projects / deliverable / linux.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
mac80211: allow disable FAT in specific configurations
[deliverable/linux.git] / net / mac80211 / mlme.c
1 /*
2 * BSS client mode implementation
3 * Copyright 2003, Jouni Malinen <jkmaline@cc.hut.fi>
4 * Copyright 2004, Instant802 Networks, Inc.
5 * Copyright 2005, Devicescape Software, Inc.
6 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz>
7 * Copyright 2007, Michael Wu <flamingice@sourmilk.net>
8 *
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License version 2 as
11 * published by the Free Software Foundation.
12 */
13
14 /* TODO:
15 * order BSS list by RSSI(?) ("quality of AP")
16 * scan result table filtering (by capability (privacy, IBSS/BSS, WPA/RSN IE,
17 * SSID)
18 */
19 #include <linux/delay.h>
20 #include <linux/if_ether.h>
21 #include <linux/skbuff.h>
22 #include <linux/netdevice.h>
23 #include <linux/if_arp.h>
24 #include <linux/wireless.h>
25 #include <linux/random.h>
26 #include <linux/etherdevice.h>
27 #include <linux/rtnetlink.h>
28 #include <net/iw_handler.h>
29 #include <asm/types.h>
30
31 #include <net/mac80211.h>
32 #include "ieee80211_i.h"
33 #include "rate.h"
34 #include "led.h"
35 #include "mesh.h"
36
37 #define IEEE80211_AUTH_TIMEOUT (HZ / 5)
38 #define IEEE80211_AUTH_MAX_TRIES 3
39 #define IEEE80211_ASSOC_TIMEOUT (HZ / 5)
40 #define IEEE80211_ASSOC_MAX_TRIES 3
41 #define IEEE80211_MONITORING_INTERVAL (2 * HZ)
42 #define IEEE80211_MESH_HOUSEKEEPING_INTERVAL (60 * HZ)
43 #define IEEE80211_PROBE_INTERVAL (60 * HZ)
44 #define IEEE80211_RETRY_AUTH_INTERVAL (1 * HZ)
45 #define IEEE80211_SCAN_INTERVAL (2 * HZ)
46 #define IEEE80211_SCAN_INTERVAL_SLOW (15 * HZ)
47 #define IEEE80211_IBSS_JOIN_TIMEOUT (20 * HZ)
48
49 #define IEEE80211_PROBE_DELAY (HZ / 33)
50 #define IEEE80211_CHANNEL_TIME (HZ / 33)
51 #define IEEE80211_PASSIVE_CHANNEL_TIME (HZ / 5)
52 #define IEEE80211_SCAN_RESULT_EXPIRE (10 * HZ)
53 #define IEEE80211_IBSS_MERGE_INTERVAL (30 * HZ)
54 #define IEEE80211_IBSS_INACTIVITY_LIMIT (60 * HZ)
55 #define IEEE80211_MESH_PEER_INACTIVITY_LIMIT (1800 * HZ)
56
57 #define IEEE80211_IBSS_MAX_STA_ENTRIES 128
58
59
60 #define ERP_INFO_USE_PROTECTION BIT(1)
61
62 /* mgmt header + 1 byte action code */
63 #define IEEE80211_MIN_ACTION_SIZE (24 + 1)
64
65 #define IEEE80211_ADDBA_PARAM_POLICY_MASK 0x0002
66 #define IEEE80211_ADDBA_PARAM_TID_MASK 0x003C
67 #define IEEE80211_ADDBA_PARAM_BUF_SIZE_MASK 0xFFA0
68 #define IEEE80211_DELBA_PARAM_TID_MASK 0xF000
69 #define IEEE80211_DELBA_PARAM_INITIATOR_MASK 0x0800
70
71 /* next values represent the buffer size for A-MPDU frame.
72 * According to IEEE802.11n spec size varies from 8K to 64K (in powers of 2) */
73 #define IEEE80211_MIN_AMPDU_BUF 0x8
74 #define IEEE80211_MAX_AMPDU_BUF 0x40
75
76 static void ieee80211_send_probe_req(struct net_device *dev, u8 *dst,
77 u8 *ssid, size_t ssid_len);
78 static struct ieee80211_sta_bss *
79 ieee80211_rx_bss_get(struct net_device *dev, u8 *bssid, int freq,
80 u8 *ssid, u8 ssid_len);
81 static void ieee80211_rx_bss_put(struct net_device *dev,
82 struct ieee80211_sta_bss *bss);
83 static int ieee80211_sta_find_ibss(struct net_device *dev,
84 struct ieee80211_if_sta *ifsta);
85 static int ieee80211_sta_wep_configured(struct net_device *dev);
86 static int ieee80211_sta_start_scan(struct net_device *dev,
87 u8 *ssid, size_t ssid_len);
88 static int ieee80211_sta_config_auth(struct net_device *dev,
89 struct ieee80211_if_sta *ifsta);
90 static void sta_rx_agg_session_timer_expired(unsigned long data);
91
92
93 void ieee802_11_parse_elems(u8 *start, size_t len,
94 struct ieee802_11_elems *elems)
95 {
96 size_t left = len;
97 u8 *pos = start;
98
99 memset(elems, 0, sizeof(*elems));
100
101 while (left >= 2) {
102 u8 id, elen;
103
104 id = *pos++;
105 elen = *pos++;
106 left -= 2;
107
108 if (elen > left)
109 return;
110
111 switch (id) {
112 case WLAN_EID_SSID:
113 elems->ssid = pos;
114 elems->ssid_len = elen;
115 break;
116 case WLAN_EID_SUPP_RATES:
117 elems->supp_rates = pos;
118 elems->supp_rates_len = elen;
119 break;
120 case WLAN_EID_FH_PARAMS:
121 elems->fh_params = pos;
122 elems->fh_params_len = elen;
123 break;
124 case WLAN_EID_DS_PARAMS:
125 elems->ds_params = pos;
126 elems->ds_params_len = elen;
127 break;
128 case WLAN_EID_CF_PARAMS:
129 elems->cf_params = pos;
130 elems->cf_params_len = elen;
131 break;
132 case WLAN_EID_TIM:
133 elems->tim = pos;
134 elems->tim_len = elen;
135 break;
136 case WLAN_EID_IBSS_PARAMS:
137 elems->ibss_params = pos;
138 elems->ibss_params_len = elen;
139 break;
140 case WLAN_EID_CHALLENGE:
141 elems->challenge = pos;
142 elems->challenge_len = elen;
143 break;
144 case WLAN_EID_WPA:
145 if (elen >= 4 && pos[0] == 0x00 && pos[1] == 0x50 &&
146 pos[2] == 0xf2) {
147 /* Microsoft OUI (00:50:F2) */
148 if (pos[3] == 1) {
149 /* OUI Type 1 - WPA IE */
150 elems->wpa = pos;
151 elems->wpa_len = elen;
152 } else if (elen >= 5 && pos[3] == 2) {
153 if (pos[4] == 0) {
154 elems->wmm_info = pos;
155 elems->wmm_info_len = elen;
156 } else if (pos[4] == 1) {
157 elems->wmm_param = pos;
158 elems->wmm_param_len = elen;
159 }
160 }
161 }
162 break;
163 case WLAN_EID_RSN:
164 elems->rsn = pos;
165 elems->rsn_len = elen;
166 break;
167 case WLAN_EID_ERP_INFO:
168 elems->erp_info = pos;
169 elems->erp_info_len = elen;
170 break;
171 case WLAN_EID_EXT_SUPP_RATES:
172 elems->ext_supp_rates = pos;
173 elems->ext_supp_rates_len = elen;
174 break;
175 case WLAN_EID_HT_CAPABILITY:
176 elems->ht_cap_elem = pos;
177 elems->ht_cap_elem_len = elen;
178 break;
179 case WLAN_EID_HT_EXTRA_INFO:
180 elems->ht_info_elem = pos;
181 elems->ht_info_elem_len = elen;
182 break;
183 case WLAN_EID_MESH_ID:
184 elems->mesh_id = pos;
185 elems->mesh_id_len = elen;
186 break;
187 case WLAN_EID_MESH_CONFIG:
188 elems->mesh_config = pos;
189 elems->mesh_config_len = elen;
190 break;
191 case WLAN_EID_PEER_LINK:
192 elems->peer_link = pos;
193 elems->peer_link_len = elen;
194 break;
195 case WLAN_EID_PREQ:
196 elems->preq = pos;
197 elems->preq_len = elen;
198 break;
199 case WLAN_EID_PREP:
200 elems->prep = pos;
201 elems->prep_len = elen;
202 break;
203 case WLAN_EID_PERR:
204 elems->perr = pos;
205 elems->perr_len = elen;
206 break;
207 default:
208 break;
209 }
210
211 left -= elen;
212 pos += elen;
213 }
214 }
215
216
217 static int ecw2cw(int ecw)
218 {
219 return (1 << ecw) - 1;
220 }
221
222
223 static void ieee80211_sta_def_wmm_params(struct net_device *dev,
224 struct ieee80211_sta_bss *bss,
225 int ibss)
226 {
227 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
228 struct ieee80211_local *local = sdata->local;
229 int i, have_higher_than_11mbit = 0;
230
231
232 /* cf. IEEE 802.11 9.2.12 */
233 for (i = 0; i < bss->supp_rates_len; i++)
234 if ((bss->supp_rates[i] & 0x7f) * 5 > 110)
235 have_higher_than_11mbit = 1;
236
237 if (local->hw.conf.channel->band == IEEE80211_BAND_2GHZ &&
238 have_higher_than_11mbit)
239 sdata->flags |= IEEE80211_SDATA_OPERATING_GMODE;
240 else
241 sdata->flags &= ~IEEE80211_SDATA_OPERATING_GMODE;
242
243
244 if (local->ops->conf_tx) {
245 struct ieee80211_tx_queue_params qparam;
246
247 memset(&qparam, 0, sizeof(qparam));
248
249 qparam.aifs = 2;
250
251 if (local->hw.conf.channel->band == IEEE80211_BAND_2GHZ &&
252 !(sdata->flags & IEEE80211_SDATA_OPERATING_GMODE))
253 qparam.cw_min = 31;
254 else
255 qparam.cw_min = 15;
256
257 qparam.cw_max = 1023;
258 qparam.txop = 0;
259
260 for (i = 0; i < local_to_hw(local)->queues; i++)
261 local->ops->conf_tx(local_to_hw(local), i, &qparam);
262 }
263 }
264
265 static void ieee80211_sta_wmm_params(struct net_device *dev,
266 struct ieee80211_if_sta *ifsta,
267 u8 *wmm_param, size_t wmm_param_len)
268 {
269 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
270 struct ieee80211_tx_queue_params params;
271 size_t left;
272 int count;
273 u8 *pos;
274
275 if (!(ifsta->flags & IEEE80211_STA_WMM_ENABLED))
276 return;
277
278 if (!wmm_param)
279 return;
280
281 if (wmm_param_len < 8 || wmm_param[5] /* version */ != 1)
282 return;
283 count = wmm_param[6] & 0x0f;
284 if (count == ifsta->wmm_last_param_set)
285 return;
286 ifsta->wmm_last_param_set = count;
287
288 pos = wmm_param + 8;
289 left = wmm_param_len - 8;
290
291 memset(&params, 0, sizeof(params));
292
293 if (!local->ops->conf_tx)
294 return;
295
296 local->wmm_acm = 0;
297 for (; left >= 4; left -= 4, pos += 4) {
298 int aci = (pos[0] >> 5) & 0x03;
299 int acm = (pos[0] >> 4) & 0x01;
300 int queue;
301
302 switch (aci) {
303 case 1:
304 queue = 3;
305 if (acm)
306 local->wmm_acm |= BIT(0) | BIT(3);
307 break;
308 case 2:
309 queue = 1;
310 if (acm)
311 local->wmm_acm |= BIT(4) | BIT(5);
312 break;
313 case 3:
314 queue = 0;
315 if (acm)
316 local->wmm_acm |= BIT(6) | BIT(7);
317 break;
318 case 0:
319 default:
320 queue = 2;
321 if (acm)
322 local->wmm_acm |= BIT(1) | BIT(2);
323 break;
324 }
325
326 params.aifs = pos[0] & 0x0f;
327 params.cw_max = ecw2cw((pos[1] & 0xf0) >> 4);
328 params.cw_min = ecw2cw(pos[1] & 0x0f);
329 params.txop = pos[2] | (pos[3] << 8);
330 #ifdef CONFIG_MAC80211_DEBUG
331 printk(KERN_DEBUG "%s: WMM queue=%d aci=%d acm=%d aifs=%d "
332 "cWmin=%d cWmax=%d txop=%d\n",
333 dev->name, queue, aci, acm, params.aifs, params.cw_min,
334 params.cw_max, params.txop);
335 #endif
336 /* TODO: handle ACM (block TX, fallback to next lowest allowed
337 * AC for now) */
338 if (local->ops->conf_tx(local_to_hw(local), queue, &params)) {
339 printk(KERN_DEBUG "%s: failed to set TX queue "
340 "parameters for queue %d\n", dev->name, queue);
341 }
342 }
343 }
344
345 static u32 ieee80211_handle_protect_preamb(struct ieee80211_sub_if_data *sdata,
346 bool use_protection,
347 bool use_short_preamble)
348 {
349 struct ieee80211_bss_conf *bss_conf = &sdata->bss_conf;
350 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
351 DECLARE_MAC_BUF(mac);
352 u32 changed = 0;
353
354 if (use_protection != bss_conf->use_cts_prot) {
355 if (net_ratelimit()) {
356 printk(KERN_DEBUG "%s: CTS protection %s (BSSID="
357 "%s)\n",
358 sdata->dev->name,
359 use_protection ? "enabled" : "disabled",
360 print_mac(mac, ifsta->bssid));
361 }
362 bss_conf->use_cts_prot = use_protection;
363 changed |= BSS_CHANGED_ERP_CTS_PROT;
364 }
365
366 if (use_short_preamble != bss_conf->use_short_preamble) {
367 if (net_ratelimit()) {
368 printk(KERN_DEBUG "%s: switched to %s barker preamble"
369 " (BSSID=%s)\n",
370 sdata->dev->name,
371 use_short_preamble ? "short" : "long",
372 print_mac(mac, ifsta->bssid));
373 }
374 bss_conf->use_short_preamble = use_short_preamble;
375 changed |= BSS_CHANGED_ERP_PREAMBLE;
376 }
377
378 return changed;
379 }
380
381 static u32 ieee80211_handle_erp_ie(struct ieee80211_sub_if_data *sdata,
382 u8 erp_value)
383 {
384 bool use_protection = (erp_value & WLAN_ERP_USE_PROTECTION) != 0;
385 bool use_short_preamble = (erp_value & WLAN_ERP_BARKER_PREAMBLE) == 0;
386
387 return ieee80211_handle_protect_preamb(sdata,
388 use_protection, use_short_preamble);
389 }
390
391 static u32 ieee80211_handle_bss_capability(struct ieee80211_sub_if_data *sdata,
392 struct ieee80211_sta_bss *bss)
393 {
394 u32 changed = 0;
395
396 if (bss->has_erp_value)
397 changed |= ieee80211_handle_erp_ie(sdata, bss->erp_value);
398 else {
399 u16 capab = bss->capability;
400 changed |= ieee80211_handle_protect_preamb(sdata, false,
401 (capab & WLAN_CAPABILITY_SHORT_PREAMBLE) != 0);
402 }
403
404 return changed;
405 }
406
407 int ieee80211_ht_cap_ie_to_ht_info(struct ieee80211_ht_cap *ht_cap_ie,
408 struct ieee80211_ht_info *ht_info)
409 {
410
411 if (ht_info == NULL)
412 return -EINVAL;
413
414 memset(ht_info, 0, sizeof(*ht_info));
415
416 if (ht_cap_ie) {
417 u8 ampdu_info = ht_cap_ie->ampdu_params_info;
418
419 ht_info->ht_supported = 1;
420 ht_info->cap = le16_to_cpu(ht_cap_ie->cap_info);
421 ht_info->ampdu_factor =
422 ampdu_info & IEEE80211_HT_CAP_AMPDU_FACTOR;
423 ht_info->ampdu_density =
424 (ampdu_info & IEEE80211_HT_CAP_AMPDU_DENSITY) >> 2;
425 memcpy(ht_info->supp_mcs_set, ht_cap_ie->supp_mcs_set, 16);
426 } else
427 ht_info->ht_supported = 0;
428
429 return 0;
430 }
431
432 int ieee80211_ht_addt_info_ie_to_ht_bss_info(
433 struct ieee80211_ht_addt_info *ht_add_info_ie,
434 struct ieee80211_ht_bss_info *bss_info)
435 {
436 if (bss_info == NULL)
437 return -EINVAL;
438
439 memset(bss_info, 0, sizeof(*bss_info));
440
441 if (ht_add_info_ie) {
442 u16 op_mode;
443 op_mode = le16_to_cpu(ht_add_info_ie->operation_mode);
444
445 bss_info->primary_channel = ht_add_info_ie->control_chan;
446 bss_info->bss_cap = ht_add_info_ie->ht_param;
447 bss_info->bss_op_mode = (u8)(op_mode & 0xff);
448 }
449
450 return 0;
451 }
452
453 static void ieee80211_sta_send_associnfo(struct net_device *dev,
454 struct ieee80211_if_sta *ifsta)
455 {
456 char *buf;
457 size_t len;
458 int i;
459 union iwreq_data wrqu;
460
461 if (!ifsta->assocreq_ies && !ifsta->assocresp_ies)
462 return;
463
464 buf = kmalloc(50 + 2 * (ifsta->assocreq_ies_len +
465 ifsta->assocresp_ies_len), GFP_KERNEL);
466 if (!buf)
467 return;
468
469 len = sprintf(buf, "ASSOCINFO(");
470 if (ifsta->assocreq_ies) {
471 len += sprintf(buf + len, "ReqIEs=");
472 for (i = 0; i < ifsta->assocreq_ies_len; i++) {
473 len += sprintf(buf + len, "%02x",
474 ifsta->assocreq_ies[i]);
475 }
476 }
477 if (ifsta->assocresp_ies) {
478 if (ifsta->assocreq_ies)
479 len += sprintf(buf + len, " ");
480 len += sprintf(buf + len, "RespIEs=");
481 for (i = 0; i < ifsta->assocresp_ies_len; i++) {
482 len += sprintf(buf + len, "%02x",
483 ifsta->assocresp_ies[i]);
484 }
485 }
486 len += sprintf(buf + len, ")");
487
488 if (len > IW_CUSTOM_MAX) {
489 len = sprintf(buf, "ASSOCRESPIE=");
490 for (i = 0; i < ifsta->assocresp_ies_len; i++) {
491 len += sprintf(buf + len, "%02x",
492 ifsta->assocresp_ies[i]);
493 }
494 }
495
496 memset(&wrqu, 0, sizeof(wrqu));
497 wrqu.data.length = len;
498 wireless_send_event(dev, IWEVCUSTOM, &wrqu, buf);
499
500 kfree(buf);
501 }
502
503
504 static void ieee80211_set_associated(struct net_device *dev,
505 struct ieee80211_if_sta *ifsta,
506 bool assoc)
507 {
508 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
509 struct ieee80211_local *local = sdata->local;
510 struct ieee80211_conf *conf = &local_to_hw(local)->conf;
511 union iwreq_data wrqu;
512 u32 changed = BSS_CHANGED_ASSOC;
513
514 if (assoc) {
515 struct ieee80211_sta_bss *bss;
516
517 ifsta->flags |= IEEE80211_STA_ASSOCIATED;
518
519 if (sdata->vif.type != IEEE80211_IF_TYPE_STA)
520 return;
521
522 bss = ieee80211_rx_bss_get(dev, ifsta->bssid,
523 conf->channel->center_freq,
524 ifsta->ssid, ifsta->ssid_len);
525 if (bss) {
526 /* set timing information */
527 sdata->bss_conf.beacon_int = bss->beacon_int;
528 sdata->bss_conf.timestamp = bss->timestamp;
529
530 changed |= ieee80211_handle_bss_capability(sdata, bss);
531
532 ieee80211_rx_bss_put(dev, bss);
533 }
534
535 if (conf->flags & IEEE80211_CONF_SUPPORT_HT_MODE) {
536 changed |= BSS_CHANGED_HT;
537 sdata->bss_conf.assoc_ht = 1;
538 sdata->bss_conf.ht_conf = &conf->ht_conf;
539 sdata->bss_conf.ht_bss_conf = &conf->ht_bss_conf;
540 }
541
542 netif_carrier_on(dev);
543 ifsta->flags |= IEEE80211_STA_PREV_BSSID_SET;
544 memcpy(ifsta->prev_bssid, sdata->u.sta.bssid, ETH_ALEN);
545 memcpy(wrqu.ap_addr.sa_data, sdata->u.sta.bssid, ETH_ALEN);
546 ieee80211_sta_send_associnfo(dev, ifsta);
547 } else {
548 ieee80211_sta_tear_down_BA_sessions(dev, ifsta->bssid);
549 ifsta->flags &= ~IEEE80211_STA_ASSOCIATED;
550 netif_carrier_off(dev);
551 ieee80211_reset_erp_info(dev);
552
553 sdata->bss_conf.assoc_ht = 0;
554 sdata->bss_conf.ht_conf = NULL;
555 sdata->bss_conf.ht_bss_conf = NULL;
556
557 memset(wrqu.ap_addr.sa_data, 0, ETH_ALEN);
558 }
559 ifsta->last_probe = jiffies;
560 ieee80211_led_assoc(local, assoc);
561
562 sdata->bss_conf.assoc = assoc;
563 ieee80211_bss_info_change_notify(sdata, changed);
564 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
565 wireless_send_event(dev, SIOCGIWAP, &wrqu, NULL);
566 }
567
568 static void ieee80211_set_disassoc(struct net_device *dev,
569 struct ieee80211_if_sta *ifsta, int deauth)
570 {
571 if (deauth)
572 ifsta->auth_tries = 0;
573 ifsta->assoc_tries = 0;
574 ieee80211_set_associated(dev, ifsta, 0);
575 }
576
577 void ieee80211_sta_tx(struct net_device *dev, struct sk_buff *skb,
578 int encrypt)
579 {
580 struct ieee80211_sub_if_data *sdata;
581 struct ieee80211_tx_info *info;
582
583 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
584 skb->dev = sdata->local->mdev;
585 skb_set_mac_header(skb, 0);
586 skb_set_network_header(skb, 0);
587 skb_set_transport_header(skb, 0);
588
589 info = IEEE80211_SKB_CB(skb);
590 memset(info, 0, sizeof(struct ieee80211_tx_info));
591 info->control.ifindex = sdata->dev->ifindex;
592 if (!encrypt)
593 info->flags |= IEEE80211_TX_CTL_DO_NOT_ENCRYPT;
594
595 dev_queue_xmit(skb);
596 }
597
598
599 static void ieee80211_send_auth(struct net_device *dev,
600 struct ieee80211_if_sta *ifsta,
601 int transaction, u8 *extra, size_t extra_len,
602 int encrypt)
603 {
604 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
605 struct sk_buff *skb;
606 struct ieee80211_mgmt *mgmt;
607
608 skb = dev_alloc_skb(local->hw.extra_tx_headroom +
609 sizeof(*mgmt) + 6 + extra_len);
610 if (!skb) {
611 printk(KERN_DEBUG "%s: failed to allocate buffer for auth "
612 "frame\n", dev->name);
613 return;
614 }
615 skb_reserve(skb, local->hw.extra_tx_headroom);
616
617 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24 + 6);
618 memset(mgmt, 0, 24 + 6);
619 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
620 IEEE80211_STYPE_AUTH);
621 if (encrypt)
622 mgmt->frame_control |= cpu_to_le16(IEEE80211_FCTL_PROTECTED);
623 memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
624 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
625 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
626 mgmt->u.auth.auth_alg = cpu_to_le16(ifsta->auth_alg);
627 mgmt->u.auth.auth_transaction = cpu_to_le16(transaction);
628 ifsta->auth_transaction = transaction + 1;
629 mgmt->u.auth.status_code = cpu_to_le16(0);
630 if (extra)
631 memcpy(skb_put(skb, extra_len), extra, extra_len);
632
633 ieee80211_sta_tx(dev, skb, encrypt);
634 }
635
636
637 static void ieee80211_authenticate(struct net_device *dev,
638 struct ieee80211_if_sta *ifsta)
639 {
640 DECLARE_MAC_BUF(mac);
641
642 ifsta->auth_tries++;
643 if (ifsta->auth_tries > IEEE80211_AUTH_MAX_TRIES) {
644 printk(KERN_DEBUG "%s: authentication with AP %s"
645 " timed out\n",
646 dev->name, print_mac(mac, ifsta->bssid));
647 ifsta->state = IEEE80211_DISABLED;
648 return;
649 }
650
651 ifsta->state = IEEE80211_AUTHENTICATE;
652 printk(KERN_DEBUG "%s: authenticate with AP %s\n",
653 dev->name, print_mac(mac, ifsta->bssid));
654
655 ieee80211_send_auth(dev, ifsta, 1, NULL, 0, 0);
656
657 mod_timer(&ifsta->timer, jiffies + IEEE80211_AUTH_TIMEOUT);
658 }
659
660 static int ieee80211_compatible_rates(struct ieee80211_sta_bss *bss,
661 struct ieee80211_supported_band *sband,
662 u64 *rates)
663 {
664 int i, j, count;
665 *rates = 0;
666 count = 0;
667 for (i = 0; i < bss->supp_rates_len; i++) {
668 int rate = (bss->supp_rates[i] & 0x7F) * 5;
669
670 for (j = 0; j < sband->n_bitrates; j++)
671 if (sband->bitrates[j].bitrate == rate) {
672 *rates |= BIT(j);
673 count++;
674 break;
675 }
676 }
677
678 return count;
679 }
680
681 static void ieee80211_send_assoc(struct net_device *dev,
682 struct ieee80211_if_sta *ifsta)
683 {
684 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
685 struct sk_buff *skb;
686 struct ieee80211_mgmt *mgmt;
687 u8 *pos, *ies;
688 int i, len, count, rates_len, supp_rates_len;
689 u16 capab;
690 struct ieee80211_sta_bss *bss;
691 int wmm = 0;
692 struct ieee80211_supported_band *sband;
693 u64 rates = 0;
694
695 skb = dev_alloc_skb(local->hw.extra_tx_headroom +
696 sizeof(*mgmt) + 200 + ifsta->extra_ie_len +
697 ifsta->ssid_len);
698 if (!skb) {
699 printk(KERN_DEBUG "%s: failed to allocate buffer for assoc "
700 "frame\n", dev->name);
701 return;
702 }
703 skb_reserve(skb, local->hw.extra_tx_headroom);
704
705 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
706
707 capab = ifsta->capab;
708
709 if (local->hw.conf.channel->band == IEEE80211_BAND_2GHZ) {
710 if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_SLOT_INCAPABLE))
711 capab |= WLAN_CAPABILITY_SHORT_SLOT_TIME;
712 if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_PREAMBLE_INCAPABLE))
713 capab |= WLAN_CAPABILITY_SHORT_PREAMBLE;
714 }
715
716 bss = ieee80211_rx_bss_get(dev, ifsta->bssid,
717 local->hw.conf.channel->center_freq,
718 ifsta->ssid, ifsta->ssid_len);
719 if (bss) {
720 if (bss->capability & WLAN_CAPABILITY_PRIVACY)
721 capab |= WLAN_CAPABILITY_PRIVACY;
722 if (bss->wmm_ie)
723 wmm = 1;
724 ieee80211_rx_bss_put(dev, bss);
725 }
726
727 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
728 memset(mgmt, 0, 24);
729 memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
730 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
731 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
732
733 if (ifsta->flags & IEEE80211_STA_PREV_BSSID_SET) {
734 skb_put(skb, 10);
735 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
736 IEEE80211_STYPE_REASSOC_REQ);
737 mgmt->u.reassoc_req.capab_info = cpu_to_le16(capab);
738 mgmt->u.reassoc_req.listen_interval = cpu_to_le16(1);
739 memcpy(mgmt->u.reassoc_req.current_ap, ifsta->prev_bssid,
740 ETH_ALEN);
741 } else {
742 skb_put(skb, 4);
743 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
744 IEEE80211_STYPE_ASSOC_REQ);
745 mgmt->u.assoc_req.capab_info = cpu_to_le16(capab);
746 mgmt->u.assoc_req.listen_interval = cpu_to_le16(1);
747 }
748
749 /* SSID */
750 ies = pos = skb_put(skb, 2 + ifsta->ssid_len);
751 *pos++ = WLAN_EID_SSID;
752 *pos++ = ifsta->ssid_len;
753 memcpy(pos, ifsta->ssid, ifsta->ssid_len);
754
755 /* all supported rates should be added here but some APs
756 * (e.g. D-Link DAP 1353 in b-only mode) don't like that
757 * Therefore only add rates the AP supports */
758 rates_len = ieee80211_compatible_rates(bss, sband, &rates);
759 supp_rates_len = rates_len;
760 if (supp_rates_len > 8)
761 supp_rates_len = 8;
762
763 len = sband->n_bitrates;
764 pos = skb_put(skb, supp_rates_len + 2);
765 *pos++ = WLAN_EID_SUPP_RATES;
766 *pos++ = supp_rates_len;
767
768 count = 0;
769 for (i = 0; i < sband->n_bitrates; i++) {
770 if (BIT(i) & rates) {
771 int rate = sband->bitrates[i].bitrate;
772 *pos++ = (u8) (rate / 5);
773 if (++count == 8)
774 break;
775 }
776 }
777
778 if (count == 8) {
779 pos = skb_put(skb, rates_len - count + 2);
780 *pos++ = WLAN_EID_EXT_SUPP_RATES;
781 *pos++ = rates_len - count;
782
783 for (i++; i < sband->n_bitrates; i++) {
784 if (BIT(i) & rates) {
785 int rate = sband->bitrates[i].bitrate;
786 *pos++ = (u8) (rate / 5);
787 }
788 }
789 }
790
791 if (ifsta->extra_ie) {
792 pos = skb_put(skb, ifsta->extra_ie_len);
793 memcpy(pos, ifsta->extra_ie, ifsta->extra_ie_len);
794 }
795
796 if (wmm && (ifsta->flags & IEEE80211_STA_WMM_ENABLED)) {
797 pos = skb_put(skb, 9);
798 *pos++ = WLAN_EID_VENDOR_SPECIFIC;
799 *pos++ = 7; /* len */
800 *pos++ = 0x00; /* Microsoft OUI 00:50:F2 */
801 *pos++ = 0x50;
802 *pos++ = 0xf2;
803 *pos++ = 2; /* WME */
804 *pos++ = 0; /* WME info */
805 *pos++ = 1; /* WME ver */
806 *pos++ = 0;
807 }
808
809 /* wmm support is a must to HT */
810 if (wmm && (ifsta->flags & IEEE80211_STA_WMM_ENABLED) &&
811 sband->ht_info.ht_supported && bss->ht_add_ie) {
812 struct ieee80211_ht_addt_info *ht_add_info =
813 (struct ieee80211_ht_addt_info *)bss->ht_add_ie;
814 u16 cap = sband->ht_info.cap;
815 __le16 tmp;
816 u32 flags = local->hw.conf.channel->flags;
817
818 switch (ht_add_info->ht_param & IEEE80211_HT_IE_CHA_SEC_OFFSET) {
819 case IEEE80211_HT_IE_CHA_SEC_ABOVE:
820 if (flags & IEEE80211_CHAN_NO_FAT_ABOVE) {
821 cap &= ~IEEE80211_HT_CAP_SUP_WIDTH;
822 cap &= ~IEEE80211_HT_CAP_SGI_40;
823 }
824 break;
825 case IEEE80211_HT_IE_CHA_SEC_BELOW:
826 if (flags & IEEE80211_CHAN_NO_FAT_BELOW) {
827 cap &= ~IEEE80211_HT_CAP_SUP_WIDTH;
828 cap &= ~IEEE80211_HT_CAP_SGI_40;
829 }
830 break;
831 }
832
833 tmp = cpu_to_le16(cap);
834 pos = skb_put(skb, sizeof(struct ieee80211_ht_cap)+2);
835 *pos++ = WLAN_EID_HT_CAPABILITY;
836 *pos++ = sizeof(struct ieee80211_ht_cap);
837 memset(pos, 0, sizeof(struct ieee80211_ht_cap));
838 memcpy(pos, &tmp, sizeof(u16));
839 pos += sizeof(u16);
840 /* TODO: needs a define here for << 2 */
841 *pos++ = sband->ht_info.ampdu_factor |
842 (sband->ht_info.ampdu_density << 2);
843 memcpy(pos, sband->ht_info.supp_mcs_set, 16);
844 }
845
846 kfree(ifsta->assocreq_ies);
847 ifsta->assocreq_ies_len = (skb->data + skb->len) - ies;
848 ifsta->assocreq_ies = kmalloc(ifsta->assocreq_ies_len, GFP_KERNEL);
849 if (ifsta->assocreq_ies)
850 memcpy(ifsta->assocreq_ies, ies, ifsta->assocreq_ies_len);
851
852 ieee80211_sta_tx(dev, skb, 0);
853 }
854
855
856 static void ieee80211_send_deauth(struct net_device *dev,
857 struct ieee80211_if_sta *ifsta, u16 reason)
858 {
859 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
860 struct sk_buff *skb;
861 struct ieee80211_mgmt *mgmt;
862
863 skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*mgmt));
864 if (!skb) {
865 printk(KERN_DEBUG "%s: failed to allocate buffer for deauth "
866 "frame\n", dev->name);
867 return;
868 }
869 skb_reserve(skb, local->hw.extra_tx_headroom);
870
871 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
872 memset(mgmt, 0, 24);
873 memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
874 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
875 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
876 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
877 IEEE80211_STYPE_DEAUTH);
878 skb_put(skb, 2);
879 mgmt->u.deauth.reason_code = cpu_to_le16(reason);
880
881 ieee80211_sta_tx(dev, skb, 0);
882 }
883
884
885 static void ieee80211_send_disassoc(struct net_device *dev,
886 struct ieee80211_if_sta *ifsta, u16 reason)
887 {
888 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
889 struct sk_buff *skb;
890 struct ieee80211_mgmt *mgmt;
891
892 skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*mgmt));
893 if (!skb) {
894 printk(KERN_DEBUG "%s: failed to allocate buffer for disassoc "
895 "frame\n", dev->name);
896 return;
897 }
898 skb_reserve(skb, local->hw.extra_tx_headroom);
899
900 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
901 memset(mgmt, 0, 24);
902 memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
903 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
904 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
905 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
906 IEEE80211_STYPE_DISASSOC);
907 skb_put(skb, 2);
908 mgmt->u.disassoc.reason_code = cpu_to_le16(reason);
909
910 ieee80211_sta_tx(dev, skb, 0);
911 }
912
913
914 static int ieee80211_privacy_mismatch(struct net_device *dev,
915 struct ieee80211_if_sta *ifsta)
916 {
917 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
918 struct ieee80211_sta_bss *bss;
919 int bss_privacy;
920 int wep_privacy;
921 int privacy_invoked;
922
923 if (!ifsta || (ifsta->flags & IEEE80211_STA_MIXED_CELL))
924 return 0;
925
926 bss = ieee80211_rx_bss_get(dev, ifsta->bssid,
927 local->hw.conf.channel->center_freq,
928 ifsta->ssid, ifsta->ssid_len);
929 if (!bss)
930 return 0;
931
932 bss_privacy = !!(bss->capability & WLAN_CAPABILITY_PRIVACY);
933 wep_privacy = !!ieee80211_sta_wep_configured(dev);
934 privacy_invoked = !!(ifsta->flags & IEEE80211_STA_PRIVACY_INVOKED);
935
936 ieee80211_rx_bss_put(dev, bss);
937
938 if ((bss_privacy == wep_privacy) || (bss_privacy == privacy_invoked))
939 return 0;
940
941 return 1;
942 }
943
944
945 static void ieee80211_associate(struct net_device *dev,
946 struct ieee80211_if_sta *ifsta)
947 {
948 DECLARE_MAC_BUF(mac);
949
950 ifsta->assoc_tries++;
951 if (ifsta->assoc_tries > IEEE80211_ASSOC_MAX_TRIES) {
952 printk(KERN_DEBUG "%s: association with AP %s"
953 " timed out\n",
954 dev->name, print_mac(mac, ifsta->bssid));
955 ifsta->state = IEEE80211_DISABLED;
956 return;
957 }
958
959 ifsta->state = IEEE80211_ASSOCIATE;
960 printk(KERN_DEBUG "%s: associate with AP %s\n",
961 dev->name, print_mac(mac, ifsta->bssid));
962 if (ieee80211_privacy_mismatch(dev, ifsta)) {
963 printk(KERN_DEBUG "%s: mismatch in privacy configuration and "
964 "mixed-cell disabled - abort association\n", dev->name);
965 ifsta->state = IEEE80211_DISABLED;
966 return;
967 }
968
969 ieee80211_send_assoc(dev, ifsta);
970
971 mod_timer(&ifsta->timer, jiffies + IEEE80211_ASSOC_TIMEOUT);
972 }
973
974
975 static void ieee80211_associated(struct net_device *dev,
976 struct ieee80211_if_sta *ifsta)
977 {
978 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
979 struct sta_info *sta;
980 int disassoc;
981 DECLARE_MAC_BUF(mac);
982
983 /* TODO: start monitoring current AP signal quality and number of
984 * missed beacons. Scan other channels every now and then and search
985 * for better APs. */
986 /* TODO: remove expired BSSes */
987
988 ifsta->state = IEEE80211_ASSOCIATED;
989
990 rcu_read_lock();
991
992 sta = sta_info_get(local, ifsta->bssid);
993 if (!sta) {
994 printk(KERN_DEBUG "%s: No STA entry for own AP %s\n",
995 dev->name, print_mac(mac, ifsta->bssid));
996 disassoc = 1;
997 } else {
998 disassoc = 0;
999 if (time_after(jiffies,
1000 sta->last_rx + IEEE80211_MONITORING_INTERVAL)) {
1001 if (ifsta->flags & IEEE80211_STA_PROBEREQ_POLL) {
1002 printk(KERN_DEBUG "%s: No ProbeResp from "
1003 "current AP %s - assume out of "
1004 "range\n",
1005 dev->name, print_mac(mac, ifsta->bssid));
1006 disassoc = 1;
1007 sta_info_unlink(&sta);
1008 } else
1009 ieee80211_send_probe_req(dev, ifsta->bssid,
1010 local->scan_ssid,
1011 local->scan_ssid_len);
1012 ifsta->flags ^= IEEE80211_STA_PROBEREQ_POLL;
1013 } else {
1014 ifsta->flags &= ~IEEE80211_STA_PROBEREQ_POLL;
1015 if (time_after(jiffies, ifsta->last_probe +
1016 IEEE80211_PROBE_INTERVAL)) {
1017 ifsta->last_probe = jiffies;
1018 ieee80211_send_probe_req(dev, ifsta->bssid,
1019 ifsta->ssid,
1020 ifsta->ssid_len);
1021 }
1022 }
1023 }
1024
1025 rcu_read_unlock();
1026
1027 if (disassoc && sta)
1028 sta_info_destroy(sta);
1029
1030 if (disassoc) {
1031 ifsta->state = IEEE80211_DISABLED;
1032 ieee80211_set_associated(dev, ifsta, 0);
1033 } else {
1034 mod_timer(&ifsta->timer, jiffies +
1035 IEEE80211_MONITORING_INTERVAL);
1036 }
1037 }
1038
1039
1040 static void ieee80211_send_probe_req(struct net_device *dev, u8 *dst,
1041 u8 *ssid, size_t ssid_len)
1042 {
1043 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1044 struct ieee80211_supported_band *sband;
1045 struct sk_buff *skb;
1046 struct ieee80211_mgmt *mgmt;
1047 u8 *pos, *supp_rates, *esupp_rates = NULL;
1048 int i;
1049
1050 skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*mgmt) + 200);
1051 if (!skb) {
1052 printk(KERN_DEBUG "%s: failed to allocate buffer for probe "
1053 "request\n", dev->name);
1054 return;
1055 }
1056 skb_reserve(skb, local->hw.extra_tx_headroom);
1057
1058 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
1059 memset(mgmt, 0, 24);
1060 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
1061 IEEE80211_STYPE_PROBE_REQ);
1062 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
1063 if (dst) {
1064 memcpy(mgmt->da, dst, ETH_ALEN);
1065 memcpy(mgmt->bssid, dst, ETH_ALEN);
1066 } else {
1067 memset(mgmt->da, 0xff, ETH_ALEN);
1068 memset(mgmt->bssid, 0xff, ETH_ALEN);
1069 }
1070 pos = skb_put(skb, 2 + ssid_len);
1071 *pos++ = WLAN_EID_SSID;
1072 *pos++ = ssid_len;
1073 memcpy(pos, ssid, ssid_len);
1074
1075 supp_rates = skb_put(skb, 2);
1076 supp_rates[0] = WLAN_EID_SUPP_RATES;
1077 supp_rates[1] = 0;
1078 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
1079
1080 for (i = 0; i < sband->n_bitrates; i++) {
1081 struct ieee80211_rate *rate = &sband->bitrates[i];
1082 if (esupp_rates) {
1083 pos = skb_put(skb, 1);
1084 esupp_rates[1]++;
1085 } else if (supp_rates[1] == 8) {
1086 esupp_rates = skb_put(skb, 3);
1087 esupp_rates[0] = WLAN_EID_EXT_SUPP_RATES;
1088 esupp_rates[1] = 1;
1089 pos = &esupp_rates[2];
1090 } else {
1091 pos = skb_put(skb, 1);
1092 supp_rates[1]++;
1093 }
1094 *pos = rate->bitrate / 5;
1095 }
1096
1097 ieee80211_sta_tx(dev, skb, 0);
1098 }
1099
1100
1101 static int ieee80211_sta_wep_configured(struct net_device *dev)
1102 {
1103 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1104 if (!sdata || !sdata->default_key ||
1105 sdata->default_key->conf.alg != ALG_WEP)
1106 return 0;
1107 return 1;
1108 }
1109
1110
1111 static void ieee80211_auth_completed(struct net_device *dev,
1112 struct ieee80211_if_sta *ifsta)
1113 {
1114 printk(KERN_DEBUG "%s: authenticated\n", dev->name);
1115 ifsta->flags |= IEEE80211_STA_AUTHENTICATED;
1116 ieee80211_associate(dev, ifsta);
1117 }
1118
1119
1120 static void ieee80211_auth_challenge(struct net_device *dev,
1121 struct ieee80211_if_sta *ifsta,
1122 struct ieee80211_mgmt *mgmt,
1123 size_t len)
1124 {
1125 u8 *pos;
1126 struct ieee802_11_elems elems;
1127
1128 printk(KERN_DEBUG "%s: replying to auth challenge\n", dev->name);
1129 pos = mgmt->u.auth.variable;
1130 ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems);
1131 if (!elems.challenge) {
1132 printk(KERN_DEBUG "%s: no challenge IE in shared key auth "
1133 "frame\n", dev->name);
1134 return;
1135 }
1136 ieee80211_send_auth(dev, ifsta, 3, elems.challenge - 2,
1137 elems.challenge_len + 2, 1);
1138 }
1139
1140 static void ieee80211_send_addba_resp(struct net_device *dev, u8 *da, u16 tid,
1141 u8 dialog_token, u16 status, u16 policy,
1142 u16 buf_size, u16 timeout)
1143 {
1144 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1145 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
1146 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1147 struct sk_buff *skb;
1148 struct ieee80211_mgmt *mgmt;
1149 u16 capab;
1150
1151 skb = dev_alloc_skb(sizeof(*mgmt) + local->hw.extra_tx_headroom);
1152
1153 if (!skb) {
1154 printk(KERN_DEBUG "%s: failed to allocate buffer "
1155 "for addba resp frame\n", dev->name);
1156 return;
1157 }
1158
1159 skb_reserve(skb, local->hw.extra_tx_headroom);
1160 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
1161 memset(mgmt, 0, 24);
1162 memcpy(mgmt->da, da, ETH_ALEN);
1163 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
1164 if (sdata->vif.type == IEEE80211_IF_TYPE_AP)
1165 memcpy(mgmt->bssid, dev->dev_addr, ETH_ALEN);
1166 else
1167 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
1168 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
1169 IEEE80211_STYPE_ACTION);
1170
1171 skb_put(skb, 1 + sizeof(mgmt->u.action.u.addba_resp));
1172 mgmt->u.action.category = WLAN_CATEGORY_BACK;
1173 mgmt->u.action.u.addba_resp.action_code = WLAN_ACTION_ADDBA_RESP;
1174 mgmt->u.action.u.addba_resp.dialog_token = dialog_token;
1175
1176 capab = (u16)(policy << 1); /* bit 1 aggregation policy */
1177 capab |= (u16)(tid << 2); /* bit 5:2 TID number */
1178 capab |= (u16)(buf_size << 6); /* bit 15:6 max size of aggregation */
1179
1180 mgmt->u.action.u.addba_resp.capab = cpu_to_le16(capab);
1181 mgmt->u.action.u.addba_resp.timeout = cpu_to_le16(timeout);
1182 mgmt->u.action.u.addba_resp.status = cpu_to_le16(status);
1183
1184 ieee80211_sta_tx(dev, skb, 0);
1185
1186 return;
1187 }
1188
1189 void ieee80211_send_addba_request(struct net_device *dev, const u8 *da,
1190 u16 tid, u8 dialog_token, u16 start_seq_num,
1191 u16 agg_size, u16 timeout)
1192 {
1193 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1194 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1195 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
1196 struct sk_buff *skb;
1197 struct ieee80211_mgmt *mgmt;
1198 u16 capab;
1199
1200 skb = dev_alloc_skb(sizeof(*mgmt) + local->hw.extra_tx_headroom);
1201
1202 if (!skb) {
1203 printk(KERN_ERR "%s: failed to allocate buffer "
1204 "for addba request frame\n", dev->name);
1205 return;
1206 }
1207 skb_reserve(skb, local->hw.extra_tx_headroom);
1208 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
1209 memset(mgmt, 0, 24);
1210 memcpy(mgmt->da, da, ETH_ALEN);
1211 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
1212 if (sdata->vif.type == IEEE80211_IF_TYPE_AP)
1213 memcpy(mgmt->bssid, dev->dev_addr, ETH_ALEN);
1214 else
1215 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
1216
1217 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
1218 IEEE80211_STYPE_ACTION);
1219
1220 skb_put(skb, 1 + sizeof(mgmt->u.action.u.addba_req));
1221
1222 mgmt->u.action.category = WLAN_CATEGORY_BACK;
1223 mgmt->u.action.u.addba_req.action_code = WLAN_ACTION_ADDBA_REQ;
1224
1225 mgmt->u.action.u.addba_req.dialog_token = dialog_token;
1226 capab = (u16)(1 << 1); /* bit 1 aggregation policy */
1227 capab |= (u16)(tid << 2); /* bit 5:2 TID number */
1228 capab |= (u16)(agg_size << 6); /* bit 15:6 max size of aggergation */
1229
1230 mgmt->u.action.u.addba_req.capab = cpu_to_le16(capab);
1231
1232 mgmt->u.action.u.addba_req.timeout = cpu_to_le16(timeout);
1233 mgmt->u.action.u.addba_req.start_seq_num =
1234 cpu_to_le16(start_seq_num << 4);
1235
1236 ieee80211_sta_tx(dev, skb, 0);
1237 }
1238
1239 static void ieee80211_sta_process_addba_request(struct net_device *dev,
1240 struct ieee80211_mgmt *mgmt,
1241 size_t len)
1242 {
1243 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1244 struct ieee80211_hw *hw = &local->hw;
1245 struct ieee80211_conf *conf = &hw->conf;
1246 struct sta_info *sta;
1247 struct tid_ampdu_rx *tid_agg_rx;
1248 u16 capab, tid, timeout, ba_policy, buf_size, start_seq_num, status;
1249 u8 dialog_token;
1250 int ret = -EOPNOTSUPP;
1251 DECLARE_MAC_BUF(mac);
1252
1253 rcu_read_lock();
1254
1255 sta = sta_info_get(local, mgmt->sa);
1256 if (!sta) {
1257 rcu_read_unlock();
1258 return;
1259 }
1260
1261 /* extract session parameters from addba request frame */
1262 dialog_token = mgmt->u.action.u.addba_req.dialog_token;
1263 timeout = le16_to_cpu(mgmt->u.action.u.addba_req.timeout);
1264 start_seq_num =
1265 le16_to_cpu(mgmt->u.action.u.addba_req.start_seq_num) >> 4;
1266
1267 capab = le16_to_cpu(mgmt->u.action.u.addba_req.capab);
1268 ba_policy = (capab & IEEE80211_ADDBA_PARAM_POLICY_MASK) >> 1;
1269 tid = (capab & IEEE80211_ADDBA_PARAM_TID_MASK) >> 2;
1270 buf_size = (capab & IEEE80211_ADDBA_PARAM_BUF_SIZE_MASK) >> 6;
1271
1272 status = WLAN_STATUS_REQUEST_DECLINED;
1273
1274 /* sanity check for incoming parameters:
1275 * check if configuration can support the BA policy
1276 * and if buffer size does not exceeds max value */
1277 if (((ba_policy != 1)
1278 && (!(conf->ht_conf.cap & IEEE80211_HT_CAP_DELAY_BA)))
1279 || (buf_size > IEEE80211_MAX_AMPDU_BUF)) {
1280 status = WLAN_STATUS_INVALID_QOS_PARAM;
1281 #ifdef CONFIG_MAC80211_HT_DEBUG
1282 if (net_ratelimit())
1283 printk(KERN_DEBUG "AddBA Req with bad params from "
1284 "%s on tid %u. policy %d, buffer size %d\n",
1285 print_mac(mac, mgmt->sa), tid, ba_policy,
1286 buf_size);
1287 #endif /* CONFIG_MAC80211_HT_DEBUG */
1288 goto end_no_lock;
1289 }
1290 /* determine default buffer size */
1291 if (buf_size == 0) {
1292 struct ieee80211_supported_band *sband;
1293
1294 sband = local->hw.wiphy->bands[conf->channel->band];
1295 buf_size = IEEE80211_MIN_AMPDU_BUF;
1296 buf_size = buf_size << sband->ht_info.ampdu_factor;
1297 }
1298
1299
1300 /* examine state machine */
1301 spin_lock_bh(&sta->lock);
1302
1303 if (sta->ampdu_mlme.tid_state_rx[tid] != HT_AGG_STATE_IDLE) {
1304 #ifdef CONFIG_MAC80211_HT_DEBUG
1305 if (net_ratelimit())
1306 printk(KERN_DEBUG "unexpected AddBA Req from "
1307 "%s on tid %u\n",
1308 print_mac(mac, mgmt->sa), tid);
1309 #endif /* CONFIG_MAC80211_HT_DEBUG */
1310 goto end;
1311 }
1312
1313 /* prepare A-MPDU MLME for Rx aggregation */
1314 sta->ampdu_mlme.tid_rx[tid] =
1315 kmalloc(sizeof(struct tid_ampdu_rx), GFP_ATOMIC);
1316 if (!sta->ampdu_mlme.tid_rx[tid]) {
1317 if (net_ratelimit())
1318 printk(KERN_ERR "allocate rx mlme to tid %d failed\n",
1319 tid);
1320 goto end;
1321 }
1322 /* rx timer */
1323 sta->ampdu_mlme.tid_rx[tid]->session_timer.function =
1324 sta_rx_agg_session_timer_expired;
1325 sta->ampdu_mlme.tid_rx[tid]->session_timer.data =
1326 (unsigned long)&sta->timer_to_tid[tid];
1327 init_timer(&sta->ampdu_mlme.tid_rx[tid]->session_timer);
1328
1329 tid_agg_rx = sta->ampdu_mlme.tid_rx[tid];
1330
1331 /* prepare reordering buffer */
1332 tid_agg_rx->reorder_buf =
1333 kmalloc(buf_size * sizeof(struct sk_buf *), GFP_ATOMIC);
1334 if (!tid_agg_rx->reorder_buf) {
1335 if (net_ratelimit())
1336 printk(KERN_ERR "can not allocate reordering buffer "
1337 "to tid %d\n", tid);
1338 kfree(sta->ampdu_mlme.tid_rx[tid]);
1339 goto end;
1340 }
1341 memset(tid_agg_rx->reorder_buf, 0,
1342 buf_size * sizeof(struct sk_buf *));
1343
1344 if (local->ops->ampdu_action)
1345 ret = local->ops->ampdu_action(hw, IEEE80211_AMPDU_RX_START,
1346 sta->addr, tid, &start_seq_num);
1347 #ifdef CONFIG_MAC80211_HT_DEBUG
1348 printk(KERN_DEBUG "Rx A-MPDU request on tid %d result %d\n", tid, ret);
1349 #endif /* CONFIG_MAC80211_HT_DEBUG */
1350
1351 if (ret) {
1352 kfree(tid_agg_rx->reorder_buf);
1353 kfree(tid_agg_rx);
1354 sta->ampdu_mlme.tid_rx[tid] = NULL;
1355 goto end;
1356 }
1357
1358 /* change state and send addba resp */
1359 sta->ampdu_mlme.tid_state_rx[tid] = HT_AGG_STATE_OPERATIONAL;
1360 tid_agg_rx->dialog_token = dialog_token;
1361 tid_agg_rx->ssn = start_seq_num;
1362 tid_agg_rx->head_seq_num = start_seq_num;
1363 tid_agg_rx->buf_size = buf_size;
1364 tid_agg_rx->timeout = timeout;
1365 tid_agg_rx->stored_mpdu_num = 0;
1366 status = WLAN_STATUS_SUCCESS;
1367 end:
1368 spin_unlock_bh(&sta->lock);
1369
1370 end_no_lock:
1371 ieee80211_send_addba_resp(sta->sdata->dev, sta->addr, tid,
1372 dialog_token, status, 1, buf_size, timeout);
1373 rcu_read_unlock();
1374 }
1375
1376 static void ieee80211_sta_process_addba_resp(struct net_device *dev,
1377 struct ieee80211_mgmt *mgmt,
1378 size_t len)
1379 {
1380 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1381 struct ieee80211_hw *hw = &local->hw;
1382 struct sta_info *sta;
1383 u16 capab;
1384 u16 tid;
1385 u8 *state;
1386
1387 rcu_read_lock();
1388
1389 sta = sta_info_get(local, mgmt->sa);
1390 if (!sta) {
1391 rcu_read_unlock();
1392 return;
1393 }
1394
1395 capab = le16_to_cpu(mgmt->u.action.u.addba_resp.capab);
1396 tid = (capab & IEEE80211_ADDBA_PARAM_TID_MASK) >> 2;
1397
1398 state = &sta->ampdu_mlme.tid_state_tx[tid];
1399
1400 spin_lock_bh(&sta->lock);
1401
1402 if (!(*state & HT_ADDBA_REQUESTED_MSK)) {
1403 spin_unlock_bh(&sta->lock);
1404 printk(KERN_DEBUG "state not HT_ADDBA_REQUESTED_MSK:"
1405 "%d\n", *state);
1406 goto addba_resp_exit;
1407 }
1408
1409 if (mgmt->u.action.u.addba_resp.dialog_token !=
1410 sta->ampdu_mlme.tid_tx[tid]->dialog_token) {
1411 spin_unlock_bh(&sta->lock);
1412 #ifdef CONFIG_MAC80211_HT_DEBUG
1413 printk(KERN_DEBUG "wrong addBA response token, tid %d\n", tid);
1414 #endif /* CONFIG_MAC80211_HT_DEBUG */
1415 goto addba_resp_exit;
1416 }
1417
1418 del_timer_sync(&sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer);
1419 #ifdef CONFIG_MAC80211_HT_DEBUG
1420 printk(KERN_DEBUG "switched off addBA timer for tid %d \n", tid);
1421 #endif /* CONFIG_MAC80211_HT_DEBUG */
1422 if (le16_to_cpu(mgmt->u.action.u.addba_resp.status)
1423 == WLAN_STATUS_SUCCESS) {
1424 if (*state & HT_ADDBA_RECEIVED_MSK)
1425 printk(KERN_DEBUG "double addBA response\n");
1426
1427 *state |= HT_ADDBA_RECEIVED_MSK;
1428 sta->ampdu_mlme.addba_req_num[tid] = 0;
1429
1430 if (*state == HT_AGG_STATE_OPERATIONAL) {
1431 printk(KERN_DEBUG "Aggregation on for tid %d \n", tid);
1432 ieee80211_wake_queue(hw, sta->tid_to_tx_q[tid]);
1433 }
1434
1435 spin_unlock_bh(&sta->lock);
1436 printk(KERN_DEBUG "recipient accepted agg: tid %d \n", tid);
1437 } else {
1438 printk(KERN_DEBUG "recipient rejected agg: tid %d \n", tid);
1439
1440 sta->ampdu_mlme.addba_req_num[tid]++;
1441 /* this will allow the state check in stop_BA_session */
1442 *state = HT_AGG_STATE_OPERATIONAL;
1443 spin_unlock_bh(&sta->lock);
1444 ieee80211_stop_tx_ba_session(hw, sta->addr, tid,
1445 WLAN_BACK_INITIATOR);
1446 }
1447
1448 addba_resp_exit:
1449 rcu_read_unlock();
1450 }
1451
1452 void ieee80211_send_delba(struct net_device *dev, const u8 *da, u16 tid,
1453 u16 initiator, u16 reason_code)
1454 {
1455 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1456 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1457 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
1458 struct sk_buff *skb;
1459 struct ieee80211_mgmt *mgmt;
1460 u16 params;
1461
1462 skb = dev_alloc_skb(sizeof(*mgmt) + local->hw.extra_tx_headroom);
1463
1464 if (!skb) {
1465 printk(KERN_ERR "%s: failed to allocate buffer "
1466 "for delba frame\n", dev->name);
1467 return;
1468 }
1469
1470 skb_reserve(skb, local->hw.extra_tx_headroom);
1471 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
1472 memset(mgmt, 0, 24);
1473 memcpy(mgmt->da, da, ETH_ALEN);
1474 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
1475 if (sdata->vif.type == IEEE80211_IF_TYPE_AP)
1476 memcpy(mgmt->bssid, dev->dev_addr, ETH_ALEN);
1477 else
1478 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
1479 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
1480 IEEE80211_STYPE_ACTION);
1481
1482 skb_put(skb, 1 + sizeof(mgmt->u.action.u.delba));
1483
1484 mgmt->u.action.category = WLAN_CATEGORY_BACK;
1485 mgmt->u.action.u.delba.action_code = WLAN_ACTION_DELBA;
1486 params = (u16)(initiator << 11); /* bit 11 initiator */
1487 params |= (u16)(tid << 12); /* bit 15:12 TID number */
1488
1489 mgmt->u.action.u.delba.params = cpu_to_le16(params);
1490 mgmt->u.action.u.delba.reason_code = cpu_to_le16(reason_code);
1491
1492 ieee80211_sta_tx(dev, skb, 0);
1493 }
1494
1495 void ieee80211_sta_stop_rx_ba_session(struct net_device *dev, u8 *ra, u16 tid,
1496 u16 initiator, u16 reason)
1497 {
1498 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1499 struct ieee80211_hw *hw = &local->hw;
1500 struct sta_info *sta;
1501 int ret, i;
1502 DECLARE_MAC_BUF(mac);
1503
1504 rcu_read_lock();
1505
1506 sta = sta_info_get(local, ra);
1507 if (!sta) {
1508 rcu_read_unlock();
1509 return;
1510 }
1511
1512 /* check if TID is in operational state */
1513 spin_lock_bh(&sta->lock);
1514 if (sta->ampdu_mlme.tid_state_rx[tid]
1515 != HT_AGG_STATE_OPERATIONAL) {
1516 spin_unlock_bh(&sta->lock);
1517 rcu_read_unlock();
1518 return;
1519 }
1520 sta->ampdu_mlme.tid_state_rx[tid] =
1521 HT_AGG_STATE_REQ_STOP_BA_MSK |
1522 (initiator << HT_AGG_STATE_INITIATOR_SHIFT);
1523 spin_unlock_bh(&sta->lock);
1524
1525 /* stop HW Rx aggregation. ampdu_action existence
1526 * already verified in session init so we add the BUG_ON */
1527 BUG_ON(!local->ops->ampdu_action);
1528
1529 #ifdef CONFIG_MAC80211_HT_DEBUG
1530 printk(KERN_DEBUG "Rx BA session stop requested for %s tid %u\n",
1531 print_mac(mac, ra), tid);
1532 #endif /* CONFIG_MAC80211_HT_DEBUG */
1533
1534 ret = local->ops->ampdu_action(hw, IEEE80211_AMPDU_RX_STOP,
1535 ra, tid, NULL);
1536 if (ret)
1537 printk(KERN_DEBUG "HW problem - can not stop rx "
1538 "aggergation for tid %d\n", tid);
1539
1540 /* shutdown timer has not expired */
1541 if (initiator != WLAN_BACK_TIMER)
1542 del_timer_sync(&sta->ampdu_mlme.tid_rx[tid]->session_timer);
1543
1544 /* check if this is a self generated aggregation halt */
1545 if (initiator == WLAN_BACK_RECIPIENT || initiator == WLAN_BACK_TIMER)
1546 ieee80211_send_delba(dev, ra, tid, 0, reason);
1547
1548 /* free the reordering buffer */
1549 for (i = 0; i < sta->ampdu_mlme.tid_rx[tid]->buf_size; i++) {
1550 if (sta->ampdu_mlme.tid_rx[tid]->reorder_buf[i]) {
1551 /* release the reordered frames */
1552 dev_kfree_skb(sta->ampdu_mlme.tid_rx[tid]->reorder_buf[i]);
1553 sta->ampdu_mlme.tid_rx[tid]->stored_mpdu_num--;
1554 sta->ampdu_mlme.tid_rx[tid]->reorder_buf[i] = NULL;
1555 }
1556 }
1557 /* free resources */
1558 kfree(sta->ampdu_mlme.tid_rx[tid]->reorder_buf);
1559 kfree(sta->ampdu_mlme.tid_rx[tid]);
1560 sta->ampdu_mlme.tid_rx[tid] = NULL;
1561 sta->ampdu_mlme.tid_state_rx[tid] = HT_AGG_STATE_IDLE;
1562
1563 rcu_read_unlock();
1564 }
1565
1566
1567 static void ieee80211_sta_process_delba(struct net_device *dev,
1568 struct ieee80211_mgmt *mgmt, size_t len)
1569 {
1570 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1571 struct sta_info *sta;
1572 u16 tid, params;
1573 u16 initiator;
1574 DECLARE_MAC_BUF(mac);
1575
1576 rcu_read_lock();
1577
1578 sta = sta_info_get(local, mgmt->sa);
1579 if (!sta) {
1580 rcu_read_unlock();
1581 return;
1582 }
1583
1584 params = le16_to_cpu(mgmt->u.action.u.delba.params);
1585 tid = (params & IEEE80211_DELBA_PARAM_TID_MASK) >> 12;
1586 initiator = (params & IEEE80211_DELBA_PARAM_INITIATOR_MASK) >> 11;
1587
1588 #ifdef CONFIG_MAC80211_HT_DEBUG
1589 if (net_ratelimit())
1590 printk(KERN_DEBUG "delba from %s (%s) tid %d reason code %d\n",
1591 print_mac(mac, mgmt->sa),
1592 initiator ? "initiator" : "recipient", tid,
1593 mgmt->u.action.u.delba.reason_code);
1594 #endif /* CONFIG_MAC80211_HT_DEBUG */
1595
1596 if (initiator == WLAN_BACK_INITIATOR)
1597 ieee80211_sta_stop_rx_ba_session(dev, sta->addr, tid,
1598 WLAN_BACK_INITIATOR, 0);
1599 else { /* WLAN_BACK_RECIPIENT */
1600 spin_lock_bh(&sta->lock);
1601 sta->ampdu_mlme.tid_state_tx[tid] =
1602 HT_AGG_STATE_OPERATIONAL;
1603 spin_unlock_bh(&sta->lock);
1604 ieee80211_stop_tx_ba_session(&local->hw, sta->addr, tid,
1605 WLAN_BACK_RECIPIENT);
1606 }
1607 rcu_read_unlock();
1608 }
1609
1610 /*
1611 * After sending add Block Ack request we activated a timer until
1612 * add Block Ack response will arrive from the recipient.
1613 * If this timer expires sta_addba_resp_timer_expired will be executed.
1614 */
1615 void sta_addba_resp_timer_expired(unsigned long data)
1616 {
1617 /* not an elegant detour, but there is no choice as the timer passes
1618 * only one argument, and both sta_info and TID are needed, so init
1619 * flow in sta_info_create gives the TID as data, while the timer_to_id
1620 * array gives the sta through container_of */
1621 u16 tid = *(int *)data;
1622 struct sta_info *temp_sta = container_of((void *)data,
1623 struct sta_info, timer_to_tid[tid]);
1624
1625 struct ieee80211_local *local = temp_sta->local;
1626 struct ieee80211_hw *hw = &local->hw;
1627 struct sta_info *sta;
1628 u8 *state;
1629
1630 rcu_read_lock();
1631
1632 sta = sta_info_get(local, temp_sta->addr);
1633 if (!sta) {
1634 rcu_read_unlock();
1635 return;
1636 }
1637
1638 state = &sta->ampdu_mlme.tid_state_tx[tid];
1639 /* check if the TID waits for addBA response */
1640 spin_lock_bh(&sta->lock);
1641 if (!(*state & HT_ADDBA_REQUESTED_MSK)) {
1642 spin_unlock_bh(&sta->lock);
1643 *state = HT_AGG_STATE_IDLE;
1644 printk(KERN_DEBUG "timer expired on tid %d but we are not "
1645 "expecting addBA response there", tid);
1646 goto timer_expired_exit;
1647 }
1648
1649 printk(KERN_DEBUG "addBA response timer expired on tid %d\n", tid);
1650
1651 /* go through the state check in stop_BA_session */
1652 *state = HT_AGG_STATE_OPERATIONAL;
1653 spin_unlock_bh(&sta->lock);
1654 ieee80211_stop_tx_ba_session(hw, temp_sta->addr, tid,
1655 WLAN_BACK_INITIATOR);
1656
1657 timer_expired_exit:
1658 rcu_read_unlock();
1659 }
1660
1661 /*
1662 * After accepting the AddBA Request we activated a timer,
1663 * resetting it after each frame that arrives from the originator.
1664 * if this timer expires ieee80211_sta_stop_rx_ba_session will be executed.
1665 */
1666 static void sta_rx_agg_session_timer_expired(unsigned long data)
1667 {
1668 /* not an elegant detour, but there is no choice as the timer passes
1669 * only one argument, and verious sta_info are needed here, so init
1670 * flow in sta_info_create gives the TID as data, while the timer_to_id
1671 * array gives the sta through container_of */
1672 u8 *ptid = (u8 *)data;
1673 u8 *timer_to_id = ptid - *ptid;
1674 struct sta_info *sta = container_of(timer_to_id, struct sta_info,
1675 timer_to_tid[0]);
1676
1677 printk(KERN_DEBUG "rx session timer expired on tid %d\n", (u16)*ptid);
1678 ieee80211_sta_stop_rx_ba_session(sta->sdata->dev, sta->addr,
1679 (u16)*ptid, WLAN_BACK_TIMER,
1680 WLAN_REASON_QSTA_TIMEOUT);
1681 }
1682
1683 void ieee80211_sta_tear_down_BA_sessions(struct net_device *dev, u8 *addr)
1684 {
1685 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1686 int i;
1687
1688 for (i = 0; i < STA_TID_NUM; i++) {
1689 ieee80211_stop_tx_ba_session(&local->hw, addr, i,
1690 WLAN_BACK_INITIATOR);
1691 ieee80211_sta_stop_rx_ba_session(dev, addr, i,
1692 WLAN_BACK_RECIPIENT,
1693 WLAN_REASON_QSTA_LEAVE_QBSS);
1694 }
1695 }
1696
1697 static void ieee80211_rx_mgmt_auth(struct net_device *dev,
1698 struct ieee80211_if_sta *ifsta,
1699 struct ieee80211_mgmt *mgmt,
1700 size_t len)
1701 {
1702 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1703 u16 auth_alg, auth_transaction, status_code;
1704 DECLARE_MAC_BUF(mac);
1705
1706 if (ifsta->state != IEEE80211_AUTHENTICATE &&
1707 sdata->vif.type != IEEE80211_IF_TYPE_IBSS) {
1708 printk(KERN_DEBUG "%s: authentication frame received from "
1709 "%s, but not in authenticate state - ignored\n",
1710 dev->name, print_mac(mac, mgmt->sa));
1711 return;
1712 }
1713
1714 if (len < 24 + 6) {
1715 printk(KERN_DEBUG "%s: too short (%zd) authentication frame "
1716 "received from %s - ignored\n",
1717 dev->name, len, print_mac(mac, mgmt->sa));
1718 return;
1719 }
1720
1721 if (sdata->vif.type != IEEE80211_IF_TYPE_IBSS &&
1722 memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN) != 0) {
1723 printk(KERN_DEBUG "%s: authentication frame received from "
1724 "unknown AP (SA=%s BSSID=%s) - "
1725 "ignored\n", dev->name, print_mac(mac, mgmt->sa),
1726 print_mac(mac, mgmt->bssid));
1727 return;
1728 }
1729
1730 if (sdata->vif.type != IEEE80211_IF_TYPE_IBSS &&
1731 memcmp(ifsta->bssid, mgmt->bssid, ETH_ALEN) != 0) {
1732 printk(KERN_DEBUG "%s: authentication frame received from "
1733 "unknown BSSID (SA=%s BSSID=%s) - "
1734 "ignored\n", dev->name, print_mac(mac, mgmt->sa),
1735 print_mac(mac, mgmt->bssid));
1736 return;
1737 }
1738
1739 auth_alg = le16_to_cpu(mgmt->u.auth.auth_alg);
1740 auth_transaction = le16_to_cpu(mgmt->u.auth.auth_transaction);
1741 status_code = le16_to_cpu(mgmt->u.auth.status_code);
1742
1743 printk(KERN_DEBUG "%s: RX authentication from %s (alg=%d "
1744 "transaction=%d status=%d)\n",
1745 dev->name, print_mac(mac, mgmt->sa), auth_alg,
1746 auth_transaction, status_code);
1747
1748 if (sdata->vif.type == IEEE80211_IF_TYPE_IBSS) {
1749 /* IEEE 802.11 standard does not require authentication in IBSS
1750 * networks and most implementations do not seem to use it.
1751 * However, try to reply to authentication attempts if someone
1752 * has actually implemented this.
1753 * TODO: Could implement shared key authentication. */
1754 if (auth_alg != WLAN_AUTH_OPEN || auth_transaction != 1) {
1755 printk(KERN_DEBUG "%s: unexpected IBSS authentication "
1756 "frame (alg=%d transaction=%d)\n",
1757 dev->name, auth_alg, auth_transaction);
1758 return;
1759 }
1760 ieee80211_send_auth(dev, ifsta, 2, NULL, 0, 0);
1761 }
1762
1763 if (auth_alg != ifsta->auth_alg ||
1764 auth_transaction != ifsta->auth_transaction) {
1765 printk(KERN_DEBUG "%s: unexpected authentication frame "
1766 "(alg=%d transaction=%d)\n",
1767 dev->name, auth_alg, auth_transaction);
1768 return;
1769 }
1770
1771 if (status_code != WLAN_STATUS_SUCCESS) {
1772 printk(KERN_DEBUG "%s: AP denied authentication (auth_alg=%d "
1773 "code=%d)\n", dev->name, ifsta->auth_alg, status_code);
1774 if (status_code == WLAN_STATUS_NOT_SUPPORTED_AUTH_ALG) {
1775 u8 algs[3];
1776 const int num_algs = ARRAY_SIZE(algs);
1777 int i, pos;
1778 algs[0] = algs[1] = algs[2] = 0xff;
1779 if (ifsta->auth_algs & IEEE80211_AUTH_ALG_OPEN)
1780 algs[0] = WLAN_AUTH_OPEN;
1781 if (ifsta->auth_algs & IEEE80211_AUTH_ALG_SHARED_KEY)
1782 algs[1] = WLAN_AUTH_SHARED_KEY;
1783 if (ifsta->auth_algs & IEEE80211_AUTH_ALG_LEAP)
1784 algs[2] = WLAN_AUTH_LEAP;
1785 if (ifsta->auth_alg == WLAN_AUTH_OPEN)
1786 pos = 0;
1787 else if (ifsta->auth_alg == WLAN_AUTH_SHARED_KEY)
1788 pos = 1;
1789 else
1790 pos = 2;
1791 for (i = 0; i < num_algs; i++) {
1792 pos++;
1793 if (pos >= num_algs)
1794 pos = 0;
1795 if (algs[pos] == ifsta->auth_alg ||
1796 algs[pos] == 0xff)
1797 continue;
1798 if (algs[pos] == WLAN_AUTH_SHARED_KEY &&
1799 !ieee80211_sta_wep_configured(dev))
1800 continue;
1801 ifsta->auth_alg = algs[pos];
1802 printk(KERN_DEBUG "%s: set auth_alg=%d for "
1803 "next try\n",
1804 dev->name, ifsta->auth_alg);
1805 break;
1806 }
1807 }
1808 return;
1809 }
1810
1811 switch (ifsta->auth_alg) {
1812 case WLAN_AUTH_OPEN:
1813 case WLAN_AUTH_LEAP:
1814 ieee80211_auth_completed(dev, ifsta);
1815 break;
1816 case WLAN_AUTH_SHARED_KEY:
1817 if (ifsta->auth_transaction == 4)
1818 ieee80211_auth_completed(dev, ifsta);
1819 else
1820 ieee80211_auth_challenge(dev, ifsta, mgmt, len);
1821 break;
1822 }
1823 }
1824
1825
1826 static void ieee80211_rx_mgmt_deauth(struct net_device *dev,
1827 struct ieee80211_if_sta *ifsta,
1828 struct ieee80211_mgmt *mgmt,
1829 size_t len)
1830 {
1831 u16 reason_code;
1832 DECLARE_MAC_BUF(mac);
1833
1834 if (len < 24 + 2) {
1835 printk(KERN_DEBUG "%s: too short (%zd) deauthentication frame "
1836 "received from %s - ignored\n",
1837 dev->name, len, print_mac(mac, mgmt->sa));
1838 return;
1839 }
1840
1841 if (memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN) != 0) {
1842 printk(KERN_DEBUG "%s: deauthentication frame received from "
1843 "unknown AP (SA=%s BSSID=%s) - "
1844 "ignored\n", dev->name, print_mac(mac, mgmt->sa),
1845 print_mac(mac, mgmt->bssid));
1846 return;
1847 }
1848
1849 reason_code = le16_to_cpu(mgmt->u.deauth.reason_code);
1850
1851 printk(KERN_DEBUG "%s: RX deauthentication from %s"
1852 " (reason=%d)\n",
1853 dev->name, print_mac(mac, mgmt->sa), reason_code);
1854
1855 if (ifsta->flags & IEEE80211_STA_AUTHENTICATED)
1856 printk(KERN_DEBUG "%s: deauthenticated\n", dev->name);
1857
1858 if (ifsta->state == IEEE80211_AUTHENTICATE ||
1859 ifsta->state == IEEE80211_ASSOCIATE ||
1860 ifsta->state == IEEE80211_ASSOCIATED) {
1861 ifsta->state = IEEE80211_AUTHENTICATE;
1862 mod_timer(&ifsta->timer, jiffies +
1863 IEEE80211_RETRY_AUTH_INTERVAL);
1864 }
1865
1866 ieee80211_set_disassoc(dev, ifsta, 1);
1867 ifsta->flags &= ~IEEE80211_STA_AUTHENTICATED;
1868 }
1869
1870
1871 static void ieee80211_rx_mgmt_disassoc(struct net_device *dev,
1872 struct ieee80211_if_sta *ifsta,
1873 struct ieee80211_mgmt *mgmt,
1874 size_t len)
1875 {
1876 u16 reason_code;
1877 DECLARE_MAC_BUF(mac);
1878
1879 if (len < 24 + 2) {
1880 printk(KERN_DEBUG "%s: too short (%zd) disassociation frame "
1881 "received from %s - ignored\n",
1882 dev->name, len, print_mac(mac, mgmt->sa));
1883 return;
1884 }
1885
1886 if (memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN) != 0) {
1887 printk(KERN_DEBUG "%s: disassociation frame received from "
1888 "unknown AP (SA=%s BSSID=%s) - "
1889 "ignored\n", dev->name, print_mac(mac, mgmt->sa),
1890 print_mac(mac, mgmt->bssid));
1891 return;
1892 }
1893
1894 reason_code = le16_to_cpu(mgmt->u.disassoc.reason_code);
1895
1896 printk(KERN_DEBUG "%s: RX disassociation from %s"
1897 " (reason=%d)\n",
1898 dev->name, print_mac(mac, mgmt->sa), reason_code);
1899
1900 if (ifsta->flags & IEEE80211_STA_ASSOCIATED)
1901 printk(KERN_DEBUG "%s: disassociated\n", dev->name);
1902
1903 if (ifsta->state == IEEE80211_ASSOCIATED) {
1904 ifsta->state = IEEE80211_ASSOCIATE;
1905 mod_timer(&ifsta->timer, jiffies +
1906 IEEE80211_RETRY_AUTH_INTERVAL);
1907 }
1908
1909 ieee80211_set_disassoc(dev, ifsta, 0);
1910 }
1911
1912
1913 static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
1914 struct ieee80211_if_sta *ifsta,
1915 struct ieee80211_mgmt *mgmt,
1916 size_t len,
1917 int reassoc)
1918 {
1919 struct ieee80211_local *local = sdata->local;
1920 struct net_device *dev = sdata->dev;
1921 struct ieee80211_supported_band *sband;
1922 struct sta_info *sta;
1923 u64 rates, basic_rates;
1924 u16 capab_info, status_code, aid;
1925 struct ieee802_11_elems elems;
1926 struct ieee80211_bss_conf *bss_conf = &sdata->bss_conf;
1927 u8 *pos;
1928 int i, j;
1929 DECLARE_MAC_BUF(mac);
1930 bool have_higher_than_11mbit = false;
1931
1932 /* AssocResp and ReassocResp have identical structure, so process both
1933 * of them in this function. */
1934
1935 if (ifsta->state != IEEE80211_ASSOCIATE) {
1936 printk(KERN_DEBUG "%s: association frame received from "
1937 "%s, but not in associate state - ignored\n",
1938 dev->name, print_mac(mac, mgmt->sa));
1939 return;
1940 }
1941
1942 if (len < 24 + 6) {
1943 printk(KERN_DEBUG "%s: too short (%zd) association frame "
1944 "received from %s - ignored\n",
1945 dev->name, len, print_mac(mac, mgmt->sa));
1946 return;
1947 }
1948
1949 if (memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN) != 0) {
1950 printk(KERN_DEBUG "%s: association frame received from "
1951 "unknown AP (SA=%s BSSID=%s) - "
1952 "ignored\n", dev->name, print_mac(mac, mgmt->sa),
1953 print_mac(mac, mgmt->bssid));
1954 return;
1955 }
1956
1957 capab_info = le16_to_cpu(mgmt->u.assoc_resp.capab_info);
1958 status_code = le16_to_cpu(mgmt->u.assoc_resp.status_code);
1959 aid = le16_to_cpu(mgmt->u.assoc_resp.aid);
1960
1961 printk(KERN_DEBUG "%s: RX %sssocResp from %s (capab=0x%x "
1962 "status=%d aid=%d)\n",
1963 dev->name, reassoc ? "Rea" : "A", print_mac(mac, mgmt->sa),
1964 capab_info, status_code, (u16)(aid & ~(BIT(15) | BIT(14))));
1965
1966 if (status_code != WLAN_STATUS_SUCCESS) {
1967 printk(KERN_DEBUG "%s: AP denied association (code=%d)\n",
1968 dev->name, status_code);
1969 /* if this was a reassociation, ensure we try a "full"
1970 * association next time. This works around some broken APs
1971 * which do not correctly reject reassociation requests. */
1972 ifsta->flags &= ~IEEE80211_STA_PREV_BSSID_SET;
1973 return;
1974 }
1975
1976 if ((aid & (BIT(15) | BIT(14))) != (BIT(15) | BIT(14)))
1977 printk(KERN_DEBUG "%s: invalid aid value %d; bits 15:14 not "
1978 "set\n", dev->name, aid);
1979 aid &= ~(BIT(15) | BIT(14));
1980
1981 pos = mgmt->u.assoc_resp.variable;
1982 ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems);
1983
1984 if (!elems.supp_rates) {
1985 printk(KERN_DEBUG "%s: no SuppRates element in AssocResp\n",
1986 dev->name);
1987 return;
1988 }
1989
1990 printk(KERN_DEBUG "%s: associated\n", dev->name);
1991 ifsta->aid = aid;
1992 ifsta->ap_capab = capab_info;
1993
1994 kfree(ifsta->assocresp_ies);
1995 ifsta->assocresp_ies_len = len - (pos - (u8 *) mgmt);
1996 ifsta->assocresp_ies = kmalloc(ifsta->assocresp_ies_len, GFP_KERNEL);
1997 if (ifsta->assocresp_ies)
1998 memcpy(ifsta->assocresp_ies, pos, ifsta->assocresp_ies_len);
1999
2000 rcu_read_lock();
2001
2002 /* Add STA entry for the AP */
2003 sta = sta_info_get(local, ifsta->bssid);
2004 if (!sta) {
2005 struct ieee80211_sta_bss *bss;
2006 int err;
2007
2008 sta = sta_info_alloc(sdata, ifsta->bssid, GFP_ATOMIC);
2009 if (!sta) {
2010 printk(KERN_DEBUG "%s: failed to alloc STA entry for"
2011 " the AP\n", dev->name);
2012 rcu_read_unlock();
2013 return;
2014 }
2015 bss = ieee80211_rx_bss_get(dev, ifsta->bssid,
2016 local->hw.conf.channel->center_freq,
2017 ifsta->ssid, ifsta->ssid_len);
2018 if (bss) {
2019 sta->last_signal = bss->signal;
2020 sta->last_qual = bss->qual;
2021 sta->last_noise = bss->noise;
2022 ieee80211_rx_bss_put(dev, bss);
2023 }
2024
2025 err = sta_info_insert(sta);
2026 if (err) {
2027 printk(KERN_DEBUG "%s: failed to insert STA entry for"
2028 " the AP (error %d)\n", dev->name, err);
2029 rcu_read_unlock();
2030 return;
2031 }
2032 }
2033
2034 /*
2035 * FIXME: Do we really need to update the sta_info's information here?
2036 * We already know about the AP (we found it in our list) so it
2037 * should already be filled with the right info, no?
2038 * As is stands, all this is racy because typically we assume
2039 * the information that is filled in here (except flags) doesn't
2040 * change while a STA structure is alive. As such, it should move
2041 * to between the sta_info_alloc() and sta_info_insert() above.
2042 */
2043
2044 set_sta_flags(sta, WLAN_STA_AUTH | WLAN_STA_ASSOC | WLAN_STA_ASSOC_AP |
2045 WLAN_STA_AUTHORIZED);
2046
2047 rates = 0;
2048 basic_rates = 0;
2049 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
2050
2051 for (i = 0; i < elems.supp_rates_len; i++) {
2052 int rate = (elems.supp_rates[i] & 0x7f) * 5;
2053
2054 if (rate > 110)
2055 have_higher_than_11mbit = true;
2056
2057 for (j = 0; j < sband->n_bitrates; j++) {
2058 if (sband->bitrates[j].bitrate == rate)
2059 rates |= BIT(j);
2060 if (elems.supp_rates[i] & 0x80)
2061 basic_rates |= BIT(j);
2062 }
2063 }
2064
2065 for (i = 0; i < elems.ext_supp_rates_len; i++) {
2066 int rate = (elems.ext_supp_rates[i] & 0x7f) * 5;
2067
2068 if (rate > 110)
2069 have_higher_than_11mbit = true;
2070
2071 for (j = 0; j < sband->n_bitrates; j++) {
2072 if (sband->bitrates[j].bitrate == rate)
2073 rates |= BIT(j);
2074 if (elems.ext_supp_rates[i] & 0x80)
2075 basic_rates |= BIT(j);
2076 }
2077 }
2078
2079 sta->supp_rates[local->hw.conf.channel->band] = rates;
2080 sdata->basic_rates = basic_rates;
2081
2082 /* cf. IEEE 802.11 9.2.12 */
2083 if (local->hw.conf.channel->band == IEEE80211_BAND_2GHZ &&
2084 have_higher_than_11mbit)
2085 sdata->flags |= IEEE80211_SDATA_OPERATING_GMODE;
2086 else
2087 sdata->flags &= ~IEEE80211_SDATA_OPERATING_GMODE;
2088
2089 if (elems.ht_cap_elem && elems.ht_info_elem && elems.wmm_param &&
2090 (ifsta->flags & IEEE80211_STA_WMM_ENABLED)) {
2091 struct ieee80211_ht_bss_info bss_info;
2092 ieee80211_ht_cap_ie_to_ht_info(
2093 (struct ieee80211_ht_cap *)
2094 elems.ht_cap_elem, &sta->ht_info);
2095 ieee80211_ht_addt_info_ie_to_ht_bss_info(
2096 (struct ieee80211_ht_addt_info *)
2097 elems.ht_info_elem, &bss_info);
2098 ieee80211_handle_ht(local, 1, &sta->ht_info, &bss_info);
2099 }
2100
2101 rate_control_rate_init(sta, local);
2102
2103 if (elems.wmm_param) {
2104 set_sta_flags(sta, WLAN_STA_WME);
2105 rcu_read_unlock();
2106 ieee80211_sta_wmm_params(dev, ifsta, elems.wmm_param,
2107 elems.wmm_param_len);
2108 } else
2109 rcu_read_unlock();
2110
2111 /* set AID and assoc capability,
2112 * ieee80211_set_associated() will tell the driver */
2113 bss_conf->aid = aid;
2114 bss_conf->assoc_capability = capab_info;
2115 ieee80211_set_associated(dev, ifsta, 1);
2116
2117 ieee80211_associated(dev, ifsta);
2118 }
2119
2120
2121 /* Caller must hold local->sta_bss_lock */
2122 static void __ieee80211_rx_bss_hash_add(struct net_device *dev,
2123 struct ieee80211_sta_bss *bss)
2124 {
2125 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2126 u8 hash_idx;
2127
2128 if (bss_mesh_cfg(bss))
2129 hash_idx = mesh_id_hash(bss_mesh_id(bss),
2130 bss_mesh_id_len(bss));
2131 else
2132 hash_idx = STA_HASH(bss->bssid);
2133
2134 bss->hnext = local->sta_bss_hash[hash_idx];
2135 local->sta_bss_hash[hash_idx] = bss;
2136 }
2137
2138
2139 /* Caller must hold local->sta_bss_lock */
2140 static void __ieee80211_rx_bss_hash_del(struct net_device *dev,
2141 struct ieee80211_sta_bss *bss)
2142 {
2143 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2144 struct ieee80211_sta_bss *b, *prev = NULL;
2145 b = local->sta_bss_hash[STA_HASH(bss->bssid)];
2146 while (b) {
2147 if (b == bss) {
2148 if (!prev)
2149 local->sta_bss_hash[STA_HASH(bss->bssid)] =
2150 bss->hnext;
2151 else
2152 prev->hnext = bss->hnext;
2153 break;
2154 }
2155 prev = b;
2156 b = b->hnext;
2157 }
2158 }
2159
2160
2161 static struct ieee80211_sta_bss *
2162 ieee80211_rx_bss_add(struct net_device *dev, u8 *bssid, int freq,
2163 u8 *ssid, u8 ssid_len)
2164 {
2165 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2166 struct ieee80211_sta_bss *bss;
2167
2168 bss = kzalloc(sizeof(*bss), GFP_ATOMIC);
2169 if (!bss)
2170 return NULL;
2171 atomic_inc(&bss->users);
2172 atomic_inc(&bss->users);
2173 memcpy(bss->bssid, bssid, ETH_ALEN);
2174 bss->freq = freq;
2175 if (ssid && ssid_len <= IEEE80211_MAX_SSID_LEN) {
2176 memcpy(bss->ssid, ssid, ssid_len);
2177 bss->ssid_len = ssid_len;
2178 }
2179
2180 spin_lock_bh(&local->sta_bss_lock);
2181 /* TODO: order by RSSI? */
2182 list_add_tail(&bss->list, &local->sta_bss_list);
2183 __ieee80211_rx_bss_hash_add(dev, bss);
2184 spin_unlock_bh(&local->sta_bss_lock);
2185 return bss;
2186 }
2187
2188 static struct ieee80211_sta_bss *
2189 ieee80211_rx_bss_get(struct net_device *dev, u8 *bssid, int freq,
2190 u8 *ssid, u8 ssid_len)
2191 {
2192 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2193 struct ieee80211_sta_bss *bss;
2194
2195 spin_lock_bh(&local->sta_bss_lock);
2196 bss = local->sta_bss_hash[STA_HASH(bssid)];
2197 while (bss) {
2198 if (!bss_mesh_cfg(bss) &&
2199 !memcmp(bss->bssid, bssid, ETH_ALEN) &&
2200 bss->freq == freq &&
2201 bss->ssid_len == ssid_len &&
2202 (ssid_len == 0 || !memcmp(bss->ssid, ssid, ssid_len))) {
2203 atomic_inc(&bss->users);
2204 break;
2205 }
2206 bss = bss->hnext;
2207 }
2208 spin_unlock_bh(&local->sta_bss_lock);
2209 return bss;
2210 }
2211
2212 #ifdef CONFIG_MAC80211_MESH
2213 static struct ieee80211_sta_bss *
2214 ieee80211_rx_mesh_bss_get(struct net_device *dev, u8 *mesh_id, int mesh_id_len,
2215 u8 *mesh_cfg, int freq)
2216 {
2217 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2218 struct ieee80211_sta_bss *bss;
2219
2220 spin_lock_bh(&local->sta_bss_lock);
2221 bss = local->sta_bss_hash[mesh_id_hash(mesh_id, mesh_id_len)];
2222 while (bss) {
2223 if (bss_mesh_cfg(bss) &&
2224 !memcmp(bss_mesh_cfg(bss), mesh_cfg, MESH_CFG_CMP_LEN) &&
2225 bss->freq == freq &&
2226 mesh_id_len == bss->mesh_id_len &&
2227 (mesh_id_len == 0 || !memcmp(bss->mesh_id, mesh_id,
2228 mesh_id_len))) {
2229 atomic_inc(&bss->users);
2230 break;
2231 }
2232 bss = bss->hnext;
2233 }
2234 spin_unlock_bh(&local->sta_bss_lock);
2235 return bss;
2236 }
2237
2238 static struct ieee80211_sta_bss *
2239 ieee80211_rx_mesh_bss_add(struct net_device *dev, u8 *mesh_id, int mesh_id_len,
2240 u8 *mesh_cfg, int mesh_config_len, int freq)
2241 {
2242 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2243 struct ieee80211_sta_bss *bss;
2244
2245 if (mesh_config_len != MESH_CFG_LEN)
2246 return NULL;
2247
2248 bss = kzalloc(sizeof(*bss), GFP_ATOMIC);
2249 if (!bss)
2250 return NULL;
2251
2252 bss->mesh_cfg = kmalloc(MESH_CFG_CMP_LEN, GFP_ATOMIC);
2253 if (!bss->mesh_cfg) {
2254 kfree(bss);
2255 return NULL;
2256 }
2257
2258 if (mesh_id_len && mesh_id_len <= IEEE80211_MAX_MESH_ID_LEN) {
2259 bss->mesh_id = kmalloc(mesh_id_len, GFP_ATOMIC);
2260 if (!bss->mesh_id) {
2261 kfree(bss->mesh_cfg);
2262 kfree(bss);
2263 return NULL;
2264 }
2265 memcpy(bss->mesh_id, mesh_id, mesh_id_len);
2266 }
2267
2268 atomic_inc(&bss->users);
2269 atomic_inc(&bss->users);
2270 memcpy(bss->mesh_cfg, mesh_cfg, MESH_CFG_CMP_LEN);
2271 bss->mesh_id_len = mesh_id_len;
2272 bss->freq = freq;
2273 spin_lock_bh(&local->sta_bss_lock);
2274 /* TODO: order by RSSI? */
2275 list_add_tail(&bss->list, &local->sta_bss_list);
2276 __ieee80211_rx_bss_hash_add(dev, bss);
2277 spin_unlock_bh(&local->sta_bss_lock);
2278 return bss;
2279 }
2280 #endif
2281
2282 static void ieee80211_rx_bss_free(struct ieee80211_sta_bss *bss)
2283 {
2284 kfree(bss->wpa_ie);
2285 kfree(bss->rsn_ie);
2286 kfree(bss->wmm_ie);
2287 kfree(bss->ht_ie);
2288 kfree(bss->ht_add_ie);
2289 kfree(bss_mesh_id(bss));
2290 kfree(bss_mesh_cfg(bss));
2291 kfree(bss);
2292 }
2293
2294
2295 static void ieee80211_rx_bss_put(struct net_device *dev,
2296 struct ieee80211_sta_bss *bss)
2297 {
2298 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2299
2300 local_bh_disable();
2301 if (!atomic_dec_and_lock(&bss->users, &local->sta_bss_lock)) {
2302 local_bh_enable();
2303 return;
2304 }
2305
2306 __ieee80211_rx_bss_hash_del(dev, bss);
2307 list_del(&bss->list);
2308 spin_unlock_bh(&local->sta_bss_lock);
2309 ieee80211_rx_bss_free(bss);
2310 }
2311
2312
2313 void ieee80211_rx_bss_list_init(struct net_device *dev)
2314 {
2315 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2316 spin_lock_init(&local->sta_bss_lock);
2317 INIT_LIST_HEAD(&local->sta_bss_list);
2318 }
2319
2320
2321 void ieee80211_rx_bss_list_deinit(struct net_device *dev)
2322 {
2323 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2324 struct ieee80211_sta_bss *bss, *tmp;
2325
2326 list_for_each_entry_safe(bss, tmp, &local->sta_bss_list, list)
2327 ieee80211_rx_bss_put(dev, bss);
2328 }
2329
2330
2331 static int ieee80211_sta_join_ibss(struct net_device *dev,
2332 struct ieee80211_if_sta *ifsta,
2333 struct ieee80211_sta_bss *bss)
2334 {
2335 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2336 int res, rates, i, j;
2337 struct sk_buff *skb;
2338 struct ieee80211_mgmt *mgmt;
2339 struct ieee80211_tx_info *control;
2340 struct rate_selection ratesel;
2341 u8 *pos;
2342 struct ieee80211_sub_if_data *sdata;
2343 struct ieee80211_supported_band *sband;
2344
2345 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
2346
2347 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2348
2349 /* Remove possible STA entries from other IBSS networks. */
2350 sta_info_flush_delayed(sdata);
2351
2352 if (local->ops->reset_tsf) {
2353 /* Reset own TSF to allow time synchronization work. */
2354 local->ops->reset_tsf(local_to_hw(local));
2355 }
2356 memcpy(ifsta->bssid, bss->bssid, ETH_ALEN);
2357 res = ieee80211_if_config(dev);
2358 if (res)
2359 return res;
2360
2361 local->hw.conf.beacon_int = bss->beacon_int >= 10 ? bss->beacon_int : 10;
2362
2363 sdata->drop_unencrypted = bss->capability &
2364 WLAN_CAPABILITY_PRIVACY ? 1 : 0;
2365
2366 res = ieee80211_set_freq(local, bss->freq);
2367
2368 if (local->oper_channel->flags & IEEE80211_CHAN_NO_IBSS) {
2369 printk(KERN_DEBUG "%s: IBSS not allowed on frequency "
2370 "%d MHz\n", dev->name, local->oper_channel->center_freq);
2371 return -1;
2372 }
2373
2374 /* Set beacon template */
2375 skb = dev_alloc_skb(local->hw.extra_tx_headroom + 400);
2376 do {
2377 if (!skb)
2378 break;
2379
2380 skb_reserve(skb, local->hw.extra_tx_headroom);
2381
2382 mgmt = (struct ieee80211_mgmt *)
2383 skb_put(skb, 24 + sizeof(mgmt->u.beacon));
2384 memset(mgmt, 0, 24 + sizeof(mgmt->u.beacon));
2385 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
2386 IEEE80211_STYPE_BEACON);
2387 memset(mgmt->da, 0xff, ETH_ALEN);
2388 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
2389 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
2390 mgmt->u.beacon.beacon_int =
2391 cpu_to_le16(local->hw.conf.beacon_int);
2392 mgmt->u.beacon.capab_info = cpu_to_le16(bss->capability);
2393
2394 pos = skb_put(skb, 2 + ifsta->ssid_len);
2395 *pos++ = WLAN_EID_SSID;
2396 *pos++ = ifsta->ssid_len;
2397 memcpy(pos, ifsta->ssid, ifsta->ssid_len);
2398
2399 rates = bss->supp_rates_len;
2400 if (rates > 8)
2401 rates = 8;
2402 pos = skb_put(skb, 2 + rates);
2403 *pos++ = WLAN_EID_SUPP_RATES;
2404 *pos++ = rates;
2405 memcpy(pos, bss->supp_rates, rates);
2406
2407 if (bss->band == IEEE80211_BAND_2GHZ) {
2408 pos = skb_put(skb, 2 + 1);
2409 *pos++ = WLAN_EID_DS_PARAMS;
2410 *pos++ = 1;
2411 *pos++ = ieee80211_frequency_to_channel(bss->freq);
2412 }
2413
2414 pos = skb_put(skb, 2 + 2);
2415 *pos++ = WLAN_EID_IBSS_PARAMS;
2416 *pos++ = 2;
2417 /* FIX: set ATIM window based on scan results */
2418 *pos++ = 0;
2419 *pos++ = 0;
2420
2421 if (bss->supp_rates_len > 8) {
2422 rates = bss->supp_rates_len - 8;
2423 pos = skb_put(skb, 2 + rates);
2424 *pos++ = WLAN_EID_EXT_SUPP_RATES;
2425 *pos++ = rates;
2426 memcpy(pos, &bss->supp_rates[8], rates);
2427 }
2428
2429 control = IEEE80211_SKB_CB(skb);
2430
2431 rate_control_get_rate(dev, sband, skb, &ratesel);
2432 if (ratesel.rate_idx < 0) {
2433 printk(KERN_DEBUG "%s: Failed to determine TX rate "
2434 "for IBSS beacon\n", dev->name);
2435 break;
2436 }
2437 control->control.vif = &sdata->vif;
2438 control->tx_rate_idx = ratesel.rate_idx;
2439 if (sdata->bss_conf.use_short_preamble &&
2440 sband->bitrates[ratesel.rate_idx].flags & IEEE80211_RATE_SHORT_PREAMBLE)
2441 control->flags |= IEEE80211_TX_CTL_SHORT_PREAMBLE;
2442 control->antenna_sel_tx = local->hw.conf.antenna_sel_tx;
2443 control->flags |= IEEE80211_TX_CTL_NO_ACK;
2444 control->control.retry_limit = 1;
2445
2446 ifsta->probe_resp = skb_copy(skb, GFP_ATOMIC);
2447 if (ifsta->probe_resp) {
2448 mgmt = (struct ieee80211_mgmt *)
2449 ifsta->probe_resp->data;
2450 mgmt->frame_control =
2451 IEEE80211_FC(IEEE80211_FTYPE_MGMT,
2452 IEEE80211_STYPE_PROBE_RESP);
2453 } else {
2454 printk(KERN_DEBUG "%s: Could not allocate ProbeResp "
2455 "template for IBSS\n", dev->name);
2456 }
2457
2458 if (local->ops->beacon_update &&
2459 local->ops->beacon_update(local_to_hw(local), skb) == 0) {
2460 printk(KERN_DEBUG "%s: Configured IBSS beacon "
2461 "template\n", dev->name);
2462 skb = NULL;
2463 }
2464
2465 rates = 0;
2466 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
2467 for (i = 0; i < bss->supp_rates_len; i++) {
2468 int bitrate = (bss->supp_rates[i] & 0x7f) * 5;
2469 for (j = 0; j < sband->n_bitrates; j++)
2470 if (sband->bitrates[j].bitrate == bitrate)
2471 rates |= BIT(j);
2472 }
2473 ifsta->supp_rates_bits[local->hw.conf.channel->band] = rates;
2474
2475 ieee80211_sta_def_wmm_params(dev, bss, 1);
2476 } while (0);
2477
2478 if (skb) {
2479 printk(KERN_DEBUG "%s: Failed to configure IBSS beacon "
2480 "template\n", dev->name);
2481 dev_kfree_skb(skb);
2482 }
2483
2484 ifsta->state = IEEE80211_IBSS_JOINED;
2485 mod_timer(&ifsta->timer, jiffies + IEEE80211_IBSS_MERGE_INTERVAL);
2486
2487 ieee80211_rx_bss_put(dev, bss);
2488
2489 return res;
2490 }
2491
2492 u64 ieee80211_sta_get_rates(struct ieee80211_local *local,
2493 struct ieee802_11_elems *elems,
2494 enum ieee80211_band band)
2495 {
2496 struct ieee80211_supported_band *sband;
2497 struct ieee80211_rate *bitrates;
2498 size_t num_rates;
2499 u64 supp_rates;
2500 int i, j;
2501 sband = local->hw.wiphy->bands[band];
2502
2503 if (!sband) {
2504 WARN_ON(1);
2505 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
2506 }
2507
2508 bitrates = sband->bitrates;
2509 num_rates = sband->n_bitrates;
2510 supp_rates = 0;
2511 for (i = 0; i < elems->supp_rates_len +
2512 elems->ext_supp_rates_len; i++) {
2513 u8 rate = 0;
2514 int own_rate;
2515 if (i < elems->supp_rates_len)
2516 rate = elems->supp_rates[i];
2517 else if (elems->ext_supp_rates)
2518 rate = elems->ext_supp_rates
2519 [i - elems->supp_rates_len];
2520 own_rate = 5 * (rate & 0x7f);
2521 for (j = 0; j < num_rates; j++)
2522 if (bitrates[j].bitrate == own_rate)
2523 supp_rates |= BIT(j);
2524 }
2525 return supp_rates;
2526 }
2527
2528
2529 static void ieee80211_rx_bss_info(struct net_device *dev,
2530 struct ieee80211_mgmt *mgmt,
2531 size_t len,
2532 struct ieee80211_rx_status *rx_status,
2533 int beacon)
2534 {
2535 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2536 struct ieee802_11_elems elems;
2537 size_t baselen;
2538 int freq, clen;
2539 struct ieee80211_sta_bss *bss;
2540 struct sta_info *sta;
2541 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2542 u64 beacon_timestamp, rx_timestamp;
2543 struct ieee80211_channel *channel;
2544 DECLARE_MAC_BUF(mac);
2545 DECLARE_MAC_BUF(mac2);
2546
2547 if (!beacon && memcmp(mgmt->da, dev->dev_addr, ETH_ALEN))
2548 return; /* ignore ProbeResp to foreign address */
2549
2550 #if 0
2551 printk(KERN_DEBUG "%s: RX %s from %s to %s\n",
2552 dev->name, beacon ? "Beacon" : "Probe Response",
2553 print_mac(mac, mgmt->sa), print_mac(mac2, mgmt->da));
2554 #endif
2555
2556 baselen = (u8 *) mgmt->u.beacon.variable - (u8 *) mgmt;
2557 if (baselen > len)
2558 return;
2559
2560 beacon_timestamp = le64_to_cpu(mgmt->u.beacon.timestamp);
2561 ieee802_11_parse_elems(mgmt->u.beacon.variable, len - baselen, &elems);
2562
2563 if (ieee80211_vif_is_mesh(&sdata->vif) && elems.mesh_id &&
2564 elems.mesh_config && mesh_matches_local(&elems, dev)) {
2565 u64 rates = ieee80211_sta_get_rates(local, &elems,
2566 rx_status->band);
2567
2568 mesh_neighbour_update(mgmt->sa, rates, dev,
2569 mesh_peer_accepts_plinks(&elems, dev));
2570 }
2571
2572 rcu_read_lock();
2573
2574 if (sdata->vif.type == IEEE80211_IF_TYPE_IBSS && elems.supp_rates &&
2575 memcmp(mgmt->bssid, sdata->u.sta.bssid, ETH_ALEN) == 0 &&
2576 (sta = sta_info_get(local, mgmt->sa))) {
2577 u64 prev_rates;
2578 u64 supp_rates = ieee80211_sta_get_rates(local, &elems,
2579 rx_status->band);
2580
2581 prev_rates = sta->supp_rates[rx_status->band];
2582 sta->supp_rates[rx_status->band] &= supp_rates;
2583 if (sta->supp_rates[rx_status->band] == 0) {
2584 /* No matching rates - this should not really happen.
2585 * Make sure that at least one rate is marked
2586 * supported to avoid issues with TX rate ctrl. */
2587 sta->supp_rates[rx_status->band] =
2588 sdata->u.sta.supp_rates_bits[rx_status->band];
2589 }
2590 if (sta->supp_rates[rx_status->band] != prev_rates) {
2591 printk(KERN_DEBUG "%s: updated supp_rates set for "
2592 "%s based on beacon info (0x%llx & 0x%llx -> "
2593 "0x%llx)\n",
2594 dev->name, print_mac(mac, sta->addr),
2595 (unsigned long long) prev_rates,
2596 (unsigned long long) supp_rates,
2597 (unsigned long long) sta->supp_rates[rx_status->band]);
2598 }
2599 }
2600
2601 rcu_read_unlock();
2602
2603 if (elems.ds_params && elems.ds_params_len == 1)
2604 freq = ieee80211_channel_to_frequency(elems.ds_params[0]);
2605 else
2606 freq = rx_status->freq;
2607
2608 channel = ieee80211_get_channel(local->hw.wiphy, freq);
2609
2610 if (!channel || channel->flags & IEEE80211_CHAN_DISABLED)
2611 return;
2612
2613 #ifdef CONFIG_MAC80211_MESH
2614 if (elems.mesh_config)
2615 bss = ieee80211_rx_mesh_bss_get(dev, elems.mesh_id,
2616 elems.mesh_id_len, elems.mesh_config, freq);
2617 else
2618 #endif
2619 bss = ieee80211_rx_bss_get(dev, mgmt->bssid, freq,
2620 elems.ssid, elems.ssid_len);
2621 if (!bss) {
2622 #ifdef CONFIG_MAC80211_MESH
2623 if (elems.mesh_config)
2624 bss = ieee80211_rx_mesh_bss_add(dev, elems.mesh_id,
2625 elems.mesh_id_len, elems.mesh_config,
2626 elems.mesh_config_len, freq);
2627 else
2628 #endif
2629 bss = ieee80211_rx_bss_add(dev, mgmt->bssid, freq,
2630 elems.ssid, elems.ssid_len);
2631 if (!bss)
2632 return;
2633 } else {
2634 #if 0
2635 /* TODO: order by RSSI? */
2636 spin_lock_bh(&local->sta_bss_lock);
2637 list_move_tail(&bss->list, &local->sta_bss_list);
2638 spin_unlock_bh(&local->sta_bss_lock);
2639 #endif
2640 }
2641
2642 /* save the ERP value so that it is available at association time */
2643 if (elems.erp_info && elems.erp_info_len >= 1) {
2644 bss->erp_value = elems.erp_info[0];
2645 bss->has_erp_value = 1;
2646 }
2647
2648 if (elems.ht_cap_elem &&
2649 (!bss->ht_ie || bss->ht_ie_len != elems.ht_cap_elem_len ||
2650 memcmp(bss->ht_ie, elems.ht_cap_elem, elems.ht_cap_elem_len))) {
2651 kfree(bss->ht_ie);
2652 bss->ht_ie = kmalloc(elems.ht_cap_elem_len + 2, GFP_ATOMIC);
2653 if (bss->ht_ie) {
2654 memcpy(bss->ht_ie, elems.ht_cap_elem - 2,
2655 elems.ht_cap_elem_len + 2);
2656 bss->ht_ie_len = elems.ht_cap_elem_len + 2;
2657 } else
2658 bss->ht_ie_len = 0;
2659 } else if (!elems.ht_cap_elem && bss->ht_ie) {
2660 kfree(bss->ht_ie);
2661 bss->ht_ie = NULL;
2662 bss->ht_ie_len = 0;
2663 }
2664
2665 if (elems.ht_info_elem &&
2666 (!bss->ht_add_ie ||
2667 bss->ht_add_ie_len != elems.ht_info_elem_len ||
2668 memcmp(bss->ht_add_ie, elems.ht_info_elem,
2669 elems.ht_info_elem_len))) {
2670 kfree(bss->ht_add_ie);
2671 bss->ht_add_ie =
2672 kmalloc(elems.ht_info_elem_len + 2, GFP_ATOMIC);
2673 if (bss->ht_add_ie) {
2674 memcpy(bss->ht_add_ie, elems.ht_info_elem - 2,
2675 elems.ht_info_elem_len + 2);
2676 bss->ht_add_ie_len = elems.ht_info_elem_len + 2;
2677 } else
2678 bss->ht_add_ie_len = 0;
2679 } else if (!elems.ht_info_elem && bss->ht_add_ie) {
2680 kfree(bss->ht_add_ie);
2681 bss->ht_add_ie = NULL;
2682 bss->ht_add_ie_len = 0;
2683 }
2684
2685 bss->beacon_int = le16_to_cpu(mgmt->u.beacon.beacon_int);
2686 bss->capability = le16_to_cpu(mgmt->u.beacon.capab_info);
2687
2688 bss->supp_rates_len = 0;
2689 if (elems.supp_rates) {
2690 clen = IEEE80211_MAX_SUPP_RATES - bss->supp_rates_len;
2691 if (clen > elems.supp_rates_len)
2692 clen = elems.supp_rates_len;
2693 memcpy(&bss->supp_rates[bss->supp_rates_len], elems.supp_rates,
2694 clen);
2695 bss->supp_rates_len += clen;
2696 }
2697 if (elems.ext_supp_rates) {
2698 clen = IEEE80211_MAX_SUPP_RATES - bss->supp_rates_len;
2699 if (clen > elems.ext_supp_rates_len)
2700 clen = elems.ext_supp_rates_len;
2701 memcpy(&bss->supp_rates[bss->supp_rates_len],
2702 elems.ext_supp_rates, clen);
2703 bss->supp_rates_len += clen;
2704 }
2705
2706 bss->band = rx_status->band;
2707
2708 bss->timestamp = beacon_timestamp;
2709 bss->last_update = jiffies;
2710 bss->signal = rx_status->signal;
2711 bss->noise = rx_status->noise;
2712 bss->qual = rx_status->qual;
2713 if (!beacon && !bss->probe_resp)
2714 bss->probe_resp = true;
2715
2716 /*
2717 * In STA mode, the remaining parameters should not be overridden
2718 * by beacons because they're not necessarily accurate there.
2719 */
2720 if (sdata->vif.type != IEEE80211_IF_TYPE_IBSS &&
2721 bss->probe_resp && beacon) {
2722 ieee80211_rx_bss_put(dev, bss);
2723 return;
2724 }
2725
2726 if (elems.wpa &&
2727 (!bss->wpa_ie || bss->wpa_ie_len != elems.wpa_len ||
2728 memcmp(bss->wpa_ie, elems.wpa, elems.wpa_len))) {
2729 kfree(bss->wpa_ie);
2730 bss->wpa_ie = kmalloc(elems.wpa_len + 2, GFP_ATOMIC);
2731 if (bss->wpa_ie) {
2732 memcpy(bss->wpa_ie, elems.wpa - 2, elems.wpa_len + 2);
2733 bss->wpa_ie_len = elems.wpa_len + 2;
2734 } else
2735 bss->wpa_ie_len = 0;
2736 } else if (!elems.wpa && bss->wpa_ie) {
2737 kfree(bss->wpa_ie);
2738 bss->wpa_ie = NULL;
2739 bss->wpa_ie_len = 0;
2740 }
2741
2742 if (elems.rsn &&
2743 (!bss->rsn_ie || bss->rsn_ie_len != elems.rsn_len ||
2744 memcmp(bss->rsn_ie, elems.rsn, elems.rsn_len))) {
2745 kfree(bss->rsn_ie);
2746 bss->rsn_ie = kmalloc(elems.rsn_len + 2, GFP_ATOMIC);
2747 if (bss->rsn_ie) {
2748 memcpy(bss->rsn_ie, elems.rsn - 2, elems.rsn_len + 2);
2749 bss->rsn_ie_len = elems.rsn_len + 2;
2750 } else
2751 bss->rsn_ie_len = 0;
2752 } else if (!elems.rsn && bss->rsn_ie) {
2753 kfree(bss->rsn_ie);
2754 bss->rsn_ie = NULL;
2755 bss->rsn_ie_len = 0;
2756 }
2757
2758 /*
2759 * Cf.
2760 * http://www.wipo.int/pctdb/en/wo.jsp?wo=2007047181&IA=WO2007047181&DISPLAY=DESC
2761 *
2762 * quoting:
2763 *
2764 * In particular, "Wi-Fi CERTIFIED for WMM - Support for Multimedia
2765 * Applications with Quality of Service in Wi-Fi Networks," Wi- Fi
2766 * Alliance (September 1, 2004) is incorporated by reference herein.
2767 * The inclusion of the WMM Parameters in probe responses and
2768 * association responses is mandatory for WMM enabled networks. The
2769 * inclusion of the WMM Parameters in beacons, however, is optional.
2770 */
2771
2772 if (elems.wmm_param &&
2773 (!bss->wmm_ie || bss->wmm_ie_len != elems.wmm_param_len ||
2774 memcmp(bss->wmm_ie, elems.wmm_param, elems.wmm_param_len))) {
2775 kfree(bss->wmm_ie);
2776 bss->wmm_ie = kmalloc(elems.wmm_param_len + 2, GFP_ATOMIC);
2777 if (bss->wmm_ie) {
2778 memcpy(bss->wmm_ie, elems.wmm_param - 2,
2779 elems.wmm_param_len + 2);
2780 bss->wmm_ie_len = elems.wmm_param_len + 2;
2781 } else
2782 bss->wmm_ie_len = 0;
2783 } else if (elems.wmm_info &&
2784 (!bss->wmm_ie || bss->wmm_ie_len != elems.wmm_info_len ||
2785 memcmp(bss->wmm_ie, elems.wmm_info, elems.wmm_info_len))) {
2786 /* As for certain AP's Fifth bit is not set in WMM IE in
2787 * beacon frames.So while parsing the beacon frame the
2788 * wmm_info structure is used instead of wmm_param.
2789 * wmm_info structure was never used to set bss->wmm_ie.
2790 * This code fixes this problem by copying the WME
2791 * information from wmm_info to bss->wmm_ie and enabling
2792 * n-band association.
2793 */
2794 kfree(bss->wmm_ie);
2795 bss->wmm_ie = kmalloc(elems.wmm_info_len + 2, GFP_ATOMIC);
2796 if (bss->wmm_ie) {
2797 memcpy(bss->wmm_ie, elems.wmm_info - 2,
2798 elems.wmm_info_len + 2);
2799 bss->wmm_ie_len = elems.wmm_info_len + 2;
2800 } else
2801 bss->wmm_ie_len = 0;
2802 } else if (!elems.wmm_param && !elems.wmm_info && bss->wmm_ie) {
2803 kfree(bss->wmm_ie);
2804 bss->wmm_ie = NULL;
2805 bss->wmm_ie_len = 0;
2806 }
2807
2808 /* check if we need to merge IBSS */
2809 if (sdata->vif.type == IEEE80211_IF_TYPE_IBSS && beacon &&
2810 !local->sta_sw_scanning && !local->sta_hw_scanning &&
2811 bss->capability & WLAN_CAPABILITY_IBSS &&
2812 bss->freq == local->oper_channel->center_freq &&
2813 elems.ssid_len == sdata->u.sta.ssid_len &&
2814 memcmp(elems.ssid, sdata->u.sta.ssid, sdata->u.sta.ssid_len) == 0) {
2815 if (rx_status->flag & RX_FLAG_TSFT) {
2816 /* in order for correct IBSS merging we need mactime
2817 *
2818 * since mactime is defined as the time the first data
2819 * symbol of the frame hits the PHY, and the timestamp
2820 * of the beacon is defined as "the time that the data
2821 * symbol containing the first bit of the timestamp is
2822 * transmitted to the PHY plus the transmitting STA’s
2823 * delays through its local PHY from the MAC-PHY
2824 * interface to its interface with the WM"
2825 * (802.11 11.1.2) - equals the time this bit arrives at
2826 * the receiver - we have to take into account the
2827 * offset between the two.
2828 * e.g: at 1 MBit that means mactime is 192 usec earlier
2829 * (=24 bytes * 8 usecs/byte) than the beacon timestamp.
2830 */
2831 int rate = local->hw.wiphy->bands[rx_status->band]->
2832 bitrates[rx_status->rate_idx].bitrate;
2833 rx_timestamp = rx_status->mactime + (24 * 8 * 10 / rate);
2834 } else if (local && local->ops && local->ops->get_tsf)
2835 /* second best option: get current TSF */
2836 rx_timestamp = local->ops->get_tsf(local_to_hw(local));
2837 else
2838 /* can't merge without knowing the TSF */
2839 rx_timestamp = -1LLU;
2840 #ifdef CONFIG_MAC80211_IBSS_DEBUG
2841 printk(KERN_DEBUG "RX beacon SA=%s BSSID="
2842 "%s TSF=0x%llx BCN=0x%llx diff=%lld @%lu\n",
2843 print_mac(mac, mgmt->sa),
2844 print_mac(mac2, mgmt->bssid),
2845 (unsigned long long)rx_timestamp,
2846 (unsigned long long)beacon_timestamp,
2847 (unsigned long long)(rx_timestamp - beacon_timestamp),
2848 jiffies);
2849 #endif /* CONFIG_MAC80211_IBSS_DEBUG */
2850 if (beacon_timestamp > rx_timestamp) {
2851 #ifndef CONFIG_MAC80211_IBSS_DEBUG
2852 if (net_ratelimit())
2853 #endif
2854 printk(KERN_DEBUG "%s: beacon TSF higher than "
2855 "local TSF - IBSS merge with BSSID %s\n",
2856 dev->name, print_mac(mac, mgmt->bssid));
2857 ieee80211_sta_join_ibss(dev, &sdata->u.sta, bss);
2858 ieee80211_ibss_add_sta(dev, NULL,
2859 mgmt->bssid, mgmt->sa);
2860 }
2861 }
2862
2863 ieee80211_rx_bss_put(dev, bss);
2864 }
2865
2866
2867 static void ieee80211_rx_mgmt_probe_resp(struct net_device *dev,
2868 struct ieee80211_mgmt *mgmt,
2869 size_t len,
2870 struct ieee80211_rx_status *rx_status)
2871 {
2872 ieee80211_rx_bss_info(dev, mgmt, len, rx_status, 0);
2873 }
2874
2875
2876 static void ieee80211_rx_mgmt_beacon(struct net_device *dev,
2877 struct ieee80211_mgmt *mgmt,
2878 size_t len,
2879 struct ieee80211_rx_status *rx_status)
2880 {
2881 struct ieee80211_sub_if_data *sdata;
2882 struct ieee80211_if_sta *ifsta;
2883 size_t baselen;
2884 struct ieee802_11_elems elems;
2885 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2886 struct ieee80211_conf *conf = &local->hw.conf;
2887 u32 changed = 0;
2888
2889 ieee80211_rx_bss_info(dev, mgmt, len, rx_status, 1);
2890
2891 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2892 if (sdata->vif.type != IEEE80211_IF_TYPE_STA)
2893 return;
2894 ifsta = &sdata->u.sta;
2895
2896 if (!(ifsta->flags & IEEE80211_STA_ASSOCIATED) ||
2897 memcmp(ifsta->bssid, mgmt->bssid, ETH_ALEN) != 0)
2898 return;
2899
2900 /* Process beacon from the current BSS */
2901 baselen = (u8 *) mgmt->u.beacon.variable - (u8 *) mgmt;
2902 if (baselen > len)
2903 return;
2904
2905 ieee802_11_parse_elems(mgmt->u.beacon.variable, len - baselen, &elems);
2906
2907 ieee80211_sta_wmm_params(dev, ifsta, elems.wmm_param,
2908 elems.wmm_param_len);
2909
2910 /* Do not send changes to driver if we are scanning. This removes
2911 * requirement that driver's bss_info_changed function needs to be
2912 * atomic. */
2913 if (local->sta_sw_scanning || local->sta_hw_scanning)
2914 return;
2915
2916 if (elems.erp_info && elems.erp_info_len >= 1)
2917 changed |= ieee80211_handle_erp_ie(sdata, elems.erp_info[0]);
2918 else {
2919 u16 capab = le16_to_cpu(mgmt->u.beacon.capab_info);
2920 changed |= ieee80211_handle_protect_preamb(sdata, false,
2921 (capab & WLAN_CAPABILITY_SHORT_PREAMBLE) != 0);
2922 }
2923
2924 if (elems.ht_cap_elem && elems.ht_info_elem &&
2925 elems.wmm_param && conf->flags & IEEE80211_CONF_SUPPORT_HT_MODE) {
2926 struct ieee80211_ht_bss_info bss_info;
2927
2928 ieee80211_ht_addt_info_ie_to_ht_bss_info(
2929 (struct ieee80211_ht_addt_info *)
2930 elems.ht_info_elem, &bss_info);
2931 changed |= ieee80211_handle_ht(local, 1, &conf->ht_conf,
2932 &bss_info);
2933 }
2934
2935 ieee80211_bss_info_change_notify(sdata, changed);
2936 }
2937
2938
2939 static void ieee80211_rx_mgmt_probe_req(struct net_device *dev,
2940 struct ieee80211_if_sta *ifsta,
2941 struct ieee80211_mgmt *mgmt,
2942 size_t len,
2943 struct ieee80211_rx_status *rx_status)
2944 {
2945 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2946 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2947 int tx_last_beacon;
2948 struct sk_buff *skb;
2949 struct ieee80211_mgmt *resp;
2950 u8 *pos, *end;
2951 DECLARE_MAC_BUF(mac);
2952 #ifdef CONFIG_MAC80211_IBSS_DEBUG
2953 DECLARE_MAC_BUF(mac2);
2954 DECLARE_MAC_BUF(mac3);
2955 #endif
2956
2957 if (sdata->vif.type != IEEE80211_IF_TYPE_IBSS ||
2958 ifsta->state != IEEE80211_IBSS_JOINED ||
2959 len < 24 + 2 || !ifsta->probe_resp)
2960 return;
2961
2962 if (local->ops->tx_last_beacon)
2963 tx_last_beacon = local->ops->tx_last_beacon(local_to_hw(local));
2964 else
2965 tx_last_beacon = 1;
2966
2967 #ifdef CONFIG_MAC80211_IBSS_DEBUG
2968 printk(KERN_DEBUG "%s: RX ProbeReq SA=%s DA=%s BSSID="
2969 "%s (tx_last_beacon=%d)\n",
2970 dev->name, print_mac(mac, mgmt->sa), print_mac(mac2, mgmt->da),
2971 print_mac(mac3, mgmt->bssid), tx_last_beacon);
2972 #endif /* CONFIG_MAC80211_IBSS_DEBUG */
2973
2974 if (!tx_last_beacon)
2975 return;
2976
2977 if (memcmp(mgmt->bssid, ifsta->bssid, ETH_ALEN) != 0 &&
2978 memcmp(mgmt->bssid, "\xff\xff\xff\xff\xff\xff", ETH_ALEN) != 0)
2979 return;
2980
2981 end = ((u8 *) mgmt) + len;
2982 pos = mgmt->u.probe_req.variable;
2983 if (pos[0] != WLAN_EID_SSID ||
2984 pos + 2 + pos[1] > end) {
2985 if (net_ratelimit()) {
2986 printk(KERN_DEBUG "%s: Invalid SSID IE in ProbeReq "
2987 "from %s\n",
2988 dev->name, print_mac(mac, mgmt->sa));
2989 }
2990 return;
2991 }
2992 if (pos[1] != 0 &&
2993 (pos[1] != ifsta->ssid_len ||
2994 memcmp(pos + 2, ifsta->ssid, ifsta->ssid_len) != 0)) {
2995 /* Ignore ProbeReq for foreign SSID */
2996 return;
2997 }
2998
2999 /* Reply with ProbeResp */
3000 skb = skb_copy(ifsta->probe_resp, GFP_KERNEL);
3001 if (!skb)
3002 return;
3003
3004 resp = (struct ieee80211_mgmt *) skb->data;
3005 memcpy(resp->da, mgmt->sa, ETH_ALEN);
3006 #ifdef CONFIG_MAC80211_IBSS_DEBUG
3007 printk(KERN_DEBUG "%s: Sending ProbeResp to %s\n",
3008 dev->name, print_mac(mac, resp->da));
3009 #endif /* CONFIG_MAC80211_IBSS_DEBUG */
3010 ieee80211_sta_tx(dev, skb, 0);
3011 }
3012
3013 static void ieee80211_rx_mgmt_action(struct net_device *dev,
3014 struct ieee80211_if_sta *ifsta,
3015 struct ieee80211_mgmt *mgmt,
3016 size_t len,
3017 struct ieee80211_rx_status *rx_status)
3018 {
3019 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3020
3021 if (len < IEEE80211_MIN_ACTION_SIZE)
3022 return;
3023
3024 switch (mgmt->u.action.category) {
3025 case WLAN_CATEGORY_BACK:
3026 switch (mgmt->u.action.u.addba_req.action_code) {
3027 case WLAN_ACTION_ADDBA_REQ:
3028 if (len < (IEEE80211_MIN_ACTION_SIZE +
3029 sizeof(mgmt->u.action.u.addba_req)))
3030 break;
3031 ieee80211_sta_process_addba_request(dev, mgmt, len);
3032 break;
3033 case WLAN_ACTION_ADDBA_RESP:
3034 if (len < (IEEE80211_MIN_ACTION_SIZE +
3035 sizeof(mgmt->u.action.u.addba_resp)))
3036 break;
3037 ieee80211_sta_process_addba_resp(dev, mgmt, len);
3038 break;
3039 case WLAN_ACTION_DELBA:
3040 if (len < (IEEE80211_MIN_ACTION_SIZE +
3041 sizeof(mgmt->u.action.u.delba)))
3042 break;
3043 ieee80211_sta_process_delba(dev, mgmt, len);
3044 break;
3045 default:
3046 if (net_ratelimit())
3047 printk(KERN_DEBUG "%s: Rx unknown A-MPDU action\n",
3048 dev->name);
3049 break;
3050 }
3051 break;
3052 case PLINK_CATEGORY:
3053 if (ieee80211_vif_is_mesh(&sdata->vif))
3054 mesh_rx_plink_frame(dev, mgmt, len, rx_status);
3055 break;
3056 case MESH_PATH_SEL_CATEGORY:
3057 if (ieee80211_vif_is_mesh(&sdata->vif))
3058 mesh_rx_path_sel_frame(dev, mgmt, len);
3059 break;
3060 default:
3061 if (net_ratelimit())
3062 printk(KERN_DEBUG "%s: Rx unknown action frame - "
3063 "category=%d\n", dev->name, mgmt->u.action.category);
3064 break;
3065 }
3066 }
3067
3068 void ieee80211_sta_rx_mgmt(struct net_device *dev, struct sk_buff *skb,
3069 struct ieee80211_rx_status *rx_status)
3070 {
3071 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
3072 struct ieee80211_sub_if_data *sdata;
3073 struct ieee80211_if_sta *ifsta;
3074 struct ieee80211_mgmt *mgmt;
3075 u16 fc;
3076
3077 if (skb->len < 24)
3078 goto fail;
3079
3080 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3081 ifsta = &sdata->u.sta;
3082
3083 mgmt = (struct ieee80211_mgmt *) skb->data;
3084 fc = le16_to_cpu(mgmt->frame_control);
3085
3086 switch (fc & IEEE80211_FCTL_STYPE) {
3087 case IEEE80211_STYPE_PROBE_REQ:
3088 case IEEE80211_STYPE_PROBE_RESP:
3089 case IEEE80211_STYPE_BEACON:
3090 case IEEE80211_STYPE_ACTION:
3091 memcpy(skb->cb, rx_status, sizeof(*rx_status));
3092 case IEEE80211_STYPE_AUTH:
3093 case IEEE80211_STYPE_ASSOC_RESP:
3094 case IEEE80211_STYPE_REASSOC_RESP:
3095 case IEEE80211_STYPE_DEAUTH:
3096 case IEEE80211_STYPE_DISASSOC:
3097 skb_queue_tail(&ifsta->skb_queue, skb);
3098 queue_work(local->hw.workqueue, &ifsta->work);
3099 return;
3100 default:
3101 printk(KERN_DEBUG "%s: received unknown management frame - "
3102 "stype=%d\n", dev->name,
3103 (fc & IEEE80211_FCTL_STYPE) >> 4);
3104 break;
3105 }
3106
3107 fail:
3108 kfree_skb(skb);
3109 }
3110
3111
3112 static void ieee80211_sta_rx_queued_mgmt(struct net_device *dev,
3113 struct sk_buff *skb)
3114 {
3115 struct ieee80211_rx_status *rx_status;
3116 struct ieee80211_sub_if_data *sdata;
3117 struct ieee80211_if_sta *ifsta;
3118 struct ieee80211_mgmt *mgmt;
3119 u16 fc;
3120
3121 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3122 ifsta = &sdata->u.sta;
3123
3124 rx_status = (struct ieee80211_rx_status *) skb->cb;
3125 mgmt = (struct ieee80211_mgmt *) skb->data;
3126 fc = le16_to_cpu(mgmt->frame_control);
3127
3128 switch (fc & IEEE80211_FCTL_STYPE) {
3129 case IEEE80211_STYPE_PROBE_REQ:
3130 ieee80211_rx_mgmt_probe_req(dev, ifsta, mgmt, skb->len,
3131 rx_status);
3132 break;
3133 case IEEE80211_STYPE_PROBE_RESP:
3134 ieee80211_rx_mgmt_probe_resp(dev, mgmt, skb->len, rx_status);
3135 break;
3136 case IEEE80211_STYPE_BEACON:
3137 ieee80211_rx_mgmt_beacon(dev, mgmt, skb->len, rx_status);
3138 break;
3139 case IEEE80211_STYPE_AUTH:
3140 ieee80211_rx_mgmt_auth(dev, ifsta, mgmt, skb->len);
3141 break;
3142 case IEEE80211_STYPE_ASSOC_RESP:
3143 ieee80211_rx_mgmt_assoc_resp(sdata, ifsta, mgmt, skb->len, 0);
3144 break;
3145 case IEEE80211_STYPE_REASSOC_RESP:
3146 ieee80211_rx_mgmt_assoc_resp(sdata, ifsta, mgmt, skb->len, 1);
3147 break;
3148 case IEEE80211_STYPE_DEAUTH:
3149 ieee80211_rx_mgmt_deauth(dev, ifsta, mgmt, skb->len);
3150 break;
3151 case IEEE80211_STYPE_DISASSOC:
3152 ieee80211_rx_mgmt_disassoc(dev, ifsta, mgmt, skb->len);
3153 break;
3154 case IEEE80211_STYPE_ACTION:
3155 ieee80211_rx_mgmt_action(dev, ifsta, mgmt, skb->len, rx_status);
3156 break;
3157 }
3158
3159 kfree_skb(skb);
3160 }
3161
3162
3163 ieee80211_rx_result
3164 ieee80211_sta_rx_scan(struct net_device *dev, struct sk_buff *skb,
3165 struct ieee80211_rx_status *rx_status)
3166 {
3167 struct ieee80211_mgmt *mgmt;
3168 u16 fc;
3169
3170 if (skb->len < 2)
3171 return RX_DROP_UNUSABLE;
3172
3173 mgmt = (struct ieee80211_mgmt *) skb->data;
3174 fc = le16_to_cpu(mgmt->frame_control);
3175
3176 if ((fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_CTL)
3177 return RX_CONTINUE;
3178
3179 if (skb->len < 24)
3180 return RX_DROP_MONITOR;
3181
3182 if ((fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_MGMT) {
3183 if ((fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_PROBE_RESP) {
3184 ieee80211_rx_mgmt_probe_resp(dev, mgmt,
3185 skb->len, rx_status);
3186 dev_kfree_skb(skb);
3187 return RX_QUEUED;
3188 } else if ((fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_BEACON) {
3189 ieee80211_rx_mgmt_beacon(dev, mgmt, skb->len,
3190 rx_status);
3191 dev_kfree_skb(skb);
3192 return RX_QUEUED;
3193 }
3194 }
3195 return RX_CONTINUE;
3196 }
3197
3198
3199 static int ieee80211_sta_active_ibss(struct net_device *dev)
3200 {
3201 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
3202 int active = 0;
3203 struct sta_info *sta;
3204 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3205
3206 rcu_read_lock();
3207
3208 list_for_each_entry_rcu(sta, &local->sta_list, list) {
3209 if (sta->sdata == sdata &&
3210 time_after(sta->last_rx + IEEE80211_IBSS_MERGE_INTERVAL,
3211 jiffies)) {
3212 active++;
3213 break;
3214 }
3215 }
3216
3217 rcu_read_unlock();
3218
3219 return active;
3220 }
3221
3222
3223 static void ieee80211_sta_expire(struct net_device *dev, unsigned long exp_time)
3224 {
3225 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
3226 struct sta_info *sta, *tmp;
3227 LIST_HEAD(tmp_list);
3228 DECLARE_MAC_BUF(mac);
3229 unsigned long flags;
3230
3231 spin_lock_irqsave(&local->sta_lock, flags);
3232 list_for_each_entry_safe(sta, tmp, &local->sta_list, list)
3233 if (time_after(jiffies, sta->last_rx + exp_time)) {
3234 printk(KERN_DEBUG "%s: expiring inactive STA %s\n",
3235 dev->name, print_mac(mac, sta->addr));
3236 __sta_info_unlink(&sta);
3237 if (sta)
3238 list_add(&sta->list, &tmp_list);
3239 }
3240 spin_unlock_irqrestore(&local->sta_lock, flags);
3241
3242 list_for_each_entry_safe(sta, tmp, &tmp_list, list)
3243 sta_info_destroy(sta);
3244 }
3245
3246
3247 static void ieee80211_sta_merge_ibss(struct net_device *dev,
3248 struct ieee80211_if_sta *ifsta)
3249 {
3250 mod_timer(&ifsta->timer, jiffies + IEEE80211_IBSS_MERGE_INTERVAL);
3251
3252 ieee80211_sta_expire(dev, IEEE80211_IBSS_INACTIVITY_LIMIT);
3253 if (ieee80211_sta_active_ibss(dev))
3254 return;
3255
3256 printk(KERN_DEBUG "%s: No active IBSS STAs - trying to scan for other "
3257 "IBSS networks with same SSID (merge)\n", dev->name);
3258 ieee80211_sta_req_scan(dev, ifsta->ssid, ifsta->ssid_len);
3259 }
3260
3261
3262 #ifdef CONFIG_MAC80211_MESH
3263 static void ieee80211_mesh_housekeeping(struct net_device *dev,
3264 struct ieee80211_if_sta *ifsta)
3265 {
3266 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3267 bool free_plinks;
3268
3269 ieee80211_sta_expire(dev, IEEE80211_MESH_PEER_INACTIVITY_LIMIT);
3270 mesh_path_expire(dev);
3271
3272 free_plinks = mesh_plink_availables(sdata);
3273 if (free_plinks != sdata->u.sta.accepting_plinks)
3274 ieee80211_if_config_beacon(dev);
3275
3276 mod_timer(&ifsta->timer, jiffies +
3277 IEEE80211_MESH_HOUSEKEEPING_INTERVAL);
3278 }
3279
3280
3281 void ieee80211_start_mesh(struct net_device *dev)
3282 {
3283 struct ieee80211_if_sta *ifsta;
3284 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3285 ifsta = &sdata->u.sta;
3286 ifsta->state = IEEE80211_MESH_UP;
3287 ieee80211_sta_timer((unsigned long)sdata);
3288 }
3289 #endif
3290
3291
3292 void ieee80211_sta_timer(unsigned long data)
3293 {
3294 struct ieee80211_sub_if_data *sdata =
3295 (struct ieee80211_sub_if_data *) data;
3296 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
3297 struct ieee80211_local *local = wdev_priv(&sdata->wdev);
3298
3299 set_bit(IEEE80211_STA_REQ_RUN, &ifsta->request);
3300 queue_work(local->hw.workqueue, &ifsta->work);
3301 }
3302
3303 void ieee80211_sta_work(struct work_struct *work)
3304 {
3305 struct ieee80211_sub_if_data *sdata =
3306 container_of(work, struct ieee80211_sub_if_data, u.sta.work);
3307 struct net_device *dev = sdata->dev;
3308 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
3309 struct ieee80211_if_sta *ifsta;
3310 struct sk_buff *skb;
3311
3312 if (!netif_running(dev))
3313 return;
3314
3315 if (local->sta_sw_scanning || local->sta_hw_scanning)
3316 return;
3317
3318 if (sdata->vif.type != IEEE80211_IF_TYPE_STA &&
3319 sdata->vif.type != IEEE80211_IF_TYPE_IBSS &&
3320 sdata->vif.type != IEEE80211_IF_TYPE_MESH_POINT) {
3321 printk(KERN_DEBUG "%s: ieee80211_sta_work: non-STA interface "
3322 "(type=%d)\n", dev->name, sdata->vif.type);
3323 return;
3324 }
3325 ifsta = &sdata->u.sta;
3326
3327 while ((skb = skb_dequeue(&ifsta->skb_queue)))
3328 ieee80211_sta_rx_queued_mgmt(dev, skb);
3329
3330 #ifdef CONFIG_MAC80211_MESH
3331 if (ifsta->preq_queue_len &&
3332 time_after(jiffies,
3333 ifsta->last_preq + msecs_to_jiffies(ifsta->mshcfg.dot11MeshHWMPpreqMinInterval)))
3334 mesh_path_start_discovery(dev);
3335 #endif
3336
3337 if (ifsta->state != IEEE80211_AUTHENTICATE &&
3338 ifsta->state != IEEE80211_ASSOCIATE &&
3339 test_and_clear_bit(IEEE80211_STA_REQ_SCAN, &ifsta->request)) {
3340 if (ifsta->scan_ssid_len)
3341 ieee80211_sta_start_scan(dev, ifsta->scan_ssid, ifsta->scan_ssid_len);
3342 else
3343 ieee80211_sta_start_scan(dev, NULL, 0);
3344 return;
3345 }
3346
3347 if (test_and_clear_bit(IEEE80211_STA_REQ_AUTH, &ifsta->request)) {
3348 if (ieee80211_sta_config_auth(dev, ifsta))
3349 return;
3350 clear_bit(IEEE80211_STA_REQ_RUN, &ifsta->request);
3351 } else if (!test_and_clear_bit(IEEE80211_STA_REQ_RUN, &ifsta->request))
3352 return;
3353
3354 switch (ifsta->state) {
3355 case IEEE80211_DISABLED:
3356 break;
3357 case IEEE80211_AUTHENTICATE:
3358 ieee80211_authenticate(dev, ifsta);
3359 break;
3360 case IEEE80211_ASSOCIATE:
3361 ieee80211_associate(dev, ifsta);
3362 break;
3363 case IEEE80211_ASSOCIATED:
3364 ieee80211_associated(dev, ifsta);
3365 break;
3366 case IEEE80211_IBSS_SEARCH:
3367 ieee80211_sta_find_ibss(dev, ifsta);
3368 break;
3369 case IEEE80211_IBSS_JOINED:
3370 ieee80211_sta_merge_ibss(dev, ifsta);
3371 break;
3372 #ifdef CONFIG_MAC80211_MESH
3373 case IEEE80211_MESH_UP:
3374 ieee80211_mesh_housekeeping(dev, ifsta);
3375 break;
3376 #endif
3377 default:
3378 printk(KERN_DEBUG "ieee80211_sta_work: Unknown state %d\n",
3379 ifsta->state);
3380 break;
3381 }
3382
3383 if (ieee80211_privacy_mismatch(dev, ifsta)) {
3384 printk(KERN_DEBUG "%s: privacy configuration mismatch and "
3385 "mixed-cell disabled - disassociate\n", dev->name);
3386
3387 ieee80211_send_disassoc(dev, ifsta, WLAN_REASON_UNSPECIFIED);
3388 ieee80211_set_disassoc(dev, ifsta, 0);
3389 }
3390 }
3391
3392
3393 static void ieee80211_sta_reset_auth(struct net_device *dev,
3394 struct ieee80211_if_sta *ifsta)
3395 {
3396 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
3397
3398 if (local->ops->reset_tsf) {
3399 /* Reset own TSF to allow time synchronization work. */
3400 local->ops->reset_tsf(local_to_hw(local));
3401 }
3402
3403 ifsta->wmm_last_param_set = -1; /* allow any WMM update */
3404
3405
3406 if (ifsta->auth_algs & IEEE80211_AUTH_ALG_OPEN)
3407 ifsta->auth_alg = WLAN_AUTH_OPEN;
3408 else if (ifsta->auth_algs & IEEE80211_AUTH_ALG_SHARED_KEY)
3409 ifsta->auth_alg = WLAN_AUTH_SHARED_KEY;
3410 else if (ifsta->auth_algs & IEEE80211_AUTH_ALG_LEAP)
3411 ifsta->auth_alg = WLAN_AUTH_LEAP;
3412 else
3413 ifsta->auth_alg = WLAN_AUTH_OPEN;
3414 printk(KERN_DEBUG "%s: Initial auth_alg=%d\n", dev->name,
3415 ifsta->auth_alg);
3416 ifsta->auth_transaction = -1;
3417 ifsta->flags &= ~IEEE80211_STA_ASSOCIATED;
3418 ifsta->auth_tries = ifsta->assoc_tries = 0;
3419 netif_carrier_off(dev);
3420 }
3421
3422
3423 void ieee80211_sta_req_auth(struct net_device *dev,
3424 struct ieee80211_if_sta *ifsta)
3425 {
3426 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
3427 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3428
3429 if (sdata->vif.type != IEEE80211_IF_TYPE_STA)
3430 return;
3431
3432 if ((ifsta->flags & (IEEE80211_STA_BSSID_SET |
3433 IEEE80211_STA_AUTO_BSSID_SEL)) &&
3434 (ifsta->flags & (IEEE80211_STA_SSID_SET |
3435 IEEE80211_STA_AUTO_SSID_SEL))) {
3436 set_bit(IEEE80211_STA_REQ_AUTH, &ifsta->request);
3437 queue_work(local->hw.workqueue, &ifsta->work);
3438 }
3439 }
3440
3441 static int ieee80211_sta_match_ssid(struct ieee80211_if_sta *ifsta,
3442 const char *ssid, int ssid_len)
3443 {
3444 int tmp, hidden_ssid;
3445
3446 if (ssid_len == ifsta->ssid_len &&
3447 !memcmp(ifsta->ssid, ssid, ssid_len))
3448 return 1;
3449
3450 if (ifsta->flags & IEEE80211_STA_AUTO_BSSID_SEL)
3451 return 0;
3452
3453 hidden_ssid = 1;
3454 tmp = ssid_len;
3455 while (tmp--) {
3456 if (ssid[tmp] != '\0') {
3457 hidden_ssid = 0;
3458 break;
3459 }
3460 }
3461
3462 if (hidden_ssid && ifsta->ssid_len == ssid_len)
3463 return 1;
3464
3465 if (ssid_len == 1 && ssid[0] == ' ')
3466 return 1;
3467
3468 return 0;
3469 }
3470
3471 static int ieee80211_sta_config_auth(struct net_device *dev,
3472 struct ieee80211_if_sta *ifsta)
3473 {
3474 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
3475 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3476 struct ieee80211_sta_bss *bss, *selected = NULL;
3477 int top_rssi = 0, freq;
3478
3479 if (!(ifsta->flags & (IEEE80211_STA_AUTO_SSID_SEL |
3480 IEEE80211_STA_AUTO_BSSID_SEL | IEEE80211_STA_AUTO_CHANNEL_SEL))) {
3481 ifsta->state = IEEE80211_AUTHENTICATE;
3482 ieee80211_sta_reset_auth(dev, ifsta);
3483 return 0;
3484 }
3485
3486 spin_lock_bh(&local->sta_bss_lock);
3487 freq = local->oper_channel->center_freq;
3488 list_for_each_entry(bss, &local->sta_bss_list, list) {
3489 if (!(bss->capability & WLAN_CAPABILITY_ESS))
3490 continue;
3491
3492 if (!!(bss->capability & WLAN_CAPABILITY_PRIVACY) ^
3493 !!sdata->default_key)
3494 continue;
3495
3496 if (!(ifsta->flags & IEEE80211_STA_AUTO_CHANNEL_SEL) &&
3497 bss->freq != freq)
3498 continue;
3499
3500 if (!(ifsta->flags & IEEE80211_STA_AUTO_BSSID_SEL) &&
3501 memcmp(bss->bssid, ifsta->bssid, ETH_ALEN))
3502 continue;
3503
3504 if (!(ifsta->flags & IEEE80211_STA_AUTO_SSID_SEL) &&
3505 !ieee80211_sta_match_ssid(ifsta, bss->ssid, bss->ssid_len))
3506 continue;
3507
3508 if (!selected || top_rssi < bss->signal) {
3509 selected = bss;
3510 top_rssi = bss->signal;
3511 }
3512 }
3513 if (selected)
3514 atomic_inc(&selected->users);
3515 spin_unlock_bh(&local->sta_bss_lock);
3516
3517 if (selected) {
3518 ieee80211_set_freq(local, selected->freq);
3519 if (!(ifsta->flags & IEEE80211_STA_SSID_SET))
3520 ieee80211_sta_set_ssid(dev, selected->ssid,
3521 selected->ssid_len);
3522 ieee80211_sta_set_bssid(dev, selected->bssid);
3523 ieee80211_sta_def_wmm_params(dev, selected, 0);
3524 ieee80211_rx_bss_put(dev, selected);
3525 ifsta->state = IEEE80211_AUTHENTICATE;
3526 ieee80211_sta_reset_auth(dev, ifsta);
3527 return 0;
3528 } else {
3529 if (ifsta->state != IEEE80211_AUTHENTICATE) {
3530 if (ifsta->flags & IEEE80211_STA_AUTO_SSID_SEL)
3531 ieee80211_sta_start_scan(dev, NULL, 0);
3532 else
3533 ieee80211_sta_start_scan(dev, ifsta->ssid,
3534 ifsta->ssid_len);
3535 ifsta->state = IEEE80211_AUTHENTICATE;
3536 set_bit(IEEE80211_STA_REQ_AUTH, &ifsta->request);
3537 } else
3538 ifsta->state = IEEE80211_DISABLED;
3539 }
3540 return -1;
3541 }
3542
3543
3544 static int ieee80211_sta_create_ibss(struct net_device *dev,
3545 struct ieee80211_if_sta *ifsta)
3546 {
3547 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
3548 struct ieee80211_sta_bss *bss;
3549 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3550 struct ieee80211_supported_band *sband;
3551 u8 bssid[ETH_ALEN], *pos;
3552 int i;
3553 DECLARE_MAC_BUF(mac);
3554
3555 #if 0
3556 /* Easier testing, use fixed BSSID. */
3557 memset(bssid, 0xfe, ETH_ALEN);
3558 #else
3559 /* Generate random, not broadcast, locally administered BSSID. Mix in
3560 * own MAC address to make sure that devices that do not have proper
3561 * random number generator get different BSSID. */
3562 get_random_bytes(bssid, ETH_ALEN);
3563 for (i = 0; i < ETH_ALEN; i++)
3564 bssid[i] ^= dev->dev_addr[i];
3565 bssid[0] &= ~0x01;
3566 bssid[0] |= 0x02;
3567 #endif
3568
3569 printk(KERN_DEBUG "%s: Creating new IBSS network, BSSID %s\n",
3570 dev->name, print_mac(mac, bssid));
3571
3572 bss = ieee80211_rx_bss_add(dev, bssid,
3573 local->hw.conf.channel->center_freq,
3574 sdata->u.sta.ssid, sdata->u.sta.ssid_len);
3575 if (!bss)
3576 return -ENOMEM;
3577
3578 bss->band = local->hw.conf.channel->band;
3579 sband = local->hw.wiphy->bands[bss->band];
3580
3581 if (local->hw.conf.beacon_int == 0)
3582 local->hw.conf.beacon_int = 10000;
3583 bss->beacon_int = local->hw.conf.beacon_int;
3584 bss->last_update = jiffies;
3585 bss->capability = WLAN_CAPABILITY_IBSS;
3586
3587 if (sdata->default_key)
3588 bss->capability |= WLAN_CAPABILITY_PRIVACY;
3589 else
3590 sdata->drop_unencrypted = 0;
3591
3592 bss->supp_rates_len = sband->n_bitrates;
3593 pos = bss->supp_rates;
3594 for (i = 0; i < sband->n_bitrates; i++) {
3595 int rate = sband->bitrates[i].bitrate;
3596 *pos++ = (u8) (rate / 5);
3597 }
3598
3599 return ieee80211_sta_join_ibss(dev, ifsta, bss);
3600 }
3601
3602
3603 static int ieee80211_sta_find_ibss(struct net_device *dev,
3604 struct ieee80211_if_sta *ifsta)
3605 {
3606 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
3607 struct ieee80211_sta_bss *bss;
3608 int found = 0;
3609 u8 bssid[ETH_ALEN];
3610 int active_ibss;
3611 DECLARE_MAC_BUF(mac);
3612 DECLARE_MAC_BUF(mac2);
3613
3614 if (ifsta->ssid_len == 0)
3615 return -EINVAL;
3616
3617 active_ibss = ieee80211_sta_active_ibss(dev);
3618 #ifdef CONFIG_MAC80211_IBSS_DEBUG
3619 printk(KERN_DEBUG "%s: sta_find_ibss (active_ibss=%d)\n",
3620 dev->name, active_ibss);
3621 #endif /* CONFIG_MAC80211_IBSS_DEBUG */
3622 spin_lock_bh(&local->sta_bss_lock);
3623 list_for_each_entry(bss, &local->sta_bss_list, list) {
3624 if (ifsta->ssid_len != bss->ssid_len ||
3625 memcmp(ifsta->ssid, bss->ssid, bss->ssid_len) != 0
3626 || !(bss->capability & WLAN_CAPABILITY_IBSS))
3627 continue;
3628 #ifdef CONFIG_MAC80211_IBSS_DEBUG
3629 printk(KERN_DEBUG " bssid=%s found\n",
3630 print_mac(mac, bss->bssid));
3631 #endif /* CONFIG_MAC80211_IBSS_DEBUG */
3632 memcpy(bssid, bss->bssid, ETH_ALEN);
3633 found = 1;
3634 if (active_ibss || memcmp(bssid, ifsta->bssid, ETH_ALEN) != 0)
3635 break;
3636 }
3637 spin_unlock_bh(&local->sta_bss_lock);
3638
3639 #ifdef CONFIG_MAC80211_IBSS_DEBUG
3640 printk(KERN_DEBUG " sta_find_ibss: selected %s current "
3641 "%s\n", print_mac(mac, bssid), print_mac(mac2, ifsta->bssid));
3642 #endif /* CONFIG_MAC80211_IBSS_DEBUG */
3643 if (found && memcmp(ifsta->bssid, bssid, ETH_ALEN) != 0 &&
3644 (bss = ieee80211_rx_bss_get(dev, bssid,
3645 local->hw.conf.channel->center_freq,
3646 ifsta->ssid, ifsta->ssid_len))) {
3647 printk(KERN_DEBUG "%s: Selected IBSS BSSID %s"
3648 " based on configured SSID\n",
3649 dev->name, print_mac(mac, bssid));
3650 return ieee80211_sta_join_ibss(dev, ifsta, bss);
3651 }
3652 #ifdef CONFIG_MAC80211_IBSS_DEBUG
3653 printk(KERN_DEBUG " did not try to join ibss\n");
3654 #endif /* CONFIG_MAC80211_IBSS_DEBUG */
3655
3656 /* Selected IBSS not found in current scan results - try to scan */
3657 if (ifsta->state == IEEE80211_IBSS_JOINED &&
3658 !ieee80211_sta_active_ibss(dev)) {
3659 mod_timer(&ifsta->timer, jiffies +
3660 IEEE80211_IBSS_MERGE_INTERVAL);
3661 } else if (time_after(jiffies, local->last_scan_completed +
3662 IEEE80211_SCAN_INTERVAL)) {
3663 printk(KERN_DEBUG "%s: Trigger new scan to find an IBSS to "
3664 "join\n", dev->name);
3665 return ieee80211_sta_req_scan(dev, ifsta->ssid,
3666 ifsta->ssid_len);
3667 } else if (ifsta->state != IEEE80211_IBSS_JOINED) {
3668 int interval = IEEE80211_SCAN_INTERVAL;
3669
3670 if (time_after(jiffies, ifsta->ibss_join_req +
3671 IEEE80211_IBSS_JOIN_TIMEOUT)) {
3672 if ((ifsta->flags & IEEE80211_STA_CREATE_IBSS) &&
3673 (!(local->oper_channel->flags &
3674 IEEE80211_CHAN_NO_IBSS)))
3675 return ieee80211_sta_create_ibss(dev, ifsta);
3676 if (ifsta->flags & IEEE80211_STA_CREATE_IBSS) {
3677 printk(KERN_DEBUG "%s: IBSS not allowed on"
3678 " %d MHz\n", dev->name,
3679 local->hw.conf.channel->center_freq);
3680 }
3681
3682 /* No IBSS found - decrease scan interval and continue
3683 * scanning. */
3684 interval = IEEE80211_SCAN_INTERVAL_SLOW;
3685 }
3686
3687 ifsta->state = IEEE80211_IBSS_SEARCH;
3688 mod_timer(&ifsta->timer, jiffies + interval);
3689 return 0;
3690 }
3691
3692 return 0;
3693 }
3694
3695
3696 int ieee80211_sta_set_ssid(struct net_device *dev, char *ssid, size_t len)
3697 {
3698 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3699 struct ieee80211_if_sta *ifsta;
3700
3701 if (len > IEEE80211_MAX_SSID_LEN)
3702 return -EINVAL;
3703
3704 ifsta = &sdata->u.sta;
3705
3706 if (ifsta->ssid_len != len || memcmp(ifsta->ssid, ssid, len) != 0)
3707 ifsta->flags &= ~IEEE80211_STA_PREV_BSSID_SET;
3708 memcpy(ifsta->ssid, ssid, len);
3709 memset(ifsta->ssid + len, 0, IEEE80211_MAX_SSID_LEN - len);
3710 ifsta->ssid_len = len;
3711
3712 if (len)
3713 ifsta->flags |= IEEE80211_STA_SSID_SET;
3714 else
3715 ifsta->flags &= ~IEEE80211_STA_SSID_SET;
3716 if (sdata->vif.type == IEEE80211_IF_TYPE_IBSS &&
3717 !(ifsta->flags & IEEE80211_STA_BSSID_SET)) {
3718 ifsta->ibss_join_req = jiffies;
3719 ifsta->state = IEEE80211_IBSS_SEARCH;
3720 return ieee80211_sta_find_ibss(dev, ifsta);
3721 }
3722 return 0;
3723 }
3724
3725
3726 int ieee80211_sta_get_ssid(struct net_device *dev, char *ssid, size_t *len)
3727 {
3728 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3729 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
3730 memcpy(ssid, ifsta->ssid, ifsta->ssid_len);
3731 *len = ifsta->ssid_len;
3732 return 0;
3733 }
3734
3735
3736 int ieee80211_sta_set_bssid(struct net_device *dev, u8 *bssid)
3737 {
3738 struct ieee80211_sub_if_data *sdata;
3739 struct ieee80211_if_sta *ifsta;
3740 int res;
3741
3742 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3743 ifsta = &sdata->u.sta;
3744
3745 if (memcmp(ifsta->bssid, bssid, ETH_ALEN) != 0) {
3746 memcpy(ifsta->bssid, bssid, ETH_ALEN);
3747 res = ieee80211_if_config(dev);
3748 if (res) {
3749 printk(KERN_DEBUG "%s: Failed to config new BSSID to "
3750 "the low-level driver\n", dev->name);
3751 return res;
3752 }
3753 }
3754
3755 if (is_valid_ether_addr(bssid))
3756 ifsta->flags |= IEEE80211_STA_BSSID_SET;
3757 else
3758 ifsta->flags &= ~IEEE80211_STA_BSSID_SET;
3759
3760 return 0;
3761 }
3762
3763
3764 static void ieee80211_send_nullfunc(struct ieee80211_local *local,
3765 struct ieee80211_sub_if_data *sdata,
3766 int powersave)
3767 {
3768 struct sk_buff *skb;
3769 struct ieee80211_hdr *nullfunc;
3770 u16 fc;
3771
3772 skb = dev_alloc_skb(local->hw.extra_tx_headroom + 24);
3773 if (!skb) {
3774 printk(KERN_DEBUG "%s: failed to allocate buffer for nullfunc "
3775 "frame\n", sdata->dev->name);
3776 return;
3777 }
3778 skb_reserve(skb, local->hw.extra_tx_headroom);
3779
3780 nullfunc = (struct ieee80211_hdr *) skb_put(skb, 24);
3781 memset(nullfunc, 0, 24);
3782 fc = IEEE80211_FTYPE_DATA | IEEE80211_STYPE_NULLFUNC |
3783 IEEE80211_FCTL_TODS;
3784 if (powersave)
3785 fc |= IEEE80211_FCTL_PM;
3786 nullfunc->frame_control = cpu_to_le16(fc);
3787 memcpy(nullfunc->addr1, sdata->u.sta.bssid, ETH_ALEN);
3788 memcpy(nullfunc->addr2, sdata->dev->dev_addr, ETH_ALEN);
3789 memcpy(nullfunc->addr3, sdata->u.sta.bssid, ETH_ALEN);
3790
3791 ieee80211_sta_tx(sdata->dev, skb, 0);
3792 }
3793
3794
3795 static void ieee80211_restart_sta_timer(struct ieee80211_sub_if_data *sdata)
3796 {
3797 if (sdata->vif.type == IEEE80211_IF_TYPE_STA ||
3798 ieee80211_vif_is_mesh(&sdata->vif))
3799 ieee80211_sta_timer((unsigned long)sdata);
3800 }
3801
3802 void ieee80211_scan_completed(struct ieee80211_hw *hw)
3803 {
3804 struct ieee80211_local *local = hw_to_local(hw);
3805 struct net_device *dev = local->scan_dev;
3806 struct ieee80211_sub_if_data *sdata;
3807 union iwreq_data wrqu;
3808
3809 local->last_scan_completed = jiffies;
3810 memset(&wrqu, 0, sizeof(wrqu));
3811 wireless_send_event(dev, SIOCGIWSCAN, &wrqu, NULL);
3812
3813 if (local->sta_hw_scanning) {
3814 local->sta_hw_scanning = 0;
3815 if (ieee80211_hw_config(local))
3816 printk(KERN_DEBUG "%s: failed to restore operational "
3817 "channel after scan\n", dev->name);
3818 /* Restart STA timer for HW scan case */
3819 rcu_read_lock();
3820 list_for_each_entry_rcu(sdata, &local->interfaces, list)
3821 ieee80211_restart_sta_timer(sdata);
3822 rcu_read_unlock();
3823
3824 goto done;
3825 }
3826
3827 local->sta_sw_scanning = 0;
3828 if (ieee80211_hw_config(local))
3829 printk(KERN_DEBUG "%s: failed to restore operational "
3830 "channel after scan\n", dev->name);
3831
3832
3833 netif_tx_lock_bh(local->mdev);
3834 local->filter_flags &= ~FIF_BCN_PRBRESP_PROMISC;
3835 local->ops->configure_filter(local_to_hw(local),
3836 FIF_BCN_PRBRESP_PROMISC,
3837 &local->filter_flags,
3838 local->mdev->mc_count,
3839 local->mdev->mc_list);
3840
3841 netif_tx_unlock_bh(local->mdev);
3842
3843 rcu_read_lock();
3844 list_for_each_entry_rcu(sdata, &local->interfaces, list) {
3845
3846 /* No need to wake the master device. */
3847 if (sdata->dev == local->mdev)
3848 continue;
3849
3850 /* Tell AP we're back */
3851 if (sdata->vif.type == IEEE80211_IF_TYPE_STA &&
3852 sdata->u.sta.flags & IEEE80211_STA_ASSOCIATED)
3853 ieee80211_send_nullfunc(local, sdata, 0);
3854
3855 ieee80211_restart_sta_timer(sdata);
3856
3857 netif_wake_queue(sdata->dev);
3858 }
3859 rcu_read_unlock();
3860
3861 done:
3862 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3863 if (sdata->vif.type == IEEE80211_IF_TYPE_IBSS) {
3864 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
3865 if (!(ifsta->flags & IEEE80211_STA_BSSID_SET) ||
3866 (!ifsta->state == IEEE80211_IBSS_JOINED &&
3867 !ieee80211_sta_active_ibss(dev)))
3868 ieee80211_sta_find_ibss(dev, ifsta);
3869 }
3870 }
3871 EXPORT_SYMBOL(ieee80211_scan_completed);
3872
3873 void ieee80211_sta_scan_work(struct work_struct *work)
3874 {
3875 struct ieee80211_local *local =
3876 container_of(work, struct ieee80211_local, scan_work.work);
3877 struct net_device *dev = local->scan_dev;
3878 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3879 struct ieee80211_supported_band *sband;
3880 struct ieee80211_channel *chan;
3881 int skip;
3882 unsigned long next_delay = 0;
3883
3884 if (!local->sta_sw_scanning)
3885 return;
3886
3887 switch (local->scan_state) {
3888 case SCAN_SET_CHANNEL:
3889 /*
3890 * Get current scan band. scan_band may be IEEE80211_NUM_BANDS
3891 * after we successfully scanned the last channel of the last
3892 * band (and the last band is supported by the hw)
3893 */
3894 if (local->scan_band < IEEE80211_NUM_BANDS)
3895 sband = local->hw.wiphy->bands[local->scan_band];
3896 else
3897 sband = NULL;
3898
3899 /*
3900 * If we are at an unsupported band and have more bands
3901 * left to scan, advance to the next supported one.
3902 */
3903 while (!sband && local->scan_band < IEEE80211_NUM_BANDS - 1) {
3904 local->scan_band++;
3905 sband = local->hw.wiphy->bands[local->scan_band];
3906 local->scan_channel_idx = 0;
3907 }
3908
3909 /* if no more bands/channels left, complete scan */
3910 if (!sband || local->scan_channel_idx >= sband->n_channels) {
3911 ieee80211_scan_completed(local_to_hw(local));
3912 return;
3913 }
3914 skip = 0;
3915 chan = &sband->channels[local->scan_channel_idx];
3916
3917 if (chan->flags & IEEE80211_CHAN_DISABLED ||
3918 (sdata->vif.type == IEEE80211_IF_TYPE_IBSS &&
3919 chan->flags & IEEE80211_CHAN_NO_IBSS))
3920 skip = 1;
3921
3922 if (!skip) {
3923 local->scan_channel = chan;
3924 if (ieee80211_hw_config(local)) {
3925 printk(KERN_DEBUG "%s: failed to set freq to "
3926 "%d MHz for scan\n", dev->name,
3927 chan->center_freq);
3928 skip = 1;
3929 }
3930 }
3931
3932 /* advance state machine to next channel/band */
3933 local->scan_channel_idx++;
3934 if (local->scan_channel_idx >= sband->n_channels) {
3935 /*
3936 * scan_band may end up == IEEE80211_NUM_BANDS, but
3937 * we'll catch that case above and complete the scan
3938 * if that is the case.
3939 */
3940 local->scan_band++;
3941 local->scan_channel_idx = 0;
3942 }
3943
3944 if (skip)
3945 break;
3946
3947 next_delay = IEEE80211_PROBE_DELAY +
3948 usecs_to_jiffies(local->hw.channel_change_time);
3949 local->scan_state = SCAN_SEND_PROBE;
3950 break;
3951 case SCAN_SEND_PROBE:
3952 next_delay = IEEE80211_PASSIVE_CHANNEL_TIME;
3953 local->scan_state = SCAN_SET_CHANNEL;
3954
3955 if (local->scan_channel->flags & IEEE80211_CHAN_PASSIVE_SCAN)
3956 break;
3957 ieee80211_send_probe_req(dev, NULL, local->scan_ssid,
3958 local->scan_ssid_len);
3959 next_delay = IEEE80211_CHANNEL_TIME;
3960 break;
3961 }
3962
3963 if (local->sta_sw_scanning)
3964 queue_delayed_work(local->hw.workqueue, &local->scan_work,
3965 next_delay);
3966 }
3967
3968
3969 static int ieee80211_sta_start_scan(struct net_device *dev,
3970 u8 *ssid, size_t ssid_len)
3971 {
3972 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
3973 struct ieee80211_sub_if_data *sdata;
3974
3975 if (ssid_len > IEEE80211_MAX_SSID_LEN)
3976 return -EINVAL;
3977
3978 /* MLME-SCAN.request (page 118) page 144 (11.1.3.1)
3979 * BSSType: INFRASTRUCTURE, INDEPENDENT, ANY_BSS
3980 * BSSID: MACAddress
3981 * SSID
3982 * ScanType: ACTIVE, PASSIVE
3983 * ProbeDelay: delay (in microseconds) to be used prior to transmitting
3984 * a Probe frame during active scanning
3985 * ChannelList
3986 * MinChannelTime (>= ProbeDelay), in TU
3987 * MaxChannelTime: (>= MinChannelTime), in TU
3988 */
3989
3990 /* MLME-SCAN.confirm
3991 * BSSDescriptionSet
3992 * ResultCode: SUCCESS, INVALID_PARAMETERS
3993 */
3994
3995 if (local->sta_sw_scanning || local->sta_hw_scanning) {
3996 if (local->scan_dev == dev)
3997 return 0;
3998 return -EBUSY;
3999 }
4000
4001 if (local->ops->hw_scan) {
4002 int rc = local->ops->hw_scan(local_to_hw(local),
4003 ssid, ssid_len);
4004 if (!rc) {
4005 local->sta_hw_scanning = 1;
4006 local->scan_dev = dev;
4007 }
4008 return rc;
4009 }
4010
4011 local->sta_sw_scanning = 1;
4012
4013 rcu_read_lock();
4014 list_for_each_entry_rcu(sdata, &local->interfaces, list) {
4015
4016 /* Don't stop the master interface, otherwise we can't transmit
4017 * probes! */
4018 if (sdata->dev == local->mdev)
4019 continue;
4020
4021 netif_stop_queue(sdata->dev);
4022 if (sdata->vif.type == IEEE80211_IF_TYPE_STA &&
4023 (sdata->u.sta.flags & IEEE80211_STA_ASSOCIATED))
4024 ieee80211_send_nullfunc(local, sdata, 1);
4025 }
4026 rcu_read_unlock();
4027
4028 if (ssid) {
4029 local->scan_ssid_len = ssid_len;
4030 memcpy(local->scan_ssid, ssid, ssid_len);
4031 } else
4032 local->scan_ssid_len = 0;
4033 local->scan_state = SCAN_SET_CHANNEL;
4034 local->scan_channel_idx = 0;
4035 local->scan_band = IEEE80211_BAND_2GHZ;
4036 local->scan_dev = dev;
4037
4038 netif_tx_lock_bh(local->mdev);
4039 local->filter_flags |= FIF_BCN_PRBRESP_PROMISC;
4040 local->ops->configure_filter(local_to_hw(local),
4041 FIF_BCN_PRBRESP_PROMISC,
4042 &local->filter_flags,
4043 local->mdev->mc_count,
4044 local->mdev->mc_list);
4045 netif_tx_unlock_bh(local->mdev);
4046
4047 /* TODO: start scan as soon as all nullfunc frames are ACKed */
4048 queue_delayed_work(local->hw.workqueue, &local->scan_work,
4049 IEEE80211_CHANNEL_TIME);
4050
4051 return 0;
4052 }
4053
4054
4055 int ieee80211_sta_req_scan(struct net_device *dev, u8 *ssid, size_t ssid_len)
4056 {
4057 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
4058 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
4059 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
4060
4061 if (sdata->vif.type != IEEE80211_IF_TYPE_STA)
4062 return ieee80211_sta_start_scan(dev, ssid, ssid_len);
4063
4064 if (local->sta_sw_scanning || local->sta_hw_scanning) {
4065 if (local->scan_dev == dev)
4066 return 0;
4067 return -EBUSY;
4068 }
4069
4070 ifsta->scan_ssid_len = ssid_len;
4071 if (ssid_len)
4072 memcpy(ifsta->scan_ssid, ssid, ssid_len);
4073 set_bit(IEEE80211_STA_REQ_SCAN, &ifsta->request);
4074 queue_work(local->hw.workqueue, &ifsta->work);
4075 return 0;
4076 }
4077
4078 static char *
4079 ieee80211_sta_scan_result(struct net_device *dev,
4080 struct ieee80211_sta_bss *bss,
4081 char *current_ev, char *end_buf)
4082 {
4083 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
4084 struct iw_event iwe;
4085
4086 if (time_after(jiffies,
4087 bss->last_update + IEEE80211_SCAN_RESULT_EXPIRE))
4088 return current_ev;
4089
4090 memset(&iwe, 0, sizeof(iwe));
4091 iwe.cmd = SIOCGIWAP;
4092 iwe.u.ap_addr.sa_family = ARPHRD_ETHER;
4093 memcpy(iwe.u.ap_addr.sa_data, bss->bssid, ETH_ALEN);
4094 current_ev = iwe_stream_add_event(current_ev, end_buf, &iwe,
4095 IW_EV_ADDR_LEN);
4096
4097 memset(&iwe, 0, sizeof(iwe));
4098 iwe.cmd = SIOCGIWESSID;
4099 if (bss_mesh_cfg(bss)) {
4100 iwe.u.data.length = bss_mesh_id_len(bss);
4101 iwe.u.data.flags = 1;
4102 current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe,
4103 bss_mesh_id(bss));
4104 } else {
4105 iwe.u.data.length = bss->ssid_len;
4106 iwe.u.data.flags = 1;
4107 current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe,
4108 bss->ssid);
4109 }
4110
4111 if (bss->capability & (WLAN_CAPABILITY_ESS | WLAN_CAPABILITY_IBSS)
4112 || bss_mesh_cfg(bss)) {
4113 memset(&iwe, 0, sizeof(iwe));
4114 iwe.cmd = SIOCGIWMODE;
4115 if (bss_mesh_cfg(bss))
4116 iwe.u.mode = IW_MODE_MESH;
4117 else if (bss->capability & WLAN_CAPABILITY_ESS)
4118 iwe.u.mode = IW_MODE_MASTER;
4119 else
4120 iwe.u.mode = IW_MODE_ADHOC;
4121 current_ev = iwe_stream_add_event(current_ev, end_buf, &iwe,
4122 IW_EV_UINT_LEN);
4123 }
4124
4125 memset(&iwe, 0, sizeof(iwe));
4126 iwe.cmd = SIOCGIWFREQ;
4127 iwe.u.freq.m = bss->freq;
4128 iwe.u.freq.e = 6;
4129 current_ev = iwe_stream_add_event(current_ev, end_buf, &iwe,
4130 IW_EV_FREQ_LEN);
4131
4132 memset(&iwe, 0, sizeof(iwe));
4133 iwe.cmd = SIOCGIWFREQ;
4134 iwe.u.freq.m = ieee80211_frequency_to_channel(bss->freq);
4135 iwe.u.freq.e = 0;
4136 current_ev = iwe_stream_add_event(current_ev, end_buf, &iwe,
4137 IW_EV_FREQ_LEN);
4138
4139 memset(&iwe, 0, sizeof(iwe));
4140 iwe.cmd = IWEVQUAL;
4141 iwe.u.qual.qual = bss->qual;
4142 iwe.u.qual.level = bss->signal;
4143 iwe.u.qual.noise = bss->noise;
4144 iwe.u.qual.updated = local->wstats_flags;
4145 current_ev = iwe_stream_add_event(current_ev, end_buf, &iwe,
4146 IW_EV_QUAL_LEN);
4147
4148 memset(&iwe, 0, sizeof(iwe));
4149 iwe.cmd = SIOCGIWENCODE;
4150 if (bss->capability & WLAN_CAPABILITY_PRIVACY)
4151 iwe.u.data.flags = IW_ENCODE_ENABLED | IW_ENCODE_NOKEY;
4152 else
4153 iwe.u.data.flags = IW_ENCODE_DISABLED;
4154 iwe.u.data.length = 0;
4155 current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe, "");
4156
4157 if (bss && bss->wpa_ie) {
4158 memset(&iwe, 0, sizeof(iwe));
4159 iwe.cmd = IWEVGENIE;
4160 iwe.u.data.length = bss->wpa_ie_len;
4161 current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe,
4162 bss->wpa_ie);
4163 }
4164
4165 if (bss && bss->rsn_ie) {
4166 memset(&iwe, 0, sizeof(iwe));
4167 iwe.cmd = IWEVGENIE;
4168 iwe.u.data.length = bss->rsn_ie_len;
4169 current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe,
4170 bss->rsn_ie);
4171 }
4172
4173 if (bss && bss->ht_ie) {
4174 memset(&iwe, 0, sizeof(iwe));
4175 iwe.cmd = IWEVGENIE;
4176 iwe.u.data.length = bss->ht_ie_len;
4177 current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe,
4178 bss->ht_ie);
4179 }
4180
4181 if (bss && bss->supp_rates_len > 0) {
4182 /* display all supported rates in readable format */
4183 char *p = current_ev + IW_EV_LCP_LEN;
4184 int i;
4185
4186 memset(&iwe, 0, sizeof(iwe));
4187 iwe.cmd = SIOCGIWRATE;
4188 /* Those two flags are ignored... */
4189 iwe.u.bitrate.fixed = iwe.u.bitrate.disabled = 0;
4190
4191 for (i = 0; i < bss->supp_rates_len; i++) {
4192 iwe.u.bitrate.value = ((bss->supp_rates[i] &
4193 0x7f) * 500000);
4194 p = iwe_stream_add_value(current_ev, p,
4195 end_buf, &iwe, IW_EV_PARAM_LEN);
4196 }
4197 current_ev = p;
4198 }
4199
4200 if (bss) {
4201 char *buf;
4202 buf = kmalloc(30, GFP_ATOMIC);
4203 if (buf) {
4204 memset(&iwe, 0, sizeof(iwe));
4205 iwe.cmd = IWEVCUSTOM;
4206 sprintf(buf, "tsf=%016llx", (unsigned long long)(bss->timestamp));
4207 iwe.u.data.length = strlen(buf);
4208 current_ev = iwe_stream_add_point(current_ev, end_buf,
4209 &iwe, buf);
4210 kfree(buf);
4211 }
4212 }
4213
4214 if (bss_mesh_cfg(bss)) {
4215 char *buf;
4216 u8 *cfg = bss_mesh_cfg(bss);
4217 buf = kmalloc(50, GFP_ATOMIC);
4218 if (buf) {
4219 memset(&iwe, 0, sizeof(iwe));
4220 iwe.cmd = IWEVCUSTOM;
4221 sprintf(buf, "Mesh network (version %d)", cfg[0]);
4222 iwe.u.data.length = strlen(buf);
4223 current_ev = iwe_stream_add_point(current_ev, end_buf,
4224 &iwe, buf);
4225 sprintf(buf, "Path Selection Protocol ID: "
4226 "0x%02X%02X%02X%02X", cfg[1], cfg[2], cfg[3],
4227 cfg[4]);
4228 iwe.u.data.length = strlen(buf);
4229 current_ev = iwe_stream_add_point(current_ev, end_buf,
4230 &iwe, buf);
4231 sprintf(buf, "Path Selection Metric ID: "
4232 "0x%02X%02X%02X%02X", cfg[5], cfg[6], cfg[7],
4233 cfg[8]);
4234 iwe.u.data.length = strlen(buf);
4235 current_ev = iwe_stream_add_point(current_ev, end_buf,
4236 &iwe, buf);
4237 sprintf(buf, "Congestion Control Mode ID: "
4238 "0x%02X%02X%02X%02X", cfg[9], cfg[10],
4239 cfg[11], cfg[12]);
4240 iwe.u.data.length = strlen(buf);
4241 current_ev = iwe_stream_add_point(current_ev, end_buf,
4242 &iwe, buf);
4243 sprintf(buf, "Channel Precedence: "
4244 "0x%02X%02X%02X%02X", cfg[13], cfg[14],
4245 cfg[15], cfg[16]);
4246 iwe.u.data.length = strlen(buf);
4247 current_ev = iwe_stream_add_point(current_ev, end_buf,
4248 &iwe, buf);
4249 kfree(buf);
4250 }
4251 }
4252
4253 return current_ev;
4254 }
4255
4256
4257 int ieee80211_sta_scan_results(struct net_device *dev, char *buf, size_t len)
4258 {
4259 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
4260 char *current_ev = buf;
4261 char *end_buf = buf + len;
4262 struct ieee80211_sta_bss *bss;
4263
4264 spin_lock_bh(&local->sta_bss_lock);
4265 list_for_each_entry(bss, &local->sta_bss_list, list) {
4266 if (buf + len - current_ev <= IW_EV_ADDR_LEN) {
4267 spin_unlock_bh(&local->sta_bss_lock);
4268 return -E2BIG;
4269 }
4270 current_ev = ieee80211_sta_scan_result(dev, bss, current_ev,
4271 end_buf);
4272 }
4273 spin_unlock_bh(&local->sta_bss_lock);
4274 return current_ev - buf;
4275 }
4276
4277
4278 int ieee80211_sta_set_extra_ie(struct net_device *dev, char *ie, size_t len)
4279 {
4280 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
4281 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
4282
4283 kfree(ifsta->extra_ie);
4284 if (len == 0) {
4285 ifsta->extra_ie = NULL;
4286 ifsta->extra_ie_len = 0;
4287 return 0;
4288 }
4289 ifsta->extra_ie = kmalloc(len, GFP_KERNEL);
4290 if (!ifsta->extra_ie) {
4291 ifsta->extra_ie_len = 0;
4292 return -ENOMEM;
4293 }
4294 memcpy(ifsta->extra_ie, ie, len);
4295 ifsta->extra_ie_len = len;
4296 return 0;
4297 }
4298
4299
4300 struct sta_info *ieee80211_ibss_add_sta(struct net_device *dev,
4301 struct sk_buff *skb, u8 *bssid,
4302 u8 *addr)
4303 {
4304 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
4305 struct sta_info *sta;
4306 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
4307 DECLARE_MAC_BUF(mac);
4308
4309 /* TODO: Could consider removing the least recently used entry and
4310 * allow new one to be added. */
4311 if (local->num_sta >= IEEE80211_IBSS_MAX_STA_ENTRIES) {
4312 if (net_ratelimit()) {
4313 printk(KERN_DEBUG "%s: No room for a new IBSS STA "
4314 "entry %s\n", dev->name, print_mac(mac, addr));
4315 }
4316 return NULL;
4317 }
4318
4319 printk(KERN_DEBUG "%s: Adding new IBSS station %s (dev=%s)\n",
4320 wiphy_name(local->hw.wiphy), print_mac(mac, addr), dev->name);
4321
4322 sta = sta_info_alloc(sdata, addr, GFP_ATOMIC);
4323 if (!sta)
4324 return NULL;
4325
4326 set_sta_flags(sta, WLAN_STA_AUTHORIZED);
4327
4328 sta->supp_rates[local->hw.conf.channel->band] =
4329 sdata->u.sta.supp_rates_bits[local->hw.conf.channel->band];
4330
4331 rate_control_rate_init(sta, local);
4332
4333 if (sta_info_insert(sta))
4334 return NULL;
4335
4336 return sta;
4337 }
4338
4339
4340 int ieee80211_sta_deauthenticate(struct net_device *dev, u16 reason)
4341 {
4342 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
4343 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
4344
4345 printk(KERN_DEBUG "%s: deauthenticate(reason=%d)\n",
4346 dev->name, reason);
4347
4348 if (sdata->vif.type != IEEE80211_IF_TYPE_STA &&
4349 sdata->vif.type != IEEE80211_IF_TYPE_IBSS)
4350 return -EINVAL;
4351
4352 ieee80211_send_deauth(dev, ifsta, reason);
4353 ieee80211_set_disassoc(dev, ifsta, 1);
4354 return 0;
4355 }
4356
4357
4358 int ieee80211_sta_disassociate(struct net_device *dev, u16 reason)
4359 {
4360 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
4361 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
4362
4363 printk(KERN_DEBUG "%s: disassociate(reason=%d)\n",
4364 dev->name, reason);
4365
4366 if (sdata->vif.type != IEEE80211_IF_TYPE_STA)
4367 return -EINVAL;
4368
4369 if (!(ifsta->flags & IEEE80211_STA_ASSOCIATED))
4370 return -1;
4371
4372 ieee80211_send_disassoc(dev, ifsta, reason);
4373 ieee80211_set_disassoc(dev, ifsta, 0);
4374 return 0;
4375 }
4376
4377 void ieee80211_notify_mac(struct ieee80211_hw *hw,
4378 enum ieee80211_notification_types notif_type)
4379 {
4380 struct ieee80211_local *local = hw_to_local(hw);
4381 struct ieee80211_sub_if_data *sdata;
4382
4383 switch (notif_type) {
4384 case IEEE80211_NOTIFY_RE_ASSOC:
4385 rcu_read_lock();
4386 list_for_each_entry_rcu(sdata, &local->interfaces, list) {
4387
4388 if (sdata->vif.type == IEEE80211_IF_TYPE_STA) {
4389 ieee80211_sta_req_auth(sdata->dev,
4390 &sdata->u.sta);
4391 }
4392
4393 }
4394 rcu_read_unlock();
4395 break;
4396 }
4397 }
4398 EXPORT_SYMBOL(ieee80211_notify_mac);
Linux kernel - Deliverables
This page took 0.121542 seconds and 5 git commands to generate.