1 /* 2 * BSS client mode implementation 3 * Copyright 2003-2008, Jouni Malinen <j@w1.fi> 4 * Copyright 2004, Instant802 Networks, Inc. 5 * Copyright 2005, Devicescape Software, Inc. 6 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz> 7 * Copyright 2007, Michael Wu <flamingice@sourmilk.net> 8 * 9 * This program is free software; you can redistribute it and/or modify 10 * it under the terms of the GNU General Public License version 2 as 11 * published by the Free Software Foundation. 12 */ 13 14 #include <linux/delay.h> 15 #include <linux/if_ether.h> 16 #include <linux/skbuff.h> 17 #include <linux/if_arp.h> 18 #include <linux/etherdevice.h> 19 #include <linux/moduleparam.h> 20 #include <linux/rtnetlink.h> 21 #include <linux/pm_qos.h> 22 #include <linux/crc32.h> 23 #include <linux/slab.h> 24 #include <linux/export.h> 25 #include <net/mac80211.h> 26 #include <asm/unaligned.h> 27 28 #include "ieee80211_i.h" 29 #include "driver-ops.h" 30 #include "rate.h" 31 #include "led.h" 32 33 #define IEEE80211_AUTH_TIMEOUT (HZ / 5) 34 #define IEEE80211_AUTH_MAX_TRIES 3 35 #define IEEE80211_AUTH_WAIT_ASSOC (HZ * 5) 36 #define IEEE80211_ASSOC_TIMEOUT (HZ / 5) 37 #define IEEE80211_ASSOC_MAX_TRIES 3 38 39 static int max_nullfunc_tries = 2; 40 module_param(max_nullfunc_tries, int, 0644); 41 MODULE_PARM_DESC(max_nullfunc_tries, 42 "Maximum nullfunc tx tries before disconnecting (reason 4)."); 43 44 static int max_probe_tries = 5; 45 module_param(max_probe_tries, int, 0644); 46 MODULE_PARM_DESC(max_probe_tries, 47 "Maximum probe tries before disconnecting (reason 4)."); 48 49 /* 50 * Beacon loss timeout is calculated as N frames times the 51 * advertised beacon interval. This may need to be somewhat 52 * higher than what hardware might detect to account for 53 * delays in the host processing frames. But since we also 54 * probe on beacon miss before declaring the connection lost 55 * default to what we want. 56 */ 57 #define IEEE80211_BEACON_LOSS_COUNT 7 58 59 /* 60 * Time the connection can be idle before we probe 61 * it to see if we can still talk to the AP. 62 */ 63 #define IEEE80211_CONNECTION_IDLE_TIME (30 * HZ) 64 /* 65 * Time we wait for a probe response after sending 66 * a probe request because of beacon loss or for 67 * checking the connection still works. 68 */ 69 static int probe_wait_ms = 500; 70 module_param(probe_wait_ms, int, 0644); 71 MODULE_PARM_DESC(probe_wait_ms, 72 "Maximum time(ms) to wait for probe response" 73 " before disconnecting (reason 4)."); 74 75 /* 76 * Weight given to the latest Beacon frame when calculating average signal 77 * strength for Beacon frames received in the current BSS. This must be 78 * between 1 and 15. 79 */ 80 #define IEEE80211_SIGNAL_AVE_WEIGHT 3 81 82 /* 83 * How many Beacon frames need to have been used in average signal strength 84 * before starting to indicate signal change events. 85 */ 86 #define IEEE80211_SIGNAL_AVE_MIN_COUNT 4 87 88 #define TMR_RUNNING_TIMER 0 89 #define TMR_RUNNING_CHANSW 1 90 91 #define DEAUTH_DISASSOC_LEN (24 /* hdr */ + 2 /* reason */) 92 93 /* 94 * All cfg80211 functions have to be called outside a locked 95 * section so that they can acquire a lock themselves... This 96 * is much simpler than queuing up things in cfg80211, but we 97 * do need some indirection for that here. 98 */ 99 enum rx_mgmt_action { 100 /* no action required */ 101 RX_MGMT_NONE, 102 103 /* caller must call cfg80211_send_deauth() */ 104 RX_MGMT_CFG80211_DEAUTH, 105 106 /* caller must call cfg80211_send_disassoc() */ 107 RX_MGMT_CFG80211_DISASSOC, 108 109 /* caller must call cfg80211_send_rx_auth() */ 110 RX_MGMT_CFG80211_RX_AUTH, 111 112 /* caller must call cfg80211_send_rx_assoc() */ 113 RX_MGMT_CFG80211_RX_ASSOC, 114 115 /* caller must call cfg80211_send_assoc_timeout() */ 116 RX_MGMT_CFG80211_ASSOC_TIMEOUT, 117 }; 118 119 /* utils */ 120 static inline void ASSERT_MGD_MTX(struct ieee80211_if_managed *ifmgd) 121 { 122 lockdep_assert_held(&ifmgd->mtx); 123 } 124 125 /* 126 * We can have multiple work items (and connection probing) 127 * scheduling this timer, but we need to take care to only 128 * reschedule it when it should fire _earlier_ than it was 129 * asked for before, or if it's not pending right now. This 130 * function ensures that. Note that it then is required to 131 * run this function for all timeouts after the first one 132 * has happened -- the work that runs from this timer will 133 * do that. 134 */ 135 static void run_again(struct ieee80211_if_managed *ifmgd, unsigned long timeout) 136 { 137 ASSERT_MGD_MTX(ifmgd); 138 139 if (!timer_pending(&ifmgd->timer) || 140 time_before(timeout, ifmgd->timer.expires)) 141 mod_timer(&ifmgd->timer, timeout); 142 } 143 144 void ieee80211_sta_reset_beacon_monitor(struct ieee80211_sub_if_data *sdata) 145 { 146 if (sdata->vif.driver_flags & IEEE80211_VIF_BEACON_FILTER) 147 return; 148 149 mod_timer(&sdata->u.mgd.bcn_mon_timer, 150 round_jiffies_up(jiffies + sdata->u.mgd.beacon_timeout)); 151 } 152 153 void ieee80211_sta_reset_conn_monitor(struct ieee80211_sub_if_data *sdata) 154 { 155 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 156 157 if (unlikely(!sdata->u.mgd.associated)) 158 return; 159 160 if (sdata->local->hw.flags & IEEE80211_HW_CONNECTION_MONITOR) 161 return; 162 163 mod_timer(&sdata->u.mgd.conn_mon_timer, 164 round_jiffies_up(jiffies + IEEE80211_CONNECTION_IDLE_TIME)); 165 166 ifmgd->probe_send_count = 0; 167 } 168 169 static int ecw2cw(int ecw) 170 { 171 return (1 << ecw) - 1; 172 } 173 174 /* 175 * ieee80211_enable_ht should be called only after the operating band 176 * has been determined as ht configuration depends on the hw's 177 * HT abilities for a specific band. 178 */ 179 static u32 ieee80211_enable_ht(struct ieee80211_sub_if_data *sdata, 180 struct ieee80211_ht_info *hti, 181 const u8 *bssid, u16 ap_ht_cap_flags, 182 bool beacon_htcap_ie) 183 { 184 struct ieee80211_local *local = sdata->local; 185 struct ieee80211_supported_band *sband; 186 struct sta_info *sta; 187 u32 changed = 0; 188 int hti_cfreq; 189 u16 ht_opmode; 190 bool enable_ht = true; 191 enum nl80211_channel_type prev_chantype; 192 enum nl80211_channel_type rx_channel_type = NL80211_CHAN_NO_HT; 193 enum nl80211_channel_type tx_channel_type; 194 195 sband = local->hw.wiphy->bands[local->hw.conf.channel->band]; 196 prev_chantype = sdata->vif.bss_conf.channel_type; 197 198 199 hti_cfreq = ieee80211_channel_to_frequency(hti->control_chan, 200 sband->band); 201 /* check that channel matches the right operating channel */ 202 if (local->hw.conf.channel->center_freq != hti_cfreq) { 203 /* Some APs mess this up, evidently. 204 * Netgear WNDR3700 sometimes reports 4 higher than 205 * the actual channel, for instance. 206 */ 207 printk(KERN_DEBUG 208 "%s: Wrong control channel in association" 209 " response: configured center-freq: %d" 210 " hti-cfreq: %d hti->control_chan: %d" 211 " band: %d. Disabling HT.\n", 212 sdata->name, 213 local->hw.conf.channel->center_freq, 214 hti_cfreq, hti->control_chan, 215 sband->band); 216 enable_ht = false; 217 } 218 219 if (enable_ht) { 220 rx_channel_type = NL80211_CHAN_HT20; 221 222 if (!(ap_ht_cap_flags & IEEE80211_HT_CAP_40MHZ_INTOLERANT) && 223 !ieee80111_cfg_override_disables_ht40(sdata) && 224 (sband->ht_cap.cap & IEEE80211_HT_CAP_SUP_WIDTH_20_40) && 225 (hti->ht_param & IEEE80211_HT_PARAM_CHAN_WIDTH_ANY)) { 226 switch(hti->ht_param & IEEE80211_HT_PARAM_CHA_SEC_OFFSET) { 227 case IEEE80211_HT_PARAM_CHA_SEC_ABOVE: 228 rx_channel_type = NL80211_CHAN_HT40PLUS; 229 break; 230 case IEEE80211_HT_PARAM_CHA_SEC_BELOW: 231 rx_channel_type = NL80211_CHAN_HT40MINUS; 232 break; 233 } 234 } 235 } 236 237 tx_channel_type = ieee80211_get_tx_channel_type(local, rx_channel_type); 238 239 if (local->tmp_channel) 240 local->tmp_channel_type = rx_channel_type; 241 242 if (!ieee80211_set_channel_type(local, sdata, rx_channel_type)) { 243 /* can only fail due to HT40+/- mismatch */ 244 rx_channel_type = NL80211_CHAN_HT20; 245 WARN_ON(!ieee80211_set_channel_type(local, sdata, 246 rx_channel_type)); 247 } 248 249 if (beacon_htcap_ie && (prev_chantype != rx_channel_type)) { 250 /* 251 * Whenever the AP announces the HT mode change that can be 252 * 40MHz intolerant or etc., it would be safer to stop tx 253 * queues before doing hw config to avoid buffer overflow. 254 */ 255 ieee80211_stop_queues_by_reason(&sdata->local->hw, 256 IEEE80211_QUEUE_STOP_REASON_CHTYPE_CHANGE); 257 258 /* flush out all packets */ 259 synchronize_net(); 260 261 drv_flush(local, false); 262 } 263 264 /* channel_type change automatically detected */ 265 ieee80211_hw_config(local, 0); 266 267 if (prev_chantype != tx_channel_type) { 268 rcu_read_lock(); 269 sta = sta_info_get(sdata, bssid); 270 if (sta) 271 rate_control_rate_update(local, sband, sta, 272 IEEE80211_RC_HT_CHANGED, 273 tx_channel_type); 274 rcu_read_unlock(); 275 276 if (beacon_htcap_ie) 277 ieee80211_wake_queues_by_reason(&sdata->local->hw, 278 IEEE80211_QUEUE_STOP_REASON_CHTYPE_CHANGE); 279 } 280 281 ht_opmode = le16_to_cpu(hti->operation_mode); 282 283 /* if bss configuration changed store the new one */ 284 if (sdata->ht_opmode_valid != enable_ht || 285 sdata->vif.bss_conf.ht_operation_mode != ht_opmode || 286 prev_chantype != rx_channel_type) { 287 changed |= BSS_CHANGED_HT; 288 sdata->vif.bss_conf.ht_operation_mode = ht_opmode; 289 sdata->ht_opmode_valid = enable_ht; 290 } 291 292 return changed; 293 } 294 295 /* frame sending functions */ 296 297 static int ieee80211_compatible_rates(const u8 *supp_rates, int supp_rates_len, 298 struct ieee80211_supported_band *sband, 299 u32 *rates) 300 { 301 int i, j, count; 302 *rates = 0; 303 count = 0; 304 for (i = 0; i < supp_rates_len; i++) { 305 int rate = (supp_rates[i] & 0x7F) * 5; 306 307 for (j = 0; j < sband->n_bitrates; j++) 308 if (sband->bitrates[j].bitrate == rate) { 309 *rates |= BIT(j); 310 count++; 311 break; 312 } 313 } 314 315 return count; 316 } 317 318 static void ieee80211_add_ht_ie(struct ieee80211_sub_if_data *sdata, 319 struct sk_buff *skb, const u8 *ht_info_ie, 320 struct ieee80211_supported_band *sband, 321 struct ieee80211_channel *channel, 322 enum ieee80211_smps_mode smps) 323 { 324 struct ieee80211_ht_info *ht_info; 325 u8 *pos; 326 u32 flags = channel->flags; 327 u16 cap; 328 struct ieee80211_sta_ht_cap ht_cap; 329 330 BUILD_BUG_ON(sizeof(ht_cap) != sizeof(sband->ht_cap)); 331 332 if (!ht_info_ie) 333 return; 334 335 if (ht_info_ie[1] < sizeof(struct ieee80211_ht_info)) 336 return; 337 338 memcpy(&ht_cap, &sband->ht_cap, sizeof(ht_cap)); 339 ieee80211_apply_htcap_overrides(sdata, &ht_cap); 340 341 ht_info = (struct ieee80211_ht_info *)(ht_info_ie + 2); 342 343 /* determine capability flags */ 344 cap = ht_cap.cap; 345 346 switch (ht_info->ht_param & IEEE80211_HT_PARAM_CHA_SEC_OFFSET) { 347 case IEEE80211_HT_PARAM_CHA_SEC_ABOVE: 348 if (flags & IEEE80211_CHAN_NO_HT40PLUS) { 349 cap &= ~IEEE80211_HT_CAP_SUP_WIDTH_20_40; 350 cap &= ~IEEE80211_HT_CAP_SGI_40; 351 } 352 break; 353 case IEEE80211_HT_PARAM_CHA_SEC_BELOW: 354 if (flags & IEEE80211_CHAN_NO_HT40MINUS) { 355 cap &= ~IEEE80211_HT_CAP_SUP_WIDTH_20_40; 356 cap &= ~IEEE80211_HT_CAP_SGI_40; 357 } 358 break; 359 } 360 361 /* set SM PS mode properly */ 362 cap &= ~IEEE80211_HT_CAP_SM_PS; 363 switch (smps) { 364 case IEEE80211_SMPS_AUTOMATIC: 365 case IEEE80211_SMPS_NUM_MODES: 366 WARN_ON(1); 367 case IEEE80211_SMPS_OFF: 368 cap |= WLAN_HT_CAP_SM_PS_DISABLED << 369 IEEE80211_HT_CAP_SM_PS_SHIFT; 370 break; 371 case IEEE80211_SMPS_STATIC: 372 cap |= WLAN_HT_CAP_SM_PS_STATIC << 373 IEEE80211_HT_CAP_SM_PS_SHIFT; 374 break; 375 case IEEE80211_SMPS_DYNAMIC: 376 cap |= WLAN_HT_CAP_SM_PS_DYNAMIC << 377 IEEE80211_HT_CAP_SM_PS_SHIFT; 378 break; 379 } 380 381 /* reserve and fill IE */ 382 pos = skb_put(skb, sizeof(struct ieee80211_ht_cap) + 2); 383 ieee80211_ie_build_ht_cap(pos, &ht_cap, cap); 384 } 385 386 static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata) 387 { 388 struct ieee80211_local *local = sdata->local; 389 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 390 struct ieee80211_mgd_assoc_data *assoc_data = ifmgd->assoc_data; 391 struct sk_buff *skb; 392 struct ieee80211_mgmt *mgmt; 393 u8 *pos, qos_info; 394 size_t offset = 0, noffset; 395 int i, count, rates_len, supp_rates_len; 396 u16 capab; 397 struct ieee80211_supported_band *sband; 398 u32 rates = 0; 399 400 lockdep_assert_held(&ifmgd->mtx); 401 402 sband = local->hw.wiphy->bands[local->oper_channel->band]; 403 404 if (assoc_data->supp_rates_len) { 405 /* 406 * Get all rates supported by the device and the AP as 407 * some APs don't like getting a superset of their rates 408 * in the association request (e.g. D-Link DAP 1353 in 409 * b-only mode)... 410 */ 411 rates_len = ieee80211_compatible_rates(assoc_data->supp_rates, 412 assoc_data->supp_rates_len, 413 sband, &rates); 414 } else { 415 /* 416 * In case AP not provide any supported rates information 417 * before association, we send information element(s) with 418 * all rates that we support. 419 */ 420 rates = ~0; 421 rates_len = sband->n_bitrates; 422 } 423 424 skb = alloc_skb(local->hw.extra_tx_headroom + 425 sizeof(*mgmt) + /* bit too much but doesn't matter */ 426 2 + assoc_data->ssid_len + /* SSID */ 427 4 + rates_len + /* (extended) rates */ 428 4 + /* power capability */ 429 2 + 2 * sband->n_channels + /* supported channels */ 430 2 + sizeof(struct ieee80211_ht_cap) + /* HT */ 431 assoc_data->ie_len + /* extra IEs */ 432 9, /* WMM */ 433 GFP_KERNEL); 434 if (!skb) 435 return; 436 437 skb_reserve(skb, local->hw.extra_tx_headroom); 438 439 capab = WLAN_CAPABILITY_ESS; 440 441 if (sband->band == IEEE80211_BAND_2GHZ) { 442 if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_SLOT_INCAPABLE)) 443 capab |= WLAN_CAPABILITY_SHORT_SLOT_TIME; 444 if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_PREAMBLE_INCAPABLE)) 445 capab |= WLAN_CAPABILITY_SHORT_PREAMBLE; 446 } 447 448 if (assoc_data->capability & WLAN_CAPABILITY_PRIVACY) 449 capab |= WLAN_CAPABILITY_PRIVACY; 450 451 if ((assoc_data->capability & WLAN_CAPABILITY_SPECTRUM_MGMT) && 452 (local->hw.flags & IEEE80211_HW_SPECTRUM_MGMT)) 453 capab |= WLAN_CAPABILITY_SPECTRUM_MGMT; 454 455 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24); 456 memset(mgmt, 0, 24); 457 memcpy(mgmt->da, assoc_data->bss->bssid, ETH_ALEN); 458 memcpy(mgmt->sa, sdata->vif.addr, ETH_ALEN); 459 memcpy(mgmt->bssid, assoc_data->bss->bssid, ETH_ALEN); 460 461 if (!is_zero_ether_addr(assoc_data->prev_bssid)) { 462 skb_put(skb, 10); 463 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | 464 IEEE80211_STYPE_REASSOC_REQ); 465 mgmt->u.reassoc_req.capab_info = cpu_to_le16(capab); 466 mgmt->u.reassoc_req.listen_interval = 467 cpu_to_le16(local->hw.conf.listen_interval); 468 memcpy(mgmt->u.reassoc_req.current_ap, assoc_data->prev_bssid, 469 ETH_ALEN); 470 } else { 471 skb_put(skb, 4); 472 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | 473 IEEE80211_STYPE_ASSOC_REQ); 474 mgmt->u.assoc_req.capab_info = cpu_to_le16(capab); 475 mgmt->u.assoc_req.listen_interval = 476 cpu_to_le16(local->hw.conf.listen_interval); 477 } 478 479 /* SSID */ 480 pos = skb_put(skb, 2 + assoc_data->ssid_len); 481 *pos++ = WLAN_EID_SSID; 482 *pos++ = assoc_data->ssid_len; 483 memcpy(pos, assoc_data->ssid, assoc_data->ssid_len); 484 485 /* add all rates which were marked to be used above */ 486 supp_rates_len = rates_len; 487 if (supp_rates_len > 8) 488 supp_rates_len = 8; 489 490 pos = skb_put(skb, supp_rates_len + 2); 491 *pos++ = WLAN_EID_SUPP_RATES; 492 *pos++ = supp_rates_len; 493 494 count = 0; 495 for (i = 0; i < sband->n_bitrates; i++) { 496 if (BIT(i) & rates) { 497 int rate = sband->bitrates[i].bitrate; 498 *pos++ = (u8) (rate / 5); 499 if (++count == 8) 500 break; 501 } 502 } 503 504 if (rates_len > count) { 505 pos = skb_put(skb, rates_len - count + 2); 506 *pos++ = WLAN_EID_EXT_SUPP_RATES; 507 *pos++ = rates_len - count; 508 509 for (i++; i < sband->n_bitrates; i++) { 510 if (BIT(i) & rates) { 511 int rate = sband->bitrates[i].bitrate; 512 *pos++ = (u8) (rate / 5); 513 } 514 } 515 } 516 517 if (capab & WLAN_CAPABILITY_SPECTRUM_MGMT) { 518 /* 1. power capabilities */ 519 pos = skb_put(skb, 4); 520 *pos++ = WLAN_EID_PWR_CAPABILITY; 521 *pos++ = 2; 522 *pos++ = 0; /* min tx power */ 523 *pos++ = local->oper_channel->max_power; /* max tx power */ 524 525 /* 2. supported channels */ 526 /* TODO: get this in reg domain format */ 527 pos = skb_put(skb, 2 * sband->n_channels + 2); 528 *pos++ = WLAN_EID_SUPPORTED_CHANNELS; 529 *pos++ = 2 * sband->n_channels; 530 for (i = 0; i < sband->n_channels; i++) { 531 *pos++ = ieee80211_frequency_to_channel( 532 sband->channels[i].center_freq); 533 *pos++ = 1; /* one channel in the subband*/ 534 } 535 } 536 537 /* if present, add any custom IEs that go before HT */ 538 if (assoc_data->ie_len && assoc_data->ie) { 539 static const u8 before_ht[] = { 540 WLAN_EID_SSID, 541 WLAN_EID_SUPP_RATES, 542 WLAN_EID_EXT_SUPP_RATES, 543 WLAN_EID_PWR_CAPABILITY, 544 WLAN_EID_SUPPORTED_CHANNELS, 545 WLAN_EID_RSN, 546 WLAN_EID_QOS_CAPA, 547 WLAN_EID_RRM_ENABLED_CAPABILITIES, 548 WLAN_EID_MOBILITY_DOMAIN, 549 WLAN_EID_SUPPORTED_REGULATORY_CLASSES, 550 }; 551 noffset = ieee80211_ie_split(assoc_data->ie, assoc_data->ie_len, 552 before_ht, ARRAY_SIZE(before_ht), 553 offset); 554 pos = skb_put(skb, noffset - offset); 555 memcpy(pos, assoc_data->ie + offset, noffset - offset); 556 offset = noffset; 557 } 558 559 if (!(ifmgd->flags & IEEE80211_STA_DISABLE_11N)) 560 ieee80211_add_ht_ie(sdata, skb, assoc_data->ht_information_ie, 561 sband, local->oper_channel, ifmgd->ap_smps); 562 563 /* if present, add any custom non-vendor IEs that go after HT */ 564 if (assoc_data->ie_len && assoc_data->ie) { 565 noffset = ieee80211_ie_split_vendor(assoc_data->ie, 566 assoc_data->ie_len, 567 offset); 568 pos = skb_put(skb, noffset - offset); 569 memcpy(pos, assoc_data->ie + offset, noffset - offset); 570 offset = noffset; 571 } 572 573 if (assoc_data->wmm) { 574 if (assoc_data->uapsd) { 575 qos_info = ifmgd->uapsd_queues; 576 qos_info |= (ifmgd->uapsd_max_sp_len << 577 IEEE80211_WMM_IE_STA_QOSINFO_SP_SHIFT); 578 } else { 579 qos_info = 0; 580 } 581 582 pos = skb_put(skb, 9); 583 *pos++ = WLAN_EID_VENDOR_SPECIFIC; 584 *pos++ = 7; /* len */ 585 *pos++ = 0x00; /* Microsoft OUI 00:50:F2 */ 586 *pos++ = 0x50; 587 *pos++ = 0xf2; 588 *pos++ = 2; /* WME */ 589 *pos++ = 0; /* WME info */ 590 *pos++ = 1; /* WME ver */ 591 *pos++ = qos_info; 592 } 593 594 /* add any remaining custom (i.e. vendor specific here) IEs */ 595 if (assoc_data->ie_len && assoc_data->ie) { 596 noffset = assoc_data->ie_len; 597 pos = skb_put(skb, noffset - offset); 598 memcpy(pos, assoc_data->ie + offset, noffset - offset); 599 } 600 601 IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT; 602 ieee80211_tx_skb(sdata, skb); 603 } 604 605 static void ieee80211_send_deauth_disassoc(struct ieee80211_sub_if_data *sdata, 606 const u8 *bssid, u16 stype, 607 u16 reason, bool send_frame, 608 u8 *frame_buf) 609 { 610 struct ieee80211_local *local = sdata->local; 611 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 612 struct sk_buff *skb; 613 struct ieee80211_mgmt *mgmt = (void *)frame_buf; 614 615 /* build frame */ 616 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | stype); 617 mgmt->duration = 0; /* initialize only */ 618 mgmt->seq_ctrl = 0; /* initialize only */ 619 memcpy(mgmt->da, bssid, ETH_ALEN); 620 memcpy(mgmt->sa, sdata->vif.addr, ETH_ALEN); 621 memcpy(mgmt->bssid, bssid, ETH_ALEN); 622 /* u.deauth.reason_code == u.disassoc.reason_code */ 623 mgmt->u.deauth.reason_code = cpu_to_le16(reason); 624 625 if (send_frame) { 626 skb = dev_alloc_skb(local->hw.extra_tx_headroom + 627 DEAUTH_DISASSOC_LEN); 628 if (!skb) 629 return; 630 631 skb_reserve(skb, local->hw.extra_tx_headroom); 632 633 /* copy in frame */ 634 memcpy(skb_put(skb, DEAUTH_DISASSOC_LEN), 635 mgmt, DEAUTH_DISASSOC_LEN); 636 637 if (!(ifmgd->flags & IEEE80211_STA_MFP_ENABLED)) 638 IEEE80211_SKB_CB(skb)->flags |= 639 IEEE80211_TX_INTFL_DONT_ENCRYPT; 640 ieee80211_tx_skb(sdata, skb); 641 } 642 } 643 644 void ieee80211_send_pspoll(struct ieee80211_local *local, 645 struct ieee80211_sub_if_data *sdata) 646 { 647 struct ieee80211_pspoll *pspoll; 648 struct sk_buff *skb; 649 650 skb = ieee80211_pspoll_get(&local->hw, &sdata->vif); 651 if (!skb) 652 return; 653 654 pspoll = (struct ieee80211_pspoll *) skb->data; 655 pspoll->frame_control |= cpu_to_le16(IEEE80211_FCTL_PM); 656 657 IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT; 658 ieee80211_tx_skb(sdata, skb); 659 } 660 661 void ieee80211_send_nullfunc(struct ieee80211_local *local, 662 struct ieee80211_sub_if_data *sdata, 663 int powersave) 664 { 665 struct sk_buff *skb; 666 struct ieee80211_hdr_3addr *nullfunc; 667 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 668 669 skb = ieee80211_nullfunc_get(&local->hw, &sdata->vif); 670 if (!skb) 671 return; 672 673 nullfunc = (struct ieee80211_hdr_3addr *) skb->data; 674 if (powersave) 675 nullfunc->frame_control |= cpu_to_le16(IEEE80211_FCTL_PM); 676 677 IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT; 678 if (ifmgd->flags & (IEEE80211_STA_BEACON_POLL | 679 IEEE80211_STA_CONNECTION_POLL)) 680 IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_CTL_USE_MINRATE; 681 682 ieee80211_tx_skb(sdata, skb); 683 } 684 685 static void ieee80211_send_4addr_nullfunc(struct ieee80211_local *local, 686 struct ieee80211_sub_if_data *sdata) 687 { 688 struct sk_buff *skb; 689 struct ieee80211_hdr *nullfunc; 690 __le16 fc; 691 692 if (WARN_ON(sdata->vif.type != NL80211_IFTYPE_STATION)) 693 return; 694 695 skb = dev_alloc_skb(local->hw.extra_tx_headroom + 30); 696 if (!skb) 697 return; 698 699 skb_reserve(skb, local->hw.extra_tx_headroom); 700 701 nullfunc = (struct ieee80211_hdr *) skb_put(skb, 30); 702 memset(nullfunc, 0, 30); 703 fc = cpu_to_le16(IEEE80211_FTYPE_DATA | IEEE80211_STYPE_NULLFUNC | 704 IEEE80211_FCTL_FROMDS | IEEE80211_FCTL_TODS); 705 nullfunc->frame_control = fc; 706 memcpy(nullfunc->addr1, sdata->u.mgd.bssid, ETH_ALEN); 707 memcpy(nullfunc->addr2, sdata->vif.addr, ETH_ALEN); 708 memcpy(nullfunc->addr3, sdata->u.mgd.bssid, ETH_ALEN); 709 memcpy(nullfunc->addr4, sdata->vif.addr, ETH_ALEN); 710 711 IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT; 712 ieee80211_tx_skb(sdata, skb); 713 } 714 715 /* spectrum management related things */ 716 static void ieee80211_chswitch_work(struct work_struct *work) 717 { 718 struct ieee80211_sub_if_data *sdata = 719 container_of(work, struct ieee80211_sub_if_data, u.mgd.chswitch_work); 720 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 721 722 if (!ieee80211_sdata_running(sdata)) 723 return; 724 725 mutex_lock(&ifmgd->mtx); 726 if (!ifmgd->associated) 727 goto out; 728 729 sdata->local->oper_channel = sdata->local->csa_channel; 730 if (!sdata->local->ops->channel_switch) { 731 /* call "hw_config" only if doing sw channel switch */ 732 ieee80211_hw_config(sdata->local, 733 IEEE80211_CONF_CHANGE_CHANNEL); 734 } else { 735 /* update the device channel directly */ 736 sdata->local->hw.conf.channel = sdata->local->oper_channel; 737 } 738 739 /* XXX: shouldn't really modify cfg80211-owned data! */ 740 ifmgd->associated->channel = sdata->local->oper_channel; 741 742 ieee80211_wake_queues_by_reason(&sdata->local->hw, 743 IEEE80211_QUEUE_STOP_REASON_CSA); 744 out: 745 ifmgd->flags &= ~IEEE80211_STA_CSA_RECEIVED; 746 mutex_unlock(&ifmgd->mtx); 747 } 748 749 void ieee80211_chswitch_done(struct ieee80211_vif *vif, bool success) 750 { 751 struct ieee80211_sub_if_data *sdata; 752 struct ieee80211_if_managed *ifmgd; 753 754 sdata = vif_to_sdata(vif); 755 ifmgd = &sdata->u.mgd; 756 757 trace_api_chswitch_done(sdata, success); 758 if (!success) { 759 /* 760 * If the channel switch was not successful, stay 761 * around on the old channel. We currently lack 762 * good handling of this situation, possibly we 763 * should just drop the association. 764 */ 765 sdata->local->csa_channel = sdata->local->oper_channel; 766 } 767 768 ieee80211_queue_work(&sdata->local->hw, &ifmgd->chswitch_work); 769 } 770 EXPORT_SYMBOL(ieee80211_chswitch_done); 771 772 static void ieee80211_chswitch_timer(unsigned long data) 773 { 774 struct ieee80211_sub_if_data *sdata = 775 (struct ieee80211_sub_if_data *) data; 776 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 777 778 if (sdata->local->quiescing) { 779 set_bit(TMR_RUNNING_CHANSW, &ifmgd->timers_running); 780 return; 781 } 782 783 ieee80211_queue_work(&sdata->local->hw, &ifmgd->chswitch_work); 784 } 785 786 void ieee80211_sta_process_chanswitch(struct ieee80211_sub_if_data *sdata, 787 struct ieee80211_channel_sw_ie *sw_elem, 788 struct ieee80211_bss *bss, 789 u64 timestamp) 790 { 791 struct cfg80211_bss *cbss = 792 container_of((void *)bss, struct cfg80211_bss, priv); 793 struct ieee80211_channel *new_ch; 794 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 795 int new_freq = ieee80211_channel_to_frequency(sw_elem->new_ch_num, 796 cbss->channel->band); 797 798 ASSERT_MGD_MTX(ifmgd); 799 800 if (!ifmgd->associated) 801 return; 802 803 if (sdata->local->scanning) 804 return; 805 806 /* Disregard subsequent beacons if we are already running a timer 807 processing a CSA */ 808 809 if (ifmgd->flags & IEEE80211_STA_CSA_RECEIVED) 810 return; 811 812 new_ch = ieee80211_get_channel(sdata->local->hw.wiphy, new_freq); 813 if (!new_ch || new_ch->flags & IEEE80211_CHAN_DISABLED) 814 return; 815 816 sdata->local->csa_channel = new_ch; 817 818 if (sdata->local->ops->channel_switch) { 819 /* use driver's channel switch callback */ 820 struct ieee80211_channel_switch ch_switch; 821 memset(&ch_switch, 0, sizeof(ch_switch)); 822 ch_switch.timestamp = timestamp; 823 if (sw_elem->mode) { 824 ch_switch.block_tx = true; 825 ieee80211_stop_queues_by_reason(&sdata->local->hw, 826 IEEE80211_QUEUE_STOP_REASON_CSA); 827 } 828 ch_switch.channel = new_ch; 829 ch_switch.count = sw_elem->count; 830 ifmgd->flags |= IEEE80211_STA_CSA_RECEIVED; 831 drv_channel_switch(sdata->local, &ch_switch); 832 return; 833 } 834 835 /* channel switch handled in software */ 836 if (sw_elem->count <= 1) { 837 ieee80211_queue_work(&sdata->local->hw, &ifmgd->chswitch_work); 838 } else { 839 if (sw_elem->mode) 840 ieee80211_stop_queues_by_reason(&sdata->local->hw, 841 IEEE80211_QUEUE_STOP_REASON_CSA); 842 ifmgd->flags |= IEEE80211_STA_CSA_RECEIVED; 843 mod_timer(&ifmgd->chswitch_timer, 844 jiffies + 845 msecs_to_jiffies(sw_elem->count * 846 cbss->beacon_interval)); 847 } 848 } 849 850 static void ieee80211_handle_pwr_constr(struct ieee80211_sub_if_data *sdata, 851 u16 capab_info, u8 *pwr_constr_elem, 852 u8 pwr_constr_elem_len) 853 { 854 struct ieee80211_conf *conf = &sdata->local->hw.conf; 855 856 if (!(capab_info & WLAN_CAPABILITY_SPECTRUM_MGMT)) 857 return; 858 859 /* Power constraint IE length should be 1 octet */ 860 if (pwr_constr_elem_len != 1) 861 return; 862 863 if ((*pwr_constr_elem <= conf->channel->max_reg_power) && 864 (*pwr_constr_elem != sdata->local->power_constr_level)) { 865 sdata->local->power_constr_level = *pwr_constr_elem; 866 ieee80211_hw_config(sdata->local, 0); 867 } 868 } 869 870 void ieee80211_enable_dyn_ps(struct ieee80211_vif *vif) 871 { 872 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); 873 struct ieee80211_local *local = sdata->local; 874 struct ieee80211_conf *conf = &local->hw.conf; 875 876 WARN_ON(sdata->vif.type != NL80211_IFTYPE_STATION || 877 !(local->hw.flags & IEEE80211_HW_SUPPORTS_PS) || 878 (local->hw.flags & IEEE80211_HW_SUPPORTS_DYNAMIC_PS)); 879 880 local->disable_dynamic_ps = false; 881 conf->dynamic_ps_timeout = local->dynamic_ps_user_timeout; 882 } 883 EXPORT_SYMBOL(ieee80211_enable_dyn_ps); 884 885 void ieee80211_disable_dyn_ps(struct ieee80211_vif *vif) 886 { 887 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); 888 struct ieee80211_local *local = sdata->local; 889 struct ieee80211_conf *conf = &local->hw.conf; 890 891 WARN_ON(sdata->vif.type != NL80211_IFTYPE_STATION || 892 !(local->hw.flags & IEEE80211_HW_SUPPORTS_PS) || 893 (local->hw.flags & IEEE80211_HW_SUPPORTS_DYNAMIC_PS)); 894 895 local->disable_dynamic_ps = true; 896 conf->dynamic_ps_timeout = 0; 897 del_timer_sync(&local->dynamic_ps_timer); 898 ieee80211_queue_work(&local->hw, 899 &local->dynamic_ps_enable_work); 900 } 901 EXPORT_SYMBOL(ieee80211_disable_dyn_ps); 902 903 /* powersave */ 904 static void ieee80211_enable_ps(struct ieee80211_local *local, 905 struct ieee80211_sub_if_data *sdata) 906 { 907 struct ieee80211_conf *conf = &local->hw.conf; 908 909 /* 910 * If we are scanning right now then the parameters will 911 * take effect when scan finishes. 912 */ 913 if (local->scanning) 914 return; 915 916 if (conf->dynamic_ps_timeout > 0 && 917 !(local->hw.flags & IEEE80211_HW_SUPPORTS_DYNAMIC_PS)) { 918 mod_timer(&local->dynamic_ps_timer, jiffies + 919 msecs_to_jiffies(conf->dynamic_ps_timeout)); 920 } else { 921 if (local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK) 922 ieee80211_send_nullfunc(local, sdata, 1); 923 924 if ((local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK) && 925 (local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS)) 926 return; 927 928 conf->flags |= IEEE80211_CONF_PS; 929 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS); 930 } 931 } 932 933 static void ieee80211_change_ps(struct ieee80211_local *local) 934 { 935 struct ieee80211_conf *conf = &local->hw.conf; 936 937 if (local->ps_sdata) { 938 ieee80211_enable_ps(local, local->ps_sdata); 939 } else if (conf->flags & IEEE80211_CONF_PS) { 940 conf->flags &= ~IEEE80211_CONF_PS; 941 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS); 942 del_timer_sync(&local->dynamic_ps_timer); 943 cancel_work_sync(&local->dynamic_ps_enable_work); 944 } 945 } 946 947 static bool ieee80211_powersave_allowed(struct ieee80211_sub_if_data *sdata) 948 { 949 struct ieee80211_if_managed *mgd = &sdata->u.mgd; 950 struct sta_info *sta = NULL; 951 bool authorized = false; 952 953 if (!mgd->powersave) 954 return false; 955 956 if (mgd->broken_ap) 957 return false; 958 959 if (!mgd->associated) 960 return false; 961 962 if (!mgd->associated->beacon_ies) 963 return false; 964 965 if (mgd->flags & (IEEE80211_STA_BEACON_POLL | 966 IEEE80211_STA_CONNECTION_POLL)) 967 return false; 968 969 rcu_read_lock(); 970 sta = sta_info_get(sdata, mgd->bssid); 971 if (sta) 972 authorized = test_sta_flag(sta, WLAN_STA_AUTHORIZED); 973 rcu_read_unlock(); 974 975 return authorized; 976 } 977 978 /* need to hold RTNL or interface lock */ 979 void ieee80211_recalc_ps(struct ieee80211_local *local, s32 latency) 980 { 981 struct ieee80211_sub_if_data *sdata, *found = NULL; 982 int count = 0; 983 int timeout; 984 985 if (!(local->hw.flags & IEEE80211_HW_SUPPORTS_PS)) { 986 local->ps_sdata = NULL; 987 return; 988 } 989 990 if (!list_empty(&local->work_list)) { 991 local->ps_sdata = NULL; 992 goto change; 993 } 994 995 list_for_each_entry(sdata, &local->interfaces, list) { 996 if (!ieee80211_sdata_running(sdata)) 997 continue; 998 if (sdata->vif.type == NL80211_IFTYPE_AP) { 999 /* If an AP vif is found, then disable PS 1000 * by setting the count to zero thereby setting 1001 * ps_sdata to NULL. 1002 */ 1003 count = 0; 1004 break; 1005 } 1006 if (sdata->vif.type != NL80211_IFTYPE_STATION) 1007 continue; 1008 found = sdata; 1009 count++; 1010 } 1011 1012 if (count == 1 && ieee80211_powersave_allowed(found)) { 1013 struct ieee80211_conf *conf = &local->hw.conf; 1014 s32 beaconint_us; 1015 1016 if (latency < 0) 1017 latency = pm_qos_request(PM_QOS_NETWORK_LATENCY); 1018 1019 beaconint_us = ieee80211_tu_to_usec( 1020 found->vif.bss_conf.beacon_int); 1021 1022 timeout = local->dynamic_ps_forced_timeout; 1023 if (timeout < 0) { 1024 /* 1025 * Go to full PSM if the user configures a very low 1026 * latency requirement. 1027 * The 2000 second value is there for compatibility 1028 * until the PM_QOS_NETWORK_LATENCY is configured 1029 * with real values. 1030 */ 1031 if (latency > (1900 * USEC_PER_MSEC) && 1032 latency != (2000 * USEC_PER_SEC)) 1033 timeout = 0; 1034 else 1035 timeout = 100; 1036 } 1037 local->dynamic_ps_user_timeout = timeout; 1038 if (!local->disable_dynamic_ps) 1039 conf->dynamic_ps_timeout = 1040 local->dynamic_ps_user_timeout; 1041 1042 if (beaconint_us > latency) { 1043 local->ps_sdata = NULL; 1044 } else { 1045 struct ieee80211_bss *bss; 1046 int maxslp = 1; 1047 u8 dtimper; 1048 1049 bss = (void *)found->u.mgd.associated->priv; 1050 dtimper = bss->dtim_period; 1051 1052 /* If the TIM IE is invalid, pretend the value is 1 */ 1053 if (!dtimper) 1054 dtimper = 1; 1055 else if (dtimper > 1) 1056 maxslp = min_t(int, dtimper, 1057 latency / beaconint_us); 1058 1059 local->hw.conf.max_sleep_period = maxslp; 1060 local->hw.conf.ps_dtim_period = dtimper; 1061 local->ps_sdata = found; 1062 } 1063 } else { 1064 local->ps_sdata = NULL; 1065 } 1066 1067 change: 1068 ieee80211_change_ps(local); 1069 } 1070 1071 void ieee80211_dynamic_ps_disable_work(struct work_struct *work) 1072 { 1073 struct ieee80211_local *local = 1074 container_of(work, struct ieee80211_local, 1075 dynamic_ps_disable_work); 1076 1077 if (local->hw.conf.flags & IEEE80211_CONF_PS) { 1078 local->hw.conf.flags &= ~IEEE80211_CONF_PS; 1079 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS); 1080 } 1081 1082 ieee80211_wake_queues_by_reason(&local->hw, 1083 IEEE80211_QUEUE_STOP_REASON_PS); 1084 } 1085 1086 void ieee80211_dynamic_ps_enable_work(struct work_struct *work) 1087 { 1088 struct ieee80211_local *local = 1089 container_of(work, struct ieee80211_local, 1090 dynamic_ps_enable_work); 1091 struct ieee80211_sub_if_data *sdata = local->ps_sdata; 1092 struct ieee80211_if_managed *ifmgd; 1093 unsigned long flags; 1094 int q; 1095 1096 /* can only happen when PS was just disabled anyway */ 1097 if (!sdata) 1098 return; 1099 1100 ifmgd = &sdata->u.mgd; 1101 1102 if (local->hw.conf.flags & IEEE80211_CONF_PS) 1103 return; 1104 1105 if (!local->disable_dynamic_ps && 1106 local->hw.conf.dynamic_ps_timeout > 0) { 1107 /* don't enter PS if TX frames are pending */ 1108 if (drv_tx_frames_pending(local)) { 1109 mod_timer(&local->dynamic_ps_timer, jiffies + 1110 msecs_to_jiffies( 1111 local->hw.conf.dynamic_ps_timeout)); 1112 return; 1113 } 1114 1115 /* 1116 * transmission can be stopped by others which leads to 1117 * dynamic_ps_timer expiry. Postpone the ps timer if it 1118 * is not the actual idle state. 1119 */ 1120 spin_lock_irqsave(&local->queue_stop_reason_lock, flags); 1121 for (q = 0; q < local->hw.queues; q++) { 1122 if (local->queue_stop_reasons[q]) { 1123 spin_unlock_irqrestore(&local->queue_stop_reason_lock, 1124 flags); 1125 mod_timer(&local->dynamic_ps_timer, jiffies + 1126 msecs_to_jiffies( 1127 local->hw.conf.dynamic_ps_timeout)); 1128 return; 1129 } 1130 } 1131 spin_unlock_irqrestore(&local->queue_stop_reason_lock, flags); 1132 } 1133 1134 if ((local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK) && 1135 !(ifmgd->flags & IEEE80211_STA_NULLFUNC_ACKED)) { 1136 netif_tx_stop_all_queues(sdata->dev); 1137 1138 if (drv_tx_frames_pending(local)) 1139 mod_timer(&local->dynamic_ps_timer, jiffies + 1140 msecs_to_jiffies( 1141 local->hw.conf.dynamic_ps_timeout)); 1142 else { 1143 ieee80211_send_nullfunc(local, sdata, 1); 1144 /* Flush to get the tx status of nullfunc frame */ 1145 drv_flush(local, false); 1146 } 1147 } 1148 1149 if (!((local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS) && 1150 (local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK)) || 1151 (ifmgd->flags & IEEE80211_STA_NULLFUNC_ACKED)) { 1152 ifmgd->flags &= ~IEEE80211_STA_NULLFUNC_ACKED; 1153 local->hw.conf.flags |= IEEE80211_CONF_PS; 1154 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS); 1155 } 1156 1157 if (local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK) 1158 netif_tx_wake_all_queues(sdata->dev); 1159 } 1160 1161 void ieee80211_dynamic_ps_timer(unsigned long data) 1162 { 1163 struct ieee80211_local *local = (void *) data; 1164 1165 if (local->quiescing || local->suspended) 1166 return; 1167 1168 ieee80211_queue_work(&local->hw, &local->dynamic_ps_enable_work); 1169 } 1170 1171 /* MLME */ 1172 static void ieee80211_sta_wmm_params(struct ieee80211_local *local, 1173 struct ieee80211_sub_if_data *sdata, 1174 u8 *wmm_param, size_t wmm_param_len) 1175 { 1176 struct ieee80211_tx_queue_params params; 1177 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1178 size_t left; 1179 int count; 1180 u8 *pos, uapsd_queues = 0; 1181 1182 if (!local->ops->conf_tx) 1183 return; 1184 1185 if (local->hw.queues < 4) 1186 return; 1187 1188 if (!wmm_param) 1189 return; 1190 1191 if (wmm_param_len < 8 || wmm_param[5] /* version */ != 1) 1192 return; 1193 1194 if (ifmgd->flags & IEEE80211_STA_UAPSD_ENABLED) 1195 uapsd_queues = ifmgd->uapsd_queues; 1196 1197 count = wmm_param[6] & 0x0f; 1198 if (count == ifmgd->wmm_last_param_set) 1199 return; 1200 ifmgd->wmm_last_param_set = count; 1201 1202 pos = wmm_param + 8; 1203 left = wmm_param_len - 8; 1204 1205 memset(¶ms, 0, sizeof(params)); 1206 1207 local->wmm_acm = 0; 1208 for (; left >= 4; left -= 4, pos += 4) { 1209 int aci = (pos[0] >> 5) & 0x03; 1210 int acm = (pos[0] >> 4) & 0x01; 1211 bool uapsd = false; 1212 int queue; 1213 1214 switch (aci) { 1215 case 1: /* AC_BK */ 1216 queue = 3; 1217 if (acm) 1218 local->wmm_acm |= BIT(1) | BIT(2); /* BK/- */ 1219 if (uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_BK) 1220 uapsd = true; 1221 break; 1222 case 2: /* AC_VI */ 1223 queue = 1; 1224 if (acm) 1225 local->wmm_acm |= BIT(4) | BIT(5); /* CL/VI */ 1226 if (uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_VI) 1227 uapsd = true; 1228 break; 1229 case 3: /* AC_VO */ 1230 queue = 0; 1231 if (acm) 1232 local->wmm_acm |= BIT(6) | BIT(7); /* VO/NC */ 1233 if (uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_VO) 1234 uapsd = true; 1235 break; 1236 case 0: /* AC_BE */ 1237 default: 1238 queue = 2; 1239 if (acm) 1240 local->wmm_acm |= BIT(0) | BIT(3); /* BE/EE */ 1241 if (uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_BE) 1242 uapsd = true; 1243 break; 1244 } 1245 1246 params.aifs = pos[0] & 0x0f; 1247 params.cw_max = ecw2cw((pos[1] & 0xf0) >> 4); 1248 params.cw_min = ecw2cw(pos[1] & 0x0f); 1249 params.txop = get_unaligned_le16(pos + 2); 1250 params.uapsd = uapsd; 1251 1252 #ifdef CONFIG_MAC80211_VERBOSE_DEBUG 1253 wiphy_debug(local->hw.wiphy, 1254 "WMM queue=%d aci=%d acm=%d aifs=%d " 1255 "cWmin=%d cWmax=%d txop=%d uapsd=%d\n", 1256 queue, aci, acm, 1257 params.aifs, params.cw_min, params.cw_max, 1258 params.txop, params.uapsd); 1259 #endif 1260 sdata->tx_conf[queue] = params; 1261 if (drv_conf_tx(local, sdata, queue, ¶ms)) 1262 wiphy_debug(local->hw.wiphy, 1263 "failed to set TX queue parameters for queue %d\n", 1264 queue); 1265 } 1266 1267 /* enable WMM or activate new settings */ 1268 sdata->vif.bss_conf.qos = true; 1269 } 1270 1271 static u32 ieee80211_handle_bss_capability(struct ieee80211_sub_if_data *sdata, 1272 u16 capab, bool erp_valid, u8 erp) 1273 { 1274 struct ieee80211_bss_conf *bss_conf = &sdata->vif.bss_conf; 1275 u32 changed = 0; 1276 bool use_protection; 1277 bool use_short_preamble; 1278 bool use_short_slot; 1279 1280 if (erp_valid) { 1281 use_protection = (erp & WLAN_ERP_USE_PROTECTION) != 0; 1282 use_short_preamble = (erp & WLAN_ERP_BARKER_PREAMBLE) == 0; 1283 } else { 1284 use_protection = false; 1285 use_short_preamble = !!(capab & WLAN_CAPABILITY_SHORT_PREAMBLE); 1286 } 1287 1288 use_short_slot = !!(capab & WLAN_CAPABILITY_SHORT_SLOT_TIME); 1289 if (sdata->local->hw.conf.channel->band == IEEE80211_BAND_5GHZ) 1290 use_short_slot = true; 1291 1292 if (use_protection != bss_conf->use_cts_prot) { 1293 bss_conf->use_cts_prot = use_protection; 1294 changed |= BSS_CHANGED_ERP_CTS_PROT; 1295 } 1296 1297 if (use_short_preamble != bss_conf->use_short_preamble) { 1298 bss_conf->use_short_preamble = use_short_preamble; 1299 changed |= BSS_CHANGED_ERP_PREAMBLE; 1300 } 1301 1302 if (use_short_slot != bss_conf->use_short_slot) { 1303 bss_conf->use_short_slot = use_short_slot; 1304 changed |= BSS_CHANGED_ERP_SLOT; 1305 } 1306 1307 return changed; 1308 } 1309 1310 static void ieee80211_set_associated(struct ieee80211_sub_if_data *sdata, 1311 struct cfg80211_bss *cbss, 1312 u32 bss_info_changed) 1313 { 1314 struct ieee80211_bss *bss = (void *)cbss->priv; 1315 struct ieee80211_local *local = sdata->local; 1316 struct ieee80211_bss_conf *bss_conf = &sdata->vif.bss_conf; 1317 1318 bss_info_changed |= BSS_CHANGED_ASSOC; 1319 /* set timing information */ 1320 bss_conf->beacon_int = cbss->beacon_interval; 1321 bss_conf->last_tsf = cbss->tsf; 1322 1323 bss_info_changed |= BSS_CHANGED_BEACON_INT; 1324 bss_info_changed |= ieee80211_handle_bss_capability(sdata, 1325 cbss->capability, bss->has_erp_value, bss->erp_value); 1326 1327 sdata->u.mgd.beacon_timeout = usecs_to_jiffies(ieee80211_tu_to_usec( 1328 IEEE80211_BEACON_LOSS_COUNT * bss_conf->beacon_int)); 1329 1330 sdata->u.mgd.associated = cbss; 1331 memcpy(sdata->u.mgd.bssid, cbss->bssid, ETH_ALEN); 1332 1333 sdata->u.mgd.flags |= IEEE80211_STA_RESET_SIGNAL_AVE; 1334 1335 /* just to be sure */ 1336 sdata->u.mgd.flags &= ~(IEEE80211_STA_CONNECTION_POLL | 1337 IEEE80211_STA_BEACON_POLL); 1338 1339 ieee80211_led_assoc(local, 1); 1340 1341 if (local->hw.flags & IEEE80211_HW_NEED_DTIM_PERIOD) 1342 bss_conf->dtim_period = bss->dtim_period; 1343 else 1344 bss_conf->dtim_period = 0; 1345 1346 bss_conf->assoc = 1; 1347 1348 /* Tell the driver to monitor connection quality (if supported) */ 1349 if (sdata->vif.driver_flags & IEEE80211_VIF_SUPPORTS_CQM_RSSI && 1350 bss_conf->cqm_rssi_thold) 1351 bss_info_changed |= BSS_CHANGED_CQM; 1352 1353 /* Enable ARP filtering */ 1354 if (bss_conf->arp_filter_enabled != sdata->arp_filter_state) { 1355 bss_conf->arp_filter_enabled = sdata->arp_filter_state; 1356 bss_info_changed |= BSS_CHANGED_ARP_FILTER; 1357 } 1358 1359 ieee80211_bss_info_change_notify(sdata, bss_info_changed); 1360 1361 mutex_lock(&local->iflist_mtx); 1362 ieee80211_recalc_ps(local, -1); 1363 ieee80211_recalc_smps(local); 1364 mutex_unlock(&local->iflist_mtx); 1365 1366 netif_tx_start_all_queues(sdata->dev); 1367 netif_carrier_on(sdata->dev); 1368 } 1369 1370 static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata, 1371 u16 stype, u16 reason, bool tx, 1372 u8 *frame_buf) 1373 { 1374 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1375 struct ieee80211_local *local = sdata->local; 1376 struct sta_info *sta; 1377 u32 changed = 0; 1378 u8 bssid[ETH_ALEN]; 1379 1380 ASSERT_MGD_MTX(ifmgd); 1381 1382 if (WARN_ON_ONCE(tx && !frame_buf)) 1383 return; 1384 1385 if (WARN_ON(!ifmgd->associated)) 1386 return; 1387 1388 memcpy(bssid, ifmgd->associated->bssid, ETH_ALEN); 1389 1390 ifmgd->associated = NULL; 1391 memset(ifmgd->bssid, 0, ETH_ALEN); 1392 1393 /* 1394 * we need to commit the associated = NULL change because the 1395 * scan code uses that to determine whether this iface should 1396 * go to/wake up from powersave or not -- and could otherwise 1397 * wake the queues erroneously. 1398 */ 1399 smp_mb(); 1400 1401 /* 1402 * Thus, we can only afterwards stop the queues -- to account 1403 * for the case where another CPU is finishing a scan at this 1404 * time -- we don't want the scan code to enable queues. 1405 */ 1406 1407 netif_tx_stop_all_queues(sdata->dev); 1408 netif_carrier_off(sdata->dev); 1409 1410 mutex_lock(&local->sta_mtx); 1411 sta = sta_info_get(sdata, bssid); 1412 if (sta) { 1413 set_sta_flag(sta, WLAN_STA_BLOCK_BA); 1414 ieee80211_sta_tear_down_BA_sessions(sta, tx); 1415 } 1416 mutex_unlock(&local->sta_mtx); 1417 1418 /* deauthenticate/disassociate now */ 1419 if (tx || frame_buf) 1420 ieee80211_send_deauth_disassoc(sdata, bssid, stype, reason, 1421 tx, frame_buf); 1422 1423 /* flush out frame */ 1424 if (tx) 1425 drv_flush(local, false); 1426 1427 /* remove AP and TDLS peers */ 1428 sta_info_flush(local, sdata); 1429 1430 /* finally reset all BSS / config parameters */ 1431 changed |= ieee80211_reset_erp_info(sdata); 1432 1433 ieee80211_led_assoc(local, 0); 1434 changed |= BSS_CHANGED_ASSOC; 1435 sdata->vif.bss_conf.assoc = false; 1436 1437 /* on the next assoc, re-program HT parameters */ 1438 sdata->ht_opmode_valid = false; 1439 memset(&ifmgd->ht_capa, 0, sizeof(ifmgd->ht_capa)); 1440 memset(&ifmgd->ht_capa_mask, 0, sizeof(ifmgd->ht_capa_mask)); 1441 1442 local->power_constr_level = 0; 1443 1444 del_timer_sync(&local->dynamic_ps_timer); 1445 cancel_work_sync(&local->dynamic_ps_enable_work); 1446 1447 if (local->hw.conf.flags & IEEE80211_CONF_PS) { 1448 local->hw.conf.flags &= ~IEEE80211_CONF_PS; 1449 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS); 1450 } 1451 local->ps_sdata = NULL; 1452 1453 /* Disable ARP filtering */ 1454 if (sdata->vif.bss_conf.arp_filter_enabled) { 1455 sdata->vif.bss_conf.arp_filter_enabled = false; 1456 changed |= BSS_CHANGED_ARP_FILTER; 1457 } 1458 1459 sdata->vif.bss_conf.qos = false; 1460 changed |= BSS_CHANGED_QOS; 1461 1462 /* The BSSID (not really interesting) and HT changed */ 1463 changed |= BSS_CHANGED_BSSID | BSS_CHANGED_HT; 1464 ieee80211_bss_info_change_notify(sdata, changed); 1465 1466 /* channel(_type) changes are handled by ieee80211_hw_config */ 1467 WARN_ON(!ieee80211_set_channel_type(local, sdata, NL80211_CHAN_NO_HT)); 1468 ieee80211_hw_config(local, 0); 1469 1470 /* disassociated - set to defaults now */ 1471 ieee80211_set_wmm_default(sdata, false); 1472 1473 del_timer_sync(&sdata->u.mgd.conn_mon_timer); 1474 del_timer_sync(&sdata->u.mgd.bcn_mon_timer); 1475 del_timer_sync(&sdata->u.mgd.timer); 1476 del_timer_sync(&sdata->u.mgd.chswitch_timer); 1477 } 1478 1479 void ieee80211_sta_rx_notify(struct ieee80211_sub_if_data *sdata, 1480 struct ieee80211_hdr *hdr) 1481 { 1482 /* 1483 * We can postpone the mgd.timer whenever receiving unicast frames 1484 * from AP because we know that the connection is working both ways 1485 * at that time. But multicast frames (and hence also beacons) must 1486 * be ignored here, because we need to trigger the timer during 1487 * data idle periods for sending the periodic probe request to the 1488 * AP we're connected to. 1489 */ 1490 if (is_multicast_ether_addr(hdr->addr1)) 1491 return; 1492 1493 ieee80211_sta_reset_conn_monitor(sdata); 1494 } 1495 1496 static void ieee80211_reset_ap_probe(struct ieee80211_sub_if_data *sdata) 1497 { 1498 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1499 1500 if (!(ifmgd->flags & (IEEE80211_STA_BEACON_POLL | 1501 IEEE80211_STA_CONNECTION_POLL))) 1502 return; 1503 1504 ifmgd->flags &= ~(IEEE80211_STA_CONNECTION_POLL | 1505 IEEE80211_STA_BEACON_POLL); 1506 mutex_lock(&sdata->local->iflist_mtx); 1507 ieee80211_recalc_ps(sdata->local, -1); 1508 mutex_unlock(&sdata->local->iflist_mtx); 1509 1510 if (sdata->local->hw.flags & IEEE80211_HW_CONNECTION_MONITOR) 1511 return; 1512 1513 /* 1514 * We've received a probe response, but are not sure whether 1515 * we have or will be receiving any beacons or data, so let's 1516 * schedule the timers again, just in case. 1517 */ 1518 ieee80211_sta_reset_beacon_monitor(sdata); 1519 1520 mod_timer(&ifmgd->conn_mon_timer, 1521 round_jiffies_up(jiffies + 1522 IEEE80211_CONNECTION_IDLE_TIME)); 1523 } 1524 1525 void ieee80211_sta_tx_notify(struct ieee80211_sub_if_data *sdata, 1526 struct ieee80211_hdr *hdr, bool ack) 1527 { 1528 if (!ieee80211_is_data(hdr->frame_control)) 1529 return; 1530 1531 if (ack) 1532 ieee80211_sta_reset_conn_monitor(sdata); 1533 1534 if (ieee80211_is_nullfunc(hdr->frame_control) && 1535 sdata->u.mgd.probe_send_count > 0) { 1536 if (ack) 1537 sdata->u.mgd.probe_send_count = 0; 1538 else 1539 sdata->u.mgd.nullfunc_failed = true; 1540 ieee80211_queue_work(&sdata->local->hw, &sdata->work); 1541 } 1542 } 1543 1544 static void ieee80211_mgd_probe_ap_send(struct ieee80211_sub_if_data *sdata) 1545 { 1546 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1547 const u8 *ssid; 1548 u8 *dst = ifmgd->associated->bssid; 1549 u8 unicast_limit = max(1, max_probe_tries - 3); 1550 1551 /* 1552 * Try sending broadcast probe requests for the last three 1553 * probe requests after the first ones failed since some 1554 * buggy APs only support broadcast probe requests. 1555 */ 1556 if (ifmgd->probe_send_count >= unicast_limit) 1557 dst = NULL; 1558 1559 /* 1560 * When the hardware reports an accurate Tx ACK status, it's 1561 * better to send a nullfunc frame instead of a probe request, 1562 * as it will kick us off the AP quickly if we aren't associated 1563 * anymore. The timeout will be reset if the frame is ACKed by 1564 * the AP. 1565 */ 1566 if (sdata->local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS) { 1567 ifmgd->nullfunc_failed = false; 1568 ieee80211_send_nullfunc(sdata->local, sdata, 0); 1569 } else { 1570 ssid = ieee80211_bss_get_ie(ifmgd->associated, WLAN_EID_SSID); 1571 ieee80211_send_probe_req(sdata, dst, ssid + 2, ssid[1], NULL, 0, 1572 (u32) -1, true, false); 1573 } 1574 1575 ifmgd->probe_send_count++; 1576 ifmgd->probe_timeout = jiffies + msecs_to_jiffies(probe_wait_ms); 1577 run_again(ifmgd, ifmgd->probe_timeout); 1578 } 1579 1580 static void ieee80211_mgd_probe_ap(struct ieee80211_sub_if_data *sdata, 1581 bool beacon) 1582 { 1583 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1584 bool already = false; 1585 1586 if (!ieee80211_sdata_running(sdata)) 1587 return; 1588 1589 if (sdata->local->scanning) 1590 return; 1591 1592 if (sdata->local->tmp_channel) 1593 return; 1594 1595 mutex_lock(&ifmgd->mtx); 1596 1597 if (!ifmgd->associated) 1598 goto out; 1599 1600 #ifdef CONFIG_MAC80211_VERBOSE_DEBUG 1601 if (beacon && net_ratelimit()) 1602 printk(KERN_DEBUG "%s: detected beacon loss from AP " 1603 "- sending probe request\n", sdata->name); 1604 #endif 1605 1606 /* 1607 * The driver/our work has already reported this event or the 1608 * connection monitoring has kicked in and we have already sent 1609 * a probe request. Or maybe the AP died and the driver keeps 1610 * reporting until we disassociate... 1611 * 1612 * In either case we have to ignore the current call to this 1613 * function (except for setting the correct probe reason bit) 1614 * because otherwise we would reset the timer every time and 1615 * never check whether we received a probe response! 1616 */ 1617 if (ifmgd->flags & (IEEE80211_STA_BEACON_POLL | 1618 IEEE80211_STA_CONNECTION_POLL)) 1619 already = true; 1620 1621 if (beacon) 1622 ifmgd->flags |= IEEE80211_STA_BEACON_POLL; 1623 else 1624 ifmgd->flags |= IEEE80211_STA_CONNECTION_POLL; 1625 1626 if (already) 1627 goto out; 1628 1629 mutex_lock(&sdata->local->iflist_mtx); 1630 ieee80211_recalc_ps(sdata->local, -1); 1631 mutex_unlock(&sdata->local->iflist_mtx); 1632 1633 ifmgd->probe_send_count = 0; 1634 ieee80211_mgd_probe_ap_send(sdata); 1635 out: 1636 mutex_unlock(&ifmgd->mtx); 1637 } 1638 1639 struct sk_buff *ieee80211_ap_probereq_get(struct ieee80211_hw *hw, 1640 struct ieee80211_vif *vif) 1641 { 1642 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); 1643 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1644 struct sk_buff *skb; 1645 const u8 *ssid; 1646 1647 if (WARN_ON(sdata->vif.type != NL80211_IFTYPE_STATION)) 1648 return NULL; 1649 1650 ASSERT_MGD_MTX(ifmgd); 1651 1652 if (!ifmgd->associated) 1653 return NULL; 1654 1655 ssid = ieee80211_bss_get_ie(ifmgd->associated, WLAN_EID_SSID); 1656 skb = ieee80211_build_probe_req(sdata, ifmgd->associated->bssid, 1657 (u32) -1, ssid + 2, ssid[1], 1658 NULL, 0, true); 1659 1660 return skb; 1661 } 1662 EXPORT_SYMBOL(ieee80211_ap_probereq_get); 1663 1664 static void __ieee80211_connection_loss(struct ieee80211_sub_if_data *sdata) 1665 { 1666 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1667 struct ieee80211_local *local = sdata->local; 1668 u8 bssid[ETH_ALEN]; 1669 u8 frame_buf[DEAUTH_DISASSOC_LEN]; 1670 1671 mutex_lock(&ifmgd->mtx); 1672 if (!ifmgd->associated) { 1673 mutex_unlock(&ifmgd->mtx); 1674 return; 1675 } 1676 1677 memcpy(bssid, ifmgd->associated->bssid, ETH_ALEN); 1678 1679 printk(KERN_DEBUG "%s: Connection to AP %pM lost.\n", 1680 sdata->name, bssid); 1681 1682 ieee80211_set_disassoc(sdata, IEEE80211_STYPE_DEAUTH, 1683 WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY, 1684 false, frame_buf); 1685 mutex_unlock(&ifmgd->mtx); 1686 1687 /* 1688 * must be outside lock due to cfg80211, 1689 * but that's not a problem. 1690 */ 1691 cfg80211_send_deauth(sdata->dev, frame_buf, DEAUTH_DISASSOC_LEN); 1692 1693 mutex_lock(&local->mtx); 1694 ieee80211_recalc_idle(local); 1695 mutex_unlock(&local->mtx); 1696 } 1697 1698 void ieee80211_beacon_connection_loss_work(struct work_struct *work) 1699 { 1700 struct ieee80211_sub_if_data *sdata = 1701 container_of(work, struct ieee80211_sub_if_data, 1702 u.mgd.beacon_connection_loss_work); 1703 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1704 struct sta_info *sta; 1705 1706 if (ifmgd->associated) { 1707 rcu_read_lock(); 1708 sta = sta_info_get(sdata, ifmgd->bssid); 1709 if (sta) 1710 sta->beacon_loss_count++; 1711 rcu_read_unlock(); 1712 } 1713 1714 if (sdata->local->hw.flags & IEEE80211_HW_CONNECTION_MONITOR) 1715 __ieee80211_connection_loss(sdata); 1716 else 1717 ieee80211_mgd_probe_ap(sdata, true); 1718 } 1719 1720 void ieee80211_beacon_loss(struct ieee80211_vif *vif) 1721 { 1722 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); 1723 struct ieee80211_hw *hw = &sdata->local->hw; 1724 1725 trace_api_beacon_loss(sdata); 1726 1727 WARN_ON(hw->flags & IEEE80211_HW_CONNECTION_MONITOR); 1728 ieee80211_queue_work(hw, &sdata->u.mgd.beacon_connection_loss_work); 1729 } 1730 EXPORT_SYMBOL(ieee80211_beacon_loss); 1731 1732 void ieee80211_connection_loss(struct ieee80211_vif *vif) 1733 { 1734 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); 1735 struct ieee80211_hw *hw = &sdata->local->hw; 1736 1737 trace_api_connection_loss(sdata); 1738 1739 WARN_ON(!(hw->flags & IEEE80211_HW_CONNECTION_MONITOR)); 1740 ieee80211_queue_work(hw, &sdata->u.mgd.beacon_connection_loss_work); 1741 } 1742 EXPORT_SYMBOL(ieee80211_connection_loss); 1743 1744 1745 static void ieee80211_destroy_auth_data(struct ieee80211_sub_if_data *sdata, 1746 bool assoc) 1747 { 1748 struct ieee80211_mgd_auth_data *auth_data = sdata->u.mgd.auth_data; 1749 1750 lockdep_assert_held(&sdata->u.mgd.mtx); 1751 1752 if (!assoc) { 1753 sta_info_destroy_addr(sdata, auth_data->bss->bssid); 1754 1755 memset(sdata->u.mgd.bssid, 0, ETH_ALEN); 1756 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BSSID); 1757 } 1758 1759 cfg80211_put_bss(auth_data->bss); 1760 kfree(auth_data); 1761 sdata->u.mgd.auth_data = NULL; 1762 } 1763 1764 static void ieee80211_auth_challenge(struct ieee80211_sub_if_data *sdata, 1765 struct ieee80211_mgmt *mgmt, size_t len) 1766 { 1767 struct ieee80211_mgd_auth_data *auth_data = sdata->u.mgd.auth_data; 1768 u8 *pos; 1769 struct ieee802_11_elems elems; 1770 1771 pos = mgmt->u.auth.variable; 1772 ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems); 1773 if (!elems.challenge) 1774 return; 1775 auth_data->expected_transaction = 4; 1776 ieee80211_send_auth(sdata, 3, auth_data->algorithm, 1777 elems.challenge - 2, elems.challenge_len + 2, 1778 auth_data->bss->bssid, auth_data->bss->bssid, 1779 auth_data->key, auth_data->key_len, 1780 auth_data->key_idx); 1781 } 1782 1783 static enum rx_mgmt_action __must_check 1784 ieee80211_rx_mgmt_auth(struct ieee80211_sub_if_data *sdata, 1785 struct ieee80211_mgmt *mgmt, size_t len) 1786 { 1787 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1788 u8 bssid[ETH_ALEN]; 1789 u16 auth_alg, auth_transaction, status_code; 1790 struct sta_info *sta; 1791 1792 lockdep_assert_held(&ifmgd->mtx); 1793 1794 if (len < 24 + 6) 1795 return RX_MGMT_NONE; 1796 1797 if (!ifmgd->auth_data || ifmgd->auth_data->done) 1798 return RX_MGMT_NONE; 1799 1800 memcpy(bssid, ifmgd->auth_data->bss->bssid, ETH_ALEN); 1801 1802 if (compare_ether_addr(bssid, mgmt->bssid)) 1803 return RX_MGMT_NONE; 1804 1805 auth_alg = le16_to_cpu(mgmt->u.auth.auth_alg); 1806 auth_transaction = le16_to_cpu(mgmt->u.auth.auth_transaction); 1807 status_code = le16_to_cpu(mgmt->u.auth.status_code); 1808 1809 if (auth_alg != ifmgd->auth_data->algorithm || 1810 auth_transaction != ifmgd->auth_data->expected_transaction) 1811 return RX_MGMT_NONE; 1812 1813 if (status_code != WLAN_STATUS_SUCCESS) { 1814 printk(KERN_DEBUG "%s: %pM denied authentication (status %d)\n", 1815 sdata->name, mgmt->sa, status_code); 1816 goto out; 1817 } 1818 1819 switch (ifmgd->auth_data->algorithm) { 1820 case WLAN_AUTH_OPEN: 1821 case WLAN_AUTH_LEAP: 1822 case WLAN_AUTH_FT: 1823 break; 1824 case WLAN_AUTH_SHARED_KEY: 1825 if (ifmgd->auth_data->expected_transaction != 4) { 1826 ieee80211_auth_challenge(sdata, mgmt, len); 1827 /* need another frame */ 1828 return RX_MGMT_NONE; 1829 } 1830 break; 1831 default: 1832 WARN_ONCE(1, "invalid auth alg %d", 1833 ifmgd->auth_data->algorithm); 1834 return RX_MGMT_NONE; 1835 } 1836 1837 printk(KERN_DEBUG "%s: authenticated\n", sdata->name); 1838 out: 1839 ifmgd->auth_data->done = true; 1840 ifmgd->auth_data->timeout = jiffies + IEEE80211_AUTH_WAIT_ASSOC; 1841 run_again(ifmgd, ifmgd->auth_data->timeout); 1842 1843 /* move station state to auth */ 1844 mutex_lock(&sdata->local->sta_mtx); 1845 sta = sta_info_get(sdata, bssid); 1846 if (!sta) { 1847 WARN_ONCE(1, "%s: STA %pM not found", sdata->name, bssid); 1848 goto out_err; 1849 } 1850 if (sta_info_move_state(sta, IEEE80211_STA_AUTH)) { 1851 printk(KERN_DEBUG "%s: failed moving %pM to auth\n", 1852 sdata->name, bssid); 1853 goto out_err; 1854 } 1855 mutex_unlock(&sdata->local->sta_mtx); 1856 1857 return RX_MGMT_CFG80211_RX_AUTH; 1858 out_err: 1859 mutex_unlock(&sdata->local->sta_mtx); 1860 /* ignore frame -- wait for timeout */ 1861 return RX_MGMT_NONE; 1862 } 1863 1864 1865 static enum rx_mgmt_action __must_check 1866 ieee80211_rx_mgmt_deauth(struct ieee80211_sub_if_data *sdata, 1867 struct ieee80211_mgmt *mgmt, size_t len) 1868 { 1869 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1870 const u8 *bssid = NULL; 1871 u16 reason_code; 1872 1873 lockdep_assert_held(&ifmgd->mtx); 1874 1875 if (len < 24 + 2) 1876 return RX_MGMT_NONE; 1877 1878 if (!ifmgd->associated || 1879 compare_ether_addr(mgmt->bssid, ifmgd->associated->bssid)) 1880 return RX_MGMT_NONE; 1881 1882 bssid = ifmgd->associated->bssid; 1883 1884 reason_code = le16_to_cpu(mgmt->u.deauth.reason_code); 1885 1886 printk(KERN_DEBUG "%s: deauthenticated from %pM (Reason: %u)\n", 1887 sdata->name, bssid, reason_code); 1888 1889 ieee80211_set_disassoc(sdata, 0, 0, false, NULL); 1890 1891 mutex_lock(&sdata->local->mtx); 1892 ieee80211_recalc_idle(sdata->local); 1893 mutex_unlock(&sdata->local->mtx); 1894 1895 return RX_MGMT_CFG80211_DEAUTH; 1896 } 1897 1898 1899 static enum rx_mgmt_action __must_check 1900 ieee80211_rx_mgmt_disassoc(struct ieee80211_sub_if_data *sdata, 1901 struct ieee80211_mgmt *mgmt, size_t len) 1902 { 1903 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1904 u16 reason_code; 1905 1906 lockdep_assert_held(&ifmgd->mtx); 1907 1908 if (len < 24 + 2) 1909 return RX_MGMT_NONE; 1910 1911 if (!ifmgd->associated || 1912 compare_ether_addr(mgmt->bssid, ifmgd->associated->bssid)) 1913 return RX_MGMT_NONE; 1914 1915 reason_code = le16_to_cpu(mgmt->u.disassoc.reason_code); 1916 1917 printk(KERN_DEBUG "%s: disassociated from %pM (Reason: %u)\n", 1918 sdata->name, mgmt->sa, reason_code); 1919 1920 ieee80211_set_disassoc(sdata, 0, 0, false, NULL); 1921 1922 mutex_lock(&sdata->local->mtx); 1923 ieee80211_recalc_idle(sdata->local); 1924 mutex_unlock(&sdata->local->mtx); 1925 1926 return RX_MGMT_CFG80211_DISASSOC; 1927 } 1928 1929 static void ieee80211_get_rates(struct ieee80211_supported_band *sband, 1930 u8 *supp_rates, unsigned int supp_rates_len, 1931 u32 *rates, u32 *basic_rates, 1932 bool *have_higher_than_11mbit, 1933 int *min_rate, int *min_rate_index) 1934 { 1935 int i, j; 1936 1937 for (i = 0; i < supp_rates_len; i++) { 1938 int rate = (supp_rates[i] & 0x7f) * 5; 1939 bool is_basic = !!(supp_rates[i] & 0x80); 1940 1941 if (rate > 110) 1942 *have_higher_than_11mbit = true; 1943 1944 /* 1945 * BSS_MEMBERSHIP_SELECTOR_HT_PHY is defined in 802.11n-2009 1946 * 7.3.2.2 as a magic value instead of a rate. Hence, skip it. 1947 * 1948 * Note: Even through the membership selector and the basic 1949 * rate flag share the same bit, they are not exactly 1950 * the same. 1951 */ 1952 if (!!(supp_rates[i] & 0x80) && 1953 (supp_rates[i] & 0x7f) == BSS_MEMBERSHIP_SELECTOR_HT_PHY) 1954 continue; 1955 1956 for (j = 0; j < sband->n_bitrates; j++) { 1957 if (sband->bitrates[j].bitrate == rate) { 1958 *rates |= BIT(j); 1959 if (is_basic) 1960 *basic_rates |= BIT(j); 1961 if (rate < *min_rate) { 1962 *min_rate = rate; 1963 *min_rate_index = j; 1964 } 1965 break; 1966 } 1967 } 1968 } 1969 } 1970 1971 static void ieee80211_destroy_assoc_data(struct ieee80211_sub_if_data *sdata, 1972 bool assoc) 1973 { 1974 struct ieee80211_mgd_assoc_data *assoc_data = sdata->u.mgd.assoc_data; 1975 1976 lockdep_assert_held(&sdata->u.mgd.mtx); 1977 1978 if (!assoc) { 1979 sta_info_destroy_addr(sdata, assoc_data->bss->bssid); 1980 1981 memset(sdata->u.mgd.bssid, 0, ETH_ALEN); 1982 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BSSID); 1983 } 1984 1985 kfree(assoc_data); 1986 sdata->u.mgd.assoc_data = NULL; 1987 } 1988 1989 static bool ieee80211_assoc_success(struct ieee80211_sub_if_data *sdata, 1990 struct cfg80211_bss *cbss, 1991 struct ieee80211_mgmt *mgmt, size_t len) 1992 { 1993 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1994 struct ieee80211_local *local = sdata->local; 1995 struct ieee80211_supported_band *sband; 1996 struct sta_info *sta; 1997 u8 *pos; 1998 u16 capab_info, aid; 1999 struct ieee802_11_elems elems; 2000 struct ieee80211_bss_conf *bss_conf = &sdata->vif.bss_conf; 2001 u32 changed = 0; 2002 int err; 2003 u16 ap_ht_cap_flags; 2004 2005 /* AssocResp and ReassocResp have identical structure */ 2006 2007 aid = le16_to_cpu(mgmt->u.assoc_resp.aid); 2008 capab_info = le16_to_cpu(mgmt->u.assoc_resp.capab_info); 2009 2010 if ((aid & (BIT(15) | BIT(14))) != (BIT(15) | BIT(14))) 2011 printk(KERN_DEBUG 2012 "%s: invalid AID value 0x%x; bits 15:14 not set\n", 2013 sdata->name, aid); 2014 aid &= ~(BIT(15) | BIT(14)); 2015 2016 ifmgd->broken_ap = false; 2017 2018 if (aid == 0 || aid > IEEE80211_MAX_AID) { 2019 printk(KERN_DEBUG 2020 "%s: invalid AID value %d (out of range), turn off PS\n", 2021 sdata->name, aid); 2022 aid = 0; 2023 ifmgd->broken_ap = true; 2024 } 2025 2026 pos = mgmt->u.assoc_resp.variable; 2027 ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems); 2028 2029 if (!elems.supp_rates) { 2030 printk(KERN_DEBUG "%s: no SuppRates element in AssocResp\n", 2031 sdata->name); 2032 return false; 2033 } 2034 2035 ifmgd->aid = aid; 2036 2037 mutex_lock(&sdata->local->sta_mtx); 2038 /* 2039 * station info was already allocated and inserted before 2040 * the association and should be available to us 2041 */ 2042 sta = sta_info_get(sdata, cbss->bssid); 2043 if (WARN_ON(!sta)) { 2044 mutex_unlock(&sdata->local->sta_mtx); 2045 return false; 2046 } 2047 2048 sband = local->hw.wiphy->bands[local->oper_channel->band]; 2049 2050 if (elems.ht_cap_elem && !(ifmgd->flags & IEEE80211_STA_DISABLE_11N)) 2051 ieee80211_ht_cap_ie_to_sta_ht_cap(sdata, sband, 2052 elems.ht_cap_elem, &sta->sta.ht_cap); 2053 2054 ap_ht_cap_flags = sta->sta.ht_cap.cap; 2055 2056 rate_control_rate_init(sta); 2057 2058 if (ifmgd->flags & IEEE80211_STA_MFP_ENABLED) 2059 set_sta_flag(sta, WLAN_STA_MFP); 2060 2061 if (elems.wmm_param) 2062 set_sta_flag(sta, WLAN_STA_WME); 2063 2064 err = sta_info_move_state(sta, IEEE80211_STA_AUTH); 2065 if (!err) 2066 err = sta_info_move_state(sta, IEEE80211_STA_ASSOC); 2067 if (!err && !(ifmgd->flags & IEEE80211_STA_CONTROL_PORT)) 2068 err = sta_info_move_state(sta, IEEE80211_STA_AUTHORIZED); 2069 if (err) { 2070 printk(KERN_DEBUG 2071 "%s: failed to move station %pM to desired state\n", 2072 sdata->name, sta->sta.addr); 2073 WARN_ON(__sta_info_destroy(sta)); 2074 mutex_unlock(&sdata->local->sta_mtx); 2075 return false; 2076 } 2077 2078 mutex_unlock(&sdata->local->sta_mtx); 2079 2080 /* 2081 * Always handle WMM once after association regardless 2082 * of the first value the AP uses. Setting -1 here has 2083 * that effect because the AP values is an unsigned 2084 * 4-bit value. 2085 */ 2086 ifmgd->wmm_last_param_set = -1; 2087 2088 if (elems.wmm_param) 2089 ieee80211_sta_wmm_params(local, sdata, elems.wmm_param, 2090 elems.wmm_param_len); 2091 else 2092 ieee80211_set_wmm_default(sdata, false); 2093 changed |= BSS_CHANGED_QOS; 2094 2095 if (elems.ht_info_elem && elems.wmm_param && 2096 !(ifmgd->flags & IEEE80211_STA_DISABLE_11N)) 2097 changed |= ieee80211_enable_ht(sdata, elems.ht_info_elem, 2098 cbss->bssid, ap_ht_cap_flags, 2099 false); 2100 2101 /* set AID and assoc capability, 2102 * ieee80211_set_associated() will tell the driver */ 2103 bss_conf->aid = aid; 2104 bss_conf->assoc_capability = capab_info; 2105 ieee80211_set_associated(sdata, cbss, changed); 2106 2107 /* 2108 * If we're using 4-addr mode, let the AP know that we're 2109 * doing so, so that it can create the STA VLAN on its side 2110 */ 2111 if (ifmgd->use_4addr) 2112 ieee80211_send_4addr_nullfunc(local, sdata); 2113 2114 /* 2115 * Start timer to probe the connection to the AP now. 2116 * Also start the timer that will detect beacon loss. 2117 */ 2118 ieee80211_sta_rx_notify(sdata, (struct ieee80211_hdr *)mgmt); 2119 ieee80211_sta_reset_beacon_monitor(sdata); 2120 2121 return true; 2122 } 2123 2124 static enum rx_mgmt_action __must_check 2125 ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata, 2126 struct ieee80211_mgmt *mgmt, size_t len, 2127 struct cfg80211_bss **bss) 2128 { 2129 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2130 struct ieee80211_mgd_assoc_data *assoc_data = ifmgd->assoc_data; 2131 u16 capab_info, status_code, aid; 2132 struct ieee802_11_elems elems; 2133 u8 *pos; 2134 bool reassoc; 2135 2136 lockdep_assert_held(&ifmgd->mtx); 2137 2138 if (!assoc_data) 2139 return RX_MGMT_NONE; 2140 if (compare_ether_addr(assoc_data->bss->bssid, mgmt->bssid)) 2141 return RX_MGMT_NONE; 2142 2143 /* 2144 * AssocResp and ReassocResp have identical structure, so process both 2145 * of them in this function. 2146 */ 2147 2148 if (len < 24 + 6) 2149 return RX_MGMT_NONE; 2150 2151 reassoc = ieee80211_is_reassoc_req(mgmt->frame_control); 2152 capab_info = le16_to_cpu(mgmt->u.assoc_resp.capab_info); 2153 status_code = le16_to_cpu(mgmt->u.assoc_resp.status_code); 2154 aid = le16_to_cpu(mgmt->u.assoc_resp.aid); 2155 2156 printk(KERN_DEBUG "%s: RX %sssocResp from %pM (capab=0x%x " 2157 "status=%d aid=%d)\n", 2158 sdata->name, reassoc ? "Rea" : "A", mgmt->sa, 2159 capab_info, status_code, (u16)(aid & ~(BIT(15) | BIT(14)))); 2160 2161 pos = mgmt->u.assoc_resp.variable; 2162 ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems); 2163 2164 if (status_code == WLAN_STATUS_ASSOC_REJECTED_TEMPORARILY && 2165 elems.timeout_int && elems.timeout_int_len == 5 && 2166 elems.timeout_int[0] == WLAN_TIMEOUT_ASSOC_COMEBACK) { 2167 u32 tu, ms; 2168 tu = get_unaligned_le32(elems.timeout_int + 1); 2169 ms = tu * 1024 / 1000; 2170 printk(KERN_DEBUG "%s: %pM rejected association temporarily; " 2171 "comeback duration %u TU (%u ms)\n", 2172 sdata->name, mgmt->sa, tu, ms); 2173 assoc_data->timeout = jiffies + msecs_to_jiffies(ms); 2174 if (ms > IEEE80211_ASSOC_TIMEOUT) 2175 run_again(ifmgd, assoc_data->timeout); 2176 return RX_MGMT_NONE; 2177 } 2178 2179 *bss = assoc_data->bss; 2180 2181 if (status_code != WLAN_STATUS_SUCCESS) { 2182 printk(KERN_DEBUG "%s: %pM denied association (code=%d)\n", 2183 sdata->name, mgmt->sa, status_code); 2184 ieee80211_destroy_assoc_data(sdata, false); 2185 } else { 2186 printk(KERN_DEBUG "%s: associated\n", sdata->name); 2187 2188 if (!ieee80211_assoc_success(sdata, *bss, mgmt, len)) { 2189 /* oops -- internal error -- send timeout for now */ 2190 ieee80211_destroy_assoc_data(sdata, true); 2191 sta_info_destroy_addr(sdata, mgmt->bssid); 2192 cfg80211_put_bss(*bss); 2193 return RX_MGMT_CFG80211_ASSOC_TIMEOUT; 2194 } 2195 2196 /* 2197 * destroy assoc_data afterwards, as otherwise an idle 2198 * recalc after assoc_data is NULL but before associated 2199 * is set can cause the interface to go idle 2200 */ 2201 ieee80211_destroy_assoc_data(sdata, true); 2202 } 2203 2204 return RX_MGMT_CFG80211_RX_ASSOC; 2205 } 2206 static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata, 2207 struct ieee80211_mgmt *mgmt, 2208 size_t len, 2209 struct ieee80211_rx_status *rx_status, 2210 struct ieee802_11_elems *elems, 2211 bool beacon) 2212 { 2213 struct ieee80211_local *local = sdata->local; 2214 int freq; 2215 struct ieee80211_bss *bss; 2216 struct ieee80211_channel *channel; 2217 bool need_ps = false; 2218 2219 if (sdata->u.mgd.associated && 2220 compare_ether_addr(mgmt->bssid, sdata->u.mgd.associated->bssid) 2221 == 0) { 2222 bss = (void *)sdata->u.mgd.associated->priv; 2223 /* not previously set so we may need to recalc */ 2224 need_ps = !bss->dtim_period; 2225 } 2226 2227 if (elems->ds_params && elems->ds_params_len == 1) 2228 freq = ieee80211_channel_to_frequency(elems->ds_params[0], 2229 rx_status->band); 2230 else 2231 freq = rx_status->freq; 2232 2233 channel = ieee80211_get_channel(local->hw.wiphy, freq); 2234 2235 if (!channel || channel->flags & IEEE80211_CHAN_DISABLED) 2236 return; 2237 2238 bss = ieee80211_bss_info_update(local, rx_status, mgmt, len, elems, 2239 channel, beacon); 2240 if (bss) 2241 ieee80211_rx_bss_put(local, bss); 2242 2243 if (!sdata->u.mgd.associated) 2244 return; 2245 2246 if (need_ps) { 2247 mutex_lock(&local->iflist_mtx); 2248 ieee80211_recalc_ps(local, -1); 2249 mutex_unlock(&local->iflist_mtx); 2250 } 2251 2252 if (elems->ch_switch_elem && (elems->ch_switch_elem_len == 3) && 2253 (memcmp(mgmt->bssid, sdata->u.mgd.associated->bssid, 2254 ETH_ALEN) == 0)) { 2255 struct ieee80211_channel_sw_ie *sw_elem = 2256 (struct ieee80211_channel_sw_ie *)elems->ch_switch_elem; 2257 ieee80211_sta_process_chanswitch(sdata, sw_elem, 2258 bss, rx_status->mactime); 2259 } 2260 } 2261 2262 2263 static void ieee80211_rx_mgmt_probe_resp(struct ieee80211_sub_if_data *sdata, 2264 struct sk_buff *skb) 2265 { 2266 struct ieee80211_mgmt *mgmt = (void *)skb->data; 2267 struct ieee80211_if_managed *ifmgd; 2268 struct ieee80211_rx_status *rx_status = (void *) skb->cb; 2269 size_t baselen, len = skb->len; 2270 struct ieee802_11_elems elems; 2271 2272 ifmgd = &sdata->u.mgd; 2273 2274 ASSERT_MGD_MTX(ifmgd); 2275 2276 if (compare_ether_addr(mgmt->da, sdata->vif.addr)) 2277 return; /* ignore ProbeResp to foreign address */ 2278 2279 baselen = (u8 *) mgmt->u.probe_resp.variable - (u8 *) mgmt; 2280 if (baselen > len) 2281 return; 2282 2283 ieee802_11_parse_elems(mgmt->u.probe_resp.variable, len - baselen, 2284 &elems); 2285 2286 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems, false); 2287 2288 if (ifmgd->associated && 2289 compare_ether_addr(mgmt->bssid, ifmgd->associated->bssid) == 0) 2290 ieee80211_reset_ap_probe(sdata); 2291 2292 if (ifmgd->auth_data && !ifmgd->auth_data->bss->proberesp_ies && 2293 compare_ether_addr(mgmt->bssid, ifmgd->auth_data->bss->bssid) 2294 == 0) { 2295 /* got probe response, continue with auth */ 2296 printk(KERN_DEBUG "%s: direct probe responded\n", sdata->name); 2297 ifmgd->auth_data->tries = 0; 2298 ifmgd->auth_data->timeout = jiffies; 2299 run_again(ifmgd, ifmgd->auth_data->timeout); 2300 } 2301 } 2302 2303 /* 2304 * This is the canonical list of information elements we care about, 2305 * the filter code also gives us all changes to the Microsoft OUI 2306 * (00:50:F2) vendor IE which is used for WMM which we need to track. 2307 * 2308 * We implement beacon filtering in software since that means we can 2309 * avoid processing the frame here and in cfg80211, and userspace 2310 * will not be able to tell whether the hardware supports it or not. 2311 * 2312 * XXX: This list needs to be dynamic -- userspace needs to be able to 2313 * add items it requires. It also needs to be able to tell us to 2314 * look out for other vendor IEs. 2315 */ 2316 static const u64 care_about_ies = 2317 (1ULL << WLAN_EID_COUNTRY) | 2318 (1ULL << WLAN_EID_ERP_INFO) | 2319 (1ULL << WLAN_EID_CHANNEL_SWITCH) | 2320 (1ULL << WLAN_EID_PWR_CONSTRAINT) | 2321 (1ULL << WLAN_EID_HT_CAPABILITY) | 2322 (1ULL << WLAN_EID_HT_INFORMATION); 2323 2324 static void ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata, 2325 struct ieee80211_mgmt *mgmt, 2326 size_t len, 2327 struct ieee80211_rx_status *rx_status) 2328 { 2329 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2330 struct ieee80211_bss_conf *bss_conf = &sdata->vif.bss_conf; 2331 size_t baselen; 2332 struct ieee802_11_elems elems; 2333 struct ieee80211_local *local = sdata->local; 2334 u32 changed = 0; 2335 bool erp_valid, directed_tim = false; 2336 u8 erp_value = 0; 2337 u32 ncrc; 2338 u8 *bssid; 2339 2340 lockdep_assert_held(&ifmgd->mtx); 2341 2342 /* Process beacon from the current BSS */ 2343 baselen = (u8 *) mgmt->u.beacon.variable - (u8 *) mgmt; 2344 if (baselen > len) 2345 return; 2346 2347 if (rx_status->freq != local->hw.conf.channel->center_freq) 2348 return; 2349 2350 if (ifmgd->assoc_data && !ifmgd->assoc_data->have_beacon && 2351 compare_ether_addr(mgmt->bssid, ifmgd->assoc_data->bss->bssid) 2352 == 0) { 2353 ieee802_11_parse_elems(mgmt->u.beacon.variable, 2354 len - baselen, &elems); 2355 2356 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems, 2357 false); 2358 ifmgd->assoc_data->have_beacon = true; 2359 ifmgd->assoc_data->sent_assoc = false; 2360 /* continue assoc process */ 2361 ifmgd->assoc_data->timeout = jiffies; 2362 run_again(ifmgd, ifmgd->assoc_data->timeout); 2363 return; 2364 } 2365 2366 if (!ifmgd->associated || 2367 compare_ether_addr(mgmt->bssid, ifmgd->associated->bssid)) 2368 return; 2369 bssid = ifmgd->associated->bssid; 2370 2371 /* Track average RSSI from the Beacon frames of the current AP */ 2372 ifmgd->last_beacon_signal = rx_status->signal; 2373 if (ifmgd->flags & IEEE80211_STA_RESET_SIGNAL_AVE) { 2374 ifmgd->flags &= ~IEEE80211_STA_RESET_SIGNAL_AVE; 2375 ifmgd->ave_beacon_signal = rx_status->signal * 16; 2376 ifmgd->last_cqm_event_signal = 0; 2377 ifmgd->count_beacon_signal = 1; 2378 ifmgd->last_ave_beacon_signal = 0; 2379 } else { 2380 ifmgd->ave_beacon_signal = 2381 (IEEE80211_SIGNAL_AVE_WEIGHT * rx_status->signal * 16 + 2382 (16 - IEEE80211_SIGNAL_AVE_WEIGHT) * 2383 ifmgd->ave_beacon_signal) / 16; 2384 ifmgd->count_beacon_signal++; 2385 } 2386 2387 if (ifmgd->rssi_min_thold != ifmgd->rssi_max_thold && 2388 ifmgd->count_beacon_signal >= IEEE80211_SIGNAL_AVE_MIN_COUNT) { 2389 int sig = ifmgd->ave_beacon_signal; 2390 int last_sig = ifmgd->last_ave_beacon_signal; 2391 2392 /* 2393 * if signal crosses either of the boundaries, invoke callback 2394 * with appropriate parameters 2395 */ 2396 if (sig > ifmgd->rssi_max_thold && 2397 (last_sig <= ifmgd->rssi_min_thold || last_sig == 0)) { 2398 ifmgd->last_ave_beacon_signal = sig; 2399 drv_rssi_callback(local, RSSI_EVENT_HIGH); 2400 } else if (sig < ifmgd->rssi_min_thold && 2401 (last_sig >= ifmgd->rssi_max_thold || 2402 last_sig == 0)) { 2403 ifmgd->last_ave_beacon_signal = sig; 2404 drv_rssi_callback(local, RSSI_EVENT_LOW); 2405 } 2406 } 2407 2408 if (bss_conf->cqm_rssi_thold && 2409 ifmgd->count_beacon_signal >= IEEE80211_SIGNAL_AVE_MIN_COUNT && 2410 !(sdata->vif.driver_flags & IEEE80211_VIF_SUPPORTS_CQM_RSSI)) { 2411 int sig = ifmgd->ave_beacon_signal / 16; 2412 int last_event = ifmgd->last_cqm_event_signal; 2413 int thold = bss_conf->cqm_rssi_thold; 2414 int hyst = bss_conf->cqm_rssi_hyst; 2415 if (sig < thold && 2416 (last_event == 0 || sig < last_event - hyst)) { 2417 ifmgd->last_cqm_event_signal = sig; 2418 ieee80211_cqm_rssi_notify( 2419 &sdata->vif, 2420 NL80211_CQM_RSSI_THRESHOLD_EVENT_LOW, 2421 GFP_KERNEL); 2422 } else if (sig > thold && 2423 (last_event == 0 || sig > last_event + hyst)) { 2424 ifmgd->last_cqm_event_signal = sig; 2425 ieee80211_cqm_rssi_notify( 2426 &sdata->vif, 2427 NL80211_CQM_RSSI_THRESHOLD_EVENT_HIGH, 2428 GFP_KERNEL); 2429 } 2430 } 2431 2432 if (ifmgd->flags & IEEE80211_STA_BEACON_POLL) { 2433 #ifdef CONFIG_MAC80211_VERBOSE_DEBUG 2434 if (net_ratelimit()) { 2435 printk(KERN_DEBUG "%s: cancelling probereq poll due " 2436 "to a received beacon\n", sdata->name); 2437 } 2438 #endif 2439 ifmgd->flags &= ~IEEE80211_STA_BEACON_POLL; 2440 mutex_lock(&local->iflist_mtx); 2441 ieee80211_recalc_ps(local, -1); 2442 mutex_unlock(&local->iflist_mtx); 2443 } 2444 2445 /* 2446 * Push the beacon loss detection into the future since 2447 * we are processing a beacon from the AP just now. 2448 */ 2449 ieee80211_sta_reset_beacon_monitor(sdata); 2450 2451 ncrc = crc32_be(0, (void *)&mgmt->u.beacon.beacon_int, 4); 2452 ncrc = ieee802_11_parse_elems_crc(mgmt->u.beacon.variable, 2453 len - baselen, &elems, 2454 care_about_ies, ncrc); 2455 2456 if (local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK) 2457 directed_tim = ieee80211_check_tim(elems.tim, elems.tim_len, 2458 ifmgd->aid); 2459 2460 if (ncrc != ifmgd->beacon_crc || !ifmgd->beacon_crc_valid) { 2461 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems, 2462 true); 2463 2464 ieee80211_sta_wmm_params(local, sdata, elems.wmm_param, 2465 elems.wmm_param_len); 2466 } 2467 2468 if (local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK) { 2469 if (directed_tim) { 2470 if (local->hw.conf.dynamic_ps_timeout > 0) { 2471 local->hw.conf.flags &= ~IEEE80211_CONF_PS; 2472 ieee80211_hw_config(local, 2473 IEEE80211_CONF_CHANGE_PS); 2474 ieee80211_send_nullfunc(local, sdata, 0); 2475 } else { 2476 local->pspolling = true; 2477 2478 /* 2479 * Here is assumed that the driver will be 2480 * able to send ps-poll frame and receive a 2481 * response even though power save mode is 2482 * enabled, but some drivers might require 2483 * to disable power save here. This needs 2484 * to be investigated. 2485 */ 2486 ieee80211_send_pspoll(local, sdata); 2487 } 2488 } 2489 } 2490 2491 if (ncrc == ifmgd->beacon_crc && ifmgd->beacon_crc_valid) 2492 return; 2493 ifmgd->beacon_crc = ncrc; 2494 ifmgd->beacon_crc_valid = true; 2495 2496 if (elems.erp_info && elems.erp_info_len >= 1) { 2497 erp_valid = true; 2498 erp_value = elems.erp_info[0]; 2499 } else { 2500 erp_valid = false; 2501 } 2502 changed |= ieee80211_handle_bss_capability(sdata, 2503 le16_to_cpu(mgmt->u.beacon.capab_info), 2504 erp_valid, erp_value); 2505 2506 2507 if (elems.ht_cap_elem && elems.ht_info_elem && elems.wmm_param && 2508 !(ifmgd->flags & IEEE80211_STA_DISABLE_11N)) { 2509 struct sta_info *sta; 2510 struct ieee80211_supported_band *sband; 2511 u16 ap_ht_cap_flags; 2512 2513 rcu_read_lock(); 2514 2515 sta = sta_info_get(sdata, bssid); 2516 if (WARN_ON(!sta)) { 2517 rcu_read_unlock(); 2518 return; 2519 } 2520 2521 sband = local->hw.wiphy->bands[local->hw.conf.channel->band]; 2522 2523 ieee80211_ht_cap_ie_to_sta_ht_cap(sdata, sband, 2524 elems.ht_cap_elem, &sta->sta.ht_cap); 2525 2526 ap_ht_cap_flags = sta->sta.ht_cap.cap; 2527 2528 rcu_read_unlock(); 2529 2530 changed |= ieee80211_enable_ht(sdata, elems.ht_info_elem, 2531 bssid, ap_ht_cap_flags, true); 2532 } 2533 2534 /* Note: country IE parsing is done for us by cfg80211 */ 2535 if (elems.country_elem) { 2536 /* TODO: IBSS also needs this */ 2537 if (elems.pwr_constr_elem) 2538 ieee80211_handle_pwr_constr(sdata, 2539 le16_to_cpu(mgmt->u.probe_resp.capab_info), 2540 elems.pwr_constr_elem, 2541 elems.pwr_constr_elem_len); 2542 } 2543 2544 ieee80211_bss_info_change_notify(sdata, changed); 2545 } 2546 2547 void ieee80211_sta_rx_queued_mgmt(struct ieee80211_sub_if_data *sdata, 2548 struct sk_buff *skb) 2549 { 2550 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2551 struct ieee80211_rx_status *rx_status; 2552 struct ieee80211_mgmt *mgmt; 2553 struct cfg80211_bss *bss = NULL; 2554 enum rx_mgmt_action rma = RX_MGMT_NONE; 2555 u16 fc; 2556 2557 rx_status = (struct ieee80211_rx_status *) skb->cb; 2558 mgmt = (struct ieee80211_mgmt *) skb->data; 2559 fc = le16_to_cpu(mgmt->frame_control); 2560 2561 mutex_lock(&ifmgd->mtx); 2562 2563 switch (fc & IEEE80211_FCTL_STYPE) { 2564 case IEEE80211_STYPE_BEACON: 2565 ieee80211_rx_mgmt_beacon(sdata, mgmt, skb->len, rx_status); 2566 break; 2567 case IEEE80211_STYPE_PROBE_RESP: 2568 ieee80211_rx_mgmt_probe_resp(sdata, skb); 2569 break; 2570 case IEEE80211_STYPE_AUTH: 2571 rma = ieee80211_rx_mgmt_auth(sdata, mgmt, skb->len); 2572 break; 2573 case IEEE80211_STYPE_DEAUTH: 2574 rma = ieee80211_rx_mgmt_deauth(sdata, mgmt, skb->len); 2575 break; 2576 case IEEE80211_STYPE_DISASSOC: 2577 rma = ieee80211_rx_mgmt_disassoc(sdata, mgmt, skb->len); 2578 break; 2579 case IEEE80211_STYPE_ASSOC_RESP: 2580 case IEEE80211_STYPE_REASSOC_RESP: 2581 rma = ieee80211_rx_mgmt_assoc_resp(sdata, mgmt, skb->len, &bss); 2582 break; 2583 case IEEE80211_STYPE_ACTION: 2584 switch (mgmt->u.action.category) { 2585 case WLAN_CATEGORY_SPECTRUM_MGMT: 2586 ieee80211_sta_process_chanswitch(sdata, 2587 &mgmt->u.action.u.chan_switch.sw_elem, 2588 (void *)ifmgd->associated->priv, 2589 rx_status->mactime); 2590 break; 2591 } 2592 } 2593 mutex_unlock(&ifmgd->mtx); 2594 2595 switch (rma) { 2596 case RX_MGMT_NONE: 2597 /* no action */ 2598 break; 2599 case RX_MGMT_CFG80211_DEAUTH: 2600 cfg80211_send_deauth(sdata->dev, (u8 *)mgmt, skb->len); 2601 break; 2602 case RX_MGMT_CFG80211_DISASSOC: 2603 cfg80211_send_disassoc(sdata->dev, (u8 *)mgmt, skb->len); 2604 break; 2605 case RX_MGMT_CFG80211_RX_AUTH: 2606 cfg80211_send_rx_auth(sdata->dev, (u8 *)mgmt, skb->len); 2607 break; 2608 case RX_MGMT_CFG80211_RX_ASSOC: 2609 cfg80211_send_rx_assoc(sdata->dev, bss, (u8 *)mgmt, skb->len); 2610 break; 2611 case RX_MGMT_CFG80211_ASSOC_TIMEOUT: 2612 cfg80211_send_assoc_timeout(sdata->dev, mgmt->bssid); 2613 break; 2614 default: 2615 WARN(1, "unexpected: %d", rma); 2616 } 2617 } 2618 2619 static void ieee80211_sta_timer(unsigned long data) 2620 { 2621 struct ieee80211_sub_if_data *sdata = 2622 (struct ieee80211_sub_if_data *) data; 2623 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2624 struct ieee80211_local *local = sdata->local; 2625 2626 if (local->quiescing) { 2627 set_bit(TMR_RUNNING_TIMER, &ifmgd->timers_running); 2628 return; 2629 } 2630 2631 ieee80211_queue_work(&local->hw, &sdata->work); 2632 } 2633 2634 static void ieee80211_sta_connection_lost(struct ieee80211_sub_if_data *sdata, 2635 u8 *bssid, u8 reason) 2636 { 2637 struct ieee80211_local *local = sdata->local; 2638 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2639 u8 frame_buf[DEAUTH_DISASSOC_LEN]; 2640 2641 ifmgd->flags &= ~(IEEE80211_STA_CONNECTION_POLL | 2642 IEEE80211_STA_BEACON_POLL); 2643 2644 ieee80211_set_disassoc(sdata, IEEE80211_STYPE_DEAUTH, reason, 2645 false, frame_buf); 2646 mutex_unlock(&ifmgd->mtx); 2647 2648 /* 2649 * must be outside lock due to cfg80211, 2650 * but that's not a problem. 2651 */ 2652 cfg80211_send_deauth(sdata->dev, frame_buf, DEAUTH_DISASSOC_LEN); 2653 2654 mutex_lock(&local->mtx); 2655 ieee80211_recalc_idle(local); 2656 mutex_unlock(&local->mtx); 2657 2658 mutex_lock(&ifmgd->mtx); 2659 } 2660 2661 static int ieee80211_probe_auth(struct ieee80211_sub_if_data *sdata) 2662 { 2663 struct ieee80211_local *local = sdata->local; 2664 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2665 struct ieee80211_mgd_auth_data *auth_data = ifmgd->auth_data; 2666 2667 lockdep_assert_held(&ifmgd->mtx); 2668 2669 if (WARN_ON_ONCE(!auth_data)) 2670 return -EINVAL; 2671 2672 auth_data->tries++; 2673 2674 if (auth_data->tries > IEEE80211_AUTH_MAX_TRIES) { 2675 printk(KERN_DEBUG "%s: authentication with %pM timed out\n", 2676 sdata->name, auth_data->bss->bssid); 2677 2678 /* 2679 * Most likely AP is not in the range so remove the 2680 * bss struct for that AP. 2681 */ 2682 cfg80211_unlink_bss(local->hw.wiphy, auth_data->bss); 2683 2684 return -ETIMEDOUT; 2685 } 2686 2687 if (auth_data->bss->proberesp_ies) { 2688 printk(KERN_DEBUG "%s: send auth to %pM (try %d/%d)\n", 2689 sdata->name, auth_data->bss->bssid, auth_data->tries, 2690 IEEE80211_AUTH_MAX_TRIES); 2691 2692 auth_data->expected_transaction = 2; 2693 ieee80211_send_auth(sdata, 1, auth_data->algorithm, 2694 auth_data->ie, auth_data->ie_len, 2695 auth_data->bss->bssid, 2696 auth_data->bss->bssid, NULL, 0, 0); 2697 } else { 2698 const u8 *ssidie; 2699 2700 printk(KERN_DEBUG "%s: direct probe to %pM (try %d/%i)\n", 2701 sdata->name, auth_data->bss->bssid, auth_data->tries, 2702 IEEE80211_AUTH_MAX_TRIES); 2703 2704 ssidie = ieee80211_bss_get_ie(auth_data->bss, WLAN_EID_SSID); 2705 if (!ssidie) 2706 return -EINVAL; 2707 /* 2708 * Direct probe is sent to broadcast address as some APs 2709 * will not answer to direct packet in unassociated state. 2710 */ 2711 ieee80211_send_probe_req(sdata, NULL, ssidie + 2, ssidie[1], 2712 NULL, 0, (u32) -1, true, false); 2713 } 2714 2715 auth_data->timeout = jiffies + IEEE80211_AUTH_TIMEOUT; 2716 run_again(ifmgd, auth_data->timeout); 2717 2718 return 0; 2719 } 2720 2721 static int ieee80211_do_assoc(struct ieee80211_sub_if_data *sdata) 2722 { 2723 struct ieee80211_mgd_assoc_data *assoc_data = sdata->u.mgd.assoc_data; 2724 struct ieee80211_local *local = sdata->local; 2725 2726 lockdep_assert_held(&sdata->u.mgd.mtx); 2727 2728 assoc_data->tries++; 2729 if (assoc_data->tries > IEEE80211_ASSOC_MAX_TRIES) { 2730 printk(KERN_DEBUG "%s: association with %pM timed out\n", 2731 sdata->name, assoc_data->bss->bssid); 2732 2733 /* 2734 * Most likely AP is not in the range so remove the 2735 * bss struct for that AP. 2736 */ 2737 cfg80211_unlink_bss(local->hw.wiphy, assoc_data->bss); 2738 2739 return -ETIMEDOUT; 2740 } 2741 2742 printk(KERN_DEBUG "%s: associate with %pM (try %d/%d)\n", 2743 sdata->name, assoc_data->bss->bssid, assoc_data->tries, 2744 IEEE80211_ASSOC_MAX_TRIES); 2745 ieee80211_send_assoc(sdata); 2746 2747 assoc_data->timeout = jiffies + IEEE80211_ASSOC_TIMEOUT; 2748 run_again(&sdata->u.mgd, assoc_data->timeout); 2749 2750 return 0; 2751 } 2752 2753 void ieee80211_sta_work(struct ieee80211_sub_if_data *sdata) 2754 { 2755 struct ieee80211_local *local = sdata->local; 2756 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2757 2758 mutex_lock(&ifmgd->mtx); 2759 2760 if (ifmgd->auth_data && 2761 time_after(jiffies, ifmgd->auth_data->timeout)) { 2762 if (ifmgd->auth_data->done) { 2763 /* 2764 * ok ... we waited for assoc but userspace didn't, 2765 * so let's just kill the auth data 2766 */ 2767 ieee80211_destroy_auth_data(sdata, false); 2768 } else if (ieee80211_probe_auth(sdata)) { 2769 u8 bssid[ETH_ALEN]; 2770 2771 memcpy(bssid, ifmgd->auth_data->bss->bssid, ETH_ALEN); 2772 2773 ieee80211_destroy_auth_data(sdata, false); 2774 2775 mutex_unlock(&ifmgd->mtx); 2776 cfg80211_send_auth_timeout(sdata->dev, bssid); 2777 mutex_lock(&ifmgd->mtx); 2778 } 2779 } else if (ifmgd->auth_data) 2780 run_again(ifmgd, ifmgd->auth_data->timeout); 2781 2782 if (ifmgd->assoc_data && 2783 time_after(jiffies, ifmgd->assoc_data->timeout)) { 2784 if (!ifmgd->assoc_data->have_beacon || 2785 ieee80211_do_assoc(sdata)) { 2786 u8 bssid[ETH_ALEN]; 2787 2788 memcpy(bssid, ifmgd->assoc_data->bss->bssid, ETH_ALEN); 2789 2790 ieee80211_destroy_assoc_data(sdata, false); 2791 2792 mutex_unlock(&ifmgd->mtx); 2793 cfg80211_send_assoc_timeout(sdata->dev, bssid); 2794 mutex_lock(&ifmgd->mtx); 2795 } 2796 } else if (ifmgd->assoc_data) 2797 run_again(ifmgd, ifmgd->assoc_data->timeout); 2798 2799 if (ifmgd->flags & (IEEE80211_STA_BEACON_POLL | 2800 IEEE80211_STA_CONNECTION_POLL) && 2801 ifmgd->associated) { 2802 u8 bssid[ETH_ALEN]; 2803 int max_tries; 2804 2805 memcpy(bssid, ifmgd->associated->bssid, ETH_ALEN); 2806 2807 if (local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS) 2808 max_tries = max_nullfunc_tries; 2809 else 2810 max_tries = max_probe_tries; 2811 2812 /* ACK received for nullfunc probing frame */ 2813 if (!ifmgd->probe_send_count) 2814 ieee80211_reset_ap_probe(sdata); 2815 else if (ifmgd->nullfunc_failed) { 2816 if (ifmgd->probe_send_count < max_tries) { 2817 #ifdef CONFIG_MAC80211_VERBOSE_DEBUG 2818 wiphy_debug(local->hw.wiphy, 2819 "%s: No ack for nullfunc frame to" 2820 " AP %pM, try %d/%i\n", 2821 sdata->name, bssid, 2822 ifmgd->probe_send_count, max_tries); 2823 #endif 2824 ieee80211_mgd_probe_ap_send(sdata); 2825 } else { 2826 #ifdef CONFIG_MAC80211_VERBOSE_DEBUG 2827 wiphy_debug(local->hw.wiphy, 2828 "%s: No ack for nullfunc frame to" 2829 " AP %pM, disconnecting.\n", 2830 sdata->name, bssid); 2831 #endif 2832 ieee80211_sta_connection_lost(sdata, bssid, 2833 WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY); 2834 } 2835 } else if (time_is_after_jiffies(ifmgd->probe_timeout)) 2836 run_again(ifmgd, ifmgd->probe_timeout); 2837 else if (local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS) { 2838 #ifdef CONFIG_MAC80211_VERBOSE_DEBUG 2839 wiphy_debug(local->hw.wiphy, 2840 "%s: Failed to send nullfunc to AP %pM" 2841 " after %dms, disconnecting.\n", 2842 sdata->name, 2843 bssid, probe_wait_ms); 2844 #endif 2845 ieee80211_sta_connection_lost(sdata, bssid, 2846 WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY); 2847 } else if (ifmgd->probe_send_count < max_tries) { 2848 #ifdef CONFIG_MAC80211_VERBOSE_DEBUG 2849 wiphy_debug(local->hw.wiphy, 2850 "%s: No probe response from AP %pM" 2851 " after %dms, try %d/%i\n", 2852 sdata->name, 2853 bssid, probe_wait_ms, 2854 ifmgd->probe_send_count, max_tries); 2855 #endif 2856 ieee80211_mgd_probe_ap_send(sdata); 2857 } else { 2858 /* 2859 * We actually lost the connection ... or did we? 2860 * Let's make sure! 2861 */ 2862 wiphy_debug(local->hw.wiphy, 2863 "%s: No probe response from AP %pM" 2864 " after %dms, disconnecting.\n", 2865 sdata->name, 2866 bssid, probe_wait_ms); 2867 2868 ieee80211_sta_connection_lost(sdata, bssid, 2869 WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY); 2870 } 2871 } 2872 2873 mutex_unlock(&ifmgd->mtx); 2874 2875 mutex_lock(&local->mtx); 2876 ieee80211_recalc_idle(local); 2877 mutex_unlock(&local->mtx); 2878 } 2879 2880 static void ieee80211_sta_bcn_mon_timer(unsigned long data) 2881 { 2882 struct ieee80211_sub_if_data *sdata = 2883 (struct ieee80211_sub_if_data *) data; 2884 struct ieee80211_local *local = sdata->local; 2885 2886 if (local->quiescing) 2887 return; 2888 2889 ieee80211_queue_work(&sdata->local->hw, 2890 &sdata->u.mgd.beacon_connection_loss_work); 2891 } 2892 2893 static void ieee80211_sta_conn_mon_timer(unsigned long data) 2894 { 2895 struct ieee80211_sub_if_data *sdata = 2896 (struct ieee80211_sub_if_data *) data; 2897 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2898 struct ieee80211_local *local = sdata->local; 2899 2900 if (local->quiescing) 2901 return; 2902 2903 ieee80211_queue_work(&local->hw, &ifmgd->monitor_work); 2904 } 2905 2906 static void ieee80211_sta_monitor_work(struct work_struct *work) 2907 { 2908 struct ieee80211_sub_if_data *sdata = 2909 container_of(work, struct ieee80211_sub_if_data, 2910 u.mgd.monitor_work); 2911 2912 ieee80211_mgd_probe_ap(sdata, false); 2913 } 2914 2915 static void ieee80211_restart_sta_timer(struct ieee80211_sub_if_data *sdata) 2916 { 2917 u32 flags; 2918 2919 if (sdata->vif.type == NL80211_IFTYPE_STATION) { 2920 sdata->u.mgd.flags &= ~(IEEE80211_STA_BEACON_POLL | 2921 IEEE80211_STA_CONNECTION_POLL); 2922 2923 /* let's probe the connection once */ 2924 flags = sdata->local->hw.flags; 2925 if (!(flags & IEEE80211_HW_CONNECTION_MONITOR)) 2926 ieee80211_queue_work(&sdata->local->hw, 2927 &sdata->u.mgd.monitor_work); 2928 /* and do all the other regular work too */ 2929 ieee80211_queue_work(&sdata->local->hw, &sdata->work); 2930 } 2931 } 2932 2933 #ifdef CONFIG_PM 2934 void ieee80211_sta_quiesce(struct ieee80211_sub_if_data *sdata) 2935 { 2936 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2937 2938 /* 2939 * we need to use atomic bitops for the running bits 2940 * only because both timers might fire at the same 2941 * time -- the code here is properly synchronised. 2942 */ 2943 2944 cancel_work_sync(&ifmgd->request_smps_work); 2945 2946 cancel_work_sync(&ifmgd->monitor_work); 2947 cancel_work_sync(&ifmgd->beacon_connection_loss_work); 2948 if (del_timer_sync(&ifmgd->timer)) 2949 set_bit(TMR_RUNNING_TIMER, &ifmgd->timers_running); 2950 2951 cancel_work_sync(&ifmgd->chswitch_work); 2952 if (del_timer_sync(&ifmgd->chswitch_timer)) 2953 set_bit(TMR_RUNNING_CHANSW, &ifmgd->timers_running); 2954 2955 /* these will just be re-established on connection */ 2956 del_timer_sync(&ifmgd->conn_mon_timer); 2957 del_timer_sync(&ifmgd->bcn_mon_timer); 2958 } 2959 2960 void ieee80211_sta_restart(struct ieee80211_sub_if_data *sdata) 2961 { 2962 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2963 2964 if (!ifmgd->associated) 2965 return; 2966 2967 if (sdata->flags & IEEE80211_SDATA_DISCONNECT_RESUME) { 2968 sdata->flags &= ~IEEE80211_SDATA_DISCONNECT_RESUME; 2969 mutex_lock(&ifmgd->mtx); 2970 if (ifmgd->associated) { 2971 #ifdef CONFIG_MAC80211_VERBOSE_DEBUG 2972 wiphy_debug(sdata->local->hw.wiphy, 2973 "%s: driver requested disconnect after resume.\n", 2974 sdata->name); 2975 #endif 2976 ieee80211_sta_connection_lost(sdata, 2977 ifmgd->associated->bssid, 2978 WLAN_REASON_UNSPECIFIED); 2979 mutex_unlock(&ifmgd->mtx); 2980 return; 2981 } 2982 mutex_unlock(&ifmgd->mtx); 2983 } 2984 2985 if (test_and_clear_bit(TMR_RUNNING_TIMER, &ifmgd->timers_running)) 2986 add_timer(&ifmgd->timer); 2987 if (test_and_clear_bit(TMR_RUNNING_CHANSW, &ifmgd->timers_running)) 2988 add_timer(&ifmgd->chswitch_timer); 2989 ieee80211_sta_reset_beacon_monitor(sdata); 2990 ieee80211_restart_sta_timer(sdata); 2991 } 2992 #endif 2993 2994 /* interface setup */ 2995 void ieee80211_sta_setup_sdata(struct ieee80211_sub_if_data *sdata) 2996 { 2997 struct ieee80211_if_managed *ifmgd; 2998 2999 ifmgd = &sdata->u.mgd; 3000 INIT_WORK(&ifmgd->monitor_work, ieee80211_sta_monitor_work); 3001 INIT_WORK(&ifmgd->chswitch_work, ieee80211_chswitch_work); 3002 INIT_WORK(&ifmgd->beacon_connection_loss_work, 3003 ieee80211_beacon_connection_loss_work); 3004 INIT_WORK(&ifmgd->request_smps_work, ieee80211_request_smps_work); 3005 setup_timer(&ifmgd->timer, ieee80211_sta_timer, 3006 (unsigned long) sdata); 3007 setup_timer(&ifmgd->bcn_mon_timer, ieee80211_sta_bcn_mon_timer, 3008 (unsigned long) sdata); 3009 setup_timer(&ifmgd->conn_mon_timer, ieee80211_sta_conn_mon_timer, 3010 (unsigned long) sdata); 3011 setup_timer(&ifmgd->chswitch_timer, ieee80211_chswitch_timer, 3012 (unsigned long) sdata); 3013 3014 ifmgd->flags = 0; 3015 ifmgd->powersave = sdata->wdev.ps; 3016 ifmgd->uapsd_queues = IEEE80211_DEFAULT_UAPSD_QUEUES; 3017 ifmgd->uapsd_max_sp_len = IEEE80211_DEFAULT_MAX_SP_LEN; 3018 3019 mutex_init(&ifmgd->mtx); 3020 3021 if (sdata->local->hw.flags & IEEE80211_HW_SUPPORTS_DYNAMIC_SMPS) 3022 ifmgd->req_smps = IEEE80211_SMPS_AUTOMATIC; 3023 else 3024 ifmgd->req_smps = IEEE80211_SMPS_OFF; 3025 } 3026 3027 /* scan finished notification */ 3028 void ieee80211_mlme_notify_scan_completed(struct ieee80211_local *local) 3029 { 3030 struct ieee80211_sub_if_data *sdata = local->scan_sdata; 3031 3032 /* Restart STA timers */ 3033 rcu_read_lock(); 3034 list_for_each_entry_rcu(sdata, &local->interfaces, list) 3035 ieee80211_restart_sta_timer(sdata); 3036 rcu_read_unlock(); 3037 } 3038 3039 int ieee80211_max_network_latency(struct notifier_block *nb, 3040 unsigned long data, void *dummy) 3041 { 3042 s32 latency_usec = (s32) data; 3043 struct ieee80211_local *local = 3044 container_of(nb, struct ieee80211_local, 3045 network_latency_notifier); 3046 3047 mutex_lock(&local->iflist_mtx); 3048 ieee80211_recalc_ps(local, latency_usec); 3049 mutex_unlock(&local->iflist_mtx); 3050 3051 return 0; 3052 } 3053 3054 static int ieee80211_prep_connection(struct ieee80211_sub_if_data *sdata, 3055 struct cfg80211_bss *cbss, bool assoc) 3056 { 3057 struct ieee80211_local *local = sdata->local; 3058 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 3059 struct ieee80211_bss *bss = (void *)cbss->priv; 3060 struct sta_info *sta; 3061 bool have_sta = false; 3062 int err; 3063 3064 if (WARN_ON(!ifmgd->auth_data && !ifmgd->assoc_data)) 3065 return -EINVAL; 3066 3067 if (assoc) { 3068 rcu_read_lock(); 3069 have_sta = sta_info_get(sdata, cbss->bssid); 3070 rcu_read_unlock(); 3071 } 3072 3073 if (!have_sta) { 3074 sta = sta_info_alloc(sdata, cbss->bssid, GFP_KERNEL); 3075 if (!sta) 3076 return -ENOMEM; 3077 } 3078 3079 mutex_lock(&local->mtx); 3080 ieee80211_recalc_idle(sdata->local); 3081 mutex_unlock(&local->mtx); 3082 3083 /* switch to the right channel */ 3084 local->oper_channel = cbss->channel; 3085 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_CHANNEL); 3086 3087 if (!have_sta) { 3088 struct ieee80211_supported_band *sband; 3089 u32 rates = 0, basic_rates = 0; 3090 bool have_higher_than_11mbit; 3091 int min_rate = INT_MAX, min_rate_index = -1; 3092 3093 sband = sdata->local->hw.wiphy->bands[cbss->channel->band]; 3094 3095 ieee80211_get_rates(sband, bss->supp_rates, 3096 bss->supp_rates_len, 3097 &rates, &basic_rates, 3098 &have_higher_than_11mbit, 3099 &min_rate, &min_rate_index); 3100 3101 /* 3102 * This used to be a workaround for basic rates missing 3103 * in the association response frame. Now that we no 3104 * longer use the basic rates from there, it probably 3105 * doesn't happen any more, but keep the workaround so 3106 * in case some *other* APs are buggy in different ways 3107 * we can connect -- with a warning. 3108 */ 3109 if (!basic_rates && min_rate_index >= 0) { 3110 printk(KERN_DEBUG 3111 "%s: No basic rates, using min rate instead.\n", 3112 sdata->name); 3113 basic_rates = BIT(min_rate_index); 3114 } 3115 3116 sta->sta.supp_rates[cbss->channel->band] = rates; 3117 sdata->vif.bss_conf.basic_rates = basic_rates; 3118 3119 /* cf. IEEE 802.11 9.2.12 */ 3120 if (local->oper_channel->band == IEEE80211_BAND_2GHZ && 3121 have_higher_than_11mbit) 3122 sdata->flags |= IEEE80211_SDATA_OPERATING_GMODE; 3123 else 3124 sdata->flags &= ~IEEE80211_SDATA_OPERATING_GMODE; 3125 3126 memcpy(ifmgd->bssid, cbss->bssid, ETH_ALEN); 3127 3128 /* tell driver about BSSID and basic rates */ 3129 ieee80211_bss_info_change_notify(sdata, 3130 BSS_CHANGED_BSSID | BSS_CHANGED_BASIC_RATES); 3131 3132 if (assoc) 3133 sta_info_pre_move_state(sta, IEEE80211_STA_AUTH); 3134 3135 err = sta_info_insert(sta); 3136 sta = NULL; 3137 if (err) { 3138 printk(KERN_DEBUG 3139 "%s: failed to insert STA entry for the AP (error %d)\n", 3140 sdata->name, err); 3141 return err; 3142 } 3143 } else 3144 WARN_ON_ONCE(compare_ether_addr(ifmgd->bssid, cbss->bssid)); 3145 3146 return 0; 3147 } 3148 3149 /* config hooks */ 3150 int ieee80211_mgd_auth(struct ieee80211_sub_if_data *sdata, 3151 struct cfg80211_auth_request *req) 3152 { 3153 struct ieee80211_local *local = sdata->local; 3154 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 3155 struct ieee80211_mgd_auth_data *auth_data; 3156 u16 auth_alg; 3157 int err; 3158 3159 /* prepare auth data structure */ 3160 3161 switch (req->auth_type) { 3162 case NL80211_AUTHTYPE_OPEN_SYSTEM: 3163 auth_alg = WLAN_AUTH_OPEN; 3164 break; 3165 case NL80211_AUTHTYPE_SHARED_KEY: 3166 if (IS_ERR(local->wep_tx_tfm)) 3167 return -EOPNOTSUPP; 3168 auth_alg = WLAN_AUTH_SHARED_KEY; 3169 break; 3170 case NL80211_AUTHTYPE_FT: 3171 auth_alg = WLAN_AUTH_FT; 3172 break; 3173 case NL80211_AUTHTYPE_NETWORK_EAP: 3174 auth_alg = WLAN_AUTH_LEAP; 3175 break; 3176 default: 3177 return -EOPNOTSUPP; 3178 } 3179 3180 auth_data = kzalloc(sizeof(*auth_data) + req->ie_len, GFP_KERNEL); 3181 if (!auth_data) 3182 return -ENOMEM; 3183 3184 auth_data->bss = req->bss; 3185 3186 if (req->ie && req->ie_len) { 3187 memcpy(auth_data->ie, req->ie, req->ie_len); 3188 auth_data->ie_len = req->ie_len; 3189 } 3190 3191 if (req->key && req->key_len) { 3192 auth_data->key_len = req->key_len; 3193 auth_data->key_idx = req->key_idx; 3194 memcpy(auth_data->key, req->key, req->key_len); 3195 } 3196 3197 auth_data->algorithm = auth_alg; 3198 3199 /* try to authenticate/probe */ 3200 3201 mutex_lock(&ifmgd->mtx); 3202 3203 if ((ifmgd->auth_data && !ifmgd->auth_data->done) || 3204 ifmgd->assoc_data) { 3205 err = -EBUSY; 3206 goto err_free; 3207 } 3208 3209 if (ifmgd->auth_data) 3210 ieee80211_destroy_auth_data(sdata, false); 3211 3212 /* prep auth_data so we don't go into idle on disassoc */ 3213 ifmgd->auth_data = auth_data; 3214 3215 if (ifmgd->associated) 3216 ieee80211_set_disassoc(sdata, 0, 0, false, NULL); 3217 3218 printk(KERN_DEBUG "%s: authenticate with %pM\n", 3219 sdata->name, req->bss->bssid); 3220 3221 err = ieee80211_prep_connection(sdata, req->bss, false); 3222 if (err) 3223 goto err_clear; 3224 3225 err = ieee80211_probe_auth(sdata); 3226 if (err) { 3227 sta_info_destroy_addr(sdata, req->bss->bssid); 3228 goto err_clear; 3229 } 3230 3231 /* hold our own reference */ 3232 cfg80211_ref_bss(auth_data->bss); 3233 err = 0; 3234 goto out_unlock; 3235 3236 err_clear: 3237 ifmgd->auth_data = NULL; 3238 err_free: 3239 kfree(auth_data); 3240 out_unlock: 3241 mutex_unlock(&ifmgd->mtx); 3242 3243 return err; 3244 } 3245 3246 int ieee80211_mgd_assoc(struct ieee80211_sub_if_data *sdata, 3247 struct cfg80211_assoc_request *req) 3248 { 3249 struct ieee80211_local *local = sdata->local; 3250 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 3251 struct ieee80211_bss *bss = (void *)req->bss->priv; 3252 struct ieee80211_mgd_assoc_data *assoc_data; 3253 struct ieee80211_supported_band *sband; 3254 const u8 *ssidie; 3255 int i, err; 3256 3257 ssidie = ieee80211_bss_get_ie(req->bss, WLAN_EID_SSID); 3258 if (!ssidie) 3259 return -EINVAL; 3260 3261 assoc_data = kzalloc(sizeof(*assoc_data) + req->ie_len, GFP_KERNEL); 3262 if (!assoc_data) 3263 return -ENOMEM; 3264 3265 mutex_lock(&ifmgd->mtx); 3266 3267 if (ifmgd->associated) 3268 ieee80211_set_disassoc(sdata, 0, 0, false, NULL); 3269 3270 if (ifmgd->auth_data && !ifmgd->auth_data->done) { 3271 err = -EBUSY; 3272 goto err_free; 3273 } 3274 3275 if (ifmgd->assoc_data) { 3276 err = -EBUSY; 3277 goto err_free; 3278 } 3279 3280 if (ifmgd->auth_data) { 3281 bool match; 3282 3283 /* keep sta info, bssid if matching */ 3284 match = compare_ether_addr(ifmgd->bssid, req->bss->bssid) == 0; 3285 ieee80211_destroy_auth_data(sdata, match); 3286 } 3287 3288 /* prepare assoc data */ 3289 3290 ifmgd->flags &= ~IEEE80211_STA_DISABLE_11N; 3291 ifmgd->flags &= ~IEEE80211_STA_NULLFUNC_ACKED; 3292 3293 ifmgd->beacon_crc_valid = false; 3294 3295 /* 3296 * IEEE802.11n does not allow TKIP/WEP as pairwise ciphers in HT mode. 3297 * We still associate in non-HT mode (11a/b/g) if any one of these 3298 * ciphers is configured as pairwise. 3299 * We can set this to true for non-11n hardware, that'll be checked 3300 * separately along with the peer capabilities. 3301 */ 3302 for (i = 0; i < req->crypto.n_ciphers_pairwise; i++) 3303 if (req->crypto.ciphers_pairwise[i] == WLAN_CIPHER_SUITE_WEP40 || 3304 req->crypto.ciphers_pairwise[i] == WLAN_CIPHER_SUITE_TKIP || 3305 req->crypto.ciphers_pairwise[i] == WLAN_CIPHER_SUITE_WEP104) 3306 ifmgd->flags |= IEEE80211_STA_DISABLE_11N; 3307 3308 if (req->flags & ASSOC_REQ_DISABLE_HT) 3309 ifmgd->flags |= IEEE80211_STA_DISABLE_11N; 3310 3311 /* Also disable HT if we don't support it or the AP doesn't use WMM */ 3312 sband = local->hw.wiphy->bands[req->bss->channel->band]; 3313 if (!sband->ht_cap.ht_supported || 3314 local->hw.queues < 4 || !bss->wmm_used) 3315 ifmgd->flags |= IEEE80211_STA_DISABLE_11N; 3316 3317 memcpy(&ifmgd->ht_capa, &req->ht_capa, sizeof(ifmgd->ht_capa)); 3318 memcpy(&ifmgd->ht_capa_mask, &req->ht_capa_mask, 3319 sizeof(ifmgd->ht_capa_mask)); 3320 3321 if (req->ie && req->ie_len) { 3322 memcpy(assoc_data->ie, req->ie, req->ie_len); 3323 assoc_data->ie_len = req->ie_len; 3324 } 3325 3326 assoc_data->bss = req->bss; 3327 3328 if (ifmgd->req_smps == IEEE80211_SMPS_AUTOMATIC) { 3329 if (ifmgd->powersave) 3330 ifmgd->ap_smps = IEEE80211_SMPS_DYNAMIC; 3331 else 3332 ifmgd->ap_smps = IEEE80211_SMPS_OFF; 3333 } else 3334 ifmgd->ap_smps = ifmgd->req_smps; 3335 3336 assoc_data->capability = req->bss->capability; 3337 assoc_data->wmm = bss->wmm_used && (local->hw.queues >= 4); 3338 assoc_data->supp_rates = bss->supp_rates; 3339 assoc_data->supp_rates_len = bss->supp_rates_len; 3340 assoc_data->ht_information_ie = 3341 ieee80211_bss_get_ie(req->bss, WLAN_EID_HT_INFORMATION); 3342 3343 if (bss->wmm_used && bss->uapsd_supported && 3344 (sdata->local->hw.flags & IEEE80211_HW_SUPPORTS_UAPSD)) { 3345 assoc_data->uapsd = true; 3346 ifmgd->flags |= IEEE80211_STA_UAPSD_ENABLED; 3347 } else { 3348 assoc_data->uapsd = false; 3349 ifmgd->flags &= ~IEEE80211_STA_UAPSD_ENABLED; 3350 } 3351 3352 memcpy(assoc_data->ssid, ssidie + 2, ssidie[1]); 3353 assoc_data->ssid_len = ssidie[1]; 3354 3355 if (req->prev_bssid) 3356 memcpy(assoc_data->prev_bssid, req->prev_bssid, ETH_ALEN); 3357 3358 if (req->use_mfp) { 3359 ifmgd->mfp = IEEE80211_MFP_REQUIRED; 3360 ifmgd->flags |= IEEE80211_STA_MFP_ENABLED; 3361 } else { 3362 ifmgd->mfp = IEEE80211_MFP_DISABLED; 3363 ifmgd->flags &= ~IEEE80211_STA_MFP_ENABLED; 3364 } 3365 3366 if (req->crypto.control_port) 3367 ifmgd->flags |= IEEE80211_STA_CONTROL_PORT; 3368 else 3369 ifmgd->flags &= ~IEEE80211_STA_CONTROL_PORT; 3370 3371 sdata->control_port_protocol = req->crypto.control_port_ethertype; 3372 sdata->control_port_no_encrypt = req->crypto.control_port_no_encrypt; 3373 3374 /* kick off associate process */ 3375 3376 ifmgd->assoc_data = assoc_data; 3377 3378 err = ieee80211_prep_connection(sdata, req->bss, true); 3379 if (err) 3380 goto err_clear; 3381 3382 if (!bss->dtim_period && 3383 sdata->local->hw.flags & IEEE80211_HW_NEED_DTIM_PERIOD) { 3384 /* 3385 * Wait up to one beacon interval ... 3386 * should this be more if we miss one? 3387 */ 3388 printk(KERN_DEBUG "%s: waiting for beacon from %pM\n", 3389 sdata->name, ifmgd->bssid); 3390 assoc_data->timeout = TU_TO_EXP_TIME(req->bss->beacon_interval); 3391 } else { 3392 assoc_data->have_beacon = true; 3393 assoc_data->sent_assoc = false; 3394 assoc_data->timeout = jiffies; 3395 } 3396 run_again(ifmgd, assoc_data->timeout); 3397 3398 if (bss->corrupt_data) { 3399 char *corrupt_type = "data"; 3400 if (bss->corrupt_data & IEEE80211_BSS_CORRUPT_BEACON) { 3401 if (bss->corrupt_data & 3402 IEEE80211_BSS_CORRUPT_PROBE_RESP) 3403 corrupt_type = "beacon and probe response"; 3404 else 3405 corrupt_type = "beacon"; 3406 } else if (bss->corrupt_data & IEEE80211_BSS_CORRUPT_PROBE_RESP) 3407 corrupt_type = "probe response"; 3408 printk(KERN_DEBUG "%s: associating with AP with corrupt %s\n", 3409 sdata->name, corrupt_type); 3410 } 3411 3412 err = 0; 3413 goto out; 3414 err_clear: 3415 ifmgd->assoc_data = NULL; 3416 err_free: 3417 kfree(assoc_data); 3418 out: 3419 mutex_unlock(&ifmgd->mtx); 3420 3421 return err; 3422 } 3423 3424 int ieee80211_mgd_deauth(struct ieee80211_sub_if_data *sdata, 3425 struct cfg80211_deauth_request *req) 3426 { 3427 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 3428 u8 frame_buf[DEAUTH_DISASSOC_LEN]; 3429 3430 mutex_lock(&ifmgd->mtx); 3431 3432 if (ifmgd->auth_data) { 3433 ieee80211_destroy_auth_data(sdata, false); 3434 mutex_unlock(&ifmgd->mtx); 3435 return 0; 3436 } 3437 3438 printk(KERN_DEBUG 3439 "%s: deauthenticating from %pM by local choice (reason=%d)\n", 3440 sdata->name, req->bssid, req->reason_code); 3441 3442 if (ifmgd->associated && 3443 compare_ether_addr(ifmgd->associated->bssid, req->bssid) == 0) 3444 ieee80211_set_disassoc(sdata, IEEE80211_STYPE_DEAUTH, 3445 req->reason_code, true, frame_buf); 3446 else 3447 ieee80211_send_deauth_disassoc(sdata, req->bssid, 3448 IEEE80211_STYPE_DEAUTH, 3449 req->reason_code, true, 3450 frame_buf); 3451 mutex_unlock(&ifmgd->mtx); 3452 3453 __cfg80211_send_deauth(sdata->dev, frame_buf, DEAUTH_DISASSOC_LEN); 3454 3455 mutex_lock(&sdata->local->mtx); 3456 ieee80211_recalc_idle(sdata->local); 3457 mutex_unlock(&sdata->local->mtx); 3458 3459 return 0; 3460 } 3461 3462 int ieee80211_mgd_disassoc(struct ieee80211_sub_if_data *sdata, 3463 struct cfg80211_disassoc_request *req) 3464 { 3465 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 3466 u8 bssid[ETH_ALEN]; 3467 u8 frame_buf[DEAUTH_DISASSOC_LEN]; 3468 3469 mutex_lock(&ifmgd->mtx); 3470 3471 /* 3472 * cfg80211 should catch this ... but it's racy since 3473 * we can receive a disassoc frame, process it, hand it 3474 * to cfg80211 while that's in a locked section already 3475 * trying to tell us that the user wants to disconnect. 3476 */ 3477 if (ifmgd->associated != req->bss) { 3478 mutex_unlock(&ifmgd->mtx); 3479 return -ENOLINK; 3480 } 3481 3482 printk(KERN_DEBUG "%s: disassociating from %pM by local choice (reason=%d)\n", 3483 sdata->name, req->bss->bssid, req->reason_code); 3484 3485 memcpy(bssid, req->bss->bssid, ETH_ALEN); 3486 ieee80211_set_disassoc(sdata, IEEE80211_STYPE_DISASSOC, 3487 req->reason_code, !req->local_state_change, 3488 frame_buf); 3489 mutex_unlock(&ifmgd->mtx); 3490 3491 __cfg80211_send_disassoc(sdata->dev, frame_buf, DEAUTH_DISASSOC_LEN); 3492 3493 mutex_lock(&sdata->local->mtx); 3494 ieee80211_recalc_idle(sdata->local); 3495 mutex_unlock(&sdata->local->mtx); 3496 3497 return 0; 3498 } 3499 3500 void ieee80211_mgd_stop(struct ieee80211_sub_if_data *sdata) 3501 { 3502 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 3503 3504 mutex_lock(&ifmgd->mtx); 3505 if (ifmgd->assoc_data) 3506 ieee80211_destroy_assoc_data(sdata, false); 3507 if (ifmgd->auth_data) 3508 ieee80211_destroy_auth_data(sdata, false); 3509 del_timer_sync(&ifmgd->timer); 3510 mutex_unlock(&ifmgd->mtx); 3511 } 3512 3513 void ieee80211_cqm_rssi_notify(struct ieee80211_vif *vif, 3514 enum nl80211_cqm_rssi_threshold_event rssi_event, 3515 gfp_t gfp) 3516 { 3517 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); 3518 3519 trace_api_cqm_rssi_notify(sdata, rssi_event); 3520 3521 cfg80211_cqm_rssi_notify(sdata->dev, rssi_event, gfp); 3522 } 3523 EXPORT_SYMBOL(ieee80211_cqm_rssi_notify); 3524 3525 unsigned char ieee80211_get_operstate(struct ieee80211_vif *vif) 3526 { 3527 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); 3528 return sdata->dev->operstate; 3529 } 3530 EXPORT_SYMBOL(ieee80211_get_operstate); 3531