qpc, dbr_addr, conn->qp.wq_ctrl.db.dma); + + err = mlx5_core_qp_modify(mdev, MLX5_CMD_OP_RST2INIT_QP, 0, qpc, + &conn->qp.mqp); + if (err) { + mlx5_fpga_warn(fdev, "qp_modify RST2INIT failed: %d\n", err); + goto out; + } + +out: + kfree(qpc); + return err; +} + +static inline int mlx5_fpga_conn_rtr_qp(struct mlx5_fpga_conn *conn) +{ + struct mlx5_fpga_device *fdev = conn->fdev; + struct mlx5_core_dev *mdev = fdev->mdev; + u32 *qpc = NULL; + int err; + + mlx5_fpga_dbg(conn->fdev, "QP RTR\n"); + + qpc = kzalloc(MLX5_ST_SZ_BYTES(qpc), GFP_KERNEL); + if (!qpc) { + err = -ENOMEM; + goto out; + } + + MLX5_SET(qpc, qpc, mtu, MLX5_QPC_MTU_1K_BYTES); + MLX5_SET(qpc, qpc, log_msg_max, (u8)MLX5_CAP_GEN(mdev, log_max_msg)); + MLX5_SET(qpc, qpc, remote_qpn, conn->fpga_qpn); + MLX5_SET(qpc, qpc, next_rcv_psn, + MLX5_GET(fpga_qpc, conn->fpga_qpc, next_send_psn)); + MLX5_SET(qpc, qpc, primary_address_path.pkey_index, MLX5_FPGA_PKEY_INDEX); + MLX5_SET(qpc, qpc, primary_address_path.port, MLX5_FPGA_PORT_NUM); + ether_addr_copy(MLX5_ADDR_OF(qpc, qpc, primary_address_path.rmac_47_32), + MLX5_ADDR_OF(fpga_qpc, conn->fpga_qpc, fpga_mac_47_32)); + MLX5_SET(qpc, qpc, primary_address_path.udp_sport, + MLX5_CAP_ROCE(mdev, r_roce_min_src_udp_port)); + MLX5_SET(qpc, qpc, primary_address_path.src_addr_index, + conn->qp.sgid_index); + MLX5_SET(qpc, qpc, primary_address_path.hop_limit, 0); + memcpy(MLX5_ADDR_OF(qpc, qpc, primary_address_path.rgid_rip), + MLX5_ADDR_OF(fpga_qpc, conn->fpga_qpc, fpga_ip), + MLX5_FLD_SZ_BYTES(qpc, primary_address_path.rgid_rip)); + + err = mlx5_core_qp_modify(mdev, MLX5_CMD_OP_INIT2RTR_QP, 0, qpc, + &conn->qp.mqp); + if (err) { + mlx5_fpga_warn(fdev, "qp_modify RST2INIT failed: %d\n", err); + goto out; + } + +out: + kfree(qpc); + return err; +} + +static inline int mlx5_fpga_conn_rts_qp(struct mlx5_fpga_conn *conn) +{ + struct mlx5_fpga_device *fdev = conn->fdev; + struct mlx5_core_dev *mdev = fdev->mdev; + u32 *qpc = NULL; + u32 opt_mask; + int err; + + mlx5_fpga_dbg(conn->fdev, "QP RTS\n"); + + qpc = kzalloc(MLX5_ST_SZ_BYTES(qpc), GFP_KERNEL); + if (!qpc) { + err = -ENOMEM; + goto out; + } + + MLX5_SET(qpc, qpc, log_ack_req_freq, 8); + MLX5_SET(qpc, qpc, min_rnr_nak, 0x12); + MLX5_SET(qpc, qpc, primary_address_path.ack_timeout, 0x12); /* ~1.07s */ + MLX5_SET(qpc, qpc, next_send_psn, + MLX5_GET(fpga_qpc, conn->fpga_qpc, next_rcv_psn)); + MLX5_SET(qpc, qpc, retry_count, 7); + MLX5_SET(qpc, qpc, rnr_retry, 7); /* Infinite retry if RNR NACK */ + + opt_mask = MLX5_QP_OPTPAR_RNR_TIMEOUT; + err = mlx5_core_qp_modify(mdev, MLX5_CMD_OP_RTR2RTS_QP, opt_mask, qpc, + &conn->qp.mqp); + if (err) { + mlx5_fpga_warn(fdev, "qp_modify RST2INIT failed: %d\n", err); + goto out; + } + +out: + kfree(qpc); + return err; +} + +static int mlx5_fpga_conn_connect(struct mlx5_fpga_conn *conn) +{ + struct mlx5_fpga_device *fdev = conn->fdev; + int err; + + MLX5_SET(fpga_qpc, conn->fpga_qpc, state, MLX5_FPGA_QPC_STATE_ACTIVE); + err = mlx5_fpga_modify_qp(conn->fdev->mdev, conn->fpga_qpn, + MLX5_FPGA_QPC_STATE, &conn->fpga_qpc); + if (err) { + mlx5_fpga_err(fdev, "Failed to activate FPGA RC QP: %d\n", err); + goto out; + } + + err = mlx5_fpga_conn_reset_qp(conn); + if (err) { + mlx5_fpga_err(fdev, "Failed to change QP state to reset\n"); + goto err_fpga_qp; + } + + err = mlx5_fpga_conn_init_qp(conn); + if (err) { + mlx5_fpga_err(fdev, "Failed to modify QP from RESET to INIT\n"); + goto err_fpga_qp; + } + conn->qp.active = true; + + while (!mlx5_fpga_conn_post_recv_buf(conn)) + ; + + err = mlx5_fpga_conn_rtr_qp(conn); + if (err) { + mlx5_fpga_err(fdev, "Failed to change QP state from INIT to RTR\n"); + goto err_recv_bufs; + } + + err = mlx5_fpga_conn_rts_qp(conn); + if (err) { + mlx5_fpga_err(fdev, "Failed to change QP state from RTR to RTS\n"); + goto err_recv_bufs; + } + goto out; + +err_recv_bufs: + mlx5_fpga_conn_free_recv_bufs(conn); +err_fpga_qp: + MLX5_SET(fpga_qpc, conn->fpga_qpc, state, MLX5_FPGA_QPC_STATE_INIT); + if (mlx5_fpga_modify_qp(conn->fdev->mdev, conn->fpga_qpn, + MLX5_FPGA_QPC_STATE, &conn->fpga_qpc)) + mlx5_fpga_err(fdev, "Failed to revert FPGA QP to INIT\n"); +out: + return err; +} + +struct mlx5_fpga_conn *mlx5_fpga_conn_create(struct mlx5_fpga_device *fdev, + struct mlx5_fpga_conn_attr *attr, + enum mlx5_ifc_fpga_qp_type qp_type) +{ + struct mlx5_fpga_conn *ret, *conn; + u8 *remote_mac, *remote_ip; + int err; + + if (!attr->recv_cb) + return ERR_PTR(-EINVAL); + + conn = kzalloc(sizeof(*conn), GFP_KERNEL); + if (!conn) + return ERR_PTR(-ENOMEM); + + conn->fdev = fdev; + INIT_LIST_HEAD(&conn->qp.sq.backlog); + + spin_lock_init(&conn->qp.sq.lock); + + conn->recv_cb = attr->recv_cb; + conn->cb_arg = attr->cb_arg; + + remote_mac = MLX5_ADDR_OF(fpga_qpc, conn->fpga_qpc, remote_mac_47_32); + err = mlx5_query_nic_vport_mac_address(fdev->mdev, 0, remote_mac); + if (err) { + mlx5_fpga_err(fdev, "Failed to query local MAC: %d\n", err); + ret = ERR_PTR(err); + goto err; + } + + /* Build Modified EUI-64 IPv6 address from the MAC address */ + remote_ip = MLX5_ADDR_OF(fpga_qpc, conn->fpga_qpc, remote_ip); + remote_ip[0] = 0xfe; + remote_ip[1] = 0x80; + addrconf_addr_eui48(&remote_ip[8], remote_mac); + + err = mlx5_core_reserved_gid_alloc(fdev->mdev, &conn->qp.sgid_index); + if (err) { + mlx5_fpga_err(fdev, "Failed to allocate SGID: %d\n", err); + ret = ERR_PTR(err); + goto err; + } + + err = mlx5_core_roce_gid_set(fdev->mdev, conn->qp.sgid_index, + MLX5_ROCE_VERSION_2, + MLX5_ROCE_L3_TYPE_IPV6, + remote_ip, remote_mac, true, 0); + if (err) { + mlx5_fpga_err(fdev, "Failed to set SGID: %d\n", err); + ret = ERR_PTR(err); + goto err_rsvd_gid; + } + mlx5_fpga_dbg(fdev, "Reserved SGID index %u\n", conn->qp.sgid_index); + + /* Allow for one cqe per rx/tx wqe, plus one cqe for the next wqe, + * created during processing of the cqe + */ + err = mlx5_fpga_conn_create_cq(conn, + (attr->tx_size + attr->rx_size) * 2); + if (err) { + mlx5_fpga_err(fdev, "Failed to create CQ: %d\n", err); + ret = ERR_PTR(err); + goto err_gid; + } + + mlx5_fpga_conn_arm_cq(conn); + + err = mlx5_fpga_conn_create_qp(conn, attr->tx_size, attr->rx_size); + if (err) { + mlx5_fpga_err(fdev, "Failed to create QP: %d\n", err); + ret = ERR_PTR(err); + goto err_cq; + } + + MLX5_SET(fpga_qpc, conn->fpga_qpc, state, MLX5_FPGA_QPC_STATE_INIT); + MLX5_SET(fpga_qpc, conn->fpga_qpc, qp_type, qp_type); + MLX5_SET(fpga_qpc, conn->fpga_qpc, st, MLX5_FPGA_QPC_ST_RC); + MLX5_SET(fpga_qpc, conn->fpga_qpc, ether_type, ETH_P_8021Q); + MLX5_SET(fpga_qpc, conn->fpga_qpc, vid, 0); + MLX5_SET(fpga_qpc, conn->fpga_qpc, next_rcv_psn, 1); + MLX5_SET(fpga_qpc, conn->fpga_qpc, next_send_psn, 0); + MLX5_SET(fpga_qpc, conn->fpga_qpc, pkey, MLX5_FPGA_PKEY); + MLX5_SET(fpga_qpc, conn->fpga_qpc, remote_qpn, conn->qp.mqp.qpn); + MLX5_SET(fpga_qpc, conn->fpga_qpc, rnr_retry, 7); + MLX5_SET(fpga_qpc, conn->fpga_qpc, retry_count, 7); + + err = mlx5_fpga_create_qp(fdev->mdev, &conn->fpga_qpc, + &conn->fpga_qpn); + if (err) { + mlx5_fpga_err(fdev, "Failed to create FPGA RC QP: %d\n", err); + ret = ERR_PTR(err); + goto err_qp; + } + + err = mlx5_fpga_conn_connect(conn); + if (err) { + ret = ERR_PTR(err); + goto err_conn; + } + + mlx5_fpga_dbg(fdev, "FPGA QPN is %u\n", conn->fpga_qpn); + ret = conn; + goto out; + +err_conn: + mlx5_fpga_destroy_qp(conn->fdev->mdev, conn->fpga_qpn); +err_qp: + mlx5_fpga_conn_destroy_qp(conn); +err_cq: + mlx5_fpga_conn_destroy_cq(conn); +err_gid: + mlx5_core_roce_gid_set(fdev->mdev, conn->qp.sgid_index, 0, 0, NULL, + NULL, false, 0); +err_rsvd_gid: + mlx5_core_reserved_gid_free(fdev->mdev, conn->qp.sgid_index); +err: + kfree(conn); +out: + return ret; +} + +void mlx5_fpga_conn_destroy(struct mlx5_fpga_conn *conn) +{ + struct mlx5_fpga_device *fdev = conn->fdev; + struct mlx5_core_dev *mdev = fdev->mdev; + int err = 0; + + conn->qp.active = false; + tasklet_disable(&conn->cq.tasklet); + synchronize_irq(conn->cq.mcq.irqn); + + mlx5_fpga_destroy_qp(conn->fdev->mdev, conn->fpga_qpn); + err = mlx5_core_qp_modify(mdev, MLX5_CMD_OP_2ERR_QP, 0, NULL, + &conn->qp.mqp); + if (err) + mlx5_fpga_warn(fdev, "qp_modify 2ERR failed: %d\n", err); + mlx5_fpga_conn_destroy_qp(conn); + mlx5_fpga_conn_destroy_cq(conn); + + mlx5_core_roce_gid_set(conn->fdev->mdev, conn->qp.sgid_index, 0, 0, + NULL, NULL, false, 0); + mlx5_core_reserved_gid_free(conn->fdev->mdev, conn->qp.sgid_index); + kfree(conn); +} + +int mlx5_fpga_conn_device_init(struct mlx5_fpga_device *fdev) +{ + int err; + + err = mlx5_nic_vport_enable_roce(fdev->mdev); + if (err) { + mlx5_fpga_err(fdev, "Failed to enable RoCE: %d\n", err); + goto out; + } + + fdev->conn_res.uar = mlx5_get_uars_page(fdev->mdev); + if (IS_ERR(fdev->conn_res.uar)) { + err = PTR_ERR(fdev->conn_res.uar); + mlx5_fpga_err(fdev, "get_uars_page failed, %d\n", err); + goto err_roce; + } + mlx5_fpga_dbg(fdev, "Allocated UAR index %u\n", + fdev->conn_res.uar->index); + + err = mlx5_core_alloc_pd(fdev->mdev, &fdev->conn_res.pdn); + if (err) { + mlx5_fpga_err(fdev, "alloc pd failed, %d\n", err); + goto err_uar; + } + mlx5_fpga_dbg(fdev, "Allocated PD %u\n", fdev->conn_res.pdn); + + err = mlx5_fpga_conn_create_mkey(fdev->mdev, fdev->conn_res.pdn, + &fdev->conn_res.mkey); + if (err) { + mlx5_fpga_err(fdev, "create mkey failed, %d\n", err); + goto err_dealloc_pd; + } + mlx5_fpga_dbg(fdev, "Created mkey 0x%x\n", fdev->conn_res.mkey.key); + + return 0; + +err_dealloc_pd: + mlx5_core_dealloc_pd(fdev->mdev, fdev->conn_res.pdn); +err_uar: + mlx5_put_uars_page(fdev->mdev, fdev->conn_res.uar); +err_roce: + mlx5_nic_vport_disable_roce(fdev->mdev); +out: + return err; +} + +void mlx5_fpga_conn_device_cleanup(struct mlx5_fpga_device *fdev) +{ + mlx5_core_destroy_mkey(fdev->mdev, &fdev->conn_res.mkey); + mlx5_core_dealloc_pd(fdev->mdev, fdev->conn_res.pdn); + mlx5_put_uars_page(fdev->mdev, fdev->conn_res.uar); + mlx5_nic_vport_disable_roce(fdev->mdev); +} diff --git a/sys/dev/mlx5/mlx5_fpga/mlx5fpga_core.c b/sys/dev/mlx5/mlx5_fpga/mlx5fpga_core.c new file mode 100644 index 000000000000..402a212d2f3d --- /dev/null +++ b/sys/dev/mlx5/mlx5_fpga/mlx5fpga_core.c @@ -0,0 +1,575 @@ +/*- + * Copyright (c) 2017, Mellanox Technologies. All rights reserved. + * + * This software is available to you under a choice of one of two + * licenses. You may choose to be licensed under the terms of the GNU + * General Public License (GPL) Version 2, available from the file + * COPYING in the main directory of this source tree, or the + * OpenIB.org BSD license below: + * + * Redistribution and use in source and binary forms, with or + * without modification, are permitted provided that the following + * conditions are met: + * + * - Redistributions of source code must retain the above + * copyright notice, this list of conditions and the following + * disclaimer. + * + * - Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials + * provided with the distribution. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS + * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN + * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + * SOFTWARE. + * + * $FreeBSD$ + */ + +#include <linux/module.h> +#include <linux/etherdevice.h> +#include <dev/mlx5/driver.h> +#include <dev/mlx5/mlx5_core/mlx5_core.h> +#include <dev/mlx5/mlx5_lib/mlx5.h> +#include <dev/mlx5/mlx5_fpga/core.h> +#include <dev/mlx5/mlx5_fpga/conn.h> +#include <dev/mlx5/mlx5_fpga/trans.h> + +static LIST_HEAD(mlx5_fpga_devices); +static LIST_HEAD(mlx5_fpga_clients); +/* protects access between client un/registration and device add/remove calls */ +static DEFINE_MUTEX(mlx5_fpga_mutex); + +static const char *const mlx5_fpga_error_strings[] = { + "Null Syndrome", + "Corrupted DDR", + "Flash Timeout", + "Internal Link Error", + "Watchdog HW Failure", + "I2C Failure", + "Image Changed", + "Temperature Critical", +}; + +static const char * const mlx5_fpga_qp_error_strings[] = { + "Null Syndrome", + "Retry Counter Expired", + "RNR Expired", +}; + +static void client_context_destroy(struct mlx5_fpga_device *fdev, + struct mlx5_fpga_client_data *context) +{ + mlx5_fpga_dbg(fdev, "Deleting client context %p of client %p\n", + context, context->client); + if (context->client->destroy) + context->client->destroy(fdev); + list_del(&context->list); + kfree(context); +} + +static int client_context_create(struct mlx5_fpga_device *fdev, + struct mlx5_fpga_client *client, + struct mlx5_fpga_client_data **pctx) +{ + struct mlx5_fpga_client_data *context; + + context = kmalloc(sizeof(*context), GFP_KERNEL); + if (!context) + return -ENOMEM; + + context->client = client; + context->data = NULL; + context->added = false; + list_add(&context->list, &fdev->client_data_list); + + mlx5_fpga_dbg(fdev, "Adding client context %p client %p\n", + context, client); + + if (client->create) + client->create(fdev); + + if (pctx) + *pctx = context; + return 0; +} + +static struct mlx5_fpga_device *mlx5_fpga_device_alloc(void) +{ + struct mlx5_fpga_device *fdev = NULL; + + fdev = kzalloc(sizeof(*fdev), GFP_KERNEL); + if (!fdev) + return NULL; + + spin_lock_init(&fdev->state_lock); + init_completion(&fdev->load_event); + fdev->fdev_state = MLX5_FDEV_STATE_NONE; + INIT_LIST_HEAD(&fdev->client_data_list); + return fdev; +} + +static const char *mlx5_fpga_image_name(enum mlx5_fpga_image image) +{ + switch (image) { + case MLX5_FPGA_IMAGE_USER: + return "user"; + case MLX5_FPGA_IMAGE_FACTORY: + return "factory"; + default: + return "unknown"; + } +} + +static const char *mlx5_fpga_name(u32 fpga_id) +{ + static char ret[32]; + + switch (fpga_id) { + case MLX5_FPGA_NEWTON: + return "Newton"; + case MLX5_FPGA_EDISON: + return "Edison"; + case MLX5_FPGA_MORSE: + return "Morse"; + case MLX5_FPGA_MORSEQ: + return "MorseQ"; + } + + snprintf(ret, sizeof(ret), "Unknown %d", fpga_id); + return ret; +} + +static int mlx5_fpga_device_load_check(struct mlx5_fpga_device *fdev) +{ + struct mlx5_fpga_query query; + int err; + u32 fpga_id; + + err = mlx5_fpga_query(fdev->mdev, &query); + if (err) { + mlx5_fpga_err(fdev, "Failed to query status: %d\n", err); + return err; + } + + fdev->last_admin_image = query.admin_image; + fdev->last_oper_image = query.oper_image; + fdev->image_status = query.image_status; + + mlx5_fpga_info(fdev, "Status %u; Admin image %u; Oper image %u\n", + query.image_status, query.admin_image, query.oper_image); + + /* For Morse projects FPGA has no influence to network functionality */ + fpga_id = MLX5_CAP_FPGA(fdev->mdev, fpga_id); + if (fpga_id == MLX5_FPGA_MORSE || fpga_id == MLX5_FPGA_MORSEQ) + return 0; + + if (query.image_status != MLX5_FPGA_STATUS_SUCCESS) { + mlx5_fpga_err(fdev, "%s image failed to load; status %u\n", + mlx5_fpga_image_name(fdev->last_oper_image), + query.image_status); + return -EIO; + } + + return 0; +} + +static int mlx5_fpga_device_brb(struct mlx5_fpga_device *fdev) +{ + int err; + struct mlx5_core_dev *mdev = fdev->mdev; + + err = mlx5_fpga_ctrl_op(mdev, MLX5_FPGA_CTRL_OPERATION_SANDBOX_BYPASS_ON); + if (err) { + mlx5_fpga_err(fdev, "Failed to set bypass on: %d\n", err); + return err; + } + err = mlx5_fpga_ctrl_op(mdev, MLX5_FPGA_CTRL_OPERATION_RESET_SANDBOX); + if (err) { + mlx5_fpga_err(fdev, "Failed to reset SBU: %d\n", err); + return err; + } + err = mlx5_fpga_ctrl_op(mdev, MLX5_FPGA_CTRL_OPERATION_SANDBOX_BYPASS_OFF); + if (err) { + mlx5_fpga_err(fdev, "Failed to set bypass off: %d\n", err); + return err; + } + return 0; +} + +int mlx5_fpga_device_start(struct mlx5_core_dev *mdev) +{ + struct mlx5_fpga_client_data *client_context; + struct mlx5_fpga_device *fdev = mdev->fpga; + struct mlx5_fpga_conn_attr conn_attr = {0}; + struct mlx5_fpga_conn *conn; + unsigned int max_num_qps; + unsigned long flags; + u32 fpga_id; + u32 vid; + u16 pid; + int err; + + if (!fdev) + return 0; + + err = mlx5_fpga_caps(fdev->mdev); + if (err) + goto out; + + err = mlx5_fpga_device_load_check(fdev); + if (err) + goto out; + + fpga_id = MLX5_CAP_FPGA(fdev->mdev, fpga_id); + mlx5_fpga_info(fdev, "FPGA card %s\n", mlx5_fpga_name(fpga_id)); + + if (fpga_id == MLX5_FPGA_MORSE || fpga_id == MLX5_FPGA_MORSEQ) + goto out; + + mlx5_fpga_info(fdev, "%s(%d) image, version %u; SBU %06x:%04x version %d\n", + mlx5_fpga_image_name(fdev->last_oper_image), + fdev->last_oper_image, + MLX5_CAP_FPGA(fdev->mdev, image_version), + MLX5_CAP_FPGA(fdev->mdev, ieee_vendor_id), + MLX5_CAP_FPGA(fdev->mdev, sandbox_product_id), + MLX5_CAP_FPGA(fdev->mdev, sandbox_product_version)); + + max_num_qps = MLX5_CAP_FPGA(mdev, shell_caps.max_num_qps); + err = mlx5_core_reserve_gids(mdev, max_num_qps); + if (err) + goto out; + +#ifdef NOT_YET + /* XXXKIB */ + err = mlx5_fpga_conn_device_init(fdev); +#else + err = 0; +#endif + if (err) + goto err_rsvd_gid; + + err = mlx5_fpga_trans_device_init(fdev); + if (err) { + mlx5_fpga_err(fdev, "Failed to init transaction: %d\n", + err); + goto err_conn_init; + } + + conn_attr.tx_size = MLX5_FPGA_TID_COUNT; + conn_attr.rx_size = MLX5_FPGA_TID_COUNT; + conn_attr.recv_cb = mlx5_fpga_trans_recv; + conn_attr.cb_arg = fdev; +#ifdef NOT_YET + /* XXXKIB */ + conn = mlx5_fpga_conn_create(fdev, &conn_attr, + MLX5_FPGA_QPC_QP_TYPE_SHELL_QP); + if (IS_ERR(conn)) { + err = PTR_ERR(conn); + mlx5_fpga_err(fdev, "Failed to create shell conn: %d\n", err); + goto err_trans; + } +#else + conn = NULL; +#endif + fdev->shell_conn = conn; + + if (fdev->last_oper_image == MLX5_FPGA_IMAGE_USER) { + err = mlx5_fpga_device_brb(fdev); + if (err) + goto err_shell_conn; + + vid = MLX5_CAP_FPGA(fdev->mdev, ieee_vendor_id); + pid = MLX5_CAP_FPGA(fdev->mdev, sandbox_product_id); + mutex_lock(&mlx5_fpga_mutex); + list_for_each_entry(client_context, &fdev->client_data_list, + list) { + if (client_context->client->add(fdev, vid, pid)) + continue; + client_context->added = true; + } + mutex_unlock(&mlx5_fpga_mutex); + } + + goto out; + +err_shell_conn: + if (fdev->shell_conn) { +#ifdef NOT_YET + /* XXXKIB */ + mlx5_fpga_conn_destroy(fdev->shell_conn); +#endif + fdev->shell_conn = NULL; + } + +#ifdef NOT_YET + /* XXXKIB */ +err_trans: +#endif + mlx5_fpga_trans_device_cleanup(fdev); + +err_conn_init: +#ifdef NOT_YET + /* XXXKIB */ + mlx5_fpga_conn_device_cleanup(fdev); +#endif + +err_rsvd_gid: + mlx5_core_unreserve_gids(mdev, max_num_qps); +out: + spin_lock_irqsave(&fdev->state_lock, flags); + fdev->fdev_state = err ? MLX5_FDEV_STATE_FAILURE : MLX5_FDEV_STATE_SUCCESS; + spin_unlock_irqrestore(&fdev->state_lock, flags); + return err; +} + +int mlx5_fpga_init(struct mlx5_core_dev *mdev) +{ + struct mlx5_fpga_device *fdev = NULL; + struct mlx5_fpga_client *client; + + if (!MLX5_CAP_GEN(mdev, fpga)) { + mlx5_core_dbg(mdev, "FPGA capability not present\n"); + return 0; + } + + mlx5_core_dbg(mdev, "Initializing FPGA\n"); + + fdev = mlx5_fpga_device_alloc(); + if (!fdev) + return -ENOMEM; + + fdev->mdev = mdev; + mdev->fpga = fdev; + + mutex_lock(&mlx5_fpga_mutex); + + list_add_tail(&fdev->list, &mlx5_fpga_devices); + list_for_each_entry(client, &mlx5_fpga_clients, list) + client_context_create(fdev, client, NULL); + + mutex_unlock(&mlx5_fpga_mutex); + return 0; +} + +void mlx5_fpga_device_stop(struct mlx5_core_dev *mdev) +{ + struct mlx5_fpga_client_data *client_context; + struct mlx5_fpga_device *fdev = mdev->fpga; + unsigned int max_num_qps; + unsigned long flags; + int err; + u32 fpga_id; + + if (!fdev) + return; + + fpga_id = MLX5_CAP_FPGA(mdev, fpga_id); + if (fpga_id == MLX5_FPGA_MORSE || fpga_id == MLX5_FPGA_MORSEQ) + return; + + spin_lock_irqsave(&fdev->state_lock, flags); + + if (fdev->fdev_state != MLX5_FDEV_STATE_SUCCESS) { + spin_unlock_irqrestore(&fdev->state_lock, flags); + return; + } + fdev->fdev_state = MLX5_FDEV_STATE_NONE; + spin_unlock_irqrestore(&fdev->state_lock, flags); + + if (fdev->last_oper_image == MLX5_FPGA_IMAGE_USER) { + err = mlx5_fpga_ctrl_op(mdev, MLX5_FPGA_CTRL_OPERATION_SANDBOX_BYPASS_ON); + if (err) + mlx5_fpga_err(fdev, "Failed to re-set SBU bypass on: %d\n", + err); + } + + mutex_lock(&mlx5_fpga_mutex); + list_for_each_entry(client_context, &fdev->client_data_list, list) { + if (!client_context->added) + continue; + client_context->client->remove(fdev); + client_context->added = false; + } + mutex_unlock(&mlx5_fpga_mutex); + + if (fdev->shell_conn) { +#ifdef NOT_YET + /* XXXKIB */ + mlx5_fpga_conn_destroy(fdev->shell_conn); +#endif + fdev->shell_conn = NULL; + mlx5_fpga_trans_device_cleanup(fdev); + } +#ifdef NOT_YET + /* XXXKIB */ + mlx5_fpga_conn_device_cleanup(fdev); +#endif + max_num_qps = MLX5_CAP_FPGA(mdev, shell_caps.max_num_qps); + mlx5_core_unreserve_gids(mdev, max_num_qps); +} + +void mlx5_fpga_cleanup(struct mlx5_core_dev *mdev) +{ + struct mlx5_fpga_client_data *context, *tmp; + struct mlx5_fpga_device *fdev = mdev->fpga; + + if (!fdev) + return; + + mutex_lock(&mlx5_fpga_mutex); + + mlx5_fpga_device_stop(mdev); + + list_for_each_entry_safe(context, tmp, &fdev->client_data_list, list) + client_context_destroy(fdev, context); + + list_del(&fdev->list); + kfree(fdev); + mdev->fpga = NULL; + + mutex_unlock(&mlx5_fpga_mutex); +} + +static const char *mlx5_fpga_syndrome_to_string(u8 syndrome) +{ + if (syndrome < ARRAY_SIZE(mlx5_fpga_error_strings)) + return mlx5_fpga_error_strings[syndrome]; + return "Unknown"; +} + +static const char *mlx5_fpga_qp_syndrome_to_string(u8 syndrome) +{ + if (syndrome < ARRAY_SIZE(mlx5_fpga_qp_error_strings)) + return mlx5_fpga_qp_error_strings[syndrome]; + return "Unknown"; +} + +void mlx5_fpga_event(struct mlx5_core_dev *mdev, u8 event, void *data) +{ + struct mlx5_fpga_device *fdev = mdev->fpga; + const char *event_name; + bool teardown = false; + unsigned long flags; + u32 fpga_qpn; + u8 syndrome; + + switch (event) { + case MLX5_EVENT_TYPE_FPGA_ERROR: + syndrome = MLX5_GET(fpga_error_event, data, syndrome); + event_name = mlx5_fpga_syndrome_to_string(syndrome); + break; + case MLX5_EVENT_TYPE_FPGA_QP_ERROR: + syndrome = MLX5_GET(fpga_qp_error_event, data, syndrome); + event_name = mlx5_fpga_qp_syndrome_to_string(syndrome); + fpga_qpn = MLX5_GET(fpga_qp_error_event, data, fpga_qpn); + mlx5_fpga_err(fdev, "Error %u on QP %u: %s\n", + syndrome, fpga_qpn, event_name); + break; + default: + mlx5_fpga_warn_ratelimited(fdev, "Unexpected event %u\n", + event); + return; + } + + spin_lock_irqsave(&fdev->state_lock, flags); + switch (fdev->fdev_state) { + case MLX5_FDEV_STATE_SUCCESS: + mlx5_fpga_warn(fdev, "Error %u: %s\n", syndrome, event_name); + teardown = true; + break; + case MLX5_FDEV_STATE_IN_PROGRESS: + if (syndrome != MLX5_FPGA_ERROR_EVENT_SYNDROME_IMAGE_CHANGED) + mlx5_fpga_warn(fdev, "Error while loading %u: %s\n", + syndrome, event_name); + complete(&fdev->load_event); + break; + default: + mlx5_fpga_warn_ratelimited(fdev, "Unexpected error event %u: %s\n", + syndrome, event_name); + } + spin_unlock_irqrestore(&fdev->state_lock, flags); + /* We tear-down the card's interfaces and functionality because + * the FPGA bump-on-the-wire is misbehaving and we lose ability + * to communicate with the network. User may still be able to + * recover by re-programming or debugging the FPGA + */ + if (teardown) + mlx5_trigger_health_work(fdev->mdev); +} + +void mlx5_fpga_client_register(struct mlx5_fpga_client *client) +{ + struct mlx5_fpga_client_data *context; + struct mlx5_fpga_device *fdev; + bool call_add = false; + unsigned long flags; + u32 vid; + u16 pid; + int err; + + pr_debug("Client register %s\n", client->name); + + mutex_lock(&mlx5_fpga_mutex); + + list_add_tail(&client->list, &mlx5_fpga_clients); + + list_for_each_entry(fdev, &mlx5_fpga_devices, list) { + err = client_context_create(fdev, client, &context); + if (err) + continue; + + spin_lock_irqsave(&fdev->state_lock, flags); + call_add = (fdev->fdev_state == MLX5_FDEV_STATE_SUCCESS); + spin_unlock_irqrestore(&fdev->state_lock, flags); + + if (call_add) { + vid = MLX5_CAP_FPGA(fdev->mdev, ieee_vendor_id); + pid = MLX5_CAP_FPGA(fdev->mdev, sandbox_product_id); + if (!client->add(fdev, vid, pid)) + context->added = true; + } + } + + mutex_unlock(&mlx5_fpga_mutex); +} +EXPORT_SYMBOL(mlx5_fpga_client_register); + +void mlx5_fpga_client_unregister(struct mlx5_fpga_client *client) +{ + struct mlx5_fpga_client_data *context, *tmp_context; + struct mlx5_fpga_device *fdev; + + pr_debug("Client unregister %s\n", client->name); + + mutex_lock(&mlx5_fpga_mutex); + + list_for_each_entry(fdev, &mlx5_fpga_devices, list) { + list_for_each_entry_safe(context, tmp_context, + &fdev->client_data_list, + list) { + if (context->client != client) + continue; + if (context->added) + client->remove(fdev); + client_context_destroy(fdev, context); + break; + } + } + + list_del(&client->list); + mutex_unlock(&mlx5_fpga_mutex); +} +EXPORT_SYMBOL(mlx5_fpga_client_unregister); + +#if (__FreeBSD_version >= 1100000) +MODULE_DEPEND(mlx5fpga, linuxkpi, 1, 1, 1); +#endif +MODULE_DEPEND(mlx5fpga, mlx5, 1, 1, 1); +MODULE_VERSION(mlx5fpga, 1); diff --git a/sys/dev/mlx5/mlx5_fpga/mlx5fpga_ipsec.c b/sys/dev/mlx5/mlx5_fpga/mlx5fpga_ipsec.c new file mode 100644 index 000000000000..65f5984060ec --- /dev/null +++ b/sys/dev/mlx5/mlx5_fpga/mlx5fpga_ipsec.c @@ -0,0 +1,377 @@ +/*- + * Copyright (c) 2017 Mellanox Technologies. All rights reserved. + * + * This software is available to you under a choice of one of two + * licenses. You may choose to be licensed under the terms of the GNU + * General Public License (GPL) Version 2, available from the file + * COPYING in the main directory of this source tree, or the + * OpenIB.org BSD license below: + * + * Redistribution and use in source and binary forms, with or + * without modification, are permitted provided that the following + * conditions are met: + * + * - Redistributions of source code must retain the above + * copyright notice, this list of conditions and the following + * disclaimer. + * + * - Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials + * provided with the distribution. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS + * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN + * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + * SOFTWARE. + * + * $FreeBSD$ + */ + +#include <dev/mlx5/driver.h> + +#include <dev/mlx5/mlx5_core/mlx5_core.h> +#include <dev/mlx5/mlx5_fpga/ipsec.h> +#include <dev/mlx5/mlx5_fpga/sdk.h> +#include <dev/mlx5/mlx5_fpga/core.h> + +#define SBU_QP_QUEUE_SIZE 8 + +enum mlx5_ipsec_response_syndrome { + MLX5_IPSEC_RESPONSE_SUCCESS = 0, + MLX5_IPSEC_RESPONSE_ILLEGAL_REQUEST = 1, + MLX5_IPSEC_RESPONSE_SADB_ISSUE = 2, + MLX5_IPSEC_RESPONSE_WRITE_RESPONSE_ISSUE = 3, +}; + +enum mlx5_fpga_ipsec_sacmd_status { + MLX5_FPGA_IPSEC_SACMD_PENDING, + MLX5_FPGA_IPSEC_SACMD_SEND_FAIL, + MLX5_FPGA_IPSEC_SACMD_COMPLETE, +}; + +struct mlx5_ipsec_command_context { + struct mlx5_fpga_dma_buf buf; + struct mlx5_accel_ipsec_sa sa; + enum mlx5_fpga_ipsec_sacmd_status status; + int status_code; + struct completion complete; + struct mlx5_fpga_device *dev; + struct list_head list; /* Item in pending_cmds */ +}; + +struct mlx5_ipsec_sadb_resp { + __be32 syndrome; + __be32 sw_sa_handle; + u8 reserved[24]; +} __packed; + +struct mlx5_fpga_ipsec { + struct list_head pending_cmds; + spinlock_t pending_cmds_lock; /* Protects pending_cmds */ + u32 caps[MLX5_ST_SZ_DW(ipsec_extended_cap)]; + struct mlx5_fpga_conn *conn; +}; + +static bool mlx5_fpga_is_ipsec_device(struct mlx5_core_dev *mdev) +{ + if (!mdev->fpga || !MLX5_CAP_GEN(mdev, fpga)) + return false; + + if (MLX5_CAP_FPGA(mdev, ieee_vendor_id) != + MLX5_FPGA_CAP_SANDBOX_VENDOR_ID_MLNX) + return false; + + if (MLX5_CAP_FPGA(mdev, sandbox_product_id) != + MLX5_FPGA_CAP_SANDBOX_PRODUCT_ID_IPSEC) + return false; + + return true; +} + +static void mlx5_fpga_ipsec_send_complete(struct mlx5_fpga_conn *conn, + struct mlx5_fpga_device *fdev, + struct mlx5_fpga_dma_buf *buf, + u8 status) +{ + struct mlx5_ipsec_command_context *context; + + if (status) { + context = container_of(buf, struct mlx5_ipsec_command_context, + buf); + mlx5_fpga_warn(fdev, "IPSec command send failed with status %u\n", + status); + context->status = MLX5_FPGA_IPSEC_SACMD_SEND_FAIL; + complete(&context->complete); + } +} + +static inline int syndrome_to_errno(enum mlx5_ipsec_response_syndrome syndrome) +{ + switch (syndrome) { + case MLX5_IPSEC_RESPONSE_SUCCESS: + return 0; + case MLX5_IPSEC_RESPONSE_SADB_ISSUE: + return -EEXIST; + case MLX5_IPSEC_RESPONSE_ILLEGAL_REQUEST: + return -EINVAL; + case MLX5_IPSEC_RESPONSE_WRITE_RESPONSE_ISSUE: + return -EIO; + } + return -EIO; +} + +static void mlx5_fpga_ipsec_recv(void *cb_arg, struct mlx5_fpga_dma_buf *buf) +{ + struct mlx5_ipsec_sadb_resp *resp = buf->sg[0].data; + struct mlx5_ipsec_command_context *context; + enum mlx5_ipsec_response_syndrome syndrome; + struct mlx5_fpga_device *fdev = cb_arg; + unsigned long flags; + + if (buf->sg[0].size < sizeof(*resp)) { + mlx5_fpga_warn(fdev, "Short receive from FPGA IPSec: %u < %zu bytes\n", + buf->sg[0].size, sizeof(*resp)); + return; + } + + mlx5_fpga_dbg(fdev, "mlx5_ipsec recv_cb syndrome %08x sa_id %x\n", + ntohl(resp->syndrome), ntohl(resp->sw_sa_handle)); + + spin_lock_irqsave(&fdev->ipsec->pending_cmds_lock, flags); + context = list_first_entry_or_null(&fdev->ipsec->pending_cmds, + struct mlx5_ipsec_command_context, + list); + if (context) + list_del(&context->list); + spin_unlock_irqrestore(&fdev->ipsec->pending_cmds_lock, flags); + + if (!context) { + mlx5_fpga_warn(fdev, "Received IPSec offload response without pending command request\n"); + return; + } + mlx5_fpga_dbg(fdev, "Handling response for %p\n", context); + + if (context->sa.sw_sa_handle != resp->sw_sa_handle) { + mlx5_fpga_err(fdev, "mismatch SA handle. cmd 0x%08x vs resp 0x%08x\n", + ntohl(context->sa.sw_sa_handle), + ntohl(resp->sw_sa_handle)); + return; + } + + syndrome = ntohl(resp->syndrome); + context->status_code = syndrome_to_errno(syndrome); + context->status = MLX5_FPGA_IPSEC_SACMD_COMPLETE; + + if (context->status_code) + mlx5_fpga_warn(fdev, "IPSec SADB command failed with syndrome %08x\n", + syndrome); + complete(&context->complete); +} + +void *mlx5_fpga_ipsec_sa_cmd_exec(struct mlx5_core_dev *mdev, + struct mlx5_accel_ipsec_sa *cmd) +{ + struct mlx5_ipsec_command_context *context; + struct mlx5_fpga_device *fdev = mdev->fpga; + unsigned long flags; + int res = 0; + + BUILD_BUG_ON((sizeof(struct mlx5_accel_ipsec_sa) & 3) != 0); + if (!fdev || !fdev->ipsec) + return ERR_PTR(-EOPNOTSUPP); + + context = kzalloc(sizeof(*context), GFP_ATOMIC); + if (!context) + return ERR_PTR(-ENOMEM); + + memcpy(&context->sa, cmd, sizeof(*cmd)); + context->buf.complete = mlx5_fpga_ipsec_send_complete; + context->buf.sg[0].size = sizeof(context->sa); + context->buf.sg[0].data = &context->sa; + init_completion(&context->complete); + context->dev = fdev; + spin_lock_irqsave(&fdev->ipsec->pending_cmds_lock, flags); + list_add_tail(&context->list, &fdev->ipsec->pending_cmds); + spin_unlock_irqrestore(&fdev->ipsec->pending_cmds_lock, flags); + + context->status = MLX5_FPGA_IPSEC_SACMD_PENDING; + + res = mlx5_fpga_sbu_conn_sendmsg(fdev->ipsec->conn, &context->buf); + if (res) { + mlx5_fpga_warn(fdev, "Failure sending IPSec command: %d\n", + res); + spin_lock_irqsave(&fdev->ipsec->pending_cmds_lock, flags); + list_del(&context->list); + spin_unlock_irqrestore(&fdev->ipsec->pending_cmds_lock, flags); + kfree(context); + return ERR_PTR(res); + } + /* Context will be freed by wait func after completion */ + return context; +} + +int mlx5_fpga_ipsec_sa_cmd_wait(void *ctx) +{ + struct mlx5_ipsec_command_context *context = ctx; + int res; + + res = wait_for_completion/*_killable XXXKIB*/(&context->complete); + if (res) { + mlx5_fpga_warn(context->dev, "Failure waiting for IPSec command response\n"); + return -EINTR; + } + + if (context->status == MLX5_FPGA_IPSEC_SACMD_COMPLETE) + res = context->status_code; + else + res = -EIO; + + kfree(context); + return res; +} + +u32 mlx5_fpga_ipsec_device_caps(struct mlx5_core_dev *mdev) +{ + struct mlx5_fpga_device *fdev = mdev->fpga; + u32 ret = 0; + + if (mlx5_fpga_is_ipsec_device(mdev)) + ret |= MLX5_ACCEL_IPSEC_DEVICE; + else + return ret; + + if (!fdev->ipsec) + return ret; + + if (MLX5_GET(ipsec_extended_cap, fdev->ipsec->caps, esp)) + ret |= MLX5_ACCEL_IPSEC_ESP; + + if (MLX5_GET(ipsec_extended_cap, fdev->ipsec->caps, ipv6)) + ret |= MLX5_ACCEL_IPSEC_IPV6; + + if (MLX5_GET(ipsec_extended_cap, fdev->ipsec->caps, lso)) + ret |= MLX5_ACCEL_IPSEC_LSO; + + return ret; +} + +unsigned int mlx5_fpga_ipsec_counters_count(struct mlx5_core_dev *mdev) +{ + struct mlx5_fpga_device *fdev = mdev->fpga; + + if (!fdev || !fdev->ipsec) + return 0; + + return MLX5_GET(ipsec_extended_cap, fdev->ipsec->caps, + number_of_ipsec_counters); +} + +int mlx5_fpga_ipsec_counters_read(struct mlx5_core_dev *mdev, u64 *counters, + unsigned int counters_count) +{ + struct mlx5_fpga_device *fdev = mdev->fpga; + unsigned int i; + __be32 *data; + u32 count; + u64 addr; + int ret; + + if (!fdev || !fdev->ipsec) + return 0; + + addr = (u64)MLX5_GET(ipsec_extended_cap, fdev->ipsec->caps, + ipsec_counters_addr_low) + + ((u64)MLX5_GET(ipsec_extended_cap, fdev->ipsec->caps, + ipsec_counters_addr_high) << 32); + + count = mlx5_fpga_ipsec_counters_count(mdev); + + data = kzalloc(sizeof(*data) * count * 2, GFP_KERNEL); + if (!data) { + ret = -ENOMEM; + goto out; + } + + ret = mlx5_fpga_mem_read(fdev, count * sizeof(u64), addr, data, + MLX5_FPGA_ACCESS_TYPE_DONTCARE); + if (ret < 0) { + mlx5_fpga_err(fdev, "Failed to read IPSec counters from HW: %d\n", + ret); + goto out; + } + ret = 0; + + if (count > counters_count) + count = counters_count; + + /* Each counter is low word, then high. But each word is big-endian */ + for (i = 0; i < count; i++) + counters[i] = (u64)ntohl(data[i * 2]) | + ((u64)ntohl(data[i * 2 + 1]) << 32); + +out: + kfree(data); + return ret; +} + +int mlx5_fpga_ipsec_init(struct mlx5_core_dev *mdev) +{ + struct mlx5_fpga_conn_attr init_attr = {0}; + struct mlx5_fpga_device *fdev = mdev->fpga; + struct mlx5_fpga_conn *conn; + int err; + + if (!mlx5_fpga_is_ipsec_device(mdev)) + return 0; + + fdev->ipsec = kzalloc(sizeof(*fdev->ipsec), GFP_KERNEL); + if (!fdev->ipsec) + return -ENOMEM; + + err = mlx5_fpga_get_sbu_caps(fdev, sizeof(fdev->ipsec->caps), + fdev->ipsec->caps); + if (err) { + mlx5_fpga_err(fdev, "Failed to retrieve IPSec extended capabilities: %d\n", + err); + goto error; + } + + INIT_LIST_HEAD(&fdev->ipsec->pending_cmds); + spin_lock_init(&fdev->ipsec->pending_cmds_lock); + + init_attr.rx_size = SBU_QP_QUEUE_SIZE; + init_attr.tx_size = SBU_QP_QUEUE_SIZE; + init_attr.recv_cb = mlx5_fpga_ipsec_recv; + init_attr.cb_arg = fdev; + conn = mlx5_fpga_sbu_conn_create(fdev, &init_attr); + if (IS_ERR(conn)) { + err = PTR_ERR(conn); + mlx5_fpga_err(fdev, "Error creating IPSec command connection %d\n", + err); + goto error; + } + fdev->ipsec->conn = conn; + return 0; + +error: + kfree(fdev->ipsec); + fdev->ipsec = NULL; + return err; +} + +void mlx5_fpga_ipsec_cleanup(struct mlx5_core_dev *mdev) +{ + struct mlx5_fpga_device *fdev = mdev->fpga; + + if (!mlx5_fpga_is_ipsec_device(mdev)) + return; + + mlx5_fpga_sbu_conn_destroy(fdev->ipsec->conn); + kfree(fdev->ipsec); + fdev->ipsec = NULL; +} diff --git a/sys/dev/mlx5/mlx5_fpga/mlx5fpga_sdk.c b/sys/dev/mlx5/mlx5_fpga/mlx5fpga_sdk.c new file mode 100644 index 000000000000..b28995555088 --- /dev/null +++ b/sys/dev/mlx5/mlx5_fpga/mlx5fpga_sdk.c @@ -0,0 +1,494 @@ +/*- + * Copyright (c) 2017 Mellanox Technologies. All rights reserved. + * + * This software is available to you under a choice of one of two + * licenses. You may choose to be licensed under the terms of the GNU + * General Public License (GPL) Version 2, available from the file + * COPYING in the main directory of this source tree, or the + * OpenIB.org BSD license below: + * + * Redistribution and use in source and binary forms, with or + * without modification, are permitted provided that the following + * conditions are met: + * + * - Redistributions of source code must retain the above + * copyright notice, this list of conditions and the following + * disclaimer. + * + * - Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials + * provided with the distribution. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS + * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN + * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + * SOFTWARE. + * + * $FreeBSD$ + */ + +#include <linux/errno.h> +#include <linux/err.h> +#include <linux/completion.h> +#include <dev/mlx5/device.h> +#include <dev/mlx5/mlx5_fpga/core.h> +#include <dev/mlx5/mlx5_fpga/conn.h> +#include <dev/mlx5/mlx5_fpga/sdk.h> +#include <dev/mlx5/mlx5_fpga/xfer.h> +#include <dev/mlx5/mlx5_core/mlx5_core.h> +/* #include "accel/ipsec.h" */ + +#define MLX5_FPGA_LOAD_TIMEOUT 25000 /* msec */ + +struct mem_transfer { + struct mlx5_fpga_transaction t; + struct completion comp; + u8 status; +}; + +struct mlx5_fpga_conn * +mlx5_fpga_sbu_conn_create(struct mlx5_fpga_device *fdev, + struct mlx5_fpga_conn_attr *attr) +{ +#ifdef NOT_YET + /* XXXKIB */ + return mlx5_fpga_conn_create(fdev, attr, MLX5_FPGA_QPC_QP_TYPE_SANDBOX_QP); +#else + return (NULL); +#endif +} +EXPORT_SYMBOL(mlx5_fpga_sbu_conn_create); + +void mlx5_fpga_sbu_conn_destroy(struct mlx5_fpga_conn *conn) +{ +#ifdef NOT_YET + /* XXXKIB */ + mlx5_fpga_conn_destroy(conn); +#endif +} +EXPORT_SYMBOL(mlx5_fpga_sbu_conn_destroy); + +int mlx5_fpga_sbu_conn_sendmsg(struct mlx5_fpga_conn *conn, + struct mlx5_fpga_dma_buf *buf) +{ +#ifdef NOT_YET + /* XXXKIB */ + return mlx5_fpga_conn_send(conn, buf); +#else + return (0); +#endif +} +EXPORT_SYMBOL(mlx5_fpga_sbu_conn_sendmsg); + +static void mem_complete(const struct mlx5_fpga_transaction *complete, + u8 status) +{ + struct mem_transfer *xfer; + + mlx5_fpga_dbg(complete->conn->fdev, + "transaction %p complete status %u", complete, status); + + xfer = container_of(complete, struct mem_transfer, t); + xfer->status = status; + complete_all(&xfer->comp); +} + +static int mem_transaction(struct mlx5_fpga_device *fdev, size_t size, u64 addr, + void *buf, enum mlx5_fpga_direction direction) +{ + int ret; + struct mem_transfer xfer; + + if (!fdev->shell_conn) { + ret = -ENOTCONN; + goto out; + } + + xfer.t.data = buf; + xfer.t.size = size; + xfer.t.addr = addr; + xfer.t.conn = fdev->shell_conn; + xfer.t.direction = direction; + xfer.t.complete1 = mem_complete; + init_completion(&xfer.comp); + ret = mlx5_fpga_xfer_exec(&xfer.t); + if (ret) { + mlx5_fpga_dbg(fdev, "Transfer execution failed: %d\n", ret); + goto out; + } + wait_for_completion(&xfer.comp); + if (xfer.status != 0) + ret = -EIO; + +out: + return ret; +} + +static int mlx5_fpga_mem_read_i2c(struct mlx5_fpga_device *fdev, size_t size, + u64 addr, u8 *buf) +{ + size_t max_size = MLX5_FPGA_ACCESS_REG_SIZE_MAX; + size_t bytes_done = 0; + u8 actual_size; + int err = 0; + + if (!size) + return -EINVAL; + + if (!fdev->mdev) + return -ENOTCONN; + + while (bytes_done < size) { + actual_size = min(max_size, (size - bytes_done)); + + err = mlx5_fpga_access_reg(fdev->mdev, actual_size, + addr + bytes_done, + buf + bytes_done, false); + if (err) { + mlx5_fpga_err(fdev, "Failed to read over I2C: %d\n", + err); + break; + } + + bytes_done += actual_size; + } + + return err; +} + +static int mlx5_fpga_mem_write_i2c(struct mlx5_fpga_device *fdev, size_t size, + u64 addr, u8 *buf) +{ + size_t max_size = MLX5_FPGA_ACCESS_REG_SIZE_MAX; + size_t bytes_done = 0; + u8 actual_size; + int err = 0; + + if (!size) + return -EINVAL; + + if (!fdev->mdev) + return -ENOTCONN; + + while (bytes_done < size) { + actual_size = min(max_size, (size - bytes_done)); + + err = mlx5_fpga_access_reg(fdev->mdev, actual_size, + addr + bytes_done, + buf + bytes_done, true); + if (err) { + mlx5_fpga_err(fdev, "Failed to write FPGA crspace\n"); + break; + } + + bytes_done += actual_size; + } + + return err; +} + +int mlx5_fpga_mem_read(struct mlx5_fpga_device *fdev, size_t size, u64 addr, + void *buf, enum mlx5_fpga_access_type access_type) +{ + int ret; + + if (access_type == MLX5_FPGA_ACCESS_TYPE_DONTCARE) + access_type = fdev->shell_conn ? MLX5_FPGA_ACCESS_TYPE_RDMA : + MLX5_FPGA_ACCESS_TYPE_I2C; + + mlx5_fpga_dbg(fdev, "Reading %zu bytes at 0x%jx over %s", + size, (uintmax_t)addr, access_type ? "RDMA" : "I2C"); + + switch (access_type) { + case MLX5_FPGA_ACCESS_TYPE_RDMA: + ret = mem_transaction(fdev, size, addr, buf, MLX5_FPGA_READ); + if (ret) + return ret; + break; + case MLX5_FPGA_ACCESS_TYPE_I2C: + ret = mlx5_fpga_mem_read_i2c(fdev, size, addr, buf); + if (ret) + return ret; + break; + default: + mlx5_fpga_warn(fdev, "Unexpected read access_type %u\n", + access_type); + return -EACCES; + } + + return size; +} +EXPORT_SYMBOL(mlx5_fpga_mem_read); + +int mlx5_fpga_mem_write(struct mlx5_fpga_device *fdev, size_t size, u64 addr, + void *buf, enum mlx5_fpga_access_type access_type) +{ + int ret; + + if (access_type == MLX5_FPGA_ACCESS_TYPE_DONTCARE) + access_type = fdev->shell_conn ? MLX5_FPGA_ACCESS_TYPE_RDMA : + MLX5_FPGA_ACCESS_TYPE_I2C; + + mlx5_fpga_dbg(fdev, "Writing %zu bytes at 0x%jx over %s", + size, (uintmax_t)addr, access_type ? "RDMA" : "I2C"); + + switch (access_type) { + case MLX5_FPGA_ACCESS_TYPE_RDMA: + ret = mem_transaction(fdev, size, addr, buf, MLX5_FPGA_WRITE); + if (ret) + return ret; + break; + case MLX5_FPGA_ACCESS_TYPE_I2C: + ret = mlx5_fpga_mem_write_i2c(fdev, size, addr, buf); + if (ret) + return ret; + break; + default: + mlx5_fpga_warn(fdev, "Unexpected write access_type %u\n", + access_type); + return -EACCES; + } + + return size; +} +EXPORT_SYMBOL(mlx5_fpga_mem_write); + +int mlx5_fpga_get_sbu_caps(struct mlx5_fpga_device *fdev, int size, void *buf) +{ + return mlx5_fpga_sbu_caps(fdev->mdev, buf, size); +} +EXPORT_SYMBOL(mlx5_fpga_get_sbu_caps); + +u64 mlx5_fpga_ddr_size_get(struct mlx5_fpga_device *fdev) +{ + return (u64)MLX5_CAP_FPGA(fdev->mdev, fpga_ddr_size) << 10; +} +EXPORT_SYMBOL(mlx5_fpga_ddr_size_get); + +u64 mlx5_fpga_ddr_base_get(struct mlx5_fpga_device *fdev) +{ + return MLX5_CAP64_FPGA(fdev->mdev, fpga_ddr_start_addr); +} +EXPORT_SYMBOL(mlx5_fpga_ddr_base_get); + +void mlx5_fpga_client_data_set(struct mlx5_fpga_device *fdev, + struct mlx5_fpga_client *client, void *data) +{ + struct mlx5_fpga_client_data *context; + + list_for_each_entry(context, &fdev->client_data_list, list) { + if (context->client != client) + continue; + context->data = data; + return; + } + + mlx5_fpga_warn(fdev, "No client context found for %s\n", client->name); +} +EXPORT_SYMBOL(mlx5_fpga_client_data_set); + +void *mlx5_fpga_client_data_get(struct mlx5_fpga_device *fdev, + struct mlx5_fpga_client *client) +{ + struct mlx5_fpga_client_data *context; + void *ret = NULL; + + list_for_each_entry(context, &fdev->client_data_list, list) { + if (context->client != client) + continue; + ret = context->data; + goto out; + } + mlx5_fpga_warn(fdev, "No client context found for %s\n", client->name); + +out: + return ret; +} +EXPORT_SYMBOL(mlx5_fpga_client_data_get); + +void mlx5_fpga_device_query(struct mlx5_fpga_device *fdev, + struct mlx5_fpga_query *query) +{ + unsigned long flags; + + spin_lock_irqsave(&fdev->state_lock, flags); + query->image_status = fdev->image_status; + query->admin_image = fdev->last_admin_image; + query->oper_image = fdev->last_oper_image; + spin_unlock_irqrestore(&fdev->state_lock, flags); +} +EXPORT_SYMBOL(mlx5_fpga_device_query); + +int mlx5_fpga_device_reload(struct mlx5_fpga_device *fdev, + enum mlx5_fpga_image image) +{ + struct mlx5_core_dev *mdev = fdev->mdev; + unsigned long timeout; + unsigned long flags; + int err = 0; + + spin_lock_irqsave(&fdev->state_lock, flags); + switch (fdev->fdev_state) { + case MLX5_FDEV_STATE_NONE: + err = -ENODEV; + break; + case MLX5_FDEV_STATE_IN_PROGRESS: + err = -EBUSY; + break; + case MLX5_FDEV_STATE_SUCCESS: + case MLX5_FDEV_STATE_FAILURE: + case MLX5_FDEV_STATE_DISCONNECTED: + break; + } + spin_unlock_irqrestore(&fdev->state_lock, flags); + if (err) + return err; + + mutex_lock(&mdev->intf_state_mutex); + clear_bit(MLX5_INTERFACE_STATE_UP, &mdev->intf_state); + + mlx5_unregister_device(mdev); + /* XXXKIB mlx5_accel_ipsec_cleanup(mdev); */ + mlx5_fpga_device_stop(mdev); + + fdev->fdev_state = MLX5_FDEV_STATE_IN_PROGRESS; + reinit_completion(&fdev->load_event); + + if (image <= MLX5_FPGA_IMAGE_MAX) { + mlx5_fpga_info(fdev, "Loading from flash\n"); + err = mlx5_fpga_load(mdev, image); + if (err) { + mlx5_fpga_err(fdev, "Failed to request load: %d\n", + err); + goto out; + } + } else { + mlx5_fpga_info(fdev, "Resetting\n"); + err = mlx5_fpga_ctrl_op(mdev, MLX5_FPGA_CTRL_OPERATION_RESET); + if (err) { + mlx5_fpga_err(fdev, "Failed to request reset: %d\n", + err); + goto out; + } + } + + timeout = jiffies + msecs_to_jiffies(MLX5_FPGA_LOAD_TIMEOUT); + err = wait_for_completion_timeout(&fdev->load_event, timeout - jiffies); + if (err < 0) { + mlx5_fpga_err(fdev, "Failed waiting for FPGA load: %d\n", err); + fdev->fdev_state = MLX5_FDEV_STATE_FAILURE; + goto out; + } + + err = mlx5_fpga_device_start(mdev); + if (err) { + mlx5_core_err(mdev, "fpga device start failed %d\n", err); + goto out; + } + /* XXXKIB err = mlx5_accel_ipsec_init(mdev); */ + if (err) { + mlx5_core_err(mdev, "IPSec device start failed %d\n", err); + goto err_fpga; + } + + err = mlx5_register_device(mdev); + if (err) { + mlx5_core_err(mdev, "mlx5_register_device failed %d\n", err); + fdev->fdev_state = MLX5_FDEV_STATE_FAILURE; + goto err_ipsec; + } + + set_bit(MLX5_INTERFACE_STATE_UP, &mdev->intf_state); + goto out; + +err_ipsec: + /* XXXKIB mlx5_accel_ipsec_cleanup(mdev); */ +err_fpga: + mlx5_fpga_device_stop(mdev); +out: + mutex_unlock(&mdev->intf_state_mutex); + return err; +} +EXPORT_SYMBOL(mlx5_fpga_device_reload); + +int mlx5_fpga_flash_select(struct mlx5_fpga_device *fdev, + enum mlx5_fpga_image image) +{ + unsigned long flags; + int err; + + spin_lock_irqsave(&fdev->state_lock, flags); + switch (fdev->fdev_state) { + case MLX5_FDEV_STATE_NONE: + spin_unlock_irqrestore(&fdev->state_lock, flags); + return -ENODEV; + case MLX5_FDEV_STATE_DISCONNECTED: + case MLX5_FDEV_STATE_IN_PROGRESS: + case MLX5_FDEV_STATE_SUCCESS: + case MLX5_FDEV_STATE_FAILURE: + break; + } + spin_unlock_irqrestore(&fdev->state_lock, flags); + + err = mlx5_fpga_image_select(fdev->mdev, image); + if (err) + mlx5_fpga_err(fdev, "Failed to select flash image: %d\n", err); + else + fdev->last_admin_image = image; + return err; +} +EXPORT_SYMBOL(mlx5_fpga_flash_select); + +int mlx5_fpga_connectdisconnect(struct mlx5_fpga_device *fdev, + enum mlx5_fpga_connect *connect) +{ + unsigned long flags; + int err; + + spin_lock_irqsave(&fdev->state_lock, flags); + switch (fdev->fdev_state) { + case MLX5_FDEV_STATE_NONE: + spin_unlock_irqrestore(&fdev->state_lock, flags); + return -ENODEV; + case MLX5_FDEV_STATE_IN_PROGRESS: + case MLX5_FDEV_STATE_SUCCESS: + case MLX5_FDEV_STATE_FAILURE: + case MLX5_FDEV_STATE_DISCONNECTED: + break; + } + spin_unlock_irqrestore(&fdev->state_lock, flags); + + err = mlx5_fpga_ctrl_connect(fdev->mdev, connect); + if (err) + mlx5_fpga_err(fdev, "Failed to connect/disconnect: %d\n", err); + return err; +} +EXPORT_SYMBOL(mlx5_fpga_connectdisconnect); + +int mlx5_fpga_temperature(struct mlx5_fpga_device *fdev, + struct mlx5_fpga_temperature *temp) +{ + return mlx5_fpga_query_mtmp(fdev->mdev, temp); +} +EXPORT_SYMBOL(mlx5_fpga_temperature); + +struct device *mlx5_fpga_dev(struct mlx5_fpga_device *fdev) +{ + return &fdev->mdev->pdev->dev; +} +EXPORT_SYMBOL(mlx5_fpga_dev); + +void mlx5_fpga_get_cap(struct mlx5_fpga_device *fdev, u32 *fpga_caps) +{ + unsigned long flags; + + spin_lock_irqsave(&fdev->state_lock, flags); + memcpy(fpga_caps, &fdev->mdev->caps.fpga, sizeof(fdev->mdev->caps.fpga)); + spin_unlock_irqrestore(&fdev->state_lock, flags); +} +EXPORT_SYMBOL(mlx5_fpga_get_cap); diff --git a/sys/dev/mlx5/mlx5_fpga/mlx5fpga_trans.c b/sys/dev/mlx5/mlx5_fpga/mlx5fpga_trans.c new file mode 100644 index 000000000000..801388f37a8d --- /dev/null +++ b/sys/dev/mlx5/mlx5_fpga/mlx5fpga_trans.c @@ -0,0 +1,335 @@ +/*- + * Copyright (c) 2017 Mellanox Technologies. All rights reserved. + * + * This software is available to you under a choice of one of two + * licenses. You may choose to be licensed under the terms of the GNU + * General Public License (GPL) Version 2, available from the file + * COPYING in the main directory of this source tree, or the + * OpenIB.org BSD license below: + * + * Redistribution and use in source and binary forms, with or + * without modification, are permitted provided that the following + * conditions are met: + * + * - Redistributions of source code must retain the above + * copyright notice, this list of conditions and the following + * disclaimer. + * + * - Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials + * provided with the distribution. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS + * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN + * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + * SOFTWARE. + * + * $FreeBSD$ + */ + +#include <dev/mlx5/mlx5_fpga/trans.h> +#include <dev/mlx5/mlx5_fpga/conn.h> + +enum mlx5_fpga_transaction_state { + TRANS_STATE_NONE, + TRANS_STATE_SEND, + TRANS_STATE_WAIT, + TRANS_STATE_COMPLETE, +}; + +struct mlx5_fpga_trans_priv { + const struct mlx5_fpga_transaction *user_trans; + u8 tid; + enum mlx5_fpga_transaction_state state; + u8 status; + u32 header[MLX5_ST_SZ_DW(fpga_shell_qp_packet)]; + struct mlx5_fpga_dma_buf buf; + struct list_head list_item; +}; + +struct mlx5_fpga_trans_device_state { + spinlock_t lock; /* Protects all members of this struct */ + struct list_head free_queue; + struct mlx5_fpga_trans_priv transactions[MLX5_FPGA_TID_COUNT]; +}; + +static struct mlx5_fpga_trans_priv *find_tid(struct mlx5_fpga_device *fdev, + u8 tid) +{ + if (tid >= MLX5_FPGA_TID_COUNT) { + mlx5_fpga_warn(fdev, "Unexpected transaction ID %u\n", tid); + return NULL; + } + return &fdev->trans->transactions[tid]; +} + +static struct mlx5_fpga_trans_priv *alloc_tid(struct mlx5_fpga_device *fdev) +{ + struct mlx5_fpga_trans_priv *ret; + unsigned long flags; + + spin_lock_irqsave(&fdev->trans->lock, flags); + + if (list_empty(&fdev->trans->free_queue)) { + mlx5_fpga_dbg(fdev, "No free transaction ID available\n"); + ret = NULL; + goto out; + } + + ret = list_first_entry(&fdev->trans->free_queue, + struct mlx5_fpga_trans_priv, list_item); + list_del(&ret->list_item); + + ret->state = TRANS_STATE_NONE; +out: + spin_unlock_irqrestore(&fdev->trans->lock, flags); + return ret; +} + +static void free_tid(struct mlx5_fpga_device *fdev, + struct mlx5_fpga_trans_priv *trans_priv) +{ + unsigned long flags; + + spin_lock_irqsave(&fdev->trans->lock, flags); + list_add_tail(&trans_priv->list_item, &fdev->trans->free_queue); + spin_unlock_irqrestore(&fdev->trans->lock, flags); +} + +static void trans_complete(struct mlx5_fpga_device *fdev, + struct mlx5_fpga_trans_priv *trans_priv, u8 status) +{ + const struct mlx5_fpga_transaction *user_trans; + unsigned long flags; + + mlx5_fpga_dbg(fdev, "Transaction %u is complete with status %u\n", + trans_priv->tid, status); + + spin_lock_irqsave(&fdev->trans->lock, flags); + trans_priv->state = TRANS_STATE_COMPLETE; + trans_priv->status = status; + spin_unlock_irqrestore(&fdev->trans->lock, flags); + + user_trans = trans_priv->user_trans; + free_tid(fdev, trans_priv); + + if (user_trans->complete1) + user_trans->complete1(user_trans, status); +} + +static void trans_send_complete(struct mlx5_fpga_conn *conn, + struct mlx5_fpga_device *fdev, + struct mlx5_fpga_dma_buf *buf, u8 status) +{ + unsigned long flags; + struct mlx5_fpga_trans_priv *trans_priv; + + trans_priv = container_of(buf, struct mlx5_fpga_trans_priv, buf); + mlx5_fpga_dbg(fdev, "send complete tid %u. Status: %u\n", + trans_priv->tid, status); + if (status) { + trans_complete(fdev, trans_priv, status); + return; + } + + spin_lock_irqsave(&fdev->trans->lock, flags); + if (trans_priv->state == TRANS_STATE_SEND) + trans_priv->state = TRANS_STATE_WAIT; + spin_unlock_irqrestore(&fdev->trans->lock, flags); +} + +static int trans_validate(struct mlx5_fpga_device *fdev, u64 addr, size_t size) +{ + if (size > MLX5_FPGA_TRANSACTION_MAX_SIZE) { + mlx5_fpga_warn(fdev, "Cannot access %zu bytes at once. Max is %u\n", + size, MLX5_FPGA_TRANSACTION_MAX_SIZE); + return -EINVAL; + } + if (size & MLX5_FPGA_TRANSACTION_SEND_ALIGN_BITS) { + mlx5_fpga_warn(fdev, "Cannot access %zu bytes. Must be full dwords\n", + size); + return -EINVAL; + } + if (size < 1) { + mlx5_fpga_warn(fdev, "Cannot access %zu bytes. Empty transaction not allowed\n", + size); + return -EINVAL; + } + if (addr & MLX5_FPGA_TRANSACTION_SEND_ALIGN_BITS) { + mlx5_fpga_warn(fdev, "Cannot access %zu bytes at unaligned address %jx\n", + size, (uintmax_t)addr); + return -EINVAL; + } + if ((addr >> MLX5_FPGA_TRANSACTION_SEND_PAGE_BITS) != + ((addr + size - 1) >> MLX5_FPGA_TRANSACTION_SEND_PAGE_BITS)) { + mlx5_fpga_warn(fdev, "Cannot access %zu bytes at address %jx. Crosses page boundary\n", + size, (uintmax_t)addr); + return -EINVAL; + } + if (addr < mlx5_fpga_ddr_base_get(fdev)) { + if (size != sizeof(u32)) { + mlx5_fpga_warn(fdev, "Cannot access %zu bytes at cr-space address %jx. Must access a single dword\n", + size, (uintmax_t)addr); + return -EINVAL; + } + } + return 0; +} + +int mlx5_fpga_trans_exec(const struct mlx5_fpga_transaction *trans) +{ + struct mlx5_fpga_conn *conn = trans->conn; + struct mlx5_fpga_trans_priv *trans_priv; + u32 *header; + int err; + + if (!trans->complete1) { + mlx5_fpga_warn(conn->fdev, "Transaction must have a completion callback\n"); + err = -EINVAL; + goto out; + } + + err = trans_validate(conn->fdev, trans->addr, trans->size); + if (err) + goto out; + + trans_priv = alloc_tid(conn->fdev); + if (!trans_priv) { + err = -EBUSY; + goto out; + } + trans_priv->user_trans = trans; + header = trans_priv->header; + + memset(header, 0, sizeof(trans_priv->header)); + memset(&trans_priv->buf, 0, sizeof(trans_priv->buf)); + MLX5_SET(fpga_shell_qp_packet, header, type, + (trans->direction == MLX5_FPGA_WRITE) ? + MLX5_FPGA_SHELL_QP_PACKET_TYPE_DDR_WRITE : + MLX5_FPGA_SHELL_QP_PACKET_TYPE_DDR_READ); + MLX5_SET(fpga_shell_qp_packet, header, tid, trans_priv->tid); + MLX5_SET(fpga_shell_qp_packet, header, len, trans->size); + MLX5_SET64(fpga_shell_qp_packet, header, address, trans->addr); + + trans_priv->buf.sg[0].data = header; + trans_priv->buf.sg[0].size = sizeof(trans_priv->header); + if (trans->direction == MLX5_FPGA_WRITE) { + trans_priv->buf.sg[1].data = trans->data; + trans_priv->buf.sg[1].size = trans->size; + } + + trans_priv->buf.complete = trans_send_complete; + trans_priv->state = TRANS_STATE_SEND; + +#ifdef NOT_YET + /* XXXKIB */ + err = mlx5_fpga_conn_send(conn->fdev->shell_conn, &trans_priv->buf); +#else + err = 0; +#endif + if (err) + goto out_buf_tid; + goto out; + +out_buf_tid: + free_tid(conn->fdev, trans_priv); +out: + return err; +} + +void mlx5_fpga_trans_recv(void *cb_arg, struct mlx5_fpga_dma_buf *buf) +{ + struct mlx5_fpga_device *fdev = cb_arg; + struct mlx5_fpga_trans_priv *trans_priv; + size_t payload_len; + u8 status = 0; + u8 tid, type; + + mlx5_fpga_dbg(fdev, "Rx QP message on core conn; %u bytes\n", + buf->sg[0].size); + + if (buf->sg[0].size < MLX5_ST_SZ_BYTES(fpga_shell_qp_packet)) { + mlx5_fpga_warn(fdev, "Short message %u bytes from device\n", + buf->sg[0].size); + goto out; + } + payload_len = buf->sg[0].size - MLX5_ST_SZ_BYTES(fpga_shell_qp_packet); + + tid = MLX5_GET(fpga_shell_qp_packet, buf->sg[0].data, tid); + trans_priv = find_tid(fdev, tid); + if (!trans_priv) + goto out; + + type = MLX5_GET(fpga_shell_qp_packet, buf->sg[0].data, type); + switch (type) { + case MLX5_FPGA_SHELL_QP_PACKET_TYPE_DDR_READ_RESPONSE: + if (trans_priv->user_trans->direction != MLX5_FPGA_READ) { + mlx5_fpga_warn(fdev, "Wrong answer type %u to a %u transaction\n", + type, trans_priv->user_trans->direction); + status = -EIO; + goto complete; + } + if (payload_len != trans_priv->user_trans->size) { + mlx5_fpga_warn(fdev, "Incorrect transaction payload length %zu expected %zu\n", + payload_len, + trans_priv->user_trans->size); + goto complete; + } + memcpy(trans_priv->user_trans->data, + MLX5_ADDR_OF(fpga_shell_qp_packet, buf->sg[0].data, + data), payload_len); + break; + case MLX5_FPGA_SHELL_QP_PACKET_TYPE_DDR_WRITE_RESPONSE: + if (trans_priv->user_trans->direction != MLX5_FPGA_WRITE) { + mlx5_fpga_warn(fdev, "Wrong answer type %u to a %u transaction\n", + type, trans_priv->user_trans->direction); + status = -EIO; + goto complete; + } + break; + default: + mlx5_fpga_warn(fdev, "Unexpected message type %u len %u from device\n", + type, buf->sg[0].size); + status = -EIO; + goto complete; + } + +complete: + trans_complete(fdev, trans_priv, status); +out: + return; +} + +int mlx5_fpga_trans_device_init(struct mlx5_fpga_device *fdev) +{ + int ret = 0; + int tid; + + fdev->trans = kzalloc(sizeof(*fdev->trans), GFP_KERNEL); + if (!fdev->trans) { + ret = -ENOMEM; + goto out; + } + + INIT_LIST_HEAD(&fdev->trans->free_queue); + for (tid = 0; tid < ARRAY_SIZE(fdev->trans->transactions); tid++) { + fdev->trans->transactions[tid].tid = tid; + list_add_tail(&fdev->trans->transactions[tid].list_item, + &fdev->trans->free_queue); + } + + spin_lock_init(&fdev->trans->lock); + +out: + return ret; +} + +void mlx5_fpga_trans_device_cleanup(struct mlx5_fpga_device *fdev) +{ + kfree(fdev->trans); +} diff --git a/sys/dev/mlx5/mlx5_fpga/mlx5fpga_xfer.c b/sys/dev/mlx5/mlx5_fpga/mlx5fpga_xfer.c new file mode 100644 index 000000000000..85f84332dbc5 --- /dev/null +++ b/sys/dev/mlx5/mlx5_fpga/mlx5fpga_xfer.c @@ -0,0 +1,244 @@ +/*- + * Copyright (c) 2017 Mellanox Technologies. All rights reserved. + * + * This software is available to you under a choice of one of two + * licenses. You may choose to be licensed under the terms of the GNU + * General Public License (GPL) Version 2, available from the file + * COPYING in the main directory of this source tree, or the + * OpenIB.org BSD license below: + * + * Redistribution and use in source and binary forms, with or + * without modification, are permitted provided that the following + * conditions are met: + * + * - Redistributions of source code must retain the above + * copyright notice, this list of conditions and the following + * disclaimer. + * + * - Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials + * provided with the distribution. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS + * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN + * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + * SOFTWARE. + * + * $FreeBSD$ + */ + +#include <dev/mlx5/mlx5_fpga/xfer.h> +#include <dev/mlx5/mlx5_fpga/conn.h> + +struct xfer_state { + const struct mlx5_fpga_transaction *xfer; + /* Total transactions */ + unsigned int start_count; + unsigned int done_count; + unsigned int error_count; + u8 status; + /* Inflight transactions */ + unsigned int budget; + unsigned int inflight_count; + /* Chunking state */ + size_t pos; + spinlock_t lock; /* Protects all members of this struct */ +}; + +struct xfer_transaction { + struct xfer_state *xfer_state; + struct mlx5_fpga_transaction transaction; +}; + +static void trans_complete(const struct mlx5_fpga_transaction *complete, + u8 status); + +static void xfer_complete(struct xfer_state *xfer_state) +{ + const struct mlx5_fpga_transaction *xfer = xfer_state->xfer; + u8 status = xfer_state->status; + + kfree(xfer_state); + xfer->complete1(xfer, status); +} + +/* Xfer state spin lock must be locked */ +static int exec_more(struct xfer_state *xfer_state) +{ + struct xfer_transaction *xfer_trans; + size_t left, cur_size, page_size; + u64 pos_addr, ddr_base; + u8 *pos_data; + int ret = 0; + + ddr_base = mlx5_fpga_ddr_base_get(xfer_state->xfer->conn->fdev); + page_size = (xfer_state->xfer->addr + xfer_state->pos < ddr_base) ? + sizeof(u32) : (1 << MLX5_FPGA_TRANSACTION_SEND_PAGE_BITS); + + do { + if (xfer_state->status != IB_WC_SUCCESS) { + ret = -EIO; + break; + } + + left = xfer_state->xfer->size - xfer_state->pos; + if (!left) + break; + + xfer_trans = kzalloc(sizeof(*xfer_trans), GFP_ATOMIC); + if (!xfer_trans) { + ret = -ENOMEM; + break; + } + + pos_addr = xfer_state->xfer->addr + xfer_state->pos; + pos_data = xfer_state->xfer->data + xfer_state->pos; + + /* Determine largest possible transaction at this point */ + cur_size = page_size - (pos_addr & (page_size - 1)); + if (cur_size > MLX5_FPGA_TRANSACTION_MAX_SIZE) + cur_size = MLX5_FPGA_TRANSACTION_MAX_SIZE; + if (cur_size > left) + cur_size = left; + + xfer_trans->xfer_state = xfer_state; + xfer_trans->transaction.addr = pos_addr; + xfer_trans->transaction.complete1 = trans_complete; + xfer_trans->transaction.conn = xfer_state->xfer->conn; + xfer_trans->transaction.data = pos_data; + xfer_trans->transaction.direction = xfer_state->xfer->direction; + xfer_trans->transaction.size = cur_size; + + xfer_state->start_count++; + xfer_state->inflight_count++; + mlx5_fpga_dbg(xfer_state->xfer->conn->fdev, "Starting %zu bytes at %p done; %u started %u inflight %u done %u error\n", + xfer_trans->transaction.size, + xfer_trans->transaction.data, + xfer_state->start_count, + xfer_state->inflight_count, + xfer_state->done_count, + xfer_state->error_count); + ret = mlx5_fpga_trans_exec(&xfer_trans->transaction); + if (ret) { + xfer_state->start_count--; + xfer_state->inflight_count--; + if (ret == -EBUSY) + ret = 0; + + if (ret) { + mlx5_fpga_warn(xfer_state->xfer->conn->fdev, "Transfer failed to start transaction: %d. %u started %u done %u error\n", + ret, xfer_state->start_count, + xfer_state->done_count, + xfer_state->error_count); + xfer_state->status = IB_WC_GENERAL_ERR; + } + kfree(xfer_trans); + break; + } + xfer_state->pos += cur_size; + if (xfer_state->inflight_count >= xfer_state->budget) + break; + } while (cur_size != left); + + return ret; +} + +static void trans_complete(const struct mlx5_fpga_transaction *complete, + u8 status) +{ + struct xfer_transaction *xfer_trans; + struct xfer_state *xfer_state; + unsigned long flags; + bool done = false; + int ret; + + xfer_trans = container_of(complete, struct xfer_transaction, + transaction); + xfer_state = xfer_trans->xfer_state; + mlx5_fpga_dbg(complete->conn->fdev, "Transaction %zu bytes at %p done, status %u; %u started %u inflight %u done %u error\n", + xfer_trans->transaction.size, + xfer_trans->transaction.data, status, + xfer_state->start_count, xfer_state->inflight_count, + xfer_state->done_count, xfer_state->error_count); + kfree(xfer_trans); + + spin_lock_irqsave(&xfer_state->lock, flags); + + if (status != IB_WC_SUCCESS) { + xfer_state->error_count++; + mlx5_fpga_warn(complete->conn->fdev, "Transaction failed during transfer. %u started %u inflight %u done %u error\n", + xfer_state->start_count, + xfer_state->inflight_count, + xfer_state->done_count, xfer_state->error_count); + if (xfer_state->status == IB_WC_SUCCESS) + xfer_state->status = status; + } else { + xfer_state->done_count++; + } + ret = exec_more(xfer_state); + + xfer_state->inflight_count--; + if (!xfer_state->inflight_count) + done = true; + + spin_unlock_irqrestore(&xfer_state->lock, flags); + + if (done) + xfer_complete(xfer_state); +} + +int mlx5_fpga_xfer_exec(const struct mlx5_fpga_transaction *xfer) +{ + u64 base = mlx5_fpga_ddr_base_get(xfer->conn->fdev); + u64 size = mlx5_fpga_ddr_size_get(xfer->conn->fdev); + struct xfer_state *xfer_state; + unsigned long flags; + bool done = false; + int ret = 0; + + if (xfer->addr + xfer->size > base + size) { + mlx5_fpga_warn(xfer->conn->fdev, "Transfer ends at %jx outside of DDR range %jx\n", + (uintmax_t)(xfer->addr + xfer->size), (uintmax_t)(base + size)); + return -EINVAL; + } + + if (xfer->addr & MLX5_FPGA_TRANSACTION_SEND_ALIGN_BITS) { + mlx5_fpga_warn(xfer->conn->fdev, "Transfer address %jx not aligned\n", + (uintmax_t)xfer->addr); + return -EINVAL; + } + + if (xfer->size & MLX5_FPGA_TRANSACTION_SEND_ALIGN_BITS) { + mlx5_fpga_warn(xfer->conn->fdev, "Transfer size %zu not aligned\n", + xfer->size); + return -EINVAL; + } + + if (xfer->size < 1) { + mlx5_fpga_warn(xfer->conn->fdev, "Empty transfer size %zu not allowed\n", + xfer->size); + return -EINVAL; + } + + xfer_state = kzalloc(sizeof(*xfer_state), GFP_KERNEL); + xfer_state->xfer = xfer; + xfer_state->status = IB_WC_SUCCESS; + xfer_state->budget = 7; + spin_lock_init(&xfer_state->lock); + spin_lock_irqsave(&xfer_state->lock, flags); + + ret = exec_more(xfer_state); + if (ret && (xfer_state->start_count == 0)) + done = true; + + spin_unlock_irqrestore(&xfer_state->lock, flags); + + if (done) + xfer_complete(xfer_state); + return ret; +} diff --git a/sys/dev/mlx5/mlx5_fpga/sdk.h b/sys/dev/mlx5/mlx5_fpga/sdk.h new file mode 100644 index 000000000000..fad19debda46 --- /dev/null +++ b/sys/dev/mlx5/mlx5_fpga/sdk.h @@ -0,0 +1,388 @@ +/*- + * Copyright (c) 2017 Mellanox Technologies. All rights reserved. + * + * This software is available to you under a choice of one of two + * licenses. You may choose to be licensed under the terms of the GNU + * General Public License (GPL) Version 2, available from the file + * COPYING in the main directory of this source tree, or the + * OpenIB.org BSD license below: + * + * Redistribution and use in source and binary forms, with or + * without modification, are permitted provided that the following + * conditions are met: + * + * - Redistributions of source code must retain the above + * copyright notice, this list of conditions and the following + * disclaimer. + * + * - Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials + * provided with the distribution. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS + * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN + * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + * SOFTWARE. + * + * $FreeBSD$ + */ + +#ifndef MLX5_FPGA_SDK_H +#define MLX5_FPGA_SDK_H + +#include <dev/mlx5/driver.h> +#include <linux/types.h> +#include <linux/list.h> +/* #include <linux/dma-direction.h> */ + +#include <dev/mlx5/mlx5_fpga/cmd.h> +#include <dev/mlx5/mlx5io.h> + +/** + * DOC: Innova SDK + * This header defines the in-kernel API for Innova FPGA client drivers. + */ + +#define MLX5_FPGA_CLIENT_NAME_MAX 64 + +struct mlx5_fpga_conn; +struct mlx5_fpga_device; + +/** + * struct mlx5_fpga_client - Describes an Innova client driver + */ +struct mlx5_fpga_client { + /** + * @create: Informs the client that an Innova device was created. + * The device is not yet operational at this stage + * This callback is optional + * @fdev: The FPGA device + */ + void (*create)(struct mlx5_fpga_device *fdev); + /** + * @add: Informs the client that a core device is ready and operational. + * @fdev: The FPGA device + * @param vid SBU Vendor ID + * @param pid SBU Product ID + * Any SBU-specific initialization should happen at this stage + * Return: 0 on success, nonzero error value otherwise + */ + int (*add)(struct mlx5_fpga_device *fdev, u32 vid, u16 pid); + /** + * @remove: Informs the client that a core device is not operational + * anymore. + * @fdev: The FPGA device + * SBU-specific cleanup should happen at this stage + * This callback is called once for every successful call to add() + */ + void (*remove)(struct mlx5_fpga_device *fdev); + /** + * @destroy: Informs the client that a core device is being destroyed. + * @fdev: The FPGA device + * The device is not operational at this stage + */ + void (*destroy)(struct mlx5_fpga_device *fdev); + /** The name of this client driver */ + char name[MLX5_FPGA_CLIENT_NAME_MAX]; + /** For use by core. A link in the list of client drivers */ + struct list_head list; +}; + +/** + * struct mlx5_fpga_dma_entry - A scatter-gather DMA entry + */ +struct mlx5_fpga_dma_entry { + /** @data: Virtual address pointer to the data */ + void *data; + /** @size: Size in bytes of the data */ + unsigned int size; + /** @dma_addr: Private member. Physical DMA-mapped address of the data */ + dma_addr_t dma_addr; +}; + +/** + * struct mlx5_fpga_dma_buf - A packet buffer + * May contain up to 2 scatter-gather data entries + */ +struct mlx5_fpga_dma_buf { + /** @dma_dir: DMA direction */ + enum dma_data_direction dma_dir; + /** @sg: Scatter-gather entries pointing to the data in memory */ + struct mlx5_fpga_dma_entry sg[2]; + /** @list: Item in SQ backlog, for TX packets */ + struct list_head list; + /** + * @complete: Completion routine, for TX packets + * @conn: FPGA Connection this packet was sent to + * @fdev: FPGA device this packet was sent to + * @buf: The packet buffer + * @status: 0 if successful, or an error code otherwise + */ + void (*complete)(struct mlx5_fpga_conn *conn, + struct mlx5_fpga_device *fdev, + struct mlx5_fpga_dma_buf *buf, u8 status); +}; + +/** + * struct mlx5_fpga_conn_attr - FPGA connection attributes + * Describes the attributes of a connection + */ +struct mlx5_fpga_conn_attr { + /** @tx_size: Size of connection TX queue, in packets */ + unsigned int tx_size; + /** @rx_size: Size of connection RX queue, in packets */ + unsigned int rx_size; + /** + * @recv_cb: Callback function which is called for received packets + * @cb_arg: The value provided in mlx5_fpga_conn_attr.cb_arg + * @buf: A buffer containing a received packet + * + * buf is guaranteed to only contain a single scatter-gather entry. + * The size of the actual packet received is specified in buf.sg[0].size + * When this callback returns, the packet buffer may be re-used for + * subsequent receives. + */ + void (*recv_cb)(void *cb_arg, struct mlx5_fpga_dma_buf *buf); + void *cb_arg; +}; + +/** + * mlx5_fpga_client_register() - Register a client driver + * @client: The properties of the client driver + * + * Should be called from a client driver's module init routine. + * Note: The core will immediately callback create() and add() for any existing + * devices in the system, as well as new ones added later on. + */ +void mlx5_fpga_client_register(struct mlx5_fpga_client *client); +/** + * mlx5_fpga_client_unregister() - Unregister a client driver + * @client: The client driver to unregister + * + * Should be called from a client driver's module exit routine. + * Note: The core will immediately callback delete() and destroy() for any + * created/added devices in the system, to clean up their state. + */ +void mlx5_fpga_client_unregister(struct mlx5_fpga_client *client); + +/** + * mlx5_fpga_device_reload() - Force the FPGA to reload its synthesis from flash + * @fdev: The FPGA device + * @image: Which flash image to load + * + * This routine attempts graceful teardown of all device resources before + * loading. This includes a callback to client driver delete(). + * Calls client driver add() once device is operational again. + * Blocks until the new synthesis is loaded, and the device is fully + * initialized. + * + * Return: 0 if successful, or a negative error value otherwise + */ +int mlx5_fpga_device_reload(struct mlx5_fpga_device *fdev, + enum mlx5_fpga_image image); + +/** + * mlx5_fpga_flash_select() - Select the current active flash + * @fdev: The FPGA device + * @image: Which flash image will be active + * + * This routine selects the active flash by programming the relevant MUX. + * Useful prior to burning a new image on flash. + * This setting is volatile and is reset upon reboot or power-cycle + * + * Return: 0 if successful, or a negative error value otherwise + */ +int mlx5_fpga_flash_select(struct mlx5_fpga_device *fdev, + enum mlx5_fpga_image image); + +/** + * mlx5_fpga_sbu_conn_create() - Initialize a new FPGA SBU connection + * @fdev: The FPGA device + * @attr: Attributes of the new connection + * + * Sets up a new FPGA SBU connection with the specified attributes. + * The receive callback function may be called for incoming messages even + * before this function returns. + * + * The caller must eventually destroy the connection by calling + * mlx5_fpga_sbu_conn_destroy. + * + * Return: A new connection, or ERR_PTR() error value otherwise. + */ +struct mlx5_fpga_conn * +mlx5_fpga_sbu_conn_create(struct mlx5_fpga_device *fdev, + struct mlx5_fpga_conn_attr *attr); + +/** + * mlx5_fpga_sbu_conn_destroy() - Destroy an FPGA SBU connection + * @conn: The FPGA SBU connection to destroy + * + * Cleans up an FPGA SBU connection which was previously created with + * mlx5_fpga_sbu_conn_create. + */ +void mlx5_fpga_sbu_conn_destroy(struct mlx5_fpga_conn *conn); + +/** + * mlx5_fpga_sbu_conn_sendmsg() - Queue the transmission of a packet + * @fdev: An FPGA SBU connection + * @buf: The packet buffer + * + * Queues a packet for transmission over an FPGA SBU connection. + * The buffer should not be modified or freed until completion. + * Upon completion, the buf's complete() callback is invoked, indicating the + * success or error status of the transmission. + * + * Return: 0 if successful, or an error value otherwise. + */ +int mlx5_fpga_sbu_conn_sendmsg(struct mlx5_fpga_conn *conn, + struct mlx5_fpga_dma_buf *buf); + +/** + * mlx5_fpga_mem_read() - Read from FPGA memory address space + * @fdev: The FPGA device + * @size: Size of chunk to read, in bytes + * @addr: Starting address to read from, in FPGA address space + * @buf: Buffer to read into + * @access_type: Method for reading + * + * Reads from the specified address into the specified buffer. + * The address may point to configuration space or to DDR. + * Large reads may be performed internally as several non-atomic operations. + * This function may sleep, so should not be called from atomic contexts. + * + * Return: 0 if successful, or an error value otherwise. + */ +int mlx5_fpga_mem_read(struct mlx5_fpga_device *fdev, size_t size, u64 addr, + void *buf, enum mlx5_fpga_access_type access_type); + +/** + * mlx5_fpga_mem_write() - Write to FPGA memory address space + * @fdev: The FPGA device + * @size: Size of chunk to write, in bytes + * @addr: Starting address to write to, in FPGA address space + * @buf: Buffer which contains data to write + * @access_type: Method for writing + * + * Writes the specified buffer data to FPGA memory at the specified address. + * The address may point to configuration space or to DDR. + * Large writes may be performed internally as several non-atomic operations. + * This function may sleep, so should not be called from atomic contexts. + * + * Return: 0 if successful, or an error value otherwise. + */ +int mlx5_fpga_mem_write(struct mlx5_fpga_device *fdev, size_t size, u64 addr, + void *buf, enum mlx5_fpga_access_type access_type); + +/** + * mlx5_fpga_get_sbu_caps() - Read the SBU capabilities + * @fdev: The FPGA device + * @size: Size of the buffer to read into + * @buf: Buffer to read the capabilities into + * + * Reads the FPGA SBU capabilities into the specified buffer. + * The format of the capabilities buffer is SBU-dependent. + * + * Return: 0 if successful + * -EINVAL if the buffer is not large enough to contain SBU caps + * or any other error value otherwise. + */ +int mlx5_fpga_get_sbu_caps(struct mlx5_fpga_device *fdev, int size, void *buf); + +/** + * mlx5_fpga_ddr_size_get() - Retrieve the size of FPGA DDR + * @fdev: The FPGA device + * + * Return: Size of DDR avaailable for FPGA, in bytes + */ +u64 mlx5_fpga_ddr_size_get(struct mlx5_fpga_device *fdev); + +/** + * mlx5_fpga_ddr_base_get() - Retrieve the base address of FPGA DDR + * @fdev: The FPGA device + * + * Return: Base address of DDR in FPGA address space + */ +u64 mlx5_fpga_ddr_base_get(struct mlx5_fpga_device *fdev); + +/** + * mlx5_fpga_client_data_set() - Attach client-defined private value to a device + * @fdev: The FPGA device + * @client: The client driver + * @data: Opaque private value + * + * Client driver may use the private value for storing device-specific + * state and configuration information, and may retrieve it with a call to + * mlx5_fpga_client_data_get(). + */ +void mlx5_fpga_client_data_set(struct mlx5_fpga_device *fdev, + struct mlx5_fpga_client *client, + void *data); + +/** + * mlx5_fpga_client_data_get() - Retrieve client-defined private value + * @fdev: The FPGA device + * @client: The client driver + * + * Client driver may use the private value for storing device-specific + * state and configuration information by calling mlx5_fpga_client_data_set() + * + * Return: The private value + */ +void *mlx5_fpga_client_data_get(struct mlx5_fpga_device *fdev, + struct mlx5_fpga_client *client); + +/** + * mlx5_fpga_device_query() - Query FPGA device state information + * @fdev: The FPGA device + * @query: Returns the device state + * + * Queries the device state and returns it in *query + */ +void mlx5_fpga_device_query(struct mlx5_fpga_device *fdev, + struct mlx5_fpga_query *query); + +/** + * mlx5_fpga_dev() - Retrieve FPGA device structure + * @fdev: The FPGA device + + * Return: A pointer to a struct device, which may be used with dev_* logging, + * sysfs extensions, etc. + */ +struct device *mlx5_fpga_dev(struct mlx5_fpga_device *fdev); + +/** + * mlx5_fpga_temperature() - Retrieve FPGA sensor of temperature + * @fdev: The FPGA device + + * Return: 0 if successful + * or any other error value otherwise. + */ +int mlx5_fpga_temperature(struct mlx5_fpga_device *fdev, + struct mlx5_fpga_temperature *temp); + +/** + * mlx5_fpga_connectdisconnect() - Connect/disconnect ConnectX to FPGA + * @fdev: The FPGA device + + * Return: 0 if successful + * or any other error value otherwise. + */ +int mlx5_fpga_connectdisconnect(struct mlx5_fpga_device *fdev, + enum mlx5_fpga_connect *connect); + +/** + * mlx5_fpga_get_cap() - Returns the FPGA cap mailbox from FW without parsing. + * @fdev: The FPGA device + * @fpga_caps: Is an array with a length of according to the size of + * mlx5_ifc_fpga_cap_bits/32 + * + * Returns a copy of the FPGA caps mailbox and returns it in fpga_caps + */ +void mlx5_fpga_get_cap(struct mlx5_fpga_device *fdev, u32 *fpga_caps); + +#endif /* MLX5_FPGA_SDK_H */ diff --git a/sys/dev/mlx5/mlx5_fpga/trans.h b/sys/dev/mlx5/mlx5_fpga/trans.h new file mode 100644 index 000000000000..410ab8ae1eb7 --- /dev/null +++ b/sys/dev/mlx5/mlx5_fpga/trans.h @@ -0,0 +1,66 @@ +/*- + * Copyright (c) 2017 Mellanox Technologies. All rights reserved. + * + * This software is available to you under a choice of one of two + * licenses. You may choose to be licensed under the terms of the GNU + * General Public License (GPL) Version 2, available from the file + * COPYING in the main directory of this source tree, or the + * OpenIB.org BSD license below: + * + * Redistribution and use in source and binary forms, with or + * without modification, are permitted provided that the following + * conditions are met: + * + * - Redistributions of source code must retain the above + * copyright notice, this list of conditions and the following + * disclaimer. + * + * - Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials + * provided with the distribution. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS + * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN + * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + * SOFTWARE. + * + * $FreeBSD$ + */ + +#ifndef __MLX5_FPGA_TRANS_H__ +#define __MLX5_FPGA_TRANS_H__ + +#include <dev/mlx5/mlx5_fpga/sdk.h> +#include <dev/mlx5/mlx5_fpga/core.h> + +#define MLX5_FPGA_TRANSACTION_MAX_SIZE 1008 +#define MLX5_FPGA_TRANSACTION_SEND_ALIGN_BITS 3 +#define MLX5_FPGA_TRANSACTION_SEND_PAGE_BITS 12 +#define MLX5_FPGA_TID_COUNT 256 + +enum mlx5_fpga_direction { + MLX5_FPGA_READ, + MLX5_FPGA_WRITE, +}; + +struct mlx5_fpga_transaction { + struct mlx5_fpga_conn *conn; + enum mlx5_fpga_direction direction; + size_t size; + u64 addr; + u8 *data; + void (*complete1)(const struct mlx5_fpga_transaction *complete, + u8 status); +}; + +int mlx5_fpga_trans_device_init(struct mlx5_fpga_device *fdev); +void mlx5_fpga_trans_device_cleanup(struct mlx5_fpga_device *fdev); +int mlx5_fpga_trans_exec(const struct mlx5_fpga_transaction *trans); +void mlx5_fpga_trans_recv(void *cb_arg, struct mlx5_fpga_dma_buf *buf); + +#endif /* __MLX_FPGA_TRANS_H__ */ diff --git a/sys/dev/mlx5/mlx5_fpga/xfer.h b/sys/dev/mlx5/mlx5_fpga/xfer.h new file mode 100644 index 000000000000..a409778f7d14 --- /dev/null +++ b/sys/dev/mlx5/mlx5_fpga/xfer.h @@ -0,0 +1,42 @@ +/*- + * Copyright (c) 2017 Mellanox Technologies. All rights reserved. + * + * This software is available to you under a choice of one of two + * licenses. You may choose to be licensed under the terms of the GNU + * General Public License (GPL) Version 2, available from the file + * COPYING in the main directory of this source tree, or the + * OpenIB.org BSD license below: + * + * Redistribution and use in source and binary forms, with or + * without modification, are permitted provided that the following + * conditions are met: + * + * - Redistributions of source code must retain the above + * copyright notice, this list of conditions and the following + * disclaimer. + * + * - Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials + * provided with the distribution. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS + * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN + * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + * SOFTWARE. + * + * $FreeBSD$ + */ + +#ifndef __MLX5_FPGA_XFER_H__ +#define __MLX5_FPGA_XFER_H__ + +#include <dev/mlx5/mlx5_fpga/trans.h> + +int mlx5_fpga_xfer_exec(const struct mlx5_fpga_transaction *xfer); + +#endif /* __MLX5_FPGA_XFER_H__ */ diff --git a/sys/dev/mlx5/mlx5_fpga_tools/mlx5fpga_tools_char.c b/sys/dev/mlx5/mlx5_fpga_tools/mlx5fpga_tools_char.c new file mode 100644 index 000000000000..3ad68aa069c1 --- /dev/null +++ b/sys/dev/mlx5/mlx5_fpga_tools/mlx5fpga_tools_char.c @@ -0,0 +1,337 @@ +/*- + * Copyright (c) 2017 Mellanox Technologies. All rights reserved. + * + * This software is available to you under a choice of one of two + * licenses. You may choose to be licensed under the terms of the GNU + * General Public License (GPL) Version 2, available from the file + * COPYING in the main directory of this source tree, or the + * OpenIB.org BSD license below: + * + * Redistribution and use in source and binary forms, with or + * without modification, are permitted provided that the following + * conditions are met: + * + * - Redistributions of source code must retain the above + * copyright notice, this list of conditions and the following + * disclaimer. + * + * - Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials + * provided with the distribution. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS + * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN + * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + * SOFTWARE. + * + * $FreeBSD$ + */ + +#include <sys/param.h> +#include <sys/systm.h> +#include <sys/conf.h> +#include <dev/mlx5/mlx5io.h> +#include <dev/mlx5/mlx5_fpga_tools/tools_char.h> + +#define CHUNK_SIZE (128 * 1024) + +struct tools_context { + struct mlx5_fpga_tools_dev *tdev; + enum mlx5_fpga_access_type access_type; +}; + +static void +tools_char_ctx_dtor(void *data) +{ + + free(data, M_DEVBUF); +} + +static int +tools_char_open(struct cdev *dev, int oflags, int devtype, struct thread *td) +{ + struct tools_context *context; + + context = malloc(sizeof(*context), M_DEVBUF, M_WAITOK); + context->tdev = dev->si_drv1; + context->access_type = MLX5_FPGA_ACCESS_TYPE_DONTCARE; + devfs_set_cdevpriv(context, tools_char_ctx_dtor); + return (0); +} + +static int +mem_read(struct mlx5_fpga_tools_dev *tdev, void *buf, size_t count, + u64 address, enum mlx5_fpga_access_type access_type, size_t *retcnt) +{ + int ret; + + ret = sx_xlock_sig(&tdev->lock); + if (ret != 0) + return (ret); + ret = mlx5_fpga_mem_read(tdev->fdev, count, address, buf, access_type); + sx_xunlock(&tdev->lock); + if (ret < 0) { + dev_dbg(mlx5_fpga_dev(tdev->fdev), + "Failed to read %zu bytes at address 0x%jx: %d\n", + count, (uintmax_t)address, ret); + return (-ret); + } + *retcnt = ret; + return (0); +} + +static int +mem_write(struct mlx5_fpga_tools_dev *tdev, void *buf, size_t count, + u64 address, enum mlx5_fpga_access_type access_type, size_t *retcnt) +{ + int ret; + + ret = sx_xlock_sig(&tdev->lock); + if (ret != 0) + return (ret); + ret = mlx5_fpga_mem_write(tdev->fdev, count, address, buf, access_type); + sx_xunlock(&tdev->lock); + if (ret < 0) { + dev_dbg(mlx5_fpga_dev(tdev->fdev), + "Failed to write %zu bytes at address 0x%jx: %d\n", + count, (uintmax_t)address, ret); + return (-ret); + } + *retcnt = ret; + return (0); +} + +static void +tools_char_llseek(struct tools_context *context, struct uio *uio, ssize_t *len) +{ + uint64_t fbase, fsize; + size_t llen; + + llen = uio->uio_resid; + if (llen < 1) { + *len = 0; + return; + } + if (llen > CHUNK_SIZE) + llen = CHUNK_SIZE; + fbase = mlx5_fpga_ddr_base_get(context->tdev->fdev); + fsize = mlx5_fpga_ddr_size_get(context->tdev->fdev); + if (uio->uio_offset > fbase) + *len = 0; + else if (uio->uio_offset + *len > fbase + fsize) + *len = fbase + fsize - uio->uio_offset; + else + *len = llen; +} + +static int +tools_char_read(struct cdev *dev, struct uio *uio, int ioflag) +{ + struct tools_context *context; + void *kbuf; + size_t len, len1; + int ret; + + ret = devfs_get_cdevpriv((void **)&context); + if (ret != 0) + return (ret); + dev_dbg(mlx5_fpga_dev(context->tdev->fdev), + "tools char device reading %zu bytes at 0x%jx\n", uio->uio_resid, + (uintmax_t)uio->uio_offset); + + tools_char_llseek(context, uio, &len); + if (len == 0) + return (0); + + kbuf = malloc(len, M_DEVBUF, M_WAITOK); + ret = mem_read(context->tdev, kbuf, len, uio->uio_offset, + context->access_type, &len1); + if (ret == 0) + ret = uiomove(kbuf, len1, uio); + free(kbuf, M_DEVBUF); + return (ret); +} + +static int +tools_char_write(struct cdev *dev, struct uio *uio, int ioflag) +{ + struct tools_context *context; + void *kbuf; + off_t of; + size_t len, len1; + int ret; + + ret = devfs_get_cdevpriv((void **)&context); + if (ret != 0) + return (ret); + dev_dbg(mlx5_fpga_dev(context->tdev->fdev), + "tools char device reading %zu bytes at 0x%jx\n", uio->uio_resid, + (uintmax_t)uio->uio_offset); + + tools_char_llseek(context, uio, &len); + if (len == 0) + return (0); + + kbuf = malloc(len, M_DEVBUF, M_WAITOK); + len1 = uio->uio_resid; + of = uio->uio_offset; + + ret = uiomove(kbuf, len, uio); + if (ret == 0) { + len1 -= uio->uio_resid; + ret = mem_write(context->tdev, kbuf, len, of, + context->access_type, &len1); + } + free(kbuf, M_DEVBUF); + return (ret); +} + +CTASSERT(MLX5_FPGA_CAP_ARR_SZ == MLX5_ST_SZ_DW(fpga_cap)); + +static int +tools_char_ioctl(struct cdev *dev, u_long cmd, caddr_t data, int fflag, + struct thread *td) +{ + struct tools_context *context; + struct mlx5_fpga_device *fdev; + struct mlx5_fpga_query query; + struct mlx5_fpga_temperature *temperature; + enum mlx5_fpga_connect *connect; + u32 fpga_cap[MLX5_ST_SZ_DW(fpga_cap)] = {0}; + int arg, err; + + err = devfs_get_cdevpriv((void **)&context); + if (err != 0) + return (err); + fdev = context->tdev->fdev; + if (fdev == NULL) + return (ENXIO); + + switch (cmd) { + case MLX5_FPGA_ACCESS_TYPE: + arg = *(int *)data; + if (arg > MLX5_FPGA_ACCESS_TYPE_MAX) { + dev_err(mlx5_fpga_dev(fdev), + "unknown access type %u\n", arg); + err = EINVAL; + break; + } + context->access_type = arg; + break; + case MLX5_FPGA_LOAD: + arg = *(int *)data; + if (arg > MLX5_FPGA_IMAGE_MAX) { + dev_err(mlx5_fpga_dev(fdev), + "unknown image type %u\n", arg); + err = EINVAL; + break; + } + err = mlx5_fpga_device_reload(fdev, arg); + break; + case MLX5_FPGA_RESET: + err = mlx5_fpga_device_reload(fdev, MLX5_FPGA_IMAGE_MAX + 1); + break; + case MLX5_FPGA_IMAGE_SEL: + arg = *(int *)data; + if (arg > MLX5_FPGA_IMAGE_MAX) { + dev_err(mlx5_fpga_dev(fdev), + "unknown image type %u\n", arg); + err = EINVAL; + break; + } + err = mlx5_fpga_flash_select(fdev, arg); + break; + case MLX5_FPGA_QUERY: + mlx5_fpga_device_query(fdev, &query); + bcopy(&query, data, sizeof(query)); + err = 0; + break; + case MLX5_FPGA_CAP: + mlx5_fpga_get_cap(fdev, fpga_cap); + bcopy(&fpga_cap, data, sizeof(fpga_cap)); + err = 0; + break; + case MLX5_FPGA_TEMPERATURE: + temperature = (struct mlx5_fpga_temperature *)data; + mlx5_fpga_temperature(fdev, temperature); + err = 0; /* XXXKIB */ + break; + case MLX5_FPGA_CONNECT: + connect = (enum mlx5_fpga_connect *)data; + mlx5_fpga_connectdisconnect(fdev, connect); + err = 0; /* XXXKIB */ + break; + default: + dev_err(mlx5_fpga_dev(fdev), + "unknown ioctl command %#08lx\n", cmd); + err = ENOTTY; + } + return (err); +} + +static struct cdevsw mlx5_tools_char_cdevsw = { + .d_version = D_VERSION, + .d_name = "mlx5_tools_char", + .d_open = tools_char_open, + .d_read = tools_char_read, + .d_write = tools_char_write, + .d_ioctl = tools_char_ioctl, +}; + +int +mlx5_fpga_tools_char_add_one(struct mlx5_fpga_tools_dev *tdev) +{ + struct make_dev_args mda; + struct cdev *cd; + device_t bdev; + int ret; + + make_dev_args_init(&mda); + mda.mda_flags = MAKEDEV_WAITOK | MAKEDEV_CHECKNAME; + mda.mda_devsw = &mlx5_tools_char_cdevsw; + mda.mda_uid = UID_ROOT; + mda.mda_gid = GID_OPERATOR; + mda.mda_mode = 0660; + mda.mda_si_drv1 = tdev; + bdev = mlx5_fpga_dev(tdev->fdev)->bsddev; + ret = make_dev_s(&mda, &cd, + "%04x:%02x:%02x.%x" MLX5_FPGA_TOOLS_NAME_SUFFIX, + pci_get_domain(bdev), pci_get_bus(bdev), pci_get_slot(bdev), + pci_get_function(bdev)); + if (ret != 0) { + tdev->char_device = NULL; + dev_err(mlx5_fpga_dev(tdev->fdev), + "Failed to create a char device: %d\n", ret); + return (-ret); + } + tdev->char_device = cd; + + dev_dbg(mlx5_fpga_dev(tdev->fdev), "tools char device %s created\n", + cd->si_name); + return (0); +} + +void mlx5_fpga_tools_char_remove_one(struct mlx5_fpga_tools_dev *tdev) +{ + + dev_err(mlx5_fpga_dev(tdev->fdev), "tools char device %s destroyed\n", + ((struct cdev *)(tdev->char_device))->si_name); + destroy_dev((struct cdev *)(tdev->char_device)); +} + +int +mlx5_fpga_tools_char_init(void) +{ + + return (0); +} + +void +mlx5_fpga_tools_char_deinit(void) +{ +} diff --git a/sys/dev/mlx5/mlx5_fpga_tools/mlx5fpga_tools_main.c b/sys/dev/mlx5/mlx5_fpga_tools/mlx5fpga_tools_main.c new file mode 100644 index 000000000000..b68643c97f12 --- /dev/null +++ b/sys/dev/mlx5/mlx5_fpga_tools/mlx5fpga_tools_main.c @@ -0,0 +1,143 @@ +/*- + * Copyright (c) 2017 Mellanox Technologies. All rights reserved. + * + * This software is available to you under a choice of one of two + * licenses. You may choose to be licensed under the terms of the GNU + * General Public License (GPL) Version 2, available from the file + * COPYING in the main directory of this source tree, or the + * OpenIB.org BSD license below: + * + * Redistribution and use in source and binary forms, with or + * without modification, are permitted provided that the following + * conditions are met: + * + * - Redistributions of source code must retain the above + * copyright notice, this list of conditions and the following + * disclaimer. + * + * - Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials + * provided with the distribution. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS + * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN + * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + * SOFTWARE. + * + * $FreeBSD$ + */ + +#include <linux/module.h> +#include <dev/mlx5/mlx5_fpga_tools/tools.h> +#include <dev/mlx5/mlx5_fpga_tools/tools_char.h> + +#if (__FreeBSD_version >= 1100000) +MODULE_DEPEND(mlx5fpga_tools, linuxkpi, 1, 1, 1); +#endif +MODULE_DEPEND(mlx5fpga_tools, mlx5, 1, 1, 1); +MODULE_DEPEND(mlx5fpga_tools, mlx5fpga, 1, 1, 1); +MODULE_VERSION(mlx5fpga_tools, 1); + +static void mlx5_fpga_tools_create(struct mlx5_fpga_device *fdev); +static int mlx5_fpga_tools_add(struct mlx5_fpga_device *fdev, u32 vid, u16 pid); +static void mlx5_fpga_tools_remove(struct mlx5_fpga_device *fdev); +static void mlx5_fpga_tools_destroy(struct mlx5_fpga_device *fdev); + +struct mlx5_fpga_tools_dev *mlx5_fpga_tools_alloc(struct mlx5_fpga_device *fdev); +void mlx5_fpga_tools_free(struct mlx5_fpga_tools_dev *tdev); + +static struct mlx5_fpga_client mlx5_fpga_tools_client = { + .name = MLX5_FPGA_TOOLS_DRIVER_NAME, + .create = mlx5_fpga_tools_create, + .add = mlx5_fpga_tools_add, + .remove = mlx5_fpga_tools_remove, + .destroy = mlx5_fpga_tools_destroy, +}; + +struct mlx5_fpga_tools_dev *mlx5_fpga_tools_alloc(struct mlx5_fpga_device *fdev) +{ + int ret; + struct mlx5_fpga_tools_dev *tdev; + + tdev = kzalloc(sizeof(*tdev), GFP_KERNEL); + if (!tdev) + goto out; + + tdev->fdev = fdev; + sx_init(&tdev->lock, "mlx5fpgat"); + ret = mlx5_fpga_tools_char_add_one(tdev); + if (ret) + goto err_free; + + goto out; + +err_free: + kfree(tdev); + tdev = NULL; + +out: + return tdev; +} + +void mlx5_fpga_tools_free(struct mlx5_fpga_tools_dev *tdev) +{ + mlx5_fpga_tools_char_remove_one(tdev); + kfree(tdev); +} + +static void mlx5_fpga_tools_create(struct mlx5_fpga_device *fdev) +{ + struct mlx5_fpga_tools_dev *dev = NULL; + + dev_dbg(mlx5_fpga_dev(fdev), "tools_create\n"); + + dev = mlx5_fpga_tools_alloc(fdev); + if (!dev) + return; + + mlx5_fpga_client_data_set(fdev, &mlx5_fpga_tools_client, dev); +} + +static int mlx5_fpga_tools_add(struct mlx5_fpga_device *fdev, u32 vid, u16 pid) +{ + return 0; +} + +static void mlx5_fpga_tools_remove(struct mlx5_fpga_device *fdev) +{ +} + +static void mlx5_fpga_tools_destroy(struct mlx5_fpga_device *fdev) +{ + struct mlx5_fpga_tools_dev *dev; + + dev_dbg(mlx5_fpga_dev(fdev), "tools_destroy\n"); + + dev = mlx5_fpga_client_data_get(fdev, &mlx5_fpga_tools_client); + if (dev) + mlx5_fpga_tools_free(dev); +} + +static int __init mlx5_fpga_tools_init(void) +{ + int ret = mlx5_fpga_tools_char_init(); + + if (ret) + return ret; + mlx5_fpga_client_register(&mlx5_fpga_tools_client); + return 0; +} + +static void __exit mlx5_fpga_tools_exit(void) +{ + mlx5_fpga_client_unregister(&mlx5_fpga_tools_client); + mlx5_fpga_tools_char_deinit(); +} + +module_init(mlx5_fpga_tools_init); +module_exit(mlx5_fpga_tools_exit); diff --git a/sys/dev/mlx5/mlx5_fpga_tools/tools.h b/sys/dev/mlx5/mlx5_fpga_tools/tools.h new file mode 100644 index 000000000000..6b545eb2795f --- /dev/null +++ b/sys/dev/mlx5/mlx5_fpga_tools/tools.h @@ -0,0 +1,65 @@ +/*- + * Copyright (c) 2017 Mellanox Technologies. All rights reserved. + * + * This software is available to you under a choice of one of two + * licenses. You may choose to be licensed under the terms of the GNU + * General Public License (GPL) Version 2, available from the file + * COPYING in the main directory of this source tree, or the + * OpenIB.org BSD license below: + * + * Redistribution and use in source and binary forms, with or + * without modification, are permitted provided that the following + * conditions are met: + * + * - Redistributions of source code must retain the above + * copyright notice, this list of conditions and the following + * disclaimer. + * + * - Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials + * provided with the distribution. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS + * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN + * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + * SOFTWARE. + * + * $FreeBSD$ + */ + +#ifndef __TOOLS_H__ +#define __TOOLS_H__ + +#include <sys/lock.h> +#include <sys/sx.h> +#include <linux/types.h> +#include <linux/kobject.h> +#include <linux/list.h> +#include <dev/mlx5/mlx5_fpga/sdk.h> + +#define MLX5_FPGA_TOOLS_DRIVER_NAME "mlx5_fpga_tools" + +struct mlx5_fpga_tools_dev { + /* Core device and connection to FPGA */ + struct mlx5_fpga_device *fdev; + + /* Serializes memory accesses */ + struct sx lock; + + /* Char device state */ + void *char_device; +}; + +int mlx5_fpga_tools_mem_write(struct mlx5_fpga_tools_dev *tdev, + void *buf, size_t count, u64 address, + enum mlx5_fpga_access_type access_type); +int mlx5_fpga_tools_mem_read(struct mlx5_fpga_tools_dev *tdev, void *buf, + size_t count, u64 address, + enum mlx5_fpga_access_type access_type); + +#endif /* __TOOLS_H__ */ diff --git a/sys/dev/mlx5/mlx5_fpga_tools/tools_char.h b/sys/dev/mlx5/mlx5_fpga_tools/tools_char.h new file mode 100644 index 000000000000..1f80669c5811 --- /dev/null +++ b/sys/dev/mlx5/mlx5_fpga_tools/tools_char.h @@ -0,0 +1,46 @@ +/*- + * Copyright (c) 2017 Mellanox Technologies. All rights reserved. + * + * This software is available to you under a choice of one of two + * licenses. You may choose to be licensed under the terms of the GNU + * General Public License (GPL) Version 2, available from the file + * COPYING in the main directory of this source tree, or the + * OpenIB.org BSD license below: + * + * Redistribution and use in source and binary forms, with or + * without modification, are permitted provided that the following + * conditions are met: + * + * - Redistributions of source code must retain the above + * copyright notice, this list of conditions and the following + * disclaimer. + * + * - Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials + * provided with the distribution. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS + * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN + * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + * SOFTWARE. + * + * $FreeBSD$ + */ + +#ifndef __TOOLS_CHAR_H__ +#define __TOOLS_CHAR_H__ + +#include <dev/mlx5/mlx5_fpga_tools/tools.h> + +int mlx5_fpga_tools_char_init(void); +void mlx5_fpga_tools_char_deinit(void); + +int mlx5_fpga_tools_char_add_one(struct mlx5_fpga_tools_dev *tdev); +void mlx5_fpga_tools_char_remove_one(struct mlx5_fpga_tools_dev *tdev); + +#endif /* __TOOLS_CHAR_H__ */ diff --git a/sys/dev/mlx5/mlx5_ib/mlx5_ib_cong.c b/sys/dev/mlx5/mlx5_ib/mlx5_ib_cong.c index 260323950a40..b11cd0b53403 100644 --- a/sys/dev/mlx5/mlx5_ib/mlx5_ib_cong.c +++ b/sys/dev/mlx5/mlx5_ib/mlx5_ib_cong.c @@ -393,7 +393,8 @@ void mlx5_ib_cleanup_congestion(struct mlx5_ib_dev *dev) { - cancel_delayed_work_sync(&dev->congestion.dwork); + while (cancel_delayed_work_sync(&dev->congestion.dwork)) + ; sysctl_ctx_free(&dev->congestion.ctx); sx_destroy(&dev->congestion.lock); } diff --git a/sys/dev/mlx5/mlx5_ib/mlx5_ib_cq.c b/sys/dev/mlx5/mlx5_ib/mlx5_ib_cq.c index 3e229675f6c0..ea6fac35e5a2 100644 --- a/sys/dev/mlx5/mlx5_ib/mlx5_ib_cq.c +++ b/sys/dev/mlx5/mlx5_ib/mlx5_ib_cq.c @@ -1124,7 +1124,12 @@ static int resize_user(struct mlx5_ib_dev *dev, struct mlx5_ib_cq *cq, if (ucmd.reserved0 || ucmd.reserved1) return -EINVAL; - umem = ib_umem_get(context, ucmd.buf_addr, entries * ucmd.cqe_size, + /* check multiplication overflow */ + if (ucmd.cqe_size && SIZE_MAX / ucmd.cqe_size <= entries - 1) + return -EINVAL; + + umem = ib_umem_get(context, ucmd.buf_addr, + (size_t)ucmd.cqe_size * entries, IB_ACCESS_LOCAL_WRITE, 1); if (IS_ERR(umem)) { err = PTR_ERR(umem); diff --git a/sys/dev/mlx5/mlx5_ib/mlx5_ib_main.c b/sys/dev/mlx5/mlx5_ib/mlx5_ib_main.c index fe9d2cf6ee4e..37e937ba485c 100644 --- a/sys/dev/mlx5/mlx5_ib/mlx5_ib_main.c +++ b/sys/dev/mlx5/mlx5_ib/mlx5_ib_main.c @@ -50,11 +50,11 @@ #include <dev/mlx5/fs.h> #include "mlx5_ib.h" -#define DRIVER_NAME "mlx5_ib" +#define DRIVER_NAME "mlx5ib" #ifndef DRIVER_VERSION -#define DRIVER_VERSION "3.4.2" +#define DRIVER_VERSION "3.5.0" #endif -#define DRIVER_RELDATE "July 2018" +#define DRIVER_RELDATE "November 2018" MODULE_DESCRIPTION("Mellanox Connect-IB HCA IB driver"); MODULE_LICENSE("Dual BSD/GPL"); @@ -219,6 +219,8 @@ static int translate_eth_proto_oper(u32 eth_proto_oper, u8 *active_speed, *active_speed = IB_SPEED_EDR; break; default: + *active_width = IB_WIDTH_4X; + *active_speed = IB_SPEED_QDR; return -EINVAL; } @@ -605,7 +607,7 @@ static int mlx5_ib_query_device(struct ib_device *ibdev, return err; props->fw_ver = ((u64)fw_rev_maj(dev->mdev) << 32) | - (fw_rev_min(dev->mdev) << 16) | + ((u32)fw_rev_min(dev->mdev) << 16) | fw_rev_sub(dev->mdev); props->device_cap_flags = IB_DEVICE_CHANGE_PHY_PORT | IB_DEVICE_PORT_ACTIVE_EVENT | @@ -2335,7 +2337,7 @@ static void mlx5_ib_event(struct mlx5_core_dev *dev, void *context, struct mlx5_ib_dev *ibdev = (struct mlx5_ib_dev *)context; struct ib_event ibev; bool fatal = false; - u8 port = 0; + u8 port = (u8)param; switch (event) { case MLX5_DEV_EVENT_SYS_ERROR: @@ -2347,8 +2349,6 @@ static void mlx5_ib_event(struct mlx5_core_dev *dev, void *context, case MLX5_DEV_EVENT_PORT_UP: case MLX5_DEV_EVENT_PORT_DOWN: case MLX5_DEV_EVENT_PORT_INITIALIZED: - port = (u8)param; - /* In RoCE, port up/down events are handled in * mlx5_netdev_event(). */ @@ -2362,24 +2362,20 @@ static void mlx5_ib_event(struct mlx5_core_dev *dev, void *context, case MLX5_DEV_EVENT_LID_CHANGE: ibev.event = IB_EVENT_LID_CHANGE; - port = (u8)param; break; case MLX5_DEV_EVENT_PKEY_CHANGE: ibev.event = IB_EVENT_PKEY_CHANGE; - port = (u8)param; schedule_work(&ibdev->devr.ports[port - 1].pkey_change_work); break; case MLX5_DEV_EVENT_GUID_CHANGE: ibev.event = IB_EVENT_GID_CHANGE; - port = (u8)param; break; case MLX5_DEV_EVENT_CLIENT_REREG: ibev.event = IB_EVENT_CLIENT_REREGISTER; - port = (u8)param; break; default: @@ -2390,7 +2386,7 @@ static void mlx5_ib_event(struct mlx5_core_dev *dev, void *context, ibev.device = &ibdev->ib_dev; ibev.element.port_num = port; - if (port < 1 || port > ibdev->num_ports) { + if (!rdma_is_port_valid(&ibdev->ib_dev, port)) { mlx5_ib_warn(ibdev, "warning: event(%d) on port %d\n", event, port); return; } @@ -2969,8 +2965,6 @@ static void *mlx5_ib_add(struct mlx5_core_dev *mdev) if ((ll == IB_LINK_LAYER_ETHERNET) && !MLX5_CAP_GEN(mdev, roce)) return NULL; - printk_once(KERN_INFO "%s", mlx5_version); - dev = (struct mlx5_ib_dev *)ib_alloc_device(sizeof(*dev)); if (!dev) return NULL; @@ -3265,5 +3259,13 @@ static void __exit mlx5_ib_cleanup(void) mlx5_ib_odp_cleanup(); } +static void +mlx5_ib_show_version(void __unused *arg) +{ + + printf("%s", mlx5_version); +} +SYSINIT(mlx5_ib_show_version, SI_SUB_DRIVERS, SI_ORDER_ANY, mlx5_ib_show_version, NULL); + module_init_order(mlx5_ib_init, SI_ORDER_THIRD); module_exit_order(mlx5_ib_cleanup, SI_ORDER_THIRD); diff --git a/sys/dev/mlx5/mlx5_ib/mlx5_ib_srq.c b/sys/dev/mlx5/mlx5_ib/mlx5_ib_srq.c index 021656898373..148b4c8f6d99 100644 --- a/sys/dev/mlx5/mlx5_ib/mlx5_ib_srq.c +++ b/sys/dev/mlx5/mlx5_ib/mlx5_ib_srq.c @@ -159,8 +159,6 @@ static int create_srq_kernel(struct mlx5_ib_dev *dev, struct mlx5_ib_srq *srq, int err; int i; struct mlx5_wqe_srq_next_seg *next; - int page_shift; - int npages; err = mlx5_db_alloc(dev->mdev, &srq->db); if (err) { @@ -173,7 +171,6 @@ static int create_srq_kernel(struct mlx5_ib_dev *dev, struct mlx5_ib_srq *srq, err = -ENOMEM; goto err_db; } - page_shift = srq->buf.page_shift; srq->head = 0; srq->tail = srq->msrq.max - 1; @@ -185,10 +182,8 @@ static int create_srq_kernel(struct mlx5_ib_dev *dev, struct mlx5_ib_srq *srq, cpu_to_be16((i + 1) & (srq->msrq.max - 1)); } - npages = DIV_ROUND_UP(srq->buf.npages, 1 << (page_shift - PAGE_SHIFT)); - mlx5_ib_dbg(dev, "buf_size %d, page_shift %d, npages %d, calc npages %d\n", - buf_size, page_shift, srq->buf.npages, npages); - in->pas = mlx5_vzalloc(sizeof(*in->pas) * npages); + mlx5_ib_dbg(dev, "srq->buf.page_shift = %d\n", srq->buf.page_shift); + in->pas = mlx5_vzalloc(sizeof(*in->pas) * srq->buf.npages); if (!in->pas) { err = -ENOMEM; goto err_buf; @@ -204,7 +199,7 @@ static int create_srq_kernel(struct mlx5_ib_dev *dev, struct mlx5_ib_srq *srq, } srq->wq_sig = !!srq_signature; - in->log_page_size = page_shift - MLX5_ADAPTER_PAGE_SHIFT; + in->log_page_size = srq->buf.page_shift - MLX5_ADAPTER_PAGE_SHIFT; if (MLX5_CAP_GEN(dev->mdev, cqe_version) == MLX5_CQE_VERSION_V1 && in->type == IB_SRQT_XRC) in->user_index = MLX5_IB_DEFAULT_UIDX; @@ -242,8 +237,8 @@ struct ib_srq *mlx5_ib_create_srq(struct ib_pd *pd, { struct mlx5_ib_dev *dev = to_mdev(pd->device); struct mlx5_ib_srq *srq; - int desc_size; - int buf_size; + size_t desc_size; + size_t buf_size; int err; struct mlx5_srq_attr in = {0}; __u32 max_srq_wqes = 1 << MLX5_CAP_GEN(dev->mdev, log_max_srq_sz); @@ -267,28 +262,37 @@ struct ib_srq *mlx5_ib_create_srq(struct ib_pd *pd, desc_size = sizeof(struct mlx5_wqe_srq_next_seg) + srq->msrq.max_gs * sizeof(struct mlx5_wqe_data_seg); + if (desc_size == 0 || srq->msrq.max_gs > desc_size) { + err = -EINVAL; + goto err_srq; + } desc_size = roundup_pow_of_two(desc_size); - desc_size = max_t(int, 32, desc_size); + desc_size = max_t(size_t, 32, desc_size); + if (desc_size < sizeof(struct mlx5_wqe_srq_next_seg)) { + err = -EINVAL; + goto err_srq; + } srq->msrq.max_avail_gather = (desc_size - sizeof(struct mlx5_wqe_srq_next_seg)) / sizeof(struct mlx5_wqe_data_seg); srq->msrq.wqe_shift = ilog2(desc_size); buf_size = srq->msrq.max * desc_size; - mlx5_ib_dbg(dev, "desc_size 0x%x, req wr 0x%x, srq size 0x%x, max_gs 0x%x, max_avail_gather 0x%x\n", - desc_size, init_attr->attr.max_wr, srq->msrq.max, srq->msrq.max_gs, - srq->msrq.max_avail_gather); + if (buf_size < desc_size) { + err = -EINVAL; + goto err_srq; + } + in.type = init_attr->srq_type; if (pd->uobject) err = create_srq_user(pd, srq, &in, udata, buf_size); else err = create_srq_kernel(dev, srq, &in, buf_size); - if (err) { + if (err || !in.pas) { mlx5_ib_warn(dev, "create srq %s failed, err %d\n", pd->uobject ? "user" : "kernel", err); goto err_srq; } - in.type = init_attr->srq_type; in.log_size = ilog2(srq->msrq.max); in.wqe_shift = srq->msrq.wqe_shift - 4; if (srq->wq_sig) diff --git a/sys/dev/mlx5/mlx5_ifc.h b/sys/dev/mlx5/mlx5_ifc.h index 7bb138a15e95..e3a80ef7c0db 100644 --- a/sys/dev/mlx5/mlx5_ifc.h +++ b/sys/dev/mlx5/mlx5_ifc.h @@ -28,6 +28,8 @@ #ifndef MLX5_IFC_H #define MLX5_IFC_H +#include <dev/mlx5/mlx5_fpga/mlx5_ifc_fpga.h> + enum { MLX5_EVENT_TYPE_COMP = 0x0, MLX5_EVENT_TYPE_PATH_MIG = 0x1, @@ -58,7 +60,9 @@ enum { MLX5_EVENT_TYPE_DROPPED_PACKET_LOGGED_EVENT = 0x1f, MLX5_EVENT_TYPE_CMD = 0xa, MLX5_EVENT_TYPE_PAGE_REQUEST = 0xb, - MLX5_EVENT_TYPE_NIC_VPORT_CHANGE = 0xd + MLX5_EVENT_TYPE_NIC_VPORT_CHANGE = 0xd, + MLX5_EVENT_TYPE_FPGA_ERROR = 0x20, + MLX5_EVENT_TYPE_FPGA_QP_ERROR = 0x21, }; enum { @@ -242,6 +246,11 @@ enum { MLX5_CMD_OP_MODIFY_FLOW_TABLE = 0x93c, MLX5_CMD_OP_ALLOC_ENCAP_HEADER = 0x93d, MLX5_CMD_OP_DEALLOC_ENCAP_HEADER = 0x93e, + MLX5_CMD_OP_FPGA_CREATE_QP = 0x960, + MLX5_CMD_OP_FPGA_MODIFY_QP = 0x961, + MLX5_CMD_OP_FPGA_QUERY_QP = 0x962, + MLX5_CMD_OP_FPGA_DESTROY_QP = 0x963, + MLX5_CMD_OP_FPGA_QUERY_QP_COUNTERS = 0x964, }; enum { @@ -746,6 +755,115 @@ struct mlx5_ifc_flow_table_nic_cap_bits { u8 reserved_1[0x7200]; }; +enum { + MLX5_ACCESS_REG_SUMMARY_CTRL_ID_PDDR = 0x5031, +}; + +struct mlx5_ifc_pddr_module_info_bits { + u8 cable_technology[0x8]; + u8 cable_breakout[0x8]; + u8 ext_ethernet_compliance_code[0x8]; + u8 ethernet_compliance_code[0x8]; + + u8 cable_type[0x4]; + u8 cable_vendor[0x4]; + u8 cable_length[0x8]; + u8 cable_identifier[0x8]; + u8 cable_power_class[0x8]; + + u8 reserved_at_40[0x8]; + u8 cable_rx_amp[0x8]; + u8 cable_rx_emphasis[0x8]; + u8 cable_tx_equalization[0x8]; + + u8 reserved_at_60[0x8]; + u8 cable_attenuation_12g[0x8]; + u8 cable_attenuation_7g[0x8]; + u8 cable_attenuation_5g[0x8]; + + u8 reserved_at_80[0x8]; + u8 rx_cdr_cap[0x4]; + u8 tx_cdr_cap[0x4]; + u8 reserved_at_90[0x4]; + u8 rx_cdr_state[0x4]; + u8 reserved_at_98[0x4]; + u8 tx_cdr_state[0x4]; + + u8 vendor_name[16][0x8]; + + u8 vendor_pn[16][0x8]; + + u8 vendor_rev[0x20]; + + u8 fw_version[0x20]; + + u8 vendor_sn[16][0x8]; + + u8 temperature[0x10]; + u8 voltage[0x10]; + + u8 rx_power_lane0[0x10]; + u8 rx_power_lane1[0x10]; + + u8 rx_power_lane2[0x10]; + u8 rx_power_lane3[0x10]; + + u8 reserved_at_2c0[0x40]; + + u8 tx_power_lane0[0x10]; + u8 tx_power_lane1[0x10]; + + u8 tx_power_lane2[0x10]; + u8 tx_power_lane3[0x10]; + + u8 reserved_at_340[0x40]; + + u8 tx_bias_lane0[0x10]; + u8 tx_bias_lane1[0x10]; + + u8 tx_bias_lane2[0x10]; + u8 tx_bias_lane3[0x10]; + + u8 reserved_at_3c0[0x40]; + + u8 temperature_high_th[0x10]; + u8 temperature_low_th[0x10]; + + u8 voltage_high_th[0x10]; + u8 voltage_low_th[0x10]; + + u8 rx_power_high_th[0x10]; + u8 rx_power_low_th[0x10]; + + u8 tx_power_high_th[0x10]; + u8 tx_power_low_th[0x10]; + + u8 tx_bias_high_th[0x10]; + u8 tx_bias_low_th[0x10]; + + u8 reserved_at_4a0[0x10]; + u8 wavelength[0x10]; + + u8 reserved_at_4c0[0x300]; +}; + +union mlx5_ifc_pddr_operation_info_page_pddr_phy_info_page_pddr_troubleshooting_page_pddr_module_info_auto_bits { + struct mlx5_ifc_pddr_module_info_bits pddr_module_info; + u8 reserved_at_0[0x7c0]; +}; + +struct mlx5_ifc_pddr_reg_bits { + u8 reserved_at_0[0x8]; + u8 local_port[0x8]; + u8 pnat[0x2]; + u8 reserved_at_12[0xe]; + + u8 reserved_at_20[0x18]; + u8 page_select[0x8]; + + union mlx5_ifc_pddr_operation_info_page_pddr_phy_info_page_pddr_troubleshooting_page_pddr_module_info_auto_bits page_data; +}; + struct mlx5_ifc_per_protocol_networking_offload_caps_bits { u8 csum_cap[0x1]; u8 vlan_cap[0x1]; @@ -933,7 +1051,8 @@ struct mlx5_ifc_cmd_hca_cap_bits { u8 log_max_cq[0x5]; u8 log_max_eq_sz[0x8]; - u8 reserved_6[0x2]; + u8 relaxed_ordering_write[1]; + u8 reserved_6[0x1]; u8 log_max_mkey[0x6]; u8 reserved_7[0xc]; u8 log_max_eq[0x4]; @@ -997,7 +1116,9 @@ struct mlx5_ifc_cmd_hca_cap_bits { u8 max_tc[0x4]; u8 temp_warn_event[0x1]; u8 dcbx[0x1]; - u8 reserved_22[0x4]; + u8 general_notification_event[0x1]; + u8 reserved_at_1d3[0x2]; + u8 fpga[0x1]; u8 rol_s[0x1]; u8 rol_g[0x1]; u8 reserved_23[0x1]; @@ -2424,9 +2545,13 @@ enum { }; struct mlx5_ifc_mkc_bits { - u8 reserved_0[0x1]; + u8 reserved_at_0[0x1]; u8 free[0x1]; - u8 reserved_1[0xd]; + u8 reserved_at_2[0x1]; + u8 access_mode_4_2[0x3]; + u8 reserved_at_6[0x7]; + u8 relaxed_ordering_write[0x1]; + u8 reserved_at_e[0x1]; u8 small_fence_on_rdma_read_response[0x1]; u8 umr_en[0x1]; u8 a[0x1]; @@ -8504,6 +8629,31 @@ struct mlx5_ifc_link_level_retrans_cntr_grp_date_bits { u8 reserved_0[0x640]; }; +struct mlx5_ifc_mtmp_reg_bits { + u8 i[0x1]; + u8 reserved_at_1[0x18]; + u8 sensor_index[0x7]; + + u8 reserved_at_20[0x10]; + u8 temperature[0x10]; + + u8 mte[0x1]; + u8 mtr[0x1]; + u8 reserved_at_42[0x0e]; + u8 max_temperature[0x10]; + + u8 tee[0x2]; + u8 reserved_at_62[0x0e]; + u8 temperature_threshold_hi[0x10]; + + u8 reserved_at_80[0x10]; + u8 temperature_threshold_lo[0x10]; + + u8 reserved_at_100[0x20]; + + u8 sensor_name[0x40]; +}; + struct mlx5_ifc_lane_2_module_mapping_bits { u8 reserved_0[0x6]; u8 rx_lane[0x2]; diff --git a/sys/dev/mlx5/mlx5_lib/mlx5.h b/sys/dev/mlx5/mlx5_lib/mlx5.h new file mode 100644 index 000000000000..f694c24bd5b7 --- /dev/null +++ b/sys/dev/mlx5/mlx5_lib/mlx5.h @@ -0,0 +1,45 @@ +/*- + * Copyright (c) 2017, Mellanox Technologies, Ltd. All rights reserved. + * + * This software is available to you under a choice of one of two + * licenses. You may choose to be licensed under the terms of the GNU + * General Public License (GPL) Version 2, available from the file + * COPYING in the main directory of this source tree, or the + * OpenIB.org BSD license below: + * + * Redistribution and use in source and binary forms, with or + * without modification, are permitted provided that the following + * conditions are met: + * + * - Redistributions of source code must retain the above + * copyright notice, this list of conditions and the following + * disclaimer. + * + * - Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials + * provided with the distribution. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS + * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN + * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + * SOFTWARE. + * + * $FreeBSD$ + */ + +#ifndef __LIB_MLX5_H__ +#define __LIB_MLX5_H__ + +void mlx5_init_reserved_gids(struct mlx5_core_dev *dev); +void mlx5_cleanup_reserved_gids(struct mlx5_core_dev *dev); +int mlx5_core_reserve_gids(struct mlx5_core_dev *dev, unsigned int count); +void mlx5_core_unreserve_gids(struct mlx5_core_dev *dev, unsigned int count); +int mlx5_core_reserved_gid_alloc(struct mlx5_core_dev *dev, int *gid_index); +void mlx5_core_reserved_gid_free(struct mlx5_core_dev *dev, int gid_index); + +#endif diff --git a/sys/dev/mlx5/mlx5_lib/mlx5_gid.c b/sys/dev/mlx5/mlx5_lib/mlx5_gid.c new file mode 100644 index 000000000000..5cfd0af9aff6 --- /dev/null +++ b/sys/dev/mlx5/mlx5_lib/mlx5_gid.c @@ -0,0 +1,156 @@ +/*- + * Copyright (c) 2017, Mellanox Technologies. All rights reserved. + * + * This software is available to you under a choice of one of two + * licenses. You may choose to be licensed under the terms of the GNU + * General Public License (GPL) Version 2, available from the file + * COPYING in the main directory of this source tree, or the + * OpenIB.org BSD license below: + * + * Redistribution and use in source and binary forms, with or + * without modification, are permitted provided that the following + * conditions are met: + * + * - Redistributions of source code must retain the above + * copyright notice, this list of conditions and the following + * disclaimer. + * + * - Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials + * provided with the distribution. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS + * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN + * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + * SOFTWARE. + * + * $FreeBSD$ + */ + +#include <linux/etherdevice.h> +#include <dev/mlx5/driver.h> +#include <dev/mlx5/mlx5_core/mlx5_core.h> +#include <dev/mlx5/mlx5_lib/mlx5.h> + +void mlx5_init_reserved_gids(struct mlx5_core_dev *dev) +{ + unsigned int tblsz = MLX5_CAP_ROCE(dev, roce_address_table_size); + + ida_init(&dev->roce.reserved_gids.ida); + dev->roce.reserved_gids.start = tblsz; + dev->roce.reserved_gids.count = 0; +} + +void mlx5_cleanup_reserved_gids(struct mlx5_core_dev *dev) +{ + WARN_ON(!ida_is_empty(&dev->roce.reserved_gids.ida)); + dev->roce.reserved_gids.start = 0; + dev->roce.reserved_gids.count = 0; + ida_destroy(&dev->roce.reserved_gids.ida); +} + +int mlx5_core_reserve_gids(struct mlx5_core_dev *dev, unsigned int count) +{ + if (test_bit(MLX5_INTERFACE_STATE_UP, &dev->intf_state)) { + mlx5_core_err(dev, "Cannot reserve GIDs when interfaces are up\n"); + return -EPERM; + } + if (dev->roce.reserved_gids.start < count) { + mlx5_core_warn(dev, "GID table exhausted attempting to reserve %d more GIDs\n", + count); + return -ENOMEM; + } + if (dev->roce.reserved_gids.count + count > MLX5_MAX_RESERVED_GIDS) { + mlx5_core_warn(dev, "Unable to reserve %d more GIDs\n", count); + return -ENOMEM; + } + + dev->roce.reserved_gids.start -= count; + dev->roce.reserved_gids.count += count; + mlx5_core_dbg(dev, "Reserved %u GIDs starting at %u\n", + dev->roce.reserved_gids.count, + dev->roce.reserved_gids.start); + return 0; +} + +void mlx5_core_unreserve_gids(struct mlx5_core_dev *dev, unsigned int count) +{ + WARN(test_bit(MLX5_INTERFACE_STATE_UP, &dev->intf_state), "Unreserving GIDs when interfaces are up"); + WARN(count > dev->roce.reserved_gids.count, "Unreserving %u GIDs when only %u reserved", + count, dev->roce.reserved_gids.count); + + dev->roce.reserved_gids.start += count; + dev->roce.reserved_gids.count -= count; + mlx5_core_dbg(dev, "%u GIDs starting at %u left reserved\n", + dev->roce.reserved_gids.count, + dev->roce.reserved_gids.start); +} + +int mlx5_core_reserved_gid_alloc(struct mlx5_core_dev *dev, int *gid_index) +{ + int end = dev->roce.reserved_gids.start + + dev->roce.reserved_gids.count; + int index = 0; + + index = ida_simple_get(&dev->roce.reserved_gids.ida, + dev->roce.reserved_gids.start, end, + GFP_KERNEL); + if (index < 0) + return index; + + mlx5_core_dbg(dev, "Allocating reserved GID %u\n", index); + *gid_index = index; + return 0; +} + +void mlx5_core_reserved_gid_free(struct mlx5_core_dev *dev, int gid_index) +{ + mlx5_core_dbg(dev, "Freeing reserved GID %u\n", gid_index); + ida_simple_remove(&dev->roce.reserved_gids.ida, gid_index); +} + +unsigned int mlx5_core_reserved_gids_count(struct mlx5_core_dev *dev) +{ + return dev->roce.reserved_gids.count; +} +EXPORT_SYMBOL_GPL(mlx5_core_reserved_gids_count); + +int mlx5_core_roce_gid_set(struct mlx5_core_dev *dev, unsigned int index, + u8 roce_version, u8 roce_l3_type, const u8 *gid, + const u8 *mac, bool vlan, u16 vlan_id) +{ +#define MLX5_SET_RA(p, f, v) MLX5_SET(roce_addr_layout, p, f, v) + u32 in[MLX5_ST_SZ_DW(set_roce_address_in)] = {0}; + u32 out[MLX5_ST_SZ_DW(set_roce_address_out)] = {0}; + void *in_addr = MLX5_ADDR_OF(set_roce_address_in, in, roce_address); + char *addr_l3_addr = MLX5_ADDR_OF(roce_addr_layout, in_addr, + source_l3_address); + void *addr_mac = MLX5_ADDR_OF(roce_addr_layout, in_addr, + source_mac_47_32); + int gidsz = MLX5_FLD_SZ_BYTES(roce_addr_layout, source_l3_address); + + if (MLX5_CAP_GEN(dev, port_type) != MLX5_CAP_PORT_TYPE_ETH) + return -EINVAL; + + if (gid) { + if (vlan) { + MLX5_SET_RA(in_addr, vlan_valid, 1); + MLX5_SET_RA(in_addr, vlan_id, vlan_id); + } + + ether_addr_copy(addr_mac, mac); + MLX5_SET_RA(in_addr, roce_version, roce_version); + MLX5_SET_RA(in_addr, roce_l3_type, roce_l3_type); + memcpy(addr_l3_addr, gid, gidsz); + } + + MLX5_SET(set_roce_address_in, in, roce_address_index, index); + MLX5_SET(set_roce_address_in, in, opcode, MLX5_CMD_OP_SET_ROCE_ADDRESS); + return mlx5_cmd_exec(dev, in, sizeof(in), out, sizeof(out)); +} +EXPORT_SYMBOL(mlx5_core_roce_gid_set); diff --git a/sys/dev/mlx5/mlx5io.h b/sys/dev/mlx5/mlx5io.h index 5504b1e06260..98d960cdd23a 100644 --- a/sys/dev/mlx5/mlx5io.h +++ b/sys/dev/mlx5/mlx5io.h @@ -57,4 +57,85 @@ struct mlx5_fwdump_get { #define MLX5_DEV_PATH _PATH_DEV"mlx5ctl" #endif +enum mlx5_fpga_id { + MLX5_FPGA_NEWTON = 0, + MLX5_FPGA_EDISON = 1, + MLX5_FPGA_MORSE = 2, + MLX5_FPGA_MORSEQ = 3, +}; + +enum mlx5_fpga_image { + MLX5_FPGA_IMAGE_USER = 0, + MLX5_FPGA_IMAGE_FACTORY = 1, + MLX5_FPGA_IMAGE_MAX = MLX5_FPGA_IMAGE_FACTORY, + MLX5_FPGA_IMAGE_FACTORY_FAILOVER = 2, +}; + +enum mlx5_fpga_status { + MLX5_FPGA_STATUS_SUCCESS = 0, + MLX5_FPGA_STATUS_FAILURE = 1, + MLX5_FPGA_STATUS_IN_PROGRESS = 2, + MLX5_FPGA_STATUS_DISCONNECTED = 3, +}; + +struct mlx5_fpga_query { + enum mlx5_fpga_image admin_image; + enum mlx5_fpga_image oper_image; + enum mlx5_fpga_status image_status; +}; + +enum mlx5_fpga_tee { + MLX5_FPGA_TEE_DISABLE = 0, + MLX5_FPGA_TEE_GENERATE_EVENT = 1, + MLX5_FPGA_TEE_GENERATE_SINGLE_EVENT = 2, +}; + +enum mlx5_fpga_connect { + MLX5_FPGA_CONNECT_QUERY = 0, + MLX5_FPGA_CONNECT_DISCONNECT = 0x9, + MLX5_FPGA_CONNECT_CONNECT = 0xA, +}; + +/** + * enum mlx5_fpga_access_type - Enumerated the different methods possible for + * accessing the device memory address space + */ +enum mlx5_fpga_access_type { + /** Use the slow CX-FPGA I2C bus*/ + MLX5_FPGA_ACCESS_TYPE_I2C = 0x0, + /** Use the fast 'shell QP' */ + MLX5_FPGA_ACCESS_TYPE_RDMA, + /** Use the fastest available method */ + MLX5_FPGA_ACCESS_TYPE_DONTCARE, + MLX5_FPGA_ACCESS_TYPE_MAX = MLX5_FPGA_ACCESS_TYPE_DONTCARE, +}; + +#define MLX5_FPGA_INTERNAL_SENSORS_LOW 63 +#define MLX5_FPGA_INTERNAL_SENSORS_HIGH 63 + +struct mlx5_fpga_temperature { + uint32_t temperature; + uint32_t index; + uint32_t tee; + uint32_t max_temperature; + uint32_t temperature_threshold_hi; + uint32_t temperature_threshold_lo; + uint32_t mte; + uint32_t mtr; + char sensor_name[16]; +}; + +#define MLX5_FPGA_CAP_ARR_SZ 0x40 + +#define MLX5_FPGA_ACCESS_TYPE _IOWINT('m', 0x80) +#define MLX5_FPGA_LOAD _IOWINT('m', 0x81) +#define MLX5_FPGA_RESET _IO('m', 0x82) +#define MLX5_FPGA_IMAGE_SEL _IOWINT('m', 0x83) +#define MLX5_FPGA_QUERY _IOR('m', 0x84, struct mlx5_fpga_query) +#define MLX5_FPGA_CAP _IOR('m', 0x85, uint32_t[MLX5_FPGA_CAP_ARR_SZ]) +#define MLX5_FPGA_TEMPERATURE _IOWR('m', 0x86, struct mlx5_fpga_temperature) +#define MLX5_FPGA_CONNECT _IOWR('m', 0x87, enum mlx5_fpga_connect) + +#define MLX5_FPGA_TOOLS_NAME_SUFFIX "_mlx5_fpga_tools" + #endif diff --git a/sys/dev/mlx5/port.h b/sys/dev/mlx5/port.h index 1738ad63f354..1007bb471bd5 100644 --- a/sys/dev/mlx5/port.h +++ b/sys/dev/mlx5/port.h @@ -161,6 +161,12 @@ int mlx5_query_port_prio_tc(struct mlx5_core_dev *mdev, u8 prio, u8 *tc); int mlx5_set_port_prio_tc(struct mlx5_core_dev *mdev, int prio_index, const u8 prio_tc); +int mlx5_set_port_tc_group(struct mlx5_core_dev *mdev, const u8 *tc_group); +int mlx5_query_port_tc_group(struct mlx5_core_dev *mdev, + u8 tc, u8 *tc_group); +int mlx5_set_port_tc_bw_alloc(struct mlx5_core_dev *mdev, const u8 *tc_bw); +int mlx5_query_port_tc_bw_alloc(struct mlx5_core_dev *mdev, u8 *bw_pct); + int mlx5_set_trust_state(struct mlx5_core_dev *mdev, u8 trust_state); int mlx5_query_trust_state(struct mlx5_core_dev *mdev, u8 *trust_state); @@ -168,4 +174,6 @@ int mlx5_query_trust_state(struct mlx5_core_dev *mdev, u8 *trust_state); int mlx5_set_dscp2prio(struct mlx5_core_dev *mdev, const u8 *dscp2prio); int mlx5_query_dscp2prio(struct mlx5_core_dev *mdev, u8 *dscp2prio); +int mlx5_query_pddr_range_info(struct mlx5_core_dev *mdev, u8 local_port, u8 *is_er_type); + #endif /* __MLX5_PORT_H__ */ diff --git a/sys/dev/mlx5/vport.h b/sys/dev/mlx5/vport.h index 06aa8ed34897..61dc9c4880cf 100644 --- a/sys/dev/mlx5/vport.h +++ b/sys/dev/mlx5/vport.h @@ -88,7 +88,7 @@ int mlx5_set_nic_vport_current_mac(struct mlx5_core_dev *mdev, int vport, bool other_vport, u8 *addr); int mlx5_query_nic_vport_min_inline(struct mlx5_core_dev *mdev, u16 vport, u8 *min_inline); -void mlx5_query_min_inline(struct mlx5_core_dev *mdev, u8 *min_inline); +int mlx5_query_min_inline(struct mlx5_core_dev *mdev, u8 *min_inline); int mlx5_modify_nic_vport_min_inline(struct mlx5_core_dev *mdev, u16 vport, u8 min_inline); int mlx5_modify_nic_vport_port_guid(struct mlx5_core_dev *mdev, diff --git a/sys/dev/mpr/mpr.c b/sys/dev/mpr/mpr.c index d35a5e8b9b58..a7d92680d76c 100644 --- a/sys/dev/mpr/mpr.c +++ b/sys/dev/mpr/mpr.c @@ -2493,12 +2493,13 @@ void mpr_intr_locked(void *data) { MPI2_REPLY_DESCRIPTORS_UNION *desc; + MPI2_DIAG_RELEASE_REPLY *rel_rep; + mpr_fw_diagnostic_buffer_t *pBuffer; struct mpr_softc *sc; + uint64_t tdesc; struct mpr_command *cm = NULL; uint8_t flags; u_int pq; - MPI2_DIAG_RELEASE_REPLY *rel_rep; - mpr_fw_diagnostic_buffer_t *pBuffer; sc = (struct mpr_softc *)data; @@ -2510,6 +2511,17 @@ mpr_intr_locked(void *data) for ( ;; ) { cm = NULL; desc = &sc->post_queue[sc->replypostindex]; + + /* + * Copy and clear out the descriptor so that any reentry will + * immediately know that this descriptor has already been + * looked at. There is unfortunate casting magic because the + * MPI API doesn't have a cardinal 64bit type. + */ + tdesc = 0xffffffffffffffff; + tdesc = atomic_swap_64((uint64_t *)desc, tdesc); + desc = (MPI2_REPLY_DESCRIPTORS_UNION *)&tdesc; + flags = desc->Default.ReplyFlags & MPI2_RPY_DESCRIPT_FLAGS_TYPE_MASK; if ((flags == MPI2_RPY_DESCRIPT_FLAGS_UNUSED) || @@ -2604,7 +2616,8 @@ mpr_intr_locked(void *data) cm = &sc->commands[ le16toh(desc->AddressReply.SMID)]; KASSERT(cm->cm_state == MPR_CM_STATE_INQUEUE, - ("command not inqueue\n")); + ("command SMID %d not inqueue\n", + desc->AddressReply.SMID)); cm->cm_state = MPR_CM_STATE_BUSY; cm->cm_reply = reply; cm->cm_reply_data = @@ -2630,9 +2643,6 @@ mpr_intr_locked(void *data) mpr_display_reply_info(sc,cm->cm_reply); mpr_complete_command(sc, cm); } - - desc->Words.Low = 0xffffffff; - desc->Words.High = 0xffffffff; } if (pq != sc->replypostindex) { diff --git a/sys/dev/mps/mps.c b/sys/dev/mps/mps.c index 77353b184a3e..79558c8a2a08 100644 --- a/sys/dev/mps/mps.c +++ b/sys/dev/mps/mps.c @@ -2361,12 +2361,13 @@ void mps_intr_locked(void *data) { MPI2_REPLY_DESCRIPTORS_UNION *desc; + MPI2_DIAG_RELEASE_REPLY *rel_rep; + mps_fw_diagnostic_buffer_t *pBuffer; struct mps_softc *sc; struct mps_command *cm = NULL; + uint64_t tdesc; uint8_t flags; u_int pq; - MPI2_DIAG_RELEASE_REPLY *rel_rep; - mps_fw_diagnostic_buffer_t *pBuffer; sc = (struct mps_softc *)data; @@ -2378,6 +2379,17 @@ mps_intr_locked(void *data) for ( ;; ) { cm = NULL; desc = &sc->post_queue[sc->replypostindex]; + + /* + * Copy and clear out the descriptor so that any reentry will + * immediately know that this descriptor has already been + * looked at. There is unfortunate casting magic because the + * MPI API doesn't have a cardinal 64bit type. + */ + tdesc = 0xffffffffffffffff; + tdesc = atomic_swap_64((uint64_t *)desc, tdesc); + desc = (MPI2_REPLY_DESCRIPTORS_UNION *)&tdesc; + flags = desc->Default.ReplyFlags & MPI2_RPY_DESCRIPT_FLAGS_TYPE_MASK; if ((flags == MPI2_RPY_DESCRIPT_FLAGS_UNUSED) @@ -2496,9 +2508,6 @@ mps_intr_locked(void *data) mps_display_reply_info(sc,cm->cm_reply); mps_complete_command(sc, cm); } - - desc->Words.Low = 0xffffffff; - desc->Words.High = 0xffffffff; } if (pq != sc->replypostindex) { diff --git a/sys/dev/netmap/if_em_netmap.h b/sys/dev/netmap/if_em_netmap.h deleted file mode 100644 index 299bc3837d5e..000000000000 --- a/sys/dev/netmap/if_em_netmap.h +++ /dev/null @@ -1,329 +0,0 @@ -/*- - * SPDX-License-Identifier: BSD-2-Clause-FreeBSD - * - * Copyright (C) 2011-2014 Matteo Landi, Luigi Rizzo. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* - * $FreeBSD$ - * - * netmap support for: em. - * - * For more details on netmap support please see ixgbe_netmap.h - */ - - -#include <net/netmap.h> -#include <sys/selinfo.h> -#include <vm/vm.h> -#include <vm/pmap.h> /* vtophys ? */ -#include <dev/netmap/netmap_kern.h> - - -// XXX do we need to block/unblock the tasks ? -static void -em_netmap_block_tasks(struct adapter *adapter) -{ - if (adapter->msix > 1) { /* MSIX */ - int i; - struct tx_ring *txr = adapter->tx_rings; - struct rx_ring *rxr = adapter->rx_rings; - - for (i = 0; i < adapter->num_queues; i++, txr++, rxr++) { - taskqueue_block(txr->tq); - taskqueue_drain(txr->tq, &txr->tx_task); - taskqueue_block(rxr->tq); - taskqueue_drain(rxr->tq, &rxr->rx_task); - } - } else { /* legacy */ - taskqueue_block(adapter->tq); - taskqueue_drain(adapter->tq, &adapter->link_task); - taskqueue_drain(adapter->tq, &adapter->que_task); - } -} - - -static void -em_netmap_unblock_tasks(struct adapter *adapter) -{ - if (adapter->msix > 1) { - struct tx_ring *txr = adapter->tx_rings; - struct rx_ring *rxr = adapter->rx_rings; - int i; - - for (i = 0; i < adapter->num_queues; i++, txr++, rxr++) { - taskqueue_unblock(txr->tq); - taskqueue_unblock(rxr->tq); - } - } else { /* legacy */ - taskqueue_unblock(adapter->tq); - } -} - - -/* - * Register/unregister. We are already under netmap lock. - */ -static int -em_netmap_reg(struct netmap_adapter *na, int onoff) -{ - struct ifnet *ifp = na->ifp; - struct adapter *adapter = ifp->if_softc; - - EM_CORE_LOCK(adapter); - em_disable_intr(adapter); - - /* Tell the stack that the interface is no longer active */ - ifp->if_drv_flags &= ~(IFF_DRV_RUNNING | IFF_DRV_OACTIVE); - - em_netmap_block_tasks(adapter); - /* enable or disable flags and callbacks in na and ifp */ - if (onoff) { - nm_set_native_flags(na); - } else { - nm_clear_native_flags(na); - } - em_init_locked(adapter); /* also enable intr */ - em_netmap_unblock_tasks(adapter); - EM_CORE_UNLOCK(adapter); - return (ifp->if_drv_flags & IFF_DRV_RUNNING ? 0 : 1); -} - - -/* - * Reconcile kernel and user view of the transmit ring. - */ -static int -em_netmap_txsync(struct netmap_kring *kring, int flags) -{ - struct netmap_adapter *na = kring->na; - struct ifnet *ifp = na->ifp; - struct netmap_ring *ring = kring->ring; - u_int nm_i; /* index into the netmap ring */ - u_int nic_i; /* index into the NIC ring */ - u_int n; - u_int const lim = kring->nkr_num_slots - 1; - u_int const head = kring->rhead; - /* generate an interrupt approximately every half ring */ - u_int report_frequency = kring->nkr_num_slots >> 1; - - /* device-specific */ - struct adapter *adapter = ifp->if_softc; - struct tx_ring *txr = &adapter->tx_rings[kring->ring_id]; - - bus_dmamap_sync(txr->txdma.dma_tag, txr->txdma.dma_map, - BUS_DMASYNC_POSTREAD); - - /* - * First part: process new packets to send. - */ - - nm_i = kring->nr_hwcur; - if (nm_i != head) { /* we have new packets to send */ - nic_i = netmap_idx_k2n(kring, nm_i); - for (n = 0; nm_i != head; n++) { - struct netmap_slot *slot = &ring->slot[nm_i]; - u_int len = slot->len; - uint64_t paddr; - void *addr = PNMB(na, slot, &paddr); - - /* device-specific */ - struct e1000_tx_desc *curr = &txr->tx_base[nic_i]; - struct em_txbuffer *txbuf = &txr->tx_buffers[nic_i]; - int flags = (slot->flags & NS_REPORT || - nic_i == 0 || nic_i == report_frequency) ? - E1000_TXD_CMD_RS : 0; - - NM_CHECK_ADDR_LEN(na, addr, len); - - if (slot->flags & NS_BUF_CHANGED) { - curr->buffer_addr = htole64(paddr); - /* buffer has changed, reload map */ - netmap_reload_map(na, txr->txtag, txbuf->map, addr); - } - slot->flags &= ~(NS_REPORT | NS_BUF_CHANGED); - - /* Fill the slot in the NIC ring. */ - curr->upper.data = 0; - curr->lower.data = htole32(adapter->txd_cmd | len | - (E1000_TXD_CMD_EOP | flags) ); - bus_dmamap_sync(txr->txtag, txbuf->map, - BUS_DMASYNC_PREWRITE); - - nm_i = nm_next(nm_i, lim); - nic_i = nm_next(nic_i, lim); - } - kring->nr_hwcur = head; - - /* synchronize the NIC ring */ - bus_dmamap_sync(txr->txdma.dma_tag, txr->txdma.dma_map, - BUS_DMASYNC_PREREAD | BUS_DMASYNC_PREWRITE); - - /* (re)start the tx unit up to slot nic_i (excluded) */ - E1000_WRITE_REG(&adapter->hw, E1000_TDT(txr->me), nic_i); - } - - /* - * Second part: reclaim buffers for completed transmissions. - */ - if (flags & NAF_FORCE_RECLAIM || nm_kr_txempty(kring)) { - /* record completed transmissions using TDH */ - nic_i = E1000_READ_REG(&adapter->hw, E1000_TDH(kring->ring_id)); - if (nic_i >= kring->nkr_num_slots) { /* XXX can it happen ? */ - D("TDH wrap %d", nic_i); - nic_i -= kring->nkr_num_slots; - } - if (nic_i != txr->next_to_clean) { - txr->next_to_clean = nic_i; - kring->nr_hwtail = nm_prev(netmap_idx_n2k(kring, nic_i), lim); - } - } - - return 0; -} - - -/* - * Reconcile kernel and user view of the receive ring. - */ -static int -em_netmap_rxsync(struct netmap_kring *kring, int flags) -{ - struct netmap_adapter *na = kring->na; - struct ifnet *ifp = na->ifp; - struct netmap_ring *ring = kring->ring; - u_int nm_i; /* index into the netmap ring */ - u_int nic_i; /* index into the NIC ring */ - u_int n; - u_int const lim = kring->nkr_num_slots - 1; - u_int const head = kring->rhead; - int force_update = (flags & NAF_FORCE_READ) || kring->nr_kflags & NKR_PENDINTR; - - /* device-specific */ - struct adapter *adapter = ifp->if_softc; - struct rx_ring *rxr = &adapter->rx_rings[kring->ring_id]; - - if (head > lim) - return netmap_ring_reinit(kring); - - /* XXX check sync modes */ - bus_dmamap_sync(rxr->rxdma.dma_tag, rxr->rxdma.dma_map, - BUS_DMASYNC_POSTREAD | BUS_DMASYNC_POSTWRITE); - - /* - * First part: import newly received packets. - */ - if (netmap_no_pendintr || force_update) { - nic_i = rxr->next_to_check; - nm_i = netmap_idx_n2k(kring, nic_i); - - for (n = 0; ; n++) { // XXX no need to count - union e1000_rx_desc_extended *curr = &rxr->rx_base[nic_i]; - uint32_t staterr = le32toh(curr->wb.upper.status_error); - - if ((staterr & E1000_RXD_STAT_DD) == 0) - break; - ring->slot[nm_i].len = le16toh(curr->wb.upper.length); - ring->slot[nm_i].flags = 0; - bus_dmamap_sync(rxr->rxtag, rxr->rx_buffers[nic_i].map, - BUS_DMASYNC_POSTREAD); - nm_i = nm_next(nm_i, lim); - /* make sure next_to_refresh follows next_to_check */ - rxr->next_to_refresh = nic_i; // XXX - nic_i = nm_next(nic_i, lim); - } - if (n) { /* update the state variables */ - rxr->next_to_check = nic_i; - kring->nr_hwtail = nm_i; - } - kring->nr_kflags &= ~NKR_PENDINTR; - } - - /* - * Second part: skip past packets that userspace has released. - */ - nm_i = kring->nr_hwcur; - if (nm_i != head) { - nic_i = netmap_idx_k2n(kring, nm_i); - for (n = 0; nm_i != head; n++) { - struct netmap_slot *slot = &ring->slot[nm_i]; - uint64_t paddr; - void *addr = PNMB(na, slot, &paddr); - - union e1000_rx_desc_extended *curr = &rxr->rx_base[nic_i]; - struct em_rxbuffer *rxbuf = &rxr->rx_buffers[nic_i]; - - if (addr == NETMAP_BUF_BASE(na)) /* bad buf */ - goto ring_reset; - - curr->read.buffer_addr = htole64(paddr); - if (slot->flags & NS_BUF_CHANGED) { - /* buffer has changed, reload map */ - netmap_reload_map(na, rxr->rxtag, rxbuf->map, addr); - slot->flags &= ~NS_BUF_CHANGED; - } - curr->wb.upper.status_error = 0; - bus_dmamap_sync(rxr->rxtag, rxbuf->map, - BUS_DMASYNC_PREREAD); - nm_i = nm_next(nm_i, lim); - nic_i = nm_next(nic_i, lim); - } - kring->nr_hwcur = head; - - bus_dmamap_sync(rxr->rxdma.dma_tag, rxr->rxdma.dma_map, - BUS_DMASYNC_PREREAD | BUS_DMASYNC_PREWRITE); - /* - * IMPORTANT: we must leave one free slot in the ring, - * so move nic_i back by one unit - */ - nic_i = nm_prev(nic_i, lim); - E1000_WRITE_REG(&adapter->hw, E1000_RDT(rxr->me), nic_i); - } - - return 0; - -ring_reset: - return netmap_ring_reinit(kring); -} - - -static void -em_netmap_attach(struct adapter *adapter) -{ - struct netmap_adapter na; - - bzero(&na, sizeof(na)); - - na.ifp = adapter->ifp; - na.na_flags = NAF_BDG_MAYSLEEP; - na.num_tx_desc = adapter->num_tx_desc; - na.num_rx_desc = adapter->num_rx_desc; - na.nm_txsync = em_netmap_txsync; - na.nm_rxsync = em_netmap_rxsync; - na.nm_register = em_netmap_reg; - na.num_tx_rings = na.num_rx_rings = adapter->num_queues; - netmap_attach(&na); -} - -/* end of file */ diff --git a/sys/dev/netmap/if_igb_netmap.h b/sys/dev/netmap/if_igb_netmap.h deleted file mode 100644 index df15ceee7d8c..000000000000 --- a/sys/dev/netmap/if_igb_netmap.h +++ /dev/null @@ -1,309 +0,0 @@ -/*- - * SPDX-License-Identifier: BSD-2-Clause-FreeBSD - * - * Copyright (C) 2011-2014 Universita` di Pisa. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* - * $FreeBSD$ - * - * Netmap support for igb, partly contributed by Ahmed Kooli - * For details on netmap support please see ixgbe_netmap.h - */ - - -#include <net/netmap.h> -#include <sys/selinfo.h> -#include <vm/vm.h> -#include <vm/pmap.h> /* vtophys ? */ -#include <dev/netmap/netmap_kern.h> - -/* - * Adaptation to different versions of the driver. - */ - -#ifndef IGB_MEDIA_RESET -/* at the same time as IGB_MEDIA_RESET was defined, the - * tx buffer descriptor was renamed, so use this to revert - * back to the old name. - */ -#define igb_tx_buf igb_tx_buffer -#endif - - -/* - * Register/unregister. We are already under netmap lock. - */ -static int -igb_netmap_reg(struct netmap_adapter *na, int onoff) -{ - struct ifnet *ifp = na->ifp; - struct adapter *adapter = ifp->if_softc; - - IGB_CORE_LOCK(adapter); - igb_disable_intr(adapter); - - /* Tell the stack that the interface is no longer active */ - ifp->if_drv_flags &= ~(IFF_DRV_RUNNING | IFF_DRV_OACTIVE); - - /* enable or disable flags and callbacks in na and ifp */ - if (onoff) { - nm_set_native_flags(na); - } else { - nm_clear_native_flags(na); - } - igb_init_locked(adapter); /* also enable intr */ - IGB_CORE_UNLOCK(adapter); - return (ifp->if_drv_flags & IFF_DRV_RUNNING ? 0 : 1); -} - - -/* - * Reconcile kernel and user view of the transmit ring. - */ -static int -igb_netmap_txsync(struct netmap_kring *kring, int flags) -{ - struct netmap_adapter *na = kring->na; - struct ifnet *ifp = na->ifp; - struct netmap_ring *ring = kring->ring; - u_int nm_i; /* index into the netmap ring */ - u_int nic_i; /* index into the NIC ring */ - u_int n; - u_int const lim = kring->nkr_num_slots - 1; - u_int const head = kring->rhead; - /* generate an interrupt approximately every half ring */ - u_int report_frequency = kring->nkr_num_slots >> 1; - - /* device-specific */ - struct adapter *adapter = ifp->if_softc; - struct tx_ring *txr = &adapter->tx_rings[kring->ring_id]; - /* 82575 needs the queue index added */ - u32 olinfo_status = - (adapter->hw.mac.type == e1000_82575) ? (txr->me << 4) : 0; - - bus_dmamap_sync(txr->txdma.dma_tag, txr->txdma.dma_map, - BUS_DMASYNC_POSTREAD); - - /* - * First part: process new packets to send. - */ - - nm_i = kring->nr_hwcur; - if (nm_i != head) { /* we have new packets to send */ - nic_i = netmap_idx_k2n(kring, nm_i); - for (n = 0; nm_i != head; n++) { - struct netmap_slot *slot = &ring->slot[nm_i]; - u_int len = slot->len; - uint64_t paddr; - void *addr = PNMB(na, slot, &paddr); - - /* device-specific */ - union e1000_adv_tx_desc *curr = - (union e1000_adv_tx_desc *)&txr->tx_base[nic_i]; - struct igb_tx_buf *txbuf = &txr->tx_buffers[nic_i]; - int flags = (slot->flags & NS_REPORT || - nic_i == 0 || nic_i == report_frequency) ? - E1000_ADVTXD_DCMD_RS : 0; - - NM_CHECK_ADDR_LEN(na, addr, len); - - if (slot->flags & NS_BUF_CHANGED) { - /* buffer has changed, reload map */ - netmap_reload_map(na, txr->txtag, txbuf->map, addr); - } - slot->flags &= ~(NS_REPORT | NS_BUF_CHANGED); - - /* Fill the slot in the NIC ring. */ - curr->read.buffer_addr = htole64(paddr); - // XXX check olinfo and cmd_type_len - curr->read.olinfo_status = - htole32(olinfo_status | - (len<< E1000_ADVTXD_PAYLEN_SHIFT)); - curr->read.cmd_type_len = - htole32(len | E1000_ADVTXD_DTYP_DATA | - E1000_ADVTXD_DCMD_IFCS | - E1000_ADVTXD_DCMD_DEXT | - E1000_ADVTXD_DCMD_EOP | flags); - - /* make sure changes to the buffer are synced */ - bus_dmamap_sync(txr->txtag, txbuf->map, - BUS_DMASYNC_PREWRITE); - - nm_i = nm_next(nm_i, lim); - nic_i = nm_next(nic_i, lim); - } - kring->nr_hwcur = head; - - /* Set the watchdog XXX ? */ - txr->queue_status = IGB_QUEUE_WORKING; - txr->watchdog_time = ticks; - - /* synchronize the NIC ring */ - bus_dmamap_sync(txr->txdma.dma_tag, txr->txdma.dma_map, - BUS_DMASYNC_PREREAD | BUS_DMASYNC_PREWRITE); - - /* (re)start the tx unit up to slot nic_i (excluded) */ - E1000_WRITE_REG(&adapter->hw, E1000_TDT(txr->me), nic_i); - } - - /* - * Second part: reclaim buffers for completed transmissions. - */ - if (flags & NAF_FORCE_RECLAIM || nm_kr_txempty(kring)) { - /* record completed transmissions using TDH */ - nic_i = E1000_READ_REG(&adapter->hw, E1000_TDH(kring->ring_id)); - if (nic_i >= kring->nkr_num_slots) { /* XXX can it happen ? */ - D("TDH wrap %d", nic_i); - nic_i -= kring->nkr_num_slots; - } - txr->next_to_clean = nic_i; - kring->nr_hwtail = nm_prev(netmap_idx_n2k(kring, nic_i), lim); - } - - return 0; -} - - -/* - * Reconcile kernel and user view of the receive ring. - */ -static int -igb_netmap_rxsync(struct netmap_kring *kring, int flags) -{ - struct netmap_adapter *na = kring->na; - struct ifnet *ifp = na->ifp; - struct netmap_ring *ring = kring->ring; - u_int nm_i; /* index into the netmap ring */ - u_int nic_i; /* index into the NIC ring */ - u_int n; - u_int const lim = kring->nkr_num_slots - 1; - u_int const head = kring->rhead; - int force_update = (flags & NAF_FORCE_READ) || kring->nr_kflags & NKR_PENDINTR; - - /* device-specific */ - struct adapter *adapter = ifp->if_softc; - struct rx_ring *rxr = &adapter->rx_rings[kring->ring_id]; - - if (head > lim) - return netmap_ring_reinit(kring); - - /* XXX check sync modes */ - bus_dmamap_sync(rxr->rxdma.dma_tag, rxr->rxdma.dma_map, - BUS_DMASYNC_POSTREAD | BUS_DMASYNC_POSTWRITE); - - /* - * First part: import newly received packets. - */ - if (netmap_no_pendintr || force_update) { - nic_i = rxr->next_to_check; - nm_i = netmap_idx_n2k(kring, nic_i); - - for (n = 0; ; n++) { - union e1000_adv_rx_desc *curr = &rxr->rx_base[nic_i]; - uint32_t staterr = le32toh(curr->wb.upper.status_error); - - if ((staterr & E1000_RXD_STAT_DD) == 0) - break; - ring->slot[nm_i].len = le16toh(curr->wb.upper.length); - ring->slot[nm_i].flags = 0; - bus_dmamap_sync(rxr->ptag, - rxr->rx_buffers[nic_i].pmap, BUS_DMASYNC_POSTREAD); - nm_i = nm_next(nm_i, lim); - nic_i = nm_next(nic_i, lim); - } - if (n) { /* update the state variables */ - rxr->next_to_check = nic_i; - kring->nr_hwtail = nm_i; - } - kring->nr_kflags &= ~NKR_PENDINTR; - } - - /* - * Second part: skip past packets that userspace has released. - */ - nm_i = kring->nr_hwcur; - if (nm_i != head) { - nic_i = netmap_idx_k2n(kring, nm_i); - for (n = 0; nm_i != head; n++) { - struct netmap_slot *slot = &ring->slot[nm_i]; - uint64_t paddr; - void *addr = PNMB(na, slot, &paddr); - - union e1000_adv_rx_desc *curr = &rxr->rx_base[nic_i]; - struct igb_rx_buf *rxbuf = &rxr->rx_buffers[nic_i]; - - if (addr == NETMAP_BUF_BASE(na)) /* bad buf */ - goto ring_reset; - - if (slot->flags & NS_BUF_CHANGED) { - /* buffer has changed, reload map */ - netmap_reload_map(na, rxr->ptag, rxbuf->pmap, addr); - slot->flags &= ~NS_BUF_CHANGED; - } - curr->wb.upper.status_error = 0; - curr->read.pkt_addr = htole64(paddr); - bus_dmamap_sync(rxr->ptag, rxbuf->pmap, - BUS_DMASYNC_PREREAD); - nm_i = nm_next(nm_i, lim); - nic_i = nm_next(nic_i, lim); - } - kring->nr_hwcur = head; - - bus_dmamap_sync(rxr->rxdma.dma_tag, rxr->rxdma.dma_map, - BUS_DMASYNC_PREREAD | BUS_DMASYNC_PREWRITE); - /* - * IMPORTANT: we must leave one free slot in the ring, - * so move nic_i back by one unit - */ - nic_i = nm_prev(nic_i, lim); - E1000_WRITE_REG(&adapter->hw, E1000_RDT(rxr->me), nic_i); - } - - return 0; - -ring_reset: - return netmap_ring_reinit(kring); -} - - -static void -igb_netmap_attach(struct adapter *adapter) -{ - struct netmap_adapter na; - - bzero(&na, sizeof(na)); - - na.ifp = adapter->ifp; - na.na_flags = NAF_BDG_MAYSLEEP; - na.num_tx_desc = adapter->num_tx_desc; - na.num_rx_desc = adapter->num_rx_desc; - na.nm_txsync = igb_netmap_txsync; - na.nm_rxsync = igb_netmap_rxsync; - na.nm_register = igb_netmap_reg; - na.num_tx_rings = na.num_rx_rings = adapter->num_queues; - netmap_attach(&na); -} - -/* end of file */ diff --git a/sys/dev/netmap/if_ixl_netmap.h b/sys/dev/netmap/if_ixl_netmap.h deleted file mode 100644 index e9b036d34e87..000000000000 --- a/sys/dev/netmap/if_ixl_netmap.h +++ /dev/null @@ -1,420 +0,0 @@ -/* - * Copyright (C) 2015, Luigi Rizzo. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* - * $FreeBSD$ - * - * netmap support for: ixl - * - * derived from ixgbe - * netmap support for a network driver. - * This file contains code but only static or inline functions used - * by a single driver. To avoid replication of code we just #include - * it near the beginning of the standard driver. - * For ixl the file is imported in two places, hence the conditional at the - * beginning. - */ - -#include <net/netmap.h> -#include <sys/selinfo.h> - -/* - * Some drivers may need the following headers. Others - * already include them by default - -#include <vm/vm.h> -#include <vm/pmap.h> - - */ -#include <dev/netmap/netmap_kern.h> - -int ixl_netmap_txsync(struct netmap_kring *kring, int flags); -int ixl_netmap_rxsync(struct netmap_kring *kring, int flags); - -extern int ixl_rx_miss, ixl_rx_miss_bufs, ixl_crcstrip; - -#ifdef NETMAP_IXL_MAIN -/* - * device-specific sysctl variables: - * - * ixl_crcstrip: 0: NIC keeps CRC in rx frames, 1: NIC strips it (default). - * During regular operations the CRC is stripped, but on some - * hardware reception of frames not multiple of 64 is slower, - * so using crcstrip=0 helps in benchmarks. - * - * ixl_rx_miss, ixl_rx_miss_bufs: - * count packets that might be missed due to lost interrupts. - */ -SYSCTL_DECL(_dev_netmap); -/* - * The xl driver by default strips CRCs and we do not override it. - */ -#if 0 -SYSCTL_INT(_dev_netmap, OID_AUTO, ixl_crcstrip, - CTLFLAG_RW, &ixl_crcstrip, 1, "NIC strips CRC on rx frames"); -#endif -SYSCTL_INT(_dev_netmap, OID_AUTO, ixl_rx_miss, - CTLFLAG_RW, &ixl_rx_miss, 0, "potentially missed rx intr"); -SYSCTL_INT(_dev_netmap, OID_AUTO, ixl_rx_miss_bufs, - CTLFLAG_RW, &ixl_rx_miss_bufs, 0, "potentially missed rx intr bufs"); - - -/* - * Register/unregister. We are already under netmap lock. - * Only called on the first register or the last unregister. - */ -static int -ixl_netmap_reg(struct netmap_adapter *na, int onoff) -{ - struct ifnet *ifp = na->ifp; - struct ixl_vsi *vsi = ifp->if_softc; - struct ixl_pf *pf = (struct ixl_pf *)vsi->back; - - IXL_PF_LOCK(pf); - ixl_disable_intr(vsi); - - /* Tell the stack that the interface is no longer active */ - ifp->if_drv_flags &= ~(IFF_DRV_RUNNING | IFF_DRV_OACTIVE); - - //set_crcstrip(&adapter->hw, onoff); - /* enable or disable flags and callbacks in na and ifp */ - if (onoff) { - nm_set_native_flags(na); - } else { - nm_clear_native_flags(na); - } - ixl_init_locked(pf); /* also enables intr */ - //set_crcstrip(&adapter->hw, onoff); // XXX why twice ? - IXL_PF_UNLOCK(pf); - return (ifp->if_drv_flags & IFF_DRV_RUNNING ? 0 : 1); -} - - -/* - * The attach routine, called near the end of ixl_attach(), - * fills the parameters for netmap_attach() and calls it. - * It cannot fail, in the worst case (such as no memory) - * netmap mode will be disabled and the driver will only - * operate in standard mode. - */ -static void -ixl_netmap_attach(struct ixl_vsi *vsi) -{ - struct netmap_adapter na; - - bzero(&na, sizeof(na)); - - na.ifp = vsi->ifp; - na.na_flags = NAF_BDG_MAYSLEEP; - // XXX check that queues is set. - nm_prinf("queues is %p\n", vsi->queues); - if (vsi->queues) { - na.num_tx_desc = vsi->queues[0].num_desc; - na.num_rx_desc = vsi->queues[0].num_desc; - } - na.nm_txsync = ixl_netmap_txsync; - na.nm_rxsync = ixl_netmap_rxsync; - na.nm_register = ixl_netmap_reg; - na.num_tx_rings = na.num_rx_rings = vsi->num_queues; - netmap_attach(&na); -} - - -#else /* !NETMAP_IXL_MAIN, code for ixl_txrx.c */ - -/* - * Reconcile kernel and user view of the transmit ring. - * - * All information is in the kring. - * Userspace wants to send packets up to the one before kring->rhead, - * kernel knows kring->nr_hwcur is the first unsent packet. - * - * Here we push packets out (as many as possible), and possibly - * reclaim buffers from previously completed transmission. - * - * The caller (netmap) guarantees that there is only one instance - * running at any time. Any interference with other driver - * methods should be handled by the individual drivers. - */ -int -ixl_netmap_txsync(struct netmap_kring *kring, int flags) -{ - struct netmap_adapter *na = kring->na; - struct ifnet *ifp = na->ifp; - struct netmap_ring *ring = kring->ring; - u_int nm_i; /* index into the netmap ring */ - u_int nic_i; /* index into the NIC ring */ - u_int n; - u_int const lim = kring->nkr_num_slots - 1; - u_int const head = kring->rhead; - /* - * interrupts on every tx packet are expensive so request - * them every half ring, or where NS_REPORT is set - */ - u_int report_frequency = kring->nkr_num_slots >> 1; - - /* device-specific */ - struct ixl_vsi *vsi = ifp->if_softc; - struct ixl_queue *que = &vsi->queues[kring->ring_id]; - struct tx_ring *txr = &que->txr; - - bus_dmamap_sync(txr->dma.tag, txr->dma.map, - BUS_DMASYNC_POSTREAD); - - /* - * First part: process new packets to send. - * nm_i is the current index in the netmap ring, - * nic_i is the corresponding index in the NIC ring. - * - * If we have packets to send (nm_i != head) - * iterate over the netmap ring, fetch length and update - * the corresponding slot in the NIC ring. Some drivers also - * need to update the buffer's physical address in the NIC slot - * even NS_BUF_CHANGED is not set (PNMB computes the addresses). - * - * The netmap_reload_map() calls is especially expensive, - * even when (as in this case) the tag is 0, so do only - * when the buffer has actually changed. - * - * If possible do not set the report/intr bit on all slots, - * but only a few times per ring or when NS_REPORT is set. - * - * Finally, on 10G and faster drivers, it might be useful - * to prefetch the next slot and txr entry. - */ - - nm_i = kring->nr_hwcur; - if (nm_i != head) { /* we have new packets to send */ - nic_i = netmap_idx_k2n(kring, nm_i); - - __builtin_prefetch(&ring->slot[nm_i]); - __builtin_prefetch(&txr->buffers[nic_i]); - - for (n = 0; nm_i != head; n++) { - struct netmap_slot *slot = &ring->slot[nm_i]; - u_int len = slot->len; - uint64_t paddr; - void *addr = PNMB(na, slot, &paddr); - - /* device-specific */ - struct i40e_tx_desc *curr = &txr->base[nic_i]; - struct ixl_tx_buf *txbuf = &txr->buffers[nic_i]; - u64 flags = (slot->flags & NS_REPORT || - nic_i == 0 || nic_i == report_frequency) ? - ((u64)I40E_TX_DESC_CMD_RS << I40E_TXD_QW1_CMD_SHIFT) : 0; - - /* prefetch for next round */ - __builtin_prefetch(&ring->slot[nm_i + 1]); - __builtin_prefetch(&txr->buffers[nic_i + 1]); - - NM_CHECK_ADDR_LEN(na, addr, len); - - if (slot->flags & NS_BUF_CHANGED) { - /* buffer has changed, reload map */ - netmap_reload_map(na, txr->dma.tag, txbuf->map, addr); - } - slot->flags &= ~(NS_REPORT | NS_BUF_CHANGED); - - /* Fill the slot in the NIC ring. */ - curr->buffer_addr = htole64(paddr); - curr->cmd_type_offset_bsz = htole64( - ((u64)len << I40E_TXD_QW1_TX_BUF_SZ_SHIFT) | - flags | - ((u64)I40E_TX_DESC_CMD_EOP << I40E_TXD_QW1_CMD_SHIFT) - ); // XXX more ? - - /* make sure changes to the buffer are synced */ - bus_dmamap_sync(txr->dma.tag, txbuf->map, - BUS_DMASYNC_PREWRITE); - - nm_i = nm_next(nm_i, lim); - nic_i = nm_next(nic_i, lim); - } - kring->nr_hwcur = head; - - /* synchronize the NIC ring */ - bus_dmamap_sync(txr->dma.tag, txr->dma.map, - BUS_DMASYNC_PREREAD | BUS_DMASYNC_PREWRITE); - - /* (re)start the tx unit up to slot nic_i (excluded) */ - wr32(vsi->hw, txr->tail, nic_i); - } - - /* - * Second part: reclaim buffers for completed transmissions. - */ - nic_i = LE32_TO_CPU(*(volatile __le32 *)&txr->base[que->num_desc]); - if (nic_i != txr->next_to_clean) { - /* some tx completed, increment avail */ - txr->next_to_clean = nic_i; - kring->nr_hwtail = nm_prev(netmap_idx_n2k(kring, nic_i), lim); - } - - return 0; -} - - -/* - * Reconcile kernel and user view of the receive ring. - * Same as for the txsync, this routine must be efficient. - * The caller guarantees a single invocations, but races against - * the rest of the driver should be handled here. - * - * On call, kring->rhead is the first packet that userspace wants - * to keep, and kring->rcur is the wakeup point. - * The kernel has previously reported packets up to kring->rtail. - * - * If (flags & NAF_FORCE_READ) also check for incoming packets irrespective - * of whether or not we received an interrupt. - */ -int -ixl_netmap_rxsync(struct netmap_kring *kring, int flags) -{ - struct netmap_adapter *na = kring->na; - struct ifnet *ifp = na->ifp; - struct netmap_ring *ring = kring->ring; - u_int nm_i; /* index into the netmap ring */ - u_int nic_i; /* index into the NIC ring */ - u_int n; - u_int const lim = kring->nkr_num_slots - 1; - u_int const head = kring->rhead; - int force_update = (flags & NAF_FORCE_READ) || kring->nr_kflags & NKR_PENDINTR; - - /* device-specific */ - struct ixl_vsi *vsi = ifp->if_softc; - struct ixl_queue *que = &vsi->queues[kring->ring_id]; - struct rx_ring *rxr = &que->rxr; - - if (head > lim) - return netmap_ring_reinit(kring); - - /* XXX check sync modes */ - bus_dmamap_sync(rxr->dma.tag, rxr->dma.map, - BUS_DMASYNC_POSTREAD | BUS_DMASYNC_POSTWRITE); - - /* - * First part: import newly received packets. - * - * nm_i is the index of the next free slot in the netmap ring, - * nic_i is the index of the next received packet in the NIC ring, - * and they may differ in case if_init() has been called while - * in netmap mode. For the receive ring we have - * - * nic_i = rxr->next_check; - * nm_i = kring->nr_hwtail (previous) - * and - * nm_i == (nic_i + kring->nkr_hwofs) % ring_size - * - * rxr->next_check is set to 0 on a ring reinit - */ - if (netmap_no_pendintr || force_update) { - int crclen = ixl_crcstrip ? 0 : 4; - - nic_i = rxr->next_check; // or also k2n(kring->nr_hwtail) - nm_i = netmap_idx_n2k(kring, nic_i); - - for (n = 0; ; n++) { - union i40e_32byte_rx_desc *curr = &rxr->base[nic_i]; - uint64_t qword = le64toh(curr->wb.qword1.status_error_len); - uint32_t staterr = (qword & I40E_RXD_QW1_STATUS_MASK) - >> I40E_RXD_QW1_STATUS_SHIFT; - - if ((staterr & (1<<I40E_RX_DESC_STATUS_DD_SHIFT)) == 0) - break; - ring->slot[nm_i].len = ((qword & I40E_RXD_QW1_LENGTH_PBUF_MASK) - >> I40E_RXD_QW1_LENGTH_PBUF_SHIFT) - crclen; - ring->slot[nm_i].flags = 0; - bus_dmamap_sync(rxr->ptag, - rxr->buffers[nic_i].pmap, BUS_DMASYNC_POSTREAD); - nm_i = nm_next(nm_i, lim); - nic_i = nm_next(nic_i, lim); - } - if (n) { /* update the state variables */ - if (netmap_no_pendintr && !force_update) { - /* diagnostics */ - ixl_rx_miss ++; - ixl_rx_miss_bufs += n; - } - rxr->next_check = nic_i; - kring->nr_hwtail = nm_i; - } - kring->nr_kflags &= ~NKR_PENDINTR; - } - - /* - * Second part: skip past packets that userspace has released. - * (kring->nr_hwcur to head excluded), - * and make the buffers available for reception. - * As usual nm_i is the index in the netmap ring, - * nic_i is the index in the NIC ring, and - * nm_i == (nic_i + kring->nkr_hwofs) % ring_size - */ - nm_i = kring->nr_hwcur; - if (nm_i != head) { - nic_i = netmap_idx_k2n(kring, nm_i); - for (n = 0; nm_i != head; n++) { - struct netmap_slot *slot = &ring->slot[nm_i]; - uint64_t paddr; - void *addr = PNMB(na, slot, &paddr); - - union i40e_32byte_rx_desc *curr = &rxr->base[nic_i]; - struct ixl_rx_buf *rxbuf = &rxr->buffers[nic_i]; - - if (addr == NETMAP_BUF_BASE(na)) /* bad buf */ - goto ring_reset; - - if (slot->flags & NS_BUF_CHANGED) { - /* buffer has changed, reload map */ - netmap_reload_map(na, rxr->ptag, rxbuf->pmap, addr); - slot->flags &= ~NS_BUF_CHANGED; - } - curr->read.pkt_addr = htole64(paddr); - curr->read.hdr_addr = 0; // XXX needed - bus_dmamap_sync(rxr->ptag, rxbuf->pmap, - BUS_DMASYNC_PREREAD); - nm_i = nm_next(nm_i, lim); - nic_i = nm_next(nic_i, lim); - } - kring->nr_hwcur = head; - - bus_dmamap_sync(rxr->dma.tag, rxr->dma.map, - BUS_DMASYNC_PREREAD | BUS_DMASYNC_PREWRITE); - /* - * IMPORTANT: we must leave one free slot in the ring, - * so move nic_i back by one unit - */ - nic_i = nm_prev(nic_i, lim); - wr32(vsi->hw, rxr->tail, nic_i); - } - - return 0; - -ring_reset: - return netmap_ring_reinit(kring); -} - -#endif /* !NETMAP_IXL_MAIN */ - -/* end of file */ diff --git a/sys/dev/netmap/if_lem_netmap.h b/sys/dev/netmap/if_lem_netmap.h deleted file mode 100644 index f8ba2bb716c8..000000000000 --- a/sys/dev/netmap/if_lem_netmap.h +++ /dev/null @@ -1,321 +0,0 @@ -/*- - * SPDX-License-Identifier: BSD-2-Clause-FreeBSD - * - * Copyright (C) 2011-2014 Matteo Landi, Luigi Rizzo. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - - -/* - * $FreeBSD$ - * - * netmap support for: lem - * - * For details on netmap support please see ixgbe_netmap.h - */ - - -#include <net/netmap.h> -#include <sys/selinfo.h> -#include <dev/netmap/netmap_kern.h> - -/* - * Register/unregister. We are already under netmap lock. - */ -static int -lem_netmap_reg(struct netmap_adapter *na, int onoff) -{ - struct ifnet *ifp = na->ifp; - struct adapter *adapter = ifp->if_softc; - - EM_CORE_LOCK(adapter); - - lem_disable_intr(adapter); - - /* Tell the stack that the interface is no longer active */ - ifp->if_drv_flags &= ~(IFF_DRV_RUNNING | IFF_DRV_OACTIVE); - -#ifndef EM_LEGACY_IRQ // XXX do we need this ? - taskqueue_block(adapter->tq); - taskqueue_drain(adapter->tq, &adapter->rxtx_task); - taskqueue_drain(adapter->tq, &adapter->link_task); -#endif /* !EM_LEGCY_IRQ */ - - /* enable or disable flags and callbacks in na and ifp */ - if (onoff) { - nm_set_native_flags(na); - } else { - nm_clear_native_flags(na); - } - lem_init_locked(adapter); /* also enable intr */ - -#ifndef EM_LEGACY_IRQ - taskqueue_unblock(adapter->tq); // XXX do we need this ? -#endif /* !EM_LEGCY_IRQ */ - - EM_CORE_UNLOCK(adapter); - - return (ifp->if_drv_flags & IFF_DRV_RUNNING ? 0 : 1); -} - - -static void -lem_netmap_intr(struct netmap_adapter *na, int onoff) -{ - struct ifnet *ifp = na->ifp; - struct adapter *adapter = ifp->if_softc; - - EM_CORE_LOCK(adapter); - if (onoff) { - lem_enable_intr(adapter); - } else { - lem_disable_intr(adapter); - } - EM_CORE_UNLOCK(adapter); -} - - -/* - * Reconcile kernel and user view of the transmit ring. - */ -static int -lem_netmap_txsync(struct netmap_kring *kring, int flags) -{ - struct netmap_adapter *na = kring->na; - struct ifnet *ifp = na->ifp; - struct netmap_ring *ring = kring->ring; - u_int nm_i; /* index into the netmap ring */ - u_int nic_i; /* index into the NIC ring */ - u_int const lim = kring->nkr_num_slots - 1; - u_int const head = kring->rhead; - /* generate an interrupt approximately every half ring */ - u_int report_frequency = kring->nkr_num_slots >> 1; - - /* device-specific */ - struct adapter *adapter = ifp->if_softc; - - bus_dmamap_sync(adapter->txdma.dma_tag, adapter->txdma.dma_map, - BUS_DMASYNC_POSTREAD); - - /* - * First part: process new packets to send. - */ - - nm_i = kring->nr_hwcur; - if (nm_i != head) { /* we have new packets to send */ - nic_i = netmap_idx_k2n(kring, nm_i); - while (nm_i != head) { - struct netmap_slot *slot = &ring->slot[nm_i]; - u_int len = slot->len; - uint64_t paddr; - void *addr = PNMB(na, slot, &paddr); - - /* device-specific */ - struct e1000_tx_desc *curr = &adapter->tx_desc_base[nic_i]; - struct em_buffer *txbuf = &adapter->tx_buffer_area[nic_i]; - int flags = (slot->flags & NS_REPORT || - nic_i == 0 || nic_i == report_frequency) ? - E1000_TXD_CMD_RS : 0; - - NM_CHECK_ADDR_LEN(na, addr, len); - - if (slot->flags & NS_BUF_CHANGED) { - /* buffer has changed, reload map */ - curr->buffer_addr = htole64(paddr); - netmap_reload_map(na, adapter->txtag, txbuf->map, addr); - } - slot->flags &= ~(NS_REPORT | NS_BUF_CHANGED); - - /* Fill the slot in the NIC ring. */ - curr->upper.data = 0; - curr->lower.data = htole32(adapter->txd_cmd | len | - (E1000_TXD_CMD_EOP | flags) ); - bus_dmamap_sync(adapter->txtag, txbuf->map, - BUS_DMASYNC_PREWRITE); - - nm_i = nm_next(nm_i, lim); - nic_i = nm_next(nic_i, lim); - // XXX might try an early kick - } - kring->nr_hwcur = head; - - /* synchronize the NIC ring */ - bus_dmamap_sync(adapter->txdma.dma_tag, adapter->txdma.dma_map, - BUS_DMASYNC_PREREAD | BUS_DMASYNC_PREWRITE); - - /* (re)start the tx unit up to slot nic_i (excluded) */ - E1000_WRITE_REG(&adapter->hw, E1000_TDT(0), nic_i); - } - - /* - * Second part: reclaim buffers for completed transmissions. - */ - if (ticks != kring->last_reclaim || flags & NAF_FORCE_RECLAIM || nm_kr_txempty(kring)) { - kring->last_reclaim = ticks; - /* record completed transmissions using TDH */ - nic_i = E1000_READ_REG(&adapter->hw, E1000_TDH(0)); - if (nic_i >= kring->nkr_num_slots) { /* XXX can it happen ? */ - D("TDH wrap %d", nic_i); - nic_i -= kring->nkr_num_slots; - } - adapter->next_tx_to_clean = nic_i; - kring->nr_hwtail = nm_prev(netmap_idx_n2k(kring, nic_i), lim); - } - - return 0; -} - - -/* - * Reconcile kernel and user view of the receive ring. - */ -static int -lem_netmap_rxsync(struct netmap_kring *kring, int flags) -{ - struct netmap_adapter *na = kring->na; - struct ifnet *ifp = na->ifp; - struct netmap_ring *ring = kring->ring; - u_int nm_i; /* index into the netmap ring */ - u_int nic_i; /* index into the NIC ring */ - u_int n; - u_int const lim = kring->nkr_num_slots - 1; - u_int const head = kring->rhead; - int force_update = (flags & NAF_FORCE_READ) || kring->nr_kflags & NKR_PENDINTR; - - /* device-specific */ - struct adapter *adapter = ifp->if_softc; - - if (head > lim) - return netmap_ring_reinit(kring); - - /* XXX check sync modes */ - bus_dmamap_sync(adapter->rxdma.dma_tag, adapter->rxdma.dma_map, - BUS_DMASYNC_POSTREAD | BUS_DMASYNC_POSTWRITE); - - /* - * First part: import newly received packets. - */ - if (netmap_no_pendintr || force_update) { - nic_i = adapter->next_rx_desc_to_check; - nm_i = netmap_idx_n2k(kring, nic_i); - - for (n = 0; ; n++) { - struct e1000_rx_desc *curr = &adapter->rx_desc_base[nic_i]; - uint32_t staterr = le32toh(curr->status); - int len; - - if ((staterr & E1000_RXD_STAT_DD) == 0) - break; - len = le16toh(curr->length) - 4; // CRC - if (len < 0) { - RD(5, "bogus pkt (%d) size %d nic idx %d", n, len, nic_i); - len = 0; - } - ring->slot[nm_i].len = len; - ring->slot[nm_i].flags = 0; - bus_dmamap_sync(adapter->rxtag, - adapter->rx_buffer_area[nic_i].map, - BUS_DMASYNC_POSTREAD); - nm_i = nm_next(nm_i, lim); - nic_i = nm_next(nic_i, lim); - } - if (n) { /* update the state variables */ - ND("%d new packets at nic %d nm %d tail %d", - n, - adapter->next_rx_desc_to_check, - netmap_idx_n2k(kring, adapter->next_rx_desc_to_check), - kring->nr_hwtail); - adapter->next_rx_desc_to_check = nic_i; - // if_inc_counter(ifp, IFCOUNTER_IPACKETS, n); - kring->nr_hwtail = nm_i; - } - kring->nr_kflags &= ~NKR_PENDINTR; - } - - /* - * Second part: skip past packets that userspace has released. - */ - nm_i = kring->nr_hwcur; - if (nm_i != head) { - nic_i = netmap_idx_k2n(kring, nm_i); - for (n = 0; nm_i != head; n++) { - struct netmap_slot *slot = &ring->slot[nm_i]; - uint64_t paddr; - void *addr = PNMB(na, slot, &paddr); - - struct e1000_rx_desc *curr = &adapter->rx_desc_base[nic_i]; - struct em_buffer *rxbuf = &adapter->rx_buffer_area[nic_i]; - - if (addr == NETMAP_BUF_BASE(na)) /* bad buf */ - goto ring_reset; - - if (slot->flags & NS_BUF_CHANGED) { - /* buffer has changed, reload map */ - curr->buffer_addr = htole64(paddr); - netmap_reload_map(na, adapter->rxtag, rxbuf->map, addr); - slot->flags &= ~NS_BUF_CHANGED; - } - curr->status = 0; - bus_dmamap_sync(adapter->rxtag, rxbuf->map, - BUS_DMASYNC_PREREAD); - nm_i = nm_next(nm_i, lim); - nic_i = nm_next(nic_i, lim); - } - kring->nr_hwcur = head; - bus_dmamap_sync(adapter->rxdma.dma_tag, adapter->rxdma.dma_map, - BUS_DMASYNC_PREREAD | BUS_DMASYNC_PREWRITE); - /* - * IMPORTANT: we must leave one free slot in the ring, - * so move nic_i back by one unit - */ - nic_i = nm_prev(nic_i, lim); - E1000_WRITE_REG(&adapter->hw, E1000_RDT(0), nic_i); - } - - return 0; - -ring_reset: - return netmap_ring_reinit(kring); -} - - -static void -lem_netmap_attach(struct adapter *adapter) -{ - struct netmap_adapter na; - - bzero(&na, sizeof(na)); - - na.ifp = adapter->ifp; - na.na_flags = NAF_BDG_MAYSLEEP; - na.num_tx_desc = adapter->num_tx_desc; - na.num_rx_desc = adapter->num_rx_desc; - na.nm_txsync = lem_netmap_txsync; - na.nm_rxsync = lem_netmap_rxsync; - na.nm_register = lem_netmap_reg; - na.num_tx_rings = na.num_rx_rings = 1; - na.nm_intr = lem_netmap_intr; - netmap_attach(&na); -} - -/* end of file */ diff --git a/sys/dev/netmap/if_ptnet.c b/sys/dev/netmap/if_ptnet.c index 55137f2706da..c362018b95af 100644 --- a/sys/dev/netmap/if_ptnet.c +++ b/sys/dev/netmap/if_ptnet.c @@ -128,8 +128,8 @@ struct ptnet_queue { struct resource *irq; void *cookie; int kring_id; - struct ptnet_csb_gh *ptgh; - struct ptnet_csb_hg *pthg; + struct nm_csb_atok *atok; + struct nm_csb_ktoa *ktoa; unsigned int kick; struct mtx lock; struct buf_ring *bufring; /* for TX queues */ @@ -166,8 +166,8 @@ struct ptnet_softc { unsigned int num_tx_rings; struct ptnet_queue *queues; struct ptnet_queue *rxqueues; - struct ptnet_csb_gh *csb_gh; - struct ptnet_csb_hg *csb_hg; + struct nm_csb_atok *csb_gh; + struct nm_csb_ktoa *csb_hg; unsigned int min_tx_space; @@ -209,7 +209,7 @@ static void ptnet_tick(void *opaque); static int ptnet_irqs_init(struct ptnet_softc *sc); static void ptnet_irqs_fini(struct ptnet_softc *sc); -static uint32_t ptnet_nm_ptctl(if_t ifp, uint32_t cmd); +static uint32_t ptnet_nm_ptctl(struct ptnet_softc *sc, uint32_t cmd); static int ptnet_nm_config(struct netmap_adapter *na, struct nm_config_info *info); static void ptnet_update_vnet_hdr(struct ptnet_softc *sc); @@ -327,7 +327,7 @@ ptnet_attach(device_t dev) sc->num_rings = num_tx_rings + num_rx_rings; sc->num_tx_rings = num_tx_rings; - if (sc->num_rings * sizeof(struct ptnet_csb_gh) > PAGE_SIZE) { + if (sc->num_rings * sizeof(struct nm_csb_atok) > PAGE_SIZE) { device_printf(dev, "CSB cannot handle that many rings (%u)\n", sc->num_rings); err = ENOMEM; @@ -342,7 +342,7 @@ ptnet_attach(device_t dev) err = ENOMEM; goto err_path; } - sc->csb_hg = (struct ptnet_csb_hg *)(((char *)sc->csb_gh) + PAGE_SIZE); + sc->csb_hg = (struct nm_csb_ktoa *)(((char *)sc->csb_gh) + PAGE_SIZE); { /* @@ -379,8 +379,8 @@ ptnet_attach(device_t dev) pq->sc = sc; pq->kring_id = i; pq->kick = PTNET_IO_KICK_BASE + 4 * i; - pq->ptgh = sc->csb_gh + i; - pq->pthg = sc->csb_hg + i; + pq->atok = sc->csb_gh + i; + pq->ktoa = sc->csb_hg + i; snprintf(pq->lock_name, sizeof(pq->lock_name), "%s-%d", device_get_nameunit(dev), i); mtx_init(&pq->lock, pq->lock_name, NULL, MTX_DEF); @@ -505,12 +505,25 @@ err_path: return err; } +/* Stop host sync-kloop if it was running. */ +static void +ptnet_device_shutdown(struct ptnet_softc *sc) +{ + ptnet_nm_ptctl(sc, PTNETMAP_PTCTL_DELETE); + bus_write_4(sc->iomem, PTNET_IO_CSB_GH_BAH, 0); + bus_write_4(sc->iomem, PTNET_IO_CSB_GH_BAL, 0); + bus_write_4(sc->iomem, PTNET_IO_CSB_HG_BAH, 0); + bus_write_4(sc->iomem, PTNET_IO_CSB_HG_BAL, 0); +} + static int ptnet_detach(device_t dev) { struct ptnet_softc *sc = device_get_softc(dev); int i; + ptnet_device_shutdown(sc); + #ifdef DEVICE_POLLING if (sc->ifp->if_capenable & IFCAP_POLLING) { ether_poll_deregister(sc->ifp); @@ -543,10 +556,6 @@ ptnet_detach(device_t dev) ptnet_irqs_fini(sc); if (sc->csb_gh) { - bus_write_4(sc->iomem, PTNET_IO_CSB_GH_BAH, 0); - bus_write_4(sc->iomem, PTNET_IO_CSB_GH_BAL, 0); - bus_write_4(sc->iomem, PTNET_IO_CSB_HG_BAH, 0); - bus_write_4(sc->iomem, PTNET_IO_CSB_HG_BAL, 0); contigfree(sc->csb_gh, 2*PAGE_SIZE, M_DEVBUF); sc->csb_gh = NULL; sc->csb_hg = NULL; @@ -583,9 +592,8 @@ ptnet_detach(device_t dev) static int ptnet_suspend(device_t dev) { - struct ptnet_softc *sc; + struct ptnet_softc *sc = device_get_softc(dev); - sc = device_get_softc(dev); (void)sc; return (0); @@ -594,9 +602,8 @@ ptnet_suspend(device_t dev) static int ptnet_resume(device_t dev) { - struct ptnet_softc *sc; + struct ptnet_softc *sc = device_get_softc(dev); - sc = device_get_softc(dev); (void)sc; return (0); @@ -605,11 +612,11 @@ ptnet_resume(device_t dev) static int ptnet_shutdown(device_t dev) { - /* - * Suspend already does all of what we need to - * do here; we just never expect to be resumed. - */ - return (ptnet_suspend(dev)); + struct ptnet_softc *sc = device_get_softc(dev); + + ptnet_device_shutdown(sc); + + return (0); } static int @@ -796,7 +803,7 @@ ptnet_ioctl(if_t ifp, u_long cmd, caddr_t data) /* Make sure the worker sees the * IFF_DRV_RUNNING down. */ PTNET_Q_LOCK(pq); - pq->ptgh->guest_need_kick = 0; + pq->atok->appl_need_kick = 0; PTNET_Q_UNLOCK(pq); /* Wait for rescheduling to finish. */ if (pq->taskq) { @@ -810,7 +817,7 @@ ptnet_ioctl(if_t ifp, u_long cmd, caddr_t data) for (i = 0; i < sc->num_rings; i++) { pq = sc-> queues + i; PTNET_Q_LOCK(pq); - pq->ptgh->guest_need_kick = 1; + pq->atok->appl_need_kick = 1; PTNET_Q_UNLOCK(pq); } } @@ -881,7 +888,7 @@ ptnet_init_locked(struct ptnet_softc *sc) return ret; } - if (sc->ptna->backend_regifs == 0) { + if (sc->ptna->backend_users == 0) { ret = ptnet_nm_krings_create(na_nm); if (ret) { device_printf(sc->dev, "ptnet_nm_krings_create() " @@ -962,7 +969,7 @@ ptnet_stop(struct ptnet_softc *sc) ptnet_nm_register(na_dr, 0 /* off */); - if (sc->ptna->backend_regifs == 0) { + if (sc->ptna->backend_users == 0) { netmap_mem_rings_delete(na_dr); ptnet_nm_krings_delete(na_nm); } @@ -1092,9 +1099,8 @@ ptnet_media_status(if_t ifp, struct ifmediareq *ifmr) } static uint32_t -ptnet_nm_ptctl(if_t ifp, uint32_t cmd) +ptnet_nm_ptctl(struct ptnet_softc *sc, uint32_t cmd) { - struct ptnet_softc *sc = if_getsoftc(ifp); /* * Write a command and read back error status, * with zero meaning success. @@ -1130,8 +1136,8 @@ ptnet_sync_from_csb(struct ptnet_softc *sc, struct netmap_adapter *na) /* Sync krings from the host, reading from * CSB. */ for (i = 0; i < sc->num_rings; i++) { - struct ptnet_csb_gh *ptgh = sc->queues[i].ptgh; - struct ptnet_csb_hg *pthg = sc->queues[i].pthg; + struct nm_csb_atok *atok = sc->queues[i].atok; + struct nm_csb_ktoa *ktoa = sc->queues[i].ktoa; struct netmap_kring *kring; if (i < na->num_tx_rings) { @@ -1139,15 +1145,15 @@ ptnet_sync_from_csb(struct ptnet_softc *sc, struct netmap_adapter *na) } else { kring = na->rx_rings[i - na->num_tx_rings]; } - kring->rhead = kring->ring->head = ptgh->head; - kring->rcur = kring->ring->cur = ptgh->cur; - kring->nr_hwcur = pthg->hwcur; + kring->rhead = kring->ring->head = atok->head; + kring->rcur = kring->ring->cur = atok->cur; + kring->nr_hwcur = ktoa->hwcur; kring->nr_hwtail = kring->rtail = - kring->ring->tail = pthg->hwtail; + kring->ring->tail = ktoa->hwtail; ND("%d,%d: csb {hc %u h %u c %u ht %u}", t, i, - pthg->hwcur, ptgh->head, ptgh->cur, - pthg->hwtail); + ktoa->hwcur, atok->head, atok->cur, + ktoa->hwtail); ND("%d,%d: kring {hc %u rh %u rc %u h %u c %u ht %u rt %u t %u}", t, i, kring->nr_hwcur, kring->rhead, kring->rcur, kring->ring->head, kring->ring->cur, kring->nr_hwtail, @@ -1178,7 +1184,7 @@ ptnet_nm_register(struct netmap_adapter *na, int onoff) int i; if (!onoff) { - sc->ptna->backend_regifs--; + sc->ptna->backend_users--; } /* If this is the last netmap client, guest interrupt enable flags may @@ -1191,17 +1197,17 @@ ptnet_nm_register(struct netmap_adapter *na, int onoff) D("Exit netmap mode, re-enable interrupts"); for (i = 0; i < sc->num_rings; i++) { pq = sc->queues + i; - pq->ptgh->guest_need_kick = 1; + pq->atok->appl_need_kick = 1; } } if (onoff) { - if (sc->ptna->backend_regifs == 0) { + if (sc->ptna->backend_users == 0) { /* Initialize notification enable fields in the CSB. */ for (i = 0; i < sc->num_rings; i++) { pq = sc->queues + i; - pq->pthg->host_need_kick = 1; - pq->ptgh->guest_need_kick = + pq->ktoa->kern_need_kick = 1; + pq->atok->appl_need_kick = (!(ifp->if_capenable & IFCAP_POLLING) && i >= sc->num_tx_rings); } @@ -1211,17 +1217,13 @@ ptnet_nm_register(struct netmap_adapter *na, int onoff) /* Make sure the host adapter passed through is ready * for txsync/rxsync. */ - ret = ptnet_nm_ptctl(ifp, PTNETMAP_PTCTL_CREATE); + ret = ptnet_nm_ptctl(sc, PTNETMAP_PTCTL_CREATE); if (ret) { return ret; } - } - /* Sync from CSB must be done after REGIF PTCTL. Skip this - * step only if this is a netmap client and it is not the - * first one. */ - if ((!native && sc->ptna->backend_regifs == 0) || - (native && na->active_fds == 0)) { + /* Align the guest krings and rings to the state stored + * in the CSB. */ ptnet_sync_from_csb(sc, na); } @@ -1254,19 +1256,13 @@ ptnet_nm_register(struct netmap_adapter *na, int onoff) } } - /* Sync from CSB must be done before UNREGIF PTCTL, on the last - * netmap client. */ - if (native && na->active_fds == 0) { - ptnet_sync_from_csb(sc, na); - } - - if (sc->ptna->backend_regifs == 0) { - ret = ptnet_nm_ptctl(ifp, PTNETMAP_PTCTL_DELETE); + if (sc->ptna->backend_users == 0) { + ret = ptnet_nm_ptctl(sc, PTNETMAP_PTCTL_DELETE); } } if (onoff) { - sc->ptna->backend_regifs++; + sc->ptna->backend_users++; } return ret; @@ -1279,7 +1275,7 @@ ptnet_nm_txsync(struct netmap_kring *kring, int flags) struct ptnet_queue *pq = sc->queues + kring->ring_id; bool notify; - notify = netmap_pt_guest_txsync(pq->ptgh, pq->pthg, kring, flags); + notify = netmap_pt_guest_txsync(pq->atok, pq->ktoa, kring, flags); if (notify) { ptnet_kick(pq); } @@ -1294,7 +1290,7 @@ ptnet_nm_rxsync(struct netmap_kring *kring, int flags) struct ptnet_queue *pq = sc->rxqueues + kring->ring_id; bool notify; - notify = netmap_pt_guest_rxsync(pq->ptgh, pq->pthg, kring, flags); + notify = netmap_pt_guest_rxsync(pq->atok, pq->ktoa, kring, flags); if (notify) { ptnet_kick(pq); } @@ -1310,7 +1306,7 @@ ptnet_nm_intr(struct netmap_adapter *na, int onoff) for (i = 0; i < sc->num_rings; i++) { struct ptnet_queue *pq = sc->queues + i; - pq->ptgh->guest_need_kick = onoff; + pq->atok->appl_need_kick = onoff; } } @@ -1676,25 +1672,13 @@ ptnet_rx_csum(struct mbuf *m, struct virtio_net_hdr *hdr) } /* End of offloading-related functions to be shared with vtnet. */ -static inline void -ptnet_sync_tail(struct ptnet_csb_hg *pthg, struct netmap_kring *kring) -{ - struct netmap_ring *ring = kring->ring; - - /* Update hwcur and hwtail as known by the host. */ - ptnetmap_guest_read_kring_csb(pthg, kring); - - /* nm_sync_finalize */ - ring->tail = kring->rtail = kring->nr_hwtail; -} - static void ptnet_ring_update(struct ptnet_queue *pq, struct netmap_kring *kring, unsigned int head, unsigned int sync_flags) { struct netmap_ring *ring = kring->ring; - struct ptnet_csb_gh *ptgh = pq->ptgh; - struct ptnet_csb_hg *pthg = pq->pthg; + struct nm_csb_atok *atok = pq->atok; + struct nm_csb_ktoa *ktoa = pq->ktoa; /* Some packets have been pushed to the netmap ring. We have * to tell the host to process the new packets, updating cur @@ -1704,11 +1688,11 @@ ptnet_ring_update(struct ptnet_queue *pq, struct netmap_kring *kring, /* Mimic nm_txsync_prologue/nm_rxsync_prologue. */ kring->rcur = kring->rhead = head; - ptnetmap_guest_write_kring_csb(ptgh, kring->rcur, kring->rhead); + ptnetmap_guest_write_kring_csb(atok, kring->rcur, kring->rhead); /* Kick the host if needed. */ - if (NM_ACCESS_ONCE(pthg->host_need_kick)) { - ptgh->sync_flags = sync_flags; + if (NM_ACCESS_ONCE(ktoa->kern_need_kick)) { + atok->sync_flags = sync_flags; ptnet_kick(pq); } } @@ -1728,8 +1712,8 @@ ptnet_drain_transmit_queue(struct ptnet_queue *pq, unsigned int budget, struct netmap_adapter *na = &sc->ptna->dr.up; if_t ifp = sc->ifp; unsigned int batch_count = 0; - struct ptnet_csb_gh *ptgh; - struct ptnet_csb_hg *pthg; + struct nm_csb_atok *atok; + struct nm_csb_ktoa *ktoa; struct netmap_kring *kring; struct netmap_ring *ring; struct netmap_slot *slot; @@ -1758,8 +1742,8 @@ ptnet_drain_transmit_queue(struct ptnet_queue *pq, unsigned int budget, return ENETDOWN; } - ptgh = pq->ptgh; - pthg = pq->pthg; + atok = pq->atok; + ktoa = pq->ktoa; kring = na->tx_rings[pq->kring_id]; ring = kring->ring; lim = kring->nkr_num_slots - 1; @@ -1771,17 +1755,17 @@ ptnet_drain_transmit_queue(struct ptnet_queue *pq, unsigned int budget, /* We ran out of slot, let's see if the host has * freed up some, by reading hwcur and hwtail from * the CSB. */ - ptnet_sync_tail(pthg, kring); + ptnet_sync_tail(ktoa, kring); if (PTNET_TX_NOSPACE(head, kring, minspace)) { /* Still no slots available. Reactivate the * interrupts so that we can be notified * when some free slots are made available by * the host. */ - ptgh->guest_need_kick = 1; + atok->appl_need_kick = 1; /* Double-check. */ - ptnet_sync_tail(pthg, kring); + ptnet_sync_tail(ktoa, kring); if (likely(PTNET_TX_NOSPACE(head, kring, minspace))) { break; @@ -1790,7 +1774,7 @@ ptnet_drain_transmit_queue(struct ptnet_queue *pq, unsigned int budget, RD(1, "Found more slots by doublecheck"); /* More slots were freed before reactivating * the interrupts. */ - ptgh->guest_need_kick = 0; + atok->appl_need_kick = 0; } } @@ -2020,8 +2004,8 @@ ptnet_rx_eof(struct ptnet_queue *pq, unsigned int budget, bool may_resched) { struct ptnet_softc *sc = pq->sc; bool have_vnet_hdr = sc->vnet_hdr_len; - struct ptnet_csb_gh *ptgh = pq->ptgh; - struct ptnet_csb_hg *pthg = pq->pthg; + struct nm_csb_atok *atok = pq->atok; + struct nm_csb_ktoa *ktoa = pq->ktoa; struct netmap_adapter *na = &sc->ptna->dr.up; struct netmap_kring *kring = na->rx_rings[pq->kring_id]; struct netmap_ring *ring = kring->ring; @@ -2053,21 +2037,21 @@ host_sync: /* We ran out of slot, let's see if the host has * added some, by reading hwcur and hwtail from * the CSB. */ - ptnet_sync_tail(pthg, kring); + ptnet_sync_tail(ktoa, kring); if (head == ring->tail) { /* Still no slots available. Reactivate * interrupts as they were disabled by the * host thread right before issuing the * last interrupt. */ - ptgh->guest_need_kick = 1; + atok->appl_need_kick = 1; /* Double-check. */ - ptnet_sync_tail(pthg, kring); + ptnet_sync_tail(ktoa, kring); if (likely(head == ring->tail)) { break; } - ptgh->guest_need_kick = 0; + atok->appl_need_kick = 0; } } diff --git a/sys/dev/netmap/if_vtnet_netmap.h b/sys/dev/netmap/if_vtnet_netmap.h index bbc90d320ac2..65ab77383fe0 100644 --- a/sys/dev/netmap/if_vtnet_netmap.h +++ b/sys/dev/netmap/if_vtnet_netmap.h @@ -79,7 +79,7 @@ vtnet_free_used(struct virtqueue *vq, int netmap_bufs, enum txrx t, int idx) } if (deq) - nm_prinf("%d sgs dequeued from %s-%d (netmap=%d)\n", + nm_prinf("%d sgs dequeued from %s-%d (netmap=%d)", deq, nm_txrx2str(t), idx, netmap_bufs); } @@ -230,7 +230,7 @@ vtnet_netmap_txsync(struct netmap_kring *kring, int flags) /*writeable=*/0); if (unlikely(err)) { if (err != ENOSPC) - nm_prerr("virtqueue_enqueue(%s) failed: %d\n", + nm_prerr("virtqueue_enqueue(%s) failed: %d", kring->name, err); break; } @@ -251,7 +251,7 @@ vtnet_netmap_txsync(struct netmap_kring *kring, int flags) if (token == NULL) break; if (unlikely(token != (void *)txq)) - nm_prerr("BUG: TX token mismatch\n"); + nm_prerr("BUG: TX token mismatch"); else n++; } @@ -307,7 +307,7 @@ vtnet_netmap_kring_refill(struct netmap_kring *kring, u_int nm_i, u_int head) /*readable=*/0, /*writeable=*/sg.sg_nseg); if (unlikely(err)) { if (err != ENOSPC) - nm_prerr("virtqueue_enqueue(%s) failed: %d\n", + nm_prerr("virtqueue_enqueue(%s) failed: %d", kring->name, err); break; } @@ -391,7 +391,7 @@ vtnet_netmap_rxsync(struct netmap_kring *kring, int flags) break; } if (unlikely(token != (void *)rxq)) { - nm_prerr("BUG: RX token mismatch\n"); + nm_prerr("BUG: RX token mismatch"); } else { /* Skip the virtio-net header. */ len -= sc->vtnet_hdr_size; @@ -533,7 +533,7 @@ vtnet_netmap_attach(struct vtnet_softc *sc) netmap_attach(&na); - nm_prinf("vtnet attached txq=%d, txd=%d rxq=%d, rxd=%d\n", + nm_prinf("vtnet attached txq=%d, txd=%d rxq=%d, rxd=%d", na.num_tx_rings, na.num_tx_desc, na.num_tx_rings, na.num_rx_desc); } diff --git a/sys/dev/netmap/ixgbe_netmap.h b/sys/dev/netmap/ixgbe_netmap.h deleted file mode 100644 index 30da63191775..000000000000 --- a/sys/dev/netmap/ixgbe_netmap.h +++ /dev/null @@ -1,508 +0,0 @@ -/*- - * SPDX-License-Identifier: BSD-2-Clause-FreeBSD - * - * Copyright (C) 2011-2014 Matteo Landi, Luigi Rizzo. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* - * $FreeBSD$ - * - * netmap support for: ixgbe (both ix and ixv) - * - * This file is meant to be a reference on how to implement - * netmap support for a network driver. - * This file contains code but only static or inline functions used - * by a single driver. To avoid replication of code we just #include - * it near the beginning of the standard driver. - */ - - -#include <net/netmap.h> -#include <sys/selinfo.h> -/* - * Some drivers may need the following headers. Others - * already include them by default - -#include <vm/vm.h> -#include <vm/pmap.h> - - */ -#include <dev/netmap/netmap_kern.h> - -void ixgbe_netmap_attach(struct adapter *adapter); - -/* - * device-specific sysctl variables: - * - * ix_crcstrip: 0: NIC keeps CRC in rx frames (default), 1: NIC strips it. - * During regular operations the CRC is stripped, but on some - * hardware reception of frames not multiple of 64 is slower, - * so using crcstrip=0 helps in benchmarks. - * - * ix_rx_miss, ix_rx_miss_bufs: - * count packets that might be missed due to lost interrupts. - */ -SYSCTL_DECL(_dev_netmap); -static int ix_rx_miss, ix_rx_miss_bufs; -int ix_crcstrip; -SYSCTL_INT(_dev_netmap, OID_AUTO, ix_crcstrip, - CTLFLAG_RW, &ix_crcstrip, 0, "NIC strips CRC on rx frames"); -SYSCTL_INT(_dev_netmap, OID_AUTO, ix_rx_miss, - CTLFLAG_RW, &ix_rx_miss, 0, "potentially missed rx intr"); -SYSCTL_INT(_dev_netmap, OID_AUTO, ix_rx_miss_bufs, - CTLFLAG_RW, &ix_rx_miss_bufs, 0, "potentially missed rx intr bufs"); - - -static void -set_crcstrip(struct ixgbe_hw *hw, int onoff) -{ - /* crc stripping is set in two places: - * IXGBE_HLREG0 (modified on init_locked and hw reset) - * IXGBE_RDRXCTL (set by the original driver in - * ixgbe_setup_hw_rsc() called in init_locked. - * We disable the setting when netmap is compiled in). - * We update the values here, but also in ixgbe.c because - * init_locked sometimes is called outside our control. - */ - uint32_t hl, rxc; - - hl = IXGBE_READ_REG(hw, IXGBE_HLREG0); - rxc = IXGBE_READ_REG(hw, IXGBE_RDRXCTL); - if (netmap_verbose) - D("%s read HLREG 0x%x rxc 0x%x", - onoff ? "enter" : "exit", hl, rxc); - /* hw requirements ... */ - rxc &= ~IXGBE_RDRXCTL_RSCFRSTSIZE; - rxc |= IXGBE_RDRXCTL_RSCACKC; - if (onoff && !ix_crcstrip) { - /* keep the crc. Fast rx */ - hl &= ~IXGBE_HLREG0_RXCRCSTRP; - rxc &= ~IXGBE_RDRXCTL_CRCSTRIP; - } else { - /* reset default mode */ - hl |= IXGBE_HLREG0_RXCRCSTRP; - rxc |= IXGBE_RDRXCTL_CRCSTRIP; - } - if (netmap_verbose) - D("%s write HLREG 0x%x rxc 0x%x", - onoff ? "enter" : "exit", hl, rxc); - IXGBE_WRITE_REG(hw, IXGBE_HLREG0, hl); - IXGBE_WRITE_REG(hw, IXGBE_RDRXCTL, rxc); -} - -static void -ixgbe_netmap_intr(struct netmap_adapter *na, int onoff) -{ - struct ifnet *ifp = na->ifp; - struct adapter *adapter = ifp->if_softc; - - IXGBE_CORE_LOCK(adapter); - if (onoff) { - ixgbe_enable_intr(adapter); // XXX maybe ixgbe_stop ? - } else { - ixgbe_disable_intr(adapter); // XXX maybe ixgbe_stop ? - } - IXGBE_CORE_UNLOCK(adapter); -} - -/* - * Register/unregister. We are already under netmap lock. - * Only called on the first register or the last unregister. - */ -static int -ixgbe_netmap_reg(struct netmap_adapter *na, int onoff) -{ - struct ifnet *ifp = na->ifp; - struct adapter *adapter = ifp->if_softc; - - IXGBE_CORE_LOCK(adapter); - adapter->stop_locked(adapter); - - if (!IXGBE_IS_VF(adapter)) - set_crcstrip(&adapter->hw, onoff); - /* enable or disable flags and callbacks in na and ifp */ - if (onoff) { - nm_set_native_flags(na); - } else { - nm_clear_native_flags(na); - } - adapter->init_locked(adapter); /* also enables intr */ - if (!IXGBE_IS_VF(adapter)) - set_crcstrip(&adapter->hw, onoff); // XXX why twice ? - IXGBE_CORE_UNLOCK(adapter); - return (ifp->if_drv_flags & IFF_DRV_RUNNING ? 0 : 1); -} - - -/* - * Reconcile kernel and user view of the transmit ring. - * - * All information is in the kring. - * Userspace wants to send packets up to the one before kring->rhead, - * kernel knows kring->nr_hwcur is the first unsent packet. - * - * Here we push packets out (as many as possible), and possibly - * reclaim buffers from previously completed transmission. - * - * The caller (netmap) guarantees that there is only one instance - * running at any time. Any interference with other driver - * methods should be handled by the individual drivers. - */ -static int -ixgbe_netmap_txsync(struct netmap_kring *kring, int flags) -{ - struct netmap_adapter *na = kring->na; - struct ifnet *ifp = na->ifp; - struct netmap_ring *ring = kring->ring; - u_int nm_i; /* index into the netmap ring */ - u_int nic_i; /* index into the NIC ring */ - u_int n; - u_int const lim = kring->nkr_num_slots - 1; - u_int const head = kring->rhead; - /* - * interrupts on every tx packet are expensive so request - * them every half ring, or where NS_REPORT is set - */ - u_int report_frequency = kring->nkr_num_slots >> 1; - - /* device-specific */ - struct adapter *adapter = ifp->if_softc; - struct tx_ring *txr = &adapter->tx_rings[kring->ring_id]; - int reclaim_tx; - - bus_dmamap_sync(txr->txdma.dma_tag, txr->txdma.dma_map, - BUS_DMASYNC_POSTREAD); - - /* - * First part: process new packets to send. - * nm_i is the current index in the netmap ring, - * nic_i is the corresponding index in the NIC ring. - * The two numbers differ because upon a *_init() we reset - * the NIC ring but leave the netmap ring unchanged. - * For the transmit ring, we have - * - * nm_i = kring->nr_hwcur - * nic_i = IXGBE_TDT (not tracked in the driver) - * and - * nm_i == (nic_i + kring->nkr_hwofs) % ring_size - * - * In this driver kring->nkr_hwofs >= 0, but for other - * drivers it might be negative as well. - */ - - /* - * If we have packets to send (kring->nr_hwcur != kring->rhead) - * iterate over the netmap ring, fetch length and update - * the corresponding slot in the NIC ring. Some drivers also - * need to update the buffer's physical address in the NIC slot - * even NS_BUF_CHANGED is not set (PNMB computes the addresses). - * - * The netmap_reload_map() calls is especially expensive, - * even when (as in this case) the tag is 0, so do only - * when the buffer has actually changed. - * - * If possible do not set the report/intr bit on all slots, - * but only a few times per ring or when NS_REPORT is set. - * - * Finally, on 10G and faster drivers, it might be useful - * to prefetch the next slot and txr entry. - */ - - nm_i = kring->nr_hwcur; - if (nm_i != head) { /* we have new packets to send */ - nic_i = netmap_idx_k2n(kring, nm_i); - - __builtin_prefetch(&ring->slot[nm_i]); - __builtin_prefetch(&txr->tx_buffers[nic_i]); - - for (n = 0; nm_i != head; n++) { - struct netmap_slot *slot = &ring->slot[nm_i]; - u_int len = slot->len; - uint64_t paddr; - void *addr = PNMB(na, slot, &paddr); - - /* device-specific */ - union ixgbe_adv_tx_desc *curr = &txr->tx_base[nic_i]; - struct ixgbe_tx_buf *txbuf = &txr->tx_buffers[nic_i]; - int flags = (slot->flags & NS_REPORT || - nic_i == 0 || nic_i == report_frequency) ? - IXGBE_TXD_CMD_RS : 0; - - /* prefetch for next round */ - __builtin_prefetch(&ring->slot[nm_i + 1]); - __builtin_prefetch(&txr->tx_buffers[nic_i + 1]); - - NM_CHECK_ADDR_LEN(na, addr, len); - - if (slot->flags & NS_BUF_CHANGED) { - /* buffer has changed, reload map */ - netmap_reload_map(na, txr->txtag, txbuf->map, addr); - } - slot->flags &= ~(NS_REPORT | NS_BUF_CHANGED); - - /* Fill the slot in the NIC ring. */ - /* Use legacy descriptor, they are faster? */ - curr->read.buffer_addr = htole64(paddr); - curr->read.olinfo_status = 0; - curr->read.cmd_type_len = htole32(len | flags | - IXGBE_ADVTXD_DCMD_IFCS | IXGBE_TXD_CMD_EOP); - - /* make sure changes to the buffer are synced */ - bus_dmamap_sync(txr->txtag, txbuf->map, - BUS_DMASYNC_PREWRITE); - - nm_i = nm_next(nm_i, lim); - nic_i = nm_next(nic_i, lim); - } - kring->nr_hwcur = head; - - /* synchronize the NIC ring */ - bus_dmamap_sync(txr->txdma.dma_tag, txr->txdma.dma_map, - BUS_DMASYNC_PREREAD | BUS_DMASYNC_PREWRITE); - - /* (re)start the tx unit up to slot nic_i (excluded) */ - IXGBE_WRITE_REG(&adapter->hw, txr->tail, nic_i); - } - - /* - * Second part: reclaim buffers for completed transmissions. - * Because this is expensive (we read a NIC register etc.) - * we only do it in specific cases (see below). - */ - if (flags & NAF_FORCE_RECLAIM) { - reclaim_tx = 1; /* forced reclaim */ - } else if (!nm_kr_txempty(kring)) { - reclaim_tx = 0; /* have buffers, no reclaim */ - } else { - /* - * No buffers available. Locate previous slot with - * REPORT_STATUS set. - * If the slot has DD set, we can reclaim space, - * otherwise wait for the next interrupt. - * This enables interrupt moderation on the tx - * side though it might reduce throughput. - */ - struct ixgbe_legacy_tx_desc *txd = - (struct ixgbe_legacy_tx_desc *)txr->tx_base; - - nic_i = txr->next_to_clean + report_frequency; - if (nic_i > lim) - nic_i -= lim + 1; - // round to the closest with dd set - nic_i = (nic_i < kring->nkr_num_slots / 4 || - nic_i >= kring->nkr_num_slots*3/4) ? - 0 : report_frequency; - reclaim_tx = txd[nic_i].upper.fields.status & IXGBE_TXD_STAT_DD; // XXX cpu_to_le32 ? - } - if (reclaim_tx) { - /* - * Record completed transmissions. - * We (re)use the driver's txr->next_to_clean to keep - * track of the most recently completed transmission. - * - * The datasheet discourages the use of TDH to find - * out the number of sent packets, but we only set - * REPORT_STATUS in a few slots so TDH is the only - * good way. - */ - nic_i = IXGBE_READ_REG(&adapter->hw, IXGBE_IS_VF(adapter) ? - IXGBE_VFTDH(kring->ring_id) : IXGBE_TDH(kring->ring_id)); - if (nic_i >= kring->nkr_num_slots) { /* XXX can it happen ? */ - D("TDH wrap %d", nic_i); - nic_i -= kring->nkr_num_slots; - } - if (nic_i != txr->next_to_clean) { - /* some tx completed, increment avail */ - txr->next_to_clean = nic_i; - kring->nr_hwtail = nm_prev(netmap_idx_n2k(kring, nic_i), lim); - } - } - - return 0; -} - - -/* - * Reconcile kernel and user view of the receive ring. - * Same as for the txsync, this routine must be efficient. - * The caller guarantees a single invocations, but races against - * the rest of the driver should be handled here. - * - * On call, kring->rhead is the first packet that userspace wants - * to keep, and kring->rcur is the wakeup point. - * The kernel has previously reported packets up to kring->rtail. - * - * If (flags & NAF_FORCE_READ) also check for incoming packets irrespective - * of whether or not we received an interrupt. - */ -static int -ixgbe_netmap_rxsync(struct netmap_kring *kring, int flags) -{ - struct netmap_adapter *na = kring->na; - struct ifnet *ifp = na->ifp; - struct netmap_ring *ring = kring->ring; - u_int nm_i; /* index into the netmap ring */ - u_int nic_i; /* index into the NIC ring */ - u_int n; - u_int const lim = kring->nkr_num_slots - 1; - u_int const head = kring->rhead; - int force_update = (flags & NAF_FORCE_READ) || kring->nr_kflags & NKR_PENDINTR; - - /* device-specific */ - struct adapter *adapter = ifp->if_softc; - struct rx_ring *rxr = &adapter->rx_rings[kring->ring_id]; - - if (head > lim) - return netmap_ring_reinit(kring); - - /* XXX check sync modes */ - bus_dmamap_sync(rxr->rxdma.dma_tag, rxr->rxdma.dma_map, - BUS_DMASYNC_POSTREAD | BUS_DMASYNC_POSTWRITE); - - /* - * First part: import newly received packets. - * - * nm_i is the index of the next free slot in the netmap ring, - * nic_i is the index of the next received packet in the NIC ring, - * and they may differ in case if_init() has been called while - * in netmap mode. For the receive ring we have - * - * nic_i = rxr->next_to_check; - * nm_i = kring->nr_hwtail (previous) - * and - * nm_i == (nic_i + kring->nkr_hwofs) % ring_size - * - * rxr->next_to_check is set to 0 on a ring reinit - */ - if (netmap_no_pendintr || force_update) { - int crclen = (ix_crcstrip || IXGBE_IS_VF(adapter) ) ? 0 : 4; - - nic_i = rxr->next_to_check; // or also k2n(kring->nr_hwtail) - nm_i = netmap_idx_n2k(kring, nic_i); - - for (n = 0; ; n++) { - union ixgbe_adv_rx_desc *curr = &rxr->rx_base[nic_i]; - uint32_t staterr = le32toh(curr->wb.upper.status_error); - - if ((staterr & IXGBE_RXD_STAT_DD) == 0) - break; - ring->slot[nm_i].len = le16toh(curr->wb.upper.length) - crclen; - ring->slot[nm_i].flags = 0; - bus_dmamap_sync(rxr->ptag, - rxr->rx_buffers[nic_i].pmap, BUS_DMASYNC_POSTREAD); - nm_i = nm_next(nm_i, lim); - nic_i = nm_next(nic_i, lim); - } - if (n) { /* update the state variables */ - if (netmap_no_pendintr && !force_update) { - /* diagnostics */ - ix_rx_miss ++; - ix_rx_miss_bufs += n; - } - rxr->next_to_check = nic_i; - kring->nr_hwtail = nm_i; - } - kring->nr_kflags &= ~NKR_PENDINTR; - } - - /* - * Second part: skip past packets that userspace has released. - * (kring->nr_hwcur to kring->rhead excluded), - * and make the buffers available for reception. - * As usual nm_i is the index in the netmap ring, - * nic_i is the index in the NIC ring, and - * nm_i == (nic_i + kring->nkr_hwofs) % ring_size - */ - nm_i = kring->nr_hwcur; - if (nm_i != head) { - nic_i = netmap_idx_k2n(kring, nm_i); - for (n = 0; nm_i != head; n++) { - struct netmap_slot *slot = &ring->slot[nm_i]; - uint64_t paddr; - void *addr = PNMB(na, slot, &paddr); - - union ixgbe_adv_rx_desc *curr = &rxr->rx_base[nic_i]; - struct ixgbe_rx_buf *rxbuf = &rxr->rx_buffers[nic_i]; - - if (addr == NETMAP_BUF_BASE(na)) /* bad buf */ - goto ring_reset; - - if (slot->flags & NS_BUF_CHANGED) { - /* buffer has changed, reload map */ - netmap_reload_map(na, rxr->ptag, rxbuf->pmap, addr); - slot->flags &= ~NS_BUF_CHANGED; - } - curr->wb.upper.status_error = 0; - curr->read.pkt_addr = htole64(paddr); - bus_dmamap_sync(rxr->ptag, rxbuf->pmap, - BUS_DMASYNC_PREREAD); - nm_i = nm_next(nm_i, lim); - nic_i = nm_next(nic_i, lim); - } - kring->nr_hwcur = head; - - bus_dmamap_sync(rxr->rxdma.dma_tag, rxr->rxdma.dma_map, - BUS_DMASYNC_PREREAD | BUS_DMASYNC_PREWRITE); - /* - * IMPORTANT: we must leave one free slot in the ring, - * so move nic_i back by one unit - */ - nic_i = nm_prev(nic_i, lim); - IXGBE_WRITE_REG(&adapter->hw, rxr->tail, nic_i); - } - - return 0; - -ring_reset: - return netmap_ring_reinit(kring); -} - - -/* - * The attach routine, called near the end of ixgbe_attach(), - * fills the parameters for netmap_attach() and calls it. - * It cannot fail, in the worst case (such as no memory) - * netmap mode will be disabled and the driver will only - * operate in standard mode. - */ -void -ixgbe_netmap_attach(struct adapter *adapter) -{ - struct netmap_adapter na; - - bzero(&na, sizeof(na)); - - na.ifp = adapter->ifp; - na.na_flags = NAF_BDG_MAYSLEEP; - na.num_tx_desc = adapter->num_tx_desc; - na.num_rx_desc = adapter->num_rx_desc; - na.nm_txsync = ixgbe_netmap_txsync; - na.nm_rxsync = ixgbe_netmap_rxsync; - na.nm_register = ixgbe_netmap_reg; - na.num_tx_rings = na.num_rx_rings = adapter->num_queues; - na.nm_intr = ixgbe_netmap_intr; - netmap_attach(&na); -} - -/* end of file */ diff --git a/sys/dev/netmap/netmap.c b/sys/dev/netmap/netmap.c index 42697e2874aa..dfd4dacc4962 100644 --- a/sys/dev/netmap/netmap.c +++ b/sys/dev/netmap/netmap.c @@ -449,6 +449,7 @@ ports attached to the switch) #include <machine/bus.h> /* bus_dmamap_* */ #include <sys/endian.h> #include <sys/refcount.h> +#include <net/ethernet.h> /* ETHER_BPF_MTAP */ #elif defined(linux) @@ -480,6 +481,9 @@ ports attached to the switch) /* user-controlled variables */ int netmap_verbose; +#ifdef CONFIG_NETMAP_DEBUG +int netmap_debug; +#endif /* CONFIG_NETMAP_DEBUG */ static int netmap_no_timestamp; /* don't timestamp on rxsync */ int netmap_no_pendintr = 1; @@ -527,9 +531,6 @@ int netmap_generic_hwcsum = 0; /* Non-zero if ptnet devices are allowed to use virtio-net headers. */ int ptnet_vnet_hdr = 1; -/* 0 if ptnetmap should not use worker threads for TX processing */ -int ptnetmap_tx_workers = 1; - /* * SYSCTL calls are grouped between SYSBEGIN and SYSEND to be emulated * in some other operating systems @@ -540,6 +541,10 @@ SYSCTL_DECL(_dev_netmap); SYSCTL_NODE(_dev, OID_AUTO, netmap, CTLFLAG_RW, 0, "Netmap args"); SYSCTL_INT(_dev_netmap, OID_AUTO, verbose, CTLFLAG_RW, &netmap_verbose, 0, "Verbose mode"); +#ifdef CONFIG_NETMAP_DEBUG +SYSCTL_INT(_dev_netmap, OID_AUTO, debug, + CTLFLAG_RW, &netmap_debug, 0, "Debug messages"); +#endif /* CONFIG_NETMAP_DEBUG */ SYSCTL_INT(_dev_netmap, OID_AUTO, no_timestamp, CTLFLAG_RW, &netmap_no_timestamp, 0, "no_timestamp"); SYSCTL_INT(_dev_netmap, OID_AUTO, no_pendintr, CTLFLAG_RW, &netmap_no_pendintr, @@ -569,8 +574,6 @@ SYSCTL_INT(_dev_netmap, OID_AUTO, generic_txqdisc, CTLFLAG_RW, #endif SYSCTL_INT(_dev_netmap, OID_AUTO, ptnet_vnet_hdr, CTLFLAG_RW, &ptnet_vnet_hdr, 0, "Allow ptnet devices to use virtio-net headers"); -SYSCTL_INT(_dev_netmap, OID_AUTO, ptnetmap_tx_workers, CTLFLAG_RW, - &ptnetmap_tx_workers, 0, "Use worker threads for pnetmap TX processing"); SYSEND; @@ -692,7 +695,7 @@ nm_bound_var(u_int *v, u_int dflt, u_int lo, u_int hi, const char *msg) op = "Clamp"; } if (op && msg) - nm_prinf("%s %s to %d (was %d)\n", op, msg, *v, oldv); + nm_prinf("%s %s to %d (was %d)", op, msg, *v, oldv); return *v; } @@ -776,13 +779,14 @@ netmap_update_config(struct netmap_adapter *na) na->num_rx_rings = info.num_rx_rings; na->num_rx_desc = info.num_rx_descs; na->rx_buf_maxsize = info.rx_buf_maxsize; - D("configuration changed for %s: txring %d x %d, " - "rxring %d x %d, rxbufsz %d", - na->name, na->num_tx_rings, na->num_tx_desc, - na->num_rx_rings, na->num_rx_desc, na->rx_buf_maxsize); + if (netmap_verbose) + nm_prinf("configuration changed for %s: txring %d x %d, " + "rxring %d x %d, rxbufsz %d", + na->name, na->num_tx_rings, na->num_tx_desc, + na->num_rx_rings, na->num_rx_desc, na->rx_buf_maxsize); return 0; } - D("WARNING: configuration changed for %s while active: " + nm_prerr("WARNING: configuration changed for %s while active: " "txring %d x %d, rxring %d x %d, rxbufsz %d", na->name, info.num_tx_rings, info.num_tx_descs, info.num_rx_rings, info.num_rx_descs, @@ -828,7 +832,8 @@ netmap_krings_create(struct netmap_adapter *na, u_int tailroom) enum txrx t; if (na->tx_rings != NULL) { - D("warning: krings were already created"); + if (netmap_debug & NM_DEBUG_ON) + nm_prerr("warning: krings were already created"); return 0; } @@ -842,7 +847,7 @@ netmap_krings_create(struct netmap_adapter *na, u_int tailroom) na->tx_rings = nm_os_malloc((size_t)len); if (na->tx_rings == NULL) { - D("Cannot allocate krings"); + nm_prerr("Cannot allocate krings"); return ENOMEM; } na->rx_rings = na->tx_rings + n[NR_TX]; @@ -910,7 +915,8 @@ netmap_krings_delete(struct netmap_adapter *na) enum txrx t; if (na->tx_rings == NULL) { - D("warning: krings were already deleted"); + if (netmap_debug & NM_DEBUG_ON) + nm_prerr("warning: krings were already deleted"); return; } @@ -1012,11 +1018,11 @@ netmap_do_unregif(struct netmap_priv_d *priv) * happens if the close() occurs while a concurrent * syscall is running. */ - if (netmap_verbose) - D("deleting last instance for %s", na->name); + if (netmap_debug & NM_DEBUG_ON) + nm_prinf("deleting last instance for %s", na->name); if (nm_netmap_on(na)) { - D("BUG: netmap on while going to delete the krings"); + nm_prerr("BUG: netmap on while going to delete the krings"); } na->nm_krings_delete(na); @@ -1033,14 +1039,6 @@ netmap_do_unregif(struct netmap_priv_d *priv) priv->np_nifp = NULL; } -/* call with NMG_LOCK held */ -static __inline int -nm_si_user(struct netmap_priv_d *priv, enum txrx t) -{ - return (priv->np_na != NULL && - (priv->np_qlast[t] - priv->np_qfirst[t] > 1)); -} - struct netmap_priv_d* netmap_priv_new(void) { @@ -1136,8 +1134,8 @@ netmap_send_up(struct ifnet *dst, struct mbq *q) /* Send packets up, outside the lock; head/prev machinery * is only useful for Windows. */ while ((m = mbq_dequeue(q)) != NULL) { - if (netmap_verbose & NM_VERB_HOST) - D("sending up pkt %p size %d", m, MBUF_LEN(m)); + if (netmap_debug & NM_DEBUG_HOST) + nm_prinf("sending up pkt %p size %d", m, MBUF_LEN(m)); prev = nm_os_send_up(dst, m, prev); if (head == NULL) head = prev; @@ -1332,8 +1330,8 @@ netmap_rxsync_from_host(struct netmap_kring *kring, int flags) m_copydata(m, 0, len, NMB(na, slot)); ND("nm %d len %d", nm_i, len); - if (netmap_verbose) - D("%s", nm_dump_buf(NMB(na, slot),len, 128, NULL)); + if (netmap_debug & NM_DEBUG_HOST) + nm_prinf("%s", nm_dump_buf(NMB(na, slot),len, 128, NULL)); slot->len = len; slot->flags = 0; @@ -1500,7 +1498,7 @@ netmap_get_na(struct nmreq_header *hdr, if (req->nr_mode == NR_REG_PIPE_MASTER || req->nr_mode == NR_REG_PIPE_SLAVE) { /* Do not accept deprecated pipe modes. */ - D("Deprecated pipe nr_mode, use xx{yy or xx}yy syntax"); + nm_prerr("Deprecated pipe nr_mode, use xx{yy or xx}yy syntax"); return EINVAL; } @@ -1527,9 +1525,7 @@ netmap_get_na(struct nmreq_header *hdr, * 0 !NULL type matches and na created/found * !0 !NULL impossible */ - - /* try to see if this is a ptnetmap port */ - error = netmap_get_pt_host_na(hdr, na, nmd, create); + error = netmap_get_null_na(hdr, na, nmd, create); if (error || *na != NULL) goto out; @@ -1739,7 +1735,7 @@ nm_rxsync_prologue(struct netmap_kring *kring, struct netmap_ring *ring) /* * Error routine called when txsync/rxsync detects an error. - * Can't do much more than resetting head =cur = hwcur, tail = hwtail + * Can't do much more than resetting head = cur = hwcur, tail = hwtail * Return 1 on reinit. * * This routine is only called by the upper half of the kernel. @@ -1810,12 +1806,6 @@ netmap_interp_ringid(struct netmap_priv_d *priv, uint32_t nr_mode, enum txrx t; u_int j; - if ((nr_flags & NR_PTNETMAP_HOST) && ((nr_mode != NR_REG_ALL_NIC) || - nr_flags & (NR_RX_RINGS_ONLY|NR_TX_RINGS_ONLY))) { - D("Error: only NR_REG_ALL_NIC supported with netmap passthrough"); - return EINVAL; - } - for_rx_tx(t) { if (nr_flags & excluded_direction[t]) { priv->np_qfirst[t] = priv->np_qlast[t] = 0; @@ -1823,6 +1813,7 @@ netmap_interp_ringid(struct netmap_priv_d *priv, uint32_t nr_mode, } switch (nr_mode) { case NR_REG_ALL_NIC: + case NR_REG_NULL: priv->np_qfirst[t] = 0; priv->np_qlast[t] = nma_get_nrings(na, t); ND("ALL/PIPE: %s %d %d", nm_txrx2str(t), @@ -1831,7 +1822,7 @@ netmap_interp_ringid(struct netmap_priv_d *priv, uint32_t nr_mode, case NR_REG_SW: case NR_REG_NIC_SW: if (!(na->na_flags & NAF_HOST_RINGS)) { - D("host rings not supported"); + nm_prerr("host rings not supported"); return EINVAL; } priv->np_qfirst[t] = (nr_mode == NR_REG_SW ? @@ -1844,7 +1835,7 @@ netmap_interp_ringid(struct netmap_priv_d *priv, uint32_t nr_mode, case NR_REG_ONE_NIC: if (nr_ringid >= na->num_tx_rings && nr_ringid >= na->num_rx_rings) { - D("invalid ring id %d", nr_ringid); + nm_prerr("invalid ring id %d", nr_ringid); return EINVAL; } /* if not enough rings, use the first one */ @@ -1857,11 +1848,11 @@ netmap_interp_ringid(struct netmap_priv_d *priv, uint32_t nr_mode, priv->np_qfirst[t], priv->np_qlast[t]); break; default: - D("invalid regif type %d", nr_mode); + nm_prerr("invalid regif type %d", nr_mode); return EINVAL; } } - priv->np_flags = nr_flags | nr_mode; // TODO + priv->np_flags = nr_flags; /* Allow transparent forwarding mode in the host --> nic * direction only if all the TX hw rings have been opened. */ @@ -1871,7 +1862,7 @@ netmap_interp_ringid(struct netmap_priv_d *priv, uint32_t nr_mode, } if (netmap_verbose) { - D("%s: tx [%d,%d) rx [%d,%d) id %d", + nm_prinf("%s: tx [%d,%d) rx [%d,%d) id %d", na->name, priv->np_qfirst[NR_TX], priv->np_qlast[NR_TX], @@ -1927,6 +1918,7 @@ netmap_unset_ringid(struct netmap_priv_d *priv) } priv->np_flags = 0; priv->np_txpoll = 0; + priv->np_kloop_state = 0; } @@ -1943,8 +1935,8 @@ netmap_krings_get(struct netmap_priv_d *priv) int excl = (priv->np_flags & NR_EXCLUSIVE); enum txrx t; - if (netmap_verbose) - D("%s: grabbing tx [%d, %d) rx [%d, %d)", + if (netmap_debug & NM_DEBUG_ON) + nm_prinf("%s: grabbing tx [%d, %d) rx [%d, %d)", na->name, priv->np_qfirst[NR_TX], priv->np_qlast[NR_TX], @@ -2021,6 +2013,110 @@ nm_priv_rx_enabled(struct netmap_priv_d *priv) return (priv->np_qfirst[NR_RX] != priv->np_qlast[NR_RX]); } +/* Validate the CSB entries for both directions (atok and ktoa). + * To be called under NMG_LOCK(). */ +static int +netmap_csb_validate(struct netmap_priv_d *priv, struct nmreq_opt_csb *csbo) +{ + struct nm_csb_atok *csb_atok_base = + (struct nm_csb_atok *)(uintptr_t)csbo->csb_atok; + struct nm_csb_ktoa *csb_ktoa_base = + (struct nm_csb_ktoa *)(uintptr_t)csbo->csb_ktoa; + enum txrx t; + int num_rings[NR_TXRX], tot_rings; + size_t entry_size[2]; + void *csb_start[2]; + int i; + + if (priv->np_kloop_state & NM_SYNC_KLOOP_RUNNING) { + nm_prerr("Cannot update CSB while kloop is running"); + return EBUSY; + } + + tot_rings = 0; + for_rx_tx(t) { + num_rings[t] = priv->np_qlast[t] - priv->np_qfirst[t]; + tot_rings += num_rings[t]; + } + if (tot_rings <= 0) + return 0; + + if (!(priv->np_flags & NR_EXCLUSIVE)) { + nm_prerr("CSB mode requires NR_EXCLUSIVE"); + return EINVAL; + } + + entry_size[0] = sizeof(*csb_atok_base); + entry_size[1] = sizeof(*csb_ktoa_base); + csb_start[0] = (void *)csb_atok_base; + csb_start[1] = (void *)csb_ktoa_base; + + for (i = 0; i < 2; i++) { + /* On Linux we could use access_ok() to simplify + * the validation. However, the advantage of + * this approach is that it works also on + * FreeBSD. */ + size_t csb_size = tot_rings * entry_size[i]; + void *tmp; + int err; + + if ((uintptr_t)csb_start[i] & (entry_size[i]-1)) { + nm_prerr("Unaligned CSB address"); + return EINVAL; + } + + tmp = nm_os_malloc(csb_size); + if (!tmp) + return ENOMEM; + if (i == 0) { + /* Application --> kernel direction. */ + err = copyin(csb_start[i], tmp, csb_size); + } else { + /* Kernel --> application direction. */ + memset(tmp, 0, csb_size); + err = copyout(tmp, csb_start[i], csb_size); + } + nm_os_free(tmp); + if (err) { + nm_prerr("Invalid CSB address"); + return err; + } + } + + priv->np_csb_atok_base = csb_atok_base; + priv->np_csb_ktoa_base = csb_ktoa_base; + + /* Initialize the CSB. */ + for_rx_tx(t) { + for (i = 0; i < num_rings[t]; i++) { + struct netmap_kring *kring = + NMR(priv->np_na, t)[i + priv->np_qfirst[t]]; + struct nm_csb_atok *csb_atok = csb_atok_base + i; + struct nm_csb_ktoa *csb_ktoa = csb_ktoa_base + i; + + if (t == NR_RX) { + csb_atok += num_rings[NR_TX]; + csb_ktoa += num_rings[NR_TX]; + } + + CSB_WRITE(csb_atok, head, kring->rhead); + CSB_WRITE(csb_atok, cur, kring->rcur); + CSB_WRITE(csb_atok, appl_need_kick, 1); + CSB_WRITE(csb_atok, sync_flags, 1); + CSB_WRITE(csb_ktoa, hwcur, kring->nr_hwcur); + CSB_WRITE(csb_ktoa, hwtail, kring->nr_hwtail); + CSB_WRITE(csb_ktoa, kern_need_kick, 1); + + nm_prinf("csb_init for kring %s: head %u, cur %u, " + "hwcur %u, hwtail %u", kring->name, + kring->rhead, kring->rcur, kring->nr_hwcur, + kring->nr_hwtail); + } + } + + return 0; +} + /* * possibly move the interface to netmap-mode. * If success it returns a pointer to netmap_if, otherwise NULL. @@ -2137,7 +2233,7 @@ netmap_do_regif(struct netmap_priv_d *priv, struct netmap_adapter *na, na->name, mtu, na->rx_buf_maxsize, nbs); if (na->rx_buf_maxsize == 0) { - D("%s: error: rx_buf_maxsize == 0", na->name); + nm_prerr("%s: error: rx_buf_maxsize == 0", na->name); error = EIO; goto err_drop_mem; } @@ -2149,7 +2245,7 @@ netmap_do_regif(struct netmap_priv_d *priv, struct netmap_adapter *na, * cannot be used in this case. */ if (nbs < mtu) { nm_prerr("error: netmap buf size (%u) " - "< device MTU (%u)\n", nbs, mtu); + "< device MTU (%u)", nbs, mtu); error = EINVAL; goto err_drop_mem; } @@ -2162,14 +2258,14 @@ netmap_do_regif(struct netmap_priv_d *priv, struct netmap_adapter *na, if (!(na->na_flags & NAF_MOREFRAG)) { nm_prerr("error: large MTU (%d) needed " "but %s does not support " - "NS_MOREFRAG\n", mtu, + "NS_MOREFRAG", mtu, na->ifp->if_xname); error = EINVAL; goto err_drop_mem; } else if (nbs < na->rx_buf_maxsize) { nm_prerr("error: using NS_MOREFRAG on " "%s requires netmap buf size " - ">= %u\n", na->ifp->if_xname, + ">= %u", na->ifp->if_xname, na->rx_buf_maxsize); error = EINVAL; goto err_drop_mem; @@ -2177,7 +2273,7 @@ netmap_do_regif(struct netmap_priv_d *priv, struct netmap_adapter *na, nm_prinf("info: netmap application on " "%s needs to support " "NS_MOREFRAG " - "(MTU=%u,netmap_buf_size=%u)\n", + "(MTU=%u,netmap_buf_size=%u)", na->ifp->if_xname, mtu, nbs); } } @@ -2307,7 +2403,6 @@ netmap_ioctl(struct netmap_priv_d *priv, u_long cmd, caddr_t data, struct ifnet *ifp = NULL; int error = 0; u_int i, qfirst, qlast; - struct netmap_if *nifp; struct netmap_kring **krings; int sync_flags; enum txrx t; @@ -2316,14 +2411,10 @@ netmap_ioctl(struct netmap_priv_d *priv, u_long cmd, caddr_t data, case NIOCCTRL: { struct nmreq_header *hdr = (struct nmreq_header *)data; - if (hdr->nr_version != NETMAP_API) { - D("API mismatch for reqtype %d: got %d need %d", - hdr->nr_version, - hdr->nr_version, NETMAP_API); - hdr->nr_version = NETMAP_API; - } if (hdr->nr_version < NETMAP_MIN_API || hdr->nr_version > NETMAP_MAX_API) { + nm_prerr("API mismatch: got %d need %d", + hdr->nr_version, NETMAP_API); return EINVAL; } @@ -2345,13 +2436,13 @@ netmap_ioctl(struct netmap_priv_d *priv, u_long cmd, caddr_t data, case NETMAP_REQ_REGISTER: { struct nmreq_register *req = (struct nmreq_register *)(uintptr_t)hdr->nr_body; + struct netmap_if *nifp; + /* Protect access to priv from concurrent requests. */ NMG_LOCK(); do { - u_int memflags; -#ifdef WITH_EXTMEM struct nmreq_option *opt; -#endif /* WITH_EXTMEM */ + u_int memflags; if (priv->np_nifp != NULL) { /* thread already registered */ error = EBUSY; @@ -2382,6 +2473,10 @@ netmap_ioctl(struct netmap_priv_d *priv, u_long cmd, caddr_t data, /* find the allocator and get a reference */ nmd = netmap_mem_find(req->nr_mem_id); if (nmd == NULL) { + if (netmap_verbose) { + nm_prerr("%s: failed to find mem_id %u", + hdr->nr_name, req->nr_mem_id); + } error = EINVAL; break; } @@ -2397,6 +2492,8 @@ netmap_ioctl(struct netmap_priv_d *priv, u_long cmd, caddr_t data, } if (na->virt_hdr_len && !(req->nr_flags & NR_ACCEPT_VNET_HDR)) { + nm_prerr("virt_hdr_len=%d, but application does " + "not accept it", na->virt_hdr_len); error = EIO; break; } @@ -2406,6 +2503,23 @@ netmap_ioctl(struct netmap_priv_d *priv, u_long cmd, caddr_t data, if (error) { /* reg. failed, release priv and ref */ break; } + + opt = nmreq_findoption((struct nmreq_option *)(uintptr_t)hdr->nr_options, + NETMAP_REQ_OPT_CSB); + if (opt != NULL) { + struct nmreq_opt_csb *csbo = + (struct nmreq_opt_csb *)opt; + error = nmreq_checkduplicate(opt); + if (!error) { + error = netmap_csb_validate(priv, csbo); + } + opt->nro_status = error; + if (error) { + netmap_do_unregif(priv); + break; + } + } + nifp = priv->np_nifp; priv->np_td = td; /* for debugging purposes */ @@ -2430,12 +2544,12 @@ netmap_ioctl(struct netmap_priv_d *priv, u_long cmd, caddr_t data, if (req->nr_extra_bufs) { if (netmap_verbose) - D("requested %d extra buffers", + nm_prinf("requested %d extra buffers", req->nr_extra_bufs); req->nr_extra_bufs = netmap_extra_alloc(na, &nifp->ni_bufs_head, req->nr_extra_bufs); if (netmap_verbose) - D("got %d extra buffers", req->nr_extra_bufs); + nm_prinf("got %d extra buffers", req->nr_extra_bufs); } req->nr_offset = netmap_mem_if_offset(na->nm_mem, nifp); @@ -2473,6 +2587,7 @@ netmap_ioctl(struct netmap_priv_d *priv, u_long cmd, caddr_t data, * so that we can call netmap_get_na(). */ struct nmreq_register regreq; bzero(®req, sizeof(regreq)); + regreq.nr_mode = NR_REG_ALL_NIC; regreq.nr_tx_slots = req->nr_tx_slots; regreq.nr_rx_slots = req->nr_rx_slots; regreq.nr_tx_rings = req->nr_tx_rings; @@ -2494,6 +2609,10 @@ netmap_ioctl(struct netmap_priv_d *priv, u_long cmd, caddr_t data, } else { nmd = netmap_mem_find(req->nr_mem_id ? req->nr_mem_id : 1); if (nmd == NULL) { + if (netmap_verbose) + nm_prerr("%s: failed to find mem_id %u", + hdr->nr_name, + req->nr_mem_id ? req->nr_mem_id : 1); error = EINVAL; break; } @@ -2505,8 +2624,6 @@ netmap_ioctl(struct netmap_priv_d *priv, u_long cmd, caddr_t data, break; if (na == NULL) /* only memory info */ break; - req->nr_offset = 0; - req->nr_rx_slots = req->nr_tx_slots = 0; netmap_update_config(na); req->nr_rx_rings = na->num_rx_rings; req->nr_tx_rings = na->num_tx_rings; @@ -2519,17 +2636,17 @@ netmap_ioctl(struct netmap_priv_d *priv, u_long cmd, caddr_t data, } #ifdef WITH_VALE case NETMAP_REQ_VALE_ATTACH: { - error = nm_bdg_ctl_attach(hdr, NULL /* userspace request */); + error = netmap_vale_attach(hdr, NULL /* userspace request */); break; } case NETMAP_REQ_VALE_DETACH: { - error = nm_bdg_ctl_detach(hdr, NULL /* userspace request */); + error = netmap_vale_detach(hdr, NULL /* userspace request */); break; } case NETMAP_REQ_VALE_LIST: { - error = netmap_bdg_list(hdr); + error = netmap_vale_list(hdr); break; } @@ -2540,12 +2657,16 @@ netmap_ioctl(struct netmap_priv_d *priv, u_long cmd, caddr_t data, * so that we can call netmap_get_bdg_na(). */ struct nmreq_register regreq; bzero(®req, sizeof(regreq)); + regreq.nr_mode = NR_REG_ALL_NIC; + /* For now we only support virtio-net headers, and only for * VALE ports, but this may change in future. Valid lengths * for the virtio-net header are 0 (no header), 10 and 12. */ if (req->nr_hdr_len != 0 && req->nr_hdr_len != sizeof(struct nm_vnet_hdr) && req->nr_hdr_len != 12) { + if (netmap_verbose) + nm_prerr("invalid hdr_len %u", req->nr_hdr_len); error = EINVAL; break; } @@ -2562,7 +2683,8 @@ netmap_ioctl(struct netmap_priv_d *priv, u_long cmd, caddr_t data, if (na->virt_hdr_len) { vpna->mfs = NETMAP_BUF_SIZE(na); } - D("Using vnet_hdr_len %d for %p", na->virt_hdr_len, na); + if (netmap_verbose) + nm_prinf("Using vnet_hdr_len %d for %p", na->virt_hdr_len, na); netmap_adapter_put(na); } else if (!na) { error = ENXIO; @@ -2581,6 +2703,7 @@ netmap_ioctl(struct netmap_priv_d *priv, u_long cmd, caddr_t data, struct ifnet *ifp; bzero(®req, sizeof(regreq)); + regreq.nr_mode = NR_REG_ALL_NIC; NMG_LOCK(); hdr->nr_reqtype = NETMAP_REQ_REGISTER; hdr->nr_body = (uintptr_t)®req; @@ -2612,19 +2735,77 @@ netmap_ioctl(struct netmap_priv_d *priv, u_long cmd, caddr_t data, } #endif /* WITH_VALE */ case NETMAP_REQ_POOLS_INFO_GET: { + /* Get information from the memory allocator used for + * hdr->nr_name. */ struct nmreq_pools_info *req = (struct nmreq_pools_info *)(uintptr_t)hdr->nr_body; - /* Get information from the memory allocator. This - * netmap device must already be bound to a port. - * Note that hdr->nr_name is ignored. */ NMG_LOCK(); - if (priv->np_na && priv->np_na->nm_mem) { - struct netmap_mem_d *nmd = priv->np_na->nm_mem; + do { + /* Build a nmreq_register out of the nmreq_pools_info, + * so that we can call netmap_get_na(). */ + struct nmreq_register regreq; + bzero(®req, sizeof(regreq)); + regreq.nr_mem_id = req->nr_mem_id; + regreq.nr_mode = NR_REG_ALL_NIC; + + hdr->nr_reqtype = NETMAP_REQ_REGISTER; + hdr->nr_body = (uintptr_t)®req; + error = netmap_get_na(hdr, &na, &ifp, NULL, 1 /* create */); + hdr->nr_reqtype = NETMAP_REQ_POOLS_INFO_GET; /* reset type */ + hdr->nr_body = (uintptr_t)req; /* reset nr_body */ + if (error) { + na = NULL; + ifp = NULL; + break; + } + nmd = na->nm_mem; /* grab the memory allocator */ + if (nmd == NULL) { + error = EINVAL; + break; + } + + /* Finalize the memory allocator, get the pools + * information and release the allocator. */ + error = netmap_mem_finalize(nmd, na); + if (error) { + break; + } error = netmap_mem_pools_info_get(req, nmd); - } else { + netmap_mem_drop(na); + } while (0); + netmap_unget_na(na, ifp); + NMG_UNLOCK(); + break; + } + + case NETMAP_REQ_CSB_ENABLE: { + struct nmreq_option *opt; + + opt = nmreq_findoption((struct nmreq_option *)(uintptr_t)hdr->nr_options, + NETMAP_REQ_OPT_CSB); + if (opt == NULL) { error = EINVAL; + } else { + struct nmreq_opt_csb *csbo = + (struct nmreq_opt_csb *)opt; + error = nmreq_checkduplicate(opt); + if (!error) { + NMG_LOCK(); + error = netmap_csb_validate(priv, csbo); + NMG_UNLOCK(); + } + opt->nro_status = error; } - NMG_UNLOCK(); + break; + } + + case NETMAP_REQ_SYNC_KLOOP_START: { + error = netmap_sync_kloop(priv, hdr); + break; + } + + case NETMAP_REQ_SYNC_KLOOP_STOP: { + error = netmap_sync_kloop_stop(priv); break; } @@ -2641,22 +2822,20 @@ netmap_ioctl(struct netmap_priv_d *priv, u_long cmd, caddr_t data, case NIOCTXSYNC: case NIOCRXSYNC: { - nifp = priv->np_nifp; - - if (nifp == NULL) { + if (unlikely(priv->np_nifp == NULL)) { error = ENXIO; break; } mb(); /* make sure following reads are not from cache */ - na = priv->np_na; /* we have a reference */ - - if (na == NULL) { - D("Internal error: nifp != NULL && na == NULL"); - error = ENXIO; + if (unlikely(priv->np_csb_atok_base)) { + nm_prerr("Invalid sync in CSB mode"); + error = EBUSY; break; } + na = priv->np_na; /* we have a reference */ + mbq_init(&q); t = (cmd == NIOCTXSYNC ? NR_TX : NR_RX); krings = NMR(na, t); @@ -2674,8 +2853,8 @@ netmap_ioctl(struct netmap_priv_d *priv, u_long cmd, caddr_t data, } if (cmd == NIOCTXSYNC) { - if (netmap_verbose & NM_VERB_TXSYNC) - D("pre txsync ring %d cur %d hwcur %d", + if (netmap_debug & NM_DEBUG_TXSYNC) + nm_prinf("pre txsync ring %d cur %d hwcur %d", i, ring->cur, kring->nr_hwcur); if (nm_txsync_prologue(kring, ring) >= kring->nkr_num_slots) { @@ -2683,8 +2862,8 @@ netmap_ioctl(struct netmap_priv_d *priv, u_long cmd, caddr_t data, } else if (kring->nm_sync(kring, sync_flags | NAF_FORCE_RECLAIM) == 0) { nm_sync_finalize(kring); } - if (netmap_verbose & NM_VERB_TXSYNC) - D("post txsync ring %d cur %d hwcur %d", + if (netmap_debug & NM_DEBUG_TXSYNC) + nm_prinf("post txsync ring %d cur %d hwcur %d", i, ring->cur, kring->nr_hwcur); } else { @@ -2739,18 +2918,22 @@ nmreq_size_by_type(uint16_t nr_reqtype) case NETMAP_REQ_VALE_NEWIF: return sizeof(struct nmreq_vale_newif); case NETMAP_REQ_VALE_DELIF: + case NETMAP_REQ_SYNC_KLOOP_STOP: + case NETMAP_REQ_CSB_ENABLE: return 0; case NETMAP_REQ_VALE_POLLING_ENABLE: case NETMAP_REQ_VALE_POLLING_DISABLE: return sizeof(struct nmreq_vale_polling); case NETMAP_REQ_POOLS_INFO_GET: return sizeof(struct nmreq_pools_info); + case NETMAP_REQ_SYNC_KLOOP_START: + return sizeof(struct nmreq_sync_kloop_start); } return 0; } static size_t -nmreq_opt_size_by_type(uint16_t nro_reqtype) +nmreq_opt_size_by_type(uint32_t nro_reqtype, uint64_t nro_size) { size_t rv = sizeof(struct nmreq_option); #ifdef NETMAP_REQ_OPT_DEBUG @@ -2763,6 +2946,13 @@ nmreq_opt_size_by_type(uint16_t nro_reqtype) rv = sizeof(struct nmreq_opt_extmem); break; #endif /* WITH_EXTMEM */ + case NETMAP_REQ_OPT_SYNC_KLOOP_EVENTFDS: + if (nro_size >= rv) + rv = nro_size; + break; + case NETMAP_REQ_OPT_CSB: + rv = sizeof(struct nmreq_opt_csb); + break; } /* subtract the common header */ return rv - sizeof(struct nmreq_option); @@ -2778,8 +2968,11 @@ nmreq_copyin(struct nmreq_header *hdr, int nr_body_is_user) struct nmreq_option buf; uint64_t *ptrs; - if (hdr->nr_reserved) + if (hdr->nr_reserved) { + if (netmap_verbose) + nm_prerr("nr_reserved must be zero"); return EINVAL; + } if (!nr_body_is_user) return 0; @@ -2796,6 +2989,8 @@ nmreq_copyin(struct nmreq_header *hdr, int nr_body_is_user) (!rqsz && hdr->nr_body != (uintptr_t)NULL)) { /* Request body expected, but not found; or * request body found but unexpected. */ + if (netmap_verbose) + nm_prerr("nr_body expected but not found, or vice versa"); error = EINVAL; goto out_err; } @@ -2809,7 +3004,7 @@ nmreq_copyin(struct nmreq_header *hdr, int nr_body_is_user) if (error) goto out_err; optsz += sizeof(*src); - optsz += nmreq_opt_size_by_type(buf.nro_reqtype); + optsz += nmreq_opt_size_by_type(buf.nro_reqtype, buf.nro_size); if (rqsz + optsz > NETMAP_REQ_MAXSIZE) { error = EMSGSIZE; goto out_err; @@ -2863,7 +3058,8 @@ nmreq_copyin(struct nmreq_header *hdr, int nr_body_is_user) p = (char *)(opt + 1); /* copy the option body */ - optsz = nmreq_opt_size_by_type(opt->nro_reqtype); + optsz = nmreq_opt_size_by_type(opt->nro_reqtype, + opt->nro_size); if (optsz) { /* the option body follows the option header */ error = copyin(src + 1, p, optsz); @@ -2937,7 +3133,8 @@ nmreq_copyout(struct nmreq_header *hdr, int rerror) /* copy the option body only if there was no error */ if (!rerror && !src->nro_status) { - optsz = nmreq_opt_size_by_type(src->nro_reqtype); + optsz = nmreq_opt_size_by_type(src->nro_reqtype, + src->nro_size); if (optsz) { error = copyout(src + 1, dst + 1, optsz); if (error) { @@ -3015,7 +3212,8 @@ netmap_poll(struct netmap_priv_d *priv, int events, NM_SELRECORD_T *sr) struct netmap_adapter *na; struct netmap_kring *kring; struct netmap_ring *ring; - u_int i, check_all_tx, check_all_rx, want[NR_TXRX], revents = 0; + u_int i, want[NR_TXRX], revents = 0; + NM_SELINFO_T *si[NR_TXRX]; #define want_tx want[NR_TX] #define want_rx want[NR_RX] struct mbq q; /* packets from RX hw queues to host stack */ @@ -3038,27 +3236,31 @@ netmap_poll(struct netmap_priv_d *priv, int events, NM_SELRECORD_T *sr) mbq_init(&q); - if (priv->np_nifp == NULL) { - D("No if registered"); + if (unlikely(priv->np_nifp == NULL)) { return POLLERR; } mb(); /* make sure following reads are not from cache */ na = priv->np_na; - if (!nm_netmap_on(na)) + if (unlikely(!nm_netmap_on(na))) return POLLERR; - if (netmap_verbose & 0x8000) - D("device %s events 0x%x", na->name, events); + if (unlikely(priv->np_csb_atok_base)) { + nm_prerr("Invalid poll in CSB mode"); + return POLLERR; + } + + if (netmap_debug & NM_DEBUG_ON) + nm_prinf("device %s events 0x%x", na->name, events); want_tx = events & (POLLOUT | POLLWRNORM); want_rx = events & (POLLIN | POLLRDNORM); /* - * check_all_{tx|rx} are set if the card has more than one queue AND - * the file descriptor is bound to all of them. If so, we sleep on - * the "global" selinfo, otherwise we sleep on individual selinfo - * (FreeBSD only allows two selinfo's per file descriptor). + * If the card has more than one queue AND the file descriptor is + * bound to all of them, we sleep on the "global" selinfo, otherwise + * we sleep on individual selinfo (FreeBSD only allows two selinfo's + * per file descriptor). * The interrupt routine in the driver wake one or the other * (or both) depending on which clients are active. * @@ -3067,8 +3269,10 @@ netmap_poll(struct netmap_priv_d *priv, int events, NM_SELRECORD_T *sr) * there are pending packets to send. The latter can be disabled * passing NETMAP_NO_TX_POLL in the NIOCREG call. */ - check_all_tx = nm_si_user(priv, NR_TX); - check_all_rx = nm_si_user(priv, NR_RX); + si[NR_RX] = nm_si_user(priv, NR_RX) ? &na->si[NR_RX] : + &na->rx_rings[priv->np_qfirst[NR_RX]]->si; + si[NR_TX] = nm_si_user(priv, NR_TX) ? &na->si[NR_TX] : + &na->tx_rings[priv->np_qfirst[NR_TX]]->si; #ifdef __FreeBSD__ /* @@ -3105,10 +3309,8 @@ netmap_poll(struct netmap_priv_d *priv, int events, NM_SELRECORD_T *sr) #ifdef linux /* The selrecord must be unconditional on linux. */ - nm_os_selrecord(sr, check_all_tx ? - &na->si[NR_TX] : &na->tx_rings[priv->np_qfirst[NR_TX]]->si); - nm_os_selrecord(sr, check_all_rx ? - &na->si[NR_RX] : &na->rx_rings[priv->np_qfirst[NR_RX]]->si); + nm_os_selrecord(sr, si[NR_RX]); + nm_os_selrecord(sr, si[NR_TX]); #endif /* linux */ /* @@ -3173,8 +3375,7 @@ flush_tx: send_down = 0; if (want_tx && retry_tx && sr) { #ifndef linux - nm_os_selrecord(sr, check_all_tx ? - &na->si[NR_TX] : &na->tx_rings[priv->np_qfirst[NR_TX]]->si); + nm_os_selrecord(sr, si[NR_TX]); #endif /* !linux */ retry_tx = 0; goto flush_tx; @@ -3234,8 +3435,7 @@ do_retry_rx: #ifndef linux if (retry_rx && sr) { - nm_os_selrecord(sr, check_all_rx ? - &na->si[NR_RX] : &na->rx_rings[priv->np_qfirst[NR_RX]]->si); + nm_os_selrecord(sr, si[NR_RX]); } #endif /* !linux */ if (send_down || retry_rx) { @@ -3290,7 +3490,7 @@ nma_intr_enable(struct netmap_adapter *na, int onoff) } if (!na->nm_intr) { - D("Cannot %s interrupts for %s", onoff ? "enable" : "disable", + nm_prerr("Cannot %s interrupts for %s", onoff ? "enable" : "disable", na->name); return -1; } @@ -3328,12 +3528,6 @@ netmap_notify(struct netmap_kring *kring, int flags) int netmap_attach_common(struct netmap_adapter *na) { - if (na->num_tx_rings == 0 || na->num_rx_rings == 0) { - D("%s: invalid rings tx %d rx %d", - na->name, na->num_tx_rings, na->num_rx_rings); - return EINVAL; - } - if (!na->rx_buf_maxsize) { /* Set a conservative default (larger is safer). */ na->rx_buf_maxsize = PAGE_SIZE; @@ -3436,12 +3630,23 @@ netmap_attach_ext(struct netmap_adapter *arg, size_t size, int override_reg) struct ifnet *ifp = NULL; if (size < sizeof(struct netmap_hw_adapter)) { - D("Invalid netmap adapter size %d", (int)size); + if (netmap_debug & NM_DEBUG_ON) + nm_prerr("Invalid netmap adapter size %d", (int)size); + return EINVAL; + } + + if (arg == NULL || arg->ifp == NULL) { + if (netmap_debug & NM_DEBUG_ON) + nm_prerr("either arg or arg->ifp is NULL"); return EINVAL; } - if (arg == NULL || arg->ifp == NULL) + if (arg->num_tx_rings == 0 || arg->num_rx_rings == 0) { + if (netmap_debug & NM_DEBUG_ON) + nm_prerr("%s: invalid rings tx %d rx %d", + arg->name, arg->num_tx_rings, arg->num_rx_rings); return EINVAL; + } ifp = arg->ifp; if (NM_NA_CLASH(ifp)) { @@ -3449,7 +3654,7 @@ netmap_attach_ext(struct netmap_adapter *arg, size_t size, int override_reg) * adapter it means that someone else is using the same * pointer (e.g. ax25_ptr on linux). This happens for * instance when also PF_RING is in use. */ - D("Error: netmap adapter hook is busy"); + nm_prerr("Error: netmap adapter hook is busy"); return EBUSY; } @@ -3458,7 +3663,7 @@ netmap_attach_ext(struct netmap_adapter *arg, size_t size, int override_reg) goto fail; hwna->up = *arg; hwna->up.na_flags |= NAF_HOST_RINGS | NAF_NATIVE; - strncpy(hwna->up.name, ifp->if_xname, sizeof(hwna->up.name)); + strlcpy(hwna->up.name, ifp->if_xname, sizeof(hwna->up.name)); if (override_reg) { hwna->nm_hw_register = hwna->up.nm_register; hwna->up.nm_register = netmap_hw_reg; @@ -3483,7 +3688,7 @@ netmap_attach_ext(struct netmap_adapter *arg, size_t size, int override_reg) return 0; fail: - D("fail, arg %p ifp %p na %p", arg, ifp, hwna); + nm_prerr("fail, arg %p ifp %p na %p", arg, ifp, hwna); return (hwna ? EINVAL : ENOMEM); } @@ -3521,7 +3726,8 @@ NM_DBG(netmap_adapter_put)(struct netmap_adapter *na) na->nm_dtor(na); if (na->tx_rings) { /* XXX should not happen */ - D("freeing leftover tx_rings"); + if (netmap_debug & NM_DEBUG_ON) + nm_prerr("freeing leftover tx_rings"); na->nm_krings_delete(na); } netmap_pipe_dealloc(na); @@ -3619,7 +3825,7 @@ netmap_transmit(struct ifnet *ifp, struct mbuf *m) // mtx_lock(&na->core_lock); if (!nm_netmap_on(na)) { - D("%s not in netmap mode anymore", na->name); + nm_prerr("%s not in netmap mode anymore", na->name); error = ENXIO; goto done; } @@ -3638,7 +3844,7 @@ netmap_transmit(struct ifnet *ifp, struct mbuf *m) // XXX reconsider long packets if we handle fragments if (len > NETMAP_BUF_SIZE(na)) { /* too long for us */ - D("%s from_host, drop packet size %d > %d", na->name, + nm_prerr("%s from_host, drop packet size %d > %d", na->name, len, NETMAP_BUF_SIZE(na)); goto done; } @@ -3655,6 +3861,10 @@ netmap_transmit(struct ifnet *ifp, struct mbuf *m) goto done; } +#ifdef __FreeBSD__ + ETHER_BPF_MTAP(ifp, m); +#endif /* __FreeBSD__ */ + /* protect against netmap_rxsync_from_host(), netmap_sw_to_nic() * and maybe other instances of netmap_transmit (the latter * not possible on Linux). @@ -3749,8 +3959,8 @@ netmap_reset(struct netmap_adapter *na, enum txrx tx, u_int n, new_hwofs -= lim + 1; /* Always set the new offset value and realign the ring. */ - if (netmap_verbose) - D("%s %s%d hwofs %d -> %d, hwtail %d -> %d", + if (netmap_debug & NM_DEBUG_ON) + nm_prinf("%s %s%d hwofs %d -> %d, hwtail %d -> %d", na->name, tx == NR_TX ? "TX" : "RX", n, kring->nkr_hwofs, new_hwofs, @@ -3796,8 +4006,8 @@ netmap_common_irq(struct netmap_adapter *na, u_int q, u_int *work_done) q &= NETMAP_RING_MASK; - if (netmap_verbose) { - RD(5, "received %s queue %d", work_done ? "RX" : "TX" , q); + if (netmap_debug & (NM_DEBUG_RXINTR|NM_DEBUG_TXINTR)) { + nm_prlim(5, "received %s queue %d", work_done ? "RX" : "TX" , q); } if (q >= nma_get_nrings(na, t)) @@ -3879,7 +4089,7 @@ nm_clear_native_flags(struct netmap_adapter *na) struct ifnet *ifp = na->ifp; /* We undo the setup for intercepting packets only if we are the - * last user of this adapapter. */ + * last user of this adapter. */ if (na->active_fds > 0) { return; } @@ -3890,7 +4100,6 @@ nm_clear_native_flags(struct netmap_adapter *na) na->na_flags &= ~NAF_NETMAP_ON; } - /* * Module loader and unloader * @@ -3915,7 +4124,7 @@ netmap_fini(void) netmap_uninit_bridges(); netmap_mem_fini(); NMG_LOCK_DESTROY(); - nm_prinf("netmap: unloaded module.\n"); + nm_prinf("netmap: unloaded module."); } @@ -3952,7 +4161,7 @@ netmap_init(void) if (error) goto fail; - nm_prinf("netmap: loaded module\n"); + nm_prinf("netmap: loaded module"); return (0); fail: netmap_fini(); diff --git a/sys/dev/netmap/netmap_bdg.c b/sys/dev/netmap/netmap_bdg.c index dd64b805cbf1..e70e67821afb 100644 --- a/sys/dev/netmap/netmap_bdg.c +++ b/sys/dev/netmap/netmap_bdg.c @@ -126,7 +126,7 @@ netmap_bdg_name(struct netmap_vp_adapter *vp) * Right now we have a static array and deletions are protected * by an exclusive lock. */ -static struct nm_bridge *nm_bridges; +struct nm_bridge *nm_bridges; #endif /* !CONFIG_NET_NS */ @@ -139,15 +139,15 @@ nm_is_id_char(const char c) (c == '_'); } -/* Validate the name of a VALE bridge port and return the +/* Validate the name of a bdg port and return the * position of the ":" character. */ static int -nm_vale_name_validate(const char *name) +nm_bdg_name_validate(const char *name, size_t prefixlen) { int colon_pos = -1; int i; - if (!name || strlen(name) < strlen(NM_BDG_NAME)) { + if (!name || strlen(name) < prefixlen) { return -1; } @@ -186,9 +186,10 @@ nm_find_bridge(const char *name, int create, struct netmap_bdg_ops *ops) netmap_bns_getbridges(&bridges, &num_bridges); - namelen = nm_vale_name_validate(name); + namelen = nm_bdg_name_validate(name, + (ops != NULL ? strlen(ops->name) : 0)); if (namelen < 0) { - D("invalid bridge name %s", name ? name : NULL); + nm_prerr("invalid bridge name %s", name ? name : NULL); return NULL; } @@ -213,7 +214,7 @@ nm_find_bridge(const char *name, int create, struct netmap_bdg_ops *ops) b->bdg_active_ports); b->ht = nm_os_malloc(sizeof(struct nm_hash_ent) * NM_BDG_HASH); if (b->ht == NULL) { - D("failed to allocate hash table"); + nm_prerr("failed to allocate hash table"); return NULL; } strncpy(b->bdg_basename, name, namelen); @@ -222,7 +223,7 @@ nm_find_bridge(const char *name, int create, struct netmap_bdg_ops *ops) for (i = 0; i < NM_BDG_MAXPORTS; i++) b->bdg_port_index[i] = i; /* set the default function */ - b->bdg_ops = ops; + b->bdg_ops = b->bdg_saved_ops = *ops; b->private_data = b->ht; b->bdg_flags = 0; NM_BNS_GET(b); @@ -240,12 +241,48 @@ netmap_bdg_free(struct nm_bridge *b) ND("marking bridge %s as free", b->bdg_basename); nm_os_free(b->ht); - b->bdg_ops = NULL; + memset(&b->bdg_ops, 0, sizeof(b->bdg_ops)); + memset(&b->bdg_saved_ops, 0, sizeof(b->bdg_saved_ops)); b->bdg_flags = 0; NM_BNS_PUT(b); return 0; } +/* Called by external kernel modules (e.g., Openvswitch). + * to modify the private data previously given to regops(). + * 'name' may be just bridge's name (including ':' if it + * is not just NM_BDG_NAME). + * Called without NMG_LOCK. + */ +int +netmap_bdg_update_private_data(const char *name, bdg_update_private_data_fn_t callback, + void *callback_data, void *auth_token) +{ + void *private_data = NULL; + struct nm_bridge *b; + int error = 0; + + NMG_LOCK(); + b = nm_find_bridge(name, 0 /* don't create */, NULL); + if (!b) { + error = EINVAL; + goto unlock_update_priv; + } + if (!nm_bdg_valid_auth_token(b, auth_token)) { + error = EACCES; + goto unlock_update_priv; + } + BDG_WLOCK(b); + private_data = callback(b->private_data, callback_data, &error); + b->private_data = private_data; + BDG_WUNLOCK(b); + +unlock_update_priv: + NMG_UNLOCK(); + return error; +} + + /* remove from bridge b the ports in slots hw and sw * (sw can be -1 if not needed) @@ -267,8 +304,8 @@ netmap_bdg_detach_common(struct nm_bridge *b, int hw, int sw) acquire BDG_WLOCK() and copy back the array. */ - if (netmap_verbose) - D("detach %d and %d (lim %d)", hw, sw, lim); + if (netmap_debug & NM_DEBUG_BDG) + nm_prinf("detach %d and %d (lim %d)", hw, sw, lim); /* make a copy of the list of active ports, update it, * and then copy back within BDG_WLOCK(). */ @@ -291,12 +328,12 @@ netmap_bdg_detach_common(struct nm_bridge *b, int hw, int sw) } } if (hw >= 0 || sw >= 0) { - D("XXX delete failed hw %d sw %d, should panic...", hw, sw); + nm_prerr("delete failed hw %d sw %d, should panic...", hw, sw); } BDG_WLOCK(b); - if (b->bdg_ops->dtor) - b->bdg_ops->dtor(b->bdg_ports[s_hw]); + if (b->bdg_ops.dtor) + b->bdg_ops.dtor(b->bdg_ports[s_hw]); b->bdg_ports[s_hw] = NULL; if (s_sw >= 0) { b->bdg_ports[s_sw] = NULL; @@ -402,7 +439,7 @@ netmap_get_bdg_na(struct nmreq_header *hdr, struct netmap_adapter **na, /* yes we should, see if we have space to attach entries */ needed = 2; /* in some cases we only need 1 */ if (b->bdg_active_ports + needed >= NM_BDG_MAXPORTS) { - D("bridge full %d, cannot create new port", b->bdg_active_ports); + nm_prerr("bridge full %d, cannot create new port", b->bdg_active_ports); return ENOMEM; } /* record the next two ports available, but do not allocate yet */ @@ -428,9 +465,10 @@ netmap_get_bdg_na(struct nmreq_header *hdr, struct netmap_adapter **na, } /* bdg_netmap_attach creates a struct netmap_adapter */ - error = b->bdg_ops->vp_create(hdr, NULL, nmd, &vpna); + error = b->bdg_ops.vp_create(hdr, NULL, nmd, &vpna); if (error) { - D("error %d", error); + if (netmap_debug & NM_DEBUG_BDG) + nm_prerr("error %d", error); goto out; } /* shortcut - we can skip get_hw_na(), @@ -459,7 +497,7 @@ netmap_get_bdg_na(struct nmreq_header *hdr, struct netmap_adapter **na, /* host adapter might not be created */ error = hw->nm_bdg_attach(nr_name, hw, b); if (error == NM_NEED_BWRAP) { - error = b->bdg_ops->bwrap_attach(nr_name, hw); + error = b->bdg_ops.bwrap_attach(nr_name, hw); } if (error) goto out; @@ -502,142 +540,13 @@ out: return error; } -/* Process NETMAP_REQ_VALE_ATTACH. - */ -int -nm_bdg_ctl_attach(struct nmreq_header *hdr, void *auth_token) -{ - struct nmreq_vale_attach *req = - (struct nmreq_vale_attach *)(uintptr_t)hdr->nr_body; - struct netmap_vp_adapter * vpna; - struct netmap_adapter *na = NULL; - struct netmap_mem_d *nmd = NULL; - struct nm_bridge *b = NULL; - int error; - - NMG_LOCK(); - /* permission check for modified bridges */ - b = nm_find_bridge(hdr->nr_name, 0 /* don't create */, NULL); - if (b && !nm_bdg_valid_auth_token(b, auth_token)) { - error = EACCES; - goto unlock_exit; - } - - if (req->reg.nr_mem_id) { - nmd = netmap_mem_find(req->reg.nr_mem_id); - if (nmd == NULL) { - error = EINVAL; - goto unlock_exit; - } - } - - /* check for existing one */ - error = netmap_get_vale_na(hdr, &na, nmd, 0); - if (na) { - error = EBUSY; - goto unref_exit; - } - error = netmap_get_vale_na(hdr, &na, - nmd, 1 /* create if not exists */); - if (error) { /* no device */ - goto unlock_exit; - } - - if (na == NULL) { /* VALE prefix missing */ - error = EINVAL; - goto unlock_exit; - } - - if (NETMAP_OWNED_BY_ANY(na)) { - error = EBUSY; - goto unref_exit; - } - - if (na->nm_bdg_ctl) { - /* nop for VALE ports. The bwrap needs to put the hwna - * in netmap mode (see netmap_bwrap_bdg_ctl) - */ - error = na->nm_bdg_ctl(hdr, na); - if (error) - goto unref_exit; - ND("registered %s to netmap-mode", na->name); - } - vpna = (struct netmap_vp_adapter *)na; - req->port_index = vpna->bdg_port; - NMG_UNLOCK(); - return 0; - -unref_exit: - netmap_adapter_put(na); -unlock_exit: - NMG_UNLOCK(); - return error; -} -static inline int +int nm_is_bwrap(struct netmap_adapter *na) { return na->nm_register == netmap_bwrap_reg; } -/* Process NETMAP_REQ_VALE_DETACH. - */ -int -nm_bdg_ctl_detach(struct nmreq_header *hdr, void *auth_token) -{ - struct nmreq_vale_detach *nmreq_det = (void *)(uintptr_t)hdr->nr_body; - struct netmap_vp_adapter *vpna; - struct netmap_adapter *na; - struct nm_bridge *b = NULL; - int error; - - NMG_LOCK(); - /* permission check for modified bridges */ - b = nm_find_bridge(hdr->nr_name, 0 /* don't create */, NULL); - if (b && !nm_bdg_valid_auth_token(b, auth_token)) { - error = EACCES; - goto unlock_exit; - } - - error = netmap_get_vale_na(hdr, &na, NULL, 0 /* don't create */); - if (error) { /* no device, or another bridge or user owns the device */ - goto unlock_exit; - } - - if (na == NULL) { /* VALE prefix missing */ - error = EINVAL; - goto unlock_exit; - } else if (nm_is_bwrap(na) && - ((struct netmap_bwrap_adapter *)na)->na_polling_state) { - /* Don't detach a NIC with polling */ - error = EBUSY; - goto unref_exit; - } - - vpna = (struct netmap_vp_adapter *)na; - if (na->na_vp != vpna) { - /* trying to detach first attach of VALE persistent port attached - * to 2 bridges - */ - error = EBUSY; - goto unref_exit; - } - nmreq_det->port_index = vpna->bdg_port; - - if (na->nm_bdg_ctl) { - /* remove the port from bridge. The bwrap - * also needs to put the hwna in normal mode - */ - error = na->nm_bdg_ctl(hdr, na); - } - -unref_exit: - netmap_adapter_put(na); -unlock_exit: - NMG_UNLOCK(); - return error; - -} struct nm_bdg_polling_state; struct @@ -661,7 +570,7 @@ struct nm_bdg_polling_state { }; static void -netmap_bwrap_polling(void *data, int is_kthread) +netmap_bwrap_polling(void *data) { struct nm_bdg_kthread *nbk = data; struct netmap_bwrap_adapter *bna; @@ -693,7 +602,6 @@ nm_bdg_create_kthreads(struct nm_bdg_polling_state *bps) bzero(&kcfg, sizeof(kcfg)); kcfg.worker_fn = netmap_bwrap_polling; - kcfg.use_kthread = 1; for (i = 0; i < bps->ncpus; i++) { struct nm_bdg_kthread *t = bps->kthreads + i; int all = (bps->ncpus == 1 && @@ -703,8 +611,9 @@ nm_bdg_create_kthreads(struct nm_bdg_polling_state *bps) t->bps = bps; t->qfirst = all ? bps->qfirst /* must be 0 */: affinity; t->qlast = all ? bps->qlast : t->qfirst + 1; - D("kthread %d a:%u qf:%u ql:%u", i, affinity, t->qfirst, - t->qlast); + if (netmap_verbose) + nm_prinf("kthread %d a:%u qf:%u ql:%u", i, affinity, t->qfirst, + t->qlast); kcfg.type = i; kcfg.worker_private = t; @@ -732,7 +641,7 @@ nm_bdg_polling_start_kthreads(struct nm_bdg_polling_state *bps) int error, i, j; if (!bps) { - D("polling is not configured"); + nm_prerr("polling is not configured"); return EFAULT; } bps->stopped = false; @@ -741,7 +650,7 @@ nm_bdg_polling_start_kthreads(struct nm_bdg_polling_state *bps) struct nm_bdg_kthread *t = bps->kthreads + i; error = nm_os_kctx_worker_start(t->nmk); if (error) { - D("error in nm_kthread_start()"); + nm_prerr("error in nm_kthread_start(): %d", error); goto cleanup; } } @@ -784,10 +693,10 @@ get_polling_cfg(struct nmreq_vale_polling *req, struct netmap_adapter *na, avail_cpus = nm_os_ncpus(); if (req_cpus == 0) { - D("req_cpus must be > 0"); + nm_prerr("req_cpus must be > 0"); return EINVAL; } else if (req_cpus >= avail_cpus) { - D("Cannot use all the CPUs in the system"); + nm_prerr("Cannot use all the CPUs in the system"); return EINVAL; } @@ -797,7 +706,7 @@ get_polling_cfg(struct nmreq_vale_polling *req, struct netmap_adapter *na, * For example, if nr_first_cpu_id=2 and nr_num_polling_cpus=2, * ring 2 and 3 are polled by core 2 and 3, respectively. */ if (i + req_cpus > nma_get_nrings(na, NR_RX)) { - D("Rings %u-%u not in range (have %d rings)", + nm_prerr("Rings %u-%u not in range (have %d rings)", i, i + req_cpus, nma_get_nrings(na, NR_RX)); return EINVAL; } @@ -809,7 +718,7 @@ get_polling_cfg(struct nmreq_vale_polling *req, struct netmap_adapter *na, /* Poll all the rings using a core specified by nr_first_cpu_id. * the number of cores must be 1. */ if (req_cpus != 1) { - D("ncpus must be 1 for NETMAP_POLLING_MODE_SINGLE_CPU " + nm_prerr("ncpus must be 1 for NETMAP_POLLING_MODE_SINGLE_CPU " "(was %d)", req_cpus); return EINVAL; } @@ -817,7 +726,7 @@ get_polling_cfg(struct nmreq_vale_polling *req, struct netmap_adapter *na, qlast = nma_get_nrings(na, NR_RX); core_from = i; } else { - D("Invalid polling mode"); + nm_prerr("Invalid polling mode"); return EINVAL; } @@ -826,7 +735,7 @@ get_polling_cfg(struct nmreq_vale_polling *req, struct netmap_adapter *na, bps->qlast = qlast; bps->cpu_from = core_from; bps->ncpus = req_cpus; - D("%s qfirst %u qlast %u cpu_from %u ncpus %u", + nm_prinf("%s qfirst %u qlast %u cpu_from %u ncpus %u", req->nr_mode == NETMAP_POLLING_MODE_MULTI_CPU ? "MULTI" : "SINGLE", qfirst, qlast, core_from, req_cpus); @@ -842,7 +751,7 @@ nm_bdg_ctl_polling_start(struct nmreq_vale_polling *req, struct netmap_adapter * bna = (struct netmap_bwrap_adapter *)na; if (bna->na_polling_state) { - D("ERROR adapter already in polling mode"); + nm_prerr("ERROR adapter already in polling mode"); return EFAULT; } @@ -871,7 +780,7 @@ nm_bdg_ctl_polling_start(struct nmreq_vale_polling *req, struct netmap_adapter * /* start kthread now */ error = nm_bdg_polling_start_kthreads(bps); if (error) { - D("ERROR nm_bdg_polling_start_kthread()"); + nm_prerr("ERROR nm_bdg_polling_start_kthread()"); nm_os_free(bps->kthreads); nm_os_free(bps); bna->na_polling_state = NULL; @@ -887,7 +796,7 @@ nm_bdg_ctl_polling_stop(struct netmap_adapter *na) struct nm_bdg_polling_state *bps; if (!bna->na_polling_state) { - D("ERROR adapter is not in polling mode"); + nm_prerr("ERROR adapter is not in polling mode"); return EFAULT; } bps = bna->na_polling_state; @@ -932,86 +841,6 @@ nm_bdg_polling(struct nmreq_header *hdr) return error; } -/* Process NETMAP_REQ_VALE_LIST. */ -int -netmap_bdg_list(struct nmreq_header *hdr) -{ - struct nmreq_vale_list *req = - (struct nmreq_vale_list *)(uintptr_t)hdr->nr_body; - int namelen = strlen(hdr->nr_name); - struct nm_bridge *b, *bridges; - struct netmap_vp_adapter *vpna; - int error = 0, i, j; - u_int num_bridges; - - netmap_bns_getbridges(&bridges, &num_bridges); - - /* this is used to enumerate bridges and ports */ - if (namelen) { /* look up indexes of bridge and port */ - if (strncmp(hdr->nr_name, NM_BDG_NAME, - strlen(NM_BDG_NAME))) { - return EINVAL; - } - NMG_LOCK(); - b = nm_find_bridge(hdr->nr_name, 0 /* don't create */, NULL); - if (!b) { - NMG_UNLOCK(); - return ENOENT; - } - - req->nr_bridge_idx = b - bridges; /* bridge index */ - req->nr_port_idx = NM_BDG_NOPORT; - for (j = 0; j < b->bdg_active_ports; j++) { - i = b->bdg_port_index[j]; - vpna = b->bdg_ports[i]; - if (vpna == NULL) { - D("This should not happen"); - continue; - } - /* the former and the latter identify a - * virtual port and a NIC, respectively - */ - if (!strcmp(vpna->up.name, hdr->nr_name)) { - req->nr_port_idx = i; /* port index */ - break; - } - } - NMG_UNLOCK(); - } else { - /* return the first non-empty entry starting from - * bridge nr_arg1 and port nr_arg2. - * - * Users can detect the end of the same bridge by - * seeing the new and old value of nr_arg1, and can - * detect the end of all the bridge by error != 0 - */ - i = req->nr_bridge_idx; - j = req->nr_port_idx; - - NMG_LOCK(); - for (error = ENOENT; i < NM_BRIDGES; i++) { - b = bridges + i; - for ( ; j < NM_BDG_MAXPORTS; j++) { - if (b->bdg_ports[j] == NULL) - continue; - vpna = b->bdg_ports[j]; - /* write back the VALE switch name */ - strncpy(hdr->nr_name, vpna->up.name, - (size_t)IFNAMSIZ); - error = 0; - goto out; - } - j = 0; /* following bridges scan from 0 */ - } - out: - req->nr_bridge_idx = i; - req->nr_port_idx = j; - NMG_UNLOCK(); - } - - return error; -} - /* Called by external kernel modules (e.g., Openvswitch). * to set configure/lookup/dtor functions of a VALE instance. * Register callbacks to the given bridge. 'name' may be just @@ -1041,12 +870,19 @@ netmap_bdg_regops(const char *name, struct netmap_bdg_ops *bdg_ops, void *privat if (!bdg_ops) { /* resetting the bridge */ bzero(b->ht, sizeof(struct nm_hash_ent) * NM_BDG_HASH); - b->bdg_ops = NULL; + b->bdg_ops = b->bdg_saved_ops; b->private_data = b->ht; } else { /* modifying the bridge */ b->private_data = private_data; - b->bdg_ops = bdg_ops; +#define nm_bdg_override(m) if (bdg_ops->m) b->bdg_ops.m = bdg_ops->m + nm_bdg_override(lookup); + nm_bdg_override(config); + nm_bdg_override(dtor); + nm_bdg_override(vp_create); + nm_bdg_override(bwrap_attach); +#undef nm_bdg_override + } BDG_WUNLOCK(b); @@ -1071,8 +907,8 @@ netmap_bdg_config(struct nm_ifreq *nr) NMG_UNLOCK(); /* Don't call config() with NMG_LOCK() held */ BDG_RLOCK(b); - if (b->bdg_ops->config != NULL) - error = b->bdg_ops->config(nr); + if (b->bdg_ops.config != NULL) + error = b->bdg_ops.config(nr); BDG_RUNLOCK(b); return error; } @@ -1137,7 +973,7 @@ netmap_vp_rxsync_locked(struct netmap_kring *kring, int flags) int n; if (head > lim) { - D("ouch dangerous reset!!!"); + nm_prerr("ouch dangerous reset!!!"); n = netmap_ring_reinit(kring); goto done; } @@ -1154,7 +990,7 @@ netmap_vp_rxsync_locked(struct netmap_kring *kring, int flags) void *addr = NMB(na, slot); if (addr == NETMAP_BUF_BASE(kring->na)) { /* bad buf */ - D("bad buffer index %d, ignore ?", + nm_prerr("bad buffer index %d, ignore ?", slot->buf_idx); } slot->flags &= ~NS_BUF_CHANGED; @@ -1283,8 +1119,8 @@ netmap_bwrap_intr_notify(struct netmap_kring *kring, int flags) int ret = NM_IRQ_COMPLETED; int error; - if (netmap_verbose) - D("%s %s 0x%x", na->name, kring->name, flags); + if (netmap_debug & NM_DEBUG_RXINTR) + nm_prinf("%s %s 0x%x", na->name, kring->name, flags); bkring = vpna->up.tx_rings[ring_nr]; @@ -1293,8 +1129,8 @@ netmap_bwrap_intr_notify(struct netmap_kring *kring, int flags) return EIO; } - if (netmap_verbose) - D("%s head %d cur %d tail %d", na->name, + if (netmap_debug & NM_DEBUG_RXINTR) + nm_prinf("%s head %d cur %d tail %d", na->name, kring->rhead, kring->rcur, kring->rtail); /* simulate a user wakeup on the rx ring @@ -1305,7 +1141,7 @@ netmap_bwrap_intr_notify(struct netmap_kring *kring, int flags) goto put_out; if (kring->nr_hwcur == kring->nr_hwtail) { if (netmap_verbose) - D("how strange, interrupt with no packets on %s", + nm_prerr("how strange, interrupt with no packets on %s", na->name); goto put_out; } @@ -1593,8 +1429,8 @@ netmap_bwrap_notify(struct netmap_kring *kring, int flags) ND("%s[%d] PRE rx(c%3d t%3d l%3d) ring(h%3d c%3d t%3d) tx(c%3d ht%3d t%3d)", na->name, ring_n, kring->nr_hwcur, kring->nr_hwtail, kring->nkr_hwlease, - ring->head, ring->cur, ring->tail, - hw_kring->nr_hwcur, hw_kring->nr_hwtail, hw_ring->rtail); + kring->rhead, kring->rcur, kring->rtail, + hw_kring->nr_hwcur, hw_kring->nr_hwtail, hw_kring->rtail); /* second step: the new packets are sent on the tx ring * (which is actually the same ring) */ @@ -1612,7 +1448,7 @@ netmap_bwrap_notify(struct netmap_kring *kring, int flags) ND("%s[%d] PST rx(c%3d t%3d l%3d) ring(h%3d c%3d t%3d) tx(c%3d ht%3d t%3d)", na->name, ring_n, kring->nr_hwcur, kring->nr_hwtail, kring->nkr_hwlease, - ring->head, ring->cur, ring->tail, + kring->rhead, kring->rcur, kring->rtail, hw_kring->nr_hwcur, hw_kring->nr_hwtail, hw_kring->rtail); put_out: nm_kr_put(hw_kring); @@ -1688,7 +1524,7 @@ netmap_bwrap_attach_common(struct netmap_adapter *na, /* make sure the NIC is not already in use */ if (NETMAP_OWNED_BY_ANY(hwna)) { - D("NIC %s busy, cannot attach to bridge", hwna->name); + nm_prerr("NIC %s busy, cannot attach to bridge", hwna->name); return EBUSY; } @@ -1756,6 +1592,8 @@ netmap_bwrap_attach_common(struct netmap_adapter *na, hostna->na_flags = NAF_BUSY; /* prevent NIOCREGIF */ hostna->rx_buf_maxsize = hwna->rx_buf_maxsize; } + if (hwna->na_flags & NAF_MOREFRAG) + na->na_flags |= NAF_MOREFRAG; ND("%s<->%s txr %d txd %d rxr %d rxd %d", na->name, ifp->if_xname, diff --git a/sys/dev/netmap/netmap_bdg.h b/sys/dev/netmap/netmap_bdg.h index e020cbed2abb..e4683885e66c 100644 --- a/sys/dev/netmap/netmap_bdg.h +++ b/sys/dev/netmap/netmap_bdg.h @@ -44,6 +44,40 @@ #endif /* __FreeBSD__ */ +/* + * The following bridge-related functions are used by other + * kernel modules. + * + * VALE only supports unicast or broadcast. The lookup + * function can return 0 .. NM_BDG_MAXPORTS-1 for regular ports, + * NM_BDG_MAXPORTS for broadcast, NM_BDG_MAXPORTS+1 to indicate + * drop. + */ +typedef uint32_t (*bdg_lookup_fn_t)(struct nm_bdg_fwd *ft, uint8_t *ring_nr, + struct netmap_vp_adapter *, void *private_data); +typedef int (*bdg_config_fn_t)(struct nm_ifreq *); +typedef void (*bdg_dtor_fn_t)(const struct netmap_vp_adapter *); +typedef void *(*bdg_update_private_data_fn_t)(void *private_data, void *callback_data, int *error); +typedef int (*bdg_vp_create_fn_t)(struct nmreq_header *hdr, + struct ifnet *ifp, struct netmap_mem_d *nmd, + struct netmap_vp_adapter **ret); +typedef int (*bdg_bwrap_attach_fn_t)(const char *nr_name, struct netmap_adapter *hwna); +struct netmap_bdg_ops { + bdg_lookup_fn_t lookup; + bdg_config_fn_t config; + bdg_dtor_fn_t dtor; + bdg_vp_create_fn_t vp_create; + bdg_bwrap_attach_fn_t bwrap_attach; + char name[IFNAMSIZ]; +}; +int netmap_bwrap_attach(const char *name, struct netmap_adapter *, struct netmap_bdg_ops *); +int netmap_bdg_regops(const char *name, struct netmap_bdg_ops *bdg_ops, void *private_data, void *auth_token); + +#define NM_BRIDGES 8 /* number of bridges */ +#define NM_BDG_MAXPORTS 254 /* up to 254 */ +#define NM_BDG_BROADCAST NM_BDG_MAXPORTS +#define NM_BDG_NOPORT (NM_BDG_MAXPORTS+1) + /* XXX Should go away after fixing find_bridge() - Michio */ #define NM_BDG_HASH 1024 /* forwarding table entries */ @@ -95,7 +129,8 @@ struct nm_bridge { * different ring index. * The function is set by netmap_bdg_regops(). */ - struct netmap_bdg_ops *bdg_ops; + struct netmap_bdg_ops bdg_ops; + struct netmap_bdg_ops bdg_saved_ops; /* * Contains the data structure used by the bdg_ops.lookup function. @@ -111,6 +146,7 @@ struct nm_bridge { */ #define NM_BDG_ACTIVE 1 #define NM_BDG_EXCLUSIVE 2 +#define NM_BDG_NEED_BWRAP 4 uint8_t bdg_flags; @@ -149,6 +185,13 @@ int netmap_bwrap_attach_common(struct netmap_adapter *na, struct netmap_adapter *hwna); int netmap_bwrap_krings_create_common(struct netmap_adapter *na); void netmap_bwrap_krings_delete_common(struct netmap_adapter *na); +struct nm_bridge *netmap_init_bridges2(u_int); +void netmap_uninit_bridges2(struct nm_bridge *, u_int); +int netmap_bdg_update_private_data(const char *name, bdg_update_private_data_fn_t callback, + void *callback_data, void *auth_token); +int netmap_bdg_config(struct nm_ifreq *nifr); +int nm_is_bwrap(struct netmap_adapter *); + #define NM_NEED_BWRAP (-2) #endif /* _NET_NETMAP_BDG_H_ */ diff --git a/sys/dev/netmap/netmap_freebsd.c b/sys/dev/netmap/netmap_freebsd.c index 5472cfef99bf..3b0cdabe570f 100644 --- a/sys/dev/netmap/netmap_freebsd.c +++ b/sys/dev/netmap/netmap_freebsd.c @@ -735,9 +735,9 @@ out: } #endif /* WITH_EXTMEM */ -/* ======================== PTNETMAP SUPPORT ========================== */ +/* ================== PTNETMAP GUEST SUPPORT ==================== */ -#ifdef WITH_PTNETMAP_GUEST +#ifdef WITH_PTNETMAP #include <sys/bus.h> #include <sys/rman.h> #include <machine/bus.h> /* bus_dmamap_* */ @@ -932,7 +932,7 @@ ptn_memdev_shutdown(device_t dev) return bus_generic_shutdown(dev); } -#endif /* WITH_PTNETMAP_GUEST */ +#endif /* WITH_PTNETMAP */ /* * In order to track whether pages are still mapped, we hook into @@ -1145,8 +1145,8 @@ nm_os_ncpus(void) } struct nm_kctx_ctx { - struct thread *user_td; /* thread user-space (kthread creator) to send ioctl */ - struct ptnetmap_cfgentry_bhyve cfg; + /* Userspace thread (kthread creator). */ + struct thread *user_td; /* worker function and parameter */ nm_kctx_worker_fn_t worker_fn; @@ -1161,56 +1161,17 @@ struct nm_kctx_ctx { struct nm_kctx { struct thread *worker; struct mtx worker_lock; - uint64_t scheduled; /* pending wake_up request */ struct nm_kctx_ctx worker_ctx; int run; /* used to stop kthread */ int attach_user; /* kthread attached to user_process */ int affinity; }; -void inline -nm_os_kctx_worker_wakeup(struct nm_kctx *nmk) -{ - /* - * There may be a race between FE and BE, - * which call both this function, and worker kthread, - * that reads nmk->scheduled. - * - * For us it is not important the counter value, - * but simply that it has changed since the last - * time the kthread saw it. - */ - mtx_lock(&nmk->worker_lock); - nmk->scheduled++; - if (nmk->worker_ctx.cfg.wchan) { - wakeup((void *)(uintptr_t)nmk->worker_ctx.cfg.wchan); - } - mtx_unlock(&nmk->worker_lock); -} - -void inline -nm_os_kctx_send_irq(struct nm_kctx *nmk) -{ - struct nm_kctx_ctx *ctx = &nmk->worker_ctx; - int err; - - if (ctx->user_td && ctx->cfg.ioctl_fd > 0) { - err = kern_ioctl(ctx->user_td, ctx->cfg.ioctl_fd, ctx->cfg.ioctl_cmd, - (caddr_t)&ctx->cfg.ioctl_data); - if (err) { - D("kern_ioctl error: %d ioctl parameters: fd %d com %lu data %p", - err, ctx->cfg.ioctl_fd, (unsigned long)ctx->cfg.ioctl_cmd, - &ctx->cfg.ioctl_data); - } - } -} - static void nm_kctx_worker(void *data) { struct nm_kctx *nmk = data; struct nm_kctx_ctx *ctx = &nmk->worker_ctx; - uint64_t old_scheduled = nmk->scheduled; if (nmk->affinity >= 0) { thread_lock(curthread); @@ -1231,30 +1192,8 @@ nm_kctx_worker(void *data) kthread_suspend_check(); } - /* - * if wchan is not defined, we don't have notification - * mechanism and we continually execute worker_fn() - */ - if (!ctx->cfg.wchan) { - ctx->worker_fn(ctx->worker_private, 1); /* worker body */ - } else { - /* checks if there is a pending notification */ - mtx_lock(&nmk->worker_lock); - if (likely(nmk->scheduled != old_scheduled)) { - old_scheduled = nmk->scheduled; - mtx_unlock(&nmk->worker_lock); - - ctx->worker_fn(ctx->worker_private, 1); /* worker body */ - - continue; - } else if (nmk->run) { - /* wait on event with one second timeout */ - msleep((void *)(uintptr_t)ctx->cfg.wchan, &nmk->worker_lock, - 0, "nmk_ev", hz); - nmk->scheduled++; - } - mtx_unlock(&nmk->worker_lock); - } + /* Continuously execute worker process. */ + ctx->worker_fn(ctx->worker_private); /* worker body */ } kthread_exit(); @@ -1284,11 +1223,6 @@ nm_os_kctx_create(struct nm_kctx_cfg *cfg, void *opaque) /* attach kthread to user process (ptnetmap) */ nmk->attach_user = cfg->attach_user; - /* store kick/interrupt configuration */ - if (opaque) { - nmk->worker_ctx.cfg = *((struct ptnetmap_cfgentry_bhyve *)opaque); - } - return nmk; } @@ -1298,9 +1232,13 @@ nm_os_kctx_worker_start(struct nm_kctx *nmk) struct proc *p = NULL; int error = 0; - if (nmk->worker) { + /* Temporarily disable this function as it is currently broken + * and causes kernel crashes. The failure can be triggered by + * the "vale_polling_enable_disable" test in ctrl-api-test.c. */ + return EOPNOTSUPP; + + if (nmk->worker) return EBUSY; - } /* check if we want to attach kthread to user process */ if (nmk->attach_user) { @@ -1329,15 +1267,14 @@ err: void nm_os_kctx_worker_stop(struct nm_kctx *nmk) { - if (!nmk->worker) { + if (!nmk->worker) return; - } + /* tell to kthread to exit from main loop */ nmk->run = 0; /* wake up kthread if it sleeps */ kthread_resume(nmk->worker); - nm_os_kctx_worker_wakeup(nmk); nmk->worker = NULL; } @@ -1347,11 +1284,9 @@ nm_os_kctx_destroy(struct nm_kctx *nmk) { if (!nmk) return; - if (nmk->worker) { - nm_os_kctx_worker_stop(nmk); - } - memset(&nmk->worker_ctx.cfg, 0, sizeof(nmk->worker_ctx.cfg)); + if (nmk->worker) + nm_os_kctx_worker_stop(nmk); free(nmk, M_DEVBUF); } @@ -1549,6 +1484,7 @@ out: void nm_os_onattach(struct ifnet *ifp) { + ifp->if_capabilities |= IFCAP_NETMAP; } void diff --git a/sys/dev/netmap/netmap_generic.c b/sys/dev/netmap/netmap_generic.c index e1e40f68b2dc..dd90734b9458 100644 --- a/sys/dev/netmap/netmap_generic.c +++ b/sys/dev/netmap/netmap_generic.c @@ -81,7 +81,6 @@ __FBSDID("$FreeBSD$"); #include <net/if_var.h> #include <machine/bus.h> /* bus_dmamap_* in netmap_kern.h */ -// XXX temporary - D() defined here #include <net/netmap.h> #include <dev/netmap/netmap_kern.h> #include <dev/netmap/netmap_mem2.h> @@ -179,7 +178,7 @@ static void rate_callback(unsigned long arg) r = mod_timer(&ctx->timer, jiffies + msecs_to_jiffies(RATE_PERIOD * 1000)); if (unlikely(r)) - D("[v1000] Error: mod_timer()"); + nm_prerr("mod_timer() failed"); } static struct rate_context rate_ctx; @@ -240,14 +239,14 @@ generic_netmap_unregister(struct netmap_adapter *na) for_each_rx_kring_h(r, kring, na) { if (nm_kring_pending_off(kring)) { - D("Emulated adapter: ring '%s' deactivated", kring->name); + nm_prinf("Emulated adapter: ring '%s' deactivated", kring->name); kring->nr_mode = NKR_NETMAP_OFF; } } for_each_tx_kring_h(r, kring, na) { if (nm_kring_pending_off(kring)) { kring->nr_mode = NKR_NETMAP_OFF; - D("Emulated adapter: ring '%s' deactivated", kring->name); + nm_prinf("Emulated adapter: ring '%s' deactivated", kring->name); } } @@ -300,11 +299,11 @@ generic_netmap_unregister(struct netmap_adapter *na) #ifdef RATE_GENERIC if (--rate_ctx.refcount == 0) { - D("del_timer()"); + nm_prinf("del_timer()"); del_timer(&rate_ctx.timer); } #endif - D("Emulated adapter for %s deactivated", na->name); + nm_prinf("Emulated adapter for %s deactivated", na->name); } return 0; @@ -329,14 +328,14 @@ generic_netmap_register(struct netmap_adapter *na, int enable) } if (na->active_fds == 0) { - D("Emulated adapter for %s activated", na->name); + nm_prinf("Emulated adapter for %s activated", na->name); /* Do all memory allocations when (na->active_fds == 0), to * simplify error management. */ /* Allocate memory for mitigation support on all the rx queues. */ gna->mit = nm_os_malloc(na->num_rx_rings * sizeof(struct nm_generic_mit)); if (!gna->mit) { - D("mitigation allocation failed"); + nm_prerr("mitigation allocation failed"); error = ENOMEM; goto out; } @@ -363,7 +362,7 @@ generic_netmap_register(struct netmap_adapter *na, int enable) kring->tx_pool = nm_os_malloc(na->num_tx_desc * sizeof(struct mbuf *)); if (!kring->tx_pool) { - D("tx_pool allocation failed"); + nm_prerr("tx_pool allocation failed"); error = ENOMEM; goto free_tx_pools; } @@ -374,14 +373,14 @@ generic_netmap_register(struct netmap_adapter *na, int enable) for_each_rx_kring_h(r, kring, na) { if (nm_kring_pending_on(kring)) { - D("Emulated adapter: ring '%s' activated", kring->name); + nm_prinf("Emulated adapter: ring '%s' activated", kring->name); kring->nr_mode = NKR_NETMAP_ON; } } for_each_tx_kring_h(r, kring, na) { if (nm_kring_pending_on(kring)) { - D("Emulated adapter: ring '%s' activated", kring->name); + nm_prinf("Emulated adapter: ring '%s' activated", kring->name); kring->nr_mode = NKR_NETMAP_ON; } } @@ -399,14 +398,14 @@ generic_netmap_register(struct netmap_adapter *na, int enable) /* Prepare to intercept incoming traffic. */ error = nm_os_catch_rx(gna, 1); if (error) { - D("nm_os_catch_rx(1) failed (%d)", error); + nm_prerr("nm_os_catch_rx(1) failed (%d)", error); goto free_tx_pools; } /* Let netmap control the packet steering. */ error = nm_os_catch_tx(gna, 1); if (error) { - D("nm_os_catch_tx(1) failed (%d)", error); + nm_prerr("nm_os_catch_tx(1) failed (%d)", error); goto catch_rx; } @@ -414,11 +413,11 @@ generic_netmap_register(struct netmap_adapter *na, int enable) #ifdef RATE_GENERIC if (rate_ctx.refcount == 0) { - D("setup_timer()"); + nm_prinf("setup_timer()"); memset(&rate_ctx, 0, sizeof(rate_ctx)); setup_timer(&rate_ctx.timer, &rate_callback, (unsigned long)&rate_ctx); if (mod_timer(&rate_ctx.timer, jiffies + msecs_to_jiffies(1500))) { - D("Error: mod_timer()"); + nm_prerr("Error: mod_timer()"); } } rate_ctx.refcount++; @@ -462,7 +461,7 @@ generic_mbuf_destructor(struct mbuf *m) unsigned int r_orig = r; if (unlikely(!nm_netmap_on(na) || r >= na->num_tx_rings)) { - D("Error: no netmap adapter on device %p", + nm_prerr("Error: no netmap adapter on device %p", GEN_TX_MBUF_IFP(m)); return; } @@ -488,7 +487,7 @@ generic_mbuf_destructor(struct mbuf *m) if (match) { if (r != r_orig) { - RD(1, "event %p migrated: ring %u --> %u", + nm_prlim(1, "event %p migrated: ring %u --> %u", m, r_orig, r); } break; @@ -497,7 +496,7 @@ generic_mbuf_destructor(struct mbuf *m) if (++r == na->num_tx_rings) r = 0; if (r == r_orig) { - RD(1, "Cannot match event %p", m); + nm_prlim(1, "Cannot match event %p", m); return; } } @@ -528,7 +527,7 @@ generic_netmap_tx_clean(struct netmap_kring *kring, int txqdisc) u_int n = 0; struct mbuf **tx_pool = kring->tx_pool; - ND("hwcur = %d, hwtail = %d", kring->nr_hwcur, kring->nr_hwtail); + nm_prdis("hwcur = %d, hwtail = %d", kring->nr_hwcur, kring->nr_hwtail); while (nm_i != hwcur) { /* buffers not completed */ struct mbuf *m = tx_pool[nm_i]; @@ -537,7 +536,7 @@ generic_netmap_tx_clean(struct netmap_kring *kring, int txqdisc) if (m == NULL) { /* Nothing to do, this is going * to be replenished. */ - RD(3, "Is this happening?"); + nm_prlim(3, "Is this happening?"); } else if (MBUF_QUEUED(m)) { break; /* Not dequeued yet. */ @@ -576,7 +575,7 @@ generic_netmap_tx_clean(struct netmap_kring *kring, int txqdisc) nm_i = nm_next(nm_i, lim); } kring->nr_hwtail = nm_prev(nm_i, lim); - ND("tx completed [%d] -> hwtail %d", n, kring->nr_hwtail); + nm_prdis("tx completed [%d] -> hwtail %d", n, kring->nr_hwtail); return n; } @@ -598,7 +597,7 @@ ring_middle(u_int inf, u_int sup, u_int lim) } if (unlikely(e >= n)) { - D("This cannot happen"); + nm_prerr("This cannot happen"); e = 0; } @@ -654,7 +653,7 @@ generic_set_tx_event(struct netmap_kring *kring, u_int hwcur) kring->tx_pool[e] = NULL; - ND(5, "Request Event at %d mbuf %p refcnt %d", e, m, m ? MBUF_REFCNT(m) : -2 ); + nm_prdis("Request Event at %d mbuf %p refcnt %d", e, m, m ? MBUF_REFCNT(m) : -2 ); /* Decrement the refcount. This will free it if we lose the race * with the driver. */ @@ -699,7 +698,7 @@ generic_netmap_txsync(struct netmap_kring *kring, int flags) * but only when cur == hwtail, which means that the * client is going to block. */ event = ring_middle(nm_i, head, lim); - ND(3, "Place txqdisc event (hwcur=%u,event=%u," + nm_prdis("Place txqdisc event (hwcur=%u,event=%u," "head=%u,hwtail=%u)", nm_i, event, head, kring->nr_hwtail); } @@ -725,7 +724,7 @@ generic_netmap_txsync(struct netmap_kring *kring, int flags) kring->tx_pool[nm_i] = m = nm_os_get_mbuf(ifp, NETMAP_BUF_SIZE(na)); if (m == NULL) { - RD(2, "Failed to replenish mbuf"); + nm_prlim(2, "Failed to replenish mbuf"); /* Here we could schedule a timer which * retries to replenish after a while, * and notifies the client when it @@ -854,7 +853,7 @@ generic_rx_handler(struct ifnet *ifp, struct mbuf *m) /* This may happen when GRO/LRO features are enabled for * the NIC driver when the generic adapter does not * support RX scatter-gather. */ - RD(2, "Warning: driver pushed up big packet " + nm_prlim(2, "Warning: driver pushed up big packet " "(size=%d)", (int)MBUF_LEN(m)); m_freem(m); } else if (unlikely(mbq_len(&kring->rx_queue) > 1024)) { @@ -1048,7 +1047,7 @@ generic_netmap_dtor(struct netmap_adapter *na) */ netmap_adapter_put(prev_na); } - D("Native netmap adapter %p restored", prev_na); + nm_prinf("Native netmap adapter %p restored", prev_na); } NM_RESTORE_NA(ifp, prev_na); /* @@ -1056,7 +1055,7 @@ generic_netmap_dtor(struct netmap_adapter *na) * overrides WNA(ifp) if na->ifp is not NULL. */ na->ifp = NULL; - D("Emulated netmap adapter for %s destroyed", na->name); + nm_prinf("Emulated netmap adapter for %s destroyed", na->name); } int @@ -1086,7 +1085,7 @@ generic_netmap_attach(struct ifnet *ifp) #ifdef __FreeBSD__ if (ifp->if_type == IFT_LOOP) { - D("if_loop is not supported by %s", __func__); + nm_prerr("if_loop is not supported by %s", __func__); return EINVAL; } #endif @@ -1096,26 +1095,25 @@ generic_netmap_attach(struct ifnet *ifp) * adapter it means that someone else is using the same * pointer (e.g. ax25_ptr on linux). This happens for * instance when also PF_RING is in use. */ - D("Error: netmap adapter hook is busy"); + nm_prerr("Error: netmap adapter hook is busy"); return EBUSY; } num_tx_desc = num_rx_desc = netmap_generic_ringsize; /* starting point */ nm_os_generic_find_num_desc(ifp, &num_tx_desc, &num_rx_desc); /* ignore errors */ - ND("Netmap ring size: TX = %d, RX = %d", num_tx_desc, num_rx_desc); if (num_tx_desc == 0 || num_rx_desc == 0) { - D("Device has no hw slots (tx %u, rx %u)", num_tx_desc, num_rx_desc); + nm_prerr("Device has no hw slots (tx %u, rx %u)", num_tx_desc, num_rx_desc); return EINVAL; } gna = nm_os_malloc(sizeof(*gna)); if (gna == NULL) { - D("no memory on attach, give up"); + nm_prerr("no memory on attach, give up"); return ENOMEM; } na = (struct netmap_adapter *)gna; - strncpy(na->name, ifp->if_xname, sizeof(na->name)); + strlcpy(na->name, ifp->if_xname, sizeof(na->name)); na->ifp = ifp; na->num_tx_desc = num_tx_desc; na->num_rx_desc = num_rx_desc; @@ -1129,10 +1127,10 @@ generic_netmap_attach(struct ifnet *ifp) */ na->na_flags = NAF_SKIP_INTR | NAF_HOST_RINGS; - ND("[GNA] num_tx_queues(%d), real_num_tx_queues(%d), len(%lu)", + nm_prdis("[GNA] num_tx_queues(%d), real_num_tx_queues(%d), len(%lu)", ifp->num_tx_queues, ifp->real_num_tx_queues, ifp->tx_queue_len); - ND("[GNA] num_rx_queues(%d), real_num_rx_queues(%d)", + nm_prdis("[GNA] num_rx_queues(%d), real_num_rx_queues(%d)", ifp->num_rx_queues, ifp->real_num_rx_queues); nm_os_generic_find_num_queues(ifp, &na->num_tx_rings, &na->num_rx_rings); @@ -1151,7 +1149,7 @@ generic_netmap_attach(struct ifnet *ifp) nm_os_generic_set_features(gna); - D("Emulated adapter for %s created (prev was %p)", na->name, gna->prev); + nm_prinf("Emulated adapter for %s created (prev was %p)", na->name, gna->prev); return retval; } diff --git a/sys/dev/netmap/netmap_kern.h b/sys/dev/netmap/netmap_kern.h index 4abd16b6d17f..5f21f586c46b 100644 --- a/sys/dev/netmap/netmap_kern.h +++ b/sys/dev/netmap/netmap_kern.h @@ -54,30 +54,31 @@ #if defined(CONFIG_NETMAP_GENERIC) #define WITH_GENERIC #endif -#if defined(CONFIG_NETMAP_PTNETMAP_GUEST) -#define WITH_PTNETMAP_GUEST -#endif -#if defined(CONFIG_NETMAP_PTNETMAP_HOST) -#define WITH_PTNETMAP_HOST +#if defined(CONFIG_NETMAP_PTNETMAP) +#define WITH_PTNETMAP #endif #if defined(CONFIG_NETMAP_SINK) #define WITH_SINK #endif +#if defined(CONFIG_NETMAP_NULL) +#define WITH_NMNULL +#endif #elif defined (_WIN32) #define WITH_VALE // comment out to disable VALE support #define WITH_PIPES #define WITH_MONITOR #define WITH_GENERIC +#define WITH_NMNULL #else /* neither linux nor windows */ #define WITH_VALE // comment out to disable VALE support #define WITH_PIPES #define WITH_MONITOR #define WITH_GENERIC -#define WITH_PTNETMAP_HOST /* ptnetmap host support */ -#define WITH_PTNETMAP_GUEST /* ptnetmap guest support */ +#define WITH_PTNETMAP /* ptnetmap guest support */ #define WITH_EXTMEM +#define WITH_NMNULL #endif #if defined(__FreeBSD__) @@ -239,28 +240,39 @@ typedef struct hrtimer{ #define NMG_LOCK_ASSERT() NM_MTX_ASSERT(netmap_global_lock) #if defined(__FreeBSD__) -#define nm_prerr printf -#define nm_prinf printf +#define nm_prerr_int printf +#define nm_prinf_int printf #elif defined (_WIN32) -#define nm_prerr DbgPrint -#define nm_prinf DbgPrint +#define nm_prerr_int DbgPrint +#define nm_prinf_int DbgPrint #elif defined(linux) -#define nm_prerr(fmt, arg...) printk(KERN_ERR fmt, ##arg) -#define nm_prinf(fmt, arg...) printk(KERN_INFO fmt, ##arg) +#define nm_prerr_int(fmt, arg...) printk(KERN_ERR fmt, ##arg) +#define nm_prinf_int(fmt, arg...) printk(KERN_INFO fmt, ##arg) #endif -#define ND(format, ...) -#define D(format, ...) \ +#define nm_prinf(format, ...) \ + do { \ + struct timeval __xxts; \ + microtime(&__xxts); \ + nm_prinf_int("%03d.%06d [%4d] %-25s " format "\n",\ + (int)__xxts.tv_sec % 1000, (int)__xxts.tv_usec, \ + __LINE__, __FUNCTION__, ##__VA_ARGS__); \ + } while (0) + +#define nm_prerr(format, ...) \ do { \ struct timeval __xxts; \ microtime(&__xxts); \ - nm_prerr("%03d.%06d [%4d] %-25s " format "\n", \ + nm_prerr_int("%03d.%06d [%4d] %-25s " format "\n",\ (int)__xxts.tv_sec % 1000, (int)__xxts.tv_usec, \ __LINE__, __FUNCTION__, ##__VA_ARGS__); \ } while (0) -/* rate limited, lps indicates how many per second */ -#define RD(lps, format, ...) \ +/* Disabled printf (used to be ND). */ +#define nm_prdis(format, ...) + +/* Rate limited, lps indicates how many per second. */ +#define nm_prlim(lps, format, ...) \ do { \ static int t0, __cnt; \ if (t0 != time_second) { \ @@ -268,9 +280,14 @@ typedef struct hrtimer{ __cnt = 0; \ } \ if (__cnt++ < lps) \ - D(format, ##__VA_ARGS__); \ + nm_prinf(format, ##__VA_ARGS__); \ } while (0) +/* Old macros. */ +#define ND nm_prdis +#define D nm_prerr +#define RD nm_prlim + struct netmap_adapter; struct nm_bdg_fwd; struct nm_bridge; @@ -700,7 +717,7 @@ struct netmap_adapter { */ #define NAF_HOST_RINGS 64 /* the adapter supports the host rings */ #define NAF_FORCE_NATIVE 128 /* the adapter is always NATIVE */ -#define NAF_PTNETMAP_HOST 256 /* the adapter supports ptnetmap in the host */ +/* free */ #define NAF_MOREFRAG 512 /* the adapter supports NS_MOREFRAG */ #define NAF_ZOMBIE (1U<<30) /* the nic driver has been unloaded */ #define NAF_BUSY (1U<<31) /* the adapter is used internally and @@ -718,9 +735,9 @@ struct netmap_adapter { u_int num_tx_desc; /* number of descriptor in each queue */ u_int num_rx_desc; - /* tx_rings and rx_rings are private but allocated - * as a contiguous chunk of memory. Each array has - * N+1 entries, for the adapter queues and for the host queue. + /* tx_rings and rx_rings are private but allocated as a + * contiguous chunk of memory. Each array has N+K entries, + * N for the hardware rings and K for the host rings. */ struct netmap_kring **tx_rings; /* array of TX rings. */ struct netmap_kring **rx_rings; /* array of RX rings. */ @@ -1080,12 +1097,12 @@ struct netmap_bwrap_adapter { */ struct netmap_vp_adapter *saved_na_vp; }; -int nm_bdg_ctl_attach(struct nmreq_header *hdr, void *auth_token); -int nm_bdg_ctl_detach(struct nmreq_header *hdr, void *auth_token); int nm_bdg_polling(struct nmreq_header *hdr); -int netmap_bdg_list(struct nmreq_header *hdr); #ifdef WITH_VALE +int netmap_vale_attach(struct nmreq_header *hdr, void *auth_token); +int netmap_vale_detach(struct nmreq_header *hdr, void *auth_token); +int netmap_vale_list(struct nmreq_header *hdr); int netmap_vi_create(struct nmreq_header *hdr, int); int nm_vi_create(struct nmreq_header *); int nm_vi_destroy(const char *name); @@ -1115,6 +1132,12 @@ struct netmap_pipe_adapter { #endif /* WITH_PIPES */ +#ifdef WITH_NMNULL +struct netmap_null_adapter { + struct netmap_adapter up; +}; +#endif /* WITH_NMNULL */ + /* return slots reserved to rx clients; used in drivers */ static inline uint32_t @@ -1442,51 +1465,8 @@ void netmap_unget_na(struct netmap_adapter *na, struct ifnet *ifp); int netmap_get_hw_na(struct ifnet *ifp, struct netmap_mem_d *nmd, struct netmap_adapter **na); - -/* - * The following bridge-related functions are used by other - * kernel modules. - * - * VALE only supports unicast or broadcast. The lookup - * function can return 0 .. NM_BDG_MAXPORTS-1 for regular ports, - * NM_BDG_MAXPORTS for broadcast, NM_BDG_MAXPORTS+1 to indicate - * drop. - */ -typedef uint32_t (*bdg_lookup_fn_t)(struct nm_bdg_fwd *ft, uint8_t *ring_nr, - struct netmap_vp_adapter *, void *private_data); -typedef int (*bdg_config_fn_t)(struct nm_ifreq *); -typedef void (*bdg_dtor_fn_t)(const struct netmap_vp_adapter *); -typedef void *(*bdg_update_private_data_fn_t)(void *private_data, void *callback_data, int *error); -typedef int (*bdg_vp_create_fn_t)(struct nmreq_header *hdr, - struct ifnet *ifp, struct netmap_mem_d *nmd, - struct netmap_vp_adapter **ret); -typedef int (*bdg_bwrap_attach_fn_t)(const char *nr_name, struct netmap_adapter *hwna); -struct netmap_bdg_ops { - bdg_lookup_fn_t lookup; - bdg_config_fn_t config; - bdg_dtor_fn_t dtor; - bdg_vp_create_fn_t vp_create; - bdg_bwrap_attach_fn_t bwrap_attach; - char name[IFNAMSIZ]; -}; -int netmap_bwrap_attach(const char *name, struct netmap_adapter *, struct netmap_bdg_ops *); -int netmap_bdg_regops(const char *name, struct netmap_bdg_ops *bdg_ops, void *private_data, void *auth_token); - -#define NM_BRIDGES 8 /* number of bridges */ -#define NM_BDG_MAXPORTS 254 /* up to 254 */ -#define NM_BDG_BROADCAST NM_BDG_MAXPORTS -#define NM_BDG_NOPORT (NM_BDG_MAXPORTS+1) - -struct nm_bridge *netmap_init_bridges2(u_int); -void netmap_uninit_bridges2(struct nm_bridge *, u_int); -int netmap_init_bridges(void); -void netmap_uninit_bridges(void); -int nm_bdg_update_private_data(const char *name, bdg_update_private_data_fn_t callback, - void *callback_data, void *auth_token); -int netmap_bdg_config(struct nm_ifreq *nifr); - #ifdef WITH_VALE -uint32_t netmap_bdg_learning(struct nm_bdg_fwd *ft, uint8_t *dst_ring, +uint32_t netmap_vale_learning(struct nm_bdg_fwd *ft, uint8_t *dst_ring, struct netmap_vp_adapter *, void *private_data); /* these are redefined in case of no VALE support */ @@ -1525,11 +1505,20 @@ void netmap_monitor_stop(struct netmap_adapter *na); (((struct nmreq_register *)(uintptr_t)hdr->nr_body)->nr_flags & (NR_MONITOR_TX | NR_MONITOR_RX) ? EOPNOTSUPP : 0) #endif +#ifdef WITH_NMNULL +int netmap_get_null_na(struct nmreq_header *hdr, struct netmap_adapter **na, + struct netmap_mem_d *nmd, int create); +#else /* !WITH_NMNULL */ +#define netmap_get_null_na(hdr, _2, _3, _4) \ + (((struct nmreq_register *)(uintptr_t)hdr->nr_body)->nr_flags & (NR_MONITOR_TX | NR_MONITOR_RX) ? EOPNOTSUPP : 0) +#endif /* WITH_NMNULL */ + #ifdef CONFIG_NET_NS struct net *netmap_bns_get(void); void netmap_bns_put(struct net *); void netmap_bns_getbridges(struct nm_bridge **, u_int *); #else +extern struct nm_bridge *nm_bridges; #define netmap_bns_get() #define netmap_bns_put(_1) #define netmap_bns_getbridges(b, n) \ @@ -1591,16 +1580,24 @@ int netmap_adapter_put(struct netmap_adapter *na); #define NETMAP_BUF_SIZE(_na) ((_na)->na_lut.objsize) extern int netmap_no_pendintr; extern int netmap_mitigate; -extern int netmap_verbose; /* for debugging */ -enum { /* verbose flags */ - NM_VERB_ON = 1, /* generic verbose */ - NM_VERB_HOST = 0x2, /* verbose host stack */ - NM_VERB_RXSYNC = 0x10, /* verbose on rxsync/txsync */ - NM_VERB_TXSYNC = 0x20, - NM_VERB_RXINTR = 0x100, /* verbose on rx/tx intr (driver) */ - NM_VERB_TXINTR = 0x200, - NM_VERB_NIC_RXSYNC = 0x1000, /* verbose on rx/tx intr (driver) */ - NM_VERB_NIC_TXSYNC = 0x2000, +extern int netmap_verbose; +#ifdef CONFIG_NETMAP_DEBUG +extern int netmap_debug; /* for debugging */ +#else /* !CONFIG_NETMAP_DEBUG */ +#define netmap_debug (0) +#endif /* !CONFIG_NETMAP_DEBUG */ +enum { /* debug flags */ + NM_DEBUG_ON = 1, /* generic debug messsages */ + NM_DEBUG_HOST = 0x2, /* debug host stack */ + NM_DEBUG_RXSYNC = 0x10, /* debug on rxsync/txsync */ + NM_DEBUG_TXSYNC = 0x20, + NM_DEBUG_RXINTR = 0x100, /* debug on rx/tx intr (driver) */ + NM_DEBUG_TXINTR = 0x200, + NM_DEBUG_NIC_RXSYNC = 0x1000, /* debug on rx/tx intr (driver) */ + NM_DEBUG_NIC_TXSYNC = 0x2000, + NM_DEBUG_MEM = 0x4000, /* verbose memory allocations/deallocations */ + NM_DEBUG_VALE = 0x8000, /* debug messages from memory allocators */ + NM_DEBUG_BDG = NM_DEBUG_VALE, }; extern int netmap_txsync_retry; @@ -1612,7 +1609,6 @@ extern int netmap_generic_rings; #ifdef linux extern int netmap_generic_txqdisc; #endif -extern int ptnetmap_tx_workers; /* * NA returns a pointer to the struct netmap adapter from the ifp. @@ -1809,6 +1805,11 @@ static inline int netmap_idx_n2k(struct netmap_kring *kr, int idx) { int n = kr->nkr_num_slots; + + if (likely(kr->nkr_hwofs == 0)) { + return idx; + } + idx += kr->nkr_hwofs; if (idx < 0) return idx + n; @@ -1823,6 +1824,11 @@ static inline int netmap_idx_k2n(struct netmap_kring *kr, int idx) { int n = kr->nkr_num_slots; + + if (likely(kr->nkr_hwofs == 0)) { + return idx; + } + idx -= kr->nkr_hwofs; if (idx < 0) return idx + n; @@ -1911,6 +1917,9 @@ struct netmap_priv_d { u_int np_qfirst[NR_TXRX], np_qlast[NR_TXRX]; /* range of tx/rx rings to scan */ uint16_t np_txpoll; + uint16_t np_kloop_state; /* use with NMG_LOCK held */ +#define NM_SYNC_KLOOP_RUNNING (1 << 0) +#define NM_SYNC_KLOOP_STOPPING (1 << 1) int np_sync_flags; /* to be passed to nm_sync */ int np_refs; /* use with NMG_LOCK held */ @@ -1920,7 +1929,26 @@ struct netmap_priv_d { * number of rings. */ NM_SELINFO_T *np_si[NR_TXRX]; + + /* In the optional CSB mode, the user must specify the start address + * of two arrays of Communication Status Block (CSB) entries, for the + * two directions (kernel read application write, and kernel write + * application read). + * The number of entries must agree with the number of rings bound to + * the netmap file descriptor. The entries corresponding to the TX + * rings are laid out before the ones corresponding to the RX rings. + * + * Array of CSB entries for application --> kernel communication + * (N entries). */ + struct nm_csb_atok *np_csb_atok_base; + /* Array of CSB entries for kernel --> application communication + * (N entries). */ + struct nm_csb_ktoa *np_csb_ktoa_base; + struct thread *np_td; /* kqueue, just debugging */ +#ifdef linux + struct file *np_filp; /* used by sync kloop */ +#endif /* linux */ }; struct netmap_priv_d *netmap_priv_new(void); @@ -1943,6 +1971,14 @@ static inline int nm_kring_pending(struct netmap_priv_d *np) return 0; } +/* call with NMG_LOCK held */ +static __inline int +nm_si_user(struct netmap_priv_d *priv, enum txrx t) +{ + return (priv->np_na != NULL && + (priv->np_qlast[t] - priv->np_qfirst[t] > 1)); +} + #ifdef WITH_PIPES int netmap_pipe_txsync(struct netmap_kring *txkring, int flags); int netmap_pipe_rxsync(struct netmap_kring *rxkring, int flags); @@ -2143,17 +2179,14 @@ void nm_os_vi_init_index(void); * kernel thread routines */ struct nm_kctx; /* OS-specific kernel context - opaque */ -typedef void (*nm_kctx_worker_fn_t)(void *data, int is_kthread); -typedef void (*nm_kctx_notify_fn_t)(void *data); +typedef void (*nm_kctx_worker_fn_t)(void *data); /* kthread configuration */ struct nm_kctx_cfg { long type; /* kthread type/identifier */ nm_kctx_worker_fn_t worker_fn; /* worker function */ void *worker_private;/* worker parameter */ - nm_kctx_notify_fn_t notify_fn; /* notify function */ int attach_user; /* attach kthread to user process */ - int use_kthread; /* use a kthread for the context */ }; /* kthread configuration */ struct nm_kctx *nm_os_kctx_create(struct nm_kctx_cfg *cfg, @@ -2161,47 +2194,24 @@ struct nm_kctx *nm_os_kctx_create(struct nm_kctx_cfg *cfg, int nm_os_kctx_worker_start(struct nm_kctx *); void nm_os_kctx_worker_stop(struct nm_kctx *); void nm_os_kctx_destroy(struct nm_kctx *); -void nm_os_kctx_worker_wakeup(struct nm_kctx *nmk); -void nm_os_kctx_send_irq(struct nm_kctx *); void nm_os_kctx_worker_setaff(struct nm_kctx *, int); u_int nm_os_ncpus(void); -#ifdef WITH_PTNETMAP_HOST -/* - * netmap adapter for host ptnetmap ports - */ -struct netmap_pt_host_adapter { - struct netmap_adapter up; +int netmap_sync_kloop(struct netmap_priv_d *priv, + struct nmreq_header *hdr); +int netmap_sync_kloop_stop(struct netmap_priv_d *priv); - /* the passed-through adapter */ - struct netmap_adapter *parent; - /* parent->na_flags, saved at NETMAP_PT_HOST_CREATE time, - * and restored at NETMAP_PT_HOST_DELETE time */ - uint32_t parent_na_flags; +#ifdef WITH_PTNETMAP +/* ptnetmap guest routines */ - int (*parent_nm_notify)(struct netmap_kring *kring, int flags); - void *ptns; -}; - -/* ptnetmap host-side routines */ -int netmap_get_pt_host_na(struct nmreq_header *hdr, struct netmap_adapter **na, - struct netmap_mem_d * nmd, int create); -int ptnetmap_ctl(const char *nr_name, int create, struct netmap_adapter *na); - -static inline int -nm_ptnetmap_host_on(struct netmap_adapter *na) -{ - return na && na->na_flags & NAF_PTNETMAP_HOST; -} -#else /* !WITH_PTNETMAP_HOST */ -#define netmap_get_pt_host_na(hdr, _2, _3, _4) \ - (((struct nmreq_register *)(uintptr_t)hdr->nr_body)->nr_flags & (NR_PTNETMAP_HOST) ? EOPNOTSUPP : 0) -#define ptnetmap_ctl(_1, _2, _3) EINVAL -#define nm_ptnetmap_host_on(_1) EINVAL -#endif /* !WITH_PTNETMAP_HOST */ - -#ifdef WITH_PTNETMAP_GUEST -/* ptnetmap GUEST routines */ +/* + * ptnetmap_memdev routines used to talk with ptnetmap_memdev device driver + */ +struct ptnetmap_memdev; +int nm_os_pt_memdev_iomap(struct ptnetmap_memdev *, vm_paddr_t *, void **, + uint64_t *); +void nm_os_pt_memdev_iounmap(struct ptnetmap_memdev *); +uint32_t nm_os_pt_memdev_ioread(struct ptnetmap_memdev *, unsigned int); /* * netmap adapter for guest ptnetmap ports @@ -2218,26 +2228,83 @@ struct netmap_pt_guest_adapter { * network stack and netmap clients. * Used to decide when we need (de)allocate krings/rings and * start (stop) ptnetmap kthreads. */ - int backend_regifs; + int backend_users; }; int netmap_pt_guest_attach(struct netmap_adapter *na, unsigned int nifp_offset, unsigned int memid); -struct ptnet_csb_gh; -struct ptnet_csb_hg; -bool netmap_pt_guest_txsync(struct ptnet_csb_gh *ptgh, - struct ptnet_csb_hg *pthg, - struct netmap_kring *kring, - int flags); -bool netmap_pt_guest_rxsync(struct ptnet_csb_gh *ptgh, - struct ptnet_csb_hg *pthg, +bool netmap_pt_guest_txsync(struct nm_csb_atok *atok, + struct nm_csb_ktoa *ktoa, + struct netmap_kring *kring, int flags); +bool netmap_pt_guest_rxsync(struct nm_csb_atok *atok, + struct nm_csb_ktoa *ktoa, struct netmap_kring *kring, int flags); int ptnet_nm_krings_create(struct netmap_adapter *na); void ptnet_nm_krings_delete(struct netmap_adapter *na); void ptnet_nm_dtor(struct netmap_adapter *na); -#endif /* WITH_PTNETMAP_GUEST */ + +/* Guest driver: Write kring pointers (cur, head) to the CSB. + * This routine is coupled with ptnetmap_host_read_kring_csb(). */ +static inline void +ptnetmap_guest_write_kring_csb(struct nm_csb_atok *atok, uint32_t cur, + uint32_t head) +{ + /* + * We need to write cur and head to the CSB but we cannot do it atomically. + * There is no way we can prevent the host from reading the updated value + * of one of the two and the old value of the other. However, if we make + * sure that the host never reads a value of head more recent than the + * value of cur we are safe. We can allow the host to read a value of cur + * more recent than the value of head, since in the netmap ring cur can be + * ahead of head and cur cannot wrap around head because it must be behind + * tail. Inverting the order of writes below could instead result into the + * host to think head went ahead of cur, which would cause the sync + * prologue to fail. + * + * The following memory barrier scheme is used to make this happen: + * + * Guest Host + * + * STORE(cur) LOAD(head) + * mb() <-----------> mb() + * STORE(head) LOAD(cur) + */ + atok->cur = cur; + nm_stst_barrier(); + atok->head = head; +} + +/* Guest driver: Read kring pointers (hwcur, hwtail) from the CSB. + * This routine is coupled with ptnetmap_host_write_kring_csb(). */ +static inline void +ptnetmap_guest_read_kring_csb(struct nm_csb_ktoa *ktoa, + struct netmap_kring *kring) +{ + /* + * We place a memory barrier to make sure that the update of hwtail never + * overtakes the update of hwcur. + * (see explanation in ptnetmap_host_write_kring_csb). + */ + kring->nr_hwtail = ktoa->hwtail; + nm_stst_barrier(); + kring->nr_hwcur = ktoa->hwcur; +} + +/* Helper function wrapping ptnetmap_guest_read_kring_csb(). */ +static inline void +ptnet_sync_tail(struct nm_csb_ktoa *ktoa, struct netmap_kring *kring) +{ + struct netmap_ring *ring = kring->ring; + + /* Update hwcur and hwtail as known by the host. */ + ptnetmap_guest_read_kring_csb(ktoa, kring); + + /* nm_sync_finalize */ + ring->tail = kring->rtail = kring->nr_hwtail; +} +#endif /* WITH_PTNETMAP */ #ifdef __FreeBSD__ /* @@ -2355,4 +2422,16 @@ nm_os_get_mbuf(struct ifnet *ifp, int len) struct nmreq_option * nmreq_findoption(struct nmreq_option *, uint16_t); int nmreq_checkduplicate(struct nmreq_option *); +int netmap_init_bridges(void); +void netmap_uninit_bridges(void); + +/* Functions to read and write CSB fields from the kernel. */ +#if defined (linux) +#define CSB_READ(csb, field, r) (get_user(r, &csb->field)) +#define CSB_WRITE(csb, field, v) (put_user(v, &csb->field)) +#else /* ! linux */ +#define CSB_READ(csb, field, r) (r = fuword32(&csb->field)) +#define CSB_WRITE(csb, field, v) (suword32(&csb->field, v)) +#endif /* ! linux */ + #endif /* _NET_NETMAP_KERN_H_ */ diff --git a/sys/dev/netmap/netmap_kloop.c b/sys/dev/netmap/netmap_kloop.c new file mode 100644 index 000000000000..a2fe52387f53 --- /dev/null +++ b/sys/dev/netmap/netmap_kloop.c @@ -0,0 +1,916 @@ +/* + * Copyright (C) 2016-2018 Vincenzo Maffione + * Copyright (C) 2015 Stefano Garzarella + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + */ + +/* + * common headers + */ +#if defined(__FreeBSD__) +#include <sys/cdefs.h> +#include <sys/param.h> +#include <sys/kernel.h> +#include <sys/types.h> +#include <sys/selinfo.h> +#include <sys/socket.h> +#include <net/if.h> +#include <net/if_var.h> +#include <machine/bus.h> + +#define usleep_range(_1, _2) \ + pause_sbt("sync-kloop-sleep", SBT_1US * _1, SBT_1US * 1, C_ABSOLUTE) + +#elif defined(linux) +#include <bsd_glue.h> +#include <linux/file.h> +#include <linux/eventfd.h> +#endif + +#include <net/netmap.h> +#include <dev/netmap/netmap_kern.h> +#include <net/netmap_virt.h> +#include <dev/netmap/netmap_mem2.h> + +/* Support for eventfd-based notifications. */ +#if defined(linux) +#define SYNC_KLOOP_POLL +#endif + +/* Write kring pointers (hwcur, hwtail) to the CSB. + * This routine is coupled with ptnetmap_guest_read_kring_csb(). */ +static inline void +sync_kloop_kernel_write(struct nm_csb_ktoa __user *ptr, uint32_t hwcur, + uint32_t hwtail) +{ + /* + * The same scheme used in ptnetmap_guest_write_kring_csb() applies here. + * We allow the application to read a value of hwcur more recent than the value + * of hwtail, since this would anyway result in a consistent view of the + * ring state (and hwcur can never wraparound hwtail, since hwcur must be + * behind head). + * + * The following memory barrier scheme is used to make this happen: + * + * Application Kernel + * + * STORE(hwcur) LOAD(hwtail) + * mb() <-------------> mb() + * STORE(hwtail) LOAD(hwcur) + */ + CSB_WRITE(ptr, hwcur, hwcur); + nm_stst_barrier(); + CSB_WRITE(ptr, hwtail, hwtail); +} + +/* Read kring pointers (head, cur, sync_flags) from the CSB. + * This routine is coupled with ptnetmap_guest_write_kring_csb(). */ +static inline void +sync_kloop_kernel_read(struct nm_csb_atok __user *ptr, + struct netmap_ring *shadow_ring, + uint32_t num_slots) +{ + /* + * We place a memory barrier to make sure that the update of head never + * overtakes the update of cur. + * (see explanation in ptnetmap_guest_write_kring_csb). + */ + CSB_READ(ptr, head, shadow_ring->head); + nm_stst_barrier(); + CSB_READ(ptr, cur, shadow_ring->cur); + CSB_READ(ptr, sync_flags, shadow_ring->flags); +} + +/* Enable or disable application --> kernel kicks. */ +static inline void +csb_ktoa_kick_enable(struct nm_csb_ktoa __user *csb_ktoa, uint32_t val) +{ + CSB_WRITE(csb_ktoa, kern_need_kick, val); +} + +/* Are application interrupt enabled or disabled? */ +static inline uint32_t +csb_atok_intr_enabled(struct nm_csb_atok __user *csb_atok) +{ + uint32_t v; + + CSB_READ(csb_atok, appl_need_kick, v); + + return v; +} + +static inline void +sync_kloop_kring_dump(const char *title, const struct netmap_kring *kring) +{ + nm_prinf("%s - name: %s hwcur: %d hwtail: %d " + "rhead: %d rcur: %d rtail: %d", + title, kring->name, kring->nr_hwcur, kring->nr_hwtail, + kring->rhead, kring->rcur, kring->rtail); +} + +struct sync_kloop_ring_args { + struct netmap_kring *kring; + struct nm_csb_atok *csb_atok; + struct nm_csb_ktoa *csb_ktoa; +#ifdef SYNC_KLOOP_POLL + struct eventfd_ctx *irq_ctx; +#endif /* SYNC_KLOOP_POLL */ +}; + +static void +netmap_sync_kloop_tx_ring(const struct sync_kloop_ring_args *a) +{ + struct netmap_kring *kring = a->kring; + struct nm_csb_atok *csb_atok = a->csb_atok; + struct nm_csb_ktoa *csb_ktoa = a->csb_ktoa; + struct netmap_ring shadow_ring; /* shadow copy of the netmap_ring */ + bool more_txspace = false; + uint32_t num_slots; + int batch; + + num_slots = kring->nkr_num_slots; + + /* Disable application --> kernel notifications. */ + csb_ktoa_kick_enable(csb_ktoa, 0); + /* Copy the application kring pointers from the CSB */ + sync_kloop_kernel_read(csb_atok, &shadow_ring, num_slots); + + for (;;) { + batch = shadow_ring.head - kring->nr_hwcur; + if (batch < 0) + batch += num_slots; + +#ifdef PTN_TX_BATCH_LIM + if (batch > PTN_TX_BATCH_LIM(num_slots)) { + /* If application moves ahead too fast, let's cut the move so + * that we don't exceed our batch limit. */ + uint32_t head_lim = kring->nr_hwcur + PTN_TX_BATCH_LIM(num_slots); + + if (head_lim >= num_slots) + head_lim -= num_slots; + nm_prdis(1, "batch: %d head: %d head_lim: %d", batch, shadow_ring.head, + head_lim); + shadow_ring.head = head_lim; + batch = PTN_TX_BATCH_LIM(num_slots); + } +#endif /* PTN_TX_BATCH_LIM */ + + if (nm_kr_txspace(kring) <= (num_slots >> 1)) { + shadow_ring.flags |= NAF_FORCE_RECLAIM; + } + + /* Netmap prologue */ + shadow_ring.tail = kring->rtail; + if (unlikely(nm_txsync_prologue(kring, &shadow_ring) >= num_slots)) { + /* Reinit ring and enable notifications. */ + netmap_ring_reinit(kring); + csb_ktoa_kick_enable(csb_ktoa, 1); + break; + } + + if (unlikely(netmap_debug & NM_DEBUG_TXSYNC)) { + sync_kloop_kring_dump("pre txsync", kring); + } + + if (unlikely(kring->nm_sync(kring, shadow_ring.flags))) { + /* Reenable notifications. */ + csb_ktoa_kick_enable(csb_ktoa, 1); + nm_prerr("txsync() failed"); + break; + } + + /* + * Finalize + * Copy kernel hwcur and hwtail into the CSB for the application sync(), and + * do the nm_sync_finalize. + */ + sync_kloop_kernel_write(csb_ktoa, kring->nr_hwcur, + kring->nr_hwtail); + if (kring->rtail != kring->nr_hwtail) { + /* Some more room available in the parent adapter. */ + kring->rtail = kring->nr_hwtail; + more_txspace = true; + } + + if (unlikely(netmap_debug & NM_DEBUG_TXSYNC)) { + sync_kloop_kring_dump("post txsync", kring); + } + + /* Interrupt the application if needed. */ +#ifdef SYNC_KLOOP_POLL + if (a->irq_ctx && more_txspace && csb_atok_intr_enabled(csb_atok)) { + /* Disable application kick to avoid sending unnecessary kicks */ + eventfd_signal(a->irq_ctx, 1); + more_txspace = false; + } +#endif /* SYNC_KLOOP_POLL */ + + /* Read CSB to see if there is more work to do. */ + sync_kloop_kernel_read(csb_atok, &shadow_ring, num_slots); + if (shadow_ring.head == kring->rhead) { + /* + * No more packets to transmit. We enable notifications and + * go to sleep, waiting for a kick from the application when new + * new slots are ready for transmission. + */ + /* Reenable notifications. */ + csb_ktoa_kick_enable(csb_ktoa, 1); + /* Doublecheck. */ + sync_kloop_kernel_read(csb_atok, &shadow_ring, num_slots); + if (shadow_ring.head != kring->rhead) { + /* We won the race condition, there are more packets to + * transmit. Disable notifications and do another cycle */ + csb_ktoa_kick_enable(csb_ktoa, 0); + continue; + } + break; + } + + if (nm_kr_txempty(kring)) { + /* No more available TX slots. We stop waiting for a notification + * from the backend (netmap_tx_irq). */ + nm_prdis(1, "TX ring"); + break; + } + } + +#ifdef SYNC_KLOOP_POLL + if (a->irq_ctx && more_txspace && csb_atok_intr_enabled(csb_atok)) { + eventfd_signal(a->irq_ctx, 1); + } +#endif /* SYNC_KLOOP_POLL */ +} + +/* RX cycle without receive any packets */ +#define SYNC_LOOP_RX_DRY_CYCLES_MAX 2 + +static inline int +sync_kloop_norxslots(struct netmap_kring *kring, uint32_t g_head) +{ + return (NM_ACCESS_ONCE(kring->nr_hwtail) == nm_prev(g_head, + kring->nkr_num_slots - 1)); +} + +static void +netmap_sync_kloop_rx_ring(const struct sync_kloop_ring_args *a) +{ + + struct netmap_kring *kring = a->kring; + struct nm_csb_atok *csb_atok = a->csb_atok; + struct nm_csb_ktoa *csb_ktoa = a->csb_ktoa; + struct netmap_ring shadow_ring; /* shadow copy of the netmap_ring */ + int dry_cycles = 0; + bool some_recvd = false; + uint32_t num_slots; + + num_slots = kring->nkr_num_slots; + + /* Get RX csb_atok and csb_ktoa pointers from the CSB. */ + num_slots = kring->nkr_num_slots; + + /* Disable notifications. */ + csb_ktoa_kick_enable(csb_ktoa, 0); + /* Copy the application kring pointers from the CSB */ + sync_kloop_kernel_read(csb_atok, &shadow_ring, num_slots); + + for (;;) { + uint32_t hwtail; + + /* Netmap prologue */ + shadow_ring.tail = kring->rtail; + if (unlikely(nm_rxsync_prologue(kring, &shadow_ring) >= num_slots)) { + /* Reinit ring and enable notifications. */ + netmap_ring_reinit(kring); + csb_ktoa_kick_enable(csb_ktoa, 1); + break; + } + + if (unlikely(netmap_debug & NM_DEBUG_RXSYNC)) { + sync_kloop_kring_dump("pre rxsync", kring); + } + + if (unlikely(kring->nm_sync(kring, shadow_ring.flags))) { + /* Reenable notifications. */ + csb_ktoa_kick_enable(csb_ktoa, 1); + nm_prerr("rxsync() failed"); + break; + } + + /* + * Finalize + * Copy kernel hwcur and hwtail into the CSB for the application sync() + */ + hwtail = NM_ACCESS_ONCE(kring->nr_hwtail); + sync_kloop_kernel_write(csb_ktoa, kring->nr_hwcur, hwtail); + if (kring->rtail != hwtail) { + kring->rtail = hwtail; + some_recvd = true; + dry_cycles = 0; + } else { + dry_cycles++; + } + + if (unlikely(netmap_debug & NM_DEBUG_RXSYNC)) { + sync_kloop_kring_dump("post rxsync", kring); + } + +#ifdef SYNC_KLOOP_POLL + /* Interrupt the application if needed. */ + if (a->irq_ctx && some_recvd && csb_atok_intr_enabled(csb_atok)) { + /* Disable application kick to avoid sending unnecessary kicks */ + eventfd_signal(a->irq_ctx, 1); + some_recvd = false; + } +#endif /* SYNC_KLOOP_POLL */ + + /* Read CSB to see if there is more work to do. */ + sync_kloop_kernel_read(csb_atok, &shadow_ring, num_slots); + if (sync_kloop_norxslots(kring, shadow_ring.head)) { + /* + * No more slots available for reception. We enable notification and + * go to sleep, waiting for a kick from the application when new receive + * slots are available. + */ + /* Reenable notifications. */ + csb_ktoa_kick_enable(csb_ktoa, 1); + /* Doublecheck. */ + sync_kloop_kernel_read(csb_atok, &shadow_ring, num_slots); + if (!sync_kloop_norxslots(kring, shadow_ring.head)) { + /* We won the race condition, more slots are available. Disable + * notifications and do another cycle. */ + csb_ktoa_kick_enable(csb_ktoa, 0); + continue; + } + break; + } + + hwtail = NM_ACCESS_ONCE(kring->nr_hwtail); + if (unlikely(hwtail == kring->rhead || + dry_cycles >= SYNC_LOOP_RX_DRY_CYCLES_MAX)) { + /* No more packets to be read from the backend. We stop and + * wait for a notification from the backend (netmap_rx_irq). */ + nm_prdis(1, "nr_hwtail: %d rhead: %d dry_cycles: %d", + hwtail, kring->rhead, dry_cycles); + break; + } + } + + nm_kr_put(kring); + +#ifdef SYNC_KLOOP_POLL + /* Interrupt the application if needed. */ + if (a->irq_ctx && some_recvd && csb_atok_intr_enabled(csb_atok)) { + eventfd_signal(a->irq_ctx, 1); + } +#endif /* SYNC_KLOOP_POLL */ +} + +#ifdef SYNC_KLOOP_POLL +struct sync_kloop_poll_entry { + /* Support for receiving notifications from + * a netmap ring or from the application. */ + struct file *filp; + wait_queue_t wait; + wait_queue_head_t *wqh; + + /* Support for sending notifications to the application. */ + struct eventfd_ctx *irq_ctx; + struct file *irq_filp; +}; + +struct sync_kloop_poll_ctx { + poll_table wait_table; + unsigned int next_entry; + unsigned int num_entries; + struct sync_kloop_poll_entry entries[0]; +}; + +static void +sync_kloop_poll_table_queue_proc(struct file *file, wait_queue_head_t *wqh, + poll_table *pt) +{ + struct sync_kloop_poll_ctx *poll_ctx = + container_of(pt, struct sync_kloop_poll_ctx, wait_table); + struct sync_kloop_poll_entry *entry = poll_ctx->entries + + poll_ctx->next_entry; + + BUG_ON(poll_ctx->next_entry >= poll_ctx->num_entries); + entry->wqh = wqh; + entry->filp = file; + /* Use the default wake up function. */ + init_waitqueue_entry(&entry->wait, current); + add_wait_queue(wqh, &entry->wait); + poll_ctx->next_entry++; +} +#endif /* SYNC_KLOOP_POLL */ + +int +netmap_sync_kloop(struct netmap_priv_d *priv, struct nmreq_header *hdr) +{ + struct nmreq_sync_kloop_start *req = + (struct nmreq_sync_kloop_start *)(uintptr_t)hdr->nr_body; + struct nmreq_opt_sync_kloop_eventfds *eventfds_opt = NULL; +#ifdef SYNC_KLOOP_POLL + struct sync_kloop_poll_ctx *poll_ctx = NULL; +#endif /* SYNC_KLOOP_POLL */ + int num_rx_rings, num_tx_rings, num_rings; + uint32_t sleep_us = req->sleep_us; + struct nm_csb_atok* csb_atok_base; + struct nm_csb_ktoa* csb_ktoa_base; + struct netmap_adapter *na; + struct nmreq_option *opt; + int err = 0; + int i; + + if (sleep_us > 1000000) { + /* We do not accept sleeping for more than a second. */ + return EINVAL; + } + + if (priv->np_nifp == NULL) { + return ENXIO; + } + mb(); /* make sure following reads are not from cache */ + + na = priv->np_na; + if (!nm_netmap_on(na)) { + return ENXIO; + } + + NMG_LOCK(); + /* Make sure the application is working in CSB mode. */ + if (!priv->np_csb_atok_base || !priv->np_csb_ktoa_base) { + NMG_UNLOCK(); + nm_prerr("sync-kloop on %s requires " + "NETMAP_REQ_OPT_CSB option", na->name); + return EINVAL; + } + + csb_atok_base = priv->np_csb_atok_base; + csb_ktoa_base = priv->np_csb_ktoa_base; + + /* Make sure that no kloop is currently running. */ + if (priv->np_kloop_state & NM_SYNC_KLOOP_RUNNING) { + err = EBUSY; + } + priv->np_kloop_state |= NM_SYNC_KLOOP_RUNNING; + NMG_UNLOCK(); + if (err) { + return err; + } + + num_rx_rings = priv->np_qlast[NR_RX] - priv->np_qfirst[NR_RX]; + num_tx_rings = priv->np_qlast[NR_TX] - priv->np_qfirst[NR_TX]; + num_rings = num_tx_rings + num_rx_rings; + + /* Validate notification options. */ + opt = nmreq_findoption((struct nmreq_option *)(uintptr_t)hdr->nr_options, + NETMAP_REQ_OPT_SYNC_KLOOP_EVENTFDS); + if (opt != NULL) { + err = nmreq_checkduplicate(opt); + if (err) { + opt->nro_status = err; + goto out; + } + if (opt->nro_size != sizeof(*eventfds_opt) + + sizeof(eventfds_opt->eventfds[0]) * num_rings) { + /* Option size not consistent with the number of + * entries. */ + opt->nro_status = err = EINVAL; + goto out; + } +#ifdef SYNC_KLOOP_POLL + eventfds_opt = (struct nmreq_opt_sync_kloop_eventfds *)opt; + opt->nro_status = 0; + /* We need 2 poll entries for TX and RX notifications coming + * from the netmap adapter, plus one entries per ring for the + * notifications coming from the application. */ + poll_ctx = nm_os_malloc(sizeof(*poll_ctx) + + (2 + num_rings) * sizeof(poll_ctx->entries[0])); + init_poll_funcptr(&poll_ctx->wait_table, + sync_kloop_poll_table_queue_proc); + poll_ctx->num_entries = 2 + num_rings; + poll_ctx->next_entry = 0; + /* Poll for notifications coming from the applications through + * eventfds . */ + for (i = 0; i < num_rings; i++) { + struct eventfd_ctx *irq; + struct file *filp; + unsigned long mask; + + filp = eventfd_fget(eventfds_opt->eventfds[i].ioeventfd); + if (IS_ERR(filp)) { + err = PTR_ERR(filp); + goto out; + } + mask = filp->f_op->poll(filp, &poll_ctx->wait_table); + if (mask & POLLERR) { + err = EINVAL; + goto out; + } + + filp = eventfd_fget(eventfds_opt->eventfds[i].irqfd); + if (IS_ERR(filp)) { + err = PTR_ERR(filp); + goto out; + } + poll_ctx->entries[i].irq_filp = filp; + irq = eventfd_ctx_fileget(filp); + if (IS_ERR(irq)) { + err = PTR_ERR(irq); + goto out; + } + poll_ctx->entries[i].irq_ctx = irq; + } + /* Poll for notifications coming from the netmap rings bound to + * this file descriptor. */ + { + NM_SELINFO_T *si[NR_TXRX]; + + NMG_LOCK(); + si[NR_RX] = nm_si_user(priv, NR_RX) ? &na->si[NR_RX] : + &na->rx_rings[priv->np_qfirst[NR_RX]]->si; + si[NR_TX] = nm_si_user(priv, NR_TX) ? &na->si[NR_TX] : + &na->tx_rings[priv->np_qfirst[NR_TX]]->si; + NMG_UNLOCK(); + poll_wait(priv->np_filp, si[NR_RX], &poll_ctx->wait_table); + poll_wait(priv->np_filp, si[NR_TX], &poll_ctx->wait_table); + } +#else /* SYNC_KLOOP_POLL */ + opt->nro_status = EOPNOTSUPP; + goto out; +#endif /* SYNC_KLOOP_POLL */ + } + + /* Main loop. */ + for (;;) { + if (unlikely(NM_ACCESS_ONCE(priv->np_kloop_state) & NM_SYNC_KLOOP_STOPPING)) { + break; + } + +#ifdef SYNC_KLOOP_POLL + if (poll_ctx) + __set_current_state(TASK_INTERRUPTIBLE); +#endif /* SYNC_KLOOP_POLL */ + + /* Process all the TX rings bound to this file descriptor. */ + for (i = 0; i < num_tx_rings; i++) { + struct sync_kloop_ring_args a = { + .kring = NMR(na, NR_TX)[i + priv->np_qfirst[NR_TX]], + .csb_atok = csb_atok_base + i, + .csb_ktoa = csb_ktoa_base + i, + }; + +#ifdef SYNC_KLOOP_POLL + if (poll_ctx) + a.irq_ctx = poll_ctx->entries[i].irq_ctx; +#endif /* SYNC_KLOOP_POLL */ + if (unlikely(nm_kr_tryget(a.kring, 1, NULL))) { + continue; + } + netmap_sync_kloop_tx_ring(&a); + nm_kr_put(a.kring); + } + + /* Process all the RX rings bound to this file descriptor. */ + for (i = 0; i < num_rx_rings; i++) { + struct sync_kloop_ring_args a = { + .kring = NMR(na, NR_RX)[i + priv->np_qfirst[NR_RX]], + .csb_atok = csb_atok_base + num_tx_rings + i, + .csb_ktoa = csb_ktoa_base + num_tx_rings + i, + }; + +#ifdef SYNC_KLOOP_POLL + if (poll_ctx) + a.irq_ctx = poll_ctx->entries[num_tx_rings + i].irq_ctx; +#endif /* SYNC_KLOOP_POLL */ + + if (unlikely(nm_kr_tryget(a.kring, 1, NULL))) { + continue; + } + netmap_sync_kloop_rx_ring(&a); + nm_kr_put(a.kring); + } + +#ifdef SYNC_KLOOP_POLL + if (poll_ctx) { + /* If a poll context is present, yield to the scheduler + * waiting for a notification to come either from + * netmap or the application. */ + schedule_timeout_interruptible(msecs_to_jiffies(1000)); + } else +#endif /* SYNC_KLOOP_POLL */ + { + /* Default synchronization method: sleep for a while. */ + usleep_range(sleep_us, sleep_us); + } + } +out: +#ifdef SYNC_KLOOP_POLL + if (poll_ctx) { + /* Stop polling from netmap and the eventfds, and deallocate + * the poll context. */ + __set_current_state(TASK_RUNNING); + for (i = 0; i < poll_ctx->next_entry; i++) { + struct sync_kloop_poll_entry *entry = + poll_ctx->entries + i; + + if (entry->wqh) + remove_wait_queue(entry->wqh, &entry->wait); + /* We did not get a reference to the eventfds, but + * don't do that on netmap file descriptors (since + * a reference was not taken. */ + if (entry->filp && entry->filp != priv->np_filp) + fput(entry->filp); + if (entry->irq_ctx) + eventfd_ctx_put(entry->irq_ctx); + if (entry->irq_filp) + fput(entry->irq_filp); + } + nm_os_free(poll_ctx); + poll_ctx = NULL; + } +#endif /* SYNC_KLOOP_POLL */ + + /* Reset the kloop state. */ + NMG_LOCK(); + priv->np_kloop_state = 0; + NMG_UNLOCK(); + + return err; +} + +int +netmap_sync_kloop_stop(struct netmap_priv_d *priv) +{ + bool running = true; + int err = 0; + + NMG_LOCK(); + priv->np_kloop_state |= NM_SYNC_KLOOP_STOPPING; + NMG_UNLOCK(); + while (running) { + usleep_range(1000, 1500); + NMG_LOCK(); + running = (NM_ACCESS_ONCE(priv->np_kloop_state) + & NM_SYNC_KLOOP_RUNNING); + NMG_UNLOCK(); + } + + return err; +} + +#ifdef WITH_PTNETMAP +/* + * Guest ptnetmap txsync()/rxsync() routines, used in ptnet device drivers. + * These routines are reused across the different operating systems supported + * by netmap. + */ + +/* + * Reconcile host and guest views of the transmit ring. + * + * Guest user wants to transmit packets up to the one before ring->head, + * and guest kernel knows tx_ring->hwcur is the first packet unsent + * by the host kernel. + * + * We push out as many packets as possible, and possibly + * reclaim buffers from previously completed transmission. + * + * Notifications from the host are enabled only if the user guest would + * block (no space in the ring). + */ +bool +netmap_pt_guest_txsync(struct nm_csb_atok *atok, struct nm_csb_ktoa *ktoa, + struct netmap_kring *kring, int flags) +{ + bool notify = false; + + /* Disable notifications */ + atok->appl_need_kick = 0; + + /* + * First part: tell the host (updating the CSB) to process the new + * packets. + */ + kring->nr_hwcur = ktoa->hwcur; + ptnetmap_guest_write_kring_csb(atok, kring->rcur, kring->rhead); + + /* Ask for a kick from a guest to the host if needed. */ + if (((kring->rhead != kring->nr_hwcur || nm_kr_txempty(kring)) + && NM_ACCESS_ONCE(ktoa->kern_need_kick)) || + (flags & NAF_FORCE_RECLAIM)) { + atok->sync_flags = flags; + notify = true; + } + + /* + * Second part: reclaim buffers for completed transmissions. + */ + if (nm_kr_txempty(kring) || (flags & NAF_FORCE_RECLAIM)) { + ptnetmap_guest_read_kring_csb(ktoa, kring); + } + + /* + * No more room in the ring for new transmissions. The user thread will + * go to sleep and we need to be notified by the host when more free + * space is available. + */ + if (nm_kr_txempty(kring) && !(kring->nr_kflags & NKR_NOINTR)) { + /* Reenable notifications. */ + atok->appl_need_kick = 1; + /* Double check */ + ptnetmap_guest_read_kring_csb(ktoa, kring); + /* If there is new free space, disable notifications */ + if (unlikely(!nm_kr_txempty(kring))) { + atok->appl_need_kick = 0; + } + } + + nm_prdis(1, "%s CSB(head:%u cur:%u hwtail:%u) KRING(head:%u cur:%u tail:%u)", + kring->name, atok->head, atok->cur, ktoa->hwtail, + kring->rhead, kring->rcur, kring->nr_hwtail); + + return notify; +} + +/* + * Reconcile host and guest view of the receive ring. + * + * Update hwcur/hwtail from host (reading from CSB). + * + * If guest user has released buffers up to the one before ring->head, we + * also give them to the host. + * + * Notifications from the host are enabled only if the user guest would + * block (no more completed slots in the ring). + */ +bool +netmap_pt_guest_rxsync(struct nm_csb_atok *atok, struct nm_csb_ktoa *ktoa, + struct netmap_kring *kring, int flags) +{ + bool notify = false; + + /* Disable notifications */ + atok->appl_need_kick = 0; + + /* + * First part: import newly received packets, by updating the kring + * hwtail to the hwtail known from the host (read from the CSB). + * This also updates the kring hwcur. + */ + ptnetmap_guest_read_kring_csb(ktoa, kring); + kring->nr_kflags &= ~NKR_PENDINTR; + + /* + * Second part: tell the host about the slots that guest user has + * released, by updating cur and head in the CSB. + */ + if (kring->rhead != kring->nr_hwcur) { + ptnetmap_guest_write_kring_csb(atok, kring->rcur, + kring->rhead); + /* Ask for a kick from the guest to the host if needed. */ + if (NM_ACCESS_ONCE(ktoa->kern_need_kick)) { + atok->sync_flags = flags; + notify = true; + } + } + + /* + * No more completed RX slots. The user thread will go to sleep and + * we need to be notified by the host when more RX slots have been + * completed. + */ + if (nm_kr_rxempty(kring) && !(kring->nr_kflags & NKR_NOINTR)) { + /* Reenable notifications. */ + atok->appl_need_kick = 1; + /* Double check */ + ptnetmap_guest_read_kring_csb(ktoa, kring); + /* If there are new slots, disable notifications. */ + if (!nm_kr_rxempty(kring)) { + atok->appl_need_kick = 0; + } + } + + nm_prdis(1, "%s CSB(head:%u cur:%u hwtail:%u) KRING(head:%u cur:%u tail:%u)", + kring->name, atok->head, atok->cur, ktoa->hwtail, + kring->rhead, kring->rcur, kring->nr_hwtail); + + return notify; +} + +/* + * Callbacks for ptnet drivers: nm_krings_create, nm_krings_delete, nm_dtor. + */ +int +ptnet_nm_krings_create(struct netmap_adapter *na) +{ + struct netmap_pt_guest_adapter *ptna = + (struct netmap_pt_guest_adapter *)na; /* Upcast. */ + struct netmap_adapter *na_nm = &ptna->hwup.up; + struct netmap_adapter *na_dr = &ptna->dr.up; + int ret; + + if (ptna->backend_users) { + return 0; + } + + /* Create krings on the public netmap adapter. */ + ret = netmap_hw_krings_create(na_nm); + if (ret) { + return ret; + } + + /* Copy krings into the netmap adapter private to the driver. */ + na_dr->tx_rings = na_nm->tx_rings; + na_dr->rx_rings = na_nm->rx_rings; + + return 0; +} + +void +ptnet_nm_krings_delete(struct netmap_adapter *na) +{ + struct netmap_pt_guest_adapter *ptna = + (struct netmap_pt_guest_adapter *)na; /* Upcast. */ + struct netmap_adapter *na_nm = &ptna->hwup.up; + struct netmap_adapter *na_dr = &ptna->dr.up; + + if (ptna->backend_users) { + return; + } + + na_dr->tx_rings = NULL; + na_dr->rx_rings = NULL; + + netmap_hw_krings_delete(na_nm); +} + +void +ptnet_nm_dtor(struct netmap_adapter *na) +{ + struct netmap_pt_guest_adapter *ptna = + (struct netmap_pt_guest_adapter *)na; + + netmap_mem_put(ptna->dr.up.nm_mem); + memset(&ptna->dr, 0, sizeof(ptna->dr)); + netmap_mem_pt_guest_ifp_del(na->nm_mem, na->ifp); +} + +int +netmap_pt_guest_attach(struct netmap_adapter *arg, + unsigned int nifp_offset, unsigned int memid) +{ + struct netmap_pt_guest_adapter *ptna; + struct ifnet *ifp = arg ? arg->ifp : NULL; + int error; + + /* get allocator */ + arg->nm_mem = netmap_mem_pt_guest_new(ifp, nifp_offset, memid); + if (arg->nm_mem == NULL) + return ENOMEM; + arg->na_flags |= NAF_MEM_OWNER; + error = netmap_attach_ext(arg, sizeof(struct netmap_pt_guest_adapter), 1); + if (error) + return error; + + /* get the netmap_pt_guest_adapter */ + ptna = (struct netmap_pt_guest_adapter *) NA(ifp); + + /* Initialize a separate pass-through netmap adapter that is going to + * be used by the ptnet driver only, and so never exposed to netmap + * applications. We only need a subset of the available fields. */ + memset(&ptna->dr, 0, sizeof(ptna->dr)); + ptna->dr.up.ifp = ifp; + ptna->dr.up.nm_mem = netmap_mem_get(ptna->hwup.up.nm_mem); + ptna->dr.up.nm_config = ptna->hwup.up.nm_config; + + ptna->backend_users = 0; + + return 0; +} + +#endif /* WITH_PTNETMAP */ diff --git a/sys/dev/netmap/netmap_legacy.c b/sys/dev/netmap/netmap_legacy.c index e7311ca91065..9159c1bce4c8 100644 --- a/sys/dev/netmap/netmap_legacy.c +++ b/sys/dev/netmap/netmap_legacy.c @@ -56,6 +56,7 @@ */ #include <net/netmap.h> #include <dev/netmap/netmap_kern.h> +#include <dev/netmap/netmap_bdg.h> static int nmreq_register_from_legacy(struct nmreq *nmr, struct nmreq_header *hdr, @@ -80,10 +81,11 @@ nmreq_register_from_legacy(struct nmreq *nmr, struct nmreq_header *hdr, } else { regmode = NR_REG_ALL_NIC; } - nmr->nr_flags = regmode | - (nmr->nr_flags & (~NR_REG_MASK)); + req->nr_mode = regmode; + } else { + req->nr_mode = nmr->nr_flags & NR_REG_MASK; } - req->nr_mode = nmr->nr_flags & NR_REG_MASK; + /* Fix nr_name, nr_mode and nr_ringid to handle pipe requests. */ if (req->nr_mode == NR_REG_PIPE_MASTER || req->nr_mode == NR_REG_PIPE_SLAVE) { @@ -131,7 +133,7 @@ nmreq_from_legacy(struct nmreq *nmr, u_long ioctl_cmd) /* First prepare the request header. */ hdr->nr_version = NETMAP_API; /* new API */ - strncpy(hdr->nr_name, nmr->nr_name, sizeof(nmr->nr_name)); + strlcpy(hdr->nr_name, nmr->nr_name, sizeof(nmr->nr_name)); hdr->nr_options = (uintptr_t)NULL; hdr->nr_body = (uintptr_t)NULL; @@ -221,7 +223,7 @@ nmreq_from_legacy(struct nmreq *nmr, u_long ioctl_cmd) } case NETMAP_PT_HOST_CREATE: case NETMAP_PT_HOST_DELETE: { - D("Netmap passthrough not supported yet"); + nm_prerr("Netmap passthrough not supported yet"); return NULL; break; } @@ -242,7 +244,6 @@ nmreq_from_legacy(struct nmreq *nmr, u_long ioctl_cmd) if (!req) { goto oom; } hdr->nr_body = (uintptr_t)req; hdr->nr_reqtype = NETMAP_REQ_PORT_INFO_GET; - req->nr_offset = nmr->nr_offset; req->nr_memsize = nmr->nr_memsize; req->nr_tx_slots = nmr->nr_tx_slots; req->nr_rx_slots = nmr->nr_rx_slots; @@ -262,7 +263,7 @@ oom: } nm_os_free(hdr); } - D("Failed to allocate memory for nmreq_xyz struct"); + nm_prerr("Failed to allocate memory for nmreq_xyz struct"); return NULL; } @@ -300,7 +301,6 @@ nmreq_to_legacy(struct nmreq_header *hdr, struct nmreq *nmr) case NETMAP_REQ_PORT_INFO_GET: { struct nmreq_port_info_get *req = (struct nmreq_port_info_get *)(uintptr_t)hdr->nr_body; - nmr->nr_offset = req->nr_offset; nmr->nr_memsize = req->nr_memsize; nmr->nr_tx_slots = req->nr_tx_slots; nmr->nr_rx_slots = req->nr_rx_slots; @@ -321,7 +321,7 @@ nmreq_to_legacy(struct nmreq_header *hdr, struct nmreq *nmr) case NETMAP_REQ_VALE_LIST: { struct nmreq_vale_list *req = (struct nmreq_vale_list *)(uintptr_t)hdr->nr_body; - strncpy(nmr->nr_name, hdr->nr_name, sizeof(nmr->nr_name)); + strlcpy(nmr->nr_name, hdr->nr_name, sizeof(nmr->nr_name)); nmr->nr_arg1 = req->nr_bridge_idx; nmr->nr_arg2 = req->nr_port_idx; break; diff --git a/sys/dev/netmap/netmap_mem2.c b/sys/dev/netmap/netmap_mem2.c index 803f30891c6b..f504525cee02 100644 --- a/sys/dev/netmap/netmap_mem2.c +++ b/sys/dev/netmap/netmap_mem2.c @@ -318,7 +318,7 @@ netmap_mem_get_id(struct netmap_mem_d *nmd) #ifdef NM_DEBUG_MEM_PUTGET #define NM_DBG_REFC(nmd, func, line) \ - nm_prinf("%s:%d mem[%d] -> %d\n", func, line, (nmd)->nm_id, (nmd)->refcount); + nm_prinf("%d mem[%d] -> %d", line, (nmd)->nm_id, (nmd)->refcount); #else #define NM_DBG_REFC(nmd, func, line) #endif @@ -397,15 +397,15 @@ netmap_init_obj_allocator_bitmap(struct netmap_obj_pool *p) if (p->bitmap == NULL) { /* Allocate the bitmap */ n = (p->objtotal + 31) / 32; - p->bitmap = nm_os_malloc(sizeof(uint32_t) * n); + p->bitmap = nm_os_malloc(sizeof(p->bitmap[0]) * n); if (p->bitmap == NULL) { - D("Unable to create bitmap (%d entries) for allocator '%s'", (int)n, + nm_prerr("Unable to create bitmap (%d entries) for allocator '%s'", (int)n, p->name); return ENOMEM; } p->bitmap_slots = n; } else { - memset(p->bitmap, 0, p->bitmap_slots); + memset(p->bitmap, 0, p->bitmap_slots * sizeof(p->bitmap[0])); } p->objfree = 0; @@ -416,16 +416,21 @@ netmap_init_obj_allocator_bitmap(struct netmap_obj_pool *p) */ for (j = 0; j < p->objtotal; j++) { if (p->invalid_bitmap && nm_isset(p->invalid_bitmap, j)) { - D("skipping %s %d", p->name, j); + if (netmap_debug & NM_DEBUG_MEM) + nm_prinf("skipping %s %d", p->name, j); continue; } p->bitmap[ (j>>5) ] |= ( 1U << (j & 31U) ); p->objfree++; } - ND("%s free %u", p->name, p->objfree); - if (p->objfree == 0) + if (netmap_verbose) + nm_prinf("%s free %u", p->name, p->objfree); + if (p->objfree == 0) { + if (netmap_verbose) + nm_prerr("%s: no objects available", p->name); return ENOMEM; + } return 0; } @@ -447,6 +452,7 @@ netmap_mem_init_bitmaps(struct netmap_mem_d *nmd) * buffers 0 and 1 are reserved */ if (nmd->pools[NETMAP_BUF_POOL].objfree < 2) { + nm_prerr("%s: not enough buffers", nmd->pools[NETMAP_BUF_POOL].name); return ENOMEM; } @@ -480,8 +486,10 @@ netmap_mem_deref(struct netmap_mem_d *nmd, struct netmap_adapter *na) nmd->ops->nmd_deref(nmd); nmd->active--; - if (!nmd->active) + if (last_user) { nmd->nm_grp = -1; + nmd->lasterr = 0; + } NMA_UNLOCK(nmd); return last_user; @@ -720,16 +728,20 @@ nm_mem_assign_group(struct netmap_mem_d *nmd, struct device *dev) { int err = 0, id; id = nm_iommu_group_id(dev); - if (netmap_verbose) - D("iommu_group %d", id); + if (netmap_debug & NM_DEBUG_MEM) + nm_prinf("iommu_group %d", id); NMA_LOCK(nmd); if (nmd->nm_grp < 0) nmd->nm_grp = id; - if (nmd->nm_grp != id) + if (nmd->nm_grp != id) { + if (netmap_verbose) + nm_prerr("iommu group mismatch: %u vs %u", + nmd->nm_grp, id); nmd->lasterr = err = ENOMEM; + } NMA_UNLOCK(nmd); return err; @@ -805,7 +817,7 @@ netmap_mem2_ofstophys(struct netmap_mem_d* nmd, vm_ooffset_t offset) return pa; } /* this is only in case of errors */ - D("invalid ofs 0x%x out of 0x%x 0x%x 0x%x", (u_int)o, + nm_prerr("invalid ofs 0x%x out of 0x%x 0x%x 0x%x", (u_int)o, p[NETMAP_IF_POOL].memtotal, p[NETMAP_IF_POOL].memtotal + p[NETMAP_RING_POOL].memtotal, @@ -854,13 +866,13 @@ win32_build_user_vm_map(struct netmap_mem_d* nmd) int i, j; if (netmap_mem_get_info(nmd, &memsize, &memflags, NULL)) { - D("memory not finalised yet"); + nm_prerr("memory not finalised yet"); return NULL; } mainMdl = IoAllocateMdl(NULL, memsize, FALSE, FALSE, NULL); if (mainMdl == NULL) { - D("failed to allocate mdl"); + nm_prerr("failed to allocate mdl"); return NULL; } @@ -876,7 +888,7 @@ win32_build_user_vm_map(struct netmap_mem_d* nmd) tempMdl = IoAllocateMdl(p->lut[0].vaddr, clsz, FALSE, FALSE, NULL); if (tempMdl == NULL) { NMA_UNLOCK(nmd); - D("fail to allocate tempMdl"); + nm_prerr("fail to allocate tempMdl"); IoFreeMdl(mainMdl); return NULL; } @@ -971,7 +983,7 @@ netmap_obj_offset(struct netmap_obj_pool *p, const void *vaddr) p->name, ofs, i, vaddr); return ofs; } - D("address %p is not contained inside any cluster (%s)", + nm_prerr("address %p is not contained inside any cluster (%s)", vaddr, p->name); return 0; /* An error occurred */ } @@ -1002,12 +1014,12 @@ netmap_obj_malloc(struct netmap_obj_pool *p, u_int len, uint32_t *start, uint32_ void *vaddr = NULL; if (len > p->_objsize) { - D("%s request size %d too large", p->name, len); + nm_prerr("%s request size %d too large", p->name, len); return NULL; } if (p->objfree == 0) { - D("no more %s objects", p->name); + nm_prerr("no more %s objects", p->name); return NULL; } if (start) @@ -1049,13 +1061,13 @@ netmap_obj_free(struct netmap_obj_pool *p, uint32_t j) uint32_t *ptr, mask; if (j >= p->objtotal) { - D("invalid index %u, max %u", j, p->objtotal); + nm_prerr("invalid index %u, max %u", j, p->objtotal); return 1; } ptr = &p->bitmap[j / 32]; mask = (1 << (j % 32)); if (*ptr & mask) { - D("ouch, double free on buffer %d", j); + nm_prerr("ouch, double free on buffer %d", j); return 1; } else { *ptr |= mask; @@ -1086,7 +1098,7 @@ netmap_obj_free_va(struct netmap_obj_pool *p, void *vaddr) netmap_obj_free(p, j); return; } - D("address %p is not contained inside any cluster (%s)", + nm_prerr("address %p is not contained inside any cluster (%s)", vaddr, p->name); } @@ -1127,7 +1139,7 @@ netmap_extra_alloc(struct netmap_adapter *na, uint32_t *head, uint32_t n) uint32_t cur = *head; /* save current head */ uint32_t *p = netmap_buf_malloc(nmd, &pos, head); if (p == NULL) { - D("no more buffers after %d of %d", i, n); + nm_prerr("no more buffers after %d of %d", i, n); *head = cur; /* restore */ break; } @@ -1158,9 +1170,9 @@ netmap_extra_free(struct netmap_adapter *na, uint32_t head) break; } if (head != 0) - D("breaking with head %d", head); - if (netmap_verbose) - D("freed %d buffers", i); + nm_prerr("breaking with head %d", head); + if (netmap_debug & NM_DEBUG_MEM) + nm_prinf("freed %d buffers", i); } @@ -1176,7 +1188,7 @@ netmap_new_bufs(struct netmap_mem_d *nmd, struct netmap_slot *slot, u_int n) for (i = 0; i < n; i++) { void *vaddr = netmap_buf_malloc(nmd, &pos, &index); if (vaddr == NULL) { - D("no more buffers after %d of %d", i, n); + nm_prerr("no more buffers after %d of %d", i, n); goto cleanup; } slot[i].buf_idx = index; @@ -1217,7 +1229,7 @@ netmap_free_buf(struct netmap_mem_d *nmd, uint32_t i) struct netmap_obj_pool *p = &nmd->pools[NETMAP_BUF_POOL]; if (i < 2 || i >= p->objtotal) { - D("Cannot free buf#%d: should be in [2, %d[", i, p->objtotal); + nm_prerr("Cannot free buf#%d: should be in [2, %d[", i, p->objtotal); return; } netmap_obj_free(p, i); @@ -1317,22 +1329,22 @@ netmap_config_obj_allocator(struct netmap_obj_pool *p, u_int objtotal, u_int obj #define LINE_ROUND NM_CACHE_ALIGN // 64 if (objsize >= MAX_CLUSTSIZE) { /* we could do it but there is no point */ - D("unsupported allocation for %d bytes", objsize); + nm_prerr("unsupported allocation for %d bytes", objsize); return EINVAL; } /* make sure objsize is a multiple of LINE_ROUND */ i = (objsize & (LINE_ROUND - 1)); if (i) { - D("XXX aligning object by %d bytes", LINE_ROUND - i); + nm_prinf("aligning object by %d bytes", LINE_ROUND - i); objsize += LINE_ROUND - i; } if (objsize < p->objminsize || objsize > p->objmaxsize) { - D("requested objsize %d out of range [%d, %d]", + nm_prerr("requested objsize %d out of range [%d, %d]", objsize, p->objminsize, p->objmaxsize); return EINVAL; } if (objtotal < p->nummin || objtotal > p->nummax) { - D("requested objtotal %d out of range [%d, %d]", + nm_prerr("requested objtotal %d out of range [%d, %d]", objtotal, p->nummin, p->nummax); return EINVAL; } @@ -1354,13 +1366,13 @@ netmap_config_obj_allocator(struct netmap_obj_pool *p, u_int objtotal, u_int obj } /* exact solution not found */ if (clustentries == 0) { - D("unsupported allocation for %d bytes", objsize); + nm_prerr("unsupported allocation for %d bytes", objsize); return EINVAL; } /* compute clustsize */ clustsize = clustentries * objsize; - if (netmap_verbose) - D("objsize %d clustsize %d objects %d", + if (netmap_debug & NM_DEBUG_MEM) + nm_prinf("objsize %d clustsize %d objects %d", objsize, clustsize, clustentries); /* @@ -1403,7 +1415,7 @@ netmap_finalize_obj_allocator(struct netmap_obj_pool *p) p->lut = nm_alloc_lut(p->objtotal); if (p->lut == NULL) { - D("Unable to create lookup table for '%s'", p->name); + nm_prerr("Unable to create lookup table for '%s'", p->name); goto clean; } @@ -1430,7 +1442,7 @@ netmap_finalize_obj_allocator(struct netmap_obj_pool *p) * If we get here, there is a severe memory shortage, * so halve the allocated memory to reclaim some. */ - D("Unable to create cluster at %d for '%s' allocator", + nm_prerr("Unable to create cluster at %d for '%s' allocator", i, p->name); if (i < 2) /* nothing to halve */ goto out; @@ -1466,7 +1478,7 @@ netmap_finalize_obj_allocator(struct netmap_obj_pool *p) } p->memtotal = p->numclusters * p->_clustsize; if (netmap_verbose) - D("Pre-allocated %d clusters (%d/%dKB) for '%s'", + nm_prinf("Pre-allocated %d clusters (%d/%dKB) for '%s'", p->numclusters, p->_clustsize >> 10, p->memtotal >> 10, p->name); @@ -1498,8 +1510,8 @@ netmap_mem_reset_all(struct netmap_mem_d *nmd) { int i; - if (netmap_verbose) - D("resetting %p", nmd); + if (netmap_debug & NM_DEBUG_MEM) + nm_prinf("resetting %p", nmd); for (i = 0; i < NETMAP_POOLS_NR; i++) { netmap_reset_obj_allocator(&nmd->pools[i]); } @@ -1525,7 +1537,7 @@ netmap_mem_unmap(struct netmap_obj_pool *p, struct netmap_adapter *na) (void)i; (void)lim; (void)lut; - D("unsupported on Windows"); + nm_prerr("unsupported on Windows"); #else /* linux */ ND("unmapping and freeing plut for %s", na->name); if (lut->plut == NULL) @@ -1561,7 +1573,7 @@ netmap_mem_map(struct netmap_obj_pool *p, struct netmap_adapter *na) (void)i; (void)lim; (void)lut; - D("unsupported on Windows"); + nm_prerr("unsupported on Windows"); #else /* linux */ if (lut->plut != NULL) { @@ -1572,7 +1584,7 @@ netmap_mem_map(struct netmap_obj_pool *p, struct netmap_adapter *na) ND("allocating physical lut for %s", na->name); lut->plut = nm_alloc_plut(lim); if (lut->plut == NULL) { - D("Failed to allocate physical lut for %s", na->name); + nm_prerr("Failed to allocate physical lut for %s", na->name); return ENOMEM; } @@ -1589,7 +1601,7 @@ netmap_mem_map(struct netmap_obj_pool *p, struct netmap_adapter *na) error = netmap_load_map(na, (bus_dma_tag_t) na->pdev, &lut->plut[i].paddr, p->lut[i].vaddr, p->_clustsize); if (error) { - D("Failed to map cluster #%d from the %s pool", i, p->name); + nm_prerr("Failed to map cluster #%d from the %s pool", i, p->name); break; } @@ -1627,13 +1639,13 @@ netmap_mem_finalize_all(struct netmap_mem_d *nmd) nmd->flags |= NETMAP_MEM_FINALIZED; if (netmap_verbose) - D("interfaces %d KB, rings %d KB, buffers %d MB", + nm_prinf("interfaces %d KB, rings %d KB, buffers %d MB", nmd->pools[NETMAP_IF_POOL].memtotal >> 10, nmd->pools[NETMAP_RING_POOL].memtotal >> 10, nmd->pools[NETMAP_BUF_POOL].memtotal >> 20); if (netmap_verbose) - D("Free buffers: %d", nmd->pools[NETMAP_BUF_POOL].objfree); + nm_prinf("Free buffers: %d", nmd->pools[NETMAP_BUF_POOL].objfree); return 0; @@ -1740,7 +1752,7 @@ netmap_mem_private_new(u_int txr, u_int txd, u_int rxr, u_int rxd, p[NETMAP_BUF_POOL].num = v; if (netmap_verbose) - D("req if %d*%d ring %d*%d buf %d*%d", + nm_prinf("req if %d*%d ring %d*%d buf %d*%d", p[NETMAP_IF_POOL].num, p[NETMAP_IF_POOL].size, p[NETMAP_RING_POOL].num, @@ -1850,13 +1862,13 @@ netmap_free_rings(struct netmap_adapter *na) struct netmap_ring *ring = kring->ring; if (ring == NULL || kring->users > 0 || (kring->nr_kflags & NKR_NEEDRING)) { - if (netmap_verbose) - D("NOT deleting ring %s (ring %p, users %d neekring %d)", + if (netmap_debug & NM_DEBUG_MEM) + nm_prinf("NOT deleting ring %s (ring %p, users %d neekring %d)", kring->name, ring, kring->users, kring->nr_kflags & NKR_NEEDRING); continue; } - if (netmap_verbose) - D("deleting ring %s", kring->name); + if (netmap_debug & NM_DEBUG_MEM) + nm_prinf("deleting ring %s", kring->name); if (!(kring->nr_kflags & NKR_FAKERING)) { ND("freeing bufs for %s", kring->name); netmap_free_bufs(na->nm_mem, ring->slot, kring->nkr_num_slots); @@ -1891,19 +1903,19 @@ netmap_mem2_rings_create(struct netmap_adapter *na) if (ring || (!kring->users && !(kring->nr_kflags & NKR_NEEDRING))) { /* uneeded, or already created by somebody else */ - if (netmap_verbose) - D("NOT creating ring %s (ring %p, users %d neekring %d)", + if (netmap_debug & NM_DEBUG_MEM) + nm_prinf("NOT creating ring %s (ring %p, users %d neekring %d)", kring->name, ring, kring->users, kring->nr_kflags & NKR_NEEDRING); continue; } - if (netmap_verbose) - D("creating %s", kring->name); + if (netmap_debug & NM_DEBUG_MEM) + nm_prinf("creating %s", kring->name); ndesc = kring->nkr_num_slots; len = sizeof(struct netmap_ring) + ndesc * sizeof(struct netmap_slot); ring = netmap_ring_malloc(na->nm_mem, len); if (ring == NULL) { - D("Cannot allocate %s_ring", nm_txrx2str(t)); + nm_prerr("Cannot allocate %s_ring", nm_txrx2str(t)); goto cleanup; } ND("txring at %p", ring); @@ -1925,14 +1937,16 @@ netmap_mem2_rings_create(struct netmap_adapter *na) ND("initializing slots for %s_ring", nm_txrx2str(t)); if (!(kring->nr_kflags & NKR_FAKERING)) { /* this is a real ring */ - ND("allocating buffers for %s", kring->name); + if (netmap_debug & NM_DEBUG_MEM) + nm_prinf("allocating buffers for %s", kring->name); if (netmap_new_bufs(na->nm_mem, ring->slot, ndesc)) { - D("Cannot allocate buffers for %s_ring", nm_txrx2str(t)); + nm_prerr("Cannot allocate buffers for %s_ring", nm_txrx2str(t)); goto cleanup; } } else { /* this is a fake ring, set all indices to 0 */ - ND("NOT allocating buffers for %s", kring->name); + if (netmap_debug & NM_DEBUG_MEM) + nm_prinf("NOT allocating buffers for %s", kring->name); netmap_mem_set_ring(na->nm_mem, ring->slot, ndesc, 0); } /* ring info */ @@ -1998,7 +2012,7 @@ netmap_mem2_if_new(struct netmap_adapter *na, struct netmap_priv_d *priv) /* initialize base fields -- override const */ *(u_int *)(uintptr_t)&nifp->ni_tx_rings = na->num_tx_rings; *(u_int *)(uintptr_t)&nifp->ni_rx_rings = na->num_rx_rings; - strncpy(nifp->ni_name, na->name, (size_t)IFNAMSIZ); + strlcpy(nifp->ni_name, na->name, sizeof(nifp->ni_name)); /* * fill the slots for the rx and tx rings. They contain the offset @@ -2049,8 +2063,8 @@ static void netmap_mem2_deref(struct netmap_mem_d *nmd) { - if (netmap_verbose) - D("active = %d", nmd->active); + if (netmap_debug & NM_DEBUG_MEM) + nm_prinf("active = %d", nmd->active); } @@ -2217,14 +2231,15 @@ netmap_mem_ext_create(uint64_t usrptr, struct nmreq_pools_info *pi, int *perror) pi->nr_buf_pool_objtotal = netmap_min_priv_params[NETMAP_BUF_POOL].num; if (pi->nr_buf_pool_objsize == 0) pi->nr_buf_pool_objsize = netmap_min_priv_params[NETMAP_BUF_POOL].size; - D("if %d %d ring %d %d buf %d %d", + if (netmap_verbose & NM_DEBUG_MEM) + nm_prinf("if %d %d ring %d %d buf %d %d", pi->nr_if_pool_objtotal, pi->nr_if_pool_objsize, pi->nr_ring_pool_objtotal, pi->nr_ring_pool_objsize, pi->nr_buf_pool_objtotal, pi->nr_buf_pool_objsize); os = nm_os_extmem_create(usrptr, pi, &error); if (os == NULL) { - D("os extmem creation failed"); + nm_prerr("os extmem creation failed"); goto out; } @@ -2233,7 +2248,8 @@ netmap_mem_ext_create(uint64_t usrptr, struct nmreq_pools_info *pi, int *perror) nm_os_extmem_delete(os); return &nme->up; } - D("not found, creating new"); + if (netmap_verbose & NM_DEBUG_MEM) + nm_prinf("not found, creating new"); nme = _netmap_mem_private_new(sizeof(*nme), (struct netmap_obj_params[]){ @@ -2343,7 +2359,7 @@ out: #endif /* WITH_EXTMEM */ -#ifdef WITH_PTNETMAP_GUEST +#ifdef WITH_PTNETMAP struct mem_pt_if { struct mem_pt_if *next; struct ifnet *ifp; @@ -2386,7 +2402,8 @@ netmap_mem_pt_guest_ifp_add(struct netmap_mem_d *nmd, struct ifnet *ifp, NMA_UNLOCK(nmd); - D("added (ifp=%p,nifp_offset=%u)", ptif->ifp, ptif->nifp_offset); + nm_prinf("ifp=%s,nifp_offset=%u", + ptif->ifp->if_xname, ptif->nifp_offset); return 0; } @@ -2667,7 +2684,7 @@ netmap_mem_pt_guest_rings_create(struct netmap_adapter *na) continue; kring->ring = (struct netmap_ring *) ((char *)nifp + - nifp->ring_ofs[i + na->num_tx_rings + 1]); + nifp->ring_ofs[netmap_all_rings(na, NR_TX) + i]); } error = 0; @@ -2832,4 +2849,4 @@ netmap_mem_pt_guest_new(struct ifnet *ifp, return nmd; } -#endif /* WITH_PTNETMAP_GUEST */ +#endif /* WITH_PTNETMAP */ diff --git a/sys/dev/netmap/netmap_mem2.h b/sys/dev/netmap/netmap_mem2.h index 977bf622862a..4f2075507651 100644 --- a/sys/dev/netmap/netmap_mem2.h +++ b/sys/dev/netmap/netmap_mem2.h @@ -158,14 +158,14 @@ struct netmap_mem_d* netmap_mem_ext_create(uint64_t, struct nmreq_pools_info *, ({ int *perr = _perr; if (perr) *(perr) = EOPNOTSUPP; NULL; }) #endif /* WITH_EXTMEM */ -#ifdef WITH_PTNETMAP_GUEST +#ifdef WITH_PTNETMAP struct netmap_mem_d* netmap_mem_pt_guest_new(struct ifnet *, unsigned int nifp_offset, unsigned int memid); struct ptnetmap_memdev; struct netmap_mem_d* netmap_mem_pt_guest_attach(struct ptnetmap_memdev *, uint16_t); int netmap_mem_pt_guest_ifp_del(struct netmap_mem_d *, struct ifnet *); -#endif /* WITH_PTNETMAP_GUEST */ +#endif /* WITH_PTNETMAP */ int netmap_mem_pools_info_get(struct nmreq_pools_info *, struct netmap_mem_d *); diff --git a/sys/dev/netmap/netmap_null.c b/sys/dev/netmap/netmap_null.c new file mode 100644 index 000000000000..b769ae7ed6e8 --- /dev/null +++ b/sys/dev/netmap/netmap_null.c @@ -0,0 +1,184 @@ +/* + * Copyright (C) 2018 Giuseppe Lettieri + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ +/* $FreeBSD$ */ + +#if defined(__FreeBSD__) +#include <sys/cdefs.h> /* prerequisite */ + +#include <sys/types.h> +#include <sys/errno.h> +#include <sys/param.h> /* defines used in kernel.h */ +#include <sys/kernel.h> /* types used in module initialization */ +#include <sys/malloc.h> +#include <sys/poll.h> +#include <sys/lock.h> +#include <sys/rwlock.h> +#include <sys/selinfo.h> +#include <sys/sysctl.h> +#include <sys/socket.h> /* sockaddrs */ +#include <net/if.h> +#include <net/if_var.h> +#include <machine/bus.h> /* bus_dmamap_* */ +#include <sys/refcount.h> + + +#elif defined(linux) + +#include "bsd_glue.h" + +#elif defined(__APPLE__) + +#warning OSX support is only partial +#include "osx_glue.h" + +#elif defined(_WIN32) +#include "win_glue.h" + +#else + +#error Unsupported platform + +#endif /* unsupported */ + +/* + * common headers + */ + +#include <net/netmap.h> +#include <dev/netmap/netmap_kern.h> +#include <dev/netmap/netmap_mem2.h> + +#ifdef WITH_NMNULL + +static int +netmap_null_txsync(struct netmap_kring *kring, int flags) +{ + (void)kring; + (void)flags; + return 0; +} + +static int +netmap_null_rxsync(struct netmap_kring *kring, int flags) +{ + (void)kring; + (void)flags; + return 0; +} + +static int +netmap_null_krings_create(struct netmap_adapter *na) +{ + return netmap_krings_create(na, 0); +} + +static void +netmap_null_krings_delete(struct netmap_adapter *na) +{ + netmap_krings_delete(na); +} + +static int +netmap_null_reg(struct netmap_adapter *na, int onoff) +{ + if (na->active_fds == 0) { + if (onoff) + na->na_flags |= NAF_NETMAP_ON; + else + na->na_flags &= ~NAF_NETMAP_ON; + } + return 0; +} + +static int +netmap_null_bdg_attach(const char *name, struct netmap_adapter *na, + struct nm_bridge *b) +{ + (void)name; + (void)na; + (void)b; + return EINVAL; +} + +int +netmap_get_null_na(struct nmreq_header *hdr, struct netmap_adapter **na, + struct netmap_mem_d *nmd, int create) +{ + struct nmreq_register *req = (struct nmreq_register *)(uintptr_t)hdr->nr_body; + struct netmap_null_adapter *nna; + int error; + + if (req->nr_mode != NR_REG_NULL) { + nm_prdis("not a null port"); + return 0; + } + + if (!create) { + nm_prerr("null ports cannot be re-opened"); + return EINVAL; + } + + if (nmd == NULL) { + nm_prerr("null ports must use an existing allocator"); + return EINVAL; + } + + nna = nm_os_malloc(sizeof(*nna)); + if (nna == NULL) { + error = ENOMEM; + goto err; + } + snprintf(nna->up.name, sizeof(nna->up.name), "null:%s", hdr->nr_name); + + nna->up.nm_txsync = netmap_null_txsync; + nna->up.nm_rxsync = netmap_null_rxsync; + nna->up.nm_register = netmap_null_reg; + nna->up.nm_krings_create = netmap_null_krings_create; + nna->up.nm_krings_delete = netmap_null_krings_delete; + nna->up.nm_bdg_attach = netmap_null_bdg_attach; + nna->up.nm_mem = netmap_mem_get(nmd); + + nna->up.num_tx_rings = req->nr_tx_rings; + nna->up.num_rx_rings = req->nr_rx_rings; + nna->up.num_tx_desc = req->nr_tx_slots; + nna->up.num_rx_desc = req->nr_rx_slots; + error = netmap_attach_common(&nna->up); + if (error) + goto free_nna; + *na = &nna->up; + netmap_adapter_get(*na); + nm_prdis("created null %s", nna->up.name); + + return 0; + +free_nna: + nm_os_free(nna); +err: + return error; +} + + +#endif /* WITH_NMNULL */ diff --git a/sys/dev/netmap/netmap_pipe.c b/sys/dev/netmap/netmap_pipe.c index fbeee4e641b0..e9a2b275974c 100644 --- a/sys/dev/netmap/netmap_pipe.c +++ b/sys/dev/netmap/netmap_pipe.c @@ -443,7 +443,7 @@ netmap_pipe_reg(struct netmap_adapter *na, int onoff) /* In case of no error we put our rings in netmap mode */ for_rx_tx(t) { - for (i = 0; i < nma_get_nrings(na, t) + 1; i++) { + for (i = 0; i < nma_get_nrings(na, t); i++) { struct netmap_kring *kring = NMR(na, t)[i]; if (nm_kring_pending_on(kring)) { struct netmap_kring *sring, *dring; @@ -490,7 +490,7 @@ netmap_pipe_reg(struct netmap_adapter *na, int onoff) if (na->active_fds == 0) na->na_flags &= ~NAF_NETMAP_ON; for_rx_tx(t) { - for (i = 0; i < nma_get_nrings(na, t) + 1; i++) { + for (i = 0; i < nma_get_nrings(na, t); i++) { struct netmap_kring *kring = NMR(na, t)[i]; if (nm_kring_pending_off(kring)) { @@ -567,7 +567,7 @@ netmap_pipe_krings_delete(struct netmap_adapter *na) sna = na; cleanup: for_rx_tx(t) { - for (i = 0; i < nma_get_nrings(sna, t) + 1; i++) { + for (i = 0; i < nma_get_nrings(sna, t); i++) { struct netmap_kring *kring = NMR(sna, t)[i]; struct netmap_ring *ring = kring->ring; uint32_t j, lim = kring->nkr_num_slots - 1; @@ -674,11 +674,11 @@ netmap_get_pipe_na(struct nmreq_header *hdr, struct netmap_adapter **na, int create_error; /* Temporarily remove the pipe suffix. */ - strncpy(nr_name_orig, hdr->nr_name, sizeof(nr_name_orig)); + strlcpy(nr_name_orig, hdr->nr_name, sizeof(nr_name_orig)); *cbra = '\0'; error = netmap_get_na(hdr, &pna, &ifp, nmd, create); /* Restore the pipe suffix. */ - strncpy(hdr->nr_name, nr_name_orig, sizeof(hdr->nr_name)); + strlcpy(hdr->nr_name, nr_name_orig, sizeof(hdr->nr_name)); if (!error) break; if (error != ENXIO || retries++) { @@ -691,7 +691,7 @@ netmap_get_pipe_na(struct nmreq_header *hdr, struct netmap_adapter **na, NMG_UNLOCK(); create_error = netmap_vi_create(hdr, 1 /* autodelete */); NMG_LOCK(); - strncpy(hdr->nr_name, nr_name_orig, sizeof(hdr->nr_name)); + strlcpy(hdr->nr_name, nr_name_orig, sizeof(hdr->nr_name)); if (create_error && create_error != EEXIST) { if (create_error != EOPNOTSUPP) { D("failed to create a persistent vale port: %d", create_error); diff --git a/sys/dev/netmap/netmap_vale.c b/sys/dev/netmap/netmap_vale.c index 2c526753272c..0d0232e3d2da 100644 --- a/sys/dev/netmap/netmap_vale.c +++ b/sys/dev/netmap/netmap_vale.c @@ -121,18 +121,18 @@ SYSCTL_INT(_dev_netmap, OID_AUTO, bridge_batch, CTLFLAG_RW, &bridge_batch, 0, "Max batch size to be used in the bridge"); SYSEND; -static int netmap_vp_create(struct nmreq_header *hdr, struct ifnet *, +static int netmap_vale_vp_create(struct nmreq_header *hdr, struct ifnet *, struct netmap_mem_d *nmd, struct netmap_vp_adapter **); -static int netmap_vp_bdg_attach(const char *, struct netmap_adapter *, +static int netmap_vale_vp_bdg_attach(const char *, struct netmap_adapter *, struct nm_bridge *); static int netmap_vale_bwrap_attach(const char *, struct netmap_adapter *); /* - * For each output interface, nm_bdg_q is used to construct a list. + * For each output interface, nm_vale_q is used to construct a list. * bq_len is the number of output buffers (we can have coalescing * during the copy). */ -struct nm_bdg_q { +struct nm_vale_q { uint16_t bq_head; uint16_t bq_tail; uint32_t bq_len; /* number of buffers */ @@ -140,10 +140,10 @@ struct nm_bdg_q { /* Holds the default callbacks */ struct netmap_bdg_ops vale_bdg_ops = { - .lookup = netmap_bdg_learning, + .lookup = netmap_vale_learning, .config = NULL, .dtor = NULL, - .vp_create = netmap_vp_create, + .vp_create = netmap_vale_vp_create, .bwrap_attach = netmap_vale_bwrap_attach, .name = NM_BDG_NAME, }; @@ -212,14 +212,14 @@ nm_alloc_bdgfwd(struct netmap_adapter *na) /* all port:rings + broadcast */ num_dstq = NM_BDG_MAXPORTS * NM_BDG_MAXRINGS + 1; l = sizeof(struct nm_bdg_fwd) * NM_BDG_BATCH_MAX; - l += sizeof(struct nm_bdg_q) * num_dstq; + l += sizeof(struct nm_vale_q) * num_dstq; l += sizeof(uint16_t) * NM_BDG_BATCH_MAX; nrings = netmap_real_rings(na, NR_TX); kring = na->tx_rings; for (i = 0; i < nrings; i++) { struct nm_bdg_fwd *ft; - struct nm_bdg_q *dstq; + struct nm_vale_q *dstq; int j; ft = nm_os_malloc(l); @@ -227,7 +227,7 @@ nm_alloc_bdgfwd(struct netmap_adapter *na) nm_free_bdgfwd(na); return ENOMEM; } - dstq = (struct nm_bdg_q *)(ft + NM_BDG_BATCH_MAX); + dstq = (struct nm_vale_q *)(ft + NM_BDG_BATCH_MAX); for (j = 0; j < num_dstq; j++) { dstq[j].bq_head = dstq[j].bq_tail = NM_FT_NULL; dstq[j].bq_len = 0; @@ -307,11 +307,228 @@ unlock_bdg_free: return ret; } +/* Process NETMAP_REQ_VALE_LIST. */ +int +netmap_vale_list(struct nmreq_header *hdr) +{ + struct nmreq_vale_list *req = + (struct nmreq_vale_list *)(uintptr_t)hdr->nr_body; + int namelen = strlen(hdr->nr_name); + struct nm_bridge *b, *bridges; + struct netmap_vp_adapter *vpna; + int error = 0, i, j; + u_int num_bridges; + + netmap_bns_getbridges(&bridges, &num_bridges); + + /* this is used to enumerate bridges and ports */ + if (namelen) { /* look up indexes of bridge and port */ + if (strncmp(hdr->nr_name, NM_BDG_NAME, + strlen(NM_BDG_NAME))) { + return EINVAL; + } + NMG_LOCK(); + b = nm_find_bridge(hdr->nr_name, 0 /* don't create */, NULL); + if (!b) { + NMG_UNLOCK(); + return ENOENT; + } + + req->nr_bridge_idx = b - bridges; /* bridge index */ + req->nr_port_idx = NM_BDG_NOPORT; + for (j = 0; j < b->bdg_active_ports; j++) { + i = b->bdg_port_index[j]; + vpna = b->bdg_ports[i]; + if (vpna == NULL) { + nm_prerr("This should not happen"); + continue; + } + /* the former and the latter identify a + * virtual port and a NIC, respectively + */ + if (!strcmp(vpna->up.name, hdr->nr_name)) { + req->nr_port_idx = i; /* port index */ + break; + } + } + NMG_UNLOCK(); + } else { + /* return the first non-empty entry starting from + * bridge nr_arg1 and port nr_arg2. + * + * Users can detect the end of the same bridge by + * seeing the new and old value of nr_arg1, and can + * detect the end of all the bridge by error != 0 + */ + i = req->nr_bridge_idx; + j = req->nr_port_idx; + + NMG_LOCK(); + for (error = ENOENT; i < NM_BRIDGES; i++) { + b = bridges + i; + for ( ; j < NM_BDG_MAXPORTS; j++) { + if (b->bdg_ports[j] == NULL) + continue; + vpna = b->bdg_ports[j]; + /* write back the VALE switch name */ + strlcpy(hdr->nr_name, vpna->up.name, + sizeof(hdr->nr_name)); + error = 0; + goto out; + } + j = 0; /* following bridges scan from 0 */ + } + out: + req->nr_bridge_idx = i; + req->nr_port_idx = j; + NMG_UNLOCK(); + } + + return error; +} + +/* Process NETMAP_REQ_VALE_ATTACH. + */ +int +netmap_vale_attach(struct nmreq_header *hdr, void *auth_token) +{ + struct nmreq_vale_attach *req = + (struct nmreq_vale_attach *)(uintptr_t)hdr->nr_body; + struct netmap_vp_adapter * vpna; + struct netmap_adapter *na = NULL; + struct netmap_mem_d *nmd = NULL; + struct nm_bridge *b = NULL; + int error; + + NMG_LOCK(); + /* permission check for modified bridges */ + b = nm_find_bridge(hdr->nr_name, 0 /* don't create */, NULL); + if (b && !nm_bdg_valid_auth_token(b, auth_token)) { + error = EACCES; + goto unlock_exit; + } + + if (req->reg.nr_mem_id) { + nmd = netmap_mem_find(req->reg.nr_mem_id); + if (nmd == NULL) { + error = EINVAL; + goto unlock_exit; + } + } + + /* check for existing one */ + error = netmap_get_vale_na(hdr, &na, nmd, 0); + if (na) { + error = EBUSY; + goto unref_exit; + } + error = netmap_get_vale_na(hdr, &na, + nmd, 1 /* create if not exists */); + if (error) { /* no device */ + goto unlock_exit; + } + + if (na == NULL) { /* VALE prefix missing */ + error = EINVAL; + goto unlock_exit; + } + + if (NETMAP_OWNED_BY_ANY(na)) { + error = EBUSY; + goto unref_exit; + } + + if (na->nm_bdg_ctl) { + /* nop for VALE ports. The bwrap needs to put the hwna + * in netmap mode (see netmap_bwrap_bdg_ctl) + */ + error = na->nm_bdg_ctl(hdr, na); + if (error) + goto unref_exit; + ND("registered %s to netmap-mode", na->name); + } + vpna = (struct netmap_vp_adapter *)na; + req->port_index = vpna->bdg_port; + + if (nmd) + netmap_mem_put(nmd); + + NMG_UNLOCK(); + return 0; + +unref_exit: + netmap_adapter_put(na); +unlock_exit: + if (nmd) + netmap_mem_put(nmd); + + NMG_UNLOCK(); + return error; +} + +/* Process NETMAP_REQ_VALE_DETACH. + */ +int +netmap_vale_detach(struct nmreq_header *hdr, void *auth_token) +{ + struct nmreq_vale_detach *nmreq_det = (void *)(uintptr_t)hdr->nr_body; + struct netmap_vp_adapter *vpna; + struct netmap_adapter *na; + struct nm_bridge *b = NULL; + int error; + + NMG_LOCK(); + /* permission check for modified bridges */ + b = nm_find_bridge(hdr->nr_name, 0 /* don't create */, NULL); + if (b && !nm_bdg_valid_auth_token(b, auth_token)) { + error = EACCES; + goto unlock_exit; + } + + error = netmap_get_vale_na(hdr, &na, NULL, 0 /* don't create */); + if (error) { /* no device, or another bridge or user owns the device */ + goto unlock_exit; + } + + if (na == NULL) { /* VALE prefix missing */ + error = EINVAL; + goto unlock_exit; + } else if (nm_is_bwrap(na) && + ((struct netmap_bwrap_adapter *)na)->na_polling_state) { + /* Don't detach a NIC with polling */ + error = EBUSY; + goto unref_exit; + } + + vpna = (struct netmap_vp_adapter *)na; + if (na->na_vp != vpna) { + /* trying to detach first attach of VALE persistent port attached + * to 2 bridges + */ + error = EBUSY; + goto unref_exit; + } + nmreq_det->port_index = vpna->bdg_port; + + if (na->nm_bdg_ctl) { + /* remove the port from bridge. The bwrap + * also needs to put the hwna in normal mode + */ + error = na->nm_bdg_ctl(hdr, na); + } + +unref_exit: + netmap_adapter_put(na); +unlock_exit: + NMG_UNLOCK(); + return error; + +} /* nm_dtor callback for ephemeral VALE ports */ static void -netmap_vp_dtor(struct netmap_adapter *na) +netmap_vale_vp_dtor(struct netmap_adapter *na) { struct netmap_vp_adapter *vpna = (struct netmap_vp_adapter*)na; struct nm_bridge *b = vpna->na_bdg; @@ -334,47 +551,13 @@ netmap_vp_dtor(struct netmap_adapter *na) } -/* Called by external kernel modules (e.g., Openvswitch). - * to modify the private data previously given to regops(). - * 'name' may be just bridge's name (including ':' if it - * is not just NM_BDG_NAME). - * Called without NMG_LOCK. - */ -int -nm_bdg_update_private_data(const char *name, bdg_update_private_data_fn_t callback, - void *callback_data, void *auth_token) -{ - void *private_data = NULL; - struct nm_bridge *b; - int error = 0; - - NMG_LOCK(); - b = nm_find_bridge(name, 0 /* don't create */, NULL); - if (!b) { - error = EINVAL; - goto unlock_update_priv; - } - if (!nm_bdg_valid_auth_token(b, auth_token)) { - error = EACCES; - goto unlock_update_priv; - } - BDG_WLOCK(b); - private_data = callback(b->private_data, callback_data, &error); - b->private_data = private_data; - BDG_WUNLOCK(b); - -unlock_update_priv: - NMG_UNLOCK(); - return error; -} - /* nm_krings_create callback for VALE ports. * Calls the standard netmap_krings_create, then adds leases on rx * rings and bdgfwd on tx rings. */ static int -netmap_vp_krings_create(struct netmap_adapter *na) +netmap_vale_vp_krings_create(struct netmap_adapter *na) { u_int tailroom; int error, i; @@ -409,7 +592,7 @@ netmap_vp_krings_create(struct netmap_adapter *na) /* nm_krings_delete callback for VALE ports. */ static void -netmap_vp_krings_delete(struct netmap_adapter *na) +netmap_vale_vp_krings_delete(struct netmap_adapter *na) { nm_free_bdgfwd(na); netmap_krings_delete(na); @@ -417,7 +600,7 @@ netmap_vp_krings_delete(struct netmap_adapter *na) static int -nm_bdg_flush(struct nm_bdg_fwd *ft, u_int n, +nm_vale_flush(struct nm_bdg_fwd *ft, u_int n, struct netmap_vp_adapter *na, u_int ring_nr); @@ -429,7 +612,7 @@ nm_bdg_flush(struct nm_bdg_fwd *ft, u_int n, * Returns the next position in the ring. */ static int -nm_bdg_preflush(struct netmap_kring *kring, u_int end) +nm_vale_preflush(struct netmap_kring *kring, u_int end) { struct netmap_vp_adapter *na = (struct netmap_vp_adapter*)kring->na; @@ -470,7 +653,7 @@ nm_bdg_preflush(struct netmap_kring *kring, u_int end) buf = ft[ft_i].ft_buf = (slot->flags & NS_INDIRECT) ? (void *)(uintptr_t)slot->ptr : NMB(&na->up, slot); if (unlikely(buf == NULL)) { - RD(5, "NULL %s buffer pointer from %s slot %d len %d", + nm_prlim(5, "NULL %s buffer pointer from %s slot %d len %d", (slot->flags & NS_INDIRECT) ? "INDIRECT" : "DIRECT", kring->name, j, ft[ft_i].ft_len); buf = ft[ft_i].ft_buf = NETMAP_BUF_BASE(&na->up); @@ -488,7 +671,7 @@ nm_bdg_preflush(struct netmap_kring *kring, u_int end) ft[ft_i - frags].ft_frags = frags; frags = 1; if (unlikely((int)ft_i >= bridge_batch)) - ft_i = nm_bdg_flush(ft, ft_i, na, ring_nr); + ft_i = nm_vale_flush(ft, ft_i, na, ring_nr); } if (frags > 1) { /* Here ft_i > 0, ft[ft_i-1].flags has NS_MOREFRAG, and we @@ -496,10 +679,10 @@ nm_bdg_preflush(struct netmap_kring *kring, u_int end) frags--; ft[ft_i - 1].ft_flags &= ~NS_MOREFRAG; ft[ft_i - frags].ft_frags = frags; - D("Truncate incomplete fragment at %d (%d frags)", ft_i, frags); + nm_prlim(5, "Truncate incomplete fragment at %d (%d frags)", ft_i, frags); } if (ft_i) - ft_i = nm_bdg_flush(ft, ft_i, na, ring_nr); + ft_i = nm_vale_flush(ft, ft_i, na, ring_nr); BDG_RUNLOCK(b); return j; } @@ -528,7 +711,7 @@ do { \ static __inline uint32_t -nm_bridge_rthash(const uint8_t *addr) +nm_vale_rthash(const uint8_t *addr) { uint32_t a = 0x9e3779b9, b = 0x9e3779b9, c = 0; // hask key @@ -554,7 +737,7 @@ nm_bridge_rthash(const uint8_t *addr) * ring in *dst_ring (at the moment, always use ring 0) */ uint32_t -netmap_bdg_learning(struct nm_bdg_fwd *ft, uint8_t *dst_ring, +netmap_vale_learning(struct nm_bdg_fwd *ft, uint8_t *dst_ring, struct netmap_vp_adapter *na, void *private_data) { uint8_t *buf = ((uint8_t *)ft->ft_buf) + ft->ft_offset; @@ -586,17 +769,17 @@ netmap_bdg_learning(struct nm_bdg_fwd *ft, uint8_t *dst_ring, */ if (((buf[6] & 1) == 0) && (na->last_smac != smac)) { /* valid src */ uint8_t *s = buf+6; - sh = nm_bridge_rthash(s); /* hash of source */ + sh = nm_vale_rthash(s); /* hash of source */ /* update source port forwarding entry */ na->last_smac = ht[sh].mac = smac; /* XXX expire ? */ ht[sh].ports = mysrc; - if (netmap_verbose) - D("src %02x:%02x:%02x:%02x:%02x:%02x on port %d", + if (netmap_debug & NM_DEBUG_VALE) + nm_prinf("src %02x:%02x:%02x:%02x:%02x:%02x on port %d", s[0], s[1], s[2], s[3], s[4], s[5], mysrc); } dst = NM_BDG_BROADCAST; if ((buf[0] & 1) == 0) { /* unicast */ - dh = nm_bridge_rthash(buf); /* hash of dst */ + dh = nm_vale_rthash(buf); /* hash of dst */ if (ht[dh].mac == dmac) { /* found dst */ dst = ht[dh].ports; } @@ -655,24 +838,28 @@ nm_kr_lease(struct netmap_kring *k, u_int n, int is_rx) k->nkr_leases[lease_idx] = NR_NOSLOT; k->nkr_lease_idx = nm_next(lease_idx, lim); +#ifdef CONFIG_NETMAP_DEBUG if (n > nm_kr_space(k, is_rx)) { - D("invalid request for %d slots", n); + nm_prerr("invalid request for %d slots", n); panic("x"); } +#endif /* CONFIG NETMAP_DEBUG */ /* XXX verify that there are n slots */ k->nkr_hwlease += n; if (k->nkr_hwlease > lim) k->nkr_hwlease -= lim + 1; +#ifdef CONFIG_NETMAP_DEBUG if (k->nkr_hwlease >= k->nkr_num_slots || k->nr_hwcur >= k->nkr_num_slots || k->nr_hwtail >= k->nkr_num_slots || k->nkr_lease_idx >= k->nkr_num_slots) { - D("invalid kring %s, cur %d tail %d lease %d lease_idx %d lim %d", + nm_prerr("invalid kring %s, cur %d tail %d lease %d lease_idx %d lim %d", k->na->name, k->nr_hwcur, k->nr_hwtail, k->nkr_hwlease, k->nkr_lease_idx, k->nkr_num_slots); } +#endif /* CONFIG_NETMAP_DEBUG */ return lease_idx; } @@ -682,10 +869,10 @@ nm_kr_lease(struct netmap_kring *k, u_int n, int is_rx) * number of ports, and lets us replace the learn and dispatch functions. */ int -nm_bdg_flush(struct nm_bdg_fwd *ft, u_int n, struct netmap_vp_adapter *na, +nm_vale_flush(struct nm_bdg_fwd *ft, u_int n, struct netmap_vp_adapter *na, u_int ring_nr) { - struct nm_bdg_q *dst_ents, *brddst; + struct nm_vale_q *dst_ents, *brddst; uint16_t num_dsts = 0, *dsts; struct nm_bridge *b = na->na_bdg; u_int i, me = na->bdg_port; @@ -696,14 +883,14 @@ nm_bdg_flush(struct nm_bdg_fwd *ft, u_int n, struct netmap_vp_adapter *na, * queues per port plus one for the broadcast traffic. * Then we have an array of destination indexes. */ - dst_ents = (struct nm_bdg_q *)(ft + NM_BDG_BATCH_MAX); + dst_ents = (struct nm_vale_q *)(ft + NM_BDG_BATCH_MAX); dsts = (uint16_t *)(dst_ents + NM_BDG_MAXPORTS * NM_BDG_MAXRINGS + 1); /* first pass: find a destination for each packet in the batch */ for (i = 0; likely(i < n); i += ft[i].ft_frags) { uint8_t dst_ring = ring_nr; /* default, same ring as origin */ uint16_t dst_port, d_i; - struct nm_bdg_q *d; + struct nm_vale_q *d; struct nm_bdg_fwd *start_ft = NULL; ND("slot %d frags %d", i, ft[i].ft_frags); @@ -720,7 +907,7 @@ nm_bdg_flush(struct nm_bdg_fwd *ft, u_int n, struct netmap_vp_adapter *na, */ continue; } - dst_port = b->bdg_ops->lookup(start_ft, &dst_ring, na, b->private_data); + dst_port = b->bdg_ops.lookup(start_ft, &dst_ring, na, b->private_data); if (netmap_verbose > 255) RD(5, "slot %d port %d -> %d", i, me, dst_port); if (dst_port >= NM_BDG_NOPORT) @@ -778,7 +965,7 @@ nm_bdg_flush(struct nm_bdg_fwd *ft, u_int n, struct netmap_vp_adapter *na, u_int dst_nr, lim, j, d_i, next, brd_next; u_int needed, howmany; int retry = netmap_txsync_retry; - struct nm_bdg_q *d; + struct nm_vale_q *d; uint32_t my_start = 0, lease_idx = 0; int nrings; int virt_hdr_mismatch = 0; @@ -862,7 +1049,7 @@ retry: if (dst_na->retry && retry) { /* try to get some free slot from the previous run */ - kring->nm_notify(kring, 0); + kring->nm_notify(kring, NAF_FORCE_RECLAIM); /* actually useful only for bwraps, since there * the notify will trigger a txsync on the hwna. VALE ports * have dst_na->retry == 0 @@ -1030,7 +1217,7 @@ cleanup: /* nm_txsync callback for VALE ports */ static int -netmap_vp_txsync(struct netmap_kring *kring, int flags) +netmap_vale_vp_txsync(struct netmap_kring *kring, int flags) { struct netmap_vp_adapter *na = (struct netmap_vp_adapter *)kring->na; @@ -1049,17 +1236,17 @@ netmap_vp_txsync(struct netmap_kring *kring, int flags) if (bridge_batch > NM_BDG_BATCH) bridge_batch = NM_BDG_BATCH; - done = nm_bdg_preflush(kring, head); + done = nm_vale_preflush(kring, head); done: if (done != head) - D("early break at %d/ %d, tail %d", done, head, kring->nr_hwtail); + nm_prerr("early break at %d/ %d, tail %d", done, head, kring->nr_hwtail); /* * packets between 'done' and 'cur' are left unsent. */ kring->nr_hwcur = done; kring->nr_hwtail = nm_prev(done, lim); - if (netmap_verbose) - D("%s ring %d flags %d", na->up.name, kring->ring_id, flags); + if (netmap_debug & NM_DEBUG_TXSYNC) + nm_prinf("%s ring %d flags %d", na->up.name, kring->ring_id, flags); return 0; } @@ -1068,7 +1255,7 @@ done: * Only persistent VALE ports have a non-null ifp. */ static int -netmap_vp_create(struct nmreq_header *hdr, struct ifnet *ifp, +netmap_vale_vp_create(struct nmreq_header *hdr, struct ifnet *ifp, struct netmap_mem_d *nmd, struct netmap_vp_adapter **ret) { struct nmreq_register *req = (struct nmreq_register *)(uintptr_t)hdr->nr_body; @@ -1089,7 +1276,7 @@ netmap_vp_create(struct nmreq_header *hdr, struct ifnet *ifp, na = &vpna->up; na->ifp = ifp; - strncpy(na->name, hdr->nr_name, sizeof(na->name)); + strlcpy(na->name, hdr->nr_name, sizeof(na->name)); /* bound checking */ na->num_tx_rings = req->nr_tx_rings; @@ -1109,6 +1296,7 @@ netmap_vp_create(struct nmreq_header *hdr, struct ifnet *ifp, */ nm_bound_var(&npipes, 2, 1, NM_MAXPIPES, NULL); /* validate extra bufs */ + extrabufs = req->nr_extra_bufs; nm_bound_var(&extrabufs, 0, 0, 128*NM_BDG_MAXSLOTS, NULL); req->nr_extra_bufs = extrabufs; /* write back */ @@ -1121,7 +1309,7 @@ netmap_vp_create(struct nmreq_header *hdr, struct ifnet *ifp, /*if (vpna->mfs > netmap_buf_size) TODO netmap_buf_size is zero?? vpna->mfs = netmap_buf_size; */ if (netmap_verbose) - D("max frame size %u", vpna->mfs); + nm_prinf("max frame size %u", vpna->mfs); na->na_flags |= NAF_BDG_MAYSLEEP; /* persistent VALE ports look like hw devices @@ -1129,12 +1317,12 @@ netmap_vp_create(struct nmreq_header *hdr, struct ifnet *ifp, */ if (ifp) na->na_flags |= NAF_NATIVE; - na->nm_txsync = netmap_vp_txsync; - na->nm_rxsync = netmap_vp_rxsync; - na->nm_register = netmap_vp_reg; - na->nm_krings_create = netmap_vp_krings_create; - na->nm_krings_delete = netmap_vp_krings_delete; - na->nm_dtor = netmap_vp_dtor; + na->nm_txsync = netmap_vale_vp_txsync; + na->nm_rxsync = netmap_vp_rxsync; /* use the one provided by bdg */ + na->nm_register = netmap_vp_reg; /* use the one provided by bdg */ + na->nm_krings_create = netmap_vale_vp_krings_create; + na->nm_krings_delete = netmap_vale_vp_krings_delete; + na->nm_dtor = netmap_vale_vp_dtor; ND("nr_mem_id %d", req->nr_mem_id); na->nm_mem = nmd ? netmap_mem_get(nmd): @@ -1144,7 +1332,7 @@ netmap_vp_create(struct nmreq_header *hdr, struct ifnet *ifp, req->nr_extra_bufs, npipes, &error); if (na->nm_mem == NULL) goto err; - na->nm_bdg_attach = netmap_vp_bdg_attach; + na->nm_bdg_attach = netmap_vale_vp_bdg_attach; /* other nmd fields are set in the common routine */ error = netmap_attach_common(na); if (error) @@ -1163,19 +1351,16 @@ err: * The na_vp port is this same netmap_adapter. There is no host port. */ static int -netmap_vp_bdg_attach(const char *name, struct netmap_adapter *na, +netmap_vale_vp_bdg_attach(const char *name, struct netmap_adapter *na, struct nm_bridge *b) { struct netmap_vp_adapter *vpna = (struct netmap_vp_adapter *)na; - if (b->bdg_ops != &vale_bdg_ops) { - return NM_NEED_BWRAP; - } - if (vpna->na_bdg) { + if ((b->bdg_flags & NM_BDG_NEED_BWRAP) || vpna->na_bdg) { return NM_NEED_BWRAP; } na->na_vp = vpna; - strncpy(na->name, name, sizeof(na->name)); + strlcpy(na->name, name, sizeof(na->name)); na->na_hostvp = NULL; return 0; } @@ -1186,12 +1371,12 @@ netmap_vale_bwrap_krings_create(struct netmap_adapter *na) int error; /* impersonate a netmap_vp_adapter */ - error = netmap_vp_krings_create(na); + error = netmap_vale_vp_krings_create(na); if (error) return error; error = netmap_bwrap_krings_create_common(na); if (error) { - netmap_vp_krings_delete(na); + netmap_vale_vp_krings_delete(na); } return error; } @@ -1200,7 +1385,7 @@ static void netmap_vale_bwrap_krings_delete(struct netmap_adapter *na) { netmap_bwrap_krings_delete_common(na); - netmap_vp_krings_delete(na); + netmap_vale_vp_krings_delete(na); } static int @@ -1216,9 +1401,9 @@ netmap_vale_bwrap_attach(const char *nr_name, struct netmap_adapter *hwna) return ENOMEM; } na = &bna->up.up; - strncpy(na->name, nr_name, sizeof(na->name)); + strlcpy(na->name, nr_name, sizeof(na->name)); na->nm_register = netmap_bwrap_reg; - na->nm_txsync = netmap_vp_txsync; + na->nm_txsync = netmap_vale_vp_txsync; // na->nm_rxsync = netmap_bwrap_rxsync; na->nm_krings_create = netmap_vale_bwrap_krings_create; na->nm_krings_delete = netmap_vale_bwrap_krings_delete; @@ -1313,7 +1498,8 @@ nm_vi_destroy(const char *name) NMG_UNLOCK(); - D("destroying a persistent vale interface %s", ifp->if_xname); + if (netmap_verbose) + nm_prinf("destroying a persistent vale interface %s", ifp->if_xname); /* Linux requires all the references are released * before unregister */ @@ -1389,9 +1575,10 @@ netmap_vi_create(struct nmreq_header *hdr, int autodelete) } } /* netmap_vp_create creates a struct netmap_vp_adapter */ - error = netmap_vp_create(hdr, ifp, nmd, &vpna); + error = netmap_vale_vp_create(hdr, ifp, nmd, &vpna); if (error) { - D("error %d", error); + if (netmap_debug & NM_DEBUG_VALE) + nm_prerr("error %d", error); goto err_1; } /* persist-specific routines */ diff --git a/sys/dev/nvme/nvme_ctrlr.c b/sys/dev/nvme/nvme_ctrlr.c index 6d6e16e718e7..e35530d60152 100644 --- a/sys/dev/nvme/nvme_ctrlr.c +++ b/sys/dev/nvme/nvme_ctrlr.c @@ -1075,6 +1075,8 @@ nvme_ctrlr_passthrough_cmd(struct nvme_controller *ctrlr, /* Assume userspace already converted to little-endian */ req->cmd.opc = pt->cmd.opc; req->cmd.fuse = pt->cmd.fuse; + req->cmd.rsvd2 = pt->cmd.rsvd2; + req->cmd.rsvd3 = pt->cmd.rsvd3; req->cmd.cdw10 = pt->cmd.cdw10; req->cmd.cdw11 = pt->cmd.cdw11; req->cmd.cdw12 = pt->cmd.cdw12; diff --git a/sys/dev/pci/pci.c b/sys/dev/pci/pci.c index 7c6a1604c13a..0d3ab2b5c432 100644 --- a/sys/dev/pci/pci.c +++ b/sys/dev/pci/pci.c @@ -214,7 +214,8 @@ static device_method_t pci_methods[] = { DEFINE_CLASS_0(pci, pci_driver, pci_methods, sizeof(struct pci_softc)); static devclass_t pci_devclass; -DRIVER_MODULE(pci, pcib, pci_driver, pci_devclass, pci_modevent, NULL); +EARLY_DRIVER_MODULE(pci, pcib, pci_driver, pci_devclass, pci_modevent, NULL, + BUS_PASS_BUS); MODULE_VERSION(pci, 1); static char *pci_vendordata; diff --git a/sys/dev/pci/pci_pci.c b/sys/dev/pci/pci_pci.c index a61d8c2fb2e5..18bf1196422a 100644 --- a/sys/dev/pci/pci_pci.c +++ b/sys/dev/pci/pci_pci.c @@ -131,7 +131,8 @@ static device_method_t pcib_methods[] = { static devclass_t pcib_devclass; DEFINE_CLASS_0(pcib, pcib_driver, pcib_methods, sizeof(struct pcib_softc)); -DRIVER_MODULE(pcib, pci, pcib_driver, pcib_devclass, NULL, NULL); +EARLY_DRIVER_MODULE(pcib, pci, pcib_driver, pcib_devclass, NULL, NULL, + BUS_PASS_BUS); #if defined(NEW_PCIB) || defined(PCI_HP) SYSCTL_DECL(_hw_pci); diff --git a/sys/dev/sfxge/common/ef10_ev.c b/sys/dev/sfxge/common/ef10_ev.c index dc0b43e0f1b2..5cf5130d1fed 100644 --- a/sys/dev/sfxge/common/ef10_ev.c +++ b/sys/dev/sfxge/common/ef10_ev.c @@ -37,7 +37,7 @@ __FBSDID("$FreeBSD$"); #include "mcdi_mon.h" #endif -#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD +#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 #if EFSYS_OPT_QSTATS #define EFX_EV_QSTAT_INCR(_eep, _stat) \ @@ -100,11 +100,10 @@ efx_mcdi_set_evq_tmr( __in uint32_t timer_ns) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_SET_EVQ_TMR_IN_LEN, - MC_CMD_SET_EVQ_TMR_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_SET_EVQ_TMR_IN_LEN, + MC_CMD_SET_EVQ_TMR_OUT_LEN); efx_rc_t rc; - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_SET_EVQ_TMR; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_SET_EVQ_TMR_IN_LEN; @@ -150,9 +149,9 @@ efx_mcdi_init_evq( __in boolean_t low_latency) { efx_mcdi_req_t req; - uint8_t payload[ - MAX(MC_CMD_INIT_EVQ_IN_LEN(EFX_EVQ_NBUFS(EFX_EVQ_MAXNEVS)), - MC_CMD_INIT_EVQ_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, + MC_CMD_INIT_EVQ_IN_LEN(EFX_EVQ_NBUFS(EFX_EVQ_MAXNEVS)), + MC_CMD_INIT_EVQ_OUT_LEN); efx_qword_t *dma_addr; uint64_t addr; int npages; @@ -167,7 +166,6 @@ efx_mcdi_init_evq( goto fail1; } - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_INIT_EVQ; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_INIT_EVQ_IN_LEN(npages); @@ -287,9 +285,9 @@ efx_mcdi_init_evq_v2( __in uint32_t flags) { efx_mcdi_req_t req; - uint8_t payload[ - MAX(MC_CMD_INIT_EVQ_V2_IN_LEN(EFX_EVQ_NBUFS(EFX_EVQ_MAXNEVS)), - MC_CMD_INIT_EVQ_V2_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, + MC_CMD_INIT_EVQ_V2_IN_LEN(EFX_EVQ_NBUFS(EFX_EVQ_MAXNEVS)), + MC_CMD_INIT_EVQ_V2_OUT_LEN); boolean_t interrupting; unsigned int evq_type; efx_qword_t *dma_addr; @@ -304,7 +302,6 @@ efx_mcdi_init_evq_v2( goto fail1; } - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_INIT_EVQ; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_INIT_EVQ_V2_IN_LEN(npages); @@ -411,11 +408,10 @@ efx_mcdi_fini_evq( __in uint32_t instance) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_FINI_EVQ_IN_LEN, - MC_CMD_FINI_EVQ_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_FINI_EVQ_IN_LEN, + MC_CMD_FINI_EVQ_OUT_LEN); efx_rc_t rc; - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_FINI_EVQ; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_FINI_EVQ_IN_LEN; @@ -576,7 +572,8 @@ ef10_ev_qdestroy( efx_nic_t *enp = eep->ee_enp; EFSYS_ASSERT(enp->en_family == EFX_FAMILY_HUNTINGTON || - enp->en_family == EFX_FAMILY_MEDFORD); + enp->en_family == EFX_FAMILY_MEDFORD || + enp->en_family == EFX_FAMILY_MEDFORD2); (void) efx_mcdi_fini_evq(enp, eep->ee_index); } @@ -603,7 +600,7 @@ ef10_ev_qprime( EFE_DD_EVQ_IND_RPTR_FLAGS_HIGH, ERF_DD_EVQ_IND_RPTR, (rptr >> ERF_DD_EVQ_IND_RPTR_WIDTH)); - EFX_BAR_TBL_WRITED(enp, ER_DD_EVQ_INDIRECT, eep->ee_index, + EFX_BAR_VI_WRITED(enp, ER_DD_EVQ_INDIRECT, eep->ee_index, &dword, B_FALSE); EFX_POPULATE_DWORD_2(dword, @@ -611,11 +608,11 @@ ef10_ev_qprime( EFE_DD_EVQ_IND_RPTR_FLAGS_LOW, ERF_DD_EVQ_IND_RPTR, rptr & ((1 << ERF_DD_EVQ_IND_RPTR_WIDTH) - 1)); - EFX_BAR_TBL_WRITED(enp, ER_DD_EVQ_INDIRECT, eep->ee_index, + EFX_BAR_VI_WRITED(enp, ER_DD_EVQ_INDIRECT, eep->ee_index, &dword, B_FALSE); } else { EFX_POPULATE_DWORD_1(dword, ERF_DZ_EVQ_RPTR, rptr); - EFX_BAR_TBL_WRITED(enp, ER_DZ_EVQ_RPTR_REG, eep->ee_index, + EFX_BAR_VI_WRITED(enp, ER_DZ_EVQ_RPTR_REG, eep->ee_index, &dword, B_FALSE); } @@ -629,8 +626,8 @@ efx_mcdi_driver_event( __in efx_qword_t data) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_DRIVER_EVENT_IN_LEN, - MC_CMD_DRIVER_EVENT_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_DRIVER_EVENT_IN_LEN, + MC_CMD_DRIVER_EVENT_OUT_LEN); efx_rc_t rc; req.emr_cmd = MC_CMD_DRIVER_EVENT; @@ -728,13 +725,19 @@ ef10_ev_qmoderate( EFE_DD_EVQ_IND_TIMER_FLAGS, ERF_DD_EVQ_IND_TIMER_MODE, mode, ERF_DD_EVQ_IND_TIMER_VAL, ticks); - EFX_BAR_TBL_WRITED(enp, ER_DD_EVQ_INDIRECT, + EFX_BAR_VI_WRITED(enp, ER_DD_EVQ_INDIRECT, eep->ee_index, &dword, 0); } else { - EFX_POPULATE_DWORD_2(dword, + /* + * NOTE: The TMR_REL field introduced in Medford2 is + * ignored on earlier EF10 controllers. See bug66418 + * comment 9 for details. + */ + EFX_POPULATE_DWORD_3(dword, ERF_DZ_TC_TIMER_MODE, mode, - ERF_DZ_TC_TIMER_VAL, ticks); - EFX_BAR_TBL_WRITED(enp, ER_DZ_EVQ_TMR_REG, + ERF_DZ_TC_TIMER_VAL, ticks, + ERF_FZ_TC_TMR_REL_VAL, ticks); + EFX_BAR_VI_WRITED(enp, ER_DZ_EVQ_TMR_REG, eep->ee_index, &dword, 0); } } @@ -769,7 +772,7 @@ ef10_ev_qstats_update( } #endif /* EFSYS_OPT_QSTATS */ -#if EFSYS_OPT_RX_PACKED_STREAM +#if EFSYS_OPT_RX_PACKED_STREAM || EFSYS_OPT_RX_ES_SUPER_BUFFER static __checkReturn boolean_t ef10_ev_rx_packed_stream( @@ -808,14 +811,25 @@ ef10_ev_rx_packed_stream( if (new_buffer) { flags |= EFX_PKT_PACKED_STREAM_NEW_BUFFER; +#if EFSYS_OPT_RX_PACKED_STREAM + /* + * If both packed stream and equal stride super-buffer + * modes are compiled in, in theory credits should be + * be maintained for packed stream only, but right now + * these modes are not distinguished in the event queue + * Rx queue state and it is OK to increment the counter + * regardless (it might be event cheaper than branching + * since neighbour structure member are updated as well). + */ eersp->eers_rx_packed_stream_credits++; +#endif eersp->eers_rx_read_ptr++; } current_id = eersp->eers_rx_read_ptr & eersp->eers_rx_mask; /* Check for errors that invalidate checksum and L3/L4 fields */ - if (EFX_QWORD_FIELD(*eqp, ESF_DZ_RX_ECC_ERR) != 0) { - /* RX frame truncated (error flag is misnamed) */ + if (EFX_QWORD_FIELD(*eqp, ESF_DZ_RX_TRUNC_ERR) != 0) { + /* RX frame truncated */ EFX_EV_QSTAT_INCR(eep, EV_RX_FRM_TRUNC); flags |= EFX_DISCARD; goto deliver; @@ -850,7 +864,7 @@ deliver: return (should_abort); } -#endif /* EFSYS_OPT_RX_PACKED_STREAM */ +#endif /* EFSYS_OPT_RX_PACKED_STREAM || EFSYS_OPT_RX_ES_SUPER_BUFFER */ static __checkReturn boolean_t ef10_ev_rx( @@ -876,15 +890,16 @@ ef10_ev_rx( EFX_EV_QSTAT_INCR(eep, EV_RX); - /* Discard events after RXQ/TXQ errors */ - if (enp->en_reset_flags & (EFX_RESET_RXQ_ERR | EFX_RESET_TXQ_ERR)) + /* Discard events after RXQ/TXQ errors, or hardware not available */ + if (enp->en_reset_flags & + (EFX_RESET_RXQ_ERR | EFX_RESET_TXQ_ERR | EFX_RESET_HW_UNAVAIL)) return (B_FALSE); /* Basic packet information */ label = EFX_QWORD_FIELD(*eqp, ESF_DZ_RX_QLABEL); eersp = &eep->ee_rxq_state[label]; -#if EFSYS_OPT_RX_PACKED_STREAM +#if EFSYS_OPT_RX_PACKED_STREAM || EFSYS_OPT_RX_ES_SUPER_BUFFER /* * Packed stream events are very different, * so handle them separately @@ -894,12 +909,23 @@ ef10_ev_rx( #endif size = EFX_QWORD_FIELD(*eqp, ESF_DZ_RX_BYTES); + cont = EFX_QWORD_FIELD(*eqp, ESF_DZ_RX_CONT); next_read_lbits = EFX_QWORD_FIELD(*eqp, ESF_DZ_RX_DSC_PTR_LBITS); eth_tag_class = EFX_QWORD_FIELD(*eqp, ESF_DZ_RX_ETH_TAG_CLASS); mac_class = EFX_QWORD_FIELD(*eqp, ESF_DZ_RX_MAC_CLASS); l3_class = EFX_QWORD_FIELD(*eqp, ESF_DZ_RX_L3_CLASS); - l4_class = EFX_QWORD_FIELD(*eqp, ESF_DZ_RX_L4_CLASS); - cont = EFX_QWORD_FIELD(*eqp, ESF_DZ_RX_CONT); + + /* + * RX_L4_CLASS is 3 bits wide on Huntington and Medford, but is only + * 2 bits wide on Medford2. Check it is safe to use the Medford2 field + * and values for all EF10 controllers. + */ + EFX_STATIC_ASSERT(ESF_FZ_RX_L4_CLASS_LBN == ESF_DE_RX_L4_CLASS_LBN); + EFX_STATIC_ASSERT(ESE_FZ_L4_CLASS_TCP == ESE_DE_L4_CLASS_TCP); + EFX_STATIC_ASSERT(ESE_FZ_L4_CLASS_UDP == ESE_DE_L4_CLASS_UDP); + EFX_STATIC_ASSERT(ESE_FZ_L4_CLASS_UNKNOWN == ESE_DE_L4_CLASS_UNKNOWN); + + l4_class = EFX_QWORD_FIELD(*eqp, ESF_FZ_RX_L4_CLASS); if (EFX_QWORD_FIELD(*eqp, ESF_DZ_RX_DROP_EVENT) != 0) { /* Drop this event */ @@ -941,8 +967,8 @@ ef10_ev_rx( last_used_id = (eersp->eers_rx_read_ptr - 1) & eersp->eers_rx_mask; /* Check for errors that invalidate checksum and L3/L4 fields */ - if (EFX_QWORD_FIELD(*eqp, ESF_DZ_RX_ECC_ERR) != 0) { - /* RX frame truncated (error flag is misnamed) */ + if (EFX_QWORD_FIELD(*eqp, ESF_DZ_RX_TRUNC_ERR) != 0) { + /* RX frame truncated */ EFX_EV_QSTAT_INCR(eep, EV_RX_FRM_TRUNC); flags |= EFX_DISCARD; goto deliver; @@ -978,10 +1004,22 @@ ef10_ev_rx( flags |= EFX_CKSUM_IPV4; } - if (l4_class == ESE_DZ_L4_CLASS_TCP) { + /* + * RX_L4_CLASS is 3 bits wide on Huntington and Medford, but is + * only 2 bits wide on Medford2. Check it is safe to use the + * Medford2 field and values for all EF10 controllers. + */ + EFX_STATIC_ASSERT(ESF_FZ_RX_L4_CLASS_LBN == + ESF_DE_RX_L4_CLASS_LBN); + EFX_STATIC_ASSERT(ESE_FZ_L4_CLASS_TCP == ESE_DE_L4_CLASS_TCP); + EFX_STATIC_ASSERT(ESE_FZ_L4_CLASS_UDP == ESE_DE_L4_CLASS_UDP); + EFX_STATIC_ASSERT(ESE_FZ_L4_CLASS_UNKNOWN == + ESE_DE_L4_CLASS_UNKNOWN); + + if (l4_class == ESE_FZ_L4_CLASS_TCP) { EFX_EV_QSTAT_INCR(eep, EV_RX_TCP_IPV4); flags |= EFX_PKT_TCP; - } else if (l4_class == ESE_DZ_L4_CLASS_UDP) { + } else if (l4_class == ESE_FZ_L4_CLASS_UDP) { EFX_EV_QSTAT_INCR(eep, EV_RX_UDP_IPV4); flags |= EFX_PKT_UDP; } else { @@ -993,10 +1031,22 @@ ef10_ev_rx( case ESE_DZ_L3_CLASS_IP6_FRAG: flags |= EFX_PKT_IPV6; - if (l4_class == ESE_DZ_L4_CLASS_TCP) { + /* + * RX_L4_CLASS is 3 bits wide on Huntington and Medford, but is + * only 2 bits wide on Medford2. Check it is safe to use the + * Medford2 field and values for all EF10 controllers. + */ + EFX_STATIC_ASSERT(ESF_FZ_RX_L4_CLASS_LBN == + ESF_DE_RX_L4_CLASS_LBN); + EFX_STATIC_ASSERT(ESE_FZ_L4_CLASS_TCP == ESE_DE_L4_CLASS_TCP); + EFX_STATIC_ASSERT(ESE_FZ_L4_CLASS_UDP == ESE_DE_L4_CLASS_UDP); + EFX_STATIC_ASSERT(ESE_FZ_L4_CLASS_UNKNOWN == + ESE_DE_L4_CLASS_UNKNOWN); + + if (l4_class == ESE_FZ_L4_CLASS_TCP) { EFX_EV_QSTAT_INCR(eep, EV_RX_TCP_IPV6); flags |= EFX_PKT_TCP; - } else if (l4_class == ESE_DZ_L4_CLASS_UDP) { + } else if (l4_class == ESE_FZ_L4_CLASS_UDP) { EFX_EV_QSTAT_INCR(eep, EV_RX_UDP_IPV6); flags |= EFX_PKT_UDP; } else { @@ -1042,8 +1092,9 @@ ef10_ev_tx( EFX_EV_QSTAT_INCR(eep, EV_TX); - /* Discard events after RXQ/TXQ errors */ - if (enp->en_reset_flags & (EFX_RESET_RXQ_ERR | EFX_RESET_TXQ_ERR)) + /* Discard events after RXQ/TXQ errors, or hardware not available */ + if (enp->en_reset_flags & + (EFX_RESET_RXQ_ERR | EFX_RESET_TXQ_ERR | EFX_RESET_HW_UNAVAIL)) return (B_FALSE); if (EFX_QWORD_FIELD(*eqp, ESF_DZ_TX_DROP_EVENT) != 0) { @@ -1349,8 +1400,9 @@ ef10_ev_rxlabel_init( __in efx_rxq_type_t type) { efx_evq_rxq_state_t *eersp; -#if EFSYS_OPT_RX_PACKED_STREAM +#if EFSYS_OPT_RX_PACKED_STREAM || EFSYS_OPT_RX_ES_SUPER_BUFFER boolean_t packed_stream = (type == EFX_RXQ_TYPE_PACKED_STREAM); + boolean_t es_super_buffer = (type == EFX_RXQ_TYPE_ES_SUPER_BUFFER); #endif _NOTE(ARGUNUSED(type)) @@ -1372,9 +1424,11 @@ ef10_ev_rxlabel_init( eersp->eers_rx_read_ptr = 0; #endif eersp->eers_rx_mask = erp->er_mask; -#if EFSYS_OPT_RX_PACKED_STREAM +#if EFSYS_OPT_RX_PACKED_STREAM || EFSYS_OPT_RX_ES_SUPER_BUFFER eersp->eers_rx_stream_npackets = 0; - eersp->eers_rx_packed_stream = packed_stream; + eersp->eers_rx_packed_stream = packed_stream || es_super_buffer; +#endif +#if EFSYS_OPT_RX_PACKED_STREAM if (packed_stream) { eersp->eers_rx_packed_stream_credits = (eep->ee_mask + 1) / EFX_DIV_ROUND_UP(EFX_RX_PACKED_STREAM_MEM_PER_CREDIT, @@ -1408,11 +1462,13 @@ ef10_ev_rxlabel_fini( eersp->eers_rx_read_ptr = 0; eersp->eers_rx_mask = 0; -#if EFSYS_OPT_RX_PACKED_STREAM +#if EFSYS_OPT_RX_PACKED_STREAM || EFSYS_OPT_RX_ES_SUPER_BUFFER eersp->eers_rx_stream_npackets = 0; eersp->eers_rx_packed_stream = B_FALSE; +#endif +#if EFSYS_OPT_RX_PACKED_STREAM eersp->eers_rx_packed_stream_credits = 0; #endif } -#endif /* EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD */ +#endif /* EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 */ diff --git a/sys/dev/sfxge/common/ef10_filter.c b/sys/dev/sfxge/common/ef10_filter.c index c3e70940c438..f07f6568cb82 100644 --- a/sys/dev/sfxge/common/ef10_filter.c +++ b/sys/dev/sfxge/common/ef10_filter.c @@ -34,7 +34,7 @@ __FBSDID("$FreeBSD$"); #include "efx.h" #include "efx_impl.h" -#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD +#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 #if EFSYS_OPT_FILTER @@ -122,7 +122,8 @@ ef10_filter_init( ef10_filter_table_t *eftp; EFSYS_ASSERT(enp->en_family == EFX_FAMILY_HUNTINGTON || - enp->en_family == EFX_FAMILY_MEDFORD); + enp->en_family == EFX_FAMILY_MEDFORD || + enp->en_family == EFX_FAMILY_MEDFORD2); #define MATCH_MASK(match) (EFX_MASK32(match) << EFX_LOW_BIT(match)) EFX_STATIC_ASSERT(EFX_FILTER_MATCH_REM_HOST == @@ -145,6 +146,10 @@ ef10_filter_init( MATCH_MASK(MC_CMD_FILTER_OP_EXT_IN_MATCH_OUTER_VLAN)); EFX_STATIC_ASSERT(EFX_FILTER_MATCH_IP_PROTO == MATCH_MASK(MC_CMD_FILTER_OP_EXT_IN_MATCH_IP_PROTO)); + EFX_STATIC_ASSERT(EFX_FILTER_MATCH_VNI_OR_VSID == + MATCH_MASK(MC_CMD_FILTER_OP_EXT_IN_MATCH_VNI_OR_VSID)); + EFX_STATIC_ASSERT(EFX_FILTER_MATCH_IFRM_LOC_MAC == + MATCH_MASK(MC_CMD_FILTER_OP_EXT_IN_MATCH_IFRM_DST_MAC)); EFX_STATIC_ASSERT(EFX_FILTER_MATCH_IFRM_UNKNOWN_MCAST_DST == MATCH_MASK(MC_CMD_FILTER_OP_EXT_IN_MATCH_IFRM_UNKNOWN_MCAST_DST)); EFX_STATIC_ASSERT(EFX_FILTER_MATCH_IFRM_UNKNOWN_UCAST_DST == @@ -177,7 +182,8 @@ ef10_filter_fini( __in efx_nic_t *enp) { EFSYS_ASSERT(enp->en_family == EFX_FAMILY_HUNTINGTON || - enp->en_family == EFX_FAMILY_MEDFORD); + enp->en_family == EFX_FAMILY_MEDFORD || + enp->en_family == EFX_FAMILY_MEDFORD2); if (enp->en_filter.ef_ef10_filter_table != NULL) { EFSYS_KMEM_FREE(enp->en_esip, sizeof (ef10_filter_table_t), @@ -193,17 +199,23 @@ efx_mcdi_filter_op_add( __inout ef10_filter_handle_t *handle) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_FILTER_OP_EXT_IN_LEN, - MC_CMD_FILTER_OP_EXT_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_FILTER_OP_V3_IN_LEN, + MC_CMD_FILTER_OP_EXT_OUT_LEN); + efx_filter_match_flags_t match_flags; efx_rc_t rc; - memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_FILTER_OP; req.emr_in_buf = payload; - req.emr_in_length = MC_CMD_FILTER_OP_EXT_IN_LEN; + req.emr_in_length = MC_CMD_FILTER_OP_V3_IN_LEN; req.emr_out_buf = payload; req.emr_out_length = MC_CMD_FILTER_OP_EXT_OUT_LEN; + /* + * Remove match flag for encapsulated filters that does not correspond + * to the MCDI match flags + */ + match_flags = spec->efs_match_flags & ~EFX_FILTER_MATCH_ENCAP_TYPE; + switch (filter_op) { case MC_CMD_FILTER_OP_IN_OP_REPLACE: MCDI_IN_SET_DWORD(req, FILTER_OP_EXT_IN_HANDLE_LO, @@ -224,11 +236,16 @@ efx_mcdi_filter_op_add( MCDI_IN_SET_DWORD(req, FILTER_OP_EXT_IN_PORT_ID, EVB_PORT_ID_ASSIGNED); MCDI_IN_SET_DWORD(req, FILTER_OP_EXT_IN_MATCH_FIELDS, - spec->efs_match_flags); - MCDI_IN_SET_DWORD(req, FILTER_OP_EXT_IN_RX_DEST, - MC_CMD_FILTER_OP_EXT_IN_RX_DEST_HOST); - MCDI_IN_SET_DWORD(req, FILTER_OP_EXT_IN_RX_QUEUE, - spec->efs_dmaq_id); + match_flags); + if (spec->efs_dmaq_id == EFX_FILTER_SPEC_RX_DMAQ_ID_DROP) { + MCDI_IN_SET_DWORD(req, FILTER_OP_EXT_IN_RX_DEST, + MC_CMD_FILTER_OP_EXT_IN_RX_DEST_DROP); + } else { + MCDI_IN_SET_DWORD(req, FILTER_OP_EXT_IN_RX_DEST, + MC_CMD_FILTER_OP_EXT_IN_RX_DEST_HOST); + MCDI_IN_SET_DWORD(req, FILTER_OP_EXT_IN_RX_QUEUE, + spec->efs_dmaq_id); + } #if EFSYS_OPT_RX_SCALE if (spec->efs_flags & EFX_FILTER_FLAG_RX_RSS) { @@ -317,18 +334,45 @@ efx_mcdi_filter_op_add( rc = EINVAL; goto fail2; } + + memcpy(MCDI_IN2(req, uint8_t, FILTER_OP_EXT_IN_VNI_OR_VSID), + spec->efs_vni_or_vsid, EFX_VNI_OR_VSID_LEN); + + memcpy(MCDI_IN2(req, uint8_t, FILTER_OP_EXT_IN_IFRM_DST_MAC), + spec->efs_ifrm_loc_mac, EFX_MAC_ADDR_LEN); + } + + /* + * Set the "MARK" or "FLAG" action for all packets matching this filter + * if necessary (only useful with equal stride packed stream Rx mode + * which provide the information in pseudo-header). + * These actions require MC_CMD_FILTER_OP_V3_IN msgrequest. + */ + if ((spec->efs_flags & EFX_FILTER_FLAG_ACTION_MARK) && + (spec->efs_flags & EFX_FILTER_FLAG_ACTION_FLAG)) { + rc = EINVAL; + goto fail3; + } + if (spec->efs_flags & EFX_FILTER_FLAG_ACTION_MARK) { + MCDI_IN_SET_DWORD(req, FILTER_OP_V3_IN_MATCH_ACTION, + MC_CMD_FILTER_OP_V3_IN_MATCH_ACTION_MARK); + MCDI_IN_SET_DWORD(req, FILTER_OP_V3_IN_MATCH_MARK_VALUE, + spec->efs_mark); + } else if (spec->efs_flags & EFX_FILTER_FLAG_ACTION_FLAG) { + MCDI_IN_SET_DWORD(req, FILTER_OP_V3_IN_MATCH_ACTION, + MC_CMD_FILTER_OP_V3_IN_MATCH_ACTION_FLAG); } efx_mcdi_execute(enp, &req); if (req.emr_rc != 0) { rc = req.emr_rc; - goto fail3; + goto fail4; } if (req.emr_out_length_used < MC_CMD_FILTER_OP_EXT_OUT_LEN) { rc = EMSGSIZE; - goto fail4; + goto fail5; } handle->efh_lo = MCDI_OUT_DWORD(req, FILTER_OP_EXT_OUT_HANDLE_LO); @@ -336,6 +380,8 @@ efx_mcdi_filter_op_add( return (0); +fail5: + EFSYS_PROBE(fail5); fail4: EFSYS_PROBE(fail4); fail3: @@ -356,11 +402,10 @@ efx_mcdi_filter_op_delete( __inout ef10_filter_handle_t *handle) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_FILTER_OP_EXT_IN_LEN, - MC_CMD_FILTER_OP_EXT_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_FILTER_OP_EXT_IN_LEN, + MC_CMD_FILTER_OP_EXT_OUT_LEN); efx_rc_t rc; - memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_FILTER_OP; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_FILTER_OP_EXT_IN_LEN; @@ -440,6 +485,12 @@ ef10_filter_equal( return (B_FALSE); if (left->efs_encap_type != right->efs_encap_type) return (B_FALSE); + if (memcmp(left->efs_vni_or_vsid, right->efs_vni_or_vsid, + EFX_VNI_OR_VSID_LEN)) + return (B_FALSE); + if (memcmp(left->efs_ifrm_loc_mac, right->efs_ifrm_loc_mac, + EFX_MAC_ADDR_LEN)) + return (B_FALSE); return (B_TRUE); @@ -522,7 +573,8 @@ ef10_filter_restore( efx_rc_t rc; EFSYS_ASSERT(enp->en_family == EFX_FAMILY_HUNTINGTON || - enp->en_family == EFX_FAMILY_MEDFORD); + enp->en_family == EFX_FAMILY_MEDFORD || + enp->en_family == EFX_FAMILY_MEDFORD2); for (tbl_id = 0; tbl_id < EFX_EF10_FILTER_TBL_ROWS; tbl_id++) { @@ -597,7 +649,8 @@ ef10_filter_add_internal( boolean_t locked = B_FALSE; EFSYS_ASSERT(enp->en_family == EFX_FAMILY_HUNTINGTON || - enp->en_family == EFX_FAMILY_MEDFORD); + enp->en_family == EFX_FAMILY_MEDFORD || + enp->en_family == EFX_FAMILY_MEDFORD2); hash = ef10_filter_hash(spec); @@ -869,7 +922,8 @@ ef10_filter_delete( boolean_t locked = B_FALSE; EFSYS_ASSERT(enp->en_family == EFX_FAMILY_HUNTINGTON || - enp->en_family == EFX_FAMILY_MEDFORD); + enp->en_family == EFX_FAMILY_MEDFORD || + enp->en_family == EFX_FAMILY_MEDFORD2); hash = ef10_filter_hash(spec); @@ -917,23 +971,24 @@ efx_mcdi_get_parser_disp_info( __in efx_nic_t *enp, __out_ecount(buffer_length) uint32_t *buffer, __in size_t buffer_length, + __in boolean_t encap, __out size_t *list_lengthp) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_GET_PARSER_DISP_INFO_IN_LEN, - MC_CMD_GET_PARSER_DISP_INFO_OUT_LENMAX)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_GET_PARSER_DISP_INFO_IN_LEN, + MC_CMD_GET_PARSER_DISP_INFO_OUT_LENMAX); size_t matches_count; size_t list_size; efx_rc_t rc; - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_GET_PARSER_DISP_INFO; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_GET_PARSER_DISP_INFO_IN_LEN; req.emr_out_buf = payload; req.emr_out_length = MC_CMD_GET_PARSER_DISP_INFO_OUT_LENMAX; - MCDI_IN_SET_DWORD(req, GET_PARSER_DISP_INFO_OUT_OP, + MCDI_IN_SET_DWORD(req, GET_PARSER_DISP_INFO_OUT_OP, encap ? + MC_CMD_GET_PARSER_DISP_INFO_IN_OP_GET_SUPPORTED_ENCAP_RX_MATCHES : MC_CMD_GET_PARSER_DISP_INFO_IN_OP_GET_SUPPORTED_RX_MATCHES); efx_mcdi_execute(enp, &req); @@ -993,28 +1048,76 @@ ef10_filter_supported_filters( __in size_t buffer_length, __out size_t *list_lengthp) { - + efx_nic_cfg_t *encp = &(enp->en_nic_cfg); size_t mcdi_list_length; + size_t mcdi_encap_list_length; size_t list_length; uint32_t i; + uint32_t next_buf_idx; + size_t next_buf_length; efx_rc_t rc; + boolean_t no_space = B_FALSE; efx_filter_match_flags_t all_filter_flags = (EFX_FILTER_MATCH_REM_HOST | EFX_FILTER_MATCH_LOC_HOST | EFX_FILTER_MATCH_REM_MAC | EFX_FILTER_MATCH_REM_PORT | EFX_FILTER_MATCH_LOC_MAC | EFX_FILTER_MATCH_LOC_PORT | EFX_FILTER_MATCH_ETHER_TYPE | EFX_FILTER_MATCH_INNER_VID | EFX_FILTER_MATCH_OUTER_VID | EFX_FILTER_MATCH_IP_PROTO | + EFX_FILTER_MATCH_VNI_OR_VSID | + EFX_FILTER_MATCH_IFRM_LOC_MAC | + EFX_FILTER_MATCH_IFRM_UNKNOWN_MCAST_DST | + EFX_FILTER_MATCH_IFRM_UNKNOWN_UCAST_DST | + EFX_FILTER_MATCH_ENCAP_TYPE | EFX_FILTER_MATCH_UNKNOWN_MCAST_DST | EFX_FILTER_MATCH_UNKNOWN_UCAST_DST); - rc = efx_mcdi_get_parser_disp_info(enp, buffer, buffer_length, - &mcdi_list_length); + /* + * Two calls to MC_CMD_GET_PARSER_DISP_INFO are needed: one to get the + * list of supported filters for ordinary packets, and then another to + * get the list of supported filters for encapsulated packets. To + * distinguish the second list from the first, the + * EFX_FILTER_MATCH_ENCAP_TYPE flag is added to each filter for + * encapsulated packets. + */ + rc = efx_mcdi_get_parser_disp_info(enp, buffer, buffer_length, B_FALSE, + &mcdi_list_length); if (rc != 0) { - if (rc == ENOSPC) { - /* Pass through mcdi_list_length for the list length */ - *list_lengthp = mcdi_list_length; + if (rc == ENOSPC) + no_space = B_TRUE; + else + goto fail1; + } + + if (no_space) { + next_buf_idx = 0; + next_buf_length = 0; + } else { + EFSYS_ASSERT(mcdi_list_length <= buffer_length); + next_buf_idx = mcdi_list_length; + next_buf_length = buffer_length - mcdi_list_length; + } + + if (encp->enc_tunnel_encapsulations_supported != 0) { + rc = efx_mcdi_get_parser_disp_info(enp, &buffer[next_buf_idx], + next_buf_length, B_TRUE, &mcdi_encap_list_length); + if (rc != 0) { + if (rc == ENOSPC) + no_space = B_TRUE; + else + goto fail2; + } else { + for (i = next_buf_idx; + i < next_buf_idx + mcdi_encap_list_length; i++) + buffer[i] |= EFX_FILTER_MATCH_ENCAP_TYPE; } - goto fail1; + } else { + mcdi_encap_list_length = 0; + } + + if (no_space) { + *list_lengthp = mcdi_list_length + mcdi_encap_list_length; + rc = ENOSPC; + goto fail3; } /* @@ -1027,9 +1130,10 @@ ef10_filter_supported_filters( * of the matches is preserved as they are ordered from highest to * lowest priority. */ - EFSYS_ASSERT(mcdi_list_length <= buffer_length); + EFSYS_ASSERT(mcdi_list_length + mcdi_encap_list_length <= + buffer_length); list_length = 0; - for (i = 0; i < mcdi_list_length; i++) { + for (i = 0; i < mcdi_list_length + mcdi_encap_list_length; i++) { if ((buffer[i] & ~all_filter_flags) == 0) { buffer[list_length] = buffer[i]; list_length++; @@ -1040,6 +1144,10 @@ ef10_filter_supported_filters( return (0); +fail3: + EFSYS_PROBE(fail3); +fail2: + EFSYS_PROBE(fail2); fail1: EFSYS_PROBE1(fail1, efx_rc_t, rc); @@ -1060,12 +1168,15 @@ ef10_filter_insert_unicast( efx_filter_spec_init_rx(&spec, EFX_FILTER_PRI_AUTO, filter_flags, eftp->eft_default_rxq); - efx_filter_spec_set_eth_local(&spec, EFX_FILTER_SPEC_VID_UNSPEC, addr); + rc = efx_filter_spec_set_eth_local(&spec, EFX_FILTER_SPEC_VID_UNSPEC, + addr); + if (rc != 0) + goto fail1; rc = ef10_filter_add_internal(enp, &spec, B_TRUE, &eftp->eft_unicst_filter_indexes[eftp->eft_unicst_filter_count]); if (rc != 0) - goto fail1; + goto fail2; eftp->eft_unicst_filter_count++; EFSYS_ASSERT(eftp->eft_unicst_filter_count <= @@ -1073,6 +1184,8 @@ ef10_filter_insert_unicast( return (0); +fail2: + EFSYS_PROBE(fail2); fail1: EFSYS_PROBE1(fail1, efx_rc_t, rc); return (rc); @@ -1091,11 +1204,13 @@ ef10_filter_insert_all_unicast( efx_filter_spec_init_rx(&spec, EFX_FILTER_PRI_AUTO, filter_flags, eftp->eft_default_rxq); - efx_filter_spec_set_uc_def(&spec); + rc = efx_filter_spec_set_uc_def(&spec); + if (rc != 0) + goto fail1; rc = ef10_filter_add_internal(enp, &spec, B_TRUE, &eftp->eft_unicst_filter_indexes[eftp->eft_unicst_filter_count]); if (rc != 0) - goto fail1; + goto fail2; eftp->eft_unicst_filter_count++; EFSYS_ASSERT(eftp->eft_unicst_filter_count <= @@ -1103,6 +1218,8 @@ ef10_filter_insert_all_unicast( return (0); +fail2: + EFSYS_PROBE(fail2); fail1: EFSYS_PROBE1(fail1, efx_rc_t, rc); return (rc); @@ -1144,9 +1261,21 @@ ef10_filter_insert_multicast_list( filter_flags, eftp->eft_default_rxq); - efx_filter_spec_set_eth_local(&spec, + rc = efx_filter_spec_set_eth_local(&spec, EFX_FILTER_SPEC_VID_UNSPEC, &addrs[i * EFX_MAC_ADDR_LEN]); + if (rc != 0) { + if (rollback == B_TRUE) { + /* Only stop upon failure if told to rollback */ + goto rollback; + } else { + /* + * Don't try to add a filter with a corrupt + * specification. + */ + continue; + } + } rc = ef10_filter_add_internal(enp, &spec, B_TRUE, &filter_index); @@ -1169,8 +1298,12 @@ ef10_filter_insert_multicast_list( eftp->eft_default_rxq); EFX_MAC_BROADCAST_ADDR_SET(addr); - efx_filter_spec_set_eth_local(&spec, EFX_FILTER_SPEC_VID_UNSPEC, - addr); + rc = efx_filter_spec_set_eth_local(&spec, + EFX_FILTER_SPEC_VID_UNSPEC, addr); + if ((rc != 0) && (rollback == B_TRUE)) { + /* Only stop upon failure if told to rollback */ + goto rollback; + } rc = ef10_filter_add_internal(enp, &spec, B_TRUE, &filter_index); @@ -1218,12 +1351,14 @@ ef10_filter_insert_all_multicast( efx_filter_spec_init_rx(&spec, EFX_FILTER_PRI_AUTO, filter_flags, eftp->eft_default_rxq); - efx_filter_spec_set_mc_def(&spec); + rc = efx_filter_spec_set_mc_def(&spec); + if (rc != 0) + goto fail1; rc = ef10_filter_add_internal(enp, &spec, B_TRUE, &eftp->eft_mulcst_filter_indexes[0]); if (rc != 0) - goto fail1; + goto fail2; eftp->eft_mulcst_filter_count = 1; eftp->eft_using_all_mulcst = B_TRUE; @@ -1234,6 +1369,8 @@ ef10_filter_insert_all_multicast( return (0); +fail2: + EFSYS_PROBE(fail2); fail1: EFSYS_PROBE1(fail1, efx_rc_t, rc); @@ -1468,7 +1605,7 @@ ef10_filter_reconfigure( /* * Insert or renew unicast filters. * - * Frimware does not perform chaining on unicast filters. As traffic is + * Firmware does not perform chaining on unicast filters. As traffic is * therefore only delivered to the first matching filter, we should * always insert the specific filter for our MAC address, to try and * ensure we get that traffic. @@ -1663,4 +1800,4 @@ ef10_filter_default_rxq_clear( #endif /* EFSYS_OPT_FILTER */ -#endif /* EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD */ +#endif /* EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 */ diff --git a/sys/dev/sfxge/common/ef10_image.c b/sys/dev/sfxge/common/ef10_image.c new file mode 100644 index 000000000000..5fbd6e2d1b35 --- /dev/null +++ b/sys/dev/sfxge/common/ef10_image.c @@ -0,0 +1,915 @@ +/*- + * SPDX-License-Identifier: BSD-2-Clause-FreeBSD + * + * Copyright (c) 2017-2018 Solarflare Communications Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR + * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; + * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, + * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + * The views and conclusions contained in the software and documentation are + * those of the authors and should not be interpreted as representing official + * policies, either expressed or implied, of the FreeBSD Project. + */ + +#include <sys/cdefs.h> +__FBSDID("$FreeBSD$"); + +#include "efx.h" +#include "efx_impl.h" + +#if EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 + +#if EFSYS_OPT_IMAGE_LAYOUT + +/* + * Utility routines to support limited parsing of ASN.1 tags. This is not a + * general purpose ASN.1 parser, but is sufficient to locate the required + * objects in a signed image with CMS headers. + */ + +/* DER encodings for ASN.1 tags (see ITU-T X.690) */ +#define ASN1_TAG_INTEGER (0x02) +#define ASN1_TAG_OCTET_STRING (0x04) +#define ASN1_TAG_OBJ_ID (0x06) +#define ASN1_TAG_SEQUENCE (0x30) +#define ASN1_TAG_SET (0x31) + +#define ASN1_TAG_IS_PRIM(tag) ((tag & 0x20) == 0) + +#define ASN1_TAG_PRIM_CONTEXT(n) (0x80 + (n)) +#define ASN1_TAG_CONS_CONTEXT(n) (0xA0 + (n)) + +typedef struct efx_asn1_cursor_s { + uint8_t *buffer; + uint32_t length; + + uint8_t tag; + uint32_t hdr_size; + uint32_t val_size; +} efx_asn1_cursor_t; + + +/* Parse header of DER encoded ASN.1 TLV and match tag */ +static __checkReturn efx_rc_t +efx_asn1_parse_header_match_tag( + __inout efx_asn1_cursor_t *cursor, + __in uint8_t tag) +{ + efx_rc_t rc; + + if (cursor == NULL || cursor->buffer == NULL || cursor->length < 2) { + rc = EINVAL; + goto fail1; + } + + cursor->tag = cursor->buffer[0]; + if (cursor->tag != tag) { + /* Tag not matched */ + rc = ENOENT; + goto fail2; + } + + if ((cursor->tag & 0x1F) == 0x1F) { + /* Long tag format not used in CMS syntax */ + rc = EINVAL; + goto fail3; + } + + if ((cursor->buffer[1] & 0x80) == 0) { + /* Short form: length is 0..127 */ + cursor->hdr_size = 2; + cursor->val_size = cursor->buffer[1]; + } else { + /* Long form: length encoded as [0x80+nbytes][length bytes] */ + uint32_t nbytes = cursor->buffer[1] & 0x7F; + uint32_t offset; + + if (nbytes == 0) { + /* Indefinite length not allowed in DER encoding */ + rc = EINVAL; + goto fail4; + } + if (2 + nbytes > cursor->length) { + /* Header length overflows image buffer */ + rc = EINVAL; + goto fail6; + } + if (nbytes > sizeof (uint32_t)) { + /* Length encoding too big */ + rc = E2BIG; + goto fail5; + } + cursor->hdr_size = 2 + nbytes; + cursor->val_size = 0; + for (offset = 2; offset < cursor->hdr_size; offset++) { + cursor->val_size = + (cursor->val_size << 8) | cursor->buffer[offset]; + } + } + + if ((cursor->hdr_size + cursor->val_size) > cursor->length) { + /* Length overflows image buffer */ + rc = E2BIG; + goto fail7; + } + + return (0); + +fail7: + EFSYS_PROBE(fail7); +fail6: + EFSYS_PROBE(fail6); +fail5: + EFSYS_PROBE(fail5); +fail4: + EFSYS_PROBE(fail4); +fail3: + EFSYS_PROBE(fail3); +fail2: + EFSYS_PROBE(fail2); +fail1: + EFSYS_PROBE1(fail1, efx_rc_t, rc); + + return (rc); +} + +/* Enter nested ASN.1 TLV (contained in value of current TLV) */ +static __checkReturn efx_rc_t +efx_asn1_enter_tag( + __inout efx_asn1_cursor_t *cursor, + __in uint8_t tag) +{ + efx_rc_t rc; + + if (cursor == NULL) { + rc = EINVAL; + goto fail1; + } + + if (ASN1_TAG_IS_PRIM(tag)) { + /* Cannot enter a primitive tag */ + rc = ENOTSUP; + goto fail2; + } + rc = efx_asn1_parse_header_match_tag(cursor, tag); + if (rc != 0) { + /* Invalid TLV or wrong tag */ + goto fail3; + } + + /* Limit cursor range to nested TLV */ + cursor->buffer += cursor->hdr_size; + cursor->length = cursor->val_size; + + return (0); + +fail3: + EFSYS_PROBE(fail3); +fail2: + EFSYS_PROBE(fail2); +fail1: + EFSYS_PROBE1(fail1, efx_rc_t, rc); + + return (rc); +} + +/* + * Check that the current ASN.1 TLV matches the given tag and value. + * Advance cursor to next TLV on a successful match. + */ +static __checkReturn efx_rc_t +efx_asn1_match_tag_value( + __inout efx_asn1_cursor_t *cursor, + __in uint8_t tag, + __in const void *valp, + __in uint32_t val_size) +{ + efx_rc_t rc; + + if (cursor == NULL) { + rc = EINVAL; + goto fail1; + } + rc = efx_asn1_parse_header_match_tag(cursor, tag); + if (rc != 0) { + /* Invalid TLV or wrong tag */ + goto fail2; + } + if (cursor->val_size != val_size) { + /* Value size is different */ + rc = EINVAL; + goto fail3; + } + if (memcmp(cursor->buffer + cursor->hdr_size, valp, val_size) != 0) { + /* Value content is different */ + rc = EINVAL; + goto fail4; + } + cursor->buffer += cursor->hdr_size + cursor->val_size; + cursor->length -= cursor->hdr_size + cursor->val_size; + + return (0); + +fail4: + EFSYS_PROBE(fail4); +fail3: + EFSYS_PROBE(fail3); +fail2: + EFSYS_PROBE(fail2); +fail1: + EFSYS_PROBE1(fail1, efx_rc_t, rc); + + return (rc); +} + +/* Advance cursor to next TLV */ +static __checkReturn efx_rc_t +efx_asn1_skip_tag( + __inout efx_asn1_cursor_t *cursor, + __in uint8_t tag) +{ + efx_rc_t rc; + + if (cursor == NULL) { + rc = EINVAL; + goto fail1; + } + + rc = efx_asn1_parse_header_match_tag(cursor, tag); + if (rc != 0) { + /* Invalid TLV or wrong tag */ + goto fail2; + } + cursor->buffer += cursor->hdr_size + cursor->val_size; + cursor->length -= cursor->hdr_size + cursor->val_size; + + return (0); + +fail2: + EFSYS_PROBE(fail2); +fail1: + EFSYS_PROBE1(fail1, efx_rc_t, rc); + + return (rc); +} + +/* Return pointer to value octets and value size from current TLV */ +static __checkReturn efx_rc_t +efx_asn1_get_tag_value( + __inout efx_asn1_cursor_t *cursor, + __in uint8_t tag, + __out uint8_t **valp, + __out uint32_t *val_sizep) +{ + efx_rc_t rc; + + if (cursor == NULL || valp == NULL || val_sizep == NULL) { + rc = EINVAL; + goto fail1; + } + + rc = efx_asn1_parse_header_match_tag(cursor, tag); + if (rc != 0) { + /* Invalid TLV or wrong tag */ + goto fail2; + } + *valp = cursor->buffer + cursor->hdr_size; + *val_sizep = cursor->val_size; + + return (0); + +fail2: + EFSYS_PROBE(fail2); +fail1: + EFSYS_PROBE1(fail1, efx_rc_t, rc); + + return (rc); +} + + +/* + * Utility routines for parsing CMS headers (see RFC2315, PKCS#7) + */ + +/* OID 1.2.840.113549.1.7.2 */ +static const uint8_t PKCS7_SignedData[] = +{ 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x02 }; + +/* OID 1.2.840.113549.1.7.1 */ +static const uint8_t PKCS7_Data[] = +{ 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x01 }; + +/* SignedData structure version */ +static const uint8_t SignedData_Version[] = +{ 0x03 }; + +/* + * Check for a valid image in signed image format. This uses CMS syntax + * (see RFC2315, PKCS#7) to provide signatures, and certificates required + * to validate the signatures. The encapsulated content is in unsigned image + * format (reflash header, image code, trailer checksum). + */ +static __checkReturn efx_rc_t +efx_check_signed_image_header( + __in void *bufferp, + __in uint32_t buffer_size, + __out uint32_t *content_offsetp, + __out uint32_t *content_lengthp) +{ + efx_asn1_cursor_t cursor; + uint8_t *valp; + uint32_t val_size; + efx_rc_t rc; + + if (content_offsetp == NULL || content_lengthp == NULL) { + rc = EINVAL; + goto fail1; + } + cursor.buffer = (uint8_t *)bufferp; + cursor.length = buffer_size; + + /* ContextInfo */ + rc = efx_asn1_enter_tag(&cursor, ASN1_TAG_SEQUENCE); + if (rc != 0) + goto fail2; + + /* ContextInfo.contentType */ + rc = efx_asn1_match_tag_value(&cursor, ASN1_TAG_OBJ_ID, + PKCS7_SignedData, sizeof (PKCS7_SignedData)); + if (rc != 0) + goto fail3; + + /* ContextInfo.content */ + rc = efx_asn1_enter_tag(&cursor, ASN1_TAG_CONS_CONTEXT(0)); + if (rc != 0) + goto fail4; + + /* SignedData */ + rc = efx_asn1_enter_tag(&cursor, ASN1_TAG_SEQUENCE); + if (rc != 0) + goto fail5; + + /* SignedData.version */ + rc = efx_asn1_match_tag_value(&cursor, ASN1_TAG_INTEGER, + SignedData_Version, sizeof (SignedData_Version)); + if (rc != 0) + goto fail6; + + /* SignedData.digestAlgorithms */ + rc = efx_asn1_skip_tag(&cursor, ASN1_TAG_SET); + if (rc != 0) + goto fail7; + + /* SignedData.encapContentInfo */ + rc = efx_asn1_enter_tag(&cursor, ASN1_TAG_SEQUENCE); + if (rc != 0) + goto fail8; + + /* SignedData.encapContentInfo.econtentType */ + rc = efx_asn1_match_tag_value(&cursor, ASN1_TAG_OBJ_ID, + PKCS7_Data, sizeof (PKCS7_Data)); + if (rc != 0) + goto fail9; + + /* SignedData.encapContentInfo.econtent */ + rc = efx_asn1_enter_tag(&cursor, ASN1_TAG_CONS_CONTEXT(0)); + if (rc != 0) + goto fail10; + + /* + * The octet string contains the image header, image code bytes and + * image trailer CRC (same as unsigned image layout). + */ + valp = NULL; + val_size = 0; + rc = efx_asn1_get_tag_value(&cursor, ASN1_TAG_OCTET_STRING, + &valp, &val_size); + if (rc != 0) + goto fail11; + + if ((valp == NULL) || (val_size == 0)) { + rc = EINVAL; + goto fail12; + } + if (valp < (uint8_t *)bufferp) { + rc = EINVAL; + goto fail13; + } + if ((valp + val_size) > ((uint8_t *)bufferp + buffer_size)) { + rc = EINVAL; + goto fail14; + } + + *content_offsetp = (uint32_t)(valp - (uint8_t *)bufferp); + *content_lengthp = val_size; + + return (0); + +fail14: + EFSYS_PROBE(fail14); +fail13: + EFSYS_PROBE(fail13); +fail12: + EFSYS_PROBE(fail12); +fail11: + EFSYS_PROBE(fail11); +fail10: + EFSYS_PROBE(fail10); +fail9: + EFSYS_PROBE(fail9); +fail8: + EFSYS_PROBE(fail8); +fail7: + EFSYS_PROBE(fail7); +fail6: + EFSYS_PROBE(fail6); +fail5: + EFSYS_PROBE(fail5); +fail4: + EFSYS_PROBE(fail4); +fail3: + EFSYS_PROBE(fail3); +fail2: + EFSYS_PROBE(fail2); +fail1: + EFSYS_PROBE1(fail1, efx_rc_t, rc); + + return (rc); +} + +static __checkReturn efx_rc_t +efx_check_unsigned_image( + __in void *bufferp, + __in uint32_t buffer_size) +{ + efx_image_header_t *header; + efx_image_trailer_t *trailer; + uint32_t crc; + efx_rc_t rc; + + EFX_STATIC_ASSERT(sizeof (*header) == EFX_IMAGE_HEADER_SIZE); + EFX_STATIC_ASSERT(sizeof (*trailer) == EFX_IMAGE_TRAILER_SIZE); + + /* Must have at least enough space for required image header fields */ + if (buffer_size < (EFX_FIELD_OFFSET(efx_image_header_t, eih_size) + + sizeof (header->eih_size))) { + rc = ENOSPC; + goto fail1; + } + header = (efx_image_header_t *)bufferp; + + if (header->eih_magic != EFX_IMAGE_HEADER_MAGIC) { + rc = EINVAL; + goto fail2; + } + + /* + * Check image header version is same or higher than lowest required + * version. + */ + if (header->eih_version < EFX_IMAGE_HEADER_VERSION) { + rc = EINVAL; + goto fail3; + } + + /* Buffer must have space for image header, code and image trailer. */ + if (buffer_size < (header->eih_size + header->eih_code_size + + EFX_IMAGE_TRAILER_SIZE)) { + rc = ENOSPC; + goto fail4; + } + + /* Check CRC from image buffer matches computed CRC. */ + trailer = (efx_image_trailer_t *)((uint8_t *)header + + header->eih_size + header->eih_code_size); + + crc = efx_crc32_calculate(0, (uint8_t *)header, + (header->eih_size + header->eih_code_size)); + + if (trailer->eit_crc != crc) { + rc = EINVAL; + goto fail5; + } + + return (0); + +fail5: + EFSYS_PROBE(fail5); +fail4: + EFSYS_PROBE(fail4); +fail3: + EFSYS_PROBE(fail3); +fail2: + EFSYS_PROBE(fail2); +fail1: + EFSYS_PROBE1(fail1, efx_rc_t, rc); + + return (rc); +} + + __checkReturn efx_rc_t +efx_check_reflash_image( + __in void *bufferp, + __in uint32_t buffer_size, + __out efx_image_info_t *infop) +{ + efx_image_format_t format = EFX_IMAGE_FORMAT_NO_IMAGE; + uint32_t image_offset; + uint32_t image_size; + void *imagep; + efx_rc_t rc; + + + EFSYS_ASSERT(infop != NULL); + if (infop == NULL) { + rc = EINVAL; + goto fail1; + } + memset(infop, 0, sizeof (*infop)); + + if (bufferp == NULL || buffer_size == 0) { + rc = EINVAL; + goto fail2; + } + + /* + * Check if the buffer contains an image in signed format, and if so, + * locate the image header. + */ + rc = efx_check_signed_image_header(bufferp, buffer_size, + &image_offset, &image_size); + if (rc == 0) { + /* + * Buffer holds signed image format. Check that the encapsulated + * content is in unsigned image format. + */ + format = EFX_IMAGE_FORMAT_SIGNED; + } else { + /* Check if the buffer holds image in unsigned image format */ + format = EFX_IMAGE_FORMAT_UNSIGNED; + image_offset = 0; + image_size = buffer_size; + } + if (image_offset + image_size > buffer_size) { + rc = E2BIG; + goto fail3; + } + imagep = (uint8_t *)bufferp + image_offset; + + /* Check unsigned image layout (image header, code, image trailer) */ + rc = efx_check_unsigned_image(imagep, image_size); + if (rc != 0) + goto fail4; + + /* Return image details */ + infop->eii_format = format; + infop->eii_imagep = bufferp; + infop->eii_image_size = buffer_size; + infop->eii_headerp = (efx_image_header_t *)imagep; + + return (0); + +fail4: + EFSYS_PROBE(fail4); +fail3: + EFSYS_PROBE(fail3); +fail2: + EFSYS_PROBE(fail2); + infop->eii_format = EFX_IMAGE_FORMAT_INVALID; + infop->eii_imagep = NULL; + infop->eii_image_size = 0; + +fail1: + EFSYS_PROBE1(fail1, efx_rc_t, rc); + + return (rc); +} + + __checkReturn efx_rc_t +efx_build_signed_image_write_buffer( + __out_bcount(buffer_size) + uint8_t *bufferp, + __in uint32_t buffer_size, + __in efx_image_info_t *infop, + __out efx_image_header_t **headerpp) +{ + signed_image_chunk_hdr_t chunk_hdr; + uint32_t hdr_offset; + struct { + uint32_t offset; + uint32_t size; + } cms_header, image_header, code, image_trailer, signature; + efx_rc_t rc; + + EFSYS_ASSERT((infop != NULL) && (headerpp != NULL)); + + if ((bufferp == NULL) || (buffer_size == 0) || + (infop == NULL) || (headerpp == NULL)) { + /* Invalid arguments */ + rc = EINVAL; + goto fail1; + } + if ((infop->eii_format != EFX_IMAGE_FORMAT_SIGNED) || + (infop->eii_imagep == NULL) || + (infop->eii_headerp == NULL) || + ((uint8_t *)infop->eii_headerp < (uint8_t *)infop->eii_imagep) || + (infop->eii_image_size < EFX_IMAGE_HEADER_SIZE) || + ((size_t)((uint8_t *)infop->eii_headerp - infop->eii_imagep) > + (infop->eii_image_size - EFX_IMAGE_HEADER_SIZE))) { + /* Invalid image info */ + rc = EINVAL; + goto fail2; + } + + /* Locate image chunks in original signed image */ + cms_header.offset = 0; + cms_header.size = + (uint32_t)((uint8_t *)infop->eii_headerp - infop->eii_imagep); + if ((cms_header.size > buffer_size) || + (cms_header.offset > (buffer_size - cms_header.size))) { + rc = EINVAL; + goto fail3; + } + + image_header.offset = cms_header.offset + cms_header.size; + image_header.size = infop->eii_headerp->eih_size; + if ((image_header.size > buffer_size) || + (image_header.offset > (buffer_size - image_header.size))) { + rc = EINVAL; + goto fail4; + } + + code.offset = image_header.offset + image_header.size; + code.size = infop->eii_headerp->eih_code_size; + if ((code.size > buffer_size) || + (code.offset > (buffer_size - code.size))) { + rc = EINVAL; + goto fail5; + } + + image_trailer.offset = code.offset + code.size; + image_trailer.size = EFX_IMAGE_TRAILER_SIZE; + if ((image_trailer.size > buffer_size) || + (image_trailer.offset > (buffer_size - image_trailer.size))) { + rc = EINVAL; + goto fail6; + } + + signature.offset = image_trailer.offset + image_trailer.size; + signature.size = (uint32_t)(infop->eii_image_size - signature.offset); + if ((signature.size > buffer_size) || + (signature.offset > (buffer_size - signature.size))) { + rc = EINVAL; + goto fail7; + } + + EFSYS_ASSERT3U(infop->eii_image_size, ==, cms_header.size + + image_header.size + code.size + image_trailer.size + + signature.size); + + /* BEGIN CSTYLED */ + /* + * Build signed image partition, inserting chunk headers. + * + * Signed Image: Image in NVRAM partition: + * + * +-----------------+ +-----------------+ + * | CMS header | | mcfw.update |<----+ + * +-----------------+ | | | + * | reflash header | +-----------------+ | + * +-----------------+ | chunk header: |-->--|-+ + * | mcfw.update | | REFLASH_TRAILER | | | + * | | +-----------------+ | | + * +-----------------+ +-->| CMS header | | | + * | reflash trailer | | +-----------------+ | | + * +-----------------+ | | chunk header: |->-+ | | + * | signature | | | REFLASH_HEADER | | | | + * +-----------------+ | +-----------------+ | | | + * | | reflash header |<--+ | | + * | +-----------------+ | | + * | | chunk header: |-->--+ | + * | | IMAGE | | + * | +-----------------+ | + * | | reflash trailer |<------+ + * | +-----------------+ + * | | chunk header: | + * | | SIGNATURE |->-+ + * | +-----------------+ | + * | | signature |<--+ + * | +-----------------+ + * | | ...unused... | + * | +-----------------+ + * +-<-| chunk header: | + * >-->| CMS_HEADER | + * +-----------------+ + * + * Each chunk header gives the partition offset and length of the image + * chunk's data. The image chunk data is immediately followed by the + * chunk header for the next chunk. + * + * The data chunk for the firmware code must be at the start of the + * partition (needed for the bootloader). The first chunk header in the + * chain (for the CMS header) is stored at the end of the partition. The + * chain of chunk headers maintains the same logical order of image + * chunks as the original signed image file. This set of constraints + * results in the layout used for the data chunks and chunk headers. + */ + /* END CSTYLED */ + memset(bufferp, 0xFF, buffer_size); + + EFX_STATIC_ASSERT(sizeof (chunk_hdr) == SIGNED_IMAGE_CHUNK_HDR_LEN); + memset(&chunk_hdr, 0, SIGNED_IMAGE_CHUNK_HDR_LEN); + + /* + * CMS header + */ + if (buffer_size < SIGNED_IMAGE_CHUNK_HDR_LEN) { + rc = ENOSPC; + goto fail8; + } + hdr_offset = buffer_size - SIGNED_IMAGE_CHUNK_HDR_LEN; + + chunk_hdr.magic = SIGNED_IMAGE_CHUNK_HDR_MAGIC; + chunk_hdr.version = SIGNED_IMAGE_CHUNK_HDR_VERSION; + chunk_hdr.id = SIGNED_IMAGE_CHUNK_CMS_HEADER; + chunk_hdr.offset = code.size + SIGNED_IMAGE_CHUNK_HDR_LEN; + chunk_hdr.len = cms_header.size; + + memcpy(bufferp + hdr_offset, &chunk_hdr, sizeof (chunk_hdr)); + + if ((chunk_hdr.len > buffer_size) || + (chunk_hdr.offset > (buffer_size - chunk_hdr.len))) { + rc = ENOSPC; + goto fail9; + } + memcpy(bufferp + chunk_hdr.offset, + infop->eii_imagep + cms_header.offset, + cms_header.size); + + /* + * Image header + */ + hdr_offset = chunk_hdr.offset + chunk_hdr.len; + if (hdr_offset > (buffer_size - SIGNED_IMAGE_CHUNK_HDR_LEN)) { + rc = ENOSPC; + goto fail10; + } + chunk_hdr.magic = SIGNED_IMAGE_CHUNK_HDR_MAGIC; + chunk_hdr.version = SIGNED_IMAGE_CHUNK_HDR_VERSION; + chunk_hdr.id = SIGNED_IMAGE_CHUNK_REFLASH_HEADER; + chunk_hdr.offset = hdr_offset + SIGNED_IMAGE_CHUNK_HDR_LEN; + chunk_hdr.len = image_header.size; + + memcpy(bufferp + hdr_offset, &chunk_hdr, SIGNED_IMAGE_CHUNK_HDR_LEN); + + if ((chunk_hdr.len > buffer_size) || + (chunk_hdr.offset > (buffer_size - chunk_hdr.len))) { + rc = ENOSPC; + goto fail11; + } + memcpy(bufferp + chunk_hdr.offset, + infop->eii_imagep + image_header.offset, + image_header.size); + + *headerpp = (efx_image_header_t *)(bufferp + chunk_hdr.offset); + + /* + * Firmware code + */ + hdr_offset = chunk_hdr.offset + chunk_hdr.len; + if (hdr_offset > (buffer_size - SIGNED_IMAGE_CHUNK_HDR_LEN)) { + rc = ENOSPC; + goto fail12; + } + chunk_hdr.magic = SIGNED_IMAGE_CHUNK_HDR_MAGIC; + chunk_hdr.version = SIGNED_IMAGE_CHUNK_HDR_VERSION; + chunk_hdr.id = SIGNED_IMAGE_CHUNK_IMAGE; + chunk_hdr.offset = 0; + chunk_hdr.len = code.size; + + memcpy(bufferp + hdr_offset, &chunk_hdr, SIGNED_IMAGE_CHUNK_HDR_LEN); + + if ((chunk_hdr.len > buffer_size) || + (chunk_hdr.offset > (buffer_size - chunk_hdr.len))) { + rc = ENOSPC; + goto fail13; + } + memcpy(bufferp + chunk_hdr.offset, + infop->eii_imagep + code.offset, + code.size); + + /* + * Image trailer (CRC) + */ + chunk_hdr.magic = SIGNED_IMAGE_CHUNK_HDR_MAGIC; + chunk_hdr.version = SIGNED_IMAGE_CHUNK_HDR_VERSION; + chunk_hdr.id = SIGNED_IMAGE_CHUNK_REFLASH_TRAILER; + chunk_hdr.offset = hdr_offset + SIGNED_IMAGE_CHUNK_HDR_LEN; + chunk_hdr.len = image_trailer.size; + + hdr_offset = code.size; + if (hdr_offset > (buffer_size - SIGNED_IMAGE_CHUNK_HDR_LEN)) { + rc = ENOSPC; + goto fail14; + } + + memcpy(bufferp + hdr_offset, &chunk_hdr, SIGNED_IMAGE_CHUNK_HDR_LEN); + + if ((chunk_hdr.len > buffer_size) || + (chunk_hdr.offset > (buffer_size - chunk_hdr.len))) { + rc = ENOSPC; + goto fail15; + } + memcpy((uint8_t *)bufferp + chunk_hdr.offset, + infop->eii_imagep + image_trailer.offset, + image_trailer.size); + + /* + * Signature + */ + hdr_offset = chunk_hdr.offset + chunk_hdr.len; + if (hdr_offset > (buffer_size - SIGNED_IMAGE_CHUNK_HDR_LEN)) { + rc = ENOSPC; + goto fail16; + } + chunk_hdr.magic = SIGNED_IMAGE_CHUNK_HDR_MAGIC; + chunk_hdr.version = SIGNED_IMAGE_CHUNK_HDR_VERSION; + chunk_hdr.id = SIGNED_IMAGE_CHUNK_SIGNATURE; + chunk_hdr.offset = chunk_hdr.offset + SIGNED_IMAGE_CHUNK_HDR_LEN; + chunk_hdr.len = signature.size; + + memcpy(bufferp + hdr_offset, &chunk_hdr, SIGNED_IMAGE_CHUNK_HDR_LEN); + + if ((chunk_hdr.len > buffer_size) || + (chunk_hdr.offset > (buffer_size - chunk_hdr.len))) { + rc = ENOSPC; + goto fail17; + } + memcpy(bufferp + chunk_hdr.offset, + infop->eii_imagep + signature.offset, + signature.size); + + return (0); + +fail17: + EFSYS_PROBE(fail17); +fail16: + EFSYS_PROBE(fail16); +fail15: + EFSYS_PROBE(fail15); +fail14: + EFSYS_PROBE(fail14); +fail13: + EFSYS_PROBE(fail13); +fail12: + EFSYS_PROBE(fail12); +fail11: + EFSYS_PROBE(fail11); +fail10: + EFSYS_PROBE(fail10); +fail9: + EFSYS_PROBE(fail9); +fail8: + EFSYS_PROBE(fail8); +fail7: + EFSYS_PROBE(fail7); +fail6: + EFSYS_PROBE(fail6); +fail5: + EFSYS_PROBE(fail5); +fail4: + EFSYS_PROBE(fail4); +fail3: + EFSYS_PROBE(fail3); +fail2: + EFSYS_PROBE(fail2); +fail1: + EFSYS_PROBE1(fail1, efx_rc_t, rc); + + return (rc); +} + + + +#endif /* EFSYS_OPT_IMAGE_LAYOUT */ + +#endif /* EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 */ diff --git a/sys/dev/sfxge/common/ef10_impl.h b/sys/dev/sfxge/common/ef10_impl.h index e85db2e4c7ff..3149fb51a14b 100644 --- a/sys/dev/sfxge/common/ef10_impl.h +++ b/sys/dev/sfxge/common/ef10_impl.h @@ -37,13 +37,27 @@ extern "C" { #endif -#if (EFSYS_OPT_HUNTINGTON && EFSYS_OPT_MEDFORD) -#define EF10_MAX_PIOBUF_NBUFS MAX(HUNT_PIOBUF_NBUFS, MEDFORD_PIOBUF_NBUFS) -#elif EFSYS_OPT_HUNTINGTON -#define EF10_MAX_PIOBUF_NBUFS HUNT_PIOBUF_NBUFS -#elif EFSYS_OPT_MEDFORD -#define EF10_MAX_PIOBUF_NBUFS MEDFORD_PIOBUF_NBUFS -#endif + +/* Number of hardware PIO buffers (for compile-time resource dimensions) */ +#define EF10_MAX_PIOBUF_NBUFS (16) + +#if EFSYS_OPT_HUNTINGTON +# if (EF10_MAX_PIOBUF_NBUFS < HUNT_PIOBUF_NBUFS) +# error "EF10_MAX_PIOBUF_NBUFS too small" +# endif +#endif /* EFSYS_OPT_HUNTINGTON */ +#if EFSYS_OPT_MEDFORD +# if (EF10_MAX_PIOBUF_NBUFS < MEDFORD_PIOBUF_NBUFS) +# error "EF10_MAX_PIOBUF_NBUFS too small" +# endif +#endif /* EFSYS_OPT_MEDFORD */ +#if EFSYS_OPT_MEDFORD2 +# if (EF10_MAX_PIOBUF_NBUFS < MEDFORD2_PIOBUF_NBUFS) +# error "EF10_MAX_PIOBUF_NBUFS too small" +# endif +#endif /* EFSYS_OPT_MEDFORD2 */ + + /* * FIXME: This is just a power of 2 which fits in an MCDI v1 message, and could @@ -202,6 +216,14 @@ extern __checkReturn efx_rc_t ef10_nic_init( __in efx_nic_t *enp); +extern __checkReturn boolean_t +ef10_nic_hw_unavailable( + __in efx_nic_t *enp); + +extern void +ef10_nic_set_hw_unavailable( + __in efx_nic_t *enp); + #if EFSYS_OPT_DIAG extern __checkReturn efx_rc_t @@ -442,7 +464,7 @@ ef10_nvram_partn_read( __in efx_nic_t *enp, __in uint32_t partn, __in unsigned int offset, - __out_bcount(size) caddr_t data, + __in_bcount(size) caddr_t data, __in size_t size); extern __checkReturn efx_rc_t @@ -489,17 +511,21 @@ ef10_nvram_partn_set_version( extern __checkReturn efx_rc_t ef10_nvram_buffer_validate( - __in efx_nic_t *enp, __in uint32_t partn, __in_bcount(buffer_size) caddr_t bufferp, __in size_t buffer_size); +extern void +ef10_nvram_buffer_init( + __out_bcount(buffer_size) + caddr_t bufferp, + __in size_t buffer_size); + extern __checkReturn efx_rc_t ef10_nvram_buffer_create( - __in efx_nic_t *enp, - __in uint16_t partn_type, - __in_bcount(buffer_size) + __in uint32_t partn_type, + __out_bcount(buffer_size) caddr_t bufferp, __in size_t buffer_size); @@ -528,15 +554,26 @@ ef10_nvram_buffer_find_item( __out uint32_t *lengthp); extern __checkReturn efx_rc_t +ef10_nvram_buffer_peek_item( + __in_bcount(buffer_size) + caddr_t bufferp, + __in size_t buffer_size, + __in uint32_t offset, + __out uint32_t *tagp, + __out uint32_t *lengthp, + __out uint32_t *value_offsetp); + +extern __checkReturn efx_rc_t ef10_nvram_buffer_get_item( __in_bcount(buffer_size) caddr_t bufferp, __in size_t buffer_size, __in uint32_t offset, __in uint32_t length, - __out_bcount_part(item_max_size, *lengthp) - caddr_t itemp, - __in size_t item_max_size, + __out uint32_t *tagp, + __out_bcount_part(value_max_size, *lengthp) + caddr_t valuep, + __in size_t value_max_size, __out uint32_t *lengthp); extern __checkReturn efx_rc_t @@ -545,7 +582,19 @@ ef10_nvram_buffer_insert_item( caddr_t bufferp, __in size_t buffer_size, __in uint32_t offset, - __in_bcount(length) caddr_t keyp, + __in uint32_t tag, + __in_bcount(length) caddr_t valuep, + __in uint32_t length, + __out uint32_t *lengthp); + +extern __checkReturn efx_rc_t +ef10_nvram_buffer_modify_item( + __in_bcount(buffer_size) + caddr_t bufferp, + __in size_t buffer_size, + __in uint32_t offset, + __in uint32_t tag, + __in_bcount(length) caddr_t valuep, __in uint32_t length, __out uint32_t *lengthp); @@ -570,10 +619,7 @@ ef10_nvram_buffer_finish( /* PHY */ typedef struct ef10_link_state_s { - uint32_t els_adv_cap_mask; - uint32_t els_lp_cap_mask; - unsigned int els_fcntl; - efx_link_mode_t els_link_mode; + efx_phy_link_state_t epls; #if EFSYS_OPT_LOOPBACK efx_loopback_type_t els_loopback; #endif @@ -609,6 +655,11 @@ ef10_phy_oui_get( __in efx_nic_t *enp, __out uint32_t *ouip); +extern __checkReturn efx_rc_t +ef10_phy_link_state_get( + __in efx_nic_t *enp, + __out efx_phy_link_state_t *eplsp); + #if EFSYS_OPT_PHY_STATS extern __checkReturn efx_rc_t @@ -768,6 +819,7 @@ extern void ef10_tx_qdesc_tso2_create( __in efx_txq_t *etp, __in uint16_t ipv4_id, + __in uint16_t outer_ipv4_id, __in uint32_t tcp_seq, __in uint16_t tcp_mss, __out_ecount(count) efx_desc_t *edp, @@ -779,6 +831,11 @@ ef10_tx_qdesc_vlantci_create( __in uint16_t vlan_tci, __out efx_desc_t *edp); +extern void +ef10_tx_qdesc_checksum_create( + __in efx_txq_t *etp, + __in uint16_t flags, + __out efx_desc_t *edp); #if EFSYS_OPT_QSTATS @@ -973,13 +1030,15 @@ extern void ef10_rx_qenable( __in efx_rxq_t *erp); +union efx_rxq_type_data_u; + extern __checkReturn efx_rc_t ef10_rx_qcreate( __in efx_nic_t *enp, __in unsigned int index, __in unsigned int label, __in efx_rxq_type_t type, - __in uint32_t type_data, + __in_opt const union efx_rxq_type_data_u *type_data, __in efsys_mem_t *esmp, __in size_t ndescs, __in uint32_t id, @@ -1132,11 +1191,12 @@ extern __checkReturn efx_rc_t efx_mcdi_get_port_modes( __in efx_nic_t *enp, __out uint32_t *modesp, - __out_opt uint32_t *current_modep); + __out_opt uint32_t *current_modep, + __out_opt uint32_t *default_modep); extern __checkReturn efx_rc_t ef10_nic_get_port_mode_bandwidth( - __in uint32_t port_mode, + __in efx_nic_t *enp, __out uint32_t *bandwidth_mbpsp); extern __checkReturn efx_rc_t @@ -1157,26 +1217,38 @@ efx_mcdi_get_clock( extern __checkReturn efx_rc_t +efx_mcdi_get_rxdp_config( + __in efx_nic_t *enp, + __out uint32_t *end_paddingp); + +extern __checkReturn efx_rc_t efx_mcdi_get_vector_cfg( __in efx_nic_t *enp, __out_opt uint32_t *vec_basep, __out_opt uint32_t *pf_nvecp, __out_opt uint32_t *vf_nvecp); -extern __checkReturn efx_rc_t -ef10_get_datapath_caps( - __in efx_nic_t *enp); - extern __checkReturn efx_rc_t ef10_get_privilege_mask( __in efx_nic_t *enp, __out uint32_t *maskp); +#if EFSYS_OPT_FW_SUBVARIANT_AWARE + extern __checkReturn efx_rc_t -ef10_external_port_mapping( +efx_mcdi_get_nic_global( __in efx_nic_t *enp, - __in uint32_t port, - __out uint8_t *external_portp); + __in uint32_t key, + __out uint32_t *valuep); + +extern __checkReturn efx_rc_t +efx_mcdi_set_nic_global( + __in efx_nic_t *enp, + __in uint32_t key, + __in uint32_t value); + +#endif /* EFSYS_OPT_FW_SUBVARIANT_AWARE */ + #if EFSYS_OPT_RX_PACKED_STREAM @@ -1208,6 +1280,16 @@ ef10_external_port_mapping( #endif /* EFSYS_OPT_RX_PACKED_STREAM */ +#if EFSYS_OPT_RX_ES_SUPER_BUFFER + +/* + * Maximum DMA length and buffer stride alignment. + * (see SF-119419-TC, 3.2) + */ +#define EFX_RX_ES_SUPER_BUFFER_BUF_ALIGNMENT 64 + +#endif + #ifdef __cplusplus } #endif diff --git a/sys/dev/sfxge/common/ef10_intr.c b/sys/dev/sfxge/common/ef10_intr.c index 2bcc9fb21cbb..228b0c4349c8 100644 --- a/sys/dev/sfxge/common/ef10_intr.c +++ b/sys/dev/sfxge/common/ef10_intr.c @@ -35,7 +35,7 @@ __FBSDID("$FreeBSD$"); #include "efx_impl.h" -#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD +#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 __checkReturn efx_rc_t ef10_intr_init( @@ -78,19 +78,19 @@ efx_mcdi_trigger_interrupt( __in unsigned int level) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_TRIGGER_INTERRUPT_IN_LEN, - MC_CMD_TRIGGER_INTERRUPT_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_TRIGGER_INTERRUPT_IN_LEN, + MC_CMD_TRIGGER_INTERRUPT_OUT_LEN); efx_rc_t rc; EFSYS_ASSERT(enp->en_family == EFX_FAMILY_HUNTINGTON || - enp->en_family == EFX_FAMILY_MEDFORD); + enp->en_family == EFX_FAMILY_MEDFORD || + enp->en_family == EFX_FAMILY_MEDFORD2); if (level >= enp->en_nic_cfg.enc_intr_limit) { rc = EINVAL; goto fail1; } - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_TRIGGER_INTERRUPT; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_TRIGGER_INTERRUPT_IN_LEN; @@ -156,7 +156,8 @@ ef10_intr_status_line( efx_dword_t dword; EFSYS_ASSERT(enp->en_family == EFX_FAMILY_HUNTINGTON || - enp->en_family == EFX_FAMILY_MEDFORD); + enp->en_family == EFX_FAMILY_MEDFORD || + enp->en_family == EFX_FAMILY_MEDFORD2); /* Read the queue mask and implicitly acknowledge the interrupt. */ EFX_BAR_READD(enp, ER_DZ_BIU_INT_ISR_REG, &dword, B_FALSE); @@ -174,7 +175,8 @@ ef10_intr_status_message( __out boolean_t *fatalp) { EFSYS_ASSERT(enp->en_family == EFX_FAMILY_HUNTINGTON || - enp->en_family == EFX_FAMILY_MEDFORD); + enp->en_family == EFX_FAMILY_MEDFORD || + enp->en_family == EFX_FAMILY_MEDFORD2); _NOTE(ARGUNUSED(enp, message)) @@ -197,4 +199,4 @@ ef10_intr_fini( _NOTE(ARGUNUSED(enp)) } -#endif /* EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD */ +#endif /* EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 */ diff --git a/sys/dev/sfxge/common/ef10_mac.c b/sys/dev/sfxge/common/ef10_mac.c index b69a54dfadee..5a7d17d62c2d 100644 --- a/sys/dev/sfxge/common/ef10_mac.c +++ b/sys/dev/sfxge/common/ef10_mac.c @@ -35,7 +35,7 @@ __FBSDID("$FreeBSD$"); #include "efx_impl.h" -#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD +#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 __checkReturn efx_rc_t ef10_mac_poll( @@ -49,10 +49,10 @@ ef10_mac_poll( if ((rc = ef10_phy_get_link(enp, &els)) != 0) goto fail1; - epp->ep_adv_cap_mask = els.els_adv_cap_mask; - epp->ep_fcntl = els.els_fcntl; + epp->ep_adv_cap_mask = els.epls.epls_adv_cap_mask; + epp->ep_fcntl = els.epls.epls_fcntl; - *link_modep = els.els_link_mode; + *link_modep = els.epls.epls_link_mode; return (0); @@ -102,11 +102,10 @@ efx_mcdi_vadapter_set_mac( { efx_port_t *epp = &(enp->en_port); efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_VADAPTOR_SET_MAC_IN_LEN, - MC_CMD_VADAPTOR_SET_MAC_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_VADAPTOR_SET_MAC_IN_LEN, + MC_CMD_VADAPTOR_SET_MAC_OUT_LEN); efx_rc_t rc; - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_VADAPTOR_SET_MAC; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_VADAPTOR_SET_MAC_IN_LEN; @@ -168,11 +167,10 @@ efx_mcdi_mtu_set( __in uint32_t mtu) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_SET_MAC_EXT_IN_LEN, - MC_CMD_SET_MAC_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_SET_MAC_EXT_IN_LEN, + MC_CMD_SET_MAC_OUT_LEN); efx_rc_t rc; - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_SET_MAC; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_SET_MAC_EXT_IN_LEN; @@ -205,11 +203,10 @@ efx_mcdi_mtu_get( __out size_t *mtu) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_SET_MAC_EXT_IN_LEN, - MC_CMD_SET_MAC_V2_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_SET_MAC_EXT_IN_LEN, + MC_CMD_SET_MAC_V2_OUT_LEN); efx_rc_t rc; - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_SET_MAC; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_SET_MAC_EXT_IN_LEN; @@ -301,11 +298,10 @@ ef10_mac_reconfigure( { efx_port_t *epp = &(enp->en_port); efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_SET_MAC_IN_LEN, - MC_CMD_SET_MAC_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_SET_MAC_IN_LEN, + MC_CMD_SET_MAC_OUT_LEN); efx_rc_t rc; - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_SET_MAC; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_SET_MAC_IN_LEN; @@ -383,7 +379,8 @@ ef10_mac_multicast_list_set( efx_rc_t rc; EFSYS_ASSERT(enp->en_family == EFX_FAMILY_HUNTINGTON || - enp->en_family == EFX_FAMILY_MEDFORD); + enp->en_family == EFX_FAMILY_MEDFORD || + enp->en_family == EFX_FAMILY_MEDFORD2); if ((rc = emop->emo_reconfigure(enp)) != 0) goto fail1; @@ -438,7 +435,7 @@ ef10_mac_filter_default_rxq_clear( ef10_filter_default_rxq_clear(enp); - efx_filter_reconfigure(enp, epp->ep_mac_addr, + (void) efx_filter_reconfigure(enp, epp->ep_mac_addr, epp->ep_all_unicst, epp->ep_mulcst, epp->ep_all_mulcst, epp->ep_brdcst, epp->ep_mulcst_addr_list, @@ -549,8 +546,44 @@ ef10_mac_stats_get_mask( goto fail6; } + if (encp->enc_fec_counters) { + const struct efx_mac_stats_range ef10_fec[] = { + { EFX_MAC_FEC_UNCORRECTED_ERRORS, + EFX_MAC_FEC_CORRECTED_SYMBOLS_LANE3 }, + }; + if ((rc = efx_mac_stats_mask_add_ranges(maskp, mask_size, + ef10_fec, EFX_ARRAY_SIZE(ef10_fec))) != 0) + goto fail7; + } + + if (encp->enc_mac_stats_nstats >= MC_CMD_MAC_NSTATS_V4) { + const struct efx_mac_stats_range ef10_rxdp_sdt[] = { + { EFX_MAC_RXDP_SCATTER_DISABLED_TRUNC, + EFX_MAC_RXDP_SCATTER_DISABLED_TRUNC }, + }; + + if ((rc = efx_mac_stats_mask_add_ranges(maskp, mask_size, + ef10_rxdp_sdt, EFX_ARRAY_SIZE(ef10_rxdp_sdt))) != 0) + goto fail8; + } + + if (encp->enc_hlb_counters) { + const struct efx_mac_stats_range ef10_hlb[] = { + { EFX_MAC_RXDP_HLB_IDLE, EFX_MAC_RXDP_HLB_TIMEOUT }, + }; + if ((rc = efx_mac_stats_mask_add_ranges(maskp, mask_size, + ef10_hlb, EFX_ARRAY_SIZE(ef10_hlb))) != 0) + goto fail9; + } + return (0); +fail9: + EFSYS_PROBE(fail9); +fail8: + EFSYS_PROBE(fail8); +fail7: + EFSYS_PROBE(fail7); fail6: EFSYS_PROBE(fail6); fail5: @@ -578,16 +611,45 @@ ef10_mac_stats_update( __inout_ecount(EFX_MAC_NSTATS) efsys_stat_t *stat, __inout_opt uint32_t *generationp) { - efx_qword_t value; + const efx_nic_cfg_t *encp = &enp->en_nic_cfg; efx_qword_t generation_start; efx_qword_t generation_end; + efx_qword_t value; + efx_rc_t rc; - _NOTE(ARGUNUSED(enp)) + /* + * The MAC_STATS contain start and end generation counters used to + * detect when the DMA buffer has been updated during stats decode. + * All stats counters are 64bit unsigned values. + * + * Siena-compatible MAC stats contain MC_CMD_MAC_NSTATS 64bit counters. + * The generation end counter is at index MC_CMD_MAC_GENERATION_END + * (same as MC_CMD_MAC_NSTATS-1). + * + * Medford2 and later use a larger DMA buffer: MAC_STATS_NUM_STATS from + * MC_CMD_GET_CAPABILITIES_V4_OUT reports the number of 64bit counters. + * + * Firmware writes the generation end counter as the last counter in the + * DMA buffer. Do not use MC_CMD_MAC_GENERATION_END, as that is only + * correct for legacy Siena-compatible MAC stats. + */ + + if (encp->enc_mac_stats_nstats < MC_CMD_MAC_NSTATS) { + /* MAC stats count too small for legacy MAC stats */ + rc = ENOSPC; + goto fail1; + } + if (EFSYS_MEM_SIZE(esmp) < + (encp->enc_mac_stats_nstats * sizeof (efx_qword_t))) { + /* DMA buffer too small */ + rc = ENOSPC; + goto fail2; + } /* Read END first so we don't race with the MC */ - EFSYS_DMA_SYNC_FOR_KERNEL(esmp, 0, EFX_MAC_STATS_SIZE); - EF10_MAC_STAT_READ(esmp, MC_CMD_MAC_GENERATION_END, - &generation_end); + EFSYS_DMA_SYNC_FOR_KERNEL(esmp, 0, EFSYS_MEM_SIZE(esmp)); + EF10_MAC_STAT_READ(esmp, (encp->enc_mac_stats_nstats - 1), + &generation_end); EFSYS_MEM_READ_BARRIER(); /* TX */ @@ -615,7 +677,7 @@ ef10_mac_stats_update( EF10_MAC_STAT_READ(esmp, MC_CMD_MAC_TX_LT64_PKTS, &value); EFSYS_STAT_SET_QWORD(&(stat[EFX_MAC_TX_LE_64_PKTS]), &value); EF10_MAC_STAT_READ(esmp, MC_CMD_MAC_TX_64_PKTS, &value); - EFSYS_STAT_SET_QWORD(&(stat[EFX_MAC_TX_LE_64_PKTS]), &value); + EFSYS_STAT_INCR_QWORD(&(stat[EFX_MAC_TX_LE_64_PKTS]), &value); EF10_MAC_STAT_READ(esmp, MC_CMD_MAC_TX_65_TO_127_PKTS, &value); EFSYS_STAT_SET_QWORD(&(stat[EFX_MAC_TX_65_TO_127_PKTS]), &value); @@ -878,7 +940,109 @@ ef10_mac_stats_update( EFSYS_STAT_SET_QWORD(&(stat[EFX_MAC_VADAPTER_TX_OVERFLOW]), &value); - EFSYS_DMA_SYNC_FOR_KERNEL(esmp, 0, EFX_MAC_STATS_SIZE); + if (encp->enc_mac_stats_nstats < MC_CMD_MAC_NSTATS_V2) + goto done; + + /* FEC */ + EF10_MAC_STAT_READ(esmp, MC_CMD_MAC_FEC_UNCORRECTED_ERRORS, &value); + EFSYS_STAT_SET_QWORD(&(stat[EFX_MAC_FEC_UNCORRECTED_ERRORS]), &value); + + EF10_MAC_STAT_READ(esmp, MC_CMD_MAC_FEC_CORRECTED_ERRORS, &value); + EFSYS_STAT_SET_QWORD(&(stat[EFX_MAC_FEC_CORRECTED_ERRORS]), &value); + + EF10_MAC_STAT_READ(esmp, MC_CMD_MAC_FEC_CORRECTED_SYMBOLS_LANE0, + &value); + EFSYS_STAT_SET_QWORD(&(stat[EFX_MAC_FEC_CORRECTED_SYMBOLS_LANE0]), + &value); + + EF10_MAC_STAT_READ(esmp, MC_CMD_MAC_FEC_CORRECTED_SYMBOLS_LANE1, + &value); + EFSYS_STAT_SET_QWORD(&(stat[EFX_MAC_FEC_CORRECTED_SYMBOLS_LANE1]), + &value); + + EF10_MAC_STAT_READ(esmp, MC_CMD_MAC_FEC_CORRECTED_SYMBOLS_LANE2, + &value); + EFSYS_STAT_SET_QWORD(&(stat[EFX_MAC_FEC_CORRECTED_SYMBOLS_LANE2]), + &value); + + EF10_MAC_STAT_READ(esmp, MC_CMD_MAC_FEC_CORRECTED_SYMBOLS_LANE3, + &value); + EFSYS_STAT_SET_QWORD(&(stat[EFX_MAC_FEC_CORRECTED_SYMBOLS_LANE3]), + &value); + + if (encp->enc_mac_stats_nstats < MC_CMD_MAC_NSTATS_V3) + goto done; + + /* CTPIO exceptions */ + EF10_MAC_STAT_READ(esmp, MC_CMD_MAC_CTPIO_VI_BUSY_FALLBACK, &value); + EFSYS_STAT_SET_QWORD(&(stat[EFX_MAC_CTPIO_VI_BUSY_FALLBACK]), &value); + + EF10_MAC_STAT_READ(esmp, MC_CMD_MAC_CTPIO_LONG_WRITE_SUCCESS, &value); + EFSYS_STAT_SET_QWORD(&(stat[EFX_MAC_CTPIO_LONG_WRITE_SUCCESS]), &value); + + EF10_MAC_STAT_READ(esmp, MC_CMD_MAC_CTPIO_MISSING_DBELL_FAIL, &value); + EFSYS_STAT_SET_QWORD(&(stat[EFX_MAC_CTPIO_MISSING_DBELL_FAIL]), &value); + + EF10_MAC_STAT_READ(esmp, MC_CMD_MAC_CTPIO_OVERFLOW_FAIL, &value); + EFSYS_STAT_SET_QWORD(&(stat[EFX_MAC_CTPIO_OVERFLOW_FAIL]), &value); + + EF10_MAC_STAT_READ(esmp, MC_CMD_MAC_CTPIO_UNDERFLOW_FAIL, &value); + EFSYS_STAT_SET_QWORD(&(stat[EFX_MAC_CTPIO_UNDERFLOW_FAIL]), &value); + + EF10_MAC_STAT_READ(esmp, MC_CMD_MAC_CTPIO_TIMEOUT_FAIL, &value); + EFSYS_STAT_SET_QWORD(&(stat[EFX_MAC_CTPIO_TIMEOUT_FAIL]), &value); + + EF10_MAC_STAT_READ(esmp, MC_CMD_MAC_CTPIO_NONCONTIG_WR_FAIL, &value); + EFSYS_STAT_SET_QWORD(&(stat[EFX_MAC_CTPIO_NONCONTIG_WR_FAIL]), &value); + + EF10_MAC_STAT_READ(esmp, MC_CMD_MAC_CTPIO_FRM_CLOBBER_FAIL, &value); + EFSYS_STAT_SET_QWORD(&(stat[EFX_MAC_CTPIO_FRM_CLOBBER_FAIL]), &value); + + EF10_MAC_STAT_READ(esmp, MC_CMD_MAC_CTPIO_INVALID_WR_FAIL, &value); + EFSYS_STAT_SET_QWORD(&(stat[EFX_MAC_CTPIO_INVALID_WR_FAIL]), &value); + + EF10_MAC_STAT_READ(esmp, MC_CMD_MAC_CTPIO_VI_CLOBBER_FALLBACK, &value); + EFSYS_STAT_SET_QWORD(&(stat[EFX_MAC_CTPIO_VI_CLOBBER_FALLBACK]), + &value); + + EF10_MAC_STAT_READ(esmp, MC_CMD_MAC_CTPIO_UNQUALIFIED_FALLBACK, &value); + EFSYS_STAT_SET_QWORD(&(stat[EFX_MAC_CTPIO_UNQUALIFIED_FALLBACK]), + &value); + + EF10_MAC_STAT_READ(esmp, MC_CMD_MAC_CTPIO_RUNT_FALLBACK, &value); + EFSYS_STAT_SET_QWORD(&(stat[EFX_MAC_CTPIO_RUNT_FALLBACK]), &value); + + /* CTPIO per-port stats */ + EF10_MAC_STAT_READ(esmp, MC_CMD_MAC_CTPIO_SUCCESS, &value); + EFSYS_STAT_SET_QWORD(&(stat[EFX_MAC_CTPIO_SUCCESS]), &value); + + EF10_MAC_STAT_READ(esmp, MC_CMD_MAC_CTPIO_FALLBACK, &value); + EFSYS_STAT_SET_QWORD(&(stat[EFX_MAC_CTPIO_FALLBACK]), &value); + + EF10_MAC_STAT_READ(esmp, MC_CMD_MAC_CTPIO_POISON, &value); + EFSYS_STAT_SET_QWORD(&(stat[EFX_MAC_CTPIO_POISON]), &value); + + EF10_MAC_STAT_READ(esmp, MC_CMD_MAC_CTPIO_ERASE, &value); + EFSYS_STAT_SET_QWORD(&(stat[EFX_MAC_CTPIO_ERASE]), &value); + + if (encp->enc_mac_stats_nstats < MC_CMD_MAC_NSTATS_V4) + goto done; + + EF10_MAC_STAT_READ(esmp, MC_CMD_MAC_RXDP_SCATTER_DISABLED_TRUNC, + &value); + EFSYS_STAT_SET_QWORD(&(stat[EFX_MAC_RXDP_SCATTER_DISABLED_TRUNC]), + &value); + + /* Head-of-line blocking */ + EF10_MAC_STAT_READ(esmp, MC_CMD_MAC_RXDP_HLB_IDLE, &value); + EFSYS_STAT_SET_QWORD(&(stat[EFX_MAC_RXDP_HLB_IDLE]), &value); + + EF10_MAC_STAT_READ(esmp, MC_CMD_MAC_RXDP_HLB_TIMEOUT, &value); + EFSYS_STAT_SET_QWORD(&(stat[EFX_MAC_RXDP_HLB_TIMEOUT]), &value); + +done: + /* Read START generation counter */ + EFSYS_DMA_SYNC_FOR_KERNEL(esmp, 0, EFSYS_MEM_SIZE(esmp)); EFSYS_MEM_READ_BARRIER(); EF10_MAC_STAT_READ(esmp, MC_CMD_MAC_GENERATION_START, &generation_start); @@ -893,8 +1057,15 @@ ef10_mac_stats_update( *generationp = EFX_QWORD_FIELD(generation_start, EFX_DWORD_0); return (0); + +fail2: + EFSYS_PROBE(fail2); +fail1: + EFSYS_PROBE1(fail1, efx_rc_t, rc); + + return (rc); } #endif /* EFSYS_OPT_MAC_STATS */ -#endif /* EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD */ +#endif /* EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 */ diff --git a/sys/dev/sfxge/common/ef10_mcdi.c b/sys/dev/sfxge/common/ef10_mcdi.c index d92e16993f2d..11ac21204e3f 100644 --- a/sys/dev/sfxge/common/ef10_mcdi.c +++ b/sys/dev/sfxge/common/ef10_mcdi.c @@ -35,7 +35,7 @@ __FBSDID("$FreeBSD$"); #include "efx_impl.h" -#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD +#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 #if EFSYS_OPT_MCDI @@ -55,7 +55,8 @@ ef10_mcdi_init( efx_rc_t rc; EFSYS_ASSERT(enp->en_family == EFX_FAMILY_HUNTINGTON || - enp->en_family == EFX_FAMILY_MEDFORD); + enp->en_family == EFX_FAMILY_MEDFORD || + enp->en_family == EFX_FAMILY_MEDFORD2); EFSYS_ASSERT(enp->en_features & EFX_FEATURE_MCDI_DMA); /* @@ -162,7 +163,8 @@ ef10_mcdi_send_request( unsigned int pos; EFSYS_ASSERT(enp->en_family == EFX_FAMILY_HUNTINGTON || - enp->en_family == EFX_FAMILY_MEDFORD); + enp->en_family == EFX_FAMILY_MEDFORD || + enp->en_family == EFX_FAMILY_MEDFORD2); /* Write the header */ for (pos = 0; pos < hdr_len; pos += sizeof (efx_dword_t)) { @@ -213,13 +215,17 @@ ef10_mcdi_read_response( { const efx_mcdi_transport_t *emtp = enp->en_mcdi.em_emtp; efsys_mem_t *esmp = emtp->emt_dma_mem; - unsigned int pos; + unsigned int pos = 0; efx_dword_t data; + size_t remaining = length; + + while (remaining > 0) { + size_t chunk = MIN(remaining, sizeof (data)); - for (pos = 0; pos < length; pos += sizeof (efx_dword_t)) { EFSYS_MEM_READD(esmp, offset + pos, &data); - memcpy((uint8_t *)bufferp + pos, &data, - MIN(sizeof (data), length - pos)); + memcpy((uint8_t *)bufferp + pos, &data, chunk); + pos += chunk; + remaining -= chunk; } } @@ -281,7 +287,8 @@ ef10_mcdi_feature_supported( efx_rc_t rc; EFSYS_ASSERT(enp->en_family == EFX_FAMILY_HUNTINGTON || - enp->en_family == EFX_FAMILY_MEDFORD); + enp->en_family == EFX_FAMILY_MEDFORD || + enp->en_family == EFX_FAMILY_MEDFORD2); /* * Use privilege mask state at MCDI attach. @@ -342,4 +349,4 @@ fail1: #endif /* EFSYS_OPT_MCDI */ -#endif /* EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD */ +#endif /* EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 */ diff --git a/sys/dev/sfxge/common/ef10_nic.c b/sys/dev/sfxge/common/ef10_nic.c index 7032ffbc665b..73550d537d68 100644 --- a/sys/dev/sfxge/common/ef10_nic.c +++ b/sys/dev/sfxge/common/ef10_nic.c @@ -37,7 +37,7 @@ __FBSDID("$FreeBSD$"); #include "mcdi_mon.h" #endif -#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD +#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 #include "ef10_tlv_layout.h" @@ -47,14 +47,14 @@ efx_mcdi_get_port_assignment( __out uint32_t *portp) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_GET_PORT_ASSIGNMENT_IN_LEN, - MC_CMD_GET_PORT_ASSIGNMENT_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_GET_PORT_ASSIGNMENT_IN_LEN, + MC_CMD_GET_PORT_ASSIGNMENT_OUT_LEN); efx_rc_t rc; EFSYS_ASSERT(enp->en_family == EFX_FAMILY_HUNTINGTON || - enp->en_family == EFX_FAMILY_MEDFORD); + enp->en_family == EFX_FAMILY_MEDFORD || + enp->en_family == EFX_FAMILY_MEDFORD2); - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_GET_PORT_ASSIGNMENT; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_GET_PORT_ASSIGNMENT_IN_LEN; @@ -89,17 +89,18 @@ fail1: efx_mcdi_get_port_modes( __in efx_nic_t *enp, __out uint32_t *modesp, - __out_opt uint32_t *current_modep) + __out_opt uint32_t *current_modep, + __out_opt uint32_t *default_modep) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_GET_PORT_MODES_IN_LEN, - MC_CMD_GET_PORT_MODES_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_GET_PORT_MODES_IN_LEN, + MC_CMD_GET_PORT_MODES_OUT_LEN); efx_rc_t rc; EFSYS_ASSERT(enp->en_family == EFX_FAMILY_HUNTINGTON || - enp->en_family == EFX_FAMILY_MEDFORD); + enp->en_family == EFX_FAMILY_MEDFORD || + enp->en_family == EFX_FAMILY_MEDFORD2); - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_GET_PORT_MODES; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_GET_PORT_MODES_IN_LEN; @@ -135,6 +136,11 @@ efx_mcdi_get_port_modes( GET_PORT_MODES_OUT_CURRENT_MODE); } + if (default_modep != NULL) { + *default_modep = MCDI_OUT_DWORD(req, + GET_PORT_MODES_OUT_DEFAULT_MODE); + } + return (0); fail3: @@ -149,44 +155,99 @@ fail1: __checkReturn efx_rc_t ef10_nic_get_port_mode_bandwidth( - __in uint32_t port_mode, + __in efx_nic_t *enp, __out uint32_t *bandwidth_mbpsp) { + uint32_t port_modes; + uint32_t current_mode; + efx_port_t *epp = &(enp->en_port); + + uint32_t single_lane; + uint32_t dual_lane; + uint32_t quad_lane; uint32_t bandwidth; efx_rc_t rc; - switch (port_mode) { - case TLV_PORT_MODE_10G: - bandwidth = 10000; + if ((rc = efx_mcdi_get_port_modes(enp, &port_modes, + ¤t_mode, NULL)) != 0) { + /* No port mode info available. */ + goto fail1; + } + + if (epp->ep_phy_cap_mask & (1 << EFX_PHY_CAP_25000FDX)) + single_lane = 25000; + else + single_lane = 10000; + + if (epp->ep_phy_cap_mask & (1 << EFX_PHY_CAP_50000FDX)) + dual_lane = 50000; + else + dual_lane = 20000; + + if (epp->ep_phy_cap_mask & (1 << EFX_PHY_CAP_100000FDX)) + quad_lane = 100000; + else + quad_lane = 40000; + + switch (current_mode) { + case TLV_PORT_MODE_1x1_NA: /* mode 0 */ + bandwidth = single_lane; + break; + case TLV_PORT_MODE_1x2_NA: /* mode 10 */ + case TLV_PORT_MODE_NA_1x2: /* mode 11 */ + bandwidth = dual_lane; + break; + case TLV_PORT_MODE_1x1_1x1: /* mode 2 */ + bandwidth = single_lane + single_lane; + break; + case TLV_PORT_MODE_4x1_NA: /* mode 4 */ + case TLV_PORT_MODE_NA_4x1: /* mode 8 */ + bandwidth = 4 * single_lane; break; - case TLV_PORT_MODE_10G_10G: - bandwidth = 10000 * 2; + case TLV_PORT_MODE_2x1_2x1: /* mode 5 */ + bandwidth = (2 * single_lane) + (2 * single_lane); break; - case TLV_PORT_MODE_10G_10G_10G_10G: - case TLV_PORT_MODE_10G_10G_10G_10G_Q: - case TLV_PORT_MODE_10G_10G_10G_10G_Q1_Q2: - case TLV_PORT_MODE_10G_10G_10G_10G_Q2: - bandwidth = 10000 * 4; + case TLV_PORT_MODE_1x2_1x2: /* mode 12 */ + bandwidth = dual_lane + dual_lane; break; - case TLV_PORT_MODE_40G: - bandwidth = 40000; + case TLV_PORT_MODE_1x2_2x1: /* mode 17 */ + case TLV_PORT_MODE_2x1_1x2: /* mode 18 */ + bandwidth = dual_lane + (2 * single_lane); break; - case TLV_PORT_MODE_40G_40G: - bandwidth = 40000 * 2; + /* Legacy Medford-only mode. Do not use (see bug63270) */ + case TLV_PORT_MODE_10G_10G_10G_10G_Q1_Q2: /* mode 9 */ + bandwidth = 4 * single_lane; break; - case TLV_PORT_MODE_40G_10G_10G: - case TLV_PORT_MODE_10G_10G_40G: - bandwidth = 40000 + (10000 * 2); + case TLV_PORT_MODE_1x4_NA: /* mode 1 */ + case TLV_PORT_MODE_NA_1x4: /* mode 22 */ + bandwidth = quad_lane; + break; + case TLV_PORT_MODE_2x2_NA: /* mode 13 */ + case TLV_PORT_MODE_NA_2x2: /* mode 14 */ + bandwidth = 2 * dual_lane; + break; + case TLV_PORT_MODE_1x4_2x1: /* mode 6 */ + case TLV_PORT_MODE_2x1_1x4: /* mode 7 */ + bandwidth = quad_lane + (2 * single_lane); + break; + case TLV_PORT_MODE_1x4_1x2: /* mode 15 */ + case TLV_PORT_MODE_1x2_1x4: /* mode 16 */ + bandwidth = quad_lane + dual_lane; + break; + case TLV_PORT_MODE_1x4_1x4: /* mode 3 */ + bandwidth = quad_lane + quad_lane; break; default: rc = EINVAL; - goto fail1; + goto fail2; } *bandwidth_mbpsp = bandwidth; return (0); +fail2: + EFSYS_PROBE(fail2); fail1: EFSYS_PROBE1(fail1, efx_rc_t, rc); @@ -199,13 +260,12 @@ efx_mcdi_vadaptor_alloc( __in uint32_t port_id) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_VADAPTOR_ALLOC_IN_LEN, - MC_CMD_VADAPTOR_ALLOC_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_VADAPTOR_ALLOC_IN_LEN, + MC_CMD_VADAPTOR_ALLOC_OUT_LEN); efx_rc_t rc; EFSYS_ASSERT3U(enp->en_vport_id, ==, EVB_PORT_ID_NULL); - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_VADAPTOR_ALLOC; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_VADAPTOR_ALLOC_IN_LEN; @@ -238,11 +298,10 @@ efx_mcdi_vadaptor_free( __in uint32_t port_id) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_VADAPTOR_FREE_IN_LEN, - MC_CMD_VADAPTOR_FREE_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_VADAPTOR_FREE_IN_LEN, + MC_CMD_VADAPTOR_FREE_OUT_LEN); efx_rc_t rc; - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_VADAPTOR_FREE; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_VADAPTOR_FREE_IN_LEN; @@ -272,14 +331,14 @@ efx_mcdi_get_mac_address_pf( __out_ecount_opt(6) uint8_t mac_addrp[6]) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_GET_MAC_ADDRESSES_IN_LEN, - MC_CMD_GET_MAC_ADDRESSES_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_GET_MAC_ADDRESSES_IN_LEN, + MC_CMD_GET_MAC_ADDRESSES_OUT_LEN); efx_rc_t rc; EFSYS_ASSERT(enp->en_family == EFX_FAMILY_HUNTINGTON || - enp->en_family == EFX_FAMILY_MEDFORD); + enp->en_family == EFX_FAMILY_MEDFORD || + enp->en_family == EFX_FAMILY_MEDFORD2); - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_GET_MAC_ADDRESSES; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_GET_MAC_ADDRESSES_IN_LEN; @@ -330,14 +389,14 @@ efx_mcdi_get_mac_address_vf( __out_ecount_opt(6) uint8_t mac_addrp[6]) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_VPORT_GET_MAC_ADDRESSES_IN_LEN, - MC_CMD_VPORT_GET_MAC_ADDRESSES_OUT_LENMAX)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_VPORT_GET_MAC_ADDRESSES_IN_LEN, + MC_CMD_VPORT_GET_MAC_ADDRESSES_OUT_LENMAX); efx_rc_t rc; EFSYS_ASSERT(enp->en_family == EFX_FAMILY_HUNTINGTON || - enp->en_family == EFX_FAMILY_MEDFORD); + enp->en_family == EFX_FAMILY_MEDFORD || + enp->en_family == EFX_FAMILY_MEDFORD2); - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_VPORT_GET_MAC_ADDRESSES; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_VPORT_GET_MAC_ADDRESSES_IN_LEN; @@ -394,14 +453,14 @@ efx_mcdi_get_clock( __out uint32_t *dpcpu_freqp) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_GET_CLOCK_IN_LEN, - MC_CMD_GET_CLOCK_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_GET_CLOCK_IN_LEN, + MC_CMD_GET_CLOCK_OUT_LEN); efx_rc_t rc; EFSYS_ASSERT(enp->en_family == EFX_FAMILY_HUNTINGTON || - enp->en_family == EFX_FAMILY_MEDFORD); + enp->en_family == EFX_FAMILY_MEDFORD || + enp->en_family == EFX_FAMILY_MEDFORD2); - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_GET_CLOCK; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_GET_CLOCK_IN_LEN; @@ -446,6 +505,63 @@ fail1: } __checkReturn efx_rc_t +efx_mcdi_get_rxdp_config( + __in efx_nic_t *enp, + __out uint32_t *end_paddingp) +{ + efx_mcdi_req_t req; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_GET_RXDP_CONFIG_IN_LEN, + MC_CMD_GET_RXDP_CONFIG_OUT_LEN); + uint32_t end_padding; + efx_rc_t rc; + + req.emr_cmd = MC_CMD_GET_RXDP_CONFIG; + req.emr_in_buf = payload; + req.emr_in_length = MC_CMD_GET_RXDP_CONFIG_IN_LEN; + req.emr_out_buf = payload; + req.emr_out_length = MC_CMD_GET_RXDP_CONFIG_OUT_LEN; + + efx_mcdi_execute(enp, &req); + if (req.emr_rc != 0) { + rc = req.emr_rc; + goto fail1; + } + + if (MCDI_OUT_DWORD_FIELD(req, GET_RXDP_CONFIG_OUT_DATA, + GET_RXDP_CONFIG_OUT_PAD_HOST_DMA) == 0) { + /* RX DMA end padding is disabled */ + end_padding = 0; + } else { + switch (MCDI_OUT_DWORD_FIELD(req, GET_RXDP_CONFIG_OUT_DATA, + GET_RXDP_CONFIG_OUT_PAD_HOST_LEN)) { + case MC_CMD_SET_RXDP_CONFIG_IN_PAD_HOST_64: + end_padding = 64; + break; + case MC_CMD_SET_RXDP_CONFIG_IN_PAD_HOST_128: + end_padding = 128; + break; + case MC_CMD_SET_RXDP_CONFIG_IN_PAD_HOST_256: + end_padding = 256; + break; + default: + rc = ENOTSUP; + goto fail2; + } + } + + *end_paddingp = end_padding; + + return (0); + +fail2: + EFSYS_PROBE(fail2); +fail1: + EFSYS_PROBE1(fail1, efx_rc_t, rc); + + return (rc); +} + + __checkReturn efx_rc_t efx_mcdi_get_vector_cfg( __in efx_nic_t *enp, __out_opt uint32_t *vec_basep, @@ -453,11 +569,10 @@ efx_mcdi_get_vector_cfg( __out_opt uint32_t *vf_nvecp) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_GET_VECTOR_CFG_IN_LEN, - MC_CMD_GET_VECTOR_CFG_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_GET_VECTOR_CFG_IN_LEN, + MC_CMD_GET_VECTOR_CFG_OUT_LEN); efx_rc_t rc; - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_GET_VECTOR_CFG; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_GET_VECTOR_CFG_IN_LEN; @@ -503,8 +618,8 @@ efx_mcdi_alloc_vis( __out uint32_t *vi_shiftp) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_ALLOC_VIS_IN_LEN, - MC_CMD_ALLOC_VIS_EXT_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_ALLOC_VIS_IN_LEN, + MC_CMD_ALLOC_VIS_EXT_OUT_LEN); efx_rc_t rc; if (vi_countp == NULL) { @@ -512,7 +627,6 @@ efx_mcdi_alloc_vis( goto fail1; } - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_ALLOC_VIS; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_ALLOC_VIS_IN_LEN; @@ -595,8 +709,8 @@ efx_mcdi_alloc_piobuf( __out efx_piobuf_handle_t *handlep) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_ALLOC_PIOBUF_IN_LEN, - MC_CMD_ALLOC_PIOBUF_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_ALLOC_PIOBUF_IN_LEN, + MC_CMD_ALLOC_PIOBUF_OUT_LEN); efx_rc_t rc; if (handlep == NULL) { @@ -604,7 +718,6 @@ efx_mcdi_alloc_piobuf( goto fail1; } - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_ALLOC_PIOBUF; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_ALLOC_PIOBUF_IN_LEN; @@ -643,11 +756,10 @@ efx_mcdi_free_piobuf( __in efx_piobuf_handle_t handle) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_FREE_PIOBUF_IN_LEN, - MC_CMD_FREE_PIOBUF_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_FREE_PIOBUF_IN_LEN, + MC_CMD_FREE_PIOBUF_OUT_LEN); efx_rc_t rc; - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_FREE_PIOBUF; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_FREE_PIOBUF_IN_LEN; @@ -678,11 +790,10 @@ efx_mcdi_link_piobuf( __in efx_piobuf_handle_t handle) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_LINK_PIOBUF_IN_LEN, - MC_CMD_LINK_PIOBUF_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_LINK_PIOBUF_IN_LEN, + MC_CMD_LINK_PIOBUF_OUT_LEN); efx_rc_t rc; - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_LINK_PIOBUF; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_LINK_PIOBUF_IN_LEN; @@ -713,11 +824,10 @@ efx_mcdi_unlink_piobuf( __in uint32_t vi_index) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_UNLINK_PIOBUF_IN_LEN, - MC_CMD_UNLINK_PIOBUF_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_UNLINK_PIOBUF_IN_LEN, + MC_CMD_UNLINK_PIOBUF_OUT_LEN); efx_rc_t rc; - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_UNLINK_PIOBUF; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_UNLINK_PIOBUF_IN_LEN; @@ -770,7 +880,7 @@ fail1: for (i = 0; i < enp->en_arch.ef10.ena_piobuf_count; i++) { handlep = &enp->en_arch.ef10.ena_piobuf_handle[i]; - efx_mcdi_free_piobuf(enp, *handlep); + (void) efx_mcdi_free_piobuf(enp, *handlep); *handlep = EFX_PIOBUF_HANDLE_INVALID; } enp->en_arch.ef10.ena_piobuf_count = 0; @@ -787,7 +897,7 @@ ef10_nic_free_piobufs( for (i = 0; i < enp->en_arch.ef10.ena_piobuf_count; i++) { handlep = &enp->en_arch.ef10.ena_piobuf_handle[i]; - efx_mcdi_free_piobuf(enp, *handlep); + (void) efx_mcdi_free_piobuf(enp, *handlep); *handlep = EFX_PIOBUF_HANDLE_INVALID; } enp->en_arch.ef10.ena_piobuf_count = 0; @@ -810,7 +920,8 @@ ef10_nic_pio_alloc( efx_rc_t rc; EFSYS_ASSERT(enp->en_family == EFX_FAMILY_HUNTINGTON || - enp->en_family == EFX_FAMILY_MEDFORD); + enp->en_family == EFX_FAMILY_MEDFORD || + enp->en_family == EFX_FAMILY_MEDFORD2); EFSYS_ASSERT(bufnump); EFSYS_ASSERT(handlep); EFSYS_ASSERT(blknump); @@ -914,11 +1025,10 @@ ef10_mcdi_get_pf_count( __out uint32_t *pf_countp) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_GET_PF_COUNT_IN_LEN, - MC_CMD_GET_PF_COUNT_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_GET_PF_COUNT_IN_LEN, + MC_CMD_GET_PF_COUNT_OUT_LEN); efx_rc_t rc; - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_GET_PF_COUNT; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_GET_PF_COUNT_IN_LEN; @@ -952,62 +1062,104 @@ fail1: return (rc); } - __checkReturn efx_rc_t +static __checkReturn efx_rc_t ef10_get_datapath_caps( __in efx_nic_t *enp) { efx_nic_cfg_t *encp = &(enp->en_nic_cfg); - uint32_t flags; - uint32_t flags2; - uint32_t tso2nc; + efx_mcdi_req_t req; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_GET_CAPABILITIES_IN_LEN, + MC_CMD_GET_CAPABILITIES_V5_OUT_LEN); efx_rc_t rc; - if ((rc = efx_mcdi_get_capabilities(enp, &flags, NULL, NULL, - &flags2, &tso2nc)) != 0) - goto fail1; - if ((rc = ef10_mcdi_get_pf_count(enp, &encp->enc_hw_pf_count)) != 0) goto fail1; -#define CAP_FLAG(flags1, field) \ - ((flags1) & (1 << (MC_CMD_GET_CAPABILITIES_V2_OUT_ ## field ## _LBN))) -#define CAP_FLAG2(flags2, field) \ - ((flags2) & (1 << (MC_CMD_GET_CAPABILITIES_V2_OUT_ ## field ## _LBN))) + req.emr_cmd = MC_CMD_GET_CAPABILITIES; + req.emr_in_buf = payload; + req.emr_in_length = MC_CMD_GET_CAPABILITIES_IN_LEN; + req.emr_out_buf = payload; + req.emr_out_length = MC_CMD_GET_CAPABILITIES_V5_OUT_LEN; + + efx_mcdi_execute_quiet(enp, &req); + + if (req.emr_rc != 0) { + rc = req.emr_rc; + goto fail2; + } + + if (req.emr_out_length_used < MC_CMD_GET_CAPABILITIES_OUT_LEN) { + rc = EMSGSIZE; + goto fail3; + } + +#define CAP_FLAGS1(_req, _flag) \ + (MCDI_OUT_DWORD((_req), GET_CAPABILITIES_OUT_FLAGS1) & \ + (1u << (MC_CMD_GET_CAPABILITIES_V2_OUT_ ## _flag ## _LBN))) + +#define CAP_FLAGS2(_req, _flag) \ + (((_req).emr_out_length_used >= MC_CMD_GET_CAPABILITIES_V2_OUT_LEN) && \ + (MCDI_OUT_DWORD((_req), GET_CAPABILITIES_V2_OUT_FLAGS2) & \ + (1u << (MC_CMD_GET_CAPABILITIES_V2_OUT_ ## _flag ## _LBN)))) /* * Huntington RXDP firmware inserts a 0 or 14 byte prefix. * We only support the 14 byte prefix here. */ - if (CAP_FLAG(flags, RX_PREFIX_LEN_14) == 0) { + if (CAP_FLAGS1(req, RX_PREFIX_LEN_14) == 0) { rc = ENOTSUP; - goto fail2; + goto fail4; } encp->enc_rx_prefix_size = 14; +#if EFSYS_OPT_RX_SCALE + /* Check if the firmware supports additional RSS modes */ + if (CAP_FLAGS1(req, ADDITIONAL_RSS_MODES)) + encp->enc_rx_scale_additional_modes_supported = B_TRUE; + else + encp->enc_rx_scale_additional_modes_supported = B_FALSE; +#endif /* EFSYS_OPT_RX_SCALE */ + /* Check if the firmware supports TSO */ - encp->enc_fw_assisted_tso_enabled = - CAP_FLAG(flags, TX_TSO) ? B_TRUE : B_FALSE; + if (CAP_FLAGS1(req, TX_TSO)) + encp->enc_fw_assisted_tso_enabled = B_TRUE; + else + encp->enc_fw_assisted_tso_enabled = B_FALSE; /* Check if the firmware supports FATSOv2 */ - encp->enc_fw_assisted_tso_v2_enabled = - CAP_FLAG2(flags2, TX_TSO_V2) ? B_TRUE : B_FALSE; + if (CAP_FLAGS2(req, TX_TSO_V2)) { + encp->enc_fw_assisted_tso_v2_enabled = B_TRUE; + encp->enc_fw_assisted_tso_v2_n_contexts = MCDI_OUT_WORD(req, + GET_CAPABILITIES_V2_OUT_TX_TSO_V2_N_CONTEXTS); + } else { + encp->enc_fw_assisted_tso_v2_enabled = B_FALSE; + encp->enc_fw_assisted_tso_v2_n_contexts = 0; + } - /* Get the number of TSO contexts (FATSOv2) */ - encp->enc_fw_assisted_tso_v2_n_contexts = - CAP_FLAG2(flags2, TX_TSO_V2) ? tso2nc : 0; + /* Check if the firmware supports FATSOv2 encap */ + if (CAP_FLAGS2(req, TX_TSO_V2_ENCAP)) + encp->enc_fw_assisted_tso_v2_encap_enabled = B_TRUE; + else + encp->enc_fw_assisted_tso_v2_encap_enabled = B_FALSE; /* Check if the firmware has vadapter/vport/vswitch support */ - encp->enc_datapath_cap_evb = - CAP_FLAG(flags, EVB) ? B_TRUE : B_FALSE; + if (CAP_FLAGS1(req, EVB)) + encp->enc_datapath_cap_evb = B_TRUE; + else + encp->enc_datapath_cap_evb = B_FALSE; /* Check if the firmware supports VLAN insertion */ - encp->enc_hw_tx_insert_vlan_enabled = - CAP_FLAG(flags, TX_VLAN_INSERTION) ? B_TRUE : B_FALSE; + if (CAP_FLAGS1(req, TX_VLAN_INSERTION)) + encp->enc_hw_tx_insert_vlan_enabled = B_TRUE; + else + encp->enc_hw_tx_insert_vlan_enabled = B_FALSE; /* Check if the firmware supports RX event batching */ - encp->enc_rx_batching_enabled = - CAP_FLAG(flags, RX_BATCHING) ? B_TRUE : B_FALSE; + if (CAP_FLAGS1(req, RX_BATCHING)) + encp->enc_rx_batching_enabled = B_TRUE; + else + encp->enc_rx_batching_enabled = B_FALSE; /* * Even if batching isn't reported as supported, we may still get @@ -1016,38 +1168,61 @@ ef10_get_datapath_caps( encp->enc_rx_batch_max = 16; /* Check if the firmware supports disabling scatter on RXQs */ - encp->enc_rx_disable_scatter_supported = - CAP_FLAG(flags, RX_DISABLE_SCATTER) ? B_TRUE : B_FALSE; + if (CAP_FLAGS1(req, RX_DISABLE_SCATTER)) + encp->enc_rx_disable_scatter_supported = B_TRUE; + else + encp->enc_rx_disable_scatter_supported = B_FALSE; /* Check if the firmware supports packed stream mode */ - encp->enc_rx_packed_stream_supported = - CAP_FLAG(flags, RX_PACKED_STREAM) ? B_TRUE : B_FALSE; + if (CAP_FLAGS1(req, RX_PACKED_STREAM)) + encp->enc_rx_packed_stream_supported = B_TRUE; + else + encp->enc_rx_packed_stream_supported = B_FALSE; /* * Check if the firmware supports configurable buffer sizes * for packed stream mode (otherwise buffer size is 1Mbyte) */ - encp->enc_rx_var_packed_stream_supported = - CAP_FLAG(flags, RX_PACKED_STREAM_VAR_BUFFERS) ? B_TRUE : B_FALSE; + if (CAP_FLAGS1(req, RX_PACKED_STREAM_VAR_BUFFERS)) + encp->enc_rx_var_packed_stream_supported = B_TRUE; + else + encp->enc_rx_var_packed_stream_supported = B_FALSE; + + /* Check if the firmware supports equal stride super-buffer mode */ + if (CAP_FLAGS2(req, EQUAL_STRIDE_SUPER_BUFFER)) + encp->enc_rx_es_super_buffer_supported = B_TRUE; + else + encp->enc_rx_es_super_buffer_supported = B_FALSE; + + /* Check if the firmware supports FW subvariant w/o Tx checksumming */ + if (CAP_FLAGS2(req, FW_SUBVARIANT_NO_TX_CSUM)) + encp->enc_fw_subvariant_no_tx_csum_supported = B_TRUE; + else + encp->enc_fw_subvariant_no_tx_csum_supported = B_FALSE; /* Check if the firmware supports set mac with running filters */ - encp->enc_allow_set_mac_with_installed_filters = - CAP_FLAG(flags, VADAPTOR_PERMIT_SET_MAC_WHEN_FILTERS_INSTALLED) ? - B_TRUE : B_FALSE; + if (CAP_FLAGS1(req, VADAPTOR_PERMIT_SET_MAC_WHEN_FILTERS_INSTALLED)) + encp->enc_allow_set_mac_with_installed_filters = B_TRUE; + else + encp->enc_allow_set_mac_with_installed_filters = B_FALSE; /* * Check if firmware supports the extended MC_CMD_SET_MAC, which allows * specifying which parameters to configure. */ - encp->enc_enhanced_set_mac_supported = - CAP_FLAG(flags, SET_MAC_ENHANCED) ? B_TRUE : B_FALSE; + if (CAP_FLAGS1(req, SET_MAC_ENHANCED)) + encp->enc_enhanced_set_mac_supported = B_TRUE; + else + encp->enc_enhanced_set_mac_supported = B_FALSE; /* * Check if firmware supports version 2 of MC_CMD_INIT_EVQ, which allows * us to let the firmware choose the settings to use on an EVQ. */ - encp->enc_init_evq_v2_supported = - CAP_FLAG2(flags2, INIT_EVQ_V2) ? B_TRUE : B_FALSE; + if (CAP_FLAGS2(req, INIT_EVQ_V2)) + encp->enc_init_evq_v2_supported = B_TRUE; + else + encp->enc_init_evq_v2_supported = B_FALSE; /* * Check if firmware-verified NVRAM updates must be used. @@ -1057,39 +1232,182 @@ ef10_get_datapath_caps( * and version 2 of MC_CMD_NVRAM_UPDATE_FINISH (to verify the updated * partition and report the result). */ - encp->enc_nvram_update_verify_result_supported = - CAP_FLAG2(flags2, NVRAM_UPDATE_REPORT_VERIFY_RESULT) ? - B_TRUE : B_FALSE; + if (CAP_FLAGS2(req, NVRAM_UPDATE_REPORT_VERIFY_RESULT)) + encp->enc_nvram_update_verify_result_supported = B_TRUE; + else + encp->enc_nvram_update_verify_result_supported = B_FALSE; /* * Check if firmware provides packet memory and Rx datapath * counters. */ - encp->enc_pm_and_rxdp_counters = - CAP_FLAG(flags, PM_AND_RXDP_COUNTERS) ? B_TRUE : B_FALSE; + if (CAP_FLAGS1(req, PM_AND_RXDP_COUNTERS)) + encp->enc_pm_and_rxdp_counters = B_TRUE; + else + encp->enc_pm_and_rxdp_counters = B_FALSE; /* * Check if the 40G MAC hardware is capable of reporting * statistics for Tx size bins. */ - encp->enc_mac_stats_40g_tx_size_bins = - CAP_FLAG2(flags2, MAC_STATS_40G_TX_SIZE_BINS) ? B_TRUE : B_FALSE; + if (CAP_FLAGS2(req, MAC_STATS_40G_TX_SIZE_BINS)) + encp->enc_mac_stats_40g_tx_size_bins = B_TRUE; + else + encp->enc_mac_stats_40g_tx_size_bins = B_FALSE; /* * Check if firmware supports VXLAN and NVGRE tunnels. * The capability indicates Geneve protocol support as well. */ - if (CAP_FLAG(flags, VXLAN_NVGRE)) + if (CAP_FLAGS1(req, VXLAN_NVGRE)) { encp->enc_tunnel_encapsulations_supported = (1u << EFX_TUNNEL_PROTOCOL_VXLAN) | (1u << EFX_TUNNEL_PROTOCOL_GENEVE) | (1u << EFX_TUNNEL_PROTOCOL_NVGRE); -#undef CAP_FLAG -#undef CAP_FLAG2 + EFX_STATIC_ASSERT(EFX_TUNNEL_MAXNENTRIES == + MC_CMD_SET_TUNNEL_ENCAP_UDP_PORTS_IN_ENTRIES_MAXNUM); + encp->enc_tunnel_config_udp_entries_max = + EFX_TUNNEL_MAXNENTRIES; + } else { + encp->enc_tunnel_config_udp_entries_max = 0; + } + + /* + * Check if firmware reports the VI window mode. + * Medford2 has a variable VI window size (8K, 16K or 64K). + * Medford and Huntington have a fixed 8K VI window size. + */ + if (req.emr_out_length_used >= MC_CMD_GET_CAPABILITIES_V3_OUT_LEN) { + uint8_t mode = + MCDI_OUT_BYTE(req, GET_CAPABILITIES_V3_OUT_VI_WINDOW_MODE); + + switch (mode) { + case MC_CMD_GET_CAPABILITIES_V3_OUT_VI_WINDOW_MODE_8K: + encp->enc_vi_window_shift = EFX_VI_WINDOW_SHIFT_8K; + break; + case MC_CMD_GET_CAPABILITIES_V3_OUT_VI_WINDOW_MODE_16K: + encp->enc_vi_window_shift = EFX_VI_WINDOW_SHIFT_16K; + break; + case MC_CMD_GET_CAPABILITIES_V3_OUT_VI_WINDOW_MODE_64K: + encp->enc_vi_window_shift = EFX_VI_WINDOW_SHIFT_64K; + break; + default: + encp->enc_vi_window_shift = EFX_VI_WINDOW_SHIFT_INVALID; + break; + } + } else if ((enp->en_family == EFX_FAMILY_HUNTINGTON) || + (enp->en_family == EFX_FAMILY_MEDFORD)) { + /* Huntington and Medford have fixed 8K window size */ + encp->enc_vi_window_shift = EFX_VI_WINDOW_SHIFT_8K; + } else { + encp->enc_vi_window_shift = EFX_VI_WINDOW_SHIFT_INVALID; + } + + /* Check if firmware supports extended MAC stats. */ + if (req.emr_out_length_used >= MC_CMD_GET_CAPABILITIES_V4_OUT_LEN) { + /* Extended stats buffer supported */ + encp->enc_mac_stats_nstats = MCDI_OUT_WORD(req, + GET_CAPABILITIES_V4_OUT_MAC_STATS_NUM_STATS); + } else { + /* Use Siena-compatible legacy MAC stats */ + encp->enc_mac_stats_nstats = MC_CMD_MAC_NSTATS; + } + + if (encp->enc_mac_stats_nstats >= MC_CMD_MAC_NSTATS_V2) + encp->enc_fec_counters = B_TRUE; + else + encp->enc_fec_counters = B_FALSE; + + /* Check if the firmware provides head-of-line blocking counters */ + if (CAP_FLAGS2(req, RXDP_HLB_IDLE)) + encp->enc_hlb_counters = B_TRUE; + else + encp->enc_hlb_counters = B_FALSE; + +#if EFSYS_OPT_RX_SCALE + if (CAP_FLAGS1(req, RX_RSS_LIMITED)) { + /* Only one exclusive RSS context is available per port. */ + encp->enc_rx_scale_max_exclusive_contexts = 1; + + switch (enp->en_family) { + case EFX_FAMILY_MEDFORD2: + encp->enc_rx_scale_hash_alg_mask = + (1U << EFX_RX_HASHALG_TOEPLITZ); + break; + + case EFX_FAMILY_MEDFORD: + case EFX_FAMILY_HUNTINGTON: + /* + * Packed stream firmware variant maintains a + * non-standard algorithm for hash computation. + * It implies explicit XORing together + * source + destination IP addresses (or last + * four bytes in the case of IPv6) and using the + * resulting value as the input to a Toeplitz hash. + */ + encp->enc_rx_scale_hash_alg_mask = + (1U << EFX_RX_HASHALG_PACKED_STREAM); + break; + + default: + rc = EINVAL; + goto fail5; + } + + /* Port numbers cannot contribute to the hash value */ + encp->enc_rx_scale_l4_hash_supported = B_FALSE; + } else { + /* + * Maximum number of exclusive RSS contexts. + * EF10 hardware supports 64 in total, but 6 are reserved + * for shared contexts. They are a global resource so + * not all may be available. + */ + encp->enc_rx_scale_max_exclusive_contexts = 64 - 6; + + encp->enc_rx_scale_hash_alg_mask = + (1U << EFX_RX_HASHALG_TOEPLITZ); + + /* + * It is possible to use port numbers as + * the input data for hash computation. + */ + encp->enc_rx_scale_l4_hash_supported = B_TRUE; + } +#endif /* EFSYS_OPT_RX_SCALE */ + + /* Check if the firmware supports "FLAG" and "MARK" filter actions */ + if (CAP_FLAGS2(req, FILTER_ACTION_FLAG)) + encp->enc_filter_action_flag_supported = B_TRUE; + else + encp->enc_filter_action_flag_supported = B_FALSE; + + if (CAP_FLAGS2(req, FILTER_ACTION_MARK)) + encp->enc_filter_action_mark_supported = B_TRUE; + else + encp->enc_filter_action_mark_supported = B_FALSE; + + /* Get maximum supported value for "MARK" filter action */ + if (req.emr_out_length_used >= MC_CMD_GET_CAPABILITIES_V5_OUT_LEN) + encp->enc_filter_action_mark_max = MCDI_OUT_DWORD(req, + GET_CAPABILITIES_V5_OUT_FILTER_ACTION_MARK_MAX); + else + encp->enc_filter_action_mark_max = 0; + +#undef CAP_FLAGS1 +#undef CAP_FLAGS2 return (0); +#if EFSYS_OPT_RX_SCALE +fail5: + EFSYS_PROBE(fail5); +#endif /* EFSYS_OPT_RX_SCALE */ +fail4: + EFSYS_PROBE(fail4); +fail3: + EFSYS_PROBE(fail3); fail2: EFSYS_PROBE(fail2); fail1: @@ -1150,79 +1468,235 @@ fail1: } +#define EFX_EXT_PORT_MAX 4 +#define EFX_EXT_PORT_NA 0xFF + /* - * Table of mapping schemes from port number to the number of the external - * connector on the board. The external numbering does not distinguish - * off-board separated outputs such as from multi-headed cables. + * Table of mapping schemes from port number to external number. + * + * Each port number ultimately corresponds to a connector: either as part of + * a cable assembly attached to a module inserted in an SFP+/QSFP+ cage on + * the board, or fixed to the board (e.g. 10GBASE-T magjack on SFN5121T + * "Salina"). In general: + * + * Port number (0-based) + * | + * port mapping (n:1) + * | + * v + * External port number (1-based) + * | + * fixed (1:1) or cable assembly (1:m) + * | + * v + * Connector * - * The count of adjacent port numbers that map to each external port - * and the offset in the numbering, is determined by the chip family and - * current port mode. + * The external numbering refers to the cages or magjacks on the board, + * as visibly annotated on the board or back panel. This table describes + * how to determine which external cage/magjack corresponds to the port + * numbers used by the driver. + * + * The count of consecutive port numbers that map to each external number, + * is determined by the chip family and the current port mode. * * For the Huntington family, the current port mode cannot be discovered, + * but a single mapping is used by all modes for a given chip variant, * so the mapping used is instead the last match in the table to the full * set of port modes to which the NIC can be configured. Therefore the - * ordering of entries in the the mapping table is significant. + * ordering of entries in the mapping table is significant. */ -static struct { +static struct ef10_external_port_map_s { efx_family_t family; uint32_t modes_mask; - int32_t count; - int32_t offset; + uint8_t base_port[EFX_EXT_PORT_MAX]; } __ef10_external_port_mappings[] = { - /* Supported modes with 1 output per external port */ + /* + * Modes used by Huntington family controllers where each port + * number maps to a separate cage. + * SFN7x22F (Torino): + * port 0 -> cage 1 + * port 1 -> cage 2 + * SFN7xx4F (Pavia): + * port 0 -> cage 1 + * port 1 -> cage 2 + * port 2 -> cage 3 + * port 3 -> cage 4 + */ + { + EFX_FAMILY_HUNTINGTON, + (1U << TLV_PORT_MODE_10G) | /* mode 0 */ + (1U << TLV_PORT_MODE_10G_10G) | /* mode 2 */ + (1U << TLV_PORT_MODE_10G_10G_10G_10G), /* mode 4 */ + { 0, 1, 2, 3 } + }, + /* + * Modes which for Huntington identify a chip variant where 2 + * adjacent port numbers map to each cage. + * SFN7x42Q (Monza): + * port 0 -> cage 1 + * port 1 -> cage 1 + * port 2 -> cage 2 + * port 3 -> cage 2 + */ { EFX_FAMILY_HUNTINGTON, - (1 << TLV_PORT_MODE_10G) | - (1 << TLV_PORT_MODE_10G_10G) | - (1 << TLV_PORT_MODE_10G_10G_10G_10G), - 1, - 1 + (1U << TLV_PORT_MODE_40G) | /* mode 1 */ + (1U << TLV_PORT_MODE_40G_40G) | /* mode 3 */ + (1U << TLV_PORT_MODE_40G_10G_10G) | /* mode 6 */ + (1U << TLV_PORT_MODE_10G_10G_40G), /* mode 7 */ + { 0, 2, EFX_EXT_PORT_NA, EFX_EXT_PORT_NA } }, + /* + * Modes that on Medford allocate each port number to a separate + * cage. + * port 0 -> cage 1 + * port 1 -> cage 2 + * port 2 -> cage 3 + * port 3 -> cage 4 + */ { EFX_FAMILY_MEDFORD, - (1 << TLV_PORT_MODE_10G) | - (1 << TLV_PORT_MODE_10G_10G), - 1, - 1 + (1U << TLV_PORT_MODE_1x1_NA) | /* mode 0 */ + (1U << TLV_PORT_MODE_1x1_1x1), /* mode 2 */ + { 0, 1, 2, 3 } }, - /* Supported modes with 2 outputs per external port */ + /* + * Modes that on Medford allocate 2 adjacent port numbers to each + * cage. + * port 0 -> cage 1 + * port 1 -> cage 1 + * port 2 -> cage 2 + * port 3 -> cage 2 + */ { - EFX_FAMILY_HUNTINGTON, - (1 << TLV_PORT_MODE_40G) | - (1 << TLV_PORT_MODE_40G_40G) | - (1 << TLV_PORT_MODE_40G_10G_10G) | - (1 << TLV_PORT_MODE_10G_10G_40G), - 2, - 1 + EFX_FAMILY_MEDFORD, + (1U << TLV_PORT_MODE_1x4_NA) | /* mode 1 */ + (1U << TLV_PORT_MODE_1x4_1x4) | /* mode 3 */ + (1U << TLV_PORT_MODE_1x4_2x1) | /* mode 6 */ + (1U << TLV_PORT_MODE_2x1_1x4) | /* mode 7 */ + /* Do not use 10G_10G_10G_10G_Q1_Q2 (see bug63270) */ + (1U << TLV_PORT_MODE_10G_10G_10G_10G_Q1_Q2), /* mode 9 */ + { 0, 2, EFX_EXT_PORT_NA, EFX_EXT_PORT_NA } }, + /* + * Modes that on Medford allocate 4 adjacent port numbers to each + * connector, starting on cage 1. + * port 0 -> cage 1 + * port 1 -> cage 1 + * port 2 -> cage 1 + * port 3 -> cage 1 + */ { EFX_FAMILY_MEDFORD, - (1 << TLV_PORT_MODE_40G) | - (1 << TLV_PORT_MODE_40G_40G) | - (1 << TLV_PORT_MODE_40G_10G_10G) | - (1 << TLV_PORT_MODE_10G_10G_40G) | - (1 << TLV_PORT_MODE_10G_10G_10G_10G_Q1_Q2), - 2, - 1 + (1U << TLV_PORT_MODE_2x1_2x1) | /* mode 5 */ + /* Do not use 10G_10G_10G_10G_Q1 (see bug63270) */ + (1U << TLV_PORT_MODE_4x1_NA), /* mode 4 */ + { 0, EFX_EXT_PORT_NA, EFX_EXT_PORT_NA, EFX_EXT_PORT_NA } }, - /* Supported modes with 4 outputs per external port */ + /* + * Modes that on Medford allocate 4 adjacent port numbers to each + * connector, starting on cage 2. + * port 0 -> cage 2 + * port 1 -> cage 2 + * port 2 -> cage 2 + * port 3 -> cage 2 + */ { EFX_FAMILY_MEDFORD, - (1 << TLV_PORT_MODE_10G_10G_10G_10G_Q) | - (1 << TLV_PORT_MODE_10G_10G_10G_10G_Q1), - 4, - 1, + (1U << TLV_PORT_MODE_NA_4x1), /* mode 8 */ + { EFX_EXT_PORT_NA, 0, EFX_EXT_PORT_NA, EFX_EXT_PORT_NA } }, + /* + * Modes that on Medford2 allocate each port number to a separate + * cage. + * port 0 -> cage 1 + * port 1 -> cage 2 + * port 2 -> cage 3 + * port 3 -> cage 4 + */ { - EFX_FAMILY_MEDFORD, - (1 << TLV_PORT_MODE_10G_10G_10G_10G_Q2), - 4, - 2 + EFX_FAMILY_MEDFORD2, + (1U << TLV_PORT_MODE_1x1_NA) | /* mode 0 */ + (1U << TLV_PORT_MODE_1x4_NA) | /* mode 1 */ + (1U << TLV_PORT_MODE_1x1_1x1) | /* mode 2 */ + (1U << TLV_PORT_MODE_1x2_NA) | /* mode 10 */ + (1U << TLV_PORT_MODE_1x2_1x2) | /* mode 12 */ + (1U << TLV_PORT_MODE_1x4_1x2) | /* mode 15 */ + (1U << TLV_PORT_MODE_1x2_1x4), /* mode 16 */ + { 0, 1, 2, 3 } + }, + /* + * Modes that on Medford2 allocate 1 port to cage 1 and the rest + * to cage 2. + * port 0 -> cage 1 + * port 1 -> cage 2 + * port 2 -> cage 2 + */ + { + EFX_FAMILY_MEDFORD2, + (1U << TLV_PORT_MODE_1x2_2x1) | /* mode 17 */ + (1U << TLV_PORT_MODE_1x4_2x1), /* mode 6 */ + { 0, 1, EFX_EXT_PORT_NA, EFX_EXT_PORT_NA } + }, + /* + * Modes that on Medford2 allocate 2 adjacent port numbers to each + * cage, starting on cage 1. + * port 0 -> cage 1 + * port 1 -> cage 1 + * port 2 -> cage 2 + * port 3 -> cage 2 + */ + { + EFX_FAMILY_MEDFORD2, + (1U << TLV_PORT_MODE_1x4_1x4) | /* mode 3 */ + (1U << TLV_PORT_MODE_2x1_2x1) | /* mode 4 */ + (1U << TLV_PORT_MODE_1x4_2x1) | /* mode 6 */ + (1U << TLV_PORT_MODE_2x1_1x4) | /* mode 7 */ + (1U << TLV_PORT_MODE_2x2_NA) | /* mode 13 */ + (1U << TLV_PORT_MODE_2x1_1x2), /* mode 18 */ + { 0, 2, EFX_EXT_PORT_NA, EFX_EXT_PORT_NA } + }, + /* + * Modes that on Medford2 allocate 2 adjacent port numbers to each + * cage, starting on cage 2. + * port 0 -> cage 2 + * port 1 -> cage 2 + */ + { + EFX_FAMILY_MEDFORD2, + (1U << TLV_PORT_MODE_NA_2x2), /* mode 14 */ + { EFX_EXT_PORT_NA, 0, EFX_EXT_PORT_NA, EFX_EXT_PORT_NA } + }, + /* + * Modes that on Medford2 allocate 4 adjacent port numbers to each + * connector, starting on cage 1. + * port 0 -> cage 1 + * port 1 -> cage 1 + * port 2 -> cage 1 + * port 3 -> cage 1 + */ + { + EFX_FAMILY_MEDFORD2, + (1U << TLV_PORT_MODE_4x1_NA), /* mode 5 */ + { 0, EFX_EXT_PORT_NA, EFX_EXT_PORT_NA, EFX_EXT_PORT_NA } + }, + /* + * Modes that on Medford2 allocate 4 adjacent port numbers to each + * connector, starting on cage 2. + * port 0 -> cage 2 + * port 1 -> cage 2 + * port 2 -> cage 2 + * port 3 -> cage 2 + */ + { + EFX_FAMILY_MEDFORD2, + (1U << TLV_PORT_MODE_NA_4x1) | /* mode 8 */ + (1U << TLV_PORT_MODE_NA_1x2), /* mode 11 */ + { EFX_EXT_PORT_NA, 0, EFX_EXT_PORT_NA, EFX_EXT_PORT_NA } }, }; - __checkReturn efx_rc_t +static __checkReturn efx_rc_t ef10_external_port_mapping( __in efx_nic_t *enp, __in uint32_t port, @@ -1233,16 +1707,17 @@ ef10_external_port_mapping( uint32_t port_modes; uint32_t matches; uint32_t current; - int32_t count = 1; /* Default 1-1 mapping */ - int32_t offset = 1; /* Default starting external port number */ + struct ef10_external_port_map_s *mapp = NULL; + int ext_index = port; /* Default 1-1 mapping */ - if ((rc = efx_mcdi_get_port_modes(enp, &port_modes, ¤t)) != 0) { + if ((rc = efx_mcdi_get_port_modes(enp, &port_modes, ¤t, + NULL)) != 0) { /* - * No current port mode information + * No current port mode information (i.e. Huntington) * - infer mapping from available modes */ if ((rc = efx_mcdi_get_port_modes(enp, - &port_modes, NULL)) != 0) { + &port_modes, NULL, NULL)) != 0) { /* * No port mode information available * - use default mapping @@ -1255,18 +1730,22 @@ ef10_external_port_mapping( } /* - * Infer the internal port -> external port mapping from + * Infer the internal port -> external number mapping from * the possible port modes for this NIC. */ for (i = 0; i < EFX_ARRAY_SIZE(__ef10_external_port_mappings); ++i) { - if (__ef10_external_port_mappings[i].family != - enp->en_family) + struct ef10_external_port_map_s *eepmp = + &__ef10_external_port_mappings[i]; + if (eepmp->family != enp->en_family) continue; - matches = (__ef10_external_port_mappings[i].modes_mask & - port_modes); + matches = (eepmp->modes_mask & port_modes); if (matches != 0) { - count = __ef10_external_port_mappings[i].count; - offset = __ef10_external_port_mappings[i].offset; + /* + * Some modes match. For some Huntington boards + * there will be multiple matches. The mapping on the + * last match is used. + */ + mapp = eepmp; port_modes &= ~matches; } } @@ -1278,31 +1757,235 @@ ef10_external_port_mapping( } out: + if (mapp != NULL) { + /* + * External ports are assigned a sequence of consecutive + * port numbers, so find the one with the closest base_port. + */ + uint32_t delta = EFX_EXT_PORT_NA; + + for (i = 0; i < EFX_EXT_PORT_MAX; i++) { + uint32_t base = mapp->base_port[i]; + if ((base != EFX_EXT_PORT_NA) && (base <= port)) { + if ((port - base) < delta) { + delta = (port - base); + ext_index = i; + } + } + } + } + *external_portp = (uint8_t)(ext_index + 1); + + return (0); + +fail1: + EFSYS_PROBE1(fail1, efx_rc_t, rc); + + return (rc); +} + +static __checkReturn efx_rc_t +ef10_nic_board_cfg( + __in efx_nic_t *enp) +{ + const efx_nic_ops_t *enop = enp->en_enop; + efx_mcdi_iface_t *emip = &(enp->en_mcdi.em_emip); + efx_nic_cfg_t *encp = &(enp->en_nic_cfg); + ef10_link_state_t els; + efx_port_t *epp = &(enp->en_port); + uint32_t board_type = 0; + uint32_t base, nvec; + uint32_t port; + uint32_t mask; + uint32_t pf; + uint32_t vf; + uint8_t mac_addr[6] = { 0 }; + efx_rc_t rc; + + /* Get the (zero-based) MCDI port number */ + if ((rc = efx_mcdi_get_port_assignment(enp, &port)) != 0) + goto fail1; + + /* EFX MCDI interface uses one-based port numbers */ + emip->emi_port = port + 1; + + if ((rc = ef10_external_port_mapping(enp, port, + &encp->enc_external_port)) != 0) + goto fail2; + + /* + * Get PCIe function number from firmware (used for + * per-function privilege and dynamic config info). + * - PCIe PF: pf = PF number, vf = 0xffff. + * - PCIe VF: pf = parent PF, vf = VF number. + */ + if ((rc = efx_mcdi_get_function_info(enp, &pf, &vf)) != 0) + goto fail3; + + encp->enc_pf = pf; + encp->enc_vf = vf; + + /* MAC address for this function */ + if (EFX_PCI_FUNCTION_IS_PF(encp)) { + rc = efx_mcdi_get_mac_address_pf(enp, mac_addr); +#if EFSYS_OPT_ALLOW_UNCONFIGURED_NIC + /* + * Disable static config checking, ONLY for manufacturing test + * and setup at the factory, to allow the static config to be + * installed. + */ +#else /* EFSYS_OPT_ALLOW_UNCONFIGURED_NIC */ + if ((rc == 0) && (mac_addr[0] & 0x02)) { + /* + * If the static config does not include a global MAC + * address pool then the board may return a locally + * administered MAC address (this should only happen on + * incorrectly programmed boards). + */ + rc = EINVAL; + } +#endif /* EFSYS_OPT_ALLOW_UNCONFIGURED_NIC */ + } else { + rc = efx_mcdi_get_mac_address_vf(enp, mac_addr); + } + if (rc != 0) + goto fail4; + + EFX_MAC_ADDR_COPY(encp->enc_mac_addr, mac_addr); + + /* Board configuration (legacy) */ + rc = efx_mcdi_get_board_cfg(enp, &board_type, NULL, NULL); + if (rc != 0) { + /* Unprivileged functions may not be able to read board cfg */ + if (rc == EACCES) + board_type = 0; + else + goto fail5; + } + + encp->enc_board_type = board_type; + encp->enc_clk_mult = 1; /* not used for EF10 */ + + /* Fill out fields in enp->en_port and enp->en_nic_cfg from MCDI */ + if ((rc = efx_mcdi_get_phy_cfg(enp)) != 0) + goto fail6; + + /* + * Firmware with support for *_FEC capability bits does not + * report that the corresponding *_FEC_REQUESTED bits are supported. + * Add them here so that drivers understand that they are supported. + */ + if (epp->ep_phy_cap_mask & (1u << EFX_PHY_CAP_BASER_FEC)) + epp->ep_phy_cap_mask |= + (1u << EFX_PHY_CAP_BASER_FEC_REQUESTED); + if (epp->ep_phy_cap_mask & (1u << EFX_PHY_CAP_RS_FEC)) + epp->ep_phy_cap_mask |= + (1u << EFX_PHY_CAP_RS_FEC_REQUESTED); + if (epp->ep_phy_cap_mask & (1u << EFX_PHY_CAP_25G_BASER_FEC)) + epp->ep_phy_cap_mask |= + (1u << EFX_PHY_CAP_25G_BASER_FEC_REQUESTED); + + /* Obtain the default PHY advertised capabilities */ + if ((rc = ef10_phy_get_link(enp, &els)) != 0) + goto fail7; + epp->ep_default_adv_cap_mask = els.epls.epls_adv_cap_mask; + epp->ep_adv_cap_mask = els.epls.epls_adv_cap_mask; + + /* Check capabilities of running datapath firmware */ + if ((rc = ef10_get_datapath_caps(enp)) != 0) + goto fail8; + + /* Alignment for WPTR updates */ + encp->enc_rx_push_align = EF10_RX_WPTR_ALIGN; + + encp->enc_tx_dma_desc_size_max = EFX_MASK32(ESF_DZ_RX_KER_BYTE_CNT); + /* No boundary crossing limits */ + encp->enc_tx_dma_desc_boundary = 0; + + /* + * Maximum number of bytes into the frame the TCP header can start for + * firmware assisted TSO to work. + */ + encp->enc_tx_tso_tcp_header_offset_limit = EF10_TCP_HEADER_OFFSET_LIMIT; + + /* + * Set resource limits for MC_CMD_ALLOC_VIS. Note that we cannot use + * MC_CMD_GET_RESOURCE_LIMITS here as that reports the available + * resources (allocated to this PCIe function), which is zero until + * after we have allocated VIs. + */ + encp->enc_evq_limit = 1024; + encp->enc_rxq_limit = EFX_RXQ_LIMIT_TARGET; + encp->enc_txq_limit = EFX_TXQ_LIMIT_TARGET; + + encp->enc_buftbl_limit = 0xFFFFFFFF; + + /* Get interrupt vector limits */ + if ((rc = efx_mcdi_get_vector_cfg(enp, &base, &nvec, NULL)) != 0) { + if (EFX_PCI_FUNCTION_IS_PF(encp)) + goto fail9; + + /* Ignore error (cannot query vector limits from a VF). */ + base = 0; + nvec = 1024; + } + encp->enc_intr_vec_base = base; + encp->enc_intr_limit = nvec; + /* - * Scale as required by last matched mode and then convert to - * correctly offset numbering + * Get the current privilege mask. Note that this may be modified + * dynamically, so this value is informational only. DO NOT use + * the privilege mask to check for sufficient privileges, as that + * can result in time-of-check/time-of-use bugs. */ - *external_portp = (uint8_t)((port / count) + offset); + if ((rc = ef10_get_privilege_mask(enp, &mask)) != 0) + goto fail10; + encp->enc_privilege_mask = mask; + + /* Get remaining controller-specific board config */ + if ((rc = enop->eno_board_cfg(enp)) != 0) + if (rc != EACCES) + goto fail11; + return (0); +fail11: + EFSYS_PROBE(fail11); +fail10: + EFSYS_PROBE(fail10); +fail9: + EFSYS_PROBE(fail9); +fail8: + EFSYS_PROBE(fail8); +fail7: + EFSYS_PROBE(fail7); +fail6: + EFSYS_PROBE(fail6); +fail5: + EFSYS_PROBE(fail5); +fail4: + EFSYS_PROBE(fail4); +fail3: + EFSYS_PROBE(fail3); +fail2: + EFSYS_PROBE(fail2); fail1: EFSYS_PROBE1(fail1, efx_rc_t, rc); return (rc); } - __checkReturn efx_rc_t ef10_nic_probe( __in efx_nic_t *enp) { - const efx_nic_ops_t *enop = enp->en_enop; efx_nic_cfg_t *encp = &(enp->en_nic_cfg); efx_drv_cfg_t *edcp = &(enp->en_drv_cfg); efx_rc_t rc; EFSYS_ASSERT(enp->en_family == EFX_FAMILY_HUNTINGTON || - enp->en_family == EFX_FAMILY_MEDFORD); + enp->en_family == EFX_FAMILY_MEDFORD || + enp->en_family == EFX_FAMILY_MEDFORD2); /* Read and clear any assertion state */ if ((rc = efx_mcdi_read_assertion(enp)) != 0) @@ -1316,9 +1999,8 @@ ef10_nic_probe( if ((rc = efx_mcdi_drv_attach(enp, B_TRUE)) != 0) goto fail3; - if ((rc = enop->eno_board_cfg(enp)) != 0) - if (rc != EACCES) - goto fail4; + if ((rc = ef10_nic_board_cfg(enp)) != 0) + goto fail4; /* * Set default driver config limits (based on board config). @@ -1461,8 +2143,8 @@ ef10_nic_reset( __in efx_nic_t *enp) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_ENTITY_RESET_IN_LEN, - MC_CMD_ENTITY_RESET_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_ENTITY_RESET_IN_LEN, + MC_CMD_ENTITY_RESET_OUT_LEN); efx_rc_t rc; /* ef10_nic_reset() is called to recover from BADASSERT failures. */ @@ -1471,7 +2153,6 @@ ef10_nic_reset( if ((rc = efx_mcdi_exit_assertion_handler(enp)) != 0) goto fail2; - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_ENTITY_RESET; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_ENTITY_RESET_IN_LEN; @@ -1513,10 +2194,12 @@ ef10_nic_init( uint32_t i; uint32_t retry; uint32_t delay_us; + uint32_t vi_window_size; efx_rc_t rc; EFSYS_ASSERT(enp->en_family == EFX_FAMILY_HUNTINGTON || - enp->en_family == EFX_FAMILY_MEDFORD); + enp->en_family == EFX_FAMILY_MEDFORD || + enp->en_family == EFX_FAMILY_MEDFORD2); /* Enable reporting of some events (e.g. link change) */ if ((rc = efx_mcdi_log_ctrl(enp)) != 0) @@ -1574,15 +2257,21 @@ ef10_nic_init( enp->en_arch.ef10.ena_pio_write_vi_base = vi_count - enp->en_arch.ef10.ena_piobuf_count; + EFSYS_ASSERT3U(enp->en_nic_cfg.enc_vi_window_shift, !=, + EFX_VI_WINDOW_SHIFT_INVALID); + EFSYS_ASSERT3U(enp->en_nic_cfg.enc_vi_window_shift, <=, + EFX_VI_WINDOW_SHIFT_64K); + vi_window_size = 1U << enp->en_nic_cfg.enc_vi_window_shift; + /* Save UC memory mapping details */ enp->en_arch.ef10.ena_uc_mem_map_offset = 0; if (enp->en_arch.ef10.ena_piobuf_count > 0) { enp->en_arch.ef10.ena_uc_mem_map_size = - (ER_DZ_TX_PIOBUF_STEP * + (vi_window_size * enp->en_arch.ef10.ena_pio_write_vi_base); } else { enp->en_arch.ef10.ena_uc_mem_map_size = - (ER_DZ_TX_PIOBUF_STEP * + (vi_window_size * enp->en_arch.ef10.ena_vi_count); } @@ -1592,7 +2281,7 @@ ef10_nic_init( enp->en_arch.ef10.ena_uc_mem_map_size; enp->en_arch.ef10.ena_wc_mem_map_size = - (ER_DZ_TX_PIOBUF_STEP * + (vi_window_size * enp->en_arch.ef10.ena_piobuf_count); /* Link piobufs to extra VIs in WC mapping */ @@ -1672,7 +2361,8 @@ ef10_nic_get_vi_pool( __out uint32_t *vi_countp) { EFSYS_ASSERT(enp->en_family == EFX_FAMILY_HUNTINGTON || - enp->en_family == EFX_FAMILY_MEDFORD); + enp->en_family == EFX_FAMILY_MEDFORD || + enp->en_family == EFX_FAMILY_MEDFORD2); /* * Report VIs that the client driver can use. @@ -1693,7 +2383,8 @@ ef10_nic_get_bar_region( efx_rc_t rc; EFSYS_ASSERT(enp->en_family == EFX_FAMILY_HUNTINGTON || - enp->en_family == EFX_FAMILY_MEDFORD); + enp->en_family == EFX_FAMILY_MEDFORD || + enp->en_family == EFX_FAMILY_MEDFORD2); /* * TODO: Specify host memory mapping alignment and granularity @@ -1726,6 +2417,36 @@ fail1: return (rc); } + __checkReturn boolean_t +ef10_nic_hw_unavailable( + __in efx_nic_t *enp) +{ + efx_dword_t dword; + + if (enp->en_reset_flags & EFX_RESET_HW_UNAVAIL) + return (B_TRUE); + + EFX_BAR_READD(enp, ER_DZ_BIU_MC_SFT_STATUS_REG, &dword, B_FALSE); + if (EFX_DWORD_FIELD(dword, EFX_DWORD_0) == 0xffffffff) + goto unavail; + + return (B_FALSE); + +unavail: + ef10_nic_set_hw_unavailable(enp); + + return (B_TRUE); +} + + void +ef10_nic_set_hw_unavailable( + __in efx_nic_t *enp) +{ + EFSYS_PROBE(hw_unavail); + enp->en_reset_flags |= EFX_RESET_HW_UNAVAIL; +} + + void ef10_nic_fini( __in efx_nic_t *enp) @@ -1789,5 +2510,85 @@ fail1: #endif /* EFSYS_OPT_DIAG */ +#if EFSYS_OPT_FW_SUBVARIANT_AWARE + + __checkReturn efx_rc_t +efx_mcdi_get_nic_global( + __in efx_nic_t *enp, + __in uint32_t key, + __out uint32_t *valuep) +{ + efx_mcdi_req_t req; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_GET_NIC_GLOBAL_IN_LEN, + MC_CMD_GET_NIC_GLOBAL_OUT_LEN); + efx_rc_t rc; + + req.emr_cmd = MC_CMD_GET_NIC_GLOBAL; + req.emr_in_buf = payload; + req.emr_in_length = MC_CMD_GET_NIC_GLOBAL_IN_LEN; + req.emr_out_buf = payload; + req.emr_out_length = MC_CMD_GET_NIC_GLOBAL_OUT_LEN; + + MCDI_IN_SET_DWORD(req, GET_NIC_GLOBAL_IN_KEY, key); + + efx_mcdi_execute(enp, &req); + + if (req.emr_rc != 0) { + rc = req.emr_rc; + goto fail1; + } + + if (req.emr_out_length_used != MC_CMD_GET_NIC_GLOBAL_OUT_LEN) { + rc = EMSGSIZE; + goto fail2; + } + + *valuep = MCDI_OUT_DWORD(req, GET_NIC_GLOBAL_OUT_VALUE); + + return (0); + +fail2: + EFSYS_PROBE(fail2); +fail1: + EFSYS_PROBE1(fail1, efx_rc_t, rc); + + return (rc); +} + + __checkReturn efx_rc_t +efx_mcdi_set_nic_global( + __in efx_nic_t *enp, + __in uint32_t key, + __in uint32_t value) +{ + efx_mcdi_req_t req; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_SET_NIC_GLOBAL_IN_LEN, 0); + efx_rc_t rc; + + req.emr_cmd = MC_CMD_SET_NIC_GLOBAL; + req.emr_in_buf = payload; + req.emr_in_length = MC_CMD_SET_NIC_GLOBAL_IN_LEN; + req.emr_out_buf = NULL; + req.emr_out_length = 0; + + MCDI_IN_SET_DWORD(req, SET_NIC_GLOBAL_IN_KEY, key); + MCDI_IN_SET_DWORD(req, SET_NIC_GLOBAL_IN_VALUE, value); + + efx_mcdi_execute(enp, &req); + + if (req.emr_rc != 0) { + rc = req.emr_rc; + goto fail1; + } + + return (0); + +fail1: + EFSYS_PROBE1(fail1, efx_rc_t, rc); + + return (rc); +} + +#endif /* EFSYS_OPT_FW_SUBVARIANT_AWARE */ -#endif /* EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD */ +#endif /* EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 */ diff --git a/sys/dev/sfxge/common/ef10_nvram.c b/sys/dev/sfxge/common/ef10_nvram.c index e462d944fa6a..dd6b595e56ae 100644 --- a/sys/dev/sfxge/common/ef10_nvram.c +++ b/sys/dev/sfxge/common/ef10_nvram.c @@ -34,7 +34,7 @@ __FBSDID("$FreeBSD$"); #include "efx.h" #include "efx_impl.h" -#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD +#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 #if EFSYS_OPT_VPD || EFSYS_OPT_NVRAM @@ -230,14 +230,14 @@ tlv_validate_state( if (tlv_tag(cursor) != TLV_TAG_END) { /* Check current item has space for tag and length */ - if (cursor->current > (cursor->limit - 2)) { + if (cursor->current > (cursor->limit - 1)) { cursor->current = NULL; rc = EFAULT; goto fail3; } - /* Check we have value data for current item and another tag */ - if (tlv_next_item_ptr(cursor) > (cursor->limit - 1)) { + /* Check we have value data for current item and an END tag */ + if (tlv_next_item_ptr(cursor) > cursor->limit) { cursor->current = NULL; rc = EFAULT; goto fail4; @@ -662,7 +662,6 @@ fail1: /* Validate buffer contents (before writing to flash) */ __checkReturn efx_rc_t ef10_nvram_buffer_validate( - __in efx_nic_t *enp, __in uint32_t partn, __in_bcount(partn_size) caddr_t partn_data, __in size_t partn_size) @@ -675,7 +674,6 @@ ef10_nvram_buffer_validate( int pos; efx_rc_t rc; - _NOTE(ARGUNUSED(enp, partn)) EFX_STATIC_ASSERT(sizeof (*header) <= EF10_NVRAM_CHUNK); if ((partn_data == NULL) || (partn_size == 0)) { @@ -702,26 +700,32 @@ ef10_nvram_buffer_validate( goto fail4; } + /* Check partition header matches partn */ + if (__LE_TO_CPU_16(header->type_id) != partn) { + rc = EINVAL; + goto fail5; + } + /* Check partition ends with PARTITION_TRAILER and END tags */ if ((rc = tlv_find(&cursor, TLV_TAG_PARTITION_TRAILER)) != 0) { rc = EINVAL; - goto fail5; + goto fail6; } trailer = (struct tlv_partition_trailer *)tlv_item(&cursor); if ((rc = tlv_advance(&cursor)) != 0) { rc = EINVAL; - goto fail6; + goto fail7; } if (tlv_tag(&cursor) != TLV_TAG_END) { rc = EINVAL; - goto fail7; + goto fail8; } /* Check generation counts are consistent */ if (trailer->generation != header->generation) { rc = EINVAL; - goto fail8; + goto fail9; } /* Verify partition checksum */ @@ -731,11 +735,13 @@ ef10_nvram_buffer_validate( } if (cksum != 0) { rc = EINVAL; - goto fail9; + goto fail10; } return (0); +fail10: + EFSYS_PROBE(fail10); fail9: EFSYS_PROBE(fail9); fail8: @@ -758,13 +764,24 @@ fail1: return (rc); } + void +ef10_nvram_buffer_init( + __out_bcount(buffer_size) + caddr_t bufferp, + __in size_t buffer_size) +{ + uint32_t *buf = (uint32_t *)bufferp; + + memset(buf, 0xff, buffer_size); + tlv_init_block(buf); +} __checkReturn efx_rc_t ef10_nvram_buffer_create( - __in efx_nic_t *enp, - __in uint16_t partn_type, - __in_bcount(partn_size) caddr_t partn_data, + __in uint32_t partn_type, + __out_bcount(partn_size) + caddr_t partn_data, __in size_t partn_size) { uint32_t *buf = (uint32_t *)partn_data; @@ -780,9 +797,8 @@ ef10_nvram_buffer_create( goto fail1; } - memset(buf, 0xff, partn_size); + ef10_nvram_buffer_init(partn_data, partn_size); - tlv_init_block(buf); if ((rc = tlv_init_cursor(&cursor, buf, (uint32_t *)((uint8_t *)buf + partn_size), buf)) != 0) { @@ -814,7 +830,7 @@ ef10_nvram_buffer_create( goto fail6; /* Check that the partition is valid. */ - if ((rc = ef10_nvram_buffer_validate(enp, partn_type, + if ((rc = ef10_nvram_buffer_validate(partn_type, partn_data, partn_size)) != 0) goto fail7; @@ -986,22 +1002,65 @@ ef10_nvram_buffer_find_item( } __checkReturn efx_rc_t +ef10_nvram_buffer_peek_item( + __in_bcount(buffer_size) + caddr_t bufferp, + __in size_t buffer_size, + __in uint32_t offset, + __out uint32_t *tagp, + __out uint32_t *lengthp, + __out uint32_t *value_offsetp) +{ + efx_rc_t rc; + tlv_cursor_t cursor; + uint32_t tag; + + if ((rc = tlv_init_cursor_at_offset(&cursor, (uint8_t *)bufferp, + buffer_size, offset)) != 0) { + goto fail1; + } + + tag = tlv_tag(&cursor); + *tagp = tag; + if (tag == TLV_TAG_END) { + /* + * To allow stepping over the END tag, report the full tag + * length and a zero length value. + */ + *lengthp = sizeof (tag); + *value_offsetp = sizeof (tag); + } else { + *lengthp = byte_offset(tlv_next_item_ptr(&cursor), + cursor.current); + *value_offsetp = byte_offset((uint32_t *)tlv_value(&cursor), + cursor.current); + } + return (0); + +fail1: + EFSYS_PROBE1(fail1, efx_rc_t, rc); + + return (rc); +} + + __checkReturn efx_rc_t ef10_nvram_buffer_get_item( __in_bcount(buffer_size) caddr_t bufferp, __in size_t buffer_size, __in uint32_t offset, __in uint32_t length, - __out_bcount_part(item_max_size, *lengthp) - caddr_t itemp, - __in size_t item_max_size, + __out uint32_t *tagp, + __out_bcount_part(value_max_size, *lengthp) + caddr_t valuep, + __in size_t value_max_size, __out uint32_t *lengthp) { efx_rc_t rc; tlv_cursor_t cursor; - uint32_t item_length; + uint32_t value_length; - if (item_max_size < length) { + if (buffer_size < (offset + length)) { rc = ENOSPC; goto fail1; } @@ -1011,14 +1070,15 @@ ef10_nvram_buffer_get_item( goto fail2; } - item_length = tlv_length(&cursor); - if (length < item_length) { + value_length = tlv_length(&cursor); + if (value_max_size < value_length) { rc = ENOSPC; goto fail3; } - memcpy(itemp, tlv_value(&cursor), item_length); + memcpy(valuep, tlv_value(&cursor), value_length); - *lengthp = item_length; + *tagp = tlv_tag(&cursor); + *lengthp = value_length; return (0); @@ -1038,7 +1098,45 @@ ef10_nvram_buffer_insert_item( caddr_t bufferp, __in size_t buffer_size, __in uint32_t offset, - __in_bcount(length) caddr_t keyp, + __in uint32_t tag, + __in_bcount(length) caddr_t valuep, + __in uint32_t length, + __out uint32_t *lengthp) +{ + efx_rc_t rc; + tlv_cursor_t cursor; + + if ((rc = tlv_init_cursor_at_offset(&cursor, (uint8_t *)bufferp, + buffer_size, offset)) != 0) { + goto fail1; + } + + rc = tlv_insert(&cursor, tag, (uint8_t *)valuep, length); + + if (rc != 0) + goto fail2; + + *lengthp = byte_offset(tlv_next_item_ptr(&cursor), + cursor.current); + + return (0); + +fail2: + EFSYS_PROBE(fail2); +fail1: + EFSYS_PROBE1(fail1, efx_rc_t, rc); + + return (rc); +} + + __checkReturn efx_rc_t +ef10_nvram_buffer_modify_item( + __in_bcount(buffer_size) + caddr_t bufferp, + __in size_t buffer_size, + __in uint32_t offset, + __in uint32_t tag, + __in_bcount(length) caddr_t valuep, __in uint32_t length, __out uint32_t *lengthp) { @@ -1050,7 +1148,7 @@ ef10_nvram_buffer_insert_item( goto fail1; } - rc = tlv_insert(&cursor, TLV_TAG_LICENSE, (uint8_t *)keyp, length); + rc = tlv_modify(&cursor, tag, (uint8_t *)valuep, length); if (rc != 0) { goto fail2; @@ -1069,6 +1167,7 @@ fail1: return (rc); } + __checkReturn efx_rc_t ef10_nvram_buffer_delete_item( __in_bcount(buffer_size) @@ -1376,12 +1475,16 @@ ef10_nvram_partn_read_tlv( */ retry = 10; do { - rc = ef10_nvram_read_tlv_segment(enp, partn, 0, - seg_data, partn_size); - } while ((rc == EAGAIN) && (--retry > 0)); + if ((rc = ef10_nvram_read_tlv_segment(enp, partn, 0, + seg_data, partn_size)) != 0) + --retry; + } while ((rc == EAGAIN) && (retry > 0)); if (rc != 0) { /* Failed to obtain consistent segment data */ + if (rc == EAGAIN) + rc = EIO; + goto fail4; } @@ -1831,7 +1934,7 @@ ef10_nvram_partn_write_segment_tlv( goto fail7; /* Unlock the partition */ - ef10_nvram_partn_unlock(enp, partn, NULL); + (void) ef10_nvram_partn_unlock(enp, partn, NULL); EFSYS_KMEM_FREE(enp->en_esip, partn_size, partn_data); @@ -1846,7 +1949,7 @@ fail5: fail4: EFSYS_PROBE(fail4); - ef10_nvram_partn_unlock(enp, partn, NULL); + (void) ef10_nvram_partn_unlock(enp, partn, NULL); fail3: EFSYS_PROBE(fail3); @@ -2023,7 +2126,7 @@ ef10_nvram_partn_write( __in efx_nic_t *enp, __in uint32_t partn, __in unsigned int offset, - __out_bcount(size) caddr_t data, + __in_bcount(size) caddr_t data, __in size_t size) { size_t chunk; @@ -2179,6 +2282,22 @@ static ef10_parttbl_entry_t medford_parttbl[] = { PARTN_MAP_ENTRY(MUM_FIRMWARE, ALL, MUM_FIRMWARE), }; +static ef10_parttbl_entry_t medford2_parttbl[] = { + /* partn ports nvtype */ + PARTN_MAP_ENTRY(MC_FIRMWARE, ALL, MC_FIRMWARE), + PARTN_MAP_ENTRY(MC_FIRMWARE_BACKUP, ALL, MC_GOLDEN), + PARTN_MAP_ENTRY(EXPANSION_ROM, ALL, BOOTROM), + PARTN_MAP_ENTRY(EXPROM_CONFIG, ALL, BOOTROM_CFG), + PARTN_MAP_ENTRY(DYNAMIC_CONFIG, ALL, DYNAMIC_CFG), + PARTN_MAP_ENTRY(FPGA, ALL, FPGA), + PARTN_MAP_ENTRY(FPGA_BACKUP, ALL, FPGA_BACKUP), + PARTN_MAP_ENTRY(LICENSE, ALL, LICENSE), + PARTN_MAP_ENTRY(EXPANSION_UEFI, ALL, UEFIROM), + PARTN_MAP_ENTRY(MUM_FIRMWARE, ALL, MUM_FIRMWARE), + PARTN_MAP_ENTRY(DYNCONFIG_DEFAULTS, ALL, DYNCONFIG_DEFAULTS), + PARTN_MAP_ENTRY(ROMCONFIG_DEFAULTS, ALL, ROMCONFIG_DEFAULTS), +}; + static __checkReturn efx_rc_t ef10_parttbl_get( __in efx_nic_t *enp, @@ -2196,6 +2315,11 @@ ef10_parttbl_get( *parttbl_rowsp = EFX_ARRAY_SIZE(medford_parttbl); break; + case EFX_FAMILY_MEDFORD2: + *parttblp = medford2_parttbl; + *parttbl_rowsp = EFX_ARRAY_SIZE(medford2_parttbl); + break; + default: EFSYS_ASSERT(B_FALSE); return (EINVAL); @@ -2389,4 +2513,4 @@ fail1: #endif /* EFSYS_OPT_NVRAM */ -#endif /* EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD */ +#endif /* EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 */ diff --git a/sys/dev/sfxge/common/ef10_phy.c b/sys/dev/sfxge/common/ef10_phy.c index 5f9ec43a316f..c3afb7b2d99d 100644 --- a/sys/dev/sfxge/common/ef10_phy.c +++ b/sys/dev/sfxge/common/ef10_phy.c @@ -34,7 +34,7 @@ __FBSDID("$FreeBSD$"); #include "efx.h" #include "efx_impl.h" -#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD +#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 static void mcdi_phy_decode_cap( @@ -43,6 +43,32 @@ mcdi_phy_decode_cap( { uint32_t mask; +#define CHECK_CAP(_cap) \ + EFX_STATIC_ASSERT(EFX_PHY_CAP_##_cap == MC_CMD_PHY_CAP_##_cap##_LBN) + + CHECK_CAP(10HDX); + CHECK_CAP(10FDX); + CHECK_CAP(100HDX); + CHECK_CAP(100FDX); + CHECK_CAP(1000HDX); + CHECK_CAP(1000FDX); + CHECK_CAP(10000FDX); + CHECK_CAP(25000FDX); + CHECK_CAP(40000FDX); + CHECK_CAP(50000FDX); + CHECK_CAP(100000FDX); + CHECK_CAP(PAUSE); + CHECK_CAP(ASYM); + CHECK_CAP(AN); + CHECK_CAP(DDM); + CHECK_CAP(BASER_FEC); + CHECK_CAP(BASER_FEC_REQUESTED); + CHECK_CAP(RS_FEC); + CHECK_CAP(RS_FEC_REQUESTED); + CHECK_CAP(25G_BASER_FEC); + CHECK_CAP(25G_BASER_FEC_REQUESTED); +#undef CHECK_CAP + mask = 0; if (mcdi_cap & (1 << MC_CMD_PHY_CAP_10HDX_LBN)) mask |= (1 << EFX_PHY_CAP_10HDX); @@ -58,8 +84,15 @@ mcdi_phy_decode_cap( mask |= (1 << EFX_PHY_CAP_1000FDX); if (mcdi_cap & (1 << MC_CMD_PHY_CAP_10000FDX_LBN)) mask |= (1 << EFX_PHY_CAP_10000FDX); + if (mcdi_cap & (1 << MC_CMD_PHY_CAP_25000FDX_LBN)) + mask |= (1 << EFX_PHY_CAP_25000FDX); if (mcdi_cap & (1 << MC_CMD_PHY_CAP_40000FDX_LBN)) mask |= (1 << EFX_PHY_CAP_40000FDX); + if (mcdi_cap & (1 << MC_CMD_PHY_CAP_50000FDX_LBN)) + mask |= (1 << EFX_PHY_CAP_50000FDX); + if (mcdi_cap & (1 << MC_CMD_PHY_CAP_100000FDX_LBN)) + mask |= (1 << EFX_PHY_CAP_100000FDX); + if (mcdi_cap & (1 << MC_CMD_PHY_CAP_PAUSE_LBN)) mask |= (1 << EFX_PHY_CAP_PAUSE); if (mcdi_cap & (1 << MC_CMD_PHY_CAP_ASYM_LBN)) @@ -67,6 +100,22 @@ mcdi_phy_decode_cap( if (mcdi_cap & (1 << MC_CMD_PHY_CAP_AN_LBN)) mask |= (1 << EFX_PHY_CAP_AN); + /* FEC caps (supported on Medford2 and later) */ + if (mcdi_cap & (1 << MC_CMD_PHY_CAP_BASER_FEC_LBN)) + mask |= (1 << EFX_PHY_CAP_BASER_FEC); + if (mcdi_cap & (1 << MC_CMD_PHY_CAP_BASER_FEC_REQUESTED_LBN)) + mask |= (1 << EFX_PHY_CAP_BASER_FEC_REQUESTED); + + if (mcdi_cap & (1 << MC_CMD_PHY_CAP_RS_FEC_LBN)) + mask |= (1 << EFX_PHY_CAP_RS_FEC); + if (mcdi_cap & (1 << MC_CMD_PHY_CAP_RS_FEC_REQUESTED_LBN)) + mask |= (1 << EFX_PHY_CAP_RS_FEC_REQUESTED); + + if (mcdi_cap & (1 << MC_CMD_PHY_CAP_25G_BASER_FEC_LBN)) + mask |= (1 << EFX_PHY_CAP_25G_BASER_FEC); + if (mcdi_cap & (1 << MC_CMD_PHY_CAP_25G_BASER_FEC_REQUESTED_LBN)) + mask |= (1 << EFX_PHY_CAP_25G_BASER_FEC_REQUESTED); + *maskp = mask; } @@ -76,8 +125,10 @@ mcdi_phy_decode_link_mode( __in uint32_t link_flags, __in unsigned int speed, __in unsigned int fcntl, + __in uint32_t fec, __out efx_link_mode_t *link_modep, - __out unsigned int *fcntlp) + __out unsigned int *fcntlp, + __out efx_phy_fec_type_t *fecp) { boolean_t fd = !!(link_flags & (1 << MC_CMD_GET_LINK_OUT_FULL_DUPLEX_LBN)); @@ -88,8 +139,14 @@ mcdi_phy_decode_link_mode( if (!up) *link_modep = EFX_LINK_DOWN; + else if (speed == 100000 && fd) + *link_modep = EFX_LINK_100000FDX; + else if (speed == 50000 && fd) + *link_modep = EFX_LINK_50000FDX; else if (speed == 40000 && fd) *link_modep = EFX_LINK_40000FDX; + else if (speed == 25000 && fd) + *link_modep = EFX_LINK_25000FDX; else if (speed == 10000 && fd) *link_modep = EFX_LINK_10000FDX; else if (speed == 1000) @@ -113,6 +170,22 @@ mcdi_phy_decode_link_mode( EFSYS_PROBE1(mc_pcol_error, int, fcntl); *fcntlp = 0; } + + switch (fec) { + case MC_CMD_FEC_NONE: + *fecp = EFX_PHY_FEC_NONE; + break; + case MC_CMD_FEC_BASER: + *fecp = EFX_PHY_FEC_BASER; + break; + case MC_CMD_FEC_RS: + *fecp = EFX_PHY_FEC_RS; + break; + default: + EFSYS_PROBE1(mc_pcol_error, int, fec); + *fecp = EFX_PHY_FEC_NONE; + break; + } } @@ -126,6 +199,7 @@ ef10_phy_link_ev( unsigned int link_flags; unsigned int speed; unsigned int fcntl; + efx_phy_fec_type_t fec = MC_CMD_FEC_NONE; efx_link_mode_t link_mode; uint32_t lp_cap_mask; @@ -143,9 +217,18 @@ ef10_phy_link_ev( case MCDI_EVENT_LINKCHANGE_SPEED_10G: speed = 10000; break; + case MCDI_EVENT_LINKCHANGE_SPEED_25G: + speed = 25000; + break; case MCDI_EVENT_LINKCHANGE_SPEED_40G: speed = 40000; break; + case MCDI_EVENT_LINKCHANGE_SPEED_50G: + speed = 50000; + break; + case MCDI_EVENT_LINKCHANGE_SPEED_100G: + speed = 100000; + break; default: speed = 0; break; @@ -154,7 +237,8 @@ ef10_phy_link_ev( link_flags = MCDI_EV_FIELD(eqp, LINKCHANGE_LINK_FLAGS); mcdi_phy_decode_link_mode(enp, link_flags, speed, MCDI_EV_FIELD(eqp, LINKCHANGE_FCNTL), - &link_mode, &fcntl); + MC_CMD_FEC_NONE, &link_mode, + &fcntl, &fec); mcdi_phy_decode_cap(MCDI_EV_FIELD(eqp, LINKCHANGE_LP_CAP), &lp_cap_mask); @@ -205,16 +289,16 @@ ef10_phy_get_link( __out ef10_link_state_t *elsp) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_GET_LINK_IN_LEN, - MC_CMD_GET_LINK_OUT_LEN)]; + uint32_t fec; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_GET_LINK_IN_LEN, + MC_CMD_GET_LINK_OUT_V2_LEN); efx_rc_t rc; - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_GET_LINK; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_GET_LINK_IN_LEN; req.emr_out_buf = payload; - req.emr_out_length = MC_CMD_GET_LINK_OUT_LEN; + req.emr_out_length = MC_CMD_GET_LINK_OUT_V2_LEN; efx_mcdi_execute(enp, &req); @@ -229,36 +313,34 @@ ef10_phy_get_link( } mcdi_phy_decode_cap(MCDI_OUT_DWORD(req, GET_LINK_OUT_CAP), - &elsp->els_adv_cap_mask); + &elsp->epls.epls_adv_cap_mask); mcdi_phy_decode_cap(MCDI_OUT_DWORD(req, GET_LINK_OUT_LP_CAP), - &elsp->els_lp_cap_mask); + &elsp->epls.epls_lp_cap_mask); + + if (req.emr_out_length_used < MC_CMD_GET_LINK_OUT_V2_LEN) + fec = MC_CMD_FEC_NONE; + else + fec = MCDI_OUT_DWORD(req, GET_LINK_OUT_V2_FEC_TYPE); mcdi_phy_decode_link_mode(enp, MCDI_OUT_DWORD(req, GET_LINK_OUT_FLAGS), MCDI_OUT_DWORD(req, GET_LINK_OUT_LINK_SPEED), MCDI_OUT_DWORD(req, GET_LINK_OUT_FCNTL), - &elsp->els_link_mode, &elsp->els_fcntl); + fec, &elsp->epls.epls_link_mode, + &elsp->epls.epls_fcntl, &elsp->epls.epls_fec); + + if (req.emr_out_length_used < MC_CMD_GET_LINK_OUT_V2_LEN) { + elsp->epls.epls_ld_cap_mask = 0; + } else { + mcdi_phy_decode_cap(MCDI_OUT_DWORD(req, GET_LINK_OUT_V2_LD_CAP), + &elsp->epls.epls_ld_cap_mask); + } -#if EFSYS_OPT_LOOPBACK - /* Assert the MC_CMD_LOOPBACK and EFX_LOOPBACK namespace agree */ - EFX_STATIC_ASSERT(MC_CMD_LOOPBACK_NONE == EFX_LOOPBACK_OFF); - EFX_STATIC_ASSERT(MC_CMD_LOOPBACK_DATA == EFX_LOOPBACK_DATA); - EFX_STATIC_ASSERT(MC_CMD_LOOPBACK_GMAC == EFX_LOOPBACK_GMAC); - EFX_STATIC_ASSERT(MC_CMD_LOOPBACK_XGMII == EFX_LOOPBACK_XGMII); - EFX_STATIC_ASSERT(MC_CMD_LOOPBACK_XGXS == EFX_LOOPBACK_XGXS); - EFX_STATIC_ASSERT(MC_CMD_LOOPBACK_XAUI == EFX_LOOPBACK_XAUI); - EFX_STATIC_ASSERT(MC_CMD_LOOPBACK_GMII == EFX_LOOPBACK_GMII); - EFX_STATIC_ASSERT(MC_CMD_LOOPBACK_SGMII == EFX_LOOPBACK_SGMII); - EFX_STATIC_ASSERT(MC_CMD_LOOPBACK_XGBR == EFX_LOOPBACK_XGBR); - EFX_STATIC_ASSERT(MC_CMD_LOOPBACK_XFI == EFX_LOOPBACK_XFI); - EFX_STATIC_ASSERT(MC_CMD_LOOPBACK_XAUI_FAR == EFX_LOOPBACK_XAUI_FAR); - EFX_STATIC_ASSERT(MC_CMD_LOOPBACK_GMII_FAR == EFX_LOOPBACK_GMII_FAR); - EFX_STATIC_ASSERT(MC_CMD_LOOPBACK_SGMII_FAR == EFX_LOOPBACK_SGMII_FAR); - EFX_STATIC_ASSERT(MC_CMD_LOOPBACK_XFI_FAR == EFX_LOOPBACK_XFI_FAR); - EFX_STATIC_ASSERT(MC_CMD_LOOPBACK_GPHY == EFX_LOOPBACK_GPHY); - EFX_STATIC_ASSERT(MC_CMD_LOOPBACK_PHYXS == EFX_LOOPBACK_PHY_XS); - EFX_STATIC_ASSERT(MC_CMD_LOOPBACK_PCS == EFX_LOOPBACK_PCS); - EFX_STATIC_ASSERT(MC_CMD_LOOPBACK_PMAPMD == EFX_LOOPBACK_PMA_PMD); +#if EFSYS_OPT_LOOPBACK + /* + * MC_CMD_LOOPBACK and EFX_LOOPBACK names are equivalent, so use the + * MCDI value directly. Agreement is checked in efx_loopback_mask(). + */ elsp->els_loopback = MCDI_OUT_DWORD(req, GET_LINK_OUT_LOOPBACK_MODE); #endif /* EFSYS_OPT_LOOPBACK */ @@ -280,8 +362,8 @@ ef10_phy_reconfigure( { efx_port_t *epp = &(enp->en_port); efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_SET_LINK_IN_LEN, - MC_CMD_SET_LINK_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_SET_LINK_IN_LEN, + MC_CMD_SET_LINK_OUT_LEN); uint32_t cap_mask; #if EFSYS_OPT_PHY_LED_CONTROL unsigned int led_mode; @@ -295,7 +377,6 @@ ef10_phy_reconfigure( if (supported == B_FALSE) goto out; - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_SET_LINK; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_SET_LINK_IN_LEN; @@ -316,7 +397,32 @@ ef10_phy_reconfigure( PHY_CAP_AN, (cap_mask >> EFX_PHY_CAP_AN) & 0x1); /* Too many fields for for POPULATE macros, so insert this afterwards */ MCDI_IN_SET_DWORD_FIELD(req, SET_LINK_IN_CAP, + PHY_CAP_25000FDX, (cap_mask >> EFX_PHY_CAP_25000FDX) & 0x1); + MCDI_IN_SET_DWORD_FIELD(req, SET_LINK_IN_CAP, PHY_CAP_40000FDX, (cap_mask >> EFX_PHY_CAP_40000FDX) & 0x1); + MCDI_IN_SET_DWORD_FIELD(req, SET_LINK_IN_CAP, + PHY_CAP_50000FDX, (cap_mask >> EFX_PHY_CAP_50000FDX) & 0x1); + MCDI_IN_SET_DWORD_FIELD(req, SET_LINK_IN_CAP, + PHY_CAP_100000FDX, (cap_mask >> EFX_PHY_CAP_100000FDX) & 0x1); + + MCDI_IN_SET_DWORD_FIELD(req, SET_LINK_IN_CAP, + PHY_CAP_BASER_FEC, (cap_mask >> EFX_PHY_CAP_BASER_FEC) & 0x1); + MCDI_IN_SET_DWORD_FIELD(req, SET_LINK_IN_CAP, + PHY_CAP_BASER_FEC_REQUESTED, + (cap_mask >> EFX_PHY_CAP_BASER_FEC_REQUESTED) & 0x1); + + MCDI_IN_SET_DWORD_FIELD(req, SET_LINK_IN_CAP, + PHY_CAP_RS_FEC, (cap_mask >> EFX_PHY_CAP_RS_FEC) & 0x1); + MCDI_IN_SET_DWORD_FIELD(req, SET_LINK_IN_CAP, + PHY_CAP_RS_FEC_REQUESTED, + (cap_mask >> EFX_PHY_CAP_RS_FEC_REQUESTED) & 0x1); + + MCDI_IN_SET_DWORD_FIELD(req, SET_LINK_IN_CAP, + PHY_CAP_25G_BASER_FEC, + (cap_mask >> EFX_PHY_CAP_25G_BASER_FEC) & 0x1); + MCDI_IN_SET_DWORD_FIELD(req, SET_LINK_IN_CAP, + PHY_CAP_25G_BASER_FEC_REQUESTED, + (cap_mask >> EFX_PHY_CAP_25G_BASER_FEC_REQUESTED) & 0x1); #if EFSYS_OPT_LOOPBACK MCDI_IN_SET_DWORD(req, SET_LINK_IN_LOOPBACK_MODE, @@ -331,9 +437,18 @@ ef10_phy_reconfigure( case EFX_LINK_10000FDX: speed = 10000; break; + case EFX_LINK_25000FDX: + speed = 25000; + break; case EFX_LINK_40000FDX: speed = 40000; break; + case EFX_LINK_50000FDX: + speed = 50000; + break; + case EFX_LINK_100000FDX: + speed = 100000; + break; default: speed = 0; } @@ -409,12 +524,11 @@ ef10_phy_verify( __in efx_nic_t *enp) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_GET_PHY_STATE_IN_LEN, - MC_CMD_GET_PHY_STATE_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_GET_PHY_STATE_IN_LEN, + MC_CMD_GET_PHY_STATE_OUT_LEN); uint32_t state; efx_rc_t rc; - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_GET_PHY_STATE; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_GET_PHY_STATE_IN_LEN; @@ -463,6 +577,29 @@ ef10_phy_oui_get( return (ENOTSUP); } + __checkReturn efx_rc_t +ef10_phy_link_state_get( + __in efx_nic_t *enp, + __out efx_phy_link_state_t *eplsp) +{ + efx_rc_t rc; + ef10_link_state_t els; + + /* Obtain the active link state */ + if ((rc = ef10_phy_get_link(enp, &els)) != 0) + goto fail1; + + *eplsp = els.epls; + + return (0); + +fail1: + EFSYS_PROBE1(fail1, efx_rc_t, rc); + + return (rc); +} + + #if EFSYS_OPT_PHY_STATS __checkReturn efx_rc_t @@ -528,22 +665,34 @@ ef10_bist_poll( unsigned long *valuesp, __in size_t count) { + /* + * MCDI_CTL_SDU_LEN_MAX_V1 is large enough cover all BIST results, + * whilst not wasting stack. + */ + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_POLL_BIST_IN_LEN, + MCDI_CTL_SDU_LEN_MAX_V1); efx_nic_cfg_t *encp = &(enp->en_nic_cfg); efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_POLL_BIST_IN_LEN, - MCDI_CTL_SDU_LEN_MAX)]; uint32_t value_mask = 0; uint32_t result; efx_rc_t rc; + EFX_STATIC_ASSERT(MC_CMD_POLL_BIST_OUT_LEN <= + MCDI_CTL_SDU_LEN_MAX_V1); + EFX_STATIC_ASSERT(MC_CMD_POLL_BIST_OUT_SFT9001_LEN <= + MCDI_CTL_SDU_LEN_MAX_V1); + EFX_STATIC_ASSERT(MC_CMD_POLL_BIST_OUT_MRSFP_LEN <= + MCDI_CTL_SDU_LEN_MAX_V1); + EFX_STATIC_ASSERT(MC_CMD_POLL_BIST_OUT_MEM_LEN <= + MCDI_CTL_SDU_LEN_MAX_V1); + _NOTE(ARGUNUSED(type)) - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_POLL_BIST; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_POLL_BIST_IN_LEN; req.emr_out_buf = payload; - req.emr_out_length = MCDI_CTL_SDU_LEN_MAX; + req.emr_out_length = MCDI_CTL_SDU_LEN_MAX_V1; efx_mcdi_execute(enp, &req); @@ -633,4 +782,4 @@ ef10_bist_stop( #endif /* EFSYS_OPT_BIST */ -#endif /* EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD */ +#endif /* EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 */ diff --git a/sys/dev/sfxge/common/ef10_rx.c b/sys/dev/sfxge/common/ef10_rx.c index ff7f5552d5d8..b61880ab31a1 100644 --- a/sys/dev/sfxge/common/ef10_rx.c +++ b/sys/dev/sfxge/common/ef10_rx.c @@ -35,7 +35,7 @@ __FBSDID("$FreeBSD$"); #include "efx_impl.h" -#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD +#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 static __checkReturn efx_rc_t @@ -48,12 +48,16 @@ efx_mcdi_init_rxq( __in efsys_mem_t *esmp, __in boolean_t disable_scatter, __in boolean_t want_inner_classes, - __in uint32_t ps_bufsize) + __in uint32_t ps_bufsize, + __in uint32_t es_bufs_per_desc, + __in uint32_t es_max_dma_len, + __in uint32_t es_buf_stride, + __in uint32_t hol_block_timeout) { efx_nic_cfg_t *encp = &(enp->en_nic_cfg); efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_INIT_RXQ_EXT_IN_LEN, - MC_CMD_INIT_RXQ_EXT_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_INIT_RXQ_V3_IN_LEN, + MC_CMD_INIT_RXQ_V3_OUT_LEN); int npages = EFX_RXQ_NBUFS(ndescs); int i; efx_qword_t *dma_addr; @@ -64,8 +68,15 @@ efx_mcdi_init_rxq( EFSYS_ASSERT3U(ndescs, <=, EFX_RXQ_MAXNDESCS); + if ((esmp == NULL) || (EFSYS_MEM_SIZE(esmp) < EFX_RXQ_SIZE(ndescs))) { + rc = EINVAL; + goto fail1; + } + if (ps_bufsize > 0) dma_mode = MC_CMD_INIT_RXQ_EXT_IN_PACKED_STREAM; + else if (es_bufs_per_desc > 0) + dma_mode = MC_CMD_INIT_RXQ_V3_IN_EQUAL_STRIDE_SUPER_BUFFER; else dma_mode = MC_CMD_INIT_RXQ_EXT_IN_SINGLE_PACKET; @@ -89,12 +100,11 @@ efx_mcdi_init_rxq( want_outer_classes = B_FALSE; } - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_INIT_RXQ; req.emr_in_buf = payload; - req.emr_in_length = MC_CMD_INIT_RXQ_EXT_IN_LEN; + req.emr_in_length = MC_CMD_INIT_RXQ_V3_IN_LEN; req.emr_out_buf = payload; - req.emr_out_length = MC_CMD_INIT_RXQ_EXT_OUT_LEN; + req.emr_out_length = MC_CMD_INIT_RXQ_V3_OUT_LEN; MCDI_IN_SET_DWORD(req, INIT_RXQ_EXT_IN_SIZE, ndescs); MCDI_IN_SET_DWORD(req, INIT_RXQ_EXT_IN_TARGET_EVQ, target_evq); @@ -114,6 +124,19 @@ efx_mcdi_init_rxq( MCDI_IN_SET_DWORD(req, INIT_RXQ_EXT_IN_OWNER_ID, 0); MCDI_IN_SET_DWORD(req, INIT_RXQ_EXT_IN_PORT_ID, EVB_PORT_ID_ASSIGNED); + if (es_bufs_per_desc > 0) { + MCDI_IN_SET_DWORD(req, + INIT_RXQ_V3_IN_ES_PACKET_BUFFERS_PER_BUCKET, + es_bufs_per_desc); + MCDI_IN_SET_DWORD(req, + INIT_RXQ_V3_IN_ES_MAX_DMA_LEN, es_max_dma_len); + MCDI_IN_SET_DWORD(req, + INIT_RXQ_V3_IN_ES_PACKET_STRIDE, es_buf_stride); + MCDI_IN_SET_DWORD(req, + INIT_RXQ_V3_IN_ES_HEAD_OF_LINE_BLOCK_TIMEOUT, + hol_block_timeout); + } + dma_addr = MCDI_IN2(req, efx_qword_t, INIT_RXQ_IN_DMA_ADDR); addr = EFSYS_MEM_ADDR(esmp); @@ -130,11 +153,13 @@ efx_mcdi_init_rxq( if (req.emr_rc != 0) { rc = req.emr_rc; - goto fail1; + goto fail2; } return (0); +fail2: + EFSYS_PROBE(fail2); fail1: EFSYS_PROBE1(fail1, efx_rc_t, rc); @@ -147,11 +172,10 @@ efx_mcdi_fini_rxq( __in uint32_t instance) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_FINI_RXQ_IN_LEN, - MC_CMD_FINI_RXQ_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_FINI_RXQ_IN_LEN, + MC_CMD_FINI_RXQ_OUT_LEN); efx_rc_t rc; - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_FINI_RXQ; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_FINI_RXQ_IN_LEN; @@ -189,8 +213,8 @@ efx_mcdi_rss_context_alloc( __out uint32_t *rss_contextp) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_RSS_CONTEXT_ALLOC_IN_LEN, - MC_CMD_RSS_CONTEXT_ALLOC_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_RSS_CONTEXT_ALLOC_IN_LEN, + MC_CMD_RSS_CONTEXT_ALLOC_OUT_LEN); uint32_t rss_context; uint32_t context_type; efx_rc_t rc; @@ -212,7 +236,6 @@ efx_mcdi_rss_context_alloc( goto fail2; } - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_RSS_CONTEXT_ALLOC; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_RSS_CONTEXT_ALLOC_IN_LEN; @@ -275,8 +298,8 @@ efx_mcdi_rss_context_free( __in uint32_t rss_context) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_RSS_CONTEXT_FREE_IN_LEN, - MC_CMD_RSS_CONTEXT_FREE_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_RSS_CONTEXT_FREE_IN_LEN, + MC_CMD_RSS_CONTEXT_FREE_OUT_LEN); efx_rc_t rc; if (rss_context == EF10_RSS_CONTEXT_INVALID) { @@ -284,7 +307,6 @@ efx_mcdi_rss_context_free( goto fail1; } - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_RSS_CONTEXT_FREE; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_RSS_CONTEXT_FREE_IN_LEN; @@ -318,17 +340,34 @@ efx_mcdi_rss_context_set_flags( __in uint32_t rss_context, __in efx_rx_hash_type_t type) { + efx_nic_cfg_t *encp = &enp->en_nic_cfg; efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_RSS_CONTEXT_SET_FLAGS_IN_LEN, - MC_CMD_RSS_CONTEXT_SET_FLAGS_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_RSS_CONTEXT_SET_FLAGS_IN_LEN, + MC_CMD_RSS_CONTEXT_SET_FLAGS_OUT_LEN); efx_rc_t rc; + EFX_STATIC_ASSERT(EFX_RX_CLASS_IPV4_TCP_LBN == + MC_CMD_RSS_CONTEXT_SET_FLAGS_IN_TCP_IPV4_RSS_MODE_LBN); + EFX_STATIC_ASSERT(EFX_RX_CLASS_IPV4_TCP_WIDTH == + MC_CMD_RSS_CONTEXT_SET_FLAGS_IN_TCP_IPV4_RSS_MODE_WIDTH); + EFX_STATIC_ASSERT(EFX_RX_CLASS_IPV4_LBN == + MC_CMD_RSS_CONTEXT_SET_FLAGS_IN_OTHER_IPV4_RSS_MODE_LBN); + EFX_STATIC_ASSERT(EFX_RX_CLASS_IPV4_WIDTH == + MC_CMD_RSS_CONTEXT_SET_FLAGS_IN_OTHER_IPV4_RSS_MODE_WIDTH); + EFX_STATIC_ASSERT(EFX_RX_CLASS_IPV6_TCP_LBN == + MC_CMD_RSS_CONTEXT_SET_FLAGS_IN_TCP_IPV6_RSS_MODE_LBN); + EFX_STATIC_ASSERT(EFX_RX_CLASS_IPV6_TCP_WIDTH == + MC_CMD_RSS_CONTEXT_SET_FLAGS_IN_TCP_IPV6_RSS_MODE_WIDTH); + EFX_STATIC_ASSERT(EFX_RX_CLASS_IPV6_LBN == + MC_CMD_RSS_CONTEXT_SET_FLAGS_IN_OTHER_IPV6_RSS_MODE_LBN); + EFX_STATIC_ASSERT(EFX_RX_CLASS_IPV6_WIDTH == + MC_CMD_RSS_CONTEXT_SET_FLAGS_IN_OTHER_IPV6_RSS_MODE_WIDTH); + if (rss_context == EF10_RSS_CONTEXT_INVALID) { rc = EINVAL; goto fail1; } - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_RSS_CONTEXT_SET_FLAGS; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_RSS_CONTEXT_SET_FLAGS_IN_LEN; @@ -338,7 +377,14 @@ efx_mcdi_rss_context_set_flags( MCDI_IN_SET_DWORD(req, RSS_CONTEXT_SET_FLAGS_IN_RSS_CONTEXT_ID, rss_context); - MCDI_IN_POPULATE_DWORD_4(req, RSS_CONTEXT_SET_FLAGS_IN_FLAGS, + /* + * If the firmware lacks support for additional modes, RSS_MODE + * fields must contain zeros, otherwise the operation will fail. + */ + if (encp->enc_rx_scale_additional_modes_supported == B_FALSE) + type &= EFX_RX_HASH_LEGACY_MASK; + + MCDI_IN_POPULATE_DWORD_10(req, RSS_CONTEXT_SET_FLAGS_IN_FLAGS, RSS_CONTEXT_SET_FLAGS_IN_TOEPLITZ_IPV4_EN, (type & EFX_RX_HASH_IPV4) ? 1 : 0, RSS_CONTEXT_SET_FLAGS_IN_TOEPLITZ_TCPV4_EN, @@ -346,7 +392,23 @@ efx_mcdi_rss_context_set_flags( RSS_CONTEXT_SET_FLAGS_IN_TOEPLITZ_IPV6_EN, (type & EFX_RX_HASH_IPV6) ? 1 : 0, RSS_CONTEXT_SET_FLAGS_IN_TOEPLITZ_TCPV6_EN, - (type & EFX_RX_HASH_TCPIPV6) ? 1 : 0); + (type & EFX_RX_HASH_TCPIPV6) ? 1 : 0, + RSS_CONTEXT_SET_FLAGS_IN_TCP_IPV4_RSS_MODE, + (type >> EFX_RX_CLASS_IPV4_TCP_LBN) & + EFX_MASK32(EFX_RX_CLASS_IPV4_TCP), + RSS_CONTEXT_SET_FLAGS_IN_UDP_IPV4_RSS_MODE, + (type >> EFX_RX_CLASS_IPV4_UDP_LBN) & + EFX_MASK32(EFX_RX_CLASS_IPV4_UDP), + RSS_CONTEXT_SET_FLAGS_IN_OTHER_IPV4_RSS_MODE, + (type >> EFX_RX_CLASS_IPV4_LBN) & EFX_MASK32(EFX_RX_CLASS_IPV4), + RSS_CONTEXT_SET_FLAGS_IN_TCP_IPV6_RSS_MODE, + (type >> EFX_RX_CLASS_IPV6_TCP_LBN) & + EFX_MASK32(EFX_RX_CLASS_IPV6_TCP), + RSS_CONTEXT_SET_FLAGS_IN_UDP_IPV6_RSS_MODE, + (type >> EFX_RX_CLASS_IPV6_UDP_LBN) & + EFX_MASK32(EFX_RX_CLASS_IPV6_UDP), + RSS_CONTEXT_SET_FLAGS_IN_OTHER_IPV6_RSS_MODE, + (type >> EFX_RX_CLASS_IPV6_LBN) & EFX_MASK32(EFX_RX_CLASS_IPV6)); efx_mcdi_execute(enp, &req); @@ -375,8 +437,8 @@ efx_mcdi_rss_context_set_key( __in size_t n) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_RSS_CONTEXT_SET_KEY_IN_LEN, - MC_CMD_RSS_CONTEXT_SET_KEY_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_RSS_CONTEXT_SET_KEY_IN_LEN, + MC_CMD_RSS_CONTEXT_SET_KEY_OUT_LEN); efx_rc_t rc; if (rss_context == EF10_RSS_CONTEXT_INVALID) { @@ -384,7 +446,6 @@ efx_mcdi_rss_context_set_key( goto fail1; } - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_RSS_CONTEXT_SET_KEY; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_RSS_CONTEXT_SET_KEY_IN_LEN; @@ -432,8 +493,8 @@ efx_mcdi_rss_context_set_table( __in size_t n) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_RSS_CONTEXT_SET_TABLE_IN_LEN, - MC_CMD_RSS_CONTEXT_SET_TABLE_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_RSS_CONTEXT_SET_TABLE_IN_LEN, + MC_CMD_RSS_CONTEXT_SET_TABLE_OUT_LEN); uint8_t *req_table; int i, rc; @@ -442,7 +503,6 @@ efx_mcdi_rss_context_set_table( goto fail1; } - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_RSS_CONTEXT_SET_TABLE; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_RSS_CONTEXT_SET_TABLE_IN_LEN; @@ -571,12 +631,13 @@ ef10_rx_scale_mode_set( __in efx_rx_hash_type_t type, __in boolean_t insert) { + efx_nic_cfg_t *encp = &enp->en_nic_cfg; efx_rc_t rc; - EFSYS_ASSERT3U(alg, ==, EFX_RX_HASHALG_TOEPLITZ); EFSYS_ASSERT3U(insert, ==, B_TRUE); - if ((alg != EFX_RX_HASHALG_TOEPLITZ) || (insert == B_FALSE)) { + if ((encp->enc_rx_scale_hash_alg_mask & (1U << alg)) == 0 || + insert == B_FALSE) { rc = EINVAL; goto fail1; } @@ -725,6 +786,7 @@ ef10_rx_prefix_hash( _NOTE(ARGUNUSED(enp)) switch (func) { + case EFX_RX_HASHALG_PACKED_STREAM: case EFX_RX_HASHALG_TOEPLITZ: return (buffer[0] | (buffer[1] << 8) | @@ -822,8 +884,8 @@ ef10_rx_qpush( EFX_DMA_SYNC_QUEUE_FOR_DEVICE(erp->er_esmp, erp->er_mask + 1, wptr, pushed & erp->er_mask); EFSYS_PIO_WRITE_BARRIER(); - EFX_BAR_TBL_WRITED(enp, ER_DZ_RX_DESC_UPD_REG, - erp->er_index, &dword, B_FALSE); + EFX_BAR_VI_WRITED(enp, ER_DZ_RX_DESC_UPD_REG, + erp->er_index, &dword, B_FALSE); } #if EFSYS_OPT_RX_PACKED_STREAM @@ -854,7 +916,7 @@ ef10_rx_qpush_ps_credits( ERF_DZ_RX_DESC_MAGIC_CMD, ERE_DZ_RX_DESC_MAGIC_CMD_PS_CREDITS, ERF_DZ_RX_DESC_MAGIC_DATA, credits); - EFX_BAR_TBL_WRITED(enp, ER_DZ_RX_DESC_UPD_REG, + EFX_BAR_VI_WRITED(enp, ER_DZ_RX_DESC_UPD_REG, erp->er_index, &dword, B_FALSE); rxq_state->eers_rx_packed_stream_credits = 0; @@ -953,7 +1015,7 @@ ef10_rx_qcreate( __in unsigned int index, __in unsigned int label, __in efx_rxq_type_t type, - __in uint32_t type_data, + __in_opt const efx_rxq_type_data_t *type_data, __in efsys_mem_t *esmp, __in size_t ndescs, __in uint32_t id, @@ -966,6 +1028,10 @@ ef10_rx_qcreate( boolean_t disable_scatter; boolean_t want_inner_classes; unsigned int ps_buf_size; + uint32_t es_bufs_per_desc = 0; + uint32_t es_max_dma_len = 0; + uint32_t es_buf_stride = 0; + uint32_t hol_block_timeout = 0; _NOTE(ARGUNUSED(id, erp, type_data)) @@ -992,7 +1058,11 @@ ef10_rx_qcreate( break; #if EFSYS_OPT_RX_PACKED_STREAM case EFX_RXQ_TYPE_PACKED_STREAM: - switch (type_data) { + if (type_data == NULL) { + rc = EINVAL; + goto fail3; + } + switch (type_data->ertd_packed_stream.eps_buf_size) { case EFX_RXQ_PACKED_STREAM_BUF_SIZE_1M: ps_buf_size = MC_CMD_INIT_RXQ_EXT_IN_PS_BUFF_1M; break; @@ -1010,13 +1080,30 @@ ef10_rx_qcreate( break; default: rc = ENOTSUP; - goto fail3; + goto fail4; } break; #endif /* EFSYS_OPT_RX_PACKED_STREAM */ +#if EFSYS_OPT_RX_ES_SUPER_BUFFER + case EFX_RXQ_TYPE_ES_SUPER_BUFFER: + if (type_data == NULL) { + rc = EINVAL; + goto fail5; + } + ps_buf_size = 0; + es_bufs_per_desc = + type_data->ertd_es_super_buffer.eessb_bufs_per_desc; + es_max_dma_len = + type_data->ertd_es_super_buffer.eessb_max_dma_len; + es_buf_stride = + type_data->ertd_es_super_buffer.eessb_buf_stride; + hol_block_timeout = + type_data->ertd_es_super_buffer.eessb_hol_block_timeout; + break; +#endif /* EFSYS_OPT_RX_ES_SUPER_BUFFER */ default: rc = ENOTSUP; - goto fail4; + goto fail6; } #if EFSYS_OPT_RX_PACKED_STREAM @@ -1024,19 +1111,40 @@ ef10_rx_qcreate( /* Check if datapath firmware supports packed stream mode */ if (encp->enc_rx_packed_stream_supported == B_FALSE) { rc = ENOTSUP; - goto fail5; + goto fail7; } /* Check if packed stream allows configurable buffer sizes */ if ((ps_buf_size != MC_CMD_INIT_RXQ_EXT_IN_PS_BUFF_1M) && (encp->enc_rx_var_packed_stream_supported == B_FALSE)) { rc = ENOTSUP; - goto fail6; + goto fail8; } } #else /* EFSYS_OPT_RX_PACKED_STREAM */ EFSYS_ASSERT(ps_buf_size == 0); #endif /* EFSYS_OPT_RX_PACKED_STREAM */ +#if EFSYS_OPT_RX_ES_SUPER_BUFFER + if (es_bufs_per_desc > 0) { + if (encp->enc_rx_es_super_buffer_supported == B_FALSE) { + rc = ENOTSUP; + goto fail9; + } + if (!IS_P2ALIGNED(es_max_dma_len, + EFX_RX_ES_SUPER_BUFFER_BUF_ALIGNMENT)) { + rc = EINVAL; + goto fail10; + } + if (!IS_P2ALIGNED(es_buf_stride, + EFX_RX_ES_SUPER_BUFFER_BUF_ALIGNMENT)) { + rc = EINVAL; + goto fail11; + } + } +#else /* EFSYS_OPT_RX_ES_SUPER_BUFFER */ + EFSYS_ASSERT(es_bufs_per_desc == 0); +#endif /* EFSYS_OPT_RX_ES_SUPER_BUFFER */ + /* Scatter can only be disabled if the firmware supports doing so */ if (flags & EFX_RXQ_FLAG_SCATTER) disable_scatter = B_FALSE; @@ -1050,8 +1158,9 @@ ef10_rx_qcreate( if ((rc = efx_mcdi_init_rxq(enp, ndescs, eep->ee_index, label, index, esmp, disable_scatter, want_inner_classes, - ps_buf_size)) != 0) - goto fail7; + ps_buf_size, es_bufs_per_desc, es_max_dma_len, + es_buf_stride, hol_block_timeout)) != 0) + goto fail12; erp->er_eep = eep; erp->er_label = label; @@ -1062,17 +1171,31 @@ ef10_rx_qcreate( return (0); +fail12: + EFSYS_PROBE(fail12); +#if EFSYS_OPT_RX_ES_SUPER_BUFFER +fail11: + EFSYS_PROBE(fail11); +fail10: + EFSYS_PROBE(fail10); +fail9: + EFSYS_PROBE(fail9); +#endif /* EFSYS_OPT_RX_ES_SUPER_BUFFER */ +#if EFSYS_OPT_RX_PACKED_STREAM +fail8: + EFSYS_PROBE(fail8); fail7: EFSYS_PROBE(fail7); -#if EFSYS_OPT_RX_PACKED_STREAM +#endif /* EFSYS_OPT_RX_PACKED_STREAM */ fail6: EFSYS_PROBE(fail6); +#if EFSYS_OPT_RX_ES_SUPER_BUFFER fail5: EFSYS_PROBE(fail5); -#endif /* EFSYS_OPT_RX_PACKED_STREAM */ +#endif /* EFSYS_OPT_RX_ES_SUPER_BUFFER */ +#if EFSYS_OPT_RX_PACKED_STREAM fail4: EFSYS_PROBE(fail4); -#if EFSYS_OPT_RX_PACKED_STREAM fail3: EFSYS_PROBE(fail3); #endif /* EFSYS_OPT_RX_PACKED_STREAM */ @@ -1114,4 +1237,4 @@ ef10_rx_fini( #endif /* EFSYS_OPT_RX_SCALE */ } -#endif /* EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD */ +#endif /* EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 */ diff --git a/sys/dev/sfxge/common/ef10_signed_image_layout.h b/sys/dev/sfxge/common/ef10_signed_image_layout.h new file mode 100644 index 000000000000..2a1c2e29b372 --- /dev/null +++ b/sys/dev/sfxge/common/ef10_signed_image_layout.h @@ -0,0 +1,104 @@ +/*- + * SPDX-License-Identifier: BSD-2-Clause-FreeBSD + * + * Copyright (c) 2016-2018 Solarflare Communications Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR + * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; + * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, + * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + * The views and conclusions contained in the software and documentation are + * those of the authors and should not be interpreted as representing official + * policies, either expressed or implied, of the FreeBSD Project. + * + * $FreeBSD$ + */ + +/* + * This is NOT the original source file. Do NOT edit it. + * To update the image layout headers, please edit the copy in + * the sfregistry repo and then, in that repo, + * "make layout_headers" or "make export" to + * regenerate and export all types of headers. + */ + +/* + * These structures define the layouts for the signed firmware image binary + * saved in NVRAM. The original image is in the Cryptographic message + * syntax (CMS) format which contains the bootable firmware binary plus the + * signatures. The entire image is written into NVRAM to enable the firmware + * to validate the signatures. However, the bootrom still requires the + * bootable-image to start at offset 0 of the NVRAM partition. Hence the image + * is parsed upfront by host utilities (sfupdate) and written into nvram as + * 'signed_image_chunks' described by a header. + * + * This file is used by the MC as well as host-utilities (sfupdate). + */ + +#ifndef _SYS_EF10_SIGNED_IMAGE_LAYOUT_H +#define _SYS_EF10_SIGNED_IMAGE_LAYOUT_H + +/* Signed image chunk type identifiers */ +enum { + SIGNED_IMAGE_CHUNK_CMS_HEADER, /* CMS header describing the signed data */ + SIGNED_IMAGE_CHUNK_REFLASH_HEADER, /* Reflash header */ + SIGNED_IMAGE_CHUNK_IMAGE, /* Bootable binary image */ + SIGNED_IMAGE_CHUNK_REFLASH_TRAILER, /* Reflash trailer */ + SIGNED_IMAGE_CHUNK_SIGNATURE, /* Remaining contents of the signed image, + * including the certifiates and signature */ + NUM_SIGNED_IMAGE_CHUNKS, +}; + +/* Magic */ +#define SIGNED_IMAGE_CHUNK_HDR_MAGIC 0xEF105161 /* EF10 SIGned Image */ + +/* Initial version definition - version 1 */ +#define SIGNED_IMAGE_CHUNK_HDR_VERSION 0x1 + +/* Header length is 32 bytes */ +#define SIGNED_IMAGE_CHUNK_HDR_LEN 32 + +/* + * Structure describing the header of each chunk of signed image + * as stored in NVRAM. + */ +typedef struct signed_image_chunk_hdr_e { + /* + * Magic field to recognise a valid entry + * should match SIGNED_IMAGE_CHUNK_HDR_MAGIC + */ + uint32_t magic; + /* Version number of this header */ + uint32_t version; + /* Chunk type identifier */ + uint32_t id; + /* Chunk offset */ + uint32_t offset; + /* Chunk length */ + uint32_t len; + /* + * Reserved for future expansion of this structure - always + * set to zeros + */ + uint32_t reserved[3]; +} signed_image_chunk_hdr_t; + +#endif /* _SYS_EF10_SIGNED_IMAGE_LAYOUT_H */ diff --git a/sys/dev/sfxge/common/ef10_tlv_layout.h b/sys/dev/sfxge/common/ef10_tlv_layout.h index 44dde119015c..ab724098189e 100644 --- a/sys/dev/sfxge/common/ef10_tlv_layout.h +++ b/sys/dev/sfxge/common/ef10_tlv_layout.h @@ -30,6 +30,14 @@ * $FreeBSD$ */ +/* + * This is NOT the original source file. Do NOT edit it. + * To update the tlv layout, please edit the copy in + * the sfregistry repo and then, in that repo, + * "make tlv_headers" or "make export" to + * regenerate and export all types of headers. + */ + /* These structures define the layouts for the TLV items stored in static and * dynamic configuration partitions in NVRAM for EF10 (Huntington etc.). * @@ -58,6 +66,7 @@ * 1: dynamic configuration * 2: firmware internal use * 3: license partition + * 4: tsa configuration * * - TTT is a type, which is just a unique value. The same type value * might appear in both locations, indicating a relationship between @@ -433,6 +442,8 @@ struct tlv_firmware_options { #define TLV_FIRMWARE_VARIANT_PACKED_STREAM_HASH_MODE_1 \ MC_CMD_FW_PACKED_STREAM_HASH_MODE_1 #define TLV_FIRMWARE_VARIANT_RULES_ENGINE MC_CMD_FW_RULES_ENGINE +#define TLV_FIRMWARE_VARIANT_DPDK MC_CMD_FW_DPDK +#define TLV_FIRMWARE_VARIANT_L3XUDP MC_CMD_FW_L3XUDP }; /* Voltage settings @@ -516,6 +527,17 @@ struct tlv_0v9_atb_target { uint16_t reserved; }; +/* Factory settings for amplitude calibration of the PCIE TX serdes */ +#define TLV_TAG_TX_PCIE_AMP_CONFIG (0x00220000) +struct tlv_pcie_tx_amp_config { + uint32_t tag; + uint32_t length; + uint8_t quad_tx_imp2k[4]; + uint8_t quad_tx_imp50[4]; + uint8_t lane_amp[16]; +}; + + /* Global PCIe configuration, second revision. This represents the visible PFs * by a bitmap rather than having the number of the highest visible one. As such * it can (for a 16-PF chip) represent a superset of what TLV_TAG_GLOBAL_PCIE_CONFIG @@ -540,6 +562,17 @@ struct tlv_pcie_config_r2 { * number of externally visible ports (and, hence, PF to port mapping), so must * be done at boot time. * + * Port mode naming convention is + * + * [nports_on_cage0]x[port_lane_width]_[nports_on_cage1]x[port_lane_width] + * + * Port lane width determines the capabilities (speeds) of the ports, subject + * to architecture capabilities (e.g. 25G support) and switch bandwidth + * constraints: + * - single lane ports can do 25G/10G/1G + * - dual lane ports can do 50G/25G/10G/1G (with fallback to 1 lane) + * - quad lane ports can do 100G/40G/50G/25G/10G/1G (with fallback to 2 or 1 lanes) + * This tag supercedes tlv_global_port_config. */ @@ -550,18 +583,58 @@ struct tlv_global_port_mode { uint32_t length; uint32_t port_mode; #define TLV_PORT_MODE_DEFAULT (0xffffffff) /* Default for given platform */ -#define TLV_PORT_MODE_10G (0) /* 10G, single SFP/10G-KR */ -#define TLV_PORT_MODE_40G (1) /* 40G, single QSFP/40G-KR */ -#define TLV_PORT_MODE_10G_10G (2) /* 2x10G, dual SFP/10G-KR or single QSFP */ -#define TLV_PORT_MODE_40G_40G (3) /* 40G + 40G, dual QSFP/40G-KR (Greenport, Medford) */ -#define TLV_PORT_MODE_10G_10G_10G_10G (4) /* 2x10G + 2x10G, quad SFP/10G-KR or dual QSFP (Greenport) */ -#define TLV_PORT_MODE_10G_10G_10G_10G_Q1 (4) /* 4x10G, single QSFP, cage 0 (Medford) */ -#define TLV_PORT_MODE_10G_10G_10G_10G_Q (5) /* 4x10G, single QSFP, cage 0 (Medford) OBSOLETE DO NOT USE */ -#define TLV_PORT_MODE_40G_10G_10G (6) /* 1x40G + 2x10G, dual QSFP (Greenport, Medford) */ -#define TLV_PORT_MODE_10G_10G_40G (7) /* 2x10G + 1x40G, dual QSFP (Greenport, Medford) */ -#define TLV_PORT_MODE_10G_10G_10G_10G_Q2 (8) /* 4x10G, single QSFP, cage 1 (Medford) */ -#define TLV_PORT_MODE_10G_10G_10G_10G_Q1_Q2 (9) /* 2x10G + 2x10G, dual QSFP (Medford) */ -#define TLV_PORT_MODE_MAX TLV_PORT_MODE_10G_10G_10G_10G_Q1_Q2 + +/* Huntington port modes */ +#define TLV_PORT_MODE_10G (0) +#define TLV_PORT_MODE_40G (1) +#define TLV_PORT_MODE_10G_10G (2) +#define TLV_PORT_MODE_40G_40G (3) +#define TLV_PORT_MODE_10G_10G_10G_10G (4) +#define TLV_PORT_MODE_40G_10G_10G (6) +#define TLV_PORT_MODE_10G_10G_40G (7) + +/* Medford (and later) port modes */ +#define TLV_PORT_MODE_1x1_NA (0) /* Single 10G/25G on mdi0 */ +#define TLV_PORT_MODE_1x4_NA (1) /* Single 100G/40G on mdi0 */ +#define TLV_PORT_MODE_NA_1x4 (22) /* Single 100G/40G on mdi1 */ +#define TLV_PORT_MODE_1x2_NA (10) /* Single 50G on mdi0 */ +#define TLV_PORT_MODE_NA_1x2 (11) /* Single 50G on mdi1 */ +#define TLV_PORT_MODE_1x1_1x1 (2) /* Single 10G/25G on mdi0, single 10G/25G on mdi1 */ +#define TLV_PORT_MODE_1x4_1x4 (3) /* Single 40G on mdi0, single 40G on mdi1 */ +#define TLV_PORT_MODE_2x1_2x1 (5) /* Dual 10G/25G on mdi0, dual 10G/25G on mdi1 */ +#define TLV_PORT_MODE_4x1_NA (4) /* Quad 10G/25G on mdi0 */ +#define TLV_PORT_MODE_NA_4x1 (8) /* Quad 10G/25G on mdi1 */ +#define TLV_PORT_MODE_1x4_2x1 (6) /* Single 40G on mdi0, dual 10G/25G on mdi1 */ +#define TLV_PORT_MODE_2x1_1x4 (7) /* Dual 10G/25G on mdi0, single 40G on mdi1 */ +#define TLV_PORT_MODE_1x2_1x2 (12) /* Single 50G on mdi0, single 50G on mdi1 */ +#define TLV_PORT_MODE_2x2_NA (13) /* Dual 50G on mdi0 */ +#define TLV_PORT_MODE_NA_2x2 (14) /* Dual 50G on mdi1 */ +#define TLV_PORT_MODE_1x4_1x2 (15) /* Single 40G on mdi0, single 50G on mdi1 */ +#define TLV_PORT_MODE_1x2_1x4 (16) /* Single 50G on mdi0, single 40G on mdi1 */ +#define TLV_PORT_MODE_1x2_2x1 (17) /* Single 50G on mdi0, dual 10G/25G on mdi1 */ +#define TLV_PORT_MODE_2x1_1x2 (18) /* Dual 10G/25G on mdi0, single 50G on mdi1 */ + +/* Snapper-only Medford2 port modes. + * These modes are eftest only, to allow snapper explicit + * selection between multi-channel and LLPCS. In production, + * this selection is automatic and outside world should not + * care about LLPCS. + */ +#define TLV_PORT_MODE_2x1_2x1_LL (19) /* Dual 10G/25G on mdi0, dual 10G/25G on mdi1, low-latency PCS */ +#define TLV_PORT_MODE_4x1_NA_LL (20) /* Quad 10G/25G on mdi0, low-latency PCS */ +#define TLV_PORT_MODE_NA_4x1_LL (21) /* Quad 10G/25G on mdi1, low-latency PCS */ +#define TLV_PORT_MODE_1x1_NA_LL (23) /* Single 10G/25G on mdi0, low-latency PCS */ +#define TLV_PORT_MODE_1x1_1x1_LL (24) /* Single 10G/25G on mdi0, single 10G/25G on mdi1, low-latency PCS */ +#define TLV_PORT_MODE_BUG63720_DO_NOT_USE (9) /* bug63720: Do not use */ +#define TLV_PORT_MODE_MAX TLV_PORT_MODE_1x1_1x1_LL + +/* Deprecated Medford aliases - DO NOT USE IN NEW CODE */ +#define TLV_PORT_MODE_10G_10G_10G_10G_Q (5) +#define TLV_PORT_MODE_10G_10G_10G_10G_Q1 (4) +#define TLV_PORT_MODE_10G_10G_10G_10G_Q2 (8) +#define TLV_PORT_MODE_10G_10G_10G_10G_Q1_Q2 (9) + +#define TLV_PORT_MODE_MAX TLV_PORT_MODE_1x1_1x1_LL }; /* Type of the v-switch created implicitly by the firmware */ @@ -798,20 +871,6 @@ struct tlv_tx_event_merging_config { #define TLV_TX_EVENT_MERGING_TIMEOUT_NS_DEFAULT (0xffffffff) #define TLV_TX_EVENT_MERGING_QEMPTY_TIMEOUT_NS_DEFAULT (0xffffffff) -/* BIU mode - * - * Medford2 tag for selecting VI window decode (see values below) - */ -#define TLV_TAG_BIU_VI_WINDOW_MODE (0x10280000) -struct tlv_biu_vi_window_mode { - uint32_t tag; - uint32_t length; - uint8_t mode; -#define TLV_BIU_VI_WINDOW_MODE_8K 0 /* 8k per VI, CTPIO not mapped, medford/hunt compatible */ -#define TLV_BIU_VI_WINDOW_MODE_16K 1 /* 16k per VI, CTPIO mapped */ -#define TLV_BIU_VI_WINDOW_MODE_64K 2 /* 64k per VI, CTPIO mapped, POWER-friendly */ -}; - #define TLV_TAG_LICENSE (0x30800000) typedef struct tlv_license { @@ -820,7 +879,7 @@ typedef struct tlv_license { uint8_t data[]; } tlv_license_t; -/* TSA NIC IP address configuration +/* TSA NIC IP address configuration (DEPRECATED) * * Sets the TSA NIC IP address statically via configuration tool or dynamically * via DHCP via snooping based on the mode selection (0=Static, 1=DHCP, 2=Snoop) @@ -830,7 +889,7 @@ typedef struct tlv_license { * released code yet. */ -#define TLV_TAG_TMP_TSAN_CONFIG (0x10220000) +#define TLV_TAG_TMP_TSAN_CONFIG (0x10220000) /* DEPRECATED */ #define TLV_TSAN_IP_MODE_STATIC (0) #define TLV_TSAN_IP_MODE_DHCP (1) @@ -847,7 +906,7 @@ typedef struct tlv_tsan_config { uint32_t bind_bkout; /* DEPRECATED */ } tlv_tsan_config_t; -/* TSA Controller IP address configuration +/* TSA Controller IP address configuration (DEPRECATED) * * Sets the TSA Controller IP address statically via configuration tool * @@ -856,7 +915,7 @@ typedef struct tlv_tsan_config { * released code yet. */ -#define TLV_TAG_TMP_TSAC_CONFIG (0x10230000) +#define TLV_TAG_TMP_TSAC_CONFIG (0x10230000) /* DEPRECATED */ #define TLV_MAX_TSACS (4) typedef struct tlv_tsac_config { @@ -867,7 +926,7 @@ typedef struct tlv_tsac_config { uint32_t port[TLV_MAX_TSACS]; } tlv_tsac_config_t; -/* Binding ticket +/* Binding ticket (DEPRECATED) * * Sets the TSA NIC binding ticket used for binding process between the TSA NIC * and the TSA Controller @@ -877,7 +936,7 @@ typedef struct tlv_tsac_config { * released code yet. */ -#define TLV_TAG_TMP_BINDING_TICKET (0x10240000) +#define TLV_TAG_TMP_BINDING_TICKET (0x10240000) /* DEPRECATED */ typedef struct tlv_binding_ticket { uint32_t tag; @@ -902,7 +961,7 @@ typedef struct tlv_pik_sf { uint8_t bytes[]; } tlv_pik_sf_t; -/* CA root certificate +/* CA root certificate (DEPRECATED) * * Sets the CA root certificate used for TSA Controller verfication during * TLS connection setup between the TSA NIC and the TSA Controller @@ -912,7 +971,7 @@ typedef struct tlv_pik_sf { * released code yet. */ -#define TLV_TAG_TMP_CA_ROOT_CERT (0x10260000) +#define TLV_TAG_TMP_CA_ROOT_CERT (0x10260000) /* DEPRECATED */ typedef struct tlv_ca_root_cert { uint32_t tag; @@ -934,4 +993,45 @@ struct tlv_tx_vfifo_ull_mode { #define TLV_TX_VFIFO_ULL_MODE_DEFAULT 0 }; +/* BIU mode + * + * Medford2 tag for selecting VI window decode (see values below) + */ +#define TLV_TAG_BIU_VI_WINDOW_MODE (0x10280000) +struct tlv_biu_vi_window_mode { + uint32_t tag; + uint32_t length; + uint8_t mode; +#define TLV_BIU_VI_WINDOW_MODE_8K 0 /* 8k per VI, CTPIO not mapped, medford/hunt compatible */ +#define TLV_BIU_VI_WINDOW_MODE_16K 1 /* 16k per VI, CTPIO mapped */ +#define TLV_BIU_VI_WINDOW_MODE_64K 2 /* 64k per VI, CTPIO mapped, POWER-friendly */ +}; + +/* FastPD mode + * + * Medford2 tag for configuring the FastPD mode (see values below) + */ +#define TLV_TAG_FASTPD_MODE(port) (0x10290000 + (port)) +struct tlv_fastpd_mode { + uint32_t tag; + uint32_t length; + uint8_t mode; +#define TLV_FASTPD_MODE_SOFT_ALL 0 /* All packets to the SoftPD */ +#define TLV_FASTPD_MODE_FAST_ALL 1 /* All packets to the FastPD */ +#define TLV_FASTPD_MODE_FAST_SUPPORTED 2 /* Supported packet types to the FastPD; everything else to the SoftPD */ +}; + +/* L3xUDP datapath firmware UDP port configuration + * + * Sets the list of UDP ports on which the encapsulation will be handled. + * The number of ports in the list is implied by the length of the TLV item. + */ +#define TLV_TAG_L3XUDP_PORTS (0x102a0000) +struct tlv_l3xudp_ports { + uint32_t tag; + uint32_t length; + uint16_t ports[]; +#define TLV_TAG_L3XUDP_PORTS_MAX_NUM_PORTS 16 +}; + #endif /* CI_MGMT_TLV_LAYOUT_H */ diff --git a/sys/dev/sfxge/common/ef10_tx.c b/sys/dev/sfxge/common/ef10_tx.c index 33446a19bf10..557c4c3ca448 100644 --- a/sys/dev/sfxge/common/ef10_tx.c +++ b/sys/dev/sfxge/common/ef10_tx.c @@ -35,7 +35,7 @@ __FBSDID("$FreeBSD$"); #include "efx_impl.h" -#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD +#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 #if EFSYS_OPT_QSTATS #define EFX_TX_QSTAT_INCR(_etp, _stat) \ @@ -58,8 +58,8 @@ efx_mcdi_init_txq( __in efsys_mem_t *esmp) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_INIT_TXQ_IN_LEN(EFX_TXQ_MAX_BUFS), - MC_CMD_INIT_TXQ_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_INIT_TXQ_IN_LEN(EFX_TXQ_MAX_BUFS), + MC_CMD_INIT_TXQ_OUT_LEN); efx_qword_t *dma_addr; uint64_t addr; int npages; @@ -69,13 +69,17 @@ efx_mcdi_init_txq( EFSYS_ASSERT(EFX_TXQ_MAX_BUFS >= EFX_TXQ_NBUFS(enp->en_nic_cfg.enc_txq_max_ndescs)); + if ((esmp == NULL) || (EFSYS_MEM_SIZE(esmp) < EFX_TXQ_SIZE(ndescs))) { + rc = EINVAL; + goto fail1; + } + npages = EFX_TXQ_NBUFS(ndescs); if (MC_CMD_INIT_TXQ_IN_LEN(npages) > sizeof (payload)) { rc = EINVAL; - goto fail1; + goto fail2; } - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_INIT_TXQ; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_INIT_TXQ_IN_LEN(npages); @@ -121,11 +125,13 @@ efx_mcdi_init_txq( if (req.emr_rc != 0) { rc = req.emr_rc; - goto fail2; + goto fail3; } return (0); +fail3: + EFSYS_PROBE(fail3); fail2: EFSYS_PROBE(fail2); fail1: @@ -140,11 +146,10 @@ efx_mcdi_fini_txq( __in uint32_t instance) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_FINI_TXQ_IN_LEN, - MC_CMD_FINI_TXQ_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_FINI_TXQ_IN_LEN, + MC_CMD_FINI_TXQ_OUT_LEN); efx_rc_t rc; - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_FINI_TXQ; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_FINI_TXQ_IN_LEN; @@ -203,7 +208,7 @@ ef10_tx_qcreate( { efx_nic_cfg_t *encp = &enp->en_nic_cfg; uint16_t inner_csum; - efx_qword_t desc; + efx_desc_t desc; efx_rc_t rc; _NOTE(ARGUNUSED(id)) @@ -228,19 +233,9 @@ ef10_tx_qcreate( * a no-op TX option descriptor. See bug29981 for details. */ *addedp = 1; - EFX_POPULATE_QWORD_6(desc, - ESF_DZ_TX_DESC_IS_OPT, 1, - ESF_DZ_TX_OPTION_TYPE, ESE_DZ_TX_OPTION_DESC_CRC_CSUM, - ESF_DZ_TX_OPTION_UDP_TCP_CSUM, - (flags & EFX_TXQ_CKSUM_TCPUDP) ? 1 : 0, - ESF_DZ_TX_OPTION_IP_CSUM, - (flags & EFX_TXQ_CKSUM_IPV4) ? 1 : 0, - ESF_DZ_TX_OPTION_INNER_UDP_TCP_CSUM, - (flags & EFX_TXQ_CKSUM_INNER_TCPUDP) ? 1 : 0, - ESF_DZ_TX_OPTION_INNER_IP_CSUM, - (flags & EFX_TXQ_CKSUM_INNER_IPV4) ? 1 : 0); + ef10_tx_qdesc_checksum_create(etp, flags, &desc); - EFSYS_MEM_WRITEQ(etp->et_esmp, 0, &desc); + EFSYS_MEM_WRITEQ(etp->et_esmp, 0, &desc.ed_eq); ef10_tx_qpush(etp, *addedp, 0); return (0); @@ -308,7 +303,7 @@ ef10_tx_qpio_enable( fail3: EFSYS_PROBE(fail3); - ef10_nic_pio_free(enp, etp->et_pio_bufnum, etp->et_pio_blknum); + (void) ef10_nic_pio_free(enp, etp->et_pio_bufnum, etp->et_pio_blknum); fail2: EFSYS_PROBE(fail2); etp->et_pio_size = 0; @@ -326,10 +321,12 @@ ef10_tx_qpio_disable( if (etp->et_pio_size != 0) { /* Unlink the piobuf from this TXQ */ - ef10_nic_pio_unlink(enp, etp->et_index); + if (ef10_nic_pio_unlink(enp, etp->et_index) != 0) + return; /* Free the sub-allocated PIO block */ - ef10_nic_pio_free(enp, etp->et_pio_bufnum, etp->et_pio_blknum); + (void) ef10_nic_pio_free(enp, etp->et_pio_bufnum, + etp->et_pio_blknum); etp->et_pio_size = 0; etp->et_pio_write_offset = 0; } @@ -538,8 +535,8 @@ ef10_tx_qpush( EFX_DMA_SYNC_QUEUE_FOR_DEVICE(etp->et_esmp, etp->et_mask + 1, wptr, id); EFSYS_PIO_WRITE_BARRIER(); - EFX_BAR_TBL_DOORBELL_WRITEO(enp, ER_DZ_TX_DESC_UPD_REG, - etp->et_index, &oword); + EFX_BAR_VI_DOORBELL_WRITEO(enp, ER_DZ_TX_DESC_UPD_REG, + etp->et_index, &oword); } else { efx_dword_t dword; @@ -554,8 +551,8 @@ ef10_tx_qpush( EFX_DMA_SYNC_QUEUE_FOR_DEVICE(etp->et_esmp, etp->et_mask + 1, wptr, id); EFSYS_PIO_WRITE_BARRIER(); - EFX_BAR_TBL_WRITED2(enp, ER_DZ_TX_DESC_UPD_REG, - etp->et_index, &dword, B_FALSE); + EFX_BAR_VI_WRITED2(enp, ER_DZ_TX_DESC_UPD_REG, + etp->et_index, &dword, B_FALSE); } } @@ -569,12 +566,9 @@ ef10_tx_qdesc_post( { unsigned int added = *addedp; unsigned int i; - efx_rc_t rc; - if (added - completed + ndescs > EFX_TXQ_LIMIT(etp->et_mask + 1)) { - rc = ENOSPC; - goto fail1; - } + if (added - completed + ndescs > EFX_TXQ_LIMIT(etp->et_mask + 1)) + return (ENOSPC); for (i = 0; i < ndescs; i++) { efx_desc_t *edp = &ed[i]; @@ -594,11 +588,6 @@ ef10_tx_qdesc_post( *addedp = added; return (0); - -fail1: - EFSYS_PROBE1(fail1, efx_rc_t, rc); - - return (rc); } void @@ -653,6 +642,7 @@ ef10_tx_qdesc_tso_create( ef10_tx_qdesc_tso2_create( __in efx_txq_t *etp, __in uint16_t ipv4_id, + __in uint16_t outer_ipv4_id, __in uint32_t tcp_seq, __in uint16_t tcp_mss, __out_ecount(count) efx_desc_t *edp, @@ -674,13 +664,14 @@ ef10_tx_qdesc_tso2_create( ESE_DZ_TX_TSO_OPTION_DESC_FATSO2A, ESF_DZ_TX_TSO_IP_ID, ipv4_id, ESF_DZ_TX_TSO_TCP_SEQNO, tcp_seq); - EFX_POPULATE_QWORD_4(edp[1].ed_eq, + EFX_POPULATE_QWORD_5(edp[1].ed_eq, ESF_DZ_TX_DESC_IS_OPT, 1, ESF_DZ_TX_OPTION_TYPE, ESE_DZ_TX_OPTION_DESC_TSO, ESF_DZ_TX_TSO_OPTION_TYPE, ESE_DZ_TX_TSO_OPTION_DESC_FATSO2B, - ESF_DZ_TX_TSO_TCP_MSS, tcp_mss); + ESF_DZ_TX_TSO_TCP_MSS, tcp_mss, + ESF_DZ_TX_TSO_OUTER_IPID, outer_ipv4_id); } void @@ -702,6 +693,30 @@ ef10_tx_qdesc_vlantci_create( ESF_DZ_TX_VLAN_TAG1, tci); } + void +ef10_tx_qdesc_checksum_create( + __in efx_txq_t *etp, + __in uint16_t flags, + __out efx_desc_t *edp) +{ + _NOTE(ARGUNUSED(etp)); + + EFSYS_PROBE2(tx_desc_checksum_create, unsigned int, etp->et_index, + uint32_t, flags); + + EFX_POPULATE_QWORD_6(edp->ed_eq, + ESF_DZ_TX_DESC_IS_OPT, 1, + ESF_DZ_TX_OPTION_TYPE, ESE_DZ_TX_OPTION_DESC_CRC_CSUM, + ESF_DZ_TX_OPTION_UDP_TCP_CSUM, + (flags & EFX_TXQ_CKSUM_TCPUDP) ? 1 : 0, + ESF_DZ_TX_OPTION_IP_CSUM, + (flags & EFX_TXQ_CKSUM_IPV4) ? 1 : 0, + ESF_DZ_TX_OPTION_INNER_UDP_TCP_CSUM, + (flags & EFX_TXQ_CKSUM_INNER_TCPUDP) ? 1 : 0, + ESF_DZ_TX_OPTION_INNER_IP_CSUM, + (flags & EFX_TXQ_CKSUM_INNER_IPV4) ? 1 : 0); +} + __checkReturn efx_rc_t ef10_tx_qpace( @@ -779,4 +794,4 @@ ef10_tx_qstats_update( #endif /* EFSYS_OPT_QSTATS */ -#endif /* EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD */ +#endif /* EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 */ diff --git a/sys/dev/sfxge/common/ef10_vpd.c b/sys/dev/sfxge/common/ef10_vpd.c index 961f3b63fd60..30806f44ae6c 100644 --- a/sys/dev/sfxge/common/ef10_vpd.c +++ b/sys/dev/sfxge/common/ef10_vpd.c @@ -37,7 +37,7 @@ __FBSDID("$FreeBSD$"); #if EFSYS_OPT_VPD -#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD +#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 #include "ef10_tlv_layout.h" @@ -53,7 +53,8 @@ ef10_vpd_init( EFSYS_ASSERT3U(enp->en_mod_flags, &, EFX_MOD_PROBE); EFSYS_ASSERT(enp->en_family == EFX_FAMILY_HUNTINGTON || - enp->en_family == EFX_FAMILY_MEDFORD); + enp->en_family == EFX_FAMILY_MEDFORD || + enp->en_family == EFX_FAMILY_MEDFORD2); if (enp->en_nic_cfg.enc_vpd_is_global) { tag = TLV_TAG_GLOBAL_STATIC_VPD; @@ -109,7 +110,8 @@ ef10_vpd_size( efx_rc_t rc; EFSYS_ASSERT(enp->en_family == EFX_FAMILY_HUNTINGTON || - enp->en_family == EFX_FAMILY_MEDFORD); + enp->en_family == EFX_FAMILY_MEDFORD || + enp->en_family == EFX_FAMILY_MEDFORD2); /* * This function returns the total size the user should allocate @@ -142,7 +144,8 @@ ef10_vpd_read( efx_rc_t rc; EFSYS_ASSERT(enp->en_family == EFX_FAMILY_HUNTINGTON || - enp->en_family == EFX_FAMILY_MEDFORD); + enp->en_family == EFX_FAMILY_MEDFORD || + enp->en_family == EFX_FAMILY_MEDFORD2); if (enp->en_nic_cfg.enc_vpd_is_global) { tag = TLV_TAG_GLOBAL_DYNAMIC_VPD; @@ -160,19 +163,22 @@ ef10_vpd_read( rc = ENOSPC; goto fail2; } - memcpy(data, dvpd, dvpd_size); + if (dvpd != NULL) + memcpy(data, dvpd, dvpd_size); /* Pad data with all-1s, consistent with update operations */ memset(data + dvpd_size, 0xff, size - dvpd_size); - EFSYS_KMEM_FREE(enp->en_esip, dvpd_size, dvpd); + if (dvpd != NULL) + EFSYS_KMEM_FREE(enp->en_esip, dvpd_size, dvpd); return (0); fail2: EFSYS_PROBE(fail2); - EFSYS_KMEM_FREE(enp->en_esip, dvpd_size, dvpd); + if (dvpd != NULL) + EFSYS_KMEM_FREE(enp->en_esip, dvpd_size, dvpd); fail1: EFSYS_PROBE1(fail1, efx_rc_t, rc); @@ -194,7 +200,8 @@ ef10_vpd_verify( efx_rc_t rc; EFSYS_ASSERT(enp->en_family == EFX_FAMILY_HUNTINGTON || - enp->en_family == EFX_FAMILY_MEDFORD); + enp->en_family == EFX_FAMILY_MEDFORD || + enp->en_family == EFX_FAMILY_MEDFORD2); /* * Strictly you could take the view that dynamic vpd is optional. @@ -315,7 +322,8 @@ ef10_vpd_get( efx_rc_t rc; EFSYS_ASSERT(enp->en_family == EFX_FAMILY_HUNTINGTON || - enp->en_family == EFX_FAMILY_MEDFORD); + enp->en_family == EFX_FAMILY_MEDFORD || + enp->en_family == EFX_FAMILY_MEDFORD2); /* Attempt to satisfy the request from svpd first */ if (enp->en_arch.ef10.ena_svpd_length > 0) { @@ -361,7 +369,8 @@ ef10_vpd_set( efx_rc_t rc; EFSYS_ASSERT(enp->en_family == EFX_FAMILY_HUNTINGTON || - enp->en_family == EFX_FAMILY_MEDFORD); + enp->en_family == EFX_FAMILY_MEDFORD || + enp->en_family == EFX_FAMILY_MEDFORD2); /* If the provided (tag,keyword) exists in svpd, then it is readonly */ if (enp->en_arch.ef10.ena_svpd_length > 0) { @@ -414,7 +423,8 @@ ef10_vpd_write( efx_rc_t rc; EFSYS_ASSERT(enp->en_family == EFX_FAMILY_HUNTINGTON || - enp->en_family == EFX_FAMILY_MEDFORD); + enp->en_family == EFX_FAMILY_MEDFORD || + enp->en_family == EFX_FAMILY_MEDFORD2); if (enp->en_nic_cfg.enc_vpd_is_global) { tag = TLV_TAG_GLOBAL_DYNAMIC_VPD; @@ -450,7 +460,8 @@ ef10_vpd_fini( __in efx_nic_t *enp) { EFSYS_ASSERT(enp->en_family == EFX_FAMILY_HUNTINGTON || - enp->en_family == EFX_FAMILY_MEDFORD); + enp->en_family == EFX_FAMILY_MEDFORD || + enp->en_family == EFX_FAMILY_MEDFORD2); if (enp->en_arch.ef10.ena_svpd_length > 0) { EFSYS_KMEM_FREE(enp->en_esip, enp->en_arch.ef10.ena_svpd_length, @@ -461,6 +472,6 @@ ef10_vpd_fini( } } -#endif /* EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD */ +#endif /* EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 */ #endif /* EFSYS_OPT_VPD */ diff --git a/sys/dev/sfxge/common/efsys.h b/sys/dev/sfxge/common/efsys.h index 6a72894221e4..0c1c84cbb468 100644 --- a/sys/dev/sfxge/common/efsys.h +++ b/sys/dev/sfxge/common/efsys.h @@ -77,11 +77,6 @@ extern "C" { #define memmove(d, s, l) bcopy(s, d, l) #endif -/* FreeBSD equivalents of Solaris things */ -#ifndef _NOTE -#define _NOTE(s) -#endif - #ifndef B_FALSE #define B_FALSE FALSE #endif @@ -199,40 +194,6 @@ sfxge_map_mbuf_fast(bus_dma_tag_t tag, bus_dmamap_t map, #endif } -/* Modifiers used for Windows builds */ -#define __in -#define __in_opt -#define __in_ecount(_n) -#define __in_ecount_opt(_n) -#define __in_bcount(_n) -#define __in_bcount_opt(_n) - -#define __out -#define __out_opt -#define __out_ecount(_n) -#define __out_ecount_opt(_n) -#define __out_bcount(_n) -#define __out_bcount_opt(_n) -#define __out_bcount_part(_n, _l) -#define __out_bcount_part_opt(_n, _l) - -#define __deref_out - -#define __inout -#define __inout_opt -#define __inout_ecount(_n) -#define __inout_ecount_opt(_n) -#define __inout_bcount(_n) -#define __inout_bcount_opt(_n) -#define __inout_bcount_full_opt(_n) - -#define __deref_out_bcount_opt(n) - -#define __checkReturn -#define __success(_x) - -#define __drv_when(_p, _c) - /* Code inclusion options */ @@ -241,6 +202,7 @@ sfxge_map_mbuf_fast(bus_dma_tag_t tag, bus_dmamap_t map, #define EFSYS_OPT_SIENA 1 #define EFSYS_OPT_HUNTINGTON 1 #define EFSYS_OPT_MEDFORD 1 +#define EFSYS_OPT_MEDFORD2 1 #ifdef DEBUG #define EFSYS_OPT_CHECK_REG 1 #else @@ -266,6 +228,7 @@ sfxge_map_mbuf_fast(bus_dma_tag_t tag, bus_dmamap_t map, #define EFSYS_OPT_VPD 1 #define EFSYS_OPT_NVRAM 1 #define EFSYS_OPT_BOOTCFG 0 +#define EFSYS_OPT_IMAGE_LAYOUT 0 #define EFSYS_OPT_DIAG 0 #define EFSYS_OPT_RX_SCALE 1 @@ -283,6 +246,12 @@ sfxge_map_mbuf_fast(bus_dma_tag_t tag, bus_dmamap_t map, #define EFSYS_OPT_RX_PACKED_STREAM 0 +#define EFSYS_OPT_RX_ES_SUPER_BUFFER 0 + +#define EFSYS_OPT_TUNNEL 0 + +#define EFSYS_OPT_FW_SUBVARIANT_AWARE 0 + /* ID */ typedef struct __efsys_identifier_s efsys_identifier_t; @@ -389,8 +358,18 @@ typedef struct efsys_mem_s { bus_dmamap_t esm_map; caddr_t esm_base; efsys_dma_addr_t esm_addr; + size_t esm_size; } efsys_mem_t; +#define EFSYS_MEM_SIZE(_esmp) \ + ((_esmp)->esm_size) + +#define EFSYS_MEM_ADDR(_esmp) \ + ((_esmp)->esm_addr) + +#define EFSYS_MEM_IS_NULL(_esmp) \ + ((_esmp)->esm_base == NULL) + #define EFSYS_MEM_ZERO(_esmp, _size) \ do { \ @@ -614,12 +593,6 @@ typedef struct efsys_mem_s { } while (B_FALSE) #endif -#define EFSYS_MEM_ADDR(_esmp) \ - ((_esmp)->esm_addr) - -#define EFSYS_MEM_IS_NULL(_esmp) \ - ((_esmp)->esm_base == NULL) - /* BAR */ #define SFXGE_LOCK_NAME_MAX 16 diff --git a/sys/dev/sfxge/common/efx.h b/sys/dev/sfxge/common/efx.h index bbc71b29325b..63f390a451d0 100644 --- a/sys/dev/sfxge/common/efx.h +++ b/sys/dev/sfxge/common/efx.h @@ -35,6 +35,7 @@ #ifndef _SYS_EFX_H #define _SYS_EFX_H +#include "efx_annote.h" #include "efsys.h" #include "efx_check.h" #include "efx_phy_ids.h" @@ -68,6 +69,7 @@ typedef enum efx_family_e { EFX_FAMILY_SIENA, EFX_FAMILY_HUNTINGTON, EFX_FAMILY_MEDFORD, + EFX_FAMILY_MEDFORD2, EFX_FAMILY_NTYPES } efx_family_t; @@ -75,7 +77,8 @@ extern __checkReturn efx_rc_t efx_family( __in uint16_t venid, __in uint16_t devid, - __out efx_family_t *efp); + __out efx_family_t *efp, + __out unsigned int *membarp); #define EFX_PCI_VENID_SFC 0x1924 @@ -97,7 +100,21 @@ efx_family( #define EFX_PCI_DEVID_MEDFORD 0x0A03 /* SFC9240 PF */ #define EFX_PCI_DEVID_MEDFORD_VF 0x1A03 /* SFC9240 VF */ -#define EFX_MEM_BAR 2 +#define EFX_PCI_DEVID_MEDFORD2_PF_UNINIT 0x0B13 +#define EFX_PCI_DEVID_MEDFORD2 0x0B03 /* SFC9250 PF */ +#define EFX_PCI_DEVID_MEDFORD2_VF 0x1B03 /* SFC9250 VF */ + + +#define EFX_MEM_BAR_SIENA 2 + +#define EFX_MEM_BAR_HUNTINGTON_PF 2 +#define EFX_MEM_BAR_HUNTINGTON_VF 0 + +#define EFX_MEM_BAR_MEDFORD_PF 2 +#define EFX_MEM_BAR_MEDFORD_VF 0 + +#define EFX_MEM_BAR_MEDFORD2 0 + /* Error codes */ @@ -141,9 +158,22 @@ efx_nic_create( __in efsys_lock_t *eslp, __deref_out efx_nic_t **enpp); +/* EFX_FW_VARIANT codes map one to one on MC_CMD_FW codes */ +typedef enum efx_fw_variant_e { + EFX_FW_VARIANT_FULL_FEATURED, + EFX_FW_VARIANT_LOW_LATENCY, + EFX_FW_VARIANT_PACKED_STREAM, + EFX_FW_VARIANT_HIGH_TX_RATE, + EFX_FW_VARIANT_PACKED_STREAM_HASH_MODE_1, + EFX_FW_VARIANT_RULES_ENGINE, + EFX_FW_VARIANT_DPDK, + EFX_FW_VARIANT_DONT_CARE = 0xffffffff +} efx_fw_variant_t; + extern __checkReturn efx_rc_t efx_nic_probe( - __in efx_nic_t *enp); + __in efx_nic_t *enp, + __in efx_fw_variant_t efv); extern __checkReturn efx_rc_t efx_nic_init( @@ -153,6 +183,14 @@ extern __checkReturn efx_rc_t efx_nic_reset( __in efx_nic_t *enp); +extern __checkReturn boolean_t +efx_nic_hw_unavailable( + __in efx_nic_t *enp); + +extern void +efx_nic_set_hw_unavailable( + __in efx_nic_t *enp); + #if EFSYS_OPT_DIAG extern __checkReturn efx_rc_t @@ -199,7 +237,7 @@ efx_nic_check_pcie_link_speed( #if EFSYS_OPT_MCDI -#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD +#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 /* Huntington and Medford require MCDIv2 commands */ #define WITH_MCDI_V2 1 #endif @@ -290,7 +328,7 @@ extern __checkReturn efx_rc_t efx_intr_init( __in efx_nic_t *enp, __in efx_intr_type_t type, - __in efsys_mem_t *esmp); + __in_opt efsys_mem_t *esmp); extern void efx_intr_enable( @@ -335,7 +373,7 @@ efx_intr_fini( #if EFSYS_OPT_MAC_STATS -/* START MKCONFIG GENERATED EfxHeaderMacBlock e323546097fd7c65 */ +/* START MKCONFIG GENERATED EfxHeaderMacBlock ea466a9bc8789994 */ typedef enum efx_mac_stat_e { EFX_MAC_RX_OCTETS, EFX_MAC_RX_PKTS, @@ -418,6 +456,31 @@ typedef enum efx_mac_stat_e { EFX_MAC_VADAPTER_TX_BAD_PACKETS, EFX_MAC_VADAPTER_TX_BAD_BYTES, EFX_MAC_VADAPTER_TX_OVERFLOW, + EFX_MAC_FEC_UNCORRECTED_ERRORS, + EFX_MAC_FEC_CORRECTED_ERRORS, + EFX_MAC_FEC_CORRECTED_SYMBOLS_LANE0, + EFX_MAC_FEC_CORRECTED_SYMBOLS_LANE1, + EFX_MAC_FEC_CORRECTED_SYMBOLS_LANE2, + EFX_MAC_FEC_CORRECTED_SYMBOLS_LANE3, + EFX_MAC_CTPIO_VI_BUSY_FALLBACK, + EFX_MAC_CTPIO_LONG_WRITE_SUCCESS, + EFX_MAC_CTPIO_MISSING_DBELL_FAIL, + EFX_MAC_CTPIO_OVERFLOW_FAIL, + EFX_MAC_CTPIO_UNDERFLOW_FAIL, + EFX_MAC_CTPIO_TIMEOUT_FAIL, + EFX_MAC_CTPIO_NONCONTIG_WR_FAIL, + EFX_MAC_CTPIO_FRM_CLOBBER_FAIL, + EFX_MAC_CTPIO_INVALID_WR_FAIL, + EFX_MAC_CTPIO_VI_CLOBBER_FALLBACK, + EFX_MAC_CTPIO_UNQUALIFIED_FALLBACK, + EFX_MAC_CTPIO_RUNT_FALLBACK, + EFX_MAC_CTPIO_SUCCESS, + EFX_MAC_CTPIO_FALLBACK, + EFX_MAC_CTPIO_POISON, + EFX_MAC_CTPIO_ERASE, + EFX_MAC_RXDP_SCATTER_DISABLED_TRUNC, + EFX_MAC_RXDP_HLB_IDLE, + EFX_MAC_RXDP_HLB_TIMEOUT, EFX_MAC_NSTATS } efx_mac_stat_t; @@ -436,11 +499,16 @@ typedef enum efx_link_mode_e { EFX_LINK_1000FDX, EFX_LINK_10000FDX, EFX_LINK_40000FDX, + EFX_LINK_25000FDX, + EFX_LINK_50000FDX, + EFX_LINK_100000FDX, EFX_LINK_NMODES } efx_link_mode_t; #define EFX_MAC_ADDR_LEN 6 +#define EFX_VNI_OR_VSID_LEN 3 + #define EFX_MAC_ADDR_IS_MULTICAST(_address) (((uint8_t *)_address)[0] & 0x01) #define EFX_MAC_MULTICAST_LIST_MAX 256 @@ -564,7 +632,6 @@ efx_mac_stats_get_mask( ((_mask)[(_stat) / EFX_MAC_STATS_MASK_BITS_PER_PAGE] & \ (1ULL << ((_stat) & (EFX_MAC_STATS_MASK_BITS_PER_PAGE - 1)))) -#define EFX_MAC_STATS_SIZE 0x400 extern __checkReturn efx_rc_t efx_mac_stats_clear( @@ -573,8 +640,8 @@ efx_mac_stats_clear( /* * Upload mac statistics supported by the hardware into the given buffer. * - * The reference buffer must be at least %EFX_MAC_STATS_SIZE bytes, - * and page aligned. + * The DMA buffer must be 4Kbyte aligned and sized to hold at least + * efx_nic_cfg_t::enc_mac_stats_nstats 64bit counters. * * The hardware will only DMA statistics that it understands (of course). * Drivers should not make any assumptions about which statistics are @@ -631,77 +698,74 @@ efx_mon_init( #define EFX_MON_STATS_PAGE_SIZE 0x100 #define EFX_MON_MASK_ELEMENT_SIZE 32 -/* START MKCONFIG GENERATED MonitorHeaderStatsBlock aa0233c80156308e */ +/* START MKCONFIG GENERATED MonitorHeaderStatsBlock 78b65c8d5af9747b */ typedef enum efx_mon_stat_e { - EFX_MON_STAT_2_5V, - EFX_MON_STAT_VCCP1, - EFX_MON_STAT_VCC, - EFX_MON_STAT_5V, - EFX_MON_STAT_12V, - EFX_MON_STAT_VCCP2, - EFX_MON_STAT_EXT_TEMP, - EFX_MON_STAT_INT_TEMP, - EFX_MON_STAT_AIN1, - EFX_MON_STAT_AIN2, - EFX_MON_STAT_INT_COOLING, - EFX_MON_STAT_EXT_COOLING, - EFX_MON_STAT_1V, - EFX_MON_STAT_1_2V, - EFX_MON_STAT_1_8V, - EFX_MON_STAT_3_3V, - EFX_MON_STAT_1_2VA, - EFX_MON_STAT_VREF, - EFX_MON_STAT_VAOE, + EFX_MON_STAT_CONTROLLER_TEMP, + EFX_MON_STAT_PHY_COMMON_TEMP, + EFX_MON_STAT_CONTROLLER_COOLING, + EFX_MON_STAT_PHY0_TEMP, + EFX_MON_STAT_PHY0_COOLING, + EFX_MON_STAT_PHY1_TEMP, + EFX_MON_STAT_PHY1_COOLING, + EFX_MON_STAT_IN_1V0, + EFX_MON_STAT_IN_1V2, + EFX_MON_STAT_IN_1V8, + EFX_MON_STAT_IN_2V5, + EFX_MON_STAT_IN_3V3, + EFX_MON_STAT_IN_12V0, + EFX_MON_STAT_IN_1V2A, + EFX_MON_STAT_IN_VREF, + EFX_MON_STAT_OUT_VAOE, EFX_MON_STAT_AOE_TEMP, EFX_MON_STAT_PSU_AOE_TEMP, EFX_MON_STAT_PSU_TEMP, - EFX_MON_STAT_FAN0, - EFX_MON_STAT_FAN1, - EFX_MON_STAT_FAN2, - EFX_MON_STAT_FAN3, - EFX_MON_STAT_FAN4, - EFX_MON_STAT_VAOE_IN, - EFX_MON_STAT_IAOE, - EFX_MON_STAT_IAOE_IN, + EFX_MON_STAT_FAN_0, + EFX_MON_STAT_FAN_1, + EFX_MON_STAT_FAN_2, + EFX_MON_STAT_FAN_3, + EFX_MON_STAT_FAN_4, + EFX_MON_STAT_IN_VAOE, + EFX_MON_STAT_OUT_IAOE, + EFX_MON_STAT_IN_IAOE, EFX_MON_STAT_NIC_POWER, - EFX_MON_STAT_0_9V, - EFX_MON_STAT_I0_9V, - EFX_MON_STAT_I1_2V, - EFX_MON_STAT_0_9V_ADC, - EFX_MON_STAT_INT_TEMP2, - EFX_MON_STAT_VREG_TEMP, - EFX_MON_STAT_VREG_0_9V_TEMP, - EFX_MON_STAT_VREG_1_2V_TEMP, - EFX_MON_STAT_INT_VPTAT, - EFX_MON_STAT_INT_ADC_TEMP, - EFX_MON_STAT_EXT_VPTAT, - EFX_MON_STAT_EXT_ADC_TEMP, + EFX_MON_STAT_IN_0V9, + EFX_MON_STAT_IN_I0V9, + EFX_MON_STAT_IN_I1V2, + EFX_MON_STAT_IN_0V9_ADC, + EFX_MON_STAT_CONTROLLER_2_TEMP, + EFX_MON_STAT_VREG_INTERNAL_TEMP, + EFX_MON_STAT_VREG_0V9_TEMP, + EFX_MON_STAT_VREG_1V2_TEMP, + EFX_MON_STAT_CONTROLLER_VPTAT, + EFX_MON_STAT_CONTROLLER_INTERNAL_TEMP, + EFX_MON_STAT_CONTROLLER_VPTAT_EXTADC, + EFX_MON_STAT_CONTROLLER_INTERNAL_TEMP_EXTADC, EFX_MON_STAT_AMBIENT_TEMP, EFX_MON_STAT_AIRFLOW, EFX_MON_STAT_VDD08D_VSS08D_CSR, EFX_MON_STAT_VDD08D_VSS08D_CSR_EXTADC, EFX_MON_STAT_HOTPOINT_TEMP, - EFX_MON_STAT_PHY_POWER_SWITCH_PORT0, - EFX_MON_STAT_PHY_POWER_SWITCH_PORT1, + EFX_MON_STAT_PHY_POWER_PORT0, + EFX_MON_STAT_PHY_POWER_PORT1, EFX_MON_STAT_MUM_VCC, - EFX_MON_STAT_0V9_A, - EFX_MON_STAT_I0V9_A, - EFX_MON_STAT_0V9_A_TEMP, - EFX_MON_STAT_0V9_B, - EFX_MON_STAT_I0V9_B, - EFX_MON_STAT_0V9_B_TEMP, + EFX_MON_STAT_IN_0V9_A, + EFX_MON_STAT_IN_I0V9_A, + EFX_MON_STAT_VREG_0V9_A_TEMP, + EFX_MON_STAT_IN_0V9_B, + EFX_MON_STAT_IN_I0V9_B, + EFX_MON_STAT_VREG_0V9_B_TEMP, EFX_MON_STAT_CCOM_AVREG_1V2_SUPPLY, - EFX_MON_STAT_CCOM_AVREG_1V2_SUPPLY_EXT_ADC, + EFX_MON_STAT_CCOM_AVREG_1V2_SUPPLY_EXTADC, EFX_MON_STAT_CCOM_AVREG_1V8_SUPPLY, - EFX_MON_STAT_CCOM_AVREG_1V8_SUPPLY_EXT_ADC, + EFX_MON_STAT_CCOM_AVREG_1V8_SUPPLY_EXTADC, EFX_MON_STAT_CONTROLLER_MASTER_VPTAT, EFX_MON_STAT_CONTROLLER_MASTER_INTERNAL_TEMP, - EFX_MON_STAT_CONTROLLER_MASTER_VPTAT_EXT_ADC, - EFX_MON_STAT_CONTROLLER_MASTER_INTERNAL_TEMP_EXT_ADC, + EFX_MON_STAT_CONTROLLER_MASTER_VPTAT_EXTADC, + EFX_MON_STAT_CONTROLLER_MASTER_INTERNAL_TEMP_EXTADC, EFX_MON_STAT_CONTROLLER_SLAVE_VPTAT, EFX_MON_STAT_CONTROLLER_SLAVE_INTERNAL_TEMP, - EFX_MON_STAT_CONTROLLER_SLAVE_VPTAT_EXT_ADC, - EFX_MON_STAT_CONTROLLER_SLAVE_INTERNAL_TEMP_EXT_ADC, + EFX_MON_STAT_CONTROLLER_SLAVE_VPTAT_EXTADC, + EFX_MON_STAT_CONTROLLER_SLAVE_INTERNAL_TEMP_EXTADC, EFX_MON_STAT_SODIMM_VOUT, EFX_MON_STAT_SODIMM_0_TEMP, EFX_MON_STAT_SODIMM_1_TEMP, @@ -710,8 +774,12 @@ typedef enum efx_mon_stat_e { EFX_MON_STAT_CONTROLLER_TDIODE_TEMP, EFX_MON_STAT_BOARD_FRONT_TEMP, EFX_MON_STAT_BOARD_BACK_TEMP, - EFX_MON_STAT_I1V8, - EFX_MON_STAT_I2V5, + EFX_MON_STAT_IN_I1V8, + EFX_MON_STAT_IN_I2V5, + EFX_MON_STAT_IN_I3V3, + EFX_MON_STAT_IN_I12V0, + EFX_MON_STAT_IN_1V3, + EFX_MON_STAT_IN_I1V3, EFX_MON_NSTATS } efx_mon_stat_t; @@ -725,11 +793,40 @@ typedef enum efx_mon_stat_state_e { EFX_MON_STAT_STATE_NO_READING = 4, } efx_mon_stat_state_t; +typedef enum efx_mon_stat_unit_e { + EFX_MON_STAT_UNIT_UNKNOWN = 0, + EFX_MON_STAT_UNIT_BOOL, + EFX_MON_STAT_UNIT_TEMP_C, + EFX_MON_STAT_UNIT_VOLTAGE_MV, + EFX_MON_STAT_UNIT_CURRENT_MA, + EFX_MON_STAT_UNIT_POWER_W, + EFX_MON_STAT_UNIT_RPM, + EFX_MON_NUNITS +} efx_mon_stat_unit_t; + typedef struct efx_mon_stat_value_s { - uint16_t emsv_value; - uint16_t emsv_state; + uint16_t emsv_value; + efx_mon_stat_state_t emsv_state; + efx_mon_stat_unit_t emsv_unit; } efx_mon_stat_value_t; +typedef struct efx_mon_limit_value_s { + uint16_t emlv_warning_min; + uint16_t emlv_warning_max; + uint16_t emlv_fatal_min; + uint16_t emlv_fatal_max; +} efx_mon_stat_limits_t; + +typedef enum efx_mon_stat_portmask_e { + EFX_MON_STAT_PORTMAP_NONE = 0, + EFX_MON_STAT_PORTMAP_PORT0 = 1, + EFX_MON_STAT_PORTMAP_PORT1 = 2, + EFX_MON_STAT_PORTMAP_PORT2 = 3, + EFX_MON_STAT_PORTMAP_PORT3 = 4, + EFX_MON_STAT_PORTMAP_ALL = (-1), + EFX_MON_STAT_PORTMAP_UNKNOWN = (-2) +} efx_mon_stat_portmask_t; + #if EFSYS_OPT_NAMES extern const char * @@ -737,14 +834,39 @@ efx_mon_stat_name( __in efx_nic_t *enp, __in efx_mon_stat_t id); +extern const char * +efx_mon_stat_description( + __in efx_nic_t *enp, + __in efx_mon_stat_t id); + #endif /* EFSYS_OPT_NAMES */ +extern __checkReturn boolean_t +efx_mon_mcdi_to_efx_stat( + __in int mcdi_index, + __out efx_mon_stat_t *statp); + +extern __checkReturn boolean_t +efx_mon_get_stat_unit( + __in efx_mon_stat_t stat, + __out efx_mon_stat_unit_t *unitp); + +extern __checkReturn boolean_t +efx_mon_get_stat_portmap( + __in efx_mon_stat_t stat, + __out efx_mon_stat_portmask_t *maskp); + extern __checkReturn efx_rc_t efx_mon_stats_update( __in efx_nic_t *enp, __in efsys_mem_t *esmp, __inout_ecount(EFX_MON_NSTATS) efx_mon_stat_value_t *values); +extern __checkReturn efx_rc_t +efx_mon_limits_update( + __in efx_nic_t *enp, + __inout_ecount(EFX_MON_NSTATS) efx_mon_stat_limits_t *values); + #endif /* EFSYS_OPT_MON_STATS */ extern void @@ -816,6 +938,9 @@ typedef enum efx_loopback_type_e { EFX_LOOPBACK_SD_FEP1_5_WS = 32, EFX_LOOPBACK_SD_FEP_WS = 33, EFX_LOOPBACK_SD_FES_WS = 34, + EFX_LOOPBACK_AOE_INT_NEAR = 35, + EFX_LOOPBACK_DATA_WS = 36, + EFX_LOOPBACK_FORCE_EXT_LINK = 37, EFX_LOOPBACK_NTYPES } efx_loopback_type_t; @@ -871,6 +996,16 @@ typedef enum efx_phy_cap_type_e { EFX_PHY_CAP_ASYM, EFX_PHY_CAP_AN, EFX_PHY_CAP_40000FDX, + EFX_PHY_CAP_DDM, + EFX_PHY_CAP_100000FDX, + EFX_PHY_CAP_25000FDX, + EFX_PHY_CAP_50000FDX, + EFX_PHY_CAP_BASER_FEC, + EFX_PHY_CAP_BASER_FEC_REQUESTED, + EFX_PHY_CAP_RS_FEC, + EFX_PHY_CAP_RS_FEC_REQUESTED, + EFX_PHY_CAP_25G_BASER_FEC, + EFX_PHY_CAP_25G_BASER_FEC_REQUESTED, EFX_PHY_CAP_NTYPES } efx_phy_cap_type_t; @@ -923,12 +1058,39 @@ efx_phy_media_type_get( __in efx_nic_t *enp, __out efx_phy_media_type_t *typep); +/* + * 2-wire device address of the base information in accordance with SFF-8472 + * Diagnostic Monitoring Interface for Optical Transceivers section + * 4 Memory Organization. + */ +#define EFX_PHY_MEDIA_INFO_DEV_ADDR_SFP_BASE 0xA0 + +/* + * 2-wire device address of the digital diagnostics monitoring interface + * in accordance with SFF-8472 Diagnostic Monitoring Interface for Optical + * Transceivers section 4 Memory Organization. + */ +#define EFX_PHY_MEDIA_INFO_DEV_ADDR_SFP_DDM 0xA2 + +/* + * Hard wired 2-wire device address for QSFP+ in accordance with SFF-8436 + * QSFP+ 10 Gbs 4X PLUGGABLE TRANSCEIVER section 7.4 Device Addressing and + * Operation. + */ +#define EFX_PHY_MEDIA_INFO_DEV_ADDR_QSFP 0xA0 + +/* + * Maximum accessible data offset for PHY module information. + */ +#define EFX_PHY_MEDIA_INFO_MAX_OFFSET 0x100 + + extern __checkReturn efx_rc_t efx_phy_module_get_info( __in efx_nic_t *enp, __in uint8_t dev_addr, - __in uint8_t offset, - __in uint8_t len, + __in size_t offset, + __in size_t len, __out_bcount(len) uint8_t *data); #if EFSYS_OPT_PHY_STATS @@ -1108,6 +1270,13 @@ typedef enum efx_tunnel_protocol_e { EFX_TUNNEL_NPROTOS } efx_tunnel_protocol_t; +typedef enum efx_vi_window_shift_e { + EFX_VI_WINDOW_SHIFT_INVALID = 0, + EFX_VI_WINDOW_SHIFT_8K = 13, + EFX_VI_WINDOW_SHIFT_16K = 14, + EFX_VI_WINDOW_SHIFT_64K = 16, +} efx_vi_window_shift_t; + typedef struct efx_nic_cfg_s { uint32_t enc_board_type; uint32_t enc_phy_type; @@ -1121,6 +1290,7 @@ typedef struct efx_nic_cfg_s { uint32_t enc_mon_stat_mask[(EFX_MON_NSTATS + 31) / 32]; #endif unsigned int enc_features; + efx_vi_window_shift_t enc_vi_window_shift; uint8_t enc_mac_addr[6]; uint8_t enc_port; /* PHY port number */ uint32_t enc_intr_vec_base; @@ -1139,7 +1309,20 @@ typedef struct efx_nic_cfg_s { uint32_t enc_rx_prefix_size; uint32_t enc_rx_buf_align_start; uint32_t enc_rx_buf_align_end; +#if EFSYS_OPT_RX_SCALE uint32_t enc_rx_scale_max_exclusive_contexts; + /* + * Mask of supported hash algorithms. + * Hash algorithm types are used as the bit indices. + */ + uint32_t enc_rx_scale_hash_alg_mask; + /* + * Indicates whether port numbers can be included to the + * input data for hash computation. + */ + boolean_t enc_rx_scale_l4_hash_supported; + boolean_t enc_rx_scale_additional_modes_supported; +#endif /* EFSYS_OPT_RX_SCALE */ #if EFSYS_OPT_LOOPBACK efx_qword_t enc_loopback_types[EFX_LINK_NMODES]; #endif /* EFSYS_OPT_LOOPBACK */ @@ -1165,15 +1348,16 @@ typedef struct efx_nic_cfg_s { #if EFSYS_OPT_BIST uint32_t enc_bist_mask; #endif /* EFSYS_OPT_BIST */ -#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD +#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 uint32_t enc_pf; uint32_t enc_vf; uint32_t enc_privilege_mask; -#endif /* EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD */ +#endif /* EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 */ boolean_t enc_bug26807_workaround; boolean_t enc_bug35388_workaround; boolean_t enc_bug41750_workaround; boolean_t enc_bug61265_workaround; + boolean_t enc_bug61297_workaround; boolean_t enc_rx_batching_enabled; /* Maximum number of descriptors completed in an rx event. */ uint32_t enc_rx_batch_max; @@ -1193,6 +1377,7 @@ typedef struct efx_nic_cfg_s { uint32_t enc_tx_tso_tcp_header_offset_limit; boolean_t enc_fw_assisted_tso_enabled; boolean_t enc_fw_assisted_tso_v2_enabled; + boolean_t enc_fw_assisted_tso_v2_encap_enabled; /* Number of TSO contexts on the NIC (FATSOv2) */ uint32_t enc_fw_assisted_tso_v2_n_contexts; boolean_t enc_hw_tx_insert_vlan_enabled; @@ -1206,9 +1391,16 @@ typedef struct efx_nic_cfg_s { boolean_t enc_init_evq_v2_supported; boolean_t enc_rx_packed_stream_supported; boolean_t enc_rx_var_packed_stream_supported; + boolean_t enc_rx_es_super_buffer_supported; + boolean_t enc_fw_subvariant_no_tx_csum_supported; boolean_t enc_pm_and_rxdp_counters; boolean_t enc_mac_stats_40g_tx_size_bins; uint32_t enc_tunnel_encapsulations_supported; + /* + * NIC global maximum for unique UDP tunnel ports shared by all + * functions. + */ + uint32_t enc_tunnel_config_udp_entries_max; /* External port identifier */ uint8_t enc_external_port; uint32_t enc_mcdi_max_payload_length; @@ -1219,6 +1411,14 @@ typedef struct efx_nic_cfg_s { uint32_t enc_max_pcie_link_gen; /* Firmware verifies integrity of NVRAM updates */ uint32_t enc_nvram_update_verify_result_supported; + /* Firmware support for extended MAC_STATS buffer */ + uint32_t enc_mac_stats_nstats; + boolean_t enc_fec_counters; + boolean_t enc_hlb_counters; + /* Firmware support for "FLAG" and "MARK" filter actions */ + boolean_t enc_filter_action_flag_supported; + boolean_t enc_filter_action_mark_supported; + uint32_t enc_filter_action_mark_max; } efx_nic_cfg_t; #define EFX_PCI_FUNCTION_IS_PF(_encp) ((_encp)->enc_vf == 0xffff) @@ -1233,6 +1433,13 @@ extern const efx_nic_cfg_t * efx_nic_cfg_get( __in efx_nic_t *enp); +/* RxDPCPU firmware id values by which FW variant can be identified */ +#define EFX_RXDP_FULL_FEATURED_FW_ID 0x0 +#define EFX_RXDP_LOW_LATENCY_FW_ID 0x1 +#define EFX_RXDP_PACKED_STREAM_FW_ID 0x2 +#define EFX_RXDP_RULES_ENGINE_FW_ID 0x5 +#define EFX_RXDP_DPDK_FW_ID 0x6 + typedef struct efx_nic_fw_info_s { /* Basic FW version information */ uint16_t enfi_mc_fw_version[4]; @@ -1394,6 +1601,8 @@ typedef enum efx_nvram_type_e { EFX_NVRAM_LICENSE, EFX_NVRAM_UEFIROM, EFX_NVRAM_MUM_FIRMWARE, + EFX_NVRAM_DYNCONFIG_DEFAULTS, + EFX_NVRAM_ROMCONFIG_DEFAULTS, EFX_NVRAM_NTYPES, } efx_nvram_type_t; @@ -1519,8 +1728,176 @@ efx_bootcfg_write( __in_bcount(size) uint8_t *data, __in size_t size); + +/* + * Processing routines for buffers arranged in the DHCP/BOOTP option format + * (see https://tools.ietf.org/html/rfc1533) + * + * Summarising the format: the buffer is a sequence of options. All options + * begin with a tag octet, which uniquely identifies the option. Fixed- + * length options without data consist of only a tag octet. Only options PAD + * (0) and END (255) are fixed length. All other options are variable-length + * with a length octet following the tag octet. The value of the length + * octet does not include the two octets specifying the tag and length. The + * length octet is followed by "length" octets of data. + * + * Option data may be a sequence of sub-options in the same format. The data + * content of the encapsulating option is one or more encapsulated sub-options, + * with no terminating END tag is required. + * + * To be valid, the top-level sequence of options should be terminated by an + * END tag. The buffer should be padded with the PAD byte. + * + * When stored to NVRAM, the DHCP option format buffer is preceded by a + * checksum octet. The full buffer (including after the END tag) contributes + * to the checksum, hence the need to fill the buffer to the end with PAD. + */ + +#define EFX_DHCP_END ((uint8_t)0xff) +#define EFX_DHCP_PAD ((uint8_t)0) + +#define EFX_DHCP_ENCAP_OPT(encapsulator, encapsulated) \ + (uint16_t)(((encapsulator) << 8) | (encapsulated)) + +extern __checkReturn uint8_t +efx_dhcp_csum( + __in_bcount(size) uint8_t const *data, + __in size_t size); + +extern __checkReturn efx_rc_t +efx_dhcp_verify( + __in_bcount(size) uint8_t const *data, + __in size_t size, + __out_opt size_t *usedp); + +extern __checkReturn efx_rc_t +efx_dhcp_find_tag( + __in_bcount(buffer_length) uint8_t *bufferp, + __in size_t buffer_length, + __in uint16_t opt, + __deref_out uint8_t **valuepp, + __out size_t *value_lengthp); + +extern __checkReturn efx_rc_t +efx_dhcp_find_end( + __in_bcount(buffer_length) uint8_t *bufferp, + __in size_t buffer_length, + __deref_out uint8_t **endpp); + + +extern __checkReturn efx_rc_t +efx_dhcp_delete_tag( + __inout_bcount(buffer_length) uint8_t *bufferp, + __in size_t buffer_length, + __in uint16_t opt); + +extern __checkReturn efx_rc_t +efx_dhcp_add_tag( + __inout_bcount(buffer_length) uint8_t *bufferp, + __in size_t buffer_length, + __in uint16_t opt, + __in_bcount_opt(value_length) uint8_t *valuep, + __in size_t value_length); + +extern __checkReturn efx_rc_t +efx_dhcp_update_tag( + __inout_bcount(buffer_length) uint8_t *bufferp, + __in size_t buffer_length, + __in uint16_t opt, + __in uint8_t *value_locationp, + __in_bcount_opt(value_length) uint8_t *valuep, + __in size_t value_length); + + #endif /* EFSYS_OPT_BOOTCFG */ +#if EFSYS_OPT_IMAGE_LAYOUT + +#include "ef10_signed_image_layout.h" + +/* + * Image header used in unsigned and signed image layouts (see SF-102785-PS). + * + * NOTE: + * The image header format is extensible. However, older drivers require an + * exact match of image header version and header length when validating and + * writing firmware images. + * + * To avoid breaking backward compatibility, we use the upper bits of the + * controller version fields to contain an extra version number used for + * combined bootROM and UEFI ROM images on EF10 and later (to hold the UEFI ROM + * version). See bug39254 and SF-102785-PS for details. + */ +typedef struct efx_image_header_s { + uint32_t eih_magic; + uint32_t eih_version; + uint32_t eih_type; + uint32_t eih_subtype; + uint32_t eih_code_size; + uint32_t eih_size; + union { + uint32_t eih_controller_version_min; + struct { + uint16_t eih_controller_version_min_short; + uint8_t eih_extra_version_a; + uint8_t eih_extra_version_b; + }; + }; + union { + uint32_t eih_controller_version_max; + struct { + uint16_t eih_controller_version_max_short; + uint8_t eih_extra_version_c; + uint8_t eih_extra_version_d; + }; + }; + uint16_t eih_code_version_a; + uint16_t eih_code_version_b; + uint16_t eih_code_version_c; + uint16_t eih_code_version_d; +} efx_image_header_t; + +#define EFX_IMAGE_HEADER_SIZE (40) +#define EFX_IMAGE_HEADER_VERSION (4) +#define EFX_IMAGE_HEADER_MAGIC (0x106F1A5) + + +typedef struct efx_image_trailer_s { + uint32_t eit_crc; +} efx_image_trailer_t; + +#define EFX_IMAGE_TRAILER_SIZE (4) + +typedef enum efx_image_format_e { + EFX_IMAGE_FORMAT_NO_IMAGE, + EFX_IMAGE_FORMAT_INVALID, + EFX_IMAGE_FORMAT_UNSIGNED, + EFX_IMAGE_FORMAT_SIGNED, +} efx_image_format_t; + +typedef struct efx_image_info_s { + efx_image_format_t eii_format; + uint8_t * eii_imagep; + size_t eii_image_size; + efx_image_header_t * eii_headerp; +} efx_image_info_t; + +extern __checkReturn efx_rc_t +efx_check_reflash_image( + __in void *bufferp, + __in uint32_t buffer_size, + __out efx_image_info_t *infop); + +extern __checkReturn efx_rc_t +efx_build_signed_image_write_buffer( + __out_bcount(buffer_size) + uint8_t *bufferp, + __in uint32_t buffer_size, + __in efx_image_info_t *infop, + __out efx_image_header_t **headerpp); + +#endif /* EFSYS_OPT_IMAGE_LAYOUT */ + #if EFSYS_OPT_DIAG typedef enum efx_pattern_type_t { @@ -1697,7 +2074,7 @@ typedef __checkReturn boolean_t __in uint32_t size, __in uint16_t flags); -#if EFSYS_OPT_RX_PACKED_STREAM +#if EFSYS_OPT_RX_PACKED_STREAM || EFSYS_OPT_RX_ES_SUPER_BUFFER /* * Packed stream mode is documented in SF-112241-TC. @@ -1707,6 +2084,13 @@ typedef __checkReturn boolean_t * packets are put there in a continuous stream. * The main advantage of such an approach is that RX queue refilling * happens much less frequently. + * + * Equal stride packed stream mode is documented in SF-119419-TC. + * The general idea is to utilize advantages of the packed stream, + * but avoid indirection in packets representation. + * The main advantage of such an approach is that RX queue refilling + * happens much less frequently and packets buffers are independent + * from upper layers point of view. */ typedef __checkReturn boolean_t @@ -1807,7 +2191,7 @@ typedef __checkReturn boolean_t typedef struct efx_ev_callbacks_s { efx_initialized_ev_t eec_initialized; efx_rx_ev_t eec_rx; -#if EFSYS_OPT_RX_PACKED_STREAM +#if EFSYS_OPT_RX_PACKED_STREAM || EFSYS_OPT_RX_ES_SUPER_BUFFER efx_rx_ps_ev_t eec_rx_ps; #endif efx_tx_ev_t eec_tx; @@ -1911,15 +2295,36 @@ efx_rx_scatter_enable( typedef enum efx_rx_hash_alg_e { EFX_RX_HASHALG_LFSR = 0, - EFX_RX_HASHALG_TOEPLITZ + EFX_RX_HASHALG_TOEPLITZ, + EFX_RX_HASHALG_PACKED_STREAM, + EFX_RX_NHASHALGS } efx_rx_hash_alg_t; +/* + * Legacy hash type flags. + * + * They represent standard tuples for distinct traffic classes. + */ #define EFX_RX_HASH_IPV4 (1U << 0) #define EFX_RX_HASH_TCPIPV4 (1U << 1) #define EFX_RX_HASH_IPV6 (1U << 2) #define EFX_RX_HASH_TCPIPV6 (1U << 3) -typedef unsigned int efx_rx_hash_type_t; +#define EFX_RX_HASH_LEGACY_MASK \ + (EFX_RX_HASH_IPV4 | \ + EFX_RX_HASH_TCPIPV4 | \ + EFX_RX_HASH_IPV6 | \ + EFX_RX_HASH_TCPIPV6) + +/* + * The type of the argument used by efx_rx_scale_mode_set() to + * provide a means for the client drivers to configure hashing. + * + * A properly constructed value can either be: + * - a combination of legacy flags + * - a combination of EFX_RX_HASH() flags + */ +typedef uint32_t efx_rx_hash_type_t; typedef enum efx_rx_hash_support_e { EFX_RX_HASH_UNAVAILABLE = 0, /* Hardware hash not inserted */ @@ -1937,6 +2342,93 @@ typedef enum efx_rx_scale_context_type_e { EFX_RX_SCALE_SHARED /* Read-only key/indirection table */ } efx_rx_scale_context_type_t; +/* + * Traffic classes eligible for hash computation. + * + * Select packet headers used in computing the receive hash. + * This uses the same encoding as the RSS_MODES field of + * MC_CMD_RSS_CONTEXT_SET_FLAGS. + */ +#define EFX_RX_CLASS_IPV4_TCP_LBN 8 +#define EFX_RX_CLASS_IPV4_TCP_WIDTH 4 +#define EFX_RX_CLASS_IPV4_UDP_LBN 12 +#define EFX_RX_CLASS_IPV4_UDP_WIDTH 4 +#define EFX_RX_CLASS_IPV4_LBN 16 +#define EFX_RX_CLASS_IPV4_WIDTH 4 +#define EFX_RX_CLASS_IPV6_TCP_LBN 20 +#define EFX_RX_CLASS_IPV6_TCP_WIDTH 4 +#define EFX_RX_CLASS_IPV6_UDP_LBN 24 +#define EFX_RX_CLASS_IPV6_UDP_WIDTH 4 +#define EFX_RX_CLASS_IPV6_LBN 28 +#define EFX_RX_CLASS_IPV6_WIDTH 4 + +#define EFX_RX_NCLASSES 6 + +/* + * Ancillary flags used to construct generic hash tuples. + * This uses the same encoding as RSS_MODE_HASH_SELECTOR. + */ +#define EFX_RX_CLASS_HASH_SRC_ADDR (1U << 0) +#define EFX_RX_CLASS_HASH_DST_ADDR (1U << 1) +#define EFX_RX_CLASS_HASH_SRC_PORT (1U << 2) +#define EFX_RX_CLASS_HASH_DST_PORT (1U << 3) + +/* + * Generic hash tuples. + * + * They express combinations of packet fields + * which can contribute to the hash value for + * a particular traffic class. + */ +#define EFX_RX_CLASS_HASH_DISABLE 0 + +#define EFX_RX_CLASS_HASH_1TUPLE_SRC EFX_RX_CLASS_HASH_SRC_ADDR +#define EFX_RX_CLASS_HASH_1TUPLE_DST EFX_RX_CLASS_HASH_DST_ADDR + +#define EFX_RX_CLASS_HASH_2TUPLE \ + (EFX_RX_CLASS_HASH_SRC_ADDR | \ + EFX_RX_CLASS_HASH_DST_ADDR) + +#define EFX_RX_CLASS_HASH_2TUPLE_SRC \ + (EFX_RX_CLASS_HASH_SRC_ADDR | \ + EFX_RX_CLASS_HASH_SRC_PORT) + +#define EFX_RX_CLASS_HASH_2TUPLE_DST \ + (EFX_RX_CLASS_HASH_DST_ADDR | \ + EFX_RX_CLASS_HASH_DST_PORT) + +#define EFX_RX_CLASS_HASH_4TUPLE \ + (EFX_RX_CLASS_HASH_SRC_ADDR | \ + EFX_RX_CLASS_HASH_DST_ADDR | \ + EFX_RX_CLASS_HASH_SRC_PORT | \ + EFX_RX_CLASS_HASH_DST_PORT) + +#define EFX_RX_CLASS_HASH_NTUPLES 7 + +/* + * Hash flag constructor. + * + * Resulting flags encode hash tuples for specific traffic classes. + * The client drivers are encouraged to use these flags to form + * a hash type value. + */ +#define EFX_RX_HASH(_class, _tuple) \ + EFX_INSERT_FIELD_NATIVE32(0, 31, \ + EFX_RX_CLASS_##_class, EFX_RX_CLASS_HASH_##_tuple) + +/* + * The maximum number of EFX_RX_HASH() flags. + */ +#define EFX_RX_HASH_NFLAGS (EFX_RX_NCLASSES * EFX_RX_CLASS_HASH_NTUPLES) + +extern __checkReturn efx_rc_t +efx_rx_scale_hash_flags_get( + __in efx_nic_t *enp, + __in efx_rx_hash_alg_t hash_alg, + __out_ecount_part(max_nflags, *nflagsp) unsigned int *flagsp, + __in unsigned int max_nflags, + __out unsigned int *nflagsp); + extern __checkReturn efx_rc_t efx_rx_hash_default_support_get( __in efx_nic_t *enp, @@ -2007,6 +2499,7 @@ efx_pseudo_hdr_pkt_length_get( typedef enum efx_rxq_type_e { EFX_RXQ_TYPE_DEFAULT, EFX_RXQ_TYPE_PACKED_STREAM, + EFX_RXQ_TYPE_ES_SUPER_BUFFER, EFX_RXQ_NTYPES } efx_rxq_type_t; @@ -2060,6 +2553,28 @@ efx_rx_qcreate_packed_stream( #endif +#if EFSYS_OPT_RX_ES_SUPER_BUFFER + +/* Maximum head-of-line block timeout in nanoseconds */ +#define EFX_RXQ_ES_SUPER_BUFFER_HOL_BLOCK_MAX (400U * 1000 * 1000) + +extern __checkReturn efx_rc_t +efx_rx_qcreate_es_super_buffer( + __in efx_nic_t *enp, + __in unsigned int index, + __in unsigned int label, + __in uint32_t n_bufs_per_desc, + __in uint32_t max_dma_len, + __in uint32_t buf_stride, + __in uint32_t hol_block_timeout, + __in efsys_mem_t *esmp, + __in size_t ndescs, + __in unsigned int flags, + __in efx_evq_t *eep, + __deref_out efx_rxq_t **erpp); + +#endif + typedef struct efx_buffer_s { efsys_dma_addr_t eb_addr; size_t eb_size; @@ -2249,6 +2764,7 @@ extern void efx_tx_qdesc_tso2_create( __in efx_txq_t *etp, __in uint16_t ipv4_id, + __in uint16_t outer_ipv4_id, __in uint32_t tcp_seq, __in uint16_t tcp_mss, __out_ecount(count) efx_desc_t *edp, @@ -2260,6 +2776,12 @@ efx_tx_qdesc_vlantci_create( __in uint16_t tci, __out efx_desc_t *edp); +extern void +efx_tx_qdesc_checksum_create( + __in efx_txq_t *etp, + __in uint16_t flags, + __out efx_desc_t *edp); + #if EFSYS_OPT_QSTATS #if EFSYS_OPT_NAMES @@ -2308,6 +2830,10 @@ efx_tx_qdestroy( #define EFX_FILTER_FLAG_RX 0x08 /* Filter is for TX */ #define EFX_FILTER_FLAG_TX 0x10 +/* Set match flag on the received packet */ +#define EFX_FILTER_FLAG_ACTION_FLAG 0x20 +/* Set match mark on the received packet */ +#define EFX_FILTER_FLAG_ACTION_MARK 0x40 typedef uint8_t efx_filter_flags_t; @@ -2336,10 +2862,19 @@ typedef uint8_t efx_filter_flags_t; #define EFX_FILTER_MATCH_OUTER_VID 0x00000100 /* Match by IP transport protocol */ #define EFX_FILTER_MATCH_IP_PROTO 0x00000200 +/* Match by VNI or VSID */ +#define EFX_FILTER_MATCH_VNI_OR_VSID 0x00000800 +/* For encapsulated packets, match by inner frame local MAC address */ +#define EFX_FILTER_MATCH_IFRM_LOC_MAC 0x00010000 /* For encapsulated packets, match all multicast inner frames */ #define EFX_FILTER_MATCH_IFRM_UNKNOWN_MCAST_DST 0x01000000 /* For encapsulated packets, match all unicast inner frames */ #define EFX_FILTER_MATCH_IFRM_UNKNOWN_UCAST_DST 0x02000000 +/* + * Match by encap type, this flag does not correspond to + * the MCDI match flags and any unoccupied value may be used + */ +#define EFX_FILTER_MATCH_ENCAP_TYPE 0x20000000 /* Match otherwise-unmatched multicast and broadcast packets */ #define EFX_FILTER_MATCH_UNKNOWN_MCAST_DST 0x40000000 /* Match otherwise-unmatched unicast packets */ @@ -2371,6 +2906,8 @@ typedef struct efx_filter_spec_s { efx_filter_flags_t efs_flags; uint16_t efs_dmaq_id; uint32_t efs_rss_context; + uint32_t efs_mark; + /* Fields below here are hashed for software filter lookup */ uint16_t efs_outer_vid; uint16_t efs_inner_vid; uint8_t efs_loc_mac[EFX_MAC_ADDR_LEN]; @@ -2382,6 +2919,8 @@ typedef struct efx_filter_spec_s { uint16_t efs_rem_port; efx_oword_t efs_rem_host; efx_oword_t efs_loc_host; + uint8_t efs_vni_or_vsid[EFX_VNI_OR_VSID_LEN]; + uint8_t efs_ifrm_loc_mac[EFX_MAC_ADDR_LEN]; } efx_filter_spec_t; @@ -2477,6 +3016,27 @@ efx_filter_spec_set_encap_type( __in efx_tunnel_protocol_t encap_type, __in efx_filter_inner_frame_match_t inner_frame_match); +extern __checkReturn efx_rc_t +efx_filter_spec_set_vxlan( + __inout efx_filter_spec_t *spec, + __in const uint8_t *vni, + __in const uint8_t *inner_addr, + __in const uint8_t *outer_addr); + +extern __checkReturn efx_rc_t +efx_filter_spec_set_geneve( + __inout efx_filter_spec_t *spec, + __in const uint8_t *vni, + __in const uint8_t *inner_addr, + __in const uint8_t *outer_addr); + +extern __checkReturn efx_rc_t +efx_filter_spec_set_nvgre( + __inout efx_filter_spec_t *spec, + __in const uint8_t *vsid, + __in const uint8_t *inner_addr, + __in const uint8_t *outer_addr); + #if EFSYS_OPT_RX_SCALE extern __checkReturn efx_rc_t efx_filter_spec_set_rss_context( @@ -2635,6 +3195,110 @@ efx_lic_finish_partition( #endif /* EFSYS_OPT_LICENSING */ +/* TUNNEL */ + +#if EFSYS_OPT_TUNNEL + +extern __checkReturn efx_rc_t +efx_tunnel_init( + __in efx_nic_t *enp); + +extern void +efx_tunnel_fini( + __in efx_nic_t *enp); + +/* + * For overlay network encapsulation using UDP, the firmware needs to know + * the configured UDP port for the overlay so it can decode encapsulated + * frames correctly. + * The UDP port/protocol list is global. + */ + +extern __checkReturn efx_rc_t +efx_tunnel_config_udp_add( + __in efx_nic_t *enp, + __in uint16_t port /* host/cpu-endian */, + __in efx_tunnel_protocol_t protocol); + +extern __checkReturn efx_rc_t +efx_tunnel_config_udp_remove( + __in efx_nic_t *enp, + __in uint16_t port /* host/cpu-endian */, + __in efx_tunnel_protocol_t protocol); + +extern void +efx_tunnel_config_clear( + __in efx_nic_t *enp); + +/** + * Apply tunnel UDP ports configuration to hardware. + * + * EAGAIN is returned if hardware will be reset (datapath and management CPU + * reboot). + */ +extern __checkReturn efx_rc_t +efx_tunnel_reconfigure( + __in efx_nic_t *enp); + +#endif /* EFSYS_OPT_TUNNEL */ + +#if EFSYS_OPT_FW_SUBVARIANT_AWARE + +/** + * Firmware subvariant choice options. + * + * It may be switched to no Tx checksum if attached drivers are either + * preboot or firmware subvariant aware and no VIS are allocated. + * If may be always switched to default explicitly using set request or + * implicitly if unaware driver is attaching. If switching is done when + * a driver is attached, it gets MC_REBOOT event and should recreate its + * datapath. + * + * See SF-119419-TC DPDK Firmware Driver Interface and + * SF-109306-TC EF10 for Driver Writers for details. + */ +typedef enum efx_nic_fw_subvariant_e { + EFX_NIC_FW_SUBVARIANT_DEFAULT = 0, + EFX_NIC_FW_SUBVARIANT_NO_TX_CSUM = 1, + EFX_NIC_FW_SUBVARIANT_NTYPES +} efx_nic_fw_subvariant_t; + +extern __checkReturn efx_rc_t +efx_nic_get_fw_subvariant( + __in efx_nic_t *enp, + __out efx_nic_fw_subvariant_t *subvariantp); + +extern __checkReturn efx_rc_t +efx_nic_set_fw_subvariant( + __in efx_nic_t *enp, + __in efx_nic_fw_subvariant_t subvariant); + +#endif /* EFSYS_OPT_FW_SUBVARIANT_AWARE */ + +typedef enum efx_phy_fec_type_e { + EFX_PHY_FEC_NONE = 0, + EFX_PHY_FEC_BASER, + EFX_PHY_FEC_RS +} efx_phy_fec_type_t; + +extern __checkReturn efx_rc_t +efx_phy_fec_type_get( + __in efx_nic_t *enp, + __out efx_phy_fec_type_t *typep); + +typedef struct efx_phy_link_state_s { + uint32_t epls_adv_cap_mask; + uint32_t epls_lp_cap_mask; + uint32_t epls_ld_cap_mask; + unsigned int epls_fcntl; + efx_phy_fec_type_t epls_fec; + efx_link_mode_t epls_link_mode; +} efx_phy_link_state_t; + +extern __checkReturn efx_rc_t +efx_phy_link_state_get( + __in efx_nic_t *enp, + __out efx_phy_link_state_t *eplsp); #ifdef __cplusplus diff --git a/sys/dev/sfxge/common/efx_annote.h b/sys/dev/sfxge/common/efx_annote.h new file mode 100644 index 000000000000..e281efb7f697 --- /dev/null +++ b/sys/dev/sfxge/common/efx_annote.h @@ -0,0 +1,131 @@ +/*- + * SPDX-License-Identifier: BSD-2-Clause-FreeBSD + * + * Copyright (c) 2018 Solarflare Communications Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR + * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; + * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, + * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + * The views and conclusions contained in the software and documentation are + * those of the authors and should not be interpreted as representing official + * policies, either expressed or implied, of the FreeBSD Project. + * + * $FreeBSD$ + */ + +#ifndef _SYS_EFX_ANNOTE_H +#define _SYS_EFX_ANNOTE_H + +#if defined(_WIN32) || defined(_WIN64) +#define EFX_HAVE_WINDOWS_ANNOTATIONS 1 +#else +#define EFX_HAVE_WINDOWS_ANNOTATIONS 0 +#endif /* defined(_WIN32) || defined(_WIN64) */ + +#if defined(__sun) +#define EFX_HAVE_SOLARIS_ANNOTATIONS 1 +#else +#define EFX_HAVE_SOLARIS_ANNOTATIONS 0 +#endif /* defined(__sun) */ + +#if !EFX_HAVE_WINDOWS_ANNOTATIONS + +/* Ignore Windows SAL annotations on other platforms */ +#define __in +#define __in_opt +#define __in_ecount(_n) +#define __in_ecount_opt(_n) +#define __in_bcount(_n) +#define __in_bcount_opt(_n) + +#define __out +#define __out_opt +#define __out_ecount(_n) +#define __out_ecount_opt(_n) +#define __out_ecount_part(_n, _l) +#define __out_bcount(_n) +#define __out_bcount_opt(_n) +#define __out_bcount_part(_n, _l) +#define __out_bcount_part_opt(_n, _l) + +#define __deref_out +#define __deref_inout + +#define __inout +#define __inout_opt +#define __inout_ecount(_n) +#define __inout_ecount_opt(_n) +#define __inout_bcount(_n) +#define __inout_bcount_opt(_n) +#define __inout_bcount_full_opt(_n) + +#define __deref_out_bcount_opt(n) + +#define __checkReturn +#define __success(_x) + +#define __drv_when(_p, _c) + +#endif /* !EFX_HAVE_WINDOWS_ANNOTATIONS */ + +#if !EFX_HAVE_SOLARIS_ANNOTATIONS + +#if EFX_HAVE_WINDOWS_ANNOTATIONS + +/* + * Support some SunOS/Solaris style _NOTE() annotations + * + * At present with the facilities provided in the WDL and the SAL we can only + * easily act upon _NOTE(ARGUNUSED(arglist)) annotations. + * + * Intermediate macros to expand individual _NOTE annotation types into + * something the WDK or SAL can understand. They shouldn't be used directly, + * for example EFX_NOTE_ARGUNUSED() is only used as an intermediate step on the + * transformation of _NOTE(ARGUNSED(arg1, arg2)) into + * UNREFERENCED_PARAMETER((arg1, arg2)); + */ +#define EFX_NOTE_ALIGNMENT(_fname, _n) +#define EFX_NOTE_ARGUNUSED(...) UNREFERENCED_PARAMETER((__VA_ARGS__)); +#define EFX_NOTE_CONSTANTCONDITION +#define EFX_NOTE_CONSTCOND +#define EFX_NOTE_EMPTY +#define EFX_NOTE_FALLTHROUGH +#define EFX_NOTE_FALLTHRU +#define EFX_NOTE_LINTED(_msg) +#define EFX_NOTE_NOTREACHED +#define EFX_NOTE_PRINTFLIKE(_n) +#define EFX_NOTE_SCANFLIKE(_n) +#define EFX_NOTE_VARARGS(_n) + +#define _NOTE(_annotation) EFX_NOTE_ ## _annotation + +#else + +/* Ignore Solaris annotations on other platforms */ + +#define _NOTE(_annotation) + +#endif /* EFX_HAVE_WINDOWS_ANNOTATIONS */ + +#endif /* !EFX_HAVE_SOLARIS_ANNOTATIONS */ + +#endif /* _SYS_EFX_ANNOTE_H */ diff --git a/sys/dev/sfxge/common/efx_bootcfg.c b/sys/dev/sfxge/common/efx_bootcfg.c index 2ed34063ddf6..64b8204b0afb 100644 --- a/sys/dev/sfxge/common/efx_bootcfg.c +++ b/sys/dev/sfxge/common/efx_bootcfg.c @@ -48,8 +48,33 @@ __FBSDID("$FreeBSD$"); #define BOOTCFG_PER_PF 0x800 #define BOOTCFG_PF_COUNT 16 -#define DHCP_END ((uint8_t)0xff) -#define DHCP_PAD ((uint8_t)0) +#define DHCP_OPT_HAS_VALUE(opt) \ + (((opt) > EFX_DHCP_PAD) && ((opt) < EFX_DHCP_END)) + +#define DHCP_MAX_VALUE 255 + +#define DHCP_ENCAPSULATOR(encap_opt) ((encap_opt) >> 8) +#define DHCP_ENCAPSULATED(encap_opt) ((encap_opt) & 0xff) +#define DHCP_IS_ENCAP_OPT(opt) DHCP_OPT_HAS_VALUE(DHCP_ENCAPSULATOR(opt)) + +typedef struct efx_dhcp_tag_hdr_s { + uint8_t tag; + uint8_t length; +} efx_dhcp_tag_hdr_t; + +/* + * Length calculations for tags with value field. PAD and END + * have a fixed length of 1, with no length or value field. + */ +#define DHCP_FULL_TAG_LENGTH(hdr) \ + (sizeof (efx_dhcp_tag_hdr_t) + (hdr)->length) + +#define DHCP_NEXT_TAG(hdr) \ + ((efx_dhcp_tag_hdr_t *)(((uint8_t *)(hdr)) + \ + DHCP_FULL_TAG_LENGTH((hdr)))) + +#define DHCP_CALC_TAG_LENGTH(payload_len) \ + ((payload_len) + sizeof (efx_dhcp_tag_hdr_t)) /* Report the layout of bootcfg sectors in NVRAM partition. */ @@ -97,6 +122,20 @@ efx_bootcfg_sector_info( } #endif /* EFSYS_OPT_MEDFORD */ +#if EFSYS_OPT_MEDFORD2 + case EFX_FAMILY_MEDFORD2: { + /* Shared partition (array indexed by PF) */ + max_size = BOOTCFG_PER_PF; + count = BOOTCFG_PF_COUNT; + if (pf >= count) { + rc = EINVAL; + goto fail3; + } + offset = max_size * pf; + break; + } +#endif /* EFSYS_OPT_MEDFORD2 */ + default: EFSYS_ASSERT(0); rc = ENOTSUP; @@ -111,6 +150,10 @@ efx_bootcfg_sector_info( return (0); +#if EFSYS_OPT_MEDFORD2 +fail3: + EFSYS_PROBE(fail3); +#endif #if EFSYS_OPT_MEDFORD fail2: EFSYS_PROBE(fail2); @@ -121,14 +164,11 @@ fail1: } -static __checkReturn uint8_t -efx_bootcfg_csum( - __in efx_nic_t *enp, + __checkReturn uint8_t +efx_dhcp_csum( __in_bcount(size) uint8_t const *data, __in size_t size) { - _NOTE(ARGUNUSED(enp)) - unsigned int pos; uint8_t checksum = 0; @@ -137,9 +177,8 @@ efx_bootcfg_csum( return (checksum); } -static __checkReturn efx_rc_t -efx_bootcfg_verify( - __in efx_nic_t *enp, + __checkReturn efx_rc_t +efx_dhcp_verify( __in_bcount(size) uint8_t const *data, __in size_t size, __out_opt size_t *usedp) @@ -155,12 +194,12 @@ efx_bootcfg_verify( /* Consume tag */ tag = data[offset]; - if (tag == DHCP_END) { + if (tag == EFX_DHCP_END) { offset++; used = offset; break; } - if (tag == DHCP_PAD) { + if (tag == EFX_DHCP_PAD) { offset++; continue; } @@ -182,8 +221,8 @@ efx_bootcfg_verify( used = offset; } - /* Checksum the entire sector, including bytes after any DHCP_END */ - if (efx_bootcfg_csum(enp, data, size) != 0) { + /* Checksum the entire sector, including bytes after any EFX_DHCP_END */ + if (efx_dhcp_csum(data, size) != 0) { rc = EINVAL; goto fail3; } @@ -204,6 +243,516 @@ fail1: } /* + * Walk the entire tag set looking for option. The sought option may be + * encapsulated. ENOENT indicates the walk completed without finding the + * option. If we run out of buffer during the walk the function will return + * ENOSPC. + */ +static efx_rc_t +efx_dhcp_walk_tags( + __deref_inout uint8_t **tagpp, + __inout size_t *buffer_sizep, + __in uint16_t opt) +{ + efx_rc_t rc = 0; + boolean_t is_encap = B_FALSE; + + if (DHCP_IS_ENCAP_OPT(opt)) { + /* + * Look for the encapsulator and, if found, limit ourselves + * to its payload. If it's not found then the entire tag + * cannot be found, so the encapsulated opt search is + * skipped. + */ + rc = efx_dhcp_walk_tags(tagpp, buffer_sizep, + DHCP_ENCAPSULATOR(opt)); + if (rc == 0) { + *buffer_sizep = ((efx_dhcp_tag_hdr_t *)*tagpp)->length; + (*tagpp) += sizeof (efx_dhcp_tag_hdr_t); + } + opt = DHCP_ENCAPSULATED(opt); + is_encap = B_TRUE; + } + + EFSYS_ASSERT(!DHCP_IS_ENCAP_OPT(opt)); + + while (rc == 0) { + size_t size; + + if (*buffer_sizep == 0) { + rc = ENOSPC; + goto fail1; + } + + if (DHCP_ENCAPSULATED(**tagpp) == opt) + break; + + if ((**tagpp) == EFX_DHCP_END) { + rc = ENOENT; + break; + } else if ((**tagpp) == EFX_DHCP_PAD) { + size = 1; + } else { + if (*buffer_sizep < sizeof (efx_dhcp_tag_hdr_t)) { + rc = ENOSPC; + goto fail2; + } + + size = + DHCP_FULL_TAG_LENGTH((efx_dhcp_tag_hdr_t *)*tagpp); + } + + if (size > *buffer_sizep) { + rc = ENOSPC; + goto fail3; + } + + (*tagpp) += size; + (*buffer_sizep) -= size; + + if ((*buffer_sizep == 0) && is_encap) { + /* Search within encapulator tag finished */ + rc = ENOENT; + break; + } + } + + /* + * Returns 0 if found otherwise ENOENT indicating search finished + * correctly + */ + return (rc); + +fail3: + EFSYS_PROBE(fail3); +fail2: + EFSYS_PROBE(fail2); +fail1: + EFSYS_PROBE1(fail1, efx_rc_t, rc); + + return (rc); +} + +/* + * Locate value buffer for option in the given buffer. + * Returns 0 if found, ENOENT indicating search finished + * correctly, otherwise search failed before completion. + */ + __checkReturn efx_rc_t +efx_dhcp_find_tag( + __in_bcount(buffer_length) uint8_t *bufferp, + __in size_t buffer_length, + __in uint16_t opt, + __deref_out uint8_t **valuepp, + __out size_t *value_lengthp) +{ + efx_rc_t rc; + uint8_t *tagp = bufferp; + size_t len = buffer_length; + + rc = efx_dhcp_walk_tags(&tagp, &len, opt); + if (rc == 0) { + efx_dhcp_tag_hdr_t *hdrp; + + hdrp = (efx_dhcp_tag_hdr_t *)tagp; + *valuepp = (uint8_t *)(&hdrp[1]); + *value_lengthp = hdrp->length; + } else if (rc != ENOENT) { + goto fail1; + } + + return (rc); + +fail1: + EFSYS_PROBE1(fail1, efx_rc_t, rc); + + return (rc); +} + +/* + * Locate the end tag in the given buffer. + * Returns 0 if found, ENOENT indicating search finished + * correctly but end tag was not found; otherwise search + * failed before completion. + */ + __checkReturn efx_rc_t +efx_dhcp_find_end( + __in_bcount(buffer_length) uint8_t *bufferp, + __in size_t buffer_length, + __deref_out uint8_t **endpp) +{ + efx_rc_t rc; + uint8_t *endp = bufferp; + size_t len = buffer_length; + + rc = efx_dhcp_walk_tags(&endp, &len, EFX_DHCP_END); + if (rc == 0) + *endpp = endp; + else if (rc != ENOENT) + goto fail1; + + return (rc); + +fail1: + EFSYS_PROBE1(fail1, efx_rc_t, rc); + + return (rc); +} + + +/* + * Delete the given tag from anywhere in the buffer. Copes with + * encapsulated tags, and updates or deletes the encapsulating opt as + * necessary. + */ + __checkReturn efx_rc_t +efx_dhcp_delete_tag( + __inout_bcount(buffer_length) uint8_t *bufferp, + __in size_t buffer_length, + __in uint16_t opt) +{ + efx_rc_t rc; + efx_dhcp_tag_hdr_t *hdrp; + size_t len; + uint8_t *startp; + uint8_t *endp; + + len = buffer_length; + startp = bufferp; + + if (!DHCP_OPT_HAS_VALUE(DHCP_ENCAPSULATED(opt))) { + rc = EINVAL; + goto fail1; + } + + rc = efx_dhcp_walk_tags(&startp, &len, opt); + if (rc != 0) + goto fail1; + + hdrp = (efx_dhcp_tag_hdr_t *)startp; + + if (DHCP_IS_ENCAP_OPT(opt)) { + uint8_t tag_length = DHCP_FULL_TAG_LENGTH(hdrp); + uint8_t *encapp = bufferp; + efx_dhcp_tag_hdr_t *encap_hdrp; + + len = buffer_length; + rc = efx_dhcp_walk_tags(&encapp, &len, + DHCP_ENCAPSULATOR(opt)); + if (rc != 0) + goto fail2; + + encap_hdrp = (efx_dhcp_tag_hdr_t *)encapp; + if (encap_hdrp->length > tag_length) { + encap_hdrp->length = (uint8_t)( + (size_t)encap_hdrp->length - tag_length); + } else { + /* delete the encapsulating tag */ + hdrp = encap_hdrp; + } + } + + startp = (uint8_t *)hdrp; + endp = (uint8_t *)DHCP_NEXT_TAG(hdrp); + + if (startp < bufferp) { + rc = EINVAL; + goto fail3; + } + + if (endp > &bufferp[buffer_length]) { + rc = EINVAL; + goto fail4; + } + + memmove(startp, endp, + buffer_length - (endp - bufferp)); + + return (0); + +fail4: + EFSYS_PROBE(fail4); +fail3: + EFSYS_PROBE(fail3); +fail2: + EFSYS_PROBE(fail2); +fail1: + EFSYS_PROBE1(fail1, efx_rc_t, rc); + + return (rc); +} + +/* + * Write the tag header into write_pointp and optionally copies the payload + * into the space following. + */ +static void +efx_dhcp_write_tag( + __in uint8_t *write_pointp, + __in uint16_t opt, + __in_bcount_opt(value_length) + uint8_t *valuep, + __in size_t value_length) +{ + efx_dhcp_tag_hdr_t *hdrp = (efx_dhcp_tag_hdr_t *)write_pointp; + hdrp->tag = DHCP_ENCAPSULATED(opt); + hdrp->length = (uint8_t)value_length; + if ((value_length > 0) && (valuep != NULL)) + memcpy(&hdrp[1], valuep, value_length); +} + +/* + * Add the given tag to the end of the buffer. Copes with creating an + * encapsulated tag, and updates or creates the encapsulating opt as + * necessary. + */ + __checkReturn efx_rc_t +efx_dhcp_add_tag( + __inout_bcount(buffer_length) uint8_t *bufferp, + __in size_t buffer_length, + __in uint16_t opt, + __in_bcount_opt(value_length) uint8_t *valuep, + __in size_t value_length) +{ + efx_rc_t rc; + efx_dhcp_tag_hdr_t *encap_hdrp = NULL; + uint8_t *insert_pointp = NULL; + uint8_t *endp; + size_t available_space; + size_t added_length; + size_t search_size; + uint8_t *searchp; + + if (!DHCP_OPT_HAS_VALUE(DHCP_ENCAPSULATED(opt))) { + rc = EINVAL; + goto fail1; + } + + if (value_length > DHCP_MAX_VALUE) { + rc = EINVAL; + goto fail2; + } + + if ((value_length > 0) && (valuep == NULL)) { + rc = EINVAL; + goto fail3; + } + + endp = bufferp; + available_space = buffer_length; + rc = efx_dhcp_walk_tags(&endp, &available_space, EFX_DHCP_END); + if (rc != 0) + goto fail4; + + searchp = bufferp; + search_size = buffer_length; + if (DHCP_IS_ENCAP_OPT(opt)) { + rc = efx_dhcp_walk_tags(&searchp, &search_size, + DHCP_ENCAPSULATOR(opt)); + if (rc == 0) { + encap_hdrp = (efx_dhcp_tag_hdr_t *)searchp; + + /* Check encapsulated tag is not present */ + search_size = encap_hdrp->length; + rc = efx_dhcp_walk_tags(&searchp, &search_size, + opt); + if (rc != ENOENT) { + rc = EINVAL; + goto fail5; + } + + /* Check encapsulator will not overflow */ + if (((size_t)encap_hdrp->length + + DHCP_CALC_TAG_LENGTH(value_length)) > + DHCP_MAX_VALUE) { + rc = E2BIG; + goto fail6; + } + + /* Insert at start of existing encapsulator */ + insert_pointp = (uint8_t *)&encap_hdrp[1]; + opt = DHCP_ENCAPSULATED(opt); + } else if (rc == ENOENT) { + encap_hdrp = NULL; + } else { + goto fail7; + } + } else { + /* Check unencapsulated tag is not present */ + rc = efx_dhcp_walk_tags(&searchp, &search_size, + opt); + if (rc != ENOENT) { + rc = EINVAL; + goto fail8; + } + } + + if (insert_pointp == NULL) { + /* Insert at end of existing tags */ + insert_pointp = endp; + } + + /* Includes the new encapsulator tag hdr if required */ + added_length = DHCP_CALC_TAG_LENGTH(value_length) + + (DHCP_IS_ENCAP_OPT(opt) ? sizeof (efx_dhcp_tag_hdr_t) : 0); + + if (available_space <= added_length) { + rc = ENOMEM; + goto fail9; + } + + memmove(insert_pointp + added_length, insert_pointp, + available_space - added_length); + + if (DHCP_IS_ENCAP_OPT(opt)) { + /* Create new encapsulator header */ + added_length -= sizeof (efx_dhcp_tag_hdr_t); + efx_dhcp_write_tag(insert_pointp, + DHCP_ENCAPSULATOR(opt), NULL, added_length); + insert_pointp += sizeof (efx_dhcp_tag_hdr_t); + } else if (encap_hdrp) + /* Modify existing encapsulator header */ + encap_hdrp->length += + ((uint8_t)DHCP_CALC_TAG_LENGTH(value_length)); + + efx_dhcp_write_tag(insert_pointp, opt, valuep, value_length); + + return (0); + +fail9: + EFSYS_PROBE(fail9); +fail8: + EFSYS_PROBE(fail8); +fail7: + EFSYS_PROBE(fail7); +fail6: + EFSYS_PROBE(fail6); +fail5: + EFSYS_PROBE(fail5); +fail4: + EFSYS_PROBE(fail4); +fail3: + EFSYS_PROBE(fail3); +fail2: + EFSYS_PROBE(fail2); +fail1: + EFSYS_PROBE1(fail1, efx_rc_t, rc); + + return (rc); +} + +/* + * Update an existing tag to the new value. Copes with encapsulated + * tags, and updates the encapsulating opt as necessary. + */ + __checkReturn efx_rc_t +efx_dhcp_update_tag( + __inout_bcount(buffer_length) uint8_t *bufferp, + __in size_t buffer_length, + __in uint16_t opt, + __in uint8_t *value_locationp, + __in_bcount_opt(value_length) uint8_t *valuep, + __in size_t value_length) +{ + efx_rc_t rc; + uint8_t *write_pointp = value_locationp - sizeof (efx_dhcp_tag_hdr_t); + efx_dhcp_tag_hdr_t *hdrp = (efx_dhcp_tag_hdr_t *)write_pointp; + efx_dhcp_tag_hdr_t *encap_hdrp = NULL; + size_t old_length; + + if (!DHCP_OPT_HAS_VALUE(DHCP_ENCAPSULATED(opt))) { + rc = EINVAL; + goto fail1; + } + + if (value_length > DHCP_MAX_VALUE) { + rc = EINVAL; + goto fail2; + } + + if ((value_length > 0) && (valuep == NULL)) { + rc = EINVAL; + goto fail3; + } + + old_length = hdrp->length; + + if (old_length < value_length) { + uint8_t *endp = bufferp; + size_t available_space = buffer_length; + + rc = efx_dhcp_walk_tags(&endp, &available_space, + EFX_DHCP_END); + if (rc != 0) + goto fail4; + + if (available_space < (value_length - old_length)) { + rc = EINVAL; + goto fail5; + } + } + + if (DHCP_IS_ENCAP_OPT(opt)) { + uint8_t *encapp = bufferp; + size_t following_encap = buffer_length; + size_t new_length; + + rc = efx_dhcp_walk_tags(&encapp, &following_encap, + DHCP_ENCAPSULATOR(opt)); + if (rc != 0) + goto fail6; + + encap_hdrp = (efx_dhcp_tag_hdr_t *)encapp; + + new_length = ((size_t)encap_hdrp->length + + value_length - old_length); + /* Check encapsulator will not overflow */ + if (new_length > DHCP_MAX_VALUE) { + rc = E2BIG; + goto fail7; + } + + encap_hdrp->length = (uint8_t)new_length; + } + + /* + * Move the following data up/down to accommodate the new payload + * length. + */ + if (old_length != value_length) { + uint8_t *destp = (uint8_t *)DHCP_NEXT_TAG(hdrp) + + value_length - old_length; + size_t count = &bufferp[buffer_length] - + (uint8_t *)DHCP_NEXT_TAG(hdrp); + + memmove(destp, DHCP_NEXT_TAG(hdrp), count); + } + + EFSYS_ASSERT(hdrp->tag == DHCP_ENCAPSULATED(opt)); + efx_dhcp_write_tag(write_pointp, opt, valuep, value_length); + + return (0); + +fail7: + EFSYS_PROBE(fail7); +fail6: + EFSYS_PROBE(fail6); +fail5: + EFSYS_PROBE(fail5); +fail4: + EFSYS_PROBE(fail4); +fail3: + EFSYS_PROBE(fail3); +fail2: + EFSYS_PROBE(fail2); +fail1: + EFSYS_PROBE1(fail1, efx_rc_t, rc); + + return (rc); +} + + +/* * Copy bootcfg sector data to a target buffer which may differ in size. * Optionally corrects format errors in source buffer. */ @@ -217,46 +766,54 @@ efx_bootcfg_copy_sector( __in size_t data_size, __in boolean_t handle_format_errors) { + _NOTE(ARGUNUSED(enp)) + size_t used_bytes; efx_rc_t rc; + /* Minimum buffer is checksum byte and EFX_DHCP_END terminator */ + if (data_size < 2) { + rc = ENOSPC; + goto fail1; + } + /* Verify that the area is correctly formatted and checksummed */ - rc = efx_bootcfg_verify(enp, sector, sector_length, + rc = efx_dhcp_verify(sector, sector_length, &used_bytes); if (!handle_format_errors) { if (rc != 0) - goto fail1; + goto fail2; if ((used_bytes < 2) || - (sector[used_bytes - 1] != DHCP_END)) { - /* Block too short, or DHCP_END missing */ + (sector[used_bytes - 1] != EFX_DHCP_END)) { + /* Block too short, or EFX_DHCP_END missing */ rc = ENOENT; - goto fail2; + goto fail3; } } /* Synthesize empty format on verification failure */ if (rc != 0 || used_bytes == 0) { sector[0] = 0; - sector[1] = DHCP_END; + sector[1] = EFX_DHCP_END; used_bytes = 2; } - EFSYS_ASSERT(used_bytes >= 2); /* checksum and DHCP_END */ + EFSYS_ASSERT(used_bytes >= 2); /* checksum and EFX_DHCP_END */ EFSYS_ASSERT(used_bytes <= sector_length); EFSYS_ASSERT(sector_length >= 2); /* - * Legacy bootcfg sectors don't terminate with a DHCP_END character. - * Modify the returned payload so it does. + * Legacy bootcfg sectors don't terminate with an EFX_DHCP_END + * character. Modify the returned payload so it does. * Reinitialise the sector if there isn't room for the character. */ - if (sector[used_bytes - 1] != DHCP_END) { + if (sector[used_bytes - 1] != EFX_DHCP_END) { if (used_bytes >= sector_length) { sector[0] = 0; used_bytes = 1; } - sector[used_bytes] = DHCP_END; + sector[used_bytes] = EFX_DHCP_END; ++used_bytes; } @@ -266,22 +823,29 @@ efx_bootcfg_copy_sector( */ if (used_bytes > data_size) { rc = ENOSPC; - goto fail3; + goto fail4; } - memcpy(data, sector, used_bytes); + + data[0] = 0; /* checksum, updated below */ + + /* Copy all after the checksum to the target buffer */ + memcpy(data + 1, sector + 1, used_bytes - 1); /* Zero out the unused portion of the target buffer */ if (used_bytes < data_size) (void) memset(data + used_bytes, 0, data_size - used_bytes); /* - * The checksum includes trailing data after any DHCP_END character, - * which we've just modified (by truncation or appending DHCP_END). + * The checksum includes trailing data after any EFX_DHCP_END + * character, which we've just modified (by truncation or appending + * EFX_DHCP_END). */ - data[0] -= efx_bootcfg_csum(enp, data, data_size); + data[0] -= efx_dhcp_csum(data, data_size); return (0); +fail4: + EFSYS_PROBE(fail4); fail3: EFSYS_PROBE(fail3); fail2: @@ -306,20 +870,31 @@ efx_bootcfg_read( efx_rc_t rc; uint32_t sector_number; -#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD + /* Minimum buffer is checksum byte and EFX_DHCP_END terminator */ + if (size < 2) { + rc = ENOSPC; + goto fail1; + } + +#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 sector_number = enp->en_nic_cfg.enc_pf; #else sector_number = 0; #endif rc = efx_nvram_size(enp, EFX_NVRAM_BOOTROM_CFG, &partn_length); if (rc != 0) - goto fail1; + goto fail2; /* The bootcfg sector may be stored in a (larger) shared partition */ rc = efx_bootcfg_sector_info(enp, sector_number, NULL, §or_offset, §or_length); if (rc != 0) - goto fail2; + goto fail3; + + if (sector_length < 2) { + rc = EINVAL; + goto fail4; + } if (sector_length > BOOTCFG_MAX_SIZE) sector_length = BOOTCFG_MAX_SIZE; @@ -327,61 +902,60 @@ efx_bootcfg_read( if (sector_offset + sector_length > partn_length) { /* Partition is too small */ rc = EFBIG; - goto fail3; + goto fail5; } /* - * We need to read the entire BOOTCFG sector to ensure we read all the - * tags, because legacy bootcfg sectors are not guaranteed to end with - * a DHCP_END character. If the user hasn't supplied a sufficiently - * large buffer then use our own buffer. + * We need to read the entire BOOTCFG sector to ensure we read all + * tags, because legacy bootcfg sectors are not guaranteed to end + * with an EFX_DHCP_END character. If the user hasn't supplied a + * sufficiently large buffer then use our own buffer. */ if (sector_length > size) { EFSYS_KMEM_ALLOC(enp->en_esip, sector_length, payload); if (payload == NULL) { rc = ENOMEM; - goto fail4; + goto fail6; } } else payload = (uint8_t *)data; if ((rc = efx_nvram_rw_start(enp, EFX_NVRAM_BOOTROM_CFG, NULL)) != 0) - goto fail5; + goto fail7; if ((rc = efx_nvram_read_chunk(enp, EFX_NVRAM_BOOTROM_CFG, sector_offset, (caddr_t)payload, sector_length)) != 0) { (void) efx_nvram_rw_finish(enp, EFX_NVRAM_BOOTROM_CFG, NULL); - goto fail6; + goto fail8; } if ((rc = efx_nvram_rw_finish(enp, EFX_NVRAM_BOOTROM_CFG, NULL)) != 0) - goto fail7; + goto fail9; /* Verify that the area is correctly formatted and checksummed */ - rc = efx_bootcfg_verify(enp, payload, sector_length, + rc = efx_dhcp_verify(payload, sector_length, &used_bytes); if (rc != 0 || used_bytes == 0) { - payload[0] = (uint8_t)(~DHCP_END & 0xff); - payload[1] = DHCP_END; + payload[0] = 0; + payload[1] = EFX_DHCP_END; used_bytes = 2; } - EFSYS_ASSERT(used_bytes >= 2); /* checksum and DHCP_END */ + EFSYS_ASSERT(used_bytes >= 2); /* checksum and EFX_DHCP_END */ EFSYS_ASSERT(used_bytes <= sector_length); /* - * Legacy bootcfg sectors don't terminate with a DHCP_END character. - * Modify the returned payload so it does. BOOTCFG_MAX_SIZE is by - * definition large enough for any valid (per-port) bootcfg sector, - * so reinitialise the sector if there isn't room for the character. + * Legacy bootcfg sectors don't terminate with an EFX_DHCP_END + * character. Modify the returned payload so it does. + * BOOTCFG_MAX_SIZE is by definition large enough for any valid + * (per-port) bootcfg sector, so reinitialise the sector if there + * isn't room for the character. */ - if (payload[used_bytes - 1] != DHCP_END) { - if (used_bytes + 1 > sector_length) { - payload[0] = 0; + if (payload[used_bytes - 1] != EFX_DHCP_END) { + if (used_bytes >= sector_length) used_bytes = 1; - } - payload[used_bytes] = DHCP_END; + payload[used_bytes] = EFX_DHCP_END; ++used_bytes; } @@ -391,10 +965,14 @@ efx_bootcfg_read( */ if (used_bytes > size) { rc = ENOSPC; - goto fail8; + goto fail10; } + + data[0] = 0; /* checksum, updated below */ + if (sector_length > size) { - memcpy(data, payload, used_bytes); + /* Copy all after the checksum to the target buffer */ + memcpy(data + 1, payload + 1, used_bytes - 1); EFSYS_KMEM_FREE(enp->en_esip, sector_length, payload); } @@ -403,23 +981,27 @@ efx_bootcfg_read( (void) memset(data + used_bytes, 0, size - used_bytes); /* - * The checksum includes trailing data after any DHCP_END character, - * which we've just modified (by truncation or appending DHCP_END). + * The checksum includes trailing data after any EFX_DHCP_END character, + * which we've just modified (by truncation or appending EFX_DHCP_END). */ - data[0] -= efx_bootcfg_csum(enp, data, size); + data[0] -= efx_dhcp_csum(data, size); return (0); +fail10: + EFSYS_PROBE(fail10); +fail9: + EFSYS_PROBE(fail9); fail8: EFSYS_PROBE(fail8); fail7: EFSYS_PROBE(fail7); + if (sector_length > size) + EFSYS_KMEM_FREE(enp->en_esip, sector_length, payload); fail6: EFSYS_PROBE(fail6); fail5: EFSYS_PROBE(fail5); - if (sector_length > size) - EFSYS_KMEM_FREE(enp->en_esip, sector_length, payload); fail4: EFSYS_PROBE(fail4); fail3: @@ -447,7 +1029,7 @@ efx_bootcfg_write( efx_rc_t rc; uint32_t sector_number; -#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD +#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 sector_number = enp->en_nic_cfg.enc_pf; #else sector_number = 0; @@ -472,12 +1054,16 @@ efx_bootcfg_write( goto fail3; } - if ((rc = efx_bootcfg_verify(enp, data, size, &used_bytes)) != 0) + if ((rc = efx_dhcp_verify(data, size, &used_bytes)) != 0) goto fail4; - /* The caller *must* terminate their block with a DHCP_END character */ - if ((used_bytes < 2) || ((uint8_t)data[used_bytes - 1] != DHCP_END)) { - /* Block too short or DHCP_END missing */ + /* + * The caller *must* terminate their block with a EFX_DHCP_END + * character + */ + if ((used_bytes < 2) || ((uint8_t)data[used_bytes - 1] != + EFX_DHCP_END)) { + /* Block too short or EFX_DHCP_END missing */ rc = ENOENT; goto fail5; } @@ -510,13 +1096,13 @@ efx_bootcfg_write( goto fail9; /* - * Insert the BOOTCFG sector into the partition, Zero out all data after - * the DHCP_END tag, and adjust the checksum. + * Insert the BOOTCFG sector into the partition, Zero out all data + * after the EFX_DHCP_END tag, and adjust the checksum. */ (void) memset(partn_data + sector_offset, 0x0, sector_length); (void) memcpy(partn_data + sector_offset, data, used_bytes); - checksum = efx_bootcfg_csum(enp, data, used_bytes); + checksum = efx_dhcp_csum(data, used_bytes); partn_data[sector_offset] -= checksum; if ((rc = efx_nvram_erase(enp, EFX_NVRAM_BOOTROM_CFG)) != 0) diff --git a/sys/dev/sfxge/common/efx_check.h b/sys/dev/sfxge/common/efx_check.h index 936223190bd1..8ba63ca42193 100644 --- a/sys/dev/sfxge/common/efx_check.h +++ b/sys/dev/sfxge/common/efx_check.h @@ -56,8 +56,9 @@ /* Verify chip implements accessed registers */ #if EFSYS_OPT_CHECK_REG -# if !(EFSYS_OPT_SIENA || EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD) -# error "CHECK_REG requires SIENA or HUNTINGTON or MEDFORD" +# if !(EFSYS_OPT_SIENA || EFSYS_OPT_HUNTINGTON || \ + EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2) +# error "CHECK_REG requires SIENA or HUNTINGTON or MEDFORD or MEDFORD2" # endif #endif /* EFSYS_OPT_CHECK_REG */ @@ -70,15 +71,17 @@ /* Support diagnostic hardware tests */ #if EFSYS_OPT_DIAG -# if !(EFSYS_OPT_SIENA || EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD) -# error "DIAG requires SIENA or HUNTINGTON or MEDFORD" +# if !(EFSYS_OPT_SIENA || EFSYS_OPT_HUNTINGTON || \ + EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2) +# error "DIAG requires SIENA or HUNTINGTON or MEDFORD or MEDFORD2" # endif #endif /* EFSYS_OPT_DIAG */ /* Support optimized EVQ data access */ #if EFSYS_OPT_EV_PREFETCH -# if !(EFSYS_OPT_SIENA || EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD) -# error "EV_PREFETCH requires SIENA or HUNTINGTON or MEDFORD" +# if !(EFSYS_OPT_SIENA || EFSYS_OPT_HUNTINGTON || \ + EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2) +# error "EV_PREFETCH requires SIENA or HUNTINGTON or MEDFORD or MEDFORD2" # endif #endif /* EFSYS_OPT_EV_PREFETCH */ @@ -88,21 +91,23 @@ /* Support hardware packet filters */ #if EFSYS_OPT_FILTER -# if !(EFSYS_OPT_SIENA || EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD) -# error "FILTER requires SIENA or HUNTINGTON or MEDFORD" +# if !(EFSYS_OPT_SIENA || EFSYS_OPT_HUNTINGTON || \ + EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2) +# error "FILTER requires SIENA or HUNTINGTON or MEDFORD or MEDFORD2" # endif #endif /* EFSYS_OPT_FILTER */ -#if (EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD) +#if (EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2) # if !EFSYS_OPT_FILTER -# error "HUNTINGTON or MEDFORD requires FILTER" +# error "HUNTINGTON or MEDFORD or MEDFORD2 requires FILTER" # endif #endif /* EFSYS_OPT_HUNTINGTON */ /* Support hardware loopback modes */ #if EFSYS_OPT_LOOPBACK -# if !(EFSYS_OPT_SIENA || EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD) -# error "LOOPBACK requires SIENA or HUNTINGTON or MEDFORD" +# if !(EFSYS_OPT_SIENA || EFSYS_OPT_HUNTINGTON || \ + EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2) +# error "LOOPBACK requires SIENA or HUNTINGTON or MEDFORD or MEDFORD2" # endif #endif /* EFSYS_OPT_LOOPBACK */ @@ -116,21 +121,24 @@ /* Support MAC statistics */ #if EFSYS_OPT_MAC_STATS -# if !(EFSYS_OPT_SIENA || EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD) -# error "MAC_STATS requires SIENA or HUNTINGTON or MEDFORD" +# if !(EFSYS_OPT_SIENA || EFSYS_OPT_HUNTINGTON || \ + EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2) +# error "MAC_STATS requires SIENA or HUNTINGTON or MEDFORD or MEDFORD2" # endif #endif /* EFSYS_OPT_MAC_STATS */ /* Support management controller messages */ #if EFSYS_OPT_MCDI -# if !(EFSYS_OPT_SIENA || EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD) -# error "MCDI requires SIENA or HUNTINGTON or MEDFORD" +# if !(EFSYS_OPT_SIENA || EFSYS_OPT_HUNTINGTON || \ + EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2) +# error "MCDI requires SIENA or HUNTINGTON or MEDFORD or MEDFORD2" # endif #endif /* EFSYS_OPT_MCDI */ -#if (EFSYS_OPT_SIENA || EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD) +#if (EFSYS_OPT_SIENA || EFSYS_OPT_HUNTINGTON || \ + EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2) # if !EFSYS_OPT_MCDI -# error "SIENA or HUNTINGTON or MEDFORD requires MCDI" +# error "SIENA or HUNTINGTON or MEDFORD or MEDFORD2 requires MCDI" # endif #endif @@ -170,15 +178,17 @@ /* Support monitor statistics (voltage/temperature) */ #if EFSYS_OPT_MON_STATS -# if !(EFSYS_OPT_SIENA || EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD) -# error "MON_STATS requires SIENA or HUNTINGTON or MEDFORD" +# if !(EFSYS_OPT_SIENA || EFSYS_OPT_HUNTINGTON || \ + EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2) +# error "MON_STATS requires SIENA or HUNTINGTON or MEDFORD or MEDFORD2" # endif #endif /* EFSYS_OPT_MON_STATS */ /* Support Monitor via mcdi */ #if EFSYS_OPT_MON_MCDI -# if !(EFSYS_OPT_SIENA || EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD) -# error "MON_MCDI requires SIENA or HUNTINGTON or MEDFORD" +# if !(EFSYS_OPT_SIENA || EFSYS_OPT_HUNTINGTON || \ + EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2) +# error "MON_MCDI requires SIENA or HUNTINGTON or MEDFORD or MEDFORD2" # endif #endif /* EFSYS_OPT_MON_MCDI*/ @@ -192,11 +202,19 @@ /* Support non volatile configuration */ #if EFSYS_OPT_NVRAM -# if !(EFSYS_OPT_SIENA || EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD) -# error "NVRAM requires SIENA or HUNTINGTON or MEDFORD" +# if !(EFSYS_OPT_SIENA || EFSYS_OPT_HUNTINGTON || \ + EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2) +# error "NVRAM requires SIENA or HUNTINGTON or MEDFORD or MEDFORD2" # endif #endif /* EFSYS_OPT_NVRAM */ +#if EFSYS_OPT_IMAGE_LAYOUT +/* Support signed image layout handling */ +# if !(EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2) +# error "IMAGE_LAYOUT requires MEDFORD or MEDFORD2" +# endif +#endif /* EFSYS_OPT_IMAGE_LAYOUT */ + #ifdef EFSYS_OPT_NVRAM_FALCON_BOOTROM # error "NVRAM_FALCON_BOOTROM is obsolete and is not supported." #endif @@ -226,8 +244,9 @@ /* Support for PHY LED control */ #if EFSYS_OPT_PHY_LED_CONTROL -# if !(EFSYS_OPT_SIENA || EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD) -# error "PHY_LED_CONTROL requires SIENA or HUNTINGTON or MEDFORD" +# if !(EFSYS_OPT_SIENA || EFSYS_OPT_HUNTINGTON || \ + EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2) +# error "PHY_LED_CONTROL requires SIENA or HUNTINGTON or MEDFORD or MEDFORD2" # endif #endif /* EFSYS_OPT_PHY_LED_CONTROL */ @@ -272,8 +291,9 @@ /* Support EVQ/RXQ/TXQ statistics */ #if EFSYS_OPT_QSTATS -# if !(EFSYS_OPT_SIENA || EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD) -# error "QSTATS requires SIENA or HUNTINGTON or MEDFORD" +# if !(EFSYS_OPT_SIENA || EFSYS_OPT_HUNTINGTON || \ + EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2) +# error "QSTATS requires SIENA or HUNTINGTON or MEDFORD or MEDFORD2" # endif #endif /* EFSYS_OPT_QSTATS */ @@ -283,15 +303,17 @@ /* Support receive scaling (RSS) */ #if EFSYS_OPT_RX_SCALE -# if !(EFSYS_OPT_SIENA || EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD) -# error "RX_SCALE requires SIENA or HUNTINGTON or MEDFORD" +# if !(EFSYS_OPT_SIENA || EFSYS_OPT_HUNTINGTON || \ + EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2) +# error "RX_SCALE requires SIENA or HUNTINGTON or MEDFORD or MEDFORD2" # endif #endif /* EFSYS_OPT_RX_SCALE */ /* Support receive scatter DMA */ #if EFSYS_OPT_RX_SCATTER -# if !(EFSYS_OPT_SIENA || EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD) -# error "RX_SCATTER requires SIENA or HUNTINGTON or MEDFORD" +# if !(EFSYS_OPT_SIENA || EFSYS_OPT_HUNTINGTON || \ + EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2) +# error "RX_SCATTER requires SIENA or HUNTINGTON or MEDFORD or MEDFORD2" # endif #endif /* EFSYS_OPT_RX_SCATTER */ @@ -301,8 +323,9 @@ /* Support PCI Vital Product Data (VPD) */ #if EFSYS_OPT_VPD -# if !(EFSYS_OPT_SIENA || EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD) -# error "VPD requires SIENA or HUNTINGTON or MEDFORD" +# if !(EFSYS_OPT_SIENA || EFSYS_OPT_HUNTINGTON || \ + EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2) +# error "VPD requires SIENA or HUNTINGTON or MEDFORD or MEDFORD2" # endif #endif /* EFSYS_OPT_VPD */ @@ -317,8 +340,9 @@ /* Support BIST */ #if EFSYS_OPT_BIST -# if !(EFSYS_OPT_SIENA || EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD) -# error "BIST requires SIENA or HUNTINGTON or MEDFORD" +# if !(EFSYS_OPT_SIENA || EFSYS_OPT_HUNTINGTON || \ + EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2) +# error "BIST requires SIENA or HUNTINGTON or MEDFORD or MEDFORD2" # endif #endif /* EFSYS_OPT_BIST */ @@ -334,15 +358,36 @@ /* Support adapters with missing static config (for factory use only) */ #if EFSYS_OPT_ALLOW_UNCONFIGURED_NIC -# if !EFSYS_OPT_MEDFORD -# error "ALLOW_UNCONFIGURED_NIC requires MEDFORD" +# if !(EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2) +# error "ALLOW_UNCONFIGURED_NIC requires MEDFORD or MEDFORD2" # endif #endif /* EFSYS_OPT_ALLOW_UNCONFIGURED_NIC */ /* Support packed stream mode */ #if EFSYS_OPT_RX_PACKED_STREAM -# if !(EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD) -# error "PACKED_STREAM requires HUNTINGTON or MEDFORD" +# if !(EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2) +# error "PACKED_STREAM requires HUNTINGTON or MEDFORD or MEDFORD2" +# endif +#endif + +#if EFSYS_OPT_RX_ES_SUPER_BUFFER +/* Support equal stride super-buffer mode */ +# if !(EFSYS_OPT_MEDFORD2) +# error "ES_SUPER_BUFFER requires MEDFORD2" +# endif +#endif + +/* Support hardware assistance for tunnels */ +#if EFSYS_OPT_TUNNEL +# if !(EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2) +# error "TUNNEL requires MEDFORD or MEDFORD2" +# endif +#endif /* EFSYS_OPT_TUNNEL */ + +#if EFSYS_OPT_FW_SUBVARIANT_AWARE +/* Advertise that the driver is firmware subvariant aware */ +# if !(EFSYS_OPT_MEDFORD2) +# error "FW_SUBVARIANT_AWARE requires MEDFORD2" # endif #endif diff --git a/sys/dev/sfxge/common/efx_ev.c b/sys/dev/sfxge/common/efx_ev.c index bcc2e2a74a31..6edbd96234b7 100644 --- a/sys/dev/sfxge/common/efx_ev.c +++ b/sys/dev/sfxge/common/efx_ev.c @@ -120,7 +120,7 @@ static const efx_ev_ops_t __efx_ev_siena_ops = { }; #endif /* EFSYS_OPT_SIENA */ -#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD +#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 static const efx_ev_ops_t __efx_ev_ef10_ops = { ef10_ev_init, /* eevo_init */ ef10_ev_fini, /* eevo_fini */ @@ -133,7 +133,7 @@ static const efx_ev_ops_t __efx_ev_ef10_ops = { ef10_ev_qstats_update, /* eevo_qstats_update */ #endif }; -#endif /* EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD */ +#endif /* EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 */ __checkReturn efx_rc_t @@ -170,6 +170,12 @@ efx_ev_init( break; #endif /* EFSYS_OPT_MEDFORD */ +#if EFSYS_OPT_MEDFORD2 + case EFX_FAMILY_MEDFORD2: + eevop = &__efx_ev_ef10_ops; + break; +#endif /* EFSYS_OPT_MEDFORD2 */ + default: EFSYS_ASSERT(0); rc = ENOTSUP; @@ -503,6 +509,14 @@ efx_ev_qpoll( if (should_abort) { /* Ignore subsequent events */ total = index + 1; + + /* + * Poison batch to ensure the outer + * loop is broken out of. + */ + EFSYS_ASSERT(batch <= EFX_EV_BATCH); + batch += (EFX_EV_BATCH << 1); + EFSYS_ASSERT(total != batch); break; } } diff --git a/sys/dev/sfxge/common/efx_filter.c b/sys/dev/sfxge/common/efx_filter.c index a954e7c3b33c..dcfc2e6436a3 100644 --- a/sys/dev/sfxge/common/efx_filter.c +++ b/sys/dev/sfxge/common/efx_filter.c @@ -85,7 +85,7 @@ static const efx_filter_ops_t __efx_filter_siena_ops = { }; #endif /* EFSYS_OPT_SIENA */ -#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD +#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 static const efx_filter_ops_t __efx_filter_ef10_ops = { ef10_filter_init, /* efo_init */ ef10_filter_fini, /* efo_fini */ @@ -95,7 +95,7 @@ static const efx_filter_ops_t __efx_filter_ef10_ops = { ef10_filter_supported_filters, /* efo_supported_filters */ ef10_filter_reconfigure, /* efo_reconfigure */ }; -#endif /* EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD */ +#endif /* EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 */ __checkReturn efx_rc_t efx_filter_insert( @@ -103,12 +103,33 @@ efx_filter_insert( __inout efx_filter_spec_t *spec) { const efx_filter_ops_t *efop = enp->en_efop; + efx_nic_cfg_t *encp = &(enp->en_nic_cfg); + efx_rc_t rc; EFSYS_ASSERT3U(enp->en_mod_flags, &, EFX_MOD_FILTER); EFSYS_ASSERT3P(spec, !=, NULL); EFSYS_ASSERT3U(spec->efs_flags, &, EFX_FILTER_FLAG_RX); + if ((spec->efs_flags & EFX_FILTER_FLAG_ACTION_MARK) && + !encp->enc_filter_action_mark_supported) { + rc = ENOTSUP; + goto fail1; + } + + if ((spec->efs_flags & EFX_FILTER_FLAG_ACTION_FLAG) && + !encp->enc_filter_action_flag_supported) { + rc = ENOTSUP; + goto fail2; + } + return (efop->efo_add(enp, spec, B_FALSE)); + +fail2: + EFSYS_PROBE(fail2); +fail1: + EFSYS_PROBE1(fail1, efx_rc_t, rc); + + return (rc); } __checkReturn efx_rc_t @@ -174,6 +195,12 @@ efx_filter_init( break; #endif /* EFSYS_OPT_MEDFORD */ +#if EFSYS_OPT_MEDFORD2 + case EFX_FAMILY_MEDFORD2: + efop = &__efx_filter_ef10_ops; + break; +#endif /* EFSYS_OPT_MEDFORD2 */ + default: EFSYS_ASSERT(0); rc = ENOTSUP; @@ -441,7 +468,7 @@ efx_filter_spec_set_encap_type( __in efx_tunnel_protocol_t encap_type, __in efx_filter_inner_frame_match_t inner_frame_match) { - uint32_t match_flags = 0; + uint32_t match_flags = EFX_FILTER_MATCH_ENCAP_TYPE; uint8_t ip_proto; efx_rc_t rc; @@ -491,6 +518,111 @@ fail1: return (rc); } +/* + * Specify inner and outer Ethernet address and VNI or VSID in tunnel filter + * specification. + */ +static __checkReturn efx_rc_t +efx_filter_spec_set_tunnel( + __inout efx_filter_spec_t *spec, + __in efx_tunnel_protocol_t encap_type, + __in const uint8_t *vni_or_vsid, + __in const uint8_t *inner_addr, + __in const uint8_t *outer_addr) +{ + efx_rc_t rc; + + EFSYS_ASSERT3P(spec, !=, NULL); + EFSYS_ASSERT3P(vni_or_vsid, !=, NULL); + EFSYS_ASSERT3P(inner_addr, !=, NULL); + EFSYS_ASSERT3P(outer_addr, !=, NULL); + + switch (encap_type) { + case EFX_TUNNEL_PROTOCOL_VXLAN: + case EFX_TUNNEL_PROTOCOL_GENEVE: + case EFX_TUNNEL_PROTOCOL_NVGRE: + break; + default: + rc = EINVAL; + goto fail1; + } + + if ((inner_addr == NULL) && (outer_addr == NULL)) { + rc = EINVAL; + goto fail2; + } + + if (vni_or_vsid != NULL) { + spec->efs_match_flags |= EFX_FILTER_MATCH_VNI_OR_VSID; + memcpy(spec->efs_vni_or_vsid, vni_or_vsid, EFX_VNI_OR_VSID_LEN); + } + if (outer_addr != NULL) { + spec->efs_match_flags |= EFX_FILTER_MATCH_LOC_MAC; + memcpy(spec->efs_loc_mac, outer_addr, EFX_MAC_ADDR_LEN); + } + if (inner_addr != NULL) { + spec->efs_match_flags |= EFX_FILTER_MATCH_IFRM_LOC_MAC; + memcpy(spec->efs_ifrm_loc_mac, inner_addr, EFX_MAC_ADDR_LEN); + } + + spec->efs_match_flags |= EFX_FILTER_MATCH_ENCAP_TYPE; + spec->efs_encap_type = encap_type; + + return (0); + +fail2: + EFSYS_PROBE(fail2); +fail1: + EFSYS_PROBE1(fail1, efx_rc_t, rc); + + return (rc); +} + +/* + * Specify inner and outer Ethernet address and VNI in VXLAN filter + * specification. + */ +__checkReturn efx_rc_t +efx_filter_spec_set_vxlan( + __inout efx_filter_spec_t *spec, + __in const uint8_t *vni, + __in const uint8_t *inner_addr, + __in const uint8_t *outer_addr) +{ + return efx_filter_spec_set_tunnel(spec, EFX_TUNNEL_PROTOCOL_VXLAN, + vni, inner_addr, outer_addr); +} + +/* + * Specify inner and outer Ethernet address and VNI in Geneve filter + * specification. + */ +__checkReturn efx_rc_t +efx_filter_spec_set_geneve( + __inout efx_filter_spec_t *spec, + __in const uint8_t *vni, + __in const uint8_t *inner_addr, + __in const uint8_t *outer_addr) +{ + return efx_filter_spec_set_tunnel(spec, EFX_TUNNEL_PROTOCOL_GENEVE, + vni, inner_addr, outer_addr); +} + +/* + * Specify inner and outer Ethernet address and vsid in NVGRE filter + * specification. + */ +__checkReturn efx_rc_t +efx_filter_spec_set_nvgre( + __inout efx_filter_spec_t *spec, + __in const uint8_t *vsid, + __in const uint8_t *inner_addr, + __in const uint8_t *outer_addr) +{ + return efx_filter_spec_set_tunnel(spec, EFX_TUNNEL_PROTOCOL_NVGRE, + vsid, inner_addr, outer_addr); +} + #if EFSYS_OPT_RX_SCALE __checkReturn efx_rc_t efx_filter_spec_set_rss_context( @@ -982,6 +1114,7 @@ siena_filter_build( default: EFSYS_ASSERT(B_FALSE); + EFX_ZERO_OWORD(*filter); return (0); } diff --git a/sys/dev/sfxge/common/efx_impl.h b/sys/dev/sfxge/common/efx_impl.h index e2f4530e9e9a..1cde86dc78c8 100644 --- a/sys/dev/sfxge/common/efx_impl.h +++ b/sys/dev/sfxge/common/efx_impl.h @@ -57,9 +57,13 @@ #include "medford_impl.h" #endif /* EFSYS_OPT_MEDFORD */ -#if (EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD) +#if EFSYS_OPT_MEDFORD2 +#include "medford2_impl.h" +#endif /* EFSYS_OPT_MEDFORD2 */ + +#if (EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2) #include "ef10_impl.h" -#endif /* (EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD) */ +#endif /* (EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2) */ #ifdef __cplusplus extern "C" { @@ -78,16 +82,19 @@ extern "C" { #define EFX_MOD_MON 0x00000400 #define EFX_MOD_FILTER 0x00001000 #define EFX_MOD_LIC 0x00002000 +#define EFX_MOD_TUNNEL 0x00004000 #define EFX_RESET_PHY 0x00000001 #define EFX_RESET_RXQ_ERR 0x00000002 #define EFX_RESET_TXQ_ERR 0x00000004 +#define EFX_RESET_HW_UNAVAIL 0x00000008 typedef enum efx_mac_type_e { EFX_MAC_INVALID = 0, EFX_MAC_SIENA, EFX_MAC_HUNTINGTON, EFX_MAC_MEDFORD, + EFX_MAC_MEDFORD2, EFX_MAC_NTYPES } efx_mac_type_t; @@ -139,16 +146,36 @@ typedef struct efx_tx_ops_s { uint32_t, uint8_t, efx_desc_t *); void (*etxo_qdesc_tso2_create)(efx_txq_t *, uint16_t, - uint32_t, uint16_t, + uint16_t, uint32_t, uint16_t, efx_desc_t *, int); void (*etxo_qdesc_vlantci_create)(efx_txq_t *, uint16_t, efx_desc_t *); + void (*etxo_qdesc_checksum_create)(efx_txq_t *, uint16_t, + efx_desc_t *); #if EFSYS_OPT_QSTATS void (*etxo_qstats_update)(efx_txq_t *, efsys_stat_t *); #endif } efx_tx_ops_t; +typedef union efx_rxq_type_data_u { + /* Dummy member to have non-empty union if no options are enabled */ + uint32_t ertd_dummy; +#if EFSYS_OPT_RX_PACKED_STREAM + struct { + uint32_t eps_buf_size; + } ertd_packed_stream; +#endif +#if EFSYS_OPT_RX_ES_SUPER_BUFFER + struct { + uint32_t eessb_bufs_per_desc; + uint32_t eessb_max_dma_len; + uint32_t eessb_buf_stride; + uint32_t eessb_hol_block_timeout; + } ertd_es_super_buffer; +#endif +} efx_rxq_type_data_t; + typedef struct efx_rx_ops_s { efx_rc_t (*erxo_init)(efx_nic_t *); void (*erxo_fini)(efx_nic_t *); @@ -185,7 +212,8 @@ typedef struct efx_rx_ops_s { efx_rc_t (*erxo_qflush)(efx_rxq_t *); void (*erxo_qenable)(efx_rxq_t *); efx_rc_t (*erxo_qcreate)(efx_nic_t *enp, unsigned int, - unsigned int, efx_rxq_type_t, uint32_t, + unsigned int, efx_rxq_type_t, + const efx_rxq_type_data_t *, efsys_mem_t *, size_t, uint32_t, unsigned int, efx_evq_t *, efx_rxq_t *); @@ -224,6 +252,7 @@ typedef struct efx_phy_ops_s { efx_rc_t (*epo_reconfigure)(efx_nic_t *); efx_rc_t (*epo_verify)(efx_nic_t *); efx_rc_t (*epo_oui_get)(efx_nic_t *, uint32_t *); + efx_rc_t (*epo_link_state_get)(efx_nic_t *, efx_phy_link_state_t *); #if EFSYS_OPT_PHY_STATS efx_rc_t (*epo_stats_update)(efx_nic_t *, efsys_mem_t *, uint32_t *); @@ -266,6 +295,12 @@ efx_filter_reconfigure( #endif /* EFSYS_OPT_FILTER */ +#if EFSYS_OPT_TUNNEL +typedef struct efx_tunnel_ops_s { + boolean_t (*eto_udp_encap_supported)(efx_nic_t *); + efx_rc_t (*eto_reconfigure)(efx_nic_t *); +} efx_tunnel_ops_t; +#endif /* EFSYS_OPT_TUNNEL */ typedef struct efx_port_s { efx_mac_type_t ep_mac_type; @@ -312,6 +347,8 @@ typedef struct efx_mon_ops_s { #if EFSYS_OPT_MON_STATS efx_rc_t (*emo_stats_update)(efx_nic_t *, efsys_mem_t *, efx_mon_stat_value_t *); + efx_rc_t (*emo_limits_update)(efx_nic_t *, + efx_mon_stat_limits_t *); #endif /* EFSYS_OPT_MON_STATS */ } efx_mon_ops_t; @@ -349,6 +386,8 @@ typedef struct efx_nic_ops_s { efx_rc_t (*eno_get_vi_pool)(efx_nic_t *, uint32_t *); efx_rc_t (*eno_get_bar_region)(efx_nic_t *, efx_nic_region_t, uint32_t *, size_t *); + boolean_t (*eno_hw_unavailable)(efx_nic_t *); + void (*eno_set_hw_unavailable)(efx_nic_t *); #if EFSYS_OPT_DIAG efx_rc_t (*eno_register_test)(efx_nic_t *); #endif /* EFSYS_OPT_DIAG */ @@ -366,6 +405,8 @@ typedef struct efx_nic_ops_s { #if EFSYS_OPT_FILTER +#if EFSYS_OPT_SIENA + typedef struct siena_filter_spec_s { uint8_t sfs_type; uint32_t sfs_flags; @@ -411,24 +452,46 @@ typedef struct siena_filter_s { unsigned int sf_depth[EFX_SIENA_FILTER_NTYPES]; } siena_filter_t; +#endif /* EFSYS_OPT_SIENA */ + typedef struct efx_filter_s { #if EFSYS_OPT_SIENA siena_filter_t *ef_siena_filter; #endif /* EFSYS_OPT_SIENA */ -#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD +#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 ef10_filter_table_t *ef_ef10_filter_table; -#endif /* EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD */ +#endif /* EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 */ } efx_filter_t; +#if EFSYS_OPT_SIENA + extern void siena_filter_tbl_clear( __in efx_nic_t *enp, __in siena_filter_tbl_id_t tbl); +#endif /* EFSYS_OPT_SIENA */ + #endif /* EFSYS_OPT_FILTER */ #if EFSYS_OPT_MCDI +#define EFX_TUNNEL_MAXNENTRIES (16) + +#if EFSYS_OPT_TUNNEL + +typedef struct efx_tunnel_udp_entry_s { + uint16_t etue_port; /* host/cpu-endian */ + uint16_t etue_protocol; +} efx_tunnel_udp_entry_t; + +typedef struct efx_tunnel_cfg_s { + efx_tunnel_udp_entry_t etc_udp_entries[EFX_TUNNEL_MAXNENTRIES]; + unsigned int etc_udp_entries_num; +} efx_tunnel_cfg_t; + +#endif /* EFSYS_OPT_TUNNEL */ + typedef struct efx_mcdi_ops_s { efx_rc_t (*emco_init)(efx_nic_t *, const efx_mcdi_transport_t *); void (*emco_send_request)(efx_nic_t *, void *, size_t, @@ -478,7 +541,7 @@ typedef struct efx_nvram_ops_s { uint32_t *, uint16_t *); efx_rc_t (*envo_partn_set_version)(efx_nic_t *, uint32_t, uint16_t *); - efx_rc_t (*envo_buffer_validate)(efx_nic_t *, uint32_t, + efx_rc_t (*envo_buffer_validate)(uint32_t, caddr_t, size_t); } efx_nvram_ops_t; #endif /* EFSYS_OPT_NVRAM */ @@ -554,7 +617,7 @@ efx_mcdi_nvram_write( __in efx_nic_t *enp, __in uint32_t partn, __in uint32_t offset, - __out_bcount(size) caddr_t data, + __in_bcount(size) caddr_t data, __in size_t size); __checkReturn efx_rc_t @@ -637,10 +700,15 @@ struct efx_nic_s { const efx_ev_ops_t *en_eevop; const efx_tx_ops_t *en_etxop; const efx_rx_ops_t *en_erxop; + efx_fw_variant_t efv; #if EFSYS_OPT_FILTER efx_filter_t en_filter; const efx_filter_ops_t *en_efop; #endif /* EFSYS_OPT_FILTER */ +#if EFSYS_OPT_TUNNEL + efx_tunnel_cfg_t en_tunnel_cfg; + const efx_tunnel_ops_t *en_etop; +#endif /* EFSYS_OPT_TUNNEL */ #if EFSYS_OPT_MCDI efx_mcdi_t en_mcdi; #endif /* EFSYS_OPT_MCDI */ @@ -676,7 +744,7 @@ struct efx_nic_s { #endif /* EFSYS_OPT_SIENA */ int enu_unused; } en_u; -#if (EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD) +#if (EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2) union en_arch { struct { int ena_vi_base; @@ -697,7 +765,7 @@ struct efx_nic_s { size_t ena_wc_mem_map_size; } ef10; } en_arch; -#endif /* (EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD) */ +#endif /* (EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2) */ }; @@ -709,9 +777,11 @@ typedef boolean_t (*efx_ev_handler_t)(efx_evq_t *, efx_qword_t *, typedef struct efx_evq_rxq_state_s { unsigned int eers_rx_read_ptr; unsigned int eers_rx_mask; -#if EFSYS_OPT_RX_PACKED_STREAM +#if EFSYS_OPT_RX_PACKED_STREAM || EFSYS_OPT_RX_ES_SUPER_BUFFER unsigned int eers_rx_stream_npackets; boolean_t eers_rx_packed_stream; +#endif +#if EFSYS_OPT_RX_PACKED_STREAM unsigned int eers_rx_packed_stream_credits; #endif } efx_evq_rxq_state_t; @@ -818,6 +888,10 @@ struct efx_txq_s { rev = 'E'; \ break; \ \ + case EFX_FAMILY_MEDFORD2: \ + rev = 'F'; \ + break; \ + \ default: \ rev = '?'; \ break; \ @@ -908,6 +982,15 @@ struct efx_txq_s { _NOTE(CONSTANTCONDITION) \ } while (B_FALSE) +/* + * Accessors for memory BAR non-VI tables. + * + * Code used on EF10 *must* use EFX_BAR_VI_*() macros for per-VI registers, + * to ensure the correct runtime VI window size is used on Medford2. + * + * Siena-only code may continue using EFX_BAR_TBL_*() macros for VI registers. + */ + #define EFX_BAR_TBL_READD(_enp, _reg, _index, _edp, _lock) \ do { \ EFX_CHECK_REG((_enp), (_reg)); \ @@ -934,21 +1017,6 @@ struct efx_txq_s { _NOTE(CONSTANTCONDITION) \ } while (B_FALSE) -#define EFX_BAR_TBL_WRITED2(_enp, _reg, _index, _edp, _lock) \ - do { \ - EFX_CHECK_REG((_enp), (_reg)); \ - EFSYS_PROBE4(efx_bar_tbl_writed, const char *, #_reg, \ - uint32_t, (_index), \ - uint32_t, _reg ## _OFST, \ - uint32_t, (_edp)->ed_u32[0]); \ - EFSYS_BAR_WRITED((_enp)->en_esbp, \ - (_reg ## _OFST + \ - (2 * sizeof (efx_dword_t)) + \ - ((_index) * _reg ## _STEP)), \ - (_edp), (_lock)); \ - _NOTE(CONSTANTCONDITION) \ - } while (B_FALSE) - #define EFX_BAR_TBL_WRITED3(_enp, _reg, _index, _edp, _lock) \ do { \ EFX_CHECK_REG((_enp), (_reg)); \ @@ -1025,16 +1093,66 @@ struct efx_txq_s { } while (B_FALSE) /* - * Allow drivers to perform optimised 128-bit doorbell writes. + * Accessors for memory BAR per-VI registers. + * + * The VI window size is 8KB for Medford and all earlier controllers. + * For Medford2, the VI window size can be 8KB, 16KB or 64KB. + */ + +#define EFX_BAR_VI_READD(_enp, _reg, _index, _edp, _lock) \ + do { \ + EFX_CHECK_REG((_enp), (_reg)); \ + EFSYS_BAR_READD((_enp)->en_esbp, \ + ((_reg ## _OFST) + \ + ((_index) << (_enp)->en_nic_cfg.enc_vi_window_shift)), \ + (_edp), (_lock)); \ + EFSYS_PROBE4(efx_bar_vi_readd, const char *, #_reg, \ + uint32_t, (_index), \ + uint32_t, _reg ## _OFST, \ + uint32_t, (_edp)->ed_u32[0]); \ + _NOTE(CONSTANTCONDITION) \ + } while (B_FALSE) + +#define EFX_BAR_VI_WRITED(_enp, _reg, _index, _edp, _lock) \ + do { \ + EFX_CHECK_REG((_enp), (_reg)); \ + EFSYS_PROBE4(efx_bar_vi_writed, const char *, #_reg, \ + uint32_t, (_index), \ + uint32_t, _reg ## _OFST, \ + uint32_t, (_edp)->ed_u32[0]); \ + EFSYS_BAR_WRITED((_enp)->en_esbp, \ + ((_reg ## _OFST) + \ + ((_index) << (_enp)->en_nic_cfg.enc_vi_window_shift)), \ + (_edp), (_lock)); \ + _NOTE(CONSTANTCONDITION) \ + } while (B_FALSE) + +#define EFX_BAR_VI_WRITED2(_enp, _reg, _index, _edp, _lock) \ + do { \ + EFX_CHECK_REG((_enp), (_reg)); \ + EFSYS_PROBE4(efx_bar_vi_writed, const char *, #_reg, \ + uint32_t, (_index), \ + uint32_t, _reg ## _OFST, \ + uint32_t, (_edp)->ed_u32[0]); \ + EFSYS_BAR_WRITED((_enp)->en_esbp, \ + ((_reg ## _OFST) + \ + (2 * sizeof (efx_dword_t)) + \ + ((_index) << (_enp)->en_nic_cfg.enc_vi_window_shift)), \ + (_edp), (_lock)); \ + _NOTE(CONSTANTCONDITION) \ + } while (B_FALSE) + +/* + * Allow drivers to perform optimised 128-bit VI doorbell writes. * The DMA descriptor pointers (RX_DESC_UPD and TX_DESC_UPD) are * special-cased in the BIU on the Falcon/Siena and EF10 architectures to avoid * the need for locking in the host, and are the only ones known to be safe to * use 128-bites write with. */ -#define EFX_BAR_TBL_DOORBELL_WRITEO(_enp, _reg, _index, _eop) \ +#define EFX_BAR_VI_DOORBELL_WRITEO(_enp, _reg, _index, _eop) \ do { \ EFX_CHECK_REG((_enp), (_reg)); \ - EFSYS_PROBE7(efx_bar_tbl_doorbell_writeo, \ + EFSYS_PROBE7(efx_bar_vi_doorbell_writeo, \ const char *, #_reg, \ uint32_t, (_index), \ uint32_t, _reg ## _OFST, \ @@ -1043,7 +1161,8 @@ struct efx_txq_s { uint32_t, (_eop)->eo_u32[1], \ uint32_t, (_eop)->eo_u32[0]); \ EFSYS_BAR_DOORBELL_WRITEO((_enp)->en_esbp, \ - (_reg ## _OFST + ((_index) * _reg ## _STEP)), \ + (_reg ## _OFST + \ + ((_index) << (_enp)->en_nic_cfg.enc_vi_window_shift)), \ (_eop)); \ _NOTE(CONSTANTCONDITION) \ } while (B_FALSE) diff --git a/sys/dev/sfxge/common/efx_intr.c b/sys/dev/sfxge/common/efx_intr.c index db021ac514f8..5e4436350592 100644 --- a/sys/dev/sfxge/common/efx_intr.c +++ b/sys/dev/sfxge/common/efx_intr.c @@ -104,7 +104,7 @@ static const efx_intr_ops_t __efx_intr_siena_ops = { }; #endif /* EFSYS_OPT_SIENA */ -#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD +#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 static const efx_intr_ops_t __efx_intr_ef10_ops = { ef10_intr_init, /* eio_init */ ef10_intr_enable, /* eio_enable */ @@ -116,13 +116,13 @@ static const efx_intr_ops_t __efx_intr_ef10_ops = { ef10_intr_fatal, /* eio_fatal */ ef10_intr_fini, /* eio_fini */ }; -#endif /* EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD */ +#endif /* EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 */ __checkReturn efx_rc_t efx_intr_init( __in efx_nic_t *enp, __in efx_intr_type_t type, - __in efsys_mem_t *esmp) + __in_opt efsys_mem_t *esmp) { efx_intr_t *eip = &(enp->en_intr); const efx_intr_ops_t *eiop; @@ -161,6 +161,12 @@ efx_intr_init( break; #endif /* EFSYS_OPT_MEDFORD */ +#if EFSYS_OPT_MEDFORD2 + case EFX_FAMILY_MEDFORD2: + eiop = &__efx_intr_ef10_ops; + break; +#endif /* EFSYS_OPT_MEDFORD2 */ + default: EFSYS_ASSERT(B_FALSE); rc = ENOTSUP; @@ -312,6 +318,12 @@ siena_intr_init( { efx_intr_t *eip = &(enp->en_intr); efx_oword_t oword; + efx_rc_t rc; + + if ((esmp == NULL) || (EFSYS_MEM_SIZE(esmp) < EFX_INTR_SIZE)) { + rc = EINVAL; + goto fail1; + } /* * bug17213 workaround. @@ -343,6 +355,11 @@ siena_intr_init( EFX_BAR_WRITEO(enp, FR_AZ_INT_ADR_REG_KER, &oword); return (0); + +fail1: + EFSYS_PROBE1(fail1, efx_rc_t, rc); + + return (rc); } static void diff --git a/sys/dev/sfxge/common/efx_lic.c b/sys/dev/sfxge/common/efx_lic.c index 4421d4481de7..276a35856916 100644 --- a/sys/dev/sfxge/common/efx_lic.c +++ b/sys/dev/sfxge/common/efx_lic.c @@ -37,6 +37,9 @@ __FBSDID("$FreeBSD$"); #if EFSYS_OPT_LICENSING #include "ef10_tlv_layout.h" +#if EFSYS_OPT_SIENA +#include "efx_regs_mcdi_aoe.h" +#endif #if EFSYS_OPT_SIENA | EFSYS_OPT_HUNTINGTON @@ -189,7 +192,7 @@ static const efx_lic_ops_t __efx_lic_v2_ops = { #endif /* EFSYS_OPT_HUNTINGTON */ -#if EFSYS_OPT_MEDFORD +#if EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 static __checkReturn efx_rc_t efx_mcdi_licensing_v3_update_licenses( @@ -313,7 +316,7 @@ static const efx_lic_ops_t __efx_lic_v3_ops = { efx_lic_v3_finish_partition, /* elo_finish_partition */ }; -#endif /* EFSYS_OPT_MEDFORD */ +#endif /* EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 */ /* V1 Licensing - used in Siena Modena only */ @@ -325,12 +328,11 @@ efx_mcdi_fc_license_update_license( __in efx_nic_t *enp) { efx_mcdi_req_t req; - uint8_t payload[MC_CMD_FC_IN_LICENSE_LEN]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_FC_IN_LICENSE_LEN, 0); efx_rc_t rc; EFSYS_ASSERT(enp->en_family == EFX_FAMILY_SIENA); - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_FC; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_FC_IN_LICENSE_LEN; @@ -371,13 +373,12 @@ efx_mcdi_fc_license_get_key_stats( __out efx_key_stats_t *eksp) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_FC_IN_LICENSE_LEN, - MC_CMD_FC_OUT_LICENSE_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_FC_IN_LICENSE_LEN, + MC_CMD_FC_OUT_LICENSE_LEN); efx_rc_t rc; EFSYS_ASSERT(enp->en_family == EFX_FAMILY_SIENA); - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_FC; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_FC_IN_LICENSE_LEN; @@ -687,8 +688,8 @@ efx_mcdi_licensed_app_state( __out boolean_t *licensedp) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_GET_LICENSED_APP_STATE_IN_LEN, - MC_CMD_GET_LICENSED_APP_STATE_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_GET_LICENSED_APP_STATE_IN_LEN, + MC_CMD_GET_LICENSED_APP_STATE_OUT_LEN); uint32_t app_state; efx_rc_t rc; @@ -700,7 +701,6 @@ efx_mcdi_licensed_app_state( goto fail1; } - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_GET_LICENSED_APP_STATE; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_GET_LICENSED_APP_STATE_IN_LEN; @@ -746,12 +746,11 @@ efx_mcdi_licensing_update_licenses( __in efx_nic_t *enp) { efx_mcdi_req_t req; - uint8_t payload[MC_CMD_LICENSING_IN_LEN]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_LICENSING_IN_LEN, 0); efx_rc_t rc; EFSYS_ASSERT(enp->en_family == EFX_FAMILY_HUNTINGTON); - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_LICENSING; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_LICENSING_IN_LEN; @@ -789,13 +788,12 @@ efx_mcdi_licensing_get_key_stats( __out efx_key_stats_t *eksp) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_LICENSING_IN_LEN, - MC_CMD_LICENSING_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_LICENSING_IN_LEN, + MC_CMD_LICENSING_OUT_LEN); efx_rc_t rc; EFSYS_ASSERT(enp->en_family == EFX_FAMILY_HUNTINGTON); - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_LICENSING; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_LICENSING_IN_LEN; @@ -846,19 +844,19 @@ fail1: /* V3 Licensing - used starting from Medford family. See SF-114884-SW */ -#if EFSYS_OPT_MEDFORD +#if EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 static __checkReturn efx_rc_t efx_mcdi_licensing_v3_update_licenses( __in efx_nic_t *enp) { efx_mcdi_req_t req; - uint8_t payload[MC_CMD_LICENSING_V3_IN_LEN]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_LICENSING_V3_IN_LEN, 0); efx_rc_t rc; - EFSYS_ASSERT(enp->en_family == EFX_FAMILY_MEDFORD); + EFSYS_ASSERT((enp->en_family == EFX_FAMILY_MEDFORD) || + (enp->en_family == EFX_FAMILY_MEDFORD2)); - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_LICENSING_V3; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_LICENSING_V3_IN_LEN; @@ -889,13 +887,13 @@ efx_mcdi_licensing_v3_report_license( __out efx_key_stats_t *eksp) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_LICENSING_V3_IN_LEN, - MC_CMD_LICENSING_V3_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_LICENSING_V3_IN_LEN, + MC_CMD_LICENSING_V3_OUT_LEN); efx_rc_t rc; - EFSYS_ASSERT(enp->en_family == EFX_FAMILY_MEDFORD); + EFSYS_ASSERT((enp->en_family == EFX_FAMILY_MEDFORD) || + (enp->en_family == EFX_FAMILY_MEDFORD2)); - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_LICENSING_V3; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_LICENSING_V3_IN_LEN; @@ -952,14 +950,14 @@ efx_mcdi_licensing_v3_app_state( __out boolean_t *licensedp) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_GET_LICENSED_V3_APP_STATE_IN_LEN, - MC_CMD_GET_LICENSED_V3_APP_STATE_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_GET_LICENSED_V3_APP_STATE_IN_LEN, + MC_CMD_GET_LICENSED_V3_APP_STATE_OUT_LEN); uint32_t app_state; efx_rc_t rc; - EFSYS_ASSERT(enp->en_family == EFX_FAMILY_MEDFORD); + EFSYS_ASSERT((enp->en_family == EFX_FAMILY_MEDFORD) || + (enp->en_family == EFX_FAMILY_MEDFORD2)); - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_GET_LICENSED_V3_APP_STATE; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_GET_LICENSED_V3_APP_STATE_IN_LEN; @@ -1011,28 +1009,15 @@ efx_mcdi_licensing_v3_get_id( uint8_t *bufferp) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_LICENSING_GET_ID_V3_IN_LEN, - MC_CMD_LICENSING_GET_ID_V3_OUT_LENMIN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_LICENSING_GET_ID_V3_IN_LEN, + MC_CMD_LICENSING_GET_ID_V3_OUT_LENMAX); efx_rc_t rc; req.emr_cmd = MC_CMD_LICENSING_GET_ID_V3; - - if (bufferp == NULL) { - /* Request id type and length only */ - req.emr_in_buf = bufferp; - req.emr_in_length = MC_CMD_LICENSING_GET_ID_V3_IN_LEN; - req.emr_out_buf = bufferp; - req.emr_out_length = MC_CMD_LICENSING_GET_ID_V3_OUT_LENMIN; - (void) memset(payload, 0, sizeof (payload)); - } else { - /* Request full buffer */ - req.emr_in_buf = bufferp; - req.emr_in_length = MC_CMD_LICENSING_GET_ID_V3_IN_LEN; - req.emr_out_buf = bufferp; - req.emr_out_length = - MIN(buffer_size, MC_CMD_LICENSING_GET_ID_V3_OUT_LENMAX); - (void) memset(bufferp, 0, req.emr_out_length); - } + req.emr_in_buf = payload; + req.emr_in_length = MC_CMD_LICENSING_GET_ID_V3_IN_LEN; + req.emr_out_buf = payload; + req.emr_out_length = MC_CMD_LICENSING_GET_ID_V3_OUT_LENMAX; efx_mcdi_execute_quiet(enp, &req); @@ -1050,19 +1035,10 @@ efx_mcdi_licensing_v3_get_id( *lengthp = MCDI_OUT_DWORD(req, LICENSING_GET_ID_V3_OUT_LICENSE_ID_LENGTH); - if (bufferp == NULL) { - /* - * Modify length requirements to indicate to caller the extra - * buffering needed to read the complete output. - */ - *lengthp += MC_CMD_LICENSING_GET_ID_V3_OUT_LENMIN; - } else { - /* Shift ID down to start of buffer */ - memmove(bufferp, - bufferp + MC_CMD_LICENSING_GET_ID_V3_OUT_LICENSE_ID_OFST, - *lengthp); - memset(bufferp + (*lengthp), 0, - MC_CMD_LICENSING_GET_ID_V3_OUT_LICENSE_ID_OFST); + if (bufferp != NULL) { + memcpy(bufferp, + payload + MC_CMD_LICENSING_GET_ID_V3_OUT_LICENSE_ID_OFST, + MIN(buffer_size, *lengthp)); } return (0); @@ -1179,10 +1155,12 @@ efx_lic_v3_read_key( __in size_t key_max_size, __out uint32_t *lengthp) { + uint32_t tag; + _NOTE(ARGUNUSED(enp)) return ef10_nvram_buffer_get_item(bufferp, buffer_size, - offset, length, keyp, key_max_size, lengthp); + offset, length, &tag, keyp, key_max_size, lengthp); } __checkReturn efx_rc_t @@ -1200,7 +1178,7 @@ efx_lic_v3_write_key( EFSYS_ASSERT(length <= EFX_LICENSE_V3_KEY_LENGTH_MAX); return ef10_nvram_buffer_insert_item(bufferp, buffer_size, - offset, keyp, length, lengthp); + offset, TLV_TAG_LICENSE, keyp, length, lengthp); } __checkReturn efx_rc_t @@ -1242,8 +1220,10 @@ efx_lic_v3_create_partition( { efx_rc_t rc; + _NOTE(ARGUNUSED(enp)) + /* Construct empty partition */ - if ((rc = ef10_nvram_buffer_create(enp, + if ((rc = ef10_nvram_buffer_create( NVRAM_PARTITION_TYPE_LICENSE, bufferp, buffer_size)) != 0) { rc = EFAULT; @@ -1267,13 +1247,16 @@ efx_lic_v3_finish_partition( { efx_rc_t rc; + _NOTE(ARGUNUSED(enp)) + if ((rc = ef10_nvram_buffer_finish(bufferp, buffer_size)) != 0) { goto fail1; } /* Validate completed partition */ - if ((rc = ef10_nvram_buffer_validate(enp, NVRAM_PARTITION_TYPE_LICENSE, + if ((rc = ef10_nvram_buffer_validate( + NVRAM_PARTITION_TYPE_LICENSE, bufferp, buffer_size)) != 0) { goto fail2; } @@ -1289,7 +1272,7 @@ fail1: } -#endif /* EFSYS_OPT_MEDFORD */ +#endif /* EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 */ __checkReturn efx_rc_t efx_lic_init( @@ -1323,6 +1306,12 @@ efx_lic_init( break; #endif /* EFSYS_OPT_MEDFORD */ +#if EFSYS_OPT_MEDFORD2 + case EFX_FAMILY_MEDFORD2: + elop = &__efx_lic_v3_ops; + break; +#endif /* EFSYS_OPT_MEDFORD2 */ + default: EFSYS_ASSERT(0); rc = ENOTSUP; diff --git a/sys/dev/sfxge/common/efx_mac.c b/sys/dev/sfxge/common/efx_mac.c index 1fe16205ceb2..a6b1f5454be3 100644 --- a/sys/dev/sfxge/common/efx_mac.c +++ b/sys/dev/sfxge/common/efx_mac.c @@ -68,7 +68,7 @@ static const efx_mac_ops_t __efx_mac_siena_ops = { }; #endif /* EFSYS_OPT_SIENA */ -#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD +#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 static const efx_mac_ops_t __efx_mac_ef10_ops = { ef10_mac_poll, /* emo_poll */ ef10_mac_up, /* emo_up */ @@ -91,7 +91,7 @@ static const efx_mac_ops_t __efx_mac_ef10_ops = { ef10_mac_stats_update /* emo_stats_update */ #endif /* EFSYS_OPT_MAC_STATS */ }; -#endif /* EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD */ +#endif /* EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 */ __checkReturn efx_rc_t efx_mac_pdu_set( @@ -521,7 +521,7 @@ efx_mac_filter_default_rxq_clear( #if EFSYS_OPT_NAMES -/* START MKCONFIG GENERATED EfxMacStatNamesBlock c11b91b42f922516 */ +/* START MKCONFIG GENERATED EfxMacStatNamesBlock 1a45a82fcfb30c1b */ static const char * const __efx_mac_stat_name[] = { "rx_octets", "rx_pkts", @@ -604,6 +604,31 @@ static const char * const __efx_mac_stat_name[] = { "vadapter_tx_bad_packets", "vadapter_tx_bad_bytes", "vadapter_tx_overflow", + "fec_uncorrected_errors", + "fec_corrected_errors", + "fec_corrected_symbols_lane0", + "fec_corrected_symbols_lane1", + "fec_corrected_symbols_lane2", + "fec_corrected_symbols_lane3", + "ctpio_vi_busy_fallback", + "ctpio_long_write_success", + "ctpio_missing_dbell_fail", + "ctpio_overflow_fail", + "ctpio_underflow_fail", + "ctpio_timeout_fail", + "ctpio_noncontig_wr_fail", + "ctpio_frm_clobber_fail", + "ctpio_invalid_wr_fail", + "ctpio_vi_clobber_fallback", + "ctpio_unqualified_fallback", + "ctpio_runt_fallback", + "ctpio_success", + "ctpio_fallback", + "ctpio_poison", + "ctpio_erase", + "rxdp_scatter_disabled_trunc", + "rxdp_hlb_idle", + "rxdp_hlb_timeout", }; /* END MKCONFIG GENERATED EfxMacStatNamesBlock */ @@ -855,6 +880,13 @@ efx_mac_select( break; #endif /* EFSYS_OPT_MEDFORD */ +#if EFSYS_OPT_MEDFORD2 + case EFX_FAMILY_MEDFORD2: + emop = &__efx_mac_ef10_ops; + type = EFX_MAC_MEDFORD2; + break; +#endif /* EFSYS_OPT_MEDFORD2 */ + default: rc = EINVAL; goto fail1; diff --git a/sys/dev/sfxge/common/efx_mcdi.c b/sys/dev/sfxge/common/efx_mcdi.c index 5906fce716ea..0dca9f8c7ac2 100644 --- a/sys/dev/sfxge/common/efx_mcdi.c +++ b/sys/dev/sfxge/common/efx_mcdi.c @@ -74,7 +74,7 @@ static const efx_mcdi_ops_t __efx_mcdi_siena_ops = { #endif /* EFSYS_OPT_SIENA */ -#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD +#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 static const efx_mcdi_ops_t __efx_mcdi_ef10_ops = { ef10_mcdi_init, /* emco_init */ @@ -87,7 +87,7 @@ static const efx_mcdi_ops_t __efx_mcdi_ef10_ops = { ef10_mcdi_get_timeout, /* emco_get_timeout */ }; -#endif /* EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD */ +#endif /* EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 */ @@ -121,6 +121,12 @@ efx_mcdi_init( break; #endif /* EFSYS_OPT_MEDFORD */ +#if EFSYS_OPT_MEDFORD2 + case EFX_FAMILY_MEDFORD2: + emcop = &__efx_mcdi_ef10_ops; + break; +#endif /* EFSYS_OPT_MEDFORD2 */ + default: EFSYS_ASSERT(0); rc = ENOTSUP; @@ -519,6 +525,12 @@ efx_mcdi_request_poll( EFSYS_ASSERT(!emip->emi_ev_cpl); emrp = emip->emi_pending_req; + /* Check if hardware is unavailable */ + if (efx_nic_hw_unavailable(enp)) { + EFSYS_UNLOCK(enp->en_eslp, state); + return (B_FALSE); + } + /* Check for reboot atomically w.r.t efx_mcdi_request_start */ if (emip->emi_poll_cnt++ == 0) { if ((rc = efx_mcdi_poll_reboot(enp)) != 0) { @@ -923,10 +935,10 @@ efx_mcdi_version( __out_opt efx_mcdi_boot_t *statusp) { efx_mcdi_req_t req; - uint8_t payload[MAX(MAX(MC_CMD_GET_VERSION_IN_LEN, - MC_CMD_GET_VERSION_OUT_LEN), - MAX(MC_CMD_GET_BOOT_STATUS_IN_LEN, - MC_CMD_GET_BOOT_STATUS_OUT_LEN))]; + EFX_MCDI_DECLARE_BUF(payload, + MAX(MC_CMD_GET_VERSION_IN_LEN, MC_CMD_GET_BOOT_STATUS_IN_LEN), + MAX(MC_CMD_GET_VERSION_OUT_LEN, + MC_CMD_GET_BOOT_STATUS_OUT_LEN)); efx_word_t *ver_words; uint16_t version[4]; uint32_t build; @@ -935,7 +947,6 @@ efx_mcdi_version( EFSYS_ASSERT3U(enp->en_features, &, EFX_FEATURE_MCDI); - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_GET_VERSION; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_GET_VERSION_IN_LEN; @@ -1041,12 +1052,11 @@ efx_mcdi_get_capabilities( __out_opt uint32_t *tso2ncp) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_GET_CAPABILITIES_IN_LEN, - MC_CMD_GET_CAPABILITIES_V2_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_GET_CAPABILITIES_IN_LEN, + MC_CMD_GET_CAPABILITIES_V2_OUT_LEN); boolean_t v2_capable; efx_rc_t rc; - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_GET_CAPABILITIES; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_GET_CAPABILITIES_IN_LEN; @@ -1109,7 +1119,8 @@ efx_mcdi_do_reboot( __in efx_nic_t *enp, __in boolean_t after_assertion) { - uint8_t payload[MAX(MC_CMD_REBOOT_IN_LEN, MC_CMD_REBOOT_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_REBOOT_IN_LEN, + MC_CMD_REBOOT_OUT_LEN); efx_mcdi_req_t req; efx_rc_t rc; @@ -1122,7 +1133,6 @@ efx_mcdi_do_reboot( */ EFSYS_ASSERT3U(enp->en_magic, ==, EFX_NIC_MAGIC); - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_REBOOT; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_REBOOT_IN_LEN; @@ -1173,8 +1183,8 @@ efx_mcdi_read_assertion( __in efx_nic_t *enp) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_GET_ASSERTS_IN_LEN, - MC_CMD_GET_ASSERTS_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_GET_ASSERTS_IN_LEN, + MC_CMD_GET_ASSERTS_OUT_LEN); const char *reason; unsigned int flags; unsigned int index; @@ -1275,11 +1285,10 @@ efx_mcdi_drv_attach( __in boolean_t attach) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_DRV_ATTACH_IN_LEN, - MC_CMD_DRV_ATTACH_EXT_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_DRV_ATTACH_IN_LEN, + MC_CMD_DRV_ATTACH_EXT_OUT_LEN); efx_rc_t rc; - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_DRV_ATTACH; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_DRV_ATTACH_IN_LEN; @@ -1287,13 +1296,21 @@ efx_mcdi_drv_attach( req.emr_out_length = MC_CMD_DRV_ATTACH_EXT_OUT_LEN; /* - * Use DONT_CARE for the datapath firmware type to ensure that the - * driver can attach to an unprivileged function. The datapath firmware - * type to use is controlled by the 'sfboot' utility. + * Typically, client drivers use DONT_CARE for the datapath firmware + * type to ensure that the driver can attach to an unprivileged + * function. The datapath firmware type to use is controlled by the + * 'sfboot' utility. + * If a client driver wishes to attach with a specific datapath firmware + * type, that can be passed in second argument of efx_nic_probe API. One + * such example is the ESXi native driver that attempts attaching with + * FULL_FEATURED datapath firmware type first and fall backs to + * DONT_CARE datapath firmware type if MC_CMD_DRV_ATTACH fails. */ - MCDI_IN_SET_DWORD(req, DRV_ATTACH_IN_NEW_STATE, attach ? 1 : 0); + MCDI_IN_POPULATE_DWORD_2(req, DRV_ATTACH_IN_NEW_STATE, + DRV_ATTACH_IN_ATTACH, attach ? 1 : 0, + DRV_ATTACH_IN_SUBVARIANT_AWARE, EFSYS_OPT_FW_SUBVARIANT_AWARE); MCDI_IN_SET_DWORD(req, DRV_ATTACH_IN_UPDATE, 1); - MCDI_IN_SET_DWORD(req, DRV_ATTACH_IN_FIRMWARE_ID, MC_CMD_FW_DONT_CARE); + MCDI_IN_SET_DWORD(req, DRV_ATTACH_IN_FIRMWARE_ID, enp->efv); efx_mcdi_execute(enp, &req); @@ -1326,11 +1343,10 @@ efx_mcdi_get_board_cfg( { efx_mcdi_iface_t *emip = &(enp->en_mcdi.em_emip); efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_GET_BOARD_CFG_IN_LEN, - MC_CMD_GET_BOARD_CFG_OUT_LENMIN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_GET_BOARD_CFG_IN_LEN, + MC_CMD_GET_BOARD_CFG_OUT_LENMIN); efx_rc_t rc; - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_GET_BOARD_CFG; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_GET_BOARD_CFG_IN_LEN; @@ -1406,11 +1422,10 @@ efx_mcdi_get_resource_limits( __out_opt uint32_t *ntxqp) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_GET_RESOURCE_LIMITS_IN_LEN, - MC_CMD_GET_RESOURCE_LIMITS_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_GET_RESOURCE_LIMITS_IN_LEN, + MC_CMD_GET_RESOURCE_LIMITS_OUT_LEN); efx_rc_t rc; - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_GET_RESOURCE_LIMITS; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_GET_RESOURCE_LIMITS_IN_LEN; @@ -1453,11 +1468,15 @@ efx_mcdi_get_phy_cfg( efx_port_t *epp = &(enp->en_port); efx_nic_cfg_t *encp = &(enp->en_nic_cfg); efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_GET_PHY_CFG_IN_LEN, - MC_CMD_GET_PHY_CFG_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_GET_PHY_CFG_IN_LEN, + MC_CMD_GET_PHY_CFG_OUT_LEN); +#if EFSYS_OPT_NAMES + const char *namep; + size_t namelen; +#endif + uint32_t phy_media_type; efx_rc_t rc; - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_GET_PHY_CFG; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_GET_PHY_CFG_IN_LEN; @@ -1478,10 +1497,12 @@ efx_mcdi_get_phy_cfg( encp->enc_phy_type = MCDI_OUT_DWORD(req, GET_PHY_CFG_OUT_TYPE); #if EFSYS_OPT_NAMES - (void) strncpy(encp->enc_phy_name, - MCDI_OUT2(req, char, GET_PHY_CFG_OUT_NAME), - MIN(sizeof (encp->enc_phy_name) - 1, - MC_CMD_GET_PHY_CFG_OUT_NAME_LEN)); + namep = MCDI_OUT2(req, char, GET_PHY_CFG_OUT_NAME); + namelen = MIN(sizeof (encp->enc_phy_name) - 1, + strnlen(namep, MC_CMD_GET_PHY_CFG_OUT_NAME_LEN)); + (void) memset(encp->enc_phy_name, 0, + sizeof (encp->enc_phy_name)); + memcpy(encp->enc_phy_name, namep, namelen); #endif /* EFSYS_OPT_NAMES */ (void) memset(encp->enc_phy_revision, 0, sizeof (encp->enc_phy_revision)); @@ -1503,8 +1524,8 @@ efx_mcdi_get_phy_cfg( EFX_STATIC_ASSERT(MC_CMD_MEDIA_SFP_PLUS == EFX_PHY_MEDIA_SFP_PLUS); EFX_STATIC_ASSERT(MC_CMD_MEDIA_BASE_T == EFX_PHY_MEDIA_BASE_T); EFX_STATIC_ASSERT(MC_CMD_MEDIA_QSFP_PLUS == EFX_PHY_MEDIA_QSFP_PLUS); - epp->ep_fixed_port_type = - MCDI_OUT_DWORD(req, GET_PHY_CFG_OUT_MEDIA_TYPE); + phy_media_type = MCDI_OUT_DWORD(req, GET_PHY_CFG_OUT_MEDIA_TYPE); + epp->ep_fixed_port_type = (efx_phy_media_type_t) phy_media_type; if (epp->ep_fixed_port_type >= EFX_PHY_MEDIA_NTYPES) epp->ep_fixed_port_type = EFX_PHY_MEDIA_INVALID; @@ -1650,7 +1671,7 @@ fail1: #if EFSYS_OPT_BIST -#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD +#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 /* * Enter bist offline mode. This is a fw mode which puts the NIC into a state * where memory BIST tests can be run and not much else can interfere or happen. @@ -1686,7 +1707,7 @@ fail1: return (rc); } -#endif /* EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD */ +#endif /* EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 */ __checkReturn efx_rc_t efx_mcdi_bist_start( @@ -1694,11 +1715,10 @@ efx_mcdi_bist_start( __in efx_bist_type_t type) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_START_BIST_IN_LEN, - MC_CMD_START_BIST_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_START_BIST_IN_LEN, + MC_CMD_START_BIST_OUT_LEN); efx_rc_t rc; - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_START_BIST; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_START_BIST_IN_LEN; @@ -1757,11 +1777,10 @@ efx_mcdi_log_ctrl( __in efx_nic_t *enp) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_LOG_CTRL_IN_LEN, - MC_CMD_LOG_CTRL_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_LOG_CTRL_IN_LEN, + MC_CMD_LOG_CTRL_OUT_LEN); efx_rc_t rc; - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_LOG_CTRL; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_LOG_CTRL_IN_LEN; @@ -1806,8 +1825,8 @@ efx_mcdi_mac_stats( __in uint16_t period_ms) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_MAC_STATS_IN_LEN, - MC_CMD_MAC_STATS_OUT_DMA_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_MAC_STATS_IN_LEN, + MC_CMD_MAC_STATS_V2_OUT_DMA_LEN); int clear = (action == EFX_STATS_CLEAR); int upload = (action == EFX_STATS_UPLOAD); int enable = (action == EFX_STATS_ENABLE_NOEVENTS); @@ -1815,12 +1834,11 @@ efx_mcdi_mac_stats( int disable = (action == EFX_STATS_DISABLE); efx_rc_t rc; - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_MAC_STATS; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_MAC_STATS_IN_LEN; req.emr_out_buf = payload; - req.emr_out_length = MC_CMD_MAC_STATS_OUT_DMA_LEN; + req.emr_out_length = MC_CMD_MAC_STATS_V2_OUT_DMA_LEN; MCDI_IN_POPULATE_DWORD_6(req, MAC_STATS_IN_CMD, MAC_STATS_IN_DMA, upload, @@ -1830,19 +1848,35 @@ efx_mcdi_mac_stats( MAC_STATS_IN_PERIODIC_NOEVENT, !events, MAC_STATS_IN_PERIOD_MS, (enable | events) ? period_ms : 0); - if (esmp != NULL) { - int bytes = MC_CMD_MAC_NSTATS * sizeof (uint64_t); + if (enable || events || upload) { + const efx_nic_cfg_t *encp = &enp->en_nic_cfg; + uint32_t bytes; - EFX_STATIC_ASSERT(MC_CMD_MAC_NSTATS * sizeof (uint64_t) <= - EFX_MAC_STATS_SIZE); + /* Periodic stats or stats upload require a DMA buffer */ + if (esmp == NULL) { + rc = EINVAL; + goto fail1; + } + + if (encp->enc_mac_stats_nstats < MC_CMD_MAC_NSTATS) { + /* MAC stats count too small for legacy MAC stats */ + rc = ENOSPC; + goto fail2; + } + + bytes = encp->enc_mac_stats_nstats * sizeof (efx_qword_t); + + if (EFSYS_MEM_SIZE(esmp) < bytes) { + /* DMA buffer too small */ + rc = ENOSPC; + goto fail3; + } MCDI_IN_SET_DWORD(req, MAC_STATS_IN_DMA_ADDR_LO, EFSYS_MEM_ADDR(esmp) & 0xffffffff); MCDI_IN_SET_DWORD(req, MAC_STATS_IN_DMA_ADDR_HI, EFSYS_MEM_ADDR(esmp) >> 32); MCDI_IN_SET_DWORD(req, MAC_STATS_IN_DMA_LEN, bytes); - } else { - EFSYS_ASSERT(!upload && !enable && !events); } /* @@ -1860,12 +1894,18 @@ efx_mcdi_mac_stats( if ((req.emr_rc != ENOENT) || (enp->en_rx_qcount + enp->en_tx_qcount != 0)) { rc = req.emr_rc; - goto fail1; + goto fail4; } } return (0); +fail4: + EFSYS_PROBE(fail4); +fail3: + EFSYS_PROBE(fail3); +fail2: + EFSYS_PROBE(fail2); fail1: EFSYS_PROBE1(fail1, efx_rc_t, rc); @@ -1950,7 +1990,7 @@ fail1: #endif /* EFSYS_OPT_MAC_STATS */ -#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD +#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 /* * This function returns the pf and vf number of a function. If it is a pf the @@ -1965,11 +2005,10 @@ efx_mcdi_get_function_info( __out_opt uint32_t *vfp) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_GET_FUNCTION_INFO_IN_LEN, - MC_CMD_GET_FUNCTION_INFO_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_GET_FUNCTION_INFO_IN_LEN, + MC_CMD_GET_FUNCTION_INFO_OUT_LEN); efx_rc_t rc; - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_GET_FUNCTION_INFO; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_GET_FUNCTION_INFO_IN_LEN; @@ -2010,11 +2049,10 @@ efx_mcdi_privilege_mask( __out uint32_t *maskp) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_PRIVILEGE_MASK_IN_LEN, - MC_CMD_PRIVILEGE_MASK_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_PRIVILEGE_MASK_IN_LEN, + MC_CMD_PRIVILEGE_MASK_OUT_LEN); efx_rc_t rc; - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_PRIVILEGE_MASK; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_PRIVILEGE_MASK_IN_LEN; @@ -2049,7 +2087,7 @@ fail1: return (rc); } -#endif /* EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD */ +#endif /* EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 */ __checkReturn efx_rc_t efx_mcdi_set_workaround( @@ -2059,11 +2097,10 @@ efx_mcdi_set_workaround( __out_opt uint32_t *flagsp) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_WORKAROUND_IN_LEN, - MC_CMD_WORKAROUND_EXT_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_WORKAROUND_IN_LEN, + MC_CMD_WORKAROUND_EXT_OUT_LEN); efx_rc_t rc; - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_WORKAROUND; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_WORKAROUND_IN_LEN; @@ -2103,10 +2140,9 @@ efx_mcdi_get_workarounds( __out_opt uint32_t *enabledp) { efx_mcdi_req_t req; - uint8_t payload[MC_CMD_GET_WORKAROUNDS_OUT_LEN]; + EFX_MCDI_DECLARE_BUF(payload, 0, MC_CMD_GET_WORKAROUNDS_OUT_LEN); efx_rc_t rc; - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_GET_WORKAROUNDS; req.emr_in_buf = NULL; req.emr_in_length = 0; @@ -2143,6 +2179,14 @@ fail1: */ #define EFX_PHY_MEDIA_INFO_PAGE_SIZE 0x80 +/* + * Transceiver identifiers from SFF-8024 Table 4-1. + */ +#define EFX_SFF_TRANSCEIVER_ID_SFP 0x03 /* SFP/SFP+/SFP28 */ +#define EFX_SFF_TRANSCEIVER_ID_QSFP 0x0c /* QSFP */ +#define EFX_SFF_TRANSCEIVER_ID_QSFP_PLUS 0x0d /* QSFP+ or later */ +#define EFX_SFF_TRANSCEIVER_ID_QSFP28 0x11 /* QSFP28 or later */ + static __checkReturn efx_rc_t efx_mcdi_get_phy_media_info( __in efx_nic_t *enp, @@ -2152,14 +2196,13 @@ efx_mcdi_get_phy_media_info( __out_bcount(len) uint8_t *data) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_GET_PHY_MEDIA_INFO_IN_LEN, - MC_CMD_GET_PHY_MEDIA_INFO_OUT_LEN( - EFX_PHY_MEDIA_INFO_PAGE_SIZE))]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_GET_PHY_MEDIA_INFO_IN_LEN, + MC_CMD_GET_PHY_MEDIA_INFO_OUT_LEN( + EFX_PHY_MEDIA_INFO_PAGE_SIZE)); efx_rc_t rc; EFSYS_ASSERT((uint32_t)offset + len <= EFX_PHY_MEDIA_INFO_PAGE_SIZE); - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_GET_PHY_MEDIA_INFO; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_GET_PHY_MEDIA_INFO_IN_LEN; @@ -2204,39 +2247,19 @@ fail1: return (rc); } -/* - * 2-wire device address of the base information in accordance with SFF-8472 - * Diagnostic Monitoring Interface for Optical Transceivers section - * 4 Memory Organization. - */ -#define EFX_PHY_MEDIA_INFO_DEV_ADDR_SFP_BASE 0xA0 - -/* - * 2-wire device address of the digital diagnostics monitoring interface - * in accordance with SFF-8472 Diagnostic Monitoring Interface for Optical - * Transceivers section 4 Memory Organization. - */ -#define EFX_PHY_MEDIA_INFO_DEV_ADDR_SFP_DDM 0xA2 - -/* - * Hard wired 2-wire device address for QSFP+ in accordance with SFF-8436 - * QSFP+ 10 Gbs 4X PLUGGABLE TRANSCEIVER section 7.4 Device Addressing and - * Operation. - */ -#define EFX_PHY_MEDIA_INFO_DEV_ADDR_QSFP 0xA0 - __checkReturn efx_rc_t efx_mcdi_phy_module_get_info( __in efx_nic_t *enp, __in uint8_t dev_addr, - __in uint8_t offset, - __in uint8_t len, + __in size_t offset, + __in size_t len, __out_bcount(len) uint8_t *data) { efx_port_t *epp = &(enp->en_port); efx_rc_t rc; uint32_t mcdi_lower_page; uint32_t mcdi_upper_page; + uint8_t id; EFSYS_ASSERT3U(enp->en_mod_flags, &, EFX_MOD_PROBE); @@ -2250,6 +2273,25 @@ efx_mcdi_phy_module_get_info( */ switch (epp->ep_fixed_port_type) { case EFX_PHY_MEDIA_SFP_PLUS: + case EFX_PHY_MEDIA_QSFP_PLUS: + /* Port type supports modules */ + break; + default: + rc = ENOTSUP; + goto fail1; + } + + /* + * For all supported port types, MCDI page 0 offset 0 holds the + * transceiver identifier. Probe to determine the data layout. + * Definitions from SFF-8024 Table 4-1. + */ + rc = efx_mcdi_get_phy_media_info(enp, 0, 0, sizeof (id), &id); + if (rc != 0) + goto fail2; + + switch (id) { + case EFX_SFF_TRANSCEIVER_ID_SFP: /* * In accordance with SFF-8472 Diagnostic Monitoring * Interface for Optical Transceivers section 4 Memory @@ -2284,10 +2326,12 @@ efx_mcdi_phy_module_get_info( break; default: rc = ENOTSUP; - goto fail1; + goto fail3; } break; - case EFX_PHY_MEDIA_QSFP_PLUS: + case EFX_SFF_TRANSCEIVER_ID_QSFP: + case EFX_SFF_TRANSCEIVER_ID_QSFP_PLUS: + case EFX_SFF_TRANSCEIVER_ID_QSFP28: switch (dev_addr) { case EFX_PHY_MEDIA_INFO_DEV_ADDR_QSFP: /* @@ -2303,22 +2347,24 @@ efx_mcdi_phy_module_get_info( break; default: rc = ENOTSUP; - goto fail1; + goto fail3; } break; default: rc = ENOTSUP; - goto fail1; + goto fail3; } + EFX_STATIC_ASSERT(EFX_PHY_MEDIA_INFO_PAGE_SIZE <= 0xFF); + if (offset < EFX_PHY_MEDIA_INFO_PAGE_SIZE) { - uint8_t read_len = + size_t read_len = MIN(len, EFX_PHY_MEDIA_INFO_PAGE_SIZE - offset); rc = efx_mcdi_get_phy_media_info(enp, - mcdi_lower_page, offset, read_len, data); + mcdi_lower_page, (uint8_t)offset, (uint8_t)read_len, data); if (rc != 0) - goto fail2; + goto fail4; data += read_len; len -= read_len; @@ -2333,13 +2379,17 @@ efx_mcdi_phy_module_get_info( EFSYS_ASSERT3U(offset, <, EFX_PHY_MEDIA_INFO_PAGE_SIZE); rc = efx_mcdi_get_phy_media_info(enp, - mcdi_upper_page, offset, len, data); + mcdi_upper_page, (uint8_t)offset, (uint8_t)len, data); if (rc != 0) - goto fail3; + goto fail5; } return (0); +fail5: + EFSYS_PROBE(fail5); +fail4: + EFSYS_PROBE(fail4); fail3: EFSYS_PROBE(fail3); fail2: diff --git a/sys/dev/sfxge/common/efx_mcdi.h b/sys/dev/sfxge/common/efx_mcdi.h index 75b3c47dcfee..a2a89e852e85 100644 --- a/sys/dev/sfxge/common/efx_mcdi.h +++ b/sys/dev/sfxge/common/efx_mcdi.h @@ -38,6 +38,10 @@ #include "efx.h" #include "efx_regs_mcdi.h" +#if EFSYS_OPT_NAMES +#include "efx_regs_mcdi_strs.h" +#endif /* EFSYS_OPT_NAMES */ + #ifdef __cplusplus extern "C" { #endif @@ -194,11 +198,11 @@ efx_mcdi_mac_spoofing_supported( #if EFSYS_OPT_BIST -#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD +#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 extern __checkReturn efx_rc_t efx_mcdi_bist_enable_offline( __in efx_nic_t *enp); -#endif /* EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD */ +#endif /* EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 */ extern __checkReturn efx_rc_t efx_mcdi_bist_start( __in efx_nic_t *enp, @@ -243,8 +247,8 @@ extern __checkReturn efx_rc_t efx_mcdi_phy_module_get_info( __in efx_nic_t *enp, __in uint8_t dev_addr, - __in uint8_t offset, - __in uint8_t len, + __in size_t offset, + __in size_t len, __out_bcount(len) uint8_t *data); #define MCDI_IN(_emr, _type, _ofst) \ @@ -386,6 +390,10 @@ efx_mcdi_phy_module_get_info( EFX_WORD_FIELD(*MCDI_OUT2(_emr, efx_word_t, _ofst), \ EFX_WORD_0) +#define MCDI_OUT_WORD_FIELD(_emr, _ofst, _field) \ + EFX_WORD_FIELD(*MCDI_OUT2(_emr, efx_word_t, _ofst), \ + MC_CMD_ ## _field) + #define MCDI_OUT_DWORD(_emr, _ofst) \ EFX_DWORD_FIELD(*MCDI_OUT2(_emr, efx_dword_t, _ofst), \ EFX_DWORD_0) @@ -404,6 +412,17 @@ efx_mcdi_phy_module_get_info( (((mask) & (MC_CMD_PRIVILEGE_MASK_IN_GRP_ ## priv)) == \ (MC_CMD_PRIVILEGE_MASK_IN_GRP_ ## priv)) +/* + * The buffer size must be a multiple of dword to ensure that MCDI works + * properly with Siena based boards (which use on-chip buffer). Also, it + * should be at minimum the size of two dwords to allow space for extended + * error responses if the request/response buffer sizes are smaller. + */ +#define EFX_MCDI_DECLARE_BUF(_name, _in_len, _out_len) \ + uint8_t _name[P2ROUNDUP(MAX(MAX(_in_len, _out_len), \ + (2 * sizeof (efx_dword_t))), \ + sizeof (efx_dword_t))] = {0} + typedef enum efx_mcdi_feature_id_e { EFX_MCDI_FEATURE_FW_UPDATE = 0, EFX_MCDI_FEATURE_LINK_CONTROL, diff --git a/sys/dev/sfxge/common/efx_mon.c b/sys/dev/sfxge/common/efx_mon.c index ef72f87c8612..822bd90c1f08 100644 --- a/sys/dev/sfxge/common/efx_mon.c +++ b/sys/dev/sfxge/common/efx_mon.c @@ -67,7 +67,8 @@ efx_mon_name( #if EFSYS_OPT_MON_MCDI static const efx_mon_ops_t __efx_mon_mcdi_ops = { #if EFSYS_OPT_MON_STATS - mcdi_mon_stats_update /* emo_stats_update */ + mcdi_mon_stats_update, /* emo_stats_update */ + mcdi_mon_limits_update, /* emo_limits_update */ #endif /* EFSYS_OPT_MON_STATS */ }; #endif @@ -128,77 +129,74 @@ fail1: #if EFSYS_OPT_NAMES -/* START MKCONFIG GENERATED MonitorStatNamesBlock d92af1538001301f */ +/* START MKCONFIG GENERATED MonitorStatNamesBlock 277c17eda1a6d1a4 */ static const char * const __mon_stat_name[] = { - "value_2_5v", - "value_vccp1", - "value_vcc", - "value_5v", - "value_12v", - "value_vccp2", - "value_ext_temp", - "value_int_temp", - "value_ain1", - "value_ain2", + "controller_temp", + "phy_common_temp", "controller_cooling", - "ext_cooling", - "1v", - "1_2v", - "1_8v", - "3_3v", - "1_2va", - "vref", - "vaoe", - "aoe_temperature", - "psu_aoe_temperature", - "psu_temperature", - "fan0", - "fan1", - "fan2", - "fan3", - "fan4", - "vaoe_in", - "iaoe", - "iaoe_in", + "phy0_temp", + "phy0_cooling", + "phy1_temp", + "phy1_cooling", + "in_1v0", + "in_1v2", + "in_1v8", + "in_2v5", + "in_3v3", + "in_12v0", + "in_1v2a", + "in_vref", + "out_vaoe", + "aoe_temp", + "psu_aoe_temp", + "psu_temp", + "fan_0", + "fan_1", + "fan_2", + "fan_3", + "fan_4", + "in_vaoe", + "out_iaoe", + "in_iaoe", "nic_power", - "0_9v", - "i0_9v", - "i1_2v", - "0_9v_adc", - "controller_temperature2", - "vreg_temperature", - "vreg_0_9v_temperature", - "vreg_1_2v_temperature", - "int_vptat", - "controller_internal_adc_temperature", - "ext_vptat", - "controller_external_adc_temperature", - "ambient_temperature", + "in_0v9", + "in_i0v9", + "in_i1v2", + "in_0v9_adc", + "controller_2_temp", + "vreg_internal_temp", + "vreg_0v9_temp", + "vreg_1v2_temp", + "controller_vptat", + "controller_internal_temp", + "controller_vptat_extadc", + "controller_internal_temp_extadc", + "ambient_temp", "airflow", "vdd08d_vss08d_csr", "vdd08d_vss08d_csr_extadc", - "hotpoint_temperature", - "phy_power_switch_port0", - "phy_power_switch_port1", + "hotpoint_temp", + "phy_power_port0", + "phy_power_port1", "mum_vcc", - "0v9_a", - "i0v9_a", - "0v9_a_temp", - "0v9_b", - "i0v9_b", - "0v9_b_temp", + "in_0v9_a", + "in_i0v9_a", + "vreg_0v9_a_temp", + "in_0v9_b", + "in_i0v9_b", + "vreg_0v9_b_temp", "ccom_avreg_1v2_supply", - "ccom_avreg_1v2_supply_ext_adc", + "ccom_avreg_1v2_supply_extadc", "ccom_avreg_1v8_supply", - "ccom_avreg_1v8_supply_ext_adc", + "ccom_avreg_1v8_supply_extadc", "controller_master_vptat", "controller_master_internal_temp", - "controller_master_vptat_ext_adc", - "controller_master_internal_temp_ext_adc", + "controller_master_vptat_extadc", + "controller_master_internal_temp_extadc", "controller_slave_vptat", "controller_slave_internal_temp", - "controller_slave_vptat_ext_adc", - "controller_slave_internal_temp_ext_adc", + "controller_slave_vptat_extadc", + "controller_slave_internal_temp_extadc", "sodimm_vout", "sodimm_0_temp", "sodimm_1_temp", @@ -207,13 +205,17 @@ static const char * const __mon_stat_name[] = { "controller_tdiode_temp", "board_front_temp", "board_back_temp", - "i1v8", - "i2v5", + "in_i1v8", + "in_i2v5", + "in_i3v3", + "in_i12v0", + "in_1v3", + "in_i1v3", }; /* END MKCONFIG GENERATED MonitorStatNamesBlock */ -extern const char * + const char * efx_mon_stat_name( __in efx_nic_t *enp, __in efx_mon_stat_t id) @@ -225,8 +227,609 @@ efx_mon_stat_name( return (__mon_stat_name[id]); } +typedef struct _stat_description_t { + efx_mon_stat_t stat; + const char *desc; +} stat_description_t; + +/* START MKCONFIG GENERATED MonitorStatDescriptionsBlock f072138f16d2e1f8 */ +static const char *__mon_stat_description[] = { + MC_CMD_SENSOR_CONTROLLER_TEMP_ENUM_STR, + MC_CMD_SENSOR_PHY_COMMON_TEMP_ENUM_STR, + MC_CMD_SENSOR_CONTROLLER_COOLING_ENUM_STR, + MC_CMD_SENSOR_PHY0_TEMP_ENUM_STR, + MC_CMD_SENSOR_PHY0_COOLING_ENUM_STR, + MC_CMD_SENSOR_PHY1_TEMP_ENUM_STR, + MC_CMD_SENSOR_PHY1_COOLING_ENUM_STR, + MC_CMD_SENSOR_IN_1V0_ENUM_STR, + MC_CMD_SENSOR_IN_1V2_ENUM_STR, + MC_CMD_SENSOR_IN_1V8_ENUM_STR, + MC_CMD_SENSOR_IN_2V5_ENUM_STR, + MC_CMD_SENSOR_IN_3V3_ENUM_STR, + MC_CMD_SENSOR_IN_12V0_ENUM_STR, + MC_CMD_SENSOR_IN_1V2A_ENUM_STR, + MC_CMD_SENSOR_IN_VREF_ENUM_STR, + MC_CMD_SENSOR_OUT_VAOE_ENUM_STR, + MC_CMD_SENSOR_AOE_TEMP_ENUM_STR, + MC_CMD_SENSOR_PSU_AOE_TEMP_ENUM_STR, + MC_CMD_SENSOR_PSU_TEMP_ENUM_STR, + MC_CMD_SENSOR_FAN_0_ENUM_STR, + MC_CMD_SENSOR_FAN_1_ENUM_STR, + MC_CMD_SENSOR_FAN_2_ENUM_STR, + MC_CMD_SENSOR_FAN_3_ENUM_STR, + MC_CMD_SENSOR_FAN_4_ENUM_STR, + MC_CMD_SENSOR_IN_VAOE_ENUM_STR, + MC_CMD_SENSOR_OUT_IAOE_ENUM_STR, + MC_CMD_SENSOR_IN_IAOE_ENUM_STR, + MC_CMD_SENSOR_NIC_POWER_ENUM_STR, + MC_CMD_SENSOR_IN_0V9_ENUM_STR, + MC_CMD_SENSOR_IN_I0V9_ENUM_STR, + MC_CMD_SENSOR_IN_I1V2_ENUM_STR, + MC_CMD_SENSOR_IN_0V9_ADC_ENUM_STR, + MC_CMD_SENSOR_CONTROLLER_2_TEMP_ENUM_STR, + MC_CMD_SENSOR_VREG_INTERNAL_TEMP_ENUM_STR, + MC_CMD_SENSOR_VREG_0V9_TEMP_ENUM_STR, + MC_CMD_SENSOR_VREG_1V2_TEMP_ENUM_STR, + MC_CMD_SENSOR_CONTROLLER_VPTAT_ENUM_STR, + MC_CMD_SENSOR_CONTROLLER_INTERNAL_TEMP_ENUM_STR, + MC_CMD_SENSOR_CONTROLLER_VPTAT_EXTADC_ENUM_STR, + MC_CMD_SENSOR_CONTROLLER_INTERNAL_TEMP_EXTADC_ENUM_STR, + MC_CMD_SENSOR_AMBIENT_TEMP_ENUM_STR, + MC_CMD_SENSOR_AIRFLOW_ENUM_STR, + MC_CMD_SENSOR_VDD08D_VSS08D_CSR_ENUM_STR, + MC_CMD_SENSOR_VDD08D_VSS08D_CSR_EXTADC_ENUM_STR, + MC_CMD_SENSOR_HOTPOINT_TEMP_ENUM_STR, + MC_CMD_SENSOR_PHY_POWER_PORT0_ENUM_STR, + MC_CMD_SENSOR_PHY_POWER_PORT1_ENUM_STR, + MC_CMD_SENSOR_MUM_VCC_ENUM_STR, + MC_CMD_SENSOR_IN_0V9_A_ENUM_STR, + MC_CMD_SENSOR_IN_I0V9_A_ENUM_STR, + MC_CMD_SENSOR_VREG_0V9_A_TEMP_ENUM_STR, + MC_CMD_SENSOR_IN_0V9_B_ENUM_STR, + MC_CMD_SENSOR_IN_I0V9_B_ENUM_STR, + MC_CMD_SENSOR_VREG_0V9_B_TEMP_ENUM_STR, + MC_CMD_SENSOR_CCOM_AVREG_1V2_SUPPLY_ENUM_STR, + MC_CMD_SENSOR_CCOM_AVREG_1V2_SUPPLY_EXTADC_ENUM_STR, + MC_CMD_SENSOR_CCOM_AVREG_1V8_SUPPLY_ENUM_STR, + MC_CMD_SENSOR_CCOM_AVREG_1V8_SUPPLY_EXTADC_ENUM_STR, + MC_CMD_SENSOR_CONTROLLER_MASTER_VPTAT_ENUM_STR, + MC_CMD_SENSOR_CONTROLLER_MASTER_INTERNAL_TEMP_ENUM_STR, + MC_CMD_SENSOR_CONTROLLER_MASTER_VPTAT_EXTADC_ENUM_STR, + MC_CMD_SENSOR_CONTROLLER_MASTER_INTERNAL_TEMP_EXTADC_ENUM_STR, + MC_CMD_SENSOR_CONTROLLER_SLAVE_VPTAT_ENUM_STR, + MC_CMD_SENSOR_CONTROLLER_SLAVE_INTERNAL_TEMP_ENUM_STR, + MC_CMD_SENSOR_CONTROLLER_SLAVE_VPTAT_EXTADC_ENUM_STR, + MC_CMD_SENSOR_CONTROLLER_SLAVE_INTERNAL_TEMP_EXTADC_ENUM_STR, + MC_CMD_SENSOR_SODIMM_VOUT_ENUM_STR, + MC_CMD_SENSOR_SODIMM_0_TEMP_ENUM_STR, + MC_CMD_SENSOR_SODIMM_1_TEMP_ENUM_STR, + MC_CMD_SENSOR_PHY0_VCC_ENUM_STR, + MC_CMD_SENSOR_PHY1_VCC_ENUM_STR, + MC_CMD_SENSOR_CONTROLLER_TDIODE_TEMP_ENUM_STR, + MC_CMD_SENSOR_BOARD_FRONT_TEMP_ENUM_STR, + MC_CMD_SENSOR_BOARD_BACK_TEMP_ENUM_STR, + MC_CMD_SENSOR_IN_I1V8_ENUM_STR, + MC_CMD_SENSOR_IN_I2V5_ENUM_STR, + MC_CMD_SENSOR_IN_I3V3_ENUM_STR, + MC_CMD_SENSOR_IN_I12V0_ENUM_STR, + MC_CMD_SENSOR_IN_1V3_ENUM_STR, + MC_CMD_SENSOR_IN_I1V3_ENUM_STR, +}; + +/* END MKCONFIG GENERATED MonitorStatDescriptionsBlock */ + + const char * +efx_mon_stat_description( + __in efx_nic_t *enp, + __in efx_mon_stat_t id) +{ + _NOTE(ARGUNUSED(enp)) + EFSYS_ASSERT3U(enp->en_magic, ==, EFX_NIC_MAGIC); + + EFSYS_ASSERT3U(id, <, EFX_MON_NSTATS); + return (__mon_stat_description[id]); +} + #endif /* EFSYS_OPT_NAMES */ +/* START MKCONFIG GENERATED MonitorMcdiMappingBlock 173eee0a5599996a */ + __checkReturn boolean_t +efx_mon_mcdi_to_efx_stat( + __in int mcdi_index, + __out efx_mon_stat_t *statp) +{ + + if ((mcdi_index % (MC_CMD_SENSOR_PAGE0_NEXT + 1)) == + MC_CMD_SENSOR_PAGE0_NEXT) { + *statp = EFX_MON_NSTATS; + return (B_FALSE); + } + + switch (mcdi_index) { + case MC_CMD_SENSOR_IN_I0V9: + *statp = EFX_MON_STAT_IN_I0V9; + break; + case MC_CMD_SENSOR_CONTROLLER_SLAVE_VPTAT_EXTADC: + *statp = EFX_MON_STAT_CONTROLLER_SLAVE_VPTAT_EXTADC; + break; + case MC_CMD_SENSOR_CONTROLLER_SLAVE_VPTAT: + *statp = EFX_MON_STAT_CONTROLLER_SLAVE_VPTAT; + break; + case MC_CMD_SENSOR_PSU_TEMP: + *statp = EFX_MON_STAT_PSU_TEMP; + break; + case MC_CMD_SENSOR_FAN_2: + *statp = EFX_MON_STAT_FAN_2; + break; + case MC_CMD_SENSOR_CONTROLLER_INTERNAL_TEMP_EXTADC: + *statp = EFX_MON_STAT_CONTROLLER_INTERNAL_TEMP_EXTADC; + break; + case MC_CMD_SENSOR_BOARD_BACK_TEMP: + *statp = EFX_MON_STAT_BOARD_BACK_TEMP; + break; + case MC_CMD_SENSOR_IN_1V3: + *statp = EFX_MON_STAT_IN_1V3; + break; + case MC_CMD_SENSOR_CONTROLLER_TDIODE_TEMP: + *statp = EFX_MON_STAT_CONTROLLER_TDIODE_TEMP; + break; + case MC_CMD_SENSOR_IN_2V5: + *statp = EFX_MON_STAT_IN_2V5; + break; + case MC_CMD_SENSOR_PHY_COMMON_TEMP: + *statp = EFX_MON_STAT_PHY_COMMON_TEMP; + break; + case MC_CMD_SENSOR_PHY1_TEMP: + *statp = EFX_MON_STAT_PHY1_TEMP; + break; + case MC_CMD_SENSOR_VREG_INTERNAL_TEMP: + *statp = EFX_MON_STAT_VREG_INTERNAL_TEMP; + break; + case MC_CMD_SENSOR_IN_1V0: + *statp = EFX_MON_STAT_IN_1V0; + break; + case MC_CMD_SENSOR_FAN_1: + *statp = EFX_MON_STAT_FAN_1; + break; + case MC_CMD_SENSOR_IN_1V2: + *statp = EFX_MON_STAT_IN_1V2; + break; + case MC_CMD_SENSOR_FAN_3: + *statp = EFX_MON_STAT_FAN_3; + break; + case MC_CMD_SENSOR_IN_1V2A: + *statp = EFX_MON_STAT_IN_1V2A; + break; + case MC_CMD_SENSOR_SODIMM_0_TEMP: + *statp = EFX_MON_STAT_SODIMM_0_TEMP; + break; + case MC_CMD_SENSOR_IN_1V8: + *statp = EFX_MON_STAT_IN_1V8; + break; + case MC_CMD_SENSOR_IN_VREF: + *statp = EFX_MON_STAT_IN_VREF; + break; + case MC_CMD_SENSOR_SODIMM_VOUT: + *statp = EFX_MON_STAT_SODIMM_VOUT; + break; + case MC_CMD_SENSOR_CCOM_AVREG_1V2_SUPPLY: + *statp = EFX_MON_STAT_CCOM_AVREG_1V2_SUPPLY; + break; + case MC_CMD_SENSOR_IN_I1V2: + *statp = EFX_MON_STAT_IN_I1V2; + break; + case MC_CMD_SENSOR_IN_I1V3: + *statp = EFX_MON_STAT_IN_I1V3; + break; + case MC_CMD_SENSOR_AIRFLOW: + *statp = EFX_MON_STAT_AIRFLOW; + break; + case MC_CMD_SENSOR_HOTPOINT_TEMP: + *statp = EFX_MON_STAT_HOTPOINT_TEMP; + break; + case MC_CMD_SENSOR_VDD08D_VSS08D_CSR: + *statp = EFX_MON_STAT_VDD08D_VSS08D_CSR; + break; + case MC_CMD_SENSOR_AOE_TEMP: + *statp = EFX_MON_STAT_AOE_TEMP; + break; + case MC_CMD_SENSOR_IN_I1V8: + *statp = EFX_MON_STAT_IN_I1V8; + break; + case MC_CMD_SENSOR_IN_I2V5: + *statp = EFX_MON_STAT_IN_I2V5; + break; + case MC_CMD_SENSOR_PHY1_COOLING: + *statp = EFX_MON_STAT_PHY1_COOLING; + break; + case MC_CMD_SENSOR_CCOM_AVREG_1V8_SUPPLY_EXTADC: + *statp = EFX_MON_STAT_CCOM_AVREG_1V8_SUPPLY_EXTADC; + break; + case MC_CMD_SENSOR_IN_0V9_ADC: + *statp = EFX_MON_STAT_IN_0V9_ADC; + break; + case MC_CMD_SENSOR_VREG_0V9_A_TEMP: + *statp = EFX_MON_STAT_VREG_0V9_A_TEMP; + break; + case MC_CMD_SENSOR_CONTROLLER_MASTER_VPTAT: + *statp = EFX_MON_STAT_CONTROLLER_MASTER_VPTAT; + break; + case MC_CMD_SENSOR_PHY0_VCC: + *statp = EFX_MON_STAT_PHY0_VCC; + break; + case MC_CMD_SENSOR_PHY0_COOLING: + *statp = EFX_MON_STAT_PHY0_COOLING; + break; + case MC_CMD_SENSOR_PSU_AOE_TEMP: + *statp = EFX_MON_STAT_PSU_AOE_TEMP; + break; + case MC_CMD_SENSOR_VREG_0V9_TEMP: + *statp = EFX_MON_STAT_VREG_0V9_TEMP; + break; + case MC_CMD_SENSOR_IN_I0V9_A: + *statp = EFX_MON_STAT_IN_I0V9_A; + break; + case MC_CMD_SENSOR_IN_I3V3: + *statp = EFX_MON_STAT_IN_I3V3; + break; + case MC_CMD_SENSOR_BOARD_FRONT_TEMP: + *statp = EFX_MON_STAT_BOARD_FRONT_TEMP; + break; + case MC_CMD_SENSOR_OUT_VAOE: + *statp = EFX_MON_STAT_OUT_VAOE; + break; + case MC_CMD_SENSOR_VDD08D_VSS08D_CSR_EXTADC: + *statp = EFX_MON_STAT_VDD08D_VSS08D_CSR_EXTADC; + break; + case MC_CMD_SENSOR_IN_I12V0: + *statp = EFX_MON_STAT_IN_I12V0; + break; + case MC_CMD_SENSOR_PHY_POWER_PORT1: + *statp = EFX_MON_STAT_PHY_POWER_PORT1; + break; + case MC_CMD_SENSOR_PHY_POWER_PORT0: + *statp = EFX_MON_STAT_PHY_POWER_PORT0; + break; + case MC_CMD_SENSOR_CONTROLLER_SLAVE_INTERNAL_TEMP_EXTADC: + *statp = EFX_MON_STAT_CONTROLLER_SLAVE_INTERNAL_TEMP_EXTADC; + break; + case MC_CMD_SENSOR_CONTROLLER_MASTER_INTERNAL_TEMP: + *statp = EFX_MON_STAT_CONTROLLER_MASTER_INTERNAL_TEMP; + break; + case MC_CMD_SENSOR_CONTROLLER_TEMP: + *statp = EFX_MON_STAT_CONTROLLER_TEMP; + break; + case MC_CMD_SENSOR_IN_IAOE: + *statp = EFX_MON_STAT_IN_IAOE; + break; + case MC_CMD_SENSOR_IN_VAOE: + *statp = EFX_MON_STAT_IN_VAOE; + break; + case MC_CMD_SENSOR_CONTROLLER_MASTER_VPTAT_EXTADC: + *statp = EFX_MON_STAT_CONTROLLER_MASTER_VPTAT_EXTADC; + break; + case MC_CMD_SENSOR_CCOM_AVREG_1V8_SUPPLY: + *statp = EFX_MON_STAT_CCOM_AVREG_1V8_SUPPLY; + break; + case MC_CMD_SENSOR_PHY1_VCC: + *statp = EFX_MON_STAT_PHY1_VCC; + break; + case MC_CMD_SENSOR_CONTROLLER_COOLING: + *statp = EFX_MON_STAT_CONTROLLER_COOLING; + break; + case MC_CMD_SENSOR_AMBIENT_TEMP: + *statp = EFX_MON_STAT_AMBIENT_TEMP; + break; + case MC_CMD_SENSOR_IN_3V3: + *statp = EFX_MON_STAT_IN_3V3; + break; + case MC_CMD_SENSOR_PHY0_TEMP: + *statp = EFX_MON_STAT_PHY0_TEMP; + break; + case MC_CMD_SENSOR_SODIMM_1_TEMP: + *statp = EFX_MON_STAT_SODIMM_1_TEMP; + break; + case MC_CMD_SENSOR_MUM_VCC: + *statp = EFX_MON_STAT_MUM_VCC; + break; + case MC_CMD_SENSOR_VREG_0V9_B_TEMP: + *statp = EFX_MON_STAT_VREG_0V9_B_TEMP; + break; + case MC_CMD_SENSOR_CONTROLLER_SLAVE_INTERNAL_TEMP: + *statp = EFX_MON_STAT_CONTROLLER_SLAVE_INTERNAL_TEMP; + break; + case MC_CMD_SENSOR_FAN_4: + *statp = EFX_MON_STAT_FAN_4; + break; + case MC_CMD_SENSOR_CONTROLLER_2_TEMP: + *statp = EFX_MON_STAT_CONTROLLER_2_TEMP; + break; + case MC_CMD_SENSOR_CCOM_AVREG_1V2_SUPPLY_EXTADC: + *statp = EFX_MON_STAT_CCOM_AVREG_1V2_SUPPLY_EXTADC; + break; + case MC_CMD_SENSOR_IN_0V9_A: + *statp = EFX_MON_STAT_IN_0V9_A; + break; + case MC_CMD_SENSOR_CONTROLLER_VPTAT_EXTADC: + *statp = EFX_MON_STAT_CONTROLLER_VPTAT_EXTADC; + break; + case MC_CMD_SENSOR_IN_0V9: + *statp = EFX_MON_STAT_IN_0V9; + break; + case MC_CMD_SENSOR_IN_I0V9_B: + *statp = EFX_MON_STAT_IN_I0V9_B; + break; + case MC_CMD_SENSOR_NIC_POWER: + *statp = EFX_MON_STAT_NIC_POWER; + break; + case MC_CMD_SENSOR_IN_12V0: + *statp = EFX_MON_STAT_IN_12V0; + break; + case MC_CMD_SENSOR_OUT_IAOE: + *statp = EFX_MON_STAT_OUT_IAOE; + break; + case MC_CMD_SENSOR_CONTROLLER_VPTAT: + *statp = EFX_MON_STAT_CONTROLLER_VPTAT; + break; + case MC_CMD_SENSOR_CONTROLLER_MASTER_INTERNAL_TEMP_EXTADC: + *statp = EFX_MON_STAT_CONTROLLER_MASTER_INTERNAL_TEMP_EXTADC; + break; + case MC_CMD_SENSOR_CONTROLLER_INTERNAL_TEMP: + *statp = EFX_MON_STAT_CONTROLLER_INTERNAL_TEMP; + break; + case MC_CMD_SENSOR_FAN_0: + *statp = EFX_MON_STAT_FAN_0; + break; + case MC_CMD_SENSOR_VREG_1V2_TEMP: + *statp = EFX_MON_STAT_VREG_1V2_TEMP; + break; + case MC_CMD_SENSOR_IN_0V9_B: + *statp = EFX_MON_STAT_IN_0V9_B; + break; + default: + *statp = EFX_MON_NSTATS; + break; + }; + + if (*statp == EFX_MON_NSTATS) + goto fail1; + + return (B_TRUE); + +fail1: + EFSYS_PROBE1(fail1, boolean_t, B_TRUE); + return (B_FALSE); +}; + +/* END MKCONFIG GENERATED MonitorMcdiMappingBlock */ + +/* START MKCONFIG GENERATED MonitorStatisticUnitsBlock 2d447c656cc2d01d */ + __checkReturn boolean_t +efx_mon_get_stat_unit( + __in efx_mon_stat_t stat, + __out efx_mon_stat_unit_t *unitp) +{ + switch (stat) { + case EFX_MON_STAT_IN_1V0: + case EFX_MON_STAT_IN_1V2: + case EFX_MON_STAT_IN_1V8: + case EFX_MON_STAT_IN_2V5: + case EFX_MON_STAT_IN_3V3: + case EFX_MON_STAT_IN_12V0: + case EFX_MON_STAT_IN_1V2A: + case EFX_MON_STAT_IN_VREF: + case EFX_MON_STAT_OUT_VAOE: + case EFX_MON_STAT_IN_VAOE: + case EFX_MON_STAT_IN_0V9: + case EFX_MON_STAT_IN_0V9_ADC: + case EFX_MON_STAT_CONTROLLER_VPTAT_EXTADC: + case EFX_MON_STAT_VDD08D_VSS08D_CSR: + case EFX_MON_STAT_VDD08D_VSS08D_CSR_EXTADC: + case EFX_MON_STAT_MUM_VCC: + case EFX_MON_STAT_IN_0V9_A: + case EFX_MON_STAT_IN_0V9_B: + case EFX_MON_STAT_CCOM_AVREG_1V2_SUPPLY: + case EFX_MON_STAT_CCOM_AVREG_1V2_SUPPLY_EXTADC: + case EFX_MON_STAT_CCOM_AVREG_1V8_SUPPLY: + case EFX_MON_STAT_CCOM_AVREG_1V8_SUPPLY_EXTADC: + case EFX_MON_STAT_CONTROLLER_MASTER_VPTAT: + case EFX_MON_STAT_CONTROLLER_MASTER_VPTAT_EXTADC: + case EFX_MON_STAT_CONTROLLER_SLAVE_VPTAT: + case EFX_MON_STAT_CONTROLLER_SLAVE_VPTAT_EXTADC: + case EFX_MON_STAT_SODIMM_VOUT: + case EFX_MON_STAT_PHY0_VCC: + case EFX_MON_STAT_PHY1_VCC: + case EFX_MON_STAT_IN_1V3: + *unitp = EFX_MON_STAT_UNIT_VOLTAGE_MV; + break; + case EFX_MON_STAT_CONTROLLER_TEMP: + case EFX_MON_STAT_PHY_COMMON_TEMP: + case EFX_MON_STAT_PHY0_TEMP: + case EFX_MON_STAT_PHY1_TEMP: + case EFX_MON_STAT_AOE_TEMP: + case EFX_MON_STAT_PSU_AOE_TEMP: + case EFX_MON_STAT_PSU_TEMP: + case EFX_MON_STAT_CONTROLLER_2_TEMP: + case EFX_MON_STAT_VREG_INTERNAL_TEMP: + case EFX_MON_STAT_VREG_0V9_TEMP: + case EFX_MON_STAT_VREG_1V2_TEMP: + case EFX_MON_STAT_CONTROLLER_VPTAT: + case EFX_MON_STAT_CONTROLLER_INTERNAL_TEMP: + case EFX_MON_STAT_CONTROLLER_INTERNAL_TEMP_EXTADC: + case EFX_MON_STAT_AMBIENT_TEMP: + case EFX_MON_STAT_HOTPOINT_TEMP: + case EFX_MON_STAT_VREG_0V9_A_TEMP: + case EFX_MON_STAT_VREG_0V9_B_TEMP: + case EFX_MON_STAT_CONTROLLER_MASTER_INTERNAL_TEMP: + case EFX_MON_STAT_CONTROLLER_MASTER_INTERNAL_TEMP_EXTADC: + case EFX_MON_STAT_CONTROLLER_SLAVE_INTERNAL_TEMP: + case EFX_MON_STAT_CONTROLLER_SLAVE_INTERNAL_TEMP_EXTADC: + case EFX_MON_STAT_SODIMM_0_TEMP: + case EFX_MON_STAT_SODIMM_1_TEMP: + case EFX_MON_STAT_CONTROLLER_TDIODE_TEMP: + case EFX_MON_STAT_BOARD_FRONT_TEMP: + case EFX_MON_STAT_BOARD_BACK_TEMP: + *unitp = EFX_MON_STAT_UNIT_TEMP_C; + break; + case EFX_MON_STAT_CONTROLLER_COOLING: + case EFX_MON_STAT_PHY0_COOLING: + case EFX_MON_STAT_PHY1_COOLING: + case EFX_MON_STAT_AIRFLOW: + case EFX_MON_STAT_PHY_POWER_PORT0: + case EFX_MON_STAT_PHY_POWER_PORT1: + *unitp = EFX_MON_STAT_UNIT_BOOL; + break; + case EFX_MON_STAT_NIC_POWER: + *unitp = EFX_MON_STAT_UNIT_POWER_W; + break; + case EFX_MON_STAT_OUT_IAOE: + case EFX_MON_STAT_IN_IAOE: + case EFX_MON_STAT_IN_I0V9: + case EFX_MON_STAT_IN_I1V2: + case EFX_MON_STAT_IN_I0V9_A: + case EFX_MON_STAT_IN_I0V9_B: + case EFX_MON_STAT_IN_I1V8: + case EFX_MON_STAT_IN_I2V5: + case EFX_MON_STAT_IN_I3V3: + case EFX_MON_STAT_IN_I12V0: + case EFX_MON_STAT_IN_I1V3: + *unitp = EFX_MON_STAT_UNIT_CURRENT_MA; + break; + case EFX_MON_STAT_FAN_0: + case EFX_MON_STAT_FAN_1: + case EFX_MON_STAT_FAN_2: + case EFX_MON_STAT_FAN_3: + case EFX_MON_STAT_FAN_4: + *unitp = EFX_MON_STAT_UNIT_RPM; + break; + default: + *unitp = EFX_MON_STAT_UNIT_UNKNOWN; + break; + }; + + if (*unitp == EFX_MON_STAT_UNIT_UNKNOWN) + goto fail1; + + return (B_TRUE); + +fail1: + EFSYS_PROBE1(fail1, boolean_t, B_TRUE); + return (B_FALSE); +}; + +/* END MKCONFIG GENERATED MonitorStatisticUnitsBlock */ + +/* START MKCONFIG GENERATED MonitorStatisticPortsBlock 1719b751d842534f */ + __checkReturn boolean_t +efx_mon_get_stat_portmap( + __in efx_mon_stat_t stat, + __out efx_mon_stat_portmask_t *maskp) +{ + + switch (stat) { + case EFX_MON_STAT_PHY1_TEMP: + case EFX_MON_STAT_PHY1_COOLING: + case EFX_MON_STAT_PHY_POWER_PORT1: + *maskp = EFX_MON_STAT_PORTMAP_PORT1; + break; + case EFX_MON_STAT_CONTROLLER_TEMP: + case EFX_MON_STAT_PHY_COMMON_TEMP: + case EFX_MON_STAT_CONTROLLER_COOLING: + case EFX_MON_STAT_IN_1V0: + case EFX_MON_STAT_IN_1V2: + case EFX_MON_STAT_IN_1V8: + case EFX_MON_STAT_IN_2V5: + case EFX_MON_STAT_IN_3V3: + case EFX_MON_STAT_IN_12V0: + case EFX_MON_STAT_IN_1V2A: + case EFX_MON_STAT_IN_VREF: + case EFX_MON_STAT_OUT_VAOE: + case EFX_MON_STAT_AOE_TEMP: + case EFX_MON_STAT_PSU_AOE_TEMP: + case EFX_MON_STAT_PSU_TEMP: + case EFX_MON_STAT_FAN_0: + case EFX_MON_STAT_FAN_1: + case EFX_MON_STAT_FAN_2: + case EFX_MON_STAT_FAN_3: + case EFX_MON_STAT_FAN_4: + case EFX_MON_STAT_IN_VAOE: + case EFX_MON_STAT_OUT_IAOE: + case EFX_MON_STAT_IN_IAOE: + case EFX_MON_STAT_NIC_POWER: + case EFX_MON_STAT_IN_0V9: + case EFX_MON_STAT_IN_I0V9: + case EFX_MON_STAT_IN_I1V2: + case EFX_MON_STAT_IN_0V9_ADC: + case EFX_MON_STAT_CONTROLLER_2_TEMP: + case EFX_MON_STAT_VREG_INTERNAL_TEMP: + case EFX_MON_STAT_VREG_0V9_TEMP: + case EFX_MON_STAT_VREG_1V2_TEMP: + case EFX_MON_STAT_CONTROLLER_VPTAT: + case EFX_MON_STAT_CONTROLLER_INTERNAL_TEMP: + case EFX_MON_STAT_CONTROLLER_VPTAT_EXTADC: + case EFX_MON_STAT_CONTROLLER_INTERNAL_TEMP_EXTADC: + case EFX_MON_STAT_AMBIENT_TEMP: + case EFX_MON_STAT_AIRFLOW: + case EFX_MON_STAT_VDD08D_VSS08D_CSR: + case EFX_MON_STAT_VDD08D_VSS08D_CSR_EXTADC: + case EFX_MON_STAT_HOTPOINT_TEMP: + case EFX_MON_STAT_MUM_VCC: + case EFX_MON_STAT_IN_0V9_A: + case EFX_MON_STAT_IN_I0V9_A: + case EFX_MON_STAT_VREG_0V9_A_TEMP: + case EFX_MON_STAT_IN_0V9_B: + case EFX_MON_STAT_IN_I0V9_B: + case EFX_MON_STAT_VREG_0V9_B_TEMP: + case EFX_MON_STAT_CCOM_AVREG_1V2_SUPPLY: + case EFX_MON_STAT_CCOM_AVREG_1V2_SUPPLY_EXTADC: + case EFX_MON_STAT_CCOM_AVREG_1V8_SUPPLY: + case EFX_MON_STAT_CCOM_AVREG_1V8_SUPPLY_EXTADC: + case EFX_MON_STAT_CONTROLLER_MASTER_VPTAT: + case EFX_MON_STAT_CONTROLLER_MASTER_INTERNAL_TEMP: + case EFX_MON_STAT_CONTROLLER_MASTER_VPTAT_EXTADC: + case EFX_MON_STAT_CONTROLLER_MASTER_INTERNAL_TEMP_EXTADC: + case EFX_MON_STAT_CONTROLLER_SLAVE_VPTAT: + case EFX_MON_STAT_CONTROLLER_SLAVE_INTERNAL_TEMP: + case EFX_MON_STAT_CONTROLLER_SLAVE_VPTAT_EXTADC: + case EFX_MON_STAT_CONTROLLER_SLAVE_INTERNAL_TEMP_EXTADC: + case EFX_MON_STAT_SODIMM_VOUT: + case EFX_MON_STAT_SODIMM_0_TEMP: + case EFX_MON_STAT_SODIMM_1_TEMP: + case EFX_MON_STAT_PHY0_VCC: + case EFX_MON_STAT_PHY1_VCC: + case EFX_MON_STAT_CONTROLLER_TDIODE_TEMP: + case EFX_MON_STAT_BOARD_FRONT_TEMP: + case EFX_MON_STAT_BOARD_BACK_TEMP: + case EFX_MON_STAT_IN_I1V8: + case EFX_MON_STAT_IN_I2V5: + case EFX_MON_STAT_IN_I3V3: + case EFX_MON_STAT_IN_I12V0: + case EFX_MON_STAT_IN_1V3: + case EFX_MON_STAT_IN_I1V3: + *maskp = EFX_MON_STAT_PORTMAP_ALL; + break; + case EFX_MON_STAT_PHY0_TEMP: + case EFX_MON_STAT_PHY0_COOLING: + case EFX_MON_STAT_PHY_POWER_PORT0: + *maskp = EFX_MON_STAT_PORTMAP_PORT0; + break; + default: + *maskp = EFX_MON_STAT_PORTMAP_UNKNOWN; + break; + }; + + if (*maskp == EFX_MON_STAT_PORTMAP_UNKNOWN) + goto fail1; + + return (B_TRUE); + +fail1: + EFSYS_PROBE1(fail1, boolean_t, B_TRUE); + return (B_FALSE); +}; + +/* END MKCONFIG GENERATED MonitorStatisticPortsBlock */ + __checkReturn efx_rc_t efx_mon_stats_update( __in efx_nic_t *enp, @@ -242,6 +845,20 @@ efx_mon_stats_update( return (emop->emo_stats_update(enp, esmp, values)); } + __checkReturn efx_rc_t +efx_mon_limits_update( + __in efx_nic_t *enp, + __inout_ecount(EFX_MON_NSTATS) efx_mon_stat_limits_t *values) +{ + efx_mon_t *emp = &(enp->en_mon); + const efx_mon_ops_t *emop = emp->em_emop; + + EFSYS_ASSERT3U(enp->en_magic, ==, EFX_NIC_MAGIC); + EFSYS_ASSERT3U(enp->en_mod_flags, &, EFX_MOD_MON); + + return (emop->emo_limits_update(enp, values)); +} + #endif /* EFSYS_OPT_MON_STATS */ void diff --git a/sys/dev/sfxge/common/efx_nic.c b/sys/dev/sfxge/common/efx_nic.c index e5e8efde4bfb..cd1efe5e8881 100644 --- a/sys/dev/sfxge/common/efx_nic.c +++ b/sys/dev/sfxge/common/efx_nic.c @@ -36,11 +36,13 @@ __FBSDID("$FreeBSD$"); #include "efx.h" #include "efx_impl.h" + __checkReturn efx_rc_t efx_family( __in uint16_t venid, __in uint16_t devid, - __out efx_family_t *efp) + __out efx_family_t *efp, + __out unsigned int *membarp) { if (venid == EFX_PCI_VENID_SFC) { switch (devid) { @@ -50,12 +52,10 @@ efx_family( * Hardware default for PF0 of uninitialised Siena. * manftest must be able to cope with this device id. */ - *efp = EFX_FAMILY_SIENA; - return (0); - case EFX_PCI_DEVID_BETHPAGE: case EFX_PCI_DEVID_SIENA: *efp = EFX_FAMILY_SIENA; + *membarp = EFX_MEM_BAR_SIENA; return (0); #endif /* EFSYS_OPT_SIENA */ @@ -65,17 +65,16 @@ efx_family( * Hardware default for PF0 of uninitialised Huntington. * manftest must be able to cope with this device id. */ - *efp = EFX_FAMILY_HUNTINGTON; - return (0); - case EFX_PCI_DEVID_FARMINGDALE: case EFX_PCI_DEVID_GREENPORT: *efp = EFX_FAMILY_HUNTINGTON; + *membarp = EFX_MEM_BAR_HUNTINGTON_PF; return (0); case EFX_PCI_DEVID_FARMINGDALE_VF: case EFX_PCI_DEVID_GREENPORT_VF: *efp = EFX_FAMILY_HUNTINGTON; + *membarp = EFX_MEM_BAR_HUNTINGTON_VF; return (0); #endif /* EFSYS_OPT_HUNTINGTON */ @@ -85,18 +84,30 @@ efx_family( * Hardware default for PF0 of uninitialised Medford. * manftest must be able to cope with this device id. */ - *efp = EFX_FAMILY_MEDFORD; - return (0); - case EFX_PCI_DEVID_MEDFORD: *efp = EFX_FAMILY_MEDFORD; + *membarp = EFX_MEM_BAR_MEDFORD_PF; return (0); case EFX_PCI_DEVID_MEDFORD_VF: *efp = EFX_FAMILY_MEDFORD; + *membarp = EFX_MEM_BAR_MEDFORD_VF; return (0); #endif /* EFSYS_OPT_MEDFORD */ +#if EFSYS_OPT_MEDFORD2 + case EFX_PCI_DEVID_MEDFORD2_PF_UNINIT: + /* + * Hardware default for PF0 of uninitialised Medford2. + * manftest must be able to cope with this device id. + */ + case EFX_PCI_DEVID_MEDFORD2: + case EFX_PCI_DEVID_MEDFORD2_VF: + *efp = EFX_FAMILY_MEDFORD2; + *membarp = EFX_MEM_BAR_MEDFORD2; + return (0); +#endif /* EFSYS_OPT_MEDFORD2 */ + case EFX_PCI_DEVID_FALCON: /* Obsolete, not supported */ default: break; @@ -107,6 +118,7 @@ efx_family( return (ENOTSUP); } + #if EFSYS_OPT_SIENA static const efx_nic_ops_t __efx_nic_siena_ops = { @@ -117,6 +129,8 @@ static const efx_nic_ops_t __efx_nic_siena_ops = { siena_nic_init, /* eno_init */ NULL, /* eno_get_vi_pool */ NULL, /* eno_get_bar_region */ + NULL, /* eno_hw_unavailable */ + NULL, /* eno_set_hw_unavailable */ #if EFSYS_OPT_DIAG siena_nic_register_test, /* eno_register_test */ #endif /* EFSYS_OPT_DIAG */ @@ -136,6 +150,8 @@ static const efx_nic_ops_t __efx_nic_hunt_ops = { ef10_nic_init, /* eno_init */ ef10_nic_get_vi_pool, /* eno_get_vi_pool */ ef10_nic_get_bar_region, /* eno_get_bar_region */ + ef10_nic_hw_unavailable, /* eno_hw_unavailable */ + ef10_nic_set_hw_unavailable, /* eno_set_hw_unavailable */ #if EFSYS_OPT_DIAG ef10_nic_register_test, /* eno_register_test */ #endif /* EFSYS_OPT_DIAG */ @@ -155,6 +171,8 @@ static const efx_nic_ops_t __efx_nic_medford_ops = { ef10_nic_init, /* eno_init */ ef10_nic_get_vi_pool, /* eno_get_vi_pool */ ef10_nic_get_bar_region, /* eno_get_bar_region */ + ef10_nic_hw_unavailable, /* eno_hw_unavailable */ + ef10_nic_set_hw_unavailable, /* eno_set_hw_unavailable */ #if EFSYS_OPT_DIAG ef10_nic_register_test, /* eno_register_test */ #endif /* EFSYS_OPT_DIAG */ @@ -164,6 +182,27 @@ static const efx_nic_ops_t __efx_nic_medford_ops = { #endif /* EFSYS_OPT_MEDFORD */ +#if EFSYS_OPT_MEDFORD2 + +static const efx_nic_ops_t __efx_nic_medford2_ops = { + ef10_nic_probe, /* eno_probe */ + medford2_board_cfg, /* eno_board_cfg */ + ef10_nic_set_drv_limits, /* eno_set_drv_limits */ + ef10_nic_reset, /* eno_reset */ + ef10_nic_init, /* eno_init */ + ef10_nic_get_vi_pool, /* eno_get_vi_pool */ + ef10_nic_get_bar_region, /* eno_get_bar_region */ + ef10_nic_hw_unavailable, /* eno_hw_unavailable */ + ef10_nic_set_hw_unavailable, /* eno_set_hw_unavailable */ +#if EFSYS_OPT_DIAG + ef10_nic_register_test, /* eno_register_test */ +#endif /* EFSYS_OPT_DIAG */ + ef10_nic_fini, /* eno_fini */ + ef10_nic_unprobe, /* eno_unprobe */ +}; + +#endif /* EFSYS_OPT_MEDFORD2 */ + __checkReturn efx_rc_t efx_nic_create( @@ -242,6 +281,22 @@ efx_nic_create( break; #endif /* EFSYS_OPT_MEDFORD */ +#if EFSYS_OPT_MEDFORD2 + case EFX_FAMILY_MEDFORD2: + enp->en_enop = &__efx_nic_medford2_ops; + enp->en_features = + EFX_FEATURE_IPV6 | + EFX_FEATURE_LINK_EVENTS | + EFX_FEATURE_PERIODIC_MAC_STATS | + EFX_FEATURE_MCDI | + EFX_FEATURE_MAC_HEADER_FILTERS | + EFX_FEATURE_MCDI_DMA | + EFX_FEATURE_PIO_BUFFERS | + EFX_FEATURE_FW_ASSISTED_TSO_V2 | + EFX_FEATURE_PACKED_STREAM; + break; +#endif /* EFSYS_OPT_MEDFORD2 */ + default: rc = ENOTSUP; goto fail2; @@ -272,7 +327,8 @@ fail1: __checkReturn efx_rc_t efx_nic_probe( - __in efx_nic_t *enp) + __in efx_nic_t *enp, + __in efx_fw_variant_t efv) { const efx_nic_ops_t *enop; efx_rc_t rc; @@ -283,7 +339,27 @@ efx_nic_probe( #endif /* EFSYS_OPT_MCDI */ EFSYS_ASSERT(!(enp->en_mod_flags & EFX_MOD_PROBE)); + /* Ensure FW variant codes match with MC_CMD_FW codes */ + EFX_STATIC_ASSERT(EFX_FW_VARIANT_FULL_FEATURED == + MC_CMD_FW_FULL_FEATURED); + EFX_STATIC_ASSERT(EFX_FW_VARIANT_LOW_LATENCY == + MC_CMD_FW_LOW_LATENCY); + EFX_STATIC_ASSERT(EFX_FW_VARIANT_PACKED_STREAM == + MC_CMD_FW_PACKED_STREAM); + EFX_STATIC_ASSERT(EFX_FW_VARIANT_HIGH_TX_RATE == + MC_CMD_FW_HIGH_TX_RATE); + EFX_STATIC_ASSERT(EFX_FW_VARIANT_PACKED_STREAM_HASH_MODE_1 == + MC_CMD_FW_PACKED_STREAM_HASH_MODE_1); + EFX_STATIC_ASSERT(EFX_FW_VARIANT_RULES_ENGINE == + MC_CMD_FW_RULES_ENGINE); + EFX_STATIC_ASSERT(EFX_FW_VARIANT_DPDK == + MC_CMD_FW_DPDK); + EFX_STATIC_ASSERT(EFX_FW_VARIANT_DONT_CARE == + (int)MC_CMD_FW_DONT_CARE); + enop = enp->en_enop; + enp->efv = efv; + if ((rc = enop->eno_probe(enp)) != 0) goto fail1; @@ -510,7 +586,7 @@ efx_nic_reset( EFSYS_ASSERT3U(enp->en_magic, ==, EFX_NIC_MAGIC); EFSYS_ASSERT(enp->en_mod_flags & EFX_MOD_PROBE); /* - * All modules except the MCDI, PROBE, NVRAM, VPD, MON + * All modules except the MCDI, PROBE, NVRAM, VPD, MON, TUNNEL * (which we do not reset here) must have been shut down or never * initialized. * @@ -520,7 +596,10 @@ efx_nic_reset( */ mod_flags = enp->en_mod_flags; mod_flags &= ~(EFX_MOD_MCDI | EFX_MOD_PROBE | EFX_MOD_NVRAM | - EFX_MOD_VPD | EFX_MOD_MON); + EFX_MOD_VPD | EFX_MOD_MON); +#if EFSYS_OPT_TUNNEL + mod_flags &= ~EFX_MOD_TUNNEL; +#endif /* EFSYS_OPT_TUNNEL */ EFSYS_ASSERT3U(mod_flags, ==, 0); if (mod_flags != 0) { rc = EINVAL; @@ -545,6 +624,7 @@ efx_nic_cfg_get( __in efx_nic_t *enp) { EFSYS_ASSERT3U(enp->en_magic, ==, EFX_NIC_MAGIC); + EFSYS_ASSERT3U(enp->en_mod_flags, &, EFX_MOD_PROBE); return (&(enp->en_nic_cfg)); } @@ -565,6 +645,18 @@ efx_nic_get_fw_version( EFSYS_ASSERT3U(enp->en_mod_flags, &, EFX_MOD_MCDI); EFSYS_ASSERT3U(enp->en_features, &, EFX_FEATURE_MCDI); + /* Ensure RXDP_FW_ID codes match with MC_CMD_GET_CAPABILITIES codes */ + EFX_STATIC_ASSERT(EFX_RXDP_FULL_FEATURED_FW_ID == + MC_CMD_GET_CAPABILITIES_OUT_RXDP); + EFX_STATIC_ASSERT(EFX_RXDP_LOW_LATENCY_FW_ID == + MC_CMD_GET_CAPABILITIES_OUT_RXDP_LOW_LATENCY); + EFX_STATIC_ASSERT(EFX_RXDP_PACKED_STREAM_FW_ID == + MC_CMD_GET_CAPABILITIES_OUT_RXDP_PACKED_STREAM); + EFX_STATIC_ASSERT(EFX_RXDP_RULES_ENGINE_FW_ID == + MC_CMD_GET_CAPABILITIES_OUT_RXDP_RULES_ENGINE); + EFX_STATIC_ASSERT(EFX_RXDP_DPDK_FW_ID == + MC_CMD_GET_CAPABILITIES_OUT_RXDP_DPDK); + rc = efx_mcdi_version(enp, mc_fw_version, NULL, NULL); if (rc != 0) goto fail2; @@ -598,6 +690,39 @@ fail1: return (rc); } + __checkReturn boolean_t +efx_nic_hw_unavailable( + __in efx_nic_t *enp) +{ + const efx_nic_ops_t *enop = enp->en_enop; + + EFSYS_ASSERT3U(enp->en_magic, ==, EFX_NIC_MAGIC); + /* NOTE: can be used by MCDI before NIC probe */ + + if (enop->eno_hw_unavailable != NULL) { + if ((enop->eno_hw_unavailable)(enp) != B_FALSE) + goto unavail; + } + + return (B_FALSE); + +unavail: + return (B_TRUE); +} + + void +efx_nic_set_hw_unavailable( + __in efx_nic_t *enp) +{ + const efx_nic_ops_t *enop = enp->en_enop; + + EFSYS_ASSERT3U(enp->en_magic, ==, EFX_NIC_MAGIC); + + if (enop->eno_set_hw_unavailable != NULL) + enop->eno_set_hw_unavailable(enp); +} + + #if EFSYS_OPT_DIAG __checkReturn efx_rc_t @@ -636,48 +761,49 @@ efx_loopback_mask( EFSYS_ASSERT3U(loopback_kind, <, EFX_LOOPBACK_NKINDS); EFSYS_ASSERT(maskp != NULL); - /* Assert the MC_CMD_LOOPBACK and EFX_LOOPBACK namespace agree */ - EFX_STATIC_ASSERT(MC_CMD_LOOPBACK_NONE == EFX_LOOPBACK_OFF); - EFX_STATIC_ASSERT(MC_CMD_LOOPBACK_DATA == EFX_LOOPBACK_DATA); - EFX_STATIC_ASSERT(MC_CMD_LOOPBACK_GMAC == EFX_LOOPBACK_GMAC); - EFX_STATIC_ASSERT(MC_CMD_LOOPBACK_XGMII == EFX_LOOPBACK_XGMII); - EFX_STATIC_ASSERT(MC_CMD_LOOPBACK_XGXS == EFX_LOOPBACK_XGXS); - EFX_STATIC_ASSERT(MC_CMD_LOOPBACK_XAUI == EFX_LOOPBACK_XAUI); - EFX_STATIC_ASSERT(MC_CMD_LOOPBACK_GMII == EFX_LOOPBACK_GMII); - EFX_STATIC_ASSERT(MC_CMD_LOOPBACK_SGMII == EFX_LOOPBACK_SGMII); - EFX_STATIC_ASSERT(MC_CMD_LOOPBACK_XGBR == EFX_LOOPBACK_XGBR); - EFX_STATIC_ASSERT(MC_CMD_LOOPBACK_XFI == EFX_LOOPBACK_XFI); - EFX_STATIC_ASSERT(MC_CMD_LOOPBACK_XAUI_FAR == EFX_LOOPBACK_XAUI_FAR); - EFX_STATIC_ASSERT(MC_CMD_LOOPBACK_GMII_FAR == EFX_LOOPBACK_GMII_FAR); - EFX_STATIC_ASSERT(MC_CMD_LOOPBACK_SGMII_FAR == EFX_LOOPBACK_SGMII_FAR); - EFX_STATIC_ASSERT(MC_CMD_LOOPBACK_XFI_FAR == EFX_LOOPBACK_XFI_FAR); - EFX_STATIC_ASSERT(MC_CMD_LOOPBACK_GPHY == EFX_LOOPBACK_GPHY); - EFX_STATIC_ASSERT(MC_CMD_LOOPBACK_PHYXS == EFX_LOOPBACK_PHY_XS); - EFX_STATIC_ASSERT(MC_CMD_LOOPBACK_PCS == EFX_LOOPBACK_PCS); - EFX_STATIC_ASSERT(MC_CMD_LOOPBACK_PMAPMD == EFX_LOOPBACK_PMA_PMD); - EFX_STATIC_ASSERT(MC_CMD_LOOPBACK_XPORT == EFX_LOOPBACK_XPORT); - EFX_STATIC_ASSERT(MC_CMD_LOOPBACK_XGMII_WS == EFX_LOOPBACK_XGMII_WS); - EFX_STATIC_ASSERT(MC_CMD_LOOPBACK_XAUI_WS == EFX_LOOPBACK_XAUI_WS); - EFX_STATIC_ASSERT(MC_CMD_LOOPBACK_XAUI_WS_FAR == - EFX_LOOPBACK_XAUI_WS_FAR); - EFX_STATIC_ASSERT(MC_CMD_LOOPBACK_XAUI_WS_NEAR == - EFX_LOOPBACK_XAUI_WS_NEAR); - EFX_STATIC_ASSERT(MC_CMD_LOOPBACK_GMII_WS == EFX_LOOPBACK_GMII_WS); - EFX_STATIC_ASSERT(MC_CMD_LOOPBACK_XFI_WS == EFX_LOOPBACK_XFI_WS); - EFX_STATIC_ASSERT(MC_CMD_LOOPBACK_XFI_WS_FAR == - EFX_LOOPBACK_XFI_WS_FAR); - EFX_STATIC_ASSERT(MC_CMD_LOOPBACK_PHYXS_WS == EFX_LOOPBACK_PHYXS_WS); - EFX_STATIC_ASSERT(MC_CMD_LOOPBACK_PMA_INT == EFX_LOOPBACK_PMA_INT); - EFX_STATIC_ASSERT(MC_CMD_LOOPBACK_SD_NEAR == EFX_LOOPBACK_SD_NEAR); - EFX_STATIC_ASSERT(MC_CMD_LOOPBACK_SD_FAR == EFX_LOOPBACK_SD_FAR); - EFX_STATIC_ASSERT(MC_CMD_LOOPBACK_PMA_INT_WS == - EFX_LOOPBACK_PMA_INT_WS); - EFX_STATIC_ASSERT(MC_CMD_LOOPBACK_SD_FEP2_WS == - EFX_LOOPBACK_SD_FEP2_WS); - EFX_STATIC_ASSERT(MC_CMD_LOOPBACK_SD_FEP1_5_WS == - EFX_LOOPBACK_SD_FEP1_5_WS); - EFX_STATIC_ASSERT(MC_CMD_LOOPBACK_SD_FEP_WS == EFX_LOOPBACK_SD_FEP_WS); - EFX_STATIC_ASSERT(MC_CMD_LOOPBACK_SD_FES_WS == EFX_LOOPBACK_SD_FES_WS); + /* Assert the MC_CMD_LOOPBACK and EFX_LOOPBACK namespaces agree */ +#define LOOPBACK_CHECK(_mcdi, _efx) \ + EFX_STATIC_ASSERT(MC_CMD_LOOPBACK_##_mcdi == EFX_LOOPBACK_##_efx) + + LOOPBACK_CHECK(NONE, OFF); + LOOPBACK_CHECK(DATA, DATA); + LOOPBACK_CHECK(GMAC, GMAC); + LOOPBACK_CHECK(XGMII, XGMII); + LOOPBACK_CHECK(XGXS, XGXS); + LOOPBACK_CHECK(XAUI, XAUI); + LOOPBACK_CHECK(GMII, GMII); + LOOPBACK_CHECK(SGMII, SGMII); + LOOPBACK_CHECK(XGBR, XGBR); + LOOPBACK_CHECK(XFI, XFI); + LOOPBACK_CHECK(XAUI_FAR, XAUI_FAR); + LOOPBACK_CHECK(GMII_FAR, GMII_FAR); + LOOPBACK_CHECK(SGMII_FAR, SGMII_FAR); + LOOPBACK_CHECK(XFI_FAR, XFI_FAR); + LOOPBACK_CHECK(GPHY, GPHY); + LOOPBACK_CHECK(PHYXS, PHY_XS); + LOOPBACK_CHECK(PCS, PCS); + LOOPBACK_CHECK(PMAPMD, PMA_PMD); + LOOPBACK_CHECK(XPORT, XPORT); + LOOPBACK_CHECK(XGMII_WS, XGMII_WS); + LOOPBACK_CHECK(XAUI_WS, XAUI_WS); + LOOPBACK_CHECK(XAUI_WS_FAR, XAUI_WS_FAR); + LOOPBACK_CHECK(XAUI_WS_NEAR, XAUI_WS_NEAR); + LOOPBACK_CHECK(GMII_WS, GMII_WS); + LOOPBACK_CHECK(XFI_WS, XFI_WS); + LOOPBACK_CHECK(XFI_WS_FAR, XFI_WS_FAR); + LOOPBACK_CHECK(PHYXS_WS, PHYXS_WS); + LOOPBACK_CHECK(PMA_INT, PMA_INT); + LOOPBACK_CHECK(SD_NEAR, SD_NEAR); + LOOPBACK_CHECK(SD_FAR, SD_FAR); + LOOPBACK_CHECK(PMA_INT_WS, PMA_INT_WS); + LOOPBACK_CHECK(SD_FEP2_WS, SD_FEP2_WS); + LOOPBACK_CHECK(SD_FEP1_5_WS, SD_FEP1_5_WS); + LOOPBACK_CHECK(SD_FEP_WS, SD_FEP_WS); + LOOPBACK_CHECK(SD_FES_WS, SD_FES_WS); + LOOPBACK_CHECK(AOE_INT_NEAR, AOE_INT_NEAR); + LOOPBACK_CHECK(DATA_WS, DATA_WS); + LOOPBACK_CHECK(FORCE_EXT_LINK, FORCE_EXT_LINK); +#undef LOOPBACK_CHECK /* Build bitmask of possible loopback types */ EFX_ZERO_QWORD(mask); @@ -734,18 +860,17 @@ efx_mcdi_get_loopback_modes( { efx_nic_cfg_t *encp = &(enp->en_nic_cfg); efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_GET_LOOPBACK_MODES_IN_LEN, - MC_CMD_GET_LOOPBACK_MODES_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_GET_LOOPBACK_MODES_IN_LEN, + MC_CMD_GET_LOOPBACK_MODES_OUT_V2_LEN); efx_qword_t mask; efx_qword_t modes; efx_rc_t rc; - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_GET_LOOPBACK_MODES; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_GET_LOOPBACK_MODES_IN_LEN; req.emr_out_buf = payload; - req.emr_out_length = MC_CMD_GET_LOOPBACK_MODES_OUT_LEN; + req.emr_out_length = MC_CMD_GET_LOOPBACK_MODES_OUT_V2_LEN; efx_mcdi_execute(enp, &req); @@ -786,18 +911,51 @@ efx_mcdi_get_loopback_modes( MC_CMD_GET_LOOPBACK_MODES_OUT_40G_OFST + MC_CMD_GET_LOOPBACK_MODES_OUT_40G_LEN) { /* Response includes 40G loopback modes */ - modes = - *MCDI_OUT2(req, efx_qword_t, GET_LOOPBACK_MODES_OUT_40G); + modes = *MCDI_OUT2(req, efx_qword_t, + GET_LOOPBACK_MODES_OUT_40G); EFX_AND_QWORD(modes, mask); encp->enc_loopback_types[EFX_LINK_40000FDX] = modes; } + if (req.emr_out_length_used >= + MC_CMD_GET_LOOPBACK_MODES_OUT_V2_25G_OFST + + MC_CMD_GET_LOOPBACK_MODES_OUT_V2_25G_LEN) { + /* Response includes 25G loopback modes */ + modes = *MCDI_OUT2(req, efx_qword_t, + GET_LOOPBACK_MODES_OUT_V2_25G); + EFX_AND_QWORD(modes, mask); + encp->enc_loopback_types[EFX_LINK_25000FDX] = modes; + } + + if (req.emr_out_length_used >= + MC_CMD_GET_LOOPBACK_MODES_OUT_V2_50G_OFST + + MC_CMD_GET_LOOPBACK_MODES_OUT_V2_50G_LEN) { + /* Response includes 50G loopback modes */ + modes = *MCDI_OUT2(req, efx_qword_t, + GET_LOOPBACK_MODES_OUT_V2_50G); + EFX_AND_QWORD(modes, mask); + encp->enc_loopback_types[EFX_LINK_50000FDX] = modes; + } + + if (req.emr_out_length_used >= + MC_CMD_GET_LOOPBACK_MODES_OUT_V2_100G_OFST + + MC_CMD_GET_LOOPBACK_MODES_OUT_V2_100G_LEN) { + /* Response includes 100G loopback modes */ + modes = *MCDI_OUT2(req, efx_qword_t, + GET_LOOPBACK_MODES_OUT_V2_100G); + EFX_AND_QWORD(modes, mask); + encp->enc_loopback_types[EFX_LINK_100000FDX] = modes; + } + EFX_ZERO_QWORD(modes); EFX_SET_QWORD_BIT(modes, EFX_LOOPBACK_OFF); EFX_OR_QWORD(modes, encp->enc_loopback_types[EFX_LINK_100FDX]); EFX_OR_QWORD(modes, encp->enc_loopback_types[EFX_LINK_1000FDX]); EFX_OR_QWORD(modes, encp->enc_loopback_types[EFX_LINK_10000FDX]); EFX_OR_QWORD(modes, encp->enc_loopback_types[EFX_LINK_40000FDX]); + EFX_OR_QWORD(modes, encp->enc_loopback_types[EFX_LINK_25000FDX]); + EFX_OR_QWORD(modes, encp->enc_loopback_types[EFX_LINK_50000FDX]); + EFX_OR_QWORD(modes, encp->enc_loopback_types[EFX_LINK_100000FDX]); encp->enc_loopback_types[EFX_LINK_UNKNOWN] = modes; return (0); @@ -859,6 +1017,82 @@ fail1: return (rc); } +#if EFSYS_OPT_FW_SUBVARIANT_AWARE + + __checkReturn efx_rc_t +efx_nic_get_fw_subvariant( + __in efx_nic_t *enp, + __out efx_nic_fw_subvariant_t *subvariantp) +{ + efx_rc_t rc; + uint32_t value; + + rc = efx_mcdi_get_nic_global(enp, + MC_CMD_SET_NIC_GLOBAL_IN_FIRMWARE_SUBVARIANT, &value); + if (rc != 0) + goto fail1; + + /* Mapping is not required since values match MCDI */ + EFX_STATIC_ASSERT(EFX_NIC_FW_SUBVARIANT_DEFAULT == + MC_CMD_SET_NIC_GLOBAL_IN_FW_SUBVARIANT_DEFAULT); + EFX_STATIC_ASSERT(EFX_NIC_FW_SUBVARIANT_NO_TX_CSUM == + MC_CMD_SET_NIC_GLOBAL_IN_FW_SUBVARIANT_NO_TX_CSUM); + + switch (value) { + case MC_CMD_SET_NIC_GLOBAL_IN_FW_SUBVARIANT_DEFAULT: + case MC_CMD_SET_NIC_GLOBAL_IN_FW_SUBVARIANT_NO_TX_CSUM: + *subvariantp = value; + break; + default: + rc = EINVAL; + goto fail2; + } + + return (0); + +fail2: + EFSYS_PROBE(fail2); + +fail1: + EFSYS_PROBE1(fail1, efx_rc_t, rc); + + return (rc); +} + + __checkReturn efx_rc_t +efx_nic_set_fw_subvariant( + __in efx_nic_t *enp, + __in efx_nic_fw_subvariant_t subvariant) +{ + efx_rc_t rc; + + switch (subvariant) { + case EFX_NIC_FW_SUBVARIANT_DEFAULT: + case EFX_NIC_FW_SUBVARIANT_NO_TX_CSUM: + /* Mapping is not required since values match MCDI */ + break; + default: + rc = EINVAL; + goto fail1; + } + + rc = efx_mcdi_set_nic_global(enp, + MC_CMD_SET_NIC_GLOBAL_IN_FIRMWARE_SUBVARIANT, subvariant); + if (rc != 0) + goto fail2; + + return (0); + +fail2: + EFSYS_PROBE(fail2); + +fail1: + EFSYS_PROBE1(fail1, efx_rc_t, rc); + + return (rc); +} + +#endif /* EFSYS_OPT_FW_SUBVARIANT_AWARE */ __checkReturn efx_rc_t efx_nic_check_pcie_link_speed( diff --git a/sys/dev/sfxge/common/efx_nvram.c b/sys/dev/sfxge/common/efx_nvram.c index 32fa49849a63..b0bb785fe9dd 100644 --- a/sys/dev/sfxge/common/efx_nvram.c +++ b/sys/dev/sfxge/common/efx_nvram.c @@ -59,7 +59,7 @@ static const efx_nvram_ops_t __efx_nvram_siena_ops = { #endif /* EFSYS_OPT_SIENA */ -#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD +#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 static const efx_nvram_ops_t __efx_nvram_ef10_ops = { #if EFSYS_OPT_DIAG @@ -78,7 +78,7 @@ static const efx_nvram_ops_t __efx_nvram_ef10_ops = { ef10_nvram_buffer_validate, /* envo_buffer_validate */ }; -#endif /* EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD */ +#endif /* EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 */ __checkReturn efx_rc_t efx_nvram_init( @@ -110,6 +110,12 @@ efx_nvram_init( break; #endif /* EFSYS_OPT_MEDFORD */ +#if EFSYS_OPT_MEDFORD2 + case EFX_FAMILY_MEDFORD2: + envop = &__efx_nvram_ef10_ops; + break; +#endif /* EFSYS_OPT_MEDFORD2 */ + default: EFSYS_ASSERT(0); rc = ENOTSUP; @@ -491,7 +497,7 @@ efx_nvram_validate( goto fail1; if (envop->envo_buffer_validate != NULL) { - if ((rc = envop->envo_buffer_validate(enp, partn, + if ((rc = envop->envo_buffer_validate(partn, partn_data, partn_size)) != 0) goto fail2; } @@ -537,12 +543,11 @@ efx_mcdi_nvram_partitions( __out unsigned int *npartnp) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_NVRAM_PARTITIONS_IN_LEN, - MC_CMD_NVRAM_PARTITIONS_OUT_LENMAX)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_NVRAM_PARTITIONS_IN_LEN, + MC_CMD_NVRAM_PARTITIONS_OUT_LENMAX); unsigned int npartn; efx_rc_t rc; - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_NVRAM_PARTITIONS; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_NVRAM_PARTITIONS_IN_LEN; @@ -600,11 +605,10 @@ efx_mcdi_nvram_metadata( __in size_t size) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_NVRAM_METADATA_IN_LEN, - MC_CMD_NVRAM_METADATA_OUT_LENMAX)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_NVRAM_METADATA_IN_LEN, + MC_CMD_NVRAM_METADATA_OUT_LENMAX); efx_rc_t rc; - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_NVRAM_METADATA; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_NVRAM_METADATA_IN_LEN; @@ -690,12 +694,11 @@ efx_mcdi_nvram_info( __out_opt uint32_t *erase_sizep, __out_opt uint32_t *write_sizep) { - uint8_t payload[MAX(MC_CMD_NVRAM_INFO_IN_LEN, - MC_CMD_NVRAM_INFO_V2_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_NVRAM_INFO_IN_LEN, + MC_CMD_NVRAM_INFO_V2_OUT_LEN); efx_mcdi_req_t req; efx_rc_t rc; - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_NVRAM_INFO; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_NVRAM_INFO_IN_LEN; @@ -751,12 +754,11 @@ efx_mcdi_nvram_update_start( __in efx_nic_t *enp, __in uint32_t partn) { - uint8_t payload[MAX(MC_CMD_NVRAM_UPDATE_START_V2_IN_LEN, - MC_CMD_NVRAM_UPDATE_START_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_NVRAM_UPDATE_START_V2_IN_LEN, + MC_CMD_NVRAM_UPDATE_START_OUT_LEN); efx_mcdi_req_t req; efx_rc_t rc; - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_NVRAM_UPDATE_START; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_NVRAM_UPDATE_START_V2_IN_LEN; @@ -793,8 +795,8 @@ efx_mcdi_nvram_read( __in uint32_t mode) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_NVRAM_READ_IN_V2_LEN, - MC_CMD_NVRAM_READ_OUT_LENMAX)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_NVRAM_READ_IN_V2_LEN, + MC_CMD_NVRAM_READ_OUT_LENMAX); efx_rc_t rc; if (size > MC_CMD_NVRAM_READ_OUT_LENMAX) { @@ -802,7 +804,6 @@ efx_mcdi_nvram_read( goto fail1; } - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_NVRAM_READ; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_NVRAM_READ_IN_V2_LEN; @@ -848,11 +849,10 @@ efx_mcdi_nvram_erase( __in size_t size) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_NVRAM_ERASE_IN_LEN, - MC_CMD_NVRAM_ERASE_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_NVRAM_ERASE_IN_LEN, + MC_CMD_NVRAM_ERASE_OUT_LEN); efx_rc_t rc; - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_NVRAM_ERASE; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_NVRAM_ERASE_IN_LEN; @@ -888,27 +888,31 @@ efx_mcdi_nvram_write( __in efx_nic_t *enp, __in uint32_t partn, __in uint32_t offset, - __out_bcount(size) caddr_t data, + __in_bcount(size) caddr_t data, __in size_t size) { efx_mcdi_req_t req; - uint8_t payload[MAX(MCDI_CTL_SDU_LEN_MAX_V1, - MCDI_CTL_SDU_LEN_MAX_V2)]; + uint8_t *payload; efx_rc_t rc; size_t max_data_size; + size_t payload_len = enp->en_nic_cfg.enc_mcdi_max_payload_length; - max_data_size = enp->en_nic_cfg.enc_mcdi_max_payload_length - - MC_CMD_NVRAM_WRITE_IN_LEN(0); - EFSYS_ASSERT3U(enp->en_nic_cfg.enc_mcdi_max_payload_length, >, 0); - EFSYS_ASSERT3U(max_data_size, <, - enp->en_nic_cfg.enc_mcdi_max_payload_length); + max_data_size = payload_len - MC_CMD_NVRAM_WRITE_IN_LEN(0); + EFSYS_ASSERT3U(payload_len, >, 0); + EFSYS_ASSERT3U(max_data_size, <, payload_len); if (size > max_data_size) { rc = EINVAL; goto fail1; } - (void) memset(payload, 0, sizeof (payload)); + EFSYS_KMEM_ALLOC(enp->en_esip, payload_len, payload); + if (payload == NULL) { + rc = ENOMEM; + goto fail2; + } + + (void) memset(payload, 0, payload_len); req.emr_cmd = MC_CMD_NVRAM_WRITE; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_NVRAM_WRITE_IN_LEN(size); @@ -926,11 +930,16 @@ efx_mcdi_nvram_write( if (req.emr_rc != 0) { rc = req.emr_rc; - goto fail2; + goto fail3; } + EFSYS_KMEM_FREE(enp->en_esip, payload_len, payload); + return (0); +fail3: + EFSYS_PROBE(fail3); + EFSYS_KMEM_FREE(enp->en_esip, payload_len, payload); fail2: EFSYS_PROBE(fail2); fail1: @@ -953,12 +962,11 @@ efx_mcdi_nvram_update_finish( { const efx_nic_cfg_t *encp = &enp->en_nic_cfg; efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_NVRAM_UPDATE_FINISH_V2_IN_LEN, - MC_CMD_NVRAM_UPDATE_FINISH_V2_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_NVRAM_UPDATE_FINISH_V2_IN_LEN, + MC_CMD_NVRAM_UPDATE_FINISH_V2_OUT_LEN); uint32_t verify_result = MC_CMD_NVRAM_VERIFY_RC_UNKNOWN; efx_rc_t rc; - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_NVRAM_UPDATE_FINISH; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_NVRAM_UPDATE_FINISH_V2_IN_LEN; @@ -1024,12 +1032,11 @@ efx_mcdi_nvram_test( __in uint32_t partn) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_NVRAM_TEST_IN_LEN, - MC_CMD_NVRAM_TEST_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_NVRAM_TEST_IN_LEN, + MC_CMD_NVRAM_TEST_OUT_LEN); int result; efx_rc_t rc; - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_NVRAM_TEST; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_NVRAM_TEST_IN_LEN; diff --git a/sys/dev/sfxge/common/efx_phy.c b/sys/dev/sfxge/common/efx_phy.c index 74f481a6002e..ad8608bf2c63 100644 --- a/sys/dev/sfxge/common/efx_phy.c +++ b/sys/dev/sfxge/common/efx_phy.c @@ -44,6 +44,7 @@ static const efx_phy_ops_t __efx_phy_siena_ops = { siena_phy_reconfigure, /* epo_reconfigure */ siena_phy_verify, /* epo_verify */ siena_phy_oui_get, /* epo_oui_get */ + NULL, /* epo_link_state_get */ #if EFSYS_OPT_PHY_STATS siena_phy_stats_update, /* epo_stats_update */ #endif /* EFSYS_OPT_PHY_STATS */ @@ -56,13 +57,14 @@ static const efx_phy_ops_t __efx_phy_siena_ops = { }; #endif /* EFSYS_OPT_SIENA */ -#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD +#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 static const efx_phy_ops_t __efx_phy_ef10_ops = { ef10_phy_power, /* epo_power */ NULL, /* epo_reset */ ef10_phy_reconfigure, /* epo_reconfigure */ ef10_phy_verify, /* epo_verify */ ef10_phy_oui_get, /* epo_oui_get */ + ef10_phy_link_state_get, /* epo_link_state_get */ #if EFSYS_OPT_PHY_STATS ef10_phy_stats_update, /* epo_stats_update */ #endif /* EFSYS_OPT_PHY_STATS */ @@ -73,7 +75,7 @@ static const efx_phy_ops_t __efx_phy_ef10_ops = { ef10_bist_stop, /* epo_bist_stop */ #endif /* EFSYS_OPT_BIST */ }; -#endif /* EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD */ +#endif /* EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 */ __checkReturn efx_rc_t efx_phy_probe( @@ -96,16 +98,25 @@ efx_phy_probe( epop = &__efx_phy_siena_ops; break; #endif /* EFSYS_OPT_SIENA */ + #if EFSYS_OPT_HUNTINGTON case EFX_FAMILY_HUNTINGTON: epop = &__efx_phy_ef10_ops; break; #endif /* EFSYS_OPT_HUNTINGTON */ + #if EFSYS_OPT_MEDFORD case EFX_FAMILY_MEDFORD: epop = &__efx_phy_ef10_ops; break; #endif /* EFSYS_OPT_MEDFORD */ + +#if EFSYS_OPT_MEDFORD2 + case EFX_FAMILY_MEDFORD2: + epop = &__efx_phy_ef10_ops; + break; +#endif /* EFSYS_OPT_MEDFORD2 */ + default: rc = ENOTSUP; goto fail1; @@ -205,6 +216,7 @@ efx_phy_adv_cap_get( break; default: EFSYS_ASSERT(B_FALSE); + *maskp = 0; break; } } @@ -305,8 +317,8 @@ efx_phy_media_type_get( efx_phy_module_get_info( __in efx_nic_t *enp, __in uint8_t dev_addr, - __in uint8_t offset, - __in uint8_t len, + __in size_t offset, + __in size_t len, __out_bcount(len) uint8_t *data) { efx_rc_t rc; @@ -314,7 +326,8 @@ efx_phy_module_get_info( EFSYS_ASSERT3U(enp->en_magic, ==, EFX_NIC_MAGIC); EFSYS_ASSERT(data != NULL); - if ((uint32_t)offset + len > 0xff) { + if ((offset > EFX_PHY_MEDIA_INFO_MAX_OFFSET) || + ((offset + len) > EFX_PHY_MEDIA_INFO_MAX_OFFSET)) { rc = EINVAL; goto fail1; } @@ -333,6 +346,57 @@ fail1: return (rc); } + __checkReturn efx_rc_t +efx_phy_fec_type_get( + __in efx_nic_t *enp, + __out efx_phy_fec_type_t *typep) +{ + efx_rc_t rc; + efx_phy_link_state_t epls; + + if ((rc = efx_phy_link_state_get(enp, &epls)) != 0) + goto fail1; + + *typep = epls.epls_fec; + + return (0); + +fail1: + EFSYS_PROBE1(fail1, efx_rc_t, rc); + + return (rc); +} + + __checkReturn efx_rc_t +efx_phy_link_state_get( + __in efx_nic_t *enp, + __out efx_phy_link_state_t *eplsp) +{ + efx_port_t *epp = &(enp->en_port); + const efx_phy_ops_t *epop = epp->ep_epop; + efx_rc_t rc; + + EFSYS_ASSERT3U(enp->en_magic, ==, EFX_NIC_MAGIC); + EFSYS_ASSERT3U(enp->en_mod_flags, &, EFX_MOD_PROBE); + + if (epop->epo_link_state_get == NULL) { + rc = ENOTSUP; + goto fail1; + } + + if ((rc = epop->epo_link_state_get(enp, eplsp)) != 0) + goto fail2; + + return (0); + +fail2: + EFSYS_PROBE(fail2); +fail1: + EFSYS_PROBE1(fail1, efx_rc_t, rc); + + return (rc); +} + #if EFSYS_OPT_PHY_STATS #if EFSYS_OPT_NAMES diff --git a/sys/dev/sfxge/common/efx_port.c b/sys/dev/sfxge/common/efx_port.c index b03e71308a6c..f3f21055a09c 100644 --- a/sys/dev/sfxge/common/efx_port.c +++ b/sys/dev/sfxge/common/efx_port.c @@ -66,7 +66,7 @@ efx_port_init( epp->ep_emop->emo_reconfigure(enp); /* Pick up current phy capababilities */ - efx_port_poll(enp, NULL); + (void) efx_port_poll(enp, NULL); /* * Turn on the PHY if available, otherwise reset it, and @@ -149,7 +149,7 @@ efx_port_loopback_set( EFSYS_ASSERT(link_mode < EFX_LINK_NMODES); if (EFX_TEST_QWORD_BIT(encp->enc_loopback_types[link_mode], - loopback_type) == 0) { + (int)loopback_type) == 0) { rc = ENOTSUP; goto fail1; } @@ -209,6 +209,9 @@ static const char * const __efx_loopback_type_name[] = { "SD_FEP1_5_WS", "SD_FEP_WS", "SD_FES_WS", + "AOE_INT_NEAR", + "DATA_WS", + "FORCE_EXT_LINK", }; __checkReturn const char * diff --git a/sys/dev/sfxge/common/efx_regs_ef10.h b/sys/dev/sfxge/common/efx_regs_ef10.h index 8cca83f2a5cc..753d33de70af 100644 --- a/sys/dev/sfxge/common/efx_regs_ef10.h +++ b/sys/dev/sfxge/common/efx_regs_ef10.h @@ -52,7 +52,7 @@ extern "C" { */ #define ER_DZ_BIU_HW_REV_ID_REG_OFST 0x00000000 -/* hunta0,medforda0=pcie_pf_bar2 */ +/* hunta0,medforda0,medford2a0=pf_dbell_bar */ #define ER_DZ_BIU_HW_REV_ID_REG_RESET 0xeb14face @@ -66,7 +66,7 @@ extern "C" { */ #define ER_DZ_BIU_MC_SFT_STATUS_REG_OFST 0x00000010 -/* hunta0,medforda0=pcie_pf_bar2 */ +/* hunta0,medforda0,medford2a0=pf_dbell_bar */ #define ER_DZ_BIU_MC_SFT_STATUS_REG_STEP 4 #define ER_DZ_BIU_MC_SFT_STATUS_REG_ROWS 8 #define ER_DZ_BIU_MC_SFT_STATUS_REG_RESET 0x1111face @@ -82,7 +82,7 @@ extern "C" { */ #define ER_DZ_BIU_INT_ISR_REG_OFST 0x00000090 -/* hunta0,medforda0=pcie_pf_bar2 */ +/* hunta0,medforda0,medford2a0=pf_dbell_bar */ #define ER_DZ_BIU_INT_ISR_REG_RESET 0x0 @@ -96,7 +96,7 @@ extern "C" { */ #define ER_DZ_MC_DB_LWRD_REG_OFST 0x00000200 -/* hunta0,medforda0=pcie_pf_bar2 */ +/* hunta0,medforda0,medford2a0=pf_dbell_bar */ #define ER_DZ_MC_DB_LWRD_REG_RESET 0x0 @@ -110,7 +110,7 @@ extern "C" { */ #define ER_DZ_MC_DB_HWRD_REG_OFST 0x00000204 -/* hunta0,medforda0=pcie_pf_bar2 */ +/* hunta0,medforda0,medford2a0=pf_dbell_bar */ #define ER_DZ_MC_DB_HWRD_REG_RESET 0x0 @@ -124,7 +124,7 @@ extern "C" { */ #define ER_DZ_EVQ_RPTR_REG_OFST 0x00000400 -/* hunta0,medforda0=pcie_pf_bar2 */ +/* hunta0,medforda0,medford2a0=pf_dbell_bar */ #define ER_DZ_EVQ_RPTR_REG_STEP 8192 #define ER_DZ_EVQ_RPTR_REG_ROWS 2048 #define ER_DZ_EVQ_RPTR_REG_RESET 0x0 @@ -137,17 +137,95 @@ extern "C" { /* + * EVQ_RPTR_REG_64K(32bit): + * + */ + +#define ER_FZ_EVQ_RPTR_REG_64K_OFST 0x00000400 +/* medford2a0=pf_dbell_bar */ +#define ER_FZ_EVQ_RPTR_REG_64K_STEP 65536 +#define ER_FZ_EVQ_RPTR_REG_64K_ROWS 2048 +#define ER_FZ_EVQ_RPTR_REG_64K_RESET 0x0 + + +#define ERF_FZ_EVQ_RPTR_VLD_LBN 15 +#define ERF_FZ_EVQ_RPTR_VLD_WIDTH 1 +#define ERF_FZ_EVQ_RPTR_LBN 0 +#define ERF_FZ_EVQ_RPTR_WIDTH 15 + + +/* + * EVQ_RPTR_REG_16K(32bit): + * + */ + +#define ER_FZ_EVQ_RPTR_REG_16K_OFST 0x00000400 +/* medford2a0=pf_dbell_bar */ +#define ER_FZ_EVQ_RPTR_REG_16K_STEP 16384 +#define ER_FZ_EVQ_RPTR_REG_16K_ROWS 2048 +#define ER_FZ_EVQ_RPTR_REG_16K_RESET 0x0 + + +/* defined as ERF_FZ_EVQ_RPTR_VLD_LBN 15; */ +/* defined as ERF_FZ_EVQ_RPTR_VLD_WIDTH 1 */ +/* defined as ERF_FZ_EVQ_RPTR_LBN 0; */ +/* defined as ERF_FZ_EVQ_RPTR_WIDTH 15 */ + + +/* + * EVQ_TMR_REG_64K(32bit): + * + */ + +#define ER_FZ_EVQ_TMR_REG_64K_OFST 0x00000420 +/* medford2a0=pf_dbell_bar */ +#define ER_FZ_EVQ_TMR_REG_64K_STEP 65536 +#define ER_FZ_EVQ_TMR_REG_64K_ROWS 2048 +#define ER_FZ_EVQ_TMR_REG_64K_RESET 0x0 + + +#define ERF_FZ_TC_TMR_REL_VAL_LBN 16 +#define ERF_FZ_TC_TMR_REL_VAL_WIDTH 14 +#define ERF_FZ_TC_TIMER_MODE_LBN 14 +#define ERF_FZ_TC_TIMER_MODE_WIDTH 2 +#define ERF_FZ_TC_TIMER_VAL_LBN 0 +#define ERF_FZ_TC_TIMER_VAL_WIDTH 14 + + +/* + * EVQ_TMR_REG_16K(32bit): + * + */ + +#define ER_FZ_EVQ_TMR_REG_16K_OFST 0x00000420 +/* medford2a0=pf_dbell_bar */ +#define ER_FZ_EVQ_TMR_REG_16K_STEP 16384 +#define ER_FZ_EVQ_TMR_REG_16K_ROWS 2048 +#define ER_FZ_EVQ_TMR_REG_16K_RESET 0x0 + + +/* defined as ERF_FZ_TC_TMR_REL_VAL_LBN 16; */ +/* defined as ERF_FZ_TC_TMR_REL_VAL_WIDTH 14 */ +/* defined as ERF_FZ_TC_TIMER_MODE_LBN 14; */ +/* defined as ERF_FZ_TC_TIMER_MODE_WIDTH 2 */ +/* defined as ERF_FZ_TC_TIMER_VAL_LBN 0; */ +/* defined as ERF_FZ_TC_TIMER_VAL_WIDTH 14 */ + + +/* * EVQ_TMR_REG(32bit): * */ #define ER_DZ_EVQ_TMR_REG_OFST 0x00000420 -/* hunta0,medforda0=pcie_pf_bar2 */ +/* hunta0,medforda0,medford2a0=pf_dbell_bar */ #define ER_DZ_EVQ_TMR_REG_STEP 8192 #define ER_DZ_EVQ_TMR_REG_ROWS 2048 #define ER_DZ_EVQ_TMR_REG_RESET 0x0 +/* defined as ERF_FZ_TC_TMR_REL_VAL_LBN 16; */ +/* defined as ERF_FZ_TC_TMR_REL_VAL_WIDTH 14 */ #define ERF_DZ_TC_TIMER_MODE_LBN 14 #define ERF_DZ_TC_TIMER_MODE_WIDTH 2 #define ERF_DZ_TC_TIMER_VAL_LBN 0 @@ -155,12 +233,28 @@ extern "C" { /* + * RX_DESC_UPD_REG_16K(32bit): + * + */ + +#define ER_FZ_RX_DESC_UPD_REG_16K_OFST 0x00000830 +/* medford2a0=pf_dbell_bar */ +#define ER_FZ_RX_DESC_UPD_REG_16K_STEP 16384 +#define ER_FZ_RX_DESC_UPD_REG_16K_ROWS 2048 +#define ER_FZ_RX_DESC_UPD_REG_16K_RESET 0x0 + + +#define ERF_FZ_RX_DESC_WPTR_LBN 0 +#define ERF_FZ_RX_DESC_WPTR_WIDTH 12 + + +/* * RX_DESC_UPD_REG(32bit): * */ #define ER_DZ_RX_DESC_UPD_REG_OFST 0x00000830 -/* hunta0,medforda0=pcie_pf_bar2 */ +/* hunta0,medforda0,medford2a0=pf_dbell_bar */ #define ER_DZ_RX_DESC_UPD_REG_STEP 8192 #define ER_DZ_RX_DESC_UPD_REG_ROWS 2048 #define ER_DZ_RX_DESC_UPD_REG_RESET 0x0 @@ -169,13 +263,74 @@ extern "C" { #define ERF_DZ_RX_DESC_WPTR_LBN 0 #define ERF_DZ_RX_DESC_WPTR_WIDTH 12 + +/* + * RX_DESC_UPD_REG_64K(32bit): + * + */ + +#define ER_FZ_RX_DESC_UPD_REG_64K_OFST 0x00000830 +/* medford2a0=pf_dbell_bar */ +#define ER_FZ_RX_DESC_UPD_REG_64K_STEP 65536 +#define ER_FZ_RX_DESC_UPD_REG_64K_ROWS 2048 +#define ER_FZ_RX_DESC_UPD_REG_64K_RESET 0x0 + + +/* defined as ERF_FZ_RX_DESC_WPTR_LBN 0; */ +/* defined as ERF_FZ_RX_DESC_WPTR_WIDTH 12 */ + + +/* + * TX_DESC_UPD_REG_64K(96bit): + * + */ + +#define ER_FZ_TX_DESC_UPD_REG_64K_OFST 0x00000a10 +/* medford2a0=pf_dbell_bar */ +#define ER_FZ_TX_DESC_UPD_REG_64K_STEP 65536 +#define ER_FZ_TX_DESC_UPD_REG_64K_ROWS 2048 +#define ER_FZ_TX_DESC_UPD_REG_64K_RESET 0x0 + + +#define ERF_FZ_RSVD_LBN 76 +#define ERF_FZ_RSVD_WIDTH 20 +#define ERF_FZ_TX_DESC_WPTR_LBN 64 +#define ERF_FZ_TX_DESC_WPTR_WIDTH 12 +#define ERF_FZ_TX_DESC_HWORD_LBN 32 +#define ERF_FZ_TX_DESC_HWORD_WIDTH 32 +#define ERF_FZ_TX_DESC_LWORD_LBN 0 +#define ERF_FZ_TX_DESC_LWORD_WIDTH 32 + + +/* + * TX_DESC_UPD_REG_16K(96bit): + * + */ + +#define ER_FZ_TX_DESC_UPD_REG_16K_OFST 0x00000a10 +/* medford2a0=pf_dbell_bar */ +#define ER_FZ_TX_DESC_UPD_REG_16K_STEP 16384 +#define ER_FZ_TX_DESC_UPD_REG_16K_ROWS 2048 +#define ER_FZ_TX_DESC_UPD_REG_16K_RESET 0x0 + + +/* defined as ERF_FZ_RSVD_LBN 76; */ +/* defined as ERF_FZ_RSVD_WIDTH 20 */ +/* defined as ERF_FZ_TX_DESC_WPTR_LBN 64; */ +/* defined as ERF_FZ_TX_DESC_WPTR_WIDTH 12 */ +/* defined as ERF_FZ_TX_DESC_HWORD_LBN 32; */ +/* defined as ERF_FZ_TX_DESC_HWORD_WIDTH 32 */ +/* defined as ERF_FZ_TX_DESC_LWORD_LBN 0; */ +/* defined as ERF_FZ_TX_DESC_LWORD_WIDTH 32 */ + + /* * TX_DESC_UPD_REG(96bit): * */ #define ER_DZ_TX_DESC_UPD_REG_OFST 0x00000a10 -/* hunta0,medforda0=pcie_pf_bar2 */ +/* hunta0,medforda0,medford2a0=pf_dbell_bar */ #define ER_DZ_TX_DESC_UPD_REG_STEP 8192 #define ER_DZ_TX_DESC_UPD_REG_ROWS 2048 #define ER_DZ_TX_DESC_UPD_REG_RESET 0x0 @@ -261,16 +416,24 @@ extern "C" { #define ESF_DZ_RX_EV_SOFT2_WIDTH 2 #define ESF_DZ_RX_DSC_PTR_LBITS_LBN 48 #define ESF_DZ_RX_DSC_PTR_LBITS_WIDTH 4 -#define ESF_DZ_RX_L4_CLASS_LBN 45 -#define ESF_DZ_RX_L4_CLASS_WIDTH 3 -#define ESE_DZ_L4_CLASS_RSVD7 7 -#define ESE_DZ_L4_CLASS_RSVD6 6 -#define ESE_DZ_L4_CLASS_RSVD5 5 -#define ESE_DZ_L4_CLASS_RSVD4 4 -#define ESE_DZ_L4_CLASS_RSVD3 3 -#define ESE_DZ_L4_CLASS_UDP 2 -#define ESE_DZ_L4_CLASS_TCP 1 -#define ESE_DZ_L4_CLASS_UNKNOWN 0 +#define ESF_DE_RX_L4_CLASS_LBN 45 +#define ESF_DE_RX_L4_CLASS_WIDTH 3 +#define ESE_DE_L4_CLASS_RSVD7 7 +#define ESE_DE_L4_CLASS_RSVD6 6 +#define ESE_DE_L4_CLASS_RSVD5 5 +#define ESE_DE_L4_CLASS_RSVD4 4 +#define ESE_DE_L4_CLASS_RSVD3 3 +#define ESE_DE_L4_CLASS_UDP 2 +#define ESE_DE_L4_CLASS_TCP 1 +#define ESE_DE_L4_CLASS_UNKNOWN 0 +#define ESF_FZ_RX_FASTPD_INDCTR_LBN 47 +#define ESF_FZ_RX_FASTPD_INDCTR_WIDTH 1 +#define ESF_FZ_RX_L4_CLASS_LBN 45 +#define ESF_FZ_RX_L4_CLASS_WIDTH 2 +#define ESE_FZ_L4_CLASS_RSVD3 3 +#define ESE_FZ_L4_CLASS_UDP 2 +#define ESE_FZ_L4_CLASS_TCP 1 +#define ESE_FZ_L4_CLASS_UNKNOWN 0 #define ESF_DZ_RX_L3_CLASS_LBN 42 #define ESF_DZ_RX_L3_CLASS_WIDTH 3 #define ESE_DZ_L3_CLASS_RSVD7 7 @@ -317,6 +480,8 @@ extern "C" { #define ESF_EZ_RX_ABORT_WIDTH 1 #define ESF_DZ_RX_ECC_ERR_LBN 29 #define ESF_DZ_RX_ECC_ERR_WIDTH 1 +#define ESF_DZ_RX_TRUNC_ERR_LBN 29 +#define ESF_DZ_RX_TRUNC_ERR_WIDTH 1 #define ESF_DZ_RX_CRC1_ERR_LBN 28 #define ESF_DZ_RX_CRC1_ERR_WIDTH 1 #define ESF_DZ_RX_CRC0_ERR_LBN 27 @@ -447,6 +612,8 @@ extern "C" { #define ESE_DZ_TX_OPTION_DESC_CRC_CSUM 0 #define ESF_DZ_TX_TSO_OPTION_TYPE_LBN 56 #define ESF_DZ_TX_TSO_OPTION_TYPE_WIDTH 4 +#define ESE_DZ_TX_TSO_OPTION_DESC_FATSO2B 3 +#define ESE_DZ_TX_TSO_OPTION_DESC_FATSO2A 2 #define ESE_DZ_TX_TSO_OPTION_DESC_ENCAP 1 #define ESE_DZ_TX_TSO_OPTION_DESC_NORMAL 0 #define ESF_DZ_TX_TSO_TCP_FLAGS_LBN 48 @@ -457,7 +624,7 @@ extern "C" { #define ESF_DZ_TX_TSO_TCP_SEQNO_WIDTH 32 -/* TX_TSO_FATSO2A_DESC */ +/* ES_TX_TSO_V2_DESC_A */ #define ESF_DZ_TX_DESC_IS_OPT_LBN 63 #define ESF_DZ_TX_DESC_IS_OPT_WIDTH 1 #define ESF_DZ_TX_OPTION_TYPE_LBN 60 @@ -477,7 +644,7 @@ extern "C" { #define ESF_DZ_TX_TSO_TCP_SEQNO_WIDTH 32 -/* TX_TSO_FATSO2B_DESC */ +/* ES_TX_TSO_V2_DESC_B */ #define ESF_DZ_TX_DESC_IS_OPT_LBN 63 #define ESF_DZ_TX_DESC_IS_OPT_WIDTH 1 #define ESF_DZ_TX_OPTION_TYPE_LBN 60 @@ -491,12 +658,10 @@ extern "C" { #define ESE_DZ_TX_TSO_OPTION_DESC_FATSO2A 2 #define ESE_DZ_TX_TSO_OPTION_DESC_ENCAP 1 #define ESE_DZ_TX_TSO_OPTION_DESC_NORMAL 0 -#define ESF_DZ_TX_TSO_OUTER_IP_ID_LBN 16 -#define ESF_DZ_TX_TSO_OUTER_IP_ID_WIDTH 16 #define ESF_DZ_TX_TSO_TCP_MSS_LBN 32 #define ESF_DZ_TX_TSO_TCP_MSS_WIDTH 16 -#define ESF_DZ_TX_TSO_INNER_PE_CSUM_LBN 0 -#define ESF_DZ_TX_TSO_INNER_PE_CSUM_WIDTH 16 +#define ESF_DZ_TX_TSO_OUTER_IPID_LBN 0 +#define ESF_DZ_TX_TSO_OUTER_IPID_WIDTH 16 /* ES_TX_VLAN_DESC */ @@ -561,6 +726,21 @@ extern "C" { #define ES_DZ_PS_RX_PREFIX_ORIG_LEN_LBN 48 #define ES_DZ_PS_RX_PREFIX_ORIG_LEN_WIDTH 16 +/* Equal stride super-buffer RX packet prefix (see SF-119419-TC) */ +#define ES_EZ_ESSB_RX_PREFIX_LEN 8 +#define ES_EZ_ESSB_RX_PREFIX_DATA_LEN_LBN 0 +#define ES_EZ_ESSB_RX_PREFIX_DATA_LEN_WIDTH 16 +#define ES_EZ_ESSB_RX_PREFIX_MARK_LBN 16 +#define ES_EZ_ESSB_RX_PREFIX_MARK_WIDTH 8 +#define ES_EZ_ESSB_RX_PREFIX_HASH_VALID_LBN 28 +#define ES_EZ_ESSB_RX_PREFIX_HASH_VALID_WIDTH 1 +#define ES_EZ_ESSB_RX_PREFIX_MARK_VALID_LBN 29 +#define ES_EZ_ESSB_RX_PREFIX_MARK_VALID_WIDTH 1 +#define ES_EZ_ESSB_RX_PREFIX_MATCH_FLAG_LBN 30 +#define ES_EZ_ESSB_RX_PREFIX_MATCH_FLAG_WIDTH 1 +#define ES_EZ_ESSB_RX_PREFIX_HASH_LBN 32 +#define ES_EZ_ESSB_RX_PREFIX_HASH_WIDTH 32 + /* * An extra flag for the packed stream mode, * signalling the start of a new buffer diff --git a/sys/dev/sfxge/common/efx_regs_mcdi.h b/sys/dev/sfxge/common/efx_regs_mcdi.h index 33134e6abb9c..8387fed682a8 100644 --- a/sys/dev/sfxge/common/efx_regs_mcdi.h +++ b/sys/dev/sfxge/common/efx_regs_mcdi.h @@ -301,7 +301,8 @@ #define MC_CMD_ERR_NO_PRIVILEGE 0x1013 /* Workaround 26807 could not be turned on/off because some functions * have already installed filters. See the comment at - * MC_CMD_WORKAROUND_BUG26807. */ + * MC_CMD_WORKAROUND_BUG26807. + * May also returned for other operations such as sub-variant switching. */ #define MC_CMD_ERR_FILTERS_PRESENT 0x1014 /* The clock whose frequency you've attempted to set set * doesn't exist on this NIC */ @@ -312,6 +313,18 @@ /* This command needs to be processed in the background but there were no * resources to do so. Send it again after a command has completed. */ #define MC_CMD_ERR_QUEUE_FULL 0x1017 +/* The operation could not be completed because the PCIe link has gone + * away. This error code is never expected to be returned over the TLP + * transport. */ +#define MC_CMD_ERR_NO_PCIE 0x1018 +/* The operation could not be completed because the datapath has gone + * away. This is distinct from MC_CMD_ERR_DATAPATH_DISABLED in that the + * datapath absence may be temporary*/ +#define MC_CMD_ERR_NO_DATAPATH 0x1019 +/* The operation could not complete because some VIs are allocated */ +#define MC_CMD_ERR_VIS_PRESENT 0x101a +/* The operation could not complete because some PIO buffers are allocated */ +#define MC_CMD_ERR_PIOBUFS_PRESENT 0x101b #define MC_CMD_ERR_CODE_OFST 0 @@ -332,10 +345,17 @@ #define SIENA_MC_BOOTROM_COPYCODE_VEC (0x800 - 3 * 0x4) #define HUNT_MC_BOOTROM_COPYCODE_VEC (0x8000 - 3 * 0x4) #define MEDFORD_MC_BOOTROM_COPYCODE_VEC (0x10000 - 3 * 0x4) -/* Points to the recovery mode entry point. */ +/* Points to the recovery mode entry point. Misnamed but kept for compatibility. */ #define SIENA_MC_BOOTROM_NOFLASH_VEC (0x800 - 2 * 0x4) #define HUNT_MC_BOOTROM_NOFLASH_VEC (0x8000 - 2 * 0x4) #define MEDFORD_MC_BOOTROM_NOFLASH_VEC (0x10000 - 2 * 0x4) +/* Points to the recovery mode entry point. Same as above, but the right name. */ +#define SIENA_MC_BOOTROM_RECOVERY_VEC (0x800 - 2 * 0x4) +#define HUNT_MC_BOOTROM_RECOVERY_VEC (0x8000 - 2 * 0x4) +#define MEDFORD_MC_BOOTROM_RECOVERY_VEC (0x10000 - 2 * 0x4) + +/* Points to noflash mode entry point. */ +#define MEDFORD_MC_BOOTROM_REAL_NOFLASH_VEC (0x10000 - 4 * 0x4) /* The command set exported by the boot ROM (MCDI v0) */ #define MC_CMD_GET_VERSION_V0_SUPPORTED_FUNCS { \ @@ -389,7 +409,7 @@ #define MCDI_EVENT_LEVEL_LBN 33 #define MCDI_EVENT_LEVEL_WIDTH 3 /* enum: Info. */ -#define MCDI_EVENT_LEVEL_INFO 0x0 +#define MCDI_EVENT_LEVEL_INFO 0x0 /* enum: Warning. */ #define MCDI_EVENT_LEVEL_WARN 0x1 /* enum: Error. */ @@ -397,6 +417,7 @@ /* enum: Fatal. */ #define MCDI_EVENT_LEVEL_FATAL 0x3 #define MCDI_EVENT_DATA_OFST 0 +#define MCDI_EVENT_DATA_LEN 4 #define MCDI_EVENT_CMDDONE_SEQ_LBN 0 #define MCDI_EVENT_CMDDONE_SEQ_WIDTH 8 #define MCDI_EVENT_CMDDONE_DATALEN_LBN 8 @@ -407,14 +428,22 @@ #define MCDI_EVENT_LINKCHANGE_LP_CAP_WIDTH 16 #define MCDI_EVENT_LINKCHANGE_SPEED_LBN 16 #define MCDI_EVENT_LINKCHANGE_SPEED_WIDTH 4 +/* enum: Link is down or link speed could not be determined */ +#define MCDI_EVENT_LINKCHANGE_SPEED_UNKNOWN 0x0 /* enum: 100Mbs */ -#define MCDI_EVENT_LINKCHANGE_SPEED_100M 0x1 +#define MCDI_EVENT_LINKCHANGE_SPEED_100M 0x1 /* enum: 1Gbs */ -#define MCDI_EVENT_LINKCHANGE_SPEED_1G 0x2 +#define MCDI_EVENT_LINKCHANGE_SPEED_1G 0x2 /* enum: 10Gbs */ -#define MCDI_EVENT_LINKCHANGE_SPEED_10G 0x3 +#define MCDI_EVENT_LINKCHANGE_SPEED_10G 0x3 /* enum: 40Gbs */ -#define MCDI_EVENT_LINKCHANGE_SPEED_40G 0x4 +#define MCDI_EVENT_LINKCHANGE_SPEED_40G 0x4 +/* enum: 25Gbs */ +#define MCDI_EVENT_LINKCHANGE_SPEED_25G 0x5 +/* enum: 50Gbs */ +#define MCDI_EVENT_LINKCHANGE_SPEED_50G 0x6 +/* enum: 100Gbs */ +#define MCDI_EVENT_LINKCHANGE_SPEED_100G 0x7 #define MCDI_EVENT_LINKCHANGE_FCNTL_LBN 20 #define MCDI_EVENT_LINKCHANGE_FCNTL_WIDTH 4 #define MCDI_EVENT_LINKCHANGE_LINK_FLAGS_LBN 24 @@ -503,8 +532,23 @@ #define MCDI_EVENT_AOE_INVALID_FPGA_FLASH_TYPE 0xf /* enum: Notify that the attempt to run FPGA Controller firmware timedout */ #define MCDI_EVENT_AOE_FC_RUN_TIMEDOUT 0x10 +/* enum: Failure to probe one or more FPGA boot flash chips */ +#define MCDI_EVENT_AOE_FPGA_BOOT_FLASH_INVALID 0x11 +/* enum: FPGA boot-flash contains an invalid image header */ +#define MCDI_EVENT_AOE_FPGA_BOOT_FLASH_HDR_INVALID 0x12 +/* enum: Failed to program clocks required by the FPGA */ +#define MCDI_EVENT_AOE_FPGA_CLOCKS_PROGRAM_FAILED 0x13 +/* enum: Notify that FPGA Controller is alive to serve MCDI requests */ +#define MCDI_EVENT_AOE_FC_RUNNING 0x14 #define MCDI_EVENT_AOE_ERR_DATA_LBN 8 #define MCDI_EVENT_AOE_ERR_DATA_WIDTH 8 +#define MCDI_EVENT_AOE_ERR_FC_ASSERT_INFO_LBN 8 +#define MCDI_EVENT_AOE_ERR_FC_ASSERT_INFO_WIDTH 8 +/* enum: FC Assert happened, but the register information is not available */ +#define MCDI_EVENT_AOE_ERR_FC_ASSERT_SEEN 0x0 +/* enum: The register information for FC Assert is ready for readinng by driver + */ +#define MCDI_EVENT_AOE_ERR_FC_ASSERT_DATA_READY 0x1 #define MCDI_EVENT_AOE_ERR_CODE_FPGA_HEADER_VERIFY_FAILED_LBN 8 #define MCDI_EVENT_AOE_ERR_CODE_FPGA_HEADER_VERIFY_FAILED_WIDTH 8 /* enum: Reading from NV failed */ @@ -557,6 +601,22 @@ #define MCDI_EVENT_MUM_WATCHDOG 0x3 #define MCDI_EVENT_MUM_ERR_DATA_LBN 8 #define MCDI_EVENT_MUM_ERR_DATA_WIDTH 8 +#define MCDI_EVENT_DBRET_SEQ_LBN 0 +#define MCDI_EVENT_DBRET_SEQ_WIDTH 8 +#define MCDI_EVENT_SUC_ERR_TYPE_LBN 0 +#define MCDI_EVENT_SUC_ERR_TYPE_WIDTH 8 +/* enum: Corrupted or bad SUC application. */ +#define MCDI_EVENT_SUC_BAD_APP 0x1 +/* enum: SUC application reported an assert. */ +#define MCDI_EVENT_SUC_ASSERT 0x2 +/* enum: SUC application reported an exception. */ +#define MCDI_EVENT_SUC_EXCEPTION 0x3 +/* enum: SUC watchdog timer expired. */ +#define MCDI_EVENT_SUC_WATCHDOG 0x4 +#define MCDI_EVENT_SUC_ERR_ADDRESS_LBN 8 +#define MCDI_EVENT_SUC_ERR_ADDRESS_WIDTH 24 +#define MCDI_EVENT_SUC_ERR_DATA_LBN 8 +#define MCDI_EVENT_SUC_ERR_DATA_WIDTH 24 #define MCDI_EVENT_DATA_LBN 0 #define MCDI_EVENT_DATA_WIDTH 32 #define MCDI_EVENT_SRC_LBN 36 @@ -590,23 +650,23 @@ /* enum: Transmit error */ #define MCDI_EVENT_CODE_TX_ERR 0xb /* enum: Tx flush has completed */ -#define MCDI_EVENT_CODE_TX_FLUSH 0xc +#define MCDI_EVENT_CODE_TX_FLUSH 0xc /* enum: PTP packet received timestamp */ -#define MCDI_EVENT_CODE_PTP_RX 0xd +#define MCDI_EVENT_CODE_PTP_RX 0xd /* enum: PTP NIC failure */ -#define MCDI_EVENT_CODE_PTP_FAULT 0xe +#define MCDI_EVENT_CODE_PTP_FAULT 0xe /* enum: PTP PPS event */ -#define MCDI_EVENT_CODE_PTP_PPS 0xf +#define MCDI_EVENT_CODE_PTP_PPS 0xf /* enum: Rx flush has completed */ -#define MCDI_EVENT_CODE_RX_FLUSH 0x10 +#define MCDI_EVENT_CODE_RX_FLUSH 0x10 /* enum: Receive error */ #define MCDI_EVENT_CODE_RX_ERR 0x11 /* enum: AOE fault */ -#define MCDI_EVENT_CODE_AOE 0x12 +#define MCDI_EVENT_CODE_AOE 0x12 /* enum: Network port calibration failed (VCAL). */ -#define MCDI_EVENT_CODE_VCAL_FAIL 0x13 +#define MCDI_EVENT_CODE_VCAL_FAIL 0x13 /* enum: HW PPS event */ -#define MCDI_EVENT_CODE_HW_PPS 0x14 +#define MCDI_EVENT_CODE_HW_PPS 0x14 /* enum: The MC has rebooted (huntington and later, siena uses CODE_REBOOT and * a different format) */ @@ -629,73 +689,99 @@ * been processed and it may now resend the command */ #define MCDI_EVENT_CODE_PROXY_RESPONSE 0x1d +/* enum: MCDI command accepted. New commands can be issued but this command is + * not done yet. + */ +#define MCDI_EVENT_CODE_DBRET 0x1e +/* enum: The MC has detected a fault on the SUC */ +#define MCDI_EVENT_CODE_SUC 0x1f /* enum: Artificial event generated by host and posted via MC for test * purposes. */ -#define MCDI_EVENT_CODE_TESTGEN 0xfa +#define MCDI_EVENT_CODE_TESTGEN 0xfa #define MCDI_EVENT_CMDDONE_DATA_OFST 0 +#define MCDI_EVENT_CMDDONE_DATA_LEN 4 #define MCDI_EVENT_CMDDONE_DATA_LBN 0 #define MCDI_EVENT_CMDDONE_DATA_WIDTH 32 #define MCDI_EVENT_LINKCHANGE_DATA_OFST 0 +#define MCDI_EVENT_LINKCHANGE_DATA_LEN 4 #define MCDI_EVENT_LINKCHANGE_DATA_LBN 0 #define MCDI_EVENT_LINKCHANGE_DATA_WIDTH 32 #define MCDI_EVENT_SENSOREVT_DATA_OFST 0 +#define MCDI_EVENT_SENSOREVT_DATA_LEN 4 #define MCDI_EVENT_SENSOREVT_DATA_LBN 0 #define MCDI_EVENT_SENSOREVT_DATA_WIDTH 32 #define MCDI_EVENT_MAC_STATS_DMA_GENERATION_OFST 0 +#define MCDI_EVENT_MAC_STATS_DMA_GENERATION_LEN 4 #define MCDI_EVENT_MAC_STATS_DMA_GENERATION_LBN 0 #define MCDI_EVENT_MAC_STATS_DMA_GENERATION_WIDTH 32 #define MCDI_EVENT_TX_ERR_DATA_OFST 0 +#define MCDI_EVENT_TX_ERR_DATA_LEN 4 #define MCDI_EVENT_TX_ERR_DATA_LBN 0 #define MCDI_EVENT_TX_ERR_DATA_WIDTH 32 /* For CODE_PTP_RX, CODE_PTP_PPS and CODE_HW_PPS events the seconds field of * timestamp */ #define MCDI_EVENT_PTP_SECONDS_OFST 0 +#define MCDI_EVENT_PTP_SECONDS_LEN 4 #define MCDI_EVENT_PTP_SECONDS_LBN 0 #define MCDI_EVENT_PTP_SECONDS_WIDTH 32 /* For CODE_PTP_RX, CODE_PTP_PPS and CODE_HW_PPS events the major field of * timestamp */ #define MCDI_EVENT_PTP_MAJOR_OFST 0 +#define MCDI_EVENT_PTP_MAJOR_LEN 4 #define MCDI_EVENT_PTP_MAJOR_LBN 0 #define MCDI_EVENT_PTP_MAJOR_WIDTH 32 /* For CODE_PTP_RX, CODE_PTP_PPS and CODE_HW_PPS events the nanoseconds field * of timestamp */ #define MCDI_EVENT_PTP_NANOSECONDS_OFST 0 +#define MCDI_EVENT_PTP_NANOSECONDS_LEN 4 #define MCDI_EVENT_PTP_NANOSECONDS_LBN 0 #define MCDI_EVENT_PTP_NANOSECONDS_WIDTH 32 /* For CODE_PTP_RX, CODE_PTP_PPS and CODE_HW_PPS events the minor field of * timestamp */ #define MCDI_EVENT_PTP_MINOR_OFST 0 +#define MCDI_EVENT_PTP_MINOR_LEN 4 #define MCDI_EVENT_PTP_MINOR_LBN 0 #define MCDI_EVENT_PTP_MINOR_WIDTH 32 /* For CODE_PTP_RX events, the lowest four bytes of sourceUUID from PTP packet */ #define MCDI_EVENT_PTP_UUID_OFST 0 +#define MCDI_EVENT_PTP_UUID_LEN 4 #define MCDI_EVENT_PTP_UUID_LBN 0 #define MCDI_EVENT_PTP_UUID_WIDTH 32 #define MCDI_EVENT_RX_ERR_DATA_OFST 0 +#define MCDI_EVENT_RX_ERR_DATA_LEN 4 #define MCDI_EVENT_RX_ERR_DATA_LBN 0 #define MCDI_EVENT_RX_ERR_DATA_WIDTH 32 #define MCDI_EVENT_PAR_ERR_DATA_OFST 0 +#define MCDI_EVENT_PAR_ERR_DATA_LEN 4 #define MCDI_EVENT_PAR_ERR_DATA_LBN 0 #define MCDI_EVENT_PAR_ERR_DATA_WIDTH 32 #define MCDI_EVENT_ECC_CORR_ERR_DATA_OFST 0 +#define MCDI_EVENT_ECC_CORR_ERR_DATA_LEN 4 #define MCDI_EVENT_ECC_CORR_ERR_DATA_LBN 0 #define MCDI_EVENT_ECC_CORR_ERR_DATA_WIDTH 32 #define MCDI_EVENT_ECC_FATAL_ERR_DATA_OFST 0 +#define MCDI_EVENT_ECC_FATAL_ERR_DATA_LEN 4 #define MCDI_EVENT_ECC_FATAL_ERR_DATA_LBN 0 #define MCDI_EVENT_ECC_FATAL_ERR_DATA_WIDTH 32 /* For CODE_PTP_TIME events, the major value of the PTP clock */ #define MCDI_EVENT_PTP_TIME_MAJOR_OFST 0 +#define MCDI_EVENT_PTP_TIME_MAJOR_LEN 4 #define MCDI_EVENT_PTP_TIME_MAJOR_LBN 0 #define MCDI_EVENT_PTP_TIME_MAJOR_WIDTH 32 /* For CODE_PTP_TIME events, bits 19-26 of the minor value of the PTP clock */ #define MCDI_EVENT_PTP_TIME_MINOR_26_19_LBN 36 #define MCDI_EVENT_PTP_TIME_MINOR_26_19_WIDTH 8 +/* For CODE_PTP_TIME events, most significant bits of the minor value of the + * PTP clock. This is a more generic equivalent of PTP_TIME_MINOR_26_19. + */ +#define MCDI_EVENT_PTP_TIME_MINOR_MS_8BITS_LBN 36 +#define MCDI_EVENT_PTP_TIME_MINOR_MS_8BITS_WIDTH 8 /* For CODE_PTP_TIME events where report sync status is enabled, indicates * whether the NIC clock has ever been set */ @@ -711,10 +797,17 @@ */ #define MCDI_EVENT_PTP_TIME_MINOR_26_21_LBN 38 #define MCDI_EVENT_PTP_TIME_MINOR_26_21_WIDTH 6 +/* For CODE_PTP_TIME events, most significant bits of the minor value of the + * PTP clock. This is a more generic equivalent of PTP_TIME_MINOR_26_21. + */ +#define MCDI_EVENT_PTP_TIME_MINOR_MS_6BITS_LBN 38 +#define MCDI_EVENT_PTP_TIME_MINOR_MS_6BITS_WIDTH 6 #define MCDI_EVENT_PROXY_REQUEST_BUFF_INDEX_OFST 0 +#define MCDI_EVENT_PROXY_REQUEST_BUFF_INDEX_LEN 4 #define MCDI_EVENT_PROXY_REQUEST_BUFF_INDEX_LBN 0 #define MCDI_EVENT_PROXY_REQUEST_BUFF_INDEX_WIDTH 32 #define MCDI_EVENT_PROXY_RESPONSE_HANDLE_OFST 0 +#define MCDI_EVENT_PROXY_RESPONSE_HANDLE_LEN 4 #define MCDI_EVENT_PROXY_RESPONSE_HANDLE_LBN 0 #define MCDI_EVENT_PROXY_RESPONSE_HANDLE_WIDTH 32 /* Zero means that the request has been completed or authorized, and the driver @@ -723,6 +816,10 @@ */ #define MCDI_EVENT_PROXY_RESPONSE_RC_LBN 36 #define MCDI_EVENT_PROXY_RESPONSE_RC_WIDTH 8 +#define MCDI_EVENT_DBRET_DATA_OFST 0 +#define MCDI_EVENT_DBRET_DATA_LEN 4 +#define MCDI_EVENT_DBRET_DATA_LBN 0 +#define MCDI_EVENT_DBRET_DATA_WIDTH 32 /* FCDI_EVENT structuredef */ #define FCDI_EVENT_LEN 8 @@ -731,7 +828,7 @@ #define FCDI_EVENT_LEVEL_LBN 33 #define FCDI_EVENT_LEVEL_WIDTH 3 /* enum: Info. */ -#define FCDI_EVENT_LEVEL_INFO 0x0 +#define FCDI_EVENT_LEVEL_INFO 0x0 /* enum: Warning. */ #define FCDI_EVENT_LEVEL_WARN 0x1 /* enum: Error. */ @@ -739,6 +836,7 @@ /* enum: Fatal. */ #define FCDI_EVENT_LEVEL_FATAL 0x3 #define FCDI_EVENT_DATA_OFST 0 +#define FCDI_EVENT_DATA_LEN 4 #define FCDI_EVENT_LINK_STATE_STATUS_LBN 0 #define FCDI_EVENT_LINK_STATE_STATUS_WIDTH 1 #define FCDI_EVENT_LINK_DOWN 0x0 /* enum */ @@ -778,6 +876,7 @@ #define FCDI_EVENT_REBOOT_FC_FW 0x0 /* enum */ #define FCDI_EVENT_REBOOT_FC_BOOTLOADER 0x1 /* enum */ #define FCDI_EVENT_ASSERT_INSTR_ADDRESS_OFST 0 +#define FCDI_EVENT_ASSERT_INSTR_ADDRESS_LEN 4 #define FCDI_EVENT_ASSERT_INSTR_ADDRESS_LBN 0 #define FCDI_EVENT_ASSERT_INSTR_ADDRESS_WIDTH 32 #define FCDI_EVENT_ASSERT_TYPE_LBN 36 @@ -785,12 +884,15 @@ #define FCDI_EVENT_DDR_TEST_RESULT_STATUS_CODE_LBN 36 #define FCDI_EVENT_DDR_TEST_RESULT_STATUS_CODE_WIDTH 8 #define FCDI_EVENT_DDR_TEST_RESULT_RESULT_OFST 0 +#define FCDI_EVENT_DDR_TEST_RESULT_RESULT_LEN 4 #define FCDI_EVENT_DDR_TEST_RESULT_RESULT_LBN 0 #define FCDI_EVENT_DDR_TEST_RESULT_RESULT_WIDTH 32 #define FCDI_EVENT_LINK_STATE_DATA_OFST 0 +#define FCDI_EVENT_LINK_STATE_DATA_LEN 4 #define FCDI_EVENT_LINK_STATE_DATA_LBN 0 #define FCDI_EVENT_LINK_STATE_DATA_WIDTH 32 #define FCDI_EVENT_PTP_STATE_OFST 0 +#define FCDI_EVENT_PTP_STATE_LEN 4 #define FCDI_EVENT_PTP_UNDEFINED 0x0 /* enum */ #define FCDI_EVENT_PTP_SETUP_FAILED 0x1 /* enum */ #define FCDI_EVENT_PTP_OPERATIONAL 0x2 /* enum */ @@ -799,6 +901,7 @@ #define FCDI_EVENT_DDR_ECC_STATUS_BANK_ID_LBN 36 #define FCDI_EVENT_DDR_ECC_STATUS_BANK_ID_WIDTH 8 #define FCDI_EVENT_DDR_ECC_STATUS_STATUS_OFST 0 +#define FCDI_EVENT_DDR_ECC_STATUS_STATUS_LEN 4 #define FCDI_EVENT_DDR_ECC_STATUS_STATUS_LBN 0 #define FCDI_EVENT_DDR_ECC_STATUS_STATUS_WIDTH 32 /* Index of MC port being referred to */ @@ -806,9 +909,11 @@ #define FCDI_EVENT_PORT_CONFIG_SRC_WIDTH 8 /* FC Port index that matches the MC port index in SRC */ #define FCDI_EVENT_PORT_CONFIG_DATA_OFST 0 +#define FCDI_EVENT_PORT_CONFIG_DATA_LEN 4 #define FCDI_EVENT_PORT_CONFIG_DATA_LBN 0 #define FCDI_EVENT_PORT_CONFIG_DATA_WIDTH 32 #define FCDI_EVENT_BOOT_RESULT_OFST 0 +#define FCDI_EVENT_BOOT_RESULT_LEN 4 /* Enum values, see field(s): */ /* MC_CMD_AOE/MC_CMD_AOE_OUT_INFO/FC_BOOT_RESULT */ #define FCDI_EVENT_BOOT_RESULT_LBN 0 @@ -825,14 +930,17 @@ #define FCDI_EXTENDED_EVENT_PPS_LEN(num) (8+8*(num)) /* Number of timestamps following */ #define FCDI_EXTENDED_EVENT_PPS_COUNT_OFST 0 +#define FCDI_EXTENDED_EVENT_PPS_COUNT_LEN 4 #define FCDI_EXTENDED_EVENT_PPS_COUNT_LBN 0 #define FCDI_EXTENDED_EVENT_PPS_COUNT_WIDTH 32 /* Seconds field of a timestamp record */ #define FCDI_EXTENDED_EVENT_PPS_SECONDS_OFST 8 +#define FCDI_EXTENDED_EVENT_PPS_SECONDS_LEN 4 #define FCDI_EXTENDED_EVENT_PPS_SECONDS_LBN 64 #define FCDI_EXTENDED_EVENT_PPS_SECONDS_WIDTH 32 /* Nanoseconds field of a timestamp record */ #define FCDI_EXTENDED_EVENT_PPS_NANOSECONDS_OFST 12 +#define FCDI_EXTENDED_EVENT_PPS_NANOSECONDS_LEN 4 #define FCDI_EXTENDED_EVENT_PPS_NANOSECONDS_LBN 96 #define FCDI_EXTENDED_EVENT_PPS_NANOSECONDS_WIDTH 32 /* Timestamp records comprising the event */ @@ -852,7 +960,7 @@ #define MUM_EVENT_LEVEL_LBN 33 #define MUM_EVENT_LEVEL_WIDTH 3 /* enum: Info. */ -#define MUM_EVENT_LEVEL_INFO 0x0 +#define MUM_EVENT_LEVEL_INFO 0x0 /* enum: Warning. */ #define MUM_EVENT_LEVEL_WARN 0x1 /* enum: Error. */ @@ -860,6 +968,7 @@ /* enum: Fatal. */ #define MUM_EVENT_LEVEL_FATAL 0x3 #define MUM_EVENT_DATA_OFST 0 +#define MUM_EVENT_DATA_LEN 4 #define MUM_EVENT_SENSOR_ID_LBN 0 #define MUM_EVENT_SENSOR_ID_WIDTH 8 /* Enum values, see field(s): */ @@ -897,18 +1006,23 @@ /* enum: Link fault has been asserted, or has cleared. */ #define MUM_EVENT_CODE_QSFP_LASI_INTERRUPT 0x4 #define MUM_EVENT_SENSOR_DATA_OFST 0 +#define MUM_EVENT_SENSOR_DATA_LEN 4 #define MUM_EVENT_SENSOR_DATA_LBN 0 #define MUM_EVENT_SENSOR_DATA_WIDTH 32 #define MUM_EVENT_PORT_PHY_FLAGS_OFST 0 +#define MUM_EVENT_PORT_PHY_FLAGS_LEN 4 #define MUM_EVENT_PORT_PHY_FLAGS_LBN 0 #define MUM_EVENT_PORT_PHY_FLAGS_WIDTH 32 #define MUM_EVENT_PORT_PHY_COPPER_LEN_OFST 0 +#define MUM_EVENT_PORT_PHY_COPPER_LEN_LEN 4 #define MUM_EVENT_PORT_PHY_COPPER_LEN_LBN 0 #define MUM_EVENT_PORT_PHY_COPPER_LEN_WIDTH 32 #define MUM_EVENT_PORT_PHY_CAPS_OFST 0 +#define MUM_EVENT_PORT_PHY_CAPS_LEN 4 #define MUM_EVENT_PORT_PHY_CAPS_LBN 0 #define MUM_EVENT_PORT_PHY_CAPS_WIDTH 32 #define MUM_EVENT_PORT_PHY_TECH_OFST 0 +#define MUM_EVENT_PORT_PHY_TECH_LEN 4 #define MUM_EVENT_PORT_PHY_STATE_QSFP_MODULE_TECH_UNKNOWN 0x0 /* enum */ #define MUM_EVENT_PORT_PHY_STATE_QSFP_MODULE_TECH_OPTICAL 0x1 /* enum */ #define MUM_EVENT_PORT_PHY_STATE_QSFP_MODULE_TECH_COPPER_PASSIVE 0x2 /* enum */ @@ -932,7 +1046,9 @@ /***********************************/ /* MC_CMD_READ32 - * Read multiple 32byte words from MC memory. + * Read multiple 32byte words from MC memory. Note - this command really + * belongs to INSECURE category but is required by shmboot. The command handler + * has additional checks to reject insecure calls. */ #define MC_CMD_READ32 0x1 #undef MC_CMD_0x1_PRIVILEGE_CTG @@ -942,7 +1058,9 @@ /* MC_CMD_READ32_IN msgrequest */ #define MC_CMD_READ32_IN_LEN 8 #define MC_CMD_READ32_IN_ADDR_OFST 0 +#define MC_CMD_READ32_IN_ADDR_LEN 4 #define MC_CMD_READ32_IN_NUMWORDS_OFST 4 +#define MC_CMD_READ32_IN_NUMWORDS_LEN 4 /* MC_CMD_READ32_OUT msgresponse */ #define MC_CMD_READ32_OUT_LENMIN 4 @@ -961,13 +1079,14 @@ #define MC_CMD_WRITE32 0x2 #undef MC_CMD_0x2_PRIVILEGE_CTG -#define MC_CMD_0x2_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0x2_PRIVILEGE_CTG SRIOV_CTG_INSECURE /* MC_CMD_WRITE32_IN msgrequest */ #define MC_CMD_WRITE32_IN_LENMIN 8 #define MC_CMD_WRITE32_IN_LENMAX 252 #define MC_CMD_WRITE32_IN_LEN(num) (4+4*(num)) #define MC_CMD_WRITE32_IN_ADDR_OFST 0 +#define MC_CMD_WRITE32_IN_ADDR_LEN 4 #define MC_CMD_WRITE32_IN_BUFFER_OFST 4 #define MC_CMD_WRITE32_IN_BUFFER_LEN 4 #define MC_CMD_WRITE32_IN_BUFFER_MINNUM 1 @@ -979,12 +1098,14 @@ /***********************************/ /* MC_CMD_COPYCODE - * Copy MC code between two locations and jump. + * Copy MC code between two locations and jump. Note - this command really + * belongs to INSECURE category but is required by shmboot. The command handler + * has additional checks to reject insecure calls. */ #define MC_CMD_COPYCODE 0x3 #undef MC_CMD_0x3_PRIVILEGE_CTG -#define MC_CMD_0x3_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0x3_PRIVILEGE_CTG SRIOV_CTG_ADMIN_TSA_UNBOUND /* MC_CMD_COPYCODE_IN msgrequest */ #define MC_CMD_COPYCODE_IN_LEN 16 @@ -995,6 +1116,7 @@ * is a bitfield, with each bit as documented below. */ #define MC_CMD_COPYCODE_IN_SRC_ADDR_OFST 0 +#define MC_CMD_COPYCODE_IN_SRC_ADDR_LEN 4 /* enum: Deprecated; equivalent to setting BOOT_MAGIC_PRESENT (see below) */ #define MC_CMD_COPYCODE_HUNT_NO_MAGIC_ADDR 0x10000 /* enum: Deprecated; equivalent to setting BOOT_MAGIC_PRESENT and @@ -1020,9 +1142,12 @@ #define MC_CMD_COPYCODE_IN_BOOT_MAGIC_DISABLE_XIP_WIDTH 1 /* Destination address */ #define MC_CMD_COPYCODE_IN_DEST_ADDR_OFST 4 +#define MC_CMD_COPYCODE_IN_DEST_ADDR_LEN 4 #define MC_CMD_COPYCODE_IN_NUMWORDS_OFST 8 +#define MC_CMD_COPYCODE_IN_NUMWORDS_LEN 4 /* Address of where to jump after copy. */ #define MC_CMD_COPYCODE_IN_JUMP_OFST 12 +#define MC_CMD_COPYCODE_IN_JUMP_LEN 4 /* enum: Control should return to the caller rather than jumping */ #define MC_CMD_COPYCODE_JUMP_NONE 0x1 @@ -1037,12 +1162,13 @@ #define MC_CMD_SET_FUNC 0x4 #undef MC_CMD_0x4_PRIVILEGE_CTG -#define MC_CMD_0x4_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0x4_PRIVILEGE_CTG SRIOV_CTG_INSECURE /* MC_CMD_SET_FUNC_IN msgrequest */ #define MC_CMD_SET_FUNC_IN_LEN 4 /* Set function */ #define MC_CMD_SET_FUNC_IN_FUNC_OFST 0 +#define MC_CMD_SET_FUNC_IN_FUNC_LEN 4 /* MC_CMD_SET_FUNC_OUT msgresponse */ #define MC_CMD_SET_FUNC_OUT_LEN 0 @@ -1055,7 +1181,7 @@ #define MC_CMD_GET_BOOT_STATUS 0x5 #undef MC_CMD_0x5_PRIVILEGE_CTG -#define MC_CMD_0x5_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0x5_PRIVILEGE_CTG SRIOV_CTG_GENERAL /* MC_CMD_GET_BOOT_STATUS_IN msgrequest */ #define MC_CMD_GET_BOOT_STATUS_IN_LEN 0 @@ -1064,9 +1190,11 @@ #define MC_CMD_GET_BOOT_STATUS_OUT_LEN 8 /* ?? */ #define MC_CMD_GET_BOOT_STATUS_OUT_BOOT_OFFSET_OFST 0 +#define MC_CMD_GET_BOOT_STATUS_OUT_BOOT_OFFSET_LEN 4 /* enum: indicates that the MC wasn't flash booted */ -#define MC_CMD_GET_BOOT_STATUS_OUT_BOOT_OFFSET_NULL 0xdeadbeef +#define MC_CMD_GET_BOOT_STATUS_OUT_BOOT_OFFSET_NULL 0xdeadbeef #define MC_CMD_GET_BOOT_STATUS_OUT_FLAGS_OFST 4 +#define MC_CMD_GET_BOOT_STATUS_OUT_FLAGS_LEN 4 #define MC_CMD_GET_BOOT_STATUS_OUT_FLAGS_WATCHDOG_LBN 0 #define MC_CMD_GET_BOOT_STATUS_OUT_FLAGS_WATCHDOG_WIDTH 1 #define MC_CMD_GET_BOOT_STATUS_OUT_FLAGS_PRIMARY_LBN 1 @@ -1090,11 +1218,13 @@ #define MC_CMD_GET_ASSERTS_IN_LEN 4 /* Set to clear assertion */ #define MC_CMD_GET_ASSERTS_IN_CLEAR_OFST 0 +#define MC_CMD_GET_ASSERTS_IN_CLEAR_LEN 4 /* MC_CMD_GET_ASSERTS_OUT msgresponse */ #define MC_CMD_GET_ASSERTS_OUT_LEN 140 /* Assertion status flag. */ #define MC_CMD_GET_ASSERTS_OUT_GLOBAL_FLAGS_OFST 0 +#define MC_CMD_GET_ASSERTS_OUT_GLOBAL_FLAGS_LEN 4 /* enum: No assertions have failed. */ #define MC_CMD_GET_ASSERTS_FLAGS_NO_FAILS 0x1 /* enum: A system-level assertion has failed. */ @@ -1107,6 +1237,7 @@ #define MC_CMD_GET_ASSERTS_FLAGS_ADDR_TRAP 0x5 /* Failing PC value */ #define MC_CMD_GET_ASSERTS_OUT_SAVED_PC_OFFS_OFST 4 +#define MC_CMD_GET_ASSERTS_OUT_SAVED_PC_OFFS_LEN 4 /* Saved GP regs */ #define MC_CMD_GET_ASSERTS_OUT_GP_REGS_OFFS_OFST 8 #define MC_CMD_GET_ASSERTS_OUT_GP_REGS_OFFS_LEN 4 @@ -1117,7 +1248,9 @@ #define MC_CMD_GET_ASSERTS_REG_NO_DATA 0xda7a1057 /* Failing thread address */ #define MC_CMD_GET_ASSERTS_OUT_THREAD_OFFS_OFST 132 +#define MC_CMD_GET_ASSERTS_OUT_THREAD_OFFS_LEN 4 #define MC_CMD_GET_ASSERTS_OUT_RESERVED_OFST 136 +#define MC_CMD_GET_ASSERTS_OUT_RESERVED_LEN 4 /***********************************/ @@ -1134,12 +1267,14 @@ #define MC_CMD_LOG_CTRL_IN_LEN 8 /* Log destination */ #define MC_CMD_LOG_CTRL_IN_LOG_DEST_OFST 0 +#define MC_CMD_LOG_CTRL_IN_LOG_DEST_LEN 4 /* enum: UART. */ #define MC_CMD_LOG_CTRL_IN_LOG_DEST_UART 0x1 /* enum: Event queue. */ #define MC_CMD_LOG_CTRL_IN_LOG_DEST_EVQ 0x2 /* Legacy argument. Must be zero. */ #define MC_CMD_LOG_CTRL_IN_LOG_DEST_EVQ_OFST 4 +#define MC_CMD_LOG_CTRL_IN_LOG_DEST_EVQ_LEN 4 /* MC_CMD_LOG_CTRL_OUT msgresponse */ #define MC_CMD_LOG_CTRL_OUT_LEN 0 @@ -1161,23 +1296,29 @@ #define MC_CMD_GET_VERSION_EXT_IN_LEN 4 /* placeholder, set to 0 */ #define MC_CMD_GET_VERSION_EXT_IN_EXT_FLAGS_OFST 0 +#define MC_CMD_GET_VERSION_EXT_IN_EXT_FLAGS_LEN 4 /* MC_CMD_GET_VERSION_V0_OUT msgresponse: deprecated version format */ #define MC_CMD_GET_VERSION_V0_OUT_LEN 4 #define MC_CMD_GET_VERSION_OUT_FIRMWARE_OFST 0 +#define MC_CMD_GET_VERSION_OUT_FIRMWARE_LEN 4 /* enum: Reserved version number to indicate "any" version. */ #define MC_CMD_GET_VERSION_OUT_FIRMWARE_ANY 0xffffffff /* enum: Bootrom version value for Siena. */ #define MC_CMD_GET_VERSION_OUT_FIRMWARE_SIENA_BOOTROM 0xb0070000 /* enum: Bootrom version value for Huntington. */ #define MC_CMD_GET_VERSION_OUT_FIRMWARE_HUNT_BOOTROM 0xb0070001 +/* enum: Bootrom version value for Medford2. */ +#define MC_CMD_GET_VERSION_OUT_FIRMWARE_MEDFORD2_BOOTROM 0xb0070002 /* MC_CMD_GET_VERSION_OUT msgresponse */ #define MC_CMD_GET_VERSION_OUT_LEN 32 /* MC_CMD_GET_VERSION_OUT_FIRMWARE_OFST 0 */ +/* MC_CMD_GET_VERSION_OUT_FIRMWARE_LEN 4 */ /* Enum values, see field(s): */ /* MC_CMD_GET_VERSION_V0_OUT/MC_CMD_GET_VERSION_OUT_FIRMWARE */ #define MC_CMD_GET_VERSION_OUT_PCOL_OFST 4 +#define MC_CMD_GET_VERSION_OUT_PCOL_LEN 4 /* 128bit mask of functions supported by the current firmware */ #define MC_CMD_GET_VERSION_OUT_SUPPORTED_FUNCS_OFST 8 #define MC_CMD_GET_VERSION_OUT_SUPPORTED_FUNCS_LEN 16 @@ -1189,9 +1330,11 @@ /* MC_CMD_GET_VERSION_EXT_OUT msgresponse */ #define MC_CMD_GET_VERSION_EXT_OUT_LEN 48 /* MC_CMD_GET_VERSION_OUT_FIRMWARE_OFST 0 */ +/* MC_CMD_GET_VERSION_OUT_FIRMWARE_LEN 4 */ /* Enum values, see field(s): */ /* MC_CMD_GET_VERSION_V0_OUT/MC_CMD_GET_VERSION_OUT_FIRMWARE */ #define MC_CMD_GET_VERSION_EXT_OUT_PCOL_OFST 4 +#define MC_CMD_GET_VERSION_EXT_OUT_PCOL_LEN 4 /* 128bit mask of functions supported by the current firmware */ #define MC_CMD_GET_VERSION_EXT_OUT_SUPPORTED_FUNCS_OFST 8 #define MC_CMD_GET_VERSION_EXT_OUT_SUPPORTED_FUNCS_LEN 16 @@ -1205,2421 +1348,6 @@ /***********************************/ -/* MC_CMD_FC - * Perform an FC operation - */ -#define MC_CMD_FC 0x9 - -/* MC_CMD_FC_IN msgrequest */ -#define MC_CMD_FC_IN_LEN 4 -#define MC_CMD_FC_IN_OP_HDR_OFST 0 -#define MC_CMD_FC_IN_OP_LBN 0 -#define MC_CMD_FC_IN_OP_WIDTH 8 -/* enum: NULL MCDI command to FC. */ -#define MC_CMD_FC_OP_NULL 0x1 -/* enum: Unused opcode */ -#define MC_CMD_FC_OP_UNUSED 0x2 -/* enum: MAC driver commands */ -#define MC_CMD_FC_OP_MAC 0x3 -/* enum: Read FC memory */ -#define MC_CMD_FC_OP_READ32 0x4 -/* enum: Write to FC memory */ -#define MC_CMD_FC_OP_WRITE32 0x5 -/* enum: Read FC memory */ -#define MC_CMD_FC_OP_TRC_READ 0x6 -/* enum: Write to FC memory */ -#define MC_CMD_FC_OP_TRC_WRITE 0x7 -/* enum: FC firmware Version */ -#define MC_CMD_FC_OP_GET_VERSION 0x8 -/* enum: Read FC memory */ -#define MC_CMD_FC_OP_TRC_RX_READ 0x9 -/* enum: Write to FC memory */ -#define MC_CMD_FC_OP_TRC_RX_WRITE 0xa -/* enum: SFP parameters */ -#define MC_CMD_FC_OP_SFP 0xb -/* enum: DDR3 test */ -#define MC_CMD_FC_OP_DDR_TEST 0xc -/* enum: Get Crash context from FC */ -#define MC_CMD_FC_OP_GET_ASSERT 0xd -/* enum: Get FPGA Build registers */ -#define MC_CMD_FC_OP_FPGA_BUILD 0xe -/* enum: Read map support commands */ -#define MC_CMD_FC_OP_READ_MAP 0xf -/* enum: FC Capabilities */ -#define MC_CMD_FC_OP_CAPABILITIES 0x10 -/* enum: FC Global flags */ -#define MC_CMD_FC_OP_GLOBAL_FLAGS 0x11 -/* enum: FC IO using relative addressing modes */ -#define MC_CMD_FC_OP_IO_REL 0x12 -/* enum: FPGA link information */ -#define MC_CMD_FC_OP_UHLINK 0x13 -/* enum: Configure loopbacks and link on FPGA ports */ -#define MC_CMD_FC_OP_SET_LINK 0x14 -/* enum: Licensing operations relating to AOE */ -#define MC_CMD_FC_OP_LICENSE 0x15 -/* enum: Startup information to the FC */ -#define MC_CMD_FC_OP_STARTUP 0x16 -/* enum: Configure a DMA read */ -#define MC_CMD_FC_OP_DMA 0x17 -/* enum: Configure a timed read */ -#define MC_CMD_FC_OP_TIMED_READ 0x18 -/* enum: Control UART logging */ -#define MC_CMD_FC_OP_LOG 0x19 -/* enum: Get the value of a given clock_id */ -#define MC_CMD_FC_OP_CLOCK 0x1a -/* enum: DDR3/QDR3 parameters */ -#define MC_CMD_FC_OP_DDR 0x1b -/* enum: PTP and timestamp control */ -#define MC_CMD_FC_OP_TIMESTAMP 0x1c -/* enum: Commands for SPI Flash interface */ -#define MC_CMD_FC_OP_SPI 0x1d -/* enum: Commands for diagnostic components */ -#define MC_CMD_FC_OP_DIAG 0x1e -/* enum: External AOE port. */ -#define MC_CMD_FC_IN_PORT_EXT_OFST 0x0 -/* enum: Internal AOE port. */ -#define MC_CMD_FC_IN_PORT_INT_OFST 0x40 - -/* MC_CMD_FC_IN_NULL msgrequest */ -#define MC_CMD_FC_IN_NULL_LEN 4 -#define MC_CMD_FC_IN_CMD_OFST 0 - -/* MC_CMD_FC_IN_PHY msgrequest */ -#define MC_CMD_FC_IN_PHY_LEN 5 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -/* FC PHY driver operation code */ -#define MC_CMD_FC_IN_PHY_OP_OFST 4 -#define MC_CMD_FC_IN_PHY_OP_LEN 1 -/* enum: PHY init handler */ -#define MC_CMD_FC_OP_PHY_OP_INIT 0x1 -/* enum: PHY reconfigure handler */ -#define MC_CMD_FC_OP_PHY_OP_RECONFIGURE 0x2 -/* enum: PHY reboot handler */ -#define MC_CMD_FC_OP_PHY_OP_REBOOT 0x3 -/* enum: PHY get_supported_cap handler */ -#define MC_CMD_FC_OP_PHY_OP_GET_SUPPORTED_CAP 0x4 -/* enum: PHY get_config handler */ -#define MC_CMD_FC_OP_PHY_OP_GET_CONFIG 0x5 -/* enum: PHY get_media_info handler */ -#define MC_CMD_FC_OP_PHY_OP_GET_MEDIA_INFO 0x6 -/* enum: PHY set_led handler */ -#define MC_CMD_FC_OP_PHY_OP_SET_LED 0x7 -/* enum: PHY lasi_interrupt handler */ -#define MC_CMD_FC_OP_PHY_OP_LASI_INTERRUPT 0x8 -/* enum: PHY check_link handler */ -#define MC_CMD_FC_OP_PHY_OP_CHECK_LINK 0x9 -/* enum: PHY fill_stats handler */ -#define MC_CMD_FC_OP_PHY_OP_FILL_STATS 0xa -/* enum: PHY bpx_link_state_changed handler */ -#define MC_CMD_FC_OP_PHY_OP_BPX_LINK_STATE_CHANGED 0xb -/* enum: PHY get_state handler */ -#define MC_CMD_FC_OP_PHY_OP_GET_STATE 0xc -/* enum: PHY start_bist handler */ -#define MC_CMD_FC_OP_PHY_OP_START_BIST 0xd -/* enum: PHY poll_bist handler */ -#define MC_CMD_FC_OP_PHY_OP_POLL_BIST 0xe -/* enum: PHY nvram_test handler */ -#define MC_CMD_FC_OP_PHY_OP_NVRAM_TEST 0xf -/* enum: PHY relinquish handler */ -#define MC_CMD_FC_OP_PHY_OP_RELINQUISH_SPI 0x10 -/* enum: PHY read connection from FC - may be not required */ -#define MC_CMD_FC_OP_PHY_OP_GET_CONNECTION 0x11 -/* enum: PHY read flags from FC - may be not required */ -#define MC_CMD_FC_OP_PHY_OP_GET_FLAGS 0x12 - -/* MC_CMD_FC_IN_PHY_INIT msgrequest */ -#define MC_CMD_FC_IN_PHY_INIT_LEN 4 -#define MC_CMD_FC_IN_PHY_CMD_OFST 0 - -/* MC_CMD_FC_IN_MAC msgrequest */ -#define MC_CMD_FC_IN_MAC_LEN 8 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -#define MC_CMD_FC_IN_MAC_HEADER_OFST 4 -#define MC_CMD_FC_IN_MAC_OP_LBN 0 -#define MC_CMD_FC_IN_MAC_OP_WIDTH 8 -/* enum: MAC reconfigure handler */ -#define MC_CMD_FC_OP_MAC_OP_RECONFIGURE 0x1 -/* enum: MAC Set command - same as MC_CMD_SET_MAC */ -#define MC_CMD_FC_OP_MAC_OP_SET_LINK 0x2 -/* enum: MAC statistics */ -#define MC_CMD_FC_OP_MAC_OP_GET_STATS 0x3 -/* enum: MAC RX statistics */ -#define MC_CMD_FC_OP_MAC_OP_GET_RX_STATS 0x6 -/* enum: MAC TX statistics */ -#define MC_CMD_FC_OP_MAC_OP_GET_TX_STATS 0x7 -/* enum: MAC Read status */ -#define MC_CMD_FC_OP_MAC_OP_READ_STATUS 0x8 -#define MC_CMD_FC_IN_MAC_PORT_TYPE_LBN 8 -#define MC_CMD_FC_IN_MAC_PORT_TYPE_WIDTH 8 -/* enum: External FPGA port. */ -#define MC_CMD_FC_PORT_EXT 0x0 -/* enum: Internal Siena-facing FPGA ports. */ -#define MC_CMD_FC_PORT_INT 0x1 -#define MC_CMD_FC_IN_MAC_PORT_IDX_LBN 16 -#define MC_CMD_FC_IN_MAC_PORT_IDX_WIDTH 8 -#define MC_CMD_FC_IN_MAC_CMD_FORMAT_LBN 24 -#define MC_CMD_FC_IN_MAC_CMD_FORMAT_WIDTH 8 -/* enum: Default FC command format; the fields PORT_TYPE and PORT_IDX are - * irrelevant. Port number is derived from pci_fn; passed in FC header. - */ -#define MC_CMD_FC_OP_MAC_CMD_FORMAT_DEFAULT 0x0 -/* enum: Override default port number. Port number determined by fields - * PORT_TYPE and PORT_IDX. - */ -#define MC_CMD_FC_OP_MAC_CMD_FORMAT_PORT_OVERRIDE 0x1 - -/* MC_CMD_FC_IN_MAC_RECONFIGURE msgrequest */ -#define MC_CMD_FC_IN_MAC_RECONFIGURE_LEN 8 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -/* MC_CMD_FC_IN_MAC_HEADER_OFST 4 */ - -/* MC_CMD_FC_IN_MAC_SET_LINK msgrequest */ -#define MC_CMD_FC_IN_MAC_SET_LINK_LEN 32 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -/* MC_CMD_FC_IN_MAC_HEADER_OFST 4 */ -/* MTU size */ -#define MC_CMD_FC_IN_MAC_SET_LINK_MTU_OFST 8 -/* Drain Tx FIFO */ -#define MC_CMD_FC_IN_MAC_SET_LINK_DRAIN_OFST 12 -#define MC_CMD_FC_IN_MAC_SET_LINK_ADDR_OFST 16 -#define MC_CMD_FC_IN_MAC_SET_LINK_ADDR_LEN 8 -#define MC_CMD_FC_IN_MAC_SET_LINK_ADDR_LO_OFST 16 -#define MC_CMD_FC_IN_MAC_SET_LINK_ADDR_HI_OFST 20 -#define MC_CMD_FC_IN_MAC_SET_LINK_REJECT_OFST 24 -#define MC_CMD_FC_IN_MAC_SET_LINK_REJECT_UNICAST_LBN 0 -#define MC_CMD_FC_IN_MAC_SET_LINK_REJECT_UNICAST_WIDTH 1 -#define MC_CMD_FC_IN_MAC_SET_LINK_REJECT_BRDCAST_LBN 1 -#define MC_CMD_FC_IN_MAC_SET_LINK_REJECT_BRDCAST_WIDTH 1 -#define MC_CMD_FC_IN_MAC_SET_LINK_FCNTL_OFST 28 - -/* MC_CMD_FC_IN_MAC_READ_STATUS msgrequest */ -#define MC_CMD_FC_IN_MAC_READ_STATUS_LEN 8 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -/* MC_CMD_FC_IN_MAC_HEADER_OFST 4 */ - -/* MC_CMD_FC_IN_MAC_GET_RX_STATS msgrequest */ -#define MC_CMD_FC_IN_MAC_GET_RX_STATS_LEN 8 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -/* MC_CMD_FC_IN_MAC_HEADER_OFST 4 */ - -/* MC_CMD_FC_IN_MAC_GET_TX_STATS msgrequest */ -#define MC_CMD_FC_IN_MAC_GET_TX_STATS_LEN 8 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -/* MC_CMD_FC_IN_MAC_HEADER_OFST 4 */ - -/* MC_CMD_FC_IN_MAC_GET_STATS msgrequest */ -#define MC_CMD_FC_IN_MAC_GET_STATS_LEN 20 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -/* MC_CMD_FC_IN_MAC_HEADER_OFST 4 */ -/* MC Statistics index */ -#define MC_CMD_FC_IN_MAC_GET_STATS_STATS_INDEX_OFST 8 -#define MC_CMD_FC_IN_MAC_GET_STATS_FLAGS_OFST 12 -#define MC_CMD_FC_IN_MAC_GET_STATS_CLEAR_ALL_LBN 0 -#define MC_CMD_FC_IN_MAC_GET_STATS_CLEAR_ALL_WIDTH 1 -#define MC_CMD_FC_IN_MAC_GET_STATS_CLEAR_LBN 1 -#define MC_CMD_FC_IN_MAC_GET_STATS_CLEAR_WIDTH 1 -#define MC_CMD_FC_IN_MAC_GET_STATS_UPDATE_LBN 2 -#define MC_CMD_FC_IN_MAC_GET_STATS_UPDATE_WIDTH 1 -/* Number of statistics to read */ -#define MC_CMD_FC_IN_MAC_GET_STATS_NUM_OFST 16 -#define MC_CMD_FC_MAC_NSTATS_PER_BLOCK 0x1e /* enum */ -#define MC_CMD_FC_MAC_NBYTES_PER_STAT 0x8 /* enum */ - -/* MC_CMD_FC_IN_READ32 msgrequest */ -#define MC_CMD_FC_IN_READ32_LEN 16 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -#define MC_CMD_FC_IN_READ32_ADDR_HI_OFST 4 -#define MC_CMD_FC_IN_READ32_ADDR_LO_OFST 8 -#define MC_CMD_FC_IN_READ32_NUMWORDS_OFST 12 - -/* MC_CMD_FC_IN_WRITE32 msgrequest */ -#define MC_CMD_FC_IN_WRITE32_LENMIN 16 -#define MC_CMD_FC_IN_WRITE32_LENMAX 252 -#define MC_CMD_FC_IN_WRITE32_LEN(num) (12+4*(num)) -/* MC_CMD_FC_IN_CMD_OFST 0 */ -#define MC_CMD_FC_IN_WRITE32_ADDR_HI_OFST 4 -#define MC_CMD_FC_IN_WRITE32_ADDR_LO_OFST 8 -#define MC_CMD_FC_IN_WRITE32_BUFFER_OFST 12 -#define MC_CMD_FC_IN_WRITE32_BUFFER_LEN 4 -#define MC_CMD_FC_IN_WRITE32_BUFFER_MINNUM 1 -#define MC_CMD_FC_IN_WRITE32_BUFFER_MAXNUM 60 - -/* MC_CMD_FC_IN_TRC_READ msgrequest */ -#define MC_CMD_FC_IN_TRC_READ_LEN 12 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -#define MC_CMD_FC_IN_TRC_READ_TRC_OFST 4 -#define MC_CMD_FC_IN_TRC_READ_CHANNEL_OFST 8 - -/* MC_CMD_FC_IN_TRC_WRITE msgrequest */ -#define MC_CMD_FC_IN_TRC_WRITE_LEN 28 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -#define MC_CMD_FC_IN_TRC_WRITE_TRC_OFST 4 -#define MC_CMD_FC_IN_TRC_WRITE_CHANNEL_OFST 8 -#define MC_CMD_FC_IN_TRC_WRITE_DATA_OFST 12 -#define MC_CMD_FC_IN_TRC_WRITE_DATA_LEN 4 -#define MC_CMD_FC_IN_TRC_WRITE_DATA_NUM 4 - -/* MC_CMD_FC_IN_GET_VERSION msgrequest */ -#define MC_CMD_FC_IN_GET_VERSION_LEN 4 -/* MC_CMD_FC_IN_CMD_OFST 0 */ - -/* MC_CMD_FC_IN_TRC_RX_READ msgrequest */ -#define MC_CMD_FC_IN_TRC_RX_READ_LEN 12 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -#define MC_CMD_FC_IN_TRC_RX_READ_TRC_OFST 4 -#define MC_CMD_FC_IN_TRC_RX_READ_CHANNEL_OFST 8 - -/* MC_CMD_FC_IN_TRC_RX_WRITE msgrequest */ -#define MC_CMD_FC_IN_TRC_RX_WRITE_LEN 20 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -#define MC_CMD_FC_IN_TRC_RX_WRITE_TRC_OFST 4 -#define MC_CMD_FC_IN_TRC_RX_WRITE_CHANNEL_OFST 8 -#define MC_CMD_FC_IN_TRC_RX_WRITE_DATA_OFST 12 -#define MC_CMD_FC_IN_TRC_RX_WRITE_DATA_LEN 4 -#define MC_CMD_FC_IN_TRC_RX_WRITE_DATA_NUM 2 - -/* MC_CMD_FC_IN_SFP msgrequest */ -#define MC_CMD_FC_IN_SFP_LEN 28 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -/* Link speed is 100, 1000, 10000, 40000 */ -#define MC_CMD_FC_IN_SFP_SPEED_OFST 4 -/* Length of copper cable - zero when not relevant (e.g. if cable is fibre) */ -#define MC_CMD_FC_IN_SFP_COPPER_LEN_OFST 8 -/* Not relevant for cards with QSFP modules. For older cards, true if module is - * a dual speed SFP+ module. - */ -#define MC_CMD_FC_IN_SFP_DUAL_SPEED_OFST 12 -/* True if an SFP Module is present (other fields valid when true) */ -#define MC_CMD_FC_IN_SFP_PRESENT_OFST 16 -/* The type of the SFP+ Module. For later cards with QSFP modules, this field - * is unused and the type is communicated by other means. - */ -#define MC_CMD_FC_IN_SFP_TYPE_OFST 20 -/* Capabilities corresponding to 1 bits. */ -#define MC_CMD_FC_IN_SFP_CAPS_OFST 24 - -/* MC_CMD_FC_IN_DDR_TEST msgrequest */ -#define MC_CMD_FC_IN_DDR_TEST_LEN 8 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -#define MC_CMD_FC_IN_DDR_TEST_HEADER_OFST 4 -#define MC_CMD_FC_IN_DDR_TEST_OP_LBN 0 -#define MC_CMD_FC_IN_DDR_TEST_OP_WIDTH 8 -/* enum: DRAM Test Start */ -#define MC_CMD_FC_OP_DDR_TEST_START 0x1 -/* enum: DRAM Test Poll */ -#define MC_CMD_FC_OP_DDR_TEST_POLL 0x2 - -/* MC_CMD_FC_IN_DDR_TEST_START msgrequest */ -#define MC_CMD_FC_IN_DDR_TEST_START_LEN 12 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -/* MC_CMD_FC_IN_DDR_TEST_HEADER_OFST 4 */ -#define MC_CMD_FC_IN_DDR_TEST_START_MASK_OFST 8 -#define MC_CMD_FC_IN_DDR_TEST_START_T0_LBN 0 -#define MC_CMD_FC_IN_DDR_TEST_START_T0_WIDTH 1 -#define MC_CMD_FC_IN_DDR_TEST_START_T1_LBN 1 -#define MC_CMD_FC_IN_DDR_TEST_START_T1_WIDTH 1 -#define MC_CMD_FC_IN_DDR_TEST_START_B0_LBN 2 -#define MC_CMD_FC_IN_DDR_TEST_START_B0_WIDTH 1 -#define MC_CMD_FC_IN_DDR_TEST_START_B1_LBN 3 -#define MC_CMD_FC_IN_DDR_TEST_START_B1_WIDTH 1 - -/* MC_CMD_FC_IN_DDR_TEST_POLL msgrequest */ -#define MC_CMD_FC_IN_DDR_TEST_POLL_LEN 12 -#define MC_CMD_FC_IN_DDR_TEST_CMD_OFST 0 -/* MC_CMD_FC_IN_DDR_TEST_HEADER_OFST 4 */ -/* Clear previous test result and prepare for restarting DDR test */ -#define MC_CMD_FC_IN_DDR_TEST_POLL_CLEAR_RESULT_FOR_DDR_TEST_OFST 8 - -/* MC_CMD_FC_IN_GET_ASSERT msgrequest */ -#define MC_CMD_FC_IN_GET_ASSERT_LEN 4 -/* MC_CMD_FC_IN_CMD_OFST 0 */ - -/* MC_CMD_FC_IN_FPGA_BUILD msgrequest */ -#define MC_CMD_FC_IN_FPGA_BUILD_LEN 8 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -/* FPGA build info operation code */ -#define MC_CMD_FC_IN_FPGA_BUILD_OP_OFST 4 -/* enum: Get the build registers */ -#define MC_CMD_FC_IN_FPGA_BUILD_BUILD 0x1 -/* enum: Get the services registers */ -#define MC_CMD_FC_IN_FPGA_BUILD_SERVICES 0x2 -/* enum: Get the BSP version */ -#define MC_CMD_FC_IN_FPGA_BUILD_BSP_VERSION 0x3 -/* enum: Get build register for V2 (SFA974X) */ -#define MC_CMD_FC_IN_FPGA_BUILD_BUILD_V2 0x4 -/* enum: GEt the services register for V2 (SFA974X) */ -#define MC_CMD_FC_IN_FPGA_BUILD_SERVICES_V2 0x5 - -/* MC_CMD_FC_IN_READ_MAP msgrequest */ -#define MC_CMD_FC_IN_READ_MAP_LEN 8 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -#define MC_CMD_FC_IN_READ_MAP_HEADER_OFST 4 -#define MC_CMD_FC_IN_READ_MAP_OP_LBN 0 -#define MC_CMD_FC_IN_READ_MAP_OP_WIDTH 8 -/* enum: Get the number of map regions */ -#define MC_CMD_FC_OP_READ_MAP_COUNT 0x1 -/* enum: Get the specified map */ -#define MC_CMD_FC_OP_READ_MAP_INDEX 0x2 - -/* MC_CMD_FC_IN_READ_MAP_COUNT msgrequest */ -#define MC_CMD_FC_IN_READ_MAP_COUNT_LEN 8 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -/* MC_CMD_FC_IN_READ_MAP_HEADER_OFST 4 */ - -/* MC_CMD_FC_IN_READ_MAP_INDEX msgrequest */ -#define MC_CMD_FC_IN_READ_MAP_INDEX_LEN 12 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -/* MC_CMD_FC_IN_READ_MAP_HEADER_OFST 4 */ -#define MC_CMD_FC_IN_MAP_INDEX_OFST 8 - -/* MC_CMD_FC_IN_CAPABILITIES msgrequest */ -#define MC_CMD_FC_IN_CAPABILITIES_LEN 4 -/* MC_CMD_FC_IN_CMD_OFST 0 */ - -/* MC_CMD_FC_IN_GLOBAL_FLAGS msgrequest */ -#define MC_CMD_FC_IN_GLOBAL_FLAGS_LEN 8 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -#define MC_CMD_FC_IN_GLOBAL_FLAGS_FLAGS_OFST 4 -#define MC_CMD_FC_IN_GLOBAL_FLAGS_RX_TUNING_CABLE_PLUGGED_IN_LBN 0 -#define MC_CMD_FC_IN_GLOBAL_FLAGS_RX_TUNING_CABLE_PLUGGED_IN_WIDTH 1 -#define MC_CMD_FC_IN_GLOBAL_FLAGS_RX_TUNING_LINK_MONITORING_LBN 1 -#define MC_CMD_FC_IN_GLOBAL_FLAGS_RX_TUNING_LINK_MONITORING_WIDTH 1 -#define MC_CMD_FC_IN_GLOBAL_FLAGS_DFE_ENABLE_LBN 2 -#define MC_CMD_FC_IN_GLOBAL_FLAGS_DFE_ENABLE_WIDTH 1 -#define MC_CMD_FC_IN_GLOBAL_FLAGS_1D_EYE_ENABLE_LBN 3 -#define MC_CMD_FC_IN_GLOBAL_FLAGS_1D_EYE_ENABLE_WIDTH 1 -#define MC_CMD_FC_IN_GLOBAL_FLAGS_1D_TUNING_ENABLE_LBN 4 -#define MC_CMD_FC_IN_GLOBAL_FLAGS_1D_TUNING_ENABLE_WIDTH 1 -#define MC_CMD_FC_IN_GLOBAL_FLAGS_OFFCAL_ENABLE_LBN 5 -#define MC_CMD_FC_IN_GLOBAL_FLAGS_OFFCAL_ENABLE_WIDTH 1 - -/* MC_CMD_FC_IN_IO_REL msgrequest */ -#define MC_CMD_FC_IN_IO_REL_LEN 8 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -#define MC_CMD_FC_IN_IO_REL_HEADER_OFST 4 -#define MC_CMD_FC_IN_IO_REL_OP_LBN 0 -#define MC_CMD_FC_IN_IO_REL_OP_WIDTH 8 -/* enum: Get the base address that the FC applies to relative commands */ -#define MC_CMD_FC_IN_IO_REL_GET_ADDR 0x1 -/* enum: Read data */ -#define MC_CMD_FC_IN_IO_REL_READ32 0x2 -/* enum: Write data */ -#define MC_CMD_FC_IN_IO_REL_WRITE32 0x3 -#define MC_CMD_FC_IN_IO_REL_COMP_TYPE_LBN 8 -#define MC_CMD_FC_IN_IO_REL_COMP_TYPE_WIDTH 8 -/* enum: Application address space */ -#define MC_CMD_FC_COMP_TYPE_APP_ADDR_SPACE 0x1 -/* enum: Flash address space */ -#define MC_CMD_FC_COMP_TYPE_FLASH 0x2 - -/* MC_CMD_FC_IN_IO_REL_GET_ADDR msgrequest */ -#define MC_CMD_FC_IN_IO_REL_GET_ADDR_LEN 8 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -/* MC_CMD_FC_IN_IO_REL_HEADER_OFST 4 */ - -/* MC_CMD_FC_IN_IO_REL_READ32 msgrequest */ -#define MC_CMD_FC_IN_IO_REL_READ32_LEN 20 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -/* MC_CMD_FC_IN_IO_REL_HEADER_OFST 4 */ -#define MC_CMD_FC_IN_IO_REL_READ32_ADDR_HI_OFST 8 -#define MC_CMD_FC_IN_IO_REL_READ32_ADDR_LO_OFST 12 -#define MC_CMD_FC_IN_IO_REL_READ32_NUMWORDS_OFST 16 - -/* MC_CMD_FC_IN_IO_REL_WRITE32 msgrequest */ -#define MC_CMD_FC_IN_IO_REL_WRITE32_LENMIN 20 -#define MC_CMD_FC_IN_IO_REL_WRITE32_LENMAX 252 -#define MC_CMD_FC_IN_IO_REL_WRITE32_LEN(num) (16+4*(num)) -/* MC_CMD_FC_IN_CMD_OFST 0 */ -/* MC_CMD_FC_IN_IO_REL_HEADER_OFST 4 */ -#define MC_CMD_FC_IN_IO_REL_WRITE32_ADDR_HI_OFST 8 -#define MC_CMD_FC_IN_IO_REL_WRITE32_ADDR_LO_OFST 12 -#define MC_CMD_FC_IN_IO_REL_WRITE32_BUFFER_OFST 16 -#define MC_CMD_FC_IN_IO_REL_WRITE32_BUFFER_LEN 4 -#define MC_CMD_FC_IN_IO_REL_WRITE32_BUFFER_MINNUM 1 -#define MC_CMD_FC_IN_IO_REL_WRITE32_BUFFER_MAXNUM 59 - -/* MC_CMD_FC_IN_UHLINK msgrequest */ -#define MC_CMD_FC_IN_UHLINK_LEN 8 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -#define MC_CMD_FC_IN_UHLINK_HEADER_OFST 4 -#define MC_CMD_FC_IN_UHLINK_OP_LBN 0 -#define MC_CMD_FC_IN_UHLINK_OP_WIDTH 8 -/* enum: Get PHY configuration info */ -#define MC_CMD_FC_OP_UHLINK_PHY 0x1 -/* enum: Get MAC configuration info */ -#define MC_CMD_FC_OP_UHLINK_MAC 0x2 -/* enum: Get Rx eye table */ -#define MC_CMD_FC_OP_UHLINK_RX_EYE 0x3 -/* enum: Get Rx eye plot */ -#define MC_CMD_FC_OP_UHLINK_DUMP_RX_EYE_PLOT 0x4 -/* enum: Get Rx eye plot */ -#define MC_CMD_FC_OP_UHLINK_READ_RX_EYE_PLOT 0x5 -/* enum: Retune Rx settings */ -#define MC_CMD_FC_OP_UHLINK_RX_TUNE 0x6 -/* enum: Set loopback mode on fpga port */ -#define MC_CMD_FC_OP_UHLINK_LOOPBACK_SET 0x7 -/* enum: Get loopback mode config state on fpga port */ -#define MC_CMD_FC_OP_UHLINK_LOOPBACK_GET 0x8 -#define MC_CMD_FC_IN_UHLINK_PORT_TYPE_LBN 8 -#define MC_CMD_FC_IN_UHLINK_PORT_TYPE_WIDTH 8 -#define MC_CMD_FC_IN_UHLINK_PORT_IDX_LBN 16 -#define MC_CMD_FC_IN_UHLINK_PORT_IDX_WIDTH 8 -#define MC_CMD_FC_IN_UHLINK_CMD_FORMAT_LBN 24 -#define MC_CMD_FC_IN_UHLINK_CMD_FORMAT_WIDTH 8 -/* enum: Default FC command format; the fields PORT_TYPE and PORT_IDX are - * irrelevant. Port number is derived from pci_fn; passed in FC header. - */ -#define MC_CMD_FC_OP_UHLINK_CMD_FORMAT_DEFAULT 0x0 -/* enum: Override default port number. Port number determined by fields - * PORT_TYPE and PORT_IDX. - */ -#define MC_CMD_FC_OP_UHLINK_CMD_FORMAT_PORT_OVERRIDE 0x1 - -/* MC_CMD_FC_OP_UHLINK_PHY msgrequest */ -#define MC_CMD_FC_OP_UHLINK_PHY_LEN 8 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -/* MC_CMD_FC_IN_UHLINK_HEADER_OFST 4 */ - -/* MC_CMD_FC_OP_UHLINK_MAC msgrequest */ -#define MC_CMD_FC_OP_UHLINK_MAC_LEN 8 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -/* MC_CMD_FC_IN_UHLINK_HEADER_OFST 4 */ - -/* MC_CMD_FC_OP_UHLINK_RX_EYE msgrequest */ -#define MC_CMD_FC_OP_UHLINK_RX_EYE_LEN 12 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -/* MC_CMD_FC_IN_UHLINK_HEADER_OFST 4 */ -#define MC_CMD_FC_OP_UHLINK_RX_EYE_INDEX_OFST 8 -#define MC_CMD_FC_UHLINK_RX_EYE_PER_BLOCK 0x30 /* enum */ - -/* MC_CMD_FC_OP_UHLINK_DUMP_RX_EYE_PLOT msgrequest */ -#define MC_CMD_FC_OP_UHLINK_DUMP_RX_EYE_PLOT_LEN 8 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -/* MC_CMD_FC_IN_UHLINK_HEADER_OFST 4 */ - -/* MC_CMD_FC_OP_UHLINK_READ_RX_EYE_PLOT msgrequest */ -#define MC_CMD_FC_OP_UHLINK_READ_RX_EYE_PLOT_LEN 20 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -/* MC_CMD_FC_IN_UHLINK_HEADER_OFST 4 */ -#define MC_CMD_FC_OP_UHLINK_READ_RX_EYE_PLOT_DC_GAIN_OFST 8 -#define MC_CMD_FC_OP_UHLINK_READ_RX_EYE_PLOT_EQ_CONTROL_OFST 12 -#define MC_CMD_FC_OP_UHLINK_READ_RX_EYE_PLOT_INDEX_OFST 16 -#define MC_CMD_FC_UHLINK_RX_EYE_PLOT_ROWS_PER_BLOCK 0x1e /* enum */ - -/* MC_CMD_FC_OP_UHLINK_RX_TUNE msgrequest */ -#define MC_CMD_FC_OP_UHLINK_RX_TUNE_LEN 8 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -/* MC_CMD_FC_IN_UHLINK_HEADER_OFST 4 */ - -/* MC_CMD_FC_OP_UHLINK_LOOPBACK_SET msgrequest */ -#define MC_CMD_FC_OP_UHLINK_LOOPBACK_SET_LEN 16 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -/* MC_CMD_FC_IN_UHLINK_HEADER_OFST 4 */ -#define MC_CMD_FC_OP_UHLINK_LOOPBACK_SET_TYPE_OFST 8 -#define MC_CMD_FC_UHLINK_LOOPBACK_TYPE_PCS_SERIAL 0x0 /* enum */ -#define MC_CMD_FC_UHLINK_LOOPBACK_TYPE_PMA_PRE_CDR 0x1 /* enum */ -#define MC_CMD_FC_UHLINK_LOOPBACK_TYPE_PMA_POST_CDR 0x2 /* enum */ -#define MC_CMD_FC_OP_UHLINK_LOOPBACK_SET_STATE_OFST 12 -#define MC_CMD_FC_UHLINK_LOOPBACK_STATE_OFF 0x0 /* enum */ -#define MC_CMD_FC_UHLINK_LOOPBACK_STATE_ON 0x1 /* enum */ - -/* MC_CMD_FC_OP_UHLINK_LOOPBACK_GET msgrequest */ -#define MC_CMD_FC_OP_UHLINK_LOOPBACK_GET_LEN 12 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -/* MC_CMD_FC_IN_UHLINK_HEADER_OFST 4 */ -#define MC_CMD_FC_OP_UHLINK_LOOPBACK_GET_TYPE_OFST 8 - -/* MC_CMD_FC_IN_SET_LINK msgrequest */ -#define MC_CMD_FC_IN_SET_LINK_LEN 16 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -/* See MC_CMD_GET_LOOPBACK_MODES/MC_CMD_GET_LOOPBACK_MODES_OUT/100M */ -#define MC_CMD_FC_IN_SET_LINK_MODE_OFST 4 -#define MC_CMD_FC_IN_SET_LINK_SPEED_OFST 8 -#define MC_CMD_FC_IN_SET_LINK_FLAGS_OFST 12 -#define MC_CMD_FC_IN_SET_LINK_LOWPOWER_LBN 0 -#define MC_CMD_FC_IN_SET_LINK_LOWPOWER_WIDTH 1 -#define MC_CMD_FC_IN_SET_LINK_POWEROFF_LBN 1 -#define MC_CMD_FC_IN_SET_LINK_POWEROFF_WIDTH 1 -#define MC_CMD_FC_IN_SET_LINK_TXDIS_LBN 2 -#define MC_CMD_FC_IN_SET_LINK_TXDIS_WIDTH 1 - -/* MC_CMD_FC_IN_LICENSE msgrequest */ -#define MC_CMD_FC_IN_LICENSE_LEN 8 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -#define MC_CMD_FC_IN_LICENSE_OP_OFST 4 -#define MC_CMD_FC_IN_LICENSE_UPDATE_LICENSE 0x0 /* enum */ -#define MC_CMD_FC_IN_LICENSE_GET_KEY_STATS 0x1 /* enum */ - -/* MC_CMD_FC_IN_STARTUP msgrequest */ -#define MC_CMD_FC_IN_STARTUP_LEN 40 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -#define MC_CMD_FC_IN_STARTUP_BASE_OFST 4 -#define MC_CMD_FC_IN_STARTUP_LENGTH_OFST 8 -/* Length of identifier */ -#define MC_CMD_FC_IN_STARTUP_IDLENGTH_OFST 12 -/* Identifier for AOE FPGA */ -#define MC_CMD_FC_IN_STARTUP_ID_OFST 16 -#define MC_CMD_FC_IN_STARTUP_ID_LEN 1 -#define MC_CMD_FC_IN_STARTUP_ID_NUM 24 - -/* MC_CMD_FC_IN_DMA msgrequest */ -#define MC_CMD_FC_IN_DMA_LEN 8 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -#define MC_CMD_FC_IN_DMA_OP_OFST 4 -#define MC_CMD_FC_IN_DMA_STOP 0x0 /* enum */ -#define MC_CMD_FC_IN_DMA_READ 0x1 /* enum */ - -/* MC_CMD_FC_IN_DMA_STOP msgrequest */ -#define MC_CMD_FC_IN_DMA_STOP_LEN 12 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -/* MC_CMD_FC_IN_DMA_OP_OFST 4 */ -/* FC supplied handle */ -#define MC_CMD_FC_IN_DMA_STOP_FC_HANDLE_OFST 8 - -/* MC_CMD_FC_IN_DMA_READ msgrequest */ -#define MC_CMD_FC_IN_DMA_READ_LEN 16 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -/* MC_CMD_FC_IN_DMA_OP_OFST 4 */ -#define MC_CMD_FC_IN_DMA_READ_OFFSET_OFST 8 -#define MC_CMD_FC_IN_DMA_READ_LENGTH_OFST 12 - -/* MC_CMD_FC_IN_TIMED_READ msgrequest */ -#define MC_CMD_FC_IN_TIMED_READ_LEN 8 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -#define MC_CMD_FC_IN_TIMED_READ_OP_OFST 4 -#define MC_CMD_FC_IN_TIMED_READ_SET 0x0 /* enum */ -#define MC_CMD_FC_IN_TIMED_READ_GET 0x1 /* enum */ -#define MC_CMD_FC_IN_TIMED_READ_CLEAR 0x2 /* enum */ - -/* MC_CMD_FC_IN_TIMED_READ_SET msgrequest */ -#define MC_CMD_FC_IN_TIMED_READ_SET_LEN 52 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -/* MC_CMD_FC_IN_TIMED_READ_OP_OFST 4 */ -/* Host supplied handle (unique) */ -#define MC_CMD_FC_IN_TIMED_READ_SET_HOST_HANDLE_OFST 8 -/* Address into which to transfer data in host */ -#define MC_CMD_FC_IN_TIMED_READ_SET_HOST_DMA_ADDRESS_OFST 12 -#define MC_CMD_FC_IN_TIMED_READ_SET_HOST_DMA_ADDRESS_LEN 8 -#define MC_CMD_FC_IN_TIMED_READ_SET_HOST_DMA_ADDRESS_LO_OFST 12 -#define MC_CMD_FC_IN_TIMED_READ_SET_HOST_DMA_ADDRESS_HI_OFST 16 -/* AOE address from which to transfer data */ -#define MC_CMD_FC_IN_TIMED_READ_SET_AOE_ADDRESS_OFST 20 -#define MC_CMD_FC_IN_TIMED_READ_SET_AOE_ADDRESS_LEN 8 -#define MC_CMD_FC_IN_TIMED_READ_SET_AOE_ADDRESS_LO_OFST 20 -#define MC_CMD_FC_IN_TIMED_READ_SET_AOE_ADDRESS_HI_OFST 24 -/* Length of AOE transfer (total) */ -#define MC_CMD_FC_IN_TIMED_READ_SET_AOE_LENGTH_OFST 28 -/* Length of host transfer (total) */ -#define MC_CMD_FC_IN_TIMED_READ_SET_HOST_LENGTH_OFST 32 -/* Offset back from aoe_address to apply operation to */ -#define MC_CMD_FC_IN_TIMED_READ_SET_OFFSET_OFST 36 -/* Data to apply at offset */ -#define MC_CMD_FC_IN_TIMED_READ_SET_DATA_OFST 40 -#define MC_CMD_FC_IN_TIMED_READ_SET_FLAGS_OFST 44 -#define MC_CMD_FC_IN_TIMED_READ_SET_INDIRECT_LBN 0 -#define MC_CMD_FC_IN_TIMED_READ_SET_INDIRECT_WIDTH 1 -#define MC_CMD_FC_IN_TIMED_READ_SET_DOUBLE_LBN 1 -#define MC_CMD_FC_IN_TIMED_READ_SET_DOUBLE_WIDTH 1 -#define MC_CMD_FC_IN_TIMED_READ_SET_EVENT_LBN 2 -#define MC_CMD_FC_IN_TIMED_READ_SET_EVENT_WIDTH 1 -#define MC_CMD_FC_IN_TIMED_READ_SET_PREREAD_LBN 3 -#define MC_CMD_FC_IN_TIMED_READ_SET_PREREAD_WIDTH 2 -#define MC_CMD_FC_IN_TIMED_READ_SET_NONE 0x0 /* enum */ -#define MC_CMD_FC_IN_TIMED_READ_SET_READ 0x1 /* enum */ -#define MC_CMD_FC_IN_TIMED_READ_SET_WRITE 0x2 /* enum */ -#define MC_CMD_FC_IN_TIMED_READ_SET_READWRITE 0x3 /* enum */ -/* Period at which reads are performed (100ms units) */ -#define MC_CMD_FC_IN_TIMED_READ_SET_PERIOD_OFST 48 - -/* MC_CMD_FC_IN_TIMED_READ_GET msgrequest */ -#define MC_CMD_FC_IN_TIMED_READ_GET_LEN 12 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -/* MC_CMD_FC_IN_TIMED_READ_OP_OFST 4 */ -/* FC supplied handle */ -#define MC_CMD_FC_IN_TIMED_READ_GET_FC_HANDLE_OFST 8 - -/* MC_CMD_FC_IN_TIMED_READ_CLEAR msgrequest */ -#define MC_CMD_FC_IN_TIMED_READ_CLEAR_LEN 12 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -/* MC_CMD_FC_IN_TIMED_READ_OP_OFST 4 */ -/* FC supplied handle */ -#define MC_CMD_FC_IN_TIMED_READ_CLEAR_FC_HANDLE_OFST 8 - -/* MC_CMD_FC_IN_LOG msgrequest */ -#define MC_CMD_FC_IN_LOG_LEN 8 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -#define MC_CMD_FC_IN_LOG_OP_OFST 4 -#define MC_CMD_FC_IN_LOG_ADDR_RANGE 0x0 /* enum */ -#define MC_CMD_FC_IN_LOG_JTAG_UART 0x1 /* enum */ - -/* MC_CMD_FC_IN_LOG_ADDR_RANGE msgrequest */ -#define MC_CMD_FC_IN_LOG_ADDR_RANGE_LEN 20 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -/* MC_CMD_FC_IN_LOG_OP_OFST 4 */ -/* Partition offset into flash */ -#define MC_CMD_FC_IN_LOG_ADDR_RANGE_OFFSET_OFST 8 -/* Partition length */ -#define MC_CMD_FC_IN_LOG_ADDR_RANGE_LENGTH_OFST 12 -/* Partition erase size */ -#define MC_CMD_FC_IN_LOG_ADDR_RANGE_ERASE_SIZE_OFST 16 - -/* MC_CMD_FC_IN_LOG_JTAG_UART msgrequest */ -#define MC_CMD_FC_IN_LOG_JTAG_UART_LEN 12 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -/* MC_CMD_FC_IN_LOG_OP_OFST 4 */ -/* Enable/disable printing to JTAG UART */ -#define MC_CMD_FC_IN_LOG_JTAG_UART_ENABLE_OFST 8 - -/* MC_CMD_FC_IN_CLOCK msgrequest */ -#define MC_CMD_FC_IN_CLOCK_LEN 12 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -#define MC_CMD_FC_IN_CLOCK_OP_OFST 4 -#define MC_CMD_FC_IN_CLOCK_GET_TIME 0x0 /* enum */ -#define MC_CMD_FC_IN_CLOCK_SET_TIME 0x1 /* enum */ -/* Perform a clock operation */ -#define MC_CMD_FC_IN_CLOCK_ID_OFST 8 -#define MC_CMD_FC_IN_CLOCK_STATS 0x0 /* enum */ -#define MC_CMD_FC_IN_CLOCK_MAC 0x1 /* enum */ - -/* MC_CMD_FC_IN_CLOCK_GET_TIME msgrequest */ -#define MC_CMD_FC_IN_CLOCK_GET_TIME_LEN 12 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -/* MC_CMD_FC_IN_CLOCK_OP_OFST 4 */ -/* Retrieve the clock value of the specified clock */ -/* MC_CMD_FC_IN_CLOCK_ID_OFST 8 */ - -/* MC_CMD_FC_IN_CLOCK_SET_TIME msgrequest */ -#define MC_CMD_FC_IN_CLOCK_SET_TIME_LEN 24 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -/* MC_CMD_FC_IN_CLOCK_OP_OFST 4 */ -/* MC_CMD_FC_IN_CLOCK_ID_OFST 8 */ -#define MC_CMD_FC_IN_CLOCK_SET_TIME_SECONDS_OFST 12 -#define MC_CMD_FC_IN_CLOCK_SET_TIME_SECONDS_LEN 8 -#define MC_CMD_FC_IN_CLOCK_SET_TIME_SECONDS_LO_OFST 12 -#define MC_CMD_FC_IN_CLOCK_SET_TIME_SECONDS_HI_OFST 16 -/* Set the clock value of the specified clock */ -#define MC_CMD_FC_IN_CLOCK_SET_TIME_NANOSECONDS_OFST 20 - -/* MC_CMD_FC_IN_DDR msgrequest */ -#define MC_CMD_FC_IN_DDR_LEN 12 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -#define MC_CMD_FC_IN_DDR_OP_OFST 4 -#define MC_CMD_FC_IN_DDR_SET_SPD 0x0 /* enum */ -#define MC_CMD_FC_IN_DDR_GET_STATUS 0x1 /* enum */ -#define MC_CMD_FC_IN_DDR_SET_INFO 0x2 /* enum */ -#define MC_CMD_FC_IN_DDR_BANK_OFST 8 -#define MC_CMD_FC_IN_DDR_BANK_B0 0x0 /* enum */ -#define MC_CMD_FC_IN_DDR_BANK_B1 0x1 /* enum */ -#define MC_CMD_FC_IN_DDR_BANK_T0 0x2 /* enum */ -#define MC_CMD_FC_IN_DDR_BANK_T1 0x3 /* enum */ -#define MC_CMD_FC_IN_DDR_NUM_BANKS 0x4 /* enum */ - -/* MC_CMD_FC_IN_DDR_SET_SPD msgrequest */ -#define MC_CMD_FC_IN_DDR_SET_SPD_LEN 148 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -/* MC_CMD_FC_IN_DDR_OP_OFST 4 */ -/* Affected bank */ -/* MC_CMD_FC_IN_DDR_BANK_OFST 8 */ -/* Flags */ -#define MC_CMD_FC_IN_DDR_FLAGS_OFST 12 -#define MC_CMD_FC_IN_DDR_SET_SPD_ACTIVE 0x1 /* enum */ -/* 128-byte page of serial presence detect data read from module's EEPROM */ -#define MC_CMD_FC_IN_DDR_SPD_OFST 16 -#define MC_CMD_FC_IN_DDR_SPD_LEN 1 -#define MC_CMD_FC_IN_DDR_SPD_NUM 128 -/* Page index of the spd data copied into MC_CMD_FC_IN_DDR_SPD */ -#define MC_CMD_FC_IN_DDR_SPD_PAGE_ID_OFST 144 - -/* MC_CMD_FC_IN_DDR_SET_INFO msgrequest */ -#define MC_CMD_FC_IN_DDR_SET_INFO_LEN 16 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -/* MC_CMD_FC_IN_DDR_OP_OFST 4 */ -/* Affected bank */ -/* MC_CMD_FC_IN_DDR_BANK_OFST 8 */ -/* Size of DDR */ -#define MC_CMD_FC_IN_DDR_SIZE_OFST 12 - -/* MC_CMD_FC_IN_DDR_GET_STATUS msgrequest */ -#define MC_CMD_FC_IN_DDR_GET_STATUS_LEN 12 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -/* MC_CMD_FC_IN_DDR_OP_OFST 4 */ -/* Affected bank */ -/* MC_CMD_FC_IN_DDR_BANK_OFST 8 */ - -/* MC_CMD_FC_IN_TIMESTAMP msgrequest */ -#define MC_CMD_FC_IN_TIMESTAMP_LEN 8 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -/* FC timestamp operation code */ -#define MC_CMD_FC_IN_TIMESTAMP_OP_OFST 4 -/* enum: Read transmit timestamp(s) */ -#define MC_CMD_FC_IN_TIMESTAMP_READ_TRANSMIT 0x0 -/* enum: Read snapshot timestamps */ -#define MC_CMD_FC_IN_TIMESTAMP_READ_SNAPSHOT 0x1 -/* enum: Clear all transmit timestamps */ -#define MC_CMD_FC_IN_TIMESTAMP_CLEAR_TRANSMIT 0x2 - -/* MC_CMD_FC_IN_TIMESTAMP_READ_TRANSMIT msgrequest */ -#define MC_CMD_FC_IN_TIMESTAMP_READ_TRANSMIT_LEN 28 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -#define MC_CMD_FC_IN_TIMESTAMP_READ_TRANSMIT_OP_OFST 4 -/* Control filtering of the returned timestamp and sequence number specified - * here - */ -#define MC_CMD_FC_IN_TIMESTAMP_READ_TRANSMIT_FILTER_OFST 8 -/* enum: Return most recent timestamp. No filtering */ -#define MC_CMD_FC_IN_TIMESTAMP_READ_TRANSMIT_LATEST 0x0 -/* enum: Match timestamp against the PTP clock ID, port number and sequence - * number specified - */ -#define MC_CMD_FC_IN_TIMESTAMP_READ_TRANSMIT_MATCH 0x1 -/* Clock identity of PTP packet for which timestamp required */ -#define MC_CMD_FC_IN_TIMESTAMP_READ_TRANSMIT_CLOCK_ID_OFST 12 -#define MC_CMD_FC_IN_TIMESTAMP_READ_TRANSMIT_CLOCK_ID_LEN 8 -#define MC_CMD_FC_IN_TIMESTAMP_READ_TRANSMIT_CLOCK_ID_LO_OFST 12 -#define MC_CMD_FC_IN_TIMESTAMP_READ_TRANSMIT_CLOCK_ID_HI_OFST 16 -/* Port number of PTP packet for which timestamp required */ -#define MC_CMD_FC_IN_TIMESTAMP_READ_TRANSMIT_PORT_NUM_OFST 20 -/* Sequence number of PTP packet for which timestamp required */ -#define MC_CMD_FC_IN_TIMESTAMP_READ_TRANSMIT_SEQ_NUM_OFST 24 - -/* MC_CMD_FC_IN_TIMESTAMP_READ_SNAPSHOT msgrequest */ -#define MC_CMD_FC_IN_TIMESTAMP_READ_SNAPSHOT_LEN 8 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -#define MC_CMD_FC_IN_TIMESTAMP_READ_SNAPSHOT_OP_OFST 4 - -/* MC_CMD_FC_IN_TIMESTAMP_CLEAR_TRANSMIT msgrequest */ -#define MC_CMD_FC_IN_TIMESTAMP_CLEAR_TRANSMIT_LEN 8 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -#define MC_CMD_FC_IN_TIMESTAMP_CLEAR_TRANSMIT_OP_OFST 4 - -/* MC_CMD_FC_IN_SPI msgrequest */ -#define MC_CMD_FC_IN_SPI_LEN 8 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -/* Basic commands for SPI Flash. */ -#define MC_CMD_FC_IN_SPI_OP_OFST 4 -/* enum: SPI Flash read */ -#define MC_CMD_FC_IN_SPI_READ 0x0 -/* enum: SPI Flash write */ -#define MC_CMD_FC_IN_SPI_WRITE 0x1 -/* enum: SPI Flash erase */ -#define MC_CMD_FC_IN_SPI_ERASE 0x2 - -/* MC_CMD_FC_IN_SPI_READ msgrequest */ -#define MC_CMD_FC_IN_SPI_READ_LEN 16 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -#define MC_CMD_FC_IN_SPI_READ_OP_OFST 4 -#define MC_CMD_FC_IN_SPI_READ_ADDR_OFST 8 -#define MC_CMD_FC_IN_SPI_READ_NUMBYTES_OFST 12 - -/* MC_CMD_FC_IN_SPI_WRITE msgrequest */ -#define MC_CMD_FC_IN_SPI_WRITE_LENMIN 16 -#define MC_CMD_FC_IN_SPI_WRITE_LENMAX 252 -#define MC_CMD_FC_IN_SPI_WRITE_LEN(num) (12+4*(num)) -/* MC_CMD_FC_IN_CMD_OFST 0 */ -#define MC_CMD_FC_IN_SPI_WRITE_OP_OFST 4 -#define MC_CMD_FC_IN_SPI_WRITE_ADDR_OFST 8 -#define MC_CMD_FC_IN_SPI_WRITE_BUFFER_OFST 12 -#define MC_CMD_FC_IN_SPI_WRITE_BUFFER_LEN 4 -#define MC_CMD_FC_IN_SPI_WRITE_BUFFER_MINNUM 1 -#define MC_CMD_FC_IN_SPI_WRITE_BUFFER_MAXNUM 60 - -/* MC_CMD_FC_IN_SPI_ERASE msgrequest */ -#define MC_CMD_FC_IN_SPI_ERASE_LEN 16 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -#define MC_CMD_FC_IN_SPI_ERASE_OP_OFST 4 -#define MC_CMD_FC_IN_SPI_ERASE_ADDR_OFST 8 -#define MC_CMD_FC_IN_SPI_ERASE_NUMBYTES_OFST 12 - -/* MC_CMD_FC_IN_DIAG msgrequest */ -#define MC_CMD_FC_IN_DIAG_LEN 8 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -/* Operation code indicating component type */ -#define MC_CMD_FC_IN_DIAG_OP_OFST 4 -/* enum: Power noise generator. */ -#define MC_CMD_FC_IN_DIAG_POWER_NOISE 0x0 -/* enum: DDR soak test component. */ -#define MC_CMD_FC_IN_DIAG_DDR_SOAK 0x1 -/* enum: Diagnostics datapath control component. */ -#define MC_CMD_FC_IN_DIAG_DATAPATH_CTRL 0x2 - -/* MC_CMD_FC_IN_DIAG_POWER_NOISE msgrequest */ -#define MC_CMD_FC_IN_DIAG_POWER_NOISE_LEN 12 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -#define MC_CMD_FC_IN_DIAG_POWER_NOISE_OP_OFST 4 -/* Sub-opcode describing the operation to be carried out */ -#define MC_CMD_FC_IN_DIAG_POWER_NOISE_SUB_OP_OFST 8 -/* enum: Read the configuration (the 32-bit values in each of the clock enable - * count and toggle count registers) - */ -#define MC_CMD_FC_IN_DIAG_POWER_NOISE_READ_CONFIG 0x0 -/* enum: Write a new configuration to the clock enable count and toggle count - * registers - */ -#define MC_CMD_FC_IN_DIAG_POWER_NOISE_WRITE_CONFIG 0x1 - -/* MC_CMD_FC_IN_DIAG_POWER_NOISE_READ_CONFIG msgrequest */ -#define MC_CMD_FC_IN_DIAG_POWER_NOISE_READ_CONFIG_LEN 12 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -#define MC_CMD_FC_IN_DIAG_POWER_NOISE_READ_CONFIG_OP_OFST 4 -#define MC_CMD_FC_IN_DIAG_POWER_NOISE_READ_CONFIG_SUB_OP_OFST 8 - -/* MC_CMD_FC_IN_DIAG_POWER_NOISE_WRITE_CONFIG msgrequest */ -#define MC_CMD_FC_IN_DIAG_POWER_NOISE_WRITE_CONFIG_LEN 20 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -#define MC_CMD_FC_IN_DIAG_POWER_NOISE_WRITE_CONFIG_OP_OFST 4 -#define MC_CMD_FC_IN_DIAG_POWER_NOISE_WRITE_CONFIG_SUB_OP_OFST 8 -/* The 32-bit value to be written to the toggle count register */ -#define MC_CMD_FC_IN_DIAG_POWER_NOISE_WRITE_CONFIG_TOGGLE_COUNT_OFST 12 -/* The 32-bit value to be written to the clock enable count register */ -#define MC_CMD_FC_IN_DIAG_POWER_NOISE_WRITE_CONFIG_CLKEN_COUNT_OFST 16 - -/* MC_CMD_FC_IN_DIAG_DDR_SOAK msgrequest */ -#define MC_CMD_FC_IN_DIAG_DDR_SOAK_LEN 12 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -#define MC_CMD_FC_IN_DIAG_DDR_SOAK_OP_OFST 4 -/* Sub-opcode describing the operation to be carried out */ -#define MC_CMD_FC_IN_DIAG_DDR_SOAK_SUB_OP_OFST 8 -/* enum: Starts DDR soak test on selected banks */ -#define MC_CMD_FC_IN_DIAG_DDR_SOAK_START 0x0 -/* enum: Read status of DDR soak test */ -#define MC_CMD_FC_IN_DIAG_DDR_SOAK_RESULT 0x1 -/* enum: Stop test */ -#define MC_CMD_FC_IN_DIAG_DDR_SOAK_STOP 0x2 -/* enum: Set or clear bit that triggers fake errors. These cause subsequent - * tests to fail until the bit is cleared. - */ -#define MC_CMD_FC_IN_DIAG_DDR_SOAK_ERROR 0x3 - -/* MC_CMD_FC_IN_DIAG_DDR_SOAK_START msgrequest */ -#define MC_CMD_FC_IN_DIAG_DDR_SOAK_START_LEN 24 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -#define MC_CMD_FC_IN_DIAG_DDR_SOAK_START_OP_OFST 4 -#define MC_CMD_FC_IN_DIAG_DDR_SOAK_START_SUB_OP_OFST 8 -/* Mask of DDR banks to be tested */ -#define MC_CMD_FC_IN_DIAG_DDR_SOAK_START_BANK_MASK_OFST 12 -/* Pattern to use in the soak test */ -#define MC_CMD_FC_IN_DIAG_DDR_SOAK_START_TEST_PATTERN_OFST 16 -#define MC_CMD_FC_IN_DIAG_DDR_SOAK_START_ZEROS 0x0 /* enum */ -#define MC_CMD_FC_IN_DIAG_DDR_SOAK_START_ONES 0x1 /* enum */ -/* Either multiple automatic tests until a STOP command is issued, or one - * single test - */ -#define MC_CMD_FC_IN_DIAG_DDR_SOAK_START_TEST_TYPE_OFST 20 -#define MC_CMD_FC_IN_DIAG_DDR_SOAK_START_ONGOING_TEST 0x0 /* enum */ -#define MC_CMD_FC_IN_DIAG_DDR_SOAK_START_SINGLE_TEST 0x1 /* enum */ - -/* MC_CMD_FC_IN_DIAG_DDR_SOAK_RESULT msgrequest */ -#define MC_CMD_FC_IN_DIAG_DDR_SOAK_RESULT_LEN 16 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -#define MC_CMD_FC_IN_DIAG_DDR_SOAK_RESULT_OP_OFST 4 -#define MC_CMD_FC_IN_DIAG_DDR_SOAK_RESULT_SUB_OP_OFST 8 -/* DDR bank to read status from */ -#define MC_CMD_FC_IN_DIAG_DDR_SOAK_RESULT_BANK_ID_OFST 12 -#define MC_CMD_FC_DDR_BANK0 0x0 /* enum */ -#define MC_CMD_FC_DDR_BANK1 0x1 /* enum */ -#define MC_CMD_FC_DDR_BANK2 0x2 /* enum */ -#define MC_CMD_FC_DDR_BANK3 0x3 /* enum */ -#define MC_CMD_FC_DDR_AOEMEM_MAX_BANKS 0x4 /* enum */ - -/* MC_CMD_FC_IN_DIAG_DDR_SOAK_STOP msgrequest */ -#define MC_CMD_FC_IN_DIAG_DDR_SOAK_STOP_LEN 16 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -#define MC_CMD_FC_IN_DIAG_DDR_SOAK_STOP_OP_OFST 4 -#define MC_CMD_FC_IN_DIAG_DDR_SOAK_STOP_SUB_OP_OFST 8 -/* Mask of DDR banks to be tested */ -#define MC_CMD_FC_IN_DIAG_DDR_SOAK_STOP_BANK_MASK_OFST 12 - -/* MC_CMD_FC_IN_DIAG_DDR_SOAK_ERROR msgrequest */ -#define MC_CMD_FC_IN_DIAG_DDR_SOAK_ERROR_LEN 20 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -#define MC_CMD_FC_IN_DIAG_DDR_SOAK_ERROR_OP_OFST 4 -#define MC_CMD_FC_IN_DIAG_DDR_SOAK_ERROR_SUB_OP_OFST 8 -/* Mask of DDR banks to set/clear error flag on */ -#define MC_CMD_FC_IN_DIAG_DDR_SOAK_ERROR_BANK_MASK_OFST 12 -#define MC_CMD_FC_IN_DIAG_DDR_SOAK_ERROR_FLAG_ACTION_OFST 16 -#define MC_CMD_FC_IN_DIAG_DDR_SOAK_ERROR_CLEAR 0x0 /* enum */ -#define MC_CMD_FC_IN_DIAG_DDR_SOAK_ERROR_SET 0x1 /* enum */ - -/* MC_CMD_FC_IN_DIAG_DATAPATH_CTRL msgrequest */ -#define MC_CMD_FC_IN_DIAG_DATAPATH_CTRL_LEN 12 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -#define MC_CMD_FC_IN_DIAG_DATAPATH_CTRL_OP_OFST 4 -/* Sub-opcode describing the operation to be carried out */ -#define MC_CMD_FC_IN_DIAG_DATAPATH_CTRL_SUB_OP_OFST 8 -/* enum: Set a known datapath configuration */ -#define MC_CMD_FC_IN_DIAG_DATAPATH_CTRL_SET_MODE 0x0 -/* enum: Apply raw config to datapath control registers */ -#define MC_CMD_FC_IN_DIAG_DATAPATH_CTRL_RAW_CONFIG 0x1 - -/* MC_CMD_FC_IN_DIAG_DATAPATH_CTRL_SET_MODE msgrequest */ -#define MC_CMD_FC_IN_DIAG_DATAPATH_CTRL_SET_MODE_LEN 16 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -#define MC_CMD_FC_IN_DIAG_DATAPATH_CTRL_SET_MODE_OP_OFST 4 -#define MC_CMD_FC_IN_DIAG_DATAPATH_CTRL_SET_MODE_SUB_OP_OFST 8 -/* Datapath configuration identifier */ -#define MC_CMD_FC_IN_DIAG_DATAPATH_CTRL_SET_MODE_MODE_OFST 12 -#define MC_CMD_FC_IN_DIAG_DATAPATH_CTRL_SET_MODE_PASSTHROUGH 0x0 /* enum */ -#define MC_CMD_FC_IN_DIAG_DATAPATH_CTRL_SET_MODE_SNAKE 0x1 /* enum */ - -/* MC_CMD_FC_IN_DIAG_DATAPATH_CTRL_RAW_CONFIG msgrequest */ -#define MC_CMD_FC_IN_DIAG_DATAPATH_CTRL_RAW_CONFIG_LEN 24 -/* MC_CMD_FC_IN_CMD_OFST 0 */ -#define MC_CMD_FC_IN_DIAG_DATAPATH_CTRL_RAW_CONFIG_OP_OFST 4 -#define MC_CMD_FC_IN_DIAG_DATAPATH_CTRL_RAW_CONFIG_SUB_OP_OFST 8 -/* Value to write into control register 1 */ -#define MC_CMD_FC_IN_DIAG_DATAPATH_CTRL_RAW_CONFIG_CONTROL1_OFST 12 -/* Value to write into control register 2 */ -#define MC_CMD_FC_IN_DIAG_DATAPATH_CTRL_RAW_CONFIG_CONTROL2_OFST 16 -/* Value to write into control register 3 */ -#define MC_CMD_FC_IN_DIAG_DATAPATH_CTRL_RAW_CONFIG_CONTROL3_OFST 20 - -/* MC_CMD_FC_OUT msgresponse */ -#define MC_CMD_FC_OUT_LEN 0 - -/* MC_CMD_FC_OUT_NULL msgresponse */ -#define MC_CMD_FC_OUT_NULL_LEN 0 - -/* MC_CMD_FC_OUT_READ32 msgresponse */ -#define MC_CMD_FC_OUT_READ32_LENMIN 4 -#define MC_CMD_FC_OUT_READ32_LENMAX 252 -#define MC_CMD_FC_OUT_READ32_LEN(num) (0+4*(num)) -#define MC_CMD_FC_OUT_READ32_BUFFER_OFST 0 -#define MC_CMD_FC_OUT_READ32_BUFFER_LEN 4 -#define MC_CMD_FC_OUT_READ32_BUFFER_MINNUM 1 -#define MC_CMD_FC_OUT_READ32_BUFFER_MAXNUM 63 - -/* MC_CMD_FC_OUT_WRITE32 msgresponse */ -#define MC_CMD_FC_OUT_WRITE32_LEN 0 - -/* MC_CMD_FC_OUT_TRC_READ msgresponse */ -#define MC_CMD_FC_OUT_TRC_READ_LEN 16 -#define MC_CMD_FC_OUT_TRC_READ_DATA_OFST 0 -#define MC_CMD_FC_OUT_TRC_READ_DATA_LEN 4 -#define MC_CMD_FC_OUT_TRC_READ_DATA_NUM 4 - -/* MC_CMD_FC_OUT_TRC_WRITE msgresponse */ -#define MC_CMD_FC_OUT_TRC_WRITE_LEN 0 - -/* MC_CMD_FC_OUT_GET_VERSION msgresponse */ -#define MC_CMD_FC_OUT_GET_VERSION_LEN 12 -#define MC_CMD_FC_OUT_GET_VERSION_FIRMWARE_OFST 0 -#define MC_CMD_FC_OUT_GET_VERSION_VERSION_OFST 4 -#define MC_CMD_FC_OUT_GET_VERSION_VERSION_LEN 8 -#define MC_CMD_FC_OUT_GET_VERSION_VERSION_LO_OFST 4 -#define MC_CMD_FC_OUT_GET_VERSION_VERSION_HI_OFST 8 - -/* MC_CMD_FC_OUT_TRC_RX_READ msgresponse */ -#define MC_CMD_FC_OUT_TRC_RX_READ_LEN 8 -#define MC_CMD_FC_OUT_TRC_RX_READ_DATA_OFST 0 -#define MC_CMD_FC_OUT_TRC_RX_READ_DATA_LEN 4 -#define MC_CMD_FC_OUT_TRC_RX_READ_DATA_NUM 2 - -/* MC_CMD_FC_OUT_TRC_RX_WRITE msgresponse */ -#define MC_CMD_FC_OUT_TRC_RX_WRITE_LEN 0 - -/* MC_CMD_FC_OUT_MAC_RECONFIGURE msgresponse */ -#define MC_CMD_FC_OUT_MAC_RECONFIGURE_LEN 0 - -/* MC_CMD_FC_OUT_MAC_SET_LINK msgresponse */ -#define MC_CMD_FC_OUT_MAC_SET_LINK_LEN 0 - -/* MC_CMD_FC_OUT_MAC_READ_STATUS msgresponse */ -#define MC_CMD_FC_OUT_MAC_READ_STATUS_LEN 4 -#define MC_CMD_FC_OUT_MAC_READ_STATUS_STATUS_OFST 0 - -/* MC_CMD_FC_OUT_MAC_GET_RX_STATS msgresponse */ -#define MC_CMD_FC_OUT_MAC_GET_RX_STATS_LEN ((((0-1+(64*MC_CMD_FC_MAC_RX_NSTATS))+1))>>3) -#define MC_CMD_FC_OUT_MAC_GET_RX_STATS_STATISTICS_OFST 0 -#define MC_CMD_FC_OUT_MAC_GET_RX_STATS_STATISTICS_LEN 8 -#define MC_CMD_FC_OUT_MAC_GET_RX_STATS_STATISTICS_LO_OFST 0 -#define MC_CMD_FC_OUT_MAC_GET_RX_STATS_STATISTICS_HI_OFST 4 -#define MC_CMD_FC_OUT_MAC_GET_RX_STATS_STATISTICS_NUM MC_CMD_FC_MAC_RX_NSTATS -#define MC_CMD_FC_MAC_RX_STATS_OCTETS 0x0 /* enum */ -#define MC_CMD_FC_MAC_RX_OCTETS_OK 0x1 /* enum */ -#define MC_CMD_FC_MAC_RX_ALIGNMENT_ERRORS 0x2 /* enum */ -#define MC_CMD_FC_MAC_RX_PAUSE_MAC_CTRL_FRAMES 0x3 /* enum */ -#define MC_CMD_FC_MAC_RX_FRAMES_OK 0x4 /* enum */ -#define MC_CMD_FC_MAC_RX_CRC_ERRORS 0x5 /* enum */ -#define MC_CMD_FC_MAC_RX_VLAN_OK 0x6 /* enum */ -#define MC_CMD_FC_MAC_RX_ERRORS 0x7 /* enum */ -#define MC_CMD_FC_MAC_RX_UCAST_PKTS 0x8 /* enum */ -#define MC_CMD_FC_MAC_RX_MULTICAST_PKTS 0x9 /* enum */ -#define MC_CMD_FC_MAC_RX_BROADCAST_PKTS 0xa /* enum */ -#define MC_CMD_FC_MAC_RX_STATS_DROP_EVENTS 0xb /* enum */ -#define MC_CMD_FC_MAC_RX_STATS_PKTS 0xc /* enum */ -#define MC_CMD_FC_MAC_RX_STATS_UNDERSIZE_PKTS 0xd /* enum */ -#define MC_CMD_FC_MAC_RX_STATS_PKTS_64 0xe /* enum */ -#define MC_CMD_FC_MAC_RX_STATS_PKTS_65_127 0xf /* enum */ -#define MC_CMD_FC_MAC_RX_STATS_PKTS_128_255 0x10 /* enum */ -#define MC_CMD_FC_MAC_RX_STATS_PKTS_256_511 0x11 /* enum */ -#define MC_CMD_FC_MAC_RX_STATS_PKTS_512_1023 0x12 /* enum */ -#define MC_CMD_FC_MAC_RX_STATS_PKTS_1024_1518 0x13 /* enum */ -#define MC_CMD_FC_MAC_RX_STATS_PKTS_1519_MAX 0x14 /* enum */ -#define MC_CMD_FC_MAC_RX_STATS_OVERSIZE_PKTS 0x15 /* enum */ -#define MC_CMD_FC_MAC_RX_STATS_JABBERS 0x16 /* enum */ -#define MC_CMD_FC_MAC_RX_STATS_FRAGMENTS 0x17 /* enum */ -#define MC_CMD_FC_MAC_RX_MAC_CONTROL_FRAMES 0x18 /* enum */ -/* enum: (Last entry) */ -#define MC_CMD_FC_MAC_RX_NSTATS 0x19 - -/* MC_CMD_FC_OUT_MAC_GET_TX_STATS msgresponse */ -#define MC_CMD_FC_OUT_MAC_GET_TX_STATS_LEN ((((0-1+(64*MC_CMD_FC_MAC_TX_NSTATS))+1))>>3) -#define MC_CMD_FC_OUT_MAC_GET_TX_STATS_STATISTICS_OFST 0 -#define MC_CMD_FC_OUT_MAC_GET_TX_STATS_STATISTICS_LEN 8 -#define MC_CMD_FC_OUT_MAC_GET_TX_STATS_STATISTICS_LO_OFST 0 -#define MC_CMD_FC_OUT_MAC_GET_TX_STATS_STATISTICS_HI_OFST 4 -#define MC_CMD_FC_OUT_MAC_GET_TX_STATS_STATISTICS_NUM MC_CMD_FC_MAC_TX_NSTATS -#define MC_CMD_FC_MAC_TX_STATS_OCTETS 0x0 /* enum */ -#define MC_CMD_FC_MAC_TX_OCTETS_OK 0x1 /* enum */ -#define MC_CMD_FC_MAC_TX_ALIGNMENT_ERRORS 0x2 /* enum */ -#define MC_CMD_FC_MAC_TX_PAUSE_MAC_CTRL_FRAMES 0x3 /* enum */ -#define MC_CMD_FC_MAC_TX_FRAMES_OK 0x4 /* enum */ -#define MC_CMD_FC_MAC_TX_CRC_ERRORS 0x5 /* enum */ -#define MC_CMD_FC_MAC_TX_VLAN_OK 0x6 /* enum */ -#define MC_CMD_FC_MAC_TX_ERRORS 0x7 /* enum */ -#define MC_CMD_FC_MAC_TX_UCAST_PKTS 0x8 /* enum */ -#define MC_CMD_FC_MAC_TX_MULTICAST_PKTS 0x9 /* enum */ -#define MC_CMD_FC_MAC_TX_BROADCAST_PKTS 0xa /* enum */ -#define MC_CMD_FC_MAC_TX_STATS_DROP_EVENTS 0xb /* enum */ -#define MC_CMD_FC_MAC_TX_STATS_PKTS 0xc /* enum */ -#define MC_CMD_FC_MAC_TX_STATS_UNDERSIZE_PKTS 0xd /* enum */ -#define MC_CMD_FC_MAC_TX_STATS_PKTS_64 0xe /* enum */ -#define MC_CMD_FC_MAC_TX_STATS_PKTS_65_127 0xf /* enum */ -#define MC_CMD_FC_MAC_TX_STATS_PKTS_128_255 0x10 /* enum */ -#define MC_CMD_FC_MAC_TX_STATS_PKTS_256_511 0x11 /* enum */ -#define MC_CMD_FC_MAC_TX_STATS_PKTS_512_1023 0x12 /* enum */ -#define MC_CMD_FC_MAC_TX_STATS_PKTS_1024_1518 0x13 /* enum */ -#define MC_CMD_FC_MAC_TX_STATS_PKTS_1519_TX_MTU 0x14 /* enum */ -#define MC_CMD_FC_MAC_TX_MAC_CONTROL_FRAMES 0x15 /* enum */ -/* enum: (Last entry) */ -#define MC_CMD_FC_MAC_TX_NSTATS 0x16 - -/* MC_CMD_FC_OUT_MAC_GET_STATS msgresponse */ -#define MC_CMD_FC_OUT_MAC_GET_STATS_LEN ((((0-1+(64*MC_CMD_FC_MAC_NSTATS_PER_BLOCK))+1))>>3) -/* MAC Statistics */ -#define MC_CMD_FC_OUT_MAC_GET_STATS_STATISTICS_OFST 0 -#define MC_CMD_FC_OUT_MAC_GET_STATS_STATISTICS_LEN 8 -#define MC_CMD_FC_OUT_MAC_GET_STATS_STATISTICS_LO_OFST 0 -#define MC_CMD_FC_OUT_MAC_GET_STATS_STATISTICS_HI_OFST 4 -#define MC_CMD_FC_OUT_MAC_GET_STATS_STATISTICS_NUM MC_CMD_FC_MAC_NSTATS_PER_BLOCK - -/* MC_CMD_FC_OUT_MAC msgresponse */ -#define MC_CMD_FC_OUT_MAC_LEN 0 - -/* MC_CMD_FC_OUT_SFP msgresponse */ -#define MC_CMD_FC_OUT_SFP_LEN 0 - -/* MC_CMD_FC_OUT_DDR_TEST_START msgresponse */ -#define MC_CMD_FC_OUT_DDR_TEST_START_LEN 0 - -/* MC_CMD_FC_OUT_DDR_TEST_POLL msgresponse */ -#define MC_CMD_FC_OUT_DDR_TEST_POLL_LEN 8 -#define MC_CMD_FC_OUT_DDR_TEST_POLL_STATUS_OFST 0 -#define MC_CMD_FC_OUT_DDR_TEST_POLL_CODE_LBN 0 -#define MC_CMD_FC_OUT_DDR_TEST_POLL_CODE_WIDTH 8 -/* enum: Test not yet initiated */ -#define MC_CMD_FC_OP_DDR_TEST_NONE 0x0 -/* enum: Test is in progress */ -#define MC_CMD_FC_OP_DDR_TEST_INPROGRESS 0x1 -/* enum: Timed completed */ -#define MC_CMD_FC_OP_DDR_TEST_SUCCESS 0x2 -/* enum: Test did not complete in specified time */ -#define MC_CMD_FC_OP_DDR_TEST_TIMER_EXPIRED 0x3 -#define MC_CMD_FC_OUT_DDR_TEST_POLL_PRESENT_T0_LBN 11 -#define MC_CMD_FC_OUT_DDR_TEST_POLL_PRESENT_T0_WIDTH 1 -#define MC_CMD_FC_OUT_DDR_TEST_POLL_PRESENT_T1_LBN 10 -#define MC_CMD_FC_OUT_DDR_TEST_POLL_PRESENT_T1_WIDTH 1 -#define MC_CMD_FC_OUT_DDR_TEST_POLL_PRESENT_B0_LBN 9 -#define MC_CMD_FC_OUT_DDR_TEST_POLL_PRESENT_B0_WIDTH 1 -#define MC_CMD_FC_OUT_DDR_TEST_POLL_PRESENT_B1_LBN 8 -#define MC_CMD_FC_OUT_DDR_TEST_POLL_PRESENT_B1_WIDTH 1 -/* Test result from FPGA */ -#define MC_CMD_FC_OUT_DDR_TEST_POLL_RESULT_OFST 4 -#define MC_CMD_FC_OUT_DDR_TEST_POLL_FPGA_SUPPORTS_T0_LBN 31 -#define MC_CMD_FC_OUT_DDR_TEST_POLL_FPGA_SUPPORTS_T0_WIDTH 1 -#define MC_CMD_FC_OUT_DDR_TEST_POLL_FPGA_SUPPORTS_T1_LBN 30 -#define MC_CMD_FC_OUT_DDR_TEST_POLL_FPGA_SUPPORTS_T1_WIDTH 1 -#define MC_CMD_FC_OUT_DDR_TEST_POLL_FPGA_SUPPORTS_B0_LBN 29 -#define MC_CMD_FC_OUT_DDR_TEST_POLL_FPGA_SUPPORTS_B0_WIDTH 1 -#define MC_CMD_FC_OUT_DDR_TEST_POLL_FPGA_SUPPORTS_B1_LBN 28 -#define MC_CMD_FC_OUT_DDR_TEST_POLL_FPGA_SUPPORTS_B1_WIDTH 1 -#define MC_CMD_FC_OUT_DDR_TEST_POLL_T0_LBN 15 -#define MC_CMD_FC_OUT_DDR_TEST_POLL_T0_WIDTH 5 -#define MC_CMD_FC_OUT_DDR_TEST_POLL_T1_LBN 10 -#define MC_CMD_FC_OUT_DDR_TEST_POLL_T1_WIDTH 5 -#define MC_CMD_FC_OUT_DDR_TEST_POLL_B0_LBN 5 -#define MC_CMD_FC_OUT_DDR_TEST_POLL_B0_WIDTH 5 -#define MC_CMD_FC_OUT_DDR_TEST_POLL_B1_LBN 0 -#define MC_CMD_FC_OUT_DDR_TEST_POLL_B1_WIDTH 5 -#define MC_CMD_FC_OUT_DDR_TEST_POLL_TEST_COMPLETE 0x0 /* enum */ -#define MC_CMD_FC_OUT_DDR_TEST_POLL_TEST_FAIL 0x1 /* enum */ -#define MC_CMD_FC_OUT_DDR_TEST_POLL_TEST_PASS 0x2 /* enum */ -#define MC_CMD_FC_OUT_DDR_TEST_POLL_CAL_FAIL 0x3 /* enum */ -#define MC_CMD_FC_OUT_DDR_TEST_POLL_CAL_SUCCESS 0x4 /* enum */ - -/* MC_CMD_FC_OUT_DDR_TEST msgresponse */ -#define MC_CMD_FC_OUT_DDR_TEST_LEN 0 - -/* MC_CMD_FC_OUT_GET_ASSERT msgresponse */ -#define MC_CMD_FC_OUT_GET_ASSERT_LEN 144 -/* Assertion status flag. */ -#define MC_CMD_FC_OUT_GET_ASSERT_GLOBAL_FLAGS_OFST 0 -#define MC_CMD_FC_OUT_GET_ASSERT_STATE_LBN 8 -#define MC_CMD_FC_OUT_GET_ASSERT_STATE_WIDTH 8 -/* enum: No crash data available */ -#define MC_CMD_FC_GET_ASSERT_FLAGS_STATE_CLEAR 0x0 -/* enum: New crash data available */ -#define MC_CMD_FC_GET_ASSERT_FLAGS_STATE_NEW 0x1 -/* enum: Crash data has been sent */ -#define MC_CMD_FC_GET_ASSERT_FLAGS_STATE_NOTIFIED 0x2 -#define MC_CMD_FC_OUT_GET_ASSERT_TYPE_LBN 0 -#define MC_CMD_FC_OUT_GET_ASSERT_TYPE_WIDTH 8 -/* enum: No crash has been recorded. */ -#define MC_CMD_FC_GET_ASSERT_FLAGS_TYPE_NONE 0x0 -/* enum: Crash due to exception. */ -#define MC_CMD_FC_GET_ASSERT_FLAGS_TYPE_EXCEPTION 0x1 -/* enum: Crash due to assertion. */ -#define MC_CMD_FC_GET_ASSERT_FLAGS_TYPE_ASSERTION 0x2 -/* Failing PC value */ -#define MC_CMD_FC_OUT_GET_ASSERT_SAVED_PC_OFFS_OFST 4 -/* Saved GP regs */ -#define MC_CMD_FC_OUT_GET_ASSERT_GP_REGS_OFFS_OFST 8 -#define MC_CMD_FC_OUT_GET_ASSERT_GP_REGS_OFFS_LEN 4 -#define MC_CMD_FC_OUT_GET_ASSERT_GP_REGS_OFFS_NUM 31 -/* Exception Type */ -#define MC_CMD_FC_OUT_GET_ASSERT_EXCEPTION_TYPE_OFFS_OFST 132 -/* Instruction at which exception occurred */ -#define MC_CMD_FC_OUT_GET_ASSERT_EXCEPTION_PC_ADDR_OFFS_OFST 136 -/* BAD Address that triggered address-based exception */ -#define MC_CMD_FC_OUT_GET_ASSERT_EXCEPTION_BAD_ADDR_OFFS_OFST 140 - -/* MC_CMD_FC_OUT_FPGA_BUILD msgresponse */ -#define MC_CMD_FC_OUT_FPGA_BUILD_LEN 32 -#define MC_CMD_FC_OUT_FPGA_BUILD_COMPONENT_INFO_OFST 0 -#define MC_CMD_FC_OUT_FPGA_BUILD_IS_APPLICATION_LBN 31 -#define MC_CMD_FC_OUT_FPGA_BUILD_IS_APPLICATION_WIDTH 1 -#define MC_CMD_FC_OUT_FPGA_BUILD_IS_LICENSED_LBN 30 -#define MC_CMD_FC_OUT_FPGA_BUILD_IS_LICENSED_WIDTH 1 -#define MC_CMD_FC_OUT_FPGA_BUILD_COMPONENT_ID_LBN 16 -#define MC_CMD_FC_OUT_FPGA_BUILD_COMPONENT_ID_WIDTH 14 -#define MC_CMD_FC_OUT_FPGA_BUILD_VERSION_MAJOR_LBN 12 -#define MC_CMD_FC_OUT_FPGA_BUILD_VERSION_MAJOR_WIDTH 4 -#define MC_CMD_FC_OUT_FPGA_BUILD_VERSION_MINOR_LBN 4 -#define MC_CMD_FC_OUT_FPGA_BUILD_VERSION_MINOR_WIDTH 8 -#define MC_CMD_FC_OUT_FPGA_BUILD_BUILD_NUM_LBN 0 -#define MC_CMD_FC_OUT_FPGA_BUILD_BUILD_NUM_WIDTH 4 -/* Build timestamp (seconds since epoch) */ -#define MC_CMD_FC_OUT_FPGA_BUILD_TIMESTAMP_OFST 4 -#define MC_CMD_FC_OUT_FPGA_BUILD_PARAMETERS_OFST 8 -#define MC_CMD_FC_OUT_FPGA_BUILD_FPGA_TYPE_LBN 0 -#define MC_CMD_FC_OUT_FPGA_BUILD_FPGA_TYPE_WIDTH 8 -#define MC_CMD_FC_FPGA_TYPE_A7 0xa7 /* enum */ -#define MC_CMD_FC_FPGA_TYPE_A5 0xa5 /* enum */ -#define MC_CMD_FC_OUT_FPGA_BUILD_RESERVED1_LBN 8 -#define MC_CMD_FC_OUT_FPGA_BUILD_RESERVED1_WIDTH 10 -#define MC_CMD_FC_OUT_FPGA_BUILD_PTP_ENABLED_LBN 18 -#define MC_CMD_FC_OUT_FPGA_BUILD_PTP_ENABLED_WIDTH 1 -#define MC_CMD_FC_OUT_FPGA_BUILD_SODIMM1_RLDRAM_DEF_LBN 19 -#define MC_CMD_FC_OUT_FPGA_BUILD_SODIMM1_RLDRAM_DEF_WIDTH 1 -#define MC_CMD_FC_OUT_FPGA_BUILD_SODIMM2_RLDRAM_DEF_LBN 20 -#define MC_CMD_FC_OUT_FPGA_BUILD_SODIMM2_RLDRAM_DEF_WIDTH 1 -#define MC_CMD_FC_OUT_FPGA_BUILD_SODIMM3_RLDRAM_DEF_LBN 21 -#define MC_CMD_FC_OUT_FPGA_BUILD_SODIMM3_RLDRAM_DEF_WIDTH 1 -#define MC_CMD_FC_OUT_FPGA_BUILD_SODIMM4_RLDRAM_DEF_LBN 22 -#define MC_CMD_FC_OUT_FPGA_BUILD_SODIMM4_RLDRAM_DEF_WIDTH 1 -#define MC_CMD_FC_OUT_FPGA_BUILD_SODIMM_T0_DDR3_DEF_LBN 23 -#define MC_CMD_FC_OUT_FPGA_BUILD_SODIMM_T0_DDR3_DEF_WIDTH 1 -#define MC_CMD_FC_OUT_FPGA_BUILD_SODIMM_T1_DDR3_DEF_LBN 24 -#define MC_CMD_FC_OUT_FPGA_BUILD_SODIMM_T1_DDR3_DEF_WIDTH 1 -#define MC_CMD_FC_OUT_FPGA_BUILD_SODIMM_B0_DDR3_DEF_LBN 25 -#define MC_CMD_FC_OUT_FPGA_BUILD_SODIMM_B0_DDR3_DEF_WIDTH 1 -#define MC_CMD_FC_OUT_FPGA_BUILD_SODIMM_B1_DDR3_DEF_LBN 26 -#define MC_CMD_FC_OUT_FPGA_BUILD_SODIMM_B1_DDR3_DEF_WIDTH 1 -#define MC_CMD_FC_OUT_FPGA_BUILD_DDR3_ECC_ENABLED_LBN 27 -#define MC_CMD_FC_OUT_FPGA_BUILD_DDR3_ECC_ENABLED_WIDTH 1 -#define MC_CMD_FC_OUT_FPGA_BUILD_SODIMM_T1_QDR_DEF_LBN 28 -#define MC_CMD_FC_OUT_FPGA_BUILD_SODIMM_T1_QDR_DEF_WIDTH 1 -#define MC_CMD_FC_OUT_FPGA_BUILD_RESERVED2_LBN 29 -#define MC_CMD_FC_OUT_FPGA_BUILD_RESERVED2_WIDTH 2 -#define MC_CMD_FC_OUT_FPGA_BUILD_CRC_APPEND_LBN 31 -#define MC_CMD_FC_OUT_FPGA_BUILD_CRC_APPEND_WIDTH 1 -#define MC_CMD_FC_OUT_FPGA_BUILD_IDENTIFIER_OFST 12 -#define MC_CMD_FC_OUT_FPGA_BUILD_CHANGESET_LBN 0 -#define MC_CMD_FC_OUT_FPGA_BUILD_CHANGESET_WIDTH 16 -#define MC_CMD_FC_OUT_FPGA_BUILD_BUILD_FLAG_LBN 16 -#define MC_CMD_FC_OUT_FPGA_BUILD_BUILD_FLAG_WIDTH 1 -#define MC_CMD_FC_FPGA_BUILD_FLAG_INTERNAL 0x0 /* enum */ -#define MC_CMD_FC_FPGA_BUILD_FLAG_RELEASE 0x1 /* enum */ -#define MC_CMD_FC_OUT_FPGA_BUILD_RESERVED3_LBN 17 -#define MC_CMD_FC_OUT_FPGA_BUILD_RESERVED3_WIDTH 15 -#define MC_CMD_FC_OUT_FPGA_BUILD_VERSION_HI_OFST 16 -#define MC_CMD_FC_OUT_FPGA_BUILD_DEPLOYMENT_VERSION_MINOR_LBN 0 -#define MC_CMD_FC_OUT_FPGA_BUILD_DEPLOYMENT_VERSION_MINOR_WIDTH 16 -#define MC_CMD_FC_OUT_FPGA_BUILD_DEPLOYMENT_VERSION_MAJOR_LBN 16 -#define MC_CMD_FC_OUT_FPGA_BUILD_DEPLOYMENT_VERSION_MAJOR_WIDTH 16 -#define MC_CMD_FC_OUT_FPGA_BUILD_VERSION_LO_OFST 20 -#define MC_CMD_FC_OUT_FPGA_BUILD_DEPLOYMENT_VERSION_BUILD_LBN 0 -#define MC_CMD_FC_OUT_FPGA_BUILD_DEPLOYMENT_VERSION_BUILD_WIDTH 16 -#define MC_CMD_FC_OUT_FPGA_BUILD_DEPLOYMENT_VERSION_MICRO_LBN 16 -#define MC_CMD_FC_OUT_FPGA_BUILD_DEPLOYMENT_VERSION_MICRO_WIDTH 16 -#define MC_CMD_FC_OUT_FPGA_BUILD_RESERVED4_OFST 16 -#define MC_CMD_FC_OUT_FPGA_BUILD_RESERVED4_LEN 8 -#define MC_CMD_FC_OUT_FPGA_BUILD_RESERVED4_LO_OFST 16 -#define MC_CMD_FC_OUT_FPGA_BUILD_RESERVED4_HI_OFST 20 -#define MC_CMD_FC_OUT_FPGA_BUILD_REVISION_LO_OFST 24 -#define MC_CMD_FC_OUT_FPGA_BUILD_REVISION_HI_OFST 28 -#define MC_CMD_FC_OUT_FPGA_BUILD_REVISION_HIGH_LBN 0 -#define MC_CMD_FC_OUT_FPGA_BUILD_REVISION_HIGH_WIDTH 16 - -/* MC_CMD_FC_OUT_FPGA_BUILD_V2 msgresponse */ -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_LEN 32 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_COMPONENT_INFO_OFST 0 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_IS_APPLICATION_LBN 31 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_IS_APPLICATION_WIDTH 1 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_IS_LICENSED_LBN 30 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_IS_LICENSED_WIDTH 1 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_COMPONENT_ID_LBN 16 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_COMPONENT_ID_WIDTH 14 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_VERSION_MAJOR_LBN 12 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_VERSION_MAJOR_WIDTH 4 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_VERSION_MINOR_LBN 4 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_VERSION_MINOR_WIDTH 8 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_BUILD_NUM_LBN 0 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_BUILD_NUM_WIDTH 4 -/* Build timestamp (seconds since epoch) */ -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_TIMESTAMP_OFST 4 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_PARAMETERS_OFST 8 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_PMA_PASSTHROUGH_LBN 31 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_PMA_PASSTHROUGH_WIDTH 1 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SODIMM2_QDR_DEF_LBN 29 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SODIMM2_QDR_DEF_WIDTH 1 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SODIMM1_QDR_DEF_LBN 28 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SODIMM1_QDR_DEF_WIDTH 1 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_DDR3_ECC_ENABLED_LBN 27 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_DDR3_ECC_ENABLED_WIDTH 1 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_DISCRETE2_DDR3_DEF_LBN 26 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_DISCRETE2_DDR3_DEF_WIDTH 1 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_DISCRETE1_DDR3_DEF_LBN 25 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_DISCRETE1_DDR3_DEF_WIDTH 1 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SODIMM2_TO_DDR3_DEF_LBN 24 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SODIMM2_TO_DDR3_DEF_WIDTH 1 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SODIMM1_T0_DDR3_DEF_LBN 23 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SODIMM1_T0_DDR3_DEF_WIDTH 1 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_DISCRETE2_RLDRAM_DEF_LBN 22 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_DISCRETE2_RLDRAM_DEF_WIDTH 1 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_DISCRETE1_RLDRAM_DEF_LBN 21 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_DISCRETE1_RLDRAM_DEF_WIDTH 1 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SODIMM2_RLDRAM_DEF_LBN 20 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SODIMM2_RLDRAM_DEF_WIDTH 1 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SODIMM1_RLDRAM_DEF_LBN 19 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SODIMM1_RLDRAM_DEF_WIDTH 1 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_NIC0_3_SPEED_LBN 18 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_NIC0_3_SPEED_WIDTH 1 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_NIC0_3_SPEED_10G 0x0 /* enum */ -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_NIC0_3_SPEED_40G 0x1 /* enum */ -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SFP4_7_SPEED_LBN 17 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SFP4_7_SPEED_WIDTH 1 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SFP4_7_SPEED_10G 0x0 /* enum */ -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SFP4_7_SPEED_40G 0x1 /* enum */ -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SFP0_3_SPEED_LBN 16 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SFP0_3_SPEED_WIDTH 1 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SFP0_3_SPEED_10G 0x0 /* enum */ -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SFP0_3_SPEED_40G 0x1 /* enum */ -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SFP7_DEF_LBN 15 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SFP7_DEF_WIDTH 1 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SFP6_DEF_LBN 14 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SFP6_DEF_WIDTH 1 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SFP5_DEF_LBN 13 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SFP5_DEF_WIDTH 1 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SFP4_DEF_LBN 12 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SFP4_DEF_WIDTH 1 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SFP3_DEF_LBN 11 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SFP3_DEF_WIDTH 1 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SFP2_DEF_LBN 10 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SFP2_DEF_WIDTH 1 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SFP1_DEF_LBN 9 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SFP1_DEF_WIDTH 1 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SFP0_DEF_LBN 8 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SFP0_DEF_WIDTH 1 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_NIC3_DEF_LBN 7 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_NIC3_DEF_WIDTH 1 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_NIC2_DEF_LBN 6 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_NIC2_DEF_WIDTH 1 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_NIC1_DEF_LBN 5 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_NIC1_DEF_WIDTH 1 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_NIC0_DEF_LBN 4 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_NIC0_DEF_WIDTH 1 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_FPGA_TYPE_LBN 0 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_FPGA_TYPE_WIDTH 4 -#define MC_CMD_FC_FPGA_V2_TYPE_A3 0x0 /* enum */ -#define MC_CMD_FC_FPGA_V2_TYPE_A4 0x1 /* enum */ -#define MC_CMD_FC_FPGA_V2_TYPE_A5 0x2 /* enum */ -#define MC_CMD_FC_FPGA_V2_TYPE_A7 0x3 /* enum */ -#define MC_CMD_FC_FPGA_V2_TYPE_D3 0x8 /* enum */ -#define MC_CMD_FC_FPGA_V2_TYPE_D4 0x9 /* enum */ -#define MC_CMD_FC_FPGA_V2_TYPE_D5 0xa /* enum */ -#define MC_CMD_FC_FPGA_V2_TYPE_D7 0xb /* enum */ -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_IDENTIFIER_OFST 12 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_CHANGESET_LBN 0 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_CHANGESET_WIDTH 16 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_BUILD_FLAG_LBN 16 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_BUILD_FLAG_WIDTH 1 -/* MC_CMD_FC_FPGA_BUILD_FLAG_INTERNAL 0x0 */ -/* MC_CMD_FC_FPGA_BUILD_FLAG_RELEASE 0x1 */ -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_VERSION_HI_OFST 16 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_DEPLOYMENT_VERSION_MINOR_LBN 0 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_DEPLOYMENT_VERSION_MINOR_WIDTH 16 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_DEPLOYMENT_VERSION_MAJOR_LBN 16 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_DEPLOYMENT_VERSION_MAJOR_WIDTH 16 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_VERSION_LO_OFST 20 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_DEPLOYMENT_VERSION_BUILD_LBN 0 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_DEPLOYMENT_VERSION_BUILD_WIDTH 16 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_DEPLOYMENT_VERSION_MICRO_LBN 16 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_DEPLOYMENT_VERSION_MICRO_WIDTH 16 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_REVISION_LO_OFST 24 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_REVISION_HI_OFST 28 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_REVISION_HIGH_LBN 0 -#define MC_CMD_FC_OUT_FPGA_BUILD_V2_REVISION_HIGH_WIDTH 16 - -/* MC_CMD_FC_OUT_FPGA_SERVICES msgresponse */ -#define MC_CMD_FC_OUT_FPGA_SERVICES_LEN 32 -#define MC_CMD_FC_OUT_FPGA_SERVICES_COMPONENT_INFO_OFST 0 -#define MC_CMD_FC_OUT_FPGA_SERVICES_IS_APPLICATION_LBN 31 -#define MC_CMD_FC_OUT_FPGA_SERVICES_IS_APPLICATION_WIDTH 1 -#define MC_CMD_FC_OUT_FPGA_SERVICES_IS_LICENSED_LBN 30 -#define MC_CMD_FC_OUT_FPGA_SERVICES_IS_LICENSED_WIDTH 1 -#define MC_CMD_FC_OUT_FPGA_SERVICES_COMPONENT_ID_LBN 16 -#define MC_CMD_FC_OUT_FPGA_SERVICES_COMPONENT_ID_WIDTH 14 -#define MC_CMD_FC_OUT_FPGA_SERVICES_VERSION_MAJOR_LBN 12 -#define MC_CMD_FC_OUT_FPGA_SERVICES_VERSION_MAJOR_WIDTH 4 -#define MC_CMD_FC_OUT_FPGA_SERVICES_VERSION_MINOR_LBN 4 -#define MC_CMD_FC_OUT_FPGA_SERVICES_VERSION_MINOR_WIDTH 8 -#define MC_CMD_FC_OUT_FPGA_SERVICES_BUILD_NUM_LBN 0 -#define MC_CMD_FC_OUT_FPGA_SERVICES_BUILD_NUM_WIDTH 4 -/* Build timestamp (seconds since epoch) */ -#define MC_CMD_FC_OUT_FPGA_SERVICES_TIMESTAMP_OFST 4 -#define MC_CMD_FC_OUT_FPGA_SERVICES_PARAMETERS_OFST 8 -#define MC_CMD_FC_OUT_FPGA_SERVICES_FC_FLASH_BOOTED_LBN 8 -#define MC_CMD_FC_OUT_FPGA_SERVICES_FC_FLASH_BOOTED_WIDTH 1 -#define MC_CMD_FC_OUT_FPGA_SERVICES_NIC0_DEF_LBN 27 -#define MC_CMD_FC_OUT_FPGA_SERVICES_NIC0_DEF_WIDTH 1 -#define MC_CMD_FC_OUT_FPGA_SERVICES_NIC1_DEF_LBN 28 -#define MC_CMD_FC_OUT_FPGA_SERVICES_NIC1_DEF_WIDTH 1 -#define MC_CMD_FC_OUT_FPGA_SERVICES_SFP0_DEF_LBN 29 -#define MC_CMD_FC_OUT_FPGA_SERVICES_SFP0_DEF_WIDTH 1 -#define MC_CMD_FC_OUT_FPGA_SERVICES_SFP1_DEF_LBN 30 -#define MC_CMD_FC_OUT_FPGA_SERVICES_SFP1_DEF_WIDTH 1 -#define MC_CMD_FC_OUT_FPGA_SERVICES_RESERVED_LBN 31 -#define MC_CMD_FC_OUT_FPGA_SERVICES_RESERVED_WIDTH 1 -#define MC_CMD_FC_OUT_FPGA_SERVICES_IDENTIFIER_OFST 12 -#define MC_CMD_FC_OUT_FPGA_SERVICES_CHANGESET_LBN 0 -#define MC_CMD_FC_OUT_FPGA_SERVICES_CHANGESET_WIDTH 16 -#define MC_CMD_FC_OUT_FPGA_SERVICES_BUILD_FLAG_LBN 16 -#define MC_CMD_FC_OUT_FPGA_SERVICES_BUILD_FLAG_WIDTH 1 -#define MC_CMD_FC_OUT_FPGA_SERVICES_MEMORY_SIZE_OFST 16 -#define MC_CMD_FC_OUT_FPGA_SERVICES_MEMORY_SIZE_WIDTH_LBN 0 -#define MC_CMD_FC_OUT_FPGA_SERVICES_MEMORY_SIZE_WIDTH_WIDTH 16 -#define MC_CMD_FC_OUT_FPGA_SERVICES_MEMORY_SIZE_COUNT_LBN 16 -#define MC_CMD_FC_OUT_FPGA_SERVICES_MEMORY_SIZE_COUNT_WIDTH 16 -#define MC_CMD_FC_OUT_FPGA_SERVICES_INSTANCE_SIZE_OFST 20 -#define MC_CMD_FC_OUT_FPGA_SERVICES_INSTANCE_SIZE_WIDTH_LBN 0 -#define MC_CMD_FC_OUT_FPGA_SERVICES_INSTANCE_SIZE_WIDTH_WIDTH 16 -#define MC_CMD_FC_OUT_FPGA_SERVICES_INSTANCE_SIZE_COUNT_LBN 16 -#define MC_CMD_FC_OUT_FPGA_SERVICES_INSTANCE_SIZE_COUNT_WIDTH 16 -#define MC_CMD_FC_OUT_FPGA_SERVICES_REVISION_LO_OFST 24 -#define MC_CMD_FC_OUT_FPGA_SERVICES_REVISION_HI_OFST 28 -#define MC_CMD_FC_OUT_FPGA_SERVICES_REVISION_HIGH_LBN 0 -#define MC_CMD_FC_OUT_FPGA_SERVICES_REVISION_HIGH_WIDTH 16 - -/* MC_CMD_FC_OUT_FPGA_SERVICES_V2 msgresponse */ -#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_LEN 32 -#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_COMPONENT_INFO_OFST 0 -#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_IS_APPLICATION_LBN 31 -#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_IS_APPLICATION_WIDTH 1 -#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_IS_LICENSED_LBN 30 -#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_IS_LICENSED_WIDTH 1 -#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_COMPONENT_ID_LBN 16 -#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_COMPONENT_ID_WIDTH 14 -#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_VERSION_MAJOR_LBN 12 -#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_VERSION_MAJOR_WIDTH 4 -#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_VERSION_MINOR_LBN 4 -#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_VERSION_MINOR_WIDTH 8 -#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_BUILD_NUM_LBN 0 -#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_BUILD_NUM_WIDTH 4 -/* Build timestamp (seconds since epoch) */ -#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_TIMESTAMP_OFST 4 -#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_PARAMETERS_OFST 8 -#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_PTP_ENABLED_LBN 0 -#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_PTP_ENABLED_WIDTH 1 -#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_FC_FLASH_BOOTED_LBN 8 -#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_FC_FLASH_BOOTED_WIDTH 1 -#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_IDENTIFIER_OFST 12 -#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_CHANGESET_LBN 0 -#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_CHANGESET_WIDTH 16 -#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_BUILD_FLAG_LBN 16 -#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_BUILD_FLAG_WIDTH 1 -/* MC_CMD_FC_FPGA_BUILD_FLAG_INTERNAL 0x0 */ -/* MC_CMD_FC_FPGA_BUILD_FLAG_RELEASE 0x1 */ -#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_REVISION_LO_OFST 24 -#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_REVISION_HI_OFST 28 -#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_REVISION_HIGH_LBN 0 -#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_REVISION_HIGH_WIDTH 16 - -/* MC_CMD_FC_OUT_BSP_VERSION msgresponse */ -#define MC_CMD_FC_OUT_BSP_VERSION_LEN 4 -/* Qsys system ID */ -#define MC_CMD_FC_OUT_BSP_VERSION_SYSID_OFST 0 -#define MC_CMD_FC_OUT_BSP_VERSION_VERSION_MAJOR_LBN 12 -#define MC_CMD_FC_OUT_BSP_VERSION_VERSION_MAJOR_WIDTH 4 -#define MC_CMD_FC_OUT_BSP_VERSION_VERSION_MINOR_LBN 4 -#define MC_CMD_FC_OUT_BSP_VERSION_VERSION_MINOR_WIDTH 8 -#define MC_CMD_FC_OUT_BSP_VERSION_BUILD_NUM_LBN 0 -#define MC_CMD_FC_OUT_BSP_VERSION_BUILD_NUM_WIDTH 4 - -/* MC_CMD_FC_OUT_READ_MAP_COUNT msgresponse */ -#define MC_CMD_FC_OUT_READ_MAP_COUNT_LEN 4 -/* Number of maps */ -#define MC_CMD_FC_OUT_READ_MAP_COUNT_NUM_MAPS_OFST 0 - -/* MC_CMD_FC_OUT_READ_MAP_INDEX msgresponse */ -#define MC_CMD_FC_OUT_READ_MAP_INDEX_LEN 164 -/* Index of the map */ -#define MC_CMD_FC_OUT_READ_MAP_INDEX_INDEX_OFST 0 -/* Options for the map */ -#define MC_CMD_FC_OUT_READ_MAP_INDEX_OPTIONS_OFST 4 -#define MC_CMD_FC_OUT_READ_MAP_INDEX_ALIGN_8 0x0 /* enum */ -#define MC_CMD_FC_OUT_READ_MAP_INDEX_ALIGN_16 0x1 /* enum */ -#define MC_CMD_FC_OUT_READ_MAP_INDEX_ALIGN_32 0x2 /* enum */ -#define MC_CMD_FC_OUT_READ_MAP_INDEX_ALIGN_64 0x3 /* enum */ -#define MC_CMD_FC_OUT_READ_MAP_INDEX_ALIGN_MASK 0x3 /* enum */ -#define MC_CMD_FC_OUT_READ_MAP_INDEX_PATH_FC 0x4 /* enum */ -#define MC_CMD_FC_OUT_READ_MAP_INDEX_PATH_MEM 0x8 /* enum */ -#define MC_CMD_FC_OUT_READ_MAP_INDEX_PERM_READ 0x10 /* enum */ -#define MC_CMD_FC_OUT_READ_MAP_INDEX_PERM_WRITE 0x20 /* enum */ -#define MC_CMD_FC_OUT_READ_MAP_INDEX_LICENSE_FREE 0x0 /* enum */ -#define MC_CMD_FC_OUT_READ_MAP_INDEX_LICENSE_LICENSED 0x40 /* enum */ -/* Address of start of map */ -#define MC_CMD_FC_OUT_READ_MAP_INDEX_ADDRESS_OFST 8 -#define MC_CMD_FC_OUT_READ_MAP_INDEX_ADDRESS_LEN 8 -#define MC_CMD_FC_OUT_READ_MAP_INDEX_ADDRESS_LO_OFST 8 -#define MC_CMD_FC_OUT_READ_MAP_INDEX_ADDRESS_HI_OFST 12 -/* Length of address map */ -#define MC_CMD_FC_OUT_READ_MAP_INDEX_LEN_OFST 16 -#define MC_CMD_FC_OUT_READ_MAP_INDEX_LEN_LEN 8 -#define MC_CMD_FC_OUT_READ_MAP_INDEX_LEN_LO_OFST 16 -#define MC_CMD_FC_OUT_READ_MAP_INDEX_LEN_HI_OFST 20 -/* Component information field */ -#define MC_CMD_FC_OUT_READ_MAP_INDEX_COMP_INFO_OFST 24 -/* License expiry data for map */ -#define MC_CMD_FC_OUT_READ_MAP_INDEX_LICENSE_DATE_OFST 28 -#define MC_CMD_FC_OUT_READ_MAP_INDEX_LICENSE_DATE_LEN 8 -#define MC_CMD_FC_OUT_READ_MAP_INDEX_LICENSE_DATE_LO_OFST 28 -#define MC_CMD_FC_OUT_READ_MAP_INDEX_LICENSE_DATE_HI_OFST 32 -/* Name of the component */ -#define MC_CMD_FC_OUT_READ_MAP_INDEX_NAME_OFST 36 -#define MC_CMD_FC_OUT_READ_MAP_INDEX_NAME_LEN 1 -#define MC_CMD_FC_OUT_READ_MAP_INDEX_NAME_NUM 128 - -/* MC_CMD_FC_OUT_READ_MAP msgresponse */ -#define MC_CMD_FC_OUT_READ_MAP_LEN 0 - -/* MC_CMD_FC_OUT_CAPABILITIES msgresponse */ -#define MC_CMD_FC_OUT_CAPABILITIES_LEN 8 -/* Number of internal ports */ -#define MC_CMD_FC_OUT_CAPABILITIES_INTERNAL_OFST 0 -/* Number of external ports */ -#define MC_CMD_FC_OUT_CAPABILITIES_EXTERNAL_OFST 4 - -/* MC_CMD_FC_OUT_GLOBAL_FLAGS msgresponse */ -#define MC_CMD_FC_OUT_GLOBAL_FLAGS_LEN 4 -#define MC_CMD_FC_OUT_GLOBAL_FLAGS_FLAGS_OFST 0 - -/* MC_CMD_FC_OUT_IO_REL msgresponse */ -#define MC_CMD_FC_OUT_IO_REL_LEN 0 - -/* MC_CMD_FC_OUT_IO_REL_GET_ADDR msgresponse */ -#define MC_CMD_FC_OUT_IO_REL_GET_ADDR_LEN 8 -#define MC_CMD_FC_OUT_IO_REL_GET_ADDR_ADDR_HI_OFST 0 -#define MC_CMD_FC_OUT_IO_REL_GET_ADDR_ADDR_LO_OFST 4 - -/* MC_CMD_FC_OUT_IO_REL_READ32 msgresponse */ -#define MC_CMD_FC_OUT_IO_REL_READ32_LENMIN 4 -#define MC_CMD_FC_OUT_IO_REL_READ32_LENMAX 252 -#define MC_CMD_FC_OUT_IO_REL_READ32_LEN(num) (0+4*(num)) -#define MC_CMD_FC_OUT_IO_REL_READ32_BUFFER_OFST 0 -#define MC_CMD_FC_OUT_IO_REL_READ32_BUFFER_LEN 4 -#define MC_CMD_FC_OUT_IO_REL_READ32_BUFFER_MINNUM 1 -#define MC_CMD_FC_OUT_IO_REL_READ32_BUFFER_MAXNUM 63 - -/* MC_CMD_FC_OUT_IO_REL_WRITE32 msgresponse */ -#define MC_CMD_FC_OUT_IO_REL_WRITE32_LEN 0 - -/* MC_CMD_FC_OUT_UHLINK_PHY msgresponse */ -#define MC_CMD_FC_OUT_UHLINK_PHY_LEN 48 -#define MC_CMD_FC_OUT_UHLINK_PHY_TRC_TX_SETTINGS_0_OFST 0 -#define MC_CMD_FC_OUT_UHLINK_PHY_TRC_TX_VOD_LBN 0 -#define MC_CMD_FC_OUT_UHLINK_PHY_TRC_TX_VOD_WIDTH 16 -#define MC_CMD_FC_OUT_UHLINK_PHY_TRC_TX_PREEMP_1STPOSTTAP_LBN 16 -#define MC_CMD_FC_OUT_UHLINK_PHY_TRC_TX_PREEMP_1STPOSTTAP_WIDTH 16 -/* Transceiver Transmit settings */ -#define MC_CMD_FC_OUT_UHLINK_PHY_TRC_TX_SETTINGS_1_OFST 4 -#define MC_CMD_FC_OUT_UHLINK_PHY_TRC_TX_PREEMP_PRETAP_LBN 0 -#define MC_CMD_FC_OUT_UHLINK_PHY_TRC_TX_PREEMP_PRETAP_WIDTH 16 -#define MC_CMD_FC_OUT_UHLINK_PHY_TRC_TX_PREEMP_2NDPOSTTAP_LBN 16 -#define MC_CMD_FC_OUT_UHLINK_PHY_TRC_TX_PREEMP_2NDPOSTTAP_WIDTH 16 -/* Transceiver Receive settings */ -#define MC_CMD_FC_OUT_UHLINK_PHY_TRC_RX_SETTINGS_OFST 8 -#define MC_CMD_FC_OUT_UHLINK_PHY_TRC_RX_DC_GAIN_LBN 0 -#define MC_CMD_FC_OUT_UHLINK_PHY_TRC_RX_DC_GAIN_WIDTH 16 -#define MC_CMD_FC_OUT_UHLINK_PHY_TRC_RX_EQ_CONTROL_LBN 16 -#define MC_CMD_FC_OUT_UHLINK_PHY_TRC_RX_EQ_CONTROL_WIDTH 16 -/* Rx eye opening */ -#define MC_CMD_FC_OUT_UHLINK_PHY_RX_EYE_OFST 12 -#define MC_CMD_FC_OUT_UHLINK_PHY_RX_EYE_WIDTH_LBN 0 -#define MC_CMD_FC_OUT_UHLINK_PHY_RX_EYE_WIDTH_WIDTH 16 -#define MC_CMD_FC_OUT_UHLINK_PHY_RX_EYE_HEIGHT_LBN 16 -#define MC_CMD_FC_OUT_UHLINK_PHY_RX_EYE_HEIGHT_WIDTH 16 -/* PCS status word */ -#define MC_CMD_FC_OUT_UHLINK_PHY_PCS_STATUS_OFST 16 -/* Link status word */ -#define MC_CMD_FC_OUT_UHLINK_PHY_LINK_STATE_WORD_OFST 20 -#define MC_CMD_FC_OUT_UHLINK_PHY_LINK_STATE_LBN 0 -#define MC_CMD_FC_OUT_UHLINK_PHY_LINK_STATE_WIDTH 1 -#define MC_CMD_FC_OUT_UHLINK_PHY_LINK_CONFIGURED_LBN 1 -#define MC_CMD_FC_OUT_UHLINK_PHY_LINK_CONFIGURED_WIDTH 1 -/* Current SFp parameters applied */ -#define MC_CMD_FC_OUT_UHLINK_PHY_SFP_PARAMS_OFST 24 -#define MC_CMD_FC_OUT_UHLINK_PHY_SFP_PARAMS_LEN 20 -/* Link speed is 100, 1000, 10000 */ -#define MC_CMD_FC_OUT_UHLINK_PHY_SFP_SPEED_OFST 24 -/* Length of copper cable - zero when not relevant */ -#define MC_CMD_FC_OUT_UHLINK_PHY_SFP_COPPER_LEN_OFST 28 -/* True if a dual speed SFP+ module */ -#define MC_CMD_FC_OUT_UHLINK_PHY_SFP_DUAL_SPEED_OFST 32 -/* True if an SFP Module is present (other fields valid when true) */ -#define MC_CMD_FC_OUT_UHLINK_PHY_SFP_PRESENT_OFST 36 -/* The type of the SFP+ Module */ -#define MC_CMD_FC_OUT_UHLINK_PHY_SFP_TYPE_OFST 40 -/* PHY config flags */ -#define MC_CMD_FC_OUT_UHLINK_PHY_PHY_CFG_OFST 44 -#define MC_CMD_FC_OUT_UHLINK_PHY_PHY_CFG_DFE_LBN 0 -#define MC_CMD_FC_OUT_UHLINK_PHY_PHY_CFG_DFE_WIDTH 1 -#define MC_CMD_FC_OUT_UHLINK_PHY_PHY_CFG_AEQ_LBN 1 -#define MC_CMD_FC_OUT_UHLINK_PHY_PHY_CFG_AEQ_WIDTH 1 -#define MC_CMD_FC_OUT_UHLINK_PHY_PHY_CFG_RX_TUNING_LBN 2 -#define MC_CMD_FC_OUT_UHLINK_PHY_PHY_CFG_RX_TUNING_WIDTH 1 - -/* MC_CMD_FC_OUT_UHLINK_MAC msgresponse */ -#define MC_CMD_FC_OUT_UHLINK_MAC_LEN 20 -/* MAC configuration applied */ -#define MC_CMD_FC_OUT_UHLINK_MAC_CONFIG_OFST 0 -/* MTU size */ -#define MC_CMD_FC_OUT_UHLINK_MAC_MTU_OFST 4 -/* IF Mode status */ -#define MC_CMD_FC_OUT_UHLINK_MAC_IF_STATUS_OFST 8 -/* MAC address configured */ -#define MC_CMD_FC_OUT_UHLINK_MAC_ADDR_OFST 12 -#define MC_CMD_FC_OUT_UHLINK_MAC_ADDR_LEN 8 -#define MC_CMD_FC_OUT_UHLINK_MAC_ADDR_LO_OFST 12 -#define MC_CMD_FC_OUT_UHLINK_MAC_ADDR_HI_OFST 16 - -/* MC_CMD_FC_OUT_UHLINK_RX_EYE msgresponse */ -#define MC_CMD_FC_OUT_UHLINK_RX_EYE_LEN ((((0-1+(32*MC_CMD_FC_UHLINK_RX_EYE_PER_BLOCK))+1))>>3) -/* Rx Eye measurements */ -#define MC_CMD_FC_OUT_UHLINK_RX_EYE_RX_EYE_OFST 0 -#define MC_CMD_FC_OUT_UHLINK_RX_EYE_RX_EYE_LEN 4 -#define MC_CMD_FC_OUT_UHLINK_RX_EYE_RX_EYE_NUM MC_CMD_FC_UHLINK_RX_EYE_PER_BLOCK - -/* MC_CMD_FC_OUT_UHLINK_DUMP_RX_EYE_PLOT msgresponse */ -#define MC_CMD_FC_OUT_UHLINK_DUMP_RX_EYE_PLOT_LEN 0 - -/* MC_CMD_FC_OUT_UHLINK_READ_RX_EYE_PLOT msgresponse */ -#define MC_CMD_FC_OUT_UHLINK_READ_RX_EYE_PLOT_LEN ((((32-1+(64*MC_CMD_FC_UHLINK_RX_EYE_PLOT_ROWS_PER_BLOCK))+1))>>3) -/* Has the eye plot dump completed and data returned is valid? */ -#define MC_CMD_FC_OUT_UHLINK_READ_RX_EYE_PLOT_VALID_OFST 0 -/* Rx Eye binary plot */ -#define MC_CMD_FC_OUT_UHLINK_READ_RX_EYE_PLOT_ROWS_OFST 4 -#define MC_CMD_FC_OUT_UHLINK_READ_RX_EYE_PLOT_ROWS_LEN 8 -#define MC_CMD_FC_OUT_UHLINK_READ_RX_EYE_PLOT_ROWS_LO_OFST 4 -#define MC_CMD_FC_OUT_UHLINK_READ_RX_EYE_PLOT_ROWS_HI_OFST 8 -#define MC_CMD_FC_OUT_UHLINK_READ_RX_EYE_PLOT_ROWS_NUM MC_CMD_FC_UHLINK_RX_EYE_PLOT_ROWS_PER_BLOCK - -/* MC_CMD_FC_OUT_UHLINK_RX_TUNE msgresponse */ -#define MC_CMD_FC_OUT_UHLINK_RX_TUNE_LEN 0 - -/* MC_CMD_FC_OUT_UHLINK_LOOPBACK_SET msgresponse */ -#define MC_CMD_FC_OUT_UHLINK_LOOPBACK_SET_LEN 0 - -/* MC_CMD_FC_OUT_UHLINK_LOOPBACK_GET msgresponse */ -#define MC_CMD_FC_OUT_UHLINK_LOOPBACK_GET_LEN 4 -#define MC_CMD_FC_OUT_UHLINK_LOOPBACK_GET_STATE_OFST 0 - -/* MC_CMD_FC_OUT_UHLINK msgresponse */ -#define MC_CMD_FC_OUT_UHLINK_LEN 0 - -/* MC_CMD_FC_OUT_SET_LINK msgresponse */ -#define MC_CMD_FC_OUT_SET_LINK_LEN 0 - -/* MC_CMD_FC_OUT_LICENSE msgresponse */ -#define MC_CMD_FC_OUT_LICENSE_LEN 12 -/* Count of valid keys */ -#define MC_CMD_FC_OUT_LICENSE_VALID_KEYS_OFST 0 -/* Count of invalid keys */ -#define MC_CMD_FC_OUT_LICENSE_INVALID_KEYS_OFST 4 -/* Count of blacklisted keys */ -#define MC_CMD_FC_OUT_LICENSE_BLACKLISTED_KEYS_OFST 8 - -/* MC_CMD_FC_OUT_STARTUP msgresponse */ -#define MC_CMD_FC_OUT_STARTUP_LEN 4 -/* Capabilities of the FPGA/FC */ -#define MC_CMD_FC_OUT_STARTUP_CAPABILITIES_OFST 0 -#define MC_CMD_FC_OUT_STARTUP_CAN_ACCESS_FLASH_LBN 0 -#define MC_CMD_FC_OUT_STARTUP_CAN_ACCESS_FLASH_WIDTH 1 - -/* MC_CMD_FC_OUT_DMA_READ msgresponse */ -#define MC_CMD_FC_OUT_DMA_READ_LENMIN 1 -#define MC_CMD_FC_OUT_DMA_READ_LENMAX 252 -#define MC_CMD_FC_OUT_DMA_READ_LEN(num) (0+1*(num)) -/* The data read */ -#define MC_CMD_FC_OUT_DMA_READ_DATA_OFST 0 -#define MC_CMD_FC_OUT_DMA_READ_DATA_LEN 1 -#define MC_CMD_FC_OUT_DMA_READ_DATA_MINNUM 1 -#define MC_CMD_FC_OUT_DMA_READ_DATA_MAXNUM 252 - -/* MC_CMD_FC_OUT_TIMED_READ_SET msgresponse */ -#define MC_CMD_FC_OUT_TIMED_READ_SET_LEN 4 -/* Timer handle */ -#define MC_CMD_FC_OUT_TIMED_READ_SET_FC_HANDLE_OFST 0 - -/* MC_CMD_FC_OUT_TIMED_READ_GET msgresponse */ -#define MC_CMD_FC_OUT_TIMED_READ_GET_LEN 52 -/* Host supplied handle (unique) */ -#define MC_CMD_FC_OUT_TIMED_READ_GET_HOST_HANDLE_OFST 0 -/* Address into which to transfer data in host */ -#define MC_CMD_FC_OUT_TIMED_READ_GET_HOST_DMA_ADDRESS_OFST 4 -#define MC_CMD_FC_OUT_TIMED_READ_GET_HOST_DMA_ADDRESS_LEN 8 -#define MC_CMD_FC_OUT_TIMED_READ_GET_HOST_DMA_ADDRESS_LO_OFST 4 -#define MC_CMD_FC_OUT_TIMED_READ_GET_HOST_DMA_ADDRESS_HI_OFST 8 -/* AOE address from which to transfer data */ -#define MC_CMD_FC_OUT_TIMED_READ_GET_AOE_ADDRESS_OFST 12 -#define MC_CMD_FC_OUT_TIMED_READ_GET_AOE_ADDRESS_LEN 8 -#define MC_CMD_FC_OUT_TIMED_READ_GET_AOE_ADDRESS_LO_OFST 12 -#define MC_CMD_FC_OUT_TIMED_READ_GET_AOE_ADDRESS_HI_OFST 16 -/* Length of AOE transfer (total) */ -#define MC_CMD_FC_OUT_TIMED_READ_GET_AOE_LENGTH_OFST 20 -/* Length of host transfer (total) */ -#define MC_CMD_FC_OUT_TIMED_READ_GET_HOST_LENGTH_OFST 24 -/* See FLAGS entry for MC_CMD_FC_IN_TIMED_READ_SET */ -#define MC_CMD_FC_OUT_TIMED_READ_GET_FLAGS_OFST 28 -#define MC_CMD_FC_OUT_TIMED_READ_GET_PERIOD_OFST 32 -/* When active, start read time */ -#define MC_CMD_FC_OUT_TIMED_READ_GET_CLOCK_START_OFST 36 -#define MC_CMD_FC_OUT_TIMED_READ_GET_CLOCK_START_LEN 8 -#define MC_CMD_FC_OUT_TIMED_READ_GET_CLOCK_START_LO_OFST 36 -#define MC_CMD_FC_OUT_TIMED_READ_GET_CLOCK_START_HI_OFST 40 -/* When active, end read time */ -#define MC_CMD_FC_OUT_TIMED_READ_GET_CLOCK_END_OFST 44 -#define MC_CMD_FC_OUT_TIMED_READ_GET_CLOCK_END_LEN 8 -#define MC_CMD_FC_OUT_TIMED_READ_GET_CLOCK_END_LO_OFST 44 -#define MC_CMD_FC_OUT_TIMED_READ_GET_CLOCK_END_HI_OFST 48 - -/* MC_CMD_FC_OUT_LOG_ADDR_RANGE msgresponse */ -#define MC_CMD_FC_OUT_LOG_ADDR_RANGE_LEN 0 - -/* MC_CMD_FC_OUT_LOG msgresponse */ -#define MC_CMD_FC_OUT_LOG_LEN 0 - -/* MC_CMD_FC_OUT_CLOCK_GET_TIME msgresponse */ -#define MC_CMD_FC_OUT_CLOCK_GET_TIME_LEN 24 -#define MC_CMD_FC_OUT_CLOCK_GET_TIME_CLOCK_ID_OFST 0 -#define MC_CMD_FC_OUT_CLOCK_GET_TIME_SECONDS_OFST 4 -#define MC_CMD_FC_OUT_CLOCK_GET_TIME_SECONDS_LEN 8 -#define MC_CMD_FC_OUT_CLOCK_GET_TIME_SECONDS_LO_OFST 4 -#define MC_CMD_FC_OUT_CLOCK_GET_TIME_SECONDS_HI_OFST 8 -#define MC_CMD_FC_OUT_CLOCK_GET_TIME_NANOSECONDS_OFST 12 -#define MC_CMD_FC_OUT_CLOCK_GET_TIME_RANGE_OFST 16 -#define MC_CMD_FC_OUT_CLOCK_GET_TIME_PRECISION_OFST 20 - -/* MC_CMD_FC_OUT_CLOCK_SET_TIME msgresponse */ -#define MC_CMD_FC_OUT_CLOCK_SET_TIME_LEN 0 - -/* MC_CMD_FC_OUT_DDR_SET_SPD msgresponse */ -#define MC_CMD_FC_OUT_DDR_SET_SPD_LEN 0 - -/* MC_CMD_FC_OUT_DDR_SET_INFO msgresponse */ -#define MC_CMD_FC_OUT_DDR_SET_INFO_LEN 0 - -/* MC_CMD_FC_OUT_DDR_GET_STATUS msgresponse */ -#define MC_CMD_FC_OUT_DDR_GET_STATUS_LEN 4 -#define MC_CMD_FC_OUT_DDR_GET_STATUS_FLAGS_OFST 0 -#define MC_CMD_FC_OUT_DDR_GET_STATUS_READY_LBN 0 -#define MC_CMD_FC_OUT_DDR_GET_STATUS_READY_WIDTH 1 -#define MC_CMD_FC_OUT_DDR_GET_STATUS_CALIBRATED_LBN 1 -#define MC_CMD_FC_OUT_DDR_GET_STATUS_CALIBRATED_WIDTH 1 - -/* MC_CMD_FC_OUT_TIMESTAMP_READ_TRANSMIT msgresponse */ -#define MC_CMD_FC_OUT_TIMESTAMP_READ_TRANSMIT_LEN 8 -#define MC_CMD_FC_OUT_TIMESTAMP_READ_TRANSMIT_SECONDS_OFST 0 -#define MC_CMD_FC_OUT_TIMESTAMP_READ_TRANSMIT_NANOSECONDS_OFST 4 - -/* MC_CMD_FC_OUT_TIMESTAMP_READ_SNAPSHOT msgresponse */ -#define MC_CMD_FC_OUT_TIMESTAMP_READ_SNAPSHOT_LENMIN 8 -#define MC_CMD_FC_OUT_TIMESTAMP_READ_SNAPSHOT_LENMAX 248 -#define MC_CMD_FC_OUT_TIMESTAMP_READ_SNAPSHOT_LEN(num) (0+8*(num)) -#define MC_CMD_FC_OUT_TIMESTAMP_READ_SNAPSHOT_SECONDS_OFST 0 -#define MC_CMD_FC_OUT_TIMESTAMP_READ_SNAPSHOT_NANOSECONDS_OFST 4 -#define MC_CMD_FC_OUT_TIMESTAMP_READ_SNAPSHOT_TIMESTAMP_OFST 0 -#define MC_CMD_FC_OUT_TIMESTAMP_READ_SNAPSHOT_TIMESTAMP_LEN 8 -#define MC_CMD_FC_OUT_TIMESTAMP_READ_SNAPSHOT_TIMESTAMP_LO_OFST 0 -#define MC_CMD_FC_OUT_TIMESTAMP_READ_SNAPSHOT_TIMESTAMP_HI_OFST 4 -#define MC_CMD_FC_OUT_TIMESTAMP_READ_SNAPSHOT_TIMESTAMP_MINNUM 0 -#define MC_CMD_FC_OUT_TIMESTAMP_READ_SNAPSHOT_TIMESTAMP_MAXNUM 31 - -/* MC_CMD_FC_OUT_SPI_READ msgresponse */ -#define MC_CMD_FC_OUT_SPI_READ_LENMIN 4 -#define MC_CMD_FC_OUT_SPI_READ_LENMAX 252 -#define MC_CMD_FC_OUT_SPI_READ_LEN(num) (0+4*(num)) -#define MC_CMD_FC_OUT_SPI_READ_BUFFER_OFST 0 -#define MC_CMD_FC_OUT_SPI_READ_BUFFER_LEN 4 -#define MC_CMD_FC_OUT_SPI_READ_BUFFER_MINNUM 1 -#define MC_CMD_FC_OUT_SPI_READ_BUFFER_MAXNUM 63 - -/* MC_CMD_FC_OUT_SPI_WRITE msgresponse */ -#define MC_CMD_FC_OUT_SPI_WRITE_LEN 0 - -/* MC_CMD_FC_OUT_SPI_ERASE msgresponse */ -#define MC_CMD_FC_OUT_SPI_ERASE_LEN 0 - -/* MC_CMD_FC_OUT_DIAG_POWER_NOISE_READ_CONFIG msgresponse */ -#define MC_CMD_FC_OUT_DIAG_POWER_NOISE_READ_CONFIG_LEN 8 -/* The 32-bit value read from the toggle count register */ -#define MC_CMD_FC_OUT_DIAG_POWER_NOISE_READ_CONFIG_TOGGLE_COUNT_OFST 0 -/* The 32-bit value read from the clock enable count register */ -#define MC_CMD_FC_OUT_DIAG_POWER_NOISE_READ_CONFIG_CLKEN_COUNT_OFST 4 - -/* MC_CMD_FC_OUT_DIAG_POWER_NOISE_WRITE_CONFIG msgresponse */ -#define MC_CMD_FC_OUT_DIAG_POWER_NOISE_WRITE_CONFIG_LEN 0 - -/* MC_CMD_FC_OUT_DIAG_DDR_SOAK_START msgresponse */ -#define MC_CMD_FC_OUT_DIAG_DDR_SOAK_START_LEN 0 - -/* MC_CMD_FC_OUT_DIAG_DDR_SOAK_RESULT msgresponse */ -#define MC_CMD_FC_OUT_DIAG_DDR_SOAK_RESULT_LEN 8 -/* DDR soak test status word; bits [4:0] are relevant. */ -#define MC_CMD_FC_OUT_DIAG_DDR_SOAK_RESULT_STATUS_OFST 0 -#define MC_CMD_FC_OUT_DIAG_DDR_SOAK_RESULT_PASSED_LBN 0 -#define MC_CMD_FC_OUT_DIAG_DDR_SOAK_RESULT_PASSED_WIDTH 1 -#define MC_CMD_FC_OUT_DIAG_DDR_SOAK_RESULT_FAILED_LBN 1 -#define MC_CMD_FC_OUT_DIAG_DDR_SOAK_RESULT_FAILED_WIDTH 1 -#define MC_CMD_FC_OUT_DIAG_DDR_SOAK_RESULT_COMPLETED_LBN 2 -#define MC_CMD_FC_OUT_DIAG_DDR_SOAK_RESULT_COMPLETED_WIDTH 1 -#define MC_CMD_FC_OUT_DIAG_DDR_SOAK_RESULT_TIMEOUT_LBN 3 -#define MC_CMD_FC_OUT_DIAG_DDR_SOAK_RESULT_TIMEOUT_WIDTH 1 -#define MC_CMD_FC_OUT_DIAG_DDR_SOAK_RESULT_PNF_LBN 4 -#define MC_CMD_FC_OUT_DIAG_DDR_SOAK_RESULT_PNF_WIDTH 1 -/* DDR soak test error count */ -#define MC_CMD_FC_OUT_DIAG_DDR_SOAK_RESULT_ERR_COUNT_OFST 4 - -/* MC_CMD_FC_OUT_DIAG_DDR_SOAK_STOP msgresponse */ -#define MC_CMD_FC_OUT_DIAG_DDR_SOAK_STOP_LEN 0 - -/* MC_CMD_FC_OUT_DIAG_DDR_SOAK_ERROR msgresponse */ -#define MC_CMD_FC_OUT_DIAG_DDR_SOAK_ERROR_LEN 0 - -/* MC_CMD_FC_OUT_DIAG_DATAPATH_CTRL_SET_MODE msgresponse */ -#define MC_CMD_FC_OUT_DIAG_DATAPATH_CTRL_SET_MODE_LEN 0 - -/* MC_CMD_FC_OUT_DIAG_DATAPATH_CTRL_RAW_CONFIG msgresponse */ -#define MC_CMD_FC_OUT_DIAG_DATAPATH_CTRL_RAW_CONFIG_LEN 0 - - -/***********************************/ -/* MC_CMD_AOE - * AOE operations on MC - */ -#define MC_CMD_AOE 0xa - -/* MC_CMD_AOE_IN msgrequest */ -#define MC_CMD_AOE_IN_LEN 4 -#define MC_CMD_AOE_IN_OP_HDR_OFST 0 -#define MC_CMD_AOE_IN_OP_LBN 0 -#define MC_CMD_AOE_IN_OP_WIDTH 8 -/* enum: FPGA and CPLD information */ -#define MC_CMD_AOE_OP_INFO 0x1 -/* enum: Currents and voltages read from MCP3424s; DEBUG */ -#define MC_CMD_AOE_OP_CURRENTS 0x2 -/* enum: Temperatures at locations around the PCB; DEBUG */ -#define MC_CMD_AOE_OP_TEMPERATURES 0x3 -/* enum: Set CPLD to idle */ -#define MC_CMD_AOE_OP_CPLD_IDLE 0x4 -/* enum: Read from CPLD register */ -#define MC_CMD_AOE_OP_CPLD_READ 0x5 -/* enum: Write to CPLD register */ -#define MC_CMD_AOE_OP_CPLD_WRITE 0x6 -/* enum: Execute CPLD instruction */ -#define MC_CMD_AOE_OP_CPLD_INSTRUCTION 0x7 -/* enum: Reprogram the CPLD on the AOE device */ -#define MC_CMD_AOE_OP_CPLD_REPROGRAM 0x8 -/* enum: AOE power control */ -#define MC_CMD_AOE_OP_POWER 0x9 -/* enum: AOE image loading */ -#define MC_CMD_AOE_OP_LOAD 0xa -/* enum: Fan monitoring */ -#define MC_CMD_AOE_OP_FAN_CONTROL 0xb -/* enum: Fan failures since last reset */ -#define MC_CMD_AOE_OP_FAN_FAILURES 0xc -/* enum: Get generic AOE MAC statistics */ -#define MC_CMD_AOE_OP_MAC_STATS 0xd -/* enum: Retrieve PHY specific information */ -#define MC_CMD_AOE_OP_GET_PHY_MEDIA_INFO 0xe -/* enum: Write a number of JTAG primitive commands, return will give data */ -#define MC_CMD_AOE_OP_JTAG_WRITE 0xf -/* enum: Control access to the FPGA via the Siena JTAG Chain */ -#define MC_CMD_AOE_OP_FPGA_ACCESS 0x10 -/* enum: Set the MTU offset between Siena and AOE MACs */ -#define MC_CMD_AOE_OP_SET_MTU_OFFSET 0x11 -/* enum: How link state is handled */ -#define MC_CMD_AOE_OP_LINK_STATE 0x12 -/* enum: How Siena MAC statistics are reported (deprecated - use - * MC_CMD_AOE_OP_ASIC_STATS) - */ -#define MC_CMD_AOE_OP_SIENA_STATS 0x13 -/* enum: How native ASIC MAC statistics are reported - replaces the deprecated - * command MC_CMD_AOE_OP_SIENA_STATS - */ -#define MC_CMD_AOE_OP_ASIC_STATS 0x13 -/* enum: DDR memory information */ -#define MC_CMD_AOE_OP_DDR 0x14 -/* enum: FC control */ -#define MC_CMD_AOE_OP_FC 0x15 -/* enum: DDR ECC status reads */ -#define MC_CMD_AOE_OP_DDR_ECC_STATUS 0x16 -/* enum: Commands for MC-SPI Master emulation */ -#define MC_CMD_AOE_OP_MC_SPI_MASTER 0x17 -/* enum: Commands for FC boot control */ -#define MC_CMD_AOE_OP_FC_BOOT 0x18 - -/* MC_CMD_AOE_OUT msgresponse */ -#define MC_CMD_AOE_OUT_LEN 0 - -/* MC_CMD_AOE_IN_INFO msgrequest */ -#define MC_CMD_AOE_IN_INFO_LEN 4 -#define MC_CMD_AOE_IN_CMD_OFST 0 - -/* MC_CMD_AOE_IN_CURRENTS msgrequest */ -#define MC_CMD_AOE_IN_CURRENTS_LEN 4 -/* MC_CMD_AOE_IN_CMD_OFST 0 */ - -/* MC_CMD_AOE_IN_TEMPERATURES msgrequest */ -#define MC_CMD_AOE_IN_TEMPERATURES_LEN 4 -/* MC_CMD_AOE_IN_CMD_OFST 0 */ - -/* MC_CMD_AOE_IN_CPLD_IDLE msgrequest */ -#define MC_CMD_AOE_IN_CPLD_IDLE_LEN 4 -/* MC_CMD_AOE_IN_CMD_OFST 0 */ - -/* MC_CMD_AOE_IN_CPLD_READ msgrequest */ -#define MC_CMD_AOE_IN_CPLD_READ_LEN 12 -/* MC_CMD_AOE_IN_CMD_OFST 0 */ -#define MC_CMD_AOE_IN_CPLD_READ_REGISTER_OFST 4 -#define MC_CMD_AOE_IN_CPLD_READ_WIDTH_OFST 8 - -/* MC_CMD_AOE_IN_CPLD_WRITE msgrequest */ -#define MC_CMD_AOE_IN_CPLD_WRITE_LEN 16 -/* MC_CMD_AOE_IN_CMD_OFST 0 */ -#define MC_CMD_AOE_IN_CPLD_WRITE_REGISTER_OFST 4 -#define MC_CMD_AOE_IN_CPLD_WRITE_WIDTH_OFST 8 -#define MC_CMD_AOE_IN_CPLD_WRITE_VALUE_OFST 12 - -/* MC_CMD_AOE_IN_CPLD_INSTRUCTION msgrequest */ -#define MC_CMD_AOE_IN_CPLD_INSTRUCTION_LEN 8 -/* MC_CMD_AOE_IN_CMD_OFST 0 */ -#define MC_CMD_AOE_IN_CPLD_INSTRUCTION_INSTRUCTION_OFST 4 - -/* MC_CMD_AOE_IN_CPLD_REPROGRAM msgrequest */ -#define MC_CMD_AOE_IN_CPLD_REPROGRAM_LEN 8 -/* MC_CMD_AOE_IN_CMD_OFST 0 */ -#define MC_CMD_AOE_IN_CPLD_REPROGRAM_OP_OFST 4 -/* enum: Reprogram CPLD, poll for completion */ -#define MC_CMD_AOE_IN_CPLD_REPROGRAM_REPROGRAM 0x1 -/* enum: Reprogram CPLD, send event on completion */ -#define MC_CMD_AOE_IN_CPLD_REPROGRAM_REPROGRAM_EVENT 0x3 -/* enum: Get status of reprogramming operation */ -#define MC_CMD_AOE_IN_CPLD_REPROGRAM_STATUS 0x4 - -/* MC_CMD_AOE_IN_POWER msgrequest */ -#define MC_CMD_AOE_IN_POWER_LEN 8 -/* MC_CMD_AOE_IN_CMD_OFST 0 */ -/* Turn on or off AOE power */ -#define MC_CMD_AOE_IN_POWER_OP_OFST 4 -/* enum: Turn off FPGA power */ -#define MC_CMD_AOE_IN_POWER_OFF 0x0 -/* enum: Turn on FPGA power */ -#define MC_CMD_AOE_IN_POWER_ON 0x1 -/* enum: Clear peak power measurement */ -#define MC_CMD_AOE_IN_POWER_CLEAR 0x2 -/* enum: Show current power in sensors output */ -#define MC_CMD_AOE_IN_POWER_SHOW_CURRENT 0x3 -/* enum: Show peak power in sensors output */ -#define MC_CMD_AOE_IN_POWER_SHOW_PEAK 0x4 -/* enum: Show current DDR current */ -#define MC_CMD_AOE_IN_POWER_DDR_LAST 0x5 -/* enum: Show peak DDR current */ -#define MC_CMD_AOE_IN_POWER_DDR_PEAK 0x6 -/* enum: Clear peak DDR current */ -#define MC_CMD_AOE_IN_POWER_DDR_CLEAR 0x7 - -/* MC_CMD_AOE_IN_LOAD msgrequest */ -#define MC_CMD_AOE_IN_LOAD_LEN 8 -/* MC_CMD_AOE_IN_CMD_OFST 0 */ -/* Image to be loaded (0 - main or 1 - diagnostic) to load in normal sequence - */ -#define MC_CMD_AOE_IN_LOAD_IMAGE_OFST 4 - -/* MC_CMD_AOE_IN_FAN_CONTROL msgrequest */ -#define MC_CMD_AOE_IN_FAN_CONTROL_LEN 8 -/* MC_CMD_AOE_IN_CMD_OFST 0 */ -/* If non zero report measured fan RPM rather than nominal */ -#define MC_CMD_AOE_IN_FAN_CONTROL_REAL_RPM_OFST 4 - -/* MC_CMD_AOE_IN_FAN_FAILURES msgrequest */ -#define MC_CMD_AOE_IN_FAN_FAILURES_LEN 4 -/* MC_CMD_AOE_IN_CMD_OFST 0 */ - -/* MC_CMD_AOE_IN_MAC_STATS msgrequest */ -#define MC_CMD_AOE_IN_MAC_STATS_LEN 24 -/* MC_CMD_AOE_IN_CMD_OFST 0 */ -/* AOE port */ -#define MC_CMD_AOE_IN_MAC_STATS_PORT_OFST 4 -/* Host memory address for statistics */ -#define MC_CMD_AOE_IN_MAC_STATS_DMA_ADDR_OFST 8 -#define MC_CMD_AOE_IN_MAC_STATS_DMA_ADDR_LEN 8 -#define MC_CMD_AOE_IN_MAC_STATS_DMA_ADDR_LO_OFST 8 -#define MC_CMD_AOE_IN_MAC_STATS_DMA_ADDR_HI_OFST 12 -#define MC_CMD_AOE_IN_MAC_STATS_CMD_OFST 16 -#define MC_CMD_AOE_IN_MAC_STATS_DMA_LBN 0 -#define MC_CMD_AOE_IN_MAC_STATS_DMA_WIDTH 1 -#define MC_CMD_AOE_IN_MAC_STATS_CLEAR_LBN 1 -#define MC_CMD_AOE_IN_MAC_STATS_CLEAR_WIDTH 1 -#define MC_CMD_AOE_IN_MAC_STATS_PERIODIC_CHANGE_LBN 2 -#define MC_CMD_AOE_IN_MAC_STATS_PERIODIC_CHANGE_WIDTH 1 -#define MC_CMD_AOE_IN_MAC_STATS_PERIODIC_ENABLE_LBN 3 -#define MC_CMD_AOE_IN_MAC_STATS_PERIODIC_ENABLE_WIDTH 1 -#define MC_CMD_AOE_IN_MAC_STATS_PERIODIC_CLEAR_LBN 4 -#define MC_CMD_AOE_IN_MAC_STATS_PERIODIC_CLEAR_WIDTH 1 -#define MC_CMD_AOE_IN_MAC_STATS_PERIODIC_NOEVENT_LBN 5 -#define MC_CMD_AOE_IN_MAC_STATS_PERIODIC_NOEVENT_WIDTH 1 -#define MC_CMD_AOE_IN_MAC_STATS_PERIOD_MS_LBN 16 -#define MC_CMD_AOE_IN_MAC_STATS_PERIOD_MS_WIDTH 16 -/* Length of DMA data (optional) */ -#define MC_CMD_AOE_IN_MAC_STATS_DMA_LEN_OFST 20 - -/* MC_CMD_AOE_IN_GET_PHY_MEDIA_INFO msgrequest */ -#define MC_CMD_AOE_IN_GET_PHY_MEDIA_INFO_LEN 12 -/* MC_CMD_AOE_IN_CMD_OFST 0 */ -/* AOE port */ -#define MC_CMD_AOE_IN_GET_PHY_MEDIA_INFO_PORT_OFST 4 -#define MC_CMD_AOE_IN_GET_PHY_MEDIA_INFO_PAGE_OFST 8 - -/* MC_CMD_AOE_IN_JTAG_WRITE msgrequest */ -#define MC_CMD_AOE_IN_JTAG_WRITE_LENMIN 12 -#define MC_CMD_AOE_IN_JTAG_WRITE_LENMAX 252 -#define MC_CMD_AOE_IN_JTAG_WRITE_LEN(num) (8+4*(num)) -/* MC_CMD_AOE_IN_CMD_OFST 0 */ -#define MC_CMD_AOE_IN_JTAG_WRITE_DATALEN_OFST 4 -#define MC_CMD_AOE_IN_JTAG_WRITE_DATA_OFST 8 -#define MC_CMD_AOE_IN_JTAG_WRITE_DATA_LEN 4 -#define MC_CMD_AOE_IN_JTAG_WRITE_DATA_MINNUM 1 -#define MC_CMD_AOE_IN_JTAG_WRITE_DATA_MAXNUM 61 - -/* MC_CMD_AOE_IN_FPGA_ACCESS msgrequest */ -#define MC_CMD_AOE_IN_FPGA_ACCESS_LEN 8 -/* MC_CMD_AOE_IN_CMD_OFST 0 */ -/* Enable or disable access */ -#define MC_CMD_AOE_IN_FPGA_ACCESS_OP_OFST 4 -/* enum: Enable access */ -#define MC_CMD_AOE_IN_FPGA_ACCESS_ENABLE 0x1 -/* enum: Disable access */ -#define MC_CMD_AOE_IN_FPGA_ACCESS_DISABLE 0x2 - -/* MC_CMD_AOE_IN_SET_MTU_OFFSET msgrequest */ -#define MC_CMD_AOE_IN_SET_MTU_OFFSET_LEN 12 -/* MC_CMD_AOE_IN_CMD_OFST 0 */ -/* AOE port - when not ALL_EXTERNAL or ALL_INTERNAL specifies port number */ -#define MC_CMD_AOE_IN_SET_MTU_OFFSET_PORT_OFST 4 -/* enum: Apply to all external ports */ -#define MC_CMD_AOE_IN_SET_MTU_OFFSET_ALL_EXTERNAL 0x8000 -/* enum: Apply to all internal ports */ -#define MC_CMD_AOE_IN_SET_MTU_OFFSET_ALL_INTERNAL 0x4000 -/* The MTU offset to be applied to the external ports */ -#define MC_CMD_AOE_IN_SET_MTU_OFFSET_OFFSET_OFST 8 - -/* MC_CMD_AOE_IN_LINK_STATE msgrequest */ -#define MC_CMD_AOE_IN_LINK_STATE_LEN 8 -/* MC_CMD_AOE_IN_CMD_OFST 0 */ -#define MC_CMD_AOE_IN_LINK_STATE_MODE_OFST 4 -#define MC_CMD_AOE_IN_LINK_STATE_CONFIG_MODE_LBN 0 -#define MC_CMD_AOE_IN_LINK_STATE_CONFIG_MODE_WIDTH 8 -/* enum: AOE and associated external port */ -#define MC_CMD_AOE_IN_LINK_STATE_SIMPLE_SEPARATE 0x0 -/* enum: AOE and OR of all external ports */ -#define MC_CMD_AOE_IN_LINK_STATE_SIMPLE_COMBINED 0x1 -/* enum: Individual ports */ -#define MC_CMD_AOE_IN_LINK_STATE_DIAGNOSTIC 0x2 -/* enum: Configure link state mode on given AOE port */ -#define MC_CMD_AOE_IN_LINK_STATE_CUSTOM 0x3 -#define MC_CMD_AOE_IN_LINK_STATE_OPERATION_LBN 8 -#define MC_CMD_AOE_IN_LINK_STATE_OPERATION_WIDTH 8 -/* enum: No-op */ -#define MC_CMD_AOE_IN_LINK_STATE_OP_NONE 0x0 -/* enum: logical OR of all SFP ports link status */ -#define MC_CMD_AOE_IN_LINK_STATE_OP_OR 0x1 -/* enum: logical AND of all SFP ports link status */ -#define MC_CMD_AOE_IN_LINK_STATE_OP_AND 0x2 -#define MC_CMD_AOE_IN_LINK_STATE_SFP_MASK_LBN 16 -#define MC_CMD_AOE_IN_LINK_STATE_SFP_MASK_WIDTH 16 - -/* MC_CMD_AOE_IN_SIENA_STATS msgrequest */ -#define MC_CMD_AOE_IN_SIENA_STATS_LEN 8 -/* MC_CMD_AOE_IN_CMD_OFST 0 */ -/* How MAC statistics are reported */ -#define MC_CMD_AOE_IN_SIENA_STATS_MODE_OFST 4 -/* enum: Statistics from Siena (default) */ -#define MC_CMD_AOE_IN_SIENA_STATS_STATS_SIENA 0x0 -/* enum: Statistics from AOE external ports */ -#define MC_CMD_AOE_IN_SIENA_STATS_STATS_AOE 0x1 - -/* MC_CMD_AOE_IN_ASIC_STATS msgrequest */ -#define MC_CMD_AOE_IN_ASIC_STATS_LEN 8 -/* MC_CMD_AOE_IN_CMD_OFST 0 */ -/* How MAC statistics are reported */ -#define MC_CMD_AOE_IN_ASIC_STATS_MODE_OFST 4 -/* enum: Statistics from the ASIC (default) */ -#define MC_CMD_AOE_IN_ASIC_STATS_STATS_ASIC 0x0 -/* enum: Statistics from AOE external ports */ -#define MC_CMD_AOE_IN_ASIC_STATS_STATS_AOE 0x1 - -/* MC_CMD_AOE_IN_DDR msgrequest */ -#define MC_CMD_AOE_IN_DDR_LEN 12 -/* MC_CMD_AOE_IN_CMD_OFST 0 */ -#define MC_CMD_AOE_IN_DDR_BANK_OFST 4 -/* Enum values, see field(s): */ -/* MC_CMD_FC/MC_CMD_FC_IN_DDR/MC_CMD_FC_IN_DDR_BANK */ -/* Page index of SPD data */ -#define MC_CMD_AOE_IN_DDR_SPD_PAGE_ID_OFST 8 - -/* MC_CMD_AOE_IN_FC msgrequest */ -#define MC_CMD_AOE_IN_FC_LEN 4 -/* MC_CMD_AOE_IN_CMD_OFST 0 */ - -/* MC_CMD_AOE_IN_DDR_ECC_STATUS msgrequest */ -#define MC_CMD_AOE_IN_DDR_ECC_STATUS_LEN 8 -/* MC_CMD_AOE_IN_CMD_OFST 0 */ -#define MC_CMD_AOE_IN_DDR_ECC_STATUS_BANK_OFST 4 -/* Enum values, see field(s): */ -/* MC_CMD_FC/MC_CMD_FC_IN_DDR/MC_CMD_FC_IN_DDR_BANK */ - -/* MC_CMD_AOE_IN_MC_SPI_MASTER msgrequest */ -#define MC_CMD_AOE_IN_MC_SPI_MASTER_LEN 8 -/* MC_CMD_AOE_IN_CMD_OFST 0 */ -/* Basic commands for MC SPI Master emulation. */ -#define MC_CMD_AOE_IN_MC_SPI_MASTER_OP_OFST 4 -/* enum: MC SPI read */ -#define MC_CMD_AOE_IN_MC_SPI_MASTER_READ 0x0 -/* enum: MC SPI write */ -#define MC_CMD_AOE_IN_MC_SPI_MASTER_WRITE 0x1 - -/* MC_CMD_AOE_IN_MC_SPI_MASTER_READ msgrequest */ -#define MC_CMD_AOE_IN_MC_SPI_MASTER_READ_LEN 12 -/* MC_CMD_AOE_IN_CMD_OFST 0 */ -#define MC_CMD_AOE_IN_MC_SPI_MASTER_READ_OP_OFST 4 -#define MC_CMD_AOE_IN_MC_SPI_MASTER_READ_OFFSET_OFST 8 - -/* MC_CMD_AOE_IN_MC_SPI_MASTER_WRITE msgrequest */ -#define MC_CMD_AOE_IN_MC_SPI_MASTER_WRITE_LEN 16 -/* MC_CMD_AOE_IN_CMD_OFST 0 */ -#define MC_CMD_AOE_IN_MC_SPI_MASTER_WRITE_OP_OFST 4 -#define MC_CMD_AOE_IN_MC_SPI_MASTER_WRITE_OFFSET_OFST 8 -#define MC_CMD_AOE_IN_MC_SPI_MASTER_WRITE_DATA_OFST 12 - -/* MC_CMD_AOE_IN_FC_BOOT msgrequest */ -#define MC_CMD_AOE_IN_FC_BOOT_LEN 8 -/* MC_CMD_AOE_IN_CMD_OFST 0 */ -/* FC boot control flags */ -#define MC_CMD_AOE_IN_FC_BOOT_CONTROL_OFST 4 -#define MC_CMD_AOE_IN_FC_BOOT_CONTROL_BOOT_ENABLE_LBN 0 -#define MC_CMD_AOE_IN_FC_BOOT_CONTROL_BOOT_ENABLE_WIDTH 1 - -/* MC_CMD_AOE_OUT_INFO msgresponse */ -#define MC_CMD_AOE_OUT_INFO_LEN 44 -/* JTAG IDCODE of CPLD */ -#define MC_CMD_AOE_OUT_INFO_CPLD_IDCODE_OFST 0 -/* Version of CPLD */ -#define MC_CMD_AOE_OUT_INFO_CPLD_VERSION_OFST 4 -/* JTAG IDCODE of FPGA */ -#define MC_CMD_AOE_OUT_INFO_FPGA_IDCODE_OFST 8 -/* JTAG USERCODE of FPGA */ -#define MC_CMD_AOE_OUT_INFO_FPGA_VERSION_OFST 12 -/* FPGA type - read from CPLD straps */ -#define MC_CMD_AOE_OUT_INFO_FPGA_TYPE_OFST 16 -#define MC_CMD_AOE_OUT_INFO_FPGA_TYPE_A5_C2 0x1 /* enum */ -#define MC_CMD_AOE_OUT_INFO_FPGA_TYPE_A7_C2 0x2 /* enum */ -/* FPGA state (debug) */ -#define MC_CMD_AOE_OUT_INFO_FPGA_STATE_OFST 20 -/* FPGA image - partition from which loaded */ -#define MC_CMD_AOE_OUT_INFO_FPGA_IMAGE_OFST 24 -/* FC state */ -#define MC_CMD_AOE_OUT_INFO_FC_STATE_OFST 28 -/* enum: Set if watchdog working */ -#define MC_CMD_AOE_OUT_INFO_WATCHDOG 0x1 -/* enum: Set if MC-FC communications working */ -#define MC_CMD_AOE_OUT_INFO_COMMS 0x2 -/* Random pieces of information */ -#define MC_CMD_AOE_OUT_INFO_FLAGS_OFST 32 -/* enum: Power to FPGA supplied by PEG connector, not PCIe bus */ -#define MC_CMD_AOE_OUT_INFO_PEG_POWER 0x1 -/* enum: CPLD apparently good */ -#define MC_CMD_AOE_OUT_INFO_CPLD_GOOD 0x2 -/* enum: FPGA working normally */ -#define MC_CMD_AOE_OUT_INFO_FPGA_GOOD 0x4 -/* enum: FPGA is powered */ -#define MC_CMD_AOE_OUT_INFO_FPGA_POWER 0x8 -/* enum: Board has incompatible SODIMMs fitted */ -#define MC_CMD_AOE_OUT_INFO_BAD_SODIMM 0x10 -/* enum: Board has ByteBlaster connected */ -#define MC_CMD_AOE_OUT_INFO_HAS_BYTEBLASTER 0x20 -/* enum: FPGA Boot flash has an invalid header. */ -#define MC_CMD_AOE_OUT_INFO_FPGA_BAD_BOOT_HDR 0x40 -/* enum: FPGA Application flash is accessible. */ -#define MC_CMD_AOE_OUT_INFO_FPGA_APP_FLASH_GOOD 0x80 -/* Revision of Modena and Sorrento boards. Sorrento can be R1_2 or R1_3. */ -#define MC_CMD_AOE_OUT_INFO_BOARD_REVISION_OFST 36 -#define MC_CMD_AOE_OUT_INFO_UNKNOWN 0x0 /* enum */ -#define MC_CMD_AOE_OUT_INFO_R1_0 0x10 /* enum */ -#define MC_CMD_AOE_OUT_INFO_R1_1 0x11 /* enum */ -#define MC_CMD_AOE_OUT_INFO_R1_2 0x12 /* enum */ -#define MC_CMD_AOE_OUT_INFO_R1_3 0x13 /* enum */ -/* Result of FC booting - not valid while a ByteBlaster is connected. */ -#define MC_CMD_AOE_OUT_INFO_FC_BOOT_RESULT_OFST 40 -/* enum: No error */ -#define MC_CMD_AOE_OUT_INFO_FC_BOOT_FAIL_NO_ERROR 0x0 -/* enum: Bad address set in CPLD */ -#define MC_CMD_AOE_OUT_INFO_FC_BOOT_FAIL_BAD_ADDRESS 0x1 -/* enum: Bad header */ -#define MC_CMD_AOE_OUT_INFO_FC_BOOT_FAIL_BAD_MAGIC 0x2 -/* enum: Bad text section details */ -#define MC_CMD_AOE_OUT_INFO_FC_BOOT_FAIL_BAD_TEXT 0x3 -/* enum: Bad checksum */ -#define MC_CMD_AOE_OUT_INFO_FC_BOOT_FAIL_BAD_CHECKSUM 0x4 -/* enum: Bad BSP */ -#define MC_CMD_AOE_OUT_INFO_FC_BOOT_FAIL_BAD_BSP 0x5 -/* enum: Flash mode is invalid */ -#define MC_CMD_AOE_OUT_INFO_FC_BOOT_FAIL_INVALID_FLASH_MODE 0x6 -/* enum: FC application loaded and execution attempted */ -#define MC_CMD_AOE_OUT_INFO_FC_BOOT_APP_EXECUTE 0x80 -/* enum: FC application Started */ -#define MC_CMD_AOE_OUT_INFO_FC_BOOT_APP_STARTED 0x81 -/* enum: No bootrom in FPGA */ -#define MC_CMD_AOE_OUT_INFO_FC_BOOT_NO_BOOTROM 0xff - -/* MC_CMD_AOE_OUT_CURRENTS msgresponse */ -#define MC_CMD_AOE_OUT_CURRENTS_LEN 68 -/* Set of currents and voltages (mA or mV as appropriate) */ -#define MC_CMD_AOE_OUT_CURRENTS_VALUES_OFST 0 -#define MC_CMD_AOE_OUT_CURRENTS_VALUES_LEN 4 -#define MC_CMD_AOE_OUT_CURRENTS_VALUES_NUM 17 -#define MC_CMD_AOE_OUT_CURRENTS_I_2V5 0x0 /* enum */ -#define MC_CMD_AOE_OUT_CURRENTS_I_1V8 0x1 /* enum */ -#define MC_CMD_AOE_OUT_CURRENTS_I_GXB 0x2 /* enum */ -#define MC_CMD_AOE_OUT_CURRENTS_I_PGM 0x3 /* enum */ -#define MC_CMD_AOE_OUT_CURRENTS_I_XCVR 0x4 /* enum */ -#define MC_CMD_AOE_OUT_CURRENTS_I_1V5 0x5 /* enum */ -#define MC_CMD_AOE_OUT_CURRENTS_V_3V3 0x6 /* enum */ -#define MC_CMD_AOE_OUT_CURRENTS_V_1V5 0x7 /* enum */ -#define MC_CMD_AOE_OUT_CURRENTS_I_IN 0x8 /* enum */ -#define MC_CMD_AOE_OUT_CURRENTS_I_OUT 0x9 /* enum */ -#define MC_CMD_AOE_OUT_CURRENTS_V_IN 0xa /* enum */ -#define MC_CMD_AOE_OUT_CURRENTS_I_OUT_DDR1 0xb /* enum */ -#define MC_CMD_AOE_OUT_CURRENTS_V_OUT_DDR1 0xc /* enum */ -#define MC_CMD_AOE_OUT_CURRENTS_I_OUT_DDR2 0xd /* enum */ -#define MC_CMD_AOE_OUT_CURRENTS_V_OUT_DDR2 0xe /* enum */ -#define MC_CMD_AOE_OUT_CURRENTS_I_OUT_DDR3 0xf /* enum */ -#define MC_CMD_AOE_OUT_CURRENTS_V_OUT_DDR3 0x10 /* enum */ - -/* MC_CMD_AOE_OUT_TEMPERATURES msgresponse */ -#define MC_CMD_AOE_OUT_TEMPERATURES_LEN 40 -/* Set of temperatures */ -#define MC_CMD_AOE_OUT_TEMPERATURES_VALUES_OFST 0 -#define MC_CMD_AOE_OUT_TEMPERATURES_VALUES_LEN 4 -#define MC_CMD_AOE_OUT_TEMPERATURES_VALUES_NUM 10 -/* enum: The first set of enum values are for Modena code. */ -#define MC_CMD_AOE_OUT_TEMPERATURES_MAIN_0 0x0 -#define MC_CMD_AOE_OUT_TEMPERATURES_MAIN_1 0x1 /* enum */ -#define MC_CMD_AOE_OUT_TEMPERATURES_IND_0 0x2 /* enum */ -#define MC_CMD_AOE_OUT_TEMPERATURES_IND_1 0x3 /* enum */ -#define MC_CMD_AOE_OUT_TEMPERATURES_VCCIO1 0x4 /* enum */ -#define MC_CMD_AOE_OUT_TEMPERATURES_VCCIO2 0x5 /* enum */ -#define MC_CMD_AOE_OUT_TEMPERATURES_VCCIO3 0x6 /* enum */ -#define MC_CMD_AOE_OUT_TEMPERATURES_PSU 0x7 /* enum */ -#define MC_CMD_AOE_OUT_TEMPERATURES_FPGA 0x8 /* enum */ -#define MC_CMD_AOE_OUT_TEMPERATURES_SIENA 0x9 /* enum */ -/* enum: The second set of enum values are for Sorrento code. */ -#define MC_CMD_AOE_OUT_TEMPERATURES_SORRENTO_MAIN_0 0x0 -#define MC_CMD_AOE_OUT_TEMPERATURES_SORRENTO_MAIN_1 0x1 /* enum */ -#define MC_CMD_AOE_OUT_TEMPERATURES_SORRENTO_IND_0 0x2 /* enum */ -#define MC_CMD_AOE_OUT_TEMPERATURES_SORRENTO_IND_1 0x3 /* enum */ -#define MC_CMD_AOE_OUT_TEMPERATURES_SORRENTO_SODIMM_0 0x4 /* enum */ -#define MC_CMD_AOE_OUT_TEMPERATURES_SORRENTO_SODIMM_1 0x5 /* enum */ -#define MC_CMD_AOE_OUT_TEMPERATURES_SORRENTO_FPGA 0x6 /* enum */ -#define MC_CMD_AOE_OUT_TEMPERATURES_SORRENTO_PHY0 0x7 /* enum */ -#define MC_CMD_AOE_OUT_TEMPERATURES_SORRENTO_PHY1 0x8 /* enum */ - -/* MC_CMD_AOE_OUT_CPLD_READ msgresponse */ -#define MC_CMD_AOE_OUT_CPLD_READ_LEN 4 -/* The value read from the CPLD */ -#define MC_CMD_AOE_OUT_CPLD_READ_VALUE_OFST 0 - -/* MC_CMD_AOE_OUT_FAN_FAILURES msgresponse */ -#define MC_CMD_AOE_OUT_FAN_FAILURES_LENMIN 4 -#define MC_CMD_AOE_OUT_FAN_FAILURES_LENMAX 252 -#define MC_CMD_AOE_OUT_FAN_FAILURES_LEN(num) (0+4*(num)) -/* Failure counts for each fan */ -#define MC_CMD_AOE_OUT_FAN_FAILURES_COUNT_OFST 0 -#define MC_CMD_AOE_OUT_FAN_FAILURES_COUNT_LEN 4 -#define MC_CMD_AOE_OUT_FAN_FAILURES_COUNT_MINNUM 1 -#define MC_CMD_AOE_OUT_FAN_FAILURES_COUNT_MAXNUM 63 - -/* MC_CMD_AOE_OUT_CPLD_REPROGRAM msgresponse */ -#define MC_CMD_AOE_OUT_CPLD_REPROGRAM_LEN 4 -/* Results of status command (only) */ -#define MC_CMD_AOE_OUT_CPLD_REPROGRAM_STATUS_OFST 0 - -/* MC_CMD_AOE_OUT_POWER_OFF msgresponse */ -#define MC_CMD_AOE_OUT_POWER_OFF_LEN 0 - -/* MC_CMD_AOE_OUT_POWER_ON msgresponse */ -#define MC_CMD_AOE_OUT_POWER_ON_LEN 0 - -/* MC_CMD_AOE_OUT_LOAD msgresponse */ -#define MC_CMD_AOE_OUT_LOAD_LEN 0 - -/* MC_CMD_AOE_OUT_MAC_STATS_DMA msgresponse */ -#define MC_CMD_AOE_OUT_MAC_STATS_DMA_LEN 0 - -/* MC_CMD_AOE_OUT_MAC_STATS_NO_DMA msgresponse: See MC_CMD_MAC_STATS_OUT_NO_DMA - * for details - */ -#define MC_CMD_AOE_OUT_MAC_STATS_NO_DMA_LEN (((MC_CMD_MAC_NSTATS*64))>>3) -#define MC_CMD_AOE_OUT_MAC_STATS_NO_DMA_STATISTICS_OFST 0 -#define MC_CMD_AOE_OUT_MAC_STATS_NO_DMA_STATISTICS_LEN 8 -#define MC_CMD_AOE_OUT_MAC_STATS_NO_DMA_STATISTICS_LO_OFST 0 -#define MC_CMD_AOE_OUT_MAC_STATS_NO_DMA_STATISTICS_HI_OFST 4 -#define MC_CMD_AOE_OUT_MAC_STATS_NO_DMA_STATISTICS_NUM MC_CMD_MAC_NSTATS - -/* MC_CMD_AOE_OUT_GET_PHY_MEDIA_INFO msgresponse */ -#define MC_CMD_AOE_OUT_GET_PHY_MEDIA_INFO_LENMIN 5 -#define MC_CMD_AOE_OUT_GET_PHY_MEDIA_INFO_LENMAX 252 -#define MC_CMD_AOE_OUT_GET_PHY_MEDIA_INFO_LEN(num) (4+1*(num)) -/* in bytes */ -#define MC_CMD_AOE_OUT_GET_PHY_MEDIA_INFO_DATALEN_OFST 0 -#define MC_CMD_AOE_OUT_GET_PHY_MEDIA_INFO_DATA_OFST 4 -#define MC_CMD_AOE_OUT_GET_PHY_MEDIA_INFO_DATA_LEN 1 -#define MC_CMD_AOE_OUT_GET_PHY_MEDIA_INFO_DATA_MINNUM 1 -#define MC_CMD_AOE_OUT_GET_PHY_MEDIA_INFO_DATA_MAXNUM 248 - -/* MC_CMD_AOE_OUT_JTAG_WRITE msgresponse */ -#define MC_CMD_AOE_OUT_JTAG_WRITE_LENMIN 12 -#define MC_CMD_AOE_OUT_JTAG_WRITE_LENMAX 252 -#define MC_CMD_AOE_OUT_JTAG_WRITE_LEN(num) (8+4*(num)) -/* Used to align the in and out data blocks so the MC can re-use the cmd */ -#define MC_CMD_AOE_OUT_JTAG_WRITE_DATALEN_OFST 0 -/* out bytes */ -#define MC_CMD_AOE_OUT_JTAG_WRITE_PAD_OFST 4 -#define MC_CMD_AOE_OUT_JTAG_WRITE_DATA_OFST 8 -#define MC_CMD_AOE_OUT_JTAG_WRITE_DATA_LEN 4 -#define MC_CMD_AOE_OUT_JTAG_WRITE_DATA_MINNUM 1 -#define MC_CMD_AOE_OUT_JTAG_WRITE_DATA_MAXNUM 61 - -/* MC_CMD_AOE_OUT_FPGA_ACCESS msgresponse */ -#define MC_CMD_AOE_OUT_FPGA_ACCESS_LEN 0 - -/* MC_CMD_AOE_OUT_DDR msgresponse */ -#define MC_CMD_AOE_OUT_DDR_LENMIN 17 -#define MC_CMD_AOE_OUT_DDR_LENMAX 252 -#define MC_CMD_AOE_OUT_DDR_LEN(num) (16+1*(num)) -/* Information on the module. */ -#define MC_CMD_AOE_OUT_DDR_FLAGS_OFST 0 -#define MC_CMD_AOE_OUT_DDR_PRESENT_LBN 0 -#define MC_CMD_AOE_OUT_DDR_PRESENT_WIDTH 1 -#define MC_CMD_AOE_OUT_DDR_POWERED_LBN 1 -#define MC_CMD_AOE_OUT_DDR_POWERED_WIDTH 1 -#define MC_CMD_AOE_OUT_DDR_OPERATIONAL_LBN 2 -#define MC_CMD_AOE_OUT_DDR_OPERATIONAL_WIDTH 1 -#define MC_CMD_AOE_OUT_DDR_NOT_REACHABLE_LBN 3 -#define MC_CMD_AOE_OUT_DDR_NOT_REACHABLE_WIDTH 1 -/* Memory size, in MB. */ -#define MC_CMD_AOE_OUT_DDR_CAPACITY_OFST 4 -/* The memory type, as reported from SPD information */ -#define MC_CMD_AOE_OUT_DDR_TYPE_OFST 8 -/* Nominal voltage of the module (as applied) */ -#define MC_CMD_AOE_OUT_DDR_VOLTAGE_OFST 12 -/* SPD data read from the module */ -#define MC_CMD_AOE_OUT_DDR_SPD_OFST 16 -#define MC_CMD_AOE_OUT_DDR_SPD_LEN 1 -#define MC_CMD_AOE_OUT_DDR_SPD_MINNUM 1 -#define MC_CMD_AOE_OUT_DDR_SPD_MAXNUM 236 - -/* MC_CMD_AOE_OUT_SET_MTU_OFFSET msgresponse */ -#define MC_CMD_AOE_OUT_SET_MTU_OFFSET_LEN 0 - -/* MC_CMD_AOE_OUT_LINK_STATE msgresponse */ -#define MC_CMD_AOE_OUT_LINK_STATE_LEN 0 - -/* MC_CMD_AOE_OUT_SIENA_STATS msgresponse */ -#define MC_CMD_AOE_OUT_SIENA_STATS_LEN 0 - -/* MC_CMD_AOE_OUT_ASIC_STATS msgresponse */ -#define MC_CMD_AOE_OUT_ASIC_STATS_LEN 0 - -/* MC_CMD_AOE_OUT_FC msgresponse */ -#define MC_CMD_AOE_OUT_FC_LEN 0 - -/* MC_CMD_AOE_OUT_DDR_ECC_STATUS msgresponse */ -#define MC_CMD_AOE_OUT_DDR_ECC_STATUS_LEN 8 -/* Flags describing status info on the module. */ -#define MC_CMD_AOE_OUT_DDR_ECC_STATUS_FLAGS_OFST 0 -#define MC_CMD_AOE_OUT_DDR_ECC_STATUS_VALID_LBN 0 -#define MC_CMD_AOE_OUT_DDR_ECC_STATUS_VALID_WIDTH 1 -/* DDR ECC status on the module. */ -#define MC_CMD_AOE_OUT_DDR_ECC_STATUS_STATUS_OFST 4 -#define MC_CMD_AOE_OUT_DDR_ECC_STATUS_SBE_LBN 0 -#define MC_CMD_AOE_OUT_DDR_ECC_STATUS_SBE_WIDTH 1 -#define MC_CMD_AOE_OUT_DDR_ECC_STATUS_DBE_LBN 1 -#define MC_CMD_AOE_OUT_DDR_ECC_STATUS_DBE_WIDTH 1 -#define MC_CMD_AOE_OUT_DDR_ECC_STATUS_CORDROP_LBN 2 -#define MC_CMD_AOE_OUT_DDR_ECC_STATUS_CORDROP_WIDTH 1 -#define MC_CMD_AOE_OUT_DDR_ECC_STATUS_SBE_COUNT_LBN 8 -#define MC_CMD_AOE_OUT_DDR_ECC_STATUS_SBE_COUNT_WIDTH 8 -#define MC_CMD_AOE_OUT_DDR_ECC_STATUS_DBE_COUNT_LBN 16 -#define MC_CMD_AOE_OUT_DDR_ECC_STATUS_DBE_COUNT_WIDTH 8 -#define MC_CMD_AOE_OUT_DDR_ECC_STATUS_CORDROP_COUNT_LBN 24 -#define MC_CMD_AOE_OUT_DDR_ECC_STATUS_CORDROP_COUNT_WIDTH 8 - -/* MC_CMD_AOE_OUT_MC_SPI_MASTER_READ msgresponse */ -#define MC_CMD_AOE_OUT_MC_SPI_MASTER_READ_LEN 4 -#define MC_CMD_AOE_OUT_MC_SPI_MASTER_READ_DATA_OFST 0 - -/* MC_CMD_AOE_OUT_MC_SPI_MASTER_WRITE msgresponse */ -#define MC_CMD_AOE_OUT_MC_SPI_MASTER_WRITE_LEN 0 - -/* MC_CMD_AOE_OUT_MC_SPI_MASTER msgresponse */ -#define MC_CMD_AOE_OUT_MC_SPI_MASTER_LEN 0 - -/* MC_CMD_AOE_OUT_FC_BOOT msgresponse */ -#define MC_CMD_AOE_OUT_FC_BOOT_LEN 0 - - -/***********************************/ /* MC_CMD_PTP * Perform PTP operation */ @@ -3637,41 +1365,54 @@ #define MC_CMD_PTP_OP_ENABLE 0x1 /* enum: Disable PTP packet timestamping operation. */ #define MC_CMD_PTP_OP_DISABLE 0x2 -/* enum: Send a PTP packet. */ +/* enum: Send a PTP packet. This operation is used on Siena and Huntington. + * From Medford onwards it is not supported: on those platforms PTP transmit + * timestamping is done using the fast path. + */ #define MC_CMD_PTP_OP_TRANSMIT 0x3 /* enum: Read the current NIC time. */ #define MC_CMD_PTP_OP_READ_NIC_TIME 0x4 -/* enum: Get the current PTP status. */ +/* enum: Get the current PTP status. Note that the clock frequency returned (in + * Hz) is rounded to the nearest MHz (e.g. 666000000 for 666666666). + */ #define MC_CMD_PTP_OP_STATUS 0x5 /* enum: Adjust the PTP NIC's time. */ #define MC_CMD_PTP_OP_ADJUST 0x6 /* enum: Synchronize host and NIC time. */ #define MC_CMD_PTP_OP_SYNCHRONIZE 0x7 -/* enum: Basic manufacturing tests. */ +/* enum: Basic manufacturing tests. Siena PTP adapters only. */ #define MC_CMD_PTP_OP_MANFTEST_BASIC 0x8 -/* enum: Packet based manufacturing tests. */ +/* enum: Packet based manufacturing tests. Siena PTP adapters only. */ #define MC_CMD_PTP_OP_MANFTEST_PACKET 0x9 /* enum: Reset some of the PTP related statistics */ #define MC_CMD_PTP_OP_RESET_STATS 0xa /* enum: Debug operations to MC. */ #define MC_CMD_PTP_OP_DEBUG 0xb -/* enum: Read an FPGA register */ +/* enum: Read an FPGA register. Siena PTP adapters only. */ #define MC_CMD_PTP_OP_FPGAREAD 0xc -/* enum: Write an FPGA register */ +/* enum: Write an FPGA register. Siena PTP adapters only. */ #define MC_CMD_PTP_OP_FPGAWRITE 0xd /* enum: Apply an offset to the NIC clock */ #define MC_CMD_PTP_OP_CLOCK_OFFSET_ADJUST 0xe -/* enum: Change Apply an offset to the NIC clock */ +/* enum: Change the frequency correction applied to the NIC clock */ #define MC_CMD_PTP_OP_CLOCK_FREQ_ADJUST 0xf -/* enum: Set the MC packet filter VLAN tags for received PTP packets */ +/* enum: Set the MC packet filter VLAN tags for received PTP packets. + * Deprecated for Huntington onwards. + */ #define MC_CMD_PTP_OP_RX_SET_VLAN_FILTER 0x10 -/* enum: Set the MC packet filter UUID for received PTP packets */ +/* enum: Set the MC packet filter UUID for received PTP packets. Deprecated for + * Huntington onwards. + */ #define MC_CMD_PTP_OP_RX_SET_UUID_FILTER 0x11 -/* enum: Set the MC packet filter Domain for received PTP packets */ +/* enum: Set the MC packet filter Domain for received PTP packets. Deprecated + * for Huntington onwards. + */ #define MC_CMD_PTP_OP_RX_SET_DOMAIN_FILTER 0x12 -/* enum: Set the clock source */ +/* enum: Set the clock source. Required for snapper tests on Huntington and + * Medford. Not implemented for Siena or Medford2. + */ #define MC_CMD_PTP_OP_SET_CLK_SRC 0x13 -/* enum: Reset value of Timer Reg. */ +/* enum: Reset value of Timer Reg. Not implemented. */ #define MC_CMD_PTP_OP_RST_CLK 0x14 /* enum: Enable the forwarding of PPS events to the host */ #define MC_CMD_PTP_OP_PPS_ENABLE 0x15 @@ -3692,7 +1433,7 @@ /* enum: Unsubscribe to stop receiving time events */ #define MC_CMD_PTP_OP_TIME_EVENT_UNSUBSCRIBE 0x19 /* enum: PPS based manfacturing tests. Requires PPS output to be looped to PPS - * input on the same NIC. + * input on the same NIC. Siena PTP adapters only. */ #define MC_CMD_PTP_OP_MANFTEST_PPS 0x1a /* enum: Set the PTP sync status. Status is used by firmware to report to event @@ -3705,11 +1446,15 @@ /* MC_CMD_PTP_IN_ENABLE msgrequest */ #define MC_CMD_PTP_IN_ENABLE_LEN 16 #define MC_CMD_PTP_IN_CMD_OFST 0 +#define MC_CMD_PTP_IN_CMD_LEN 4 #define MC_CMD_PTP_IN_PERIPH_ID_OFST 4 -/* Event queue for PTP events */ +#define MC_CMD_PTP_IN_PERIPH_ID_LEN 4 +/* Not used. Events are always sent to function relative queue 0. */ #define MC_CMD_PTP_IN_ENABLE_QUEUE_OFST 8 -/* PTP timestamping mode */ +#define MC_CMD_PTP_IN_ENABLE_QUEUE_LEN 4 +/* PTP timestamping mode. Not used from Huntington onwards. */ #define MC_CMD_PTP_IN_ENABLE_MODE_OFST 12 +#define MC_CMD_PTP_IN_ENABLE_MODE_LEN 4 /* enum: PTP, version 1 */ #define MC_CMD_PTP_MODE_V1 0x0 /* enum: PTP, version 1, with VLAN headers - deprecated */ @@ -3726,16 +1471,21 @@ /* MC_CMD_PTP_IN_DISABLE msgrequest */ #define MC_CMD_PTP_IN_DISABLE_LEN 8 /* MC_CMD_PTP_IN_CMD_OFST 0 */ +/* MC_CMD_PTP_IN_CMD_LEN 4 */ /* MC_CMD_PTP_IN_PERIPH_ID_OFST 4 */ +/* MC_CMD_PTP_IN_PERIPH_ID_LEN 4 */ /* MC_CMD_PTP_IN_TRANSMIT msgrequest */ #define MC_CMD_PTP_IN_TRANSMIT_LENMIN 13 #define MC_CMD_PTP_IN_TRANSMIT_LENMAX 252 #define MC_CMD_PTP_IN_TRANSMIT_LEN(num) (12+1*(num)) /* MC_CMD_PTP_IN_CMD_OFST 0 */ +/* MC_CMD_PTP_IN_CMD_LEN 4 */ /* MC_CMD_PTP_IN_PERIPH_ID_OFST 4 */ +/* MC_CMD_PTP_IN_PERIPH_ID_LEN 4 */ /* Transmit packet length */ #define MC_CMD_PTP_IN_TRANSMIT_LENGTH_OFST 8 +#define MC_CMD_PTP_IN_TRANSMIT_LENGTH_LEN 4 /* Transmit packet data */ #define MC_CMD_PTP_IN_TRANSMIT_PACKET_OFST 12 #define MC_CMD_PTP_IN_TRANSMIT_PACKET_LEN 1 @@ -3745,17 +1495,30 @@ /* MC_CMD_PTP_IN_READ_NIC_TIME msgrequest */ #define MC_CMD_PTP_IN_READ_NIC_TIME_LEN 8 /* MC_CMD_PTP_IN_CMD_OFST 0 */ +/* MC_CMD_PTP_IN_CMD_LEN 4 */ +/* MC_CMD_PTP_IN_PERIPH_ID_OFST 4 */ +/* MC_CMD_PTP_IN_PERIPH_ID_LEN 4 */ + +/* MC_CMD_PTP_IN_READ_NIC_TIME_V2 msgrequest */ +#define MC_CMD_PTP_IN_READ_NIC_TIME_V2_LEN 8 +/* MC_CMD_PTP_IN_CMD_OFST 0 */ +/* MC_CMD_PTP_IN_CMD_LEN 4 */ /* MC_CMD_PTP_IN_PERIPH_ID_OFST 4 */ +/* MC_CMD_PTP_IN_PERIPH_ID_LEN 4 */ /* MC_CMD_PTP_IN_STATUS msgrequest */ #define MC_CMD_PTP_IN_STATUS_LEN 8 /* MC_CMD_PTP_IN_CMD_OFST 0 */ +/* MC_CMD_PTP_IN_CMD_LEN 4 */ /* MC_CMD_PTP_IN_PERIPH_ID_OFST 4 */ +/* MC_CMD_PTP_IN_PERIPH_ID_LEN 4 */ /* MC_CMD_PTP_IN_ADJUST msgrequest */ #define MC_CMD_PTP_IN_ADJUST_LEN 24 /* MC_CMD_PTP_IN_CMD_OFST 0 */ +/* MC_CMD_PTP_IN_CMD_LEN 4 */ /* MC_CMD_PTP_IN_PERIPH_ID_OFST 4 */ +/* MC_CMD_PTP_IN_PERIPH_ID_LEN 4 */ /* Frequency adjustment 40 bit fixed point ns */ #define MC_CMD_PTP_IN_ADJUST_FREQ_OFST 8 #define MC_CMD_PTP_IN_ADJUST_FREQ_LEN 8 @@ -3763,21 +1526,67 @@ #define MC_CMD_PTP_IN_ADJUST_FREQ_HI_OFST 12 /* enum: Number of fractional bits in frequency adjustment */ #define MC_CMD_PTP_IN_ADJUST_BITS 0x28 +/* enum: Number of fractional bits in frequency adjustment when FP44_FREQ_ADJ + * is indicated in the MC_CMD_PTP_OUT_GET_ATTRIBUTES command CAPABILITIES + * field. + */ +#define MC_CMD_PTP_IN_ADJUST_BITS_FP44 0x2c /* Time adjustment in seconds */ #define MC_CMD_PTP_IN_ADJUST_SECONDS_OFST 16 +#define MC_CMD_PTP_IN_ADJUST_SECONDS_LEN 4 /* Time adjustment major value */ #define MC_CMD_PTP_IN_ADJUST_MAJOR_OFST 16 +#define MC_CMD_PTP_IN_ADJUST_MAJOR_LEN 4 /* Time adjustment in nanoseconds */ #define MC_CMD_PTP_IN_ADJUST_NANOSECONDS_OFST 20 +#define MC_CMD_PTP_IN_ADJUST_NANOSECONDS_LEN 4 /* Time adjustment minor value */ #define MC_CMD_PTP_IN_ADJUST_MINOR_OFST 20 +#define MC_CMD_PTP_IN_ADJUST_MINOR_LEN 4 + +/* MC_CMD_PTP_IN_ADJUST_V2 msgrequest */ +#define MC_CMD_PTP_IN_ADJUST_V2_LEN 28 +/* MC_CMD_PTP_IN_CMD_OFST 0 */ +/* MC_CMD_PTP_IN_CMD_LEN 4 */ +/* MC_CMD_PTP_IN_PERIPH_ID_OFST 4 */ +/* MC_CMD_PTP_IN_PERIPH_ID_LEN 4 */ +/* Frequency adjustment 40 bit fixed point ns */ +#define MC_CMD_PTP_IN_ADJUST_V2_FREQ_OFST 8 +#define MC_CMD_PTP_IN_ADJUST_V2_FREQ_LEN 8 +#define MC_CMD_PTP_IN_ADJUST_V2_FREQ_LO_OFST 8 +#define MC_CMD_PTP_IN_ADJUST_V2_FREQ_HI_OFST 12 +/* enum: Number of fractional bits in frequency adjustment */ +/* MC_CMD_PTP_IN_ADJUST_BITS 0x28 */ +/* enum: Number of fractional bits in frequency adjustment when FP44_FREQ_ADJ + * is indicated in the MC_CMD_PTP_OUT_GET_ATTRIBUTES command CAPABILITIES + * field. + */ +/* MC_CMD_PTP_IN_ADJUST_BITS_FP44 0x2c */ +/* Time adjustment in seconds */ +#define MC_CMD_PTP_IN_ADJUST_V2_SECONDS_OFST 16 +#define MC_CMD_PTP_IN_ADJUST_V2_SECONDS_LEN 4 +/* Time adjustment major value */ +#define MC_CMD_PTP_IN_ADJUST_V2_MAJOR_OFST 16 +#define MC_CMD_PTP_IN_ADJUST_V2_MAJOR_LEN 4 +/* Time adjustment in nanoseconds */ +#define MC_CMD_PTP_IN_ADJUST_V2_NANOSECONDS_OFST 20 +#define MC_CMD_PTP_IN_ADJUST_V2_NANOSECONDS_LEN 4 +/* Time adjustment minor value */ +#define MC_CMD_PTP_IN_ADJUST_V2_MINOR_OFST 20 +#define MC_CMD_PTP_IN_ADJUST_V2_MINOR_LEN 4 +/* Upper 32bits of major time offset adjustment */ +#define MC_CMD_PTP_IN_ADJUST_V2_MAJOR_HI_OFST 24 +#define MC_CMD_PTP_IN_ADJUST_V2_MAJOR_HI_LEN 4 /* MC_CMD_PTP_IN_SYNCHRONIZE msgrequest */ #define MC_CMD_PTP_IN_SYNCHRONIZE_LEN 20 /* MC_CMD_PTP_IN_CMD_OFST 0 */ +/* MC_CMD_PTP_IN_CMD_LEN 4 */ /* MC_CMD_PTP_IN_PERIPH_ID_OFST 4 */ +/* MC_CMD_PTP_IN_PERIPH_ID_LEN 4 */ /* Number of time readings to capture */ #define MC_CMD_PTP_IN_SYNCHRONIZE_NUMTIMESETS_OFST 8 +#define MC_CMD_PTP_IN_SYNCHRONIZE_NUMTIMESETS_LEN 4 /* Host address in which to write "synchronization started" indication (64 * bits) */ @@ -3789,42 +1598,58 @@ /* MC_CMD_PTP_IN_MANFTEST_BASIC msgrequest */ #define MC_CMD_PTP_IN_MANFTEST_BASIC_LEN 8 /* MC_CMD_PTP_IN_CMD_OFST 0 */ +/* MC_CMD_PTP_IN_CMD_LEN 4 */ /* MC_CMD_PTP_IN_PERIPH_ID_OFST 4 */ +/* MC_CMD_PTP_IN_PERIPH_ID_LEN 4 */ /* MC_CMD_PTP_IN_MANFTEST_PACKET msgrequest */ #define MC_CMD_PTP_IN_MANFTEST_PACKET_LEN 12 /* MC_CMD_PTP_IN_CMD_OFST 0 */ +/* MC_CMD_PTP_IN_CMD_LEN 4 */ /* MC_CMD_PTP_IN_PERIPH_ID_OFST 4 */ +/* MC_CMD_PTP_IN_PERIPH_ID_LEN 4 */ /* Enable or disable packet testing */ #define MC_CMD_PTP_IN_MANFTEST_PACKET_TEST_ENABLE_OFST 8 +#define MC_CMD_PTP_IN_MANFTEST_PACKET_TEST_ENABLE_LEN 4 -/* MC_CMD_PTP_IN_RESET_STATS msgrequest */ +/* MC_CMD_PTP_IN_RESET_STATS msgrequest: Reset PTP statistics */ #define MC_CMD_PTP_IN_RESET_STATS_LEN 8 /* MC_CMD_PTP_IN_CMD_OFST 0 */ -/* Reset PTP statistics */ +/* MC_CMD_PTP_IN_CMD_LEN 4 */ /* MC_CMD_PTP_IN_PERIPH_ID_OFST 4 */ +/* MC_CMD_PTP_IN_PERIPH_ID_LEN 4 */ /* MC_CMD_PTP_IN_DEBUG msgrequest */ #define MC_CMD_PTP_IN_DEBUG_LEN 12 /* MC_CMD_PTP_IN_CMD_OFST 0 */ +/* MC_CMD_PTP_IN_CMD_LEN 4 */ /* MC_CMD_PTP_IN_PERIPH_ID_OFST 4 */ +/* MC_CMD_PTP_IN_PERIPH_ID_LEN 4 */ /* Debug operations */ #define MC_CMD_PTP_IN_DEBUG_DEBUG_PARAM_OFST 8 +#define MC_CMD_PTP_IN_DEBUG_DEBUG_PARAM_LEN 4 /* MC_CMD_PTP_IN_FPGAREAD msgrequest */ #define MC_CMD_PTP_IN_FPGAREAD_LEN 16 /* MC_CMD_PTP_IN_CMD_OFST 0 */ +/* MC_CMD_PTP_IN_CMD_LEN 4 */ /* MC_CMD_PTP_IN_PERIPH_ID_OFST 4 */ +/* MC_CMD_PTP_IN_PERIPH_ID_LEN 4 */ #define MC_CMD_PTP_IN_FPGAREAD_ADDR_OFST 8 +#define MC_CMD_PTP_IN_FPGAREAD_ADDR_LEN 4 #define MC_CMD_PTP_IN_FPGAREAD_NUMBYTES_OFST 12 +#define MC_CMD_PTP_IN_FPGAREAD_NUMBYTES_LEN 4 /* MC_CMD_PTP_IN_FPGAWRITE msgrequest */ #define MC_CMD_PTP_IN_FPGAWRITE_LENMIN 13 #define MC_CMD_PTP_IN_FPGAWRITE_LENMAX 252 #define MC_CMD_PTP_IN_FPGAWRITE_LEN(num) (12+1*(num)) /* MC_CMD_PTP_IN_CMD_OFST 0 */ +/* MC_CMD_PTP_IN_CMD_LEN 4 */ /* MC_CMD_PTP_IN_PERIPH_ID_OFST 4 */ +/* MC_CMD_PTP_IN_PERIPH_ID_LEN 4 */ #define MC_CMD_PTP_IN_FPGAWRITE_ADDR_OFST 8 +#define MC_CMD_PTP_IN_FPGAWRITE_ADDR_LEN 4 #define MC_CMD_PTP_IN_FPGAWRITE_BUFFER_OFST 12 #define MC_CMD_PTP_IN_FPGAWRITE_BUFFER_LEN 1 #define MC_CMD_PTP_IN_FPGAWRITE_BUFFER_MINNUM 1 @@ -3833,34 +1658,67 @@ /* MC_CMD_PTP_IN_CLOCK_OFFSET_ADJUST msgrequest */ #define MC_CMD_PTP_IN_CLOCK_OFFSET_ADJUST_LEN 16 /* MC_CMD_PTP_IN_CMD_OFST 0 */ +/* MC_CMD_PTP_IN_CMD_LEN 4 */ /* MC_CMD_PTP_IN_PERIPH_ID_OFST 4 */ +/* MC_CMD_PTP_IN_PERIPH_ID_LEN 4 */ /* Time adjustment in seconds */ #define MC_CMD_PTP_IN_CLOCK_OFFSET_ADJUST_SECONDS_OFST 8 +#define MC_CMD_PTP_IN_CLOCK_OFFSET_ADJUST_SECONDS_LEN 4 /* Time adjustment major value */ #define MC_CMD_PTP_IN_CLOCK_OFFSET_ADJUST_MAJOR_OFST 8 +#define MC_CMD_PTP_IN_CLOCK_OFFSET_ADJUST_MAJOR_LEN 4 /* Time adjustment in nanoseconds */ #define MC_CMD_PTP_IN_CLOCK_OFFSET_ADJUST_NANOSECONDS_OFST 12 +#define MC_CMD_PTP_IN_CLOCK_OFFSET_ADJUST_NANOSECONDS_LEN 4 /* Time adjustment minor value */ #define MC_CMD_PTP_IN_CLOCK_OFFSET_ADJUST_MINOR_OFST 12 +#define MC_CMD_PTP_IN_CLOCK_OFFSET_ADJUST_MINOR_LEN 4 + +/* MC_CMD_PTP_IN_CLOCK_OFFSET_ADJUST_V2 msgrequest */ +#define MC_CMD_PTP_IN_CLOCK_OFFSET_ADJUST_V2_LEN 20 +/* MC_CMD_PTP_IN_CMD_OFST 0 */ +/* MC_CMD_PTP_IN_CMD_LEN 4 */ +/* MC_CMD_PTP_IN_PERIPH_ID_OFST 4 */ +/* MC_CMD_PTP_IN_PERIPH_ID_LEN 4 */ +/* Time adjustment in seconds */ +#define MC_CMD_PTP_IN_CLOCK_OFFSET_ADJUST_V2_SECONDS_OFST 8 +#define MC_CMD_PTP_IN_CLOCK_OFFSET_ADJUST_V2_SECONDS_LEN 4 +/* Time adjustment major value */ +#define MC_CMD_PTP_IN_CLOCK_OFFSET_ADJUST_V2_MAJOR_OFST 8 +#define MC_CMD_PTP_IN_CLOCK_OFFSET_ADJUST_V2_MAJOR_LEN 4 +/* Time adjustment in nanoseconds */ +#define MC_CMD_PTP_IN_CLOCK_OFFSET_ADJUST_V2_NANOSECONDS_OFST 12 +#define MC_CMD_PTP_IN_CLOCK_OFFSET_ADJUST_V2_NANOSECONDS_LEN 4 +/* Time adjustment minor value */ +#define MC_CMD_PTP_IN_CLOCK_OFFSET_ADJUST_V2_MINOR_OFST 12 +#define MC_CMD_PTP_IN_CLOCK_OFFSET_ADJUST_V2_MINOR_LEN 4 +/* Upper 32bits of major time offset adjustment */ +#define MC_CMD_PTP_IN_CLOCK_OFFSET_ADJUST_V2_MAJOR_HI_OFST 16 +#define MC_CMD_PTP_IN_CLOCK_OFFSET_ADJUST_V2_MAJOR_HI_LEN 4 /* MC_CMD_PTP_IN_CLOCK_FREQ_ADJUST msgrequest */ #define MC_CMD_PTP_IN_CLOCK_FREQ_ADJUST_LEN 16 /* MC_CMD_PTP_IN_CMD_OFST 0 */ +/* MC_CMD_PTP_IN_CMD_LEN 4 */ /* MC_CMD_PTP_IN_PERIPH_ID_OFST 4 */ +/* MC_CMD_PTP_IN_PERIPH_ID_LEN 4 */ /* Frequency adjustment 40 bit fixed point ns */ #define MC_CMD_PTP_IN_CLOCK_FREQ_ADJUST_FREQ_OFST 8 #define MC_CMD_PTP_IN_CLOCK_FREQ_ADJUST_FREQ_LEN 8 #define MC_CMD_PTP_IN_CLOCK_FREQ_ADJUST_FREQ_LO_OFST 8 #define MC_CMD_PTP_IN_CLOCK_FREQ_ADJUST_FREQ_HI_OFST 12 -/* enum: Number of fractional bits in frequency adjustment */ -/* MC_CMD_PTP_IN_ADJUST_BITS 0x28 */ +/* Enum values, see field(s): */ +/* MC_CMD_PTP/MC_CMD_PTP_IN_ADJUST/FREQ */ /* MC_CMD_PTP_IN_RX_SET_VLAN_FILTER msgrequest */ #define MC_CMD_PTP_IN_RX_SET_VLAN_FILTER_LEN 24 /* MC_CMD_PTP_IN_CMD_OFST 0 */ +/* MC_CMD_PTP_IN_CMD_LEN 4 */ /* MC_CMD_PTP_IN_PERIPH_ID_OFST 4 */ +/* MC_CMD_PTP_IN_PERIPH_ID_LEN 4 */ /* Number of VLAN tags, 0 if not VLAN */ #define MC_CMD_PTP_IN_RX_SET_VLAN_FILTER_NUM_VLAN_TAGS_OFST 8 +#define MC_CMD_PTP_IN_RX_SET_VLAN_FILTER_NUM_VLAN_TAGS_LEN 4 /* Set of VLAN tags to filter against */ #define MC_CMD_PTP_IN_RX_SET_VLAN_FILTER_VLAN_TAG_OFST 12 #define MC_CMD_PTP_IN_RX_SET_VLAN_FILTER_VLAN_TAG_LEN 4 @@ -3869,9 +1727,12 @@ /* MC_CMD_PTP_IN_RX_SET_UUID_FILTER msgrequest */ #define MC_CMD_PTP_IN_RX_SET_UUID_FILTER_LEN 20 /* MC_CMD_PTP_IN_CMD_OFST 0 */ +/* MC_CMD_PTP_IN_CMD_LEN 4 */ /* MC_CMD_PTP_IN_PERIPH_ID_OFST 4 */ +/* MC_CMD_PTP_IN_PERIPH_ID_LEN 4 */ /* 1 to enable UUID filtering, 0 to disable */ #define MC_CMD_PTP_IN_RX_SET_UUID_FILTER_ENABLE_OFST 8 +#define MC_CMD_PTP_IN_RX_SET_UUID_FILTER_ENABLE_LEN 4 /* UUID to filter against */ #define MC_CMD_PTP_IN_RX_SET_UUID_FILTER_UUID_OFST 12 #define MC_CMD_PTP_IN_RX_SET_UUID_FILTER_UUID_LEN 8 @@ -3881,62 +1742,82 @@ /* MC_CMD_PTP_IN_RX_SET_DOMAIN_FILTER msgrequest */ #define MC_CMD_PTP_IN_RX_SET_DOMAIN_FILTER_LEN 16 /* MC_CMD_PTP_IN_CMD_OFST 0 */ +/* MC_CMD_PTP_IN_CMD_LEN 4 */ /* MC_CMD_PTP_IN_PERIPH_ID_OFST 4 */ +/* MC_CMD_PTP_IN_PERIPH_ID_LEN 4 */ /* 1 to enable Domain filtering, 0 to disable */ #define MC_CMD_PTP_IN_RX_SET_DOMAIN_FILTER_ENABLE_OFST 8 +#define MC_CMD_PTP_IN_RX_SET_DOMAIN_FILTER_ENABLE_LEN 4 /* Domain number to filter against */ #define MC_CMD_PTP_IN_RX_SET_DOMAIN_FILTER_DOMAIN_OFST 12 +#define MC_CMD_PTP_IN_RX_SET_DOMAIN_FILTER_DOMAIN_LEN 4 /* MC_CMD_PTP_IN_SET_CLK_SRC msgrequest */ #define MC_CMD_PTP_IN_SET_CLK_SRC_LEN 12 /* MC_CMD_PTP_IN_CMD_OFST 0 */ +/* MC_CMD_PTP_IN_CMD_LEN 4 */ /* MC_CMD_PTP_IN_PERIPH_ID_OFST 4 */ +/* MC_CMD_PTP_IN_PERIPH_ID_LEN 4 */ /* Set the clock source. */ #define MC_CMD_PTP_IN_SET_CLK_SRC_CLK_OFST 8 +#define MC_CMD_PTP_IN_SET_CLK_SRC_CLK_LEN 4 /* enum: Internal. */ #define MC_CMD_PTP_CLK_SRC_INTERNAL 0x0 /* enum: External. */ #define MC_CMD_PTP_CLK_SRC_EXTERNAL 0x1 -/* MC_CMD_PTP_IN_RST_CLK msgrequest */ +/* MC_CMD_PTP_IN_RST_CLK msgrequest: Reset value of Timer Reg. */ #define MC_CMD_PTP_IN_RST_CLK_LEN 8 /* MC_CMD_PTP_IN_CMD_OFST 0 */ -/* Reset value of Timer Reg. */ +/* MC_CMD_PTP_IN_CMD_LEN 4 */ /* MC_CMD_PTP_IN_PERIPH_ID_OFST 4 */ +/* MC_CMD_PTP_IN_PERIPH_ID_LEN 4 */ /* MC_CMD_PTP_IN_PPS_ENABLE msgrequest */ #define MC_CMD_PTP_IN_PPS_ENABLE_LEN 12 /* MC_CMD_PTP_IN_CMD_OFST 0 */ +/* MC_CMD_PTP_IN_CMD_LEN 4 */ /* Enable or disable */ #define MC_CMD_PTP_IN_PPS_ENABLE_OP_OFST 4 +#define MC_CMD_PTP_IN_PPS_ENABLE_OP_LEN 4 /* enum: Enable */ #define MC_CMD_PTP_ENABLE_PPS 0x0 /* enum: Disable */ #define MC_CMD_PTP_DISABLE_PPS 0x1 -/* Queue id to send events back */ +/* Not used. Events are always sent to function relative queue 0. */ #define MC_CMD_PTP_IN_PPS_ENABLE_QUEUE_ID_OFST 8 +#define MC_CMD_PTP_IN_PPS_ENABLE_QUEUE_ID_LEN 4 /* MC_CMD_PTP_IN_GET_TIME_FORMAT msgrequest */ #define MC_CMD_PTP_IN_GET_TIME_FORMAT_LEN 8 /* MC_CMD_PTP_IN_CMD_OFST 0 */ +/* MC_CMD_PTP_IN_CMD_LEN 4 */ /* MC_CMD_PTP_IN_PERIPH_ID_OFST 4 */ +/* MC_CMD_PTP_IN_PERIPH_ID_LEN 4 */ /* MC_CMD_PTP_IN_GET_ATTRIBUTES msgrequest */ #define MC_CMD_PTP_IN_GET_ATTRIBUTES_LEN 8 /* MC_CMD_PTP_IN_CMD_OFST 0 */ +/* MC_CMD_PTP_IN_CMD_LEN 4 */ /* MC_CMD_PTP_IN_PERIPH_ID_OFST 4 */ +/* MC_CMD_PTP_IN_PERIPH_ID_LEN 4 */ /* MC_CMD_PTP_IN_GET_TIMESTAMP_CORRECTIONS msgrequest */ #define MC_CMD_PTP_IN_GET_TIMESTAMP_CORRECTIONS_LEN 8 /* MC_CMD_PTP_IN_CMD_OFST 0 */ +/* MC_CMD_PTP_IN_CMD_LEN 4 */ /* MC_CMD_PTP_IN_PERIPH_ID_OFST 4 */ +/* MC_CMD_PTP_IN_PERIPH_ID_LEN 4 */ /* MC_CMD_PTP_IN_TIME_EVENT_SUBSCRIBE msgrequest */ #define MC_CMD_PTP_IN_TIME_EVENT_SUBSCRIBE_LEN 12 /* MC_CMD_PTP_IN_CMD_OFST 0 */ +/* MC_CMD_PTP_IN_CMD_LEN 4 */ /* MC_CMD_PTP_IN_PERIPH_ID_OFST 4 */ +/* MC_CMD_PTP_IN_PERIPH_ID_LEN 4 */ /* Original field containing queue ID. Now extended to include flags. */ #define MC_CMD_PTP_IN_TIME_EVENT_SUBSCRIBE_QUEUE_OFST 8 +#define MC_CMD_PTP_IN_TIME_EVENT_SUBSCRIBE_QUEUE_LEN 4 #define MC_CMD_PTP_IN_TIME_EVENT_SUBSCRIBE_QUEUE_ID_LBN 0 #define MC_CMD_PTP_IN_TIME_EVENT_SUBSCRIBE_QUEUE_ID_WIDTH 16 #define MC_CMD_PTP_IN_TIME_EVENT_SUBSCRIBE_REPORT_SYNC_STATUS_LBN 31 @@ -3945,29 +1826,39 @@ /* MC_CMD_PTP_IN_TIME_EVENT_UNSUBSCRIBE msgrequest */ #define MC_CMD_PTP_IN_TIME_EVENT_UNSUBSCRIBE_LEN 16 /* MC_CMD_PTP_IN_CMD_OFST 0 */ +/* MC_CMD_PTP_IN_CMD_LEN 4 */ /* MC_CMD_PTP_IN_PERIPH_ID_OFST 4 */ +/* MC_CMD_PTP_IN_PERIPH_ID_LEN 4 */ /* Unsubscribe options */ #define MC_CMD_PTP_IN_TIME_EVENT_UNSUBSCRIBE_CONTROL_OFST 8 +#define MC_CMD_PTP_IN_TIME_EVENT_UNSUBSCRIBE_CONTROL_LEN 4 /* enum: Unsubscribe a single queue */ #define MC_CMD_PTP_IN_TIME_EVENT_UNSUBSCRIBE_SINGLE 0x0 /* enum: Unsubscribe all queues */ #define MC_CMD_PTP_IN_TIME_EVENT_UNSUBSCRIBE_ALL 0x1 /* Event queue ID */ #define MC_CMD_PTP_IN_TIME_EVENT_UNSUBSCRIBE_QUEUE_OFST 12 +#define MC_CMD_PTP_IN_TIME_EVENT_UNSUBSCRIBE_QUEUE_LEN 4 /* MC_CMD_PTP_IN_MANFTEST_PPS msgrequest */ #define MC_CMD_PTP_IN_MANFTEST_PPS_LEN 12 /* MC_CMD_PTP_IN_CMD_OFST 0 */ +/* MC_CMD_PTP_IN_CMD_LEN 4 */ /* MC_CMD_PTP_IN_PERIPH_ID_OFST 4 */ +/* MC_CMD_PTP_IN_PERIPH_ID_LEN 4 */ /* 1 to enable PPS test mode, 0 to disable and return result. */ #define MC_CMD_PTP_IN_MANFTEST_PPS_TEST_ENABLE_OFST 8 +#define MC_CMD_PTP_IN_MANFTEST_PPS_TEST_ENABLE_LEN 4 /* MC_CMD_PTP_IN_SET_SYNC_STATUS msgrequest */ #define MC_CMD_PTP_IN_SET_SYNC_STATUS_LEN 24 /* MC_CMD_PTP_IN_CMD_OFST 0 */ +/* MC_CMD_PTP_IN_CMD_LEN 4 */ /* MC_CMD_PTP_IN_PERIPH_ID_OFST 4 */ +/* MC_CMD_PTP_IN_PERIPH_ID_LEN 4 */ /* NIC - Host System Clock Synchronization status */ #define MC_CMD_PTP_IN_SET_SYNC_STATUS_STATUS_OFST 8 +#define MC_CMD_PTP_IN_SET_SYNC_STATUS_STATUS_LEN 4 /* enum: Host System clock and NIC clock are not in sync */ #define MC_CMD_PTP_IN_SET_SYNC_STATUS_NOT_IN_SYNC 0x0 /* enum: Host System clock and NIC clock are synchronized */ @@ -3976,8 +1867,11 @@ * no longer in sync. */ #define MC_CMD_PTP_IN_SET_SYNC_STATUS_TIMEOUT_OFST 12 +#define MC_CMD_PTP_IN_SET_SYNC_STATUS_TIMEOUT_LEN 4 #define MC_CMD_PTP_IN_SET_SYNC_STATUS_RESERVED0_OFST 16 +#define MC_CMD_PTP_IN_SET_SYNC_STATUS_RESERVED0_LEN 4 #define MC_CMD_PTP_IN_SET_SYNC_STATUS_RESERVED1_OFST 20 +#define MC_CMD_PTP_IN_SET_SYNC_STATUS_RESERVED1_LEN 4 /* MC_CMD_PTP_OUT msgresponse */ #define MC_CMD_PTP_OUT_LEN 0 @@ -3986,12 +1880,16 @@ #define MC_CMD_PTP_OUT_TRANSMIT_LEN 8 /* Value of seconds timestamp */ #define MC_CMD_PTP_OUT_TRANSMIT_SECONDS_OFST 0 +#define MC_CMD_PTP_OUT_TRANSMIT_SECONDS_LEN 4 /* Timestamp major value */ #define MC_CMD_PTP_OUT_TRANSMIT_MAJOR_OFST 0 +#define MC_CMD_PTP_OUT_TRANSMIT_MAJOR_LEN 4 /* Value of nanoseconds timestamp */ #define MC_CMD_PTP_OUT_TRANSMIT_NANOSECONDS_OFST 4 +#define MC_CMD_PTP_OUT_TRANSMIT_NANOSECONDS_LEN 4 /* Timestamp minor value */ #define MC_CMD_PTP_OUT_TRANSMIT_MINOR_OFST 4 +#define MC_CMD_PTP_OUT_TRANSMIT_MINOR_LEN 4 /* MC_CMD_PTP_OUT_TIME_EVENT_SUBSCRIBE msgresponse */ #define MC_CMD_PTP_OUT_TIME_EVENT_SUBSCRIBE_LEN 0 @@ -4003,47 +1901,85 @@ #define MC_CMD_PTP_OUT_READ_NIC_TIME_LEN 8 /* Value of seconds timestamp */ #define MC_CMD_PTP_OUT_READ_NIC_TIME_SECONDS_OFST 0 +#define MC_CMD_PTP_OUT_READ_NIC_TIME_SECONDS_LEN 4 /* Timestamp major value */ #define MC_CMD_PTP_OUT_READ_NIC_TIME_MAJOR_OFST 0 +#define MC_CMD_PTP_OUT_READ_NIC_TIME_MAJOR_LEN 4 /* Value of nanoseconds timestamp */ #define MC_CMD_PTP_OUT_READ_NIC_TIME_NANOSECONDS_OFST 4 +#define MC_CMD_PTP_OUT_READ_NIC_TIME_NANOSECONDS_LEN 4 /* Timestamp minor value */ #define MC_CMD_PTP_OUT_READ_NIC_TIME_MINOR_OFST 4 +#define MC_CMD_PTP_OUT_READ_NIC_TIME_MINOR_LEN 4 + +/* MC_CMD_PTP_OUT_READ_NIC_TIME_V2 msgresponse */ +#define MC_CMD_PTP_OUT_READ_NIC_TIME_V2_LEN 12 +/* Value of seconds timestamp */ +#define MC_CMD_PTP_OUT_READ_NIC_TIME_V2_SECONDS_OFST 0 +#define MC_CMD_PTP_OUT_READ_NIC_TIME_V2_SECONDS_LEN 4 +/* Timestamp major value */ +#define MC_CMD_PTP_OUT_READ_NIC_TIME_V2_MAJOR_OFST 0 +#define MC_CMD_PTP_OUT_READ_NIC_TIME_V2_MAJOR_LEN 4 +/* Value of nanoseconds timestamp */ +#define MC_CMD_PTP_OUT_READ_NIC_TIME_V2_NANOSECONDS_OFST 4 +#define MC_CMD_PTP_OUT_READ_NIC_TIME_V2_NANOSECONDS_LEN 4 +/* Timestamp minor value */ +#define MC_CMD_PTP_OUT_READ_NIC_TIME_V2_MINOR_OFST 4 +#define MC_CMD_PTP_OUT_READ_NIC_TIME_V2_MINOR_LEN 4 +/* Upper 32bits of major timestamp value */ +#define MC_CMD_PTP_OUT_READ_NIC_TIME_V2_MAJOR_HI_OFST 8 +#define MC_CMD_PTP_OUT_READ_NIC_TIME_V2_MAJOR_HI_LEN 4 /* MC_CMD_PTP_OUT_STATUS msgresponse */ #define MC_CMD_PTP_OUT_STATUS_LEN 64 /* Frequency of NIC's hardware clock */ #define MC_CMD_PTP_OUT_STATUS_CLOCK_FREQ_OFST 0 +#define MC_CMD_PTP_OUT_STATUS_CLOCK_FREQ_LEN 4 /* Number of packets transmitted and timestamped */ #define MC_CMD_PTP_OUT_STATUS_STATS_TX_OFST 4 +#define MC_CMD_PTP_OUT_STATUS_STATS_TX_LEN 4 /* Number of packets received and timestamped */ #define MC_CMD_PTP_OUT_STATUS_STATS_RX_OFST 8 +#define MC_CMD_PTP_OUT_STATUS_STATS_RX_LEN 4 /* Number of packets timestamped by the FPGA */ #define MC_CMD_PTP_OUT_STATUS_STATS_TS_OFST 12 +#define MC_CMD_PTP_OUT_STATUS_STATS_TS_LEN 4 /* Number of packets filter matched */ #define MC_CMD_PTP_OUT_STATUS_STATS_FM_OFST 16 +#define MC_CMD_PTP_OUT_STATUS_STATS_FM_LEN 4 /* Number of packets not filter matched */ #define MC_CMD_PTP_OUT_STATUS_STATS_NFM_OFST 20 +#define MC_CMD_PTP_OUT_STATUS_STATS_NFM_LEN 4 /* Number of PPS overflows (noise on input?) */ #define MC_CMD_PTP_OUT_STATUS_STATS_PPS_OFLOW_OFST 24 +#define MC_CMD_PTP_OUT_STATUS_STATS_PPS_OFLOW_LEN 4 /* Number of PPS bad periods */ #define MC_CMD_PTP_OUT_STATUS_STATS_PPS_BAD_OFST 28 +#define MC_CMD_PTP_OUT_STATUS_STATS_PPS_BAD_LEN 4 /* Minimum period of PPS pulse in nanoseconds */ #define MC_CMD_PTP_OUT_STATUS_STATS_PPS_PER_MIN_OFST 32 +#define MC_CMD_PTP_OUT_STATUS_STATS_PPS_PER_MIN_LEN 4 /* Maximum period of PPS pulse in nanoseconds */ #define MC_CMD_PTP_OUT_STATUS_STATS_PPS_PER_MAX_OFST 36 +#define MC_CMD_PTP_OUT_STATUS_STATS_PPS_PER_MAX_LEN 4 /* Last period of PPS pulse in nanoseconds */ #define MC_CMD_PTP_OUT_STATUS_STATS_PPS_PER_LAST_OFST 40 +#define MC_CMD_PTP_OUT_STATUS_STATS_PPS_PER_LAST_LEN 4 /* Mean period of PPS pulse in nanoseconds */ #define MC_CMD_PTP_OUT_STATUS_STATS_PPS_PER_MEAN_OFST 44 +#define MC_CMD_PTP_OUT_STATUS_STATS_PPS_PER_MEAN_LEN 4 /* Minimum offset of PPS pulse in nanoseconds (signed) */ #define MC_CMD_PTP_OUT_STATUS_STATS_PPS_OFF_MIN_OFST 48 +#define MC_CMD_PTP_OUT_STATUS_STATS_PPS_OFF_MIN_LEN 4 /* Maximum offset of PPS pulse in nanoseconds (signed) */ #define MC_CMD_PTP_OUT_STATUS_STATS_PPS_OFF_MAX_OFST 52 +#define MC_CMD_PTP_OUT_STATUS_STATS_PPS_OFF_MAX_LEN 4 /* Last offset of PPS pulse in nanoseconds (signed) */ #define MC_CMD_PTP_OUT_STATUS_STATS_PPS_OFF_LAST_OFST 56 +#define MC_CMD_PTP_OUT_STATUS_STATS_PPS_OFF_LAST_LEN 4 /* Mean offset of PPS pulse in nanoseconds (signed) */ #define MC_CMD_PTP_OUT_STATUS_STATS_PPS_OFF_MEAN_OFST 60 +#define MC_CMD_PTP_OUT_STATUS_STATS_PPS_OFF_MEAN_LEN 4 /* MC_CMD_PTP_OUT_SYNCHRONIZE msgresponse */ #define MC_CMD_PTP_OUT_SYNCHRONIZE_LENMIN 20 @@ -4056,23 +1992,31 @@ #define MC_CMD_PTP_OUT_SYNCHRONIZE_TIMESET_MAXNUM 12 /* Host time immediately before NIC's hardware clock read */ #define MC_CMD_PTP_OUT_SYNCHRONIZE_HOSTSTART_OFST 0 +#define MC_CMD_PTP_OUT_SYNCHRONIZE_HOSTSTART_LEN 4 /* Value of seconds timestamp */ #define MC_CMD_PTP_OUT_SYNCHRONIZE_SECONDS_OFST 4 +#define MC_CMD_PTP_OUT_SYNCHRONIZE_SECONDS_LEN 4 /* Timestamp major value */ #define MC_CMD_PTP_OUT_SYNCHRONIZE_MAJOR_OFST 4 +#define MC_CMD_PTP_OUT_SYNCHRONIZE_MAJOR_LEN 4 /* Value of nanoseconds timestamp */ #define MC_CMD_PTP_OUT_SYNCHRONIZE_NANOSECONDS_OFST 8 +#define MC_CMD_PTP_OUT_SYNCHRONIZE_NANOSECONDS_LEN 4 /* Timestamp minor value */ #define MC_CMD_PTP_OUT_SYNCHRONIZE_MINOR_OFST 8 +#define MC_CMD_PTP_OUT_SYNCHRONIZE_MINOR_LEN 4 /* Host time immediately after NIC's hardware clock read */ #define MC_CMD_PTP_OUT_SYNCHRONIZE_HOSTEND_OFST 12 +#define MC_CMD_PTP_OUT_SYNCHRONIZE_HOSTEND_LEN 4 /* Number of nanoseconds waited after reading NIC's hardware clock */ #define MC_CMD_PTP_OUT_SYNCHRONIZE_WAITNS_OFST 16 +#define MC_CMD_PTP_OUT_SYNCHRONIZE_WAITNS_LEN 4 /* MC_CMD_PTP_OUT_MANFTEST_BASIC msgresponse */ #define MC_CMD_PTP_OUT_MANFTEST_BASIC_LEN 8 /* Results of testing */ #define MC_CMD_PTP_OUT_MANFTEST_BASIC_TEST_RESULT_OFST 0 +#define MC_CMD_PTP_OUT_MANFTEST_BASIC_TEST_RESULT_LEN 4 /* enum: Successful test */ #define MC_CMD_PTP_MANF_SUCCESS 0x0 /* enum: FPGA load failed */ @@ -4105,15 +2049,19 @@ #define MC_CMD_PTP_MANF_CLOCK_READ 0xe /* Presence of external oscillator */ #define MC_CMD_PTP_OUT_MANFTEST_BASIC_TEST_EXTOSC_OFST 4 +#define MC_CMD_PTP_OUT_MANFTEST_BASIC_TEST_EXTOSC_LEN 4 /* MC_CMD_PTP_OUT_MANFTEST_PACKET msgresponse */ #define MC_CMD_PTP_OUT_MANFTEST_PACKET_LEN 12 /* Results of testing */ #define MC_CMD_PTP_OUT_MANFTEST_PACKET_TEST_RESULT_OFST 0 +#define MC_CMD_PTP_OUT_MANFTEST_PACKET_TEST_RESULT_LEN 4 /* Number of packets received by FPGA */ #define MC_CMD_PTP_OUT_MANFTEST_PACKET_TEST_FPGACOUNT_OFST 4 +#define MC_CMD_PTP_OUT_MANFTEST_PACKET_TEST_FPGACOUNT_LEN 4 /* Number of packets received by Siena filters */ #define MC_CMD_PTP_OUT_MANFTEST_PACKET_TEST_FILTERCOUNT_OFST 8 +#define MC_CMD_PTP_OUT_MANFTEST_PACKET_TEST_FILTERCOUNT_LEN 4 /* MC_CMD_PTP_OUT_FPGAREAD msgresponse */ #define MC_CMD_PTP_OUT_FPGAREAD_LENMIN 1 @@ -4129,9 +2077,11 @@ /* Time format required/used by for this NIC. Applies to all PTP MCDI * operations that pass times between the host and firmware. If this operation * is not supported (older firmware) a format of seconds and nanoseconds should - * be assumed. + * be assumed. Note this enum is deprecated. Do not add to it- use the + * TIME_FORMAT field in MC_CMD_PTP_OUT_GET_ATTRIBUTES instead. */ #define MC_CMD_PTP_OUT_GET_TIME_FORMAT_FORMAT_OFST 0 +#define MC_CMD_PTP_OUT_GET_TIME_FORMAT_FORMAT_LEN 4 /* enum: Times are in seconds and nanoseconds */ #define MC_CMD_PTP_OUT_GET_TIME_FORMAT_SECONDS_NANOSECONDS 0x0 /* enum: Major register has units of 16 second per tick, minor 8 ns per tick */ @@ -4147,12 +2097,16 @@ * be assumed. */ #define MC_CMD_PTP_OUT_GET_ATTRIBUTES_TIME_FORMAT_OFST 0 +#define MC_CMD_PTP_OUT_GET_ATTRIBUTES_TIME_FORMAT_LEN 4 /* enum: Times are in seconds and nanoseconds */ #define MC_CMD_PTP_OUT_GET_ATTRIBUTES_SECONDS_NANOSECONDS 0x0 /* enum: Major register has units of 16 second per tick, minor 8 ns per tick */ #define MC_CMD_PTP_OUT_GET_ATTRIBUTES_16SECONDS_8NANOSECONDS 0x1 /* enum: Major register has units of seconds, minor 2^-27s per tick */ #define MC_CMD_PTP_OUT_GET_ATTRIBUTES_SECONDS_27FRACTION 0x2 +/* enum: Major register units are seconds, minor units are quarter nanoseconds + */ +#define MC_CMD_PTP_OUT_GET_ATTRIBUTES_SECONDS_QTR_NANOSECONDS 0x3 /* Minimum acceptable value for a corrected synchronization timeset. When * comparing host and NIC clock times, the MC returns a set of samples that * contain the host start and end time, the MC time when the host start was @@ -4161,46 +2115,66 @@ * end and start times minus the time that the MC waited for host end. */ #define MC_CMD_PTP_OUT_GET_ATTRIBUTES_SYNC_WINDOW_MIN_OFST 4 +#define MC_CMD_PTP_OUT_GET_ATTRIBUTES_SYNC_WINDOW_MIN_LEN 4 /* Various PTP capabilities */ #define MC_CMD_PTP_OUT_GET_ATTRIBUTES_CAPABILITIES_OFST 8 +#define MC_CMD_PTP_OUT_GET_ATTRIBUTES_CAPABILITIES_LEN 4 #define MC_CMD_PTP_OUT_GET_ATTRIBUTES_REPORT_SYNC_STATUS_LBN 0 #define MC_CMD_PTP_OUT_GET_ATTRIBUTES_REPORT_SYNC_STATUS_WIDTH 1 #define MC_CMD_PTP_OUT_GET_ATTRIBUTES_RX_TSTAMP_OOB_LBN 1 #define MC_CMD_PTP_OUT_GET_ATTRIBUTES_RX_TSTAMP_OOB_WIDTH 1 +#define MC_CMD_PTP_OUT_GET_ATTRIBUTES_64BIT_SECONDS_LBN 2 +#define MC_CMD_PTP_OUT_GET_ATTRIBUTES_64BIT_SECONDS_WIDTH 1 +#define MC_CMD_PTP_OUT_GET_ATTRIBUTES_FP44_FREQ_ADJ_LBN 3 +#define MC_CMD_PTP_OUT_GET_ATTRIBUTES_FP44_FREQ_ADJ_WIDTH 1 #define MC_CMD_PTP_OUT_GET_ATTRIBUTES_RESERVED0_OFST 12 +#define MC_CMD_PTP_OUT_GET_ATTRIBUTES_RESERVED0_LEN 4 #define MC_CMD_PTP_OUT_GET_ATTRIBUTES_RESERVED1_OFST 16 +#define MC_CMD_PTP_OUT_GET_ATTRIBUTES_RESERVED1_LEN 4 #define MC_CMD_PTP_OUT_GET_ATTRIBUTES_RESERVED2_OFST 20 +#define MC_CMD_PTP_OUT_GET_ATTRIBUTES_RESERVED2_LEN 4 /* MC_CMD_PTP_OUT_GET_TIMESTAMP_CORRECTIONS msgresponse */ #define MC_CMD_PTP_OUT_GET_TIMESTAMP_CORRECTIONS_LEN 16 /* Uncorrected error on PTP transmit timestamps in NIC clock format */ #define MC_CMD_PTP_OUT_GET_TIMESTAMP_CORRECTIONS_TRANSMIT_OFST 0 +#define MC_CMD_PTP_OUT_GET_TIMESTAMP_CORRECTIONS_TRANSMIT_LEN 4 /* Uncorrected error on PTP receive timestamps in NIC clock format */ #define MC_CMD_PTP_OUT_GET_TIMESTAMP_CORRECTIONS_RECEIVE_OFST 4 +#define MC_CMD_PTP_OUT_GET_TIMESTAMP_CORRECTIONS_RECEIVE_LEN 4 /* Uncorrected error on PPS output in NIC clock format */ #define MC_CMD_PTP_OUT_GET_TIMESTAMP_CORRECTIONS_PPS_OUT_OFST 8 +#define MC_CMD_PTP_OUT_GET_TIMESTAMP_CORRECTIONS_PPS_OUT_LEN 4 /* Uncorrected error on PPS input in NIC clock format */ #define MC_CMD_PTP_OUT_GET_TIMESTAMP_CORRECTIONS_PPS_IN_OFST 12 +#define MC_CMD_PTP_OUT_GET_TIMESTAMP_CORRECTIONS_PPS_IN_LEN 4 /* MC_CMD_PTP_OUT_GET_TIMESTAMP_CORRECTIONS_V2 msgresponse */ #define MC_CMD_PTP_OUT_GET_TIMESTAMP_CORRECTIONS_V2_LEN 24 /* Uncorrected error on PTP transmit timestamps in NIC clock format */ #define MC_CMD_PTP_OUT_GET_TIMESTAMP_CORRECTIONS_V2_PTP_TX_OFST 0 +#define MC_CMD_PTP_OUT_GET_TIMESTAMP_CORRECTIONS_V2_PTP_TX_LEN 4 /* Uncorrected error on PTP receive timestamps in NIC clock format */ #define MC_CMD_PTP_OUT_GET_TIMESTAMP_CORRECTIONS_V2_PTP_RX_OFST 4 +#define MC_CMD_PTP_OUT_GET_TIMESTAMP_CORRECTIONS_V2_PTP_RX_LEN 4 /* Uncorrected error on PPS output in NIC clock format */ #define MC_CMD_PTP_OUT_GET_TIMESTAMP_CORRECTIONS_V2_PPS_OUT_OFST 8 +#define MC_CMD_PTP_OUT_GET_TIMESTAMP_CORRECTIONS_V2_PPS_OUT_LEN 4 /* Uncorrected error on PPS input in NIC clock format */ #define MC_CMD_PTP_OUT_GET_TIMESTAMP_CORRECTIONS_V2_PPS_IN_OFST 12 +#define MC_CMD_PTP_OUT_GET_TIMESTAMP_CORRECTIONS_V2_PPS_IN_LEN 4 /* Uncorrected error on non-PTP transmit timestamps in NIC clock format */ #define MC_CMD_PTP_OUT_GET_TIMESTAMP_CORRECTIONS_V2_GENERAL_TX_OFST 16 +#define MC_CMD_PTP_OUT_GET_TIMESTAMP_CORRECTIONS_V2_GENERAL_TX_LEN 4 /* Uncorrected error on non-PTP receive timestamps in NIC clock format */ #define MC_CMD_PTP_OUT_GET_TIMESTAMP_CORRECTIONS_V2_GENERAL_RX_OFST 20 +#define MC_CMD_PTP_OUT_GET_TIMESTAMP_CORRECTIONS_V2_GENERAL_RX_LEN 4 /* MC_CMD_PTP_OUT_MANFTEST_PPS msgresponse */ #define MC_CMD_PTP_OUT_MANFTEST_PPS_LEN 4 /* Results of testing */ #define MC_CMD_PTP_OUT_MANFTEST_PPS_TEST_RESULT_OFST 0 +#define MC_CMD_PTP_OUT_MANFTEST_PPS_TEST_RESULT_LEN 4 /* Enum values, see field(s): */ /* MC_CMD_PTP_OUT_MANFTEST_BASIC/TEST_RESULT */ @@ -4215,14 +2189,17 @@ #define MC_CMD_CSR_READ32 0xc #undef MC_CMD_0xc_PRIVILEGE_CTG -#define MC_CMD_0xc_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0xc_PRIVILEGE_CTG SRIOV_CTG_INSECURE /* MC_CMD_CSR_READ32_IN msgrequest */ #define MC_CMD_CSR_READ32_IN_LEN 12 /* Address */ #define MC_CMD_CSR_READ32_IN_ADDR_OFST 0 +#define MC_CMD_CSR_READ32_IN_ADDR_LEN 4 #define MC_CMD_CSR_READ32_IN_STEP_OFST 4 +#define MC_CMD_CSR_READ32_IN_STEP_LEN 4 #define MC_CMD_CSR_READ32_IN_NUMWORDS_OFST 8 +#define MC_CMD_CSR_READ32_IN_NUMWORDS_LEN 4 /* MC_CMD_CSR_READ32_OUT msgresponse */ #define MC_CMD_CSR_READ32_OUT_LENMIN 4 @@ -4242,7 +2219,7 @@ #define MC_CMD_CSR_WRITE32 0xd #undef MC_CMD_0xd_PRIVILEGE_CTG -#define MC_CMD_0xd_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0xd_PRIVILEGE_CTG SRIOV_CTG_INSECURE /* MC_CMD_CSR_WRITE32_IN msgrequest */ #define MC_CMD_CSR_WRITE32_IN_LENMIN 12 @@ -4250,7 +2227,9 @@ #define MC_CMD_CSR_WRITE32_IN_LEN(num) (8+4*(num)) /* Address */ #define MC_CMD_CSR_WRITE32_IN_ADDR_OFST 0 +#define MC_CMD_CSR_WRITE32_IN_ADDR_LEN 4 #define MC_CMD_CSR_WRITE32_IN_STEP_OFST 4 +#define MC_CMD_CSR_WRITE32_IN_STEP_LEN 4 #define MC_CMD_CSR_WRITE32_IN_BUFFER_OFST 8 #define MC_CMD_CSR_WRITE32_IN_BUFFER_LEN 4 #define MC_CMD_CSR_WRITE32_IN_BUFFER_MINNUM 1 @@ -4259,6 +2238,7 @@ /* MC_CMD_CSR_WRITE32_OUT msgresponse */ #define MC_CMD_CSR_WRITE32_OUT_LEN 4 #define MC_CMD_CSR_WRITE32_OUT_STATUS_OFST 0 +#define MC_CMD_CSR_WRITE32_OUT_STATUS_LEN 4 /***********************************/ @@ -4269,7 +2249,7 @@ #define MC_CMD_HP 0x54 #undef MC_CMD_0x54_PRIVILEGE_CTG -#define MC_CMD_0x54_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0x54_PRIVILEGE_CTG SRIOV_CTG_ADMIN_TSA_UNBOUND /* MC_CMD_HP_IN msgrequest */ #define MC_CMD_HP_IN_LEN 16 @@ -4280,6 +2260,7 @@ * sensors. */ #define MC_CMD_HP_IN_SUBCMD_OFST 0 +#define MC_CMD_HP_IN_SUBCMD_LEN 4 /* enum: OCSD (Option Card Sensor Data) sub-command. */ #define MC_CMD_HP_IN_OCSD_SUBCMD 0x0 /* enum: Last known valid HP sub-command. */ @@ -4294,10 +2275,12 @@ * NULL.) */ #define MC_CMD_HP_IN_OCSD_INTERVAL_OFST 12 +#define MC_CMD_HP_IN_OCSD_INTERVAL_LEN 4 /* MC_CMD_HP_OUT msgresponse */ #define MC_CMD_HP_OUT_LEN 4 #define MC_CMD_HP_OUT_OCSD_STATUS_OFST 0 +#define MC_CMD_HP_OUT_OCSD_STATUS_LEN 4 /* enum: OCSD stopped for this card. */ #define MC_CMD_HP_OUT_OCSD_STOPPED 0x1 /* enum: OCSD was successfully started with the address provided. */ @@ -4344,29 +2327,35 @@ * external devices. */ #define MC_CMD_MDIO_READ_IN_BUS_OFST 0 +#define MC_CMD_MDIO_READ_IN_BUS_LEN 4 /* enum: Internal. */ #define MC_CMD_MDIO_BUS_INTERNAL 0x0 /* enum: External. */ #define MC_CMD_MDIO_BUS_EXTERNAL 0x1 /* Port address */ #define MC_CMD_MDIO_READ_IN_PRTAD_OFST 4 +#define MC_CMD_MDIO_READ_IN_PRTAD_LEN 4 /* Device Address or clause 22. */ #define MC_CMD_MDIO_READ_IN_DEVAD_OFST 8 +#define MC_CMD_MDIO_READ_IN_DEVAD_LEN 4 /* enum: By default all the MCDI MDIO operations perform clause45 mode. If you * want to use clause22 then set DEVAD = MC_CMD_MDIO_CLAUSE22. */ #define MC_CMD_MDIO_CLAUSE22 0x20 /* Address */ #define MC_CMD_MDIO_READ_IN_ADDR_OFST 12 +#define MC_CMD_MDIO_READ_IN_ADDR_LEN 4 /* MC_CMD_MDIO_READ_OUT msgresponse */ #define MC_CMD_MDIO_READ_OUT_LEN 8 /* Value */ #define MC_CMD_MDIO_READ_OUT_VALUE_OFST 0 +#define MC_CMD_MDIO_READ_OUT_VALUE_LEN 4 /* Status the MDIO commands return the raw status bits from the MDIO block. A * "good" transaction should have the DONE bit set and all other bits clear. */ #define MC_CMD_MDIO_READ_OUT_STATUS_OFST 4 +#define MC_CMD_MDIO_READ_OUT_STATUS_LEN 4 /* enum: Good. */ #define MC_CMD_MDIO_STATUS_GOOD 0x8 @@ -4386,22 +2375,27 @@ * external devices. */ #define MC_CMD_MDIO_WRITE_IN_BUS_OFST 0 +#define MC_CMD_MDIO_WRITE_IN_BUS_LEN 4 /* enum: Internal. */ /* MC_CMD_MDIO_BUS_INTERNAL 0x0 */ /* enum: External. */ /* MC_CMD_MDIO_BUS_EXTERNAL 0x1 */ /* Port address */ #define MC_CMD_MDIO_WRITE_IN_PRTAD_OFST 4 +#define MC_CMD_MDIO_WRITE_IN_PRTAD_LEN 4 /* Device Address or clause 22. */ #define MC_CMD_MDIO_WRITE_IN_DEVAD_OFST 8 +#define MC_CMD_MDIO_WRITE_IN_DEVAD_LEN 4 /* enum: By default all the MCDI MDIO operations perform clause45 mode. If you * want to use clause22 then set DEVAD = MC_CMD_MDIO_CLAUSE22. */ /* MC_CMD_MDIO_CLAUSE22 0x20 */ /* Address */ #define MC_CMD_MDIO_WRITE_IN_ADDR_OFST 12 +#define MC_CMD_MDIO_WRITE_IN_ADDR_LEN 4 /* Value */ #define MC_CMD_MDIO_WRITE_IN_VALUE_OFST 16 +#define MC_CMD_MDIO_WRITE_IN_VALUE_LEN 4 /* MC_CMD_MDIO_WRITE_OUT msgresponse */ #define MC_CMD_MDIO_WRITE_OUT_LEN 4 @@ -4409,6 +2403,7 @@ * "good" transaction should have the DONE bit set and all other bits clear. */ #define MC_CMD_MDIO_WRITE_OUT_STATUS_OFST 0 +#define MC_CMD_MDIO_WRITE_OUT_STATUS_LEN 4 /* enum: Good. */ /* MC_CMD_MDIO_STATUS_GOOD 0x8 */ @@ -4420,7 +2415,7 @@ #define MC_CMD_DBI_WRITE 0x12 #undef MC_CMD_0x12_PRIVILEGE_CTG -#define MC_CMD_0x12_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0x12_PRIVILEGE_CTG SRIOV_CTG_INSECURE /* MC_CMD_DBI_WRITE_IN msgrequest */ #define MC_CMD_DBI_WRITE_IN_LENMIN 12 @@ -4440,9 +2435,11 @@ /* MC_CMD_DBIWROP_TYPEDEF structuredef */ #define MC_CMD_DBIWROP_TYPEDEF_LEN 12 #define MC_CMD_DBIWROP_TYPEDEF_ADDRESS_OFST 0 +#define MC_CMD_DBIWROP_TYPEDEF_ADDRESS_LEN 4 #define MC_CMD_DBIWROP_TYPEDEF_ADDRESS_LBN 0 #define MC_CMD_DBIWROP_TYPEDEF_ADDRESS_WIDTH 32 #define MC_CMD_DBIWROP_TYPEDEF_PARMS_OFST 4 +#define MC_CMD_DBIWROP_TYPEDEF_PARMS_LEN 4 #define MC_CMD_DBIWROP_TYPEDEF_VF_NUM_LBN 16 #define MC_CMD_DBIWROP_TYPEDEF_VF_NUM_WIDTH 16 #define MC_CMD_DBIWROP_TYPEDEF_VF_ACTIVE_LBN 15 @@ -4452,6 +2449,7 @@ #define MC_CMD_DBIWROP_TYPEDEF_PARMS_LBN 32 #define MC_CMD_DBIWROP_TYPEDEF_PARMS_WIDTH 32 #define MC_CMD_DBIWROP_TYPEDEF_VALUE_OFST 8 +#define MC_CMD_DBIWROP_TYPEDEF_VALUE_LEN 4 #define MC_CMD_DBIWROP_TYPEDEF_VALUE_LBN 64 #define MC_CMD_DBIWROP_TYPEDEF_VALUE_WIDTH 32 @@ -4467,13 +2465,16 @@ #define MC_CMD_PORT_READ32_IN_LEN 4 /* Address */ #define MC_CMD_PORT_READ32_IN_ADDR_OFST 0 +#define MC_CMD_PORT_READ32_IN_ADDR_LEN 4 /* MC_CMD_PORT_READ32_OUT msgresponse */ #define MC_CMD_PORT_READ32_OUT_LEN 8 /* Value */ #define MC_CMD_PORT_READ32_OUT_VALUE_OFST 0 +#define MC_CMD_PORT_READ32_OUT_VALUE_LEN 4 /* Status */ #define MC_CMD_PORT_READ32_OUT_STATUS_OFST 4 +#define MC_CMD_PORT_READ32_OUT_STATUS_LEN 4 /***********************************/ @@ -4487,13 +2488,16 @@ #define MC_CMD_PORT_WRITE32_IN_LEN 8 /* Address */ #define MC_CMD_PORT_WRITE32_IN_ADDR_OFST 0 +#define MC_CMD_PORT_WRITE32_IN_ADDR_LEN 4 /* Value */ #define MC_CMD_PORT_WRITE32_IN_VALUE_OFST 4 +#define MC_CMD_PORT_WRITE32_IN_VALUE_LEN 4 /* MC_CMD_PORT_WRITE32_OUT msgresponse */ #define MC_CMD_PORT_WRITE32_OUT_LEN 4 /* Status */ #define MC_CMD_PORT_WRITE32_OUT_STATUS_OFST 0 +#define MC_CMD_PORT_WRITE32_OUT_STATUS_LEN 4 /***********************************/ @@ -4507,6 +2511,7 @@ #define MC_CMD_PORT_READ128_IN_LEN 4 /* Address */ #define MC_CMD_PORT_READ128_IN_ADDR_OFST 0 +#define MC_CMD_PORT_READ128_IN_ADDR_LEN 4 /* MC_CMD_PORT_READ128_OUT msgresponse */ #define MC_CMD_PORT_READ128_OUT_LEN 20 @@ -4515,6 +2520,7 @@ #define MC_CMD_PORT_READ128_OUT_VALUE_LEN 16 /* Status */ #define MC_CMD_PORT_READ128_OUT_STATUS_OFST 16 +#define MC_CMD_PORT_READ128_OUT_STATUS_LEN 4 /***********************************/ @@ -4528,6 +2534,7 @@ #define MC_CMD_PORT_WRITE128_IN_LEN 20 /* Address */ #define MC_CMD_PORT_WRITE128_IN_ADDR_OFST 0 +#define MC_CMD_PORT_WRITE128_IN_ADDR_LEN 4 /* Value */ #define MC_CMD_PORT_WRITE128_IN_VALUE_OFST 4 #define MC_CMD_PORT_WRITE128_IN_VALUE_LEN 16 @@ -4536,6 +2543,7 @@ #define MC_CMD_PORT_WRITE128_OUT_LEN 4 /* Status */ #define MC_CMD_PORT_WRITE128_OUT_STATUS_OFST 0 +#define MC_CMD_PORT_WRITE128_OUT_STATUS_LEN 4 /* MC_CMD_CAPABILITIES structuredef */ #define MC_CMD_CAPABILITIES_LEN 4 @@ -4581,24 +2589,54 @@ #define MC_CMD_GET_BOARD_CFG_OUT_LENMAX 136 #define MC_CMD_GET_BOARD_CFG_OUT_LEN(num) (72+2*(num)) #define MC_CMD_GET_BOARD_CFG_OUT_BOARD_TYPE_OFST 0 +#define MC_CMD_GET_BOARD_CFG_OUT_BOARD_TYPE_LEN 4 #define MC_CMD_GET_BOARD_CFG_OUT_BOARD_NAME_OFST 4 #define MC_CMD_GET_BOARD_CFG_OUT_BOARD_NAME_LEN 32 -/* See MC_CMD_CAPABILITIES */ +/* Capabilities for Siena Port0 (see struct MC_CMD_CAPABILITIES). Unused on + * EF10 and later (use MC_CMD_GET_CAPABILITIES). + */ #define MC_CMD_GET_BOARD_CFG_OUT_CAPABILITIES_PORT0_OFST 36 -/* See MC_CMD_CAPABILITIES */ +#define MC_CMD_GET_BOARD_CFG_OUT_CAPABILITIES_PORT0_LEN 4 +/* Capabilities for Siena Port1 (see struct MC_CMD_CAPABILITIES). Unused on + * EF10 and later (use MC_CMD_GET_CAPABILITIES). + */ #define MC_CMD_GET_BOARD_CFG_OUT_CAPABILITIES_PORT1_OFST 40 +#define MC_CMD_GET_BOARD_CFG_OUT_CAPABILITIES_PORT1_LEN 4 +/* Base MAC address for Siena Port0. Unused on EF10 and later (use + * MC_CMD_GET_MAC_ADDRESSES). + */ #define MC_CMD_GET_BOARD_CFG_OUT_MAC_ADDR_BASE_PORT0_OFST 44 #define MC_CMD_GET_BOARD_CFG_OUT_MAC_ADDR_BASE_PORT0_LEN 6 +/* Base MAC address for Siena Port1. Unused on EF10 and later (use + * MC_CMD_GET_MAC_ADDRESSES). + */ #define MC_CMD_GET_BOARD_CFG_OUT_MAC_ADDR_BASE_PORT1_OFST 50 #define MC_CMD_GET_BOARD_CFG_OUT_MAC_ADDR_BASE_PORT1_LEN 6 +/* Size of MAC address pool for Siena Port0. Unused on EF10 and later (use + * MC_CMD_GET_MAC_ADDRESSES). + */ #define MC_CMD_GET_BOARD_CFG_OUT_MAC_COUNT_PORT0_OFST 56 +#define MC_CMD_GET_BOARD_CFG_OUT_MAC_COUNT_PORT0_LEN 4 +/* Size of MAC address pool for Siena Port1. Unused on EF10 and later (use + * MC_CMD_GET_MAC_ADDRESSES). + */ #define MC_CMD_GET_BOARD_CFG_OUT_MAC_COUNT_PORT1_OFST 60 +#define MC_CMD_GET_BOARD_CFG_OUT_MAC_COUNT_PORT1_LEN 4 +/* Increment between addresses in MAC address pool for Siena Port0. Unused on + * EF10 and later (use MC_CMD_GET_MAC_ADDRESSES). + */ #define MC_CMD_GET_BOARD_CFG_OUT_MAC_STRIDE_PORT0_OFST 64 +#define MC_CMD_GET_BOARD_CFG_OUT_MAC_STRIDE_PORT0_LEN 4 +/* Increment between addresses in MAC address pool for Siena Port1. Unused on + * EF10 and later (use MC_CMD_GET_MAC_ADDRESSES). + */ #define MC_CMD_GET_BOARD_CFG_OUT_MAC_STRIDE_PORT1_OFST 68 -/* This field contains a 16-bit value for each of the types of NVRAM area. The - * values are defined in the firmware/mc/platform/.c file for a specific board - * type, but otherwise have no meaning to the MC; they are used by the driver - * to manage selection of appropriate firmware updates. +#define MC_CMD_GET_BOARD_CFG_OUT_MAC_STRIDE_PORT1_LEN 4 +/* Siena only. This field contains a 16-bit value for each of the types of + * NVRAM area. The values are defined in the firmware/mc/platform/.c file for a + * specific board type, but otherwise have no meaning to the MC; they are used + * by the driver to manage selection of appropriate firmware updates. Unused on + * EF10 and later (use MC_CMD_NVRAM_METADATA). */ #define MC_CMD_GET_BOARD_CFG_OUT_FW_SUBTYPE_LIST_OFST 72 #define MC_CMD_GET_BOARD_CFG_OUT_FW_SUBTYPE_LIST_LEN 2 @@ -4613,7 +2651,7 @@ #define MC_CMD_DBI_READX 0x19 #undef MC_CMD_0x19_PRIVILEGE_CTG -#define MC_CMD_0x19_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0x19_PRIVILEGE_CTG SRIOV_CTG_INSECURE /* MC_CMD_DBI_READX_IN msgrequest */ #define MC_CMD_DBI_READX_IN_LENMIN 8 @@ -4640,9 +2678,11 @@ /* MC_CMD_DBIRDOP_TYPEDEF structuredef */ #define MC_CMD_DBIRDOP_TYPEDEF_LEN 8 #define MC_CMD_DBIRDOP_TYPEDEF_ADDRESS_OFST 0 +#define MC_CMD_DBIRDOP_TYPEDEF_ADDRESS_LEN 4 #define MC_CMD_DBIRDOP_TYPEDEF_ADDRESS_LBN 0 #define MC_CMD_DBIRDOP_TYPEDEF_ADDRESS_WIDTH 32 #define MC_CMD_DBIRDOP_TYPEDEF_PARMS_OFST 4 +#define MC_CMD_DBIRDOP_TYPEDEF_PARMS_LEN 4 #define MC_CMD_DBIRDOP_TYPEDEF_VF_NUM_LBN 16 #define MC_CMD_DBIRDOP_TYPEDEF_VF_NUM_WIDTH 16 #define MC_CMD_DBIRDOP_TYPEDEF_VF_ACTIVE_LBN 15 @@ -4660,7 +2700,7 @@ #define MC_CMD_SET_RAND_SEED 0x1a #undef MC_CMD_0x1a_PRIVILEGE_CTG -#define MC_CMD_0x1a_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0x1a_PRIVILEGE_CTG SRIOV_CTG_INSECURE /* MC_CMD_SET_RAND_SEED_IN msgrequest */ #define MC_CMD_SET_RAND_SEED_IN_LEN 16 @@ -4710,14 +2750,25 @@ #define MC_CMD_DRV_ATTACH_IN_LEN 12 /* new state to set if UPDATE=1 */ #define MC_CMD_DRV_ATTACH_IN_NEW_STATE_OFST 0 +#define MC_CMD_DRV_ATTACH_IN_NEW_STATE_LEN 4 #define MC_CMD_DRV_ATTACH_LBN 0 #define MC_CMD_DRV_ATTACH_WIDTH 1 +#define MC_CMD_DRV_ATTACH_IN_ATTACH_LBN 0 +#define MC_CMD_DRV_ATTACH_IN_ATTACH_WIDTH 1 #define MC_CMD_DRV_PREBOOT_LBN 1 #define MC_CMD_DRV_PREBOOT_WIDTH 1 +#define MC_CMD_DRV_ATTACH_IN_PREBOOT_LBN 1 +#define MC_CMD_DRV_ATTACH_IN_PREBOOT_WIDTH 1 +#define MC_CMD_DRV_ATTACH_IN_SUBVARIANT_AWARE_LBN 2 +#define MC_CMD_DRV_ATTACH_IN_SUBVARIANT_AWARE_WIDTH 1 +#define MC_CMD_DRV_ATTACH_IN_WANT_VI_SPREADING_LBN 3 +#define MC_CMD_DRV_ATTACH_IN_WANT_VI_SPREADING_WIDTH 1 /* 1 to set new state, or 0 to just report the existing state */ #define MC_CMD_DRV_ATTACH_IN_UPDATE_OFST 4 +#define MC_CMD_DRV_ATTACH_IN_UPDATE_LEN 4 /* preferred datapath firmware (for Huntington; ignored for Siena) */ #define MC_CMD_DRV_ATTACH_IN_FIRMWARE_ID_OFST 8 +#define MC_CMD_DRV_ATTACH_IN_FIRMWARE_ID_LEN 4 /* enum: Prefer to use full featured firmware */ #define MC_CMD_FW_FULL_FEATURED 0x0 /* enum: Prefer to use firmware with fewer features but lower latency */ @@ -4734,20 +2785,35 @@ * support */ #define MC_CMD_FW_RULES_ENGINE 0x5 +/* enum: Prefer to use firmware with additional DPDK support */ +#define MC_CMD_FW_DPDK 0x6 +/* enum: Prefer to use "l3xudp" custom datapath firmware (see SF-119495-PD and + * bug69716) + */ +#define MC_CMD_FW_L3XUDP 0x7 +/* enum: Requests that the MC keep whatever datapath firmware is currently + * running. It's used for test purposes, where we want to be able to shmboot + * special test firmware variants. This option is only recognised in eftest + * (i.e. non-production) builds. + */ +#define MC_CMD_FW_KEEP_CURRENT_EFTEST_ONLY 0xfffffffe /* enum: Only this option is allowed for non-admin functions */ -#define MC_CMD_FW_DONT_CARE 0xffffffff +#define MC_CMD_FW_DONT_CARE 0xffffffff /* MC_CMD_DRV_ATTACH_OUT msgresponse */ #define MC_CMD_DRV_ATTACH_OUT_LEN 4 /* previous or existing state, see the bitmask at NEW_STATE */ #define MC_CMD_DRV_ATTACH_OUT_OLD_STATE_OFST 0 +#define MC_CMD_DRV_ATTACH_OUT_OLD_STATE_LEN 4 /* MC_CMD_DRV_ATTACH_EXT_OUT msgresponse */ #define MC_CMD_DRV_ATTACH_EXT_OUT_LEN 8 /* previous or existing state, see the bitmask at NEW_STATE */ #define MC_CMD_DRV_ATTACH_EXT_OUT_OLD_STATE_OFST 0 +#define MC_CMD_DRV_ATTACH_EXT_OUT_OLD_STATE_LEN 4 /* Flags associated with this function */ #define MC_CMD_DRV_ATTACH_EXT_OUT_FUNC_FLAGS_OFST 4 +#define MC_CMD_DRV_ATTACH_EXT_OUT_FUNC_FLAGS_LEN 4 /* enum: Labels the lowest-numbered function visible to the OS */ #define MC_CMD_DRV_ATTACH_EXT_OUT_FLAG_PRIMARY 0x0 /* enum: The function can control the link state of the physical port it is @@ -4760,6 +2826,11 @@ * refers to the Sorrento external FPGA port. */ #define MC_CMD_DRV_ATTACH_EXT_OUT_FLAG_NO_ACTIVE_PORT 0x3 +/* enum: If set, indicates that VI spreading is currently enabled. Will always + * indicate the current state, regardless of the value in the WANT_VI_SPREADING + * input. + */ +#define MC_CMD_DRV_ATTACH_EXT_OUT_FLAG_VI_SPREADING_ENABLED 0x4 /***********************************/ @@ -4772,6 +2843,7 @@ #define MC_CMD_SHMUART_IN_LEN 4 /* ??? */ #define MC_CMD_SHMUART_IN_FLAG_OFST 0 +#define MC_CMD_SHMUART_IN_FLAG_LEN 4 /* MC_CMD_SHMUART_OUT msgresponse */ #define MC_CMD_SHMUART_OUT_LEN 0 @@ -4810,6 +2882,7 @@ * (TBD). */ #define MC_CMD_ENTITY_RESET_IN_FLAG_OFST 0 +#define MC_CMD_ENTITY_RESET_IN_FLAG_LEN 4 #define MC_CMD_ENTITY_RESET_IN_FUNCTION_RESOURCE_RESET_LBN 0 #define MC_CMD_ENTITY_RESET_IN_FUNCTION_RESOURCE_RESET_WIDTH 1 @@ -4827,8 +2900,10 @@ #define MC_CMD_PCIE_CREDITS_IN_LEN 8 /* poll period. 0 is disabled */ #define MC_CMD_PCIE_CREDITS_IN_POLL_PERIOD_OFST 0 +#define MC_CMD_PCIE_CREDITS_IN_POLL_PERIOD_LEN 4 /* wipe statistics */ #define MC_CMD_PCIE_CREDITS_IN_WIPE_OFST 4 +#define MC_CMD_PCIE_CREDITS_IN_WIPE_LEN 4 /* MC_CMD_PCIE_CREDITS_OUT msgresponse */ #define MC_CMD_PCIE_CREDITS_OUT_LEN 16 @@ -4859,31 +2934,54 @@ /* MC_CMD_RXD_MONITOR_IN msgrequest */ #define MC_CMD_RXD_MONITOR_IN_LEN 12 #define MC_CMD_RXD_MONITOR_IN_QID_OFST 0 +#define MC_CMD_RXD_MONITOR_IN_QID_LEN 4 #define MC_CMD_RXD_MONITOR_IN_POLL_PERIOD_OFST 4 +#define MC_CMD_RXD_MONITOR_IN_POLL_PERIOD_LEN 4 #define MC_CMD_RXD_MONITOR_IN_WIPE_OFST 8 +#define MC_CMD_RXD_MONITOR_IN_WIPE_LEN 4 /* MC_CMD_RXD_MONITOR_OUT msgresponse */ #define MC_CMD_RXD_MONITOR_OUT_LEN 80 #define MC_CMD_RXD_MONITOR_OUT_QID_OFST 0 +#define MC_CMD_RXD_MONITOR_OUT_QID_LEN 4 #define MC_CMD_RXD_MONITOR_OUT_RING_FILL_OFST 4 +#define MC_CMD_RXD_MONITOR_OUT_RING_FILL_LEN 4 #define MC_CMD_RXD_MONITOR_OUT_CACHE_FILL_OFST 8 +#define MC_CMD_RXD_MONITOR_OUT_CACHE_FILL_LEN 4 #define MC_CMD_RXD_MONITOR_OUT_RING_LT_1_OFST 12 +#define MC_CMD_RXD_MONITOR_OUT_RING_LT_1_LEN 4 #define MC_CMD_RXD_MONITOR_OUT_RING_LT_2_OFST 16 +#define MC_CMD_RXD_MONITOR_OUT_RING_LT_2_LEN 4 #define MC_CMD_RXD_MONITOR_OUT_RING_LT_4_OFST 20 +#define MC_CMD_RXD_MONITOR_OUT_RING_LT_4_LEN 4 #define MC_CMD_RXD_MONITOR_OUT_RING_LT_8_OFST 24 +#define MC_CMD_RXD_MONITOR_OUT_RING_LT_8_LEN 4 #define MC_CMD_RXD_MONITOR_OUT_RING_LT_16_OFST 28 +#define MC_CMD_RXD_MONITOR_OUT_RING_LT_16_LEN 4 #define MC_CMD_RXD_MONITOR_OUT_RING_LT_32_OFST 32 +#define MC_CMD_RXD_MONITOR_OUT_RING_LT_32_LEN 4 #define MC_CMD_RXD_MONITOR_OUT_RING_LT_64_OFST 36 +#define MC_CMD_RXD_MONITOR_OUT_RING_LT_64_LEN 4 #define MC_CMD_RXD_MONITOR_OUT_RING_LT_128_OFST 40 +#define MC_CMD_RXD_MONITOR_OUT_RING_LT_128_LEN 4 #define MC_CMD_RXD_MONITOR_OUT_RING_LT_256_OFST 44 +#define MC_CMD_RXD_MONITOR_OUT_RING_LT_256_LEN 4 #define MC_CMD_RXD_MONITOR_OUT_RING_GE_256_OFST 48 +#define MC_CMD_RXD_MONITOR_OUT_RING_GE_256_LEN 4 #define MC_CMD_RXD_MONITOR_OUT_CACHE_LT_1_OFST 52 +#define MC_CMD_RXD_MONITOR_OUT_CACHE_LT_1_LEN 4 #define MC_CMD_RXD_MONITOR_OUT_CACHE_LT_2_OFST 56 +#define MC_CMD_RXD_MONITOR_OUT_CACHE_LT_2_LEN 4 #define MC_CMD_RXD_MONITOR_OUT_CACHE_LT_4_OFST 60 +#define MC_CMD_RXD_MONITOR_OUT_CACHE_LT_4_LEN 4 #define MC_CMD_RXD_MONITOR_OUT_CACHE_LT_8_OFST 64 +#define MC_CMD_RXD_MONITOR_OUT_CACHE_LT_8_LEN 4 #define MC_CMD_RXD_MONITOR_OUT_CACHE_LT_16_OFST 68 +#define MC_CMD_RXD_MONITOR_OUT_CACHE_LT_16_LEN 4 #define MC_CMD_RXD_MONITOR_OUT_CACHE_LT_32_OFST 72 +#define MC_CMD_RXD_MONITOR_OUT_CACHE_LT_32_LEN 4 #define MC_CMD_RXD_MONITOR_OUT_CACHE_GE_32_OFST 76 +#define MC_CMD_RXD_MONITOR_OUT_CACHE_GE_32_LEN 4 /***********************************/ @@ -4893,13 +2991,14 @@ #define MC_CMD_PUTS 0x23 #undef MC_CMD_0x23_PRIVILEGE_CTG -#define MC_CMD_0x23_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0x23_PRIVILEGE_CTG SRIOV_CTG_INSECURE /* MC_CMD_PUTS_IN msgrequest */ #define MC_CMD_PUTS_IN_LENMIN 13 #define MC_CMD_PUTS_IN_LENMAX 252 #define MC_CMD_PUTS_IN_LEN(num) (12+1*(num)) #define MC_CMD_PUTS_IN_DEST_OFST 0 +#define MC_CMD_PUTS_IN_DEST_LEN 4 #define MC_CMD_PUTS_IN_UART_LBN 0 #define MC_CMD_PUTS_IN_UART_WIDTH 1 #define MC_CMD_PUTS_IN_PORT_LBN 1 @@ -4932,6 +3031,7 @@ #define MC_CMD_GET_PHY_CFG_OUT_LEN 72 /* flags */ #define MC_CMD_GET_PHY_CFG_OUT_FLAGS_OFST 0 +#define MC_CMD_GET_PHY_CFG_OUT_FLAGS_LEN 4 #define MC_CMD_GET_PHY_CFG_OUT_PRESENT_LBN 0 #define MC_CMD_GET_PHY_CFG_OUT_PRESENT_WIDTH 1 #define MC_CMD_GET_PHY_CFG_OUT_BIST_CABLE_SHORT_LBN 1 @@ -4948,8 +3048,10 @@ #define MC_CMD_GET_PHY_CFG_OUT_BIST_WIDTH 1 /* ?? */ #define MC_CMD_GET_PHY_CFG_OUT_TYPE_OFST 4 +#define MC_CMD_GET_PHY_CFG_OUT_TYPE_LEN 4 /* Bitmask of supported capabilities */ #define MC_CMD_GET_PHY_CFG_OUT_SUPPORTED_CAP_OFST 8 +#define MC_CMD_GET_PHY_CFG_OUT_SUPPORTED_CAP_LEN 4 #define MC_CMD_PHY_CAP_10HDX_LBN 1 #define MC_CMD_PHY_CAP_10HDX_WIDTH 1 #define MC_CMD_PHY_CAP_10FDX_LBN 2 @@ -4974,17 +3076,39 @@ #define MC_CMD_PHY_CAP_40000FDX_WIDTH 1 #define MC_CMD_PHY_CAP_DDM_LBN 12 #define MC_CMD_PHY_CAP_DDM_WIDTH 1 +#define MC_CMD_PHY_CAP_100000FDX_LBN 13 +#define MC_CMD_PHY_CAP_100000FDX_WIDTH 1 +#define MC_CMD_PHY_CAP_25000FDX_LBN 14 +#define MC_CMD_PHY_CAP_25000FDX_WIDTH 1 +#define MC_CMD_PHY_CAP_50000FDX_LBN 15 +#define MC_CMD_PHY_CAP_50000FDX_WIDTH 1 +#define MC_CMD_PHY_CAP_BASER_FEC_LBN 16 +#define MC_CMD_PHY_CAP_BASER_FEC_WIDTH 1 +#define MC_CMD_PHY_CAP_BASER_FEC_REQUESTED_LBN 17 +#define MC_CMD_PHY_CAP_BASER_FEC_REQUESTED_WIDTH 1 +#define MC_CMD_PHY_CAP_RS_FEC_LBN 18 +#define MC_CMD_PHY_CAP_RS_FEC_WIDTH 1 +#define MC_CMD_PHY_CAP_RS_FEC_REQUESTED_LBN 19 +#define MC_CMD_PHY_CAP_RS_FEC_REQUESTED_WIDTH 1 +#define MC_CMD_PHY_CAP_25G_BASER_FEC_LBN 20 +#define MC_CMD_PHY_CAP_25G_BASER_FEC_WIDTH 1 +#define MC_CMD_PHY_CAP_25G_BASER_FEC_REQUESTED_LBN 21 +#define MC_CMD_PHY_CAP_25G_BASER_FEC_REQUESTED_WIDTH 1 /* ?? */ #define MC_CMD_GET_PHY_CFG_OUT_CHANNEL_OFST 12 +#define MC_CMD_GET_PHY_CFG_OUT_CHANNEL_LEN 4 /* ?? */ #define MC_CMD_GET_PHY_CFG_OUT_PRT_OFST 16 +#define MC_CMD_GET_PHY_CFG_OUT_PRT_LEN 4 /* ?? */ #define MC_CMD_GET_PHY_CFG_OUT_STATS_MASK_OFST 20 +#define MC_CMD_GET_PHY_CFG_OUT_STATS_MASK_LEN 4 /* ?? */ #define MC_CMD_GET_PHY_CFG_OUT_NAME_OFST 24 #define MC_CMD_GET_PHY_CFG_OUT_NAME_LEN 20 /* ?? */ #define MC_CMD_GET_PHY_CFG_OUT_MEDIA_TYPE_OFST 44 +#define MC_CMD_GET_PHY_CFG_OUT_MEDIA_TYPE_LEN 4 /* enum: Xaui. */ #define MC_CMD_MEDIA_XAUI 0x1 /* enum: CX4. */ @@ -5000,6 +3124,7 @@ /* enum: QSFP+. */ #define MC_CMD_MEDIA_QSFP_PLUS 0x7 #define MC_CMD_GET_PHY_CFG_OUT_MMD_MASK_OFST 48 +#define MC_CMD_GET_PHY_CFG_OUT_MMD_MASK_LEN 4 /* enum: Native clause 22 */ #define MC_CMD_MMD_CLAUSE22 0x0 #define MC_CMD_MMD_CLAUSE45_PMAPMD 0x1 /* enum */ @@ -5025,12 +3150,13 @@ #define MC_CMD_START_BIST 0x25 #undef MC_CMD_0x25_PRIVILEGE_CTG -#define MC_CMD_0x25_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0x25_PRIVILEGE_CTG SRIOV_CTG_ADMIN_TSA_UNBOUND /* MC_CMD_START_BIST_IN msgrequest */ #define MC_CMD_START_BIST_IN_LEN 4 /* Type of test. */ #define MC_CMD_START_BIST_IN_TYPE_OFST 0 +#define MC_CMD_START_BIST_IN_TYPE_LEN 4 /* enum: Run the PHY's short cable BIST. */ #define MC_CMD_PHY_BIST_CABLE_SHORT 0x1 /* enum: Run the PHY's long cable BIST. */ @@ -5064,7 +3190,7 @@ #define MC_CMD_POLL_BIST 0x26 #undef MC_CMD_0x26_PRIVILEGE_CTG -#define MC_CMD_0x26_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0x26_PRIVILEGE_CTG SRIOV_CTG_ADMIN_TSA_UNBOUND /* MC_CMD_POLL_BIST_IN msgrequest */ #define MC_CMD_POLL_BIST_IN_LEN 0 @@ -5073,6 +3199,7 @@ #define MC_CMD_POLL_BIST_OUT_LEN 8 /* result */ #define MC_CMD_POLL_BIST_OUT_RESULT_OFST 0 +#define MC_CMD_POLL_BIST_OUT_RESULT_LEN 4 /* enum: Running. */ #define MC_CMD_POLL_BIST_RUNNING 0x1 /* enum: Passed. */ @@ -5082,19 +3209,26 @@ /* enum: Timed-out. */ #define MC_CMD_POLL_BIST_TIMEOUT 0x4 #define MC_CMD_POLL_BIST_OUT_PRIVATE_OFST 4 +#define MC_CMD_POLL_BIST_OUT_PRIVATE_LEN 4 /* MC_CMD_POLL_BIST_OUT_SFT9001 msgresponse */ #define MC_CMD_POLL_BIST_OUT_SFT9001_LEN 36 /* result */ /* MC_CMD_POLL_BIST_OUT_RESULT_OFST 0 */ +/* MC_CMD_POLL_BIST_OUT_RESULT_LEN 4 */ /* Enum values, see field(s): */ /* MC_CMD_POLL_BIST_OUT/MC_CMD_POLL_BIST_OUT_RESULT */ #define MC_CMD_POLL_BIST_OUT_SFT9001_CABLE_LENGTH_A_OFST 4 +#define MC_CMD_POLL_BIST_OUT_SFT9001_CABLE_LENGTH_A_LEN 4 #define MC_CMD_POLL_BIST_OUT_SFT9001_CABLE_LENGTH_B_OFST 8 +#define MC_CMD_POLL_BIST_OUT_SFT9001_CABLE_LENGTH_B_LEN 4 #define MC_CMD_POLL_BIST_OUT_SFT9001_CABLE_LENGTH_C_OFST 12 +#define MC_CMD_POLL_BIST_OUT_SFT9001_CABLE_LENGTH_C_LEN 4 #define MC_CMD_POLL_BIST_OUT_SFT9001_CABLE_LENGTH_D_OFST 16 +#define MC_CMD_POLL_BIST_OUT_SFT9001_CABLE_LENGTH_D_LEN 4 /* Status of each channel A */ #define MC_CMD_POLL_BIST_OUT_SFT9001_CABLE_STATUS_A_OFST 20 +#define MC_CMD_POLL_BIST_OUT_SFT9001_CABLE_STATUS_A_LEN 4 /* enum: Ok. */ #define MC_CMD_POLL_BIST_SFT9001_PAIR_OK 0x1 /* enum: Open. */ @@ -5107,14 +3241,17 @@ #define MC_CMD_POLL_BIST_SFT9001_PAIR_BUSY 0x9 /* Status of each channel B */ #define MC_CMD_POLL_BIST_OUT_SFT9001_CABLE_STATUS_B_OFST 24 +#define MC_CMD_POLL_BIST_OUT_SFT9001_CABLE_STATUS_B_LEN 4 /* Enum values, see field(s): */ /* CABLE_STATUS_A */ /* Status of each channel C */ #define MC_CMD_POLL_BIST_OUT_SFT9001_CABLE_STATUS_C_OFST 28 +#define MC_CMD_POLL_BIST_OUT_SFT9001_CABLE_STATUS_C_LEN 4 /* Enum values, see field(s): */ /* CABLE_STATUS_A */ /* Status of each channel D */ #define MC_CMD_POLL_BIST_OUT_SFT9001_CABLE_STATUS_D_OFST 32 +#define MC_CMD_POLL_BIST_OUT_SFT9001_CABLE_STATUS_D_LEN 4 /* Enum values, see field(s): */ /* CABLE_STATUS_A */ @@ -5122,9 +3259,11 @@ #define MC_CMD_POLL_BIST_OUT_MRSFP_LEN 8 /* result */ /* MC_CMD_POLL_BIST_OUT_RESULT_OFST 0 */ +/* MC_CMD_POLL_BIST_OUT_RESULT_LEN 4 */ /* Enum values, see field(s): */ /* MC_CMD_POLL_BIST_OUT/MC_CMD_POLL_BIST_OUT_RESULT */ #define MC_CMD_POLL_BIST_OUT_MRSFP_TEST_OFST 4 +#define MC_CMD_POLL_BIST_OUT_MRSFP_TEST_LEN 4 /* enum: Complete. */ #define MC_CMD_POLL_BIST_MRSFP_TEST_COMPLETE 0x0 /* enum: Bus switch off I2C write. */ @@ -5148,9 +3287,11 @@ #define MC_CMD_POLL_BIST_OUT_MEM_LEN 36 /* result */ /* MC_CMD_POLL_BIST_OUT_RESULT_OFST 0 */ +/* MC_CMD_POLL_BIST_OUT_RESULT_LEN 4 */ /* Enum values, see field(s): */ /* MC_CMD_POLL_BIST_OUT/MC_CMD_POLL_BIST_OUT_RESULT */ #define MC_CMD_POLL_BIST_OUT_MEM_TEST_OFST 4 +#define MC_CMD_POLL_BIST_OUT_MEM_TEST_LEN 4 /* enum: Test has completed. */ #define MC_CMD_POLL_BIST_MEM_COMPLETE 0x0 /* enum: RAM test - walk ones. */ @@ -5167,8 +3308,10 @@ #define MC_CMD_POLL_BIST_MEM_ECC 0x6 /* Failure address, only valid if result is POLL_BIST_FAILED */ #define MC_CMD_POLL_BIST_OUT_MEM_ADDR_OFST 8 +#define MC_CMD_POLL_BIST_OUT_MEM_ADDR_LEN 4 /* Bus or address space to which the failure address corresponds */ #define MC_CMD_POLL_BIST_OUT_MEM_BUS_OFST 12 +#define MC_CMD_POLL_BIST_OUT_MEM_BUS_LEN 4 /* enum: MC MIPS bus. */ #define MC_CMD_POLL_BIST_MEM_BUS_MC 0x0 /* enum: CSR IREG bus. */ @@ -5189,14 +3332,19 @@ #define MC_CMD_POLL_BIST_MEM_BUS_DICPU_RX1 0x8 /* Pattern written to RAM / register */ #define MC_CMD_POLL_BIST_OUT_MEM_EXPECT_OFST 16 +#define MC_CMD_POLL_BIST_OUT_MEM_EXPECT_LEN 4 /* Actual value read from RAM / register */ #define MC_CMD_POLL_BIST_OUT_MEM_ACTUAL_OFST 20 +#define MC_CMD_POLL_BIST_OUT_MEM_ACTUAL_LEN 4 /* ECC error mask */ #define MC_CMD_POLL_BIST_OUT_MEM_ECC_OFST 24 +#define MC_CMD_POLL_BIST_OUT_MEM_ECC_LEN 4 /* ECC parity error mask */ #define MC_CMD_POLL_BIST_OUT_MEM_ECC_PARITY_OFST 28 +#define MC_CMD_POLL_BIST_OUT_MEM_ECC_PARITY_LEN 4 /* ECC fatal error mask */ #define MC_CMD_POLL_BIST_OUT_MEM_ECC_FATAL_OFST 32 +#define MC_CMD_POLL_BIST_OUT_MEM_ECC_FATAL_LEN 4 /***********************************/ @@ -5243,83 +3391,83 @@ #define MC_CMD_GET_LOOPBACK_MODES_OUT_100M_LO_OFST 0 #define MC_CMD_GET_LOOPBACK_MODES_OUT_100M_HI_OFST 4 /* enum: None. */ -#define MC_CMD_LOOPBACK_NONE 0x0 +#define MC_CMD_LOOPBACK_NONE 0x0 /* enum: Data. */ -#define MC_CMD_LOOPBACK_DATA 0x1 +#define MC_CMD_LOOPBACK_DATA 0x1 /* enum: GMAC. */ -#define MC_CMD_LOOPBACK_GMAC 0x2 +#define MC_CMD_LOOPBACK_GMAC 0x2 /* enum: XGMII. */ #define MC_CMD_LOOPBACK_XGMII 0x3 /* enum: XGXS. */ -#define MC_CMD_LOOPBACK_XGXS 0x4 +#define MC_CMD_LOOPBACK_XGXS 0x4 /* enum: XAUI. */ -#define MC_CMD_LOOPBACK_XAUI 0x5 +#define MC_CMD_LOOPBACK_XAUI 0x5 /* enum: GMII. */ -#define MC_CMD_LOOPBACK_GMII 0x6 +#define MC_CMD_LOOPBACK_GMII 0x6 /* enum: SGMII. */ -#define MC_CMD_LOOPBACK_SGMII 0x7 +#define MC_CMD_LOOPBACK_SGMII 0x7 /* enum: XGBR. */ -#define MC_CMD_LOOPBACK_XGBR 0x8 +#define MC_CMD_LOOPBACK_XGBR 0x8 /* enum: XFI. */ -#define MC_CMD_LOOPBACK_XFI 0x9 +#define MC_CMD_LOOPBACK_XFI 0x9 /* enum: XAUI Far. */ -#define MC_CMD_LOOPBACK_XAUI_FAR 0xa +#define MC_CMD_LOOPBACK_XAUI_FAR 0xa /* enum: GMII Far. */ -#define MC_CMD_LOOPBACK_GMII_FAR 0xb +#define MC_CMD_LOOPBACK_GMII_FAR 0xb /* enum: SGMII Far. */ -#define MC_CMD_LOOPBACK_SGMII_FAR 0xc +#define MC_CMD_LOOPBACK_SGMII_FAR 0xc /* enum: XFI Far. */ -#define MC_CMD_LOOPBACK_XFI_FAR 0xd +#define MC_CMD_LOOPBACK_XFI_FAR 0xd /* enum: GPhy. */ -#define MC_CMD_LOOPBACK_GPHY 0xe +#define MC_CMD_LOOPBACK_GPHY 0xe /* enum: PhyXS. */ -#define MC_CMD_LOOPBACK_PHYXS 0xf +#define MC_CMD_LOOPBACK_PHYXS 0xf /* enum: PCS. */ -#define MC_CMD_LOOPBACK_PCS 0x10 +#define MC_CMD_LOOPBACK_PCS 0x10 /* enum: PMA-PMD. */ -#define MC_CMD_LOOPBACK_PMAPMD 0x11 +#define MC_CMD_LOOPBACK_PMAPMD 0x11 /* enum: Cross-Port. */ -#define MC_CMD_LOOPBACK_XPORT 0x12 +#define MC_CMD_LOOPBACK_XPORT 0x12 /* enum: XGMII-Wireside. */ -#define MC_CMD_LOOPBACK_XGMII_WS 0x13 +#define MC_CMD_LOOPBACK_XGMII_WS 0x13 /* enum: XAUI Wireside. */ -#define MC_CMD_LOOPBACK_XAUI_WS 0x14 +#define MC_CMD_LOOPBACK_XAUI_WS 0x14 /* enum: XAUI Wireside Far. */ -#define MC_CMD_LOOPBACK_XAUI_WS_FAR 0x15 +#define MC_CMD_LOOPBACK_XAUI_WS_FAR 0x15 /* enum: XAUI Wireside near. */ -#define MC_CMD_LOOPBACK_XAUI_WS_NEAR 0x16 +#define MC_CMD_LOOPBACK_XAUI_WS_NEAR 0x16 /* enum: GMII Wireside. */ -#define MC_CMD_LOOPBACK_GMII_WS 0x17 +#define MC_CMD_LOOPBACK_GMII_WS 0x17 /* enum: XFI Wireside. */ -#define MC_CMD_LOOPBACK_XFI_WS 0x18 +#define MC_CMD_LOOPBACK_XFI_WS 0x18 /* enum: XFI Wireside Far. */ -#define MC_CMD_LOOPBACK_XFI_WS_FAR 0x19 +#define MC_CMD_LOOPBACK_XFI_WS_FAR 0x19 /* enum: PhyXS Wireside. */ -#define MC_CMD_LOOPBACK_PHYXS_WS 0x1a +#define MC_CMD_LOOPBACK_PHYXS_WS 0x1a /* enum: PMA lanes MAC-Serdes. */ -#define MC_CMD_LOOPBACK_PMA_INT 0x1b +#define MC_CMD_LOOPBACK_PMA_INT 0x1b /* enum: KR Serdes Parallel (Encoder). */ -#define MC_CMD_LOOPBACK_SD_NEAR 0x1c +#define MC_CMD_LOOPBACK_SD_NEAR 0x1c /* enum: KR Serdes Serial. */ -#define MC_CMD_LOOPBACK_SD_FAR 0x1d +#define MC_CMD_LOOPBACK_SD_FAR 0x1d /* enum: PMA lanes MAC-Serdes Wireside. */ -#define MC_CMD_LOOPBACK_PMA_INT_WS 0x1e +#define MC_CMD_LOOPBACK_PMA_INT_WS 0x1e /* enum: KR Serdes Parallel Wireside (Full PCS). */ -#define MC_CMD_LOOPBACK_SD_FEP2_WS 0x1f +#define MC_CMD_LOOPBACK_SD_FEP2_WS 0x1f /* enum: KR Serdes Parallel Wireside (Sym Aligner to TX). */ -#define MC_CMD_LOOPBACK_SD_FEP1_5_WS 0x20 +#define MC_CMD_LOOPBACK_SD_FEP1_5_WS 0x20 /* enum: KR Serdes Parallel Wireside (Deserializer to Serializer). */ -#define MC_CMD_LOOPBACK_SD_FEP_WS 0x21 +#define MC_CMD_LOOPBACK_SD_FEP_WS 0x21 /* enum: KR Serdes Serial Wireside. */ -#define MC_CMD_LOOPBACK_SD_FES_WS 0x22 +#define MC_CMD_LOOPBACK_SD_FES_WS 0x22 /* enum: Near side of AOE Siena side port */ -#define MC_CMD_LOOPBACK_AOE_INT_NEAR 0x23 +#define MC_CMD_LOOPBACK_AOE_INT_NEAR 0x23 /* enum: Medford Wireside datapath loopback */ -#define MC_CMD_LOOPBACK_DATA_WS 0x24 +#define MC_CMD_LOOPBACK_DATA_WS 0x24 /* enum: Force link up without setting up any physical loopback (snapper use * only) */ -#define MC_CMD_LOOPBACK_FORCE_EXT_LINK 0x25 +#define MC_CMD_LOOPBACK_FORCE_EXT_LINK 0x25 /* Supported loopbacks. */ #define MC_CMD_GET_LOOPBACK_MODES_OUT_1G_OFST 8 #define MC_CMD_GET_LOOPBACK_MODES_OUT_1G_LEN 8 @@ -5349,6 +3497,174 @@ /* Enum values, see field(s): */ /* 100M */ +/* MC_CMD_GET_LOOPBACK_MODES_OUT_V2 msgresponse: Supported loopback modes for + * newer NICs with 25G/50G/100G support + */ +#define MC_CMD_GET_LOOPBACK_MODES_OUT_V2_LEN 64 +/* Supported loopbacks. */ +#define MC_CMD_GET_LOOPBACK_MODES_OUT_V2_100M_OFST 0 +#define MC_CMD_GET_LOOPBACK_MODES_OUT_V2_100M_LEN 8 +#define MC_CMD_GET_LOOPBACK_MODES_OUT_V2_100M_LO_OFST 0 +#define MC_CMD_GET_LOOPBACK_MODES_OUT_V2_100M_HI_OFST 4 +/* enum: None. */ +/* MC_CMD_LOOPBACK_NONE 0x0 */ +/* enum: Data. */ +/* MC_CMD_LOOPBACK_DATA 0x1 */ +/* enum: GMAC. */ +/* MC_CMD_LOOPBACK_GMAC 0x2 */ +/* enum: XGMII. */ +/* MC_CMD_LOOPBACK_XGMII 0x3 */ +/* enum: XGXS. */ +/* MC_CMD_LOOPBACK_XGXS 0x4 */ +/* enum: XAUI. */ +/* MC_CMD_LOOPBACK_XAUI 0x5 */ +/* enum: GMII. */ +/* MC_CMD_LOOPBACK_GMII 0x6 */ +/* enum: SGMII. */ +/* MC_CMD_LOOPBACK_SGMII 0x7 */ +/* enum: XGBR. */ +/* MC_CMD_LOOPBACK_XGBR 0x8 */ +/* enum: XFI. */ +/* MC_CMD_LOOPBACK_XFI 0x9 */ +/* enum: XAUI Far. */ +/* MC_CMD_LOOPBACK_XAUI_FAR 0xa */ +/* enum: GMII Far. */ +/* MC_CMD_LOOPBACK_GMII_FAR 0xb */ +/* enum: SGMII Far. */ +/* MC_CMD_LOOPBACK_SGMII_FAR 0xc */ +/* enum: XFI Far. */ +/* MC_CMD_LOOPBACK_XFI_FAR 0xd */ +/* enum: GPhy. */ +/* MC_CMD_LOOPBACK_GPHY 0xe */ +/* enum: PhyXS. */ +/* MC_CMD_LOOPBACK_PHYXS 0xf */ +/* enum: PCS. */ +/* MC_CMD_LOOPBACK_PCS 0x10 */ +/* enum: PMA-PMD. */ +/* MC_CMD_LOOPBACK_PMAPMD 0x11 */ +/* enum: Cross-Port. */ +/* MC_CMD_LOOPBACK_XPORT 0x12 */ +/* enum: XGMII-Wireside. */ +/* MC_CMD_LOOPBACK_XGMII_WS 0x13 */ +/* enum: XAUI Wireside. */ +/* MC_CMD_LOOPBACK_XAUI_WS 0x14 */ +/* enum: XAUI Wireside Far. */ +/* MC_CMD_LOOPBACK_XAUI_WS_FAR 0x15 */ +/* enum: XAUI Wireside near. */ +/* MC_CMD_LOOPBACK_XAUI_WS_NEAR 0x16 */ +/* enum: GMII Wireside. */ +/* MC_CMD_LOOPBACK_GMII_WS 0x17 */ +/* enum: XFI Wireside. */ +/* MC_CMD_LOOPBACK_XFI_WS 0x18 */ +/* enum: XFI Wireside Far. */ +/* MC_CMD_LOOPBACK_XFI_WS_FAR 0x19 */ +/* enum: PhyXS Wireside. */ +/* MC_CMD_LOOPBACK_PHYXS_WS 0x1a */ +/* enum: PMA lanes MAC-Serdes. */ +/* MC_CMD_LOOPBACK_PMA_INT 0x1b */ +/* enum: KR Serdes Parallel (Encoder). */ +/* MC_CMD_LOOPBACK_SD_NEAR 0x1c */ +/* enum: KR Serdes Serial. */ +/* MC_CMD_LOOPBACK_SD_FAR 0x1d */ +/* enum: PMA lanes MAC-Serdes Wireside. */ +/* MC_CMD_LOOPBACK_PMA_INT_WS 0x1e */ +/* enum: KR Serdes Parallel Wireside (Full PCS). */ +/* MC_CMD_LOOPBACK_SD_FEP2_WS 0x1f */ +/* enum: KR Serdes Parallel Wireside (Sym Aligner to TX). */ +/* MC_CMD_LOOPBACK_SD_FEP1_5_WS 0x20 */ +/* enum: KR Serdes Parallel Wireside (Deserializer to Serializer). */ +/* MC_CMD_LOOPBACK_SD_FEP_WS 0x21 */ +/* enum: KR Serdes Serial Wireside. */ +/* MC_CMD_LOOPBACK_SD_FES_WS 0x22 */ +/* enum: Near side of AOE Siena side port */ +/* MC_CMD_LOOPBACK_AOE_INT_NEAR 0x23 */ +/* enum: Medford Wireside datapath loopback */ +/* MC_CMD_LOOPBACK_DATA_WS 0x24 */ +/* enum: Force link up without setting up any physical loopback (snapper use + * only) + */ +/* MC_CMD_LOOPBACK_FORCE_EXT_LINK 0x25 */ +/* Supported loopbacks. */ +#define MC_CMD_GET_LOOPBACK_MODES_OUT_V2_1G_OFST 8 +#define MC_CMD_GET_LOOPBACK_MODES_OUT_V2_1G_LEN 8 +#define MC_CMD_GET_LOOPBACK_MODES_OUT_V2_1G_LO_OFST 8 +#define MC_CMD_GET_LOOPBACK_MODES_OUT_V2_1G_HI_OFST 12 +/* Enum values, see field(s): */ +/* 100M */ +/* Supported loopbacks. */ +#define MC_CMD_GET_LOOPBACK_MODES_OUT_V2_10G_OFST 16 +#define MC_CMD_GET_LOOPBACK_MODES_OUT_V2_10G_LEN 8 +#define MC_CMD_GET_LOOPBACK_MODES_OUT_V2_10G_LO_OFST 16 +#define MC_CMD_GET_LOOPBACK_MODES_OUT_V2_10G_HI_OFST 20 +/* Enum values, see field(s): */ +/* 100M */ +/* Supported loopbacks. */ +#define MC_CMD_GET_LOOPBACK_MODES_OUT_V2_SUGGESTED_OFST 24 +#define MC_CMD_GET_LOOPBACK_MODES_OUT_V2_SUGGESTED_LEN 8 +#define MC_CMD_GET_LOOPBACK_MODES_OUT_V2_SUGGESTED_LO_OFST 24 +#define MC_CMD_GET_LOOPBACK_MODES_OUT_V2_SUGGESTED_HI_OFST 28 +/* Enum values, see field(s): */ +/* 100M */ +/* Supported loopbacks. */ +#define MC_CMD_GET_LOOPBACK_MODES_OUT_V2_40G_OFST 32 +#define MC_CMD_GET_LOOPBACK_MODES_OUT_V2_40G_LEN 8 +#define MC_CMD_GET_LOOPBACK_MODES_OUT_V2_40G_LO_OFST 32 +#define MC_CMD_GET_LOOPBACK_MODES_OUT_V2_40G_HI_OFST 36 +/* Enum values, see field(s): */ +/* 100M */ +/* Supported 25G loopbacks. */ +#define MC_CMD_GET_LOOPBACK_MODES_OUT_V2_25G_OFST 40 +#define MC_CMD_GET_LOOPBACK_MODES_OUT_V2_25G_LEN 8 +#define MC_CMD_GET_LOOPBACK_MODES_OUT_V2_25G_LO_OFST 40 +#define MC_CMD_GET_LOOPBACK_MODES_OUT_V2_25G_HI_OFST 44 +/* Enum values, see field(s): */ +/* 100M */ +/* Supported 50 loopbacks. */ +#define MC_CMD_GET_LOOPBACK_MODES_OUT_V2_50G_OFST 48 +#define MC_CMD_GET_LOOPBACK_MODES_OUT_V2_50G_LEN 8 +#define MC_CMD_GET_LOOPBACK_MODES_OUT_V2_50G_LO_OFST 48 +#define MC_CMD_GET_LOOPBACK_MODES_OUT_V2_50G_HI_OFST 52 +/* Enum values, see field(s): */ +/* 100M */ +/* Supported 100G loopbacks. */ +#define MC_CMD_GET_LOOPBACK_MODES_OUT_V2_100G_OFST 56 +#define MC_CMD_GET_LOOPBACK_MODES_OUT_V2_100G_LEN 8 +#define MC_CMD_GET_LOOPBACK_MODES_OUT_V2_100G_LO_OFST 56 +#define MC_CMD_GET_LOOPBACK_MODES_OUT_V2_100G_HI_OFST 60 +/* Enum values, see field(s): */ +/* 100M */ + +/* AN_TYPE structuredef: Auto-negotiation types defined in IEEE802.3 */ +#define AN_TYPE_LEN 4 +#define AN_TYPE_TYPE_OFST 0 +#define AN_TYPE_TYPE_LEN 4 +/* enum: None, AN disabled or not supported */ +#define MC_CMD_AN_NONE 0x0 +/* enum: Clause 28 - BASE-T */ +#define MC_CMD_AN_CLAUSE28 0x1 +/* enum: Clause 37 - BASE-X */ +#define MC_CMD_AN_CLAUSE37 0x2 +/* enum: Clause 73 - BASE-R startup protocol for backplane and copper cable + * assemblies. Includes Clause 72/Clause 92 link-training. + */ +#define MC_CMD_AN_CLAUSE73 0x3 +#define AN_TYPE_TYPE_LBN 0 +#define AN_TYPE_TYPE_WIDTH 32 + +/* FEC_TYPE structuredef: Forward error correction types defined in IEEE802.3 + */ +#define FEC_TYPE_LEN 4 +#define FEC_TYPE_TYPE_OFST 0 +#define FEC_TYPE_TYPE_LEN 4 +/* enum: No FEC */ +#define MC_CMD_FEC_NONE 0x0 +/* enum: Clause 74 BASE-R FEC (a.k.a Firecode) */ +#define MC_CMD_FEC_BASER 0x1 +/* enum: Clause 91/Clause 108 Reed-Solomon FEC */ +#define MC_CMD_FEC_RS 0x2 +#define FEC_TYPE_TYPE_LBN 0 +#define FEC_TYPE_TYPE_WIDTH 32 + /***********************************/ /* MC_CMD_GET_LINK @@ -5365,19 +3681,28 @@ /* MC_CMD_GET_LINK_OUT msgresponse */ #define MC_CMD_GET_LINK_OUT_LEN 28 -/* near-side advertised capabilities */ +/* Near-side advertised capabilities. Refer to + * MC_CMD_GET_PHY_CFG_OUT/SUPPORTED_CAP for bit definitions. + */ #define MC_CMD_GET_LINK_OUT_CAP_OFST 0 -/* link-partner advertised capabilities */ +#define MC_CMD_GET_LINK_OUT_CAP_LEN 4 +/* Link-partner advertised capabilities. Refer to + * MC_CMD_GET_PHY_CFG_OUT/SUPPORTED_CAP for bit definitions. + */ #define MC_CMD_GET_LINK_OUT_LP_CAP_OFST 4 +#define MC_CMD_GET_LINK_OUT_LP_CAP_LEN 4 /* Autonegotiated speed in mbit/s. The link may still be down even if this * reads non-zero. */ #define MC_CMD_GET_LINK_OUT_LINK_SPEED_OFST 8 +#define MC_CMD_GET_LINK_OUT_LINK_SPEED_LEN 4 /* Current loopback setting. */ #define MC_CMD_GET_LINK_OUT_LOOPBACK_MODE_OFST 12 +#define MC_CMD_GET_LINK_OUT_LOOPBACK_MODE_LEN 4 /* Enum values, see field(s): */ /* MC_CMD_GET_LOOPBACK_MODES/MC_CMD_GET_LOOPBACK_MODES_OUT/100M */ #define MC_CMD_GET_LINK_OUT_FLAGS_OFST 16 +#define MC_CMD_GET_LINK_OUT_FLAGS_LEN 4 #define MC_CMD_GET_LINK_OUT_LINK_UP_LBN 0 #define MC_CMD_GET_LINK_OUT_LINK_UP_WIDTH 1 #define MC_CMD_GET_LINK_OUT_FULL_DUPLEX_LBN 1 @@ -5392,9 +3717,11 @@ #define MC_CMD_GET_LINK_OUT_LINK_FAULT_TX_WIDTH 1 /* This returns the negotiated flow control value. */ #define MC_CMD_GET_LINK_OUT_FCNTL_OFST 20 +#define MC_CMD_GET_LINK_OUT_FCNTL_LEN 4 /* Enum values, see field(s): */ /* MC_CMD_SET_MAC/MC_CMD_SET_MAC_IN/FCNTL */ #define MC_CMD_GET_LINK_OUT_MAC_FAULT_OFST 24 +#define MC_CMD_GET_LINK_OUT_MAC_FAULT_LEN 4 #define MC_CMD_MAC_FAULT_XGMII_LOCAL_LBN 0 #define MC_CMD_MAC_FAULT_XGMII_LOCAL_WIDTH 1 #define MC_CMD_MAC_FAULT_XGMII_REMOTE_LBN 1 @@ -5404,6 +3731,97 @@ #define MC_CMD_MAC_FAULT_PENDING_RECONFIG_LBN 3 #define MC_CMD_MAC_FAULT_PENDING_RECONFIG_WIDTH 1 +/* MC_CMD_GET_LINK_OUT_V2 msgresponse: Extended link state information */ +#define MC_CMD_GET_LINK_OUT_V2_LEN 44 +/* Near-side advertised capabilities. Refer to + * MC_CMD_GET_PHY_CFG_OUT/SUPPORTED_CAP for bit definitions. + */ +#define MC_CMD_GET_LINK_OUT_V2_CAP_OFST 0 +#define MC_CMD_GET_LINK_OUT_V2_CAP_LEN 4 +/* Link-partner advertised capabilities. Refer to + * MC_CMD_GET_PHY_CFG_OUT/SUPPORTED_CAP for bit definitions. + */ +#define MC_CMD_GET_LINK_OUT_V2_LP_CAP_OFST 4 +#define MC_CMD_GET_LINK_OUT_V2_LP_CAP_LEN 4 +/* Autonegotiated speed in mbit/s. The link may still be down even if this + * reads non-zero. + */ +#define MC_CMD_GET_LINK_OUT_V2_LINK_SPEED_OFST 8 +#define MC_CMD_GET_LINK_OUT_V2_LINK_SPEED_LEN 4 +/* Current loopback setting. */ +#define MC_CMD_GET_LINK_OUT_V2_LOOPBACK_MODE_OFST 12 +#define MC_CMD_GET_LINK_OUT_V2_LOOPBACK_MODE_LEN 4 +/* Enum values, see field(s): */ +/* MC_CMD_GET_LOOPBACK_MODES/MC_CMD_GET_LOOPBACK_MODES_OUT/100M */ +#define MC_CMD_GET_LINK_OUT_V2_FLAGS_OFST 16 +#define MC_CMD_GET_LINK_OUT_V2_FLAGS_LEN 4 +#define MC_CMD_GET_LINK_OUT_V2_LINK_UP_LBN 0 +#define MC_CMD_GET_LINK_OUT_V2_LINK_UP_WIDTH 1 +#define MC_CMD_GET_LINK_OUT_V2_FULL_DUPLEX_LBN 1 +#define MC_CMD_GET_LINK_OUT_V2_FULL_DUPLEX_WIDTH 1 +#define MC_CMD_GET_LINK_OUT_V2_BPX_LINK_LBN 2 +#define MC_CMD_GET_LINK_OUT_V2_BPX_LINK_WIDTH 1 +#define MC_CMD_GET_LINK_OUT_V2_PHY_LINK_LBN 3 +#define MC_CMD_GET_LINK_OUT_V2_PHY_LINK_WIDTH 1 +#define MC_CMD_GET_LINK_OUT_V2_LINK_FAULT_RX_LBN 6 +#define MC_CMD_GET_LINK_OUT_V2_LINK_FAULT_RX_WIDTH 1 +#define MC_CMD_GET_LINK_OUT_V2_LINK_FAULT_TX_LBN 7 +#define MC_CMD_GET_LINK_OUT_V2_LINK_FAULT_TX_WIDTH 1 +/* This returns the negotiated flow control value. */ +#define MC_CMD_GET_LINK_OUT_V2_FCNTL_OFST 20 +#define MC_CMD_GET_LINK_OUT_V2_FCNTL_LEN 4 +/* Enum values, see field(s): */ +/* MC_CMD_SET_MAC/MC_CMD_SET_MAC_IN/FCNTL */ +#define MC_CMD_GET_LINK_OUT_V2_MAC_FAULT_OFST 24 +#define MC_CMD_GET_LINK_OUT_V2_MAC_FAULT_LEN 4 +/* MC_CMD_MAC_FAULT_XGMII_LOCAL_LBN 0 */ +/* MC_CMD_MAC_FAULT_XGMII_LOCAL_WIDTH 1 */ +/* MC_CMD_MAC_FAULT_XGMII_REMOTE_LBN 1 */ +/* MC_CMD_MAC_FAULT_XGMII_REMOTE_WIDTH 1 */ +/* MC_CMD_MAC_FAULT_SGMII_REMOTE_LBN 2 */ +/* MC_CMD_MAC_FAULT_SGMII_REMOTE_WIDTH 1 */ +/* MC_CMD_MAC_FAULT_PENDING_RECONFIG_LBN 3 */ +/* MC_CMD_MAC_FAULT_PENDING_RECONFIG_WIDTH 1 */ +/* True local device capabilities (taking into account currently used PMD/MDI, + * e.g. plugged-in module). In general, subset of + * MC_CMD_GET_PHY_CFG_OUT/SUPPORTED_CAP, but may include extra _FEC_REQUEST + * bits, if the PMD requires FEC. 0 if unknown (e.g. module unplugged). Equal + * to SUPPORTED_CAP for non-pluggable PMDs. Refer to + * MC_CMD_GET_PHY_CFG_OUT/SUPPORTED_CAP for bit definitions. + */ +#define MC_CMD_GET_LINK_OUT_V2_LD_CAP_OFST 28 +#define MC_CMD_GET_LINK_OUT_V2_LD_CAP_LEN 4 +/* Auto-negotiation type used on the link */ +#define MC_CMD_GET_LINK_OUT_V2_AN_TYPE_OFST 32 +#define MC_CMD_GET_LINK_OUT_V2_AN_TYPE_LEN 4 +/* Enum values, see field(s): */ +/* AN_TYPE/TYPE */ +/* Forward error correction used on the link */ +#define MC_CMD_GET_LINK_OUT_V2_FEC_TYPE_OFST 36 +#define MC_CMD_GET_LINK_OUT_V2_FEC_TYPE_LEN 4 +/* Enum values, see field(s): */ +/* FEC_TYPE/TYPE */ +#define MC_CMD_GET_LINK_OUT_V2_EXT_FLAGS_OFST 40 +#define MC_CMD_GET_LINK_OUT_V2_EXT_FLAGS_LEN 4 +#define MC_CMD_GET_LINK_OUT_V2_PMD_MDI_CONNECTED_LBN 0 +#define MC_CMD_GET_LINK_OUT_V2_PMD_MDI_CONNECTED_WIDTH 1 +#define MC_CMD_GET_LINK_OUT_V2_PMD_READY_LBN 1 +#define MC_CMD_GET_LINK_OUT_V2_PMD_READY_WIDTH 1 +#define MC_CMD_GET_LINK_OUT_V2_PMD_LINK_UP_LBN 2 +#define MC_CMD_GET_LINK_OUT_V2_PMD_LINK_UP_WIDTH 1 +#define MC_CMD_GET_LINK_OUT_V2_PMA_LINK_UP_LBN 3 +#define MC_CMD_GET_LINK_OUT_V2_PMA_LINK_UP_WIDTH 1 +#define MC_CMD_GET_LINK_OUT_V2_PCS_LOCK_LBN 4 +#define MC_CMD_GET_LINK_OUT_V2_PCS_LOCK_WIDTH 1 +#define MC_CMD_GET_LINK_OUT_V2_ALIGN_LOCK_LBN 5 +#define MC_CMD_GET_LINK_OUT_V2_ALIGN_LOCK_WIDTH 1 +#define MC_CMD_GET_LINK_OUT_V2_HI_BER_LBN 6 +#define MC_CMD_GET_LINK_OUT_V2_HI_BER_WIDTH 1 +#define MC_CMD_GET_LINK_OUT_V2_FEC_LOCK_LBN 7 +#define MC_CMD_GET_LINK_OUT_V2_FEC_LOCK_WIDTH 1 +#define MC_CMD_GET_LINK_OUT_V2_AN_DONE_LBN 8 +#define MC_CMD_GET_LINK_OUT_V2_AN_DONE_WIDTH 1 + /***********************************/ /* MC_CMD_SET_LINK @@ -5417,10 +3835,14 @@ /* MC_CMD_SET_LINK_IN msgrequest */ #define MC_CMD_SET_LINK_IN_LEN 16 -/* ??? */ +/* Near-side advertised capabilities. Refer to + * MC_CMD_GET_PHY_CFG_OUT/SUPPORTED_CAP for bit definitions. + */ #define MC_CMD_SET_LINK_IN_CAP_OFST 0 +#define MC_CMD_SET_LINK_IN_CAP_LEN 4 /* Flags */ #define MC_CMD_SET_LINK_IN_FLAGS_OFST 4 +#define MC_CMD_SET_LINK_IN_FLAGS_LEN 4 #define MC_CMD_SET_LINK_IN_LOWPOWER_LBN 0 #define MC_CMD_SET_LINK_IN_LOWPOWER_WIDTH 1 #define MC_CMD_SET_LINK_IN_POWEROFF_LBN 1 @@ -5429,12 +3851,14 @@ #define MC_CMD_SET_LINK_IN_TXDIS_WIDTH 1 /* Loopback mode. */ #define MC_CMD_SET_LINK_IN_LOOPBACK_MODE_OFST 8 +#define MC_CMD_SET_LINK_IN_LOOPBACK_MODE_LEN 4 /* Enum values, see field(s): */ /* MC_CMD_GET_LOOPBACK_MODES/MC_CMD_GET_LOOPBACK_MODES_OUT/100M */ /* A loopback speed of "0" is supported, and means (choose any available * speed). */ #define MC_CMD_SET_LINK_IN_LOOPBACK_SPEED_OFST 12 +#define MC_CMD_SET_LINK_IN_LOOPBACK_SPEED_LEN 4 /* MC_CMD_SET_LINK_OUT msgresponse */ #define MC_CMD_SET_LINK_OUT_LEN 0 @@ -5453,9 +3877,10 @@ #define MC_CMD_SET_ID_LED_IN_LEN 4 /* Set LED state. */ #define MC_CMD_SET_ID_LED_IN_STATE_OFST 0 -#define MC_CMD_LED_OFF 0x0 /* enum */ -#define MC_CMD_LED_ON 0x1 /* enum */ -#define MC_CMD_LED_DEFAULT 0x2 /* enum */ +#define MC_CMD_SET_ID_LED_IN_STATE_LEN 4 +#define MC_CMD_LED_OFF 0x0 /* enum */ +#define MC_CMD_LED_ON 0x1 /* enum */ +#define MC_CMD_LED_DEFAULT 0x2 /* enum */ /* MC_CMD_SET_ID_LED_OUT msgresponse */ #define MC_CMD_SET_ID_LED_OUT_LEN 0 @@ -5476,17 +3901,21 @@ * EtherII, VLAN, bug16011 padding). */ #define MC_CMD_SET_MAC_IN_MTU_OFST 0 +#define MC_CMD_SET_MAC_IN_MTU_LEN 4 #define MC_CMD_SET_MAC_IN_DRAIN_OFST 4 +#define MC_CMD_SET_MAC_IN_DRAIN_LEN 4 #define MC_CMD_SET_MAC_IN_ADDR_OFST 8 #define MC_CMD_SET_MAC_IN_ADDR_LEN 8 #define MC_CMD_SET_MAC_IN_ADDR_LO_OFST 8 #define MC_CMD_SET_MAC_IN_ADDR_HI_OFST 12 #define MC_CMD_SET_MAC_IN_REJECT_OFST 16 +#define MC_CMD_SET_MAC_IN_REJECT_LEN 4 #define MC_CMD_SET_MAC_IN_REJECT_UNCST_LBN 0 #define MC_CMD_SET_MAC_IN_REJECT_UNCST_WIDTH 1 #define MC_CMD_SET_MAC_IN_REJECT_BRDCST_LBN 1 #define MC_CMD_SET_MAC_IN_REJECT_BRDCST_WIDTH 1 #define MC_CMD_SET_MAC_IN_FCNTL_OFST 20 +#define MC_CMD_SET_MAC_IN_FCNTL_LEN 4 /* enum: Flow control is off. */ #define MC_CMD_FCNTL_OFF 0x0 /* enum: Respond to flow control. */ @@ -5500,6 +3929,7 @@ /* enum: Issue flow control. */ #define MC_CMD_FCNTL_GENERATE 0x5 #define MC_CMD_SET_MAC_IN_FLAGS_OFST 24 +#define MC_CMD_SET_MAC_IN_FLAGS_LEN 4 #define MC_CMD_SET_MAC_IN_FLAG_INCLUDE_FCS_LBN 0 #define MC_CMD_SET_MAC_IN_FLAG_INCLUDE_FCS_WIDTH 1 @@ -5509,17 +3939,21 @@ * EtherII, VLAN, bug16011 padding). */ #define MC_CMD_SET_MAC_EXT_IN_MTU_OFST 0 +#define MC_CMD_SET_MAC_EXT_IN_MTU_LEN 4 #define MC_CMD_SET_MAC_EXT_IN_DRAIN_OFST 4 +#define MC_CMD_SET_MAC_EXT_IN_DRAIN_LEN 4 #define MC_CMD_SET_MAC_EXT_IN_ADDR_OFST 8 #define MC_CMD_SET_MAC_EXT_IN_ADDR_LEN 8 #define MC_CMD_SET_MAC_EXT_IN_ADDR_LO_OFST 8 #define MC_CMD_SET_MAC_EXT_IN_ADDR_HI_OFST 12 #define MC_CMD_SET_MAC_EXT_IN_REJECT_OFST 16 +#define MC_CMD_SET_MAC_EXT_IN_REJECT_LEN 4 #define MC_CMD_SET_MAC_EXT_IN_REJECT_UNCST_LBN 0 #define MC_CMD_SET_MAC_EXT_IN_REJECT_UNCST_WIDTH 1 #define MC_CMD_SET_MAC_EXT_IN_REJECT_BRDCST_LBN 1 #define MC_CMD_SET_MAC_EXT_IN_REJECT_BRDCST_WIDTH 1 #define MC_CMD_SET_MAC_EXT_IN_FCNTL_OFST 20 +#define MC_CMD_SET_MAC_EXT_IN_FCNTL_LEN 4 /* enum: Flow control is off. */ /* MC_CMD_FCNTL_OFF 0x0 */ /* enum: Respond to flow control. */ @@ -5533,6 +3967,7 @@ /* enum: Issue flow control. */ /* MC_CMD_FCNTL_GENERATE 0x5 */ #define MC_CMD_SET_MAC_EXT_IN_FLAGS_OFST 24 +#define MC_CMD_SET_MAC_EXT_IN_FLAGS_LEN 4 #define MC_CMD_SET_MAC_EXT_IN_FLAG_INCLUDE_FCS_LBN 0 #define MC_CMD_SET_MAC_EXT_IN_FLAG_INCLUDE_FCS_WIDTH 1 /* Select which parameters to configure. A parameter will only be modified if @@ -5541,6 +3976,7 @@ * set). */ #define MC_CMD_SET_MAC_EXT_IN_CONTROL_OFST 28 +#define MC_CMD_SET_MAC_EXT_IN_CONTROL_LEN 4 #define MC_CMD_SET_MAC_EXT_IN_CFG_MTU_LBN 0 #define MC_CMD_SET_MAC_EXT_IN_CFG_MTU_WIDTH 1 #define MC_CMD_SET_MAC_EXT_IN_CFG_DRAIN_LBN 1 @@ -5562,6 +3998,7 @@ * to 0. */ #define MC_CMD_SET_MAC_V2_OUT_MTU_OFST 0 +#define MC_CMD_SET_MAC_V2_OUT_MTU_LEN 4 /***********************************/ @@ -5595,53 +4032,53 @@ #define MC_CMD_PHY_STATS_OUT_NO_DMA_STATISTICS_LEN 4 #define MC_CMD_PHY_STATS_OUT_NO_DMA_STATISTICS_NUM MC_CMD_PHY_NSTATS /* enum: OUI. */ -#define MC_CMD_OUI 0x0 +#define MC_CMD_OUI 0x0 /* enum: PMA-PMD Link Up. */ -#define MC_CMD_PMA_PMD_LINK_UP 0x1 +#define MC_CMD_PMA_PMD_LINK_UP 0x1 /* enum: PMA-PMD RX Fault. */ -#define MC_CMD_PMA_PMD_RX_FAULT 0x2 +#define MC_CMD_PMA_PMD_RX_FAULT 0x2 /* enum: PMA-PMD TX Fault. */ -#define MC_CMD_PMA_PMD_TX_FAULT 0x3 +#define MC_CMD_PMA_PMD_TX_FAULT 0x3 /* enum: PMA-PMD Signal */ -#define MC_CMD_PMA_PMD_SIGNAL 0x4 +#define MC_CMD_PMA_PMD_SIGNAL 0x4 /* enum: PMA-PMD SNR A. */ -#define MC_CMD_PMA_PMD_SNR_A 0x5 +#define MC_CMD_PMA_PMD_SNR_A 0x5 /* enum: PMA-PMD SNR B. */ -#define MC_CMD_PMA_PMD_SNR_B 0x6 +#define MC_CMD_PMA_PMD_SNR_B 0x6 /* enum: PMA-PMD SNR C. */ -#define MC_CMD_PMA_PMD_SNR_C 0x7 +#define MC_CMD_PMA_PMD_SNR_C 0x7 /* enum: PMA-PMD SNR D. */ -#define MC_CMD_PMA_PMD_SNR_D 0x8 +#define MC_CMD_PMA_PMD_SNR_D 0x8 /* enum: PCS Link Up. */ -#define MC_CMD_PCS_LINK_UP 0x9 +#define MC_CMD_PCS_LINK_UP 0x9 /* enum: PCS RX Fault. */ -#define MC_CMD_PCS_RX_FAULT 0xa +#define MC_CMD_PCS_RX_FAULT 0xa /* enum: PCS TX Fault. */ -#define MC_CMD_PCS_TX_FAULT 0xb +#define MC_CMD_PCS_TX_FAULT 0xb /* enum: PCS BER. */ -#define MC_CMD_PCS_BER 0xc +#define MC_CMD_PCS_BER 0xc /* enum: PCS Block Errors. */ -#define MC_CMD_PCS_BLOCK_ERRORS 0xd +#define MC_CMD_PCS_BLOCK_ERRORS 0xd /* enum: PhyXS Link Up. */ -#define MC_CMD_PHYXS_LINK_UP 0xe +#define MC_CMD_PHYXS_LINK_UP 0xe /* enum: PhyXS RX Fault. */ -#define MC_CMD_PHYXS_RX_FAULT 0xf +#define MC_CMD_PHYXS_RX_FAULT 0xf /* enum: PhyXS TX Fault. */ -#define MC_CMD_PHYXS_TX_FAULT 0x10 +#define MC_CMD_PHYXS_TX_FAULT 0x10 /* enum: PhyXS Align. */ -#define MC_CMD_PHYXS_ALIGN 0x11 +#define MC_CMD_PHYXS_ALIGN 0x11 /* enum: PhyXS Sync. */ -#define MC_CMD_PHYXS_SYNC 0x12 +#define MC_CMD_PHYXS_SYNC 0x12 /* enum: AN link-up. */ -#define MC_CMD_AN_LINK_UP 0x13 +#define MC_CMD_AN_LINK_UP 0x13 /* enum: AN Complete. */ -#define MC_CMD_AN_COMPLETE 0x14 +#define MC_CMD_AN_COMPLETE 0x14 /* enum: AN 10GBaseT Status. */ -#define MC_CMD_AN_10GBT_STATUS 0x15 +#define MC_CMD_AN_10GBT_STATUS 0x15 /* enum: Clause 22 Link-Up. */ -#define MC_CMD_CL22_LINK_UP 0x16 +#define MC_CMD_CL22_LINK_UP 0x16 /* enum: (Last entry) */ -#define MC_CMD_PHY_NSTATS 0x17 +#define MC_CMD_PHY_NSTATS 0x17 /***********************************/ @@ -5668,6 +4105,7 @@ #define MC_CMD_MAC_STATS_IN_DMA_ADDR_LO_OFST 0 #define MC_CMD_MAC_STATS_IN_DMA_ADDR_HI_OFST 4 #define MC_CMD_MAC_STATS_IN_CMD_OFST 8 +#define MC_CMD_MAC_STATS_IN_CMD_LEN 4 #define MC_CMD_MAC_STATS_IN_DMA_LBN 0 #define MC_CMD_MAC_STATS_IN_DMA_WIDTH 1 #define MC_CMD_MAC_STATS_IN_CLEAR_LBN 1 @@ -5682,9 +4120,16 @@ #define MC_CMD_MAC_STATS_IN_PERIODIC_NOEVENT_WIDTH 1 #define MC_CMD_MAC_STATS_IN_PERIOD_MS_LBN 16 #define MC_CMD_MAC_STATS_IN_PERIOD_MS_WIDTH 16 +/* DMA length. Should be set to MAC_STATS_NUM_STATS * sizeof(uint64_t), as + * returned by MC_CMD_GET_CAPABILITIES_V4_OUT. For legacy firmware not + * supporting MC_CMD_GET_CAPABILITIES_V4_OUT, DMA_LEN should be set to + * MC_CMD_MAC_NSTATS * sizeof(uint64_t) + */ #define MC_CMD_MAC_STATS_IN_DMA_LEN_OFST 12 +#define MC_CMD_MAC_STATS_IN_DMA_LEN_LEN 4 /* port id so vadapter stats can be provided */ #define MC_CMD_MAC_STATS_IN_PORT_ID_OFST 16 +#define MC_CMD_MAC_STATS_IN_PORT_ID_LEN 4 /* MC_CMD_MAC_STATS_OUT_DMA msgresponse */ #define MC_CMD_MAC_STATS_OUT_DMA_LEN 0 @@ -5696,141 +4141,289 @@ #define MC_CMD_MAC_STATS_OUT_NO_DMA_STATISTICS_LO_OFST 0 #define MC_CMD_MAC_STATS_OUT_NO_DMA_STATISTICS_HI_OFST 4 #define MC_CMD_MAC_STATS_OUT_NO_DMA_STATISTICS_NUM MC_CMD_MAC_NSTATS -#define MC_CMD_MAC_GENERATION_START 0x0 /* enum */ -#define MC_CMD_MAC_DMABUF_START 0x1 /* enum */ -#define MC_CMD_MAC_TX_PKTS 0x1 /* enum */ -#define MC_CMD_MAC_TX_PAUSE_PKTS 0x2 /* enum */ -#define MC_CMD_MAC_TX_CONTROL_PKTS 0x3 /* enum */ -#define MC_CMD_MAC_TX_UNICAST_PKTS 0x4 /* enum */ -#define MC_CMD_MAC_TX_MULTICAST_PKTS 0x5 /* enum */ -#define MC_CMD_MAC_TX_BROADCAST_PKTS 0x6 /* enum */ -#define MC_CMD_MAC_TX_BYTES 0x7 /* enum */ -#define MC_CMD_MAC_TX_BAD_BYTES 0x8 /* enum */ -#define MC_CMD_MAC_TX_LT64_PKTS 0x9 /* enum */ -#define MC_CMD_MAC_TX_64_PKTS 0xa /* enum */ -#define MC_CMD_MAC_TX_65_TO_127_PKTS 0xb /* enum */ -#define MC_CMD_MAC_TX_128_TO_255_PKTS 0xc /* enum */ -#define MC_CMD_MAC_TX_256_TO_511_PKTS 0xd /* enum */ -#define MC_CMD_MAC_TX_512_TO_1023_PKTS 0xe /* enum */ -#define MC_CMD_MAC_TX_1024_TO_15XX_PKTS 0xf /* enum */ -#define MC_CMD_MAC_TX_15XX_TO_JUMBO_PKTS 0x10 /* enum */ -#define MC_CMD_MAC_TX_GTJUMBO_PKTS 0x11 /* enum */ -#define MC_CMD_MAC_TX_BAD_FCS_PKTS 0x12 /* enum */ -#define MC_CMD_MAC_TX_SINGLE_COLLISION_PKTS 0x13 /* enum */ -#define MC_CMD_MAC_TX_MULTIPLE_COLLISION_PKTS 0x14 /* enum */ -#define MC_CMD_MAC_TX_EXCESSIVE_COLLISION_PKTS 0x15 /* enum */ -#define MC_CMD_MAC_TX_LATE_COLLISION_PKTS 0x16 /* enum */ -#define MC_CMD_MAC_TX_DEFERRED_PKTS 0x17 /* enum */ -#define MC_CMD_MAC_TX_EXCESSIVE_DEFERRED_PKTS 0x18 /* enum */ -#define MC_CMD_MAC_TX_NON_TCPUDP_PKTS 0x19 /* enum */ -#define MC_CMD_MAC_TX_MAC_SRC_ERR_PKTS 0x1a /* enum */ -#define MC_CMD_MAC_TX_IP_SRC_ERR_PKTS 0x1b /* enum */ -#define MC_CMD_MAC_RX_PKTS 0x1c /* enum */ -#define MC_CMD_MAC_RX_PAUSE_PKTS 0x1d /* enum */ -#define MC_CMD_MAC_RX_GOOD_PKTS 0x1e /* enum */ -#define MC_CMD_MAC_RX_CONTROL_PKTS 0x1f /* enum */ -#define MC_CMD_MAC_RX_UNICAST_PKTS 0x20 /* enum */ -#define MC_CMD_MAC_RX_MULTICAST_PKTS 0x21 /* enum */ -#define MC_CMD_MAC_RX_BROADCAST_PKTS 0x22 /* enum */ -#define MC_CMD_MAC_RX_BYTES 0x23 /* enum */ -#define MC_CMD_MAC_RX_BAD_BYTES 0x24 /* enum */ -#define MC_CMD_MAC_RX_64_PKTS 0x25 /* enum */ -#define MC_CMD_MAC_RX_65_TO_127_PKTS 0x26 /* enum */ -#define MC_CMD_MAC_RX_128_TO_255_PKTS 0x27 /* enum */ -#define MC_CMD_MAC_RX_256_TO_511_PKTS 0x28 /* enum */ -#define MC_CMD_MAC_RX_512_TO_1023_PKTS 0x29 /* enum */ -#define MC_CMD_MAC_RX_1024_TO_15XX_PKTS 0x2a /* enum */ -#define MC_CMD_MAC_RX_15XX_TO_JUMBO_PKTS 0x2b /* enum */ -#define MC_CMD_MAC_RX_GTJUMBO_PKTS 0x2c /* enum */ -#define MC_CMD_MAC_RX_UNDERSIZE_PKTS 0x2d /* enum */ -#define MC_CMD_MAC_RX_BAD_FCS_PKTS 0x2e /* enum */ -#define MC_CMD_MAC_RX_OVERFLOW_PKTS 0x2f /* enum */ -#define MC_CMD_MAC_RX_FALSE_CARRIER_PKTS 0x30 /* enum */ -#define MC_CMD_MAC_RX_SYMBOL_ERROR_PKTS 0x31 /* enum */ -#define MC_CMD_MAC_RX_ALIGN_ERROR_PKTS 0x32 /* enum */ -#define MC_CMD_MAC_RX_LENGTH_ERROR_PKTS 0x33 /* enum */ -#define MC_CMD_MAC_RX_INTERNAL_ERROR_PKTS 0x34 /* enum */ -#define MC_CMD_MAC_RX_JABBER_PKTS 0x35 /* enum */ -#define MC_CMD_MAC_RX_NODESC_DROPS 0x36 /* enum */ -#define MC_CMD_MAC_RX_LANES01_CHAR_ERR 0x37 /* enum */ -#define MC_CMD_MAC_RX_LANES23_CHAR_ERR 0x38 /* enum */ -#define MC_CMD_MAC_RX_LANES01_DISP_ERR 0x39 /* enum */ -#define MC_CMD_MAC_RX_LANES23_DISP_ERR 0x3a /* enum */ -#define MC_CMD_MAC_RX_MATCH_FAULT 0x3b /* enum */ +#define MC_CMD_MAC_GENERATION_START 0x0 /* enum */ +#define MC_CMD_MAC_DMABUF_START 0x1 /* enum */ +#define MC_CMD_MAC_TX_PKTS 0x1 /* enum */ +#define MC_CMD_MAC_TX_PAUSE_PKTS 0x2 /* enum */ +#define MC_CMD_MAC_TX_CONTROL_PKTS 0x3 /* enum */ +#define MC_CMD_MAC_TX_UNICAST_PKTS 0x4 /* enum */ +#define MC_CMD_MAC_TX_MULTICAST_PKTS 0x5 /* enum */ +#define MC_CMD_MAC_TX_BROADCAST_PKTS 0x6 /* enum */ +#define MC_CMD_MAC_TX_BYTES 0x7 /* enum */ +#define MC_CMD_MAC_TX_BAD_BYTES 0x8 /* enum */ +#define MC_CMD_MAC_TX_LT64_PKTS 0x9 /* enum */ +#define MC_CMD_MAC_TX_64_PKTS 0xa /* enum */ +#define MC_CMD_MAC_TX_65_TO_127_PKTS 0xb /* enum */ +#define MC_CMD_MAC_TX_128_TO_255_PKTS 0xc /* enum */ +#define MC_CMD_MAC_TX_256_TO_511_PKTS 0xd /* enum */ +#define MC_CMD_MAC_TX_512_TO_1023_PKTS 0xe /* enum */ +#define MC_CMD_MAC_TX_1024_TO_15XX_PKTS 0xf /* enum */ +#define MC_CMD_MAC_TX_15XX_TO_JUMBO_PKTS 0x10 /* enum */ +#define MC_CMD_MAC_TX_GTJUMBO_PKTS 0x11 /* enum */ +#define MC_CMD_MAC_TX_BAD_FCS_PKTS 0x12 /* enum */ +#define MC_CMD_MAC_TX_SINGLE_COLLISION_PKTS 0x13 /* enum */ +#define MC_CMD_MAC_TX_MULTIPLE_COLLISION_PKTS 0x14 /* enum */ +#define MC_CMD_MAC_TX_EXCESSIVE_COLLISION_PKTS 0x15 /* enum */ +#define MC_CMD_MAC_TX_LATE_COLLISION_PKTS 0x16 /* enum */ +#define MC_CMD_MAC_TX_DEFERRED_PKTS 0x17 /* enum */ +#define MC_CMD_MAC_TX_EXCESSIVE_DEFERRED_PKTS 0x18 /* enum */ +#define MC_CMD_MAC_TX_NON_TCPUDP_PKTS 0x19 /* enum */ +#define MC_CMD_MAC_TX_MAC_SRC_ERR_PKTS 0x1a /* enum */ +#define MC_CMD_MAC_TX_IP_SRC_ERR_PKTS 0x1b /* enum */ +#define MC_CMD_MAC_RX_PKTS 0x1c /* enum */ +#define MC_CMD_MAC_RX_PAUSE_PKTS 0x1d /* enum */ +#define MC_CMD_MAC_RX_GOOD_PKTS 0x1e /* enum */ +#define MC_CMD_MAC_RX_CONTROL_PKTS 0x1f /* enum */ +#define MC_CMD_MAC_RX_UNICAST_PKTS 0x20 /* enum */ +#define MC_CMD_MAC_RX_MULTICAST_PKTS 0x21 /* enum */ +#define MC_CMD_MAC_RX_BROADCAST_PKTS 0x22 /* enum */ +#define MC_CMD_MAC_RX_BYTES 0x23 /* enum */ +#define MC_CMD_MAC_RX_BAD_BYTES 0x24 /* enum */ +#define MC_CMD_MAC_RX_64_PKTS 0x25 /* enum */ +#define MC_CMD_MAC_RX_65_TO_127_PKTS 0x26 /* enum */ +#define MC_CMD_MAC_RX_128_TO_255_PKTS 0x27 /* enum */ +#define MC_CMD_MAC_RX_256_TO_511_PKTS 0x28 /* enum */ +#define MC_CMD_MAC_RX_512_TO_1023_PKTS 0x29 /* enum */ +#define MC_CMD_MAC_RX_1024_TO_15XX_PKTS 0x2a /* enum */ +#define MC_CMD_MAC_RX_15XX_TO_JUMBO_PKTS 0x2b /* enum */ +#define MC_CMD_MAC_RX_GTJUMBO_PKTS 0x2c /* enum */ +#define MC_CMD_MAC_RX_UNDERSIZE_PKTS 0x2d /* enum */ +#define MC_CMD_MAC_RX_BAD_FCS_PKTS 0x2e /* enum */ +#define MC_CMD_MAC_RX_OVERFLOW_PKTS 0x2f /* enum */ +#define MC_CMD_MAC_RX_FALSE_CARRIER_PKTS 0x30 /* enum */ +#define MC_CMD_MAC_RX_SYMBOL_ERROR_PKTS 0x31 /* enum */ +#define MC_CMD_MAC_RX_ALIGN_ERROR_PKTS 0x32 /* enum */ +#define MC_CMD_MAC_RX_LENGTH_ERROR_PKTS 0x33 /* enum */ +#define MC_CMD_MAC_RX_INTERNAL_ERROR_PKTS 0x34 /* enum */ +#define MC_CMD_MAC_RX_JABBER_PKTS 0x35 /* enum */ +#define MC_CMD_MAC_RX_NODESC_DROPS 0x36 /* enum */ +#define MC_CMD_MAC_RX_LANES01_CHAR_ERR 0x37 /* enum */ +#define MC_CMD_MAC_RX_LANES23_CHAR_ERR 0x38 /* enum */ +#define MC_CMD_MAC_RX_LANES01_DISP_ERR 0x39 /* enum */ +#define MC_CMD_MAC_RX_LANES23_DISP_ERR 0x3a /* enum */ +#define MC_CMD_MAC_RX_MATCH_FAULT 0x3b /* enum */ /* enum: PM trunc_bb_overflow counter. Valid for EF10 with PM_AND_RXDP_COUNTERS * capability only. */ -#define MC_CMD_MAC_PM_TRUNC_BB_OVERFLOW 0x3c +#define MC_CMD_MAC_PM_TRUNC_BB_OVERFLOW 0x3c /* enum: PM discard_bb_overflow counter. Valid for EF10 with * PM_AND_RXDP_COUNTERS capability only. */ -#define MC_CMD_MAC_PM_DISCARD_BB_OVERFLOW 0x3d +#define MC_CMD_MAC_PM_DISCARD_BB_OVERFLOW 0x3d /* enum: PM trunc_vfifo_full counter. Valid for EF10 with PM_AND_RXDP_COUNTERS * capability only. */ -#define MC_CMD_MAC_PM_TRUNC_VFIFO_FULL 0x3e +#define MC_CMD_MAC_PM_TRUNC_VFIFO_FULL 0x3e /* enum: PM discard_vfifo_full counter. Valid for EF10 with * PM_AND_RXDP_COUNTERS capability only. */ -#define MC_CMD_MAC_PM_DISCARD_VFIFO_FULL 0x3f +#define MC_CMD_MAC_PM_DISCARD_VFIFO_FULL 0x3f /* enum: PM trunc_qbb counter. Valid for EF10 with PM_AND_RXDP_COUNTERS * capability only. */ -#define MC_CMD_MAC_PM_TRUNC_QBB 0x40 +#define MC_CMD_MAC_PM_TRUNC_QBB 0x40 /* enum: PM discard_qbb counter. Valid for EF10 with PM_AND_RXDP_COUNTERS * capability only. */ -#define MC_CMD_MAC_PM_DISCARD_QBB 0x41 +#define MC_CMD_MAC_PM_DISCARD_QBB 0x41 /* enum: PM discard_mapping counter. Valid for EF10 with PM_AND_RXDP_COUNTERS * capability only. */ -#define MC_CMD_MAC_PM_DISCARD_MAPPING 0x42 +#define MC_CMD_MAC_PM_DISCARD_MAPPING 0x42 /* enum: RXDP counter: Number of packets dropped due to the queue being * disabled. Valid for EF10 with PM_AND_RXDP_COUNTERS capability only. */ -#define MC_CMD_MAC_RXDP_Q_DISABLED_PKTS 0x43 +#define MC_CMD_MAC_RXDP_Q_DISABLED_PKTS 0x43 /* enum: RXDP counter: Number of packets dropped by the DICPU. Valid for EF10 * with PM_AND_RXDP_COUNTERS capability only. */ -#define MC_CMD_MAC_RXDP_DI_DROPPED_PKTS 0x45 +#define MC_CMD_MAC_RXDP_DI_DROPPED_PKTS 0x45 /* enum: RXDP counter: Number of non-host packets. Valid for EF10 with * PM_AND_RXDP_COUNTERS capability only. */ -#define MC_CMD_MAC_RXDP_STREAMING_PKTS 0x46 +#define MC_CMD_MAC_RXDP_STREAMING_PKTS 0x46 /* enum: RXDP counter: Number of times an hlb descriptor fetch was performed. * Valid for EF10 with PM_AND_RXDP_COUNTERS capability only. */ -#define MC_CMD_MAC_RXDP_HLB_FETCH_CONDITIONS 0x47 +#define MC_CMD_MAC_RXDP_HLB_FETCH_CONDITIONS 0x47 /* enum: RXDP counter: Number of times the DPCPU waited for an existing * descriptor fetch. Valid for EF10 with PM_AND_RXDP_COUNTERS capability only. */ -#define MC_CMD_MAC_RXDP_HLB_WAIT_CONDITIONS 0x48 -#define MC_CMD_MAC_VADAPTER_RX_DMABUF_START 0x4c /* enum */ -#define MC_CMD_MAC_VADAPTER_RX_UNICAST_PACKETS 0x4c /* enum */ -#define MC_CMD_MAC_VADAPTER_RX_UNICAST_BYTES 0x4d /* enum */ -#define MC_CMD_MAC_VADAPTER_RX_MULTICAST_PACKETS 0x4e /* enum */ -#define MC_CMD_MAC_VADAPTER_RX_MULTICAST_BYTES 0x4f /* enum */ -#define MC_CMD_MAC_VADAPTER_RX_BROADCAST_PACKETS 0x50 /* enum */ -#define MC_CMD_MAC_VADAPTER_RX_BROADCAST_BYTES 0x51 /* enum */ -#define MC_CMD_MAC_VADAPTER_RX_BAD_PACKETS 0x52 /* enum */ -#define MC_CMD_MAC_VADAPTER_RX_BAD_BYTES 0x53 /* enum */ -#define MC_CMD_MAC_VADAPTER_RX_OVERFLOW 0x54 /* enum */ -#define MC_CMD_MAC_VADAPTER_TX_DMABUF_START 0x57 /* enum */ -#define MC_CMD_MAC_VADAPTER_TX_UNICAST_PACKETS 0x57 /* enum */ -#define MC_CMD_MAC_VADAPTER_TX_UNICAST_BYTES 0x58 /* enum */ -#define MC_CMD_MAC_VADAPTER_TX_MULTICAST_PACKETS 0x59 /* enum */ -#define MC_CMD_MAC_VADAPTER_TX_MULTICAST_BYTES 0x5a /* enum */ -#define MC_CMD_MAC_VADAPTER_TX_BROADCAST_PACKETS 0x5b /* enum */ -#define MC_CMD_MAC_VADAPTER_TX_BROADCAST_BYTES 0x5c /* enum */ -#define MC_CMD_MAC_VADAPTER_TX_BAD_PACKETS 0x5d /* enum */ -#define MC_CMD_MAC_VADAPTER_TX_BAD_BYTES 0x5e /* enum */ -#define MC_CMD_MAC_VADAPTER_TX_OVERFLOW 0x5f /* enum */ +#define MC_CMD_MAC_RXDP_HLB_WAIT_CONDITIONS 0x48 +#define MC_CMD_MAC_VADAPTER_RX_DMABUF_START 0x4c /* enum */ +#define MC_CMD_MAC_VADAPTER_RX_UNICAST_PACKETS 0x4c /* enum */ +#define MC_CMD_MAC_VADAPTER_RX_UNICAST_BYTES 0x4d /* enum */ +#define MC_CMD_MAC_VADAPTER_RX_MULTICAST_PACKETS 0x4e /* enum */ +#define MC_CMD_MAC_VADAPTER_RX_MULTICAST_BYTES 0x4f /* enum */ +#define MC_CMD_MAC_VADAPTER_RX_BROADCAST_PACKETS 0x50 /* enum */ +#define MC_CMD_MAC_VADAPTER_RX_BROADCAST_BYTES 0x51 /* enum */ +#define MC_CMD_MAC_VADAPTER_RX_BAD_PACKETS 0x52 /* enum */ +#define MC_CMD_MAC_VADAPTER_RX_BAD_BYTES 0x53 /* enum */ +#define MC_CMD_MAC_VADAPTER_RX_OVERFLOW 0x54 /* enum */ +#define MC_CMD_MAC_VADAPTER_TX_DMABUF_START 0x57 /* enum */ +#define MC_CMD_MAC_VADAPTER_TX_UNICAST_PACKETS 0x57 /* enum */ +#define MC_CMD_MAC_VADAPTER_TX_UNICAST_BYTES 0x58 /* enum */ +#define MC_CMD_MAC_VADAPTER_TX_MULTICAST_PACKETS 0x59 /* enum */ +#define MC_CMD_MAC_VADAPTER_TX_MULTICAST_BYTES 0x5a /* enum */ +#define MC_CMD_MAC_VADAPTER_TX_BROADCAST_PACKETS 0x5b /* enum */ +#define MC_CMD_MAC_VADAPTER_TX_BROADCAST_BYTES 0x5c /* enum */ +#define MC_CMD_MAC_VADAPTER_TX_BAD_PACKETS 0x5d /* enum */ +#define MC_CMD_MAC_VADAPTER_TX_BAD_BYTES 0x5e /* enum */ +#define MC_CMD_MAC_VADAPTER_TX_OVERFLOW 0x5f /* enum */ /* enum: Start of GMAC stats buffer space, for Siena only. */ -#define MC_CMD_GMAC_DMABUF_START 0x40 +#define MC_CMD_GMAC_DMABUF_START 0x40 /* enum: End of GMAC stats buffer space, for Siena only. */ -#define MC_CMD_GMAC_DMABUF_END 0x5f -#define MC_CMD_MAC_GENERATION_END 0x60 /* enum */ -#define MC_CMD_MAC_NSTATS 0x61 /* enum */ +#define MC_CMD_GMAC_DMABUF_END 0x5f +/* enum: GENERATION_END value, used together with GENERATION_START to verify + * consistency of DMAd data. For legacy firmware / drivers without extended + * stats (more precisely, when DMA_LEN == MC_CMD_MAC_NSTATS * + * sizeof(uint64_t)), this entry holds the GENERATION_END value. Otherwise, + * this value is invalid/ reserved and GENERATION_END is written as the last + * 64-bit word of the DMA buffer (at DMA_LEN - sizeof(uint64_t)). Note that + * this is consistent with the legacy behaviour, in the sense that entry 96 is + * the last 64-bit word in the buffer when DMA_LEN == MC_CMD_MAC_NSTATS * + * sizeof(uint64_t). See SF-109306-TC, Section 9.2 for details. + */ +#define MC_CMD_MAC_GENERATION_END 0x60 +#define MC_CMD_MAC_NSTATS 0x61 /* enum */ + +/* MC_CMD_MAC_STATS_V2_OUT_DMA msgresponse */ +#define MC_CMD_MAC_STATS_V2_OUT_DMA_LEN 0 + +/* MC_CMD_MAC_STATS_V2_OUT_NO_DMA msgresponse */ +#define MC_CMD_MAC_STATS_V2_OUT_NO_DMA_LEN (((MC_CMD_MAC_NSTATS_V2*64))>>3) +#define MC_CMD_MAC_STATS_V2_OUT_NO_DMA_STATISTICS_OFST 0 +#define MC_CMD_MAC_STATS_V2_OUT_NO_DMA_STATISTICS_LEN 8 +#define MC_CMD_MAC_STATS_V2_OUT_NO_DMA_STATISTICS_LO_OFST 0 +#define MC_CMD_MAC_STATS_V2_OUT_NO_DMA_STATISTICS_HI_OFST 4 +#define MC_CMD_MAC_STATS_V2_OUT_NO_DMA_STATISTICS_NUM MC_CMD_MAC_NSTATS_V2 +/* enum: Start of FEC stats buffer space, Medford2 and up */ +#define MC_CMD_MAC_FEC_DMABUF_START 0x61 +/* enum: Number of uncorrected FEC codewords on link (RS-FEC only for Medford2) + */ +#define MC_CMD_MAC_FEC_UNCORRECTED_ERRORS 0x61 +/* enum: Number of corrected FEC codewords on link (RS-FEC only for Medford2) + */ +#define MC_CMD_MAC_FEC_CORRECTED_ERRORS 0x62 +/* enum: Number of corrected 10-bit symbol errors, lane 0 (RS-FEC only) */ +#define MC_CMD_MAC_FEC_CORRECTED_SYMBOLS_LANE0 0x63 +/* enum: Number of corrected 10-bit symbol errors, lane 1 (RS-FEC only) */ +#define MC_CMD_MAC_FEC_CORRECTED_SYMBOLS_LANE1 0x64 +/* enum: Number of corrected 10-bit symbol errors, lane 2 (RS-FEC only) */ +#define MC_CMD_MAC_FEC_CORRECTED_SYMBOLS_LANE2 0x65 +/* enum: Number of corrected 10-bit symbol errors, lane 3 (RS-FEC only) */ +#define MC_CMD_MAC_FEC_CORRECTED_SYMBOLS_LANE3 0x66 +/* enum: This includes the space at offset 103 which is the final + * GENERATION_END in a MAC_STATS_V2 response and otherwise unused. + */ +#define MC_CMD_MAC_NSTATS_V2 0x68 +/* Other enum values, see field(s): */ +/* MC_CMD_MAC_STATS_OUT_NO_DMA/STATISTICS */ + +/* MC_CMD_MAC_STATS_V3_OUT_DMA msgresponse */ +#define MC_CMD_MAC_STATS_V3_OUT_DMA_LEN 0 + +/* MC_CMD_MAC_STATS_V3_OUT_NO_DMA msgresponse */ +#define MC_CMD_MAC_STATS_V3_OUT_NO_DMA_LEN (((MC_CMD_MAC_NSTATS_V3*64))>>3) +#define MC_CMD_MAC_STATS_V3_OUT_NO_DMA_STATISTICS_OFST 0 +#define MC_CMD_MAC_STATS_V3_OUT_NO_DMA_STATISTICS_LEN 8 +#define MC_CMD_MAC_STATS_V3_OUT_NO_DMA_STATISTICS_LO_OFST 0 +#define MC_CMD_MAC_STATS_V3_OUT_NO_DMA_STATISTICS_HI_OFST 4 +#define MC_CMD_MAC_STATS_V3_OUT_NO_DMA_STATISTICS_NUM MC_CMD_MAC_NSTATS_V3 +/* enum: Start of CTPIO stats buffer space, Medford2 and up */ +#define MC_CMD_MAC_CTPIO_DMABUF_START 0x68 +/* enum: Number of CTPIO fallbacks because a DMA packet was in progress on the + * target VI + */ +#define MC_CMD_MAC_CTPIO_VI_BUSY_FALLBACK 0x68 +/* enum: Number of times a CTPIO send wrote beyond frame end (informational + * only) + */ +#define MC_CMD_MAC_CTPIO_LONG_WRITE_SUCCESS 0x69 +/* enum: Number of CTPIO failures because the TX doorbell was written before + * the end of the frame data + */ +#define MC_CMD_MAC_CTPIO_MISSING_DBELL_FAIL 0x6a +/* enum: Number of CTPIO failures because the internal FIFO overflowed */ +#define MC_CMD_MAC_CTPIO_OVERFLOW_FAIL 0x6b +/* enum: Number of CTPIO failures because the host did not deliver data fast + * enough to avoid MAC underflow + */ +#define MC_CMD_MAC_CTPIO_UNDERFLOW_FAIL 0x6c +/* enum: Number of CTPIO failures because the host did not deliver all the + * frame data within the timeout + */ +#define MC_CMD_MAC_CTPIO_TIMEOUT_FAIL 0x6d +/* enum: Number of CTPIO failures because the frame data arrived out of order + * or with gaps + */ +#define MC_CMD_MAC_CTPIO_NONCONTIG_WR_FAIL 0x6e +/* enum: Number of CTPIO failures because the host started a new frame before + * completing the previous one + */ +#define MC_CMD_MAC_CTPIO_FRM_CLOBBER_FAIL 0x6f +/* enum: Number of CTPIO failures because a write was not a multiple of 32 bits + * or not 32-bit aligned + */ +#define MC_CMD_MAC_CTPIO_INVALID_WR_FAIL 0x70 +/* enum: Number of CTPIO fallbacks because another VI on the same port was + * sending a CTPIO frame + */ +#define MC_CMD_MAC_CTPIO_VI_CLOBBER_FALLBACK 0x71 +/* enum: Number of CTPIO fallbacks because target VI did not have CTPIO enabled + */ +#define MC_CMD_MAC_CTPIO_UNQUALIFIED_FALLBACK 0x72 +/* enum: Number of CTPIO fallbacks because length in header was less than 29 + * bytes + */ +#define MC_CMD_MAC_CTPIO_RUNT_FALLBACK 0x73 +/* enum: Total number of successful CTPIO sends on this port */ +#define MC_CMD_MAC_CTPIO_SUCCESS 0x74 +/* enum: Total number of CTPIO fallbacks on this port */ +#define MC_CMD_MAC_CTPIO_FALLBACK 0x75 +/* enum: Total number of CTPIO poisoned frames on this port, whether erased or + * not + */ +#define MC_CMD_MAC_CTPIO_POISON 0x76 +/* enum: Total number of CTPIO erased frames on this port */ +#define MC_CMD_MAC_CTPIO_ERASE 0x77 +/* enum: This includes the space at offset 120 which is the final + * GENERATION_END in a MAC_STATS_V3 response and otherwise unused. + */ +#define MC_CMD_MAC_NSTATS_V3 0x79 +/* Other enum values, see field(s): */ +/* MC_CMD_MAC_STATS_V2_OUT_NO_DMA/STATISTICS */ + +/* MC_CMD_MAC_STATS_V4_OUT_DMA msgresponse */ +#define MC_CMD_MAC_STATS_V4_OUT_DMA_LEN 0 + +/* MC_CMD_MAC_STATS_V4_OUT_NO_DMA msgresponse */ +#define MC_CMD_MAC_STATS_V4_OUT_NO_DMA_LEN (((MC_CMD_MAC_NSTATS_V4*64))>>3) +#define MC_CMD_MAC_STATS_V4_OUT_NO_DMA_STATISTICS_OFST 0 +#define MC_CMD_MAC_STATS_V4_OUT_NO_DMA_STATISTICS_LEN 8 +#define MC_CMD_MAC_STATS_V4_OUT_NO_DMA_STATISTICS_LO_OFST 0 +#define MC_CMD_MAC_STATS_V4_OUT_NO_DMA_STATISTICS_HI_OFST 4 +#define MC_CMD_MAC_STATS_V4_OUT_NO_DMA_STATISTICS_NUM MC_CMD_MAC_NSTATS_V4 +/* enum: Start of V4 stats buffer space */ +#define MC_CMD_MAC_V4_DMABUF_START 0x79 +/* enum: RXDP counter: Number of packets truncated because scattering was + * disabled. + */ +#define MC_CMD_MAC_RXDP_SCATTER_DISABLED_TRUNC 0x79 +/* enum: RXDP counter: Number of times the RXDP head of line blocked waiting + * for descriptors. Will be zero unless RXDP_HLB_IDLE capability is set. + */ +#define MC_CMD_MAC_RXDP_HLB_IDLE 0x7a +/* enum: RXDP counter: Number of times the RXDP timed out while head of line + * blocking. Will be zero unless RXDP_HLB_IDLE capability is set. + */ +#define MC_CMD_MAC_RXDP_HLB_TIMEOUT 0x7b +/* enum: This includes the space at offset 124 which is the final + * GENERATION_END in a MAC_STATS_V4 response and otherwise unused. + */ +#define MC_CMD_MAC_NSTATS_V4 0x7d +/* Other enum values, see field(s): */ +/* MC_CMD_MAC_STATS_V3_OUT_NO_DMA/STATISTICS */ /***********************************/ @@ -5842,21 +4435,28 @@ /* MC_CMD_SRIOV_IN msgrequest */ #define MC_CMD_SRIOV_IN_LEN 12 #define MC_CMD_SRIOV_IN_ENABLE_OFST 0 +#define MC_CMD_SRIOV_IN_ENABLE_LEN 4 #define MC_CMD_SRIOV_IN_VI_BASE_OFST 4 +#define MC_CMD_SRIOV_IN_VI_BASE_LEN 4 #define MC_CMD_SRIOV_IN_VF_COUNT_OFST 8 +#define MC_CMD_SRIOV_IN_VF_COUNT_LEN 4 /* MC_CMD_SRIOV_OUT msgresponse */ #define MC_CMD_SRIOV_OUT_LEN 8 #define MC_CMD_SRIOV_OUT_VI_SCALE_OFST 0 +#define MC_CMD_SRIOV_OUT_VI_SCALE_LEN 4 #define MC_CMD_SRIOV_OUT_VF_TOTAL_OFST 4 +#define MC_CMD_SRIOV_OUT_VF_TOTAL_LEN 4 /* MC_CMD_MEMCPY_RECORD_TYPEDEF structuredef */ #define MC_CMD_MEMCPY_RECORD_TYPEDEF_LEN 32 /* this is only used for the first record */ #define MC_CMD_MEMCPY_RECORD_TYPEDEF_NUM_RECORDS_OFST 0 +#define MC_CMD_MEMCPY_RECORD_TYPEDEF_NUM_RECORDS_LEN 4 #define MC_CMD_MEMCPY_RECORD_TYPEDEF_NUM_RECORDS_LBN 0 #define MC_CMD_MEMCPY_RECORD_TYPEDEF_NUM_RECORDS_WIDTH 32 #define MC_CMD_MEMCPY_RECORD_TYPEDEF_TO_RID_OFST 4 +#define MC_CMD_MEMCPY_RECORD_TYPEDEF_TO_RID_LEN 4 #define MC_CMD_MEMCPY_RECORD_TYPEDEF_TO_RID_LBN 32 #define MC_CMD_MEMCPY_RECORD_TYPEDEF_TO_RID_WIDTH 32 #define MC_CMD_MEMCPY_RECORD_TYPEDEF_TO_ADDR_OFST 8 @@ -5866,6 +4466,7 @@ #define MC_CMD_MEMCPY_RECORD_TYPEDEF_TO_ADDR_LBN 64 #define MC_CMD_MEMCPY_RECORD_TYPEDEF_TO_ADDR_WIDTH 64 #define MC_CMD_MEMCPY_RECORD_TYPEDEF_FROM_RID_OFST 16 +#define MC_CMD_MEMCPY_RECORD_TYPEDEF_FROM_RID_LEN 4 #define MC_CMD_MEMCPY_RECORD_TYPEDEF_RID_INLINE 0x100 /* enum */ #define MC_CMD_MEMCPY_RECORD_TYPEDEF_FROM_RID_LBN 128 #define MC_CMD_MEMCPY_RECORD_TYPEDEF_FROM_RID_WIDTH 32 @@ -5876,6 +4477,7 @@ #define MC_CMD_MEMCPY_RECORD_TYPEDEF_FROM_ADDR_LBN 160 #define MC_CMD_MEMCPY_RECORD_TYPEDEF_FROM_ADDR_WIDTH 64 #define MC_CMD_MEMCPY_RECORD_TYPEDEF_LENGTH_OFST 28 +#define MC_CMD_MEMCPY_RECORD_TYPEDEF_LENGTH_LEN 4 #define MC_CMD_MEMCPY_RECORD_TYPEDEF_LENGTH_LBN 224 #define MC_CMD_MEMCPY_RECORD_TYPEDEF_LENGTH_WIDTH 32 @@ -5928,24 +4530,26 @@ /* MC_CMD_WOL_FILTER_SET_IN msgrequest */ #define MC_CMD_WOL_FILTER_SET_IN_LEN 192 #define MC_CMD_WOL_FILTER_SET_IN_FILTER_MODE_OFST 0 -#define MC_CMD_FILTER_MODE_SIMPLE 0x0 /* enum */ +#define MC_CMD_WOL_FILTER_SET_IN_FILTER_MODE_LEN 4 +#define MC_CMD_FILTER_MODE_SIMPLE 0x0 /* enum */ #define MC_CMD_FILTER_MODE_STRUCTURED 0xffffffff /* enum */ /* A type value of 1 is unused. */ #define MC_CMD_WOL_FILTER_SET_IN_WOL_TYPE_OFST 4 +#define MC_CMD_WOL_FILTER_SET_IN_WOL_TYPE_LEN 4 /* enum: Magic */ -#define MC_CMD_WOL_TYPE_MAGIC 0x0 +#define MC_CMD_WOL_TYPE_MAGIC 0x0 /* enum: MS Windows Magic */ #define MC_CMD_WOL_TYPE_WIN_MAGIC 0x2 /* enum: IPv4 Syn */ -#define MC_CMD_WOL_TYPE_IPV4_SYN 0x3 +#define MC_CMD_WOL_TYPE_IPV4_SYN 0x3 /* enum: IPv6 Syn */ -#define MC_CMD_WOL_TYPE_IPV6_SYN 0x4 +#define MC_CMD_WOL_TYPE_IPV6_SYN 0x4 /* enum: Bitmap */ -#define MC_CMD_WOL_TYPE_BITMAP 0x5 +#define MC_CMD_WOL_TYPE_BITMAP 0x5 /* enum: Link */ -#define MC_CMD_WOL_TYPE_LINK 0x6 +#define MC_CMD_WOL_TYPE_LINK 0x6 /* enum: (Above this for future use) */ -#define MC_CMD_WOL_TYPE_MAX 0x7 +#define MC_CMD_WOL_TYPE_MAX 0x7 #define MC_CMD_WOL_FILTER_SET_IN_DATA_OFST 8 #define MC_CMD_WOL_FILTER_SET_IN_DATA_LEN 4 #define MC_CMD_WOL_FILTER_SET_IN_DATA_NUM 46 @@ -5953,7 +4557,9 @@ /* MC_CMD_WOL_FILTER_SET_IN_MAGIC msgrequest */ #define MC_CMD_WOL_FILTER_SET_IN_MAGIC_LEN 16 /* MC_CMD_WOL_FILTER_SET_IN_FILTER_MODE_OFST 0 */ +/* MC_CMD_WOL_FILTER_SET_IN_FILTER_MODE_LEN 4 */ /* MC_CMD_WOL_FILTER_SET_IN_WOL_TYPE_OFST 4 */ +/* MC_CMD_WOL_FILTER_SET_IN_WOL_TYPE_LEN 4 */ #define MC_CMD_WOL_FILTER_SET_IN_MAGIC_MAC_OFST 8 #define MC_CMD_WOL_FILTER_SET_IN_MAGIC_MAC_LEN 8 #define MC_CMD_WOL_FILTER_SET_IN_MAGIC_MAC_LO_OFST 8 @@ -5962,9 +4568,13 @@ /* MC_CMD_WOL_FILTER_SET_IN_IPV4_SYN msgrequest */ #define MC_CMD_WOL_FILTER_SET_IN_IPV4_SYN_LEN 20 /* MC_CMD_WOL_FILTER_SET_IN_FILTER_MODE_OFST 0 */ +/* MC_CMD_WOL_FILTER_SET_IN_FILTER_MODE_LEN 4 */ /* MC_CMD_WOL_FILTER_SET_IN_WOL_TYPE_OFST 4 */ +/* MC_CMD_WOL_FILTER_SET_IN_WOL_TYPE_LEN 4 */ #define MC_CMD_WOL_FILTER_SET_IN_IPV4_SYN_SRC_IP_OFST 8 +#define MC_CMD_WOL_FILTER_SET_IN_IPV4_SYN_SRC_IP_LEN 4 #define MC_CMD_WOL_FILTER_SET_IN_IPV4_SYN_DST_IP_OFST 12 +#define MC_CMD_WOL_FILTER_SET_IN_IPV4_SYN_DST_IP_LEN 4 #define MC_CMD_WOL_FILTER_SET_IN_IPV4_SYN_SRC_PORT_OFST 16 #define MC_CMD_WOL_FILTER_SET_IN_IPV4_SYN_SRC_PORT_LEN 2 #define MC_CMD_WOL_FILTER_SET_IN_IPV4_SYN_DST_PORT_OFST 18 @@ -5973,7 +4583,9 @@ /* MC_CMD_WOL_FILTER_SET_IN_IPV6_SYN msgrequest */ #define MC_CMD_WOL_FILTER_SET_IN_IPV6_SYN_LEN 44 /* MC_CMD_WOL_FILTER_SET_IN_FILTER_MODE_OFST 0 */ +/* MC_CMD_WOL_FILTER_SET_IN_FILTER_MODE_LEN 4 */ /* MC_CMD_WOL_FILTER_SET_IN_WOL_TYPE_OFST 4 */ +/* MC_CMD_WOL_FILTER_SET_IN_WOL_TYPE_LEN 4 */ #define MC_CMD_WOL_FILTER_SET_IN_IPV6_SYN_SRC_IP_OFST 8 #define MC_CMD_WOL_FILTER_SET_IN_IPV6_SYN_SRC_IP_LEN 16 #define MC_CMD_WOL_FILTER_SET_IN_IPV6_SYN_DST_IP_OFST 24 @@ -5986,7 +4598,9 @@ /* MC_CMD_WOL_FILTER_SET_IN_BITMAP msgrequest */ #define MC_CMD_WOL_FILTER_SET_IN_BITMAP_LEN 187 /* MC_CMD_WOL_FILTER_SET_IN_FILTER_MODE_OFST 0 */ +/* MC_CMD_WOL_FILTER_SET_IN_FILTER_MODE_LEN 4 */ /* MC_CMD_WOL_FILTER_SET_IN_WOL_TYPE_OFST 4 */ +/* MC_CMD_WOL_FILTER_SET_IN_WOL_TYPE_LEN 4 */ #define MC_CMD_WOL_FILTER_SET_IN_BITMAP_MASK_OFST 8 #define MC_CMD_WOL_FILTER_SET_IN_BITMAP_MASK_LEN 48 #define MC_CMD_WOL_FILTER_SET_IN_BITMAP_BITMAP_OFST 56 @@ -6001,8 +4615,11 @@ /* MC_CMD_WOL_FILTER_SET_IN_LINK msgrequest */ #define MC_CMD_WOL_FILTER_SET_IN_LINK_LEN 12 /* MC_CMD_WOL_FILTER_SET_IN_FILTER_MODE_OFST 0 */ +/* MC_CMD_WOL_FILTER_SET_IN_FILTER_MODE_LEN 4 */ /* MC_CMD_WOL_FILTER_SET_IN_WOL_TYPE_OFST 4 */ +/* MC_CMD_WOL_FILTER_SET_IN_WOL_TYPE_LEN 4 */ #define MC_CMD_WOL_FILTER_SET_IN_LINK_MASK_OFST 8 +#define MC_CMD_WOL_FILTER_SET_IN_LINK_MASK_LEN 4 #define MC_CMD_WOL_FILTER_SET_IN_LINK_UP_LBN 0 #define MC_CMD_WOL_FILTER_SET_IN_LINK_UP_WIDTH 1 #define MC_CMD_WOL_FILTER_SET_IN_LINK_DOWN_LBN 1 @@ -6011,6 +4628,7 @@ /* MC_CMD_WOL_FILTER_SET_OUT msgresponse */ #define MC_CMD_WOL_FILTER_SET_OUT_LEN 4 #define MC_CMD_WOL_FILTER_SET_OUT_FILTER_ID_OFST 0 +#define MC_CMD_WOL_FILTER_SET_OUT_FILTER_ID_LEN 4 /***********************************/ @@ -6025,6 +4643,7 @@ /* MC_CMD_WOL_FILTER_REMOVE_IN msgrequest */ #define MC_CMD_WOL_FILTER_REMOVE_IN_LEN 4 #define MC_CMD_WOL_FILTER_REMOVE_IN_FILTER_ID_OFST 0 +#define MC_CMD_WOL_FILTER_REMOVE_IN_FILTER_ID_LEN 4 /* MC_CMD_WOL_FILTER_REMOVE_OUT msgresponse */ #define MC_CMD_WOL_FILTER_REMOVE_OUT_LEN 0 @@ -6043,6 +4662,7 @@ /* MC_CMD_WOL_FILTER_RESET_IN msgrequest */ #define MC_CMD_WOL_FILTER_RESET_IN_LEN 4 #define MC_CMD_WOL_FILTER_RESET_IN_MASK_OFST 0 +#define MC_CMD_WOL_FILTER_RESET_IN_MASK_LEN 4 #define MC_CMD_WOL_FILTER_RESET_IN_WAKE_FILTERS 0x1 /* enum */ #define MC_CMD_WOL_FILTER_RESET_IN_LIGHTSOUT_OFFLOADS 0x2 /* enum */ @@ -6084,6 +4704,7 @@ #define MC_CMD_NVRAM_TYPES_OUT_LEN 4 /* Bit mask of supported types. */ #define MC_CMD_NVRAM_TYPES_OUT_TYPES_OFST 0 +#define MC_CMD_NVRAM_TYPES_OUT_TYPES_LEN 4 /* enum: Disabled callisto. */ #define MC_CMD_NVRAM_TYPE_DISABLED_CALLISTO 0x0 /* enum: MC firmware. */ @@ -6141,21 +4762,28 @@ /* MC_CMD_NVRAM_INFO_IN msgrequest */ #define MC_CMD_NVRAM_INFO_IN_LEN 4 #define MC_CMD_NVRAM_INFO_IN_TYPE_OFST 0 +#define MC_CMD_NVRAM_INFO_IN_TYPE_LEN 4 /* Enum values, see field(s): */ /* MC_CMD_NVRAM_TYPES/MC_CMD_NVRAM_TYPES_OUT/TYPES */ /* MC_CMD_NVRAM_INFO_OUT msgresponse */ #define MC_CMD_NVRAM_INFO_OUT_LEN 24 #define MC_CMD_NVRAM_INFO_OUT_TYPE_OFST 0 +#define MC_CMD_NVRAM_INFO_OUT_TYPE_LEN 4 /* Enum values, see field(s): */ /* MC_CMD_NVRAM_TYPES/MC_CMD_NVRAM_TYPES_OUT/TYPES */ #define MC_CMD_NVRAM_INFO_OUT_SIZE_OFST 4 +#define MC_CMD_NVRAM_INFO_OUT_SIZE_LEN 4 #define MC_CMD_NVRAM_INFO_OUT_ERASESIZE_OFST 8 +#define MC_CMD_NVRAM_INFO_OUT_ERASESIZE_LEN 4 #define MC_CMD_NVRAM_INFO_OUT_FLAGS_OFST 12 +#define MC_CMD_NVRAM_INFO_OUT_FLAGS_LEN 4 #define MC_CMD_NVRAM_INFO_OUT_PROTECTED_LBN 0 #define MC_CMD_NVRAM_INFO_OUT_PROTECTED_WIDTH 1 #define MC_CMD_NVRAM_INFO_OUT_TLV_LBN 1 #define MC_CMD_NVRAM_INFO_OUT_TLV_WIDTH 1 +#define MC_CMD_NVRAM_INFO_OUT_READ_ONLY_IF_TSA_BOUND_LBN 2 +#define MC_CMD_NVRAM_INFO_OUT_READ_ONLY_IF_TSA_BOUND_WIDTH 1 #define MC_CMD_NVRAM_INFO_OUT_READ_ONLY_LBN 5 #define MC_CMD_NVRAM_INFO_OUT_READ_ONLY_WIDTH 1 #define MC_CMD_NVRAM_INFO_OUT_CMAC_LBN 6 @@ -6163,36 +4791,51 @@ #define MC_CMD_NVRAM_INFO_OUT_A_B_LBN 7 #define MC_CMD_NVRAM_INFO_OUT_A_B_WIDTH 1 #define MC_CMD_NVRAM_INFO_OUT_PHYSDEV_OFST 16 +#define MC_CMD_NVRAM_INFO_OUT_PHYSDEV_LEN 4 #define MC_CMD_NVRAM_INFO_OUT_PHYSADDR_OFST 20 +#define MC_CMD_NVRAM_INFO_OUT_PHYSADDR_LEN 4 /* MC_CMD_NVRAM_INFO_V2_OUT msgresponse */ #define MC_CMD_NVRAM_INFO_V2_OUT_LEN 28 #define MC_CMD_NVRAM_INFO_V2_OUT_TYPE_OFST 0 +#define MC_CMD_NVRAM_INFO_V2_OUT_TYPE_LEN 4 /* Enum values, see field(s): */ /* MC_CMD_NVRAM_TYPES/MC_CMD_NVRAM_TYPES_OUT/TYPES */ #define MC_CMD_NVRAM_INFO_V2_OUT_SIZE_OFST 4 +#define MC_CMD_NVRAM_INFO_V2_OUT_SIZE_LEN 4 #define MC_CMD_NVRAM_INFO_V2_OUT_ERASESIZE_OFST 8 +#define MC_CMD_NVRAM_INFO_V2_OUT_ERASESIZE_LEN 4 #define MC_CMD_NVRAM_INFO_V2_OUT_FLAGS_OFST 12 +#define MC_CMD_NVRAM_INFO_V2_OUT_FLAGS_LEN 4 #define MC_CMD_NVRAM_INFO_V2_OUT_PROTECTED_LBN 0 #define MC_CMD_NVRAM_INFO_V2_OUT_PROTECTED_WIDTH 1 #define MC_CMD_NVRAM_INFO_V2_OUT_TLV_LBN 1 #define MC_CMD_NVRAM_INFO_V2_OUT_TLV_WIDTH 1 +#define MC_CMD_NVRAM_INFO_V2_OUT_READ_ONLY_IF_TSA_BOUND_LBN 2 +#define MC_CMD_NVRAM_INFO_V2_OUT_READ_ONLY_IF_TSA_BOUND_WIDTH 1 #define MC_CMD_NVRAM_INFO_V2_OUT_READ_ONLY_LBN 5 #define MC_CMD_NVRAM_INFO_V2_OUT_READ_ONLY_WIDTH 1 #define MC_CMD_NVRAM_INFO_V2_OUT_A_B_LBN 7 #define MC_CMD_NVRAM_INFO_V2_OUT_A_B_WIDTH 1 #define MC_CMD_NVRAM_INFO_V2_OUT_PHYSDEV_OFST 16 +#define MC_CMD_NVRAM_INFO_V2_OUT_PHYSDEV_LEN 4 #define MC_CMD_NVRAM_INFO_V2_OUT_PHYSADDR_OFST 20 +#define MC_CMD_NVRAM_INFO_V2_OUT_PHYSADDR_LEN 4 /* Writes must be multiples of this size. Added to support the MUM on Sorrento. */ #define MC_CMD_NVRAM_INFO_V2_OUT_WRITESIZE_OFST 24 +#define MC_CMD_NVRAM_INFO_V2_OUT_WRITESIZE_LEN 4 /***********************************/ /* MC_CMD_NVRAM_UPDATE_START * Start a group of update operations on a virtual NVRAM partition. Locks * required: PHY_LOCK if type==*PHY*. Returns: 0, EINVAL (bad type), EACCES (if - * PHY_LOCK required and not held). + * PHY_LOCK required and not held). In an adapter bound to a TSA controller, + * MC_CMD_NVRAM_UPDATE_START can only be used on a subset of partition types + * i.e. static config, dynamic config and expansion ROM config. Attempting to + * perform this operation on a restricted partition will return the error + * EPERM. */ #define MC_CMD_NVRAM_UPDATE_START 0x38 #undef MC_CMD_0x38_PRIVILEGE_CTG @@ -6204,6 +4847,7 @@ */ #define MC_CMD_NVRAM_UPDATE_START_IN_LEN 4 #define MC_CMD_NVRAM_UPDATE_START_IN_TYPE_OFST 0 +#define MC_CMD_NVRAM_UPDATE_START_IN_TYPE_LEN 4 /* Enum values, see field(s): */ /* MC_CMD_NVRAM_TYPES/MC_CMD_NVRAM_TYPES_OUT/TYPES */ @@ -6214,9 +4858,11 @@ */ #define MC_CMD_NVRAM_UPDATE_START_V2_IN_LEN 8 #define MC_CMD_NVRAM_UPDATE_START_V2_IN_TYPE_OFST 0 +#define MC_CMD_NVRAM_UPDATE_START_V2_IN_TYPE_LEN 4 /* Enum values, see field(s): */ /* MC_CMD_NVRAM_TYPES/MC_CMD_NVRAM_TYPES_OUT/TYPES */ #define MC_CMD_NVRAM_UPDATE_START_V2_IN_FLAGS_OFST 4 +#define MC_CMD_NVRAM_UPDATE_START_V2_IN_FLAGS_LEN 4 #define MC_CMD_NVRAM_UPDATE_START_V2_IN_FLAG_REPORT_VERIFY_RESULT_LBN 0 #define MC_CMD_NVRAM_UPDATE_START_V2_IN_FLAG_REPORT_VERIFY_RESULT_WIDTH 1 @@ -6238,20 +4884,26 @@ /* MC_CMD_NVRAM_READ_IN msgrequest */ #define MC_CMD_NVRAM_READ_IN_LEN 12 #define MC_CMD_NVRAM_READ_IN_TYPE_OFST 0 +#define MC_CMD_NVRAM_READ_IN_TYPE_LEN 4 /* Enum values, see field(s): */ /* MC_CMD_NVRAM_TYPES/MC_CMD_NVRAM_TYPES_OUT/TYPES */ #define MC_CMD_NVRAM_READ_IN_OFFSET_OFST 4 +#define MC_CMD_NVRAM_READ_IN_OFFSET_LEN 4 /* amount to read in bytes */ #define MC_CMD_NVRAM_READ_IN_LENGTH_OFST 8 +#define MC_CMD_NVRAM_READ_IN_LENGTH_LEN 4 /* MC_CMD_NVRAM_READ_IN_V2 msgrequest */ #define MC_CMD_NVRAM_READ_IN_V2_LEN 16 #define MC_CMD_NVRAM_READ_IN_V2_TYPE_OFST 0 +#define MC_CMD_NVRAM_READ_IN_V2_TYPE_LEN 4 /* Enum values, see field(s): */ /* MC_CMD_NVRAM_TYPES/MC_CMD_NVRAM_TYPES_OUT/TYPES */ #define MC_CMD_NVRAM_READ_IN_V2_OFFSET_OFST 4 +#define MC_CMD_NVRAM_READ_IN_V2_OFFSET_LEN 4 /* amount to read in bytes */ #define MC_CMD_NVRAM_READ_IN_V2_LENGTH_OFST 8 +#define MC_CMD_NVRAM_READ_IN_V2_LENGTH_LEN 4 /* Optional control info. If a partition is stored with an A/B versioning * scheme (i.e. in more than one physical partition in NVRAM) the host can set * this to control which underlying physical partition is used to read data @@ -6261,6 +4913,7 @@ * verifying by reading with MODE=TARGET_BACKUP. */ #define MC_CMD_NVRAM_READ_IN_V2_MODE_OFST 12 +#define MC_CMD_NVRAM_READ_IN_V2_MODE_LEN 4 /* enum: Same as omitting MODE: caller sees data in current partition unless it * holds the write lock in which case it sees data in the partition it is * updating. @@ -6301,10 +4954,13 @@ #define MC_CMD_NVRAM_WRITE_IN_LENMAX 252 #define MC_CMD_NVRAM_WRITE_IN_LEN(num) (12+1*(num)) #define MC_CMD_NVRAM_WRITE_IN_TYPE_OFST 0 +#define MC_CMD_NVRAM_WRITE_IN_TYPE_LEN 4 /* Enum values, see field(s): */ /* MC_CMD_NVRAM_TYPES/MC_CMD_NVRAM_TYPES_OUT/TYPES */ #define MC_CMD_NVRAM_WRITE_IN_OFFSET_OFST 4 +#define MC_CMD_NVRAM_WRITE_IN_OFFSET_LEN 4 #define MC_CMD_NVRAM_WRITE_IN_LENGTH_OFST 8 +#define MC_CMD_NVRAM_WRITE_IN_LENGTH_LEN 4 #define MC_CMD_NVRAM_WRITE_IN_WRITE_BUFFER_OFST 12 #define MC_CMD_NVRAM_WRITE_IN_WRITE_BUFFER_LEN 1 #define MC_CMD_NVRAM_WRITE_IN_WRITE_BUFFER_MINNUM 1 @@ -6328,10 +4984,13 @@ /* MC_CMD_NVRAM_ERASE_IN msgrequest */ #define MC_CMD_NVRAM_ERASE_IN_LEN 12 #define MC_CMD_NVRAM_ERASE_IN_TYPE_OFST 0 +#define MC_CMD_NVRAM_ERASE_IN_TYPE_LEN 4 /* Enum values, see field(s): */ /* MC_CMD_NVRAM_TYPES/MC_CMD_NVRAM_TYPES_OUT/TYPES */ #define MC_CMD_NVRAM_ERASE_IN_OFFSET_OFST 4 +#define MC_CMD_NVRAM_ERASE_IN_OFFSET_LEN 4 #define MC_CMD_NVRAM_ERASE_IN_LENGTH_OFST 8 +#define MC_CMD_NVRAM_ERASE_IN_LENGTH_LEN 4 /* MC_CMD_NVRAM_ERASE_OUT msgresponse */ #define MC_CMD_NVRAM_ERASE_OUT_LEN 0 @@ -6340,8 +4999,12 @@ /***********************************/ /* MC_CMD_NVRAM_UPDATE_FINISH * Finish a group of update operations on a virtual NVRAM partition. Locks - * required: PHY_LOCK if type==*PHY*. Returns: 0, EINVAL (bad - * type/offset/length), EACCES (if PHY_LOCK required and not held) + * required: PHY_LOCK if type==*PHY*. Returns: 0, EINVAL (bad type/offset/ + * length), EACCES (if PHY_LOCK required and not held). In an adapter bound to + * a TSA controller, MC_CMD_NVRAM_UPDATE_FINISH can only be used on a subset of + * partition types i.e. static config, dynamic config and expansion ROM config. + * Attempting to perform this operation on a restricted partition will return + * the error EPERM. */ #define MC_CMD_NVRAM_UPDATE_FINISH 0x3c #undef MC_CMD_0x3c_PRIVILEGE_CTG @@ -6353,9 +5016,11 @@ */ #define MC_CMD_NVRAM_UPDATE_FINISH_IN_LEN 8 #define MC_CMD_NVRAM_UPDATE_FINISH_IN_TYPE_OFST 0 +#define MC_CMD_NVRAM_UPDATE_FINISH_IN_TYPE_LEN 4 /* Enum values, see field(s): */ /* MC_CMD_NVRAM_TYPES/MC_CMD_NVRAM_TYPES_OUT/TYPES */ #define MC_CMD_NVRAM_UPDATE_FINISH_IN_REBOOT_OFST 4 +#define MC_CMD_NVRAM_UPDATE_FINISH_IN_REBOOT_LEN 4 /* MC_CMD_NVRAM_UPDATE_FINISH_V2_IN msgrequest: Extended NVRAM_UPDATE_FINISH * request with additional flags indicating version of NVRAM_UPDATE commands in @@ -6364,10 +5029,13 @@ */ #define MC_CMD_NVRAM_UPDATE_FINISH_V2_IN_LEN 12 #define MC_CMD_NVRAM_UPDATE_FINISH_V2_IN_TYPE_OFST 0 +#define MC_CMD_NVRAM_UPDATE_FINISH_V2_IN_TYPE_LEN 4 /* Enum values, see field(s): */ /* MC_CMD_NVRAM_TYPES/MC_CMD_NVRAM_TYPES_OUT/TYPES */ #define MC_CMD_NVRAM_UPDATE_FINISH_V2_IN_REBOOT_OFST 4 +#define MC_CMD_NVRAM_UPDATE_FINISH_V2_IN_REBOOT_LEN 4 #define MC_CMD_NVRAM_UPDATE_FINISH_V2_IN_FLAGS_OFST 8 +#define MC_CMD_NVRAM_UPDATE_FINISH_V2_IN_FLAGS_LEN 4 #define MC_CMD_NVRAM_UPDATE_FINISH_V2_IN_FLAG_REPORT_VERIFY_RESULT_LBN 0 #define MC_CMD_NVRAM_UPDATE_FINISH_V2_IN_FLAG_REPORT_VERIFY_RESULT_WIDTH 1 @@ -6394,6 +5062,7 @@ #define MC_CMD_NVRAM_UPDATE_FINISH_V2_OUT_LEN 4 /* Result of nvram update completion processing */ #define MC_CMD_NVRAM_UPDATE_FINISH_V2_OUT_RESULT_CODE_OFST 0 +#define MC_CMD_NVRAM_UPDATE_FINISH_V2_OUT_RESULT_CODE_LEN 4 /* enum: Invalid return code; only non-zero values are defined. Defined as * unknown for backwards compatibility with NVRAM_UPDATE_FINISH_OUT. */ @@ -6428,6 +5097,8 @@ * only production signed images. */ #define MC_CMD_NVRAM_VERIFY_RC_REJECT_TEST_SIGNED 0xc +/* enum: The image has a lower security level than the current firmware. */ +#define MC_CMD_NVRAM_VERIFY_RC_SECURITY_LEVEL_DOWNGRADE 0xd /***********************************/ @@ -6451,11 +5122,12 @@ #define MC_CMD_REBOOT 0x3d #undef MC_CMD_0x3d_PRIVILEGE_CTG -#define MC_CMD_0x3d_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0x3d_PRIVILEGE_CTG SRIOV_CTG_ADMIN_TSA_UNBOUND /* MC_CMD_REBOOT_IN msgrequest */ #define MC_CMD_REBOOT_IN_LEN 4 #define MC_CMD_REBOOT_IN_FLAGS_OFST 0 +#define MC_CMD_REBOOT_IN_FLAGS_LEN 4 #define MC_CMD_REBOOT_FLAGS_AFTER_ASSERTION 0x1 /* enum */ /* MC_CMD_REBOOT_OUT msgresponse */ @@ -6494,11 +5166,12 @@ #define MC_CMD_REBOOT_MODE 0x3f #undef MC_CMD_0x3f_PRIVILEGE_CTG -#define MC_CMD_0x3f_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0x3f_PRIVILEGE_CTG SRIOV_CTG_INSECURE /* MC_CMD_REBOOT_MODE_IN msgrequest */ #define MC_CMD_REBOOT_MODE_IN_LEN 4 #define MC_CMD_REBOOT_MODE_IN_VALUE_OFST 0 +#define MC_CMD_REBOOT_MODE_IN_VALUE_LEN 4 /* enum: Normal. */ #define MC_CMD_REBOOT_MODE_NORMAL 0x0 /* enum: Power-on Reset. */ @@ -6513,6 +5186,7 @@ /* MC_CMD_REBOOT_MODE_OUT msgresponse */ #define MC_CMD_REBOOT_MODE_OUT_LEN 4 #define MC_CMD_REBOOT_MODE_OUT_VALUE_OFST 0 +#define MC_CMD_REBOOT_MODE_OUT_VALUE_LEN 4 /***********************************/ @@ -6549,7 +5223,7 @@ #define MC_CMD_SENSOR_INFO 0x41 #undef MC_CMD_0x41_PRIVILEGE_CTG -#define MC_CMD_0x41_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0x41_PRIVILEGE_CTG SRIOV_CTG_GENERAL /* MC_CMD_SENSOR_INFO_IN msgrequest */ #define MC_CMD_SENSOR_INFO_IN_LEN 0 @@ -6563,174 +5237,190 @@ * Page 1 contains sensors 32 to 62 (sensor 63 is the next page bit). etc. */ #define MC_CMD_SENSOR_INFO_EXT_IN_PAGE_OFST 0 +#define MC_CMD_SENSOR_INFO_EXT_IN_PAGE_LEN 4 /* MC_CMD_SENSOR_INFO_OUT msgresponse */ #define MC_CMD_SENSOR_INFO_OUT_LENMIN 4 #define MC_CMD_SENSOR_INFO_OUT_LENMAX 252 #define MC_CMD_SENSOR_INFO_OUT_LEN(num) (4+8*(num)) #define MC_CMD_SENSOR_INFO_OUT_MASK_OFST 0 +#define MC_CMD_SENSOR_INFO_OUT_MASK_LEN 4 /* enum: Controller temperature: degC */ -#define MC_CMD_SENSOR_CONTROLLER_TEMP 0x0 +#define MC_CMD_SENSOR_CONTROLLER_TEMP 0x0 /* enum: Phy common temperature: degC */ -#define MC_CMD_SENSOR_PHY_COMMON_TEMP 0x1 +#define MC_CMD_SENSOR_PHY_COMMON_TEMP 0x1 /* enum: Controller cooling: bool */ -#define MC_CMD_SENSOR_CONTROLLER_COOLING 0x2 +#define MC_CMD_SENSOR_CONTROLLER_COOLING 0x2 /* enum: Phy 0 temperature: degC */ -#define MC_CMD_SENSOR_PHY0_TEMP 0x3 +#define MC_CMD_SENSOR_PHY0_TEMP 0x3 /* enum: Phy 0 cooling: bool */ -#define MC_CMD_SENSOR_PHY0_COOLING 0x4 +#define MC_CMD_SENSOR_PHY0_COOLING 0x4 /* enum: Phy 1 temperature: degC */ -#define MC_CMD_SENSOR_PHY1_TEMP 0x5 +#define MC_CMD_SENSOR_PHY1_TEMP 0x5 /* enum: Phy 1 cooling: bool */ -#define MC_CMD_SENSOR_PHY1_COOLING 0x6 +#define MC_CMD_SENSOR_PHY1_COOLING 0x6 /* enum: 1.0v power: mV */ -#define MC_CMD_SENSOR_IN_1V0 0x7 +#define MC_CMD_SENSOR_IN_1V0 0x7 /* enum: 1.2v power: mV */ -#define MC_CMD_SENSOR_IN_1V2 0x8 +#define MC_CMD_SENSOR_IN_1V2 0x8 /* enum: 1.8v power: mV */ -#define MC_CMD_SENSOR_IN_1V8 0x9 +#define MC_CMD_SENSOR_IN_1V8 0x9 /* enum: 2.5v power: mV */ -#define MC_CMD_SENSOR_IN_2V5 0xa +#define MC_CMD_SENSOR_IN_2V5 0xa /* enum: 3.3v power: mV */ -#define MC_CMD_SENSOR_IN_3V3 0xb +#define MC_CMD_SENSOR_IN_3V3 0xb /* enum: 12v power: mV */ -#define MC_CMD_SENSOR_IN_12V0 0xc +#define MC_CMD_SENSOR_IN_12V0 0xc /* enum: 1.2v analogue power: mV */ -#define MC_CMD_SENSOR_IN_1V2A 0xd +#define MC_CMD_SENSOR_IN_1V2A 0xd /* enum: reference voltage: mV */ -#define MC_CMD_SENSOR_IN_VREF 0xe +#define MC_CMD_SENSOR_IN_VREF 0xe /* enum: AOE FPGA power: mV */ -#define MC_CMD_SENSOR_OUT_VAOE 0xf +#define MC_CMD_SENSOR_OUT_VAOE 0xf /* enum: AOE FPGA temperature: degC */ -#define MC_CMD_SENSOR_AOE_TEMP 0x10 +#define MC_CMD_SENSOR_AOE_TEMP 0x10 /* enum: AOE FPGA PSU temperature: degC */ -#define MC_CMD_SENSOR_PSU_AOE_TEMP 0x11 +#define MC_CMD_SENSOR_PSU_AOE_TEMP 0x11 /* enum: AOE PSU temperature: degC */ -#define MC_CMD_SENSOR_PSU_TEMP 0x12 +#define MC_CMD_SENSOR_PSU_TEMP 0x12 /* enum: Fan 0 speed: RPM */ -#define MC_CMD_SENSOR_FAN_0 0x13 +#define MC_CMD_SENSOR_FAN_0 0x13 /* enum: Fan 1 speed: RPM */ -#define MC_CMD_SENSOR_FAN_1 0x14 +#define MC_CMD_SENSOR_FAN_1 0x14 /* enum: Fan 2 speed: RPM */ -#define MC_CMD_SENSOR_FAN_2 0x15 +#define MC_CMD_SENSOR_FAN_2 0x15 /* enum: Fan 3 speed: RPM */ -#define MC_CMD_SENSOR_FAN_3 0x16 +#define MC_CMD_SENSOR_FAN_3 0x16 /* enum: Fan 4 speed: RPM */ -#define MC_CMD_SENSOR_FAN_4 0x17 +#define MC_CMD_SENSOR_FAN_4 0x17 /* enum: AOE FPGA input power: mV */ -#define MC_CMD_SENSOR_IN_VAOE 0x18 +#define MC_CMD_SENSOR_IN_VAOE 0x18 /* enum: AOE FPGA current: mA */ -#define MC_CMD_SENSOR_OUT_IAOE 0x19 +#define MC_CMD_SENSOR_OUT_IAOE 0x19 /* enum: AOE FPGA input current: mA */ -#define MC_CMD_SENSOR_IN_IAOE 0x1a +#define MC_CMD_SENSOR_IN_IAOE 0x1a /* enum: NIC power consumption: W */ -#define MC_CMD_SENSOR_NIC_POWER 0x1b +#define MC_CMD_SENSOR_NIC_POWER 0x1b /* enum: 0.9v power voltage: mV */ -#define MC_CMD_SENSOR_IN_0V9 0x1c +#define MC_CMD_SENSOR_IN_0V9 0x1c /* enum: 0.9v power current: mA */ -#define MC_CMD_SENSOR_IN_I0V9 0x1d +#define MC_CMD_SENSOR_IN_I0V9 0x1d /* enum: 1.2v power current: mA */ -#define MC_CMD_SENSOR_IN_I1V2 0x1e +#define MC_CMD_SENSOR_IN_I1V2 0x1e /* enum: Not a sensor: reserved for the next page flag */ -#define MC_CMD_SENSOR_PAGE0_NEXT 0x1f +#define MC_CMD_SENSOR_PAGE0_NEXT 0x1f /* enum: 0.9v power voltage (at ADC): mV */ -#define MC_CMD_SENSOR_IN_0V9_ADC 0x20 +#define MC_CMD_SENSOR_IN_0V9_ADC 0x20 /* enum: Controller temperature 2: degC */ -#define MC_CMD_SENSOR_CONTROLLER_2_TEMP 0x21 +#define MC_CMD_SENSOR_CONTROLLER_2_TEMP 0x21 /* enum: Voltage regulator internal temperature: degC */ -#define MC_CMD_SENSOR_VREG_INTERNAL_TEMP 0x22 +#define MC_CMD_SENSOR_VREG_INTERNAL_TEMP 0x22 /* enum: 0.9V voltage regulator temperature: degC */ -#define MC_CMD_SENSOR_VREG_0V9_TEMP 0x23 +#define MC_CMD_SENSOR_VREG_0V9_TEMP 0x23 /* enum: 1.2V voltage regulator temperature: degC */ -#define MC_CMD_SENSOR_VREG_1V2_TEMP 0x24 +#define MC_CMD_SENSOR_VREG_1V2_TEMP 0x24 /* enum: controller internal temperature sensor voltage (internal ADC): mV */ -#define MC_CMD_SENSOR_CONTROLLER_VPTAT 0x25 +#define MC_CMD_SENSOR_CONTROLLER_VPTAT 0x25 /* enum: controller internal temperature (internal ADC): degC */ -#define MC_CMD_SENSOR_CONTROLLER_INTERNAL_TEMP 0x26 +#define MC_CMD_SENSOR_CONTROLLER_INTERNAL_TEMP 0x26 /* enum: controller internal temperature sensor voltage (external ADC): mV */ -#define MC_CMD_SENSOR_CONTROLLER_VPTAT_EXTADC 0x27 +#define MC_CMD_SENSOR_CONTROLLER_VPTAT_EXTADC 0x27 /* enum: controller internal temperature (external ADC): degC */ -#define MC_CMD_SENSOR_CONTROLLER_INTERNAL_TEMP_EXTADC 0x28 +#define MC_CMD_SENSOR_CONTROLLER_INTERNAL_TEMP_EXTADC 0x28 /* enum: ambient temperature: degC */ -#define MC_CMD_SENSOR_AMBIENT_TEMP 0x29 +#define MC_CMD_SENSOR_AMBIENT_TEMP 0x29 /* enum: air flow: bool */ -#define MC_CMD_SENSOR_AIRFLOW 0x2a +#define MC_CMD_SENSOR_AIRFLOW 0x2a /* enum: voltage between VSS08D and VSS08D at CSR: mV */ -#define MC_CMD_SENSOR_VDD08D_VSS08D_CSR 0x2b +#define MC_CMD_SENSOR_VDD08D_VSS08D_CSR 0x2b /* enum: voltage between VSS08D and VSS08D at CSR (external ADC): mV */ -#define MC_CMD_SENSOR_VDD08D_VSS08D_CSR_EXTADC 0x2c +#define MC_CMD_SENSOR_VDD08D_VSS08D_CSR_EXTADC 0x2c /* enum: Hotpoint temperature: degC */ -#define MC_CMD_SENSOR_HOTPOINT_TEMP 0x2d +#define MC_CMD_SENSOR_HOTPOINT_TEMP 0x2d /* enum: Port 0 PHY power switch over-current: bool */ -#define MC_CMD_SENSOR_PHY_POWER_PORT0 0x2e +#define MC_CMD_SENSOR_PHY_POWER_PORT0 0x2e /* enum: Port 1 PHY power switch over-current: bool */ -#define MC_CMD_SENSOR_PHY_POWER_PORT1 0x2f -/* enum: Mop-up microcontroller reference voltage (millivolts) */ -#define MC_CMD_SENSOR_MUM_VCC 0x30 +#define MC_CMD_SENSOR_PHY_POWER_PORT1 0x2f +/* enum: Mop-up microcontroller reference voltage: mV */ +#define MC_CMD_SENSOR_MUM_VCC 0x30 /* enum: 0.9v power phase A voltage: mV */ -#define MC_CMD_SENSOR_IN_0V9_A 0x31 +#define MC_CMD_SENSOR_IN_0V9_A 0x31 /* enum: 0.9v power phase A current: mA */ -#define MC_CMD_SENSOR_IN_I0V9_A 0x32 +#define MC_CMD_SENSOR_IN_I0V9_A 0x32 /* enum: 0.9V voltage regulator phase A temperature: degC */ -#define MC_CMD_SENSOR_VREG_0V9_A_TEMP 0x33 +#define MC_CMD_SENSOR_VREG_0V9_A_TEMP 0x33 /* enum: 0.9v power phase B voltage: mV */ -#define MC_CMD_SENSOR_IN_0V9_B 0x34 +#define MC_CMD_SENSOR_IN_0V9_B 0x34 /* enum: 0.9v power phase B current: mA */ -#define MC_CMD_SENSOR_IN_I0V9_B 0x35 +#define MC_CMD_SENSOR_IN_I0V9_B 0x35 /* enum: 0.9V voltage regulator phase B temperature: degC */ -#define MC_CMD_SENSOR_VREG_0V9_B_TEMP 0x36 +#define MC_CMD_SENSOR_VREG_0V9_B_TEMP 0x36 /* enum: CCOM AVREG 1v2 supply (interval ADC): mV */ -#define MC_CMD_SENSOR_CCOM_AVREG_1V2_SUPPLY 0x37 +#define MC_CMD_SENSOR_CCOM_AVREG_1V2_SUPPLY 0x37 /* enum: CCOM AVREG 1v2 supply (external ADC): mV */ -#define MC_CMD_SENSOR_CCOM_AVREG_1V2_SUPPLY_EXTADC 0x38 +#define MC_CMD_SENSOR_CCOM_AVREG_1V2_SUPPLY_EXTADC 0x38 /* enum: CCOM AVREG 1v8 supply (interval ADC): mV */ -#define MC_CMD_SENSOR_CCOM_AVREG_1V8_SUPPLY 0x39 +#define MC_CMD_SENSOR_CCOM_AVREG_1V8_SUPPLY 0x39 /* enum: CCOM AVREG 1v8 supply (external ADC): mV */ -#define MC_CMD_SENSOR_CCOM_AVREG_1V8_SUPPLY_EXTADC 0x3a +#define MC_CMD_SENSOR_CCOM_AVREG_1V8_SUPPLY_EXTADC 0x3a /* enum: CCOM RTS temperature: degC */ -#define MC_CMD_SENSOR_CONTROLLER_RTS 0x3b +#define MC_CMD_SENSOR_CONTROLLER_RTS 0x3b /* enum: Not a sensor: reserved for the next page flag */ -#define MC_CMD_SENSOR_PAGE1_NEXT 0x3f +#define MC_CMD_SENSOR_PAGE1_NEXT 0x3f /* enum: controller internal temperature sensor voltage on master core * (internal ADC): mV */ -#define MC_CMD_SENSOR_CONTROLLER_MASTER_VPTAT 0x40 +#define MC_CMD_SENSOR_CONTROLLER_MASTER_VPTAT 0x40 /* enum: controller internal temperature on master core (internal ADC): degC */ -#define MC_CMD_SENSOR_CONTROLLER_MASTER_INTERNAL_TEMP 0x41 +#define MC_CMD_SENSOR_CONTROLLER_MASTER_INTERNAL_TEMP 0x41 /* enum: controller internal temperature sensor voltage on master core * (external ADC): mV */ -#define MC_CMD_SENSOR_CONTROLLER_MASTER_VPTAT_EXTADC 0x42 +#define MC_CMD_SENSOR_CONTROLLER_MASTER_VPTAT_EXTADC 0x42 /* enum: controller internal temperature on master core (external ADC): degC */ -#define MC_CMD_SENSOR_CONTROLLER_MASTER_INTERNAL_TEMP_EXTADC 0x43 +#define MC_CMD_SENSOR_CONTROLLER_MASTER_INTERNAL_TEMP_EXTADC 0x43 /* enum: controller internal temperature on slave core sensor voltage (internal * ADC): mV */ -#define MC_CMD_SENSOR_CONTROLLER_SLAVE_VPTAT 0x44 +#define MC_CMD_SENSOR_CONTROLLER_SLAVE_VPTAT 0x44 /* enum: controller internal temperature on slave core (internal ADC): degC */ -#define MC_CMD_SENSOR_CONTROLLER_SLAVE_INTERNAL_TEMP 0x45 +#define MC_CMD_SENSOR_CONTROLLER_SLAVE_INTERNAL_TEMP 0x45 /* enum: controller internal temperature on slave core sensor voltage (external * ADC): mV */ -#define MC_CMD_SENSOR_CONTROLLER_SLAVE_VPTAT_EXTADC 0x46 +#define MC_CMD_SENSOR_CONTROLLER_SLAVE_VPTAT_EXTADC 0x46 /* enum: controller internal temperature on slave core (external ADC): degC */ -#define MC_CMD_SENSOR_CONTROLLER_SLAVE_INTERNAL_TEMP_EXTADC 0x47 +#define MC_CMD_SENSOR_CONTROLLER_SLAVE_INTERNAL_TEMP_EXTADC 0x47 /* enum: Voltage supplied to the SODIMMs from their power supply: mV */ -#define MC_CMD_SENSOR_SODIMM_VOUT 0x49 +#define MC_CMD_SENSOR_SODIMM_VOUT 0x49 /* enum: Temperature of SODIMM 0 (if installed): degC */ -#define MC_CMD_SENSOR_SODIMM_0_TEMP 0x4a +#define MC_CMD_SENSOR_SODIMM_0_TEMP 0x4a /* enum: Temperature of SODIMM 1 (if installed): degC */ -#define MC_CMD_SENSOR_SODIMM_1_TEMP 0x4b +#define MC_CMD_SENSOR_SODIMM_1_TEMP 0x4b /* enum: Voltage supplied to the QSFP #0 from their power supply: mV */ -#define MC_CMD_SENSOR_PHY0_VCC 0x4c +#define MC_CMD_SENSOR_PHY0_VCC 0x4c /* enum: Voltage supplied to the QSFP #1 from their power supply: mV */ -#define MC_CMD_SENSOR_PHY1_VCC 0x4d +#define MC_CMD_SENSOR_PHY1_VCC 0x4d /* enum: Controller die temperature (TDIODE): degC */ -#define MC_CMD_SENSOR_CONTROLLER_TDIODE_TEMP 0x4e +#define MC_CMD_SENSOR_CONTROLLER_TDIODE_TEMP 0x4e /* enum: Board temperature (front): degC */ -#define MC_CMD_SENSOR_BOARD_FRONT_TEMP 0x4f +#define MC_CMD_SENSOR_BOARD_FRONT_TEMP 0x4f /* enum: Board temperature (back): degC */ -#define MC_CMD_SENSOR_BOARD_BACK_TEMP 0x50 +#define MC_CMD_SENSOR_BOARD_BACK_TEMP 0x50 +/* enum: 1.8v power current: mA */ +#define MC_CMD_SENSOR_IN_I1V8 0x51 +/* enum: 2.5v power current: mA */ +#define MC_CMD_SENSOR_IN_I2V5 0x52 +/* enum: 3.3v power current: mA */ +#define MC_CMD_SENSOR_IN_I3V3 0x53 +/* enum: 12v power current: mA */ +#define MC_CMD_SENSOR_IN_I12V0 0x54 +/* enum: 1.3v power: mV */ +#define MC_CMD_SENSOR_IN_1V3 0x55 +/* enum: 1.3v power current: mA */ +#define MC_CMD_SENSOR_IN_I1V3 0x56 +/* enum: Not a sensor: reserved for the next page flag */ +#define MC_CMD_SENSOR_PAGE2_NEXT 0x5f /* MC_CMD_SENSOR_INFO_ENTRY_TYPEDEF */ #define MC_CMD_SENSOR_ENTRY_OFST 4 #define MC_CMD_SENSOR_ENTRY_LEN 8 @@ -6744,6 +5434,7 @@ #define MC_CMD_SENSOR_INFO_EXT_OUT_LENMAX 252 #define MC_CMD_SENSOR_INFO_EXT_OUT_LEN(num) (4+8*(num)) #define MC_CMD_SENSOR_INFO_EXT_OUT_MASK_OFST 0 +#define MC_CMD_SENSOR_INFO_EXT_OUT_MASK_LEN 4 /* Enum values, see field(s): */ /* MC_CMD_SENSOR_INFO_OUT */ #define MC_CMD_SENSOR_INFO_EXT_OUT_NEXT_PAGE_LBN 31 @@ -6796,7 +5487,7 @@ #define MC_CMD_READ_SENSORS 0x42 #undef MC_CMD_0x42_PRIVILEGE_CTG -#define MC_CMD_0x42_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0x42_PRIVILEGE_CTG SRIOV_CTG_GENERAL /* MC_CMD_READ_SENSORS_IN msgrequest */ #define MC_CMD_READ_SENSORS_IN_LEN 8 @@ -6815,6 +5506,7 @@ #define MC_CMD_READ_SENSORS_EXT_IN_DMA_ADDR_HI_OFST 4 /* Size in bytes of host buffer. */ #define MC_CMD_READ_SENSORS_EXT_IN_LENGTH_OFST 8 +#define MC_CMD_READ_SENSORS_EXT_IN_LENGTH_LEN 4 /* MC_CMD_READ_SENSORS_OUT msgresponse */ #define MC_CMD_READ_SENSORS_OUT_LEN 0 @@ -6831,17 +5523,17 @@ #define MC_CMD_SENSOR_VALUE_ENTRY_TYPEDEF_STATE_OFST 2 #define MC_CMD_SENSOR_VALUE_ENTRY_TYPEDEF_STATE_LEN 1 /* enum: Ok. */ -#define MC_CMD_SENSOR_STATE_OK 0x0 +#define MC_CMD_SENSOR_STATE_OK 0x0 /* enum: Breached warning threshold. */ -#define MC_CMD_SENSOR_STATE_WARNING 0x1 +#define MC_CMD_SENSOR_STATE_WARNING 0x1 /* enum: Breached fatal threshold. */ -#define MC_CMD_SENSOR_STATE_FATAL 0x2 +#define MC_CMD_SENSOR_STATE_FATAL 0x2 /* enum: Fault with sensor. */ -#define MC_CMD_SENSOR_STATE_BROKEN 0x3 +#define MC_CMD_SENSOR_STATE_BROKEN 0x3 /* enum: Sensor is working but does not currently have a reading. */ -#define MC_CMD_SENSOR_STATE_NO_READING 0x4 +#define MC_CMD_SENSOR_STATE_NO_READING 0x4 /* enum: Sensor initialisation failed. */ -#define MC_CMD_SENSOR_STATE_INIT_FAILED 0x5 +#define MC_CMD_SENSOR_STATE_INIT_FAILED 0x5 #define MC_CMD_SENSOR_VALUE_ENTRY_TYPEDEF_STATE_LBN 16 #define MC_CMD_SENSOR_VALUE_ENTRY_TYPEDEF_STATE_WIDTH 8 #define MC_CMD_SENSOR_VALUE_ENTRY_TYPEDEF_TYPE_OFST 3 @@ -6869,6 +5561,7 @@ /* MC_CMD_GET_PHY_STATE_OUT msgresponse */ #define MC_CMD_GET_PHY_STATE_OUT_LEN 4 #define MC_CMD_GET_PHY_STATE_OUT_STATE_OFST 0 +#define MC_CMD_GET_PHY_STATE_OUT_STATE_LEN 4 /* enum: Ok. */ #define MC_CMD_PHY_STATE_OK 0x1 /* enum: Faulty. */ @@ -6906,6 +5599,7 @@ /* MC_CMD_WOL_FILTER_GET_OUT msgresponse */ #define MC_CMD_WOL_FILTER_GET_OUT_LEN 4 #define MC_CMD_WOL_FILTER_GET_OUT_FILTER_ID_OFST 0 +#define MC_CMD_WOL_FILTER_GET_OUT_FILTER_ID_LEN 4 /***********************************/ @@ -6923,8 +5617,9 @@ #define MC_CMD_ADD_LIGHTSOUT_OFFLOAD_IN_LENMAX 252 #define MC_CMD_ADD_LIGHTSOUT_OFFLOAD_IN_LEN(num) (4+4*(num)) #define MC_CMD_ADD_LIGHTSOUT_OFFLOAD_IN_PROTOCOL_OFST 0 +#define MC_CMD_ADD_LIGHTSOUT_OFFLOAD_IN_PROTOCOL_LEN 4 #define MC_CMD_LIGHTSOUT_OFFLOAD_PROTOCOL_ARP 0x1 /* enum */ -#define MC_CMD_LIGHTSOUT_OFFLOAD_PROTOCOL_NS 0x2 /* enum */ +#define MC_CMD_LIGHTSOUT_OFFLOAD_PROTOCOL_NS 0x2 /* enum */ #define MC_CMD_ADD_LIGHTSOUT_OFFLOAD_IN_DATA_OFST 4 #define MC_CMD_ADD_LIGHTSOUT_OFFLOAD_IN_DATA_LEN 4 #define MC_CMD_ADD_LIGHTSOUT_OFFLOAD_IN_DATA_MINNUM 1 @@ -6933,13 +5628,16 @@ /* MC_CMD_ADD_LIGHTSOUT_OFFLOAD_IN_ARP msgrequest */ #define MC_CMD_ADD_LIGHTSOUT_OFFLOAD_IN_ARP_LEN 14 /* MC_CMD_ADD_LIGHTSOUT_OFFLOAD_IN_PROTOCOL_OFST 0 */ +/* MC_CMD_ADD_LIGHTSOUT_OFFLOAD_IN_PROTOCOL_LEN 4 */ #define MC_CMD_ADD_LIGHTSOUT_OFFLOAD_IN_ARP_MAC_OFST 4 #define MC_CMD_ADD_LIGHTSOUT_OFFLOAD_IN_ARP_MAC_LEN 6 #define MC_CMD_ADD_LIGHTSOUT_OFFLOAD_IN_ARP_IP_OFST 10 +#define MC_CMD_ADD_LIGHTSOUT_OFFLOAD_IN_ARP_IP_LEN 4 /* MC_CMD_ADD_LIGHTSOUT_OFFLOAD_IN_NS msgrequest */ #define MC_CMD_ADD_LIGHTSOUT_OFFLOAD_IN_NS_LEN 42 /* MC_CMD_ADD_LIGHTSOUT_OFFLOAD_IN_PROTOCOL_OFST 0 */ +/* MC_CMD_ADD_LIGHTSOUT_OFFLOAD_IN_PROTOCOL_LEN 4 */ #define MC_CMD_ADD_LIGHTSOUT_OFFLOAD_IN_NS_MAC_OFST 4 #define MC_CMD_ADD_LIGHTSOUT_OFFLOAD_IN_NS_MAC_LEN 6 #define MC_CMD_ADD_LIGHTSOUT_OFFLOAD_IN_NS_SNIPV6_OFST 10 @@ -6950,6 +5648,7 @@ /* MC_CMD_ADD_LIGHTSOUT_OFFLOAD_OUT msgresponse */ #define MC_CMD_ADD_LIGHTSOUT_OFFLOAD_OUT_LEN 4 #define MC_CMD_ADD_LIGHTSOUT_OFFLOAD_OUT_FILTER_ID_OFST 0 +#define MC_CMD_ADD_LIGHTSOUT_OFFLOAD_OUT_FILTER_ID_LEN 4 /***********************************/ @@ -6965,7 +5664,9 @@ /* MC_CMD_REMOVE_LIGHTSOUT_OFFLOAD_IN msgrequest */ #define MC_CMD_REMOVE_LIGHTSOUT_OFFLOAD_IN_LEN 8 #define MC_CMD_REMOVE_LIGHTSOUT_OFFLOAD_IN_PROTOCOL_OFST 0 +#define MC_CMD_REMOVE_LIGHTSOUT_OFFLOAD_IN_PROTOCOL_LEN 4 #define MC_CMD_REMOVE_LIGHTSOUT_OFFLOAD_IN_FILTER_ID_OFST 4 +#define MC_CMD_REMOVE_LIGHTSOUT_OFFLOAD_IN_FILTER_ID_LEN 4 /* MC_CMD_REMOVE_LIGHTSOUT_OFFLOAD_OUT msgresponse */ #define MC_CMD_REMOVE_LIGHTSOUT_OFFLOAD_OUT_LEN 0 @@ -6993,7 +5694,7 @@ #define MC_CMD_TESTASSERT 0x49 #undef MC_CMD_0x49_PRIVILEGE_CTG -#define MC_CMD_0x49_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0x49_PRIVILEGE_CTG SRIOV_CTG_ADMIN_TSA_UNBOUND /* MC_CMD_TESTASSERT_IN msgrequest */ #define MC_CMD_TESTASSERT_IN_LEN 0 @@ -7005,20 +5706,21 @@ #define MC_CMD_TESTASSERT_V2_IN_LEN 4 /* How to provoke the assertion */ #define MC_CMD_TESTASSERT_V2_IN_TYPE_OFST 0 +#define MC_CMD_TESTASSERT_V2_IN_TYPE_LEN 4 /* enum: Assert using the FAIL_ASSERTION_WITH_USEFUL_VALUES macro. Unless * you're testing firmware, this is what you want. */ -#define MC_CMD_TESTASSERT_V2_IN_FAIL_ASSERTION_WITH_USEFUL_VALUES 0x0 +#define MC_CMD_TESTASSERT_V2_IN_FAIL_ASSERTION_WITH_USEFUL_VALUES 0x0 /* enum: Assert using assert(0); */ -#define MC_CMD_TESTASSERT_V2_IN_ASSERT_FALSE 0x1 +#define MC_CMD_TESTASSERT_V2_IN_ASSERT_FALSE 0x1 /* enum: Deliberately trigger a watchdog */ -#define MC_CMD_TESTASSERT_V2_IN_WATCHDOG 0x2 +#define MC_CMD_TESTASSERT_V2_IN_WATCHDOG 0x2 /* enum: Deliberately trigger a trap by loading from an invalid address */ -#define MC_CMD_TESTASSERT_V2_IN_LOAD_TRAP 0x3 +#define MC_CMD_TESTASSERT_V2_IN_LOAD_TRAP 0x3 /* enum: Deliberately trigger a trap by storing to an invalid address */ -#define MC_CMD_TESTASSERT_V2_IN_STORE_TRAP 0x4 +#define MC_CMD_TESTASSERT_V2_IN_STORE_TRAP 0x4 /* enum: Jump to an invalid address */ -#define MC_CMD_TESTASSERT_V2_IN_JUMP_TRAP 0x5 +#define MC_CMD_TESTASSERT_V2_IN_JUMP_TRAP 0x5 /* MC_CMD_TESTASSERT_V2_OUT msgresponse */ #define MC_CMD_TESTASSERT_V2_OUT_LEN 0 @@ -7041,6 +5743,7 @@ #define MC_CMD_WORKAROUND_IN_LEN 8 /* The enums here must correspond with those in MC_CMD_GET_WORKAROUND. */ #define MC_CMD_WORKAROUND_IN_TYPE_OFST 0 +#define MC_CMD_WORKAROUND_IN_TYPE_LEN 4 /* enum: Bug 17230 work around. */ #define MC_CMD_WORKAROUND_BUG17230 0x1 /* enum: Bug 35388 work around (unsafe EVQ writes). */ @@ -7069,6 +5772,7 @@ * the workaround */ #define MC_CMD_WORKAROUND_IN_ENABLED_OFST 4 +#define MC_CMD_WORKAROUND_IN_ENABLED_LEN 4 /* MC_CMD_WORKAROUND_OUT msgresponse */ #define MC_CMD_WORKAROUND_OUT_LEN 0 @@ -7078,6 +5782,7 @@ */ #define MC_CMD_WORKAROUND_EXT_OUT_LEN 4 #define MC_CMD_WORKAROUND_EXT_OUT_FLAGS_OFST 0 +#define MC_CMD_WORKAROUND_EXT_OUT_FLAGS_LEN 4 #define MC_CMD_WORKAROUND_EXT_OUT_FLR_DONE_LBN 0 #define MC_CMD_WORKAROUND_EXT_OUT_FLR_DONE_WIDTH 1 @@ -7099,6 +5804,7 @@ /* MC_CMD_GET_PHY_MEDIA_INFO_IN msgrequest */ #define MC_CMD_GET_PHY_MEDIA_INFO_IN_LEN 4 #define MC_CMD_GET_PHY_MEDIA_INFO_IN_PAGE_OFST 0 +#define MC_CMD_GET_PHY_MEDIA_INFO_IN_PAGE_LEN 4 /* MC_CMD_GET_PHY_MEDIA_INFO_OUT msgresponse */ #define MC_CMD_GET_PHY_MEDIA_INFO_OUT_LENMIN 5 @@ -7106,6 +5812,7 @@ #define MC_CMD_GET_PHY_MEDIA_INFO_OUT_LEN(num) (4+1*(num)) /* in bytes */ #define MC_CMD_GET_PHY_MEDIA_INFO_OUT_DATALEN_OFST 0 +#define MC_CMD_GET_PHY_MEDIA_INFO_OUT_DATALEN_LEN 4 #define MC_CMD_GET_PHY_MEDIA_INFO_OUT_DATA_OFST 4 #define MC_CMD_GET_PHY_MEDIA_INFO_OUT_DATA_LEN 1 #define MC_CMD_GET_PHY_MEDIA_INFO_OUT_DATA_MINNUM 1 @@ -7120,17 +5827,19 @@ #define MC_CMD_NVRAM_TEST 0x4c #undef MC_CMD_0x4c_PRIVILEGE_CTG -#define MC_CMD_0x4c_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0x4c_PRIVILEGE_CTG SRIOV_CTG_ADMIN_TSA_UNBOUND /* MC_CMD_NVRAM_TEST_IN msgrequest */ #define MC_CMD_NVRAM_TEST_IN_LEN 4 #define MC_CMD_NVRAM_TEST_IN_TYPE_OFST 0 +#define MC_CMD_NVRAM_TEST_IN_TYPE_LEN 4 /* Enum values, see field(s): */ /* MC_CMD_NVRAM_TYPES/MC_CMD_NVRAM_TYPES_OUT/TYPES */ /* MC_CMD_NVRAM_TEST_OUT msgresponse */ #define MC_CMD_NVRAM_TEST_OUT_LEN 4 #define MC_CMD_NVRAM_TEST_OUT_RESULT_OFST 0 +#define MC_CMD_NVRAM_TEST_OUT_RESULT_LEN 4 /* enum: Passed. */ #define MC_CMD_NVRAM_TEST_PASS 0x0 /* enum: Failed. */ @@ -7151,12 +5860,16 @@ #define MC_CMD_MRSFP_TWEAK_IN_EQ_CONFIG_LEN 16 /* 0-6 low->high de-emph. */ #define MC_CMD_MRSFP_TWEAK_IN_EQ_CONFIG_TXEQ_LEVEL_OFST 0 +#define MC_CMD_MRSFP_TWEAK_IN_EQ_CONFIG_TXEQ_LEVEL_LEN 4 /* 0-8 low->high ref.V */ #define MC_CMD_MRSFP_TWEAK_IN_EQ_CONFIG_TXEQ_DT_CFG_OFST 4 +#define MC_CMD_MRSFP_TWEAK_IN_EQ_CONFIG_TXEQ_DT_CFG_LEN 4 /* 0-8 0-8 low->high boost */ #define MC_CMD_MRSFP_TWEAK_IN_EQ_CONFIG_RXEQ_BOOST_OFST 8 +#define MC_CMD_MRSFP_TWEAK_IN_EQ_CONFIG_RXEQ_BOOST_LEN 4 /* 0-8 low->high ref.V */ #define MC_CMD_MRSFP_TWEAK_IN_EQ_CONFIG_RXEQ_DT_CFG_OFST 12 +#define MC_CMD_MRSFP_TWEAK_IN_EQ_CONFIG_RXEQ_DT_CFG_LEN 4 /* MC_CMD_MRSFP_TWEAK_IN_READ_ONLY msgrequest */ #define MC_CMD_MRSFP_TWEAK_IN_READ_ONLY_LEN 0 @@ -7165,10 +5878,13 @@ #define MC_CMD_MRSFP_TWEAK_OUT_LEN 12 /* input bits */ #define MC_CMD_MRSFP_TWEAK_OUT_IOEXP_INPUTS_OFST 0 +#define MC_CMD_MRSFP_TWEAK_OUT_IOEXP_INPUTS_LEN 4 /* output bits */ #define MC_CMD_MRSFP_TWEAK_OUT_IOEXP_OUTPUTS_OFST 4 +#define MC_CMD_MRSFP_TWEAK_OUT_IOEXP_OUTPUTS_LEN 4 /* direction */ #define MC_CMD_MRSFP_TWEAK_OUT_IOEXP_DIRECTION_OFST 8 +#define MC_CMD_MRSFP_TWEAK_OUT_IOEXP_DIRECTION_LEN 4 /* enum: Out. */ #define MC_CMD_MRSFP_TWEAK_OUT_IOEXP_DIRECTION_OUT 0x0 /* enum: In. */ @@ -7184,21 +5900,26 @@ #define MC_CMD_SENSOR_SET_LIMS 0x4e #undef MC_CMD_0x4e_PRIVILEGE_CTG -#define MC_CMD_0x4e_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0x4e_PRIVILEGE_CTG SRIOV_CTG_INSECURE /* MC_CMD_SENSOR_SET_LIMS_IN msgrequest */ #define MC_CMD_SENSOR_SET_LIMS_IN_LEN 20 #define MC_CMD_SENSOR_SET_LIMS_IN_SENSOR_OFST 0 +#define MC_CMD_SENSOR_SET_LIMS_IN_SENSOR_LEN 4 /* Enum values, see field(s): */ /* MC_CMD_SENSOR_INFO/MC_CMD_SENSOR_INFO_OUT/MASK */ /* interpretation is is sensor-specific. */ #define MC_CMD_SENSOR_SET_LIMS_IN_LOW0_OFST 4 +#define MC_CMD_SENSOR_SET_LIMS_IN_LOW0_LEN 4 /* interpretation is is sensor-specific. */ #define MC_CMD_SENSOR_SET_LIMS_IN_HI0_OFST 8 +#define MC_CMD_SENSOR_SET_LIMS_IN_HI0_LEN 4 /* interpretation is is sensor-specific. */ #define MC_CMD_SENSOR_SET_LIMS_IN_LOW1_OFST 12 +#define MC_CMD_SENSOR_SET_LIMS_IN_LOW1_LEN 4 /* interpretation is is sensor-specific. */ #define MC_CMD_SENSOR_SET_LIMS_IN_HI1_OFST 16 +#define MC_CMD_SENSOR_SET_LIMS_IN_HI1_LEN 4 /* MC_CMD_SENSOR_SET_LIMS_OUT msgresponse */ #define MC_CMD_SENSOR_SET_LIMS_OUT_LEN 0 @@ -7215,9 +5936,13 @@ /* MC_CMD_GET_RESOURCE_LIMITS_OUT msgresponse */ #define MC_CMD_GET_RESOURCE_LIMITS_OUT_LEN 16 #define MC_CMD_GET_RESOURCE_LIMITS_OUT_BUFTBL_OFST 0 +#define MC_CMD_GET_RESOURCE_LIMITS_OUT_BUFTBL_LEN 4 #define MC_CMD_GET_RESOURCE_LIMITS_OUT_EVQ_OFST 4 +#define MC_CMD_GET_RESOURCE_LIMITS_OUT_EVQ_LEN 4 #define MC_CMD_GET_RESOURCE_LIMITS_OUT_RXQ_OFST 8 +#define MC_CMD_GET_RESOURCE_LIMITS_OUT_RXQ_LEN 4 #define MC_CMD_GET_RESOURCE_LIMITS_OUT_TXQ_OFST 12 +#define MC_CMD_GET_RESOURCE_LIMITS_OUT_TXQ_LEN 4 /***********************************/ @@ -7239,6 +5964,7 @@ #define MC_CMD_NVRAM_PARTITIONS_OUT_LEN(num) (4+4*(num)) /* total number of partitions */ #define MC_CMD_NVRAM_PARTITIONS_OUT_NUM_PARTITIONS_OFST 0 +#define MC_CMD_NVRAM_PARTITIONS_OUT_NUM_PARTITIONS_LEN 4 /* type ID code for each of NUM_PARTITIONS partitions */ #define MC_CMD_NVRAM_PARTITIONS_OUT_TYPE_ID_OFST 4 #define MC_CMD_NVRAM_PARTITIONS_OUT_TYPE_ID_LEN 4 @@ -7260,6 +5986,7 @@ #define MC_CMD_NVRAM_METADATA_IN_LEN 4 /* Partition type ID code */ #define MC_CMD_NVRAM_METADATA_IN_TYPE_OFST 0 +#define MC_CMD_NVRAM_METADATA_IN_TYPE_LEN 4 /* MC_CMD_NVRAM_METADATA_OUT msgresponse */ #define MC_CMD_NVRAM_METADATA_OUT_LENMIN 20 @@ -7267,7 +5994,9 @@ #define MC_CMD_NVRAM_METADATA_OUT_LEN(num) (20+1*(num)) /* Partition type ID code */ #define MC_CMD_NVRAM_METADATA_OUT_TYPE_OFST 0 +#define MC_CMD_NVRAM_METADATA_OUT_TYPE_LEN 4 #define MC_CMD_NVRAM_METADATA_OUT_FLAGS_OFST 4 +#define MC_CMD_NVRAM_METADATA_OUT_FLAGS_LEN 4 #define MC_CMD_NVRAM_METADATA_OUT_SUBTYPE_VALID_LBN 0 #define MC_CMD_NVRAM_METADATA_OUT_SUBTYPE_VALID_WIDTH 1 #define MC_CMD_NVRAM_METADATA_OUT_VERSION_VALID_LBN 1 @@ -7276,6 +6005,7 @@ #define MC_CMD_NVRAM_METADATA_OUT_DESCRIPTION_VALID_WIDTH 1 /* Subtype ID code for content of this partition */ #define MC_CMD_NVRAM_METADATA_OUT_SUBTYPE_OFST 8 +#define MC_CMD_NVRAM_METADATA_OUT_SUBTYPE_LEN 4 /* 1st component of W.X.Y.Z version number for content of this partition */ #define MC_CMD_NVRAM_METADATA_OUT_VERSION_W_OFST 12 #define MC_CMD_NVRAM_METADATA_OUT_VERSION_W_LEN 2 @@ -7317,8 +6047,10 @@ #define MC_CMD_GET_MAC_ADDRESSES_OUT_RESERVED_LEN 2 /* Number of allocated MAC addresses */ #define MC_CMD_GET_MAC_ADDRESSES_OUT_MAC_COUNT_OFST 8 +#define MC_CMD_GET_MAC_ADDRESSES_OUT_MAC_COUNT_LEN 4 /* Spacing of allocated MAC addresses */ #define MC_CMD_GET_MAC_ADDRESSES_OUT_MAC_STRIDE_OFST 12 +#define MC_CMD_GET_MAC_ADDRESSES_OUT_MAC_STRIDE_LEN 4 /***********************************/ @@ -7328,12 +6060,13 @@ #define MC_CMD_CLP 0x56 #undef MC_CMD_0x56_PRIVILEGE_CTG -#define MC_CMD_0x56_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0x56_PRIVILEGE_CTG SRIOV_CTG_ADMIN_TSA_UNBOUND /* MC_CMD_CLP_IN msgrequest */ #define MC_CMD_CLP_IN_LEN 4 /* Sub operation */ #define MC_CMD_CLP_IN_OP_OFST 0 +#define MC_CMD_CLP_IN_OP_LEN 4 /* enum: Return to factory default settings */ #define MC_CMD_CLP_OP_DEFAULT 0x1 /* enum: Set MAC address */ @@ -7351,6 +6084,7 @@ /* MC_CMD_CLP_IN_DEFAULT msgrequest */ #define MC_CMD_CLP_IN_DEFAULT_LEN 4 /* MC_CMD_CLP_IN_OP_OFST 0 */ +/* MC_CMD_CLP_IN_OP_LEN 4 */ /* MC_CMD_CLP_OUT_DEFAULT msgresponse */ #define MC_CMD_CLP_OUT_DEFAULT_LEN 0 @@ -7358,6 +6092,7 @@ /* MC_CMD_CLP_IN_SET_MAC msgrequest */ #define MC_CMD_CLP_IN_SET_MAC_LEN 12 /* MC_CMD_CLP_IN_OP_OFST 0 */ +/* MC_CMD_CLP_IN_OP_LEN 4 */ /* MAC address assigned to port */ #define MC_CMD_CLP_IN_SET_MAC_ADDR_OFST 4 #define MC_CMD_CLP_IN_SET_MAC_ADDR_LEN 6 @@ -7371,6 +6106,7 @@ /* MC_CMD_CLP_IN_GET_MAC msgrequest */ #define MC_CMD_CLP_IN_GET_MAC_LEN 4 /* MC_CMD_CLP_IN_OP_OFST 0 */ +/* MC_CMD_CLP_IN_OP_LEN 4 */ /* MC_CMD_CLP_OUT_GET_MAC msgresponse */ #define MC_CMD_CLP_OUT_GET_MAC_LEN 8 @@ -7384,6 +6120,7 @@ /* MC_CMD_CLP_IN_SET_BOOT msgrequest */ #define MC_CMD_CLP_IN_SET_BOOT_LEN 5 /* MC_CMD_CLP_IN_OP_OFST 0 */ +/* MC_CMD_CLP_IN_OP_LEN 4 */ /* Boot flag */ #define MC_CMD_CLP_IN_SET_BOOT_FLAG_OFST 4 #define MC_CMD_CLP_IN_SET_BOOT_FLAG_LEN 1 @@ -7394,6 +6131,7 @@ /* MC_CMD_CLP_IN_GET_BOOT msgrequest */ #define MC_CMD_CLP_IN_GET_BOOT_LEN 4 /* MC_CMD_CLP_IN_OP_OFST 0 */ +/* MC_CMD_CLP_IN_OP_LEN 4 */ /* MC_CMD_CLP_OUT_GET_BOOT msgresponse */ #define MC_CMD_CLP_OUT_GET_BOOT_LEN 4 @@ -7412,11 +6150,12 @@ #define MC_CMD_MUM 0x57 #undef MC_CMD_0x57_PRIVILEGE_CTG -#define MC_CMD_0x57_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0x57_PRIVILEGE_CTG SRIOV_CTG_INSECURE /* MC_CMD_MUM_IN msgrequest */ #define MC_CMD_MUM_IN_LEN 4 #define MC_CMD_MUM_IN_OP_HDR_OFST 0 +#define MC_CMD_MUM_IN_OP_HDR_LEN 4 #define MC_CMD_MUM_IN_OP_LBN 0 #define MC_CMD_MUM_IN_OP_WIDTH 8 /* enum: NULL MCDI command to MUM */ @@ -7456,26 +6195,32 @@ #define MC_CMD_MUM_IN_NULL_LEN 4 /* MUM cmd header */ #define MC_CMD_MUM_IN_CMD_OFST 0 +#define MC_CMD_MUM_IN_CMD_LEN 4 /* MC_CMD_MUM_IN_GET_VERSION msgrequest */ #define MC_CMD_MUM_IN_GET_VERSION_LEN 4 /* MUM cmd header */ /* MC_CMD_MUM_IN_CMD_OFST 0 */ +/* MC_CMD_MUM_IN_CMD_LEN 4 */ /* MC_CMD_MUM_IN_READ msgrequest */ #define MC_CMD_MUM_IN_READ_LEN 16 /* MUM cmd header */ /* MC_CMD_MUM_IN_CMD_OFST 0 */ +/* MC_CMD_MUM_IN_CMD_LEN 4 */ /* ID of (device connected to MUM) to read from registers of */ #define MC_CMD_MUM_IN_READ_DEVICE_OFST 4 +#define MC_CMD_MUM_IN_READ_DEVICE_LEN 4 /* enum: Hittite HMC1035 clock generator on Sorrento board */ #define MC_CMD_MUM_DEV_HITTITE 0x1 /* enum: Hittite HMC1035 clock generator for NIC-side on Sorrento board */ #define MC_CMD_MUM_DEV_HITTITE_NIC 0x2 /* 32-bit address to read from */ #define MC_CMD_MUM_IN_READ_ADDR_OFST 8 +#define MC_CMD_MUM_IN_READ_ADDR_LEN 4 /* Number of words to read. */ #define MC_CMD_MUM_IN_READ_NUMWORDS_OFST 12 +#define MC_CMD_MUM_IN_READ_NUMWORDS_LEN 4 /* MC_CMD_MUM_IN_WRITE msgrequest */ #define MC_CMD_MUM_IN_WRITE_LENMIN 16 @@ -7483,12 +6228,15 @@ #define MC_CMD_MUM_IN_WRITE_LEN(num) (12+4*(num)) /* MUM cmd header */ /* MC_CMD_MUM_IN_CMD_OFST 0 */ +/* MC_CMD_MUM_IN_CMD_LEN 4 */ /* ID of (device connected to MUM) to write to registers of */ #define MC_CMD_MUM_IN_WRITE_DEVICE_OFST 4 +#define MC_CMD_MUM_IN_WRITE_DEVICE_LEN 4 /* enum: Hittite HMC1035 clock generator on Sorrento board */ /* MC_CMD_MUM_DEV_HITTITE 0x1 */ /* 32-bit address to write to */ #define MC_CMD_MUM_IN_WRITE_ADDR_OFST 8 +#define MC_CMD_MUM_IN_WRITE_ADDR_LEN 4 /* Words to write */ #define MC_CMD_MUM_IN_WRITE_BUFFER_OFST 12 #define MC_CMD_MUM_IN_WRITE_BUFFER_LEN 4 @@ -7501,12 +6249,16 @@ #define MC_CMD_MUM_IN_RAW_CMD_LEN(num) (16+1*(num)) /* MUM cmd header */ /* MC_CMD_MUM_IN_CMD_OFST 0 */ +/* MC_CMD_MUM_IN_CMD_LEN 4 */ /* MUM I2C cmd code */ #define MC_CMD_MUM_IN_RAW_CMD_CMD_CODE_OFST 4 +#define MC_CMD_MUM_IN_RAW_CMD_CMD_CODE_LEN 4 /* Number of bytes to write */ #define MC_CMD_MUM_IN_RAW_CMD_NUM_WRITE_OFST 8 +#define MC_CMD_MUM_IN_RAW_CMD_NUM_WRITE_LEN 4 /* Number of bytes to read */ #define MC_CMD_MUM_IN_RAW_CMD_NUM_READ_OFST 12 +#define MC_CMD_MUM_IN_RAW_CMD_NUM_READ_LEN 4 /* Bytes to write */ #define MC_CMD_MUM_IN_RAW_CMD_WRITE_DATA_OFST 16 #define MC_CMD_MUM_IN_RAW_CMD_WRITE_DATA_LEN 1 @@ -7517,21 +6269,28 @@ #define MC_CMD_MUM_IN_LOG_LEN 8 /* MUM cmd header */ /* MC_CMD_MUM_IN_CMD_OFST 0 */ +/* MC_CMD_MUM_IN_CMD_LEN 4 */ #define MC_CMD_MUM_IN_LOG_OP_OFST 4 -#define MC_CMD_MUM_IN_LOG_OP_UART 0x1 /* enum */ +#define MC_CMD_MUM_IN_LOG_OP_LEN 4 +#define MC_CMD_MUM_IN_LOG_OP_UART 0x1 /* enum */ /* MC_CMD_MUM_IN_LOG_OP_UART msgrequest */ #define MC_CMD_MUM_IN_LOG_OP_UART_LEN 12 /* MC_CMD_MUM_IN_CMD_OFST 0 */ +/* MC_CMD_MUM_IN_CMD_LEN 4 */ /* MC_CMD_MUM_IN_LOG_OP_OFST 4 */ +/* MC_CMD_MUM_IN_LOG_OP_LEN 4 */ /* Enable/disable debug output to UART */ #define MC_CMD_MUM_IN_LOG_OP_UART_ENABLE_OFST 8 +#define MC_CMD_MUM_IN_LOG_OP_UART_ENABLE_LEN 4 /* MC_CMD_MUM_IN_GPIO msgrequest */ #define MC_CMD_MUM_IN_GPIO_LEN 8 /* MUM cmd header */ /* MC_CMD_MUM_IN_CMD_OFST 0 */ +/* MC_CMD_MUM_IN_CMD_LEN 4 */ #define MC_CMD_MUM_IN_GPIO_HDR_OFST 4 +#define MC_CMD_MUM_IN_GPIO_HDR_LEN 4 #define MC_CMD_MUM_IN_GPIO_OPCODE_LBN 0 #define MC_CMD_MUM_IN_GPIO_OPCODE_WIDTH 8 #define MC_CMD_MUM_IN_GPIO_IN_READ 0x0 /* enum */ @@ -7544,40 +6303,56 @@ /* MC_CMD_MUM_IN_GPIO_IN_READ msgrequest */ #define MC_CMD_MUM_IN_GPIO_IN_READ_LEN 8 /* MC_CMD_MUM_IN_CMD_OFST 0 */ +/* MC_CMD_MUM_IN_CMD_LEN 4 */ #define MC_CMD_MUM_IN_GPIO_IN_READ_HDR_OFST 4 +#define MC_CMD_MUM_IN_GPIO_IN_READ_HDR_LEN 4 /* MC_CMD_MUM_IN_GPIO_OUT_WRITE msgrequest */ #define MC_CMD_MUM_IN_GPIO_OUT_WRITE_LEN 16 /* MC_CMD_MUM_IN_CMD_OFST 0 */ +/* MC_CMD_MUM_IN_CMD_LEN 4 */ #define MC_CMD_MUM_IN_GPIO_OUT_WRITE_HDR_OFST 4 +#define MC_CMD_MUM_IN_GPIO_OUT_WRITE_HDR_LEN 4 /* The first 32-bit word to be written to the GPIO OUT register. */ #define MC_CMD_MUM_IN_GPIO_OUT_WRITE_GPIOMASK1_OFST 8 +#define MC_CMD_MUM_IN_GPIO_OUT_WRITE_GPIOMASK1_LEN 4 /* The second 32-bit word to be written to the GPIO OUT register. */ #define MC_CMD_MUM_IN_GPIO_OUT_WRITE_GPIOMASK2_OFST 12 +#define MC_CMD_MUM_IN_GPIO_OUT_WRITE_GPIOMASK2_LEN 4 /* MC_CMD_MUM_IN_GPIO_OUT_READ msgrequest */ #define MC_CMD_MUM_IN_GPIO_OUT_READ_LEN 8 /* MC_CMD_MUM_IN_CMD_OFST 0 */ +/* MC_CMD_MUM_IN_CMD_LEN 4 */ #define MC_CMD_MUM_IN_GPIO_OUT_READ_HDR_OFST 4 +#define MC_CMD_MUM_IN_GPIO_OUT_READ_HDR_LEN 4 /* MC_CMD_MUM_IN_GPIO_OUT_ENABLE_WRITE msgrequest */ #define MC_CMD_MUM_IN_GPIO_OUT_ENABLE_WRITE_LEN 16 /* MC_CMD_MUM_IN_CMD_OFST 0 */ +/* MC_CMD_MUM_IN_CMD_LEN 4 */ #define MC_CMD_MUM_IN_GPIO_OUT_ENABLE_WRITE_HDR_OFST 4 +#define MC_CMD_MUM_IN_GPIO_OUT_ENABLE_WRITE_HDR_LEN 4 /* The first 32-bit word to be written to the GPIO OUT ENABLE register. */ #define MC_CMD_MUM_IN_GPIO_OUT_ENABLE_WRITE_GPIOMASK1_OFST 8 +#define MC_CMD_MUM_IN_GPIO_OUT_ENABLE_WRITE_GPIOMASK1_LEN 4 /* The second 32-bit word to be written to the GPIO OUT ENABLE register. */ #define MC_CMD_MUM_IN_GPIO_OUT_ENABLE_WRITE_GPIOMASK2_OFST 12 +#define MC_CMD_MUM_IN_GPIO_OUT_ENABLE_WRITE_GPIOMASK2_LEN 4 /* MC_CMD_MUM_IN_GPIO_OUT_ENABLE_READ msgrequest */ #define MC_CMD_MUM_IN_GPIO_OUT_ENABLE_READ_LEN 8 /* MC_CMD_MUM_IN_CMD_OFST 0 */ +/* MC_CMD_MUM_IN_CMD_LEN 4 */ #define MC_CMD_MUM_IN_GPIO_OUT_ENABLE_READ_HDR_OFST 4 +#define MC_CMD_MUM_IN_GPIO_OUT_ENABLE_READ_HDR_LEN 4 /* MC_CMD_MUM_IN_GPIO_OP msgrequest */ #define MC_CMD_MUM_IN_GPIO_OP_LEN 8 /* MC_CMD_MUM_IN_CMD_OFST 0 */ +/* MC_CMD_MUM_IN_CMD_LEN 4 */ #define MC_CMD_MUM_IN_GPIO_OP_HDR_OFST 4 +#define MC_CMD_MUM_IN_GPIO_OP_HDR_LEN 4 #define MC_CMD_MUM_IN_GPIO_OP_BITWISE_OP_LBN 8 #define MC_CMD_MUM_IN_GPIO_OP_BITWISE_OP_WIDTH 8 #define MC_CMD_MUM_IN_GPIO_OP_OUT_READ 0x0 /* enum */ @@ -7590,26 +6365,34 @@ /* MC_CMD_MUM_IN_GPIO_OP_OUT_READ msgrequest */ #define MC_CMD_MUM_IN_GPIO_OP_OUT_READ_LEN 8 /* MC_CMD_MUM_IN_CMD_OFST 0 */ +/* MC_CMD_MUM_IN_CMD_LEN 4 */ #define MC_CMD_MUM_IN_GPIO_OP_OUT_READ_HDR_OFST 4 +#define MC_CMD_MUM_IN_GPIO_OP_OUT_READ_HDR_LEN 4 /* MC_CMD_MUM_IN_GPIO_OP_OUT_WRITE msgrequest */ #define MC_CMD_MUM_IN_GPIO_OP_OUT_WRITE_LEN 8 /* MC_CMD_MUM_IN_CMD_OFST 0 */ +/* MC_CMD_MUM_IN_CMD_LEN 4 */ #define MC_CMD_MUM_IN_GPIO_OP_OUT_WRITE_HDR_OFST 4 +#define MC_CMD_MUM_IN_GPIO_OP_OUT_WRITE_HDR_LEN 4 #define MC_CMD_MUM_IN_GPIO_OP_OUT_WRITE_WRITEBIT_LBN 24 #define MC_CMD_MUM_IN_GPIO_OP_OUT_WRITE_WRITEBIT_WIDTH 8 /* MC_CMD_MUM_IN_GPIO_OP_OUT_CONFIG msgrequest */ #define MC_CMD_MUM_IN_GPIO_OP_OUT_CONFIG_LEN 8 /* MC_CMD_MUM_IN_CMD_OFST 0 */ +/* MC_CMD_MUM_IN_CMD_LEN 4 */ #define MC_CMD_MUM_IN_GPIO_OP_OUT_CONFIG_HDR_OFST 4 +#define MC_CMD_MUM_IN_GPIO_OP_OUT_CONFIG_HDR_LEN 4 #define MC_CMD_MUM_IN_GPIO_OP_OUT_CONFIG_CFG_LBN 24 #define MC_CMD_MUM_IN_GPIO_OP_OUT_CONFIG_CFG_WIDTH 8 /* MC_CMD_MUM_IN_GPIO_OP_OUT_ENABLE msgrequest */ #define MC_CMD_MUM_IN_GPIO_OP_OUT_ENABLE_LEN 8 /* MC_CMD_MUM_IN_CMD_OFST 0 */ +/* MC_CMD_MUM_IN_CMD_LEN 4 */ #define MC_CMD_MUM_IN_GPIO_OP_OUT_ENABLE_HDR_OFST 4 +#define MC_CMD_MUM_IN_GPIO_OP_OUT_ENABLE_HDR_LEN 4 #define MC_CMD_MUM_IN_GPIO_OP_OUT_ENABLE_ENABLEBIT_LBN 24 #define MC_CMD_MUM_IN_GPIO_OP_OUT_ENABLE_ENABLEBIT_WIDTH 8 @@ -7617,7 +6400,9 @@ #define MC_CMD_MUM_IN_READ_SENSORS_LEN 8 /* MUM cmd header */ /* MC_CMD_MUM_IN_CMD_OFST 0 */ +/* MC_CMD_MUM_IN_CMD_LEN 4 */ #define MC_CMD_MUM_IN_READ_SENSORS_PARAMS_OFST 4 +#define MC_CMD_MUM_IN_READ_SENSORS_PARAMS_LEN 4 #define MC_CMD_MUM_IN_READ_SENSORS_SENSOR_ID_LBN 0 #define MC_CMD_MUM_IN_READ_SENSORS_SENSOR_ID_WIDTH 8 #define MC_CMD_MUM_IN_READ_SENSORS_NUM_SENSORS_LBN 8 @@ -7627,13 +6412,16 @@ #define MC_CMD_MUM_IN_PROGRAM_CLOCKS_LEN 12 /* MUM cmd header */ /* MC_CMD_MUM_IN_CMD_OFST 0 */ +/* MC_CMD_MUM_IN_CMD_LEN 4 */ /* Bit-mask of clocks to be programmed */ #define MC_CMD_MUM_IN_PROGRAM_CLOCKS_MASK_OFST 4 +#define MC_CMD_MUM_IN_PROGRAM_CLOCKS_MASK_LEN 4 #define MC_CMD_MUM_CLOCK_ID_FPGA 0x0 /* enum */ #define MC_CMD_MUM_CLOCK_ID_DDR 0x1 /* enum */ #define MC_CMD_MUM_CLOCK_ID_NIC 0x2 /* enum */ /* Control flags for clock programming */ #define MC_CMD_MUM_IN_PROGRAM_CLOCKS_FLAGS_OFST 8 +#define MC_CMD_MUM_IN_PROGRAM_CLOCKS_FLAGS_LEN 4 #define MC_CMD_MUM_IN_PROGRAM_CLOCKS_OVERCLOCK_110_LBN 0 #define MC_CMD_MUM_IN_PROGRAM_CLOCKS_OVERCLOCK_110_WIDTH 1 #define MC_CMD_MUM_IN_PROGRAM_CLOCKS_CLOCK_NIC_FROM_FPGA_LBN 1 @@ -7645,19 +6433,24 @@ #define MC_CMD_MUM_IN_FPGA_LOAD_LEN 8 /* MUM cmd header */ /* MC_CMD_MUM_IN_CMD_OFST 0 */ +/* MC_CMD_MUM_IN_CMD_LEN 4 */ /* Enable/Disable FPGA config from flash */ #define MC_CMD_MUM_IN_FPGA_LOAD_ENABLE_OFST 4 +#define MC_CMD_MUM_IN_FPGA_LOAD_ENABLE_LEN 4 /* MC_CMD_MUM_IN_READ_ATB_SENSOR msgrequest */ #define MC_CMD_MUM_IN_READ_ATB_SENSOR_LEN 4 /* MUM cmd header */ /* MC_CMD_MUM_IN_CMD_OFST 0 */ +/* MC_CMD_MUM_IN_CMD_LEN 4 */ /* MC_CMD_MUM_IN_QSFP msgrequest */ #define MC_CMD_MUM_IN_QSFP_LEN 12 /* MUM cmd header */ /* MC_CMD_MUM_IN_CMD_OFST 0 */ +/* MC_CMD_MUM_IN_CMD_LEN 4 */ #define MC_CMD_MUM_IN_QSFP_HDR_OFST 4 +#define MC_CMD_MUM_IN_QSFP_HDR_LEN 4 #define MC_CMD_MUM_IN_QSFP_OPCODE_LBN 0 #define MC_CMD_MUM_IN_QSFP_OPCODE_WIDTH 4 #define MC_CMD_MUM_IN_QSFP_INIT 0x0 /* enum */ @@ -7667,52 +6460,77 @@ #define MC_CMD_MUM_IN_QSFP_FILL_STATS 0x4 /* enum */ #define MC_CMD_MUM_IN_QSFP_POLL_BIST 0x5 /* enum */ #define MC_CMD_MUM_IN_QSFP_IDX_OFST 8 +#define MC_CMD_MUM_IN_QSFP_IDX_LEN 4 /* MC_CMD_MUM_IN_QSFP_INIT msgrequest */ #define MC_CMD_MUM_IN_QSFP_INIT_LEN 16 /* MC_CMD_MUM_IN_CMD_OFST 0 */ +/* MC_CMD_MUM_IN_CMD_LEN 4 */ #define MC_CMD_MUM_IN_QSFP_INIT_HDR_OFST 4 +#define MC_CMD_MUM_IN_QSFP_INIT_HDR_LEN 4 #define MC_CMD_MUM_IN_QSFP_INIT_IDX_OFST 8 +#define MC_CMD_MUM_IN_QSFP_INIT_IDX_LEN 4 #define MC_CMD_MUM_IN_QSFP_INIT_CAGE_OFST 12 +#define MC_CMD_MUM_IN_QSFP_INIT_CAGE_LEN 4 /* MC_CMD_MUM_IN_QSFP_RECONFIGURE msgrequest */ #define MC_CMD_MUM_IN_QSFP_RECONFIGURE_LEN 24 /* MC_CMD_MUM_IN_CMD_OFST 0 */ +/* MC_CMD_MUM_IN_CMD_LEN 4 */ #define MC_CMD_MUM_IN_QSFP_RECONFIGURE_HDR_OFST 4 +#define MC_CMD_MUM_IN_QSFP_RECONFIGURE_HDR_LEN 4 #define MC_CMD_MUM_IN_QSFP_RECONFIGURE_IDX_OFST 8 +#define MC_CMD_MUM_IN_QSFP_RECONFIGURE_IDX_LEN 4 #define MC_CMD_MUM_IN_QSFP_RECONFIGURE_TX_DISABLE_OFST 12 +#define MC_CMD_MUM_IN_QSFP_RECONFIGURE_TX_DISABLE_LEN 4 #define MC_CMD_MUM_IN_QSFP_RECONFIGURE_PORT_LANES_OFST 16 +#define MC_CMD_MUM_IN_QSFP_RECONFIGURE_PORT_LANES_LEN 4 #define MC_CMD_MUM_IN_QSFP_RECONFIGURE_PORT_LINK_SPEED_OFST 20 +#define MC_CMD_MUM_IN_QSFP_RECONFIGURE_PORT_LINK_SPEED_LEN 4 /* MC_CMD_MUM_IN_QSFP_GET_SUPPORTED_CAP msgrequest */ #define MC_CMD_MUM_IN_QSFP_GET_SUPPORTED_CAP_LEN 12 /* MC_CMD_MUM_IN_CMD_OFST 0 */ +/* MC_CMD_MUM_IN_CMD_LEN 4 */ #define MC_CMD_MUM_IN_QSFP_GET_SUPPORTED_CAP_HDR_OFST 4 +#define MC_CMD_MUM_IN_QSFP_GET_SUPPORTED_CAP_HDR_LEN 4 #define MC_CMD_MUM_IN_QSFP_GET_SUPPORTED_CAP_IDX_OFST 8 +#define MC_CMD_MUM_IN_QSFP_GET_SUPPORTED_CAP_IDX_LEN 4 /* MC_CMD_MUM_IN_QSFP_GET_MEDIA_INFO msgrequest */ #define MC_CMD_MUM_IN_QSFP_GET_MEDIA_INFO_LEN 16 /* MC_CMD_MUM_IN_CMD_OFST 0 */ +/* MC_CMD_MUM_IN_CMD_LEN 4 */ #define MC_CMD_MUM_IN_QSFP_GET_MEDIA_INFO_HDR_OFST 4 +#define MC_CMD_MUM_IN_QSFP_GET_MEDIA_INFO_HDR_LEN 4 #define MC_CMD_MUM_IN_QSFP_GET_MEDIA_INFO_IDX_OFST 8 +#define MC_CMD_MUM_IN_QSFP_GET_MEDIA_INFO_IDX_LEN 4 #define MC_CMD_MUM_IN_QSFP_GET_MEDIA_INFO_PAGE_OFST 12 +#define MC_CMD_MUM_IN_QSFP_GET_MEDIA_INFO_PAGE_LEN 4 /* MC_CMD_MUM_IN_QSFP_FILL_STATS msgrequest */ #define MC_CMD_MUM_IN_QSFP_FILL_STATS_LEN 12 /* MC_CMD_MUM_IN_CMD_OFST 0 */ +/* MC_CMD_MUM_IN_CMD_LEN 4 */ #define MC_CMD_MUM_IN_QSFP_FILL_STATS_HDR_OFST 4 +#define MC_CMD_MUM_IN_QSFP_FILL_STATS_HDR_LEN 4 #define MC_CMD_MUM_IN_QSFP_FILL_STATS_IDX_OFST 8 +#define MC_CMD_MUM_IN_QSFP_FILL_STATS_IDX_LEN 4 /* MC_CMD_MUM_IN_QSFP_POLL_BIST msgrequest */ #define MC_CMD_MUM_IN_QSFP_POLL_BIST_LEN 12 /* MC_CMD_MUM_IN_CMD_OFST 0 */ +/* MC_CMD_MUM_IN_CMD_LEN 4 */ #define MC_CMD_MUM_IN_QSFP_POLL_BIST_HDR_OFST 4 +#define MC_CMD_MUM_IN_QSFP_POLL_BIST_HDR_LEN 4 #define MC_CMD_MUM_IN_QSFP_POLL_BIST_IDX_OFST 8 +#define MC_CMD_MUM_IN_QSFP_POLL_BIST_IDX_LEN 4 /* MC_CMD_MUM_IN_READ_DDR_INFO msgrequest */ #define MC_CMD_MUM_IN_READ_DDR_INFO_LEN 4 /* MUM cmd header */ /* MC_CMD_MUM_IN_CMD_OFST 0 */ +/* MC_CMD_MUM_IN_CMD_LEN 4 */ /* MC_CMD_MUM_OUT msgresponse */ #define MC_CMD_MUM_OUT_LEN 0 @@ -7723,6 +6541,7 @@ /* MC_CMD_MUM_OUT_GET_VERSION msgresponse */ #define MC_CMD_MUM_OUT_GET_VERSION_LEN 12 #define MC_CMD_MUM_OUT_GET_VERSION_FIRMWARE_OFST 0 +#define MC_CMD_MUM_OUT_GET_VERSION_FIRMWARE_LEN 4 #define MC_CMD_MUM_OUT_GET_VERSION_VERSION_OFST 4 #define MC_CMD_MUM_OUT_GET_VERSION_VERSION_LEN 8 #define MC_CMD_MUM_OUT_GET_VERSION_VERSION_LO_OFST 4 @@ -7760,8 +6579,10 @@ #define MC_CMD_MUM_OUT_GPIO_IN_READ_LEN 8 /* The first 32-bit word read from the GPIO IN register. */ #define MC_CMD_MUM_OUT_GPIO_IN_READ_GPIOMASK1_OFST 0 +#define MC_CMD_MUM_OUT_GPIO_IN_READ_GPIOMASK1_LEN 4 /* The second 32-bit word read from the GPIO IN register. */ #define MC_CMD_MUM_OUT_GPIO_IN_READ_GPIOMASK2_OFST 4 +#define MC_CMD_MUM_OUT_GPIO_IN_READ_GPIOMASK2_LEN 4 /* MC_CMD_MUM_OUT_GPIO_OUT_WRITE msgresponse */ #define MC_CMD_MUM_OUT_GPIO_OUT_WRITE_LEN 0 @@ -7770,8 +6591,10 @@ #define MC_CMD_MUM_OUT_GPIO_OUT_READ_LEN 8 /* The first 32-bit word read from the GPIO OUT register. */ #define MC_CMD_MUM_OUT_GPIO_OUT_READ_GPIOMASK1_OFST 0 +#define MC_CMD_MUM_OUT_GPIO_OUT_READ_GPIOMASK1_LEN 4 /* The second 32-bit word read from the GPIO OUT register. */ #define MC_CMD_MUM_OUT_GPIO_OUT_READ_GPIOMASK2_OFST 4 +#define MC_CMD_MUM_OUT_GPIO_OUT_READ_GPIOMASK2_LEN 4 /* MC_CMD_MUM_OUT_GPIO_OUT_ENABLE_WRITE msgresponse */ #define MC_CMD_MUM_OUT_GPIO_OUT_ENABLE_WRITE_LEN 0 @@ -7779,11 +6602,14 @@ /* MC_CMD_MUM_OUT_GPIO_OUT_ENABLE_READ msgresponse */ #define MC_CMD_MUM_OUT_GPIO_OUT_ENABLE_READ_LEN 8 #define MC_CMD_MUM_OUT_GPIO_OUT_ENABLE_READ_GPIOMASK1_OFST 0 +#define MC_CMD_MUM_OUT_GPIO_OUT_ENABLE_READ_GPIOMASK1_LEN 4 #define MC_CMD_MUM_OUT_GPIO_OUT_ENABLE_READ_GPIOMASK2_OFST 4 +#define MC_CMD_MUM_OUT_GPIO_OUT_ENABLE_READ_GPIOMASK2_LEN 4 /* MC_CMD_MUM_OUT_GPIO_OP_OUT_READ msgresponse */ #define MC_CMD_MUM_OUT_GPIO_OP_OUT_READ_LEN 4 #define MC_CMD_MUM_OUT_GPIO_OP_OUT_READ_BIT_READ_OFST 0 +#define MC_CMD_MUM_OUT_GPIO_OP_OUT_READ_BIT_READ_LEN 4 /* MC_CMD_MUM_OUT_GPIO_OP_OUT_WRITE msgresponse */ #define MC_CMD_MUM_OUT_GPIO_OP_OUT_WRITE_LEN 0 @@ -7812,6 +6638,7 @@ /* MC_CMD_MUM_OUT_PROGRAM_CLOCKS msgresponse */ #define MC_CMD_MUM_OUT_PROGRAM_CLOCKS_LEN 4 #define MC_CMD_MUM_OUT_PROGRAM_CLOCKS_OK_MASK_OFST 0 +#define MC_CMD_MUM_OUT_PROGRAM_CLOCKS_OK_MASK_LEN 4 /* MC_CMD_MUM_OUT_FPGA_LOAD msgresponse */ #define MC_CMD_MUM_OUT_FPGA_LOAD_LEN 0 @@ -7819,6 +6646,7 @@ /* MC_CMD_MUM_OUT_READ_ATB_SENSOR msgresponse */ #define MC_CMD_MUM_OUT_READ_ATB_SENSOR_LEN 4 #define MC_CMD_MUM_OUT_READ_ATB_SENSOR_RESULT_OFST 0 +#define MC_CMD_MUM_OUT_READ_ATB_SENSOR_RESULT_LEN 4 /* MC_CMD_MUM_OUT_QSFP_INIT msgresponse */ #define MC_CMD_MUM_OUT_QSFP_INIT_LEN 0 @@ -7826,7 +6654,9 @@ /* MC_CMD_MUM_OUT_QSFP_RECONFIGURE msgresponse */ #define MC_CMD_MUM_OUT_QSFP_RECONFIGURE_LEN 8 #define MC_CMD_MUM_OUT_QSFP_RECONFIGURE_PORT_PHY_LP_CAP_OFST 0 +#define MC_CMD_MUM_OUT_QSFP_RECONFIGURE_PORT_PHY_LP_CAP_LEN 4 #define MC_CMD_MUM_OUT_QSFP_RECONFIGURE_PORT_PHY_FLAGS_OFST 4 +#define MC_CMD_MUM_OUT_QSFP_RECONFIGURE_PORT_PHY_FLAGS_LEN 4 #define MC_CMD_MUM_OUT_QSFP_RECONFIGURE_PORT_PHY_READY_LBN 0 #define MC_CMD_MUM_OUT_QSFP_RECONFIGURE_PORT_PHY_READY_WIDTH 1 #define MC_CMD_MUM_OUT_QSFP_RECONFIGURE_PORT_PHY_LINK_UP_LBN 1 @@ -7835,6 +6665,7 @@ /* MC_CMD_MUM_OUT_QSFP_GET_SUPPORTED_CAP msgresponse */ #define MC_CMD_MUM_OUT_QSFP_GET_SUPPORTED_CAP_LEN 4 #define MC_CMD_MUM_OUT_QSFP_GET_SUPPORTED_CAP_PORT_PHY_LP_CAP_OFST 0 +#define MC_CMD_MUM_OUT_QSFP_GET_SUPPORTED_CAP_PORT_PHY_LP_CAP_LEN 4 /* MC_CMD_MUM_OUT_QSFP_GET_MEDIA_INFO msgresponse */ #define MC_CMD_MUM_OUT_QSFP_GET_MEDIA_INFO_LENMIN 5 @@ -7842,6 +6673,7 @@ #define MC_CMD_MUM_OUT_QSFP_GET_MEDIA_INFO_LEN(num) (4+1*(num)) /* in bytes */ #define MC_CMD_MUM_OUT_QSFP_GET_MEDIA_INFO_DATALEN_OFST 0 +#define MC_CMD_MUM_OUT_QSFP_GET_MEDIA_INFO_DATALEN_LEN 4 #define MC_CMD_MUM_OUT_QSFP_GET_MEDIA_INFO_DATA_OFST 4 #define MC_CMD_MUM_OUT_QSFP_GET_MEDIA_INFO_DATA_LEN 1 #define MC_CMD_MUM_OUT_QSFP_GET_MEDIA_INFO_DATA_MINNUM 1 @@ -7850,11 +6682,14 @@ /* MC_CMD_MUM_OUT_QSFP_FILL_STATS msgresponse */ #define MC_CMD_MUM_OUT_QSFP_FILL_STATS_LEN 8 #define MC_CMD_MUM_OUT_QSFP_FILL_STATS_PORT_PHY_STATS_PMA_PMD_LINK_UP_OFST 0 +#define MC_CMD_MUM_OUT_QSFP_FILL_STATS_PORT_PHY_STATS_PMA_PMD_LINK_UP_LEN 4 #define MC_CMD_MUM_OUT_QSFP_FILL_STATS_PORT_PHY_STATS_PCS_LINK_UP_OFST 4 +#define MC_CMD_MUM_OUT_QSFP_FILL_STATS_PORT_PHY_STATS_PCS_LINK_UP_LEN 4 /* MC_CMD_MUM_OUT_QSFP_POLL_BIST msgresponse */ #define MC_CMD_MUM_OUT_QSFP_POLL_BIST_LEN 4 #define MC_CMD_MUM_OUT_QSFP_POLL_BIST_TEST_OFST 0 +#define MC_CMD_MUM_OUT_QSFP_POLL_BIST_TEST_LEN 4 /* MC_CMD_MUM_OUT_READ_DDR_INFO msgresponse */ #define MC_CMD_MUM_OUT_READ_DDR_INFO_LENMIN 24 @@ -7862,12 +6697,14 @@ #define MC_CMD_MUM_OUT_READ_DDR_INFO_LEN(num) (8+8*(num)) /* Discrete (soldered) DDR resistor strap info */ #define MC_CMD_MUM_OUT_READ_DDR_INFO_DISCRETE_DDR_INFO_OFST 0 +#define MC_CMD_MUM_OUT_READ_DDR_INFO_DISCRETE_DDR_INFO_LEN 4 #define MC_CMD_MUM_OUT_READ_DDR_INFO_VRATIO_LBN 0 #define MC_CMD_MUM_OUT_READ_DDR_INFO_VRATIO_WIDTH 16 #define MC_CMD_MUM_OUT_READ_DDR_INFO_RESERVED1_LBN 16 #define MC_CMD_MUM_OUT_READ_DDR_INFO_RESERVED1_WIDTH 16 /* Number of SODIMM info records */ #define MC_CMD_MUM_OUT_READ_DDR_INFO_NUM_RECORDS_OFST 4 +#define MC_CMD_MUM_OUT_READ_DDR_INFO_NUM_RECORDS_LEN 4 /* Array of SODIMM info records */ #define MC_CMD_MUM_OUT_READ_DDR_INFO_SODIMM_INFO_RECORD_OFST 8 #define MC_CMD_MUM_OUT_READ_DDR_INFO_SODIMM_INFO_RECORD_LEN 8 @@ -7928,18 +6765,19 @@ /* EVB_PORT_ID structuredef */ #define EVB_PORT_ID_LEN 4 #define EVB_PORT_ID_PORT_ID_OFST 0 +#define EVB_PORT_ID_PORT_ID_LEN 4 /* enum: An invalid port handle. */ -#define EVB_PORT_ID_NULL 0x0 +#define EVB_PORT_ID_NULL 0x0 /* enum: The port assigned to this function.. */ -#define EVB_PORT_ID_ASSIGNED 0x1000000 +#define EVB_PORT_ID_ASSIGNED 0x1000000 /* enum: External network port 0 */ -#define EVB_PORT_ID_MAC0 0x2000000 +#define EVB_PORT_ID_MAC0 0x2000000 /* enum: External network port 1 */ -#define EVB_PORT_ID_MAC1 0x2000001 +#define EVB_PORT_ID_MAC1 0x2000001 /* enum: External network port 2 */ -#define EVB_PORT_ID_MAC2 0x2000002 +#define EVB_PORT_ID_MAC2 0x2000002 /* enum: External network port 3 */ -#define EVB_PORT_ID_MAC3 0x2000003 +#define EVB_PORT_ID_MAC3 0x2000003 #define EVB_PORT_ID_PORT_ID_LBN 0 #define EVB_PORT_ID_PORT_ID_WIDTH 32 @@ -7951,7 +6789,7 @@ #define EVB_VLAN_TAG_MODE_LBN 12 #define EVB_VLAN_TAG_MODE_WIDTH 4 /* enum: Insert the VLAN. */ -#define EVB_VLAN_TAG_INSERT 0x0 +#define EVB_VLAN_TAG_INSERT 0x0 /* enum: Replace the VLAN if already present. */ #define EVB_VLAN_TAG_REPLACE 0x1 @@ -7980,121 +6818,149 @@ #define NVRAM_PARTITION_TYPE_ID_OFST 0 #define NVRAM_PARTITION_TYPE_ID_LEN 2 /* enum: Primary MC firmware partition */ -#define NVRAM_PARTITION_TYPE_MC_FIRMWARE 0x100 +#define NVRAM_PARTITION_TYPE_MC_FIRMWARE 0x100 /* enum: Secondary MC firmware partition */ -#define NVRAM_PARTITION_TYPE_MC_FIRMWARE_BACKUP 0x200 +#define NVRAM_PARTITION_TYPE_MC_FIRMWARE_BACKUP 0x200 /* enum: Expansion ROM partition */ -#define NVRAM_PARTITION_TYPE_EXPANSION_ROM 0x300 +#define NVRAM_PARTITION_TYPE_EXPANSION_ROM 0x300 /* enum: Static configuration TLV partition */ -#define NVRAM_PARTITION_TYPE_STATIC_CONFIG 0x400 +#define NVRAM_PARTITION_TYPE_STATIC_CONFIG 0x400 /* enum: Dynamic configuration TLV partition */ -#define NVRAM_PARTITION_TYPE_DYNAMIC_CONFIG 0x500 +#define NVRAM_PARTITION_TYPE_DYNAMIC_CONFIG 0x500 /* enum: Expansion ROM configuration data for port 0 */ -#define NVRAM_PARTITION_TYPE_EXPROM_CONFIG_PORT0 0x600 +#define NVRAM_PARTITION_TYPE_EXPROM_CONFIG_PORT0 0x600 /* enum: Synonym for EXPROM_CONFIG_PORT0 as used in pmap files */ -#define NVRAM_PARTITION_TYPE_EXPROM_CONFIG 0x600 +#define NVRAM_PARTITION_TYPE_EXPROM_CONFIG 0x600 /* enum: Expansion ROM configuration data for port 1 */ -#define NVRAM_PARTITION_TYPE_EXPROM_CONFIG_PORT1 0x601 +#define NVRAM_PARTITION_TYPE_EXPROM_CONFIG_PORT1 0x601 /* enum: Expansion ROM configuration data for port 2 */ -#define NVRAM_PARTITION_TYPE_EXPROM_CONFIG_PORT2 0x602 +#define NVRAM_PARTITION_TYPE_EXPROM_CONFIG_PORT2 0x602 /* enum: Expansion ROM configuration data for port 3 */ -#define NVRAM_PARTITION_TYPE_EXPROM_CONFIG_PORT3 0x603 +#define NVRAM_PARTITION_TYPE_EXPROM_CONFIG_PORT3 0x603 /* enum: Non-volatile log output partition */ -#define NVRAM_PARTITION_TYPE_LOG 0x700 +#define NVRAM_PARTITION_TYPE_LOG 0x700 /* enum: Non-volatile log output of second core on dual-core device */ -#define NVRAM_PARTITION_TYPE_LOG_SLAVE 0x701 +#define NVRAM_PARTITION_TYPE_LOG_SLAVE 0x701 /* enum: Device state dump output partition */ -#define NVRAM_PARTITION_TYPE_DUMP 0x800 +#define NVRAM_PARTITION_TYPE_DUMP 0x800 /* enum: Application license key storage partition */ -#define NVRAM_PARTITION_TYPE_LICENSE 0x900 +#define NVRAM_PARTITION_TYPE_LICENSE 0x900 /* enum: Start of range used for PHY partitions (low 8 bits are the PHY ID) */ -#define NVRAM_PARTITION_TYPE_PHY_MIN 0xa00 +#define NVRAM_PARTITION_TYPE_PHY_MIN 0xa00 /* enum: End of range used for PHY partitions (low 8 bits are the PHY ID) */ -#define NVRAM_PARTITION_TYPE_PHY_MAX 0xaff +#define NVRAM_PARTITION_TYPE_PHY_MAX 0xaff /* enum: Primary FPGA partition */ -#define NVRAM_PARTITION_TYPE_FPGA 0xb00 +#define NVRAM_PARTITION_TYPE_FPGA 0xb00 /* enum: Secondary FPGA partition */ -#define NVRAM_PARTITION_TYPE_FPGA_BACKUP 0xb01 +#define NVRAM_PARTITION_TYPE_FPGA_BACKUP 0xb01 /* enum: FC firmware partition */ -#define NVRAM_PARTITION_TYPE_FC_FIRMWARE 0xb02 +#define NVRAM_PARTITION_TYPE_FC_FIRMWARE 0xb02 /* enum: FC License partition */ -#define NVRAM_PARTITION_TYPE_FC_LICENSE 0xb03 +#define NVRAM_PARTITION_TYPE_FC_LICENSE 0xb03 /* enum: Non-volatile log output partition for FC */ -#define NVRAM_PARTITION_TYPE_FC_LOG 0xb04 +#define NVRAM_PARTITION_TYPE_FC_LOG 0xb04 /* enum: MUM firmware partition */ -#define NVRAM_PARTITION_TYPE_MUM_FIRMWARE 0xc00 +#define NVRAM_PARTITION_TYPE_MUM_FIRMWARE 0xc00 +/* enum: SUC firmware partition (this is intentionally an alias of + * MUM_FIRMWARE) + */ +#define NVRAM_PARTITION_TYPE_SUC_FIRMWARE 0xc00 /* enum: MUM Non-volatile log output partition. */ -#define NVRAM_PARTITION_TYPE_MUM_LOG 0xc01 +#define NVRAM_PARTITION_TYPE_MUM_LOG 0xc01 /* enum: MUM Application table partition. */ -#define NVRAM_PARTITION_TYPE_MUM_APPTABLE 0xc02 +#define NVRAM_PARTITION_TYPE_MUM_APPTABLE 0xc02 /* enum: MUM boot rom partition. */ -#define NVRAM_PARTITION_TYPE_MUM_BOOT_ROM 0xc03 +#define NVRAM_PARTITION_TYPE_MUM_BOOT_ROM 0xc03 /* enum: MUM production signatures & calibration rom partition. */ -#define NVRAM_PARTITION_TYPE_MUM_PROD_ROM 0xc04 +#define NVRAM_PARTITION_TYPE_MUM_PROD_ROM 0xc04 /* enum: MUM user signatures & calibration rom partition. */ -#define NVRAM_PARTITION_TYPE_MUM_USER_ROM 0xc05 +#define NVRAM_PARTITION_TYPE_MUM_USER_ROM 0xc05 /* enum: MUM fuses and lockbits partition. */ -#define NVRAM_PARTITION_TYPE_MUM_FUSELOCK 0xc06 +#define NVRAM_PARTITION_TYPE_MUM_FUSELOCK 0xc06 /* enum: UEFI expansion ROM if separate from PXE */ -#define NVRAM_PARTITION_TYPE_EXPANSION_UEFI 0xd00 -/* enum: Spare partition 0 */ -#define NVRAM_PARTITION_TYPE_SPARE_0 0x1000 +#define NVRAM_PARTITION_TYPE_EXPANSION_UEFI 0xd00 +/* enum: Used by the expansion ROM for logging */ +#define NVRAM_PARTITION_TYPE_PXE_LOG 0x1000 /* enum: Used for XIP code of shmbooted images */ -#define NVRAM_PARTITION_TYPE_XIP_SCRATCH 0x1100 +#define NVRAM_PARTITION_TYPE_XIP_SCRATCH 0x1100 /* enum: Spare partition 2 */ -#define NVRAM_PARTITION_TYPE_SPARE_2 0x1200 +#define NVRAM_PARTITION_TYPE_SPARE_2 0x1200 /* enum: Manufacturing partition. Used during manufacture to pass information * between XJTAG and Manftest. */ -#define NVRAM_PARTITION_TYPE_MANUFACTURING 0x1300 +#define NVRAM_PARTITION_TYPE_MANUFACTURING 0x1300 /* enum: Spare partition 4 */ -#define NVRAM_PARTITION_TYPE_SPARE_4 0x1400 +#define NVRAM_PARTITION_TYPE_SPARE_4 0x1400 /* enum: Spare partition 5 */ -#define NVRAM_PARTITION_TYPE_SPARE_5 0x1500 +#define NVRAM_PARTITION_TYPE_SPARE_5 0x1500 /* enum: Partition for reporting MC status. See mc_flash_layout.h * medford_mc_status_hdr_t for layout on Medford. */ -#define NVRAM_PARTITION_TYPE_STATUS 0x1600 +#define NVRAM_PARTITION_TYPE_STATUS 0x1600 +/* enum: Spare partition 13 */ +#define NVRAM_PARTITION_TYPE_SPARE_13 0x1700 +/* enum: Spare partition 14 */ +#define NVRAM_PARTITION_TYPE_SPARE_14 0x1800 +/* enum: Spare partition 15 */ +#define NVRAM_PARTITION_TYPE_SPARE_15 0x1900 +/* enum: Spare partition 16 */ +#define NVRAM_PARTITION_TYPE_SPARE_16 0x1a00 +/* enum: Factory defaults for dynamic configuration */ +#define NVRAM_PARTITION_TYPE_DYNCONFIG_DEFAULTS 0x1b00 +/* enum: Factory defaults for expansion ROM configuration */ +#define NVRAM_PARTITION_TYPE_ROMCONFIG_DEFAULTS 0x1c00 +/* enum: Field Replaceable Unit inventory information for use on IPMI + * platforms. See SF-119124-PS. The STATIC_CONFIG partition may contain a + * subset of the information stored in this partition. + */ +#define NVRAM_PARTITION_TYPE_FRU_INFORMATION 0x1d00 /* enum: Start of reserved value range (firmware may use for any purpose) */ -#define NVRAM_PARTITION_TYPE_RESERVED_VALUES_MIN 0xff00 +#define NVRAM_PARTITION_TYPE_RESERVED_VALUES_MIN 0xff00 /* enum: End of reserved value range (firmware may use for any purpose) */ -#define NVRAM_PARTITION_TYPE_RESERVED_VALUES_MAX 0xfffd +#define NVRAM_PARTITION_TYPE_RESERVED_VALUES_MAX 0xfffd /* enum: Recovery partition map (provided if real map is missing or corrupt) */ -#define NVRAM_PARTITION_TYPE_RECOVERY_MAP 0xfffe +#define NVRAM_PARTITION_TYPE_RECOVERY_MAP 0xfffe /* enum: Partition map (real map as stored in flash) */ -#define NVRAM_PARTITION_TYPE_PARTITION_MAP 0xffff +#define NVRAM_PARTITION_TYPE_PARTITION_MAP 0xffff #define NVRAM_PARTITION_TYPE_ID_LBN 0 #define NVRAM_PARTITION_TYPE_ID_WIDTH 16 /* LICENSED_APP_ID structuredef */ #define LICENSED_APP_ID_LEN 4 #define LICENSED_APP_ID_ID_OFST 0 +#define LICENSED_APP_ID_ID_LEN 4 /* enum: OpenOnload */ -#define LICENSED_APP_ID_ONLOAD 0x1 +#define LICENSED_APP_ID_ONLOAD 0x1 /* enum: PTP timestamping */ -#define LICENSED_APP_ID_PTP 0x2 +#define LICENSED_APP_ID_PTP 0x2 /* enum: SolarCapture Pro */ -#define LICENSED_APP_ID_SOLARCAPTURE_PRO 0x4 +#define LICENSED_APP_ID_SOLARCAPTURE_PRO 0x4 /* enum: SolarSecure filter engine */ -#define LICENSED_APP_ID_SOLARSECURE 0x8 +#define LICENSED_APP_ID_SOLARSECURE 0x8 /* enum: Performance monitor */ -#define LICENSED_APP_ID_PERF_MONITOR 0x10 +#define LICENSED_APP_ID_PERF_MONITOR 0x10 /* enum: SolarCapture Live */ -#define LICENSED_APP_ID_SOLARCAPTURE_LIVE 0x20 +#define LICENSED_APP_ID_SOLARCAPTURE_LIVE 0x20 /* enum: Capture SolarSystem */ -#define LICENSED_APP_ID_CAPTURE_SOLARSYSTEM 0x40 +#define LICENSED_APP_ID_CAPTURE_SOLARSYSTEM 0x40 /* enum: Network Access Control */ -#define LICENSED_APP_ID_NETWORK_ACCESS_CONTROL 0x80 +#define LICENSED_APP_ID_NETWORK_ACCESS_CONTROL 0x80 /* enum: TCP Direct */ -#define LICENSED_APP_ID_TCP_DIRECT 0x100 +#define LICENSED_APP_ID_TCP_DIRECT 0x100 /* enum: Low Latency */ -#define LICENSED_APP_ID_LOW_LATENCY 0x200 +#define LICENSED_APP_ID_LOW_LATENCY 0x200 /* enum: SolarCapture Tap */ -#define LICENSED_APP_ID_SOLARCAPTURE_TAP 0x400 +#define LICENSED_APP_ID_SOLARCAPTURE_TAP 0x400 /* enum: Capture SolarSystem 40G */ #define LICENSED_APP_ID_CAPTURE_SOLARSYSTEM_40G 0x800 /* enum: Capture SolarSystem 1G */ -#define LICENSED_APP_ID_CAPTURE_SOLARSYSTEM_1G 0x1000 +#define LICENSED_APP_ID_CAPTURE_SOLARSYSTEM_1G 0x1000 +/* enum: ScaleOut Onload */ +#define LICENSED_APP_ID_SCALEOUT_ONLOAD 0x2000 +/* enum: SCS Network Analytics Dashboard */ +#define LICENSED_APP_ID_DSHBRD 0x4000 +/* enum: SolarCapture Trading Analytics */ +#define LICENSED_APP_ID_SCATRD 0x8000 #define LICENSED_APP_ID_ID_LBN 0 #define LICENSED_APP_ID_ID_WIDTH 32 @@ -8161,6 +7027,12 @@ #define LICENSED_V3_APPS_CAPTURE_SOLARSYSTEM_40G_WIDTH 1 #define LICENSED_V3_APPS_CAPTURE_SOLARSYSTEM_1G_LBN 12 #define LICENSED_V3_APPS_CAPTURE_SOLARSYSTEM_1G_WIDTH 1 +#define LICENSED_V3_APPS_SCALEOUT_ONLOAD_LBN 13 +#define LICENSED_V3_APPS_SCALEOUT_ONLOAD_WIDTH 1 +#define LICENSED_V3_APPS_DSHBRD_LBN 14 +#define LICENSED_V3_APPS_DSHBRD_WIDTH 1 +#define LICENSED_V3_APPS_SCATRD_LBN 15 +#define LICENSED_V3_APPS_SCATRD_WIDTH 1 #define LICENSED_V3_APPS_MASK_LBN 0 #define LICENSED_V3_APPS_MASK_WIDTH 64 @@ -8206,11 +7078,23 @@ #define TX_TIMESTAMP_EVENT_TX_EV_TYPE_OFST 3 #define TX_TIMESTAMP_EVENT_TX_EV_TYPE_LEN 1 /* enum: This is a TX completion event, not a timestamp */ -#define TX_TIMESTAMP_EVENT_TX_EV_COMPLETION 0x0 +#define TX_TIMESTAMP_EVENT_TX_EV_COMPLETION 0x0 +/* enum: This is a TX completion event for a CTPIO transmit. The event format + * is the same as for TX_EV_COMPLETION. + */ +#define TX_TIMESTAMP_EVENT_TX_EV_CTPIO_COMPLETION 0x11 +/* enum: This is the low part of a TX timestamp for a CTPIO transmission. The + * event format is the same as for TX_EV_TSTAMP_LO + */ +#define TX_TIMESTAMP_EVENT_TX_EV_CTPIO_TS_LO 0x12 +/* enum: This is the high part of a TX timestamp for a CTPIO transmission. The + * event format is the same as for TX_EV_TSTAMP_HI + */ +#define TX_TIMESTAMP_EVENT_TX_EV_CTPIO_TS_HI 0x13 /* enum: This is the low part of a TX timestamp event */ -#define TX_TIMESTAMP_EVENT_TX_EV_TSTAMP_LO 0x51 +#define TX_TIMESTAMP_EVENT_TX_EV_TSTAMP_LO 0x51 /* enum: This is the high part of a TX timestamp event */ -#define TX_TIMESTAMP_EVENT_TX_EV_TSTAMP_HI 0x52 +#define TX_TIMESTAMP_EVENT_TX_EV_TSTAMP_HI 0x52 #define TX_TIMESTAMP_EVENT_TX_EV_TYPE_LBN 24 #define TX_TIMESTAMP_EVENT_TX_EV_TYPE_WIDTH 8 /* upper 16 bits of timestamp data */ @@ -8253,6 +7137,42 @@ #define CTPIO_STATS_MAP_BUCKET_LBN 16 #define CTPIO_STATS_MAP_BUCKET_WIDTH 16 +/* MESSAGE_TYPE structuredef: When present this defines the meaning of a + * message, and is used to protect against chosen message attacks in signed + * messages, regardless their origin. The message type also defines the + * signature cryptographic algorithm, encoding, and message fields included in + * the signature. The values are used in different commands but must be unique + * across all commands, e.g. MC_CMD_TSA_BIND_IN_SECURE_UNBIND uses different + * message type than MC_CMD_SECURE_NIC_INFO_IN_STATUS. + */ +#define MESSAGE_TYPE_LEN 4 +#define MESSAGE_TYPE_MESSAGE_TYPE_OFST 0 +#define MESSAGE_TYPE_MESSAGE_TYPE_LEN 4 +#define MESSAGE_TYPE_UNUSED 0x0 /* enum */ +/* enum: Message type value for the response to a + * MC_CMD_TSA_BIND_IN_SECURE_UNBIND message. TSA_SECURE_UNBIND messages are + * ECDSA SECP384R1 signed using SHA384 message digest algorithm over fields + * MESSAGE_TYPE, TSANID, TSAID, and UNBINDTOKEN, and encoded as suggested by + * RFC6979 (section 2.4). + */ +#define MESSAGE_TYPE_TSA_SECURE_UNBIND 0x1 +/* enum: Message type value for the response to a + * MC_CMD_TSA_BIND_IN_SECURE_DECOMMISSION message. TSA_SECURE_DECOMMISSION + * messages are ECDSA SECP384R1 signed using SHA384 message digest algorithm + * over fields MESSAGE_TYPE, TSAID, USER, and REASON, and encoded as suggested + * by RFC6979 (section 2.4). + */ +#define MESSAGE_TYPE_TSA_SECURE_DECOMMISSION 0x2 +/* enum: Message type value for the response to a + * MC_CMD_SECURE_NIC_INFO_IN_STATUS message. This enum value is not sequential + * to other message types for backwards compatibility as the message type for + * MC_CMD_SECURE_NIC_INFO_IN_STATUS was defined before the existence of this + * global enum. + */ +#define MESSAGE_TYPE_SECURE_NIC_INFO_STATUS 0xdb4 +#define MESSAGE_TYPE_MESSAGE_TYPE_LBN 0 +#define MESSAGE_TYPE_MESSAGE_TYPE_WIDTH 32 + /***********************************/ /* MC_CMD_READ_REGS @@ -8261,7 +7181,7 @@ #define MC_CMD_READ_REGS 0x50 #undef MC_CMD_0x50_PRIVILEGE_CTG -#define MC_CMD_0x50_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0x50_PRIVILEGE_CTG SRIOV_CTG_INSECURE /* MC_CMD_READ_REGS_IN msgrequest */ #define MC_CMD_READ_REGS_IN_LEN 0 @@ -8295,17 +7215,22 @@ #define MC_CMD_INIT_EVQ_IN_LEN(num) (36+8*(num)) /* Size, in entries */ #define MC_CMD_INIT_EVQ_IN_SIZE_OFST 0 +#define MC_CMD_INIT_EVQ_IN_SIZE_LEN 4 /* Desired instance. Must be set to a specific instance, which is a function * local queue index. */ #define MC_CMD_INIT_EVQ_IN_INSTANCE_OFST 4 +#define MC_CMD_INIT_EVQ_IN_INSTANCE_LEN 4 /* The initial timer value. The load value is ignored if the timer mode is DIS. */ #define MC_CMD_INIT_EVQ_IN_TMR_LOAD_OFST 8 +#define MC_CMD_INIT_EVQ_IN_TMR_LOAD_LEN 4 /* The reload value is ignored in one-shot modes */ #define MC_CMD_INIT_EVQ_IN_TMR_RELOAD_OFST 12 +#define MC_CMD_INIT_EVQ_IN_TMR_RELOAD_LEN 4 /* tbd */ #define MC_CMD_INIT_EVQ_IN_FLAGS_OFST 16 +#define MC_CMD_INIT_EVQ_IN_FLAGS_LEN 4 #define MC_CMD_INIT_EVQ_IN_FLAG_INTERRUPTING_LBN 0 #define MC_CMD_INIT_EVQ_IN_FLAG_INTERRUPTING_WIDTH 1 #define MC_CMD_INIT_EVQ_IN_FLAG_RPTR_DOS_LBN 1 @@ -8321,6 +7246,7 @@ #define MC_CMD_INIT_EVQ_IN_FLAG_USE_TIMER_LBN 6 #define MC_CMD_INIT_EVQ_IN_FLAG_USE_TIMER_WIDTH 1 #define MC_CMD_INIT_EVQ_IN_TMR_MODE_OFST 20 +#define MC_CMD_INIT_EVQ_IN_TMR_MODE_LEN 4 /* enum: Disabled */ #define MC_CMD_INIT_EVQ_IN_TMR_MODE_DIS 0x0 /* enum: Immediate */ @@ -8331,13 +7257,16 @@ #define MC_CMD_INIT_EVQ_IN_TMR_INT_HLDOFF 0x3 /* Target EVQ for wakeups if in wakeup mode. */ #define MC_CMD_INIT_EVQ_IN_TARGET_EVQ_OFST 24 +#define MC_CMD_INIT_EVQ_IN_TARGET_EVQ_LEN 4 /* Target interrupt if in interrupting mode (note union with target EVQ). Use * MC_CMD_RESOURCE_INSTANCE_ANY unless a specific one required for test * purposes. */ #define MC_CMD_INIT_EVQ_IN_IRQ_NUM_OFST 24 +#define MC_CMD_INIT_EVQ_IN_IRQ_NUM_LEN 4 /* Event Counter Mode. */ #define MC_CMD_INIT_EVQ_IN_COUNT_MODE_OFST 28 +#define MC_CMD_INIT_EVQ_IN_COUNT_MODE_LEN 4 /* enum: Disabled */ #define MC_CMD_INIT_EVQ_IN_COUNT_MODE_DIS 0x0 /* enum: Disabled */ @@ -8348,6 +7277,7 @@ #define MC_CMD_INIT_EVQ_IN_COUNT_MODE_RXTX 0x3 /* Event queue packet count threshold. */ #define MC_CMD_INIT_EVQ_IN_COUNT_THRSHLD_OFST 32 +#define MC_CMD_INIT_EVQ_IN_COUNT_THRSHLD_LEN 4 /* 64-bit address of 4k of 4k-aligned host memory buffer */ #define MC_CMD_INIT_EVQ_IN_DMA_ADDR_OFST 36 #define MC_CMD_INIT_EVQ_IN_DMA_ADDR_LEN 8 @@ -8360,6 +7290,7 @@ #define MC_CMD_INIT_EVQ_OUT_LEN 4 /* Only valid if INTRFLAG was true */ #define MC_CMD_INIT_EVQ_OUT_IRQ_OFST 0 +#define MC_CMD_INIT_EVQ_OUT_IRQ_LEN 4 /* MC_CMD_INIT_EVQ_V2_IN msgrequest */ #define MC_CMD_INIT_EVQ_V2_IN_LENMIN 44 @@ -8367,17 +7298,22 @@ #define MC_CMD_INIT_EVQ_V2_IN_LEN(num) (36+8*(num)) /* Size, in entries */ #define MC_CMD_INIT_EVQ_V2_IN_SIZE_OFST 0 +#define MC_CMD_INIT_EVQ_V2_IN_SIZE_LEN 4 /* Desired instance. Must be set to a specific instance, which is a function * local queue index. */ #define MC_CMD_INIT_EVQ_V2_IN_INSTANCE_OFST 4 +#define MC_CMD_INIT_EVQ_V2_IN_INSTANCE_LEN 4 /* The initial timer value. The load value is ignored if the timer mode is DIS. */ #define MC_CMD_INIT_EVQ_V2_IN_TMR_LOAD_OFST 8 +#define MC_CMD_INIT_EVQ_V2_IN_TMR_LOAD_LEN 4 /* The reload value is ignored in one-shot modes */ #define MC_CMD_INIT_EVQ_V2_IN_TMR_RELOAD_OFST 12 +#define MC_CMD_INIT_EVQ_V2_IN_TMR_RELOAD_LEN 4 /* tbd */ #define MC_CMD_INIT_EVQ_V2_IN_FLAGS_OFST 16 +#define MC_CMD_INIT_EVQ_V2_IN_FLAGS_LEN 4 #define MC_CMD_INIT_EVQ_V2_IN_FLAG_INTERRUPTING_LBN 0 #define MC_CMD_INIT_EVQ_V2_IN_FLAG_INTERRUPTING_WIDTH 1 #define MC_CMD_INIT_EVQ_V2_IN_FLAG_RPTR_DOS_LBN 1 @@ -8414,6 +7350,7 @@ */ #define MC_CMD_INIT_EVQ_V2_IN_FLAG_TYPE_AUTO 0x3 #define MC_CMD_INIT_EVQ_V2_IN_TMR_MODE_OFST 20 +#define MC_CMD_INIT_EVQ_V2_IN_TMR_MODE_LEN 4 /* enum: Disabled */ #define MC_CMD_INIT_EVQ_V2_IN_TMR_MODE_DIS 0x0 /* enum: Immediate */ @@ -8424,13 +7361,16 @@ #define MC_CMD_INIT_EVQ_V2_IN_TMR_INT_HLDOFF 0x3 /* Target EVQ for wakeups if in wakeup mode. */ #define MC_CMD_INIT_EVQ_V2_IN_TARGET_EVQ_OFST 24 +#define MC_CMD_INIT_EVQ_V2_IN_TARGET_EVQ_LEN 4 /* Target interrupt if in interrupting mode (note union with target EVQ). Use * MC_CMD_RESOURCE_INSTANCE_ANY unless a specific one required for test * purposes. */ #define MC_CMD_INIT_EVQ_V2_IN_IRQ_NUM_OFST 24 +#define MC_CMD_INIT_EVQ_V2_IN_IRQ_NUM_LEN 4 /* Event Counter Mode. */ #define MC_CMD_INIT_EVQ_V2_IN_COUNT_MODE_OFST 28 +#define MC_CMD_INIT_EVQ_V2_IN_COUNT_MODE_LEN 4 /* enum: Disabled */ #define MC_CMD_INIT_EVQ_V2_IN_COUNT_MODE_DIS 0x0 /* enum: Disabled */ @@ -8441,6 +7381,7 @@ #define MC_CMD_INIT_EVQ_V2_IN_COUNT_MODE_RXTX 0x3 /* Event queue packet count threshold. */ #define MC_CMD_INIT_EVQ_V2_IN_COUNT_THRSHLD_OFST 32 +#define MC_CMD_INIT_EVQ_V2_IN_COUNT_THRSHLD_LEN 4 /* 64-bit address of 4k of 4k-aligned host memory buffer */ #define MC_CMD_INIT_EVQ_V2_IN_DMA_ADDR_OFST 36 #define MC_CMD_INIT_EVQ_V2_IN_DMA_ADDR_LEN 8 @@ -8453,8 +7394,10 @@ #define MC_CMD_INIT_EVQ_V2_OUT_LEN 8 /* Only valid if INTRFLAG was true */ #define MC_CMD_INIT_EVQ_V2_OUT_IRQ_OFST 0 +#define MC_CMD_INIT_EVQ_V2_OUT_IRQ_LEN 4 /* Actual configuration applied on the card */ #define MC_CMD_INIT_EVQ_V2_OUT_FLAGS_OFST 4 +#define MC_CMD_INIT_EVQ_V2_OUT_FLAGS_LEN 4 #define MC_CMD_INIT_EVQ_V2_OUT_FLAG_CUT_THRU_LBN 0 #define MC_CMD_INIT_EVQ_V2_OUT_FLAG_CUT_THRU_WIDTH 1 #define MC_CMD_INIT_EVQ_V2_OUT_FLAG_RX_MERGE_LBN 1 @@ -8469,17 +7412,17 @@ #define QUEUE_CRC_MODE_MODE_LBN 0 #define QUEUE_CRC_MODE_MODE_WIDTH 4 /* enum: No CRC. */ -#define QUEUE_CRC_MODE_NONE 0x0 +#define QUEUE_CRC_MODE_NONE 0x0 /* enum: CRC Fiber channel over ethernet. */ -#define QUEUE_CRC_MODE_FCOE 0x1 +#define QUEUE_CRC_MODE_FCOE 0x1 /* enum: CRC (digest) iSCSI header only. */ -#define QUEUE_CRC_MODE_ISCSI_HDR 0x2 +#define QUEUE_CRC_MODE_ISCSI_HDR 0x2 /* enum: CRC (digest) iSCSI header and payload. */ -#define QUEUE_CRC_MODE_ISCSI 0x3 +#define QUEUE_CRC_MODE_ISCSI 0x3 /* enum: CRC Fiber channel over IP over ethernet. */ -#define QUEUE_CRC_MODE_FCOIPOE 0x4 +#define QUEUE_CRC_MODE_FCOIPOE 0x4 /* enum: CRC MPA. */ -#define QUEUE_CRC_MODE_MPA 0x5 +#define QUEUE_CRC_MODE_MPA 0x5 #define QUEUE_CRC_MODE_SPARE_LBN 4 #define QUEUE_CRC_MODE_SPARE_WIDTH 4 @@ -8503,17 +7446,22 @@ #define MC_CMD_INIT_RXQ_IN_LEN(num) (28+8*(num)) /* Size, in entries */ #define MC_CMD_INIT_RXQ_IN_SIZE_OFST 0 +#define MC_CMD_INIT_RXQ_IN_SIZE_LEN 4 /* The EVQ to send events to. This is an index originally specified to INIT_EVQ */ #define MC_CMD_INIT_RXQ_IN_TARGET_EVQ_OFST 4 +#define MC_CMD_INIT_RXQ_IN_TARGET_EVQ_LEN 4 /* The value to put in the event data. Check hardware spec. for valid range. */ #define MC_CMD_INIT_RXQ_IN_LABEL_OFST 8 +#define MC_CMD_INIT_RXQ_IN_LABEL_LEN 4 /* Desired instance. Must be set to a specific instance, which is a function * local queue index. */ #define MC_CMD_INIT_RXQ_IN_INSTANCE_OFST 12 +#define MC_CMD_INIT_RXQ_IN_INSTANCE_LEN 4 /* There will be more flags here. */ #define MC_CMD_INIT_RXQ_IN_FLAGS_OFST 16 +#define MC_CMD_INIT_RXQ_IN_FLAGS_LEN 4 #define MC_CMD_INIT_RXQ_IN_FLAG_BUFF_MODE_LBN 0 #define MC_CMD_INIT_RXQ_IN_FLAG_BUFF_MODE_WIDTH 1 #define MC_CMD_INIT_RXQ_IN_FLAG_HDR_SPLIT_LBN 1 @@ -8532,8 +7480,10 @@ #define MC_CMD_INIT_RXQ_IN_UNUSED_WIDTH 1 /* Owner ID to use if in buffer mode (zero if physical) */ #define MC_CMD_INIT_RXQ_IN_OWNER_ID_OFST 20 +#define MC_CMD_INIT_RXQ_IN_OWNER_ID_LEN 4 /* The port ID associated with the v-adaptor which should contain this DMAQ. */ #define MC_CMD_INIT_RXQ_IN_PORT_ID_OFST 24 +#define MC_CMD_INIT_RXQ_IN_PORT_ID_LEN 4 /* 64-bit address of 4k of 4k-aligned host memory buffer */ #define MC_CMD_INIT_RXQ_IN_DMA_ADDR_OFST 28 #define MC_CMD_INIT_RXQ_IN_DMA_ADDR_LEN 8 @@ -8548,17 +7498,26 @@ #define MC_CMD_INIT_RXQ_EXT_IN_LEN 544 /* Size, in entries */ #define MC_CMD_INIT_RXQ_EXT_IN_SIZE_OFST 0 -/* The EVQ to send events to. This is an index originally specified to INIT_EVQ +#define MC_CMD_INIT_RXQ_EXT_IN_SIZE_LEN 4 +/* The EVQ to send events to. This is an index originally specified to + * INIT_EVQ. If DMA_MODE == PACKED_STREAM this must be equal to INSTANCE. */ #define MC_CMD_INIT_RXQ_EXT_IN_TARGET_EVQ_OFST 4 -/* The value to put in the event data. Check hardware spec. for valid range. */ +#define MC_CMD_INIT_RXQ_EXT_IN_TARGET_EVQ_LEN 4 +/* The value to put in the event data. Check hardware spec. for valid range. + * This field is ignored if DMA_MODE == EQUAL_STRIDE_SUPER_BUFFER or DMA_MODE + * == PACKED_STREAM. + */ #define MC_CMD_INIT_RXQ_EXT_IN_LABEL_OFST 8 +#define MC_CMD_INIT_RXQ_EXT_IN_LABEL_LEN 4 /* Desired instance. Must be set to a specific instance, which is a function * local queue index. */ #define MC_CMD_INIT_RXQ_EXT_IN_INSTANCE_OFST 12 +#define MC_CMD_INIT_RXQ_EXT_IN_INSTANCE_LEN 4 /* There will be more flags here. */ #define MC_CMD_INIT_RXQ_EXT_IN_FLAGS_OFST 16 +#define MC_CMD_INIT_RXQ_EXT_IN_FLAGS_LEN 4 #define MC_CMD_INIT_RXQ_EXT_IN_FLAG_BUFF_MODE_LBN 0 #define MC_CMD_INIT_RXQ_EXT_IN_FLAG_BUFF_MODE_WIDTH 1 #define MC_CMD_INIT_RXQ_EXT_IN_FLAG_HDR_SPLIT_LBN 1 @@ -8576,26 +7535,37 @@ #define MC_CMD_INIT_RXQ_EXT_IN_DMA_MODE_LBN 10 #define MC_CMD_INIT_RXQ_EXT_IN_DMA_MODE_WIDTH 4 /* enum: One packet per descriptor (for normal networking) */ -#define MC_CMD_INIT_RXQ_EXT_IN_SINGLE_PACKET 0x0 +#define MC_CMD_INIT_RXQ_EXT_IN_SINGLE_PACKET 0x0 /* enum: Pack multiple packets into large descriptors (for SolarCapture) */ -#define MC_CMD_INIT_RXQ_EXT_IN_PACKED_STREAM 0x1 +#define MC_CMD_INIT_RXQ_EXT_IN_PACKED_STREAM 0x1 +/* enum: Pack multiple packets into large descriptors using the format designed + * to maximise packet rate. This mode uses 1 "bucket" per descriptor with + * multiple fixed-size packet buffers within each bucket. For a full + * description see SF-119419-TC. This mode is only supported by "dpdk" datapath + * firmware. + */ +#define MC_CMD_INIT_RXQ_EXT_IN_EQUAL_STRIDE_SUPER_BUFFER 0x2 +/* enum: Deprecated name for EQUAL_STRIDE_SUPER_BUFFER. */ +#define MC_CMD_INIT_RXQ_EXT_IN_EQUAL_STRIDE_PACKED_STREAM 0x2 #define MC_CMD_INIT_RXQ_EXT_IN_FLAG_SNAPSHOT_MODE_LBN 14 #define MC_CMD_INIT_RXQ_EXT_IN_FLAG_SNAPSHOT_MODE_WIDTH 1 #define MC_CMD_INIT_RXQ_EXT_IN_PACKED_STREAM_BUFF_SIZE_LBN 15 #define MC_CMD_INIT_RXQ_EXT_IN_PACKED_STREAM_BUFF_SIZE_WIDTH 3 -#define MC_CMD_INIT_RXQ_EXT_IN_PS_BUFF_1M 0x0 /* enum */ -#define MC_CMD_INIT_RXQ_EXT_IN_PS_BUFF_512K 0x1 /* enum */ -#define MC_CMD_INIT_RXQ_EXT_IN_PS_BUFF_256K 0x2 /* enum */ -#define MC_CMD_INIT_RXQ_EXT_IN_PS_BUFF_128K 0x3 /* enum */ -#define MC_CMD_INIT_RXQ_EXT_IN_PS_BUFF_64K 0x4 /* enum */ +#define MC_CMD_INIT_RXQ_EXT_IN_PS_BUFF_1M 0x0 /* enum */ +#define MC_CMD_INIT_RXQ_EXT_IN_PS_BUFF_512K 0x1 /* enum */ +#define MC_CMD_INIT_RXQ_EXT_IN_PS_BUFF_256K 0x2 /* enum */ +#define MC_CMD_INIT_RXQ_EXT_IN_PS_BUFF_128K 0x3 /* enum */ +#define MC_CMD_INIT_RXQ_EXT_IN_PS_BUFF_64K 0x4 /* enum */ #define MC_CMD_INIT_RXQ_EXT_IN_FLAG_WANT_OUTER_CLASSES_LBN 18 #define MC_CMD_INIT_RXQ_EXT_IN_FLAG_WANT_OUTER_CLASSES_WIDTH 1 #define MC_CMD_INIT_RXQ_EXT_IN_FLAG_FORCE_EV_MERGING_LBN 19 #define MC_CMD_INIT_RXQ_EXT_IN_FLAG_FORCE_EV_MERGING_WIDTH 1 /* Owner ID to use if in buffer mode (zero if physical) */ #define MC_CMD_INIT_RXQ_EXT_IN_OWNER_ID_OFST 20 +#define MC_CMD_INIT_RXQ_EXT_IN_OWNER_ID_LEN 4 /* The port ID associated with the v-adaptor which should contain this DMAQ. */ #define MC_CMD_INIT_RXQ_EXT_IN_PORT_ID_OFST 24 +#define MC_CMD_INIT_RXQ_EXT_IN_PORT_ID_LEN 4 /* 64-bit address of 4k of 4k-aligned host memory buffer */ #define MC_CMD_INIT_RXQ_EXT_IN_DMA_ADDR_OFST 28 #define MC_CMD_INIT_RXQ_EXT_IN_DMA_ADDR_LEN 8 @@ -8604,6 +7574,116 @@ #define MC_CMD_INIT_RXQ_EXT_IN_DMA_ADDR_NUM 64 /* Maximum length of packet to receive, if SNAPSHOT_MODE flag is set */ #define MC_CMD_INIT_RXQ_EXT_IN_SNAPSHOT_LENGTH_OFST 540 +#define MC_CMD_INIT_RXQ_EXT_IN_SNAPSHOT_LENGTH_LEN 4 + +/* MC_CMD_INIT_RXQ_V3_IN msgrequest */ +#define MC_CMD_INIT_RXQ_V3_IN_LEN 560 +/* Size, in entries */ +#define MC_CMD_INIT_RXQ_V3_IN_SIZE_OFST 0 +#define MC_CMD_INIT_RXQ_V3_IN_SIZE_LEN 4 +/* The EVQ to send events to. This is an index originally specified to + * INIT_EVQ. If DMA_MODE == PACKED_STREAM this must be equal to INSTANCE. + */ +#define MC_CMD_INIT_RXQ_V3_IN_TARGET_EVQ_OFST 4 +#define MC_CMD_INIT_RXQ_V3_IN_TARGET_EVQ_LEN 4 +/* The value to put in the event data. Check hardware spec. for valid range. + * This field is ignored if DMA_MODE == EQUAL_STRIDE_SUPER_BUFFER or DMA_MODE + * == PACKED_STREAM. + */ +#define MC_CMD_INIT_RXQ_V3_IN_LABEL_OFST 8 +#define MC_CMD_INIT_RXQ_V3_IN_LABEL_LEN 4 +/* Desired instance. Must be set to a specific instance, which is a function + * local queue index. + */ +#define MC_CMD_INIT_RXQ_V3_IN_INSTANCE_OFST 12 +#define MC_CMD_INIT_RXQ_V3_IN_INSTANCE_LEN 4 +/* There will be more flags here. */ +#define MC_CMD_INIT_RXQ_V3_IN_FLAGS_OFST 16 +#define MC_CMD_INIT_RXQ_V3_IN_FLAGS_LEN 4 +#define MC_CMD_INIT_RXQ_V3_IN_FLAG_BUFF_MODE_LBN 0 +#define MC_CMD_INIT_RXQ_V3_IN_FLAG_BUFF_MODE_WIDTH 1 +#define MC_CMD_INIT_RXQ_V3_IN_FLAG_HDR_SPLIT_LBN 1 +#define MC_CMD_INIT_RXQ_V3_IN_FLAG_HDR_SPLIT_WIDTH 1 +#define MC_CMD_INIT_RXQ_V3_IN_FLAG_TIMESTAMP_LBN 2 +#define MC_CMD_INIT_RXQ_V3_IN_FLAG_TIMESTAMP_WIDTH 1 +#define MC_CMD_INIT_RXQ_V3_IN_CRC_MODE_LBN 3 +#define MC_CMD_INIT_RXQ_V3_IN_CRC_MODE_WIDTH 4 +#define MC_CMD_INIT_RXQ_V3_IN_FLAG_CHAIN_LBN 7 +#define MC_CMD_INIT_RXQ_V3_IN_FLAG_CHAIN_WIDTH 1 +#define MC_CMD_INIT_RXQ_V3_IN_FLAG_PREFIX_LBN 8 +#define MC_CMD_INIT_RXQ_V3_IN_FLAG_PREFIX_WIDTH 1 +#define MC_CMD_INIT_RXQ_V3_IN_FLAG_DISABLE_SCATTER_LBN 9 +#define MC_CMD_INIT_RXQ_V3_IN_FLAG_DISABLE_SCATTER_WIDTH 1 +#define MC_CMD_INIT_RXQ_V3_IN_DMA_MODE_LBN 10 +#define MC_CMD_INIT_RXQ_V3_IN_DMA_MODE_WIDTH 4 +/* enum: One packet per descriptor (for normal networking) */ +#define MC_CMD_INIT_RXQ_V3_IN_SINGLE_PACKET 0x0 +/* enum: Pack multiple packets into large descriptors (for SolarCapture) */ +#define MC_CMD_INIT_RXQ_V3_IN_PACKED_STREAM 0x1 +/* enum: Pack multiple packets into large descriptors using the format designed + * to maximise packet rate. This mode uses 1 "bucket" per descriptor with + * multiple fixed-size packet buffers within each bucket. For a full + * description see SF-119419-TC. This mode is only supported by "dpdk" datapath + * firmware. + */ +#define MC_CMD_INIT_RXQ_V3_IN_EQUAL_STRIDE_SUPER_BUFFER 0x2 +/* enum: Deprecated name for EQUAL_STRIDE_SUPER_BUFFER. */ +#define MC_CMD_INIT_RXQ_V3_IN_EQUAL_STRIDE_PACKED_STREAM 0x2 +#define MC_CMD_INIT_RXQ_V3_IN_FLAG_SNAPSHOT_MODE_LBN 14 +#define MC_CMD_INIT_RXQ_V3_IN_FLAG_SNAPSHOT_MODE_WIDTH 1 +#define MC_CMD_INIT_RXQ_V3_IN_PACKED_STREAM_BUFF_SIZE_LBN 15 +#define MC_CMD_INIT_RXQ_V3_IN_PACKED_STREAM_BUFF_SIZE_WIDTH 3 +#define MC_CMD_INIT_RXQ_V3_IN_PS_BUFF_1M 0x0 /* enum */ +#define MC_CMD_INIT_RXQ_V3_IN_PS_BUFF_512K 0x1 /* enum */ +#define MC_CMD_INIT_RXQ_V3_IN_PS_BUFF_256K 0x2 /* enum */ +#define MC_CMD_INIT_RXQ_V3_IN_PS_BUFF_128K 0x3 /* enum */ +#define MC_CMD_INIT_RXQ_V3_IN_PS_BUFF_64K 0x4 /* enum */ +#define MC_CMD_INIT_RXQ_V3_IN_FLAG_WANT_OUTER_CLASSES_LBN 18 +#define MC_CMD_INIT_RXQ_V3_IN_FLAG_WANT_OUTER_CLASSES_WIDTH 1 +#define MC_CMD_INIT_RXQ_V3_IN_FLAG_FORCE_EV_MERGING_LBN 19 +#define MC_CMD_INIT_RXQ_V3_IN_FLAG_FORCE_EV_MERGING_WIDTH 1 +/* Owner ID to use if in buffer mode (zero if physical) */ +#define MC_CMD_INIT_RXQ_V3_IN_OWNER_ID_OFST 20 +#define MC_CMD_INIT_RXQ_V3_IN_OWNER_ID_LEN 4 +/* The port ID associated with the v-adaptor which should contain this DMAQ. */ +#define MC_CMD_INIT_RXQ_V3_IN_PORT_ID_OFST 24 +#define MC_CMD_INIT_RXQ_V3_IN_PORT_ID_LEN 4 +/* 64-bit address of 4k of 4k-aligned host memory buffer */ +#define MC_CMD_INIT_RXQ_V3_IN_DMA_ADDR_OFST 28 +#define MC_CMD_INIT_RXQ_V3_IN_DMA_ADDR_LEN 8 +#define MC_CMD_INIT_RXQ_V3_IN_DMA_ADDR_LO_OFST 28 +#define MC_CMD_INIT_RXQ_V3_IN_DMA_ADDR_HI_OFST 32 +#define MC_CMD_INIT_RXQ_V3_IN_DMA_ADDR_NUM 64 +/* Maximum length of packet to receive, if SNAPSHOT_MODE flag is set */ +#define MC_CMD_INIT_RXQ_V3_IN_SNAPSHOT_LENGTH_OFST 540 +#define MC_CMD_INIT_RXQ_V3_IN_SNAPSHOT_LENGTH_LEN 4 +/* The number of packet buffers that will be contained within each + * EQUAL_STRIDE_SUPER_BUFFER format bucket supplied by the driver. This field + * is ignored unless DMA_MODE == EQUAL_STRIDE_SUPER_BUFFER. + */ +#define MC_CMD_INIT_RXQ_V3_IN_ES_PACKET_BUFFERS_PER_BUCKET_OFST 544 +#define MC_CMD_INIT_RXQ_V3_IN_ES_PACKET_BUFFERS_PER_BUCKET_LEN 4 +/* The length in bytes of the area in each packet buffer that can be written to + * by the adapter. This is used to store the packet prefix and the packet + * payload. This length does not include any end padding added by the driver. + * This field is ignored unless DMA_MODE == EQUAL_STRIDE_SUPER_BUFFER. + */ +#define MC_CMD_INIT_RXQ_V3_IN_ES_MAX_DMA_LEN_OFST 548 +#define MC_CMD_INIT_RXQ_V3_IN_ES_MAX_DMA_LEN_LEN 4 +/* The length in bytes of a single packet buffer within a + * EQUAL_STRIDE_SUPER_BUFFER format bucket. This field is ignored unless + * DMA_MODE == EQUAL_STRIDE_SUPER_BUFFER. + */ +#define MC_CMD_INIT_RXQ_V3_IN_ES_PACKET_STRIDE_OFST 552 +#define MC_CMD_INIT_RXQ_V3_IN_ES_PACKET_STRIDE_LEN 4 +/* The maximum time in nanoseconds that the datapath will be backpressured if + * there are no RX descriptors available. If the timeout is reached and there + * are still no descriptors then the packet will be dropped. A timeout of 0 + * means the datapath will never be blocked. This field is ignored unless + * DMA_MODE == EQUAL_STRIDE_SUPER_BUFFER. + */ +#define MC_CMD_INIT_RXQ_V3_IN_ES_HEAD_OF_LINE_BLOCK_TIMEOUT_OFST 556 +#define MC_CMD_INIT_RXQ_V3_IN_ES_HEAD_OF_LINE_BLOCK_TIMEOUT_LEN 4 /* MC_CMD_INIT_RXQ_OUT msgresponse */ #define MC_CMD_INIT_RXQ_OUT_LEN 0 @@ -8611,6 +7691,9 @@ /* MC_CMD_INIT_RXQ_EXT_OUT msgresponse */ #define MC_CMD_INIT_RXQ_EXT_OUT_LEN 0 +/* MC_CMD_INIT_RXQ_V3_OUT msgresponse */ +#define MC_CMD_INIT_RXQ_V3_OUT_LEN 0 + /***********************************/ /* MC_CMD_INIT_TXQ @@ -8628,18 +7711,23 @@ #define MC_CMD_INIT_TXQ_IN_LEN(num) (28+8*(num)) /* Size, in entries */ #define MC_CMD_INIT_TXQ_IN_SIZE_OFST 0 +#define MC_CMD_INIT_TXQ_IN_SIZE_LEN 4 /* The EVQ to send events to. This is an index originally specified to * INIT_EVQ. */ #define MC_CMD_INIT_TXQ_IN_TARGET_EVQ_OFST 4 +#define MC_CMD_INIT_TXQ_IN_TARGET_EVQ_LEN 4 /* The value to put in the event data. Check hardware spec. for valid range. */ #define MC_CMD_INIT_TXQ_IN_LABEL_OFST 8 +#define MC_CMD_INIT_TXQ_IN_LABEL_LEN 4 /* Desired instance. Must be set to a specific instance, which is a function * local queue index. */ #define MC_CMD_INIT_TXQ_IN_INSTANCE_OFST 12 +#define MC_CMD_INIT_TXQ_IN_INSTANCE_LEN 4 /* There will be more flags here. */ #define MC_CMD_INIT_TXQ_IN_FLAGS_OFST 16 +#define MC_CMD_INIT_TXQ_IN_FLAGS_LEN 4 #define MC_CMD_INIT_TXQ_IN_FLAG_BUFF_MODE_LBN 0 #define MC_CMD_INIT_TXQ_IN_FLAG_BUFF_MODE_WIDTH 1 #define MC_CMD_INIT_TXQ_IN_FLAG_IP_CSUM_DIS_LBN 1 @@ -8660,8 +7748,10 @@ #define MC_CMD_INIT_TXQ_IN_FLAG_INNER_TCP_CSUM_EN_WIDTH 1 /* Owner ID to use if in buffer mode (zero if physical) */ #define MC_CMD_INIT_TXQ_IN_OWNER_ID_OFST 20 +#define MC_CMD_INIT_TXQ_IN_OWNER_ID_LEN 4 /* The port ID associated with the v-adaptor which should contain this DMAQ. */ #define MC_CMD_INIT_TXQ_IN_PORT_ID_OFST 24 +#define MC_CMD_INIT_TXQ_IN_PORT_ID_LEN 4 /* 64-bit address of 4k of 4k-aligned host memory buffer */ #define MC_CMD_INIT_TXQ_IN_DMA_ADDR_OFST 28 #define MC_CMD_INIT_TXQ_IN_DMA_ADDR_LEN 8 @@ -8676,18 +7766,23 @@ #define MC_CMD_INIT_TXQ_EXT_IN_LEN 544 /* Size, in entries */ #define MC_CMD_INIT_TXQ_EXT_IN_SIZE_OFST 0 +#define MC_CMD_INIT_TXQ_EXT_IN_SIZE_LEN 4 /* The EVQ to send events to. This is an index originally specified to * INIT_EVQ. */ #define MC_CMD_INIT_TXQ_EXT_IN_TARGET_EVQ_OFST 4 +#define MC_CMD_INIT_TXQ_EXT_IN_TARGET_EVQ_LEN 4 /* The value to put in the event data. Check hardware spec. for valid range. */ #define MC_CMD_INIT_TXQ_EXT_IN_LABEL_OFST 8 +#define MC_CMD_INIT_TXQ_EXT_IN_LABEL_LEN 4 /* Desired instance. Must be set to a specific instance, which is a function * local queue index. */ #define MC_CMD_INIT_TXQ_EXT_IN_INSTANCE_OFST 12 +#define MC_CMD_INIT_TXQ_EXT_IN_INSTANCE_LEN 4 /* There will be more flags here. */ #define MC_CMD_INIT_TXQ_EXT_IN_FLAGS_OFST 16 +#define MC_CMD_INIT_TXQ_EXT_IN_FLAGS_LEN 4 #define MC_CMD_INIT_TXQ_EXT_IN_FLAG_BUFF_MODE_LBN 0 #define MC_CMD_INIT_TXQ_EXT_IN_FLAG_BUFF_MODE_WIDTH 1 #define MC_CMD_INIT_TXQ_EXT_IN_FLAG_IP_CSUM_DIS_LBN 1 @@ -8710,10 +7805,14 @@ #define MC_CMD_INIT_TXQ_EXT_IN_FLAG_TSOV2_EN_WIDTH 1 #define MC_CMD_INIT_TXQ_EXT_IN_FLAG_CTPIO_LBN 13 #define MC_CMD_INIT_TXQ_EXT_IN_FLAG_CTPIO_WIDTH 1 +#define MC_CMD_INIT_TXQ_EXT_IN_FLAG_CTPIO_UTHRESH_LBN 14 +#define MC_CMD_INIT_TXQ_EXT_IN_FLAG_CTPIO_UTHRESH_WIDTH 1 /* Owner ID to use if in buffer mode (zero if physical) */ #define MC_CMD_INIT_TXQ_EXT_IN_OWNER_ID_OFST 20 +#define MC_CMD_INIT_TXQ_EXT_IN_OWNER_ID_LEN 4 /* The port ID associated with the v-adaptor which should contain this DMAQ. */ #define MC_CMD_INIT_TXQ_EXT_IN_PORT_ID_OFST 24 +#define MC_CMD_INIT_TXQ_EXT_IN_PORT_ID_LEN 4 /* 64-bit address of 4k of 4k-aligned host memory buffer */ #define MC_CMD_INIT_TXQ_EXT_IN_DMA_ADDR_OFST 28 #define MC_CMD_INIT_TXQ_EXT_IN_DMA_ADDR_LEN 8 @@ -8723,6 +7822,7 @@ #define MC_CMD_INIT_TXQ_EXT_IN_DMA_ADDR_MAXNUM 64 /* Flags related to Qbb flow control mode. */ #define MC_CMD_INIT_TXQ_EXT_IN_QBB_FLAGS_OFST 540 +#define MC_CMD_INIT_TXQ_EXT_IN_QBB_FLAGS_LEN 4 #define MC_CMD_INIT_TXQ_EXT_IN_QBB_ENABLE_LBN 0 #define MC_CMD_INIT_TXQ_EXT_IN_QBB_ENABLE_WIDTH 1 #define MC_CMD_INIT_TXQ_EXT_IN_QBB_PRIORITY_LBN 1 @@ -8750,6 +7850,7 @@ * passed to INIT_EVQ */ #define MC_CMD_FINI_EVQ_IN_INSTANCE_OFST 0 +#define MC_CMD_FINI_EVQ_IN_INSTANCE_LEN 4 /* MC_CMD_FINI_EVQ_OUT msgresponse */ #define MC_CMD_FINI_EVQ_OUT_LEN 0 @@ -8768,6 +7869,7 @@ #define MC_CMD_FINI_RXQ_IN_LEN 4 /* Instance of RXQ to destroy */ #define MC_CMD_FINI_RXQ_IN_INSTANCE_OFST 0 +#define MC_CMD_FINI_RXQ_IN_INSTANCE_LEN 4 /* MC_CMD_FINI_RXQ_OUT msgresponse */ #define MC_CMD_FINI_RXQ_OUT_LEN 0 @@ -8786,6 +7888,7 @@ #define MC_CMD_FINI_TXQ_IN_LEN 4 /* Instance of TXQ to destroy */ #define MC_CMD_FINI_TXQ_IN_INSTANCE_OFST 0 +#define MC_CMD_FINI_TXQ_IN_INSTANCE_LEN 4 /* MC_CMD_FINI_TXQ_OUT msgresponse */ #define MC_CMD_FINI_TXQ_OUT_LEN 0 @@ -8804,6 +7907,7 @@ #define MC_CMD_DRIVER_EVENT_IN_LEN 12 /* Handle of target EVQ */ #define MC_CMD_DRIVER_EVENT_IN_EVQ_OFST 0 +#define MC_CMD_DRIVER_EVENT_IN_EVQ_LEN 4 /* Bits 0 - 63 of event */ #define MC_CMD_DRIVER_EVENT_IN_DATA_OFST 4 #define MC_CMD_DRIVER_EVENT_IN_DATA_LEN 8 @@ -8830,11 +7934,12 @@ #define MC_CMD_PROXY_CMD_IN_LEN 4 /* The handle of the target function. */ #define MC_CMD_PROXY_CMD_IN_TARGET_OFST 0 +#define MC_CMD_PROXY_CMD_IN_TARGET_LEN 4 #define MC_CMD_PROXY_CMD_IN_TARGET_PF_LBN 0 #define MC_CMD_PROXY_CMD_IN_TARGET_PF_WIDTH 16 #define MC_CMD_PROXY_CMD_IN_TARGET_VF_LBN 16 #define MC_CMD_PROXY_CMD_IN_TARGET_VF_WIDTH 16 -#define MC_CMD_PROXY_CMD_IN_VF_NULL 0xffff /* enum */ +#define MC_CMD_PROXY_CMD_IN_VF_NULL 0xffff /* enum */ /* MC_CMD_PROXY_CMD_OUT msgresponse */ #define MC_CMD_PROXY_CMD_OUT_LEN 0 @@ -8845,8 +7950,9 @@ #define MC_PROXY_STATUS_BUFFER_LEN 16 /* Handle allocated by the firmware for this proxy transaction */ #define MC_PROXY_STATUS_BUFFER_HANDLE_OFST 0 +#define MC_PROXY_STATUS_BUFFER_HANDLE_LEN 4 /* enum: An invalid handle. */ -#define MC_PROXY_STATUS_BUFFER_HANDLE_INVALID 0x0 +#define MC_PROXY_STATUS_BUFFER_HANDLE_INVALID 0x0 #define MC_PROXY_STATUS_BUFFER_HANDLE_LBN 0 #define MC_PROXY_STATUS_BUFFER_HANDLE_WIDTH 32 /* The requesting physical function number */ @@ -8875,6 +7981,7 @@ * elevated privilege mask granted to the requesting function. */ #define MC_PROXY_STATUS_BUFFER_GRANTED_PRIVILEGES_OFST 12 +#define MC_PROXY_STATUS_BUFFER_GRANTED_PRIVILEGES_LEN 4 #define MC_PROXY_STATUS_BUFFER_GRANTED_PRIVILEGES_LBN 96 #define MC_PROXY_STATUS_BUFFER_GRANTED_PRIVILEGES_WIDTH 32 @@ -8892,6 +7999,7 @@ /* MC_CMD_PROXY_CONFIGURE_IN msgrequest */ #define MC_CMD_PROXY_CONFIGURE_IN_LEN 108 #define MC_CMD_PROXY_CONFIGURE_IN_FLAGS_OFST 0 +#define MC_CMD_PROXY_CONFIGURE_IN_FLAGS_LEN 4 #define MC_CMD_PROXY_CONFIGURE_IN_ENABLE_LBN 0 #define MC_CMD_PROXY_CONFIGURE_IN_ENABLE_WIDTH 1 /* Host provides a contiguous memory buffer that contains at least NUM_BLOCKS @@ -8903,6 +8011,7 @@ #define MC_CMD_PROXY_CONFIGURE_IN_STATUS_BUFF_ADDR_HI_OFST 8 /* Must be a power of 2 */ #define MC_CMD_PROXY_CONFIGURE_IN_STATUS_BLOCK_SIZE_OFST 12 +#define MC_CMD_PROXY_CONFIGURE_IN_STATUS_BLOCK_SIZE_LEN 4 /* Host provides a contiguous memory buffer that contains at least NUM_BLOCKS * of blocks, each of the size REPLY_BLOCK_SIZE. */ @@ -8912,6 +8021,7 @@ #define MC_CMD_PROXY_CONFIGURE_IN_REQUEST_BUFF_ADDR_HI_OFST 20 /* Must be a power of 2 */ #define MC_CMD_PROXY_CONFIGURE_IN_REQUEST_BLOCK_SIZE_OFST 24 +#define MC_CMD_PROXY_CONFIGURE_IN_REQUEST_BLOCK_SIZE_LEN 4 /* Host provides a contiguous memory buffer that contains at least NUM_BLOCKS * of blocks, each of the size STATUS_BLOCK_SIZE. This buffer is only needed if * host intends to complete proxied operations by using MC_CMD_PROXY_CMD. @@ -8922,8 +8032,10 @@ #define MC_CMD_PROXY_CONFIGURE_IN_REPLY_BUFF_ADDR_HI_OFST 32 /* Must be a power of 2, or zero if this buffer is not provided */ #define MC_CMD_PROXY_CONFIGURE_IN_REPLY_BLOCK_SIZE_OFST 36 +#define MC_CMD_PROXY_CONFIGURE_IN_REPLY_BLOCK_SIZE_LEN 4 /* Applies to all three buffers */ #define MC_CMD_PROXY_CONFIGURE_IN_NUM_BLOCKS_OFST 40 +#define MC_CMD_PROXY_CONFIGURE_IN_NUM_BLOCKS_LEN 4 /* A bit mask defining which MCDI operations may be proxied */ #define MC_CMD_PROXY_CONFIGURE_IN_ALLOWED_MCDI_MASK_OFST 44 #define MC_CMD_PROXY_CONFIGURE_IN_ALLOWED_MCDI_MASK_LEN 64 @@ -8931,6 +8043,7 @@ /* MC_CMD_PROXY_CONFIGURE_EXT_IN msgrequest */ #define MC_CMD_PROXY_CONFIGURE_EXT_IN_LEN 112 #define MC_CMD_PROXY_CONFIGURE_EXT_IN_FLAGS_OFST 0 +#define MC_CMD_PROXY_CONFIGURE_EXT_IN_FLAGS_LEN 4 #define MC_CMD_PROXY_CONFIGURE_EXT_IN_ENABLE_LBN 0 #define MC_CMD_PROXY_CONFIGURE_EXT_IN_ENABLE_WIDTH 1 /* Host provides a contiguous memory buffer that contains at least NUM_BLOCKS @@ -8942,6 +8055,7 @@ #define MC_CMD_PROXY_CONFIGURE_EXT_IN_STATUS_BUFF_ADDR_HI_OFST 8 /* Must be a power of 2 */ #define MC_CMD_PROXY_CONFIGURE_EXT_IN_STATUS_BLOCK_SIZE_OFST 12 +#define MC_CMD_PROXY_CONFIGURE_EXT_IN_STATUS_BLOCK_SIZE_LEN 4 /* Host provides a contiguous memory buffer that contains at least NUM_BLOCKS * of blocks, each of the size REPLY_BLOCK_SIZE. */ @@ -8951,6 +8065,7 @@ #define MC_CMD_PROXY_CONFIGURE_EXT_IN_REQUEST_BUFF_ADDR_HI_OFST 20 /* Must be a power of 2 */ #define MC_CMD_PROXY_CONFIGURE_EXT_IN_REQUEST_BLOCK_SIZE_OFST 24 +#define MC_CMD_PROXY_CONFIGURE_EXT_IN_REQUEST_BLOCK_SIZE_LEN 4 /* Host provides a contiguous memory buffer that contains at least NUM_BLOCKS * of blocks, each of the size STATUS_BLOCK_SIZE. This buffer is only needed if * host intends to complete proxied operations by using MC_CMD_PROXY_CMD. @@ -8961,12 +8076,15 @@ #define MC_CMD_PROXY_CONFIGURE_EXT_IN_REPLY_BUFF_ADDR_HI_OFST 32 /* Must be a power of 2, or zero if this buffer is not provided */ #define MC_CMD_PROXY_CONFIGURE_EXT_IN_REPLY_BLOCK_SIZE_OFST 36 +#define MC_CMD_PROXY_CONFIGURE_EXT_IN_REPLY_BLOCK_SIZE_LEN 4 /* Applies to all three buffers */ #define MC_CMD_PROXY_CONFIGURE_EXT_IN_NUM_BLOCKS_OFST 40 +#define MC_CMD_PROXY_CONFIGURE_EXT_IN_NUM_BLOCKS_LEN 4 /* A bit mask defining which MCDI operations may be proxied */ #define MC_CMD_PROXY_CONFIGURE_EXT_IN_ALLOWED_MCDI_MASK_OFST 44 #define MC_CMD_PROXY_CONFIGURE_EXT_IN_ALLOWED_MCDI_MASK_LEN 64 #define MC_CMD_PROXY_CONFIGURE_EXT_IN_RESERVED_OFST 108 +#define MC_CMD_PROXY_CONFIGURE_EXT_IN_RESERVED_LEN 4 /* MC_CMD_PROXY_CONFIGURE_OUT msgresponse */ #define MC_CMD_PROXY_CONFIGURE_OUT_LEN 0 @@ -8987,7 +8105,9 @@ /* MC_CMD_PROXY_COMPLETE_IN msgrequest */ #define MC_CMD_PROXY_COMPLETE_IN_LEN 12 #define MC_CMD_PROXY_COMPLETE_IN_BLOCK_INDEX_OFST 0 +#define MC_CMD_PROXY_COMPLETE_IN_BLOCK_INDEX_LEN 4 #define MC_CMD_PROXY_COMPLETE_IN_STATUS_OFST 4 +#define MC_CMD_PROXY_COMPLETE_IN_STATUS_LEN 4 /* enum: The operation has been completed by using MC_CMD_PROXY_CMD, the reply * is stored in the REPLY_BUFF. */ @@ -9003,6 +8123,7 @@ */ #define MC_CMD_PROXY_COMPLETE_IN_TIMEDOUT 0x3 #define MC_CMD_PROXY_COMPLETE_IN_HANDLE_OFST 8 +#define MC_CMD_PROXY_COMPLETE_IN_HANDLE_LEN 4 /* MC_CMD_PROXY_COMPLETE_OUT msgresponse */ #define MC_CMD_PROXY_COMPLETE_OUT_LEN 0 @@ -9023,17 +8144,22 @@ #define MC_CMD_ALLOC_BUFTBL_CHUNK_IN_LEN 8 /* Owner ID to use */ #define MC_CMD_ALLOC_BUFTBL_CHUNK_IN_OWNER_OFST 0 +#define MC_CMD_ALLOC_BUFTBL_CHUNK_IN_OWNER_LEN 4 /* Size of buffer table pages to use, in bytes (note that only a few values are * legal on any specific hardware). */ #define MC_CMD_ALLOC_BUFTBL_CHUNK_IN_PAGE_SIZE_OFST 4 +#define MC_CMD_ALLOC_BUFTBL_CHUNK_IN_PAGE_SIZE_LEN 4 /* MC_CMD_ALLOC_BUFTBL_CHUNK_OUT msgresponse */ #define MC_CMD_ALLOC_BUFTBL_CHUNK_OUT_LEN 12 #define MC_CMD_ALLOC_BUFTBL_CHUNK_OUT_HANDLE_OFST 0 +#define MC_CMD_ALLOC_BUFTBL_CHUNK_OUT_HANDLE_LEN 4 #define MC_CMD_ALLOC_BUFTBL_CHUNK_OUT_NUMENTRIES_OFST 4 +#define MC_CMD_ALLOC_BUFTBL_CHUNK_OUT_NUMENTRIES_LEN 4 /* Buffer table IDs for use in DMA descriptors. */ #define MC_CMD_ALLOC_BUFTBL_CHUNK_OUT_ID_OFST 8 +#define MC_CMD_ALLOC_BUFTBL_CHUNK_OUT_ID_LEN 4 /***********************************/ @@ -9050,10 +8176,13 @@ #define MC_CMD_PROGRAM_BUFTBL_ENTRIES_IN_LENMAX 268 #define MC_CMD_PROGRAM_BUFTBL_ENTRIES_IN_LEN(num) (12+8*(num)) #define MC_CMD_PROGRAM_BUFTBL_ENTRIES_IN_HANDLE_OFST 0 +#define MC_CMD_PROGRAM_BUFTBL_ENTRIES_IN_HANDLE_LEN 4 /* ID */ #define MC_CMD_PROGRAM_BUFTBL_ENTRIES_IN_FIRSTID_OFST 4 +#define MC_CMD_PROGRAM_BUFTBL_ENTRIES_IN_FIRSTID_LEN 4 /* Num entries */ #define MC_CMD_PROGRAM_BUFTBL_ENTRIES_IN_NUMENTRIES_OFST 8 +#define MC_CMD_PROGRAM_BUFTBL_ENTRIES_IN_NUMENTRIES_LEN 4 /* Buffer table entry address */ #define MC_CMD_PROGRAM_BUFTBL_ENTRIES_IN_ENTRY_OFST 12 #define MC_CMD_PROGRAM_BUFTBL_ENTRIES_IN_ENTRY_LEN 8 @@ -9077,48 +8206,11 @@ /* MC_CMD_FREE_BUFTBL_CHUNK_IN msgrequest */ #define MC_CMD_FREE_BUFTBL_CHUNK_IN_LEN 4 #define MC_CMD_FREE_BUFTBL_CHUNK_IN_HANDLE_OFST 0 +#define MC_CMD_FREE_BUFTBL_CHUNK_IN_HANDLE_LEN 4 /* MC_CMD_FREE_BUFTBL_CHUNK_OUT msgresponse */ #define MC_CMD_FREE_BUFTBL_CHUNK_OUT_LEN 0 -/* PORT_CONFIG_ENTRY structuredef */ -#define PORT_CONFIG_ENTRY_LEN 16 -/* External port number (label) */ -#define PORT_CONFIG_ENTRY_EXT_NUMBER_OFST 0 -#define PORT_CONFIG_ENTRY_EXT_NUMBER_LEN 1 -#define PORT_CONFIG_ENTRY_EXT_NUMBER_LBN 0 -#define PORT_CONFIG_ENTRY_EXT_NUMBER_WIDTH 8 -/* Port core location */ -#define PORT_CONFIG_ENTRY_CORE_OFST 1 -#define PORT_CONFIG_ENTRY_CORE_LEN 1 -#define PORT_CONFIG_ENTRY_STANDALONE 0x0 /* enum */ -#define PORT_CONFIG_ENTRY_MASTER 0x1 /* enum */ -#define PORT_CONFIG_ENTRY_SLAVE 0x2 /* enum */ -#define PORT_CONFIG_ENTRY_CORE_LBN 8 -#define PORT_CONFIG_ENTRY_CORE_WIDTH 8 -/* Internal number (HW resource) relative to the core */ -#define PORT_CONFIG_ENTRY_INT_NUMBER_OFST 2 -#define PORT_CONFIG_ENTRY_INT_NUMBER_LEN 1 -#define PORT_CONFIG_ENTRY_INT_NUMBER_LBN 16 -#define PORT_CONFIG_ENTRY_INT_NUMBER_WIDTH 8 -/* Reserved */ -#define PORT_CONFIG_ENTRY_RSVD_OFST 3 -#define PORT_CONFIG_ENTRY_RSVD_LEN 1 -#define PORT_CONFIG_ENTRY_RSVD_LBN 24 -#define PORT_CONFIG_ENTRY_RSVD_WIDTH 8 -/* Bitmask of KR lanes used by the port */ -#define PORT_CONFIG_ENTRY_LANES_OFST 4 -#define PORT_CONFIG_ENTRY_LANES_LBN 32 -#define PORT_CONFIG_ENTRY_LANES_WIDTH 32 -/* Port capabilities (MC_CMD_PHY_CAP_*) */ -#define PORT_CONFIG_ENTRY_SUPPORTED_CAPS_OFST 8 -#define PORT_CONFIG_ENTRY_SUPPORTED_CAPS_LBN 64 -#define PORT_CONFIG_ENTRY_SUPPORTED_CAPS_WIDTH 32 -/* Reserved (align to 16 bytes) */ -#define PORT_CONFIG_ENTRY_RSVD2_OFST 12 -#define PORT_CONFIG_ENTRY_RSVD2_LBN 96 -#define PORT_CONFIG_ENTRY_RSVD2_WIDTH 32 - /***********************************/ /* MC_CMD_FILTER_OP @@ -9133,18 +8225,19 @@ #define MC_CMD_FILTER_OP_IN_LEN 108 /* identifies the type of operation requested */ #define MC_CMD_FILTER_OP_IN_OP_OFST 0 +#define MC_CMD_FILTER_OP_IN_OP_LEN 4 /* enum: single-recipient filter insert */ -#define MC_CMD_FILTER_OP_IN_OP_INSERT 0x0 +#define MC_CMD_FILTER_OP_IN_OP_INSERT 0x0 /* enum: single-recipient filter remove */ -#define MC_CMD_FILTER_OP_IN_OP_REMOVE 0x1 +#define MC_CMD_FILTER_OP_IN_OP_REMOVE 0x1 /* enum: multi-recipient filter subscribe */ -#define MC_CMD_FILTER_OP_IN_OP_SUBSCRIBE 0x2 +#define MC_CMD_FILTER_OP_IN_OP_SUBSCRIBE 0x2 /* enum: multi-recipient filter unsubscribe */ -#define MC_CMD_FILTER_OP_IN_OP_UNSUBSCRIBE 0x3 +#define MC_CMD_FILTER_OP_IN_OP_UNSUBSCRIBE 0x3 /* enum: replace one recipient with another (warning - the filter handle may * change) */ -#define MC_CMD_FILTER_OP_IN_OP_REPLACE 0x4 +#define MC_CMD_FILTER_OP_IN_OP_REPLACE 0x4 /* filter handle (for remove / unsubscribe operations) */ #define MC_CMD_FILTER_OP_IN_HANDLE_OFST 4 #define MC_CMD_FILTER_OP_IN_HANDLE_LEN 8 @@ -9153,8 +8246,10 @@ /* The port ID associated with the v-adaptor which should contain this filter. */ #define MC_CMD_FILTER_OP_IN_PORT_ID_OFST 12 +#define MC_CMD_FILTER_OP_IN_PORT_ID_LEN 4 /* fields to include in match criteria */ #define MC_CMD_FILTER_OP_IN_MATCH_FIELDS_OFST 16 +#define MC_CMD_FILTER_OP_IN_MATCH_FIELDS_LEN 4 #define MC_CMD_FILTER_OP_IN_MATCH_SRC_IP_LBN 0 #define MC_CMD_FILTER_OP_IN_MATCH_SRC_IP_WIDTH 1 #define MC_CMD_FILTER_OP_IN_MATCH_DST_IP_LBN 1 @@ -9185,43 +8280,49 @@ #define MC_CMD_FILTER_OP_IN_MATCH_UNKNOWN_UCAST_DST_WIDTH 1 /* receive destination */ #define MC_CMD_FILTER_OP_IN_RX_DEST_OFST 20 +#define MC_CMD_FILTER_OP_IN_RX_DEST_LEN 4 /* enum: drop packets */ -#define MC_CMD_FILTER_OP_IN_RX_DEST_DROP 0x0 +#define MC_CMD_FILTER_OP_IN_RX_DEST_DROP 0x0 /* enum: receive to host */ -#define MC_CMD_FILTER_OP_IN_RX_DEST_HOST 0x1 +#define MC_CMD_FILTER_OP_IN_RX_DEST_HOST 0x1 /* enum: receive to MC */ -#define MC_CMD_FILTER_OP_IN_RX_DEST_MC 0x2 +#define MC_CMD_FILTER_OP_IN_RX_DEST_MC 0x2 /* enum: loop back to TXDP 0 */ -#define MC_CMD_FILTER_OP_IN_RX_DEST_TX0 0x3 +#define MC_CMD_FILTER_OP_IN_RX_DEST_TX0 0x3 /* enum: loop back to TXDP 1 */ -#define MC_CMD_FILTER_OP_IN_RX_DEST_TX1 0x4 +#define MC_CMD_FILTER_OP_IN_RX_DEST_TX1 0x4 /* receive queue handle (for multiple queue modes, this is the base queue) */ #define MC_CMD_FILTER_OP_IN_RX_QUEUE_OFST 24 +#define MC_CMD_FILTER_OP_IN_RX_QUEUE_LEN 4 /* receive mode */ #define MC_CMD_FILTER_OP_IN_RX_MODE_OFST 28 +#define MC_CMD_FILTER_OP_IN_RX_MODE_LEN 4 /* enum: receive to just the specified queue */ -#define MC_CMD_FILTER_OP_IN_RX_MODE_SIMPLE 0x0 +#define MC_CMD_FILTER_OP_IN_RX_MODE_SIMPLE 0x0 /* enum: receive to multiple queues using RSS context */ -#define MC_CMD_FILTER_OP_IN_RX_MODE_RSS 0x1 +#define MC_CMD_FILTER_OP_IN_RX_MODE_RSS 0x1 /* enum: receive to multiple queues using .1p mapping */ -#define MC_CMD_FILTER_OP_IN_RX_MODE_DOT1P_MAPPING 0x2 +#define MC_CMD_FILTER_OP_IN_RX_MODE_DOT1P_MAPPING 0x2 /* enum: install a filter entry that will never match; for test purposes only */ -#define MC_CMD_FILTER_OP_IN_RX_MODE_TEST_NEVER_MATCH 0x80000000 +#define MC_CMD_FILTER_OP_IN_RX_MODE_TEST_NEVER_MATCH 0x80000000 /* RSS context (for RX_MODE_RSS) or .1p mapping handle (for * RX_MODE_DOT1P_MAPPING), as returned by MC_CMD_RSS_CONTEXT_ALLOC or * MC_CMD_DOT1P_MAPPING_ALLOC. */ #define MC_CMD_FILTER_OP_IN_RX_CONTEXT_OFST 32 +#define MC_CMD_FILTER_OP_IN_RX_CONTEXT_LEN 4 /* transmit domain (reserved; set to 0) */ #define MC_CMD_FILTER_OP_IN_TX_DOMAIN_OFST 36 +#define MC_CMD_FILTER_OP_IN_TX_DOMAIN_LEN 4 /* transmit destination (either set the MAC and/or PM bits for explicit * control, or set this field to TX_DEST_DEFAULT for sensible default * behaviour) */ #define MC_CMD_FILTER_OP_IN_TX_DEST_OFST 40 +#define MC_CMD_FILTER_OP_IN_TX_DEST_LEN 4 /* enum: request default behaviour (based on filter type) */ -#define MC_CMD_FILTER_OP_IN_TX_DEST_DEFAULT 0xffffffff +#define MC_CMD_FILTER_OP_IN_TX_DEST_DEFAULT 0xffffffff #define MC_CMD_FILTER_OP_IN_TX_DEST_MAC_LBN 0 #define MC_CMD_FILTER_OP_IN_TX_DEST_MAC_WIDTH 1 #define MC_CMD_FILTER_OP_IN_TX_DEST_PM_LBN 1 @@ -9252,8 +8353,10 @@ #define MC_CMD_FILTER_OP_IN_IP_PROTO_LEN 2 /* Firmware defined register 0 to match (reserved; set to 0) */ #define MC_CMD_FILTER_OP_IN_FWDEF0_OFST 68 +#define MC_CMD_FILTER_OP_IN_FWDEF0_LEN 4 /* Firmware defined register 1 to match (reserved; set to 0) */ #define MC_CMD_FILTER_OP_IN_FWDEF1_OFST 72 +#define MC_CMD_FILTER_OP_IN_FWDEF1_LEN 4 /* source IP address to match (as bytes in network order; set last 12 bytes to * 0 for IPv4 address) */ @@ -9272,6 +8375,7 @@ #define MC_CMD_FILTER_OP_EXT_IN_LEN 172 /* identifies the type of operation requested */ #define MC_CMD_FILTER_OP_EXT_IN_OP_OFST 0 +#define MC_CMD_FILTER_OP_EXT_IN_OP_LEN 4 /* Enum values, see field(s): */ /* MC_CMD_FILTER_OP_IN/OP */ /* filter handle (for remove / unsubscribe operations) */ @@ -9282,8 +8386,10 @@ /* The port ID associated with the v-adaptor which should contain this filter. */ #define MC_CMD_FILTER_OP_EXT_IN_PORT_ID_OFST 12 +#define MC_CMD_FILTER_OP_EXT_IN_PORT_ID_LEN 4 /* fields to include in match criteria */ #define MC_CMD_FILTER_OP_EXT_IN_MATCH_FIELDS_OFST 16 +#define MC_CMD_FILTER_OP_EXT_IN_MATCH_FIELDS_LEN 4 #define MC_CMD_FILTER_OP_EXT_IN_MATCH_SRC_IP_LBN 0 #define MC_CMD_FILTER_OP_EXT_IN_MATCH_SRC_IP_WIDTH 1 #define MC_CMD_FILTER_OP_EXT_IN_MATCH_DST_IP_LBN 1 @@ -9342,43 +8448,49 @@ #define MC_CMD_FILTER_OP_EXT_IN_MATCH_UNKNOWN_UCAST_DST_WIDTH 1 /* receive destination */ #define MC_CMD_FILTER_OP_EXT_IN_RX_DEST_OFST 20 +#define MC_CMD_FILTER_OP_EXT_IN_RX_DEST_LEN 4 /* enum: drop packets */ -#define MC_CMD_FILTER_OP_EXT_IN_RX_DEST_DROP 0x0 +#define MC_CMD_FILTER_OP_EXT_IN_RX_DEST_DROP 0x0 /* enum: receive to host */ -#define MC_CMD_FILTER_OP_EXT_IN_RX_DEST_HOST 0x1 +#define MC_CMD_FILTER_OP_EXT_IN_RX_DEST_HOST 0x1 /* enum: receive to MC */ -#define MC_CMD_FILTER_OP_EXT_IN_RX_DEST_MC 0x2 +#define MC_CMD_FILTER_OP_EXT_IN_RX_DEST_MC 0x2 /* enum: loop back to TXDP 0 */ -#define MC_CMD_FILTER_OP_EXT_IN_RX_DEST_TX0 0x3 +#define MC_CMD_FILTER_OP_EXT_IN_RX_DEST_TX0 0x3 /* enum: loop back to TXDP 1 */ -#define MC_CMD_FILTER_OP_EXT_IN_RX_DEST_TX1 0x4 +#define MC_CMD_FILTER_OP_EXT_IN_RX_DEST_TX1 0x4 /* receive queue handle (for multiple queue modes, this is the base queue) */ #define MC_CMD_FILTER_OP_EXT_IN_RX_QUEUE_OFST 24 +#define MC_CMD_FILTER_OP_EXT_IN_RX_QUEUE_LEN 4 /* receive mode */ #define MC_CMD_FILTER_OP_EXT_IN_RX_MODE_OFST 28 +#define MC_CMD_FILTER_OP_EXT_IN_RX_MODE_LEN 4 /* enum: receive to just the specified queue */ -#define MC_CMD_FILTER_OP_EXT_IN_RX_MODE_SIMPLE 0x0 +#define MC_CMD_FILTER_OP_EXT_IN_RX_MODE_SIMPLE 0x0 /* enum: receive to multiple queues using RSS context */ -#define MC_CMD_FILTER_OP_EXT_IN_RX_MODE_RSS 0x1 +#define MC_CMD_FILTER_OP_EXT_IN_RX_MODE_RSS 0x1 /* enum: receive to multiple queues using .1p mapping */ -#define MC_CMD_FILTER_OP_EXT_IN_RX_MODE_DOT1P_MAPPING 0x2 +#define MC_CMD_FILTER_OP_EXT_IN_RX_MODE_DOT1P_MAPPING 0x2 /* enum: install a filter entry that will never match; for test purposes only */ -#define MC_CMD_FILTER_OP_EXT_IN_RX_MODE_TEST_NEVER_MATCH 0x80000000 +#define MC_CMD_FILTER_OP_EXT_IN_RX_MODE_TEST_NEVER_MATCH 0x80000000 /* RSS context (for RX_MODE_RSS) or .1p mapping handle (for * RX_MODE_DOT1P_MAPPING), as returned by MC_CMD_RSS_CONTEXT_ALLOC or * MC_CMD_DOT1P_MAPPING_ALLOC. */ #define MC_CMD_FILTER_OP_EXT_IN_RX_CONTEXT_OFST 32 +#define MC_CMD_FILTER_OP_EXT_IN_RX_CONTEXT_LEN 4 /* transmit domain (reserved; set to 0) */ #define MC_CMD_FILTER_OP_EXT_IN_TX_DOMAIN_OFST 36 +#define MC_CMD_FILTER_OP_EXT_IN_TX_DOMAIN_LEN 4 /* transmit destination (either set the MAC and/or PM bits for explicit * control, or set this field to TX_DEST_DEFAULT for sensible default * behaviour) */ #define MC_CMD_FILTER_OP_EXT_IN_TX_DEST_OFST 40 +#define MC_CMD_FILTER_OP_EXT_IN_TX_DEST_LEN 4 /* enum: request default behaviour (based on filter type) */ -#define MC_CMD_FILTER_OP_EXT_IN_TX_DEST_DEFAULT 0xffffffff +#define MC_CMD_FILTER_OP_EXT_IN_TX_DEST_DEFAULT 0xffffffff #define MC_CMD_FILTER_OP_EXT_IN_TX_DEST_MAC_LBN 0 #define MC_CMD_FILTER_OP_EXT_IN_TX_DEST_MAC_WIDTH 1 #define MC_CMD_FILTER_OP_EXT_IN_TX_DEST_PM_LBN 1 @@ -9409,27 +8521,29 @@ #define MC_CMD_FILTER_OP_EXT_IN_IP_PROTO_LEN 2 /* Firmware defined register 0 to match (reserved; set to 0) */ #define MC_CMD_FILTER_OP_EXT_IN_FWDEF0_OFST 68 +#define MC_CMD_FILTER_OP_EXT_IN_FWDEF0_LEN 4 /* VNI (for VXLAN/Geneve, when IP protocol is UDP) or VSID (for NVGRE, when IP * protocol is GRE) to match (as bytes in network order; set last byte to 0 for * VXLAN/NVGRE, or 1 for Geneve) */ #define MC_CMD_FILTER_OP_EXT_IN_VNI_OR_VSID_OFST 72 +#define MC_CMD_FILTER_OP_EXT_IN_VNI_OR_VSID_LEN 4 #define MC_CMD_FILTER_OP_EXT_IN_VNI_VALUE_LBN 0 #define MC_CMD_FILTER_OP_EXT_IN_VNI_VALUE_WIDTH 24 #define MC_CMD_FILTER_OP_EXT_IN_VNI_TYPE_LBN 24 #define MC_CMD_FILTER_OP_EXT_IN_VNI_TYPE_WIDTH 8 /* enum: Match VXLAN traffic with this VNI */ -#define MC_CMD_FILTER_OP_EXT_IN_VNI_TYPE_VXLAN 0x0 +#define MC_CMD_FILTER_OP_EXT_IN_VNI_TYPE_VXLAN 0x0 /* enum: Match Geneve traffic with this VNI */ -#define MC_CMD_FILTER_OP_EXT_IN_VNI_TYPE_GENEVE 0x1 +#define MC_CMD_FILTER_OP_EXT_IN_VNI_TYPE_GENEVE 0x1 /* enum: Reserved for experimental development use */ -#define MC_CMD_FILTER_OP_EXT_IN_VNI_TYPE_EXPERIMENTAL 0xfe +#define MC_CMD_FILTER_OP_EXT_IN_VNI_TYPE_EXPERIMENTAL 0xfe #define MC_CMD_FILTER_OP_EXT_IN_VSID_VALUE_LBN 0 #define MC_CMD_FILTER_OP_EXT_IN_VSID_VALUE_WIDTH 24 #define MC_CMD_FILTER_OP_EXT_IN_VSID_TYPE_LBN 24 #define MC_CMD_FILTER_OP_EXT_IN_VSID_TYPE_WIDTH 8 /* enum: Match NVGRE traffic with this VSID */ -#define MC_CMD_FILTER_OP_EXT_IN_VSID_TYPE_NVGRE 0x0 +#define MC_CMD_FILTER_OP_EXT_IN_VSID_TYPE_NVGRE 0x0 /* source IP address to match (as bytes in network order; set last 12 bytes to * 0 for IPv4 address) */ @@ -9479,10 +8593,12 @@ * to 0) */ #define MC_CMD_FILTER_OP_EXT_IN_IFRM_FWDEF0_OFST 132 +#define MC_CMD_FILTER_OP_EXT_IN_IFRM_FWDEF0_LEN 4 /* VXLAN/NVGRE inner frame Firmware defined register 1 to match (reserved; set * to 0) */ #define MC_CMD_FILTER_OP_EXT_IN_IFRM_FWDEF1_OFST 136 +#define MC_CMD_FILTER_OP_EXT_IN_IFRM_FWDEF1_LEN 4 /* VXLAN/NVGRE inner frame source IP address to match (as bytes in network * order; set last 12 bytes to 0 for IPv4 address) */ @@ -9494,10 +8610,281 @@ #define MC_CMD_FILTER_OP_EXT_IN_IFRM_DST_IP_OFST 156 #define MC_CMD_FILTER_OP_EXT_IN_IFRM_DST_IP_LEN 16 +/* MC_CMD_FILTER_OP_V3_IN msgrequest: FILTER_OP extension to support additional + * filter actions for Intel's DPDK (Data Plane Development Kit, dpdk.org) via + * its rte_flow API. This extension is only useful with the sfc_efx driver + * included as part of DPDK, used in conjunction with the dpdk datapath + * firmware variant. + */ +#define MC_CMD_FILTER_OP_V3_IN_LEN 180 +/* identifies the type of operation requested */ +#define MC_CMD_FILTER_OP_V3_IN_OP_OFST 0 +#define MC_CMD_FILTER_OP_V3_IN_OP_LEN 4 +/* Enum values, see field(s): */ +/* MC_CMD_FILTER_OP_IN/OP */ +/* filter handle (for remove / unsubscribe operations) */ +#define MC_CMD_FILTER_OP_V3_IN_HANDLE_OFST 4 +#define MC_CMD_FILTER_OP_V3_IN_HANDLE_LEN 8 +#define MC_CMD_FILTER_OP_V3_IN_HANDLE_LO_OFST 4 +#define MC_CMD_FILTER_OP_V3_IN_HANDLE_HI_OFST 8 +/* The port ID associated with the v-adaptor which should contain this filter. + */ +#define MC_CMD_FILTER_OP_V3_IN_PORT_ID_OFST 12 +#define MC_CMD_FILTER_OP_V3_IN_PORT_ID_LEN 4 +/* fields to include in match criteria */ +#define MC_CMD_FILTER_OP_V3_IN_MATCH_FIELDS_OFST 16 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_FIELDS_LEN 4 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_SRC_IP_LBN 0 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_SRC_IP_WIDTH 1 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_DST_IP_LBN 1 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_DST_IP_WIDTH 1 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_SRC_MAC_LBN 2 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_SRC_MAC_WIDTH 1 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_SRC_PORT_LBN 3 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_SRC_PORT_WIDTH 1 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_DST_MAC_LBN 4 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_DST_MAC_WIDTH 1 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_DST_PORT_LBN 5 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_DST_PORT_WIDTH 1 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_ETHER_TYPE_LBN 6 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_ETHER_TYPE_WIDTH 1 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_INNER_VLAN_LBN 7 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_INNER_VLAN_WIDTH 1 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_OUTER_VLAN_LBN 8 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_OUTER_VLAN_WIDTH 1 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_IP_PROTO_LBN 9 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_IP_PROTO_WIDTH 1 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_FWDEF0_LBN 10 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_FWDEF0_WIDTH 1 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_VNI_OR_VSID_LBN 11 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_VNI_OR_VSID_WIDTH 1 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_IFRM_SRC_IP_LBN 12 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_IFRM_SRC_IP_WIDTH 1 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_IFRM_DST_IP_LBN 13 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_IFRM_DST_IP_WIDTH 1 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_IFRM_SRC_MAC_LBN 14 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_IFRM_SRC_MAC_WIDTH 1 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_IFRM_SRC_PORT_LBN 15 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_IFRM_SRC_PORT_WIDTH 1 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_IFRM_DST_MAC_LBN 16 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_IFRM_DST_MAC_WIDTH 1 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_IFRM_DST_PORT_LBN 17 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_IFRM_DST_PORT_WIDTH 1 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_IFRM_ETHER_TYPE_LBN 18 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_IFRM_ETHER_TYPE_WIDTH 1 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_IFRM_INNER_VLAN_LBN 19 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_IFRM_INNER_VLAN_WIDTH 1 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_IFRM_OUTER_VLAN_LBN 20 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_IFRM_OUTER_VLAN_WIDTH 1 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_IFRM_IP_PROTO_LBN 21 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_IFRM_IP_PROTO_WIDTH 1 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_IFRM_FWDEF0_LBN 22 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_IFRM_FWDEF0_WIDTH 1 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_IFRM_FWDEF1_LBN 23 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_IFRM_FWDEF1_WIDTH 1 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_IFRM_UNKNOWN_MCAST_DST_LBN 24 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_IFRM_UNKNOWN_MCAST_DST_WIDTH 1 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_IFRM_UNKNOWN_UCAST_DST_LBN 25 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_IFRM_UNKNOWN_UCAST_DST_WIDTH 1 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_UNKNOWN_MCAST_DST_LBN 30 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_UNKNOWN_MCAST_DST_WIDTH 1 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_UNKNOWN_UCAST_DST_LBN 31 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_UNKNOWN_UCAST_DST_WIDTH 1 +/* receive destination */ +#define MC_CMD_FILTER_OP_V3_IN_RX_DEST_OFST 20 +#define MC_CMD_FILTER_OP_V3_IN_RX_DEST_LEN 4 +/* enum: drop packets */ +#define MC_CMD_FILTER_OP_V3_IN_RX_DEST_DROP 0x0 +/* enum: receive to host */ +#define MC_CMD_FILTER_OP_V3_IN_RX_DEST_HOST 0x1 +/* enum: receive to MC */ +#define MC_CMD_FILTER_OP_V3_IN_RX_DEST_MC 0x2 +/* enum: loop back to TXDP 0 */ +#define MC_CMD_FILTER_OP_V3_IN_RX_DEST_TX0 0x3 +/* enum: loop back to TXDP 1 */ +#define MC_CMD_FILTER_OP_V3_IN_RX_DEST_TX1 0x4 +/* receive queue handle (for multiple queue modes, this is the base queue) */ +#define MC_CMD_FILTER_OP_V3_IN_RX_QUEUE_OFST 24 +#define MC_CMD_FILTER_OP_V3_IN_RX_QUEUE_LEN 4 +/* receive mode */ +#define MC_CMD_FILTER_OP_V3_IN_RX_MODE_OFST 28 +#define MC_CMD_FILTER_OP_V3_IN_RX_MODE_LEN 4 +/* enum: receive to just the specified queue */ +#define MC_CMD_FILTER_OP_V3_IN_RX_MODE_SIMPLE 0x0 +/* enum: receive to multiple queues using RSS context */ +#define MC_CMD_FILTER_OP_V3_IN_RX_MODE_RSS 0x1 +/* enum: receive to multiple queues using .1p mapping */ +#define MC_CMD_FILTER_OP_V3_IN_RX_MODE_DOT1P_MAPPING 0x2 +/* enum: install a filter entry that will never match; for test purposes only + */ +#define MC_CMD_FILTER_OP_V3_IN_RX_MODE_TEST_NEVER_MATCH 0x80000000 +/* RSS context (for RX_MODE_RSS) or .1p mapping handle (for + * RX_MODE_DOT1P_MAPPING), as returned by MC_CMD_RSS_CONTEXT_ALLOC or + * MC_CMD_DOT1P_MAPPING_ALLOC. + */ +#define MC_CMD_FILTER_OP_V3_IN_RX_CONTEXT_OFST 32 +#define MC_CMD_FILTER_OP_V3_IN_RX_CONTEXT_LEN 4 +/* transmit domain (reserved; set to 0) */ +#define MC_CMD_FILTER_OP_V3_IN_TX_DOMAIN_OFST 36 +#define MC_CMD_FILTER_OP_V3_IN_TX_DOMAIN_LEN 4 +/* transmit destination (either set the MAC and/or PM bits for explicit + * control, or set this field to TX_DEST_DEFAULT for sensible default + * behaviour) + */ +#define MC_CMD_FILTER_OP_V3_IN_TX_DEST_OFST 40 +#define MC_CMD_FILTER_OP_V3_IN_TX_DEST_LEN 4 +/* enum: request default behaviour (based on filter type) */ +#define MC_CMD_FILTER_OP_V3_IN_TX_DEST_DEFAULT 0xffffffff +#define MC_CMD_FILTER_OP_V3_IN_TX_DEST_MAC_LBN 0 +#define MC_CMD_FILTER_OP_V3_IN_TX_DEST_MAC_WIDTH 1 +#define MC_CMD_FILTER_OP_V3_IN_TX_DEST_PM_LBN 1 +#define MC_CMD_FILTER_OP_V3_IN_TX_DEST_PM_WIDTH 1 +/* source MAC address to match (as bytes in network order) */ +#define MC_CMD_FILTER_OP_V3_IN_SRC_MAC_OFST 44 +#define MC_CMD_FILTER_OP_V3_IN_SRC_MAC_LEN 6 +/* source port to match (as bytes in network order) */ +#define MC_CMD_FILTER_OP_V3_IN_SRC_PORT_OFST 50 +#define MC_CMD_FILTER_OP_V3_IN_SRC_PORT_LEN 2 +/* destination MAC address to match (as bytes in network order) */ +#define MC_CMD_FILTER_OP_V3_IN_DST_MAC_OFST 52 +#define MC_CMD_FILTER_OP_V3_IN_DST_MAC_LEN 6 +/* destination port to match (as bytes in network order) */ +#define MC_CMD_FILTER_OP_V3_IN_DST_PORT_OFST 58 +#define MC_CMD_FILTER_OP_V3_IN_DST_PORT_LEN 2 +/* Ethernet type to match (as bytes in network order) */ +#define MC_CMD_FILTER_OP_V3_IN_ETHER_TYPE_OFST 60 +#define MC_CMD_FILTER_OP_V3_IN_ETHER_TYPE_LEN 2 +/* Inner VLAN tag to match (as bytes in network order) */ +#define MC_CMD_FILTER_OP_V3_IN_INNER_VLAN_OFST 62 +#define MC_CMD_FILTER_OP_V3_IN_INNER_VLAN_LEN 2 +/* Outer VLAN tag to match (as bytes in network order) */ +#define MC_CMD_FILTER_OP_V3_IN_OUTER_VLAN_OFST 64 +#define MC_CMD_FILTER_OP_V3_IN_OUTER_VLAN_LEN 2 +/* IP protocol to match (in low byte; set high byte to 0) */ +#define MC_CMD_FILTER_OP_V3_IN_IP_PROTO_OFST 66 +#define MC_CMD_FILTER_OP_V3_IN_IP_PROTO_LEN 2 +/* Firmware defined register 0 to match (reserved; set to 0) */ +#define MC_CMD_FILTER_OP_V3_IN_FWDEF0_OFST 68 +#define MC_CMD_FILTER_OP_V3_IN_FWDEF0_LEN 4 +/* VNI (for VXLAN/Geneve, when IP protocol is UDP) or VSID (for NVGRE, when IP + * protocol is GRE) to match (as bytes in network order; set last byte to 0 for + * VXLAN/NVGRE, or 1 for Geneve) + */ +#define MC_CMD_FILTER_OP_V3_IN_VNI_OR_VSID_OFST 72 +#define MC_CMD_FILTER_OP_V3_IN_VNI_OR_VSID_LEN 4 +#define MC_CMD_FILTER_OP_V3_IN_VNI_VALUE_LBN 0 +#define MC_CMD_FILTER_OP_V3_IN_VNI_VALUE_WIDTH 24 +#define MC_CMD_FILTER_OP_V3_IN_VNI_TYPE_LBN 24 +#define MC_CMD_FILTER_OP_V3_IN_VNI_TYPE_WIDTH 8 +/* enum: Match VXLAN traffic with this VNI */ +#define MC_CMD_FILTER_OP_V3_IN_VNI_TYPE_VXLAN 0x0 +/* enum: Match Geneve traffic with this VNI */ +#define MC_CMD_FILTER_OP_V3_IN_VNI_TYPE_GENEVE 0x1 +/* enum: Reserved for experimental development use */ +#define MC_CMD_FILTER_OP_V3_IN_VNI_TYPE_EXPERIMENTAL 0xfe +#define MC_CMD_FILTER_OP_V3_IN_VSID_VALUE_LBN 0 +#define MC_CMD_FILTER_OP_V3_IN_VSID_VALUE_WIDTH 24 +#define MC_CMD_FILTER_OP_V3_IN_VSID_TYPE_LBN 24 +#define MC_CMD_FILTER_OP_V3_IN_VSID_TYPE_WIDTH 8 +/* enum: Match NVGRE traffic with this VSID */ +#define MC_CMD_FILTER_OP_V3_IN_VSID_TYPE_NVGRE 0x0 +/* source IP address to match (as bytes in network order; set last 12 bytes to + * 0 for IPv4 address) + */ +#define MC_CMD_FILTER_OP_V3_IN_SRC_IP_OFST 76 +#define MC_CMD_FILTER_OP_V3_IN_SRC_IP_LEN 16 +/* destination IP address to match (as bytes in network order; set last 12 + * bytes to 0 for IPv4 address) + */ +#define MC_CMD_FILTER_OP_V3_IN_DST_IP_OFST 92 +#define MC_CMD_FILTER_OP_V3_IN_DST_IP_LEN 16 +/* VXLAN/NVGRE inner frame source MAC address to match (as bytes in network + * order) + */ +#define MC_CMD_FILTER_OP_V3_IN_IFRM_SRC_MAC_OFST 108 +#define MC_CMD_FILTER_OP_V3_IN_IFRM_SRC_MAC_LEN 6 +/* VXLAN/NVGRE inner frame source port to match (as bytes in network order) */ +#define MC_CMD_FILTER_OP_V3_IN_IFRM_SRC_PORT_OFST 114 +#define MC_CMD_FILTER_OP_V3_IN_IFRM_SRC_PORT_LEN 2 +/* VXLAN/NVGRE inner frame destination MAC address to match (as bytes in + * network order) + */ +#define MC_CMD_FILTER_OP_V3_IN_IFRM_DST_MAC_OFST 116 +#define MC_CMD_FILTER_OP_V3_IN_IFRM_DST_MAC_LEN 6 +/* VXLAN/NVGRE inner frame destination port to match (as bytes in network + * order) + */ +#define MC_CMD_FILTER_OP_V3_IN_IFRM_DST_PORT_OFST 122 +#define MC_CMD_FILTER_OP_V3_IN_IFRM_DST_PORT_LEN 2 +/* VXLAN/NVGRE inner frame Ethernet type to match (as bytes in network order) + */ +#define MC_CMD_FILTER_OP_V3_IN_IFRM_ETHER_TYPE_OFST 124 +#define MC_CMD_FILTER_OP_V3_IN_IFRM_ETHER_TYPE_LEN 2 +/* VXLAN/NVGRE inner frame Inner VLAN tag to match (as bytes in network order) + */ +#define MC_CMD_FILTER_OP_V3_IN_IFRM_INNER_VLAN_OFST 126 +#define MC_CMD_FILTER_OP_V3_IN_IFRM_INNER_VLAN_LEN 2 +/* VXLAN/NVGRE inner frame Outer VLAN tag to match (as bytes in network order) + */ +#define MC_CMD_FILTER_OP_V3_IN_IFRM_OUTER_VLAN_OFST 128 +#define MC_CMD_FILTER_OP_V3_IN_IFRM_OUTER_VLAN_LEN 2 +/* VXLAN/NVGRE inner frame IP protocol to match (in low byte; set high byte to + * 0) + */ +#define MC_CMD_FILTER_OP_V3_IN_IFRM_IP_PROTO_OFST 130 +#define MC_CMD_FILTER_OP_V3_IN_IFRM_IP_PROTO_LEN 2 +/* VXLAN/NVGRE inner frame Firmware defined register 0 to match (reserved; set + * to 0) + */ +#define MC_CMD_FILTER_OP_V3_IN_IFRM_FWDEF0_OFST 132 +#define MC_CMD_FILTER_OP_V3_IN_IFRM_FWDEF0_LEN 4 +/* VXLAN/NVGRE inner frame Firmware defined register 1 to match (reserved; set + * to 0) + */ +#define MC_CMD_FILTER_OP_V3_IN_IFRM_FWDEF1_OFST 136 +#define MC_CMD_FILTER_OP_V3_IN_IFRM_FWDEF1_LEN 4 +/* VXLAN/NVGRE inner frame source IP address to match (as bytes in network + * order; set last 12 bytes to 0 for IPv4 address) + */ +#define MC_CMD_FILTER_OP_V3_IN_IFRM_SRC_IP_OFST 140 +#define MC_CMD_FILTER_OP_V3_IN_IFRM_SRC_IP_LEN 16 +/* VXLAN/NVGRE inner frame destination IP address to match (as bytes in network + * order; set last 12 bytes to 0 for IPv4 address) + */ +#define MC_CMD_FILTER_OP_V3_IN_IFRM_DST_IP_OFST 156 +#define MC_CMD_FILTER_OP_V3_IN_IFRM_DST_IP_LEN 16 +/* Set an action for all packets matching this filter. The DPDK driver and dpdk + * f/w variant use their own specific delivery structures, which are documented + * in the DPDK Firmware Driver Interface (SF-119419-TC). Requesting anything + * other than MATCH_ACTION_NONE when the NIC is running another f/w variant + * will cause the filter insertion to fail with ENOTSUP. + */ +#define MC_CMD_FILTER_OP_V3_IN_MATCH_ACTION_OFST 172 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_ACTION_LEN 4 +/* enum: do nothing extra */ +#define MC_CMD_FILTER_OP_V3_IN_MATCH_ACTION_NONE 0x0 +/* enum: Set the match flag in the packet prefix for packets matching the + * filter (only with dpdk firmware, otherwise fails with ENOTSUP). Used to + * support the DPDK rte_flow "FLAG" action. + */ +#define MC_CMD_FILTER_OP_V3_IN_MATCH_ACTION_FLAG 0x1 +/* enum: Insert MATCH_MARK_VALUE into the packet prefix for packets matching + * the filter (only with dpdk firmware, otherwise fails with ENOTSUP). Used to + * support the DPDK rte_flow "MARK" action. + */ +#define MC_CMD_FILTER_OP_V3_IN_MATCH_ACTION_MARK 0x2 +/* the mark value for MATCH_ACTION_MARK. Requesting a value larger than the + * maximum (obtained from MC_CMD_GET_CAPABILITIES_V5/FILTER_ACTION_MARK_MAX) + * will cause the filter insertion to fail with EINVAL. + */ +#define MC_CMD_FILTER_OP_V3_IN_MATCH_MARK_VALUE_OFST 176 +#define MC_CMD_FILTER_OP_V3_IN_MATCH_MARK_VALUE_LEN 4 + /* MC_CMD_FILTER_OP_OUT msgresponse */ #define MC_CMD_FILTER_OP_OUT_LEN 12 /* identifies the type of operation requested */ #define MC_CMD_FILTER_OP_OUT_OP_OFST 0 +#define MC_CMD_FILTER_OP_OUT_OP_LEN 4 /* Enum values, see field(s): */ /* MC_CMD_FILTER_OP_IN/OP */ /* Returned filter handle (for insert / subscribe operations). Note that these @@ -9509,14 +8896,15 @@ #define MC_CMD_FILTER_OP_OUT_HANDLE_LO_OFST 4 #define MC_CMD_FILTER_OP_OUT_HANDLE_HI_OFST 8 /* enum: guaranteed invalid filter handle (low 32 bits) */ -#define MC_CMD_FILTER_OP_OUT_HANDLE_LO_INVALID 0xffffffff +#define MC_CMD_FILTER_OP_OUT_HANDLE_LO_INVALID 0xffffffff /* enum: guaranteed invalid filter handle (high 32 bits) */ -#define MC_CMD_FILTER_OP_OUT_HANDLE_HI_INVALID 0xffffffff +#define MC_CMD_FILTER_OP_OUT_HANDLE_HI_INVALID 0xffffffff /* MC_CMD_FILTER_OP_EXT_OUT msgresponse */ #define MC_CMD_FILTER_OP_EXT_OUT_LEN 12 /* identifies the type of operation requested */ #define MC_CMD_FILTER_OP_EXT_OUT_OP_OFST 0 +#define MC_CMD_FILTER_OP_EXT_OUT_OP_LEN 4 /* Enum values, see field(s): */ /* MC_CMD_FILTER_OP_EXT_IN/OP */ /* Returned filter handle (for insert / subscribe operations). Note that these @@ -9544,21 +8932,22 @@ #define MC_CMD_GET_PARSER_DISP_INFO_IN_LEN 4 /* identifies the type of operation requested */ #define MC_CMD_GET_PARSER_DISP_INFO_IN_OP_OFST 0 +#define MC_CMD_GET_PARSER_DISP_INFO_IN_OP_LEN 4 /* enum: read the list of supported RX filter matches */ -#define MC_CMD_GET_PARSER_DISP_INFO_IN_OP_GET_SUPPORTED_RX_MATCHES 0x1 +#define MC_CMD_GET_PARSER_DISP_INFO_IN_OP_GET_SUPPORTED_RX_MATCHES 0x1 /* enum: read flags indicating restrictions on filter insertion for the calling * client */ -#define MC_CMD_GET_PARSER_DISP_INFO_IN_OP_GET_RESTRICTIONS 0x2 +#define MC_CMD_GET_PARSER_DISP_INFO_IN_OP_GET_RESTRICTIONS 0x2 /* enum: read properties relating to security rules (Medford-only; for use by * SolarSecure apps, not directly by drivers. See SF-114946-SW.) */ -#define MC_CMD_GET_PARSER_DISP_INFO_IN_OP_GET_SECURITY_RULE_INFO 0x3 +#define MC_CMD_GET_PARSER_DISP_INFO_IN_OP_GET_SECURITY_RULE_INFO 0x3 /* enum: read the list of supported RX filter matches for VXLAN/NVGRE * encapsulated frames, which follow a different match sequence to normal * frames (Medford only) */ -#define MC_CMD_GET_PARSER_DISP_INFO_IN_OP_GET_SUPPORTED_ENCAP_RX_MATCHES 0x4 +#define MC_CMD_GET_PARSER_DISP_INFO_IN_OP_GET_SUPPORTED_ENCAP_RX_MATCHES 0x4 /* MC_CMD_GET_PARSER_DISP_INFO_OUT msgresponse */ #define MC_CMD_GET_PARSER_DISP_INFO_OUT_LENMIN 8 @@ -9566,10 +8955,12 @@ #define MC_CMD_GET_PARSER_DISP_INFO_OUT_LEN(num) (8+4*(num)) /* identifies the type of operation requested */ #define MC_CMD_GET_PARSER_DISP_INFO_OUT_OP_OFST 0 +#define MC_CMD_GET_PARSER_DISP_INFO_OUT_OP_LEN 4 /* Enum values, see field(s): */ /* MC_CMD_GET_PARSER_DISP_INFO_IN/OP */ /* number of supported match types */ #define MC_CMD_GET_PARSER_DISP_INFO_OUT_NUM_SUPPORTED_MATCHES_OFST 4 +#define MC_CMD_GET_PARSER_DISP_INFO_OUT_NUM_SUPPORTED_MATCHES_LEN 4 /* array of supported match types (valid MATCH_FIELDS values for * MC_CMD_FILTER_OP) sorted in decreasing priority order */ @@ -9582,10 +8973,12 @@ #define MC_CMD_GET_PARSER_DISP_RESTRICTIONS_OUT_LEN 8 /* identifies the type of operation requested */ #define MC_CMD_GET_PARSER_DISP_RESTRICTIONS_OUT_OP_OFST 0 +#define MC_CMD_GET_PARSER_DISP_RESTRICTIONS_OUT_OP_LEN 4 /* Enum values, see field(s): */ /* MC_CMD_GET_PARSER_DISP_INFO_IN/OP */ /* bitfield of filter insertion restrictions */ #define MC_CMD_GET_PARSER_DISP_RESTRICTIONS_OUT_RESTRICTION_FLAGS_OFST 4 +#define MC_CMD_GET_PARSER_DISP_RESTRICTIONS_OUT_RESTRICTION_FLAGS_LEN 4 #define MC_CMD_GET_PARSER_DISP_RESTRICTIONS_OUT_DST_IP_MCAST_ONLY_LBN 0 #define MC_CMD_GET_PARSER_DISP_RESTRICTIONS_OUT_DST_IP_MCAST_ONLY_WIDTH 1 @@ -9599,28 +8992,37 @@ #define MC_CMD_GET_PARSER_DISP_SECURITY_RULE_INFO_OUT_LEN 36 /* identifies the type of operation requested */ #define MC_CMD_GET_PARSER_DISP_SECURITY_RULE_INFO_OUT_OP_OFST 0 +#define MC_CMD_GET_PARSER_DISP_SECURITY_RULE_INFO_OUT_OP_LEN 4 /* Enum values, see field(s): */ /* MC_CMD_GET_PARSER_DISP_INFO_IN/OP */ /* a version number representing the set of rule lookups that are implemented * by the currently running firmware */ #define MC_CMD_GET_PARSER_DISP_SECURITY_RULE_INFO_OUT_RULES_VERSION_OFST 4 +#define MC_CMD_GET_PARSER_DISP_SECURITY_RULE_INFO_OUT_RULES_VERSION_LEN 4 /* enum: implements lookup sequences described in SF-114946-SW draft C */ -#define MC_CMD_GET_PARSER_DISP_SECURITY_RULE_INFO_OUT_RULES_VERSION_SF_114946_SW_C 0x0 +#define MC_CMD_GET_PARSER_DISP_SECURITY_RULE_INFO_OUT_RULES_VERSION_SF_114946_SW_C 0x0 /* the number of nodes in the subnet map */ #define MC_CMD_GET_PARSER_DISP_SECURITY_RULE_INFO_OUT_SUBNET_MAP_NUM_NODES_OFST 8 +#define MC_CMD_GET_PARSER_DISP_SECURITY_RULE_INFO_OUT_SUBNET_MAP_NUM_NODES_LEN 4 /* the number of entries in one subnet map node */ #define MC_CMD_GET_PARSER_DISP_SECURITY_RULE_INFO_OUT_SUBNET_MAP_NUM_ENTRIES_PER_NODE_OFST 12 +#define MC_CMD_GET_PARSER_DISP_SECURITY_RULE_INFO_OUT_SUBNET_MAP_NUM_ENTRIES_PER_NODE_LEN 4 /* minimum valid value for a subnet ID in a subnet map leaf */ #define MC_CMD_GET_PARSER_DISP_SECURITY_RULE_INFO_OUT_SUBNET_ID_MIN_OFST 16 +#define MC_CMD_GET_PARSER_DISP_SECURITY_RULE_INFO_OUT_SUBNET_ID_MIN_LEN 4 /* maximum valid value for a subnet ID in a subnet map leaf */ #define MC_CMD_GET_PARSER_DISP_SECURITY_RULE_INFO_OUT_SUBNET_ID_MAX_OFST 20 +#define MC_CMD_GET_PARSER_DISP_SECURITY_RULE_INFO_OUT_SUBNET_ID_MAX_LEN 4 /* the number of entries in the local and remote port range maps */ #define MC_CMD_GET_PARSER_DISP_SECURITY_RULE_INFO_OUT_PORTRANGE_TREE_NUM_ENTRIES_OFST 24 +#define MC_CMD_GET_PARSER_DISP_SECURITY_RULE_INFO_OUT_PORTRANGE_TREE_NUM_ENTRIES_LEN 4 /* minimum valid value for a portrange ID in a port range map leaf */ #define MC_CMD_GET_PARSER_DISP_SECURITY_RULE_INFO_OUT_PORTRANGE_ID_MIN_OFST 28 +#define MC_CMD_GET_PARSER_DISP_SECURITY_RULE_INFO_OUT_PORTRANGE_ID_MIN_LEN 4 /* maximum valid value for a portrange ID in a port range map leaf */ #define MC_CMD_GET_PARSER_DISP_SECURITY_RULE_INFO_OUT_PORTRANGE_ID_MAX_OFST 32 +#define MC_CMD_GET_PARSER_DISP_SECURITY_RULE_INFO_OUT_PORTRANGE_ID_MAX_LEN 4 /***********************************/ @@ -9628,7 +9030,9 @@ * Direct read/write of parser-dispatcher state (DICPUs and LUE) for debugging. * Please note that this interface is only of use to debug tools which have * knowledge of firmware and hardware data structures; nothing here is intended - * for use by normal driver code. + * for use by normal driver code. Note that although this command is in the + * Admin privilege group, in tamperproof adapters, only read operations are + * permitted. */ #define MC_CMD_PARSER_DISP_RW 0xe5 #undef MC_CMD_0xe5_PRIVILEGE_CTG @@ -9639,46 +9043,58 @@ #define MC_CMD_PARSER_DISP_RW_IN_LEN 32 /* identifies the target of the operation */ #define MC_CMD_PARSER_DISP_RW_IN_TARGET_OFST 0 +#define MC_CMD_PARSER_DISP_RW_IN_TARGET_LEN 4 /* enum: RX dispatcher CPU */ -#define MC_CMD_PARSER_DISP_RW_IN_RX_DICPU 0x0 +#define MC_CMD_PARSER_DISP_RW_IN_RX_DICPU 0x0 /* enum: TX dispatcher CPU */ -#define MC_CMD_PARSER_DISP_RW_IN_TX_DICPU 0x1 +#define MC_CMD_PARSER_DISP_RW_IN_TX_DICPU 0x1 /* enum: Lookup engine (with original metadata format). Deprecated; used only * by cmdclient as a fallback for very old Huntington firmware, and not * supported in firmware beyond v6.4.0.1005. Use LUE_VERSIONED_METADATA * instead. */ -#define MC_CMD_PARSER_DISP_RW_IN_LUE 0x2 +#define MC_CMD_PARSER_DISP_RW_IN_LUE 0x2 /* enum: Lookup engine (with requested metadata format) */ -#define MC_CMD_PARSER_DISP_RW_IN_LUE_VERSIONED_METADATA 0x3 +#define MC_CMD_PARSER_DISP_RW_IN_LUE_VERSIONED_METADATA 0x3 /* enum: RX0 dispatcher CPU (alias for RX_DICPU; Medford has 2 RX DICPUs) */ -#define MC_CMD_PARSER_DISP_RW_IN_RX0_DICPU 0x0 +#define MC_CMD_PARSER_DISP_RW_IN_RX0_DICPU 0x0 /* enum: RX1 dispatcher CPU (only valid for Medford) */ -#define MC_CMD_PARSER_DISP_RW_IN_RX1_DICPU 0x4 +#define MC_CMD_PARSER_DISP_RW_IN_RX1_DICPU 0x4 /* enum: Miscellaneous other state (only valid for Medford) */ -#define MC_CMD_PARSER_DISP_RW_IN_MISC_STATE 0x5 +#define MC_CMD_PARSER_DISP_RW_IN_MISC_STATE 0x5 /* identifies the type of operation requested */ #define MC_CMD_PARSER_DISP_RW_IN_OP_OFST 4 -/* enum: read a word of DICPU DMEM or a LUE entry */ -#define MC_CMD_PARSER_DISP_RW_IN_READ 0x0 -/* enum: write a word of DICPU DMEM or a LUE entry */ -#define MC_CMD_PARSER_DISP_RW_IN_WRITE 0x1 -/* enum: read-modify-write a word of DICPU DMEM (not valid for LUE) */ -#define MC_CMD_PARSER_DISP_RW_IN_RMW 0x2 +#define MC_CMD_PARSER_DISP_RW_IN_OP_LEN 4 +/* enum: Read a word of DICPU DMEM or a LUE entry */ +#define MC_CMD_PARSER_DISP_RW_IN_READ 0x0 +/* enum: Write a word of DICPU DMEM or a LUE entry. Not permitted on + * tamperproof adapters. + */ +#define MC_CMD_PARSER_DISP_RW_IN_WRITE 0x1 +/* enum: Read-modify-write a word of DICPU DMEM (not valid for LUE). Not + * permitted on tamperproof adapters. + */ +#define MC_CMD_PARSER_DISP_RW_IN_RMW 0x2 /* data memory address (DICPU targets) or LUE index (LUE targets) */ #define MC_CMD_PARSER_DISP_RW_IN_ADDRESS_OFST 8 +#define MC_CMD_PARSER_DISP_RW_IN_ADDRESS_LEN 4 /* selector (for MISC_STATE target) */ #define MC_CMD_PARSER_DISP_RW_IN_SELECTOR_OFST 8 +#define MC_CMD_PARSER_DISP_RW_IN_SELECTOR_LEN 4 /* enum: Port to datapath mapping */ -#define MC_CMD_PARSER_DISP_RW_IN_PORT_DP_MAPPING 0x1 +#define MC_CMD_PARSER_DISP_RW_IN_PORT_DP_MAPPING 0x1 /* value to write (for DMEM writes) */ #define MC_CMD_PARSER_DISP_RW_IN_DMEM_WRITE_VALUE_OFST 12 +#define MC_CMD_PARSER_DISP_RW_IN_DMEM_WRITE_VALUE_LEN 4 /* XOR value (for DMEM read-modify-writes: new = (old & mask) ^ value) */ #define MC_CMD_PARSER_DISP_RW_IN_DMEM_RMW_XOR_VALUE_OFST 12 +#define MC_CMD_PARSER_DISP_RW_IN_DMEM_RMW_XOR_VALUE_LEN 4 /* AND mask (for DMEM read-modify-writes: new = (old & mask) ^ value) */ #define MC_CMD_PARSER_DISP_RW_IN_DMEM_RMW_AND_MASK_OFST 16 +#define MC_CMD_PARSER_DISP_RW_IN_DMEM_RMW_AND_MASK_LEN 4 /* metadata format (for LUE reads using LUE_VERSIONED_METADATA) */ #define MC_CMD_PARSER_DISP_RW_IN_LUE_READ_METADATA_VERSION_OFST 12 +#define MC_CMD_PARSER_DISP_RW_IN_LUE_READ_METADATA_VERSION_LEN 4 /* value to write (for LUE writes) */ #define MC_CMD_PARSER_DISP_RW_IN_LUE_WRITE_VALUE_OFST 12 #define MC_CMD_PARSER_DISP_RW_IN_LUE_WRITE_VALUE_LEN 20 @@ -9687,6 +9103,7 @@ #define MC_CMD_PARSER_DISP_RW_OUT_LEN 52 /* value read (for DMEM reads) */ #define MC_CMD_PARSER_DISP_RW_OUT_DMEM_READ_VALUE_OFST 0 +#define MC_CMD_PARSER_DISP_RW_OUT_DMEM_READ_VALUE_LEN 4 /* value read (for LUE reads) */ #define MC_CMD_PARSER_DISP_RW_OUT_LUE_READ_VALUE_OFST 0 #define MC_CMD_PARSER_DISP_RW_OUT_LUE_READ_VALUE_LEN 20 @@ -9699,8 +9116,8 @@ #define MC_CMD_PARSER_DISP_RW_OUT_PORT_DP_MAPPING_OFST 0 #define MC_CMD_PARSER_DISP_RW_OUT_PORT_DP_MAPPING_LEN 4 #define MC_CMD_PARSER_DISP_RW_OUT_PORT_DP_MAPPING_NUM 4 -#define MC_CMD_PARSER_DISP_RW_OUT_DP0 0x1 /* enum */ -#define MC_CMD_PARSER_DISP_RW_OUT_DP1 0x2 /* enum */ +#define MC_CMD_PARSER_DISP_RW_OUT_DP0 0x1 /* enum */ +#define MC_CMD_PARSER_DISP_RW_OUT_DP1 0x2 /* enum */ /***********************************/ @@ -9732,6 +9149,7 @@ #define MC_CMD_SET_PF_COUNT_IN_LEN 4 /* New number of PFs on the device. */ #define MC_CMD_SET_PF_COUNT_IN_PF_COUNT_OFST 0 +#define MC_CMD_SET_PF_COUNT_IN_PF_COUNT_LEN 4 /* MC_CMD_SET_PF_COUNT_OUT msgresponse */ #define MC_CMD_SET_PF_COUNT_OUT_LEN 0 @@ -9753,6 +9171,7 @@ #define MC_CMD_GET_PORT_ASSIGNMENT_OUT_LEN 4 /* Identifies the port assignment for this function. */ #define MC_CMD_GET_PORT_ASSIGNMENT_OUT_PORT_OFST 0 +#define MC_CMD_GET_PORT_ASSIGNMENT_OUT_PORT_LEN 4 /***********************************/ @@ -9768,6 +9187,7 @@ #define MC_CMD_SET_PORT_ASSIGNMENT_IN_LEN 4 /* Identifies the port assignment for this function. */ #define MC_CMD_SET_PORT_ASSIGNMENT_IN_PORT_OFST 0 +#define MC_CMD_SET_PORT_ASSIGNMENT_IN_PORT_LEN 4 /* MC_CMD_SET_PORT_ASSIGNMENT_OUT msgresponse */ #define MC_CMD_SET_PORT_ASSIGNMENT_OUT_LEN 0 @@ -9786,8 +9206,10 @@ #define MC_CMD_ALLOC_VIS_IN_LEN 8 /* The minimum number of VIs that is acceptable */ #define MC_CMD_ALLOC_VIS_IN_MIN_VI_COUNT_OFST 0 +#define MC_CMD_ALLOC_VIS_IN_MIN_VI_COUNT_LEN 4 /* The maximum number of VIs that would be useful */ #define MC_CMD_ALLOC_VIS_IN_MAX_VI_COUNT_OFST 4 +#define MC_CMD_ALLOC_VIS_IN_MAX_VI_COUNT_LEN 4 /* MC_CMD_ALLOC_VIS_OUT msgresponse: Huntington-compatible VI_ALLOC request. * Use extended version in new code. @@ -9795,21 +9217,26 @@ #define MC_CMD_ALLOC_VIS_OUT_LEN 8 /* The number of VIs allocated on this function */ #define MC_CMD_ALLOC_VIS_OUT_VI_COUNT_OFST 0 +#define MC_CMD_ALLOC_VIS_OUT_VI_COUNT_LEN 4 /* The base absolute VI number allocated to this function. Required to * correctly interpret wakeup events. */ #define MC_CMD_ALLOC_VIS_OUT_VI_BASE_OFST 4 +#define MC_CMD_ALLOC_VIS_OUT_VI_BASE_LEN 4 /* MC_CMD_ALLOC_VIS_EXT_OUT msgresponse */ #define MC_CMD_ALLOC_VIS_EXT_OUT_LEN 12 /* The number of VIs allocated on this function */ #define MC_CMD_ALLOC_VIS_EXT_OUT_VI_COUNT_OFST 0 +#define MC_CMD_ALLOC_VIS_EXT_OUT_VI_COUNT_LEN 4 /* The base absolute VI number allocated to this function. Required to * correctly interpret wakeup events. */ #define MC_CMD_ALLOC_VIS_EXT_OUT_VI_BASE_OFST 4 +#define MC_CMD_ALLOC_VIS_EXT_OUT_VI_BASE_LEN 4 /* Function's port vi_shift value (always 0 on Huntington) */ #define MC_CMD_ALLOC_VIS_EXT_OUT_VI_SHIFT_OFST 8 +#define MC_CMD_ALLOC_VIS_EXT_OUT_VI_SHIFT_LEN 4 /***********************************/ @@ -9845,15 +9272,20 @@ #define MC_CMD_GET_SRIOV_CFG_OUT_LEN 20 /* Number of VFs currently enabled. */ #define MC_CMD_GET_SRIOV_CFG_OUT_VF_CURRENT_OFST 0 +#define MC_CMD_GET_SRIOV_CFG_OUT_VF_CURRENT_LEN 4 /* Max number of VFs before sriov stride and offset may need to be changed. */ #define MC_CMD_GET_SRIOV_CFG_OUT_VF_MAX_OFST 4 +#define MC_CMD_GET_SRIOV_CFG_OUT_VF_MAX_LEN 4 #define MC_CMD_GET_SRIOV_CFG_OUT_FLAGS_OFST 8 +#define MC_CMD_GET_SRIOV_CFG_OUT_FLAGS_LEN 4 #define MC_CMD_GET_SRIOV_CFG_OUT_VF_ENABLED_LBN 0 #define MC_CMD_GET_SRIOV_CFG_OUT_VF_ENABLED_WIDTH 1 /* RID offset of first VF from PF. */ #define MC_CMD_GET_SRIOV_CFG_OUT_VF_OFFSET_OFST 12 +#define MC_CMD_GET_SRIOV_CFG_OUT_VF_OFFSET_LEN 4 /* RID offset of each subsequent VF from the previous. */ #define MC_CMD_GET_SRIOV_CFG_OUT_VF_STRIDE_OFST 16 +#define MC_CMD_GET_SRIOV_CFG_OUT_VF_STRIDE_LEN 4 /***********************************/ @@ -9869,19 +9301,24 @@ #define MC_CMD_SET_SRIOV_CFG_IN_LEN 20 /* Number of VFs currently enabled. */ #define MC_CMD_SET_SRIOV_CFG_IN_VF_CURRENT_OFST 0 +#define MC_CMD_SET_SRIOV_CFG_IN_VF_CURRENT_LEN 4 /* Max number of VFs before sriov stride and offset may need to be changed. */ #define MC_CMD_SET_SRIOV_CFG_IN_VF_MAX_OFST 4 +#define MC_CMD_SET_SRIOV_CFG_IN_VF_MAX_LEN 4 #define MC_CMD_SET_SRIOV_CFG_IN_FLAGS_OFST 8 +#define MC_CMD_SET_SRIOV_CFG_IN_FLAGS_LEN 4 #define MC_CMD_SET_SRIOV_CFG_IN_VF_ENABLED_LBN 0 #define MC_CMD_SET_SRIOV_CFG_IN_VF_ENABLED_WIDTH 1 /* RID offset of first VF from PF, or 0 for no change, or * MC_CMD_RESOURCE_INSTANCE_ANY to allow the system to allocate an offset. */ #define MC_CMD_SET_SRIOV_CFG_IN_VF_OFFSET_OFST 12 +#define MC_CMD_SET_SRIOV_CFG_IN_VF_OFFSET_LEN 4 /* RID offset of each subsequent VF from the previous, 0 for no change, or * MC_CMD_RESOURCE_INSTANCE_ANY to allow the system to allocate a stride. */ #define MC_CMD_SET_SRIOV_CFG_IN_VF_STRIDE_OFST 16 +#define MC_CMD_SET_SRIOV_CFG_IN_VF_STRIDE_LEN 4 /* MC_CMD_SET_SRIOV_CFG_OUT msgresponse */ #define MC_CMD_SET_SRIOV_CFG_OUT_LEN 0 @@ -9904,12 +9341,15 @@ #define MC_CMD_GET_VI_ALLOC_INFO_OUT_LEN 12 /* The number of VIs allocated on this function */ #define MC_CMD_GET_VI_ALLOC_INFO_OUT_VI_COUNT_OFST 0 +#define MC_CMD_GET_VI_ALLOC_INFO_OUT_VI_COUNT_LEN 4 /* The base absolute VI number allocated to this function. Required to * correctly interpret wakeup events. */ #define MC_CMD_GET_VI_ALLOC_INFO_OUT_VI_BASE_OFST 4 +#define MC_CMD_GET_VI_ALLOC_INFO_OUT_VI_BASE_LEN 4 /* Function's port vi_shift value (always 0 on Huntington) */ #define MC_CMD_GET_VI_ALLOC_INFO_OUT_VI_SHIFT_OFST 8 +#define MC_CMD_GET_VI_ALLOC_INFO_OUT_VI_SHIFT_LEN 4 /***********************************/ @@ -9925,6 +9365,7 @@ #define MC_CMD_DUMP_VI_STATE_IN_LEN 4 /* The VI number to query. */ #define MC_CMD_DUMP_VI_STATE_IN_VI_NUMBER_OFST 0 +#define MC_CMD_DUMP_VI_STATE_IN_VI_NUMBER_LEN 4 /* MC_CMD_DUMP_VI_STATE_OUT msgresponse */ #define MC_CMD_DUMP_VI_STATE_OUT_LEN 96 @@ -9958,6 +9399,7 @@ #define MC_CMD_DUMP_VI_STATE_OUT_VI_EV_TIMER_RAW_HI_OFST 24 /* Combined metadata field. */ #define MC_CMD_DUMP_VI_STATE_OUT_VI_EV_META_OFST 28 +#define MC_CMD_DUMP_VI_STATE_OUT_VI_EV_META_LEN 4 #define MC_CMD_DUMP_VI_STATE_OUT_VI_EV_META_BUFS_BASE_LBN 0 #define MC_CMD_DUMP_VI_STATE_OUT_VI_EV_META_BUFS_BASE_WIDTH 16 #define MC_CMD_DUMP_VI_STATE_OUT_VI_EV_META_BUFS_NPAGES_LBN 16 @@ -10040,6 +9482,7 @@ #define MC_CMD_ALLOC_PIOBUF_OUT_LEN 4 /* Handle for allocated push I/O buffer. */ #define MC_CMD_ALLOC_PIOBUF_OUT_PIOBUF_HANDLE_OFST 0 +#define MC_CMD_ALLOC_PIOBUF_OUT_PIOBUF_HANDLE_LEN 4 /***********************************/ @@ -10055,6 +9498,7 @@ #define MC_CMD_FREE_PIOBUF_IN_LEN 4 /* Handle for allocated push I/O buffer. */ #define MC_CMD_FREE_PIOBUF_IN_PIOBUF_HANDLE_OFST 0 +#define MC_CMD_FREE_PIOBUF_IN_PIOBUF_HANDLE_LEN 4 /* MC_CMD_FREE_PIOBUF_OUT msgresponse */ #define MC_CMD_FREE_PIOBUF_OUT_LEN 0 @@ -10073,6 +9517,7 @@ #define MC_CMD_GET_VI_TLP_PROCESSING_IN_LEN 4 /* VI number to get information for. */ #define MC_CMD_GET_VI_TLP_PROCESSING_IN_INSTANCE_OFST 0 +#define MC_CMD_GET_VI_TLP_PROCESSING_IN_INSTANCE_LEN 4 /* MC_CMD_GET_VI_TLP_PROCESSING_OUT msgresponse */ #define MC_CMD_GET_VI_TLP_PROCESSING_OUT_LEN 4 @@ -10095,6 +9540,7 @@ #define MC_CMD_GET_VI_TLP_PROCESSING_OUT_TPH_ON_LBN 19 #define MC_CMD_GET_VI_TLP_PROCESSING_OUT_TPH_ON_WIDTH 1 #define MC_CMD_GET_VI_TLP_PROCESSING_OUT_DATA_OFST 0 +#define MC_CMD_GET_VI_TLP_PROCESSING_OUT_DATA_LEN 4 /***********************************/ @@ -10110,6 +9556,7 @@ #define MC_CMD_SET_VI_TLP_PROCESSING_IN_LEN 8 /* VI number to set information for. */ #define MC_CMD_SET_VI_TLP_PROCESSING_IN_INSTANCE_OFST 0 +#define MC_CMD_SET_VI_TLP_PROCESSING_IN_INSTANCE_LEN 4 /* Transaction processing steering hint 1 for use with the Rx Queue. */ #define MC_CMD_SET_VI_TLP_PROCESSING_IN_TPH_TAG1_RX_OFST 4 #define MC_CMD_SET_VI_TLP_PROCESSING_IN_TPH_TAG1_RX_LEN 1 @@ -10129,6 +9576,7 @@ #define MC_CMD_SET_VI_TLP_PROCESSING_IN_TPH_ON_LBN 51 #define MC_CMD_SET_VI_TLP_PROCESSING_IN_TPH_ON_WIDTH 1 #define MC_CMD_SET_VI_TLP_PROCESSING_IN_DATA_OFST 4 +#define MC_CMD_SET_VI_TLP_PROCESSING_IN_DATA_LEN 4 /* MC_CMD_SET_VI_TLP_PROCESSING_OUT msgresponse */ #define MC_CMD_SET_VI_TLP_PROCESSING_OUT_LEN 0 @@ -10146,22 +9594,25 @@ /* MC_CMD_GET_TLP_PROCESSING_GLOBALS_IN msgrequest */ #define MC_CMD_GET_TLP_PROCESSING_GLOBALS_IN_LEN 4 #define MC_CMD_GET_TLP_PROCESSING_GLOBALS_IN_TLP_GLOBAL_CATEGORY_OFST 0 +#define MC_CMD_GET_TLP_PROCESSING_GLOBALS_IN_TLP_GLOBAL_CATEGORY_LEN 4 /* enum: MISC. */ -#define MC_CMD_GET_TLP_PROCESSING_GLOBALS_IN_TLP_GLOBAL_CATEGORY_MISC 0x0 +#define MC_CMD_GET_TLP_PROCESSING_GLOBALS_IN_TLP_GLOBAL_CATEGORY_MISC 0x0 /* enum: IDO. */ -#define MC_CMD_GET_TLP_PROCESSING_GLOBALS_IN_TLP_GLOBAL_CATEGORY_IDO 0x1 +#define MC_CMD_GET_TLP_PROCESSING_GLOBALS_IN_TLP_GLOBAL_CATEGORY_IDO 0x1 /* enum: RO. */ -#define MC_CMD_GET_TLP_PROCESSING_GLOBALS_IN_TLP_GLOBAL_CATEGORY_RO 0x2 +#define MC_CMD_GET_TLP_PROCESSING_GLOBALS_IN_TLP_GLOBAL_CATEGORY_RO 0x2 /* enum: TPH Type. */ -#define MC_CMD_GET_TLP_PROCESSING_GLOBALS_IN_TLP_GLOBAL_CATEGORY_TPH_TYPE 0x3 +#define MC_CMD_GET_TLP_PROCESSING_GLOBALS_IN_TLP_GLOBAL_CATEGORY_TPH_TYPE 0x3 /* MC_CMD_GET_TLP_PROCESSING_GLOBALS_OUT msgresponse */ #define MC_CMD_GET_TLP_PROCESSING_GLOBALS_OUT_LEN 8 #define MC_CMD_GET_TLP_PROCESSING_GLOBALS_OUT_TLP_GLOBAL_CATEGORY_OFST 0 +#define MC_CMD_GET_TLP_PROCESSING_GLOBALS_OUT_TLP_GLOBAL_CATEGORY_LEN 4 /* Enum values, see field(s): */ /* MC_CMD_GET_TLP_PROCESSING_GLOBALS_IN/TLP_GLOBAL_CATEGORY */ /* Amalgamated TLP info word. */ #define MC_CMD_GET_TLP_PROCESSING_GLOBALS_OUT_TLP_INFO_WORD_OFST 4 +#define MC_CMD_GET_TLP_PROCESSING_GLOBALS_OUT_TLP_INFO_WORD_LEN 4 #define MC_CMD_GET_TLP_PROCESSING_GLOBALS_OUT_TLP_INFO_MISC_WTAG_EN_LBN 0 #define MC_CMD_GET_TLP_PROCESSING_GLOBALS_OUT_TLP_INFO_MISC_WTAG_EN_WIDTH 1 #define MC_CMD_GET_TLP_PROCESSING_GLOBALS_OUT_TLP_INFO_MISC_SPARE_LBN 1 @@ -10210,10 +9661,12 @@ /* MC_CMD_SET_TLP_PROCESSING_GLOBALS_IN msgrequest */ #define MC_CMD_SET_TLP_PROCESSING_GLOBALS_IN_LEN 8 #define MC_CMD_SET_TLP_PROCESSING_GLOBALS_IN_TLP_GLOBAL_CATEGORY_OFST 0 +#define MC_CMD_SET_TLP_PROCESSING_GLOBALS_IN_TLP_GLOBAL_CATEGORY_LEN 4 /* Enum values, see field(s): */ /* MC_CMD_GET_TLP_PROCESSING_GLOBALS/MC_CMD_GET_TLP_PROCESSING_GLOBALS_IN/TLP_GLOBAL_CATEGORY */ /* Amalgamated TLP info word. */ #define MC_CMD_SET_TLP_PROCESSING_GLOBALS_IN_TLP_INFO_WORD_OFST 4 +#define MC_CMD_SET_TLP_PROCESSING_GLOBALS_IN_TLP_INFO_WORD_LEN 4 #define MC_CMD_SET_TLP_PROCESSING_GLOBALS_IN_TLP_INFO_MISC_WTAG_EN_LBN 0 #define MC_CMD_SET_TLP_PROCESSING_GLOBALS_IN_TLP_INFO_MISC_WTAG_EN_WIDTH 1 #define MC_CMD_SET_TLP_PROCESSING_GLOBALS_IN_TLP_INFO_IDO_DL_EN_LBN 0 @@ -10254,7 +9707,7 @@ #define MC_CMD_SATELLITE_DOWNLOAD 0x91 #undef MC_CMD_0x91_PRIVILEGE_CTG -#define MC_CMD_0x91_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0x91_PRIVILEGE_CTG SRIOV_CTG_ADMIN_TSA_UNBOUND /* MC_CMD_SATELLITE_DOWNLOAD_IN msgrequest: The reset requirements for the CPUs * are subtle, and so downloads must proceed in a number of phases. @@ -10281,57 +9734,61 @@ * in a command from the host.) */ #define MC_CMD_SATELLITE_DOWNLOAD_IN_PHASE_OFST 0 -#define MC_CMD_SATELLITE_DOWNLOAD_IN_PHASE_IDLE 0x0 /* enum */ -#define MC_CMD_SATELLITE_DOWNLOAD_IN_PHASE_RESET 0x1 /* enum */ -#define MC_CMD_SATELLITE_DOWNLOAD_IN_PHASE_IMEMS 0x2 /* enum */ -#define MC_CMD_SATELLITE_DOWNLOAD_IN_PHASE_VECTORS 0x3 /* enum */ -#define MC_CMD_SATELLITE_DOWNLOAD_IN_PHASE_READY 0x4 /* enum */ +#define MC_CMD_SATELLITE_DOWNLOAD_IN_PHASE_LEN 4 +#define MC_CMD_SATELLITE_DOWNLOAD_IN_PHASE_IDLE 0x0 /* enum */ +#define MC_CMD_SATELLITE_DOWNLOAD_IN_PHASE_RESET 0x1 /* enum */ +#define MC_CMD_SATELLITE_DOWNLOAD_IN_PHASE_IMEMS 0x2 /* enum */ +#define MC_CMD_SATELLITE_DOWNLOAD_IN_PHASE_VECTORS 0x3 /* enum */ +#define MC_CMD_SATELLITE_DOWNLOAD_IN_PHASE_READY 0x4 /* enum */ /* Target for download. (These match the blob numbers defined in * mc_flash_layout.h.) */ #define MC_CMD_SATELLITE_DOWNLOAD_IN_TARGET_OFST 4 +#define MC_CMD_SATELLITE_DOWNLOAD_IN_TARGET_LEN 4 /* enum: Valid in phase 2 (PHASE_IMEMS) only */ -#define MC_CMD_SATELLITE_DOWNLOAD_IN_TARGET_TXDI_TEXT 0x0 +#define MC_CMD_SATELLITE_DOWNLOAD_IN_TARGET_TXDI_TEXT 0x0 /* enum: Valid in phase 2 (PHASE_IMEMS) only */ -#define MC_CMD_SATELLITE_DOWNLOAD_IN_TARGET_RXDI_TEXT 0x1 +#define MC_CMD_SATELLITE_DOWNLOAD_IN_TARGET_RXDI_TEXT 0x1 /* enum: Valid in phase 2 (PHASE_IMEMS) only */ -#define MC_CMD_SATELLITE_DOWNLOAD_IN_TARGET_TXDP_TEXT 0x2 +#define MC_CMD_SATELLITE_DOWNLOAD_IN_TARGET_TXDP_TEXT 0x2 /* enum: Valid in phase 2 (PHASE_IMEMS) only */ -#define MC_CMD_SATELLITE_DOWNLOAD_IN_TARGET_RXDP_TEXT 0x3 +#define MC_CMD_SATELLITE_DOWNLOAD_IN_TARGET_RXDP_TEXT 0x3 /* enum: Valid in phase 2 (PHASE_IMEMS) only */ -#define MC_CMD_SATELLITE_DOWNLOAD_IN_TARGET_RXHRSL_HR_LUT 0x4 +#define MC_CMD_SATELLITE_DOWNLOAD_IN_TARGET_RXHRSL_HR_LUT 0x4 /* enum: Valid in phase 2 (PHASE_IMEMS) only */ -#define MC_CMD_SATELLITE_DOWNLOAD_IN_TARGET_RXHRSL_HR_LUT_CFG 0x5 +#define MC_CMD_SATELLITE_DOWNLOAD_IN_TARGET_RXHRSL_HR_LUT_CFG 0x5 /* enum: Valid in phase 2 (PHASE_IMEMS) only */ -#define MC_CMD_SATELLITE_DOWNLOAD_IN_TARGET_TXHRSL_HR_LUT 0x6 +#define MC_CMD_SATELLITE_DOWNLOAD_IN_TARGET_TXHRSL_HR_LUT 0x6 /* enum: Valid in phase 2 (PHASE_IMEMS) only */ -#define MC_CMD_SATELLITE_DOWNLOAD_IN_TARGET_TXHRSL_HR_LUT_CFG 0x7 +#define MC_CMD_SATELLITE_DOWNLOAD_IN_TARGET_TXHRSL_HR_LUT_CFG 0x7 /* enum: Valid in phase 2 (PHASE_IMEMS) only */ -#define MC_CMD_SATELLITE_DOWNLOAD_IN_TARGET_RXHRSL_HR_PGM 0x8 +#define MC_CMD_SATELLITE_DOWNLOAD_IN_TARGET_RXHRSL_HR_PGM 0x8 /* enum: Valid in phase 2 (PHASE_IMEMS) only */ -#define MC_CMD_SATELLITE_DOWNLOAD_IN_TARGET_RXHRSL_SL_PGM 0x9 +#define MC_CMD_SATELLITE_DOWNLOAD_IN_TARGET_RXHRSL_SL_PGM 0x9 /* enum: Valid in phase 2 (PHASE_IMEMS) only */ -#define MC_CMD_SATELLITE_DOWNLOAD_IN_TARGET_TXHRSL_HR_PGM 0xa +#define MC_CMD_SATELLITE_DOWNLOAD_IN_TARGET_TXHRSL_HR_PGM 0xa /* enum: Valid in phase 2 (PHASE_IMEMS) only */ -#define MC_CMD_SATELLITE_DOWNLOAD_IN_TARGET_TXHRSL_SL_PGM 0xb +#define MC_CMD_SATELLITE_DOWNLOAD_IN_TARGET_TXHRSL_SL_PGM 0xb /* enum: Valid in phase 3 (PHASE_VECTORS) only */ -#define MC_CMD_SATELLITE_DOWNLOAD_IN_TARGET_RXDI_VTBL0 0xc +#define MC_CMD_SATELLITE_DOWNLOAD_IN_TARGET_RXDI_VTBL0 0xc /* enum: Valid in phase 3 (PHASE_VECTORS) only */ -#define MC_CMD_SATELLITE_DOWNLOAD_IN_TARGET_TXDI_VTBL0 0xd +#define MC_CMD_SATELLITE_DOWNLOAD_IN_TARGET_TXDI_VTBL0 0xd /* enum: Valid in phase 3 (PHASE_VECTORS) only */ -#define MC_CMD_SATELLITE_DOWNLOAD_IN_TARGET_RXDI_VTBL1 0xe +#define MC_CMD_SATELLITE_DOWNLOAD_IN_TARGET_RXDI_VTBL1 0xe /* enum: Valid in phase 3 (PHASE_VECTORS) only */ -#define MC_CMD_SATELLITE_DOWNLOAD_IN_TARGET_TXDI_VTBL1 0xf +#define MC_CMD_SATELLITE_DOWNLOAD_IN_TARGET_TXDI_VTBL1 0xf /* enum: Valid in phases 1 (PHASE_RESET) and 4 (PHASE_READY) only */ -#define MC_CMD_SATELLITE_DOWNLOAD_IN_TARGET_ALL 0xffffffff +#define MC_CMD_SATELLITE_DOWNLOAD_IN_TARGET_ALL 0xffffffff /* Chunk ID, or CHUNK_ID_LAST or CHUNK_ID_ABORT */ #define MC_CMD_SATELLITE_DOWNLOAD_IN_CHUNK_ID_OFST 8 +#define MC_CMD_SATELLITE_DOWNLOAD_IN_CHUNK_ID_LEN 4 /* enum: Last chunk, containing checksum rather than data */ -#define MC_CMD_SATELLITE_DOWNLOAD_IN_CHUNK_ID_LAST 0xffffffff +#define MC_CMD_SATELLITE_DOWNLOAD_IN_CHUNK_ID_LAST 0xffffffff /* enum: Abort download of this item */ -#define MC_CMD_SATELLITE_DOWNLOAD_IN_CHUNK_ID_ABORT 0xfffffffe +#define MC_CMD_SATELLITE_DOWNLOAD_IN_CHUNK_ID_ABORT 0xfffffffe /* Length of this chunk in bytes */ #define MC_CMD_SATELLITE_DOWNLOAD_IN_CHUNK_LEN_OFST 12 +#define MC_CMD_SATELLITE_DOWNLOAD_IN_CHUNK_LEN_LEN 4 /* Data for this chunk */ #define MC_CMD_SATELLITE_DOWNLOAD_IN_CHUNK_DATA_OFST 16 #define MC_CMD_SATELLITE_DOWNLOAD_IN_CHUNK_DATA_LEN 4 @@ -10342,24 +9799,26 @@ #define MC_CMD_SATELLITE_DOWNLOAD_OUT_LEN 8 /* Same as MC_CMD_ERR field, but included as 0 in success cases */ #define MC_CMD_SATELLITE_DOWNLOAD_OUT_RESULT_OFST 0 +#define MC_CMD_SATELLITE_DOWNLOAD_OUT_RESULT_LEN 4 /* Extra status information */ #define MC_CMD_SATELLITE_DOWNLOAD_OUT_INFO_OFST 4 +#define MC_CMD_SATELLITE_DOWNLOAD_OUT_INFO_LEN 4 /* enum: Code download OK, completed. */ -#define MC_CMD_SATELLITE_DOWNLOAD_OUT_OK_COMPLETE 0x0 +#define MC_CMD_SATELLITE_DOWNLOAD_OUT_OK_COMPLETE 0x0 /* enum: Code download aborted as requested. */ -#define MC_CMD_SATELLITE_DOWNLOAD_OUT_OK_ABORTED 0x1 +#define MC_CMD_SATELLITE_DOWNLOAD_OUT_OK_ABORTED 0x1 /* enum: Code download OK so far, send next chunk. */ -#define MC_CMD_SATELLITE_DOWNLOAD_OUT_OK_NEXT_CHUNK 0x2 +#define MC_CMD_SATELLITE_DOWNLOAD_OUT_OK_NEXT_CHUNK 0x2 /* enum: Download phases out of sequence */ -#define MC_CMD_SATELLITE_DOWNLOAD_OUT_ERR_BAD_PHASE 0x100 +#define MC_CMD_SATELLITE_DOWNLOAD_OUT_ERR_BAD_PHASE 0x100 /* enum: Bad target for this phase */ -#define MC_CMD_SATELLITE_DOWNLOAD_OUT_ERR_BAD_TARGET 0x101 +#define MC_CMD_SATELLITE_DOWNLOAD_OUT_ERR_BAD_TARGET 0x101 /* enum: Chunk ID out of sequence */ -#define MC_CMD_SATELLITE_DOWNLOAD_OUT_ERR_BAD_CHUNK_ID 0x200 +#define MC_CMD_SATELLITE_DOWNLOAD_OUT_ERR_BAD_CHUNK_ID 0x200 /* enum: Chunk length zero or too large */ -#define MC_CMD_SATELLITE_DOWNLOAD_OUT_ERR_BAD_CHUNK_LEN 0x201 +#define MC_CMD_SATELLITE_DOWNLOAD_OUT_ERR_BAD_CHUNK_LEN 0x201 /* enum: Checksum was incorrect */ -#define MC_CMD_SATELLITE_DOWNLOAD_OUT_ERR_BAD_CHECKSUM 0x300 +#define MC_CMD_SATELLITE_DOWNLOAD_OUT_ERR_BAD_CHECKSUM 0x300 /***********************************/ @@ -10381,6 +9840,7 @@ #define MC_CMD_GET_CAPABILITIES_OUT_LEN 20 /* First word of flags. */ #define MC_CMD_GET_CAPABILITIES_OUT_FLAGS1_OFST 0 +#define MC_CMD_GET_CAPABILITIES_OUT_FLAGS1_LEN 4 #define MC_CMD_GET_CAPABILITIES_OUT_VPORT_RECONFIGURE_LBN 3 #define MC_CMD_GET_CAPABILITIES_OUT_VPORT_RECONFIGURE_WIDTH 1 #define MC_CMD_GET_CAPABILITIES_OUT_TX_STRIPING_LBN 4 @@ -10443,48 +9903,58 @@ #define MC_CMD_GET_CAPABILITIES_OUT_RX_DPCPU_FW_ID_OFST 4 #define MC_CMD_GET_CAPABILITIES_OUT_RX_DPCPU_FW_ID_LEN 2 /* enum: Standard RXDP firmware */ -#define MC_CMD_GET_CAPABILITIES_OUT_RXDP 0x0 +#define MC_CMD_GET_CAPABILITIES_OUT_RXDP 0x0 /* enum: Low latency RXDP firmware */ -#define MC_CMD_GET_CAPABILITIES_OUT_RXDP_LOW_LATENCY 0x1 +#define MC_CMD_GET_CAPABILITIES_OUT_RXDP_LOW_LATENCY 0x1 /* enum: Packed stream RXDP firmware */ -#define MC_CMD_GET_CAPABILITIES_OUT_RXDP_PACKED_STREAM 0x2 +#define MC_CMD_GET_CAPABILITIES_OUT_RXDP_PACKED_STREAM 0x2 +/* enum: Rules engine RXDP firmware */ +#define MC_CMD_GET_CAPABILITIES_OUT_RXDP_RULES_ENGINE 0x5 +/* enum: DPDK RXDP firmware */ +#define MC_CMD_GET_CAPABILITIES_OUT_RXDP_DPDK 0x6 /* enum: BIST RXDP firmware */ -#define MC_CMD_GET_CAPABILITIES_OUT_RXDP_BIST 0x10a +#define MC_CMD_GET_CAPABILITIES_OUT_RXDP_BIST 0x10a /* enum: RXDP Test firmware image 1 */ -#define MC_CMD_GET_CAPABILITIES_OUT_RXDP_TEST_FW_TO_MC_CUT_THROUGH 0x101 +#define MC_CMD_GET_CAPABILITIES_OUT_RXDP_TEST_FW_TO_MC_CUT_THROUGH 0x101 /* enum: RXDP Test firmware image 2 */ -#define MC_CMD_GET_CAPABILITIES_OUT_RXDP_TEST_FW_TO_MC_STORE_FORWARD 0x102 +#define MC_CMD_GET_CAPABILITIES_OUT_RXDP_TEST_FW_TO_MC_STORE_FORWARD 0x102 /* enum: RXDP Test firmware image 3 */ -#define MC_CMD_GET_CAPABILITIES_OUT_RXDP_TEST_FW_TO_MC_STORE_FORWARD_FIRST 0x103 +#define MC_CMD_GET_CAPABILITIES_OUT_RXDP_TEST_FW_TO_MC_STORE_FORWARD_FIRST 0x103 /* enum: RXDP Test firmware image 4 */ -#define MC_CMD_GET_CAPABILITIES_OUT_RXDP_TEST_EVERY_EVENT_BATCHABLE 0x104 +#define MC_CMD_GET_CAPABILITIES_OUT_RXDP_TEST_EVERY_EVENT_BATCHABLE 0x104 /* enum: RXDP Test firmware image 5 */ -#define MC_CMD_GET_CAPABILITIES_OUT_RXDP_TEST_BACKPRESSURE 0x105 +#define MC_CMD_GET_CAPABILITIES_OUT_RXDP_TEST_BACKPRESSURE 0x105 /* enum: RXDP Test firmware image 6 */ -#define MC_CMD_GET_CAPABILITIES_OUT_RXDP_TEST_FW_PACKET_EDITS 0x106 +#define MC_CMD_GET_CAPABILITIES_OUT_RXDP_TEST_FW_PACKET_EDITS 0x106 /* enum: RXDP Test firmware image 7 */ -#define MC_CMD_GET_CAPABILITIES_OUT_RXDP_TEST_FW_RX_HDR_SPLIT 0x107 +#define MC_CMD_GET_CAPABILITIES_OUT_RXDP_TEST_FW_RX_HDR_SPLIT 0x107 /* enum: RXDP Test firmware image 8 */ -#define MC_CMD_GET_CAPABILITIES_OUT_RXDP_TEST_FW_DISABLE_DL 0x108 +#define MC_CMD_GET_CAPABILITIES_OUT_RXDP_TEST_FW_DISABLE_DL 0x108 /* enum: RXDP Test firmware image 9 */ -#define MC_CMD_GET_CAPABILITIES_OUT_RXDP_TEST_FW_DOORBELL_DELAY 0x10b +#define MC_CMD_GET_CAPABILITIES_OUT_RXDP_TEST_FW_DOORBELL_DELAY 0x10b +/* enum: RXDP Test firmware image 10 */ +#define MC_CMD_GET_CAPABILITIES_OUT_RXDP_TEST_FW_SLOW 0x10c /* TxDPCPU firmware id. */ #define MC_CMD_GET_CAPABILITIES_OUT_TX_DPCPU_FW_ID_OFST 6 #define MC_CMD_GET_CAPABILITIES_OUT_TX_DPCPU_FW_ID_LEN 2 /* enum: Standard TXDP firmware */ -#define MC_CMD_GET_CAPABILITIES_OUT_TXDP 0x0 +#define MC_CMD_GET_CAPABILITIES_OUT_TXDP 0x0 /* enum: Low latency TXDP firmware */ -#define MC_CMD_GET_CAPABILITIES_OUT_TXDP_LOW_LATENCY 0x1 +#define MC_CMD_GET_CAPABILITIES_OUT_TXDP_LOW_LATENCY 0x1 /* enum: High packet rate TXDP firmware */ -#define MC_CMD_GET_CAPABILITIES_OUT_TXDP_HIGH_PACKET_RATE 0x3 +#define MC_CMD_GET_CAPABILITIES_OUT_TXDP_HIGH_PACKET_RATE 0x3 +/* enum: Rules engine TXDP firmware */ +#define MC_CMD_GET_CAPABILITIES_OUT_TXDP_RULES_ENGINE 0x5 +/* enum: DPDK TXDP firmware */ +#define MC_CMD_GET_CAPABILITIES_OUT_TXDP_DPDK 0x6 /* enum: BIST TXDP firmware */ -#define MC_CMD_GET_CAPABILITIES_OUT_TXDP_BIST 0x12d +#define MC_CMD_GET_CAPABILITIES_OUT_TXDP_BIST 0x12d /* enum: TXDP Test firmware image 1 */ -#define MC_CMD_GET_CAPABILITIES_OUT_TXDP_TEST_FW_TSO_EDIT 0x101 +#define MC_CMD_GET_CAPABILITIES_OUT_TXDP_TEST_FW_TSO_EDIT 0x101 /* enum: TXDP Test firmware image 2 */ -#define MC_CMD_GET_CAPABILITIES_OUT_TXDP_TEST_FW_PACKET_EDITS 0x102 +#define MC_CMD_GET_CAPABILITIES_OUT_TXDP_TEST_FW_PACKET_EDITS 0x102 /* enum: TXDP CSR bus test firmware */ -#define MC_CMD_GET_CAPABILITIES_OUT_TXDP_TEST_FW_CSR 0x103 +#define MC_CMD_GET_CAPABILITIES_OUT_TXDP_TEST_FW_CSR 0x103 #define MC_CMD_GET_CAPABILITIES_OUT_RXPD_FW_VERSION_OFST 8 #define MC_CMD_GET_CAPABILITIES_OUT_RXPD_FW_VERSION_LEN 2 #define MC_CMD_GET_CAPABILITIES_OUT_RXPD_FW_VERSION_REV_LBN 0 @@ -10494,39 +9964,43 @@ /* enum: reserved value - do not use (may indicate alternative interpretation * of REV field in future) */ -#define MC_CMD_GET_CAPABILITIES_OUT_RXPD_FW_TYPE_RESERVED 0x0 +#define MC_CMD_GET_CAPABILITIES_OUT_RXPD_FW_TYPE_RESERVED 0x0 /* enum: Trivial RX PD firmware for early Huntington development (Huntington * development only) */ -#define MC_CMD_GET_CAPABILITIES_OUT_RXPD_FW_TYPE_FIRST_PKT 0x1 +#define MC_CMD_GET_CAPABILITIES_OUT_RXPD_FW_TYPE_FIRST_PKT 0x1 /* enum: RX PD firmware with approximately Siena-compatible behaviour * (Huntington development only) */ -#define MC_CMD_GET_CAPABILITIES_OUT_RXPD_FW_TYPE_SIENA_COMPAT 0x2 +#define MC_CMD_GET_CAPABILITIES_OUT_RXPD_FW_TYPE_SIENA_COMPAT 0x2 /* enum: Full featured RX PD production firmware */ -#define MC_CMD_GET_CAPABILITIES_OUT_RXPD_FW_TYPE_FULL_FEATURED 0x3 +#define MC_CMD_GET_CAPABILITIES_OUT_RXPD_FW_TYPE_FULL_FEATURED 0x3 /* enum: (deprecated original name for the FULL_FEATURED variant) */ -#define MC_CMD_GET_CAPABILITIES_OUT_RXPD_FW_TYPE_VSWITCH 0x3 +#define MC_CMD_GET_CAPABILITIES_OUT_RXPD_FW_TYPE_VSWITCH 0x3 /* enum: siena_compat variant RX PD firmware using PM rather than MAC * (Huntington development only) */ -#define MC_CMD_GET_CAPABILITIES_OUT_RXPD_FW_TYPE_SIENA_COMPAT_PM 0x4 +#define MC_CMD_GET_CAPABILITIES_OUT_RXPD_FW_TYPE_SIENA_COMPAT_PM 0x4 /* enum: Low latency RX PD production firmware */ -#define MC_CMD_GET_CAPABILITIES_OUT_RXPD_FW_TYPE_LOW_LATENCY 0x5 +#define MC_CMD_GET_CAPABILITIES_OUT_RXPD_FW_TYPE_LOW_LATENCY 0x5 /* enum: Packed stream RX PD production firmware */ -#define MC_CMD_GET_CAPABILITIES_OUT_RXPD_FW_TYPE_PACKED_STREAM 0x6 +#define MC_CMD_GET_CAPABILITIES_OUT_RXPD_FW_TYPE_PACKED_STREAM 0x6 /* enum: RX PD firmware handling layer 2 only for high packet rate performance * tests (Medford development only) */ -#define MC_CMD_GET_CAPABILITIES_OUT_RXPD_FW_TYPE_LAYER2_PERF 0x7 +#define MC_CMD_GET_CAPABILITIES_OUT_RXPD_FW_TYPE_LAYER2_PERF 0x7 /* enum: Rules engine RX PD production firmware */ -#define MC_CMD_GET_CAPABILITIES_OUT_RXPD_FW_TYPE_RULES_ENGINE 0x8 +#define MC_CMD_GET_CAPABILITIES_OUT_RXPD_FW_TYPE_RULES_ENGINE 0x8 +/* enum: Custom firmware variant (see SF-119495-PD and bug69716) */ +#define MC_CMD_GET_CAPABILITIES_OUT_RXPD_FW_TYPE_L3XUDP 0x9 +/* enum: DPDK RX PD production firmware */ +#define MC_CMD_GET_CAPABILITIES_OUT_RXPD_FW_TYPE_DPDK 0xa /* enum: RX PD firmware for GUE parsing prototype (Medford development only) */ -#define MC_CMD_GET_CAPABILITIES_OUT_RXPD_FW_TYPE_TESTFW_GUE_PROTOTYPE 0xe +#define MC_CMD_GET_CAPABILITIES_OUT_RXPD_FW_TYPE_TESTFW_GUE_PROTOTYPE 0xe /* enum: RX PD firmware parsing but not filtering network overlay tunnel * encapsulations (Medford development only) */ -#define MC_CMD_GET_CAPABILITIES_OUT_RXPD_FW_TYPE_TESTFW_ENCAP_PARSING_ONLY 0xf +#define MC_CMD_GET_CAPABILITIES_OUT_RXPD_FW_TYPE_TESTFW_ENCAP_PARSING_ONLY 0xf #define MC_CMD_GET_CAPABILITIES_OUT_TXPD_FW_VERSION_OFST 10 #define MC_CMD_GET_CAPABILITIES_OUT_TXPD_FW_VERSION_LEN 2 #define MC_CMD_GET_CAPABILITIES_OUT_TXPD_FW_VERSION_REV_LBN 0 @@ -10536,36 +10010,42 @@ /* enum: reserved value - do not use (may indicate alternative interpretation * of REV field in future) */ -#define MC_CMD_GET_CAPABILITIES_OUT_TXPD_FW_TYPE_RESERVED 0x0 +#define MC_CMD_GET_CAPABILITIES_OUT_TXPD_FW_TYPE_RESERVED 0x0 /* enum: Trivial TX PD firmware for early Huntington development (Huntington * development only) */ -#define MC_CMD_GET_CAPABILITIES_OUT_TXPD_FW_TYPE_FIRST_PKT 0x1 +#define MC_CMD_GET_CAPABILITIES_OUT_TXPD_FW_TYPE_FIRST_PKT 0x1 /* enum: TX PD firmware with approximately Siena-compatible behaviour * (Huntington development only) */ -#define MC_CMD_GET_CAPABILITIES_OUT_TXPD_FW_TYPE_SIENA_COMPAT 0x2 +#define MC_CMD_GET_CAPABILITIES_OUT_TXPD_FW_TYPE_SIENA_COMPAT 0x2 /* enum: Full featured TX PD production firmware */ -#define MC_CMD_GET_CAPABILITIES_OUT_TXPD_FW_TYPE_FULL_FEATURED 0x3 +#define MC_CMD_GET_CAPABILITIES_OUT_TXPD_FW_TYPE_FULL_FEATURED 0x3 /* enum: (deprecated original name for the FULL_FEATURED variant) */ -#define MC_CMD_GET_CAPABILITIES_OUT_TXPD_FW_TYPE_VSWITCH 0x3 +#define MC_CMD_GET_CAPABILITIES_OUT_TXPD_FW_TYPE_VSWITCH 0x3 /* enum: siena_compat variant TX PD firmware using PM rather than MAC * (Huntington development only) */ -#define MC_CMD_GET_CAPABILITIES_OUT_TXPD_FW_TYPE_SIENA_COMPAT_PM 0x4 -#define MC_CMD_GET_CAPABILITIES_OUT_TXPD_FW_TYPE_LOW_LATENCY 0x5 /* enum */ +#define MC_CMD_GET_CAPABILITIES_OUT_TXPD_FW_TYPE_SIENA_COMPAT_PM 0x4 +#define MC_CMD_GET_CAPABILITIES_OUT_TXPD_FW_TYPE_LOW_LATENCY 0x5 /* enum */ /* enum: TX PD firmware handling layer 2 only for high packet rate performance * tests (Medford development only) */ -#define MC_CMD_GET_CAPABILITIES_OUT_TXPD_FW_TYPE_LAYER2_PERF 0x7 +#define MC_CMD_GET_CAPABILITIES_OUT_TXPD_FW_TYPE_LAYER2_PERF 0x7 /* enum: Rules engine TX PD production firmware */ -#define MC_CMD_GET_CAPABILITIES_OUT_TXPD_FW_TYPE_RULES_ENGINE 0x8 +#define MC_CMD_GET_CAPABILITIES_OUT_TXPD_FW_TYPE_RULES_ENGINE 0x8 +/* enum: Custom firmware variant (see SF-119495-PD and bug69716) */ +#define MC_CMD_GET_CAPABILITIES_OUT_TXPD_FW_TYPE_L3XUDP 0x9 +/* enum: DPDK TX PD production firmware */ +#define MC_CMD_GET_CAPABILITIES_OUT_TXPD_FW_TYPE_DPDK 0xa /* enum: RX PD firmware for GUE parsing prototype (Medford development only) */ -#define MC_CMD_GET_CAPABILITIES_OUT_TXPD_FW_TYPE_TESTFW_GUE_PROTOTYPE 0xe +#define MC_CMD_GET_CAPABILITIES_OUT_TXPD_FW_TYPE_TESTFW_GUE_PROTOTYPE 0xe /* Hardware capabilities of NIC */ #define MC_CMD_GET_CAPABILITIES_OUT_HW_CAPABILITIES_OFST 12 +#define MC_CMD_GET_CAPABILITIES_OUT_HW_CAPABILITIES_LEN 4 /* Licensed capabilities */ #define MC_CMD_GET_CAPABILITIES_OUT_LICENSE_CAPABILITIES_OFST 16 +#define MC_CMD_GET_CAPABILITIES_OUT_LICENSE_CAPABILITIES_LEN 4 /* MC_CMD_GET_CAPABILITIES_V2_IN msgrequest */ #define MC_CMD_GET_CAPABILITIES_V2_IN_LEN 0 @@ -10574,6 +10054,7 @@ #define MC_CMD_GET_CAPABILITIES_V2_OUT_LEN 72 /* First word of flags. */ #define MC_CMD_GET_CAPABILITIES_V2_OUT_FLAGS1_OFST 0 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_FLAGS1_LEN 4 #define MC_CMD_GET_CAPABILITIES_V2_OUT_VPORT_RECONFIGURE_LBN 3 #define MC_CMD_GET_CAPABILITIES_V2_OUT_VPORT_RECONFIGURE_WIDTH 1 #define MC_CMD_GET_CAPABILITIES_V2_OUT_TX_STRIPING_LBN 4 @@ -10636,48 +10117,58 @@ #define MC_CMD_GET_CAPABILITIES_V2_OUT_RX_DPCPU_FW_ID_OFST 4 #define MC_CMD_GET_CAPABILITIES_V2_OUT_RX_DPCPU_FW_ID_LEN 2 /* enum: Standard RXDP firmware */ -#define MC_CMD_GET_CAPABILITIES_V2_OUT_RXDP 0x0 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_RXDP 0x0 /* enum: Low latency RXDP firmware */ -#define MC_CMD_GET_CAPABILITIES_V2_OUT_RXDP_LOW_LATENCY 0x1 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_RXDP_LOW_LATENCY 0x1 /* enum: Packed stream RXDP firmware */ -#define MC_CMD_GET_CAPABILITIES_V2_OUT_RXDP_PACKED_STREAM 0x2 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_RXDP_PACKED_STREAM 0x2 +/* enum: Rules engine RXDP firmware */ +#define MC_CMD_GET_CAPABILITIES_V2_OUT_RXDP_RULES_ENGINE 0x5 +/* enum: DPDK RXDP firmware */ +#define MC_CMD_GET_CAPABILITIES_V2_OUT_RXDP_DPDK 0x6 /* enum: BIST RXDP firmware */ -#define MC_CMD_GET_CAPABILITIES_V2_OUT_RXDP_BIST 0x10a +#define MC_CMD_GET_CAPABILITIES_V2_OUT_RXDP_BIST 0x10a /* enum: RXDP Test firmware image 1 */ -#define MC_CMD_GET_CAPABILITIES_V2_OUT_RXDP_TEST_FW_TO_MC_CUT_THROUGH 0x101 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_RXDP_TEST_FW_TO_MC_CUT_THROUGH 0x101 /* enum: RXDP Test firmware image 2 */ -#define MC_CMD_GET_CAPABILITIES_V2_OUT_RXDP_TEST_FW_TO_MC_STORE_FORWARD 0x102 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_RXDP_TEST_FW_TO_MC_STORE_FORWARD 0x102 /* enum: RXDP Test firmware image 3 */ -#define MC_CMD_GET_CAPABILITIES_V2_OUT_RXDP_TEST_FW_TO_MC_STORE_FORWARD_FIRST 0x103 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_RXDP_TEST_FW_TO_MC_STORE_FORWARD_FIRST 0x103 /* enum: RXDP Test firmware image 4 */ -#define MC_CMD_GET_CAPABILITIES_V2_OUT_RXDP_TEST_EVERY_EVENT_BATCHABLE 0x104 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_RXDP_TEST_EVERY_EVENT_BATCHABLE 0x104 /* enum: RXDP Test firmware image 5 */ -#define MC_CMD_GET_CAPABILITIES_V2_OUT_RXDP_TEST_BACKPRESSURE 0x105 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_RXDP_TEST_BACKPRESSURE 0x105 /* enum: RXDP Test firmware image 6 */ -#define MC_CMD_GET_CAPABILITIES_V2_OUT_RXDP_TEST_FW_PACKET_EDITS 0x106 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_RXDP_TEST_FW_PACKET_EDITS 0x106 /* enum: RXDP Test firmware image 7 */ -#define MC_CMD_GET_CAPABILITIES_V2_OUT_RXDP_TEST_FW_RX_HDR_SPLIT 0x107 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_RXDP_TEST_FW_RX_HDR_SPLIT 0x107 /* enum: RXDP Test firmware image 8 */ -#define MC_CMD_GET_CAPABILITIES_V2_OUT_RXDP_TEST_FW_DISABLE_DL 0x108 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_RXDP_TEST_FW_DISABLE_DL 0x108 /* enum: RXDP Test firmware image 9 */ -#define MC_CMD_GET_CAPABILITIES_V2_OUT_RXDP_TEST_FW_DOORBELL_DELAY 0x10b +#define MC_CMD_GET_CAPABILITIES_V2_OUT_RXDP_TEST_FW_DOORBELL_DELAY 0x10b +/* enum: RXDP Test firmware image 10 */ +#define MC_CMD_GET_CAPABILITIES_V2_OUT_RXDP_TEST_FW_SLOW 0x10c /* TxDPCPU firmware id. */ #define MC_CMD_GET_CAPABILITIES_V2_OUT_TX_DPCPU_FW_ID_OFST 6 #define MC_CMD_GET_CAPABILITIES_V2_OUT_TX_DPCPU_FW_ID_LEN 2 /* enum: Standard TXDP firmware */ -#define MC_CMD_GET_CAPABILITIES_V2_OUT_TXDP 0x0 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_TXDP 0x0 /* enum: Low latency TXDP firmware */ -#define MC_CMD_GET_CAPABILITIES_V2_OUT_TXDP_LOW_LATENCY 0x1 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_TXDP_LOW_LATENCY 0x1 /* enum: High packet rate TXDP firmware */ -#define MC_CMD_GET_CAPABILITIES_V2_OUT_TXDP_HIGH_PACKET_RATE 0x3 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_TXDP_HIGH_PACKET_RATE 0x3 +/* enum: Rules engine TXDP firmware */ +#define MC_CMD_GET_CAPABILITIES_V2_OUT_TXDP_RULES_ENGINE 0x5 +/* enum: DPDK TXDP firmware */ +#define MC_CMD_GET_CAPABILITIES_V2_OUT_TXDP_DPDK 0x6 /* enum: BIST TXDP firmware */ -#define MC_CMD_GET_CAPABILITIES_V2_OUT_TXDP_BIST 0x12d +#define MC_CMD_GET_CAPABILITIES_V2_OUT_TXDP_BIST 0x12d /* enum: TXDP Test firmware image 1 */ -#define MC_CMD_GET_CAPABILITIES_V2_OUT_TXDP_TEST_FW_TSO_EDIT 0x101 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_TXDP_TEST_FW_TSO_EDIT 0x101 /* enum: TXDP Test firmware image 2 */ -#define MC_CMD_GET_CAPABILITIES_V2_OUT_TXDP_TEST_FW_PACKET_EDITS 0x102 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_TXDP_TEST_FW_PACKET_EDITS 0x102 /* enum: TXDP CSR bus test firmware */ -#define MC_CMD_GET_CAPABILITIES_V2_OUT_TXDP_TEST_FW_CSR 0x103 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_TXDP_TEST_FW_CSR 0x103 #define MC_CMD_GET_CAPABILITIES_V2_OUT_RXPD_FW_VERSION_OFST 8 #define MC_CMD_GET_CAPABILITIES_V2_OUT_RXPD_FW_VERSION_LEN 2 #define MC_CMD_GET_CAPABILITIES_V2_OUT_RXPD_FW_VERSION_REV_LBN 0 @@ -10687,39 +10178,43 @@ /* enum: reserved value - do not use (may indicate alternative interpretation * of REV field in future) */ -#define MC_CMD_GET_CAPABILITIES_V2_OUT_RXPD_FW_TYPE_RESERVED 0x0 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_RXPD_FW_TYPE_RESERVED 0x0 /* enum: Trivial RX PD firmware for early Huntington development (Huntington * development only) */ -#define MC_CMD_GET_CAPABILITIES_V2_OUT_RXPD_FW_TYPE_FIRST_PKT 0x1 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_RXPD_FW_TYPE_FIRST_PKT 0x1 /* enum: RX PD firmware with approximately Siena-compatible behaviour * (Huntington development only) */ -#define MC_CMD_GET_CAPABILITIES_V2_OUT_RXPD_FW_TYPE_SIENA_COMPAT 0x2 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_RXPD_FW_TYPE_SIENA_COMPAT 0x2 /* enum: Full featured RX PD production firmware */ -#define MC_CMD_GET_CAPABILITIES_V2_OUT_RXPD_FW_TYPE_FULL_FEATURED 0x3 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_RXPD_FW_TYPE_FULL_FEATURED 0x3 /* enum: (deprecated original name for the FULL_FEATURED variant) */ -#define MC_CMD_GET_CAPABILITIES_V2_OUT_RXPD_FW_TYPE_VSWITCH 0x3 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_RXPD_FW_TYPE_VSWITCH 0x3 /* enum: siena_compat variant RX PD firmware using PM rather than MAC * (Huntington development only) */ -#define MC_CMD_GET_CAPABILITIES_V2_OUT_RXPD_FW_TYPE_SIENA_COMPAT_PM 0x4 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_RXPD_FW_TYPE_SIENA_COMPAT_PM 0x4 /* enum: Low latency RX PD production firmware */ -#define MC_CMD_GET_CAPABILITIES_V2_OUT_RXPD_FW_TYPE_LOW_LATENCY 0x5 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_RXPD_FW_TYPE_LOW_LATENCY 0x5 /* enum: Packed stream RX PD production firmware */ -#define MC_CMD_GET_CAPABILITIES_V2_OUT_RXPD_FW_TYPE_PACKED_STREAM 0x6 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_RXPD_FW_TYPE_PACKED_STREAM 0x6 /* enum: RX PD firmware handling layer 2 only for high packet rate performance * tests (Medford development only) */ -#define MC_CMD_GET_CAPABILITIES_V2_OUT_RXPD_FW_TYPE_LAYER2_PERF 0x7 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_RXPD_FW_TYPE_LAYER2_PERF 0x7 /* enum: Rules engine RX PD production firmware */ -#define MC_CMD_GET_CAPABILITIES_V2_OUT_RXPD_FW_TYPE_RULES_ENGINE 0x8 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_RXPD_FW_TYPE_RULES_ENGINE 0x8 +/* enum: Custom firmware variant (see SF-119495-PD and bug69716) */ +#define MC_CMD_GET_CAPABILITIES_V2_OUT_RXPD_FW_TYPE_L3XUDP 0x9 +/* enum: DPDK RX PD production firmware */ +#define MC_CMD_GET_CAPABILITIES_V2_OUT_RXPD_FW_TYPE_DPDK 0xa /* enum: RX PD firmware for GUE parsing prototype (Medford development only) */ -#define MC_CMD_GET_CAPABILITIES_V2_OUT_RXPD_FW_TYPE_TESTFW_GUE_PROTOTYPE 0xe +#define MC_CMD_GET_CAPABILITIES_V2_OUT_RXPD_FW_TYPE_TESTFW_GUE_PROTOTYPE 0xe /* enum: RX PD firmware parsing but not filtering network overlay tunnel * encapsulations (Medford development only) */ -#define MC_CMD_GET_CAPABILITIES_V2_OUT_RXPD_FW_TYPE_TESTFW_ENCAP_PARSING_ONLY 0xf +#define MC_CMD_GET_CAPABILITIES_V2_OUT_RXPD_FW_TYPE_TESTFW_ENCAP_PARSING_ONLY 0xf #define MC_CMD_GET_CAPABILITIES_V2_OUT_TXPD_FW_VERSION_OFST 10 #define MC_CMD_GET_CAPABILITIES_V2_OUT_TXPD_FW_VERSION_LEN 2 #define MC_CMD_GET_CAPABILITIES_V2_OUT_TXPD_FW_VERSION_REV_LBN 0 @@ -10729,38 +10224,45 @@ /* enum: reserved value - do not use (may indicate alternative interpretation * of REV field in future) */ -#define MC_CMD_GET_CAPABILITIES_V2_OUT_TXPD_FW_TYPE_RESERVED 0x0 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_TXPD_FW_TYPE_RESERVED 0x0 /* enum: Trivial TX PD firmware for early Huntington development (Huntington * development only) */ -#define MC_CMD_GET_CAPABILITIES_V2_OUT_TXPD_FW_TYPE_FIRST_PKT 0x1 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_TXPD_FW_TYPE_FIRST_PKT 0x1 /* enum: TX PD firmware with approximately Siena-compatible behaviour * (Huntington development only) */ -#define MC_CMD_GET_CAPABILITIES_V2_OUT_TXPD_FW_TYPE_SIENA_COMPAT 0x2 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_TXPD_FW_TYPE_SIENA_COMPAT 0x2 /* enum: Full featured TX PD production firmware */ -#define MC_CMD_GET_CAPABILITIES_V2_OUT_TXPD_FW_TYPE_FULL_FEATURED 0x3 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_TXPD_FW_TYPE_FULL_FEATURED 0x3 /* enum: (deprecated original name for the FULL_FEATURED variant) */ -#define MC_CMD_GET_CAPABILITIES_V2_OUT_TXPD_FW_TYPE_VSWITCH 0x3 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_TXPD_FW_TYPE_VSWITCH 0x3 /* enum: siena_compat variant TX PD firmware using PM rather than MAC * (Huntington development only) */ -#define MC_CMD_GET_CAPABILITIES_V2_OUT_TXPD_FW_TYPE_SIENA_COMPAT_PM 0x4 -#define MC_CMD_GET_CAPABILITIES_V2_OUT_TXPD_FW_TYPE_LOW_LATENCY 0x5 /* enum */ +#define MC_CMD_GET_CAPABILITIES_V2_OUT_TXPD_FW_TYPE_SIENA_COMPAT_PM 0x4 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_TXPD_FW_TYPE_LOW_LATENCY 0x5 /* enum */ /* enum: TX PD firmware handling layer 2 only for high packet rate performance * tests (Medford development only) */ -#define MC_CMD_GET_CAPABILITIES_V2_OUT_TXPD_FW_TYPE_LAYER2_PERF 0x7 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_TXPD_FW_TYPE_LAYER2_PERF 0x7 /* enum: Rules engine TX PD production firmware */ -#define MC_CMD_GET_CAPABILITIES_V2_OUT_TXPD_FW_TYPE_RULES_ENGINE 0x8 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_TXPD_FW_TYPE_RULES_ENGINE 0x8 +/* enum: Custom firmware variant (see SF-119495-PD and bug69716) */ +#define MC_CMD_GET_CAPABILITIES_V2_OUT_TXPD_FW_TYPE_L3XUDP 0x9 +/* enum: DPDK TX PD production firmware */ +#define MC_CMD_GET_CAPABILITIES_V2_OUT_TXPD_FW_TYPE_DPDK 0xa /* enum: RX PD firmware for GUE parsing prototype (Medford development only) */ -#define MC_CMD_GET_CAPABILITIES_V2_OUT_TXPD_FW_TYPE_TESTFW_GUE_PROTOTYPE 0xe +#define MC_CMD_GET_CAPABILITIES_V2_OUT_TXPD_FW_TYPE_TESTFW_GUE_PROTOTYPE 0xe /* Hardware capabilities of NIC */ #define MC_CMD_GET_CAPABILITIES_V2_OUT_HW_CAPABILITIES_OFST 12 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_HW_CAPABILITIES_LEN 4 /* Licensed capabilities */ #define MC_CMD_GET_CAPABILITIES_V2_OUT_LICENSE_CAPABILITIES_OFST 16 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_LICENSE_CAPABILITIES_LEN 4 /* Second word of flags. Not present on older firmware (check the length). */ #define MC_CMD_GET_CAPABILITIES_V2_OUT_FLAGS2_OFST 20 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_FLAGS2_LEN 4 #define MC_CMD_GET_CAPABILITIES_V2_OUT_TX_TSO_V2_LBN 0 #define MC_CMD_GET_CAPABILITIES_V2_OUT_TX_TSO_V2_WIDTH 1 #define MC_CMD_GET_CAPABILITIES_V2_OUT_TX_TSO_V2_ENCAP_LBN 1 @@ -10791,6 +10293,30 @@ #define MC_CMD_GET_CAPABILITIES_V2_OUT_MCDI_BACKGROUND_WIDTH 1 #define MC_CMD_GET_CAPABILITIES_V2_OUT_MCDI_DB_RETURN_LBN 14 #define MC_CMD_GET_CAPABILITIES_V2_OUT_MCDI_DB_RETURN_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_CTPIO_LBN 15 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_CTPIO_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_TSA_SUPPORT_LBN 16 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_TSA_SUPPORT_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_TSA_BOUND_LBN 17 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_TSA_BOUND_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_SF_ADAPTER_AUTHENTICATION_LBN 18 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_SF_ADAPTER_AUTHENTICATION_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_FILTER_ACTION_FLAG_LBN 19 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_FILTER_ACTION_FLAG_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_FILTER_ACTION_MARK_LBN 20 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_FILTER_ACTION_MARK_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_EQUAL_STRIDE_SUPER_BUFFER_LBN 21 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_EQUAL_STRIDE_SUPER_BUFFER_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_EQUAL_STRIDE_PACKED_STREAM_LBN 21 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_EQUAL_STRIDE_PACKED_STREAM_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_L3XUDP_SUPPORT_LBN 22 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_L3XUDP_SUPPORT_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_FW_SUBVARIANT_NO_TX_CSUM_LBN 23 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_FW_SUBVARIANT_NO_TX_CSUM_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_VI_SPREADING_LBN 24 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_VI_SPREADING_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_RXDP_HLB_IDLE_LBN 25 +#define MC_CMD_GET_CAPABILITIES_V2_OUT_RXDP_HLB_IDLE_WIDTH 1 /* Number of FATSOv2 contexts per datapath supported by this NIC. Not present * on older firmware (check the length). */ @@ -10804,18 +10330,18 @@ #define MC_CMD_GET_CAPABILITIES_V2_OUT_PFS_TO_PORTS_ASSIGNMENT_LEN 1 #define MC_CMD_GET_CAPABILITIES_V2_OUT_PFS_TO_PORTS_ASSIGNMENT_NUM 16 /* enum: The caller is not permitted to access information on this PF. */ -#define MC_CMD_GET_CAPABILITIES_V2_OUT_ACCESS_NOT_PERMITTED 0xff +#define MC_CMD_GET_CAPABILITIES_V2_OUT_ACCESS_NOT_PERMITTED 0xff /* enum: PF does not exist. */ -#define MC_CMD_GET_CAPABILITIES_V2_OUT_PF_NOT_PRESENT 0xfe +#define MC_CMD_GET_CAPABILITIES_V2_OUT_PF_NOT_PRESENT 0xfe /* enum: PF does exist but is not assigned to any external port. */ -#define MC_CMD_GET_CAPABILITIES_V2_OUT_PF_NOT_ASSIGNED 0xfd +#define MC_CMD_GET_CAPABILITIES_V2_OUT_PF_NOT_ASSIGNED 0xfd /* enum: This value indicates that PF is assigned, but it cannot be expressed * in this field. It is intended for a possible future situation where a more * complex scheme of PFs to ports mapping is being used. The future driver * should look for a new field supporting the new scheme. The current/old * driver should treat this value as PF_NOT_ASSIGNED. */ -#define MC_CMD_GET_CAPABILITIES_V2_OUT_INCOMPATIBLE_ASSIGNMENT 0xfc +#define MC_CMD_GET_CAPABILITIES_V2_OUT_INCOMPATIBLE_ASSIGNMENT 0xfc /* One byte per PF containing the number of its VFs, indexed by PF number. A * special value indicates that a PF is not present. */ @@ -10823,9 +10349,9 @@ #define MC_CMD_GET_CAPABILITIES_V2_OUT_NUM_VFS_PER_PF_LEN 1 #define MC_CMD_GET_CAPABILITIES_V2_OUT_NUM_VFS_PER_PF_NUM 16 /* enum: The caller is not permitted to access information on this PF. */ -/* MC_CMD_GET_CAPABILITIES_V2_OUT_ACCESS_NOT_PERMITTED 0xff */ +/* MC_CMD_GET_CAPABILITIES_V2_OUT_ACCESS_NOT_PERMITTED 0xff */ /* enum: PF does not exist. */ -/* MC_CMD_GET_CAPABILITIES_V2_OUT_PF_NOT_PRESENT 0xfe */ +/* MC_CMD_GET_CAPABILITIES_V2_OUT_PF_NOT_PRESENT 0xfe */ /* Number of VIs available for each external port */ #define MC_CMD_GET_CAPABILITIES_V2_OUT_NUM_VIS_PER_PORT_OFST 58 #define MC_CMD_GET_CAPABILITIES_V2_OUT_NUM_VIS_PER_PORT_LEN 2 @@ -10851,6 +10377,7 @@ #define MC_CMD_GET_CAPABILITIES_V3_OUT_LEN 76 /* First word of flags. */ #define MC_CMD_GET_CAPABILITIES_V3_OUT_FLAGS1_OFST 0 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_FLAGS1_LEN 4 #define MC_CMD_GET_CAPABILITIES_V3_OUT_VPORT_RECONFIGURE_LBN 3 #define MC_CMD_GET_CAPABILITIES_V3_OUT_VPORT_RECONFIGURE_WIDTH 1 #define MC_CMD_GET_CAPABILITIES_V3_OUT_TX_STRIPING_LBN 4 @@ -10913,48 +10440,58 @@ #define MC_CMD_GET_CAPABILITIES_V3_OUT_RX_DPCPU_FW_ID_OFST 4 #define MC_CMD_GET_CAPABILITIES_V3_OUT_RX_DPCPU_FW_ID_LEN 2 /* enum: Standard RXDP firmware */ -#define MC_CMD_GET_CAPABILITIES_V3_OUT_RXDP 0x0 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_RXDP 0x0 /* enum: Low latency RXDP firmware */ -#define MC_CMD_GET_CAPABILITIES_V3_OUT_RXDP_LOW_LATENCY 0x1 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_RXDP_LOW_LATENCY 0x1 /* enum: Packed stream RXDP firmware */ -#define MC_CMD_GET_CAPABILITIES_V3_OUT_RXDP_PACKED_STREAM 0x2 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_RXDP_PACKED_STREAM 0x2 +/* enum: Rules engine RXDP firmware */ +#define MC_CMD_GET_CAPABILITIES_V3_OUT_RXDP_RULES_ENGINE 0x5 +/* enum: DPDK RXDP firmware */ +#define MC_CMD_GET_CAPABILITIES_V3_OUT_RXDP_DPDK 0x6 /* enum: BIST RXDP firmware */ -#define MC_CMD_GET_CAPABILITIES_V3_OUT_RXDP_BIST 0x10a +#define MC_CMD_GET_CAPABILITIES_V3_OUT_RXDP_BIST 0x10a /* enum: RXDP Test firmware image 1 */ -#define MC_CMD_GET_CAPABILITIES_V3_OUT_RXDP_TEST_FW_TO_MC_CUT_THROUGH 0x101 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_RXDP_TEST_FW_TO_MC_CUT_THROUGH 0x101 /* enum: RXDP Test firmware image 2 */ -#define MC_CMD_GET_CAPABILITIES_V3_OUT_RXDP_TEST_FW_TO_MC_STORE_FORWARD 0x102 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_RXDP_TEST_FW_TO_MC_STORE_FORWARD 0x102 /* enum: RXDP Test firmware image 3 */ -#define MC_CMD_GET_CAPABILITIES_V3_OUT_RXDP_TEST_FW_TO_MC_STORE_FORWARD_FIRST 0x103 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_RXDP_TEST_FW_TO_MC_STORE_FORWARD_FIRST 0x103 /* enum: RXDP Test firmware image 4 */ -#define MC_CMD_GET_CAPABILITIES_V3_OUT_RXDP_TEST_EVERY_EVENT_BATCHABLE 0x104 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_RXDP_TEST_EVERY_EVENT_BATCHABLE 0x104 /* enum: RXDP Test firmware image 5 */ -#define MC_CMD_GET_CAPABILITIES_V3_OUT_RXDP_TEST_BACKPRESSURE 0x105 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_RXDP_TEST_BACKPRESSURE 0x105 /* enum: RXDP Test firmware image 6 */ -#define MC_CMD_GET_CAPABILITIES_V3_OUT_RXDP_TEST_FW_PACKET_EDITS 0x106 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_RXDP_TEST_FW_PACKET_EDITS 0x106 /* enum: RXDP Test firmware image 7 */ -#define MC_CMD_GET_CAPABILITIES_V3_OUT_RXDP_TEST_FW_RX_HDR_SPLIT 0x107 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_RXDP_TEST_FW_RX_HDR_SPLIT 0x107 /* enum: RXDP Test firmware image 8 */ -#define MC_CMD_GET_CAPABILITIES_V3_OUT_RXDP_TEST_FW_DISABLE_DL 0x108 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_RXDP_TEST_FW_DISABLE_DL 0x108 /* enum: RXDP Test firmware image 9 */ -#define MC_CMD_GET_CAPABILITIES_V3_OUT_RXDP_TEST_FW_DOORBELL_DELAY 0x10b +#define MC_CMD_GET_CAPABILITIES_V3_OUT_RXDP_TEST_FW_DOORBELL_DELAY 0x10b +/* enum: RXDP Test firmware image 10 */ +#define MC_CMD_GET_CAPABILITIES_V3_OUT_RXDP_TEST_FW_SLOW 0x10c /* TxDPCPU firmware id. */ #define MC_CMD_GET_CAPABILITIES_V3_OUT_TX_DPCPU_FW_ID_OFST 6 #define MC_CMD_GET_CAPABILITIES_V3_OUT_TX_DPCPU_FW_ID_LEN 2 /* enum: Standard TXDP firmware */ -#define MC_CMD_GET_CAPABILITIES_V3_OUT_TXDP 0x0 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_TXDP 0x0 /* enum: Low latency TXDP firmware */ -#define MC_CMD_GET_CAPABILITIES_V3_OUT_TXDP_LOW_LATENCY 0x1 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_TXDP_LOW_LATENCY 0x1 /* enum: High packet rate TXDP firmware */ -#define MC_CMD_GET_CAPABILITIES_V3_OUT_TXDP_HIGH_PACKET_RATE 0x3 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_TXDP_HIGH_PACKET_RATE 0x3 +/* enum: Rules engine TXDP firmware */ +#define MC_CMD_GET_CAPABILITIES_V3_OUT_TXDP_RULES_ENGINE 0x5 +/* enum: DPDK TXDP firmware */ +#define MC_CMD_GET_CAPABILITIES_V3_OUT_TXDP_DPDK 0x6 /* enum: BIST TXDP firmware */ -#define MC_CMD_GET_CAPABILITIES_V3_OUT_TXDP_BIST 0x12d +#define MC_CMD_GET_CAPABILITIES_V3_OUT_TXDP_BIST 0x12d /* enum: TXDP Test firmware image 1 */ -#define MC_CMD_GET_CAPABILITIES_V3_OUT_TXDP_TEST_FW_TSO_EDIT 0x101 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_TXDP_TEST_FW_TSO_EDIT 0x101 /* enum: TXDP Test firmware image 2 */ -#define MC_CMD_GET_CAPABILITIES_V3_OUT_TXDP_TEST_FW_PACKET_EDITS 0x102 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_TXDP_TEST_FW_PACKET_EDITS 0x102 /* enum: TXDP CSR bus test firmware */ -#define MC_CMD_GET_CAPABILITIES_V3_OUT_TXDP_TEST_FW_CSR 0x103 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_TXDP_TEST_FW_CSR 0x103 #define MC_CMD_GET_CAPABILITIES_V3_OUT_RXPD_FW_VERSION_OFST 8 #define MC_CMD_GET_CAPABILITIES_V3_OUT_RXPD_FW_VERSION_LEN 2 #define MC_CMD_GET_CAPABILITIES_V3_OUT_RXPD_FW_VERSION_REV_LBN 0 @@ -10964,39 +10501,43 @@ /* enum: reserved value - do not use (may indicate alternative interpretation * of REV field in future) */ -#define MC_CMD_GET_CAPABILITIES_V3_OUT_RXPD_FW_TYPE_RESERVED 0x0 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_RXPD_FW_TYPE_RESERVED 0x0 /* enum: Trivial RX PD firmware for early Huntington development (Huntington * development only) */ -#define MC_CMD_GET_CAPABILITIES_V3_OUT_RXPD_FW_TYPE_FIRST_PKT 0x1 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_RXPD_FW_TYPE_FIRST_PKT 0x1 /* enum: RX PD firmware with approximately Siena-compatible behaviour * (Huntington development only) */ -#define MC_CMD_GET_CAPABILITIES_V3_OUT_RXPD_FW_TYPE_SIENA_COMPAT 0x2 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_RXPD_FW_TYPE_SIENA_COMPAT 0x2 /* enum: Full featured RX PD production firmware */ -#define MC_CMD_GET_CAPABILITIES_V3_OUT_RXPD_FW_TYPE_FULL_FEATURED 0x3 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_RXPD_FW_TYPE_FULL_FEATURED 0x3 /* enum: (deprecated original name for the FULL_FEATURED variant) */ -#define MC_CMD_GET_CAPABILITIES_V3_OUT_RXPD_FW_TYPE_VSWITCH 0x3 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_RXPD_FW_TYPE_VSWITCH 0x3 /* enum: siena_compat variant RX PD firmware using PM rather than MAC * (Huntington development only) */ -#define MC_CMD_GET_CAPABILITIES_V3_OUT_RXPD_FW_TYPE_SIENA_COMPAT_PM 0x4 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_RXPD_FW_TYPE_SIENA_COMPAT_PM 0x4 /* enum: Low latency RX PD production firmware */ -#define MC_CMD_GET_CAPABILITIES_V3_OUT_RXPD_FW_TYPE_LOW_LATENCY 0x5 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_RXPD_FW_TYPE_LOW_LATENCY 0x5 /* enum: Packed stream RX PD production firmware */ -#define MC_CMD_GET_CAPABILITIES_V3_OUT_RXPD_FW_TYPE_PACKED_STREAM 0x6 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_RXPD_FW_TYPE_PACKED_STREAM 0x6 /* enum: RX PD firmware handling layer 2 only for high packet rate performance * tests (Medford development only) */ -#define MC_CMD_GET_CAPABILITIES_V3_OUT_RXPD_FW_TYPE_LAYER2_PERF 0x7 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_RXPD_FW_TYPE_LAYER2_PERF 0x7 /* enum: Rules engine RX PD production firmware */ -#define MC_CMD_GET_CAPABILITIES_V3_OUT_RXPD_FW_TYPE_RULES_ENGINE 0x8 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_RXPD_FW_TYPE_RULES_ENGINE 0x8 +/* enum: Custom firmware variant (see SF-119495-PD and bug69716) */ +#define MC_CMD_GET_CAPABILITIES_V3_OUT_RXPD_FW_TYPE_L3XUDP 0x9 +/* enum: DPDK RX PD production firmware */ +#define MC_CMD_GET_CAPABILITIES_V3_OUT_RXPD_FW_TYPE_DPDK 0xa /* enum: RX PD firmware for GUE parsing prototype (Medford development only) */ -#define MC_CMD_GET_CAPABILITIES_V3_OUT_RXPD_FW_TYPE_TESTFW_GUE_PROTOTYPE 0xe +#define MC_CMD_GET_CAPABILITIES_V3_OUT_RXPD_FW_TYPE_TESTFW_GUE_PROTOTYPE 0xe /* enum: RX PD firmware parsing but not filtering network overlay tunnel * encapsulations (Medford development only) */ -#define MC_CMD_GET_CAPABILITIES_V3_OUT_RXPD_FW_TYPE_TESTFW_ENCAP_PARSING_ONLY 0xf +#define MC_CMD_GET_CAPABILITIES_V3_OUT_RXPD_FW_TYPE_TESTFW_ENCAP_PARSING_ONLY 0xf #define MC_CMD_GET_CAPABILITIES_V3_OUT_TXPD_FW_VERSION_OFST 10 #define MC_CMD_GET_CAPABILITIES_V3_OUT_TXPD_FW_VERSION_LEN 2 #define MC_CMD_GET_CAPABILITIES_V3_OUT_TXPD_FW_VERSION_REV_LBN 0 @@ -11006,38 +10547,45 @@ /* enum: reserved value - do not use (may indicate alternative interpretation * of REV field in future) */ -#define MC_CMD_GET_CAPABILITIES_V3_OUT_TXPD_FW_TYPE_RESERVED 0x0 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_TXPD_FW_TYPE_RESERVED 0x0 /* enum: Trivial TX PD firmware for early Huntington development (Huntington * development only) */ -#define MC_CMD_GET_CAPABILITIES_V3_OUT_TXPD_FW_TYPE_FIRST_PKT 0x1 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_TXPD_FW_TYPE_FIRST_PKT 0x1 /* enum: TX PD firmware with approximately Siena-compatible behaviour * (Huntington development only) */ -#define MC_CMD_GET_CAPABILITIES_V3_OUT_TXPD_FW_TYPE_SIENA_COMPAT 0x2 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_TXPD_FW_TYPE_SIENA_COMPAT 0x2 /* enum: Full featured TX PD production firmware */ -#define MC_CMD_GET_CAPABILITIES_V3_OUT_TXPD_FW_TYPE_FULL_FEATURED 0x3 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_TXPD_FW_TYPE_FULL_FEATURED 0x3 /* enum: (deprecated original name for the FULL_FEATURED variant) */ -#define MC_CMD_GET_CAPABILITIES_V3_OUT_TXPD_FW_TYPE_VSWITCH 0x3 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_TXPD_FW_TYPE_VSWITCH 0x3 /* enum: siena_compat variant TX PD firmware using PM rather than MAC * (Huntington development only) */ -#define MC_CMD_GET_CAPABILITIES_V3_OUT_TXPD_FW_TYPE_SIENA_COMPAT_PM 0x4 -#define MC_CMD_GET_CAPABILITIES_V3_OUT_TXPD_FW_TYPE_LOW_LATENCY 0x5 /* enum */ +#define MC_CMD_GET_CAPABILITIES_V3_OUT_TXPD_FW_TYPE_SIENA_COMPAT_PM 0x4 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_TXPD_FW_TYPE_LOW_LATENCY 0x5 /* enum */ /* enum: TX PD firmware handling layer 2 only for high packet rate performance * tests (Medford development only) */ -#define MC_CMD_GET_CAPABILITIES_V3_OUT_TXPD_FW_TYPE_LAYER2_PERF 0x7 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_TXPD_FW_TYPE_LAYER2_PERF 0x7 /* enum: Rules engine TX PD production firmware */ -#define MC_CMD_GET_CAPABILITIES_V3_OUT_TXPD_FW_TYPE_RULES_ENGINE 0x8 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_TXPD_FW_TYPE_RULES_ENGINE 0x8 +/* enum: Custom firmware variant (see SF-119495-PD and bug69716) */ +#define MC_CMD_GET_CAPABILITIES_V3_OUT_TXPD_FW_TYPE_L3XUDP 0x9 +/* enum: DPDK TX PD production firmware */ +#define MC_CMD_GET_CAPABILITIES_V3_OUT_TXPD_FW_TYPE_DPDK 0xa /* enum: RX PD firmware for GUE parsing prototype (Medford development only) */ -#define MC_CMD_GET_CAPABILITIES_V3_OUT_TXPD_FW_TYPE_TESTFW_GUE_PROTOTYPE 0xe +#define MC_CMD_GET_CAPABILITIES_V3_OUT_TXPD_FW_TYPE_TESTFW_GUE_PROTOTYPE 0xe /* Hardware capabilities of NIC */ #define MC_CMD_GET_CAPABILITIES_V3_OUT_HW_CAPABILITIES_OFST 12 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_HW_CAPABILITIES_LEN 4 /* Licensed capabilities */ #define MC_CMD_GET_CAPABILITIES_V3_OUT_LICENSE_CAPABILITIES_OFST 16 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_LICENSE_CAPABILITIES_LEN 4 /* Second word of flags. Not present on older firmware (check the length). */ #define MC_CMD_GET_CAPABILITIES_V3_OUT_FLAGS2_OFST 20 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_FLAGS2_LEN 4 #define MC_CMD_GET_CAPABILITIES_V3_OUT_TX_TSO_V2_LBN 0 #define MC_CMD_GET_CAPABILITIES_V3_OUT_TX_TSO_V2_WIDTH 1 #define MC_CMD_GET_CAPABILITIES_V3_OUT_TX_TSO_V2_ENCAP_LBN 1 @@ -11068,6 +10616,30 @@ #define MC_CMD_GET_CAPABILITIES_V3_OUT_MCDI_BACKGROUND_WIDTH 1 #define MC_CMD_GET_CAPABILITIES_V3_OUT_MCDI_DB_RETURN_LBN 14 #define MC_CMD_GET_CAPABILITIES_V3_OUT_MCDI_DB_RETURN_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_CTPIO_LBN 15 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_CTPIO_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_TSA_SUPPORT_LBN 16 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_TSA_SUPPORT_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_TSA_BOUND_LBN 17 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_TSA_BOUND_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_SF_ADAPTER_AUTHENTICATION_LBN 18 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_SF_ADAPTER_AUTHENTICATION_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_FILTER_ACTION_FLAG_LBN 19 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_FILTER_ACTION_FLAG_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_FILTER_ACTION_MARK_LBN 20 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_FILTER_ACTION_MARK_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_EQUAL_STRIDE_SUPER_BUFFER_LBN 21 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_EQUAL_STRIDE_SUPER_BUFFER_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_EQUAL_STRIDE_PACKED_STREAM_LBN 21 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_EQUAL_STRIDE_PACKED_STREAM_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_L3XUDP_SUPPORT_LBN 22 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_L3XUDP_SUPPORT_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_FW_SUBVARIANT_NO_TX_CSUM_LBN 23 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_FW_SUBVARIANT_NO_TX_CSUM_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_VI_SPREADING_LBN 24 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_VI_SPREADING_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_RXDP_HLB_IDLE_LBN 25 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_RXDP_HLB_IDLE_WIDTH 1 /* Number of FATSOv2 contexts per datapath supported by this NIC. Not present * on older firmware (check the length). */ @@ -11081,18 +10653,18 @@ #define MC_CMD_GET_CAPABILITIES_V3_OUT_PFS_TO_PORTS_ASSIGNMENT_LEN 1 #define MC_CMD_GET_CAPABILITIES_V3_OUT_PFS_TO_PORTS_ASSIGNMENT_NUM 16 /* enum: The caller is not permitted to access information on this PF. */ -#define MC_CMD_GET_CAPABILITIES_V3_OUT_ACCESS_NOT_PERMITTED 0xff +#define MC_CMD_GET_CAPABILITIES_V3_OUT_ACCESS_NOT_PERMITTED 0xff /* enum: PF does not exist. */ -#define MC_CMD_GET_CAPABILITIES_V3_OUT_PF_NOT_PRESENT 0xfe +#define MC_CMD_GET_CAPABILITIES_V3_OUT_PF_NOT_PRESENT 0xfe /* enum: PF does exist but is not assigned to any external port. */ -#define MC_CMD_GET_CAPABILITIES_V3_OUT_PF_NOT_ASSIGNED 0xfd +#define MC_CMD_GET_CAPABILITIES_V3_OUT_PF_NOT_ASSIGNED 0xfd /* enum: This value indicates that PF is assigned, but it cannot be expressed * in this field. It is intended for a possible future situation where a more * complex scheme of PFs to ports mapping is being used. The future driver * should look for a new field supporting the new scheme. The current/old * driver should treat this value as PF_NOT_ASSIGNED. */ -#define MC_CMD_GET_CAPABILITIES_V3_OUT_INCOMPATIBLE_ASSIGNMENT 0xfc +#define MC_CMD_GET_CAPABILITIES_V3_OUT_INCOMPATIBLE_ASSIGNMENT 0xfc /* One byte per PF containing the number of its VFs, indexed by PF number. A * special value indicates that a PF is not present. */ @@ -11100,9 +10672,9 @@ #define MC_CMD_GET_CAPABILITIES_V3_OUT_NUM_VFS_PER_PF_LEN 1 #define MC_CMD_GET_CAPABILITIES_V3_OUT_NUM_VFS_PER_PF_NUM 16 /* enum: The caller is not permitted to access information on this PF. */ -/* MC_CMD_GET_CAPABILITIES_V3_OUT_ACCESS_NOT_PERMITTED 0xff */ +/* MC_CMD_GET_CAPABILITIES_V3_OUT_ACCESS_NOT_PERMITTED 0xff */ /* enum: PF does not exist. */ -/* MC_CMD_GET_CAPABILITIES_V3_OUT_PF_NOT_PRESENT 0xfe */ +/* MC_CMD_GET_CAPABILITIES_V3_OUT_PF_NOT_PRESENT 0xfe */ /* Number of VIs available for each external port */ #define MC_CMD_GET_CAPABILITIES_V3_OUT_NUM_VIS_PER_PORT_OFST 58 #define MC_CMD_GET_CAPABILITIES_V3_OUT_NUM_VIS_PER_PORT_LEN 2 @@ -11133,11 +10705,11 @@ /* enum: Each VI occupies 8k as on Huntington and Medford. PIO is at offset 4k. * CTPIO is not mapped. */ -#define MC_CMD_GET_CAPABILITIES_V3_OUT_VI_WINDOW_MODE_8K 0x0 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_VI_WINDOW_MODE_8K 0x0 /* enum: Each VI occupies 16k. PIO is at offset 4k. CTPIO is at offset 12k. */ -#define MC_CMD_GET_CAPABILITIES_V3_OUT_VI_WINDOW_MODE_16K 0x1 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_VI_WINDOW_MODE_16K 0x1 /* enum: Each VI occupies 64k. PIO is at offset 4k. CTPIO is at offset 12k. */ -#define MC_CMD_GET_CAPABILITIES_V3_OUT_VI_WINDOW_MODE_64K 0x2 +#define MC_CMD_GET_CAPABILITIES_V3_OUT_VI_WINDOW_MODE_64K 0x2 /* Number of vFIFOs per adapter that can be used for VFIFO Stuffing * (SF-115995-SW) in the present configuration of firmware and port mode. */ @@ -11149,6 +10721,723 @@ #define MC_CMD_GET_CAPABILITIES_V3_OUT_VFIFO_STUFFING_NUM_CP_BUFFERS_OFST 74 #define MC_CMD_GET_CAPABILITIES_V3_OUT_VFIFO_STUFFING_NUM_CP_BUFFERS_LEN 2 +/* MC_CMD_GET_CAPABILITIES_V4_OUT msgresponse */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_LEN 78 +/* First word of flags. */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_FLAGS1_OFST 0 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_FLAGS1_LEN 4 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_VPORT_RECONFIGURE_LBN 3 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_VPORT_RECONFIGURE_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TX_STRIPING_LBN 4 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TX_STRIPING_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_VADAPTOR_QUERY_LBN 5 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_VADAPTOR_QUERY_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_EVB_PORT_VLAN_RESTRICT_LBN 6 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_EVB_PORT_VLAN_RESTRICT_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_DRV_ATTACH_PREBOOT_LBN 7 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_DRV_ATTACH_PREBOOT_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RX_FORCE_EVENT_MERGING_LBN 8 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RX_FORCE_EVENT_MERGING_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_SET_MAC_ENHANCED_LBN 9 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_SET_MAC_ENHANCED_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_UNKNOWN_UCAST_DST_FILTER_ALWAYS_MULTI_RECIPIENT_LBN 10 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_UNKNOWN_UCAST_DST_FILTER_ALWAYS_MULTI_RECIPIENT_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_VADAPTOR_PERMIT_SET_MAC_WHEN_FILTERS_INSTALLED_LBN 11 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_VADAPTOR_PERMIT_SET_MAC_WHEN_FILTERS_INSTALLED_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TX_MAC_SECURITY_FILTERING_LBN 12 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TX_MAC_SECURITY_FILTERING_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_ADDITIONAL_RSS_MODES_LBN 13 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_ADDITIONAL_RSS_MODES_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_QBB_LBN 14 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_QBB_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RX_PACKED_STREAM_VAR_BUFFERS_LBN 15 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RX_PACKED_STREAM_VAR_BUFFERS_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RX_RSS_LIMITED_LBN 16 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RX_RSS_LIMITED_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RX_PACKED_STREAM_LBN 17 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RX_PACKED_STREAM_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RX_INCLUDE_FCS_LBN 18 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RX_INCLUDE_FCS_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TX_VLAN_INSERTION_LBN 19 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TX_VLAN_INSERTION_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RX_VLAN_STRIPPING_LBN 20 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RX_VLAN_STRIPPING_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TX_TSO_LBN 21 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TX_TSO_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RX_PREFIX_LEN_0_LBN 22 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RX_PREFIX_LEN_0_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RX_PREFIX_LEN_14_LBN 23 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RX_PREFIX_LEN_14_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RX_TIMESTAMP_LBN 24 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RX_TIMESTAMP_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RX_BATCHING_LBN 25 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RX_BATCHING_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_MCAST_FILTER_CHAINING_LBN 26 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_MCAST_FILTER_CHAINING_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_PM_AND_RXDP_COUNTERS_LBN 27 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_PM_AND_RXDP_COUNTERS_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RX_DISABLE_SCATTER_LBN 28 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RX_DISABLE_SCATTER_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TX_MCAST_UDP_LOOPBACK_LBN 29 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TX_MCAST_UDP_LOOPBACK_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_EVB_LBN 30 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_EVB_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_VXLAN_NVGRE_LBN 31 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_VXLAN_NVGRE_WIDTH 1 +/* RxDPCPU firmware id. */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RX_DPCPU_FW_ID_OFST 4 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RX_DPCPU_FW_ID_LEN 2 +/* enum: Standard RXDP firmware */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RXDP 0x0 +/* enum: Low latency RXDP firmware */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RXDP_LOW_LATENCY 0x1 +/* enum: Packed stream RXDP firmware */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RXDP_PACKED_STREAM 0x2 +/* enum: Rules engine RXDP firmware */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RXDP_RULES_ENGINE 0x5 +/* enum: DPDK RXDP firmware */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RXDP_DPDK 0x6 +/* enum: BIST RXDP firmware */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RXDP_BIST 0x10a +/* enum: RXDP Test firmware image 1 */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RXDP_TEST_FW_TO_MC_CUT_THROUGH 0x101 +/* enum: RXDP Test firmware image 2 */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RXDP_TEST_FW_TO_MC_STORE_FORWARD 0x102 +/* enum: RXDP Test firmware image 3 */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RXDP_TEST_FW_TO_MC_STORE_FORWARD_FIRST 0x103 +/* enum: RXDP Test firmware image 4 */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RXDP_TEST_EVERY_EVENT_BATCHABLE 0x104 +/* enum: RXDP Test firmware image 5 */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RXDP_TEST_BACKPRESSURE 0x105 +/* enum: RXDP Test firmware image 6 */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RXDP_TEST_FW_PACKET_EDITS 0x106 +/* enum: RXDP Test firmware image 7 */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RXDP_TEST_FW_RX_HDR_SPLIT 0x107 +/* enum: RXDP Test firmware image 8 */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RXDP_TEST_FW_DISABLE_DL 0x108 +/* enum: RXDP Test firmware image 9 */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RXDP_TEST_FW_DOORBELL_DELAY 0x10b +/* enum: RXDP Test firmware image 10 */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RXDP_TEST_FW_SLOW 0x10c +/* TxDPCPU firmware id. */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TX_DPCPU_FW_ID_OFST 6 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TX_DPCPU_FW_ID_LEN 2 +/* enum: Standard TXDP firmware */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TXDP 0x0 +/* enum: Low latency TXDP firmware */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TXDP_LOW_LATENCY 0x1 +/* enum: High packet rate TXDP firmware */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TXDP_HIGH_PACKET_RATE 0x3 +/* enum: Rules engine TXDP firmware */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TXDP_RULES_ENGINE 0x5 +/* enum: DPDK TXDP firmware */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TXDP_DPDK 0x6 +/* enum: BIST TXDP firmware */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TXDP_BIST 0x12d +/* enum: TXDP Test firmware image 1 */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TXDP_TEST_FW_TSO_EDIT 0x101 +/* enum: TXDP Test firmware image 2 */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TXDP_TEST_FW_PACKET_EDITS 0x102 +/* enum: TXDP CSR bus test firmware */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TXDP_TEST_FW_CSR 0x103 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RXPD_FW_VERSION_OFST 8 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RXPD_FW_VERSION_LEN 2 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RXPD_FW_VERSION_REV_LBN 0 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RXPD_FW_VERSION_REV_WIDTH 12 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RXPD_FW_VERSION_TYPE_LBN 12 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RXPD_FW_VERSION_TYPE_WIDTH 4 +/* enum: reserved value - do not use (may indicate alternative interpretation + * of REV field in future) + */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RXPD_FW_TYPE_RESERVED 0x0 +/* enum: Trivial RX PD firmware for early Huntington development (Huntington + * development only) + */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RXPD_FW_TYPE_FIRST_PKT 0x1 +/* enum: RX PD firmware with approximately Siena-compatible behaviour + * (Huntington development only) + */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RXPD_FW_TYPE_SIENA_COMPAT 0x2 +/* enum: Full featured RX PD production firmware */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RXPD_FW_TYPE_FULL_FEATURED 0x3 +/* enum: (deprecated original name for the FULL_FEATURED variant) */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RXPD_FW_TYPE_VSWITCH 0x3 +/* enum: siena_compat variant RX PD firmware using PM rather than MAC + * (Huntington development only) + */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RXPD_FW_TYPE_SIENA_COMPAT_PM 0x4 +/* enum: Low latency RX PD production firmware */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RXPD_FW_TYPE_LOW_LATENCY 0x5 +/* enum: Packed stream RX PD production firmware */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RXPD_FW_TYPE_PACKED_STREAM 0x6 +/* enum: RX PD firmware handling layer 2 only for high packet rate performance + * tests (Medford development only) + */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RXPD_FW_TYPE_LAYER2_PERF 0x7 +/* enum: Rules engine RX PD production firmware */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RXPD_FW_TYPE_RULES_ENGINE 0x8 +/* enum: Custom firmware variant (see SF-119495-PD and bug69716) */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RXPD_FW_TYPE_L3XUDP 0x9 +/* enum: DPDK RX PD production firmware */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RXPD_FW_TYPE_DPDK 0xa +/* enum: RX PD firmware for GUE parsing prototype (Medford development only) */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RXPD_FW_TYPE_TESTFW_GUE_PROTOTYPE 0xe +/* enum: RX PD firmware parsing but not filtering network overlay tunnel + * encapsulations (Medford development only) + */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RXPD_FW_TYPE_TESTFW_ENCAP_PARSING_ONLY 0xf +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TXPD_FW_VERSION_OFST 10 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TXPD_FW_VERSION_LEN 2 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TXPD_FW_VERSION_REV_LBN 0 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TXPD_FW_VERSION_REV_WIDTH 12 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TXPD_FW_VERSION_TYPE_LBN 12 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TXPD_FW_VERSION_TYPE_WIDTH 4 +/* enum: reserved value - do not use (may indicate alternative interpretation + * of REV field in future) + */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TXPD_FW_TYPE_RESERVED 0x0 +/* enum: Trivial TX PD firmware for early Huntington development (Huntington + * development only) + */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TXPD_FW_TYPE_FIRST_PKT 0x1 +/* enum: TX PD firmware with approximately Siena-compatible behaviour + * (Huntington development only) + */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TXPD_FW_TYPE_SIENA_COMPAT 0x2 +/* enum: Full featured TX PD production firmware */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TXPD_FW_TYPE_FULL_FEATURED 0x3 +/* enum: (deprecated original name for the FULL_FEATURED variant) */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TXPD_FW_TYPE_VSWITCH 0x3 +/* enum: siena_compat variant TX PD firmware using PM rather than MAC + * (Huntington development only) + */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TXPD_FW_TYPE_SIENA_COMPAT_PM 0x4 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TXPD_FW_TYPE_LOW_LATENCY 0x5 /* enum */ +/* enum: TX PD firmware handling layer 2 only for high packet rate performance + * tests (Medford development only) + */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TXPD_FW_TYPE_LAYER2_PERF 0x7 +/* enum: Rules engine TX PD production firmware */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TXPD_FW_TYPE_RULES_ENGINE 0x8 +/* enum: Custom firmware variant (see SF-119495-PD and bug69716) */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TXPD_FW_TYPE_L3XUDP 0x9 +/* enum: DPDK TX PD production firmware */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TXPD_FW_TYPE_DPDK 0xa +/* enum: RX PD firmware for GUE parsing prototype (Medford development only) */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TXPD_FW_TYPE_TESTFW_GUE_PROTOTYPE 0xe +/* Hardware capabilities of NIC */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_HW_CAPABILITIES_OFST 12 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_HW_CAPABILITIES_LEN 4 +/* Licensed capabilities */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_LICENSE_CAPABILITIES_OFST 16 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_LICENSE_CAPABILITIES_LEN 4 +/* Second word of flags. Not present on older firmware (check the length). */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_FLAGS2_OFST 20 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_FLAGS2_LEN 4 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TX_TSO_V2_LBN 0 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TX_TSO_V2_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TX_TSO_V2_ENCAP_LBN 1 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TX_TSO_V2_ENCAP_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_EVQ_TIMER_CTRL_LBN 2 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_EVQ_TIMER_CTRL_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_EVENT_CUT_THROUGH_LBN 3 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_EVENT_CUT_THROUGH_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RX_CUT_THROUGH_LBN 4 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RX_CUT_THROUGH_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TX_VFIFO_ULL_MODE_LBN 5 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TX_VFIFO_ULL_MODE_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_MAC_STATS_40G_TX_SIZE_BINS_LBN 6 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_MAC_STATS_40G_TX_SIZE_BINS_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_INIT_EVQ_V2_LBN 7 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_INIT_EVQ_V2_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TX_MAC_TIMESTAMPING_LBN 8 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TX_MAC_TIMESTAMPING_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TX_TIMESTAMP_LBN 9 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TX_TIMESTAMP_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RX_SNIFF_LBN 10 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RX_SNIFF_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TX_SNIFF_LBN 11 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TX_SNIFF_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_NVRAM_UPDATE_REPORT_VERIFY_RESULT_LBN 12 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_NVRAM_UPDATE_REPORT_VERIFY_RESULT_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_MCDI_BACKGROUND_LBN 13 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_MCDI_BACKGROUND_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_MCDI_DB_RETURN_LBN 14 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_MCDI_DB_RETURN_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_CTPIO_LBN 15 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_CTPIO_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TSA_SUPPORT_LBN 16 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TSA_SUPPORT_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TSA_BOUND_LBN 17 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TSA_BOUND_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_SF_ADAPTER_AUTHENTICATION_LBN 18 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_SF_ADAPTER_AUTHENTICATION_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_FILTER_ACTION_FLAG_LBN 19 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_FILTER_ACTION_FLAG_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_FILTER_ACTION_MARK_LBN 20 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_FILTER_ACTION_MARK_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_EQUAL_STRIDE_SUPER_BUFFER_LBN 21 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_EQUAL_STRIDE_SUPER_BUFFER_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_EQUAL_STRIDE_PACKED_STREAM_LBN 21 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_EQUAL_STRIDE_PACKED_STREAM_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_L3XUDP_SUPPORT_LBN 22 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_L3XUDP_SUPPORT_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_FW_SUBVARIANT_NO_TX_CSUM_LBN 23 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_FW_SUBVARIANT_NO_TX_CSUM_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_VI_SPREADING_LBN 24 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_VI_SPREADING_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RXDP_HLB_IDLE_LBN 25 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RXDP_HLB_IDLE_WIDTH 1 +/* Number of FATSOv2 contexts per datapath supported by this NIC. Not present + * on older firmware (check the length). + */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TX_TSO_V2_N_CONTEXTS_OFST 24 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TX_TSO_V2_N_CONTEXTS_LEN 2 +/* One byte per PF containing the number of the external port assigned to this + * PF, indexed by PF number. Special values indicate that a PF is either not + * present or not assigned. + */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_PFS_TO_PORTS_ASSIGNMENT_OFST 26 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_PFS_TO_PORTS_ASSIGNMENT_LEN 1 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_PFS_TO_PORTS_ASSIGNMENT_NUM 16 +/* enum: The caller is not permitted to access information on this PF. */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_ACCESS_NOT_PERMITTED 0xff +/* enum: PF does not exist. */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_PF_NOT_PRESENT 0xfe +/* enum: PF does exist but is not assigned to any external port. */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_PF_NOT_ASSIGNED 0xfd +/* enum: This value indicates that PF is assigned, but it cannot be expressed + * in this field. It is intended for a possible future situation where a more + * complex scheme of PFs to ports mapping is being used. The future driver + * should look for a new field supporting the new scheme. The current/old + * driver should treat this value as PF_NOT_ASSIGNED. + */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_INCOMPATIBLE_ASSIGNMENT 0xfc +/* One byte per PF containing the number of its VFs, indexed by PF number. A + * special value indicates that a PF is not present. + */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_NUM_VFS_PER_PF_OFST 42 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_NUM_VFS_PER_PF_LEN 1 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_NUM_VFS_PER_PF_NUM 16 +/* enum: The caller is not permitted to access information on this PF. */ +/* MC_CMD_GET_CAPABILITIES_V4_OUT_ACCESS_NOT_PERMITTED 0xff */ +/* enum: PF does not exist. */ +/* MC_CMD_GET_CAPABILITIES_V4_OUT_PF_NOT_PRESENT 0xfe */ +/* Number of VIs available for each external port */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_NUM_VIS_PER_PORT_OFST 58 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_NUM_VIS_PER_PORT_LEN 2 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_NUM_VIS_PER_PORT_NUM 4 +/* Size of RX descriptor cache expressed as binary logarithm The actual size + * equals (2 ^ RX_DESC_CACHE_SIZE) + */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RX_DESC_CACHE_SIZE_OFST 66 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_RX_DESC_CACHE_SIZE_LEN 1 +/* Size of TX descriptor cache expressed as binary logarithm The actual size + * equals (2 ^ TX_DESC_CACHE_SIZE) + */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TX_DESC_CACHE_SIZE_OFST 67 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_TX_DESC_CACHE_SIZE_LEN 1 +/* Total number of available PIO buffers */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_NUM_PIO_BUFFS_OFST 68 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_NUM_PIO_BUFFS_LEN 2 +/* Size of a single PIO buffer */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_SIZE_PIO_BUFF_OFST 70 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_SIZE_PIO_BUFF_LEN 2 +/* On chips later than Medford the amount of address space assigned to each VI + * is configurable. This is a global setting that the driver must query to + * discover the VI to address mapping. Cut-through PIO (CTPIO) is not available + * with 8k VI windows. + */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_VI_WINDOW_MODE_OFST 72 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_VI_WINDOW_MODE_LEN 1 +/* enum: Each VI occupies 8k as on Huntington and Medford. PIO is at offset 4k. + * CTPIO is not mapped. + */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_VI_WINDOW_MODE_8K 0x0 +/* enum: Each VI occupies 16k. PIO is at offset 4k. CTPIO is at offset 12k. */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_VI_WINDOW_MODE_16K 0x1 +/* enum: Each VI occupies 64k. PIO is at offset 4k. CTPIO is at offset 12k. */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_VI_WINDOW_MODE_64K 0x2 +/* Number of vFIFOs per adapter that can be used for VFIFO Stuffing + * (SF-115995-SW) in the present configuration of firmware and port mode. + */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_VFIFO_STUFFING_NUM_VFIFOS_OFST 73 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_VFIFO_STUFFING_NUM_VFIFOS_LEN 1 +/* Number of buffers per adapter that can be used for VFIFO Stuffing + * (SF-115995-SW) in the present configuration of firmware and port mode. + */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_VFIFO_STUFFING_NUM_CP_BUFFERS_OFST 74 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_VFIFO_STUFFING_NUM_CP_BUFFERS_LEN 2 +/* Entry count in the MAC stats array, including the final GENERATION_END + * entry. For MAC stats DMA, drivers should allocate a buffer large enough to + * hold at least this many 64-bit stats values, if they wish to receive all + * available stats. If the buffer is shorter than MAC_STATS_NUM_STATS * 8, the + * stats array returned will be truncated. + */ +#define MC_CMD_GET_CAPABILITIES_V4_OUT_MAC_STATS_NUM_STATS_OFST 76 +#define MC_CMD_GET_CAPABILITIES_V4_OUT_MAC_STATS_NUM_STATS_LEN 2 + +/* MC_CMD_GET_CAPABILITIES_V5_OUT msgresponse */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_LEN 84 +/* First word of flags. */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_FLAGS1_OFST 0 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_FLAGS1_LEN 4 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_VPORT_RECONFIGURE_LBN 3 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_VPORT_RECONFIGURE_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TX_STRIPING_LBN 4 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TX_STRIPING_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_VADAPTOR_QUERY_LBN 5 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_VADAPTOR_QUERY_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_EVB_PORT_VLAN_RESTRICT_LBN 6 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_EVB_PORT_VLAN_RESTRICT_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_DRV_ATTACH_PREBOOT_LBN 7 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_DRV_ATTACH_PREBOOT_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RX_FORCE_EVENT_MERGING_LBN 8 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RX_FORCE_EVENT_MERGING_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_SET_MAC_ENHANCED_LBN 9 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_SET_MAC_ENHANCED_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_UNKNOWN_UCAST_DST_FILTER_ALWAYS_MULTI_RECIPIENT_LBN 10 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_UNKNOWN_UCAST_DST_FILTER_ALWAYS_MULTI_RECIPIENT_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_VADAPTOR_PERMIT_SET_MAC_WHEN_FILTERS_INSTALLED_LBN 11 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_VADAPTOR_PERMIT_SET_MAC_WHEN_FILTERS_INSTALLED_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TX_MAC_SECURITY_FILTERING_LBN 12 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TX_MAC_SECURITY_FILTERING_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_ADDITIONAL_RSS_MODES_LBN 13 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_ADDITIONAL_RSS_MODES_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_QBB_LBN 14 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_QBB_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RX_PACKED_STREAM_VAR_BUFFERS_LBN 15 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RX_PACKED_STREAM_VAR_BUFFERS_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RX_RSS_LIMITED_LBN 16 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RX_RSS_LIMITED_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RX_PACKED_STREAM_LBN 17 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RX_PACKED_STREAM_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RX_INCLUDE_FCS_LBN 18 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RX_INCLUDE_FCS_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TX_VLAN_INSERTION_LBN 19 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TX_VLAN_INSERTION_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RX_VLAN_STRIPPING_LBN 20 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RX_VLAN_STRIPPING_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TX_TSO_LBN 21 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TX_TSO_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RX_PREFIX_LEN_0_LBN 22 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RX_PREFIX_LEN_0_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RX_PREFIX_LEN_14_LBN 23 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RX_PREFIX_LEN_14_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RX_TIMESTAMP_LBN 24 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RX_TIMESTAMP_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RX_BATCHING_LBN 25 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RX_BATCHING_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_MCAST_FILTER_CHAINING_LBN 26 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_MCAST_FILTER_CHAINING_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_PM_AND_RXDP_COUNTERS_LBN 27 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_PM_AND_RXDP_COUNTERS_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RX_DISABLE_SCATTER_LBN 28 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RX_DISABLE_SCATTER_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TX_MCAST_UDP_LOOPBACK_LBN 29 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TX_MCAST_UDP_LOOPBACK_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_EVB_LBN 30 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_EVB_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_VXLAN_NVGRE_LBN 31 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_VXLAN_NVGRE_WIDTH 1 +/* RxDPCPU firmware id. */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RX_DPCPU_FW_ID_OFST 4 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RX_DPCPU_FW_ID_LEN 2 +/* enum: Standard RXDP firmware */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RXDP 0x0 +/* enum: Low latency RXDP firmware */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RXDP_LOW_LATENCY 0x1 +/* enum: Packed stream RXDP firmware */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RXDP_PACKED_STREAM 0x2 +/* enum: Rules engine RXDP firmware */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RXDP_RULES_ENGINE 0x5 +/* enum: DPDK RXDP firmware */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RXDP_DPDK 0x6 +/* enum: BIST RXDP firmware */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RXDP_BIST 0x10a +/* enum: RXDP Test firmware image 1 */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RXDP_TEST_FW_TO_MC_CUT_THROUGH 0x101 +/* enum: RXDP Test firmware image 2 */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RXDP_TEST_FW_TO_MC_STORE_FORWARD 0x102 +/* enum: RXDP Test firmware image 3 */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RXDP_TEST_FW_TO_MC_STORE_FORWARD_FIRST 0x103 +/* enum: RXDP Test firmware image 4 */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RXDP_TEST_EVERY_EVENT_BATCHABLE 0x104 +/* enum: RXDP Test firmware image 5 */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RXDP_TEST_BACKPRESSURE 0x105 +/* enum: RXDP Test firmware image 6 */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RXDP_TEST_FW_PACKET_EDITS 0x106 +/* enum: RXDP Test firmware image 7 */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RXDP_TEST_FW_RX_HDR_SPLIT 0x107 +/* enum: RXDP Test firmware image 8 */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RXDP_TEST_FW_DISABLE_DL 0x108 +/* enum: RXDP Test firmware image 9 */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RXDP_TEST_FW_DOORBELL_DELAY 0x10b +/* enum: RXDP Test firmware image 10 */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RXDP_TEST_FW_SLOW 0x10c +/* TxDPCPU firmware id. */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TX_DPCPU_FW_ID_OFST 6 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TX_DPCPU_FW_ID_LEN 2 +/* enum: Standard TXDP firmware */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TXDP 0x0 +/* enum: Low latency TXDP firmware */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TXDP_LOW_LATENCY 0x1 +/* enum: High packet rate TXDP firmware */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TXDP_HIGH_PACKET_RATE 0x3 +/* enum: Rules engine TXDP firmware */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TXDP_RULES_ENGINE 0x5 +/* enum: DPDK TXDP firmware */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TXDP_DPDK 0x6 +/* enum: BIST TXDP firmware */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TXDP_BIST 0x12d +/* enum: TXDP Test firmware image 1 */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TXDP_TEST_FW_TSO_EDIT 0x101 +/* enum: TXDP Test firmware image 2 */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TXDP_TEST_FW_PACKET_EDITS 0x102 +/* enum: TXDP CSR bus test firmware */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TXDP_TEST_FW_CSR 0x103 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RXPD_FW_VERSION_OFST 8 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RXPD_FW_VERSION_LEN 2 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RXPD_FW_VERSION_REV_LBN 0 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RXPD_FW_VERSION_REV_WIDTH 12 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RXPD_FW_VERSION_TYPE_LBN 12 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RXPD_FW_VERSION_TYPE_WIDTH 4 +/* enum: reserved value - do not use (may indicate alternative interpretation + * of REV field in future) + */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RXPD_FW_TYPE_RESERVED 0x0 +/* enum: Trivial RX PD firmware for early Huntington development (Huntington + * development only) + */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RXPD_FW_TYPE_FIRST_PKT 0x1 +/* enum: RX PD firmware with approximately Siena-compatible behaviour + * (Huntington development only) + */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RXPD_FW_TYPE_SIENA_COMPAT 0x2 +/* enum: Full featured RX PD production firmware */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RXPD_FW_TYPE_FULL_FEATURED 0x3 +/* enum: (deprecated original name for the FULL_FEATURED variant) */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RXPD_FW_TYPE_VSWITCH 0x3 +/* enum: siena_compat variant RX PD firmware using PM rather than MAC + * (Huntington development only) + */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RXPD_FW_TYPE_SIENA_COMPAT_PM 0x4 +/* enum: Low latency RX PD production firmware */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RXPD_FW_TYPE_LOW_LATENCY 0x5 +/* enum: Packed stream RX PD production firmware */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RXPD_FW_TYPE_PACKED_STREAM 0x6 +/* enum: RX PD firmware handling layer 2 only for high packet rate performance + * tests (Medford development only) + */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RXPD_FW_TYPE_LAYER2_PERF 0x7 +/* enum: Rules engine RX PD production firmware */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RXPD_FW_TYPE_RULES_ENGINE 0x8 +/* enum: Custom firmware variant (see SF-119495-PD and bug69716) */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RXPD_FW_TYPE_L3XUDP 0x9 +/* enum: DPDK RX PD production firmware */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RXPD_FW_TYPE_DPDK 0xa +/* enum: RX PD firmware for GUE parsing prototype (Medford development only) */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RXPD_FW_TYPE_TESTFW_GUE_PROTOTYPE 0xe +/* enum: RX PD firmware parsing but not filtering network overlay tunnel + * encapsulations (Medford development only) + */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RXPD_FW_TYPE_TESTFW_ENCAP_PARSING_ONLY 0xf +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TXPD_FW_VERSION_OFST 10 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TXPD_FW_VERSION_LEN 2 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TXPD_FW_VERSION_REV_LBN 0 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TXPD_FW_VERSION_REV_WIDTH 12 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TXPD_FW_VERSION_TYPE_LBN 12 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TXPD_FW_VERSION_TYPE_WIDTH 4 +/* enum: reserved value - do not use (may indicate alternative interpretation + * of REV field in future) + */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TXPD_FW_TYPE_RESERVED 0x0 +/* enum: Trivial TX PD firmware for early Huntington development (Huntington + * development only) + */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TXPD_FW_TYPE_FIRST_PKT 0x1 +/* enum: TX PD firmware with approximately Siena-compatible behaviour + * (Huntington development only) + */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TXPD_FW_TYPE_SIENA_COMPAT 0x2 +/* enum: Full featured TX PD production firmware */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TXPD_FW_TYPE_FULL_FEATURED 0x3 +/* enum: (deprecated original name for the FULL_FEATURED variant) */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TXPD_FW_TYPE_VSWITCH 0x3 +/* enum: siena_compat variant TX PD firmware using PM rather than MAC + * (Huntington development only) + */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TXPD_FW_TYPE_SIENA_COMPAT_PM 0x4 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TXPD_FW_TYPE_LOW_LATENCY 0x5 /* enum */ +/* enum: TX PD firmware handling layer 2 only for high packet rate performance + * tests (Medford development only) + */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TXPD_FW_TYPE_LAYER2_PERF 0x7 +/* enum: Rules engine TX PD production firmware */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TXPD_FW_TYPE_RULES_ENGINE 0x8 +/* enum: Custom firmware variant (see SF-119495-PD and bug69716) */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TXPD_FW_TYPE_L3XUDP 0x9 +/* enum: DPDK TX PD production firmware */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TXPD_FW_TYPE_DPDK 0xa +/* enum: RX PD firmware for GUE parsing prototype (Medford development only) */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TXPD_FW_TYPE_TESTFW_GUE_PROTOTYPE 0xe +/* Hardware capabilities of NIC */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_HW_CAPABILITIES_OFST 12 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_HW_CAPABILITIES_LEN 4 +/* Licensed capabilities */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_LICENSE_CAPABILITIES_OFST 16 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_LICENSE_CAPABILITIES_LEN 4 +/* Second word of flags. Not present on older firmware (check the length). */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_FLAGS2_OFST 20 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_FLAGS2_LEN 4 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TX_TSO_V2_LBN 0 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TX_TSO_V2_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TX_TSO_V2_ENCAP_LBN 1 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TX_TSO_V2_ENCAP_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_EVQ_TIMER_CTRL_LBN 2 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_EVQ_TIMER_CTRL_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_EVENT_CUT_THROUGH_LBN 3 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_EVENT_CUT_THROUGH_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RX_CUT_THROUGH_LBN 4 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RX_CUT_THROUGH_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TX_VFIFO_ULL_MODE_LBN 5 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TX_VFIFO_ULL_MODE_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_MAC_STATS_40G_TX_SIZE_BINS_LBN 6 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_MAC_STATS_40G_TX_SIZE_BINS_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_INIT_EVQ_V2_LBN 7 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_INIT_EVQ_V2_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TX_MAC_TIMESTAMPING_LBN 8 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TX_MAC_TIMESTAMPING_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TX_TIMESTAMP_LBN 9 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TX_TIMESTAMP_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RX_SNIFF_LBN 10 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RX_SNIFF_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TX_SNIFF_LBN 11 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TX_SNIFF_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_NVRAM_UPDATE_REPORT_VERIFY_RESULT_LBN 12 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_NVRAM_UPDATE_REPORT_VERIFY_RESULT_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_MCDI_BACKGROUND_LBN 13 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_MCDI_BACKGROUND_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_MCDI_DB_RETURN_LBN 14 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_MCDI_DB_RETURN_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_CTPIO_LBN 15 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_CTPIO_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TSA_SUPPORT_LBN 16 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TSA_SUPPORT_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TSA_BOUND_LBN 17 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TSA_BOUND_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_SF_ADAPTER_AUTHENTICATION_LBN 18 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_SF_ADAPTER_AUTHENTICATION_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_FILTER_ACTION_FLAG_LBN 19 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_FILTER_ACTION_FLAG_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_FILTER_ACTION_MARK_LBN 20 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_FILTER_ACTION_MARK_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_EQUAL_STRIDE_SUPER_BUFFER_LBN 21 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_EQUAL_STRIDE_SUPER_BUFFER_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_EQUAL_STRIDE_PACKED_STREAM_LBN 21 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_EQUAL_STRIDE_PACKED_STREAM_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_L3XUDP_SUPPORT_LBN 22 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_L3XUDP_SUPPORT_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_FW_SUBVARIANT_NO_TX_CSUM_LBN 23 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_FW_SUBVARIANT_NO_TX_CSUM_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_VI_SPREADING_LBN 24 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_VI_SPREADING_WIDTH 1 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RXDP_HLB_IDLE_LBN 25 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RXDP_HLB_IDLE_WIDTH 1 +/* Number of FATSOv2 contexts per datapath supported by this NIC. Not present + * on older firmware (check the length). + */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TX_TSO_V2_N_CONTEXTS_OFST 24 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TX_TSO_V2_N_CONTEXTS_LEN 2 +/* One byte per PF containing the number of the external port assigned to this + * PF, indexed by PF number. Special values indicate that a PF is either not + * present or not assigned. + */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_PFS_TO_PORTS_ASSIGNMENT_OFST 26 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_PFS_TO_PORTS_ASSIGNMENT_LEN 1 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_PFS_TO_PORTS_ASSIGNMENT_NUM 16 +/* enum: The caller is not permitted to access information on this PF. */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_ACCESS_NOT_PERMITTED 0xff +/* enum: PF does not exist. */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_PF_NOT_PRESENT 0xfe +/* enum: PF does exist but is not assigned to any external port. */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_PF_NOT_ASSIGNED 0xfd +/* enum: This value indicates that PF is assigned, but it cannot be expressed + * in this field. It is intended for a possible future situation where a more + * complex scheme of PFs to ports mapping is being used. The future driver + * should look for a new field supporting the new scheme. The current/old + * driver should treat this value as PF_NOT_ASSIGNED. + */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_INCOMPATIBLE_ASSIGNMENT 0xfc +/* One byte per PF containing the number of its VFs, indexed by PF number. A + * special value indicates that a PF is not present. + */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_NUM_VFS_PER_PF_OFST 42 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_NUM_VFS_PER_PF_LEN 1 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_NUM_VFS_PER_PF_NUM 16 +/* enum: The caller is not permitted to access information on this PF. */ +/* MC_CMD_GET_CAPABILITIES_V5_OUT_ACCESS_NOT_PERMITTED 0xff */ +/* enum: PF does not exist. */ +/* MC_CMD_GET_CAPABILITIES_V5_OUT_PF_NOT_PRESENT 0xfe */ +/* Number of VIs available for each external port */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_NUM_VIS_PER_PORT_OFST 58 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_NUM_VIS_PER_PORT_LEN 2 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_NUM_VIS_PER_PORT_NUM 4 +/* Size of RX descriptor cache expressed as binary logarithm The actual size + * equals (2 ^ RX_DESC_CACHE_SIZE) + */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RX_DESC_CACHE_SIZE_OFST 66 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_RX_DESC_CACHE_SIZE_LEN 1 +/* Size of TX descriptor cache expressed as binary logarithm The actual size + * equals (2 ^ TX_DESC_CACHE_SIZE) + */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TX_DESC_CACHE_SIZE_OFST 67 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_TX_DESC_CACHE_SIZE_LEN 1 +/* Total number of available PIO buffers */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_NUM_PIO_BUFFS_OFST 68 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_NUM_PIO_BUFFS_LEN 2 +/* Size of a single PIO buffer */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_SIZE_PIO_BUFF_OFST 70 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_SIZE_PIO_BUFF_LEN 2 +/* On chips later than Medford the amount of address space assigned to each VI + * is configurable. This is a global setting that the driver must query to + * discover the VI to address mapping. Cut-through PIO (CTPIO) is not available + * with 8k VI windows. + */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_VI_WINDOW_MODE_OFST 72 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_VI_WINDOW_MODE_LEN 1 +/* enum: Each VI occupies 8k as on Huntington and Medford. PIO is at offset 4k. + * CTPIO is not mapped. + */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_VI_WINDOW_MODE_8K 0x0 +/* enum: Each VI occupies 16k. PIO is at offset 4k. CTPIO is at offset 12k. */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_VI_WINDOW_MODE_16K 0x1 +/* enum: Each VI occupies 64k. PIO is at offset 4k. CTPIO is at offset 12k. */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_VI_WINDOW_MODE_64K 0x2 +/* Number of vFIFOs per adapter that can be used for VFIFO Stuffing + * (SF-115995-SW) in the present configuration of firmware and port mode. + */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_VFIFO_STUFFING_NUM_VFIFOS_OFST 73 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_VFIFO_STUFFING_NUM_VFIFOS_LEN 1 +/* Number of buffers per adapter that can be used for VFIFO Stuffing + * (SF-115995-SW) in the present configuration of firmware and port mode. + */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_VFIFO_STUFFING_NUM_CP_BUFFERS_OFST 74 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_VFIFO_STUFFING_NUM_CP_BUFFERS_LEN 2 +/* Entry count in the MAC stats array, including the final GENERATION_END + * entry. For MAC stats DMA, drivers should allocate a buffer large enough to + * hold at least this many 64-bit stats values, if they wish to receive all + * available stats. If the buffer is shorter than MAC_STATS_NUM_STATS * 8, the + * stats array returned will be truncated. + */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_MAC_STATS_NUM_STATS_OFST 76 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_MAC_STATS_NUM_STATS_LEN 2 +/* Maximum supported value for MC_CMD_FILTER_OP_V3/MATCH_MARK_VALUE. This field + * will only be non-zero if MC_CMD_GET_CAPABILITIES/FILTER_ACTION_MARK is set. + */ +#define MC_CMD_GET_CAPABILITIES_V5_OUT_FILTER_ACTION_MARK_MAX_OFST 80 +#define MC_CMD_GET_CAPABILITIES_V5_OUT_FILTER_ACTION_MARK_MAX_LEN 4 + /***********************************/ /* MC_CMD_V2_EXTN @@ -11169,7 +11458,16 @@ #define MC_CMD_V2_EXTN_IN_ACTUAL_LEN_LBN 16 #define MC_CMD_V2_EXTN_IN_ACTUAL_LEN_WIDTH 10 #define MC_CMD_V2_EXTN_IN_UNUSED2_LBN 26 -#define MC_CMD_V2_EXTN_IN_UNUSED2_WIDTH 6 +#define MC_CMD_V2_EXTN_IN_UNUSED2_WIDTH 2 +/* Type of command/response */ +#define MC_CMD_V2_EXTN_IN_MESSAGE_TYPE_LBN 28 +#define MC_CMD_V2_EXTN_IN_MESSAGE_TYPE_WIDTH 4 +/* enum: MCDI command directed to or response originating from the MC. */ +#define MC_CMD_V2_EXTN_IN_MCDI_MESSAGE_TYPE_MC 0x0 +/* enum: MCDI command directed to a TSA controller. MCDI responses of this type + * are not defined. + */ +#define MC_CMD_V2_EXTN_IN_MCDI_MESSAGE_TYPE_TSA 0x1 /***********************************/ @@ -11188,6 +11486,7 @@ #define MC_CMD_TCM_BUCKET_ALLOC_OUT_LEN 4 /* the bucket id */ #define MC_CMD_TCM_BUCKET_ALLOC_OUT_BUCKET_OFST 0 +#define MC_CMD_TCM_BUCKET_ALLOC_OUT_BUCKET_LEN 4 /***********************************/ @@ -11203,6 +11502,7 @@ #define MC_CMD_TCM_BUCKET_FREE_IN_LEN 4 /* the bucket id */ #define MC_CMD_TCM_BUCKET_FREE_IN_BUCKET_OFST 0 +#define MC_CMD_TCM_BUCKET_FREE_IN_BUCKET_LEN 4 /* MC_CMD_TCM_BUCKET_FREE_OUT msgresponse */ #define MC_CMD_TCM_BUCKET_FREE_OUT_LEN 0 @@ -11221,17 +11521,22 @@ #define MC_CMD_TCM_BUCKET_INIT_IN_LEN 8 /* the bucket id */ #define MC_CMD_TCM_BUCKET_INIT_IN_BUCKET_OFST 0 +#define MC_CMD_TCM_BUCKET_INIT_IN_BUCKET_LEN 4 /* the rate in mbps */ #define MC_CMD_TCM_BUCKET_INIT_IN_RATE_OFST 4 +#define MC_CMD_TCM_BUCKET_INIT_IN_RATE_LEN 4 /* MC_CMD_TCM_BUCKET_INIT_EXT_IN msgrequest */ #define MC_CMD_TCM_BUCKET_INIT_EXT_IN_LEN 12 /* the bucket id */ #define MC_CMD_TCM_BUCKET_INIT_EXT_IN_BUCKET_OFST 0 +#define MC_CMD_TCM_BUCKET_INIT_EXT_IN_BUCKET_LEN 4 /* the rate in mbps */ #define MC_CMD_TCM_BUCKET_INIT_EXT_IN_RATE_OFST 4 +#define MC_CMD_TCM_BUCKET_INIT_EXT_IN_RATE_LEN 4 /* the desired maximum fill level */ #define MC_CMD_TCM_BUCKET_INIT_EXT_IN_MAX_FILL_OFST 8 +#define MC_CMD_TCM_BUCKET_INIT_EXT_IN_MAX_FILL_LEN 4 /* MC_CMD_TCM_BUCKET_INIT_OUT msgresponse */ #define MC_CMD_TCM_BUCKET_INIT_OUT_LEN 0 @@ -11250,10 +11555,13 @@ #define MC_CMD_TCM_TXQ_INIT_IN_LEN 28 /* the txq id */ #define MC_CMD_TCM_TXQ_INIT_IN_QID_OFST 0 +#define MC_CMD_TCM_TXQ_INIT_IN_QID_LEN 4 /* the static priority associated with the txq */ #define MC_CMD_TCM_TXQ_INIT_IN_LABEL_OFST 4 +#define MC_CMD_TCM_TXQ_INIT_IN_LABEL_LEN 4 /* bitmask of the priority queues this txq is inserted into when inserted. */ #define MC_CMD_TCM_TXQ_INIT_IN_PQ_FLAGS_OFST 8 +#define MC_CMD_TCM_TXQ_INIT_IN_PQ_FLAGS_LEN 4 #define MC_CMD_TCM_TXQ_INIT_IN_PQ_FLAG_GUARANTEED_LBN 0 #define MC_CMD_TCM_TXQ_INIT_IN_PQ_FLAG_GUARANTEED_WIDTH 1 #define MC_CMD_TCM_TXQ_INIT_IN_PQ_FLAG_NORMAL_LBN 1 @@ -11262,25 +11570,32 @@ #define MC_CMD_TCM_TXQ_INIT_IN_PQ_FLAG_LOW_WIDTH 1 /* the reaction point (RP) bucket */ #define MC_CMD_TCM_TXQ_INIT_IN_RP_BKT_OFST 12 +#define MC_CMD_TCM_TXQ_INIT_IN_RP_BKT_LEN 4 /* an already reserved bucket (typically set to bucket associated with outer * vswitch) */ #define MC_CMD_TCM_TXQ_INIT_IN_MAX_BKT1_OFST 16 +#define MC_CMD_TCM_TXQ_INIT_IN_MAX_BKT1_LEN 4 /* an already reserved bucket (typically set to bucket associated with inner * vswitch) */ #define MC_CMD_TCM_TXQ_INIT_IN_MAX_BKT2_OFST 20 +#define MC_CMD_TCM_TXQ_INIT_IN_MAX_BKT2_LEN 4 /* the min bucket (typically for ETS/minimum bandwidth) */ #define MC_CMD_TCM_TXQ_INIT_IN_MIN_BKT_OFST 24 +#define MC_CMD_TCM_TXQ_INIT_IN_MIN_BKT_LEN 4 /* MC_CMD_TCM_TXQ_INIT_EXT_IN msgrequest */ #define MC_CMD_TCM_TXQ_INIT_EXT_IN_LEN 32 /* the txq id */ #define MC_CMD_TCM_TXQ_INIT_EXT_IN_QID_OFST 0 +#define MC_CMD_TCM_TXQ_INIT_EXT_IN_QID_LEN 4 /* the static priority associated with the txq */ #define MC_CMD_TCM_TXQ_INIT_EXT_IN_LABEL_NORMAL_OFST 4 +#define MC_CMD_TCM_TXQ_INIT_EXT_IN_LABEL_NORMAL_LEN 4 /* bitmask of the priority queues this txq is inserted into when inserted. */ #define MC_CMD_TCM_TXQ_INIT_EXT_IN_PQ_FLAGS_OFST 8 +#define MC_CMD_TCM_TXQ_INIT_EXT_IN_PQ_FLAGS_LEN 4 #define MC_CMD_TCM_TXQ_INIT_EXT_IN_PQ_FLAG_GUARANTEED_LBN 0 #define MC_CMD_TCM_TXQ_INIT_EXT_IN_PQ_FLAG_GUARANTEED_WIDTH 1 #define MC_CMD_TCM_TXQ_INIT_EXT_IN_PQ_FLAG_NORMAL_LBN 1 @@ -11289,18 +11604,23 @@ #define MC_CMD_TCM_TXQ_INIT_EXT_IN_PQ_FLAG_LOW_WIDTH 1 /* the reaction point (RP) bucket */ #define MC_CMD_TCM_TXQ_INIT_EXT_IN_RP_BKT_OFST 12 +#define MC_CMD_TCM_TXQ_INIT_EXT_IN_RP_BKT_LEN 4 /* an already reserved bucket (typically set to bucket associated with outer * vswitch) */ #define MC_CMD_TCM_TXQ_INIT_EXT_IN_MAX_BKT1_OFST 16 +#define MC_CMD_TCM_TXQ_INIT_EXT_IN_MAX_BKT1_LEN 4 /* an already reserved bucket (typically set to bucket associated with inner * vswitch) */ #define MC_CMD_TCM_TXQ_INIT_EXT_IN_MAX_BKT2_OFST 20 +#define MC_CMD_TCM_TXQ_INIT_EXT_IN_MAX_BKT2_LEN 4 /* the min bucket (typically for ETS/minimum bandwidth) */ #define MC_CMD_TCM_TXQ_INIT_EXT_IN_MIN_BKT_OFST 24 +#define MC_CMD_TCM_TXQ_INIT_EXT_IN_MIN_BKT_LEN 4 /* the static priority associated with the txq */ #define MC_CMD_TCM_TXQ_INIT_EXT_IN_LABEL_GUARANTEED_OFST 28 +#define MC_CMD_TCM_TXQ_INIT_EXT_IN_LABEL_GUARANTEED_LEN 4 /* MC_CMD_TCM_TXQ_INIT_OUT msgresponse */ #define MC_CMD_TCM_TXQ_INIT_OUT_LEN 0 @@ -11319,8 +11639,10 @@ #define MC_CMD_LINK_PIOBUF_IN_LEN 8 /* Handle for allocated push I/O buffer. */ #define MC_CMD_LINK_PIOBUF_IN_PIOBUF_HANDLE_OFST 0 +#define MC_CMD_LINK_PIOBUF_IN_PIOBUF_HANDLE_LEN 4 /* Function Local Instance (VI) number. */ #define MC_CMD_LINK_PIOBUF_IN_TXQ_INSTANCE_OFST 4 +#define MC_CMD_LINK_PIOBUF_IN_TXQ_INSTANCE_LEN 4 /* MC_CMD_LINK_PIOBUF_OUT msgresponse */ #define MC_CMD_LINK_PIOBUF_OUT_LEN 0 @@ -11339,6 +11661,7 @@ #define MC_CMD_UNLINK_PIOBUF_IN_LEN 4 /* Function Local Instance (VI) number. */ #define MC_CMD_UNLINK_PIOBUF_IN_TXQ_INSTANCE_OFST 0 +#define MC_CMD_UNLINK_PIOBUF_IN_TXQ_INSTANCE_LEN 4 /* MC_CMD_UNLINK_PIOBUF_OUT msgresponse */ #define MC_CMD_UNLINK_PIOBUF_OUT_LEN 0 @@ -11357,20 +11680,23 @@ #define MC_CMD_VSWITCH_ALLOC_IN_LEN 16 /* The port to connect to the v-switch's upstream port. */ #define MC_CMD_VSWITCH_ALLOC_IN_UPSTREAM_PORT_ID_OFST 0 +#define MC_CMD_VSWITCH_ALLOC_IN_UPSTREAM_PORT_ID_LEN 4 /* The type of v-switch to create. */ #define MC_CMD_VSWITCH_ALLOC_IN_TYPE_OFST 4 +#define MC_CMD_VSWITCH_ALLOC_IN_TYPE_LEN 4 /* enum: VLAN */ -#define MC_CMD_VSWITCH_ALLOC_IN_VSWITCH_TYPE_VLAN 0x1 +#define MC_CMD_VSWITCH_ALLOC_IN_VSWITCH_TYPE_VLAN 0x1 /* enum: VEB */ -#define MC_CMD_VSWITCH_ALLOC_IN_VSWITCH_TYPE_VEB 0x2 +#define MC_CMD_VSWITCH_ALLOC_IN_VSWITCH_TYPE_VEB 0x2 /* enum: VEPA (obsolete) */ -#define MC_CMD_VSWITCH_ALLOC_IN_VSWITCH_TYPE_VEPA 0x3 +#define MC_CMD_VSWITCH_ALLOC_IN_VSWITCH_TYPE_VEPA 0x3 /* enum: MUX */ -#define MC_CMD_VSWITCH_ALLOC_IN_VSWITCH_TYPE_MUX 0x4 +#define MC_CMD_VSWITCH_ALLOC_IN_VSWITCH_TYPE_MUX 0x4 /* enum: Snapper specific; semantics TBD */ -#define MC_CMD_VSWITCH_ALLOC_IN_VSWITCH_TYPE_TEST 0x5 +#define MC_CMD_VSWITCH_ALLOC_IN_VSWITCH_TYPE_TEST 0x5 /* Flags controlling v-port creation */ #define MC_CMD_VSWITCH_ALLOC_IN_FLAGS_OFST 8 +#define MC_CMD_VSWITCH_ALLOC_IN_FLAGS_LEN 4 #define MC_CMD_VSWITCH_ALLOC_IN_FLAG_AUTO_PORT_LBN 0 #define MC_CMD_VSWITCH_ALLOC_IN_FLAG_AUTO_PORT_WIDTH 1 /* The number of VLAN tags to allow for attached v-ports. For VLAN aggregators, @@ -11381,6 +11707,7 @@ * v-ports with this number of tags. */ #define MC_CMD_VSWITCH_ALLOC_IN_NUM_VLAN_TAGS_OFST 12 +#define MC_CMD_VSWITCH_ALLOC_IN_NUM_VLAN_TAGS_LEN 4 /* MC_CMD_VSWITCH_ALLOC_OUT msgresponse */ #define MC_CMD_VSWITCH_ALLOC_OUT_LEN 0 @@ -11399,6 +11726,7 @@ #define MC_CMD_VSWITCH_FREE_IN_LEN 4 /* The port to which the v-switch is connected. */ #define MC_CMD_VSWITCH_FREE_IN_UPSTREAM_PORT_ID_OFST 0 +#define MC_CMD_VSWITCH_FREE_IN_UPSTREAM_PORT_ID_LEN 4 /* MC_CMD_VSWITCH_FREE_OUT msgresponse */ #define MC_CMD_VSWITCH_FREE_OUT_LEN 0 @@ -11419,6 +11747,7 @@ #define MC_CMD_VSWITCH_QUERY_IN_LEN 4 /* The port to which the v-switch is connected. */ #define MC_CMD_VSWITCH_QUERY_IN_UPSTREAM_PORT_ID_OFST 0 +#define MC_CMD_VSWITCH_QUERY_IN_UPSTREAM_PORT_ID_LEN 4 /* MC_CMD_VSWITCH_QUERY_OUT msgresponse */ #define MC_CMD_VSWITCH_QUERY_OUT_LEN 0 @@ -11437,28 +11766,31 @@ #define MC_CMD_VPORT_ALLOC_IN_LEN 20 /* The port to which the v-switch is connected. */ #define MC_CMD_VPORT_ALLOC_IN_UPSTREAM_PORT_ID_OFST 0 +#define MC_CMD_VPORT_ALLOC_IN_UPSTREAM_PORT_ID_LEN 4 /* The type of the new v-port. */ #define MC_CMD_VPORT_ALLOC_IN_TYPE_OFST 4 +#define MC_CMD_VPORT_ALLOC_IN_TYPE_LEN 4 /* enum: VLAN (obsolete) */ -#define MC_CMD_VPORT_ALLOC_IN_VPORT_TYPE_VLAN 0x1 +#define MC_CMD_VPORT_ALLOC_IN_VPORT_TYPE_VLAN 0x1 /* enum: VEB (obsolete) */ -#define MC_CMD_VPORT_ALLOC_IN_VPORT_TYPE_VEB 0x2 +#define MC_CMD_VPORT_ALLOC_IN_VPORT_TYPE_VEB 0x2 /* enum: VEPA (obsolete) */ -#define MC_CMD_VPORT_ALLOC_IN_VPORT_TYPE_VEPA 0x3 +#define MC_CMD_VPORT_ALLOC_IN_VPORT_TYPE_VEPA 0x3 /* enum: A normal v-port receives packets which match a specified MAC and/or * VLAN. */ -#define MC_CMD_VPORT_ALLOC_IN_VPORT_TYPE_NORMAL 0x4 +#define MC_CMD_VPORT_ALLOC_IN_VPORT_TYPE_NORMAL 0x4 /* enum: An expansion v-port packets traffic which don't match any other * v-port. */ -#define MC_CMD_VPORT_ALLOC_IN_VPORT_TYPE_EXPANSION 0x5 +#define MC_CMD_VPORT_ALLOC_IN_VPORT_TYPE_EXPANSION 0x5 /* enum: An test v-port receives packets which match any filters installed by * its downstream components. */ -#define MC_CMD_VPORT_ALLOC_IN_VPORT_TYPE_TEST 0x6 +#define MC_CMD_VPORT_ALLOC_IN_VPORT_TYPE_TEST 0x6 /* Flags controlling v-port creation */ #define MC_CMD_VPORT_ALLOC_IN_FLAGS_OFST 8 +#define MC_CMD_VPORT_ALLOC_IN_FLAGS_LEN 4 #define MC_CMD_VPORT_ALLOC_IN_FLAG_AUTO_PORT_LBN 0 #define MC_CMD_VPORT_ALLOC_IN_FLAG_AUTO_PORT_WIDTH 1 #define MC_CMD_VPORT_ALLOC_IN_FLAG_VLAN_RESTRICT_LBN 1 @@ -11468,8 +11800,10 @@ * v-switch. */ #define MC_CMD_VPORT_ALLOC_IN_NUM_VLAN_TAGS_OFST 12 +#define MC_CMD_VPORT_ALLOC_IN_NUM_VLAN_TAGS_LEN 4 /* The actual VLAN tags to insert/remove */ #define MC_CMD_VPORT_ALLOC_IN_VLAN_TAGS_OFST 16 +#define MC_CMD_VPORT_ALLOC_IN_VLAN_TAGS_LEN 4 #define MC_CMD_VPORT_ALLOC_IN_VLAN_TAG_0_LBN 0 #define MC_CMD_VPORT_ALLOC_IN_VLAN_TAG_0_WIDTH 16 #define MC_CMD_VPORT_ALLOC_IN_VLAN_TAG_1_LBN 16 @@ -11479,6 +11813,7 @@ #define MC_CMD_VPORT_ALLOC_OUT_LEN 4 /* The handle of the new v-port */ #define MC_CMD_VPORT_ALLOC_OUT_VPORT_ID_OFST 0 +#define MC_CMD_VPORT_ALLOC_OUT_VPORT_ID_LEN 4 /***********************************/ @@ -11494,6 +11829,7 @@ #define MC_CMD_VPORT_FREE_IN_LEN 4 /* The handle of the v-port */ #define MC_CMD_VPORT_FREE_IN_VPORT_ID_OFST 0 +#define MC_CMD_VPORT_FREE_IN_VPORT_ID_LEN 4 /* MC_CMD_VPORT_FREE_OUT msgresponse */ #define MC_CMD_VPORT_FREE_OUT_LEN 0 @@ -11512,18 +11848,23 @@ #define MC_CMD_VADAPTOR_ALLOC_IN_LEN 30 /* The port to connect to the v-adaptor's port. */ #define MC_CMD_VADAPTOR_ALLOC_IN_UPSTREAM_PORT_ID_OFST 0 +#define MC_CMD_VADAPTOR_ALLOC_IN_UPSTREAM_PORT_ID_LEN 4 /* Flags controlling v-adaptor creation */ #define MC_CMD_VADAPTOR_ALLOC_IN_FLAGS_OFST 8 +#define MC_CMD_VADAPTOR_ALLOC_IN_FLAGS_LEN 4 #define MC_CMD_VADAPTOR_ALLOC_IN_FLAG_AUTO_VADAPTOR_LBN 0 #define MC_CMD_VADAPTOR_ALLOC_IN_FLAG_AUTO_VADAPTOR_WIDTH 1 #define MC_CMD_VADAPTOR_ALLOC_IN_FLAG_PERMIT_SET_MAC_WHEN_FILTERS_INSTALLED_LBN 1 #define MC_CMD_VADAPTOR_ALLOC_IN_FLAG_PERMIT_SET_MAC_WHEN_FILTERS_INSTALLED_WIDTH 1 /* The number of VLAN tags to strip on receive */ #define MC_CMD_VADAPTOR_ALLOC_IN_NUM_VLANS_OFST 12 +#define MC_CMD_VADAPTOR_ALLOC_IN_NUM_VLANS_LEN 4 /* The number of VLAN tags to transparently insert/remove. */ #define MC_CMD_VADAPTOR_ALLOC_IN_NUM_VLAN_TAGS_OFST 16 +#define MC_CMD_VADAPTOR_ALLOC_IN_NUM_VLAN_TAGS_LEN 4 /* The actual VLAN tags to insert/remove */ #define MC_CMD_VADAPTOR_ALLOC_IN_VLAN_TAGS_OFST 20 +#define MC_CMD_VADAPTOR_ALLOC_IN_VLAN_TAGS_LEN 4 #define MC_CMD_VADAPTOR_ALLOC_IN_VLAN_TAG_0_LBN 0 #define MC_CMD_VADAPTOR_ALLOC_IN_VLAN_TAG_0_WIDTH 16 #define MC_CMD_VADAPTOR_ALLOC_IN_VLAN_TAG_1_LBN 16 @@ -11532,7 +11873,7 @@ #define MC_CMD_VADAPTOR_ALLOC_IN_MACADDR_OFST 24 #define MC_CMD_VADAPTOR_ALLOC_IN_MACADDR_LEN 6 /* enum: Derive the MAC address from the upstream port */ -#define MC_CMD_VADAPTOR_ALLOC_IN_AUTO_MAC 0x0 +#define MC_CMD_VADAPTOR_ALLOC_IN_AUTO_MAC 0x0 /* MC_CMD_VADAPTOR_ALLOC_OUT msgresponse */ #define MC_CMD_VADAPTOR_ALLOC_OUT_LEN 0 @@ -11551,6 +11892,7 @@ #define MC_CMD_VADAPTOR_FREE_IN_LEN 4 /* The port to which the v-adaptor is connected. */ #define MC_CMD_VADAPTOR_FREE_IN_UPSTREAM_PORT_ID_OFST 0 +#define MC_CMD_VADAPTOR_FREE_IN_UPSTREAM_PORT_ID_LEN 4 /* MC_CMD_VADAPTOR_FREE_OUT msgresponse */ #define MC_CMD_VADAPTOR_FREE_OUT_LEN 0 @@ -11569,6 +11911,7 @@ #define MC_CMD_VADAPTOR_SET_MAC_IN_LEN 10 /* The port to which the v-adaptor is connected. */ #define MC_CMD_VADAPTOR_SET_MAC_IN_UPSTREAM_PORT_ID_OFST 0 +#define MC_CMD_VADAPTOR_SET_MAC_IN_UPSTREAM_PORT_ID_LEN 4 /* The new MAC address to assign to this v-adaptor */ #define MC_CMD_VADAPTOR_SET_MAC_IN_MACADDR_OFST 4 #define MC_CMD_VADAPTOR_SET_MAC_IN_MACADDR_LEN 6 @@ -11590,6 +11933,7 @@ #define MC_CMD_VADAPTOR_GET_MAC_IN_LEN 4 /* The port to which the v-adaptor is connected. */ #define MC_CMD_VADAPTOR_GET_MAC_IN_UPSTREAM_PORT_ID_OFST 0 +#define MC_CMD_VADAPTOR_GET_MAC_IN_UPSTREAM_PORT_ID_LEN 4 /* MC_CMD_VADAPTOR_GET_MAC_OUT msgresponse */ #define MC_CMD_VADAPTOR_GET_MAC_OUT_LEN 6 @@ -11611,15 +11955,19 @@ #define MC_CMD_VADAPTOR_QUERY_IN_LEN 4 /* The port to which the v-adaptor is connected. */ #define MC_CMD_VADAPTOR_QUERY_IN_UPSTREAM_PORT_ID_OFST 0 +#define MC_CMD_VADAPTOR_QUERY_IN_UPSTREAM_PORT_ID_LEN 4 /* MC_CMD_VADAPTOR_QUERY_OUT msgresponse */ #define MC_CMD_VADAPTOR_QUERY_OUT_LEN 12 /* The EVB port flags as defined at MC_CMD_VPORT_ALLOC. */ #define MC_CMD_VADAPTOR_QUERY_OUT_PORT_FLAGS_OFST 0 +#define MC_CMD_VADAPTOR_QUERY_OUT_PORT_FLAGS_LEN 4 /* The v-adaptor flags as defined at MC_CMD_VADAPTOR_ALLOC. */ #define MC_CMD_VADAPTOR_QUERY_OUT_VADAPTOR_FLAGS_OFST 4 +#define MC_CMD_VADAPTOR_QUERY_OUT_VADAPTOR_FLAGS_LEN 4 /* The number of VLAN tags that may still be added */ #define MC_CMD_VADAPTOR_QUERY_OUT_NUM_AVAILABLE_VLAN_TAGS_OFST 8 +#define MC_CMD_VADAPTOR_QUERY_OUT_NUM_AVAILABLE_VLAN_TAGS_LEN 4 /***********************************/ @@ -11635,8 +11983,10 @@ #define MC_CMD_EVB_PORT_ASSIGN_IN_LEN 8 /* The port to assign. */ #define MC_CMD_EVB_PORT_ASSIGN_IN_PORT_ID_OFST 0 +#define MC_CMD_EVB_PORT_ASSIGN_IN_PORT_ID_LEN 4 /* The target function to modify. */ #define MC_CMD_EVB_PORT_ASSIGN_IN_FUNCTION_OFST 4 +#define MC_CMD_EVB_PORT_ASSIGN_IN_FUNCTION_LEN 4 #define MC_CMD_EVB_PORT_ASSIGN_IN_PF_LBN 0 #define MC_CMD_EVB_PORT_ASSIGN_IN_PF_WIDTH 16 #define MC_CMD_EVB_PORT_ASSIGN_IN_VF_LBN 16 @@ -11658,9 +12008,13 @@ /* MC_CMD_RDWR_A64_REGIONS_IN msgrequest */ #define MC_CMD_RDWR_A64_REGIONS_IN_LEN 17 #define MC_CMD_RDWR_A64_REGIONS_IN_REGION0_OFST 0 +#define MC_CMD_RDWR_A64_REGIONS_IN_REGION0_LEN 4 #define MC_CMD_RDWR_A64_REGIONS_IN_REGION1_OFST 4 +#define MC_CMD_RDWR_A64_REGIONS_IN_REGION1_LEN 4 #define MC_CMD_RDWR_A64_REGIONS_IN_REGION2_OFST 8 +#define MC_CMD_RDWR_A64_REGIONS_IN_REGION2_LEN 4 #define MC_CMD_RDWR_A64_REGIONS_IN_REGION3_OFST 12 +#define MC_CMD_RDWR_A64_REGIONS_IN_REGION3_LEN 4 /* Write enable bits 0-3, set to write, clear to read. */ #define MC_CMD_RDWR_A64_REGIONS_IN_WRITE_MASK_LBN 128 #define MC_CMD_RDWR_A64_REGIONS_IN_WRITE_MASK_WIDTH 4 @@ -11672,9 +12026,13 @@ */ #define MC_CMD_RDWR_A64_REGIONS_OUT_LEN 16 #define MC_CMD_RDWR_A64_REGIONS_OUT_REGION0_OFST 0 +#define MC_CMD_RDWR_A64_REGIONS_OUT_REGION0_LEN 4 #define MC_CMD_RDWR_A64_REGIONS_OUT_REGION1_OFST 4 +#define MC_CMD_RDWR_A64_REGIONS_OUT_REGION1_LEN 4 #define MC_CMD_RDWR_A64_REGIONS_OUT_REGION2_OFST 8 +#define MC_CMD_RDWR_A64_REGIONS_OUT_REGION2_LEN 4 #define MC_CMD_RDWR_A64_REGIONS_OUT_REGION3_OFST 12 +#define MC_CMD_RDWR_A64_REGIONS_OUT_REGION3_LEN 4 /***********************************/ @@ -11690,11 +12048,13 @@ #define MC_CMD_ONLOAD_STACK_ALLOC_IN_LEN 4 /* The handle of the owning upstream port */ #define MC_CMD_ONLOAD_STACK_ALLOC_IN_UPSTREAM_PORT_ID_OFST 0 +#define MC_CMD_ONLOAD_STACK_ALLOC_IN_UPSTREAM_PORT_ID_LEN 4 /* MC_CMD_ONLOAD_STACK_ALLOC_OUT msgresponse */ #define MC_CMD_ONLOAD_STACK_ALLOC_OUT_LEN 4 /* The handle of the new Onload stack */ #define MC_CMD_ONLOAD_STACK_ALLOC_OUT_ONLOAD_STACK_ID_OFST 0 +#define MC_CMD_ONLOAD_STACK_ALLOC_OUT_ONLOAD_STACK_ID_LEN 4 /***********************************/ @@ -11710,6 +12070,7 @@ #define MC_CMD_ONLOAD_STACK_FREE_IN_LEN 4 /* The handle of the Onload stack */ #define MC_CMD_ONLOAD_STACK_FREE_IN_ONLOAD_STACK_ID_OFST 0 +#define MC_CMD_ONLOAD_STACK_FREE_IN_ONLOAD_STACK_ID_LEN 4 /* MC_CMD_ONLOAD_STACK_FREE_OUT msgresponse */ #define MC_CMD_ONLOAD_STACK_FREE_OUT_LEN 0 @@ -11728,21 +12089,24 @@ #define MC_CMD_RSS_CONTEXT_ALLOC_IN_LEN 12 /* The handle of the owning upstream port */ #define MC_CMD_RSS_CONTEXT_ALLOC_IN_UPSTREAM_PORT_ID_OFST 0 +#define MC_CMD_RSS_CONTEXT_ALLOC_IN_UPSTREAM_PORT_ID_LEN 4 /* The type of context to allocate */ #define MC_CMD_RSS_CONTEXT_ALLOC_IN_TYPE_OFST 4 +#define MC_CMD_RSS_CONTEXT_ALLOC_IN_TYPE_LEN 4 /* enum: Allocate a context for exclusive use. The key and indirection table * must be explicitly configured. */ -#define MC_CMD_RSS_CONTEXT_ALLOC_IN_TYPE_EXCLUSIVE 0x0 +#define MC_CMD_RSS_CONTEXT_ALLOC_IN_TYPE_EXCLUSIVE 0x0 /* enum: Allocate a context for shared use; this will spread across a range of * queues, but the key and indirection table are pre-configured and may not be * changed. For this mode, NUM_QUEUES must 2, 4, 8, 16, 32 or 64. */ -#define MC_CMD_RSS_CONTEXT_ALLOC_IN_TYPE_SHARED 0x1 +#define MC_CMD_RSS_CONTEXT_ALLOC_IN_TYPE_SHARED 0x1 /* Number of queues spanned by this context, in the range 1-64; valid offsets * in the indirection table will be in the range 0 to NUM_QUEUES-1. */ #define MC_CMD_RSS_CONTEXT_ALLOC_IN_NUM_QUEUES_OFST 8 +#define MC_CMD_RSS_CONTEXT_ALLOC_IN_NUM_QUEUES_LEN 4 /* MC_CMD_RSS_CONTEXT_ALLOC_OUT msgresponse */ #define MC_CMD_RSS_CONTEXT_ALLOC_OUT_LEN 4 @@ -11751,8 +12115,9 @@ * handle. */ #define MC_CMD_RSS_CONTEXT_ALLOC_OUT_RSS_CONTEXT_ID_OFST 0 +#define MC_CMD_RSS_CONTEXT_ALLOC_OUT_RSS_CONTEXT_ID_LEN 4 /* enum: guaranteed invalid RSS context handle value */ -#define MC_CMD_RSS_CONTEXT_ALLOC_OUT_RSS_CONTEXT_ID_INVALID 0xffffffff +#define MC_CMD_RSS_CONTEXT_ALLOC_OUT_RSS_CONTEXT_ID_INVALID 0xffffffff /***********************************/ @@ -11768,6 +12133,7 @@ #define MC_CMD_RSS_CONTEXT_FREE_IN_LEN 4 /* The handle of the RSS context */ #define MC_CMD_RSS_CONTEXT_FREE_IN_RSS_CONTEXT_ID_OFST 0 +#define MC_CMD_RSS_CONTEXT_FREE_IN_RSS_CONTEXT_ID_LEN 4 /* MC_CMD_RSS_CONTEXT_FREE_OUT msgresponse */ #define MC_CMD_RSS_CONTEXT_FREE_OUT_LEN 0 @@ -11786,6 +12152,7 @@ #define MC_CMD_RSS_CONTEXT_SET_KEY_IN_LEN 44 /* The handle of the RSS context */ #define MC_CMD_RSS_CONTEXT_SET_KEY_IN_RSS_CONTEXT_ID_OFST 0 +#define MC_CMD_RSS_CONTEXT_SET_KEY_IN_RSS_CONTEXT_ID_LEN 4 /* The 40-byte Toeplitz hash key (TBD endianness issues?) */ #define MC_CMD_RSS_CONTEXT_SET_KEY_IN_TOEPLITZ_KEY_OFST 4 #define MC_CMD_RSS_CONTEXT_SET_KEY_IN_TOEPLITZ_KEY_LEN 40 @@ -11807,6 +12174,7 @@ #define MC_CMD_RSS_CONTEXT_GET_KEY_IN_LEN 4 /* The handle of the RSS context */ #define MC_CMD_RSS_CONTEXT_GET_KEY_IN_RSS_CONTEXT_ID_OFST 0 +#define MC_CMD_RSS_CONTEXT_GET_KEY_IN_RSS_CONTEXT_ID_LEN 4 /* MC_CMD_RSS_CONTEXT_GET_KEY_OUT msgresponse */ #define MC_CMD_RSS_CONTEXT_GET_KEY_OUT_LEN 44 @@ -11828,6 +12196,7 @@ #define MC_CMD_RSS_CONTEXT_SET_TABLE_IN_LEN 132 /* The handle of the RSS context */ #define MC_CMD_RSS_CONTEXT_SET_TABLE_IN_RSS_CONTEXT_ID_OFST 0 +#define MC_CMD_RSS_CONTEXT_SET_TABLE_IN_RSS_CONTEXT_ID_LEN 4 /* The 128-byte indirection table (1 byte per entry) */ #define MC_CMD_RSS_CONTEXT_SET_TABLE_IN_INDIRECTION_TABLE_OFST 4 #define MC_CMD_RSS_CONTEXT_SET_TABLE_IN_INDIRECTION_TABLE_LEN 128 @@ -11849,6 +12218,7 @@ #define MC_CMD_RSS_CONTEXT_GET_TABLE_IN_LEN 4 /* The handle of the RSS context */ #define MC_CMD_RSS_CONTEXT_GET_TABLE_IN_RSS_CONTEXT_ID_OFST 0 +#define MC_CMD_RSS_CONTEXT_GET_TABLE_IN_RSS_CONTEXT_ID_LEN 4 /* MC_CMD_RSS_CONTEXT_GET_TABLE_OUT msgresponse */ #define MC_CMD_RSS_CONTEXT_GET_TABLE_OUT_LEN 132 @@ -11870,6 +12240,7 @@ #define MC_CMD_RSS_CONTEXT_SET_FLAGS_IN_LEN 8 /* The handle of the RSS context */ #define MC_CMD_RSS_CONTEXT_SET_FLAGS_IN_RSS_CONTEXT_ID_OFST 0 +#define MC_CMD_RSS_CONTEXT_SET_FLAGS_IN_RSS_CONTEXT_ID_LEN 4 /* Hash control flags. The _EN bits are always supported, but new modes are * available when ADDITIONAL_RSS_MODES is reported by MC_CMD_GET_CAPABILITIES: * in this case, the MODE fields may be set to non-zero values, and will take @@ -11883,6 +12254,7 @@ * particular packet type.) */ #define MC_CMD_RSS_CONTEXT_SET_FLAGS_IN_FLAGS_OFST 4 +#define MC_CMD_RSS_CONTEXT_SET_FLAGS_IN_FLAGS_LEN 4 #define MC_CMD_RSS_CONTEXT_SET_FLAGS_IN_TOEPLITZ_IPV4_EN_LBN 0 #define MC_CMD_RSS_CONTEXT_SET_FLAGS_IN_TOEPLITZ_IPV4_EN_WIDTH 1 #define MC_CMD_RSS_CONTEXT_SET_FLAGS_IN_TOEPLITZ_TCPV4_EN_LBN 1 @@ -11923,6 +12295,7 @@ #define MC_CMD_RSS_CONTEXT_GET_FLAGS_IN_LEN 4 /* The handle of the RSS context */ #define MC_CMD_RSS_CONTEXT_GET_FLAGS_IN_RSS_CONTEXT_ID_OFST 0 +#define MC_CMD_RSS_CONTEXT_GET_FLAGS_IN_RSS_CONTEXT_ID_LEN 4 /* MC_CMD_RSS_CONTEXT_GET_FLAGS_OUT msgresponse */ #define MC_CMD_RSS_CONTEXT_GET_FLAGS_OUT_LEN 8 @@ -11940,6 +12313,7 @@ * always be used for a SET regardless of old/new driver vs. old/new firmware. */ #define MC_CMD_RSS_CONTEXT_GET_FLAGS_OUT_FLAGS_OFST 4 +#define MC_CMD_RSS_CONTEXT_GET_FLAGS_OUT_FLAGS_LEN 4 #define MC_CMD_RSS_CONTEXT_GET_FLAGS_OUT_TOEPLITZ_IPV4_EN_LBN 0 #define MC_CMD_RSS_CONTEXT_GET_FLAGS_OUT_TOEPLITZ_IPV4_EN_WIDTH 1 #define MC_CMD_RSS_CONTEXT_GET_FLAGS_OUT_TOEPLITZ_TCPV4_EN_LBN 1 @@ -11977,11 +12351,13 @@ #define MC_CMD_DOT1P_MAPPING_ALLOC_IN_LEN 8 /* The handle of the owning upstream port */ #define MC_CMD_DOT1P_MAPPING_ALLOC_IN_UPSTREAM_PORT_ID_OFST 0 +#define MC_CMD_DOT1P_MAPPING_ALLOC_IN_UPSTREAM_PORT_ID_LEN 4 /* Number of queues spanned by this mapping, in the range 1-64; valid fixed * offsets in the mapping table will be in the range 0 to NUM_QUEUES-1, and * referenced RSS contexts must span no more than this number. */ #define MC_CMD_DOT1P_MAPPING_ALLOC_IN_NUM_QUEUES_OFST 4 +#define MC_CMD_DOT1P_MAPPING_ALLOC_IN_NUM_QUEUES_LEN 4 /* MC_CMD_DOT1P_MAPPING_ALLOC_OUT msgresponse */ #define MC_CMD_DOT1P_MAPPING_ALLOC_OUT_LEN 4 @@ -11990,8 +12366,9 @@ * handle. */ #define MC_CMD_DOT1P_MAPPING_ALLOC_OUT_DOT1P_MAPPING_ID_OFST 0 +#define MC_CMD_DOT1P_MAPPING_ALLOC_OUT_DOT1P_MAPPING_ID_LEN 4 /* enum: guaranteed invalid .1p mapping handle value */ -#define MC_CMD_DOT1P_MAPPING_ALLOC_OUT_DOT1P_MAPPING_ID_INVALID 0xffffffff +#define MC_CMD_DOT1P_MAPPING_ALLOC_OUT_DOT1P_MAPPING_ID_INVALID 0xffffffff /***********************************/ @@ -12007,6 +12384,7 @@ #define MC_CMD_DOT1P_MAPPING_FREE_IN_LEN 4 /* The handle of the .1p mapping */ #define MC_CMD_DOT1P_MAPPING_FREE_IN_DOT1P_MAPPING_ID_OFST 0 +#define MC_CMD_DOT1P_MAPPING_FREE_IN_DOT1P_MAPPING_ID_LEN 4 /* MC_CMD_DOT1P_MAPPING_FREE_OUT msgresponse */ #define MC_CMD_DOT1P_MAPPING_FREE_OUT_LEN 0 @@ -12025,6 +12403,7 @@ #define MC_CMD_DOT1P_MAPPING_SET_TABLE_IN_LEN 36 /* The handle of the .1p mapping */ #define MC_CMD_DOT1P_MAPPING_SET_TABLE_IN_DOT1P_MAPPING_ID_OFST 0 +#define MC_CMD_DOT1P_MAPPING_SET_TABLE_IN_DOT1P_MAPPING_ID_LEN 4 /* Per-priority mappings (1 32-bit word per entry - an offset or RSS context * handle) */ @@ -12048,6 +12427,7 @@ #define MC_CMD_DOT1P_MAPPING_GET_TABLE_IN_LEN 4 /* The handle of the .1p mapping */ #define MC_CMD_DOT1P_MAPPING_GET_TABLE_IN_DOT1P_MAPPING_ID_OFST 0 +#define MC_CMD_DOT1P_MAPPING_GET_TABLE_IN_DOT1P_MAPPING_ID_LEN 4 /* MC_CMD_DOT1P_MAPPING_GET_TABLE_OUT msgresponse */ #define MC_CMD_DOT1P_MAPPING_GET_TABLE_OUT_LEN 36 @@ -12074,10 +12454,13 @@ #define MC_CMD_GET_VECTOR_CFG_OUT_LEN 12 /* Base absolute interrupt vector number. */ #define MC_CMD_GET_VECTOR_CFG_OUT_VEC_BASE_OFST 0 +#define MC_CMD_GET_VECTOR_CFG_OUT_VEC_BASE_LEN 4 /* Number of interrupt vectors allocate to this PF. */ #define MC_CMD_GET_VECTOR_CFG_OUT_VECS_PER_PF_OFST 4 +#define MC_CMD_GET_VECTOR_CFG_OUT_VECS_PER_PF_LEN 4 /* Number of interrupt vectors to allocate per VF. */ #define MC_CMD_GET_VECTOR_CFG_OUT_VECS_PER_VF_OFST 8 +#define MC_CMD_GET_VECTOR_CFG_OUT_VECS_PER_VF_LEN 4 /***********************************/ @@ -12095,10 +12478,13 @@ * let the system find a suitable base. */ #define MC_CMD_SET_VECTOR_CFG_IN_VEC_BASE_OFST 0 +#define MC_CMD_SET_VECTOR_CFG_IN_VEC_BASE_LEN 4 /* Number of interrupt vectors allocate to this PF. */ #define MC_CMD_SET_VECTOR_CFG_IN_VECS_PER_PF_OFST 4 +#define MC_CMD_SET_VECTOR_CFG_IN_VECS_PER_PF_LEN 4 /* Number of interrupt vectors to allocate per VF. */ #define MC_CMD_SET_VECTOR_CFG_IN_VECS_PER_VF_OFST 8 +#define MC_CMD_SET_VECTOR_CFG_IN_VECS_PER_VF_LEN 4 /* MC_CMD_SET_VECTOR_CFG_OUT msgresponse */ #define MC_CMD_SET_VECTOR_CFG_OUT_LEN 0 @@ -12117,6 +12503,7 @@ #define MC_CMD_VPORT_ADD_MAC_ADDRESS_IN_LEN 10 /* The handle of the v-port */ #define MC_CMD_VPORT_ADD_MAC_ADDRESS_IN_VPORT_ID_OFST 0 +#define MC_CMD_VPORT_ADD_MAC_ADDRESS_IN_VPORT_ID_LEN 4 /* MAC address to add */ #define MC_CMD_VPORT_ADD_MAC_ADDRESS_IN_MACADDR_OFST 4 #define MC_CMD_VPORT_ADD_MAC_ADDRESS_IN_MACADDR_LEN 6 @@ -12138,6 +12525,7 @@ #define MC_CMD_VPORT_DEL_MAC_ADDRESS_IN_LEN 10 /* The handle of the v-port */ #define MC_CMD_VPORT_DEL_MAC_ADDRESS_IN_VPORT_ID_OFST 0 +#define MC_CMD_VPORT_DEL_MAC_ADDRESS_IN_VPORT_ID_LEN 4 /* MAC address to add */ #define MC_CMD_VPORT_DEL_MAC_ADDRESS_IN_MACADDR_OFST 4 #define MC_CMD_VPORT_DEL_MAC_ADDRESS_IN_MACADDR_LEN 6 @@ -12159,6 +12547,7 @@ #define MC_CMD_VPORT_GET_MAC_ADDRESSES_IN_LEN 4 /* The handle of the v-port */ #define MC_CMD_VPORT_GET_MAC_ADDRESSES_IN_VPORT_ID_OFST 0 +#define MC_CMD_VPORT_GET_MAC_ADDRESSES_IN_VPORT_ID_LEN 4 /* MC_CMD_VPORT_GET_MAC_ADDRESSES_OUT msgresponse */ #define MC_CMD_VPORT_GET_MAC_ADDRESSES_OUT_LENMIN 4 @@ -12166,6 +12555,7 @@ #define MC_CMD_VPORT_GET_MAC_ADDRESSES_OUT_LEN(num) (4+6*(num)) /* The number of MAC addresses returned */ #define MC_CMD_VPORT_GET_MAC_ADDRESSES_OUT_MACADDR_COUNT_OFST 0 +#define MC_CMD_VPORT_GET_MAC_ADDRESSES_OUT_MACADDR_COUNT_LEN 4 /* Array of MAC addresses */ #define MC_CMD_VPORT_GET_MAC_ADDRESSES_OUT_MACADDR_OFST 4 #define MC_CMD_VPORT_GET_MAC_ADDRESSES_OUT_MACADDR_LEN 6 @@ -12188,8 +12578,10 @@ #define MC_CMD_VPORT_RECONFIGURE_IN_LEN 44 /* The handle of the v-port */ #define MC_CMD_VPORT_RECONFIGURE_IN_VPORT_ID_OFST 0 +#define MC_CMD_VPORT_RECONFIGURE_IN_VPORT_ID_LEN 4 /* Flags requesting what should be changed. */ #define MC_CMD_VPORT_RECONFIGURE_IN_FLAGS_OFST 4 +#define MC_CMD_VPORT_RECONFIGURE_IN_FLAGS_LEN 4 #define MC_CMD_VPORT_RECONFIGURE_IN_REPLACE_VLAN_TAGS_LBN 0 #define MC_CMD_VPORT_RECONFIGURE_IN_REPLACE_VLAN_TAGS_WIDTH 1 #define MC_CMD_VPORT_RECONFIGURE_IN_REPLACE_MACADDRS_LBN 1 @@ -12199,14 +12591,17 @@ * v-switch. */ #define MC_CMD_VPORT_RECONFIGURE_IN_NUM_VLAN_TAGS_OFST 8 +#define MC_CMD_VPORT_RECONFIGURE_IN_NUM_VLAN_TAGS_LEN 4 /* The actual VLAN tags to insert/remove */ #define MC_CMD_VPORT_RECONFIGURE_IN_VLAN_TAGS_OFST 12 +#define MC_CMD_VPORT_RECONFIGURE_IN_VLAN_TAGS_LEN 4 #define MC_CMD_VPORT_RECONFIGURE_IN_VLAN_TAG_0_LBN 0 #define MC_CMD_VPORT_RECONFIGURE_IN_VLAN_TAG_0_WIDTH 16 #define MC_CMD_VPORT_RECONFIGURE_IN_VLAN_TAG_1_LBN 16 #define MC_CMD_VPORT_RECONFIGURE_IN_VLAN_TAG_1_WIDTH 16 /* The number of MAC addresses to add */ #define MC_CMD_VPORT_RECONFIGURE_IN_NUM_MACADDRS_OFST 16 +#define MC_CMD_VPORT_RECONFIGURE_IN_NUM_MACADDRS_LEN 4 /* MAC addresses to add */ #define MC_CMD_VPORT_RECONFIGURE_IN_MACADDRS_OFST 20 #define MC_CMD_VPORT_RECONFIGURE_IN_MACADDRS_LEN 6 @@ -12215,6 +12610,7 @@ /* MC_CMD_VPORT_RECONFIGURE_OUT msgresponse */ #define MC_CMD_VPORT_RECONFIGURE_OUT_LEN 4 #define MC_CMD_VPORT_RECONFIGURE_OUT_FLAGS_OFST 0 +#define MC_CMD_VPORT_RECONFIGURE_OUT_FLAGS_LEN 4 #define MC_CMD_VPORT_RECONFIGURE_OUT_RESET_DONE_LBN 0 #define MC_CMD_VPORT_RECONFIGURE_OUT_RESET_DONE_WIDTH 1 @@ -12232,15 +12628,18 @@ #define MC_CMD_EVB_PORT_QUERY_IN_LEN 4 /* The handle of the v-port */ #define MC_CMD_EVB_PORT_QUERY_IN_PORT_ID_OFST 0 +#define MC_CMD_EVB_PORT_QUERY_IN_PORT_ID_LEN 4 /* MC_CMD_EVB_PORT_QUERY_OUT msgresponse */ #define MC_CMD_EVB_PORT_QUERY_OUT_LEN 8 /* The EVB port flags as defined at MC_CMD_VPORT_ALLOC. */ #define MC_CMD_EVB_PORT_QUERY_OUT_PORT_FLAGS_OFST 0 +#define MC_CMD_EVB_PORT_QUERY_OUT_PORT_FLAGS_LEN 4 /* The number of VLAN tags that may be used on a v-adaptor connected to this * EVB port. */ #define MC_CMD_EVB_PORT_QUERY_OUT_NUM_AVAILABLE_VLAN_TAGS_OFST 4 +#define MC_CMD_EVB_PORT_QUERY_OUT_NUM_AVAILABLE_VLAN_TAGS_LEN 4 /***********************************/ @@ -12253,14 +12652,16 @@ #define MC_CMD_DUMP_BUFTBL_ENTRIES 0xab #undef MC_CMD_0xab_PRIVILEGE_CTG -#define MC_CMD_0xab_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0xab_PRIVILEGE_CTG SRIOV_CTG_INSECURE /* MC_CMD_DUMP_BUFTBL_ENTRIES_IN msgrequest */ #define MC_CMD_DUMP_BUFTBL_ENTRIES_IN_LEN 8 /* Index of the first buffer table entry. */ #define MC_CMD_DUMP_BUFTBL_ENTRIES_IN_FIRSTID_OFST 0 +#define MC_CMD_DUMP_BUFTBL_ENTRIES_IN_FIRSTID_LEN 4 /* Number of buffer table entries to dump. */ #define MC_CMD_DUMP_BUFTBL_ENTRIES_IN_NUMENTRIES_OFST 4 +#define MC_CMD_DUMP_BUFTBL_ENTRIES_IN_NUMENTRIES_LEN 4 /* MC_CMD_DUMP_BUFTBL_ENTRIES_OUT msgresponse */ #define MC_CMD_DUMP_BUFTBL_ENTRIES_OUT_LENMIN 12 @@ -12285,16 +12686,17 @@ /* MC_CMD_SET_RXDP_CONFIG_IN msgrequest */ #define MC_CMD_SET_RXDP_CONFIG_IN_LEN 4 #define MC_CMD_SET_RXDP_CONFIG_IN_DATA_OFST 0 +#define MC_CMD_SET_RXDP_CONFIG_IN_DATA_LEN 4 #define MC_CMD_SET_RXDP_CONFIG_IN_PAD_HOST_DMA_LBN 0 #define MC_CMD_SET_RXDP_CONFIG_IN_PAD_HOST_DMA_WIDTH 1 #define MC_CMD_SET_RXDP_CONFIG_IN_PAD_HOST_LEN_LBN 1 #define MC_CMD_SET_RXDP_CONFIG_IN_PAD_HOST_LEN_WIDTH 2 /* enum: pad to 64 bytes */ -#define MC_CMD_SET_RXDP_CONFIG_IN_PAD_HOST_64 0x0 +#define MC_CMD_SET_RXDP_CONFIG_IN_PAD_HOST_64 0x0 /* enum: pad to 128 bytes (Medford only) */ -#define MC_CMD_SET_RXDP_CONFIG_IN_PAD_HOST_128 0x1 +#define MC_CMD_SET_RXDP_CONFIG_IN_PAD_HOST_128 0x1 /* enum: pad to 256 bytes (Medford only) */ -#define MC_CMD_SET_RXDP_CONFIG_IN_PAD_HOST_256 0x2 +#define MC_CMD_SET_RXDP_CONFIG_IN_PAD_HOST_256 0x2 /* MC_CMD_SET_RXDP_CONFIG_OUT msgresponse */ #define MC_CMD_SET_RXDP_CONFIG_OUT_LEN 0 @@ -12315,6 +12717,7 @@ /* MC_CMD_GET_RXDP_CONFIG_OUT msgresponse */ #define MC_CMD_GET_RXDP_CONFIG_OUT_LEN 4 #define MC_CMD_GET_RXDP_CONFIG_OUT_DATA_OFST 0 +#define MC_CMD_GET_RXDP_CONFIG_OUT_DATA_LEN 4 #define MC_CMD_GET_RXDP_CONFIG_OUT_PAD_HOST_DMA_LBN 0 #define MC_CMD_GET_RXDP_CONFIG_OUT_PAD_HOST_DMA_WIDTH 1 #define MC_CMD_GET_RXDP_CONFIG_OUT_PAD_HOST_LEN_LBN 1 @@ -12339,8 +12742,10 @@ #define MC_CMD_GET_CLOCK_OUT_LEN 8 /* System frequency, MHz */ #define MC_CMD_GET_CLOCK_OUT_SYS_FREQ_OFST 0 +#define MC_CMD_GET_CLOCK_OUT_SYS_FREQ_LEN 4 /* DPCPU frequency, MHz */ #define MC_CMD_GET_CLOCK_OUT_DPCPU_FREQ_OFST 4 +#define MC_CMD_GET_CLOCK_OUT_DPCPU_FREQ_LEN 4 /***********************************/ @@ -12350,69 +12755,83 @@ #define MC_CMD_SET_CLOCK 0xad #undef MC_CMD_0xad_PRIVILEGE_CTG -#define MC_CMD_0xad_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0xad_PRIVILEGE_CTG SRIOV_CTG_INSECURE /* MC_CMD_SET_CLOCK_IN msgrequest */ #define MC_CMD_SET_CLOCK_IN_LEN 28 /* Requested frequency in MHz for system clock domain */ #define MC_CMD_SET_CLOCK_IN_SYS_FREQ_OFST 0 +#define MC_CMD_SET_CLOCK_IN_SYS_FREQ_LEN 4 /* enum: Leave the system clock domain frequency unchanged */ -#define MC_CMD_SET_CLOCK_IN_SYS_DOMAIN_DONT_CHANGE 0x0 +#define MC_CMD_SET_CLOCK_IN_SYS_DOMAIN_DONT_CHANGE 0x0 /* Requested frequency in MHz for inter-core clock domain */ #define MC_CMD_SET_CLOCK_IN_ICORE_FREQ_OFST 4 +#define MC_CMD_SET_CLOCK_IN_ICORE_FREQ_LEN 4 /* enum: Leave the inter-core clock domain frequency unchanged */ -#define MC_CMD_SET_CLOCK_IN_ICORE_DOMAIN_DONT_CHANGE 0x0 +#define MC_CMD_SET_CLOCK_IN_ICORE_DOMAIN_DONT_CHANGE 0x0 /* Requested frequency in MHz for DPCPU clock domain */ #define MC_CMD_SET_CLOCK_IN_DPCPU_FREQ_OFST 8 +#define MC_CMD_SET_CLOCK_IN_DPCPU_FREQ_LEN 4 /* enum: Leave the DPCPU clock domain frequency unchanged */ -#define MC_CMD_SET_CLOCK_IN_DPCPU_DOMAIN_DONT_CHANGE 0x0 +#define MC_CMD_SET_CLOCK_IN_DPCPU_DOMAIN_DONT_CHANGE 0x0 /* Requested frequency in MHz for PCS clock domain */ #define MC_CMD_SET_CLOCK_IN_PCS_FREQ_OFST 12 +#define MC_CMD_SET_CLOCK_IN_PCS_FREQ_LEN 4 /* enum: Leave the PCS clock domain frequency unchanged */ -#define MC_CMD_SET_CLOCK_IN_PCS_DOMAIN_DONT_CHANGE 0x0 +#define MC_CMD_SET_CLOCK_IN_PCS_DOMAIN_DONT_CHANGE 0x0 /* Requested frequency in MHz for MC clock domain */ #define MC_CMD_SET_CLOCK_IN_MC_FREQ_OFST 16 +#define MC_CMD_SET_CLOCK_IN_MC_FREQ_LEN 4 /* enum: Leave the MC clock domain frequency unchanged */ -#define MC_CMD_SET_CLOCK_IN_MC_DOMAIN_DONT_CHANGE 0x0 +#define MC_CMD_SET_CLOCK_IN_MC_DOMAIN_DONT_CHANGE 0x0 /* Requested frequency in MHz for rmon clock domain */ #define MC_CMD_SET_CLOCK_IN_RMON_FREQ_OFST 20 +#define MC_CMD_SET_CLOCK_IN_RMON_FREQ_LEN 4 /* enum: Leave the rmon clock domain frequency unchanged */ -#define MC_CMD_SET_CLOCK_IN_RMON_DOMAIN_DONT_CHANGE 0x0 +#define MC_CMD_SET_CLOCK_IN_RMON_DOMAIN_DONT_CHANGE 0x0 /* Requested frequency in MHz for vswitch clock domain */ #define MC_CMD_SET_CLOCK_IN_VSWITCH_FREQ_OFST 24 +#define MC_CMD_SET_CLOCK_IN_VSWITCH_FREQ_LEN 4 /* enum: Leave the vswitch clock domain frequency unchanged */ -#define MC_CMD_SET_CLOCK_IN_VSWITCH_DOMAIN_DONT_CHANGE 0x0 +#define MC_CMD_SET_CLOCK_IN_VSWITCH_DOMAIN_DONT_CHANGE 0x0 /* MC_CMD_SET_CLOCK_OUT msgresponse */ #define MC_CMD_SET_CLOCK_OUT_LEN 28 /* Resulting system frequency in MHz */ #define MC_CMD_SET_CLOCK_OUT_SYS_FREQ_OFST 0 +#define MC_CMD_SET_CLOCK_OUT_SYS_FREQ_LEN 4 /* enum: The system clock domain doesn't exist */ -#define MC_CMD_SET_CLOCK_OUT_SYS_DOMAIN_UNSUPPORTED 0x0 +#define MC_CMD_SET_CLOCK_OUT_SYS_DOMAIN_UNSUPPORTED 0x0 /* Resulting inter-core frequency in MHz */ #define MC_CMD_SET_CLOCK_OUT_ICORE_FREQ_OFST 4 +#define MC_CMD_SET_CLOCK_OUT_ICORE_FREQ_LEN 4 /* enum: The inter-core clock domain doesn't exist / isn't used */ -#define MC_CMD_SET_CLOCK_OUT_ICORE_DOMAIN_UNSUPPORTED 0x0 +#define MC_CMD_SET_CLOCK_OUT_ICORE_DOMAIN_UNSUPPORTED 0x0 /* Resulting DPCPU frequency in MHz */ #define MC_CMD_SET_CLOCK_OUT_DPCPU_FREQ_OFST 8 +#define MC_CMD_SET_CLOCK_OUT_DPCPU_FREQ_LEN 4 /* enum: The dpcpu clock domain doesn't exist */ -#define MC_CMD_SET_CLOCK_OUT_DPCPU_DOMAIN_UNSUPPORTED 0x0 +#define MC_CMD_SET_CLOCK_OUT_DPCPU_DOMAIN_UNSUPPORTED 0x0 /* Resulting PCS frequency in MHz */ #define MC_CMD_SET_CLOCK_OUT_PCS_FREQ_OFST 12 +#define MC_CMD_SET_CLOCK_OUT_PCS_FREQ_LEN 4 /* enum: The PCS clock domain doesn't exist / isn't controlled */ -#define MC_CMD_SET_CLOCK_OUT_PCS_DOMAIN_UNSUPPORTED 0x0 +#define MC_CMD_SET_CLOCK_OUT_PCS_DOMAIN_UNSUPPORTED 0x0 /* Resulting MC frequency in MHz */ #define MC_CMD_SET_CLOCK_OUT_MC_FREQ_OFST 16 +#define MC_CMD_SET_CLOCK_OUT_MC_FREQ_LEN 4 /* enum: The MC clock domain doesn't exist / isn't controlled */ -#define MC_CMD_SET_CLOCK_OUT_MC_DOMAIN_UNSUPPORTED 0x0 +#define MC_CMD_SET_CLOCK_OUT_MC_DOMAIN_UNSUPPORTED 0x0 /* Resulting rmon frequency in MHz */ #define MC_CMD_SET_CLOCK_OUT_RMON_FREQ_OFST 20 +#define MC_CMD_SET_CLOCK_OUT_RMON_FREQ_LEN 4 /* enum: The rmon clock domain doesn't exist / isn't controlled */ -#define MC_CMD_SET_CLOCK_OUT_RMON_DOMAIN_UNSUPPORTED 0x0 +#define MC_CMD_SET_CLOCK_OUT_RMON_DOMAIN_UNSUPPORTED 0x0 /* Resulting vswitch frequency in MHz */ #define MC_CMD_SET_CLOCK_OUT_VSWITCH_FREQ_OFST 24 +#define MC_CMD_SET_CLOCK_OUT_VSWITCH_FREQ_LEN 4 /* enum: The vswitch clock domain doesn't exist / isn't controlled */ -#define MC_CMD_SET_CLOCK_OUT_VSWITCH_DOMAIN_UNSUPPORTED 0x0 +#define MC_CMD_SET_CLOCK_OUT_VSWITCH_DOMAIN_UNSUPPORTED 0x0 /***********************************/ @@ -12422,27 +12841,28 @@ #define MC_CMD_DPCPU_RPC 0xae #undef MC_CMD_0xae_PRIVILEGE_CTG -#define MC_CMD_0xae_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0xae_PRIVILEGE_CTG SRIOV_CTG_INSECURE /* MC_CMD_DPCPU_RPC_IN msgrequest */ #define MC_CMD_DPCPU_RPC_IN_LEN 36 #define MC_CMD_DPCPU_RPC_IN_CPU_OFST 0 +#define MC_CMD_DPCPU_RPC_IN_CPU_LEN 4 /* enum: RxDPCPU0 */ -#define MC_CMD_DPCPU_RPC_IN_DPCPU_RX0 0x0 +#define MC_CMD_DPCPU_RPC_IN_DPCPU_RX0 0x0 /* enum: TxDPCPU0 */ -#define MC_CMD_DPCPU_RPC_IN_DPCPU_TX0 0x1 +#define MC_CMD_DPCPU_RPC_IN_DPCPU_TX0 0x1 /* enum: TxDPCPU1 */ -#define MC_CMD_DPCPU_RPC_IN_DPCPU_TX1 0x2 +#define MC_CMD_DPCPU_RPC_IN_DPCPU_TX1 0x2 /* enum: RxDPCPU1 (Medford only) */ -#define MC_CMD_DPCPU_RPC_IN_DPCPU_RX1 0x3 +#define MC_CMD_DPCPU_RPC_IN_DPCPU_RX1 0x3 /* enum: RxDPCPU (will be for the calling function; for now, just an alias of * DPCPU_RX0) */ -#define MC_CMD_DPCPU_RPC_IN_DPCPU_RX 0x80 +#define MC_CMD_DPCPU_RPC_IN_DPCPU_RX 0x80 /* enum: TxDPCPU (will be for the calling function; for now, just an alias of * DPCPU_TX0) */ -#define MC_CMD_DPCPU_RPC_IN_DPCPU_TX 0x81 +#define MC_CMD_DPCPU_RPC_IN_DPCPU_TX 0x81 /* First 8 bits [39:32] of DATA are consumed by MC-DPCPU protocol and must be * initialised to zero */ @@ -12450,15 +12870,15 @@ #define MC_CMD_DPCPU_RPC_IN_DATA_LEN 32 #define MC_CMD_DPCPU_RPC_IN_HDR_CMD_CMDNUM_LBN 8 #define MC_CMD_DPCPU_RPC_IN_HDR_CMD_CMDNUM_WIDTH 8 -#define MC_CMD_DPCPU_RPC_IN_CMDNUM_TXDPCPU_READ 0x6 /* enum */ -#define MC_CMD_DPCPU_RPC_IN_CMDNUM_TXDPCPU_WRITE 0x7 /* enum */ -#define MC_CMD_DPCPU_RPC_IN_CMDNUM_TXDPCPU_SELF_TEST 0xc /* enum */ -#define MC_CMD_DPCPU_RPC_IN_CMDNUM_TXDPCPU_CSR_ACCESS 0xe /* enum */ -#define MC_CMD_DPCPU_RPC_IN_CMDNUM_RXDPCPU_READ 0x46 /* enum */ -#define MC_CMD_DPCPU_RPC_IN_CMDNUM_RXDPCPU_WRITE 0x47 /* enum */ -#define MC_CMD_DPCPU_RPC_IN_CMDNUM_RXDPCPU_SELF_TEST 0x4a /* enum */ -#define MC_CMD_DPCPU_RPC_IN_CMDNUM_RXDPCPU_CSR_ACCESS 0x4c /* enum */ -#define MC_CMD_DPCPU_RPC_IN_CMDNUM_RXDPCPU_SET_MC_REPLAY_CNTXT 0x4d /* enum */ +#define MC_CMD_DPCPU_RPC_IN_CMDNUM_TXDPCPU_READ 0x6 /* enum */ +#define MC_CMD_DPCPU_RPC_IN_CMDNUM_TXDPCPU_WRITE 0x7 /* enum */ +#define MC_CMD_DPCPU_RPC_IN_CMDNUM_TXDPCPU_SELF_TEST 0xc /* enum */ +#define MC_CMD_DPCPU_RPC_IN_CMDNUM_TXDPCPU_CSR_ACCESS 0xe /* enum */ +#define MC_CMD_DPCPU_RPC_IN_CMDNUM_RXDPCPU_READ 0x46 /* enum */ +#define MC_CMD_DPCPU_RPC_IN_CMDNUM_RXDPCPU_WRITE 0x47 /* enum */ +#define MC_CMD_DPCPU_RPC_IN_CMDNUM_RXDPCPU_SELF_TEST 0x4a /* enum */ +#define MC_CMD_DPCPU_RPC_IN_CMDNUM_RXDPCPU_CSR_ACCESS 0x4c /* enum */ +#define MC_CMD_DPCPU_RPC_IN_CMDNUM_RXDPCPU_SET_MC_REPLAY_CNTXT 0x4d /* enum */ #define MC_CMD_DPCPU_RPC_IN_HDR_CMD_REQ_OBJID_LBN 16 #define MC_CMD_DPCPU_RPC_IN_HDR_CMD_REQ_OBJID_WIDTH 16 #define MC_CMD_DPCPU_RPC_IN_HDR_CMD_REQ_ADDR_LBN 16 @@ -12469,11 +12889,11 @@ #define MC_CMD_DPCPU_RPC_IN_CSR_ACCESS_INFO_WIDTH 240 #define MC_CMD_DPCPU_RPC_IN_CSR_ACCESS_CMD_LBN 16 #define MC_CMD_DPCPU_RPC_IN_CSR_ACCESS_CMD_WIDTH 16 -#define MC_CMD_DPCPU_RPC_IN_CSR_ACCESS_CMD_STOP_RETURN_RESULT 0x0 /* enum */ -#define MC_CMD_DPCPU_RPC_IN_CSR_ACCESS_CMD_START_READ 0x1 /* enum */ -#define MC_CMD_DPCPU_RPC_IN_CSR_ACCESS_CMD_START_WRITE 0x2 /* enum */ -#define MC_CMD_DPCPU_RPC_IN_CSR_ACCESS_CMD_START_WRITE_READ 0x3 /* enum */ -#define MC_CMD_DPCPU_RPC_IN_CSR_ACCESS_CMD_START_PIPELINED_READ 0x4 /* enum */ +#define MC_CMD_DPCPU_RPC_IN_CSR_ACCESS_CMD_STOP_RETURN_RESULT 0x0 /* enum */ +#define MC_CMD_DPCPU_RPC_IN_CSR_ACCESS_CMD_START_READ 0x1 /* enum */ +#define MC_CMD_DPCPU_RPC_IN_CSR_ACCESS_CMD_START_WRITE 0x2 /* enum */ +#define MC_CMD_DPCPU_RPC_IN_CSR_ACCESS_CMD_START_WRITE_READ 0x3 /* enum */ +#define MC_CMD_DPCPU_RPC_IN_CSR_ACCESS_CMD_START_PIPELINED_READ 0x4 /* enum */ #define MC_CMD_DPCPU_RPC_IN_CSR_ACCESS_START_DELAY_LBN 48 #define MC_CMD_DPCPU_RPC_IN_CSR_ACCESS_START_DELAY_WIDTH 16 #define MC_CMD_DPCPU_RPC_IN_CSR_ACCESS_RPT_COUNT_LBN 64 @@ -12482,21 +12902,24 @@ #define MC_CMD_DPCPU_RPC_IN_CSR_ACCESS_GAP_DELAY_WIDTH 16 #define MC_CMD_DPCPU_RPC_IN_MC_REPLAY_MODE_LBN 16 #define MC_CMD_DPCPU_RPC_IN_MC_REPLAY_MODE_WIDTH 16 -#define MC_CMD_DPCPU_RPC_IN_MC_REPLAY_MODE_CUT_THROUGH 0x1 /* enum */ -#define MC_CMD_DPCPU_RPC_IN_MC_REPLAY_MODE_STORE_FORWARD 0x2 /* enum */ -#define MC_CMD_DPCPU_RPC_IN_MC_REPLAY_MODE_STORE_FORWARD_FIRST 0x3 /* enum */ +#define MC_CMD_DPCPU_RPC_IN_MC_REPLAY_MODE_CUT_THROUGH 0x1 /* enum */ +#define MC_CMD_DPCPU_RPC_IN_MC_REPLAY_MODE_STORE_FORWARD 0x2 /* enum */ +#define MC_CMD_DPCPU_RPC_IN_MC_REPLAY_MODE_STORE_FORWARD_FIRST 0x3 /* enum */ #define MC_CMD_DPCPU_RPC_IN_MC_REPLAY_CNTXT_LBN 64 #define MC_CMD_DPCPU_RPC_IN_MC_REPLAY_CNTXT_WIDTH 16 #define MC_CMD_DPCPU_RPC_IN_WDATA_OFST 12 #define MC_CMD_DPCPU_RPC_IN_WDATA_LEN 24 /* Register data to write. Only valid in write/write-read. */ #define MC_CMD_DPCPU_RPC_IN_CSR_ACCESS_DATA_OFST 16 +#define MC_CMD_DPCPU_RPC_IN_CSR_ACCESS_DATA_LEN 4 /* Register address. */ #define MC_CMD_DPCPU_RPC_IN_CSR_ACCESS_ADDRESS_OFST 20 +#define MC_CMD_DPCPU_RPC_IN_CSR_ACCESS_ADDRESS_LEN 4 /* MC_CMD_DPCPU_RPC_OUT msgresponse */ #define MC_CMD_DPCPU_RPC_OUT_LEN 36 #define MC_CMD_DPCPU_RPC_OUT_RC_OFST 0 +#define MC_CMD_DPCPU_RPC_OUT_RC_LEN 4 /* DATA */ #define MC_CMD_DPCPU_RPC_OUT_DATA_OFST 4 #define MC_CMD_DPCPU_RPC_OUT_DATA_LEN 32 @@ -12507,9 +12930,13 @@ #define MC_CMD_DPCPU_RPC_OUT_RDATA_OFST 12 #define MC_CMD_DPCPU_RPC_OUT_RDATA_LEN 24 #define MC_CMD_DPCPU_RPC_OUT_CSR_ACCESS_READ_VAL_1_OFST 12 +#define MC_CMD_DPCPU_RPC_OUT_CSR_ACCESS_READ_VAL_1_LEN 4 #define MC_CMD_DPCPU_RPC_OUT_CSR_ACCESS_READ_VAL_2_OFST 16 +#define MC_CMD_DPCPU_RPC_OUT_CSR_ACCESS_READ_VAL_2_LEN 4 #define MC_CMD_DPCPU_RPC_OUT_CSR_ACCESS_READ_VAL_3_OFST 20 +#define MC_CMD_DPCPU_RPC_OUT_CSR_ACCESS_READ_VAL_3_LEN 4 #define MC_CMD_DPCPU_RPC_OUT_CSR_ACCESS_READ_VAL_4_OFST 24 +#define MC_CMD_DPCPU_RPC_OUT_CSR_ACCESS_READ_VAL_4_LEN 4 /***********************************/ @@ -12525,6 +12952,7 @@ #define MC_CMD_TRIGGER_INTERRUPT_IN_LEN 4 /* Interrupt level relative to base for function. */ #define MC_CMD_TRIGGER_INTERRUPT_IN_INTR_LEVEL_OFST 0 +#define MC_CMD_TRIGGER_INTERRUPT_IN_INTR_LEVEL_LEN 4 /* MC_CMD_TRIGGER_INTERRUPT_OUT msgresponse */ #define MC_CMD_TRIGGER_INTERRUPT_OUT_LEN 0 @@ -12537,14 +12965,15 @@ #define MC_CMD_SHMBOOT_OP 0xe6 #undef MC_CMD_0xe6_PRIVILEGE_CTG -#define MC_CMD_0xe6_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0xe6_PRIVILEGE_CTG SRIOV_CTG_ADMIN_TSA_UNBOUND /* MC_CMD_SHMBOOT_OP_IN msgrequest */ #define MC_CMD_SHMBOOT_OP_IN_LEN 4 /* Identifies the operation to perform */ #define MC_CMD_SHMBOOT_OP_IN_SHMBOOT_OP_OFST 0 +#define MC_CMD_SHMBOOT_OP_IN_SHMBOOT_OP_LEN 4 /* enum: Copy slave_data section to the slave core. (Greenport only) */ -#define MC_CMD_SHMBOOT_OP_IN_PUSH_SLAVE_DATA 0x0 +#define MC_CMD_SHMBOOT_OP_IN_PUSH_SLAVE_DATA 0x0 /* MC_CMD_SHMBOOT_OP_OUT msgresponse */ #define MC_CMD_SHMBOOT_OP_OUT_LEN 0 @@ -12557,13 +12986,16 @@ #define MC_CMD_CAP_BLK_READ 0xe7 #undef MC_CMD_0xe7_PRIVILEGE_CTG -#define MC_CMD_0xe7_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0xe7_PRIVILEGE_CTG SRIOV_CTG_INSECURE /* MC_CMD_CAP_BLK_READ_IN msgrequest */ #define MC_CMD_CAP_BLK_READ_IN_LEN 12 #define MC_CMD_CAP_BLK_READ_IN_CAP_REG_OFST 0 +#define MC_CMD_CAP_BLK_READ_IN_CAP_REG_LEN 4 #define MC_CMD_CAP_BLK_READ_IN_ADDR_OFST 4 +#define MC_CMD_CAP_BLK_READ_IN_ADDR_LEN 4 #define MC_CMD_CAP_BLK_READ_IN_COUNT_OFST 8 +#define MC_CMD_CAP_BLK_READ_IN_COUNT_LEN 4 /* MC_CMD_CAP_BLK_READ_OUT msgresponse */ #define MC_CMD_CAP_BLK_READ_OUT_LENMIN 8 @@ -12584,53 +13016,77 @@ #define MC_CMD_DUMP_DO 0xe8 #undef MC_CMD_0xe8_PRIVILEGE_CTG -#define MC_CMD_0xe8_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0xe8_PRIVILEGE_CTG SRIOV_CTG_INSECURE /* MC_CMD_DUMP_DO_IN msgrequest */ #define MC_CMD_DUMP_DO_IN_LEN 52 #define MC_CMD_DUMP_DO_IN_PADDING_OFST 0 +#define MC_CMD_DUMP_DO_IN_PADDING_LEN 4 #define MC_CMD_DUMP_DO_IN_DUMPSPEC_SRC_OFST 4 -#define MC_CMD_DUMP_DO_IN_DUMPSPEC_SRC_CUSTOM 0x0 /* enum */ -#define MC_CMD_DUMP_DO_IN_DUMPSPEC_SRC_DEFAULT 0x1 /* enum */ +#define MC_CMD_DUMP_DO_IN_DUMPSPEC_SRC_LEN 4 +#define MC_CMD_DUMP_DO_IN_DUMPSPEC_SRC_CUSTOM 0x0 /* enum */ +#define MC_CMD_DUMP_DO_IN_DUMPSPEC_SRC_DEFAULT 0x1 /* enum */ #define MC_CMD_DUMP_DO_IN_DUMPSPEC_SRC_CUSTOM_TYPE_OFST 8 -#define MC_CMD_DUMP_DO_IN_DUMP_LOCATION_NVRAM 0x1 /* enum */ -#define MC_CMD_DUMP_DO_IN_DUMP_LOCATION_HOST_MEMORY 0x2 /* enum */ -#define MC_CMD_DUMP_DO_IN_DUMP_LOCATION_HOST_MEMORY_MLI 0x3 /* enum */ -#define MC_CMD_DUMP_DO_IN_DUMP_LOCATION_UART 0x4 /* enum */ +#define MC_CMD_DUMP_DO_IN_DUMPSPEC_SRC_CUSTOM_TYPE_LEN 4 +#define MC_CMD_DUMP_DO_IN_DUMP_LOCATION_NVRAM 0x1 /* enum */ +#define MC_CMD_DUMP_DO_IN_DUMP_LOCATION_HOST_MEMORY 0x2 /* enum */ +#define MC_CMD_DUMP_DO_IN_DUMP_LOCATION_HOST_MEMORY_MLI 0x3 /* enum */ +#define MC_CMD_DUMP_DO_IN_DUMP_LOCATION_UART 0x4 /* enum */ #define MC_CMD_DUMP_DO_IN_DUMPSPEC_SRC_CUSTOM_NVRAM_PARTITION_TYPE_ID_OFST 12 +#define MC_CMD_DUMP_DO_IN_DUMPSPEC_SRC_CUSTOM_NVRAM_PARTITION_TYPE_ID_LEN 4 #define MC_CMD_DUMP_DO_IN_DUMPSPEC_SRC_CUSTOM_NVRAM_OFFSET_OFST 16 +#define MC_CMD_DUMP_DO_IN_DUMPSPEC_SRC_CUSTOM_NVRAM_OFFSET_LEN 4 #define MC_CMD_DUMP_DO_IN_DUMPSPEC_SRC_CUSTOM_HOST_MEMORY_ADDR_LO_OFST 12 +#define MC_CMD_DUMP_DO_IN_DUMPSPEC_SRC_CUSTOM_HOST_MEMORY_ADDR_LO_LEN 4 #define MC_CMD_DUMP_DO_IN_DUMPSPEC_SRC_CUSTOM_HOST_MEMORY_ADDR_HI_OFST 16 +#define MC_CMD_DUMP_DO_IN_DUMPSPEC_SRC_CUSTOM_HOST_MEMORY_ADDR_HI_LEN 4 #define MC_CMD_DUMP_DO_IN_DUMPSPEC_SRC_CUSTOM_HOST_MEMORY_MLI_ROOT_ADDR_LO_OFST 12 -#define MC_CMD_DUMP_DO_IN_HOST_MEMORY_MLI_PAGE_SIZE 0x1000 /* enum */ +#define MC_CMD_DUMP_DO_IN_DUMPSPEC_SRC_CUSTOM_HOST_MEMORY_MLI_ROOT_ADDR_LO_LEN 4 +#define MC_CMD_DUMP_DO_IN_HOST_MEMORY_MLI_PAGE_SIZE 0x1000 /* enum */ #define MC_CMD_DUMP_DO_IN_DUMPSPEC_SRC_CUSTOM_HOST_MEMORY_MLI_ROOT_ADDR_HI_OFST 16 +#define MC_CMD_DUMP_DO_IN_DUMPSPEC_SRC_CUSTOM_HOST_MEMORY_MLI_ROOT_ADDR_HI_LEN 4 #define MC_CMD_DUMP_DO_IN_DUMPSPEC_SRC_CUSTOM_HOST_MEMORY_MLI_DEPTH_OFST 20 -#define MC_CMD_DUMP_DO_IN_HOST_MEMORY_MLI_MAX_DEPTH 0x2 /* enum */ +#define MC_CMD_DUMP_DO_IN_DUMPSPEC_SRC_CUSTOM_HOST_MEMORY_MLI_DEPTH_LEN 4 +#define MC_CMD_DUMP_DO_IN_HOST_MEMORY_MLI_MAX_DEPTH 0x2 /* enum */ #define MC_CMD_DUMP_DO_IN_DUMPSPEC_SRC_CUSTOM_UART_PORT_OFST 12 +#define MC_CMD_DUMP_DO_IN_DUMPSPEC_SRC_CUSTOM_UART_PORT_LEN 4 /* enum: The uart port this command was received over (if using a uart * transport) */ -#define MC_CMD_DUMP_DO_IN_UART_PORT_SRC 0xff +#define MC_CMD_DUMP_DO_IN_UART_PORT_SRC 0xff #define MC_CMD_DUMP_DO_IN_DUMPSPEC_SRC_CUSTOM_SIZE_OFST 24 +#define MC_CMD_DUMP_DO_IN_DUMPSPEC_SRC_CUSTOM_SIZE_LEN 4 #define MC_CMD_DUMP_DO_IN_DUMPFILE_DST_OFST 28 -#define MC_CMD_DUMP_DO_IN_DUMPFILE_DST_CUSTOM 0x0 /* enum */ -#define MC_CMD_DUMP_DO_IN_DUMPFILE_DST_NVRAM_DUMP_PARTITION 0x1 /* enum */ +#define MC_CMD_DUMP_DO_IN_DUMPFILE_DST_LEN 4 +#define MC_CMD_DUMP_DO_IN_DUMPFILE_DST_CUSTOM 0x0 /* enum */ +#define MC_CMD_DUMP_DO_IN_DUMPFILE_DST_NVRAM_DUMP_PARTITION 0x1 /* enum */ #define MC_CMD_DUMP_DO_IN_DUMPFILE_DST_CUSTOM_TYPE_OFST 32 +#define MC_CMD_DUMP_DO_IN_DUMPFILE_DST_CUSTOM_TYPE_LEN 4 /* Enum values, see field(s): */ /* MC_CMD_DUMP_DO_IN/DUMPSPEC_SRC_CUSTOM_TYPE */ #define MC_CMD_DUMP_DO_IN_DUMPFILE_DST_CUSTOM_NVRAM_PARTITION_TYPE_ID_OFST 36 +#define MC_CMD_DUMP_DO_IN_DUMPFILE_DST_CUSTOM_NVRAM_PARTITION_TYPE_ID_LEN 4 #define MC_CMD_DUMP_DO_IN_DUMPFILE_DST_CUSTOM_NVRAM_OFFSET_OFST 40 +#define MC_CMD_DUMP_DO_IN_DUMPFILE_DST_CUSTOM_NVRAM_OFFSET_LEN 4 #define MC_CMD_DUMP_DO_IN_DUMPFILE_DST_CUSTOM_HOST_MEMORY_ADDR_LO_OFST 36 +#define MC_CMD_DUMP_DO_IN_DUMPFILE_DST_CUSTOM_HOST_MEMORY_ADDR_LO_LEN 4 #define MC_CMD_DUMP_DO_IN_DUMPFILE_DST_CUSTOM_HOST_MEMORY_ADDR_HI_OFST 40 +#define MC_CMD_DUMP_DO_IN_DUMPFILE_DST_CUSTOM_HOST_MEMORY_ADDR_HI_LEN 4 #define MC_CMD_DUMP_DO_IN_DUMPFILE_DST_CUSTOM_HOST_MEMORY_MLI_ROOT_ADDR_LO_OFST 36 +#define MC_CMD_DUMP_DO_IN_DUMPFILE_DST_CUSTOM_HOST_MEMORY_MLI_ROOT_ADDR_LO_LEN 4 #define MC_CMD_DUMP_DO_IN_DUMPFILE_DST_CUSTOM_HOST_MEMORY_MLI_ROOT_ADDR_HI_OFST 40 +#define MC_CMD_DUMP_DO_IN_DUMPFILE_DST_CUSTOM_HOST_MEMORY_MLI_ROOT_ADDR_HI_LEN 4 #define MC_CMD_DUMP_DO_IN_DUMPFILE_DST_CUSTOM_HOST_MEMORY_MLI_DEPTH_OFST 44 +#define MC_CMD_DUMP_DO_IN_DUMPFILE_DST_CUSTOM_HOST_MEMORY_MLI_DEPTH_LEN 4 #define MC_CMD_DUMP_DO_IN_DUMPFILE_DST_CUSTOM_UART_PORT_OFST 36 +#define MC_CMD_DUMP_DO_IN_DUMPFILE_DST_CUSTOM_UART_PORT_LEN 4 #define MC_CMD_DUMP_DO_IN_DUMPFILE_DST_CUSTOM_SIZE_OFST 48 +#define MC_CMD_DUMP_DO_IN_DUMPFILE_DST_CUSTOM_SIZE_LEN 4 /* MC_CMD_DUMP_DO_OUT msgresponse */ #define MC_CMD_DUMP_DO_OUT_LEN 4 #define MC_CMD_DUMP_DO_OUT_DUMPFILE_SIZE_OFST 0 +#define MC_CMD_DUMP_DO_OUT_DUMPFILE_SIZE_LEN 4 /***********************************/ @@ -12640,41 +13096,64 @@ #define MC_CMD_DUMP_CONFIGURE_UNSOLICITED 0xe9 #undef MC_CMD_0xe9_PRIVILEGE_CTG -#define MC_CMD_0xe9_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0xe9_PRIVILEGE_CTG SRIOV_CTG_INSECURE /* MC_CMD_DUMP_CONFIGURE_UNSOLICITED_IN msgrequest */ #define MC_CMD_DUMP_CONFIGURE_UNSOLICITED_IN_LEN 52 #define MC_CMD_DUMP_CONFIGURE_UNSOLICITED_IN_ENABLE_OFST 0 +#define MC_CMD_DUMP_CONFIGURE_UNSOLICITED_IN_ENABLE_LEN 4 #define MC_CMD_DUMP_CONFIGURE_UNSOLICITED_IN_DUMPSPEC_SRC_OFST 4 +#define MC_CMD_DUMP_CONFIGURE_UNSOLICITED_IN_DUMPSPEC_SRC_LEN 4 /* Enum values, see field(s): */ /* MC_CMD_DUMP_DO/MC_CMD_DUMP_DO_IN/DUMPSPEC_SRC */ #define MC_CMD_DUMP_CONFIGURE_UNSOLICITED_IN_DUMPSPEC_SRC_CUSTOM_TYPE_OFST 8 +#define MC_CMD_DUMP_CONFIGURE_UNSOLICITED_IN_DUMPSPEC_SRC_CUSTOM_TYPE_LEN 4 /* Enum values, see field(s): */ /* MC_CMD_DUMP_DO/MC_CMD_DUMP_DO_IN/DUMPSPEC_SRC_CUSTOM_TYPE */ #define MC_CMD_DUMP_CONFIGURE_UNSOLICITED_IN_DUMPSPEC_SRC_CUSTOM_NVRAM_PARTITION_TYPE_ID_OFST 12 +#define MC_CMD_DUMP_CONFIGURE_UNSOLICITED_IN_DUMPSPEC_SRC_CUSTOM_NVRAM_PARTITION_TYPE_ID_LEN 4 #define MC_CMD_DUMP_CONFIGURE_UNSOLICITED_IN_DUMPSPEC_SRC_CUSTOM_NVRAM_OFFSET_OFST 16 +#define MC_CMD_DUMP_CONFIGURE_UNSOLICITED_IN_DUMPSPEC_SRC_CUSTOM_NVRAM_OFFSET_LEN 4 #define MC_CMD_DUMP_CONFIGURE_UNSOLICITED_IN_DUMPSPEC_SRC_CUSTOM_HOST_MEMORY_ADDR_LO_OFST 12 +#define MC_CMD_DUMP_CONFIGURE_UNSOLICITED_IN_DUMPSPEC_SRC_CUSTOM_HOST_MEMORY_ADDR_LO_LEN 4 #define MC_CMD_DUMP_CONFIGURE_UNSOLICITED_IN_DUMPSPEC_SRC_CUSTOM_HOST_MEMORY_ADDR_HI_OFST 16 +#define MC_CMD_DUMP_CONFIGURE_UNSOLICITED_IN_DUMPSPEC_SRC_CUSTOM_HOST_MEMORY_ADDR_HI_LEN 4 #define MC_CMD_DUMP_CONFIGURE_UNSOLICITED_IN_DUMPSPEC_SRC_CUSTOM_HOST_MEMORY_MLI_ROOT_ADDR_LO_OFST 12 +#define MC_CMD_DUMP_CONFIGURE_UNSOLICITED_IN_DUMPSPEC_SRC_CUSTOM_HOST_MEMORY_MLI_ROOT_ADDR_LO_LEN 4 #define MC_CMD_DUMP_CONFIGURE_UNSOLICITED_IN_DUMPSPEC_SRC_CUSTOM_HOST_MEMORY_MLI_ROOT_ADDR_HI_OFST 16 +#define MC_CMD_DUMP_CONFIGURE_UNSOLICITED_IN_DUMPSPEC_SRC_CUSTOM_HOST_MEMORY_MLI_ROOT_ADDR_HI_LEN 4 #define MC_CMD_DUMP_CONFIGURE_UNSOLICITED_IN_DUMPSPEC_SRC_CUSTOM_HOST_MEMORY_MLI_DEPTH_OFST 20 +#define MC_CMD_DUMP_CONFIGURE_UNSOLICITED_IN_DUMPSPEC_SRC_CUSTOM_HOST_MEMORY_MLI_DEPTH_LEN 4 #define MC_CMD_DUMP_CONFIGURE_UNSOLICITED_IN_DUMPSPEC_SRC_CUSTOM_UART_PORT_OFST 12 +#define MC_CMD_DUMP_CONFIGURE_UNSOLICITED_IN_DUMPSPEC_SRC_CUSTOM_UART_PORT_LEN 4 #define MC_CMD_DUMP_CONFIGURE_UNSOLICITED_IN_DUMPSPEC_SRC_CUSTOM_SIZE_OFST 24 +#define MC_CMD_DUMP_CONFIGURE_UNSOLICITED_IN_DUMPSPEC_SRC_CUSTOM_SIZE_LEN 4 #define MC_CMD_DUMP_CONFIGURE_UNSOLICITED_IN_DUMPFILE_DST_OFST 28 +#define MC_CMD_DUMP_CONFIGURE_UNSOLICITED_IN_DUMPFILE_DST_LEN 4 /* Enum values, see field(s): */ /* MC_CMD_DUMP_DO/MC_CMD_DUMP_DO_IN/DUMPFILE_DST */ #define MC_CMD_DUMP_CONFIGURE_UNSOLICITED_IN_DUMPFILE_DST_CUSTOM_TYPE_OFST 32 +#define MC_CMD_DUMP_CONFIGURE_UNSOLICITED_IN_DUMPFILE_DST_CUSTOM_TYPE_LEN 4 /* Enum values, see field(s): */ /* MC_CMD_DUMP_DO/MC_CMD_DUMP_DO_IN/DUMPSPEC_SRC_CUSTOM_TYPE */ #define MC_CMD_DUMP_CONFIGURE_UNSOLICITED_IN_DUMPFILE_DST_CUSTOM_NVRAM_PARTITION_TYPE_ID_OFST 36 +#define MC_CMD_DUMP_CONFIGURE_UNSOLICITED_IN_DUMPFILE_DST_CUSTOM_NVRAM_PARTITION_TYPE_ID_LEN 4 #define MC_CMD_DUMP_CONFIGURE_UNSOLICITED_IN_DUMPFILE_DST_CUSTOM_NVRAM_OFFSET_OFST 40 +#define MC_CMD_DUMP_CONFIGURE_UNSOLICITED_IN_DUMPFILE_DST_CUSTOM_NVRAM_OFFSET_LEN 4 #define MC_CMD_DUMP_CONFIGURE_UNSOLICITED_IN_DUMPFILE_DST_CUSTOM_HOST_MEMORY_ADDR_LO_OFST 36 +#define MC_CMD_DUMP_CONFIGURE_UNSOLICITED_IN_DUMPFILE_DST_CUSTOM_HOST_MEMORY_ADDR_LO_LEN 4 #define MC_CMD_DUMP_CONFIGURE_UNSOLICITED_IN_DUMPFILE_DST_CUSTOM_HOST_MEMORY_ADDR_HI_OFST 40 +#define MC_CMD_DUMP_CONFIGURE_UNSOLICITED_IN_DUMPFILE_DST_CUSTOM_HOST_MEMORY_ADDR_HI_LEN 4 #define MC_CMD_DUMP_CONFIGURE_UNSOLICITED_IN_DUMPFILE_DST_CUSTOM_HOST_MEMORY_MLI_ROOT_ADDR_LO_OFST 36 +#define MC_CMD_DUMP_CONFIGURE_UNSOLICITED_IN_DUMPFILE_DST_CUSTOM_HOST_MEMORY_MLI_ROOT_ADDR_LO_LEN 4 #define MC_CMD_DUMP_CONFIGURE_UNSOLICITED_IN_DUMPFILE_DST_CUSTOM_HOST_MEMORY_MLI_ROOT_ADDR_HI_OFST 40 +#define MC_CMD_DUMP_CONFIGURE_UNSOLICITED_IN_DUMPFILE_DST_CUSTOM_HOST_MEMORY_MLI_ROOT_ADDR_HI_LEN 4 #define MC_CMD_DUMP_CONFIGURE_UNSOLICITED_IN_DUMPFILE_DST_CUSTOM_HOST_MEMORY_MLI_DEPTH_OFST 44 +#define MC_CMD_DUMP_CONFIGURE_UNSOLICITED_IN_DUMPFILE_DST_CUSTOM_HOST_MEMORY_MLI_DEPTH_LEN 4 #define MC_CMD_DUMP_CONFIGURE_UNSOLICITED_IN_DUMPFILE_DST_CUSTOM_UART_PORT_OFST 36 +#define MC_CMD_DUMP_CONFIGURE_UNSOLICITED_IN_DUMPFILE_DST_CUSTOM_UART_PORT_LEN 4 #define MC_CMD_DUMP_CONFIGURE_UNSOLICITED_IN_DUMPFILE_DST_CUSTOM_SIZE_OFST 48 +#define MC_CMD_DUMP_CONFIGURE_UNSOLICITED_IN_DUMPFILE_DST_CUSTOM_SIZE_LEN 4 /***********************************/ @@ -12686,17 +13165,20 @@ #define MC_CMD_SET_PSU 0xea #undef MC_CMD_0xea_PRIVILEGE_CTG -#define MC_CMD_0xea_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0xea_PRIVILEGE_CTG SRIOV_CTG_INSECURE /* MC_CMD_SET_PSU_IN msgrequest */ #define MC_CMD_SET_PSU_IN_LEN 12 #define MC_CMD_SET_PSU_IN_PARAM_OFST 0 -#define MC_CMD_SET_PSU_IN_PARAM_SUPPLY_VOLTAGE 0x0 /* enum */ +#define MC_CMD_SET_PSU_IN_PARAM_LEN 4 +#define MC_CMD_SET_PSU_IN_PARAM_SUPPLY_VOLTAGE 0x0 /* enum */ #define MC_CMD_SET_PSU_IN_RAIL_OFST 4 -#define MC_CMD_SET_PSU_IN_RAIL_0V9 0x0 /* enum */ -#define MC_CMD_SET_PSU_IN_RAIL_1V2 0x1 /* enum */ +#define MC_CMD_SET_PSU_IN_RAIL_LEN 4 +#define MC_CMD_SET_PSU_IN_RAIL_0V9 0x0 /* enum */ +#define MC_CMD_SET_PSU_IN_RAIL_1V2 0x1 /* enum */ /* desired value, eg voltage in mV */ #define MC_CMD_SET_PSU_IN_VALUE_OFST 8 +#define MC_CMD_SET_PSU_IN_VALUE_LEN 4 /* MC_CMD_SET_PSU_OUT msgresponse */ #define MC_CMD_SET_PSU_OUT_LEN 0 @@ -12717,7 +13199,9 @@ /* MC_CMD_GET_FUNCTION_INFO_OUT msgresponse */ #define MC_CMD_GET_FUNCTION_INFO_OUT_LEN 8 #define MC_CMD_GET_FUNCTION_INFO_OUT_PF_OFST 0 +#define MC_CMD_GET_FUNCTION_INFO_OUT_PF_LEN 4 #define MC_CMD_GET_FUNCTION_INFO_OUT_VF_OFST 4 +#define MC_CMD_GET_FUNCTION_INFO_OUT_VF_LEN 4 /***********************************/ @@ -12729,7 +13213,7 @@ #define MC_CMD_ENABLE_OFFLINE_BIST 0xed #undef MC_CMD_0xed_PRIVILEGE_CTG -#define MC_CMD_0xed_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0xed_PRIVILEGE_CTG SRIOV_CTG_ADMIN_TSA_UNBOUND /* MC_CMD_ENABLE_OFFLINE_BIST_IN msgrequest */ #define MC_CMD_ENABLE_OFFLINE_BIST_IN_LEN 0 @@ -12755,12 +13239,16 @@ #define MC_CMD_UART_SEND_DATA_OUT_LEN(num) (16+1*(num)) /* CRC32 over OFFSET, LENGTH, RESERVED, DATA */ #define MC_CMD_UART_SEND_DATA_OUT_CHECKSUM_OFST 0 +#define MC_CMD_UART_SEND_DATA_OUT_CHECKSUM_LEN 4 /* Offset at which to write the data */ #define MC_CMD_UART_SEND_DATA_OUT_OFFSET_OFST 4 +#define MC_CMD_UART_SEND_DATA_OUT_OFFSET_LEN 4 /* Length of data */ #define MC_CMD_UART_SEND_DATA_OUT_LENGTH_OFST 8 +#define MC_CMD_UART_SEND_DATA_OUT_LENGTH_LEN 4 /* Reserved for future use */ #define MC_CMD_UART_SEND_DATA_OUT_RESERVED_OFST 12 +#define MC_CMD_UART_SEND_DATA_OUT_RESERVED_LEN 4 #define MC_CMD_UART_SEND_DATA_OUT_DATA_OFST 16 #define MC_CMD_UART_SEND_DATA_OUT_DATA_LEN 1 #define MC_CMD_UART_SEND_DATA_OUT_DATA_MINNUM 0 @@ -12784,12 +13272,16 @@ #define MC_CMD_UART_RECV_DATA_OUT_LEN 16 /* CRC32 over OFFSET, LENGTH, RESERVED */ #define MC_CMD_UART_RECV_DATA_OUT_CHECKSUM_OFST 0 +#define MC_CMD_UART_RECV_DATA_OUT_CHECKSUM_LEN 4 /* Offset from which to read the data */ #define MC_CMD_UART_RECV_DATA_OUT_OFFSET_OFST 4 +#define MC_CMD_UART_RECV_DATA_OUT_OFFSET_LEN 4 /* Length of data */ #define MC_CMD_UART_RECV_DATA_OUT_LENGTH_OFST 8 +#define MC_CMD_UART_RECV_DATA_OUT_LENGTH_LEN 4 /* Reserved for future use */ #define MC_CMD_UART_RECV_DATA_OUT_RESERVED_OFST 12 +#define MC_CMD_UART_RECV_DATA_OUT_RESERVED_LEN 4 /* MC_CMD_UART_RECV_DATA_IN msgresponse */ #define MC_CMD_UART_RECV_DATA_IN_LENMIN 16 @@ -12797,12 +13289,16 @@ #define MC_CMD_UART_RECV_DATA_IN_LEN(num) (16+1*(num)) /* CRC32 over RESERVED1, RESERVED2, RESERVED3, DATA */ #define MC_CMD_UART_RECV_DATA_IN_CHECKSUM_OFST 0 +#define MC_CMD_UART_RECV_DATA_IN_CHECKSUM_LEN 4 /* Offset at which to write the data */ #define MC_CMD_UART_RECV_DATA_IN_RESERVED1_OFST 4 +#define MC_CMD_UART_RECV_DATA_IN_RESERVED1_LEN 4 /* Length of data */ #define MC_CMD_UART_RECV_DATA_IN_RESERVED2_OFST 8 +#define MC_CMD_UART_RECV_DATA_IN_RESERVED2_LEN 4 /* Reserved for future use */ #define MC_CMD_UART_RECV_DATA_IN_RESERVED3_OFST 12 +#define MC_CMD_UART_RECV_DATA_IN_RESERVED3_LEN 4 #define MC_CMD_UART_RECV_DATA_IN_DATA_OFST 16 #define MC_CMD_UART_RECV_DATA_IN_DATA_LEN 1 #define MC_CMD_UART_RECV_DATA_IN_DATA_MINNUM 0 @@ -12816,14 +13312,16 @@ #define MC_CMD_READ_FUSES 0xf0 #undef MC_CMD_0xf0_PRIVILEGE_CTG -#define MC_CMD_0xf0_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0xf0_PRIVILEGE_CTG SRIOV_CTG_INSECURE /* MC_CMD_READ_FUSES_IN msgrequest */ #define MC_CMD_READ_FUSES_IN_LEN 8 /* Offset in OTP to read */ #define MC_CMD_READ_FUSES_IN_OFFSET_OFST 0 +#define MC_CMD_READ_FUSES_IN_OFFSET_LEN 4 /* Length of data to read in bytes */ #define MC_CMD_READ_FUSES_IN_LENGTH_OFST 4 +#define MC_CMD_READ_FUSES_IN_LENGTH_LEN 4 /* MC_CMD_READ_FUSES_OUT msgresponse */ #define MC_CMD_READ_FUSES_OUT_LENMIN 4 @@ -12831,6 +13329,7 @@ #define MC_CMD_READ_FUSES_OUT_LEN(num) (4+1*(num)) /* Length of returned OTP data in bytes */ #define MC_CMD_READ_FUSES_OUT_LENGTH_OFST 0 +#define MC_CMD_READ_FUSES_OUT_LENGTH_LEN 4 /* Returned data */ #define MC_CMD_READ_FUSES_OUT_DATA_OFST 4 #define MC_CMD_READ_FUSES_OUT_DATA_LEN 1 @@ -12845,7 +13344,7 @@ #define MC_CMD_KR_TUNE 0xf1 #undef MC_CMD_0xf1_PRIVILEGE_CTG -#define MC_CMD_0xf1_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0xf1_PRIVILEGE_CTG SRIOV_CTG_ADMIN_TSA_UNBOUND /* MC_CMD_KR_TUNE_IN msgrequest */ #define MC_CMD_KR_TUNE_IN_LENMIN 4 @@ -12855,26 +13354,30 @@ #define MC_CMD_KR_TUNE_IN_KR_TUNE_OP_OFST 0 #define MC_CMD_KR_TUNE_IN_KR_TUNE_OP_LEN 1 /* enum: Get current RXEQ settings */ -#define MC_CMD_KR_TUNE_IN_RXEQ_GET 0x0 +#define MC_CMD_KR_TUNE_IN_RXEQ_GET 0x0 /* enum: Override RXEQ settings */ -#define MC_CMD_KR_TUNE_IN_RXEQ_SET 0x1 +#define MC_CMD_KR_TUNE_IN_RXEQ_SET 0x1 /* enum: Get current TX Driver settings */ -#define MC_CMD_KR_TUNE_IN_TXEQ_GET 0x2 +#define MC_CMD_KR_TUNE_IN_TXEQ_GET 0x2 /* enum: Override TX Driver settings */ -#define MC_CMD_KR_TUNE_IN_TXEQ_SET 0x3 +#define MC_CMD_KR_TUNE_IN_TXEQ_SET 0x3 /* enum: Force KR Serdes reset / recalibration */ -#define MC_CMD_KR_TUNE_IN_RECAL 0x4 +#define MC_CMD_KR_TUNE_IN_RECAL 0x4 /* enum: Start KR Serdes Eye diagram plot on a given lane. Lane must have valid * signal. */ -#define MC_CMD_KR_TUNE_IN_START_EYE_PLOT 0x5 +#define MC_CMD_KR_TUNE_IN_START_EYE_PLOT 0x5 /* enum: Poll KR Serdes Eye diagram plot. Returns one row of BER data. The * caller should call this command repeatedly after starting eye plot, until no * more data is returned. */ -#define MC_CMD_KR_TUNE_IN_POLL_EYE_PLOT 0x6 +#define MC_CMD_KR_TUNE_IN_POLL_EYE_PLOT 0x6 /* enum: Read Figure Of Merit (eye quality, higher is better). */ -#define MC_CMD_KR_TUNE_IN_READ_FOM 0x7 +#define MC_CMD_KR_TUNE_IN_READ_FOM 0x7 +/* enum: Start/stop link training frames */ +#define MC_CMD_KR_TUNE_IN_LINK_TRAIN_RUN 0x8 +/* enum: Issue KR link training command (control training coefficients) */ +#define MC_CMD_KR_TUNE_IN_LINK_TRAIN_CMD 0x9 /* Align the arguments to 32 bits */ #define MC_CMD_KR_TUNE_IN_KR_TUNE_RSVD_OFST 1 #define MC_CMD_KR_TUNE_IN_KR_TUNE_RSVD_LEN 3 @@ -12908,44 +13411,98 @@ #define MC_CMD_KR_TUNE_RXEQ_GET_OUT_PARAM_ID_LBN 0 #define MC_CMD_KR_TUNE_RXEQ_GET_OUT_PARAM_ID_WIDTH 8 /* enum: Attenuation (0-15, Huntington) */ -#define MC_CMD_KR_TUNE_RXEQ_GET_OUT_ATT 0x0 +#define MC_CMD_KR_TUNE_RXEQ_GET_OUT_ATT 0x0 /* enum: CTLE Boost (0-15, Huntington) */ -#define MC_CMD_KR_TUNE_RXEQ_GET_OUT_BOOST 0x1 +#define MC_CMD_KR_TUNE_RXEQ_GET_OUT_BOOST 0x1 /* enum: Edge DFE Tap1 (Huntington - 0 - max negative, 64 - zero, 127 - max * positive, Medford - 0-31) */ -#define MC_CMD_KR_TUNE_RXEQ_GET_OUT_EDFE_TAP1 0x2 +#define MC_CMD_KR_TUNE_RXEQ_GET_OUT_EDFE_TAP1 0x2 /* enum: Edge DFE Tap2 (Huntington - 0 - max negative, 32 - zero, 63 - max * positive, Medford - 0-31) */ -#define MC_CMD_KR_TUNE_RXEQ_GET_OUT_EDFE_TAP2 0x3 +#define MC_CMD_KR_TUNE_RXEQ_GET_OUT_EDFE_TAP2 0x3 /* enum: Edge DFE Tap3 (Huntington - 0 - max negative, 32 - zero, 63 - max * positive, Medford - 0-16) */ -#define MC_CMD_KR_TUNE_RXEQ_GET_OUT_EDFE_TAP3 0x4 +#define MC_CMD_KR_TUNE_RXEQ_GET_OUT_EDFE_TAP3 0x4 /* enum: Edge DFE Tap4 (Huntington - 0 - max negative, 32 - zero, 63 - max * positive, Medford - 0-16) */ -#define MC_CMD_KR_TUNE_RXEQ_GET_OUT_EDFE_TAP4 0x5 +#define MC_CMD_KR_TUNE_RXEQ_GET_OUT_EDFE_TAP4 0x5 /* enum: Edge DFE Tap5 (Huntington - 0 - max negative, 32 - zero, 63 - max * positive, Medford - 0-16) */ -#define MC_CMD_KR_TUNE_RXEQ_GET_OUT_EDFE_TAP5 0x6 +#define MC_CMD_KR_TUNE_RXEQ_GET_OUT_EDFE_TAP5 0x6 /* enum: Edge DFE DLEV (0-128 for Medford) */ -#define MC_CMD_KR_TUNE_RXEQ_GET_OUT_EDFE_DLEV 0x7 +#define MC_CMD_KR_TUNE_RXEQ_GET_OUT_EDFE_DLEV 0x7 /* enum: Variable Gain Amplifier (0-15, Medford) */ -#define MC_CMD_KR_TUNE_RXEQ_GET_OUT_VGA 0x8 +#define MC_CMD_KR_TUNE_RXEQ_GET_OUT_VGA 0x8 /* enum: CTLE EQ Capacitor (0-15, Medford) */ -#define MC_CMD_KR_TUNE_RXEQ_GET_OUT_CTLE_EQC 0x9 +#define MC_CMD_KR_TUNE_RXEQ_GET_OUT_CTLE_EQC 0x9 /* enum: CTLE EQ Resistor (0-7, Medford) */ -#define MC_CMD_KR_TUNE_RXEQ_GET_OUT_CTLE_EQRES 0xa +#define MC_CMD_KR_TUNE_RXEQ_GET_OUT_CTLE_EQRES 0xa +/* enum: CTLE gain (0-31, Medford2) */ +#define MC_CMD_KR_TUNE_RXEQ_GET_OUT_CTLE_GAIN 0xb +/* enum: CTLE pole (0-31, Medford2) */ +#define MC_CMD_KR_TUNE_RXEQ_GET_OUT_CTLE_POLE 0xc +/* enum: CTLE peaking (0-31, Medford2) */ +#define MC_CMD_KR_TUNE_RXEQ_GET_OUT_CTLE_PEAK 0xd +/* enum: DFE Tap1 - even path (Medford2 - 6 bit signed (-29 - +29)) */ +#define MC_CMD_KR_TUNE_RXEQ_GET_OUT_DFE_TAP1_EVEN 0xe +/* enum: DFE Tap1 - odd path (Medford2 - 6 bit signed (-29 - +29)) */ +#define MC_CMD_KR_TUNE_RXEQ_GET_OUT_DFE_TAP1_ODD 0xf +/* enum: DFE Tap2 (Medford2 - 6 bit signed (-20 - +20)) */ +#define MC_CMD_KR_TUNE_RXEQ_GET_OUT_DFE_TAP2 0x10 +/* enum: DFE Tap3 (Medford2 - 6 bit signed (-20 - +20)) */ +#define MC_CMD_KR_TUNE_RXEQ_GET_OUT_DFE_TAP3 0x11 +/* enum: DFE Tap4 (Medford2 - 6 bit signed (-20 - +20)) */ +#define MC_CMD_KR_TUNE_RXEQ_GET_OUT_DFE_TAP4 0x12 +/* enum: DFE Tap5 (Medford2 - 6 bit signed (-24 - +24)) */ +#define MC_CMD_KR_TUNE_RXEQ_GET_OUT_DFE_TAP5 0x13 +/* enum: DFE Tap6 (Medford2 - 6 bit signed (-24 - +24)) */ +#define MC_CMD_KR_TUNE_RXEQ_GET_OUT_DFE_TAP6 0x14 +/* enum: DFE Tap7 (Medford2 - 6 bit signed (-24 - +24)) */ +#define MC_CMD_KR_TUNE_RXEQ_GET_OUT_DFE_TAP7 0x15 +/* enum: DFE Tap8 (Medford2 - 6 bit signed (-24 - +24)) */ +#define MC_CMD_KR_TUNE_RXEQ_GET_OUT_DFE_TAP8 0x16 +/* enum: DFE Tap9 (Medford2 - 6 bit signed (-24 - +24)) */ +#define MC_CMD_KR_TUNE_RXEQ_GET_OUT_DFE_TAP9 0x17 +/* enum: DFE Tap10 (Medford2 - 6 bit signed (-24 - +24)) */ +#define MC_CMD_KR_TUNE_RXEQ_GET_OUT_DFE_TAP10 0x18 +/* enum: DFE Tap11 (Medford2 - 6 bit signed (-24 - +24)) */ +#define MC_CMD_KR_TUNE_RXEQ_GET_OUT_DFE_TAP11 0x19 +/* enum: DFE Tap12 (Medford2 - 6 bit signed (-24 - +24)) */ +#define MC_CMD_KR_TUNE_RXEQ_GET_OUT_DFE_TAP12 0x1a +/* enum: I/Q clk offset (Medford2 - 4 bit signed (-5 - +5))) */ +#define MC_CMD_KR_TUNE_RXEQ_GET_OUT_IQ_OFF 0x1b +/* enum: Negative h1 polarity data sampler offset calibration code, even path + * (Medford2 - 6 bit signed (-29 - +29))) + */ +#define MC_CMD_KR_TUNE_RXEQ_GET_OUT_H1N_OFF_EVEN 0x1c +/* enum: Negative h1 polarity data sampler offset calibration code, odd path + * (Medford2 - 6 bit signed (-29 - +29))) + */ +#define MC_CMD_KR_TUNE_RXEQ_GET_OUT_H1N_OFF_ODD 0x1d +/* enum: Positive h1 polarity data sampler offset calibration code, even path + * (Medford2 - 6 bit signed (-29 - +29))) + */ +#define MC_CMD_KR_TUNE_RXEQ_GET_OUT_H1P_OFF_EVEN 0x1e +/* enum: Positive h1 polarity data sampler offset calibration code, odd path + * (Medford2 - 6 bit signed (-29 - +29))) + */ +#define MC_CMD_KR_TUNE_RXEQ_GET_OUT_H1P_OFF_ODD 0x1f +/* enum: CDR calibration loop code (Medford2) */ +#define MC_CMD_KR_TUNE_RXEQ_GET_OUT_CDR_PVT 0x20 +/* enum: CDR integral loop code (Medford2) */ +#define MC_CMD_KR_TUNE_RXEQ_GET_OUT_CDR_INTEG 0x21 #define MC_CMD_KR_TUNE_RXEQ_GET_OUT_PARAM_LANE_LBN 8 #define MC_CMD_KR_TUNE_RXEQ_GET_OUT_PARAM_LANE_WIDTH 3 -#define MC_CMD_KR_TUNE_RXEQ_GET_OUT_LANE_0 0x0 /* enum */ -#define MC_CMD_KR_TUNE_RXEQ_GET_OUT_LANE_1 0x1 /* enum */ -#define MC_CMD_KR_TUNE_RXEQ_GET_OUT_LANE_2 0x2 /* enum */ -#define MC_CMD_KR_TUNE_RXEQ_GET_OUT_LANE_3 0x3 /* enum */ -#define MC_CMD_KR_TUNE_RXEQ_GET_OUT_LANE_ALL 0x4 /* enum */ +#define MC_CMD_KR_TUNE_RXEQ_GET_OUT_LANE_0 0x0 /* enum */ +#define MC_CMD_KR_TUNE_RXEQ_GET_OUT_LANE_1 0x1 /* enum */ +#define MC_CMD_KR_TUNE_RXEQ_GET_OUT_LANE_2 0x2 /* enum */ +#define MC_CMD_KR_TUNE_RXEQ_GET_OUT_LANE_3 0x3 /* enum */ +#define MC_CMD_KR_TUNE_RXEQ_GET_OUT_LANE_ALL 0x4 /* enum */ #define MC_CMD_KR_TUNE_RXEQ_GET_OUT_PARAM_AUTOCAL_LBN 11 #define MC_CMD_KR_TUNE_RXEQ_GET_OUT_PARAM_AUTOCAL_WIDTH 1 #define MC_CMD_KR_TUNE_RXEQ_GET_OUT_RESERVED_LBN 12 @@ -13010,39 +13567,39 @@ #define MC_CMD_KR_TUNE_TXEQ_GET_OUT_PARAM_MAXNUM 63 #define MC_CMD_KR_TUNE_TXEQ_GET_OUT_PARAM_ID_LBN 0 #define MC_CMD_KR_TUNE_TXEQ_GET_OUT_PARAM_ID_WIDTH 8 -/* enum: TX Amplitude (Huntington, Medford) */ -#define MC_CMD_KR_TUNE_TXEQ_GET_OUT_TX_LEV 0x0 +/* enum: TX Amplitude (Huntington, Medford, Medford2) */ +#define MC_CMD_KR_TUNE_TXEQ_GET_OUT_TX_LEV 0x0 /* enum: De-Emphasis Tap1 Magnitude (0-7) (Huntington) */ -#define MC_CMD_KR_TUNE_TXEQ_GET_OUT_TX_MODE 0x1 +#define MC_CMD_KR_TUNE_TXEQ_GET_OUT_TX_MODE 0x1 /* enum: De-Emphasis Tap1 Fine */ -#define MC_CMD_KR_TUNE_TXEQ_GET_OUT_TX_DTLEV 0x2 +#define MC_CMD_KR_TUNE_TXEQ_GET_OUT_TX_DTLEV 0x2 /* enum: De-Emphasis Tap2 Magnitude (0-6) (Huntington) */ -#define MC_CMD_KR_TUNE_TXEQ_GET_OUT_TX_D2 0x3 +#define MC_CMD_KR_TUNE_TXEQ_GET_OUT_TX_D2 0x3 /* enum: De-Emphasis Tap2 Fine (Huntington) */ -#define MC_CMD_KR_TUNE_TXEQ_GET_OUT_TX_D2TLEV 0x4 +#define MC_CMD_KR_TUNE_TXEQ_GET_OUT_TX_D2TLEV 0x4 /* enum: Pre-Emphasis Magnitude (Huntington) */ -#define MC_CMD_KR_TUNE_TXEQ_GET_OUT_TX_E 0x5 +#define MC_CMD_KR_TUNE_TXEQ_GET_OUT_TX_E 0x5 /* enum: Pre-Emphasis Fine (Huntington) */ -#define MC_CMD_KR_TUNE_TXEQ_GET_OUT_TX_ETLEV 0x6 +#define MC_CMD_KR_TUNE_TXEQ_GET_OUT_TX_ETLEV 0x6 /* enum: TX Slew Rate Coarse control (Huntington) */ -#define MC_CMD_KR_TUNE_TXEQ_GET_OUT_TX_PREDRV_DLY 0x7 +#define MC_CMD_KR_TUNE_TXEQ_GET_OUT_TX_PREDRV_DLY 0x7 /* enum: TX Slew Rate Fine control (Huntington) */ -#define MC_CMD_KR_TUNE_TXEQ_GET_OUT_TX_SR_SET 0x8 +#define MC_CMD_KR_TUNE_TXEQ_GET_OUT_TX_SR_SET 0x8 /* enum: TX Termination Impedance control (Huntington) */ -#define MC_CMD_KR_TUNE_TXEQ_GET_OUT_TX_RT_SET 0x9 +#define MC_CMD_KR_TUNE_TXEQ_GET_OUT_TX_RT_SET 0x9 /* enum: TX Amplitude Fine control (Medford) */ -#define MC_CMD_KR_TUNE_TXEQ_GET_OUT_TX_LEV_FINE 0xa -/* enum: Pre-shoot Tap (Medford) */ -#define MC_CMD_KR_TUNE_TXEQ_GET_OUT_TAP_ADV 0xb -/* enum: De-emphasis Tap (Medford) */ -#define MC_CMD_KR_TUNE_TXEQ_GET_OUT_TAP_DLY 0xc +#define MC_CMD_KR_TUNE_TXEQ_GET_OUT_TX_LEV_FINE 0xa +/* enum: Pre-shoot Tap (Medford, Medford2) */ +#define MC_CMD_KR_TUNE_TXEQ_GET_OUT_TAP_ADV 0xb +/* enum: De-emphasis Tap (Medford, Medford2) */ +#define MC_CMD_KR_TUNE_TXEQ_GET_OUT_TAP_DLY 0xc #define MC_CMD_KR_TUNE_TXEQ_GET_OUT_PARAM_LANE_LBN 8 #define MC_CMD_KR_TUNE_TXEQ_GET_OUT_PARAM_LANE_WIDTH 3 -#define MC_CMD_KR_TUNE_TXEQ_GET_OUT_LANE_0 0x0 /* enum */ -#define MC_CMD_KR_TUNE_TXEQ_GET_OUT_LANE_1 0x1 /* enum */ -#define MC_CMD_KR_TUNE_TXEQ_GET_OUT_LANE_2 0x2 /* enum */ -#define MC_CMD_KR_TUNE_TXEQ_GET_OUT_LANE_3 0x3 /* enum */ -#define MC_CMD_KR_TUNE_TXEQ_GET_OUT_LANE_ALL 0x4 /* enum */ +#define MC_CMD_KR_TUNE_TXEQ_GET_OUT_LANE_0 0x0 /* enum */ +#define MC_CMD_KR_TUNE_TXEQ_GET_OUT_LANE_1 0x1 /* enum */ +#define MC_CMD_KR_TUNE_TXEQ_GET_OUT_LANE_2 0x2 /* enum */ +#define MC_CMD_KR_TUNE_TXEQ_GET_OUT_LANE_3 0x3 /* enum */ +#define MC_CMD_KR_TUNE_TXEQ_GET_OUT_LANE_ALL 0x4 /* enum */ #define MC_CMD_KR_TUNE_TXEQ_GET_OUT_RESERVED_LBN 11 #define MC_CMD_KR_TUNE_TXEQ_GET_OUT_RESERVED_WIDTH 5 #define MC_CMD_KR_TUNE_TXEQ_GET_OUT_PARAM_INITIAL_LBN 16 @@ -13103,7 +13660,27 @@ /* Align the arguments to 32 bits */ #define MC_CMD_KR_TUNE_START_EYE_PLOT_IN_KR_TUNE_RSVD_OFST 1 #define MC_CMD_KR_TUNE_START_EYE_PLOT_IN_KR_TUNE_RSVD_LEN 3 +/* Port-relative lane to scan eye on */ #define MC_CMD_KR_TUNE_START_EYE_PLOT_IN_LANE_OFST 4 +#define MC_CMD_KR_TUNE_START_EYE_PLOT_IN_LANE_LEN 4 + +/* MC_CMD_KR_TUNE_START_EYE_PLOT_V2_IN msgrequest */ +#define MC_CMD_KR_TUNE_START_EYE_PLOT_V2_IN_LEN 12 +/* Requested operation */ +#define MC_CMD_KR_TUNE_START_EYE_PLOT_V2_IN_KR_TUNE_OP_OFST 0 +#define MC_CMD_KR_TUNE_START_EYE_PLOT_V2_IN_KR_TUNE_OP_LEN 1 +/* Align the arguments to 32 bits */ +#define MC_CMD_KR_TUNE_START_EYE_PLOT_V2_IN_KR_TUNE_RSVD_OFST 1 +#define MC_CMD_KR_TUNE_START_EYE_PLOT_V2_IN_KR_TUNE_RSVD_LEN 3 +#define MC_CMD_KR_TUNE_START_EYE_PLOT_V2_IN_LANE_OFST 4 +#define MC_CMD_KR_TUNE_START_EYE_PLOT_V2_IN_LANE_LEN 4 +#define MC_CMD_KR_TUNE_START_EYE_PLOT_V2_IN_LANE_NUM_LBN 0 +#define MC_CMD_KR_TUNE_START_EYE_PLOT_V2_IN_LANE_NUM_WIDTH 8 +#define MC_CMD_KR_TUNE_START_EYE_PLOT_V2_IN_LANE_ABS_REL_LBN 31 +#define MC_CMD_KR_TUNE_START_EYE_PLOT_V2_IN_LANE_ABS_REL_WIDTH 1 +/* Scan duration / cycle count */ +#define MC_CMD_KR_TUNE_START_EYE_PLOT_V2_IN_BER_OFST 8 +#define MC_CMD_KR_TUNE_START_EYE_PLOT_V2_IN_BER_LEN 4 /* MC_CMD_KR_TUNE_START_EYE_PLOT_OUT msgresponse */ #define MC_CMD_KR_TUNE_START_EYE_PLOT_OUT_LEN 0 @@ -13135,10 +13712,91 @@ #define MC_CMD_KR_TUNE_READ_FOM_IN_KR_TUNE_RSVD_OFST 1 #define MC_CMD_KR_TUNE_READ_FOM_IN_KR_TUNE_RSVD_LEN 3 #define MC_CMD_KR_TUNE_READ_FOM_IN_LANE_OFST 4 +#define MC_CMD_KR_TUNE_READ_FOM_IN_LANE_LEN 4 +#define MC_CMD_KR_TUNE_READ_FOM_IN_LANE_NUM_LBN 0 +#define MC_CMD_KR_TUNE_READ_FOM_IN_LANE_NUM_WIDTH 8 +#define MC_CMD_KR_TUNE_READ_FOM_IN_LANE_ABS_REL_LBN 31 +#define MC_CMD_KR_TUNE_READ_FOM_IN_LANE_ABS_REL_WIDTH 1 /* MC_CMD_KR_TUNE_READ_FOM_OUT msgresponse */ #define MC_CMD_KR_TUNE_READ_FOM_OUT_LEN 4 #define MC_CMD_KR_TUNE_READ_FOM_OUT_FOM_OFST 0 +#define MC_CMD_KR_TUNE_READ_FOM_OUT_FOM_LEN 4 + +/* MC_CMD_KR_TUNE_LINK_TRAIN_RUN_IN msgrequest */ +#define MC_CMD_KR_TUNE_LINK_TRAIN_RUN_IN_LEN 8 +/* Requested operation */ +#define MC_CMD_KR_TUNE_LINK_TRAIN_RUN_IN_KR_TUNE_OP_OFST 0 +#define MC_CMD_KR_TUNE_LINK_TRAIN_RUN_IN_KR_TUNE_OP_LEN 1 +/* Align the arguments to 32 bits */ +#define MC_CMD_KR_TUNE_LINK_TRAIN_RUN_IN_KR_TUNE_RSVD_OFST 1 +#define MC_CMD_KR_TUNE_LINK_TRAIN_RUN_IN_KR_TUNE_RSVD_LEN 3 +#define MC_CMD_KR_TUNE_LINK_TRAIN_RUN_IN_RUN_OFST 4 +#define MC_CMD_KR_TUNE_LINK_TRAIN_RUN_IN_RUN_LEN 4 +#define MC_CMD_KR_TUNE_LINK_TRAIN_RUN_IN_STOP 0x0 /* enum */ +#define MC_CMD_KR_TUNE_LINK_TRAIN_RUN_IN_START 0x1 /* enum */ + +/* MC_CMD_KR_TUNE_LINK_TRAIN_CMD_IN msgrequest */ +#define MC_CMD_KR_TUNE_LINK_TRAIN_CMD_IN_LEN 28 +/* Requested operation */ +#define MC_CMD_KR_TUNE_LINK_TRAIN_CMD_IN_KR_TUNE_OP_OFST 0 +#define MC_CMD_KR_TUNE_LINK_TRAIN_CMD_IN_KR_TUNE_OP_LEN 1 +/* Align the arguments to 32 bits */ +#define MC_CMD_KR_TUNE_LINK_TRAIN_CMD_IN_KR_TUNE_RSVD_OFST 1 +#define MC_CMD_KR_TUNE_LINK_TRAIN_CMD_IN_KR_TUNE_RSVD_LEN 3 +#define MC_CMD_KR_TUNE_LINK_TRAIN_CMD_IN_LANE_OFST 4 +#define MC_CMD_KR_TUNE_LINK_TRAIN_CMD_IN_LANE_LEN 4 +/* Set INITIALIZE state */ +#define MC_CMD_KR_TUNE_LINK_TRAIN_CMD_IN_INITIALIZE_OFST 8 +#define MC_CMD_KR_TUNE_LINK_TRAIN_CMD_IN_INITIALIZE_LEN 4 +/* Set PRESET state */ +#define MC_CMD_KR_TUNE_LINK_TRAIN_CMD_IN_PRESET_OFST 12 +#define MC_CMD_KR_TUNE_LINK_TRAIN_CMD_IN_PRESET_LEN 4 +/* C(-1) request */ +#define MC_CMD_KR_TUNE_LINK_TRAIN_CMD_IN_CM1_OFST 16 +#define MC_CMD_KR_TUNE_LINK_TRAIN_CMD_IN_CM1_LEN 4 +#define MC_CMD_KR_TUNE_LINK_TRAIN_CMD_IN_REQ_HOLD 0x0 /* enum */ +#define MC_CMD_KR_TUNE_LINK_TRAIN_CMD_IN_REQ_INCREMENT 0x1 /* enum */ +#define MC_CMD_KR_TUNE_LINK_TRAIN_CMD_IN_REQ_DECREMENT 0x2 /* enum */ +/* C(0) request */ +#define MC_CMD_KR_TUNE_LINK_TRAIN_CMD_IN_C0_OFST 20 +#define MC_CMD_KR_TUNE_LINK_TRAIN_CMD_IN_C0_LEN 4 +/* Enum values, see field(s): */ +/* MC_CMD_KR_TUNE_LINK_TRAIN_CMD_IN/CM1 */ +/* C(+1) request */ +#define MC_CMD_KR_TUNE_LINK_TRAIN_CMD_IN_CP1_OFST 24 +#define MC_CMD_KR_TUNE_LINK_TRAIN_CMD_IN_CP1_LEN 4 +/* Enum values, see field(s): */ +/* MC_CMD_KR_TUNE_LINK_TRAIN_CMD_IN/CM1 */ + +/* MC_CMD_KR_TUNE_LINK_TRAIN_CMD_OUT msgresponse */ +#define MC_CMD_KR_TUNE_LINK_TRAIN_CMD_OUT_LEN 24 +/* C(-1) status */ +#define MC_CMD_KR_TUNE_LINK_TRAIN_CMD_OUT_CM1_STATUS_OFST 0 +#define MC_CMD_KR_TUNE_LINK_TRAIN_CMD_OUT_CM1_STATUS_LEN 4 +#define MC_CMD_KR_TUNE_LINK_TRAIN_CMD_OUT_STATUS_NOT_UPDATED 0x0 /* enum */ +#define MC_CMD_KR_TUNE_LINK_TRAIN_CMD_OUT_STATUS_UPDATED 0x1 /* enum */ +#define MC_CMD_KR_TUNE_LINK_TRAIN_CMD_OUT_STATUS_MINIMUM 0x2 /* enum */ +#define MC_CMD_KR_TUNE_LINK_TRAIN_CMD_OUT_STATUS_MAXIMUM 0x3 /* enum */ +/* C(0) status */ +#define MC_CMD_KR_TUNE_LINK_TRAIN_CMD_OUT_C0_STATUS_OFST 4 +#define MC_CMD_KR_TUNE_LINK_TRAIN_CMD_OUT_C0_STATUS_LEN 4 +/* Enum values, see field(s): */ +/* MC_CMD_KR_TUNE_LINK_TRAIN_CMD_IN/CM1 */ +/* C(+1) status */ +#define MC_CMD_KR_TUNE_LINK_TRAIN_CMD_OUT_CP1_STATUS_OFST 8 +#define MC_CMD_KR_TUNE_LINK_TRAIN_CMD_OUT_CP1_STATUS_LEN 4 +/* Enum values, see field(s): */ +/* MC_CMD_KR_TUNE_LINK_TRAIN_CMD_IN/CM1 */ +/* C(-1) value */ +#define MC_CMD_KR_TUNE_LINK_TRAIN_CMD_OUT_CM1_VALUE_OFST 12 +#define MC_CMD_KR_TUNE_LINK_TRAIN_CMD_OUT_CM1_VALUE_LEN 4 +/* C(0) value */ +#define MC_CMD_KR_TUNE_LINK_TRAIN_CMD_OUT_C0_VALUE_OFST 16 +#define MC_CMD_KR_TUNE_LINK_TRAIN_CMD_OUT_C0_VALUE_LEN 4 +/* C(+1) status */ +#define MC_CMD_KR_TUNE_LINK_TRAIN_CMD_OUT_CP1_VALUE_OFST 20 +#define MC_CMD_KR_TUNE_LINK_TRAIN_CMD_OUT_CP1_VALUE_LEN 4 /***********************************/ @@ -13148,7 +13806,7 @@ #define MC_CMD_PCIE_TUNE 0xf2 #undef MC_CMD_0xf2_PRIVILEGE_CTG -#define MC_CMD_0xf2_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0xf2_PRIVILEGE_CTG SRIOV_CTG_ADMIN_TSA_UNBOUND /* MC_CMD_PCIE_TUNE_IN msgrequest */ #define MC_CMD_PCIE_TUNE_IN_LENMIN 4 @@ -13158,22 +13816,22 @@ #define MC_CMD_PCIE_TUNE_IN_PCIE_TUNE_OP_OFST 0 #define MC_CMD_PCIE_TUNE_IN_PCIE_TUNE_OP_LEN 1 /* enum: Get current RXEQ settings */ -#define MC_CMD_PCIE_TUNE_IN_RXEQ_GET 0x0 +#define MC_CMD_PCIE_TUNE_IN_RXEQ_GET 0x0 /* enum: Override RXEQ settings */ -#define MC_CMD_PCIE_TUNE_IN_RXEQ_SET 0x1 +#define MC_CMD_PCIE_TUNE_IN_RXEQ_SET 0x1 /* enum: Get current TX Driver settings */ -#define MC_CMD_PCIE_TUNE_IN_TXEQ_GET 0x2 +#define MC_CMD_PCIE_TUNE_IN_TXEQ_GET 0x2 /* enum: Override TX Driver settings */ -#define MC_CMD_PCIE_TUNE_IN_TXEQ_SET 0x3 +#define MC_CMD_PCIE_TUNE_IN_TXEQ_SET 0x3 /* enum: Start PCIe Serdes Eye diagram plot on a given lane. */ -#define MC_CMD_PCIE_TUNE_IN_START_EYE_PLOT 0x5 +#define MC_CMD_PCIE_TUNE_IN_START_EYE_PLOT 0x5 /* enum: Poll PCIe Serdes Eye diagram plot. Returns one row of BER data. The * caller should call this command repeatedly after starting eye plot, until no * more data is returned. */ -#define MC_CMD_PCIE_TUNE_IN_POLL_EYE_PLOT 0x6 +#define MC_CMD_PCIE_TUNE_IN_POLL_EYE_PLOT 0x6 /* enum: Enable the SERDES BIST and set it to generate a 200MHz square wave */ -#define MC_CMD_PCIE_TUNE_IN_BIST_SQUARE_WAVE 0x7 +#define MC_CMD_PCIE_TUNE_IN_BIST_SQUARE_WAVE 0x7 /* Align the arguments to 32 bits */ #define MC_CMD_PCIE_TUNE_IN_PCIE_TUNE_RSVD_OFST 1 #define MC_CMD_PCIE_TUNE_IN_PCIE_TUNE_RSVD_LEN 3 @@ -13207,46 +13865,46 @@ #define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_PARAM_ID_LBN 0 #define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_PARAM_ID_WIDTH 8 /* enum: Attenuation (0-15) */ -#define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_ATT 0x0 +#define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_ATT 0x0 /* enum: CTLE Boost (0-15) */ -#define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_BOOST 0x1 +#define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_BOOST 0x1 /* enum: DFE Tap1 (0 - max negative, 64 - zero, 127 - max positive) */ -#define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_DFE_TAP1 0x2 +#define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_DFE_TAP1 0x2 /* enum: DFE Tap2 (0 - max negative, 32 - zero, 63 - max positive) */ -#define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_DFE_TAP2 0x3 +#define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_DFE_TAP2 0x3 /* enum: DFE Tap3 (0 - max negative, 32 - zero, 63 - max positive) */ -#define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_DFE_TAP3 0x4 +#define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_DFE_TAP3 0x4 /* enum: DFE Tap4 (0 - max negative, 32 - zero, 63 - max positive) */ -#define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_DFE_TAP4 0x5 +#define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_DFE_TAP4 0x5 /* enum: DFE Tap5 (0 - max negative, 32 - zero, 63 - max positive) */ -#define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_DFE_TAP5 0x6 +#define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_DFE_TAP5 0x6 /* enum: DFE DLev */ -#define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_DFE_DLEV 0x7 +#define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_DFE_DLEV 0x7 /* enum: Figure of Merit */ -#define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_FOM 0x8 +#define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_FOM 0x8 /* enum: CTLE EQ Capacitor (HF Gain) */ -#define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_CTLE_EQC 0x9 +#define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_CTLE_EQC 0x9 /* enum: CTLE EQ Resistor (DC Gain) */ -#define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_CTLE_EQRES 0xa +#define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_CTLE_EQRES 0xa #define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_PARAM_LANE_LBN 8 #define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_PARAM_LANE_WIDTH 5 -#define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_LANE_0 0x0 /* enum */ -#define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_LANE_1 0x1 /* enum */ -#define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_LANE_2 0x2 /* enum */ -#define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_LANE_3 0x3 /* enum */ -#define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_LANE_4 0x4 /* enum */ -#define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_LANE_5 0x5 /* enum */ -#define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_LANE_6 0x6 /* enum */ -#define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_LANE_7 0x7 /* enum */ -#define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_LANE_8 0x8 /* enum */ -#define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_LANE_9 0x9 /* enum */ -#define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_LANE_10 0xa /* enum */ -#define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_LANE_11 0xb /* enum */ -#define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_LANE_12 0xc /* enum */ -#define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_LANE_13 0xd /* enum */ -#define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_LANE_14 0xe /* enum */ -#define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_LANE_15 0xf /* enum */ -#define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_LANE_ALL 0x10 /* enum */ +#define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_LANE_0 0x0 /* enum */ +#define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_LANE_1 0x1 /* enum */ +#define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_LANE_2 0x2 /* enum */ +#define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_LANE_3 0x3 /* enum */ +#define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_LANE_4 0x4 /* enum */ +#define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_LANE_5 0x5 /* enum */ +#define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_LANE_6 0x6 /* enum */ +#define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_LANE_7 0x7 /* enum */ +#define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_LANE_8 0x8 /* enum */ +#define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_LANE_9 0x9 /* enum */ +#define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_LANE_10 0xa /* enum */ +#define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_LANE_11 0xb /* enum */ +#define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_LANE_12 0xc /* enum */ +#define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_LANE_13 0xd /* enum */ +#define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_LANE_14 0xe /* enum */ +#define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_LANE_15 0xf /* enum */ +#define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_LANE_ALL 0x10 /* enum */ #define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_PARAM_AUTOCAL_LBN 13 #define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_PARAM_AUTOCAL_WIDTH 1 #define MC_CMD_PCIE_TUNE_RXEQ_GET_OUT_RESERVED_LBN 14 @@ -13310,15 +13968,15 @@ #define MC_CMD_PCIE_TUNE_TXEQ_GET_OUT_PARAM_ID_LBN 0 #define MC_CMD_PCIE_TUNE_TXEQ_GET_OUT_PARAM_ID_WIDTH 8 /* enum: TxMargin (PIPE) */ -#define MC_CMD_PCIE_TUNE_TXEQ_GET_OUT_TXMARGIN 0x0 +#define MC_CMD_PCIE_TUNE_TXEQ_GET_OUT_TXMARGIN 0x0 /* enum: TxSwing (PIPE) */ -#define MC_CMD_PCIE_TUNE_TXEQ_GET_OUT_TXSWING 0x1 +#define MC_CMD_PCIE_TUNE_TXEQ_GET_OUT_TXSWING 0x1 /* enum: De-emphasis coefficient C(-1) (PIPE) */ -#define MC_CMD_PCIE_TUNE_TXEQ_GET_OUT_CM1 0x2 +#define MC_CMD_PCIE_TUNE_TXEQ_GET_OUT_CM1 0x2 /* enum: De-emphasis coefficient C(0) (PIPE) */ -#define MC_CMD_PCIE_TUNE_TXEQ_GET_OUT_C0 0x3 +#define MC_CMD_PCIE_TUNE_TXEQ_GET_OUT_C0 0x3 /* enum: De-emphasis coefficient C(+1) (PIPE) */ -#define MC_CMD_PCIE_TUNE_TXEQ_GET_OUT_CP1 0x4 +#define MC_CMD_PCIE_TUNE_TXEQ_GET_OUT_CP1 0x4 #define MC_CMD_PCIE_TUNE_TXEQ_GET_OUT_PARAM_LANE_LBN 8 #define MC_CMD_PCIE_TUNE_TXEQ_GET_OUT_PARAM_LANE_WIDTH 4 /* Enum values, see field(s): */ @@ -13337,6 +13995,7 @@ #define MC_CMD_PCIE_TUNE_START_EYE_PLOT_IN_PCIE_TUNE_RSVD_OFST 1 #define MC_CMD_PCIE_TUNE_START_EYE_PLOT_IN_PCIE_TUNE_RSVD_LEN 3 #define MC_CMD_PCIE_TUNE_START_EYE_PLOT_IN_LANE_OFST 4 +#define MC_CMD_PCIE_TUNE_START_EYE_PLOT_IN_LANE_LEN 4 /* MC_CMD_PCIE_TUNE_START_EYE_PLOT_OUT msgresponse */ #define MC_CMD_PCIE_TUNE_START_EYE_PLOT_OUT_LEN 0 @@ -13380,38 +14039,46 @@ #define MC_CMD_LICENSING_IN_LEN 4 /* identifies the type of operation requested */ #define MC_CMD_LICENSING_IN_OP_OFST 0 +#define MC_CMD_LICENSING_IN_OP_LEN 4 /* enum: re-read and apply licenses after a license key partition update; note * that this operation returns a zero-length response */ -#define MC_CMD_LICENSING_IN_OP_UPDATE_LICENSE 0x0 +#define MC_CMD_LICENSING_IN_OP_UPDATE_LICENSE 0x0 /* enum: report counts of installed licenses */ -#define MC_CMD_LICENSING_IN_OP_GET_KEY_STATS 0x1 +#define MC_CMD_LICENSING_IN_OP_GET_KEY_STATS 0x1 /* MC_CMD_LICENSING_OUT msgresponse */ #define MC_CMD_LICENSING_OUT_LEN 28 /* count of application keys which are valid */ #define MC_CMD_LICENSING_OUT_VALID_APP_KEYS_OFST 0 +#define MC_CMD_LICENSING_OUT_VALID_APP_KEYS_LEN 4 /* sum of UNVERIFIABLE_APP_KEYS + WRONG_NODE_APP_KEYS (for compatibility with * MC_CMD_FC_OP_LICENSE) */ #define MC_CMD_LICENSING_OUT_INVALID_APP_KEYS_OFST 4 +#define MC_CMD_LICENSING_OUT_INVALID_APP_KEYS_LEN 4 /* count of application keys which are invalid due to being blacklisted */ #define MC_CMD_LICENSING_OUT_BLACKLISTED_APP_KEYS_OFST 8 +#define MC_CMD_LICENSING_OUT_BLACKLISTED_APP_KEYS_LEN 4 /* count of application keys which are invalid due to being unverifiable */ #define MC_CMD_LICENSING_OUT_UNVERIFIABLE_APP_KEYS_OFST 12 +#define MC_CMD_LICENSING_OUT_UNVERIFIABLE_APP_KEYS_LEN 4 /* count of application keys which are invalid due to being for the wrong node */ #define MC_CMD_LICENSING_OUT_WRONG_NODE_APP_KEYS_OFST 16 +#define MC_CMD_LICENSING_OUT_WRONG_NODE_APP_KEYS_LEN 4 /* licensing state (for diagnostics; the exact meaning of the bits in this * field are private to the firmware) */ #define MC_CMD_LICENSING_OUT_LICENSING_STATE_OFST 20 +#define MC_CMD_LICENSING_OUT_LICENSING_STATE_LEN 4 /* licensing subsystem self-test report (for manftest) */ #define MC_CMD_LICENSING_OUT_LICENSING_SELF_TEST_OFST 24 +#define MC_CMD_LICENSING_OUT_LICENSING_SELF_TEST_LEN 4 /* enum: licensing subsystem self-test failed */ -#define MC_CMD_LICENSING_OUT_SELF_TEST_FAIL 0x0 +#define MC_CMD_LICENSING_OUT_SELF_TEST_FAIL 0x0 /* enum: licensing subsystem self-test passed */ -#define MC_CMD_LICENSING_OUT_SELF_TEST_PASS 0x1 +#define MC_CMD_LICENSING_OUT_SELF_TEST_PASS 0x1 /***********************************/ @@ -13428,37 +14095,44 @@ #define MC_CMD_LICENSING_V3_IN_LEN 4 /* identifies the type of operation requested */ #define MC_CMD_LICENSING_V3_IN_OP_OFST 0 +#define MC_CMD_LICENSING_V3_IN_OP_LEN 4 /* enum: re-read and apply licenses after a license key partition update; note * that this operation returns a zero-length response */ -#define MC_CMD_LICENSING_V3_IN_OP_UPDATE_LICENSE 0x0 +#define MC_CMD_LICENSING_V3_IN_OP_UPDATE_LICENSE 0x0 /* enum: report counts of installed licenses Returns EAGAIN if license * processing (updating) has been started but not yet completed. */ -#define MC_CMD_LICENSING_V3_IN_OP_REPORT_LICENSE 0x1 +#define MC_CMD_LICENSING_V3_IN_OP_REPORT_LICENSE 0x1 /* MC_CMD_LICENSING_V3_OUT msgresponse */ #define MC_CMD_LICENSING_V3_OUT_LEN 88 /* count of keys which are valid */ #define MC_CMD_LICENSING_V3_OUT_VALID_KEYS_OFST 0 +#define MC_CMD_LICENSING_V3_OUT_VALID_KEYS_LEN 4 /* sum of UNVERIFIABLE_KEYS + WRONG_NODE_KEYS (for compatibility with * MC_CMD_FC_OP_LICENSE) */ #define MC_CMD_LICENSING_V3_OUT_INVALID_KEYS_OFST 4 +#define MC_CMD_LICENSING_V3_OUT_INVALID_KEYS_LEN 4 /* count of keys which are invalid due to being unverifiable */ #define MC_CMD_LICENSING_V3_OUT_UNVERIFIABLE_KEYS_OFST 8 +#define MC_CMD_LICENSING_V3_OUT_UNVERIFIABLE_KEYS_LEN 4 /* count of keys which are invalid due to being for the wrong node */ #define MC_CMD_LICENSING_V3_OUT_WRONG_NODE_KEYS_OFST 12 +#define MC_CMD_LICENSING_V3_OUT_WRONG_NODE_KEYS_LEN 4 /* licensing state (for diagnostics; the exact meaning of the bits in this * field are private to the firmware) */ #define MC_CMD_LICENSING_V3_OUT_LICENSING_STATE_OFST 16 +#define MC_CMD_LICENSING_V3_OUT_LICENSING_STATE_LEN 4 /* licensing subsystem self-test report (for manftest) */ #define MC_CMD_LICENSING_V3_OUT_LICENSING_SELF_TEST_OFST 20 +#define MC_CMD_LICENSING_V3_OUT_LICENSING_SELF_TEST_LEN 4 /* enum: licensing subsystem self-test failed */ -#define MC_CMD_LICENSING_V3_OUT_SELF_TEST_FAIL 0x0 +#define MC_CMD_LICENSING_V3_OUT_SELF_TEST_FAIL 0x0 /* enum: licensing subsystem self-test passed */ -#define MC_CMD_LICENSING_V3_OUT_SELF_TEST_PASS 0x1 +#define MC_CMD_LICENSING_V3_OUT_SELF_TEST_PASS 0x1 /* bitmask of licensed applications */ #define MC_CMD_LICENSING_V3_OUT_LICENSED_APPS_OFST 24 #define MC_CMD_LICENSING_V3_OUT_LICENSED_APPS_LEN 8 @@ -13496,8 +14170,10 @@ #define MC_CMD_LICENSING_GET_ID_V3_OUT_LEN(num) (8+1*(num)) /* type of license (eg 3) */ #define MC_CMD_LICENSING_GET_ID_V3_OUT_LICENSE_TYPE_OFST 0 +#define MC_CMD_LICENSING_GET_ID_V3_OUT_LICENSE_TYPE_LEN 4 /* length of the license ID (in bytes) */ #define MC_CMD_LICENSING_GET_ID_V3_OUT_LICENSE_ID_LENGTH_OFST 4 +#define MC_CMD_LICENSING_GET_ID_V3_OUT_LICENSE_ID_LENGTH_LEN 4 /* the unique license ID of the adapter */ #define MC_CMD_LICENSING_GET_ID_V3_OUT_LICENSE_ID_OFST 8 #define MC_CMD_LICENSING_GET_ID_V3_OUT_LICENSE_ID_LEN 1 @@ -13537,15 +14213,17 @@ #define MC_CMD_GET_LICENSED_APP_STATE_IN_LEN 4 /* application ID to query (LICENSED_APP_ID_xxx) */ #define MC_CMD_GET_LICENSED_APP_STATE_IN_APP_ID_OFST 0 +#define MC_CMD_GET_LICENSED_APP_STATE_IN_APP_ID_LEN 4 /* MC_CMD_GET_LICENSED_APP_STATE_OUT msgresponse */ #define MC_CMD_GET_LICENSED_APP_STATE_OUT_LEN 4 /* state of this application */ #define MC_CMD_GET_LICENSED_APP_STATE_OUT_STATE_OFST 0 +#define MC_CMD_GET_LICENSED_APP_STATE_OUT_STATE_LEN 4 /* enum: no (or invalid) license is present for the application */ -#define MC_CMD_GET_LICENSED_APP_STATE_OUT_NOT_LICENSED 0x0 +#define MC_CMD_GET_LICENSED_APP_STATE_OUT_NOT_LICENSED 0x0 /* enum: a valid license is present for the application */ -#define MC_CMD_GET_LICENSED_APP_STATE_OUT_LICENSED 0x1 +#define MC_CMD_GET_LICENSED_APP_STATE_OUT_LICENSED 0x1 /***********************************/ @@ -13573,10 +14251,11 @@ #define MC_CMD_GET_LICENSED_V3_APP_STATE_OUT_LEN 4 /* state of this application */ #define MC_CMD_GET_LICENSED_V3_APP_STATE_OUT_STATE_OFST 0 +#define MC_CMD_GET_LICENSED_V3_APP_STATE_OUT_STATE_LEN 4 /* enum: no (or invalid) license is present for the application */ -#define MC_CMD_GET_LICENSED_V3_APP_STATE_OUT_NOT_LICENSED 0x0 +#define MC_CMD_GET_LICENSED_V3_APP_STATE_OUT_NOT_LICENSED 0x0 /* enum: a valid license is present for the application */ -#define MC_CMD_GET_LICENSED_V3_APP_STATE_OUT_LICENSED 0x1 +#define MC_CMD_GET_LICENSED_V3_APP_STATE_OUT_LICENSED 0x1 /***********************************/ @@ -13625,12 +14304,14 @@ #define MC_CMD_LICENSED_APP_OP_IN_LEN(num) (8+4*(num)) /* application ID */ #define MC_CMD_LICENSED_APP_OP_IN_APP_ID_OFST 0 +#define MC_CMD_LICENSED_APP_OP_IN_APP_ID_LEN 4 /* the type of operation requested */ #define MC_CMD_LICENSED_APP_OP_IN_OP_OFST 4 +#define MC_CMD_LICENSED_APP_OP_IN_OP_LEN 4 /* enum: validate application */ -#define MC_CMD_LICENSED_APP_OP_IN_OP_VALIDATE 0x0 +#define MC_CMD_LICENSED_APP_OP_IN_OP_VALIDATE 0x0 /* enum: mask application */ -#define MC_CMD_LICENSED_APP_OP_IN_OP_MASK 0x1 +#define MC_CMD_LICENSED_APP_OP_IN_OP_MASK 0x1 /* arguments specific to this particular operation */ #define MC_CMD_LICENSED_APP_OP_IN_ARGS_OFST 8 #define MC_CMD_LICENSED_APP_OP_IN_ARGS_LEN 4 @@ -13651,8 +14332,10 @@ #define MC_CMD_LICENSED_APP_OP_VALIDATE_IN_LEN 72 /* application ID */ #define MC_CMD_LICENSED_APP_OP_VALIDATE_IN_APP_ID_OFST 0 +#define MC_CMD_LICENSED_APP_OP_VALIDATE_IN_APP_ID_LEN 4 /* the type of operation requested */ #define MC_CMD_LICENSED_APP_OP_VALIDATE_IN_OP_OFST 4 +#define MC_CMD_LICENSED_APP_OP_VALIDATE_IN_OP_LEN 4 /* validation challenge */ #define MC_CMD_LICENSED_APP_OP_VALIDATE_IN_CHALLENGE_OFST 8 #define MC_CMD_LICENSED_APP_OP_VALIDATE_IN_CHALLENGE_LEN 64 @@ -13661,6 +14344,7 @@ #define MC_CMD_LICENSED_APP_OP_VALIDATE_OUT_LEN 68 /* feature expiry (time_t) */ #define MC_CMD_LICENSED_APP_OP_VALIDATE_OUT_EXPIRY_OFST 0 +#define MC_CMD_LICENSED_APP_OP_VALIDATE_OUT_EXPIRY_LEN 4 /* validation response */ #define MC_CMD_LICENSED_APP_OP_VALIDATE_OUT_RESPONSE_OFST 4 #define MC_CMD_LICENSED_APP_OP_VALIDATE_OUT_RESPONSE_LEN 64 @@ -13669,10 +14353,13 @@ #define MC_CMD_LICENSED_APP_OP_MASK_IN_LEN 12 /* application ID */ #define MC_CMD_LICENSED_APP_OP_MASK_IN_APP_ID_OFST 0 +#define MC_CMD_LICENSED_APP_OP_MASK_IN_APP_ID_LEN 4 /* the type of operation requested */ #define MC_CMD_LICENSED_APP_OP_MASK_IN_OP_OFST 4 +#define MC_CMD_LICENSED_APP_OP_MASK_IN_OP_LEN 4 /* flag */ #define MC_CMD_LICENSED_APP_OP_MASK_IN_FLAG_OFST 8 +#define MC_CMD_LICENSED_APP_OP_MASK_IN_FLAG_LEN 4 /* MC_CMD_LICENSED_APP_OP_MASK_OUT msgresponse */ #define MC_CMD_LICENSED_APP_OP_MASK_OUT_LEN 0 @@ -13711,12 +14398,14 @@ #define MC_CMD_LICENSED_V3_VALIDATE_APP_OUT_RESPONSE_LEN 96 /* application expiry time */ #define MC_CMD_LICENSED_V3_VALIDATE_APP_OUT_EXPIRY_TIME_OFST 96 +#define MC_CMD_LICENSED_V3_VALIDATE_APP_OUT_EXPIRY_TIME_LEN 4 /* application expiry units */ #define MC_CMD_LICENSED_V3_VALIDATE_APP_OUT_EXPIRY_UNITS_OFST 100 +#define MC_CMD_LICENSED_V3_VALIDATE_APP_OUT_EXPIRY_UNITS_LEN 4 /* enum: expiry units are accounting units */ -#define MC_CMD_LICENSED_V3_VALIDATE_APP_OUT_EXPIRY_UNIT_ACC 0x0 +#define MC_CMD_LICENSED_V3_VALIDATE_APP_OUT_EXPIRY_UNIT_ACC 0x0 /* enum: expiry units are calendar days */ -#define MC_CMD_LICENSED_V3_VALIDATE_APP_OUT_EXPIRY_UNIT_DAYS 0x1 +#define MC_CMD_LICENSED_V3_VALIDATE_APP_OUT_EXPIRY_UNIT_DAYS 0x1 /* base MAC address of the NIC stored in NVRAM (note that this is a constant * value for a given NIC regardless which function is calling, effectively this * is PF0 base MAC address) @@ -13737,7 +14426,7 @@ #define MC_CMD_LICENSED_V3_MASK_FEATURES 0xd5 #undef MC_CMD_0xd5_PRIVILEGE_CTG -#define MC_CMD_0xd5_PRIVILEGE_CTG SRIOV_CTG_GENERAL +#define MC_CMD_0xd5_PRIVILEGE_CTG SRIOV_CTG_ADMIN /* MC_CMD_LICENSED_V3_MASK_FEATURES_IN msgrequest */ #define MC_CMD_LICENSED_V3_MASK_FEATURES_IN_LEN 12 @@ -13748,10 +14437,11 @@ #define MC_CMD_LICENSED_V3_MASK_FEATURES_IN_MASK_HI_OFST 4 /* whether to turn on or turn off the masked features */ #define MC_CMD_LICENSED_V3_MASK_FEATURES_IN_FLAG_OFST 8 +#define MC_CMD_LICENSED_V3_MASK_FEATURES_IN_FLAG_LEN 4 /* enum: turn the features off */ -#define MC_CMD_LICENSED_V3_MASK_FEATURES_IN_OFF 0x0 +#define MC_CMD_LICENSED_V3_MASK_FEATURES_IN_OFF 0x0 /* enum: turn the features back on */ -#define MC_CMD_LICENSED_V3_MASK_FEATURES_IN_ON 0x1 +#define MC_CMD_LICENSED_V3_MASK_FEATURES_IN_ON 0x1 /* MC_CMD_LICENSED_V3_MASK_FEATURES_OUT msgresponse */ #define MC_CMD_LICENSED_V3_MASK_FEATURES_OUT_LEN 0 @@ -13768,29 +14458,31 @@ #define MC_CMD_LICENSING_V3_TEMPORARY 0xd6 #undef MC_CMD_0xd6_PRIVILEGE_CTG -#define MC_CMD_0xd6_PRIVILEGE_CTG SRIOV_CTG_GENERAL +#define MC_CMD_0xd6_PRIVILEGE_CTG SRIOV_CTG_ADMIN_TSA_UNBOUND /* MC_CMD_LICENSING_V3_TEMPORARY_IN msgrequest */ #define MC_CMD_LICENSING_V3_TEMPORARY_IN_LEN 4 /* operation code */ #define MC_CMD_LICENSING_V3_TEMPORARY_IN_OP_OFST 0 +#define MC_CMD_LICENSING_V3_TEMPORARY_IN_OP_LEN 4 /* enum: install a new license, overwriting any existing temporary license. * This is an asynchronous operation owing to the time taken to validate an * ECDSA license */ -#define MC_CMD_LICENSING_V3_TEMPORARY_SET 0x0 +#define MC_CMD_LICENSING_V3_TEMPORARY_SET 0x0 /* enum: clear the license immediately rather than waiting for the next power * cycle */ -#define MC_CMD_LICENSING_V3_TEMPORARY_CLEAR 0x1 +#define MC_CMD_LICENSING_V3_TEMPORARY_CLEAR 0x1 /* enum: get the status of the asynchronous MC_CMD_LICENSING_V3_TEMPORARY_SET * operation */ -#define MC_CMD_LICENSING_V3_TEMPORARY_STATUS 0x2 +#define MC_CMD_LICENSING_V3_TEMPORARY_STATUS 0x2 /* MC_CMD_LICENSING_V3_TEMPORARY_IN_SET msgrequest */ #define MC_CMD_LICENSING_V3_TEMPORARY_IN_SET_LEN 164 #define MC_CMD_LICENSING_V3_TEMPORARY_IN_SET_OP_OFST 0 +#define MC_CMD_LICENSING_V3_TEMPORARY_IN_SET_OP_LEN 4 /* ECDSA license and signature */ #define MC_CMD_LICENSING_V3_TEMPORARY_IN_SET_LICENSE_OFST 4 #define MC_CMD_LICENSING_V3_TEMPORARY_IN_SET_LICENSE_LEN 160 @@ -13798,23 +14490,26 @@ /* MC_CMD_LICENSING_V3_TEMPORARY_IN_CLEAR msgrequest */ #define MC_CMD_LICENSING_V3_TEMPORARY_IN_CLEAR_LEN 4 #define MC_CMD_LICENSING_V3_TEMPORARY_IN_CLEAR_OP_OFST 0 +#define MC_CMD_LICENSING_V3_TEMPORARY_IN_CLEAR_OP_LEN 4 /* MC_CMD_LICENSING_V3_TEMPORARY_IN_STATUS msgrequest */ #define MC_CMD_LICENSING_V3_TEMPORARY_IN_STATUS_LEN 4 #define MC_CMD_LICENSING_V3_TEMPORARY_IN_STATUS_OP_OFST 0 +#define MC_CMD_LICENSING_V3_TEMPORARY_IN_STATUS_OP_LEN 4 /* MC_CMD_LICENSING_V3_TEMPORARY_OUT_STATUS msgresponse */ #define MC_CMD_LICENSING_V3_TEMPORARY_OUT_STATUS_LEN 12 /* status code */ #define MC_CMD_LICENSING_V3_TEMPORARY_OUT_STATUS_STATUS_OFST 0 +#define MC_CMD_LICENSING_V3_TEMPORARY_OUT_STATUS_STATUS_LEN 4 /* enum: finished validating and installing license */ -#define MC_CMD_LICENSING_V3_TEMPORARY_STATUS_OK 0x0 +#define MC_CMD_LICENSING_V3_TEMPORARY_STATUS_OK 0x0 /* enum: license validation and installation in progress */ -#define MC_CMD_LICENSING_V3_TEMPORARY_STATUS_IN_PROGRESS 0x1 +#define MC_CMD_LICENSING_V3_TEMPORARY_STATUS_IN_PROGRESS 0x1 /* enum: licensing error. More specific error messages are not provided to * avoid exposing details of the licensing system to the client */ -#define MC_CMD_LICENSING_V3_TEMPORARY_STATUS_ERROR 0x2 +#define MC_CMD_LICENSING_V3_TEMPORARY_STATUS_ERROR 0x2 /* bitmask of licensed features */ #define MC_CMD_LICENSING_V3_TEMPORARY_OUT_STATUS_LICENSED_FEATURES_OFST 4 #define MC_CMD_LICENSING_V3_TEMPORARY_OUT_STATUS_LICENSED_FEATURES_LEN 8 @@ -13839,23 +14534,27 @@ #define MC_CMD_SET_PORT_SNIFF_CONFIG_IN_LEN 16 /* configuration flags */ #define MC_CMD_SET_PORT_SNIFF_CONFIG_IN_FLAGS_OFST 0 +#define MC_CMD_SET_PORT_SNIFF_CONFIG_IN_FLAGS_LEN 4 #define MC_CMD_SET_PORT_SNIFF_CONFIG_IN_ENABLE_LBN 0 #define MC_CMD_SET_PORT_SNIFF_CONFIG_IN_ENABLE_WIDTH 1 #define MC_CMD_SET_PORT_SNIFF_CONFIG_IN_PROMISCUOUS_LBN 1 #define MC_CMD_SET_PORT_SNIFF_CONFIG_IN_PROMISCUOUS_WIDTH 1 /* receive queue handle (for RSS mode, this is the base queue) */ #define MC_CMD_SET_PORT_SNIFF_CONFIG_IN_RX_QUEUE_OFST 4 +#define MC_CMD_SET_PORT_SNIFF_CONFIG_IN_RX_QUEUE_LEN 4 /* receive mode */ #define MC_CMD_SET_PORT_SNIFF_CONFIG_IN_RX_MODE_OFST 8 +#define MC_CMD_SET_PORT_SNIFF_CONFIG_IN_RX_MODE_LEN 4 /* enum: receive to just the specified queue */ -#define MC_CMD_SET_PORT_SNIFF_CONFIG_IN_RX_MODE_SIMPLE 0x0 +#define MC_CMD_SET_PORT_SNIFF_CONFIG_IN_RX_MODE_SIMPLE 0x0 /* enum: receive to multiple queues using RSS context */ -#define MC_CMD_SET_PORT_SNIFF_CONFIG_IN_RX_MODE_RSS 0x1 +#define MC_CMD_SET_PORT_SNIFF_CONFIG_IN_RX_MODE_RSS 0x1 /* RSS context (for RX_MODE_RSS) as returned by MC_CMD_RSS_CONTEXT_ALLOC. Note * that these handles should be considered opaque to the host, although a value * of 0xFFFFFFFF is guaranteed never to be a valid handle. */ #define MC_CMD_SET_PORT_SNIFF_CONFIG_IN_RX_CONTEXT_OFST 12 +#define MC_CMD_SET_PORT_SNIFF_CONFIG_IN_RX_CONTEXT_LEN 4 /* MC_CMD_SET_PORT_SNIFF_CONFIG_OUT msgresponse */ #define MC_CMD_SET_PORT_SNIFF_CONFIG_OUT_LEN 0 @@ -13870,7 +14569,7 @@ #define MC_CMD_GET_PORT_SNIFF_CONFIG 0xf8 #undef MC_CMD_0xf8_PRIVILEGE_CTG -#define MC_CMD_0xf8_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0xf8_PRIVILEGE_CTG SRIOV_CTG_GENERAL /* MC_CMD_GET_PORT_SNIFF_CONFIG_IN msgrequest */ #define MC_CMD_GET_PORT_SNIFF_CONFIG_IN_LEN 0 @@ -13879,20 +14578,24 @@ #define MC_CMD_GET_PORT_SNIFF_CONFIG_OUT_LEN 16 /* configuration flags */ #define MC_CMD_GET_PORT_SNIFF_CONFIG_OUT_FLAGS_OFST 0 +#define MC_CMD_GET_PORT_SNIFF_CONFIG_OUT_FLAGS_LEN 4 #define MC_CMD_GET_PORT_SNIFF_CONFIG_OUT_ENABLE_LBN 0 #define MC_CMD_GET_PORT_SNIFF_CONFIG_OUT_ENABLE_WIDTH 1 #define MC_CMD_GET_PORT_SNIFF_CONFIG_OUT_PROMISCUOUS_LBN 1 #define MC_CMD_GET_PORT_SNIFF_CONFIG_OUT_PROMISCUOUS_WIDTH 1 /* receiving queue handle (for RSS mode, this is the base queue) */ #define MC_CMD_GET_PORT_SNIFF_CONFIG_OUT_RX_QUEUE_OFST 4 +#define MC_CMD_GET_PORT_SNIFF_CONFIG_OUT_RX_QUEUE_LEN 4 /* receive mode */ #define MC_CMD_GET_PORT_SNIFF_CONFIG_OUT_RX_MODE_OFST 8 +#define MC_CMD_GET_PORT_SNIFF_CONFIG_OUT_RX_MODE_LEN 4 /* enum: receiving to just the specified queue */ -#define MC_CMD_GET_PORT_SNIFF_CONFIG_OUT_RX_MODE_SIMPLE 0x0 +#define MC_CMD_GET_PORT_SNIFF_CONFIG_OUT_RX_MODE_SIMPLE 0x0 /* enum: receiving to multiple queues using RSS context */ -#define MC_CMD_GET_PORT_SNIFF_CONFIG_OUT_RX_MODE_RSS 0x1 +#define MC_CMD_GET_PORT_SNIFF_CONFIG_OUT_RX_MODE_RSS 0x1 /* RSS context (for RX_MODE_RSS) */ #define MC_CMD_GET_PORT_SNIFF_CONFIG_OUT_RX_CONTEXT_OFST 12 +#define MC_CMD_GET_PORT_SNIFF_CONFIG_OUT_RX_CONTEXT_LEN 4 /***********************************/ @@ -13910,19 +14613,21 @@ #define MC_CMD_SET_PARSER_DISP_CONFIG_IN_LEN(num) (8+4*(num)) /* the type of configuration setting to change */ #define MC_CMD_SET_PARSER_DISP_CONFIG_IN_TYPE_OFST 0 +#define MC_CMD_SET_PARSER_DISP_CONFIG_IN_TYPE_LEN 4 /* enum: Per-TXQ enable for multicast UDP destination lookup for possible * internal loopback. (ENTITY is a queue handle, VALUE is a single boolean.) */ -#define MC_CMD_SET_PARSER_DISP_CONFIG_IN_TXQ_MCAST_UDP_DST_LOOKUP_EN 0x0 +#define MC_CMD_SET_PARSER_DISP_CONFIG_IN_TXQ_MCAST_UDP_DST_LOOKUP_EN 0x0 /* enum: Per-v-adaptor enable for suppression of self-transmissions on the * internal loopback path. (ENTITY is an EVB_PORT_ID, VALUE is a single * boolean.) */ -#define MC_CMD_SET_PARSER_DISP_CONFIG_IN_VADAPTOR_SUPPRESS_SELF_TX 0x1 +#define MC_CMD_SET_PARSER_DISP_CONFIG_IN_VADAPTOR_SUPPRESS_SELF_TX 0x1 /* handle for the entity to update: queue handle, EVB port ID, etc. depending * on the type of configuration setting being changed */ #define MC_CMD_SET_PARSER_DISP_CONFIG_IN_ENTITY_OFST 4 +#define MC_CMD_SET_PARSER_DISP_CONFIG_IN_ENTITY_LEN 4 /* new value: the details depend on the type of configuration setting being * changed */ @@ -13948,12 +14653,14 @@ #define MC_CMD_GET_PARSER_DISP_CONFIG_IN_LEN 8 /* the type of configuration setting to read */ #define MC_CMD_GET_PARSER_DISP_CONFIG_IN_TYPE_OFST 0 +#define MC_CMD_GET_PARSER_DISP_CONFIG_IN_TYPE_LEN 4 /* Enum values, see field(s): */ /* MC_CMD_SET_PARSER_DISP_CONFIG/MC_CMD_SET_PARSER_DISP_CONFIG_IN/TYPE */ /* handle for the entity to query: queue handle, EVB port ID, etc. depending on * the type of configuration setting being read */ #define MC_CMD_GET_PARSER_DISP_CONFIG_IN_ENTITY_OFST 4 +#define MC_CMD_GET_PARSER_DISP_CONFIG_IN_ENTITY_LEN 4 /* MC_CMD_GET_PARSER_DISP_CONFIG_OUT msgresponse */ #define MC_CMD_GET_PARSER_DISP_CONFIG_OUT_LENMIN 4 @@ -13987,21 +14694,25 @@ #define MC_CMD_SET_TX_PORT_SNIFF_CONFIG_IN_LEN 16 /* configuration flags */ #define MC_CMD_SET_TX_PORT_SNIFF_CONFIG_IN_FLAGS_OFST 0 +#define MC_CMD_SET_TX_PORT_SNIFF_CONFIG_IN_FLAGS_LEN 4 #define MC_CMD_SET_TX_PORT_SNIFF_CONFIG_IN_ENABLE_LBN 0 #define MC_CMD_SET_TX_PORT_SNIFF_CONFIG_IN_ENABLE_WIDTH 1 /* receive queue handle (for RSS mode, this is the base queue) */ #define MC_CMD_SET_TX_PORT_SNIFF_CONFIG_IN_RX_QUEUE_OFST 4 +#define MC_CMD_SET_TX_PORT_SNIFF_CONFIG_IN_RX_QUEUE_LEN 4 /* receive mode */ #define MC_CMD_SET_TX_PORT_SNIFF_CONFIG_IN_RX_MODE_OFST 8 +#define MC_CMD_SET_TX_PORT_SNIFF_CONFIG_IN_RX_MODE_LEN 4 /* enum: receive to just the specified queue */ -#define MC_CMD_SET_TX_PORT_SNIFF_CONFIG_IN_RX_MODE_SIMPLE 0x0 +#define MC_CMD_SET_TX_PORT_SNIFF_CONFIG_IN_RX_MODE_SIMPLE 0x0 /* enum: receive to multiple queues using RSS context */ -#define MC_CMD_SET_TX_PORT_SNIFF_CONFIG_IN_RX_MODE_RSS 0x1 +#define MC_CMD_SET_TX_PORT_SNIFF_CONFIG_IN_RX_MODE_RSS 0x1 /* RSS context (for RX_MODE_RSS) as returned by MC_CMD_RSS_CONTEXT_ALLOC. Note * that these handles should be considered opaque to the host, although a value * of 0xFFFFFFFF is guaranteed never to be a valid handle. */ #define MC_CMD_SET_TX_PORT_SNIFF_CONFIG_IN_RX_CONTEXT_OFST 12 +#define MC_CMD_SET_TX_PORT_SNIFF_CONFIG_IN_RX_CONTEXT_LEN 4 /* MC_CMD_SET_TX_PORT_SNIFF_CONFIG_OUT msgresponse */ #define MC_CMD_SET_TX_PORT_SNIFF_CONFIG_OUT_LEN 0 @@ -14016,7 +14727,7 @@ #define MC_CMD_GET_TX_PORT_SNIFF_CONFIG 0xfc #undef MC_CMD_0xfc_PRIVILEGE_CTG -#define MC_CMD_0xfc_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0xfc_PRIVILEGE_CTG SRIOV_CTG_GENERAL /* MC_CMD_GET_TX_PORT_SNIFF_CONFIG_IN msgrequest */ #define MC_CMD_GET_TX_PORT_SNIFF_CONFIG_IN_LEN 0 @@ -14025,18 +14736,22 @@ #define MC_CMD_GET_TX_PORT_SNIFF_CONFIG_OUT_LEN 16 /* configuration flags */ #define MC_CMD_GET_TX_PORT_SNIFF_CONFIG_OUT_FLAGS_OFST 0 +#define MC_CMD_GET_TX_PORT_SNIFF_CONFIG_OUT_FLAGS_LEN 4 #define MC_CMD_GET_TX_PORT_SNIFF_CONFIG_OUT_ENABLE_LBN 0 #define MC_CMD_GET_TX_PORT_SNIFF_CONFIG_OUT_ENABLE_WIDTH 1 /* receiving queue handle (for RSS mode, this is the base queue) */ #define MC_CMD_GET_TX_PORT_SNIFF_CONFIG_OUT_RX_QUEUE_OFST 4 +#define MC_CMD_GET_TX_PORT_SNIFF_CONFIG_OUT_RX_QUEUE_LEN 4 /* receive mode */ #define MC_CMD_GET_TX_PORT_SNIFF_CONFIG_OUT_RX_MODE_OFST 8 +#define MC_CMD_GET_TX_PORT_SNIFF_CONFIG_OUT_RX_MODE_LEN 4 /* enum: receiving to just the specified queue */ -#define MC_CMD_GET_TX_PORT_SNIFF_CONFIG_OUT_RX_MODE_SIMPLE 0x0 +#define MC_CMD_GET_TX_PORT_SNIFF_CONFIG_OUT_RX_MODE_SIMPLE 0x0 /* enum: receiving to multiple queues using RSS context */ -#define MC_CMD_GET_TX_PORT_SNIFF_CONFIG_OUT_RX_MODE_RSS 0x1 +#define MC_CMD_GET_TX_PORT_SNIFF_CONFIG_OUT_RX_MODE_RSS 0x1 /* RSS context (for RX_MODE_RSS) */ #define MC_CMD_GET_TX_PORT_SNIFF_CONFIG_OUT_RX_CONTEXT_OFST 12 +#define MC_CMD_GET_TX_PORT_SNIFF_CONFIG_OUT_RX_CONTEXT_LEN 4 /***********************************/ @@ -14052,16 +14767,22 @@ #define MC_CMD_RMON_STATS_RX_ERRORS_IN_LEN 8 /* The rx queue to get stats for. */ #define MC_CMD_RMON_STATS_RX_ERRORS_IN_RX_QUEUE_OFST 0 +#define MC_CMD_RMON_STATS_RX_ERRORS_IN_RX_QUEUE_LEN 4 #define MC_CMD_RMON_STATS_RX_ERRORS_IN_FLAGS_OFST 4 +#define MC_CMD_RMON_STATS_RX_ERRORS_IN_FLAGS_LEN 4 #define MC_CMD_RMON_STATS_RX_ERRORS_IN_RST_LBN 0 #define MC_CMD_RMON_STATS_RX_ERRORS_IN_RST_WIDTH 1 /* MC_CMD_RMON_STATS_RX_ERRORS_OUT msgresponse */ #define MC_CMD_RMON_STATS_RX_ERRORS_OUT_LEN 16 #define MC_CMD_RMON_STATS_RX_ERRORS_OUT_CRC_ERRORS_OFST 0 +#define MC_CMD_RMON_STATS_RX_ERRORS_OUT_CRC_ERRORS_LEN 4 #define MC_CMD_RMON_STATS_RX_ERRORS_OUT_TRUNC_ERRORS_OFST 4 +#define MC_CMD_RMON_STATS_RX_ERRORS_OUT_TRUNC_ERRORS_LEN 4 #define MC_CMD_RMON_STATS_RX_ERRORS_OUT_RX_NO_DESC_DROPS_OFST 8 +#define MC_CMD_RMON_STATS_RX_ERRORS_OUT_RX_NO_DESC_DROPS_LEN 4 #define MC_CMD_RMON_STATS_RX_ERRORS_OUT_RX_ABORT_OFST 12 +#define MC_CMD_RMON_STATS_RX_ERRORS_OUT_RX_ABORT_LEN 4 /***********************************/ @@ -14069,6 +14790,9 @@ * Find out about available PCIE resources */ #define MC_CMD_GET_PCIE_RESOURCE_INFO 0xfd +#undef MC_CMD_0xfd_PRIVILEGE_CTG + +#define MC_CMD_0xfd_PRIVILEGE_CTG SRIOV_CTG_GENERAL /* MC_CMD_GET_PCIE_RESOURCE_INFO_IN msgrequest */ #define MC_CMD_GET_PCIE_RESOURCE_INFO_IN_LEN 0 @@ -14077,20 +14801,27 @@ #define MC_CMD_GET_PCIE_RESOURCE_INFO_OUT_LEN 28 /* The maximum number of PFs the device can expose */ #define MC_CMD_GET_PCIE_RESOURCE_INFO_OUT_MAX_PFS_OFST 0 +#define MC_CMD_GET_PCIE_RESOURCE_INFO_OUT_MAX_PFS_LEN 4 /* The maximum number of VFs the device can expose in total */ #define MC_CMD_GET_PCIE_RESOURCE_INFO_OUT_MAX_VFS_OFST 4 +#define MC_CMD_GET_PCIE_RESOURCE_INFO_OUT_MAX_VFS_LEN 4 /* The maximum number of MSI-X vectors the device can provide in total */ #define MC_CMD_GET_PCIE_RESOURCE_INFO_OUT_MAX_VECTORS_OFST 8 +#define MC_CMD_GET_PCIE_RESOURCE_INFO_OUT_MAX_VECTORS_LEN 4 /* the number of MSI-X vectors the device will allocate by default to each PF */ #define MC_CMD_GET_PCIE_RESOURCE_INFO_OUT_DEFAULT_PF_VECTORS_OFST 12 +#define MC_CMD_GET_PCIE_RESOURCE_INFO_OUT_DEFAULT_PF_VECTORS_LEN 4 /* the number of MSI-X vectors the device will allocate by default to each VF */ #define MC_CMD_GET_PCIE_RESOURCE_INFO_OUT_DEFAULT_VF_VECTORS_OFST 16 +#define MC_CMD_GET_PCIE_RESOURCE_INFO_OUT_DEFAULT_VF_VECTORS_LEN 4 /* the maximum number of MSI-X vectors the device can allocate to any one PF */ #define MC_CMD_GET_PCIE_RESOURCE_INFO_OUT_MAX_PF_VECTORS_OFST 20 +#define MC_CMD_GET_PCIE_RESOURCE_INFO_OUT_MAX_PF_VECTORS_LEN 4 /* the maximum number of MSI-X vectors the device can allocate to any one VF */ #define MC_CMD_GET_PCIE_RESOURCE_INFO_OUT_MAX_VF_VECTORS_OFST 24 +#define MC_CMD_GET_PCIE_RESOURCE_INFO_OUT_MAX_VF_VECTORS_LEN 4 /***********************************/ @@ -14109,10 +14840,13 @@ #define MC_CMD_GET_PORT_MODES_OUT_LEN 12 /* Bitmask of port modes available on the board (indexed by TLV_PORT_MODE_*) */ #define MC_CMD_GET_PORT_MODES_OUT_MODES_OFST 0 +#define MC_CMD_GET_PORT_MODES_OUT_MODES_LEN 4 /* Default (canonical) board mode */ #define MC_CMD_GET_PORT_MODES_OUT_DEFAULT_MODE_OFST 4 +#define MC_CMD_GET_PORT_MODES_OUT_DEFAULT_MODE_LEN 4 /* Current board mode */ #define MC_CMD_GET_PORT_MODES_OUT_CURRENT_MODE_OFST 8 +#define MC_CMD_GET_PORT_MODES_OUT_CURRENT_MODE_LEN 4 /***********************************/ @@ -14122,21 +14856,26 @@ #define MC_CMD_READ_ATB 0x100 #undef MC_CMD_0x100_PRIVILEGE_CTG -#define MC_CMD_0x100_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0x100_PRIVILEGE_CTG SRIOV_CTG_INSECURE /* MC_CMD_READ_ATB_IN msgrequest */ #define MC_CMD_READ_ATB_IN_LEN 16 #define MC_CMD_READ_ATB_IN_SIGNAL_BUS_OFST 0 -#define MC_CMD_READ_ATB_IN_BUS_CCOM 0x0 /* enum */ -#define MC_CMD_READ_ATB_IN_BUS_CKR 0x1 /* enum */ -#define MC_CMD_READ_ATB_IN_BUS_CPCIE 0x8 /* enum */ +#define MC_CMD_READ_ATB_IN_SIGNAL_BUS_LEN 4 +#define MC_CMD_READ_ATB_IN_BUS_CCOM 0x0 /* enum */ +#define MC_CMD_READ_ATB_IN_BUS_CKR 0x1 /* enum */ +#define MC_CMD_READ_ATB_IN_BUS_CPCIE 0x8 /* enum */ #define MC_CMD_READ_ATB_IN_SIGNAL_EN_BITNO_OFST 4 +#define MC_CMD_READ_ATB_IN_SIGNAL_EN_BITNO_LEN 4 #define MC_CMD_READ_ATB_IN_SIGNAL_SEL_OFST 8 +#define MC_CMD_READ_ATB_IN_SIGNAL_SEL_LEN 4 #define MC_CMD_READ_ATB_IN_SETTLING_TIME_US_OFST 12 +#define MC_CMD_READ_ATB_IN_SETTLING_TIME_US_LEN 4 /* MC_CMD_READ_ATB_OUT msgresponse */ #define MC_CMD_READ_ATB_OUT_LEN 4 #define MC_CMD_READ_ATB_OUT_SAMPLE_MV_OFST 0 +#define MC_CMD_READ_ATB_OUT_SAMPLE_MV_LEN 4 /***********************************/ @@ -14154,7 +14893,9 @@ /* Each workaround is represented by a single bit according to the enums below. */ #define MC_CMD_GET_WORKAROUNDS_OUT_IMPLEMENTED_OFST 0 +#define MC_CMD_GET_WORKAROUNDS_OUT_IMPLEMENTED_LEN 4 #define MC_CMD_GET_WORKAROUNDS_OUT_ENABLED_OFST 4 +#define MC_CMD_GET_WORKAROUNDS_OUT_ENABLED_LEN 4 /* enum: Bug 17230 work around. */ #define MC_CMD_GET_WORKAROUNDS_OUT_BUG17230 0x2 /* enum: Bug 35388 work around (unsafe EVQ writes). */ @@ -14190,50 +14931,63 @@ * 1,3 = 0x00030001 */ #define MC_CMD_PRIVILEGE_MASK_IN_FUNCTION_OFST 0 +#define MC_CMD_PRIVILEGE_MASK_IN_FUNCTION_LEN 4 #define MC_CMD_PRIVILEGE_MASK_IN_FUNCTION_PF_LBN 0 #define MC_CMD_PRIVILEGE_MASK_IN_FUNCTION_PF_WIDTH 16 #define MC_CMD_PRIVILEGE_MASK_IN_FUNCTION_VF_LBN 16 #define MC_CMD_PRIVILEGE_MASK_IN_FUNCTION_VF_WIDTH 16 -#define MC_CMD_PRIVILEGE_MASK_IN_VF_NULL 0xffff /* enum */ +#define MC_CMD_PRIVILEGE_MASK_IN_VF_NULL 0xffff /* enum */ /* New privilege mask to be set. The mask will only be changed if the MSB is * set to 1. */ #define MC_CMD_PRIVILEGE_MASK_IN_NEW_MASK_OFST 4 -#define MC_CMD_PRIVILEGE_MASK_IN_GRP_ADMIN 0x1 /* enum */ -#define MC_CMD_PRIVILEGE_MASK_IN_GRP_LINK 0x2 /* enum */ -#define MC_CMD_PRIVILEGE_MASK_IN_GRP_ONLOAD 0x4 /* enum */ -#define MC_CMD_PRIVILEGE_MASK_IN_GRP_PTP 0x8 /* enum */ -#define MC_CMD_PRIVILEGE_MASK_IN_GRP_INSECURE_FILTERS 0x10 /* enum */ +#define MC_CMD_PRIVILEGE_MASK_IN_NEW_MASK_LEN 4 +#define MC_CMD_PRIVILEGE_MASK_IN_GRP_ADMIN 0x1 /* enum */ +#define MC_CMD_PRIVILEGE_MASK_IN_GRP_LINK 0x2 /* enum */ +#define MC_CMD_PRIVILEGE_MASK_IN_GRP_ONLOAD 0x4 /* enum */ +#define MC_CMD_PRIVILEGE_MASK_IN_GRP_PTP 0x8 /* enum */ +#define MC_CMD_PRIVILEGE_MASK_IN_GRP_INSECURE_FILTERS 0x10 /* enum */ /* enum: Deprecated. Equivalent to MAC_SPOOFING_TX combined with CHANGE_MAC. */ -#define MC_CMD_PRIVILEGE_MASK_IN_GRP_MAC_SPOOFING 0x20 -#define MC_CMD_PRIVILEGE_MASK_IN_GRP_UNICAST 0x40 /* enum */ -#define MC_CMD_PRIVILEGE_MASK_IN_GRP_MULTICAST 0x80 /* enum */ -#define MC_CMD_PRIVILEGE_MASK_IN_GRP_BROADCAST 0x100 /* enum */ -#define MC_CMD_PRIVILEGE_MASK_IN_GRP_ALL_MULTICAST 0x200 /* enum */ -#define MC_CMD_PRIVILEGE_MASK_IN_GRP_PROMISCUOUS 0x400 /* enum */ +#define MC_CMD_PRIVILEGE_MASK_IN_GRP_MAC_SPOOFING 0x20 +#define MC_CMD_PRIVILEGE_MASK_IN_GRP_UNICAST 0x40 /* enum */ +#define MC_CMD_PRIVILEGE_MASK_IN_GRP_MULTICAST 0x80 /* enum */ +#define MC_CMD_PRIVILEGE_MASK_IN_GRP_BROADCAST 0x100 /* enum */ +#define MC_CMD_PRIVILEGE_MASK_IN_GRP_ALL_MULTICAST 0x200 /* enum */ +#define MC_CMD_PRIVILEGE_MASK_IN_GRP_PROMISCUOUS 0x400 /* enum */ /* enum: Allows to set the TX packets' source MAC address to any arbitrary MAC * adress. */ -#define MC_CMD_PRIVILEGE_MASK_IN_GRP_MAC_SPOOFING_TX 0x800 +#define MC_CMD_PRIVILEGE_MASK_IN_GRP_MAC_SPOOFING_TX 0x800 /* enum: Privilege that allows a Function to change the MAC address configured * in its associated vAdapter/vPort. */ -#define MC_CMD_PRIVILEGE_MASK_IN_GRP_CHANGE_MAC 0x1000 +#define MC_CMD_PRIVILEGE_MASK_IN_GRP_CHANGE_MAC 0x1000 /* enum: Privilege that allows a Function to install filters that specify VLANs * that are not in the permit list for the associated vPort. This privilege is * primarily to support ESX where vPorts are created that restrict traffic to * only a set of permitted VLANs. See the vPort flag FLAG_VLAN_RESTRICT. */ -#define MC_CMD_PRIVILEGE_MASK_IN_GRP_UNRESTRICTED_VLAN 0x2000 +#define MC_CMD_PRIVILEGE_MASK_IN_GRP_UNRESTRICTED_VLAN 0x2000 +/* enum: Privilege for insecure commands. Commands that belong to this group + * are not permitted on secure adapters regardless of the privilege mask. + */ +#define MC_CMD_PRIVILEGE_MASK_IN_GRP_INSECURE 0x4000 +/* enum: Trusted Server Adapter (TSA) / ServerLock. Privilege for + * administrator-level operations that are not allowed from the local host once + * an adapter has Bound to a remote ServerLock Controller (see doxbox + * SF-117064-DG for background). + */ +#define MC_CMD_PRIVILEGE_MASK_IN_GRP_ADMIN_TSA_UNBOUND 0x8000 /* enum: Set this bit to indicate that a new privilege mask is to be set, * otherwise the command will only read the existing mask. */ -#define MC_CMD_PRIVILEGE_MASK_IN_DO_CHANGE 0x80000000 +#define MC_CMD_PRIVILEGE_MASK_IN_DO_CHANGE 0x80000000 /* MC_CMD_PRIVILEGE_MASK_OUT msgresponse */ #define MC_CMD_PRIVILEGE_MASK_OUT_LEN 4 /* For an admin function, always all the privileges are reported. */ #define MC_CMD_PRIVILEGE_MASK_OUT_OLD_MASK_OFST 0 +#define MC_CMD_PRIVILEGE_MASK_OUT_OLD_MASK_LEN 4 /***********************************/ @@ -14251,27 +15005,30 @@ * e.g. VF 1,3 = 0x00030001 */ #define MC_CMD_LINK_STATE_MODE_IN_FUNCTION_OFST 0 +#define MC_CMD_LINK_STATE_MODE_IN_FUNCTION_LEN 4 #define MC_CMD_LINK_STATE_MODE_IN_FUNCTION_PF_LBN 0 #define MC_CMD_LINK_STATE_MODE_IN_FUNCTION_PF_WIDTH 16 #define MC_CMD_LINK_STATE_MODE_IN_FUNCTION_VF_LBN 16 #define MC_CMD_LINK_STATE_MODE_IN_FUNCTION_VF_WIDTH 16 /* New link state mode to be set */ #define MC_CMD_LINK_STATE_MODE_IN_NEW_MODE_OFST 4 -#define MC_CMD_LINK_STATE_MODE_IN_LINK_STATE_AUTO 0x0 /* enum */ -#define MC_CMD_LINK_STATE_MODE_IN_LINK_STATE_UP 0x1 /* enum */ -#define MC_CMD_LINK_STATE_MODE_IN_LINK_STATE_DOWN 0x2 /* enum */ +#define MC_CMD_LINK_STATE_MODE_IN_NEW_MODE_LEN 4 +#define MC_CMD_LINK_STATE_MODE_IN_LINK_STATE_AUTO 0x0 /* enum */ +#define MC_CMD_LINK_STATE_MODE_IN_LINK_STATE_UP 0x1 /* enum */ +#define MC_CMD_LINK_STATE_MODE_IN_LINK_STATE_DOWN 0x2 /* enum */ /* enum: Use this value to just read the existing setting without modifying it. */ -#define MC_CMD_LINK_STATE_MODE_IN_DO_NOT_CHANGE 0xffffffff +#define MC_CMD_LINK_STATE_MODE_IN_DO_NOT_CHANGE 0xffffffff /* MC_CMD_LINK_STATE_MODE_OUT msgresponse */ #define MC_CMD_LINK_STATE_MODE_OUT_LEN 4 #define MC_CMD_LINK_STATE_MODE_OUT_OLD_MODE_OFST 0 +#define MC_CMD_LINK_STATE_MODE_OUT_OLD_MODE_LEN 4 /***********************************/ /* MC_CMD_GET_SNAPSHOT_LENGTH - * Obtain the curent range of allowable values for the SNAPSHOT_LENGTH + * Obtain the current range of allowable values for the SNAPSHOT_LENGTH * parameter to MC_CMD_INIT_RXQ. */ #define MC_CMD_GET_SNAPSHOT_LENGTH 0x101 @@ -14286,8 +15043,10 @@ #define MC_CMD_GET_SNAPSHOT_LENGTH_OUT_LEN 8 /* Minimum acceptable snapshot length. */ #define MC_CMD_GET_SNAPSHOT_LENGTH_OUT_RX_SNAPLEN_MIN_OFST 0 +#define MC_CMD_GET_SNAPSHOT_LENGTH_OUT_RX_SNAPLEN_MIN_LEN 4 /* Maximum acceptable snapshot length. */ #define MC_CMD_GET_SNAPSHOT_LENGTH_OUT_RX_SNAPLEN_MAX_OFST 4 +#define MC_CMD_GET_SNAPSHOT_LENGTH_OUT_RX_SNAPLEN_MAX_LEN 4 /***********************************/ @@ -14297,7 +15056,7 @@ #define MC_CMD_FUSE_DIAGS 0x102 #undef MC_CMD_0x102_PRIVILEGE_CTG -#define MC_CMD_0x102_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0x102_PRIVILEGE_CTG SRIOV_CTG_INSECURE /* MC_CMD_FUSE_DIAGS_IN msgrequest */ #define MC_CMD_FUSE_DIAGS_IN_LEN 0 @@ -14306,28 +15065,40 @@ #define MC_CMD_FUSE_DIAGS_OUT_LEN 48 /* Total number of mismatched bits between pairs in area 0 */ #define MC_CMD_FUSE_DIAGS_OUT_AREA0_MISMATCH_BITS_OFST 0 +#define MC_CMD_FUSE_DIAGS_OUT_AREA0_MISMATCH_BITS_LEN 4 /* Total number of unexpectedly clear (set in B but not A) bits in area 0 */ #define MC_CMD_FUSE_DIAGS_OUT_AREA0_PAIR_A_BAD_BITS_OFST 4 +#define MC_CMD_FUSE_DIAGS_OUT_AREA0_PAIR_A_BAD_BITS_LEN 4 /* Total number of unexpectedly clear (set in A but not B) bits in area 0 */ #define MC_CMD_FUSE_DIAGS_OUT_AREA0_PAIR_B_BAD_BITS_OFST 8 +#define MC_CMD_FUSE_DIAGS_OUT_AREA0_PAIR_B_BAD_BITS_LEN 4 /* Checksum of data after logical OR of pairs in area 0 */ #define MC_CMD_FUSE_DIAGS_OUT_AREA0_CHECKSUM_OFST 12 +#define MC_CMD_FUSE_DIAGS_OUT_AREA0_CHECKSUM_LEN 4 /* Total number of mismatched bits between pairs in area 1 */ #define MC_CMD_FUSE_DIAGS_OUT_AREA1_MISMATCH_BITS_OFST 16 +#define MC_CMD_FUSE_DIAGS_OUT_AREA1_MISMATCH_BITS_LEN 4 /* Total number of unexpectedly clear (set in B but not A) bits in area 1 */ #define MC_CMD_FUSE_DIAGS_OUT_AREA1_PAIR_A_BAD_BITS_OFST 20 +#define MC_CMD_FUSE_DIAGS_OUT_AREA1_PAIR_A_BAD_BITS_LEN 4 /* Total number of unexpectedly clear (set in A but not B) bits in area 1 */ #define MC_CMD_FUSE_DIAGS_OUT_AREA1_PAIR_B_BAD_BITS_OFST 24 +#define MC_CMD_FUSE_DIAGS_OUT_AREA1_PAIR_B_BAD_BITS_LEN 4 /* Checksum of data after logical OR of pairs in area 1 */ #define MC_CMD_FUSE_DIAGS_OUT_AREA1_CHECKSUM_OFST 28 +#define MC_CMD_FUSE_DIAGS_OUT_AREA1_CHECKSUM_LEN 4 /* Total number of mismatched bits between pairs in area 2 */ #define MC_CMD_FUSE_DIAGS_OUT_AREA2_MISMATCH_BITS_OFST 32 +#define MC_CMD_FUSE_DIAGS_OUT_AREA2_MISMATCH_BITS_LEN 4 /* Total number of unexpectedly clear (set in B but not A) bits in area 2 */ #define MC_CMD_FUSE_DIAGS_OUT_AREA2_PAIR_A_BAD_BITS_OFST 36 +#define MC_CMD_FUSE_DIAGS_OUT_AREA2_PAIR_A_BAD_BITS_LEN 4 /* Total number of unexpectedly clear (set in A but not B) bits in area 2 */ #define MC_CMD_FUSE_DIAGS_OUT_AREA2_PAIR_B_BAD_BITS_OFST 40 +#define MC_CMD_FUSE_DIAGS_OUT_AREA2_PAIR_B_BAD_BITS_LEN 4 /* Checksum of data after logical OR of pairs in area 2 */ #define MC_CMD_FUSE_DIAGS_OUT_AREA2_CHECKSUM_OFST 44 +#define MC_CMD_FUSE_DIAGS_OUT_AREA2_CHECKSUM_LEN 4 /***********************************/ @@ -14345,14 +15116,16 @@ #define MC_CMD_PRIVILEGE_MODIFY_IN_LEN 16 /* The groups of functions to have their privilege masks modified. */ #define MC_CMD_PRIVILEGE_MODIFY_IN_FN_GROUP_OFST 0 -#define MC_CMD_PRIVILEGE_MODIFY_IN_NONE 0x0 /* enum */ -#define MC_CMD_PRIVILEGE_MODIFY_IN_ALL 0x1 /* enum */ -#define MC_CMD_PRIVILEGE_MODIFY_IN_PFS_ONLY 0x2 /* enum */ -#define MC_CMD_PRIVILEGE_MODIFY_IN_VFS_ONLY 0x3 /* enum */ -#define MC_CMD_PRIVILEGE_MODIFY_IN_VFS_OF_PF 0x4 /* enum */ -#define MC_CMD_PRIVILEGE_MODIFY_IN_ONE 0x5 /* enum */ +#define MC_CMD_PRIVILEGE_MODIFY_IN_FN_GROUP_LEN 4 +#define MC_CMD_PRIVILEGE_MODIFY_IN_NONE 0x0 /* enum */ +#define MC_CMD_PRIVILEGE_MODIFY_IN_ALL 0x1 /* enum */ +#define MC_CMD_PRIVILEGE_MODIFY_IN_PFS_ONLY 0x2 /* enum */ +#define MC_CMD_PRIVILEGE_MODIFY_IN_VFS_ONLY 0x3 /* enum */ +#define MC_CMD_PRIVILEGE_MODIFY_IN_VFS_OF_PF 0x4 /* enum */ +#define MC_CMD_PRIVILEGE_MODIFY_IN_ONE 0x5 /* enum */ /* For VFS_OF_PF specify the PF, for ONE specify the target function */ #define MC_CMD_PRIVILEGE_MODIFY_IN_FUNCTION_OFST 4 +#define MC_CMD_PRIVILEGE_MODIFY_IN_FUNCTION_LEN 4 #define MC_CMD_PRIVILEGE_MODIFY_IN_FUNCTION_PF_LBN 0 #define MC_CMD_PRIVILEGE_MODIFY_IN_FUNCTION_PF_WIDTH 16 #define MC_CMD_PRIVILEGE_MODIFY_IN_FUNCTION_VF_LBN 16 @@ -14361,10 +15134,12 @@ * refer to the command MC_CMD_PRIVILEGE_MASK */ #define MC_CMD_PRIVILEGE_MODIFY_IN_ADD_MASK_OFST 8 +#define MC_CMD_PRIVILEGE_MODIFY_IN_ADD_MASK_LEN 4 /* Privileges to be removed from the target functions. For privilege * definitions refer to the command MC_CMD_PRIVILEGE_MASK */ #define MC_CMD_PRIVILEGE_MODIFY_IN_REMOVE_MASK_OFST 12 +#define MC_CMD_PRIVILEGE_MODIFY_IN_REMOVE_MASK_LEN 4 /* MC_CMD_PRIVILEGE_MODIFY_OUT msgresponse */ #define MC_CMD_PRIVILEGE_MODIFY_OUT_LEN 0 @@ -14383,8 +15158,10 @@ #define MC_CMD_XPM_READ_BYTES_IN_LEN 8 /* Start address (byte) */ #define MC_CMD_XPM_READ_BYTES_IN_ADDR_OFST 0 +#define MC_CMD_XPM_READ_BYTES_IN_ADDR_LEN 4 /* Count (bytes) */ #define MC_CMD_XPM_READ_BYTES_IN_COUNT_OFST 4 +#define MC_CMD_XPM_READ_BYTES_IN_COUNT_LEN 4 /* MC_CMD_XPM_READ_BYTES_OUT msgresponse */ #define MC_CMD_XPM_READ_BYTES_OUT_LENMIN 0 @@ -14404,7 +15181,7 @@ #define MC_CMD_XPM_WRITE_BYTES 0x104 #undef MC_CMD_0x104_PRIVILEGE_CTG -#define MC_CMD_0x104_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0x104_PRIVILEGE_CTG SRIOV_CTG_INSECURE /* MC_CMD_XPM_WRITE_BYTES_IN msgrequest */ #define MC_CMD_XPM_WRITE_BYTES_IN_LENMIN 8 @@ -14412,8 +15189,10 @@ #define MC_CMD_XPM_WRITE_BYTES_IN_LEN(num) (8+1*(num)) /* Start address (byte) */ #define MC_CMD_XPM_WRITE_BYTES_IN_ADDR_OFST 0 +#define MC_CMD_XPM_WRITE_BYTES_IN_ADDR_LEN 4 /* Count (bytes) */ #define MC_CMD_XPM_WRITE_BYTES_IN_COUNT_OFST 4 +#define MC_CMD_XPM_WRITE_BYTES_IN_COUNT_LEN 4 /* Data */ #define MC_CMD_XPM_WRITE_BYTES_IN_DATA_OFST 8 #define MC_CMD_XPM_WRITE_BYTES_IN_DATA_LEN 1 @@ -14431,14 +15210,16 @@ #define MC_CMD_XPM_READ_SECTOR 0x105 #undef MC_CMD_0x105_PRIVILEGE_CTG -#define MC_CMD_0x105_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0x105_PRIVILEGE_CTG SRIOV_CTG_INSECURE /* MC_CMD_XPM_READ_SECTOR_IN msgrequest */ #define MC_CMD_XPM_READ_SECTOR_IN_LEN 8 /* Sector index */ #define MC_CMD_XPM_READ_SECTOR_IN_INDEX_OFST 0 +#define MC_CMD_XPM_READ_SECTOR_IN_INDEX_LEN 4 /* Sector size */ #define MC_CMD_XPM_READ_SECTOR_IN_SIZE_OFST 4 +#define MC_CMD_XPM_READ_SECTOR_IN_SIZE_LEN 4 /* MC_CMD_XPM_READ_SECTOR_OUT msgresponse */ #define MC_CMD_XPM_READ_SECTOR_OUT_LENMIN 4 @@ -14446,10 +15227,12 @@ #define MC_CMD_XPM_READ_SECTOR_OUT_LEN(num) (4+1*(num)) /* Sector type */ #define MC_CMD_XPM_READ_SECTOR_OUT_TYPE_OFST 0 -#define MC_CMD_XPM_READ_SECTOR_OUT_BLANK 0x0 /* enum */ -#define MC_CMD_XPM_READ_SECTOR_OUT_CRYPTO_KEY_128 0x1 /* enum */ -#define MC_CMD_XPM_READ_SECTOR_OUT_CRYPTO_KEY_256 0x2 /* enum */ -#define MC_CMD_XPM_READ_SECTOR_OUT_INVALID 0xff /* enum */ +#define MC_CMD_XPM_READ_SECTOR_OUT_TYPE_LEN 4 +#define MC_CMD_XPM_READ_SECTOR_OUT_BLANK 0x0 /* enum */ +#define MC_CMD_XPM_READ_SECTOR_OUT_CRYPTO_KEY_128 0x1 /* enum */ +#define MC_CMD_XPM_READ_SECTOR_OUT_CRYPTO_KEY_256 0x2 /* enum */ +#define MC_CMD_XPM_READ_SECTOR_OUT_CRYPTO_DATA 0x3 /* enum */ +#define MC_CMD_XPM_READ_SECTOR_OUT_INVALID 0xff /* enum */ /* Sector data */ #define MC_CMD_XPM_READ_SECTOR_OUT_DATA_OFST 4 #define MC_CMD_XPM_READ_SECTOR_OUT_DATA_LEN 1 @@ -14464,7 +15247,7 @@ #define MC_CMD_XPM_WRITE_SECTOR 0x106 #undef MC_CMD_0x106_PRIVILEGE_CTG -#define MC_CMD_0x106_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0x106_PRIVILEGE_CTG SRIOV_CTG_INSECURE /* MC_CMD_XPM_WRITE_SECTOR_IN msgrequest */ #define MC_CMD_XPM_WRITE_SECTOR_IN_LENMIN 12 @@ -14481,10 +15264,12 @@ #define MC_CMD_XPM_WRITE_SECTOR_IN_RESERVED_LEN 3 /* Sector type */ #define MC_CMD_XPM_WRITE_SECTOR_IN_TYPE_OFST 4 +#define MC_CMD_XPM_WRITE_SECTOR_IN_TYPE_LEN 4 /* Enum values, see field(s): */ /* MC_CMD_XPM_READ_SECTOR/MC_CMD_XPM_READ_SECTOR_OUT/TYPE */ /* Sector size */ #define MC_CMD_XPM_WRITE_SECTOR_IN_SIZE_OFST 8 +#define MC_CMD_XPM_WRITE_SECTOR_IN_SIZE_LEN 4 /* Sector data */ #define MC_CMD_XPM_WRITE_SECTOR_IN_DATA_OFST 12 #define MC_CMD_XPM_WRITE_SECTOR_IN_DATA_LEN 1 @@ -14495,6 +15280,7 @@ #define MC_CMD_XPM_WRITE_SECTOR_OUT_LEN 4 /* New sector index */ #define MC_CMD_XPM_WRITE_SECTOR_OUT_INDEX_OFST 0 +#define MC_CMD_XPM_WRITE_SECTOR_OUT_INDEX_LEN 4 /***********************************/ @@ -14504,12 +15290,13 @@ #define MC_CMD_XPM_INVALIDATE_SECTOR 0x107 #undef MC_CMD_0x107_PRIVILEGE_CTG -#define MC_CMD_0x107_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0x107_PRIVILEGE_CTG SRIOV_CTG_INSECURE /* MC_CMD_XPM_INVALIDATE_SECTOR_IN msgrequest */ #define MC_CMD_XPM_INVALIDATE_SECTOR_IN_LEN 4 /* Sector index */ #define MC_CMD_XPM_INVALIDATE_SECTOR_IN_INDEX_OFST 0 +#define MC_CMD_XPM_INVALIDATE_SECTOR_IN_INDEX_LEN 4 /* MC_CMD_XPM_INVALIDATE_SECTOR_OUT msgresponse */ #define MC_CMD_XPM_INVALIDATE_SECTOR_OUT_LEN 0 @@ -14522,14 +15309,16 @@ #define MC_CMD_XPM_BLANK_CHECK 0x108 #undef MC_CMD_0x108_PRIVILEGE_CTG -#define MC_CMD_0x108_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0x108_PRIVILEGE_CTG SRIOV_CTG_INSECURE /* MC_CMD_XPM_BLANK_CHECK_IN msgrequest */ #define MC_CMD_XPM_BLANK_CHECK_IN_LEN 8 /* Start address (byte) */ #define MC_CMD_XPM_BLANK_CHECK_IN_ADDR_OFST 0 +#define MC_CMD_XPM_BLANK_CHECK_IN_ADDR_LEN 4 /* Count (bytes) */ #define MC_CMD_XPM_BLANK_CHECK_IN_COUNT_OFST 4 +#define MC_CMD_XPM_BLANK_CHECK_IN_COUNT_LEN 4 /* MC_CMD_XPM_BLANK_CHECK_OUT msgresponse */ #define MC_CMD_XPM_BLANK_CHECK_OUT_LENMIN 4 @@ -14537,6 +15326,7 @@ #define MC_CMD_XPM_BLANK_CHECK_OUT_LEN(num) (4+2*(num)) /* Total number of bad (non-blank) locations */ #define MC_CMD_XPM_BLANK_CHECK_OUT_BAD_COUNT_OFST 0 +#define MC_CMD_XPM_BLANK_CHECK_OUT_BAD_COUNT_LEN 4 /* Addresses of bad locations (may be less than BAD_COUNT, if all cannot fit * into MCDI response) */ @@ -14553,14 +15343,16 @@ #define MC_CMD_XPM_REPAIR 0x109 #undef MC_CMD_0x109_PRIVILEGE_CTG -#define MC_CMD_0x109_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0x109_PRIVILEGE_CTG SRIOV_CTG_INSECURE /* MC_CMD_XPM_REPAIR_IN msgrequest */ #define MC_CMD_XPM_REPAIR_IN_LEN 8 /* Start address (byte) */ #define MC_CMD_XPM_REPAIR_IN_ADDR_OFST 0 +#define MC_CMD_XPM_REPAIR_IN_ADDR_LEN 4 /* Count (bytes) */ #define MC_CMD_XPM_REPAIR_IN_COUNT_OFST 4 +#define MC_CMD_XPM_REPAIR_IN_COUNT_LEN 4 /* MC_CMD_XPM_REPAIR_OUT msgresponse */ #define MC_CMD_XPM_REPAIR_OUT_LEN 0 @@ -14574,7 +15366,7 @@ #define MC_CMD_XPM_DECODER_TEST 0x10a #undef MC_CMD_0x10a_PRIVILEGE_CTG -#define MC_CMD_0x10a_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0x10a_PRIVILEGE_CTG SRIOV_CTG_INSECURE /* MC_CMD_XPM_DECODER_TEST_IN msgrequest */ #define MC_CMD_XPM_DECODER_TEST_IN_LEN 0 @@ -14594,7 +15386,7 @@ #define MC_CMD_XPM_WRITE_TEST 0x10b #undef MC_CMD_0x10b_PRIVILEGE_CTG -#define MC_CMD_0x10b_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0x10b_PRIVILEGE_CTG SRIOV_CTG_INSECURE /* MC_CMD_XPM_WRITE_TEST_IN msgrequest */ #define MC_CMD_XPM_WRITE_TEST_IN_LEN 0 @@ -14615,16 +15407,19 @@ #define MC_CMD_EXEC_SIGNED 0x10c #undef MC_CMD_0x10c_PRIVILEGE_CTG -#define MC_CMD_0x10c_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0x10c_PRIVILEGE_CTG SRIOV_CTG_ADMIN_TSA_UNBOUND /* MC_CMD_EXEC_SIGNED_IN msgrequest */ #define MC_CMD_EXEC_SIGNED_IN_LEN 28 /* the length of code to include in the CMAC */ #define MC_CMD_EXEC_SIGNED_IN_CODELEN_OFST 0 +#define MC_CMD_EXEC_SIGNED_IN_CODELEN_LEN 4 /* the length of date to include in the CMAC */ #define MC_CMD_EXEC_SIGNED_IN_DATALEN_OFST 4 +#define MC_CMD_EXEC_SIGNED_IN_DATALEN_LEN 4 /* the XPM sector containing the key to use */ #define MC_CMD_EXEC_SIGNED_IN_KEYSECTOR_OFST 8 +#define MC_CMD_EXEC_SIGNED_IN_KEYSECTOR_LEN 4 /* the expected CMAC value */ #define MC_CMD_EXEC_SIGNED_IN_CMAC_OFST 12 #define MC_CMD_EXEC_SIGNED_IN_CMAC_LEN 16 @@ -14642,12 +15437,13 @@ #define MC_CMD_PREPARE_SIGNED 0x10d #undef MC_CMD_0x10d_PRIVILEGE_CTG -#define MC_CMD_0x10d_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0x10d_PRIVILEGE_CTG SRIOV_CTG_ADMIN_TSA_UNBOUND /* MC_CMD_PREPARE_SIGNED_IN msgrequest */ #define MC_CMD_PREPARE_SIGNED_IN_LEN 4 /* the length of data area to clear */ #define MC_CMD_PREPARE_SIGNED_IN_DATALEN_OFST 0 +#define MC_CMD_PREPARE_SIGNED_IN_DATALEN_LEN 4 /* MC_CMD_PREPARE_SIGNED_OUT msgresponse */ #define MC_CMD_PREPARE_SIGNED_OUT_LEN 0 @@ -14664,12 +15460,13 @@ #define MC_CMD_SET_SECURITY_RULE 0x10f #undef MC_CMD_0x10f_PRIVILEGE_CTG -#define MC_CMD_0x10f_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0x10f_PRIVILEGE_CTG SRIOV_CTG_ADMIN_TSA_UNBOUND /* MC_CMD_SET_SECURITY_RULE_IN msgrequest */ #define MC_CMD_SET_SECURITY_RULE_IN_LEN 92 /* fields to include in match criteria */ #define MC_CMD_SET_SECURITY_RULE_IN_MATCH_FIELDS_OFST 0 +#define MC_CMD_SET_SECURITY_RULE_IN_MATCH_FIELDS_LEN 4 #define MC_CMD_SET_SECURITY_RULE_IN_MATCH_REMOTE_IP_LBN 0 #define MC_CMD_SET_SECURITY_RULE_IN_MATCH_REMOTE_IP_WIDTH 1 #define MC_CMD_SET_SECURITY_RULE_IN_MATCH_LOCAL_IP_LBN 1 @@ -14726,8 +15523,10 @@ #define MC_CMD_SET_SECURITY_RULE_IN_IP_PROTO_LEN 2 /* Physical port to match (as little-endian 32-bit value) */ #define MC_CMD_SET_SECURITY_RULE_IN_PHYSICAL_PORT_OFST 28 +#define MC_CMD_SET_SECURITY_RULE_IN_PHYSICAL_PORT_LEN 4 /* Reserved; set to 0 */ #define MC_CMD_SET_SECURITY_RULE_IN_RESERVED_OFST 32 +#define MC_CMD_SET_SECURITY_RULE_IN_RESERVED_LEN 4 /* remote IP address to match (as bytes in network order; set last 12 bytes to * 0 for IPv4 address) */ @@ -14744,58 +15543,85 @@ * MC_CMD_SUBNET_MAP_SET_NODE appropriately */ #define MC_CMD_SET_SECURITY_RULE_IN_REMOTE_SUBNET_ID_OFST 68 +#define MC_CMD_SET_SECURITY_RULE_IN_REMOTE_SUBNET_ID_LEN 4 /* remote portrange ID to match (as little-endian 32-bit value); note that * remote port ranges are matched by mapping the remote port to a "portrange * ID" via a data structure which must already have been configured using * MC_CMD_REMOTE_PORTRANGE_MAP_SET_TREE */ #define MC_CMD_SET_SECURITY_RULE_IN_REMOTE_PORTRANGE_ID_OFST 72 +#define MC_CMD_SET_SECURITY_RULE_IN_REMOTE_PORTRANGE_ID_LEN 4 /* local portrange ID to match (as little-endian 32-bit value); note that local * port ranges are matched by mapping the local port to a "portrange ID" via a * data structure which must already have been configured using * MC_CMD_LOCAL_PORTRANGE_MAP_SET_TREE */ #define MC_CMD_SET_SECURITY_RULE_IN_LOCAL_PORTRANGE_ID_OFST 76 +#define MC_CMD_SET_SECURITY_RULE_IN_LOCAL_PORTRANGE_ID_LEN 4 /* set the action for transmitted packets matching this rule */ #define MC_CMD_SET_SECURITY_RULE_IN_TX_ACTION_OFST 80 +#define MC_CMD_SET_SECURITY_RULE_IN_TX_ACTION_LEN 4 /* enum: make no decision */ -#define MC_CMD_SET_SECURITY_RULE_IN_TX_ACTION_NONE 0x0 +#define MC_CMD_SET_SECURITY_RULE_IN_TX_ACTION_NONE 0x0 /* enum: decide to accept the packet */ -#define MC_CMD_SET_SECURITY_RULE_IN_TX_ACTION_WHITELIST 0x1 +#define MC_CMD_SET_SECURITY_RULE_IN_TX_ACTION_WHITELIST 0x1 /* enum: decide to drop the packet */ -#define MC_CMD_SET_SECURITY_RULE_IN_TX_ACTION_BLACKLIST 0x2 +#define MC_CMD_SET_SECURITY_RULE_IN_TX_ACTION_BLACKLIST 0x2 +/* enum: inform the TSA controller about some sample of packets matching this + * rule (via MC_CMD_TSA_INFO_IN_PKT_SAMPLE messages); may be bitwise-ORed with + * either the WHITELIST or BLACKLIST action + */ +#define MC_CMD_SET_SECURITY_RULE_IN_TX_ACTION_SAMPLE 0x4 /* enum: do not change the current TX action */ -#define MC_CMD_SET_SECURITY_RULE_IN_TX_ACTION_UNCHANGED 0xffffffff +#define MC_CMD_SET_SECURITY_RULE_IN_TX_ACTION_UNCHANGED 0xffffffff /* set the action for received packets matching this rule */ #define MC_CMD_SET_SECURITY_RULE_IN_RX_ACTION_OFST 84 +#define MC_CMD_SET_SECURITY_RULE_IN_RX_ACTION_LEN 4 /* enum: make no decision */ -#define MC_CMD_SET_SECURITY_RULE_IN_RX_ACTION_NONE 0x0 +#define MC_CMD_SET_SECURITY_RULE_IN_RX_ACTION_NONE 0x0 /* enum: decide to accept the packet */ -#define MC_CMD_SET_SECURITY_RULE_IN_RX_ACTION_WHITELIST 0x1 +#define MC_CMD_SET_SECURITY_RULE_IN_RX_ACTION_WHITELIST 0x1 /* enum: decide to drop the packet */ -#define MC_CMD_SET_SECURITY_RULE_IN_RX_ACTION_BLACKLIST 0x2 +#define MC_CMD_SET_SECURITY_RULE_IN_RX_ACTION_BLACKLIST 0x2 +/* enum: inform the TSA controller about some sample of packets matching this + * rule (via MC_CMD_TSA_INFO_IN_PKT_SAMPLE messages); may be bitwise-ORed with + * either the WHITELIST or BLACKLIST action + */ +#define MC_CMD_SET_SECURITY_RULE_IN_RX_ACTION_SAMPLE 0x4 /* enum: do not change the current RX action */ -#define MC_CMD_SET_SECURITY_RULE_IN_RX_ACTION_UNCHANGED 0xffffffff +#define MC_CMD_SET_SECURITY_RULE_IN_RX_ACTION_UNCHANGED 0xffffffff /* counter ID to associate with this rule; IDs are allocated using * MC_CMD_SECURITY_RULE_COUNTER_ALLOC */ #define MC_CMD_SET_SECURITY_RULE_IN_COUNTER_ID_OFST 88 +#define MC_CMD_SET_SECURITY_RULE_IN_COUNTER_ID_LEN 4 /* enum: special value for the null counter ID */ -#define MC_CMD_SET_SECURITY_RULE_IN_COUNTER_ID_NONE 0x0 +#define MC_CMD_SET_SECURITY_RULE_IN_COUNTER_ID_NONE 0x0 +/* enum: special value to tell the MC to allocate an available counter */ +#define MC_CMD_SET_SECURITY_RULE_IN_COUNTER_ID_SW_AUTO 0xeeeeeeee +/* enum: special value to request use of hardware counter (Medford2 only) */ +#define MC_CMD_SET_SECURITY_RULE_IN_COUNTER_ID_HW 0xffffffff /* MC_CMD_SET_SECURITY_RULE_OUT msgresponse */ -#define MC_CMD_SET_SECURITY_RULE_OUT_LEN 28 +#define MC_CMD_SET_SECURITY_RULE_OUT_LEN 32 /* new reference count for uses of counter ID */ #define MC_CMD_SET_SECURITY_RULE_OUT_COUNTER_REFCNT_OFST 0 +#define MC_CMD_SET_SECURITY_RULE_OUT_COUNTER_REFCNT_LEN 4 /* constructed match bits for this rule (as a tracing aid only) */ #define MC_CMD_SET_SECURITY_RULE_OUT_LUE_MATCH_BITS_OFST 4 #define MC_CMD_SET_SECURITY_RULE_OUT_LUE_MATCH_BITS_LEN 12 /* constructed discriminator bits for this rule (as a tracing aid only) */ #define MC_CMD_SET_SECURITY_RULE_OUT_LUE_DISCRIMINATOR_OFST 16 +#define MC_CMD_SET_SECURITY_RULE_OUT_LUE_DISCRIMINATOR_LEN 4 /* base location for probes for this rule (as a tracing aid only) */ #define MC_CMD_SET_SECURITY_RULE_OUT_LUE_PROBE_BASE_OFST 20 +#define MC_CMD_SET_SECURITY_RULE_OUT_LUE_PROBE_BASE_LEN 4 /* step for probes for this rule (as a tracing aid only) */ #define MC_CMD_SET_SECURITY_RULE_OUT_LUE_PROBE_STEP_OFST 24 +#define MC_CMD_SET_SECURITY_RULE_OUT_LUE_PROBE_STEP_LEN 4 +/* ID for reading back the counter */ +#define MC_CMD_SET_SECURITY_RULE_OUT_COUNTER_ID_OFST 28 +#define MC_CMD_SET_SECURITY_RULE_OUT_COUNTER_ID_LEN 4 /***********************************/ @@ -14809,14 +15635,15 @@ #define MC_CMD_RESET_SECURITY_RULES 0x110 #undef MC_CMD_0x110_PRIVILEGE_CTG -#define MC_CMD_0x110_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0x110_PRIVILEGE_CTG SRIOV_CTG_ADMIN_TSA_UNBOUND /* MC_CMD_RESET_SECURITY_RULES_IN msgrequest */ #define MC_CMD_RESET_SECURITY_RULES_IN_LEN 4 /* index of physical port to reset (or ALL_PHYSICAL_PORTS to reset all) */ #define MC_CMD_RESET_SECURITY_RULES_IN_PHYSICAL_PORT_OFST 0 +#define MC_CMD_RESET_SECURITY_RULES_IN_PHYSICAL_PORT_LEN 4 /* enum: special value to reset all physical ports */ -#define MC_CMD_RESET_SECURITY_RULES_IN_ALL_PHYSICAL_PORTS 0xffffffff +#define MC_CMD_RESET_SECURITY_RULES_IN_ALL_PHYSICAL_PORTS 0xffffffff /* MC_CMD_RESET_SECURITY_RULES_OUT msgresponse */ #define MC_CMD_RESET_SECURITY_RULES_OUT_LEN 0 @@ -14861,12 +15688,13 @@ #define MC_CMD_SECURITY_RULE_COUNTER_ALLOC 0x112 #undef MC_CMD_0x112_PRIVILEGE_CTG -#define MC_CMD_0x112_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0x112_PRIVILEGE_CTG SRIOV_CTG_ADMIN_TSA_UNBOUND /* MC_CMD_SECURITY_RULE_COUNTER_ALLOC_IN msgrequest */ #define MC_CMD_SECURITY_RULE_COUNTER_ALLOC_IN_LEN 4 /* the number of new counter IDs to request */ #define MC_CMD_SECURITY_RULE_COUNTER_ALLOC_IN_NUM_COUNTERS_OFST 0 +#define MC_CMD_SECURITY_RULE_COUNTER_ALLOC_IN_NUM_COUNTERS_LEN 4 /* MC_CMD_SECURITY_RULE_COUNTER_ALLOC_OUT msgresponse */ #define MC_CMD_SECURITY_RULE_COUNTER_ALLOC_OUT_LENMIN 4 @@ -14876,6 +15704,7 @@ * requested if resources are unavailable) */ #define MC_CMD_SECURITY_RULE_COUNTER_ALLOC_OUT_NUM_COUNTERS_OFST 0 +#define MC_CMD_SECURITY_RULE_COUNTER_ALLOC_OUT_NUM_COUNTERS_LEN 4 /* new counter ID(s) */ #define MC_CMD_SECURITY_RULE_COUNTER_ALLOC_OUT_COUNTER_ID_OFST 4 #define MC_CMD_SECURITY_RULE_COUNTER_ALLOC_OUT_COUNTER_ID_LEN 4 @@ -14894,7 +15723,7 @@ #define MC_CMD_SECURITY_RULE_COUNTER_FREE 0x113 #undef MC_CMD_0x113_PRIVILEGE_CTG -#define MC_CMD_0x113_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0x113_PRIVILEGE_CTG SRIOV_CTG_ADMIN_TSA_UNBOUND /* MC_CMD_SECURITY_RULE_COUNTER_FREE_IN msgrequest */ #define MC_CMD_SECURITY_RULE_COUNTER_FREE_IN_LENMIN 4 @@ -14902,6 +15731,7 @@ #define MC_CMD_SECURITY_RULE_COUNTER_FREE_IN_LEN(num) (4+4*(num)) /* the number of counter IDs to free */ #define MC_CMD_SECURITY_RULE_COUNTER_FREE_IN_NUM_COUNTERS_OFST 0 +#define MC_CMD_SECURITY_RULE_COUNTER_FREE_IN_NUM_COUNTERS_LEN 4 /* the counter ID(s) to free */ #define MC_CMD_SECURITY_RULE_COUNTER_FREE_IN_COUNTER_ID_OFST 4 #define MC_CMD_SECURITY_RULE_COUNTER_FREE_IN_COUNTER_ID_LEN 4 @@ -14925,7 +15755,7 @@ #define MC_CMD_SUBNET_MAP_SET_NODE 0x114 #undef MC_CMD_0x114_PRIVILEGE_CTG -#define MC_CMD_0x114_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0x114_PRIVILEGE_CTG SRIOV_CTG_ADMIN_TSA_UNBOUND /* MC_CMD_SUBNET_MAP_SET_NODE_IN msgrequest */ #define MC_CMD_SUBNET_MAP_SET_NODE_IN_LENMIN 6 @@ -14933,6 +15763,7 @@ #define MC_CMD_SUBNET_MAP_SET_NODE_IN_LEN(num) (4+2*(num)) /* node to update in the range 0 .. SUBNET_MAP_NUM_NODES-1 */ #define MC_CMD_SUBNET_MAP_SET_NODE_IN_NODE_ID_OFST 0 +#define MC_CMD_SUBNET_MAP_SET_NODE_IN_NODE_ID_LEN 4 /* SUBNET_MAP_NUM_ENTRIES_PER_NODE new entries; each entry is either a pointer * to the next node, expressed as an offset in the trie memory (i.e. node ID * multiplied by SUBNET_MAP_NUM_ENTRIES_PER_NODE), or a leaf value in the range @@ -14953,7 +15784,7 @@ */ #define PORTRANGE_TREE_ENTRY_BRANCH_KEY_OFST 0 #define PORTRANGE_TREE_ENTRY_BRANCH_KEY_LEN 2 -#define PORTRANGE_TREE_ENTRY_LEAF_NODE_KEY 0xffff /* enum */ +#define PORTRANGE_TREE_ENTRY_LEAF_NODE_KEY 0xffff /* enum */ #define PORTRANGE_TREE_ENTRY_BRANCH_KEY_LBN 0 #define PORTRANGE_TREE_ENTRY_BRANCH_KEY_WIDTH 16 /* final portrange ID for leaf nodes (don't care for branch nodes) */ @@ -14976,7 +15807,7 @@ #define MC_CMD_REMOTE_PORTRANGE_MAP_SET_TREE 0x115 #undef MC_CMD_0x115_PRIVILEGE_CTG -#define MC_CMD_0x115_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0x115_PRIVILEGE_CTG SRIOV_CTG_ADMIN_TSA_UNBOUND /* MC_CMD_REMOTE_PORTRANGE_MAP_SET_TREE_IN msgrequest */ #define MC_CMD_REMOTE_PORTRANGE_MAP_SET_TREE_IN_LENMIN 4 @@ -15007,7 +15838,7 @@ #define MC_CMD_LOCAL_PORTRANGE_MAP_SET_TREE 0x116 #undef MC_CMD_0x116_PRIVILEGE_CTG -#define MC_CMD_0x116_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0x116_PRIVILEGE_CTG SRIOV_CTG_ADMIN_TSA_UNBOUND /* MC_CMD_LOCAL_PORTRANGE_MAP_SET_TREE_IN msgrequest */ #define MC_CMD_LOCAL_PORTRANGE_MAP_SET_TREE_IN_LENMIN 4 @@ -15030,18 +15861,18 @@ #define TUNNEL_ENCAP_UDP_PORT_ENTRY_UDP_PORT_OFST 0 #define TUNNEL_ENCAP_UDP_PORT_ENTRY_UDP_PORT_LEN 2 /* enum: the IANA allocated UDP port for VXLAN */ -#define TUNNEL_ENCAP_UDP_PORT_ENTRY_IANA_VXLAN_UDP_PORT 0x12b5 +#define TUNNEL_ENCAP_UDP_PORT_ENTRY_IANA_VXLAN_UDP_PORT 0x12b5 /* enum: the IANA allocated UDP port for Geneve */ -#define TUNNEL_ENCAP_UDP_PORT_ENTRY_IANA_GENEVE_UDP_PORT 0x17c1 +#define TUNNEL_ENCAP_UDP_PORT_ENTRY_IANA_GENEVE_UDP_PORT 0x17c1 #define TUNNEL_ENCAP_UDP_PORT_ENTRY_UDP_PORT_LBN 0 #define TUNNEL_ENCAP_UDP_PORT_ENTRY_UDP_PORT_WIDTH 16 /* tunnel encapsulation protocol (only those named below are supported) */ #define TUNNEL_ENCAP_UDP_PORT_ENTRY_PROTOCOL_OFST 2 #define TUNNEL_ENCAP_UDP_PORT_ENTRY_PROTOCOL_LEN 2 /* enum: This port will be used for VXLAN on both IPv4 and IPv6 */ -#define TUNNEL_ENCAP_UDP_PORT_ENTRY_VXLAN 0x0 +#define TUNNEL_ENCAP_UDP_PORT_ENTRY_VXLAN 0x0 /* enum: This port will be used for Geneve on both IPv4 and IPv6 */ -#define TUNNEL_ENCAP_UDP_PORT_ENTRY_GENEVE 0x1 +#define TUNNEL_ENCAP_UDP_PORT_ENTRY_GENEVE 0x1 #define TUNNEL_ENCAP_UDP_PORT_ENTRY_PROTOCOL_LBN 16 #define TUNNEL_ENCAP_UDP_PORT_ENTRY_PROTOCOL_WIDTH 16 @@ -15098,18 +15929,22 @@ #define MC_CMD_RX_BALANCING 0x118 #undef MC_CMD_0x118_PRIVILEGE_CTG -#define MC_CMD_0x118_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0x118_PRIVILEGE_CTG SRIOV_CTG_ADMIN_TSA_UNBOUND /* MC_CMD_RX_BALANCING_IN msgrequest */ #define MC_CMD_RX_BALANCING_IN_LEN 16 /* The RX port whose upconverter table will be modified */ #define MC_CMD_RX_BALANCING_IN_PORT_OFST 0 +#define MC_CMD_RX_BALANCING_IN_PORT_LEN 4 /* The VLAN priority associated to the table index and vFIFO */ #define MC_CMD_RX_BALANCING_IN_PRIORITY_OFST 4 +#define MC_CMD_RX_BALANCING_IN_PRIORITY_LEN 4 /* The resulting bit of SRC^DST for indexing the table */ #define MC_CMD_RX_BALANCING_IN_SRC_DST_OFST 8 +#define MC_CMD_RX_BALANCING_IN_SRC_DST_LEN 4 /* The RX engine to which the vFIFO in the table entry will point to */ #define MC_CMD_RX_BALANCING_IN_ENG_OFST 12 +#define MC_CMD_RX_BALANCING_IN_ENG_LEN 4 /* MC_CMD_RX_BALANCING_OUT msgresponse */ #define MC_CMD_RX_BALANCING_OUT_LEN 0 @@ -15118,12 +15953,7 @@ /***********************************/ /* MC_CMD_TSA_BIND * TSAN - TSAC binding communication protocol. Refer to SF-115479-TC for more - * info in respect to the binding protocol. This MCDI command is only available - * over a TLS secure connection between the TSAN and TSAC, and is not available - * to host software. Note- The messages definitions that do comprise this MCDI - * command deemed as provisional. This MCDI command has not yet been used in - * any released code and may change during development. This note will be - * removed once it is regarded as stable. + * info in respect to the binding protocol. */ #define MC_CMD_TSA_BIND 0x119 #undef MC_CMD_0x119_PRIVILEGE_CTG @@ -15133,15 +15963,13 @@ /* MC_CMD_TSA_BIND_IN msgrequest: Protocol operation code */ #define MC_CMD_TSA_BIND_IN_LEN 4 #define MC_CMD_TSA_BIND_IN_OP_OFST 0 -/* enum: Retrieve the TSAN ID from a TSAN. TSAN ID is a unique identifier for - * the network adapter. More specifically, TSAN ID equals the MAC address of - * the network adapter. TSAN ID is used as part of the TSAN authentication - * protocol. Refer to SF-114946-SW for more information. - */ +#define MC_CMD_TSA_BIND_IN_OP_LEN 4 +/* enum: Obsolete. Use MC_CMD_SECURE_NIC_INFO_IN_STATUS. */ #define MC_CMD_TSA_BIND_OP_GET_ID 0x1 /* enum: Get a binding ticket from the TSAN. The binding ticket is used as part * of the binding procedure to authorize the binding of an adapter to a TSAID. - * Refer to SF-114946-SW for more information. + * Refer to SF-114946-SW for more information. This sub-command is only + * available over a TLS secure connection between the TSAN and TSAC. */ #define MC_CMD_TSA_BIND_OP_GET_TICKET 0x2 /* enum: Opcode associated with the propagation of a private key that TSAN uses @@ -15149,18 +15977,47 @@ * uses this key for a signing operation. TSAC uses the counterpart public key * to verify the signature. Note - The post-binding authentication occurs when * the TSAN-TSAC connection terminates and TSAN tries to reconnect. Refer to - * SF-114946-SW for more information. + * SF-114946-SW for more information. This sub-command is only available over a + * TLS secure connection between the TSAN and TSAC. */ #define MC_CMD_TSA_BIND_OP_SET_KEY 0x3 -/* enum: Request an unbinding operation. Note- TSAN clears the binding ticket - * from the Nvram section. +/* enum: Request an insecure unbinding operation. This sub-command is available + * for any privileged client. */ #define MC_CMD_TSA_BIND_OP_UNBIND 0x4 - -/* MC_CMD_TSA_BIND_IN_GET_ID msgrequest */ +/* enum: Obsolete. Use MC_CMD_TSA_BIND_OP_SECURE_UNBIND. */ +#define MC_CMD_TSA_BIND_OP_UNBIND_EXT 0x5 +/* enum: Opcode associated with the propagation of the unbinding secret token. + * TSAN persists the unbinding secret token. Refer to SF-115479-TC for more + * information. This sub-command is only available over a TLS secure connection + * between the TSAN and TSAC. + */ +#define MC_CMD_TSA_BIND_OP_SET_UNBINDTOKEN 0x6 +/* enum: Obsolete. Use MC_CMD_TSA_BIND_OP_SECURE_DECOMMISSION. */ +#define MC_CMD_TSA_BIND_OP_DECOMMISSION 0x7 +/* enum: Obsolete. Use MC_CMD_GET_CERTIFICATE. */ +#define MC_CMD_TSA_BIND_OP_GET_CERTIFICATE 0x8 +/* enum: Request a secure unbinding operation using unbinding token. This sub- + * command is available for any privileged client. + */ +#define MC_CMD_TSA_BIND_OP_SECURE_UNBIND 0x9 +/* enum: Request a secure decommissioning operation. This sub-command is + * available for any privileged client. + */ +#define MC_CMD_TSA_BIND_OP_SECURE_DECOMMISSION 0xa +/* enum: Test facility that allows an adapter to be configured to behave as if + * Bound to a TSA controller with restricted MCDI administrator operations. + * This operation is primarily intended to aid host driver development. + */ +#define MC_CMD_TSA_BIND_OP_TEST_MCDI 0xb + +/* MC_CMD_TSA_BIND_IN_GET_ID msgrequest: Obsolete. Use + * MC_CMD_SECURE_NIC_INFO_IN_STATUS. + */ #define MC_CMD_TSA_BIND_IN_GET_ID_LEN 20 /* The operation requested. */ #define MC_CMD_TSA_BIND_IN_GET_ID_OP_OFST 0 +#define MC_CMD_TSA_BIND_IN_GET_ID_OP_LEN 4 /* Cryptographic nonce that TSAC generates and sends to TSAN. TSAC generates * the nonce every time as part of the TSAN post-binding authentication * procedure when the TSAN-TSAC connection terminates and TSAN does need to re- @@ -15173,6 +16030,7 @@ #define MC_CMD_TSA_BIND_IN_GET_TICKET_LEN 4 /* The operation requested. */ #define MC_CMD_TSA_BIND_IN_GET_TICKET_OP_OFST 0 +#define MC_CMD_TSA_BIND_IN_GET_TICKET_OP_LEN 4 /* MC_CMD_TSA_BIND_IN_SET_KEY msgrequest */ #define MC_CMD_TSA_BIND_IN_SET_KEY_LENMIN 5 @@ -15180,6 +16038,7 @@ #define MC_CMD_TSA_BIND_IN_SET_KEY_LEN(num) (4+1*(num)) /* The operation requested. */ #define MC_CMD_TSA_BIND_IN_SET_KEY_OP_OFST 0 +#define MC_CMD_TSA_BIND_IN_SET_KEY_OP_LEN 4 /* This data blob contains the private key generated by the TSAC. TSAN uses * this key for a signing operation. Note- This private key is used in * conjunction with the post-binding TSAN authentication procedure that occurs @@ -15191,26 +16050,261 @@ #define MC_CMD_TSA_BIND_IN_SET_KEY_DATKEY_MINNUM 1 #define MC_CMD_TSA_BIND_IN_SET_KEY_DATKEY_MAXNUM 248 -/* MC_CMD_TSA_BIND_IN_UNBIND msgrequest: Asks for the un-binding procedure */ +/* MC_CMD_TSA_BIND_IN_UNBIND msgrequest: Request an insecure unbinding + * operation. + */ #define MC_CMD_TSA_BIND_IN_UNBIND_LEN 10 /* The operation requested. */ #define MC_CMD_TSA_BIND_IN_UNBIND_OP_OFST 0 +#define MC_CMD_TSA_BIND_IN_UNBIND_OP_LEN 4 /* TSAN unique identifier for the network adapter */ #define MC_CMD_TSA_BIND_IN_UNBIND_TSANID_OFST 4 #define MC_CMD_TSA_BIND_IN_UNBIND_TSANID_LEN 6 -/* MC_CMD_TSA_BIND_OUT_GET_ID msgresponse */ +/* MC_CMD_TSA_BIND_IN_UNBIND_EXT msgrequest: Obsolete. Use + * MC_CMD_TSA_BIND_IN_SECURE_UNBIND. + */ +#define MC_CMD_TSA_BIND_IN_UNBIND_EXT_LENMIN 93 +#define MC_CMD_TSA_BIND_IN_UNBIND_EXT_LENMAX 252 +#define MC_CMD_TSA_BIND_IN_UNBIND_EXT_LEN(num) (92+1*(num)) +/* The operation requested. */ +#define MC_CMD_TSA_BIND_IN_UNBIND_EXT_OP_OFST 0 +#define MC_CMD_TSA_BIND_IN_UNBIND_EXT_OP_LEN 4 +/* TSAN unique identifier for the network adapter */ +#define MC_CMD_TSA_BIND_IN_UNBIND_EXT_TSANID_OFST 4 +#define MC_CMD_TSA_BIND_IN_UNBIND_EXT_TSANID_LEN 6 +/* Align the arguments to 32 bits */ +#define MC_CMD_TSA_BIND_IN_UNBIND_EXT_TSANID_RSVD_OFST 10 +#define MC_CMD_TSA_BIND_IN_UNBIND_EXT_TSANID_RSVD_LEN 2 +/* This attribute identifies the TSA infrastructure domain. The length of the + * TSAID attribute is limited to 64 bytes. This is how TSA SDK defines the max + * length. Note- The TSAID is the Organizational Unit Name filed as part of the + * root and server certificates. + */ +#define MC_CMD_TSA_BIND_IN_UNBIND_EXT_TSAID_OFST 12 +#define MC_CMD_TSA_BIND_IN_UNBIND_EXT_TSAID_LEN 1 +#define MC_CMD_TSA_BIND_IN_UNBIND_EXT_TSAID_NUM 64 +/* Unbinding secret token. The adapter validates this unbinding token by + * comparing it against the one stored on the adapter as part of the + * MC_CMD_TSA_BIND_IN_SET_UNBINDTOKEN msgrequest. Refer to SF-115479-TC for + * more information. + */ +#define MC_CMD_TSA_BIND_IN_UNBIND_EXT_UNBINDTOKEN_OFST 76 +#define MC_CMD_TSA_BIND_IN_UNBIND_EXT_UNBINDTOKEN_LEN 16 +/* This is the signature of the above mentioned fields- TSANID, TSAID and + * UNBINDTOKEN. As per current requirements, the SIG opaque data blob contains + * ECDSA ECC-384 based signature. The ECC curve is secp384r1. The signature is + * also ASN-1 encoded. Note- The signature is verified based on the public key + * stored into the root certificate that is provisioned on the adapter side. + * This key is known as the PUKtsaid. Refer to SF-115479-TC for more + * information. + */ +#define MC_CMD_TSA_BIND_IN_UNBIND_EXT_SIG_OFST 92 +#define MC_CMD_TSA_BIND_IN_UNBIND_EXT_SIG_LEN 1 +#define MC_CMD_TSA_BIND_IN_UNBIND_EXT_SIG_MINNUM 1 +#define MC_CMD_TSA_BIND_IN_UNBIND_EXT_SIG_MAXNUM 160 + +/* MC_CMD_TSA_BIND_IN_SET_UNBINDTOKEN msgrequest */ +#define MC_CMD_TSA_BIND_IN_SET_UNBINDTOKEN_LEN 20 +/* The operation requested. */ +#define MC_CMD_TSA_BIND_IN_SET_UNBINDTOKEN_OP_OFST 0 +#define MC_CMD_TSA_BIND_IN_SET_UNBINDTOKEN_OP_LEN 4 +/* Unbinding secret token. TSAN persists the unbinding secret token. Refer to + * SF-115479-TC for more information. + */ +#define MC_CMD_TSA_BIND_IN_SET_UNBINDTOKEN_UNBINDTOKEN_OFST 4 +#define MC_CMD_TSA_BIND_IN_SET_UNBINDTOKEN_UNBINDTOKEN_LEN 16 +/* enum: There are situations when the binding process does not complete + * successfully due to key, other attributes corruption at the database level + * (Controller). Adapter can't connect to the controller anymore. To recover, + * make usage of the decommission command that forces the adapter into + * unbinding state. + */ +#define MC_CMD_TSA_BIND_IN_SET_UNBINDTOKEN_ADAPTER_BINDING_FAILURE 0x1 + +/* MC_CMD_TSA_BIND_IN_DECOMMISSION msgrequest: Obsolete. Use + * MC_CMD_TSA_BIND_IN_SECURE_DECOMMISSION. + */ +#define MC_CMD_TSA_BIND_IN_DECOMMISSION_LENMIN 109 +#define MC_CMD_TSA_BIND_IN_DECOMMISSION_LENMAX 252 +#define MC_CMD_TSA_BIND_IN_DECOMMISSION_LEN(num) (108+1*(num)) +/* This is the signature of the above mentioned fields- TSAID, USER and REASON. + * As per current requirements, the SIG opaque data blob contains ECDSA ECC-384 + * based signature. The ECC curve is secp384r1. The signature is also ASN-1 + * encoded . Note- The signature is verified based on the public key stored + * into the root certificate that is provisioned on the adapter side. This key + * is known as the PUKtsaid. Refer to SF-115479-TC for more information. + */ +#define MC_CMD_TSA_BIND_IN_DECOMMISSION_SIG_OFST 108 +#define MC_CMD_TSA_BIND_IN_DECOMMISSION_SIG_LEN 1 +#define MC_CMD_TSA_BIND_IN_DECOMMISSION_SIG_MINNUM 1 +#define MC_CMD_TSA_BIND_IN_DECOMMISSION_SIG_MAXNUM 144 +/* The operation requested. */ +#define MC_CMD_TSA_BIND_IN_DECOMMISSION_OP_OFST 0 +#define MC_CMD_TSA_BIND_IN_DECOMMISSION_OP_LEN 4 +/* This attribute identifies the TSA infrastructure domain. The length of the + * TSAID attribute is limited to 64 bytes. This is how TSA SDK defines the max + * length. Note- The TSAID is the Organizational Unit Name filed as part of the + * root and server certificates. + */ +#define MC_CMD_TSA_BIND_IN_DECOMMISSION_TSAID_OFST 4 +#define MC_CMD_TSA_BIND_IN_DECOMMISSION_TSAID_LEN 1 +#define MC_CMD_TSA_BIND_IN_DECOMMISSION_TSAID_NUM 64 +/* User ID that comes, as an example, from the Controller. Note- The 33 byte + * length of this attribute is max length of the linux user name plus null + * character. + */ +#define MC_CMD_TSA_BIND_IN_DECOMMISSION_USER_OFST 68 +#define MC_CMD_TSA_BIND_IN_DECOMMISSION_USER_LEN 1 +#define MC_CMD_TSA_BIND_IN_DECOMMISSION_USER_NUM 33 +/* Align the arguments to 32 bits */ +#define MC_CMD_TSA_BIND_IN_DECOMMISSION_USER_RSVD_OFST 101 +#define MC_CMD_TSA_BIND_IN_DECOMMISSION_USER_RSVD_LEN 3 +/* Reason of why decommissioning happens Note- The list of reasons, defined as + * part of the enumeration below, can be extended. + */ +#define MC_CMD_TSA_BIND_IN_DECOMMISSION_REASON_OFST 104 +#define MC_CMD_TSA_BIND_IN_DECOMMISSION_REASON_LEN 4 + +/* MC_CMD_TSA_BIND_IN_GET_CERTIFICATE msgrequest: Obsolete. Use + * MC_CMD_GET_CERTIFICATE. + */ +#define MC_CMD_TSA_BIND_IN_GET_CERTIFICATE_LEN 8 +/* The operation requested, must be MC_CMD_TSA_BIND_OP_GET_CERTIFICATE. */ +#define MC_CMD_TSA_BIND_IN_GET_CERTIFICATE_OP_OFST 0 +#define MC_CMD_TSA_BIND_IN_GET_CERTIFICATE_OP_LEN 4 +/* Type of the certificate to be retrieved. */ +#define MC_CMD_TSA_BIND_IN_GET_CERTIFICATE_TYPE_OFST 4 +#define MC_CMD_TSA_BIND_IN_GET_CERTIFICATE_TYPE_LEN 4 +#define MC_CMD_TSA_BIND_IN_GET_CERTIFICATE_UNUSED 0x0 /* enum */ +/* enum: Adapter Authentication Certificate (AAC). The AAC is used by the + * controller to verify the authenticity of the adapter. + */ +#define MC_CMD_TSA_BIND_IN_GET_CERTIFICATE_AAC 0x1 +/* enum: Adapter Authentication Signing Certificate (AASC). The AASC is used by + * the controller to verify the validity of AAC. + */ +#define MC_CMD_TSA_BIND_IN_GET_CERTIFICATE_AASC 0x2 + +/* MC_CMD_TSA_BIND_IN_SECURE_UNBIND msgrequest: Request a secure unbinding + * operation using unbinding token. + */ +#define MC_CMD_TSA_BIND_IN_SECURE_UNBIND_LENMIN 97 +#define MC_CMD_TSA_BIND_IN_SECURE_UNBIND_LENMAX 200 +#define MC_CMD_TSA_BIND_IN_SECURE_UNBIND_LEN(num) (96+1*(num)) +/* The operation requested, must be MC_CMD_TSA_BIND_OP_SECURE_UNBIND. */ +#define MC_CMD_TSA_BIND_IN_SECURE_UNBIND_OP_OFST 0 +#define MC_CMD_TSA_BIND_IN_SECURE_UNBIND_OP_LEN 4 +/* Type of the message. (MESSAGE_TYPE_xxx) Must be + * MESSAGE_TYPE_TSA_SECURE_UNBIND. + */ +#define MC_CMD_TSA_BIND_IN_SECURE_UNBIND_MESSAGE_TYPE_OFST 4 +#define MC_CMD_TSA_BIND_IN_SECURE_UNBIND_MESSAGE_TYPE_LEN 4 +/* TSAN unique identifier for the network adapter */ +#define MC_CMD_TSA_BIND_IN_SECURE_UNBIND_TSANID_OFST 8 +#define MC_CMD_TSA_BIND_IN_SECURE_UNBIND_TSANID_LEN 6 +/* Align the arguments to 32 bits */ +#define MC_CMD_TSA_BIND_IN_SECURE_UNBIND_TSANID_RSVD_OFST 14 +#define MC_CMD_TSA_BIND_IN_SECURE_UNBIND_TSANID_RSVD_LEN 2 +/* A NUL padded US-ASCII string identifying the TSA infrastructure domain. This + * field is for information only, and not used by the firmware. Note- The TSAID + * is the Organizational Unit Name field as part of the root and server + * certificates. + */ +#define MC_CMD_TSA_BIND_IN_SECURE_UNBIND_TSAID_OFST 16 +#define MC_CMD_TSA_BIND_IN_SECURE_UNBIND_TSAID_LEN 1 +#define MC_CMD_TSA_BIND_IN_SECURE_UNBIND_TSAID_NUM 64 +/* Unbinding secret token. The adapter validates this unbinding token by + * comparing it against the one stored on the adapter as part of the + * MC_CMD_TSA_BIND_IN_SET_UNBINDTOKEN msgrequest. Refer to SF-115479-TC for + * more information. + */ +#define MC_CMD_TSA_BIND_IN_SECURE_UNBIND_UNBINDTOKEN_OFST 80 +#define MC_CMD_TSA_BIND_IN_SECURE_UNBIND_UNBINDTOKEN_LEN 16 +/* The signature computed and encoded as specified by MESSAGE_TYPE. */ +#define MC_CMD_TSA_BIND_IN_SECURE_UNBIND_SIG_OFST 96 +#define MC_CMD_TSA_BIND_IN_SECURE_UNBIND_SIG_LEN 1 +#define MC_CMD_TSA_BIND_IN_SECURE_UNBIND_SIG_MINNUM 1 +#define MC_CMD_TSA_BIND_IN_SECURE_UNBIND_SIG_MAXNUM 104 + +/* MC_CMD_TSA_BIND_IN_SECURE_DECOMMISSION msgrequest: Request a secure + * decommissioning operation. + */ +#define MC_CMD_TSA_BIND_IN_SECURE_DECOMMISSION_LENMIN 113 +#define MC_CMD_TSA_BIND_IN_SECURE_DECOMMISSION_LENMAX 216 +#define MC_CMD_TSA_BIND_IN_SECURE_DECOMMISSION_LEN(num) (112+1*(num)) +/* The operation requested, must be MC_CMD_TSA_BIND_OP_SECURE_DECOMMISSION. */ +#define MC_CMD_TSA_BIND_IN_SECURE_DECOMMISSION_OP_OFST 0 +#define MC_CMD_TSA_BIND_IN_SECURE_DECOMMISSION_OP_LEN 4 +/* Type of the message. (MESSAGE_TYPE_xxx) Must be + * MESSAGE_TYPE_SECURE_DECOMMISSION. + */ +#define MC_CMD_TSA_BIND_IN_SECURE_DECOMMISSION_MESSAGE_TYPE_OFST 4 +#define MC_CMD_TSA_BIND_IN_SECURE_DECOMMISSION_MESSAGE_TYPE_LEN 4 +/* A NUL padded US-ASCII string identifying the TSA infrastructure domain. This + * field is for information only, and not used by the firmware. Note- The TSAID + * is the Organizational Unit Name field as part of the root and server + * certificates. + */ +#define MC_CMD_TSA_BIND_IN_SECURE_DECOMMISSION_TSAID_OFST 8 +#define MC_CMD_TSA_BIND_IN_SECURE_DECOMMISSION_TSAID_LEN 1 +#define MC_CMD_TSA_BIND_IN_SECURE_DECOMMISSION_TSAID_NUM 64 +/* A NUL padded US-ASCII string containing user name of the creator of the + * decommissioning ticket. This field is for information only, and not used by + * the firmware. + */ +#define MC_CMD_TSA_BIND_IN_SECURE_DECOMMISSION_USER_OFST 72 +#define MC_CMD_TSA_BIND_IN_SECURE_DECOMMISSION_USER_LEN 1 +#define MC_CMD_TSA_BIND_IN_SECURE_DECOMMISSION_USER_NUM 36 +/* Reason of why decommissioning happens */ +#define MC_CMD_TSA_BIND_IN_SECURE_DECOMMISSION_REASON_OFST 108 +#define MC_CMD_TSA_BIND_IN_SECURE_DECOMMISSION_REASON_LEN 4 +/* enum: There are situations when the binding process does not complete + * successfully due to key, other attributes corruption at the database level + * (Controller). Adapter can't connect to the controller anymore. To recover, + * use the decommission command to force the adapter into unbound state. + */ +#define MC_CMD_TSA_BIND_IN_SECURE_DECOMMISSION_ADAPTER_BINDING_FAILURE 0x1 +/* The signature computed and encoded as specified by MESSAGE_TYPE. */ +#define MC_CMD_TSA_BIND_IN_SECURE_DECOMMISSION_SIG_OFST 112 +#define MC_CMD_TSA_BIND_IN_SECURE_DECOMMISSION_SIG_LEN 1 +#define MC_CMD_TSA_BIND_IN_SECURE_DECOMMISSION_SIG_MINNUM 1 +#define MC_CMD_TSA_BIND_IN_SECURE_DECOMMISSION_SIG_MAXNUM 104 + +/* MC_CMD_TSA_BIND_IN_TEST_MCDI msgrequest: Test mode that emulates MCDI + * interface restrictions of a bound adapter. This operation is intended for + * test use on adapters that are not deployed and bound to a TSA Controller. + * Using it on a Bound adapter will succeed but will not alter the MCDI + * privileges as MCDI operations will already be restricted. + */ +#define MC_CMD_TSA_BIND_IN_TEST_MCDI_LEN 8 +/* The operation requested must be MC_CMD_TSA_BIND_OP_TEST_MCDI. */ +#define MC_CMD_TSA_BIND_IN_TEST_MCDI_OP_OFST 0 +#define MC_CMD_TSA_BIND_IN_TEST_MCDI_OP_LEN 4 +/* Enable or disable emulation of bound adapter */ +#define MC_CMD_TSA_BIND_IN_TEST_MCDI_CTRL_OFST 4 +#define MC_CMD_TSA_BIND_IN_TEST_MCDI_CTRL_LEN 4 +#define MC_CMD_TSA_BIND_IN_TEST_MCDI_DISABLE 0x0 /* enum */ +#define MC_CMD_TSA_BIND_IN_TEST_MCDI_ENABLE 0x1 /* enum */ + +/* MC_CMD_TSA_BIND_OUT_GET_ID msgresponse: Obsolete. Use + * MC_CMD_SECURE_NIC_INFO_OUT_STATUS. + */ #define MC_CMD_TSA_BIND_OUT_GET_ID_LENMIN 15 #define MC_CMD_TSA_BIND_OUT_GET_ID_LENMAX 252 #define MC_CMD_TSA_BIND_OUT_GET_ID_LEN(num) (14+1*(num)) -/* The operation completion code. */ +/* The protocol operation code MC_CMD_TSA_BIND_OP_GET_ID that is sent back to + * the caller. + */ #define MC_CMD_TSA_BIND_OUT_GET_ID_OP_OFST 0 +#define MC_CMD_TSA_BIND_OUT_GET_ID_OP_LEN 4 /* Rules engine type. Note- The rules engine type allows TSAC to further * identify the connected endpoint (e.g. TSAN, NIC Emulator) type and take the * proper action accordingly. As an example, TSAC uses the rules engine type to * select the SF key that differs in the case of TSAN vs. NIC Emulator. */ #define MC_CMD_TSA_BIND_OUT_GET_ID_RULE_ENGINE_OFST 4 +#define MC_CMD_TSA_BIND_OUT_GET_ID_RULE_ENGINE_LEN 4 /* enum: Hardware rules engine. */ #define MC_CMD_TSA_BIND_OUT_GET_ID_RULE_ENGINE_TSAN 0x1 /* enum: Nic emulator rules engine. */ @@ -15234,8 +16328,11 @@ #define MC_CMD_TSA_BIND_OUT_GET_TICKET_LENMIN 5 #define MC_CMD_TSA_BIND_OUT_GET_TICKET_LENMAX 252 #define MC_CMD_TSA_BIND_OUT_GET_TICKET_LEN(num) (4+1*(num)) -/* The operation completion code. */ +/* The protocol operation code MC_CMD_TSA_BIND_OP_GET_TICKET that is sent back + * to the caller. + */ #define MC_CMD_TSA_BIND_OUT_GET_TICKET_OP_OFST 0 +#define MC_CMD_TSA_BIND_OUT_GET_TICKET_OP_LEN 4 /* The ticket represents the data blob construct that TSAN sends to TSAC as * part of the binding protocol. From the TSAN perspective the ticket is an * opaque construct. For more info refer to SF-115479-TC. @@ -15247,23 +16344,142 @@ /* MC_CMD_TSA_BIND_OUT_SET_KEY msgresponse */ #define MC_CMD_TSA_BIND_OUT_SET_KEY_LEN 4 -/* The operation completion code. */ +/* The protocol operation code MC_CMD_TSA_BIND_OP_SET_KEY that is sent back to + * the caller. + */ #define MC_CMD_TSA_BIND_OUT_SET_KEY_OP_OFST 0 +#define MC_CMD_TSA_BIND_OUT_SET_KEY_OP_LEN 4 -/* MC_CMD_TSA_BIND_OUT_UNBIND msgresponse */ +/* MC_CMD_TSA_BIND_OUT_UNBIND msgresponse: Response to insecure unbind request. + */ #define MC_CMD_TSA_BIND_OUT_UNBIND_LEN 8 /* Same as MC_CMD_ERR field, but included as 0 in success cases */ #define MC_CMD_TSA_BIND_OUT_UNBIND_RESULT_OFST 0 +#define MC_CMD_TSA_BIND_OUT_UNBIND_RESULT_LEN 4 /* Extra status information */ #define MC_CMD_TSA_BIND_OUT_UNBIND_INFO_OFST 4 +#define MC_CMD_TSA_BIND_OUT_UNBIND_INFO_LEN 4 /* enum: Unbind successful. */ -#define MC_CMD_TSA_BIND_OUT_UNBIND_OK_UNBOUND 0x0 +#define MC_CMD_TSA_BIND_OUT_UNBIND_OK_UNBOUND 0x0 /* enum: TSANID mismatch */ -#define MC_CMD_TSA_BIND_OUT_UNBIND_ERR_BAD_TSANID 0x1 +#define MC_CMD_TSA_BIND_OUT_UNBIND_ERR_BAD_TSANID 0x1 /* enum: Unable to remove the binding ticket from persistent storage. */ -#define MC_CMD_TSA_BIND_OUT_UNBIND_ERR_REMOVE_TICKET 0x2 +#define MC_CMD_TSA_BIND_OUT_UNBIND_ERR_REMOVE_TICKET 0x2 /* enum: TSAN is not bound to a binding ticket. */ -#define MC_CMD_TSA_BIND_OUT_UNBIND_ERR_NOT_BOUND 0x3 +#define MC_CMD_TSA_BIND_OUT_UNBIND_ERR_NOT_BOUND 0x3 + +/* MC_CMD_TSA_BIND_OUT_UNBIND_EXT msgresponse: Obsolete. Use + * MC_CMD_TSA_BIND_OUT_SECURE_UNBIND. + */ +#define MC_CMD_TSA_BIND_OUT_UNBIND_EXT_LEN 8 +/* Same as MC_CMD_ERR field, but included as 0 in success cases */ +#define MC_CMD_TSA_BIND_OUT_UNBIND_EXT_RESULT_OFST 0 +#define MC_CMD_TSA_BIND_OUT_UNBIND_EXT_RESULT_LEN 4 +/* Extra status information */ +#define MC_CMD_TSA_BIND_OUT_UNBIND_EXT_INFO_OFST 4 +#define MC_CMD_TSA_BIND_OUT_UNBIND_EXT_INFO_LEN 4 +/* enum: Unbind successful. */ +#define MC_CMD_TSA_BIND_OUT_UNBIND_EXT_OK_UNBOUND 0x0 +/* enum: TSANID mismatch */ +#define MC_CMD_TSA_BIND_OUT_UNBIND_EXT_ERR_BAD_TSANID 0x1 +/* enum: Unable to remove the binding ticket from persistent storage. */ +#define MC_CMD_TSA_BIND_OUT_UNBIND_EXT_ERR_REMOVE_TICKET 0x2 +/* enum: TSAN is not bound to a binding ticket. */ +#define MC_CMD_TSA_BIND_OUT_UNBIND_EXT_ERR_NOT_BOUND 0x3 +/* enum: Invalid unbind token */ +#define MC_CMD_TSA_BIND_OUT_UNBIND_EXT_ERR_BAD_TOKEN 0x4 +/* enum: Invalid signature */ +#define MC_CMD_TSA_BIND_OUT_UNBIND_EXT_ERR_BAD_SIGNATURE 0x5 + +/* MC_CMD_TSA_BIND_OUT_SET_UNBINDTOKEN msgresponse */ +#define MC_CMD_TSA_BIND_OUT_SET_UNBINDTOKEN_LEN 4 +/* The protocol operation code MC_CMD_TSA_BIND_OP_SET_UNBINDTOKEN that is sent + * back to the caller. + */ +#define MC_CMD_TSA_BIND_OUT_SET_UNBINDTOKEN_OP_OFST 0 +#define MC_CMD_TSA_BIND_OUT_SET_UNBINDTOKEN_OP_LEN 4 + +/* MC_CMD_TSA_BIND_OUT_DECOMMISSION msgresponse: Obsolete. Use + * MC_CMD_TSA_BIND_OUT_SECURE_DECOMMISSION. + */ +#define MC_CMD_TSA_BIND_OUT_DECOMMISSION_LEN 4 +/* The protocol operation code MC_CMD_TSA_BIND_OP_DECOMMISSION that is sent + * back to the caller. + */ +#define MC_CMD_TSA_BIND_OUT_DECOMMISSION_OP_OFST 0 +#define MC_CMD_TSA_BIND_OUT_DECOMMISSION_OP_LEN 4 + +/* MC_CMD_TSA_BIND_OUT_GET_CERTIFICATE msgresponse */ +#define MC_CMD_TSA_BIND_OUT_GET_CERTIFICATE_LENMIN 9 +#define MC_CMD_TSA_BIND_OUT_GET_CERTIFICATE_LENMAX 252 +#define MC_CMD_TSA_BIND_OUT_GET_CERTIFICATE_LEN(num) (8+1*(num)) +/* The protocol operation code MC_CMD_TSA_BIND_OP_GET_CERTIFICATE that is sent + * back to the caller. + */ +#define MC_CMD_TSA_BIND_OUT_GET_CERTIFICATE_OP_OFST 0 +#define MC_CMD_TSA_BIND_OUT_GET_CERTIFICATE_OP_LEN 4 +/* Type of the certificate. */ +#define MC_CMD_TSA_BIND_OUT_GET_CERTIFICATE_TYPE_OFST 4 +#define MC_CMD_TSA_BIND_OUT_GET_CERTIFICATE_TYPE_LEN 4 +/* Enum values, see field(s): */ +/* MC_CMD_TSA_BIND_IN_GET_CERTIFICATE/TYPE */ +/* The certificate data. */ +#define MC_CMD_TSA_BIND_OUT_GET_CERTIFICATE_DATA_OFST 8 +#define MC_CMD_TSA_BIND_OUT_GET_CERTIFICATE_DATA_LEN 1 +#define MC_CMD_TSA_BIND_OUT_GET_CERTIFICATE_DATA_MINNUM 1 +#define MC_CMD_TSA_BIND_OUT_GET_CERTIFICATE_DATA_MAXNUM 244 + +/* MC_CMD_TSA_BIND_OUT_SECURE_UNBIND msgresponse: Response to secure unbind + * request. + */ +#define MC_CMD_TSA_BIND_OUT_SECURE_UNBIND_LEN 8 +/* The protocol operation code that is sent back to the caller. */ +#define MC_CMD_TSA_BIND_OUT_SECURE_UNBIND_OP_OFST 0 +#define MC_CMD_TSA_BIND_OUT_SECURE_UNBIND_OP_LEN 4 +#define MC_CMD_TSA_BIND_OUT_SECURE_UNBIND_RESULT_OFST 4 +#define MC_CMD_TSA_BIND_OUT_SECURE_UNBIND_RESULT_LEN 4 +/* enum: Unbind successful. */ +#define MC_CMD_TSA_BIND_OUT_SECURE_UNBIND_OK_UNBOUND 0x0 +/* enum: TSANID mismatch */ +#define MC_CMD_TSA_BIND_OUT_SECURE_UNBIND_ERR_BAD_TSANID 0x1 +/* enum: Unable to remove the binding ticket from persistent storage. */ +#define MC_CMD_TSA_BIND_OUT_SECURE_UNBIND_ERR_REMOVE_TICKET 0x2 +/* enum: TSAN is not bound to a domain. */ +#define MC_CMD_TSA_BIND_OUT_SECURE_UNBIND_ERR_NOT_BOUND 0x3 +/* enum: Invalid unbind token */ +#define MC_CMD_TSA_BIND_OUT_SECURE_UNBIND_ERR_BAD_TOKEN 0x4 +/* enum: Invalid signature */ +#define MC_CMD_TSA_BIND_OUT_SECURE_UNBIND_ERR_BAD_SIGNATURE 0x5 + +/* MC_CMD_TSA_BIND_OUT_SECURE_DECOMMISSION msgresponse: Response to secure + * decommission request. + */ +#define MC_CMD_TSA_BIND_OUT_SECURE_DECOMMISSION_LEN 8 +/* The protocol operation code that is sent back to the caller. */ +#define MC_CMD_TSA_BIND_OUT_SECURE_DECOMMISSION_OP_OFST 0 +#define MC_CMD_TSA_BIND_OUT_SECURE_DECOMMISSION_OP_LEN 4 +#define MC_CMD_TSA_BIND_OUT_SECURE_DECOMMISSION_RESULT_OFST 4 +#define MC_CMD_TSA_BIND_OUT_SECURE_DECOMMISSION_RESULT_LEN 4 +/* enum: Unbind successful. */ +#define MC_CMD_TSA_BIND_OUT_SECURE_DECOMMISSION_OK_UNBOUND 0x0 +/* enum: TSANID mismatch */ +#define MC_CMD_TSA_BIND_OUT_SECURE_DECOMMISSION_ERR_BAD_TSANID 0x1 +/* enum: Unable to remove the binding ticket from persistent storage. */ +#define MC_CMD_TSA_BIND_OUT_SECURE_DECOMMISSION_ERR_REMOVE_TICKET 0x2 +/* enum: TSAN is not bound to a domain. */ +#define MC_CMD_TSA_BIND_OUT_SECURE_DECOMMISSION_ERR_NOT_BOUND 0x3 +/* enum: Invalid unbind token */ +#define MC_CMD_TSA_BIND_OUT_SECURE_DECOMMISSION_ERR_BAD_TOKEN 0x4 +/* enum: Invalid signature */ +#define MC_CMD_TSA_BIND_OUT_SECURE_DECOMMISSION_ERR_BAD_SIGNATURE 0x5 + +/* MC_CMD_TSA_BIND_OUT_TEST_MCDI msgrequest */ +#define MC_CMD_TSA_BIND_OUT_TEST_MCDI_LEN 4 +/* The protocol operation code MC_CMD_TSA_BIND_OP_TEST_MCDI that is sent back + * to the caller. + */ +#define MC_CMD_TSA_BIND_OUT_TEST_MCDI_OP_OFST 0 +#define MC_CMD_TSA_BIND_OUT_TEST_MCDI_OP_LEN 4 /***********************************/ @@ -15276,9 +16492,9 @@ * will be loaded at power on or MC reboot, instead of the default ruleset. * Rollback of the currently active ruleset to the cached version (when it is * valid) is also supported. (Medford-only; for use by SolarSecure apps, not - * directly by drivers. See SF-114946-SW.) NOTE - this message definition is - * provisional. It has not yet been used in any released code and may change - * during development. This note will be removed once it is regarded as stable. + * directly by drivers. See SF-114946-SW.) NOTE - The only sub-operation + * allowed in an adapter bound to a TSA controller from the local host is + * OP_GET_CACHED_VERSION. All other sub-operations are prohibited. */ #define MC_CMD_MANAGE_SECURITY_RULESET_CACHE 0x11a #undef MC_CMD_0x11a_PRIVILEGE_CTG @@ -15289,18 +16505,19 @@ #define MC_CMD_MANAGE_SECURITY_RULESET_CACHE_IN_LEN 4 /* the operation to perform */ #define MC_CMD_MANAGE_SECURITY_RULESET_CACHE_IN_OP_OFST 0 +#define MC_CMD_MANAGE_SECURITY_RULESET_CACHE_IN_OP_LEN 4 /* enum: reports the ruleset version that is cached in persistent storage but * performs no other action */ -#define MC_CMD_MANAGE_SECURITY_RULESET_CACHE_IN_OP_GET_CACHED_VERSION 0x0 +#define MC_CMD_MANAGE_SECURITY_RULESET_CACHE_IN_OP_GET_CACHED_VERSION 0x0 /* enum: rolls back the active state to the cached version. (May fail with * ENOENT if there is no valid cached version.) */ -#define MC_CMD_MANAGE_SECURITY_RULESET_CACHE_IN_OP_ROLLBACK 0x1 +#define MC_CMD_MANAGE_SECURITY_RULESET_CACHE_IN_OP_ROLLBACK 0x1 /* enum: commits the active state to the persistent cache */ -#define MC_CMD_MANAGE_SECURITY_RULESET_CACHE_IN_OP_COMMIT 0x2 +#define MC_CMD_MANAGE_SECURITY_RULESET_CACHE_IN_OP_COMMIT 0x2 /* enum: invalidates the persistent cache without affecting the active state */ -#define MC_CMD_MANAGE_SECURITY_RULESET_CACHE_IN_OP_INVALIDATE 0x3 +#define MC_CMD_MANAGE_SECURITY_RULESET_CACHE_IN_OP_INVALIDATE 0x3 /* MC_CMD_MANAGE_SECURITY_RULESET_CACHE_OUT msgresponse */ #define MC_CMD_MANAGE_SECURITY_RULESET_CACHE_OUT_LENMIN 5 @@ -15310,12 +16527,13 @@ * requested operation in the case of rollback, commit, or invalidate) */ #define MC_CMD_MANAGE_SECURITY_RULESET_CACHE_OUT_STATE_OFST 0 +#define MC_CMD_MANAGE_SECURITY_RULESET_CACHE_OUT_STATE_LEN 4 /* enum: persistent cache is invalid (the VERSION field will be empty in this * case) */ -#define MC_CMD_MANAGE_SECURITY_RULESET_CACHE_OUT_STATE_INVALID 0x0 +#define MC_CMD_MANAGE_SECURITY_RULESET_CACHE_OUT_STATE_INVALID 0x0 /* enum: persistent cache is valid */ -#define MC_CMD_MANAGE_SECURITY_RULESET_CACHE_OUT_STATE_VALID 0x1 +#define MC_CMD_MANAGE_SECURITY_RULESET_CACHE_OUT_STATE_VALID 0x1 /* cached ruleset version (after completion of the requested operation, in the * case of rollback, commit, or invalidate) as an opaque hash value in the same * form as MC_CMD_GET_SECURITY_RULESET_VERSION_OUT_VERSION @@ -15334,7 +16552,7 @@ #define MC_CMD_NVRAM_PRIVATE_APPEND 0x11c #undef MC_CMD_0x11c_PRIVILEGE_CTG -#define MC_CMD_0x11c_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0x11c_PRIVILEGE_CTG SRIOV_CTG_ADMIN_TSA_UNBOUND /* MC_CMD_NVRAM_PRIVATE_APPEND_IN msgrequest */ #define MC_CMD_NVRAM_PRIVATE_APPEND_IN_LENMIN 9 @@ -15342,8 +16560,10 @@ #define MC_CMD_NVRAM_PRIVATE_APPEND_IN_LEN(num) (8+1*(num)) /* The tag to be appended */ #define MC_CMD_NVRAM_PRIVATE_APPEND_IN_TAG_OFST 0 +#define MC_CMD_NVRAM_PRIVATE_APPEND_IN_TAG_LEN 4 /* The length of the data */ #define MC_CMD_NVRAM_PRIVATE_APPEND_IN_LENGTH_OFST 4 +#define MC_CMD_NVRAM_PRIVATE_APPEND_IN_LENGTH_LEN 4 /* The data to be contained in the TLV structure */ #define MC_CMD_NVRAM_PRIVATE_APPEND_IN_DATA_BUFFER_OFST 8 #define MC_CMD_NVRAM_PRIVATE_APPEND_IN_DATA_BUFFER_LEN 1 @@ -15369,6 +16589,7 @@ #define MC_CMD_XPM_VERIFY_CONTENTS_IN_LEN 4 /* Data type to be checked */ #define MC_CMD_XPM_VERIFY_CONTENTS_IN_DATA_TYPE_OFST 0 +#define MC_CMD_XPM_VERIFY_CONTENTS_IN_DATA_TYPE_LEN 4 /* MC_CMD_XPM_VERIFY_CONTENTS_OUT msgresponse */ #define MC_CMD_XPM_VERIFY_CONTENTS_OUT_LENMIN 12 @@ -15376,10 +16597,13 @@ #define MC_CMD_XPM_VERIFY_CONTENTS_OUT_LEN(num) (12+1*(num)) /* Number of sectors found (test builds only) */ #define MC_CMD_XPM_VERIFY_CONTENTS_OUT_NUM_SECTORS_OFST 0 +#define MC_CMD_XPM_VERIFY_CONTENTS_OUT_NUM_SECTORS_LEN 4 /* Number of bytes found (test builds only) */ #define MC_CMD_XPM_VERIFY_CONTENTS_OUT_NUM_BYTES_OFST 4 +#define MC_CMD_XPM_VERIFY_CONTENTS_OUT_NUM_BYTES_LEN 4 /* Length of signature */ #define MC_CMD_XPM_VERIFY_CONTENTS_OUT_SIG_LENGTH_OFST 8 +#define MC_CMD_XPM_VERIFY_CONTENTS_OUT_SIG_LENGTH_LEN 4 /* Signature */ #define MC_CMD_XPM_VERIFY_CONTENTS_OUT_SIGNATURE_OFST 12 #define MC_CMD_XPM_VERIFY_CONTENTS_OUT_SIGNATURE_LEN 1 @@ -15405,23 +16629,29 @@ #define MC_CMD_SET_EVQ_TMR_IN_LEN 16 /* Function-relative queue instance */ #define MC_CMD_SET_EVQ_TMR_IN_INSTANCE_OFST 0 +#define MC_CMD_SET_EVQ_TMR_IN_INSTANCE_LEN 4 /* Requested value for timer load (in nanoseconds) */ #define MC_CMD_SET_EVQ_TMR_IN_TMR_LOAD_REQ_NS_OFST 4 +#define MC_CMD_SET_EVQ_TMR_IN_TMR_LOAD_REQ_NS_LEN 4 /* Requested value for timer reload (in nanoseconds) */ #define MC_CMD_SET_EVQ_TMR_IN_TMR_RELOAD_REQ_NS_OFST 8 +#define MC_CMD_SET_EVQ_TMR_IN_TMR_RELOAD_REQ_NS_LEN 4 /* Timer mode. Meanings as per EVQ_TMR_REG.TC_TIMER_VAL */ #define MC_CMD_SET_EVQ_TMR_IN_TMR_MODE_OFST 12 -#define MC_CMD_SET_EVQ_TMR_IN_TIMER_MODE_DIS 0x0 /* enum */ -#define MC_CMD_SET_EVQ_TMR_IN_TIMER_MODE_IMMED_START 0x1 /* enum */ -#define MC_CMD_SET_EVQ_TMR_IN_TIMER_MODE_TRIG_START 0x2 /* enum */ -#define MC_CMD_SET_EVQ_TMR_IN_TIMER_MODE_INT_HLDOFF 0x3 /* enum */ +#define MC_CMD_SET_EVQ_TMR_IN_TMR_MODE_LEN 4 +#define MC_CMD_SET_EVQ_TMR_IN_TIMER_MODE_DIS 0x0 /* enum */ +#define MC_CMD_SET_EVQ_TMR_IN_TIMER_MODE_IMMED_START 0x1 /* enum */ +#define MC_CMD_SET_EVQ_TMR_IN_TIMER_MODE_TRIG_START 0x2 /* enum */ +#define MC_CMD_SET_EVQ_TMR_IN_TIMER_MODE_INT_HLDOFF 0x3 /* enum */ /* MC_CMD_SET_EVQ_TMR_OUT msgresponse */ #define MC_CMD_SET_EVQ_TMR_OUT_LEN 8 /* Actual value for timer load (in nanoseconds) */ #define MC_CMD_SET_EVQ_TMR_OUT_TMR_LOAD_ACT_NS_OFST 0 +#define MC_CMD_SET_EVQ_TMR_OUT_TMR_LOAD_ACT_NS_LEN 4 /* Actual value for timer reload (in nanoseconds) */ #define MC_CMD_SET_EVQ_TMR_OUT_TMR_RELOAD_ACT_NS_OFST 4 +#define MC_CMD_SET_EVQ_TMR_OUT_TMR_RELOAD_ACT_NS_LEN 4 /***********************************/ @@ -15440,29 +16670,35 @@ #define MC_CMD_GET_EVQ_TMR_PROPERTIES_OUT_LEN 36 /* Reserved for future use. */ #define MC_CMD_GET_EVQ_TMR_PROPERTIES_OUT_FLAGS_OFST 0 +#define MC_CMD_GET_EVQ_TMR_PROPERTIES_OUT_FLAGS_LEN 4 /* For timers updated via writes to EVQ_TMR_REG, this is the time interval (in * nanoseconds) for each increment of the timer load/reload count. The * requested duration of a timer is this value multiplied by the timer * load/reload count. */ #define MC_CMD_GET_EVQ_TMR_PROPERTIES_OUT_TMR_REG_NS_PER_COUNT_OFST 4 +#define MC_CMD_GET_EVQ_TMR_PROPERTIES_OUT_TMR_REG_NS_PER_COUNT_LEN 4 /* For timers updated via writes to EVQ_TMR_REG, this is the maximum value * allowed for timer load/reload counts. */ #define MC_CMD_GET_EVQ_TMR_PROPERTIES_OUT_TMR_REG_MAX_COUNT_OFST 8 +#define MC_CMD_GET_EVQ_TMR_PROPERTIES_OUT_TMR_REG_MAX_COUNT_LEN 4 /* For timers updated via writes to EVQ_TMR_REG, timer load/reload counts not a * multiple of this step size will be rounded in an implementation defined * manner. */ #define MC_CMD_GET_EVQ_TMR_PROPERTIES_OUT_TMR_REG_STEP_OFST 12 +#define MC_CMD_GET_EVQ_TMR_PROPERTIES_OUT_TMR_REG_STEP_LEN 4 /* Maximum timer duration (in nanoseconds) for timers updated via MCDI. Only * meaningful if MC_CMD_SET_EVQ_TMR is implemented. */ #define MC_CMD_GET_EVQ_TMR_PROPERTIES_OUT_MCDI_TMR_MAX_NS_OFST 16 +#define MC_CMD_GET_EVQ_TMR_PROPERTIES_OUT_MCDI_TMR_MAX_NS_LEN 4 /* Timer durations requested via MCDI that are not a multiple of this step size * will be rounded up. Only meaningful if MC_CMD_SET_EVQ_TMR is implemented. */ #define MC_CMD_GET_EVQ_TMR_PROPERTIES_OUT_MCDI_TMR_STEP_NS_OFST 20 +#define MC_CMD_GET_EVQ_TMR_PROPERTIES_OUT_MCDI_TMR_STEP_NS_LEN 4 /* For timers updated using the bug35388 workaround, this is the time interval * (in nanoseconds) for each increment of the timer load/reload count. The * requested duration of a timer is this value multiplied by the timer @@ -15470,17 +16706,20 @@ * is enabled. */ #define MC_CMD_GET_EVQ_TMR_PROPERTIES_OUT_BUG35388_TMR_NS_PER_COUNT_OFST 24 +#define MC_CMD_GET_EVQ_TMR_PROPERTIES_OUT_BUG35388_TMR_NS_PER_COUNT_LEN 4 /* For timers updated using the bug35388 workaround, this is the maximum value * allowed for timer load/reload counts. This field is only meaningful if the * bug35388 workaround is enabled. */ #define MC_CMD_GET_EVQ_TMR_PROPERTIES_OUT_BUG35388_TMR_MAX_COUNT_OFST 28 +#define MC_CMD_GET_EVQ_TMR_PROPERTIES_OUT_BUG35388_TMR_MAX_COUNT_LEN 4 /* For timers updated using the bug35388 workaround, timer load/reload counts * not a multiple of this step size will be rounded in an implementation * defined manner. This field is only meaningful if the bug35388 workaround is * enabled. */ #define MC_CMD_GET_EVQ_TMR_PROPERTIES_OUT_BUG35388_TMR_STEP_OFST 32 +#define MC_CMD_GET_EVQ_TMR_PROPERTIES_OUT_BUG35388_TMR_STEP_LEN 4 /***********************************/ @@ -15491,7 +16730,7 @@ #define MC_CMD_ALLOCATE_TX_VFIFO_CP 0x11d #undef MC_CMD_0x11d_PRIVILEGE_CTG -#define MC_CMD_0x11d_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0x11d_PRIVILEGE_CTG SRIOV_CTG_GENERAL /* MC_CMD_ALLOCATE_TX_VFIFO_CP_IN msgrequest */ #define MC_CMD_ALLOCATE_TX_VFIFO_CP_IN_LEN 20 @@ -15499,34 +16738,40 @@ * local queue index. */ #define MC_CMD_ALLOCATE_TX_VFIFO_CP_IN_INSTANCE_OFST 0 +#define MC_CMD_ALLOCATE_TX_VFIFO_CP_IN_INSTANCE_LEN 4 /* Will the common pool be used as TX_vFIFO_ULL (1) */ #define MC_CMD_ALLOCATE_TX_VFIFO_CP_IN_MODE_OFST 4 -#define MC_CMD_ALLOCATE_TX_VFIFO_CP_IN_ENABLED 0x1 /* enum */ +#define MC_CMD_ALLOCATE_TX_VFIFO_CP_IN_MODE_LEN 4 +#define MC_CMD_ALLOCATE_TX_VFIFO_CP_IN_ENABLED 0x1 /* enum */ /* enum: Using this interface without TX_vFIFO_ULL is not supported for now */ -#define MC_CMD_ALLOCATE_TX_VFIFO_CP_IN_DISABLED 0x0 +#define MC_CMD_ALLOCATE_TX_VFIFO_CP_IN_DISABLED 0x0 /* Number of buffers to reserve for the common pool */ #define MC_CMD_ALLOCATE_TX_VFIFO_CP_IN_SIZE_OFST 8 +#define MC_CMD_ALLOCATE_TX_VFIFO_CP_IN_SIZE_LEN 4 /* TX datapath to which the Common Pool is connected to. */ #define MC_CMD_ALLOCATE_TX_VFIFO_CP_IN_INGRESS_OFST 12 +#define MC_CMD_ALLOCATE_TX_VFIFO_CP_IN_INGRESS_LEN 4 /* enum: Extracts information from function */ -#define MC_CMD_ALLOCATE_TX_VFIFO_CP_IN_USE_FUNCTION_VALUE -0x1 +#define MC_CMD_ALLOCATE_TX_VFIFO_CP_IN_USE_FUNCTION_VALUE -0x1 /* Network port or RX Engine to which the common pool connects. */ #define MC_CMD_ALLOCATE_TX_VFIFO_CP_IN_EGRESS_OFST 16 +#define MC_CMD_ALLOCATE_TX_VFIFO_CP_IN_EGRESS_LEN 4 /* enum: Extracts information from function */ -/* MC_CMD_ALLOCATE_TX_VFIFO_CP_IN_USE_FUNCTION_VALUE -0x1 */ -#define MC_CMD_ALLOCATE_TX_VFIFO_CP_IN_PORT0 0x0 /* enum */ -#define MC_CMD_ALLOCATE_TX_VFIFO_CP_IN_PORT1 0x1 /* enum */ -#define MC_CMD_ALLOCATE_TX_VFIFO_CP_IN_PORT2 0x2 /* enum */ -#define MC_CMD_ALLOCATE_TX_VFIFO_CP_IN_PORT3 0x3 /* enum */ +/* MC_CMD_ALLOCATE_TX_VFIFO_CP_IN_USE_FUNCTION_VALUE -0x1 */ +#define MC_CMD_ALLOCATE_TX_VFIFO_CP_IN_PORT0 0x0 /* enum */ +#define MC_CMD_ALLOCATE_TX_VFIFO_CP_IN_PORT1 0x1 /* enum */ +#define MC_CMD_ALLOCATE_TX_VFIFO_CP_IN_PORT2 0x2 /* enum */ +#define MC_CMD_ALLOCATE_TX_VFIFO_CP_IN_PORT3 0x3 /* enum */ /* enum: To enable Switch loopback with Rx engine 0 */ -#define MC_CMD_ALLOCATE_TX_VFIFO_CP_IN_RX_ENGINE0 0x4 +#define MC_CMD_ALLOCATE_TX_VFIFO_CP_IN_RX_ENGINE0 0x4 /* enum: To enable Switch loopback with Rx engine 1 */ -#define MC_CMD_ALLOCATE_TX_VFIFO_CP_IN_RX_ENGINE1 0x5 +#define MC_CMD_ALLOCATE_TX_VFIFO_CP_IN_RX_ENGINE1 0x5 /* MC_CMD_ALLOCATE_TX_VFIFO_CP_OUT msgresponse */ #define MC_CMD_ALLOCATE_TX_VFIFO_CP_OUT_LEN 4 /* ID of the common pool allocated */ #define MC_CMD_ALLOCATE_TX_VFIFO_CP_OUT_CP_ID_OFST 0 +#define MC_CMD_ALLOCATE_TX_VFIFO_CP_OUT_CP_ID_LEN 4 /***********************************/ @@ -15537,42 +16782,49 @@ #define MC_CMD_ALLOCATE_TX_VFIFO_VFIFO 0x11e #undef MC_CMD_0x11e_PRIVILEGE_CTG -#define MC_CMD_0x11e_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0x11e_PRIVILEGE_CTG SRIOV_CTG_GENERAL /* MC_CMD_ALLOCATE_TX_VFIFO_VFIFO_IN msgrequest */ #define MC_CMD_ALLOCATE_TX_VFIFO_VFIFO_IN_LEN 20 /* Common pool previously allocated to which the new vFIFO will be associated */ #define MC_CMD_ALLOCATE_TX_VFIFO_VFIFO_IN_CP_OFST 0 +#define MC_CMD_ALLOCATE_TX_VFIFO_VFIFO_IN_CP_LEN 4 /* Port or RX engine to associate the vFIFO egress */ #define MC_CMD_ALLOCATE_TX_VFIFO_VFIFO_IN_EGRESS_OFST 4 +#define MC_CMD_ALLOCATE_TX_VFIFO_VFIFO_IN_EGRESS_LEN 4 /* enum: Extracts information from common pool */ -#define MC_CMD_ALLOCATE_TX_VFIFO_VFIFO_IN_USE_CP_VALUE -0x1 -#define MC_CMD_ALLOCATE_TX_VFIFO_VFIFO_IN_PORT0 0x0 /* enum */ -#define MC_CMD_ALLOCATE_TX_VFIFO_VFIFO_IN_PORT1 0x1 /* enum */ -#define MC_CMD_ALLOCATE_TX_VFIFO_VFIFO_IN_PORT2 0x2 /* enum */ -#define MC_CMD_ALLOCATE_TX_VFIFO_VFIFO_IN_PORT3 0x3 /* enum */ +#define MC_CMD_ALLOCATE_TX_VFIFO_VFIFO_IN_USE_CP_VALUE -0x1 +#define MC_CMD_ALLOCATE_TX_VFIFO_VFIFO_IN_PORT0 0x0 /* enum */ +#define MC_CMD_ALLOCATE_TX_VFIFO_VFIFO_IN_PORT1 0x1 /* enum */ +#define MC_CMD_ALLOCATE_TX_VFIFO_VFIFO_IN_PORT2 0x2 /* enum */ +#define MC_CMD_ALLOCATE_TX_VFIFO_VFIFO_IN_PORT3 0x3 /* enum */ /* enum: To enable Switch loopback with Rx engine 0 */ -#define MC_CMD_ALLOCATE_TX_VFIFO_VFIFO_IN_RX_ENGINE0 0x4 +#define MC_CMD_ALLOCATE_TX_VFIFO_VFIFO_IN_RX_ENGINE0 0x4 /* enum: To enable Switch loopback with Rx engine 1 */ -#define MC_CMD_ALLOCATE_TX_VFIFO_VFIFO_IN_RX_ENGINE1 0x5 +#define MC_CMD_ALLOCATE_TX_VFIFO_VFIFO_IN_RX_ENGINE1 0x5 /* Minimum number of buffers that the pool must have */ #define MC_CMD_ALLOCATE_TX_VFIFO_VFIFO_IN_SIZE_OFST 8 +#define MC_CMD_ALLOCATE_TX_VFIFO_VFIFO_IN_SIZE_LEN 4 /* enum: Do not check the space available */ -#define MC_CMD_ALLOCATE_TX_VFIFO_VFIFO_IN_NO_MINIMUM 0x0 +#define MC_CMD_ALLOCATE_TX_VFIFO_VFIFO_IN_NO_MINIMUM 0x0 /* Will the vFIFO be used as TX_vFIFO_ULL */ #define MC_CMD_ALLOCATE_TX_VFIFO_VFIFO_IN_MODE_OFST 12 +#define MC_CMD_ALLOCATE_TX_VFIFO_VFIFO_IN_MODE_LEN 4 /* Network priority of the vFIFO,if applicable */ #define MC_CMD_ALLOCATE_TX_VFIFO_VFIFO_IN_PRIORITY_OFST 16 +#define MC_CMD_ALLOCATE_TX_VFIFO_VFIFO_IN_PRIORITY_LEN 4 /* enum: Search for the lowest unused priority */ -#define MC_CMD_ALLOCATE_TX_VFIFO_VFIFO_IN_LOWEST_AVAILABLE -0x1 +#define MC_CMD_ALLOCATE_TX_VFIFO_VFIFO_IN_LOWEST_AVAILABLE -0x1 /* MC_CMD_ALLOCATE_TX_VFIFO_VFIFO_OUT msgresponse */ #define MC_CMD_ALLOCATE_TX_VFIFO_VFIFO_OUT_LEN 8 /* Short vFIFO ID */ #define MC_CMD_ALLOCATE_TX_VFIFO_VFIFO_OUT_VID_OFST 0 +#define MC_CMD_ALLOCATE_TX_VFIFO_VFIFO_OUT_VID_LEN 4 /* Network priority of the vFIFO */ #define MC_CMD_ALLOCATE_TX_VFIFO_VFIFO_OUT_PRIORITY_OFST 4 +#define MC_CMD_ALLOCATE_TX_VFIFO_VFIFO_OUT_PRIORITY_LEN 4 /***********************************/ @@ -15583,12 +16835,13 @@ #define MC_CMD_TEARDOWN_TX_VFIFO_VF 0x11f #undef MC_CMD_0x11f_PRIVILEGE_CTG -#define MC_CMD_0x11f_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0x11f_PRIVILEGE_CTG SRIOV_CTG_GENERAL /* MC_CMD_TEARDOWN_TX_VFIFO_VF_IN msgrequest */ #define MC_CMD_TEARDOWN_TX_VFIFO_VF_IN_LEN 4 /* Short vFIFO ID */ #define MC_CMD_TEARDOWN_TX_VFIFO_VF_IN_VFIFO_OFST 0 +#define MC_CMD_TEARDOWN_TX_VFIFO_VF_IN_VFIFO_LEN 4 /* MC_CMD_TEARDOWN_TX_VFIFO_VF_OUT msgresponse */ #define MC_CMD_TEARDOWN_TX_VFIFO_VF_OUT_LEN 0 @@ -15602,12 +16855,13 @@ #define MC_CMD_DEALLOCATE_TX_VFIFO_CP 0x121 #undef MC_CMD_0x121_PRIVILEGE_CTG -#define MC_CMD_0x121_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0x121_PRIVILEGE_CTG SRIOV_CTG_GENERAL /* MC_CMD_DEALLOCATE_TX_VFIFO_CP_IN msgrequest */ #define MC_CMD_DEALLOCATE_TX_VFIFO_CP_IN_LEN 4 /* Common pool ID given when pool allocated */ #define MC_CMD_DEALLOCATE_TX_VFIFO_CP_IN_POOL_ID_OFST 0 +#define MC_CMD_DEALLOCATE_TX_VFIFO_CP_IN_POOL_ID_LEN 4 /* MC_CMD_DEALLOCATE_TX_VFIFO_CP_OUT msgresponse */ #define MC_CMD_DEALLOCATE_TX_VFIFO_CP_OUT_LEN 0 @@ -15629,16 +16883,17 @@ #define MC_CMD_REKEY 0x123 #undef MC_CMD_0x123_PRIVILEGE_CTG -#define MC_CMD_0x123_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0x123_PRIVILEGE_CTG SRIOV_CTG_ADMIN_TSA_UNBOUND /* MC_CMD_REKEY_IN msgrequest */ #define MC_CMD_REKEY_IN_LEN 4 /* the type of operation requested */ #define MC_CMD_REKEY_IN_OP_OFST 0 +#define MC_CMD_REKEY_IN_OP_LEN 4 /* enum: Start the rekeying operation */ -#define MC_CMD_REKEY_IN_OP_REKEY 0x0 +#define MC_CMD_REKEY_IN_OP_REKEY 0x0 /* enum: Poll for completion of the rekeying operation */ -#define MC_CMD_REKEY_IN_OP_POLL 0x1 +#define MC_CMD_REKEY_IN_OP_POLL 0x1 /* MC_CMD_REKEY_OUT msgresponse */ #define MC_CMD_REKEY_OUT_LEN 0 @@ -15652,7 +16907,7 @@ #define MC_CMD_SWITCH_GET_UNASSIGNED_BUFFERS 0x124 #undef MC_CMD_0x124_PRIVILEGE_CTG -#define MC_CMD_0x124_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0x124_PRIVILEGE_CTG SRIOV_CTG_GENERAL /* MC_CMD_SWITCH_GET_UNASSIGNED_BUFFERS_IN msgrequest */ #define MC_CMD_SWITCH_GET_UNASSIGNED_BUFFERS_IN_LEN 0 @@ -15661,8 +16916,10 @@ #define MC_CMD_SWITCH_GET_UNASSIGNED_BUFFERS_OUT_LEN 8 /* Available buffers for the ENG to NET vFIFOs. */ #define MC_CMD_SWITCH_GET_UNASSIGNED_BUFFERS_OUT_NET_OFST 0 +#define MC_CMD_SWITCH_GET_UNASSIGNED_BUFFERS_OUT_NET_LEN 4 /* Available buffers for the ENG to ENG and NET to ENG vFIFOs. */ #define MC_CMD_SWITCH_GET_UNASSIGNED_BUFFERS_OUT_ENG_OFST 4 +#define MC_CMD_SWITCH_GET_UNASSIGNED_BUFFERS_OUT_ENG_LEN 4 /***********************************/ @@ -15678,18 +16935,1230 @@ #define MC_CMD_SET_SECURITY_FUSES 0x126 #undef MC_CMD_0x126_PRIVILEGE_CTG -#define MC_CMD_0x126_PRIVILEGE_CTG SRIOV_CTG_ADMIN +#define MC_CMD_0x126_PRIVILEGE_CTG SRIOV_CTG_ADMIN_TSA_UNBOUND /* MC_CMD_SET_SECURITY_FUSES_IN msgrequest */ #define MC_CMD_SET_SECURITY_FUSES_IN_LEN 4 /* Flags specifying what type of security features are being set */ #define MC_CMD_SET_SECURITY_FUSES_IN_FLAGS_OFST 0 +#define MC_CMD_SET_SECURITY_FUSES_IN_FLAGS_LEN 4 #define MC_CMD_SET_SECURITY_FUSES_IN_SECURE_BOOT_LBN 0 #define MC_CMD_SET_SECURITY_FUSES_IN_SECURE_BOOT_WIDTH 1 #define MC_CMD_SET_SECURITY_FUSES_IN_REJECT_TEST_SIGNED_LBN 1 #define MC_CMD_SET_SECURITY_FUSES_IN_REJECT_TEST_SIGNED_WIDTH 1 +#define MC_CMD_SET_SECURITY_FUSES_IN_SOFT_CONFIG_LBN 31 +#define MC_CMD_SET_SECURITY_FUSES_IN_SOFT_CONFIG_WIDTH 1 /* MC_CMD_SET_SECURITY_FUSES_OUT msgresponse */ #define MC_CMD_SET_SECURITY_FUSES_OUT_LEN 0 +/* MC_CMD_SET_SECURITY_FUSES_V2_OUT msgresponse */ +#define MC_CMD_SET_SECURITY_FUSES_V2_OUT_LEN 4 +/* Flags specifying which security features are enforced on the NIC after the + * flags in the request have been applied. See + * MC_CMD_SET_SECURITY_FUSES_IN/FLAGS for flag definitions. + */ +#define MC_CMD_SET_SECURITY_FUSES_V2_OUT_FLAGS_OFST 0 +#define MC_CMD_SET_SECURITY_FUSES_V2_OUT_FLAGS_LEN 4 + + +/***********************************/ +/* MC_CMD_TSA_INFO + * Messages sent from TSA adapter to TSA controller. This command is only valid + * when the MCDI header has MESSAGE_TYPE set to MCDI_MESSAGE_TYPE_TSA. This + * command is not sent by the driver to the MC; it is sent from the MC to a TSA + * controller, being treated more like an alert message rather than a command; + * hence the MC does not expect a response in return. Doxbox reference + * SF-117371-SW + */ +#define MC_CMD_TSA_INFO 0x127 +#undef MC_CMD_0x127_PRIVILEGE_CTG + +#define MC_CMD_0x127_PRIVILEGE_CTG SRIOV_CTG_ADMIN_TSA_UNBOUND + +/* MC_CMD_TSA_INFO_IN msgrequest */ +#define MC_CMD_TSA_INFO_IN_LEN 4 +#define MC_CMD_TSA_INFO_IN_OP_HDR_OFST 0 +#define MC_CMD_TSA_INFO_IN_OP_HDR_LEN 4 +#define MC_CMD_TSA_INFO_IN_OP_LBN 0 +#define MC_CMD_TSA_INFO_IN_OP_WIDTH 16 +/* enum: Information about recently discovered local IP address of the adapter + */ +#define MC_CMD_TSA_INFO_OP_LOCAL_IP 0x1 +/* enum: Information about a sampled packet that either - did not match any + * black/white-list filters and was allowed by the default filter or - did not + * match any black/white-list filters and was denied by the default filter + */ +#define MC_CMD_TSA_INFO_OP_PKT_SAMPLE 0x2 + +/* MC_CMD_TSA_INFO_IN_LOCAL_IP msgrequest: + * + * The TSA controller maintains a list of IP addresses valid for each port of a + * TSA adapter. The TSA controller requires information from the adapter + * inorder to learn new IP addresses assigned to a physical port and to + * identify those that are no longer assigned to the physical port. For this + * purpose, the TSA adapter snoops ARP replies, gratuitous ARP requests and ARP + * probe packets seen on each physical port. This definition describes the + * format of the notification message sent from a TSA adapter to a TSA + * controller related to any information related to a change in IP address + * assignment for a port. Doxbox reference SF-117371. + * + * There may be a possibility of combining multiple notifications in a single + * message in future. When that happens, a new flag can be defined using the + * reserved bits to describe the extended format of this notification. + */ +#define MC_CMD_TSA_INFO_IN_LOCAL_IP_LEN 18 +#define MC_CMD_TSA_INFO_IN_LOCAL_IP_OP_HDR_OFST 0 +#define MC_CMD_TSA_INFO_IN_LOCAL_IP_OP_HDR_LEN 4 +/* Additional metadata describing the IP address information such as source of + * information retrieval, type of IP address, physical port number. + */ +#define MC_CMD_TSA_INFO_IN_LOCAL_IP_META_OFST 4 +#define MC_CMD_TSA_INFO_IN_LOCAL_IP_META_LEN 4 +#define MC_CMD_TSA_INFO_IN_LOCAL_IP_META_PORT_INDEX_LBN 0 +#define MC_CMD_TSA_INFO_IN_LOCAL_IP_META_PORT_INDEX_WIDTH 8 +#define MC_CMD_TSA_INFO_IN_LOCAL_IP_RESERVED_LBN 8 +#define MC_CMD_TSA_INFO_IN_LOCAL_IP_RESERVED_WIDTH 8 +#define MC_CMD_TSA_INFO_IN_LOCAL_IP_META_REASON_LBN 16 +#define MC_CMD_TSA_INFO_IN_LOCAL_IP_META_REASON_WIDTH 8 +/* enum: ARP reply sent out of the physical port */ +#define MC_CMD_TSA_INFO_IP_REASON_TX_ARP 0x0 +/* enum: ARP probe packet received on the physical port */ +#define MC_CMD_TSA_INFO_IP_REASON_RX_ARP_PROBE 0x1 +/* enum: Gratuitous ARP packet received on the physical port */ +#define MC_CMD_TSA_INFO_IP_REASON_RX_GRATUITOUS_ARP 0x2 +/* enum: DHCP ACK packet received on the physical port */ +#define MC_CMD_TSA_INFO_IP_REASON_RX_DHCP_ACK 0x3 +#define MC_CMD_TSA_INFO_IN_LOCAL_IP_META_IPV4_LBN 24 +#define MC_CMD_TSA_INFO_IN_LOCAL_IP_META_IPV4_WIDTH 1 +#define MC_CMD_TSA_INFO_IN_LOCAL_IP_RESERVED1_LBN 25 +#define MC_CMD_TSA_INFO_IN_LOCAL_IP_RESERVED1_WIDTH 7 +/* IPV4 address retrieved from the sampled packets. This field is relevant only + * when META_IPV4 is set to 1. + */ +#define MC_CMD_TSA_INFO_IN_LOCAL_IP_IPV4_ADDR_OFST 8 +#define MC_CMD_TSA_INFO_IN_LOCAL_IP_IPV4_ADDR_LEN 4 +/* Target MAC address retrieved from the sampled packet. */ +#define MC_CMD_TSA_INFO_IN_LOCAL_IP_MAC_ADDR_OFST 12 +#define MC_CMD_TSA_INFO_IN_LOCAL_IP_MAC_ADDR_LEN 1 +#define MC_CMD_TSA_INFO_IN_LOCAL_IP_MAC_ADDR_NUM 6 + +/* MC_CMD_TSA_INFO_IN_PKT_SAMPLE msgrequest: + * + * It is desireable for the TSA controller to learn the traffic pattern of + * packets seen at the network port being monitored. In order to learn about + * the traffic pattern, the TSA controller may want to sample packets seen at + * the network port. Based on the packet samples that the TSA controller + * receives from the adapter, the controller may choose to configure additional + * black-list or white-list rules to allow or block packets as required. + * + * Although the entire sampled packet as seen on the network port is available + * to the MC the length of sampled packet sent to controller is restricted by + * MCDI payload size. Besides, the TSA controller does not require the entire + * packet to make decisions about filter updates. Hence the packet sample being + * passed to the controller is truncated to 128 bytes. This length is large + * enough to hold the ethernet header, IP header and maximum length of + * supported L4 protocol headers (IPv4 only, but can hold IPv6 header too, if + * required in future). + * + * The intention is that any future changes to this message format that are not + * backwards compatible will be defined with a new operation code. + */ +#define MC_CMD_TSA_INFO_IN_PKT_SAMPLE_LEN 136 +#define MC_CMD_TSA_INFO_IN_PKT_SAMPLE_OP_HDR_OFST 0 +#define MC_CMD_TSA_INFO_IN_PKT_SAMPLE_OP_HDR_LEN 4 +/* Additional metadata describing the sampled packet */ +#define MC_CMD_TSA_INFO_IN_PKT_SAMPLE_META_OFST 4 +#define MC_CMD_TSA_INFO_IN_PKT_SAMPLE_META_LEN 4 +#define MC_CMD_TSA_INFO_IN_PKT_SAMPLE_META_PORT_INDEX_LBN 0 +#define MC_CMD_TSA_INFO_IN_PKT_SAMPLE_META_PORT_INDEX_WIDTH 8 +#define MC_CMD_TSA_INFO_IN_PKT_SAMPLE_META_DIRECTION_LBN 8 +#define MC_CMD_TSA_INFO_IN_PKT_SAMPLE_META_DIRECTION_WIDTH 1 +#define MC_CMD_TSA_INFO_IN_PKT_SAMPLE_RESERVED_LBN 9 +#define MC_CMD_TSA_INFO_IN_PKT_SAMPLE_RESERVED_WIDTH 7 +#define MC_CMD_TSA_INFO_IN_PKT_SAMPLE_META_ACTION_MASK_LBN 16 +#define MC_CMD_TSA_INFO_IN_PKT_SAMPLE_META_ACTION_MASK_WIDTH 4 +#define MC_CMD_TSA_INFO_IN_PKT_SAMPLE_META_ACTION_ALLOW_LBN 16 +#define MC_CMD_TSA_INFO_IN_PKT_SAMPLE_META_ACTION_ALLOW_WIDTH 1 +#define MC_CMD_TSA_INFO_IN_PKT_SAMPLE_META_ACTION_DENY_LBN 17 +#define MC_CMD_TSA_INFO_IN_PKT_SAMPLE_META_ACTION_DENY_WIDTH 1 +#define MC_CMD_TSA_INFO_IN_PKT_SAMPLE_META_ACTION_COUNT_LBN 18 +#define MC_CMD_TSA_INFO_IN_PKT_SAMPLE_META_ACTION_COUNT_WIDTH 1 +/* 128-byte raw prefix of the sampled packet which includes the ethernet + * header, IP header and L4 protocol header (only IPv4 supported initially). + * This provides the controller enough information about the packet sample to + * report traffic patterns seen on a network port and to make decisions + * concerning rule-set updates. + */ +#define MC_CMD_TSA_INFO_IN_PKT_SAMPLE_PACKET_DATA_OFST 8 +#define MC_CMD_TSA_INFO_IN_PKT_SAMPLE_PACKET_DATA_LEN 1 +#define MC_CMD_TSA_INFO_IN_PKT_SAMPLE_PACKET_DATA_NUM 128 + +/* MC_CMD_TSA_INFO_OUT msgresponse */ +#define MC_CMD_TSA_INFO_OUT_LEN 0 + + +/***********************************/ +/* MC_CMD_HOST_INFO + * Commands to appply or retrieve host-related information from an adapter. + * Doxbox reference SF-117371-SW + */ +#define MC_CMD_HOST_INFO 0x128 +#undef MC_CMD_0x128_PRIVILEGE_CTG + +#define MC_CMD_0x128_PRIVILEGE_CTG SRIOV_CTG_ADMIN + +/* MC_CMD_HOST_INFO_IN msgrequest */ +#define MC_CMD_HOST_INFO_IN_LEN 4 +/* sub-operation code info */ +#define MC_CMD_HOST_INFO_IN_OP_HDR_OFST 0 +#define MC_CMD_HOST_INFO_IN_OP_HDR_LEN 4 +#define MC_CMD_HOST_INFO_IN_OP_LBN 0 +#define MC_CMD_HOST_INFO_IN_OP_WIDTH 16 +/* enum: Read a 16-byte unique host identifier from the adapter. This UUID + * helps to identify the host that an adapter is plugged into. This identifier + * is ideally the system UUID retrieved and set by the UEFI driver. If the UEFI + * driver is unable to extract the system UUID, it would still set a random + * 16-byte value into each supported SF adapter plugged into it. Host UUIDs may + * change if the system is power-cycled, however, they persist across adapter + * resets. If the host UUID was not set on an adapter, due to an unsupported + * version of UEFI driver, then this command returns an error. Doxbox reference + * - SF-117371-SW section 'Host UUID'. + */ +#define MC_CMD_HOST_INFO_OP_GET_UUID 0x0 +/* enum: Set a 16-byte unique host identifier on the adapter to identify the + * host that the adapter is plugged into. See MC_CMD_HOST_INFO_OP_GET_UUID for + * further details. + */ +#define MC_CMD_HOST_INFO_OP_SET_UUID 0x1 + +/* MC_CMD_HOST_INFO_IN_GET_UUID msgrequest */ +#define MC_CMD_HOST_INFO_IN_GET_UUID_LEN 4 +/* sub-operation code info */ +#define MC_CMD_HOST_INFO_IN_GET_UUID_OP_HDR_OFST 0 +#define MC_CMD_HOST_INFO_IN_GET_UUID_OP_HDR_LEN 4 + +/* MC_CMD_HOST_INFO_OUT_GET_UUID msgresponse */ +#define MC_CMD_HOST_INFO_OUT_GET_UUID_LEN 16 +/* 16-byte host UUID read out of the adapter. See MC_CMD_HOST_INFO_OP_GET_UUID + * for further details. + */ +#define MC_CMD_HOST_INFO_OUT_GET_UUID_HOST_UUID_OFST 0 +#define MC_CMD_HOST_INFO_OUT_GET_UUID_HOST_UUID_LEN 1 +#define MC_CMD_HOST_INFO_OUT_GET_UUID_HOST_UUID_NUM 16 + +/* MC_CMD_HOST_INFO_IN_SET_UUID msgrequest */ +#define MC_CMD_HOST_INFO_IN_SET_UUID_LEN 20 +/* sub-operation code info */ +#define MC_CMD_HOST_INFO_IN_SET_UUID_OP_HDR_OFST 0 +#define MC_CMD_HOST_INFO_IN_SET_UUID_OP_HDR_LEN 4 +/* 16-byte host UUID set on the adapter. See MC_CMD_HOST_INFO_OP_GET_UUID for + * further details. + */ +#define MC_CMD_HOST_INFO_IN_SET_UUID_HOST_UUID_OFST 4 +#define MC_CMD_HOST_INFO_IN_SET_UUID_HOST_UUID_LEN 1 +#define MC_CMD_HOST_INFO_IN_SET_UUID_HOST_UUID_NUM 16 + +/* MC_CMD_HOST_INFO_OUT_SET_UUID msgresponse */ +#define MC_CMD_HOST_INFO_OUT_SET_UUID_LEN 0 + + +/***********************************/ +/* MC_CMD_TSAN_INFO + * Get TSA adapter information. TSA controllers query each TSA adapter to learn + * some configuration parameters of each adapter. Doxbox reference SF-117371-SW + * section 'Adapter Information' + */ +#define MC_CMD_TSAN_INFO 0x129 +#undef MC_CMD_0x129_PRIVILEGE_CTG + +#define MC_CMD_0x129_PRIVILEGE_CTG SRIOV_CTG_ADMIN + +/* MC_CMD_TSAN_INFO_IN msgrequest */ +#define MC_CMD_TSAN_INFO_IN_LEN 4 +/* sub-operation code info */ +#define MC_CMD_TSAN_INFO_IN_OP_HDR_OFST 0 +#define MC_CMD_TSAN_INFO_IN_OP_HDR_LEN 4 +#define MC_CMD_TSAN_INFO_IN_OP_LBN 0 +#define MC_CMD_TSAN_INFO_IN_OP_WIDTH 16 +/* enum: Read configuration parameters and IDs that uniquely identify an + * adapter. The parameters include - host identification, adapter + * identification string and number of physical ports on the adapter. + */ +#define MC_CMD_TSAN_INFO_OP_GET_CFG 0x0 + +/* MC_CMD_TSAN_INFO_IN_GET_CFG msgrequest */ +#define MC_CMD_TSAN_INFO_IN_GET_CFG_LEN 4 +/* sub-operation code info */ +#define MC_CMD_TSAN_INFO_IN_GET_CFG_OP_HDR_OFST 0 +#define MC_CMD_TSAN_INFO_IN_GET_CFG_OP_HDR_LEN 4 + +/* MC_CMD_TSAN_INFO_OUT_GET_CFG msgresponse */ +#define MC_CMD_TSAN_INFO_OUT_GET_CFG_LEN 26 +/* Information about the configuration parameters returned in this response. */ +#define MC_CMD_TSAN_INFO_OUT_GET_CFG_CONFIG_WORD_OFST 0 +#define MC_CMD_TSAN_INFO_OUT_GET_CFG_CONFIG_WORD_LEN 4 +#define MC_CMD_TSAN_INFO_OUT_GET_CFG_CAP_FLAGS_LBN 0 +#define MC_CMD_TSAN_INFO_OUT_GET_CFG_CAP_FLAGS_WIDTH 16 +#define MC_CMD_TSAN_INFO_OUT_GET_CFG_FLAG_HOST_UUID_VALID_LBN 0 +#define MC_CMD_TSAN_INFO_OUT_GET_CFG_FLAG_HOST_UUID_VALID_WIDTH 1 +#define MC_CMD_TSAN_INFO_OUT_GET_CFG_NUM_PORTS_LBN 16 +#define MC_CMD_TSAN_INFO_OUT_GET_CFG_NUM_PORTS_WIDTH 8 +/* 16-byte host UUID read out of the adapter. See MC_CMD_HOST_INFO_OP_GET_UUID + * for further details. + */ +#define MC_CMD_TSAN_INFO_OUT_GET_CFG_HOST_UUID_OFST 4 +#define MC_CMD_TSAN_INFO_OUT_GET_CFG_HOST_UUID_LEN 1 +#define MC_CMD_TSAN_INFO_OUT_GET_CFG_HOST_UUID_NUM 16 +/* A unique identifier per adapter. The base MAC address of the card is used + * for this purpose. + */ +#define MC_CMD_TSAN_INFO_OUT_GET_CFG_GUID_OFST 20 +#define MC_CMD_TSAN_INFO_OUT_GET_CFG_GUID_LEN 1 +#define MC_CMD_TSAN_INFO_OUT_GET_CFG_GUID_NUM 6 + +/* MC_CMD_TSAN_INFO_OUT_GET_CFG_V2 msgresponse */ +#define MC_CMD_TSAN_INFO_OUT_GET_CFG_V2_LEN 36 +/* Information about the configuration parameters returned in this response. */ +#define MC_CMD_TSAN_INFO_OUT_GET_CFG_V2_CONFIG_WORD_OFST 0 +#define MC_CMD_TSAN_INFO_OUT_GET_CFG_V2_CONFIG_WORD_LEN 4 +#define MC_CMD_TSAN_INFO_OUT_GET_CFG_V2_CAP_FLAGS_LBN 0 +#define MC_CMD_TSAN_INFO_OUT_GET_CFG_V2_CAP_FLAGS_WIDTH 16 +#define MC_CMD_TSAN_INFO_OUT_GET_CFG_V2_FLAG_HOST_UUID_VALID_LBN 0 +#define MC_CMD_TSAN_INFO_OUT_GET_CFG_V2_FLAG_HOST_UUID_VALID_WIDTH 1 +#define MC_CMD_TSAN_INFO_OUT_GET_CFG_V2_NUM_PORTS_LBN 16 +#define MC_CMD_TSAN_INFO_OUT_GET_CFG_V2_NUM_PORTS_WIDTH 8 +/* 16-byte host UUID read out of the adapter. See MC_CMD_HOST_INFO_OP_GET_UUID + * for further details. + */ +#define MC_CMD_TSAN_INFO_OUT_GET_CFG_V2_HOST_UUID_OFST 4 +#define MC_CMD_TSAN_INFO_OUT_GET_CFG_V2_HOST_UUID_LEN 1 +#define MC_CMD_TSAN_INFO_OUT_GET_CFG_V2_HOST_UUID_NUM 16 +/* A unique identifier per adapter. The base MAC address of the card is used + * for this purpose. + */ +#define MC_CMD_TSAN_INFO_OUT_GET_CFG_V2_GUID_OFST 20 +#define MC_CMD_TSAN_INFO_OUT_GET_CFG_V2_GUID_LEN 1 +#define MC_CMD_TSAN_INFO_OUT_GET_CFG_V2_GUID_NUM 6 +/* Unused bytes, defined for 32-bit alignment of new fields. */ +#define MC_CMD_TSAN_INFO_OUT_GET_CFG_V2_UNUSED_OFST 26 +#define MC_CMD_TSAN_INFO_OUT_GET_CFG_V2_UNUSED_LEN 2 +/* Maximum number of TSA statistics counters in each direction of dataflow + * supported on the card. Note that the statistics counters are always + * allocated in pairs, i.e. a counter ID is associated with one Tx and one Rx + * counter. + */ +#define MC_CMD_TSAN_INFO_OUT_GET_CFG_V2_MAX_STATS_OFST 28 +#define MC_CMD_TSAN_INFO_OUT_GET_CFG_V2_MAX_STATS_LEN 4 +/* Width of each statistics counter (represented in bits). This gives an + * indication of wrap point to the user. + */ +#define MC_CMD_TSAN_INFO_OUT_GET_CFG_V2_STATS_WIDTH_OFST 32 +#define MC_CMD_TSAN_INFO_OUT_GET_CFG_V2_STATS_WIDTH_LEN 4 + + +/***********************************/ +/* MC_CMD_TSA_STATISTICS + * TSA adapter statistics operations. + */ +#define MC_CMD_TSA_STATISTICS 0x130 +#undef MC_CMD_0x130_PRIVILEGE_CTG + +#define MC_CMD_0x130_PRIVILEGE_CTG SRIOV_CTG_ADMIN_TSA_UNBOUND + +/* MC_CMD_TSA_STATISTICS_IN msgrequest */ +#define MC_CMD_TSA_STATISTICS_IN_LEN 4 +/* TSA statistics sub-operation code */ +#define MC_CMD_TSA_STATISTICS_IN_OP_CODE_OFST 0 +#define MC_CMD_TSA_STATISTICS_IN_OP_CODE_LEN 4 +/* enum: Get the configuration parameters that describe the TSA statistics + * layout on the adapter. + */ +#define MC_CMD_TSA_STATISTICS_OP_GET_CONFIG 0x0 +/* enum: Read and/or clear TSA statistics counters. */ +#define MC_CMD_TSA_STATISTICS_OP_READ_CLEAR 0x1 + +/* MC_CMD_TSA_STATISTICS_IN_GET_CONFIG msgrequest */ +#define MC_CMD_TSA_STATISTICS_IN_GET_CONFIG_LEN 4 +/* TSA statistics sub-operation code */ +#define MC_CMD_TSA_STATISTICS_IN_GET_CONFIG_OP_CODE_OFST 0 +#define MC_CMD_TSA_STATISTICS_IN_GET_CONFIG_OP_CODE_LEN 4 + +/* MC_CMD_TSA_STATISTICS_OUT_GET_CONFIG msgresponse */ +#define MC_CMD_TSA_STATISTICS_OUT_GET_CONFIG_LEN 8 +/* Maximum number of TSA statistics counters in each direction of dataflow + * supported on the card. Note that the statistics counters are always + * allocated in pairs, i.e. a counter ID is associated with one Tx and one Rx + * counter. + */ +#define MC_CMD_TSA_STATISTICS_OUT_GET_CONFIG_MAX_STATS_OFST 0 +#define MC_CMD_TSA_STATISTICS_OUT_GET_CONFIG_MAX_STATS_LEN 4 +/* Width of each statistics counter (represented in bits). This gives an + * indication of wrap point to the user. + */ +#define MC_CMD_TSA_STATISTICS_OUT_GET_CONFIG_STATS_WIDTH_OFST 4 +#define MC_CMD_TSA_STATISTICS_OUT_GET_CONFIG_STATS_WIDTH_LEN 4 + +/* MC_CMD_TSA_STATISTICS_IN_READ_CLEAR msgrequest */ +#define MC_CMD_TSA_STATISTICS_IN_READ_CLEAR_LENMIN 20 +#define MC_CMD_TSA_STATISTICS_IN_READ_CLEAR_LENMAX 252 +#define MC_CMD_TSA_STATISTICS_IN_READ_CLEAR_LEN(num) (16+4*(num)) +/* TSA statistics sub-operation code */ +#define MC_CMD_TSA_STATISTICS_IN_READ_CLEAR_OP_CODE_OFST 0 +#define MC_CMD_TSA_STATISTICS_IN_READ_CLEAR_OP_CODE_LEN 4 +/* Parameters describing the statistics operation */ +#define MC_CMD_TSA_STATISTICS_IN_READ_CLEAR_FLAGS_OFST 4 +#define MC_CMD_TSA_STATISTICS_IN_READ_CLEAR_FLAGS_LEN 4 +#define MC_CMD_TSA_STATISTICS_IN_READ_CLEAR_READ_LBN 0 +#define MC_CMD_TSA_STATISTICS_IN_READ_CLEAR_READ_WIDTH 1 +#define MC_CMD_TSA_STATISTICS_IN_READ_CLEAR_CLEAR_LBN 1 +#define MC_CMD_TSA_STATISTICS_IN_READ_CLEAR_CLEAR_WIDTH 1 +/* Counter ID list specification type */ +#define MC_CMD_TSA_STATISTICS_IN_READ_CLEAR_MODE_OFST 8 +#define MC_CMD_TSA_STATISTICS_IN_READ_CLEAR_MODE_LEN 4 +/* enum: The statistics counters are specified as an unordered list of + * individual counter ID. + */ +#define MC_CMD_TSA_STATISTICS_IN_READ_CLEAR_LIST 0x0 +/* enum: The statistics counters are specified as a range of consecutive + * counter IDs. + */ +#define MC_CMD_TSA_STATISTICS_IN_READ_CLEAR_RANGE 0x1 +/* Number of statistics counters */ +#define MC_CMD_TSA_STATISTICS_IN_READ_CLEAR_NUM_STATS_OFST 12 +#define MC_CMD_TSA_STATISTICS_IN_READ_CLEAR_NUM_STATS_LEN 4 +/* Counter IDs to be read/cleared. When mode is set to LIST, this entry holds a + * list of counter IDs to be operated on. When mode is set to RANGE, this entry + * holds a single counter ID representing the start of the range of counter IDs + * to be operated on. + */ +#define MC_CMD_TSA_STATISTICS_IN_READ_CLEAR_COUNTER_ID_OFST 16 +#define MC_CMD_TSA_STATISTICS_IN_READ_CLEAR_COUNTER_ID_LEN 4 +#define MC_CMD_TSA_STATISTICS_IN_READ_CLEAR_COUNTER_ID_MINNUM 1 +#define MC_CMD_TSA_STATISTICS_IN_READ_CLEAR_COUNTER_ID_MAXNUM 59 + +/* MC_CMD_TSA_STATISTICS_OUT_READ_CLEAR msgresponse */ +#define MC_CMD_TSA_STATISTICS_OUT_READ_CLEAR_LENMIN 24 +#define MC_CMD_TSA_STATISTICS_OUT_READ_CLEAR_LENMAX 248 +#define MC_CMD_TSA_STATISTICS_OUT_READ_CLEAR_LEN(num) (8+16*(num)) +/* Number of statistics counters returned in this response */ +#define MC_CMD_TSA_STATISTICS_OUT_READ_CLEAR_NUM_STATS_OFST 0 +#define MC_CMD_TSA_STATISTICS_OUT_READ_CLEAR_NUM_STATS_LEN 4 +/* MC_TSA_STATISTICS_ENTRY Note that this field is expected to start at a + * 64-bit aligned offset + */ +#define MC_CMD_TSA_STATISTICS_OUT_READ_CLEAR_STATS_COUNTERS_OFST 8 +#define MC_CMD_TSA_STATISTICS_OUT_READ_CLEAR_STATS_COUNTERS_LEN 16 +#define MC_CMD_TSA_STATISTICS_OUT_READ_CLEAR_STATS_COUNTERS_MINNUM 1 +#define MC_CMD_TSA_STATISTICS_OUT_READ_CLEAR_STATS_COUNTERS_MAXNUM 15 + +/* MC_TSA_STATISTICS_ENTRY structuredef */ +#define MC_TSA_STATISTICS_ENTRY_LEN 16 +/* Tx statistics counter */ +#define MC_TSA_STATISTICS_ENTRY_TX_STAT_OFST 0 +#define MC_TSA_STATISTICS_ENTRY_TX_STAT_LEN 8 +#define MC_TSA_STATISTICS_ENTRY_TX_STAT_LO_OFST 0 +#define MC_TSA_STATISTICS_ENTRY_TX_STAT_HI_OFST 4 +#define MC_TSA_STATISTICS_ENTRY_TX_STAT_LBN 0 +#define MC_TSA_STATISTICS_ENTRY_TX_STAT_WIDTH 64 +/* Rx statistics counter */ +#define MC_TSA_STATISTICS_ENTRY_RX_STAT_OFST 8 +#define MC_TSA_STATISTICS_ENTRY_RX_STAT_LEN 8 +#define MC_TSA_STATISTICS_ENTRY_RX_STAT_LO_OFST 8 +#define MC_TSA_STATISTICS_ENTRY_RX_STAT_HI_OFST 12 +#define MC_TSA_STATISTICS_ENTRY_RX_STAT_LBN 64 +#define MC_TSA_STATISTICS_ENTRY_RX_STAT_WIDTH 64 + + +/***********************************/ +/* MC_CMD_ERASE_INITIAL_NIC_SECRET + * This request causes the NIC to find the initial NIC secret (programmed + * during ATE) in XPM memory and if and only if the NIC has already been + * rekeyed with MC_CMD_REKEY, erase it. This is used by manftest after + * installing TSA binding certificates. See SF-117631-TC. + */ +#define MC_CMD_ERASE_INITIAL_NIC_SECRET 0x131 +#undef MC_CMD_0x131_PRIVILEGE_CTG + +#define MC_CMD_0x131_PRIVILEGE_CTG SRIOV_CTG_ADMIN_TSA_UNBOUND + +/* MC_CMD_ERASE_INITIAL_NIC_SECRET_IN msgrequest */ +#define MC_CMD_ERASE_INITIAL_NIC_SECRET_IN_LEN 0 + +/* MC_CMD_ERASE_INITIAL_NIC_SECRET_OUT msgresponse */ +#define MC_CMD_ERASE_INITIAL_NIC_SECRET_OUT_LEN 0 + + +/***********************************/ +/* MC_CMD_TSA_CONFIG + * TSA adapter configuration operations. This command is used to prepare the + * NIC for TSA binding. + */ +#define MC_CMD_TSA_CONFIG 0x64 +#undef MC_CMD_0x64_PRIVILEGE_CTG + +#define MC_CMD_0x64_PRIVILEGE_CTG SRIOV_CTG_ADMIN + +/* MC_CMD_TSA_CONFIG_IN msgrequest */ +#define MC_CMD_TSA_CONFIG_IN_LEN 4 +/* TSA configuration sub-operation code */ +#define MC_CMD_TSA_CONFIG_IN_OP_OFST 0 +#define MC_CMD_TSA_CONFIG_IN_OP_LEN 4 +/* enum: Append a single item to the tsa_config partition. Items will be + * encrypted unless they are declared as non-sensitive. Returns + * MC_CMD_ERR_EEXIST if the tag is already present. + */ +#define MC_CMD_TSA_CONFIG_OP_APPEND 0x1 +/* enum: Reset the tsa_config partition to a clean state. */ +#define MC_CMD_TSA_CONFIG_OP_RESET 0x2 +/* enum: Read back a configured item from tsa_config partition. Returns + * MC_CMD_ERR_ENOENT if the item doesn't exist, or MC_CMD_ERR_EPERM if the item + * is declared as sensitive (i.e. is encrypted). + */ +#define MC_CMD_TSA_CONFIG_OP_READ 0x3 + +/* MC_CMD_TSA_CONFIG_IN_APPEND msgrequest */ +#define MC_CMD_TSA_CONFIG_IN_APPEND_LENMIN 12 +#define MC_CMD_TSA_CONFIG_IN_APPEND_LENMAX 252 +#define MC_CMD_TSA_CONFIG_IN_APPEND_LEN(num) (12+1*(num)) +/* TSA configuration sub-operation code. The value shall be + * MC_CMD_TSA_CONFIG_OP_APPEND. + */ +#define MC_CMD_TSA_CONFIG_IN_APPEND_OP_OFST 0 +#define MC_CMD_TSA_CONFIG_IN_APPEND_OP_LEN 4 +/* The tag to be appended */ +#define MC_CMD_TSA_CONFIG_IN_APPEND_TAG_OFST 4 +#define MC_CMD_TSA_CONFIG_IN_APPEND_TAG_LEN 4 +/* The length of the data in bytes */ +#define MC_CMD_TSA_CONFIG_IN_APPEND_LENGTH_OFST 8 +#define MC_CMD_TSA_CONFIG_IN_APPEND_LENGTH_LEN 4 +/* The item data */ +#define MC_CMD_TSA_CONFIG_IN_APPEND_DATA_OFST 12 +#define MC_CMD_TSA_CONFIG_IN_APPEND_DATA_LEN 1 +#define MC_CMD_TSA_CONFIG_IN_APPEND_DATA_MINNUM 0 +#define MC_CMD_TSA_CONFIG_IN_APPEND_DATA_MAXNUM 240 + +/* MC_CMD_TSA_CONFIG_OUT_APPEND msgresponse */ +#define MC_CMD_TSA_CONFIG_OUT_APPEND_LEN 0 + +/* MC_CMD_TSA_CONFIG_IN_RESET msgrequest */ +#define MC_CMD_TSA_CONFIG_IN_RESET_LEN 4 +/* TSA configuration sub-operation code. The value shall be + * MC_CMD_TSA_CONFIG_OP_RESET. + */ +#define MC_CMD_TSA_CONFIG_IN_RESET_OP_OFST 0 +#define MC_CMD_TSA_CONFIG_IN_RESET_OP_LEN 4 + +/* MC_CMD_TSA_CONFIG_OUT_RESET msgresponse */ +#define MC_CMD_TSA_CONFIG_OUT_RESET_LEN 0 + +/* MC_CMD_TSA_CONFIG_IN_READ msgrequest */ +#define MC_CMD_TSA_CONFIG_IN_READ_LEN 8 +/* TSA configuration sub-operation code. The value shall be + * MC_CMD_TSA_CONFIG_OP_READ. + */ +#define MC_CMD_TSA_CONFIG_IN_READ_OP_OFST 0 +#define MC_CMD_TSA_CONFIG_IN_READ_OP_LEN 4 +/* The tag to be read */ +#define MC_CMD_TSA_CONFIG_IN_READ_TAG_OFST 4 +#define MC_CMD_TSA_CONFIG_IN_READ_TAG_LEN 4 + +/* MC_CMD_TSA_CONFIG_OUT_READ msgresponse */ +#define MC_CMD_TSA_CONFIG_OUT_READ_LENMIN 8 +#define MC_CMD_TSA_CONFIG_OUT_READ_LENMAX 252 +#define MC_CMD_TSA_CONFIG_OUT_READ_LEN(num) (8+1*(num)) +/* The tag that was read */ +#define MC_CMD_TSA_CONFIG_OUT_READ_TAG_OFST 0 +#define MC_CMD_TSA_CONFIG_OUT_READ_TAG_LEN 4 +/* The length of the data in bytes */ +#define MC_CMD_TSA_CONFIG_OUT_READ_LENGTH_OFST 4 +#define MC_CMD_TSA_CONFIG_OUT_READ_LENGTH_LEN 4 +/* The data of the item. */ +#define MC_CMD_TSA_CONFIG_OUT_READ_DATA_OFST 8 +#define MC_CMD_TSA_CONFIG_OUT_READ_DATA_LEN 1 +#define MC_CMD_TSA_CONFIG_OUT_READ_DATA_MINNUM 0 +#define MC_CMD_TSA_CONFIG_OUT_READ_DATA_MAXNUM 244 + +/* MC_TSA_IPV4_ITEM structuredef */ +#define MC_TSA_IPV4_ITEM_LEN 8 +/* Additional metadata describing the IP address information such as the + * physical port number the address is being used on. Unused space in this + * field is reserved for future expansion. + */ +#define MC_TSA_IPV4_ITEM_IPV4_ADDR_META_OFST 0 +#define MC_TSA_IPV4_ITEM_IPV4_ADDR_META_LEN 4 +#define MC_TSA_IPV4_ITEM_PORT_IDX_LBN 0 +#define MC_TSA_IPV4_ITEM_PORT_IDX_WIDTH 8 +#define MC_TSA_IPV4_ITEM_IPV4_ADDR_META_LBN 0 +#define MC_TSA_IPV4_ITEM_IPV4_ADDR_META_WIDTH 32 +/* The IPv4 address in little endian byte order. */ +#define MC_TSA_IPV4_ITEM_IPV4_ADDR_OFST 4 +#define MC_TSA_IPV4_ITEM_IPV4_ADDR_LEN 4 +#define MC_TSA_IPV4_ITEM_IPV4_ADDR_LBN 32 +#define MC_TSA_IPV4_ITEM_IPV4_ADDR_WIDTH 32 + + +/***********************************/ +/* MC_CMD_TSA_IPADDR + * TSA operations relating to the monitoring and expiry of local IP addresses + * discovered by the controller. These commands are sent from a TSA controller + * to a TSA adapter. + */ +#define MC_CMD_TSA_IPADDR 0x65 +#undef MC_CMD_0x65_PRIVILEGE_CTG + +#define MC_CMD_0x65_PRIVILEGE_CTG SRIOV_CTG_ADMIN_TSA_UNBOUND + +/* MC_CMD_TSA_IPADDR_IN msgrequest */ +#define MC_CMD_TSA_IPADDR_IN_LEN 4 +/* Header containing information to identify which sub-operation of this + * command to perform. The header contains a 16-bit op-code. Unused space in + * this field is reserved for future expansion. + */ +#define MC_CMD_TSA_IPADDR_IN_OP_HDR_OFST 0 +#define MC_CMD_TSA_IPADDR_IN_OP_HDR_LEN 4 +#define MC_CMD_TSA_IPADDR_IN_OP_LBN 0 +#define MC_CMD_TSA_IPADDR_IN_OP_WIDTH 16 +/* enum: Request that the adapter verifies that the IPv4 addresses supplied are + * still in use by the host by sending ARP probes to the host. The MC does not + * wait for a response to the probes and sends an MCDI response to the + * controller once the probes have been sent to the host. The response to the + * probes (if there are any) will be forwarded to the controller using + * MC_CMD_TSA_INFO alerts. + */ +#define MC_CMD_TSA_IPADDR_OP_VALIDATE_IPV4 0x1 +/* enum: Notify the adapter that one or more IPv4 addresses are no longer valid + * for the host of the adapter. The adapter should remove the IPv4 addresses + * from its local cache. + */ +#define MC_CMD_TSA_IPADDR_OP_REMOVE_IPV4 0x2 + +/* MC_CMD_TSA_IPADDR_IN_VALIDATE_IPV4 msgrequest */ +#define MC_CMD_TSA_IPADDR_IN_VALIDATE_IPV4_LENMIN 16 +#define MC_CMD_TSA_IPADDR_IN_VALIDATE_IPV4_LENMAX 248 +#define MC_CMD_TSA_IPADDR_IN_VALIDATE_IPV4_LEN(num) (8+8*(num)) +/* Header containing information to identify which sub-operation of this + * command to perform. The header contains a 16-bit op-code. Unused space in + * this field is reserved for future expansion. + */ +#define MC_CMD_TSA_IPADDR_IN_VALIDATE_IPV4_OP_HDR_OFST 0 +#define MC_CMD_TSA_IPADDR_IN_VALIDATE_IPV4_OP_HDR_LEN 4 +#define MC_CMD_TSA_IPADDR_IN_VALIDATE_IPV4_OP_LBN 0 +#define MC_CMD_TSA_IPADDR_IN_VALIDATE_IPV4_OP_WIDTH 16 +/* Number of IPv4 addresses to validate. */ +#define MC_CMD_TSA_IPADDR_IN_VALIDATE_IPV4_NUM_ITEMS_OFST 4 +#define MC_CMD_TSA_IPADDR_IN_VALIDATE_IPV4_NUM_ITEMS_LEN 4 +/* The IPv4 addresses to validate, in struct MC_TSA_IPV4_ITEM format. */ +#define MC_CMD_TSA_IPADDR_IN_VALIDATE_IPV4_IPV4_ITEM_OFST 8 +#define MC_CMD_TSA_IPADDR_IN_VALIDATE_IPV4_IPV4_ITEM_LEN 8 +#define MC_CMD_TSA_IPADDR_IN_VALIDATE_IPV4_IPV4_ITEM_LO_OFST 8 +#define MC_CMD_TSA_IPADDR_IN_VALIDATE_IPV4_IPV4_ITEM_HI_OFST 12 +#define MC_CMD_TSA_IPADDR_IN_VALIDATE_IPV4_IPV4_ITEM_MINNUM 1 +#define MC_CMD_TSA_IPADDR_IN_VALIDATE_IPV4_IPV4_ITEM_MAXNUM 30 + +/* MC_CMD_TSA_IPADDR_OUT_VALIDATE_IPV4 msgresponse */ +#define MC_CMD_TSA_IPADDR_OUT_VALIDATE_IPV4_LEN 0 + +/* MC_CMD_TSA_IPADDR_IN_REMOVE_IPV4 msgrequest */ +#define MC_CMD_TSA_IPADDR_IN_REMOVE_IPV4_LENMIN 16 +#define MC_CMD_TSA_IPADDR_IN_REMOVE_IPV4_LENMAX 248 +#define MC_CMD_TSA_IPADDR_IN_REMOVE_IPV4_LEN(num) (8+8*(num)) +/* Header containing information to identify which sub-operation of this + * command to perform. The header contains a 16-bit op-code. Unused space in + * this field is reserved for future expansion. + */ +#define MC_CMD_TSA_IPADDR_IN_REMOVE_IPV4_OP_HDR_OFST 0 +#define MC_CMD_TSA_IPADDR_IN_REMOVE_IPV4_OP_HDR_LEN 4 +#define MC_CMD_TSA_IPADDR_IN_REMOVE_IPV4_OP_LBN 0 +#define MC_CMD_TSA_IPADDR_IN_REMOVE_IPV4_OP_WIDTH 16 +/* Number of IPv4 addresses to remove. */ +#define MC_CMD_TSA_IPADDR_IN_REMOVE_IPV4_NUM_ITEMS_OFST 4 +#define MC_CMD_TSA_IPADDR_IN_REMOVE_IPV4_NUM_ITEMS_LEN 4 +/* The IPv4 addresses that have expired, in struct MC_TSA_IPV4_ITEM format. */ +#define MC_CMD_TSA_IPADDR_IN_REMOVE_IPV4_IPV4_ITEM_OFST 8 +#define MC_CMD_TSA_IPADDR_IN_REMOVE_IPV4_IPV4_ITEM_LEN 8 +#define MC_CMD_TSA_IPADDR_IN_REMOVE_IPV4_IPV4_ITEM_LO_OFST 8 +#define MC_CMD_TSA_IPADDR_IN_REMOVE_IPV4_IPV4_ITEM_HI_OFST 12 +#define MC_CMD_TSA_IPADDR_IN_REMOVE_IPV4_IPV4_ITEM_MINNUM 1 +#define MC_CMD_TSA_IPADDR_IN_REMOVE_IPV4_IPV4_ITEM_MAXNUM 30 + +/* MC_CMD_TSA_IPADDR_OUT_REMOVE_IPV4 msgresponse */ +#define MC_CMD_TSA_IPADDR_OUT_REMOVE_IPV4_LEN 0 + + +/***********************************/ +/* MC_CMD_SECURE_NIC_INFO + * Get secure NIC information. While many of the features reported by these + * commands are related to TSA, they must be supported in firmware where TSA is + * disabled. + */ +#define MC_CMD_SECURE_NIC_INFO 0x132 +#undef MC_CMD_0x132_PRIVILEGE_CTG + +#define MC_CMD_0x132_PRIVILEGE_CTG SRIOV_CTG_GENERAL + +/* MC_CMD_SECURE_NIC_INFO_IN msgrequest */ +#define MC_CMD_SECURE_NIC_INFO_IN_LEN 4 +/* sub-operation code info */ +#define MC_CMD_SECURE_NIC_INFO_IN_OP_HDR_OFST 0 +#define MC_CMD_SECURE_NIC_INFO_IN_OP_HDR_LEN 4 +#define MC_CMD_SECURE_NIC_INFO_IN_OP_LBN 0 +#define MC_CMD_SECURE_NIC_INFO_IN_OP_WIDTH 16 +/* enum: Get the status of various security settings, all signed along with a + * challenge chosen by the host. + */ +#define MC_CMD_SECURE_NIC_INFO_OP_STATUS 0x0 + +/* MC_CMD_SECURE_NIC_INFO_IN_STATUS msgrequest */ +#define MC_CMD_SECURE_NIC_INFO_IN_STATUS_LEN 24 +/* sub-operation code, must be MC_CMD_SECURE_NIC_INFO_OP_STATUS */ +#define MC_CMD_SECURE_NIC_INFO_IN_STATUS_OP_HDR_OFST 0 +#define MC_CMD_SECURE_NIC_INFO_IN_STATUS_OP_HDR_LEN 4 +/* Type of key to be used to sign response. */ +#define MC_CMD_SECURE_NIC_INFO_IN_STATUS_KEY_TYPE_OFST 4 +#define MC_CMD_SECURE_NIC_INFO_IN_STATUS_KEY_TYPE_LEN 4 +#define MC_CMD_SECURE_NIC_INFO_IN_STATUS_UNUSED 0x0 /* enum */ +/* enum: Solarflare adapter authentication key, installed by Manftest. */ +#define MC_CMD_SECURE_NIC_INFO_IN_STATUS_SF_ADAPTER_AUTH 0x1 +/* enum: TSA binding key, installed after adapter is bound to a TSA controller. + * This is not supported in firmware which does not support TSA. + */ +#define MC_CMD_SECURE_NIC_INFO_IN_STATUS_TSA_BINDING 0x2 +/* enum: Customer adapter authentication key. Installed by the customer in the + * field, but otherwise similar to the Solarflare adapter authentication key. + */ +#define MC_CMD_SECURE_NIC_INFO_IN_STATUS_CUSTOMER_ADAPTER_AUTH 0x3 +/* Random challenge generated by the host. */ +#define MC_CMD_SECURE_NIC_INFO_IN_STATUS_CHALLENGE_OFST 8 +#define MC_CMD_SECURE_NIC_INFO_IN_STATUS_CHALLENGE_LEN 16 + +/* MC_CMD_SECURE_NIC_INFO_OUT_STATUS msgresponse */ +#define MC_CMD_SECURE_NIC_INFO_OUT_STATUS_LEN 420 +/* Length of the signature in MSG_SIGNATURE. */ +#define MC_CMD_SECURE_NIC_INFO_OUT_STATUS_MSG_SIGNATURE_LEN_OFST 0 +#define MC_CMD_SECURE_NIC_INFO_OUT_STATUS_MSG_SIGNATURE_LEN_LEN 4 +/* Signature over the message, starting at MESSAGE_TYPE and continuing to the + * end of the MCDI response, allowing the message format to be extended. The + * signature uses ECDSA 384 encoding in ASN.1 format. It has variable length, + * with a maximum of 384 bytes. + */ +#define MC_CMD_SECURE_NIC_INFO_OUT_STATUS_MSG_SIGNATURE_OFST 4 +#define MC_CMD_SECURE_NIC_INFO_OUT_STATUS_MSG_SIGNATURE_LEN 384 +/* Enum value indicating the type of response. This protects against chosen + * message attacks. The enum values are random rather than sequential to make + * it unlikely that values will be reused should other commands in a different + * namespace need to create signed messages. + */ +#define MC_CMD_SECURE_NIC_INFO_OUT_STATUS_MESSAGE_TYPE_OFST 388 +#define MC_CMD_SECURE_NIC_INFO_OUT_STATUS_MESSAGE_TYPE_LEN 4 +/* enum: Message type value for the response to a + * MC_CMD_SECURE_NIC_INFO_IN_STATUS message. + */ +#define MC_CMD_SECURE_NIC_INFO_STATUS 0xdb4 +/* The challenge provided by the host in the MC_CMD_SECURE_NIC_INFO_IN_STATUS + * message + */ +#define MC_CMD_SECURE_NIC_INFO_OUT_STATUS_CHALLENGE_OFST 392 +#define MC_CMD_SECURE_NIC_INFO_OUT_STATUS_CHALLENGE_LEN 16 +/* The first 32 bits of XPM memory, which include security and flag bits, die + * ID and chip ID revision. The meaning of these bits is defined in + * mc/include/mc/xpm.h in the firmwaresrc repository. + */ +#define MC_CMD_SECURE_NIC_INFO_OUT_STATUS_XPM_STATUS_BITS_OFST 408 +#define MC_CMD_SECURE_NIC_INFO_OUT_STATUS_XPM_STATUS_BITS_LEN 4 +#define MC_CMD_SECURE_NIC_INFO_OUT_STATUS_FIRMWARE_VERSION_A_OFST 412 +#define MC_CMD_SECURE_NIC_INFO_OUT_STATUS_FIRMWARE_VERSION_A_LEN 2 +#define MC_CMD_SECURE_NIC_INFO_OUT_STATUS_FIRMWARE_VERSION_B_OFST 414 +#define MC_CMD_SECURE_NIC_INFO_OUT_STATUS_FIRMWARE_VERSION_B_LEN 2 +#define MC_CMD_SECURE_NIC_INFO_OUT_STATUS_FIRMWARE_VERSION_C_OFST 416 +#define MC_CMD_SECURE_NIC_INFO_OUT_STATUS_FIRMWARE_VERSION_C_LEN 2 +#define MC_CMD_SECURE_NIC_INFO_OUT_STATUS_FIRMWARE_VERSION_D_OFST 418 +#define MC_CMD_SECURE_NIC_INFO_OUT_STATUS_FIRMWARE_VERSION_D_LEN 2 + + +/***********************************/ +/* MC_CMD_TSA_TEST + * A simple ping-pong command just to test the adapter<>controller MCDI + * communication channel. This command makes not changes to the TSA adapter's + * internal state. It is used by the controller just to verify that the MCDI + * communication channel is working fine. This command takes no additonal + * parameters in request or response. + */ +#define MC_CMD_TSA_TEST 0x125 +#undef MC_CMD_0x125_PRIVILEGE_CTG + +#define MC_CMD_0x125_PRIVILEGE_CTG SRIOV_CTG_ADMIN_TSA_UNBOUND + +/* MC_CMD_TSA_TEST_IN msgrequest */ +#define MC_CMD_TSA_TEST_IN_LEN 0 + +/* MC_CMD_TSA_TEST_OUT msgresponse */ +#define MC_CMD_TSA_TEST_OUT_LEN 0 + + +/***********************************/ +/* MC_CMD_TSA_RULESET_OVERRIDE + * Override TSA ruleset that is currently active on the adapter. This operation + * does not modify the ruleset itself. This operation provides a mechanism to + * apply an allow-all or deny-all operation on all packets, thereby completely + * ignoring the rule-set configured on the adapter. The main purpose of this + * operation is to provide a deterministic state to the TSA firewall during + * rule-set transitions. + */ +#define MC_CMD_TSA_RULESET_OVERRIDE 0x12a +#undef MC_CMD_0x12a_PRIVILEGE_CTG + +#define MC_CMD_0x12a_PRIVILEGE_CTG SRIOV_CTG_ADMIN_TSA_UNBOUND + +/* MC_CMD_TSA_RULESET_OVERRIDE_IN msgrequest */ +#define MC_CMD_TSA_RULESET_OVERRIDE_IN_LEN 4 +/* The override state to apply. */ +#define MC_CMD_TSA_RULESET_OVERRIDE_IN_STATE_OFST 0 +#define MC_CMD_TSA_RULESET_OVERRIDE_IN_STATE_LEN 4 +/* enum: No override in place - the existing ruleset is in operation. */ +#define MC_CMD_TSA_RULESET_OVERRIDE_NONE 0x0 +/* enum: Block all packets seen on all datapath channel except those packets + * required for basic configuration of the TSA NIC such as ARPs and TSA- + * communication traffic. Such exceptional traffic is handled differently + * compared to TSA rulesets. + */ +#define MC_CMD_TSA_RULESET_OVERRIDE_BLOCK 0x1 +/* enum: Allow all packets through all datapath channel. The TSA adapter + * behaves like a normal NIC without any firewalls. + */ +#define MC_CMD_TSA_RULESET_OVERRIDE_ALLOW 0x2 + +/* MC_CMD_TSA_RULESET_OVERRIDE_OUT msgresponse */ +#define MC_CMD_TSA_RULESET_OVERRIDE_OUT_LEN 0 + + +/***********************************/ +/* MC_CMD_TSAC_REQUEST + * Generic command to send requests from a TSA controller to a TSA adapter. + * Specific usage is determined by the TYPE field. + */ +#define MC_CMD_TSAC_REQUEST 0x12b +#undef MC_CMD_0x12b_PRIVILEGE_CTG + +#define MC_CMD_0x12b_PRIVILEGE_CTG SRIOV_CTG_ADMIN_TSA_UNBOUND + +/* MC_CMD_TSAC_REQUEST_IN msgrequest */ +#define MC_CMD_TSAC_REQUEST_IN_LEN 4 +/* The type of request from the controller. */ +#define MC_CMD_TSAC_REQUEST_IN_TYPE_OFST 0 +#define MC_CMD_TSAC_REQUEST_IN_TYPE_LEN 4 +/* enum: Request the adapter to resend localIP information from it's cache. The + * command does not return any IP address information; IP addresses are sent as + * TSA notifications as descibed in MC_CMD_TSA_INFO_IN_LOCAL_IP. + */ +#define MC_CMD_TSAC_REQUEST_LOCALIP 0x0 + +/* MC_CMD_TSAC_REQUEST_OUT msgresponse */ +#define MC_CMD_TSAC_REQUEST_OUT_LEN 0 + + +/***********************************/ +/* MC_CMD_SUC_VERSION + * Get the version of the SUC + */ +#define MC_CMD_SUC_VERSION 0x134 +#undef MC_CMD_0x134_PRIVILEGE_CTG + +#define MC_CMD_0x134_PRIVILEGE_CTG SRIOV_CTG_GENERAL + +/* MC_CMD_SUC_VERSION_IN msgrequest */ +#define MC_CMD_SUC_VERSION_IN_LEN 0 + +/* MC_CMD_SUC_VERSION_OUT msgresponse */ +#define MC_CMD_SUC_VERSION_OUT_LEN 24 +/* The SUC firmware version as four numbers - a.b.c.d */ +#define MC_CMD_SUC_VERSION_OUT_VERSION_OFST 0 +#define MC_CMD_SUC_VERSION_OUT_VERSION_LEN 4 +#define MC_CMD_SUC_VERSION_OUT_VERSION_NUM 4 +/* The date, in seconds since the Unix epoch, when the firmware image was + * built. + */ +#define MC_CMD_SUC_VERSION_OUT_BUILD_DATE_OFST 16 +#define MC_CMD_SUC_VERSION_OUT_BUILD_DATE_LEN 4 +/* The ID of the SUC chip. This is specific to the platform but typically + * indicates family, memory sizes etc. See SF-116728-SW for further details. + */ +#define MC_CMD_SUC_VERSION_OUT_CHIP_ID_OFST 20 +#define MC_CMD_SUC_VERSION_OUT_CHIP_ID_LEN 4 + +/* MC_CMD_SUC_BOOT_VERSION_IN msgrequest: Get the version of the SUC boot + * loader. + */ +#define MC_CMD_SUC_BOOT_VERSION_IN_LEN 4 +#define MC_CMD_SUC_BOOT_VERSION_IN_MAGIC_OFST 0 +#define MC_CMD_SUC_BOOT_VERSION_IN_MAGIC_LEN 4 +/* enum: Requests the SUC boot version. */ +#define MC_CMD_SUC_VERSION_GET_BOOT_VERSION 0xb007700b + +/* MC_CMD_SUC_BOOT_VERSION_OUT msgresponse */ +#define MC_CMD_SUC_BOOT_VERSION_OUT_LEN 4 +/* The SUC boot version */ +#define MC_CMD_SUC_BOOT_VERSION_OUT_VERSION_OFST 0 +#define MC_CMD_SUC_BOOT_VERSION_OUT_VERSION_LEN 4 + + +/***********************************/ +/* MC_CMD_SUC_MANFTEST + * Operations to support manftest on SUC based systems. + */ +#define MC_CMD_SUC_MANFTEST 0x135 +#undef MC_CMD_0x135_PRIVILEGE_CTG + +#define MC_CMD_0x135_PRIVILEGE_CTG SRIOV_CTG_ADMIN_TSA_UNBOUND + +/* MC_CMD_SUC_MANFTEST_IN msgrequest */ +#define MC_CMD_SUC_MANFTEST_IN_LEN 4 +/* The manftest operation to be performed. */ +#define MC_CMD_SUC_MANFTEST_IN_OP_OFST 0 +#define MC_CMD_SUC_MANFTEST_IN_OP_LEN 4 +/* enum: Read serial number and use count. */ +#define MC_CMD_SUC_MANFTEST_WEAROUT_READ 0x0 +/* enum: Update use count on wearout adapter. */ +#define MC_CMD_SUC_MANFTEST_WEAROUT_UPDATE 0x1 +/* enum: Start an ADC calibration. */ +#define MC_CMD_SUC_MANFTEST_ADC_CALIBRATE_START 0x2 +/* enum: Read the status of an ADC calibration. */ +#define MC_CMD_SUC_MANFTEST_ADC_CALIBRATE_STATUS 0x3 +/* enum: Read the results of an ADC calibration. */ +#define MC_CMD_SUC_MANFTEST_ADC_CALIBRATE_RESULT 0x4 +/* enum: Read the PCIe configuration. */ +#define MC_CMD_SUC_MANFTEST_CONFIG_PCIE_READ 0x5 +/* enum: Write the PCIe configuration. */ +#define MC_CMD_SUC_MANFTEST_CONFIG_PCIE_WRITE 0x6 +/* enum: Write FRU information to SUC. The FRU information is taken from the + * FRU_INFORMATION partition. Attempts to write to read-only FRUs are rejected. + */ +#define MC_CMD_SUC_MANFTEST_FRU_WRITE 0x7 + +/* MC_CMD_SUC_MANFTEST_OUT msgresponse */ +#define MC_CMD_SUC_MANFTEST_OUT_LEN 0 + +/* MC_CMD_SUC_MANFTEST_WEAROUT_READ_IN msgrequest */ +#define MC_CMD_SUC_MANFTEST_WEAROUT_READ_IN_LEN 4 +/* The manftest operation to be performed. This must be + * MC_CMD_SUC_MANFTEST_WEAROUT_READ. + */ +#define MC_CMD_SUC_MANFTEST_WEAROUT_READ_IN_OP_OFST 0 +#define MC_CMD_SUC_MANFTEST_WEAROUT_READ_IN_OP_LEN 4 + +/* MC_CMD_SUC_MANFTEST_WEAROUT_READ_OUT msgresponse */ +#define MC_CMD_SUC_MANFTEST_WEAROUT_READ_OUT_LEN 20 +/* The serial number of the wearout adapter, see SF-112717-PR for format. */ +#define MC_CMD_SUC_MANFTEST_WEAROUT_READ_OUT_SERIAL_NUMBER_OFST 0 +#define MC_CMD_SUC_MANFTEST_WEAROUT_READ_OUT_SERIAL_NUMBER_LEN 16 +/* The use count of the wearout adapter. */ +#define MC_CMD_SUC_MANFTEST_WEAROUT_READ_OUT_USE_COUNT_OFST 16 +#define MC_CMD_SUC_MANFTEST_WEAROUT_READ_OUT_USE_COUNT_LEN 4 + +/* MC_CMD_SUC_MANFTEST_WEAROUT_UPDATE_IN msgrequest */ +#define MC_CMD_SUC_MANFTEST_WEAROUT_UPDATE_IN_LEN 4 +/* The manftest operation to be performed. This must be + * MC_CMD_SUC_MANFTEST_WEAROUT_UPDATE. + */ +#define MC_CMD_SUC_MANFTEST_WEAROUT_UPDATE_IN_OP_OFST 0 +#define MC_CMD_SUC_MANFTEST_WEAROUT_UPDATE_IN_OP_LEN 4 + +/* MC_CMD_SUC_MANFTEST_WEAROUT_UPDATE_OUT msgresponse */ +#define MC_CMD_SUC_MANFTEST_WEAROUT_UPDATE_OUT_LEN 0 + +/* MC_CMD_SUC_MANFTEST_ADC_CALIBRATE_START_IN msgrequest */ +#define MC_CMD_SUC_MANFTEST_ADC_CALIBRATE_START_IN_LEN 4 +/* The manftest operation to be performed. This must be + * MC_CMD_SUC_MANFTEST_ADC_CALIBRATE_START. + */ +#define MC_CMD_SUC_MANFTEST_ADC_CALIBRATE_START_IN_OP_OFST 0 +#define MC_CMD_SUC_MANFTEST_ADC_CALIBRATE_START_IN_OP_LEN 4 + +/* MC_CMD_SUC_MANFTEST_ADC_CALIBRATE_START_OUT msgresponse */ +#define MC_CMD_SUC_MANFTEST_ADC_CALIBRATE_START_OUT_LEN 0 + +/* MC_CMD_SUC_MANFTEST_ADC_CALIBRATE_STATUS_IN msgrequest */ +#define MC_CMD_SUC_MANFTEST_ADC_CALIBRATE_STATUS_IN_LEN 4 +/* The manftest operation to be performed. This must be + * MC_CMD_SUC_MANFTEST_ADC_CALIBRATE_STATUS. + */ +#define MC_CMD_SUC_MANFTEST_ADC_CALIBRATE_STATUS_IN_OP_OFST 0 +#define MC_CMD_SUC_MANFTEST_ADC_CALIBRATE_STATUS_IN_OP_LEN 4 + +/* MC_CMD_SUC_MANFTEST_ADC_CALIBRATE_STATUS_OUT msgresponse */ +#define MC_CMD_SUC_MANFTEST_ADC_CALIBRATE_STATUS_OUT_LEN 4 +/* The combined status of the calibration operation. */ +#define MC_CMD_SUC_MANFTEST_ADC_CALIBRATE_STATUS_OUT_FLAGS_OFST 0 +#define MC_CMD_SUC_MANFTEST_ADC_CALIBRATE_STATUS_OUT_FLAGS_LEN 4 +#define MC_CMD_SUC_MANFTEST_ADC_CALIBRATE_STATUS_OUT_CALIBRATING_LBN 0 +#define MC_CMD_SUC_MANFTEST_ADC_CALIBRATE_STATUS_OUT_CALIBRATING_WIDTH 1 +#define MC_CMD_SUC_MANFTEST_ADC_CALIBRATE_STATUS_OUT_FAILED_LBN 1 +#define MC_CMD_SUC_MANFTEST_ADC_CALIBRATE_STATUS_OUT_FAILED_WIDTH 1 +#define MC_CMD_SUC_MANFTEST_ADC_CALIBRATE_STATUS_OUT_RESULT_LBN 2 +#define MC_CMD_SUC_MANFTEST_ADC_CALIBRATE_STATUS_OUT_RESULT_WIDTH 4 +#define MC_CMD_SUC_MANFTEST_ADC_CALIBRATE_STATUS_OUT_INDEX_LBN 6 +#define MC_CMD_SUC_MANFTEST_ADC_CALIBRATE_STATUS_OUT_INDEX_WIDTH 2 + +/* MC_CMD_SUC_MANFTEST_ADC_CALIBRATE_RESULT_IN msgrequest */ +#define MC_CMD_SUC_MANFTEST_ADC_CALIBRATE_RESULT_IN_LEN 4 +/* The manftest operation to be performed. This must be + * MC_CMD_SUC_MANFTEST_ADC_CALIBRATE_RESULT. + */ +#define MC_CMD_SUC_MANFTEST_ADC_CALIBRATE_RESULT_IN_OP_OFST 0 +#define MC_CMD_SUC_MANFTEST_ADC_CALIBRATE_RESULT_IN_OP_LEN 4 + +/* MC_CMD_SUC_MANFTEST_ADC_CALIBRATE_RESULT_OUT msgresponse */ +#define MC_CMD_SUC_MANFTEST_ADC_CALIBRATE_RESULT_OUT_LEN 12 +/* The set of calibration results. */ +#define MC_CMD_SUC_MANFTEST_ADC_CALIBRATE_RESULT_OUT_VALUE_OFST 0 +#define MC_CMD_SUC_MANFTEST_ADC_CALIBRATE_RESULT_OUT_VALUE_LEN 4 +#define MC_CMD_SUC_MANFTEST_ADC_CALIBRATE_RESULT_OUT_VALUE_NUM 3 + +/* MC_CMD_SUC_MANFTEST_CONFIG_PCIE_READ_IN msgrequest */ +#define MC_CMD_SUC_MANFTEST_CONFIG_PCIE_READ_IN_LEN 4 +/* The manftest operation to be performed. This must be + * MC_CMD_SUC_MANFTEST_CONFIG_PCIE_READ. + */ +#define MC_CMD_SUC_MANFTEST_CONFIG_PCIE_READ_IN_OP_OFST 0 +#define MC_CMD_SUC_MANFTEST_CONFIG_PCIE_READ_IN_OP_LEN 4 + +/* MC_CMD_SUC_MANFTEST_CONFIG_PCIE_READ_OUT msgresponse */ +#define MC_CMD_SUC_MANFTEST_CONFIG_PCIE_READ_OUT_LEN 4 +/* The PCIe vendor ID. */ +#define MC_CMD_SUC_MANFTEST_CONFIG_PCIE_READ_OUT_VENDOR_ID_OFST 0 +#define MC_CMD_SUC_MANFTEST_CONFIG_PCIE_READ_OUT_VENDOR_ID_LEN 2 +/* The PCIe device ID. */ +#define MC_CMD_SUC_MANFTEST_CONFIG_PCIE_READ_OUT_DEVICE_ID_OFST 2 +#define MC_CMD_SUC_MANFTEST_CONFIG_PCIE_READ_OUT_DEVICE_ID_LEN 2 + +/* MC_CMD_SUC_MANFTEST_CONFIG_PCIE_WRITE_IN msgrequest */ +#define MC_CMD_SUC_MANFTEST_CONFIG_PCIE_WRITE_IN_LEN 8 +/* The manftest operation to be performed. This must be + * MC_CMD_SUC_MANFTEST_CONFIG_PCIE_WRITE. + */ +#define MC_CMD_SUC_MANFTEST_CONFIG_PCIE_WRITE_IN_OP_OFST 0 +#define MC_CMD_SUC_MANFTEST_CONFIG_PCIE_WRITE_IN_OP_LEN 4 +/* The PCIe vendor ID. */ +#define MC_CMD_SUC_MANFTEST_CONFIG_PCIE_WRITE_IN_VENDOR_ID_OFST 4 +#define MC_CMD_SUC_MANFTEST_CONFIG_PCIE_WRITE_IN_VENDOR_ID_LEN 2 +/* The PCIe device ID. */ +#define MC_CMD_SUC_MANFTEST_CONFIG_PCIE_WRITE_IN_DEVICE_ID_OFST 6 +#define MC_CMD_SUC_MANFTEST_CONFIG_PCIE_WRITE_IN_DEVICE_ID_LEN 2 + +/* MC_CMD_SUC_MANFTEST_CONFIG_PCIE_WRITE_OUT msgresponse */ +#define MC_CMD_SUC_MANFTEST_CONFIG_PCIE_WRITE_OUT_LEN 0 + +/* MC_CMD_SUC_MANFTEST_FRU_WRITE_IN msgrequest */ +#define MC_CMD_SUC_MANFTEST_FRU_WRITE_IN_LEN 4 +/* The manftest operation to be performed. This must be + * MC_CMD_SUC_MANFTEST_FRU_WRITE + */ +#define MC_CMD_SUC_MANFTEST_FRU_WRITE_IN_OP_OFST 0 +#define MC_CMD_SUC_MANFTEST_FRU_WRITE_IN_OP_LEN 4 + +/* MC_CMD_SUC_MANFTEST_FRU_WRITE_OUT msgresponse */ +#define MC_CMD_SUC_MANFTEST_FRU_WRITE_OUT_LEN 0 + + +/***********************************/ +/* MC_CMD_GET_CERTIFICATE + * Request a certificate. + */ +#define MC_CMD_GET_CERTIFICATE 0x12c +#undef MC_CMD_0x12c_PRIVILEGE_CTG + +#define MC_CMD_0x12c_PRIVILEGE_CTG SRIOV_CTG_GENERAL + +/* MC_CMD_GET_CERTIFICATE_IN msgrequest */ +#define MC_CMD_GET_CERTIFICATE_IN_LEN 8 +/* Type of the certificate to be retrieved. */ +#define MC_CMD_GET_CERTIFICATE_IN_TYPE_OFST 0 +#define MC_CMD_GET_CERTIFICATE_IN_TYPE_LEN 4 +#define MC_CMD_GET_CERTIFICATE_IN_UNUSED 0x0 /* enum */ +#define MC_CMD_GET_CERTIFICATE_IN_AAC 0x1 /* enum */ +/* enum: Adapter Authentication Certificate (AAC). The AAC is unique to each + * adapter and is used to verify its authenticity. It is installed by Manftest. + */ +#define MC_CMD_GET_CERTIFICATE_IN_ADAPTER_AUTH 0x1 +#define MC_CMD_GET_CERTIFICATE_IN_AASC 0x2 /* enum */ +/* enum: Adapter Authentication Signing Certificate (AASC). The AASC is shared + * by a group of adapters (typically a purchase order) and is used to verify + * the validity of AAC along with the SF root certificate. It is installed by + * Manftest. + */ +#define MC_CMD_GET_CERTIFICATE_IN_ADAPTER_AUTH_SIGNING 0x2 +#define MC_CMD_GET_CERTIFICATE_IN_CUSTOMER_AAC 0x3 /* enum */ +/* enum: Customer Adapter Authentication Certificate. The Customer AAC is + * unique to each adapter and is used to verify its authenticity in cases where + * either the AAC is not installed or a customer desires to use their own + * certificate chain. It is installed by the customer. + */ +#define MC_CMD_GET_CERTIFICATE_IN_CUSTOMER_ADAPTER_AUTH 0x3 +#define MC_CMD_GET_CERTIFICATE_IN_CUSTOMER_AASC 0x4 /* enum */ +/* enum: Customer Adapter Authentication Certificate. The Customer AASC is + * shared by a group of adapters and is used to verify the validity of the + * Customer AAC along with the customers root certificate. It is installed by + * the customer. + */ +#define MC_CMD_GET_CERTIFICATE_IN_CUSTOMER_ADAPTER_AUTH_SIGNING 0x4 +/* Offset, measured in bytes, relative to the start of the certificate data + * from which the certificate is to be retrieved. + */ +#define MC_CMD_GET_CERTIFICATE_IN_OFFSET_OFST 4 +#define MC_CMD_GET_CERTIFICATE_IN_OFFSET_LEN 4 + +/* MC_CMD_GET_CERTIFICATE_OUT msgresponse */ +#define MC_CMD_GET_CERTIFICATE_OUT_LENMIN 13 +#define MC_CMD_GET_CERTIFICATE_OUT_LENMAX 252 +#define MC_CMD_GET_CERTIFICATE_OUT_LEN(num) (12+1*(num)) +/* Type of the certificate. */ +#define MC_CMD_GET_CERTIFICATE_OUT_TYPE_OFST 0 +#define MC_CMD_GET_CERTIFICATE_OUT_TYPE_LEN 4 +/* Enum values, see field(s): */ +/* MC_CMD_GET_CERTIFICATE_IN/TYPE */ +/* Offset, measured in bytes, relative to the start of the certificate data + * from which data in this message starts. + */ +#define MC_CMD_GET_CERTIFICATE_OUT_OFFSET_OFST 4 +#define MC_CMD_GET_CERTIFICATE_OUT_OFFSET_LEN 4 +/* Total length of the certificate data. */ +#define MC_CMD_GET_CERTIFICATE_OUT_TOTAL_LENGTH_OFST 8 +#define MC_CMD_GET_CERTIFICATE_OUT_TOTAL_LENGTH_LEN 4 +/* The certificate data. */ +#define MC_CMD_GET_CERTIFICATE_OUT_DATA_OFST 12 +#define MC_CMD_GET_CERTIFICATE_OUT_DATA_LEN 1 +#define MC_CMD_GET_CERTIFICATE_OUT_DATA_MINNUM 1 +#define MC_CMD_GET_CERTIFICATE_OUT_DATA_MAXNUM 240 + + +/***********************************/ +/* MC_CMD_GET_NIC_GLOBAL + * Get a global value which applies to all PCI functions + */ +#define MC_CMD_GET_NIC_GLOBAL 0x12d +#undef MC_CMD_0x12d_PRIVILEGE_CTG + +#define MC_CMD_0x12d_PRIVILEGE_CTG SRIOV_CTG_GENERAL + +/* MC_CMD_GET_NIC_GLOBAL_IN msgrequest */ +#define MC_CMD_GET_NIC_GLOBAL_IN_LEN 4 +/* Key to request value for, see enum values in MC_CMD_SET_NIC_GLOBAL. If the + * given key is unknown to the current firmware, the call will fail with + * ENOENT. + */ +#define MC_CMD_GET_NIC_GLOBAL_IN_KEY_OFST 0 +#define MC_CMD_GET_NIC_GLOBAL_IN_KEY_LEN 4 + +/* MC_CMD_GET_NIC_GLOBAL_OUT msgresponse */ +#define MC_CMD_GET_NIC_GLOBAL_OUT_LEN 4 +/* Value of requested key, see key descriptions below. */ +#define MC_CMD_GET_NIC_GLOBAL_OUT_VALUE_OFST 0 +#define MC_CMD_GET_NIC_GLOBAL_OUT_VALUE_LEN 4 + + +/***********************************/ +/* MC_CMD_SET_NIC_GLOBAL + * Set a global value which applies to all PCI functions. Most global values + * can only be changed under specific conditions, and this call will return an + * appropriate error otherwise (see key descriptions). + */ +#define MC_CMD_SET_NIC_GLOBAL 0x12e +#undef MC_CMD_0x12e_PRIVILEGE_CTG + +#define MC_CMD_0x12e_PRIVILEGE_CTG SRIOV_CTG_ADMIN + +/* MC_CMD_SET_NIC_GLOBAL_IN msgrequest */ +#define MC_CMD_SET_NIC_GLOBAL_IN_LEN 8 +/* Key to change value of. Firmware will return ENOENT for keys it doesn't know + * about. + */ +#define MC_CMD_SET_NIC_GLOBAL_IN_KEY_OFST 0 +#define MC_CMD_SET_NIC_GLOBAL_IN_KEY_LEN 4 +/* enum: Request switching the datapath firmware sub-variant. Currently only + * useful when running the DPDK f/w variant. See key values below, and the DPDK + * section of the EF10 Driver Writers Guide. Note that any driver attaching + * with the SUBVARIANT_AWARE flag cleared is implicitly considered as a request + * to switch back to the default sub-variant, and will thus reset this value. + * If a sub-variant switch happens, all other PCI functions will get their + * resources reset (they will see an MC reboot). + */ +#define MC_CMD_SET_NIC_GLOBAL_IN_FIRMWARE_SUBVARIANT 0x1 +/* New value to set, see key descriptions above. */ +#define MC_CMD_SET_NIC_GLOBAL_IN_VALUE_OFST 4 +#define MC_CMD_SET_NIC_GLOBAL_IN_VALUE_LEN 4 +/* enum: Only if KEY = FIRMWARE_SUBVARIANT. Default sub-variant with support + * for maximum features for the current f/w variant. A request from a + * privileged function to set this particular value will always succeed. + */ +#define MC_CMD_SET_NIC_GLOBAL_IN_FW_SUBVARIANT_DEFAULT 0x0 +/* enum: Only if KEY = FIRMWARE_SUBVARIANT. Increases packet rate at the cost + * of not supporting any TX checksum offloads. Only supported when running some + * f/w variants, others will return ENOTSUP (as reported by the homonymous bit + * in MC_CMD_GET_CAPABILITIES_V2). Can only be set when no other drivers are + * attached, and the calling driver must have no resources allocated. See the + * DPDK section of the EF10 Driver Writers Guide for a more detailed + * description with possible error codes. + */ +#define MC_CMD_SET_NIC_GLOBAL_IN_FW_SUBVARIANT_NO_TX_CSUM 0x1 + + +/***********************************/ +/* MC_CMD_LTSSM_TRACE_POLL + * Medford2 hardware has support for logging all LTSSM state transitions to a + * hardware buffer. When built with WITH_LTSSM_TRACE=1, the firmware will + * periodially dump the contents of this hardware buffer to an internal + * firmware buffer for later extraction. + */ +#define MC_CMD_LTSSM_TRACE_POLL 0x12f +#undef MC_CMD_0x12f_PRIVILEGE_CTG + +#define MC_CMD_0x12f_PRIVILEGE_CTG SRIOV_CTG_ADMIN + +/* MC_CMD_LTSSM_TRACE_POLL_IN msgrequest: Read transitions from the firmware + * internal buffer. + */ +#define MC_CMD_LTSSM_TRACE_POLL_IN_LEN 4 +/* The maximum number of row that the caller can accept. The format of each row + * is defined in MC_CMD_LTSSM_TRACE_POLL_OUT. + */ +#define MC_CMD_LTSSM_TRACE_POLL_IN_MAX_ROW_COUNT_OFST 0 +#define MC_CMD_LTSSM_TRACE_POLL_IN_MAX_ROW_COUNT_LEN 4 + +/* MC_CMD_LTSSM_TRACE_POLL_OUT msgresponse */ +#define MC_CMD_LTSSM_TRACE_POLL_OUT_LENMIN 16 +#define MC_CMD_LTSSM_TRACE_POLL_OUT_LENMAX 248 +#define MC_CMD_LTSSM_TRACE_POLL_OUT_LEN(num) (8+8*(num)) +#define MC_CMD_LTSSM_TRACE_POLL_OUT_FLAGS_OFST 0 +#define MC_CMD_LTSSM_TRACE_POLL_OUT_FLAGS_LEN 4 +#define MC_CMD_LTSSM_TRACE_POLL_OUT_HW_BUFFER_OVERFLOW_LBN 0 +#define MC_CMD_LTSSM_TRACE_POLL_OUT_HW_BUFFER_OVERFLOW_WIDTH 1 +#define MC_CMD_LTSSM_TRACE_POLL_OUT_FW_BUFFER_OVERFLOW_LBN 1 +#define MC_CMD_LTSSM_TRACE_POLL_OUT_FW_BUFFER_OVERFLOW_WIDTH 1 +#define MC_CMD_LTSSM_TRACE_POLL_OUT_CONTINUES_LBN 31 +#define MC_CMD_LTSSM_TRACE_POLL_OUT_CONTINUES_WIDTH 1 +/* The number of rows present in this response. */ +#define MC_CMD_LTSSM_TRACE_POLL_OUT_ROW_COUNT_OFST 4 +#define MC_CMD_LTSSM_TRACE_POLL_OUT_ROW_COUNT_LEN 4 +#define MC_CMD_LTSSM_TRACE_POLL_OUT_ROWS_OFST 8 +#define MC_CMD_LTSSM_TRACE_POLL_OUT_ROWS_LEN 8 +#define MC_CMD_LTSSM_TRACE_POLL_OUT_ROWS_LO_OFST 8 +#define MC_CMD_LTSSM_TRACE_POLL_OUT_ROWS_HI_OFST 12 +#define MC_CMD_LTSSM_TRACE_POLL_OUT_ROWS_MINNUM 0 +#define MC_CMD_LTSSM_TRACE_POLL_OUT_ROWS_MAXNUM 30 +#define MC_CMD_LTSSM_TRACE_POLL_OUT_LTSSM_STATE_LBN 0 +#define MC_CMD_LTSSM_TRACE_POLL_OUT_LTSSM_STATE_WIDTH 6 +#define MC_CMD_LTSSM_TRACE_POLL_OUT_RDLH_LINK_UP_LBN 6 +#define MC_CMD_LTSSM_TRACE_POLL_OUT_RDLH_LINK_UP_WIDTH 1 +#define MC_CMD_LTSSM_TRACE_POLL_OUT_WAKE_N_LBN 7 +#define MC_CMD_LTSSM_TRACE_POLL_OUT_WAKE_N_WIDTH 1 +#define MC_CMD_LTSSM_TRACE_POLL_OUT_TIMESTAMP_PS_LBN 8 +#define MC_CMD_LTSSM_TRACE_POLL_OUT_TIMESTAMP_PS_WIDTH 24 +/* The time of the LTSSM transition. Times are reported as fractional + * microseconds since MC boot (wrapping at 2^32us). The fractional part is + * reported in picoseconds. 0 <= TIMESTAMP_PS < 1000000 timestamp in seconds = + * ((TIMESTAMP_US + TIMESTAMP_PS / 1000000) / 1000000) + */ +#define MC_CMD_LTSSM_TRACE_POLL_OUT_TIMESTAMP_US_OFST 12 +#define MC_CMD_LTSSM_TRACE_POLL_OUT_TIMESTAMP_US_LEN 4 + #endif /* _SIENA_MC_DRIVER_PCOL_H */ diff --git a/sys/dev/sfxge/common/efx_regs_mcdi_aoe.h b/sys/dev/sfxge/common/efx_regs_mcdi_aoe.h new file mode 100644 index 000000000000..d5defc89904b --- /dev/null +++ b/sys/dev/sfxge/common/efx_regs_mcdi_aoe.h @@ -0,0 +1,2934 @@ +/*- + * SPDX-License-Identifier: BSD-2-Clause-FreeBSD + * + * Copyright 2008-2018 Solarflare Communications Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + */ + +#ifndef _SYS_EFX_REGS_MCDI_AOE_H +#define _SYS_EFX_REGS_MCDI_AOE_H + + + +/***********************************/ +/* MC_CMD_FC + * Perform an FC operation + */ +#define MC_CMD_FC 0x9 + +/* MC_CMD_FC_IN msgrequest */ +#define MC_CMD_FC_IN_LEN 4 +#define MC_CMD_FC_IN_OP_HDR_OFST 0 +#define MC_CMD_FC_IN_OP_HDR_LEN 4 +#define MC_CMD_FC_IN_OP_LBN 0 +#define MC_CMD_FC_IN_OP_WIDTH 8 +/* enum: NULL MCDI command to FC. */ +#define MC_CMD_FC_OP_NULL 0x1 +/* enum: Unused opcode */ +#define MC_CMD_FC_OP_UNUSED 0x2 +/* enum: MAC driver commands */ +#define MC_CMD_FC_OP_MAC 0x3 +/* enum: Read FC memory */ +#define MC_CMD_FC_OP_READ32 0x4 +/* enum: Write to FC memory */ +#define MC_CMD_FC_OP_WRITE32 0x5 +/* enum: Read FC memory */ +#define MC_CMD_FC_OP_TRC_READ 0x6 +/* enum: Write to FC memory */ +#define MC_CMD_FC_OP_TRC_WRITE 0x7 +/* enum: FC firmware Version */ +#define MC_CMD_FC_OP_GET_VERSION 0x8 +/* enum: Read FC memory */ +#define MC_CMD_FC_OP_TRC_RX_READ 0x9 +/* enum: Write to FC memory */ +#define MC_CMD_FC_OP_TRC_RX_WRITE 0xa +/* enum: SFP parameters */ +#define MC_CMD_FC_OP_SFP 0xb +/* enum: DDR3 test */ +#define MC_CMD_FC_OP_DDR_TEST 0xc +/* enum: Get Crash context from FC */ +#define MC_CMD_FC_OP_GET_ASSERT 0xd +/* enum: Get FPGA Build registers */ +#define MC_CMD_FC_OP_FPGA_BUILD 0xe +/* enum: Read map support commands */ +#define MC_CMD_FC_OP_READ_MAP 0xf +/* enum: FC Capabilities */ +#define MC_CMD_FC_OP_CAPABILITIES 0x10 +/* enum: FC Global flags */ +#define MC_CMD_FC_OP_GLOBAL_FLAGS 0x11 +/* enum: FC IO using relative addressing modes */ +#define MC_CMD_FC_OP_IO_REL 0x12 +/* enum: FPGA link information */ +#define MC_CMD_FC_OP_UHLINK 0x13 +/* enum: Configure loopbacks and link on FPGA ports */ +#define MC_CMD_FC_OP_SET_LINK 0x14 +/* enum: Licensing operations relating to AOE */ +#define MC_CMD_FC_OP_LICENSE 0x15 +/* enum: Startup information to the FC */ +#define MC_CMD_FC_OP_STARTUP 0x16 +/* enum: Configure a DMA read */ +#define MC_CMD_FC_OP_DMA 0x17 +/* enum: Configure a timed read */ +#define MC_CMD_FC_OP_TIMED_READ 0x18 +/* enum: Control UART logging */ +#define MC_CMD_FC_OP_LOG 0x19 +/* enum: Get the value of a given clock_id */ +#define MC_CMD_FC_OP_CLOCK 0x1a +/* enum: DDR3/QDR3 parameters */ +#define MC_CMD_FC_OP_DDR 0x1b +/* enum: PTP and timestamp control */ +#define MC_CMD_FC_OP_TIMESTAMP 0x1c +/* enum: Commands for SPI Flash interface */ +#define MC_CMD_FC_OP_SPI 0x1d +/* enum: Commands for diagnostic components */ +#define MC_CMD_FC_OP_DIAG 0x1e +/* enum: External AOE port. */ +#define MC_CMD_FC_IN_PORT_EXT_OFST 0x0 +/* enum: Internal AOE port. */ +#define MC_CMD_FC_IN_PORT_INT_OFST 0x40 + +/* MC_CMD_FC_IN_NULL msgrequest */ +#define MC_CMD_FC_IN_NULL_LEN 4 +#define MC_CMD_FC_IN_CMD_OFST 0 +#define MC_CMD_FC_IN_CMD_LEN 4 + +/* MC_CMD_FC_IN_PHY msgrequest */ +#define MC_CMD_FC_IN_PHY_LEN 5 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +/* FC PHY driver operation code */ +#define MC_CMD_FC_IN_PHY_OP_OFST 4 +#define MC_CMD_FC_IN_PHY_OP_LEN 1 +/* enum: PHY init handler */ +#define MC_CMD_FC_OP_PHY_OP_INIT 0x1 +/* enum: PHY reconfigure handler */ +#define MC_CMD_FC_OP_PHY_OP_RECONFIGURE 0x2 +/* enum: PHY reboot handler */ +#define MC_CMD_FC_OP_PHY_OP_REBOOT 0x3 +/* enum: PHY get_supported_cap handler */ +#define MC_CMD_FC_OP_PHY_OP_GET_SUPPORTED_CAP 0x4 +/* enum: PHY get_config handler */ +#define MC_CMD_FC_OP_PHY_OP_GET_CONFIG 0x5 +/* enum: PHY get_media_info handler */ +#define MC_CMD_FC_OP_PHY_OP_GET_MEDIA_INFO 0x6 +/* enum: PHY set_led handler */ +#define MC_CMD_FC_OP_PHY_OP_SET_LED 0x7 +/* enum: PHY lasi_interrupt handler */ +#define MC_CMD_FC_OP_PHY_OP_LASI_INTERRUPT 0x8 +/* enum: PHY check_link handler */ +#define MC_CMD_FC_OP_PHY_OP_CHECK_LINK 0x9 +/* enum: PHY fill_stats handler */ +#define MC_CMD_FC_OP_PHY_OP_FILL_STATS 0xa +/* enum: PHY bpx_link_state_changed handler */ +#define MC_CMD_FC_OP_PHY_OP_BPX_LINK_STATE_CHANGED 0xb +/* enum: PHY get_state handler */ +#define MC_CMD_FC_OP_PHY_OP_GET_STATE 0xc +/* enum: PHY start_bist handler */ +#define MC_CMD_FC_OP_PHY_OP_START_BIST 0xd +/* enum: PHY poll_bist handler */ +#define MC_CMD_FC_OP_PHY_OP_POLL_BIST 0xe +/* enum: PHY nvram_test handler */ +#define MC_CMD_FC_OP_PHY_OP_NVRAM_TEST 0xf +/* enum: PHY relinquish handler */ +#define MC_CMD_FC_OP_PHY_OP_RELINQUISH_SPI 0x10 +/* enum: PHY read connection from FC - may be not required */ +#define MC_CMD_FC_OP_PHY_OP_GET_CONNECTION 0x11 +/* enum: PHY read flags from FC - may be not required */ +#define MC_CMD_FC_OP_PHY_OP_GET_FLAGS 0x12 + +/* MC_CMD_FC_IN_PHY_INIT msgrequest */ +#define MC_CMD_FC_IN_PHY_INIT_LEN 4 +#define MC_CMD_FC_IN_PHY_CMD_OFST 0 +#define MC_CMD_FC_IN_PHY_CMD_LEN 4 + +/* MC_CMD_FC_IN_MAC msgrequest */ +#define MC_CMD_FC_IN_MAC_LEN 8 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +#define MC_CMD_FC_IN_MAC_HEADER_OFST 4 +#define MC_CMD_FC_IN_MAC_HEADER_LEN 4 +#define MC_CMD_FC_IN_MAC_OP_LBN 0 +#define MC_CMD_FC_IN_MAC_OP_WIDTH 8 +/* enum: MAC reconfigure handler */ +#define MC_CMD_FC_OP_MAC_OP_RECONFIGURE 0x1 +/* enum: MAC Set command - same as MC_CMD_SET_MAC */ +#define MC_CMD_FC_OP_MAC_OP_SET_LINK 0x2 +/* enum: MAC statistics */ +#define MC_CMD_FC_OP_MAC_OP_GET_STATS 0x3 +/* enum: MAC RX statistics */ +#define MC_CMD_FC_OP_MAC_OP_GET_RX_STATS 0x6 +/* enum: MAC TX statistics */ +#define MC_CMD_FC_OP_MAC_OP_GET_TX_STATS 0x7 +/* enum: MAC Read status */ +#define MC_CMD_FC_OP_MAC_OP_READ_STATUS 0x8 +#define MC_CMD_FC_IN_MAC_PORT_TYPE_LBN 8 +#define MC_CMD_FC_IN_MAC_PORT_TYPE_WIDTH 8 +/* enum: External FPGA port. */ +#define MC_CMD_FC_PORT_EXT 0x0 +/* enum: Internal Siena-facing FPGA ports. */ +#define MC_CMD_FC_PORT_INT 0x1 +#define MC_CMD_FC_IN_MAC_PORT_IDX_LBN 16 +#define MC_CMD_FC_IN_MAC_PORT_IDX_WIDTH 8 +#define MC_CMD_FC_IN_MAC_CMD_FORMAT_LBN 24 +#define MC_CMD_FC_IN_MAC_CMD_FORMAT_WIDTH 8 +/* enum: Default FC command format; the fields PORT_TYPE and PORT_IDX are + * irrelevant. Port number is derived from pci_fn; passed in FC header. + */ +#define MC_CMD_FC_OP_MAC_CMD_FORMAT_DEFAULT 0x0 +/* enum: Override default port number. Port number determined by fields + * PORT_TYPE and PORT_IDX. + */ +#define MC_CMD_FC_OP_MAC_CMD_FORMAT_PORT_OVERRIDE 0x1 + +/* MC_CMD_FC_IN_MAC_RECONFIGURE msgrequest */ +#define MC_CMD_FC_IN_MAC_RECONFIGURE_LEN 8 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +/* MC_CMD_FC_IN_MAC_HEADER_OFST 4 */ +/* MC_CMD_FC_IN_MAC_HEADER_LEN 4 */ + +/* MC_CMD_FC_IN_MAC_SET_LINK msgrequest */ +#define MC_CMD_FC_IN_MAC_SET_LINK_LEN 32 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +/* MC_CMD_FC_IN_MAC_HEADER_OFST 4 */ +/* MC_CMD_FC_IN_MAC_HEADER_LEN 4 */ +/* MTU size */ +#define MC_CMD_FC_IN_MAC_SET_LINK_MTU_OFST 8 +#define MC_CMD_FC_IN_MAC_SET_LINK_MTU_LEN 4 +/* Drain Tx FIFO */ +#define MC_CMD_FC_IN_MAC_SET_LINK_DRAIN_OFST 12 +#define MC_CMD_FC_IN_MAC_SET_LINK_DRAIN_LEN 4 +#define MC_CMD_FC_IN_MAC_SET_LINK_ADDR_OFST 16 +#define MC_CMD_FC_IN_MAC_SET_LINK_ADDR_LEN 8 +#define MC_CMD_FC_IN_MAC_SET_LINK_ADDR_LO_OFST 16 +#define MC_CMD_FC_IN_MAC_SET_LINK_ADDR_HI_OFST 20 +#define MC_CMD_FC_IN_MAC_SET_LINK_REJECT_OFST 24 +#define MC_CMD_FC_IN_MAC_SET_LINK_REJECT_LEN 4 +#define MC_CMD_FC_IN_MAC_SET_LINK_REJECT_UNICAST_LBN 0 +#define MC_CMD_FC_IN_MAC_SET_LINK_REJECT_UNICAST_WIDTH 1 +#define MC_CMD_FC_IN_MAC_SET_LINK_REJECT_BRDCAST_LBN 1 +#define MC_CMD_FC_IN_MAC_SET_LINK_REJECT_BRDCAST_WIDTH 1 +#define MC_CMD_FC_IN_MAC_SET_LINK_FCNTL_OFST 28 +#define MC_CMD_FC_IN_MAC_SET_LINK_FCNTL_LEN 4 + +/* MC_CMD_FC_IN_MAC_READ_STATUS msgrequest */ +#define MC_CMD_FC_IN_MAC_READ_STATUS_LEN 8 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +/* MC_CMD_FC_IN_MAC_HEADER_OFST 4 */ +/* MC_CMD_FC_IN_MAC_HEADER_LEN 4 */ + +/* MC_CMD_FC_IN_MAC_GET_RX_STATS msgrequest */ +#define MC_CMD_FC_IN_MAC_GET_RX_STATS_LEN 8 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +/* MC_CMD_FC_IN_MAC_HEADER_OFST 4 */ +/* MC_CMD_FC_IN_MAC_HEADER_LEN 4 */ + +/* MC_CMD_FC_IN_MAC_GET_TX_STATS msgrequest */ +#define MC_CMD_FC_IN_MAC_GET_TX_STATS_LEN 8 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +/* MC_CMD_FC_IN_MAC_HEADER_OFST 4 */ +/* MC_CMD_FC_IN_MAC_HEADER_LEN 4 */ + +/* MC_CMD_FC_IN_MAC_GET_STATS msgrequest */ +#define MC_CMD_FC_IN_MAC_GET_STATS_LEN 20 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +/* MC_CMD_FC_IN_MAC_HEADER_OFST 4 */ +/* MC_CMD_FC_IN_MAC_HEADER_LEN 4 */ +/* MC Statistics index */ +#define MC_CMD_FC_IN_MAC_GET_STATS_STATS_INDEX_OFST 8 +#define MC_CMD_FC_IN_MAC_GET_STATS_STATS_INDEX_LEN 4 +#define MC_CMD_FC_IN_MAC_GET_STATS_FLAGS_OFST 12 +#define MC_CMD_FC_IN_MAC_GET_STATS_FLAGS_LEN 4 +#define MC_CMD_FC_IN_MAC_GET_STATS_CLEAR_ALL_LBN 0 +#define MC_CMD_FC_IN_MAC_GET_STATS_CLEAR_ALL_WIDTH 1 +#define MC_CMD_FC_IN_MAC_GET_STATS_CLEAR_LBN 1 +#define MC_CMD_FC_IN_MAC_GET_STATS_CLEAR_WIDTH 1 +#define MC_CMD_FC_IN_MAC_GET_STATS_UPDATE_LBN 2 +#define MC_CMD_FC_IN_MAC_GET_STATS_UPDATE_WIDTH 1 +/* Number of statistics to read */ +#define MC_CMD_FC_IN_MAC_GET_STATS_NUM_OFST 16 +#define MC_CMD_FC_IN_MAC_GET_STATS_NUM_LEN 4 +#define MC_CMD_FC_MAC_NSTATS_PER_BLOCK 0x1e /* enum */ +#define MC_CMD_FC_MAC_NBYTES_PER_STAT 0x8 /* enum */ + +/* MC_CMD_FC_IN_READ32 msgrequest */ +#define MC_CMD_FC_IN_READ32_LEN 16 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +#define MC_CMD_FC_IN_READ32_ADDR_HI_OFST 4 +#define MC_CMD_FC_IN_READ32_ADDR_HI_LEN 4 +#define MC_CMD_FC_IN_READ32_ADDR_LO_OFST 8 +#define MC_CMD_FC_IN_READ32_ADDR_LO_LEN 4 +#define MC_CMD_FC_IN_READ32_NUMWORDS_OFST 12 +#define MC_CMD_FC_IN_READ32_NUMWORDS_LEN 4 + +/* MC_CMD_FC_IN_WRITE32 msgrequest */ +#define MC_CMD_FC_IN_WRITE32_LENMIN 16 +#define MC_CMD_FC_IN_WRITE32_LENMAX 252 +#define MC_CMD_FC_IN_WRITE32_LEN(num) (12+4*(num)) +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +#define MC_CMD_FC_IN_WRITE32_ADDR_HI_OFST 4 +#define MC_CMD_FC_IN_WRITE32_ADDR_HI_LEN 4 +#define MC_CMD_FC_IN_WRITE32_ADDR_LO_OFST 8 +#define MC_CMD_FC_IN_WRITE32_ADDR_LO_LEN 4 +#define MC_CMD_FC_IN_WRITE32_BUFFER_OFST 12 +#define MC_CMD_FC_IN_WRITE32_BUFFER_LEN 4 +#define MC_CMD_FC_IN_WRITE32_BUFFER_MINNUM 1 +#define MC_CMD_FC_IN_WRITE32_BUFFER_MAXNUM 60 + +/* MC_CMD_FC_IN_TRC_READ msgrequest */ +#define MC_CMD_FC_IN_TRC_READ_LEN 12 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +#define MC_CMD_FC_IN_TRC_READ_TRC_OFST 4 +#define MC_CMD_FC_IN_TRC_READ_TRC_LEN 4 +#define MC_CMD_FC_IN_TRC_READ_CHANNEL_OFST 8 +#define MC_CMD_FC_IN_TRC_READ_CHANNEL_LEN 4 + +/* MC_CMD_FC_IN_TRC_WRITE msgrequest */ +#define MC_CMD_FC_IN_TRC_WRITE_LEN 28 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +#define MC_CMD_FC_IN_TRC_WRITE_TRC_OFST 4 +#define MC_CMD_FC_IN_TRC_WRITE_TRC_LEN 4 +#define MC_CMD_FC_IN_TRC_WRITE_CHANNEL_OFST 8 +#define MC_CMD_FC_IN_TRC_WRITE_CHANNEL_LEN 4 +#define MC_CMD_FC_IN_TRC_WRITE_DATA_OFST 12 +#define MC_CMD_FC_IN_TRC_WRITE_DATA_LEN 4 +#define MC_CMD_FC_IN_TRC_WRITE_DATA_NUM 4 + +/* MC_CMD_FC_IN_GET_VERSION msgrequest */ +#define MC_CMD_FC_IN_GET_VERSION_LEN 4 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ + +/* MC_CMD_FC_IN_TRC_RX_READ msgrequest */ +#define MC_CMD_FC_IN_TRC_RX_READ_LEN 12 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +#define MC_CMD_FC_IN_TRC_RX_READ_TRC_OFST 4 +#define MC_CMD_FC_IN_TRC_RX_READ_TRC_LEN 4 +#define MC_CMD_FC_IN_TRC_RX_READ_CHANNEL_OFST 8 +#define MC_CMD_FC_IN_TRC_RX_READ_CHANNEL_LEN 4 + +/* MC_CMD_FC_IN_TRC_RX_WRITE msgrequest */ +#define MC_CMD_FC_IN_TRC_RX_WRITE_LEN 20 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +#define MC_CMD_FC_IN_TRC_RX_WRITE_TRC_OFST 4 +#define MC_CMD_FC_IN_TRC_RX_WRITE_TRC_LEN 4 +#define MC_CMD_FC_IN_TRC_RX_WRITE_CHANNEL_OFST 8 +#define MC_CMD_FC_IN_TRC_RX_WRITE_CHANNEL_LEN 4 +#define MC_CMD_FC_IN_TRC_RX_WRITE_DATA_OFST 12 +#define MC_CMD_FC_IN_TRC_RX_WRITE_DATA_LEN 4 +#define MC_CMD_FC_IN_TRC_RX_WRITE_DATA_NUM 2 + +/* MC_CMD_FC_IN_SFP msgrequest */ +#define MC_CMD_FC_IN_SFP_LEN 28 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +/* Link speed is 100, 1000, 10000, 40000 */ +#define MC_CMD_FC_IN_SFP_SPEED_OFST 4 +#define MC_CMD_FC_IN_SFP_SPEED_LEN 4 +/* Length of copper cable - zero when not relevant (e.g. if cable is fibre) */ +#define MC_CMD_FC_IN_SFP_COPPER_LEN_OFST 8 +#define MC_CMD_FC_IN_SFP_COPPER_LEN_LEN 4 +/* Not relevant for cards with QSFP modules. For older cards, true if module is + * a dual speed SFP+ module. + */ +#define MC_CMD_FC_IN_SFP_DUAL_SPEED_OFST 12 +#define MC_CMD_FC_IN_SFP_DUAL_SPEED_LEN 4 +/* True if an SFP Module is present (other fields valid when true) */ +#define MC_CMD_FC_IN_SFP_PRESENT_OFST 16 +#define MC_CMD_FC_IN_SFP_PRESENT_LEN 4 +/* The type of the SFP+ Module. For later cards with QSFP modules, this field + * is unused and the type is communicated by other means. + */ +#define MC_CMD_FC_IN_SFP_TYPE_OFST 20 +#define MC_CMD_FC_IN_SFP_TYPE_LEN 4 +/* Capabilities corresponding to 1 bits. */ +#define MC_CMD_FC_IN_SFP_CAPS_OFST 24 +#define MC_CMD_FC_IN_SFP_CAPS_LEN 4 + +/* MC_CMD_FC_IN_DDR_TEST msgrequest */ +#define MC_CMD_FC_IN_DDR_TEST_LEN 8 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +#define MC_CMD_FC_IN_DDR_TEST_HEADER_OFST 4 +#define MC_CMD_FC_IN_DDR_TEST_HEADER_LEN 4 +#define MC_CMD_FC_IN_DDR_TEST_OP_LBN 0 +#define MC_CMD_FC_IN_DDR_TEST_OP_WIDTH 8 +/* enum: DRAM Test Start */ +#define MC_CMD_FC_OP_DDR_TEST_START 0x1 +/* enum: DRAM Test Poll */ +#define MC_CMD_FC_OP_DDR_TEST_POLL 0x2 + +/* MC_CMD_FC_IN_DDR_TEST_START msgrequest */ +#define MC_CMD_FC_IN_DDR_TEST_START_LEN 12 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +/* MC_CMD_FC_IN_DDR_TEST_HEADER_OFST 4 */ +/* MC_CMD_FC_IN_DDR_TEST_HEADER_LEN 4 */ +#define MC_CMD_FC_IN_DDR_TEST_START_MASK_OFST 8 +#define MC_CMD_FC_IN_DDR_TEST_START_MASK_LEN 4 +#define MC_CMD_FC_IN_DDR_TEST_START_T0_LBN 0 +#define MC_CMD_FC_IN_DDR_TEST_START_T0_WIDTH 1 +#define MC_CMD_FC_IN_DDR_TEST_START_T1_LBN 1 +#define MC_CMD_FC_IN_DDR_TEST_START_T1_WIDTH 1 +#define MC_CMD_FC_IN_DDR_TEST_START_B0_LBN 2 +#define MC_CMD_FC_IN_DDR_TEST_START_B0_WIDTH 1 +#define MC_CMD_FC_IN_DDR_TEST_START_B1_LBN 3 +#define MC_CMD_FC_IN_DDR_TEST_START_B1_WIDTH 1 + +/* MC_CMD_FC_IN_DDR_TEST_POLL msgrequest */ +#define MC_CMD_FC_IN_DDR_TEST_POLL_LEN 12 +#define MC_CMD_FC_IN_DDR_TEST_CMD_OFST 0 +#define MC_CMD_FC_IN_DDR_TEST_CMD_LEN 4 +/* MC_CMD_FC_IN_DDR_TEST_HEADER_OFST 4 */ +/* MC_CMD_FC_IN_DDR_TEST_HEADER_LEN 4 */ +/* Clear previous test result and prepare for restarting DDR test */ +#define MC_CMD_FC_IN_DDR_TEST_POLL_CLEAR_RESULT_FOR_DDR_TEST_OFST 8 +#define MC_CMD_FC_IN_DDR_TEST_POLL_CLEAR_RESULT_FOR_DDR_TEST_LEN 4 + +/* MC_CMD_FC_IN_GET_ASSERT msgrequest */ +#define MC_CMD_FC_IN_GET_ASSERT_LEN 4 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ + +/* MC_CMD_FC_IN_FPGA_BUILD msgrequest */ +#define MC_CMD_FC_IN_FPGA_BUILD_LEN 8 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +/* FPGA build info operation code */ +#define MC_CMD_FC_IN_FPGA_BUILD_OP_OFST 4 +#define MC_CMD_FC_IN_FPGA_BUILD_OP_LEN 4 +/* enum: Get the build registers */ +#define MC_CMD_FC_IN_FPGA_BUILD_BUILD 0x1 +/* enum: Get the services registers */ +#define MC_CMD_FC_IN_FPGA_BUILD_SERVICES 0x2 +/* enum: Get the BSP version */ +#define MC_CMD_FC_IN_FPGA_BUILD_BSP_VERSION 0x3 +/* enum: Get build register for V2 (SFA974X) */ +#define MC_CMD_FC_IN_FPGA_BUILD_BUILD_V2 0x4 +/* enum: GEt the services register for V2 (SFA974X) */ +#define MC_CMD_FC_IN_FPGA_BUILD_SERVICES_V2 0x5 + +/* MC_CMD_FC_IN_READ_MAP msgrequest */ +#define MC_CMD_FC_IN_READ_MAP_LEN 8 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +#define MC_CMD_FC_IN_READ_MAP_HEADER_OFST 4 +#define MC_CMD_FC_IN_READ_MAP_HEADER_LEN 4 +#define MC_CMD_FC_IN_READ_MAP_OP_LBN 0 +#define MC_CMD_FC_IN_READ_MAP_OP_WIDTH 8 +/* enum: Get the number of map regions */ +#define MC_CMD_FC_OP_READ_MAP_COUNT 0x1 +/* enum: Get the specified map */ +#define MC_CMD_FC_OP_READ_MAP_INDEX 0x2 + +/* MC_CMD_FC_IN_READ_MAP_COUNT msgrequest */ +#define MC_CMD_FC_IN_READ_MAP_COUNT_LEN 8 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +/* MC_CMD_FC_IN_READ_MAP_HEADER_OFST 4 */ +/* MC_CMD_FC_IN_READ_MAP_HEADER_LEN 4 */ + +/* MC_CMD_FC_IN_READ_MAP_INDEX msgrequest */ +#define MC_CMD_FC_IN_READ_MAP_INDEX_LEN 12 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +/* MC_CMD_FC_IN_READ_MAP_HEADER_OFST 4 */ +/* MC_CMD_FC_IN_READ_MAP_HEADER_LEN 4 */ +#define MC_CMD_FC_IN_MAP_INDEX_OFST 8 +#define MC_CMD_FC_IN_MAP_INDEX_LEN 4 + +/* MC_CMD_FC_IN_CAPABILITIES msgrequest */ +#define MC_CMD_FC_IN_CAPABILITIES_LEN 4 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ + +/* MC_CMD_FC_IN_GLOBAL_FLAGS msgrequest */ +#define MC_CMD_FC_IN_GLOBAL_FLAGS_LEN 8 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +#define MC_CMD_FC_IN_GLOBAL_FLAGS_FLAGS_OFST 4 +#define MC_CMD_FC_IN_GLOBAL_FLAGS_FLAGS_LEN 4 +#define MC_CMD_FC_IN_GLOBAL_FLAGS_RX_TUNING_CABLE_PLUGGED_IN_LBN 0 +#define MC_CMD_FC_IN_GLOBAL_FLAGS_RX_TUNING_CABLE_PLUGGED_IN_WIDTH 1 +#define MC_CMD_FC_IN_GLOBAL_FLAGS_RX_TUNING_LINK_MONITORING_LBN 1 +#define MC_CMD_FC_IN_GLOBAL_FLAGS_RX_TUNING_LINK_MONITORING_WIDTH 1 +#define MC_CMD_FC_IN_GLOBAL_FLAGS_DFE_ENABLE_LBN 2 +#define MC_CMD_FC_IN_GLOBAL_FLAGS_DFE_ENABLE_WIDTH 1 +#define MC_CMD_FC_IN_GLOBAL_FLAGS_1D_EYE_ENABLE_LBN 3 +#define MC_CMD_FC_IN_GLOBAL_FLAGS_1D_EYE_ENABLE_WIDTH 1 +#define MC_CMD_FC_IN_GLOBAL_FLAGS_1D_TUNING_ENABLE_LBN 4 +#define MC_CMD_FC_IN_GLOBAL_FLAGS_1D_TUNING_ENABLE_WIDTH 1 +#define MC_CMD_FC_IN_GLOBAL_FLAGS_OFFCAL_ENABLE_LBN 5 +#define MC_CMD_FC_IN_GLOBAL_FLAGS_OFFCAL_ENABLE_WIDTH 1 + +/* MC_CMD_FC_IN_IO_REL msgrequest */ +#define MC_CMD_FC_IN_IO_REL_LEN 8 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +#define MC_CMD_FC_IN_IO_REL_HEADER_OFST 4 +#define MC_CMD_FC_IN_IO_REL_HEADER_LEN 4 +#define MC_CMD_FC_IN_IO_REL_OP_LBN 0 +#define MC_CMD_FC_IN_IO_REL_OP_WIDTH 8 +/* enum: Get the base address that the FC applies to relative commands */ +#define MC_CMD_FC_IN_IO_REL_GET_ADDR 0x1 +/* enum: Read data */ +#define MC_CMD_FC_IN_IO_REL_READ32 0x2 +/* enum: Write data */ +#define MC_CMD_FC_IN_IO_REL_WRITE32 0x3 +#define MC_CMD_FC_IN_IO_REL_COMP_TYPE_LBN 8 +#define MC_CMD_FC_IN_IO_REL_COMP_TYPE_WIDTH 8 +/* enum: Application address space */ +#define MC_CMD_FC_COMP_TYPE_APP_ADDR_SPACE 0x1 +/* enum: Flash address space */ +#define MC_CMD_FC_COMP_TYPE_FLASH 0x2 + +/* MC_CMD_FC_IN_IO_REL_GET_ADDR msgrequest */ +#define MC_CMD_FC_IN_IO_REL_GET_ADDR_LEN 8 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +/* MC_CMD_FC_IN_IO_REL_HEADER_OFST 4 */ +/* MC_CMD_FC_IN_IO_REL_HEADER_LEN 4 */ + +/* MC_CMD_FC_IN_IO_REL_READ32 msgrequest */ +#define MC_CMD_FC_IN_IO_REL_READ32_LEN 20 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +/* MC_CMD_FC_IN_IO_REL_HEADER_OFST 4 */ +/* MC_CMD_FC_IN_IO_REL_HEADER_LEN 4 */ +#define MC_CMD_FC_IN_IO_REL_READ32_ADDR_HI_OFST 8 +#define MC_CMD_FC_IN_IO_REL_READ32_ADDR_HI_LEN 4 +#define MC_CMD_FC_IN_IO_REL_READ32_ADDR_LO_OFST 12 +#define MC_CMD_FC_IN_IO_REL_READ32_ADDR_LO_LEN 4 +#define MC_CMD_FC_IN_IO_REL_READ32_NUMWORDS_OFST 16 +#define MC_CMD_FC_IN_IO_REL_READ32_NUMWORDS_LEN 4 + +/* MC_CMD_FC_IN_IO_REL_WRITE32 msgrequest */ +#define MC_CMD_FC_IN_IO_REL_WRITE32_LENMIN 20 +#define MC_CMD_FC_IN_IO_REL_WRITE32_LENMAX 252 +#define MC_CMD_FC_IN_IO_REL_WRITE32_LEN(num) (16+4*(num)) +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +/* MC_CMD_FC_IN_IO_REL_HEADER_OFST 4 */ +/* MC_CMD_FC_IN_IO_REL_HEADER_LEN 4 */ +#define MC_CMD_FC_IN_IO_REL_WRITE32_ADDR_HI_OFST 8 +#define MC_CMD_FC_IN_IO_REL_WRITE32_ADDR_HI_LEN 4 +#define MC_CMD_FC_IN_IO_REL_WRITE32_ADDR_LO_OFST 12 +#define MC_CMD_FC_IN_IO_REL_WRITE32_ADDR_LO_LEN 4 +#define MC_CMD_FC_IN_IO_REL_WRITE32_BUFFER_OFST 16 +#define MC_CMD_FC_IN_IO_REL_WRITE32_BUFFER_LEN 4 +#define MC_CMD_FC_IN_IO_REL_WRITE32_BUFFER_MINNUM 1 +#define MC_CMD_FC_IN_IO_REL_WRITE32_BUFFER_MAXNUM 59 + +/* MC_CMD_FC_IN_UHLINK msgrequest */ +#define MC_CMD_FC_IN_UHLINK_LEN 8 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +#define MC_CMD_FC_IN_UHLINK_HEADER_OFST 4 +#define MC_CMD_FC_IN_UHLINK_HEADER_LEN 4 +#define MC_CMD_FC_IN_UHLINK_OP_LBN 0 +#define MC_CMD_FC_IN_UHLINK_OP_WIDTH 8 +/* enum: Get PHY configuration info */ +#define MC_CMD_FC_OP_UHLINK_PHY 0x1 +/* enum: Get MAC configuration info */ +#define MC_CMD_FC_OP_UHLINK_MAC 0x2 +/* enum: Get Rx eye table */ +#define MC_CMD_FC_OP_UHLINK_RX_EYE 0x3 +/* enum: Get Rx eye plot */ +#define MC_CMD_FC_OP_UHLINK_DUMP_RX_EYE_PLOT 0x4 +/* enum: Get Rx eye plot */ +#define MC_CMD_FC_OP_UHLINK_READ_RX_EYE_PLOT 0x5 +/* enum: Retune Rx settings */ +#define MC_CMD_FC_OP_UHLINK_RX_TUNE 0x6 +/* enum: Set loopback mode on fpga port */ +#define MC_CMD_FC_OP_UHLINK_LOOPBACK_SET 0x7 +/* enum: Get loopback mode config state on fpga port */ +#define MC_CMD_FC_OP_UHLINK_LOOPBACK_GET 0x8 +#define MC_CMD_FC_IN_UHLINK_PORT_TYPE_LBN 8 +#define MC_CMD_FC_IN_UHLINK_PORT_TYPE_WIDTH 8 +#define MC_CMD_FC_IN_UHLINK_PORT_IDX_LBN 16 +#define MC_CMD_FC_IN_UHLINK_PORT_IDX_WIDTH 8 +#define MC_CMD_FC_IN_UHLINK_CMD_FORMAT_LBN 24 +#define MC_CMD_FC_IN_UHLINK_CMD_FORMAT_WIDTH 8 +/* enum: Default FC command format; the fields PORT_TYPE and PORT_IDX are + * irrelevant. Port number is derived from pci_fn; passed in FC header. + */ +#define MC_CMD_FC_OP_UHLINK_CMD_FORMAT_DEFAULT 0x0 +/* enum: Override default port number. Port number determined by fields + * PORT_TYPE and PORT_IDX. + */ +#define MC_CMD_FC_OP_UHLINK_CMD_FORMAT_PORT_OVERRIDE 0x1 + +/* MC_CMD_FC_OP_UHLINK_PHY msgrequest */ +#define MC_CMD_FC_OP_UHLINK_PHY_LEN 8 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +/* MC_CMD_FC_IN_UHLINK_HEADER_OFST 4 */ +/* MC_CMD_FC_IN_UHLINK_HEADER_LEN 4 */ + +/* MC_CMD_FC_OP_UHLINK_MAC msgrequest */ +#define MC_CMD_FC_OP_UHLINK_MAC_LEN 8 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +/* MC_CMD_FC_IN_UHLINK_HEADER_OFST 4 */ +/* MC_CMD_FC_IN_UHLINK_HEADER_LEN 4 */ + +/* MC_CMD_FC_OP_UHLINK_RX_EYE msgrequest */ +#define MC_CMD_FC_OP_UHLINK_RX_EYE_LEN 12 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +/* MC_CMD_FC_IN_UHLINK_HEADER_OFST 4 */ +/* MC_CMD_FC_IN_UHLINK_HEADER_LEN 4 */ +#define MC_CMD_FC_OP_UHLINK_RX_EYE_INDEX_OFST 8 +#define MC_CMD_FC_OP_UHLINK_RX_EYE_INDEX_LEN 4 +#define MC_CMD_FC_UHLINK_RX_EYE_PER_BLOCK 0x30 /* enum */ + +/* MC_CMD_FC_OP_UHLINK_DUMP_RX_EYE_PLOT msgrequest */ +#define MC_CMD_FC_OP_UHLINK_DUMP_RX_EYE_PLOT_LEN 8 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +/* MC_CMD_FC_IN_UHLINK_HEADER_OFST 4 */ +/* MC_CMD_FC_IN_UHLINK_HEADER_LEN 4 */ + +/* MC_CMD_FC_OP_UHLINK_READ_RX_EYE_PLOT msgrequest */ +#define MC_CMD_FC_OP_UHLINK_READ_RX_EYE_PLOT_LEN 20 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +/* MC_CMD_FC_IN_UHLINK_HEADER_OFST 4 */ +/* MC_CMD_FC_IN_UHLINK_HEADER_LEN 4 */ +#define MC_CMD_FC_OP_UHLINK_READ_RX_EYE_PLOT_DC_GAIN_OFST 8 +#define MC_CMD_FC_OP_UHLINK_READ_RX_EYE_PLOT_DC_GAIN_LEN 4 +#define MC_CMD_FC_OP_UHLINK_READ_RX_EYE_PLOT_EQ_CONTROL_OFST 12 +#define MC_CMD_FC_OP_UHLINK_READ_RX_EYE_PLOT_EQ_CONTROL_LEN 4 +#define MC_CMD_FC_OP_UHLINK_READ_RX_EYE_PLOT_INDEX_OFST 16 +#define MC_CMD_FC_OP_UHLINK_READ_RX_EYE_PLOT_INDEX_LEN 4 +#define MC_CMD_FC_UHLINK_RX_EYE_PLOT_ROWS_PER_BLOCK 0x1e /* enum */ + +/* MC_CMD_FC_OP_UHLINK_RX_TUNE msgrequest */ +#define MC_CMD_FC_OP_UHLINK_RX_TUNE_LEN 8 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +/* MC_CMD_FC_IN_UHLINK_HEADER_OFST 4 */ +/* MC_CMD_FC_IN_UHLINK_HEADER_LEN 4 */ + +/* MC_CMD_FC_OP_UHLINK_LOOPBACK_SET msgrequest */ +#define MC_CMD_FC_OP_UHLINK_LOOPBACK_SET_LEN 16 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +/* MC_CMD_FC_IN_UHLINK_HEADER_OFST 4 */ +/* MC_CMD_FC_IN_UHLINK_HEADER_LEN 4 */ +#define MC_CMD_FC_OP_UHLINK_LOOPBACK_SET_TYPE_OFST 8 +#define MC_CMD_FC_OP_UHLINK_LOOPBACK_SET_TYPE_LEN 4 +#define MC_CMD_FC_UHLINK_LOOPBACK_TYPE_PCS_SERIAL 0x0 /* enum */ +#define MC_CMD_FC_UHLINK_LOOPBACK_TYPE_PMA_PRE_CDR 0x1 /* enum */ +#define MC_CMD_FC_UHLINK_LOOPBACK_TYPE_PMA_POST_CDR 0x2 /* enum */ +#define MC_CMD_FC_OP_UHLINK_LOOPBACK_SET_STATE_OFST 12 +#define MC_CMD_FC_OP_UHLINK_LOOPBACK_SET_STATE_LEN 4 +#define MC_CMD_FC_UHLINK_LOOPBACK_STATE_OFF 0x0 /* enum */ +#define MC_CMD_FC_UHLINK_LOOPBACK_STATE_ON 0x1 /* enum */ + +/* MC_CMD_FC_OP_UHLINK_LOOPBACK_GET msgrequest */ +#define MC_CMD_FC_OP_UHLINK_LOOPBACK_GET_LEN 12 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +/* MC_CMD_FC_IN_UHLINK_HEADER_OFST 4 */ +/* MC_CMD_FC_IN_UHLINK_HEADER_LEN 4 */ +#define MC_CMD_FC_OP_UHLINK_LOOPBACK_GET_TYPE_OFST 8 +#define MC_CMD_FC_OP_UHLINK_LOOPBACK_GET_TYPE_LEN 4 + +/* MC_CMD_FC_IN_SET_LINK msgrequest */ +#define MC_CMD_FC_IN_SET_LINK_LEN 16 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +/* See MC_CMD_GET_LOOPBACK_MODES/MC_CMD_GET_LOOPBACK_MODES_OUT/100M */ +#define MC_CMD_FC_IN_SET_LINK_MODE_OFST 4 +#define MC_CMD_FC_IN_SET_LINK_MODE_LEN 4 +#define MC_CMD_FC_IN_SET_LINK_SPEED_OFST 8 +#define MC_CMD_FC_IN_SET_LINK_SPEED_LEN 4 +#define MC_CMD_FC_IN_SET_LINK_FLAGS_OFST 12 +#define MC_CMD_FC_IN_SET_LINK_FLAGS_LEN 4 +#define MC_CMD_FC_IN_SET_LINK_LOWPOWER_LBN 0 +#define MC_CMD_FC_IN_SET_LINK_LOWPOWER_WIDTH 1 +#define MC_CMD_FC_IN_SET_LINK_POWEROFF_LBN 1 +#define MC_CMD_FC_IN_SET_LINK_POWEROFF_WIDTH 1 +#define MC_CMD_FC_IN_SET_LINK_TXDIS_LBN 2 +#define MC_CMD_FC_IN_SET_LINK_TXDIS_WIDTH 1 + +/* MC_CMD_FC_IN_LICENSE msgrequest */ +#define MC_CMD_FC_IN_LICENSE_LEN 8 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +#define MC_CMD_FC_IN_LICENSE_OP_OFST 4 +#define MC_CMD_FC_IN_LICENSE_OP_LEN 4 +#define MC_CMD_FC_IN_LICENSE_UPDATE_LICENSE 0x0 /* enum */ +#define MC_CMD_FC_IN_LICENSE_GET_KEY_STATS 0x1 /* enum */ + +/* MC_CMD_FC_IN_STARTUP msgrequest */ +#define MC_CMD_FC_IN_STARTUP_LEN 40 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +#define MC_CMD_FC_IN_STARTUP_BASE_OFST 4 +#define MC_CMD_FC_IN_STARTUP_BASE_LEN 4 +#define MC_CMD_FC_IN_STARTUP_LENGTH_OFST 8 +#define MC_CMD_FC_IN_STARTUP_LENGTH_LEN 4 +/* Length of identifier */ +#define MC_CMD_FC_IN_STARTUP_IDLENGTH_OFST 12 +#define MC_CMD_FC_IN_STARTUP_IDLENGTH_LEN 4 +/* Identifier for AOE FPGA */ +#define MC_CMD_FC_IN_STARTUP_ID_OFST 16 +#define MC_CMD_FC_IN_STARTUP_ID_LEN 1 +#define MC_CMD_FC_IN_STARTUP_ID_NUM 24 + +/* MC_CMD_FC_IN_DMA msgrequest */ +#define MC_CMD_FC_IN_DMA_LEN 8 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +#define MC_CMD_FC_IN_DMA_OP_OFST 4 +#define MC_CMD_FC_IN_DMA_OP_LEN 4 +#define MC_CMD_FC_IN_DMA_STOP 0x0 /* enum */ +#define MC_CMD_FC_IN_DMA_READ 0x1 /* enum */ + +/* MC_CMD_FC_IN_DMA_STOP msgrequest */ +#define MC_CMD_FC_IN_DMA_STOP_LEN 12 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +/* MC_CMD_FC_IN_DMA_OP_OFST 4 */ +/* MC_CMD_FC_IN_DMA_OP_LEN 4 */ +/* FC supplied handle */ +#define MC_CMD_FC_IN_DMA_STOP_FC_HANDLE_OFST 8 +#define MC_CMD_FC_IN_DMA_STOP_FC_HANDLE_LEN 4 + +/* MC_CMD_FC_IN_DMA_READ msgrequest */ +#define MC_CMD_FC_IN_DMA_READ_LEN 16 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +/* MC_CMD_FC_IN_DMA_OP_OFST 4 */ +/* MC_CMD_FC_IN_DMA_OP_LEN 4 */ +#define MC_CMD_FC_IN_DMA_READ_OFFSET_OFST 8 +#define MC_CMD_FC_IN_DMA_READ_OFFSET_LEN 4 +#define MC_CMD_FC_IN_DMA_READ_LENGTH_OFST 12 +#define MC_CMD_FC_IN_DMA_READ_LENGTH_LEN 4 + +/* MC_CMD_FC_IN_TIMED_READ msgrequest */ +#define MC_CMD_FC_IN_TIMED_READ_LEN 8 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +#define MC_CMD_FC_IN_TIMED_READ_OP_OFST 4 +#define MC_CMD_FC_IN_TIMED_READ_OP_LEN 4 +#define MC_CMD_FC_IN_TIMED_READ_SET 0x0 /* enum */ +#define MC_CMD_FC_IN_TIMED_READ_GET 0x1 /* enum */ +#define MC_CMD_FC_IN_TIMED_READ_CLEAR 0x2 /* enum */ + +/* MC_CMD_FC_IN_TIMED_READ_SET msgrequest */ +#define MC_CMD_FC_IN_TIMED_READ_SET_LEN 52 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +/* MC_CMD_FC_IN_TIMED_READ_OP_OFST 4 */ +/* MC_CMD_FC_IN_TIMED_READ_OP_LEN 4 */ +/* Host supplied handle (unique) */ +#define MC_CMD_FC_IN_TIMED_READ_SET_HOST_HANDLE_OFST 8 +#define MC_CMD_FC_IN_TIMED_READ_SET_HOST_HANDLE_LEN 4 +/* Address into which to transfer data in host */ +#define MC_CMD_FC_IN_TIMED_READ_SET_HOST_DMA_ADDRESS_OFST 12 +#define MC_CMD_FC_IN_TIMED_READ_SET_HOST_DMA_ADDRESS_LEN 8 +#define MC_CMD_FC_IN_TIMED_READ_SET_HOST_DMA_ADDRESS_LO_OFST 12 +#define MC_CMD_FC_IN_TIMED_READ_SET_HOST_DMA_ADDRESS_HI_OFST 16 +/* AOE address from which to transfer data */ +#define MC_CMD_FC_IN_TIMED_READ_SET_AOE_ADDRESS_OFST 20 +#define MC_CMD_FC_IN_TIMED_READ_SET_AOE_ADDRESS_LEN 8 +#define MC_CMD_FC_IN_TIMED_READ_SET_AOE_ADDRESS_LO_OFST 20 +#define MC_CMD_FC_IN_TIMED_READ_SET_AOE_ADDRESS_HI_OFST 24 +/* Length of AOE transfer (total) */ +#define MC_CMD_FC_IN_TIMED_READ_SET_AOE_LENGTH_OFST 28 +#define MC_CMD_FC_IN_TIMED_READ_SET_AOE_LENGTH_LEN 4 +/* Length of host transfer (total) */ +#define MC_CMD_FC_IN_TIMED_READ_SET_HOST_LENGTH_OFST 32 +#define MC_CMD_FC_IN_TIMED_READ_SET_HOST_LENGTH_LEN 4 +/* Offset back from aoe_address to apply operation to */ +#define MC_CMD_FC_IN_TIMED_READ_SET_OFFSET_OFST 36 +#define MC_CMD_FC_IN_TIMED_READ_SET_OFFSET_LEN 4 +/* Data to apply at offset */ +#define MC_CMD_FC_IN_TIMED_READ_SET_DATA_OFST 40 +#define MC_CMD_FC_IN_TIMED_READ_SET_DATA_LEN 4 +#define MC_CMD_FC_IN_TIMED_READ_SET_FLAGS_OFST 44 +#define MC_CMD_FC_IN_TIMED_READ_SET_FLAGS_LEN 4 +#define MC_CMD_FC_IN_TIMED_READ_SET_INDIRECT_LBN 0 +#define MC_CMD_FC_IN_TIMED_READ_SET_INDIRECT_WIDTH 1 +#define MC_CMD_FC_IN_TIMED_READ_SET_DOUBLE_LBN 1 +#define MC_CMD_FC_IN_TIMED_READ_SET_DOUBLE_WIDTH 1 +#define MC_CMD_FC_IN_TIMED_READ_SET_EVENT_LBN 2 +#define MC_CMD_FC_IN_TIMED_READ_SET_EVENT_WIDTH 1 +#define MC_CMD_FC_IN_TIMED_READ_SET_PREREAD_LBN 3 +#define MC_CMD_FC_IN_TIMED_READ_SET_PREREAD_WIDTH 2 +#define MC_CMD_FC_IN_TIMED_READ_SET_NONE 0x0 /* enum */ +#define MC_CMD_FC_IN_TIMED_READ_SET_READ 0x1 /* enum */ +#define MC_CMD_FC_IN_TIMED_READ_SET_WRITE 0x2 /* enum */ +#define MC_CMD_FC_IN_TIMED_READ_SET_READWRITE 0x3 /* enum */ +/* Period at which reads are performed (100ms units) */ +#define MC_CMD_FC_IN_TIMED_READ_SET_PERIOD_OFST 48 +#define MC_CMD_FC_IN_TIMED_READ_SET_PERIOD_LEN 4 + +/* MC_CMD_FC_IN_TIMED_READ_GET msgrequest */ +#define MC_CMD_FC_IN_TIMED_READ_GET_LEN 12 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +/* MC_CMD_FC_IN_TIMED_READ_OP_OFST 4 */ +/* MC_CMD_FC_IN_TIMED_READ_OP_LEN 4 */ +/* FC supplied handle */ +#define MC_CMD_FC_IN_TIMED_READ_GET_FC_HANDLE_OFST 8 +#define MC_CMD_FC_IN_TIMED_READ_GET_FC_HANDLE_LEN 4 + +/* MC_CMD_FC_IN_TIMED_READ_CLEAR msgrequest */ +#define MC_CMD_FC_IN_TIMED_READ_CLEAR_LEN 12 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +/* MC_CMD_FC_IN_TIMED_READ_OP_OFST 4 */ +/* MC_CMD_FC_IN_TIMED_READ_OP_LEN 4 */ +/* FC supplied handle */ +#define MC_CMD_FC_IN_TIMED_READ_CLEAR_FC_HANDLE_OFST 8 +#define MC_CMD_FC_IN_TIMED_READ_CLEAR_FC_HANDLE_LEN 4 + +/* MC_CMD_FC_IN_LOG msgrequest */ +#define MC_CMD_FC_IN_LOG_LEN 8 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +#define MC_CMD_FC_IN_LOG_OP_OFST 4 +#define MC_CMD_FC_IN_LOG_OP_LEN 4 +#define MC_CMD_FC_IN_LOG_ADDR_RANGE 0x0 /* enum */ +#define MC_CMD_FC_IN_LOG_JTAG_UART 0x1 /* enum */ + +/* MC_CMD_FC_IN_LOG_ADDR_RANGE msgrequest */ +#define MC_CMD_FC_IN_LOG_ADDR_RANGE_LEN 20 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +/* MC_CMD_FC_IN_LOG_OP_OFST 4 */ +/* MC_CMD_FC_IN_LOG_OP_LEN 4 */ +/* Partition offset into flash */ +#define MC_CMD_FC_IN_LOG_ADDR_RANGE_OFFSET_OFST 8 +#define MC_CMD_FC_IN_LOG_ADDR_RANGE_OFFSET_LEN 4 +/* Partition length */ +#define MC_CMD_FC_IN_LOG_ADDR_RANGE_LENGTH_OFST 12 +#define MC_CMD_FC_IN_LOG_ADDR_RANGE_LENGTH_LEN 4 +/* Partition erase size */ +#define MC_CMD_FC_IN_LOG_ADDR_RANGE_ERASE_SIZE_OFST 16 +#define MC_CMD_FC_IN_LOG_ADDR_RANGE_ERASE_SIZE_LEN 4 + +/* MC_CMD_FC_IN_LOG_JTAG_UART msgrequest */ +#define MC_CMD_FC_IN_LOG_JTAG_UART_LEN 12 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +/* MC_CMD_FC_IN_LOG_OP_OFST 4 */ +/* MC_CMD_FC_IN_LOG_OP_LEN 4 */ +/* Enable/disable printing to JTAG UART */ +#define MC_CMD_FC_IN_LOG_JTAG_UART_ENABLE_OFST 8 +#define MC_CMD_FC_IN_LOG_JTAG_UART_ENABLE_LEN 4 + +/* MC_CMD_FC_IN_CLOCK msgrequest: Perform a clock operation */ +#define MC_CMD_FC_IN_CLOCK_LEN 12 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +#define MC_CMD_FC_IN_CLOCK_OP_OFST 4 +#define MC_CMD_FC_IN_CLOCK_OP_LEN 4 +#define MC_CMD_FC_IN_CLOCK_GET_TIME 0x0 /* enum */ +#define MC_CMD_FC_IN_CLOCK_SET_TIME 0x1 /* enum */ +#define MC_CMD_FC_IN_CLOCK_ID_OFST 8 +#define MC_CMD_FC_IN_CLOCK_ID_LEN 4 +#define MC_CMD_FC_IN_CLOCK_STATS 0x0 /* enum */ +#define MC_CMD_FC_IN_CLOCK_MAC 0x1 /* enum */ + +/* MC_CMD_FC_IN_CLOCK_GET_TIME msgrequest: Retrieve the clock value of the + * specified clock + */ +#define MC_CMD_FC_IN_CLOCK_GET_TIME_LEN 12 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +/* MC_CMD_FC_IN_CLOCK_OP_OFST 4 */ +/* MC_CMD_FC_IN_CLOCK_OP_LEN 4 */ +/* MC_CMD_FC_IN_CLOCK_ID_OFST 8 */ +/* MC_CMD_FC_IN_CLOCK_ID_LEN 4 */ + +/* MC_CMD_FC_IN_CLOCK_SET_TIME msgrequest: Set the clock value of the specified + * clock + */ +#define MC_CMD_FC_IN_CLOCK_SET_TIME_LEN 24 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +/* MC_CMD_FC_IN_CLOCK_OP_OFST 4 */ +/* MC_CMD_FC_IN_CLOCK_OP_LEN 4 */ +/* MC_CMD_FC_IN_CLOCK_ID_OFST 8 */ +/* MC_CMD_FC_IN_CLOCK_ID_LEN 4 */ +#define MC_CMD_FC_IN_CLOCK_SET_TIME_SECONDS_OFST 12 +#define MC_CMD_FC_IN_CLOCK_SET_TIME_SECONDS_LEN 8 +#define MC_CMD_FC_IN_CLOCK_SET_TIME_SECONDS_LO_OFST 12 +#define MC_CMD_FC_IN_CLOCK_SET_TIME_SECONDS_HI_OFST 16 +#define MC_CMD_FC_IN_CLOCK_SET_TIME_NANOSECONDS_OFST 20 +#define MC_CMD_FC_IN_CLOCK_SET_TIME_NANOSECONDS_LEN 4 + +/* MC_CMD_FC_IN_DDR msgrequest */ +#define MC_CMD_FC_IN_DDR_LEN 12 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +#define MC_CMD_FC_IN_DDR_OP_OFST 4 +#define MC_CMD_FC_IN_DDR_OP_LEN 4 +#define MC_CMD_FC_IN_DDR_SET_SPD 0x0 /* enum */ +#define MC_CMD_FC_IN_DDR_GET_STATUS 0x1 /* enum */ +#define MC_CMD_FC_IN_DDR_SET_INFO 0x2 /* enum */ +#define MC_CMD_FC_IN_DDR_BANK_OFST 8 +#define MC_CMD_FC_IN_DDR_BANK_LEN 4 +#define MC_CMD_FC_IN_DDR_BANK_B0 0x0 /* enum */ +#define MC_CMD_FC_IN_DDR_BANK_B1 0x1 /* enum */ +#define MC_CMD_FC_IN_DDR_BANK_T0 0x2 /* enum */ +#define MC_CMD_FC_IN_DDR_BANK_T1 0x3 /* enum */ +#define MC_CMD_FC_IN_DDR_NUM_BANKS 0x4 /* enum */ + +/* MC_CMD_FC_IN_DDR_SET_SPD msgrequest */ +#define MC_CMD_FC_IN_DDR_SET_SPD_LEN 148 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +/* MC_CMD_FC_IN_DDR_OP_OFST 4 */ +/* MC_CMD_FC_IN_DDR_OP_LEN 4 */ +/* Affected bank */ +/* MC_CMD_FC_IN_DDR_BANK_OFST 8 */ +/* MC_CMD_FC_IN_DDR_BANK_LEN 4 */ +/* Flags */ +#define MC_CMD_FC_IN_DDR_FLAGS_OFST 12 +#define MC_CMD_FC_IN_DDR_FLAGS_LEN 4 +#define MC_CMD_FC_IN_DDR_SET_SPD_ACTIVE 0x1 /* enum */ +/* 128-byte page of serial presence detect data read from module's EEPROM */ +#define MC_CMD_FC_IN_DDR_SPD_OFST 16 +#define MC_CMD_FC_IN_DDR_SPD_LEN 1 +#define MC_CMD_FC_IN_DDR_SPD_NUM 128 +/* Page index of the spd data copied into MC_CMD_FC_IN_DDR_SPD */ +#define MC_CMD_FC_IN_DDR_SPD_PAGE_ID_OFST 144 +#define MC_CMD_FC_IN_DDR_SPD_PAGE_ID_LEN 4 + +/* MC_CMD_FC_IN_DDR_SET_INFO msgrequest */ +#define MC_CMD_FC_IN_DDR_SET_INFO_LEN 16 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +/* MC_CMD_FC_IN_DDR_OP_OFST 4 */ +/* MC_CMD_FC_IN_DDR_OP_LEN 4 */ +/* Affected bank */ +/* MC_CMD_FC_IN_DDR_BANK_OFST 8 */ +/* MC_CMD_FC_IN_DDR_BANK_LEN 4 */ +/* Size of DDR */ +#define MC_CMD_FC_IN_DDR_SIZE_OFST 12 +#define MC_CMD_FC_IN_DDR_SIZE_LEN 4 + +/* MC_CMD_FC_IN_DDR_GET_STATUS msgrequest */ +#define MC_CMD_FC_IN_DDR_GET_STATUS_LEN 12 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +/* MC_CMD_FC_IN_DDR_OP_OFST 4 */ +/* MC_CMD_FC_IN_DDR_OP_LEN 4 */ +/* Affected bank */ +/* MC_CMD_FC_IN_DDR_BANK_OFST 8 */ +/* MC_CMD_FC_IN_DDR_BANK_LEN 4 */ + +/* MC_CMD_FC_IN_TIMESTAMP msgrequest */ +#define MC_CMD_FC_IN_TIMESTAMP_LEN 8 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +/* FC timestamp operation code */ +#define MC_CMD_FC_IN_TIMESTAMP_OP_OFST 4 +#define MC_CMD_FC_IN_TIMESTAMP_OP_LEN 4 +/* enum: Read transmit timestamp(s) */ +#define MC_CMD_FC_IN_TIMESTAMP_READ_TRANSMIT 0x0 +/* enum: Read snapshot timestamps */ +#define MC_CMD_FC_IN_TIMESTAMP_READ_SNAPSHOT 0x1 +/* enum: Clear all transmit timestamps */ +#define MC_CMD_FC_IN_TIMESTAMP_CLEAR_TRANSMIT 0x2 + +/* MC_CMD_FC_IN_TIMESTAMP_READ_TRANSMIT msgrequest */ +#define MC_CMD_FC_IN_TIMESTAMP_READ_TRANSMIT_LEN 28 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +#define MC_CMD_FC_IN_TIMESTAMP_READ_TRANSMIT_OP_OFST 4 +#define MC_CMD_FC_IN_TIMESTAMP_READ_TRANSMIT_OP_LEN 4 +/* Control filtering of the returned timestamp and sequence number specified + * here + */ +#define MC_CMD_FC_IN_TIMESTAMP_READ_TRANSMIT_FILTER_OFST 8 +#define MC_CMD_FC_IN_TIMESTAMP_READ_TRANSMIT_FILTER_LEN 4 +/* enum: Return most recent timestamp. No filtering */ +#define MC_CMD_FC_IN_TIMESTAMP_READ_TRANSMIT_LATEST 0x0 +/* enum: Match timestamp against the PTP clock ID, port number and sequence + * number specified + */ +#define MC_CMD_FC_IN_TIMESTAMP_READ_TRANSMIT_MATCH 0x1 +/* Clock identity of PTP packet for which timestamp required */ +#define MC_CMD_FC_IN_TIMESTAMP_READ_TRANSMIT_CLOCK_ID_OFST 12 +#define MC_CMD_FC_IN_TIMESTAMP_READ_TRANSMIT_CLOCK_ID_LEN 8 +#define MC_CMD_FC_IN_TIMESTAMP_READ_TRANSMIT_CLOCK_ID_LO_OFST 12 +#define MC_CMD_FC_IN_TIMESTAMP_READ_TRANSMIT_CLOCK_ID_HI_OFST 16 +/* Port number of PTP packet for which timestamp required */ +#define MC_CMD_FC_IN_TIMESTAMP_READ_TRANSMIT_PORT_NUM_OFST 20 +#define MC_CMD_FC_IN_TIMESTAMP_READ_TRANSMIT_PORT_NUM_LEN 4 +/* Sequence number of PTP packet for which timestamp required */ +#define MC_CMD_FC_IN_TIMESTAMP_READ_TRANSMIT_SEQ_NUM_OFST 24 +#define MC_CMD_FC_IN_TIMESTAMP_READ_TRANSMIT_SEQ_NUM_LEN 4 + +/* MC_CMD_FC_IN_TIMESTAMP_READ_SNAPSHOT msgrequest */ +#define MC_CMD_FC_IN_TIMESTAMP_READ_SNAPSHOT_LEN 8 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +#define MC_CMD_FC_IN_TIMESTAMP_READ_SNAPSHOT_OP_OFST 4 +#define MC_CMD_FC_IN_TIMESTAMP_READ_SNAPSHOT_OP_LEN 4 + +/* MC_CMD_FC_IN_TIMESTAMP_CLEAR_TRANSMIT msgrequest */ +#define MC_CMD_FC_IN_TIMESTAMP_CLEAR_TRANSMIT_LEN 8 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +#define MC_CMD_FC_IN_TIMESTAMP_CLEAR_TRANSMIT_OP_OFST 4 +#define MC_CMD_FC_IN_TIMESTAMP_CLEAR_TRANSMIT_OP_LEN 4 + +/* MC_CMD_FC_IN_SPI msgrequest */ +#define MC_CMD_FC_IN_SPI_LEN 8 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +/* Basic commands for SPI Flash. */ +#define MC_CMD_FC_IN_SPI_OP_OFST 4 +#define MC_CMD_FC_IN_SPI_OP_LEN 4 +/* enum: SPI Flash read */ +#define MC_CMD_FC_IN_SPI_READ 0x0 +/* enum: SPI Flash write */ +#define MC_CMD_FC_IN_SPI_WRITE 0x1 +/* enum: SPI Flash erase */ +#define MC_CMD_FC_IN_SPI_ERASE 0x2 + +/* MC_CMD_FC_IN_SPI_READ msgrequest */ +#define MC_CMD_FC_IN_SPI_READ_LEN 16 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +#define MC_CMD_FC_IN_SPI_READ_OP_OFST 4 +#define MC_CMD_FC_IN_SPI_READ_OP_LEN 4 +#define MC_CMD_FC_IN_SPI_READ_ADDR_OFST 8 +#define MC_CMD_FC_IN_SPI_READ_ADDR_LEN 4 +#define MC_CMD_FC_IN_SPI_READ_NUMBYTES_OFST 12 +#define MC_CMD_FC_IN_SPI_READ_NUMBYTES_LEN 4 + +/* MC_CMD_FC_IN_SPI_WRITE msgrequest */ +#define MC_CMD_FC_IN_SPI_WRITE_LENMIN 16 +#define MC_CMD_FC_IN_SPI_WRITE_LENMAX 252 +#define MC_CMD_FC_IN_SPI_WRITE_LEN(num) (12+4*(num)) +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +#define MC_CMD_FC_IN_SPI_WRITE_OP_OFST 4 +#define MC_CMD_FC_IN_SPI_WRITE_OP_LEN 4 +#define MC_CMD_FC_IN_SPI_WRITE_ADDR_OFST 8 +#define MC_CMD_FC_IN_SPI_WRITE_ADDR_LEN 4 +#define MC_CMD_FC_IN_SPI_WRITE_BUFFER_OFST 12 +#define MC_CMD_FC_IN_SPI_WRITE_BUFFER_LEN 4 +#define MC_CMD_FC_IN_SPI_WRITE_BUFFER_MINNUM 1 +#define MC_CMD_FC_IN_SPI_WRITE_BUFFER_MAXNUM 60 + +/* MC_CMD_FC_IN_SPI_ERASE msgrequest */ +#define MC_CMD_FC_IN_SPI_ERASE_LEN 16 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +#define MC_CMD_FC_IN_SPI_ERASE_OP_OFST 4 +#define MC_CMD_FC_IN_SPI_ERASE_OP_LEN 4 +#define MC_CMD_FC_IN_SPI_ERASE_ADDR_OFST 8 +#define MC_CMD_FC_IN_SPI_ERASE_ADDR_LEN 4 +#define MC_CMD_FC_IN_SPI_ERASE_NUMBYTES_OFST 12 +#define MC_CMD_FC_IN_SPI_ERASE_NUMBYTES_LEN 4 + +/* MC_CMD_FC_IN_DIAG msgrequest */ +#define MC_CMD_FC_IN_DIAG_LEN 8 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +/* Operation code indicating component type */ +#define MC_CMD_FC_IN_DIAG_OP_OFST 4 +#define MC_CMD_FC_IN_DIAG_OP_LEN 4 +/* enum: Power noise generator. */ +#define MC_CMD_FC_IN_DIAG_POWER_NOISE 0x0 +/* enum: DDR soak test component. */ +#define MC_CMD_FC_IN_DIAG_DDR_SOAK 0x1 +/* enum: Diagnostics datapath control component. */ +#define MC_CMD_FC_IN_DIAG_DATAPATH_CTRL 0x2 + +/* MC_CMD_FC_IN_DIAG_POWER_NOISE msgrequest */ +#define MC_CMD_FC_IN_DIAG_POWER_NOISE_LEN 12 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +#define MC_CMD_FC_IN_DIAG_POWER_NOISE_OP_OFST 4 +#define MC_CMD_FC_IN_DIAG_POWER_NOISE_OP_LEN 4 +/* Sub-opcode describing the operation to be carried out */ +#define MC_CMD_FC_IN_DIAG_POWER_NOISE_SUB_OP_OFST 8 +#define MC_CMD_FC_IN_DIAG_POWER_NOISE_SUB_OP_LEN 4 +/* enum: Read the configuration (the 32-bit values in each of the clock enable + * count and toggle count registers) + */ +#define MC_CMD_FC_IN_DIAG_POWER_NOISE_READ_CONFIG 0x0 +/* enum: Write a new configuration to the clock enable count and toggle count + * registers + */ +#define MC_CMD_FC_IN_DIAG_POWER_NOISE_WRITE_CONFIG 0x1 + +/* MC_CMD_FC_IN_DIAG_POWER_NOISE_READ_CONFIG msgrequest */ +#define MC_CMD_FC_IN_DIAG_POWER_NOISE_READ_CONFIG_LEN 12 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +#define MC_CMD_FC_IN_DIAG_POWER_NOISE_READ_CONFIG_OP_OFST 4 +#define MC_CMD_FC_IN_DIAG_POWER_NOISE_READ_CONFIG_OP_LEN 4 +#define MC_CMD_FC_IN_DIAG_POWER_NOISE_READ_CONFIG_SUB_OP_OFST 8 +#define MC_CMD_FC_IN_DIAG_POWER_NOISE_READ_CONFIG_SUB_OP_LEN 4 + +/* MC_CMD_FC_IN_DIAG_POWER_NOISE_WRITE_CONFIG msgrequest */ +#define MC_CMD_FC_IN_DIAG_POWER_NOISE_WRITE_CONFIG_LEN 20 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +#define MC_CMD_FC_IN_DIAG_POWER_NOISE_WRITE_CONFIG_OP_OFST 4 +#define MC_CMD_FC_IN_DIAG_POWER_NOISE_WRITE_CONFIG_OP_LEN 4 +#define MC_CMD_FC_IN_DIAG_POWER_NOISE_WRITE_CONFIG_SUB_OP_OFST 8 +#define MC_CMD_FC_IN_DIAG_POWER_NOISE_WRITE_CONFIG_SUB_OP_LEN 4 +/* The 32-bit value to be written to the toggle count register */ +#define MC_CMD_FC_IN_DIAG_POWER_NOISE_WRITE_CONFIG_TOGGLE_COUNT_OFST 12 +#define MC_CMD_FC_IN_DIAG_POWER_NOISE_WRITE_CONFIG_TOGGLE_COUNT_LEN 4 +/* The 32-bit value to be written to the clock enable count register */ +#define MC_CMD_FC_IN_DIAG_POWER_NOISE_WRITE_CONFIG_CLKEN_COUNT_OFST 16 +#define MC_CMD_FC_IN_DIAG_POWER_NOISE_WRITE_CONFIG_CLKEN_COUNT_LEN 4 + +/* MC_CMD_FC_IN_DIAG_DDR_SOAK msgrequest */ +#define MC_CMD_FC_IN_DIAG_DDR_SOAK_LEN 12 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +#define MC_CMD_FC_IN_DIAG_DDR_SOAK_OP_OFST 4 +#define MC_CMD_FC_IN_DIAG_DDR_SOAK_OP_LEN 4 +/* Sub-opcode describing the operation to be carried out */ +#define MC_CMD_FC_IN_DIAG_DDR_SOAK_SUB_OP_OFST 8 +#define MC_CMD_FC_IN_DIAG_DDR_SOAK_SUB_OP_LEN 4 +/* enum: Starts DDR soak test on selected banks */ +#define MC_CMD_FC_IN_DIAG_DDR_SOAK_START 0x0 +/* enum: Read status of DDR soak test */ +#define MC_CMD_FC_IN_DIAG_DDR_SOAK_RESULT 0x1 +/* enum: Stop test */ +#define MC_CMD_FC_IN_DIAG_DDR_SOAK_STOP 0x2 +/* enum: Set or clear bit that triggers fake errors. These cause subsequent + * tests to fail until the bit is cleared. + */ +#define MC_CMD_FC_IN_DIAG_DDR_SOAK_ERROR 0x3 + +/* MC_CMD_FC_IN_DIAG_DDR_SOAK_START msgrequest */ +#define MC_CMD_FC_IN_DIAG_DDR_SOAK_START_LEN 24 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +#define MC_CMD_FC_IN_DIAG_DDR_SOAK_START_OP_OFST 4 +#define MC_CMD_FC_IN_DIAG_DDR_SOAK_START_OP_LEN 4 +#define MC_CMD_FC_IN_DIAG_DDR_SOAK_START_SUB_OP_OFST 8 +#define MC_CMD_FC_IN_DIAG_DDR_SOAK_START_SUB_OP_LEN 4 +/* Mask of DDR banks to be tested */ +#define MC_CMD_FC_IN_DIAG_DDR_SOAK_START_BANK_MASK_OFST 12 +#define MC_CMD_FC_IN_DIAG_DDR_SOAK_START_BANK_MASK_LEN 4 +/* Pattern to use in the soak test */ +#define MC_CMD_FC_IN_DIAG_DDR_SOAK_START_TEST_PATTERN_OFST 16 +#define MC_CMD_FC_IN_DIAG_DDR_SOAK_START_TEST_PATTERN_LEN 4 +#define MC_CMD_FC_IN_DIAG_DDR_SOAK_START_ZEROS 0x0 /* enum */ +#define MC_CMD_FC_IN_DIAG_DDR_SOAK_START_ONES 0x1 /* enum */ +/* Either multiple automatic tests until a STOP command is issued, or one + * single test + */ +#define MC_CMD_FC_IN_DIAG_DDR_SOAK_START_TEST_TYPE_OFST 20 +#define MC_CMD_FC_IN_DIAG_DDR_SOAK_START_TEST_TYPE_LEN 4 +#define MC_CMD_FC_IN_DIAG_DDR_SOAK_START_ONGOING_TEST 0x0 /* enum */ +#define MC_CMD_FC_IN_DIAG_DDR_SOAK_START_SINGLE_TEST 0x1 /* enum */ + +/* MC_CMD_FC_IN_DIAG_DDR_SOAK_RESULT msgrequest */ +#define MC_CMD_FC_IN_DIAG_DDR_SOAK_RESULT_LEN 16 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +#define MC_CMD_FC_IN_DIAG_DDR_SOAK_RESULT_OP_OFST 4 +#define MC_CMD_FC_IN_DIAG_DDR_SOAK_RESULT_OP_LEN 4 +#define MC_CMD_FC_IN_DIAG_DDR_SOAK_RESULT_SUB_OP_OFST 8 +#define MC_CMD_FC_IN_DIAG_DDR_SOAK_RESULT_SUB_OP_LEN 4 +/* DDR bank to read status from */ +#define MC_CMD_FC_IN_DIAG_DDR_SOAK_RESULT_BANK_ID_OFST 12 +#define MC_CMD_FC_IN_DIAG_DDR_SOAK_RESULT_BANK_ID_LEN 4 +#define MC_CMD_FC_DDR_BANK0 0x0 /* enum */ +#define MC_CMD_FC_DDR_BANK1 0x1 /* enum */ +#define MC_CMD_FC_DDR_BANK2 0x2 /* enum */ +#define MC_CMD_FC_DDR_BANK3 0x3 /* enum */ +#define MC_CMD_FC_DDR_AOEMEM_MAX_BANKS 0x4 /* enum */ + +/* MC_CMD_FC_IN_DIAG_DDR_SOAK_STOP msgrequest */ +#define MC_CMD_FC_IN_DIAG_DDR_SOAK_STOP_LEN 16 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +#define MC_CMD_FC_IN_DIAG_DDR_SOAK_STOP_OP_OFST 4 +#define MC_CMD_FC_IN_DIAG_DDR_SOAK_STOP_OP_LEN 4 +#define MC_CMD_FC_IN_DIAG_DDR_SOAK_STOP_SUB_OP_OFST 8 +#define MC_CMD_FC_IN_DIAG_DDR_SOAK_STOP_SUB_OP_LEN 4 +/* Mask of DDR banks to be tested */ +#define MC_CMD_FC_IN_DIAG_DDR_SOAK_STOP_BANK_MASK_OFST 12 +#define MC_CMD_FC_IN_DIAG_DDR_SOAK_STOP_BANK_MASK_LEN 4 + +/* MC_CMD_FC_IN_DIAG_DDR_SOAK_ERROR msgrequest */ +#define MC_CMD_FC_IN_DIAG_DDR_SOAK_ERROR_LEN 20 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +#define MC_CMD_FC_IN_DIAG_DDR_SOAK_ERROR_OP_OFST 4 +#define MC_CMD_FC_IN_DIAG_DDR_SOAK_ERROR_OP_LEN 4 +#define MC_CMD_FC_IN_DIAG_DDR_SOAK_ERROR_SUB_OP_OFST 8 +#define MC_CMD_FC_IN_DIAG_DDR_SOAK_ERROR_SUB_OP_LEN 4 +/* Mask of DDR banks to set/clear error flag on */ +#define MC_CMD_FC_IN_DIAG_DDR_SOAK_ERROR_BANK_MASK_OFST 12 +#define MC_CMD_FC_IN_DIAG_DDR_SOAK_ERROR_BANK_MASK_LEN 4 +#define MC_CMD_FC_IN_DIAG_DDR_SOAK_ERROR_FLAG_ACTION_OFST 16 +#define MC_CMD_FC_IN_DIAG_DDR_SOAK_ERROR_FLAG_ACTION_LEN 4 +#define MC_CMD_FC_IN_DIAG_DDR_SOAK_ERROR_CLEAR 0x0 /* enum */ +#define MC_CMD_FC_IN_DIAG_DDR_SOAK_ERROR_SET 0x1 /* enum */ + +/* MC_CMD_FC_IN_DIAG_DATAPATH_CTRL msgrequest */ +#define MC_CMD_FC_IN_DIAG_DATAPATH_CTRL_LEN 12 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +#define MC_CMD_FC_IN_DIAG_DATAPATH_CTRL_OP_OFST 4 +#define MC_CMD_FC_IN_DIAG_DATAPATH_CTRL_OP_LEN 4 +/* Sub-opcode describing the operation to be carried out */ +#define MC_CMD_FC_IN_DIAG_DATAPATH_CTRL_SUB_OP_OFST 8 +#define MC_CMD_FC_IN_DIAG_DATAPATH_CTRL_SUB_OP_LEN 4 +/* enum: Set a known datapath configuration */ +#define MC_CMD_FC_IN_DIAG_DATAPATH_CTRL_SET_MODE 0x0 +/* enum: Apply raw config to datapath control registers */ +#define MC_CMD_FC_IN_DIAG_DATAPATH_CTRL_RAW_CONFIG 0x1 + +/* MC_CMD_FC_IN_DIAG_DATAPATH_CTRL_SET_MODE msgrequest */ +#define MC_CMD_FC_IN_DIAG_DATAPATH_CTRL_SET_MODE_LEN 16 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +#define MC_CMD_FC_IN_DIAG_DATAPATH_CTRL_SET_MODE_OP_OFST 4 +#define MC_CMD_FC_IN_DIAG_DATAPATH_CTRL_SET_MODE_OP_LEN 4 +#define MC_CMD_FC_IN_DIAG_DATAPATH_CTRL_SET_MODE_SUB_OP_OFST 8 +#define MC_CMD_FC_IN_DIAG_DATAPATH_CTRL_SET_MODE_SUB_OP_LEN 4 +/* Datapath configuration identifier */ +#define MC_CMD_FC_IN_DIAG_DATAPATH_CTRL_SET_MODE_MODE_OFST 12 +#define MC_CMD_FC_IN_DIAG_DATAPATH_CTRL_SET_MODE_MODE_LEN 4 +#define MC_CMD_FC_IN_DIAG_DATAPATH_CTRL_SET_MODE_PASSTHROUGH 0x0 /* enum */ +#define MC_CMD_FC_IN_DIAG_DATAPATH_CTRL_SET_MODE_SNAKE 0x1 /* enum */ + +/* MC_CMD_FC_IN_DIAG_DATAPATH_CTRL_RAW_CONFIG msgrequest */ +#define MC_CMD_FC_IN_DIAG_DATAPATH_CTRL_RAW_CONFIG_LEN 24 +/* MC_CMD_FC_IN_CMD_OFST 0 */ +/* MC_CMD_FC_IN_CMD_LEN 4 */ +#define MC_CMD_FC_IN_DIAG_DATAPATH_CTRL_RAW_CONFIG_OP_OFST 4 +#define MC_CMD_FC_IN_DIAG_DATAPATH_CTRL_RAW_CONFIG_OP_LEN 4 +#define MC_CMD_FC_IN_DIAG_DATAPATH_CTRL_RAW_CONFIG_SUB_OP_OFST 8 +#define MC_CMD_FC_IN_DIAG_DATAPATH_CTRL_RAW_CONFIG_SUB_OP_LEN 4 +/* Value to write into control register 1 */ +#define MC_CMD_FC_IN_DIAG_DATAPATH_CTRL_RAW_CONFIG_CONTROL1_OFST 12 +#define MC_CMD_FC_IN_DIAG_DATAPATH_CTRL_RAW_CONFIG_CONTROL1_LEN 4 +/* Value to write into control register 2 */ +#define MC_CMD_FC_IN_DIAG_DATAPATH_CTRL_RAW_CONFIG_CONTROL2_OFST 16 +#define MC_CMD_FC_IN_DIAG_DATAPATH_CTRL_RAW_CONFIG_CONTROL2_LEN 4 +/* Value to write into control register 3 */ +#define MC_CMD_FC_IN_DIAG_DATAPATH_CTRL_RAW_CONFIG_CONTROL3_OFST 20 +#define MC_CMD_FC_IN_DIAG_DATAPATH_CTRL_RAW_CONFIG_CONTROL3_LEN 4 + +/* MC_CMD_FC_OUT msgresponse */ +#define MC_CMD_FC_OUT_LEN 0 + +/* MC_CMD_FC_OUT_NULL msgresponse */ +#define MC_CMD_FC_OUT_NULL_LEN 0 + +/* MC_CMD_FC_OUT_READ32 msgresponse */ +#define MC_CMD_FC_OUT_READ32_LENMIN 4 +#define MC_CMD_FC_OUT_READ32_LENMAX 252 +#define MC_CMD_FC_OUT_READ32_LEN(num) (0+4*(num)) +#define MC_CMD_FC_OUT_READ32_BUFFER_OFST 0 +#define MC_CMD_FC_OUT_READ32_BUFFER_LEN 4 +#define MC_CMD_FC_OUT_READ32_BUFFER_MINNUM 1 +#define MC_CMD_FC_OUT_READ32_BUFFER_MAXNUM 63 + +/* MC_CMD_FC_OUT_WRITE32 msgresponse */ +#define MC_CMD_FC_OUT_WRITE32_LEN 0 + +/* MC_CMD_FC_OUT_TRC_READ msgresponse */ +#define MC_CMD_FC_OUT_TRC_READ_LEN 16 +#define MC_CMD_FC_OUT_TRC_READ_DATA_OFST 0 +#define MC_CMD_FC_OUT_TRC_READ_DATA_LEN 4 +#define MC_CMD_FC_OUT_TRC_READ_DATA_NUM 4 + +/* MC_CMD_FC_OUT_TRC_WRITE msgresponse */ +#define MC_CMD_FC_OUT_TRC_WRITE_LEN 0 + +/* MC_CMD_FC_OUT_GET_VERSION msgresponse */ +#define MC_CMD_FC_OUT_GET_VERSION_LEN 12 +#define MC_CMD_FC_OUT_GET_VERSION_FIRMWARE_OFST 0 +#define MC_CMD_FC_OUT_GET_VERSION_FIRMWARE_LEN 4 +#define MC_CMD_FC_OUT_GET_VERSION_VERSION_OFST 4 +#define MC_CMD_FC_OUT_GET_VERSION_VERSION_LEN 8 +#define MC_CMD_FC_OUT_GET_VERSION_VERSION_LO_OFST 4 +#define MC_CMD_FC_OUT_GET_VERSION_VERSION_HI_OFST 8 + +/* MC_CMD_FC_OUT_TRC_RX_READ msgresponse */ +#define MC_CMD_FC_OUT_TRC_RX_READ_LEN 8 +#define MC_CMD_FC_OUT_TRC_RX_READ_DATA_OFST 0 +#define MC_CMD_FC_OUT_TRC_RX_READ_DATA_LEN 4 +#define MC_CMD_FC_OUT_TRC_RX_READ_DATA_NUM 2 + +/* MC_CMD_FC_OUT_TRC_RX_WRITE msgresponse */ +#define MC_CMD_FC_OUT_TRC_RX_WRITE_LEN 0 + +/* MC_CMD_FC_OUT_MAC_RECONFIGURE msgresponse */ +#define MC_CMD_FC_OUT_MAC_RECONFIGURE_LEN 0 + +/* MC_CMD_FC_OUT_MAC_SET_LINK msgresponse */ +#define MC_CMD_FC_OUT_MAC_SET_LINK_LEN 0 + +/* MC_CMD_FC_OUT_MAC_READ_STATUS msgresponse */ +#define MC_CMD_FC_OUT_MAC_READ_STATUS_LEN 4 +#define MC_CMD_FC_OUT_MAC_READ_STATUS_STATUS_OFST 0 +#define MC_CMD_FC_OUT_MAC_READ_STATUS_STATUS_LEN 4 + +/* MC_CMD_FC_OUT_MAC_GET_RX_STATS msgresponse */ +#define MC_CMD_FC_OUT_MAC_GET_RX_STATS_LEN ((((0-1+(64*MC_CMD_FC_MAC_RX_NSTATS))+1))>>3) +#define MC_CMD_FC_OUT_MAC_GET_RX_STATS_STATISTICS_OFST 0 +#define MC_CMD_FC_OUT_MAC_GET_RX_STATS_STATISTICS_LEN 8 +#define MC_CMD_FC_OUT_MAC_GET_RX_STATS_STATISTICS_LO_OFST 0 +#define MC_CMD_FC_OUT_MAC_GET_RX_STATS_STATISTICS_HI_OFST 4 +#define MC_CMD_FC_OUT_MAC_GET_RX_STATS_STATISTICS_NUM MC_CMD_FC_MAC_RX_NSTATS +#define MC_CMD_FC_MAC_RX_STATS_OCTETS 0x0 /* enum */ +#define MC_CMD_FC_MAC_RX_OCTETS_OK 0x1 /* enum */ +#define MC_CMD_FC_MAC_RX_ALIGNMENT_ERRORS 0x2 /* enum */ +#define MC_CMD_FC_MAC_RX_PAUSE_MAC_CTRL_FRAMES 0x3 /* enum */ +#define MC_CMD_FC_MAC_RX_FRAMES_OK 0x4 /* enum */ +#define MC_CMD_FC_MAC_RX_CRC_ERRORS 0x5 /* enum */ +#define MC_CMD_FC_MAC_RX_VLAN_OK 0x6 /* enum */ +#define MC_CMD_FC_MAC_RX_ERRORS 0x7 /* enum */ +#define MC_CMD_FC_MAC_RX_UCAST_PKTS 0x8 /* enum */ +#define MC_CMD_FC_MAC_RX_MULTICAST_PKTS 0x9 /* enum */ +#define MC_CMD_FC_MAC_RX_BROADCAST_PKTS 0xa /* enum */ +#define MC_CMD_FC_MAC_RX_STATS_DROP_EVENTS 0xb /* enum */ +#define MC_CMD_FC_MAC_RX_STATS_PKTS 0xc /* enum */ +#define MC_CMD_FC_MAC_RX_STATS_UNDERSIZE_PKTS 0xd /* enum */ +#define MC_CMD_FC_MAC_RX_STATS_PKTS_64 0xe /* enum */ +#define MC_CMD_FC_MAC_RX_STATS_PKTS_65_127 0xf /* enum */ +#define MC_CMD_FC_MAC_RX_STATS_PKTS_128_255 0x10 /* enum */ +#define MC_CMD_FC_MAC_RX_STATS_PKTS_256_511 0x11 /* enum */ +#define MC_CMD_FC_MAC_RX_STATS_PKTS_512_1023 0x12 /* enum */ +#define MC_CMD_FC_MAC_RX_STATS_PKTS_1024_1518 0x13 /* enum */ +#define MC_CMD_FC_MAC_RX_STATS_PKTS_1519_MAX 0x14 /* enum */ +#define MC_CMD_FC_MAC_RX_STATS_OVERSIZE_PKTS 0x15 /* enum */ +#define MC_CMD_FC_MAC_RX_STATS_JABBERS 0x16 /* enum */ +#define MC_CMD_FC_MAC_RX_STATS_FRAGMENTS 0x17 /* enum */ +#define MC_CMD_FC_MAC_RX_MAC_CONTROL_FRAMES 0x18 /* enum */ +/* enum: (Last entry) */ +#define MC_CMD_FC_MAC_RX_NSTATS 0x19 + +/* MC_CMD_FC_OUT_MAC_GET_TX_STATS msgresponse */ +#define MC_CMD_FC_OUT_MAC_GET_TX_STATS_LEN ((((0-1+(64*MC_CMD_FC_MAC_TX_NSTATS))+1))>>3) +#define MC_CMD_FC_OUT_MAC_GET_TX_STATS_STATISTICS_OFST 0 +#define MC_CMD_FC_OUT_MAC_GET_TX_STATS_STATISTICS_LEN 8 +#define MC_CMD_FC_OUT_MAC_GET_TX_STATS_STATISTICS_LO_OFST 0 +#define MC_CMD_FC_OUT_MAC_GET_TX_STATS_STATISTICS_HI_OFST 4 +#define MC_CMD_FC_OUT_MAC_GET_TX_STATS_STATISTICS_NUM MC_CMD_FC_MAC_TX_NSTATS +#define MC_CMD_FC_MAC_TX_STATS_OCTETS 0x0 /* enum */ +#define MC_CMD_FC_MAC_TX_OCTETS_OK 0x1 /* enum */ +#define MC_CMD_FC_MAC_TX_ALIGNMENT_ERRORS 0x2 /* enum */ +#define MC_CMD_FC_MAC_TX_PAUSE_MAC_CTRL_FRAMES 0x3 /* enum */ +#define MC_CMD_FC_MAC_TX_FRAMES_OK 0x4 /* enum */ +#define MC_CMD_FC_MAC_TX_CRC_ERRORS 0x5 /* enum */ +#define MC_CMD_FC_MAC_TX_VLAN_OK 0x6 /* enum */ +#define MC_CMD_FC_MAC_TX_ERRORS 0x7 /* enum */ +#define MC_CMD_FC_MAC_TX_UCAST_PKTS 0x8 /* enum */ +#define MC_CMD_FC_MAC_TX_MULTICAST_PKTS 0x9 /* enum */ +#define MC_CMD_FC_MAC_TX_BROADCAST_PKTS 0xa /* enum */ +#define MC_CMD_FC_MAC_TX_STATS_DROP_EVENTS 0xb /* enum */ +#define MC_CMD_FC_MAC_TX_STATS_PKTS 0xc /* enum */ +#define MC_CMD_FC_MAC_TX_STATS_UNDERSIZE_PKTS 0xd /* enum */ +#define MC_CMD_FC_MAC_TX_STATS_PKTS_64 0xe /* enum */ +#define MC_CMD_FC_MAC_TX_STATS_PKTS_65_127 0xf /* enum */ +#define MC_CMD_FC_MAC_TX_STATS_PKTS_128_255 0x10 /* enum */ +#define MC_CMD_FC_MAC_TX_STATS_PKTS_256_511 0x11 /* enum */ +#define MC_CMD_FC_MAC_TX_STATS_PKTS_512_1023 0x12 /* enum */ +#define MC_CMD_FC_MAC_TX_STATS_PKTS_1024_1518 0x13 /* enum */ +#define MC_CMD_FC_MAC_TX_STATS_PKTS_1519_TX_MTU 0x14 /* enum */ +#define MC_CMD_FC_MAC_TX_MAC_CONTROL_FRAMES 0x15 /* enum */ +/* enum: (Last entry) */ +#define MC_CMD_FC_MAC_TX_NSTATS 0x16 + +/* MC_CMD_FC_OUT_MAC_GET_STATS msgresponse */ +#define MC_CMD_FC_OUT_MAC_GET_STATS_LEN ((((0-1+(64*MC_CMD_FC_MAC_NSTATS_PER_BLOCK))+1))>>3) +/* MAC Statistics */ +#define MC_CMD_FC_OUT_MAC_GET_STATS_STATISTICS_OFST 0 +#define MC_CMD_FC_OUT_MAC_GET_STATS_STATISTICS_LEN 8 +#define MC_CMD_FC_OUT_MAC_GET_STATS_STATISTICS_LO_OFST 0 +#define MC_CMD_FC_OUT_MAC_GET_STATS_STATISTICS_HI_OFST 4 +#define MC_CMD_FC_OUT_MAC_GET_STATS_STATISTICS_NUM MC_CMD_FC_MAC_NSTATS_PER_BLOCK + +/* MC_CMD_FC_OUT_MAC msgresponse */ +#define MC_CMD_FC_OUT_MAC_LEN 0 + +/* MC_CMD_FC_OUT_SFP msgresponse */ +#define MC_CMD_FC_OUT_SFP_LEN 0 + +/* MC_CMD_FC_OUT_DDR_TEST_START msgresponse */ +#define MC_CMD_FC_OUT_DDR_TEST_START_LEN 0 + +/* MC_CMD_FC_OUT_DDR_TEST_POLL msgresponse */ +#define MC_CMD_FC_OUT_DDR_TEST_POLL_LEN 8 +#define MC_CMD_FC_OUT_DDR_TEST_POLL_STATUS_OFST 0 +#define MC_CMD_FC_OUT_DDR_TEST_POLL_STATUS_LEN 4 +#define MC_CMD_FC_OUT_DDR_TEST_POLL_CODE_LBN 0 +#define MC_CMD_FC_OUT_DDR_TEST_POLL_CODE_WIDTH 8 +/* enum: Test not yet initiated */ +#define MC_CMD_FC_OP_DDR_TEST_NONE 0x0 +/* enum: Test is in progress */ +#define MC_CMD_FC_OP_DDR_TEST_INPROGRESS 0x1 +/* enum: Timed completed */ +#define MC_CMD_FC_OP_DDR_TEST_SUCCESS 0x2 +/* enum: Test did not complete in specified time */ +#define MC_CMD_FC_OP_DDR_TEST_TIMER_EXPIRED 0x3 +#define MC_CMD_FC_OUT_DDR_TEST_POLL_PRESENT_T0_LBN 11 +#define MC_CMD_FC_OUT_DDR_TEST_POLL_PRESENT_T0_WIDTH 1 +#define MC_CMD_FC_OUT_DDR_TEST_POLL_PRESENT_T1_LBN 10 +#define MC_CMD_FC_OUT_DDR_TEST_POLL_PRESENT_T1_WIDTH 1 +#define MC_CMD_FC_OUT_DDR_TEST_POLL_PRESENT_B0_LBN 9 +#define MC_CMD_FC_OUT_DDR_TEST_POLL_PRESENT_B0_WIDTH 1 +#define MC_CMD_FC_OUT_DDR_TEST_POLL_PRESENT_B1_LBN 8 +#define MC_CMD_FC_OUT_DDR_TEST_POLL_PRESENT_B1_WIDTH 1 +/* Test result from FPGA */ +#define MC_CMD_FC_OUT_DDR_TEST_POLL_RESULT_OFST 4 +#define MC_CMD_FC_OUT_DDR_TEST_POLL_RESULT_LEN 4 +#define MC_CMD_FC_OUT_DDR_TEST_POLL_FPGA_SUPPORTS_T0_LBN 31 +#define MC_CMD_FC_OUT_DDR_TEST_POLL_FPGA_SUPPORTS_T0_WIDTH 1 +#define MC_CMD_FC_OUT_DDR_TEST_POLL_FPGA_SUPPORTS_T1_LBN 30 +#define MC_CMD_FC_OUT_DDR_TEST_POLL_FPGA_SUPPORTS_T1_WIDTH 1 +#define MC_CMD_FC_OUT_DDR_TEST_POLL_FPGA_SUPPORTS_B0_LBN 29 +#define MC_CMD_FC_OUT_DDR_TEST_POLL_FPGA_SUPPORTS_B0_WIDTH 1 +#define MC_CMD_FC_OUT_DDR_TEST_POLL_FPGA_SUPPORTS_B1_LBN 28 +#define MC_CMD_FC_OUT_DDR_TEST_POLL_FPGA_SUPPORTS_B1_WIDTH 1 +#define MC_CMD_FC_OUT_DDR_TEST_POLL_T0_LBN 15 +#define MC_CMD_FC_OUT_DDR_TEST_POLL_T0_WIDTH 5 +#define MC_CMD_FC_OUT_DDR_TEST_POLL_T1_LBN 10 +#define MC_CMD_FC_OUT_DDR_TEST_POLL_T1_WIDTH 5 +#define MC_CMD_FC_OUT_DDR_TEST_POLL_B0_LBN 5 +#define MC_CMD_FC_OUT_DDR_TEST_POLL_B0_WIDTH 5 +#define MC_CMD_FC_OUT_DDR_TEST_POLL_B1_LBN 0 +#define MC_CMD_FC_OUT_DDR_TEST_POLL_B1_WIDTH 5 +#define MC_CMD_FC_OUT_DDR_TEST_POLL_TEST_COMPLETE 0x0 /* enum */ +#define MC_CMD_FC_OUT_DDR_TEST_POLL_TEST_FAIL 0x1 /* enum */ +#define MC_CMD_FC_OUT_DDR_TEST_POLL_TEST_PASS 0x2 /* enum */ +#define MC_CMD_FC_OUT_DDR_TEST_POLL_CAL_FAIL 0x3 /* enum */ +#define MC_CMD_FC_OUT_DDR_TEST_POLL_CAL_SUCCESS 0x4 /* enum */ + +/* MC_CMD_FC_OUT_DDR_TEST msgresponse */ +#define MC_CMD_FC_OUT_DDR_TEST_LEN 0 + +/* MC_CMD_FC_OUT_GET_ASSERT msgresponse */ +#define MC_CMD_FC_OUT_GET_ASSERT_LEN 144 +/* Assertion status flag. */ +#define MC_CMD_FC_OUT_GET_ASSERT_GLOBAL_FLAGS_OFST 0 +#define MC_CMD_FC_OUT_GET_ASSERT_GLOBAL_FLAGS_LEN 4 +#define MC_CMD_FC_OUT_GET_ASSERT_STATE_LBN 8 +#define MC_CMD_FC_OUT_GET_ASSERT_STATE_WIDTH 8 +/* enum: No crash data available */ +#define MC_CMD_FC_GET_ASSERT_FLAGS_STATE_CLEAR 0x0 +/* enum: New crash data available */ +#define MC_CMD_FC_GET_ASSERT_FLAGS_STATE_NEW 0x1 +/* enum: Crash data has been sent */ +#define MC_CMD_FC_GET_ASSERT_FLAGS_STATE_NOTIFIED 0x2 +#define MC_CMD_FC_OUT_GET_ASSERT_TYPE_LBN 0 +#define MC_CMD_FC_OUT_GET_ASSERT_TYPE_WIDTH 8 +/* enum: No crash has been recorded. */ +#define MC_CMD_FC_GET_ASSERT_FLAGS_TYPE_NONE 0x0 +/* enum: Crash due to exception. */ +#define MC_CMD_FC_GET_ASSERT_FLAGS_TYPE_EXCEPTION 0x1 +/* enum: Crash due to assertion. */ +#define MC_CMD_FC_GET_ASSERT_FLAGS_TYPE_ASSERTION 0x2 +/* Failing PC value */ +#define MC_CMD_FC_OUT_GET_ASSERT_SAVED_PC_OFFS_OFST 4 +#define MC_CMD_FC_OUT_GET_ASSERT_SAVED_PC_OFFS_LEN 4 +/* Saved GP regs */ +#define MC_CMD_FC_OUT_GET_ASSERT_GP_REGS_OFFS_OFST 8 +#define MC_CMD_FC_OUT_GET_ASSERT_GP_REGS_OFFS_LEN 4 +#define MC_CMD_FC_OUT_GET_ASSERT_GP_REGS_OFFS_NUM 31 +/* Exception Type */ +#define MC_CMD_FC_OUT_GET_ASSERT_EXCEPTION_TYPE_OFFS_OFST 132 +#define MC_CMD_FC_OUT_GET_ASSERT_EXCEPTION_TYPE_OFFS_LEN 4 +/* Instruction at which exception occurred */ +#define MC_CMD_FC_OUT_GET_ASSERT_EXCEPTION_PC_ADDR_OFFS_OFST 136 +#define MC_CMD_FC_OUT_GET_ASSERT_EXCEPTION_PC_ADDR_OFFS_LEN 4 +/* BAD Address that triggered address-based exception */ +#define MC_CMD_FC_OUT_GET_ASSERT_EXCEPTION_BAD_ADDR_OFFS_OFST 140 +#define MC_CMD_FC_OUT_GET_ASSERT_EXCEPTION_BAD_ADDR_OFFS_LEN 4 + +/* MC_CMD_FC_OUT_FPGA_BUILD msgresponse */ +#define MC_CMD_FC_OUT_FPGA_BUILD_LEN 32 +#define MC_CMD_FC_OUT_FPGA_BUILD_COMPONENT_INFO_OFST 0 +#define MC_CMD_FC_OUT_FPGA_BUILD_COMPONENT_INFO_LEN 4 +#define MC_CMD_FC_OUT_FPGA_BUILD_IS_APPLICATION_LBN 31 +#define MC_CMD_FC_OUT_FPGA_BUILD_IS_APPLICATION_WIDTH 1 +#define MC_CMD_FC_OUT_FPGA_BUILD_IS_LICENSED_LBN 30 +#define MC_CMD_FC_OUT_FPGA_BUILD_IS_LICENSED_WIDTH 1 +#define MC_CMD_FC_OUT_FPGA_BUILD_COMPONENT_ID_LBN 16 +#define MC_CMD_FC_OUT_FPGA_BUILD_COMPONENT_ID_WIDTH 14 +#define MC_CMD_FC_OUT_FPGA_BUILD_VERSION_MAJOR_LBN 12 +#define MC_CMD_FC_OUT_FPGA_BUILD_VERSION_MAJOR_WIDTH 4 +#define MC_CMD_FC_OUT_FPGA_BUILD_VERSION_MINOR_LBN 4 +#define MC_CMD_FC_OUT_FPGA_BUILD_VERSION_MINOR_WIDTH 8 +#define MC_CMD_FC_OUT_FPGA_BUILD_BUILD_NUM_LBN 0 +#define MC_CMD_FC_OUT_FPGA_BUILD_BUILD_NUM_WIDTH 4 +/* Build timestamp (seconds since epoch) */ +#define MC_CMD_FC_OUT_FPGA_BUILD_TIMESTAMP_OFST 4 +#define MC_CMD_FC_OUT_FPGA_BUILD_TIMESTAMP_LEN 4 +#define MC_CMD_FC_OUT_FPGA_BUILD_PARAMETERS_OFST 8 +#define MC_CMD_FC_OUT_FPGA_BUILD_PARAMETERS_LEN 4 +#define MC_CMD_FC_OUT_FPGA_BUILD_FPGA_TYPE_LBN 0 +#define MC_CMD_FC_OUT_FPGA_BUILD_FPGA_TYPE_WIDTH 8 +#define MC_CMD_FC_FPGA_TYPE_A7 0xa7 /* enum */ +#define MC_CMD_FC_FPGA_TYPE_A5 0xa5 /* enum */ +#define MC_CMD_FC_OUT_FPGA_BUILD_RESERVED1_LBN 8 +#define MC_CMD_FC_OUT_FPGA_BUILD_RESERVED1_WIDTH 10 +#define MC_CMD_FC_OUT_FPGA_BUILD_PTP_ENABLED_LBN 18 +#define MC_CMD_FC_OUT_FPGA_BUILD_PTP_ENABLED_WIDTH 1 +#define MC_CMD_FC_OUT_FPGA_BUILD_SODIMM1_RLDRAM_DEF_LBN 19 +#define MC_CMD_FC_OUT_FPGA_BUILD_SODIMM1_RLDRAM_DEF_WIDTH 1 +#define MC_CMD_FC_OUT_FPGA_BUILD_SODIMM2_RLDRAM_DEF_LBN 20 +#define MC_CMD_FC_OUT_FPGA_BUILD_SODIMM2_RLDRAM_DEF_WIDTH 1 +#define MC_CMD_FC_OUT_FPGA_BUILD_SODIMM3_RLDRAM_DEF_LBN 21 +#define MC_CMD_FC_OUT_FPGA_BUILD_SODIMM3_RLDRAM_DEF_WIDTH 1 +#define MC_CMD_FC_OUT_FPGA_BUILD_SODIMM4_RLDRAM_DEF_LBN 22 +#define MC_CMD_FC_OUT_FPGA_BUILD_SODIMM4_RLDRAM_DEF_WIDTH 1 +#define MC_CMD_FC_OUT_FPGA_BUILD_SODIMM_T0_DDR3_DEF_LBN 23 +#define MC_CMD_FC_OUT_FPGA_BUILD_SODIMM_T0_DDR3_DEF_WIDTH 1 +#define MC_CMD_FC_OUT_FPGA_BUILD_SODIMM_T1_DDR3_DEF_LBN 24 +#define MC_CMD_FC_OUT_FPGA_BUILD_SODIMM_T1_DDR3_DEF_WIDTH 1 +#define MC_CMD_FC_OUT_FPGA_BUILD_SODIMM_B0_DDR3_DEF_LBN 25 +#define MC_CMD_FC_OUT_FPGA_BUILD_SODIMM_B0_DDR3_DEF_WIDTH 1 +#define MC_CMD_FC_OUT_FPGA_BUILD_SODIMM_B1_DDR3_DEF_LBN 26 +#define MC_CMD_FC_OUT_FPGA_BUILD_SODIMM_B1_DDR3_DEF_WIDTH 1 +#define MC_CMD_FC_OUT_FPGA_BUILD_DDR3_ECC_ENABLED_LBN 27 +#define MC_CMD_FC_OUT_FPGA_BUILD_DDR3_ECC_ENABLED_WIDTH 1 +#define MC_CMD_FC_OUT_FPGA_BUILD_SODIMM_T1_QDR_DEF_LBN 28 +#define MC_CMD_FC_OUT_FPGA_BUILD_SODIMM_T1_QDR_DEF_WIDTH 1 +#define MC_CMD_FC_OUT_FPGA_BUILD_RESERVED2_LBN 29 +#define MC_CMD_FC_OUT_FPGA_BUILD_RESERVED2_WIDTH 2 +#define MC_CMD_FC_OUT_FPGA_BUILD_CRC_APPEND_LBN 31 +#define MC_CMD_FC_OUT_FPGA_BUILD_CRC_APPEND_WIDTH 1 +#define MC_CMD_FC_OUT_FPGA_BUILD_IDENTIFIER_OFST 12 +#define MC_CMD_FC_OUT_FPGA_BUILD_IDENTIFIER_LEN 4 +#define MC_CMD_FC_OUT_FPGA_BUILD_CHANGESET_LBN 0 +#define MC_CMD_FC_OUT_FPGA_BUILD_CHANGESET_WIDTH 16 +#define MC_CMD_FC_OUT_FPGA_BUILD_BUILD_FLAG_LBN 16 +#define MC_CMD_FC_OUT_FPGA_BUILD_BUILD_FLAG_WIDTH 1 +#define MC_CMD_FC_FPGA_BUILD_FLAG_INTERNAL 0x0 /* enum */ +#define MC_CMD_FC_FPGA_BUILD_FLAG_RELEASE 0x1 /* enum */ +#define MC_CMD_FC_OUT_FPGA_BUILD_RESERVED3_LBN 17 +#define MC_CMD_FC_OUT_FPGA_BUILD_RESERVED3_WIDTH 15 +#define MC_CMD_FC_OUT_FPGA_BUILD_VERSION_HI_OFST 16 +#define MC_CMD_FC_OUT_FPGA_BUILD_VERSION_HI_LEN 4 +#define MC_CMD_FC_OUT_FPGA_BUILD_DEPLOYMENT_VERSION_MINOR_LBN 0 +#define MC_CMD_FC_OUT_FPGA_BUILD_DEPLOYMENT_VERSION_MINOR_WIDTH 16 +#define MC_CMD_FC_OUT_FPGA_BUILD_DEPLOYMENT_VERSION_MAJOR_LBN 16 +#define MC_CMD_FC_OUT_FPGA_BUILD_DEPLOYMENT_VERSION_MAJOR_WIDTH 16 +#define MC_CMD_FC_OUT_FPGA_BUILD_VERSION_LO_OFST 20 +#define MC_CMD_FC_OUT_FPGA_BUILD_VERSION_LO_LEN 4 +#define MC_CMD_FC_OUT_FPGA_BUILD_DEPLOYMENT_VERSION_BUILD_LBN 0 +#define MC_CMD_FC_OUT_FPGA_BUILD_DEPLOYMENT_VERSION_BUILD_WIDTH 16 +#define MC_CMD_FC_OUT_FPGA_BUILD_DEPLOYMENT_VERSION_MICRO_LBN 16 +#define MC_CMD_FC_OUT_FPGA_BUILD_DEPLOYMENT_VERSION_MICRO_WIDTH 16 +#define MC_CMD_FC_OUT_FPGA_BUILD_RESERVED4_OFST 16 +#define MC_CMD_FC_OUT_FPGA_BUILD_RESERVED4_LEN 8 +#define MC_CMD_FC_OUT_FPGA_BUILD_RESERVED4_LO_OFST 16 +#define MC_CMD_FC_OUT_FPGA_BUILD_RESERVED4_HI_OFST 20 +#define MC_CMD_FC_OUT_FPGA_BUILD_REVISION_LO_OFST 24 +#define MC_CMD_FC_OUT_FPGA_BUILD_REVISION_LO_LEN 4 +#define MC_CMD_FC_OUT_FPGA_BUILD_REVISION_HI_OFST 28 +#define MC_CMD_FC_OUT_FPGA_BUILD_REVISION_HI_LEN 4 +#define MC_CMD_FC_OUT_FPGA_BUILD_REVISION_HIGH_LBN 0 +#define MC_CMD_FC_OUT_FPGA_BUILD_REVISION_HIGH_WIDTH 16 + +/* MC_CMD_FC_OUT_FPGA_BUILD_V2 msgresponse */ +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_LEN 32 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_COMPONENT_INFO_OFST 0 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_COMPONENT_INFO_LEN 4 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_IS_APPLICATION_LBN 31 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_IS_APPLICATION_WIDTH 1 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_IS_LICENSED_LBN 30 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_IS_LICENSED_WIDTH 1 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_COMPONENT_ID_LBN 16 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_COMPONENT_ID_WIDTH 14 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_VERSION_MAJOR_LBN 12 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_VERSION_MAJOR_WIDTH 4 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_VERSION_MINOR_LBN 4 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_VERSION_MINOR_WIDTH 8 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_BUILD_NUM_LBN 0 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_BUILD_NUM_WIDTH 4 +/* Build timestamp (seconds since epoch) */ +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_TIMESTAMP_OFST 4 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_TIMESTAMP_LEN 4 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_PARAMETERS_OFST 8 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_PARAMETERS_LEN 4 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_PMA_PASSTHROUGH_LBN 31 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_PMA_PASSTHROUGH_WIDTH 1 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SODIMM2_QDR_DEF_LBN 29 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SODIMM2_QDR_DEF_WIDTH 1 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SODIMM1_QDR_DEF_LBN 28 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SODIMM1_QDR_DEF_WIDTH 1 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_DDR3_ECC_ENABLED_LBN 27 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_DDR3_ECC_ENABLED_WIDTH 1 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_DISCRETE2_DDR3_DEF_LBN 26 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_DISCRETE2_DDR3_DEF_WIDTH 1 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_DISCRETE1_DDR3_DEF_LBN 25 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_DISCRETE1_DDR3_DEF_WIDTH 1 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SODIMM2_TO_DDR3_DEF_LBN 24 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SODIMM2_TO_DDR3_DEF_WIDTH 1 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SODIMM1_T0_DDR3_DEF_LBN 23 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SODIMM1_T0_DDR3_DEF_WIDTH 1 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_DISCRETE2_RLDRAM_DEF_LBN 22 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_DISCRETE2_RLDRAM_DEF_WIDTH 1 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_DISCRETE1_RLDRAM_DEF_LBN 21 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_DISCRETE1_RLDRAM_DEF_WIDTH 1 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SODIMM2_RLDRAM_DEF_LBN 20 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SODIMM2_RLDRAM_DEF_WIDTH 1 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SODIMM1_RLDRAM_DEF_LBN 19 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SODIMM1_RLDRAM_DEF_WIDTH 1 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_NIC0_3_SPEED_LBN 18 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_NIC0_3_SPEED_WIDTH 1 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_NIC0_3_SPEED_10G 0x0 /* enum */ +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_NIC0_3_SPEED_40G 0x1 /* enum */ +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SFP4_7_SPEED_LBN 17 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SFP4_7_SPEED_WIDTH 1 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SFP4_7_SPEED_10G 0x0 /* enum */ +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SFP4_7_SPEED_40G 0x1 /* enum */ +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SFP0_3_SPEED_LBN 16 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SFP0_3_SPEED_WIDTH 1 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SFP0_3_SPEED_10G 0x0 /* enum */ +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SFP0_3_SPEED_40G 0x1 /* enum */ +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SFP7_DEF_LBN 15 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SFP7_DEF_WIDTH 1 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SFP6_DEF_LBN 14 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SFP6_DEF_WIDTH 1 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SFP5_DEF_LBN 13 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SFP5_DEF_WIDTH 1 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SFP4_DEF_LBN 12 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SFP4_DEF_WIDTH 1 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SFP3_DEF_LBN 11 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SFP3_DEF_WIDTH 1 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SFP2_DEF_LBN 10 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SFP2_DEF_WIDTH 1 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SFP1_DEF_LBN 9 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SFP1_DEF_WIDTH 1 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SFP0_DEF_LBN 8 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_SFP0_DEF_WIDTH 1 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_NIC3_DEF_LBN 7 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_NIC3_DEF_WIDTH 1 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_NIC2_DEF_LBN 6 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_NIC2_DEF_WIDTH 1 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_NIC1_DEF_LBN 5 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_NIC1_DEF_WIDTH 1 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_NIC0_DEF_LBN 4 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_NIC0_DEF_WIDTH 1 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_FPGA_TYPE_LBN 0 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_FPGA_TYPE_WIDTH 4 +#define MC_CMD_FC_FPGA_V2_TYPE_A3 0x0 /* enum */ +#define MC_CMD_FC_FPGA_V2_TYPE_A4 0x1 /* enum */ +#define MC_CMD_FC_FPGA_V2_TYPE_A5 0x2 /* enum */ +#define MC_CMD_FC_FPGA_V2_TYPE_A7 0x3 /* enum */ +#define MC_CMD_FC_FPGA_V2_TYPE_D3 0x8 /* enum */ +#define MC_CMD_FC_FPGA_V2_TYPE_D4 0x9 /* enum */ +#define MC_CMD_FC_FPGA_V2_TYPE_D5 0xa /* enum */ +#define MC_CMD_FC_FPGA_V2_TYPE_D7 0xb /* enum */ +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_IDENTIFIER_OFST 12 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_IDENTIFIER_LEN 4 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_CHANGESET_LBN 0 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_CHANGESET_WIDTH 16 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_BUILD_FLAG_LBN 16 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_BUILD_FLAG_WIDTH 1 +/* MC_CMD_FC_FPGA_BUILD_FLAG_INTERNAL 0x0 */ +/* MC_CMD_FC_FPGA_BUILD_FLAG_RELEASE 0x1 */ +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_VERSION_HI_OFST 16 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_VERSION_HI_LEN 4 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_DEPLOYMENT_VERSION_MINOR_LBN 0 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_DEPLOYMENT_VERSION_MINOR_WIDTH 16 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_DEPLOYMENT_VERSION_MAJOR_LBN 16 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_DEPLOYMENT_VERSION_MAJOR_WIDTH 16 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_VERSION_LO_OFST 20 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_VERSION_LO_LEN 4 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_DEPLOYMENT_VERSION_BUILD_LBN 0 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_DEPLOYMENT_VERSION_BUILD_WIDTH 16 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_DEPLOYMENT_VERSION_MICRO_LBN 16 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_DEPLOYMENT_VERSION_MICRO_WIDTH 16 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_REVISION_LO_OFST 24 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_REVISION_LO_LEN 4 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_REVISION_HI_OFST 28 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_REVISION_HI_LEN 4 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_REVISION_HIGH_LBN 0 +#define MC_CMD_FC_OUT_FPGA_BUILD_V2_REVISION_HIGH_WIDTH 16 + +/* MC_CMD_FC_OUT_FPGA_SERVICES msgresponse */ +#define MC_CMD_FC_OUT_FPGA_SERVICES_LEN 32 +#define MC_CMD_FC_OUT_FPGA_SERVICES_COMPONENT_INFO_OFST 0 +#define MC_CMD_FC_OUT_FPGA_SERVICES_COMPONENT_INFO_LEN 4 +#define MC_CMD_FC_OUT_FPGA_SERVICES_IS_APPLICATION_LBN 31 +#define MC_CMD_FC_OUT_FPGA_SERVICES_IS_APPLICATION_WIDTH 1 +#define MC_CMD_FC_OUT_FPGA_SERVICES_IS_LICENSED_LBN 30 +#define MC_CMD_FC_OUT_FPGA_SERVICES_IS_LICENSED_WIDTH 1 +#define MC_CMD_FC_OUT_FPGA_SERVICES_COMPONENT_ID_LBN 16 +#define MC_CMD_FC_OUT_FPGA_SERVICES_COMPONENT_ID_WIDTH 14 +#define MC_CMD_FC_OUT_FPGA_SERVICES_VERSION_MAJOR_LBN 12 +#define MC_CMD_FC_OUT_FPGA_SERVICES_VERSION_MAJOR_WIDTH 4 +#define MC_CMD_FC_OUT_FPGA_SERVICES_VERSION_MINOR_LBN 4 +#define MC_CMD_FC_OUT_FPGA_SERVICES_VERSION_MINOR_WIDTH 8 +#define MC_CMD_FC_OUT_FPGA_SERVICES_BUILD_NUM_LBN 0 +#define MC_CMD_FC_OUT_FPGA_SERVICES_BUILD_NUM_WIDTH 4 +/* Build timestamp (seconds since epoch) */ +#define MC_CMD_FC_OUT_FPGA_SERVICES_TIMESTAMP_OFST 4 +#define MC_CMD_FC_OUT_FPGA_SERVICES_TIMESTAMP_LEN 4 +#define MC_CMD_FC_OUT_FPGA_SERVICES_PARAMETERS_OFST 8 +#define MC_CMD_FC_OUT_FPGA_SERVICES_PARAMETERS_LEN 4 +#define MC_CMD_FC_OUT_FPGA_SERVICES_FC_FLASH_BOOTED_LBN 8 +#define MC_CMD_FC_OUT_FPGA_SERVICES_FC_FLASH_BOOTED_WIDTH 1 +#define MC_CMD_FC_OUT_FPGA_SERVICES_NIC0_DEF_LBN 27 +#define MC_CMD_FC_OUT_FPGA_SERVICES_NIC0_DEF_WIDTH 1 +#define MC_CMD_FC_OUT_FPGA_SERVICES_NIC1_DEF_LBN 28 +#define MC_CMD_FC_OUT_FPGA_SERVICES_NIC1_DEF_WIDTH 1 +#define MC_CMD_FC_OUT_FPGA_SERVICES_SFP0_DEF_LBN 29 +#define MC_CMD_FC_OUT_FPGA_SERVICES_SFP0_DEF_WIDTH 1 +#define MC_CMD_FC_OUT_FPGA_SERVICES_SFP1_DEF_LBN 30 +#define MC_CMD_FC_OUT_FPGA_SERVICES_SFP1_DEF_WIDTH 1 +#define MC_CMD_FC_OUT_FPGA_SERVICES_RESERVED_LBN 31 +#define MC_CMD_FC_OUT_FPGA_SERVICES_RESERVED_WIDTH 1 +#define MC_CMD_FC_OUT_FPGA_SERVICES_IDENTIFIER_OFST 12 +#define MC_CMD_FC_OUT_FPGA_SERVICES_IDENTIFIER_LEN 4 +#define MC_CMD_FC_OUT_FPGA_SERVICES_CHANGESET_LBN 0 +#define MC_CMD_FC_OUT_FPGA_SERVICES_CHANGESET_WIDTH 16 +#define MC_CMD_FC_OUT_FPGA_SERVICES_BUILD_FLAG_LBN 16 +#define MC_CMD_FC_OUT_FPGA_SERVICES_BUILD_FLAG_WIDTH 1 +#define MC_CMD_FC_OUT_FPGA_SERVICES_MEMORY_SIZE_OFST 16 +#define MC_CMD_FC_OUT_FPGA_SERVICES_MEMORY_SIZE_LEN 4 +#define MC_CMD_FC_OUT_FPGA_SERVICES_MEMORY_SIZE_WIDTH_LBN 0 +#define MC_CMD_FC_OUT_FPGA_SERVICES_MEMORY_SIZE_WIDTH_WIDTH 16 +#define MC_CMD_FC_OUT_FPGA_SERVICES_MEMORY_SIZE_COUNT_LBN 16 +#define MC_CMD_FC_OUT_FPGA_SERVICES_MEMORY_SIZE_COUNT_WIDTH 16 +#define MC_CMD_FC_OUT_FPGA_SERVICES_INSTANCE_SIZE_OFST 20 +#define MC_CMD_FC_OUT_FPGA_SERVICES_INSTANCE_SIZE_LEN 4 +#define MC_CMD_FC_OUT_FPGA_SERVICES_INSTANCE_SIZE_WIDTH_LBN 0 +#define MC_CMD_FC_OUT_FPGA_SERVICES_INSTANCE_SIZE_WIDTH_WIDTH 16 +#define MC_CMD_FC_OUT_FPGA_SERVICES_INSTANCE_SIZE_COUNT_LBN 16 +#define MC_CMD_FC_OUT_FPGA_SERVICES_INSTANCE_SIZE_COUNT_WIDTH 16 +#define MC_CMD_FC_OUT_FPGA_SERVICES_REVISION_LO_OFST 24 +#define MC_CMD_FC_OUT_FPGA_SERVICES_REVISION_LO_LEN 4 +#define MC_CMD_FC_OUT_FPGA_SERVICES_REVISION_HI_OFST 28 +#define MC_CMD_FC_OUT_FPGA_SERVICES_REVISION_HI_LEN 4 +#define MC_CMD_FC_OUT_FPGA_SERVICES_REVISION_HIGH_LBN 0 +#define MC_CMD_FC_OUT_FPGA_SERVICES_REVISION_HIGH_WIDTH 16 + +/* MC_CMD_FC_OUT_FPGA_SERVICES_V2 msgresponse */ +#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_LEN 32 +#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_COMPONENT_INFO_OFST 0 +#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_COMPONENT_INFO_LEN 4 +#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_IS_APPLICATION_LBN 31 +#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_IS_APPLICATION_WIDTH 1 +#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_IS_LICENSED_LBN 30 +#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_IS_LICENSED_WIDTH 1 +#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_COMPONENT_ID_LBN 16 +#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_COMPONENT_ID_WIDTH 14 +#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_VERSION_MAJOR_LBN 12 +#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_VERSION_MAJOR_WIDTH 4 +#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_VERSION_MINOR_LBN 4 +#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_VERSION_MINOR_WIDTH 8 +#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_BUILD_NUM_LBN 0 +#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_BUILD_NUM_WIDTH 4 +/* Build timestamp (seconds since epoch) */ +#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_TIMESTAMP_OFST 4 +#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_TIMESTAMP_LEN 4 +#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_PARAMETERS_OFST 8 +#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_PARAMETERS_LEN 4 +#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_PTP_ENABLED_LBN 0 +#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_PTP_ENABLED_WIDTH 1 +#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_FC_FLASH_BOOTED_LBN 8 +#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_FC_FLASH_BOOTED_WIDTH 1 +#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_IDENTIFIER_OFST 12 +#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_IDENTIFIER_LEN 4 +#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_CHANGESET_LBN 0 +#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_CHANGESET_WIDTH 16 +#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_BUILD_FLAG_LBN 16 +#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_BUILD_FLAG_WIDTH 1 +/* MC_CMD_FC_FPGA_BUILD_FLAG_INTERNAL 0x0 */ +/* MC_CMD_FC_FPGA_BUILD_FLAG_RELEASE 0x1 */ +#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_REVISION_LO_OFST 24 +#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_REVISION_LO_LEN 4 +#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_REVISION_HI_OFST 28 +#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_REVISION_HI_LEN 4 +#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_REVISION_HIGH_LBN 0 +#define MC_CMD_FC_OUT_FPGA_SERVICES_V2_REVISION_HIGH_WIDTH 16 + +/* MC_CMD_FC_OUT_BSP_VERSION msgresponse */ +#define MC_CMD_FC_OUT_BSP_VERSION_LEN 4 +/* Qsys system ID */ +#define MC_CMD_FC_OUT_BSP_VERSION_SYSID_OFST 0 +#define MC_CMD_FC_OUT_BSP_VERSION_SYSID_LEN 4 +#define MC_CMD_FC_OUT_BSP_VERSION_VERSION_MAJOR_LBN 12 +#define MC_CMD_FC_OUT_BSP_VERSION_VERSION_MAJOR_WIDTH 4 +#define MC_CMD_FC_OUT_BSP_VERSION_VERSION_MINOR_LBN 4 +#define MC_CMD_FC_OUT_BSP_VERSION_VERSION_MINOR_WIDTH 8 +#define MC_CMD_FC_OUT_BSP_VERSION_BUILD_NUM_LBN 0 +#define MC_CMD_FC_OUT_BSP_VERSION_BUILD_NUM_WIDTH 4 + +/* MC_CMD_FC_OUT_READ_MAP_COUNT msgresponse */ +#define MC_CMD_FC_OUT_READ_MAP_COUNT_LEN 4 +/* Number of maps */ +#define MC_CMD_FC_OUT_READ_MAP_COUNT_NUM_MAPS_OFST 0 +#define MC_CMD_FC_OUT_READ_MAP_COUNT_NUM_MAPS_LEN 4 + +/* MC_CMD_FC_OUT_READ_MAP_INDEX msgresponse */ +#define MC_CMD_FC_OUT_READ_MAP_INDEX_LEN 164 +/* Index of the map */ +#define MC_CMD_FC_OUT_READ_MAP_INDEX_INDEX_OFST 0 +#define MC_CMD_FC_OUT_READ_MAP_INDEX_INDEX_LEN 4 +/* Options for the map */ +#define MC_CMD_FC_OUT_READ_MAP_INDEX_OPTIONS_OFST 4 +#define MC_CMD_FC_OUT_READ_MAP_INDEX_OPTIONS_LEN 4 +#define MC_CMD_FC_OUT_READ_MAP_INDEX_ALIGN_8 0x0 /* enum */ +#define MC_CMD_FC_OUT_READ_MAP_INDEX_ALIGN_16 0x1 /* enum */ +#define MC_CMD_FC_OUT_READ_MAP_INDEX_ALIGN_32 0x2 /* enum */ +#define MC_CMD_FC_OUT_READ_MAP_INDEX_ALIGN_64 0x3 /* enum */ +#define MC_CMD_FC_OUT_READ_MAP_INDEX_ALIGN_MASK 0x3 /* enum */ +#define MC_CMD_FC_OUT_READ_MAP_INDEX_PATH_FC 0x4 /* enum */ +#define MC_CMD_FC_OUT_READ_MAP_INDEX_PATH_MEM 0x8 /* enum */ +#define MC_CMD_FC_OUT_READ_MAP_INDEX_PERM_READ 0x10 /* enum */ +#define MC_CMD_FC_OUT_READ_MAP_INDEX_PERM_WRITE 0x20 /* enum */ +#define MC_CMD_FC_OUT_READ_MAP_INDEX_LICENSE_FREE 0x0 /* enum */ +#define MC_CMD_FC_OUT_READ_MAP_INDEX_LICENSE_LICENSED 0x40 /* enum */ +/* Address of start of map */ +#define MC_CMD_FC_OUT_READ_MAP_INDEX_ADDRESS_OFST 8 +#define MC_CMD_FC_OUT_READ_MAP_INDEX_ADDRESS_LEN 8 +#define MC_CMD_FC_OUT_READ_MAP_INDEX_ADDRESS_LO_OFST 8 +#define MC_CMD_FC_OUT_READ_MAP_INDEX_ADDRESS_HI_OFST 12 +/* Length of address map */ +#define MC_CMD_FC_OUT_READ_MAP_INDEX_LEN_OFST 16 +#define MC_CMD_FC_OUT_READ_MAP_INDEX_LEN_LEN 8 +#define MC_CMD_FC_OUT_READ_MAP_INDEX_LEN_LO_OFST 16 +#define MC_CMD_FC_OUT_READ_MAP_INDEX_LEN_HI_OFST 20 +/* Component information field */ +#define MC_CMD_FC_OUT_READ_MAP_INDEX_COMP_INFO_OFST 24 +#define MC_CMD_FC_OUT_READ_MAP_INDEX_COMP_INFO_LEN 4 +/* License expiry data for map */ +#define MC_CMD_FC_OUT_READ_MAP_INDEX_LICENSE_DATE_OFST 28 +#define MC_CMD_FC_OUT_READ_MAP_INDEX_LICENSE_DATE_LEN 8 +#define MC_CMD_FC_OUT_READ_MAP_INDEX_LICENSE_DATE_LO_OFST 28 +#define MC_CMD_FC_OUT_READ_MAP_INDEX_LICENSE_DATE_HI_OFST 32 +/* Name of the component */ +#define MC_CMD_FC_OUT_READ_MAP_INDEX_NAME_OFST 36 +#define MC_CMD_FC_OUT_READ_MAP_INDEX_NAME_LEN 1 +#define MC_CMD_FC_OUT_READ_MAP_INDEX_NAME_NUM 128 + +/* MC_CMD_FC_OUT_READ_MAP msgresponse */ +#define MC_CMD_FC_OUT_READ_MAP_LEN 0 + +/* MC_CMD_FC_OUT_CAPABILITIES msgresponse */ +#define MC_CMD_FC_OUT_CAPABILITIES_LEN 8 +/* Number of internal ports */ +#define MC_CMD_FC_OUT_CAPABILITIES_INTERNAL_OFST 0 +#define MC_CMD_FC_OUT_CAPABILITIES_INTERNAL_LEN 4 +/* Number of external ports */ +#define MC_CMD_FC_OUT_CAPABILITIES_EXTERNAL_OFST 4 +#define MC_CMD_FC_OUT_CAPABILITIES_EXTERNAL_LEN 4 + +/* MC_CMD_FC_OUT_GLOBAL_FLAGS msgresponse */ +#define MC_CMD_FC_OUT_GLOBAL_FLAGS_LEN 4 +#define MC_CMD_FC_OUT_GLOBAL_FLAGS_FLAGS_OFST 0 +#define MC_CMD_FC_OUT_GLOBAL_FLAGS_FLAGS_LEN 4 + +/* MC_CMD_FC_OUT_IO_REL msgresponse */ +#define MC_CMD_FC_OUT_IO_REL_LEN 0 + +/* MC_CMD_FC_OUT_IO_REL_GET_ADDR msgresponse */ +#define MC_CMD_FC_OUT_IO_REL_GET_ADDR_LEN 8 +#define MC_CMD_FC_OUT_IO_REL_GET_ADDR_ADDR_HI_OFST 0 +#define MC_CMD_FC_OUT_IO_REL_GET_ADDR_ADDR_HI_LEN 4 +#define MC_CMD_FC_OUT_IO_REL_GET_ADDR_ADDR_LO_OFST 4 +#define MC_CMD_FC_OUT_IO_REL_GET_ADDR_ADDR_LO_LEN 4 + +/* MC_CMD_FC_OUT_IO_REL_READ32 msgresponse */ +#define MC_CMD_FC_OUT_IO_REL_READ32_LENMIN 4 +#define MC_CMD_FC_OUT_IO_REL_READ32_LENMAX 252 +#define MC_CMD_FC_OUT_IO_REL_READ32_LEN(num) (0+4*(num)) +#define MC_CMD_FC_OUT_IO_REL_READ32_BUFFER_OFST 0 +#define MC_CMD_FC_OUT_IO_REL_READ32_BUFFER_LEN 4 +#define MC_CMD_FC_OUT_IO_REL_READ32_BUFFER_MINNUM 1 +#define MC_CMD_FC_OUT_IO_REL_READ32_BUFFER_MAXNUM 63 + +/* MC_CMD_FC_OUT_IO_REL_WRITE32 msgresponse */ +#define MC_CMD_FC_OUT_IO_REL_WRITE32_LEN 0 + +/* MC_CMD_FC_OUT_UHLINK_PHY msgresponse */ +#define MC_CMD_FC_OUT_UHLINK_PHY_LEN 48 +#define MC_CMD_FC_OUT_UHLINK_PHY_TRC_TX_SETTINGS_0_OFST 0 +#define MC_CMD_FC_OUT_UHLINK_PHY_TRC_TX_SETTINGS_0_LEN 4 +#define MC_CMD_FC_OUT_UHLINK_PHY_TRC_TX_VOD_LBN 0 +#define MC_CMD_FC_OUT_UHLINK_PHY_TRC_TX_VOD_WIDTH 16 +#define MC_CMD_FC_OUT_UHLINK_PHY_TRC_TX_PREEMP_1STPOSTTAP_LBN 16 +#define MC_CMD_FC_OUT_UHLINK_PHY_TRC_TX_PREEMP_1STPOSTTAP_WIDTH 16 +/* Transceiver Transmit settings */ +#define MC_CMD_FC_OUT_UHLINK_PHY_TRC_TX_SETTINGS_1_OFST 4 +#define MC_CMD_FC_OUT_UHLINK_PHY_TRC_TX_SETTINGS_1_LEN 4 +#define MC_CMD_FC_OUT_UHLINK_PHY_TRC_TX_PREEMP_PRETAP_LBN 0 +#define MC_CMD_FC_OUT_UHLINK_PHY_TRC_TX_PREEMP_PRETAP_WIDTH 16 +#define MC_CMD_FC_OUT_UHLINK_PHY_TRC_TX_PREEMP_2NDPOSTTAP_LBN 16 +#define MC_CMD_FC_OUT_UHLINK_PHY_TRC_TX_PREEMP_2NDPOSTTAP_WIDTH 16 +/* Transceiver Receive settings */ +#define MC_CMD_FC_OUT_UHLINK_PHY_TRC_RX_SETTINGS_OFST 8 +#define MC_CMD_FC_OUT_UHLINK_PHY_TRC_RX_SETTINGS_LEN 4 +#define MC_CMD_FC_OUT_UHLINK_PHY_TRC_RX_DC_GAIN_LBN 0 +#define MC_CMD_FC_OUT_UHLINK_PHY_TRC_RX_DC_GAIN_WIDTH 16 +#define MC_CMD_FC_OUT_UHLINK_PHY_TRC_RX_EQ_CONTROL_LBN 16 +#define MC_CMD_FC_OUT_UHLINK_PHY_TRC_RX_EQ_CONTROL_WIDTH 16 +/* Rx eye opening */ +#define MC_CMD_FC_OUT_UHLINK_PHY_RX_EYE_OFST 12 +#define MC_CMD_FC_OUT_UHLINK_PHY_RX_EYE_LEN 4 +#define MC_CMD_FC_OUT_UHLINK_PHY_RX_EYE_WIDTH_LBN 0 +#define MC_CMD_FC_OUT_UHLINK_PHY_RX_EYE_WIDTH_WIDTH 16 +#define MC_CMD_FC_OUT_UHLINK_PHY_RX_EYE_HEIGHT_LBN 16 +#define MC_CMD_FC_OUT_UHLINK_PHY_RX_EYE_HEIGHT_WIDTH 16 +/* PCS status word */ +#define MC_CMD_FC_OUT_UHLINK_PHY_PCS_STATUS_OFST 16 +#define MC_CMD_FC_OUT_UHLINK_PHY_PCS_STATUS_LEN 4 +/* Link status word */ +#define MC_CMD_FC_OUT_UHLINK_PHY_LINK_STATE_WORD_OFST 20 +#define MC_CMD_FC_OUT_UHLINK_PHY_LINK_STATE_WORD_LEN 4 +#define MC_CMD_FC_OUT_UHLINK_PHY_LINK_STATE_LBN 0 +#define MC_CMD_FC_OUT_UHLINK_PHY_LINK_STATE_WIDTH 1 +#define MC_CMD_FC_OUT_UHLINK_PHY_LINK_CONFIGURED_LBN 1 +#define MC_CMD_FC_OUT_UHLINK_PHY_LINK_CONFIGURED_WIDTH 1 +/* Current SFp parameters applied */ +#define MC_CMD_FC_OUT_UHLINK_PHY_SFP_PARAMS_OFST 24 +#define MC_CMD_FC_OUT_UHLINK_PHY_SFP_PARAMS_LEN 20 +/* Link speed is 100, 1000, 10000 */ +#define MC_CMD_FC_OUT_UHLINK_PHY_SFP_SPEED_OFST 24 +#define MC_CMD_FC_OUT_UHLINK_PHY_SFP_SPEED_LEN 4 +/* Length of copper cable - zero when not relevant */ +#define MC_CMD_FC_OUT_UHLINK_PHY_SFP_COPPER_LEN_OFST 28 +#define MC_CMD_FC_OUT_UHLINK_PHY_SFP_COPPER_LEN_LEN 4 +/* True if a dual speed SFP+ module */ +#define MC_CMD_FC_OUT_UHLINK_PHY_SFP_DUAL_SPEED_OFST 32 +#define MC_CMD_FC_OUT_UHLINK_PHY_SFP_DUAL_SPEED_LEN 4 +/* True if an SFP Module is present (other fields valid when true) */ +#define MC_CMD_FC_OUT_UHLINK_PHY_SFP_PRESENT_OFST 36 +#define MC_CMD_FC_OUT_UHLINK_PHY_SFP_PRESENT_LEN 4 +/* The type of the SFP+ Module */ +#define MC_CMD_FC_OUT_UHLINK_PHY_SFP_TYPE_OFST 40 +#define MC_CMD_FC_OUT_UHLINK_PHY_SFP_TYPE_LEN 4 +/* PHY config flags */ +#define MC_CMD_FC_OUT_UHLINK_PHY_PHY_CFG_OFST 44 +#define MC_CMD_FC_OUT_UHLINK_PHY_PHY_CFG_LEN 4 +#define MC_CMD_FC_OUT_UHLINK_PHY_PHY_CFG_DFE_LBN 0 +#define MC_CMD_FC_OUT_UHLINK_PHY_PHY_CFG_DFE_WIDTH 1 +#define MC_CMD_FC_OUT_UHLINK_PHY_PHY_CFG_AEQ_LBN 1 +#define MC_CMD_FC_OUT_UHLINK_PHY_PHY_CFG_AEQ_WIDTH 1 +#define MC_CMD_FC_OUT_UHLINK_PHY_PHY_CFG_RX_TUNING_LBN 2 +#define MC_CMD_FC_OUT_UHLINK_PHY_PHY_CFG_RX_TUNING_WIDTH 1 + +/* MC_CMD_FC_OUT_UHLINK_MAC msgresponse */ +#define MC_CMD_FC_OUT_UHLINK_MAC_LEN 20 +/* MAC configuration applied */ +#define MC_CMD_FC_OUT_UHLINK_MAC_CONFIG_OFST 0 +#define MC_CMD_FC_OUT_UHLINK_MAC_CONFIG_LEN 4 +/* MTU size */ +#define MC_CMD_FC_OUT_UHLINK_MAC_MTU_OFST 4 +#define MC_CMD_FC_OUT_UHLINK_MAC_MTU_LEN 4 +/* IF Mode status */ +#define MC_CMD_FC_OUT_UHLINK_MAC_IF_STATUS_OFST 8 +#define MC_CMD_FC_OUT_UHLINK_MAC_IF_STATUS_LEN 4 +/* MAC address configured */ +#define MC_CMD_FC_OUT_UHLINK_MAC_ADDR_OFST 12 +#define MC_CMD_FC_OUT_UHLINK_MAC_ADDR_LEN 8 +#define MC_CMD_FC_OUT_UHLINK_MAC_ADDR_LO_OFST 12 +#define MC_CMD_FC_OUT_UHLINK_MAC_ADDR_HI_OFST 16 + +/* MC_CMD_FC_OUT_UHLINK_RX_EYE msgresponse */ +#define MC_CMD_FC_OUT_UHLINK_RX_EYE_LEN ((((0-1+(32*MC_CMD_FC_UHLINK_RX_EYE_PER_BLOCK))+1))>>3) +/* Rx Eye measurements */ +#define MC_CMD_FC_OUT_UHLINK_RX_EYE_RX_EYE_OFST 0 +#define MC_CMD_FC_OUT_UHLINK_RX_EYE_RX_EYE_LEN 4 +#define MC_CMD_FC_OUT_UHLINK_RX_EYE_RX_EYE_NUM MC_CMD_FC_UHLINK_RX_EYE_PER_BLOCK + +/* MC_CMD_FC_OUT_UHLINK_DUMP_RX_EYE_PLOT msgresponse */ +#define MC_CMD_FC_OUT_UHLINK_DUMP_RX_EYE_PLOT_LEN 0 + +/* MC_CMD_FC_OUT_UHLINK_READ_RX_EYE_PLOT msgresponse */ +#define MC_CMD_FC_OUT_UHLINK_READ_RX_EYE_PLOT_LEN ((((32-1+(64*MC_CMD_FC_UHLINK_RX_EYE_PLOT_ROWS_PER_BLOCK))+1))>>3) +/* Has the eye plot dump completed and data returned is valid? */ +#define MC_CMD_FC_OUT_UHLINK_READ_RX_EYE_PLOT_VALID_OFST 0 +#define MC_CMD_FC_OUT_UHLINK_READ_RX_EYE_PLOT_VALID_LEN 4 +/* Rx Eye binary plot */ +#define MC_CMD_FC_OUT_UHLINK_READ_RX_EYE_PLOT_ROWS_OFST 4 +#define MC_CMD_FC_OUT_UHLINK_READ_RX_EYE_PLOT_ROWS_LEN 8 +#define MC_CMD_FC_OUT_UHLINK_READ_RX_EYE_PLOT_ROWS_LO_OFST 4 +#define MC_CMD_FC_OUT_UHLINK_READ_RX_EYE_PLOT_ROWS_HI_OFST 8 +#define MC_CMD_FC_OUT_UHLINK_READ_RX_EYE_PLOT_ROWS_NUM MC_CMD_FC_UHLINK_RX_EYE_PLOT_ROWS_PER_BLOCK + +/* MC_CMD_FC_OUT_UHLINK_RX_TUNE msgresponse */ +#define MC_CMD_FC_OUT_UHLINK_RX_TUNE_LEN 0 + +/* MC_CMD_FC_OUT_UHLINK_LOOPBACK_SET msgresponse */ +#define MC_CMD_FC_OUT_UHLINK_LOOPBACK_SET_LEN 0 + +/* MC_CMD_FC_OUT_UHLINK_LOOPBACK_GET msgresponse */ +#define MC_CMD_FC_OUT_UHLINK_LOOPBACK_GET_LEN 4 +#define MC_CMD_FC_OUT_UHLINK_LOOPBACK_GET_STATE_OFST 0 +#define MC_CMD_FC_OUT_UHLINK_LOOPBACK_GET_STATE_LEN 4 + +/* MC_CMD_FC_OUT_UHLINK msgresponse */ +#define MC_CMD_FC_OUT_UHLINK_LEN 0 + +/* MC_CMD_FC_OUT_SET_LINK msgresponse */ +#define MC_CMD_FC_OUT_SET_LINK_LEN 0 + +/* MC_CMD_FC_OUT_LICENSE msgresponse */ +#define MC_CMD_FC_OUT_LICENSE_LEN 12 +/* Count of valid keys */ +#define MC_CMD_FC_OUT_LICENSE_VALID_KEYS_OFST 0 +#define MC_CMD_FC_OUT_LICENSE_VALID_KEYS_LEN 4 +/* Count of invalid keys */ +#define MC_CMD_FC_OUT_LICENSE_INVALID_KEYS_OFST 4 +#define MC_CMD_FC_OUT_LICENSE_INVALID_KEYS_LEN 4 +/* Count of blacklisted keys */ +#define MC_CMD_FC_OUT_LICENSE_BLACKLISTED_KEYS_OFST 8 +#define MC_CMD_FC_OUT_LICENSE_BLACKLISTED_KEYS_LEN 4 + +/* MC_CMD_FC_OUT_STARTUP msgresponse */ +#define MC_CMD_FC_OUT_STARTUP_LEN 4 +/* Capabilities of the FPGA/FC */ +#define MC_CMD_FC_OUT_STARTUP_CAPABILITIES_OFST 0 +#define MC_CMD_FC_OUT_STARTUP_CAPABILITIES_LEN 4 +#define MC_CMD_FC_OUT_STARTUP_CAN_ACCESS_FLASH_LBN 0 +#define MC_CMD_FC_OUT_STARTUP_CAN_ACCESS_FLASH_WIDTH 1 + +/* MC_CMD_FC_OUT_DMA_READ msgresponse */ +#define MC_CMD_FC_OUT_DMA_READ_LENMIN 1 +#define MC_CMD_FC_OUT_DMA_READ_LENMAX 252 +#define MC_CMD_FC_OUT_DMA_READ_LEN(num) (0+1*(num)) +/* The data read */ +#define MC_CMD_FC_OUT_DMA_READ_DATA_OFST 0 +#define MC_CMD_FC_OUT_DMA_READ_DATA_LEN 1 +#define MC_CMD_FC_OUT_DMA_READ_DATA_MINNUM 1 +#define MC_CMD_FC_OUT_DMA_READ_DATA_MAXNUM 252 + +/* MC_CMD_FC_OUT_TIMED_READ_SET msgresponse */ +#define MC_CMD_FC_OUT_TIMED_READ_SET_LEN 4 +/* Timer handle */ +#define MC_CMD_FC_OUT_TIMED_READ_SET_FC_HANDLE_OFST 0 +#define MC_CMD_FC_OUT_TIMED_READ_SET_FC_HANDLE_LEN 4 + +/* MC_CMD_FC_OUT_TIMED_READ_GET msgresponse */ +#define MC_CMD_FC_OUT_TIMED_READ_GET_LEN 52 +/* Host supplied handle (unique) */ +#define MC_CMD_FC_OUT_TIMED_READ_GET_HOST_HANDLE_OFST 0 +#define MC_CMD_FC_OUT_TIMED_READ_GET_HOST_HANDLE_LEN 4 +/* Address into which to transfer data in host */ +#define MC_CMD_FC_OUT_TIMED_READ_GET_HOST_DMA_ADDRESS_OFST 4 +#define MC_CMD_FC_OUT_TIMED_READ_GET_HOST_DMA_ADDRESS_LEN 8 +#define MC_CMD_FC_OUT_TIMED_READ_GET_HOST_DMA_ADDRESS_LO_OFST 4 +#define MC_CMD_FC_OUT_TIMED_READ_GET_HOST_DMA_ADDRESS_HI_OFST 8 +/* AOE address from which to transfer data */ +#define MC_CMD_FC_OUT_TIMED_READ_GET_AOE_ADDRESS_OFST 12 +#define MC_CMD_FC_OUT_TIMED_READ_GET_AOE_ADDRESS_LEN 8 +#define MC_CMD_FC_OUT_TIMED_READ_GET_AOE_ADDRESS_LO_OFST 12 +#define MC_CMD_FC_OUT_TIMED_READ_GET_AOE_ADDRESS_HI_OFST 16 +/* Length of AOE transfer (total) */ +#define MC_CMD_FC_OUT_TIMED_READ_GET_AOE_LENGTH_OFST 20 +#define MC_CMD_FC_OUT_TIMED_READ_GET_AOE_LENGTH_LEN 4 +/* Length of host transfer (total) */ +#define MC_CMD_FC_OUT_TIMED_READ_GET_HOST_LENGTH_OFST 24 +#define MC_CMD_FC_OUT_TIMED_READ_GET_HOST_LENGTH_LEN 4 +/* See FLAGS entry for MC_CMD_FC_IN_TIMED_READ_SET */ +#define MC_CMD_FC_OUT_TIMED_READ_GET_FLAGS_OFST 28 +#define MC_CMD_FC_OUT_TIMED_READ_GET_FLAGS_LEN 4 +#define MC_CMD_FC_OUT_TIMED_READ_GET_PERIOD_OFST 32 +#define MC_CMD_FC_OUT_TIMED_READ_GET_PERIOD_LEN 4 +/* When active, start read time */ +#define MC_CMD_FC_OUT_TIMED_READ_GET_CLOCK_START_OFST 36 +#define MC_CMD_FC_OUT_TIMED_READ_GET_CLOCK_START_LEN 8 +#define MC_CMD_FC_OUT_TIMED_READ_GET_CLOCK_START_LO_OFST 36 +#define MC_CMD_FC_OUT_TIMED_READ_GET_CLOCK_START_HI_OFST 40 +/* When active, end read time */ +#define MC_CMD_FC_OUT_TIMED_READ_GET_CLOCK_END_OFST 44 +#define MC_CMD_FC_OUT_TIMED_READ_GET_CLOCK_END_LEN 8 +#define MC_CMD_FC_OUT_TIMED_READ_GET_CLOCK_END_LO_OFST 44 +#define MC_CMD_FC_OUT_TIMED_READ_GET_CLOCK_END_HI_OFST 48 + +/* MC_CMD_FC_OUT_LOG_ADDR_RANGE msgresponse */ +#define MC_CMD_FC_OUT_LOG_ADDR_RANGE_LEN 0 + +/* MC_CMD_FC_OUT_LOG msgresponse */ +#define MC_CMD_FC_OUT_LOG_LEN 0 + +/* MC_CMD_FC_OUT_CLOCK_GET_TIME msgresponse */ +#define MC_CMD_FC_OUT_CLOCK_GET_TIME_LEN 24 +#define MC_CMD_FC_OUT_CLOCK_GET_TIME_CLOCK_ID_OFST 0 +#define MC_CMD_FC_OUT_CLOCK_GET_TIME_CLOCK_ID_LEN 4 +#define MC_CMD_FC_OUT_CLOCK_GET_TIME_SECONDS_OFST 4 +#define MC_CMD_FC_OUT_CLOCK_GET_TIME_SECONDS_LEN 8 +#define MC_CMD_FC_OUT_CLOCK_GET_TIME_SECONDS_LO_OFST 4 +#define MC_CMD_FC_OUT_CLOCK_GET_TIME_SECONDS_HI_OFST 8 +#define MC_CMD_FC_OUT_CLOCK_GET_TIME_NANOSECONDS_OFST 12 +#define MC_CMD_FC_OUT_CLOCK_GET_TIME_NANOSECONDS_LEN 4 +#define MC_CMD_FC_OUT_CLOCK_GET_TIME_RANGE_OFST 16 +#define MC_CMD_FC_OUT_CLOCK_GET_TIME_RANGE_LEN 4 +#define MC_CMD_FC_OUT_CLOCK_GET_TIME_PRECISION_OFST 20 +#define MC_CMD_FC_OUT_CLOCK_GET_TIME_PRECISION_LEN 4 + +/* MC_CMD_FC_OUT_CLOCK_SET_TIME msgresponse */ +#define MC_CMD_FC_OUT_CLOCK_SET_TIME_LEN 0 + +/* MC_CMD_FC_OUT_DDR_SET_SPD msgresponse */ +#define MC_CMD_FC_OUT_DDR_SET_SPD_LEN 0 + +/* MC_CMD_FC_OUT_DDR_SET_INFO msgresponse */ +#define MC_CMD_FC_OUT_DDR_SET_INFO_LEN 0 + +/* MC_CMD_FC_OUT_DDR_GET_STATUS msgresponse */ +#define MC_CMD_FC_OUT_DDR_GET_STATUS_LEN 4 +#define MC_CMD_FC_OUT_DDR_GET_STATUS_FLAGS_OFST 0 +#define MC_CMD_FC_OUT_DDR_GET_STATUS_FLAGS_LEN 4 +#define MC_CMD_FC_OUT_DDR_GET_STATUS_READY_LBN 0 +#define MC_CMD_FC_OUT_DDR_GET_STATUS_READY_WIDTH 1 +#define MC_CMD_FC_OUT_DDR_GET_STATUS_CALIBRATED_LBN 1 +#define MC_CMD_FC_OUT_DDR_GET_STATUS_CALIBRATED_WIDTH 1 + +/* MC_CMD_FC_OUT_TIMESTAMP_READ_TRANSMIT msgresponse */ +#define MC_CMD_FC_OUT_TIMESTAMP_READ_TRANSMIT_LEN 8 +#define MC_CMD_FC_OUT_TIMESTAMP_READ_TRANSMIT_SECONDS_OFST 0 +#define MC_CMD_FC_OUT_TIMESTAMP_READ_TRANSMIT_SECONDS_LEN 4 +#define MC_CMD_FC_OUT_TIMESTAMP_READ_TRANSMIT_NANOSECONDS_OFST 4 +#define MC_CMD_FC_OUT_TIMESTAMP_READ_TRANSMIT_NANOSECONDS_LEN 4 + +/* MC_CMD_FC_OUT_TIMESTAMP_READ_SNAPSHOT msgresponse */ +#define MC_CMD_FC_OUT_TIMESTAMP_READ_SNAPSHOT_LENMIN 8 +#define MC_CMD_FC_OUT_TIMESTAMP_READ_SNAPSHOT_LENMAX 248 +#define MC_CMD_FC_OUT_TIMESTAMP_READ_SNAPSHOT_LEN(num) (0+8*(num)) +#define MC_CMD_FC_OUT_TIMESTAMP_READ_SNAPSHOT_SECONDS_OFST 0 +#define MC_CMD_FC_OUT_TIMESTAMP_READ_SNAPSHOT_SECONDS_LEN 4 +#define MC_CMD_FC_OUT_TIMESTAMP_READ_SNAPSHOT_NANOSECONDS_OFST 4 +#define MC_CMD_FC_OUT_TIMESTAMP_READ_SNAPSHOT_NANOSECONDS_LEN 4 +#define MC_CMD_FC_OUT_TIMESTAMP_READ_SNAPSHOT_TIMESTAMP_OFST 0 +#define MC_CMD_FC_OUT_TIMESTAMP_READ_SNAPSHOT_TIMESTAMP_LEN 8 +#define MC_CMD_FC_OUT_TIMESTAMP_READ_SNAPSHOT_TIMESTAMP_LO_OFST 0 +#define MC_CMD_FC_OUT_TIMESTAMP_READ_SNAPSHOT_TIMESTAMP_HI_OFST 4 +#define MC_CMD_FC_OUT_TIMESTAMP_READ_SNAPSHOT_TIMESTAMP_MINNUM 0 +#define MC_CMD_FC_OUT_TIMESTAMP_READ_SNAPSHOT_TIMESTAMP_MAXNUM 31 + +/* MC_CMD_FC_OUT_SPI_READ msgresponse */ +#define MC_CMD_FC_OUT_SPI_READ_LENMIN 4 +#define MC_CMD_FC_OUT_SPI_READ_LENMAX 252 +#define MC_CMD_FC_OUT_SPI_READ_LEN(num) (0+4*(num)) +#define MC_CMD_FC_OUT_SPI_READ_BUFFER_OFST 0 +#define MC_CMD_FC_OUT_SPI_READ_BUFFER_LEN 4 +#define MC_CMD_FC_OUT_SPI_READ_BUFFER_MINNUM 1 +#define MC_CMD_FC_OUT_SPI_READ_BUFFER_MAXNUM 63 + +/* MC_CMD_FC_OUT_SPI_WRITE msgresponse */ +#define MC_CMD_FC_OUT_SPI_WRITE_LEN 0 + +/* MC_CMD_FC_OUT_SPI_ERASE msgresponse */ +#define MC_CMD_FC_OUT_SPI_ERASE_LEN 0 + +/* MC_CMD_FC_OUT_DIAG_POWER_NOISE_READ_CONFIG msgresponse */ +#define MC_CMD_FC_OUT_DIAG_POWER_NOISE_READ_CONFIG_LEN 8 +/* The 32-bit value read from the toggle count register */ +#define MC_CMD_FC_OUT_DIAG_POWER_NOISE_READ_CONFIG_TOGGLE_COUNT_OFST 0 +#define MC_CMD_FC_OUT_DIAG_POWER_NOISE_READ_CONFIG_TOGGLE_COUNT_LEN 4 +/* The 32-bit value read from the clock enable count register */ +#define MC_CMD_FC_OUT_DIAG_POWER_NOISE_READ_CONFIG_CLKEN_COUNT_OFST 4 +#define MC_CMD_FC_OUT_DIAG_POWER_NOISE_READ_CONFIG_CLKEN_COUNT_LEN 4 + +/* MC_CMD_FC_OUT_DIAG_POWER_NOISE_WRITE_CONFIG msgresponse */ +#define MC_CMD_FC_OUT_DIAG_POWER_NOISE_WRITE_CONFIG_LEN 0 + +/* MC_CMD_FC_OUT_DIAG_DDR_SOAK_START msgresponse */ +#define MC_CMD_FC_OUT_DIAG_DDR_SOAK_START_LEN 0 + +/* MC_CMD_FC_OUT_DIAG_DDR_SOAK_RESULT msgresponse */ +#define MC_CMD_FC_OUT_DIAG_DDR_SOAK_RESULT_LEN 8 +/* DDR soak test status word; bits [4:0] are relevant. */ +#define MC_CMD_FC_OUT_DIAG_DDR_SOAK_RESULT_STATUS_OFST 0 +#define MC_CMD_FC_OUT_DIAG_DDR_SOAK_RESULT_STATUS_LEN 4 +#define MC_CMD_FC_OUT_DIAG_DDR_SOAK_RESULT_PASSED_LBN 0 +#define MC_CMD_FC_OUT_DIAG_DDR_SOAK_RESULT_PASSED_WIDTH 1 +#define MC_CMD_FC_OUT_DIAG_DDR_SOAK_RESULT_FAILED_LBN 1 +#define MC_CMD_FC_OUT_DIAG_DDR_SOAK_RESULT_FAILED_WIDTH 1 +#define MC_CMD_FC_OUT_DIAG_DDR_SOAK_RESULT_COMPLETED_LBN 2 +#define MC_CMD_FC_OUT_DIAG_DDR_SOAK_RESULT_COMPLETED_WIDTH 1 +#define MC_CMD_FC_OUT_DIAG_DDR_SOAK_RESULT_TIMEOUT_LBN 3 +#define MC_CMD_FC_OUT_DIAG_DDR_SOAK_RESULT_TIMEOUT_WIDTH 1 +#define MC_CMD_FC_OUT_DIAG_DDR_SOAK_RESULT_PNF_LBN 4 +#define MC_CMD_FC_OUT_DIAG_DDR_SOAK_RESULT_PNF_WIDTH 1 +/* DDR soak test error count */ +#define MC_CMD_FC_OUT_DIAG_DDR_SOAK_RESULT_ERR_COUNT_OFST 4 +#define MC_CMD_FC_OUT_DIAG_DDR_SOAK_RESULT_ERR_COUNT_LEN 4 + +/* MC_CMD_FC_OUT_DIAG_DDR_SOAK_STOP msgresponse */ +#define MC_CMD_FC_OUT_DIAG_DDR_SOAK_STOP_LEN 0 + +/* MC_CMD_FC_OUT_DIAG_DDR_SOAK_ERROR msgresponse */ +#define MC_CMD_FC_OUT_DIAG_DDR_SOAK_ERROR_LEN 0 + +/* MC_CMD_FC_OUT_DIAG_DATAPATH_CTRL_SET_MODE msgresponse */ +#define MC_CMD_FC_OUT_DIAG_DATAPATH_CTRL_SET_MODE_LEN 0 + +/* MC_CMD_FC_OUT_DIAG_DATAPATH_CTRL_RAW_CONFIG msgresponse */ +#define MC_CMD_FC_OUT_DIAG_DATAPATH_CTRL_RAW_CONFIG_LEN 0 + + +/***********************************/ +/* MC_CMD_AOE + * AOE operations on MC + */ +#define MC_CMD_AOE 0xa + +/* MC_CMD_AOE_IN msgrequest */ +#define MC_CMD_AOE_IN_LEN 4 +#define MC_CMD_AOE_IN_OP_HDR_OFST 0 +#define MC_CMD_AOE_IN_OP_HDR_LEN 4 +#define MC_CMD_AOE_IN_OP_LBN 0 +#define MC_CMD_AOE_IN_OP_WIDTH 8 +/* enum: FPGA and CPLD information */ +#define MC_CMD_AOE_OP_INFO 0x1 +/* enum: Currents and voltages read from MCP3424s; DEBUG */ +#define MC_CMD_AOE_OP_CURRENTS 0x2 +/* enum: Temperatures at locations around the PCB; DEBUG */ +#define MC_CMD_AOE_OP_TEMPERATURES 0x3 +/* enum: Set CPLD to idle */ +#define MC_CMD_AOE_OP_CPLD_IDLE 0x4 +/* enum: Read from CPLD register */ +#define MC_CMD_AOE_OP_CPLD_READ 0x5 +/* enum: Write to CPLD register */ +#define MC_CMD_AOE_OP_CPLD_WRITE 0x6 +/* enum: Execute CPLD instruction */ +#define MC_CMD_AOE_OP_CPLD_INSTRUCTION 0x7 +/* enum: Reprogram the CPLD on the AOE device */ +#define MC_CMD_AOE_OP_CPLD_REPROGRAM 0x8 +/* enum: AOE power control */ +#define MC_CMD_AOE_OP_POWER 0x9 +/* enum: AOE image loading */ +#define MC_CMD_AOE_OP_LOAD 0xa +/* enum: Fan monitoring */ +#define MC_CMD_AOE_OP_FAN_CONTROL 0xb +/* enum: Fan failures since last reset */ +#define MC_CMD_AOE_OP_FAN_FAILURES 0xc +/* enum: Get generic AOE MAC statistics */ +#define MC_CMD_AOE_OP_MAC_STATS 0xd +/* enum: Retrieve PHY specific information */ +#define MC_CMD_AOE_OP_GET_PHY_MEDIA_INFO 0xe +/* enum: Write a number of JTAG primitive commands, return will give data */ +#define MC_CMD_AOE_OP_JTAG_WRITE 0xf +/* enum: Control access to the FPGA via the Siena JTAG Chain */ +#define MC_CMD_AOE_OP_FPGA_ACCESS 0x10 +/* enum: Set the MTU offset between Siena and AOE MACs */ +#define MC_CMD_AOE_OP_SET_MTU_OFFSET 0x11 +/* enum: How link state is handled */ +#define MC_CMD_AOE_OP_LINK_STATE 0x12 +/* enum: How Siena MAC statistics are reported (deprecated - use + * MC_CMD_AOE_OP_ASIC_STATS) + */ +#define MC_CMD_AOE_OP_SIENA_STATS 0x13 +/* enum: How native ASIC MAC statistics are reported - replaces the deprecated + * command MC_CMD_AOE_OP_SIENA_STATS + */ +#define MC_CMD_AOE_OP_ASIC_STATS 0x13 +/* enum: DDR memory information */ +#define MC_CMD_AOE_OP_DDR 0x14 +/* enum: FC control */ +#define MC_CMD_AOE_OP_FC 0x15 +/* enum: DDR ECC status reads */ +#define MC_CMD_AOE_OP_DDR_ECC_STATUS 0x16 +/* enum: Commands for MC-SPI Master emulation */ +#define MC_CMD_AOE_OP_MC_SPI_MASTER 0x17 +/* enum: Commands for FC boot control */ +#define MC_CMD_AOE_OP_FC_BOOT 0x18 +/* enum: Get number of internal ports */ +#define MC_CMD_AOE_OP_GET_ASIC_PORTS 0x19 +/* enum: Get FC assert information and register dump */ +#define MC_CMD_AOE_OP_GET_FC_ASSERT_INFO 0x1a + +/* MC_CMD_AOE_OUT msgresponse */ +#define MC_CMD_AOE_OUT_LEN 0 + +/* MC_CMD_AOE_IN_INFO msgrequest */ +#define MC_CMD_AOE_IN_INFO_LEN 4 +#define MC_CMD_AOE_IN_CMD_OFST 0 +#define MC_CMD_AOE_IN_CMD_LEN 4 + +/* MC_CMD_AOE_IN_CURRENTS msgrequest */ +#define MC_CMD_AOE_IN_CURRENTS_LEN 4 +/* MC_CMD_AOE_IN_CMD_OFST 0 */ +/* MC_CMD_AOE_IN_CMD_LEN 4 */ + +/* MC_CMD_AOE_IN_TEMPERATURES msgrequest */ +#define MC_CMD_AOE_IN_TEMPERATURES_LEN 4 +/* MC_CMD_AOE_IN_CMD_OFST 0 */ +/* MC_CMD_AOE_IN_CMD_LEN 4 */ + +/* MC_CMD_AOE_IN_CPLD_IDLE msgrequest */ +#define MC_CMD_AOE_IN_CPLD_IDLE_LEN 4 +/* MC_CMD_AOE_IN_CMD_OFST 0 */ +/* MC_CMD_AOE_IN_CMD_LEN 4 */ + +/* MC_CMD_AOE_IN_CPLD_READ msgrequest */ +#define MC_CMD_AOE_IN_CPLD_READ_LEN 12 +/* MC_CMD_AOE_IN_CMD_OFST 0 */ +/* MC_CMD_AOE_IN_CMD_LEN 4 */ +#define MC_CMD_AOE_IN_CPLD_READ_REGISTER_OFST 4 +#define MC_CMD_AOE_IN_CPLD_READ_REGISTER_LEN 4 +#define MC_CMD_AOE_IN_CPLD_READ_WIDTH_OFST 8 +#define MC_CMD_AOE_IN_CPLD_READ_WIDTH_LEN 4 + +/* MC_CMD_AOE_IN_CPLD_WRITE msgrequest */ +#define MC_CMD_AOE_IN_CPLD_WRITE_LEN 16 +/* MC_CMD_AOE_IN_CMD_OFST 0 */ +/* MC_CMD_AOE_IN_CMD_LEN 4 */ +#define MC_CMD_AOE_IN_CPLD_WRITE_REGISTER_OFST 4 +#define MC_CMD_AOE_IN_CPLD_WRITE_REGISTER_LEN 4 +#define MC_CMD_AOE_IN_CPLD_WRITE_WIDTH_OFST 8 +#define MC_CMD_AOE_IN_CPLD_WRITE_WIDTH_LEN 4 +#define MC_CMD_AOE_IN_CPLD_WRITE_VALUE_OFST 12 +#define MC_CMD_AOE_IN_CPLD_WRITE_VALUE_LEN 4 + +/* MC_CMD_AOE_IN_CPLD_INSTRUCTION msgrequest */ +#define MC_CMD_AOE_IN_CPLD_INSTRUCTION_LEN 8 +/* MC_CMD_AOE_IN_CMD_OFST 0 */ +/* MC_CMD_AOE_IN_CMD_LEN 4 */ +#define MC_CMD_AOE_IN_CPLD_INSTRUCTION_INSTRUCTION_OFST 4 +#define MC_CMD_AOE_IN_CPLD_INSTRUCTION_INSTRUCTION_LEN 4 + +/* MC_CMD_AOE_IN_CPLD_REPROGRAM msgrequest */ +#define MC_CMD_AOE_IN_CPLD_REPROGRAM_LEN 8 +/* MC_CMD_AOE_IN_CMD_OFST 0 */ +/* MC_CMD_AOE_IN_CMD_LEN 4 */ +#define MC_CMD_AOE_IN_CPLD_REPROGRAM_OP_OFST 4 +#define MC_CMD_AOE_IN_CPLD_REPROGRAM_OP_LEN 4 +/* enum: Reprogram CPLD, poll for completion */ +#define MC_CMD_AOE_IN_CPLD_REPROGRAM_REPROGRAM 0x1 +/* enum: Reprogram CPLD, send event on completion */ +#define MC_CMD_AOE_IN_CPLD_REPROGRAM_REPROGRAM_EVENT 0x3 +/* enum: Get status of reprogramming operation */ +#define MC_CMD_AOE_IN_CPLD_REPROGRAM_STATUS 0x4 + +/* MC_CMD_AOE_IN_POWER msgrequest */ +#define MC_CMD_AOE_IN_POWER_LEN 8 +/* MC_CMD_AOE_IN_CMD_OFST 0 */ +/* MC_CMD_AOE_IN_CMD_LEN 4 */ +/* Turn on or off AOE power */ +#define MC_CMD_AOE_IN_POWER_OP_OFST 4 +#define MC_CMD_AOE_IN_POWER_OP_LEN 4 +/* enum: Turn off FPGA power */ +#define MC_CMD_AOE_IN_POWER_OFF 0x0 +/* enum: Turn on FPGA power */ +#define MC_CMD_AOE_IN_POWER_ON 0x1 +/* enum: Clear peak power measurement */ +#define MC_CMD_AOE_IN_POWER_CLEAR 0x2 +/* enum: Show current power in sensors output */ +#define MC_CMD_AOE_IN_POWER_SHOW_CURRENT 0x3 +/* enum: Show peak power in sensors output */ +#define MC_CMD_AOE_IN_POWER_SHOW_PEAK 0x4 +/* enum: Show current DDR current */ +#define MC_CMD_AOE_IN_POWER_DDR_LAST 0x5 +/* enum: Show peak DDR current */ +#define MC_CMD_AOE_IN_POWER_DDR_PEAK 0x6 +/* enum: Clear peak DDR current */ +#define MC_CMD_AOE_IN_POWER_DDR_CLEAR 0x7 + +/* MC_CMD_AOE_IN_LOAD msgrequest */ +#define MC_CMD_AOE_IN_LOAD_LEN 8 +/* MC_CMD_AOE_IN_CMD_OFST 0 */ +/* MC_CMD_AOE_IN_CMD_LEN 4 */ +/* Image to be loaded (0 - main or 1 - diagnostic) to load in normal sequence + */ +#define MC_CMD_AOE_IN_LOAD_IMAGE_OFST 4 +#define MC_CMD_AOE_IN_LOAD_IMAGE_LEN 4 + +/* MC_CMD_AOE_IN_FAN_CONTROL msgrequest */ +#define MC_CMD_AOE_IN_FAN_CONTROL_LEN 8 +/* MC_CMD_AOE_IN_CMD_OFST 0 */ +/* MC_CMD_AOE_IN_CMD_LEN 4 */ +/* If non zero report measured fan RPM rather than nominal */ +#define MC_CMD_AOE_IN_FAN_CONTROL_REAL_RPM_OFST 4 +#define MC_CMD_AOE_IN_FAN_CONTROL_REAL_RPM_LEN 4 + +/* MC_CMD_AOE_IN_FAN_FAILURES msgrequest */ +#define MC_CMD_AOE_IN_FAN_FAILURES_LEN 4 +/* MC_CMD_AOE_IN_CMD_OFST 0 */ +/* MC_CMD_AOE_IN_CMD_LEN 4 */ + +/* MC_CMD_AOE_IN_MAC_STATS msgrequest */ +#define MC_CMD_AOE_IN_MAC_STATS_LEN 24 +/* MC_CMD_AOE_IN_CMD_OFST 0 */ +/* MC_CMD_AOE_IN_CMD_LEN 4 */ +/* AOE port */ +#define MC_CMD_AOE_IN_MAC_STATS_PORT_OFST 4 +#define MC_CMD_AOE_IN_MAC_STATS_PORT_LEN 4 +/* Host memory address for statistics */ +#define MC_CMD_AOE_IN_MAC_STATS_DMA_ADDR_OFST 8 +#define MC_CMD_AOE_IN_MAC_STATS_DMA_ADDR_LEN 8 +#define MC_CMD_AOE_IN_MAC_STATS_DMA_ADDR_LO_OFST 8 +#define MC_CMD_AOE_IN_MAC_STATS_DMA_ADDR_HI_OFST 12 +#define MC_CMD_AOE_IN_MAC_STATS_CMD_OFST 16 +#define MC_CMD_AOE_IN_MAC_STATS_CMD_LEN 4 +#define MC_CMD_AOE_IN_MAC_STATS_DMA_LBN 0 +#define MC_CMD_AOE_IN_MAC_STATS_DMA_WIDTH 1 +#define MC_CMD_AOE_IN_MAC_STATS_CLEAR_LBN 1 +#define MC_CMD_AOE_IN_MAC_STATS_CLEAR_WIDTH 1 +#define MC_CMD_AOE_IN_MAC_STATS_PERIODIC_CHANGE_LBN 2 +#define MC_CMD_AOE_IN_MAC_STATS_PERIODIC_CHANGE_WIDTH 1 +#define MC_CMD_AOE_IN_MAC_STATS_PERIODIC_ENABLE_LBN 3 +#define MC_CMD_AOE_IN_MAC_STATS_PERIODIC_ENABLE_WIDTH 1 +#define MC_CMD_AOE_IN_MAC_STATS_PERIODIC_CLEAR_LBN 4 +#define MC_CMD_AOE_IN_MAC_STATS_PERIODIC_CLEAR_WIDTH 1 +#define MC_CMD_AOE_IN_MAC_STATS_PERIODIC_NOEVENT_LBN 5 +#define MC_CMD_AOE_IN_MAC_STATS_PERIODIC_NOEVENT_WIDTH 1 +#define MC_CMD_AOE_IN_MAC_STATS_PERIOD_MS_LBN 16 +#define MC_CMD_AOE_IN_MAC_STATS_PERIOD_MS_WIDTH 16 +/* Length of DMA data (optional) */ +#define MC_CMD_AOE_IN_MAC_STATS_DMA_LEN_OFST 20 +#define MC_CMD_AOE_IN_MAC_STATS_DMA_LEN_LEN 4 + +/* MC_CMD_AOE_IN_GET_PHY_MEDIA_INFO msgrequest */ +#define MC_CMD_AOE_IN_GET_PHY_MEDIA_INFO_LEN 12 +/* MC_CMD_AOE_IN_CMD_OFST 0 */ +/* MC_CMD_AOE_IN_CMD_LEN 4 */ +/* AOE port */ +#define MC_CMD_AOE_IN_GET_PHY_MEDIA_INFO_PORT_OFST 4 +#define MC_CMD_AOE_IN_GET_PHY_MEDIA_INFO_PORT_LEN 4 +#define MC_CMD_AOE_IN_GET_PHY_MEDIA_INFO_PAGE_OFST 8 +#define MC_CMD_AOE_IN_GET_PHY_MEDIA_INFO_PAGE_LEN 4 + +/* MC_CMD_AOE_IN_JTAG_WRITE msgrequest */ +#define MC_CMD_AOE_IN_JTAG_WRITE_LENMIN 12 +#define MC_CMD_AOE_IN_JTAG_WRITE_LENMAX 252 +#define MC_CMD_AOE_IN_JTAG_WRITE_LEN(num) (8+4*(num)) +/* MC_CMD_AOE_IN_CMD_OFST 0 */ +/* MC_CMD_AOE_IN_CMD_LEN 4 */ +#define MC_CMD_AOE_IN_JTAG_WRITE_DATALEN_OFST 4 +#define MC_CMD_AOE_IN_JTAG_WRITE_DATALEN_LEN 4 +#define MC_CMD_AOE_IN_JTAG_WRITE_DATA_OFST 8 +#define MC_CMD_AOE_IN_JTAG_WRITE_DATA_LEN 4 +#define MC_CMD_AOE_IN_JTAG_WRITE_DATA_MINNUM 1 +#define MC_CMD_AOE_IN_JTAG_WRITE_DATA_MAXNUM 61 + +/* MC_CMD_AOE_IN_FPGA_ACCESS msgrequest */ +#define MC_CMD_AOE_IN_FPGA_ACCESS_LEN 8 +/* MC_CMD_AOE_IN_CMD_OFST 0 */ +/* MC_CMD_AOE_IN_CMD_LEN 4 */ +/* Enable or disable access */ +#define MC_CMD_AOE_IN_FPGA_ACCESS_OP_OFST 4 +#define MC_CMD_AOE_IN_FPGA_ACCESS_OP_LEN 4 +/* enum: Enable access */ +#define MC_CMD_AOE_IN_FPGA_ACCESS_ENABLE 0x1 +/* enum: Disable access */ +#define MC_CMD_AOE_IN_FPGA_ACCESS_DISABLE 0x2 + +/* MC_CMD_AOE_IN_SET_MTU_OFFSET msgrequest */ +#define MC_CMD_AOE_IN_SET_MTU_OFFSET_LEN 12 +/* MC_CMD_AOE_IN_CMD_OFST 0 */ +/* MC_CMD_AOE_IN_CMD_LEN 4 */ +/* AOE port - when not ALL_EXTERNAL or ALL_INTERNAL specifies port number */ +#define MC_CMD_AOE_IN_SET_MTU_OFFSET_PORT_OFST 4 +#define MC_CMD_AOE_IN_SET_MTU_OFFSET_PORT_LEN 4 +/* enum: Apply to all external ports */ +#define MC_CMD_AOE_IN_SET_MTU_OFFSET_ALL_EXTERNAL 0x8000 +/* enum: Apply to all internal ports */ +#define MC_CMD_AOE_IN_SET_MTU_OFFSET_ALL_INTERNAL 0x4000 +/* The MTU offset to be applied to the external ports */ +#define MC_CMD_AOE_IN_SET_MTU_OFFSET_OFFSET_OFST 8 +#define MC_CMD_AOE_IN_SET_MTU_OFFSET_OFFSET_LEN 4 + +/* MC_CMD_AOE_IN_LINK_STATE msgrequest */ +#define MC_CMD_AOE_IN_LINK_STATE_LEN 8 +/* MC_CMD_AOE_IN_CMD_OFST 0 */ +/* MC_CMD_AOE_IN_CMD_LEN 4 */ +#define MC_CMD_AOE_IN_LINK_STATE_MODE_OFST 4 +#define MC_CMD_AOE_IN_LINK_STATE_MODE_LEN 4 +#define MC_CMD_AOE_IN_LINK_STATE_CONFIG_MODE_LBN 0 +#define MC_CMD_AOE_IN_LINK_STATE_CONFIG_MODE_WIDTH 8 +/* enum: AOE and associated external port */ +#define MC_CMD_AOE_IN_LINK_STATE_SIMPLE_SEPARATE 0x0 +/* enum: AOE and OR of all external ports */ +#define MC_CMD_AOE_IN_LINK_STATE_SIMPLE_COMBINED 0x1 +/* enum: Individual ports */ +#define MC_CMD_AOE_IN_LINK_STATE_DIAGNOSTIC 0x2 +/* enum: Configure link state mode on given AOE port */ +#define MC_CMD_AOE_IN_LINK_STATE_CUSTOM 0x3 +#define MC_CMD_AOE_IN_LINK_STATE_OPERATION_LBN 8 +#define MC_CMD_AOE_IN_LINK_STATE_OPERATION_WIDTH 8 +/* enum: No-op */ +#define MC_CMD_AOE_IN_LINK_STATE_OP_NONE 0x0 +/* enum: logical OR of all SFP ports link status */ +#define MC_CMD_AOE_IN_LINK_STATE_OP_OR 0x1 +/* enum: logical AND of all SFP ports link status */ +#define MC_CMD_AOE_IN_LINK_STATE_OP_AND 0x2 +#define MC_CMD_AOE_IN_LINK_STATE_SFP_MASK_LBN 16 +#define MC_CMD_AOE_IN_LINK_STATE_SFP_MASK_WIDTH 16 + +/* MC_CMD_AOE_IN_GET_ASIC_PORTS msgrequest */ +#define MC_CMD_AOE_IN_GET_ASIC_PORTS_LEN 4 +/* MC_CMD_AOE_IN_CMD_OFST 0 */ +/* MC_CMD_AOE_IN_CMD_LEN 4 */ + +/* MC_CMD_AOE_IN_GET_FC_ASSERT_INFO msgrequest */ +#define MC_CMD_AOE_IN_GET_FC_ASSERT_INFO_LEN 4 +/* MC_CMD_AOE_IN_CMD_OFST 0 */ +/* MC_CMD_AOE_IN_CMD_LEN 4 */ + +/* MC_CMD_AOE_IN_SIENA_STATS msgrequest */ +#define MC_CMD_AOE_IN_SIENA_STATS_LEN 8 +/* MC_CMD_AOE_IN_CMD_OFST 0 */ +/* MC_CMD_AOE_IN_CMD_LEN 4 */ +/* How MAC statistics are reported */ +#define MC_CMD_AOE_IN_SIENA_STATS_MODE_OFST 4 +#define MC_CMD_AOE_IN_SIENA_STATS_MODE_LEN 4 +/* enum: Statistics from Siena (default) */ +#define MC_CMD_AOE_IN_SIENA_STATS_STATS_SIENA 0x0 +/* enum: Statistics from AOE external ports */ +#define MC_CMD_AOE_IN_SIENA_STATS_STATS_AOE 0x1 + +/* MC_CMD_AOE_IN_ASIC_STATS msgrequest */ +#define MC_CMD_AOE_IN_ASIC_STATS_LEN 8 +/* MC_CMD_AOE_IN_CMD_OFST 0 */ +/* MC_CMD_AOE_IN_CMD_LEN 4 */ +/* How MAC statistics are reported */ +#define MC_CMD_AOE_IN_ASIC_STATS_MODE_OFST 4 +#define MC_CMD_AOE_IN_ASIC_STATS_MODE_LEN 4 +/* enum: Statistics from the ASIC (default) */ +#define MC_CMD_AOE_IN_ASIC_STATS_STATS_ASIC 0x0 +/* enum: Statistics from AOE external ports */ +#define MC_CMD_AOE_IN_ASIC_STATS_STATS_AOE 0x1 + +/* MC_CMD_AOE_IN_DDR msgrequest */ +#define MC_CMD_AOE_IN_DDR_LEN 12 +/* MC_CMD_AOE_IN_CMD_OFST 0 */ +/* MC_CMD_AOE_IN_CMD_LEN 4 */ +#define MC_CMD_AOE_IN_DDR_BANK_OFST 4 +#define MC_CMD_AOE_IN_DDR_BANK_LEN 4 +/* Enum values, see field(s): */ +/* MC_CMD_FC/MC_CMD_FC_IN_DDR/MC_CMD_FC_IN_DDR_BANK */ +/* Page index of SPD data */ +#define MC_CMD_AOE_IN_DDR_SPD_PAGE_ID_OFST 8 +#define MC_CMD_AOE_IN_DDR_SPD_PAGE_ID_LEN 4 + +/* MC_CMD_AOE_IN_FC msgrequest */ +#define MC_CMD_AOE_IN_FC_LEN 4 +/* MC_CMD_AOE_IN_CMD_OFST 0 */ +/* MC_CMD_AOE_IN_CMD_LEN 4 */ + +/* MC_CMD_AOE_IN_DDR_ECC_STATUS msgrequest */ +#define MC_CMD_AOE_IN_DDR_ECC_STATUS_LEN 8 +/* MC_CMD_AOE_IN_CMD_OFST 0 */ +/* MC_CMD_AOE_IN_CMD_LEN 4 */ +#define MC_CMD_AOE_IN_DDR_ECC_STATUS_BANK_OFST 4 +#define MC_CMD_AOE_IN_DDR_ECC_STATUS_BANK_LEN 4 +/* Enum values, see field(s): */ +/* MC_CMD_FC/MC_CMD_FC_IN_DDR/MC_CMD_FC_IN_DDR_BANK */ + +/* MC_CMD_AOE_IN_MC_SPI_MASTER msgrequest */ +#define MC_CMD_AOE_IN_MC_SPI_MASTER_LEN 8 +/* MC_CMD_AOE_IN_CMD_OFST 0 */ +/* MC_CMD_AOE_IN_CMD_LEN 4 */ +/* Basic commands for MC SPI Master emulation. */ +#define MC_CMD_AOE_IN_MC_SPI_MASTER_OP_OFST 4 +#define MC_CMD_AOE_IN_MC_SPI_MASTER_OP_LEN 4 +/* enum: MC SPI read */ +#define MC_CMD_AOE_IN_MC_SPI_MASTER_READ 0x0 +/* enum: MC SPI write */ +#define MC_CMD_AOE_IN_MC_SPI_MASTER_WRITE 0x1 + +/* MC_CMD_AOE_IN_MC_SPI_MASTER_READ msgrequest */ +#define MC_CMD_AOE_IN_MC_SPI_MASTER_READ_LEN 12 +/* MC_CMD_AOE_IN_CMD_OFST 0 */ +/* MC_CMD_AOE_IN_CMD_LEN 4 */ +#define MC_CMD_AOE_IN_MC_SPI_MASTER_READ_OP_OFST 4 +#define MC_CMD_AOE_IN_MC_SPI_MASTER_READ_OP_LEN 4 +#define MC_CMD_AOE_IN_MC_SPI_MASTER_READ_OFFSET_OFST 8 +#define MC_CMD_AOE_IN_MC_SPI_MASTER_READ_OFFSET_LEN 4 + +/* MC_CMD_AOE_IN_MC_SPI_MASTER_WRITE msgrequest */ +#define MC_CMD_AOE_IN_MC_SPI_MASTER_WRITE_LEN 16 +/* MC_CMD_AOE_IN_CMD_OFST 0 */ +/* MC_CMD_AOE_IN_CMD_LEN 4 */ +#define MC_CMD_AOE_IN_MC_SPI_MASTER_WRITE_OP_OFST 4 +#define MC_CMD_AOE_IN_MC_SPI_MASTER_WRITE_OP_LEN 4 +#define MC_CMD_AOE_IN_MC_SPI_MASTER_WRITE_OFFSET_OFST 8 +#define MC_CMD_AOE_IN_MC_SPI_MASTER_WRITE_OFFSET_LEN 4 +#define MC_CMD_AOE_IN_MC_SPI_MASTER_WRITE_DATA_OFST 12 +#define MC_CMD_AOE_IN_MC_SPI_MASTER_WRITE_DATA_LEN 4 + +/* MC_CMD_AOE_IN_FC_BOOT msgrequest */ +#define MC_CMD_AOE_IN_FC_BOOT_LEN 8 +/* MC_CMD_AOE_IN_CMD_OFST 0 */ +/* MC_CMD_AOE_IN_CMD_LEN 4 */ +/* FC boot control flags */ +#define MC_CMD_AOE_IN_FC_BOOT_CONTROL_OFST 4 +#define MC_CMD_AOE_IN_FC_BOOT_CONTROL_LEN 4 +#define MC_CMD_AOE_IN_FC_BOOT_CONTROL_BOOT_ENABLE_LBN 0 +#define MC_CMD_AOE_IN_FC_BOOT_CONTROL_BOOT_ENABLE_WIDTH 1 + +/* MC_CMD_AOE_OUT_GET_FC_ASSERT_INFO msgresponse */ +#define MC_CMD_AOE_OUT_GET_FC_ASSERT_INFO_LEN 144 +/* Assertion status flag. */ +#define MC_CMD_AOE_OUT_GET_FC_ASSERT_INFO_GLOBAL_FLAGS_OFST 0 +#define MC_CMD_AOE_OUT_GET_FC_ASSERT_INFO_GLOBAL_FLAGS_LEN 4 +#define MC_CMD_AOE_OUT_GET_FC_ASSERT_INFO_STATE_LBN 8 +#define MC_CMD_AOE_OUT_GET_FC_ASSERT_INFO_STATE_WIDTH 8 +/* enum: No crash data available */ +/* MC_CMD_FC_GET_ASSERT_FLAGS_STATE_CLEAR 0x0 */ +/* enum: New crash data available */ +/* MC_CMD_FC_GET_ASSERT_FLAGS_STATE_NEW 0x1 */ +/* enum: Crash data has been sent */ +/* MC_CMD_FC_GET_ASSERT_FLAGS_STATE_NOTIFIED 0x2 */ +#define MC_CMD_AOE_OUT_GET_FC_ASSERT_INFO_TYPE_LBN 0 +#define MC_CMD_AOE_OUT_GET_FC_ASSERT_INFO_TYPE_WIDTH 8 +/* enum: No crash has been recorded. */ +/* MC_CMD_FC_GET_ASSERT_FLAGS_TYPE_NONE 0x0 */ +/* enum: Crash due to exception. */ +/* MC_CMD_FC_GET_ASSERT_FLAGS_TYPE_EXCEPTION 0x1 */ +/* enum: Crash due to assertion. */ +/* MC_CMD_FC_GET_ASSERT_FLAGS_TYPE_ASSERTION 0x2 */ +/* Failing PC value */ +#define MC_CMD_AOE_OUT_GET_FC_ASSERT_INFO_SAVED_PC_OFFS_OFST 4 +#define MC_CMD_AOE_OUT_GET_FC_ASSERT_INFO_SAVED_PC_OFFS_LEN 4 +/* Saved GP regs */ +#define MC_CMD_AOE_OUT_GET_FC_ASSERT_INFO_GP_REGS_OFFS_OFST 8 +#define MC_CMD_AOE_OUT_GET_FC_ASSERT_INFO_GP_REGS_OFFS_LEN 4 +#define MC_CMD_AOE_OUT_GET_FC_ASSERT_INFO_GP_REGS_OFFS_NUM 31 +/* Exception Type */ +#define MC_CMD_AOE_OUT_GET_FC_ASSERT_INFO_EXCEPTION_TYPE_OFFS_OFST 132 +#define MC_CMD_AOE_OUT_GET_FC_ASSERT_INFO_EXCEPTION_TYPE_OFFS_LEN 4 +/* Instruction at which exception occurred */ +#define MC_CMD_AOE_OUT_GET_FC_ASSERT_INFO_EXCEPTION_PC_ADDR_OFFS_OFST 136 +#define MC_CMD_AOE_OUT_GET_FC_ASSERT_INFO_EXCEPTION_PC_ADDR_OFFS_LEN 4 +/* BAD Address that triggered address-based exception */ +#define MC_CMD_AOE_OUT_GET_FC_ASSERT_INFO_EXCEPTION_BAD_ADDR_OFFS_OFST 140 +#define MC_CMD_AOE_OUT_GET_FC_ASSERT_INFO_EXCEPTION_BAD_ADDR_OFFS_LEN 4 + +/* MC_CMD_AOE_OUT_INFO msgresponse */ +#define MC_CMD_AOE_OUT_INFO_LEN 44 +/* JTAG IDCODE of CPLD */ +#define MC_CMD_AOE_OUT_INFO_CPLD_IDCODE_OFST 0 +#define MC_CMD_AOE_OUT_INFO_CPLD_IDCODE_LEN 4 +/* Version of CPLD */ +#define MC_CMD_AOE_OUT_INFO_CPLD_VERSION_OFST 4 +#define MC_CMD_AOE_OUT_INFO_CPLD_VERSION_LEN 4 +/* JTAG IDCODE of FPGA */ +#define MC_CMD_AOE_OUT_INFO_FPGA_IDCODE_OFST 8 +#define MC_CMD_AOE_OUT_INFO_FPGA_IDCODE_LEN 4 +/* JTAG USERCODE of FPGA */ +#define MC_CMD_AOE_OUT_INFO_FPGA_VERSION_OFST 12 +#define MC_CMD_AOE_OUT_INFO_FPGA_VERSION_LEN 4 +/* FPGA type - read from CPLD straps */ +#define MC_CMD_AOE_OUT_INFO_FPGA_TYPE_OFST 16 +#define MC_CMD_AOE_OUT_INFO_FPGA_TYPE_LEN 4 +#define MC_CMD_AOE_OUT_INFO_FPGA_TYPE_A5_C2 0x1 /* enum */ +#define MC_CMD_AOE_OUT_INFO_FPGA_TYPE_A7_C2 0x2 /* enum */ +/* FPGA state (debug) */ +#define MC_CMD_AOE_OUT_INFO_FPGA_STATE_OFST 20 +#define MC_CMD_AOE_OUT_INFO_FPGA_STATE_LEN 4 +/* FPGA image - partition from which loaded */ +#define MC_CMD_AOE_OUT_INFO_FPGA_IMAGE_OFST 24 +#define MC_CMD_AOE_OUT_INFO_FPGA_IMAGE_LEN 4 +/* FC state */ +#define MC_CMD_AOE_OUT_INFO_FC_STATE_OFST 28 +#define MC_CMD_AOE_OUT_INFO_FC_STATE_LEN 4 +/* enum: Set if watchdog working */ +#define MC_CMD_AOE_OUT_INFO_WATCHDOG 0x1 +/* enum: Set if MC-FC communications working */ +#define MC_CMD_AOE_OUT_INFO_COMMS 0x2 +/* Random pieces of information */ +#define MC_CMD_AOE_OUT_INFO_FLAGS_OFST 32 +#define MC_CMD_AOE_OUT_INFO_FLAGS_LEN 4 +/* enum: Power to FPGA supplied by PEG connector, not PCIe bus */ +#define MC_CMD_AOE_OUT_INFO_PEG_POWER 0x1 +/* enum: CPLD apparently good */ +#define MC_CMD_AOE_OUT_INFO_CPLD_GOOD 0x2 +/* enum: FPGA working normally */ +#define MC_CMD_AOE_OUT_INFO_FPGA_GOOD 0x4 +/* enum: FPGA is powered */ +#define MC_CMD_AOE_OUT_INFO_FPGA_POWER 0x8 +/* enum: Board has incompatible SODIMMs fitted */ +#define MC_CMD_AOE_OUT_INFO_BAD_SODIMM 0x10 +/* enum: Board has ByteBlaster connected */ +#define MC_CMD_AOE_OUT_INFO_HAS_BYTEBLASTER 0x20 +/* enum: FPGA Boot flash has an invalid header. */ +#define MC_CMD_AOE_OUT_INFO_FPGA_BAD_BOOT_HDR 0x40 +/* enum: FPGA Application flash is accessible. */ +#define MC_CMD_AOE_OUT_INFO_FPGA_APP_FLASH_GOOD 0x80 +/* Revision of Modena and Sorrento boards. Sorrento can be R1_2 or R1_3. */ +#define MC_CMD_AOE_OUT_INFO_BOARD_REVISION_OFST 36 +#define MC_CMD_AOE_OUT_INFO_BOARD_REVISION_LEN 4 +#define MC_CMD_AOE_OUT_INFO_UNKNOWN 0x0 /* enum */ +#define MC_CMD_AOE_OUT_INFO_R1_0 0x10 /* enum */ +#define MC_CMD_AOE_OUT_INFO_R1_1 0x11 /* enum */ +#define MC_CMD_AOE_OUT_INFO_R1_2 0x12 /* enum */ +#define MC_CMD_AOE_OUT_INFO_R1_3 0x13 /* enum */ +/* Result of FC booting - not valid while a ByteBlaster is connected. */ +#define MC_CMD_AOE_OUT_INFO_FC_BOOT_RESULT_OFST 40 +#define MC_CMD_AOE_OUT_INFO_FC_BOOT_RESULT_LEN 4 +/* enum: No error */ +#define MC_CMD_AOE_OUT_INFO_FC_BOOT_FAIL_NO_ERROR 0x0 +/* enum: Bad address set in CPLD */ +#define MC_CMD_AOE_OUT_INFO_FC_BOOT_FAIL_BAD_ADDRESS 0x1 +/* enum: Bad header */ +#define MC_CMD_AOE_OUT_INFO_FC_BOOT_FAIL_BAD_MAGIC 0x2 +/* enum: Bad text section details */ +#define MC_CMD_AOE_OUT_INFO_FC_BOOT_FAIL_BAD_TEXT 0x3 +/* enum: Bad checksum */ +#define MC_CMD_AOE_OUT_INFO_FC_BOOT_FAIL_BAD_CHECKSUM 0x4 +/* enum: Bad BSP */ +#define MC_CMD_AOE_OUT_INFO_FC_BOOT_FAIL_BAD_BSP 0x5 +/* enum: Flash mode is invalid */ +#define MC_CMD_AOE_OUT_INFO_FC_BOOT_FAIL_INVALID_FLASH_MODE 0x6 +/* enum: FC application loaded and execution attempted */ +#define MC_CMD_AOE_OUT_INFO_FC_BOOT_APP_EXECUTE 0x80 +/* enum: FC application Started */ +#define MC_CMD_AOE_OUT_INFO_FC_BOOT_APP_STARTED 0x81 +/* enum: No bootrom in FPGA */ +#define MC_CMD_AOE_OUT_INFO_FC_BOOT_NO_BOOTROM 0xff + +/* MC_CMD_AOE_OUT_CURRENTS msgresponse */ +#define MC_CMD_AOE_OUT_CURRENTS_LEN 68 +/* Set of currents and voltages (mA or mV as appropriate) */ +#define MC_CMD_AOE_OUT_CURRENTS_VALUES_OFST 0 +#define MC_CMD_AOE_OUT_CURRENTS_VALUES_LEN 4 +#define MC_CMD_AOE_OUT_CURRENTS_VALUES_NUM 17 +#define MC_CMD_AOE_OUT_CURRENTS_I_2V5 0x0 /* enum */ +#define MC_CMD_AOE_OUT_CURRENTS_I_1V8 0x1 /* enum */ +#define MC_CMD_AOE_OUT_CURRENTS_I_GXB 0x2 /* enum */ +#define MC_CMD_AOE_OUT_CURRENTS_I_PGM 0x3 /* enum */ +#define MC_CMD_AOE_OUT_CURRENTS_I_XCVR 0x4 /* enum */ +#define MC_CMD_AOE_OUT_CURRENTS_I_1V5 0x5 /* enum */ +#define MC_CMD_AOE_OUT_CURRENTS_V_3V3 0x6 /* enum */ +#define MC_CMD_AOE_OUT_CURRENTS_V_1V5 0x7 /* enum */ +#define MC_CMD_AOE_OUT_CURRENTS_I_IN 0x8 /* enum */ +#define MC_CMD_AOE_OUT_CURRENTS_I_OUT 0x9 /* enum */ +#define MC_CMD_AOE_OUT_CURRENTS_V_IN 0xa /* enum */ +#define MC_CMD_AOE_OUT_CURRENTS_I_OUT_DDR1 0xb /* enum */ +#define MC_CMD_AOE_OUT_CURRENTS_V_OUT_DDR1 0xc /* enum */ +#define MC_CMD_AOE_OUT_CURRENTS_I_OUT_DDR2 0xd /* enum */ +#define MC_CMD_AOE_OUT_CURRENTS_V_OUT_DDR2 0xe /* enum */ +#define MC_CMD_AOE_OUT_CURRENTS_I_OUT_DDR3 0xf /* enum */ +#define MC_CMD_AOE_OUT_CURRENTS_V_OUT_DDR3 0x10 /* enum */ + +/* MC_CMD_AOE_OUT_TEMPERATURES msgresponse */ +#define MC_CMD_AOE_OUT_TEMPERATURES_LEN 40 +/* Set of temperatures */ +#define MC_CMD_AOE_OUT_TEMPERATURES_VALUES_OFST 0 +#define MC_CMD_AOE_OUT_TEMPERATURES_VALUES_LEN 4 +#define MC_CMD_AOE_OUT_TEMPERATURES_VALUES_NUM 10 +/* enum: The first set of enum values are for Modena code. */ +#define MC_CMD_AOE_OUT_TEMPERATURES_MAIN_0 0x0 +#define MC_CMD_AOE_OUT_TEMPERATURES_MAIN_1 0x1 /* enum */ +#define MC_CMD_AOE_OUT_TEMPERATURES_IND_0 0x2 /* enum */ +#define MC_CMD_AOE_OUT_TEMPERATURES_IND_1 0x3 /* enum */ +#define MC_CMD_AOE_OUT_TEMPERATURES_VCCIO1 0x4 /* enum */ +#define MC_CMD_AOE_OUT_TEMPERATURES_VCCIO2 0x5 /* enum */ +#define MC_CMD_AOE_OUT_TEMPERATURES_VCCIO3 0x6 /* enum */ +#define MC_CMD_AOE_OUT_TEMPERATURES_PSU 0x7 /* enum */ +#define MC_CMD_AOE_OUT_TEMPERATURES_FPGA 0x8 /* enum */ +#define MC_CMD_AOE_OUT_TEMPERATURES_SIENA 0x9 /* enum */ +/* enum: The second set of enum values are for Sorrento code. */ +#define MC_CMD_AOE_OUT_TEMPERATURES_SORRENTO_MAIN_0 0x0 +#define MC_CMD_AOE_OUT_TEMPERATURES_SORRENTO_MAIN_1 0x1 /* enum */ +#define MC_CMD_AOE_OUT_TEMPERATURES_SORRENTO_IND_0 0x2 /* enum */ +#define MC_CMD_AOE_OUT_TEMPERATURES_SORRENTO_IND_1 0x3 /* enum */ +#define MC_CMD_AOE_OUT_TEMPERATURES_SORRENTO_SODIMM_0 0x4 /* enum */ +#define MC_CMD_AOE_OUT_TEMPERATURES_SORRENTO_SODIMM_1 0x5 /* enum */ +#define MC_CMD_AOE_OUT_TEMPERATURES_SORRENTO_FPGA 0x6 /* enum */ +#define MC_CMD_AOE_OUT_TEMPERATURES_SORRENTO_PHY0 0x7 /* enum */ +#define MC_CMD_AOE_OUT_TEMPERATURES_SORRENTO_PHY1 0x8 /* enum */ + +/* MC_CMD_AOE_OUT_CPLD_READ msgresponse */ +#define MC_CMD_AOE_OUT_CPLD_READ_LEN 4 +/* The value read from the CPLD */ +#define MC_CMD_AOE_OUT_CPLD_READ_VALUE_OFST 0 +#define MC_CMD_AOE_OUT_CPLD_READ_VALUE_LEN 4 + +/* MC_CMD_AOE_OUT_FAN_FAILURES msgresponse */ +#define MC_CMD_AOE_OUT_FAN_FAILURES_LENMIN 4 +#define MC_CMD_AOE_OUT_FAN_FAILURES_LENMAX 252 +#define MC_CMD_AOE_OUT_FAN_FAILURES_LEN(num) (0+4*(num)) +/* Failure counts for each fan */ +#define MC_CMD_AOE_OUT_FAN_FAILURES_COUNT_OFST 0 +#define MC_CMD_AOE_OUT_FAN_FAILURES_COUNT_LEN 4 +#define MC_CMD_AOE_OUT_FAN_FAILURES_COUNT_MINNUM 1 +#define MC_CMD_AOE_OUT_FAN_FAILURES_COUNT_MAXNUM 63 + +/* MC_CMD_AOE_OUT_CPLD_REPROGRAM msgresponse */ +#define MC_CMD_AOE_OUT_CPLD_REPROGRAM_LEN 4 +/* Results of status command (only) */ +#define MC_CMD_AOE_OUT_CPLD_REPROGRAM_STATUS_OFST 0 +#define MC_CMD_AOE_OUT_CPLD_REPROGRAM_STATUS_LEN 4 + +/* MC_CMD_AOE_OUT_POWER_OFF msgresponse */ +#define MC_CMD_AOE_OUT_POWER_OFF_LEN 0 + +/* MC_CMD_AOE_OUT_POWER_ON msgresponse */ +#define MC_CMD_AOE_OUT_POWER_ON_LEN 0 + +/* MC_CMD_AOE_OUT_LOAD msgresponse */ +#define MC_CMD_AOE_OUT_LOAD_LEN 0 + +/* MC_CMD_AOE_OUT_MAC_STATS_DMA msgresponse */ +#define MC_CMD_AOE_OUT_MAC_STATS_DMA_LEN 0 + +/* MC_CMD_AOE_OUT_MAC_STATS_NO_DMA msgresponse: See MC_CMD_MAC_STATS_OUT_NO_DMA + * for details + */ +#define MC_CMD_AOE_OUT_MAC_STATS_NO_DMA_LEN (((MC_CMD_MAC_NSTATS*64))>>3) +#define MC_CMD_AOE_OUT_MAC_STATS_NO_DMA_STATISTICS_OFST 0 +#define MC_CMD_AOE_OUT_MAC_STATS_NO_DMA_STATISTICS_LEN 8 +#define MC_CMD_AOE_OUT_MAC_STATS_NO_DMA_STATISTICS_LO_OFST 0 +#define MC_CMD_AOE_OUT_MAC_STATS_NO_DMA_STATISTICS_HI_OFST 4 +#define MC_CMD_AOE_OUT_MAC_STATS_NO_DMA_STATISTICS_NUM MC_CMD_MAC_NSTATS + +/* MC_CMD_AOE_OUT_GET_PHY_MEDIA_INFO msgresponse */ +#define MC_CMD_AOE_OUT_GET_PHY_MEDIA_INFO_LENMIN 5 +#define MC_CMD_AOE_OUT_GET_PHY_MEDIA_INFO_LENMAX 252 +#define MC_CMD_AOE_OUT_GET_PHY_MEDIA_INFO_LEN(num) (4+1*(num)) +/* in bytes */ +#define MC_CMD_AOE_OUT_GET_PHY_MEDIA_INFO_DATALEN_OFST 0 +#define MC_CMD_AOE_OUT_GET_PHY_MEDIA_INFO_DATALEN_LEN 4 +#define MC_CMD_AOE_OUT_GET_PHY_MEDIA_INFO_DATA_OFST 4 +#define MC_CMD_AOE_OUT_GET_PHY_MEDIA_INFO_DATA_LEN 1 +#define MC_CMD_AOE_OUT_GET_PHY_MEDIA_INFO_DATA_MINNUM 1 +#define MC_CMD_AOE_OUT_GET_PHY_MEDIA_INFO_DATA_MAXNUM 248 + +/* MC_CMD_AOE_OUT_JTAG_WRITE msgresponse */ +#define MC_CMD_AOE_OUT_JTAG_WRITE_LENMIN 12 +#define MC_CMD_AOE_OUT_JTAG_WRITE_LENMAX 252 +#define MC_CMD_AOE_OUT_JTAG_WRITE_LEN(num) (8+4*(num)) +/* Used to align the in and out data blocks so the MC can re-use the cmd */ +#define MC_CMD_AOE_OUT_JTAG_WRITE_DATALEN_OFST 0 +#define MC_CMD_AOE_OUT_JTAG_WRITE_DATALEN_LEN 4 +/* out bytes */ +#define MC_CMD_AOE_OUT_JTAG_WRITE_PAD_OFST 4 +#define MC_CMD_AOE_OUT_JTAG_WRITE_PAD_LEN 4 +#define MC_CMD_AOE_OUT_JTAG_WRITE_DATA_OFST 8 +#define MC_CMD_AOE_OUT_JTAG_WRITE_DATA_LEN 4 +#define MC_CMD_AOE_OUT_JTAG_WRITE_DATA_MINNUM 1 +#define MC_CMD_AOE_OUT_JTAG_WRITE_DATA_MAXNUM 61 + +/* MC_CMD_AOE_OUT_FPGA_ACCESS msgresponse */ +#define MC_CMD_AOE_OUT_FPGA_ACCESS_LEN 0 + +/* MC_CMD_AOE_OUT_DDR msgresponse */ +#define MC_CMD_AOE_OUT_DDR_LENMIN 17 +#define MC_CMD_AOE_OUT_DDR_LENMAX 252 +#define MC_CMD_AOE_OUT_DDR_LEN(num) (16+1*(num)) +/* Information on the module. */ +#define MC_CMD_AOE_OUT_DDR_FLAGS_OFST 0 +#define MC_CMD_AOE_OUT_DDR_FLAGS_LEN 4 +#define MC_CMD_AOE_OUT_DDR_PRESENT_LBN 0 +#define MC_CMD_AOE_OUT_DDR_PRESENT_WIDTH 1 +#define MC_CMD_AOE_OUT_DDR_POWERED_LBN 1 +#define MC_CMD_AOE_OUT_DDR_POWERED_WIDTH 1 +#define MC_CMD_AOE_OUT_DDR_OPERATIONAL_LBN 2 +#define MC_CMD_AOE_OUT_DDR_OPERATIONAL_WIDTH 1 +#define MC_CMD_AOE_OUT_DDR_NOT_REACHABLE_LBN 3 +#define MC_CMD_AOE_OUT_DDR_NOT_REACHABLE_WIDTH 1 +/* Memory size, in MB. */ +#define MC_CMD_AOE_OUT_DDR_CAPACITY_OFST 4 +#define MC_CMD_AOE_OUT_DDR_CAPACITY_LEN 4 +/* The memory type, as reported from SPD information */ +#define MC_CMD_AOE_OUT_DDR_TYPE_OFST 8 +#define MC_CMD_AOE_OUT_DDR_TYPE_LEN 4 +/* Nominal voltage of the module (as applied) */ +#define MC_CMD_AOE_OUT_DDR_VOLTAGE_OFST 12 +#define MC_CMD_AOE_OUT_DDR_VOLTAGE_LEN 4 +/* SPD data read from the module */ +#define MC_CMD_AOE_OUT_DDR_SPD_OFST 16 +#define MC_CMD_AOE_OUT_DDR_SPD_LEN 1 +#define MC_CMD_AOE_OUT_DDR_SPD_MINNUM 1 +#define MC_CMD_AOE_OUT_DDR_SPD_MAXNUM 236 + +/* MC_CMD_AOE_OUT_SET_MTU_OFFSET msgresponse */ +#define MC_CMD_AOE_OUT_SET_MTU_OFFSET_LEN 0 + +/* MC_CMD_AOE_OUT_LINK_STATE msgresponse */ +#define MC_CMD_AOE_OUT_LINK_STATE_LEN 0 + +/* MC_CMD_AOE_OUT_SIENA_STATS msgresponse */ +#define MC_CMD_AOE_OUT_SIENA_STATS_LEN 0 + +/* MC_CMD_AOE_OUT_ASIC_STATS msgresponse */ +#define MC_CMD_AOE_OUT_ASIC_STATS_LEN 0 + +/* MC_CMD_AOE_OUT_FC msgresponse */ +#define MC_CMD_AOE_OUT_FC_LEN 0 + +/* MC_CMD_AOE_OUT_GET_ASIC_PORTS msgresponse */ +#define MC_CMD_AOE_OUT_GET_ASIC_PORTS_LEN 4 +/* get the number of internal ports */ +#define MC_CMD_AOE_OUT_GET_ASIC_PORTS_COUNT_PORTS_OFST 0 +#define MC_CMD_AOE_OUT_GET_ASIC_PORTS_COUNT_PORTS_LEN 4 + +/* MC_CMD_AOE_OUT_DDR_ECC_STATUS msgresponse */ +#define MC_CMD_AOE_OUT_DDR_ECC_STATUS_LEN 8 +/* Flags describing status info on the module. */ +#define MC_CMD_AOE_OUT_DDR_ECC_STATUS_FLAGS_OFST 0 +#define MC_CMD_AOE_OUT_DDR_ECC_STATUS_FLAGS_LEN 4 +#define MC_CMD_AOE_OUT_DDR_ECC_STATUS_VALID_LBN 0 +#define MC_CMD_AOE_OUT_DDR_ECC_STATUS_VALID_WIDTH 1 +/* DDR ECC status on the module. */ +#define MC_CMD_AOE_OUT_DDR_ECC_STATUS_STATUS_OFST 4 +#define MC_CMD_AOE_OUT_DDR_ECC_STATUS_STATUS_LEN 4 +#define MC_CMD_AOE_OUT_DDR_ECC_STATUS_SBE_LBN 0 +#define MC_CMD_AOE_OUT_DDR_ECC_STATUS_SBE_WIDTH 1 +#define MC_CMD_AOE_OUT_DDR_ECC_STATUS_DBE_LBN 1 +#define MC_CMD_AOE_OUT_DDR_ECC_STATUS_DBE_WIDTH 1 +#define MC_CMD_AOE_OUT_DDR_ECC_STATUS_CORDROP_LBN 2 +#define MC_CMD_AOE_OUT_DDR_ECC_STATUS_CORDROP_WIDTH 1 +#define MC_CMD_AOE_OUT_DDR_ECC_STATUS_SBE_COUNT_LBN 8 +#define MC_CMD_AOE_OUT_DDR_ECC_STATUS_SBE_COUNT_WIDTH 8 +#define MC_CMD_AOE_OUT_DDR_ECC_STATUS_DBE_COUNT_LBN 16 +#define MC_CMD_AOE_OUT_DDR_ECC_STATUS_DBE_COUNT_WIDTH 8 +#define MC_CMD_AOE_OUT_DDR_ECC_STATUS_CORDROP_COUNT_LBN 24 +#define MC_CMD_AOE_OUT_DDR_ECC_STATUS_CORDROP_COUNT_WIDTH 8 + +/* MC_CMD_AOE_OUT_MC_SPI_MASTER_READ msgresponse */ +#define MC_CMD_AOE_OUT_MC_SPI_MASTER_READ_LEN 4 +#define MC_CMD_AOE_OUT_MC_SPI_MASTER_READ_DATA_OFST 0 +#define MC_CMD_AOE_OUT_MC_SPI_MASTER_READ_DATA_LEN 4 + +/* MC_CMD_AOE_OUT_MC_SPI_MASTER_WRITE msgresponse */ +#define MC_CMD_AOE_OUT_MC_SPI_MASTER_WRITE_LEN 0 + +/* MC_CMD_AOE_OUT_MC_SPI_MASTER msgresponse */ +#define MC_CMD_AOE_OUT_MC_SPI_MASTER_LEN 0 + +/* MC_CMD_AOE_OUT_FC_BOOT msgresponse */ +#define MC_CMD_AOE_OUT_FC_BOOT_LEN 0 + +#endif /* _SYS_EFX_REGS_MCDI_AOE_H */ diff --git a/sys/dev/sfxge/common/efx_regs_mcdi_strs.h b/sys/dev/sfxge/common/efx_regs_mcdi_strs.h new file mode 100644 index 000000000000..110810f69536 --- /dev/null +++ b/sys/dev/sfxge/common/efx_regs_mcdi_strs.h @@ -0,0 +1,125 @@ +/*- + * SPDX-License-Identifier: BSD-2-Clause-FreeBSD + * + * Copyright 2008-2018 Solarflare Communications Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + */ + +/* + * This file is automatically generated. DO NOT EDIT IT. + * To make changes, edit the .yml files under firmwaresrc doc/mcdi/ and + * rebuild this file with "make -C doc mcdiheaders". + * + * The version of this file has MCDI strings really used in the libefx. + */ + +#ifndef _SYS_EFX_REGS_MCDI_STRS_H +#define _SYS_EFX_REGS_MCDI_STRS_H + +#define MC_CMD_SENSOR_CONTROLLER_TEMP_ENUM_STR "Controller temperature: degC" +#define MC_CMD_SENSOR_PHY_COMMON_TEMP_ENUM_STR "Phy common temperature: degC" +#define MC_CMD_SENSOR_CONTROLLER_COOLING_ENUM_STR "Controller cooling: bool" +#define MC_CMD_SENSOR_PHY0_TEMP_ENUM_STR "Phy 0 temperature: degC" +#define MC_CMD_SENSOR_PHY0_COOLING_ENUM_STR "Phy 0 cooling: bool" +#define MC_CMD_SENSOR_PHY1_TEMP_ENUM_STR "Phy 1 temperature: degC" +#define MC_CMD_SENSOR_PHY1_COOLING_ENUM_STR "Phy 1 cooling: bool" +#define MC_CMD_SENSOR_IN_1V0_ENUM_STR "1.0v power: mV" +#define MC_CMD_SENSOR_IN_1V2_ENUM_STR "1.2v power: mV" +#define MC_CMD_SENSOR_IN_1V8_ENUM_STR "1.8v power: mV" +#define MC_CMD_SENSOR_IN_2V5_ENUM_STR "2.5v power: mV" +#define MC_CMD_SENSOR_IN_3V3_ENUM_STR "3.3v power: mV" +#define MC_CMD_SENSOR_IN_12V0_ENUM_STR "12v power: mV" +#define MC_CMD_SENSOR_IN_1V2A_ENUM_STR "1.2v analogue power: mV" +#define MC_CMD_SENSOR_IN_VREF_ENUM_STR "reference voltage: mV" +#define MC_CMD_SENSOR_OUT_VAOE_ENUM_STR "AOE FPGA power: mV" +#define MC_CMD_SENSOR_AOE_TEMP_ENUM_STR "AOE FPGA temperature: degC" +#define MC_CMD_SENSOR_PSU_AOE_TEMP_ENUM_STR "AOE FPGA PSU temperature: degC" +#define MC_CMD_SENSOR_PSU_TEMP_ENUM_STR "AOE PSU temperature: degC" +#define MC_CMD_SENSOR_FAN_0_ENUM_STR "Fan 0 speed: RPM" +#define MC_CMD_SENSOR_FAN_1_ENUM_STR "Fan 1 speed: RPM" +#define MC_CMD_SENSOR_FAN_2_ENUM_STR "Fan 2 speed: RPM" +#define MC_CMD_SENSOR_FAN_3_ENUM_STR "Fan 3 speed: RPM" +#define MC_CMD_SENSOR_FAN_4_ENUM_STR "Fan 4 speed: RPM" +#define MC_CMD_SENSOR_IN_VAOE_ENUM_STR "AOE FPGA input power: mV" +#define MC_CMD_SENSOR_OUT_IAOE_ENUM_STR "AOE FPGA current: mA" +#define MC_CMD_SENSOR_IN_IAOE_ENUM_STR "AOE FPGA input current: mA" +#define MC_CMD_SENSOR_NIC_POWER_ENUM_STR "NIC power consumption: W" +#define MC_CMD_SENSOR_IN_0V9_ENUM_STR "0.9v power voltage: mV" +#define MC_CMD_SENSOR_IN_I0V9_ENUM_STR "0.9v power current: mA" +#define MC_CMD_SENSOR_IN_I1V2_ENUM_STR "1.2v power current: mA" +#define MC_CMD_SENSOR_PAGE0_NEXT_ENUM_STR "Not a sensor: reserved for the next page flag" +#define MC_CMD_SENSOR_IN_0V9_ADC_ENUM_STR "0.9v power voltage (at ADC): mV" +#define MC_CMD_SENSOR_CONTROLLER_2_TEMP_ENUM_STR "Controller temperature 2: degC" +#define MC_CMD_SENSOR_VREG_INTERNAL_TEMP_ENUM_STR "Voltage regulator internal temperature: degC" +#define MC_CMD_SENSOR_VREG_0V9_TEMP_ENUM_STR "0.9V voltage regulator temperature: degC" +#define MC_CMD_SENSOR_VREG_1V2_TEMP_ENUM_STR "1.2V voltage regulator temperature: degC" +#define MC_CMD_SENSOR_CONTROLLER_VPTAT_ENUM_STR "controller internal temperature sensor voltage (internal ADC): mV" +#define MC_CMD_SENSOR_CONTROLLER_INTERNAL_TEMP_ENUM_STR "controller internal temperature (internal ADC): degC" +#define MC_CMD_SENSOR_CONTROLLER_VPTAT_EXTADC_ENUM_STR "controller internal temperature sensor voltage (external ADC): mV" +#define MC_CMD_SENSOR_CONTROLLER_INTERNAL_TEMP_EXTADC_ENUM_STR "controller internal temperature (external ADC): degC" +#define MC_CMD_SENSOR_AMBIENT_TEMP_ENUM_STR "ambient temperature: degC" +#define MC_CMD_SENSOR_AIRFLOW_ENUM_STR "air flow: bool" +#define MC_CMD_SENSOR_VDD08D_VSS08D_CSR_ENUM_STR "voltage between VSS08D and VSS08D at CSR: mV" +#define MC_CMD_SENSOR_VDD08D_VSS08D_CSR_EXTADC_ENUM_STR "voltage between VSS08D and VSS08D at CSR (external ADC): mV" +#define MC_CMD_SENSOR_HOTPOINT_TEMP_ENUM_STR "Hotpoint temperature: degC" +#define MC_CMD_SENSOR_PHY_POWER_PORT0_ENUM_STR "Port 0 PHY power switch over-current: bool" +#define MC_CMD_SENSOR_PHY_POWER_PORT1_ENUM_STR "Port 1 PHY power switch over-current: bool" +#define MC_CMD_SENSOR_MUM_VCC_ENUM_STR "Mop-up microcontroller reference voltage: mV" +#define MC_CMD_SENSOR_IN_0V9_A_ENUM_STR "0.9v power phase A voltage: mV" +#define MC_CMD_SENSOR_IN_I0V9_A_ENUM_STR "0.9v power phase A current: mA" +#define MC_CMD_SENSOR_VREG_0V9_A_TEMP_ENUM_STR "0.9V voltage regulator phase A temperature: degC" +#define MC_CMD_SENSOR_IN_0V9_B_ENUM_STR "0.9v power phase B voltage: mV" +#define MC_CMD_SENSOR_IN_I0V9_B_ENUM_STR "0.9v power phase B current: mA" +#define MC_CMD_SENSOR_VREG_0V9_B_TEMP_ENUM_STR "0.9V voltage regulator phase B temperature: degC" +#define MC_CMD_SENSOR_CCOM_AVREG_1V2_SUPPLY_ENUM_STR "CCOM AVREG 1v2 supply (interval ADC): mV" +#define MC_CMD_SENSOR_CCOM_AVREG_1V2_SUPPLY_EXTADC_ENUM_STR "CCOM AVREG 1v2 supply (external ADC): mV" +#define MC_CMD_SENSOR_CCOM_AVREG_1V8_SUPPLY_ENUM_STR "CCOM AVREG 1v8 supply (interval ADC): mV" +#define MC_CMD_SENSOR_CCOM_AVREG_1V8_SUPPLY_EXTADC_ENUM_STR "CCOM AVREG 1v8 supply (external ADC): mV" +#define MC_CMD_SENSOR_CONTROLLER_RTS_ENUM_STR "CCOM RTS temperature: degC" +#define MC_CMD_SENSOR_PAGE1_NEXT_ENUM_STR "Not a sensor: reserved for the next page flag" +#define MC_CMD_SENSOR_CONTROLLER_MASTER_VPTAT_ENUM_STR "controller internal temperature sensor voltage on master core (internal ADC): mV" +#define MC_CMD_SENSOR_CONTROLLER_MASTER_INTERNAL_TEMP_ENUM_STR "controller internal temperature on master core (internal ADC): degC" +#define MC_CMD_SENSOR_CONTROLLER_MASTER_VPTAT_EXTADC_ENUM_STR "controller internal temperature sensor voltage on master core (external ADC): mV" +#define MC_CMD_SENSOR_CONTROLLER_MASTER_INTERNAL_TEMP_EXTADC_ENUM_STR "controller internal temperature on master core (external ADC): degC" +#define MC_CMD_SENSOR_CONTROLLER_SLAVE_VPTAT_ENUM_STR "controller internal temperature on slave core sensor voltage (internal ADC): mV" +#define MC_CMD_SENSOR_CONTROLLER_SLAVE_INTERNAL_TEMP_ENUM_STR "controller internal temperature on slave core (internal ADC): degC" +#define MC_CMD_SENSOR_CONTROLLER_SLAVE_VPTAT_EXTADC_ENUM_STR "controller internal temperature on slave core sensor voltage (external ADC): mV" +#define MC_CMD_SENSOR_CONTROLLER_SLAVE_INTERNAL_TEMP_EXTADC_ENUM_STR "controller internal temperature on slave core (external ADC): degC" +#define MC_CMD_SENSOR_SODIMM_VOUT_ENUM_STR "Voltage supplied to the SODIMMs from their power supply: mV" +#define MC_CMD_SENSOR_SODIMM_0_TEMP_ENUM_STR "Temperature of SODIMM 0 (if installed): degC" +#define MC_CMD_SENSOR_SODIMM_1_TEMP_ENUM_STR "Temperature of SODIMM 1 (if installed): degC" +#define MC_CMD_SENSOR_PHY0_VCC_ENUM_STR "Voltage supplied to the QSFP #0 from their power supply: mV" +#define MC_CMD_SENSOR_PHY1_VCC_ENUM_STR "Voltage supplied to the QSFP #1 from their power supply: mV" +#define MC_CMD_SENSOR_CONTROLLER_TDIODE_TEMP_ENUM_STR "Controller die temperature (TDIODE): degC" +#define MC_CMD_SENSOR_BOARD_FRONT_TEMP_ENUM_STR "Board temperature (front): degC" +#define MC_CMD_SENSOR_BOARD_BACK_TEMP_ENUM_STR "Board temperature (back): degC" +#define MC_CMD_SENSOR_IN_I1V8_ENUM_STR "1.8v power current: mA" +#define MC_CMD_SENSOR_IN_I2V5_ENUM_STR "2.5v power current: mA" +#define MC_CMD_SENSOR_IN_I3V3_ENUM_STR "3.3v power current: mA" +#define MC_CMD_SENSOR_IN_I12V0_ENUM_STR "12v power current: mA" +#define MC_CMD_SENSOR_IN_1V3_ENUM_STR "1.3v power: mV" +#define MC_CMD_SENSOR_IN_I1V3_ENUM_STR "1.3v power current: mA" + +#endif /* _SYS_EFX_REGS_MCDI_STRS_H */ diff --git a/sys/dev/sfxge/common/efx_rx.c b/sys/dev/sfxge/common/efx_rx.c index 0b8621ccdeb4..b1185ae0b7da 100644 --- a/sys/dev/sfxge/common/efx_rx.c +++ b/sys/dev/sfxge/common/efx_rx.c @@ -136,7 +136,7 @@ siena_rx_qcreate( __in unsigned int index, __in unsigned int label, __in efx_rxq_type_t type, - __in uint32_t type_data, + __in_opt const efx_rxq_type_data_t *type_data, __in efsys_mem_t *esmp, __in size_t ndescs, __in uint32_t id, @@ -180,7 +180,7 @@ static const efx_rx_ops_t __efx_rx_siena_ops = { }; #endif /* EFSYS_OPT_SIENA */ -#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD +#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 static const efx_rx_ops_t __efx_rx_ef10_ops = { ef10_rx_init, /* erxo_init */ ef10_rx_fini, /* erxo_fini */ @@ -207,7 +207,7 @@ static const efx_rx_ops_t __efx_rx_ef10_ops = { ef10_rx_qcreate, /* erxo_qcreate */ ef10_rx_qdestroy, /* erxo_qdestroy */ }; -#endif /* EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD */ +#endif /* EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 */ __checkReturn efx_rc_t @@ -249,6 +249,12 @@ efx_rx_init( break; #endif /* EFSYS_OPT_MEDFORD */ +#if EFSYS_OPT_MEDFORD2 + case EFX_FAMILY_MEDFORD2: + erxop = &__efx_rx_ef10_ops; + break; +#endif /* EFSYS_OPT_MEDFORD2 */ + default: EFSYS_ASSERT(0); rc = ENOTSUP; @@ -317,6 +323,114 @@ fail1: #endif /* EFSYS_OPT_RX_SCATTER */ #if EFSYS_OPT_RX_SCALE + __checkReturn efx_rc_t +efx_rx_scale_hash_flags_get( + __in efx_nic_t *enp, + __in efx_rx_hash_alg_t hash_alg, + __out_ecount_part(max_nflags, *nflagsp) unsigned int *flagsp, + __in unsigned int max_nflags, + __out unsigned int *nflagsp) +{ + efx_nic_cfg_t *encp = &enp->en_nic_cfg; + unsigned int nflags = 0; + efx_rc_t rc; + + if (flagsp == NULL || nflagsp == NULL) { + rc = EINVAL; + goto fail1; + } + + if ((encp->enc_rx_scale_hash_alg_mask & (1U << hash_alg)) == 0) { + nflags = 0; + goto done; + } + + /* Helper to add flags word to flags array without buffer overflow */ +#define INSERT_FLAGS(_flags) \ + do { \ + if (nflags >= max_nflags) { \ + rc = E2BIG; \ + goto fail2; \ + } \ + *(flagsp + nflags) = (_flags); \ + nflags++; \ + \ + _NOTE(CONSTANTCONDITION) \ + } while (B_FALSE) + + if (encp->enc_rx_scale_l4_hash_supported != B_FALSE) { + INSERT_FLAGS(EFX_RX_HASH(IPV4_TCP, 4TUPLE)); + INSERT_FLAGS(EFX_RX_HASH(IPV6_TCP, 4TUPLE)); + } + + if ((encp->enc_rx_scale_l4_hash_supported != B_FALSE) && + (encp->enc_rx_scale_additional_modes_supported != B_FALSE)) { + INSERT_FLAGS(EFX_RX_HASH(IPV4_TCP, 2TUPLE_DST)); + INSERT_FLAGS(EFX_RX_HASH(IPV4_TCP, 2TUPLE_SRC)); + + INSERT_FLAGS(EFX_RX_HASH(IPV6_TCP, 2TUPLE_DST)); + INSERT_FLAGS(EFX_RX_HASH(IPV6_TCP, 2TUPLE_SRC)); + + INSERT_FLAGS(EFX_RX_HASH(IPV4_UDP, 4TUPLE)); + INSERT_FLAGS(EFX_RX_HASH(IPV4_UDP, 2TUPLE_DST)); + INSERT_FLAGS(EFX_RX_HASH(IPV4_UDP, 2TUPLE_SRC)); + + INSERT_FLAGS(EFX_RX_HASH(IPV6_UDP, 4TUPLE)); + INSERT_FLAGS(EFX_RX_HASH(IPV6_UDP, 2TUPLE_DST)); + INSERT_FLAGS(EFX_RX_HASH(IPV6_UDP, 2TUPLE_SRC)); + } + + INSERT_FLAGS(EFX_RX_HASH(IPV4_TCP, 2TUPLE)); + INSERT_FLAGS(EFX_RX_HASH(IPV6_TCP, 2TUPLE)); + + INSERT_FLAGS(EFX_RX_HASH(IPV4, 2TUPLE)); + INSERT_FLAGS(EFX_RX_HASH(IPV6, 2TUPLE)); + + if (encp->enc_rx_scale_additional_modes_supported != B_FALSE) { + INSERT_FLAGS(EFX_RX_HASH(IPV4_TCP, 1TUPLE_DST)); + INSERT_FLAGS(EFX_RX_HASH(IPV4_TCP, 1TUPLE_SRC)); + + INSERT_FLAGS(EFX_RX_HASH(IPV6_TCP, 1TUPLE_DST)); + INSERT_FLAGS(EFX_RX_HASH(IPV6_TCP, 1TUPLE_SRC)); + + INSERT_FLAGS(EFX_RX_HASH(IPV4_UDP, 2TUPLE)); + INSERT_FLAGS(EFX_RX_HASH(IPV4_UDP, 1TUPLE_DST)); + INSERT_FLAGS(EFX_RX_HASH(IPV4_UDP, 1TUPLE_SRC)); + + INSERT_FLAGS(EFX_RX_HASH(IPV6_UDP, 2TUPLE)); + INSERT_FLAGS(EFX_RX_HASH(IPV6_UDP, 1TUPLE_DST)); + INSERT_FLAGS(EFX_RX_HASH(IPV6_UDP, 1TUPLE_SRC)); + + INSERT_FLAGS(EFX_RX_HASH(IPV4, 1TUPLE_DST)); + INSERT_FLAGS(EFX_RX_HASH(IPV4, 1TUPLE_SRC)); + + INSERT_FLAGS(EFX_RX_HASH(IPV6, 1TUPLE_DST)); + INSERT_FLAGS(EFX_RX_HASH(IPV6, 1TUPLE_SRC)); + } + + INSERT_FLAGS(EFX_RX_HASH(IPV4_TCP, DISABLE)); + INSERT_FLAGS(EFX_RX_HASH(IPV6_TCP, DISABLE)); + + INSERT_FLAGS(EFX_RX_HASH(IPV4_UDP, DISABLE)); + INSERT_FLAGS(EFX_RX_HASH(IPV6_UDP, DISABLE)); + + INSERT_FLAGS(EFX_RX_HASH(IPV4, DISABLE)); + INSERT_FLAGS(EFX_RX_HASH(IPV6, DISABLE)); + +#undef INSERT_FLAGS + +done: + *nflagsp = nflags; + return (0); + +fail2: + EFSYS_PROBE(fail2); +fail1: + EFSYS_PROBE1(fail1, efx_rc_t, rc); + + return (rc); +} + __checkReturn efx_rc_t efx_rx_hash_default_support_get( __in efx_nic_t *enp, @@ -447,20 +561,96 @@ efx_rx_scale_mode_set( __in efx_rx_hash_type_t type, __in boolean_t insert) { + efx_nic_cfg_t *encp = &enp->en_nic_cfg; const efx_rx_ops_t *erxop = enp->en_erxop; + efx_rx_hash_type_t type_check; + unsigned int i; efx_rc_t rc; EFSYS_ASSERT3U(enp->en_magic, ==, EFX_NIC_MAGIC); EFSYS_ASSERT3U(enp->en_mod_flags, &, EFX_MOD_RX); + /* + * Legacy flags and modern bits cannot be + * used at the same time in the hash type. + */ + if ((type & EFX_RX_HASH_LEGACY_MASK) && + (type & ~EFX_RX_HASH_LEGACY_MASK)) { + rc = EINVAL; + goto fail1; + } + + /* + * If RSS hash type is represented by additional bits + * in the value, the latter need to be verified since + * not all bit combinations are valid RSS modes. Also, + * depending on the firmware, some valid combinations + * may be unsupported. Discern additional bits in the + * type value and try to recognise valid combinations. + * If some bits remain unrecognised, report the error. + */ + type_check = type & ~EFX_RX_HASH_LEGACY_MASK; + if (type_check != 0) { + unsigned int type_flags[EFX_RX_HASH_NFLAGS]; + unsigned int type_nflags; + + rc = efx_rx_scale_hash_flags_get(enp, alg, type_flags, + EFX_ARRAY_SIZE(type_flags), &type_nflags); + if (rc != 0) + goto fail2; + + for (i = 0; i < type_nflags; ++i) { + if ((type_check & type_flags[i]) == type_flags[i]) + type_check &= ~(type_flags[i]); + } + + if (type_check != 0) { + rc = EINVAL; + goto fail3; + } + } + + /* + * Translate EFX_RX_HASH() flags to their legacy counterparts + * provided that the FW claims no support for additional modes. + */ + if (encp->enc_rx_scale_additional_modes_supported == B_FALSE) { + efx_rx_hash_type_t t_ipv4 = EFX_RX_HASH(IPV4, 2TUPLE) | + EFX_RX_HASH(IPV4_TCP, 2TUPLE); + efx_rx_hash_type_t t_ipv6 = EFX_RX_HASH(IPV6, 2TUPLE) | + EFX_RX_HASH(IPV6_TCP, 2TUPLE); + efx_rx_hash_type_t t_ipv4_tcp = EFX_RX_HASH(IPV4_TCP, 4TUPLE); + efx_rx_hash_type_t t_ipv6_tcp = EFX_RX_HASH(IPV6_TCP, 4TUPLE); + + if ((type & t_ipv4) == t_ipv4) + type |= EFX_RX_HASH_IPV4; + if ((type & t_ipv6) == t_ipv6) + type |= EFX_RX_HASH_IPV6; + + if (encp->enc_rx_scale_l4_hash_supported == B_TRUE) { + if ((type & t_ipv4_tcp) == t_ipv4_tcp) + type |= EFX_RX_HASH_TCPIPV4; + if ((type & t_ipv6_tcp) == t_ipv6_tcp) + type |= EFX_RX_HASH_TCPIPV6; + } + + type &= EFX_RX_HASH_LEGACY_MASK; + } + if (erxop->erxo_scale_mode_set != NULL) { if ((rc = erxop->erxo_scale_mode_set(enp, rss_context, alg, type, insert)) != 0) - goto fail1; + goto fail4; } return (0); +fail4: + EFSYS_PROBE(fail4); +fail3: + EFSYS_PROBE(fail3); +fail2: + EFSYS_PROBE(fail2); fail1: EFSYS_PROBE1(fail1, efx_rc_t, rc); return (rc); @@ -623,7 +813,7 @@ efx_rx_qcreate_internal( __in unsigned int index, __in unsigned int label, __in efx_rxq_type_t type, - __in uint32_t type_data, + __in_opt const efx_rxq_type_data_t *type_data, __in efsys_mem_t *esmp, __in size_t ndescs, __in uint32_t id, @@ -684,8 +874,8 @@ efx_rx_qcreate( __in efx_evq_t *eep, __deref_out efx_rxq_t **erpp) { - return efx_rx_qcreate_internal(enp, index, label, type, 0, esmp, ndescs, - id, flags, eep, erpp); + return efx_rx_qcreate_internal(enp, index, label, type, NULL, + esmp, ndescs, id, flags, eep, erpp); } #if EFSYS_OPT_RX_PACKED_STREAM @@ -701,13 +891,71 @@ efx_rx_qcreate_packed_stream( __in efx_evq_t *eep, __deref_out efx_rxq_t **erpp) { + efx_rxq_type_data_t type_data; + + memset(&type_data, 0, sizeof (type_data)); + + type_data.ertd_packed_stream.eps_buf_size = ps_buf_size; + return efx_rx_qcreate_internal(enp, index, label, - EFX_RXQ_TYPE_PACKED_STREAM, ps_buf_size, esmp, ndescs, + EFX_RXQ_TYPE_PACKED_STREAM, &type_data, esmp, ndescs, 0 /* id unused on EF10 */, EFX_RXQ_FLAG_NONE, eep, erpp); } #endif +#if EFSYS_OPT_RX_ES_SUPER_BUFFER + + __checkReturn efx_rc_t +efx_rx_qcreate_es_super_buffer( + __in efx_nic_t *enp, + __in unsigned int index, + __in unsigned int label, + __in uint32_t n_bufs_per_desc, + __in uint32_t max_dma_len, + __in uint32_t buf_stride, + __in uint32_t hol_block_timeout, + __in efsys_mem_t *esmp, + __in size_t ndescs, + __in unsigned int flags, + __in efx_evq_t *eep, + __deref_out efx_rxq_t **erpp) +{ + efx_rc_t rc; + efx_rxq_type_data_t type_data; + + if (hol_block_timeout > EFX_RXQ_ES_SUPER_BUFFER_HOL_BLOCK_MAX) { + rc = EINVAL; + goto fail1; + } + + memset(&type_data, 0, sizeof (type_data)); + + type_data.ertd_es_super_buffer.eessb_bufs_per_desc = n_bufs_per_desc; + type_data.ertd_es_super_buffer.eessb_max_dma_len = max_dma_len; + type_data.ertd_es_super_buffer.eessb_buf_stride = buf_stride; + type_data.ertd_es_super_buffer.eessb_hol_block_timeout = + hol_block_timeout; + + rc = efx_rx_qcreate_internal(enp, index, label, + EFX_RXQ_TYPE_ES_SUPER_BUFFER, &type_data, esmp, ndescs, + 0 /* id unused on EF10 */, flags, eep, erpp); + if (rc != 0) + goto fail2; + + return (0); + +fail2: + EFSYS_PROBE(fail2); +fail1: + EFSYS_PROBE1(fail1, efx_rc_t, rc); + + return (rc); +} + +#endif + + void efx_rx_qdestroy( __in efx_rxq_t *erp) @@ -800,7 +1048,7 @@ siena_rx_scatter_enable( efx_rc_t rc; nbuf32 = buf_size / 32; - if ((nbuf32 == 0) || + IF ((NBUF32 == 0) || (nbuf32 >= (1 << FRF_BZ_RX_USR_BUF_SIZE_WIDTH)) || ((buf_size % 32) != 0)) { rc = EINVAL; @@ -918,12 +1166,12 @@ siena_rx_scale_mode_set( case EFX_RX_HASHALG_TOEPLITZ: EFX_RX_TOEPLITZ_IPV4_HASH(enp, insert, - type & EFX_RX_HASH_IPV4, - type & EFX_RX_HASH_TCPIPV4); + (type & EFX_RX_HASH_IPV4) ? B_TRUE : B_FALSE, + (type & EFX_RX_HASH_TCPIPV4) ? B_TRUE : B_FALSE); EFX_RX_TOEPLITZ_IPV6_HASH(enp, - type & EFX_RX_HASH_IPV6, - type & EFX_RX_HASH_TCPIPV6, + (type & EFX_RX_HASH_IPV6) ? B_TRUE : B_FALSE, + (type & EFX_RX_HASH_TCPIPV6) ? B_TRUE : B_FALSE, rc); if (rc != 0) goto fail2; @@ -1349,7 +1597,7 @@ siena_rx_qcreate( __in unsigned int index, __in unsigned int label, __in efx_rxq_type_t type, - __in uint32_t type_data, + __in_opt const efx_rxq_type_data_t *type_data, __in efsys_mem_t *esmp, __in size_t ndescs, __in uint32_t id, diff --git a/sys/dev/sfxge/common/efx_sram.c b/sys/dev/sfxge/common/efx_sram.c index 9a6cfa4860b3..587d9490f393 100644 --- a/sys/dev/sfxge/common/efx_sram.c +++ b/sys/dev/sfxge/common/efx_sram.c @@ -54,9 +54,10 @@ efx_sram_buf_tbl_set( EFSYS_ASSERT3U(enp->en_magic, ==, EFX_NIC_MAGIC); EFSYS_ASSERT3U(enp->en_mod_flags, &, EFX_MOD_NIC); -#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD +#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 if (enp->en_family == EFX_FAMILY_HUNTINGTON || - enp->en_family == EFX_FAMILY_MEDFORD) { + enp->en_family == EFX_FAMILY_MEDFORD || + enp->en_family == EFX_FAMILY_MEDFORD2) { /* * FIXME: the efx_sram_buf_tbl_*() functionality needs to be * pulled inside the Falcon/Siena queue create/destroy code, @@ -68,7 +69,7 @@ efx_sram_buf_tbl_set( return (0); } -#endif /* EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD */ +#endif /* EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 */ if (stop >= EFX_BUF_TBL_SIZE) { rc = EFBIG; @@ -176,9 +177,10 @@ efx_sram_buf_tbl_clear( EFSYS_ASSERT3U(enp->en_magic, ==, EFX_NIC_MAGIC); EFSYS_ASSERT3U(enp->en_mod_flags, &, EFX_MOD_NIC); -#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD +#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 if (enp->en_family == EFX_FAMILY_HUNTINGTON || - enp->en_family == EFX_FAMILY_MEDFORD) { + enp->en_family == EFX_FAMILY_MEDFORD || + enp->en_family == EFX_FAMILY_MEDFORD2) { /* * FIXME: the efx_sram_buf_tbl_*() functionality needs to be * pulled inside the Falcon/Siena queue create/destroy code, @@ -190,7 +192,7 @@ efx_sram_buf_tbl_clear( return; } -#endif /* EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD */ +#endif /* EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 */ EFSYS_ASSERT3U(stop, <, EFX_BUF_TBL_SIZE); diff --git a/sys/dev/sfxge/common/efx_tunnel.c b/sys/dev/sfxge/common/efx_tunnel.c new file mode 100644 index 000000000000..a0dd75d2b2c9 --- /dev/null +++ b/sys/dev/sfxge/common/efx_tunnel.c @@ -0,0 +1,498 @@ +/*- + * SPDX-License-Identifier: BSD-2-Clause-FreeBSD + * + * Copyright (c) 2017-2018 Solarflare Communications Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR + * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; + * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, + * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + * The views and conclusions contained in the software and documentation are + * those of the authors and should not be interpreted as representing official + * policies, either expressed or implied, of the FreeBSD Project. + */ + +#include <sys/cdefs.h> +__FBSDID("$FreeBSD$"); + +#include "efx.h" +#include "efx_impl.h" + + +#if EFSYS_OPT_TUNNEL + +#if EFSYS_OPT_SIENA || EFSYS_OPT_HUNTINGTON +static const efx_tunnel_ops_t __efx_tunnel_dummy_ops = { + NULL, /* eto_udp_encap_supported */ + NULL, /* eto_reconfigure */ +}; +#endif /* EFSYS_OPT_SIENA || EFSYS_OPT_HUNTINGTON */ + +#if EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 +static __checkReturn boolean_t +ef10_udp_encap_supported( + __in efx_nic_t *enp); + +static __checkReturn efx_rc_t +ef10_tunnel_reconfigure( + __in efx_nic_t *enp); + +static const efx_tunnel_ops_t __efx_tunnel_ef10_ops = { + ef10_udp_encap_supported, /* eto_udp_encap_supported */ + ef10_tunnel_reconfigure, /* eto_reconfigure */ +}; +#endif /* EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 */ + +static __checkReturn efx_rc_t +efx_mcdi_set_tunnel_encap_udp_ports( + __in efx_nic_t *enp, + __in efx_tunnel_cfg_t *etcp, + __in boolean_t unloading, + __out boolean_t *resetting) +{ + efx_mcdi_req_t req; + EFX_MCDI_DECLARE_BUF(payload, + MC_CMD_SET_TUNNEL_ENCAP_UDP_PORTS_IN_LENMAX, + MC_CMD_SET_TUNNEL_ENCAP_UDP_PORTS_OUT_LEN); + efx_word_t flags; + efx_rc_t rc; + unsigned int i; + unsigned int entries_num; + + if (etcp == NULL) + entries_num = 0; + else + entries_num = etcp->etc_udp_entries_num; + + req.emr_cmd = MC_CMD_SET_TUNNEL_ENCAP_UDP_PORTS; + req.emr_in_buf = payload; + req.emr_in_length = + MC_CMD_SET_TUNNEL_ENCAP_UDP_PORTS_IN_LEN(entries_num); + req.emr_out_buf = payload; + req.emr_out_length = MC_CMD_SET_TUNNEL_ENCAP_UDP_PORTS_OUT_LEN; + + EFX_POPULATE_WORD_1(flags, + MC_CMD_SET_TUNNEL_ENCAP_UDP_PORTS_IN_UNLOADING, + (unloading == B_TRUE) ? 1 : 0); + MCDI_IN_SET_WORD(req, SET_TUNNEL_ENCAP_UDP_PORTS_IN_FLAGS, + EFX_WORD_FIELD(flags, EFX_WORD_0)); + + MCDI_IN_SET_WORD(req, SET_TUNNEL_ENCAP_UDP_PORTS_IN_NUM_ENTRIES, + entries_num); + + for (i = 0; i < entries_num; ++i) { + uint16_t mcdi_udp_protocol; + + switch (etcp->etc_udp_entries[i].etue_protocol) { + case EFX_TUNNEL_PROTOCOL_VXLAN: + mcdi_udp_protocol = TUNNEL_ENCAP_UDP_PORT_ENTRY_VXLAN; + break; + case EFX_TUNNEL_PROTOCOL_GENEVE: + mcdi_udp_protocol = TUNNEL_ENCAP_UDP_PORT_ENTRY_GENEVE; + break; + default: + rc = EINVAL; + goto fail1; + } + + /* + * UDP port is MCDI native little-endian in the request + * and EFX_POPULATE_DWORD cares about conversion from + * host/CPU byte order to little-endian. + */ + EFX_STATIC_ASSERT(sizeof (efx_dword_t) == + TUNNEL_ENCAP_UDP_PORT_ENTRY_LEN); + EFX_POPULATE_DWORD_2( + MCDI_IN2(req, efx_dword_t, + SET_TUNNEL_ENCAP_UDP_PORTS_IN_ENTRIES)[i], + TUNNEL_ENCAP_UDP_PORT_ENTRY_UDP_PORT, + etcp->etc_udp_entries[i].etue_port, + TUNNEL_ENCAP_UDP_PORT_ENTRY_PROTOCOL, + mcdi_udp_protocol); + } + + efx_mcdi_execute(enp, &req); + + if (req.emr_rc != 0) { + rc = req.emr_rc; + goto fail2; + } + + if (req.emr_out_length_used != + MC_CMD_SET_TUNNEL_ENCAP_UDP_PORTS_OUT_LEN) { + rc = EMSGSIZE; + goto fail3; + } + + *resetting = MCDI_OUT_WORD_FIELD(req, + SET_TUNNEL_ENCAP_UDP_PORTS_OUT_FLAGS, + SET_TUNNEL_ENCAP_UDP_PORTS_OUT_RESETTING); + + return (0); + +fail3: + EFSYS_PROBE(fail3); + +fail2: + EFSYS_PROBE(fail2); + +fail1: + EFSYS_PROBE1(fail1, efx_rc_t, rc); + + return (rc); +} + + __checkReturn efx_rc_t +efx_tunnel_init( + __in efx_nic_t *enp) +{ + efx_tunnel_cfg_t *etcp = &enp->en_tunnel_cfg; + const efx_tunnel_ops_t *etop; + efx_rc_t rc; + + EFSYS_ASSERT3U(enp->en_magic, ==, EFX_NIC_MAGIC); + EFSYS_ASSERT3U(enp->en_mod_flags, &, EFX_MOD_PROBE); + EFSYS_ASSERT(!(enp->en_mod_flags & EFX_MOD_TUNNEL)); + + EFX_STATIC_ASSERT(EFX_TUNNEL_MAXNENTRIES == + MC_CMD_SET_TUNNEL_ENCAP_UDP_PORTS_IN_ENTRIES_MAXNUM); + + switch (enp->en_family) { +#if EFSYS_OPT_SIENA + case EFX_FAMILY_SIENA: + etop = &__efx_tunnel_dummy_ops; + break; +#endif /* EFSYS_OPT_SIENA */ + +#if EFSYS_OPT_HUNTINGTON + case EFX_FAMILY_HUNTINGTON: + etop = &__efx_tunnel_dummy_ops; + break; +#endif /* EFSYS_OPT_HUNTINGTON */ + +#if EFSYS_OPT_MEDFORD + case EFX_FAMILY_MEDFORD: + etop = &__efx_tunnel_ef10_ops; + break; +#endif /* EFSYS_OPT_MEDFORD */ + +#if EFSYS_OPT_MEDFORD2 + case EFX_FAMILY_MEDFORD2: + etop = &__efx_tunnel_ef10_ops; + break; +#endif /* EFSYS_OPT_MEDFORD2 */ + + default: + EFSYS_ASSERT(0); + rc = ENOTSUP; + goto fail1; + } + + memset(etcp->etc_udp_entries, 0, sizeof (etcp->etc_udp_entries)); + etcp->etc_udp_entries_num = 0; + + enp->en_etop = etop; + enp->en_mod_flags |= EFX_MOD_TUNNEL; + + return (0); + +fail1: + EFSYS_PROBE1(fail1, efx_rc_t, rc); + + enp->en_etop = NULL; + enp->en_mod_flags &= ~EFX_MOD_TUNNEL; + + return (rc); +} + + void +efx_tunnel_fini( + __in efx_nic_t *enp) +{ + boolean_t resetting; + + EFSYS_ASSERT3U(enp->en_magic, ==, EFX_NIC_MAGIC); + EFSYS_ASSERT3U(enp->en_mod_flags, &, EFX_MOD_PROBE); + EFSYS_ASSERT3U(enp->en_mod_flags, &, EFX_MOD_TUNNEL); + + if ((enp->en_etop->eto_udp_encap_supported != NULL) && + enp->en_etop->eto_udp_encap_supported(enp)) { + /* + * The UNLOADING flag allows the MC to suppress the datapath + * reset if it was set on the last call to + * MC_CMD_SET_TUNNEL_ENCAP_UDP_PORTS by all functions + */ + (void) efx_mcdi_set_tunnel_encap_udp_ports(enp, NULL, B_TRUE, + &resetting); + } + + enp->en_etop = NULL; + enp->en_mod_flags &= ~EFX_MOD_TUNNEL; +} + +static __checkReturn efx_rc_t +efx_tunnel_config_find_udp_tunnel_entry( + __in efx_tunnel_cfg_t *etcp, + __in uint16_t port, + __out unsigned int *entryp) +{ + unsigned int i; + + for (i = 0; i < etcp->etc_udp_entries_num; ++i) { + efx_tunnel_udp_entry_t *p = &etcp->etc_udp_entries[i]; + + if (p->etue_port == port) { + *entryp = i; + return (0); + } + } + + return (ENOENT); +} + + __checkReturn efx_rc_t +efx_tunnel_config_udp_add( + __in efx_nic_t *enp, + __in uint16_t port /* host/cpu-endian */, + __in efx_tunnel_protocol_t protocol) +{ + const efx_nic_cfg_t *encp = &enp->en_nic_cfg; + efx_tunnel_cfg_t *etcp = &enp->en_tunnel_cfg; + efsys_lock_state_t state; + efx_rc_t rc; + unsigned int entry; + + EFSYS_ASSERT3U(enp->en_mod_flags, &, EFX_MOD_TUNNEL); + + if (protocol >= EFX_TUNNEL_NPROTOS) { + rc = EINVAL; + goto fail1; + } + + if ((encp->enc_tunnel_encapsulations_supported & + (1u << protocol)) == 0) { + rc = ENOTSUP; + goto fail2; + } + + EFSYS_LOCK(enp->en_eslp, state); + + rc = efx_tunnel_config_find_udp_tunnel_entry(etcp, port, &entry); + if (rc == 0) { + rc = EEXIST; + goto fail3; + } + + if (etcp->etc_udp_entries_num == + encp->enc_tunnel_config_udp_entries_max) { + rc = ENOSPC; + goto fail4; + } + + etcp->etc_udp_entries[etcp->etc_udp_entries_num].etue_port = port; + etcp->etc_udp_entries[etcp->etc_udp_entries_num].etue_protocol = + protocol; + + etcp->etc_udp_entries_num++; + + EFSYS_UNLOCK(enp->en_eslp, state); + + return (0); + +fail4: + EFSYS_PROBE(fail4); + +fail3: + EFSYS_PROBE(fail3); + EFSYS_UNLOCK(enp->en_eslp, state); + +fail2: + EFSYS_PROBE(fail2); + +fail1: + EFSYS_PROBE1(fail1, efx_rc_t, rc); + + return (rc); +} + + __checkReturn efx_rc_t +efx_tunnel_config_udp_remove( + __in efx_nic_t *enp, + __in uint16_t port /* host/cpu-endian */, + __in efx_tunnel_protocol_t protocol) +{ + efx_tunnel_cfg_t *etcp = &enp->en_tunnel_cfg; + efsys_lock_state_t state; + unsigned int entry; + efx_rc_t rc; + + EFSYS_ASSERT3U(enp->en_mod_flags, &, EFX_MOD_TUNNEL); + + EFSYS_LOCK(enp->en_eslp, state); + + rc = efx_tunnel_config_find_udp_tunnel_entry(etcp, port, &entry); + if (rc != 0) + goto fail1; + + if (etcp->etc_udp_entries[entry].etue_protocol != protocol) { + rc = EINVAL; + goto fail2; + } + + EFSYS_ASSERT3U(etcp->etc_udp_entries_num, >, 0); + etcp->etc_udp_entries_num--; + + if (entry < etcp->etc_udp_entries_num) { + memmove(&etcp->etc_udp_entries[entry], + &etcp->etc_udp_entries[entry + 1], + (etcp->etc_udp_entries_num - entry) * + sizeof (etcp->etc_udp_entries[0])); + } + + memset(&etcp->etc_udp_entries[etcp->etc_udp_entries_num], 0, + sizeof (etcp->etc_udp_entries[0])); + + EFSYS_UNLOCK(enp->en_eslp, state); + + return (0); + +fail2: + EFSYS_PROBE(fail2); + +fail1: + EFSYS_PROBE1(fail1, efx_rc_t, rc); + EFSYS_UNLOCK(enp->en_eslp, state); + + return (rc); +} + + void +efx_tunnel_config_clear( + __in efx_nic_t *enp) +{ + efx_tunnel_cfg_t *etcp = &enp->en_tunnel_cfg; + efsys_lock_state_t state; + + EFSYS_ASSERT3U(enp->en_mod_flags, &, EFX_MOD_TUNNEL); + + EFSYS_LOCK(enp->en_eslp, state); + + etcp->etc_udp_entries_num = 0; + memset(etcp->etc_udp_entries, 0, sizeof (etcp->etc_udp_entries)); + + EFSYS_UNLOCK(enp->en_eslp, state); +} + + __checkReturn efx_rc_t +efx_tunnel_reconfigure( + __in efx_nic_t *enp) +{ + const efx_tunnel_ops_t *etop = enp->en_etop; + efx_rc_t rc; + + EFSYS_ASSERT3U(enp->en_mod_flags, &, EFX_MOD_TUNNEL); + + if (etop->eto_reconfigure == NULL) { + rc = ENOTSUP; + goto fail1; + } + + if ((rc = enp->en_etop->eto_reconfigure(enp)) != 0) + goto fail2; + + return (0); + +fail2: + EFSYS_PROBE(fail2); + +fail1: + EFSYS_PROBE1(fail1, efx_rc_t, rc); + + return (rc); +} + +#if EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 +static __checkReturn boolean_t +ef10_udp_encap_supported( + __in efx_nic_t *enp) +{ + const efx_nic_cfg_t *encp = &enp->en_nic_cfg; + uint32_t udp_tunnels_mask = 0; + + udp_tunnels_mask |= (1u << EFX_TUNNEL_PROTOCOL_VXLAN); + udp_tunnels_mask |= (1u << EFX_TUNNEL_PROTOCOL_GENEVE); + + return ((encp->enc_tunnel_encapsulations_supported & + udp_tunnels_mask) == 0 ? B_FALSE : B_TRUE); +} + +static __checkReturn efx_rc_t +ef10_tunnel_reconfigure( + __in efx_nic_t *enp) +{ + efx_tunnel_cfg_t *etcp = &enp->en_tunnel_cfg; + efx_rc_t rc; + boolean_t resetting; + efsys_lock_state_t state; + efx_tunnel_cfg_t etc; + + EFSYS_LOCK(enp->en_eslp, state); + memcpy(&etc, etcp, sizeof (etc)); + EFSYS_UNLOCK(enp->en_eslp, state); + + if (ef10_udp_encap_supported(enp) == B_FALSE) { + /* + * It is OK to apply empty UDP tunnel ports when UDP + * tunnel encapsulations are not supported - just nothing + * should be done. + */ + if (etc.etc_udp_entries_num == 0) + return (0); + rc = ENOTSUP; + goto fail1; + } else { + /* + * All PCI functions can see a reset upon the + * MCDI request completion + */ + rc = efx_mcdi_set_tunnel_encap_udp_ports(enp, &etc, B_FALSE, + &resetting); + if (rc != 0) + goto fail2; + + /* + * Although the caller should be able to handle MC reboot, + * it might come in handy to report the impending reboot + * by returning EAGAIN + */ + return ((resetting) ? EAGAIN : 0); + } +fail2: + EFSYS_PROBE(fail2); + +fail1: + EFSYS_PROBE1(fail1, efx_rc_t, rc); + + return (rc); +} +#endif /* EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 */ + +#endif /* EFSYS_OPT_TUNNEL */ diff --git a/sys/dev/sfxge/common/efx_tx.c b/sys/dev/sfxge/common/efx_tx.c index 09e048b6f236..503da9d9dc61 100644 --- a/sys/dev/sfxge/common/efx_tx.c +++ b/sys/dev/sfxge/common/efx_tx.c @@ -146,6 +146,7 @@ static const efx_tx_ops_t __efx_tx_siena_ops = { NULL, /* etxo_qdesc_tso_create */ NULL, /* etxo_qdesc_tso2_create */ NULL, /* etxo_qdesc_vlantci_create */ + NULL, /* etxo_qdesc_checksum_create */ #if EFSYS_OPT_QSTATS siena_tx_qstats_update, /* etxo_qstats_update */ #endif @@ -172,6 +173,7 @@ static const efx_tx_ops_t __efx_tx_hunt_ops = { ef10_tx_qdesc_tso_create, /* etxo_qdesc_tso_create */ ef10_tx_qdesc_tso2_create, /* etxo_qdesc_tso2_create */ ef10_tx_qdesc_vlantci_create, /* etxo_qdesc_vlantci_create */ + ef10_tx_qdesc_checksum_create, /* etxo_qdesc_checksum_create */ #if EFSYS_OPT_QSTATS ef10_tx_qstats_update, /* etxo_qstats_update */ #endif @@ -198,12 +200,41 @@ static const efx_tx_ops_t __efx_tx_medford_ops = { NULL, /* etxo_qdesc_tso_create */ ef10_tx_qdesc_tso2_create, /* etxo_qdesc_tso2_create */ ef10_tx_qdesc_vlantci_create, /* etxo_qdesc_vlantci_create */ + ef10_tx_qdesc_checksum_create, /* etxo_qdesc_checksum_create */ #if EFSYS_OPT_QSTATS ef10_tx_qstats_update, /* etxo_qstats_update */ #endif }; #endif /* EFSYS_OPT_MEDFORD */ +#if EFSYS_OPT_MEDFORD2 +static const efx_tx_ops_t __efx_tx_medford2_ops = { + ef10_tx_init, /* etxo_init */ + ef10_tx_fini, /* etxo_fini */ + ef10_tx_qcreate, /* etxo_qcreate */ + ef10_tx_qdestroy, /* etxo_qdestroy */ + ef10_tx_qpost, /* etxo_qpost */ + ef10_tx_qpush, /* etxo_qpush */ + ef10_tx_qpace, /* etxo_qpace */ + ef10_tx_qflush, /* etxo_qflush */ + ef10_tx_qenable, /* etxo_qenable */ + ef10_tx_qpio_enable, /* etxo_qpio_enable */ + ef10_tx_qpio_disable, /* etxo_qpio_disable */ + ef10_tx_qpio_write, /* etxo_qpio_write */ + ef10_tx_qpio_post, /* etxo_qpio_post */ + ef10_tx_qdesc_post, /* etxo_qdesc_post */ + ef10_tx_qdesc_dma_create, /* etxo_qdesc_dma_create */ + NULL, /* etxo_qdesc_tso_create */ + ef10_tx_qdesc_tso2_create, /* etxo_qdesc_tso2_create */ + ef10_tx_qdesc_vlantci_create, /* etxo_qdesc_vlantci_create */ + ef10_tx_qdesc_checksum_create, /* etxo_qdesc_checksum_create */ +#if EFSYS_OPT_QSTATS + ef10_tx_qstats_update, /* etxo_qstats_update */ +#endif +}; +#endif /* EFSYS_OPT_MEDFORD2 */ + + __checkReturn efx_rc_t efx_tx_init( __in efx_nic_t *enp) @@ -243,6 +274,12 @@ efx_tx_init( break; #endif /* EFSYS_OPT_MEDFORD */ +#if EFSYS_OPT_MEDFORD2 + case EFX_FAMILY_MEDFORD2: + etxop = &__efx_tx_medford2_ops; + break; +#endif /* EFSYS_OPT_MEDFORD2 */ + default: EFSYS_ASSERT(0); rc = ENOTSUP; @@ -564,19 +601,10 @@ efx_tx_qdesc_post( { efx_nic_t *enp = etp->et_enp; const efx_tx_ops_t *etxop = enp->en_etxop; - efx_rc_t rc; EFSYS_ASSERT3U(etp->et_magic, ==, EFX_TXQ_MAGIC); - if ((rc = etxop->etxo_qdesc_post(etp, ed, - ndescs, completed, addedp)) != 0) - goto fail1; - - return (0); - -fail1: - EFSYS_PROBE1(fail1, efx_rc_t, rc); - return (rc); + return (etxop->etxo_qdesc_post(etp, ed, ndescs, completed, addedp)); } void @@ -617,6 +645,7 @@ efx_tx_qdesc_tso_create( efx_tx_qdesc_tso2_create( __in efx_txq_t *etp, __in uint16_t ipv4_id, + __in uint16_t outer_ipv4_id, __in uint32_t tcp_seq, __in uint16_t mss, __out_ecount(count) efx_desc_t *edp, @@ -628,7 +657,8 @@ efx_tx_qdesc_tso2_create( EFSYS_ASSERT3U(etp->et_magic, ==, EFX_TXQ_MAGIC); EFSYS_ASSERT(etxop->etxo_qdesc_tso2_create != NULL); - etxop->etxo_qdesc_tso2_create(etp, ipv4_id, tcp_seq, mss, edp, count); + etxop->etxo_qdesc_tso2_create(etp, ipv4_id, outer_ipv4_id, + tcp_seq, mss, edp, count); } void @@ -646,6 +676,21 @@ efx_tx_qdesc_vlantci_create( etxop->etxo_qdesc_vlantci_create(etp, tci, edp); } + void +efx_tx_qdesc_checksum_create( + __in efx_txq_t *etp, + __in uint16_t flags, + __out efx_desc_t *edp) +{ + efx_nic_t *enp = etp->et_enp; + const efx_tx_ops_t *etxop = enp->en_etxop; + + EFSYS_ASSERT3U(etp->et_magic, ==, EFX_TXQ_MAGIC); + EFSYS_ASSERT(etxop->etxo_qdesc_checksum_create != NULL); + + etxop->etxo_qdesc_checksum_create(etp, flags, edp); +} + #if EFSYS_OPT_QSTATS void @@ -738,10 +783,9 @@ siena_tx_qpost( { unsigned int added = *addedp; unsigned int i; - int rc = ENOSPC; if (added - completed + ndescs > EFX_TXQ_LIMIT(etp->et_mask + 1)) - goto fail1; + return (ENOSPC); for (i = 0; i < ndescs; i++) { efx_buffer_t *ebp = &eb[i]; @@ -763,11 +807,6 @@ siena_tx_qpost( *addedp = added; return (0); - -fail1: - EFSYS_PROBE1(fail1, efx_rc_t, rc); - - return (rc); } static void diff --git a/sys/dev/sfxge/common/efx_types.h b/sys/dev/sfxge/common/efx_types.h index 98287efb77d4..8828aa230fd4 100644 --- a/sys/dev/sfxge/common/efx_types.h +++ b/sys/dev/sfxge/common/efx_types.h @@ -357,6 +357,16 @@ extern int fix_lint; #endif /* + * Saturation arithmetic subtract with minimum equal to zero. + * + * Use saturating arithmetic to ensure a non-negative result. This + * avoids undefined behaviour (and compiler warnings) when used as a + * shift count. + */ +#define EFX_SSUB(_val, _sub) \ + ((_val) > (_sub) ? ((_val) - (_sub)) : 0) + +/* * Extract bit field portion [low,high) from the native-endian element * which contains bits [min,max). * @@ -375,8 +385,8 @@ extern int fix_lint; ((FIX_LINT(_low > _max) || FIX_LINT(_high < _min)) ? \ 0U : \ ((_low > _min) ? \ - ((_element) >> (_low - _min)) : \ - ((_element) << (_min - _low)))) + ((_element) >> EFX_SSUB(_low, _min)) : \ + ((_element) << EFX_SSUB(_min, _low)))) /* * Extract bit field portion [low,high) from the 64-bit little-endian @@ -565,29 +575,29 @@ extern int fix_lint; (((_low > _max) || (_high < _min)) ? \ 0U : \ ((_low > _min) ? \ - (((uint64_t)(_value)) << (_low - _min)) : \ - (((uint64_t)(_value)) >> (_min - _low)))) + (((uint64_t)(_value)) << EFX_SSUB(_low, _min)) :\ + (((uint64_t)(_value)) >> EFX_SSUB(_min, _low)))) #define EFX_INSERT_NATIVE32(_min, _max, _low, _high, _value) \ (((_low > _max) || (_high < _min)) ? \ 0U : \ ((_low > _min) ? \ - (((uint32_t)(_value)) << (_low - _min)) : \ - (((uint32_t)(_value)) >> (_min - _low)))) + (((uint32_t)(_value)) << EFX_SSUB(_low, _min)) :\ + (((uint32_t)(_value)) >> EFX_SSUB(_min, _low)))) #define EFX_INSERT_NATIVE16(_min, _max, _low, _high, _value) \ (((_low > _max) || (_high < _min)) ? \ 0U : \ (uint16_t)((_low > _min) ? \ - ((_value) << (_low - _min)) : \ - ((_value) >> (_min - _low)))) + ((_value) << EFX_SSUB(_low, _min)) : \ + ((_value) >> EFX_SSUB(_min, _low)))) #define EFX_INSERT_NATIVE8(_min, _max, _low, _high, _value) \ (((_low > _max) || (_high < _min)) ? \ 0U : \ (uint8_t)((_low > _min) ? \ - ((_value) << (_low - _min)) : \ - ((_value) >> (_min - _low)))) + ((_value) << EFX_SSUB(_low, _min)) : \ + ((_value) >> EFX_SSUB(_min, _low)))) /* * Construct bit field portion @@ -1316,22 +1326,22 @@ extern int fix_lint; #define EFX_SHIFT64(_bit, _base) \ (((_bit) >= (_base) && (_bit) < (_base) + 64) ? \ - ((uint64_t)1 << ((_bit) - (_base))) : \ + ((uint64_t)1 << EFX_SSUB((_bit), (_base))) : \ 0U) #define EFX_SHIFT32(_bit, _base) \ (((_bit) >= (_base) && (_bit) < (_base) + 32) ? \ - ((uint32_t)1 << ((_bit) - (_base))) : \ + ((uint32_t)1 << EFX_SSUB((_bit),(_base))) : \ 0U) #define EFX_SHIFT16(_bit, _base) \ (((_bit) >= (_base) && (_bit) < (_base) + 16) ? \ - (uint16_t)(1 << ((_bit) - (_base))) : \ + (uint16_t)(1 << EFX_SSUB((_bit), (_base))) : \ 0U) #define EFX_SHIFT8(_bit, _base) \ (((_bit) >= (_base) && (_bit) < (_base) + 8) ? \ - (uint8_t)(1 << ((_bit) - (_base))) : \ + (uint8_t)(1 << EFX_SSUB((_bit), (_base))) : \ 0U) #define EFX_SET_OWORD_BIT64(_oword, _bit) \ diff --git a/sys/dev/sfxge/common/efx_vpd.c b/sys/dev/sfxge/common/efx_vpd.c index 1d48fc327444..55ad2fde136e 100644 --- a/sys/dev/sfxge/common/efx_vpd.c +++ b/sys/dev/sfxge/common/efx_vpd.c @@ -73,7 +73,7 @@ static const efx_vpd_ops_t __efx_vpd_siena_ops = { #endif /* EFSYS_OPT_SIENA */ -#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD +#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 static const efx_vpd_ops_t __efx_vpd_ef10_ops = { ef10_vpd_init, /* evpdo_init */ @@ -88,7 +88,7 @@ static const efx_vpd_ops_t __efx_vpd_ef10_ops = { ef10_vpd_fini, /* evpdo_fini */ }; -#endif /* EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD */ +#endif /* EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2 */ __checkReturn efx_rc_t efx_vpd_init( @@ -120,6 +120,12 @@ efx_vpd_init( break; #endif /* EFSYS_OPT_MEDFORD */ +#if EFSYS_OPT_MEDFORD2 + case EFX_FAMILY_MEDFORD2: + evpdop = &__efx_vpd_ef10_ops; + break; +#endif /* EFSYS_OPT_MEDFORD2 */ + default: EFSYS_ASSERT(0); rc = ENOTSUP; diff --git a/sys/dev/sfxge/common/hunt_nic.c b/sys/dev/sfxge/common/hunt_nic.c index 55b7fea7f990..f3594710d550 100644 --- a/sys/dev/sfxge/common/hunt_nic.c +++ b/sys/dev/sfxge/common/hunt_nic.c @@ -47,7 +47,6 @@ hunt_nic_get_required_pcie_bandwidth( __out uint32_t *bandwidth_mbpsp) { uint32_t port_modes; - uint32_t max_port_mode; uint32_t bandwidth; efx_rc_t rc; @@ -57,13 +56,14 @@ hunt_nic_get_required_pcie_bandwidth( * capable mode is in use. */ - if ((rc = efx_mcdi_get_port_modes(enp, &port_modes, NULL)) != 0) { + if ((rc = efx_mcdi_get_port_modes(enp, &port_modes, + NULL, NULL)) != 0) { /* No port mode info available */ bandwidth = 0; goto out; } - if (port_modes & (1 << TLV_PORT_MODE_40G_40G)) { + if (port_modes & (1U << TLV_PORT_MODE_40G_40G)) { /* * This needs the full PCIe bandwidth (and could use * more) - roughly 64 Gbit/s for 8 lanes of Gen3. @@ -72,18 +72,14 @@ hunt_nic_get_required_pcie_bandwidth( EFX_PCIE_LINK_SPEED_GEN3, &bandwidth)) != 0) goto fail1; } else { - if (port_modes & (1 << TLV_PORT_MODE_40G)) { - max_port_mode = TLV_PORT_MODE_40G; - } else if (port_modes & (1 << TLV_PORT_MODE_10G_10G_10G_10G)) { - max_port_mode = TLV_PORT_MODE_10G_10G_10G_10G; + if (port_modes & (1U << TLV_PORT_MODE_40G)) { + bandwidth = 40000; + } else if (port_modes & (1U << TLV_PORT_MODE_10G_10G_10G_10G)) { + bandwidth = 4 * 10000; } else { /* Assume two 10G ports */ - max_port_mode = TLV_PORT_MODE_10G_10G; + bandwidth = 2 * 10000; } - - if ((rc = ef10_nic_get_port_mode_bandwidth(max_port_mode, - &bandwidth)) != 0) - goto fail2; } out: @@ -91,8 +87,6 @@ out: return (0); -fail2: - EFSYS_PROBE(fail2); fail1: EFSYS_PROBE1(fail1, efx_rc_t, rc); @@ -103,90 +97,13 @@ fail1: hunt_board_cfg( __in efx_nic_t *enp) { - efx_mcdi_iface_t *emip = &(enp->en_mcdi.em_emip); efx_nic_cfg_t *encp = &(enp->en_nic_cfg); - uint8_t mac_addr[6]; - uint32_t board_type = 0; - ef10_link_state_t els; efx_port_t *epp = &(enp->en_port); - uint32_t port; - uint32_t pf; - uint32_t vf; - uint32_t mask; uint32_t flags; uint32_t sysclk, dpcpu_clk; - uint32_t base, nvec; uint32_t bandwidth; efx_rc_t rc; - if ((rc = efx_mcdi_get_port_assignment(enp, &port)) != 0) - goto fail1; - - /* - * NOTE: The MCDI protocol numbers ports from zero. - * The common code MCDI interface numbers ports from one. - */ - emip->emi_port = port + 1; - - if ((rc = ef10_external_port_mapping(enp, port, - &encp->enc_external_port)) != 0) - goto fail2; - - /* - * Get PCIe function number from firmware (used for - * per-function privilege and dynamic config info). - * - PCIe PF: pf = PF number, vf = 0xffff. - * - PCIe VF: pf = parent PF, vf = VF number. - */ - if ((rc = efx_mcdi_get_function_info(enp, &pf, &vf)) != 0) - goto fail3; - - encp->enc_pf = pf; - encp->enc_vf = vf; - - /* MAC address for this function */ - if (EFX_PCI_FUNCTION_IS_PF(encp)) { - rc = efx_mcdi_get_mac_address_pf(enp, mac_addr); - if ((rc == 0) && (mac_addr[0] & 0x02)) { - /* - * If the static config does not include a global MAC - * address pool then the board may return a locally - * administered MAC address (this should only happen on - * incorrectly programmed boards). - */ - rc = EINVAL; - } - } else { - rc = efx_mcdi_get_mac_address_vf(enp, mac_addr); - } - if (rc != 0) - goto fail4; - - EFX_MAC_ADDR_COPY(encp->enc_mac_addr, mac_addr); - - /* Board configuration */ - rc = efx_mcdi_get_board_cfg(enp, &board_type, NULL, NULL); - if (rc != 0) { - /* Unprivileged functions may not be able to read board cfg */ - if (rc == EACCES) - board_type = 0; - else - goto fail5; - } - - encp->enc_board_type = board_type; - encp->enc_clk_mult = 1; /* not used for Huntington */ - - /* Fill out fields in enp->en_port and enp->en_nic_cfg from MCDI */ - if ((rc = efx_mcdi_get_phy_cfg(enp)) != 0) - goto fail6; - - /* Obtain the default PHY advertised capabilities */ - if ((rc = ef10_phy_get_link(enp, &els)) != 0) - goto fail7; - epp->ep_default_adv_cap_mask = els.els_adv_cap_mask; - epp->ep_adv_cap_mask = els.els_adv_cap_mask; - /* * Enable firmware workarounds for hardware errata. * Expected responses are: @@ -214,7 +131,7 @@ hunt_board_cfg( else if ((rc == ENOTSUP) || (rc == ENOENT)) encp->enc_bug35388_workaround = B_FALSE; else - goto fail8; + goto fail1; /* * If the bug41750 workaround is enabled, then do not test interrupts, @@ -233,7 +150,7 @@ hunt_board_cfg( } else if ((rc == ENOTSUP) || (rc == ENOENT)) { encp->enc_bug41750_workaround = B_FALSE; } else { - goto fail9; + goto fail2; } if (EFX_PCI_FUNCTION_IS_VF(encp)) { /* Interrupt testing does not work for VFs. See bug50084. */ @@ -271,12 +188,12 @@ hunt_board_cfg( } else if ((rc == ENOTSUP) || (rc == ENOENT)) { encp->enc_bug26807_workaround = B_FALSE; } else { - goto fail10; + goto fail3; } /* Get clock frequencies (in MHz). */ if ((rc = efx_mcdi_get_clock(enp, &sysclk, &dpcpu_clk)) != 0) - goto fail11; + goto fail4; /* * The Huntington timer quantum is 1536 sysclk cycles, documented for @@ -293,80 +210,26 @@ hunt_board_cfg( encp->enc_bug61265_workaround = B_FALSE; /* Medford only */ - /* Check capabilities of running datapath firmware */ - if ((rc = ef10_get_datapath_caps(enp)) != 0) - goto fail12; + /* Checksums for TSO sends can be incorrect on Huntington. */ + encp->enc_bug61297_workaround = B_TRUE; /* Alignment for receive packet DMA buffers */ encp->enc_rx_buf_align_start = 1; encp->enc_rx_buf_align_end = 64; /* RX DMA end padding */ - /* Alignment for WPTR updates */ - encp->enc_rx_push_align = EF10_RX_WPTR_ALIGN; - - /* - * Maximum number of exclusive RSS contexts which can be allocated. The - * hardware supports 64, but 6 are reserved for shared contexts. They - * are a global resource so not all may be available. - */ - encp->enc_rx_scale_max_exclusive_contexts = 58; - - encp->enc_tx_dma_desc_size_max = EFX_MASK32(ESF_DZ_RX_KER_BYTE_CNT); - /* No boundary crossing limits */ - encp->enc_tx_dma_desc_boundary = 0; - - /* - * Set resource limits for MC_CMD_ALLOC_VIS. Note that we cannot use - * MC_CMD_GET_RESOURCE_LIMITS here as that reports the available - * resources (allocated to this PCIe function), which is zero until - * after we have allocated VIs. - */ - encp->enc_evq_limit = 1024; - encp->enc_rxq_limit = EFX_RXQ_LIMIT_TARGET; - encp->enc_txq_limit = EFX_TXQ_LIMIT_TARGET; - /* * The workaround for bug35388 uses the top bit of transmit queue * descriptor writes, preventing the use of 4096 descriptor TXQs. */ encp->enc_txq_max_ndescs = encp->enc_bug35388_workaround ? 2048 : 4096; - encp->enc_buftbl_limit = 0xFFFFFFFF; - + EFX_STATIC_ASSERT(HUNT_PIOBUF_NBUFS <= EF10_MAX_PIOBUF_NBUFS); encp->enc_piobuf_limit = HUNT_PIOBUF_NBUFS; encp->enc_piobuf_size = HUNT_PIOBUF_SIZE; encp->enc_piobuf_min_alloc_size = HUNT_MIN_PIO_ALLOC_SIZE; - /* - * Get the current privilege mask. Note that this may be modified - * dynamically, so this value is informational only. DO NOT use - * the privilege mask to check for sufficient privileges, as that - * can result in time-of-check/time-of-use bugs. - */ - if ((rc = ef10_get_privilege_mask(enp, &mask)) != 0) - goto fail13; - encp->enc_privilege_mask = mask; - - /* Get interrupt vector limits */ - if ((rc = efx_mcdi_get_vector_cfg(enp, &base, &nvec, NULL)) != 0) { - if (EFX_PCI_FUNCTION_IS_PF(encp)) - goto fail14; - - /* Ignore error (cannot query vector limits from a VF). */ - base = 0; - nvec = 1024; - } - encp->enc_intr_vec_base = base; - encp->enc_intr_limit = nvec; - - /* - * Maximum number of bytes into the frame the TCP header can start for - * firmware assisted TSO to work. - */ - encp->enc_tx_tso_tcp_header_offset_limit = EF10_TCP_HEADER_OFFSET_LIMIT; - if ((rc = hunt_nic_get_required_pcie_bandwidth(enp, &bandwidth)) != 0) - goto fail15; + goto fail5; encp->enc_required_pcie_bandwidth_mbps = bandwidth; /* All Huntington devices have a PCIe Gen3, 8 lane connector */ @@ -374,26 +237,6 @@ hunt_board_cfg( return (0); -fail15: - EFSYS_PROBE(fail15); -fail14: - EFSYS_PROBE(fail14); -fail13: - EFSYS_PROBE(fail13); -fail12: - EFSYS_PROBE(fail12); -fail11: - EFSYS_PROBE(fail11); -fail10: - EFSYS_PROBE(fail10); -fail9: - EFSYS_PROBE(fail9); -fail8: - EFSYS_PROBE(fail8); -fail7: - EFSYS_PROBE(fail7); -fail6: - EFSYS_PROBE(fail6); fail5: EFSYS_PROBE(fail5); fail4: diff --git a/sys/dev/sfxge/common/mcdi_mon.c b/sys/dev/sfxge/common/mcdi_mon.c index 6d6f66b85d12..835ea210983a 100644 --- a/sys/dev/sfxge/common/mcdi_mon.c +++ b/sys/dev/sfxge/common/mcdi_mon.c @@ -33,137 +33,15 @@ __FBSDID("$FreeBSD$"); #include "efx.h" #include "efx_impl.h" +#include "mcdi_mon.h" #if EFSYS_OPT_MON_MCDI #if EFSYS_OPT_MON_STATS -#define MCDI_MON_NEXT_PAGE ((uint16_t)0xfffe) -#define MCDI_MON_INVALID_SENSOR ((uint16_t)0xfffd) -#define MCDI_MON_PAGE_SIZE 0x20 - -/* Bitmasks of valid port(s) for each sensor */ -#define MCDI_MON_PORT_NONE (0x00) -#define MCDI_MON_PORT_P1 (0x01) -#define MCDI_MON_PORT_P2 (0x02) -#define MCDI_MON_PORT_P3 (0x04) -#define MCDI_MON_PORT_P4 (0x08) -#define MCDI_MON_PORT_Px (0xFFFF) - /* Get port mask from one-based MCDI port number */ #define MCDI_MON_PORT_MASK(_emip) (1U << ((_emip)->emi_port - 1)) -/* Entry for MCDI sensor in sensor map */ -#define STAT(portmask, stat) \ - { (MCDI_MON_PORT_##portmask), (EFX_MON_STAT_##stat) } - -/* Entry for sensor next page flag in sensor map */ -#define STAT_NEXT_PAGE() \ - { MCDI_MON_PORT_NONE, MCDI_MON_NEXT_PAGE } - -/* Placeholder for gaps in the array */ -#define STAT_NO_SENSOR() \ - { MCDI_MON_PORT_NONE, MCDI_MON_INVALID_SENSOR } - -/* Map from MC sensors to monitor statistics */ -static const struct mcdi_sensor_map_s { - uint16_t msm_port_mask; - uint16_t msm_stat; -} mcdi_sensor_map[] = { - /* Sensor page 0 MC_CMD_SENSOR_xxx */ - STAT(Px, INT_TEMP), /* 0x00 CONTROLLER_TEMP */ - STAT(Px, EXT_TEMP), /* 0x01 PHY_COMMON_TEMP */ - STAT(Px, INT_COOLING), /* 0x02 CONTROLLER_COOLING */ - STAT(P1, EXT_TEMP), /* 0x03 PHY0_TEMP */ - STAT(P1, EXT_COOLING), /* 0x04 PHY0_COOLING */ - STAT(P2, EXT_TEMP), /* 0x05 PHY1_TEMP */ - STAT(P2, EXT_COOLING), /* 0x06 PHY1_COOLING */ - STAT(Px, 1V), /* 0x07 IN_1V0 */ - STAT(Px, 1_2V), /* 0x08 IN_1V2 */ - STAT(Px, 1_8V), /* 0x09 IN_1V8 */ - STAT(Px, 2_5V), /* 0x0a IN_2V5 */ - STAT(Px, 3_3V), /* 0x0b IN_3V3 */ - STAT(Px, 12V), /* 0x0c IN_12V0 */ - STAT(Px, 1_2VA), /* 0x0d IN_1V2A */ - STAT(Px, VREF), /* 0x0e IN_VREF */ - STAT(Px, VAOE), /* 0x0f OUT_VAOE */ - STAT(Px, AOE_TEMP), /* 0x10 AOE_TEMP */ - STAT(Px, PSU_AOE_TEMP), /* 0x11 PSU_AOE_TEMP */ - STAT(Px, PSU_TEMP), /* 0x12 PSU_TEMP */ - STAT(Px, FAN0), /* 0x13 FAN_0 */ - STAT(Px, FAN1), /* 0x14 FAN_1 */ - STAT(Px, FAN2), /* 0x15 FAN_2 */ - STAT(Px, FAN3), /* 0x16 FAN_3 */ - STAT(Px, FAN4), /* 0x17 FAN_4 */ - STAT(Px, VAOE_IN), /* 0x18 IN_VAOE */ - STAT(Px, IAOE), /* 0x19 OUT_IAOE */ - STAT(Px, IAOE_IN), /* 0x1a IN_IAOE */ - STAT(Px, NIC_POWER), /* 0x1b NIC_POWER */ - STAT(Px, 0_9V), /* 0x1c IN_0V9 */ - STAT(Px, I0_9V), /* 0x1d IN_I0V9 */ - STAT(Px, I1_2V), /* 0x1e IN_I1V2 */ - STAT_NEXT_PAGE(), /* 0x1f Next page flag (not a sensor) */ - - /* Sensor page 1 MC_CMD_SENSOR_xxx */ - STAT(Px, 0_9V_ADC), /* 0x20 IN_0V9_ADC */ - STAT(Px, INT_TEMP2), /* 0x21 CONTROLLER_2_TEMP */ - STAT(Px, VREG_TEMP), /* 0x22 VREG_INTERNAL_TEMP */ - STAT(Px, VREG_0_9V_TEMP), /* 0x23 VREG_0V9_TEMP */ - STAT(Px, VREG_1_2V_TEMP), /* 0x24 VREG_1V2_TEMP */ - STAT(Px, INT_VPTAT), /* 0x25 CTRLR. VPTAT */ - STAT(Px, INT_ADC_TEMP), /* 0x26 CTRLR. INTERNAL_TEMP */ - STAT(Px, EXT_VPTAT), /* 0x27 CTRLR. VPTAT_EXTADC */ - STAT(Px, EXT_ADC_TEMP), /* 0x28 CTRLR. INTERNAL_TEMP_EXTADC */ - STAT(Px, AMBIENT_TEMP), /* 0x29 AMBIENT_TEMP */ - STAT(Px, AIRFLOW), /* 0x2a AIRFLOW */ - STAT(Px, VDD08D_VSS08D_CSR), /* 0x2b VDD08D_VSS08D_CSR */ - STAT(Px, VDD08D_VSS08D_CSR_EXTADC), /* 0x2c VDD08D_VSS08D_CSR_EXTADC */ - STAT(Px, HOTPOINT_TEMP), /* 0x2d HOTPOINT_TEMP */ - STAT(P1, PHY_POWER_SWITCH_PORT0), /* 0x2e PHY_POWER_SWITCH_PORT0 */ - STAT(P2, PHY_POWER_SWITCH_PORT1), /* 0x2f PHY_POWER_SWITCH_PORT1 */ - STAT(Px, MUM_VCC), /* 0x30 MUM_VCC */ - STAT(Px, 0V9_A), /* 0x31 0V9_A */ - STAT(Px, I0V9_A), /* 0x32 I0V9_A */ - STAT(Px, 0V9_A_TEMP), /* 0x33 0V9_A_TEMP */ - STAT(Px, 0V9_B), /* 0x34 0V9_B */ - STAT(Px, I0V9_B), /* 0x35 I0V9_B */ - STAT(Px, 0V9_B_TEMP), /* 0x36 0V9_B_TEMP */ - STAT(Px, CCOM_AVREG_1V2_SUPPLY), /* 0x37 CCOM_AVREG_1V2_SUPPLY */ - STAT(Px, CCOM_AVREG_1V2_SUPPLY_EXT_ADC), - /* 0x38 CCOM_AVREG_1V2_SUPPLY_EXT_ADC */ - STAT(Px, CCOM_AVREG_1V8_SUPPLY), /* 0x39 CCOM_AVREG_1V8_SUPPLY */ - STAT(Px, CCOM_AVREG_1V8_SUPPLY_EXT_ADC), - /* 0x3a CCOM_AVREG_1V8_SUPPLY_EXT_ADC */ - STAT_NO_SENSOR(), /* 0x3b (no sensor) */ - STAT_NO_SENSOR(), /* 0x3c (no sensor) */ - STAT_NO_SENSOR(), /* 0x3d (no sensor) */ - STAT_NO_SENSOR(), /* 0x3e (no sensor) */ - STAT_NEXT_PAGE(), /* 0x3f Next page flag (not a sensor) */ - - /* Sensor page 2 MC_CMD_SENSOR_xxx */ - STAT(Px, CONTROLLER_MASTER_VPTAT), /* 0x40 MASTER_VPTAT */ - STAT(Px, CONTROLLER_MASTER_INTERNAL_TEMP), /* 0x41 MASTER_INT_TEMP */ - STAT(Px, CONTROLLER_MASTER_VPTAT_EXT_ADC), /* 0x42 MAST_VPTAT_EXT_ADC */ - STAT(Px, CONTROLLER_MASTER_INTERNAL_TEMP_EXT_ADC), - /* 0x43 MASTER_INTERNAL_TEMP_EXT_ADC */ - STAT(Px, CONTROLLER_SLAVE_VPTAT), /* 0x44 SLAVE_VPTAT */ - STAT(Px, CONTROLLER_SLAVE_INTERNAL_TEMP), /* 0x45 SLAVE_INTERNAL_TEMP */ - STAT(Px, CONTROLLER_SLAVE_VPTAT_EXT_ADC), /* 0x46 SLAVE_VPTAT_EXT_ADC */ - STAT(Px, CONTROLLER_SLAVE_INTERNAL_TEMP_EXT_ADC), - /* 0x47 SLAVE_INTERNAL_TEMP_EXT_ADC */ - STAT_NO_SENSOR(), /* 0x48 (no sensor) */ - STAT(Px, SODIMM_VOUT), /* 0x49 SODIMM_VOUT */ - STAT(Px, SODIMM_0_TEMP), /* 0x4a SODIMM_0_TEMP */ - STAT(Px, SODIMM_1_TEMP), /* 0x4b SODIMM_1_TEMP */ - STAT(Px, PHY0_VCC), /* 0x4c PHY0_VCC */ - STAT(Px, PHY1_VCC), /* 0x4d PHY1_VCC */ - STAT(Px, CONTROLLER_TDIODE_TEMP), /* 0x4e CONTROLLER_TDIODE_TEMP */ - STAT(Px, BOARD_FRONT_TEMP), /* 0x4f BOARD_FRONT_TEMP */ - STAT(Px, BOARD_BACK_TEMP), /* 0x50 BOARD_BACK_TEMP */ - STAT(Px, I1V8), /* 0x51 IN_I1V8 */ - STAT(Px, I2V5), /* 0x52 IN_I2V5 */ -}; - #define MCDI_STATIC_SENSOR_ASSERT(_field) \ EFX_STATIC_ASSERT(MC_CMD_SENSOR_STATE_ ## _field \ == EFX_MON_STAT_STATE_ ## _field) @@ -178,10 +56,10 @@ mcdi_mon_decode_stats( __inout_ecount_opt(EFX_MON_NSTATS) efx_mon_stat_value_t *stat) { efx_mcdi_iface_t *emip = &(enp->en_mcdi.em_emip); - uint16_t port_mask; + efx_mon_stat_portmask_t port_mask; uint16_t sensor; size_t sensor_max; - uint32_t stat_mask[(EFX_ARRAY_SIZE(mcdi_sensor_map) + 31) / 32]; + uint32_t stat_mask[(EFX_MON_NSTATS + 31) / 32]; uint32_t idx = 0; uint32_t page = 0; @@ -192,13 +70,10 @@ mcdi_mon_decode_stats( MCDI_STATIC_SENSOR_ASSERT(BROKEN); MCDI_STATIC_SENSOR_ASSERT(NO_READING); - EFX_STATIC_ASSERT(sizeof (stat_mask[0]) * 8 == - EFX_MON_MASK_ELEMENT_SIZE); - sensor_max = - MIN((8 * sensor_mask_size), EFX_ARRAY_SIZE(mcdi_sensor_map)); + sensor_max = 8 * sensor_mask_size; EFSYS_ASSERT(emip->emi_port > 0); /* MCDI port number is one-based */ - port_mask = MCDI_MON_PORT_MASK(emip); + port_mask = (efx_mon_stat_portmask_t)MCDI_MON_PORT_MASK(emip); memset(stat_mask, 0, sizeof (stat_mask)); @@ -213,19 +88,36 @@ mcdi_mon_decode_stats( * does not understand. */ for (sensor = 0; sensor < sensor_max; ++sensor) { - efx_mon_stat_t id = mcdi_sensor_map[sensor].msm_stat; + efx_mon_stat_t id; + efx_mon_stat_portmask_t stat_portmask = 0; + boolean_t decode_ok; + efx_mon_stat_unit_t stat_unit; - if ((sensor % MCDI_MON_PAGE_SIZE) == MC_CMD_SENSOR_PAGE0_NEXT) { - EFSYS_ASSERT3U(id, ==, MCDI_MON_NEXT_PAGE); + if ((sensor % (MC_CMD_SENSOR_PAGE0_NEXT + 1)) == + MC_CMD_SENSOR_PAGE0_NEXT) { page++; continue; + /* This sensor is one of the page boundary bits. */ } + if (~(sensor_mask[page]) & (1U << sensor)) continue; + /* This sensor not in DMA buffer */ + idx++; + /* + * Valid stat in DMA buffer that we need to increment over, even + * if we couldn't look up the id + */ + + decode_ok = efx_mon_mcdi_to_efx_stat(sensor, &id); + decode_ok = + decode_ok && efx_mon_get_stat_portmap(id, &stat_portmask); - if ((port_mask & mcdi_sensor_map[sensor].msm_port_mask) == 0) + if (!(decode_ok && (stat_portmask & port_mask))) continue; + /* Either bad decode, or don't know what port stat is on */ + EFSYS_ASSERT(id < EFX_MON_NSTATS); /* @@ -251,6 +143,10 @@ mcdi_mon_decode_stats( stat[id].emsv_state = (uint16_t)EFX_DWORD_FIELD(dword, MC_CMD_SENSOR_VALUE_ENTRY_TYPEDEF_STATE); + + stat[id].emsv_unit = + efx_mon_get_stat_unit(id, &stat_unit) ? + stat_unit : EFX_MON_STAT_UNIT_UNKNOWN; } } @@ -267,7 +163,7 @@ mcdi_mon_ev( __out efx_mon_stat_value_t *valuep) { efx_mcdi_iface_t *emip = &(enp->en_mcdi.em_emip); - uint16_t port_mask; + efx_mon_stat_portmask_t port_mask, sensor_port_mask; uint16_t sensor; uint16_t state; uint16_t value; @@ -284,20 +180,22 @@ mcdi_mon_ev( /* Hardware must support this MCDI sensor */ EFSYS_ASSERT3U(sensor, <, (8 * enp->en_nic_cfg.enc_mcdi_sensor_mask_size)); - EFSYS_ASSERT((sensor % MCDI_MON_PAGE_SIZE) != MC_CMD_SENSOR_PAGE0_NEXT); + EFSYS_ASSERT((sensor % (MC_CMD_SENSOR_PAGE0_NEXT + 1)) != + MC_CMD_SENSOR_PAGE0_NEXT); EFSYS_ASSERT(enp->en_nic_cfg.enc_mcdi_sensor_maskp != NULL); - EFSYS_ASSERT( - (enp->en_nic_cfg.enc_mcdi_sensor_maskp[sensor/MCDI_MON_PAGE_SIZE] & - (1U << (sensor % MCDI_MON_PAGE_SIZE))) != 0); + EFSYS_ASSERT((enp->en_nic_cfg.enc_mcdi_sensor_maskp[ + sensor / (MC_CMD_SENSOR_PAGE0_NEXT + 1)] & + (1U << (sensor % (MC_CMD_SENSOR_PAGE0_NEXT + 1)))) != 0); - /* But we don't have to understand it */ - if (sensor >= EFX_ARRAY_SIZE(mcdi_sensor_map)) { + /* And we need to understand it, to get port-map */ + if (!efx_mon_mcdi_to_efx_stat(sensor, &id)) { rc = ENOTSUP; goto fail1; } - id = mcdi_sensor_map[sensor].msm_stat; - if ((port_mask & mcdi_sensor_map[sensor].msm_port_mask) == 0) + if (!(efx_mon_get_stat_portmap(id, &sensor_port_mask) && + (port_mask && sensor_port_mask))) { return (ENODEV); + } EFSYS_ASSERT(id < EFX_MON_NSTATS); *idp = id; @@ -320,9 +218,15 @@ efx_mcdi_read_sensors( __in uint32_t size) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_READ_SENSORS_EXT_IN_LEN, - MC_CMD_READ_SENSORS_EXT_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_READ_SENSORS_EXT_IN_LEN, + MC_CMD_READ_SENSORS_EXT_OUT_LEN); uint32_t addr_lo, addr_hi; + efx_rc_t rc; + + if (EFSYS_MEM_SIZE(esmp) < size) { + rc = EINVAL; + goto fail1; + } req.emr_cmd = MC_CMD_READ_SENSORS; req.emr_in_buf = payload; @@ -340,6 +244,11 @@ efx_mcdi_read_sensors( efx_mcdi_execute(enp, &req); return (req.emr_rc); + +fail1: + EFSYS_PROBE1(fail1, efx_rc_t, rc); + + return (rc); } static __checkReturn efx_rc_t @@ -348,8 +257,8 @@ efx_mcdi_sensor_info_npages( __out uint32_t *npagesp) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_SENSOR_INFO_EXT_IN_LEN, - MC_CMD_SENSOR_INFO_OUT_LENMAX)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_SENSOR_INFO_EXT_IN_LEN, + MC_CMD_SENSOR_INFO_OUT_LENMAX); int page; efx_rc_t rc; @@ -392,8 +301,8 @@ efx_mcdi_sensor_info( __in size_t npages) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_SENSOR_INFO_EXT_IN_LEN, - MC_CMD_SENSOR_INFO_OUT_LENMAX)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_SENSOR_INFO_EXT_IN_LEN, + MC_CMD_SENSOR_INFO_OUT_LENMAX); uint32_t page; efx_rc_t rc; @@ -452,6 +361,86 @@ fail1: return (rc); } +static __checkReturn efx_rc_t +efx_mcdi_sensor_info_page( + __in efx_nic_t *enp, + __in uint32_t page, + __out uint32_t *mask_part, + __out_ecount((sizeof (*mask_part) * 8) - 1) + efx_mon_stat_limits_t *limits) +{ + efx_mcdi_req_t req; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_SENSOR_INFO_EXT_IN_LEN, + MC_CMD_SENSOR_INFO_OUT_LENMAX); + efx_rc_t rc; + uint32_t mask_copy; + efx_dword_t *maskp; + efx_qword_t *limit_info; + + EFSYS_ASSERT(mask_part != NULL); + EFSYS_ASSERT(limits != NULL); + + memset(limits, 0, + ((sizeof (*mask_part) * 8) - 1) * sizeof (efx_mon_stat_limits_t)); + + req.emr_cmd = MC_CMD_SENSOR_INFO; + req.emr_in_buf = payload; + req.emr_in_length = MC_CMD_SENSOR_INFO_EXT_IN_LEN; + req.emr_out_buf = payload; + req.emr_out_length = MC_CMD_SENSOR_INFO_OUT_LENMAX; + + MCDI_IN_SET_DWORD(req, SENSOR_INFO_EXT_IN_PAGE, page); + + efx_mcdi_execute(enp, &req); + + rc = req.emr_rc; + + if (rc != 0) + goto fail1; + + EFSYS_ASSERT(sizeof (*limit_info) == + MC_CMD_SENSOR_INFO_ENTRY_TYPEDEF_LEN); + maskp = MCDI_OUT2(req, efx_dword_t, SENSOR_INFO_OUT_MASK); + limit_info = (efx_qword_t *)(maskp + 1); + + *mask_part = maskp->ed_u32[0]; + mask_copy = *mask_part; + + /* Copy an entry for all but the highest bit set. */ + while (mask_copy) { + + if (mask_copy == (1U << MC_CMD_SENSOR_PAGE0_NEXT)) { + /* Only next page bit set. */ + mask_copy = 0; + } else { + /* Clear lowest bit */ + mask_copy = mask_copy & ~(mask_copy ^ (mask_copy - 1)); + /* And copy out limit entry into buffer */ + limits->emlv_warning_min = EFX_QWORD_FIELD(*limit_info, + MC_CMD_SENSOR_INFO_ENTRY_TYPEDEF_MIN1); + + limits->emlv_warning_max = EFX_QWORD_FIELD(*limit_info, + MC_CMD_SENSOR_INFO_ENTRY_TYPEDEF_MAX1); + + limits->emlv_fatal_min = EFX_QWORD_FIELD(*limit_info, + MC_CMD_SENSOR_INFO_ENTRY_TYPEDEF_MIN2); + + limits->emlv_fatal_max = EFX_QWORD_FIELD(*limit_info, + MC_CMD_SENSOR_INFO_ENTRY_TYPEDEF_MAX2); + + limits++; + limit_info++; + } + } + + return (rc); + +fail1: + EFSYS_PROBE1(fail1, efx_rc_t, rc); + + return (rc); +} + __checkReturn efx_rc_t mcdi_mon_stats_update( __in efx_nic_t *enp, @@ -480,6 +469,96 @@ fail1: return (rc); } +static void +lowest_set_bit( + __in uint32_t input_mask, + __out uint32_t *lowest_bit_mask, + __out uint32_t *lowest_bit_num +) +{ + uint32_t x; + uint32_t set_bit, bit_index; + + x = (input_mask ^ (input_mask - 1)); + set_bit = (x + 1) >> 1; + if (!set_bit) + set_bit = (1U << 31U); + + bit_index = 0; + if (set_bit & 0xFFFF0000) + bit_index += 16; + if (set_bit & 0xFF00FF00) + bit_index += 8; + if (set_bit & 0xF0F0F0F0) + bit_index += 4; + if (set_bit & 0xCCCCCCCC) + bit_index += 2; + if (set_bit & 0xAAAAAAAA) + bit_index += 1; + + *lowest_bit_mask = set_bit; + *lowest_bit_num = bit_index; +} + + __checkReturn efx_rc_t +mcdi_mon_limits_update( + __in efx_nic_t *enp, + __inout_ecount(EFX_MON_NSTATS) efx_mon_stat_limits_t *values) +{ + efx_rc_t rc; + uint32_t page; + uint32_t page_mask; + uint32_t limit_index; + efx_mon_stat_limits_t limits[sizeof (page_mask) * 8]; + efx_mon_stat_t stat; + + page = 0; + page--; + do { + page++; + + rc = efx_mcdi_sensor_info_page(enp, page, &page_mask, limits); + if (rc != 0) + goto fail1; + + limit_index = 0; + while (page_mask) { + uint32_t set_bit; + uint32_t page_index; + uint32_t mcdi_index; + + if (page_mask == (1U << MC_CMD_SENSOR_PAGE0_NEXT)) + break; + + lowest_set_bit(page_mask, &set_bit, &page_index); + page_mask = page_mask & ~set_bit; + + mcdi_index = + page_index + (sizeof (page_mask) * 8 * page); + + /* + * This can fail if MCDI reports newer stats than the + * drivers understand, or the bit is the next page bit. + * + * Driver needs to be tolerant of this. + */ + if (!efx_mon_mcdi_to_efx_stat(mcdi_index, &stat)) + continue; + + values[stat] = limits[limit_index]; + limit_index++; + } + + } while (page_mask & (1U << MC_CMD_SENSOR_PAGE0_NEXT)); + + return (rc); + +fail1: + EFSYS_PROBE1(fail1, efx_rc_t, rc); + + return (rc); +} + __checkReturn efx_rc_t mcdi_mon_cfg_build( __in efx_nic_t *enp) @@ -504,6 +583,11 @@ mcdi_mon_cfg_build( encp->enc_mon_type = EFX_MON_SFC92X0; break; #endif +#if EFSYS_OPT_MEDFORD2 + case EFX_FAMILY_MEDFORD2: + encp->enc_mon_type = EFX_MON_SFC92X0; + break; +#endif default: rc = EINVAL; goto fail1; diff --git a/sys/dev/sfxge/common/mcdi_mon.h b/sys/dev/sfxge/common/mcdi_mon.h index ce93160c7d90..317ec92f035a 100644 --- a/sys/dev/sfxge/common/mcdi_mon.h +++ b/sys/dev/sfxge/common/mcdi_mon.h @@ -65,6 +65,11 @@ mcdi_mon_stats_update( __in efsys_mem_t *esmp, __inout_ecount(EFX_MON_NSTATS) efx_mon_stat_value_t *values); +extern __checkReturn efx_rc_t +mcdi_mon_limits_update( + __in efx_nic_t *enp, + __inout_ecount(EFX_MON_NSTATS) efx_mon_stat_limits_t *values); + #endif /* EFSYS_OPT_MON_STATS */ #endif /* EFSYS_OPT_MON_MCDI */ diff --git a/sys/dev/sfxge/common/medford2_impl.h b/sys/dev/sfxge/common/medford2_impl.h new file mode 100644 index 000000000000..b7cd84096781 --- /dev/null +++ b/sys/dev/sfxge/common/medford2_impl.h @@ -0,0 +1,63 @@ +/*- + * SPDX-License-Identifier: BSD-2-Clause-FreeBSD + * + * Copyright (c) 2015-2018 Solarflare Communications Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR + * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; + * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, + * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + * The views and conclusions contained in the software and documentation are + * those of the authors and should not be interpreted as representing official + * policies, either expressed or implied, of the FreeBSD Project. + * + * $FreeBSD$ + */ + +#ifndef _SYS_MEDFORD2_IMPL_H +#define _SYS_MEDFORD2_IMPL_H + +#ifdef __cplusplus +extern "C" { +#endif + + +#ifndef ER_EZ_TX_PIOBUF_SIZE +#define ER_EZ_TX_PIOBUF_SIZE 4096 +#endif + + +#define MEDFORD2_PIOBUF_NBUFS (16) +#define MEDFORD2_PIOBUF_SIZE (ER_EZ_TX_PIOBUF_SIZE) + +#define MEDFORD2_MIN_PIO_ALLOC_SIZE (MEDFORD2_PIOBUF_SIZE / 32) + + +extern __checkReturn efx_rc_t +medford2_board_cfg( + __in efx_nic_t *enp); + + +#ifdef __cplusplus +} +#endif + +#endif /* _SYS_MEDFORD2_IMPL_H */ diff --git a/sys/dev/sfxge/common/medford2_nic.c b/sys/dev/sfxge/common/medford2_nic.c new file mode 100644 index 000000000000..46f8c265a824 --- /dev/null +++ b/sys/dev/sfxge/common/medford2_nic.c @@ -0,0 +1,184 @@ +/*- + * SPDX-License-Identifier: BSD-2-Clause-FreeBSD + * + * Copyright (c) 2015-2018 Solarflare Communications Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR + * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; + * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, + * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + * The views and conclusions contained in the software and documentation are + * those of the authors and should not be interpreted as representing official + * policies, either expressed or implied, of the FreeBSD Project. + */ + +#include <sys/cdefs.h> +__FBSDID("$FreeBSD$"); + +#include "efx.h" +#include "efx_impl.h" + + +#if EFSYS_OPT_MEDFORD2 + +static __checkReturn efx_rc_t +medford2_nic_get_required_pcie_bandwidth( + __in efx_nic_t *enp, + __out uint32_t *bandwidth_mbpsp) +{ + uint32_t bandwidth; + efx_rc_t rc; + + /* FIXME: support new Medford2 dynamic port modes */ + + if ((rc = ef10_nic_get_port_mode_bandwidth(enp, + &bandwidth)) != 0) + goto fail1; + + *bandwidth_mbpsp = bandwidth; + + return (0); + +fail1: + EFSYS_PROBE1(fail1, efx_rc_t, rc); + + return (rc); +} + + __checkReturn efx_rc_t +medford2_board_cfg( + __in efx_nic_t *enp) +{ + efx_nic_cfg_t *encp = &(enp->en_nic_cfg); + uint32_t sysclk, dpcpu_clk; + uint32_t end_padding; + uint32_t bandwidth; + efx_rc_t rc; + + /* + * Enable firmware workarounds for hardware errata. + * Expected responses are: + * - 0 (zero): + * Success: workaround enabled or disabled as requested. + * - MC_CMD_ERR_ENOSYS (reported as ENOTSUP): + * Firmware does not support the MC_CMD_WORKAROUND request. + * (assume that the workaround is not supported). + * - MC_CMD_ERR_ENOENT (reported as ENOENT): + * Firmware does not support the requested workaround. + * - MC_CMD_ERR_EPERM (reported as EACCES): + * Unprivileged function cannot enable/disable workarounds. + * + * See efx_mcdi_request_errcode() for MCDI error translations. + */ + + + if (EFX_PCI_FUNCTION_IS_VF(encp)) { + /* + * Interrupt testing does not work for VFs on Medford2. + * See bug50084 and bug71432 comment 21. + */ + encp->enc_bug41750_workaround = B_TRUE; + } + + /* Chained multicast is always enabled on Medford2 */ + encp->enc_bug26807_workaround = B_TRUE; + + /* + * If the bug61265 workaround is enabled, then interrupt holdoff timers + * cannot be controlled by timer table writes, so MCDI must be used + * (timer table writes can still be used for wakeup timers). + */ + rc = efx_mcdi_set_workaround(enp, MC_CMD_WORKAROUND_BUG61265, B_TRUE, + NULL); + if ((rc == 0) || (rc == EACCES)) + encp->enc_bug61265_workaround = B_TRUE; + else if ((rc == ENOTSUP) || (rc == ENOENT)) + encp->enc_bug61265_workaround = B_FALSE; + else + goto fail1; + + /* Checksums for TSO sends should always be correct on Medford2. */ + encp->enc_bug61297_workaround = B_FALSE; + + /* Get clock frequencies (in MHz). */ + if ((rc = efx_mcdi_get_clock(enp, &sysclk, &dpcpu_clk)) != 0) + goto fail2; + + /* + * The Medford2 timer quantum is 1536 dpcpu_clk cycles, documented for + * the EV_TMR_VAL field of EV_TIMER_TBL. Scale for MHz and ns units. + */ + encp->enc_evq_timer_quantum_ns = 1536000UL / dpcpu_clk; /* 1536 cycles */ + encp->enc_evq_timer_max_us = (encp->enc_evq_timer_quantum_ns << + FRF_CZ_TC_TIMER_VAL_WIDTH) / 1000; + + /* Alignment for receive packet DMA buffers */ + encp->enc_rx_buf_align_start = 1; + + /* Get the RX DMA end padding alignment configuration */ + if ((rc = efx_mcdi_get_rxdp_config(enp, &end_padding)) != 0) { + if (rc != EACCES) + goto fail3; + + /* Assume largest tail padding size supported by hardware */ + end_padding = 256; + } + encp->enc_rx_buf_align_end = end_padding; + + /* + * The maximum supported transmit queue size is 2048. TXQs with 4096 + * descriptors are not supported as the top bit is used for vfifo + * stuffing. + */ + encp->enc_txq_max_ndescs = 2048; + + EFX_STATIC_ASSERT(MEDFORD2_PIOBUF_NBUFS <= EF10_MAX_PIOBUF_NBUFS); + encp->enc_piobuf_limit = MEDFORD2_PIOBUF_NBUFS; + encp->enc_piobuf_size = MEDFORD2_PIOBUF_SIZE; + encp->enc_piobuf_min_alloc_size = MEDFORD2_MIN_PIO_ALLOC_SIZE; + + /* + * Medford2 stores a single global copy of VPD, not per-PF as on + * Huntington. + */ + encp->enc_vpd_is_global = B_TRUE; + + rc = medford2_nic_get_required_pcie_bandwidth(enp, &bandwidth); + if (rc != 0) + goto fail4; + encp->enc_required_pcie_bandwidth_mbps = bandwidth; + encp->enc_max_pcie_link_gen = EFX_PCIE_LINK_SPEED_GEN3; + + return (0); + +fail4: + EFSYS_PROBE(fail4); +fail3: + EFSYS_PROBE(fail3); +fail2: + EFSYS_PROBE(fail2); +fail1: + EFSYS_PROBE1(fail1, efx_rc_t, rc); + + return (rc); +} + +#endif /* EFSYS_OPT_MEDFORD2 */ diff --git a/sys/dev/sfxge/common/medford_nic.c b/sys/dev/sfxge/common/medford_nic.c index 20f4fb901882..9f9738f90a74 100644 --- a/sys/dev/sfxge/common/medford_nic.c +++ b/sys/dev/sfxge/common/medford_nic.c @@ -38,85 +38,17 @@ __FBSDID("$FreeBSD$"); #if EFSYS_OPT_MEDFORD static __checkReturn efx_rc_t -efx_mcdi_get_rxdp_config( - __in efx_nic_t *enp, - __out uint32_t *end_paddingp) -{ - efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_GET_RXDP_CONFIG_IN_LEN, - MC_CMD_GET_RXDP_CONFIG_OUT_LEN)]; - uint32_t end_padding; - efx_rc_t rc; - - memset(payload, 0, sizeof (payload)); - req.emr_cmd = MC_CMD_GET_RXDP_CONFIG; - req.emr_in_buf = payload; - req.emr_in_length = MC_CMD_GET_RXDP_CONFIG_IN_LEN; - req.emr_out_buf = payload; - req.emr_out_length = MC_CMD_GET_RXDP_CONFIG_OUT_LEN; - - efx_mcdi_execute(enp, &req); - if (req.emr_rc != 0) { - rc = req.emr_rc; - goto fail1; - } - - if (MCDI_OUT_DWORD_FIELD(req, GET_RXDP_CONFIG_OUT_DATA, - GET_RXDP_CONFIG_OUT_PAD_HOST_DMA) == 0) { - /* RX DMA end padding is disabled */ - end_padding = 0; - } else { - switch (MCDI_OUT_DWORD_FIELD(req, GET_RXDP_CONFIG_OUT_DATA, - GET_RXDP_CONFIG_OUT_PAD_HOST_LEN)) { - case MC_CMD_SET_RXDP_CONFIG_IN_PAD_HOST_64: - end_padding = 64; - break; - case MC_CMD_SET_RXDP_CONFIG_IN_PAD_HOST_128: - end_padding = 128; - break; - case MC_CMD_SET_RXDP_CONFIG_IN_PAD_HOST_256: - end_padding = 256; - break; - default: - rc = ENOTSUP; - goto fail2; - } - } - - *end_paddingp = end_padding; - - return (0); - -fail2: - EFSYS_PROBE(fail2); -fail1: - EFSYS_PROBE1(fail1, efx_rc_t, rc); - - return (rc); -} - -static __checkReturn efx_rc_t medford_nic_get_required_pcie_bandwidth( __in efx_nic_t *enp, __out uint32_t *bandwidth_mbpsp) { - uint32_t port_modes; - uint32_t current_mode; uint32_t bandwidth; efx_rc_t rc; - if ((rc = efx_mcdi_get_port_modes(enp, &port_modes, - ¤t_mode)) != 0) { - /* No port mode info available. */ - bandwidth = 0; - goto out; - } - - if ((rc = ef10_nic_get_port_mode_bandwidth(current_mode, + if ((rc = ef10_nic_get_port_mode_bandwidth(enp, &bandwidth)) != 0) goto fail1; -out: *bandwidth_mbpsp = bandwidth; return (0); @@ -131,104 +63,13 @@ fail1: medford_board_cfg( __in efx_nic_t *enp) { - efx_mcdi_iface_t *emip = &(enp->en_mcdi.em_emip); efx_nic_cfg_t *encp = &(enp->en_nic_cfg); - uint8_t mac_addr[6] = { 0 }; - uint32_t board_type = 0; - ef10_link_state_t els; - efx_port_t *epp = &(enp->en_port); - uint32_t port; - uint32_t pf; - uint32_t vf; - uint32_t mask; uint32_t sysclk, dpcpu_clk; - uint32_t base, nvec; uint32_t end_padding; uint32_t bandwidth; efx_rc_t rc; /* - * FIXME: Likely to be incomplete and incorrect. - * Parts of this should be shared with Huntington. - */ - - if ((rc = efx_mcdi_get_port_assignment(enp, &port)) != 0) - goto fail1; - - /* - * NOTE: The MCDI protocol numbers ports from zero. - * The common code MCDI interface numbers ports from one. - */ - emip->emi_port = port + 1; - - if ((rc = ef10_external_port_mapping(enp, port, - &encp->enc_external_port)) != 0) - goto fail2; - - /* - * Get PCIe function number from firmware (used for - * per-function privilege and dynamic config info). - * - PCIe PF: pf = PF number, vf = 0xffff. - * - PCIe VF: pf = parent PF, vf = VF number. - */ - if ((rc = efx_mcdi_get_function_info(enp, &pf, &vf)) != 0) - goto fail3; - - encp->enc_pf = pf; - encp->enc_vf = vf; - - /* MAC address for this function */ - if (EFX_PCI_FUNCTION_IS_PF(encp)) { - rc = efx_mcdi_get_mac_address_pf(enp, mac_addr); -#if EFSYS_OPT_ALLOW_UNCONFIGURED_NIC - /* - * Disable static config checking for Medford NICs, ONLY - * for manufacturing test and setup at the factory, to - * allow the static config to be installed. - */ -#else /* EFSYS_OPT_ALLOW_UNCONFIGURED_NIC */ - if ((rc == 0) && (mac_addr[0] & 0x02)) { - /* - * If the static config does not include a global MAC - * address pool then the board may return a locally - * administered MAC address (this should only happen on - * incorrectly programmed boards). - */ - rc = EINVAL; - } -#endif /* EFSYS_OPT_ALLOW_UNCONFIGURED_NIC */ - } else { - rc = efx_mcdi_get_mac_address_vf(enp, mac_addr); - } - if (rc != 0) - goto fail4; - - EFX_MAC_ADDR_COPY(encp->enc_mac_addr, mac_addr); - - /* Board configuration */ - rc = efx_mcdi_get_board_cfg(enp, &board_type, NULL, NULL); - if (rc != 0) { - /* Unprivileged functions may not be able to read board cfg */ - if (rc == EACCES) - board_type = 0; - else - goto fail5; - } - - encp->enc_board_type = board_type; - encp->enc_clk_mult = 1; /* not used for Medford */ - - /* Fill out fields in enp->en_port and enp->en_nic_cfg from MCDI */ - if ((rc = efx_mcdi_get_phy_cfg(enp)) != 0) - goto fail6; - - /* Obtain the default PHY advertised capabilities */ - if ((rc = ef10_phy_get_link(enp, &els)) != 0) - goto fail7; - epp->ep_default_adv_cap_mask = els.els_adv_cap_mask; - epp->ep_adv_cap_mask = els.els_adv_cap_mask; - - /* * Enable firmware workarounds for hardware errata. * Expected responses are: * - 0 (zero): @@ -247,8 +88,8 @@ medford_board_cfg( if (EFX_PCI_FUNCTION_IS_VF(encp)) { /* - * Interrupt testing does not work for VFs. See bug50084. - * FIXME: Does this still apply to Medford? + * Interrupt testing does not work for VFs. See bug50084 and + * bug71432 comment 21. */ encp->enc_bug41750_workaround = B_TRUE; } @@ -268,11 +109,14 @@ medford_board_cfg( else if ((rc == ENOTSUP) || (rc == ENOENT)) encp->enc_bug61265_workaround = B_FALSE; else - goto fail8; + goto fail1; + + /* Checksums for TSO sends can be incorrect on Medford. */ + encp->enc_bug61297_workaround = B_TRUE; /* Get clock frequencies (in MHz). */ if ((rc = efx_mcdi_get_clock(enp, &sysclk, &dpcpu_clk)) != 0) - goto fail9; + goto fail2; /* * The Medford timer quantum is 1536 dpcpu_clk cycles, documented for @@ -282,47 +126,19 @@ medford_board_cfg( encp->enc_evq_timer_max_us = (encp->enc_evq_timer_quantum_ns << FRF_CZ_TC_TIMER_VAL_WIDTH) / 1000; - /* Check capabilities of running datapath firmware */ - if ((rc = ef10_get_datapath_caps(enp)) != 0) - goto fail10; - /* Alignment for receive packet DMA buffers */ encp->enc_rx_buf_align_start = 1; /* Get the RX DMA end padding alignment configuration */ if ((rc = efx_mcdi_get_rxdp_config(enp, &end_padding)) != 0) { if (rc != EACCES) - goto fail11; + goto fail3; /* Assume largest tail padding size supported by hardware */ end_padding = 256; } encp->enc_rx_buf_align_end = end_padding; - /* Alignment for WPTR updates */ - encp->enc_rx_push_align = EF10_RX_WPTR_ALIGN; - - /* - * Maximum number of exclusive RSS contexts which can be allocated. The - * hardware supports 64, but 6 are reserved for shared contexts. They - * are a global resource so not all may be available. - */ - encp->enc_rx_scale_max_exclusive_contexts = 58; - - encp->enc_tx_dma_desc_size_max = EFX_MASK32(ESF_DZ_RX_KER_BYTE_CNT); - /* No boundary crossing limits */ - encp->enc_tx_dma_desc_boundary = 0; - - /* - * Set resource limits for MC_CMD_ALLOC_VIS. Note that we cannot use - * MC_CMD_GET_RESOURCE_LIMITS here as that reports the available - * resources (allocated to this PCIe function), which is zero until - * after we have allocated VIs. - */ - encp->enc_evq_limit = 1024; - encp->enc_rxq_limit = EFX_RXQ_LIMIT_TARGET; - encp->enc_txq_limit = EFX_TXQ_LIMIT_TARGET; - /* * The maximum supported transmit queue size is 2048. TXQs with 4096 * descriptors are not supported as the top bit is used for vfifo @@ -330,41 +146,12 @@ medford_board_cfg( */ encp->enc_txq_max_ndescs = 2048; - encp->enc_buftbl_limit = 0xFFFFFFFF; - + EFX_STATIC_ASSERT(MEDFORD_PIOBUF_NBUFS <= EF10_MAX_PIOBUF_NBUFS); encp->enc_piobuf_limit = MEDFORD_PIOBUF_NBUFS; encp->enc_piobuf_size = MEDFORD_PIOBUF_SIZE; encp->enc_piobuf_min_alloc_size = MEDFORD_MIN_PIO_ALLOC_SIZE; /* - * Get the current privilege mask. Note that this may be modified - * dynamically, so this value is informational only. DO NOT use - * the privilege mask to check for sufficient privileges, as that - * can result in time-of-check/time-of-use bugs. - */ - if ((rc = ef10_get_privilege_mask(enp, &mask)) != 0) - goto fail12; - encp->enc_privilege_mask = mask; - - /* Get interrupt vector limits */ - if ((rc = efx_mcdi_get_vector_cfg(enp, &base, &nvec, NULL)) != 0) { - if (EFX_PCI_FUNCTION_IS_PF(encp)) - goto fail13; - - /* Ignore error (cannot query vector limits from a VF). */ - base = 0; - nvec = 1024; - } - encp->enc_intr_vec_base = base; - encp->enc_intr_limit = nvec; - - /* - * Maximum number of bytes into the frame the TCP header can start for - * firmware assisted TSO to work. - */ - encp->enc_tx_tso_tcp_header_offset_limit = EF10_TCP_HEADER_OFFSET_LIMIT; - - /* * Medford stores a single global copy of VPD, not per-PF as on * Huntington. */ @@ -372,32 +159,12 @@ medford_board_cfg( rc = medford_nic_get_required_pcie_bandwidth(enp, &bandwidth); if (rc != 0) - goto fail14; + goto fail4; encp->enc_required_pcie_bandwidth_mbps = bandwidth; encp->enc_max_pcie_link_gen = EFX_PCIE_LINK_SPEED_GEN3; return (0); -fail14: - EFSYS_PROBE(fail14); -fail13: - EFSYS_PROBE(fail13); -fail12: - EFSYS_PROBE(fail12); -fail11: - EFSYS_PROBE(fail11); -fail10: - EFSYS_PROBE(fail10); -fail9: - EFSYS_PROBE(fail9); -fail8: - EFSYS_PROBE(fail8); -fail7: - EFSYS_PROBE(fail7); -fail6: - EFSYS_PROBE(fail6); -fail5: - EFSYS_PROBE(fail5); fail4: EFSYS_PROBE(fail4); fail3: diff --git a/sys/dev/sfxge/common/siena_flash.h b/sys/dev/sfxge/common/siena_flash.h index b11e0788e1b9..20db866fa339 100644 --- a/sys/dev/sfxge/common/siena_flash.h +++ b/sys/dev/sfxge/common/siena_flash.h @@ -131,7 +131,14 @@ typedef struct siena_mc_boot_hdr_s { /* GENERATED BY scripts/genfwdef */ /* the key, or 0xffff if unsigned. (Otherwise set to 0) */ efx_byte_t mumfw_subtype; /* MUM & SUC images: subtype. (Otherwise set to 0) */ efx_byte_t reserved_b[3]; /* (set to 0) */ - efx_dword_t reserved_c[6]; /* (set to 0) */ + efx_dword_t security_level; /* This number increases every time a serious security flaw */ + /* is fixed. A secure NIC may not downgrade to any image */ + /* with a lower security level than the current image. */ + /* Note: The number in this header should only be used for */ + /* determining the level of new images, not to determine */ + /* the level of the current image as this header is not */ + /* protected by a CMAC. */ + efx_dword_t reserved_c[5]; /* (set to 0) */ } siena_mc_boot_hdr_t; #define SIENA_MC_BOOT_HDR_PADDING \ diff --git a/sys/dev/sfxge/common/siena_mac.c b/sys/dev/sfxge/common/siena_mac.c index da982c6a7265..6a5840691d91 100644 --- a/sys/dev/sfxge/common/siena_mac.c +++ b/sys/dev/sfxge/common/siena_mac.c @@ -97,14 +97,13 @@ siena_mac_reconfigure( efx_port_t *epp = &(enp->en_port); efx_oword_t multicast_hash[2]; efx_mcdi_req_t req; - uint8_t payload[MAX(MAX(MC_CMD_SET_MAC_IN_LEN, - MC_CMD_SET_MAC_OUT_LEN), - MAX(MC_CMD_SET_MCAST_HASH_IN_LEN, - MC_CMD_SET_MCAST_HASH_OUT_LEN))]; + EFX_MCDI_DECLARE_BUF(payload, + MAX(MC_CMD_SET_MAC_IN_LEN, MC_CMD_SET_MCAST_HASH_IN_LEN), + MAX(MC_CMD_SET_MAC_OUT_LEN, MC_CMD_SET_MCAST_HASH_OUT_LEN)); + unsigned int fcntl; efx_rc_t rc; - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_SET_MAC; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_SET_MAC_IN_LEN; @@ -274,16 +273,28 @@ siena_mac_stats_update( __inout_ecount(EFX_MAC_NSTATS) efsys_stat_t *stat, __inout_opt uint32_t *generationp) { - efx_qword_t value; + const efx_nic_cfg_t *encp = &enp->en_nic_cfg; efx_qword_t generation_start; efx_qword_t generation_end; + efx_qword_t value; + efx_rc_t rc; - _NOTE(ARGUNUSED(enp)) + if (encp->enc_mac_stats_nstats < MC_CMD_MAC_NSTATS) { + /* MAC stats count too small */ + rc = ENOSPC; + goto fail1; + } + if (EFSYS_MEM_SIZE(esmp) < + (encp->enc_mac_stats_nstats * sizeof (efx_qword_t))) { + /* DMA buffer too small */ + rc = ENOSPC; + goto fail2; + } /* Read END first so we don't race with the MC */ - EFSYS_DMA_SYNC_FOR_KERNEL(esmp, 0, EFX_MAC_STATS_SIZE); - SIENA_MAC_STAT_READ(esmp, MC_CMD_MAC_GENERATION_END, - &generation_end); + EFSYS_DMA_SYNC_FOR_KERNEL(esmp, 0, EFSYS_MEM_SIZE(esmp)); + SIENA_MAC_STAT_READ(esmp, (encp->enc_mac_stats_nstats - 1), + &generation_end); EFSYS_MEM_READ_BARRIER(); /* TX */ @@ -451,7 +462,7 @@ siena_mac_stats_update( SIENA_MAC_STAT_READ(esmp, MC_CMD_MAC_RX_NODESC_DROPS, &value); EFSYS_STAT_SET_QWORD(&(stat[EFX_MAC_RX_NODESC_DROP_CNT]), &value); - EFSYS_DMA_SYNC_FOR_KERNEL(esmp, 0, EFX_MAC_STATS_SIZE); + EFSYS_DMA_SYNC_FOR_KERNEL(esmp, 0, EFSYS_MEM_SIZE(esmp)); EFSYS_MEM_READ_BARRIER(); SIENA_MAC_STAT_READ(esmp, MC_CMD_MAC_GENERATION_START, &generation_start); @@ -466,6 +477,13 @@ siena_mac_stats_update( *generationp = EFX_QWORD_FIELD(generation_start, EFX_DWORD_0); return (0); + +fail2: + EFSYS_PROBE(fail2); +fail1: + EFSYS_PROBE1(fail1, efx_rc_t, rc); + + return (rc); } #endif /* EFSYS_OPT_MAC_STATS */ diff --git a/sys/dev/sfxge/common/siena_mcdi.c b/sys/dev/sfxge/common/siena_mcdi.c index a615f88c17bc..2cfed5d5fd4a 100644 --- a/sys/dev/sfxge/common/siena_mcdi.c +++ b/sys/dev/sfxge/common/siena_mcdi.c @@ -150,17 +150,21 @@ siena_mcdi_read_response( { efx_mcdi_iface_t *emip = &(enp->en_mcdi.em_emip); unsigned int pdur; - unsigned int pos; + unsigned int pos = 0; efx_dword_t data; + size_t remaining = length; EFSYS_ASSERT(emip->emi_port == 1 || emip->emi_port == 2); pdur = SIENA_MCDI_PDU(emip); - for (pos = 0; pos < length; pos += sizeof (efx_dword_t)) { + while (remaining > 0) { + size_t chunk = MIN(remaining, sizeof (data)); + EFX_BAR_TBL_READD(enp, FR_CZ_MC_TREG_SMEM, pdur + ((offset + pos) >> 2), &data, B_FALSE); - memcpy((uint8_t *)bufferp + pos, &data, - MIN(sizeof (data), length - pos)); + memcpy((uint8_t *)bufferp + pos, &data, chunk); + pos += chunk; + remaining -= chunk; } } diff --git a/sys/dev/sfxge/common/siena_nic.c b/sys/dev/sfxge/common/siena_nic.c index b4fbc35eef0a..e9a9143a3a17 100644 --- a/sys/dev/sfxge/common/siena_nic.c +++ b/sys/dev/sfxge/common/siena_nic.c @@ -47,11 +47,10 @@ siena_nic_get_partn_mask( __out unsigned int *maskp) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_NVRAM_TYPES_IN_LEN, - MC_CMD_NVRAM_TYPES_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_NVRAM_TYPES_IN_LEN, + MC_CMD_NVRAM_TYPES_OUT_LEN); efx_rc_t rc; - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_NVRAM_TYPES; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_NVRAM_TYPES_IN_LEN; @@ -95,6 +94,10 @@ siena_board_cfg( uint32_t nevq, nrxq, ntxq; efx_rc_t rc; + /* Siena has a fixed 8Kbyte VI window size */ + EFX_STATIC_ASSERT(1U << EFX_VI_WINDOW_SHIFT_8K == 8192); + encp->enc_vi_window_shift = EFX_VI_WINDOW_SHIFT_8K; + /* External port identifier using one-based port numbering */ encp->enc_external_port = (uint8_t)enp->en_mcdi.em_emip.emi_port; @@ -140,9 +143,23 @@ siena_board_cfg( /* Alignment for WPTR updates */ encp->enc_rx_push_align = 1; +#if EFSYS_OPT_RX_SCALE /* There is one RSS context per function */ encp->enc_rx_scale_max_exclusive_contexts = 1; + encp->enc_rx_scale_hash_alg_mask |= (1U << EFX_RX_HASHALG_LFSR); + encp->enc_rx_scale_hash_alg_mask |= (1U << EFX_RX_HASHALG_TOEPLITZ); + + /* + * It is always possible to use port numbers + * as the input data for hash computation. + */ + encp->enc_rx_scale_l4_hash_supported = B_TRUE; + + /* There is no support for additional RSS modes */ + encp->enc_rx_scale_additional_modes_supported = B_FALSE; +#endif /* EFSYS_OPT_RX_SCALE */ + encp->enc_tx_dma_desc_size_max = EFX_MASK32(FSF_AZ_TX_KER_BYTE_COUNT); /* Fragments must not span 4k boundaries. */ encp->enc_tx_dma_desc_boundary = 4096; @@ -174,6 +191,8 @@ siena_board_cfg( encp->enc_allow_set_mac_with_installed_filters = B_TRUE; encp->enc_rx_packed_stream_supported = B_FALSE; encp->enc_rx_var_packed_stream_supported = B_FALSE; + encp->enc_rx_es_super_buffer_supported = B_FALSE; + encp->enc_fw_subvariant_no_tx_csum_supported = B_FALSE; /* Siena supports two 10G ports, and 8 lanes of PCIe Gen2 */ encp->enc_required_pcie_bandwidth_mbps = 2 * 10000; @@ -181,6 +200,12 @@ siena_board_cfg( encp->enc_nvram_update_verify_result_supported = B_FALSE; + encp->enc_mac_stats_nstats = MC_CMD_MAC_NSTATS; + + encp->enc_filter_action_flag_supported = B_FALSE; + encp->enc_filter_action_mark_supported = B_FALSE; + encp->enc_filter_action_mark_max = 0; + return (0); fail2: diff --git a/sys/dev/sfxge/common/siena_nvram.c b/sys/dev/sfxge/common/siena_nvram.c index cbfffbf3c12e..a886d01883fd 100644 --- a/sys/dev/sfxge/common/siena_nvram.c +++ b/sys/dev/sfxge/common/siena_nvram.c @@ -333,15 +333,20 @@ siena_nvram_get_dynamic_cfg( if ((rc = siena_nvram_partn_size(enp, partn, &size)) != 0) goto fail1; + if (size < SIENA_NVRAM_CHUNK) { + rc = EINVAL; + goto fail2; + } + EFSYS_KMEM_ALLOC(enp->en_esip, size, dcfg); if (dcfg == NULL) { rc = ENOMEM; - goto fail2; + goto fail3; } if ((rc = siena_nvram_partn_read(enp, partn, 0, (caddr_t)dcfg, SIENA_NVRAM_CHUNK)) != 0) - goto fail3; + goto fail4; /* Verify the magic */ if (EFX_DWORD_FIELD(dcfg->magic, EFX_DWORD_0) @@ -376,7 +381,7 @@ siena_nvram_get_dynamic_cfg( if ((rc = siena_nvram_partn_read(enp, partn, SIENA_NVRAM_CHUNK, (caddr_t)dcfg + SIENA_NVRAM_CHUNK, region - SIENA_NVRAM_CHUNK)) != 0) - goto fail4; + goto fail5; } /* Verify checksum */ @@ -418,13 +423,15 @@ done: return (0); +fail5: + EFSYS_PROBE(fail5); fail4: EFSYS_PROBE(fail4); -fail3: - EFSYS_PROBE(fail3); EFSYS_KMEM_FREE(enp->en_esip, size, dcfg); +fail3: + EFSYS_PROBE(fail3); fail2: EFSYS_PROBE(fail2); fail1: @@ -440,12 +447,11 @@ siena_nvram_get_subtype( __out uint32_t *subtypep) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_GET_BOARD_CFG_IN_LEN, - MC_CMD_GET_BOARD_CFG_OUT_LENMAX)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_GET_BOARD_CFG_IN_LEN, + MC_CMD_GET_BOARD_CFG_OUT_LENMAX); efx_word_t *fw_list; efx_rc_t rc; - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_GET_BOARD_CFG; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_GET_BOARD_CFG_IN_LEN; diff --git a/sys/dev/sfxge/common/siena_phy.c b/sys/dev/sfxge/common/siena_phy.c index 3cbc72aa9fa1..3a4b51831396 100644 --- a/sys/dev/sfxge/common/siena_phy.c +++ b/sys/dev/sfxge/common/siena_phy.c @@ -198,11 +198,10 @@ siena_phy_get_link( __out siena_link_state_t *slsp) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_GET_LINK_IN_LEN, - MC_CMD_GET_LINK_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_GET_LINK_IN_LEN, + MC_CMD_GET_LINK_OUT_LEN); efx_rc_t rc; - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_GET_LINK; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_GET_LINK_IN_LEN; @@ -273,10 +272,9 @@ siena_phy_reconfigure( { efx_port_t *epp = &(enp->en_port); efx_mcdi_req_t req; - uint8_t payload[MAX(MAX(MC_CMD_SET_ID_LED_IN_LEN, - MC_CMD_SET_ID_LED_OUT_LEN), - MAX(MC_CMD_SET_LINK_IN_LEN, - MC_CMD_SET_LINK_OUT_LEN))]; + EFX_MCDI_DECLARE_BUF(payload, + MAX(MC_CMD_SET_ID_LED_IN_LEN, MC_CMD_SET_LINK_IN_LEN), + MAX(MC_CMD_SET_ID_LED_OUT_LEN, MC_CMD_SET_LINK_OUT_LEN)); uint32_t cap_mask; #if EFSYS_OPT_PHY_LED_CONTROL unsigned int led_mode; @@ -284,7 +282,6 @@ siena_phy_reconfigure( unsigned int speed; efx_rc_t rc; - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_SET_LINK; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_SET_LINK_IN_LEN; @@ -390,12 +387,11 @@ siena_phy_verify( __in efx_nic_t *enp) { efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_GET_PHY_STATE_IN_LEN, - MC_CMD_GET_PHY_STATE_OUT_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_GET_PHY_STATE_IN_LEN, + MC_CMD_GET_PHY_STATE_OUT_LEN); uint32_t state; efx_rc_t rc; - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_GET_PHY_STATE; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_GET_PHY_STATE_IN_LEN; @@ -559,11 +555,15 @@ siena_phy_stats_update( uint32_t vmask = encp->enc_mcdi_phy_stat_mask; uint64_t smask; efx_mcdi_req_t req; - uint8_t payload[MAX(MC_CMD_PHY_STATS_IN_LEN, - MC_CMD_PHY_STATS_OUT_DMA_LEN)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_PHY_STATS_IN_LEN, + MC_CMD_PHY_STATS_OUT_DMA_LEN); efx_rc_t rc; - (void) memset(payload, 0, sizeof (payload)); + if ((esmp == NULL) || (EFSYS_MEM_SIZE(esmp) < EFX_PHY_STATS_SIZE)) { + rc = EINVAL; + goto fail1; + } + req.emr_cmd = MC_CMD_PHY_STATS; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_PHY_STATS_IN_LEN; @@ -579,7 +579,7 @@ siena_phy_stats_update( if (req.emr_rc != 0) { rc = req.emr_rc; - goto fail1; + goto fail2; } EFSYS_ASSERT3U(req.emr_out_length, ==, MC_CMD_PHY_STATS_OUT_DMA_LEN); @@ -588,6 +588,8 @@ siena_phy_stats_update( return (0); +fail2: + EFSYS_PROBE(fail2); fail1: EFSYS_PROBE1(fail1, efx_rc_t, rc); @@ -648,14 +650,13 @@ siena_phy_bist_poll( __in size_t count) { efx_nic_cfg_t *encp = &(enp->en_nic_cfg); - uint8_t payload[MAX(MC_CMD_POLL_BIST_IN_LEN, - MCDI_CTL_SDU_LEN_MAX)]; + EFX_MCDI_DECLARE_BUF(payload, MC_CMD_POLL_BIST_IN_LEN, + MCDI_CTL_SDU_LEN_MAX); uint32_t value_mask = 0; efx_mcdi_req_t req; uint32_t result; efx_rc_t rc; - (void) memset(payload, 0, sizeof (payload)); req.emr_cmd = MC_CMD_POLL_BIST; req.emr_in_buf = payload; req.emr_in_length = MC_CMD_POLL_BIST_IN_LEN; diff --git a/sys/dev/sfxge/common/siena_vpd.c b/sys/dev/sfxge/common/siena_vpd.c index 3a3ef0419a23..ee66ada4d7c1 100644 --- a/sys/dev/sfxge/common/siena_vpd.c +++ b/sys/dev/sfxge/common/siena_vpd.c @@ -65,21 +65,26 @@ siena_vpd_get_static( if ((rc = siena_nvram_partn_size(enp, partn, &size)) != 0) goto fail1; + if (size < SIENA_NVRAM_CHUNK) { + rc = EINVAL; + goto fail2; + } + EFSYS_KMEM_ALLOC(enp->en_esip, size, scfg); if (scfg == NULL) { rc = ENOMEM; - goto fail2; + goto fail3; } if ((rc = siena_nvram_partn_read(enp, partn, 0, (caddr_t)scfg, SIENA_NVRAM_CHUNK)) != 0) - goto fail3; + goto fail4; /* Verify the magic number */ if (EFX_DWORD_FIELD(scfg->magic, EFX_DWORD_0) != SIENA_MC_STATIC_CONFIG_MAGIC) { rc = EINVAL; - goto fail4; + goto fail5; } /* All future versions of the structure must be backwards compatible */ @@ -93,7 +98,7 @@ siena_vpd_get_static( if (hdr_length > size || vpd_offset > size || vpd_length > size || vpd_length + vpd_offset > size) { rc = EINVAL; - goto fail5; + goto fail6; } /* Read the remainder of scfg + static vpd */ @@ -102,7 +107,7 @@ siena_vpd_get_static( if ((rc = siena_nvram_partn_read(enp, partn, SIENA_NVRAM_CHUNK, (caddr_t)scfg + SIENA_NVRAM_CHUNK, region - SIENA_NVRAM_CHUNK)) != 0) - goto fail6; + goto fail7; } /* Verify checksum */ @@ -111,7 +116,7 @@ siena_vpd_get_static( cksum += ((uint8_t *)scfg)[pos]; if (cksum != 0) { rc = EINVAL; - goto fail7; + goto fail8; } if (vpd_length == 0) @@ -121,7 +126,7 @@ siena_vpd_get_static( EFSYS_KMEM_ALLOC(enp->en_esip, vpd_length, svpd); if (svpd == NULL) { rc = ENOMEM; - goto fail8; + goto fail9; } memcpy(svpd, (caddr_t)scfg + vpd_offset, vpd_length); } @@ -133,6 +138,8 @@ siena_vpd_get_static( return (0); +fail9: + EFSYS_PROBE(fail9); fail8: EFSYS_PROBE(fail8); fail7: @@ -143,11 +150,11 @@ fail5: EFSYS_PROBE(fail5); fail4: EFSYS_PROBE(fail4); -fail3: - EFSYS_PROBE(fail3); EFSYS_KMEM_FREE(enp->en_esip, size, scfg); +fail3: + EFSYS_PROBE(fail3); fail2: EFSYS_PROBE(fail2); fail1: diff --git a/sys/dev/sfxge/sfxge.c b/sys/dev/sfxge/sfxge.c index b70432f6ac60..20d29357b695 100644 --- a/sys/dev/sfxge/sfxge.c +++ b/sys/dev/sfxge/sfxge.c @@ -651,11 +651,11 @@ sfxge_bar_init(struct sfxge_softc *sc) { efsys_bar_t *esbp = &sc->bar; - esbp->esb_rid = PCIR_BAR(EFX_MEM_BAR); + esbp->esb_rid = PCIR_BAR(sc->mem_bar); if ((esbp->esb_res = bus_alloc_resource_any(sc->dev, SYS_RES_MEMORY, &esbp->esb_rid, RF_ACTIVE)) == NULL) { device_printf(sc->dev, "Cannot allocate BAR region %d\n", - EFX_MEM_BAR); + sc->mem_bar); return (ENXIO); } esbp->esb_tag = rman_get_bustag(esbp->esb_res); @@ -722,15 +722,15 @@ sfxge_create(struct sfxge_softc *sc) if ((error = sfxge_dma_init(sc)) != 0) goto fail; + error = efx_family(pci_get_vendor(dev), pci_get_device(dev), + &sc->family, &sc->mem_bar); + KASSERT(error == 0, ("Family should be filtered by sfxge_probe()")); + /* Map the device registers. */ DBGPRINT(sc->dev, "bar_init..."); if ((error = sfxge_bar_init(sc)) != 0) goto fail; - error = efx_family(pci_get_vendor(dev), pci_get_device(dev), - &sc->family); - KASSERT(error == 0, ("Family should be filtered by sfxge_probe()")); - DBGPRINT(sc->dev, "nic_create..."); /* Create the common code nic object. */ @@ -748,7 +748,7 @@ sfxge_create(struct sfxge_softc *sc) /* Probe the NIC and build the configuration data area. */ DBGPRINT(sc->dev, "nic_probe..."); - if ((error = efx_nic_probe(enp)) != 0) + if ((error = efx_nic_probe(enp, EFX_FW_VARIANT_DONT_CARE)) != 0) goto fail5; if (!ISP2(sfxge_rx_ring_entries) || @@ -1154,13 +1154,14 @@ sfxge_probe(device_t dev) uint16_t pci_vendor_id; uint16_t pci_device_id; efx_family_t family; + unsigned int mem_bar; int rc; pci_vendor_id = pci_get_vendor(dev); pci_device_id = pci_get_device(dev); DBGPRINT(dev, "PCI ID %04x:%04x", pci_vendor_id, pci_device_id); - rc = efx_family(pci_vendor_id, pci_device_id, &family); + rc = efx_family(pci_vendor_id, pci_device_id, &family, &mem_bar); if (rc != 0) { DBGPRINT(dev, "efx_family fail %d", rc); return (ENXIO); @@ -1181,6 +1182,11 @@ sfxge_probe(device_t dev) return (0); } + if (family == EFX_FAMILY_MEDFORD2) { + device_set_desc(dev, "Solarflare SFC9250 family"); + return (0); + } + DBGPRINT(dev, "impossible controller family %d", family); return (ENXIO); } diff --git a/sys/dev/sfxge/sfxge.h b/sys/dev/sfxge/sfxge.h index ea4575ac6ac4..c95f8f8fec52 100644 --- a/sys/dev/sfxge/sfxge.h +++ b/sys/dev/sfxge/sfxge.h @@ -280,6 +280,8 @@ struct sfxge_softc { struct task task_reset; efx_family_t family; + unsigned int mem_bar; + caddr_t vpd_data; size_t vpd_size; efx_nic_t *enp; diff --git a/sys/dev/sfxge/sfxge_dma.c b/sys/dev/sfxge/sfxge_dma.c index f75fab016897..52b4403b3f97 100644 --- a/sys/dev/sfxge/sfxge_dma.c +++ b/sys/dev/sfxge/sfxge_dma.c @@ -136,6 +136,7 @@ sfxge_dma_free(efsys_mem_t *esmp) esmp->esm_addr = 0; esmp->esm_base = NULL; + esmp->esm_size = 0; } int @@ -175,6 +176,7 @@ sfxge_dma_alloc(struct sfxge_softc *sc, bus_size_t len, efsys_mem_t *esmp) goto fail_load_check; esmp->esm_base = vaddr; + esmp->esm_size = len; return (0); diff --git a/sys/dev/sfxge/sfxge_port.c b/sys/dev/sfxge/sfxge_port.c index ac1b6b0f8635..f6fbfea40286 100644 --- a/sys/dev/sfxge/sfxge_port.c +++ b/sys/dev/sfxge/sfxge_port.c @@ -308,7 +308,10 @@ static const uint64_t sfxge_link_baudrate[EFX_LINK_NMODES] = { [EFX_LINK_1000HDX] = IF_Gbps(1), [EFX_LINK_1000FDX] = IF_Gbps(1), [EFX_LINK_10000FDX] = IF_Gbps(10), + [EFX_LINK_25000FDX] = IF_Gbps(25), [EFX_LINK_40000FDX] = IF_Gbps(40), + [EFX_LINK_50000FDX] = IF_Gbps(50), + [EFX_LINK_100000FDX] = IF_Gbps(100), }; void @@ -753,6 +756,8 @@ sfxge_port_init(struct sfxge_softc *sc) struct sysctl_ctx_list *sysctl_ctx; struct sysctl_oid *sysctl_tree; efsys_mem_t *mac_stats_buf, *phy_stats_buf; + uint32_t mac_nstats; + size_t mac_stats_size; int rc; port = &sc->port; @@ -792,7 +797,9 @@ sfxge_port_init(struct sfxge_softc *sc) DBGPRINT(sc->dev, "alloc MAC stats"); port->mac_stats.decode_buf = malloc(EFX_MAC_NSTATS * sizeof(uint64_t), M_SFXGE, M_WAITOK | M_ZERO); - if ((rc = sfxge_dma_alloc(sc, EFX_MAC_STATS_SIZE, mac_stats_buf)) != 0) + mac_nstats = efx_nic_cfg_get(sc->enp)->enc_mac_stats_nstats; + mac_stats_size = P2ROUNDUP(mac_nstats * sizeof(uint64_t), EFX_BUF_SIZE); + if ((rc = sfxge_dma_alloc(sc, mac_stats_size, mac_stats_buf)) != 0) goto fail2; port->stats_update_period_ms = sfxge_port_stats_update_period_ms(sc); sfxge_mac_stat_init(sc); @@ -832,12 +839,16 @@ static const int sfxge_link_mode[EFX_PHY_MEDIA_NTYPES][EFX_LINK_NMODES] = { [EFX_PHY_MEDIA_QSFP_PLUS] = { /* Don't know the module type, but assume SR for now. */ [EFX_LINK_10000FDX] = IFM_ETHER | IFM_FDX | IFM_10G_SR, + [EFX_LINK_25000FDX] = IFM_ETHER | IFM_FDX | IFM_25G_SR, [EFX_LINK_40000FDX] = IFM_ETHER | IFM_FDX | IFM_40G_CR4, + [EFX_LINK_50000FDX] = IFM_ETHER | IFM_FDX | IFM_50G_SR, + [EFX_LINK_100000FDX] = IFM_ETHER | IFM_FDX | IFM_100G_SR2, }, [EFX_PHY_MEDIA_SFP_PLUS] = { /* Don't know the module type, but assume SX/SR for now. */ [EFX_LINK_1000FDX] = IFM_ETHER | IFM_FDX | IFM_1000_SX, [EFX_LINK_10000FDX] = IFM_ETHER | IFM_FDX | IFM_10G_SR, + [EFX_LINK_25000FDX] = IFM_ETHER | IFM_FDX | IFM_25G_SR, }, [EFX_PHY_MEDIA_BASE_T] = { [EFX_LINK_10HDX] = IFM_ETHER | IFM_HDX | IFM_10_T, @@ -893,10 +904,15 @@ sfxge_link_mode_to_phy_cap(efx_link_mode_t mode) return (EFX_PHY_CAP_1000FDX); case EFX_LINK_10000FDX: return (EFX_PHY_CAP_10000FDX); + case EFX_LINK_25000FDX: + return (EFX_PHY_CAP_25000FDX); case EFX_LINK_40000FDX: return (EFX_PHY_CAP_40000FDX); + case EFX_LINK_50000FDX: + return (EFX_PHY_CAP_50000FDX); + case EFX_LINK_100000FDX: + return (EFX_PHY_CAP_100000FDX); default: - EFSYS_ASSERT(B_FALSE); return (EFX_PHY_CAP_INVALID); } } diff --git a/sys/dev/sfxge/sfxge_tx.c b/sys/dev/sfxge/sfxge_tx.c index 1460d1ea9e44..4fce5ca7e76a 100644 --- a/sys/dev/sfxge/sfxge_tx.c +++ b/sys/dev/sfxge/sfxge_tx.c @@ -361,6 +361,7 @@ static int sfxge_tx_queue_mbuf(struct sfxge_txq *txq, struct mbuf *mbuf) int rc; int i; int eop; + uint16_t hw_vlan_tci_prev; int vlan_tagged; KASSERT(!txq->blocked, ("txq->blocked")); @@ -412,6 +413,8 @@ static int sfxge_tx_queue_mbuf(struct sfxge_txq *txq, struct mbuf *mbuf) used_map = &stmp->map; + hw_vlan_tci_prev = txq->hw_vlan_tci; + vlan_tagged = sfxge_tx_maybe_insert_tag(txq, mbuf); if (vlan_tagged) { sfxge_next_stmp(txq, &stmp); @@ -463,6 +466,7 @@ static int sfxge_tx_queue_mbuf(struct sfxge_txq *txq, struct mbuf *mbuf) return (0); reject_mapped: + txq->hw_vlan_tci = hw_vlan_tci_prev; bus_dmamap_unload(txq->packet_dma_tag, *used_map); reject: /* Drop the packet on the floor. */ @@ -1176,6 +1180,7 @@ static int tso_start_new_packet(struct sfxge_txq *txq, desc = &txq->pend_desc[txq->n_pend_desc]; efx_tx_qdesc_tso2_create(txq->common, tso->packet_id, + 0, tso->seqnum, tso->seg_size, desc, diff --git a/sys/dev/sound/pcm/dsp.c b/sys/dev/sound/pcm/dsp.c index 417f5c9c6919..99fcf8a16dbb 100644 --- a/sys/dev/sound/pcm/dsp.c +++ b/sys/dev/sound/pcm/dsp.c @@ -2205,7 +2205,10 @@ dsp_mmap(struct cdev *i_dev, vm_ooffset_t offset, vm_paddr_t *paddr, int nprot, vm_memattr_t *memattr) { - /* XXX memattr is not honored */ + /* + * offset is in range due to checks in dsp_mmap_single(). + * XXX memattr is not honored. + */ *paddr = vtophys(offset); return (0); } diff --git a/sys/dev/terasic/mtl/terasic_mtl_reg.c b/sys/dev/terasic/mtl/terasic_mtl_reg.c index 8fe4855ef907..29bdb5487493 100644 --- a/sys/dev/terasic/mtl/terasic_mtl_reg.c +++ b/sys/dev/terasic/mtl/terasic_mtl_reg.c @@ -132,6 +132,7 @@ terasic_mtl_reg_mmap(struct cdev *dev, vm_ooffset_t offset, vm_paddr_t *paddr, sc = dev->si_drv1; error = 0; if (trunc_page(offset) == offset && + offset + PAGE_SIZE > offset && rman_get_size(sc->mtl_reg_res) >= offset + PAGE_SIZE) { *paddr = rman_get_start(sc->mtl_reg_res) + offset; *memattr = VM_MEMATTR_UNCACHEABLE; diff --git a/sys/dev/terasic/mtl/terasic_mtl_text.c b/sys/dev/terasic/mtl/terasic_mtl_text.c index b437702ce2ee..334cc0a5291e 100644 --- a/sys/dev/terasic/mtl/terasic_mtl_text.c +++ b/sys/dev/terasic/mtl/terasic_mtl_text.c @@ -131,6 +131,7 @@ terasic_mtl_text_mmap(struct cdev *dev, vm_ooffset_t offset, sc = dev->si_drv1; error = 0; if (trunc_page(offset) == offset && + offset + PAGE_SIZE > offset && rman_get_size(sc->mtl_text_res) >= offset + PAGE_SIZE) { *paddr = rman_get_start(sc->mtl_text_res) + offset; *memattr = VM_MEMATTR_UNCACHEABLE; diff --git a/sys/dev/xen/gntdev/gntdev.c b/sys/dev/xen/gntdev/gntdev.c index 3bed65c44953..bf6685cf6ca5 100644 --- a/sys/dev/xen/gntdev/gntdev.c +++ b/sys/dev/xen/gntdev/gntdev.c @@ -814,8 +814,8 @@ gntdev_gmap_pg_fault(vm_object_t object, vm_ooffset_t offset, int prot, relative_offset = offset - gmap->file_index; - pidx = UOFF_TO_IDX(offset); - ridx = UOFF_TO_IDX(relative_offset); + pidx = OFF_TO_IDX(offset); + ridx = OFF_TO_IDX(relative_offset); if (ridx >= gmap->count || gmap->grant_map_ops[ridx].status != GNTST_okay) return (VM_PAGER_FAIL); @@ -1085,7 +1085,7 @@ mmap_gref(struct per_user_data *priv_user, struct gntdev_gref *gref_start, break; vm_page_insert(gref->page, mem_obj, - UOFF_TO_IDX(gref->file_index)); + OFF_TO_IDX(gref->file_index)); count--; } @@ -1225,7 +1225,7 @@ gntdev_mmap_single(struct cdev *cdev, vm_ooffset_t *offset, vm_size_t size, if (error != 0) return (EINVAL); - count = UOFF_TO_IDX(size); + count = OFF_TO_IDX(size); gref_start = gntdev_find_grefs(priv_user, *offset, count); if (gref_start) { diff --git a/sys/dts/arm64/overlays/sun50i-a64-opp.dtso b/sys/dts/arm64/overlays/sun50i-a64-opp.dtso new file mode 100644 index 000000000000..8a26c2c20422 --- /dev/null +++ b/sys/dts/arm64/overlays/sun50i-a64-opp.dtso @@ -0,0 +1,77 @@ +/dts-v1/; +/plugin/; + +/ { + compatible = "allwinner,sun50i-a64"; +}; + +&{/} { + cpu0_opp_table: opp_table0 { + compatible = "operating-points-v2"; + opp-shared; + + opp-648000000 { + opp-hz = /bits/ 64 <648000000>; + opp-microvolt = <1040000>; + clock-latency-ns = <244144>; /* 8 32k periods */ + }; + opp-792000000 { + opp-hz = /bits/ 64 <792000000>; + opp-microvolt = <1100000>; + clock-latency-ns = <244144>; /* 8 32k periods */ + }; + opp-816000000 { + opp-hz = /bits/ 64 <816000000>; + opp-microvolt = <1100000>; + clock-latency-ns = <244144>; /* 8 32k periods */ + }; + opp-912000000 { + opp-hz = /bits/ 64 <912000000>; + opp-microvolt = <1120000>; + clock-latency-ns = <244144>; /* 8 32k periods */ + }; + opp-960000000 { + opp-hz = /bits/ 64 <960000000>; + opp-microvolt = <1160000>; + clock-latency-ns = <244144>; /* 8 32k periods */ + }; + opp-1008000000 { + opp-hz = /bits/ 64 <1008000000>; + opp-microvolt = <1200000>; + clock-latency-ns = <244144>; /* 8 32k periods */ + }; + opp-1056000000 { + opp-hz = /bits/ 64 <1056000000>; + opp-microvolt = <1240000>; + clock-latency-ns = <244144>; /* 8 32k periods */ + }; + opp-1104000000 { + opp-hz = /bits/ 64 <1104000000>; + opp-microvolt = <1260000>; + clock-latency-ns = <244144>; /* 8 32k periods */ + }; + opp-1152000000 { + opp-hz = /bits/ 64 <1152000000>; + opp-microvolt = <1300000>; + clock-latency-ns = <244144>; /* 8 32k periods */ + }; + }; +}; + +&{/cpus/cpu@0} { + operating-points-v2 = <&cpu0_opp_table>; + clocks = <&ccu 1>; + cpu-supply = <®_dcdc2>; +}; + +&{/cpus/cpu@1} { + operating-points-v2 = <&cpu0_opp_table>; +}; + +&{/cpus/cpu@2} { + operating-points-v2 = <&cpu0_opp_table>; +}; + +&{/cpus/cpu@3} { + operating-points-v2 = <&cpu0_opp_table>; +}; diff --git a/sys/fs/procfs/procfs_dbregs.c b/sys/fs/procfs/procfs_dbregs.c index 25f6e9565c63..8d2206d2995c 100644 --- a/sys/fs/procfs/procfs_dbregs.c +++ b/sys/fs/procfs/procfs_dbregs.c @@ -112,8 +112,10 @@ procfs_doprocdbregs(PFS_FILL_ARGS) return (EINVAL); } wrap32 = 1; - } + memset(&r32, 0, sizeof(r32)); + } else #endif + memset(&r, 0, sizeof(r)); error = PROC(read, dbregs, td2, &r); if (error == 0) { PROC_UNLOCK(p); diff --git a/sys/fs/procfs/procfs_fpregs.c b/sys/fs/procfs/procfs_fpregs.c index cf48dd170691..9675030df3c0 100644 --- a/sys/fs/procfs/procfs_fpregs.c +++ b/sys/fs/procfs/procfs_fpregs.c @@ -102,7 +102,6 @@ procfs_doprocfpregs(PFS_FILL_ARGS) return (EBUSY); } - /* XXXKSE: */ td2 = FIRST_THREAD_IN_PROC(p); #ifdef COMPAT_FREEBSD32 if (SV_CURPROC_FLAG(SV_ILP32)) { @@ -111,8 +110,10 @@ procfs_doprocfpregs(PFS_FILL_ARGS) return (EINVAL); } wrap32 = 1; - } + memset(&r32, 0, sizeof(r32)); + } else #endif + memset(&r, 0, sizeof(r)); error = PROC(read, fpregs, td2, &r); if (error == 0) { PROC_UNLOCK(p); diff --git a/sys/fs/procfs/procfs_regs.c b/sys/fs/procfs/procfs_regs.c index 60e0a3851101..032141a9e32e 100644 --- a/sys/fs/procfs/procfs_regs.c +++ b/sys/fs/procfs/procfs_regs.c @@ -102,7 +102,6 @@ procfs_doprocregs(PFS_FILL_ARGS) return (EBUSY); } - /* XXXKSE: */ td2 = FIRST_THREAD_IN_PROC(p); #ifdef COMPAT_FREEBSD32 if (SV_CURPROC_FLAG(SV_ILP32)) { @@ -111,8 +110,10 @@ procfs_doprocregs(PFS_FILL_ARGS) return (EINVAL); } wrap32 = 1; - } + memset(&r32, 0, sizeof(r32)); + } else #endif + memset(&r, 0, sizeof(r)); error = PROC(read, regs, td2, &r); if (error == 0) { PROC_UNLOCK(p); diff --git a/sys/geom/geom_dev.c b/sys/geom/geom_dev.c index 2a5aca6b4237..e470a516ca78 100644 --- a/sys/geom/geom_dev.c +++ b/sys/geom/geom_dev.c @@ -583,6 +583,20 @@ g_dev_ioctl(struct cdev *dev, u_long cmd, caddr_t data, int fflag, struct thread error = EINVAL; break; } + if ((cp->provider->mediasize > 0) && + (offset >= cp->provider->mediasize)) { + /* + * Catch out-of-bounds requests here. The problem is + * that due to historical GEOM I/O implementation + * peculatities, g_delete_data() would always return + * success for requests starting just the next byte + * after providers media boundary. Condition check on + * non-zero media size, since that condition would + * (most likely) cause ENXIO instead. + */ + error = EIO; + break; + } while (length > 0) { chunk = length; if (g_dev_del_max_sectors != 0 && chunk > diff --git a/sys/geom/journal/g_journal_ufs.c b/sys/geom/journal/g_journal_ufs.c index de0dbd83d48b..028c68079482 100644 --- a/sys/geom/journal/g_journal_ufs.c +++ b/sys/geom/journal/g_journal_ufs.c @@ -72,7 +72,7 @@ g_journal_ufs_dirty(struct g_consumer *cp) fs = NULL; if (SBLOCKSIZE % cp->provider->sectorsize != 0 || - ffs_sbget(cp, &fs, -1, M_GEOM, g_use_g_read_data) != 0) { + ffs_sbget(cp, &fs, STDSB, M_GEOM, g_use_g_read_data) != 0) { GJ_DEBUG(0, "Cannot find superblock to mark file system %s " "as dirty.", cp->provider->name); KASSERT(fs == NULL, diff --git a/sys/geom/label/g_label_ufs.c b/sys/geom/label/g_label_ufs.c index b247eaad827d..4c4d43cad0f7 100644 --- a/sys/geom/label/g_label_ufs.c +++ b/sys/geom/label/g_label_ufs.c @@ -77,7 +77,7 @@ g_label_ufs_taste_common(struct g_consumer *cp, char *label, size_t size, int wh fs = NULL; if (SBLOCKSIZE % pp->sectorsize != 0 || - ffs_sbget(cp, &fs, -1, M_GEOM, g_use_g_read_data) != 0) { + ffs_sbget(cp, &fs, STDSB, M_GEOM, g_use_g_read_data) != 0) { KASSERT(fs == NULL, ("g_label_ufs_taste_common: non-NULL fs %p\n", fs)); return; diff --git a/sys/geom/mirror/g_mirror.c b/sys/geom/mirror/g_mirror.c index 0c95482c678d..4a29bf25522a 100644 --- a/sys/geom/mirror/g_mirror.c +++ b/sys/geom/mirror/g_mirror.c @@ -59,6 +59,11 @@ static SYSCTL_NODE(_kern_geom, OID_AUTO, mirror, CTLFLAG_RW, 0, int g_mirror_debug = 0; SYSCTL_INT(_kern_geom_mirror, OID_AUTO, debug, CTLFLAG_RWTUN, &g_mirror_debug, 0, "Debug level"); +bool g_launch_mirror_before_timeout = true; +SYSCTL_BOOL(_kern_geom_mirror, OID_AUTO, launch_mirror_before_timeout, + CTLFLAG_RWTUN, &g_launch_mirror_before_timeout, 0, + "If false, force gmirror to wait out the full kern.geom.mirror.timeout " + "before launching mirrors"); static u_int g_mirror_timeout = 4; SYSCTL_UINT(_kern_geom_mirror, OID_AUTO, timeout, CTLFLAG_RWTUN, &g_mirror_timeout, 0, "Time to wait on all mirror components"); @@ -110,6 +115,8 @@ static int g_mirror_update_disk(struct g_mirror_disk *disk, u_int state); static void g_mirror_update_device(struct g_mirror_softc *sc, bool force); static void g_mirror_dumpconf(struct sbuf *sb, const char *indent, struct g_geom *gp, struct g_consumer *cp, struct g_provider *pp); +static int g_mirror_refresh_device(struct g_mirror_softc *sc, + const struct g_provider *pp, const struct g_mirror_metadata *md); static void g_mirror_sync_reinit(const struct g_mirror_disk *disk, struct bio *bp, off_t offset); static void g_mirror_sync_stop(struct g_mirror_disk *disk, int type); @@ -472,6 +479,10 @@ g_mirror_init_disk(struct g_mirror_softc *sc, struct g_provider *pp, disk->d_sync.ds_update_ts = time_uptime; disk->d_genid = md->md_genid; disk->d_sync.ds_syncid = md->md_syncid; + disk->d_init_ndisks = md->md_all; + disk->d_init_slice = md->md_slice; + disk->d_init_balance = md->md_balance; + disk->d_init_mediasize = md->md_mediasize; if (errorp != NULL) *errorp = 0; return (disk); @@ -2362,17 +2373,74 @@ g_mirror_update_device(struct g_mirror_softc *sc, bool force) case G_MIRROR_DEVICE_STATE_STARTING: { struct g_mirror_disk *pdisk, *tdisk; - u_int dirty, ndisks, genid, syncid; - bool broken; + const char *mismatch; + uintmax_t found, newest; + u_int dirty, ndisks; + + /* Pre-flight checks */ + LIST_FOREACH_SAFE(disk, &sc->sc_disks, d_next, tdisk) { + /* + * Confirm we already detected the newest genid. + */ + KASSERT(sc->sc_genid >= disk->d_genid, + ("%s: found newer genid %u (sc:%p had %u).", __func__, + disk->d_genid, sc, sc->sc_genid)); + + /* Kick out any previously tasted stale components. */ + if (disk->d_genid < sc->sc_genid) { + G_MIRROR_DEBUG(0, "Stale 'genid' field on %s " + "(device %s) (component=%u latest=%u), skipping.", + g_mirror_get_diskname(disk), sc->sc_name, + disk->d_genid, sc->sc_genid); + g_mirror_destroy_disk(disk); + sc->sc_bump_id |= G_MIRROR_BUMP_SYNCID; + continue; + } + + /* + * Confirm we already detected the newest syncid. + */ + KASSERT(sc->sc_syncid >= disk->d_sync.ds_syncid, + ("%s: found newer syncid %u (sc:%p had %u).", + __func__, disk->d_sync.ds_syncid, sc, + sc->sc_syncid)); + +#define DETECT_MISMATCH(field, name) \ + if (mismatch == NULL && \ + disk->d_init_ ## field != sc->sc_ ## field) { \ + mismatch = name; \ + found = (intmax_t)disk->d_init_ ## field; \ + newest = (intmax_t)sc->sc_ ## field; \ + } + mismatch = NULL; + DETECT_MISMATCH(ndisks, "md_all"); + DETECT_MISMATCH(balance, "md_balance"); + DETECT_MISMATCH(slice, "md_slice"); + DETECT_MISMATCH(mediasize, "md_mediasize"); +#undef DETECT_MISMATCH + if (mismatch != NULL) { + G_MIRROR_DEBUG(0, "Found a mismatching '%s' " + "field on %s (device %s) (found=%ju " + "newest=%ju).", mismatch, + g_mirror_get_diskname(disk), sc->sc_name, + found, newest); + g_mirror_destroy_disk(disk); + sc->sc_bump_id |= G_MIRROR_BUMP_SYNCID; + continue; + } + } KASSERT(sc->sc_provider == NULL, ("Non-NULL provider in STARTING state (%s).", sc->sc_name)); /* - * Are we ready? We are, if all disks are connected or - * if we have any disks and 'force' is true. + * Are we ready? If the timeout (force is true) has expired, and + * any disks are present, then yes. If we're permitted to launch + * before the timeout has expired and the expected number of + * current-generation mirror disks have been tasted, then yes. */ ndisks = g_mirror_ndisks(sc, -1); - if (sc->sc_ndisks == ndisks || (force && ndisks > 0)) { + if ((force && ndisks > 0) || + (g_launch_mirror_before_timeout && ndisks == sc->sc_ndisks)) { ; } else if (ndisks == 0) { /* @@ -2420,42 +2488,6 @@ g_mirror_update_device(struct g_mirror_softc *sc, bool force) } /* - * Find the biggest genid. - */ - genid = 0; - LIST_FOREACH(disk, &sc->sc_disks, d_next) { - if (disk->d_genid > genid) - genid = disk->d_genid; - } - sc->sc_genid = genid; - /* - * Remove all disks without the biggest genid. - */ - broken = false; - LIST_FOREACH_SAFE(disk, &sc->sc_disks, d_next, tdisk) { - if (disk->d_genid < genid) { - G_MIRROR_DEBUG(0, - "Component %s (device %s) broken, skipping.", - g_mirror_get_diskname(disk), sc->sc_name); - g_mirror_destroy_disk(disk); - /* - * Bump the syncid in case we discover a healthy - * replacement disk after starting the mirror. - */ - broken = true; - } - } - - /* - * Find the biggest syncid. - */ - syncid = 0; - LIST_FOREACH(disk, &sc->sc_disks, d_next) { - if (disk->d_sync.ds_syncid > syncid) - syncid = disk->d_sync.ds_syncid; - } - - /* * Here we need to look for dirty disks and if all disks * with the biggest syncid are dirty, we have to choose * one with the biggest priority and rebuild the rest. @@ -2468,7 +2500,7 @@ g_mirror_update_device(struct g_mirror_softc *sc, bool force) dirty = ndisks = 0; pdisk = NULL; LIST_FOREACH(disk, &sc->sc_disks, d_next) { - if (disk->d_sync.ds_syncid != syncid) + if (disk->d_sync.ds_syncid != sc->sc_syncid) continue; if ((disk->d_flags & G_MIRROR_DISK_FLAG_SYNCHRONIZING) != 0) { @@ -2495,7 +2527,7 @@ g_mirror_update_device(struct g_mirror_softc *sc, bool force) "master disk for synchronization.", g_mirror_get_diskname(pdisk), sc->sc_name); LIST_FOREACH(disk, &sc->sc_disks, d_next) { - if (disk->d_sync.ds_syncid != syncid) + if (disk->d_sync.ds_syncid != sc->sc_syncid) continue; if ((disk->d_flags & G_MIRROR_DISK_FLAG_SYNCHRONIZING) != 0) { @@ -2516,7 +2548,7 @@ g_mirror_update_device(struct g_mirror_softc *sc, bool force) * We have some non-dirty disks. */ LIST_FOREACH(disk, &sc->sc_disks, d_next) { - if (disk->d_sync.ds_syncid != syncid) + if (disk->d_sync.ds_syncid != sc->sc_syncid) continue; if ((disk->d_flags & G_MIRROR_DISK_FLAG_SYNCHRONIZING) != 0) { @@ -2532,8 +2564,7 @@ g_mirror_update_device(struct g_mirror_softc *sc, bool force) /* Reset hint. */ sc->sc_hint = NULL; - sc->sc_syncid = syncid; - if (force || broken) { + if (force) { /* Remember to bump syncid on first write. */ sc->sc_bump_id |= G_MIRROR_BUMP_SYNCID; } @@ -2870,37 +2901,24 @@ g_mirror_check_metadata(struct g_mirror_softc *sc, struct g_provider *pp, struct g_mirror_metadata *md) { + G_MIRROR_DEBUG(2, "%s: md_did 0x%u disk %s device %s md_all 0x%x " + "sc_ndisks 0x%x md_slice 0x%x sc_slice 0x%x md_balance 0x%x " + "sc_balance 0x%x sc_mediasize 0x%jx pp_mediasize 0x%jx " + "md_sectorsize 0x%x sc_sectorsize 0x%x md_mflags 0x%jx " + "md_dflags 0x%jx md_syncid 0x%x md_genid 0x%x md_priority 0x%x " + "sc_state 0x%x.", + __func__, md->md_did, pp->name, sc->sc_name, md->md_all, + sc->sc_ndisks, md->md_slice, sc->sc_slice, md->md_balance, + sc->sc_balance, (uintmax_t)sc->sc_mediasize, + (uintmax_t)pp->mediasize, md->md_sectorsize, sc->sc_sectorsize, + (uintmax_t)md->md_mflags, (uintmax_t)md->md_dflags, md->md_syncid, + md->md_genid, md->md_priority, sc->sc_state); + if (g_mirror_id2disk(sc, md->md_did) != NULL) { G_MIRROR_DEBUG(1, "Disk %s (id=%u) already exists, skipping.", pp->name, md->md_did); return (EEXIST); } - if (md->md_all != sc->sc_ndisks) { - G_MIRROR_DEBUG(1, - "Invalid '%s' field on disk %s (device %s), skipping.", - "md_all", pp->name, sc->sc_name); - return (EINVAL); - } - if (md->md_slice != sc->sc_slice) { - G_MIRROR_DEBUG(1, - "Invalid '%s' field on disk %s (device %s), skipping.", - "md_slice", pp->name, sc->sc_name); - return (EINVAL); - } - if (md->md_balance != sc->sc_balance) { - G_MIRROR_DEBUG(1, - "Invalid '%s' field on disk %s (device %s), skipping.", - "md_balance", pp->name, sc->sc_name); - return (EINVAL); - } -#if 0 - if (md->md_mediasize != sc->sc_mediasize) { - G_MIRROR_DEBUG(1, - "Invalid '%s' field on disk %s (device %s), skipping.", - "md_mediasize", pp->name, sc->sc_name); - return (EINVAL); - } -#endif if (sc->sc_mediasize > pp->mediasize) { G_MIRROR_DEBUG(1, "Invalid size of disk %s (device %s), skipping.", pp->name, @@ -2947,12 +2965,21 @@ g_mirror_add_disk(struct g_mirror_softc *sc, struct g_provider *pp, error = g_mirror_check_metadata(sc, pp, md); if (error != 0) return (error); - if (sc->sc_state == G_MIRROR_DEVICE_STATE_RUNNING && - md->md_genid < sc->sc_genid) { + + if (md->md_genid < sc->sc_genid) { G_MIRROR_DEBUG(0, "Component %s (device %s) broken, skipping.", pp->name, sc->sc_name); return (EINVAL); } + + /* + * If the component disk we're tasting has newer metadata than the + * STARTING gmirror device, refresh the device from the component. + */ + error = g_mirror_refresh_device(sc, pp, md); + if (error != 0) + return (error); + disk = g_mirror_init_disk(sc, pp, md, &error); if (disk == NULL) return (error); @@ -3029,6 +3056,21 @@ end: return (error); } +static void +g_mirror_reinit_from_metadata(struct g_mirror_softc *sc, + const struct g_mirror_metadata *md) +{ + + sc->sc_genid = md->md_genid; + sc->sc_syncid = md->md_syncid; + + sc->sc_slice = md->md_slice; + sc->sc_balance = md->md_balance; + sc->sc_mediasize = md->md_mediasize; + sc->sc_ndisks = md->md_all; + sc->sc_flags = md->md_mflags; +} + struct g_geom * g_mirror_create(struct g_class *mp, const struct g_mirror_metadata *md, u_int type) @@ -3056,12 +3098,8 @@ g_mirror_create(struct g_class *mp, const struct g_mirror_metadata *md, sc->sc_type = type; sc->sc_id = md->md_mid; - sc->sc_slice = md->md_slice; - sc->sc_balance = md->md_balance; - sc->sc_mediasize = md->md_mediasize; + g_mirror_reinit_from_metadata(sc, md); sc->sc_sectorsize = md->md_sectorsize; - sc->sc_ndisks = md->md_all; - sc->sc_flags = md->md_mflags; sc->sc_bump_id = 0; sc->sc_idle = 1; sc->sc_last_write = time_uptime; @@ -3484,5 +3522,51 @@ g_mirror_fini(struct g_class *mp) EVENTHANDLER_DEREGISTER(shutdown_post_sync, g_mirror_post_sync); } +/* + * Refresh the mirror device's metadata when gmirror encounters a newer + * generation as the individual components are being added to the mirror set. + */ +static int +g_mirror_refresh_device(struct g_mirror_softc *sc, const struct g_provider *pp, + const struct g_mirror_metadata *md) +{ + + g_topology_assert_not(); + sx_assert(&sc->sc_lock, SX_XLOCKED); + + KASSERT(sc->sc_genid <= md->md_genid, + ("%s: attempted to refresh from stale component %s (device %s) " + "(%u < %u).", __func__, pp->name, sc->sc_name, md->md_genid, + sc->sc_genid)); + + if (sc->sc_genid > md->md_genid || (sc->sc_genid == md->md_genid && + sc->sc_syncid >= md->md_syncid)) + return (0); + + G_MIRROR_DEBUG(0, "Found newer version for device %s (genid: curr=%u " + "new=%u; syncid: curr=%u new=%u; ndisks: curr=%u new=%u; " + "provider=%s).", sc->sc_name, sc->sc_genid, md->md_genid, + sc->sc_syncid, md->md_syncid, sc->sc_ndisks, md->md_all, pp->name); + + if (sc->sc_state != G_MIRROR_DEVICE_STATE_STARTING) { + /* Probable data corruption detected */ + G_MIRROR_DEBUG(0, "Cannot refresh metadata in %s state " + "(device=%s genid=%u). A stale mirror device was launched.", + g_mirror_device_state2str(sc->sc_state), sc->sc_name, + sc->sc_genid); + return (EINVAL); + } + + /* Update softc */ + g_mirror_reinit_from_metadata(sc, md); + + G_MIRROR_DEBUG(1, "Refresh device %s (id=%u, state=%s) from disk %s " + "(genid=%u syncid=%u md_all=%u).", sc->sc_name, md->md_mid, + g_mirror_device_state2str(sc->sc_state), pp->name, md->md_genid, + md->md_syncid, (unsigned)md->md_all); + + return (0); +} + DECLARE_GEOM_CLASS(g_mirror_class, g_mirror); MODULE_VERSION(geom_mirror, 0); diff --git a/sys/geom/mirror/g_mirror.h b/sys/geom/mirror/g_mirror.h index 22b3ff692d51..050219acd1ba 100644 --- a/sys/geom/mirror/g_mirror.h +++ b/sys/geom/mirror/g_mirror.h @@ -148,6 +148,10 @@ struct g_mirror_disk { u_int d_genid; /* Disk's generation ID. */ struct g_mirror_disk_sync d_sync;/* Sync information. */ LIST_ENTRY(g_mirror_disk) d_next; + u_int d_init_ndisks; /* Initial number of mirror components */ + uint32_t d_init_slice; /* Initial slice size */ + uint8_t d_init_balance;/* Initial balance */ + uint64_t d_init_mediasize;/* Initial mediasize */ }; #define d_name d_consumer->provider->name diff --git a/sys/geom/part/g_part.c b/sys/geom/part/g_part.c index 0148f4ebb740..3b8fe3916aec 100644 --- a/sys/geom/part/g_part.c +++ b/sys/geom/part/g_part.c @@ -1627,6 +1627,7 @@ g_part_ctlreq(struct gctl_req *req, struct g_class *mp, const char *verb) if (!strcmp(verb, "bootcode")) { ctlreq = G_PART_CTL_BOOTCODE; mparms |= G_PART_PARM_GEOM | G_PART_PARM_BOOTCODE; + oparms |= G_PART_PARM_SKIP_DSN; } break; case 'c': @@ -1744,6 +1745,8 @@ g_part_ctlreq(struct gctl_req *req, struct g_class *mp, const char *verb) parm = G_PART_PARM_SIZE; else if (!strcmp(ap->name, "start")) parm = G_PART_PARM_START; + else if (!strcmp(ap->name, "skip_dsn")) + parm = G_PART_PARM_SKIP_DSN; break; case 't': if (!strcmp(ap->name, "type")) @@ -1804,6 +1807,10 @@ g_part_ctlreq(struct gctl_req *req, struct g_class *mp, const char *verb) case G_PART_PARM_SIZE: error = g_part_parm_quad(req, ap->name, &gpp.gpp_size); break; + case G_PART_PARM_SKIP_DSN: + error = g_part_parm_uint32(req, ap->name, + &gpp.gpp_skip_dsn); + break; case G_PART_PARM_START: error = g_part_parm_quad(req, ap->name, &gpp.gpp_start); diff --git a/sys/geom/part/g_part.h b/sys/geom/part/g_part.h index acf318466bf8..6e9a9463ccc9 100644 --- a/sys/geom/part/g_part.h +++ b/sys/geom/part/g_part.h @@ -202,6 +202,7 @@ enum g_part_ctl { #define G_PART_PARM_BOOTCODE 0x1000 #define G_PART_PARM_ATTRIB 0x2000 #define G_PART_PARM_FORCE 0x4000 +#define G_PART_PARM_SKIP_DSN 0x8000 struct g_part_parms { unsigned int gpp_parms; @@ -220,6 +221,7 @@ struct g_part_parms { unsigned int gpp_codesize; const char *gpp_attrib; unsigned int gpp_force; + unsigned int gpp_skip_dsn; }; void g_part_geometry_heads(off_t, u_int, off_t *, u_int *); diff --git a/sys/geom/part/g_part_mbr.c b/sys/geom/part/g_part_mbr.c index 8b4da964367a..a442e25c94d0 100644 --- a/sys/geom/part/g_part_mbr.c +++ b/sys/geom/part/g_part_mbr.c @@ -274,7 +274,7 @@ g_part_mbr_bootcode(struct g_part_table *basetable, struct g_part_parms *gpp) table = (struct g_part_mbr_table *)basetable; dsn = *(uint32_t *)(table->mbr + DOSDSNOFF); bcopy(gpp->gpp_codeptr, table->mbr, DOSPARTOFF); - if (dsn != 0) + if (dsn != 0 && !gpp->gpp_skip_dsn) *(uint32_t *)(table->mbr + DOSDSNOFF) = dsn; return (0); } diff --git a/sys/i386/i386/machdep.c b/sys/i386/i386/machdep.c index 23b82b311391..95d3ae4a3452 100644 --- a/sys/i386/i386/machdep.c +++ b/sys/i386/i386/machdep.c @@ -645,7 +645,6 @@ sendsig(sig_t catcher, ksiginfo_t *ksi, sigset_t *mask) sdp->sd_lobase; bzero(sf.sf_uc.uc_mcontext.mc_spare2, sizeof(sf.sf_uc.uc_mcontext.mc_spare2)); - bzero(sf.sf_uc.__spare__, sizeof(sf.sf_uc.__spare__)); /* Allocate space for the signal handler context. */ if ((td->td_pflags & TDP_ALTSTACK) != 0 && !oonstack && @@ -2817,6 +2816,7 @@ fill_regs(struct thread *td, struct reg *regs) int fill_frame_regs(struct trapframe *tp, struct reg *regs) { + regs->r_fs = tp->tf_fs; regs->r_es = tp->tf_es; regs->r_ds = tp->tf_ds; @@ -2832,6 +2832,8 @@ fill_frame_regs(struct trapframe *tp, struct reg *regs) regs->r_eflags = tp->tf_eflags; regs->r_esp = tp->tf_esp; regs->r_ss = tp->tf_ss; + regs->r_err = 0; + regs->r_trapno = 0; return (0); } diff --git a/sys/i386/i386/mpboot.s b/sys/i386/i386/mpboot.s index 0ba1bc94bc52..29b49f14a804 100644 --- a/sys/i386/i386/mpboot.s +++ b/sys/i386/i386/mpboot.s @@ -99,6 +99,20 @@ NON_GPROF_ENTRY(MPentry) movl %cr4, %eax orl $CR4_PAE, %eax movl %eax, %cr4 + movl $0x80000000, %eax + cpuid + movl $0x80000001, %ebx + cmpl %ebx, %eax + jb 1f + movl %ebx, %eax + cpuid + testl $AMDID_NX, %edx + je 1f + movl $MSR_EFER, %ecx + rdmsr + orl $EFER_NXE,%eax + wrmsr +1: #else movl IdlePTD, %eax movl %eax,%cr3 diff --git a/sys/i386/i386/pmap.c b/sys/i386/i386/pmap.c index ff9b8022193a..763808be016c 100644 --- a/sys/i386/i386/pmap.c +++ b/sys/i386/i386/pmap.c @@ -2568,7 +2568,7 @@ get_pv_entry(pmap_t pmap, boolean_t try) if (ratecheck(&lastprint, &printinterval)) printf("Approaching the limit on PV entries, consider " "increasing either the vm.pmap.shpgperproc or the " - "vm.pmap.pv_entry_max tunable.\n"); + "vm.pmap.pv_entries tunable.\n"); retry: pc = TAILQ_FIRST(&pmap->pm_pvchunk); if (pc != NULL) { diff --git a/sys/kern/imgact_binmisc.c b/sys/kern/imgact_binmisc.c index 7a7ee0d6f1d9..04fecc67de13 100644 --- a/sys/kern/imgact_binmisc.c +++ b/sys/kern/imgact_binmisc.c @@ -649,22 +649,13 @@ imgact_binmisc_exec(struct image_params *imgp) s++; } - /* Check to make sure we won't overrun the stringspace. */ - if (offset > imgp->args->stringspace) { + /* Make room for the interpreter */ + error = exec_args_adjust_args(imgp->args, 0, offset); + if (error != 0) { sx_sunlock(&interp_list_sx); - error = E2BIG; goto done; } - /* Make room for the interpreter */ - bcopy(imgp->args->begin_argv, imgp->args->begin_argv + offset, - imgp->args->endp - imgp->args->begin_argv); - - /* Adjust everything by the offset. */ - imgp->args->begin_envv += offset; - imgp->args->endp += offset; - imgp->args->stringspace -= offset; - /* Add the new argument(s) in the count. */ imgp->args->argc += ibe->ibe_interp_argcnt; diff --git a/sys/kern/imgact_elf.c b/sys/kern/imgact_elf.c index 60722e55cf8c..0d946886fbe7 100644 --- a/sys/kern/imgact_elf.c +++ b/sys/kern/imgact_elf.c @@ -2118,10 +2118,8 @@ __elfN(note_procstat_proc)(void *arg, struct sbuf *sb, size_t *sizep) KASSERT(*sizep == size, ("invalid size")); structsize = sizeof(elf_kinfo_proc_t); sbuf_bcat(sb, &structsize, sizeof(structsize)); - sx_slock(&proctree_lock); PROC_LOCK(p); kern_proc_out(p, sb, ELF_KERN_PROC_MASK); - sx_sunlock(&proctree_lock); } *sizep = size; } diff --git a/sys/kern/imgact_shell.c b/sys/kern/imgact_shell.c index 487d7b3ea05f..d5287a4e95d1 100644 --- a/sys/kern/imgact_shell.c +++ b/sys/kern/imgact_shell.c @@ -196,20 +196,13 @@ exec_shell_imgact(struct image_params *imgp) length = (imgp->args->argc == 0) ? 0 : strlen(imgp->args->begin_argv) + 1; /* bytes to delete */ - if (offset > imgp->args->stringspace + length) { + error = exec_args_adjust_args(imgp->args, length, offset); + if (error != 0) { if (sname != NULL) sbuf_delete(sname); - return (E2BIG); + return (error); } - bcopy(imgp->args->begin_argv + length, imgp->args->begin_argv + offset, - imgp->args->endp - (imgp->args->begin_argv + length)); - - offset -= length; /* calculate actual adjustment */ - imgp->args->begin_envv += offset; - imgp->args->endp += offset; - imgp->args->stringspace -= offset; - /* * If there was no arg[0] when we started, then the interpreter_name * is adding an argument (instead of replacing the arg[0] we started diff --git a/sys/kern/init_main.c b/sys/kern/init_main.c index 402836d5e702..39c6b7f65178 100644 --- a/sys/kern/init_main.c +++ b/sys/kern/init_main.c @@ -56,6 +56,7 @@ __FBSDID("$FreeBSD$"); #include <sys/exec.h> #include <sys/file.h> #include <sys/filedesc.h> +#include <sys/imgact.h> #include <sys/jail.h> #include <sys/ktr.h> #include <sys/lock.h> @@ -716,15 +717,13 @@ SYSCTL_INT(_kern, OID_AUTO, init_shutdown_timeout, static void start_init(void *dummy) { - vm_offset_t addr; - struct execve_args args; - int options, error; - size_t pathlen; + struct image_args args; + int error; char *var, *path; char *free_init_path, *tmp_init_path; - char *ucp, **uap, *arg0, *arg1; struct thread *td; struct proc *p; + struct vmspace *oldvmspace; TSENTER(); /* Here so we don't overlap with mi_startup. */ @@ -736,16 +735,6 @@ start_init(void *dummy) /* Wipe GELI passphrase from the environment. */ kern_unsetenv("kern.geom.eli.passphrase"); - /* - * Need just enough stack to hold the faked-up "execve()" arguments. - */ - addr = p->p_sysent->sv_usrstack - PAGE_SIZE; - if (vm_map_find(&p->p_vmspace->vm_map, NULL, 0, &addr, PAGE_SIZE, 0, - VMFS_NO_SPACE, VM_PROT_ALL, VM_PROT_ALL, 0) != 0) - panic("init: couldn't allocate argument space"); - p->p_vmspace->vm_maxsaddr = (caddr_t)addr; - p->p_vmspace->vm_ssize = 1; - if ((var = kern_getenv("init_path")) != NULL) { strlcpy(init_path, var, sizeof(init_path)); freeenv(var); @@ -753,58 +742,25 @@ start_init(void *dummy) free_init_path = tmp_init_path = strdup(init_path, M_TEMP); while ((path = strsep(&tmp_init_path, ":")) != NULL) { - pathlen = strlen(path) + 1; if (bootverbose) printf("start_init: trying %s\n", path); - /* - * Move out the boot flag argument. - */ - options = 0; - ucp = (char *)p->p_sysent->sv_usrstack; - (void)subyte(--ucp, 0); /* trailing zero */ - if (boothowto & RB_SINGLE) { - (void)subyte(--ucp, 's'); - options = 1; - } -#ifdef notyet - if (boothowto & RB_FASTBOOT) { - (void)subyte(--ucp, 'f'); - options = 1; - } -#endif - -#ifdef BOOTCDROM - (void)subyte(--ucp, 'C'); - options = 1; -#endif - - if (options == 0) - (void)subyte(--ucp, '-'); - (void)subyte(--ucp, '-'); /* leading hyphen */ - arg1 = ucp; - - /* - * Move out the file name (also arg 0). - */ - ucp -= pathlen; - copyout(path, ucp, pathlen); - arg0 = ucp; - - /* - * Move out the arg pointers. - */ - uap = (char **)rounddown2((intptr_t)ucp, sizeof(intptr_t)); - (void)suword((caddr_t)--uap, (long)0); /* terminator */ - (void)suword((caddr_t)--uap, (long)(intptr_t)arg1); - (void)suword((caddr_t)--uap, (long)(intptr_t)arg0); - - /* - * Point at the arguments. - */ - args.fname = arg0; - args.argv = uap; - args.envv = NULL; + memset(&args, 0, sizeof(args)); + error = exec_alloc_args(&args); + if (error != 0) + panic("%s: Can't allocate space for init arguments %d", + __func__, error); + + error = exec_args_add_fname(&args, path, UIO_SYSSPACE); + if (error != 0) + panic("%s: Can't add fname %d", __func__, error); + error = exec_args_add_arg(&args, path, UIO_SYSSPACE); + if (error != 0) + panic("%s: Can't add argv[0] %d", __func__, error); + if (boothowto & RB_SINGLE) + error = exec_args_add_arg(&args, "-s", UIO_SYSSPACE); + if (error != 0) + panic("%s: Can't add argv[0] %d", __func__, error); /* * Now try to exec the program. If can't for any reason @@ -813,7 +769,19 @@ start_init(void *dummy) * Otherwise, return via fork_trampoline() all the way * to user mode as init! */ - if ((error = sys_execve(td, &args)) == EJUSTRETURN) { + KASSERT((td->td_pflags & TDP_EXECVMSPC) == 0, + ("nested execve")); + oldvmspace = td->td_proc->p_vmspace; + error = kern_execve(td, &args, NULL); + KASSERT(error != 0, + ("kern_execve returned success, not EJUSTRETURN")); + if (error == EJUSTRETURN) { + if ((td->td_pflags & TDP_EXECVMSPC) != 0) { + KASSERT(p->p_vmspace != oldvmspace, + ("oldvmspace still used")); + vmspace_free(oldvmspace); + td->td_pflags &= ~TDP_EXECVMSPC; + } free(free_init_path, M_TEMP); TSEXIT(); return; diff --git a/sys/kern/init_sysent.c b/sys/kern/init_sysent.c index a567d0d83d95..63de745465cf 100644 --- a/sys/kern/init_sysent.c +++ b/sys/kern/init_sysent.c @@ -112,7 +112,7 @@ struct sysent sysent[] = { { AS(umask_args), (sy_call_t *)sys_umask, AUE_UMASK, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, /* 60 = umask */ { AS(chroot_args), (sy_call_t *)sys_chroot, AUE_CHROOT, NULL, 0, 0, 0, SY_THR_STATIC }, /* 61 = chroot */ { compat(AS(ofstat_args),fstat), AUE_FSTAT, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, /* 62 = old fstat */ - { compat(AS(getkerninfo_args),getkerninfo), AUE_NULL, NULL, 0, 0, 0, SY_THR_STATIC }, /* 63 = old getkerninfo */ + { compat(AS(ogetkerninfo_args),getkerninfo), AUE_NULL, NULL, 0, 0, 0, SY_THR_STATIC }, /* 63 = old getkerninfo */ { compat(0,getpagesize), AUE_NULL, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, /* 64 = old getpagesize */ { AS(msync_args), (sy_call_t *)sys_msync, AUE_MSYNC, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, /* 65 = msync */ { 0, (sy_call_t *)sys_vfork, AUE_VFORK, NULL, 0, 0, 0, SY_THR_STATIC }, /* 66 = vfork */ @@ -136,8 +136,8 @@ struct sysent sysent[] = { { compat(0,wait), AUE_WAIT4, NULL, 0, 0, 0, SY_THR_STATIC }, /* 84 = old wait */ { AS(swapon_args), (sy_call_t *)sys_swapon, AUE_SWAPON, NULL, 0, 0, 0, SY_THR_STATIC }, /* 85 = swapon */ { AS(getitimer_args), (sy_call_t *)sys_getitimer, AUE_GETITIMER, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, /* 86 = getitimer */ - { compat(AS(gethostname_args),gethostname), AUE_SYSCTL, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, /* 87 = old gethostname */ - { compat(AS(sethostname_args),sethostname), AUE_SYSCTL, NULL, 0, 0, 0, SY_THR_STATIC }, /* 88 = old sethostname */ + { compat(AS(ogethostname_args),gethostname), AUE_SYSCTL, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, /* 87 = old gethostname */ + { compat(AS(osethostname_args),sethostname), AUE_SYSCTL, NULL, 0, 0, 0, SY_THR_STATIC }, /* 88 = old sethostname */ { 0, (sy_call_t *)sys_getdtablesize, AUE_GETDTABLESIZE, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, /* 89 = getdtablesize */ { AS(dup2_args), (sy_call_t *)sys_dup2, AUE_DUP2, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, /* 90 = dup2 */ { 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0, SY_THR_ABSENT }, /* 91 = getdopt */ @@ -148,7 +148,7 @@ struct sysent sysent[] = { { AS(setpriority_args), (sy_call_t *)sys_setpriority, AUE_SETPRIORITY, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, /* 96 = setpriority */ { AS(socket_args), (sy_call_t *)sys_socket, AUE_SOCKET, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, /* 97 = socket */ { AS(connect_args), (sy_call_t *)sys_connect, AUE_CONNECT, NULL, 0, 0, 0, SY_THR_STATIC }, /* 98 = connect */ - { compat(AS(accept_args),accept), AUE_ACCEPT, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, /* 99 = old accept */ + { compat(AS(oaccept_args),accept), AUE_ACCEPT, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, /* 99 = old accept */ { AS(getpriority_args), (sy_call_t *)sys_getpriority, AUE_GETPRIORITY, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, /* 100 = getpriority */ { compat(AS(osend_args),send), AUE_SEND, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, /* 101 = old send */ { compat(AS(orecv_args),recv), AUE_RECV, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, /* 102 = old recv */ @@ -613,4 +613,8 @@ struct sysent sysent[] = { { AS(cpuset_getdomain_args), (sy_call_t *)sys_cpuset_getdomain, AUE_NULL, NULL, 0, 0, 0, SY_THR_STATIC }, /* 561 = cpuset_getdomain */ { AS(cpuset_setdomain_args), (sy_call_t *)sys_cpuset_setdomain, AUE_NULL, NULL, 0, 0, 0, SY_THR_STATIC }, /* 562 = cpuset_setdomain */ { AS(getrandom_args), (sy_call_t *)sys_getrandom, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, /* 563 = getrandom */ + { AS(getfhat_args), (sy_call_t *)sys_getfhat, AUE_NULL, NULL, 0, 0, 0, SY_THR_STATIC }, /* 564 = getfhat */ + { AS(fhlink_args), (sy_call_t *)sys_fhlink, AUE_NULL, NULL, 0, 0, 0, SY_THR_STATIC }, /* 565 = fhlink */ + { AS(fhlinkat_args), (sy_call_t *)sys_fhlinkat, AUE_NULL, NULL, 0, 0, 0, SY_THR_STATIC }, /* 566 = fhlinkat */ + { AS(fhreadlink_args), (sy_call_t *)sys_fhreadlink, AUE_NULL, NULL, 0, 0, 0, SY_THR_STATIC }, /* 567 = fhreadlink */ }; diff --git a/sys/kern/kern_clock.c b/sys/kern/kern_clock.c index d8a3796f91de..4f820f3e3453 100644 --- a/sys/kern/kern_clock.c +++ b/sys/kern/kern_clock.c @@ -421,6 +421,36 @@ initclocks(void *dummy) #endif } +static __noinline void +hardclock_itimer(struct thread *td, struct pstats *pstats, int cnt, int usermode) +{ + struct proc *p; + int flags; + + flags = 0; + p = td->td_proc; + if (usermode && + timevalisset(&pstats->p_timer[ITIMER_VIRTUAL].it_value)) { + PROC_ITIMLOCK(p); + if (itimerdecr(&pstats->p_timer[ITIMER_VIRTUAL], + tick * cnt) == 0) + flags |= TDF_ALRMPEND | TDF_ASTPENDING; + PROC_ITIMUNLOCK(p); + } + if (timevalisset(&pstats->p_timer[ITIMER_PROF].it_value)) { + PROC_ITIMLOCK(p); + if (itimerdecr(&pstats->p_timer[ITIMER_PROF], + tick * cnt) == 0) + flags |= TDF_PROFPEND | TDF_ASTPENDING; + PROC_ITIMUNLOCK(p); + } + if (flags != 0) { + thread_lock(td); + td->td_flags |= flags; + thread_unlock(td); + } +} + void hardclock(int cnt, int usermode) { @@ -428,15 +458,14 @@ hardclock(int cnt, int usermode) struct thread *td = curthread; struct proc *p = td->td_proc; int *t = DPCPU_PTR(pcputicks); - int flags, global, newticks; - int i; + int global, i, newticks; /* * Update per-CPU and possibly global ticks values. */ *t += cnt; + global = ticks; do { - global = ticks; newticks = *t - global; if (newticks <= 0) { if (newticks < -1) @@ -444,33 +473,16 @@ hardclock(int cnt, int usermode) newticks = 0; break; } - } while (!atomic_cmpset_int(&ticks, global, *t)); + } while (!atomic_fcmpset_int(&ticks, &global, *t)); /* * Run current process's virtual and profile time, as needed. */ pstats = p->p_stats; - flags = 0; - if (usermode && - timevalisset(&pstats->p_timer[ITIMER_VIRTUAL].it_value)) { - PROC_ITIMLOCK(p); - if (itimerdecr(&pstats->p_timer[ITIMER_VIRTUAL], - tick * cnt) == 0) - flags |= TDF_ALRMPEND | TDF_ASTPENDING; - PROC_ITIMUNLOCK(p); - } - if (timevalisset(&pstats->p_timer[ITIMER_PROF].it_value)) { - PROC_ITIMLOCK(p); - if (itimerdecr(&pstats->p_timer[ITIMER_PROF], - tick * cnt) == 0) - flags |= TDF_PROFPEND | TDF_ASTPENDING; - PROC_ITIMUNLOCK(p); - } - if (flags != 0) { - thread_lock(td); - td->td_flags |= flags; - thread_unlock(td); - } + if (__predict_false( + timevalisset(&pstats->p_timer[ITIMER_VIRTUAL].it_value) || + timevalisset(&pstats->p_timer[ITIMER_PROF].it_value))) + hardclock_itimer(td, pstats, cnt, usermode); #ifdef HWPMC_HOOKS if (PMC_CPU_HAS_SAMPLES(PCPU_GET(cpuid))) diff --git a/sys/kern/kern_context.c b/sys/kern/kern_context.c index 3bd5f31082ac..516c54b75852 100644 --- a/sys/kern/kern_context.c +++ b/sys/kern/kern_context.c @@ -75,7 +75,6 @@ sys_getcontext(struct thread *td, struct getcontext_args *uap) PROC_LOCK(td->td_proc); uc.uc_sigmask = td->td_sigmask; PROC_UNLOCK(td->td_proc); - bzero(uc.__spare__, sizeof(uc.__spare__)); ret = copyout(&uc, uap->ucp, UC_COPY_SIZE); } return (ret); @@ -85,7 +84,7 @@ int sys_setcontext(struct thread *td, struct setcontext_args *uap) { ucontext_t uc; - int ret; + int ret; if (uap->ucp == NULL) ret = EINVAL; @@ -106,14 +105,13 @@ int sys_swapcontext(struct thread *td, struct swapcontext_args *uap) { ucontext_t uc; - int ret; + int ret; if (uap->oucp == NULL || uap->ucp == NULL) ret = EINVAL; else { bzero(&uc, sizeof(ucontext_t)); get_mcontext(td, &uc.uc_mcontext, GET_MC_CLEAR_RET); - bzero(uc.__spare__, sizeof(uc.__spare__)); PROC_LOCK(td->td_proc); uc.uc_sigmask = td->td_sigmask; PROC_UNLOCK(td->td_proc); diff --git a/sys/kern/kern_descrip.c b/sys/kern/kern_descrip.c index e0721a223eae..26196a57cf28 100644 --- a/sys/kern/kern_descrip.c +++ b/sys/kern/kern_descrip.c @@ -818,6 +818,7 @@ kern_dup(struct thread *td, u_int mode, int flags, int old, int new) p = td->td_proc; fdp = p->p_fd; + oioctls = NULL; MPASS((flags & ~(FDDUP_FLAG_CLOEXEC)) == 0); MPASS(mode < FDDUP_LASTMODE); @@ -877,10 +878,8 @@ kern_dup(struct thread *td, u_int mode, int flags, int old, int new) * the limit on the size of the file descriptor table. */ #ifdef RACCT - if (racct_enable) { - PROC_LOCK(p); - error = racct_set(p, RACCT_NOFILE, new + 1); - PROC_UNLOCK(p); + if (RACCT_ENABLED()) { + error = racct_set_unlocked(p, RACCT_NOFILE, new + 1); if (error != 0) { error = EMFILE; goto unlock; @@ -922,7 +921,6 @@ kern_dup(struct thread *td, u_int mode, int flags, int old, int new) #ifdef CAPABILITIES seq_write_end(&newfde->fde_seq); #endif - filecaps_free_finish(oioctls); td->td_retval[0] = new; error = 0; @@ -935,6 +933,7 @@ unlock: FILEDESC_XUNLOCK(fdp); } + filecaps_free_finish(oioctls); return (error); } @@ -1511,7 +1510,7 @@ filecaps_copy_prep(const struct filecaps *src) u_long *ioctls; size_t size; - if (src->fc_ioctls == NULL) + if (__predict_true(src->fc_ioctls == NULL)) return (NULL); KASSERT(src->fc_nioctls > 0, @@ -1529,7 +1528,7 @@ filecaps_copy_finish(const struct filecaps *src, struct filecaps *dst, size_t size; *dst = *src; - if (src->fc_ioctls == NULL) { + if (__predict_true(src->fc_ioctls == NULL)) { MPASS(ioctls == NULL); return; } @@ -1750,10 +1749,8 @@ fdalloc(struct thread *td, int minfd, int *result) if (fd >= fdp->fd_nfiles) { allocfd = min(fd * 2, maxfd); #ifdef RACCT - if (racct_enable) { - PROC_LOCK(p); - error = racct_set(p, RACCT_NOFILE, allocfd); - PROC_UNLOCK(p); + if (RACCT_ENABLED()) { + error = racct_set_unlocked(p, RACCT_NOFILE, allocfd); if (error != 0) return (EMFILE); } @@ -2265,11 +2262,8 @@ fdescfree(struct thread *td) MPASS(fdp != NULL); #ifdef RACCT - if (racct_enable) { - PROC_LOCK(p); - racct_set(p, RACCT_NOFILE, 0); - PROC_UNLOCK(p); - } + if (RACCT_ENABLED()) + racct_set_unlocked(p, RACCT_NOFILE, 0); #endif if (p->p_fdtol != NULL) @@ -2637,7 +2631,7 @@ fget_unlocked(struct filedesc *fdp, int fd, cap_rights_t *needrightsp, #endif fdt = fdp->fd_files; - if ((u_int)fd >= fdt->fdt_nfiles) + if (__predict_false((u_int)fd >= fdt->fdt_nfiles)) return (EBADF); /* * Fetch the descriptor locklessly. We avoid fdrop() races by diff --git a/sys/kern/kern_event.c b/sys/kern/kern_event.c index 1c487cdebda7..5a9d516df898 100644 --- a/sys/kern/kern_event.c +++ b/sys/kern/kern_event.c @@ -533,11 +533,12 @@ knote_fork(struct knlist *list, int pid) struct kevent kev; int error; - if (list == NULL) + MPASS(list != NULL); + KNL_ASSERT_LOCKED(list); + if (SLIST_EMPTY(&list->kl_list)) return; memset(&kev, 0, sizeof(kev)); - list->kl_lock(list->kl_lockarg); SLIST_FOREACH(kn, &list->kl_list, kn_selnext) { kq = kn->kn_kq; KQ_LOCK(kq); @@ -606,7 +607,6 @@ knote_fork(struct knlist *list, int pid) kn_leave_flux(kn); KQ_UNLOCK_FLUX(kq); } - list->kl_unlock(list->kl_lockarg); } /* diff --git a/sys/kern/kern_exec.c b/sys/kern/kern_exec.c index 208784f8a0d5..4220a47d8be7 100644 --- a/sys/kern/kern_exec.c +++ b/sys/kern/kern_exec.c @@ -345,9 +345,9 @@ kern_execve(struct thread *td, struct image_args *args, struct mac *mac_p) { AUDIT_ARG_ARGV(args->begin_argv, args->argc, - args->begin_envv - args->begin_argv); - AUDIT_ARG_ENVV(args->begin_envv, args->envc, - args->endp - args->begin_envv); + exec_args_get_begin_envv(args) - args->begin_argv); + AUDIT_ARG_ENVV(exec_args_get_begin_envv(args), args->envc, + args->endp - exec_args_get_begin_envv(args)); return (do_execve(td, args, mac_p)); } @@ -717,7 +717,7 @@ interpret: /* * Malloc things before we need locks. */ - i = imgp->args->begin_envv - imgp->args->begin_argv; + i = exec_args_get_begin_envv(imgp->args) - imgp->args->begin_argv; /* Cache arguments if they fit inside our allowance */ if (ps_arg_cache_limit >= i + sizeof(struct pargs)) { newargs = pargs_alloc(i); @@ -1171,9 +1171,8 @@ int exec_copyin_args(struct image_args *args, const char *fname, enum uio_seg segflg, char **argv, char **envv) { - u_long argp, envp; + u_long arg, env; int error; - size_t length; bzero(args, sizeof(*args)); if (argv == NULL) @@ -1190,67 +1189,43 @@ exec_copyin_args(struct image_args *args, const char *fname, /* * Copy the file name. */ - if (fname != NULL) { - args->fname = args->buf; - error = (segflg == UIO_SYSSPACE) ? - copystr(fname, args->fname, PATH_MAX, &length) : - copyinstr(fname, args->fname, PATH_MAX, &length); - if (error != 0) - goto err_exit; - } else - length = 0; - - args->begin_argv = args->buf + length; - args->endp = args->begin_argv; - args->stringspace = ARG_MAX; + error = exec_args_add_fname(args, fname, segflg); + if (error != 0) + goto err_exit; /* * extract arguments first */ for (;;) { - error = fueword(argv++, &argp); + error = fueword(argv++, &arg); if (error == -1) { error = EFAULT; goto err_exit; } - if (argp == 0) + if (arg == 0) break; - error = copyinstr((void *)(uintptr_t)argp, args->endp, - args->stringspace, &length); - if (error != 0) { - if (error == ENAMETOOLONG) - error = E2BIG; + error = exec_args_add_arg(args, (char *)(uintptr_t)arg, + UIO_USERSPACE); + if (error != 0) goto err_exit; - } - args->stringspace -= length; - args->endp += length; - args->argc++; } - args->begin_envv = args->endp; - /* * extract environment strings */ if (envv) { for (;;) { - error = fueword(envv++, &envp); + error = fueword(envv++, &env); if (error == -1) { error = EFAULT; goto err_exit; } - if (envp == 0) + if (env == 0) break; - error = copyinstr((void *)(uintptr_t)envp, - args->endp, args->stringspace, &length); - if (error != 0) { - if (error == ENAMETOOLONG) - error = E2BIG; + error = exec_args_add_env(args, + (char *)(uintptr_t)env, UIO_USERSPACE); + if (error != 0) goto err_exit; - } - args->stringspace -= length; - args->endp += length; - args->envc++; } } @@ -1305,8 +1280,6 @@ exec_copyin_data_fds(struct thread *td, struct image_args *args, /* No argument buffer provided. */ args->endp = args->begin_argv; } - /* There are no environment variables. */ - args->begin_envv = args->endp; /* Create new file descriptor table. */ kfds = malloc(fdslen * sizeof(int), M_TEMP, M_WAITOK); @@ -1463,6 +1436,126 @@ exec_free_args(struct image_args *args) } /* + * A set to functions to fill struct image args. + * + * NOTE: exec_args_add_fname() must be called (possibly with a NULL + * fname) before the other functions. All exec_args_add_arg() calls must + * be made before any exec_args_add_env() calls. exec_args_adjust_args() + * may be called any time after exec_args_add_fname(). + * + * exec_args_add_fname() - install path to be executed + * exec_args_add_arg() - append an argument string + * exec_args_add_env() - append an env string + * exec_args_adjust_args() - adjust location of the argument list to + * allow new arguments to be prepended + */ +int +exec_args_add_fname(struct image_args *args, const char *fname, + enum uio_seg segflg) +{ + int error; + size_t length; + + KASSERT(args->fname == NULL, ("fname already appended")); + KASSERT(args->endp == NULL, ("already appending to args")); + + if (fname != NULL) { + args->fname = args->buf; + error = segflg == UIO_SYSSPACE ? + copystr(fname, args->fname, PATH_MAX, &length) : + copyinstr(fname, args->fname, PATH_MAX, &length); + if (error != 0) + return (error == ENAMETOOLONG ? E2BIG : error); + } else + length = 0; + + /* Set up for _arg_*()/_env_*() */ + args->endp = args->buf + length; + /* begin_argv must be set and kept updated */ + args->begin_argv = args->endp; + KASSERT(exec_map_entry_size - length >= ARG_MAX, + ("too little space remaining for arguments %zu < %zu", + exec_map_entry_size - length, (size_t)ARG_MAX)); + args->stringspace = ARG_MAX; + + return (0); +} + +static int +exec_args_add_str(struct image_args *args, const char *str, + enum uio_seg segflg, int *countp) +{ + int error; + size_t length; + + KASSERT(args->endp != NULL, ("endp not initialized")); + KASSERT(args->begin_argv != NULL, ("begin_argp not initialized")); + + error = (segflg == UIO_SYSSPACE) ? + copystr(str, args->endp, args->stringspace, &length) : + copyinstr(str, args->endp, args->stringspace, &length); + if (error != 0) + return (error == ENAMETOOLONG ? E2BIG : error); + args->stringspace -= length; + args->endp += length; + (*countp)++; + + return (0); +} + +int +exec_args_add_arg(struct image_args *args, const char *argp, + enum uio_seg segflg) +{ + + KASSERT(args->envc == 0, ("appending args after env")); + + return (exec_args_add_str(args, argp, segflg, &args->argc)); +} + +int +exec_args_add_env(struct image_args *args, const char *envp, + enum uio_seg segflg) +{ + + if (args->envc == 0) + args->begin_envv = args->endp; + + return (exec_args_add_str(args, envp, segflg, &args->envc)); +} + +int +exec_args_adjust_args(struct image_args *args, size_t consume, ssize_t extend) +{ + ssize_t offset; + + KASSERT(args->endp != NULL, ("endp not initialized")); + KASSERT(args->begin_argv != NULL, ("begin_argp not initialized")); + + offset = extend - consume; + if (args->stringspace < offset) + return (E2BIG); + memmove(args->begin_argv + extend, args->begin_argv + consume, + args->endp - args->begin_argv + consume); + if (args->envc > 0) + args->begin_envv += offset; + args->endp += offset; + args->stringspace -= offset; + return (0); +} + +char * +exec_args_get_begin_envv(struct image_args *args) +{ + + KASSERT(args->endp != NULL, ("endp not initialized")); + + if (args->envc > 0) + return (args->begin_envv); + return (args->endp); +} + +/* * Copy strings out to the new process address space, constructing new arg * and env vector tables. Return a pointer to the base so that it can be used * as the initial stack pointer. diff --git a/sys/kern/kern_exit.c b/sys/kern/kern_exit.c index f88c7cf28f59..29016ca380a2 100644 --- a/sys/kern/kern_exit.c +++ b/sys/kern/kern_exit.c @@ -148,6 +148,27 @@ reaper_abandon_children(struct proc *p, bool exiting) } static void +reaper_clear(struct proc *p) +{ + struct proc *p1; + bool clear; + + sx_assert(&proctree_lock, SX_LOCKED); + LIST_REMOVE(p, p_reapsibling); + if (p->p_reapsubtree == 1) + return; + clear = true; + LIST_FOREACH(p1, &p->p_reaper->p_reaplist, p_reapsibling) { + if (p1->p_reapsubtree == p->p_reapsubtree) { + clear = false; + break; + } + } + if (clear) + proc_id_clear(PROC_ID_REAP, p->p_reapsubtree); +} + +static void clear_orphan(struct proc *p) { struct proc *p1; @@ -427,15 +448,18 @@ exit1(struct thread *td, int rval, int signo) WITNESS_WARN(WARN_PANIC, NULL, "process (pid %d) exiting", p->p_pid); - sx_xlock(&proctree_lock); /* * Move proc from allproc queue to zombproc. */ sx_xlock(&allproc_lock); + sx_xlock(&zombproc_lock); LIST_REMOVE(p, p_list); LIST_INSERT_HEAD(&zombproc, p, p_list); + sx_xunlock(&zombproc_lock); sx_xunlock(&allproc_lock); + sx_xlock(&proctree_lock); + /* * Reparent all children processes: * - traced ones to the original parent (or init if we are that parent) @@ -532,6 +556,17 @@ exit1(struct thread *td, int rval, int signo) PROC_UNLOCK(q); } +#ifdef KDTRACE_HOOKS + if (SDT_PROBES_ENABLED()) { + int reason = CLD_EXITED; + if (WCOREDUMP(signo)) + reason = CLD_DUMPED; + else if (WIFSIGNALED(signo)) + reason = CLD_KILLED; + SDT_PROBE1(proc, , , exit, reason); + } +#endif + /* Save exit status. */ PROC_LOCK(p); p->p_xthread = td; @@ -550,15 +585,6 @@ exit1(struct thread *td, int rval, int signo) */ KNOTE_LOCKED(p->p_klist, NOTE_EXIT); -#ifdef KDTRACE_HOOKS - int reason = CLD_EXITED; - if (WCOREDUMP(signo)) - reason = CLD_DUMPED; - else if (WIFSIGNALED(signo)) - reason = CLD_KILLED; - SDT_PROBE1(proc, , , exit, reason); -#endif - /* * If this is a process with a descriptor, we may not need to deliver * a signal to the parent. proctree_lock is held over @@ -871,15 +897,16 @@ proc_reap(struct thread *td, struct proc *p, int *status, int options) * Remove other references to this process to ensure we have an * exclusive reference. */ - sx_xlock(&allproc_lock); + sx_xlock(&zombproc_lock); LIST_REMOVE(p, p_list); /* off zombproc */ - sx_xunlock(&allproc_lock); + sx_xunlock(&zombproc_lock); sx_xlock(PIDHASHLOCK(p->p_pid)); LIST_REMOVE(p, p_hash); sx_xunlock(PIDHASHLOCK(p->p_pid)); LIST_REMOVE(p, p_sibling); reaper_abandon_children(p, true); - LIST_REMOVE(p, p_reapsibling); + reaper_clear(p); + proc_id_clear(PROC_ID_PID, p->p_pid); PROC_LOCK(p); clear_orphan(p); PROC_UNLOCK(p); diff --git a/sys/kern/kern_fork.c b/sys/kern/kern_fork.c index 050e4651d098..6bdf47510baf 100644 --- a/sys/kern/kern_fork.c +++ b/sys/kern/kern_fork.c @@ -44,6 +44,7 @@ __FBSDID("$FreeBSD$"); #include <sys/param.h> #include <sys/systm.h> +#include <sys/bitstring.h> #include <sys/sysproto.h> #include <sys/eventhandler.h> #include <sys/fcntl.h> @@ -232,19 +233,16 @@ sysctl_kern_randompid(SYSCTL_HANDLER_ARGS) SYSCTL_PROC(_kern, OID_AUTO, randompid, CTLTYPE_INT|CTLFLAG_RW, 0, 0, sysctl_kern_randompid, "I", "Random PID modulus. Special values: 0: disable, 1: choose random value"); +extern bitstr_t proc_id_pidmap; +extern bitstr_t proc_id_grpidmap; +extern bitstr_t proc_id_sessidmap; +extern bitstr_t proc_id_reapmap; + static int fork_findpid(int flags) { - struct proc *p; + pid_t result; int trypid; - static int pidchecked = 0; - - /* - * Requires allproc_lock in order to iterate over the list - * of processes, and proctree_lock to access p_pgrp. - */ - sx_assert(&allproc_lock, SX_LOCKED); - sx_assert(&proctree_lock, SX_LOCKED); /* * Find an unused process ID. We remember a range of unused IDs @@ -261,6 +259,7 @@ fork_findpid(int flags) if (randompid) trypid += arc4random() % randompid; } + mtx_lock(&procid_lock); retry: /* * If the process ID prototype has wrapped around, @@ -271,67 +270,30 @@ retry: trypid = trypid % pid_max; if (trypid < 100) trypid += 100; - pidchecked = 0; } - if (trypid >= pidchecked) { - int doingzomb = 0; - pidchecked = PID_MAX; - /* - * Scan the active and zombie procs to check whether this pid - * is in use. Remember the lowest pid that's greater - * than trypid, so we can avoid checking for a while. - * - * Avoid reuse of the process group id, session id or - * the reaper subtree id. Note that for process group - * and sessions, the amount of reserved pids is - * limited by process limit. For the subtree ids, the - * id is kept reserved only while there is a - * non-reaped process in the subtree, so amount of - * reserved pids is limited by process limit times - * two. - */ - p = LIST_FIRST(&allproc); -again: - for (; p != NULL; p = LIST_NEXT(p, p_list)) { - while (p->p_pid == trypid || - p->p_reapsubtree == trypid || - (p->p_pgrp != NULL && - (p->p_pgrp->pg_id == trypid || - (p->p_session != NULL && - p->p_session->s_sid == trypid)))) { - trypid++; - if (trypid >= pidchecked) - goto retry; - } - if (p->p_pid > trypid && pidchecked > p->p_pid) - pidchecked = p->p_pid; - if (p->p_pgrp != NULL) { - if (p->p_pgrp->pg_id > trypid && - pidchecked > p->p_pgrp->pg_id) - pidchecked = p->p_pgrp->pg_id; - if (p->p_session != NULL && - p->p_session->s_sid > trypid && - pidchecked > p->p_session->s_sid) - pidchecked = p->p_session->s_sid; - } - } - if (!doingzomb) { - doingzomb = 1; - p = LIST_FIRST(&zombproc); - goto again; - } + bit_ffc_at(&proc_id_pidmap, trypid, pid_max, &result); + if (result == -1) { + trypid = 100; + goto retry; + } + if (bit_test(&proc_id_grpidmap, result) || + bit_test(&proc_id_sessidmap, result) || + bit_test(&proc_id_reapmap, result)) { + trypid++; + goto retry; } /* * RFHIGHPID does not mess with the lastpid counter during boot. */ - if (flags & RFHIGHPID) - pidchecked = 0; - else - lastpid = trypid; + if ((flags & RFHIGHPID) == 0) + lastpid = result; + + bit_set(&proc_id_pidmap, result); + mtx_unlock(&procid_lock); - return (trypid); + return (result); } static int @@ -394,13 +356,11 @@ do_fork(struct thread *td, struct fork_req *fr, struct proc *p2, struct thread * struct filedesc_to_leader *fdtol; struct sigacts *newsigacts; - sx_assert(&proctree_lock, SX_LOCKED); sx_assert(&allproc_lock, SX_XLOCKED); p1 = td->td_proc; trypid = fork_findpid(fr->fr_flags); - p2->p_state = PRS_NEW; /* protect against others */ p2->p_pid = trypid; AUDIT_ARG_PID(p2->p_pid); @@ -413,7 +373,6 @@ do_fork(struct thread *td, struct fork_req *fr, struct proc *p2, struct thread * PROC_LOCK(p1); sx_xunlock(&allproc_lock); - sx_xunlock(&proctree_lock); bcopy(&p1->p_startcopy, &p2->p_startcopy, __rangeof(struct proc, p_startcopy, p_endcopy)); @@ -649,8 +608,10 @@ do_fork(struct thread *td, struct fork_req *fr, struct proc *p2, struct thread * LIST_INSERT_HEAD(&pptr->p_children, p2, p_sibling); LIST_INIT(&p2->p_reaplist); LIST_INSERT_HEAD(&p2->p_reaper->p_reaplist, p2, p_reapsibling); - if (p2->p_reaper == p1) + if (p2->p_reaper == p1 && p1 != initproc) { p2->p_reapsubtree = p2->p_pid; + proc_id_set_cond(PROC_ID_REAP, p2->p_pid); + } sx_xunlock(&proctree_lock); /* Inform accounting that we have forked. */ @@ -727,15 +688,15 @@ do_fork(struct thread *td, struct fork_req *fr, struct proc *p2, struct thread * PROC_UNLOCK(p2); /* - * Now can be swapped. + * Tell any interested parties about the new process. */ - _PRELE(p1); - PROC_UNLOCK(p1); + knote_fork(p1->p_klist, p2->p_pid); /* - * Tell any interested parties about the new process. + * Now can be swapped. */ - knote_fork(p1->p_klist, p2->p_pid); + _PRELE(p1); + PROC_UNLOCK(p1); SDT_PROBE3(proc, , , create, p2, p1, fr->fr_flags); if (fr->fr_flags & RFPROCDESC) { @@ -967,8 +928,6 @@ fork1(struct thread *td, struct fork_req *fr) newproc->p_klist = knlist_alloc(&newproc->p_mtx); STAILQ_INIT(&newproc->p_ktr); - /* We have to lock the process tree while we look for a pid. */ - sx_xlock(&proctree_lock); sx_xlock(&allproc_lock); /* @@ -991,7 +950,6 @@ fork1(struct thread *td, struct fork_req *fr) error = EAGAIN; sx_xunlock(&allproc_lock); - sx_xunlock(&proctree_lock); #ifdef MAC mac_proc_destroy(newproc); #endif diff --git a/sys/kern/kern_jail.c b/sys/kern/kern_jail.c index 35564477f002..8bef36c319c9 100644 --- a/sys/kern/kern_jail.c +++ b/sys/kern/kern_jail.c @@ -194,10 +194,14 @@ static struct bool_flags pr_flag_allow[NBBY * NBPW] = { {"allow.reserved_ports", "allow.noreserved_ports", PR_ALLOW_RESERVED_PORTS}, {"allow.read_msgbuf", "allow.noread_msgbuf", PR_ALLOW_READ_MSGBUF}, + {"allow.unprivileged_proc_debug", "allow.nounprivileged_proc_debug", + PR_ALLOW_UNPRIV_DEBUG}, }; const size_t pr_flag_allow_size = sizeof(pr_flag_allow); -#define JAIL_DEFAULT_ALLOW (PR_ALLOW_SET_HOSTNAME | PR_ALLOW_RESERVED_PORTS) +#define JAIL_DEFAULT_ALLOW (PR_ALLOW_SET_HOSTNAME | \ + PR_ALLOW_RESERVED_PORTS | \ + PR_ALLOW_UNPRIV_DEBUG) #define JAIL_DEFAULT_ENFORCE_STATFS 2 #define JAIL_DEFAULT_DEVFS_RSNUM 0 static unsigned jail_default_allow = JAIL_DEFAULT_ALLOW; @@ -498,6 +502,7 @@ kern_jail_set(struct thread *td, struct uio *optuio, int flags) int ip6s, redo_ip6; #endif uint64_t pr_allow, ch_allow, pr_flags, ch_flags; + uint64_t pr_allow_diff; unsigned tallow; char numbuf[12]; @@ -1530,7 +1535,8 @@ kern_jail_set(struct thread *td, struct uio *optuio, int flags) } } } - if (pr_allow & ~ppr->pr_allow) { + pr_allow_diff = pr_allow & ~ppr->pr_allow; + if (pr_allow_diff & ~PR_ALLOW_DIFFERENCES) { error = EPERM; goto done_deref_locked; } @@ -3783,6 +3789,8 @@ SYSCTL_JAIL_PARAM(_allow, reserved_ports, CTLTYPE_INT | CTLFLAG_RW, "B", "Jail may bind sockets to reserved ports"); SYSCTL_JAIL_PARAM(_allow, read_msgbuf, CTLTYPE_INT | CTLFLAG_RW, "B", "Jail may read the kernel message buffer"); +SYSCTL_JAIL_PARAM(_allow, unprivileged_proc_debug, CTLTYPE_INT | CTLFLAG_RW, + "B", "Unprivileged processes may use process debugging facilities"); SYSCTL_JAIL_PARAM_SUBNODE(allow, mount, "Jail mount/unmount permission flags"); SYSCTL_JAIL_PARAM(_allow_mount, , CTLTYPE_INT | CTLFLAG_RW, @@ -3834,10 +3842,16 @@ prison_add_allow(const char *prefix, const char *name, const char *prefix_descr, * Find a free bit in prison0's pr_allow, failing if there are none * (which shouldn't happen as long as we keep track of how many * potential dynamic flags exist). + * + * Due to per-jail unprivileged process debugging support + * using pr_allow, also verify against PR_ALLOW_ALL_STATIC. + * prison0 may have unprivileged process debugging unset. */ for (allow_flag = 1;; allow_flag <<= 1) { if (allow_flag == 0) goto no_add; + if (allow_flag & PR_ALLOW_ALL_STATIC) + continue; if ((prison0.pr_allow & allow_flag) == 0) break; } @@ -4009,13 +4023,11 @@ prison_racct_free_locked(struct prison_racct *prr) void prison_racct_free(struct prison_racct *prr) { - int old; ASSERT_RACCT_ENABLED(); sx_assert(&allprison_lock, SA_UNLOCKED); - old = prr->prr_refcount; - if (old > 1 && atomic_cmpset_int(&prr->prr_refcount, old, old - 1)) + if (refcount_release_if_not_last(&prr->prr_refcount)) return; sx_xlock(&allprison_lock); diff --git a/sys/kern/kern_lock.c b/sys/kern/kern_lock.c index 65a52340e59b..d844cfc47cc7 100644 --- a/sys/kern/kern_lock.c +++ b/sys/kern/kern_lock.c @@ -96,14 +96,14 @@ CTASSERT(LK_UNLOCKED == (LK_UNLOCKED & int _i = 0; \ WITNESS_SAVE_DECL(Giant) #define GIANT_RESTORE() do { \ - if (_i > 0) { \ + if (__predict_false(_i > 0)) { \ while (_i--) \ mtx_lock(&Giant); \ WITNESS_RESTORE(&Giant.lock_object, Giant); \ } \ } while (0) #define GIANT_SAVE() do { \ - if (mtx_owned(&Giant)) { \ + if (__predict_false(mtx_owned(&Giant))) { \ WITNESS_SAVE(&Giant.lock_object, Giant); \ while (mtx_owned(&Giant)) { \ _i++; \ diff --git a/sys/kern/kern_loginclass.c b/sys/kern/kern_loginclass.c index 0fce0cbabf01..e24129e5c69b 100644 --- a/sys/kern/kern_loginclass.c +++ b/sys/kern/kern_loginclass.c @@ -84,10 +84,8 @@ loginclass_hold(struct loginclass *lc) void loginclass_free(struct loginclass *lc) { - int old; - old = lc->lc_refcount; - if (old > 1 && atomic_cmpset_int(&lc->lc_refcount, old, old - 1)) + if (refcount_release_if_not_last(&lc->lc_refcount)) return; rw_wlock(&loginclasses_lock); diff --git a/sys/kern/kern_priv.c b/sys/kern/kern_priv.c index f58b2a5799ef..6e9e8cf9e049 100644 --- a/sys/kern/kern_priv.c +++ b/sys/kern/kern_priv.c @@ -166,6 +166,18 @@ priv_check_cred(struct ucred *cred, int priv, int flags) } /* + * Allow unprivileged process debugging on a per-jail basis. + * Do this here instead of prison_priv_check(), so it can also + * apply to prison0. + */ + if (priv == PRIV_DEBUG_UNPRIV) { + if (prison_allow(cred, PR_ALLOW_UNPRIV_DEBUG)) { + error = 0; + goto out; + } + } + + /* * Now check with MAC, if enabled, to see if a policy module grants * privilege. */ diff --git a/sys/kern/kern_proc.c b/sys/kern/kern_proc.c index 4dfa374ad3e6..351f64630932 100644 --- a/sys/kern/kern_proc.c +++ b/sys/kern/kern_proc.c @@ -41,6 +41,7 @@ __FBSDID("$FreeBSD$"); #include <sys/param.h> #include <sys/systm.h> +#include <sys/bitstring.h> #include <sys/elf.h> #include <sys/eventhandler.h> #include <sys/exec.h> @@ -125,8 +126,10 @@ u_long pgrphash; struct proclist allproc; struct proclist zombproc; struct sx __exclusive_cache_line allproc_lock; +struct sx __exclusive_cache_line zombproc_lock; struct sx __exclusive_cache_line proctree_lock; struct mtx __exclusive_cache_line ppeers_lock; +struct mtx __exclusive_cache_line procid_lock; uma_zone_t proc_zone; /* @@ -177,8 +180,10 @@ procinit(void) u_long i; sx_init(&allproc_lock, "allproc"); + sx_init(&zombproc_lock, "zombproc"); sx_init(&proctree_lock, "proctree"); mtx_init(&ppeers_lock, "p_peers", NULL, MTX_DEF); + mtx_init(&procid_lock, "procid", NULL, MTX_DEF); LIST_INIT(&allproc); LIST_INIT(&zombproc); pidhashtbl = hashinit(maxproc / 4, M_PROC, &pidhash); @@ -291,6 +296,62 @@ proc_fini(void *mem, int size) } /* + * PID space management. + * + * These bitmaps are used by fork_findpid. + */ +bitstr_t bit_decl(proc_id_pidmap, PID_MAX); +bitstr_t bit_decl(proc_id_grpidmap, PID_MAX); +bitstr_t bit_decl(proc_id_sessidmap, PID_MAX); +bitstr_t bit_decl(proc_id_reapmap, PID_MAX); + +static bitstr_t *proc_id_array[] = { + proc_id_pidmap, + proc_id_grpidmap, + proc_id_sessidmap, + proc_id_reapmap, +}; + +void +proc_id_set(int type, pid_t id) +{ + + KASSERT(type >= 0 && type < nitems(proc_id_array), + ("invalid type %d\n", type)); + mtx_lock(&procid_lock); + KASSERT(bit_test(proc_id_array[type], id) == 0, + ("bit %d already set in %d\n", id, type)); + bit_set(proc_id_array[type], id); + mtx_unlock(&procid_lock); +} + +void +proc_id_set_cond(int type, pid_t id) +{ + + KASSERT(type >= 0 && type < nitems(proc_id_array), + ("invalid type %d\n", type)); + if (bit_test(proc_id_array[type], id)) + return; + mtx_lock(&procid_lock); + bit_set(proc_id_array[type], id); + mtx_unlock(&procid_lock); +} + +void +proc_id_clear(int type, pid_t id) +{ + + KASSERT(type >= 0 && type < nitems(proc_id_array), + ("invalid type %d\n", type)); + mtx_lock(&procid_lock); + KASSERT(bit_test(proc_id_array[type], id) != 0, + ("bit %d not set in %d\n", id, type)); + bit_clear(proc_id_array[type], id); + mtx_unlock(&procid_lock); +} + +/* * Is p an inferior of the current process? */ int @@ -493,6 +554,7 @@ enterpgrp(struct proc *p, pid_t pgid, struct pgrp *pgrp, struct session *sess) PGRP_LOCK(pgrp); sess->s_leader = p; sess->s_sid = p->p_pid; + proc_id_set(PROC_ID_SESSION, p->p_pid); refcount_init(&sess->s_count, 1); sess->s_ttyvp = NULL; sess->s_ttydp = NULL; @@ -508,6 +570,7 @@ enterpgrp(struct proc *p, pid_t pgid, struct pgrp *pgrp, struct session *sess) PGRP_LOCK(pgrp); } pgrp->pg_id = pgid; + proc_id_set(PROC_ID_GROUP, p->p_pid); LIST_INIT(&pgrp->pg_members); /* @@ -638,6 +701,7 @@ pgdelete(struct pgrp *pgrp) tty_rel_pgrp(tp, pgrp); } + proc_id_clear(PROC_ID_GROUP, pgrp->pg_id); mtx_destroy(&pgrp->pg_mtx); free(pgrp, M_PGRP); sess_release(savesess); @@ -822,6 +886,7 @@ sess_release(struct session *s) tty_lock(s->s_ttyp); tty_rel_sess(s->s_ttyp, s); } + proc_id_clear(PROC_ID_SESSION, s->s_sid); mtx_destroy(&s->s_mtx); free(s, M_SESSION); } @@ -1194,14 +1259,14 @@ zpfind(pid_t pid) { struct proc *p; - sx_slock(&allproc_lock); + sx_slock(&zombproc_lock); LIST_FOREACH(p, &zombproc, p_list) { if (p->p_pid == pid) { PROC_LOCK(p); break; } } - sx_sunlock(&allproc_lock); + sx_sunlock(&zombproc_lock); return (p); } @@ -2217,43 +2282,11 @@ sysctl_kern_proc_ovmmap(SYSCTL_HANDLER_ARGS) freepath = NULL; fullpath = ""; if (lobj) { - vp = NULL; - switch (lobj->type) { - case OBJT_DEFAULT: - kve->kve_type = KVME_TYPE_DEFAULT; - break; - case OBJT_VNODE: - kve->kve_type = KVME_TYPE_VNODE; - vp = lobj->handle; - vref(vp); - break; - case OBJT_SWAP: - if ((lobj->flags & OBJ_TMPFS_NODE) != 0) { - kve->kve_type = KVME_TYPE_VNODE; - if ((lobj->flags & OBJ_TMPFS) != 0) { - vp = lobj->un_pager.swp.swp_tmpfs; - vref(vp); - } - } else { - kve->kve_type = KVME_TYPE_SWAP; - } - break; - case OBJT_DEVICE: - kve->kve_type = KVME_TYPE_DEVICE; - break; - case OBJT_PHYS: - kve->kve_type = KVME_TYPE_PHYS; - break; - case OBJT_DEAD: - kve->kve_type = KVME_TYPE_DEAD; - break; - case OBJT_SG: - kve->kve_type = KVME_TYPE_SG; - break; - default: + kve->kve_type = vm_object_kvme_type(lobj, &vp); + if (kve->kve_type == KVME_TYPE_MGTDEVICE) kve->kve_type = KVME_TYPE_UNKNOWN; - break; - } + if (vp != NULL) + vref(vp); if (lobj != obj) VM_OBJECT_RUNLOCK(lobj); @@ -2461,46 +2494,9 @@ kern_proc_vmmap_out(struct proc *p, struct sbuf *sb, ssize_t maxlen, int flags) freepath = NULL; fullpath = ""; if (lobj != NULL) { - vp = NULL; - switch (lobj->type) { - case OBJT_DEFAULT: - kve->kve_type = KVME_TYPE_DEFAULT; - break; - case OBJT_VNODE: - kve->kve_type = KVME_TYPE_VNODE; - vp = lobj->handle; + kve->kve_type = vm_object_kvme_type(lobj, &vp); + if (vp != NULL) vref(vp); - break; - case OBJT_SWAP: - if ((lobj->flags & OBJ_TMPFS_NODE) != 0) { - kve->kve_type = KVME_TYPE_VNODE; - if ((lobj->flags & OBJ_TMPFS) != 0) { - vp = lobj->un_pager.swp.swp_tmpfs; - vref(vp); - } - } else { - kve->kve_type = KVME_TYPE_SWAP; - } - break; - case OBJT_DEVICE: - kve->kve_type = KVME_TYPE_DEVICE; - break; - case OBJT_PHYS: - kve->kve_type = KVME_TYPE_PHYS; - break; - case OBJT_DEAD: - kve->kve_type = KVME_TYPE_DEAD; - break; - case OBJT_SG: - kve->kve_type = KVME_TYPE_SG; - break; - case OBJT_MGTDEVICE: - kve->kve_type = KVME_TYPE_MGTDEVICE; - break; - default: - kve->kve_type = KVME_TYPE_UNKNOWN; - break; - } if (lobj != obj) VM_OBJECT_RUNLOCK(lobj); diff --git a/sys/kern/kern_prot.c b/sys/kern/kern_prot.c index 800d03e06574..f557aacd9e02 100644 --- a/sys/kern/kern_prot.c +++ b/sys/kern/kern_prot.c @@ -1630,19 +1630,47 @@ p_cansched(struct thread *td, struct proc *p) } /* + * Handle getting or setting the prison's unprivileged_proc_debug + * value. + */ +static int +sysctl_unprivileged_proc_debug(SYSCTL_HANDLER_ARGS) +{ + struct prison *pr; + int error, val; + + val = prison_allow(req->td->td_ucred, PR_ALLOW_UNPRIV_DEBUG) != 0; + error = sysctl_handle_int(oidp, &val, 0, req); + if (error != 0 || req->newptr == NULL) + return (error); + pr = req->td->td_ucred->cr_prison; + mtx_lock(&pr->pr_mtx); + switch (val) { + case 0: + pr->pr_allow &= ~(PR_ALLOW_UNPRIV_DEBUG); + break; + case 1: + pr->pr_allow |= PR_ALLOW_UNPRIV_DEBUG; + break; + default: + error = EINVAL; + } + mtx_unlock(&pr->pr_mtx); + + return (error); +} + +/* * The 'unprivileged_proc_debug' flag may be used to disable a variety of * unprivileged inter-process debugging services, including some procfs * functionality, ptrace(), and ktrace(). In the past, inter-process * debugging has been involved in a variety of security problems, and sites * not requiring the service might choose to disable it when hardening * systems. - * - * XXX: Should modifying and reading this variable require locking? - * XXX: data declarations should be together near the beginning of the file. */ -static int unprivileged_proc_debug = 1; -SYSCTL_INT(_security_bsd, OID_AUTO, unprivileged_proc_debug, CTLFLAG_RW, - &unprivileged_proc_debug, 0, +SYSCTL_PROC(_security_bsd, OID_AUTO, unprivileged_proc_debug, + CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_PRISON | CTLFLAG_SECURE, 0, 0, + sysctl_unprivileged_proc_debug, "I", "Unprivileged processes may use process debugging facilities"); /*- @@ -1660,11 +1688,8 @@ p_candebug(struct thread *td, struct proc *p) KASSERT(td == curthread, ("%s: td not curthread", __func__)); PROC_LOCK_ASSERT(p, MA_OWNED); - if (!unprivileged_proc_debug) { - error = priv_check(td, PRIV_DEBUG_UNPRIV); - if (error) - return (error); - } + if ((error = priv_check(td, PRIV_DEBUG_UNPRIV))) + return (error); if (td->td_proc == p) return (0); if ((error = prison_check(td->td_ucred, p->p_ucred))) diff --git a/sys/kern/kern_racct.c b/sys/kern/kern_racct.c index 644d514bb08e..a25d7fa8da52 100644 --- a/sys/kern/kern_racct.c +++ b/sys/kern/kern_racct.c @@ -74,13 +74,13 @@ FEATURE(racct, "Resource Accounting"); */ static int pcpu_threshold = 1; #ifdef RACCT_DEFAULT_TO_DISABLED -int racct_enable = 0; +bool __read_frequently racct_enable = false; #else -int racct_enable = 1; +bool __read_frequently racct_enable = true; #endif SYSCTL_NODE(_kern, OID_AUTO, racct, CTLFLAG_RW, 0, "Resource Accounting"); -SYSCTL_UINT(_kern_racct, OID_AUTO, enable, CTLFLAG_RDTUN, &racct_enable, +SYSCTL_BOOL(_kern_racct, OID_AUTO, enable, CTLFLAG_RDTUN, &racct_enable, 0, "Enable RACCT/RCTL"); SYSCTL_UINT(_kern_racct, OID_AUTO, pcpu_threshold, CTLFLAG_RW, &pcpu_threshold, 0, "Processes with higher %cpu usage than this value can be throttled."); @@ -726,6 +726,18 @@ racct_set_locked(struct proc *p, int resource, uint64_t amount, int force) * even if it's above the limit. */ int +racct_set_unlocked(struct proc *p, int resource, uint64_t amount) +{ + int error; + + ASSERT_RACCT_ENABLED(); + PROC_LOCK(p); + error = racct_set(p, resource, amount); + PROC_UNLOCK(p); + return (error); +} + +int racct_set(struct proc *p, int resource, uint64_t amount) { int error; @@ -1087,6 +1099,22 @@ racct_move(struct racct *dest, struct racct *src) RACCT_UNLOCK(); } +void +racct_proc_throttled(struct proc *p) +{ + + ASSERT_RACCT_ENABLED(); + + PROC_LOCK(p); + while (p->p_throttled != 0) { + msleep(p->p_racct, &p->p_mtx, 0, "racct", + p->p_throttled < 0 ? 0 : p->p_throttled); + if (p->p_throttled > 0) + p->p_throttled = 0; + } + PROC_UNLOCK(p); +} + /* * Make the process sleep in userret() for 'timeout' ticks. Setting * timeout to -1 makes it sleep until woken up by racct_proc_wakeup(). @@ -1228,11 +1256,13 @@ racctd(void) sx_slock(&allproc_lock); + sx_slock(&zombproc_lock); LIST_FOREACH(p, &zombproc, p_list) { PROC_LOCK(p); racct_set(p, RACCT_PCTCPU, 0); PROC_UNLOCK(p); } + sx_sunlock(&zombproc_lock); FOREACH_PROC_IN_SYSTEM(p) { PROC_LOCK(p); diff --git a/sys/kern/kern_resource.c b/sys/kern/kern_resource.c index 271339e5c4c4..a48a7df8cfdb 100644 --- a/sys/kern/kern_resource.c +++ b/sys/kern/kern_resource.c @@ -1323,14 +1323,10 @@ uihold(struct uidinfo *uip) void uifree(struct uidinfo *uip) { - int old; - /* Prepare for optimal case. */ - old = uip->ui_ref; - if (old > 1 && atomic_cmpset_int(&uip->ui_ref, old, old - 1)) + if (refcount_release_if_not_last(&uip->ui_ref)) return; - /* Prepare for suboptimal case. */ rw_wlock(&uihashtbl_lock); if (refcount_release(&uip->ui_ref) == 0) { rw_wunlock(&uihashtbl_lock); diff --git a/sys/kern/kern_sig.c b/sys/kern/kern_sig.c index 0817bb618c1c..2ed7d36f2c33 100644 --- a/sys/kern/kern_sig.c +++ b/sys/kern/kern_sig.c @@ -615,20 +615,25 @@ signotify(struct thread *td) } } +/* + * Returns 1 (true) if altstack is configured for the thread, and the + * passed stack bottom address falls into the altstack range. Handles + * the 43 compat special case where the alt stack size is zero. + */ int sigonstack(size_t sp) { - struct thread *td = curthread; + struct thread *td; - return ((td->td_pflags & TDP_ALTSTACK) ? + td = curthread; + if ((td->td_pflags & TDP_ALTSTACK) == 0) + return (0); #if defined(COMPAT_43) - ((td->td_sigstk.ss_size == 0) ? - (td->td_sigstk.ss_flags & SS_ONSTACK) : - ((sp - (size_t)td->td_sigstk.ss_sp) < td->td_sigstk.ss_size)) -#else - ((sp - (size_t)td->td_sigstk.ss_sp) < td->td_sigstk.ss_size) + if (td->td_sigstk.ss_size == 0) + return ((td->td_sigstk.ss_flags & SS_ONSTACK) != 0); #endif - : 0); + return (sp >= (size_t)td->td_sigstk.ss_sp && + sp < td->td_sigstk.ss_size + (size_t)td->td_sigstk.ss_sp); } static __inline int diff --git a/sys/kern/kern_sx.c b/sys/kern/kern_sx.c index 600a3d03558a..d0ada0956155 100644 --- a/sys/kern/kern_sx.c +++ b/sys/kern/kern_sx.c @@ -71,8 +71,6 @@ __FBSDID("$FreeBSD$"); #define ADAPTIVE_SX #endif -CTASSERT((SX_NOADAPTIVE & LO_CLASSFLAGS) == SX_NOADAPTIVE); - #ifdef HWPMC_HOOKS #include <sys/pmckern.h> PMC_SOFT_DECLARE( , , lock, failed); @@ -233,7 +231,7 @@ sx_init_flags(struct sx *sx, const char *description, int opts) int flags; MPASS((opts & ~(SX_QUIET | SX_RECURSE | SX_NOWITNESS | SX_DUPOK | - SX_NOPROFILE | SX_NOADAPTIVE | SX_NEW)) == 0); + SX_NOPROFILE | SX_NEW)) == 0); ASSERT_ATOMIC_LOAD_PTR(sx->sx_lock, ("%s: sx_lock not aligned for %s: %p", __func__, description, &sx->sx_lock)); @@ -252,7 +250,6 @@ sx_init_flags(struct sx *sx, const char *description, int opts) if (opts & SX_NEW) flags |= LO_NEW; - flags |= opts & SX_NOADAPTIVE; lock_init(&sx->lock_object, &lock_class_sx, description, NULL, flags); sx->sx_lock = SX_LOCK_UNLOCKED; sx->sx_recurse = 0; @@ -572,7 +569,6 @@ _sx_xlock_hard(struct sx *sx, uintptr_t x, int opts LOCK_FILE_LINE_ARG_DEF) volatile struct thread *owner; u_int i, n, spintries = 0; enum { READERS, WRITER } sleep_reason = READERS; - bool adaptive; bool in_critical = false; #endif #ifdef LOCK_PROFILING @@ -642,10 +638,6 @@ _sx_xlock_hard(struct sx *sx, uintptr_t x, int opts LOCK_FILE_LINE_ARG_DEF) CTR5(KTR_LOCK, "%s: %s contested (lock=%p) at %s:%d", __func__, sx->lock_object.lo_name, (void *)sx->sx_lock, file, line); -#ifdef ADAPTIVE_SX - adaptive = ((sx->lock_object.lo_flags & SX_NOADAPTIVE) == 0); -#endif - #ifdef HWPMC_HOOKS PMC_SOFT_CALL( , , lock, failed); #endif @@ -669,8 +661,6 @@ _sx_xlock_hard(struct sx *sx, uintptr_t x, int opts LOCK_FILE_LINE_ARG_DEF) lda.spin_cnt++; #endif #ifdef ADAPTIVE_SX - if (__predict_false(!adaptive)) - goto sleepq; /* * If the lock is write locked and the owner is * running on another CPU, spin until the owner stops @@ -762,20 +752,18 @@ retry_sleepq: * chain lock. If so, drop the sleep queue lock and try * again. */ - if (adaptive) { - if (!(x & SX_LOCK_SHARED)) { - owner = (struct thread *)SX_OWNER(x); - if (TD_IS_RUNNING(owner)) { - sleepq_release(&sx->lock_object); - sx_drop_critical(x, &in_critical, - &extra_work); - continue; - } - } else if (SX_SHARERS(x) > 0 && sleep_reason == WRITER) { + if (!(x & SX_LOCK_SHARED)) { + owner = (struct thread *)SX_OWNER(x); + if (TD_IS_RUNNING(owner)) { sleepq_release(&sx->lock_object); - sx_drop_critical(x, &in_critical, &extra_work); + sx_drop_critical(x, &in_critical, + &extra_work); continue; } + } else if (SX_SHARERS(x) > 0 && sleep_reason == WRITER) { + sleepq_release(&sx->lock_object); + sx_drop_critical(x, &in_critical, &extra_work); + continue; } #endif @@ -1021,7 +1009,6 @@ _sx_slock_hard(struct sx *sx, int opts, uintptr_t x LOCK_FILE_LINE_ARG_DEF) #ifdef ADAPTIVE_SX volatile struct thread *owner; u_int i, n, spintries = 0; - bool adaptive; #endif #ifdef LOCK_PROFILING uint64_t waittime = 0; @@ -1066,10 +1053,6 @@ _sx_slock_hard(struct sx *sx, int opts, uintptr_t x LOCK_FILE_LINE_ARG_DEF) lock_delay_arg_init(&lda, NULL); #endif -#ifdef ADAPTIVE_SX - adaptive = ((sx->lock_object.lo_flags & SX_NOADAPTIVE) == 0); -#endif - #ifdef HWPMC_HOOKS PMC_SOFT_CALL( , , lock, failed); #endif @@ -1095,9 +1078,6 @@ _sx_slock_hard(struct sx *sx, int opts, uintptr_t x LOCK_FILE_LINE_ARG_DEF) #endif #ifdef ADAPTIVE_SX - if (__predict_false(!adaptive)) - goto sleepq; - /* * If the owner is running on another CPU, spin until * the owner stops running or the state of the lock @@ -1154,7 +1134,6 @@ _sx_slock_hard(struct sx *sx, int opts, uintptr_t x LOCK_FILE_LINE_ARG_DEF) continue; } } -sleepq: #endif /* @@ -1176,7 +1155,7 @@ retry_sleepq: * the owner stops running or the state of the lock * changes. */ - if (!(x & SX_LOCK_SHARED) && adaptive) { + if (!(x & SX_LOCK_SHARED)) { owner = (struct thread *)SX_OWNER(x); if (TD_IS_RUNNING(owner)) { sleepq_release(&sx->lock_object); diff --git a/sys/kern/kern_synch.c b/sys/kern/kern_synch.c index 6d57425a9e06..7d6340cba411 100644 --- a/sys/kern/kern_synch.c +++ b/sys/kern/kern_synch.c @@ -431,7 +431,7 @@ mi_switch(int flags, struct thread *newtd) CTR4(KTR_PROC, "mi_switch: old thread %ld (td_sched %p, pid %ld, %s)", td->td_tid, td_get_sched(td), td->td_proc->p_pid, td->td_name); #ifdef KDTRACE_HOOKS - if (__predict_false(sdt_probes_enabled) && + if (SDT_PROBES_ENABLED() && ((flags & SW_PREEMPT) != 0 || ((flags & SW_INVOL) != 0 && (flags & SW_TYPE_MASK) == SWT_NEEDRESCHED))) SDT_PROBE0(sched, , , preempt); diff --git a/sys/kern/kern_umtx.c b/sys/kern/kern_umtx.c index c704cbb1d6bc..0710dff06762 100644 --- a/sys/kern/kern_umtx.c +++ b/sys/kern/kern_umtx.c @@ -3796,6 +3796,9 @@ umtx_shm_object_terminated(vm_object_t object) struct umtx_shm_reg *reg, *reg1; bool dofree; + if (LIST_EMPTY(USHM_OBJ_UMTX(object))) + return; + dofree = false; mtx_lock(&umtx_shm_lock); LIST_FOREACH_SAFE(reg, USHM_OBJ_UMTX(object), ushm_obj_link, reg1) { diff --git a/sys/kern/kern_xxx.c b/sys/kern/kern_xxx.c index 9db3b439589a..c170d4dbe29d 100644 --- a/sys/kern/kern_xxx.c +++ b/sys/kern/kern_xxx.c @@ -50,15 +50,8 @@ __FBSDID("$FreeBSD$"); #if defined(COMPAT_43) -#ifndef _SYS_SYSPROTO_H_ -struct gethostname_args { - char *hostname; - u_int len; -}; -#endif -/* ARGSUSED */ int -ogethostname(struct thread *td, struct gethostname_args *uap) +ogethostname(struct thread *td, struct ogethostname_args *uap) { int name[2]; size_t len = uap->len; @@ -69,15 +62,8 @@ ogethostname(struct thread *td, struct gethostname_args *uap) 1, 0, 0, 0, 0)); } -#ifndef _SYS_SYSPROTO_H_ -struct sethostname_args { - char *hostname; - u_int len; -}; -#endif -/* ARGSUSED */ int -osethostname(struct thread *td, struct sethostname_args *uap) +osethostname(struct thread *td, struct osethostname_args *uap) { int name[2]; @@ -104,15 +90,7 @@ ogethostid(struct thread *td, struct ogethostid_args *uap) return (kernel_sysctl(td, name, 2, (long *)td->td_retval, &len, NULL, 0, NULL, 0)); } -#endif /* COMPAT_43 */ -#ifdef COMPAT_43 -#ifndef _SYS_SYSPROTO_H_ -struct osethostid_args { - long hostid; -}; -#endif -/* ARGSUSED */ int osethostid(struct thread *td, struct osethostid_args *uap) { @@ -187,16 +165,8 @@ static struct { */ static char bsdi_strings[80]; /* It had better be less than this! */ -#ifndef _SYS_SYSPROTO_H_ -struct getkerninfo_args { - int op; - char *where; - size_t *size; - int arg; -}; -#endif int -ogetkerninfo(struct thread *td, struct getkerninfo_args *uap) +ogetkerninfo(struct thread *td, struct ogetkerninfo_args *uap) { int error, name[6]; size_t size; diff --git a/sys/kern/subr_blist.c b/sys/kern/subr_blist.c index 21a1ab033535..b58273be956e 100644 --- a/sys/kern/subr_blist.c +++ b/sys/kern/subr_blist.c @@ -295,9 +295,9 @@ blist_alloc(blist_t bl, daddr_t count) * This loop iterates at most twice. An allocation failure in the * first iteration leads to a second iteration only if the cursor was * non-zero. When the cursor is zero, an allocation failure will - * reduce the hint, stopping further iterations. + * stop further iterations. */ - while (count <= bl->bl_root->bm_bighint) { + for (;;) { blk = blst_meta_alloc(bl->bl_root, bl->bl_cursor, count, bl->bl_radix); if (blk != SWAPBLK_NONE) { @@ -306,10 +306,10 @@ blist_alloc(blist_t bl, daddr_t count) if (bl->bl_cursor == bl->bl_blocks) bl->bl_cursor = 0; return (blk); - } + } else if (bl->bl_cursor == 0) + return (SWAPBLK_NONE); bl->bl_cursor = 0; } - return (SWAPBLK_NONE); } /* diff --git a/sys/kern/subr_syscall.c b/sys/kern/subr_syscall.c index 9bfd4e965da2..dda0b214fba0 100644 --- a/sys/kern/subr_syscall.c +++ b/sys/kern/subr_syscall.c @@ -66,7 +66,7 @@ syscallenter(struct thread *td) sa = &td->td_sa; td->td_pticks = 0; - if (td->td_cowgen != p->p_cowgen) + if (__predict_false(td->td_cowgen != p->p_cowgen)) thread_cow_update(td); traced = (p->p_flag & P_TRACED) != 0; if (traced || td->td_dbgflags & TDB_USERWR) { diff --git a/sys/kern/subr_trap.c b/sys/kern/subr_trap.c index 72a0b8f8d481..2dee196f2a02 100644 --- a/sys/kern/subr_trap.c +++ b/sys/kern/subr_trap.c @@ -198,16 +198,8 @@ userret(struct thread *td, struct trapframe *frame) (td->td_vnet_lpush != NULL) ? td->td_vnet_lpush : "N/A")); #endif #ifdef RACCT - if (racct_enable && p->p_throttled != 0) { - PROC_LOCK(p); - while (p->p_throttled != 0) { - msleep(p->p_racct, &p->p_mtx, 0, "racct", - p->p_throttled < 0 ? 0 : p->p_throttled); - if (p->p_throttled > 0) - p->p_throttled = 0; - } - PROC_UNLOCK(p); - } + if (__predict_false(racct_enable && p->p_throttled != 0)) + racct_proc_throttled(p); #endif } diff --git a/sys/kern/sys_capability.c b/sys/kern/sys_capability.c index f2dd750bffa9..807521f55f3f 100644 --- a/sys/kern/sys_capability.c +++ b/sys/kern/sys_capability.c @@ -86,7 +86,7 @@ __FBSDID("$FreeBSD$"); #include <vm/vm.h> bool __read_frequently trap_enotcap; -SYSCTL_BOOL(_kern, OID_AUTO, trap_enotcap, CTLFLAG_RW, &trap_enotcap, 0, +SYSCTL_BOOL(_kern, OID_AUTO, trap_enotcap, CTLFLAG_RWTUN, &trap_enotcap, 0, "Deliver SIGTRAP on ENOTCAPABLE"); #ifdef CAPABILITY_MODE diff --git a/sys/kern/sys_process.c b/sys/kern/sys_process.c index 9198174d0eaa..4ea64fa0ec07 100644 --- a/sys/kern/sys_process.c +++ b/sys/kern/sys_process.c @@ -541,6 +541,9 @@ struct ptrace_args { * copyin(uap->addr, &r.reg32, sizeof r.reg32); * .. except this is done at runtime. */ +#define BZERO(a, s) wrap32 ? \ + bzero(a ## 32, s ## 32) : \ + bzero(a, s) #define COPYIN(u, k, s) wrap32 ? \ copyin(u, k ## 32, s ## 32) : \ copyin(u, k, s) @@ -548,6 +551,7 @@ struct ptrace_args { copyout(k ## 32, u, s ## 32) : \ copyout(k, u, s) #else +#define BZERO(a, s) bzero(a, s) #define COPYIN(u, k, s) copyin(u, k, s) #define COPYOUT(k, u, s) copyout(k, u, s) #endif @@ -573,7 +577,7 @@ sys_ptrace(struct thread *td, struct ptrace_args *uap) struct ptrace_lwpinfo32 pl32; struct ptrace_vm_entry32 pve32; #endif - char args[nitems(td->td_sa.args) * sizeof(register_t)]; + char args[sizeof(td->td_sa.args)]; int ptevents; } r; void *addr; @@ -590,11 +594,17 @@ sys_ptrace(struct thread *td, struct ptrace_args *uap) addr = &r; switch (uap->req) { case PT_GET_EVENT_MASK: + case PT_LWPINFO: + case PT_GET_SC_ARGS: + break; case PT_GETREGS: + BZERO(&r.reg, sizeof r.reg); + break; case PT_GETFPREGS: + BZERO(&r.fpreg, sizeof r.fpreg); + break; case PT_GETDBREGS: - case PT_LWPINFO: - case PT_GET_SC_ARGS: + BZERO(&r.dbreg, sizeof r.dbreg); break; case PT_SETREGS: error = COPYIN(uap->addr, &r.reg, sizeof r.reg); @@ -662,6 +672,7 @@ sys_ptrace(struct thread *td, struct ptrace_args *uap) } #undef COPYIN #undef COPYOUT +#undef BZERO #ifdef COMPAT_FREEBSD32 /* diff --git a/sys/kern/syscalls.c b/sys/kern/syscalls.c index 8e74163fe6d8..577859abe111 100644 --- a/sys/kern/syscalls.c +++ b/sys/kern/syscalls.c @@ -570,4 +570,8 @@ const char *syscallnames[] = { "cpuset_getdomain", /* 561 = cpuset_getdomain */ "cpuset_setdomain", /* 562 = cpuset_setdomain */ "getrandom", /* 563 = getrandom */ + "getfhat", /* 564 = getfhat */ + "fhlink", /* 565 = fhlink */ + "fhlinkat", /* 566 = fhlinkat */ + "fhreadlink", /* 567 = fhreadlink */ }; diff --git a/sys/kern/syscalls.master b/sys/kern/syscalls.master index 384f297dac27..03897946b475 100644 --- a/sys/kern/syscalls.master +++ b/sys/kern/syscalls.master @@ -453,10 +453,10 @@ _Inout_opt_ size_t *size, int arg ); - } getkerninfo getkerninfo_args int + } 64 AUE_NULL COMPAT { int getpagesize(void); - } getpagesize getpagesize_args int + } 65 AUE_MSYNC STD { int msync( _In_ void *addr, @@ -570,13 +570,13 @@ _Out_writes_z_(len) char *hostname, u_int len ); - } gethostname gethostname_args int + } 88 AUE_SYSCTL COMPAT { int sethostname( _In_reads_z_(len) char *hostname, u_int len ); - } sethostname sethostname_args int + } 89 AUE_GETDTABLESIZE STD { int getdtablesize(void); } @@ -632,13 +632,13 @@ int namelen ); } -99 AUE_ACCEPT COMPAT|NOARGS { +99 AUE_ACCEPT COMPAT { int accept( int s, _Out_writes_bytes_opt_(*anamelen) struct sockaddr *name, int *anamelen ); - } accept accept_args int + } 100 AUE_GETPRIORITY STD { int getpriority( int which, @@ -3139,6 +3139,34 @@ unsigned int flags ); } +564 AUE_NULL STD { + int getfhat( + int fd, + _In_z_ char *path, + _Out_ struct fhandle *fhp, + int flags + ); + } +565 AUE_NULL STD { + int fhlink( + _In_ struct fhandle *fhp, + _In_z_ const char *to + ); + } +566 AUE_NULL STD { + int fhlinkat( + _In_ struct fhandle *fhp, + int tofd, + _In_z_ const char *to, + ); + } +567 AUE_NULL STD { + int fhreadlink( + _In_ struct fhandle *fhp, + _Out_writes_(bufsize) char *buf, + size_t bufsize + ); + } ; Please copy any additions and changes to the following compatability tables: ; sys/compat/freebsd32/syscalls.master diff --git a/sys/kern/systrace_args.c b/sys/kern/systrace_args.c index 58e616056d54..d570f0a50fbc 100644 --- a/sys/kern/systrace_args.c +++ b/sys/kern/systrace_args.c @@ -3266,6 +3266,42 @@ systrace_args(int sysnum, void *params, uint64_t *uarg, int *n_args) *n_args = 3; break; } + /* getfhat */ + case 564: { + struct getfhat_args *p = params; + iarg[0] = p->fd; /* int */ + uarg[1] = (intptr_t) p->path; /* char * */ + uarg[2] = (intptr_t) p->fhp; /* struct fhandle * */ + iarg[3] = p->flags; /* int */ + *n_args = 4; + break; + } + /* fhlink */ + case 565: { + struct fhlink_args *p = params; + uarg[0] = (intptr_t) p->fhp; /* struct fhandle * */ + uarg[1] = (intptr_t) p->to; /* const char * */ + *n_args = 2; + break; + } + /* fhlinkat */ + case 566: { + struct fhlinkat_args *p = params; + uarg[0] = (intptr_t) p->fhp; /* struct fhandle * */ + iarg[1] = p->tofd; /* int */ + uarg[2] = (intptr_t) p->to; /* const char * */ + *n_args = 3; + break; + } + /* fhreadlink */ + case 567: { + struct fhreadlink_args *p = params; + uarg[0] = (intptr_t) p->fhp; /* struct fhandle * */ + uarg[1] = (intptr_t) p->buf; /* char * */ + uarg[2] = p->bufsize; /* size_t */ + *n_args = 3; + break; + } default: *n_args = 0; break; @@ -8710,6 +8746,70 @@ systrace_entry_setargdesc(int sysnum, int ndx, char *desc, size_t descsz) break; }; break; + /* getfhat */ + case 564: + switch(ndx) { + case 0: + p = "int"; + break; + case 1: + p = "userland char *"; + break; + case 2: + p = "userland struct fhandle *"; + break; + case 3: + p = "int"; + break; + default: + break; + }; + break; + /* fhlink */ + case 565: + switch(ndx) { + case 0: + p = "userland struct fhandle *"; + break; + case 1: + p = "userland const char *"; + break; + default: + break; + }; + break; + /* fhlinkat */ + case 566: + switch(ndx) { + case 0: + p = "userland struct fhandle *"; + break; + case 1: + p = "int"; + break; + case 2: + p = "userland const char *"; + break; + default: + break; + }; + break; + /* fhreadlink */ + case 567: + switch(ndx) { + case 0: + p = "userland struct fhandle *"; + break; + case 1: + p = "userland char *"; + break; + case 2: + p = "size_t"; + break; + default: + break; + }; + break; default: break; }; @@ -10586,6 +10686,26 @@ systrace_return_setargdesc(int sysnum, int ndx, char *desc, size_t descsz) if (ndx == 0 || ndx == 1) p = "int"; break; + /* getfhat */ + case 564: + if (ndx == 0 || ndx == 1) + p = "int"; + break; + /* fhlink */ + case 565: + if (ndx == 0 || ndx == 1) + p = "int"; + break; + /* fhlinkat */ + case 566: + if (ndx == 0 || ndx == 1) + p = "int"; + break; + /* fhreadlink */ + case 567: + if (ndx == 0 || ndx == 1) + p = "int"; + break; default: break; }; diff --git a/sys/kern/uipc_syscalls.c b/sys/kern/uipc_syscalls.c index 202d5c868de4..b86f041c54ef 100644 --- a/sys/kern/uipc_syscalls.c +++ b/sys/kern/uipc_syscalls.c @@ -455,9 +455,7 @@ sys_accept4(td, uap) #ifdef COMPAT_OLDSOCK int -oaccept(td, uap) - struct thread *td; - struct accept_args *uap; +oaccept(struct thread *td, struct oaccept_args *uap) { return (accept1(td, uap->s, uap->name, uap->anamelen, diff --git a/sys/kern/vfs_aio.c b/sys/kern/vfs_aio.c index 5506e6ed14c7..350c51a01265 100644 --- a/sys/kern/vfs_aio.c +++ b/sys/kern/vfs_aio.c @@ -212,7 +212,7 @@ typedef struct oaiocb { /* * If the routine that services an AIO request blocks while running in an * AIO kernel process it can starve other I/O requests. BIO requests - * queued via aio_qphysio() complete in GEOM and do not use AIO kernel + * queued via aio_qbio() complete asynchronously and do not use AIO kernel * processes at all. Socket I/O requests use a separate pool of * kprocs and also force non-blocking I/O. Other file I/O requests * use the generic fo_read/fo_write operations which can block. The @@ -268,7 +268,7 @@ struct kaioinfo { int kaio_flags; /* (a) per process kaio flags */ int kaio_active_count; /* (c) number of currently used AIOs */ int kaio_count; /* (a) size of AIO queue */ - int kaio_buffer_count; /* (a) number of physio buffers */ + int kaio_buffer_count; /* (a) number of bio buffers */ TAILQ_HEAD(,kaiocb) kaio_all; /* (a) all AIOs in a process */ TAILQ_HEAD(,kaiocb) kaio_done; /* (a) done queue for process */ TAILQ_HEAD(,aioliojob) kaio_liojoblist; /* (a) list of lio jobs */ @@ -318,11 +318,11 @@ static int aio_newproc(int *); int aio_aqueue(struct thread *td, struct aiocb *ujob, struct aioliojob *lio, int type, struct aiocb_ops *ops); static int aio_queue_file(struct file *fp, struct kaiocb *job); -static void aio_physwakeup(struct bio *bp); +static void aio_biowakeup(struct bio *bp); static void aio_proc_rundown(void *arg, struct proc *p); static void aio_proc_rundown_exec(void *arg, struct proc *p, struct image_params *imgp); -static int aio_qphysio(struct proc *p, struct kaiocb *job); +static int aio_qbio(struct proc *p, struct kaiocb *job); static void aio_daemon(void *param); static void aio_bio_done_notify(struct proc *userp, struct kaiocb *job); static bool aio_clear_cancel_function_locked(struct kaiocb *job); @@ -741,9 +741,9 @@ drop: /* * The AIO processing activity for LIO_READ/LIO_WRITE. This is the code that - * does the I/O request for the non-physio version of the operations. The - * normal vn operations are used, and this code should work in all instances - * for every type of file, including pipes, sockets, fifos, and regular files. + * does the I/O request for the non-bio version of the operations. The normal + * vn operations are used, and this code should work in all instances for every + * type of file, including pipes, sockets, fifos, and regular files. * * XXX I don't think it works well for socket, pipe, and fifo. */ @@ -1195,7 +1195,7 @@ aio_newproc(int *start) } /* - * Try the high-performance, low-overhead physio method for eligible + * Try the high-performance, low-overhead bio method for eligible * VCHR devices. This method doesn't use an aio helper thread, and * thus has very low overhead. * @@ -1204,7 +1204,7 @@ aio_newproc(int *start) * duration of this call. */ static int -aio_qphysio(struct proc *p, struct kaiocb *job) +aio_qbio(struct proc *p, struct kaiocb *job) { struct aiocb *cb; struct file *fp; @@ -1277,7 +1277,7 @@ aio_qphysio(struct proc *p, struct kaiocb *job) bp->bio_length = cb->aio_nbytes; bp->bio_bcount = cb->aio_nbytes; - bp->bio_done = aio_physwakeup; + bp->bio_done = aio_biowakeup; bp->bio_data = (void *)(uintptr_t)cb->aio_buf; bp->bio_offset = cb->aio_offset; bp->bio_cmd = cb->aio_lio_opcode == LIO_WRITE ? BIO_WRITE : BIO_READ; @@ -1442,7 +1442,7 @@ static struct aiocb_ops aiocb_ops_osigevent = { #endif /* - * Queue a new AIO request. Choosing either the threaded or direct physio VCHR + * Queue a new AIO request. Choosing either the threaded or direct bio VCHR * technique is done in this code. */ int @@ -1697,7 +1697,7 @@ aio_queue_file(struct file *fp, struct kaiocb *job) bool safe; ki = job->userproc->p_aioinfo; - error = aio_qphysio(job->userproc, job); + error = aio_qbio(job->userproc, job); if (error >= 0) return (error); safe = false; @@ -1947,8 +1947,7 @@ sys_aio_suspend(struct thread *td, struct aio_suspend_args *uap) } /* - * aio_cancel cancels any non-physio aio operations not currently in - * progress. + * aio_cancel cancels any non-bio aio operations not currently in progress. */ int sys_aio_cancel(struct thread *td, struct aio_cancel_args *uap) @@ -2332,7 +2331,7 @@ sys_lio_listio(struct thread *td, struct lio_listio_args *uap) } static void -aio_physwakeup(struct bio *bp) +aio_biowakeup(struct bio *bp) { struct kaiocb *job = (struct kaiocb *)bp->bio_caller1; struct proc *userp; diff --git a/sys/kern/vfs_bio.c b/sys/kern/vfs_bio.c index ea322343d89a..2f0f3a637f7e 100644 --- a/sys/kern/vfs_bio.c +++ b/sys/kern/vfs_bio.c @@ -2231,7 +2231,7 @@ bufwrite(struct buf *bp) } if (bp->b_flags & B_BARRIER) - barrierwrites++; + atomic_add_long(&barrierwrites, 1); oldflags = bp->b_flags; diff --git a/sys/kern/vfs_cache.c b/sys/kern/vfs_cache.c index 627e9d0c7a8d..4d416b5e4dbe 100644 --- a/sys/kern/vfs_cache.c +++ b/sys/kern/vfs_cache.c @@ -2452,19 +2452,6 @@ vn_commname(struct vnode *vp, char *buf, u_int buflen) return (0); } -/* ABI compat shims for old kernel modules. */ -#undef cache_enter - -void cache_enter(struct vnode *dvp, struct vnode *vp, - struct componentname *cnp); - -void -cache_enter(struct vnode *dvp, struct vnode *vp, struct componentname *cnp) -{ - - cache_enter_time(dvp, vp, cnp, NULL, NULL); -} - /* * This function updates path string to vnode's full global path * and checks the size of the new path string against the pathlen argument. diff --git a/sys/kern/vfs_lookup.c b/sys/kern/vfs_lookup.c index 78893c4f2bd3..cb69a75ea651 100644 --- a/sys/kern/vfs_lookup.c +++ b/sys/kern/vfs_lookup.c @@ -202,8 +202,10 @@ nameicap_cleanup(struct nameidata *ndp, bool clean_latch) vdrop(nt->dp); uma_zfree(nt_zone, nt); } - if (clean_latch && (ndp->ni_lcf & NI_LCF_LATCH) != 0) + if (clean_latch && (ndp->ni_lcf & NI_LCF_LATCH) != 0) { + ndp->ni_lcf &= ~NI_LCF_LATCH; vrele(ndp->ni_beneath_latch); + } } /* @@ -446,7 +448,7 @@ namei(struct nameidata *ndp) if (error == 0 && dp->v_type != VDIR) error = ENOTDIR; } - if (error == 0 && (ndp->ni_lcf & NI_LCF_BENEATH_ABS) != 0) { + if (error == 0 && (cnp->cn_flags & BENEATH) != 0) { if (ndp->ni_dirfd == AT_FDCWD) { ndp->ni_beneath_latch = fdp->fd_cdir; vrefact(ndp->ni_beneath_latch); @@ -471,6 +473,8 @@ namei(struct nameidata *ndp) vrele(dp); goto out; } + MPASS((ndp->ni_lcf & (NI_LCF_BENEATH_ABS | NI_LCF_LATCH)) != + NI_LCF_BENEATH_ABS); if (((ndp->ni_lcf & NI_LCF_STRICTRELATIVE) != 0 && lookup_cap_dotdot != 0) || ((ndp->ni_lcf & NI_LCF_STRICTRELATIVE) == 0 && diff --git a/sys/kern/vfs_syscalls.c b/sys/kern/vfs_syscalls.c index 9ef0eb554461..fdf5aca0be29 100644 --- a/sys/kern/vfs_syscalls.c +++ b/sys/kern/vfs_syscalls.c @@ -105,6 +105,14 @@ static int setutimes(struct thread *td, struct vnode *, const struct timespec *, int, int); static int vn_access(struct vnode *vp, int user_flags, struct ucred *cred, struct thread *td); +static int kern_fhlinkat(struct thread *td, int fd, const char *path, + enum uio_seg pathseg, fhandle_t *fhp); +static int kern_getfhat(struct thread *td, int flags, int fd, + const char *path, enum uio_seg pathseg, fhandle_t *fhp); +static int kern_readlink_vp(struct vnode *vp, char *buf, enum uio_seg bufseg, + size_t count, struct thread *td); +static int kern_linkat_vp(struct thread *td, struct vnode *vp, int fd, + const char *path, enum uio_seg segflag); /* * Sync each mounted filesystem. @@ -1492,28 +1500,37 @@ can_hardlink(struct vnode *vp, struct ucred *cred) int kern_linkat(struct thread *td, int fd1, int fd2, const char *path1, - const char *path2, enum uio_seg segflg, int follow) + const char *path2, enum uio_seg segflag, int follow) { - struct vnode *vp; - struct mount *mp; struct nameidata nd; int error; -again: - bwillwrite(); - NDINIT_ATRIGHTS(&nd, LOOKUP, follow | AUDITVNODE1, segflg, path1, fd1, - &cap_linkat_source_rights, td); + do { + bwillwrite(); + NDINIT_ATRIGHTS(&nd, LOOKUP, follow | AUDITVNODE1, segflag, + path1, fd1, &cap_linkat_source_rights, td); + if ((error = namei(&nd)) != 0) + return (error); + NDFREE(&nd, NDF_ONLY_PNBUF); + error = kern_linkat_vp(td, nd.ni_vp, fd2, path2, segflag); + } while (error == EAGAIN); + return (error); +} + +static int +kern_linkat_vp(struct thread *td, struct vnode *vp, int fd, const char *path, + enum uio_seg segflag) +{ + struct nameidata nd; + struct mount *mp; + int error; - if ((error = namei(&nd)) != 0) - return (error); - NDFREE(&nd, NDF_ONLY_PNBUF); - vp = nd.ni_vp; if (vp->v_type == VDIR) { vrele(vp); return (EPERM); /* POSIX */ } NDINIT_ATRIGHTS(&nd, CREATE, - LOCKPARENT | SAVENAME | AUDITVNODE2 | NOCACHE, segflg, path2, fd2, + LOCKPARENT | SAVENAME | AUDITVNODE2 | NOCACHE, segflag, path, fd, &cap_linkat_target_rights, td); if ((error = namei(&nd)) == 0) { if (nd.ni_vp != NULL) { @@ -1557,7 +1574,7 @@ again: V_XSLEEP | PCATCH); if (error != 0) return (error); - goto again; + return (EAGAIN); } error = VOP_LINK(nd.ni_dvp, vp, &nd.ni_cnd); VOP_UNLOCK(vp, 0); @@ -1568,7 +1585,7 @@ again: vput(nd.ni_dvp); NDFREE(&nd, NDF_ONLY_PNBUF); vrele(vp); - goto again; + return (EAGAIN); } } vrele(vp); @@ -2277,7 +2294,6 @@ kern_statat(struct thread *td, int flag, int fd, const char *path, void (*hook)(struct vnode *vp, struct stat *sbp)) { struct nameidata nd; - struct stat sb; int error; if ((flag & ~(AT_SYMLINK_NOFOLLOW | AT_BENEATH)) != 0) @@ -2290,28 +2306,27 @@ kern_statat(struct thread *td, int flag, int fd, const char *path, if ((error = namei(&nd)) != 0) return (error); - error = vn_stat(nd.ni_vp, &sb, td->td_ucred, NOCRED, td); + error = vn_stat(nd.ni_vp, sbp, td->td_ucred, NOCRED, td); if (error == 0) { - SDT_PROBE2(vfs, , stat, mode, path, sb.st_mode); - if (S_ISREG(sb.st_mode)) + SDT_PROBE2(vfs, , stat, mode, path, sbp->st_mode); + if (S_ISREG(sbp->st_mode)) SDT_PROBE2(vfs, , stat, reg, path, pathseg); if (__predict_false(hook != NULL)) - hook(nd.ni_vp, &sb); + hook(nd.ni_vp, sbp); } NDFREE(&nd, NDF_ONLY_PNBUF); vput(nd.ni_vp); if (error != 0) return (error); #ifdef __STAT_TIME_T_EXT - sb.st_atim_ext = 0; - sb.st_mtim_ext = 0; - sb.st_ctim_ext = 0; - sb.st_btim_ext = 0; + sbp->st_atim_ext = 0; + sbp->st_mtim_ext = 0; + sbp->st_ctim_ext = 0; + sbp->st_btim_ext = 0; #endif - *sbp = sb; #ifdef KTRACE if (KTRPOINT(td, KTR_STRUCT)) - ktrstat(&sb); + ktrstat(sbp); #endif return (0); } @@ -2486,8 +2501,6 @@ kern_readlinkat(struct thread *td, int fd, const char *path, enum uio_seg pathseg, char *buf, enum uio_seg bufseg, size_t count) { struct vnode *vp; - struct iovec aiov; - struct uio auio; struct nameidata nd; int error; @@ -2501,29 +2514,44 @@ kern_readlinkat(struct thread *td, int fd, const char *path, return (error); NDFREE(&nd, NDF_ONLY_PNBUF); vp = nd.ni_vp; + + error = kern_readlink_vp(vp, buf, bufseg, count, td); + vput(vp); + + return (error); +} + +/* + * Helper function to readlink from a vnode + */ +static int +kern_readlink_vp(struct vnode *vp, char *buf, enum uio_seg bufseg, size_t count, + struct thread *td) +{ + struct iovec aiov; + struct uio auio; + int error; + + ASSERT_VOP_LOCKED(vp, "kern_readlink_vp(): vp not locked"); #ifdef MAC error = mac_vnode_check_readlink(td->td_ucred, vp); - if (error != 0) { - vput(vp); + if (error != 0) return (error); - } #endif if (vp->v_type != VLNK && (vp->v_vflag & VV_READLINK) == 0) - error = EINVAL; - else { - aiov.iov_base = buf; - aiov.iov_len = count; - auio.uio_iov = &aiov; - auio.uio_iovcnt = 1; - auio.uio_offset = 0; - auio.uio_rw = UIO_READ; - auio.uio_segflg = bufseg; - auio.uio_td = td; - auio.uio_resid = count; - error = VOP_READLINK(vp, &auio, td->td_ucred); - td->td_retval[0] = count - auio.uio_resid; - } - vput(vp); + return (EINVAL); + + aiov.iov_base = buf; + aiov.iov_len = count; + auio.uio_iov = &aiov; + auio.uio_iovcnt = 1; + auio.uio_offset = 0; + auio.uio_rw = UIO_READ; + auio.uio_segflg = bufseg; + auio.uio_td = td; + auio.uio_resid = count; + error = VOP_READLINK(vp, &auio, td->td_ucred); + td->td_retval[0] = count - auio.uio_resid; return (error); } @@ -4121,13 +4149,61 @@ getvnode(struct thread *td, int fd, cap_rights_t *rightsp, struct file **fpp) */ #ifndef _SYS_SYSPROTO_H_ struct lgetfh_args { - char *fname; + char *fname; fhandle_t *fhp; }; #endif int sys_lgetfh(struct thread *td, struct lgetfh_args *uap) { + + return (kern_getfhat(td, AT_SYMLINK_NOFOLLOW, AT_FDCWD, uap->fname, + UIO_USERSPACE, uap->fhp)); +} + +#ifndef _SYS_SYSPROTO_H_ +struct getfh_args { + char *fname; + fhandle_t *fhp; +}; +#endif +int +sys_getfh(struct thread *td, struct getfh_args *uap) +{ + + return (kern_getfhat(td, 0, AT_FDCWD, uap->fname, UIO_USERSPACE, + uap->fhp)); +} + +/* + * syscall for the rpc.lockd to use to translate an open descriptor into + * a NFS file handle. + * + * warning: do not remove the priv_check() call or this becomes one giant + * security hole. + */ +#ifndef _SYS_SYSPROTO_H_ +struct getfhat_args { + int fd; + char *path; + fhandle_t *fhp; + int flags; +}; +#endif +int +sys_getfhat(struct thread *td, struct getfhat_args *uap) +{ + + if ((uap->flags & ~(AT_SYMLINK_NOFOLLOW | AT_BENEATH)) != 0) + return (EINVAL); + return (kern_getfhat(td, uap->flags, uap->fd, uap->path ? uap->path : ".", + UIO_USERSPACE, uap->fhp)); +} + +static int +kern_getfhat(struct thread *td, int flags, int fd, const char *path, + enum uio_seg pathseg, fhandle_t *fhp) +{ struct nameidata nd; fhandle_t fh; struct vnode *vp; @@ -4136,8 +4212,9 @@ sys_lgetfh(struct thread *td, struct lgetfh_args *uap) error = priv_check(td, PRIV_VFS_GETFH); if (error != 0) return (error); - NDINIT(&nd, LOOKUP, NOFOLLOW | LOCKLEAF | AUDITVNODE1, UIO_USERSPACE, - uap->fname, td); + NDINIT_AT(&nd, LOOKUP, ((flags & AT_SYMLINK_NOFOLLOW) != 0 ? NOFOLLOW : + FOLLOW) | ((flags & AT_BENEATH) != 0 ? BENEATH : 0) | LOCKLEAF | + AUDITVNODE1, pathseg, path, fd, td); error = namei(&nd); if (error != 0) return (error); @@ -4148,40 +4225,96 @@ sys_lgetfh(struct thread *td, struct lgetfh_args *uap) error = VOP_VPTOFH(vp, &fh.fh_fid); vput(vp); if (error == 0) - error = copyout(&fh, uap->fhp, sizeof (fh)); + error = copyout(&fh, fhp, sizeof (fh)); return (error); } #ifndef _SYS_SYSPROTO_H_ -struct getfh_args { - char *fname; +struct fhlink_args { fhandle_t *fhp; + const char *to; }; #endif int -sys_getfh(struct thread *td, struct getfh_args *uap) +sys_fhlink(struct thread *td, struct fhlink_args *uap) +{ + + return (kern_fhlinkat(td, AT_FDCWD, uap->to, UIO_USERSPACE, uap->fhp)); +} + +#ifndef _SYS_SYSPROTO_H_ +struct fhlinkat_args { + fhandle_t *fhp; + int tofd; + const char *to; +}; +#endif +int +sys_fhlinkat(struct thread *td, struct fhlinkat_args *uap) +{ + + return (kern_fhlinkat(td, uap->tofd, uap->to, UIO_USERSPACE, uap->fhp)); +} + +static int +kern_fhlinkat(struct thread *td, int fd, const char *path, + enum uio_seg pathseg, fhandle_t *fhp) { - struct nameidata nd; fhandle_t fh; + struct mount *mp; struct vnode *vp; int error; error = priv_check(td, PRIV_VFS_GETFH); if (error != 0) return (error); - NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF | AUDITVNODE1, UIO_USERSPACE, - uap->fname, td); - error = namei(&nd); + error = copyin(fhp, &fh, sizeof(fh)); if (error != 0) return (error); - NDFREE(&nd, NDF_ONLY_PNBUF); - vp = nd.ni_vp; - bzero(&fh, sizeof(fh)); - fh.fh_fsid = vp->v_mount->mnt_stat.f_fsid; - error = VOP_VPTOFH(vp, &fh.fh_fid); + do { + bwillwrite(); + if ((mp = vfs_busyfs(&fh.fh_fsid)) == NULL) + return (ESTALE); + error = VFS_FHTOVP(mp, &fh.fh_fid, LK_SHARED, &vp); + vfs_unbusy(mp); + if (error != 0) + return (error); + VOP_UNLOCK(vp, 0); + } while ((error = kern_linkat_vp(td, vp, fd, path, pathseg)) == EAGAIN); + return (error); +} + +#ifndef _SYS_SYSPROTO_H_ +struct fhreadlink_args { + fhandle_t *fhp; + char *buf; + size_t bufsize; +}; +#endif +int +sys_fhreadlink(struct thread *td, struct fhreadlink_args *uap) +{ + fhandle_t fh; + struct mount *mp; + struct vnode *vp; + int error; + + error = priv_check(td, PRIV_VFS_GETFH); + if (error != 0) + return (error); + if (uap->bufsize > IOSIZE_MAX) + return (EINVAL); + error = copyin(uap->fhp, &fh, sizeof(fh)); + if (error != 0) + return (error); + if ((mp = vfs_busyfs(&fh.fh_fsid)) == NULL) + return (ESTALE); + error = VFS_FHTOVP(mp, &fh.fh_fid, LK_SHARED, &vp); + vfs_unbusy(mp); + if (error != 0) + return (error); + error = kern_readlink_vp(vp, uap->buf, UIO_USERSPACE, uap->bufsize, td); vput(vp); - if (error == 0) - error = copyout(&fh, uap->fhp, sizeof (fh)); return (error); } diff --git a/sys/mips/conf/ERL b/sys/mips/conf/ERL index 58552101db73..639f34d09b67 100644 --- a/sys/mips/conf/ERL +++ b/sys/mips/conf/ERL @@ -91,6 +91,8 @@ options KDTRACE_HOOKS # Kernel DTrace hooks options DDB_CTF # Kernel ELF linker loads CTF data options INCLUDE_CONFIG_FILE # Include this file in kernel options TMPFS # Temporary file system +options CAPABILITY_MODE # Capsicum capability mode +options CAPABILITIES # Capsicum capabilities # Debugging for use in -current #options KDB # Enable kernel debugger support. diff --git a/sys/mips/mips/freebsd32_machdep.c b/sys/mips/mips/freebsd32_machdep.c index 73c5848029fa..0c32cb65fbef 100644 --- a/sys/mips/mips/freebsd32_machdep.c +++ b/sys/mips/mips/freebsd32_machdep.c @@ -294,6 +294,7 @@ freebsd32_getcontext(struct thread *td, struct freebsd32_getcontext_args *uap) if (uap->ucp == NULL) ret = EINVAL; else { + bzero(&uc, sizeof(uc)); get_mcontext32(td, &uc.uc_mcontext, GET_MC_CLEAR_RET); PROC_LOCK(td->td_proc); uc.uc_sigmask = td->td_sigmask; @@ -333,6 +334,7 @@ freebsd32_swapcontext(struct thread *td, struct freebsd32_swapcontext_args *uap) if (uap->oucp == NULL || uap->ucp == NULL) ret = EINVAL; else { + bzero(&uc, sizeof(uc)); get_mcontext32(td, &uc.uc_mcontext, GET_MC_CLEAR_RET); PROC_LOCK(td->td_proc); uc.uc_sigmask = td->td_sigmask; diff --git a/sys/modules/Makefile b/sys/modules/Makefile index e31dc1bd5e51..48f9a6e678ee 100644 --- a/sys/modules/Makefile +++ b/sys/modules/Makefile @@ -250,8 +250,8 @@ SUBDIR= \ ${_mly} \ mmc \ mmcsd \ - mpr \ - mps \ + ${_mpr} \ + ${_mps} \ mpt \ mqueue \ mrsas \ @@ -523,6 +523,13 @@ _rtwnfw= rtwnfw _cxgbe= cxgbe .endif +# These rely on 64bit atomics +.if ${MACHINE_ARCH} != "powerpc" && ${MACHINE_ARCH} != "powerpcspc" && \ + ${MACHINE_CPUARCH} != "mips" +_mps= mps +_mpr= mpr +.endif + .if ${MK_TESTS} != "no" || defined(ALL_MODULES) SUBDIR+= tests .endif diff --git a/sys/modules/cxgbe/if_cxgbe/Makefile b/sys/modules/cxgbe/if_cxgbe/Makefile index d35287bab5cf..8714bbb287dd 100644 --- a/sys/modules/cxgbe/if_cxgbe/Makefile +++ b/sys/modules/cxgbe/if_cxgbe/Makefile @@ -15,6 +15,7 @@ SRCS+= opt_ofed.h SRCS+= opt_ratelimit.h SRCS+= opt_rss.h SRCS+= pci_if.h pci_iov_if.h +SRCS+= t4_clip.c SRCS+= t4_filter.c SRCS+= t4_hw.c SRCS+= t4_if.c t4_if.h diff --git a/sys/modules/dtb/allwinner/Makefile b/sys/modules/dtb/allwinner/Makefile index df7fe9b75e68..86277c1da3e2 100644 --- a/sys/modules/dtb/allwinner/Makefile +++ b/sys/modules/dtb/allwinner/Makefile @@ -44,7 +44,8 @@ DTS= \ allwinner/sun50i-a64-sopine-baseboard.dts \ allwinner/sun50i-h5-orangepi-pc2.dts -DTSO= sun50i-a64-sid.dtso \ +DTSO= sun50i-a64-opp.dtso \ + sun50i-a64-sid.dtso \ sun50i-a64-ths.dtso \ sun50i-a64-timer.dtso diff --git a/sys/modules/dtb/rockchip/Makefile b/sys/modules/dtb/rockchip/Makefile new file mode 100644 index 000000000000..aefbc9e9a3b9 --- /dev/null +++ b/sys/modules/dtb/rockchip/Makefile @@ -0,0 +1,7 @@ +# $FreeBSD$ +# For now only for rk3328-rock64 dts file. + +DTS= \ + rockchip/rk3328-rock64.dts + +.include <bsd.dtb.mk> diff --git a/sys/modules/iavf/Makefile b/sys/modules/iavf/Makefile index 48d9c1fe23c9..c3a1c3f5400f 100644 --- a/sys/modules/iavf/Makefile +++ b/sys/modules/iavf/Makefile @@ -15,4 +15,6 @@ SRCS += i40e_common.c i40e_nvm.c i40e_adminq.c # Enable asserts and other debugging facilities # CFLAGS += -DINVARIANTS -DINVARIANTS_SUPPORT -DWITNESS +LINKS= ${KMODDIR}/${KMOD}.ko ${KMODDIR}/if_ixlv.ko + .include <bsd.kmod.mk> diff --git a/sys/modules/mlx5/Makefile b/sys/modules/mlx5/Makefile index b39da364973a..f90db5ba92d7 100644 --- a/sys/modules/mlx5/Makefile +++ b/sys/modules/mlx5/Makefile @@ -1,5 +1,7 @@ # $FreeBSD$ -.PATH: ${SRCTOP}/sys/dev/mlx5/mlx5_core +.PATH: ${SRCTOP}/sys/dev/mlx5/mlx5_core \ + ${SRCTOP}/sys/dev/mlx5/mlx5_lib \ + ${SRCTOP}/sys/dev/mlx5/mlx5_fpga KMOD=mlx5 SRCS= \ @@ -29,12 +31,23 @@ mlx5_uar.c \ mlx5_vport.c \ mlx5_vsc.c \ mlx5_wq.c \ +mlx5_gid.c \ device_if.h bus_if.h vnode_if.h pci_if.h \ opt_inet.h opt_inet6.h opt_rss.h opt_ratelimit.h CFLAGS+= -I${SRCTOP}/sys/ofed/include CFLAGS+= -I${SRCTOP}/sys/compat/linuxkpi/common/include +.if defined(CONFIG_BUILD_FPGA) +SRCS+= \ + mlx5fpga_cmd.c \ + mlx5fpga_core.c \ + mlx5fpga_sdk.c \ + mlx5fpga_trans.c \ + mlx5fpga_xfer.c \ + mlx5fpga_ipsec.c +.endif + .include <bsd.kmod.mk> CFLAGS+= -Wno-cast-qual -Wno-pointer-arith ${GCC_MS_EXTENSIONS} diff --git a/sys/modules/mlx5en/Makefile b/sys/modules/mlx5en/Makefile index b413e2c32602..efac33e5e3fb 100644 --- a/sys/modules/mlx5en/Makefile +++ b/sys/modules/mlx5en/Makefile @@ -21,6 +21,10 @@ CFLAGS+= -DHAVE_PER_CQ_EVENT_PACKET CFLAGS+= -DHAVE_TCP_LRO_RX .endif +.if defined(CONFIG_BUILD_FPGA) +CFLAGS+= -DCONFIG_MLX5_FPGA +.endif + CFLAGS+= -I${SRCTOP}/sys/ofed/include CFLAGS+= -I${SRCTOP}/sys/compat/linuxkpi/common/include diff --git a/sys/modules/mlx5fpga_tools/Makefile b/sys/modules/mlx5fpga_tools/Makefile new file mode 100644 index 000000000000..c9bb559c7fcf --- /dev/null +++ b/sys/modules/mlx5fpga_tools/Makefile @@ -0,0 +1,19 @@ +# $FreeBSD$ +.PATH: ${SRCTOP}/sys/dev/mlx5/mlx5_fpga_tools + +KMOD=mlx5fpga_tools +SRCS= \ + mlx5fpga_tools_main.c \ + mlx5fpga_tools_char.c + +SRCS+= \ + device_if.h bus_if.h vnode_if.h pci_if.h \ + opt_inet.h opt_inet6.h opt_rss.h opt_ratelimit.h + +CFLAGS+= -I${SRCTOP}/sys/ofed/include +CFLAGS+= -I${SRCTOP}/sys/compat/linuxkpi/common/include + +.include <bsd.kmod.mk> + +CFLAGS+= -Wno-cast-qual -Wno-pointer-arith ${GCC_MS_EXTENSIONS} +CFLAGS+= -DCONFIG_MLX5_FPGA -DCONFIG_MLX5_ACCEL diff --git a/sys/modules/mlx5ib/Makefile b/sys/modules/mlx5ib/Makefile index b3b823a07195..fb9c7fbc6612 100644 --- a/sys/modules/mlx5ib/Makefile +++ b/sys/modules/mlx5ib/Makefile @@ -23,6 +23,10 @@ CFLAGS+= -I${SRCTOP}/sys/ofed/include/uapi CFLAGS+= -I${SRCTOP}/sys/compat/linuxkpi/common/include CFLAGS+= -DCONFIG_INFINIBAND_USER_MEM +.if defined(CONFIG_BUILD_FPGA) +CFLAGS+= -DCONFIG_MLX5_FPGA +.endif + .include <bsd.kmod.mk> CFLAGS+= -Wno-cast-qual -Wno-pointer-arith ${GCC_MS_EXTENSIONS} diff --git a/sys/modules/netgraph/Makefile b/sys/modules/netgraph/Makefile index ac674d16d812..56ad7bd4a543 100644 --- a/sys/modules/netgraph/Makefile +++ b/sys/modules/netgraph/Makefile @@ -11,6 +11,7 @@ SUBDIR= async \ bpf \ bridge \ car \ + checksum \ cisco \ deflate \ device \ diff --git a/sys/modules/netmap/Makefile b/sys/modules/netmap/Makefile index dbc686823573..8d0b358115fd 100644 --- a/sys/modules/netmap/Makefile +++ b/sys/modules/netmap/Makefile @@ -3,12 +3,12 @@ # Compile netmap as a module, useful if you want a netmap bridge # or loadable drivers. -SYSDIR?=${SRCTOP}/sys -.include "${SYSDIR}/conf/kern.opts.mk" +.include <bsd.own.mk> # FreeBSD 10 and earlier +# .include "${SYSDIR}/conf/kern.opts.mk" -.PATH: ${SYSDIR}/dev/netmap -.PATH.h: ${SYSDIR}/net -CFLAGS += -I${SYSDIR}/ -D INET +.PATH: ${.CURDIR}/../../dev/netmap +.PATH.h: ${.CURDIR}/../../net +CFLAGS += -I${.CURDIR}/../../ -D INET -D VIMAGE KMOD = netmap SRCS = device_if.h bus_if.h pci_if.h opt_netmap.h SRCS += netmap.c netmap.h netmap_kern.h @@ -20,8 +20,10 @@ SRCS += netmap_freebsd.c SRCS += netmap_offloadings.c SRCS += netmap_pipe.c SRCS += netmap_monitor.c -SRCS += netmap_pt.c +SRCS += netmap_kloop.c SRCS += netmap_legacy.c +SRCS += netmap_bdg.c +SRCS += netmap_null.c SRCS += if_ptnet.c SRCS += opt_inet.h opt_inet6.h diff --git a/sys/modules/rockchip/Makefile b/sys/modules/rockchip/Makefile index 7003010e413d..a06f3e658da7 100644 --- a/sys/modules/rockchip/Makefile +++ b/sys/modules/rockchip/Makefile @@ -3,5 +3,6 @@ SUBDIR = \ rk_i2c \ + rk805 .include <bsd.subdir.mk> diff --git a/sys/modules/rockchip/rk805/Makefile b/sys/modules/rockchip/rk805/Makefile new file mode 100644 index 000000000000..395b9fc49c72 --- /dev/null +++ b/sys/modules/rockchip/rk805/Makefile @@ -0,0 +1,17 @@ +# $FreeBSD$ + +.PATH: ${SRCTOP}/sys/arm64/rockchip + +KMOD= rk805 +SRCS= rk805.c + +SRCS+= \ + bus_if.h \ + device_if.h \ + iicbus_if.h \ + regnode_if.h \ + regdev_if.h \ + ofw_bus_if.h \ + opt_platform.h \ + +.include <bsd.kmod.mk> diff --git a/sys/modules/sfxge/Makefile b/sys/modules/sfxge/Makefile index a905663dea22..b16b6e48b887 100644 --- a/sys/modules/sfxge/Makefile +++ b/sys/modules/sfxge/Makefile @@ -16,11 +16,14 @@ SRCS+= sfxge.h sfxge_rx.h sfxge_tx.h sfxge_version.h .PATH: ${SRCTOP}/sys/dev/sfxge/common SRCS+= efx_bootcfg.c efx_crc32.c efx_ev.c efx_intr.c efx_lic.c efx_mac.c SRCS+= efx_mcdi.c efx_mon.c efx_nic.c -SRCS+= efx_nvram.c efx_phy.c efx_port.c efx_rx.c efx_sram.c efx_tx.c -SRCS+= efx_vpd.c efx_filter.c efx_hash.c +SRCS+= efx_nvram.c efx_phy.c efx_port.c efx_rx.c efx_sram.c efx_tunnel.c +SRCS+= efx_tx.c efx_vpd.c efx_filter.c efx_hash.c SRCS+= efsys.h -SRCS+= efx.h efx_check.h efx_impl.h efx_mcdi.h efx_regs.h efx_regs_ef10.h -SRCS+= efx_regs_mcdi.h efx_regs_pci.h efx_types.h efx_phy_ids.h +SRCS+= efx.h efx_annote.h efx_check.h efx_impl.h efx_mcdi.h +SRCS+= efx_regs.h efx_regs_ef10.h +SRCS+= efx_regs_mcdi.h efx_regs_mcdi_aoe.h efx_regs_mcdi_strs.h +SRCS+= efx_regs_pci.h efx_types.h +SRCS+= efx_phy_ids.h SRCS+= ef10_tlv_layout.h SRCS+= mcdi_mon.c mcdi_mon.h @@ -29,9 +32,9 @@ SRCS+= siena_mac.c siena_mcdi.c siena_nic.c siena_nvram.c siena_phy.c SRCS+= siena_sram.c siena_vpd.c SRCS+= siena_flash.h siena_impl.h -SRCS+= ef10_ev.c ef10_filter.c ef10_intr.c ef10_mac.c ef10_mcdi.c ef10_nic.c -SRCS+= ef10_nvram.c ef10_phy.c ef10_rx.c ef10_tx.c ef10_vpd.c -SRCS+= ef10_impl.h +SRCS+= ef10_ev.c ef10_filter.c ef10_image.c ef10_intr.c ef10_mac.c ef10_mcdi.c +SRCS+= ef10_nic.c ef10_nvram.c ef10_phy.c ef10_rx.c ef10_tx.c ef10_vpd.c +SRCS+= ef10_impl.h ef10_signed_image_layout.h SRCS+= hunt_nic.c SRCS+= hunt_impl.h @@ -39,6 +42,9 @@ SRCS+= hunt_impl.h SRCS+= medford_nic.c SRCS+= medford_impl.h +SRCS+= medford2_nic.c +SRCS+= medford2_impl.h + # Extra debug checks #CFLAGS += -DDEBUG=1 diff --git a/sys/net/altq/altq.h b/sys/net/altq/altq.h index 35024461b851..731fead4e55f 100644 --- a/sys/net/altq/altq.h +++ b/sys/net/altq/altq.h @@ -38,16 +38,6 @@ #define ALTQ3_CLFIER_COMPAT /* for compatibility with altq-3 classifier */ #endif -#ifdef ALTQ3_COMPAT -#include <sys/param.h> -#include <sys/ioccom.h> -#include <sys/queue.h> -#include <netinet/in.h> - -#ifndef IFNAMSIZ -#define IFNAMSIZ 16 -#endif -#endif /* ALTQ3_COMPAT */ /* altq discipline type */ #define ALTQT_NONE 0 /* reserved */ @@ -67,12 +57,6 @@ #define ALTQT_CODEL 14 /* CoDel */ #define ALTQT_MAX 15 /* should be max discipline type + 1 */ -#ifdef ALTQ3_COMPAT -struct altqreq { - char ifname[IFNAMSIZ]; /* if name, e.g. "en0" */ - u_long arg; /* request-specific argument */ -}; -#endif /* simple token backet meter profile */ struct tb_profile { @@ -80,85 +64,6 @@ struct tb_profile { u_int32_t depth; /* depth in bytes */ }; -#ifdef ALTQ3_COMPAT -struct tbrreq { - char ifname[IFNAMSIZ]; /* if name, e.g. "en0" */ - struct tb_profile tb_prof; /* token bucket profile */ -}; - -#ifdef ALTQ3_CLFIER_COMPAT -/* - * common network flow info structure - */ -struct flowinfo { - u_char fi_len; /* total length */ - u_char fi_family; /* address family */ - u_int8_t fi_data[46]; /* actually longer; address family - specific flow info. */ -}; - -/* - * flow info structure for internet protocol family. - * (currently this is the only protocol family supported) - */ -struct flowinfo_in { - u_char fi_len; /* sizeof(struct flowinfo_in) */ - u_char fi_family; /* AF_INET */ - u_int8_t fi_proto; /* IPPROTO_XXX */ - u_int8_t fi_tos; /* type-of-service */ - struct in_addr fi_dst; /* dest address */ - struct in_addr fi_src; /* src address */ - u_int16_t fi_dport; /* dest port */ - u_int16_t fi_sport; /* src port */ - u_int32_t fi_gpi; /* generalized port id for ipsec */ - u_int8_t _pad[28]; /* make the size equal to - flowinfo_in6 */ -}; - -#ifdef SIN6_LEN -struct flowinfo_in6 { - u_char fi6_len; /* sizeof(struct flowinfo_in6) */ - u_char fi6_family; /* AF_INET6 */ - u_int8_t fi6_proto; /* IPPROTO_XXX */ - u_int8_t fi6_tclass; /* traffic class */ - u_int32_t fi6_flowlabel; /* ipv6 flowlabel */ - u_int16_t fi6_dport; /* dest port */ - u_int16_t fi6_sport; /* src port */ - u_int32_t fi6_gpi; /* generalized port id */ - struct in6_addr fi6_dst; /* dest address */ - struct in6_addr fi6_src; /* src address */ -}; -#endif /* INET6 */ - -/* - * flow filters for AF_INET and AF_INET6 - */ -struct flow_filter { - int ff_ruleno; - struct flowinfo_in ff_flow; - struct { - struct in_addr mask_dst; - struct in_addr mask_src; - u_int8_t mask_tos; - u_int8_t _pad[3]; - } ff_mask; - u_int8_t _pad2[24]; /* make the size equal to flow_filter6 */ -}; - -#ifdef SIN6_LEN -struct flow_filter6 { - int ff_ruleno; - struct flowinfo_in6 ff_flow6; - struct { - struct in6_addr mask6_dst; - struct in6_addr mask6_src; - u_int8_t mask6_tclass; - u_int8_t _pad[3]; - } ff_mask6; -}; -#endif /* INET6 */ -#endif /* ALTQ3_CLFIER_COMPAT */ -#endif /* ALTQ3_COMPAT */ /* * generic packet counter @@ -171,33 +76,6 @@ struct pktcntr { #define PKTCNTR_ADD(cntr, len) \ do { (cntr)->packets++; (cntr)->bytes += len; } while (/*CONSTCOND*/ 0) -#ifdef ALTQ3_COMPAT -/* - * altq related ioctls - */ -#define ALTQGTYPE _IOWR('q', 0, struct altqreq) /* get queue type */ -#if 0 -/* - * these ioctls are currently discipline-specific but could be shared - * in the future. - */ -#define ALTQATTACH _IOW('q', 1, struct altqreq) /* attach discipline */ -#define ALTQDETACH _IOW('q', 2, struct altqreq) /* detach discipline */ -#define ALTQENABLE _IOW('q', 3, struct altqreq) /* enable discipline */ -#define ALTQDISABLE _IOW('q', 4, struct altqreq) /* disable discipline*/ -#define ALTQCLEAR _IOW('q', 5, struct altqreq) /* (re)initialize */ -#define ALTQCONFIG _IOWR('q', 6, struct altqreq) /* set config params */ -#define ALTQADDCLASS _IOWR('q', 7, struct altqreq) /* add a class */ -#define ALTQMODCLASS _IOWR('q', 8, struct altqreq) /* modify a class */ -#define ALTQDELCLASS _IOWR('q', 9, struct altqreq) /* delete a class */ -#define ALTQADDFILTER _IOWR('q', 10, struct altqreq) /* add a filter */ -#define ALTQDELFILTER _IOWR('q', 11, struct altqreq) /* delete a filter */ -#define ALTQGETSTATS _IOWR('q', 12, struct altqreq) /* get statistics */ -#define ALTQGETCNTR _IOWR('q', 13, struct altqreq) /* get a pkt counter */ -#endif /* 0 */ -#define ALTQTBRSET _IOW('q', 14, struct tbrreq) /* set tb regulator */ -#define ALTQTBRGET _IOWR('q', 15, struct tbrreq) /* get tb regulator */ -#endif /* ALTQ3_COMPAT */ #ifdef _KERNEL #include <net/altq/altq_var.h> diff --git a/sys/net/altq/altq_cbq.c b/sys/net/altq/altq_cbq.c index e587dc1c3bb5..aa646848dc32 100644 --- a/sys/net/altq/altq_cbq.c +++ b/sys/net/altq/altq_cbq.c @@ -44,10 +44,6 @@ #include <sys/proc.h> #include <sys/errno.h> #include <sys/time.h> -#ifdef ALTQ3_COMPAT -#include <sys/uio.h> -#include <sys/kernel.h> -#endif #include <net/if.h> #include <net/if_var.h> @@ -58,16 +54,7 @@ #include <netpfil/pf/pf_mtag.h> #include <net/altq/altq.h> #include <net/altq/altq_cbq.h> -#ifdef ALTQ3_COMPAT -#include <net/altq/altq_conf.h> -#endif -#ifdef ALTQ3_COMPAT -/* - * Local Data structures. - */ -static cbq_state_t *cbq_list = NULL; -#endif /* * Forward Declarations. @@ -82,21 +69,6 @@ static struct mbuf *cbq_dequeue(struct ifaltq *, int); static void cbqrestart(struct ifaltq *); static void get_class_stats(class_stats_t *, struct rm_class *); static void cbq_purge(cbq_state_t *); -#ifdef ALTQ3_COMPAT -static int cbq_add_class(struct cbq_add_class *); -static int cbq_delete_class(struct cbq_delete_class *); -static int cbq_modify_class(struct cbq_modify_class *); -static int cbq_class_create(cbq_state_t *, struct cbq_add_class *, - struct rm_class *, struct rm_class *); -static int cbq_clear_hierarchy(struct cbq_interface *); -static int cbq_set_enable(struct cbq_interface *, int); -static int cbq_ifattach(struct cbq_interface *); -static int cbq_ifdetach(struct cbq_interface *); -static int cbq_getstats(struct cbq_getstats *); - -static int cbq_add_filter(struct cbq_add_filter *); -static int cbq_delete_filter(struct cbq_delete_filter *); -#endif /* ALTQ3_COMPAT */ /* * int @@ -123,10 +95,6 @@ cbq_class_destroy(cbq_state_t *cbqp, struct rm_class *cl) cbqp->ifnp.root_ = NULL; if (cl == cbqp->ifnp.default_) cbqp->ifnp.default_ = NULL; -#ifdef ALTQ3_COMPAT - if (cl == cbqp->ifnp.ctl_) - cbqp->ifnp.ctl_ = NULL; -#endif return (0); } @@ -179,10 +147,6 @@ cbq_clear_interface(cbq_state_t *cbqp) cbqp->ifnp.root_ = NULL; if (cl == cbqp->ifnp.default_) cbqp->ifnp.default_ = NULL; -#ifdef ALTQ3_COMPAT - if (cl == cbqp->ifnp.ctl_) - cbqp->ifnp.ctl_ = NULL; -#endif } } } @@ -512,10 +476,6 @@ cbq_enqueue(struct ifaltq *ifq, struct mbuf *m, struct altq_pktattr *pktattr) cl = NULL; if ((t = pf_find_mtag(m)) != NULL) cl = clh_to_clp(cbqp, t->qid); -#ifdef ALTQ3_COMPAT - else if ((ifq->altq_flags & ALTQF_CLASSIFY) && pktattr != NULL) - cl = pktattr->pattr_class; -#endif if (cl == NULL) { cl = cbqp->ifnp.default_; if (cl == NULL) { @@ -523,12 +483,7 @@ cbq_enqueue(struct ifaltq *ifq, struct mbuf *m, struct altq_pktattr *pktattr) return (ENOBUFS); } } -#ifdef ALTQ3_COMPAT - if (pktattr != NULL) - cl->pktattr_ = pktattr; /* save proto hdr used by ECN */ - else -#endif - cl->pktattr_ = NULL; + cl->pktattr_ = NULL; len = m_pktlen(m); if (rmc_queue_packet(cl, m) != 0) { /* drop occurred. some mbuf was freed in rmc_queue_packet. */ @@ -606,564 +561,5 @@ static void cbq_purge(cbq_state_t *cbqp) if (ALTQ_IS_ENABLED(cbqp->ifnp.ifq_)) cbqp->ifnp.ifq_->ifq_len = 0; } -#ifdef ALTQ3_COMPAT - -static int -cbq_add_class(acp) - struct cbq_add_class *acp; -{ - char *ifacename; - struct rm_class *borrow, *parent; - cbq_state_t *cbqp; - - ifacename = acp->cbq_iface.cbq_ifacename; - if ((cbqp = altq_lookup(ifacename, ALTQT_CBQ)) == NULL) - return (EBADF); - - /* check parameters */ - if (acp->cbq_class.priority >= CBQ_MAXPRI || - acp->cbq_class.maxq > CBQ_MAXQSIZE) - return (EINVAL); - - /* Get pointers to parent and borrow classes. */ - parent = clh_to_clp(cbqp, acp->cbq_class.parent_class_handle); - borrow = clh_to_clp(cbqp, acp->cbq_class.borrow_class_handle); - - /* - * A class must borrow from it's parent or it can not - * borrow at all. Hence, borrow can be null. - */ - if (parent == NULL && (acp->cbq_class.flags & CBQCLF_ROOTCLASS) == 0) { - printf("cbq_add_class: no parent class!\n"); - return (EINVAL); - } - - if ((borrow != parent) && (borrow != NULL)) { - printf("cbq_add_class: borrow class != parent\n"); - return (EINVAL); - } - - return cbq_class_create(cbqp, acp, parent, borrow); -} - -static int -cbq_delete_class(dcp) - struct cbq_delete_class *dcp; -{ - char *ifacename; - struct rm_class *cl; - cbq_state_t *cbqp; - - ifacename = dcp->cbq_iface.cbq_ifacename; - if ((cbqp = altq_lookup(ifacename, ALTQT_CBQ)) == NULL) - return (EBADF); - - if ((cl = clh_to_clp(cbqp, dcp->cbq_class_handle)) == NULL) - return (EINVAL); - - /* if we are a parent class, then return an error. */ - if (is_a_parent_class(cl)) - return (EINVAL); - - /* if a filter has a reference to this class delete the filter */ - acc_discard_filters(&cbqp->cbq_classifier, cl, 0); - - return cbq_class_destroy(cbqp, cl); -} - -static int -cbq_modify_class(acp) - struct cbq_modify_class *acp; -{ - char *ifacename; - struct rm_class *cl; - cbq_state_t *cbqp; - - ifacename = acp->cbq_iface.cbq_ifacename; - if ((cbqp = altq_lookup(ifacename, ALTQT_CBQ)) == NULL) - return (EBADF); - - /* Get pointer to this class */ - if ((cl = clh_to_clp(cbqp, acp->cbq_class_handle)) == NULL) - return (EINVAL); - - if (rmc_modclass(cl, acp->cbq_class.nano_sec_per_byte, - acp->cbq_class.maxq, acp->cbq_class.maxidle, - acp->cbq_class.minidle, acp->cbq_class.offtime, - acp->cbq_class.pktsize) < 0) - return (EINVAL); - return (0); -} - -/* - * struct rm_class * - * cbq_class_create(cbq_mod_state_t *cbqp, struct cbq_add_class *acp, - * struct rm_class *parent, struct rm_class *borrow) - * - * This function create a new traffic class in the CBQ class hierarchy of - * given parameters. The class that created is either the root, default, - * or a new dynamic class. If CBQ is not initilaized, the root class - * will be created. - */ -static int -cbq_class_create(cbqp, acp, parent, borrow) - cbq_state_t *cbqp; - struct cbq_add_class *acp; - struct rm_class *parent, *borrow; -{ - struct rm_class *cl; - cbq_class_spec_t *spec = &acp->cbq_class; - u_int32_t chandle; - int i; - - /* - * allocate class handle - */ - for (i = 1; i < CBQ_MAX_CLASSES; i++) - if (cbqp->cbq_class_tbl[i] == NULL) - break; - if (i == CBQ_MAX_CLASSES) - return (EINVAL); - chandle = i; /* use the slot number as class handle */ - - /* - * create a class. if this is a root class, initialize the - * interface. - */ - if ((spec->flags & CBQCLF_CLASSMASK) == CBQCLF_ROOTCLASS) { - rmc_init(cbqp->ifnp.ifq_, &cbqp->ifnp, spec->nano_sec_per_byte, - cbqrestart, spec->maxq, RM_MAXQUEUED, - spec->maxidle, spec->minidle, spec->offtime, - spec->flags); - cl = cbqp->ifnp.root_; - } else { - cl = rmc_newclass(spec->priority, - &cbqp->ifnp, spec->nano_sec_per_byte, - rmc_delay_action, spec->maxq, parent, borrow, - spec->maxidle, spec->minidle, spec->offtime, - spec->pktsize, spec->flags); - } - if (cl == NULL) - return (ENOMEM); - - /* return handle to user space. */ - acp->cbq_class_handle = chandle; - - cl->stats_.handle = chandle; - cl->stats_.depth = cl->depth_; - - /* save the allocated class */ - cbqp->cbq_class_tbl[i] = cl; - - if ((spec->flags & CBQCLF_CLASSMASK) == CBQCLF_DEFCLASS) - cbqp->ifnp.default_ = cl; - if ((spec->flags & CBQCLF_CLASSMASK) == CBQCLF_CTLCLASS) - cbqp->ifnp.ctl_ = cl; - - return (0); -} - -static int -cbq_add_filter(afp) - struct cbq_add_filter *afp; -{ - char *ifacename; - cbq_state_t *cbqp; - struct rm_class *cl; - - ifacename = afp->cbq_iface.cbq_ifacename; - if ((cbqp = altq_lookup(ifacename, ALTQT_CBQ)) == NULL) - return (EBADF); - - /* Get the pointer to class. */ - if ((cl = clh_to_clp(cbqp, afp->cbq_class_handle)) == NULL) - return (EINVAL); - - return acc_add_filter(&cbqp->cbq_classifier, &afp->cbq_filter, - cl, &afp->cbq_filter_handle); -} - -static int -cbq_delete_filter(dfp) - struct cbq_delete_filter *dfp; -{ - char *ifacename; - cbq_state_t *cbqp; - - ifacename = dfp->cbq_iface.cbq_ifacename; - if ((cbqp = altq_lookup(ifacename, ALTQT_CBQ)) == NULL) - return (EBADF); - - return acc_delete_filter(&cbqp->cbq_classifier, - dfp->cbq_filter_handle); -} - -/* - * cbq_clear_hierarchy deletes all classes and their filters on the - * given interface. - */ -static int -cbq_clear_hierarchy(ifacep) - struct cbq_interface *ifacep; -{ - char *ifacename; - cbq_state_t *cbqp; - - ifacename = ifacep->cbq_ifacename; - if ((cbqp = altq_lookup(ifacename, ALTQT_CBQ)) == NULL) - return (EBADF); - - return cbq_clear_interface(cbqp); -} - -/* - * static int - * cbq_set_enable(struct cbq_enable *ep) - this function processed the - * ioctl request to enable class based queueing. It searches the list - * of interfaces for the specified interface and then enables CBQ on - * that interface. - * - * Returns: 0, for no error. - * EBADF, for specified inteface not found. - */ - -static int -cbq_set_enable(ep, enable) - struct cbq_interface *ep; - int enable; -{ - int error = 0; - cbq_state_t *cbqp; - char *ifacename; - - ifacename = ep->cbq_ifacename; - if ((cbqp = altq_lookup(ifacename, ALTQT_CBQ)) == NULL) - return (EBADF); - - switch (enable) { - case ENABLE: - if (cbqp->ifnp.root_ == NULL || cbqp->ifnp.default_ == NULL || - cbqp->ifnp.ctl_ == NULL) { - if (cbqp->ifnp.root_ == NULL) - printf("No Root Class for %s\n", ifacename); - if (cbqp->ifnp.default_ == NULL) - printf("No Default Class for %s\n", ifacename); - if (cbqp->ifnp.ctl_ == NULL) - printf("No Control Class for %s\n", ifacename); - error = EINVAL; - } else if ((error = altq_enable(cbqp->ifnp.ifq_)) == 0) { - cbqp->cbq_qlen = 0; - } - break; - - case DISABLE: - error = altq_disable(cbqp->ifnp.ifq_); - break; - } - return (error); -} - -static int -cbq_getstats(gsp) - struct cbq_getstats *gsp; -{ - char *ifacename; - int i, n, nclasses; - cbq_state_t *cbqp; - struct rm_class *cl; - class_stats_t stats, *usp; - int error = 0; - - ifacename = gsp->iface.cbq_ifacename; - nclasses = gsp->nclasses; - usp = gsp->stats; - - if ((cbqp = altq_lookup(ifacename, ALTQT_CBQ)) == NULL) - return (EBADF); - if (nclasses <= 0) - return (EINVAL); - - for (n = 0, i = 0; n < nclasses && i < CBQ_MAX_CLASSES; n++, i++) { - while ((cl = cbqp->cbq_class_tbl[i]) == NULL) - if (++i >= CBQ_MAX_CLASSES) - goto out; - - get_class_stats(&stats, cl); - stats.handle = cl->stats_.handle; - - if ((error = copyout((caddr_t)&stats, (caddr_t)usp++, - sizeof(stats))) != 0) - return (error); - } - - out: - gsp->nclasses = n; - return (error); -} - -static int -cbq_ifattach(ifacep) - struct cbq_interface *ifacep; -{ - int error = 0; - char *ifacename; - cbq_state_t *new_cbqp; - struct ifnet *ifp; - - ifacename = ifacep->cbq_ifacename; - if ((ifp = ifunit(ifacename)) == NULL) - return (ENXIO); - if (!ALTQ_IS_READY(&ifp->if_snd)) - return (ENXIO); - - /* allocate and initialize cbq_state_t */ - new_cbqp = malloc(sizeof(cbq_state_t), M_DEVBUF, M_WAITOK); - if (new_cbqp == NULL) - return (ENOMEM); - bzero(new_cbqp, sizeof(cbq_state_t)); - CALLOUT_INIT(&new_cbqp->cbq_callout); - - new_cbqp->cbq_qlen = 0; - new_cbqp->ifnp.ifq_ = &ifp->if_snd; /* keep the ifq */ - - /* - * set CBQ to this ifnet structure. - */ - error = altq_attach(&ifp->if_snd, ALTQT_CBQ, new_cbqp, - cbq_enqueue, cbq_dequeue, cbq_request, - &new_cbqp->cbq_classifier, acc_classify); - if (error) { - free(new_cbqp, M_DEVBUF); - return (error); - } - - /* prepend to the list of cbq_state_t's. */ - new_cbqp->cbq_next = cbq_list; - cbq_list = new_cbqp; - - return (0); -} - -static int -cbq_ifdetach(ifacep) - struct cbq_interface *ifacep; -{ - char *ifacename; - cbq_state_t *cbqp; - - ifacename = ifacep->cbq_ifacename; - if ((cbqp = altq_lookup(ifacename, ALTQT_CBQ)) == NULL) - return (EBADF); - - (void)cbq_set_enable(ifacep, DISABLE); - - cbq_clear_interface(cbqp); - - /* remove CBQ from the ifnet structure. */ - (void)altq_detach(cbqp->ifnp.ifq_); - - /* remove from the list of cbq_state_t's. */ - if (cbq_list == cbqp) - cbq_list = cbqp->cbq_next; - else { - cbq_state_t *cp; - - for (cp = cbq_list; cp != NULL; cp = cp->cbq_next) - if (cp->cbq_next == cbqp) { - cp->cbq_next = cbqp->cbq_next; - break; - } - ASSERT(cp != NULL); - } - - /* deallocate cbq_state_t */ - free(cbqp, M_DEVBUF); - - return (0); -} - -/* - * cbq device interface - */ - -altqdev_decl(cbq); - -int -cbqopen(dev, flag, fmt, p) - dev_t dev; - int flag, fmt; -#if (__FreeBSD_version > 500000) - struct thread *p; -#else - struct proc *p; -#endif -{ - return (0); -} - -int -cbqclose(dev, flag, fmt, p) - dev_t dev; - int flag, fmt; -#if (__FreeBSD_version > 500000) - struct thread *p; -#else - struct proc *p; -#endif -{ - struct ifnet *ifp; - struct cbq_interface iface; - int err, error = 0; - - while (cbq_list) { - ifp = cbq_list->ifnp.ifq_->altq_ifp; - sprintf(iface.cbq_ifacename, "%s", ifp->if_xname); - err = cbq_ifdetach(&iface); - if (err != 0 && error == 0) - error = err; - } - - return (error); -} - -int -cbqioctl(dev, cmd, addr, flag, p) - dev_t dev; - ioctlcmd_t cmd; - caddr_t addr; - int flag; -#if (__FreeBSD_version > 500000) - struct thread *p; -#else - struct proc *p; -#endif -{ - int error = 0; - - /* check cmd for superuser only */ - switch (cmd) { - case CBQ_GETSTATS: - /* currently only command that an ordinary user can call */ - break; - default: -#if (__FreeBSD_version > 700000) - error = priv_check(p, PRIV_ALTQ_MANAGE); -#elsif (__FreeBSD_version > 400000) - error = suser(p); -#else - error = suser(p->p_ucred, &p->p_acflag); -#endif - if (error) - return (error); - break; - } - - switch (cmd) { - - case CBQ_ENABLE: - error = cbq_set_enable((struct cbq_interface *)addr, ENABLE); - break; - - case CBQ_DISABLE: - error = cbq_set_enable((struct cbq_interface *)addr, DISABLE); - break; - - case CBQ_ADD_FILTER: - error = cbq_add_filter((struct cbq_add_filter *)addr); - break; - - case CBQ_DEL_FILTER: - error = cbq_delete_filter((struct cbq_delete_filter *)addr); - break; - - case CBQ_ADD_CLASS: - error = cbq_add_class((struct cbq_add_class *)addr); - break; - - case CBQ_DEL_CLASS: - error = cbq_delete_class((struct cbq_delete_class *)addr); - break; - - case CBQ_MODIFY_CLASS: - error = cbq_modify_class((struct cbq_modify_class *)addr); - break; - - case CBQ_CLEAR_HIERARCHY: - error = cbq_clear_hierarchy((struct cbq_interface *)addr); - break; - - case CBQ_IF_ATTACH: - error = cbq_ifattach((struct cbq_interface *)addr); - break; - - case CBQ_IF_DETACH: - error = cbq_ifdetach((struct cbq_interface *)addr); - break; - - case CBQ_GETSTATS: - error = cbq_getstats((struct cbq_getstats *)addr); - break; - - default: - error = EINVAL; - break; - } - - return error; -} - -#if 0 -/* for debug */ -static void cbq_class_dump(int); - -static void cbq_class_dump(i) - int i; -{ - struct rm_class *cl; - rm_class_stats_t *s; - struct _class_queue_ *q; - - if (cbq_list == NULL) { - printf("cbq_class_dump: no cbq_state found\n"); - return; - } - cl = cbq_list->cbq_class_tbl[i]; - - printf("class %d cl=%p\n", i, cl); - if (cl != NULL) { - s = &cl->stats_; - q = cl->q_; - - printf("pri=%d, depth=%d, maxrate=%d, allotment=%d\n", - cl->pri_, cl->depth_, cl->maxrate_, cl->allotment_); - printf("w_allotment=%d, bytes_alloc=%d, avgidle=%d, maxidle=%d\n", - cl->w_allotment_, cl->bytes_alloc_, cl->avgidle_, - cl->maxidle_); - printf("minidle=%d, offtime=%d, sleeping=%d, leaf=%d\n", - cl->minidle_, cl->offtime_, cl->sleeping_, cl->leaf_); - printf("handle=%d, depth=%d, packets=%d, bytes=%d\n", - s->handle, s->depth, - (int)s->xmit_cnt.packets, (int)s->xmit_cnt.bytes); - printf("over=%d\n, borrows=%d, drops=%d, overactions=%d, delays=%d\n", - s->over, s->borrows, (int)s->drop_cnt.packets, - s->overactions, s->delays); - printf("tail=%p, head=%p, qlen=%d, qlim=%d, qthresh=%d,qtype=%d\n", - q->tail_, q->head_, q->qlen_, q->qlim_, - q->qthresh_, q->qtype_); - } -} -#endif /* 0 */ - -#ifdef KLD_MODULE - -static struct altqsw cbq_sw = - {"cbq", cbqopen, cbqclose, cbqioctl}; - -ALTQ_MODULE(altq_cbq, ALTQT_CBQ, &cbq_sw); -MODULE_DEPEND(altq_cbq, altq_red, 1, 1, 1); -MODULE_DEPEND(altq_cbq, altq_rio, 1, 1, 1); - -#endif /* KLD_MODULE */ -#endif /* ALTQ3_COMPAT */ #endif /* ALTQ_CBQ */ diff --git a/sys/net/altq/altq_cbq.h b/sys/net/altq/altq_cbq.h index 64c75fe95a5f..70974715ac67 100644 --- a/sys/net/altq/altq_cbq.h +++ b/sys/net/altq/altq_cbq.h @@ -71,9 +71,6 @@ CTASSERT(CBQCLF_CODEL == RMCF_CODEL); /* class flags for special classes */ #define CBQCLF_ROOTCLASS 0x1000 /* root class */ #define CBQCLF_DEFCLASS 0x2000 /* default class */ -#ifdef ALTQ3_COMPAT -#define CBQCLF_CTLCLASS 0x4000 /* control class */ -#endif #define CBQCLF_CLASSMASK 0xf000 /* class mask */ #define CBQ_MAXQSIZE 200 @@ -114,88 +111,6 @@ typedef struct _cbq_class_stats_ { * header. */ -#ifdef ALTQ3_COMPAT -/* - * Define structures associated with IOCTLS for cbq. - */ - -/* - * Define the CBQ interface structure. This must be included in all - * IOCTL's such that the CBQ driver may find the appropriate CBQ module - * associated with the network interface to be affected. - */ -struct cbq_interface { - char cbq_ifacename[IFNAMSIZ]; -}; - -typedef struct cbq_class_spec { - u_int priority; - u_int nano_sec_per_byte; - u_int maxq; - u_int maxidle; - int minidle; - u_int offtime; - u_int32_t parent_class_handle; - u_int32_t borrow_class_handle; - - u_int pktsize; - int flags; -} cbq_class_spec_t; - -struct cbq_add_class { - struct cbq_interface cbq_iface; - - cbq_class_spec_t cbq_class; - u_int32_t cbq_class_handle; -}; - -struct cbq_delete_class { - struct cbq_interface cbq_iface; - u_int32_t cbq_class_handle; -}; - -struct cbq_modify_class { - struct cbq_interface cbq_iface; - - cbq_class_spec_t cbq_class; - u_int32_t cbq_class_handle; -}; - -struct cbq_add_filter { - struct cbq_interface cbq_iface; - u_int32_t cbq_class_handle; - struct flow_filter cbq_filter; - - u_long cbq_filter_handle; -}; - -struct cbq_delete_filter { - struct cbq_interface cbq_iface; - u_long cbq_filter_handle; -}; - -/* number of classes are returned in nclasses field */ -struct cbq_getstats { - struct cbq_interface iface; - int nclasses; - class_stats_t *stats; -}; - -/* - * Define IOCTLs for CBQ. - */ -#define CBQ_IF_ATTACH _IOW('Q', 1, struct cbq_interface) -#define CBQ_IF_DETACH _IOW('Q', 2, struct cbq_interface) -#define CBQ_ENABLE _IOW('Q', 3, struct cbq_interface) -#define CBQ_DISABLE _IOW('Q', 4, struct cbq_interface) -#define CBQ_CLEAR_HIERARCHY _IOW('Q', 5, struct cbq_interface) -#define CBQ_ADD_CLASS _IOWR('Q', 7, struct cbq_add_class) -#define CBQ_DEL_CLASS _IOW('Q', 8, struct cbq_delete_class) -#define CBQ_MODIFY_CLASS _IOWR('Q', 9, struct cbq_modify_class) -#define CBQ_ADD_FILTER _IOWR('Q', 10, struct cbq_add_filter) -#define CBQ_DEL_FILTER _IOW('Q', 11, struct cbq_delete_filter) -#define CBQ_GETSTATS _IOWR('Q', 12, struct cbq_getstats) -#endif /* ALTQ3_COMPAT */ #ifdef _KERNEL /* @@ -207,20 +122,11 @@ struct cbq_getstats { #define CBQ_MAX_CLASSES 256 -#ifdef ALTQ3_COMPAT -#define CBQ_MAX_FILTERS 256 - -#define DISABLE 0x00 -#define ENABLE 0x01 -#endif /* ALTQ3_COMPAT */ /* * Define State structures. */ typedef struct cbqstate { -#ifdef ALTQ3_COMPAT - struct cbqstate *cbq_next; -#endif int cbq_qlen; /* # of packets in cbq */ struct rm_class *cbq_class_tbl[CBQ_MAX_CLASSES]; diff --git a/sys/net/altq/altq_cdnr.c b/sys/net/altq/altq_cdnr.c deleted file mode 100644 index ff531dc6162a..000000000000 --- a/sys/net/altq/altq_cdnr.c +++ /dev/null @@ -1,1382 +0,0 @@ -/*- - * Copyright (C) 1999-2002 - * Sony Computer Science Laboratories Inc. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY SONY CSL AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL SONY CSL OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * $KAME: altq_cdnr.c,v 1.15 2005/04/13 03:44:24 suz Exp $ - * $FreeBSD$ - */ - -#include "opt_altq.h" -#include "opt_inet.h" -#include "opt_inet6.h" - -#include <sys/param.h> -#include <sys/malloc.h> -#include <sys/mbuf.h> -#include <sys/socket.h> -#include <sys/sockio.h> -#include <sys/systm.h> -#include <sys/proc.h> -#include <sys/errno.h> -#include <sys/kernel.h> -#include <sys/queue.h> - -#include <net/if.h> -#include <net/if_types.h> -#include <netinet/in.h> -#include <netinet/in_systm.h> -#include <netinet/ip.h> -#ifdef INET6 -#include <netinet/ip6.h> -#endif - -#include <net/altq/if_altq.h> -#include <net/altq/altq.h> -#ifdef ALTQ3_COMPAT -#include <net/altq/altq_conf.h> -#endif -#include <net/altq/altq_cdnr.h> - -#ifdef ALTQ3_COMPAT -/* - * diffserv traffic conditioning module - */ - -int altq_cdnr_enabled = 0; - -/* traffic conditioner is enabled by ALTQ_CDNR option in opt_altq.h */ -#ifdef ALTQ_CDNR - -/* cdnr_list keeps all cdnr's allocated. */ -static LIST_HEAD(, top_cdnr) tcb_list; - -static int altq_cdnr_input(struct mbuf *, int); -static struct top_cdnr *tcb_lookup(char *ifname); -static struct cdnr_block *cdnr_handle2cb(u_long); -static u_long cdnr_cb2handle(struct cdnr_block *); -static void *cdnr_cballoc(struct top_cdnr *, int, - struct tc_action *(*)(struct cdnr_block *, struct cdnr_pktinfo *)); -static void cdnr_cbdestroy(void *); -static int tca_verify_action(struct tc_action *); -static void tca_import_action(struct tc_action *, struct tc_action *); -static void tca_invalidate_action(struct tc_action *); - -static int generic_element_destroy(struct cdnr_block *); -static struct top_cdnr *top_create(struct ifaltq *); -static int top_destroy(struct top_cdnr *); -static struct cdnr_block *element_create(struct top_cdnr *, struct tc_action *); -static int element_destroy(struct cdnr_block *); -static void tb_import_profile(struct tbe *, struct tb_profile *); -static struct tbmeter *tbm_create(struct top_cdnr *, struct tb_profile *, - struct tc_action *, struct tc_action *); -static int tbm_destroy(struct tbmeter *); -static struct tc_action *tbm_input(struct cdnr_block *, struct cdnr_pktinfo *); -static struct trtcm *trtcm_create(struct top_cdnr *, - struct tb_profile *, struct tb_profile *, - struct tc_action *, struct tc_action *, struct tc_action *, - int); -static int trtcm_destroy(struct trtcm *); -static struct tc_action *trtcm_input(struct cdnr_block *, struct cdnr_pktinfo *); -static struct tswtcm *tswtcm_create(struct top_cdnr *, - u_int32_t, u_int32_t, u_int32_t, - struct tc_action *, struct tc_action *, struct tc_action *); -static int tswtcm_destroy(struct tswtcm *); -static struct tc_action *tswtcm_input(struct cdnr_block *, struct cdnr_pktinfo *); - -static int cdnrcmd_if_attach(char *); -static int cdnrcmd_if_detach(char *); -static int cdnrcmd_add_element(struct cdnr_add_element *); -static int cdnrcmd_delete_element(struct cdnr_delete_element *); -static int cdnrcmd_add_filter(struct cdnr_add_filter *); -static int cdnrcmd_delete_filter(struct cdnr_delete_filter *); -static int cdnrcmd_add_tbm(struct cdnr_add_tbmeter *); -static int cdnrcmd_modify_tbm(struct cdnr_modify_tbmeter *); -static int cdnrcmd_tbm_stats(struct cdnr_tbmeter_stats *); -static int cdnrcmd_add_trtcm(struct cdnr_add_trtcm *); -static int cdnrcmd_modify_trtcm(struct cdnr_modify_trtcm *); -static int cdnrcmd_tcm_stats(struct cdnr_tcm_stats *); -static int cdnrcmd_add_tswtcm(struct cdnr_add_tswtcm *); -static int cdnrcmd_modify_tswtcm(struct cdnr_modify_tswtcm *); -static int cdnrcmd_get_stats(struct cdnr_get_stats *); - -altqdev_decl(cdnr); - -/* - * top level input function called from ip_input. - * should be called before converting header fields to host-byte-order. - */ -int -altq_cdnr_input(m, af) - struct mbuf *m; - int af; /* address family */ -{ - struct ifnet *ifp; - struct ip *ip; - struct top_cdnr *top; - struct tc_action *tca; - struct cdnr_block *cb; - struct cdnr_pktinfo pktinfo; - - ifp = m->m_pkthdr.rcvif; - if (!ALTQ_IS_CNDTNING(&ifp->if_snd)) - /* traffic conditioner is not enabled on this interface */ - return (1); - - top = ifp->if_snd.altq_cdnr; - - ip = mtod(m, struct ip *); -#ifdef INET6 - if (af == AF_INET6) { - u_int32_t flowlabel; - - flowlabel = ((struct ip6_hdr *)ip)->ip6_flow; - pktinfo.pkt_dscp = (ntohl(flowlabel) >> 20) & DSCP_MASK; - } else -#endif - pktinfo.pkt_dscp = ip->ip_tos & DSCP_MASK; - pktinfo.pkt_len = m_pktlen(m); - - tca = NULL; - - cb = acc_classify(&top->tc_classifier, m, af); - if (cb != NULL) - tca = &cb->cb_action; - - if (tca == NULL) - tca = &top->tc_block.cb_action; - - while (1) { - PKTCNTR_ADD(&top->tc_cnts[tca->tca_code], pktinfo.pkt_len); - - switch (tca->tca_code) { - case TCACODE_PASS: - return (1); - case TCACODE_DROP: - m_freem(m); - return (0); - case TCACODE_RETURN: - return (0); - case TCACODE_MARK: -#ifdef INET6 - if (af == AF_INET6) { - struct ip6_hdr *ip6 = (struct ip6_hdr *)ip; - u_int32_t flowlabel; - - flowlabel = ntohl(ip6->ip6_flow); - flowlabel = (tca->tca_dscp << 20) | - (flowlabel & ~(DSCP_MASK << 20)); - ip6->ip6_flow = htonl(flowlabel); - } else -#endif - ip->ip_tos = tca->tca_dscp | - (ip->ip_tos & DSCP_CUMASK); - return (1); - case TCACODE_NEXT: - cb = tca->tca_next; - tca = (*cb->cb_input)(cb, &pktinfo); - break; - case TCACODE_NONE: - default: - return (1); - } - } -} - -static struct top_cdnr * -tcb_lookup(ifname) - char *ifname; -{ - struct top_cdnr *top; - struct ifnet *ifp; - - if ((ifp = ifunit(ifname)) != NULL) - LIST_FOREACH(top, &tcb_list, tc_next) - if (top->tc_ifq->altq_ifp == ifp) - return (top); - return (NULL); -} - -static struct cdnr_block * -cdnr_handle2cb(handle) - u_long handle; -{ - struct cdnr_block *cb; - - cb = (struct cdnr_block *)handle; - if (handle != ALIGN(cb)) - return (NULL); - - if (cb == NULL || cb->cb_handle != handle) - return (NULL); - return (cb); -} - -static u_long -cdnr_cb2handle(cb) - struct cdnr_block *cb; -{ - return (cb->cb_handle); -} - -static void * -cdnr_cballoc(top, type, input_func) - struct top_cdnr *top; - int type; - struct tc_action *(*input_func)(struct cdnr_block *, - struct cdnr_pktinfo *); -{ - struct cdnr_block *cb; - int size; - - switch (type) { - case TCETYPE_TOP: - size = sizeof(struct top_cdnr); - break; - case TCETYPE_ELEMENT: - size = sizeof(struct cdnr_block); - break; - case TCETYPE_TBMETER: - size = sizeof(struct tbmeter); - break; - case TCETYPE_TRTCM: - size = sizeof(struct trtcm); - break; - case TCETYPE_TSWTCM: - size = sizeof(struct tswtcm); - break; - default: - return (NULL); - } - - cb = malloc(size, M_DEVBUF, M_WAITOK); - if (cb == NULL) - return (NULL); - bzero(cb, size); - - cb->cb_len = size; - cb->cb_type = type; - cb->cb_ref = 0; - cb->cb_handle = (u_long)cb; - if (top == NULL) - cb->cb_top = (struct top_cdnr *)cb; - else - cb->cb_top = top; - - if (input_func != NULL) { - /* - * if this cdnr has an action function, - * make tc_action to call itself. - */ - cb->cb_action.tca_code = TCACODE_NEXT; - cb->cb_action.tca_next = cb; - cb->cb_input = input_func; - } else - cb->cb_action.tca_code = TCACODE_NONE; - - /* if this isn't top, register the element to the top level cdnr */ - if (top != NULL) - LIST_INSERT_HEAD(&top->tc_elements, cb, cb_next); - - return ((void *)cb); -} - -static void -cdnr_cbdestroy(cblock) - void *cblock; -{ - struct cdnr_block *cb = cblock; - - /* delete filters belonging to this cdnr */ - acc_discard_filters(&cb->cb_top->tc_classifier, cb, 0); - - /* remove from the top level cdnr */ - if (cb->cb_top != cblock) - LIST_REMOVE(cb, cb_next); - - free(cb, M_DEVBUF); -} - -/* - * conditioner common destroy routine - */ -static int -generic_element_destroy(cb) - struct cdnr_block *cb; -{ - int error = 0; - - switch (cb->cb_type) { - case TCETYPE_TOP: - error = top_destroy((struct top_cdnr *)cb); - break; - case TCETYPE_ELEMENT: - error = element_destroy(cb); - break; - case TCETYPE_TBMETER: - error = tbm_destroy((struct tbmeter *)cb); - break; - case TCETYPE_TRTCM: - error = trtcm_destroy((struct trtcm *)cb); - break; - case TCETYPE_TSWTCM: - error = tswtcm_destroy((struct tswtcm *)cb); - break; - default: - error = EINVAL; - } - return (error); -} - -static int -tca_verify_action(utca) - struct tc_action *utca; -{ - switch (utca->tca_code) { - case TCACODE_PASS: - case TCACODE_DROP: - case TCACODE_MARK: - /* these are ok */ - break; - - case TCACODE_HANDLE: - /* verify handle value */ - if (cdnr_handle2cb(utca->tca_handle) == NULL) - return (-1); - break; - - case TCACODE_NONE: - case TCACODE_RETURN: - case TCACODE_NEXT: - default: - /* should not be passed from a user */ - return (-1); - } - return (0); -} - -static void -tca_import_action(ktca, utca) - struct tc_action *ktca, *utca; -{ - struct cdnr_block *cb; - - *ktca = *utca; - if (ktca->tca_code == TCACODE_HANDLE) { - cb = cdnr_handle2cb(ktca->tca_handle); - if (cb == NULL) { - ktca->tca_code = TCACODE_NONE; - return; - } - ktca->tca_code = TCACODE_NEXT; - ktca->tca_next = cb; - cb->cb_ref++; - } else if (ktca->tca_code == TCACODE_MARK) { - ktca->tca_dscp &= DSCP_MASK; - } - return; -} - -static void -tca_invalidate_action(tca) - struct tc_action *tca; -{ - struct cdnr_block *cb; - - if (tca->tca_code == TCACODE_NEXT) { - cb = tca->tca_next; - if (cb == NULL) - return; - cb->cb_ref--; - } - tca->tca_code = TCACODE_NONE; -} - -/* - * top level traffic conditioner - */ -static struct top_cdnr * -top_create(ifq) - struct ifaltq *ifq; -{ - struct top_cdnr *top; - - if ((top = cdnr_cballoc(NULL, TCETYPE_TOP, NULL)) == NULL) - return (NULL); - - top->tc_ifq = ifq; - /* set default action for the top level conditioner */ - top->tc_block.cb_action.tca_code = TCACODE_PASS; - - LIST_INSERT_HEAD(&tcb_list, top, tc_next); - - ifq->altq_cdnr = top; - - return (top); -} - -static int -top_destroy(top) - struct top_cdnr *top; -{ - struct cdnr_block *cb; - - if (ALTQ_IS_CNDTNING(top->tc_ifq)) - ALTQ_CLEAR_CNDTNING(top->tc_ifq); - top->tc_ifq->altq_cdnr = NULL; - - /* - * destroy all the conditioner elements belonging to this interface - */ - while ((cb = LIST_FIRST(&top->tc_elements)) != NULL) { - while (cb != NULL && cb->cb_ref > 0) - cb = LIST_NEXT(cb, cb_next); - if (cb != NULL) - generic_element_destroy(cb); - } - - LIST_REMOVE(top, tc_next); - - cdnr_cbdestroy(top); - - /* if there is no active conditioner, remove the input hook */ - if (altq_input != NULL) { - LIST_FOREACH(top, &tcb_list, tc_next) - if (ALTQ_IS_CNDTNING(top->tc_ifq)) - break; - if (top == NULL) - altq_input = NULL; - } - - return (0); -} - -/* - * simple tc elements without input function (e.g., dropper and makers). - */ -static struct cdnr_block * -element_create(top, action) - struct top_cdnr *top; - struct tc_action *action; -{ - struct cdnr_block *cb; - - if (tca_verify_action(action) < 0) - return (NULL); - - if ((cb = cdnr_cballoc(top, TCETYPE_ELEMENT, NULL)) == NULL) - return (NULL); - - tca_import_action(&cb->cb_action, action); - - return (cb); -} - -static int -element_destroy(cb) - struct cdnr_block *cb; -{ - if (cb->cb_ref > 0) - return (EBUSY); - - tca_invalidate_action(&cb->cb_action); - - cdnr_cbdestroy(cb); - return (0); -} - -/* - * internal representation of token bucket parameters - * rate: byte_per_unittime << 32 - * (((bits_per_sec) / 8) << 32) / machclk_freq - * depth: byte << 32 - * - */ -#define TB_SHIFT 32 -#define TB_SCALE(x) ((u_int64_t)(x) << TB_SHIFT) -#define TB_UNSCALE(x) ((x) >> TB_SHIFT) - -static void -tb_import_profile(tb, profile) - struct tbe *tb; - struct tb_profile *profile; -{ - tb->rate = TB_SCALE(profile->rate / 8) / machclk_freq; - tb->depth = TB_SCALE(profile->depth); - if (tb->rate > 0) - tb->filluptime = tb->depth / tb->rate; - else - tb->filluptime = 0xffffffffffffffffLL; - tb->token = tb->depth; - tb->last = read_machclk(); -} - -/* - * simple token bucket meter - */ -static struct tbmeter * -tbm_create(top, profile, in_action, out_action) - struct top_cdnr *top; - struct tb_profile *profile; - struct tc_action *in_action, *out_action; -{ - struct tbmeter *tbm = NULL; - - if (tca_verify_action(in_action) < 0 - || tca_verify_action(out_action) < 0) - return (NULL); - - if ((tbm = cdnr_cballoc(top, TCETYPE_TBMETER, - tbm_input)) == NULL) - return (NULL); - - tb_import_profile(&tbm->tb, profile); - - tca_import_action(&tbm->in_action, in_action); - tca_import_action(&tbm->out_action, out_action); - - return (tbm); -} - -static int -tbm_destroy(tbm) - struct tbmeter *tbm; -{ - if (tbm->cdnrblk.cb_ref > 0) - return (EBUSY); - - tca_invalidate_action(&tbm->in_action); - tca_invalidate_action(&tbm->out_action); - - cdnr_cbdestroy(tbm); - return (0); -} - -static struct tc_action * -tbm_input(cb, pktinfo) - struct cdnr_block *cb; - struct cdnr_pktinfo *pktinfo; -{ - struct tbmeter *tbm = (struct tbmeter *)cb; - u_int64_t len; - u_int64_t interval, now; - - len = TB_SCALE(pktinfo->pkt_len); - - if (tbm->tb.token < len) { - now = read_machclk(); - interval = now - tbm->tb.last; - if (interval >= tbm->tb.filluptime) - tbm->tb.token = tbm->tb.depth; - else { - tbm->tb.token += interval * tbm->tb.rate; - if (tbm->tb.token > tbm->tb.depth) - tbm->tb.token = tbm->tb.depth; - } - tbm->tb.last = now; - } - - if (tbm->tb.token < len) { - PKTCNTR_ADD(&tbm->out_cnt, pktinfo->pkt_len); - return (&tbm->out_action); - } - - tbm->tb.token -= len; - PKTCNTR_ADD(&tbm->in_cnt, pktinfo->pkt_len); - return (&tbm->in_action); -} - -/* - * two rate three color marker - * as described in draft-heinanen-diffserv-trtcm-01.txt - */ -static struct trtcm * -trtcm_create(top, cmtd_profile, peak_profile, - green_action, yellow_action, red_action, coloraware) - struct top_cdnr *top; - struct tb_profile *cmtd_profile, *peak_profile; - struct tc_action *green_action, *yellow_action, *red_action; - int coloraware; -{ - struct trtcm *tcm = NULL; - - if (tca_verify_action(green_action) < 0 - || tca_verify_action(yellow_action) < 0 - || tca_verify_action(red_action) < 0) - return (NULL); - - if ((tcm = cdnr_cballoc(top, TCETYPE_TRTCM, - trtcm_input)) == NULL) - return (NULL); - - tb_import_profile(&tcm->cmtd_tb, cmtd_profile); - tb_import_profile(&tcm->peak_tb, peak_profile); - - tca_import_action(&tcm->green_action, green_action); - tca_import_action(&tcm->yellow_action, yellow_action); - tca_import_action(&tcm->red_action, red_action); - - /* set dscps to use */ - if (tcm->green_action.tca_code == TCACODE_MARK) - tcm->green_dscp = tcm->green_action.tca_dscp & DSCP_MASK; - else - tcm->green_dscp = DSCP_AF11; - if (tcm->yellow_action.tca_code == TCACODE_MARK) - tcm->yellow_dscp = tcm->yellow_action.tca_dscp & DSCP_MASK; - else - tcm->yellow_dscp = DSCP_AF12; - if (tcm->red_action.tca_code == TCACODE_MARK) - tcm->red_dscp = tcm->red_action.tca_dscp & DSCP_MASK; - else - tcm->red_dscp = DSCP_AF13; - - tcm->coloraware = coloraware; - - return (tcm); -} - -static int -trtcm_destroy(tcm) - struct trtcm *tcm; -{ - if (tcm->cdnrblk.cb_ref > 0) - return (EBUSY); - - tca_invalidate_action(&tcm->green_action); - tca_invalidate_action(&tcm->yellow_action); - tca_invalidate_action(&tcm->red_action); - - cdnr_cbdestroy(tcm); - return (0); -} - -static struct tc_action * -trtcm_input(cb, pktinfo) - struct cdnr_block *cb; - struct cdnr_pktinfo *pktinfo; -{ - struct trtcm *tcm = (struct trtcm *)cb; - u_int64_t len; - u_int64_t interval, now; - u_int8_t color; - - len = TB_SCALE(pktinfo->pkt_len); - if (tcm->coloraware) { - color = pktinfo->pkt_dscp; - if (color != tcm->yellow_dscp && color != tcm->red_dscp) - color = tcm->green_dscp; - } else { - /* if color-blind, precolor it as green */ - color = tcm->green_dscp; - } - - now = read_machclk(); - if (tcm->cmtd_tb.token < len) { - interval = now - tcm->cmtd_tb.last; - if (interval >= tcm->cmtd_tb.filluptime) - tcm->cmtd_tb.token = tcm->cmtd_tb.depth; - else { - tcm->cmtd_tb.token += interval * tcm->cmtd_tb.rate; - if (tcm->cmtd_tb.token > tcm->cmtd_tb.depth) - tcm->cmtd_tb.token = tcm->cmtd_tb.depth; - } - tcm->cmtd_tb.last = now; - } - if (tcm->peak_tb.token < len) { - interval = now - tcm->peak_tb.last; - if (interval >= tcm->peak_tb.filluptime) - tcm->peak_tb.token = tcm->peak_tb.depth; - else { - tcm->peak_tb.token += interval * tcm->peak_tb.rate; - if (tcm->peak_tb.token > tcm->peak_tb.depth) - tcm->peak_tb.token = tcm->peak_tb.depth; - } - tcm->peak_tb.last = now; - } - - if (color == tcm->red_dscp || tcm->peak_tb.token < len) { - pktinfo->pkt_dscp = tcm->red_dscp; - PKTCNTR_ADD(&tcm->red_cnt, pktinfo->pkt_len); - return (&tcm->red_action); - } - - if (color == tcm->yellow_dscp || tcm->cmtd_tb.token < len) { - pktinfo->pkt_dscp = tcm->yellow_dscp; - tcm->peak_tb.token -= len; - PKTCNTR_ADD(&tcm->yellow_cnt, pktinfo->pkt_len); - return (&tcm->yellow_action); - } - - pktinfo->pkt_dscp = tcm->green_dscp; - tcm->cmtd_tb.token -= len; - tcm->peak_tb.token -= len; - PKTCNTR_ADD(&tcm->green_cnt, pktinfo->pkt_len); - return (&tcm->green_action); -} - -/* - * time sliding window three color marker - * as described in draft-fang-diffserv-tc-tswtcm-00.txt - */ -static struct tswtcm * -tswtcm_create(top, cmtd_rate, peak_rate, avg_interval, - green_action, yellow_action, red_action) - struct top_cdnr *top; - u_int32_t cmtd_rate, peak_rate, avg_interval; - struct tc_action *green_action, *yellow_action, *red_action; -{ - struct tswtcm *tsw; - - if (tca_verify_action(green_action) < 0 - || tca_verify_action(yellow_action) < 0 - || tca_verify_action(red_action) < 0) - return (NULL); - - if ((tsw = cdnr_cballoc(top, TCETYPE_TSWTCM, - tswtcm_input)) == NULL) - return (NULL); - - tca_import_action(&tsw->green_action, green_action); - tca_import_action(&tsw->yellow_action, yellow_action); - tca_import_action(&tsw->red_action, red_action); - - /* set dscps to use */ - if (tsw->green_action.tca_code == TCACODE_MARK) - tsw->green_dscp = tsw->green_action.tca_dscp & DSCP_MASK; - else - tsw->green_dscp = DSCP_AF11; - if (tsw->yellow_action.tca_code == TCACODE_MARK) - tsw->yellow_dscp = tsw->yellow_action.tca_dscp & DSCP_MASK; - else - tsw->yellow_dscp = DSCP_AF12; - if (tsw->red_action.tca_code == TCACODE_MARK) - tsw->red_dscp = tsw->red_action.tca_dscp & DSCP_MASK; - else - tsw->red_dscp = DSCP_AF13; - - /* convert rates from bits/sec to bytes/sec */ - tsw->cmtd_rate = cmtd_rate / 8; - tsw->peak_rate = peak_rate / 8; - tsw->avg_rate = 0; - - /* timewin is converted from msec to machine clock unit */ - tsw->timewin = (u_int64_t)machclk_freq * avg_interval / 1000; - - return (tsw); -} - -static int -tswtcm_destroy(tsw) - struct tswtcm *tsw; -{ - if (tsw->cdnrblk.cb_ref > 0) - return (EBUSY); - - tca_invalidate_action(&tsw->green_action); - tca_invalidate_action(&tsw->yellow_action); - tca_invalidate_action(&tsw->red_action); - - cdnr_cbdestroy(tsw); - return (0); -} - -static struct tc_action * -tswtcm_input(cb, pktinfo) - struct cdnr_block *cb; - struct cdnr_pktinfo *pktinfo; -{ - struct tswtcm *tsw = (struct tswtcm *)cb; - int len; - u_int32_t avg_rate; - u_int64_t interval, now, tmp; - - /* - * rate estimator - */ - len = pktinfo->pkt_len; - now = read_machclk(); - - interval = now - tsw->t_front; - /* - * calculate average rate: - * avg = (avg * timewin + pkt_len)/(timewin + interval) - * pkt_len needs to be multiplied by machclk_freq in order to - * get (bytes/sec). - * note: when avg_rate (bytes/sec) and timewin (machclk unit) are - * less than 32 bits, the following 64-bit operation has enough - * precision. - */ - tmp = ((u_int64_t)tsw->avg_rate * tsw->timewin - + (u_int64_t)len * machclk_freq) / (tsw->timewin + interval); - tsw->avg_rate = avg_rate = (u_int32_t)tmp; - tsw->t_front = now; - - /* - * marker - */ - if (avg_rate > tsw->cmtd_rate) { - u_int32_t randval = arc4random() % avg_rate; - - if (avg_rate > tsw->peak_rate) { - if (randval < avg_rate - tsw->peak_rate) { - /* mark red */ - pktinfo->pkt_dscp = tsw->red_dscp; - PKTCNTR_ADD(&tsw->red_cnt, len); - return (&tsw->red_action); - } else if (randval < avg_rate - tsw->cmtd_rate) - goto mark_yellow; - } else { - /* peak_rate >= avg_rate > cmtd_rate */ - if (randval < avg_rate - tsw->cmtd_rate) { - mark_yellow: - pktinfo->pkt_dscp = tsw->yellow_dscp; - PKTCNTR_ADD(&tsw->yellow_cnt, len); - return (&tsw->yellow_action); - } - } - } - - /* mark green */ - pktinfo->pkt_dscp = tsw->green_dscp; - PKTCNTR_ADD(&tsw->green_cnt, len); - return (&tsw->green_action); -} - -/* - * ioctl requests - */ -static int -cdnrcmd_if_attach(ifname) - char *ifname; -{ - struct ifnet *ifp; - struct top_cdnr *top; - - if ((ifp = ifunit(ifname)) == NULL) - return (EBADF); - - if (ifp->if_snd.altq_cdnr != NULL) - return (EBUSY); - - if ((top = top_create(&ifp->if_snd)) == NULL) - return (ENOMEM); - return (0); -} - -static int -cdnrcmd_if_detach(ifname) - char *ifname; -{ - struct top_cdnr *top; - - if ((top = tcb_lookup(ifname)) == NULL) - return (EBADF); - - return top_destroy(top); -} - -static int -cdnrcmd_add_element(ap) - struct cdnr_add_element *ap; -{ - struct top_cdnr *top; - struct cdnr_block *cb; - - if ((top = tcb_lookup(ap->iface.cdnr_ifname)) == NULL) - return (EBADF); - - cb = element_create(top, &ap->action); - if (cb == NULL) - return (EINVAL); - /* return a class handle to the user */ - ap->cdnr_handle = cdnr_cb2handle(cb); - return (0); -} - -static int -cdnrcmd_delete_element(ap) - struct cdnr_delete_element *ap; -{ - struct top_cdnr *top; - struct cdnr_block *cb; - - if ((top = tcb_lookup(ap->iface.cdnr_ifname)) == NULL) - return (EBADF); - - if ((cb = cdnr_handle2cb(ap->cdnr_handle)) == NULL) - return (EINVAL); - - if (cb->cb_type != TCETYPE_ELEMENT) - return generic_element_destroy(cb); - - return element_destroy(cb); -} - -static int -cdnrcmd_add_filter(ap) - struct cdnr_add_filter *ap; -{ - struct top_cdnr *top; - struct cdnr_block *cb; - - if ((top = tcb_lookup(ap->iface.cdnr_ifname)) == NULL) - return (EBADF); - - if ((cb = cdnr_handle2cb(ap->cdnr_handle)) == NULL) - return (EINVAL); - - return acc_add_filter(&top->tc_classifier, &ap->filter, - cb, &ap->filter_handle); -} - -static int -cdnrcmd_delete_filter(ap) - struct cdnr_delete_filter *ap; -{ - struct top_cdnr *top; - - if ((top = tcb_lookup(ap->iface.cdnr_ifname)) == NULL) - return (EBADF); - - return acc_delete_filter(&top->tc_classifier, ap->filter_handle); -} - -static int -cdnrcmd_add_tbm(ap) - struct cdnr_add_tbmeter *ap; -{ - struct top_cdnr *top; - struct tbmeter *tbm; - - if ((top = tcb_lookup(ap->iface.cdnr_ifname)) == NULL) - return (EBADF); - - tbm = tbm_create(top, &ap->profile, &ap->in_action, &ap->out_action); - if (tbm == NULL) - return (EINVAL); - /* return a class handle to the user */ - ap->cdnr_handle = cdnr_cb2handle(&tbm->cdnrblk); - return (0); -} - -static int -cdnrcmd_modify_tbm(ap) - struct cdnr_modify_tbmeter *ap; -{ - struct tbmeter *tbm; - - if ((tbm = (struct tbmeter *)cdnr_handle2cb(ap->cdnr_handle)) == NULL) - return (EINVAL); - - tb_import_profile(&tbm->tb, &ap->profile); - - return (0); -} - -static int -cdnrcmd_tbm_stats(ap) - struct cdnr_tbmeter_stats *ap; -{ - struct tbmeter *tbm; - - if ((tbm = (struct tbmeter *)cdnr_handle2cb(ap->cdnr_handle)) == NULL) - return (EINVAL); - - ap->in_cnt = tbm->in_cnt; - ap->out_cnt = tbm->out_cnt; - - return (0); -} - -static int -cdnrcmd_add_trtcm(ap) - struct cdnr_add_trtcm *ap; -{ - struct top_cdnr *top; - struct trtcm *tcm; - - if ((top = tcb_lookup(ap->iface.cdnr_ifname)) == NULL) - return (EBADF); - - tcm = trtcm_create(top, &ap->cmtd_profile, &ap->peak_profile, - &ap->green_action, &ap->yellow_action, - &ap->red_action, ap->coloraware); - if (tcm == NULL) - return (EINVAL); - - /* return a class handle to the user */ - ap->cdnr_handle = cdnr_cb2handle(&tcm->cdnrblk); - return (0); -} - -static int -cdnrcmd_modify_trtcm(ap) - struct cdnr_modify_trtcm *ap; -{ - struct trtcm *tcm; - - if ((tcm = (struct trtcm *)cdnr_handle2cb(ap->cdnr_handle)) == NULL) - return (EINVAL); - - tb_import_profile(&tcm->cmtd_tb, &ap->cmtd_profile); - tb_import_profile(&tcm->peak_tb, &ap->peak_profile); - - return (0); -} - -static int -cdnrcmd_tcm_stats(ap) - struct cdnr_tcm_stats *ap; -{ - struct cdnr_block *cb; - - if ((cb = cdnr_handle2cb(ap->cdnr_handle)) == NULL) - return (EINVAL); - - if (cb->cb_type == TCETYPE_TRTCM) { - struct trtcm *tcm = (struct trtcm *)cb; - - ap->green_cnt = tcm->green_cnt; - ap->yellow_cnt = tcm->yellow_cnt; - ap->red_cnt = tcm->red_cnt; - } else if (cb->cb_type == TCETYPE_TSWTCM) { - struct tswtcm *tsw = (struct tswtcm *)cb; - - ap->green_cnt = tsw->green_cnt; - ap->yellow_cnt = tsw->yellow_cnt; - ap->red_cnt = tsw->red_cnt; - } else - return (EINVAL); - - return (0); -} - -static int -cdnrcmd_add_tswtcm(ap) - struct cdnr_add_tswtcm *ap; -{ - struct top_cdnr *top; - struct tswtcm *tsw; - - if ((top = tcb_lookup(ap->iface.cdnr_ifname)) == NULL) - return (EBADF); - - if (ap->cmtd_rate > ap->peak_rate) - return (EINVAL); - - tsw = tswtcm_create(top, ap->cmtd_rate, ap->peak_rate, - ap->avg_interval, &ap->green_action, - &ap->yellow_action, &ap->red_action); - if (tsw == NULL) - return (EINVAL); - - /* return a class handle to the user */ - ap->cdnr_handle = cdnr_cb2handle(&tsw->cdnrblk); - return (0); -} - -static int -cdnrcmd_modify_tswtcm(ap) - struct cdnr_modify_tswtcm *ap; -{ - struct tswtcm *tsw; - - if ((tsw = (struct tswtcm *)cdnr_handle2cb(ap->cdnr_handle)) == NULL) - return (EINVAL); - - if (ap->cmtd_rate > ap->peak_rate) - return (EINVAL); - - /* convert rates from bits/sec to bytes/sec */ - tsw->cmtd_rate = ap->cmtd_rate / 8; - tsw->peak_rate = ap->peak_rate / 8; - tsw->avg_rate = 0; - - /* timewin is converted from msec to machine clock unit */ - tsw->timewin = (u_int64_t)machclk_freq * ap->avg_interval / 1000; - - return (0); -} - -static int -cdnrcmd_get_stats(ap) - struct cdnr_get_stats *ap; -{ - struct top_cdnr *top; - struct cdnr_block *cb; - struct tbmeter *tbm; - struct trtcm *tcm; - struct tswtcm *tsw; - struct tce_stats tce, *usp; - int error, n, nskip, nelements; - - if ((top = tcb_lookup(ap->iface.cdnr_ifname)) == NULL) - return (EBADF); - - /* copy action stats */ - bcopy(top->tc_cnts, ap->cnts, sizeof(ap->cnts)); - - /* stats for each element */ - nelements = ap->nelements; - usp = ap->tce_stats; - if (nelements <= 0 || usp == NULL) - return (0); - - nskip = ap->nskip; - n = 0; - LIST_FOREACH(cb, &top->tc_elements, cb_next) { - if (nskip > 0) { - nskip--; - continue; - } - - bzero(&tce, sizeof(tce)); - tce.tce_handle = cb->cb_handle; - tce.tce_type = cb->cb_type; - switch (cb->cb_type) { - case TCETYPE_TBMETER: - tbm = (struct tbmeter *)cb; - tce.tce_cnts[0] = tbm->in_cnt; - tce.tce_cnts[1] = tbm->out_cnt; - break; - case TCETYPE_TRTCM: - tcm = (struct trtcm *)cb; - tce.tce_cnts[0] = tcm->green_cnt; - tce.tce_cnts[1] = tcm->yellow_cnt; - tce.tce_cnts[2] = tcm->red_cnt; - break; - case TCETYPE_TSWTCM: - tsw = (struct tswtcm *)cb; - tce.tce_cnts[0] = tsw->green_cnt; - tce.tce_cnts[1] = tsw->yellow_cnt; - tce.tce_cnts[2] = tsw->red_cnt; - break; - default: - continue; - } - - if ((error = copyout((caddr_t)&tce, (caddr_t)usp++, - sizeof(tce))) != 0) - return (error); - - if (++n == nelements) - break; - } - ap->nelements = n; - - return (0); -} - -/* - * conditioner device interface - */ -int -cdnropen(dev, flag, fmt, p) - dev_t dev; - int flag, fmt; -#if (__FreeBSD_version > 500000) - struct thread *p; -#else - struct proc *p; -#endif -{ - if (machclk_freq == 0) - init_machclk(); - - if (machclk_freq == 0) { - printf("cdnr: no cpu clock available!\n"); - return (ENXIO); - } - - /* everything will be done when the queueing scheme is attached. */ - return 0; -} - -int -cdnrclose(dev, flag, fmt, p) - dev_t dev; - int flag, fmt; -#if (__FreeBSD_version > 500000) - struct thread *p; -#else - struct proc *p; -#endif -{ - struct top_cdnr *top; - int err, error = 0; - - while ((top = LIST_FIRST(&tcb_list)) != NULL) { - /* destroy all */ - err = top_destroy(top); - if (err != 0 && error == 0) - error = err; - } - altq_input = NULL; - - return (error); -} - -int -cdnrioctl(dev, cmd, addr, flag, p) - dev_t dev; - ioctlcmd_t cmd; - caddr_t addr; - int flag; -#if (__FreeBSD_version > 500000) - struct thread *p; -#else - struct proc *p; -#endif -{ - struct top_cdnr *top; - struct cdnr_interface *ifacep; - int s, error = 0; - - /* check super-user privilege */ - switch (cmd) { - case CDNR_GETSTATS: - break; - default: -#if (__FreeBSD_version > 700000) - if ((error = priv_check(p, PRIV_ALTQ_MANAGE)) != 0) -#elsif (__FreeBSD_version > 400000) - if ((error = suser(p)) != 0) -#else - if ((error = suser(p->p_ucred, &p->p_acflag)) != 0) -#endif - return (error); - break; - } - - s = splnet(); - switch (cmd) { - - case CDNR_IF_ATTACH: - ifacep = (struct cdnr_interface *)addr; - error = cdnrcmd_if_attach(ifacep->cdnr_ifname); - break; - - case CDNR_IF_DETACH: - ifacep = (struct cdnr_interface *)addr; - error = cdnrcmd_if_detach(ifacep->cdnr_ifname); - break; - - case CDNR_ENABLE: - case CDNR_DISABLE: - ifacep = (struct cdnr_interface *)addr; - if ((top = tcb_lookup(ifacep->cdnr_ifname)) == NULL) { - error = EBADF; - break; - } - - switch (cmd) { - - case CDNR_ENABLE: - ALTQ_SET_CNDTNING(top->tc_ifq); - if (altq_input == NULL) - altq_input = altq_cdnr_input; - break; - - case CDNR_DISABLE: - ALTQ_CLEAR_CNDTNING(top->tc_ifq); - LIST_FOREACH(top, &tcb_list, tc_next) - if (ALTQ_IS_CNDTNING(top->tc_ifq)) - break; - if (top == NULL) - altq_input = NULL; - break; - } - break; - - case CDNR_ADD_ELEM: - error = cdnrcmd_add_element((struct cdnr_add_element *)addr); - break; - - case CDNR_DEL_ELEM: - error = cdnrcmd_delete_element((struct cdnr_delete_element *)addr); - break; - - case CDNR_ADD_TBM: - error = cdnrcmd_add_tbm((struct cdnr_add_tbmeter *)addr); - break; - - case CDNR_MOD_TBM: - error = cdnrcmd_modify_tbm((struct cdnr_modify_tbmeter *)addr); - break; - - case CDNR_TBM_STATS: - error = cdnrcmd_tbm_stats((struct cdnr_tbmeter_stats *)addr); - break; - - case CDNR_ADD_TCM: - error = cdnrcmd_add_trtcm((struct cdnr_add_trtcm *)addr); - break; - - case CDNR_MOD_TCM: - error = cdnrcmd_modify_trtcm((struct cdnr_modify_trtcm *)addr); - break; - - case CDNR_TCM_STATS: - error = cdnrcmd_tcm_stats((struct cdnr_tcm_stats *)addr); - break; - - case CDNR_ADD_FILTER: - error = cdnrcmd_add_filter((struct cdnr_add_filter *)addr); - break; - - case CDNR_DEL_FILTER: - error = cdnrcmd_delete_filter((struct cdnr_delete_filter *)addr); - break; - - case CDNR_GETSTATS: - error = cdnrcmd_get_stats((struct cdnr_get_stats *)addr); - break; - - case CDNR_ADD_TSW: - error = cdnrcmd_add_tswtcm((struct cdnr_add_tswtcm *)addr); - break; - - case CDNR_MOD_TSW: - error = cdnrcmd_modify_tswtcm((struct cdnr_modify_tswtcm *)addr); - break; - - default: - error = EINVAL; - break; - } - splx(s); - - return error; -} - -#ifdef KLD_MODULE - -static struct altqsw cdnr_sw = - {"cdnr", cdnropen, cdnrclose, cdnrioctl}; - -ALTQ_MODULE(altq_cdnr, ALTQT_CDNR, &cdnr_sw); - -#endif /* KLD_MODULE */ - -#endif /* ALTQ3_COMPAT */ -#endif /* ALTQ_CDNR */ diff --git a/sys/net/altq/altq_hfsc.c b/sys/net/altq/altq_hfsc.c index 19a502ba0110..1405849c0fab 100644 --- a/sys/net/altq/altq_hfsc.c +++ b/sys/net/altq/altq_hfsc.c @@ -70,9 +70,6 @@ #include <netpfil/pf/pf_mtag.h> #include <net/altq/altq.h> #include <net/altq/altq_hfsc.h> -#ifdef ALTQ3_COMPAT -#include <net/altq/altq_conf.h> -#endif /* * function prototypes @@ -137,23 +134,6 @@ static void get_class_stats_v1(struct hfsc_classstats_v1 *, static struct hfsc_class *clh_to_clp(struct hfsc_if *, u_int32_t); -#ifdef ALTQ3_COMPAT -static struct hfsc_if *hfsc_attach(struct ifaltq *, u_int); -static int hfsc_detach(struct hfsc_if *); -static int hfsc_class_modify(struct hfsc_class *, struct service_curve *, - struct service_curve *, struct service_curve *); - -static int hfsccmd_if_attach(struct hfsc_attach *); -static int hfsccmd_if_detach(struct hfsc_interface *); -static int hfsccmd_add_class(struct hfsc_add_class *); -static int hfsccmd_delete_class(struct hfsc_delete_class *); -static int hfsccmd_modify_class(struct hfsc_modify_class *); -static int hfsccmd_add_filter(struct hfsc_add_filter *); -static int hfsccmd_delete_filter(struct hfsc_delete_filter *); -static int hfsccmd_class_stats(struct hfsc_class_stats *); - -altqdev_decl(hfsc); -#endif /* ALTQ3_COMPAT */ /* * macros @@ -162,10 +142,6 @@ altqdev_decl(hfsc); #define HT_INFINITY 0xffffffffffffffffULL /* infinite time value */ -#ifdef ALTQ3_COMPAT -/* hif_list keeps all hfsc_if's allocated. */ -static struct hfsc_if *hif_list = NULL; -#endif /* ALTQ3_COMPAT */ int hfsc_pfattach(struct pf_altq *a) @@ -332,10 +308,6 @@ hfsc_clear_interface(struct hfsc_if *hif) { struct hfsc_class *cl; -#ifdef ALTQ3_COMPAT - /* free the filters for this interface */ - acc_discard_filters(&hif->hif_classifier, NULL, 1); -#endif /* clear out the classes */ while (hif->hif_rootclass != NULL && @@ -597,10 +569,6 @@ hfsc_class_destroy(struct hfsc_class *cl) s = splnet(); IFQ_LOCK(cl->cl_hif->hif_ifq); -#ifdef ALTQ3_COMPAT - /* delete filters referencing to this class */ - acc_discard_filters(&cl->cl_hif->hif_classifier, cl, 0); -#endif /* ALTQ3_COMPAT */ if (!qempty(cl->cl_q)) hfsc_purgeq(cl); @@ -714,10 +682,6 @@ hfsc_enqueue(struct ifaltq *ifq, struct mbuf *m, struct altq_pktattr *pktattr) cl = NULL; if ((t = pf_find_mtag(m)) != NULL) cl = clh_to_clp(hif, t->qid); -#ifdef ALTQ3_COMPAT - else if ((ifq->altq_flags & ALTQF_CLASSIFY) && pktattr != NULL) - cl = pktattr->pattr_class; -#endif if (cl == NULL || is_a_parent_class(cl)) { cl = hif->hif_defaultclass; if (cl == NULL) { @@ -725,12 +689,7 @@ hfsc_enqueue(struct ifaltq *ifq, struct mbuf *m, struct altq_pktattr *pktattr) return (ENOBUFS); } } -#ifdef ALTQ3_COMPAT - if (pktattr != NULL) - cl->cl_pktattr = pktattr; /* save proto hdr used by ECN */ - else -#endif - cl->cl_pktattr = NULL; + cl->cl_pktattr = NULL; len = m_pktlen(m); if (hfsc_addq(cl, m) != 0) { /* drop occurred. mbuf was freed in hfsc_addq. */ @@ -1788,542 +1747,5 @@ clh_to_clp(struct hfsc_if *hif, u_int32_t chandle) return (NULL); } -#ifdef ALTQ3_COMPAT -static struct hfsc_if * -hfsc_attach(ifq, bandwidth) - struct ifaltq *ifq; - u_int bandwidth; -{ - struct hfsc_if *hif; - - hif = malloc(sizeof(struct hfsc_if), M_DEVBUF, M_WAITOK); - if (hif == NULL) - return (NULL); - bzero(hif, sizeof(struct hfsc_if)); - - hif->hif_eligible = ellist_alloc(); - if (hif->hif_eligible == NULL) { - free(hif, M_DEVBUF); - return NULL; - } - - hif->hif_ifq = ifq; - - /* add this state to the hfsc list */ - hif->hif_next = hif_list; - hif_list = hif; - - return (hif); -} - -static int -hfsc_detach(hif) - struct hfsc_if *hif; -{ - (void)hfsc_clear_interface(hif); - (void)hfsc_class_destroy(hif->hif_rootclass); - - /* remove this interface from the hif list */ - if (hif_list == hif) - hif_list = hif->hif_next; - else { - struct hfsc_if *h; - - for (h = hif_list; h != NULL; h = h->hif_next) - if (h->hif_next == hif) { - h->hif_next = hif->hif_next; - break; - } - ASSERT(h != NULL); - } - - ellist_destroy(hif->hif_eligible); - - free(hif, M_DEVBUF); - - return (0); -} - -static int -hfsc_class_modify(cl, rsc, fsc, usc) - struct hfsc_class *cl; - struct service_curve *rsc, *fsc, *usc; -{ - struct internal_sc *rsc_tmp, *fsc_tmp, *usc_tmp; - u_int64_t cur_time; - int s; - - rsc_tmp = fsc_tmp = usc_tmp = NULL; - if (rsc != NULL && (rsc->m1 != 0 || rsc->m2 != 0) && - cl->cl_rsc == NULL) { - rsc_tmp = malloc(sizeof(struct internal_sc), - M_DEVBUF, M_WAITOK); - if (rsc_tmp == NULL) - return (ENOMEM); - } - if (fsc != NULL && (fsc->m1 != 0 || fsc->m2 != 0) && - cl->cl_fsc == NULL) { - fsc_tmp = malloc(sizeof(struct internal_sc), - M_DEVBUF, M_WAITOK); - if (fsc_tmp == NULL) { - free(rsc_tmp); - return (ENOMEM); - } - } - if (usc != NULL && (usc->m1 != 0 || usc->m2 != 0) && - cl->cl_usc == NULL) { - usc_tmp = malloc(sizeof(struct internal_sc), - M_DEVBUF, M_WAITOK); - if (usc_tmp == NULL) { - free(rsc_tmp); - free(fsc_tmp); - return (ENOMEM); - } - } - - cur_time = read_machclk(); - s = splnet(); - IFQ_LOCK(cl->cl_hif->hif_ifq); - - if (rsc != NULL) { - if (rsc->m1 == 0 && rsc->m2 == 0) { - if (cl->cl_rsc != NULL) { - if (!qempty(cl->cl_q)) - hfsc_purgeq(cl); - free(cl->cl_rsc, M_DEVBUF); - cl->cl_rsc = NULL; - } - } else { - if (cl->cl_rsc == NULL) - cl->cl_rsc = rsc_tmp; - sc2isc(rsc, cl->cl_rsc); - rtsc_init(&cl->cl_deadline, cl->cl_rsc, cur_time, - cl->cl_cumul); - cl->cl_eligible = cl->cl_deadline; - if (cl->cl_rsc->sm1 <= cl->cl_rsc->sm2) { - cl->cl_eligible.dx = 0; - cl->cl_eligible.dy = 0; - } - } - } - - if (fsc != NULL) { - if (fsc->m1 == 0 && fsc->m2 == 0) { - if (cl->cl_fsc != NULL) { - if (!qempty(cl->cl_q)) - hfsc_purgeq(cl); - free(cl->cl_fsc, M_DEVBUF); - cl->cl_fsc = NULL; - } - } else { - if (cl->cl_fsc == NULL) - cl->cl_fsc = fsc_tmp; - sc2isc(fsc, cl->cl_fsc); - rtsc_init(&cl->cl_virtual, cl->cl_fsc, cl->cl_vt, - cl->cl_total); - } - } - - if (usc != NULL) { - if (usc->m1 == 0 && usc->m2 == 0) { - if (cl->cl_usc != NULL) { - free(cl->cl_usc, M_DEVBUF); - cl->cl_usc = NULL; - cl->cl_myf = 0; - } - } else { - if (cl->cl_usc == NULL) - cl->cl_usc = usc_tmp; - sc2isc(usc, cl->cl_usc); - rtsc_init(&cl->cl_ulimit, cl->cl_usc, cur_time, - cl->cl_total); - } - } - - if (!qempty(cl->cl_q)) { - if (cl->cl_rsc != NULL) - update_ed(cl, m_pktlen(qhead(cl->cl_q))); - if (cl->cl_fsc != NULL) - update_vf(cl, 0, cur_time); - /* is this enough? */ - } - - IFQ_UNLOCK(cl->cl_hif->hif_ifq); - splx(s); - - return (0); -} - -/* - * hfsc device interface - */ -int -hfscopen(dev, flag, fmt, p) - dev_t dev; - int flag, fmt; -#if (__FreeBSD_version > 500000) - struct thread *p; -#else - struct proc *p; -#endif -{ - if (machclk_freq == 0) - init_machclk(); - - if (machclk_freq == 0) { - printf("hfsc: no cpu clock available!\n"); - return (ENXIO); - } - - /* everything will be done when the queueing scheme is attached. */ - return 0; -} - -int -hfscclose(dev, flag, fmt, p) - dev_t dev; - int flag, fmt; -#if (__FreeBSD_version > 500000) - struct thread *p; -#else - struct proc *p; -#endif -{ - struct hfsc_if *hif; - int err, error = 0; - - while ((hif = hif_list) != NULL) { - /* destroy all */ - if (ALTQ_IS_ENABLED(hif->hif_ifq)) - altq_disable(hif->hif_ifq); - - err = altq_detach(hif->hif_ifq); - if (err == 0) - err = hfsc_detach(hif); - if (err != 0 && error == 0) - error = err; - } - - return error; -} - -int -hfscioctl(dev, cmd, addr, flag, p) - dev_t dev; - ioctlcmd_t cmd; - caddr_t addr; - int flag; -#if (__FreeBSD_version > 500000) - struct thread *p; -#else - struct proc *p; -#endif -{ - struct hfsc_if *hif; - struct hfsc_interface *ifacep; - int error = 0; - - /* check super-user privilege */ - switch (cmd) { - case HFSC_GETSTATS: - break; - default: -#if (__FreeBSD_version > 700000) - if ((error = priv_check(p, PRIV_ALTQ_MANAGE)) != 0) - return (error); -#elsif (__FreeBSD_version > 400000) - if ((error = suser(p)) != 0) - return (error); -#else - if ((error = suser(p->p_ucred, &p->p_acflag)) != 0) - return (error); -#endif - break; - } - - switch (cmd) { - - case HFSC_IF_ATTACH: - error = hfsccmd_if_attach((struct hfsc_attach *)addr); - break; - - case HFSC_IF_DETACH: - error = hfsccmd_if_detach((struct hfsc_interface *)addr); - break; - - case HFSC_ENABLE: - case HFSC_DISABLE: - case HFSC_CLEAR_HIERARCHY: - ifacep = (struct hfsc_interface *)addr; - if ((hif = altq_lookup(ifacep->hfsc_ifname, - ALTQT_HFSC)) == NULL) { - error = EBADF; - break; - } - - switch (cmd) { - - case HFSC_ENABLE: - if (hif->hif_defaultclass == NULL) { -#ifdef ALTQ_DEBUG - printf("hfsc: no default class\n"); -#endif - error = EINVAL; - break; - } - error = altq_enable(hif->hif_ifq); - break; - - case HFSC_DISABLE: - error = altq_disable(hif->hif_ifq); - break; - - case HFSC_CLEAR_HIERARCHY: - hfsc_clear_interface(hif); - break; - } - break; - - case HFSC_ADD_CLASS: - error = hfsccmd_add_class((struct hfsc_add_class *)addr); - break; - - case HFSC_DEL_CLASS: - error = hfsccmd_delete_class((struct hfsc_delete_class *)addr); - break; - - case HFSC_MOD_CLASS: - error = hfsccmd_modify_class((struct hfsc_modify_class *)addr); - break; - - case HFSC_ADD_FILTER: - error = hfsccmd_add_filter((struct hfsc_add_filter *)addr); - break; - - case HFSC_DEL_FILTER: - error = hfsccmd_delete_filter((struct hfsc_delete_filter *)addr); - break; - - case HFSC_GETSTATS: - error = hfsccmd_class_stats((struct hfsc_class_stats *)addr); - break; - - default: - error = EINVAL; - break; - } - return error; -} - -static int -hfsccmd_if_attach(ap) - struct hfsc_attach *ap; -{ - struct hfsc_if *hif; - struct ifnet *ifp; - int error; - - if ((ifp = ifunit(ap->iface.hfsc_ifname)) == NULL) - return (ENXIO); - - if ((hif = hfsc_attach(&ifp->if_snd, ap->bandwidth)) == NULL) - return (ENOMEM); - - /* - * set HFSC to this ifnet structure. - */ - if ((error = altq_attach(&ifp->if_snd, ALTQT_HFSC, hif, - hfsc_enqueue, hfsc_dequeue, hfsc_request, - &hif->hif_classifier, acc_classify)) != 0) - (void)hfsc_detach(hif); - - return (error); -} - -static int -hfsccmd_if_detach(ap) - struct hfsc_interface *ap; -{ - struct hfsc_if *hif; - int error; - - if ((hif = altq_lookup(ap->hfsc_ifname, ALTQT_HFSC)) == NULL) - return (EBADF); - - if (ALTQ_IS_ENABLED(hif->hif_ifq)) - altq_disable(hif->hif_ifq); - - if ((error = altq_detach(hif->hif_ifq))) - return (error); - - return hfsc_detach(hif); -} - -static int -hfsccmd_add_class(ap) - struct hfsc_add_class *ap; -{ - struct hfsc_if *hif; - struct hfsc_class *cl, *parent; - int i; - - if ((hif = altq_lookup(ap->iface.hfsc_ifname, ALTQT_HFSC)) == NULL) - return (EBADF); - - if (ap->parent_handle == HFSC_NULLCLASS_HANDLE && - hif->hif_rootclass == NULL) - parent = NULL; - else if ((parent = clh_to_clp(hif, ap->parent_handle)) == NULL) - return (EINVAL); - - /* assign a class handle (use a free slot number for now) */ - for (i = 1; i < HFSC_MAX_CLASSES; i++) - if (hif->hif_class_tbl[i] == NULL) - break; - if (i == HFSC_MAX_CLASSES) - return (EBUSY); - - if ((cl = hfsc_class_create(hif, &ap->service_curve, NULL, NULL, - parent, ap->qlimit, ap->flags, i)) == NULL) - return (ENOMEM); - - /* return a class handle to the user */ - ap->class_handle = i; - - return (0); -} - -static int -hfsccmd_delete_class(ap) - struct hfsc_delete_class *ap; -{ - struct hfsc_if *hif; - struct hfsc_class *cl; - - if ((hif = altq_lookup(ap->iface.hfsc_ifname, ALTQT_HFSC)) == NULL) - return (EBADF); - - if ((cl = clh_to_clp(hif, ap->class_handle)) == NULL) - return (EINVAL); - - return hfsc_class_destroy(cl); -} - -static int -hfsccmd_modify_class(ap) - struct hfsc_modify_class *ap; -{ - struct hfsc_if *hif; - struct hfsc_class *cl; - struct service_curve *rsc = NULL; - struct service_curve *fsc = NULL; - struct service_curve *usc = NULL; - - if ((hif = altq_lookup(ap->iface.hfsc_ifname, ALTQT_HFSC)) == NULL) - return (EBADF); - - if ((cl = clh_to_clp(hif, ap->class_handle)) == NULL) - return (EINVAL); - - if (ap->sctype & HFSC_REALTIMESC) - rsc = &ap->service_curve; - if (ap->sctype & HFSC_LINKSHARINGSC) - fsc = &ap->service_curve; - if (ap->sctype & HFSC_UPPERLIMITSC) - usc = &ap->service_curve; - - return hfsc_class_modify(cl, rsc, fsc, usc); -} - -static int -hfsccmd_add_filter(ap) - struct hfsc_add_filter *ap; -{ - struct hfsc_if *hif; - struct hfsc_class *cl; - - if ((hif = altq_lookup(ap->iface.hfsc_ifname, ALTQT_HFSC)) == NULL) - return (EBADF); - - if ((cl = clh_to_clp(hif, ap->class_handle)) == NULL) - return (EINVAL); - - if (is_a_parent_class(cl)) { -#ifdef ALTQ_DEBUG - printf("hfsccmd_add_filter: not a leaf class!\n"); -#endif - return (EINVAL); - } - - return acc_add_filter(&hif->hif_classifier, &ap->filter, - cl, &ap->filter_handle); -} - -static int -hfsccmd_delete_filter(ap) - struct hfsc_delete_filter *ap; -{ - struct hfsc_if *hif; - - if ((hif = altq_lookup(ap->iface.hfsc_ifname, ALTQT_HFSC)) == NULL) - return (EBADF); - - return acc_delete_filter(&hif->hif_classifier, - ap->filter_handle); -} - -static int -hfsccmd_class_stats(ap) - struct hfsc_class_stats *ap; -{ - struct hfsc_if *hif; - struct hfsc_class *cl; - struct hfsc_classstats stats, *usp; - int n, nclasses, error; - - if ((hif = altq_lookup(ap->iface.hfsc_ifname, ALTQT_HFSC)) == NULL) - return (EBADF); - - ap->cur_time = read_machclk(); - ap->machclk_freq = machclk_freq; - ap->hif_classes = hif->hif_classes; - ap->hif_packets = hif->hif_packets; - - /* skip the first N classes in the tree */ - nclasses = ap->nskip; - for (cl = hif->hif_rootclass, n = 0; cl != NULL && n < nclasses; - cl = hfsc_nextclass(cl), n++) - ; - if (n != nclasses) - return (EINVAL); - - /* then, read the next N classes in the tree */ - nclasses = ap->nclasses; - usp = ap->stats; - for (n = 0; cl != NULL && n < nclasses; cl = hfsc_nextclass(cl), n++) { - - get_class_stats(&stats, cl); - - if ((error = copyout((caddr_t)&stats, (caddr_t)usp++, - sizeof(stats))) != 0) - return (error); - } - - ap->nclasses = n; - - return (0); -} - -#ifdef KLD_MODULE - -static struct altqsw hfsc_sw = - {"hfsc", hfscopen, hfscclose, hfscioctl}; - -ALTQ_MODULE(altq_hfsc, ALTQT_HFSC, &hfsc_sw); -MODULE_DEPEND(altq_hfsc, altq_red, 1, 1, 1); -MODULE_DEPEND(altq_hfsc, altq_rio, 1, 1, 1); - -#endif /* KLD_MODULE */ -#endif /* ALTQ3_COMPAT */ #endif /* ALTQ_HFSC */ diff --git a/sys/net/altq/altq_hfsc.h b/sys/net/altq/altq_hfsc.h index 67ec0036ff94..fa4aa81134b0 100644 --- a/sys/net/altq/altq_hfsc.h +++ b/sys/net/altq/altq_hfsc.h @@ -168,74 +168,6 @@ struct hfsc_classstats_v1 { * header. */ -#ifdef ALTQ3_COMPAT -struct hfsc_interface { - char hfsc_ifname[IFNAMSIZ]; /* interface name (e.g., fxp0) */ -}; - -struct hfsc_attach { - struct hfsc_interface iface; - u_int bandwidth; /* link bandwidth in bits/sec */ -}; - -struct hfsc_add_class { - struct hfsc_interface iface; - u_int32_t parent_handle; - struct service_curve service_curve; - int qlimit; - int flags; - - u_int32_t class_handle; /* return value */ -}; - -struct hfsc_delete_class { - struct hfsc_interface iface; - u_int32_t class_handle; -}; - -struct hfsc_modify_class { - struct hfsc_interface iface; - u_int32_t class_handle; - struct service_curve service_curve; - int sctype; -}; - -struct hfsc_add_filter { - struct hfsc_interface iface; - u_int32_t class_handle; - struct flow_filter filter; - - u_long filter_handle; /* return value */ -}; - -struct hfsc_delete_filter { - struct hfsc_interface iface; - u_long filter_handle; -}; - -struct hfsc_class_stats { - struct hfsc_interface iface; - int nskip; /* skip # of classes */ - int nclasses; /* # of class stats (WR) */ - u_int64_t cur_time; /* current time */ - u_int32_t machclk_freq; /* machine clock frequency */ - u_int hif_classes; /* # of classes in the tree */ - u_int hif_packets; /* # of packets in the tree */ - struct hfsc_classstats *stats; /* pointer to stats array */ -}; - -#define HFSC_IF_ATTACH _IOW('Q', 1, struct hfsc_attach) -#define HFSC_IF_DETACH _IOW('Q', 2, struct hfsc_interface) -#define HFSC_ENABLE _IOW('Q', 3, struct hfsc_interface) -#define HFSC_DISABLE _IOW('Q', 4, struct hfsc_interface) -#define HFSC_CLEAR_HIERARCHY _IOW('Q', 5, struct hfsc_interface) -#define HFSC_ADD_CLASS _IOWR('Q', 7, struct hfsc_add_class) -#define HFSC_DEL_CLASS _IOW('Q', 8, struct hfsc_delete_class) -#define HFSC_MOD_CLASS _IOW('Q', 9, struct hfsc_modify_class) -#define HFSC_ADD_FILTER _IOWR('Q', 10, struct hfsc_add_filter) -#define HFSC_DEL_FILTER _IOW('Q', 11, struct hfsc_delete_filter) -#define HFSC_GETSTATS _IOWR('Q', 12, struct hfsc_class_stats) -#endif /* ALTQ3_COMPAT */ #ifdef _KERNEL /* diff --git a/sys/net/altq/altq_priq.c b/sys/net/altq/altq_priq.c index 4abd0efd9714..5a413e3401b6 100644 --- a/sys/net/altq/altq_priq.c +++ b/sys/net/altq/altq_priq.c @@ -55,18 +55,11 @@ #include <netpfil/pf/pf_altq.h> #include <netpfil/pf/pf_mtag.h> #include <net/altq/altq.h> -#ifdef ALTQ3_COMPAT -#include <net/altq/altq_conf.h> -#endif #include <net/altq/altq_priq.h> /* * function prototypes */ -#ifdef ALTQ3_COMPAT -static struct priq_if *priq_attach(struct ifaltq *, u_int); -static int priq_detach(struct priq_if *); -#endif static int priq_clear_interface(struct priq_if *); static int priq_request(struct ifaltq *, int, void *); static void priq_purge(struct priq_if *); @@ -81,26 +74,10 @@ static struct mbuf *priq_getq(struct priq_class *); static struct mbuf *priq_pollq(struct priq_class *); static void priq_purgeq(struct priq_class *); -#ifdef ALTQ3_COMPAT -static int priqcmd_if_attach(struct priq_interface *); -static int priqcmd_if_detach(struct priq_interface *); -static int priqcmd_add_class(struct priq_add_class *); -static int priqcmd_delete_class(struct priq_delete_class *); -static int priqcmd_modify_class(struct priq_modify_class *); -static int priqcmd_add_filter(struct priq_add_filter *); -static int priqcmd_delete_filter(struct priq_delete_filter *); -static int priqcmd_class_stats(struct priq_class_stats *); -#endif /* ALTQ3_COMPAT */ static void get_class_stats(struct priq_classstats *, struct priq_class *); static struct priq_class *clh_to_clp(struct priq_if *, u_int32_t); -#ifdef ALTQ3_COMPAT -altqdev_decl(priq); - -/* pif_list keeps all priq_if's allocated. */ -static struct priq_if *pif_list = NULL; -#endif /* ALTQ3_COMPAT */ int priq_pfattach(struct pf_altq *a) @@ -489,10 +466,6 @@ priq_enqueue(struct ifaltq *ifq, struct mbuf *m, struct altq_pktattr *pktattr) cl = NULL; if ((t = pf_find_mtag(m)) != NULL) cl = clh_to_clp(pif, t->qid); -#ifdef ALTQ3_COMPAT - else if ((ifq->altq_flags & ALTQF_CLASSIFY) && pktattr != NULL) - cl = pktattr->pattr_class; -#endif if (cl == NULL) { cl = pif->pif_default; if (cl == NULL) { @@ -500,12 +473,7 @@ priq_enqueue(struct ifaltq *ifq, struct mbuf *m, struct altq_pktattr *pktattr) return (ENOBUFS); } } -#ifdef ALTQ3_COMPAT - if (pktattr != NULL) - cl->cl_pktattr = pktattr; /* save proto hdr used by ECN */ - else -#endif - cl->cl_pktattr = NULL; + cl->cl_pktattr = NULL; len = m_pktlen(m); if (priq_addq(cl, m) != 0) { /* drop occurred. mbuf was freed in priq_addq. */ @@ -674,397 +642,4 @@ clh_to_clp(struct priq_if *pif, u_int32_t chandle) } -#ifdef ALTQ3_COMPAT - -static struct priq_if * -priq_attach(ifq, bandwidth) - struct ifaltq *ifq; - u_int bandwidth; -{ - struct priq_if *pif; - - pif = malloc(sizeof(struct priq_if), - M_DEVBUF, M_WAITOK); - if (pif == NULL) - return (NULL); - bzero(pif, sizeof(struct priq_if)); - pif->pif_bandwidth = bandwidth; - pif->pif_maxpri = -1; - pif->pif_ifq = ifq; - - /* add this state to the priq list */ - pif->pif_next = pif_list; - pif_list = pif; - - return (pif); -} - -static int -priq_detach(pif) - struct priq_if *pif; -{ - (void)priq_clear_interface(pif); - - /* remove this interface from the pif list */ - if (pif_list == pif) - pif_list = pif->pif_next; - else { - struct priq_if *p; - - for (p = pif_list; p != NULL; p = p->pif_next) - if (p->pif_next == pif) { - p->pif_next = pif->pif_next; - break; - } - ASSERT(p != NULL); - } - - free(pif, M_DEVBUF); - return (0); -} - -/* - * priq device interface - */ -int -priqopen(dev, flag, fmt, p) - dev_t dev; - int flag, fmt; -#if (__FreeBSD_version > 500000) - struct thread *p; -#else - struct proc *p; -#endif -{ - /* everything will be done when the queueing scheme is attached. */ - return 0; -} - -int -priqclose(dev, flag, fmt, p) - dev_t dev; - int flag, fmt; -#if (__FreeBSD_version > 500000) - struct thread *p; -#else - struct proc *p; -#endif -{ - struct priq_if *pif; - int err, error = 0; - - while ((pif = pif_list) != NULL) { - /* destroy all */ - if (ALTQ_IS_ENABLED(pif->pif_ifq)) - altq_disable(pif->pif_ifq); - - err = altq_detach(pif->pif_ifq); - if (err == 0) - err = priq_detach(pif); - if (err != 0 && error == 0) - error = err; - } - - return error; -} - -int -priqioctl(dev, cmd, addr, flag, p) - dev_t dev; - ioctlcmd_t cmd; - caddr_t addr; - int flag; -#if (__FreeBSD_version > 500000) - struct thread *p; -#else - struct proc *p; -#endif -{ - struct priq_if *pif; - struct priq_interface *ifacep; - int error = 0; - - /* check super-user privilege */ - switch (cmd) { - case PRIQ_GETSTATS: - break; - default: -#if (__FreeBSD_version > 700000) - if ((error = priv_check(p, PRIV_ALTQ_MANAGE)) != 0) - return (error); -#elsif (__FreeBSD_version > 400000) - if ((error = suser(p)) != 0) - return (error); -#else - if ((error = suser(p->p_ucred, &p->p_acflag)) != 0) - return (error); -#endif - break; - } - - switch (cmd) { - - case PRIQ_IF_ATTACH: - error = priqcmd_if_attach((struct priq_interface *)addr); - break; - - case PRIQ_IF_DETACH: - error = priqcmd_if_detach((struct priq_interface *)addr); - break; - - case PRIQ_ENABLE: - case PRIQ_DISABLE: - case PRIQ_CLEAR: - ifacep = (struct priq_interface *)addr; - if ((pif = altq_lookup(ifacep->ifname, - ALTQT_PRIQ)) == NULL) { - error = EBADF; - break; - } - - switch (cmd) { - case PRIQ_ENABLE: - if (pif->pif_default == NULL) { -#ifdef ALTQ_DEBUG - printf("priq: no default class\n"); -#endif - error = EINVAL; - break; - } - error = altq_enable(pif->pif_ifq); - break; - - case PRIQ_DISABLE: - error = altq_disable(pif->pif_ifq); - break; - - case PRIQ_CLEAR: - priq_clear_interface(pif); - break; - } - break; - - case PRIQ_ADD_CLASS: - error = priqcmd_add_class((struct priq_add_class *)addr); - break; - - case PRIQ_DEL_CLASS: - error = priqcmd_delete_class((struct priq_delete_class *)addr); - break; - - case PRIQ_MOD_CLASS: - error = priqcmd_modify_class((struct priq_modify_class *)addr); - break; - - case PRIQ_ADD_FILTER: - error = priqcmd_add_filter((struct priq_add_filter *)addr); - break; - - case PRIQ_DEL_FILTER: - error = priqcmd_delete_filter((struct priq_delete_filter *)addr); - break; - - case PRIQ_GETSTATS: - error = priqcmd_class_stats((struct priq_class_stats *)addr); - break; - - default: - error = EINVAL; - break; - } - return error; -} - -static int -priqcmd_if_attach(ap) - struct priq_interface *ap; -{ - struct priq_if *pif; - struct ifnet *ifp; - int error; - - if ((ifp = ifunit(ap->ifname)) == NULL) - return (ENXIO); - - if ((pif = priq_attach(&ifp->if_snd, ap->arg)) == NULL) - return (ENOMEM); - - /* - * set PRIQ to this ifnet structure. - */ - if ((error = altq_attach(&ifp->if_snd, ALTQT_PRIQ, pif, - priq_enqueue, priq_dequeue, priq_request, - &pif->pif_classifier, acc_classify)) != 0) - (void)priq_detach(pif); - - return (error); -} - -static int -priqcmd_if_detach(ap) - struct priq_interface *ap; -{ - struct priq_if *pif; - int error; - - if ((pif = altq_lookup(ap->ifname, ALTQT_PRIQ)) == NULL) - return (EBADF); - - if (ALTQ_IS_ENABLED(pif->pif_ifq)) - altq_disable(pif->pif_ifq); - - if ((error = altq_detach(pif->pif_ifq))) - return (error); - - return priq_detach(pif); -} - -static int -priqcmd_add_class(ap) - struct priq_add_class *ap; -{ - struct priq_if *pif; - struct priq_class *cl; - int qid; - - if ((pif = altq_lookup(ap->iface.ifname, ALTQT_PRIQ)) == NULL) - return (EBADF); - - if (ap->pri < 0 || ap->pri >= PRIQ_MAXPRI) - return (EINVAL); - if (pif->pif_classes[ap->pri] != NULL) - return (EBUSY); - - qid = ap->pri + 1; - if ((cl = priq_class_create(pif, ap->pri, - ap->qlimit, ap->flags, qid)) == NULL) - return (ENOMEM); - - /* return a class handle to the user */ - ap->class_handle = cl->cl_handle; - - return (0); -} - -static int -priqcmd_delete_class(ap) - struct priq_delete_class *ap; -{ - struct priq_if *pif; - struct priq_class *cl; - - if ((pif = altq_lookup(ap->iface.ifname, ALTQT_PRIQ)) == NULL) - return (EBADF); - - if ((cl = clh_to_clp(pif, ap->class_handle)) == NULL) - return (EINVAL); - - return priq_class_destroy(cl); -} - -static int -priqcmd_modify_class(ap) - struct priq_modify_class *ap; -{ - struct priq_if *pif; - struct priq_class *cl; - - if ((pif = altq_lookup(ap->iface.ifname, ALTQT_PRIQ)) == NULL) - return (EBADF); - - if (ap->pri < 0 || ap->pri >= PRIQ_MAXPRI) - return (EINVAL); - - if ((cl = clh_to_clp(pif, ap->class_handle)) == NULL) - return (EINVAL); - - /* - * if priority is changed, move the class to the new priority - */ - if (pif->pif_classes[ap->pri] != cl) { - if (pif->pif_classes[ap->pri] != NULL) - return (EEXIST); - pif->pif_classes[cl->cl_pri] = NULL; - pif->pif_classes[ap->pri] = cl; - cl->cl_pri = ap->pri; - } - - /* call priq_class_create to change class parameters */ - if ((cl = priq_class_create(pif, ap->pri, - ap->qlimit, ap->flags, ap->class_handle)) == NULL) - return (ENOMEM); - return 0; -} - -static int -priqcmd_add_filter(ap) - struct priq_add_filter *ap; -{ - struct priq_if *pif; - struct priq_class *cl; - - if ((pif = altq_lookup(ap->iface.ifname, ALTQT_PRIQ)) == NULL) - return (EBADF); - - if ((cl = clh_to_clp(pif, ap->class_handle)) == NULL) - return (EINVAL); - - return acc_add_filter(&pif->pif_classifier, &ap->filter, - cl, &ap->filter_handle); -} - -static int -priqcmd_delete_filter(ap) - struct priq_delete_filter *ap; -{ - struct priq_if *pif; - - if ((pif = altq_lookup(ap->iface.ifname, ALTQT_PRIQ)) == NULL) - return (EBADF); - - return acc_delete_filter(&pif->pif_classifier, - ap->filter_handle); -} - -static int -priqcmd_class_stats(ap) - struct priq_class_stats *ap; -{ - struct priq_if *pif; - struct priq_class *cl; - struct priq_classstats stats, *usp; - int pri, error; - - if ((pif = altq_lookup(ap->iface.ifname, ALTQT_PRIQ)) == NULL) - return (EBADF); - - ap->maxpri = pif->pif_maxpri; - - /* then, read the next N classes in the tree */ - usp = ap->stats; - for (pri = 0; pri <= pif->pif_maxpri; pri++) { - cl = pif->pif_classes[pri]; - if (cl != NULL) - get_class_stats(&stats, cl); - else - bzero(&stats, sizeof(stats)); - if ((error = copyout((caddr_t)&stats, (caddr_t)usp++, - sizeof(stats))) != 0) - return (error); - } - return (0); -} - -#ifdef KLD_MODULE - -static struct altqsw priq_sw = - {"priq", priqopen, priqclose, priqioctl}; - -ALTQ_MODULE(altq_priq, ALTQT_PRIQ, &priq_sw); -MODULE_DEPEND(altq_priq, altq_red, 1, 1, 1); -MODULE_DEPEND(altq_priq, altq_rio, 1, 1, 1); - -#endif /* KLD_MODULE */ - -#endif /* ALTQ3_COMPAT */ #endif /* ALTQ_PRIQ */ diff --git a/sys/net/altq/altq_priq.h b/sys/net/altq/altq_priq.h index 1a824d6097dd..a5ee3289fb66 100644 --- a/sys/net/altq/altq_priq.h +++ b/sys/net/altq/altq_priq.h @@ -42,21 +42,6 @@ extern "C" { #define PRIQ_MAXPRI 16 /* upper limit of the number of priorities */ -#ifdef ALTQ3_COMPAT -struct priq_interface { - char ifname[IFNAMSIZ]; /* interface name (e.g., fxp0) */ - u_long arg; /* request-specific argument */ -}; - -struct priq_add_class { - struct priq_interface iface; - int pri; /* priority (0 is the lowest) */ - int qlimit; /* queue size limit */ - int flags; /* misc flags (see below) */ - - u_int32_t class_handle; /* return value */ -}; -#endif /* ALTQ3_COMPAT */ /* priq class flags */ #define PRCF_RED 0x0001 /* use RED */ @@ -69,33 +54,6 @@ struct priq_add_class { /* special class handles */ #define PRIQ_NULLCLASS_HANDLE 0 -#ifdef ALTQ3_COMPAT -struct priq_delete_class { - struct priq_interface iface; - u_int32_t class_handle; -}; - -struct priq_modify_class { - struct priq_interface iface; - u_int32_t class_handle; - int pri; - int qlimit; - int flags; -}; - -struct priq_add_filter { - struct priq_interface iface; - u_int32_t class_handle; - struct flow_filter filter; - - u_long filter_handle; /* return value */ -}; - -struct priq_delete_filter { - struct priq_interface iface; - u_long filter_handle; -}; -#endif /* ALTQ3_COMPAT */ struct priq_classstats { u_int32_t class_handle; @@ -118,27 +76,6 @@ struct priq_classstats { * header. */ -#ifdef ALTQ3_COMPAT -struct priq_class_stats { - struct priq_interface iface; - int maxpri; /* in/out */ - - struct priq_classstats *stats; /* pointer to stats array */ -}; - -#define PRIQ_IF_ATTACH _IOW('Q', 1, struct priq_interface) -#define PRIQ_IF_DETACH _IOW('Q', 2, struct priq_interface) -#define PRIQ_ENABLE _IOW('Q', 3, struct priq_interface) -#define PRIQ_DISABLE _IOW('Q', 4, struct priq_interface) -#define PRIQ_CLEAR _IOW('Q', 5, struct priq_interface) -#define PRIQ_ADD_CLASS _IOWR('Q', 7, struct priq_add_class) -#define PRIQ_DEL_CLASS _IOW('Q', 8, struct priq_delete_class) -#define PRIQ_MOD_CLASS _IOW('Q', 9, struct priq_modify_class) -#define PRIQ_ADD_FILTER _IOWR('Q', 10, struct priq_add_filter) -#define PRIQ_DEL_FILTER _IOW('Q', 11, struct priq_delete_filter) -#define PRIQ_GETSTATS _IOWR('Q', 12, struct priq_class_stats) - -#endif /* ALTQ3_COMPAT */ #ifdef _KERNEL diff --git a/sys/net/altq/altq_red.c b/sys/net/altq/altq_red.c index 9d7546038299..4e84284e5107 100644 --- a/sys/net/altq/altq_red.c +++ b/sys/net/altq/altq_red.c @@ -96,12 +96,6 @@ #include <netpfil/pf/pf_mtag.h> #include <net/altq/altq.h> #include <net/altq/altq_red.h> -#ifdef ALTQ3_COMPAT -#include <net/altq/altq_conf.h> -#ifdef ALTQ_FLOWVALVE -#include <net/altq/altq_flowvalve.h> -#endif -#endif /* * ALTQ/RED (Random Early Detection) implementation using 32-bit @@ -168,56 +162,12 @@ * to switch to the random-drop policy, define "RED_RANDOM_DROP". */ -#ifdef ALTQ3_COMPAT -#ifdef ALTQ_FLOWVALVE -/* - * flow-valve is an extension to protect red from unresponsive flows - * and to promote end-to-end congestion control. - * flow-valve observes the average drop rates of the flows that have - * experienced packet drops in the recent past. - * when the average drop rate exceeds the threshold, the flow is - * blocked by the flow-valve. the trapped flow should back off - * exponentially to escape from the flow-valve. - */ -#ifdef RED_RANDOM_DROP -#error "random-drop can't be used with flow-valve!" -#endif -#endif /* ALTQ_FLOWVALVE */ - -/* red_list keeps all red_queue_t's allocated. */ -static red_queue_t *red_list = NULL; - -#endif /* ALTQ3_COMPAT */ /* default red parameter values */ static int default_th_min = TH_MIN; static int default_th_max = TH_MAX; static int default_inv_pmax = INV_P_MAX; -#ifdef ALTQ3_COMPAT -/* internal function prototypes */ -static int red_enqueue(struct ifaltq *, struct mbuf *, struct altq_pktattr *); -static struct mbuf *red_dequeue(struct ifaltq *, int); -static int red_request(struct ifaltq *, int, void *); -static void red_purgeq(red_queue_t *); -static int red_detach(red_queue_t *); -#ifdef ALTQ_FLOWVALVE -static __inline struct fve *flowlist_lookup(struct flowvalve *, - struct altq_pktattr *, struct timeval *); -static __inline struct fve *flowlist_reclaim(struct flowvalve *, - struct altq_pktattr *); -static __inline void flowlist_move_to_head(struct flowvalve *, struct fve *); -static __inline int fv_p2f(struct flowvalve *, int); -#if 0 /* XXX: make the compiler happy (fv_alloc unused) */ -static struct flowvalve *fv_alloc(struct red *); -#endif -static void fv_destroy(struct flowvalve *); -static int fv_checkflow(struct flowvalve *, struct altq_pktattr *, - struct fve **); -static void fv_dropbyred(struct flowvalve *fv, struct altq_pktattr *, - struct fve *); -#endif -#endif /* ALTQ3_COMPAT */ /* * red support routines @@ -315,12 +265,6 @@ red_alloc(int weight, int inv_pmax, int th_min, int th_max, int flags, void red_destroy(red_t *rp) { -#ifdef ALTQ3_COMPAT -#ifdef ALTQ_FLOWVALVE - if (rp->red_flowvalve != NULL) - fv_destroy(rp->red_flowvalve); -#endif -#endif /* ALTQ3_COMPAT */ wtab_destroy(rp->red_wtab); free(rp, M_DEVBUF); } @@ -342,17 +286,6 @@ red_addq(red_t *rp, class_queue_t *q, struct mbuf *m, { int avg, droptype; int n; -#ifdef ALTQ3_COMPAT -#ifdef ALTQ_FLOWVALVE - struct fve *fve = NULL; - - if (rp->red_flowvalve != NULL && rp->red_flowvalve->fv_flows > 0) - if (fv_checkflow(rp->red_flowvalve, pktattr, &fve)) { - m_freem(m); - return (-1); - } -#endif -#endif /* ALTQ3_COMPAT */ avg = rp->red_avg; @@ -458,12 +391,6 @@ red_addq(red_t *rp, class_queue_t *q, struct mbuf *m, PKTCNTR_ADD(&rp->red_stats.drop_cnt, m_pktlen(m)); #endif rp->red_count = 0; -#ifdef ALTQ3_COMPAT -#ifdef ALTQ_FLOWVALVE - if (rp->red_flowvalve != NULL) - fv_dropbyred(rp->red_flowvalve, pktattr, fve); -#endif -#endif /* ALTQ3_COMPAT */ m_freem(m); return (-1); } @@ -521,11 +448,6 @@ mark_ecn(struct mbuf *m, struct altq_pktattr *pktattr, int flags) at = pf_find_mtag(m); if (at != NULL) { hdr = at->hdr; -#ifdef ALTQ3_COMPAT - } else if (pktattr != NULL) { - af = pktattr->pattr_af; - hdr = pktattr->pattr_hdr; -#endif /* ALTQ3_COMPAT */ } else return (0); @@ -707,786 +629,5 @@ pow_w(struct wtab *w, int n) return (val); } -#ifdef ALTQ3_COMPAT -/* - * red device interface - */ -altqdev_decl(red); - -int -redopen(dev, flag, fmt, p) - dev_t dev; - int flag, fmt; -#if (__FreeBSD_version > 500000) - struct thread *p; -#else - struct proc *p; -#endif -{ - /* everything will be done when the queueing scheme is attached. */ - return 0; -} - -int -redclose(dev, flag, fmt, p) - dev_t dev; - int flag, fmt; -#if (__FreeBSD_version > 500000) - struct thread *p; -#else - struct proc *p; -#endif -{ - red_queue_t *rqp; - int err, error = 0; - - while ((rqp = red_list) != NULL) { - /* destroy all */ - err = red_detach(rqp); - if (err != 0 && error == 0) - error = err; - } - - return error; -} - -int -redioctl(dev, cmd, addr, flag, p) - dev_t dev; - ioctlcmd_t cmd; - caddr_t addr; - int flag; -#if (__FreeBSD_version > 500000) - struct thread *p; -#else - struct proc *p; -#endif -{ - red_queue_t *rqp; - struct red_interface *ifacep; - struct ifnet *ifp; - int error = 0; - - /* check super-user privilege */ - switch (cmd) { - case RED_GETSTATS: - break; - default: -#if (__FreeBSD_version > 700000) - if ((error = priv_check(p, PRIV_ALTQ_MANAGE)) != 0) -#elsif (__FreeBSD_version > 400000) - if ((error = suser(p)) != 0) -#else - if ((error = suser(p->p_ucred, &p->p_acflag)) != 0) -#endif - return (error); - break; - } - - switch (cmd) { - - case RED_ENABLE: - ifacep = (struct red_interface *)addr; - if ((rqp = altq_lookup(ifacep->red_ifname, ALTQT_RED)) == NULL) { - error = EBADF; - break; - } - error = altq_enable(rqp->rq_ifq); - break; - - case RED_DISABLE: - ifacep = (struct red_interface *)addr; - if ((rqp = altq_lookup(ifacep->red_ifname, ALTQT_RED)) == NULL) { - error = EBADF; - break; - } - error = altq_disable(rqp->rq_ifq); - break; - - case RED_IF_ATTACH: - ifp = ifunit(((struct red_interface *)addr)->red_ifname); - if (ifp == NULL) { - error = ENXIO; - break; - } - - /* allocate and initialize red_queue_t */ - rqp = malloc(sizeof(red_queue_t), M_DEVBUF, M_WAITOK); - if (rqp == NULL) { - error = ENOMEM; - break; - } - bzero(rqp, sizeof(red_queue_t)); - - rqp->rq_q = malloc(sizeof(class_queue_t), - M_DEVBUF, M_WAITOK); - if (rqp->rq_q == NULL) { - free(rqp, M_DEVBUF); - error = ENOMEM; - break; - } - bzero(rqp->rq_q, sizeof(class_queue_t)); - - rqp->rq_red = red_alloc(0, 0, 0, 0, 0, 0); - if (rqp->rq_red == NULL) { - free(rqp->rq_q, M_DEVBUF); - free(rqp, M_DEVBUF); - error = ENOMEM; - break; - } - - rqp->rq_ifq = &ifp->if_snd; - qtail(rqp->rq_q) = NULL; - qlen(rqp->rq_q) = 0; - qlimit(rqp->rq_q) = RED_LIMIT; - qtype(rqp->rq_q) = Q_RED; - - /* - * set RED to this ifnet structure. - */ - error = altq_attach(rqp->rq_ifq, ALTQT_RED, rqp, - red_enqueue, red_dequeue, red_request, - NULL, NULL); - if (error) { - red_destroy(rqp->rq_red); - free(rqp->rq_q, M_DEVBUF); - free(rqp, M_DEVBUF); - break; - } - - /* add this state to the red list */ - rqp->rq_next = red_list; - red_list = rqp; - break; - - case RED_IF_DETACH: - ifacep = (struct red_interface *)addr; - if ((rqp = altq_lookup(ifacep->red_ifname, ALTQT_RED)) == NULL) { - error = EBADF; - break; - } - error = red_detach(rqp); - break; - - case RED_GETSTATS: - do { - struct red_stats *q_stats; - red_t *rp; - - q_stats = (struct red_stats *)addr; - if ((rqp = altq_lookup(q_stats->iface.red_ifname, - ALTQT_RED)) == NULL) { - error = EBADF; - break; - } - - q_stats->q_len = qlen(rqp->rq_q); - q_stats->q_limit = qlimit(rqp->rq_q); - - rp = rqp->rq_red; - q_stats->q_avg = rp->red_avg >> rp->red_wshift; - q_stats->xmit_cnt = rp->red_stats.xmit_cnt; - q_stats->drop_cnt = rp->red_stats.drop_cnt; - q_stats->drop_forced = rp->red_stats.drop_forced; - q_stats->drop_unforced = rp->red_stats.drop_unforced; - q_stats->marked_packets = rp->red_stats.marked_packets; - - q_stats->weight = rp->red_weight; - q_stats->inv_pmax = rp->red_inv_pmax; - q_stats->th_min = rp->red_thmin; - q_stats->th_max = rp->red_thmax; - -#ifdef ALTQ_FLOWVALVE - if (rp->red_flowvalve != NULL) { - struct flowvalve *fv = rp->red_flowvalve; - q_stats->fv_flows = fv->fv_flows; - q_stats->fv_pass = fv->fv_stats.pass; - q_stats->fv_predrop = fv->fv_stats.predrop; - q_stats->fv_alloc = fv->fv_stats.alloc; - q_stats->fv_escape = fv->fv_stats.escape; - } else { -#endif /* ALTQ_FLOWVALVE */ - q_stats->fv_flows = 0; - q_stats->fv_pass = 0; - q_stats->fv_predrop = 0; - q_stats->fv_alloc = 0; - q_stats->fv_escape = 0; -#ifdef ALTQ_FLOWVALVE - } -#endif /* ALTQ_FLOWVALVE */ - } while (/*CONSTCOND*/ 0); - break; - - case RED_CONFIG: - do { - struct red_conf *fc; - red_t *new; - int s, limit; - - fc = (struct red_conf *)addr; - if ((rqp = altq_lookup(fc->iface.red_ifname, - ALTQT_RED)) == NULL) { - error = EBADF; - break; - } - new = red_alloc(fc->red_weight, - fc->red_inv_pmax, - fc->red_thmin, - fc->red_thmax, - fc->red_flags, - fc->red_pkttime); - if (new == NULL) { - error = ENOMEM; - break; - } - - s = splnet(); - red_purgeq(rqp); - limit = fc->red_limit; - if (limit < fc->red_thmax) - limit = fc->red_thmax; - qlimit(rqp->rq_q) = limit; - fc->red_limit = limit; /* write back the new value */ - - red_destroy(rqp->rq_red); - rqp->rq_red = new; - - splx(s); - - /* write back new values */ - fc->red_limit = limit; - fc->red_inv_pmax = rqp->rq_red->red_inv_pmax; - fc->red_thmin = rqp->rq_red->red_thmin; - fc->red_thmax = rqp->rq_red->red_thmax; - - } while (/*CONSTCOND*/ 0); - break; - - case RED_SETDEFAULTS: - do { - struct redparams *rp; - - rp = (struct redparams *)addr; - - default_th_min = rp->th_min; - default_th_max = rp->th_max; - default_inv_pmax = rp->inv_pmax; - } while (/*CONSTCOND*/ 0); - break; - - default: - error = EINVAL; - break; - } - return error; -} - -static int -red_detach(rqp) - red_queue_t *rqp; -{ - red_queue_t *tmp; - int error = 0; - - if (ALTQ_IS_ENABLED(rqp->rq_ifq)) - altq_disable(rqp->rq_ifq); - - if ((error = altq_detach(rqp->rq_ifq))) - return (error); - - if (red_list == rqp) - red_list = rqp->rq_next; - else { - for (tmp = red_list; tmp != NULL; tmp = tmp->rq_next) - if (tmp->rq_next == rqp) { - tmp->rq_next = rqp->rq_next; - break; - } - if (tmp == NULL) - printf("red_detach: no state found in red_list!\n"); - } - - red_destroy(rqp->rq_red); - free(rqp->rq_q, M_DEVBUF); - free(rqp, M_DEVBUF); - return (error); -} - -/* - * enqueue routine: - * - * returns: 0 when successfully queued. - * ENOBUFS when drop occurs. - */ -static int -red_enqueue(ifq, m, pktattr) - struct ifaltq *ifq; - struct mbuf *m; - struct altq_pktattr *pktattr; -{ - red_queue_t *rqp = (red_queue_t *)ifq->altq_disc; - - IFQ_LOCK_ASSERT(ifq); - - if (red_addq(rqp->rq_red, rqp->rq_q, m, pktattr) < 0) - return ENOBUFS; - ifq->ifq_len++; - return 0; -} - -/* - * dequeue routine: - * must be called in splimp. - * - * returns: mbuf dequeued. - * NULL when no packet is available in the queue. - */ - -static struct mbuf * -red_dequeue(ifq, op) - struct ifaltq *ifq; - int op; -{ - red_queue_t *rqp = (red_queue_t *)ifq->altq_disc; - struct mbuf *m; - - IFQ_LOCK_ASSERT(ifq); - - if (op == ALTDQ_POLL) - return qhead(rqp->rq_q); - - /* op == ALTDQ_REMOVE */ - m = red_getq(rqp->rq_red, rqp->rq_q); - if (m != NULL) - ifq->ifq_len--; - return (m); -} - -static int -red_request(ifq, req, arg) - struct ifaltq *ifq; - int req; - void *arg; -{ - red_queue_t *rqp = (red_queue_t *)ifq->altq_disc; - - IFQ_LOCK_ASSERT(ifq); - - switch (req) { - case ALTRQ_PURGE: - red_purgeq(rqp); - break; - } - return (0); -} - -static void -red_purgeq(rqp) - red_queue_t *rqp; -{ - _flushq(rqp->rq_q); - if (ALTQ_IS_ENABLED(rqp->rq_ifq)) - rqp->rq_ifq->ifq_len = 0; -} - -#ifdef ALTQ_FLOWVALVE - -#define FV_PSHIFT 7 /* weight of average drop rate -- 1/128 */ -#define FV_PSCALE(x) ((x) << FV_PSHIFT) -#define FV_PUNSCALE(x) ((x) >> FV_PSHIFT) -#define FV_FSHIFT 5 /* weight of average fraction -- 1/32 */ -#define FV_FSCALE(x) ((x) << FV_FSHIFT) -#define FV_FUNSCALE(x) ((x) >> FV_FSHIFT) - -#define FV_TIMER (3 * hz) /* timer value for garbage collector */ -#define FV_FLOWLISTSIZE 64 /* how many flows in flowlist */ - -#define FV_N 10 /* update fve_f every FV_N packets */ - -#define FV_BACKOFFTHRESH 1 /* backoff threshold interval in second */ -#define FV_TTHRESH 3 /* time threshold to delete fve */ -#define FV_ALPHA 5 /* extra packet count */ - -#define FV_STATS - -#if (__FreeBSD_version > 300000) -#define FV_TIMESTAMP(tp) getmicrotime(tp) -#else -#define FV_TIMESTAMP(tp) { (*(tp)) = time; } -#endif - -/* - * Brtt table: 127 entry table to convert drop rate (p) to - * the corresponding bandwidth fraction (f) - * the following equation is implemented to use scaled values, - * fve_p and fve_f, in the fixed point format. - * - * Brtt(p) = 1 /(sqrt(4*p/3) + min(1,3*sqrt(p*6/8)) * p * (1+32 * p*p)) - * f = Brtt(p) / (max_th + alpha) - */ -#define BRTT_SIZE 128 -#define BRTT_SHIFT 12 -#define BRTT_MASK 0x0007f000 -#define BRTT_PMAX (1 << (FV_PSHIFT + FP_SHIFT)) - -const int brtt_tab[BRTT_SIZE] = { - 0, 1262010, 877019, 703694, 598706, 525854, 471107, 427728, - 392026, 361788, 335598, 312506, 291850, 273158, 256081, 240361, - 225800, 212247, 199585, 187788, 178388, 169544, 161207, 153333, - 145888, 138841, 132165, 125836, 119834, 114141, 108739, 103612, - 98747, 94129, 89746, 85585, 81637, 77889, 74333, 70957, - 67752, 64711, 61824, 59084, 56482, 54013, 51667, 49440, - 47325, 45315, 43406, 41591, 39866, 38227, 36667, 35184, - 33773, 32430, 31151, 29933, 28774, 27668, 26615, 25611, - 24653, 23740, 22868, 22035, 21240, 20481, 19755, 19062, - 18399, 17764, 17157, 16576, 16020, 15487, 14976, 14487, - 14017, 13567, 13136, 12721, 12323, 11941, 11574, 11222, - 10883, 10557, 10243, 9942, 9652, 9372, 9103, 8844, - 8594, 8354, 8122, 7898, 7682, 7474, 7273, 7079, - 6892, 6711, 6536, 6367, 6204, 6046, 5893, 5746, - 5603, 5464, 5330, 5201, 5075, 4954, 4836, 4722, - 4611, 4504, 4400, 4299, 4201, 4106, 4014, 3924 -}; - -static __inline struct fve * -flowlist_lookup(fv, pktattr, now) - struct flowvalve *fv; - struct altq_pktattr *pktattr; - struct timeval *now; -{ - struct fve *fve; - int flows; - struct ip *ip; -#ifdef INET6 - struct ip6_hdr *ip6; -#endif - struct timeval tthresh; - - if (pktattr == NULL) - return (NULL); - - tthresh.tv_sec = now->tv_sec - FV_TTHRESH; - flows = 0; - /* - * search the flow list - */ - switch (pktattr->pattr_af) { - case AF_INET: - ip = (struct ip *)pktattr->pattr_hdr; - TAILQ_FOREACH(fve, &fv->fv_flowlist, fve_lru){ - if (fve->fve_lastdrop.tv_sec == 0) - break; - if (fve->fve_lastdrop.tv_sec < tthresh.tv_sec) { - fve->fve_lastdrop.tv_sec = 0; - break; - } - if (fve->fve_flow.flow_af == AF_INET && - fve->fve_flow.flow_ip.ip_src.s_addr == - ip->ip_src.s_addr && - fve->fve_flow.flow_ip.ip_dst.s_addr == - ip->ip_dst.s_addr) - return (fve); - flows++; - } - break; -#ifdef INET6 - case AF_INET6: - ip6 = (struct ip6_hdr *)pktattr->pattr_hdr; - TAILQ_FOREACH(fve, &fv->fv_flowlist, fve_lru){ - if (fve->fve_lastdrop.tv_sec == 0) - break; - if (fve->fve_lastdrop.tv_sec < tthresh.tv_sec) { - fve->fve_lastdrop.tv_sec = 0; - break; - } - if (fve->fve_flow.flow_af == AF_INET6 && - IN6_ARE_ADDR_EQUAL(&fve->fve_flow.flow_ip6.ip6_src, - &ip6->ip6_src) && - IN6_ARE_ADDR_EQUAL(&fve->fve_flow.flow_ip6.ip6_dst, - &ip6->ip6_dst)) - return (fve); - flows++; - } - break; -#endif /* INET6 */ - - default: - /* unknown protocol. no drop. */ - return (NULL); - } - fv->fv_flows = flows; /* save the number of active fve's */ - return (NULL); -} - -static __inline struct fve * -flowlist_reclaim(fv, pktattr) - struct flowvalve *fv; - struct altq_pktattr *pktattr; -{ - struct fve *fve; - struct ip *ip; -#ifdef INET6 - struct ip6_hdr *ip6; -#endif - - /* - * get an entry from the tail of the LRU list. - */ - fve = TAILQ_LAST(&fv->fv_flowlist, fv_flowhead); - - switch (pktattr->pattr_af) { - case AF_INET: - ip = (struct ip *)pktattr->pattr_hdr; - fve->fve_flow.flow_af = AF_INET; - fve->fve_flow.flow_ip.ip_src = ip->ip_src; - fve->fve_flow.flow_ip.ip_dst = ip->ip_dst; - break; -#ifdef INET6 - case AF_INET6: - ip6 = (struct ip6_hdr *)pktattr->pattr_hdr; - fve->fve_flow.flow_af = AF_INET6; - fve->fve_flow.flow_ip6.ip6_src = ip6->ip6_src; - fve->fve_flow.flow_ip6.ip6_dst = ip6->ip6_dst; - break; -#endif - } - - fve->fve_state = Green; - fve->fve_p = 0.0; - fve->fve_f = 0.0; - fve->fve_ifseq = fv->fv_ifseq - 1; - fve->fve_count = 0; - - fv->fv_flows++; -#ifdef FV_STATS - fv->fv_stats.alloc++; -#endif - return (fve); -} - -static __inline void -flowlist_move_to_head(fv, fve) - struct flowvalve *fv; - struct fve *fve; -{ - if (TAILQ_FIRST(&fv->fv_flowlist) != fve) { - TAILQ_REMOVE(&fv->fv_flowlist, fve, fve_lru); - TAILQ_INSERT_HEAD(&fv->fv_flowlist, fve, fve_lru); - } -} - -#if 0 /* XXX: make the compiler happy (fv_alloc unused) */ -/* - * allocate flowvalve structure - */ -static struct flowvalve * -fv_alloc(rp) - struct red *rp; -{ - struct flowvalve *fv; - struct fve *fve; - int i, num; - - num = FV_FLOWLISTSIZE; - fv = malloc(sizeof(struct flowvalve), - M_DEVBUF, M_WAITOK); - if (fv == NULL) - return (NULL); - bzero(fv, sizeof(struct flowvalve)); - - fv->fv_fves = malloc(sizeof(struct fve) * num, - M_DEVBUF, M_WAITOK); - if (fv->fv_fves == NULL) { - free(fv, M_DEVBUF); - return (NULL); - } - bzero(fv->fv_fves, sizeof(struct fve) * num); - - fv->fv_flows = 0; - TAILQ_INIT(&fv->fv_flowlist); - for (i = 0; i < num; i++) { - fve = &fv->fv_fves[i]; - fve->fve_lastdrop.tv_sec = 0; - TAILQ_INSERT_TAIL(&fv->fv_flowlist, fve, fve_lru); - } - - /* initialize drop rate threshold in scaled fixed-point */ - fv->fv_pthresh = (FV_PSCALE(1) << FP_SHIFT) / rp->red_inv_pmax; - - /* initialize drop rate to fraction table */ - fv->fv_p2ftab = malloc(sizeof(int) * BRTT_SIZE, - M_DEVBUF, M_WAITOK); - if (fv->fv_p2ftab == NULL) { - free(fv->fv_fves, M_DEVBUF); - free(fv, M_DEVBUF); - return (NULL); - } - /* - * create the p2f table. - * (shift is used to keep the precision) - */ - for (i = 1; i < BRTT_SIZE; i++) { - int f; - - f = brtt_tab[i] << 8; - fv->fv_p2ftab[i] = (f / (rp->red_thmax + FV_ALPHA)) >> 8; - } - - return (fv); -} -#endif - -static void fv_destroy(fv) - struct flowvalve *fv; -{ - free(fv->fv_p2ftab, M_DEVBUF); - free(fv->fv_fves, M_DEVBUF); - free(fv, M_DEVBUF); -} - -static __inline int -fv_p2f(fv, p) - struct flowvalve *fv; - int p; -{ - int val, f; - - if (p >= BRTT_PMAX) - f = fv->fv_p2ftab[BRTT_SIZE-1]; - else if ((val = (p & BRTT_MASK))) - f = fv->fv_p2ftab[(val >> BRTT_SHIFT)]; - else - f = fv->fv_p2ftab[1]; - return (f); -} - -/* - * check if an arriving packet should be pre-dropped. - * called from red_addq() when a packet arrives. - * returns 1 when the packet should be pre-dropped. - * should be called in splimp. - */ -static int -fv_checkflow(fv, pktattr, fcache) - struct flowvalve *fv; - struct altq_pktattr *pktattr; - struct fve **fcache; -{ - struct fve *fve; - struct timeval now; - - fv->fv_ifseq++; - FV_TIMESTAMP(&now); - - if ((fve = flowlist_lookup(fv, pktattr, &now)) == NULL) - /* no matching entry in the flowlist */ - return (0); - - *fcache = fve; - - /* update fraction f for every FV_N packets */ - if (++fve->fve_count == FV_N) { - /* - * f = Wf * N / (fv_ifseq - fve_ifseq) + (1 - Wf) * f - */ - fve->fve_f = - (FV_N << FP_SHIFT) / (fv->fv_ifseq - fve->fve_ifseq) - + fve->fve_f - FV_FUNSCALE(fve->fve_f); - fve->fve_ifseq = fv->fv_ifseq; - fve->fve_count = 0; - } - - /* - * overpumping test - */ - if (fve->fve_state == Green && fve->fve_p > fv->fv_pthresh) { - int fthresh; - - /* calculate a threshold */ - fthresh = fv_p2f(fv, fve->fve_p); - if (fve->fve_f > fthresh) - fve->fve_state = Red; - } - - if (fve->fve_state == Red) { - /* - * backoff test - */ - if (now.tv_sec - fve->fve_lastdrop.tv_sec > FV_BACKOFFTHRESH) { - /* no drop for at least FV_BACKOFFTHRESH sec */ - fve->fve_p = 0; - fve->fve_state = Green; -#ifdef FV_STATS - fv->fv_stats.escape++; -#endif - } else { - /* block this flow */ - flowlist_move_to_head(fv, fve); - fve->fve_lastdrop = now; -#ifdef FV_STATS - fv->fv_stats.predrop++; -#endif - return (1); - } - } - - /* - * p = (1 - Wp) * p - */ - fve->fve_p -= FV_PUNSCALE(fve->fve_p); - if (fve->fve_p < 0) - fve->fve_p = 0; -#ifdef FV_STATS - fv->fv_stats.pass++; -#endif - return (0); -} - -/* - * called from red_addq when a packet is dropped by red. - * should be called in splimp. - */ -static void fv_dropbyred(fv, pktattr, fcache) - struct flowvalve *fv; - struct altq_pktattr *pktattr; - struct fve *fcache; -{ - struct fve *fve; - struct timeval now; - - if (pktattr == NULL) - return; - FV_TIMESTAMP(&now); - - if (fcache != NULL) - /* the fve of this packet is already cached */ - fve = fcache; - else if ((fve = flowlist_lookup(fv, pktattr, &now)) == NULL) - fve = flowlist_reclaim(fv, pktattr); - - flowlist_move_to_head(fv, fve); - - /* - * update p: the following line cancels the update - * in fv_checkflow() and calculate - * p = Wp + (1 - Wp) * p - */ - fve->fve_p = (1 << FP_SHIFT) + fve->fve_p; - - fve->fve_lastdrop = now; -} - -#endif /* ALTQ_FLOWVALVE */ - -#ifdef KLD_MODULE - -static struct altqsw red_sw = - {"red", redopen, redclose, redioctl}; - -ALTQ_MODULE(altq_red, ALTQT_RED, &red_sw); -MODULE_VERSION(altq_red, 1); - -#endif /* KLD_MODULE */ -#endif /* ALTQ3_COMPAT */ #endif /* ALTQ_RED */ diff --git a/sys/net/altq/altq_red.h b/sys/net/altq/altq_red.h index 8ae8d29166c3..d4cd3d8b3d51 100644 --- a/sys/net/altq/altq_red.h +++ b/sys/net/altq/altq_red.h @@ -32,48 +32,6 @@ #include <net/altq/altq_classq.h> -#ifdef ALTQ3_COMPAT -struct red_interface { - char red_ifname[IFNAMSIZ]; -}; - -struct red_stats { - struct red_interface iface; - int q_len; - int q_avg; - - struct pktcntr xmit_cnt; - struct pktcntr drop_cnt; - u_int drop_forced; - u_int drop_unforced; - u_int marked_packets; - - /* static red parameters */ - int q_limit; - int weight; - int inv_pmax; - int th_min; - int th_max; - - /* flowvalve related stuff */ - u_int fv_flows; - u_int fv_pass; - u_int fv_predrop; - u_int fv_alloc; - u_int fv_escape; -}; - -struct red_conf { - struct red_interface iface; - int red_weight; /* weight for EWMA */ - int red_inv_pmax; /* inverse of max drop probability */ - int red_thmin; /* red min threshold */ - int red_thmax; /* red max threshold */ - int red_limit; /* max queue length */ - int red_pkttime; /* average packet time in usec */ - int red_flags; /* see below */ -}; -#endif /* ALTQ3_COMPAT */ /* red flags */ #define REDF_ECN4 0x01 /* use packet marking for IPv4 packets */ @@ -100,24 +58,9 @@ struct redstats { u_int marked_packets; }; -#ifdef ALTQ3_COMPAT -/* - * IOCTLs for RED - */ -#define RED_IF_ATTACH _IOW('Q', 1, struct red_interface) -#define RED_IF_DETACH _IOW('Q', 2, struct red_interface) -#define RED_ENABLE _IOW('Q', 3, struct red_interface) -#define RED_DISABLE _IOW('Q', 4, struct red_interface) -#define RED_CONFIG _IOWR('Q', 6, struct red_conf) -#define RED_GETSTATS _IOWR('Q', 12, struct red_stats) -#define RED_SETDEFAULTS _IOW('Q', 30, struct redparams) -#endif /* ALTQ3_COMPAT */ #ifdef _KERNEL -#ifdef ALTQ3_COMPAT -struct flowvalve; -#endif /* weight table structure for idle time calibration */ struct wtab { @@ -153,9 +96,6 @@ typedef struct red { struct wtab *red_wtab; /* weight table */ struct timeval red_last; /* time when the queue becomes idle */ -#ifdef ALTQ3_COMPAT - struct flowvalve *red_flowvalve; /* flowvalve state */ -#endif struct { struct pktcntr xmit_cnt; @@ -166,16 +106,6 @@ typedef struct red { } red_stats; } red_t; -#ifdef ALTQ3_COMPAT -typedef struct red_queue { - struct red_queue *rq_next; /* next red_state in the list */ - struct ifaltq *rq_ifq; /* backpointer to ifaltq */ - - class_queue_t *rq_q; - - red_t *rq_red; -} red_queue_t; -#endif /* ALTQ3_COMPAT */ /* red drop types */ #define DTYPE_NODROP 0 /* no drop */ diff --git a/sys/net/altq/altq_rio.c b/sys/net/altq/altq_rio.c index d229140daddf..bd22685c66c0 100644 --- a/sys/net/altq/altq_rio.c +++ b/sys/net/altq/altq_rio.c @@ -92,9 +92,6 @@ #include <net/altq/altq_cdnr.h> #include <net/altq/altq_red.h> #include <net/altq/altq_rio.h> -#ifdef ALTQ3_COMPAT -#include <net/altq/altq_conf.h> -#endif /* * RIO: RED with IN/OUT bit @@ -168,10 +165,6 @@ } \ } -#ifdef ALTQ3_COMPAT -/* rio_list keeps all rio_queue_t's allocated. */ -static rio_queue_t *rio_list = NULL; -#endif /* default rio parameter values */ static struct redparams default_rio_params[RIO_NDROPPREC] = { /* th_min, th_max, inv_pmax */ @@ -182,18 +175,6 @@ static struct redparams default_rio_params[RIO_NDROPPREC] = { /* internal function prototypes */ static int dscp2index(u_int8_t); -#ifdef ALTQ3_COMPAT -static int rio_enqueue(struct ifaltq *, struct mbuf *, struct altq_pktattr *); -static struct mbuf *rio_dequeue(struct ifaltq *, int); -static int rio_request(struct ifaltq *, int, void *); -static int rio_detach(rio_queue_t *); - -/* - * rio device interface - */ -altqdev_decl(rio); - -#endif /* ALTQ3_COMPAT */ rio_t * rio_alloc(int weight, struct redparams *params, int flags, int pkttime) @@ -466,379 +447,5 @@ rio_getq(rio_t *rp, class_queue_t *q) return (m); } -#ifdef ALTQ3_COMPAT -int -rioopen(dev, flag, fmt, p) - dev_t dev; - int flag, fmt; -#if (__FreeBSD_version > 500000) - struct thread *p; -#else - struct proc *p; -#endif -{ - /* everything will be done when the queueing scheme is attached. */ - return 0; -} - -int -rioclose(dev, flag, fmt, p) - dev_t dev; - int flag, fmt; -#if (__FreeBSD_version > 500000) - struct thread *p; -#else - struct proc *p; -#endif -{ - rio_queue_t *rqp; - int err, error = 0; - - while ((rqp = rio_list) != NULL) { - /* destroy all */ - err = rio_detach(rqp); - if (err != 0 && error == 0) - error = err; - } - - return error; -} - -int -rioioctl(dev, cmd, addr, flag, p) - dev_t dev; - ioctlcmd_t cmd; - caddr_t addr; - int flag; -#if (__FreeBSD_version > 500000) - struct thread *p; -#else - struct proc *p; -#endif -{ - rio_queue_t *rqp; - struct rio_interface *ifacep; - struct ifnet *ifp; - int error = 0; - - /* check super-user privilege */ - switch (cmd) { - case RIO_GETSTATS: - break; - default: -#if (__FreeBSD_version > 700000) - if ((error = priv_check(p, PRIV_ALTQ_MANAGE)) != 0) - return (error); -#elsif (__FreeBSD_version > 400000) - if ((error = suser(p)) != 0) - return (error); -#else - if ((error = suser(p->p_ucred, &p->p_acflag)) != 0) - return (error); -#endif - break; - } - - switch (cmd) { - - case RIO_ENABLE: - ifacep = (struct rio_interface *)addr; - if ((rqp = altq_lookup(ifacep->rio_ifname, ALTQT_RIO)) == NULL) { - error = EBADF; - break; - } - error = altq_enable(rqp->rq_ifq); - break; - - case RIO_DISABLE: - ifacep = (struct rio_interface *)addr; - if ((rqp = altq_lookup(ifacep->rio_ifname, ALTQT_RIO)) == NULL) { - error = EBADF; - break; - } - error = altq_disable(rqp->rq_ifq); - break; - - case RIO_IF_ATTACH: - ifp = ifunit(((struct rio_interface *)addr)->rio_ifname); - if (ifp == NULL) { - error = ENXIO; - break; - } - - /* allocate and initialize rio_queue_t */ - rqp = malloc(sizeof(rio_queue_t), M_DEVBUF, M_WAITOK); - if (rqp == NULL) { - error = ENOMEM; - break; - } - bzero(rqp, sizeof(rio_queue_t)); - - rqp->rq_q = malloc(sizeof(class_queue_t), - M_DEVBUF, M_WAITOK); - if (rqp->rq_q == NULL) { - free(rqp, M_DEVBUF); - error = ENOMEM; - break; - } - bzero(rqp->rq_q, sizeof(class_queue_t)); - - rqp->rq_rio = rio_alloc(0, NULL, 0, 0); - if (rqp->rq_rio == NULL) { - free(rqp->rq_q, M_DEVBUF); - free(rqp, M_DEVBUF); - error = ENOMEM; - break; - } - - rqp->rq_ifq = &ifp->if_snd; - qtail(rqp->rq_q) = NULL; - qlen(rqp->rq_q) = 0; - qlimit(rqp->rq_q) = RIO_LIMIT; - qtype(rqp->rq_q) = Q_RIO; - - /* - * set RIO to this ifnet structure. - */ - error = altq_attach(rqp->rq_ifq, ALTQT_RIO, rqp, - rio_enqueue, rio_dequeue, rio_request, - NULL, NULL); - if (error) { - rio_destroy(rqp->rq_rio); - free(rqp->rq_q, M_DEVBUF); - free(rqp, M_DEVBUF); - break; - } - - /* add this state to the rio list */ - rqp->rq_next = rio_list; - rio_list = rqp; - break; - - case RIO_IF_DETACH: - ifacep = (struct rio_interface *)addr; - if ((rqp = altq_lookup(ifacep->rio_ifname, ALTQT_RIO)) == NULL) { - error = EBADF; - break; - } - error = rio_detach(rqp); - break; - - case RIO_GETSTATS: - do { - struct rio_stats *q_stats; - rio_t *rp; - int i; - - q_stats = (struct rio_stats *)addr; - if ((rqp = altq_lookup(q_stats->iface.rio_ifname, - ALTQT_RIO)) == NULL) { - error = EBADF; - break; - } - - rp = rqp->rq_rio; - - q_stats->q_limit = qlimit(rqp->rq_q); - q_stats->weight = rp->rio_weight; - q_stats->flags = rp->rio_flags; - - for (i = 0; i < RIO_NDROPPREC; i++) { - q_stats->q_len[i] = rp->rio_precstate[i].qlen; - bcopy(&rp->q_stats[i], &q_stats->q_stats[i], - sizeof(struct redstats)); - q_stats->q_stats[i].q_avg = - rp->rio_precstate[i].avg >> rp->rio_wshift; - - q_stats->q_params[i].inv_pmax - = rp->rio_precstate[i].inv_pmax; - q_stats->q_params[i].th_min - = rp->rio_precstate[i].th_min; - q_stats->q_params[i].th_max - = rp->rio_precstate[i].th_max; - } - } while (/*CONSTCOND*/ 0); - break; - - case RIO_CONFIG: - do { - struct rio_conf *fc; - rio_t *new; - int s, limit, i; - - fc = (struct rio_conf *)addr; - if ((rqp = altq_lookup(fc->iface.rio_ifname, - ALTQT_RIO)) == NULL) { - error = EBADF; - break; - } - - new = rio_alloc(fc->rio_weight, &fc->q_params[0], - fc->rio_flags, fc->rio_pkttime); - if (new == NULL) { - error = ENOMEM; - break; - } - - s = splnet(); - _flushq(rqp->rq_q); - limit = fc->rio_limit; - if (limit < fc->q_params[RIO_NDROPPREC-1].th_max) - limit = fc->q_params[RIO_NDROPPREC-1].th_max; - qlimit(rqp->rq_q) = limit; - - rio_destroy(rqp->rq_rio); - rqp->rq_rio = new; - - splx(s); - - /* write back new values */ - fc->rio_limit = limit; - for (i = 0; i < RIO_NDROPPREC; i++) { - fc->q_params[i].inv_pmax = - rqp->rq_rio->rio_precstate[i].inv_pmax; - fc->q_params[i].th_min = - rqp->rq_rio->rio_precstate[i].th_min; - fc->q_params[i].th_max = - rqp->rq_rio->rio_precstate[i].th_max; - } - } while (/*CONSTCOND*/ 0); - break; - - case RIO_SETDEFAULTS: - do { - struct redparams *rp; - int i; - - rp = (struct redparams *)addr; - for (i = 0; i < RIO_NDROPPREC; i++) - default_rio_params[i] = rp[i]; - } while (/*CONSTCOND*/ 0); - break; - - default: - error = EINVAL; - break; - } - - return error; -} - -static int -rio_detach(rqp) - rio_queue_t *rqp; -{ - rio_queue_t *tmp; - int error = 0; - - if (ALTQ_IS_ENABLED(rqp->rq_ifq)) - altq_disable(rqp->rq_ifq); - - if ((error = altq_detach(rqp->rq_ifq))) - return (error); - - if (rio_list == rqp) - rio_list = rqp->rq_next; - else { - for (tmp = rio_list; tmp != NULL; tmp = tmp->rq_next) - if (tmp->rq_next == rqp) { - tmp->rq_next = rqp->rq_next; - break; - } - if (tmp == NULL) - printf("rio_detach: no state found in rio_list!\n"); - } - - rio_destroy(rqp->rq_rio); - free(rqp->rq_q, M_DEVBUF); - free(rqp, M_DEVBUF); - return (error); -} - -/* - * rio support routines - */ -static int -rio_request(ifq, req, arg) - struct ifaltq *ifq; - int req; - void *arg; -{ - rio_queue_t *rqp = (rio_queue_t *)ifq->altq_disc; - - IFQ_LOCK_ASSERT(ifq); - - switch (req) { - case ALTRQ_PURGE: - _flushq(rqp->rq_q); - if (ALTQ_IS_ENABLED(ifq)) - ifq->ifq_len = 0; - break; - } - return (0); -} - -/* - * enqueue routine: - * - * returns: 0 when successfully queued. - * ENOBUFS when drop occurs. - */ -static int -rio_enqueue(ifq, m, pktattr) - struct ifaltq *ifq; - struct mbuf *m; - struct altq_pktattr *pktattr; -{ - rio_queue_t *rqp = (rio_queue_t *)ifq->altq_disc; - int error = 0; - - IFQ_LOCK_ASSERT(ifq); - - if (rio_addq(rqp->rq_rio, rqp->rq_q, m, pktattr) == 0) - ifq->ifq_len++; - else - error = ENOBUFS; - return error; -} - -/* - * dequeue routine: - * must be called in splimp. - * - * returns: mbuf dequeued. - * NULL when no packet is available in the queue. - */ - -static struct mbuf * -rio_dequeue(ifq, op) - struct ifaltq *ifq; - int op; -{ - rio_queue_t *rqp = (rio_queue_t *)ifq->altq_disc; - struct mbuf *m = NULL; - - IFQ_LOCK_ASSERT(ifq); - - if (op == ALTDQ_POLL) - return qhead(rqp->rq_q); - - m = rio_getq(rqp->rq_rio, rqp->rq_q); - if (m != NULL) - ifq->ifq_len--; - return m; -} - -#ifdef KLD_MODULE - -static struct altqsw rio_sw = - {"rio", rioopen, rioclose, rioioctl}; - -ALTQ_MODULE(altq_rio, ALTQT_RIO, &rio_sw); -MODULE_VERSION(altq_rio, 1); -MODULE_DEPEND(altq_rio, altq_red, 1, 1, 1); - -#endif /* KLD_MODULE */ -#endif /* ALTQ3_COMPAT */ #endif /* ALTQ_RIO */ diff --git a/sys/net/altq/altq_rio.h b/sys/net/altq/altq_rio.h index ce9dc0e0f4d7..2ae713940774 100644 --- a/sys/net/altq/altq_rio.h +++ b/sys/net/altq/altq_rio.h @@ -38,32 +38,6 @@ */ #define RIO_NDROPPREC 3 /* number of drop precedence values */ -#ifdef ALTQ3_COMPAT -struct rio_interface { - char rio_ifname[IFNAMSIZ]; -}; - -struct rio_stats { - struct rio_interface iface; - int q_len[RIO_NDROPPREC]; - struct redstats q_stats[RIO_NDROPPREC]; - - /* static red parameters */ - int q_limit; - int weight; - int flags; - struct redparams q_params[RIO_NDROPPREC]; -}; - -struct rio_conf { - struct rio_interface iface; - struct redparams q_params[RIO_NDROPPREC]; - int rio_weight; /* weight for EWMA */ - int rio_limit; /* max queue length */ - int rio_pkttime; /* average packet time in usec */ - int rio_flags; /* see below */ -}; -#endif /* ALTQ3_COMPAT */ /* rio flags */ #define RIOF_ECN4 0x01 /* use packet marking for IPv4 packets */ @@ -71,18 +45,6 @@ struct rio_conf { #define RIOF_ECN (RIOF_ECN4 | RIOF_ECN6) #define RIOF_CLEARDSCP 0x200 /* clear diffserv codepoint */ -#ifdef ALTQ3_COMPAT -/* - * IOCTLs for RIO - */ -#define RIO_IF_ATTACH _IOW('Q', 1, struct rio_interface) -#define RIO_IF_DETACH _IOW('Q', 2, struct rio_interface) -#define RIO_ENABLE _IOW('Q', 3, struct rio_interface) -#define RIO_DISABLE _IOW('Q', 4, struct rio_interface) -#define RIO_CONFIG _IOWR('Q', 6, struct rio_conf) -#define RIO_GETSTATS _IOWR('Q', 12, struct rio_stats) -#define RIO_SETDEFAULTS _IOW('Q', 30, struct redparams[RIO_NDROPPREC]) -#endif /* ALTQ3_COMPAT */ #ifdef _KERNEL @@ -122,16 +84,6 @@ typedef struct rio { struct redstats q_stats[RIO_NDROPPREC]; /* statistics */ } rio_t; -#ifdef ALTQ3_COMPAT -typedef struct rio_queue { - struct rio_queue *rq_next; /* next red_state in the list */ - struct ifaltq *rq_ifq; /* backpointer to ifaltq */ - - class_queue_t *rq_q; - - rio_t *rq_rio; -} rio_queue_t; -#endif /* ALTQ3_COMPAT */ extern rio_t *rio_alloc(int, struct redparams *, int, int); extern void rio_destroy(rio_t *); diff --git a/sys/net/altq/altq_rmclass.c b/sys/net/altq/altq_rmclass.c index 655b5da724cb..de55b579dc83 100644 --- a/sys/net/altq/altq_rmclass.c +++ b/sys/net/altq/altq_rmclass.c @@ -49,17 +49,9 @@ #include <sys/systm.h> #include <sys/errno.h> #include <sys/time.h> -#ifdef ALTQ3_COMPAT -#include <sys/kernel.h> -#endif #include <net/if.h> #include <net/if_var.h> -#ifdef ALTQ3_COMPAT -#include <netinet/in.h> -#include <netinet/in_systm.h> -#include <netinet/ip.h> -#endif #include <net/altq/if_altq.h> #include <net/altq/altq.h> diff --git a/sys/net/altq/altq_subr.c b/sys/net/altq/altq_subr.c index bce83efcd3a7..af919d5f499d 100644 --- a/sys/net/altq/altq_subr.c +++ b/sys/net/altq/altq_subr.c @@ -62,9 +62,6 @@ #include <netpfil/pf/pf.h> #include <netpfil/pf/pf_altq.h> #include <net/altq/altq.h> -#ifdef ALTQ3_COMPAT -#include <net/altq/altq_conf.h> -#endif /* machine dependent clock related includes */ #include <sys/bus.h> @@ -155,22 +152,6 @@ altq_attach(ifq, type, discipline, enqueue, dequeue, request, clfier, classify) return ENXIO; } -#ifdef ALTQ3_COMPAT - /* - * pfaltq can override the existing discipline, but altq3 cannot. - * check these if clfier is not NULL (which implies altq3). - */ - if (clfier != NULL) { - if (ALTQ_IS_ENABLED(ifq)) { - IFQ_UNLOCK(ifq); - return EBUSY; - } - if (ALTQ_IS_ATTACHED(ifq)) { - IFQ_UNLOCK(ifq); - return EEXIST; - } - } -#endif ifq->altq_type = type; ifq->altq_disc = discipline; ifq->altq_enqueue = enqueue; @@ -179,11 +160,6 @@ altq_attach(ifq, type, discipline, enqueue, dequeue, request, clfier, classify) ifq->altq_clfier = clfier; ifq->altq_classify = classify; ifq->altq_flags &= (ALTQF_CANTCHANGE|ALTQF_ENABLED); -#ifdef ALTQ3_COMPAT -#ifdef ALTQ_KLD - altq_module_incref(type); -#endif -#endif IFQ_UNLOCK(ifq); return 0; } @@ -206,11 +182,6 @@ altq_detach(ifq) IFQ_UNLOCK(ifq); return (0); } -#ifdef ALTQ3_COMPAT -#ifdef ALTQ_KLD - altq_module_declref(ifq->altq_type); -#endif -#endif ifq->altq_type = ALTQT_NONE; ifq->altq_disc = NULL; diff --git a/sys/net/if.c b/sys/net/if.c index 15b4d7c12d1e..b5f624500030 100644 --- a/sys/net/if.c +++ b/sys/net/if.c @@ -597,8 +597,6 @@ if_free_internal(struct ifnet *ifp) #ifdef MAC mac_ifnet_destroy(ifp); #endif /* MAC */ - if (ifp->if_description != NULL) - free(ifp->if_description, M_IFDESCR); IF_AFDATA_DESTROY(ifp); IF_ADDR_LOCK_DESTROY(ifp); ifq_delete(&ifp->if_snd); @@ -606,6 +604,8 @@ if_free_internal(struct ifnet *ifp) for (int i = 0; i < IFCOUNTERS; i++) counter_u64_free(ifp->if_counters[i]); + free(ifp->if_description, M_IFDESCR); + free(ifp->if_hw_addr, M_IFADDR); free(ifp, M_IFNET); } @@ -1068,6 +1068,8 @@ if_detach_internal(struct ifnet *ifp, int vmove, struct if_clone **ifcp) CK_STAILQ_FOREACH(iter, &V_ifnet, if_link) if (iter == ifp) { CK_STAILQ_REMOVE(&V_ifnet, ifp, ifnet, if_link); + if (!vmove) + ifp->if_flags |= IFF_DYING; found = 1; break; } @@ -1182,14 +1184,8 @@ if_detach_internal(struct ifnet *ifp, int vmove, struct if_clone **ifcp) if_dead(ifp); /* - * Remove link ifaddr pointer and maybe decrement if_index. * Clean up all addresses. */ - free(ifp->if_hw_addr, M_IFADDR); - ifp->if_hw_addr = NULL; - ifp->if_addr = NULL; - - /* We can now free link ifaddr. */ IF_ADDR_WLOCK(ifp); if (!CK_STAILQ_EMPTY(&ifp->if_addrhead)) { ifa = CK_STAILQ_FIRST(&ifp->if_addrhead); diff --git a/sys/net/if.h b/sys/net/if.h index 1c860ffedbdf..d6e032e36f7b 100644 --- a/sys/net/if.h +++ b/sys/net/if.h @@ -271,6 +271,7 @@ struct if_msghdr { int ifm_addrs; /* like rtm_addrs */ int ifm_flags; /* value of if_flags */ u_short ifm_index; /* index for associated ifp */ + u_short _ifm_spare1; struct if_data ifm_data;/* statistics and other data about if */ }; @@ -296,6 +297,7 @@ struct if_msghdrl { u_short _ifm_spare1; /* spare space to grow if_index, see if_var.h */ u_short ifm_len; /* length of if_msghdrl incl. if_data */ u_short ifm_data_off; /* offset of if_data from beginning */ + int _ifm_spare2; struct if_data ifm_data;/* statistics and other data about if */ }; @@ -311,6 +313,7 @@ struct ifa_msghdr { int ifam_addrs; /* like rtm_addrs */ int ifam_flags; /* value of ifa_flags */ u_short ifam_index; /* index for associated ifp */ + u_short _ifam_spare1; int ifam_metric; /* value of ifa_ifp->if_metric */ }; @@ -352,6 +355,7 @@ struct ifma_msghdr { int ifmam_addrs; /* like rtm_addrs */ int ifmam_flags; /* value of ifa_flags */ u_short ifmam_index; /* index for associated ifp */ + u_short _ifmam_spare1; }; /* diff --git a/sys/net/iflib.c b/sys/net/iflib.c index 537e52aad2de..539dcd37e578 100644 --- a/sys/net/iflib.c +++ b/sys/net/iflib.c @@ -92,15 +92,6 @@ __FBSDID("$FreeBSD$"); #include "ifdi_if.h" -#if defined(__i386__) || defined(__amd64__) -#include <sys/memdesc.h> -#include <machine/bus.h> -#include <machine/md_var.h> -#include <machine/specialreg.h> -#include <x86/include/busdma_impl.h> -#include <x86/iommu/busdma_dmar.h> -#endif - #ifdef PCI_IOV #include <dev/pci/pci_iov.h> #endif @@ -282,24 +273,16 @@ iflib_get_sctx(if_ctx_t ctx) #define LINK_ACTIVE(ctx) ((ctx)->ifc_link_state == LINK_STATE_UP) #define CTX_IS_VF(ctx) ((ctx)->ifc_sctx->isc_flags & IFLIB_IS_VF) -#define RX_SW_DESC_MAP_CREATED (1 << 0) -#define TX_SW_DESC_MAP_CREATED (1 << 1) -#define RX_SW_DESC_INUSE (1 << 3) -#define TX_SW_DESC_MAPPED (1 << 4) - -#define M_TOOBIG M_PROTO1 - typedef struct iflib_sw_rx_desc_array { bus_dmamap_t *ifsd_map; /* bus_dma maps for packet */ struct mbuf **ifsd_m; /* pkthdr mbufs */ caddr_t *ifsd_cl; /* direct cluster pointer for rx */ - uint8_t *ifsd_flags; + bus_addr_t *ifsd_ba; /* bus addr of cluster for rx */ } iflib_rxsd_array_t; typedef struct iflib_sw_tx_desc_array { bus_dmamap_t *ifsd_map; /* bus_dma maps for packet */ struct mbuf **ifsd_m; /* pkthdr mbufs */ - uint8_t *ifsd_flags; } if_txsd_vec_t; @@ -940,9 +923,8 @@ iflib_netmap_txsync(struct netmap_kring *kring, int flags) if_ctx_t ctx = ifp->if_softc; iflib_txq_t txq = &ctx->ifc_txqs[kring->ring_id]; - if (txq->ift_sds.ifsd_map) - bus_dmamap_sync(txq->ift_desc_tag, txq->ift_ifdi->idi_map, - BUS_DMASYNC_POSTREAD | BUS_DMASYNC_POSTWRITE); + bus_dmamap_sync(txq->ift_desc_tag, txq->ift_ifdi->idi_map, + BUS_DMASYNC_POSTREAD | BUS_DMASYNC_POSTWRITE); /* @@ -1024,9 +1006,8 @@ iflib_netmap_txsync(struct netmap_kring *kring, int flags) kring->nr_hwcur = nm_i; /* synchronize the NIC ring */ - if (txq->ift_sds.ifsd_map) - bus_dmamap_sync(txq->ift_desc_tag, txq->ift_ifdi->idi_map, - BUS_DMASYNC_PREREAD | BUS_DMASYNC_PREWRITE); + bus_dmamap_sync(txq->ift_desc_tag, txq->ift_ifdi->idi_map, + BUS_DMASYNC_PREREAD | BUS_DMASYNC_PREWRITE); /* (re)start the tx unit up to slot nic_i (excluded) */ ctx->isc_txd_flush(ctx->ifc_softc, txq->ift_id, nic_i); @@ -1129,9 +1110,8 @@ iflib_netmap_rxsync(struct netmap_kring *kring, int flags) error = ctx->isc_rxd_pkt_get(ctx->ifc_softc, &ri); ring->slot[nm_i].len = error ? 0 : ri.iri_len - crclen; ring->slot[nm_i].flags = 0; - if (fl->ifl_sds.ifsd_map) - bus_dmamap_sync(fl->ifl_ifdi->idi_tag, - fl->ifl_sds.ifsd_map[nic_i], BUS_DMASYNC_POSTREAD); + bus_dmamap_sync(fl->ifl_ifdi->idi_tag, + fl->ifl_sds.ifsd_map[nic_i], BUS_DMASYNC_POSTREAD); nm_i = nm_next(nm_i, lim); nic_i = nm_next(nic_i, lim); } @@ -1210,9 +1190,6 @@ iflib_netmap_txq_init(if_ctx_t ctx, iflib_txq_t txq) slot = netmap_reset(na, NR_TX, txq->ift_id, 0); if (slot == NULL) return; - if (txq->ift_sds.ifsd_map == NULL) - return; - for (int i = 0; i < ctx->ifc_softc_ctx.isc_ntxd[0]; i++) { /* @@ -1657,13 +1634,6 @@ iflib_txsd_alloc(iflib_txq_t txq) goto fail; } - if (!(txq->ift_sds.ifsd_flags = - (uint8_t *) malloc(sizeof(uint8_t) * - scctx->isc_ntxd[txq->ift_br_offset], M_IFLIB, M_NOWAIT | M_ZERO))) { - device_printf(dev, "Unable to allocate tx_buffer memory\n"); - err = ENOMEM; - goto fail; - } if (!(txq->ift_sds.ifsd_m = (struct mbuf **) malloc(sizeof(struct mbuf *) * scctx->isc_ntxd[txq->ift_br_offset], M_IFLIB, M_NOWAIT | M_ZERO))) { @@ -1673,10 +1643,6 @@ iflib_txsd_alloc(iflib_txq_t txq) } /* Create the descriptor buffer dma maps */ -#if defined(ACPI_DMAR) || (! (defined(__i386__) || defined(__amd64__))) - if ((ctx->ifc_flags & IFC_DMAR) == 0) - return (0); - if (!(txq->ift_sds.ifsd_map = (bus_dmamap_t *) malloc(sizeof(bus_dmamap_t) * scctx->isc_ntxd[txq->ift_br_offset], M_IFLIB, M_NOWAIT | M_ZERO))) { device_printf(dev, "Unable to allocate tx_buffer map memory\n"); @@ -1691,7 +1657,6 @@ iflib_txsd_alloc(iflib_txq_t txq) goto fail; } } -#endif return (0); fail: /* We free all, it handles case where we are in the middle */ @@ -1729,10 +1694,6 @@ iflib_txq_destroy(iflib_txq_t txq) free(txq->ift_sds.ifsd_m, M_IFLIB); txq->ift_sds.ifsd_m = NULL; } - if (txq->ift_sds.ifsd_flags != NULL) { - free(txq->ift_sds.ifsd_flags, M_IFLIB); - txq->ift_sds.ifsd_flags = NULL; - } if (txq->ift_desc_tag != NULL) { bus_dma_tag_destroy(txq->ift_desc_tag); txq->ift_desc_tag = NULL; @@ -1834,13 +1795,6 @@ iflib_rxsd_alloc(iflib_rxq_t rxq) __func__, err); goto fail; } - if (!(fl->ifl_sds.ifsd_flags = - (uint8_t *) malloc(sizeof(uint8_t) * - scctx->isc_nrxd[rxq->ifr_fl_offset], M_IFLIB, M_NOWAIT | M_ZERO))) { - device_printf(dev, "Unable to allocate tx_buffer memory\n"); - err = ENOMEM; - goto fail; - } if (!(fl->ifl_sds.ifsd_m = (struct mbuf **) malloc(sizeof(struct mbuf *) * scctx->isc_nrxd[rxq->ifr_fl_offset], M_IFLIB, M_NOWAIT | M_ZERO))) { @@ -1856,11 +1810,15 @@ iflib_rxsd_alloc(iflib_rxq_t rxq) goto fail; } - /* Create the descriptor buffer dma maps */ -#if defined(ACPI_DMAR) || (! (defined(__i386__) || defined(__amd64__))) - if ((ctx->ifc_flags & IFC_DMAR) == 0) - continue; + if (!(fl->ifl_sds.ifsd_ba = + (bus_addr_t *) malloc(sizeof(bus_addr_t) * + scctx->isc_nrxd[rxq->ifr_fl_offset], M_IFLIB, M_NOWAIT | M_ZERO))) { + device_printf(dev, "Unable to allocate rx bus addr memory\n"); + err = ENOMEM; + goto fail; + } + /* Create the descriptor buffer dma maps */ if (!(fl->ifl_sds.ifsd_map = (bus_dmamap_t *) malloc(sizeof(bus_dmamap_t) * scctx->isc_nrxd[rxq->ifr_fl_offset], M_IFLIB, M_NOWAIT | M_ZERO))) { device_printf(dev, "Unable to allocate tx_buffer map memory\n"); @@ -1875,7 +1833,6 @@ iflib_rxsd_alloc(iflib_rxq_t rxq) goto fail; } } -#endif } return (0); @@ -1905,13 +1862,6 @@ _rxq_refill_cb(void *arg, bus_dma_segment_t *segs, int nseg, int error) cb_arg->nseg = nseg; } - -#ifdef ACPI_DMAR -#define IS_DMAR(ctx) (ctx->ifc_flags & IFC_DMAR) -#else -#define IS_DMAR(ctx) (0) -#endif - /** * rxq_refill - refill an rxq free-buffer list * @ctx: the iflib context @@ -1929,18 +1879,18 @@ _iflib_fl_refill(if_ctx_t ctx, iflib_fl_t fl, int count) int pidx = fl->ifl_pidx; caddr_t cl, *sd_cl; struct mbuf **sd_m; - uint8_t *sd_flags; struct if_rxd_update iru; + struct rxq_refill_cb_arg cb_arg; bus_dmamap_t *sd_map; int n, i = 0; - uint64_t bus_addr; + bus_addr_t bus_addr, *sd_ba; int err; qidx_t credits; sd_m = fl->ifl_sds.ifsd_m; sd_map = fl->ifl_sds.ifsd_map; sd_cl = fl->ifl_sds.ifsd_cl; - sd_flags = fl->ifl_sds.ifsd_flags; + sd_ba = fl->ifl_sds.ifsd_ba; idx = pidx; credits = fl->ifl_credits; @@ -1970,35 +1920,15 @@ _iflib_fl_refill(if_ctx_t ctx, iflib_fl_t fl, int count) if ((frag_idx < 0) || (frag_idx >= fl->ifl_size)) bit_ffc(fl->ifl_rx_bitmap, fl->ifl_size, &frag_idx); if ((cl = sd_cl[frag_idx]) == NULL) { - if ((cl = sd_cl[frag_idx] = m_cljget(NULL, M_NOWAIT, fl->ifl_buf_size)) == NULL) + if ((cl = m_cljget(NULL, M_NOWAIT, fl->ifl_buf_size)) == NULL) break; -#if MEMORY_LOGGING - fl->ifl_cl_enqueued++; -#endif - } - if ((m = m_gethdr(M_NOWAIT, MT_NOINIT)) == NULL) { - break; - } -#if MEMORY_LOGGING - fl->ifl_m_enqueued++; -#endif - - DBG_COUNTER_INC(rx_allocs); -#if defined(__i386__) || defined(__amd64__) - if (!IS_DMAR(ctx)) { - bus_addr = pmap_kextract((vm_offset_t)cl); - } else -#endif - { - struct rxq_refill_cb_arg cb_arg; cb_arg.error = 0; MPASS(sd_map != NULL); - MPASS(sd_map[frag_idx] != NULL); err = bus_dmamap_load(fl->ifl_desc_tag, sd_map[frag_idx], - cl, fl->ifl_buf_size, _rxq_refill_cb, &cb_arg, 0); + cl, fl->ifl_buf_size, _rxq_refill_cb, &cb_arg, 0); bus_dmamap_sync(fl->ifl_desc_tag, sd_map[frag_idx], - BUS_DMASYNC_PREREAD); + BUS_DMASYNC_PREREAD); if (err != 0 || cb_arg.error) { /* @@ -2006,18 +1936,29 @@ _iflib_fl_refill(if_ctx_t ctx, iflib_fl_t fl, int count) */ if (fl->ifl_zone == zone_pack) uma_zfree(fl->ifl_zone, cl); - m_free(m); - n = 0; - goto done; + break; } - bus_addr = cb_arg.seg.ds_addr; + + sd_ba[frag_idx] = bus_addr = cb_arg.seg.ds_addr; + sd_cl[frag_idx] = cl; +#if MEMORY_LOGGING + fl->ifl_cl_enqueued++; +#endif + } else { + bus_addr = sd_ba[frag_idx]; } - bit_set(fl->ifl_rx_bitmap, frag_idx); - sd_flags[frag_idx] |= RX_SW_DESC_INUSE; + bit_set(fl->ifl_rx_bitmap, frag_idx); MPASS(sd_m[frag_idx] == NULL); - sd_cl[frag_idx] = cl; + if ((m = m_gethdr(M_NOWAIT, MT_NOINIT)) == NULL) { + break; + } sd_m[frag_idx] = m; +#if MEMORY_LOGGING + fl->ifl_m_enqueued++; +#endif + + DBG_COUNTER_INC(rx_allocs); fl->ifl_rxd_idxs[i] = frag_idx; fl->ifl_bus_addrs[i] = bus_addr; fl->ifl_vm_addrs[i] = cl; @@ -2039,7 +1980,7 @@ _iflib_fl_refill(if_ctx_t ctx, iflib_fl_t fl, int count) } } -done: + if (i) { iru.iru_pidx = pidx; iru.iru_count = i; @@ -2053,9 +1994,8 @@ done: else pidx = fl->ifl_pidx - 1; - if (sd_map) - bus_dmamap_sync(fl->ifl_ifdi->idi_tag, fl->ifl_ifdi->idi_map, - BUS_DMASYNC_PREREAD | BUS_DMASYNC_PREWRITE); + bus_dmamap_sync(fl->ifl_ifdi->idi_tag, fl->ifl_ifdi->idi_map, + BUS_DMASYNC_PREREAD | BUS_DMASYNC_PREWRITE); ctx->isc_rxd_flush(ctx->ifc_softc, fl->ifl_rxq->ifr_id, fl->ifl_id, pidx); fl->ifl_fragidx = frag_idx; } @@ -2094,24 +2034,20 @@ iflib_fl_bufs_free(iflib_fl_t fl) for (i = 0; i < fl->ifl_size; i++) { struct mbuf **sd_m = &fl->ifl_sds.ifsd_m[i]; - uint8_t *sd_flags = &fl->ifl_sds.ifsd_flags[i]; caddr_t *sd_cl = &fl->ifl_sds.ifsd_cl[i]; - if (*sd_flags & RX_SW_DESC_INUSE) { - if (fl->ifl_sds.ifsd_map != NULL) { - bus_dmamap_t sd_map = fl->ifl_sds.ifsd_map[i]; - bus_dmamap_unload(fl->ifl_desc_tag, sd_map); - // XXX: Should this get moved out? - if (iflib_in_detach(fl->ifl_rxq->ifr_ctx)) - bus_dmamap_destroy(fl->ifl_desc_tag, sd_map); - } + if (*sd_cl != NULL) { + bus_dmamap_t sd_map = fl->ifl_sds.ifsd_map[i]; + bus_dmamap_unload(fl->ifl_desc_tag, sd_map); + if (*sd_cl != NULL) + uma_zfree(fl->ifl_zone, *sd_cl); + // XXX: Should this get moved out? + if (iflib_in_detach(fl->ifl_rxq->ifr_ctx)) + bus_dmamap_destroy(fl->ifl_desc_tag, sd_map); if (*sd_m != NULL) { m_init(*sd_m, M_NOWAIT, MT_DATA, 0); uma_zfree(zone_mbuf, *sd_m); } - if (*sd_cl != NULL) - uma_zfree(fl->ifl_zone, *sd_cl); - *sd_flags = 0; } else { MPASS(*sd_cl == NULL); MPASS(*sd_m == NULL); @@ -2125,7 +2061,6 @@ iflib_fl_bufs_free(iflib_fl_t fl) } #ifdef INVARIANTS for (i = 0; i < fl->ifl_size; i++) { - MPASS(fl->ifl_sds.ifsd_flags[i] == 0); MPASS(fl->ifl_sds.ifsd_cl[i] == NULL); MPASS(fl->ifl_sds.ifsd_m[i] == NULL); } @@ -2216,10 +2151,12 @@ iflib_rx_sds_free(iflib_rxq_t rxq) } free(fl->ifl_sds.ifsd_m, M_IFLIB); free(fl->ifl_sds.ifsd_cl, M_IFLIB); + free(fl->ifl_sds.ifsd_ba, M_IFLIB); /* XXX destroy maps first */ free(fl->ifl_sds.ifsd_map, M_IFLIB); fl->ifl_sds.ifsd_m = NULL; fl->ifl_sds.ifsd_cl = NULL; + fl->ifl_sds.ifsd_ba = NULL; fl->ifl_sds.ifsd_map = NULL; } free(rxq->ifr_fl, M_IFLIB); @@ -2488,27 +2425,23 @@ rxd_frag_to_sd(iflib_rxq_t rxq, if_rxd_frag_t irf, int unload, if_rxsd_t sd) #endif if (rxq->ifr_ctx->ifc_flags & IFC_PREFETCH) prefetch_pkts(fl, cidx); - if (fl->ifl_sds.ifsd_map != NULL) { - next = (cidx + CACHE_PTR_INCREMENT) & (fl->ifl_size-1); - prefetch(&fl->ifl_sds.ifsd_map[next]); - map = fl->ifl_sds.ifsd_map[cidx]; - di = fl->ifl_ifdi; - next = (cidx + CACHE_LINE_SIZE) & (fl->ifl_size-1); - prefetch(&fl->ifl_sds.ifsd_flags[next]); - bus_dmamap_sync(di->idi_tag, di->idi_map, - BUS_DMASYNC_POSTREAD | BUS_DMASYNC_POSTWRITE); + next = (cidx + CACHE_PTR_INCREMENT) & (fl->ifl_size-1); + prefetch(&fl->ifl_sds.ifsd_map[next]); + map = fl->ifl_sds.ifsd_map[cidx]; + di = fl->ifl_ifdi; + next = (cidx + CACHE_LINE_SIZE) & (fl->ifl_size-1); + bus_dmamap_sync(di->idi_tag, di->idi_map, + BUS_DMASYNC_POSTREAD | BUS_DMASYNC_POSTWRITE); /* not valid assert if bxe really does SGE from non-contiguous elements */ - MPASS(fl->ifl_cidx == cidx); - if (unload) - bus_dmamap_unload(fl->ifl_desc_tag, map); - } + MPASS(fl->ifl_cidx == cidx); + if (unload) + bus_dmamap_unload(fl->ifl_desc_tag, map); fl->ifl_cidx = (fl->ifl_cidx + 1) & (fl->ifl_size-1); if (__predict_false(fl->ifl_cidx == 0)) fl->ifl_gen = 0; - if (map != NULL) - bus_dmamap_sync(fl->ifl_ifdi->idi_tag, fl->ifl_ifdi->idi_map, - BUS_DMASYNC_PREREAD | BUS_DMASYNC_PREWRITE); + bus_dmamap_sync(fl->ifl_ifdi->idi_tag, fl->ifl_ifdi->idi_map, + BUS_DMASYNC_PREREAD | BUS_DMASYNC_PREWRITE); bit_clear(fl->ifl_rx_bitmap, cidx); } @@ -3071,145 +3004,22 @@ iflib_parse_header(iflib_txq_t txq, if_pkt_info_t pi, struct mbuf **mp) static __noinline struct mbuf * iflib_remove_mbuf(iflib_txq_t txq) { - int ntxd, i, pidx; - struct mbuf *m, *mh, **ifsd_m; + int ntxd, pidx; + struct mbuf *m, **ifsd_m; + bus_dmamap_t *ifsd_map; - pidx = txq->ift_pidx; ifsd_m = txq->ift_sds.ifsd_m; ntxd = txq->ift_size; - mh = m = ifsd_m[pidx]; + pidx = txq->ift_pidx & (ntxd - 1); + ifsd_m = txq->ift_sds.ifsd_m; + ifsd_map = txq->ift_sds.ifsd_map; + m = ifsd_m[pidx]; ifsd_m[pidx] = NULL; + bus_dmamap_unload(txq->ift_desc_tag, ifsd_map[pidx]); #if MEMORY_LOGGING txq->ift_dequeued++; #endif - i = 1; - - while (m) { - ifsd_m[(pidx + i) & (ntxd -1)] = NULL; -#if MEMORY_LOGGING - txq->ift_dequeued++; -#endif - m = m->m_next; - i++; - } - return (mh); -} - -static int -iflib_busdma_load_mbuf_sg(iflib_txq_t txq, bus_dma_tag_t tag, bus_dmamap_t map, - struct mbuf **m0, bus_dma_segment_t *segs, int *nsegs, - int max_segs, int flags) -{ - if_ctx_t ctx; - if_shared_ctx_t sctx; - if_softc_ctx_t scctx; - int i, next, pidx, err, ntxd, count; - struct mbuf *m, *tmp, **ifsd_m; - - m = *m0; - - /* - * Please don't ever do this - */ - MPASS(__predict_true(m->m_len > 0)); - - ctx = txq->ift_ctx; - sctx = ctx->ifc_sctx; - scctx = &ctx->ifc_softc_ctx; - ifsd_m = txq->ift_sds.ifsd_m; - ntxd = txq->ift_size; - pidx = txq->ift_pidx; - if (map != NULL) { - uint8_t *ifsd_flags = txq->ift_sds.ifsd_flags; - - err = bus_dmamap_load_mbuf_sg(tag, map, - *m0, segs, nsegs, BUS_DMA_NOWAIT); - if (err) - return (err); - ifsd_flags[pidx] |= TX_SW_DESC_MAPPED; - count = 0; - m = *m0; - do { - if (__predict_false(m->m_len <= 0)) { - tmp = m; - m = m->m_next; - tmp->m_next = NULL; - m_free(tmp); - continue; - } - m = m->m_next; - count++; - } while (m != NULL); - if (count > *nsegs) { - ifsd_m[pidx] = *m0; - ifsd_m[pidx]->m_flags |= M_TOOBIG; - return (0); - } - m = *m0; - count = 0; - do { - next = (pidx + count) & (ntxd-1); - MPASS(ifsd_m[next] == NULL); - ifsd_m[next] = m; - count++; - tmp = m; - m = m->m_next; - } while (m != NULL); - } else { - int buflen, sgsize, maxsegsz, max_sgsize; - vm_offset_t vaddr; - vm_paddr_t curaddr; - - count = i = 0; - m = *m0; - if (m->m_pkthdr.csum_flags & CSUM_TSO) - maxsegsz = scctx->isc_tx_tso_segsize_max; - else - maxsegsz = sctx->isc_tx_maxsegsize; - - do { - if (__predict_false(m->m_len <= 0)) { - tmp = m; - m = m->m_next; - tmp->m_next = NULL; - m_free(tmp); - continue; - } - buflen = m->m_len; - vaddr = (vm_offset_t)m->m_data; - /* - * see if we can't be smarter about physically - * contiguous mappings - */ - next = (pidx + count) & (ntxd-1); - MPASS(ifsd_m[next] == NULL); -#if MEMORY_LOGGING - txq->ift_enqueued++; -#endif - ifsd_m[next] = m; - while (buflen > 0) { - if (i >= max_segs) - goto err; - max_sgsize = MIN(buflen, maxsegsz); - curaddr = pmap_kextract(vaddr); - sgsize = PAGE_SIZE - (curaddr & PAGE_MASK); - sgsize = MIN(sgsize, max_sgsize); - segs[i].ds_addr = curaddr; - segs[i].ds_len = sgsize; - vaddr += sgsize; - buflen -= sgsize; - i++; - } - count++; - tmp = m; - m = m->m_next; - } while (m != NULL); - *nsegs = i; - } - return (0); -err: - *m0 = iflib_remove_mbuf(txq); - return (EFBIG); + return (m); } static inline caddr_t @@ -3282,7 +3092,7 @@ iflib_encap(iflib_txq_t txq, struct mbuf **m_headp) if_shared_ctx_t sctx; if_softc_ctx_t scctx; bus_dma_segment_t *segs; - struct mbuf *m_head; + struct mbuf *m_head, **ifsd_m; void *next_txd; bus_dmamap_t map; struct if_pkt_info pi; @@ -3312,13 +3122,11 @@ iflib_encap(iflib_txq_t txq, struct mbuf **m_headp) /* prefetch the next cache line of mbuf pointers and flags */ prefetch(&txq->ift_sds.ifsd_m[next]); - if (txq->ift_sds.ifsd_map != NULL) { - prefetch(&txq->ift_sds.ifsd_map[next]); - next = (cidx + CACHE_LINE_SIZE) & (ntxd-1); - prefetch(&txq->ift_sds.ifsd_flags[next]); - } - } else if (txq->ift_sds.ifsd_map != NULL) - map = txq->ift_sds.ifsd_map[pidx]; + prefetch(&txq->ift_sds.ifsd_map[next]); + next = (cidx + CACHE_LINE_SIZE) & (ntxd-1); + } + map = txq->ift_sds.ifsd_map[pidx]; + ifsd_m = txq->ift_sds.ifsd_m; if (m_head->m_pkthdr.csum_flags & CSUM_TSO) { desc_tag = txq->ift_tso_desc_tag; @@ -3357,7 +3165,8 @@ iflib_encap(iflib_txq_t txq, struct mbuf **m_headp) } retry: - err = iflib_busdma_load_mbuf_sg(txq, desc_tag, map, m_headp, segs, &nsegs, max_segs, BUS_DMA_NOWAIT); + err = bus_dmamap_load_mbuf_sg(desc_tag, map, m_head, segs, &nsegs, + BUS_DMA_NOWAIT); defrag: if (__predict_false(err)) { switch (err) { @@ -3394,7 +3203,7 @@ defrag: DBG_COUNTER_INC(encap_txd_encap_fail); return (err); } - + ifsd_m[pidx] = m_head; /* * XXX assumes a 1 to 1 relationship between segments and * descriptors - this does not hold true on all drivers, e.g. @@ -3402,8 +3211,7 @@ defrag: */ if (__predict_false(nsegs + 2 > TXQ_AVAIL(txq))) { txq->ift_no_desc_avail++; - if (map != NULL) - bus_dmamap_unload(desc_tag, map); + bus_dmamap_unload(desc_tag, map); DBG_COUNTER_INC(encap_txq_avail_fail); DBG_COUNTER_INC(encap_txd_encap_fail); if ((txq->ift_task.gt_task.ta_flags & TASK_ENQUEUED) == 0) @@ -3430,12 +3238,10 @@ defrag: #ifdef PKT_DEBUG print_pkt(&pi); #endif - if (map != NULL) - bus_dmamap_sync(desc_tag, map, BUS_DMASYNC_PREWRITE); + bus_dmamap_sync(desc_tag, map, BUS_DMASYNC_PREWRITE); if ((err = ctx->isc_txd_encap(ctx->ifc_softc, &pi)) == 0) { - if (map != NULL) - bus_dmamap_sync(txq->ift_ifdi->idi_tag, txq->ift_ifdi->idi_map, - BUS_DMASYNC_PREREAD | BUS_DMASYNC_PREWRITE); + bus_dmamap_sync(txq->ift_ifdi->idi_tag, txq->ift_ifdi->idi_map, + BUS_DMASYNC_PREREAD | BUS_DMASYNC_PREWRITE); DBG_COUNTER_INC(tx_encap); MPASS(pi.ipi_new_pidx < txq->ift_size); @@ -3489,10 +3295,8 @@ defrag_failed: static void iflib_tx_desc_free(iflib_txq_t txq, int n) { - int hasmap; uint32_t qsize, cidx, mask, gen; struct mbuf *m, **ifsd_m; - uint8_t *ifsd_flags; bus_dmamap_t *ifsd_map; bool do_prefetch; @@ -3500,8 +3304,6 @@ iflib_tx_desc_free(iflib_txq_t txq, int n) gen = txq->ift_gen; qsize = txq->ift_size; mask = qsize-1; - hasmap = txq->ift_sds.ifsd_map != NULL; - ifsd_flags = txq->ift_sds.ifsd_flags; ifsd_m = txq->ift_sds.ifsd_m; ifsd_map = txq->ift_sds.ifsd_map; do_prefetch = (txq->ift_ctx->ifc_flags & IFC_PREFETCH); @@ -3511,35 +3313,17 @@ iflib_tx_desc_free(iflib_txq_t txq, int n) prefetch(ifsd_m[(cidx + 3) & mask]); prefetch(ifsd_m[(cidx + 4) & mask]); } - if (ifsd_m[cidx] != NULL) { + if ((m = ifsd_m[cidx]) != NULL) { prefetch(&ifsd_m[(cidx + CACHE_PTR_INCREMENT) & mask]); - prefetch(&ifsd_flags[(cidx + CACHE_PTR_INCREMENT) & mask]); - if (hasmap && (ifsd_flags[cidx] & TX_SW_DESC_MAPPED)) { - /* - * does it matter if it's not the TSO tag? If so we'll - * have to add the type to flags - */ - bus_dmamap_unload(txq->ift_desc_tag, ifsd_map[cidx]); - ifsd_flags[cidx] &= ~TX_SW_DESC_MAPPED; - } - if ((m = ifsd_m[cidx]) != NULL) { - /* XXX we don't support any drivers that batch packets yet */ - MPASS(m->m_nextpkt == NULL); - /* if the number of clusters exceeds the number of segments - * there won't be space on the ring to save a pointer to each - * cluster so we simply free the list here - */ - if (m->m_flags & M_TOOBIG) { - m_freem(m); - } else { - m_free(m); - } - ifsd_m[cidx] = NULL; + bus_dmamap_unload(txq->ift_desc_tag, ifsd_map[cidx]); + /* XXX we don't support any drivers that batch packets yet */ + MPASS(m->m_nextpkt == NULL); + m_freem(m); + ifsd_m[cidx] = NULL; #if MEMORY_LOGGING - txq->ift_dequeued++; + txq->ift_dequeued++; #endif - DBG_COUNTER_INC(tx_frees); - } + DBG_COUNTER_INC(tx_frees); } if (__predict_false(++cidx == qsize)) { cidx = 0; @@ -4539,14 +4323,6 @@ iflib_device_register(device_t dev, void *sc, if_shared_ctx_t sctx, if_ctx_t *ct if (scctx->isc_nrxqsets == 0 || (scctx->isc_nrxqsets_max && scctx->isc_nrxqsets_max < scctx->isc_nrxqsets)) scctx->isc_nrxqsets = scctx->isc_nrxqsets_max; -#ifdef ACPI_DMAR - if (dmar_get_dma_tag(device_get_parent(dev), dev) != NULL) - ctx->ifc_flags |= IFC_DMAR; -#elif !(defined(__i386__) || defined(__amd64__)) - /* set unconditionally for !x86 */ - ctx->ifc_flags |= IFC_DMAR; -#endif - main_txq = (sctx->isc_flags & IFLIB_HAS_TXCQ) ? 1 : 0; main_rxq = (sctx->isc_flags & IFLIB_HAS_RXCQ) ? 1 : 0; diff --git a/sys/net/iflib_private.h b/sys/net/iflib_private.h index 508a327c03dc..341deb43d7bf 100644 --- a/sys/net/iflib_private.h +++ b/sys/net/iflib_private.h @@ -34,7 +34,7 @@ #define IFC_LEGACY 0x001 #define IFC_QFLUSH 0x002 #define IFC_MULTISEG 0x004 -#define IFC_DMAR 0x008 +#define IFC_SPARE1 0x008 #define IFC_SC_ALLOCATED 0x010 #define IFC_INIT_DONE 0x020 #define IFC_PREFETCH 0x040 diff --git a/sys/net/netmap.h b/sys/net/netmap.h index 5c756526fb34..f3688fc9e919 100644 --- a/sys/net/netmap.h +++ b/sys/net/netmap.h @@ -41,9 +41,9 @@ #ifndef _NET_NETMAP_H_ #define _NET_NETMAP_H_ -#define NETMAP_API 12 /* current API version */ +#define NETMAP_API 13 /* current API version */ -#define NETMAP_MIN_API 11 /* min and max versions accepted */ +#define NETMAP_MIN_API 13 /* min and max versions accepted */ #define NETMAP_MAX_API 15 /* * Some fields should be cache-aligned to reduce contention. @@ -333,12 +333,17 @@ struct netmap_ring { */ /* - * check if space is available in the ring. + * Check if space is available in the ring. We use ring->head, which + * points to the next netmap slot to be published to netmap. It is + * possible that the applications moves ring->cur ahead of ring->tail + * (e.g., by setting ring->cur <== ring->tail), if it wants more slots + * than the ones currently available, and it wants to be notified when + * more arrive. See netmap(4) for more details and examples. */ static inline int nm_ring_empty(struct netmap_ring *ring) { - return (ring->cur == ring->tail); + return (ring->head == ring->tail); } /* @@ -479,6 +484,10 @@ struct nmreq_option { * !=0: errno value */ uint32_t nro_status; + /* Option size, used only for options that can have variable size + * (e.g. because they contain arrays). For fixed-size options this + * field should be set to zero. */ + uint64_t nro_size; }; /* Header common to all requests. Do not reorder these fields, as we need @@ -518,12 +527,32 @@ enum { NETMAP_REQ_VALE_POLLING_DISABLE, /* Get info about the pools of a memory allocator. */ NETMAP_REQ_POOLS_INFO_GET, + /* Start an in-kernel loop that syncs the rings periodically or + * on notifications. The loop runs in the context of the ioctl + * syscall, and only stops on NETMAP_REQ_SYNC_KLOOP_STOP. */ + NETMAP_REQ_SYNC_KLOOP_START, + /* Stops the thread executing the in-kernel loop. The thread + * returns from the ioctl syscall. */ + NETMAP_REQ_SYNC_KLOOP_STOP, + /* Enable CSB mode on a registered netmap control device. */ + NETMAP_REQ_CSB_ENABLE, }; enum { /* On NETMAP_REQ_REGISTER, ask netmap to use memory allocated * from user-space allocated memory pools (e.g. hugepages). */ NETMAP_REQ_OPT_EXTMEM = 1, + + /* ON NETMAP_REQ_SYNC_KLOOP_START, ask netmap to use eventfd-based + * notifications to synchronize the kernel loop with the application. + */ + NETMAP_REQ_OPT_SYNC_KLOOP_EVENTFDS, + + /* On NETMAP_REQ_REGISTER, ask netmap to work in CSB mode, where + * head, cur and tail pointers are not exchanged through the + * struct netmap_ring header, but rather using an user-provided + * memory area (see struct nm_csb_atok and struct nm_csb_ktoa). */ + NETMAP_REQ_OPT_CSB, }; /* @@ -541,6 +570,7 @@ struct nmreq_register { uint16_t nr_mem_id; /* id of the memory allocator */ uint16_t nr_ringid; /* ring(s) we care about */ uint32_t nr_mode; /* specify NR_REG_* modes */ + uint32_t nr_extra_bufs; /* number of requested extra buffers */ uint64_t nr_flags; /* additional flags (see below) */ /* monitors use nr_ringid and nr_mode to select the rings to monitor */ @@ -549,9 +579,7 @@ struct nmreq_register { #define NR_ZCOPY_MON 0x400 /* request exclusive access to the selected rings */ #define NR_EXCLUSIVE 0x800 -/* request ptnetmap host support */ -#define NR_PASSTHROUGH_HOST NR_PTNETMAP_HOST /* deprecated */ -#define NR_PTNETMAP_HOST 0x1000 +/* 0x1000 unused */ #define NR_RX_RINGS_ONLY 0x2000 #define NR_TX_RINGS_ONLY 0x4000 /* Applications set this flag if they are able to deal with virtio-net headers, @@ -564,8 +592,6 @@ struct nmreq_register { * NETMAP_DO_RX_POLL. */ #define NR_DO_RX_POLL 0x10000 #define NR_NO_TX_POLL 0x20000 - - uint32_t nr_extra_bufs; /* number of requested extra buffers */ }; /* Valid values for nmreq_register.nr_mode (see above). */ @@ -576,10 +602,11 @@ enum { NR_REG_DEFAULT = 0, /* backward compat, should not be used. */ NR_REG_ONE_NIC = 4, NR_REG_PIPE_MASTER = 5, /* deprecated, use "x{y" port name syntax */ NR_REG_PIPE_SLAVE = 6, /* deprecated, use "x}y" port name syntax */ + NR_REG_NULL = 7, }; /* A single ioctl number is shared by all the new API command. - * Demultiplexing is done using the nr_hdr.nr_reqtype field. + * Demultiplexing is done using the hdr.nr_reqtype field. * FreeBSD uses the size value embedded in the _IOWR to determine * how much to copy in/out, so we define the ioctl() command * specifying only nmreq_header, and copyin/copyout the rest. */ @@ -595,16 +622,18 @@ enum { NR_REG_DEFAULT = 0, /* backward compat, should not be used. */ /* * nr_reqtype: NETMAP_REQ_PORT_INFO_GET * Get information about a netmap port, including number of rings. - * slots per ring, id of the memory allocator, etc. + * slots per ring, id of the memory allocator, etc. The netmap + * control device used for this operation does not need to be bound + * to a netmap port. */ struct nmreq_port_info_get { - uint64_t nr_offset; /* nifp offset in the shared region */ uint64_t nr_memsize; /* size of the shared region */ uint32_t nr_tx_slots; /* slots in tx rings */ uint32_t nr_rx_slots; /* slots in rx rings */ uint16_t nr_tx_rings; /* number of tx rings */ uint16_t nr_rx_rings; /* number of rx rings */ - uint16_t nr_mem_id; /* id of the memory allocator */ + uint16_t nr_mem_id; /* memory allocator id (in/out) */ + uint16_t pad1; }; #define NM_BDG_NAME "vale" /* prefix for bridge port name */ @@ -620,6 +649,7 @@ struct nmreq_port_info_get { struct nmreq_vale_attach { struct nmreq_register reg; uint32_t port_index; + uint32_t pad1; }; /* @@ -630,6 +660,7 @@ struct nmreq_vale_attach { */ struct nmreq_vale_detach { uint32_t port_index; + uint32_t pad1; }; /* @@ -639,15 +670,18 @@ struct nmreq_vale_detach { struct nmreq_vale_list { /* Name of the VALE port (valeXXX:YYY) or empty. */ uint16_t nr_bridge_idx; + uint16_t pad1; uint32_t nr_port_idx; }; /* * nr_reqtype: NETMAP_REQ_PORT_HDR_SET or NETMAP_REQ_PORT_HDR_GET - * Set the port header length. + * Set or get the port header length of the port identified by hdr.nr_name. + * The control device does not need to be bound to a netmap port. */ struct nmreq_port_hdr { uint32_t nr_hdr_len; + uint32_t pad1; }; /* @@ -660,6 +694,7 @@ struct nmreq_vale_newif { uint16_t nr_tx_rings; /* number of tx rings */ uint16_t nr_rx_rings; /* number of rx rings */ uint16_t nr_mem_id; /* id of the memory allocator */ + uint16_t pad1; }; /* @@ -672,17 +707,20 @@ struct nmreq_vale_polling { #define NETMAP_POLLING_MODE_MULTI_CPU 2 uint32_t nr_first_cpu_id; uint32_t nr_num_polling_cpus; + uint32_t pad1; }; /* * nr_reqtype: NETMAP_REQ_POOLS_INFO_GET - * Get info about the pools of the memory allocator of the port bound - * to a given netmap control device (used i.e. by a ptnetmap-enabled - * hypervisor). The nr_hdr.nr_name field is ignored. + * Get info about the pools of the memory allocator of the netmap + * port specified by hdr.nr_name and nr_mem_id. The netmap control + * device used for this operation does not need to be bound to a netmap + * port. */ struct nmreq_pools_info { uint64_t nr_memsize; - uint16_t nr_mem_id; + uint16_t nr_mem_id; /* in/out argument */ + uint16_t pad1[3]; uint64_t nr_if_pool_offset; uint32_t nr_if_pool_objtotal; uint32_t nr_if_pool_objsize; @@ -695,13 +733,152 @@ struct nmreq_pools_info { }; /* + * nr_reqtype: NETMAP_REQ_SYNC_KLOOP_START + * Start an in-kernel loop that syncs the rings periodically or on + * notifications. The loop runs in the context of the ioctl syscall, + * and only stops on NETMAP_REQ_SYNC_KLOOP_STOP. + * The registered netmap port must be open in CSB mode. + */ +struct nmreq_sync_kloop_start { + /* Sleeping is the default synchronization method for the kloop. + * The 'sleep_us' field specifies how many microsconds to sleep for + * when there is no work to do, before doing another kloop iteration. + */ + uint32_t sleep_us; + uint32_t pad1; +}; + +/* A CSB entry for the application --> kernel direction. */ +struct nm_csb_atok { + uint32_t head; /* AW+ KR+ the head of the appl netmap_ring */ + uint32_t cur; /* AW+ KR+ the cur of the appl netmap_ring */ + uint32_t appl_need_kick; /* AW+ KR+ kern --> appl notification enable */ + uint32_t sync_flags; /* AW+ KR+ the flags of the appl [tx|rx]sync() */ + uint32_t pad[12]; /* pad to a 64 bytes cacheline */ +}; + +/* A CSB entry for the application <-- kernel direction. */ +struct nm_csb_ktoa { + uint32_t hwcur; /* AR+ KW+ the hwcur of the kern netmap_kring */ + uint32_t hwtail; /* AR+ KW+ the hwtail of the kern netmap_kring */ + uint32_t kern_need_kick; /* AR+ KW+ appl-->kern notification enable */ + uint32_t pad[13]; +}; + +#ifdef __linux__ + +#ifdef __KERNEL__ +#define nm_stst_barrier smp_wmb +#else /* !__KERNEL__ */ +static inline void nm_stst_barrier(void) +{ + /* A memory barrier with release semantic has the combined + * effect of a store-store barrier and a load-store barrier, + * which is fine for us. */ + __atomic_thread_fence(__ATOMIC_RELEASE); +} +#endif /* !__KERNEL__ */ + +#elif defined(__FreeBSD__) + +#ifdef _KERNEL +#define nm_stst_barrier atomic_thread_fence_rel +#else /* !_KERNEL */ +#include <stdatomic.h> +static inline void nm_stst_barrier(void) +{ + atomic_thread_fence(memory_order_release); +} +#endif /* !_KERNEL */ + +#else /* !__linux__ && !__FreeBSD__ */ +#error "OS not supported" +#endif /* !__linux__ && !__FreeBSD__ */ + +/* Application side of sync-kloop: Write ring pointers (cur, head) to the CSB. + * This routine is coupled with sync_kloop_kernel_read(). */ +static inline void +nm_sync_kloop_appl_write(struct nm_csb_atok *atok, uint32_t cur, + uint32_t head) +{ + /* + * We need to write cur and head to the CSB but we cannot do it atomically. + * There is no way we can prevent the host from reading the updated value + * of one of the two and the old value of the other. However, if we make + * sure that the host never reads a value of head more recent than the + * value of cur we are safe. We can allow the host to read a value of cur + * more recent than the value of head, since in the netmap ring cur can be + * ahead of head and cur cannot wrap around head because it must be behind + * tail. Inverting the order of writes below could instead result into the + * host to think head went ahead of cur, which would cause the sync + * prologue to fail. + * + * The following memory barrier scheme is used to make this happen: + * + * Guest Host + * + * STORE(cur) LOAD(head) + * mb() <-----------> mb() + * STORE(head) LOAD(cur) + * + */ + atok->cur = cur; + nm_stst_barrier(); + atok->head = head; +} + +/* Application side of sync-kloop: Read kring pointers (hwcur, hwtail) from + * the CSB. This routine is coupled with sync_kloop_kernel_write(). */ +static inline void +nm_sync_kloop_appl_read(struct nm_csb_ktoa *ktoa, uint32_t *hwtail, + uint32_t *hwcur) +{ + /* + * We place a memory barrier to make sure that the update of hwtail never + * overtakes the update of hwcur. + * (see explanation in sync_kloop_kernel_write). + */ + *hwtail = ktoa->hwtail; + nm_stst_barrier(); + *hwcur = ktoa->hwcur; +} + +/* * data for NETMAP_REQ_OPT_* options */ +struct nmreq_opt_sync_kloop_eventfds { + struct nmreq_option nro_opt; /* common header */ + /* An array of N entries for bidirectional notifications between + * the kernel loop and the application. The number of entries and + * their order must agree with the CSB arrays passed in the + * NETMAP_REQ_OPT_CSB option. Each entry contains a file descriptor + * backed by an eventfd. + */ + struct { + /* Notifier for the application --> kernel loop direction. */ + int32_t ioeventfd; + /* Notifier for the kernel loop --> application direction. */ + int32_t irqfd; + } eventfds[0]; +}; + struct nmreq_opt_extmem { struct nmreq_option nro_opt; /* common header */ uint64_t nro_usrptr; /* (in) ptr to usr memory */ struct nmreq_pools_info nro_info; /* (in/out) */ }; +struct nmreq_opt_csb { + struct nmreq_option nro_opt; + + /* Array of CSB entries for application --> kernel communication + * (N entries). */ + uint64_t csb_atok; + + /* Array of CSB entries for kernel --> application communication + * (N entries). */ + uint64_t csb_ktoa; +}; + #endif /* _NET_NETMAP_H_ */ diff --git a/sys/net/netmap_user.h b/sys/net/netmap_user.h index a86bcb6b6e3e..e9ce9c43e278 100644 --- a/sys/net/netmap_user.h +++ b/sys/net/netmap_user.h @@ -138,11 +138,12 @@ nm_tx_pending(struct netmap_ring *r) return nm_ring_next(r, r->tail) != r->head; } - +/* Compute the number of slots available in the netmap ring. We use + * ring->head as explained in the comment above nm_ring_empty(). */ static inline uint32_t nm_ring_space(struct netmap_ring *ring) { - int ret = ring->tail - ring->cur; + int ret = ring->tail - ring->head; if (ret < 0) ret += ring->num_slots; return ret; @@ -1091,18 +1092,36 @@ nm_dispatch(struct nm_desc *d, int cnt, nm_cb_t cb, u_char *arg) ring = NETMAP_RXRING(d->nifp, ri); for ( ; !nm_ring_empty(ring) && cnt != got; got++) { u_int idx, i; + u_char *oldbuf; + struct netmap_slot *slot; if (d->hdr.buf) { /* from previous round */ cb(arg, &d->hdr, d->hdr.buf); } i = ring->cur; - idx = ring->slot[i].buf_idx; + slot = &ring->slot[i]; + idx = slot->buf_idx; /* d->cur_rx_ring doesn't change inside this loop, but * set it here, so it reflects d->hdr.buf's ring */ d->cur_rx_ring = ri; - d->hdr.slot = &ring->slot[i]; - d->hdr.buf = (u_char *)NETMAP_BUF(ring, idx); + d->hdr.slot = slot; + oldbuf = d->hdr.buf = (u_char *)NETMAP_BUF(ring, idx); // __builtin_prefetch(buf); - d->hdr.len = d->hdr.caplen = ring->slot[i].len; + d->hdr.len = d->hdr.caplen = slot->len; + while (slot->flags & NS_MOREFRAG) { + u_char *nbuf; + u_int oldlen = slot->len; + i = nm_ring_next(ring, i); + slot = &ring->slot[i]; + d->hdr.len += slot->len; + nbuf = (u_char *)NETMAP_BUF(ring, slot->buf_idx); + if (oldbuf != NULL && nbuf - oldbuf == ring->nr_buf_size && + oldlen == ring->nr_buf_size) { + d->hdr.caplen += slot->len; + oldbuf = nbuf; + } else { + oldbuf = NULL; + } + } d->hdr.ts = ring->ts; ring->head = ring->cur = nm_ring_next(ring, i); } diff --git a/sys/net/netmap_virt.h b/sys/net/netmap_virt.h index 1b8b26cc9fd3..07e551aff009 100644 --- a/sys/net/netmap_virt.h +++ b/sys/net/netmap_virt.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2013-2016 Luigi Rizzo * Copyright (C) 2013-2016 Giuseppe Lettieri - * Copyright (C) 2013-2016 Vincenzo Maffione + * Copyright (C) 2013-2018 Vincenzo Maffione * Copyright (C) 2015 Stefano Garzarella * All rights reserved. * @@ -33,14 +33,15 @@ #define NETMAP_VIRT_H /* - * ptnetmap_memdev: device used to expose memory into the guest VM + * Register offsets and other macros for the ptnetmap paravirtual devices: + * ptnetmap-memdev: device used to expose memory into the guest + * ptnet: paravirtualized NIC exposing a netmap port in the guest * * These macros are used in the hypervisor frontend (QEMU, bhyve) and in the * guest device driver. */ -/* PCI identifiers and PCI BARs for the ptnetmap memdev - * and ptnetmap network interface. */ +/* PCI identifiers and PCI BARs for ptnetmap-memdev and ptnet. */ #define PTNETMAP_MEMDEV_NAME "ptnetmap-memdev" #define PTNETMAP_PCI_VENDOR_ID 0x1b36 /* QEMU virtual devices */ #define PTNETMAP_PCI_DEVICE_ID 0x000c /* memory device */ @@ -49,7 +50,7 @@ #define PTNETMAP_MEM_PCI_BAR 1 #define PTNETMAP_MSIX_PCI_BAR 2 -/* Registers for the ptnetmap memdev */ +/* Device registers for ptnetmap-memdev */ #define PTNET_MDEV_IO_MEMSIZE_LO 0 /* netmap memory size (low) */ #define PTNET_MDEV_IO_MEMSIZE_HI 4 /* netmap_memory_size (high) */ #define PTNET_MDEV_IO_MEMID 8 /* memory allocator ID in the host */ @@ -64,74 +65,10 @@ #define PTNET_MDEV_IO_BUF_POOL_OBJSZ 96 #define PTNET_MDEV_IO_END 100 -/* - * ptnetmap configuration - * - * The ptnet kthreads (running in host kernel-space) need to be configured - * in order to know how to intercept guest kicks (I/O register writes) and - * how to inject MSI-X interrupts to the guest. The configuration may vary - * depending on the hypervisor. Currently, we support QEMU/KVM on Linux and - * and bhyve on FreeBSD. - * The configuration is passed by the hypervisor to the host netmap module - * by means of an ioctl() with nr_cmd=NETMAP_PT_HOST_CREATE, and it is - * specified by the ptnetmap_cfg struct. This struct contains an header - * with general informations and an array of entries whose size depends - * on the hypervisor. The NETMAP_PT_HOST_CREATE command is issued every - * time the kthreads are started. - */ -struct ptnetmap_cfg { -#define PTNETMAP_CFGTYPE_QEMU 0x1 -#define PTNETMAP_CFGTYPE_BHYVE 0x2 - uint16_t cfgtype; /* how to interpret the cfg entries */ - uint16_t entry_size; /* size of a config entry */ - uint32_t num_rings; /* number of config entries */ - void *csb_gh; /* CSB for guest --> host communication */ - void *csb_hg; /* CSB for host --> guest communication */ - /* Configuration entries are allocated right after the struct. */ -}; - -/* Configuration of a ptnetmap ring for QEMU. */ -struct ptnetmap_cfgentry_qemu { - uint32_t ioeventfd; /* to intercept guest register access */ - uint32_t irqfd; /* to inject guest interrupts */ -}; - -/* Configuration of a ptnetmap ring for bhyve. */ -struct ptnetmap_cfgentry_bhyve { - uint64_t wchan; /* tsleep() parameter, to wake up kthread */ - uint32_t ioctl_fd; /* ioctl fd */ - /* ioctl parameters to send irq */ - uint32_t ioctl_cmd; - /* vmm.ko MSIX parameters for IOCTL */ - struct { - uint64_t msg_data; - uint64_t addr; - } ioctl_data; -}; - -/* - * Pass a pointer to a userspace buffer to be passed to kernelspace for write - * or read. Used by NETMAP_PT_HOST_CREATE. - * XXX deprecated - */ -static inline void -nmreq_pointer_put(struct nmreq *nmr, void *userptr) -{ - uintptr_t *pp = (uintptr_t *)&nmr->nr_arg1; - *pp = (uintptr_t)userptr; -} - -static inline void * -nmreq_pointer_get(const struct nmreq *nmr) -{ - const uintptr_t *pp = (const uintptr_t *)&nmr->nr_arg1; - return (void *)*pp; -} - /* ptnetmap features */ #define PTNETMAP_F_VNET_HDR 1 -/* I/O registers for the ptnet device. */ +/* Device registers for the ptnet network device. */ #define PTNET_IO_PTFEAT 0 #define PTNET_IO_PTCTL 4 #define PTNET_IO_MAC_LO 8 @@ -153,140 +90,11 @@ nmreq_pointer_get(const struct nmreq *nmr) #define PTNET_IO_KICK_BASE 128 #define PTNET_IO_MASK 0xff -/* ptnetmap control commands (values for PTCTL register) */ +/* ptnet control commands (values for PTCTL register): + * - CREATE starts the host sync-kloop + * - DELETE stops the host sync-kloop + */ #define PTNETMAP_PTCTL_CREATE 1 #define PTNETMAP_PTCTL_DELETE 2 -/* ptnetmap synchronization variables shared between guest and host */ -struct ptnet_csb_gh { - uint32_t head; /* GW+ HR+ the head of the guest netmap_ring */ - uint32_t cur; /* GW+ HR+ the cur of the guest netmap_ring */ - uint32_t guest_need_kick; /* GW+ HR+ host-->guest notification enable */ - uint32_t sync_flags; /* GW+ HR+ the flags of the guest [tx|rx]sync() */ - char pad[48]; /* pad to a 64 bytes cacheline */ -}; -struct ptnet_csb_hg { - uint32_t hwcur; /* GR+ HW+ the hwcur of the host netmap_kring */ - uint32_t hwtail; /* GR+ HW+ the hwtail of the host netmap_kring */ - uint32_t host_need_kick; /* GR+ HW+ guest-->host notification enable */ - char pad[4+48]; -}; - -#ifdef WITH_PTNETMAP_GUEST - -/* ptnetmap_memdev routines used to talk with ptnetmap_memdev device driver */ -struct ptnetmap_memdev; -int nm_os_pt_memdev_iomap(struct ptnetmap_memdev *, vm_paddr_t *, void **, - uint64_t *); -void nm_os_pt_memdev_iounmap(struct ptnetmap_memdev *); -uint32_t nm_os_pt_memdev_ioread(struct ptnetmap_memdev *, unsigned int); - -/* Guest driver: Write kring pointers (cur, head) to the CSB. - * This routine is coupled with ptnetmap_host_read_kring_csb(). */ -static inline void -ptnetmap_guest_write_kring_csb(struct ptnet_csb_gh *ptr, uint32_t cur, - uint32_t head) -{ - /* - * We need to write cur and head to the CSB but we cannot do it atomically. - * There is no way we can prevent the host from reading the updated value - * of one of the two and the old value of the other. However, if we make - * sure that the host never reads a value of head more recent than the - * value of cur we are safe. We can allow the host to read a value of cur - * more recent than the value of head, since in the netmap ring cur can be - * ahead of head and cur cannot wrap around head because it must be behind - * tail. Inverting the order of writes below could instead result into the - * host to think head went ahead of cur, which would cause the sync - * prologue to fail. - * - * The following memory barrier scheme is used to make this happen: - * - * Guest Host - * - * STORE(cur) LOAD(head) - * mb() <-----------> mb() - * STORE(head) LOAD(cur) - */ - ptr->cur = cur; - mb(); - ptr->head = head; -} - -/* Guest driver: Read kring pointers (hwcur, hwtail) from the CSB. - * This routine is coupled with ptnetmap_host_write_kring_csb(). */ -static inline void -ptnetmap_guest_read_kring_csb(struct ptnet_csb_hg *pthg, struct netmap_kring *kring) -{ - /* - * We place a memory barrier to make sure that the update of hwtail never - * overtakes the update of hwcur. - * (see explanation in ptnetmap_host_write_kring_csb). - */ - kring->nr_hwtail = pthg->hwtail; - mb(); - kring->nr_hwcur = pthg->hwcur; -} - -#endif /* WITH_PTNETMAP_GUEST */ - -#ifdef WITH_PTNETMAP_HOST -/* - * ptnetmap kernel thread routines - * */ - -/* Functions to read and write CSB fields in the host */ -#if defined (linux) -#define CSB_READ(csb, field, r) (get_user(r, &csb->field)) -#define CSB_WRITE(csb, field, v) (put_user(v, &csb->field)) -#else /* ! linux */ -#define CSB_READ(csb, field, r) (r = fuword32(&csb->field)) -#define CSB_WRITE(csb, field, v) (suword32(&csb->field, v)) -#endif /* ! linux */ - -/* Host netmap: Write kring pointers (hwcur, hwtail) to the CSB. - * This routine is coupled with ptnetmap_guest_read_kring_csb(). */ -static inline void -ptnetmap_host_write_kring_csb(struct ptnet_csb_hg __user *ptr, uint32_t hwcur, - uint32_t hwtail) -{ - /* - * The same scheme used in ptnetmap_guest_write_kring_csb() applies here. - * We allow the guest to read a value of hwcur more recent than the value - * of hwtail, since this would anyway result in a consistent view of the - * ring state (and hwcur can never wraparound hwtail, since hwcur must be - * behind head). - * - * The following memory barrier scheme is used to make this happen: - * - * Guest Host - * - * STORE(hwcur) LOAD(hwtail) - * mb() <-------------> mb() - * STORE(hwtail) LOAD(hwcur) - */ - CSB_WRITE(ptr, hwcur, hwcur); - mb(); - CSB_WRITE(ptr, hwtail, hwtail); -} - -/* Host netmap: Read kring pointers (head, cur, sync_flags) from the CSB. - * This routine is coupled with ptnetmap_guest_write_kring_csb(). */ -static inline void -ptnetmap_host_read_kring_csb(struct ptnet_csb_gh __user *ptr, - struct netmap_ring *shadow_ring, - uint32_t num_slots) -{ - /* - * We place a memory barrier to make sure that the update of head never - * overtakes the update of cur. - * (see explanation in ptnetmap_guest_write_kring_csb). - */ - CSB_READ(ptr, head, shadow_ring->head); - mb(); - CSB_READ(ptr, cur, shadow_ring->cur); - CSB_READ(ptr, sync_flags, shadow_ring->flags); -} - -#endif /* WITH_PTNETMAP_HOST */ - #endif /* NETMAP_VIRT_H */ diff --git a/sys/net/route.h b/sys/net/route.h index 15ec1b3e9a38..c4333838e9af 100644 --- a/sys/net/route.h +++ b/sys/net/route.h @@ -251,6 +251,7 @@ struct rt_msghdr { u_char rtm_version; /* future binary compatibility */ u_char rtm_type; /* message type */ u_short rtm_index; /* index for associated ifp */ + u_short _rtm_spare1; int rtm_flags; /* flags, incl. kern & message, e.g. DONE */ int rtm_addrs; /* bitmask identifying sockaddrs in msg */ pid_t rtm_pid; /* identify sender */ diff --git a/sys/net/rtsock.c b/sys/net/rtsock.c index 407764ed263f..1ec038876f9a 100644 --- a/sys/net/rtsock.c +++ b/sys/net/rtsock.c @@ -83,6 +83,7 @@ struct if_msghdr32 { int32_t ifm_addrs; int32_t ifm_flags; uint16_t ifm_index; + uint16_t _ifm_spare1; struct if_data ifm_data; }; @@ -96,6 +97,7 @@ struct if_msghdrl32 { uint16_t _ifm_spare1; uint16_t ifm_len; uint16_t ifm_data_off; + uint32_t _ifm_spare2; struct if_data ifm_data; }; @@ -1219,8 +1221,11 @@ rtsock_msg_buffer(int type, struct rt_addrinfo *rtinfo, struct walkarg *w, int * dlen = ALIGN(len) - len; if (buflen < dlen) cp = NULL; - else + else { + bzero(cp, dlen); + cp += dlen; buflen -= dlen; + } } len = ALIGN(len); @@ -1554,6 +1559,8 @@ sysctl_dumpentry(struct radix_node *rn, void *vw) struct rt_addrinfo info; struct sockaddr_storage ss; + IFNET_RLOCK_NOSLEEP_ASSERT(); + if (w->w_op == NET_RT_FLAGS && !(rt->rt_flags & w->w_arg)) return 0; if ((rt->rt_flags & RTF_HOST) == 0 @@ -1566,7 +1573,7 @@ sysctl_dumpentry(struct radix_node *rn, void *vw) info.rti_info[RTAX_NETMASK] = rtsock_fix_netmask(rt_key(rt), rt_mask(rt), &ss); info.rti_info[RTAX_GENMASK] = 0; - if (rt->rt_ifp) { + if (rt->rt_ifp && !(rt->rt_ifp->if_flags & IFF_DYING)) { info.rti_info[RTAX_IFP] = rt->rt_ifp->if_addr->ifa_addr; info.rti_info[RTAX_IFA] = rt->rt_ifa->ifa_addr; if (rt->rt_ifp->if_flags & IFF_POINTOPOINT) @@ -1577,6 +1584,8 @@ sysctl_dumpentry(struct radix_node *rn, void *vw) if (w->w_req && w->w_tmem) { struct rt_msghdr *rtm = (struct rt_msghdr *)w->w_tmem; + bzero(&rtm->rtm_index, + sizeof(*rtm) - offsetof(struct rt_msghdr, rtm_index)); if (rt->rt_flags & RTF_GWFLAG_COMPAT) rtm->rtm_flags = RTF_GATEWAY | (rt->rt_flags & ~RTF_GWFLAG_COMPAT); @@ -1584,7 +1593,6 @@ sysctl_dumpentry(struct radix_node *rn, void *vw) rtm->rtm_flags = rt->rt_flags; rt_getmetrics(rt, &rtm->rtm_rmx); rtm->rtm_index = rt->rt_ifp->if_index; - rtm->rtm_errno = rtm->rtm_pid = rtm->rtm_seq = 0; rtm->rtm_addrs = info.rti_addrs; error = SYSCTL_OUT(w->w_req, (caddr_t)rtm, size); return (error); @@ -1612,6 +1620,7 @@ sysctl_iflist_ifml(struct ifnet *ifp, const struct if_data *src_ifd, ifm32->_ifm_spare1 = 0; ifm32->ifm_len = sizeof(*ifm32); ifm32->ifm_data_off = offsetof(struct if_msghdrl32, ifm_data); + ifm32->_ifm_spare2 = 0; ifd = &ifm32->ifm_data; } else #endif @@ -1622,6 +1631,7 @@ sysctl_iflist_ifml(struct ifnet *ifp, const struct if_data *src_ifd, ifm->_ifm_spare1 = 0; ifm->ifm_len = sizeof(*ifm); ifm->ifm_data_off = offsetof(struct if_msghdrl, ifm_data); + ifm->_ifm_spare2 = 0; ifd = &ifm->ifm_data; } @@ -1647,6 +1657,7 @@ sysctl_iflist_ifm(struct ifnet *ifp, const struct if_data *src_ifd, ifm32->ifm_addrs = info->rti_addrs; ifm32->ifm_flags = ifp->if_flags | ifp->if_drv_flags; ifm32->ifm_index = ifp->if_index; + ifm32->_ifm_spare1 = 0; ifd = &ifm32->ifm_data; } else #endif @@ -1654,6 +1665,7 @@ sysctl_iflist_ifm(struct ifnet *ifp, const struct if_data *src_ifd, ifm->ifm_addrs = info->rti_addrs; ifm->ifm_flags = ifp->if_flags | ifp->if_drv_flags; ifm->ifm_index = ifp->if_index; + ifm->_ifm_spare1 = 0; ifd = &ifm->ifm_data; } @@ -1722,6 +1734,7 @@ sysctl_iflist_ifam(struct ifaddr *ifa, struct rt_addrinfo *info, ifam->ifam_addrs = info->rti_addrs; ifam->ifam_flags = ifa->ifa_flags; ifam->ifam_index = ifa->ifa_ifp->if_index; + ifam->_ifam_spare1 = 0; ifam->ifam_metric = ifa->ifa_ifp->if_metric; return (SYSCTL_OUT(w->w_req, w->w_tmem, len)); @@ -1833,6 +1846,7 @@ sysctl_ifmalist(int af, struct walkarg *w) ifmam->ifmam_index = ifma->ifma_ifp->if_index; ifmam->ifmam_flags = 0; ifmam->ifmam_addrs = info.rti_addrs; + ifmam->_ifmam_spare1 = 0; error = SYSCTL_OUT(w->w_req, w->w_tmem, len); if (error != 0) break; @@ -1922,8 +1936,10 @@ sysctl_rtsock(SYSCTL_HANDLER_ARGS) rnh = rt_tables_get_rnh(fib, i); if (rnh != NULL) { RIB_RLOCK(rnh); + IFNET_RLOCK_NOSLEEP(); error = rnh->rnh_walktree(&rnh->head, sysctl_dumpentry, &w); + IFNET_RUNLOCK_NOSLEEP(); RIB_RUNLOCK(rnh); } else if (af != 0) error = EAFNOSUPPORT; diff --git a/sys/netgraph/ng_source.c b/sys/netgraph/ng_source.c index a82982db943f..da8f42381ac3 100644 --- a/sys/netgraph/ng_source.c +++ b/sys/netgraph/ng_source.c @@ -125,11 +125,14 @@ static int ng_source_dup_mod(sc_p, struct mbuf *, /* Parse type for timeval */ static const struct ng_parse_struct_field ng_source_timeval_type_fields[] = { -#ifdef __LP64__ +#ifdef __i386__ + { "tv_sec", &ng_parse_int32_type }, +#else { "tv_sec", &ng_parse_int64_type }, +#endif +#ifdef __LP64__ { "tv_usec", &ng_parse_int64_type }, #else - { "tv_sec", &ng_parse_int32_type }, { "tv_usec", &ng_parse_int32_type }, #endif { NULL } diff --git a/sys/netinet/cc/cc.h b/sys/netinet/cc/cc.h index 1389b27a335b..eeb360918f19 100644 --- a/sys/netinet/cc/cc.h +++ b/sys/netinet/cc/cc.h @@ -184,4 +184,6 @@ extern struct rwlock cc_list_lock; #define CC_LIST_WUNLOCK() rw_wunlock(&cc_list_lock) #define CC_LIST_LOCK_ASSERT() rw_assert(&cc_list_lock, RA_LOCKED) +#define CC_ALGOOPT_LIMIT 2048 + #endif /* _NETINET_CC_CC_H_ */ diff --git a/sys/netinet/in_pcb.c b/sys/netinet/in_pcb.c index 69d9fe13baaa..22c6adf4c99c 100644 --- a/sys/netinet/in_pcb.c +++ b/sys/netinet/in_pcb.c @@ -339,8 +339,7 @@ in_pcbinslbgrouphash(struct inpcb *inp) } #endif - idx = INP_PCBLBGROUP_PORTHASH(inp->inp_lport, - pcbinfo->ipi_lbgrouphashmask); + idx = INP_PCBPORTHASH(inp->inp_lport, pcbinfo->ipi_lbgrouphashmask); hdr = &pcbinfo->ipi_lbgrouphashbase[idx]; CK_LIST_FOREACH(grp, hdr, il_list) { if (grp->il_vflag == inp->inp_vflag && @@ -397,9 +396,7 @@ in_pcbremlbgrouphash(struct inpcb *inp) INP_HASH_WLOCK_ASSERT(pcbinfo); hdr = &pcbinfo->ipi_lbgrouphashbase[ - INP_PCBLBGROUP_PORTHASH(inp->inp_lport, - pcbinfo->ipi_lbgrouphashmask)]; - + INP_PCBPORTHASH(inp->inp_lport, pcbinfo->ipi_lbgrouphashmask)]; CK_LIST_FOREACH(grp, hdr, il_list) { for (i = 0; i < grp->il_inpcnt; ++i) { if (grp->il_inp[i] != inp) @@ -439,6 +436,8 @@ in_pcbinfo_init(struct inpcbinfo *pcbinfo, const char *name, char *inpcbzone_name, uma_init inpcbzone_init, u_int hashfields) { + porthash_nelements = imin(porthash_nelements, IPPORT_MAX + 1); + INP_INFO_LOCK_INIT(pcbinfo, name); INP_HASH_LOCK_INIT(pcbinfo, "pcbinfohash"); /* XXXRW: argument? */ INP_LIST_LOCK_INIT(pcbinfo, "pcbinfolist"); @@ -452,7 +451,7 @@ in_pcbinfo_init(struct inpcbinfo *pcbinfo, const char *name, &pcbinfo->ipi_hashmask); pcbinfo->ipi_porthashbase = hashinit(porthash_nelements, M_PCB, &pcbinfo->ipi_porthashmask); - pcbinfo->ipi_lbgrouphashbase = hashinit(hash_nelements, M_PCB, + pcbinfo->ipi_lbgrouphashbase = hashinit(porthash_nelements, M_PCB, &pcbinfo->ipi_lbgrouphashmask); #ifdef PCBGROUP in_pcbgroup_init(pcbinfo, hashfields, hash_nelements); @@ -1950,8 +1949,8 @@ in_pcblookup_lbgroup(const struct inpcbinfo *pcbinfo, INP_HASH_LOCK_ASSERT(pcbinfo); - hdr = &pcbinfo->ipi_lbgrouphashbase[INP_PCBLBGROUP_PORTHASH(lport, - pcbinfo->ipi_lbgrouphashmask)]; + hdr = &pcbinfo->ipi_lbgrouphashbase[ + INP_PCBPORTHASH(lport, pcbinfo->ipi_lbgrouphashmask)]; /* * Order of socket selection: diff --git a/sys/netinet/in_pcb.h b/sys/netinet/in_pcb.h index 6d2c86d5014e..ecbd7a220344 100644 --- a/sys/netinet/in_pcb.h +++ b/sys/netinet/in_pcb.h @@ -688,8 +688,6 @@ int inp_so_options(const struct inpcb *inp); (((faddr) ^ ((faddr) >> 16) ^ ntohs((lport) ^ (fport))) & (mask)) #define INP_PCBPORTHASH(lport, mask) \ (ntohs((lport)) & (mask)) -#define INP_PCBLBGROUP_PORTHASH(lport, mask) \ - (ntohs((lport)) & (mask)) #define INP_PCBLBGROUP_PKTHASH(faddr, lport, fport) \ ((faddr) ^ ((faddr) >> 16) ^ ntohs((lport) ^ (fport))) #define INP6_PCBHASHKEY(faddr) ((faddr)->s6_addr32[3]) diff --git a/sys/netinet/ip_fw.h b/sys/netinet/ip_fw.h index e49b9ad9c6c6..41351215f96e 100644 --- a/sys/netinet/ip_fw.h +++ b/sys/netinet/ip_fw.h @@ -708,6 +708,7 @@ struct _ipfw_dyn_rule { u_int32_t state; /* state of this rule (typically a * combination of TCP flags) */ +#define IPFW_DYN_ORPHANED 0x40000 /* state's parent rule was deleted */ u_int32_t ack_fwd; /* most recent ACKs in forward */ u_int32_t ack_rev; /* and reverse directions (used */ /* to generate keepalives) */ @@ -938,9 +939,10 @@ typedef struct _ipfw_range_tlv { #define IPFW_RCFLAG_RANGE 0x01 /* rule range is set */ #define IPFW_RCFLAG_ALL 0x02 /* match ALL rules */ #define IPFW_RCFLAG_SET 0x04 /* match rules in given set */ +#define IPFW_RCFLAG_DYNAMIC 0x08 /* match only dynamic states */ /* User-settable flags */ #define IPFW_RCFLAG_USER (IPFW_RCFLAG_RANGE | IPFW_RCFLAG_ALL | \ - IPFW_RCFLAG_SET) + IPFW_RCFLAG_SET | IPFW_RCFLAG_DYNAMIC) /* Internally used flags */ #define IPFW_RCFLAG_DEFAULT 0x0100 /* Do not skip defaul rule */ diff --git a/sys/netinet/tcp_usrreq.c b/sys/netinet/tcp_usrreq.c index f2ce35ae2962..d1b52f577486 100644 --- a/sys/netinet/tcp_usrreq.c +++ b/sys/netinet/tcp_usrreq.c @@ -1769,6 +1769,8 @@ tcp_default_ctloutput(struct socket *so, struct sockopt *sopt, struct inpcb *inp switch (sopt->sopt_name) { case TCP_CCALGOOPT: INP_WUNLOCK(inp); + if (sopt->sopt_valsize > CC_ALGOOPT_LIMIT) + return (EINVAL); pbuf = malloc(sopt->sopt_valsize, M_TEMP, M_WAITOK | M_ZERO); error = sooptcopyin(sopt, pbuf, sopt->sopt_valsize, sopt->sopt_valsize); diff --git a/sys/netinet6/in6_pcb.c b/sys/netinet6/in6_pcb.c index e4f9d947511b..417393ce7a53 100644 --- a/sys/netinet6/in6_pcb.c +++ b/sys/netinet6/in6_pcb.c @@ -880,8 +880,8 @@ in6_pcblookup_lbgroup(const struct inpcbinfo *pcbinfo, INP_HASH_LOCK_ASSERT(pcbinfo); - hdr = &pcbinfo->ipi_lbgrouphashbase[INP_PCBLBGROUP_PORTHASH( - lport, pcbinfo->ipi_lbgrouphashmask)]; + hdr = &pcbinfo->ipi_lbgrouphashbase[ + INP_PCBPORTHASH(lport, pcbinfo->ipi_lbgrouphashmask)]; /* * Order of socket selection: diff --git a/sys/netpfil/ipfw/ip_fw_dynamic.c b/sys/netpfil/ipfw/ip_fw_dynamic.c index 5035cadeafe0..d48af280f105 100644 --- a/sys/netpfil/ipfw/ip_fw_dynamic.c +++ b/sys/netpfil/ipfw/ip_fw_dynamic.c @@ -122,6 +122,12 @@ __FBSDID("$FreeBSD$"); (d)->bcnt_ ## dir += pktlen; \ } while (0) +#define DYN_REFERENCED 0x01 +/* + * DYN_REFERENCED flag is used to show that state keeps reference to named + * object, and this reference should be released when state becomes expired. + */ + struct dyn_data { void *parent; /* pointer to parent rule */ uint32_t chain_id; /* cached ruleset id */ @@ -129,7 +135,8 @@ struct dyn_data { uint32_t hashval; /* hash value used for hash resize */ uint16_t fibnum; /* fib used to send keepalives */ - uint8_t _pad[3]; + uint8_t _pad[2]; + uint8_t flags; /* internal flags */ uint8_t set; /* parent rule set number */ uint16_t rulenum; /* parent rule number */ uint32_t ruleid; /* parent rule id */ @@ -349,7 +356,6 @@ VNET_DEFINE_STATIC(uint32_t, dyn_short_lifetime); * dyn_rst_lifetime and dyn_fin_lifetime should be strictly lower * than dyn_keepalive_period. */ -#define DYN_KEEPALIVE_MAXQ 512 VNET_DEFINE_STATIC(uint32_t, dyn_keepalive_interval); VNET_DEFINE_STATIC(uint32_t, dyn_keepalive_period); VNET_DEFINE_STATIC(uint32_t, dyn_keepalive); @@ -709,6 +715,8 @@ dyn_destroy(struct ip_fw_chain *ch, struct named_object *no) IPFW_UH_WLOCK_ASSERT(ch); + KASSERT(no->etlv == IPFW_TLV_STATE_NAME, + ("%s: wrong object type %u", __func__, no->etlv)); KASSERT(no->refcnt == 1, ("Destroying object '%s' (type %u, idx %u) with refcnt %u", no->name, no->etlv, no->kidx, no->refcnt)); @@ -1398,20 +1406,29 @@ ipfw_dyn_lookup_state(const struct ip_fw_args *args, const void *ulp, * should be deleted by dyn_expire_states(). * * In case when dyn_keep_states is enabled, return - * pointer to default rule and corresponding f_pos - * value. - * XXX: In this case we lose the cache efficiency, - * since f_pos is not cached, because it seems - * there is no easy way to atomically switch - * all fields related to parent rule of given - * state. + * pointer to deleted rule and f_pos value + * corresponding to penultimate rule. + * When we have enabled V_dyn_keep_states, states + * that become orphaned will get the DYN_REFERENCED + * flag and rule will keep around. So we can return + * it. But since it is not in the rules map, we need + * return such f_pos value, so after the state + * handling if the search will continue, the next rule + * will be the last one - the default rule. */ if (V_layer3_chain.map[data->f_pos] == rule) { data->chain_id = V_layer3_chain.id; info->f_pos = data->f_pos; } else if (V_dyn_keep_states != 0) { - rule = V_layer3_chain.default_rule; - info->f_pos = V_layer3_chain.n_rules - 1; + /* + * The original rule pointer is still usable. + * So, we return it, but f_pos need to be + * changed to point to the penultimate rule. + */ + MPASS(V_layer3_chain.n_rules > 1); + data->chain_id = V_layer3_chain.id; + data->f_pos = V_layer3_chain.n_rules - 2; + info->f_pos = data->f_pos; } else { rule = NULL; info->direction = MATCH_NONE; @@ -2093,7 +2110,11 @@ dyn_free_states(struct ip_fw_chain *chain) } /* - * Returns 1 when state is matched by specified range, otherwise returns 0. + * Returns: + * 0 when state is not matched by specified range; + * 1 when state is matched by specified range; + * 2 when state is matched by specified range and requested deletion of + * dynamic states. */ static int dyn_match_range(uint16_t rulenum, uint8_t set, const ipfw_range_tlv *rt) @@ -2101,50 +2122,117 @@ dyn_match_range(uint16_t rulenum, uint8_t set, const ipfw_range_tlv *rt) MPASS(rt != NULL); /* flush all states */ - if (rt->flags & IPFW_RCFLAG_ALL) + if (rt->flags & IPFW_RCFLAG_ALL) { + if (rt->flags & IPFW_RCFLAG_DYNAMIC) + return (2); /* forced */ return (1); + } if ((rt->flags & IPFW_RCFLAG_SET) != 0 && set != rt->set) return (0); if ((rt->flags & IPFW_RCFLAG_RANGE) != 0 && (rulenum < rt->start_rule || rulenum > rt->end_rule)) return (0); + if (rt->flags & IPFW_RCFLAG_DYNAMIC) + return (2); return (1); } +static void +dyn_acquire_rule(struct ip_fw_chain *ch, struct dyn_data *data, + struct ip_fw *rule, uint16_t kidx) +{ + struct dyn_state_obj *obj; + + /* + * Do not acquire reference twice. + * This can happen when rule deletion executed for + * the same range, but different ruleset id. + */ + if (data->flags & DYN_REFERENCED) + return; + + IPFW_UH_WLOCK_ASSERT(ch); + MPASS(kidx != 0); + + data->flags |= DYN_REFERENCED; + /* Reference the named object */ + obj = SRV_OBJECT(ch, kidx); + obj->no.refcnt++; + MPASS(obj->no.etlv == IPFW_TLV_STATE_NAME); + + /* Reference the parent rule */ + rule->refcnt++; +} + +static void +dyn_release_rule(struct ip_fw_chain *ch, struct dyn_data *data, + struct ip_fw *rule, uint16_t kidx) +{ + struct dyn_state_obj *obj; + + IPFW_UH_WLOCK_ASSERT(ch); + MPASS(kidx != 0); + + obj = SRV_OBJECT(ch, kidx); + if (obj->no.refcnt == 1) + dyn_destroy(ch, &obj->no); + else + obj->no.refcnt--; + + if (--rule->refcnt == 1) + ipfw_free_rule(rule); +} + +/* + * We do not keep O_LIMIT_PARENT states when V_dyn_keep_states is enabled. + * O_LIMIT state is created when new connection is going to be established + * and there is no matching state. So, since the old parent rule was deleted + * we can't create new states with old parent, and thus we can not account + * new connections with already established connections, and can not do + * proper limiting. + */ static int -dyn_match_ipv4_state(struct dyn_ipv4_state *s, const ipfw_range_tlv *rt) +dyn_match_ipv4_state(struct ip_fw_chain *ch, struct dyn_ipv4_state *s, + const ipfw_range_tlv *rt) { + struct ip_fw *rule; + int ret; if (s->type == O_LIMIT_PARENT) return (dyn_match_range(s->limit->rulenum, s->limit->set, rt)); - if (s->type == O_LIMIT) - return (dyn_match_range(s->data->rulenum, s->data->set, rt)); - - if (V_dyn_keep_states == 0 && - dyn_match_range(s->data->rulenum, s->data->set, rt)) - return (1); + ret = dyn_match_range(s->data->rulenum, s->data->set, rt); + if (ret == 0 || V_dyn_keep_states == 0 || ret > 1) + return (ret); + rule = s->data->parent; + if (s->type == O_LIMIT) + rule = ((struct dyn_ipv4_state *)rule)->limit->parent; + dyn_acquire_rule(ch, s->data, rule, s->kidx); return (0); } #ifdef INET6 static int -dyn_match_ipv6_state(struct dyn_ipv6_state *s, const ipfw_range_tlv *rt) +dyn_match_ipv6_state(struct ip_fw_chain *ch, struct dyn_ipv6_state *s, + const ipfw_range_tlv *rt) { + struct ip_fw *rule; + int ret; if (s->type == O_LIMIT_PARENT) return (dyn_match_range(s->limit->rulenum, s->limit->set, rt)); - if (s->type == O_LIMIT) - return (dyn_match_range(s->data->rulenum, s->data->set, rt)); - - if (V_dyn_keep_states == 0 && - dyn_match_range(s->data->rulenum, s->data->set, rt)) - return (1); + ret = dyn_match_range(s->data->rulenum, s->data->set, rt); + if (ret == 0 || V_dyn_keep_states == 0 || ret > 1) + return (ret); + rule = s->data->parent; + if (s->type == O_LIMIT) + rule = ((struct dyn_ipv6_state *)rule)->limit->parent; + dyn_acquire_rule(ch, s->data, rule, s->kidx); return (0); } #endif @@ -2154,7 +2242,7 @@ dyn_match_ipv6_state(struct dyn_ipv6_state *s, const ipfw_range_tlv *rt) * @rt can be used to specify the range of states for deletion. */ static void -dyn_expire_states(struct ip_fw_chain *chain, ipfw_range_tlv *rt) +dyn_expire_states(struct ip_fw_chain *ch, ipfw_range_tlv *rt) { struct dyn_ipv4_slist expired_ipv4; #ifdef INET6 @@ -2162,8 +2250,11 @@ dyn_expire_states(struct ip_fw_chain *chain, ipfw_range_tlv *rt) struct dyn_ipv6_state *s6, *s6n, *s6p; #endif struct dyn_ipv4_state *s4, *s4n, *s4p; + void *rule; int bucket, removed, length, max_length; + IPFW_UH_WLOCK_ASSERT(ch); + /* * Unlink expired states from each bucket. * With acquired bucket lock iterate entries of each lists: @@ -2188,7 +2279,8 @@ dyn_expire_states(struct ip_fw_chain *chain, ipfw_range_tlv *rt) while (s != NULL) { \ next = CK_SLIST_NEXT(s, entry); \ if ((TIME_LEQ((s)->exp, time_uptime) && extra) || \ - (rt != NULL && dyn_match_ ## af ## _state(s, rt))) {\ + (rt != NULL && \ + dyn_match_ ## af ## _state(ch, s, rt))) { \ if (prev != NULL) \ CK_SLIST_REMOVE_AFTER(prev, entry); \ else \ @@ -2200,6 +2292,14 @@ dyn_expire_states(struct ip_fw_chain *chain, ipfw_range_tlv *rt) DYN_COUNT_DEC(dyn_parent_count); \ else { \ DYN_COUNT_DEC(dyn_count); \ + if (s->data->flags & DYN_REFERENCED) { \ + rule = s->data->parent; \ + if (s->type == O_LIMIT) \ + rule = ((__typeof(s)) \ + rule)->limit->parent;\ + dyn_release_rule(ch, s->data, \ + rule, s->kidx); \ + } \ if (s->type == O_LIMIT) { \ s = s->data->parent; \ DPARENT_COUNT_DEC(s->limit); \ @@ -2351,7 +2451,7 @@ dyn_send_keepalive_ipv4(struct ip_fw_chain *chain) struct dyn_ipv4_state *s; uint32_t bucket; - mbufq_init(&q, DYN_KEEPALIVE_MAXQ); + mbufq_init(&q, INT_MAX); IPFW_UH_RLOCK(chain); /* * It is safe to not use hazard pointer and just do lockless @@ -2458,7 +2558,7 @@ dyn_send_keepalive_ipv6(struct ip_fw_chain *chain) struct dyn_ipv6_state *s; uint32_t bucket; - mbufq_init(&q, DYN_KEEPALIVE_MAXQ); + mbufq_init(&q, INT_MAX); IPFW_UH_RLOCK(chain); /* * It is safe to not use hazard pointer and just do lockless @@ -2684,6 +2784,42 @@ ipfw_expire_dyn_states(struct ip_fw_chain *chain, ipfw_range_tlv *rt) } /* + * Pass through all states and reset eaction for orphaned rules. + */ +void +ipfw_dyn_reset_eaction(struct ip_fw_chain *ch, uint16_t eaction_id, + uint16_t default_id, uint16_t instance_id) +{ +#ifdef INET6 + struct dyn_ipv6_state *s6; +#endif + struct dyn_ipv4_state *s4; + struct ip_fw *rule; + uint32_t bucket; + +#define DYN_RESET_EACTION(s, h, b) \ + CK_SLIST_FOREACH(s, &V_dyn_ ## h[b], entry) { \ + if ((s->data->flags & DYN_REFERENCED) == 0) \ + continue; \ + rule = s->data->parent; \ + if (s->type == O_LIMIT) \ + rule = ((__typeof(s))rule)->limit->parent; \ + ipfw_reset_eaction(ch, rule, eaction_id, \ + default_id, instance_id); \ + } + + IPFW_UH_WLOCK_ASSERT(ch); + if (V_dyn_count == 0) + return; + for (bucket = 0; bucket < V_curr_dyn_buckets; bucket++) { + DYN_RESET_EACTION(s4, ipv4, bucket); +#ifdef INET6 + DYN_RESET_EACTION(s6, ipv6, bucket); +#endif + } +} + +/* * Returns size of dynamic states in legacy format */ int @@ -2695,11 +2831,40 @@ ipfw_dyn_len(void) /* * Returns number of dynamic states. + * Marks every named object index used by dynamic states with bit in @bmask. + * Returns number of named objects accounted in bmask via @nocnt. * Used by dump format v1 (current). */ uint32_t -ipfw_dyn_get_count(void) +ipfw_dyn_get_count(uint32_t *bmask, int *nocnt) { +#ifdef INET6 + struct dyn_ipv6_state *s6; +#endif + struct dyn_ipv4_state *s4; + uint32_t bucket; + +#define DYN_COUNT_OBJECTS(s, h, b) \ + CK_SLIST_FOREACH(s, &V_dyn_ ## h[b], entry) { \ + MPASS(s->kidx != 0); \ + if (ipfw_mark_object_kidx(bmask, IPFW_TLV_STATE_NAME, \ + s->kidx) != 0) \ + (*nocnt)++; \ + } + + IPFW_UH_RLOCK_ASSERT(&V_layer3_chain); + + /* No need to pass through all the buckets. */ + *nocnt = 0; + if (V_dyn_count + V_dyn_parent_count == 0) + return (0); + + for (bucket = 0; bucket < V_curr_dyn_buckets; bucket++) { + DYN_COUNT_OBJECTS(s4, ipv4, bucket); +#ifdef INET6 + DYN_COUNT_OBJECTS(s6, ipv6, bucket); +#endif + } return (V_dyn_count + V_dyn_parent_count); } @@ -2783,9 +2948,12 @@ dyn_export_data(const struct dyn_data *data, uint16_t kidx, uint8_t type, memcpy((char *)&dst->rule + sizeof(data->rulenum), &data->set, sizeof(data->set)); + dst->state = data->state; + if (data->flags & DYN_REFERENCED) + dst->state |= IPFW_DYN_ORPHANED; + /* unused fields */ dst->parent = NULL; - dst->state = data->state; dst->ack_fwd = data->ack_fwd; dst->ack_rev = data->ack_rev; dst->count = 0; diff --git a/sys/netpfil/ipfw/ip_fw_eaction.c b/sys/netpfil/ipfw/ip_fw_eaction.c index 39dbd714a141..05cc174cb283 100644 --- a/sys/netpfil/ipfw/ip_fw_eaction.c +++ b/sys/netpfil/ipfw/ip_fw_eaction.c @@ -252,11 +252,10 @@ destroy_eaction_obj(struct ip_fw_chain *ch, struct named_object *no) * Resets all eaction opcodes to default handlers. */ static void -reset_eaction_obj(struct ip_fw_chain *ch, uint16_t eaction_id) +reset_eaction_rules(struct ip_fw_chain *ch, uint16_t eaction_id, + uint16_t instance_id, bool reset_rules) { struct named_object *no; - struct ip_fw *rule; - ipfw_insn *cmd; int i; IPFW_UH_WLOCK_ASSERT(ch); @@ -267,35 +266,32 @@ reset_eaction_obj(struct ip_fw_chain *ch, uint16_t eaction_id) panic("Default external action handler is not found"); if (eaction_id == no->kidx) panic("Wrong eaction_id"); - EACTION_DEBUG("replace id %u with %u", eaction_id, no->kidx); + + EACTION_DEBUG("Going to replace id %u with %u", eaction_id, no->kidx); IPFW_WLOCK(ch); - for (i = 0; i < ch->n_rules; i++) { - rule = ch->map[i]; - cmd = ACTION_PTR(rule); - if (cmd->opcode != O_EXTERNAL_ACTION) - continue; - if (cmd->arg1 != eaction_id) - continue; - cmd->arg1 = no->kidx; /* Set to default id */ - /* - * XXX: we only bump refcount on default_eaction. - * Refcount on the original object will be just - * ignored on destroy. But on default_eaction it - * will be decremented on rule deletion. - */ - no->refcnt++; - /* - * Since named_object related to this instance will be - * also destroyed, truncate the chain of opcodes to - * remove the rest of cmd chain just after O_EXTERNAL_ACTION - * opcode. - */ - if (rule->act_ofs < rule->cmd_len - 1) { - EACTION_DEBUG("truncate rule %d: len %u -> %u", - rule->rulenum, rule->cmd_len, rule->act_ofs + 1); - rule->cmd_len = rule->act_ofs + 1; + /* + * Reset eaction objects only if it is referenced by rules. + * But always reset objects for orphaned dynamic states. + */ + if (reset_rules) { + for (i = 0; i < ch->n_rules; i++) { + /* + * Refcount on the original object will be just + * ignored on destroy. Refcount on default_eaction + * will be decremented on rule deletion, thus we + * need to reference default_eaction object. + */ + if (ipfw_reset_eaction(ch, ch->map[i], eaction_id, + no->kidx, instance_id) != 0) + no->refcnt++; } } + /* + * Reset eaction opcodes for orphaned dynamic states. + * Since parent rules are already deleted, we don't need to + * reference named object of default_eaction. + */ + ipfw_dyn_reset_eaction(ch, eaction_id, no->kidx, instance_id); IPFW_WUNLOCK(ch); } @@ -368,8 +364,7 @@ ipfw_del_eaction(struct ip_fw_chain *ch, uint16_t eaction_id) IPFW_UH_WUNLOCK(ch); return (EINVAL); } - if (no->refcnt > 1) - reset_eaction_obj(ch, eaction_id); + reset_eaction_rules(ch, eaction_id, 0, (no->refcnt > 1)); EACTION_DEBUG("External action '%s' with id %u unregistered", no->name, eaction_id); destroy_eaction_obj(ch, no); @@ -378,6 +373,66 @@ ipfw_del_eaction(struct ip_fw_chain *ch, uint16_t eaction_id) } int +ipfw_reset_eaction(struct ip_fw_chain *ch, struct ip_fw *rule, + uint16_t eaction_id, uint16_t default_id, uint16_t instance_id) +{ + ipfw_insn *cmd, *icmd; + + IPFW_UH_WLOCK_ASSERT(ch); + IPFW_WLOCK_ASSERT(ch); + + cmd = ACTION_PTR(rule); + if (cmd->opcode != O_EXTERNAL_ACTION || + cmd->arg1 != eaction_id) + return (0); + + if (instance_id != 0 && rule->act_ofs < rule->cmd_len - 1) { + icmd = cmd + 1; + if (icmd->opcode != O_EXTERNAL_INSTANCE || + icmd->arg1 != instance_id) + return (0); + /* FALLTHROUGH */ + } + + cmd->arg1 = default_id; /* Set to default id */ + /* + * Since named_object related to this instance will be + * also destroyed, truncate the chain of opcodes to + * remove the rest of cmd chain just after O_EXTERNAL_ACTION + * opcode. + */ + if (rule->act_ofs < rule->cmd_len - 1) { + EACTION_DEBUG("truncate rule %d: len %u -> %u", + rule->rulenum, rule->cmd_len, rule->act_ofs + 1); + rule->cmd_len = rule->act_ofs + 1; + } + /* + * Return 1 when reset successfully happened. + */ + return (1); +} + +/* + * This function should be called before external action instance is + * destroyed. It will reset eaction_id to default_id for rules, where + * eaction has instance with id == kidx. + */ +int +ipfw_reset_eaction_instance(struct ip_fw_chain *ch, uint16_t eaction_id, + uint16_t kidx) +{ + struct named_object *no; + + IPFW_UH_WLOCK_ASSERT(ch); + no = ipfw_objhash_lookup_kidx(CHAIN_TO_SRV(ch), eaction_id); + if (no == NULL || no->etlv != IPFW_TLV_EACTION) + return (EINVAL); + + reset_eaction_rules(ch, eaction_id, kidx, 0); + return (0); +} + +int ipfw_run_eaction(struct ip_fw_chain *ch, struct ip_fw_args *args, ipfw_insn *cmd, int *done) { diff --git a/sys/netpfil/ipfw/ip_fw_private.h b/sys/netpfil/ipfw/ip_fw_private.h index c389e01a8022..7e966d0a4fc9 100644 --- a/sys/netpfil/ipfw/ip_fw_private.h +++ b/sys/netpfil/ipfw/ip_fw_private.h @@ -146,6 +146,9 @@ enum { /* * Function definitions. */ +int ipfw_chk(struct ip_fw_args *args); +struct mbuf *ipfw_send_pkt(struct mbuf *, struct ipfw_flow_id *, + u_int32_t, u_int32_t, int); /* attach (arg = 1) or detach (arg = 0) hooks */ int ipfw_attach_hooks(int); @@ -156,6 +159,7 @@ void ipfw_nat_destroy(void); /* In ip_fw_log.c */ struct ip; struct ip_fw_chain; + void ipfw_bpf_init(int); void ipfw_bpf_uninit(int); void ipfw_bpf_mtap2(void *, u_int, struct mbuf *); @@ -168,6 +172,7 @@ VNET_DECLARE(int, verbose_limit); #define V_verbose_limit VNET(verbose_limit) /* In ip_fw_dynamic.c */ +struct sockopt_data; enum { /* result for matching dynamic rules */ MATCH_REVERSE = 0, @@ -177,19 +182,6 @@ enum { /* result for matching dynamic rules */ }; /* - * The lock for dynamic rules is only used once outside the file, - * and only to release the result of lookup_dyn_rule(). - * Eventually we may implement it with a callback on the function. - */ -struct ip_fw_chain; -struct sockopt_data; -int ipfw_is_dyn_rule(struct ip_fw *rule); -void ipfw_expire_dyn_states(struct ip_fw_chain *, ipfw_range_tlv *); - -struct tcphdr; -struct mbuf *ipfw_send_pkt(struct mbuf *, struct ipfw_flow_id *, - u_int32_t, u_int32_t, int); -/* * Macro to determine that we need to do or redo dynamic state lookup. * direction == MATCH_UNKNOWN means that this is first lookup, then we need * to do lookup. @@ -219,13 +211,17 @@ struct ip_fw *ipfw_dyn_lookup_state(const struct ip_fw_args *args, const void *ulp, int pktlen, const ipfw_insn *cmd, struct ipfw_dyn_info *info); +int ipfw_is_dyn_rule(struct ip_fw *rule); +void ipfw_expire_dyn_states(struct ip_fw_chain *, ipfw_range_tlv *); void ipfw_get_dynamic(struct ip_fw_chain *chain, char **bp, const char *ep); int ipfw_dump_states(struct ip_fw_chain *chain, struct sockopt_data *sd); void ipfw_dyn_init(struct ip_fw_chain *); /* per-vnet initialization */ void ipfw_dyn_uninit(int); /* per-vnet deinitialization */ int ipfw_dyn_len(void); -uint32_t ipfw_dyn_get_count(void); +uint32_t ipfw_dyn_get_count(uint32_t *, int *); +void ipfw_dyn_reset_eaction(struct ip_fw_chain *ch, uint16_t eaction_id, + uint16_t default_id, uint16_t instance_id); /* common variables */ VNET_DECLARE(int, fw_one_pass); @@ -280,7 +276,9 @@ struct ip_fw { uint32_t id; /* rule id */ uint32_t cached_id; /* used by jump_fast */ uint32_t cached_pos; /* used by jump_fast */ + uint32_t refcnt; /* number of references */ + struct ip_fw *next; /* linked list of deleted rules */ ipfw_insn cmd[1]; /* storage for commands */ }; @@ -650,7 +648,6 @@ void ipfw_init_skipto_cache(struct ip_fw_chain *chain); void ipfw_destroy_skipto_cache(struct ip_fw_chain *chain); int ipfw_find_rule(struct ip_fw_chain *chain, uint32_t key, uint32_t id); int ipfw_ctl3(struct sockopt *sopt); -int ipfw_chk(struct ip_fw_args *args); int ipfw_add_protected_rule(struct ip_fw_chain *chain, struct ip_fw *rule, int locked); void ipfw_reap_add(struct ip_fw_chain *chain, struct ip_fw **head, @@ -659,7 +656,9 @@ void ipfw_reap_rules(struct ip_fw *head); void ipfw_init_counters(void); void ipfw_destroy_counters(void); struct ip_fw *ipfw_alloc_rule(struct ip_fw_chain *chain, size_t rulesize); +void ipfw_free_rule(struct ip_fw *rule); int ipfw_match_range(struct ip_fw *rule, ipfw_range_tlv *rt); +int ipfw_mark_object_kidx(uint32_t *bmask, uint16_t etlv, uint16_t kidx); typedef int (sopt_handler_f)(struct ip_fw_chain *ch, ip_fw3_opheader *op3, struct sockopt_data *sd); @@ -758,6 +757,10 @@ uint16_t ipfw_add_eaction(struct ip_fw_chain *ch, ipfw_eaction_t handler, int ipfw_del_eaction(struct ip_fw_chain *ch, uint16_t eaction_id); int ipfw_run_eaction(struct ip_fw_chain *ch, struct ip_fw_args *args, ipfw_insn *cmd, int *done); +int ipfw_reset_eaction(struct ip_fw_chain *ch, struct ip_fw *rule, + uint16_t eaction_id, uint16_t default_id, uint16_t instance_id); +int ipfw_reset_eaction_instance(struct ip_fw_chain *ch, uint16_t eaction_id, + uint16_t instance_id); /* In ip_fw_table.c */ struct table_info; diff --git a/sys/netpfil/ipfw/ip_fw_sockopt.c b/sys/netpfil/ipfw/ip_fw_sockopt.c index f872032c5094..edbd96a91283 100644 --- a/sys/netpfil/ipfw/ip_fw_sockopt.c +++ b/sys/netpfil/ipfw/ip_fw_sockopt.c @@ -161,8 +161,6 @@ static int set_legacy_obj_kidx(struct ip_fw_chain *ch, struct ip_fw_rule0 *rule); static struct opcode_obj_rewrite *find_op_rw(ipfw_insn *cmd, uint16_t *puidx, uint8_t *ptype); -static int mark_object_kidx(struct ip_fw_chain *ch, struct ip_fw *rule, - uint32_t *bmask); static int ref_rule_objects(struct ip_fw_chain *ch, struct ip_fw *rule, struct rule_check_info *ci, struct obj_idx *oib, struct tid_info *ti); static int ref_opcode_object(struct ip_fw_chain *ch, ipfw_insn *cmd, @@ -209,14 +207,23 @@ ipfw_alloc_rule(struct ip_fw_chain *chain, size_t rulesize) rule = malloc(rulesize, M_IPFW, M_WAITOK | M_ZERO); rule->cntr = uma_zalloc_pcpu(V_ipfw_cntr_zone, M_WAITOK | M_ZERO); + rule->refcnt = 1; return (rule); } -static void -free_rule(struct ip_fw *rule) +void +ipfw_free_rule(struct ip_fw *rule) { + /* + * We don't release refcnt here, since this function + * can be called without any locks held. The caller + * must release reference under IPFW_UH_WLOCK, and then + * call this function if refcount becomes 1. + */ + if (rule->refcnt > 1) + return; uma_zfree_pcpu(V_ipfw_cntr_zone, rule->cntr); free(rule, M_IPFW); } @@ -827,7 +834,7 @@ ipfw_reap_add(struct ip_fw_chain *chain, struct ip_fw **head, /* Unlink rule from everywhere */ unref_rule_objects(chain, rule); - *((struct ip_fw **)rule) = *head; + rule->next = *head; *head = rule; } @@ -842,8 +849,8 @@ ipfw_reap_rules(struct ip_fw *head) struct ip_fw *rule; while ((rule = head) != NULL) { - head = *((struct ip_fw **)head); - free_rule(rule); + head = head->next; + ipfw_free_rule(rule); } } @@ -1026,6 +1033,16 @@ delete_range(struct ip_fw_chain *chain, ipfw_range_tlv *rt, int *ndel) end = ipfw_find_rule(chain, rt->end_rule, UINT32_MAX); } + if (rt->flags & IPFW_RCFLAG_DYNAMIC) { + /* + * Requested deleting only for dynamic states. + */ + *ndel = 0; + ipfw_expire_dyn_states(chain, rt); + IPFW_UH_WUNLOCK(chain); + return (0); + } + /* Allocate new map of the same size */ map = get_map(chain, 0, 1 /* locked */); if (map == NULL) { @@ -2187,6 +2204,7 @@ struct dump_args { uint32_t rsize; /* rules size */ uint32_t tcount; /* number of tables */ int rcounters; /* counters */ + uint32_t *bmask; /* index bitmask of used named objects */ }; void @@ -2223,6 +2241,49 @@ export_objhash_ntlv(struct namedobj_instance *ni, uint16_t kidx, return (0); } +static int +export_named_objects(struct namedobj_instance *ni, struct dump_args *da, + struct sockopt_data *sd) +{ + int error, i; + + for (i = 0; i < IPFW_TABLES_MAX && da->tcount > 0; i++) { + if ((da->bmask[i / 32] & (1 << (i % 32))) == 0) + continue; + if ((error = export_objhash_ntlv(ni, i, sd)) != 0) + return (error); + da->tcount--; + } + return (0); +} + +static int +dump_named_objects(struct ip_fw_chain *ch, struct dump_args *da, + struct sockopt_data *sd) +{ + ipfw_obj_ctlv *ctlv; + int error; + + MPASS(da->tcount > 0); + /* Header first */ + ctlv = (ipfw_obj_ctlv *)ipfw_get_sopt_space(sd, sizeof(*ctlv)); + if (ctlv == NULL) + return (ENOMEM); + ctlv->head.type = IPFW_TLV_TBLNAME_LIST; + ctlv->head.length = da->tcount * sizeof(ipfw_obj_ntlv) + + sizeof(*ctlv); + ctlv->count = da->tcount; + ctlv->objsize = sizeof(ipfw_obj_ntlv); + + /* Dump table names first (if any) */ + error = export_named_objects(ipfw_get_table_objhash(ch), da, sd); + if (error != 0) + return (error); + /* Then dump another named objects */ + da->bmask += IPFW_TABLES_MAX / 32; + return (export_named_objects(CHAIN_TO_SRV(ch), da, sd)); +} + /* * Dumps static rules with table TLVs in buffer @sd. * @@ -2230,51 +2291,12 @@ export_objhash_ntlv(struct namedobj_instance *ni, uint16_t kidx, */ static int dump_static_rules(struct ip_fw_chain *chain, struct dump_args *da, - uint32_t *bmask, struct sockopt_data *sd) + struct sockopt_data *sd) { - int error; - int i, l; - uint32_t tcount; ipfw_obj_ctlv *ctlv; struct ip_fw *krule; - struct namedobj_instance *ni; caddr_t dst; - - /* Dump table names first (if any) */ - if (da->tcount > 0) { - /* Header first */ - ctlv = (ipfw_obj_ctlv *)ipfw_get_sopt_space(sd, sizeof(*ctlv)); - if (ctlv == NULL) - return (ENOMEM); - ctlv->head.type = IPFW_TLV_TBLNAME_LIST; - ctlv->head.length = da->tcount * sizeof(ipfw_obj_ntlv) + - sizeof(*ctlv); - ctlv->count = da->tcount; - ctlv->objsize = sizeof(ipfw_obj_ntlv); - } - - i = 0; - tcount = da->tcount; - ni = ipfw_get_table_objhash(chain); - while (tcount > 0) { - if ((bmask[i / 32] & (1 << (i % 32))) == 0) { - i++; - continue; - } - - /* Jump to shared named object bitmask */ - if (i >= IPFW_TABLES_MAX) { - ni = CHAIN_TO_SRV(chain); - i -= IPFW_TABLES_MAX; - bmask += IPFW_TABLES_MAX / 32; - } - - if ((error = export_objhash_ntlv(ni, i, sd)) != 0) - return (error); - - i++; - tcount--; - } + int i, l; /* Dump rules */ ctlv = (ipfw_obj_ctlv *)ipfw_get_sopt_space(sd, sizeof(*ctlv)); @@ -2300,27 +2322,41 @@ dump_static_rules(struct ip_fw_chain *chain, struct dump_args *da, return (0); } +int +ipfw_mark_object_kidx(uint32_t *bmask, uint16_t etlv, uint16_t kidx) +{ + uint32_t bidx; + + /* + * Maintain separate bitmasks for table and non-table objects. + */ + bidx = (etlv == IPFW_TLV_TBL_NAME) ? 0: IPFW_TABLES_MAX / 32; + bidx += kidx / 32; + if ((bmask[bidx] & (1 << (kidx % 32))) != 0) + return (0); + + bmask[bidx] |= 1 << (kidx % 32); + return (1); +} + /* * Marks every object index used in @rule with bit in @bmask. * Used to generate bitmask of referenced tables/objects for given ruleset * or its part. - * - * Returns number of newly-referenced objects. */ -static int -mark_object_kidx(struct ip_fw_chain *ch, struct ip_fw *rule, - uint32_t *bmask) +static void +mark_rule_objects(struct ip_fw_chain *ch, struct ip_fw *rule, + struct dump_args *da) { struct opcode_obj_rewrite *rw; ipfw_insn *cmd; - int bidx, cmdlen, l, count; + int cmdlen, l; uint16_t kidx; uint8_t subtype; l = rule->cmd_len; cmd = rule->cmd; cmdlen = 0; - count = 0; for ( ; l > 0 ; l -= cmdlen, cmd += cmdlen) { cmdlen = F_LEN(cmd); @@ -2328,21 +2364,9 @@ mark_object_kidx(struct ip_fw_chain *ch, struct ip_fw *rule, if (rw == NULL) continue; - bidx = kidx / 32; - /* - * Maintain separate bitmasks for table and - * non-table objects. - */ - if (rw->etlv != IPFW_TLV_TBL_NAME) - bidx += IPFW_TABLES_MAX / 32; - - if ((bmask[bidx] & (1 << (kidx % 32))) == 0) - count++; - - bmask[bidx] |= 1 << (kidx % 32); + if (ipfw_mark_object_kidx(da->bmask, rw->etlv, kidx)) + da->tcount++; } - - return (count); } /* @@ -2366,13 +2390,12 @@ static int dump_config(struct ip_fw_chain *chain, ip_fw3_opheader *op3, struct sockopt_data *sd) { + struct dump_args da; ipfw_cfg_lheader *hdr; struct ip_fw *rule; size_t sz, rnum; - uint32_t hdr_flags; + uint32_t hdr_flags, *bmask; int error, i; - struct dump_args da; - uint32_t *bmask; hdr = (ipfw_cfg_lheader *)ipfw_get_sopt_header(sd, sizeof(*hdr)); if (hdr == NULL) @@ -2380,10 +2403,15 @@ dump_config(struct ip_fw_chain *chain, ip_fw3_opheader *op3, error = 0; bmask = NULL; - /* Allocate needed state. Note we allocate 2xspace mask, for table&srv */ - if (hdr->flags & IPFW_CFG_GET_STATIC) - bmask = malloc(IPFW_TABLES_MAX / 4, M_TEMP, M_WAITOK | M_ZERO); - + memset(&da, 0, sizeof(da)); + /* + * Allocate needed state. + * Note we allocate 2xspace mask, for table & srv + */ + if (hdr->flags & (IPFW_CFG_GET_STATIC | IPFW_CFG_GET_STATES)) + da.bmask = bmask = malloc( + sizeof(uint32_t) * IPFW_TABLES_MAX * 2 / 32, M_TEMP, + M_WAITOK | M_ZERO); IPFW_UH_RLOCK(chain); /* @@ -2391,9 +2419,6 @@ dump_config(struct ip_fw_chain *chain, ip_fw3_opheader *op3, * Prepare used tables bitmask. */ sz = sizeof(ipfw_cfg_lheader); - memset(&da, 0, sizeof(da)); - - da.b = 0; da.e = chain->n_rules; if (hdr->end_rule != 0) { @@ -2412,24 +2437,25 @@ dump_config(struct ip_fw_chain *chain, ip_fw3_opheader *op3, da.rsize += RULEUSIZE1(rule) + sizeof(ipfw_obj_tlv); da.rcount++; /* Update bitmask of used objects for given range */ - da.tcount += mark_object_kidx(chain, rule, bmask); + mark_rule_objects(chain, rule, &da); } /* Add counters if requested */ if (hdr->flags & IPFW_CFG_GET_COUNTERS) { da.rsize += sizeof(struct ip_fw_bcounter) * da.rcount; da.rcounters = 1; } - - if (da.tcount > 0) - sz += da.tcount * sizeof(ipfw_obj_ntlv) + - sizeof(ipfw_obj_ctlv); sz += da.rsize + sizeof(ipfw_obj_ctlv); } - if (hdr->flags & IPFW_CFG_GET_STATES) - sz += ipfw_dyn_get_count() * sizeof(ipfw_obj_dyntlv) + - sizeof(ipfw_obj_ctlv); + if (hdr->flags & IPFW_CFG_GET_STATES) { + sz += sizeof(ipfw_obj_ctlv) + + ipfw_dyn_get_count(bmask, &i) * sizeof(ipfw_obj_dyntlv); + da.tcount += i; + } + if (da.tcount > 0) + sz += da.tcount * sizeof(ipfw_obj_ntlv) + + sizeof(ipfw_obj_ctlv); /* * Fill header anyway. @@ -2447,8 +2473,14 @@ dump_config(struct ip_fw_chain *chain, ip_fw3_opheader *op3, } /* STAGE2: Store actual data */ + if (da.tcount > 0) { + error = dump_named_objects(chain, &da, sd); + if (error != 0) + goto cleanup; + } + if (hdr_flags & IPFW_CFG_GET_STATIC) { - error = dump_static_rules(chain, &da, bmask, sd); + error = dump_static_rules(chain, &da, sd); if (error != 0) goto cleanup; } @@ -3027,7 +3059,7 @@ add_rules(struct ip_fw_chain *chain, ip_fw3_opheader *op3, if ((error = commit_rules(chain, cbuf, rtlv->count)) != 0) { /* Free allocate krules */ for (i = 0, ci = cbuf; i < rtlv->count; i++, ci++) - free_rule(ci->krule); + ipfw_free_rule(ci->krule); } if (cbuf != NULL && cbuf != &rci) @@ -3851,7 +3883,7 @@ ipfw_ctl(struct sockopt *sopt) import_rule0(&ci); error = commit_rules(chain, &ci, 1); if (error != 0) - free_rule(ci.krule); + ipfw_free_rule(ci.krule); else if (sopt->sopt_dir == SOPT_GET) { if (is7) { error = convert_rule_to_7(rule); diff --git a/sys/netpfil/ipfw/nat64/nat64lsn_control.c b/sys/netpfil/ipfw/nat64/nat64lsn_control.c index a90e3cfb6d02..a1ef8da6ba59 100644 --- a/sys/netpfil/ipfw/nat64/nat64lsn_control.c +++ b/sys/netpfil/ipfw/nat64/nat64lsn_control.c @@ -256,6 +256,7 @@ nat64lsn_destroy(struct ip_fw_chain *ch, ip_fw3_opheader *op3, return (EBUSY); } + ipfw_reset_eaction_instance(ch, V_nat64lsn_eid, cfg->no.kidx); SRV_OBJECT(ch, cfg->no.kidx) = NULL; nat64lsn_detach_config(ch, cfg); IPFW_UH_WUNLOCK(ch); diff --git a/sys/netpfil/ipfw/nat64/nat64stl_control.c b/sys/netpfil/ipfw/nat64/nat64stl_control.c index 457556aca919..307c6c3ec450 100644 --- a/sys/netpfil/ipfw/nat64/nat64stl_control.c +++ b/sys/netpfil/ipfw/nat64/nat64stl_control.c @@ -342,6 +342,7 @@ nat64stl_destroy(struct ip_fw_chain *ch, ip_fw3_opheader *op3, return (EBUSY); } + ipfw_reset_eaction_instance(ch, V_nat64stl_eid, cfg->no.kidx); SRV_OBJECT(ch, cfg->no.kidx) = NULL; nat64stl_detach_config(ch, cfg); IPFW_UH_WUNLOCK(ch); diff --git a/sys/netpfil/ipfw/nptv6/nptv6.c b/sys/netpfil/ipfw/nptv6/nptv6.c index 72608e2030c4..feeec39ff2c6 100644 --- a/sys/netpfil/ipfw/nptv6/nptv6.c +++ b/sys/netpfil/ipfw/nptv6/nptv6.c @@ -746,6 +746,7 @@ nptv6_destroy(struct ip_fw_chain *ch, ip_fw3_opheader *op3, return (EBUSY); } + ipfw_reset_eaction_instance(ch, V_nptv6_eid, cfg->no.kidx); SRV_OBJECT(ch, cfg->no.kidx) = NULL; ipfw_objhash_del(CHAIN_TO_SRV(ch), &cfg->no); ipfw_objhash_free_idx(CHAIN_TO_SRV(ch), cfg->no.kidx); diff --git a/sys/netpfil/pf/if_pfsync.c b/sys/netpfil/pf/if_pfsync.c index 5d36793b032e..9464d1ea86b5 100644 --- a/sys/netpfil/pf/if_pfsync.c +++ b/sys/netpfil/pf/if_pfsync.c @@ -77,6 +77,7 @@ __FBSDID("$FreeBSD$"); #include <sys/mutex.h> #include <sys/priv.h> #include <sys/protosw.h> +#include <sys/smp.h> #include <sys/socket.h> #include <sys/sockio.h> #include <sys/sysctl.h> @@ -106,6 +107,8 @@ __FBSDID("$FreeBSD$"); sizeof(struct pfsync_header) + \ sizeof(struct pfsync_subheader) ) +struct pfsync_bucket; + struct pfsync_pkt { struct ip *ip; struct in_addr src; @@ -164,7 +167,7 @@ static struct pfsync_q pfsync_qs[] = { }; static void pfsync_q_ins(struct pf_state *, int, bool); -static void pfsync_q_del(struct pf_state *, bool); +static void pfsync_q_del(struct pf_state *, bool, struct pfsync_bucket *); static void pfsync_update_state(struct pf_state *); @@ -183,6 +186,28 @@ struct pfsync_deferral { struct mbuf *pd_m; }; +struct pfsync_sofct; + +struct pfsync_bucket +{ + int b_id; + struct pfsync_softc *b_sc; + struct mtx b_mtx; + struct callout b_tmo; + int b_flags; +#define PFSYNCF_BUCKET_PUSH 0x00000001 + + size_t b_len; + TAILQ_HEAD(, pf_state) b_qs[PFSYNC_S_COUNT]; + TAILQ_HEAD(, pfsync_upd_req_item) b_upd_req_list; + TAILQ_HEAD(, pfsync_deferral) b_deferrals; + u_int b_deferred; + void *b_plus; + size_t b_pluslen; + + struct ifaltq b_snd; +}; + struct pfsync_softc { /* Configuration */ struct ifnet *sc_ifp; @@ -192,20 +217,12 @@ struct pfsync_softc { uint32_t sc_flags; #define PFSYNCF_OK 0x00000001 #define PFSYNCF_DEFER 0x00000002 -#define PFSYNCF_PUSH 0x00000004 uint8_t sc_maxupdates; struct ip sc_template; - struct callout sc_tmo; struct mtx sc_mtx; /* Queued data */ - size_t sc_len; - TAILQ_HEAD(, pf_state) sc_qs[PFSYNC_S_COUNT]; - TAILQ_HEAD(, pfsync_upd_req_item) sc_upd_req_list; - TAILQ_HEAD(, pfsync_deferral) sc_deferrals; - u_int sc_deferred; - void *sc_plus; - size_t sc_pluslen; + struct pfsync_bucket *sc_buckets; /* Bulk update info */ struct mtx sc_bulk_mtx; @@ -223,6 +240,10 @@ struct pfsync_softc { #define PFSYNC_UNLOCK(sc) mtx_unlock(&(sc)->sc_mtx) #define PFSYNC_LOCK_ASSERT(sc) mtx_assert(&(sc)->sc_mtx, MA_OWNED) +#define PFSYNC_BUCKET_LOCK(b) mtx_lock(&(b)->b_mtx) +#define PFSYNC_BUCKET_UNLOCK(b) mtx_unlock(&(b)->b_mtx) +#define PFSYNC_BUCKET_LOCK_ASSERT(b) mtx_assert(&(b)->b_mtx, MA_OWNED) + #define PFSYNC_BLOCK(sc) mtx_lock(&(sc)->sc_bulk_mtx) #define PFSYNC_BUNLOCK(sc) mtx_unlock(&(sc)->sc_bulk_mtx) #define PFSYNC_BLOCK_ASSERT(sc) mtx_assert(&(sc)->sc_bulk_mtx, MA_OWNED) @@ -239,7 +260,8 @@ VNET_DEFINE_STATIC(int, pfsync_carp_adj) = CARP_MAXSKEW; #define V_pfsync_carp_adj VNET(pfsync_carp_adj) static void pfsync_timeout(void *); -static void pfsync_push(struct pfsync_softc *); +static void pfsync_push(struct pfsync_bucket *); +static void pfsync_push_all(struct pfsync_softc *); static void pfsyncintr(void *); static int pfsync_multicast_setup(struct pfsync_softc *, struct ifnet *, void *); @@ -249,12 +271,16 @@ static void pfsync_pointers_uninit(void); static int pfsync_init(void); static void pfsync_uninit(void); +static unsigned long pfsync_buckets; + SYSCTL_NODE(_net, OID_AUTO, pfsync, CTLFLAG_RW, 0, "PFSYNC"); SYSCTL_STRUCT(_net_pfsync, OID_AUTO, stats, CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(pfsyncstats), pfsyncstats, "PFSYNC statistics (struct pfsyncstats, net/if_pfsync.h)"); SYSCTL_INT(_net_pfsync, OID_AUTO, carp_demotion_factor, CTLFLAG_RW, &VNET_NAME(pfsync_carp_adj), 0, "pfsync's CARP demotion factor adjustment"); +SYSCTL_ULONG(_net_pfsync, OID_AUTO, pfsync_buckets, CTLFLAG_RDTUN, + &pfsync_buckets, 0, "Number of pfsync hash buckets"); static int pfsync_clone_create(struct if_clone *, int, caddr_t); static void pfsync_clone_destroy(struct ifnet *); @@ -270,10 +296,10 @@ static void pfsync_undefer_state(struct pf_state *, int); static void pfsync_defer_tmo(void *); static void pfsync_request_update(u_int32_t, u_int64_t); -static void pfsync_update_state_req(struct pf_state *); +static bool pfsync_update_state_req(struct pf_state *); static void pfsync_drop(struct pfsync_softc *); -static void pfsync_sendout(int); +static void pfsync_sendout(int, int); static void pfsync_send_plus(void *, size_t); static void pfsync_bulk_start(void); @@ -285,6 +311,9 @@ static void pfsync_detach_ifnet(struct ifnet *); #ifdef IPSEC static void pfsync_update_net_tdb(struct pfsync_tdb *); #endif +static struct pfsync_bucket *pfsync_get_bucket(struct pfsync_softc *, + struct pf_state *); + #define PFSYNC_MAX_BULKTRIES 12 @@ -296,21 +325,16 @@ pfsync_clone_create(struct if_clone *ifc, int unit, caddr_t param) { struct pfsync_softc *sc; struct ifnet *ifp; - int q; + struct pfsync_bucket *b; + int c, q; if (unit != 0) return (EINVAL); - sc = malloc(sizeof(struct pfsync_softc), M_PFSYNC, M_WAITOK | M_ZERO); - sc->sc_flags |= PFSYNCF_OK; - - for (q = 0; q < PFSYNC_S_COUNT; q++) - TAILQ_INIT(&sc->sc_qs[q]); - - TAILQ_INIT(&sc->sc_upd_req_list); - TAILQ_INIT(&sc->sc_deferrals); + if (! pfsync_buckets) + pfsync_buckets = mp_ncpus * 2; - sc->sc_len = PFSYNC_MINPKT; + sc = malloc(sizeof(struct pfsync_softc), M_PFSYNC, M_WAITOK | M_ZERO); sc->sc_maxupdates = 128; ifp = sc->sc_ifp = if_alloc(IFT_PFSYNC); @@ -323,12 +347,10 @@ pfsync_clone_create(struct if_clone *ifc, int unit, caddr_t param) ifp->if_ioctl = pfsyncioctl; ifp->if_output = pfsyncoutput; ifp->if_type = IFT_PFSYNC; - ifp->if_snd.ifq_maxlen = ifqmaxlen; ifp->if_hdrlen = sizeof(struct pfsync_header); ifp->if_mtu = ETHERMTU; mtx_init(&sc->sc_mtx, pfsyncname, NULL, MTX_DEF); mtx_init(&sc->sc_bulk_mtx, "pfsync bulk", NULL, MTX_DEF); - callout_init(&sc->sc_tmo, 1); callout_init_mtx(&sc->sc_bulk_tmo, &sc->sc_bulk_mtx, 0); callout_init_mtx(&sc->sc_bulkfail_tmo, &sc->sc_bulk_mtx, 0); @@ -336,6 +358,27 @@ pfsync_clone_create(struct if_clone *ifc, int unit, caddr_t param) bpfattach(ifp, DLT_PFSYNC, PFSYNC_HDRLEN); + sc->sc_buckets = mallocarray(pfsync_buckets, sizeof(*sc->sc_buckets), + M_PFSYNC, M_ZERO | M_WAITOK); + for (c = 0; c < pfsync_buckets; c++) { + b = &sc->sc_buckets[c]; + mtx_init(&b->b_mtx, pfsyncname, NULL, MTX_DEF); + + b->b_id = c; + b->b_sc = sc; + b->b_len = PFSYNC_MINPKT; + + for (q = 0; q < PFSYNC_S_COUNT; q++) + TAILQ_INIT(&b->b_qs[q]); + + TAILQ_INIT(&b->b_upd_req_list); + TAILQ_INIT(&b->b_deferrals); + + callout_init(&b->b_tmo, 1); + + b->b_snd.ifq_maxlen = ifqmaxlen; + } + V_pfsyncif = sc; return (0); @@ -345,29 +388,36 @@ static void pfsync_clone_destroy(struct ifnet *ifp) { struct pfsync_softc *sc = ifp->if_softc; + struct pfsync_bucket *b; + int c; - /* - * At this stage, everything should have already been - * cleared by pfsync_uninit(), and we have only to - * drain callouts. - */ - while (sc->sc_deferred > 0) { - struct pfsync_deferral *pd = TAILQ_FIRST(&sc->sc_deferrals); - - TAILQ_REMOVE(&sc->sc_deferrals, pd, pd_entry); - sc->sc_deferred--; - if (callout_stop(&pd->pd_tmo) > 0) { - pf_release_state(pd->pd_st); - m_freem(pd->pd_m); - free(pd, M_PFSYNC); - } else { - pd->pd_refs++; - callout_drain(&pd->pd_tmo); - free(pd, M_PFSYNC); + for (c = 0; c < pfsync_buckets; c++) { + b = &sc->sc_buckets[c]; + /* + * At this stage, everything should have already been + * cleared by pfsync_uninit(), and we have only to + * drain callouts. + */ + while (b->b_deferred > 0) { + struct pfsync_deferral *pd = + TAILQ_FIRST(&b->b_deferrals); + + TAILQ_REMOVE(&b->b_deferrals, pd, pd_entry); + b->b_deferred--; + if (callout_stop(&pd->pd_tmo) > 0) { + pf_release_state(pd->pd_st); + m_freem(pd->pd_m); + free(pd, M_PFSYNC); + } else { + pd->pd_refs++; + callout_drain(&pd->pd_tmo); + free(pd, M_PFSYNC); + } } + + callout_drain(&b->b_tmo); } - callout_drain(&sc->sc_tmo); callout_drain(&sc->sc_bulkfail_tmo); callout_drain(&sc->sc_bulk_tmo); @@ -383,6 +433,8 @@ pfsync_clone_destroy(struct ifnet *ifp) pfsync_multicast_cleanup(sc); mtx_destroy(&sc->sc_mtx); mtx_destroy(&sc->sc_bulk_mtx); + + free(sc->sc_buckets, M_PFSYNC); free(sc, M_PFSYNC); V_pfsyncif = NULL; @@ -546,7 +598,7 @@ pfsync_state_import(struct pfsync_state *sp, u_int8_t flags) st->state_flags &= ~PFSTATE_NOSYNC; if (st->state_flags & PFSTATE_ACK) { pfsync_q_ins(st, PFSYNC_S_IACK, true); - pfsync_push(sc); + pfsync_push_all(sc); } } st->state_flags &= ~PFSTATE_ACK; @@ -785,9 +837,7 @@ pfsync_in_iack(struct pfsync_pkt *pkt, struct mbuf *m, int offset, int count) continue; if (st->state_flags & PFSTATE_ACK) { - PFSYNC_LOCK(V_pfsyncif); pfsync_undefer_state(st, 0); - PFSYNC_UNLOCK(V_pfsyncif); } PF_STATE_UNLOCK(st); } @@ -876,9 +926,7 @@ pfsync_in_upd(struct pfsync_pkt *pkt, struct mbuf *m, int offset, int count) } if (st->state_flags & PFSTATE_ACK) { - PFSYNC_LOCK(sc); pfsync_undefer_state(st, 1); - PFSYNC_UNLOCK(sc); } if (st->key[PF_SK_WIRE]->proto == IPPROTO_TCP) @@ -912,9 +960,7 @@ pfsync_in_upd(struct pfsync_pkt *pkt, struct mbuf *m, int offset, int count) pfsync_update_state(st); PF_STATE_UNLOCK(st); - PFSYNC_LOCK(sc); - pfsync_push(sc); - PFSYNC_UNLOCK(sc); + pfsync_push_all(sc); continue; } PF_STATE_UNLOCK(st); @@ -960,16 +1006,14 @@ pfsync_in_upd_c(struct pfsync_pkt *pkt, struct mbuf *m, int offset, int count) st = pf_find_state_byid(up->id, up->creatorid); if (st == NULL) { /* We don't have this state. Ask for it. */ - PFSYNC_LOCK(sc); + PFSYNC_BUCKET_LOCK(&sc->sc_buckets[0]); pfsync_request_update(up->creatorid, up->id); - PFSYNC_UNLOCK(sc); + PFSYNC_BUCKET_UNLOCK(&sc->sc_buckets[0]); continue; } if (st->state_flags & PFSTATE_ACK) { - PFSYNC_LOCK(sc); pfsync_undefer_state(st, 1); - PFSYNC_UNLOCK(sc); } if (st->key[PF_SK_WIRE]->proto == IPPROTO_TCP) @@ -1003,9 +1047,7 @@ pfsync_in_upd_c(struct pfsync_pkt *pkt, struct mbuf *m, int offset, int count) pfsync_update_state(st); PF_STATE_UNLOCK(st); - PFSYNC_LOCK(sc); - pfsync_push(sc); - PFSYNC_UNLOCK(sc); + pfsync_push_all(sc); continue; } PF_STATE_UNLOCK(st); @@ -1283,6 +1325,7 @@ pfsyncioctl(struct ifnet *ifp, u_long cmd, caddr_t data) struct ifreq *ifr = (struct ifreq *)data; struct pfsyncreq pfsyncr; int error; + int c; switch (cmd) { case SIOCSIFFLAGS: @@ -1303,10 +1346,12 @@ pfsyncioctl(struct ifnet *ifp, u_long cmd, caddr_t data) ifr->ifr_mtu > sc->sc_sync_if->if_mtu) return (EINVAL); if (ifr->ifr_mtu < ifp->if_mtu) { - PFSYNC_LOCK(sc); - if (sc->sc_len > PFSYNC_MINPKT) - pfsync_sendout(1); - PFSYNC_UNLOCK(sc); + for (c = 0; c < pfsync_buckets; c++) { + PFSYNC_BUCKET_LOCK(&sc->sc_buckets[c]); + if (sc->sc_buckets[c].b_len > PFSYNC_MINPKT) + pfsync_sendout(1, c); + PFSYNC_BUCKET_UNLOCK(&sc->sc_buckets[c]); + } } ifp->if_mtu = ifr->ifr_mtu; break; @@ -1379,12 +1424,16 @@ pfsyncioctl(struct ifnet *ifp, u_long cmd, caddr_t data) break; } - if (sc->sc_len > PFSYNC_MINPKT && - (sifp->if_mtu < sc->sc_ifp->if_mtu || - (sc->sc_sync_if != NULL && - sifp->if_mtu < sc->sc_sync_if->if_mtu) || - sifp->if_mtu < MCLBYTES - sizeof(struct ip))) - pfsync_sendout(1); + for (c = 0; c < pfsync_buckets; c++) { + PFSYNC_BUCKET_LOCK(&sc->sc_buckets[c]); + if (sc->sc_buckets[c].b_len > PFSYNC_MINPKT && + (sifp->if_mtu < sc->sc_ifp->if_mtu || + (sc->sc_sync_if != NULL && + sifp->if_mtu < sc->sc_sync_if->if_mtu) || + sifp->if_mtu < MCLBYTES - sizeof(struct ip))) + pfsync_sendout(1, c); + PFSYNC_BUCKET_UNLOCK(&sc->sc_buckets[c]); + } if (imo->imo_membership) pfsync_multicast_cleanup(sc); @@ -1421,8 +1470,10 @@ pfsyncioctl(struct ifnet *ifp, u_long cmd, caddr_t data) sc->sc_flags &= ~PFSYNCF_OK; if (V_pf_status.debug >= PF_DEBUG_MISC) printf("pfsync: requesting bulk update\n"); - pfsync_request_update(0, 0); PFSYNC_UNLOCK(sc); + PFSYNC_BUCKET_LOCK(&sc->sc_buckets[0]); + pfsync_request_update(0, 0); + PFSYNC_BUCKET_UNLOCK(&sc->sc_buckets[0]); PFSYNC_BLOCK(sc); sc->sc_ureq_sent = time_uptime; callout_reset(&sc->sc_bulkfail_tmo, 5 * hz, pfsync_bulk_fail, @@ -1483,33 +1534,37 @@ pfsync_drop(struct pfsync_softc *sc) { struct pf_state *st, *next; struct pfsync_upd_req_item *ur; - int q; + struct pfsync_bucket *b; + int c, q; - for (q = 0; q < PFSYNC_S_COUNT; q++) { - if (TAILQ_EMPTY(&sc->sc_qs[q])) - continue; + for (c = 0; c < pfsync_buckets; c++) { + b = &sc->sc_buckets[c]; + for (q = 0; q < PFSYNC_S_COUNT; q++) { + if (TAILQ_EMPTY(&b->b_qs[q])) + continue; - TAILQ_FOREACH_SAFE(st, &sc->sc_qs[q], sync_list, next) { - KASSERT(st->sync_state == q, - ("%s: st->sync_state == q", - __func__)); - st->sync_state = PFSYNC_S_NONE; - pf_release_state(st); + TAILQ_FOREACH_SAFE(st, &b->b_qs[q], sync_list, next) { + KASSERT(st->sync_state == q, + ("%s: st->sync_state == q", + __func__)); + st->sync_state = PFSYNC_S_NONE; + pf_release_state(st); + } + TAILQ_INIT(&b->b_qs[q]); } - TAILQ_INIT(&sc->sc_qs[q]); - } - while ((ur = TAILQ_FIRST(&sc->sc_upd_req_list)) != NULL) { - TAILQ_REMOVE(&sc->sc_upd_req_list, ur, ur_entry); - free(ur, M_PFSYNC); - } + while ((ur = TAILQ_FIRST(&b->b_upd_req_list)) != NULL) { + TAILQ_REMOVE(&b->b_upd_req_list, ur, ur_entry); + free(ur, M_PFSYNC); + } - sc->sc_plus = NULL; - sc->sc_len = PFSYNC_MINPKT; + b->b_len = PFSYNC_MINPKT; + b->b_plus = NULL; + } } static void -pfsync_sendout(int schedswi) +pfsync_sendout(int schedswi, int c) { struct pfsync_softc *sc = V_pfsyncif; struct ifnet *ifp = sc->sc_ifp; @@ -1519,27 +1574,28 @@ pfsync_sendout(int schedswi) struct pfsync_subheader *subh; struct pf_state *st, *st_next; struct pfsync_upd_req_item *ur; + struct pfsync_bucket *b = &sc->sc_buckets[c]; int offset; int q, count = 0; KASSERT(sc != NULL, ("%s: null sc", __func__)); - KASSERT(sc->sc_len > PFSYNC_MINPKT, - ("%s: sc_len %zu", __func__, sc->sc_len)); - PFSYNC_LOCK_ASSERT(sc); + KASSERT(b->b_len > PFSYNC_MINPKT, + ("%s: sc_len %zu", __func__, b->b_len)); + PFSYNC_BUCKET_LOCK_ASSERT(b); if (ifp->if_bpf == NULL && sc->sc_sync_if == NULL) { pfsync_drop(sc); return; } - m = m_get2(max_linkhdr + sc->sc_len, M_NOWAIT, MT_DATA, M_PKTHDR); + m = m_get2(max_linkhdr + b->b_len, M_NOWAIT, MT_DATA, M_PKTHDR); if (m == NULL) { if_inc_counter(sc->sc_ifp, IFCOUNTER_OERRORS, 1); V_pfsyncstats.pfsyncs_onomem++; return; } m->m_data += max_linkhdr; - m->m_len = m->m_pkthdr.len = sc->sc_len; + m->m_len = m->m_pkthdr.len = b->b_len; /* build the ip header */ ip = (struct ip *)m->m_data; @@ -1555,19 +1611,19 @@ pfsync_sendout(int schedswi) offset += sizeof(*ph); ph->version = PFSYNC_VERSION; - ph->len = htons(sc->sc_len - sizeof(*ip)); + ph->len = htons(b->b_len - sizeof(*ip)); bcopy(V_pf_status.pf_chksum, ph->pfcksum, PF_MD5_DIGEST_LENGTH); /* walk the queues */ for (q = 0; q < PFSYNC_S_COUNT; q++) { - if (TAILQ_EMPTY(&sc->sc_qs[q])) + if (TAILQ_EMPTY(&b->b_qs[q])) continue; subh = (struct pfsync_subheader *)(m->m_data + offset); offset += sizeof(*subh); count = 0; - TAILQ_FOREACH_SAFE(st, &sc->sc_qs[q], sync_list, st_next) { + TAILQ_FOREACH_SAFE(st, &b->b_qs[q], sync_list, st_next) { KASSERT(st->sync_state == q, ("%s: st->sync_state == q", __func__)); @@ -1581,7 +1637,7 @@ pfsync_sendout(int schedswi) pf_release_state(st); count++; } - TAILQ_INIT(&sc->sc_qs[q]); + TAILQ_INIT(&b->b_qs[q]); bzero(subh, sizeof(*subh)); subh->action = pfsync_qs[q].action; @@ -1589,13 +1645,13 @@ pfsync_sendout(int schedswi) V_pfsyncstats.pfsyncs_oacts[pfsync_qs[q].action] += count; } - if (!TAILQ_EMPTY(&sc->sc_upd_req_list)) { + if (!TAILQ_EMPTY(&b->b_upd_req_list)) { subh = (struct pfsync_subheader *)(m->m_data + offset); offset += sizeof(*subh); count = 0; - while ((ur = TAILQ_FIRST(&sc->sc_upd_req_list)) != NULL) { - TAILQ_REMOVE(&sc->sc_upd_req_list, ur, ur_entry); + while ((ur = TAILQ_FIRST(&b->b_upd_req_list)) != NULL) { + TAILQ_REMOVE(&b->b_upd_req_list, ur, ur_entry); bcopy(&ur->ur_msg, m->m_data + offset, sizeof(ur->ur_msg)); @@ -1611,11 +1667,11 @@ pfsync_sendout(int schedswi) } /* has someone built a custom region for us to add? */ - if (sc->sc_plus != NULL) { - bcopy(sc->sc_plus, m->m_data + offset, sc->sc_pluslen); - offset += sc->sc_pluslen; + if (b->b_plus != NULL) { + bcopy(b->b_plus, m->m_data + offset, b->b_pluslen); + offset += b->b_pluslen; - sc->sc_plus = NULL; + b->b_plus = NULL; } subh = (struct pfsync_subheader *)(m->m_data + offset); @@ -1629,24 +1685,24 @@ pfsync_sendout(int schedswi) /* we're done, let's put it on the wire */ if (ifp->if_bpf) { m->m_data += sizeof(*ip); - m->m_len = m->m_pkthdr.len = sc->sc_len - sizeof(*ip); + m->m_len = m->m_pkthdr.len = b->b_len - sizeof(*ip); BPF_MTAP(ifp, m); m->m_data -= sizeof(*ip); - m->m_len = m->m_pkthdr.len = sc->sc_len; + m->m_len = m->m_pkthdr.len = b->b_len; } if (sc->sc_sync_if == NULL) { - sc->sc_len = PFSYNC_MINPKT; + b->b_len = PFSYNC_MINPKT; m_freem(m); return; } if_inc_counter(sc->sc_ifp, IFCOUNTER_OPACKETS, 1); if_inc_counter(sc->sc_ifp, IFCOUNTER_OBYTES, m->m_pkthdr.len); - sc->sc_len = PFSYNC_MINPKT; + b->b_len = PFSYNC_MINPKT; - if (!_IF_QFULL(&sc->sc_ifp->if_snd)) - _IF_ENQUEUE(&sc->sc_ifp->if_snd, m); + if (!_IF_QFULL(&b->b_snd)) + _IF_ENQUEUE(&b->b_snd, m); else { m_freem(m); if_inc_counter(sc->sc_ifp, IFCOUNTER_OQDROPS, 1); @@ -1659,6 +1715,7 @@ static void pfsync_insert_state(struct pf_state *st) { struct pfsync_softc *sc = V_pfsyncif; + struct pfsync_bucket *b = pfsync_get_bucket(sc, st); if (st->state_flags & PFSTATE_NOSYNC) return; @@ -1672,12 +1729,12 @@ pfsync_insert_state(struct pf_state *st) KASSERT(st->sync_state == PFSYNC_S_NONE, ("%s: st->sync_state %u", __func__, st->sync_state)); - PFSYNC_LOCK(sc); - if (sc->sc_len == PFSYNC_MINPKT) - callout_reset(&sc->sc_tmo, 1 * hz, pfsync_timeout, V_pfsyncif); + PFSYNC_BUCKET_LOCK(b); + if (b->b_len == PFSYNC_MINPKT) + callout_reset(&b->b_tmo, 1 * hz, pfsync_timeout, b); pfsync_q_ins(st, PFSYNC_S_INS, true); - PFSYNC_UNLOCK(sc); + PFSYNC_BUCKET_UNLOCK(b); st->sync_updates = 0; } @@ -1687,6 +1744,7 @@ pfsync_defer(struct pf_state *st, struct mbuf *m) { struct pfsync_softc *sc = V_pfsyncif; struct pfsync_deferral *pd; + struct pfsync_bucket *b = pfsync_get_bucket(sc, st); if (m->m_flags & (M_BCAST|M_MCAST)) return (0); @@ -1699,13 +1757,13 @@ pfsync_defer(struct pf_state *st, struct mbuf *m) return (0); } - if (sc->sc_deferred >= 128) - pfsync_undefer(TAILQ_FIRST(&sc->sc_deferrals), 0); + if (b->b_deferred >= 128) + pfsync_undefer(TAILQ_FIRST(&b->b_deferrals), 0); pd = malloc(sizeof(*pd), M_PFSYNC, M_NOWAIT); if (pd == NULL) return (0); - sc->sc_deferred++; + b->b_deferred++; m->m_flags |= M_SKIP_FIREWALL; st->state_flags |= PFSTATE_ACK; @@ -1716,11 +1774,11 @@ pfsync_defer(struct pf_state *st, struct mbuf *m) pf_ref_state(st); pd->pd_m = m; - TAILQ_INSERT_TAIL(&sc->sc_deferrals, pd, pd_entry); - callout_init_mtx(&pd->pd_tmo, &sc->sc_mtx, CALLOUT_RETURNUNLOCKED); + TAILQ_INSERT_TAIL(&b->b_deferrals, pd, pd_entry); + callout_init_mtx(&pd->pd_tmo, &b->b_mtx, CALLOUT_RETURNUNLOCKED); callout_reset(&pd->pd_tmo, 10, pfsync_defer_tmo, pd); - pfsync_push(sc); + pfsync_push(b); return (1); } @@ -1731,11 +1789,12 @@ pfsync_undefer(struct pfsync_deferral *pd, int drop) struct pfsync_softc *sc = pd->pd_sc; struct mbuf *m = pd->pd_m; struct pf_state *st = pd->pd_st; + struct pfsync_bucket *b = pfsync_get_bucket(sc, st); - PFSYNC_LOCK_ASSERT(sc); + PFSYNC_BUCKET_LOCK_ASSERT(b); - TAILQ_REMOVE(&sc->sc_deferrals, pd, pd_entry); - sc->sc_deferred--; + TAILQ_REMOVE(&b->b_deferrals, pd, pd_entry); + b->b_deferred--; pd->pd_st->state_flags &= ~PFSTATE_ACK; /* XXX: locking! */ free(pd, M_PFSYNC); pf_release_state(st); @@ -1743,8 +1802,8 @@ pfsync_undefer(struct pfsync_deferral *pd, int drop) if (drop) m_freem(m); else { - _IF_ENQUEUE(&sc->sc_ifp->if_snd, m); - pfsync_push(sc); + _IF_ENQUEUE(&b->b_snd, m); + pfsync_push(b); } } @@ -1755,13 +1814,14 @@ pfsync_defer_tmo(void *arg) struct pfsync_softc *sc = pd->pd_sc; struct mbuf *m = pd->pd_m; struct pf_state *st = pd->pd_st; + struct pfsync_bucket *b = pfsync_get_bucket(sc, st); - PFSYNC_LOCK_ASSERT(sc); + PFSYNC_BUCKET_LOCK_ASSERT(b); CURVNET_SET(m->m_pkthdr.rcvif->if_vnet); - TAILQ_REMOVE(&sc->sc_deferrals, pd, pd_entry); - sc->sc_deferred--; + TAILQ_REMOVE(&b->b_deferrals, pd, pd_entry); + b->b_deferred--; pd->pd_st->state_flags &= ~PFSTATE_ACK; /* XXX: locking! */ if (pd->pd_refs == 0) free(pd, M_PFSYNC); @@ -1779,40 +1839,52 @@ pfsync_undefer_state(struct pf_state *st, int drop) { struct pfsync_softc *sc = V_pfsyncif; struct pfsync_deferral *pd; + struct pfsync_bucket *b = pfsync_get_bucket(sc, st); - PFSYNC_LOCK_ASSERT(sc); + PFSYNC_BUCKET_LOCK(b); - TAILQ_FOREACH(pd, &sc->sc_deferrals, pd_entry) { + TAILQ_FOREACH(pd, &b->b_deferrals, pd_entry) { if (pd->pd_st == st) { if (callout_stop(&pd->pd_tmo) > 0) pfsync_undefer(pd, drop); + + PFSYNC_BUCKET_UNLOCK(b); return; } } + PFSYNC_BUCKET_UNLOCK(b); panic("%s: unable to find deferred state", __func__); } +static struct pfsync_bucket* +pfsync_get_bucket(struct pfsync_softc *sc, struct pf_state *st) +{ + int c = PF_IDHASH(st) % pfsync_buckets; + return &sc->sc_buckets[c]; +} + static void pfsync_update_state(struct pf_state *st) { struct pfsync_softc *sc = V_pfsyncif; bool sync = false, ref = true; + struct pfsync_bucket *b = pfsync_get_bucket(sc, st); PF_STATE_LOCK_ASSERT(st); - PFSYNC_LOCK(sc); + PFSYNC_BUCKET_LOCK(b); if (st->state_flags & PFSTATE_ACK) pfsync_undefer_state(st, 0); if (st->state_flags & PFSTATE_NOSYNC) { if (st->sync_state != PFSYNC_S_NONE) - pfsync_q_del(st, true); - PFSYNC_UNLOCK(sc); + pfsync_q_del(st, true, b); + PFSYNC_BUCKET_UNLOCK(b); return; } - if (sc->sc_len == PFSYNC_MINPKT) - callout_reset(&sc->sc_tmo, 1 * hz, pfsync_timeout, V_pfsyncif); + if (b->b_len == PFSYNC_MINPKT) + callout_reset(&b->b_tmo, 1 * hz, pfsync_timeout, b); switch (st->sync_state) { case PFSYNC_S_UPD_C: @@ -1828,7 +1900,7 @@ pfsync_update_state(struct pf_state *st) break; case PFSYNC_S_IACK: - pfsync_q_del(st, false); + pfsync_q_del(st, false, b); ref = false; /* FALLTHROUGH */ @@ -1842,26 +1914,27 @@ pfsync_update_state(struct pf_state *st) } if (sync || (time_uptime - st->pfsync_time) < 2) - pfsync_push(sc); + pfsync_push(b); - PFSYNC_UNLOCK(sc); + PFSYNC_BUCKET_UNLOCK(b); } static void pfsync_request_update(u_int32_t creatorid, u_int64_t id) { struct pfsync_softc *sc = V_pfsyncif; + struct pfsync_bucket *b = &sc->sc_buckets[0]; struct pfsync_upd_req_item *item; size_t nlen = sizeof(struct pfsync_upd_req); - PFSYNC_LOCK_ASSERT(sc); + PFSYNC_BUCKET_LOCK_ASSERT(b); /* * This code does a bit to prevent multiple update requests for the * same state being generated. It searches current subheader queue, * but it doesn't lookup into queue of already packed datagrams. */ - TAILQ_FOREACH(item, &sc->sc_upd_req_list, ur_entry) + TAILQ_FOREACH(item, &b->b_upd_req_list, ur_entry) if (item->ur_msg.id == id && item->ur_msg.creatorid == creatorid) return; @@ -1873,46 +1946,47 @@ pfsync_request_update(u_int32_t creatorid, u_int64_t id) item->ur_msg.id = id; item->ur_msg.creatorid = creatorid; - if (TAILQ_EMPTY(&sc->sc_upd_req_list)) + if (TAILQ_EMPTY(&b->b_upd_req_list)) nlen += sizeof(struct pfsync_subheader); - if (sc->sc_len + nlen > sc->sc_ifp->if_mtu) { - pfsync_sendout(1); + if (b->b_len + nlen > sc->sc_ifp->if_mtu) { + pfsync_sendout(1, 0); nlen = sizeof(struct pfsync_subheader) + sizeof(struct pfsync_upd_req); } - TAILQ_INSERT_TAIL(&sc->sc_upd_req_list, item, ur_entry); - sc->sc_len += nlen; + TAILQ_INSERT_TAIL(&b->b_upd_req_list, item, ur_entry); + b->b_len += nlen; } -static void +static bool pfsync_update_state_req(struct pf_state *st) { struct pfsync_softc *sc = V_pfsyncif; - bool ref = true; + bool ref = true, full = false; + struct pfsync_bucket *b = pfsync_get_bucket(sc, st); PF_STATE_LOCK_ASSERT(st); - PFSYNC_LOCK(sc); + PFSYNC_BUCKET_LOCK(b); if (st->state_flags & PFSTATE_NOSYNC) { if (st->sync_state != PFSYNC_S_NONE) - pfsync_q_del(st, true); - PFSYNC_UNLOCK(sc); - return; + pfsync_q_del(st, true, b); + PFSYNC_BUCKET_UNLOCK(b); + return (full); } switch (st->sync_state) { case PFSYNC_S_UPD_C: case PFSYNC_S_IACK: - pfsync_q_del(st, false); + pfsync_q_del(st, false, b); ref = false; /* FALLTHROUGH */ case PFSYNC_S_NONE: pfsync_q_ins(st, PFSYNC_S_UPD, ref); - pfsync_push(sc); + pfsync_push(b); break; case PFSYNC_S_INS: @@ -1925,38 +1999,44 @@ pfsync_update_state_req(struct pf_state *st) panic("%s: unexpected sync state %d", __func__, st->sync_state); } - PFSYNC_UNLOCK(sc); + if ((sc->sc_ifp->if_mtu - b->b_len) < sizeof(struct pfsync_state)) + full = true; + + PFSYNC_BUCKET_UNLOCK(b); + + return (full); } static void pfsync_delete_state(struct pf_state *st) { struct pfsync_softc *sc = V_pfsyncif; + struct pfsync_bucket *b = pfsync_get_bucket(sc, st); bool ref = true; - PFSYNC_LOCK(sc); + PFSYNC_BUCKET_LOCK(b); if (st->state_flags & PFSTATE_ACK) pfsync_undefer_state(st, 1); if (st->state_flags & PFSTATE_NOSYNC) { if (st->sync_state != PFSYNC_S_NONE) - pfsync_q_del(st, true); - PFSYNC_UNLOCK(sc); + pfsync_q_del(st, true, b); + PFSYNC_BUCKET_UNLOCK(b); return; } - if (sc->sc_len == PFSYNC_MINPKT) - callout_reset(&sc->sc_tmo, 1 * hz, pfsync_timeout, V_pfsyncif); + if (b->b_len == PFSYNC_MINPKT) + callout_reset(&b->b_tmo, 1 * hz, pfsync_timeout, b); switch (st->sync_state) { case PFSYNC_S_INS: /* We never got to tell the world so just forget about it. */ - pfsync_q_del(st, true); + pfsync_q_del(st, true, b); break; case PFSYNC_S_UPD_C: case PFSYNC_S_UPD: case PFSYNC_S_IACK: - pfsync_q_del(st, false); + pfsync_q_del(st, false, b); ref = false; /* FALLTHROUGH */ @@ -1968,13 +2048,12 @@ pfsync_delete_state(struct pf_state *st) panic("%s: unexpected sync state %d", __func__, st->sync_state); } - PFSYNC_UNLOCK(sc); + PFSYNC_BUCKET_UNLOCK(b); } static void pfsync_clear_states(u_int32_t creatorid, const char *ifname) { - struct pfsync_softc *sc = V_pfsyncif; struct { struct pfsync_subheader subh; struct pfsync_clr clr; @@ -1989,9 +2068,7 @@ pfsync_clear_states(u_int32_t creatorid, const char *ifname) strlcpy(r.clr.ifname, ifname, sizeof(r.clr.ifname)); r.clr.creatorid = creatorid; - PFSYNC_LOCK(sc); pfsync_send_plus(&r, sizeof(r)); - PFSYNC_UNLOCK(sc); } static void @@ -1999,48 +2076,48 @@ pfsync_q_ins(struct pf_state *st, int q, bool ref) { struct pfsync_softc *sc = V_pfsyncif; size_t nlen = pfsync_qs[q].len; + struct pfsync_bucket *b = pfsync_get_bucket(sc, st); - PFSYNC_LOCK_ASSERT(sc); + PFSYNC_BUCKET_LOCK_ASSERT(b); KASSERT(st->sync_state == PFSYNC_S_NONE, ("%s: st->sync_state %u", __func__, st->sync_state)); - KASSERT(sc->sc_len >= PFSYNC_MINPKT, ("pfsync pkt len is too low %zu", - sc->sc_len)); + KASSERT(b->b_len >= PFSYNC_MINPKT, ("pfsync pkt len is too low %zu", + b->b_len)); - if (TAILQ_EMPTY(&sc->sc_qs[q])) + if (TAILQ_EMPTY(&b->b_qs[q])) nlen += sizeof(struct pfsync_subheader); - if (sc->sc_len + nlen > sc->sc_ifp->if_mtu) { - pfsync_sendout(1); + if (b->b_len + nlen > sc->sc_ifp->if_mtu) { + pfsync_sendout(1, b->b_id); nlen = sizeof(struct pfsync_subheader) + pfsync_qs[q].len; } - sc->sc_len += nlen; - TAILQ_INSERT_TAIL(&sc->sc_qs[q], st, sync_list); + b->b_len += nlen; + TAILQ_INSERT_TAIL(&b->b_qs[q], st, sync_list); st->sync_state = q; if (ref) pf_ref_state(st); } static void -pfsync_q_del(struct pf_state *st, bool unref) +pfsync_q_del(struct pf_state *st, bool unref, struct pfsync_bucket *b) { - struct pfsync_softc *sc = V_pfsyncif; int q = st->sync_state; - PFSYNC_LOCK_ASSERT(sc); + PFSYNC_BUCKET_LOCK_ASSERT(b); KASSERT(st->sync_state != PFSYNC_S_NONE, ("%s: st->sync_state != PFSYNC_S_NONE", __func__)); - sc->sc_len -= pfsync_qs[q].len; - TAILQ_REMOVE(&sc->sc_qs[q], st, sync_list); + b->b_len -= pfsync_qs[q].len; + TAILQ_REMOVE(&b->b_qs[q], st, sync_list); st->sync_state = PFSYNC_S_NONE; if (unref) pf_release_state(st); - if (TAILQ_EMPTY(&sc->sc_qs[q])) - sc->sc_len -= sizeof(struct pfsync_subheader); + if (TAILQ_EMPTY(&b->b_qs[q])) + b->b_len -= sizeof(struct pfsync_subheader); } static void @@ -2094,23 +2171,19 @@ pfsync_bulk_update(void *arg) } for (; s; s = LIST_NEXT(s, entry)) { - - if (sent > 1 && (sc->sc_ifp->if_mtu - sc->sc_len) < - sizeof(struct pfsync_state)) { - /* We've filled a packet. */ - sc->sc_bulk_hashid = i; - sc->sc_bulk_stateid = s->id; - sc->sc_bulk_creatorid = s->creatorid; - PF_HASHROW_UNLOCK(ih); - callout_reset(&sc->sc_bulk_tmo, 1, - pfsync_bulk_update, sc); - goto full; - } - if (s->sync_state == PFSYNC_S_NONE && s->timeout < PFTM_MAX && s->pfsync_time <= sc->sc_ureq_received) { - pfsync_update_state_req(s); + if (pfsync_update_state_req(s)) { + /* We've filled a packet. */ + sc->sc_bulk_hashid = i; + sc->sc_bulk_stateid = s->id; + sc->sc_bulk_creatorid = s->creatorid; + PF_HASHROW_UNLOCK(ih); + callout_reset(&sc->sc_bulk_tmo, 1, + pfsync_bulk_update, sc); + goto full; + } sent++; } } @@ -2119,7 +2192,6 @@ pfsync_bulk_update(void *arg) /* We're done. */ pfsync_bulk_status(PFSYNC_BUS_END); - full: CURVNET_RESTORE(); } @@ -2144,15 +2216,14 @@ pfsync_bulk_status(u_int8_t status) r.bus.endtime = htonl(time_uptime - sc->sc_ureq_received); r.bus.status = status; - PFSYNC_LOCK(sc); pfsync_send_plus(&r, sizeof(r)); - PFSYNC_UNLOCK(sc); } static void pfsync_bulk_fail(void *arg) { struct pfsync_softc *sc = arg; + struct pfsync_bucket *b = &sc->sc_buckets[0]; CURVNET_SET(sc->sc_ifp->if_vnet); @@ -2162,9 +2233,9 @@ pfsync_bulk_fail(void *arg) /* Try again */ callout_reset(&sc->sc_bulkfail_tmo, 5 * hz, pfsync_bulk_fail, V_pfsyncif); - PFSYNC_LOCK(sc); + PFSYNC_BUCKET_LOCK(b); pfsync_request_update(0, 0); - PFSYNC_UNLOCK(sc); + PFSYNC_BUCKET_UNLOCK(b); } else { /* Pretend like the transfer was ok. */ sc->sc_ureq_sent = 0; @@ -2186,73 +2257,96 @@ static void pfsync_send_plus(void *plus, size_t pluslen) { struct pfsync_softc *sc = V_pfsyncif; + struct pfsync_bucket *b = &sc->sc_buckets[0]; - PFSYNC_LOCK_ASSERT(sc); + PFSYNC_BUCKET_LOCK(b); - if (sc->sc_len + pluslen > sc->sc_ifp->if_mtu) - pfsync_sendout(1); + if (b->b_len + pluslen > sc->sc_ifp->if_mtu) + pfsync_sendout(1, b->b_id); - sc->sc_plus = plus; - sc->sc_len += (sc->sc_pluslen = pluslen); + b->b_plus = plus; + b->b_len += (b->b_pluslen = pluslen); - pfsync_sendout(1); + pfsync_sendout(1, b->b_id); + PFSYNC_BUCKET_UNLOCK(b); } static void pfsync_timeout(void *arg) { - struct pfsync_softc *sc = arg; + struct pfsync_bucket *b = arg; - CURVNET_SET(sc->sc_ifp->if_vnet); - PFSYNC_LOCK(sc); - pfsync_push(sc); - PFSYNC_UNLOCK(sc); + CURVNET_SET(b->b_sc->sc_ifp->if_vnet); + PFSYNC_BUCKET_LOCK(b); + pfsync_push(b); + PFSYNC_BUCKET_UNLOCK(b); CURVNET_RESTORE(); } static void -pfsync_push(struct pfsync_softc *sc) +pfsync_push(struct pfsync_bucket *b) { - PFSYNC_LOCK_ASSERT(sc); + PFSYNC_BUCKET_LOCK_ASSERT(b); - sc->sc_flags |= PFSYNCF_PUSH; + b->b_flags |= PFSYNCF_BUCKET_PUSH; swi_sched(V_pfsync_swi_cookie, 0); } static void +pfsync_push_all(struct pfsync_softc *sc) +{ + int c; + struct pfsync_bucket *b; + + for (c = 0; c < pfsync_buckets; c++) { + b = &sc->sc_buckets[c]; + + PFSYNC_BUCKET_LOCK(b); + pfsync_push(b); + PFSYNC_BUCKET_UNLOCK(b); + } +} + +static void pfsyncintr(void *arg) { struct pfsync_softc *sc = arg; + struct pfsync_bucket *b; struct mbuf *m, *n; + int c; CURVNET_SET(sc->sc_ifp->if_vnet); - PFSYNC_LOCK(sc); - if ((sc->sc_flags & PFSYNCF_PUSH) && sc->sc_len > PFSYNC_MINPKT) { - pfsync_sendout(0); - sc->sc_flags &= ~PFSYNCF_PUSH; - } - _IF_DEQUEUE_ALL(&sc->sc_ifp->if_snd, m); - PFSYNC_UNLOCK(sc); + for (c = 0; c < pfsync_buckets; c++) { + b = &sc->sc_buckets[c]; - for (; m != NULL; m = n) { + PFSYNC_BUCKET_LOCK(b); + if ((b->b_flags & PFSYNCF_BUCKET_PUSH) && b->b_len > PFSYNC_MINPKT) { + pfsync_sendout(0, b->b_id); + b->b_flags &= ~PFSYNCF_BUCKET_PUSH; + } + _IF_DEQUEUE_ALL(&b->b_snd, m); + PFSYNC_BUCKET_UNLOCK(b); - n = m->m_nextpkt; - m->m_nextpkt = NULL; + for (; m != NULL; m = n) { - /* - * We distinguish between a deferral packet and our - * own pfsync packet based on M_SKIP_FIREWALL - * flag. This is XXX. - */ - if (m->m_flags & M_SKIP_FIREWALL) - ip_output(m, NULL, NULL, 0, NULL, NULL); - else if (ip_output(m, NULL, NULL, IP_RAWOUTPUT, &sc->sc_imo, - NULL) == 0) - V_pfsyncstats.pfsyncs_opackets++; - else - V_pfsyncstats.pfsyncs_oerrors++; + n = m->m_nextpkt; + m->m_nextpkt = NULL; + + /* + * We distinguish between a deferral packet and our + * own pfsync packet based on M_SKIP_FIREWALL + * flag. This is XXX. + */ + if (m->m_flags & M_SKIP_FIREWALL) + ip_output(m, NULL, NULL, 0, NULL, NULL); + else if (ip_output(m, NULL, NULL, IP_RAWOUTPUT, &sc->sc_imo, + NULL) == 0) + V_pfsyncstats.pfsyncs_opackets++; + else + V_pfsyncstats.pfsyncs_oerrors++; + } } CURVNET_RESTORE(); } diff --git a/sys/netpfil/pf/pf_if.c b/sys/netpfil/pf/pf_if.c index 76b8d4abd5af..37203e04add6 100644 --- a/sys/netpfil/pf/pf_if.c +++ b/sys/netpfil/pf/pf_if.c @@ -853,7 +853,8 @@ pfi_detach_ifnet_event(void *arg __unused, struct ifnet *ifp) V_pfi_update++; pfi_kif_update(kif); - if_rele(kif->pfik_ifp); + if (kif->pfik_ifp) + if_rele(kif->pfik_ifp); kif->pfik_ifp = NULL; ifp->if_pf_kif = NULL; diff --git a/sys/netpfil/pf/pf_lb.c b/sys/netpfil/pf/pf_lb.c index 9c04225cc172..030e7ee76841 100644 --- a/sys/netpfil/pf/pf_lb.c +++ b/sys/netpfil/pf/pf_lb.c @@ -293,6 +293,10 @@ pf_get_sport(sa_family_t af, u_int8_t proto, struct pf_rule *r, switch (r->rpool.opts & PF_POOL_TYPEMASK) { case PF_POOL_RANDOM: case PF_POOL_ROUNDROBIN: + /* + * pick a different source address since we're out + * of free port choices for the current one. + */ if (pf_map_addr(af, r, saddr, naddr, &init_addr, sn)) return (1); break; diff --git a/sys/ofed/drivers/infiniband/core/ib_addr.c b/sys/ofed/drivers/infiniband/core/ib_addr.c index 4545bee29c7c..a56219ae48a0 100644 --- a/sys/ofed/drivers/infiniband/core/ib_addr.c +++ b/sys/ofed/drivers/infiniband/core/ib_addr.c @@ -185,7 +185,7 @@ int rdma_translate_ip(const struct sockaddr *addr, #ifdef INET6 case AF_INET6: dev = ip6_dev_find(dev_addr->net, - ((const struct sockaddr_in6 *)addr)->sin6_addr); + ((const struct sockaddr_in6 *)addr)->sin6_addr, 0); break; #endif default: @@ -525,7 +525,7 @@ static int addr6_resolve(struct sockaddr_in6 *src_in, if (addr->bound_dev_if != 0) { ifp = dev_get_by_index(addr->net, addr->bound_dev_if); } else { - ifp = ip6_dev_find(addr->net, src_in->sin6_addr); + ifp = ip6_dev_find(addr->net, src_in->sin6_addr, 0); } /* check source interface */ @@ -649,8 +649,13 @@ static int addr_resolve_neigh(struct ifnet *dev, if (dev->if_flags & IFF_LOOPBACK) { int ret; - /* find real device, not loopback one */ - addr->bound_dev_if = 0; + /* + * Binding to a loopback device is not allowed. Make + * sure the destination device address is global by + * clearing the bound device interface: + */ + if (addr->bound_dev_if == dev->if_index) + addr->bound_dev_if = 0; ret = rdma_translate_ip(dst_in, addr); if (ret == 0) { diff --git a/sys/ofed/drivers/infiniband/core/ib_cm.c b/sys/ofed/drivers/infiniband/core/ib_cm.c index b903eeab4a3c..753d3ca00e46 100644 --- a/sys/ofed/drivers/infiniband/core/ib_cm.c +++ b/sys/ofed/drivers/infiniband/core/ib_cm.c @@ -332,11 +332,19 @@ out: return ret; } -static int cm_alloc_response_msg(struct cm_port *port, - struct ib_mad_recv_wc *mad_recv_wc, - struct ib_mad_send_buf **msg) +static struct ib_mad_send_buf *cm_alloc_response_msg_no_ah(struct cm_port *port, + struct ib_mad_recv_wc *mad_recv_wc) +{ + return ib_create_send_mad(port->mad_agent, 1, mad_recv_wc->wc->pkey_index, + 0, IB_MGMT_MAD_HDR, IB_MGMT_MAD_DATA, + GFP_ATOMIC, + IB_MGMT_BASE_VERSION); +} + +static int cm_create_response_msg_ah(struct cm_port *port, + struct ib_mad_recv_wc *mad_recv_wc, + struct ib_mad_send_buf *msg) { - struct ib_mad_send_buf *m; struct ib_ah *ah; ah = ib_create_ah_from_wc(port->mad_agent->qp->pd, mad_recv_wc->wc, @@ -344,27 +352,40 @@ static int cm_alloc_response_msg(struct cm_port *port, if (IS_ERR(ah)) return PTR_ERR(ah); - m = ib_create_send_mad(port->mad_agent, 1, mad_recv_wc->wc->pkey_index, - 0, IB_MGMT_MAD_HDR, IB_MGMT_MAD_DATA, - GFP_ATOMIC, - IB_MGMT_BASE_VERSION); - if (IS_ERR(m)) { - ib_destroy_ah(ah); - return PTR_ERR(m); - } - m->ah = ah; - *msg = m; + msg->ah = ah; return 0; } static void cm_free_msg(struct ib_mad_send_buf *msg) { - ib_destroy_ah(msg->ah); + if (msg->ah) + ib_destroy_ah(msg->ah); if (msg->context[0]) cm_deref_id(msg->context[0]); ib_free_send_mad(msg); } +static int cm_alloc_response_msg(struct cm_port *port, + struct ib_mad_recv_wc *mad_recv_wc, + struct ib_mad_send_buf **msg) +{ + struct ib_mad_send_buf *m; + int ret; + + m = cm_alloc_response_msg_no_ah(port, mad_recv_wc); + if (IS_ERR(m)) + return PTR_ERR(m); + + ret = cm_create_response_msg_ah(port, mad_recv_wc, m); + if (ret) { + cm_free_msg(m); + return ret; + } + + *msg = m; + return 0; +} + static void * cm_copy_private_data(const void *private_data, u8 private_data_len) { @@ -390,13 +411,13 @@ static void cm_set_private_data(struct cm_id_private *cm_id_priv, cm_id_priv->private_data_len = private_data_len; } -static void cm_init_av_for_response(struct cm_port *port, struct ib_wc *wc, - struct ib_grh *grh, struct cm_av *av) +static int cm_init_av_for_response(struct cm_port *port, struct ib_wc *wc, + struct ib_grh *grh, struct cm_av *av) { av->port = port; av->pkey_index = wc->pkey_index; - ib_init_ah_from_wc(port->cm_dev->ib_device, port->port_num, wc, - grh, &av->ah_attr); + return ib_init_ah_from_wc(port->cm_dev->ib_device, port->port_num, wc, + grh, &av->ah_attr); } static int cm_init_av_by_path(struct ib_sa_path_rec *path, struct cm_av *av, @@ -1678,9 +1699,11 @@ static int cm_req_handler(struct cm_work *work) cm_id_priv = container_of(cm_id, struct cm_id_private, id); cm_id_priv->id.remote_id = req_msg->local_comm_id; - cm_init_av_for_response(work->port, work->mad_recv_wc->wc, - work->mad_recv_wc->recv_buf.grh, - &cm_id_priv->av); + ret = cm_init_av_for_response(work->port, work->mad_recv_wc->wc, + work->mad_recv_wc->recv_buf.grh, + &cm_id_priv->av); + if (ret) + goto destroy; cm_id_priv->timewait_info = cm_create_timewait_info(cm_id_priv-> id.local_id); if (IS_ERR(cm_id_priv->timewait_info)) { @@ -2329,7 +2352,8 @@ static int cm_dreq_handler(struct cm_work *work) case IB_CM_TIMEWAIT: atomic_long_inc(&work->port->counter_group[CM_RECV_DUPLICATES]. counter[CM_DREQ_COUNTER]); - if (cm_alloc_response_msg(work->port, work->mad_recv_wc, &msg)) + msg = cm_alloc_response_msg_no_ah(work->port, work->mad_recv_wc); + if (IS_ERR(msg)) goto unlock; cm_format_drep((struct cm_drep_msg *) msg->mad, cm_id_priv, @@ -2337,7 +2361,8 @@ static int cm_dreq_handler(struct cm_work *work) cm_id_priv->private_data_len); spin_unlock_irq(&cm_id_priv->lock); - if (ib_post_send_mad(msg, NULL)) + if (cm_create_response_msg_ah(work->port, work->mad_recv_wc, msg) || + ib_post_send_mad(msg, NULL)) cm_free_msg(msg); goto deref; case IB_CM_DREQ_RCVD: @@ -2882,7 +2907,8 @@ static int cm_lap_handler(struct cm_work *work) case IB_CM_MRA_LAP_SENT: atomic_long_inc(&work->port->counter_group[CM_RECV_DUPLICATES]. counter[CM_LAP_COUNTER]); - if (cm_alloc_response_msg(work->port, work->mad_recv_wc, &msg)) + msg = cm_alloc_response_msg_no_ah(work->port, work->mad_recv_wc); + if (IS_ERR(msg)) goto unlock; cm_format_mra((struct cm_mra_msg *) msg->mad, cm_id_priv, @@ -2892,7 +2918,8 @@ static int cm_lap_handler(struct cm_work *work) cm_id_priv->private_data_len); spin_unlock_irq(&cm_id_priv->lock); - if (ib_post_send_mad(msg, NULL)) + if (cm_create_response_msg_ah(work->port, work->mad_recv_wc, msg) || + ib_post_send_mad(msg, NULL)) cm_free_msg(msg); goto deref; case IB_CM_LAP_RCVD: @@ -2905,11 +2932,15 @@ static int cm_lap_handler(struct cm_work *work) cm_id_priv->id.lap_state = IB_CM_LAP_RCVD; cm_id_priv->tid = lap_msg->hdr.tid; - cm_init_av_for_response(work->port, work->mad_recv_wc->wc, - work->mad_recv_wc->recv_buf.grh, - &cm_id_priv->av); - cm_init_av_by_path(param->alternate_path, &cm_id_priv->alt_av, - cm_id_priv); + ret = cm_init_av_for_response(work->port, work->mad_recv_wc->wc, + work->mad_recv_wc->recv_buf.grh, + &cm_id_priv->av); + if (ret) + goto unlock; + ret = cm_init_av_by_path(param->alternate_path, &cm_id_priv->alt_av, + cm_id_priv); + if (ret) + goto unlock; ret = atomic_inc_and_test(&cm_id_priv->work_count); if (!ret) list_add_tail(&work->list, &cm_id_priv->work_list); @@ -3162,6 +3193,7 @@ static int cm_sidr_req_handler(struct cm_work *work) struct cm_id_private *cm_id_priv, *cur_cm_id_priv; struct cm_sidr_req_msg *sidr_req_msg; struct ib_wc *wc; + int ret; cm_id = ib_create_cm_id(work->port->cm_dev->ib_device, NULL, NULL); if (IS_ERR(cm_id)) @@ -3174,9 +3206,11 @@ static int cm_sidr_req_handler(struct cm_work *work) wc = work->mad_recv_wc->wc; cm_id_priv->av.dgid.global.subnet_prefix = cpu_to_be64(wc->slid); cm_id_priv->av.dgid.global.interface_id = 0; - cm_init_av_for_response(work->port, work->mad_recv_wc->wc, - work->mad_recv_wc->recv_buf.grh, - &cm_id_priv->av); + ret = cm_init_av_for_response(work->port, work->mad_recv_wc->wc, + work->mad_recv_wc->recv_buf.grh, + &cm_id_priv->av); + if (ret) + goto out; cm_id_priv->id.remote_id = sidr_req_msg->request_id; cm_id_priv->tid = sidr_req_msg->hdr.tid; atomic_inc(&cm_id_priv->work_count); diff --git a/sys/ofed/drivers/infiniband/core/ib_cma.c b/sys/ofed/drivers/infiniband/core/ib_cma.c index 0e20a04b3464..df527e698872 100644 --- a/sys/ofed/drivers/infiniband/core/ib_cma.c +++ b/sys/ofed/drivers/infiniband/core/ib_cma.c @@ -621,16 +621,19 @@ static int cma_acquire_dev(struct rdma_id_private *id_priv, if (listen_id_priv) { cma_dev = listen_id_priv->cma_dev; port = listen_id_priv->id.port_num; - gidp = rdma_protocol_roce(cma_dev->device, port) ? - &iboe_gid : &gid; - - ret = cma_validate_port(cma_dev->device, port, - rdma_protocol_ib(cma_dev->device, port) ? - IB_GID_TYPE_IB : - listen_id_priv->gid_type, gidp, dev_addr); - if (!ret) { - id_priv->id.port_num = port; - goto out; + + if (rdma_is_port_valid(cma_dev->device, port)) { + gidp = rdma_protocol_roce(cma_dev->device, port) ? + &iboe_gid : &gid; + + ret = cma_validate_port(cma_dev->device, port, + rdma_protocol_ib(cma_dev->device, port) ? + IB_GID_TYPE_IB : + listen_id_priv->gid_type, gidp, dev_addr); + if (!ret) { + id_priv->id.port_num = port; + goto out; + } } } @@ -1289,6 +1292,12 @@ static bool validate_ipv4_net_dev(struct net_device *net_dev, dev_put(dst_dev); /* + * Check for loopback. + */ + if (saddr == daddr) + return true; + + /* * Make sure the socket address length field * is set, else rtalloc1() will fail. */ @@ -1315,17 +1324,19 @@ static bool validate_ipv6_net_dev(struct net_device *net_dev, { #ifdef INET6 struct sockaddr_in6 src_tmp = *src_addr; - struct in6_addr in6_addr = dst_addr->sin6_addr; + struct sockaddr_in6 dst_tmp = *dst_addr; struct net_device *dst_dev; struct rtentry *rte; bool ret; - dst_dev = ip6_dev_find(net_dev->if_vnet, in6_addr); + dst_dev = ip6_dev_find(net_dev->if_vnet, dst_tmp.sin6_addr, + net_dev->if_index); if (dst_dev != net_dev) { if (dst_dev != NULL) dev_put(dst_dev); return false; } + dev_put(dst_dev); CURVNET_SET(net_dev->if_vnet); @@ -1342,12 +1353,25 @@ static bool validate_ipv6_net_dev(struct net_device *net_dev, src_tmp.sin6_scope_id = net_dev->if_index; sa6_embedscope(&src_tmp, 0); - rte = rtalloc1((struct sockaddr *)&src_tmp, 1, 0); - if (rte != NULL) { - ret = (rte->rt_ifp == net_dev); - RTFREE_LOCKED(rte); + dst_tmp.sin6_scope_id = net_dev->if_index; + sa6_embedscope(&dst_tmp, 0); + + /* + * Check for loopback after scope ID + * has been embedded: + */ + if (memcmp(&src_tmp.sin6_addr, &dst_tmp.sin6_addr, + sizeof(dst_tmp.sin6_addr)) == 0) { + ret = true; } else { - ret = false; + /* non-loopback case */ + rte = rtalloc1((struct sockaddr *)&src_tmp, 1, 0); + if (rte != NULL) { + ret = (rte->rt_ifp == net_dev); + RTFREE_LOCKED(rte); + } else { + ret = false; + } } CURVNET_RESTORE(); return ret; diff --git a/sys/ofed/drivers/infiniband/core/ib_iwcm.c b/sys/ofed/drivers/infiniband/core/ib_iwcm.c index 776a31a05327..a684eb3b566b 100644 --- a/sys/ofed/drivers/infiniband/core/ib_iwcm.c +++ b/sys/ofed/drivers/infiniband/core/ib_iwcm.c @@ -308,9 +308,9 @@ int iw_cm_disconnect(struct iw_cm_id *cm_id, int abrupt) if (qp) { if (abrupt) - ret = iwcm_modify_qp_err(qp); + (void) iwcm_modify_qp_err(qp); else - ret = iwcm_modify_qp_sqd(qp); + (void) iwcm_modify_qp_sqd(qp); /* * If both sides are disconnecting the QP could diff --git a/sys/ofed/drivers/infiniband/core/ib_mad.c b/sys/ofed/drivers/infiniband/core/ib_mad.c index 514ec6212b18..7bb6323a4c53 100644 --- a/sys/ofed/drivers/infiniband/core/ib_mad.c +++ b/sys/ofed/drivers/infiniband/core/ib_mad.c @@ -1753,7 +1753,7 @@ find_mad_agent(struct ib_mad_port_private *port_priv, if (!class) goto out; if (convert_mgmt_class(mad_hdr->mgmt_class) >= - IB_MGMT_MAX_METHODS) + ARRAY_SIZE(class->method_table)) goto out; method = class->method_table[convert_mgmt_class( mad_hdr->mgmt_class)]; diff --git a/sys/ofed/drivers/infiniband/core/ib_multicast.c b/sys/ofed/drivers/infiniband/core/ib_multicast.c index bf86a7661bbf..15e2c486bc0f 100644 --- a/sys/ofed/drivers/infiniband/core/ib_multicast.c +++ b/sys/ofed/drivers/infiniband/core/ib_multicast.c @@ -525,8 +525,9 @@ static void join_handler(int status, struct ib_sa_mcmember_rec *rec, process_join_error(group, status); else { int mgids_changed, is_mgid0; - ib_find_pkey(group->port->dev->device, group->port->port_num, - be16_to_cpu(rec->pkey), &pkey_index); + if (ib_find_pkey(group->port->dev->device, group->port->port_num, + be16_to_cpu(rec->pkey), &pkey_index)) + pkey_index = MCAST_INVALID_PKEY_INDEX; spin_lock_irq(&group->port->lock); if (group->state == MCAST_BUSY && diff --git a/sys/ofed/drivers/infiniband/core/ib_roce_gid_mgmt.c b/sys/ofed/drivers/infiniband/core/ib_roce_gid_mgmt.c index 1dae52bac08a..8bdd7aed1ea3 100644 --- a/sys/ofed/drivers/infiniband/core/ib_roce_gid_mgmt.c +++ b/sys/ofed/drivers/infiniband/core/ib_roce_gid_mgmt.c @@ -167,6 +167,7 @@ roce_gid_update_addr_callback(struct ib_device *device, u8 port, #if defined(INET) || defined(INET6) struct ifaddr *ifa; #endif + VNET_ITERATOR_DECL(vnet_iter); struct ib_gid_attr gid_attr; union ib_gid gid; int default_gids; @@ -180,9 +181,11 @@ roce_gid_update_addr_callback(struct ib_device *device, u8 port, /* make sure default GIDs are in */ default_gids = roce_gid_enum_netdev_default(device, port, ndev); - CURVNET_SET(ndev->if_vnet); - IFNET_RLOCK(); - CK_STAILQ_FOREACH(idev, &V_ifnet, if_link) { + VNET_LIST_RLOCK(); + VNET_FOREACH(vnet_iter) { + CURVNET_SET(vnet_iter); + IFNET_RLOCK(); + CK_STAILQ_FOREACH(idev, &V_ifnet, if_link) { if (idev != ndev) { if (idev->if_type != IFT_L2VLAN) continue; @@ -230,9 +233,11 @@ roce_gid_update_addr_callback(struct ib_device *device, u8 port, } #endif IF_ADDR_RUNLOCK(idev); + } + IFNET_RUNLOCK(); + CURVNET_RESTORE(); } - IFNET_RUNLOCK(); - CURVNET_RESTORE(); + VNET_LIST_RUNLOCK(); /* add missing GIDs, if any */ STAILQ_FOREACH(entry, &ipx_head, entry) { diff --git a/sys/ofed/drivers/infiniband/core/ib_sysfs.c b/sys/ofed/drivers/infiniband/core/ib_sysfs.c index 8485ec36cbd4..5f848a7a69db 100644 --- a/sys/ofed/drivers/infiniband/core/ib_sysfs.c +++ b/sys/ofed/drivers/infiniband/core/ib_sysfs.c @@ -258,8 +258,13 @@ static ssize_t rate_show(struct ib_port *p, struct port_attribute *unused, speed = " EDR"; rate = 250; break; + case IB_SPEED_HDR: + speed = " HDR"; + rate = 500; + break; case IB_SPEED_SDR: default: /* default to SDR for invalid rates */ + speed = " SDR"; rate = 25; break; } diff --git a/sys/ofed/drivers/infiniband/core/ib_user_mad.c b/sys/ofed/drivers/infiniband/core/ib_user_mad.c index 35d5940b4832..03414d5547f0 100644 --- a/sys/ofed/drivers/infiniband/core/ib_user_mad.c +++ b/sys/ofed/drivers/infiniband/core/ib_user_mad.c @@ -240,10 +240,13 @@ static void recv_handler(struct ib_mad_agent *agent, packet->mad.hdr.grh_present = !!(mad_recv_wc->wc->wc_flags & IB_WC_GRH); if (packet->mad.hdr.grh_present) { struct ib_ah_attr ah_attr; + int ret; - ib_init_ah_from_wc(agent->device, agent->port_num, - mad_recv_wc->wc, mad_recv_wc->recv_buf.grh, - &ah_attr); + ret = ib_init_ah_from_wc(agent->device, agent->port_num, + mad_recv_wc->wc, mad_recv_wc->recv_buf.grh, + &ah_attr); + if (ret) + goto err2; packet->mad.hdr.gid_index = ah_attr.grh.sgid_index; packet->mad.hdr.hop_limit = ah_attr.grh.hop_limit; diff --git a/sys/ofed/drivers/infiniband/core/ib_verbs.c b/sys/ofed/drivers/infiniband/core/ib_verbs.c index 660c9b8ea59b..2a2efb60558a 100644 --- a/sys/ofed/drivers/infiniband/core/ib_verbs.c +++ b/sys/ofed/drivers/infiniband/core/ib_verbs.c @@ -458,7 +458,7 @@ int ib_init_ah_from_wc(struct ib_device *device, u8 port_num, struct ib_ah_attr *ah_attr) { u32 flow_class; - u16 gid_index; + u16 gid_index = 0; int ret; enum rdma_network_type net_type = RDMA_NETWORK_IB; enum ib_gid_type gid_type = IB_GID_TYPE_IB; @@ -524,8 +524,6 @@ int ib_init_ah_from_wc(struct ib_device *device, u8 port_num, &gid_index); if (ret) return ret; - } else { - gid_index = 0; } } diff --git a/sys/ofed/drivers/infiniband/ulp/ipoib/ipoib.h b/sys/ofed/drivers/infiniband/ulp/ipoib/ipoib.h index 933a53eb12eb..70cb4a384235 100644 --- a/sys/ofed/drivers/infiniband/ulp/ipoib/ipoib.h +++ b/sys/ofed/drivers/infiniband/ulp/ipoib/ipoib.h @@ -133,8 +133,8 @@ enum { IPOIB_NUM_WC = 4, - IPOIB_MAX_PATH_REC_QUEUE = 3, - IPOIB_MAX_MCAST_QUEUE = 3, + IPOIB_MAX_PATH_REC_QUEUE = 16, + IPOIB_MAX_MCAST_QUEUE = 16, IPOIB_FLAG_OPER_UP = 0, IPOIB_FLAG_INITIALIZED = 1, @@ -518,7 +518,7 @@ void ipoib_path_iter_read(struct ipoib_path_iter *iter, struct ipoib_path *path); #endif -int ipoib_change_mtu(struct ipoib_dev_priv *priv, int new_mtu); +int ipoib_change_mtu(struct ipoib_dev_priv *priv, int new_mtu, bool propagate); int ipoib_mcast_attach(struct ipoib_dev_priv *priv, u16 mlid, union ib_gid *mgid, int set_qkey); diff --git a/sys/ofed/drivers/infiniband/ulp/ipoib/ipoib_ib.c b/sys/ofed/drivers/infiniband/ulp/ipoib/ipoib_ib.c index 7689cb0c3fe9..f3b13d8c1c51 100644 --- a/sys/ofed/drivers/infiniband/ulp/ipoib/ipoib_ib.c +++ b/sys/ofed/drivers/infiniband/ulp/ipoib/ipoib_ib.c @@ -710,6 +710,30 @@ static int recvs_pending(struct ipoib_dev_priv *priv) return pending; } +static void check_qp_movement_and_print(struct ipoib_dev_priv *priv, + struct ib_qp *qp, + enum ib_qp_state new_state) +{ + struct ib_qp_attr qp_attr; + struct ib_qp_init_attr query_init_attr; + int ret; + + ret = ib_query_qp(qp, &qp_attr, IB_QP_STATE, &query_init_attr); + if (ret) { + ipoib_warn(priv, "%s: Failed to query QP (%d)\n", __func__, ret); + return; + } + + /* print according to the new-state and the previous state */ + if (new_state == IB_QPS_ERR && qp_attr.qp_state == IB_QPS_RESET) { + ipoib_dbg(priv, "Failed to modify QP %d->%d, acceptable\n", + qp_attr.qp_state, new_state); + } else { + ipoib_warn(priv, "Failed to modify QP %d->%d\n", + qp_attr.qp_state, new_state); + } +} + void ipoib_drain_cq(struct ipoib_dev_priv *priv) { int i, n; @@ -761,7 +785,7 @@ int ipoib_ib_dev_stop(struct ipoib_dev_priv *priv, int flush) */ qp_attr.qp_state = IB_QPS_ERR; if (ib_modify_qp(priv->qp, &qp_attr, IB_QP_STATE)) - ipoib_warn(priv, "Failed to modify QP to ERROR state\n"); + check_qp_movement_and_print(priv, priv->qp, IB_QPS_ERR); /* Wait for all sends and receives to complete */ begin = jiffies; diff --git a/sys/ofed/drivers/infiniband/ulp/ipoib/ipoib_main.c b/sys/ofed/drivers/infiniband/ulp/ipoib/ipoib_main.c index 6a8995a98d09..f634496fb914 100644 --- a/sys/ofed/drivers/infiniband/ulp/ipoib/ipoib_main.c +++ b/sys/ofed/drivers/infiniband/ulp/ipoib/ipoib_main.c @@ -257,10 +257,34 @@ ipoib_stop(struct ipoib_dev_priv *priv) return 0; } +static int +ipoib_propagate_ifnet_mtu(struct ipoib_dev_priv *priv, int new_mtu, + bool propagate) +{ + struct ifnet *ifp; + struct ifreq ifr; + int error; + + ifp = priv->dev; + if (ifp->if_mtu == new_mtu) + return (0); + if (propagate) { + strlcpy(ifr.ifr_name, if_name(ifp), IFNAMSIZ); + ifr.ifr_mtu = new_mtu; + CURVNET_SET(ifp->if_vnet); + error = ifhwioctl(SIOCSIFMTU, ifp, (caddr_t)&ifr, curthread); + CURVNET_RESTORE(); + } else { + ifp->if_mtu = new_mtu; + error = 0; + } + return (error); +} + int -ipoib_change_mtu(struct ipoib_dev_priv *priv, int new_mtu) +ipoib_change_mtu(struct ipoib_dev_priv *priv, int new_mtu, bool propagate) { - struct ifnet *dev = priv->dev; + int error, prev_admin_mtu; /* dev->if_mtu > 2K ==> connected mode */ if (ipoib_cm_admin_enabled(priv)) { @@ -271,20 +295,23 @@ ipoib_change_mtu(struct ipoib_dev_priv *priv, int new_mtu) ipoib_warn(priv, "mtu > %d will cause multicast packet drops.\n", priv->mcast_mtu); - dev->if_mtu = new_mtu; - return 0; + return (ipoib_propagate_ifnet_mtu(priv, new_mtu, propagate)); } if (new_mtu > IPOIB_UD_MTU(priv->max_ib_mtu)) return -EINVAL; + prev_admin_mtu = priv->admin_mtu; priv->admin_mtu = new_mtu; - - dev->if_mtu = min(priv->mcast_mtu, priv->admin_mtu); - - queue_work(ipoib_workqueue, &priv->flush_light); - - return 0; + error = ipoib_propagate_ifnet_mtu(priv, min(priv->mcast_mtu, + priv->admin_mtu), propagate); + if (error == 0) { + /* check for MTU change to avoid infinite loop */ + if (prev_admin_mtu != new_mtu) + queue_work(ipoib_workqueue, &priv->flush_light); + } else + priv->admin_mtu = prev_admin_mtu; + return (error); } static int @@ -338,7 +365,7 @@ ipoib_ioctl(struct ifnet *ifp, u_long command, caddr_t data) /* * Set the interface MTU. */ - error = -ipoib_change_mtu(priv, ifr->ifr_mtu); + error = -ipoib_change_mtu(priv, ifr->ifr_mtu, false); break; default: error = EINVAL; diff --git a/sys/ofed/drivers/infiniband/ulp/ipoib/ipoib_multicast.c b/sys/ofed/drivers/infiniband/ulp/ipoib/ipoib_multicast.c index d5c972356d25..5d8deb732c1f 100644 --- a/sys/ofed/drivers/infiniband/ulp/ipoib/ipoib_multicast.c +++ b/sys/ofed/drivers/infiniband/ulp/ipoib/ipoib_multicast.c @@ -564,7 +564,8 @@ void ipoib_mcast_join_task(struct work_struct *work) spin_unlock_irq(&priv->lock); if (!ipoib_cm_admin_enabled(priv)) - ipoib_change_mtu(priv, min(priv->mcast_mtu, priv->admin_mtu)); + ipoib_change_mtu(priv, min(priv->mcast_mtu, priv->admin_mtu), + true); ipoib_dbg_mcast(priv, "successfully joined all multicast groups\n"); diff --git a/sys/powerpc/aim/locore32.S b/sys/powerpc/aim/locore32.S index 75089ff518ef..56033fcbaa44 100644 --- a/sys/powerpc/aim/locore32.S +++ b/sys/powerpc/aim/locore32.S @@ -33,6 +33,7 @@ #include <machine/param.h> #include <machine/spr.h> #include <machine/asm.h> +#include <machine/vmparam.h> #include "opt_platform.h" /* Locate the per-CPU data structure */ diff --git a/sys/powerpc/aim/locore64.S b/sys/powerpc/aim/locore64.S index ae2ef8f59323..2d1d160160a2 100644 --- a/sys/powerpc/aim/locore64.S +++ b/sys/powerpc/aim/locore64.S @@ -35,6 +35,7 @@ #include <machine/param.h> #include <machine/spr.h> #include <machine/asm.h> +#include <machine/vmparam.h> #ifdef _CALL_ELF .abiversion _CALL_ELF diff --git a/sys/powerpc/booke/booke_machdep.c b/sys/powerpc/booke/booke_machdep.c index e6b592d0db04..e95d1c886f8e 100644 --- a/sys/powerpc/booke/booke_machdep.c +++ b/sys/powerpc/booke/booke_machdep.c @@ -158,6 +158,7 @@ extern unsigned char __sbss_start[]; extern unsigned char __sbss_end[]; extern unsigned char _end[]; extern vm_offset_t __endkernel; +extern vm_paddr_t kernload; /* * Bootinfo is passed to us by legacy loaders. Save the address of the @@ -350,7 +351,7 @@ booke_init(u_long arg1, u_long arg2) end += fdt_totalsize((void *)dtbp); __endkernel = end; mdp = NULL; - } else if (arg1 > (uintptr_t)btext) /* FreeBSD loader */ + } else if (arg1 > (uintptr_t)kernload) /* FreeBSD loader */ mdp = (void *)arg1; else /* U-Boot */ mdp = NULL; diff --git a/sys/powerpc/booke/locore.S b/sys/powerpc/booke/locore.S index bf3ae38ddb0a..c8c082b11fc4 100644 --- a/sys/powerpc/booke/locore.S +++ b/sys/powerpc/booke/locore.S @@ -113,7 +113,7 @@ __start: * - Create temp entry in the second AS (make sure it's not TLB[1]) * - Switch to temp mapping * - Map 64MB of RAM in TLB1[1] - * - Use AS=1, set EPN to KERNBASE and RPN to kernel load address + * - Use AS=0, set EPN to VM_MIN_KERNEL_ADDRESS and RPN to kernel load address * - Switch to TLB1[1] mapping * - Invalidate temp mapping * @@ -238,7 +238,7 @@ __start: mtspr SPR_MAS1, %r3 /* note TS was not filled, so it's TS=0 */ isync - LOAD_ADDR(%r3, KERNBASE) + LOAD_ADDR(%r3, VM_MIN_KERNEL_ADDRESS) ori %r3, %r3, (_TLB_ENTRY_SHARED | MAS2_M)@l /* WIMGE = 0b00100 */ mtspr SPR_MAS2, %r3 isync @@ -471,7 +471,7 @@ bp_kernload: mtspr SPR_MAS1, %r3 /* note TS was not filled, so it's TS=0 */ isync - LOAD_ADDR(%r3, KERNBASE) + LOAD_ADDR(%r3, VM_MIN_KERNEL_ADDRESS) ori %r3, %r3, (_TLB_ENTRY_SHARED | MAS2_M)@l /* WIMGE = 0b00100 */ mtspr SPR_MAS2, %r3 isync @@ -526,8 +526,8 @@ bp_kernload: 7: /* - * At this point we're running at virtual addresses KERNBASE and beyond so - * it's allowed to directly access all locations the kernel was linked + * At this point we're running at virtual addresses VM_MIN_KERNEL_ADDRESS and + * beyond so it's allowed to directly access all locations the kernel was linked * against. */ diff --git a/sys/powerpc/booke/pmap.c b/sys/powerpc/booke/pmap.c index ffda13bdf648..931814497d2f 100644 --- a/sys/powerpc/booke/pmap.c +++ b/sys/powerpc/booke/pmap.c @@ -1753,13 +1753,6 @@ mmu_booke_bootstrap(mmu_t mmu, vm_offset_t start, vm_offset_t kernelend) data_start = round_page(kernelend); data_end = data_start; - /* - * Addresses of preloaded modules (like file systems) use - * physical addresses. Make sure we relocate those into - * virtual addresses. - */ - preload_addr_relocate = kernstart - kernload; - /* Allocate the dynamic per-cpu area. */ dpcpu = (void *)data_end; data_end += DPCPU_SIZE; @@ -1830,8 +1823,8 @@ mmu_booke_bootstrap(mmu_t mmu, vm_offset_t start, vm_offset_t kernelend) copy_page_dst_va = virtual_avail; virtual_avail += PAGE_SIZE; debugf("zero_page_va = 0x%"PRI0ptrX"\n", zero_page_va); - debugf("copy_page_src_va = 0x"PRI0ptrX"\n", copy_page_src_va); - debugf("copy_page_dst_va = 0x"PRI0ptrX"\n", copy_page_dst_va); + debugf("copy_page_src_va = 0x%"PRI0ptrX"\n", copy_page_src_va); + debugf("copy_page_dst_va = 0x%"PRI0ptrX"\n", copy_page_dst_va); /* Initialize page zero/copy mutexes. */ mtx_init(&zero_page_mutex, "mmu_booke_zero_page", NULL, MTX_DEF); @@ -1840,15 +1833,15 @@ mmu_booke_bootstrap(mmu_t mmu, vm_offset_t start, vm_offset_t kernelend) /* Allocate KVA space for ptbl bufs. */ ptbl_buf_pool_vabase = virtual_avail; virtual_avail += PTBL_BUFS * PTBL_PAGES * PAGE_SIZE; - debugf("ptbl_buf_pool_vabase = 0x"PRI0ptrX" end = 0x"PRI0ptrX"\n", + debugf("ptbl_buf_pool_vabase = 0x%"PRI0ptrX" end = 0x%"PRI0ptrX"\n", ptbl_buf_pool_vabase, virtual_avail); /* Calculate corresponding physical addresses for the kernel region. */ phys_kernelend = kernload + kernsize; debugf("kernel image and allocated data:\n"); debugf(" kernload = 0x%09llx\n", (uint64_t)kernload); - debugf(" kernstart = 0x"PRI0ptrX"\n", kernstart); - debugf(" kernsize = 0x"PRI0ptrX"\n", kernsize); + debugf(" kernstart = 0x%"PRI0ptrX"\n", kernstart); + debugf(" kernsize = 0x%"PRI0ptrX"\n", kernsize); if (sizeof(phys_avail) / sizeof(phys_avail[0]) < availmem_regions_sz) panic("mmu_booke_bootstrap: phys_avail too small"); @@ -2268,7 +2261,7 @@ mmu_booke_kremove(mmu_t mmu, vm_offset_t va) { pte_t *pte; - CTR2(KTR_PMAP,"%s: s (va = 0x"PRI0ptrX")\n", __func__, va); + CTR2(KTR_PMAP,"%s: s (va = 0x%"PRI0ptrX")\n", __func__, va); KASSERT(((va >= VM_MIN_KERNEL_ADDRESS) && (va <= VM_MAX_KERNEL_ADDRESS)), @@ -2725,7 +2718,7 @@ mmu_booke_activate(mmu_t mmu, struct thread *td) pmap = &td->td_proc->p_vmspace->vm_pmap; - CTR5(KTR_PMAP, "%s: s (td = %p, proc = '%s', id = %d, pmap = 0x"PRI0ptrX")", + CTR5(KTR_PMAP, "%s: s (td = %p, proc = '%s', id = %d, pmap = 0x%"PRI0ptrX")", __func__, td, td->td_proc->p_comm, td->td_proc->p_pid, pmap); KASSERT((pmap != kernel_pmap), ("mmu_booke_activate: kernel_pmap!")); @@ -2761,7 +2754,7 @@ mmu_booke_deactivate(mmu_t mmu, struct thread *td) pmap = &td->td_proc->p_vmspace->vm_pmap; - CTR5(KTR_PMAP, "%s: td=%p, proc = '%s', id = %d, pmap = 0x"PRI0ptrX, + CTR5(KTR_PMAP, "%s: td=%p, proc = '%s', id = %d, pmap = 0x%"PRI0ptrX, __func__, td, td->td_proc->p_comm, td->td_proc->p_pid, pmap); td->td_pcb->pcb_cpu.booke.dbcr0 = mfspr(SPR_DBCR0); diff --git a/sys/powerpc/booke/spe.c b/sys/powerpc/booke/spe.c index 3d8134300bca..b553337bf1d8 100644 --- a/sys/powerpc/booke/spe.c +++ b/sys/powerpc/booke/spe.c @@ -464,17 +464,17 @@ spe_handle_fpdata(struct trapframe *frame) switch (instr_sec_op) { case EVFSABS: curthread->td_pcb->pcb_vec.vr[rd][0] = - curthread->td_pcb->pcb_vec.vr[ra][0] & ~(1U << 31); + curthread->td_pcb->pcb_vec.vr[ra][0] & ~(1U << 31); frame->fixreg[rd] = frame->fixreg[ra] & ~(1U << 31); break; case EVFSNABS: curthread->td_pcb->pcb_vec.vr[rd][0] = - curthread->td_pcb->pcb_vec.vr[ra][0] | (1U << 31); + curthread->td_pcb->pcb_vec.vr[ra][0] | (1U << 31); frame->fixreg[rd] = frame->fixreg[ra] | (1U << 31); break; case EVFSNEG: curthread->td_pcb->pcb_vec.vr[rd][0] = - curthread->td_pcb->pcb_vec.vr[ra][0] ^ (1U << 31); + curthread->td_pcb->pcb_vec.vr[ra][0] ^ (1U << 31); frame->fixreg[rd] = frame->fixreg[ra] ^ (1U << 31); break; default: @@ -542,15 +542,21 @@ spe_handle_fpdata(struct trapframe *frame) switch (instr_sec_op) { case EFDABS: curthread->td_pcb->pcb_vec.vr[rd][0] = - curthread->td_pcb->pcb_vec.vr[ra][0] & ~(1U << 31); + curthread->td_pcb->pcb_vec.vr[ra][0] & ~(1U << 31); + frame->fixreg[rd] = frame->fixreg[ra]; + enable_vec(curthread); break; case EFDNABS: curthread->td_pcb->pcb_vec.vr[rd][0] = - curthread->td_pcb->pcb_vec.vr[ra][0] | (1U << 31); + curthread->td_pcb->pcb_vec.vr[ra][0] | (1U << 31); + frame->fixreg[rd] = frame->fixreg[ra]; + enable_vec(curthread); break; case EFDNEG: curthread->td_pcb->pcb_vec.vr[rd][0] = - curthread->td_pcb->pcb_vec.vr[ra][0] ^ (1U << 31); + curthread->td_pcb->pcb_vec.vr[ra][0] ^ (1U << 31); + frame->fixreg[rd] = frame->fixreg[ra]; + enable_vec(curthread); break; case EFDCFS: spe_explode(&fpemu, &fpemu.fe_f3, SINGLE, diff --git a/sys/powerpc/conf/GENERIC b/sys/powerpc/conf/GENERIC index feb23b9866d6..2a5a3a865302 100644 --- a/sys/powerpc/conf/GENERIC +++ b/sys/powerpc/conf/GENERIC @@ -129,7 +129,6 @@ options AHC_ALLOW_MEMIO # Attempt to use memory mapped I/O device isp # Qlogic family device ispfw # Firmware module for Qlogic host adapters device mpt # LSI-Logic MPT-Fusion -device mps # LSI-Logic MPT-Fusion 2 device sym # NCR/Symbios/LSI Logic 53C8XX/53C1010/53C1510D # ATA/SCSI peripherals diff --git a/sys/powerpc/cpufreq/pmcr.c b/sys/powerpc/cpufreq/pmcr.c index 03cb4cde371f..681e053444d5 100644 --- a/sys/powerpc/cpufreq/pmcr.c +++ b/sys/powerpc/cpufreq/pmcr.c @@ -174,6 +174,7 @@ pmcr_settings(device_t dev, struct cf_setting *sets, int *count) for (i = 0; i < npstates; i++) { sets[i].freq = pstate_freqs[i]; sets[i].spec[0] = pstate_ids[i]; + sets[i].spec[1] = i; sets[i].dev = dev; } *count = npstates; @@ -189,13 +190,11 @@ pmcr_set(device_t dev, const struct cf_setting *set) if (set == NULL) return (EINVAL); - if (set->spec[0] < 0 || set->spec[0] > npstates) + if (set->spec[1] < 0 || set->spec[1] >= npstates) return (EINVAL); - pmcr = ((long)pstate_ids[set->spec[0]] << PMCR_LOWERPS_SHIFT) & - PMCR_LOWERPS_MASK; - pmcr |= ((long)pstate_ids[set->spec[0]] << PMCR_UPPERPS_SHIFT) & - PMCR_UPPERPS_MASK; + pmcr = ((long)set->spec[0] << PMCR_LOWERPS_SHIFT) & PMCR_LOWERPS_MASK; + pmcr |= ((long)set->spec[0] << PMCR_UPPERPS_SHIFT) & PMCR_UPPERPS_MASK; pmcr |= PMCR_VERSION_1; mtspr(SPR_PMCR, pmcr); @@ -228,6 +227,7 @@ pmcr_get(device_t dev, struct cf_setting *set) return (EINVAL); set->spec[0] = pstate; + set->spec[1] = i; set->freq = pstate_freqs[i]; set->dev = dev; diff --git a/sys/powerpc/include/vmparam.h b/sys/powerpc/include/vmparam.h index 7fb37217dc83..c534f590553e 100644 --- a/sys/powerpc/include/vmparam.h +++ b/sys/powerpc/include/vmparam.h @@ -106,13 +106,18 @@ #define FREEBSD32_USRSTACK FREEBSD32_SHAREDPAGE #ifdef __powerpc64__ +#ifndef LOCORE #define VM_MIN_KERNEL_ADDRESS 0xe000000000000000UL #define VM_MAX_KERNEL_ADDRESS 0xe0000007ffffffffUL +#else +#define VM_MIN_KERNEL_ADDRESS 0xe000000000000000 +#define VM_MAX_KERNEL_ADDRESS 0xe0000007ffffffff +#endif #define VM_MAX_SAFE_KERNEL_ADDRESS VM_MAX_KERNEL_ADDRESS #endif #ifdef AIM -#define KERNBASE 0x00100100UL /* start of kernel virtual */ +#define KERNBASE 0x00100100 /* start of kernel virtual */ #ifndef __powerpc64__ #define VM_MIN_KERNEL_ADDRESS ((vm_offset_t)KERNEL_SR << ADDR_SR_SHFT) diff --git a/sys/powerpc/mpc85xx/platform_mpc85xx.c b/sys/powerpc/mpc85xx/platform_mpc85xx.c index 5490755c018e..420e7b9b0b96 100644 --- a/sys/powerpc/mpc85xx/platform_mpc85xx.c +++ b/sys/powerpc/mpc85xx/platform_mpc85xx.c @@ -68,6 +68,7 @@ extern void *ap_pcpu; extern vm_paddr_t kernload; /* Kernel physical load address */ extern uint8_t __boot_page[]; /* Boot page body */ extern uint32_t bp_kernload; +extern vm_offset_t __startkernel; struct cpu_release { uint32_t entry_h; @@ -346,7 +347,7 @@ mpc85xx_smp_start_cpu_epapr(platform_t plat, struct pcpu *pc) rel_va = rel_page + (rel_pa & PAGE_MASK); pmap_kenter(rel_page, rel_pa & ~PAGE_MASK); rel = (struct cpu_release *)rel_va; - bptr = ((vm_paddr_t)(uintptr_t)__boot_page - KERNBASE) + kernload; + bptr = ((vm_paddr_t)(uintptr_t)__boot_page - __startkernel) + kernload; cpu_flush_dcache(__DEVOLATILE(struct cpu_release *,rel), sizeof(*rel)); rel->pir = pc->pc_cpuid; __asm __volatile("sync"); rel->entry_h = (bptr >> 32); @@ -415,7 +416,7 @@ mpc85xx_smp_start_cpu(platform_t plat, struct pcpu *pc) /* Flush caches to have our changes hit DRAM. */ cpu_flush_dcache(__boot_page, 4096); - bptr = ((vm_paddr_t)(uintptr_t)__boot_page - KERNBASE) + kernload; + bptr = ((vm_paddr_t)(uintptr_t)__boot_page - __startkernel) + kernload; KASSERT((bptr & 0xfff) == 0, ("%s: boot page is not aligned (%#jx)", __func__, (uintmax_t)bptr)); if (mpc85xx_is_qoriq()) { diff --git a/sys/powerpc/ofw/ofw_pcib_pci.c b/sys/powerpc/ofw/ofw_pcib_pci.c index 3cf3db16ee8c..480475afd0eb 100644 --- a/sys/powerpc/ofw/ofw_pcib_pci.c +++ b/sys/powerpc/ofw/ofw_pcib_pci.c @@ -86,7 +86,8 @@ struct ofw_pcib_softc { DEFINE_CLASS_1(pcib, ofw_pcib_pci_driver, ofw_pcib_pci_methods, sizeof(struct ofw_pcib_softc), pcib_driver); -DRIVER_MODULE(ofw_pcib, pci, ofw_pcib_pci_driver, pcib_devclass, 0, 0); +EARLY_DRIVER_MODULE(ofw_pcib, pci, ofw_pcib_pci_driver, pcib_devclass, 0, 0, + BUS_PASS_BUS); static int ofw_pcib_pci_probe(device_t dev) diff --git a/sys/powerpc/ofw/ofw_pcibus.c b/sys/powerpc/ofw/ofw_pcibus.c index 023a6c51b2d7..ed4e66dde207 100644 --- a/sys/powerpc/ofw/ofw_pcibus.c +++ b/sys/powerpc/ofw/ofw_pcibus.c @@ -100,7 +100,8 @@ static devclass_t pci_devclass; DEFINE_CLASS_1(pci, ofw_pcibus_driver, ofw_pcibus_methods, sizeof(struct pci_softc), pci_driver); -DRIVER_MODULE(ofw_pcibus, pcib, ofw_pcibus_driver, pci_devclass, 0, 0); +EARLY_DRIVER_MODULE(ofw_pcibus, pcib, ofw_pcibus_driver, pci_devclass, 0, 0, + BUS_PASS_BUS); MODULE_VERSION(ofw_pcibus, 1); MODULE_DEPEND(ofw_pcibus, pci, 1, 1, 1); diff --git a/sys/powerpc/ofw/openpic_ofw.c b/sys/powerpc/ofw/openpic_ofw.c index ecb71ce32503..6a66c8dce00b 100644 --- a/sys/powerpc/ofw/openpic_ofw.c +++ b/sys/powerpc/ofw/openpic_ofw.c @@ -95,9 +95,12 @@ static driver_t openpic_ofw_driver = { sizeof(struct openpic_softc), }; -DRIVER_MODULE(openpic, ofwbus, openpic_ofw_driver, openpic_devclass, 0, 0); -DRIVER_MODULE(openpic, simplebus, openpic_ofw_driver, openpic_devclass, 0, 0); -DRIVER_MODULE(openpic, macio, openpic_ofw_driver, openpic_devclass, 0, 0); +EARLY_DRIVER_MODULE(openpic, ofwbus, openpic_ofw_driver, openpic_devclass, + 0, 0, BUS_PASS_INTERRUPT); +EARLY_DRIVER_MODULE(openpic, simplebus, openpic_ofw_driver, openpic_devclass, + 0, 0, BUS_PASS_INTERRUPT); +EARLY_DRIVER_MODULE(openpic, macio, openpic_ofw_driver, openpic_devclass, 0, 0, + BUS_PASS_INTERRUPT); static int openpic_ofw_probe(device_t dev) diff --git a/sys/powerpc/powermac/cpcht.c b/sys/powerpc/powermac/cpcht.c index 8fba05eb2a3e..8905e89bc4cb 100644 --- a/sys/powerpc/powermac/cpcht.c +++ b/sys/powerpc/powermac/cpcht.c @@ -139,7 +139,8 @@ struct cpcht_softc { static devclass_t cpcht_devclass; DEFINE_CLASS_1(pcib, cpcht_driver, cpcht_methods, sizeof(struct cpcht_softc), ofw_pci_driver); -DRIVER_MODULE(cpcht, ofwbus, cpcht_driver, cpcht_devclass, 0, 0); +EARLY_DRIVER_MODULE(cpcht, ofwbus, cpcht_driver, cpcht_devclass, 0, 0, + BUS_PASS_BUS); #define CPCHT_IOPORT_BASE 0xf4000000UL /* Hardwired */ #define CPCHT_IOPORT_SIZE 0x00400000UL @@ -545,7 +546,8 @@ static driver_t openpic_cpcht_driver = { sizeof(struct openpic_cpcht_softc), }; -DRIVER_MODULE(openpic, unin, openpic_cpcht_driver, openpic_devclass, 0, 0); +EARLY_DRIVER_MODULE(openpic, unin, openpic_cpcht_driver, openpic_devclass, + 0, 0, BUS_PASS_INTERRUPT); static int openpic_cpcht_probe(device_t dev) diff --git a/sys/powerpc/powermac/macgpio.c b/sys/powerpc/powermac/macgpio.c index 4ba24a6dbfae..806ff54b905a 100644 --- a/sys/powerpc/powermac/macgpio.c +++ b/sys/powerpc/powermac/macgpio.c @@ -125,7 +125,8 @@ static driver_t macgpio_pci_driver = { devclass_t macgpio_devclass; -DRIVER_MODULE(macgpio, macio, macgpio_pci_driver, macgpio_devclass, 0, 0); +EARLY_DRIVER_MODULE(macgpio, macio, macgpio_pci_driver, macgpio_devclass, 0, 0, + BUS_PASS_BUS); struct macgpio_devinfo { struct ofw_bus_devinfo mdi_obdinfo; @@ -159,7 +160,7 @@ macgpio_attach(device_t dev) struct macgpio_devinfo *dinfo; phandle_t root, child, iparent; device_t cdev; - uint32_t irq; + uint32_t irq[2]; sc = device_get_softc(dev); root = sc->sc_node = ofw_bus_get_node(dev); @@ -192,13 +193,13 @@ macgpio_attach(device_t dev) resource_list_init(&dinfo->mdi_resources); - if (OF_getencprop(child, "interrupts", &irq, sizeof(irq)) == + if (OF_getencprop(child, "interrupts", irq, sizeof(irq)) == sizeof(irq)) { OF_searchencprop(child, "interrupt-parent", &iparent, sizeof(iparent)); resource_list_add(&dinfo->mdi_resources, SYS_RES_IRQ, - 0, MAP_IRQ(iparent, irq), MAP_IRQ(iparent, irq), - 1); + 0, MAP_IRQ(iparent, irq[0]), + MAP_IRQ(iparent, irq[0]), 1); } /* Fix messed-up offsets */ diff --git a/sys/powerpc/powermac/macio.c b/sys/powerpc/powermac/macio.c index f44a47ee5c40..797ffc86d4a6 100644 --- a/sys/powerpc/powermac/macio.c +++ b/sys/powerpc/powermac/macio.c @@ -135,7 +135,8 @@ static driver_t macio_pci_driver = { devclass_t macio_devclass; -DRIVER_MODULE(macio, pci, macio_pci_driver, macio_devclass, 0, 0); +EARLY_DRIVER_MODULE(macio, pci, macio_pci_driver, macio_devclass, 0, 0, + BUS_PASS_BUS); /* * PCI ID search table diff --git a/sys/powerpc/powermac/pmu.c b/sys/powerpc/powermac/pmu.c index a487aedd9376..501f63b56594 100644 --- a/sys/powerpc/powermac/pmu.c +++ b/sys/powerpc/powermac/pmu.c @@ -153,7 +153,8 @@ static driver_t pmu_driver = { static devclass_t pmu_devclass; -DRIVER_MODULE(pmu, macio, pmu_driver, pmu_devclass, 0, 0); +EARLY_DRIVER_MODULE(pmu, macio, pmu_driver, pmu_devclass, 0, 0, + BUS_PASS_RESOURCE); DRIVER_MODULE(adb, pmu, adb_driver, adb_devclass, 0, 0); static int pmuextint_probe(device_t); @@ -175,7 +176,8 @@ static driver_t pmuextint_driver = { static devclass_t pmuextint_devclass; -DRIVER_MODULE(pmuextint, macgpio, pmuextint_driver, pmuextint_devclass, 0, 0); +EARLY_DRIVER_MODULE(pmuextint, macgpio, pmuextint_driver, pmuextint_devclass, + 0, 0, BUS_PASS_RESOURCE); /* Make sure uhid is loaded, as it turns off some of the ADB emulation */ MODULE_DEPEND(pmu, usb, 1, 1, 1); diff --git a/sys/powerpc/powermac/smu.c b/sys/powerpc/powermac/smu.c index 23349098abcb..d70424cb0cdf 100644 --- a/sys/powerpc/powermac/smu.c +++ b/sys/powerpc/powermac/smu.c @@ -630,7 +630,8 @@ static driver_t doorbell_driver = { static devclass_t doorbell_devclass; -DRIVER_MODULE(smudoorbell, macgpio, doorbell_driver, doorbell_devclass, 0, 0); +EARLY_DRIVER_MODULE(smudoorbell, macgpio, doorbell_driver, doorbell_devclass, + 0, 0, BUS_PASS_SUPPORTDEV); static int doorbell_probe(device_t dev) diff --git a/sys/powerpc/powermac/uninorth.c b/sys/powerpc/powermac/uninorth.c index 314b3f8949b8..821564295c2d 100644 --- a/sys/powerpc/powermac/uninorth.c +++ b/sys/powerpc/powermac/uninorth.c @@ -146,7 +146,8 @@ static devclass_t unin_chip_devclass; */ static device_t unin_chip; -DRIVER_MODULE(unin, ofwbus, unin_chip_driver, unin_chip_devclass, 0, 0); +EARLY_DRIVER_MODULE(unin, ofwbus, unin_chip_driver, unin_chip_devclass, 0, 0, + BUS_PASS_BUS); /* * Add an interrupt to the dev's resource list if present diff --git a/sys/powerpc/powermac/uninorthpci.c b/sys/powerpc/powermac/uninorthpci.c index 72c7106f53f3..3a0a120b7a01 100644 --- a/sys/powerpc/powermac/uninorthpci.c +++ b/sys/powerpc/powermac/uninorthpci.c @@ -101,7 +101,8 @@ static devclass_t uninorth_devclass; DEFINE_CLASS_1(pcib, uninorth_driver, uninorth_methods, sizeof(struct uninorth_softc), ofw_pci_driver); -DRIVER_MODULE(uninorth, ofwbus, uninorth_driver, uninorth_devclass, 0, 0); +EARLY_DRIVER_MODULE(uninorth, ofwbus, uninorth_driver, uninorth_devclass, 0, 0, + BUS_PASS_BUS); static int uninorth_probe(device_t dev) diff --git a/sys/powerpc/powerpc/elf64_machdep.c b/sys/powerpc/powerpc/elf64_machdep.c index 74a13064bd41..9fd0964dc108 100644 --- a/sys/powerpc/powerpc/elf64_machdep.c +++ b/sys/powerpc/powerpc/elf64_machdep.c @@ -332,7 +332,7 @@ elf_reloc_internal(linker_file_t lf, Elf_Addr relocbase, const void *data, #if !defined(_CALL_ELF) || _CALL_ELF == 1 memcpy(where, (Elf_Addr *)addr, 3*sizeof(Elf_Addr)); #else - memcpy(where, (Elf_Addr *)addr, sizeof(Elf_Addr)); + *where = addr; #endif __asm __volatile("dcbst 0,%0; sync" :: "r"(where) : "memory"); break; diff --git a/sys/powerpc/powerpc/exec_machdep.c b/sys/powerpc/powerpc/exec_machdep.c index 718962ffcb6f..c506373ed5b5 100644 --- a/sys/powerpc/powerpc/exec_machdep.c +++ b/sys/powerpc/powerpc/exec_machdep.c @@ -124,6 +124,10 @@ static int grab_mcontext32(struct thread *td, mcontext32_t *, int flags); static int grab_mcontext(struct thread *, mcontext_t *, int); +#ifdef __powerpc64__ +extern struct sysentvec elf64_freebsd_sysvec_v2; +#endif + void sendsig(sig_t catcher, ksiginfo_t *ksi, sigset_t *mask) { @@ -785,6 +789,7 @@ freebsd32_getcontext(struct thread *td, struct freebsd32_getcontext_args *uap) if (uap->ucp == NULL) ret = EINVAL; else { + bzero(&uc, sizeof(uc)); get_mcontext32(td, &uc.uc_mcontext, GET_MC_CLEAR_RET); PROC_LOCK(td->td_proc); uc.uc_sigmask = td->td_sigmask; @@ -824,6 +829,7 @@ freebsd32_swapcontext(struct thread *td, struct freebsd32_swapcontext_args *uap) if (uap->oucp == NULL || uap->ucp == NULL) ret = EINVAL; else { + bzero(&uc, sizeof(uc)); get_mcontext32(td, &uc.uc_mcontext, GET_MC_CLEAR_RET); PROC_LOCK(td->td_proc); uc.uc_sigmask = td->td_sigmask; @@ -1012,11 +1018,18 @@ cpu_set_upcall(struct thread *td, void (*entry)(void *), void *arg, #endif } else { #ifdef __powerpc64__ - register_t entry_desc[3]; - (void)copyin((void *)entry, entry_desc, sizeof(entry_desc)); - tf->srr0 = entry_desc[0]; - tf->fixreg[2] = entry_desc[1]; - tf->fixreg[11] = entry_desc[2]; + if (td->td_proc->p_sysent == &elf64_freebsd_sysvec_v2) { + tf->srr0 = (register_t)entry; + /* ELFv2 ABI requires that the global entry point be in r12. */ + tf->fixreg[12] = (register_t)entry; + } + else { + register_t entry_desc[3]; + (void)copyin((void *)entry, entry_desc, sizeof(entry_desc)); + tf->srr0 = entry_desc[0]; + tf->fixreg[2] = entry_desc[1]; + tf->fixreg[11] = entry_desc[2]; + } tf->srr1 = psl_userset | PSL_FE_DFLT; #endif } diff --git a/sys/powerpc/powerpc/genassym.c b/sys/powerpc/powerpc/genassym.c index 359838e372cc..6847047dfdd2 100644 --- a/sys/powerpc/powerpc/genassym.c +++ b/sys/powerpc/powerpc/genassym.c @@ -225,7 +225,6 @@ ASSYM(TDF_NEEDRESCHED, TDF_NEEDRESCHED); ASSYM(SF_UC, offsetof(struct sigframe, sf_uc)); -ASSYM(KERNBASE, KERNBASE); ASSYM(DMAP_BASE_ADDRESS, DMAP_BASE_ADDRESS); ASSYM(MAXCOMLEN, MAXCOMLEN); diff --git a/sys/powerpc/powerpc/machdep.c b/sys/powerpc/powerpc/machdep.c index 9b83b39515a9..cde41ab70dbf 100644 --- a/sys/powerpc/powerpc/machdep.c +++ b/sys/powerpc/powerpc/machdep.c @@ -137,6 +137,10 @@ int cacheline_size = 32; #endif int hw_direct_map = 1; +#ifdef BOOKE +extern vm_paddr_t kernload; +#endif + extern void *ap_pcpu; struct pcpu __pcpu[MAXCPU]; @@ -295,6 +299,8 @@ powerpc_init(vm_offset_t fdt, vm_offset_t toc, vm_offset_t ofentry, void *mdp, #ifdef AIM if ((uintptr_t)&powerpc_init > DMAP_BASE_ADDRESS) md_offset = DMAP_BASE_ADDRESS; +#else /* BOOKE */ + md_offset = VM_MIN_KERNEL_ADDRESS - kernload; #endif preload_metadata = mdp; @@ -309,6 +315,11 @@ powerpc_init(vm_offset_t fdt, vm_offset_t toc, vm_offset_t ofentry, void *mdp, if (envp != NULL) envp += md_offset; init_static_kenv(envp, 0); + if (fdt == 0) { + fdt = MD_FETCH(kmdp, MODINFOMD_DTBP, uintptr_t); + if (fdt != 0) + fdt += md_offset; + } kernelendphys = MD_FETCH(kmdp, MODINFOMD_KERNEND, vm_offset_t); if (kernelendphys != 0) diff --git a/sys/powerpc/powerpc/mp_machdep.c b/sys/powerpc/powerpc/mp_machdep.c index 49e259ad50b9..10a87395b3c8 100644 --- a/sys/powerpc/powerpc/mp_machdep.c +++ b/sys/powerpc/powerpc/mp_machdep.c @@ -78,7 +78,7 @@ machdep_ap_bootstrap(void) __asm __volatile("msync; isync"); while (ap_letgo == 0) - __asm __volatile("or 27,27,27"); + __asm __volatile("or 31,31,31"); __asm __volatile("or 6,6,6"); /* diff --git a/sys/riscv/include/cpufunc.h b/sys/riscv/include/cpufunc.h index 625c17ebf7dc..91908db00be4 100644 --- a/sys/riscv/include/cpufunc.h +++ b/sys/riscv/include/cpufunc.h @@ -109,6 +109,13 @@ sfence_vma_page(uintptr_t addr) #define rdinstret() csr_read64(instret) #define rdhpmcounter(n) csr_read64(hpmcounter##n) +static __inline void +load_satp(uint64_t val) +{ + + __asm __volatile("csrw satp, %0" :: "r"(val)); +} + #define cpufunc_nullop() riscv_nullop() void riscv_nullop(void); diff --git a/sys/riscv/include/vmparam.h b/sys/riscv/include/vmparam.h index 090f06c70d6b..49c720e681c2 100644 --- a/sys/riscv/include/vmparam.h +++ b/sys/riscv/include/vmparam.h @@ -115,22 +115,23 @@ /** * Address space layout. * - * RISC-V implements up to a 48 bit virtual address space. The address space is - * split into 2 regions at each end of the 64 bit address space, with an - * out of range "hole" in the middle. + * RISC-V implements multiple paging modes with different virtual address space + * sizes: SV32, SV39 and SV48. SV39 permits a virtual address space size of + * 512GB and uses a three-level page table. Since this is large enough for most + * purposes, we currently use SV39 for both userland and the kernel, avoiding + * the extra translation step required by SV48. * - * We limit the size of the two spaces to 39 bits each. + * The address space is split into two regions at each end of the 64-bit address + * space: * - * Upper region: 0xffffffffffffffff - * 0xffffff8000000000 + * 0x0000000000000000 - 0x0000003fffffffff 256GB user map + * 0x0000004000000000 - 0xffffffbfffffffff unmappable + * 0xffffffc000000000 - 0xffffffc7ffffffff 32GB kernel map + * 0xffffffc800000000 - 0xffffffcfffffffff 32GB unused + * 0xffffffd000000000 - 0xffffffefffffffff 128GB direct map + * 0xfffffff000000000 - 0xffffffffffffffff 64GB unused * - * Hole: 0xffffff7fffffffff - * 0x0000008000000000 - * - * Lower region: 0x0000007fffffffff - * 0x0000000000000000 - * - * We use the upper region for the kernel, and the lower region for userland. + * The kernel is loaded at the beginning of the kernel map. * * We define some interesting address constants: * @@ -146,11 +147,9 @@ #define VM_MIN_ADDRESS (0x0000000000000000UL) #define VM_MAX_ADDRESS (0xffffffffffffffffUL) -/* 32 GiB of kernel addresses */ #define VM_MIN_KERNEL_ADDRESS (0xffffffc000000000UL) #define VM_MAX_KERNEL_ADDRESS (0xffffffc800000000UL) -/* 128 GiB maximum for the direct map region */ #define DMAP_MIN_ADDRESS (0xffffffd000000000UL) #define DMAP_MAX_ADDRESS (0xfffffff000000000UL) diff --git a/sys/riscv/riscv/locore.S b/sys/riscv/riscv/locore.S index 2a8710b11353..30b81ea7493c 100644 --- a/sys/riscv/riscv/locore.S +++ b/sys/riscv/riscv/locore.S @@ -152,7 +152,7 @@ _start: li t0, SATP_MODE_SV39 or s2, s2, t0 sfence.vma - csrw sptbr, s2 + csrw satp, s2 .align 2 va: @@ -297,7 +297,7 @@ ENTRY(mpentry) li t0, SATP_MODE_SV39 or s2, s2, t0 sfence.vma - csrw sptbr, s2 + csrw satp, s2 .align 2 mpva: diff --git a/sys/riscv/riscv/machdep.c b/sys/riscv/riscv/machdep.c index 0735ec034603..b20683dd1316 100644 --- a/sys/riscv/riscv/machdep.c +++ b/sys/riscv/riscv/machdep.c @@ -582,13 +582,14 @@ sendsig(sig_t catcher, ksiginfo_t *ksi, sigset_t *mask) fp = (struct sigframe *)STACKALIGN(fp); /* Fill in the frame to copy out */ + bzero(&frame, sizeof(frame)); get_mcontext(td, &frame.sf_uc.uc_mcontext, 0); get_fpcontext(td, &frame.sf_uc.uc_mcontext); frame.sf_si = ksi->ksi_info; frame.sf_uc.uc_sigmask = *mask; - frame.sf_uc.uc_stack.ss_flags = (td->td_pflags & TDP_ALTSTACK) ? - ((onstack) ? SS_ONSTACK : 0) : SS_DISABLE; frame.sf_uc.uc_stack = td->td_sigstk; + frame.sf_uc.uc_stack.ss_flags = (td->td_pflags & TDP_ALTSTACK) != 0 ? + (onstack ? SS_ONSTACK : 0) : SS_DISABLE; mtx_unlock(&psp->ps_mtx); PROC_UNLOCK(td->td_proc); diff --git a/sys/riscv/riscv/pmap.c b/sys/riscv/riscv/pmap.c index 0e1299d6509b..af90c9403f38 100644 --- a/sys/riscv/riscv/pmap.c +++ b/sys/riscv/riscv/pmap.c @@ -3302,7 +3302,7 @@ pmap_activate(struct thread *td) reg = SATP_MODE_SV39; reg |= (td->td_pcb->pcb_l1addr >> PAGE_SHIFT); - __asm __volatile("csrw sptbr, %0" :: "r"(reg)); + load_satp(reg); pmap_invalidate_all(pmap); critical_exit(); diff --git a/sys/riscv/riscv/swtch.S b/sys/riscv/riscv/swtch.S index 8192abaf9869..c80e9877a9cf 100644 --- a/sys/riscv/riscv/swtch.S +++ b/sys/riscv/riscv/swtch.S @@ -223,7 +223,7 @@ ENTRY(cpu_throw) srli t0, t0, PAGE_SHIFT li t1, SATP_MODE_SV39 or t0, t0, t1 - csrw sptbr, t0 + csrw satp, t0 /* TODO: Invalidate the TLB */ @@ -341,7 +341,7 @@ ENTRY(cpu_switch) srli t0, t0, PAGE_SHIFT li t1, SATP_MODE_SV39 or t0, t0, t1 - csrw sptbr, t0 + csrw satp, t0 /* TODO: Invalidate the TLB */ diff --git a/sys/security/audit/audit.c b/sys/security/audit/audit.c index c00ddc126f5a..0ad6b208725d 100644 --- a/sys/security/audit/audit.c +++ b/sys/security/audit/audit.c @@ -103,7 +103,7 @@ int audit_trail_suspended; #ifdef KDTRACE_HOOKS u_int audit_dtrace_enabled; #endif -int __read_frequently audit_syscalls_enabled; +bool __read_frequently audit_syscalls_enabled; /* * Flags controlling behavior in low storage situations. Should we panic if @@ -216,13 +216,13 @@ audit_syscalls_enabled_update(void) mtx_lock(&audit_mtx); #ifdef KDTRACE_HOOKS if (audit_dtrace_enabled) - audit_syscalls_enabled = 1; + audit_syscalls_enabled = true; else { #endif if (audit_trail_enabled && !audit_trail_suspended) - audit_syscalls_enabled = 1; + audit_syscalls_enabled = true; else - audit_syscalls_enabled = 0; + audit_syscalls_enabled = false; #ifdef KDTRACE_HOOKS } #endif @@ -336,7 +336,7 @@ audit_init(void) audit_trail_enabled = 0; audit_trail_suspended = 0; - audit_syscalls_enabled = 0; + audit_syscalls_enabled = false; audit_panic_on_write_fail = 0; audit_fail_stop = 0; audit_in_failure = 0; diff --git a/sys/security/audit/audit.h b/sys/security/audit/audit.h index 2e47b8c4bf48..689b541b8cb3 100644 --- a/sys/security/audit/audit.h +++ b/sys/security/audit/audit.h @@ -71,7 +71,7 @@ extern u_int audit_dtrace_enabled; extern int audit_trail_enabled; extern int audit_trail_suspended; -extern int audit_syscalls_enabled; +extern bool audit_syscalls_enabled; void audit_syscall_enter(unsigned short code, struct thread *td); void audit_syscall_exit(int error, struct thread *td); @@ -150,7 +150,7 @@ void audit_thread_free(struct thread *td); * Define macros to wrap the audit_arg_* calls by checking the global * audit_syscalls_enabled flag before performing the actual call. */ -#define AUDITING_TD(td) ((td)->td_pflags & TDP_AUDITREC) +#define AUDITING_TD(td) (__predict_false((td)->td_pflags & TDP_AUDITREC)) #define AUDIT_ARG_ADDR(addr) do { \ if (AUDITING_TD(curthread)) \ diff --git a/sys/sparc64/sparc64/machdep.c b/sys/sparc64/sparc64/machdep.c index 888b0e5758cb..be4d8d644f15 100644 --- a/sys/sparc64/sparc64/machdep.c +++ b/sys/sparc64/sparc64/machdep.c @@ -1056,6 +1056,7 @@ fill_fpregs(struct thread *td, struct fpreg *fpregs) bcopy(pcb->pcb_ufp, fpregs->fr_regs, sizeof(fpregs->fr_regs)); fpregs->fr_fsr = tf->tf_fsr; fpregs->fr_gsr = tf->tf_gsr; + fpregs->fr_pad[0] = 0; return (0); } diff --git a/sys/sys/filedesc.h b/sys/sys/filedesc.h index db5debcfe7c8..541f5f6c98df 100644 --- a/sys/sys/filedesc.h +++ b/sys/sys/filedesc.h @@ -208,7 +208,7 @@ fget_locked(struct filedesc *fdp, int fd) FILEDESC_LOCK_ASSERT(fdp); - if (fd < 0 || fd > fdp->fd_lastfile) + if (__predict_false((u_int)fd >= fdp->fd_nfiles)) return (NULL); return (fdp->fd_ofiles[fd].fde_file); @@ -221,11 +221,11 @@ fdeget_locked(struct filedesc *fdp, int fd) FILEDESC_LOCK_ASSERT(fdp); - if (fd < 0 || fd > fdp->fd_lastfile) + if (__predict_false((u_int)fd >= fdp->fd_nfiles)) return (NULL); fde = &fdp->fd_ofiles[fd]; - if (fde->fde_file == NULL) + if (__predict_false(fde->fde_file == NULL)) return (NULL); return (fde); diff --git a/sys/sys/imgact.h b/sys/sys/imgact.h index 4aebcee8c283..87d8fa84918e 100644 --- a/sys/sys/imgact.h +++ b/sys/sys/imgact.h @@ -46,7 +46,8 @@ struct image_args { char *buf; /* pointer to string buffer */ void *bufkva; /* cookie for string buffer KVA */ char *begin_argv; /* beginning of argv in buf */ - char *begin_envv; /* beginning of envv in buf */ + char *begin_envv; /* (interal use only) beginning of envv in buf, + * access with exec_args_get_begin_envv(). */ char *endp; /* current `end' pointer of arg & env strings */ char *fname; /* pointer to filename of executable (system space) */ char *fname_buf; /* pointer to optional malloc(M_TEMP) buffer */ @@ -96,6 +97,15 @@ struct thread; struct vmspace; int exec_alloc_args(struct image_args *); +int exec_args_add_arg(struct image_args *args, const char *argp, + enum uio_seg segflg); +int exec_args_add_env(struct image_args *args, const char *envp, + enum uio_seg segflg); +int exec_args_add_fname(struct image_args *args, const char *fname, + enum uio_seg segflg); +int exec_args_adjust_args(struct image_args *args, size_t consume, + ssize_t extend); +char *exec_args_get_begin_envv(struct image_args *args); int exec_check_permissions(struct image_params *); register_t *exec_copyout_strings(struct image_params *); void exec_free_args(struct image_args *); diff --git a/sys/sys/jail.h b/sys/sys/jail.h index cde09b8b5ff7..40f6f2af3b8c 100644 --- a/sys/sys/jail.h +++ b/sys/sys/jail.h @@ -229,9 +229,16 @@ struct prison_racct { #define PR_ALLOW_SOCKET_AF 0x00000040 #define PR_ALLOW_MLOCK 0x00000080 #define PR_ALLOW_READ_MSGBUF 0x00000100 +#define PR_ALLOW_UNPRIV_DEBUG 0x00000200 #define PR_ALLOW_RESERVED_PORTS 0x00008000 #define PR_ALLOW_KMEM_ACCESS 0x00010000 /* reserved, not used yet */ -#define PR_ALLOW_ALL_STATIC 0x000181ff +#define PR_ALLOW_ALL_STATIC 0x000183ff + +/* + * PR_ALLOW_DIFFERENCES determines which flags are able to be + * different between the parent and child jail upon creation. + */ +#define PR_ALLOW_DIFFERENCES (PR_ALLOW_UNPRIV_DEBUG) /* * OSD methods diff --git a/sys/sys/mount.h b/sys/sys/mount.h index ac1c215b9a83..2a5d4cff2a8b 100644 --- a/sys/sys/mount.h +++ b/sys/sys/mount.h @@ -932,11 +932,15 @@ void syncer_resume(void); struct stat; __BEGIN_DECLS +int fhlink(struct fhandle *, const char *); +int fhlinkat(struct fhandle *, int, const char *); int fhopen(const struct fhandle *, int); +int fhreadlink(struct fhandle *, char *, size_t); int fhstat(const struct fhandle *, struct stat *); int fhstatfs(const struct fhandle *, struct statfs *); int fstatfs(int, struct statfs *); int getfh(const char *, fhandle_t *); +int getfhat(int, char *, struct fhandle *, int); int getfsstat(struct statfs *, long, int); int getmntinfo(struct statfs **, int); int lgetfh(const char *, fhandle_t *); diff --git a/sys/sys/mutex.h b/sys/sys/mutex.h index d4c9d1cbc815..caacf2ef4274 100644 --- a/sys/sys/mutex.h +++ b/sys/sys/mutex.h @@ -496,7 +496,7 @@ do { \ int _giantcnt = 0; \ WITNESS_SAVE_DECL(Giant); \ \ - if (mtx_owned(&Giant)) { \ + if (__predict_false(mtx_owned(&Giant))) { \ WITNESS_SAVE(&Giant.lock_object, Giant); \ for (_giantcnt = 0; mtx_owned(&Giant) && \ !SCHEDULER_STOPPED(); _giantcnt++) \ @@ -509,7 +509,7 @@ do { \ #define PARTIAL_PICKUP_GIANT() \ mtx_assert(&Giant, MA_NOTOWNED); \ - if (_giantcnt > 0) { \ + if (__predict_false(_giantcnt > 0)) { \ while (_giantcnt--) \ mtx_lock(&Giant); \ WITNESS_RESTORE(&Giant.lock_object, Giant); \ diff --git a/sys/sys/proc.h b/sys/sys/proc.h index 82f2ab343ddc..96fe06f840f9 100644 --- a/sys/sys/proc.h +++ b/sys/sys/proc.h @@ -959,8 +959,10 @@ extern u_long pgrphash; extern struct sx allproc_lock; extern int allproc_gen; +extern struct sx zombproc_lock; extern struct sx proctree_lock; extern struct mtx ppeers_lock; +extern struct mtx procid_lock; extern struct proc proc0; /* Process slot for swapper. */ extern struct thread0_storage thread0_st; /* Primary thread in proc0. */ #define thread0 (thread0_st.t0st_thread) @@ -1164,6 +1166,15 @@ td_softdep_cleanup(struct thread *td) softdep_ast_cleanup(td); } +#define PROC_ID_PID 0 +#define PROC_ID_GROUP 1 +#define PROC_ID_SESSION 2 +#define PROC_ID_REAP 3 + +void proc_id_set(int type, pid_t id); +void proc_id_set_cond(int type, pid_t id); +void proc_id_clear(int type, pid_t id); + #endif /* _KERNEL */ #endif /* !_SYS_PROC_H_ */ diff --git a/sys/sys/racct.h b/sys/sys/racct.h index 84de705f24af..17af3276d691 100644 --- a/sys/sys/racct.h +++ b/sys/sys/racct.h @@ -91,7 +91,7 @@ struct ucred; #define RACCT_DECAYING 0x20 extern int racct_types[]; -extern int racct_enable; +extern bool racct_enable; #define ASSERT_RACCT_ENABLED() KASSERT(racct_enable, \ ("%s called with !racct_enable", __func__)) @@ -164,12 +164,14 @@ extern struct mtx racct_lock; #define RACCT_UNLOCK() mtx_unlock(&racct_lock) #define RACCT_LOCK_ASSERT() mtx_assert(&racct_lock, MA_OWNED) +#define RACCT_ENABLED() __predict_false(racct_enable) + #define RACCT_PROC_LOCK(p) do { \ - if (__predict_false(racct_enable)) \ + if (RACCT_ENABLED()) \ PROC_LOCK(p); \ } while (0) #define RACCT_PROC_UNLOCK(p) do { \ - if (__predict_false(racct_enable)) \ + if (RACCT_ENABLED()) \ PROC_UNLOCK(p); \ } while (0) @@ -178,6 +180,7 @@ void racct_add_cred(struct ucred *cred, int resource, uint64_t amount); void racct_add_force(struct proc *p, int resource, uint64_t amount); void racct_add_buf(struct proc *p, const struct buf *bufp, int is_write); int racct_set(struct proc *p, int resource, uint64_t amount); +int racct_set_unlocked(struct proc *p, int resource, uint64_t amount); void racct_set_force(struct proc *p, int resource, uint64_t amount); void racct_sub(struct proc *p, int resource, uint64_t amount); void racct_sub_cred(struct ucred *cred, int resource, uint64_t amount); @@ -194,6 +197,7 @@ void racct_proc_exit(struct proc *p); void racct_proc_ucred_changed(struct proc *p, struct ucred *oldcred, struct ucred *newcred); void racct_move(struct racct *dest, struct racct *src); +void racct_proc_throttled(struct proc *p); void racct_proc_throttle(struct proc *p, int timeout); #else diff --git a/sys/sys/refcount.h b/sys/sys/refcount.h index a0e32c805a4f..a13a2d600f9f 100644 --- a/sys/sys/refcount.h +++ b/sys/sys/refcount.h @@ -79,8 +79,6 @@ refcount_release(volatile u_int *count) /* * This functions returns non-zero if the refcount was * incremented. Else zero is returned. - * - * A temporary hack until refcount_* APIs are sorted out. */ static __inline __result_use_check int refcount_acquire_if_not_zero(volatile u_int *count) diff --git a/sys/sys/sdt.h b/sys/sys/sdt.h index 424a0e3a0ded..1d27b1977604 100644 --- a/sys/sys/sdt.h +++ b/sys/sys/sdt.h @@ -164,8 +164,10 @@ SET_DECLARE(sdt_argtypes_set, struct sdt_argtype); #define SDT_PROBE_DECLARE(prov, mod, func, name) \ extern struct sdt_probe sdt_##prov##_##mod##_##func##_##name[1] +#define SDT_PROBES_ENABLED() __predict_false(sdt_probes_enabled) + #define SDT_PROBE(prov, mod, func, name, arg0, arg1, arg2, arg3, arg4) do { \ - if (__predict_false(sdt_probes_enabled)) { \ + if (SDT_PROBES_ENABLED()) { \ if (__predict_false(sdt_##prov##_##mod##_##func##_##name->id)) \ (*sdt_probe_func)(sdt_##prov##_##mod##_##func##_##name->id, \ (uintptr_t) arg0, (uintptr_t) arg1, (uintptr_t) arg2, \ diff --git a/sys/sys/sx.h b/sys/sys/sx.h index 817f0f97d38c..d6cd05a76c45 100644 --- a/sys/sys/sx.h +++ b/sys/sys/sx.h @@ -273,7 +273,6 @@ __sx_xunlock(struct sx *sx, struct thread *td, const char *file, int line) #define SX_NOPROFILE 0x02 #define SX_NOWITNESS 0x04 #define SX_QUIET 0x08 -#define SX_NOADAPTIVE 0x10 #define SX_RECURSE 0x20 #define SX_NEW 0x40 diff --git a/sys/sys/syscall.h b/sys/sys/syscall.h index 436186e90d29..3d749182add7 100644 --- a/sys/sys/syscall.h +++ b/sys/sys/syscall.h @@ -499,4 +499,8 @@ #define SYS_cpuset_getdomain 561 #define SYS_cpuset_setdomain 562 #define SYS_getrandom 563 -#define SYS_MAXSYSCALL 564 +#define SYS_getfhat 564 +#define SYS_fhlink 565 +#define SYS_fhlinkat 566 +#define SYS_fhreadlink 567 +#define SYS_MAXSYSCALL 568 diff --git a/sys/sys/syscall.mk b/sys/sys/syscall.mk index 11d81fab83f3..44a7a2ab9e3a 100644 --- a/sys/sys/syscall.mk +++ b/sys/sys/syscall.mk @@ -404,4 +404,8 @@ MIASM = \ kevent.o \ cpuset_getdomain.o \ cpuset_setdomain.o \ - getrandom.o + getrandom.o \ + getfhat.o \ + fhlink.o \ + fhlinkat.o \ + fhreadlink.o diff --git a/sys/sys/sysproto.h b/sys/sys/sysproto.h index 0ac7f731f66a..58bbd715d061 100644 --- a/sys/sys/sysproto.h +++ b/sys/sys/sysproto.h @@ -247,7 +247,7 @@ struct umask_args { struct chroot_args { char path_l_[PADL_(const char *)]; const char * path; char path_r_[PADR_(const char *)]; }; -struct getpagesize_args { +struct ogetpagesize_args { register_t dummy; }; struct msync_args { @@ -1770,6 +1770,26 @@ struct getrandom_args { char buflen_l_[PADL_(size_t)]; size_t buflen; char buflen_r_[PADR_(size_t)]; char flags_l_[PADL_(unsigned int)]; unsigned int flags; char flags_r_[PADR_(unsigned int)]; }; +struct getfhat_args { + char fd_l_[PADL_(int)]; int fd; char fd_r_[PADR_(int)]; + char path_l_[PADL_(char *)]; char * path; char path_r_[PADR_(char *)]; + char fhp_l_[PADL_(struct fhandle *)]; struct fhandle * fhp; char fhp_r_[PADR_(struct fhandle *)]; + char flags_l_[PADL_(int)]; int flags; char flags_r_[PADR_(int)]; +}; +struct fhlink_args { + char fhp_l_[PADL_(struct fhandle *)]; struct fhandle * fhp; char fhp_r_[PADR_(struct fhandle *)]; + char to_l_[PADL_(const char *)]; const char * to; char to_r_[PADR_(const char *)]; +}; +struct fhlinkat_args { + char fhp_l_[PADL_(struct fhandle *)]; struct fhandle * fhp; char fhp_r_[PADR_(struct fhandle *)]; + char tofd_l_[PADL_(int)]; int tofd; char tofd_r_[PADR_(int)]; + char to_l_[PADL_(const char *)]; const char * to; char to_r_[PADR_(const char *)]; +}; +struct fhreadlink_args { + char fhp_l_[PADL_(struct fhandle *)]; struct fhandle * fhp; char fhp_r_[PADR_(struct fhandle *)]; + char buf_l_[PADL_(char *)]; char * buf; char buf_r_[PADR_(char *)]; + char bufsize_l_[PADL_(size_t)]; size_t bufsize; char bufsize_r_[PADR_(size_t)]; +}; int nosys(struct thread *, struct nosys_args *); void sys_sys_exit(struct thread *, struct sys_exit_args *); int sys_fork(struct thread *, struct fork_args *); @@ -2150,6 +2170,10 @@ int sys_kevent(struct thread *, struct kevent_args *); int sys_cpuset_getdomain(struct thread *, struct cpuset_getdomain_args *); int sys_cpuset_setdomain(struct thread *, struct cpuset_setdomain_args *); int sys_getrandom(struct thread *, struct getrandom_args *); +int sys_getfhat(struct thread *, struct getfhat_args *); +int sys_fhlink(struct thread *, struct fhlink_args *); +int sys_fhlinkat(struct thread *, struct fhlinkat_args *); +int sys_fhreadlink(struct thread *, struct fhreadlink_args *); #ifdef COMPAT_43 @@ -2183,7 +2207,7 @@ struct ofstat_args { char fd_l_[PADL_(int)]; int fd; char fd_r_[PADR_(int)]; char sb_l_[PADL_(struct ostat *)]; struct ostat * sb; char sb_r_[PADR_(struct ostat *)]; }; -struct getkerninfo_args { +struct ogetkerninfo_args { char op_l_[PADL_(int)]; int op; char op_r_[PADR_(int)]; char where_l_[PADL_(char *)]; char * where; char where_r_[PADR_(char *)]; char size_l_[PADL_(size_t *)]; size_t * size; char size_r_[PADR_(size_t *)]; @@ -2197,14 +2221,19 @@ struct ommap_args { char fd_l_[PADL_(int)]; int fd; char fd_r_[PADR_(int)]; char pos_l_[PADL_(long)]; long pos; char pos_r_[PADR_(long)]; }; -struct gethostname_args { +struct ogethostname_args { char hostname_l_[PADL_(char *)]; char * hostname; char hostname_r_[PADR_(char *)]; char len_l_[PADL_(u_int)]; u_int len; char len_r_[PADR_(u_int)]; }; -struct sethostname_args { +struct osethostname_args { char hostname_l_[PADL_(char *)]; char * hostname; char hostname_r_[PADR_(char *)]; char len_l_[PADL_(u_int)]; u_int len; char len_r_[PADR_(u_int)]; }; +struct oaccept_args { + char s_l_[PADL_(int)]; int s; char s_r_[PADR_(int)]; + char name_l_[PADL_(struct sockaddr *)]; struct sockaddr * name; char name_r_[PADR_(struct sockaddr *)]; + char anamelen_l_[PADL_(int *)]; int * anamelen; char anamelen_r_[PADR_(int *)]; +}; struct osend_args { char s_l_[PADL_(int)]; int s; char s_r_[PADR_(int)]; char buf_l_[PADL_(const void *)]; const void * buf; char buf_r_[PADR_(const void *)]; @@ -2290,13 +2319,13 @@ int osigaction(struct thread *, struct osigaction_args *); int osigprocmask(struct thread *, struct osigprocmask_args *); int osigpending(struct thread *, struct osigpending_args *); int ofstat(struct thread *, struct ofstat_args *); -int ogetkerninfo(struct thread *, struct getkerninfo_args *); -int ogetpagesize(struct thread *, struct getpagesize_args *); +int ogetkerninfo(struct thread *, struct ogetkerninfo_args *); +int ogetpagesize(struct thread *, struct ogetpagesize_args *); int ommap(struct thread *, struct ommap_args *); int owait(struct thread *, struct owait_args *); -int ogethostname(struct thread *, struct gethostname_args *); -int osethostname(struct thread *, struct sethostname_args *); -int oaccept(struct thread *, struct accept_args *); +int ogethostname(struct thread *, struct ogethostname_args *); +int osethostname(struct thread *, struct osethostname_args *); +int oaccept(struct thread *, struct oaccept_args *); int osend(struct thread *, struct osend_args *); int orecv(struct thread *, struct orecv_args *); int osigreturn(struct thread *, struct osigreturn_args *); @@ -3047,6 +3076,10 @@ int freebsd11_mknodat(struct thread *, struct freebsd11_mknodat_args *); #define SYS_AUE_cpuset_getdomain AUE_NULL #define SYS_AUE_cpuset_setdomain AUE_NULL #define SYS_AUE_getrandom AUE_NULL +#define SYS_AUE_getfhat AUE_NULL +#define SYS_AUE_fhlink AUE_NULL +#define SYS_AUE_fhlinkat AUE_NULL +#define SYS_AUE_fhreadlink AUE_NULL #undef PAD_ #undef PADL_ diff --git a/sys/sys/systm.h b/sys/sys/systm.h index a1b98c5660c2..b250c54033c1 100644 --- a/sys/sys/systm.h +++ b/sys/sys/systm.h @@ -523,7 +523,7 @@ int alloc_unr_specific(struct unrhdr *uh, u_int item); int alloc_unrl(struct unrhdr *uh); void free_unr(struct unrhdr *uh, u_int item); -#if defined(__mips__) || defined(__powerpc__) +#ifndef __LP64__ #define UNR64_LOCKED #endif diff --git a/sys/sys/types.h b/sys/sys/types.h index 8d702db4a523..39d8d63262e8 100644 --- a/sys/sys/types.h +++ b/sys/sys/types.h @@ -261,7 +261,7 @@ typedef __uint64_t kvaddr_t; typedef __uint64_t ksize_t; typedef __vm_offset_t vm_offset_t; -typedef __int64_t vm_ooffset_t; +typedef __uint64_t vm_ooffset_t; typedef __vm_paddr_t vm_paddr_t; typedef __uint64_t vm_pindex_t; typedef __vm_size_t vm_size_t; diff --git a/sys/sys/user.h b/sys/sys/user.h index 67acf2d0740d..34adfc2b5905 100644 --- a/sys/sys/user.h +++ b/sys/sys/user.h @@ -262,6 +262,7 @@ struct user { #define KF_TYPE_SEM 9 #define KF_TYPE_PTS 10 #define KF_TYPE_PROCDESC 11 +#define KF_TYPE_DEV 12 #define KF_TYPE_UNKNOWN 255 #define KF_VTYPE_VNON 0 diff --git a/sys/ufs/ffs/ffs_alloc.c b/sys/ufs/ffs/ffs_alloc.c index e82605af09e4..cb2205bd4aa6 100644 --- a/sys/ufs/ffs/ffs_alloc.c +++ b/sys/ufs/ffs/ffs_alloc.c @@ -2537,6 +2537,23 @@ ffs_blkrelease_finish(ump, key) if (((ump->um_flags & UM_CANDELETE) == 0) || dotrimcons == 0) return; /* + * If the vfs.ffs.dotrimcons sysctl option is enabled while + * a file deletion is active, specifically after a call + * to ffs_blkrelease_start() but before the call to + * ffs_blkrelease_finish(), ffs_blkrelease_start() will + * have handed out SINGLETON_KEY rather than starting a + * collection sequence. Thus if we get a SINGLETON_KEY + * passed to ffs_blkrelease_finish(), we just return rather + * than trying to finish the nonexistent sequence. + */ + if (key == SINGLETON_KEY) { +#ifdef INVARIANTS + printf("%s: vfs.ffs.dotrimcons enabled on active filesystem\n", + ump->um_mountp->mnt_stat.f_mntonname); +#endif + return; + } + /* * We are done with sending blocks using this key. Look up the key * using the DONE alloctype (in tp) to request that it be unhashed * as we will not be adding to it. If the key has never been used, diff --git a/sys/ufs/ffs/ffs_extern.h b/sys/ufs/ffs/ffs_extern.h index c2f6c91bcc4b..16f517d5f12e 100644 --- a/sys/ufs/ffs/ffs_extern.h +++ b/sys/ufs/ffs/ffs_extern.h @@ -68,6 +68,7 @@ ufs2_daddr_t ffs_blkpref_ufs1(struct inode *, ufs_lbn_t, int, ufs1_daddr_t *); ufs2_daddr_t ffs_blkpref_ufs2(struct inode *, ufs_lbn_t, int, ufs2_daddr_t *); void ffs_blkrelease_finish(struct ufsmount *, u_long); u_long ffs_blkrelease_start(struct ufsmount *, struct vnode *, ino_t); +uint32_t ffs_calc_sbhash(struct fs *); int ffs_checkfreefile(struct fs *, struct vnode *, ino_t); void ffs_clrblock(struct fs *, u_char *, ufs1_daddr_t); void ffs_clusteracct(struct fs *, struct cg *, ufs1_daddr_t, int); @@ -125,6 +126,12 @@ void process_deferred_inactive(struct mount *mp); #define FFSR_UNSUSPEND 0x0002 /* + * Request standard superblock location in ffs_sbget + */ +#define STDSB -1 /* Fail if check-hash is bad */ +#define STDSB_NOHASHFAIL -2 /* Ignore check-hash failure */ + +/* * Definitions for TRIM interface * * Special keys and recommended hash table size diff --git a/sys/ufs/ffs/ffs_snapshot.c b/sys/ufs/ffs/ffs_snapshot.c index 09b1d4982c49..e230d4b0c6c8 100644 --- a/sys/ufs/ffs/ffs_snapshot.c +++ b/sys/ufs/ffs/ffs_snapshot.c @@ -795,6 +795,7 @@ out1: brelse(nbp); } else { loc = blkoff(fs, fs->fs_sblockloc); + copy_fs->fs_ckhash = ffs_calc_sbhash(copy_fs); bcopy((char *)copy_fs, &nbp->b_data[loc], (u_int)fs->fs_sbsize); bawrite(nbp); } diff --git a/sys/ufs/ffs/ffs_subr.c b/sys/ufs/ffs/ffs_subr.c index 541d44c887db..64354bbd5383 100644 --- a/sys/ufs/ffs/ffs_subr.c +++ b/sys/ufs/ffs/ffs_subr.c @@ -46,10 +46,16 @@ __FBSDID("$FreeBSD$"); #include <ufs/ffs/fs.h> uint32_t calculate_crc32c(uint32_t, const void *, size_t); +uint32_t ffs_calc_sbhash(struct fs *); struct malloc_type; #define UFS_MALLOC(size, type, flags) malloc(size) #define UFS_FREE(ptr, type) free(ptr) #define UFS_TIME time(NULL) +/* + * Request standard superblock location in ffs_sbget + */ +#define STDSB -1 /* Fail if check-hash is bad */ +#define STDSB_NOHASHFAIL -2 /* Ignore check-hash failure */ #else /* _KERNEL */ #include <sys/systm.h> @@ -138,16 +144,15 @@ ffs_load_inode(struct buf *bp, struct inode *ip, struct fs *fs, ino_t ino) ip->i_gid = dip2->di_gid; return (0); } -#endif /* KERNEL */ +#endif /* _KERNEL */ /* * These are the low-level functions that actually read and write * the superblock and its associated data. */ static off_t sblock_try[] = SBLOCKSEARCH; -static int readsuper(void *, struct fs **, off_t, int, +static int readsuper(void *, struct fs **, off_t, int, int, int (*)(void *, off_t, void **, int)); -static uint32_t calc_sbhash(struct fs *); /* * Read a superblock from the devfd device. @@ -177,21 +182,25 @@ ffs_sbget(void *devfd, struct fs **fsp, off_t altsblock, int i, error, size, blks; uint8_t *space; int32_t *lp; + int chkhash; char *buf; fs = NULL; *fsp = NULL; - if (altsblock != -1) { - if ((error = readsuper(devfd, &fs, altsblock, 1, + chkhash = 1; + if (altsblock >= 0) { + if ((error = readsuper(devfd, &fs, altsblock, 1, chkhash, readfunc)) != 0) { if (fs != NULL) UFS_FREE(fs, filltype); return (error); } } else { + if (altsblock == STDSB_NOHASHFAIL) + chkhash = 0; for (i = 0; sblock_try[i] != -1; i++) { if ((error = readsuper(devfd, &fs, sblock_try[i], 0, - readfunc)) == 0) + chkhash, readfunc)) == 0) break; if (fs != NULL) { UFS_FREE(fs, filltype); @@ -255,7 +264,7 @@ ffs_sbget(void *devfd, struct fs **fsp, off_t altsblock, */ static int readsuper(void *devfd, struct fs **fsp, off_t sblockloc, int isaltsblk, - int (*readfunc)(void *devfd, off_t loc, void **bufp, int size)) + int chkhash, int (*readfunc)(void *devfd, off_t loc, void **bufp, int size)) { struct fs *fs; int error, res; @@ -276,11 +285,18 @@ readsuper(void *devfd, struct fs **fsp, off_t sblockloc, int isaltsblk, fs->fs_bsize <= MAXBSIZE && fs->fs_bsize >= roundup(sizeof(struct fs), DEV_BSIZE) && fs->fs_sbsize <= SBLOCKSIZE) { - if (fs->fs_ckhash != (ckhash = calc_sbhash(fs))) { + /* + * If the filesystem has been run on a kernel without + * metadata check hashes, disable them. + */ + if ((fs->fs_flags & FS_METACKHASH) == 0) + fs->fs_metackhash = 0; + if (fs->fs_ckhash != (ckhash = ffs_calc_sbhash(fs))) { #ifdef _KERNEL res = uprintf("Superblock check-hash failed: recorded " - "check-hash 0x%x != computed check-hash 0x%x\n", - fs->fs_ckhash, ckhash); + "check-hash 0x%x != computed check-hash 0x%x%s\n", + fs->fs_ckhash, ckhash, + chkhash == 0 ? " (Ignored)" : ""); #else res = 0; #endif @@ -291,7 +307,14 @@ readsuper(void *devfd, struct fs **fsp, off_t sblockloc, int isaltsblk, if (res == 0) printf("Superblock check-hash failed: recorded " "check-hash 0x%x != computed check-hash " - "0x%x\n", fs->fs_ckhash, ckhash); + "0x%x%s\n", fs->fs_ckhash, ckhash, + chkhash == 0 ? " (Ignored)" : ""); + if (chkhash == 0) { + fs->fs_flags |= FS_NEEDSFSCK; + fs->fs_fmod = 1; + return (0); + } + fs->fs_fmod = 0; return (EINVAL); } /* Have to set for old filesystems that predate this field */ @@ -339,7 +362,7 @@ ffs_sbput(void *devfd, struct fs *fs, off_t loc, } fs->fs_fmod = 0; fs->fs_time = UFS_TIME; - fs->fs_ckhash = calc_sbhash(fs); + fs->fs_ckhash = ffs_calc_sbhash(fs); if ((error = (*writefunc)(devfd, loc, fs, fs->fs_sbsize)) != 0) return (error); return (0); @@ -348,8 +371,8 @@ ffs_sbput(void *devfd, struct fs *fs, off_t loc, /* * Calculate the check-hash for a superblock. */ -static uint32_t -calc_sbhash(struct fs *fs) +uint32_t +ffs_calc_sbhash(struct fs *fs) { uint32_t ckhash, save_ckhash; diff --git a/sys/ufs/ffs/ffs_vfsops.c b/sys/ufs/ffs/ffs_vfsops.c index 7ecaae231f07..7cb81cfa450a 100644 --- a/sys/ufs/ffs/ffs_vfsops.c +++ b/sys/ufs/ffs/ffs_vfsops.c @@ -774,6 +774,7 @@ ffs_mountfs(devvp, mp, td) struct g_consumer *cp; struct mount *nmp; int candelete; + off_t loc; fs = NULL; ump = NULL; @@ -810,12 +811,11 @@ ffs_mountfs(devvp, mp, td) goto out; } /* fetch the superblock and summary information */ - if ((error = ffs_sbget(devvp, &fs, -1, M_UFSMNT, ffs_use_bread)) != 0) + loc = STDSB; + if ((mp->mnt_flag & MNT_ROOTFS) != 0) + loc = STDSB_NOHASHFAIL; + if ((error = ffs_sbget(devvp, &fs, loc, M_UFSMNT, ffs_use_bread)) != 0) goto out; - fs->fs_fmod = 0; - /* if we ran on a kernel without metadata check hashes, disable them */ - if ((fs->fs_flags & FS_METACKHASH) == 0) - fs->fs_metackhash = 0; /* none of these types of check-hashes are maintained by this kernel */ fs->fs_metackhash &= ~(CK_INODE | CK_INDIR | CK_DIR); /* no support for any undefined flags */ diff --git a/sys/vm/device_pager.c b/sys/vm/device_pager.c index e84111eb4435..c27d60869def 100644 --- a/sys/vm/device_pager.c +++ b/sys/vm/device_pager.c @@ -150,9 +150,9 @@ cdev_pager_allocate(void *handle, enum obj_type tp, struct cdev_pager_ops *ops, * of the page size. Do a check to avoid wrap. */ size = round_page(size); - pindex = UOFF_TO_IDX(foff) + UOFF_TO_IDX(size); - if (pindex > OBJ_MAX_SIZE || pindex < UOFF_TO_IDX(foff) || - pindex < UOFF_TO_IDX(size)) + pindex = OFF_TO_IDX(foff) + OFF_TO_IDX(size); + if (pindex > OBJ_MAX_SIZE || pindex < OFF_TO_IDX(foff) || + pindex < OFF_TO_IDX(size)) return (NULL); if (ops->cdev_pg_ctor(handle, size, prot, foff, cred, &color) != 0) diff --git a/sys/vm/sg_pager.c b/sys/vm/sg_pager.c index 3cd5f9904e2c..a31c2bb8fd27 100644 --- a/sys/vm/sg_pager.c +++ b/sys/vm/sg_pager.c @@ -100,9 +100,9 @@ sg_pager_alloc(void *handle, vm_ooffset_t size, vm_prot_t prot, * to map beyond that. */ size = round_page(size); - pindex = UOFF_TO_IDX(foff) + UOFF_TO_IDX(size); - if (pindex > npages || pindex < UOFF_TO_IDX(foff) || - pindex < UOFF_TO_IDX(size)) + pindex = OFF_TO_IDX(foff) + OFF_TO_IDX(size); + if (pindex > npages || pindex < OFF_TO_IDX(foff) || + pindex < OFF_TO_IDX(size)) return (NULL); /* diff --git a/sys/vm/swap_pager.c b/sys/vm/swap_pager.c index 54370523086a..f99da24e6cc0 100644 --- a/sys/vm/swap_pager.c +++ b/sys/vm/swap_pager.c @@ -547,12 +547,12 @@ swap_pager_swap_init(void) mtx_unlock(&pbuf_mtx); /* - * Initialize our zone, guessing on the number we need based - * on the number of pages in the system. + * Initialize our zone, taking the user's requested size or + * estimating the number we need based on the number of pages + * in the system. */ - n = vm_cnt.v_page_count / 2; - if (maxswzone && n > maxswzone / sizeof(struct swblk)) - n = maxswzone / sizeof(struct swblk); + n = maxswzone != 0 ? maxswzone / sizeof(struct swblk) : + vm_cnt.v_page_count / 2; swpctrie_zone = uma_zcreate("swpctrie", pctrie_node_size(), NULL, NULL, pctrie_zone_init, NULL, UMA_ALIGN_PTR, UMA_ZONE_VM); if (swpctrie_zone == NULL) @@ -580,7 +580,7 @@ swap_pager_swap_init(void) n = uma_zone_get_max(swblk_zone); if (n < n2) - printf("Swap blk zone entries reduced from %lu to %lu.\n", + printf("Swap blk zone entries changed from %lu to %lu.\n", n2, n); swap_maxpages = n * SWAP_META_PAGES; swzone = n * sizeof(struct swblk); diff --git a/sys/vm/uma_core.c b/sys/vm/uma_core.c index 7d14586a31cd..ba5ec807404c 100644 --- a/sys/vm/uma_core.c +++ b/sys/vm/uma_core.c @@ -1453,7 +1453,7 @@ keg_small_init(uma_keg_t keg) if (keg->uk_flags & UMA_ZONE_OFFPAGE) shsize = 0; else - shsize = sizeof(struct uma_slab); + shsize = SIZEOF_UMA_SLAB; if (rsize <= slabsize - shsize) keg->uk_ipers = (slabsize - shsize) / rsize; @@ -1523,7 +1523,6 @@ keg_small_init(uma_keg_t keg) static void keg_large_init(uma_keg_t keg) { - u_int shsize; KASSERT(keg != NULL, ("Keg is null in keg_large_init")); KASSERT((keg->uk_flags & UMA_ZFLAG_CACHEONLY) == 0, @@ -1536,23 +1535,17 @@ keg_large_init(uma_keg_t keg) keg->uk_rsize = keg->uk_size; /* Check whether we have enough space to not do OFFPAGE. */ - if ((keg->uk_flags & UMA_ZONE_OFFPAGE) == 0) { - shsize = sizeof(struct uma_slab); - if (shsize & UMA_ALIGN_PTR) - shsize = (shsize & ~UMA_ALIGN_PTR) + - (UMA_ALIGN_PTR + 1); - - if (PAGE_SIZE * keg->uk_ppera - keg->uk_rsize < shsize) { - /* - * We can't do OFFPAGE if we're internal, in which case - * we need an extra page per allocation to contain the - * slab header. - */ - if ((keg->uk_flags & UMA_ZFLAG_INTERNAL) == 0) - keg->uk_flags |= UMA_ZONE_OFFPAGE; - else - keg->uk_ppera++; - } + if ((keg->uk_flags & UMA_ZONE_OFFPAGE) == 0 && + PAGE_SIZE * keg->uk_ppera - keg->uk_rsize < SIZEOF_UMA_SLAB) { + /* + * We can't do OFFPAGE if we're internal, in which case + * we need an extra page per allocation to contain the + * slab header. + */ + if ((keg->uk_flags & UMA_ZFLAG_INTERNAL) == 0) + keg->uk_flags |= UMA_ZONE_OFFPAGE; + else + keg->uk_ppera++; } if ((keg->uk_flags & UMA_ZONE_OFFPAGE) && @@ -1693,20 +1686,11 @@ keg_ctor(void *mem, int size, void *udata, int flags) /* * If we're putting the slab header in the actual page we need to - * figure out where in each page it goes. This calculates a right - * justified offset into the memory on an ALIGN_PTR boundary. + * figure out where in each page it goes. See SIZEOF_UMA_SLAB + * macro definition. */ if (!(keg->uk_flags & UMA_ZONE_OFFPAGE)) { - u_int totsize; - - /* Size of the slab struct and free list */ - totsize = sizeof(struct uma_slab); - - if (totsize & UMA_ALIGN_PTR) - totsize = (totsize & ~UMA_ALIGN_PTR) + - (UMA_ALIGN_PTR + 1); - keg->uk_pgoff = (PAGE_SIZE * keg->uk_ppera) - totsize; - + keg->uk_pgoff = (PAGE_SIZE * keg->uk_ppera) - SIZEOF_UMA_SLAB; /* * The only way the following is possible is if with our * UMA_ALIGN_PTR adjustments we are now bigger than @@ -1714,13 +1698,10 @@ keg_ctor(void *mem, int size, void *udata, int flags) * mathematically possible for all cases, so we make * sure here anyway. */ - totsize = keg->uk_pgoff + sizeof(struct uma_slab); - if (totsize > PAGE_SIZE * keg->uk_ppera) { - printf("zone %s ipers %d rsize %d size %d\n", - zone->uz_name, keg->uk_ipers, keg->uk_rsize, - keg->uk_size); - panic("UMA slab won't fit."); - } + KASSERT(keg->uk_pgoff + sizeof(struct uma_slab) <= + PAGE_SIZE * keg->uk_ppera, + ("zone %s ipers %d rsize %d size %d slab won't fit", + zone->uz_name, keg->uk_ipers, keg->uk_rsize, keg->uk_size)); } if (keg->uk_flags & UMA_ZONE_HASH) @@ -2010,10 +1991,17 @@ uma_startup_count(int vm_zones) #endif /* Memory for the rest of startup zones, UMA and VM, ... */ - if (zsize > UMA_SLAB_SPACE) - pages += (zones + vm_zones) * - howmany(roundup2(zsize, UMA_BOOT_ALIGN), UMA_SLAB_SIZE); - else if (roundup2(zsize, UMA_BOOT_ALIGN) > UMA_SLAB_SPACE) + if (zsize > UMA_SLAB_SPACE) { + /* See keg_large_init(). */ + u_int ppera; + + ppera = howmany(roundup2(zsize, UMA_BOOT_ALIGN), PAGE_SIZE); + if (PAGE_SIZE * ppera - roundup2(zsize, UMA_BOOT_ALIGN) < + SIZEOF_UMA_SLAB) + ppera++; + pages += (zones + vm_zones) * ppera; + } else if (roundup2(zsize, UMA_BOOT_ALIGN) > UMA_SLAB_SPACE) + /* See keg_small_init() special case for uk_ppera = 1. */ pages += zones; else pages += howmany(zones, diff --git a/sys/vm/uma_int.h b/sys/vm/uma_int.h index a97f51734ef6..daffec2d84fc 100644 --- a/sys/vm/uma_int.h +++ b/sys/vm/uma_int.h @@ -139,9 +139,17 @@ #define UMA_MAX_WASTE 10 /* - * Size of memory in a not offpage slab available for actual items. + * Actual size of uma_slab when it is placed at an end of a page + * with pointer sized alignment requirement. */ -#define UMA_SLAB_SPACE (UMA_SLAB_SIZE - sizeof(struct uma_slab)) +#define SIZEOF_UMA_SLAB ((sizeof(struct uma_slab) & UMA_ALIGN_PTR) ? \ + (sizeof(struct uma_slab) & ~UMA_ALIGN_PTR) + \ + (UMA_ALIGN_PTR + 1) : sizeof(struct uma_slab)) + +/* + * Size of memory in a not offpage single page slab available for actual items. + */ +#define UMA_SLAB_SPACE (PAGE_SIZE - SIZEOF_UMA_SLAB) /* * I doubt there will be many cases where this is exceeded. This is the initial diff --git a/sys/vm/vm_map.c b/sys/vm/vm_map.c index 058ae1d95cc7..05a1186c5ad2 100644 --- a/sys/vm/vm_map.c +++ b/sys/vm/vm_map.c @@ -283,12 +283,7 @@ vmspace_alloc(vm_offset_t min, vm_offset_t max, pmap_pinit_t pinit) struct vmspace *vm; vm = uma_zalloc(vmspace_zone, M_WAITOK); - KASSERT(vm->vm_map.pmap == NULL, ("vm_map.pmap must be NULL")); - - if (pinit == NULL) - pinit = &pmap_pinit; - if (!pinit(vmspace_pmap(vm))) { uma_zfree(vmspace_zone, vm); return (NULL); @@ -396,8 +391,8 @@ vmspace_exit(struct thread *td) p = td->td_proc; vm = p->p_vmspace; atomic_add_int(&vmspace0.vm_refcnt, 1); + refcnt = vm->vm_refcnt; do { - refcnt = vm->vm_refcnt; if (refcnt > 1 && p->p_vmspace != &vmspace0) { /* Switch now since other proc might free vmspace */ PROC_VMSPACE_LOCK(p); @@ -405,7 +400,7 @@ vmspace_exit(struct thread *td) PROC_VMSPACE_UNLOCK(p); pmap_activate(td); } - } while (!atomic_cmpset_int(&vm->vm_refcnt, refcnt, refcnt - 1)); + } while (!atomic_fcmpset_int(&vm->vm_refcnt, &refcnt, refcnt - 1)); if (refcnt == 1) { if (p->p_vmspace != vm) { /* vmspace not yet freed, switch back */ @@ -442,13 +437,13 @@ vmspace_acquire_ref(struct proc *p) PROC_VMSPACE_UNLOCK(p); return (NULL); } + refcnt = vm->vm_refcnt; do { - refcnt = vm->vm_refcnt; if (refcnt <= 0) { /* Avoid 0->1 transition */ PROC_VMSPACE_UNLOCK(p); return (NULL); } - } while (!atomic_cmpset_int(&vm->vm_refcnt, refcnt, refcnt + 1)); + } while (!atomic_fcmpset_int(&vm->vm_refcnt, &refcnt, refcnt + 1)); if (vm != p->p_vmspace) { PROC_VMSPACE_UNLOCK(p); vmspace_free(vm); @@ -3424,7 +3419,8 @@ vmspace_fork(struct vmspace *vm1, vm_ooffset_t *fork_charge) old_map = &vm1->vm_map; /* Copy immutable fields of vm1 to vm2. */ - vm2 = vmspace_alloc(vm_map_min(old_map), vm_map_max(old_map), NULL); + vm2 = vmspace_alloc(vm_map_min(old_map), vm_map_max(old_map), + pmap_pinit); if (vm2 == NULL) return (NULL); vm2->vm_taddr = vm1->vm_taddr; @@ -3975,7 +3971,7 @@ vmspace_exec(struct proc *p, vm_offset_t minuser, vm_offset_t maxuser) KASSERT((curthread->td_pflags & TDP_EXECVMSPC) == 0, ("vmspace_exec recursed")); - newvmspace = vmspace_alloc(minuser, maxuser, NULL); + newvmspace = vmspace_alloc(minuser, maxuser, pmap_pinit); if (newvmspace == NULL) return (ENOMEM); newvmspace->vm_swrss = oldvmspace->vm_swrss; @@ -4217,7 +4213,7 @@ RetryLookupLocked: * Return the object/offset from this entry. If the entry was * copy-on-write or empty, it has been fixed up. */ - *pindex = UOFF_TO_IDX((vaddr - entry->start) + entry->offset); + *pindex = OFF_TO_IDX((vaddr - entry->start) + entry->offset); *object = entry->object.vm_object; *out_prot = prot; @@ -4298,7 +4294,7 @@ vm_map_lookup_locked(vm_map_t *var_map, /* IN/OUT */ * Return the object/offset from this entry. If the entry was * copy-on-write or empty, it has been fixed up. */ - *pindex = UOFF_TO_IDX((vaddr - entry->start) + entry->offset); + *pindex = OFF_TO_IDX((vaddr - entry->start) + entry->offset); *object = entry->object.vm_object; *out_prot = prot; diff --git a/sys/vm/vm_mmap.c b/sys/vm/vm_mmap.c index e8772a1eadde..c767d33151af 100644 --- a/sys/vm/vm_mmap.c +++ b/sys/vm/vm_mmap.c @@ -129,14 +129,8 @@ sys_sstk(struct thread *td, struct sstk_args *uap) } #if defined(COMPAT_43) -#ifndef _SYS_SYSPROTO_H_ -struct getpagesize_args { - int dummy; -}; -#endif - int -ogetpagesize(struct thread *td, struct getpagesize_args *uap) +ogetpagesize(struct thread *td, struct ogetpagesize_args *uap) { td->td_retval[0] = PAGE_SIZE; diff --git a/sys/vm/vm_object.c b/sys/vm/vm_object.c index 578bcd760071..c50a673f8255 100644 --- a/sys/vm/vm_object.c +++ b/sys/vm/vm_object.c @@ -2306,16 +2306,63 @@ next_page: } } +/* + * Return the vnode for the given object, or NULL if none exists. + * For tmpfs objects, the function may return NULL if there is + * no vnode allocated at the time of the call. + */ struct vnode * vm_object_vnode(vm_object_t object) { + struct vnode *vp; VM_OBJECT_ASSERT_LOCKED(object); - if (object->type == OBJT_VNODE) - return (object->handle); - if (object->type == OBJT_SWAP && (object->flags & OBJ_TMPFS) != 0) - return (object->un_pager.swp.swp_tmpfs); - return (NULL); + if (object->type == OBJT_VNODE) { + vp = object->handle; + KASSERT(vp != NULL, ("%s: OBJT_VNODE has no vnode", __func__)); + } else if (object->type == OBJT_SWAP && + (object->flags & OBJ_TMPFS) != 0) { + vp = object->un_pager.swp.swp_tmpfs; + KASSERT(vp != NULL, ("%s: OBJT_TMPFS has no vnode", __func__)); + } else { + vp = NULL; + } + return (vp); +} + +/* + * Return the kvme type of the given object. + * If vpp is not NULL, set it to the object's vm_object_vnode() or NULL. + */ +int +vm_object_kvme_type(vm_object_t object, struct vnode **vpp) +{ + + VM_OBJECT_ASSERT_LOCKED(object); + if (vpp != NULL) + *vpp = vm_object_vnode(object); + switch (object->type) { + case OBJT_DEFAULT: + return (KVME_TYPE_DEFAULT); + case OBJT_VNODE: + return (KVME_TYPE_VNODE); + case OBJT_SWAP: + if ((object->flags & OBJ_TMPFS_NODE) != 0) + return (KVME_TYPE_VNODE); + return (KVME_TYPE_SWAP); + case OBJT_DEVICE: + return (KVME_TYPE_DEVICE); + case OBJT_PHYS: + return (KVME_TYPE_PHYS); + case OBJT_DEAD: + return (KVME_TYPE_DEAD); + case OBJT_SG: + return (KVME_TYPE_SG); + case OBJT_MGTDEVICE: + return (KVME_TYPE_MGTDEVICE); + default: + return (KVME_TYPE_UNKNOWN); + } } static int @@ -2392,38 +2439,9 @@ sysctl_vm_object_list(SYSCTL_HANDLER_ARGS) kvo->kvo_vn_fsid_freebsd11 = 0; freepath = NULL; fullpath = ""; - vp = NULL; - switch (obj->type) { - case OBJT_DEFAULT: - kvo->kvo_type = KVME_TYPE_DEFAULT; - break; - case OBJT_VNODE: - kvo->kvo_type = KVME_TYPE_VNODE; - vp = obj->handle; + kvo->kvo_type = vm_object_kvme_type(obj, &vp); + if (vp != NULL) vref(vp); - break; - case OBJT_SWAP: - kvo->kvo_type = KVME_TYPE_SWAP; - break; - case OBJT_DEVICE: - kvo->kvo_type = KVME_TYPE_DEVICE; - break; - case OBJT_PHYS: - kvo->kvo_type = KVME_TYPE_PHYS; - break; - case OBJT_DEAD: - kvo->kvo_type = KVME_TYPE_DEAD; - break; - case OBJT_SG: - kvo->kvo_type = KVME_TYPE_SG; - break; - case OBJT_MGTDEVICE: - kvo->kvo_type = KVME_TYPE_MGTDEVICE; - break; - default: - kvo->kvo_type = KVME_TYPE_UNKNOWN; - break; - } VM_OBJECT_RUNLOCK(obj); if (vp != NULL) { vn_fullpath(curthread, vp, &fullpath, &freepath); diff --git a/sys/vm/vm_object.h b/sys/vm/vm_object.h index 6585a6245638..89aea522374e 100644 --- a/sys/vm/vm_object.h +++ b/sys/vm/vm_object.h @@ -196,20 +196,13 @@ struct vm_object { /* * Helpers to perform conversion between vm_object page indexes and offsets. * IDX_TO_OFF() converts an index into an offset. - * OFF_TO_IDX() converts an offset into an index. Since offsets are signed - * by default, the sign propagation in OFF_TO_IDX(), when applied to - * negative offsets, is intentional and returns a vm_object page index - * that cannot be created by a userspace mapping. - * UOFF_TO_IDX() treats the offset as an unsigned value and converts it - * into an index accordingly. Use it only when the full range of offset - * values are allowed. Currently, this only applies to device mappings. + * OFF_TO_IDX() converts an offset into an index. * OBJ_MAX_SIZE specifies the maximum page index corresponding to the * maximum unsigned offset. */ #define IDX_TO_OFF(idx) (((vm_ooffset_t)(idx)) << PAGE_SHIFT) #define OFF_TO_IDX(off) ((vm_pindex_t)(((vm_ooffset_t)(off)) >> PAGE_SHIFT)) -#define UOFF_TO_IDX(off) (((vm_pindex_t)(off)) >> PAGE_SHIFT) -#define OBJ_MAX_SIZE (UOFF_TO_IDX(UINT64_MAX) + 1) +#define OBJ_MAX_SIZE (OFF_TO_IDX(UINT64_MAX) + 1) #ifdef _KERNEL @@ -263,6 +256,8 @@ extern struct vm_object kernel_object_store; #define VM_OBJECT_WUNLOCK(object) \ rw_wunlock(&(object)->lock) +struct vnode; + /* * The object must be locked or thread private. */ @@ -328,6 +323,7 @@ void vm_object_destroy (vm_object_t); void vm_object_terminate (vm_object_t); void vm_object_set_writeable_dirty (vm_object_t); void vm_object_init (void); +int vm_object_kvme_type(vm_object_t object, struct vnode **vpp); void vm_object_madvise(vm_object_t, vm_pindex_t, vm_pindex_t, int); boolean_t vm_object_page_clean(vm_object_t object, vm_ooffset_t start, vm_ooffset_t end, int flags); diff --git a/sys/vm/vm_page.c b/sys/vm/vm_page.c index 10b6f7b4a916..f5115a578c71 100644 --- a/sys/vm/vm_page.c +++ b/sys/vm/vm_page.c @@ -355,7 +355,8 @@ vm_page_blacklist_add(vm_paddr_t pa, bool verbose) vm_domain_free_lock(vmd); ret = vm_phys_unfree_page(m); vm_domain_free_unlock(vmd); - if (ret) { + if (ret != 0) { + vm_domain_freecnt_inc(vmd, -1); TAILQ_INSERT_TAIL(&blacklist_head, m, listq); if (verbose) printf("Skipping page with pa 0x%jx\n", (uintmax_t)pa); diff --git a/sys/x86/acpica/srat.c b/sys/x86/acpica/srat.c index b7b31dfa1e6f..72101478e617 100644 --- a/sys/x86/acpica/srat.c +++ b/sys/x86/acpica/srat.c @@ -36,543 +36,33 @@ __FBSDID("$FreeBSD$"); #include <sys/systm.h> #include <sys/bus.h> #include <sys/kernel.h> -#include <sys/lock.h> -#include <sys/mutex.h> -#include <sys/smp.h> -#include <sys/vmmeter.h> -#include <vm/vm.h> -#include <vm/pmap.h> -#include <vm/vm_param.h> -#include <vm/vm_page.h> -#include <vm/vm_phys.h> #include <contrib/dev/acpica/include/acpi.h> -#include <contrib/dev/acpica/include/aclocal.h> -#include <contrib/dev/acpica/include/actables.h> -#include <machine/intr_machdep.h> #include <machine/md_var.h> -#include <x86/apicvar.h> #include <dev/acpica/acpivar.h> #if MAXMEMDOM > 1 -static struct cpu_info { - int enabled:1; - int has_memory:1; - int domain; -} *cpus; - -struct mem_affinity mem_info[VM_PHYSSEG_MAX + 1]; -int num_mem; - -static ACPI_TABLE_SRAT *srat; -static vm_paddr_t srat_physaddr; - -static int domain_pxm[MAXMEMDOM]; -static int ndomain; - -static ACPI_TABLE_SLIT *slit; -static vm_paddr_t slit_physaddr; -static int vm_locality_table[MAXMEMDOM * MAXMEMDOM]; - -static void srat_walk_table(acpi_subtable_handler *handler, void *arg); - -/* - * SLIT parsing. - */ - -static void -slit_parse_table(ACPI_TABLE_SLIT *s) -{ - int i, j; - int i_domain, j_domain; - int offset = 0; - uint8_t e; - - /* - * This maps the SLIT data into the VM-domain centric view. - * There may be sparse entries in the PXM namespace, so - * remap them to a VM-domain ID and if it doesn't exist, - * skip it. - * - * It should result in a packed 2d array of VM-domain - * locality information entries. - */ - - if (bootverbose) - printf("SLIT.Localities: %d\n", (int) s->LocalityCount); - for (i = 0; i < s->LocalityCount; i++) { - i_domain = acpi_map_pxm_to_vm_domainid(i); - if (i_domain < 0) - continue; - - if (bootverbose) - printf("%d: ", i); - for (j = 0; j < s->LocalityCount; j++) { - j_domain = acpi_map_pxm_to_vm_domainid(j); - if (j_domain < 0) - continue; - e = s->Entry[i * s->LocalityCount + j]; - if (bootverbose) - printf("%d ", (int) e); - /* 255 == "no locality information" */ - if (e == 255) - vm_locality_table[offset] = -1; - else - vm_locality_table[offset] = e; - offset++; - } - if (bootverbose) - printf("\n"); - } -} - -/* - * Look for an ACPI System Locality Distance Information Table ("SLIT") - */ -static int -parse_slit(void) -{ - - if (resource_disabled("slit", 0)) { - return (-1); - } - - slit_physaddr = acpi_find_table(ACPI_SIG_SLIT); - if (slit_physaddr == 0) { - return (-1); - } - - /* - * Make a pass over the table to populate the cpus[] and - * mem_info[] tables. - */ - slit = acpi_map_table(slit_physaddr, ACPI_SIG_SLIT); - slit_parse_table(slit); - acpi_unmap_table(slit); - slit = NULL; - - return (0); -} - -/* - * SRAT parsing. - */ - -/* - * Returns true if a memory range overlaps with at least one range in - * phys_avail[]. - */ -static int -overlaps_phys_avail(vm_paddr_t start, vm_paddr_t end) -{ - int i; - - for (i = 0; phys_avail[i] != 0 && phys_avail[i + 1] != 0; i += 2) { - if (phys_avail[i + 1] <= start) - continue; - if (phys_avail[i] < end) - return (1); - break; - } - return (0); - -} - -static void -srat_parse_entry(ACPI_SUBTABLE_HEADER *entry, void *arg) -{ - ACPI_SRAT_CPU_AFFINITY *cpu; - ACPI_SRAT_X2APIC_CPU_AFFINITY *x2apic; - ACPI_SRAT_MEM_AFFINITY *mem; - int domain, i, slot; - - switch (entry->Type) { - case ACPI_SRAT_TYPE_CPU_AFFINITY: - cpu = (ACPI_SRAT_CPU_AFFINITY *)entry; - domain = cpu->ProximityDomainLo | - cpu->ProximityDomainHi[0] << 8 | - cpu->ProximityDomainHi[1] << 16 | - cpu->ProximityDomainHi[2] << 24; - if (bootverbose) - printf("SRAT: Found CPU APIC ID %u domain %d: %s\n", - cpu->ApicId, domain, - (cpu->Flags & ACPI_SRAT_CPU_ENABLED) ? - "enabled" : "disabled"); - if (!(cpu->Flags & ACPI_SRAT_CPU_ENABLED)) - break; - if (cpu->ApicId > max_apic_id) { - printf("SRAT: Ignoring local APIC ID %u (too high)\n", - cpu->ApicId); - break; - } - - if (cpus[cpu->ApicId].enabled) { - printf("SRAT: Duplicate local APIC ID %u\n", - cpu->ApicId); - *(int *)arg = ENXIO; - break; - } - cpus[cpu->ApicId].domain = domain; - cpus[cpu->ApicId].enabled = 1; - break; - case ACPI_SRAT_TYPE_X2APIC_CPU_AFFINITY: - x2apic = (ACPI_SRAT_X2APIC_CPU_AFFINITY *)entry; - if (bootverbose) - printf("SRAT: Found CPU APIC ID %u domain %d: %s\n", - x2apic->ApicId, x2apic->ProximityDomain, - (x2apic->Flags & ACPI_SRAT_CPU_ENABLED) ? - "enabled" : "disabled"); - if (!(x2apic->Flags & ACPI_SRAT_CPU_ENABLED)) - break; - if (x2apic->ApicId > max_apic_id) { - printf("SRAT: Ignoring local APIC ID %u (too high)\n", - x2apic->ApicId); - break; - } - - KASSERT(!cpus[x2apic->ApicId].enabled, - ("Duplicate local APIC ID %u", x2apic->ApicId)); - cpus[x2apic->ApicId].domain = x2apic->ProximityDomain; - cpus[x2apic->ApicId].enabled = 1; - break; - case ACPI_SRAT_TYPE_MEMORY_AFFINITY: - mem = (ACPI_SRAT_MEM_AFFINITY *)entry; - if (bootverbose) - printf( - "SRAT: Found memory domain %d addr 0x%jx len 0x%jx: %s\n", - mem->ProximityDomain, (uintmax_t)mem->BaseAddress, - (uintmax_t)mem->Length, - (mem->Flags & ACPI_SRAT_MEM_ENABLED) ? - "enabled" : "disabled"); - if (!(mem->Flags & ACPI_SRAT_MEM_ENABLED)) - break; - if (mem->BaseAddress >= cpu_getmaxphyaddr() || - !overlaps_phys_avail(mem->BaseAddress, - mem->BaseAddress + mem->Length)) { - printf("SRAT: Ignoring memory at addr 0x%jx\n", - (uintmax_t)mem->BaseAddress); - break; - } - if (num_mem == VM_PHYSSEG_MAX) { - printf("SRAT: Too many memory regions\n"); - *(int *)arg = ENXIO; - break; - } - slot = num_mem; - for (i = 0; i < num_mem; i++) { - if (mem_info[i].end <= mem->BaseAddress) - continue; - if (mem_info[i].start < - (mem->BaseAddress + mem->Length)) { - printf("SRAT: Overlapping memory entries\n"); - *(int *)arg = ENXIO; - return; - } - slot = i; - } - for (i = num_mem; i > slot; i--) - mem_info[i] = mem_info[i - 1]; - mem_info[slot].start = mem->BaseAddress; - mem_info[slot].end = mem->BaseAddress + mem->Length; - mem_info[slot].domain = mem->ProximityDomain; - num_mem++; - break; - } -} - -/* - * Ensure each memory domain has at least one CPU and that each CPU - * has at least one memory domain. - */ -static int -check_domains(void) -{ - int found, i, j; - - for (i = 0; i < num_mem; i++) { - found = 0; - for (j = 0; j <= max_apic_id; j++) - if (cpus[j].enabled && - cpus[j].domain == mem_info[i].domain) { - cpus[j].has_memory = 1; - found++; - } - if (!found) { - printf("SRAT: No CPU found for memory domain %d\n", - mem_info[i].domain); - return (ENXIO); - } - } - for (i = 0; i <= max_apic_id; i++) - if (cpus[i].enabled && !cpus[i].has_memory) { - found = 0; - for (j = 0; j < num_mem && !found; j++) { - if (mem_info[j].domain == cpus[i].domain) - found = 1; - } - if (!found) { - if (bootverbose) - printf("SRAT: mem dom %d is empty\n", - cpus[i].domain); - mem_info[num_mem].start = 0; - mem_info[num_mem].end = 0; - mem_info[num_mem].domain = cpus[i].domain; - num_mem++; - } - } - return (0); -} - -/* - * Check that the SRAT memory regions cover all of the regions in - * phys_avail[]. - */ -static int -check_phys_avail(void) -{ - vm_paddr_t address; - int i, j; - - /* j is the current offset into phys_avail[]. */ - address = phys_avail[0]; - j = 0; - for (i = 0; i < num_mem; i++) { - /* - * Consume as many phys_avail[] entries as fit in this - * region. - */ - while (address >= mem_info[i].start && - address <= mem_info[i].end) { - /* - * If we cover the rest of this phys_avail[] entry, - * advance to the next entry. - */ - if (phys_avail[j + 1] <= mem_info[i].end) { - j += 2; - if (phys_avail[j] == 0 && - phys_avail[j + 1] == 0) { - return (0); - } - address = phys_avail[j]; - } else - address = mem_info[i].end + 1; - } - } - printf("SRAT: No memory region found for 0x%jx - 0x%jx\n", - (uintmax_t)phys_avail[j], (uintmax_t)phys_avail[j + 1]); - return (ENXIO); -} - -/* - * Renumber the memory domains to be compact and zero-based if not - * already. Returns an error if there are too many domains. - */ -static int -renumber_domains(void) -{ - int i, j, slot; - - /* Enumerate all the domains. */ - ndomain = 0; - for (i = 0; i < num_mem; i++) { - /* See if this domain is already known. */ - for (j = 0; j < ndomain; j++) { - if (domain_pxm[j] >= mem_info[i].domain) - break; - } - if (j < ndomain && domain_pxm[j] == mem_info[i].domain) - continue; - - if (ndomain >= MAXMEMDOM) { - ndomain = 1; - printf("SRAT: Too many memory domains\n"); - return (EFBIG); - } - - /* Insert the new domain at slot 'j'. */ - slot = j; - for (j = ndomain; j > slot; j--) - domain_pxm[j] = domain_pxm[j - 1]; - domain_pxm[slot] = mem_info[i].domain; - ndomain++; - } - - /* Renumber each domain to its index in the sorted 'domain_pxm' list. */ - for (i = 0; i < ndomain; i++) { - /* - * If the domain is already the right value, no need - * to renumber. - */ - if (domain_pxm[i] == i) - continue; - - /* Walk the cpu[] and mem_info[] arrays to renumber. */ - for (j = 0; j < num_mem; j++) - if (mem_info[j].domain == domain_pxm[i]) - mem_info[j].domain = i; - for (j = 0; j <= max_apic_id; j++) - if (cpus[j].enabled && cpus[j].domain == domain_pxm[i]) - cpus[j].domain = i; - } - - return (0); -} - -/* - * Look for an ACPI System Resource Affinity Table ("SRAT") - */ -static int -parse_srat(void) -{ - unsigned int idx, size; - vm_paddr_t addr; - int error; - - if (resource_disabled("srat", 0)) - return (-1); - - srat_physaddr = acpi_find_table(ACPI_SIG_SRAT); - if (srat_physaddr == 0) - return (-1); - - /* - * Allocate data structure: - * - * Find the last physical memory region and steal some memory from - * it. This is done because at this point in the boot process - * malloc is still not usable. - */ - for (idx = 0; phys_avail[idx + 1] != 0; idx += 2); - KASSERT(idx != 0, ("phys_avail is empty!")); - idx -= 2; - - size = sizeof(*cpus) * (max_apic_id + 1); - addr = trunc_page(phys_avail[idx + 1] - size); - KASSERT(addr >= phys_avail[idx], - ("Not enough memory for SRAT table items")); - phys_avail[idx + 1] = addr - 1; - - /* - * We cannot rely on PHYS_TO_DMAP because this code is also used in - * i386, so use pmap_mapbios to map the memory, this will end up using - * the default memory attribute (WB), and the DMAP when available. - */ - cpus = (struct cpu_info *)pmap_mapbios(addr, size); - bzero(cpus, size); - - /* - * Make a pass over the table to populate the cpus[] and - * mem_info[] tables. - */ - srat = acpi_map_table(srat_physaddr, ACPI_SIG_SRAT); - error = 0; - srat_walk_table(srat_parse_entry, &error); - acpi_unmap_table(srat); - srat = NULL; - if (error || check_domains() != 0 || check_phys_avail() != 0 || - renumber_domains() != 0) { - srat_physaddr = 0; - return (-1); - } - - return (0); -} - -static void -init_mem_locality(void) -{ - int i; - - /* - * For now, assume -1 == "no locality information for - * this pairing. - */ - for (i = 0; i < MAXMEMDOM * MAXMEMDOM; i++) - vm_locality_table[i] = -1; -} static void parse_acpi_tables(void *dummy) { - if (parse_srat() < 0) - return; - init_mem_locality(); - (void)parse_slit(); - vm_phys_register_domains(ndomain, mem_info, vm_locality_table); + acpi_pxm_init(max_apic_id + 1, cpu_getmaxphyaddr()); + acpi_pxm_parse_tables(); + acpi_pxm_set_mem_locality(); } SYSINIT(parse_acpi_tables, SI_SUB_VM - 1, SI_ORDER_FIRST, parse_acpi_tables, NULL); static void -srat_walk_table(acpi_subtable_handler *handler, void *arg) -{ - - acpi_walk_subtables(srat + 1, (char *)srat + srat->Header.Length, - handler, arg); -} - -/* - * Setup per-CPU domain IDs. - */ -static void srat_set_cpus(void *dummy) { - struct cpu_info *cpu; - struct pcpu *pc; - u_int i; - if (srat_physaddr == 0) - return; - for (i = 0; i < MAXCPU; i++) { - if (CPU_ABSENT(i)) - continue; - pc = pcpu_find(i); - KASSERT(pc != NULL, ("no pcpu data for CPU %u", i)); - cpu = &cpus[pc->pc_apic_id]; - if (!cpu->enabled) - panic("SRAT: CPU with APIC ID %u is not known", - pc->pc_apic_id); - pc->pc_domain = vm_ndomains > 1 ? cpu->domain : 0; - CPU_SET(i, &cpuset_domain[pc->pc_domain]); - if (bootverbose) - printf("SRAT: CPU %u has memory domain %d\n", i, - pc->pc_domain); - } - - /* Last usage of the cpus array, unmap it. */ - pmap_unmapbios((vm_offset_t)cpus, sizeof(*cpus) * (max_apic_id + 1)); - cpus = NULL; + acpi_pxm_set_cpu_locality(); + acpi_pxm_free(); } SYSINIT(srat_set_cpus, SI_SUB_CPU, SI_ORDER_ANY, srat_set_cpus, NULL); -/* - * Map a _PXM value to a VM domain ID. - * - * Returns the domain ID, or -1 if no domain ID was found. - */ -int -acpi_map_pxm_to_vm_domainid(int pxm) -{ - int i; - - for (i = 0; i < ndomain; i++) { - if (domain_pxm[i] == pxm) - return (vm_ndomains > 1 ? i : 0); - } - - return (-1); -} - -#else /* MAXMEMDOM == 1 */ - -int -acpi_map_pxm_to_vm_domainid(int pxm) -{ - - return (-1); -} - #endif /* MAXMEMDOM > 1 */ diff --git a/tests/sys/geom/class/eli/Makefile b/tests/sys/geom/class/eli/Makefile index 6e34b3e6974a..b5ab81b08f42 100644 --- a/tests/sys/geom/class/eli/Makefile +++ b/tests/sys/geom/class/eli/Makefile @@ -21,10 +21,6 @@ ATF_TESTS_SH+= setkey_test ${PACKAGE}FILES+= conf.sh -.for t in ${TAP_TESTS_SH} -TEST_METADATA.$t+= required_user="root" -.endfor - CFLAGS.pbkdf2_test= -I${SRCTOP}/sys SRCS.pbkdf2_test= \ diff --git a/tests/sys/geom/class/eli/attach_test.sh b/tests/sys/geom/class/eli/attach_test.sh index 42230059ac2d..94c7e88ada3d 100644 --- a/tests/sys/geom/class/eli/attach_test.sh +++ b/tests/sys/geom/class/eli/attach_test.sh @@ -1,5 +1,7 @@ # $FreeBSD$ +. $(atf_get_srcdir)/conf.sh + atf_test_case attach_d cleanup attach_d_head() { @@ -8,7 +10,7 @@ attach_d_head() } attach_d_body() { - . $(atf_get_srcdir)/conf.sh + geli_test_setup sectors=100 md=$(attach_md -t malloc -s `expr $sectors + 1`) @@ -35,7 +37,6 @@ attach_d_body() } attach_d_cleanup() { - . $(atf_get_srcdir)/conf.sh geli_test_cleanup } @@ -47,7 +48,7 @@ attach_r_head() } attach_r_body() { - . $(atf_get_srcdir)/conf.sh + geli_test_setup sectors=100 md=$(attach_md -t malloc -s `expr $sectors + 1`) @@ -64,7 +65,6 @@ attach_r_body() } attach_r_cleanup() { - . $(atf_get_srcdir)/conf.sh geli_test_cleanup } @@ -76,7 +76,7 @@ nokey_head() } nokey_body() { - . $(atf_get_srcdir)/conf.sh + geli_test_setup sectors=100 md=$(attach_md -t malloc -s `expr $sectors + 1`) @@ -88,7 +88,6 @@ nokey_body() } nokey_cleanup() { - . $(atf_get_srcdir)/conf.sh geli_test_cleanup } diff --git a/tests/sys/geom/class/eli/conf.sh b/tests/sys/geom/class/eli/conf.sh index 52885a186ff0..1a37f806d74a 100644 --- a/tests/sys/geom/class/eli/conf.sh +++ b/tests/sys/geom/class/eli/conf.sh @@ -4,7 +4,6 @@ class="eli" base=$(atf_get ident) MAX_SECSIZE=8192 -TEST_MDS_FILE=md.devs attach_md() { @@ -82,7 +81,6 @@ for_each_geli_config_nointegrity() { done } - geli_test_cleanup() { if [ -f "$TEST_MDS_FILE" ]; then @@ -95,4 +93,10 @@ geli_test_cleanup() true } +geli_test_setup() +{ + geom_atf_test_setup +} + +ATF_TEST=true . `dirname $0`/../geom_subr.sh diff --git a/tests/sys/geom/class/eli/configure_test.sh b/tests/sys/geom/class/eli/configure_test.sh index da060e6119ea..a90a3da3e4d0 100644 --- a/tests/sys/geom/class/eli/configure_test.sh +++ b/tests/sys/geom/class/eli/configure_test.sh @@ -1,5 +1,7 @@ # $FreeBSD$ +. $(atf_get_srcdir)/conf.sh + atf_test_case configure_b_B cleanup configure_b_B_head() { @@ -8,7 +10,7 @@ configure_b_B_head() } configure_b_B_body() { - . $(atf_get_srcdir)/conf.sh + geli_test_setup sectors=100 md=$(attach_md -t malloc -s `expr $sectors + 1`) @@ -49,7 +51,6 @@ configure_b_B_body() } configure_b_B_cleanup() { - . $(atf_get_srcdir)/conf.sh geli_test_cleanup } diff --git a/tests/sys/geom/class/eli/delkey_test.sh b/tests/sys/geom/class/eli/delkey_test.sh index 9542e0166a9f..46c73aef8816 100644 --- a/tests/sys/geom/class/eli/delkey_test.sh +++ b/tests/sys/geom/class/eli/delkey_test.sh @@ -1,6 +1,8 @@ #!/bin/sh # $FreeBSD$ +. $(atf_get_srcdir)/conf.sh + atf_test_case delkey cleanup delkey_head() { @@ -9,7 +11,7 @@ delkey_head() } delkey_body() { - . $(atf_get_srcdir)/conf.sh + geli_test_setup sectors=100 md=$(attach_md -t malloc -s `expr $sectors + 1`) @@ -76,7 +78,6 @@ delkey_body() } delkey_cleanup() { - . $(atf_get_srcdir)/conf.sh geli_test_cleanup } @@ -88,7 +89,7 @@ delkey_readonly_head() } delkey_readonly_body() { - . $(atf_get_srcdir)/conf.sh + geli_test_setup sectors=100 md=$(attach_md -t malloc -s `expr $sectors + 1`) @@ -103,7 +104,6 @@ delkey_readonly_body() } delkey_readonly_cleanup() { - . $(atf_get_srcdir)/conf.sh geli_test_cleanup } diff --git a/tests/sys/geom/class/eli/detach_test.sh b/tests/sys/geom/class/eli/detach_test.sh index 1a3bd3887e8d..0901f327dc8f 100644 --- a/tests/sys/geom/class/eli/detach_test.sh +++ b/tests/sys/geom/class/eli/detach_test.sh @@ -1,5 +1,7 @@ # $FreeBSD$ +. $(atf_get_srcdir)/conf.sh + atf_test_case detach_l cleanup detach_l_head() { @@ -8,7 +10,7 @@ detach_l_head() } detach_l_body() { - . $(atf_get_srcdir)/conf.sh + geli_test_setup sectors=100 md=$(attach_md -t malloc -s `expr $sectors + 1`) @@ -36,7 +38,6 @@ detach_l_body() } detach_l_cleanup() { - . $(atf_get_srcdir)/conf.sh geli_test_cleanup } diff --git a/tests/sys/geom/class/eli/init_test.sh b/tests/sys/geom/class/eli/init_test.sh index b07d8532deb4..e60a103dd6e8 100644 --- a/tests/sys/geom/class/eli/init_test.sh +++ b/tests/sys/geom/class/eli/init_test.sh @@ -1,6 +1,8 @@ #!/bin/sh # $FreeBSD$ +. $(atf_get_srcdir)/conf.sh + init_test() { cipher=$1 @@ -39,7 +41,7 @@ init_head() } init_body() { - . $(atf_get_srcdir)/conf.sh + geli_test_setup sectors=32 @@ -50,7 +52,6 @@ init_body() } init_cleanup() { - . $(atf_get_srcdir)/conf.sh geli_test_cleanup } @@ -62,7 +63,7 @@ init_B_head() } init_B_body() { - . $(atf_get_srcdir)/conf.sh + geli_test_setup sectors=100 @@ -104,7 +105,6 @@ init_B_body() } init_B_cleanup() { - . $(atf_get_srcdir)/conf.sh geli_test_cleanup } @@ -116,7 +116,7 @@ init_J_head() } init_J_body() { - . $(atf_get_srcdir)/conf.sh + geli_test_setup sectors=100 md=$(attach_md -t malloc -s `expr $sectors + 1`) @@ -223,7 +223,6 @@ init_J_body() } init_J_cleanup() { - . $(atf_get_srcdir)/conf.sh geli_test_cleanup } @@ -260,7 +259,7 @@ init_a_head() } init_a_body() { - . $(atf_get_srcdir)/conf.sh + geli_test_setup sectors=100 @@ -272,7 +271,6 @@ init_a_body() } init_a_cleanup() { - . $(atf_get_srcdir)/conf.sh geli_test_cleanup } @@ -304,7 +302,7 @@ init_alias_head() } init_alias_body() { - . $(atf_get_srcdir)/conf.sh + geli_test_setup md=$(attach_md -t malloc -s 1024k) atf_check dd if=/dev/random of=keyfile bs=512 count=16 status=none @@ -330,7 +328,6 @@ init_alias_body() } init_alias_cleanup() { - . $(atf_get_srcdir)/conf.sh geli_test_cleanup } @@ -342,7 +339,7 @@ init_i_P_head() } init_i_P_body() { - . $(atf_get_srcdir)/conf.sh + geli_test_setup sectors=100 md=$(attach_md -t malloc -s `expr $sectors + 1`) @@ -354,7 +351,6 @@ init_i_P_body() } init_i_P_cleanup() { - . $(atf_get_srcdir)/conf.sh geli_test_cleanup } @@ -366,7 +362,7 @@ nokey_head() } nokey_body() { - . $(atf_get_srcdir)/conf.sh + geli_test_setup sectors=100 md=$(attach_md -t malloc -s `expr $sectors + 1`) @@ -376,7 +372,6 @@ nokey_body() } nokey_cleanup() { - . $(atf_get_srcdir)/conf.sh geli_test_cleanup } diff --git a/tests/sys/geom/class/eli/integrity_test.sh b/tests/sys/geom/class/eli/integrity_test.sh index f2bc8a32fd8d..583a9c2f29e5 100644 --- a/tests/sys/geom/class/eli/integrity_test.sh +++ b/tests/sys/geom/class/eli/integrity_test.sh @@ -1,5 +1,7 @@ # $FreeBSD$ +. $(atf_get_srcdir)/conf.sh + copy_test() { cipher=$1 aalgo=$2 @@ -51,18 +53,17 @@ copy_head() } copy_body() { - . $(atf_get_srcdir)/conf.sh + geli_test_setup sectors=2 atf_check dd if=/dev/random of=keyfile bs=512 count=16 status=none dd if=/dev/random of=rnd bs=${MAX_SECSIZE} count=${sectors} status=none - + for_each_geli_config copy_test backing_file } copy_cleanup() { - . $(atf_get_srcdir)/conf.sh geli_test_cleanup } @@ -98,7 +99,7 @@ data_head() } data_body() { - . $(atf_get_srcdir)/conf.sh + geli_test_setup sectors=2 @@ -108,7 +109,6 @@ data_body() } data_cleanup() { - . $(atf_get_srcdir)/conf.sh geli_test_cleanup } @@ -143,7 +143,7 @@ hmac_head() } hmac_body() { - . $(atf_get_srcdir)/conf.sh + geli_test_setup sectors=2 @@ -153,7 +153,6 @@ hmac_body() } hmac_cleanup() { - . $(atf_get_srcdir)/conf.sh geli_test_cleanup } diff --git a/tests/sys/geom/class/eli/kill_test.sh b/tests/sys/geom/class/eli/kill_test.sh index ef7f06893cda..9a49db8a6a4f 100644 --- a/tests/sys/geom/class/eli/kill_test.sh +++ b/tests/sys/geom/class/eli/kill_test.sh @@ -1,5 +1,7 @@ # $FreeBSD$ +. $(atf_get_srcdir)/conf.sh + atf_test_case kill cleanup kill_head() { @@ -8,7 +10,7 @@ kill_head() } kill_body() { - . $(atf_get_srcdir)/conf.sh + geli_test_setup sectors=100 md=$(attach_md -t malloc -s `expr $sectors + 1`) @@ -61,7 +63,6 @@ kill_body() } kill_cleanup() { - . $(atf_get_srcdir)/conf.sh geli_test_cleanup } @@ -73,7 +74,7 @@ kill_readonly_head() } kill_readonly_body() { - . $(atf_get_srcdir)/conf.sh + geli_test_setup sectors=100 md=$(attach_md -t malloc -s `expr $sectors + 1`) @@ -91,7 +92,6 @@ kill_readonly_body() } kill_readonly_cleanup() { - . $(atf_get_srcdir)/conf.sh geli_test_cleanup } diff --git a/tests/sys/geom/class/eli/misc_test.sh b/tests/sys/geom/class/eli/misc_test.sh index 2dd60a4d8019..24bdc303add6 100644 --- a/tests/sys/geom/class/eli/misc_test.sh +++ b/tests/sys/geom/class/eli/misc_test.sh @@ -24,6 +24,8 @@ # # $FreeBSD$ +. $(atf_get_srcdir)/conf.sh + atf_test_case preserve_props cleanup preserve_props_head() { @@ -33,7 +35,8 @@ preserve_props_head() } preserve_props_body() { - . $(atf_get_srcdir)/conf.sh + geli_test_setup + md=$(attach_md -s1m) atf_check geli onetime /dev/${md} md_secsize=$(diskinfo ${md} | cut -wf 2) @@ -45,7 +48,6 @@ preserve_props_body() } preserve_props_cleanup() { - . $(atf_get_srcdir)/conf.sh geli_test_cleanup } @@ -59,7 +61,8 @@ preserve_disk_props_head() } preserve_disk_props_body() { - . $(atf_get_srcdir)/conf.sh + geli_test_setup + disks=`atf_config_get disks` disk=${disks%% *} if [ -z "$disk" ]; then @@ -82,7 +85,6 @@ preserve_disk_props_body() } preserve_disk_props_cleanup() { - . $(atf_get_srcdir)/conf.sh disk_cleanup geli_test_cleanup } @@ -96,8 +98,10 @@ physpath_head() } physpath_body() { - . $(atf_get_srcdir)/conf.sh - load_gnop + geli_test_setup + if ! error_message=$(geom_load_class_if_needed nop); then + atf_skip "$error_message" + fi md=$(attach_md -s1m) # If the underlying device has no physical path, then geli should not @@ -116,8 +120,6 @@ physpath_body() } physpath_cleanup() { - . $(atf_get_srcdir)/conf.sh - if [ -f "$TEST_MDS_FILE" ]; then while read md; do [ -c /dev/${md}.nop.eli ] && \ @@ -168,10 +170,3 @@ disk_cleanup() geli kill ${disk} 2>/dev/null fi } - -load_gnop() -{ - if ! kldstat -q -m g_nop; then - geom nop load || atf_skip "could not load module for geom nop" - fi -} diff --git a/tests/sys/geom/class/eli/onetime_test.sh b/tests/sys/geom/class/eli/onetime_test.sh index fff1a1fa396b..65939db5761c 100644 --- a/tests/sys/geom/class/eli/onetime_test.sh +++ b/tests/sys/geom/class/eli/onetime_test.sh @@ -1,5 +1,7 @@ # $FreeBSD$ +. $(atf_get_srcdir)/conf.sh + onetime_test() { cipher=$1 @@ -35,7 +37,8 @@ onetime_head() } onetime_body() { - . $(atf_get_srcdir)/conf.sh + geli_test_setup + sectors=100 dd if=/dev/random of=rnd bs=${MAX_SECSIZE} count=${sectors} status=none @@ -43,7 +46,6 @@ onetime_body() } onetime_cleanup() { - . $(atf_get_srcdir)/conf.sh geli_test_cleanup } @@ -78,7 +80,8 @@ onetime_a_head() } onetime_a_body() { - . $(atf_get_srcdir)/conf.sh + geli_test_setup + sectors=8 atf_check dd if=/dev/random of=rnd bs=$MAX_SECSIZE count=$sectors \ @@ -87,7 +90,6 @@ onetime_a_body() } onetime_a_cleanup() { - . $(atf_get_srcdir)/conf.sh geli_test_cleanup } @@ -99,7 +101,7 @@ onetime_d_head() } onetime_d_body() { - . $(atf_get_srcdir)/conf.sh + geli_test_setup sectors=100 md=$(attach_md -t malloc -s $sectors) @@ -125,7 +127,6 @@ onetime_d_body() } onetime_d_cleanup() { - . $(atf_get_srcdir)/conf.sh geli_test_cleanup } diff --git a/tests/sys/geom/class/eli/resize_test.sh b/tests/sys/geom/class/eli/resize_test.sh index 21406a495892..c94e64caca74 100644 --- a/tests/sys/geom/class/eli/resize_test.sh +++ b/tests/sys/geom/class/eli/resize_test.sh @@ -1,6 +1,8 @@ #!/bin/sh # $FreeBSD$ +. $(atf_get_srcdir)/conf.sh + atf_test_case resize cleanup resize_head() { @@ -9,7 +11,8 @@ resize_head() } resize_body() { - . $(atf_get_srcdir)/conf.sh + geli_test_setup + BLK=512 BLKS_PER_MB=2048 @@ -67,8 +70,6 @@ resize_body() } resize_cleanup() { - . $(atf_get_srcdir)/conf.sh - if [ -f "$TEST_MDS_FILE" ]; then while read md; do [ -c /dev/${md}a.eli ] && \ diff --git a/tests/sys/geom/class/eli/setkey_test.sh b/tests/sys/geom/class/eli/setkey_test.sh index bd5e2dcedd8e..63acd5e58488 100644 --- a/tests/sys/geom/class/eli/setkey_test.sh +++ b/tests/sys/geom/class/eli/setkey_test.sh @@ -1,6 +1,8 @@ #!/bin/sh # $FreeBSD$ +. $(atf_get_srcdir)/conf.sh + atf_test_case setkey cleanup setkey_head() { @@ -9,7 +11,7 @@ setkey_head() } setkey_body() { - . $(atf_get_srcdir)/conf.sh + geli_test_setup sectors=100 md=$(attach_md -t malloc -s `expr $sectors + 1`) @@ -88,7 +90,6 @@ setkey_body() } setkey_cleanup() { - . $(atf_get_srcdir)/conf.sh geli_test_cleanup } @@ -100,7 +101,7 @@ setkey_readonly_head() } setkey_readonly_body() { - . $(atf_get_srcdir)/conf.sh + geli_test_setup sectors=100 md=$(attach_md -t malloc -s `expr $sectors + 1`) @@ -114,7 +115,6 @@ setkey_readonly_body() } setkey_readonly_cleanup() { - . $(atf_get_srcdir)/conf.sh geli_test_cleanup } @@ -126,7 +126,7 @@ nokey_head() } nokey_body() { - . $(atf_get_srcdir)/conf.sh + geli_test_setup sectors=100 md=$(attach_md -t malloc -s `expr $sectors + 1`) @@ -152,7 +152,6 @@ nokey_body() } nokey_cleanup() { - . $(atf_get_srcdir)/conf.sh geli_test_cleanup } diff --git a/tests/sys/geom/class/geom_subr.sh b/tests/sys/geom/class/geom_subr.sh index 3283d1b3356e..71ed4a15540f 100644 --- a/tests/sys/geom/class/geom_subr.sh +++ b/tests/sys/geom/class/geom_subr.sh @@ -1,6 +1,8 @@ #!/bin/sh # $FreeBSD$ +TEST_MDS_FILE="${TMPDIR}/test_mds.$(basename $0)" + devwait() { while :; do @@ -40,30 +42,40 @@ geom_test_cleanup() echo "# Removing test memory disk: $test_md" mdconfig -d -u $test_md done < $TEST_MDS_FILE + rm -f "$TEST_MDS_FILE" fi - rm -f "$TEST_MDS_FILE" } -if [ $(id -u) -ne 0 ]; then - echo '1..0 # SKIP tests must be run as root' - exit 0 -fi +geom_load_class_if_needed() +{ + local class=$1 + + # If the geom class isn't already loaded, try loading it. + if ! kldstat -q -m g_${class}; then + if ! geom ${class} load; then + echo "could not load module for geom class=${class}" + return 1 + fi + fi + return 0 +} -# If the geom class isn't already loaded, try loading it. -if ! kldstat -q -m g_${class}; then - if ! geom ${class} load; then - echo "1..0 # SKIP could not load module for geom class=${class}" +geom_atf_test_setup() +{ + if ! error_message=$(geom_load_class_if_needed $class); then + atf_skip "$error_message" + fi +} + +geom_tap_test_setup() +{ + if ! error_message=$(geom_load_class_if_needed $class); then + echo "1..0 # SKIP $error_message" exit 0 fi -fi +} -# Need to keep track of the test md devices to avoid the scenario where a test -# failing will cause the other tests to bomb out, or a test failing will leave -# a large number of md(4) devices lingering around -: ${TMPDIR=/tmp} -export TMPDIR -if ! TEST_MDS_FILE=$(mktemp ${TMPDIR}/test_mds.XXXXXX); then - echo 'Failed to create temporary file for tracking the test md(4) devices' - echo 'Bail out!' - exit 1 +: ${ATF_TEST=false} +if ! $ATF_TEST; then + geom_tap_test_setup fi diff --git a/tests/sys/geom/class/mirror/Makefile b/tests/sys/geom/class/mirror/Makefile index 817d5d66e971..f719d7542964 100644 --- a/tests/sys/geom/class/mirror/Makefile +++ b/tests/sys/geom/class/mirror/Makefile @@ -18,6 +18,7 @@ TAP_TESTS_SH+= 11_test TAP_TESTS_SH+= 12_test TAP_TESTS_SH+= 13_test +ATF_TESTS_SH+= component_selection ATF_TESTS_SH+= sync_error ${PACKAGE}FILES+= conf.sh diff --git a/tests/sys/geom/class/mirror/component_selection.sh b/tests/sys/geom/class/mirror/component_selection.sh new file mode 100755 index 000000000000..53237b14e257 --- /dev/null +++ b/tests/sys/geom/class/mirror/component_selection.sh @@ -0,0 +1,133 @@ +# $FreeBSD$ + +atf_test_case run_latest_genid cleanup +run_latest_genid_head() +{ + atf_set "descr" \ + "Ensure that we properly select components (latest genid) during STARTING." + atf_set "require.user" "root" +} +run_latest_genid_body() +{ + . $(atf_get_srcdir)/conf.sh + + f1=$(mktemp ${base}.XXXXXX) + f2=$(mktemp ${base}.XXXXXX) + f3=$(mktemp ${base}.XXXXXX) + rnd1=$(mktemp ${base}.XXXXXX) + rnd2=$(mktemp ${base}.XXXXXX) + + atf_check truncate -s 2M $f1 + atf_check truncate -s 2M $f2 + atf_check truncate -s 2M $f3 + dd if=/dev/urandom bs=512 count=1 of="$rnd1" + dd if=/dev/urandom bs=512 count=1 of="$rnd2" + + md1=$(attach_md -t vnode -f ${f1}) + md2=$(attach_md -t vnode -f ${f2}) + md3=$(attach_md -t vnode -f ${f3}) + + # Use a gnop for md1 just for consistency; it's not used for anything. + atf_check gnop create $md1 + atf_check gnop create $md2 + atf_check gnop create $md3 + # Hardcode component names so that the non-.nop device isn't tasted + # instead. + atf_check gmirror label -h $name ${md1}.nop + devwait + + atf_check gmirror insert -h $name ${md2}.nop + atf_check gmirror insert -h $name ${md3}.nop + syncwait + + # Fail mirror 3, writing known contents to mirror 1+2 block 1 + atf_check -s exit:0 -e empty -o empty \ + gnop configure -w 100 ${md3}.nop + atf_check -s exit:0 dd if="$rnd1" bs=512 count=1 oseek=1 conv=notrunc \ + of=/dev/mirror/$name status=none + + disconnectwait nop "${md3}.nop" + + # Should have two mirrors remaining after md3 was evicted + atf_check [ $(gmirror status -s $name | wc -l) -eq 2 ] + atf_check -s exit:0 -o match:"DEGRADED ${md1}.nop \(ACTIVE\)" \ + gmirror status -s $name + atf_check -s exit:0 -o match:"DEGRADED ${md2}.nop \(ACTIVE\)" \ + gmirror status -s $name + + # Repeat: + # Fail mirror 2, writing known contents to mirror 1 block 2 + atf_check -s exit:0 -e empty -o empty \ + gnop configure -w 100 ${md2}.nop + atf_check -s exit:0 dd if="$rnd2" bs=512 count=2 oseek=1 conv=notrunc \ + of=/dev/mirror/$name status=none + + disconnectwait nop "${md2}.nop" + + # Should have one mirror remaining after md2 was evicted + atf_check [ $(gmirror status -s $name | wc -l) -eq 1 ] + atf_check -s exit:0 -o match:"DEGRADED ${md1}.nop \(ACTIVE\)" \ + gmirror status -s $name + + # Stop the mirror and remove the pieces so gmirror can't see them. + atf_check gmirror stop $name + atf_check gnop destroy ${md1}.nop + atf_check gnop destroy ${md2}.nop + atf_check gnop destroy ${md3}.nop + + # Rebuild; spin up "disk" with lowest genid + atf_check gnop create $md3 + md3gen=$(gmirror dump /dev/${md3}.nop | grep genid | cut -d: -f2) + # Assert gmirror is referencing this component for now: + atf_check [ $(consumerrefs nop ${md3}.nop) = "r1w1e1" ] + + # Adding newer genid should kick out old component + atf_check gnop create $md2 + md2gen=$(gmirror dump /dev/${md2}.nop | grep genid | cut -d: -f2) + atf_check [ $md2gen -gt $md3gen ] + + disconnectwait nop "${md3}.nop" + + # Can't test this because 'status' doesn't exist until RUNNING: + #atf_check [ $(gmirror status -s $name | wc -l) -eq 1 ] + # But as a substitute, assert gmirror has dropped reference to staler + # component in favor of newer component: + atf_check [ $(consumerrefs nop ${md2}.nop) = "r1w1e1" ] + + # ditto + atf_check gnop create $md1 + md1gen=$(gmirror dump /dev/${md1}.nop | grep genid | cut -d: -f2) + atf_check [ $md1gen -gt $md2gen ] + + disconnectwait nop "${md2}.nop" + + # Assert gmirror has dropped reference to stale component in favor of + # newer component: + atf_check [ $(consumerrefs nop ${md1}.nop) = "r1w1e1" ] + + # gmirror won't start the mirror automatically with only one component + # ($md0) of configured three, so this waits out the + # kern.geom.mirror.timeout: + devwait + + atf_check [ $(gmirror status -s $name | wc -l) -eq 1 ] + atf_check -s exit:0 -o match:"DEGRADED ${md1}.nop \(ACTIVE\)" \ + gmirror status -s $name +} +run_latest_genid_cleanup() +{ + . $(atf_get_srcdir)/conf.sh + + if [ -f "$TEST_MDS_FILE" ]; then + while read test_md; do + echo "# Removing test gnop: ${test_md}.nop" + gnop destroy -f "${test_md}.nop" 2>/dev/null || : + done < "$TEST_MDS_FILE" + fi + gmirror_test_cleanup +} + +atf_init_test_cases() +{ + atf_add_test_case run_latest_genid +} diff --git a/tests/sys/geom/class/mirror/conf.sh b/tests/sys/geom/class/mirror/conf.sh index 1cb785e5113f..cee2b10e9ff6 100644 --- a/tests/sys/geom/class/mirror/conf.sh +++ b/tests/sys/geom/class/mirror/conf.sh @@ -19,4 +19,35 @@ syncwait() done } +consumerrefs() +{ + gclass=$1 + geom=$2 + + if [ $# -ne 2 ]; then + echo "Bad usage consumerrefs" >&2 + exit 1 + fi + + geom "${gclass}" list "${geom}" | \ + grep -A5 ^Consumers | \ + grep Mode | \ + cut -d: -f2 +} + +disconnectwait() +{ + gclass=$1 + geom=$2 + + if [ $# -ne 2 ]; then + echo "Bad usage disconnectwait" >&2 + exit 1 + fi + + while [ $(consumerrefs "$gclass" "$geom") != r0w0e0 ]; do + sleep 0.05 + done +} + . `dirname $0`/../geom_subr.sh diff --git a/tests/sys/geom/class/mirror/sync_error.sh b/tests/sys/geom/class/mirror/sync_error.sh index 89fd31e9d935..b5f138aaf8a0 100644 --- a/tests/sys/geom/class/mirror/sync_error.sh +++ b/tests/sys/geom/class/mirror/sync_error.sh @@ -1,5 +1,8 @@ # $FreeBSD$ +ATF_TEST=true +. $(atf_get_srcdir)/conf.sh + REG_READ_FP=debug.fail_point.g_mirror_regular_request_read atf_test_case sync_read_error_2_disks cleanup @@ -11,7 +14,7 @@ sync_read_error_2_disks_head() } sync_read_error_2_disks_body() { - . $(atf_get_srcdir)/conf.sh + geom_atf_test_setup f1=$(mktemp ${base}.XXXXXX) f2=$(mktemp ${base}.XXXXXX) @@ -25,7 +28,7 @@ sync_read_error_2_disks_body() atf_check gmirror label $name $md1 devwait - atf_check -s exit:0 -e empty -o not-empty sysctl ${REG_READ_FP}='1*return(5)' + atf_check -s ignore -e empty -o not-empty sysctl ${REG_READ_FP}='1*return(5)' # If a read error occurs while synchronizing and the mirror contains # a single active disk, gmirror has no choice but to fail the @@ -39,9 +42,7 @@ sync_read_error_2_disks_body() } sync_read_error_2_disks_cleanup() { - . $(atf_get_srcdir)/conf.sh - - atf_check -s exit:0 -e empty -o not-empty sysctl ${REG_READ_FP}='off' + atf_check -s ignore -e ignore -o ignore sysctl ${REG_READ_FP}='off' gmirror_test_cleanup } @@ -54,7 +55,7 @@ sync_read_error_3_disks_head() } sync_read_error_3_disks_body() { - . $(atf_get_srcdir)/conf.sh + geom_atf_test_setup f1=$(mktemp ${base}.XXXXXX) f2=$(mktemp ${base}.XXXXXX) @@ -97,9 +98,7 @@ sync_read_error_3_disks_body() } sync_read_error_3_disks_cleanup() { - . $(atf_get_srcdir)/conf.sh - - atf_check -s exit:0 -e empty -o not-empty sysctl ${REG_READ_FP}='off' + atf_check -s ignore -e ignore -o ignore sysctl ${REG_READ_FP}='off' gmirror_test_cleanup } diff --git a/tests/sys/kern/Makefile b/tests/sys/kern/Makefile index 0ab4a70a41b8..c4f01ff8925a 100644 --- a/tests/sys/kern/Makefile +++ b/tests/sys/kern/Makefile @@ -10,6 +10,7 @@ ATF_TESTS_C+= kern_descrip_test ATF_TESTS_C+= ptrace_test TEST_METADATA.ptrace_test+= timeout="15" ATF_TESTS_C+= reaper +ATF_TESTS_C+= sigaltstack PLAIN_TESTS_C+= subr_unit_test ATF_TESTS_C+= sys_getrandom ATF_TESTS_C+= unix_passfd_test diff --git a/tests/sys/kern/sigaltstack.c b/tests/sys/kern/sigaltstack.c new file mode 100644 index 000000000000..a66ca8f578ba --- /dev/null +++ b/tests/sys/kern/sigaltstack.c @@ -0,0 +1,117 @@ +/*- + * SPDX-License-Identifier: BSD-2-Clause + * + * Copyright (c) 2018 Eric van Gyzen + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <sys/cdefs.h> +__FBSDID("$FreeBSD$"); + +#include <atf-c.h> +#include <errno.h> +#include <signal.h> +#include <stdbool.h> +#include <stdlib.h> + +/* + * TODO add tests for: + * + * - all error cases + * - SS_DISABLE + * - no effect without SA_ONSTACK + */ + +static sig_atomic_t disabled_correct = 1; +static sig_atomic_t level1_correct = -1; +static sig_atomic_t level2_correct = -1; + +static void +sig_handler(int signo, siginfo_t *info __unused, void *ucp) +{ + ucontext_t *uc = ucp; + + // The alternate signal stack is enabled. + disabled_correct = disabled_correct && + (uc->uc_stack.ss_flags & SS_DISABLE) == 0; + if (signo == SIGUSR1) { + // The thread was NOT running on the alternate signal + // stack when this signal arrived. + level1_correct = (uc->uc_stack.ss_flags & SS_ONSTACK) == 0; + raise(SIGUSR2); + } else { + // The thread WAS running on the alternate signal + // stack when this signal arrived. + level2_correct = (uc->uc_stack.ss_flags & SS_ONSTACK) != 0; + } +} + +ATF_TC(ss_onstack); + +ATF_TC_HEAD(ss_onstack, tc) +{ + + atf_tc_set_md_var(tc, "descr", "Test reporting of SS_ONSTACK"); +} + +ATF_TC_BODY(ss_onstack, tc) +{ + stack_t ss = { + .ss_size = SIGSTKSZ, + }; + stack_t oss = { + .ss_size = 0, + }; + + ss.ss_sp = malloc(ss.ss_size); + ATF_REQUIRE(ss.ss_sp != NULL); + ATF_REQUIRE(sigaltstack(&ss, &oss) == 0); + + // There should be no signal stack currently configured. + ATF_CHECK(oss.ss_sp == NULL); + ATF_CHECK(oss.ss_size == 0); + ATF_CHECK((oss.ss_flags & SS_DISABLE) != 0); + ATF_CHECK((oss.ss_flags & SS_ONSTACK) == 0); + + struct sigaction sa = { + .sa_sigaction = sig_handler, + .sa_flags = SA_ONSTACK | SA_SIGINFO, + }; + ATF_REQUIRE(sigemptyset(&sa.sa_mask) == 0); + ATF_REQUIRE(sigaction(SIGUSR1, &sa, NULL) == 0); + ATF_REQUIRE(sigaction(SIGUSR2, &sa, NULL) == 0); + ATF_REQUIRE(raise(SIGUSR1) == 0); + + ATF_CHECK(level1_correct != -1); + ATF_CHECK(level1_correct == 1); + ATF_CHECK(level2_correct != -1); + ATF_CHECK(level2_correct == 1); +} + +ATF_TP_ADD_TCS(tp) +{ + + ATF_TP_ADD_TC(tp, ss_onstack); + + return (atf_no_error()); +} diff --git a/tests/sys/kqueue/libkqueue/kqueue_test.sh b/tests/sys/kqueue/libkqueue/kqueue_test.sh index 3185d826c7dd..5cca674305cb 100644 --- a/tests/sys/kqueue/libkqueue/kqueue_test.sh +++ b/tests/sys/kqueue/libkqueue/kqueue_test.sh @@ -2,7 +2,8 @@ # $FreeBSD$ i=1 -"$(dirname $0)/kqtest" | while read line; do +# Temporarily disable evfilt_proc tests: https://bugs.freebsd.org/233586 +"$(dirname $0)/kqtest" --no-proc | while read line; do echo $line | grep -q passed if [ $? -eq 0 ]; then echo "ok - $i $line" diff --git a/tests/sys/kqueue/libkqueue/main.c b/tests/sys/kqueue/libkqueue/main.c index 455a236183b3..d2e45c40d894 100644 --- a/tests/sys/kqueue/libkqueue/main.c +++ b/tests/sys/kqueue/libkqueue/main.c @@ -85,7 +85,7 @@ kevent_get(int kqfd) struct kevent *kev; if ((kev = calloc(1, sizeof(*kev))) == NULL) - err(1, "out of memory"); + err(1, "out of memory"); nfds = kevent(kqfd, NULL, 0, kev, 1, NULL); if (nfds < 1) @@ -103,7 +103,7 @@ kevent_get_timeout(int kqfd, int seconds) struct timespec timeout = {seconds, 0}; if ((kev = calloc(1, sizeof(*kev))) == NULL) - err(1, "out of memory"); + err(1, "out of memory"); nfds = kevent(kqfd, NULL, 0, kev, 1, &timeout); if (nfds < 0) { @@ -123,10 +123,10 @@ kevent_fflags_dump(struct kevent *kev) #define KEVFFL_DUMP(attrib) \ if (kev->fflags & attrib) \ - strncat(buf, #attrib" ", 64); + strncat(buf, #attrib" ", 64); if ((buf = calloc(1, 1024)) == NULL) - abort(); + abort(); /* Not every filter has meaningful fflags */ if (kev->filter == EVFILT_PROC) { @@ -160,7 +160,7 @@ kevent_fflags_dump(struct kevent *kev) #endif buf[strlen(buf) - 1] = ')'; } else { - snprintf(buf, 1024, "fflags = %x", kev->fflags); + snprintf(buf, 1024, "fflags = %x", kev->fflags); } return (buf); @@ -173,10 +173,10 @@ kevent_flags_dump(struct kevent *kev) #define KEVFL_DUMP(attrib) \ if (kev->flags & attrib) \ - strncat(buf, #attrib" ", 64); + strncat(buf, #attrib" ", 64); if ((buf = calloc(1, 1024)) == NULL) - abort(); + abort(); snprintf(buf, 1024, "flags = %d (", kev->flags); KEVFL_DUMP(EV_ADD); @@ -208,17 +208,17 @@ kevent_to_str(struct kevent *kev) snprintf(&buf[0], sizeof(buf), "[ident=%ju, filter=%d, %s, %s, data=%jd, udata=%p, " - "ext=[%jx %jx %jx %jx]", + "ext=[%jx %jx %jx %jx]", (uintmax_t) kev->ident, kev->filter, flags_str, fflags_str, (uintmax_t)kev->data, kev->udata, - (uintmax_t)kev->ext[0], - (uintmax_t)kev->ext[1], - (uintmax_t)kev->ext[2], - (uintmax_t)kev->ext[3]); + (uintmax_t)kev->ext[0], + (uintmax_t)kev->ext[1], + (uintmax_t)kev->ext[2], + (uintmax_t)kev->ext[3]); free(flags_str); free(fflags_str); @@ -239,10 +239,10 @@ kevent_add(int kqfd, struct kevent *kev, EV_SET(kev, ident, filter, flags, fflags, data, NULL); if (kevent(kqfd, kev, 1, NULL, 0, NULL) < 0) { - kev_str = kevent_to_str(kev); - printf("Unable to add the following kevent:\n%s\n", - kev_str); - free(kev_str); + kev_str = kevent_to_str(kev); + printf("Unable to add the following kevent:\n%s\n", + kev_str); + free(kev_str); err(1, "kevent(): %s", strerror(errno)); } } @@ -265,12 +265,12 @@ kevent_cmp(struct kevent *k1, struct kevent *k2) k1->data != k2->data || k1->udata != k2->udata || k1->ext[0] != k2->ext[0] || k1->ext[1] != k2->ext[1] || k1->ext[0] != k2->ext[2] || k1->ext[0] != k2->ext[3]) { - kev1_str = kevent_to_str(k1); - kev2_str = kevent_to_str(k2); - printf("kevent_cmp: mismatch:\n %s !=\n %s\n", - kev1_str, kev2_str); - free(kev1_str); - free(kev2_str); + kev1_str = kevent_to_str(k1); + kev2_str = kevent_to_str(k2); + printf("kevent_cmp: mismatch:\n %s !=\n %s\n", + kev1_str, kev2_str); + free(kev1_str); + free(kev2_str); abort(); } } diff --git a/tests/sys/kqueue/libkqueue/proc.c b/tests/sys/kqueue/libkqueue/proc.c index 4f97eacdc1a0..32735454b8b2 100644 --- a/tests/sys/kqueue/libkqueue/proc.c +++ b/tests/sys/kqueue/libkqueue/proc.c @@ -45,7 +45,7 @@ add_and_delete(void) struct stat s; if (fstat(kqfd, &s) != -1) errx(1, "kqueue inherited across fork! (%s() at %s:%d)", - __func__, __FILE__, __LINE__); + __func__, __FILE__, __LINE__); pause(); exit(2); diff --git a/tests/sys/kqueue/libkqueue/signal.c b/tests/sys/kqueue/libkqueue/signal.c index 14e751db95c2..df620f14b841 100644 --- a/tests/sys/kqueue/libkqueue/signal.c +++ b/tests/sys/kqueue/libkqueue/signal.c @@ -188,12 +188,12 @@ test_kevent_signal_oneshot(void) void test_evfilt_signal() { - kqfd = kqueue(); - test_kevent_signal_add(); - test_kevent_signal_del(); - test_kevent_signal_get(); - test_kevent_signal_disable(); - test_kevent_signal_enable(); - test_kevent_signal_oneshot(); - close(kqfd); + kqfd = kqueue(); + test_kevent_signal_add(); + test_kevent_signal_del(); + test_kevent_signal_get(); + test_kevent_signal_disable(); + test_kevent_signal_enable(); + test_kevent_signal_oneshot(); + close(kqfd); } diff --git a/tests/sys/kqueue/libkqueue/timer.c b/tests/sys/kqueue/libkqueue/timer.c index 51e1cdf1ac82..d1d92691c177 100644 --- a/tests/sys/kqueue/libkqueue/timer.c +++ b/tests/sys/kqueue/libkqueue/timer.c @@ -34,11 +34,10 @@ int kqfd; static long now(void) { - - struct timeval tv; + struct timeval tv; - gettimeofday(&tv, NULL); - return SEC_TO_US(tv.tv_sec) + tv.tv_usec; + gettimeofday(&tv, NULL); + return SEC_TO_US(tv.tv_sec) + tv.tv_usec; } /* Sleep for a given number of milliseconds. The timeout is assumed to @@ -47,13 +46,12 @@ now(void) void mssleep(int t) { + struct timespec stime = { + .tv_sec = 0, + .tv_nsec = US_TO_NS(MS_TO_US(t)), + }; - struct timespec stime = { - .tv_sec = 0, - .tv_nsec = US_TO_NS(MS_TO_US(t)), - }; - - nanosleep(&stime, NULL); + nanosleep(&stime, NULL); } /* Sleep for a given number of microseconds. The timeout is assumed to @@ -62,13 +60,12 @@ mssleep(int t) void ussleep(int t) { + struct timespec stime = { + .tv_sec = 0, + .tv_nsec = US_TO_NS(t), + }; - struct timespec stime = { - .tv_sec = 0, - .tv_nsec = US_TO_NS(t), - }; - - nanosleep(&stime, NULL); + nanosleep(&stime, NULL); } void @@ -241,7 +238,7 @@ test_abstime(void) kevent_cmp(&kev, kevent_get(kqfd)); stop = time(NULL); if (stop < start + timeout) - err(1, "too early %jd %jd", (intmax_t)stop, (intmax_t)(start + timeout)); + err(1, "too early %jd %jd", (intmax_t)stop, (intmax_t)(start + timeout)); /* Check if the event occurs again */ sleep(3); @@ -264,16 +261,16 @@ test_update(void) /* First set the timer to 1 second */ EV_SET(&kev, vnode_fd, EVFILT_TIMER, EV_ADD | EV_ONESHOT, - NOTE_USECONDS, SEC_TO_US(1), (void *)1); + NOTE_USECONDS, SEC_TO_US(1), (void *)1); start = now(); if (kevent(kqfd, &kev, 1, NULL, 0, NULL) < 0) - err(1, "%s", test_id); + err(1, "%s", test_id); /* Now reduce the timer to 1 ms */ EV_SET(&kev, vnode_fd, EVFILT_TIMER, EV_ADD | EV_ONESHOT, - NOTE_USECONDS, MS_TO_US(1), (void *)2); + NOTE_USECONDS, MS_TO_US(1), (void *)2); if (kevent(kqfd, &kev, 1, NULL, 0, NULL) < 0) - err(1, "%s", test_id); + err(1, "%s", test_id); /* Wait for the event */ kev.flags |= EV_CLEAR; @@ -288,9 +285,9 @@ test_update(void) */ printf("timer expired after %ld us\n", elapsed); if (elapsed < MS_TO_US(1)) - errx(1, "early timer expiration: %ld us", elapsed); + errx(1, "early timer expiration: %ld us", elapsed); if (elapsed > SEC_TO_US(1)) - errx(1, "late timer expiration: %ld us", elapsed); + errx(1, "late timer expiration: %ld us", elapsed); success(); } @@ -309,9 +306,9 @@ test_update_equal(void) /* First set the timer to 1 ms */ EV_SET(&kev, vnode_fd, EVFILT_TIMER, EV_ADD | EV_ONESHOT, - NOTE_USECONDS, MS_TO_US(1), NULL); + NOTE_USECONDS, MS_TO_US(1), NULL); if (kevent(kqfd, &kev, 1, NULL, 0, NULL) < 0) - err(1, "%s", test_id); + err(1, "%s", test_id); /* Sleep for a significant fraction of the timeout. */ ussleep(600); @@ -319,7 +316,7 @@ test_update_equal(void) /* Now re-add the timer with the same parameters */ start = now(); if (kevent(kqfd, &kev, 1, NULL, 0, NULL) < 0) - err(1, "%s", test_id); + err(1, "%s", test_id); /* Wait for the event */ kev.flags |= EV_CLEAR; @@ -334,7 +331,7 @@ test_update_equal(void) */ printf("timer expired after %ld us\n", elapsed); if (elapsed < MS_TO_US(1)) - errx(1, "early timer expiration: %ld us", elapsed); + errx(1, "early timer expiration: %ld us", elapsed); success(); } @@ -353,9 +350,9 @@ test_update_expired(void) /* Set the timer to 1ms */ EV_SET(&kev, vnode_fd, EVFILT_TIMER, EV_ADD | EV_ONESHOT, - NOTE_USECONDS, MS_TO_US(1), NULL); + NOTE_USECONDS, MS_TO_US(1), NULL); if (kevent(kqfd, &kev, 1, NULL, 0, NULL) < 0) - err(1, "%s", test_id); + err(1, "%s", test_id); /* Wait for 2 ms to give the timer plenty of time to expire. */ mssleep(2); @@ -363,7 +360,7 @@ test_update_expired(void) /* Now re-add the timer */ start = now(); if (kevent(kqfd, &kev, 1, NULL, 0, NULL) < 0) - err(1, "%s", test_id); + err(1, "%s", test_id); /* Wait for the event */ kev.flags |= EV_CLEAR; @@ -378,7 +375,7 @@ test_update_expired(void) */ printf("timer expired after %ld us\n", elapsed); if (elapsed < MS_TO_US(1)) - errx(1, "early timer expiration: %ld us", elapsed); + errx(1, "early timer expiration: %ld us", elapsed); /* Make sure the re-added timer does not fire. In other words, * test that the event received above was the only event from the @@ -405,7 +402,7 @@ test_update_periodic(void) EV_SET(&kev, vnode_fd, EVFILT_TIMER, EV_ADD, 0, SEC_TO_MS(1), NULL); if (kevent(kqfd, &kev, 1, NULL, 0, NULL) < 0) - err(1, "%s", test_id); + err(1, "%s", test_id); /* Retrieve the event */ kev.flags = EV_ADD | EV_CLEAR; @@ -420,7 +417,7 @@ test_update_periodic(void) EV_SET(&kev, vnode_fd, EVFILT_TIMER, EV_ADD, 0, SEC_TO_MS(2), NULL); start = now(); if (kevent(kqfd, &kev, 1, NULL, 0, NULL) < 0) - err(1, "%s", test_id); + err(1, "%s", test_id); /* Retrieve the event */ kev.flags = EV_ADD | EV_CLEAR; @@ -434,12 +431,12 @@ test_update_periodic(void) */ printf("timer expired after %ld us\n", elapsed); if (elapsed < MS_TO_US(2)) - errx(1, "early timer expiration: %ld us", elapsed); + errx(1, "early timer expiration: %ld us", elapsed); /* Delete the event */ kev.flags = EV_DELETE; if (kevent(kqfd, &kev, 1, NULL, 0, NULL) < 0) - err(1, "%s", test_id); + err(1, "%s", test_id); success(); } @@ -467,46 +464,46 @@ test_update_timing(void) * received is from the update and not the original timer add. */ for (sleeptime = MIN_SLEEP, iteration = 1; - sleeptime < MAX_SLEEP; - ++sleeptime, ++iteration) { - - /* First set the timer to 1 ms */ - EV_SET(&kev, vnode_fd, EVFILT_TIMER, EV_ADD | EV_ONESHOT, - NOTE_USECONDS, MS_TO_US(1), NULL); - if (kevent(kqfd, &kev, 1, NULL, 0, NULL) < 0) - err(1, "%s", test_id); - - /* Delay; the delay ranges from less than to greater than the - * timer period. - */ - ussleep(sleeptime); + sleeptime < MAX_SLEEP; + ++sleeptime, ++iteration) { + + /* First set the timer to 1 ms */ + EV_SET(&kev, vnode_fd, EVFILT_TIMER, EV_ADD | EV_ONESHOT, + NOTE_USECONDS, MS_TO_US(1), NULL); + if (kevent(kqfd, &kev, 1, NULL, 0, NULL) < 0) + err(1, "%s", test_id); + + /* Delay; the delay ranges from less than to greater than the + * timer period. + */ + ussleep(sleeptime); - /* Now re-add the timer with the same parameters */ - start = now(); - if (kevent(kqfd, &kev, 1, NULL, 0, NULL) < 0) - err(1, "%s", test_id); - - /* Wait for the event */ - kev.flags |= EV_CLEAR; - kev.fflags &= ~NOTE_USECONDS; - kev.data = 1; - kevent_cmp(&kev, kevent_get(kqfd)); - stop = now(); - elapsed = stop - start; - - /* Check that the timer expired after at least 1 ms. This - * check is to make sure that the timer re-started and that - * the event is not from the original add of the timer. - */ - if (elapsed < MS_TO_US(1)) - errx(1, "early timer expiration: %ld us", elapsed); - - /* Make sure the re-added timer does not fire. In other words, - * test that the event received above was the only event from - * the add and re-add of the timer. - */ - mssleep(2); - test_no_kevents_quietly(); + /* Now re-add the timer with the same parameters */ + start = now(); + if (kevent(kqfd, &kev, 1, NULL, 0, NULL) < 0) + err(1, "%s", test_id); + + /* Wait for the event */ + kev.flags |= EV_CLEAR; + kev.fflags &= ~NOTE_USECONDS; + kev.data = 1; + kevent_cmp(&kev, kevent_get(kqfd)); + stop = now(); + elapsed = stop - start; + + /* Check that the timer expired after at least 1 ms. This + * check is to make sure that the timer re-started and that + * the event is not from the original add of the timer. + */ + if (elapsed < MS_TO_US(1)) + errx(1, "early timer expiration: %ld us", elapsed); + + /* Make sure the re-added timer does not fire. In other words, + * test that the event received above was the only event from + * the add and re-add of the timer. + */ + mssleep(2); + test_no_kevents_quietly(); } success(); @@ -515,18 +512,18 @@ test_update_timing(void) void test_evfilt_timer() { - kqfd = kqueue(); - test_kevent_timer_add(); - test_kevent_timer_del(); - test_kevent_timer_get(); - test_oneshot(); - test_periodic(); - test_abstime(); - test_update(); - test_update_equal(); - test_update_expired(); - test_update_timing(); - test_update_periodic(); - disable_and_enable(); - close(kqfd); + kqfd = kqueue(); + test_kevent_timer_add(); + test_kevent_timer_del(); + test_kevent_timer_get(); + test_oneshot(); + test_periodic(); + test_abstime(); + test_update(); + test_update_equal(); + test_update_expired(); + test_update_timing(); + test_update_periodic(); + disable_and_enable(); + close(kqfd); } diff --git a/tests/sys/kqueue/libkqueue/user.c b/tests/sys/kqueue/libkqueue/user.c index 9ba25f9df4d3..51ccac672ae6 100644 --- a/tests/sys/kqueue/libkqueue/user.c +++ b/tests/sys/kqueue/libkqueue/user.c @@ -117,7 +117,7 @@ oneshot(void) void test_evfilt_user() { - kqfd = kqueue(); + kqfd = kqueue(); add_and_delete(); event_wait(); @@ -125,5 +125,5 @@ test_evfilt_user() oneshot(); /* TODO: try different fflags operations */ - close(kqfd); + close(kqfd); } diff --git a/tests/sys/kqueue/libkqueue/vnode.c b/tests/sys/kqueue/libkqueue/vnode.c index 55d5b3f5edc2..418cd2e3d64b 100644 --- a/tests/sys/kqueue/libkqueue/vnode.c +++ b/tests/sys/kqueue/libkqueue/vnode.c @@ -251,16 +251,16 @@ test_kevent_vnode_dispatch(void) void test_evfilt_vnode() { - kqfd = kqueue(); - test_kevent_vnode_add(); - test_kevent_vnode_del(); - test_kevent_vnode_disable_and_enable(); + kqfd = kqueue(); + test_kevent_vnode_add(); + test_kevent_vnode_del(); + test_kevent_vnode_disable_and_enable(); #if HAVE_EV_DISPATCH - test_kevent_vnode_dispatch(); + test_kevent_vnode_dispatch(); #endif - test_kevent_vnode_note_write(); - test_kevent_vnode_note_attrib(); - test_kevent_vnode_note_rename(); - test_kevent_vnode_note_delete(); - close(kqfd); + test_kevent_vnode_note_write(); + test_kevent_vnode_note_attrib(); + test_kevent_vnode_note_rename(); + test_kevent_vnode_note_delete(); + close(kqfd); } diff --git a/tests/sys/netpfil/pf/Makefile b/tests/sys/netpfil/pf/Makefile index b9484e0a5c55..3d0f861f0a16 100644 --- a/tests/sys/netpfil/pf/Makefile +++ b/tests/sys/netpfil/pf/Makefile @@ -9,6 +9,7 @@ ATF_TESTS_SH+= anchor \ pass_block \ forward \ fragmentation \ + names \ set_tos \ route_to \ synproxy \ diff --git a/tests/sys/netpfil/pf/names.sh b/tests/sys/netpfil/pf/names.sh new file mode 100755 index 000000000000..f73a149f8e90 --- /dev/null +++ b/tests/sys/netpfil/pf/names.sh @@ -0,0 +1,34 @@ +# $FreeBSD$ + +. $(atf_get_srcdir)/utils.subr + +atf_test_case "names" "cleanup" +names_head() +{ + atf_set descr 'Test overlapping names' + atf_set require.user root +} + +names_body() +{ + pft_init + + epair=$(pft_mkepair) + + pft_mkjail alcatraz ${epair}b + ifconfig ${epair}a name foo + jexec alcatraz ifconfig ${epair}b name foo + + jail -r alcatraz + ifconfig foo destroy +} + +names_cleanup() +{ + pft_cleanup +} + +atf_init_test_cases() +{ + atf_add_test_case "names" +} diff --git a/tests/sys/netpfil/pf/pass_block.sh b/tests/sys/netpfil/pf/pass_block.sh index d0d1e426378e..d7a41b98f2c6 100755 --- a/tests/sys/netpfil/pf/pass_block.sh +++ b/tests/sys/netpfil/pf/pass_block.sh @@ -107,21 +107,21 @@ noalias_body() | cut -d % -f 1) # Sanity check - atf_check -s exit:0 -o ignore ping6 -c 1 -x 1 2001:db8:42::2 - atf_check -s exit:0 -o ignore ping6 -c 1 -x 1 ${linklocaladdr}%${epair}a + atf_check -s exit:0 -o ignore ping6 -c 3 -x 1 2001:db8:42::2 + atf_check -s exit:0 -o ignore ping6 -c 3 -x 1 ${linklocaladdr}%${epair}a jexec alcatraz pfctl -e pft_set_rules alcatraz "block out inet6 from (${epair}b:0) to any" - atf_check -s exit:2 -o ignore ping6 -c 1 -x 1 2001:db8:42::2 + atf_check -s exit:2 -o ignore ping6 -c 3 -x 1 2001:db8:42::2 # We should still be able to ping the link-local address - atf_check -s exit:0 -o ignore ping6 -c 1 -x 1 ${linklocaladdr}%${epair}a + atf_check -s exit:0 -o ignore ping6 -c 3 -x 1 ${linklocaladdr}%${epair}a pft_set_rules alcatraz "block out inet6 from (${epair}b) to any" # We cannot ping to the link-local address - atf_check -s exit:2 -o ignore ping6 -c 1 -x 1 ${linklocaladdr}%${epair}a + atf_check -s exit:2 -o ignore ping6 -c 3 -x 1 ${linklocaladdr}%${epair}a } noalias_cleanup() diff --git a/tests/sys/netpfil/pf/pfsync.sh b/tests/sys/netpfil/pf/pfsync.sh index c4e453274b67..17b73a0f098b 100755 --- a/tests/sys/netpfil/pf/pfsync.sh +++ b/tests/sys/netpfil/pf/pfsync.sh @@ -7,12 +7,16 @@ basic_head() { atf_set descr 'Basic pfsync test' atf_set require.user root - - atf_set require.progs scapy } basic_body() { + common_body +} + +common_body() +{ + defer=$1 pfsynct_init epair_sync=$(pft_mkepair) @@ -28,12 +32,14 @@ basic_body() jexec one ifconfig pfsync0 \ syncdev ${epair_sync}a \ maxupd 1 \ + $defer \ up jexec two ifconfig ${epair_two}a 198.51.100.2/24 up jexec two ifconfig ${epair_sync}b 192.0.2.2/24 up jexec two ifconfig pfsync0 \ syncdev ${epair_sync}b \ maxupd 1 \ + $defer \ up # Enable pf! @@ -64,7 +70,25 @@ basic_cleanup() pfsynct_cleanup } +atf_test_case "defer" "cleanup" +defer_head() +{ + atf_set descr 'Defer mode pfsync test' + atf_set require.user root +} + +defer_body() +{ + common_body defer +} + +defer_cleanup() +{ + pfsynct_cleanup +} + atf_init_test_cases() { atf_add_test_case "basic" + atf_add_test_case "defer" } diff --git a/tools/KSE/ksetest/Makefile b/tools/KSE/ksetest/Makefile deleted file mode 100644 index 24d4a8201830..000000000000 --- a/tools/KSE/ksetest/Makefile +++ /dev/null @@ -1,8 +0,0 @@ -# $FreeBSD$ - -PROG= ksetest -MAN= -CFLAGS+= -g -Wall -SRCS= kse_asm.S kse_threads_test.c - -.include <bsd.prog.mk> diff --git a/tools/KSE/ksetest/kse_asm.S b/tools/KSE/ksetest/kse_asm.S deleted file mode 100644 index ac571f7f1aee..000000000000 --- a/tools/KSE/ksetest/kse_asm.S +++ /dev/null @@ -1,159 +0,0 @@ -/* - * Copyright (c) 2002 Jonathan Mini <mini@freebsd.org>. - * Copyright (c) 2001 Daniel Eischen <deischen@freebsd.org>. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Neither the name of the author nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY DANIEL EISCHEN AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * $FreeBSD$ - */ - -#include <machine/asm.h> -__FBSDID("$FreeBSD$"); - -/* - * Where do we define these? - */ -#define MC_SIZE 640 /* sizeof mcontext_t */ -#define UC_MC_OFFSET 16 /* offset to mcontext from ucontext */ -#define UC_MC_LEN_OFFSET 96 /* offset to mc_len from mcontext */ -#define MC_LEN_OFFSET 80 /* offset to mc_len from mcontext */ -#define MC_FP_REGS_OFFSET 96 /* offset to FP regs from mcontext */ -#define MC_FP_CW_OFFSET 96 /* offset to FP control word */ -#define MC_OWNEDFP_OFFSET 88 /* offset to mc_ownedfp from mcontext */ -#define KM_STACK_SP_OFFSET 36 /* offset to km_stack.ss_sp */ -#define KM_STACK_SIZE_OFFSET 40 /* offset to km_stack.ss_sp */ -#define KM_FUNC_OFFSET 32 /* offset to km_func */ - -/* - * int uts_to_thread(struct kse_thr_mailbox *tdp, - * struct kse_thr_mailbox **curthreadp); - * - * Does not return on success, returns -1 otherwise. - */ -ENTRY(uts_to_thread) - movl 4(%esp), %edx /* get address of kse_thr_mailbox */ - /* .. ucontext_t is at offset 0 */ - cmpl $0, %edx /* check for null pointer */ - jne 1f - movl $-1, %eax - jmp 5f -1: cmpl $MC_SIZE, UC_MC_LEN_OFFSET(%edx) /* is context valid? */ - je 2f - movl $-1, %eax /* bzzzt, invalid context */ - jmp 5f -2: movl 8(%esp), %ecx /* get address of curthreadp */ - movl %edx, %ebx /* save the pointer for later */ - /* - * From here on, we don't touch the old stack. - */ - addl $UC_MC_OFFSET, %edx /* add offset to mcontext */ - movl 4(%edx), %gs - movl 8(%edx), %fs - movl 12(%edx), %es - movl 16(%edx), %ds - movl 76(%edx), %ss - movl 20(%edx), %edi - movl 24(%edx), %esi - movl 28(%edx), %ebp - movl 72(%edx), %esp /* switch to context defined stack */ - subl $4, %esp /* leave space for the return address */ - movl 60(%edx), %eax /* put return address at top of stack */ - movl %eax, (%esp) - cmpl $0, MC_OWNEDFP_OFFSET(%edx) /* are FP regs valid? */ - jz 3f - frstor MC_FP_REGS_OFFSET(%edx) /* restore FP regs */ - jmp 4f -3: fninit - fldcw MC_FP_CW_OFFSET(%edx) -4: movl 48(%edx), %eax /* restore ax, bx, cx, dx */ - pushl 68(%edx) /* flags on stack */ - pushl 36(%edx) /* %ebx on stack */ - pushl 44(%edx) /* %ecx on stack */ - movl 40(%edx), %edx /* %edx */ - /* - * all registers are now moved out of mailbox, - * it's safe to set current thread pointer - */ - movl %ebx,(%ecx) - popl %ecx /* %ecx off stack */ - pop %ebx /* %ebx off stack */ - popf /* flags off stack */ -5: ret /* %eip off stack */ -END(uts_to_thread) - -/* - * int thread_to_uts(struct kse_thr_mailbox *tm, struct kse_mailbox *km); - * - * Does not return on success, returns -1 otherwise. - */ -ENTRY(thread_to_uts) - movl 4(%esp), %eax /* get address of context */ - cmpl $0, %eax /* check for null pointer */ - jne 1f - movl $-1, %eax - jmp 2f -1: pushl %edx /* save value of edx */ - movl %eax, %edx /* get address of context */ - addl $UC_MC_OFFSET, %edx /* add offset to mcontext */ - movl %gs, 4(%edx) - movl %fs, 8(%edx) - movl %es, 12(%edx) - movl %ds, 16(%edx) - movl %edi, 20(%edx) - movl %esi, 24(%edx) - movl %ebp, 28(%edx) - movl %ebx, 36(%edx) - movl $0, 48(%edx) /* store successful return in eax */ - popl %eax /* get saved value of edx */ - movl %eax, 40(%edx) /* save edx */ - movl %ecx, 44(%edx) - movl (%esp), %eax /* get return address */ - movl %eax, 60(%edx) /* save return address */ - movl %ss, 76(%edx) - /* - * Don't save floating point registers here. - * - * This is an explicit call to get the current context, so - * the caller is done with the floating point registers. - * Contexts formed by involuntary switches, such as signal delivery, - * have floating point registers saved by the kernel. - */ - fnstcw MC_FP_CW_OFFSET(%edx) - movl $0, MC_OWNEDFP_OFFSET(%edx) /* no FP */ - pushfl /* get eflags */ - popl %eax - movl %eax, 68(%edx) /* store eflags */ - movl %esp, %eax /* setcontext pushes the return */ - addl $4, %eax /* address onto the top of the */ - movl %eax, 72(%edx) /* stack; account for this */ - movl $MC_SIZE, MC_LEN_OFFSET(%edx) /* context is now valid */ - movl 8(%esp), %edx /* get address of mailbox */ - movl KM_STACK_SP_OFFSET(%edx), %eax /* get bottom of stack */ - addl KM_STACK_SIZE_OFFSET(%edx), %eax /* add length */ - movl %eax, %esp /* switch to the uts's stack */ - pushl %edx /* push the address of the mailbox */ - pushl KM_FUNC_OFFSET(%edx) /* .. the uts can return to itself */ - pushl KM_FUNC_OFFSET(%edx) /* push the address of the uts func */ -2: ret -END(thread_to_uts) - diff --git a/tools/KSE/ksetest/kse_threads_test.c b/tools/KSE/ksetest/kse_threads_test.c deleted file mode 100644 index 69ea727fe30e..000000000000 --- a/tools/KSE/ksetest/kse_threads_test.c +++ /dev/null @@ -1,492 +0,0 @@ -/*- - * Copyright (c) 2002 Jonathan Mini (mini@freebsd.org). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * $FreeBSD$ - */ - -#include <sys/types.h> -#include <sys/signal.h> -#include <sys/signalvar.h> -#include <sys/sysctl.h> -#include <sys/kse.h> -#include <sys/ucontext.h> - -#include <stdarg.h> -#include <stddef.h> -#include <stdlib.h> -#include <string.h> -#include <sysexits.h> -#include <time.h> -#include <unistd.h> -#include "simplelock.h" - -#undef TRACE_UTS -//#define TRACE_KSE - -#ifdef TRACE_UTS -#define UPFMT(fmt...) pfmt(#fmt) -#define UPSTR(s) pstr(s) -#define UPCHAR(c) pchar(c) -#else -#define UPFMT(fmt...) /* Nothing. */ -#define UPSTR(s) /* Nothing. */ -#define UPCHAR(c) /* Nothing. */ -#endif - -#define MAIN_STACK_SIZE (1024 * 1024) -#define THREAD_STACK_SIZE (32 * 1024) - -struct uts_runq { - struct kse_thr_mailbox *head; - struct simplelock lock; -}; - -struct uts_data { - struct kse_mailbox mb; - struct uts_runq *runq; - struct kse_thr_mailbox *cur_thread; -}; - -static struct uts_runq runq1; -static struct uts_data data1, data2; -static struct uts_runq runq2; -static struct uts_data data3, data4; -static struct kse_thr_mailbox *aa; - -#ifdef TRACE_UTS -static int progress = 0; -#endif - -static void init_uts(struct uts_data *data, struct uts_runq *q); -static void start_uts(struct uts_data *data, int newgrp); -static void enter_uts(struct uts_data *); -static void pchar(char c); -static void pfmt(const char *fmt, ...); -static void pstr(const char *s); -static void runq_init(struct uts_runq *q); -static void runq_insert(struct uts_runq *q, struct kse_thr_mailbox *tm); -static struct kse_thr_mailbox *runq_remove(struct uts_runq *q); -static struct kse_thr_mailbox *runq_remove_nolock(struct uts_runq *q); -static void thread_start(struct uts_data *data, const void *func, int arg); -static void uts(struct kse_mailbox *km); - -/* Functions implemented in assembly */ -extern int uts_to_thread(struct kse_thr_mailbox *tdp, - struct kse_thr_mailbox **curthreadp); -extern int thread_to_uts(struct kse_thr_mailbox *tm, - struct kse_mailbox *km); - -static void -nano(int len) -{ - struct timespec time_to_sleep; - struct timespec time_remaining; - - time_to_sleep.tv_sec = 0; - time_to_sleep.tv_nsec = len * 10000; - nanosleep(&time_to_sleep, &time_remaining); -} - -void -aaaa(int c) -{ - for (;;) { - pchar(c); - nano(1); - } -} - -static void -foof(int sig) -{ - pfmt("\n[%d]\n", sig); -// thread_start(aaaa, '0' + progress++); -} - -static void -newkse(int v) -{ - start_uts(&data4, 0); -} - -#if 0 -void -spin(int arg) -{ - for (;;) enter_uts(); sched_yield(); -} -#endif -/* - * Test Userland Thread Scheduler (UTS) suite for KSE. - */ -int -main(void) -{ - int i; - - runq_init(&runq1); - init_uts(&data1, &runq1); - init_uts(&data2, &runq1); - thread_start(&data1, aaaa, '+'); - thread_start(&data1, aaaa, '-'); - start_uts(&data1, 0); - start_uts(&data2, 0); - -// start second ksegrp - runq_init(&runq2); - init_uts(&data3, &runq2); - init_uts(&data4, &runq2); - thread_start(&data3, newkse, 0); - thread_start(&data3, aaaa, '*'); - thread_start(&data3, aaaa, '.'); - start_uts(&data3, 1); - - for (i = 0;1;i++) { -// if (i < 1000) -// thread_start(aaaa, 'a' + (i % 26)); - pchar('A' + (i % 26)); - nano(5); - } - pstr("\n** main() exiting **\n"); - return (EX_OK); -} - - -/* - * Enter the UTS from a thread. - */ -static void -enter_uts(struct uts_data *data) -{ - struct kse_thr_mailbox *td; - - /* XXX: We should atomically exchange these two. */ - td = data->mb.km_curthread; - data->mb.km_curthread = NULL; - - thread_to_uts(td, &data->mb); -} - -/* - * Initialise threading. - */ -static void -init_uts(struct uts_data *data, struct uts_runq *q) -{ - struct kse_thr_mailbox *tm; - int mib[2]; - char *p; -#if 0 - size_t len; -#endif - - /* - * Create initial thread. - */ - tm = (struct kse_thr_mailbox *)calloc(1, sizeof(struct kse_thr_mailbox)); - - /* Throw us into its context. */ - getcontext(&tm->tm_context); - - /* Find our stack. */ - mib[0] = CTL_KERN; - mib[1] = KERN_USRSTACK; -#if 0 - len = sizeof(p); - if (sysctl(mib, 2, &p, &len, NULL, 0) == -1) - pstr("sysctl(CTL_KER.KERN_USRSTACK) failed.\n"); -#endif - p = (char *)malloc(MAIN_STACK_SIZE) + MAIN_STACK_SIZE; - pfmt("main() : 0x%x\n", tm); - pfmt("eip -> 0x%x\n", tm->tm_context.uc_mcontext.mc_eip); - tm->tm_context.uc_stack.ss_sp = p - MAIN_STACK_SIZE; - tm->tm_context.uc_stack.ss_size = MAIN_STACK_SIZE; - - /* - * Create KSE mailbox. - */ - p = (char *)malloc(THREAD_STACK_SIZE); - bzero(&data->mb, sizeof(struct kse_mailbox)); - data->mb.km_stack.ss_sp = p; - data->mb.km_stack.ss_size = THREAD_STACK_SIZE; - data->mb.km_func = (void *)uts; - data->mb.km_udata = data; - data->cur_thread = tm; - data->runq = q; - pfmt("uts() at : 0x%x\n", uts); - pfmt("uts stack at : 0x%x - 0x%x\n", p, p + THREAD_STACK_SIZE); -} - -static void -start_uts(struct uts_data *data, int newgrp) -{ - /* - * Start KSE scheduling. - */ - pfmt("kse_create() -> %d\n", kse_create(&data->mb, newgrp)); - data->mb.km_curthread = data->cur_thread; - - /* - * Arrange to deliver signals via KSE. - */ - signal(SIGURG, foof); -} - -/* - * Write a single character to stdout, in a thread-safe manner. - */ -static void -pchar(char c) -{ - - write(STDOUT_FILENO, &c, 1); -} - -/* - * Write formatted output to stdout, in a thread-safe manner. - * - * Recognises the following conversions: - * %c -> char - * %d -> signed int (base 10) - * %s -> string - * %u -> unsigned int (base 10) - * %x -> unsigned int (base 16) - */ -static void -pfmt(const char *fmt, ...) -{ - static const char digits[16] = "0123456789abcdef"; - va_list ap; - char buf[10]; - char *s; - unsigned r, u; - int c, d; - - va_start(ap, fmt); - while ((c = *fmt++)) { - if (c == '%') { - c = *fmt++; - switch (c) { - case 'c': - pchar(va_arg(ap, int)); - continue; - case 's': - pstr(va_arg(ap, char *)); - continue; - case 'd': - case 'u': - case 'x': - r = ((c == 'u') || (c == 'd')) ? 10 : 16; - if (c == 'd') { - d = va_arg(ap, unsigned); - if (d < 0) { - pchar('-'); - u = (unsigned)(d * -1); - } else - u = (unsigned)d; - } else - u = va_arg(ap, unsigned); - s = buf; - do { - *s++ = digits[u % r]; - } while (u /= r); - while (--s >= buf) - pchar(*s); - continue; - } - } - pchar(c); - } - va_end(ap); -} - -static void -pstr(const char *s) -{ - - write(STDOUT_FILENO, s, strlen(s)); -} - -static void -runq_init(struct uts_runq *q) -{ - q->head = NULL; - simplelock_init(&q->lock); -} - -/* - * Insert a thread into the run queue. - */ -static void -runq_insert(struct uts_runq *q, struct kse_thr_mailbox *tm) -{ - simplelock_lock(&q->lock); - tm->tm_next = q->head; - q->head = tm; - simplelock_unlock(&q->lock); -} - -/* - * Select and remove a thread from the run queue. - */ -static struct kse_thr_mailbox * -runq_remove(struct uts_runq *q) -{ - struct kse_thr_mailbox *tm; - - simplelock_lock(&q->lock); - tm = runq_remove_nolock(q); - simplelock_unlock(&q->lock); - return tm; -} - -static struct kse_thr_mailbox * -runq_remove_nolock(struct uts_runq *q) -{ - struct kse_thr_mailbox *p, *p1; - - if (q->head == NULL) - return (NULL); - p1 = NULL; - for (p = q->head; p->tm_next != NULL; p = p->tm_next) - p1 = p; - if (p1 == NULL) - q->head = NULL; - else - p1->tm_next = NULL; - return (p); -} - -/* - * Userland thread scheduler. - */ -static void -uts(struct kse_mailbox *km) -{ -#ifdef TRACE_KSE - static struct uts_data *prev_data; -#endif - struct kse_thr_mailbox *tm, *p; - struct uts_data *data; - int i; - - UPSTR("\n--uts() start--\n"); - UPFMT("mailbox -> %x\n", km); - - /* - * Insert any processes back from being blocked - * in the kernel into the run queue. - */ - data = km->km_udata; - p = km->km_completed; - km->km_completed = NULL; - UPFMT("km_completed -> 0x%x", p); -#ifdef TRACE_KSE - if (data != prev_data) { - prev_data = data; - pfmt("uts data: 0x%x\n", data); - } -#endif - while ((tm = p) != NULL) { - p = tm->tm_next; - UPFMT(" 0x%x", p); - runq_insert(data->runq, tm); - } - UPCHAR('\n'); - - simplelock_lock(&data->runq->lock); - /* - * Process any signals we've received (but only if we have - * somewhere to deliver them to). - */ - if ((data->runq->head != NULL) && SIGNOTEMPTY(km->km_sigscaught)) { - for (i = 0;i < _SIG_MAXSIG;i++) - if (SIGISMEMBER(km->km_sigscaught, i)) { - signalcontext(&data->runq->head->tm_context, - i, foof); - break; - } - bzero(&km->km_sigscaught, sizeof(sigset_t)); - } - - /* - * Pull a thread off the run queue. - */ - p = runq_remove_nolock(data->runq); - simplelock_unlock(&data->runq->lock); -#if 0 - if ((p == aa) && (progress > 0)) { - --progress; - signalcontext(&p->tm_context, 1, foof); - } -#endif - - /* - * Either schedule a thread, or idle if none ready to run. - */ - if (p != NULL) { - UPFMT("\n-- uts() scheduling 0x%x--\n", p); - UPFMT("eip -> 0x%x progress -> %d\n", - p->tm_context.uc_mcontext.mc_eip, progress); - UPSTR("curthread set\n"); - uts_to_thread(p, &km->km_curthread); - UPSTR("\n-- uts_to_thread() failed --\n"); - } - kse_release(NULL); - pstr("** uts() exiting **\n"); - exit(EX_SOFTWARE); -} - -/* - * Start a thread. - */ -static struct kse_thr_mailbox * -thread_create(const void *func, int arg) -{ - struct kse_thr_mailbox *tm; - char *p; - - aa = tm = (struct kse_thr_mailbox *)calloc(1, sizeof(struct kse_thr_mailbox)); - getcontext(&tm->tm_context); - p = (char *)malloc(THREAD_STACK_SIZE); - tm->tm_context.uc_stack.ss_sp = p; - tm->tm_context.uc_stack.ss_size = THREAD_STACK_SIZE; - makecontext(&tm->tm_context, func, 2, arg); - // setcontext(&tm->tm_context); - return tm; -} - -static void -thread_start(struct uts_data *data, const void *func, int arg) -{ - struct kse_thr_mailbox *tm; - struct kse_thr_mailbox *tm2; - - tm = thread_create(func, arg); - tm2 = thread_create(enter_uts, (int)data); - tm->tm_context.uc_link = &tm2->tm_context; - runq_insert(data->runq, tm); - pfmt("thread_start() : 0x%x %x\n", tm, &tm->tm_context); -} diff --git a/tools/KSE/rr/Makefile b/tools/KSE/rr/Makefile deleted file mode 100644 index 2a953567c9c6..000000000000 --- a/tools/KSE/rr/Makefile +++ /dev/null @@ -1,8 +0,0 @@ -# $FreeBSD$ - -PROG= rr -MAN= -CFLAGS+= -g -Wall -SRCS= kse_asm.S rr.c - -.include <bsd.prog.mk> diff --git a/tools/KSE/rr/kse_asm.S b/tools/KSE/rr/kse_asm.S deleted file mode 100644 index ac571f7f1aee..000000000000 --- a/tools/KSE/rr/kse_asm.S +++ /dev/null @@ -1,159 +0,0 @@ -/* - * Copyright (c) 2002 Jonathan Mini <mini@freebsd.org>. - * Copyright (c) 2001 Daniel Eischen <deischen@freebsd.org>. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Neither the name of the author nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY DANIEL EISCHEN AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * $FreeBSD$ - */ - -#include <machine/asm.h> -__FBSDID("$FreeBSD$"); - -/* - * Where do we define these? - */ -#define MC_SIZE 640 /* sizeof mcontext_t */ -#define UC_MC_OFFSET 16 /* offset to mcontext from ucontext */ -#define UC_MC_LEN_OFFSET 96 /* offset to mc_len from mcontext */ -#define MC_LEN_OFFSET 80 /* offset to mc_len from mcontext */ -#define MC_FP_REGS_OFFSET 96 /* offset to FP regs from mcontext */ -#define MC_FP_CW_OFFSET 96 /* offset to FP control word */ -#define MC_OWNEDFP_OFFSET 88 /* offset to mc_ownedfp from mcontext */ -#define KM_STACK_SP_OFFSET 36 /* offset to km_stack.ss_sp */ -#define KM_STACK_SIZE_OFFSET 40 /* offset to km_stack.ss_sp */ -#define KM_FUNC_OFFSET 32 /* offset to km_func */ - -/* - * int uts_to_thread(struct kse_thr_mailbox *tdp, - * struct kse_thr_mailbox **curthreadp); - * - * Does not return on success, returns -1 otherwise. - */ -ENTRY(uts_to_thread) - movl 4(%esp), %edx /* get address of kse_thr_mailbox */ - /* .. ucontext_t is at offset 0 */ - cmpl $0, %edx /* check for null pointer */ - jne 1f - movl $-1, %eax - jmp 5f -1: cmpl $MC_SIZE, UC_MC_LEN_OFFSET(%edx) /* is context valid? */ - je 2f - movl $-1, %eax /* bzzzt, invalid context */ - jmp 5f -2: movl 8(%esp), %ecx /* get address of curthreadp */ - movl %edx, %ebx /* save the pointer for later */ - /* - * From here on, we don't touch the old stack. - */ - addl $UC_MC_OFFSET, %edx /* add offset to mcontext */ - movl 4(%edx), %gs - movl 8(%edx), %fs - movl 12(%edx), %es - movl 16(%edx), %ds - movl 76(%edx), %ss - movl 20(%edx), %edi - movl 24(%edx), %esi - movl 28(%edx), %ebp - movl 72(%edx), %esp /* switch to context defined stack */ - subl $4, %esp /* leave space for the return address */ - movl 60(%edx), %eax /* put return address at top of stack */ - movl %eax, (%esp) - cmpl $0, MC_OWNEDFP_OFFSET(%edx) /* are FP regs valid? */ - jz 3f - frstor MC_FP_REGS_OFFSET(%edx) /* restore FP regs */ - jmp 4f -3: fninit - fldcw MC_FP_CW_OFFSET(%edx) -4: movl 48(%edx), %eax /* restore ax, bx, cx, dx */ - pushl 68(%edx) /* flags on stack */ - pushl 36(%edx) /* %ebx on stack */ - pushl 44(%edx) /* %ecx on stack */ - movl 40(%edx), %edx /* %edx */ - /* - * all registers are now moved out of mailbox, - * it's safe to set current thread pointer - */ - movl %ebx,(%ecx) - popl %ecx /* %ecx off stack */ - pop %ebx /* %ebx off stack */ - popf /* flags off stack */ -5: ret /* %eip off stack */ -END(uts_to_thread) - -/* - * int thread_to_uts(struct kse_thr_mailbox *tm, struct kse_mailbox *km); - * - * Does not return on success, returns -1 otherwise. - */ -ENTRY(thread_to_uts) - movl 4(%esp), %eax /* get address of context */ - cmpl $0, %eax /* check for null pointer */ - jne 1f - movl $-1, %eax - jmp 2f -1: pushl %edx /* save value of edx */ - movl %eax, %edx /* get address of context */ - addl $UC_MC_OFFSET, %edx /* add offset to mcontext */ - movl %gs, 4(%edx) - movl %fs, 8(%edx) - movl %es, 12(%edx) - movl %ds, 16(%edx) - movl %edi, 20(%edx) - movl %esi, 24(%edx) - movl %ebp, 28(%edx) - movl %ebx, 36(%edx) - movl $0, 48(%edx) /* store successful return in eax */ - popl %eax /* get saved value of edx */ - movl %eax, 40(%edx) /* save edx */ - movl %ecx, 44(%edx) - movl (%esp), %eax /* get return address */ - movl %eax, 60(%edx) /* save return address */ - movl %ss, 76(%edx) - /* - * Don't save floating point registers here. - * - * This is an explicit call to get the current context, so - * the caller is done with the floating point registers. - * Contexts formed by involuntary switches, such as signal delivery, - * have floating point registers saved by the kernel. - */ - fnstcw MC_FP_CW_OFFSET(%edx) - movl $0, MC_OWNEDFP_OFFSET(%edx) /* no FP */ - pushfl /* get eflags */ - popl %eax - movl %eax, 68(%edx) /* store eflags */ - movl %esp, %eax /* setcontext pushes the return */ - addl $4, %eax /* address onto the top of the */ - movl %eax, 72(%edx) /* stack; account for this */ - movl $MC_SIZE, MC_LEN_OFFSET(%edx) /* context is now valid */ - movl 8(%esp), %edx /* get address of mailbox */ - movl KM_STACK_SP_OFFSET(%edx), %eax /* get bottom of stack */ - addl KM_STACK_SIZE_OFFSET(%edx), %eax /* add length */ - movl %eax, %esp /* switch to the uts's stack */ - pushl %edx /* push the address of the mailbox */ - pushl KM_FUNC_OFFSET(%edx) /* .. the uts can return to itself */ - pushl KM_FUNC_OFFSET(%edx) /* push the address of the uts func */ -2: ret -END(thread_to_uts) - diff --git a/tools/KSE/rr/rr.c b/tools/KSE/rr/rr.c deleted file mode 100644 index a75ce2e505e2..000000000000 --- a/tools/KSE/rr/rr.c +++ /dev/null @@ -1,403 +0,0 @@ -/*- - * Copyright (c) 2002 David Xu(davidxu@freebsd.org). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * $FreeBSD$ - */ - -/* - * Test Userland Thread Scheduler (UTS) suite for KSE. - * Test Userland round roubin. - */ - -#include <sys/types.h> -#include <sys/signal.h> -#include <sys/signalvar.h> -#include <sys/sysctl.h> -#include <sys/kse.h> -#include <sys/ucontext.h> - -#include <stdarg.h> -#include <stddef.h> -#include <stdlib.h> -#include <string.h> -#include <sysexits.h> -#include <time.h> -#include <unistd.h> -#include "simplelock.h" - -#undef TRACE_UTS - -#ifdef TRACE_UTS -#define UPFMT(fmt...) pfmt(#fmt) -#define UPSTR(s) pstr(s) -#define UPCHAR(c) pchar(c) -#else -#define UPFMT(fmt...) /* Nothing. */ -#define UPSTR(s) /* Nothing. */ -#define UPCHAR(c) /* Nothing. */ -#endif - -#define MAIN_STACK_SIZE (1024 * 1024) -#define THREAD_STACK_SIZE (32 * 1024) - -struct uts_runq { - struct kse_thr_mailbox *head; - struct simplelock lock; -}; - -struct uts_data { - struct kse_mailbox mb; - struct uts_runq *runq; - struct kse_thr_mailbox *cur_thread; -}; - -static struct uts_runq runq1; -static struct uts_data data1; - -static void init_uts(struct uts_data *data, struct uts_runq *q); -static void start_uts(struct uts_data *data, int newgrp); -static void enter_uts(struct uts_data *); -static void pchar(char c); -static void pfmt(const char *fmt, ...); -static void pstr(const char *s); -static void runq_init(struct uts_runq *q); -static void runq_insert(struct uts_runq *q, struct kse_thr_mailbox *tm); -static struct kse_thr_mailbox *runq_remove(struct uts_runq *q); -static struct kse_thr_mailbox *runq_remove_nolock(struct uts_runq *q); -static void thread_start(struct uts_data *data, const void *func, int arg); -static void uts(struct kse_mailbox *km); - -/* Functions implemented in assembly */ -extern int uts_to_thread(struct kse_thr_mailbox *tdp, - struct kse_thr_mailbox **curthreadp); -extern int thread_to_uts(struct kse_thr_mailbox *tm, - struct kse_mailbox *km); - -void -deadloop(int c) -{ - for (;;) { - ; - } -} - -int -main(void) -{ - runq_init(&runq1); - init_uts(&data1, &runq1); - thread_start(&data1, deadloop, 0); - thread_start(&data1, deadloop, 0); - thread_start(&data1, deadloop, 0); - start_uts(&data1, 0); - pause(); - pstr("\n** main() exiting **\n"); - return (EX_OK); -} - - -/* - * Enter the UTS from a thread. - */ -static void -enter_uts(struct uts_data *data) -{ - struct kse_thr_mailbox *td; - - /* XXX: We should atomically exchange these two. */ - td = data->mb.km_curthread; - data->mb.km_curthread = NULL; - - thread_to_uts(td, &data->mb); -} - -/* - * Initialise threading. - */ -static void -init_uts(struct uts_data *data, struct uts_runq *q) -{ - struct kse_thr_mailbox *tm; - int mib[2]; - char *p; -#if 0 - size_t len; -#endif - - /* - * Create initial thread. - */ - tm = (struct kse_thr_mailbox *)calloc(1, sizeof(struct kse_thr_mailbox)); - - /* Throw us into its context. */ - getcontext(&tm->tm_context); - - /* Find our stack. */ - mib[0] = CTL_KERN; - mib[1] = KERN_USRSTACK; -#if 0 - len = sizeof(p); - if (sysctl(mib, 2, &p, &len, NULL, 0) == -1) - pstr("sysctl(CTL_KER.KERN_USRSTACK) failed.\n"); -#endif - p = (char *)malloc(MAIN_STACK_SIZE) + MAIN_STACK_SIZE; - pfmt("main() : 0x%x\n", tm); - pfmt("eip -> 0x%x\n", tm->tm_context.uc_mcontext.mc_eip); - tm->tm_context.uc_stack.ss_sp = p - MAIN_STACK_SIZE; - tm->tm_context.uc_stack.ss_size = MAIN_STACK_SIZE; - - /* - * Create KSE mailbox. - */ - p = (char *)malloc(THREAD_STACK_SIZE); - bzero(&data->mb, sizeof(struct kse_mailbox)); - data->mb.km_stack.ss_sp = p; - data->mb.km_stack.ss_size = THREAD_STACK_SIZE; - data->mb.km_func = (void *)uts; - data->mb.km_udata = data; - data->mb.km_quantum = 10000; - data->cur_thread = tm; - data->runq = q; - pfmt("uts() at : 0x%x\n", uts); - pfmt("uts stack at : 0x%x - 0x%x\n", p, p + THREAD_STACK_SIZE); -} - -static void -start_uts(struct uts_data *data, int newgrp) -{ - /* - * Start KSE scheduling. - */ - pfmt("kse_create() -> %d\n", kse_create(&data->mb, newgrp)); - data->mb.km_curthread = data->cur_thread; -} - -/* - * Write a single character to stdout, in a thread-safe manner. - */ -static void -pchar(char c) -{ - - write(STDOUT_FILENO, &c, 1); -} - -/* - * Write formatted output to stdout, in a thread-safe manner. - * - * Recognises the following conversions: - * %c -> char - * %d -> signed int (base 10) - * %s -> string - * %u -> unsigned int (base 10) - * %x -> unsigned int (base 16) - */ -static void -pfmt(const char *fmt, ...) -{ - static const char digits[16] = "0123456789abcdef"; - va_list ap; - char buf[10]; - char *s; - unsigned r, u; - int c, d; - - va_start(ap, fmt); - while ((c = *fmt++)) { - if (c == '%') { - c = *fmt++; - switch (c) { - case 'c': - pchar(va_arg(ap, int)); - continue; - case 's': - pstr(va_arg(ap, char *)); - continue; - case 'd': - case 'u': - case 'x': - r = ((c == 'u') || (c == 'd')) ? 10 : 16; - if (c == 'd') { - d = va_arg(ap, unsigned); - if (d < 0) { - pchar('-'); - u = (unsigned)(d * -1); - } else - u = (unsigned)d; - } else - u = va_arg(ap, unsigned); - s = buf; - do { - *s++ = digits[u % r]; - } while (u /= r); - while (--s >= buf) - pchar(*s); - continue; - } - } - pchar(c); - } - va_end(ap); -} - -static void -pstr(const char *s) -{ - - write(STDOUT_FILENO, s, strlen(s)); -} - -static void -runq_init(struct uts_runq *q) -{ - q->head = NULL; - simplelock_init(&q->lock); -} - -/* - * Insert a thread into the run queue. - */ -static void -runq_insert(struct uts_runq *q, struct kse_thr_mailbox *tm) -{ - simplelock_lock(&q->lock); - tm->tm_next = q->head; - q->head = tm; - simplelock_unlock(&q->lock); -} - -/* - * Select and remove a thread from the run queue. - */ -static struct kse_thr_mailbox * -runq_remove(struct uts_runq *q) -{ - struct kse_thr_mailbox *tm; - - simplelock_lock(&q->lock); - tm = runq_remove_nolock(q); - simplelock_unlock(&q->lock); - return tm; -} - -static struct kse_thr_mailbox * -runq_remove_nolock(struct uts_runq *q) -{ - struct kse_thr_mailbox *p, *p1; - - if (q->head == NULL) - return (NULL); - p1 = NULL; - for (p = q->head; p->tm_next != NULL; p = p->tm_next) - p1 = p; - if (p1 == NULL) - q->head = NULL; - else - p1->tm_next = NULL; - return (p); -} - -/* - * Userland thread scheduler. - */ -static void -uts(struct kse_mailbox *km) -{ - struct kse_thr_mailbox *tm, *p; - struct uts_data *data; - - UPSTR("\n--uts() start--\n"); - UPFMT("mailbox -> %x\n", km); - - /* - * Insert any processes back from being blocked - * in the kernel into the run queue. - */ - data = km->km_udata; - p = km->km_completed; - km->km_completed = NULL; - UPFMT("km_completed -> 0x%x", p); - while ((tm = p) != NULL) { - p = tm->tm_next; - UPFMT(" 0x%x", p); - runq_insert(data->runq, tm); - } - UPCHAR('\n'); - - /* - * Pull a thread off the run queue. - */ - simplelock_lock(&data->runq->lock); - p = runq_remove_nolock(data->runq); - simplelock_unlock(&data->runq->lock); - - /* - * Either schedule a thread, or idle if none ready to run. - */ - if (p != NULL) { - UPFMT("\n-- uts() scheduling 0x%x--\n", p); - UPFMT("eip -> 0x%x progress -> %d\n", - p->tm_context.uc_mcontext.mc_eip, progress); - UPSTR("curthread set\n"); - pfmt("%x\n", p); - uts_to_thread(p, &km->km_curthread); - UPSTR("\n-- uts_to_thread() failed --\n"); - } - kse_release(NULL); - pstr("** uts() exiting **\n"); - exit(EX_SOFTWARE); -} - -/* - * Start a thread. - */ -static struct kse_thr_mailbox * -thread_create(const void *func, int arg) -{ - struct kse_thr_mailbox *tm; - char *p; - - tm = (struct kse_thr_mailbox *)calloc(1, sizeof(struct kse_thr_mailbox)); - getcontext(&tm->tm_context); - p = (char *)malloc(THREAD_STACK_SIZE); - tm->tm_context.uc_stack.ss_sp = p; - tm->tm_context.uc_stack.ss_size = THREAD_STACK_SIZE; - makecontext(&tm->tm_context, func, 1, arg); - // setcontext(&tm->tm_context); - return tm; -} - -static void -thread_start(struct uts_data *data, const void *func, int arg) -{ - struct kse_thr_mailbox *tm; - struct kse_thr_mailbox *tm2; - - tm = thread_create(func, arg); - tm2 = thread_create(enter_uts, (int)data); - tm->tm_context.uc_link = &tm2->tm_context; - runq_insert(data->runq, tm); - pfmt("thread_start() : 0x%x\n", tm); -} diff --git a/tools/build/mk/OptionalObsoleteFiles.inc b/tools/build/mk/OptionalObsoleteFiles.inc index be39e8891c13..6065216badc1 100644 --- a/tools/build/mk/OptionalObsoleteFiles.inc +++ b/tools/build/mk/OptionalObsoleteFiles.inc @@ -208,7 +208,6 @@ OLD_FILES+=usr/bin/as OLD_FILES+=usr/bin/ld OLD_FILES+=usr/share/man/man1/ld.1.gz .endif -OLD_FILES+=usr/bin/ld.bfd OLD_FILES+=usr/bin/objdump OLD_FILES+=usr/libdata/ldscripts/armelf_fbsd.x OLD_FILES+=usr/libdata/ldscripts/armelf_fbsd.xbn @@ -412,6 +411,9 @@ OLD_FILES+=usr/share/man/man7/ld.7.gz OLD_FILES+=usr/share/man/man7/ldint.7.gz OLD_FILES+=usr/share/man/man7/binutils.7.gz .endif +.if ${MK_BINUTILS} == no || ${MK_LLD_IS_LD} == yes +OLD_FILES+=usr/bin/ld.bfd +.endif .if ${MK_BLACKLIST} == no OLD_FILES+=etc/rc.d/blacklistd diff --git a/tools/build/options/WITHOUT_BINUTILS b/tools/build/options/WITHOUT_BINUTILS index 6fe1c17293a5..2dee78d04380 100644 --- a/tools/build/options/WITHOUT_BINUTILS +++ b/tools/build/options/WITHOUT_BINUTILS @@ -1,4 +1,9 @@ .\" $FreeBSD$ -Set to not build or install binutils (as, ld, and objdump) as part +Set to not build or install GNU +.Xr as 1 , +.Xr objdump 1 , +and for some CPU architectures +.Xr ld.bfd 1 +as part of the normal system build. The resulting system cannot build programs from source. diff --git a/tools/build/options/WITH_BINUTILS b/tools/build/options/WITH_BINUTILS index be3bada4e8f0..5f9d98d7fcaf 100644 --- a/tools/build/options/WITH_BINUTILS +++ b/tools/build/options/WITH_BINUTILS @@ -1,3 +1,8 @@ .\" $FreeBSD$ -Set to build and install binutils (as, ld, and objdump) as part +Set to build and install GNU +.Xr as 1 , +.Xr objdump 1 , +and for some CPU architectures +.Xr ld.bfd 1 +as part of the normal system build. diff --git a/tools/tools/locale/Makefile b/tools/tools/locale/Makefile index 7bb234e884d8..492ff714feb7 100644 --- a/tools/tools/locale/Makefile +++ b/tools/tools/locale/Makefile @@ -111,7 +111,7 @@ BASE_LOCALES_OF_INTEREST?= \ cs_CZ da_DK de_AT de_CH de_DE el_GR en_AU en_CA \ en_GB en_HK en_IE en_NZ en_PH en_SG en_US en_ZA \ es_AR es_CR es_ES es_MX et_EE eu_ES fi_FI fr_BE \ - fr_CA fr_CH fr_FR he_IL hi_IN hr_HR hu_HU hy_AM \ + fr_CA fr_CH fr_FR ga_IE he_IL hi_IN hr_HR hu_HU hy_AM \ is_IS it_CH it_IT ja_JP ko_KR lt_LT lv_LV \ nb_NO nl_BE nl_NL nn_NO pl_PL pt_BR pt_PT ro_RO \ ru_RU se_FI se_NO sk_SK sl_SI sv_FI sv_SE tr_TR \ diff --git a/tools/tools/locale/etc/charmaps.xml b/tools/tools/locale/etc/charmaps.xml index f8ff1ced8d54..78a344d6929e 100644 --- a/tools/tools/locale/etc/charmaps.xml +++ b/tools/tools/locale/etc/charmaps.xml @@ -93,6 +93,8 @@ <language name="fr" encoding="ISO8859-1 ISO8859-15" countries="CA" /> + <language name="ga" + countries="IE" /> <!-- UTF-8 only --> <language name="he" countries="IL" /> <language name="hi" diff --git a/tools/tools/netmap/pkt-gen.c b/tools/tools/netmap/pkt-gen.c index a83c9422587e..040992422f42 100644 --- a/tools/tools/netmap/pkt-gen.c +++ b/tools/tools/netmap/pkt-gen.c @@ -195,7 +195,7 @@ struct virt_header { uint8_t fields[VIRT_HDR_MAX]; }; -#define MAX_BODYSIZE 16384 +#define MAX_BODYSIZE 65536 struct pkt { struct virt_header vh; @@ -238,7 +238,6 @@ struct mac_range { /* ifname can be netmap:foo-xxxx */ #define MAX_IFNAMELEN 64 /* our buffer for ifname */ -//#define MAX_PKTSIZE 1536 #define MAX_PKTSIZE MAX_BODYSIZE /* XXX: + IP_HDR + ETH_HDR */ /* compact timestamp to fit into 60 byte packet. (enough to obtain RTT) */ @@ -263,7 +262,7 @@ struct glob_arg { int forever; uint64_t npackets; /* total packets to send */ int frags; /* fragments per packet */ - u_int mtu; /* size of each fragment */ + u_int frag_size; /* size of each fragment */ int nthreads; int cpus; /* cpus used for running */ int system_cpus; /* cpus on the system */ @@ -308,6 +307,11 @@ struct glob_arg { }; enum dev_type { DEV_NONE, DEV_NETMAP, DEV_PCAP, DEV_TAP }; +enum { + TD_TYPE_SENDER = 1, + TD_TYPE_RECEIVER, + TD_TYPE_OTHER, +}; /* * Arguments for a new thread. The same structure is used by @@ -509,6 +513,42 @@ extract_mac_range(struct mac_range *r) return 0; } +static int +get_if_mtu(const struct glob_arg *g) +{ + char ifname[IFNAMSIZ]; + struct ifreq ifreq; + int s, ret; + + if (!strncmp(g->ifname, "netmap:", 7) && !strchr(g->ifname, '{') + && !strchr(g->ifname, '}')) { + /* Parse the interface name and ask the kernel for the + * MTU value. */ + strncpy(ifname, g->ifname+7, IFNAMSIZ-1); + ifname[strcspn(ifname, "-*^{}/@")] = '\0'; + + s = socket(AF_INET, SOCK_DGRAM, 0); + if (s < 0) { + D("socket() failed: %s", strerror(errno)); + return s; + } + + memset(&ifreq, 0, sizeof(ifreq)); + strncpy(ifreq.ifr_name, ifname, IFNAMSIZ); + + ret = ioctl(s, SIOCGIFMTU, &ifreq); + if (ret) { + D("ioctl(SIOCGIFMTU) failed: %s", strerror(errno)); + } + + return ifreq.ifr_mtu; + } + + /* This is a pipe or a VALE port, where the MTU is very large, + * so we use some practical limit. */ + return 65536; +} + static struct targ *targs; static int global_nthreads; @@ -1581,18 +1621,18 @@ sender_body(void *data) #endif /* NO_PCAP */ } else { int tosend = 0; - u_int bufsz, mtu = targ->g->mtu; + u_int bufsz, frag_size = targ->g->frag_size; nifp = targ->nmd->nifp; txring = NETMAP_TXRING(nifp, targ->nmd->first_tx_ring); bufsz = txring->nr_buf_size; - if (bufsz < mtu) - mtu = bufsz; + if (bufsz < frag_size) + frag_size = bufsz; targ->frag_size = targ->g->pkt_size / targ->frags; - if (targ->frag_size > mtu) { - targ->frags = targ->g->pkt_size / mtu; - targ->frag_size = mtu; - if (targ->g->pkt_size % mtu != 0) + if (targ->frag_size > frag_size) { + targ->frags = targ->g->pkt_size / frag_size; + targ->frag_size = frag_size; + if (targ->g->pkt_size % frag_size != 0) targ->frags++; } D("frags %u frag_size %u", targ->frags, targ->frag_size); @@ -2441,12 +2481,6 @@ usage(int errcode) exit(errcode); } -enum { - TD_TYPE_SENDER = 1, - TD_TYPE_RECEIVER, - TD_TYPE_OTHER, -}; - static void start_threads(struct glob_arg *g) { int i; @@ -2779,8 +2813,8 @@ main(int arc, char **argv) g.cpus = 1; /* default */ g.forever = 1; g.tx_rate = 0; - g.frags =1; - g.mtu = 1500; + g.frags = 1; + g.frag_size = (u_int)-1; /* use the netmap buffer size by default */ g.nmr_config = ""; g.virt_header = 0; g.wait_link = 2; /* wait 2 seconds for physical ports */ @@ -2824,7 +2858,7 @@ main(int arc, char **argv) break; case 'M': - g.mtu = atoi(optarg); + g.frag_size = atoi(optarg); break; case 'f': @@ -3104,6 +3138,16 @@ main(int arc, char **argv) // continue, fail later } + if (g.td_type == TD_TYPE_SENDER) { + int mtu = get_if_mtu(&g); + + if (mtu > 0 && g.pkt_size > mtu) { + D("pkt_size (%d) must be <= mtu (%d)", + g.pkt_size, mtu); + return -1; + } + } + if (verbose) { struct netmap_if *nifp = g.nmd->nifp; struct nmreq *req = &g.nmd->req; diff --git a/usr.bin/bmake/Makefile.config b/usr.bin/bmake/Makefile.config index 1b4fa796e722..cb7cb2350674 100644 --- a/usr.bin/bmake/Makefile.config +++ b/usr.bin/bmake/Makefile.config @@ -7,7 +7,7 @@ SRCTOP?= ${.CURDIR:H:H} # things set by configure -_MAKE_VERSION=20180512 +_MAKE_VERSION?=20180919 prefix?= /usr srcdir= ${SRCTOP}/contrib/bmake @@ -17,8 +17,8 @@ DEFAULT_SYS_PATH?= .../share/mk:/usr/share/mk CPPFLAGS+= CFLAGS+= ${CPPFLAGS} -DHAVE_CONFIG_H LDFLAGS+= -LIBOBJS= ${LIBOBJDIR}stresep$U.o -LDADD= +LIBOBJS+= ${LIBOBJDIR}stresep$U.o +LDADD+= USE_META= yes FILEMON_H?= /usr/include/dev/filemon/filemon.h BMAKE_PATH_MAX?= 1024 diff --git a/usr.bin/bmake/unit-tests/Makefile b/usr.bin/bmake/unit-tests/Makefile index ced3aeb69ab0..9b8297dfe77a 100644 --- a/usr.bin/bmake/unit-tests/Makefile +++ b/usr.bin/bmake/unit-tests/Makefile @@ -5,9 +5,9 @@ SRCTOP?= ${.CURDIR:H:H:H} -# $Id: Makefile.in,v 1.48 2015/12/07 04:06:29 sjg Exp $ +# $Id: Makefile.in,v 1.49 2018/09/21 21:39:05 sjg Exp $ # -# $NetBSD: Makefile,v 1.52 2015/05/05 21:51:09 sjg Exp $ +# $NetBSD: Makefile,v 1.53 2018/05/24 00:25:44 christos Exp $ # # Unit tests for make(1) # The main targets are: @@ -61,6 +61,7 @@ TESTNAMES= \ unexport-env \ varcmd \ varmisc \ + varquote \ varshell # these tests were broken by referting POSIX chanegs diff --git a/usr.bin/clang/llvm-objdump/Makefile b/usr.bin/clang/llvm-objdump/Makefile index be3412a7db6c..43d1fe8d357a 100644 --- a/usr.bin/clang/llvm-objdump/Makefile +++ b/usr.bin/clang/llvm-objdump/Makefile @@ -1,7 +1,6 @@ # $FreeBSD$ PROG_CXX= llvm-objdump -MAN= SRCDIR= tools/llvm-objdump SRCS+= COFFDump.cpp diff --git a/usr.bin/clang/llvm-objdump/llvm-objdump.1 b/usr.bin/clang/llvm-objdump/llvm-objdump.1 new file mode 100644 index 000000000000..3860443fd785 --- /dev/null +++ b/usr.bin/clang/llvm-objdump/llvm-objdump.1 @@ -0,0 +1,197 @@ +.\" This file is distributed under the University of Illinois Open Source +.\" License. +.\" +.Dd November 27, 2018 +.Dt LLVM-OBJDUMP 1 +.Os +.Sh NAME +.Nm llvm-objdump +.Nd LLVM object file dumper +.Sh SYNOPSIS +.Nm llvm-objdump +.Op Ar options +.Ar objfile ... +.Sh DESCRIPTION +.Nm +prints the contents of object files and final linked images named on the +command line. +If no file name is specified, +.Nm +will attempt to read from +.Pa a.out . +If +.Pa - +is used as a file name, +.Nm +will process a file on its standard input stream. +.Nm +accepts many of the same command line arguments as GNU objdump. +.Sh OPTIONS +.Ss General Options +.Bl -tag -width indent +.It Fl -aarch64-neon-syntax Ns = Ns Ar value +Choose style of NEON code to emit from AArch64 backend. +.Ar value +may be one of: +.Bl -tag -width indent +.It generic +Generic NEON assembly +.It apple +Apple-style NEON assembly +.El +.It Fl -arch Ns = Ns Ar value +Choose architecture(s) from a Mach-O file to dump +.It Fl -arch-name Ns = Ns ar arch +Target arch to disassemble for. +See +.Fl -version +for available targets. +.It Fl -bind +Display mach-o binding info. +.It Fl -color +Use colored syntax highlighting. +Default autodetect. +.It Fl -disassemble +Display assembler mnemonics for machine instructions. +.It Fl -disassemble-all +Display assembler mnemonics for the machine instruction in all sections. +.It Fl -dsym Ns = Ns Ar file +Use +.Ar file +for debug info. +.It Fl -dwarf Ns = Ns Ar sections +Dump of dwarf debug sections. +.Bl -tag -width indent +.It frames +.Dv .debug_frame +.El +.It Fl -exports-trie +Display mach-o exported symbols. +.It Fl -fault-map-section +Display contents of faultmap section. +.It Fl -filter-print-funcs Ns = Ns Ar functions +Only print IR for functions whose name match +.Ar functions +for all print-[before|after][-all] options. +.It Fl -full-leading-addr +Print full leading address. +.It Fl g +Print line information from debug info if available. +.It Fl h , -headers , -section-headers +Display summaries of the headers for each section. +.It Fl -help +Display available options. +Use +.Fl -help-hidden +for more. +.It Fl -lazy-bind +Display mach-o lazy binding info. +.It Fl -line-numbers +Display source line numbers with disassembly. +Implies disassemble object. +.It Fl -macho +Use MachO specific object file parser. +.It Fl -mattr Ns = Ns Ar attribute ... +Target specific attributes. +.It Fl -mcpu Ns = Ns Ar CPU +Target a specific cpu type. +Use +.Fl mcpu Ns = Ns help +for details. +.It Fl -no-leading-addr +Print no leading address. +.It Fl -no-leading-headers +Print no leading headers. +.It Fl -no-show-raw-insn +When disassembling instructions, do not print the instruction bytes. +.It Fl -print-imm-hex +Use hex format for immediate values. +.It Fl -private-header +Display only the first format specific file header. +.It Fl -private-headers +Display format specific file headers. +.It Fl r +Display the relocation entries in the file. +.It Fl -raw-clang-ast +Dump the raw binary contents of the clang AST section. +.It Fl -rebase +Display mach-o rebasing info. +.It Fl -reverse-iterate +Reverse iterate. +.It Fl s +Display the content of each section. +.It Fl -section Ns = Ns Ar section +Operate on the specified sections only. +With +.Fl -macho +dump segment,section. +.It Fl -source +Display source inline with disassembly. +Implies disassmble object. +.It Fl -start-address Ns = Ns Ar address +Disassemble beginning at +.Ar address . +.It Fl -stop-address Ns = Ns Ar address +Stop disassembly at +.Ar address . +.It Fl t +Display the symbol table. +.It Fl -triple Ns = Ns Ar triple +Target triple to disassemble for. +See +.Fl -version +for available targets. +.It Fl -unwind-info +Display unwind information. +.It Fl -version +Display the version of this program. +.It Fl -weak-bind +Display mach-o weak binding info. +.It Fl -x86-asm-syntax Ns = Ns Ar syntax +Choose style of code to emit from X86 backend. +.Bl -tag -width indent +.It att +Emit AT&T-style assembly. +.It intel +Emit Intel-style assembly. +.El +.El +.Ss Mach-O Options +There are a number of options specific to the Mach-O format. +These are used in combination with the +.Fl -macho +option. +.Bl -tag -width indent +.It Fl -archive-headers +Print archive headers for Mach-O archives. +.It Fl -archive-member-offsets +Print the offset to each archive member for Mach-O archives. +Requires +.Fl -macho +and +.Fl -archive-headers . +.It Fl -data-in-code +Print the data in code table for Mach-O objects. +.It Fl -dis-symname Ns = Ns Ar symbol +Disassemble just +.Ar symbol 's +instructions. +.It Fl -dylib-id +Print the shared library's id for the dylib Mach-O file. +.It Fl -dylibs-used +Print the shared libraries used for linked Mach-O files. +.It Fl -indirect-symbols +Print indirect symbol table for Mach-O objects. +.It Fl -info-plist +Print the info plist section as strings for Mach-O objects. +.It Fl -link-opt-hints +Print the linker optimization hints for Mach-O objects. +.It Fl -no-symbolic-operands +do not symbolic operands when disassembling. +.It Fl -non-verbose +Print the info for Mach-O objects in non-verbose or numeric form. +.It Fl -objc-meta-data +Print the Objective-C runtime meta data for Mach-O files. +.It Fl -universal-headers +Print Mach-O universal headers. +.El diff --git a/usr.bin/fstat/fstat.c b/usr.bin/fstat/fstat.c index 2c81ffd08e25..f4d8c25708c1 100644 --- a/usr.bin/fstat/fstat.c +++ b/usr.bin/fstat/fstat.c @@ -301,6 +301,8 @@ print_file_info(struct procstat *procstat, struct filestat *fst, case PS_FST_TYPE_SEM: print_sem_info(procstat, fst); break; + case PS_FST_TYPE_DEV: + break; default: if (vflg) fprintf(stderr, diff --git a/usr.bin/procstat/procstat_files.c b/usr.bin/procstat/procstat_files.c index ad1e1ca866d4..7a55659abcb5 100644 --- a/usr.bin/procstat/procstat_files.c +++ b/usr.bin/procstat/procstat_files.c @@ -408,6 +408,11 @@ procstat_files(struct procstat *procstat, struct kinfo_proc *kipp) xo_emit("{eq:fd_type/procdesc}"); break; + case PS_FST_TYPE_DEV: + str = "D"; + xo_emit("{eq:fd_type/dev}"); + break; + case PS_FST_TYPE_NONE: str = "?"; xo_emit("{eq:fd_type/none}"); diff --git a/usr.bin/procstat/tests/procstat_test.sh b/usr.bin/procstat/tests/procstat_test.sh index 007fa6df8021..16c30d0b2000 100755 --- a/usr.bin/procstat/tests/procstat_test.sh +++ b/usr.bin/procstat/tests/procstat_test.sh @@ -79,6 +79,8 @@ command_line_arguments_head() } command_line_arguments_body() { + atf_skip "https://bugs.freebsd.org/233587" + arguments="my arguments" start_program $arguments @@ -103,6 +105,8 @@ environment_head() } environment_body() { + atf_skip "https://bugs.freebsd.org/233588" + var="MY_VARIABLE=foo" eval "export $var" diff --git a/usr.bin/top/top.c b/usr.bin/top/top.c index 2279479409b1..a4bdb5013861 100644 --- a/usr.bin/top/top.c +++ b/usr.bin/top/top.c @@ -985,6 +985,9 @@ restart: break; case CMD_viewtog: displaymode = displaymode == DISP_IO ? DISP_CPU : DISP_IO; + new_message(MT_standout | MT_delayed, + " Displaying %s statistics.", + displaymode == DISP_IO ? "IO" : "CPU"); header_text = format_header(uname_field); display_header(true); d_header = i_header; @@ -992,9 +995,15 @@ restart: break; case CMD_viewsys: ps.system = !ps.system; + new_message(MT_standout | MT_delayed, + " %sisplaying system processes.", + ps.system ? "D" : "Not d"); break; case CMD_showargs: fmt_flags ^= FMT_SHOWARGS; + new_message(MT_standout | MT_delayed, + " %sisplaying process arguments.", + fmt_flags & FMT_SHOWARGS ? "D" : "Not d"); break; case CMD_order: new_message(MT_standout, diff --git a/usr.bin/truss/powerpc64-freebsd.c b/usr.bin/truss/powerpc64-freebsd.c index ca2e108a2a82..e3504b3cf5e1 100644 --- a/usr.bin/truss/powerpc64-freebsd.c +++ b/usr.bin/truss/powerpc64-freebsd.c @@ -117,3 +117,14 @@ static struct procabi powerpc64_freebsd = { }; PROCABI(powerpc64_freebsd); + +static struct procabi powerpc64_freebsd_elfv2 = { + "FreeBSD ELF64 V2", + SYSDECODE_ABI_FREEBSD, + powerpc64_fetch_args, + powerpc64_fetch_retval, + STAILQ_HEAD_INITIALIZER(powerpc64_freebsd_elfv2.extra_syscalls), + { NULL } +}; + +PROCABI(powerpc64_freebsd_elfv2); diff --git a/usr.bin/truss/riscv64-freebsd.c b/usr.bin/truss/riscv-freebsd.c index 758496a423eb..063372077b9a 100644 --- a/usr.bin/truss/riscv64-freebsd.c +++ b/usr.bin/truss/riscv-freebsd.c @@ -26,7 +26,7 @@ #include <sys/cdefs.h> __FBSDID("$FreeBSD$"); -/* FreeBSD/riscv64-specific system call handling. */ +/* FreeBSD/riscv-specific system call handling. */ #include <sys/ptrace.h> #include <sys/syscall.h> @@ -41,7 +41,7 @@ __FBSDID("$FreeBSD$"); #include "truss.h" static int -riscv64_fetch_args(struct trussinfo *trussinfo, u_int narg) +riscv_fetch_args(struct trussinfo *trussinfo, u_int narg) { struct reg regs; struct current_syscall *cs; @@ -77,7 +77,7 @@ riscv64_fetch_args(struct trussinfo *trussinfo, u_int narg) } static int -riscv64_fetch_retval(struct trussinfo *trussinfo, long *retval, int *errorp) +riscv_fetch_retval(struct trussinfo *trussinfo, long *retval, int *errorp) { struct reg regs; lwpid_t tid; @@ -94,13 +94,13 @@ riscv64_fetch_retval(struct trussinfo *trussinfo, long *retval, int *errorp) return (0); } -static struct procabi riscv64_freebsd = { +static struct procabi riscv_freebsd = { "FreeBSD ELF64", SYSDECODE_ABI_FREEBSD, - riscv64_fetch_args, - riscv64_fetch_retval, - STAILQ_HEAD_INITIALIZER(riscv64_freebsd.extra_syscalls), + riscv_fetch_args, + riscv_fetch_retval, + STAILQ_HEAD_INITIALIZER(riscv_freebsd.extra_syscalls), { NULL } }; -PROCABI(riscv64_freebsd); +PROCABI(riscv_freebsd); diff --git a/usr.sbin/bhyve/fwctl.c b/usr.sbin/bhyve/fwctl.c index 00d6ef86813b..0640bc28ba2b 100644 --- a/usr.sbin/bhyve/fwctl.c +++ b/usr.sbin/bhyve/fwctl.c @@ -79,8 +79,8 @@ static u_int ident_idx; struct op_info { int op; - int (*op_start)(int len); - void (*op_data)(uint32_t data, int len); + int (*op_start)(uint32_t len); + void (*op_data)(uint32_t data, uint32_t len); int (*op_result)(struct iovec **data); void (*op_done)(struct iovec *data); }; @@ -119,7 +119,7 @@ errop_set(int err) } static int -errop_start(int len) +errop_start(uint32_t len) { errop_code = ENOENT; @@ -128,7 +128,7 @@ errop_start(int len) } static void -errop_data(uint32_t data, int len) +errop_data(uint32_t data, uint32_t len) { /* ignore */ @@ -188,7 +188,7 @@ static int fget_cnt; static size_t fget_size; static int -fget_start(int len) +fget_start(uint32_t len) { if (len > FGET_STRSZ) @@ -200,7 +200,7 @@ fget_start(int len) } static void -fget_data(uint32_t data, int len) +fget_data(uint32_t data, uint32_t len) { *((uint32_t *) &fget_str[fget_cnt]) = data; @@ -285,8 +285,8 @@ static struct req_info { struct op_info *req_op; int resp_error; int resp_count; - int resp_size; - int resp_off; + size_t resp_size; + size_t resp_off; struct iovec *resp_biov; } rinfo; @@ -346,13 +346,14 @@ fwctl_request_start(void) static int fwctl_request_data(uint32_t value) { - int remlen; /* Make sure remaining size is >= 0 */ - rinfo.req_size -= sizeof(uint32_t); - remlen = MAX(rinfo.req_size, 0); + if (rinfo.req_size <= sizeof(uint32_t)) + rinfo.req_size = 0; + else + rinfo.req_size -= sizeof(uint32_t); - (*rinfo.req_op->op_data)(value, remlen); + (*rinfo.req_op->op_data)(value, rinfo.req_size); if (rinfo.req_size < sizeof(uint32_t)) { fwctl_request_done(); @@ -401,7 +402,7 @@ static int fwctl_response(uint32_t *retval) { uint32_t *dp; - int remlen; + ssize_t remlen; switch(rinfo.resp_count) { case 0: @@ -436,7 +437,7 @@ fwctl_response(uint32_t *retval) } if (rinfo.resp_count > 3 && - rinfo.resp_size - rinfo.resp_off <= 0) { + rinfo.resp_off >= rinfo.resp_size) { fwctl_response_done(); return (1); } diff --git a/usr.sbin/bhyve/iov.c b/usr.sbin/bhyve/iov.c index c564bd8ae50f..54ea22aa9498 100644 --- a/usr.sbin/bhyve/iov.c +++ b/usr.sbin/bhyve/iov.c @@ -2,6 +2,7 @@ * SPDX-License-Identifier: BSD-2-Clause-FreeBSD * * Copyright (c) 2016 Jakub Klama <jceel@FreeBSD.org>. + * Copyright (c) 2018 Alexander Motin <mav@FreeBSD.org> * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -39,12 +40,12 @@ __FBSDID("$FreeBSD$"); #include "iov.h" void -seek_iov(struct iovec *iov1, size_t niov1, struct iovec *iov2, size_t *niov2, +seek_iov(const struct iovec *iov1, int niov1, struct iovec *iov2, int *niov2, size_t seek) { size_t remainder = 0; size_t left = seek; - size_t i, j; + int i, j; for (i = 0; i < niov1; i++) { size_t toseek = MIN(left, iov1[i].iov_len); @@ -69,9 +70,10 @@ seek_iov(struct iovec *iov1, size_t niov1, struct iovec *iov2, size_t *niov2, } size_t -count_iov(struct iovec *iov, size_t niov) +count_iov(const struct iovec *iov, int niov) { - size_t i, total = 0; + size_t total = 0; + int i; for (i = 0; i < niov; i++) total += iov[i].iov_len; @@ -79,35 +81,36 @@ count_iov(struct iovec *iov, size_t niov) return (total); } -size_t -truncate_iov(struct iovec *iov, size_t niov, size_t length) +void +truncate_iov(struct iovec *iov, int *niov, size_t length) { - size_t i, done = 0; + size_t done = 0; + int i; - for (i = 0; i < niov; i++) { + for (i = 0; i < *niov; i++) { size_t toseek = MIN(length - done, iov[i].iov_len); done += toseek; - if (toseek < iov[i].iov_len) { + if (toseek <= iov[i].iov_len) { iov[i].iov_len = toseek; - return (i + 1); + *niov = i + 1; + return; } } - - return (niov); } ssize_t -iov_to_buf(struct iovec *iov, size_t niov, void **buf) +iov_to_buf(const struct iovec *iov, int niov, void **buf) { - size_t i, ptr = 0, total = 0; + size_t ptr, total; + int i; - for (i = 0; i < niov; i++) { - total += iov[i].iov_len; - *buf = realloc(*buf, total); - if (*buf == NULL) - return (-1); + total = count_iov(iov, niov); + *buf = realloc(*buf, total); + if (*buf == NULL) + return (-1); + for (i = 0, ptr = 0; i < niov; i++) { memcpy(*buf + ptr, iov[i].iov_base, iov[i].iov_len); ptr += iov[i].iov_len; } @@ -116,12 +119,12 @@ iov_to_buf(struct iovec *iov, size_t niov, void **buf) } ssize_t -buf_to_iov(void *buf, size_t buflen, struct iovec *iov, size_t niov, +buf_to_iov(const void *buf, size_t buflen, struct iovec *iov, int niov, size_t seek) { struct iovec *diov; - size_t ndiov, i; - uintptr_t off = 0; + int ndiov, i; + size_t off = 0, len; if (seek > 0) { diov = malloc(sizeof(struct iovec) * niov); @@ -131,11 +134,15 @@ buf_to_iov(void *buf, size_t buflen, struct iovec *iov, size_t niov, ndiov = niov; } - for (i = 0; i < ndiov; i++) { - memcpy(diov[i].iov_base, buf + off, diov[i].iov_len); - off += diov[i].iov_len; + for (i = 0; i < ndiov && off < buflen; i++) { + len = MIN(diov[i].iov_len, buflen - off); + memcpy(diov[i].iov_base, buf + off, len); + off += len; } + if (seek > 0) + free(diov); + return ((ssize_t)off); } diff --git a/usr.sbin/bhyve/iov.h b/usr.sbin/bhyve/iov.h index 87fa4c1dcfe6..e3b5916edb10 100644 --- a/usr.sbin/bhyve/iov.h +++ b/usr.sbin/bhyve/iov.h @@ -2,6 +2,7 @@ * SPDX-License-Identifier: BSD-2-Clause-FreeBSD * * Copyright (c) 2016 Jakub Klama <jceel@FreeBSD.org>. + * Copyright (c) 2018 Alexander Motin <mav@FreeBSD.org> * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -32,12 +33,12 @@ #ifndef _IOV_H_ #define _IOV_H_ -void seek_iov(struct iovec *iov1, size_t niov1, struct iovec *iov2, - size_t *niov2, size_t seek); -size_t truncate_iov(struct iovec *iov, size_t niov, size_t length); -size_t count_iov(struct iovec *iov, size_t niov); -ssize_t iov_to_buf(struct iovec *iov, size_t niov, void **buf); -ssize_t buf_to_iov(void *buf, size_t buflen, struct iovec *iov, size_t niov, +void seek_iov(const struct iovec *iov1, int niov1, struct iovec *iov2, + int *niov2, size_t seek); +void truncate_iov(struct iovec *iov, int *niov, size_t length); +size_t count_iov(const struct iovec *iov, int niov); +ssize_t iov_to_buf(const struct iovec *iov, int niov, void **buf); +ssize_t buf_to_iov(const void *buf, size_t buflen, struct iovec *iov, int niov, size_t seek); #endif /* _IOV_H_ */ diff --git a/usr.sbin/bhyve/pci_virtio_scsi.c b/usr.sbin/bhyve/pci_virtio_scsi.c index aa906bb8545c..531073ffd6a3 100644 --- a/usr.sbin/bhyve/pci_virtio_scsi.c +++ b/usr.sbin/bhyve/pci_virtio_scsi.c @@ -389,7 +389,7 @@ pci_vtscsi_tmf_handle(struct pci_vtscsi_softc *sc, ctl_scsi_zero_io(io); io->io_hdr.io_type = CTL_IO_TASK; - io->io_hdr.nexus.targ_port = tmf->lun[1]; + io->io_hdr.nexus.initid = sc->vss_iid; io->io_hdr.nexus.targ_lun = pci_vtscsi_get_lun(tmf->lun); io->taskio.tag_type = CTL_TAG_SIMPLE; io->taskio.tag_num = (uint32_t)tmf->id; @@ -462,7 +462,7 @@ pci_vtscsi_request_handle(struct pci_vtscsi_queue *q, struct iovec *iov_in, struct pci_vtscsi_req_cmd_wr *cmd_wr; struct iovec data_iov_in[VTSCSI_MAXSEG], data_iov_out[VTSCSI_MAXSEG]; union ctl_io *io; - size_t data_niov_in, data_niov_out; + int data_niov_in, data_niov_out; void *ext_data_ptr = NULL; uint32_t ext_data_len = 0, ext_sg_entries = 0; int err; @@ -472,15 +472,15 @@ pci_vtscsi_request_handle(struct pci_vtscsi_queue *q, struct iovec *iov_in, seek_iov(iov_out, niov_out, data_iov_out, &data_niov_out, VTSCSI_OUT_HEADER_LEN(sc)); - truncate_iov(iov_in, niov_in, VTSCSI_IN_HEADER_LEN(sc)); - truncate_iov(iov_out, niov_out, VTSCSI_OUT_HEADER_LEN(sc)); + truncate_iov(iov_in, &niov_in, VTSCSI_IN_HEADER_LEN(sc)); + truncate_iov(iov_out, &niov_out, VTSCSI_OUT_HEADER_LEN(sc)); iov_to_buf(iov_in, niov_in, (void **)&cmd_rd); cmd_wr = malloc(VTSCSI_OUT_HEADER_LEN(sc)); io = ctl_scsi_alloc_io(sc->vss_iid); ctl_scsi_zero_io(io); - io->io_hdr.nexus.targ_port = cmd_rd->lun[1]; + io->io_hdr.nexus.initid = sc->vss_iid; io->io_hdr.nexus.targ_lun = pci_vtscsi_get_lun(cmd_rd->lun); io->io_hdr.io_type = CTL_IO_SCSI; @@ -499,7 +499,21 @@ pci_vtscsi_request_handle(struct pci_vtscsi_queue *q, struct iovec *iov_in, io->scsiio.sense_len = sc->vss_config.sense_size; io->scsiio.tag_num = (uint32_t)cmd_rd->id; - io->scsiio.tag_type = CTL_TAG_SIMPLE; + switch (cmd_rd->task_attr) { + case VIRTIO_SCSI_S_ORDERED: + io->scsiio.tag_type = CTL_TAG_ORDERED; + break; + case VIRTIO_SCSI_S_HEAD: + io->scsiio.tag_type = CTL_TAG_HEAD_OF_QUEUE; + break; + case VIRTIO_SCSI_S_ACA: + io->scsiio.tag_type = CTL_TAG_ACA; + break; + case VIRTIO_SCSI_S_SIMPLE: + default: + io->scsiio.tag_type = CTL_TAG_SIMPLE; + break; + } io->scsiio.ext_sg_entries = ext_sg_entries; io->scsiio.ext_data_ptr = ext_data_ptr; io->scsiio.ext_data_len = ext_data_len; @@ -552,7 +566,8 @@ pci_vtscsi_controlq_notify(void *vsc, struct vqueue_info *vq) n = vq_getchain(vq, &idx, iov, VTSCSI_MAXSEG, NULL); bufsize = iov_to_buf(iov, n, &buf); iolen = pci_vtscsi_control_handle(sc, buf, bufsize); - buf_to_iov(buf + bufsize - iolen, iolen, iov, n, iolen); + buf_to_iov(buf + bufsize - iolen, iolen, iov, n, + bufsize - iolen); /* * Release this chain and handle more @@ -560,6 +575,7 @@ pci_vtscsi_controlq_notify(void *vsc, struct vqueue_info *vq) vq_relchain(vq, idx, iolen); } vq_endchains(vq, 1); /* Generate interrupt if appropriate. */ + free(buf); } static void diff --git a/usr.sbin/boot0cfg/boot0cfg.c b/usr.sbin/boot0cfg/boot0cfg.c index 501283d28471..f6f12c0bd58b 100644 --- a/usr.sbin/boot0cfg/boot0cfg.c +++ b/usr.sbin/boot0cfg/boot0cfg.c @@ -100,7 +100,7 @@ static const char fmt1[] = "%d 0x%02x %4u:%3u:%2u 0x%02x" static int geom_class_available(const char *); static int read_mbr(const char *, u_int8_t **, int); -static void write_mbr(const char *, int, u_int8_t *, int); +static void write_mbr(const char *, int, u_int8_t *, int, int); static void display_mbr(u_int8_t *); static int boot0version(const u_int8_t *); static int boot0bs(const u_int8_t *); @@ -200,7 +200,7 @@ main(int argc, char *argv[]) /* save the existing MBR if we are asked to do so */ if (fpath) - write_mbr(fpath, O_CREAT | O_TRUNC, mbr, mbr_size); + write_mbr(fpath, O_CREAT | O_TRUNC, mbr, mbr_size, 0); /* * If we are installing the boot loader, read it from disk and copy the @@ -256,7 +256,7 @@ main(int argc, char *argv[]) } /* write the MBR back to disk */ if (up) - write_mbr(disk, 0, boot0, boot0_size); + write_mbr(disk, 0, boot0, boot0_size, vol_id[4] || b0_ver == 1); /* display the MBR */ if (v_flag) @@ -372,7 +372,8 @@ geom_class_available(const char *name) * Write out the mbr to the specified file. */ static void -write_mbr(const char *fname, int flags, u_int8_t *mbr, int mbr_size) +write_mbr(const char *fname, int flags, u_int8_t *mbr, int mbr_size, + int disable_dsn) { struct gctl_req *grq; const char *errmsg; @@ -417,6 +418,9 @@ write_mbr(const char *fname, int flags, u_int8_t *mbr, int mbr_size) gctl_ro_param(grq, "verb", -1, "bootcode"); gctl_ro_param(grq, "bootcode", mbr_size, mbr); gctl_ro_param(grq, "flags", -1, "C"); + if (disable_dsn) + gctl_ro_param(grq, "skip_dsn", sizeof(int), + &disable_dsn); errmsg = gctl_issue(grq); if (errmsg != NULL && errmsg[0] != '\0') errx(1, "GEOM_PART: write bootcode to %s failed: %s", diff --git a/usr.sbin/ctld/kernel.c b/usr.sbin/ctld/kernel.c index 166025f4587e..4da7c05f1e66 100644 --- a/usr.sbin/ctld/kernel.c +++ b/usr.sbin/ctld/kernel.c @@ -52,6 +52,7 @@ __FBSDID("$FreeBSD$"); #include <sys/stat.h> #include <assert.h> #include <bsdxml.h> +#include <capsicum_helpers.h> #include <ctype.h> #include <errno.h> #include <fcntl.h> @@ -1313,22 +1314,17 @@ kernel_receive(struct pdu *pdu) void kernel_capsicate(void) { - int error; cap_rights_t rights; const unsigned long cmds[] = { CTL_ISCSI }; cap_rights_init(&rights, CAP_IOCTL); - error = cap_rights_limit(ctl_fd, &rights); - if (error != 0 && errno != ENOSYS) + if (caph_rights_limit(ctl_fd, &rights) < 0) log_err(1, "cap_rights_limit"); - error = cap_ioctls_limit(ctl_fd, cmds, nitems(cmds)); - - if (error != 0 && errno != ENOSYS) + if (caph_ioctls_limit(ctl_fd, cmds, nitems(cmds)) < 0) log_err(1, "cap_ioctls_limit"); - error = cap_enter(); - if (error != 0 && errno != ENOSYS) + if (caph_enter() < 0) log_err(1, "cap_enter"); if (cap_sandboxed()) diff --git a/usr.sbin/etcupdate/etcupdate.8 b/usr.sbin/etcupdate/etcupdate.8 index 4cc5d69eb195..24afbca12951 100644 --- a/usr.sbin/etcupdate/etcupdate.8 +++ b/usr.sbin/etcupdate/etcupdate.8 @@ -25,7 +25,7 @@ .\" .\" $FreeBSD$ .\" -.Dd September 29, 2015 +.Dd November 27, 2018 .Dt ETCUPDATE 8 .Os .Sh NAME @@ -853,6 +853,7 @@ but it has been removed in the destination directory. .Xr make 1 , .Xr newaliases 1 , .Xr sh 1 , +.Xr mergemaster 8 , .Xr pwd_mkdb 8 , .Xr services_mkdb 8 , .Xr tzsetup 8 diff --git a/usr.sbin/fstyp/ufs.c b/usr.sbin/fstyp/ufs.c index 340119dada4c..4002fc89c9ee 100644 --- a/usr.sbin/fstyp/ufs.c +++ b/usr.sbin/fstyp/ufs.c @@ -50,7 +50,7 @@ fstyp_ufs(FILE *fp, char *label, size_t labelsize) { struct fs *fs; - switch (sbget(fileno(fp), &fs, -1)) { + switch (sbget(fileno(fp), &fs, STDSB)) { case 0: strlcpy(label, fs->fs_volname, labelsize); return (0); diff --git a/usr.sbin/iscsid/iscsid.c b/usr.sbin/iscsid/iscsid.c index 15dbe55927ea..aaf8f78d718b 100644 --- a/usr.sbin/iscsid/iscsid.c +++ b/usr.sbin/iscsid/iscsid.c @@ -42,6 +42,7 @@ __FBSDID("$FreeBSD$"); #include <sys/capsicum.h> #include <sys/wait.h> #include <assert.h> +#include <capsicum_helpers.h> #include <errno.h> #include <fcntl.h> #include <libutil.h> @@ -349,7 +350,6 @@ fail(const struct connection *conn, const char *reason) static void capsicate(struct connection *conn) { - int error; cap_rights_t rights; #ifdef ICL_KERNEL_PROXY const unsigned long cmds[] = { ISCSIDCONNECT, ISCSIDSEND, ISCSIDRECEIVE, @@ -360,17 +360,13 @@ capsicate(struct connection *conn) #endif cap_rights_init(&rights, CAP_IOCTL); - error = cap_rights_limit(conn->conn_iscsi_fd, &rights); - if (error != 0 && errno != ENOSYS) + if (caph_rights_limit(conn->conn_iscsi_fd, &rights) < 0) log_err(1, "cap_rights_limit"); - error = cap_ioctls_limit(conn->conn_iscsi_fd, cmds, nitems(cmds)); - - if (error != 0 && errno != ENOSYS) + if (caph_ioctls_limit(conn->conn_iscsi_fd, cmds, nitems(cmds)) < 0) log_err(1, "cap_ioctls_limit"); - error = cap_enter(); - if (error != 0 && errno != ENOSYS) + if (caph_enter() != 0) log_err(1, "cap_enter"); if (cap_sandboxed()) diff --git a/usr.sbin/jail/jail.8 b/usr.sbin/jail/jail.8 index 4018513aa9bf..36122182d82a 100644 --- a/usr.sbin/jail/jail.8 +++ b/usr.sbin/jail/jail.8 @@ -25,7 +25,7 @@ .\" .\" $FreeBSD$ .\" -.Dd November 10, 2018 +.Dd November 27, 2018 .Dt JAIL 8 .Os .Sh NAME @@ -582,6 +582,8 @@ memory subject to and resource limits. .It Va allow.reserved_ports The jail root may bind to ports lower than 1024. +.It Va allow.unprivileged_proc_debug +Unprivileged processes in the jail may use debugging facilities. .El .El .Pp diff --git a/usr.sbin/mergemaster/mergemaster.8 b/usr.sbin/mergemaster/mergemaster.8 index b37b173d3c67..b76799e39cd5 100644 --- a/usr.sbin/mergemaster/mergemaster.8 +++ b/usr.sbin/mergemaster/mergemaster.8 @@ -24,7 +24,7 @@ .\" .\" $FreeBSD$ .\" -.Dd August 8, 2018 +.Dd November 27, 2018 .Dt MERGEMASTER 8 .Os .Sh NAME @@ -453,6 +453,7 @@ comparison, use: .Xr make 1 , .Xr less 1 , .Xr sdiff 1 , +.Xr etcupdate 8 , .Xr pwd_mkdb 8 .Pp .Pa /usr/src/etc/Makefile diff --git a/usr.sbin/mountd/mountd.c b/usr.sbin/mountd/mountd.c index 1a10e9dc1c60..03a084dec033 100644 --- a/usr.sbin/mountd/mountd.c +++ b/usr.sbin/mountd/mountd.c @@ -1026,8 +1026,13 @@ mntsrv(struct svc_req *rqstp, SVCXPRT *transp) syslog(LOG_ERR, "request from unknown address family"); return; } - lookup_failed = getnameinfo(saddr, saddr->sa_len, host, sizeof host, - NULL, 0, 0); + switch (rqstp->rq_proc) { + case MOUNTPROC_MNT: + case MOUNTPROC_UMNT: + case MOUNTPROC_UMNTALL: + lookup_failed = getnameinfo(saddr, saddr->sa_len, host, + sizeof host, NULL, 0, 0); + } getnameinfo(saddr, saddr->sa_len, numerichost, sizeof numerichost, NULL, 0, NI_NUMERICHOST); switch (rqstp->rq_proc) { diff --git a/usr.sbin/newsyslog/newsyslog.c b/usr.sbin/newsyslog/newsyslog.c index b292dc641f16..07fa2439ede9 100644 --- a/usr.sbin/newsyslog/newsyslog.c +++ b/usr.sbin/newsyslog/newsyslog.c @@ -2426,6 +2426,7 @@ age_old_log(const char *file) const char *logfile_suffix; static unsigned int suffix_maxlen = 0; char *tmp; + size_t tmpsiz; time_t mtime; int c; @@ -2435,33 +2436,34 @@ age_old_log(const char *file) strlen(compress_type[c].suffix)); } - tmp = alloca(MAXPATHLEN + sizeof(".0") + suffix_maxlen + 1); + tmpsiz = MAXPATHLEN + sizeof(".0") + suffix_maxlen + 1; + tmp = alloca(tmpsiz); if (archtodir) { char *p; /* build name of archive directory into tmp */ if (*archdirname == '/') { /* absolute */ - strlcpy(tmp, archdirname, sizeof(tmp)); + strlcpy(tmp, archdirname, tmpsiz); } else { /* relative */ /* get directory part of logfile */ - strlcpy(tmp, file, sizeof(tmp)); + strlcpy(tmp, file, tmpsiz); if ((p = strrchr(tmp, '/')) == NULL) tmp[0] = '\0'; else *(p + 1) = '\0'; - strlcat(tmp, archdirname, sizeof(tmp)); + strlcat(tmp, archdirname, tmpsiz); } - strlcat(tmp, "/", sizeof(tmp)); + strlcat(tmp, "/", tmpsiz); /* get filename part of logfile */ if ((p = strrchr(file, '/')) == NULL) - strlcat(tmp, file, sizeof(tmp)); + strlcat(tmp, file, tmpsiz); else - strlcat(tmp, p + 1, sizeof(tmp)); + strlcat(tmp, p + 1, tmpsiz); } else { - (void) strlcpy(tmp, file, sizeof(tmp)); + (void) strlcpy(tmp, file, tmpsiz); } if (timefnamefmt != NULL) { @@ -2469,11 +2471,11 @@ age_old_log(const char *file) if (mtime == -1) return (-1); } else { - strlcat(tmp, ".0", sizeof(tmp)); + strlcat(tmp, ".0", tmpsiz); logfile_suffix = get_logfile_suffix(tmp); if (logfile_suffix == NULL) return (-1); - (void) strlcat(tmp, logfile_suffix, sizeof(tmp)); + (void) strlcat(tmp, logfile_suffix, tmpsiz); if (stat(tmp, &sb) < 0) return (-1); mtime = sb.st_mtime; diff --git a/usr.sbin/nscd/nscdcli.c b/usr.sbin/nscd/nscdcli.c index 4cbcd79c9fe7..326acfae7dea 100644 --- a/usr.sbin/nscd/nscdcli.c +++ b/usr.sbin/nscd/nscdcli.c @@ -130,44 +130,41 @@ safe_read(struct nscd_connection_ *connection, void *data, size_t data_size) static int send_credentials(struct nscd_connection_ *connection, int type) { + union { + struct cmsghdr hdr; + char pad[CMSG_SPACE(sizeof(struct cmsgcred))]; + } cmsg; + struct msghdr mhdr; + struct iovec iov; struct kevent eventlist; int nevents; ssize_t result; int res; - struct msghdr cred_hdr; - struct iovec iov; - - union { - struct cmsghdr hdr; - char cred[CMSG_SPACE(sizeof(struct cmsgcred))]; - } cmsg; - TRACE_IN(send_credentials); memset(&cmsg, 0, sizeof(cmsg)); cmsg.hdr.cmsg_len = CMSG_LEN(sizeof(struct cmsgcred)); cmsg.hdr.cmsg_level = SOL_SOCKET; cmsg.hdr.cmsg_type = SCM_CREDS; - memset(&cred_hdr, 0, sizeof(struct msghdr)); - cred_hdr.msg_iov = &iov; - cred_hdr.msg_iovlen = 1; - cred_hdr.msg_control = &cmsg; - cred_hdr.msg_controllen = CMSG_SPACE(sizeof(struct cmsgcred)); + memset(&mhdr, 0, sizeof(mhdr)); + mhdr.msg_iov = &iov; + mhdr.msg_iovlen = 1; + mhdr.msg_control = &cmsg; + mhdr.msg_controllen = CMSG_SPACE(sizeof(struct cmsgcred)); iov.iov_base = &type; iov.iov_len = sizeof(int); EV_SET(&eventlist, connection->sockfd, EVFILT_WRITE, EV_ADD, - NOTE_LOWAT, sizeof(int), NULL); + NOTE_LOWAT, sizeof(int), NULL); res = kevent(connection->write_queue, &eventlist, 1, NULL, 0, NULL); nevents = kevent(connection->write_queue, NULL, 0, &eventlist, 1, NULL); if ((nevents == 1) && (eventlist.filter == EVFILT_WRITE)) { - result = (sendmsg(connection->sockfd, &cred_hdr, 0) == -1) ? -1 - : 0; + result = sendmsg(connection->sockfd, &mhdr, 0) == -1 ? -1 : 0; EV_SET(&eventlist, connection->sockfd, EVFILT_WRITE, EV_ADD, - 0, 0, NULL); + 0, 0, NULL); kevent(connection->write_queue, &eventlist, 1, NULL, 0, NULL); TRACE_OUT(send_credentials); return (result); diff --git a/usr.sbin/nscd/query.c b/usr.sbin/nscd/query.c index db7992b32c58..a7737c0ea9aa 100644 --- a/usr.sbin/nscd/query.c +++ b/usr.sbin/nscd/query.c @@ -155,38 +155,37 @@ clear_config_entry_part(struct configuration_entry *config_entry, static int on_query_startup(struct query_state *qstate) { - struct msghdr cred_hdr; - struct iovec iov; - struct cmsgcred *cred; - int elem_type; - union { - struct cmsghdr hdr; - char cred[CMSG_SPACE(sizeof(struct cmsgcred))]; + struct cmsghdr hdr; + char pad[CMSG_SPACE(sizeof(struct cmsgcred))]; } cmsg; + struct msghdr mhdr; + struct iovec iov; + struct cmsgcred *cred; + int elem_type; TRACE_IN(on_query_startup); assert(qstate != NULL); - memset(&cred_hdr, 0, sizeof(struct msghdr)); - cred_hdr.msg_iov = &iov; - cred_hdr.msg_iovlen = 1; - cred_hdr.msg_control = &cmsg; - cred_hdr.msg_controllen = CMSG_SPACE(sizeof(struct cmsgcred)); + memset(&mhdr, 0, sizeof(mhdr)); + mhdr.msg_iov = &iov; + mhdr.msg_iovlen = 1; + mhdr.msg_control = &cmsg; + mhdr.msg_controllen = sizeof(cmsg); - memset(&iov, 0, sizeof(struct iovec)); + memset(&iov, 0, sizeof(iov)); iov.iov_base = &elem_type; - iov.iov_len = sizeof(int); + iov.iov_len = sizeof(elem_type); - if (recvmsg(qstate->sockfd, &cred_hdr, 0) == -1) { + if (recvmsg(qstate->sockfd, &mhdr, 0) == -1) { TRACE_OUT(on_query_startup); return (-1); } - if (cred_hdr.msg_controllen < CMSG_LEN(sizeof(struct cmsgcred)) - || cmsg.hdr.cmsg_len < CMSG_LEN(sizeof(struct cmsgcred)) - || cmsg.hdr.cmsg_level != SOL_SOCKET - || cmsg.hdr.cmsg_type != SCM_CREDS) { + if (mhdr.msg_controllen != CMSG_SPACE(sizeof(struct cmsgcred)) || + cmsg.hdr.cmsg_len != CMSG_LEN(sizeof(struct cmsgcred)) || + cmsg.hdr.cmsg_level != SOL_SOCKET || + cmsg.hdr.cmsg_type != SCM_CREDS) { TRACE_OUT(on_query_startup); return (-1); } @@ -206,9 +205,9 @@ on_query_startup(struct query_state *qstate) return (-1); #else if ((elem_type != CET_READ_REQUEST) && - (elem_type != CET_MP_READ_SESSION_REQUEST) && - (elem_type != CET_WRITE_REQUEST) && - (elem_type != CET_MP_WRITE_SESSION_REQUEST)) { + (elem_type != CET_MP_READ_SESSION_REQUEST) && + (elem_type != CET_WRITE_REQUEST) && + (elem_type != CET_MP_WRITE_SESSION_REQUEST)) { TRACE_OUT(on_query_startup); return (-1); } diff --git a/usr.sbin/quot/quot.c b/usr.sbin/quot/quot.c index 348946ff7dbb..18b1e398ec09 100644 --- a/usr.sbin/quot/quot.c +++ b/usr.sbin/quot/quot.c @@ -550,7 +550,7 @@ quot(char *name, char *mp) close(fd); return; } - switch (sbget(fd, &fs, -1)) { + switch (sbget(fd, &fs, STDSB)) { case 0: break; case ENOENT: diff --git a/usr.sbin/unbound/setup/local-unbound-setup.sh b/usr.sbin/unbound/setup/local-unbound-setup.sh index 0e75112dd99b..c51145cf2312 100755 --- a/usr.sbin/unbound/setup/local-unbound-setup.sh +++ b/usr.sbin/unbound/setup/local-unbound-setup.sh @@ -218,7 +218,7 @@ gen_forward_conf() { if [ "${use_tls}" = "yes" ] ; then echo " forward-tls-upstream: yes" sed -nE \ - -e "s/^(${RE_forward_tls})$/ forward-addr: \\1/p" + -e "s/^${RE_forward_tls}\$/ forward-addr: \\1/p" else sed -nE \ -e "s/^${RE_forward_addr}\$/ forward-addr: \\1/p" \ @@ -411,8 +411,10 @@ main() { style=recursing ;; "") - echo "Extracting forwarders from ${resolv_conf}." - forwarders=$(get_nameservers <"${D}${resolv_conf}") + if [ -f "${D}${resolv_conf}" ] ; then + echo "Extracting forwarders from ${resolv_conf}." + forwarders=$(get_nameservers <"${D}${resolv_conf}") + fi style=dynamic ;; *) diff --git a/usr.sbin/wpa/Makefile.crypto b/usr.sbin/wpa/Makefile.crypto index 5c03f7d21d0e..a5a721417715 100644 --- a/usr.sbin/wpa/Makefile.crypto +++ b/usr.sbin/wpa/Makefile.crypto @@ -21,6 +21,7 @@ CONFIG_INTERNAL_DH=y NEED_AES_ENC=true NEED_AES_CBC=true .endif +NEED_AES_OMAC1=true .if defined(TLS_FUNCS) NEED_TLS_PRF=y @@ -49,7 +50,7 @@ NEED_MD4=y NEED_RC4=y .else CFLAGS+=-DEAP_TLS_OPENSSL -SRCS+= tls_openssl.c +SRCS+= tls_openssl.c tls_openssl_ocsp.c .endif .endif diff --git a/usr.sbin/wpa/Makefile.inc b/usr.sbin/wpa/Makefile.inc index ebde81533cef..af957ff4f3c4 100644 --- a/usr.sbin/wpa/Makefile.inc +++ b/usr.sbin/wpa/Makefile.inc @@ -7,13 +7,10 @@ WPA_SUPPLICANT_DISTDIR?=${WPA_DISTDIR}/wpa_supplicant HOSTAPD_DISTDIR?= ${WPA_DISTDIR}/hostapd .PATH.c:${.CURDIR:H} \ - ${WPA_DISTDIR}/src/ap \ ${WPA_DISTDIR}/src/common \ ${WPA_DISTDIR}/src/crypto \ ${WPA_DISTDIR}/src/eapol_auth \ ${WPA_DISTDIR}/src/eap_common \ - ${WPA_DISTDIR}/src/eap_peer \ - ${WPA_DISTDIR}/src/eap_server \ ${WPA_DISTDIR}/src/eapol_supp \ ${WPA_DISTDIR}/src/l2_packet \ ${WPA_DISTDIR}/src/radius \ @@ -35,5 +32,6 @@ CFLAGS+=-I${WPA_DISTDIR}/src/wps CFLAGS+= -DCONFIG_CTRL_IFACE CFLAGS+= -DCONFIG_CTRL_IFACE_UNIX CFLAGS+= -DNEED_AP_MLME +CFLAGS+= -DTLS_DEFAULT_CIPHERS=\"$(CONFIG_TLS_DEFAULT_CIPHERS)\" .include <bsd.own.mk> diff --git a/usr.sbin/wpa/hostapd/Makefile b/usr.sbin/wpa/hostapd/Makefile index 63200fe72d8b..eace6cb74d3a 100644 --- a/usr.sbin/wpa/hostapd/Makefile +++ b/usr.sbin/wpa/hostapd/Makefile @@ -4,33 +4,90 @@ .include "../Makefile.inc" .PATH.c:${HOSTAPD_DISTDIR} \ - ${WPA_DISTDIR}/src/drivers + ${WPA_DISTDIR}/src/ap \ + ${WPA_DISTDIR}/src/eap_server \ + ${WPA_DISTDIR}/src/eap_peer \ + ${WPA_DISTDIR}/src/drivers \ + ${WPA_DISTDIR}/wpa_supplicant PROG= hostapd -SRCS= accounting.c aes-omac1.c ap_config.c ap_drv_ops.c ap_list.c \ - ap_mlme.c authsrv.c \ - base64.c beacon.c bss_load.c chap.c common.c config_file.c \ +SRCS= accounting.c \ + ap_config.c \ + ap_drv_ops.c \ + ap_list.c \ + ap_mlme.c \ + authsrv.c \ + base64.c \ + beacon.c \ + bss_load.c \ + chap.c \ + common.c \ + config_file.c \ ctrl_iface.c \ - ctrl_iface_ap.c ctrl_iface_common.c dfs.c \ - driver_common.c l2_packet_freebsd.c driver_bsd.c \ - drivers.c drv_callbacks.c eap_common.c eap_peap_common.c \ - eap_register.c eap_server.c eap_server_methods.c eap_user_db.c \ - eapol_auth_dump.c eapol_auth_sm.c eloop.c gas.c gas_serv.c hostapd.c \ - hs20.c http_client.c http_server.c httpread.c \ - hw_features.c hw_features_common.c \ - ieee802_11.c ieee802_11_auth.c ieee802_11_common.c \ - ieee802_11_shared.c ieee802_1x.c \ + ctrl_iface_ap.c \ + ctrl_iface_common.c \ + dfs.c \ + driver_bsd.c \ + driver_common.c \ + drivers.c \ + drv_callbacks.c \ + eloop.c \ + gas.c \ + gas_serv.c \ + http_client.c \ + http_server.c \ + httpread.c \ + hostapd.c \ + hs20.c \ + hw_features.c \ + hw_features_common.c \ + ieee802_11.c \ + ieee802_11_auth.c \ + ieee802_11_common.c \ + ieee802_11_shared.c \ + ieee802_1x.c \ ip_addr.c \ - main.c ms_funcs.c neighbor_db.c \ - os_unix.c peerkey_auth.c pmksa_cache_auth.c \ - preauth_auth.c radius.c radius_client.c radius_das.c rrm.c sta_info.c \ - tkip_countermeasures.c upnp_xml.c utils.c uuid.c \ - vlan.c vlan_ifconfig.c vlan_init.c wmm.c \ - wpa_auth.c wpa_auth_glue.c wpa_auth_ie.c wpa_common.c wpa_debug.c \ - wpabuf.c wps.c wps_attr_build.c wps_attr_parse.c wps_attr_process.c \ - wps_common.c wps_dev_attr.c wps_enrollee.c wps_hostapd.c \ - wps_registrar.c wps_upnp.c wps_upnp_ap.c wps_upnp_event.c \ - wps_upnp_ssdp.c wps_upnp_web.c + l2_packet_freebsd.c \ + main.c \ + ms_funcs.c \ + neighbor_db.c \ + os_unix.c \ + pmksa_cache_auth.c \ + preauth_auth.c \ + radius.c \ + radius_client.c \ + radius_das.c \ + rrm.c \ + sta_info.c \ + tkip_countermeasures.c \ + upnp_xml.c \ + utils.c \ + uuid.c \ + vlan.c \ + vlan_ifconfig.c \ + vlan_init.c \ + wmm.c \ + wpa_auth.c \ + wpa_auth_glue.c \ + wpa_auth_ie.c \ + wpa_common.c \ + wpa_ctrl.c \ + wpa_debug.c \ + wpabuf.c \ + wps.c \ + wps_attr_build.c \ + wps_attr_process.c \ + wps_attr_parse.c \ + wps_common.c \ + wps_dev_attr.c \ + wps_enrollee.c \ + wps_hostapd.c \ + wps_registrar.c \ + wps_upnp.c \ + wps_upnp_ap.c \ + wps_upnp_event.c \ + wps_upnp_ssdp.c \ + wps_upnp_web.c MAN= hostapd.8 hostapd.conf.5 @@ -40,7 +97,9 @@ FILESDIR= ${SHAREDIR}/examples/hostapd FILES= hostapd.conf hostapd.eap_user hostapd.wpa_psk .endif -CFLAGS+=-DCONFIG_DRIVER_BSD \ +CFLAGS+=-I${.CURDIR:H}/wpa_supplicant \ + -I${WPA_DISTDIR}/src/eap_peer \ + -DCONFIG_DRIVER_BSD \ -DCONFIG_DRIVER_RADIUS_ACL \ -DCONFIG_HS20 \ -DCONFIG_INTERWORKING \ @@ -75,15 +134,23 @@ CFLAGS+=-DDPKCS12_FUNCS \ -DEAP_TLS_FUNCS SRCS+= eap_server_gtc.c \ + eap_common.c \ + eap_peap_common.c \ + eap_register.c \ + eap_server.c \ eap_server_identity.c \ eap_server_md5.c \ + eap_server_methods.c \ eap_server_mschapv2.c \ eap_server_peap.c \ eap_server_tls.c \ eap_server_tls_common.c \ eap_server_ttls.c \ eap_server_wsc.c \ - eap_wsc_common.c + eap_user_db.c \ + eap_wsc_common.c \ + eapol_auth_dump.c \ + eapol_auth_sm.c TLS_FUNCS=y .if !empty(CFLAGS:M*-DCONFIG_WPS) diff --git a/usr.sbin/wpa/wpa_cli/Makefile b/usr.sbin/wpa/wpa_cli/Makefile index e90d69f21acb..f6db85ee989e 100644 --- a/usr.sbin/wpa/wpa_cli/Makefile +++ b/usr.sbin/wpa/wpa_cli/Makefile @@ -1,21 +1,41 @@ # $FreeBSD$ +.include <src.opts.mk> + .include "../Makefile.inc" -.PATH.c:${WPA_SUPPLICANT_DISTDIR} +.PATH.c:${WPA_SUPPLICANT_DISTDIR} \ + ${WPA_DISTDIR}/wpa_supplicant \ + ${WPA_DISTDIR}/src/eap_peer \ + ${WPA_DISTDIR}/src/drivers PROG= wpa_cli -SRCS= cli.c common.c edit.c eloop.c os_unix.c wpa_cli.c \ - wpa_ctrl.c wpa_debug.c +SRCS= base64.c bitfield.c blacklist.c bss.c cli.c common.c config.c \ + config_file.c \ + ctrl_iface.c ctrl_iface_common.c ctrl_iface_unix.c \ + drivers.c driver_common.c \ + eap_register.c \ + edit.c eloop.c events.c hw_features_common.c \ + ieee802_11_common.c l2_packet_freebsd.c notify.c \ + op_classes.c \ + os_unix.c rrm.c scan.c wmm_ac.c \ + wpa.c wpa_cli.c \ + wpa_ctrl.c wpa_common.c \ + wpa_debug.c wpa_ie.c wpa_supplicant.c wpabuf.c wpas_glue.c MAN= wpa_cli.8 CFLAGS+= -DCONFIG_CTRL_IFACE CFLAGS+= -DCONFIG_CTRL_IFACE_UNIX +CFLAGS+= -DCONFIG_TLS=openssl # enable use of d_type to identify unix domain sockets CFLAGS+= -D_DIRENT_HAVE_D_TYPE CFLAGS+= -DCONFIG_WPA_CLI_EDIT=y -LIBADD+= util +LIBADD+= pcap util + +TLS_FUNCS=y + +.include "../Makefile.crypto" .include <bsd.prog.mk> diff --git a/usr.sbin/wpa/wpa_supplicant/Makefile b/usr.sbin/wpa/wpa_supplicant/Makefile index bdb8fa9488bf..673e45bec20e 100644 --- a/usr.sbin/wpa/wpa_supplicant/Makefile +++ b/usr.sbin/wpa/wpa_supplicant/Makefile @@ -5,41 +5,30 @@ .include "../Makefile.inc" .PATH.c:${WPA_SUPPLICANT_DISTDIR} \ + ${WPA_DISTDIR}/src/eap_peer \ ${WPA_DISTDIR}/src/drivers PROG= wpa_supplicant -SRCS= accounting.c ap_drv_ops.c ap_config.c ap_list.c \ - ap_mlme.c \ - authsrv.c \ - base64.c beacon.c blacklist.c bss.c bss_load.c common.c config.c \ - config_file.c ctrl_iface.c ctrl_iface_common.c \ - ctrl_iface_unix.c dfs.c driver_bsd.c \ - driver_common.c driver_ndis.c driver_wired.c drivers.c \ - eap_register.c eapol_auth_sm.c eap_server_methods.c eap_server.c \ - eap_user_db.c \ - eloop.c events.c gas.c gas_query.c gas_serv.c hostapd.c hs20.c \ - hs20_supplicant.c http_client.c http_server.c httpread.c \ - hw_features.c hw_features_common.c \ - ieee802_11.c ieee802_11_auth.c ieee802_11_common.c \ - ieee802_11_shared.c ieee802_1x.c \ - interworking.c ip_addr.c l2_packet_freebsd.c main.c \ - neighbor_db.c \ - notify.c offchannel.c os_unix.c peerkey.c peerkey_auth.c \ - pmksa_cache.c \ - pmksa_cache_auth.c \ - preauth.c scan.c radius.c radius_client.c radius_das.c rrm.c \ - sta_info.c \ - tkip_countermeasures.c \ - upnp_xml.c utils.c uuid.c vlan.c vlan_ifconfig.c \ - vlan_init.c wmm.c wmm_ac.c \ - wpa.c wpa_auth.c wpa_auth_ft.c wpa_common.c wpa_debug.c \ - wpa_auth_glue.c wpa_auth_ie.c wpa_ft.c \ - wpa_ie.c wpa_supplicant.c wpabuf.c wpas_glue.c wps.c \ - wps_attr_build.c wps_attr_parse.c wps_attr_process.c \ - wps_common.c wps_dev_attr.c wps_enrollee.c wps_hostapd.c \ - wps_registrar.c \ + +SRCS= base64.c bitfield.c blacklist.c bss.c cli.c common.c \ + config.c config_file.c \ + ctrl_iface.c ctrl_iface_common.c ctrl_iface_unix.c \ + dh_groups.c driver_bsd.c driver_common.c \ + driver_ndis.c driver_wired.c driver_wired_common.c drivers.c \ + eap_register.c eap_wsc.c eap_wsc_common.c eloop.c \ + events.c gas.c gas_query.c hs20_supplicant.c \ + http_client.c http_server.c \ + httpread.c hw_features_common.c \ + ieee802_11_common.c interworking.c l2_packet_freebsd.c main.c \ + notify.c offchannel.c op_classes.c os_unix.c pmksa_cache.c preauth.c \ + rrm.c scan.c upnp_xml.c uuid.c \ + wmm_ac.c wpa.c wpa_common.c wpa_ctrl.c \ + wpa_debug.c wpa_ft.c wpa_ie.c wpa_supplicant.c wpabuf.c wpas_glue.c \ + wps.c wps_attr_build.c wps_attr_parse.c wps_attr_process.c \ + wps_common.c wps_dev_attr.c wps_enrollee.c wps_registrar.c \ wps_supplicant.c wps_upnp.c wps_upnp_ap.c wps_upnp_event.c \ - wps_upnp_ssdp.c wps_upnp_web.c Packet32.c + wps_upnp_ssdp.c wps_upnp_web.c \ + Packet32.c MAN= wpa_supplicant.8 wpa_supplicant.conf.5 |