1 /* 2 * IBSS mode implementation 3 * Copyright 2003-2008, Jouni Malinen <j@w1.fi> 4 * Copyright 2004, Instant802 Networks, Inc. 5 * Copyright 2005, Devicescape Software, Inc. 6 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz> 7 * Copyright 2007, Michael Wu <flamingice@sourmilk.net> 8 * Copyright 2009, Johannes Berg <johannes@sipsolutions.net> 9 * 10 * This program is free software; you can redistribute it and/or modify 11 * it under the terms of the GNU General Public License version 2 as 12 * published by the Free Software Foundation. 13 */ 14 15 #include <linux/delay.h> 16 #include <linux/slab.h> 17 #include <linux/if_ether.h> 18 #include <linux/skbuff.h> 19 #include <linux/if_arp.h> 20 #include <linux/etherdevice.h> 21 #include <linux/rtnetlink.h> 22 #include <net/mac80211.h> 23 24 #include "ieee80211_i.h" 25 #include "driver-ops.h" 26 #include "rate.h" 27 28 #define IEEE80211_SCAN_INTERVAL (2 * HZ) 29 #define IEEE80211_SCAN_INTERVAL_SLOW (15 * HZ) 30 #define IEEE80211_IBSS_JOIN_TIMEOUT (7 * HZ) 31 32 #define IEEE80211_IBSS_MERGE_INTERVAL (30 * HZ) 33 #define IEEE80211_IBSS_INACTIVITY_LIMIT (60 * HZ) 34 35 #define IEEE80211_IBSS_MAX_STA_ENTRIES 128 36 37 38 static void __ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata, 39 const u8 *bssid, const int beacon_int, 40 struct ieee80211_channel *chan, 41 const u32 basic_rates, 42 const u16 capability, u64 tsf) 43 { 44 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; 45 struct ieee80211_local *local = sdata->local; 46 int rates, i; 47 struct sk_buff *skb; 48 struct ieee80211_mgmt *mgmt; 49 u8 *pos; 50 struct ieee80211_supported_band *sband; 51 struct cfg80211_bss *bss; 52 u32 bss_change; 53 u8 supp_rates[IEEE80211_MAX_SUPP_RATES]; 54 enum nl80211_channel_type channel_type; 55 56 lockdep_assert_held(&ifibss->mtx); 57 58 /* Reset own TSF to allow time synchronization work. */ 59 drv_reset_tsf(local, sdata); 60 61 skb = ifibss->skb; 62 RCU_INIT_POINTER(ifibss->presp, NULL); 63 synchronize_rcu(); 64 skb->data = skb->head; 65 skb->len = 0; 66 skb_reset_tail_pointer(skb); 67 skb_reserve(skb, sdata->local->hw.extra_tx_headroom); 68 69 if (!ether_addr_equal(ifibss->bssid, bssid)) 70 sta_info_flush(sdata->local, sdata); 71 72 /* if merging, indicate to driver that we leave the old IBSS */ 73 if (sdata->vif.bss_conf.ibss_joined) { 74 sdata->vif.bss_conf.ibss_joined = false; 75 netif_carrier_off(sdata->dev); 76 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_IBSS); 77 } 78 79 memcpy(ifibss->bssid, bssid, ETH_ALEN); 80 81 sdata->drop_unencrypted = capability & WLAN_CAPABILITY_PRIVACY ? 1 : 0; 82 83 local->oper_channel = chan; 84 channel_type = ifibss->channel_type; 85 if (!cfg80211_can_beacon_sec_chan(local->hw.wiphy, chan, channel_type)) 86 channel_type = NL80211_CHAN_HT20; 87 if (!ieee80211_set_channel_type(local, sdata, channel_type)) { 88 /* can only fail due to HT40+/- mismatch */ 89 channel_type = NL80211_CHAN_HT20; 90 WARN_ON(!ieee80211_set_channel_type(local, sdata, 91 NL80211_CHAN_HT20)); 92 } 93 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_CHANNEL); 94 95 sband = local->hw.wiphy->bands[chan->band]; 96 97 /* build supported rates array */ 98 pos = supp_rates; 99 for (i = 0; i < sband->n_bitrates; i++) { 100 int rate = sband->bitrates[i].bitrate; 101 u8 basic = 0; 102 if (basic_rates & BIT(i)) 103 basic = 0x80; 104 *pos++ = basic | (u8) (rate / 5); 105 } 106 107 /* Build IBSS probe response */ 108 mgmt = (void *) skb_put(skb, 24 + sizeof(mgmt->u.beacon)); 109 memset(mgmt, 0, 24 + sizeof(mgmt->u.beacon)); 110 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | 111 IEEE80211_STYPE_PROBE_RESP); 112 memset(mgmt->da, 0xff, ETH_ALEN); 113 memcpy(mgmt->sa, sdata->vif.addr, ETH_ALEN); 114 memcpy(mgmt->bssid, ifibss->bssid, ETH_ALEN); 115 mgmt->u.beacon.beacon_int = cpu_to_le16(beacon_int); 116 mgmt->u.beacon.timestamp = cpu_to_le64(tsf); 117 mgmt->u.beacon.capab_info = cpu_to_le16(capability); 118 119 pos = skb_put(skb, 2 + ifibss->ssid_len); 120 *pos++ = WLAN_EID_SSID; 121 *pos++ = ifibss->ssid_len; 122 memcpy(pos, ifibss->ssid, ifibss->ssid_len); 123 124 rates = sband->n_bitrates; 125 if (rates > 8) 126 rates = 8; 127 pos = skb_put(skb, 2 + rates); 128 *pos++ = WLAN_EID_SUPP_RATES; 129 *pos++ = rates; 130 memcpy(pos, supp_rates, rates); 131 132 if (sband->band == IEEE80211_BAND_2GHZ) { 133 pos = skb_put(skb, 2 + 1); 134 *pos++ = WLAN_EID_DS_PARAMS; 135 *pos++ = 1; 136 *pos++ = ieee80211_frequency_to_channel(chan->center_freq); 137 } 138 139 pos = skb_put(skb, 2 + 2); 140 *pos++ = WLAN_EID_IBSS_PARAMS; 141 *pos++ = 2; 142 /* FIX: set ATIM window based on scan results */ 143 *pos++ = 0; 144 *pos++ = 0; 145 146 if (sband->n_bitrates > 8) { 147 rates = sband->n_bitrates - 8; 148 pos = skb_put(skb, 2 + rates); 149 *pos++ = WLAN_EID_EXT_SUPP_RATES; 150 *pos++ = rates; 151 memcpy(pos, &supp_rates[8], rates); 152 } 153 154 if (ifibss->ie_len) 155 memcpy(skb_put(skb, ifibss->ie_len), 156 ifibss->ie, ifibss->ie_len); 157 158 /* add HT capability and information IEs */ 159 if (channel_type && sband->ht_cap.ht_supported) { 160 pos = skb_put(skb, 4 + 161 sizeof(struct ieee80211_ht_cap) + 162 sizeof(struct ieee80211_ht_operation)); 163 pos = ieee80211_ie_build_ht_cap(pos, &sband->ht_cap, 164 sband->ht_cap.cap); 165 /* 166 * Note: According to 802.11n-2009 9.13.3.1, HT Protection 167 * field and RIFS Mode are reserved in IBSS mode, therefore 168 * keep them at 0 169 */ 170 pos = ieee80211_ie_build_ht_oper(pos, &sband->ht_cap, 171 chan, channel_type, 0); 172 } 173 174 if (local->hw.queues >= IEEE80211_NUM_ACS) { 175 pos = skb_put(skb, 9); 176 *pos++ = WLAN_EID_VENDOR_SPECIFIC; 177 *pos++ = 7; /* len */ 178 *pos++ = 0x00; /* Microsoft OUI 00:50:F2 */ 179 *pos++ = 0x50; 180 *pos++ = 0xf2; 181 *pos++ = 2; /* WME */ 182 *pos++ = 0; /* WME info */ 183 *pos++ = 1; /* WME ver */ 184 *pos++ = 0; /* U-APSD no in use */ 185 } 186 187 rcu_assign_pointer(ifibss->presp, skb); 188 189 sdata->vif.bss_conf.beacon_int = beacon_int; 190 sdata->vif.bss_conf.basic_rates = basic_rates; 191 bss_change = BSS_CHANGED_BEACON_INT; 192 bss_change |= ieee80211_reset_erp_info(sdata); 193 bss_change |= BSS_CHANGED_BSSID; 194 bss_change |= BSS_CHANGED_BEACON; 195 bss_change |= BSS_CHANGED_BEACON_ENABLED; 196 bss_change |= BSS_CHANGED_BASIC_RATES; 197 bss_change |= BSS_CHANGED_HT; 198 bss_change |= BSS_CHANGED_IBSS; 199 sdata->vif.bss_conf.ibss_joined = true; 200 ieee80211_bss_info_change_notify(sdata, bss_change); 201 202 ieee80211_sta_def_wmm_params(sdata, sband->n_bitrates, supp_rates); 203 204 ifibss->state = IEEE80211_IBSS_MLME_JOINED; 205 mod_timer(&ifibss->timer, 206 round_jiffies(jiffies + IEEE80211_IBSS_MERGE_INTERVAL)); 207 208 bss = cfg80211_inform_bss_frame(local->hw.wiphy, local->hw.conf.channel, 209 mgmt, skb->len, 0, GFP_KERNEL); 210 cfg80211_put_bss(bss); 211 netif_carrier_on(sdata->dev); 212 cfg80211_ibss_joined(sdata->dev, ifibss->bssid, GFP_KERNEL); 213 } 214 215 static void ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata, 216 struct ieee80211_bss *bss) 217 { 218 struct cfg80211_bss *cbss = 219 container_of((void *)bss, struct cfg80211_bss, priv); 220 struct ieee80211_supported_band *sband; 221 u32 basic_rates; 222 int i, j; 223 u16 beacon_int = cbss->beacon_interval; 224 225 lockdep_assert_held(&sdata->u.ibss.mtx); 226 227 if (beacon_int < 10) 228 beacon_int = 10; 229 230 sband = sdata->local->hw.wiphy->bands[cbss->channel->band]; 231 232 basic_rates = 0; 233 234 for (i = 0; i < bss->supp_rates_len; i++) { 235 int rate = (bss->supp_rates[i] & 0x7f) * 5; 236 bool is_basic = !!(bss->supp_rates[i] & 0x80); 237 238 for (j = 0; j < sband->n_bitrates; j++) { 239 if (sband->bitrates[j].bitrate == rate) { 240 if (is_basic) 241 basic_rates |= BIT(j); 242 break; 243 } 244 } 245 } 246 247 __ieee80211_sta_join_ibss(sdata, cbss->bssid, 248 beacon_int, 249 cbss->channel, 250 basic_rates, 251 cbss->capability, 252 cbss->tsf); 253 } 254 255 static struct sta_info *ieee80211_ibss_finish_sta(struct sta_info *sta, 256 bool auth) 257 __acquires(RCU) 258 { 259 struct ieee80211_sub_if_data *sdata = sta->sdata; 260 u8 addr[ETH_ALEN]; 261 262 memcpy(addr, sta->sta.addr, ETH_ALEN); 263 264 ibss_dbg(sdata, "Adding new IBSS station %pM\n", addr); 265 266 sta_info_pre_move_state(sta, IEEE80211_STA_AUTH); 267 sta_info_pre_move_state(sta, IEEE80211_STA_ASSOC); 268 /* authorize the station only if the network is not RSN protected. If 269 * not wait for the userspace to authorize it */ 270 if (!sta->sdata->u.ibss.control_port) 271 sta_info_pre_move_state(sta, IEEE80211_STA_AUTHORIZED); 272 273 rate_control_rate_init(sta); 274 275 /* If it fails, maybe we raced another insertion? */ 276 if (sta_info_insert_rcu(sta)) 277 return sta_info_get(sdata, addr); 278 if (auth && !sdata->u.ibss.auth_frame_registrations) { 279 ibss_dbg(sdata, 280 "TX Auth SA=%pM DA=%pM BSSID=%pM (auth_transaction=1)\n", 281 sdata->vif.addr, sdata->u.ibss.bssid, addr); 282 ieee80211_send_auth(sdata, 1, WLAN_AUTH_OPEN, NULL, 0, 283 addr, sdata->u.ibss.bssid, NULL, 0, 0); 284 } 285 return sta; 286 } 287 288 static struct sta_info * 289 ieee80211_ibss_add_sta(struct ieee80211_sub_if_data *sdata, 290 const u8 *bssid, const u8 *addr, 291 u32 supp_rates, bool auth) 292 __acquires(RCU) 293 { 294 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; 295 struct ieee80211_local *local = sdata->local; 296 struct sta_info *sta; 297 int band = local->hw.conf.channel->band; 298 299 /* 300 * XXX: Consider removing the least recently used entry and 301 * allow new one to be added. 302 */ 303 if (local->num_sta >= IEEE80211_IBSS_MAX_STA_ENTRIES) { 304 net_info_ratelimited("%s: No room for a new IBSS STA entry %pM\n", 305 sdata->name, addr); 306 rcu_read_lock(); 307 return NULL; 308 } 309 310 if (ifibss->state == IEEE80211_IBSS_MLME_SEARCH) { 311 rcu_read_lock(); 312 return NULL; 313 } 314 315 if (!ether_addr_equal(bssid, sdata->u.ibss.bssid)) { 316 rcu_read_lock(); 317 return NULL; 318 } 319 320 sta = sta_info_alloc(sdata, addr, GFP_KERNEL); 321 if (!sta) { 322 rcu_read_lock(); 323 return NULL; 324 } 325 326 sta->last_rx = jiffies; 327 328 /* make sure mandatory rates are always added */ 329 sta->sta.supp_rates[band] = supp_rates | 330 ieee80211_mandatory_rates(local, band); 331 332 return ieee80211_ibss_finish_sta(sta, auth); 333 } 334 335 static void ieee80211_rx_mgmt_auth_ibss(struct ieee80211_sub_if_data *sdata, 336 struct ieee80211_mgmt *mgmt, 337 size_t len) 338 { 339 u16 auth_alg, auth_transaction; 340 341 lockdep_assert_held(&sdata->u.ibss.mtx); 342 343 if (len < 24 + 6) 344 return; 345 346 auth_alg = le16_to_cpu(mgmt->u.auth.auth_alg); 347 auth_transaction = le16_to_cpu(mgmt->u.auth.auth_transaction); 348 349 if (auth_alg != WLAN_AUTH_OPEN || auth_transaction != 1) 350 return; 351 ibss_dbg(sdata, 352 "RX Auth SA=%pM DA=%pM BSSID=%pM (auth_transaction=%d)\n", 353 mgmt->sa, mgmt->da, mgmt->bssid, auth_transaction); 354 sta_info_destroy_addr(sdata, mgmt->sa); 355 ieee80211_ibss_add_sta(sdata, mgmt->bssid, mgmt->sa, 0, false); 356 rcu_read_unlock(); 357 358 /* 359 * IEEE 802.11 standard does not require authentication in IBSS 360 * networks and most implementations do not seem to use it. 361 * However, try to reply to authentication attempts if someone 362 * has actually implemented this. 363 */ 364 ieee80211_send_auth(sdata, 2, WLAN_AUTH_OPEN, NULL, 0, 365 mgmt->sa, sdata->u.ibss.bssid, NULL, 0, 0); 366 } 367 368 static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata, 369 struct ieee80211_mgmt *mgmt, 370 size_t len, 371 struct ieee80211_rx_status *rx_status, 372 struct ieee802_11_elems *elems, 373 bool beacon) 374 { 375 struct ieee80211_local *local = sdata->local; 376 int freq; 377 struct cfg80211_bss *cbss; 378 struct ieee80211_bss *bss; 379 struct sta_info *sta; 380 struct ieee80211_channel *channel; 381 u64 beacon_timestamp, rx_timestamp; 382 u32 supp_rates = 0; 383 enum ieee80211_band band = rx_status->band; 384 struct ieee80211_supported_band *sband = local->hw.wiphy->bands[band]; 385 bool rates_updated = false; 386 387 if (elems->ds_params && elems->ds_params_len == 1) 388 freq = ieee80211_channel_to_frequency(elems->ds_params[0], 389 band); 390 else 391 freq = rx_status->freq; 392 393 channel = ieee80211_get_channel(local->hw.wiphy, freq); 394 395 if (!channel || channel->flags & IEEE80211_CHAN_DISABLED) 396 return; 397 398 if (sdata->vif.type == NL80211_IFTYPE_ADHOC && 399 ether_addr_equal(mgmt->bssid, sdata->u.ibss.bssid)) { 400 401 rcu_read_lock(); 402 sta = sta_info_get(sdata, mgmt->sa); 403 404 if (elems->supp_rates) { 405 supp_rates = ieee80211_sta_get_rates(local, elems, 406 band, NULL); 407 if (sta) { 408 u32 prev_rates; 409 410 prev_rates = sta->sta.supp_rates[band]; 411 /* make sure mandatory rates are always added */ 412 sta->sta.supp_rates[band] = supp_rates | 413 ieee80211_mandatory_rates(local, band); 414 415 if (sta->sta.supp_rates[band] != prev_rates) { 416 ibss_dbg(sdata, 417 "updated supp_rates set for %pM based on beacon/probe_resp (0x%x -> 0x%x)\n", 418 sta->sta.addr, prev_rates, 419 sta->sta.supp_rates[band]); 420 rates_updated = true; 421 } 422 } else { 423 rcu_read_unlock(); 424 sta = ieee80211_ibss_add_sta(sdata, mgmt->bssid, 425 mgmt->sa, supp_rates, true); 426 } 427 } 428 429 if (sta && elems->wmm_info) 430 set_sta_flag(sta, WLAN_STA_WME); 431 432 if (sta && elems->ht_operation && elems->ht_cap_elem && 433 sdata->u.ibss.channel_type != NL80211_CHAN_NO_HT) { 434 /* we both use HT */ 435 struct ieee80211_sta_ht_cap sta_ht_cap_new; 436 enum nl80211_channel_type channel_type = 437 ieee80211_ht_oper_to_channel_type( 438 elems->ht_operation); 439 440 ieee80211_ht_cap_ie_to_sta_ht_cap(sdata, sband, 441 elems->ht_cap_elem, 442 &sta_ht_cap_new); 443 444 /* 445 * fall back to HT20 if we don't use or use 446 * the other extension channel 447 */ 448 if (!(channel_type == NL80211_CHAN_HT40MINUS || 449 channel_type == NL80211_CHAN_HT40PLUS) || 450 channel_type != sdata->u.ibss.channel_type) 451 sta_ht_cap_new.cap &= 452 ~IEEE80211_HT_CAP_SUP_WIDTH_20_40; 453 454 if (memcmp(&sta->sta.ht_cap, &sta_ht_cap_new, 455 sizeof(sta_ht_cap_new))) { 456 memcpy(&sta->sta.ht_cap, &sta_ht_cap_new, 457 sizeof(sta_ht_cap_new)); 458 rates_updated = true; 459 } 460 } 461 462 if (sta && rates_updated) 463 rate_control_rate_init(sta); 464 465 rcu_read_unlock(); 466 } 467 468 bss = ieee80211_bss_info_update(local, rx_status, mgmt, len, elems, 469 channel, beacon); 470 if (!bss) 471 return; 472 473 cbss = container_of((void *)bss, struct cfg80211_bss, priv); 474 475 /* was just updated in ieee80211_bss_info_update */ 476 beacon_timestamp = cbss->tsf; 477 478 /* check if we need to merge IBSS */ 479 480 /* we use a fixed BSSID */ 481 if (sdata->u.ibss.fixed_bssid) 482 goto put_bss; 483 484 /* not an IBSS */ 485 if (!(cbss->capability & WLAN_CAPABILITY_IBSS)) 486 goto put_bss; 487 488 /* different channel */ 489 if (cbss->channel != local->oper_channel) 490 goto put_bss; 491 492 /* different SSID */ 493 if (elems->ssid_len != sdata->u.ibss.ssid_len || 494 memcmp(elems->ssid, sdata->u.ibss.ssid, 495 sdata->u.ibss.ssid_len)) 496 goto put_bss; 497 498 /* same BSSID */ 499 if (ether_addr_equal(cbss->bssid, sdata->u.ibss.bssid)) 500 goto put_bss; 501 502 if (rx_status->flag & RX_FLAG_MACTIME_MPDU) { 503 /* 504 * For correct IBSS merging we need mactime; since mactime is 505 * defined as the time the first data symbol of the frame hits 506 * the PHY, and the timestamp of the beacon is defined as "the 507 * time that the data symbol containing the first bit of the 508 * timestamp is transmitted to the PHY plus the transmitting 509 * STA's delays through its local PHY from the MAC-PHY 510 * interface to its interface with the WM" (802.11 11.1.2) 511 * - equals the time this bit arrives at the receiver - we have 512 * to take into account the offset between the two. 513 * 514 * E.g. at 1 MBit that means mactime is 192 usec earlier 515 * (=24 bytes * 8 usecs/byte) than the beacon timestamp. 516 */ 517 int rate; 518 519 if (rx_status->flag & RX_FLAG_HT) 520 rate = 65; /* TODO: HT rates */ 521 else 522 rate = local->hw.wiphy->bands[band]-> 523 bitrates[rx_status->rate_idx].bitrate; 524 525 rx_timestamp = rx_status->mactime + (24 * 8 * 10 / rate); 526 } else { 527 /* 528 * second best option: get current TSF 529 * (will return -1 if not supported) 530 */ 531 rx_timestamp = drv_get_tsf(local, sdata); 532 } 533 534 ibss_dbg(sdata, 535 "RX beacon SA=%pM BSSID=%pM TSF=0x%llx BCN=0x%llx diff=%lld @%lu\n", 536 mgmt->sa, mgmt->bssid, 537 (unsigned long long)rx_timestamp, 538 (unsigned long long)beacon_timestamp, 539 (unsigned long long)(rx_timestamp - beacon_timestamp), 540 jiffies); 541 542 if (beacon_timestamp > rx_timestamp) { 543 ibss_dbg(sdata, 544 "beacon TSF higher than local TSF - IBSS merge with BSSID %pM\n", 545 mgmt->bssid); 546 ieee80211_sta_join_ibss(sdata, bss); 547 supp_rates = ieee80211_sta_get_rates(local, elems, band, NULL); 548 ieee80211_ibss_add_sta(sdata, mgmt->bssid, mgmt->sa, 549 supp_rates, true); 550 rcu_read_unlock(); 551 } 552 553 put_bss: 554 ieee80211_rx_bss_put(local, bss); 555 } 556 557 void ieee80211_ibss_rx_no_sta(struct ieee80211_sub_if_data *sdata, 558 const u8 *bssid, const u8 *addr, 559 u32 supp_rates) 560 { 561 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; 562 struct ieee80211_local *local = sdata->local; 563 struct sta_info *sta; 564 int band = local->hw.conf.channel->band; 565 566 /* 567 * XXX: Consider removing the least recently used entry and 568 * allow new one to be added. 569 */ 570 if (local->num_sta >= IEEE80211_IBSS_MAX_STA_ENTRIES) { 571 net_info_ratelimited("%s: No room for a new IBSS STA entry %pM\n", 572 sdata->name, addr); 573 return; 574 } 575 576 if (ifibss->state == IEEE80211_IBSS_MLME_SEARCH) 577 return; 578 579 if (!ether_addr_equal(bssid, sdata->u.ibss.bssid)) 580 return; 581 582 sta = sta_info_alloc(sdata, addr, GFP_ATOMIC); 583 if (!sta) 584 return; 585 586 sta->last_rx = jiffies; 587 588 /* make sure mandatory rates are always added */ 589 sta->sta.supp_rates[band] = supp_rates | 590 ieee80211_mandatory_rates(local, band); 591 592 spin_lock(&ifibss->incomplete_lock); 593 list_add(&sta->list, &ifibss->incomplete_stations); 594 spin_unlock(&ifibss->incomplete_lock); 595 ieee80211_queue_work(&local->hw, &sdata->work); 596 } 597 598 static int ieee80211_sta_active_ibss(struct ieee80211_sub_if_data *sdata) 599 { 600 struct ieee80211_local *local = sdata->local; 601 int active = 0; 602 struct sta_info *sta; 603 604 lockdep_assert_held(&sdata->u.ibss.mtx); 605 606 rcu_read_lock(); 607 608 list_for_each_entry_rcu(sta, &local->sta_list, list) { 609 if (sta->sdata == sdata && 610 time_after(sta->last_rx + IEEE80211_IBSS_MERGE_INTERVAL, 611 jiffies)) { 612 active++; 613 break; 614 } 615 } 616 617 rcu_read_unlock(); 618 619 return active; 620 } 621 622 /* 623 * This function is called with state == IEEE80211_IBSS_MLME_JOINED 624 */ 625 626 static void ieee80211_sta_merge_ibss(struct ieee80211_sub_if_data *sdata) 627 { 628 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; 629 630 lockdep_assert_held(&ifibss->mtx); 631 632 mod_timer(&ifibss->timer, 633 round_jiffies(jiffies + IEEE80211_IBSS_MERGE_INTERVAL)); 634 635 ieee80211_sta_expire(sdata, IEEE80211_IBSS_INACTIVITY_LIMIT); 636 637 if (time_before(jiffies, ifibss->last_scan_completed + 638 IEEE80211_IBSS_MERGE_INTERVAL)) 639 return; 640 641 if (ieee80211_sta_active_ibss(sdata)) 642 return; 643 644 if (ifibss->fixed_channel) 645 return; 646 647 sdata_info(sdata, 648 "No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)\n"); 649 650 ieee80211_request_internal_scan(sdata, 651 ifibss->ssid, ifibss->ssid_len, NULL); 652 } 653 654 static void ieee80211_sta_create_ibss(struct ieee80211_sub_if_data *sdata) 655 { 656 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; 657 u8 bssid[ETH_ALEN]; 658 u16 capability; 659 int i; 660 661 lockdep_assert_held(&ifibss->mtx); 662 663 if (ifibss->fixed_bssid) { 664 memcpy(bssid, ifibss->bssid, ETH_ALEN); 665 } else { 666 /* Generate random, not broadcast, locally administered BSSID. Mix in 667 * own MAC address to make sure that devices that do not have proper 668 * random number generator get different BSSID. */ 669 get_random_bytes(bssid, ETH_ALEN); 670 for (i = 0; i < ETH_ALEN; i++) 671 bssid[i] ^= sdata->vif.addr[i]; 672 bssid[0] &= ~0x01; 673 bssid[0] |= 0x02; 674 } 675 676 sdata_info(sdata, "Creating new IBSS network, BSSID %pM\n", bssid); 677 678 capability = WLAN_CAPABILITY_IBSS; 679 680 if (ifibss->privacy) 681 capability |= WLAN_CAPABILITY_PRIVACY; 682 else 683 sdata->drop_unencrypted = 0; 684 685 __ieee80211_sta_join_ibss(sdata, bssid, sdata->vif.bss_conf.beacon_int, 686 ifibss->channel, ifibss->basic_rates, 687 capability, 0); 688 } 689 690 /* 691 * This function is called with state == IEEE80211_IBSS_MLME_SEARCH 692 */ 693 694 static void ieee80211_sta_find_ibss(struct ieee80211_sub_if_data *sdata) 695 { 696 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; 697 struct ieee80211_local *local = sdata->local; 698 struct cfg80211_bss *cbss; 699 struct ieee80211_channel *chan = NULL; 700 const u8 *bssid = NULL; 701 int active_ibss; 702 u16 capability; 703 704 lockdep_assert_held(&ifibss->mtx); 705 706 active_ibss = ieee80211_sta_active_ibss(sdata); 707 ibss_dbg(sdata, "sta_find_ibss (active_ibss=%d)\n", active_ibss); 708 709 if (active_ibss) 710 return; 711 712 capability = WLAN_CAPABILITY_IBSS; 713 if (ifibss->privacy) 714 capability |= WLAN_CAPABILITY_PRIVACY; 715 if (ifibss->fixed_bssid) 716 bssid = ifibss->bssid; 717 if (ifibss->fixed_channel) 718 chan = ifibss->channel; 719 if (!is_zero_ether_addr(ifibss->bssid)) 720 bssid = ifibss->bssid; 721 cbss = cfg80211_get_bss(local->hw.wiphy, chan, bssid, 722 ifibss->ssid, ifibss->ssid_len, 723 WLAN_CAPABILITY_IBSS | WLAN_CAPABILITY_PRIVACY, 724 capability); 725 726 if (cbss) { 727 struct ieee80211_bss *bss; 728 729 bss = (void *)cbss->priv; 730 ibss_dbg(sdata, 731 "sta_find_ibss: selected %pM current %pM\n", 732 cbss->bssid, ifibss->bssid); 733 sdata_info(sdata, 734 "Selected IBSS BSSID %pM based on configured SSID\n", 735 cbss->bssid); 736 737 ieee80211_sta_join_ibss(sdata, bss); 738 ieee80211_rx_bss_put(local, bss); 739 return; 740 } 741 742 ibss_dbg(sdata, "sta_find_ibss: did not try to join ibss\n"); 743 744 /* Selected IBSS not found in current scan results - try to scan */ 745 if (time_after(jiffies, ifibss->last_scan_completed + 746 IEEE80211_SCAN_INTERVAL)) { 747 sdata_info(sdata, "Trigger new scan to find an IBSS to join\n"); 748 749 ieee80211_request_internal_scan(sdata, 750 ifibss->ssid, ifibss->ssid_len, 751 ifibss->fixed_channel ? ifibss->channel : NULL); 752 } else { 753 int interval = IEEE80211_SCAN_INTERVAL; 754 755 if (time_after(jiffies, ifibss->ibss_join_req + 756 IEEE80211_IBSS_JOIN_TIMEOUT)) { 757 if (!(local->oper_channel->flags & IEEE80211_CHAN_NO_IBSS)) { 758 ieee80211_sta_create_ibss(sdata); 759 return; 760 } 761 sdata_info(sdata, "IBSS not allowed on %d MHz\n", 762 local->hw.conf.channel->center_freq); 763 764 /* No IBSS found - decrease scan interval and continue 765 * scanning. */ 766 interval = IEEE80211_SCAN_INTERVAL_SLOW; 767 } 768 769 mod_timer(&ifibss->timer, 770 round_jiffies(jiffies + interval)); 771 } 772 } 773 774 static void ieee80211_rx_mgmt_probe_req(struct ieee80211_sub_if_data *sdata, 775 struct sk_buff *req) 776 { 777 struct ieee80211_mgmt *mgmt = (void *)req->data; 778 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; 779 struct ieee80211_local *local = sdata->local; 780 int tx_last_beacon, len = req->len; 781 struct sk_buff *skb; 782 struct ieee80211_mgmt *resp; 783 struct sk_buff *presp; 784 u8 *pos, *end; 785 786 lockdep_assert_held(&ifibss->mtx); 787 788 presp = rcu_dereference_protected(ifibss->presp, 789 lockdep_is_held(&ifibss->mtx)); 790 791 if (ifibss->state != IEEE80211_IBSS_MLME_JOINED || 792 len < 24 + 2 || !presp) 793 return; 794 795 tx_last_beacon = drv_tx_last_beacon(local); 796 797 ibss_dbg(sdata, 798 "RX ProbeReq SA=%pM DA=%pM BSSID=%pM (tx_last_beacon=%d)\n", 799 mgmt->sa, mgmt->da, mgmt->bssid, tx_last_beacon); 800 801 if (!tx_last_beacon && is_multicast_ether_addr(mgmt->da)) 802 return; 803 804 if (!ether_addr_equal(mgmt->bssid, ifibss->bssid) && 805 !is_broadcast_ether_addr(mgmt->bssid)) 806 return; 807 808 end = ((u8 *) mgmt) + len; 809 pos = mgmt->u.probe_req.variable; 810 if (pos[0] != WLAN_EID_SSID || 811 pos + 2 + pos[1] > end) { 812 ibss_dbg(sdata, "Invalid SSID IE in ProbeReq from %pM\n", 813 mgmt->sa); 814 return; 815 } 816 if (pos[1] != 0 && 817 (pos[1] != ifibss->ssid_len || 818 memcmp(pos + 2, ifibss->ssid, ifibss->ssid_len))) { 819 /* Ignore ProbeReq for foreign SSID */ 820 return; 821 } 822 823 /* Reply with ProbeResp */ 824 skb = skb_copy(presp, GFP_KERNEL); 825 if (!skb) 826 return; 827 828 resp = (struct ieee80211_mgmt *) skb->data; 829 memcpy(resp->da, mgmt->sa, ETH_ALEN); 830 ibss_dbg(sdata, "Sending ProbeResp to %pM\n", resp->da); 831 IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT; 832 ieee80211_tx_skb(sdata, skb); 833 } 834 835 static void ieee80211_rx_mgmt_probe_resp(struct ieee80211_sub_if_data *sdata, 836 struct ieee80211_mgmt *mgmt, 837 size_t len, 838 struct ieee80211_rx_status *rx_status) 839 { 840 size_t baselen; 841 struct ieee802_11_elems elems; 842 843 baselen = (u8 *) mgmt->u.probe_resp.variable - (u8 *) mgmt; 844 if (baselen > len) 845 return; 846 847 ieee802_11_parse_elems(mgmt->u.probe_resp.variable, len - baselen, 848 &elems); 849 850 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems, false); 851 } 852 853 static void ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata, 854 struct ieee80211_mgmt *mgmt, 855 size_t len, 856 struct ieee80211_rx_status *rx_status) 857 { 858 size_t baselen; 859 struct ieee802_11_elems elems; 860 861 /* Process beacon from the current BSS */ 862 baselen = (u8 *) mgmt->u.beacon.variable - (u8 *) mgmt; 863 if (baselen > len) 864 return; 865 866 ieee802_11_parse_elems(mgmt->u.beacon.variable, len - baselen, &elems); 867 868 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems, true); 869 } 870 871 void ieee80211_ibss_rx_queued_mgmt(struct ieee80211_sub_if_data *sdata, 872 struct sk_buff *skb) 873 { 874 struct ieee80211_rx_status *rx_status; 875 struct ieee80211_mgmt *mgmt; 876 u16 fc; 877 878 rx_status = IEEE80211_SKB_RXCB(skb); 879 mgmt = (struct ieee80211_mgmt *) skb->data; 880 fc = le16_to_cpu(mgmt->frame_control); 881 882 mutex_lock(&sdata->u.ibss.mtx); 883 884 if (!sdata->u.ibss.ssid_len) 885 goto mgmt_out; /* not ready to merge yet */ 886 887 switch (fc & IEEE80211_FCTL_STYPE) { 888 case IEEE80211_STYPE_PROBE_REQ: 889 ieee80211_rx_mgmt_probe_req(sdata, skb); 890 break; 891 case IEEE80211_STYPE_PROBE_RESP: 892 ieee80211_rx_mgmt_probe_resp(sdata, mgmt, skb->len, 893 rx_status); 894 break; 895 case IEEE80211_STYPE_BEACON: 896 ieee80211_rx_mgmt_beacon(sdata, mgmt, skb->len, 897 rx_status); 898 break; 899 case IEEE80211_STYPE_AUTH: 900 ieee80211_rx_mgmt_auth_ibss(sdata, mgmt, skb->len); 901 break; 902 } 903 904 mgmt_out: 905 mutex_unlock(&sdata->u.ibss.mtx); 906 } 907 908 void ieee80211_ibss_work(struct ieee80211_sub_if_data *sdata) 909 { 910 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; 911 struct sta_info *sta; 912 913 mutex_lock(&ifibss->mtx); 914 915 /* 916 * Work could be scheduled after scan or similar 917 * when we aren't even joined (or trying) with a 918 * network. 919 */ 920 if (!ifibss->ssid_len) 921 goto out; 922 923 spin_lock_bh(&ifibss->incomplete_lock); 924 while (!list_empty(&ifibss->incomplete_stations)) { 925 sta = list_first_entry(&ifibss->incomplete_stations, 926 struct sta_info, list); 927 list_del(&sta->list); 928 spin_unlock_bh(&ifibss->incomplete_lock); 929 930 ieee80211_ibss_finish_sta(sta, true); 931 rcu_read_unlock(); 932 spin_lock_bh(&ifibss->incomplete_lock); 933 } 934 spin_unlock_bh(&ifibss->incomplete_lock); 935 936 switch (ifibss->state) { 937 case IEEE80211_IBSS_MLME_SEARCH: 938 ieee80211_sta_find_ibss(sdata); 939 break; 940 case IEEE80211_IBSS_MLME_JOINED: 941 ieee80211_sta_merge_ibss(sdata); 942 break; 943 default: 944 WARN_ON(1); 945 break; 946 } 947 948 out: 949 mutex_unlock(&ifibss->mtx); 950 } 951 952 static void ieee80211_ibss_timer(unsigned long data) 953 { 954 struct ieee80211_sub_if_data *sdata = 955 (struct ieee80211_sub_if_data *) data; 956 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; 957 struct ieee80211_local *local = sdata->local; 958 959 if (local->quiescing) { 960 ifibss->timer_running = true; 961 return; 962 } 963 964 ieee80211_queue_work(&local->hw, &sdata->work); 965 } 966 967 #ifdef CONFIG_PM 968 void ieee80211_ibss_quiesce(struct ieee80211_sub_if_data *sdata) 969 { 970 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; 971 972 if (del_timer_sync(&ifibss->timer)) 973 ifibss->timer_running = true; 974 } 975 976 void ieee80211_ibss_restart(struct ieee80211_sub_if_data *sdata) 977 { 978 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; 979 980 if (ifibss->timer_running) { 981 add_timer(&ifibss->timer); 982 ifibss->timer_running = false; 983 } 984 } 985 #endif 986 987 void ieee80211_ibss_setup_sdata(struct ieee80211_sub_if_data *sdata) 988 { 989 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; 990 991 setup_timer(&ifibss->timer, ieee80211_ibss_timer, 992 (unsigned long) sdata); 993 mutex_init(&ifibss->mtx); 994 INIT_LIST_HEAD(&ifibss->incomplete_stations); 995 spin_lock_init(&ifibss->incomplete_lock); 996 } 997 998 /* scan finished notification */ 999 void ieee80211_ibss_notify_scan_completed(struct ieee80211_local *local) 1000 { 1001 struct ieee80211_sub_if_data *sdata; 1002 1003 mutex_lock(&local->iflist_mtx); 1004 list_for_each_entry(sdata, &local->interfaces, list) { 1005 if (!ieee80211_sdata_running(sdata)) 1006 continue; 1007 if (sdata->vif.type != NL80211_IFTYPE_ADHOC) 1008 continue; 1009 sdata->u.ibss.last_scan_completed = jiffies; 1010 ieee80211_queue_work(&local->hw, &sdata->work); 1011 } 1012 mutex_unlock(&local->iflist_mtx); 1013 } 1014 1015 int ieee80211_ibss_join(struct ieee80211_sub_if_data *sdata, 1016 struct cfg80211_ibss_params *params) 1017 { 1018 struct sk_buff *skb; 1019 u32 changed = 0; 1020 1021 skb = dev_alloc_skb(sdata->local->hw.extra_tx_headroom + 1022 sizeof(struct ieee80211_hdr_3addr) + 1023 12 /* struct ieee80211_mgmt.u.beacon */ + 1024 2 + IEEE80211_MAX_SSID_LEN /* max SSID */ + 1025 2 + 8 /* max Supported Rates */ + 1026 3 /* max DS params */ + 1027 4 /* IBSS params */ + 1028 2 + (IEEE80211_MAX_SUPP_RATES - 8) + 1029 2 + sizeof(struct ieee80211_ht_cap) + 1030 2 + sizeof(struct ieee80211_ht_operation) + 1031 params->ie_len); 1032 if (!skb) 1033 return -ENOMEM; 1034 1035 mutex_lock(&sdata->u.ibss.mtx); 1036 1037 if (params->bssid) { 1038 memcpy(sdata->u.ibss.bssid, params->bssid, ETH_ALEN); 1039 sdata->u.ibss.fixed_bssid = true; 1040 } else 1041 sdata->u.ibss.fixed_bssid = false; 1042 1043 sdata->u.ibss.privacy = params->privacy; 1044 sdata->u.ibss.control_port = params->control_port; 1045 sdata->u.ibss.basic_rates = params->basic_rates; 1046 memcpy(sdata->vif.bss_conf.mcast_rate, params->mcast_rate, 1047 sizeof(params->mcast_rate)); 1048 1049 sdata->vif.bss_conf.beacon_int = params->beacon_interval; 1050 1051 sdata->u.ibss.channel = params->channel; 1052 sdata->u.ibss.channel_type = params->channel_type; 1053 sdata->u.ibss.fixed_channel = params->channel_fixed; 1054 1055 /* fix ourselves to that channel now already */ 1056 if (params->channel_fixed) { 1057 sdata->local->oper_channel = params->channel; 1058 if (!ieee80211_set_channel_type(sdata->local, sdata, 1059 params->channel_type)) { 1060 mutex_unlock(&sdata->u.ibss.mtx); 1061 kfree_skb(skb); 1062 return -EINVAL; 1063 } 1064 } 1065 1066 if (params->ie) { 1067 sdata->u.ibss.ie = kmemdup(params->ie, params->ie_len, 1068 GFP_KERNEL); 1069 if (sdata->u.ibss.ie) 1070 sdata->u.ibss.ie_len = params->ie_len; 1071 } 1072 1073 sdata->u.ibss.skb = skb; 1074 sdata->u.ibss.state = IEEE80211_IBSS_MLME_SEARCH; 1075 sdata->u.ibss.ibss_join_req = jiffies; 1076 1077 memcpy(sdata->u.ibss.ssid, params->ssid, IEEE80211_MAX_SSID_LEN); 1078 sdata->u.ibss.ssid_len = params->ssid_len; 1079 1080 mutex_unlock(&sdata->u.ibss.mtx); 1081 1082 mutex_lock(&sdata->local->mtx); 1083 ieee80211_recalc_idle(sdata->local); 1084 mutex_unlock(&sdata->local->mtx); 1085 1086 /* 1087 * 802.11n-2009 9.13.3.1: In an IBSS, the HT Protection field is 1088 * reserved, but an HT STA shall protect HT transmissions as though 1089 * the HT Protection field were set to non-HT mixed mode. 1090 * 1091 * In an IBSS, the RIFS Mode field of the HT Operation element is 1092 * also reserved, but an HT STA shall operate as though this field 1093 * were set to 1. 1094 */ 1095 1096 sdata->vif.bss_conf.ht_operation_mode |= 1097 IEEE80211_HT_OP_MODE_PROTECTION_NONHT_MIXED 1098 | IEEE80211_HT_PARAM_RIFS_MODE; 1099 1100 changed |= BSS_CHANGED_HT; 1101 ieee80211_bss_info_change_notify(sdata, changed); 1102 1103 ieee80211_queue_work(&sdata->local->hw, &sdata->work); 1104 1105 return 0; 1106 } 1107 1108 int ieee80211_ibss_leave(struct ieee80211_sub_if_data *sdata) 1109 { 1110 struct sk_buff *skb; 1111 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; 1112 struct ieee80211_local *local = sdata->local; 1113 struct cfg80211_bss *cbss; 1114 u16 capability; 1115 int active_ibss; 1116 struct sta_info *sta; 1117 1118 mutex_lock(&sdata->u.ibss.mtx); 1119 1120 sdata->u.ibss.state = IEEE80211_IBSS_MLME_SEARCH; 1121 memset(sdata->u.ibss.bssid, 0, ETH_ALEN); 1122 sdata->u.ibss.ssid_len = 0; 1123 1124 active_ibss = ieee80211_sta_active_ibss(sdata); 1125 1126 if (!active_ibss && !is_zero_ether_addr(ifibss->bssid)) { 1127 capability = WLAN_CAPABILITY_IBSS; 1128 1129 if (ifibss->privacy) 1130 capability |= WLAN_CAPABILITY_PRIVACY; 1131 1132 cbss = cfg80211_get_bss(local->hw.wiphy, ifibss->channel, 1133 ifibss->bssid, ifibss->ssid, 1134 ifibss->ssid_len, WLAN_CAPABILITY_IBSS | 1135 WLAN_CAPABILITY_PRIVACY, 1136 capability); 1137 1138 if (cbss) { 1139 cfg80211_unlink_bss(local->hw.wiphy, cbss); 1140 cfg80211_put_bss(cbss); 1141 } 1142 } 1143 1144 sta_info_flush(sdata->local, sdata); 1145 1146 spin_lock_bh(&ifibss->incomplete_lock); 1147 while (!list_empty(&ifibss->incomplete_stations)) { 1148 sta = list_first_entry(&ifibss->incomplete_stations, 1149 struct sta_info, list); 1150 list_del(&sta->list); 1151 spin_unlock_bh(&ifibss->incomplete_lock); 1152 1153 sta_info_free(local, sta); 1154 spin_lock_bh(&ifibss->incomplete_lock); 1155 } 1156 spin_unlock_bh(&ifibss->incomplete_lock); 1157 1158 netif_carrier_off(sdata->dev); 1159 1160 /* remove beacon */ 1161 kfree(sdata->u.ibss.ie); 1162 skb = rcu_dereference_protected(sdata->u.ibss.presp, 1163 lockdep_is_held(&sdata->u.ibss.mtx)); 1164 RCU_INIT_POINTER(sdata->u.ibss.presp, NULL); 1165 sdata->vif.bss_conf.ibss_joined = false; 1166 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BEACON_ENABLED | 1167 BSS_CHANGED_IBSS); 1168 synchronize_rcu(); 1169 kfree_skb(skb); 1170 1171 skb_queue_purge(&sdata->skb_queue); 1172 1173 del_timer_sync(&sdata->u.ibss.timer); 1174 1175 mutex_unlock(&sdata->u.ibss.mtx); 1176 1177 mutex_lock(&local->mtx); 1178 ieee80211_recalc_idle(sdata->local); 1179 mutex_unlock(&local->mtx); 1180 1181 return 0; 1182 } 1183