1 /* 2 * BSS client mode implementation 3 * Copyright 2003-2008, Jouni Malinen <j@w1.fi> 4 * Copyright 2004, Instant802 Networks, Inc. 5 * Copyright 2005, Devicescape Software, Inc. 6 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz> 7 * Copyright 2007, Michael Wu <flamingice@sourmilk.net> 8 * 9 * This program is free software; you can redistribute it and/or modify 10 * it under the terms of the GNU General Public License version 2 as 11 * published by the Free Software Foundation. 12 */ 13 14 #include <linux/delay.h> 15 #include <linux/if_ether.h> 16 #include <linux/skbuff.h> 17 #include <linux/if_arp.h> 18 #include <linux/etherdevice.h> 19 #include <linux/moduleparam.h> 20 #include <linux/rtnetlink.h> 21 #include <linux/pm_qos.h> 22 #include <linux/crc32.h> 23 #include <linux/slab.h> 24 #include <linux/export.h> 25 #include <net/mac80211.h> 26 #include <asm/unaligned.h> 27 28 #include "ieee80211_i.h" 29 #include "driver-ops.h" 30 #include "rate.h" 31 #include "led.h" 32 33 #define IEEE80211_AUTH_TIMEOUT (HZ / 5) 34 #define IEEE80211_AUTH_MAX_TRIES 3 35 #define IEEE80211_AUTH_WAIT_ASSOC (HZ * 5) 36 #define IEEE80211_ASSOC_TIMEOUT (HZ / 5) 37 #define IEEE80211_ASSOC_MAX_TRIES 3 38 39 static int max_nullfunc_tries = 2; 40 module_param(max_nullfunc_tries, int, 0644); 41 MODULE_PARM_DESC(max_nullfunc_tries, 42 "Maximum nullfunc tx tries before disconnecting (reason 4)."); 43 44 static int max_probe_tries = 5; 45 module_param(max_probe_tries, int, 0644); 46 MODULE_PARM_DESC(max_probe_tries, 47 "Maximum probe tries before disconnecting (reason 4)."); 48 49 /* 50 * Beacon loss timeout is calculated as N frames times the 51 * advertised beacon interval. This may need to be somewhat 52 * higher than what hardware might detect to account for 53 * delays in the host processing frames. But since we also 54 * probe on beacon miss before declaring the connection lost 55 * default to what we want. 56 */ 57 #define IEEE80211_BEACON_LOSS_COUNT 7 58 59 /* 60 * Time the connection can be idle before we probe 61 * it to see if we can still talk to the AP. 62 */ 63 #define IEEE80211_CONNECTION_IDLE_TIME (30 * HZ) 64 /* 65 * Time we wait for a probe response after sending 66 * a probe request because of beacon loss or for 67 * checking the connection still works. 68 */ 69 static int probe_wait_ms = 500; 70 module_param(probe_wait_ms, int, 0644); 71 MODULE_PARM_DESC(probe_wait_ms, 72 "Maximum time(ms) to wait for probe response" 73 " before disconnecting (reason 4)."); 74 75 /* 76 * Weight given to the latest Beacon frame when calculating average signal 77 * strength for Beacon frames received in the current BSS. This must be 78 * between 1 and 15. 79 */ 80 #define IEEE80211_SIGNAL_AVE_WEIGHT 3 81 82 /* 83 * How many Beacon frames need to have been used in average signal strength 84 * before starting to indicate signal change events. 85 */ 86 #define IEEE80211_SIGNAL_AVE_MIN_COUNT 4 87 88 #define TMR_RUNNING_TIMER 0 89 #define TMR_RUNNING_CHANSW 1 90 91 #define DEAUTH_DISASSOC_LEN (24 /* hdr */ + 2 /* reason */) 92 93 /* 94 * All cfg80211 functions have to be called outside a locked 95 * section so that they can acquire a lock themselves... This 96 * is much simpler than queuing up things in cfg80211, but we 97 * do need some indirection for that here. 98 */ 99 enum rx_mgmt_action { 100 /* no action required */ 101 RX_MGMT_NONE, 102 103 /* caller must call cfg80211_send_deauth() */ 104 RX_MGMT_CFG80211_DEAUTH, 105 106 /* caller must call cfg80211_send_disassoc() */ 107 RX_MGMT_CFG80211_DISASSOC, 108 109 /* caller must call cfg80211_send_rx_auth() */ 110 RX_MGMT_CFG80211_RX_AUTH, 111 112 /* caller must call cfg80211_send_rx_assoc() */ 113 RX_MGMT_CFG80211_RX_ASSOC, 114 115 /* caller must call cfg80211_send_assoc_timeout() */ 116 RX_MGMT_CFG80211_ASSOC_TIMEOUT, 117 }; 118 119 /* utils */ 120 static inline void ASSERT_MGD_MTX(struct ieee80211_if_managed *ifmgd) 121 { 122 lockdep_assert_held(&ifmgd->mtx); 123 } 124 125 /* 126 * We can have multiple work items (and connection probing) 127 * scheduling this timer, but we need to take care to only 128 * reschedule it when it should fire _earlier_ than it was 129 * asked for before, or if it's not pending right now. This 130 * function ensures that. Note that it then is required to 131 * run this function for all timeouts after the first one 132 * has happened -- the work that runs from this timer will 133 * do that. 134 */ 135 static void run_again(struct ieee80211_if_managed *ifmgd, unsigned long timeout) 136 { 137 ASSERT_MGD_MTX(ifmgd); 138 139 if (!timer_pending(&ifmgd->timer) || 140 time_before(timeout, ifmgd->timer.expires)) 141 mod_timer(&ifmgd->timer, timeout); 142 } 143 144 void ieee80211_sta_reset_beacon_monitor(struct ieee80211_sub_if_data *sdata) 145 { 146 if (sdata->vif.driver_flags & IEEE80211_VIF_BEACON_FILTER) 147 return; 148 149 mod_timer(&sdata->u.mgd.bcn_mon_timer, 150 round_jiffies_up(jiffies + sdata->u.mgd.beacon_timeout)); 151 } 152 153 void ieee80211_sta_reset_conn_monitor(struct ieee80211_sub_if_data *sdata) 154 { 155 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 156 157 if (unlikely(!sdata->u.mgd.associated)) 158 return; 159 160 if (sdata->local->hw.flags & IEEE80211_HW_CONNECTION_MONITOR) 161 return; 162 163 mod_timer(&sdata->u.mgd.conn_mon_timer, 164 round_jiffies_up(jiffies + IEEE80211_CONNECTION_IDLE_TIME)); 165 166 ifmgd->probe_send_count = 0; 167 } 168 169 static int ecw2cw(int ecw) 170 { 171 return (1 << ecw) - 1; 172 } 173 174 static u32 ieee80211_config_ht_tx(struct ieee80211_sub_if_data *sdata, 175 struct ieee80211_ht_operation *ht_oper, 176 const u8 *bssid, bool reconfig) 177 { 178 struct ieee80211_local *local = sdata->local; 179 struct ieee80211_supported_band *sband; 180 struct sta_info *sta; 181 u32 changed = 0; 182 u16 ht_opmode; 183 bool disable_40 = false; 184 185 sband = local->hw.wiphy->bands[local->hw.conf.channel->band]; 186 187 switch (sdata->vif.bss_conf.channel_type) { 188 case NL80211_CHAN_HT40PLUS: 189 if (local->hw.conf.channel->flags & IEEE80211_CHAN_NO_HT40PLUS) 190 disable_40 = true; 191 break; 192 case NL80211_CHAN_HT40MINUS: 193 if (local->hw.conf.channel->flags & IEEE80211_CHAN_NO_HT40MINUS) 194 disable_40 = true; 195 break; 196 default: 197 break; 198 } 199 200 /* This can change during the lifetime of the BSS */ 201 if (!(ht_oper->ht_param & IEEE80211_HT_PARAM_CHAN_WIDTH_ANY)) 202 disable_40 = true; 203 204 mutex_lock(&local->sta_mtx); 205 sta = sta_info_get(sdata, bssid); 206 207 WARN_ON_ONCE(!sta); 208 209 if (sta && !sta->supports_40mhz) 210 disable_40 = true; 211 212 if (sta && (!reconfig || 213 (disable_40 != !(sta->sta.ht_cap.cap & 214 IEEE80211_HT_CAP_SUP_WIDTH_20_40)))) { 215 216 if (disable_40) 217 sta->sta.ht_cap.cap &= ~IEEE80211_HT_CAP_SUP_WIDTH_20_40; 218 else 219 sta->sta.ht_cap.cap |= IEEE80211_HT_CAP_SUP_WIDTH_20_40; 220 221 rate_control_rate_update(local, sband, sta, 222 IEEE80211_RC_BW_CHANGED); 223 } 224 mutex_unlock(&local->sta_mtx); 225 226 ht_opmode = le16_to_cpu(ht_oper->operation_mode); 227 228 /* if bss configuration changed store the new one */ 229 if (!reconfig || (sdata->vif.bss_conf.ht_operation_mode != ht_opmode)) { 230 changed |= BSS_CHANGED_HT; 231 sdata->vif.bss_conf.ht_operation_mode = ht_opmode; 232 } 233 234 return changed; 235 } 236 237 /* frame sending functions */ 238 239 static int ieee80211_compatible_rates(const u8 *supp_rates, int supp_rates_len, 240 struct ieee80211_supported_band *sband, 241 u32 *rates) 242 { 243 int i, j, count; 244 *rates = 0; 245 count = 0; 246 for (i = 0; i < supp_rates_len; i++) { 247 int rate = (supp_rates[i] & 0x7F) * 5; 248 249 for (j = 0; j < sband->n_bitrates; j++) 250 if (sband->bitrates[j].bitrate == rate) { 251 *rates |= BIT(j); 252 count++; 253 break; 254 } 255 } 256 257 return count; 258 } 259 260 static void ieee80211_add_ht_ie(struct ieee80211_sub_if_data *sdata, 261 struct sk_buff *skb, u8 ap_ht_param, 262 struct ieee80211_supported_band *sband, 263 struct ieee80211_channel *channel, 264 enum ieee80211_smps_mode smps) 265 { 266 u8 *pos; 267 u32 flags = channel->flags; 268 u16 cap; 269 struct ieee80211_sta_ht_cap ht_cap; 270 271 BUILD_BUG_ON(sizeof(ht_cap) != sizeof(sband->ht_cap)); 272 273 memcpy(&ht_cap, &sband->ht_cap, sizeof(ht_cap)); 274 ieee80211_apply_htcap_overrides(sdata, &ht_cap); 275 276 /* determine capability flags */ 277 cap = ht_cap.cap; 278 279 switch (ap_ht_param & IEEE80211_HT_PARAM_CHA_SEC_OFFSET) { 280 case IEEE80211_HT_PARAM_CHA_SEC_ABOVE: 281 if (flags & IEEE80211_CHAN_NO_HT40PLUS) { 282 cap &= ~IEEE80211_HT_CAP_SUP_WIDTH_20_40; 283 cap &= ~IEEE80211_HT_CAP_SGI_40; 284 } 285 break; 286 case IEEE80211_HT_PARAM_CHA_SEC_BELOW: 287 if (flags & IEEE80211_CHAN_NO_HT40MINUS) { 288 cap &= ~IEEE80211_HT_CAP_SUP_WIDTH_20_40; 289 cap &= ~IEEE80211_HT_CAP_SGI_40; 290 } 291 break; 292 } 293 294 /* 295 * If 40 MHz was disabled associate as though we weren't 296 * capable of 40 MHz -- some broken APs will never fall 297 * back to trying to transmit in 20 MHz. 298 */ 299 if (sdata->u.mgd.flags & IEEE80211_STA_DISABLE_40MHZ) { 300 cap &= ~IEEE80211_HT_CAP_SUP_WIDTH_20_40; 301 cap &= ~IEEE80211_HT_CAP_SGI_40; 302 } 303 304 /* set SM PS mode properly */ 305 cap &= ~IEEE80211_HT_CAP_SM_PS; 306 switch (smps) { 307 case IEEE80211_SMPS_AUTOMATIC: 308 case IEEE80211_SMPS_NUM_MODES: 309 WARN_ON(1); 310 case IEEE80211_SMPS_OFF: 311 cap |= WLAN_HT_CAP_SM_PS_DISABLED << 312 IEEE80211_HT_CAP_SM_PS_SHIFT; 313 break; 314 case IEEE80211_SMPS_STATIC: 315 cap |= WLAN_HT_CAP_SM_PS_STATIC << 316 IEEE80211_HT_CAP_SM_PS_SHIFT; 317 break; 318 case IEEE80211_SMPS_DYNAMIC: 319 cap |= WLAN_HT_CAP_SM_PS_DYNAMIC << 320 IEEE80211_HT_CAP_SM_PS_SHIFT; 321 break; 322 } 323 324 /* reserve and fill IE */ 325 pos = skb_put(skb, sizeof(struct ieee80211_ht_cap) + 2); 326 ieee80211_ie_build_ht_cap(pos, &ht_cap, cap); 327 } 328 329 static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata) 330 { 331 struct ieee80211_local *local = sdata->local; 332 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 333 struct ieee80211_mgd_assoc_data *assoc_data = ifmgd->assoc_data; 334 struct sk_buff *skb; 335 struct ieee80211_mgmt *mgmt; 336 u8 *pos, qos_info; 337 size_t offset = 0, noffset; 338 int i, count, rates_len, supp_rates_len; 339 u16 capab; 340 struct ieee80211_supported_band *sband; 341 u32 rates = 0; 342 343 lockdep_assert_held(&ifmgd->mtx); 344 345 sband = local->hw.wiphy->bands[local->oper_channel->band]; 346 347 if (assoc_data->supp_rates_len) { 348 /* 349 * Get all rates supported by the device and the AP as 350 * some APs don't like getting a superset of their rates 351 * in the association request (e.g. D-Link DAP 1353 in 352 * b-only mode)... 353 */ 354 rates_len = ieee80211_compatible_rates(assoc_data->supp_rates, 355 assoc_data->supp_rates_len, 356 sband, &rates); 357 } else { 358 /* 359 * In case AP not provide any supported rates information 360 * before association, we send information element(s) with 361 * all rates that we support. 362 */ 363 rates = ~0; 364 rates_len = sband->n_bitrates; 365 } 366 367 skb = alloc_skb(local->hw.extra_tx_headroom + 368 sizeof(*mgmt) + /* bit too much but doesn't matter */ 369 2 + assoc_data->ssid_len + /* SSID */ 370 4 + rates_len + /* (extended) rates */ 371 4 + /* power capability */ 372 2 + 2 * sband->n_channels + /* supported channels */ 373 2 + sizeof(struct ieee80211_ht_cap) + /* HT */ 374 assoc_data->ie_len + /* extra IEs */ 375 9, /* WMM */ 376 GFP_KERNEL); 377 if (!skb) 378 return; 379 380 skb_reserve(skb, local->hw.extra_tx_headroom); 381 382 capab = WLAN_CAPABILITY_ESS; 383 384 if (sband->band == IEEE80211_BAND_2GHZ) { 385 if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_SLOT_INCAPABLE)) 386 capab |= WLAN_CAPABILITY_SHORT_SLOT_TIME; 387 if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_PREAMBLE_INCAPABLE)) 388 capab |= WLAN_CAPABILITY_SHORT_PREAMBLE; 389 } 390 391 if (assoc_data->capability & WLAN_CAPABILITY_PRIVACY) 392 capab |= WLAN_CAPABILITY_PRIVACY; 393 394 if ((assoc_data->capability & WLAN_CAPABILITY_SPECTRUM_MGMT) && 395 (local->hw.flags & IEEE80211_HW_SPECTRUM_MGMT)) 396 capab |= WLAN_CAPABILITY_SPECTRUM_MGMT; 397 398 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24); 399 memset(mgmt, 0, 24); 400 memcpy(mgmt->da, assoc_data->bss->bssid, ETH_ALEN); 401 memcpy(mgmt->sa, sdata->vif.addr, ETH_ALEN); 402 memcpy(mgmt->bssid, assoc_data->bss->bssid, ETH_ALEN); 403 404 if (!is_zero_ether_addr(assoc_data->prev_bssid)) { 405 skb_put(skb, 10); 406 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | 407 IEEE80211_STYPE_REASSOC_REQ); 408 mgmt->u.reassoc_req.capab_info = cpu_to_le16(capab); 409 mgmt->u.reassoc_req.listen_interval = 410 cpu_to_le16(local->hw.conf.listen_interval); 411 memcpy(mgmt->u.reassoc_req.current_ap, assoc_data->prev_bssid, 412 ETH_ALEN); 413 } else { 414 skb_put(skb, 4); 415 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | 416 IEEE80211_STYPE_ASSOC_REQ); 417 mgmt->u.assoc_req.capab_info = cpu_to_le16(capab); 418 mgmt->u.assoc_req.listen_interval = 419 cpu_to_le16(local->hw.conf.listen_interval); 420 } 421 422 /* SSID */ 423 pos = skb_put(skb, 2 + assoc_data->ssid_len); 424 *pos++ = WLAN_EID_SSID; 425 *pos++ = assoc_data->ssid_len; 426 memcpy(pos, assoc_data->ssid, assoc_data->ssid_len); 427 428 /* add all rates which were marked to be used above */ 429 supp_rates_len = rates_len; 430 if (supp_rates_len > 8) 431 supp_rates_len = 8; 432 433 pos = skb_put(skb, supp_rates_len + 2); 434 *pos++ = WLAN_EID_SUPP_RATES; 435 *pos++ = supp_rates_len; 436 437 count = 0; 438 for (i = 0; i < sband->n_bitrates; i++) { 439 if (BIT(i) & rates) { 440 int rate = sband->bitrates[i].bitrate; 441 *pos++ = (u8) (rate / 5); 442 if (++count == 8) 443 break; 444 } 445 } 446 447 if (rates_len > count) { 448 pos = skb_put(skb, rates_len - count + 2); 449 *pos++ = WLAN_EID_EXT_SUPP_RATES; 450 *pos++ = rates_len - count; 451 452 for (i++; i < sband->n_bitrates; i++) { 453 if (BIT(i) & rates) { 454 int rate = sband->bitrates[i].bitrate; 455 *pos++ = (u8) (rate / 5); 456 } 457 } 458 } 459 460 if (capab & WLAN_CAPABILITY_SPECTRUM_MGMT) { 461 /* 1. power capabilities */ 462 pos = skb_put(skb, 4); 463 *pos++ = WLAN_EID_PWR_CAPABILITY; 464 *pos++ = 2; 465 *pos++ = 0; /* min tx power */ 466 *pos++ = local->oper_channel->max_power; /* max tx power */ 467 468 /* 2. supported channels */ 469 /* TODO: get this in reg domain format */ 470 pos = skb_put(skb, 2 * sband->n_channels + 2); 471 *pos++ = WLAN_EID_SUPPORTED_CHANNELS; 472 *pos++ = 2 * sband->n_channels; 473 for (i = 0; i < sband->n_channels; i++) { 474 *pos++ = ieee80211_frequency_to_channel( 475 sband->channels[i].center_freq); 476 *pos++ = 1; /* one channel in the subband*/ 477 } 478 } 479 480 /* if present, add any custom IEs that go before HT */ 481 if (assoc_data->ie_len && assoc_data->ie) { 482 static const u8 before_ht[] = { 483 WLAN_EID_SSID, 484 WLAN_EID_SUPP_RATES, 485 WLAN_EID_EXT_SUPP_RATES, 486 WLAN_EID_PWR_CAPABILITY, 487 WLAN_EID_SUPPORTED_CHANNELS, 488 WLAN_EID_RSN, 489 WLAN_EID_QOS_CAPA, 490 WLAN_EID_RRM_ENABLED_CAPABILITIES, 491 WLAN_EID_MOBILITY_DOMAIN, 492 WLAN_EID_SUPPORTED_REGULATORY_CLASSES, 493 }; 494 noffset = ieee80211_ie_split(assoc_data->ie, assoc_data->ie_len, 495 before_ht, ARRAY_SIZE(before_ht), 496 offset); 497 pos = skb_put(skb, noffset - offset); 498 memcpy(pos, assoc_data->ie + offset, noffset - offset); 499 offset = noffset; 500 } 501 502 if (!(ifmgd->flags & IEEE80211_STA_DISABLE_11N)) 503 ieee80211_add_ht_ie(sdata, skb, assoc_data->ap_ht_param, 504 sband, local->oper_channel, ifmgd->ap_smps); 505 506 /* if present, add any custom non-vendor IEs that go after HT */ 507 if (assoc_data->ie_len && assoc_data->ie) { 508 noffset = ieee80211_ie_split_vendor(assoc_data->ie, 509 assoc_data->ie_len, 510 offset); 511 pos = skb_put(skb, noffset - offset); 512 memcpy(pos, assoc_data->ie + offset, noffset - offset); 513 offset = noffset; 514 } 515 516 if (assoc_data->wmm) { 517 if (assoc_data->uapsd) { 518 qos_info = ifmgd->uapsd_queues; 519 qos_info |= (ifmgd->uapsd_max_sp_len << 520 IEEE80211_WMM_IE_STA_QOSINFO_SP_SHIFT); 521 } else { 522 qos_info = 0; 523 } 524 525 pos = skb_put(skb, 9); 526 *pos++ = WLAN_EID_VENDOR_SPECIFIC; 527 *pos++ = 7; /* len */ 528 *pos++ = 0x00; /* Microsoft OUI 00:50:F2 */ 529 *pos++ = 0x50; 530 *pos++ = 0xf2; 531 *pos++ = 2; /* WME */ 532 *pos++ = 0; /* WME info */ 533 *pos++ = 1; /* WME ver */ 534 *pos++ = qos_info; 535 } 536 537 /* add any remaining custom (i.e. vendor specific here) IEs */ 538 if (assoc_data->ie_len && assoc_data->ie) { 539 noffset = assoc_data->ie_len; 540 pos = skb_put(skb, noffset - offset); 541 memcpy(pos, assoc_data->ie + offset, noffset - offset); 542 } 543 544 drv_mgd_prepare_tx(local, sdata); 545 546 IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT; 547 ieee80211_tx_skb(sdata, skb); 548 } 549 550 static void ieee80211_send_deauth_disassoc(struct ieee80211_sub_if_data *sdata, 551 const u8 *bssid, u16 stype, 552 u16 reason, bool send_frame, 553 u8 *frame_buf) 554 { 555 struct ieee80211_local *local = sdata->local; 556 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 557 struct sk_buff *skb; 558 struct ieee80211_mgmt *mgmt = (void *)frame_buf; 559 560 /* build frame */ 561 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | stype); 562 mgmt->duration = 0; /* initialize only */ 563 mgmt->seq_ctrl = 0; /* initialize only */ 564 memcpy(mgmt->da, bssid, ETH_ALEN); 565 memcpy(mgmt->sa, sdata->vif.addr, ETH_ALEN); 566 memcpy(mgmt->bssid, bssid, ETH_ALEN); 567 /* u.deauth.reason_code == u.disassoc.reason_code */ 568 mgmt->u.deauth.reason_code = cpu_to_le16(reason); 569 570 if (send_frame) { 571 skb = dev_alloc_skb(local->hw.extra_tx_headroom + 572 DEAUTH_DISASSOC_LEN); 573 if (!skb) 574 return; 575 576 skb_reserve(skb, local->hw.extra_tx_headroom); 577 578 /* copy in frame */ 579 memcpy(skb_put(skb, DEAUTH_DISASSOC_LEN), 580 mgmt, DEAUTH_DISASSOC_LEN); 581 582 if (!(ifmgd->flags & IEEE80211_STA_MFP_ENABLED)) 583 IEEE80211_SKB_CB(skb)->flags |= 584 IEEE80211_TX_INTFL_DONT_ENCRYPT; 585 586 drv_mgd_prepare_tx(local, sdata); 587 588 ieee80211_tx_skb(sdata, skb); 589 } 590 } 591 592 void ieee80211_send_pspoll(struct ieee80211_local *local, 593 struct ieee80211_sub_if_data *sdata) 594 { 595 struct ieee80211_pspoll *pspoll; 596 struct sk_buff *skb; 597 598 skb = ieee80211_pspoll_get(&local->hw, &sdata->vif); 599 if (!skb) 600 return; 601 602 pspoll = (struct ieee80211_pspoll *) skb->data; 603 pspoll->frame_control |= cpu_to_le16(IEEE80211_FCTL_PM); 604 605 IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT; 606 ieee80211_tx_skb(sdata, skb); 607 } 608 609 void ieee80211_send_nullfunc(struct ieee80211_local *local, 610 struct ieee80211_sub_if_data *sdata, 611 int powersave) 612 { 613 struct sk_buff *skb; 614 struct ieee80211_hdr_3addr *nullfunc; 615 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 616 617 skb = ieee80211_nullfunc_get(&local->hw, &sdata->vif); 618 if (!skb) 619 return; 620 621 nullfunc = (struct ieee80211_hdr_3addr *) skb->data; 622 if (powersave) 623 nullfunc->frame_control |= cpu_to_le16(IEEE80211_FCTL_PM); 624 625 IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT; 626 if (ifmgd->flags & (IEEE80211_STA_BEACON_POLL | 627 IEEE80211_STA_CONNECTION_POLL)) 628 IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_CTL_USE_MINRATE; 629 630 ieee80211_tx_skb(sdata, skb); 631 } 632 633 static void ieee80211_send_4addr_nullfunc(struct ieee80211_local *local, 634 struct ieee80211_sub_if_data *sdata) 635 { 636 struct sk_buff *skb; 637 struct ieee80211_hdr *nullfunc; 638 __le16 fc; 639 640 if (WARN_ON(sdata->vif.type != NL80211_IFTYPE_STATION)) 641 return; 642 643 skb = dev_alloc_skb(local->hw.extra_tx_headroom + 30); 644 if (!skb) 645 return; 646 647 skb_reserve(skb, local->hw.extra_tx_headroom); 648 649 nullfunc = (struct ieee80211_hdr *) skb_put(skb, 30); 650 memset(nullfunc, 0, 30); 651 fc = cpu_to_le16(IEEE80211_FTYPE_DATA | IEEE80211_STYPE_NULLFUNC | 652 IEEE80211_FCTL_FROMDS | IEEE80211_FCTL_TODS); 653 nullfunc->frame_control = fc; 654 memcpy(nullfunc->addr1, sdata->u.mgd.bssid, ETH_ALEN); 655 memcpy(nullfunc->addr2, sdata->vif.addr, ETH_ALEN); 656 memcpy(nullfunc->addr3, sdata->u.mgd.bssid, ETH_ALEN); 657 memcpy(nullfunc->addr4, sdata->vif.addr, ETH_ALEN); 658 659 IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT; 660 ieee80211_tx_skb(sdata, skb); 661 } 662 663 /* spectrum management related things */ 664 static void ieee80211_chswitch_work(struct work_struct *work) 665 { 666 struct ieee80211_sub_if_data *sdata = 667 container_of(work, struct ieee80211_sub_if_data, u.mgd.chswitch_work); 668 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 669 670 if (!ieee80211_sdata_running(sdata)) 671 return; 672 673 mutex_lock(&ifmgd->mtx); 674 if (!ifmgd->associated) 675 goto out; 676 677 sdata->local->oper_channel = sdata->local->csa_channel; 678 if (!sdata->local->ops->channel_switch) { 679 /* call "hw_config" only if doing sw channel switch */ 680 ieee80211_hw_config(sdata->local, 681 IEEE80211_CONF_CHANGE_CHANNEL); 682 } else { 683 /* update the device channel directly */ 684 sdata->local->hw.conf.channel = sdata->local->oper_channel; 685 } 686 687 /* XXX: shouldn't really modify cfg80211-owned data! */ 688 ifmgd->associated->channel = sdata->local->oper_channel; 689 690 ieee80211_wake_queues_by_reason(&sdata->local->hw, 691 IEEE80211_QUEUE_STOP_REASON_CSA); 692 out: 693 ifmgd->flags &= ~IEEE80211_STA_CSA_RECEIVED; 694 mutex_unlock(&ifmgd->mtx); 695 } 696 697 void ieee80211_chswitch_done(struct ieee80211_vif *vif, bool success) 698 { 699 struct ieee80211_sub_if_data *sdata; 700 struct ieee80211_if_managed *ifmgd; 701 702 sdata = vif_to_sdata(vif); 703 ifmgd = &sdata->u.mgd; 704 705 trace_api_chswitch_done(sdata, success); 706 if (!success) { 707 /* 708 * If the channel switch was not successful, stay 709 * around on the old channel. We currently lack 710 * good handling of this situation, possibly we 711 * should just drop the association. 712 */ 713 sdata->local->csa_channel = sdata->local->oper_channel; 714 } 715 716 ieee80211_queue_work(&sdata->local->hw, &ifmgd->chswitch_work); 717 } 718 EXPORT_SYMBOL(ieee80211_chswitch_done); 719 720 static void ieee80211_chswitch_timer(unsigned long data) 721 { 722 struct ieee80211_sub_if_data *sdata = 723 (struct ieee80211_sub_if_data *) data; 724 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 725 726 if (sdata->local->quiescing) { 727 set_bit(TMR_RUNNING_CHANSW, &ifmgd->timers_running); 728 return; 729 } 730 731 ieee80211_queue_work(&sdata->local->hw, &ifmgd->chswitch_work); 732 } 733 734 void ieee80211_sta_process_chanswitch(struct ieee80211_sub_if_data *sdata, 735 struct ieee80211_channel_sw_ie *sw_elem, 736 struct ieee80211_bss *bss, 737 u64 timestamp) 738 { 739 struct cfg80211_bss *cbss = 740 container_of((void *)bss, struct cfg80211_bss, priv); 741 struct ieee80211_channel *new_ch; 742 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 743 int new_freq = ieee80211_channel_to_frequency(sw_elem->new_ch_num, 744 cbss->channel->band); 745 746 ASSERT_MGD_MTX(ifmgd); 747 748 if (!ifmgd->associated) 749 return; 750 751 if (sdata->local->scanning) 752 return; 753 754 /* Disregard subsequent beacons if we are already running a timer 755 processing a CSA */ 756 757 if (ifmgd->flags & IEEE80211_STA_CSA_RECEIVED) 758 return; 759 760 new_ch = ieee80211_get_channel(sdata->local->hw.wiphy, new_freq); 761 if (!new_ch || new_ch->flags & IEEE80211_CHAN_DISABLED) 762 return; 763 764 sdata->local->csa_channel = new_ch; 765 766 if (sdata->local->ops->channel_switch) { 767 /* use driver's channel switch callback */ 768 struct ieee80211_channel_switch ch_switch; 769 memset(&ch_switch, 0, sizeof(ch_switch)); 770 ch_switch.timestamp = timestamp; 771 if (sw_elem->mode) { 772 ch_switch.block_tx = true; 773 ieee80211_stop_queues_by_reason(&sdata->local->hw, 774 IEEE80211_QUEUE_STOP_REASON_CSA); 775 } 776 ch_switch.channel = new_ch; 777 ch_switch.count = sw_elem->count; 778 ifmgd->flags |= IEEE80211_STA_CSA_RECEIVED; 779 drv_channel_switch(sdata->local, &ch_switch); 780 return; 781 } 782 783 /* channel switch handled in software */ 784 if (sw_elem->count <= 1) { 785 ieee80211_queue_work(&sdata->local->hw, &ifmgd->chswitch_work); 786 } else { 787 if (sw_elem->mode) 788 ieee80211_stop_queues_by_reason(&sdata->local->hw, 789 IEEE80211_QUEUE_STOP_REASON_CSA); 790 ifmgd->flags |= IEEE80211_STA_CSA_RECEIVED; 791 mod_timer(&ifmgd->chswitch_timer, 792 jiffies + 793 msecs_to_jiffies(sw_elem->count * 794 cbss->beacon_interval)); 795 } 796 } 797 798 static void ieee80211_handle_pwr_constr(struct ieee80211_sub_if_data *sdata, 799 u16 capab_info, u8 *pwr_constr_elem, 800 u8 pwr_constr_elem_len) 801 { 802 struct ieee80211_conf *conf = &sdata->local->hw.conf; 803 804 if (!(capab_info & WLAN_CAPABILITY_SPECTRUM_MGMT)) 805 return; 806 807 /* Power constraint IE length should be 1 octet */ 808 if (pwr_constr_elem_len != 1) 809 return; 810 811 if ((*pwr_constr_elem <= conf->channel->max_reg_power) && 812 (*pwr_constr_elem != sdata->local->power_constr_level)) { 813 sdata->local->power_constr_level = *pwr_constr_elem; 814 ieee80211_hw_config(sdata->local, 0); 815 } 816 } 817 818 void ieee80211_enable_dyn_ps(struct ieee80211_vif *vif) 819 { 820 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); 821 struct ieee80211_local *local = sdata->local; 822 struct ieee80211_conf *conf = &local->hw.conf; 823 824 WARN_ON(sdata->vif.type != NL80211_IFTYPE_STATION || 825 !(local->hw.flags & IEEE80211_HW_SUPPORTS_PS) || 826 (local->hw.flags & IEEE80211_HW_SUPPORTS_DYNAMIC_PS)); 827 828 local->disable_dynamic_ps = false; 829 conf->dynamic_ps_timeout = local->dynamic_ps_user_timeout; 830 } 831 EXPORT_SYMBOL(ieee80211_enable_dyn_ps); 832 833 void ieee80211_disable_dyn_ps(struct ieee80211_vif *vif) 834 { 835 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); 836 struct ieee80211_local *local = sdata->local; 837 struct ieee80211_conf *conf = &local->hw.conf; 838 839 WARN_ON(sdata->vif.type != NL80211_IFTYPE_STATION || 840 !(local->hw.flags & IEEE80211_HW_SUPPORTS_PS) || 841 (local->hw.flags & IEEE80211_HW_SUPPORTS_DYNAMIC_PS)); 842 843 local->disable_dynamic_ps = true; 844 conf->dynamic_ps_timeout = 0; 845 del_timer_sync(&local->dynamic_ps_timer); 846 ieee80211_queue_work(&local->hw, 847 &local->dynamic_ps_enable_work); 848 } 849 EXPORT_SYMBOL(ieee80211_disable_dyn_ps); 850 851 /* powersave */ 852 static void ieee80211_enable_ps(struct ieee80211_local *local, 853 struct ieee80211_sub_if_data *sdata) 854 { 855 struct ieee80211_conf *conf = &local->hw.conf; 856 857 /* 858 * If we are scanning right now then the parameters will 859 * take effect when scan finishes. 860 */ 861 if (local->scanning) 862 return; 863 864 if (conf->dynamic_ps_timeout > 0 && 865 !(local->hw.flags & IEEE80211_HW_SUPPORTS_DYNAMIC_PS)) { 866 mod_timer(&local->dynamic_ps_timer, jiffies + 867 msecs_to_jiffies(conf->dynamic_ps_timeout)); 868 } else { 869 if (local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK) 870 ieee80211_send_nullfunc(local, sdata, 1); 871 872 if ((local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK) && 873 (local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS)) 874 return; 875 876 conf->flags |= IEEE80211_CONF_PS; 877 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS); 878 } 879 } 880 881 static void ieee80211_change_ps(struct ieee80211_local *local) 882 { 883 struct ieee80211_conf *conf = &local->hw.conf; 884 885 if (local->ps_sdata) { 886 ieee80211_enable_ps(local, local->ps_sdata); 887 } else if (conf->flags & IEEE80211_CONF_PS) { 888 conf->flags &= ~IEEE80211_CONF_PS; 889 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS); 890 del_timer_sync(&local->dynamic_ps_timer); 891 cancel_work_sync(&local->dynamic_ps_enable_work); 892 } 893 } 894 895 static bool ieee80211_powersave_allowed(struct ieee80211_sub_if_data *sdata) 896 { 897 struct ieee80211_if_managed *mgd = &sdata->u.mgd; 898 struct sta_info *sta = NULL; 899 bool authorized = false; 900 901 if (!mgd->powersave) 902 return false; 903 904 if (mgd->broken_ap) 905 return false; 906 907 if (!mgd->associated) 908 return false; 909 910 if (mgd->flags & (IEEE80211_STA_BEACON_POLL | 911 IEEE80211_STA_CONNECTION_POLL)) 912 return false; 913 914 rcu_read_lock(); 915 sta = sta_info_get(sdata, mgd->bssid); 916 if (sta) 917 authorized = test_sta_flag(sta, WLAN_STA_AUTHORIZED); 918 rcu_read_unlock(); 919 920 return authorized; 921 } 922 923 /* need to hold RTNL or interface lock */ 924 void ieee80211_recalc_ps(struct ieee80211_local *local, s32 latency) 925 { 926 struct ieee80211_sub_if_data *sdata, *found = NULL; 927 int count = 0; 928 int timeout; 929 930 if (!(local->hw.flags & IEEE80211_HW_SUPPORTS_PS)) { 931 local->ps_sdata = NULL; 932 return; 933 } 934 935 list_for_each_entry(sdata, &local->interfaces, list) { 936 if (!ieee80211_sdata_running(sdata)) 937 continue; 938 if (sdata->vif.type == NL80211_IFTYPE_AP) { 939 /* If an AP vif is found, then disable PS 940 * by setting the count to zero thereby setting 941 * ps_sdata to NULL. 942 */ 943 count = 0; 944 break; 945 } 946 if (sdata->vif.type != NL80211_IFTYPE_STATION) 947 continue; 948 found = sdata; 949 count++; 950 } 951 952 if (count == 1 && ieee80211_powersave_allowed(found)) { 953 struct ieee80211_conf *conf = &local->hw.conf; 954 s32 beaconint_us; 955 956 if (latency < 0) 957 latency = pm_qos_request(PM_QOS_NETWORK_LATENCY); 958 959 beaconint_us = ieee80211_tu_to_usec( 960 found->vif.bss_conf.beacon_int); 961 962 timeout = local->dynamic_ps_forced_timeout; 963 if (timeout < 0) { 964 /* 965 * Go to full PSM if the user configures a very low 966 * latency requirement. 967 * The 2000 second value is there for compatibility 968 * until the PM_QOS_NETWORK_LATENCY is configured 969 * with real values. 970 */ 971 if (latency > (1900 * USEC_PER_MSEC) && 972 latency != (2000 * USEC_PER_SEC)) 973 timeout = 0; 974 else 975 timeout = 100; 976 } 977 local->dynamic_ps_user_timeout = timeout; 978 if (!local->disable_dynamic_ps) 979 conf->dynamic_ps_timeout = 980 local->dynamic_ps_user_timeout; 981 982 if (beaconint_us > latency) { 983 local->ps_sdata = NULL; 984 } else { 985 struct ieee80211_bss *bss; 986 int maxslp = 1; 987 u8 dtimper; 988 989 bss = (void *)found->u.mgd.associated->priv; 990 dtimper = bss->dtim_period; 991 992 /* If the TIM IE is invalid, pretend the value is 1 */ 993 if (!dtimper) 994 dtimper = 1; 995 else if (dtimper > 1) 996 maxslp = min_t(int, dtimper, 997 latency / beaconint_us); 998 999 local->hw.conf.max_sleep_period = maxslp; 1000 local->hw.conf.ps_dtim_period = dtimper; 1001 local->ps_sdata = found; 1002 } 1003 } else { 1004 local->ps_sdata = NULL; 1005 } 1006 1007 ieee80211_change_ps(local); 1008 } 1009 1010 void ieee80211_dynamic_ps_disable_work(struct work_struct *work) 1011 { 1012 struct ieee80211_local *local = 1013 container_of(work, struct ieee80211_local, 1014 dynamic_ps_disable_work); 1015 1016 if (local->hw.conf.flags & IEEE80211_CONF_PS) { 1017 local->hw.conf.flags &= ~IEEE80211_CONF_PS; 1018 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS); 1019 } 1020 1021 ieee80211_wake_queues_by_reason(&local->hw, 1022 IEEE80211_QUEUE_STOP_REASON_PS); 1023 } 1024 1025 void ieee80211_dynamic_ps_enable_work(struct work_struct *work) 1026 { 1027 struct ieee80211_local *local = 1028 container_of(work, struct ieee80211_local, 1029 dynamic_ps_enable_work); 1030 struct ieee80211_sub_if_data *sdata = local->ps_sdata; 1031 struct ieee80211_if_managed *ifmgd; 1032 unsigned long flags; 1033 int q; 1034 1035 /* can only happen when PS was just disabled anyway */ 1036 if (!sdata) 1037 return; 1038 1039 ifmgd = &sdata->u.mgd; 1040 1041 if (local->hw.conf.flags & IEEE80211_CONF_PS) 1042 return; 1043 1044 if (!local->disable_dynamic_ps && 1045 local->hw.conf.dynamic_ps_timeout > 0) { 1046 /* don't enter PS if TX frames are pending */ 1047 if (drv_tx_frames_pending(local)) { 1048 mod_timer(&local->dynamic_ps_timer, jiffies + 1049 msecs_to_jiffies( 1050 local->hw.conf.dynamic_ps_timeout)); 1051 return; 1052 } 1053 1054 /* 1055 * transmission can be stopped by others which leads to 1056 * dynamic_ps_timer expiry. Postpone the ps timer if it 1057 * is not the actual idle state. 1058 */ 1059 spin_lock_irqsave(&local->queue_stop_reason_lock, flags); 1060 for (q = 0; q < local->hw.queues; q++) { 1061 if (local->queue_stop_reasons[q]) { 1062 spin_unlock_irqrestore(&local->queue_stop_reason_lock, 1063 flags); 1064 mod_timer(&local->dynamic_ps_timer, jiffies + 1065 msecs_to_jiffies( 1066 local->hw.conf.dynamic_ps_timeout)); 1067 return; 1068 } 1069 } 1070 spin_unlock_irqrestore(&local->queue_stop_reason_lock, flags); 1071 } 1072 1073 if ((local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK) && 1074 !(ifmgd->flags & IEEE80211_STA_NULLFUNC_ACKED)) { 1075 netif_tx_stop_all_queues(sdata->dev); 1076 1077 if (drv_tx_frames_pending(local)) 1078 mod_timer(&local->dynamic_ps_timer, jiffies + 1079 msecs_to_jiffies( 1080 local->hw.conf.dynamic_ps_timeout)); 1081 else { 1082 ieee80211_send_nullfunc(local, sdata, 1); 1083 /* Flush to get the tx status of nullfunc frame */ 1084 drv_flush(local, false); 1085 } 1086 } 1087 1088 if (!((local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS) && 1089 (local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK)) || 1090 (ifmgd->flags & IEEE80211_STA_NULLFUNC_ACKED)) { 1091 ifmgd->flags &= ~IEEE80211_STA_NULLFUNC_ACKED; 1092 local->hw.conf.flags |= IEEE80211_CONF_PS; 1093 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS); 1094 } 1095 1096 if (local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK) 1097 netif_tx_wake_all_queues(sdata->dev); 1098 } 1099 1100 void ieee80211_dynamic_ps_timer(unsigned long data) 1101 { 1102 struct ieee80211_local *local = (void *) data; 1103 1104 if (local->quiescing || local->suspended) 1105 return; 1106 1107 ieee80211_queue_work(&local->hw, &local->dynamic_ps_enable_work); 1108 } 1109 1110 /* MLME */ 1111 static bool ieee80211_sta_wmm_params(struct ieee80211_local *local, 1112 struct ieee80211_sub_if_data *sdata, 1113 u8 *wmm_param, size_t wmm_param_len) 1114 { 1115 struct ieee80211_tx_queue_params params; 1116 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1117 size_t left; 1118 int count; 1119 u8 *pos, uapsd_queues = 0; 1120 1121 if (!local->ops->conf_tx) 1122 return false; 1123 1124 if (local->hw.queues < IEEE80211_NUM_ACS) 1125 return false; 1126 1127 if (!wmm_param) 1128 return false; 1129 1130 if (wmm_param_len < 8 || wmm_param[5] /* version */ != 1) 1131 return false; 1132 1133 if (ifmgd->flags & IEEE80211_STA_UAPSD_ENABLED) 1134 uapsd_queues = ifmgd->uapsd_queues; 1135 1136 count = wmm_param[6] & 0x0f; 1137 if (count == ifmgd->wmm_last_param_set) 1138 return false; 1139 ifmgd->wmm_last_param_set = count; 1140 1141 pos = wmm_param + 8; 1142 left = wmm_param_len - 8; 1143 1144 memset(¶ms, 0, sizeof(params)); 1145 1146 sdata->wmm_acm = 0; 1147 for (; left >= 4; left -= 4, pos += 4) { 1148 int aci = (pos[0] >> 5) & 0x03; 1149 int acm = (pos[0] >> 4) & 0x01; 1150 bool uapsd = false; 1151 int queue; 1152 1153 switch (aci) { 1154 case 1: /* AC_BK */ 1155 queue = 3; 1156 if (acm) 1157 sdata->wmm_acm |= BIT(1) | BIT(2); /* BK/- */ 1158 if (uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_BK) 1159 uapsd = true; 1160 break; 1161 case 2: /* AC_VI */ 1162 queue = 1; 1163 if (acm) 1164 sdata->wmm_acm |= BIT(4) | BIT(5); /* CL/VI */ 1165 if (uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_VI) 1166 uapsd = true; 1167 break; 1168 case 3: /* AC_VO */ 1169 queue = 0; 1170 if (acm) 1171 sdata->wmm_acm |= BIT(6) | BIT(7); /* VO/NC */ 1172 if (uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_VO) 1173 uapsd = true; 1174 break; 1175 case 0: /* AC_BE */ 1176 default: 1177 queue = 2; 1178 if (acm) 1179 sdata->wmm_acm |= BIT(0) | BIT(3); /* BE/EE */ 1180 if (uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_BE) 1181 uapsd = true; 1182 break; 1183 } 1184 1185 params.aifs = pos[0] & 0x0f; 1186 params.cw_max = ecw2cw((pos[1] & 0xf0) >> 4); 1187 params.cw_min = ecw2cw(pos[1] & 0x0f); 1188 params.txop = get_unaligned_le16(pos + 2); 1189 params.uapsd = uapsd; 1190 1191 mlme_dbg(sdata, 1192 "WMM queue=%d aci=%d acm=%d aifs=%d cWmin=%d cWmax=%d txop=%d uapsd=%d\n", 1193 queue, aci, acm, 1194 params.aifs, params.cw_min, params.cw_max, 1195 params.txop, params.uapsd); 1196 sdata->tx_conf[queue] = params; 1197 if (drv_conf_tx(local, sdata, queue, ¶ms)) 1198 sdata_err(sdata, 1199 "failed to set TX queue parameters for queue %d\n", 1200 queue); 1201 } 1202 1203 /* enable WMM or activate new settings */ 1204 sdata->vif.bss_conf.qos = true; 1205 return true; 1206 } 1207 1208 static void __ieee80211_stop_poll(struct ieee80211_sub_if_data *sdata) 1209 { 1210 lockdep_assert_held(&sdata->local->mtx); 1211 1212 sdata->u.mgd.flags &= ~(IEEE80211_STA_CONNECTION_POLL | 1213 IEEE80211_STA_BEACON_POLL); 1214 ieee80211_run_deferred_scan(sdata->local); 1215 } 1216 1217 static void ieee80211_stop_poll(struct ieee80211_sub_if_data *sdata) 1218 { 1219 mutex_lock(&sdata->local->mtx); 1220 __ieee80211_stop_poll(sdata); 1221 mutex_unlock(&sdata->local->mtx); 1222 } 1223 1224 static u32 ieee80211_handle_bss_capability(struct ieee80211_sub_if_data *sdata, 1225 u16 capab, bool erp_valid, u8 erp) 1226 { 1227 struct ieee80211_bss_conf *bss_conf = &sdata->vif.bss_conf; 1228 u32 changed = 0; 1229 bool use_protection; 1230 bool use_short_preamble; 1231 bool use_short_slot; 1232 1233 if (erp_valid) { 1234 use_protection = (erp & WLAN_ERP_USE_PROTECTION) != 0; 1235 use_short_preamble = (erp & WLAN_ERP_BARKER_PREAMBLE) == 0; 1236 } else { 1237 use_protection = false; 1238 use_short_preamble = !!(capab & WLAN_CAPABILITY_SHORT_PREAMBLE); 1239 } 1240 1241 use_short_slot = !!(capab & WLAN_CAPABILITY_SHORT_SLOT_TIME); 1242 if (sdata->local->hw.conf.channel->band == IEEE80211_BAND_5GHZ) 1243 use_short_slot = true; 1244 1245 if (use_protection != bss_conf->use_cts_prot) { 1246 bss_conf->use_cts_prot = use_protection; 1247 changed |= BSS_CHANGED_ERP_CTS_PROT; 1248 } 1249 1250 if (use_short_preamble != bss_conf->use_short_preamble) { 1251 bss_conf->use_short_preamble = use_short_preamble; 1252 changed |= BSS_CHANGED_ERP_PREAMBLE; 1253 } 1254 1255 if (use_short_slot != bss_conf->use_short_slot) { 1256 bss_conf->use_short_slot = use_short_slot; 1257 changed |= BSS_CHANGED_ERP_SLOT; 1258 } 1259 1260 return changed; 1261 } 1262 1263 static void ieee80211_set_associated(struct ieee80211_sub_if_data *sdata, 1264 struct cfg80211_bss *cbss, 1265 u32 bss_info_changed) 1266 { 1267 struct ieee80211_bss *bss = (void *)cbss->priv; 1268 struct ieee80211_local *local = sdata->local; 1269 struct ieee80211_bss_conf *bss_conf = &sdata->vif.bss_conf; 1270 1271 bss_info_changed |= BSS_CHANGED_ASSOC; 1272 bss_info_changed |= ieee80211_handle_bss_capability(sdata, 1273 bss_conf->assoc_capability, bss->has_erp_value, bss->erp_value); 1274 1275 sdata->u.mgd.beacon_timeout = usecs_to_jiffies(ieee80211_tu_to_usec( 1276 IEEE80211_BEACON_LOSS_COUNT * bss_conf->beacon_int)); 1277 1278 sdata->u.mgd.associated = cbss; 1279 memcpy(sdata->u.mgd.bssid, cbss->bssid, ETH_ALEN); 1280 1281 sdata->u.mgd.flags |= IEEE80211_STA_RESET_SIGNAL_AVE; 1282 1283 /* just to be sure */ 1284 ieee80211_stop_poll(sdata); 1285 1286 ieee80211_led_assoc(local, 1); 1287 1288 if (local->hw.flags & IEEE80211_HW_NEED_DTIM_PERIOD) 1289 bss_conf->dtim_period = bss->dtim_period; 1290 else 1291 bss_conf->dtim_period = 0; 1292 1293 bss_conf->assoc = 1; 1294 1295 /* Tell the driver to monitor connection quality (if supported) */ 1296 if (sdata->vif.driver_flags & IEEE80211_VIF_SUPPORTS_CQM_RSSI && 1297 bss_conf->cqm_rssi_thold) 1298 bss_info_changed |= BSS_CHANGED_CQM; 1299 1300 /* Enable ARP filtering */ 1301 if (bss_conf->arp_filter_enabled != sdata->arp_filter_state) { 1302 bss_conf->arp_filter_enabled = sdata->arp_filter_state; 1303 bss_info_changed |= BSS_CHANGED_ARP_FILTER; 1304 } 1305 1306 ieee80211_bss_info_change_notify(sdata, bss_info_changed); 1307 1308 mutex_lock(&local->iflist_mtx); 1309 ieee80211_recalc_ps(local, -1); 1310 ieee80211_recalc_smps(local); 1311 mutex_unlock(&local->iflist_mtx); 1312 1313 netif_tx_start_all_queues(sdata->dev); 1314 netif_carrier_on(sdata->dev); 1315 } 1316 1317 static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata, 1318 u16 stype, u16 reason, bool tx, 1319 u8 *frame_buf) 1320 { 1321 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1322 struct ieee80211_local *local = sdata->local; 1323 struct sta_info *sta; 1324 u32 changed = 0; 1325 1326 ASSERT_MGD_MTX(ifmgd); 1327 1328 if (WARN_ON_ONCE(tx && !frame_buf)) 1329 return; 1330 1331 if (WARN_ON(!ifmgd->associated)) 1332 return; 1333 1334 ieee80211_stop_poll(sdata); 1335 1336 ifmgd->associated = NULL; 1337 1338 /* 1339 * we need to commit the associated = NULL change because the 1340 * scan code uses that to determine whether this iface should 1341 * go to/wake up from powersave or not -- and could otherwise 1342 * wake the queues erroneously. 1343 */ 1344 smp_mb(); 1345 1346 /* 1347 * Thus, we can only afterwards stop the queues -- to account 1348 * for the case where another CPU is finishing a scan at this 1349 * time -- we don't want the scan code to enable queues. 1350 */ 1351 1352 netif_tx_stop_all_queues(sdata->dev); 1353 netif_carrier_off(sdata->dev); 1354 1355 mutex_lock(&local->sta_mtx); 1356 sta = sta_info_get(sdata, ifmgd->bssid); 1357 if (sta) { 1358 set_sta_flag(sta, WLAN_STA_BLOCK_BA); 1359 ieee80211_sta_tear_down_BA_sessions(sta, tx); 1360 } 1361 mutex_unlock(&local->sta_mtx); 1362 1363 /* 1364 * if we want to get out of ps before disassoc (why?) we have 1365 * to do it before sending disassoc, as otherwise the null-packet 1366 * won't be valid. 1367 */ 1368 if (local->hw.conf.flags & IEEE80211_CONF_PS) { 1369 local->hw.conf.flags &= ~IEEE80211_CONF_PS; 1370 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS); 1371 } 1372 local->ps_sdata = NULL; 1373 1374 /* flush out any pending frame (e.g. DELBA) before deauth/disassoc */ 1375 if (tx) 1376 drv_flush(local, false); 1377 1378 /* deauthenticate/disassociate now */ 1379 if (tx || frame_buf) 1380 ieee80211_send_deauth_disassoc(sdata, ifmgd->bssid, stype, 1381 reason, tx, frame_buf); 1382 1383 /* flush out frame */ 1384 if (tx) 1385 drv_flush(local, false); 1386 1387 /* clear bssid only after building the needed mgmt frames */ 1388 memset(ifmgd->bssid, 0, ETH_ALEN); 1389 1390 /* remove AP and TDLS peers */ 1391 sta_info_flush(local, sdata); 1392 1393 /* finally reset all BSS / config parameters */ 1394 changed |= ieee80211_reset_erp_info(sdata); 1395 1396 ieee80211_led_assoc(local, 0); 1397 changed |= BSS_CHANGED_ASSOC; 1398 sdata->vif.bss_conf.assoc = false; 1399 1400 /* on the next assoc, re-program HT parameters */ 1401 memset(&ifmgd->ht_capa, 0, sizeof(ifmgd->ht_capa)); 1402 memset(&ifmgd->ht_capa_mask, 0, sizeof(ifmgd->ht_capa_mask)); 1403 1404 local->power_constr_level = 0; 1405 1406 del_timer_sync(&local->dynamic_ps_timer); 1407 cancel_work_sync(&local->dynamic_ps_enable_work); 1408 1409 /* Disable ARP filtering */ 1410 if (sdata->vif.bss_conf.arp_filter_enabled) { 1411 sdata->vif.bss_conf.arp_filter_enabled = false; 1412 changed |= BSS_CHANGED_ARP_FILTER; 1413 } 1414 1415 sdata->vif.bss_conf.qos = false; 1416 changed |= BSS_CHANGED_QOS; 1417 1418 /* The BSSID (not really interesting) and HT changed */ 1419 changed |= BSS_CHANGED_BSSID | BSS_CHANGED_HT; 1420 ieee80211_bss_info_change_notify(sdata, changed); 1421 1422 /* channel(_type) changes are handled by ieee80211_hw_config */ 1423 WARN_ON(!ieee80211_set_channel_type(local, sdata, NL80211_CHAN_NO_HT)); 1424 ieee80211_hw_config(local, 0); 1425 1426 /* disassociated - set to defaults now */ 1427 ieee80211_set_wmm_default(sdata, false); 1428 1429 del_timer_sync(&sdata->u.mgd.conn_mon_timer); 1430 del_timer_sync(&sdata->u.mgd.bcn_mon_timer); 1431 del_timer_sync(&sdata->u.mgd.timer); 1432 del_timer_sync(&sdata->u.mgd.chswitch_timer); 1433 1434 sdata->u.mgd.timers_running = 0; 1435 } 1436 1437 void ieee80211_sta_rx_notify(struct ieee80211_sub_if_data *sdata, 1438 struct ieee80211_hdr *hdr) 1439 { 1440 /* 1441 * We can postpone the mgd.timer whenever receiving unicast frames 1442 * from AP because we know that the connection is working both ways 1443 * at that time. But multicast frames (and hence also beacons) must 1444 * be ignored here, because we need to trigger the timer during 1445 * data idle periods for sending the periodic probe request to the 1446 * AP we're connected to. 1447 */ 1448 if (is_multicast_ether_addr(hdr->addr1)) 1449 return; 1450 1451 ieee80211_sta_reset_conn_monitor(sdata); 1452 } 1453 1454 static void ieee80211_reset_ap_probe(struct ieee80211_sub_if_data *sdata) 1455 { 1456 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1457 struct ieee80211_local *local = sdata->local; 1458 1459 mutex_lock(&local->mtx); 1460 if (!(ifmgd->flags & (IEEE80211_STA_BEACON_POLL | 1461 IEEE80211_STA_CONNECTION_POLL))) { 1462 mutex_unlock(&local->mtx); 1463 return; 1464 } 1465 1466 __ieee80211_stop_poll(sdata); 1467 1468 mutex_lock(&local->iflist_mtx); 1469 ieee80211_recalc_ps(local, -1); 1470 mutex_unlock(&local->iflist_mtx); 1471 1472 if (sdata->local->hw.flags & IEEE80211_HW_CONNECTION_MONITOR) 1473 goto out; 1474 1475 /* 1476 * We've received a probe response, but are not sure whether 1477 * we have or will be receiving any beacons or data, so let's 1478 * schedule the timers again, just in case. 1479 */ 1480 ieee80211_sta_reset_beacon_monitor(sdata); 1481 1482 mod_timer(&ifmgd->conn_mon_timer, 1483 round_jiffies_up(jiffies + 1484 IEEE80211_CONNECTION_IDLE_TIME)); 1485 out: 1486 mutex_unlock(&local->mtx); 1487 } 1488 1489 void ieee80211_sta_tx_notify(struct ieee80211_sub_if_data *sdata, 1490 struct ieee80211_hdr *hdr, bool ack) 1491 { 1492 if (!ieee80211_is_data(hdr->frame_control)) 1493 return; 1494 1495 if (ack) 1496 ieee80211_sta_reset_conn_monitor(sdata); 1497 1498 if (ieee80211_is_nullfunc(hdr->frame_control) && 1499 sdata->u.mgd.probe_send_count > 0) { 1500 if (ack) 1501 sdata->u.mgd.probe_send_count = 0; 1502 else 1503 sdata->u.mgd.nullfunc_failed = true; 1504 ieee80211_queue_work(&sdata->local->hw, &sdata->work); 1505 } 1506 } 1507 1508 static void ieee80211_mgd_probe_ap_send(struct ieee80211_sub_if_data *sdata) 1509 { 1510 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1511 const u8 *ssid; 1512 u8 *dst = ifmgd->associated->bssid; 1513 u8 unicast_limit = max(1, max_probe_tries - 3); 1514 1515 /* 1516 * Try sending broadcast probe requests for the last three 1517 * probe requests after the first ones failed since some 1518 * buggy APs only support broadcast probe requests. 1519 */ 1520 if (ifmgd->probe_send_count >= unicast_limit) 1521 dst = NULL; 1522 1523 /* 1524 * When the hardware reports an accurate Tx ACK status, it's 1525 * better to send a nullfunc frame instead of a probe request, 1526 * as it will kick us off the AP quickly if we aren't associated 1527 * anymore. The timeout will be reset if the frame is ACKed by 1528 * the AP. 1529 */ 1530 ifmgd->probe_send_count++; 1531 1532 if (sdata->local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS) { 1533 ifmgd->nullfunc_failed = false; 1534 ieee80211_send_nullfunc(sdata->local, sdata, 0); 1535 } else { 1536 int ssid_len; 1537 1538 ssid = ieee80211_bss_get_ie(ifmgd->associated, WLAN_EID_SSID); 1539 if (WARN_ON_ONCE(ssid == NULL)) 1540 ssid_len = 0; 1541 else 1542 ssid_len = ssid[1]; 1543 1544 ieee80211_send_probe_req(sdata, dst, ssid + 2, ssid_len, NULL, 1545 0, (u32) -1, true, false); 1546 } 1547 1548 ifmgd->probe_timeout = jiffies + msecs_to_jiffies(probe_wait_ms); 1549 run_again(ifmgd, ifmgd->probe_timeout); 1550 if (sdata->local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS) 1551 drv_flush(sdata->local, false); 1552 } 1553 1554 static void ieee80211_mgd_probe_ap(struct ieee80211_sub_if_data *sdata, 1555 bool beacon) 1556 { 1557 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1558 bool already = false; 1559 1560 if (!ieee80211_sdata_running(sdata)) 1561 return; 1562 1563 mutex_lock(&ifmgd->mtx); 1564 1565 if (!ifmgd->associated) 1566 goto out; 1567 1568 mutex_lock(&sdata->local->mtx); 1569 1570 if (sdata->local->tmp_channel || sdata->local->scanning) { 1571 mutex_unlock(&sdata->local->mtx); 1572 goto out; 1573 } 1574 1575 if (beacon) 1576 mlme_dbg_ratelimited(sdata, 1577 "detected beacon loss from AP - sending probe request\n"); 1578 1579 ieee80211_cqm_rssi_notify(&sdata->vif, 1580 NL80211_CQM_RSSI_BEACON_LOSS_EVENT, GFP_KERNEL); 1581 1582 /* 1583 * The driver/our work has already reported this event or the 1584 * connection monitoring has kicked in and we have already sent 1585 * a probe request. Or maybe the AP died and the driver keeps 1586 * reporting until we disassociate... 1587 * 1588 * In either case we have to ignore the current call to this 1589 * function (except for setting the correct probe reason bit) 1590 * because otherwise we would reset the timer every time and 1591 * never check whether we received a probe response! 1592 */ 1593 if (ifmgd->flags & (IEEE80211_STA_BEACON_POLL | 1594 IEEE80211_STA_CONNECTION_POLL)) 1595 already = true; 1596 1597 if (beacon) 1598 ifmgd->flags |= IEEE80211_STA_BEACON_POLL; 1599 else 1600 ifmgd->flags |= IEEE80211_STA_CONNECTION_POLL; 1601 1602 mutex_unlock(&sdata->local->mtx); 1603 1604 if (already) 1605 goto out; 1606 1607 mutex_lock(&sdata->local->iflist_mtx); 1608 ieee80211_recalc_ps(sdata->local, -1); 1609 mutex_unlock(&sdata->local->iflist_mtx); 1610 1611 ifmgd->probe_send_count = 0; 1612 ieee80211_mgd_probe_ap_send(sdata); 1613 out: 1614 mutex_unlock(&ifmgd->mtx); 1615 } 1616 1617 struct sk_buff *ieee80211_ap_probereq_get(struct ieee80211_hw *hw, 1618 struct ieee80211_vif *vif) 1619 { 1620 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); 1621 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1622 struct cfg80211_bss *cbss; 1623 struct sk_buff *skb; 1624 const u8 *ssid; 1625 int ssid_len; 1626 1627 if (WARN_ON(sdata->vif.type != NL80211_IFTYPE_STATION)) 1628 return NULL; 1629 1630 ASSERT_MGD_MTX(ifmgd); 1631 1632 if (ifmgd->associated) 1633 cbss = ifmgd->associated; 1634 else if (ifmgd->auth_data) 1635 cbss = ifmgd->auth_data->bss; 1636 else if (ifmgd->assoc_data) 1637 cbss = ifmgd->assoc_data->bss; 1638 else 1639 return NULL; 1640 1641 ssid = ieee80211_bss_get_ie(cbss, WLAN_EID_SSID); 1642 if (WARN_ON_ONCE(ssid == NULL)) 1643 ssid_len = 0; 1644 else 1645 ssid_len = ssid[1]; 1646 1647 skb = ieee80211_build_probe_req(sdata, cbss->bssid, 1648 (u32) -1, ssid + 2, ssid_len, 1649 NULL, 0, true); 1650 1651 return skb; 1652 } 1653 EXPORT_SYMBOL(ieee80211_ap_probereq_get); 1654 1655 static void __ieee80211_connection_loss(struct ieee80211_sub_if_data *sdata) 1656 { 1657 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1658 struct ieee80211_local *local = sdata->local; 1659 u8 bssid[ETH_ALEN]; 1660 u8 frame_buf[DEAUTH_DISASSOC_LEN]; 1661 1662 mutex_lock(&ifmgd->mtx); 1663 if (!ifmgd->associated) { 1664 mutex_unlock(&ifmgd->mtx); 1665 return; 1666 } 1667 1668 memcpy(bssid, ifmgd->associated->bssid, ETH_ALEN); 1669 1670 sdata_info(sdata, "Connection to AP %pM lost\n", bssid); 1671 1672 ieee80211_set_disassoc(sdata, IEEE80211_STYPE_DEAUTH, 1673 WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY, 1674 false, frame_buf); 1675 mutex_unlock(&ifmgd->mtx); 1676 1677 /* 1678 * must be outside lock due to cfg80211, 1679 * but that's not a problem. 1680 */ 1681 cfg80211_send_deauth(sdata->dev, frame_buf, DEAUTH_DISASSOC_LEN); 1682 1683 mutex_lock(&local->mtx); 1684 ieee80211_recalc_idle(local); 1685 mutex_unlock(&local->mtx); 1686 } 1687 1688 void ieee80211_beacon_connection_loss_work(struct work_struct *work) 1689 { 1690 struct ieee80211_sub_if_data *sdata = 1691 container_of(work, struct ieee80211_sub_if_data, 1692 u.mgd.beacon_connection_loss_work); 1693 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1694 struct sta_info *sta; 1695 1696 if (ifmgd->associated) { 1697 rcu_read_lock(); 1698 sta = sta_info_get(sdata, ifmgd->bssid); 1699 if (sta) 1700 sta->beacon_loss_count++; 1701 rcu_read_unlock(); 1702 } 1703 1704 if (sdata->local->hw.flags & IEEE80211_HW_CONNECTION_MONITOR) 1705 __ieee80211_connection_loss(sdata); 1706 else 1707 ieee80211_mgd_probe_ap(sdata, true); 1708 } 1709 1710 void ieee80211_beacon_loss(struct ieee80211_vif *vif) 1711 { 1712 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); 1713 struct ieee80211_hw *hw = &sdata->local->hw; 1714 1715 trace_api_beacon_loss(sdata); 1716 1717 WARN_ON(hw->flags & IEEE80211_HW_CONNECTION_MONITOR); 1718 ieee80211_queue_work(hw, &sdata->u.mgd.beacon_connection_loss_work); 1719 } 1720 EXPORT_SYMBOL(ieee80211_beacon_loss); 1721 1722 void ieee80211_connection_loss(struct ieee80211_vif *vif) 1723 { 1724 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); 1725 struct ieee80211_hw *hw = &sdata->local->hw; 1726 1727 trace_api_connection_loss(sdata); 1728 1729 WARN_ON(!(hw->flags & IEEE80211_HW_CONNECTION_MONITOR)); 1730 ieee80211_queue_work(hw, &sdata->u.mgd.beacon_connection_loss_work); 1731 } 1732 EXPORT_SYMBOL(ieee80211_connection_loss); 1733 1734 1735 static void ieee80211_destroy_auth_data(struct ieee80211_sub_if_data *sdata, 1736 bool assoc) 1737 { 1738 struct ieee80211_mgd_auth_data *auth_data = sdata->u.mgd.auth_data; 1739 1740 lockdep_assert_held(&sdata->u.mgd.mtx); 1741 1742 if (!assoc) { 1743 sta_info_destroy_addr(sdata, auth_data->bss->bssid); 1744 1745 memset(sdata->u.mgd.bssid, 0, ETH_ALEN); 1746 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BSSID); 1747 } 1748 1749 cfg80211_put_bss(auth_data->bss); 1750 kfree(auth_data); 1751 sdata->u.mgd.auth_data = NULL; 1752 } 1753 1754 static void ieee80211_auth_challenge(struct ieee80211_sub_if_data *sdata, 1755 struct ieee80211_mgmt *mgmt, size_t len) 1756 { 1757 struct ieee80211_mgd_auth_data *auth_data = sdata->u.mgd.auth_data; 1758 u8 *pos; 1759 struct ieee802_11_elems elems; 1760 1761 pos = mgmt->u.auth.variable; 1762 ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems); 1763 if (!elems.challenge) 1764 return; 1765 auth_data->expected_transaction = 4; 1766 drv_mgd_prepare_tx(sdata->local, sdata); 1767 ieee80211_send_auth(sdata, 3, auth_data->algorithm, 1768 elems.challenge - 2, elems.challenge_len + 2, 1769 auth_data->bss->bssid, auth_data->bss->bssid, 1770 auth_data->key, auth_data->key_len, 1771 auth_data->key_idx); 1772 } 1773 1774 static enum rx_mgmt_action __must_check 1775 ieee80211_rx_mgmt_auth(struct ieee80211_sub_if_data *sdata, 1776 struct ieee80211_mgmt *mgmt, size_t len) 1777 { 1778 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1779 u8 bssid[ETH_ALEN]; 1780 u16 auth_alg, auth_transaction, status_code; 1781 struct sta_info *sta; 1782 1783 lockdep_assert_held(&ifmgd->mtx); 1784 1785 if (len < 24 + 6) 1786 return RX_MGMT_NONE; 1787 1788 if (!ifmgd->auth_data || ifmgd->auth_data->done) 1789 return RX_MGMT_NONE; 1790 1791 memcpy(bssid, ifmgd->auth_data->bss->bssid, ETH_ALEN); 1792 1793 if (!ether_addr_equal(bssid, mgmt->bssid)) 1794 return RX_MGMT_NONE; 1795 1796 auth_alg = le16_to_cpu(mgmt->u.auth.auth_alg); 1797 auth_transaction = le16_to_cpu(mgmt->u.auth.auth_transaction); 1798 status_code = le16_to_cpu(mgmt->u.auth.status_code); 1799 1800 if (auth_alg != ifmgd->auth_data->algorithm || 1801 auth_transaction != ifmgd->auth_data->expected_transaction) 1802 return RX_MGMT_NONE; 1803 1804 if (status_code != WLAN_STATUS_SUCCESS) { 1805 sdata_info(sdata, "%pM denied authentication (status %d)\n", 1806 mgmt->sa, status_code); 1807 ieee80211_destroy_auth_data(sdata, false); 1808 return RX_MGMT_CFG80211_RX_AUTH; 1809 } 1810 1811 switch (ifmgd->auth_data->algorithm) { 1812 case WLAN_AUTH_OPEN: 1813 case WLAN_AUTH_LEAP: 1814 case WLAN_AUTH_FT: 1815 break; 1816 case WLAN_AUTH_SHARED_KEY: 1817 if (ifmgd->auth_data->expected_transaction != 4) { 1818 ieee80211_auth_challenge(sdata, mgmt, len); 1819 /* need another frame */ 1820 return RX_MGMT_NONE; 1821 } 1822 break; 1823 default: 1824 WARN_ONCE(1, "invalid auth alg %d", 1825 ifmgd->auth_data->algorithm); 1826 return RX_MGMT_NONE; 1827 } 1828 1829 sdata_info(sdata, "authenticated\n"); 1830 ifmgd->auth_data->done = true; 1831 ifmgd->auth_data->timeout = jiffies + IEEE80211_AUTH_WAIT_ASSOC; 1832 run_again(ifmgd, ifmgd->auth_data->timeout); 1833 1834 /* move station state to auth */ 1835 mutex_lock(&sdata->local->sta_mtx); 1836 sta = sta_info_get(sdata, bssid); 1837 if (!sta) { 1838 WARN_ONCE(1, "%s: STA %pM not found", sdata->name, bssid); 1839 goto out_err; 1840 } 1841 if (sta_info_move_state(sta, IEEE80211_STA_AUTH)) { 1842 sdata_info(sdata, "failed moving %pM to auth\n", bssid); 1843 goto out_err; 1844 } 1845 mutex_unlock(&sdata->local->sta_mtx); 1846 1847 return RX_MGMT_CFG80211_RX_AUTH; 1848 out_err: 1849 mutex_unlock(&sdata->local->sta_mtx); 1850 /* ignore frame -- wait for timeout */ 1851 return RX_MGMT_NONE; 1852 } 1853 1854 1855 static enum rx_mgmt_action __must_check 1856 ieee80211_rx_mgmt_deauth(struct ieee80211_sub_if_data *sdata, 1857 struct ieee80211_mgmt *mgmt, size_t len) 1858 { 1859 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1860 const u8 *bssid = NULL; 1861 u16 reason_code; 1862 1863 lockdep_assert_held(&ifmgd->mtx); 1864 1865 if (len < 24 + 2) 1866 return RX_MGMT_NONE; 1867 1868 if (!ifmgd->associated || 1869 !ether_addr_equal(mgmt->bssid, ifmgd->associated->bssid)) 1870 return RX_MGMT_NONE; 1871 1872 bssid = ifmgd->associated->bssid; 1873 1874 reason_code = le16_to_cpu(mgmt->u.deauth.reason_code); 1875 1876 sdata_info(sdata, "deauthenticated from %pM (Reason: %u)\n", 1877 bssid, reason_code); 1878 1879 ieee80211_set_disassoc(sdata, 0, 0, false, NULL); 1880 1881 mutex_lock(&sdata->local->mtx); 1882 ieee80211_recalc_idle(sdata->local); 1883 mutex_unlock(&sdata->local->mtx); 1884 1885 return RX_MGMT_CFG80211_DEAUTH; 1886 } 1887 1888 1889 static enum rx_mgmt_action __must_check 1890 ieee80211_rx_mgmt_disassoc(struct ieee80211_sub_if_data *sdata, 1891 struct ieee80211_mgmt *mgmt, size_t len) 1892 { 1893 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1894 u16 reason_code; 1895 1896 lockdep_assert_held(&ifmgd->mtx); 1897 1898 if (len < 24 + 2) 1899 return RX_MGMT_NONE; 1900 1901 if (!ifmgd->associated || 1902 !ether_addr_equal(mgmt->bssid, ifmgd->associated->bssid)) 1903 return RX_MGMT_NONE; 1904 1905 reason_code = le16_to_cpu(mgmt->u.disassoc.reason_code); 1906 1907 sdata_info(sdata, "disassociated from %pM (Reason: %u)\n", 1908 mgmt->sa, reason_code); 1909 1910 ieee80211_set_disassoc(sdata, 0, 0, false, NULL); 1911 1912 mutex_lock(&sdata->local->mtx); 1913 ieee80211_recalc_idle(sdata->local); 1914 mutex_unlock(&sdata->local->mtx); 1915 1916 return RX_MGMT_CFG80211_DISASSOC; 1917 } 1918 1919 static void ieee80211_get_rates(struct ieee80211_supported_band *sband, 1920 u8 *supp_rates, unsigned int supp_rates_len, 1921 u32 *rates, u32 *basic_rates, 1922 bool *have_higher_than_11mbit, 1923 int *min_rate, int *min_rate_index) 1924 { 1925 int i, j; 1926 1927 for (i = 0; i < supp_rates_len; i++) { 1928 int rate = (supp_rates[i] & 0x7f) * 5; 1929 bool is_basic = !!(supp_rates[i] & 0x80); 1930 1931 if (rate > 110) 1932 *have_higher_than_11mbit = true; 1933 1934 /* 1935 * BSS_MEMBERSHIP_SELECTOR_HT_PHY is defined in 802.11n-2009 1936 * 7.3.2.2 as a magic value instead of a rate. Hence, skip it. 1937 * 1938 * Note: Even through the membership selector and the basic 1939 * rate flag share the same bit, they are not exactly 1940 * the same. 1941 */ 1942 if (!!(supp_rates[i] & 0x80) && 1943 (supp_rates[i] & 0x7f) == BSS_MEMBERSHIP_SELECTOR_HT_PHY) 1944 continue; 1945 1946 for (j = 0; j < sband->n_bitrates; j++) { 1947 if (sband->bitrates[j].bitrate == rate) { 1948 *rates |= BIT(j); 1949 if (is_basic) 1950 *basic_rates |= BIT(j); 1951 if (rate < *min_rate) { 1952 *min_rate = rate; 1953 *min_rate_index = j; 1954 } 1955 break; 1956 } 1957 } 1958 } 1959 } 1960 1961 static void ieee80211_destroy_assoc_data(struct ieee80211_sub_if_data *sdata, 1962 bool assoc) 1963 { 1964 struct ieee80211_mgd_assoc_data *assoc_data = sdata->u.mgd.assoc_data; 1965 1966 lockdep_assert_held(&sdata->u.mgd.mtx); 1967 1968 if (!assoc) { 1969 sta_info_destroy_addr(sdata, assoc_data->bss->bssid); 1970 1971 memset(sdata->u.mgd.bssid, 0, ETH_ALEN); 1972 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BSSID); 1973 } 1974 1975 kfree(assoc_data); 1976 sdata->u.mgd.assoc_data = NULL; 1977 } 1978 1979 static bool ieee80211_assoc_success(struct ieee80211_sub_if_data *sdata, 1980 struct cfg80211_bss *cbss, 1981 struct ieee80211_mgmt *mgmt, size_t len) 1982 { 1983 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1984 struct ieee80211_local *local = sdata->local; 1985 struct ieee80211_supported_band *sband; 1986 struct sta_info *sta; 1987 u8 *pos; 1988 u16 capab_info, aid; 1989 struct ieee802_11_elems elems; 1990 struct ieee80211_bss_conf *bss_conf = &sdata->vif.bss_conf; 1991 u32 changed = 0; 1992 int err; 1993 1994 /* AssocResp and ReassocResp have identical structure */ 1995 1996 aid = le16_to_cpu(mgmt->u.assoc_resp.aid); 1997 capab_info = le16_to_cpu(mgmt->u.assoc_resp.capab_info); 1998 1999 if ((aid & (BIT(15) | BIT(14))) != (BIT(15) | BIT(14))) 2000 sdata_info(sdata, "invalid AID value 0x%x; bits 15:14 not set\n", 2001 aid); 2002 aid &= ~(BIT(15) | BIT(14)); 2003 2004 ifmgd->broken_ap = false; 2005 2006 if (aid == 0 || aid > IEEE80211_MAX_AID) { 2007 sdata_info(sdata, "invalid AID value %d (out of range), turn off PS\n", 2008 aid); 2009 aid = 0; 2010 ifmgd->broken_ap = true; 2011 } 2012 2013 pos = mgmt->u.assoc_resp.variable; 2014 ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems); 2015 2016 if (!elems.supp_rates) { 2017 sdata_info(sdata, "no SuppRates element in AssocResp\n"); 2018 return false; 2019 } 2020 2021 ifmgd->aid = aid; 2022 2023 mutex_lock(&sdata->local->sta_mtx); 2024 /* 2025 * station info was already allocated and inserted before 2026 * the association and should be available to us 2027 */ 2028 sta = sta_info_get(sdata, cbss->bssid); 2029 if (WARN_ON(!sta)) { 2030 mutex_unlock(&sdata->local->sta_mtx); 2031 return false; 2032 } 2033 2034 sband = local->hw.wiphy->bands[local->oper_channel->band]; 2035 2036 if (elems.ht_cap_elem && !(ifmgd->flags & IEEE80211_STA_DISABLE_11N)) 2037 ieee80211_ht_cap_ie_to_sta_ht_cap(sdata, sband, 2038 elems.ht_cap_elem, &sta->sta.ht_cap); 2039 2040 sta->supports_40mhz = 2041 sta->sta.ht_cap.cap & IEEE80211_HT_CAP_SUP_WIDTH_20_40; 2042 2043 rate_control_rate_init(sta); 2044 2045 if (ifmgd->flags & IEEE80211_STA_MFP_ENABLED) 2046 set_sta_flag(sta, WLAN_STA_MFP); 2047 2048 if (elems.wmm_param) 2049 set_sta_flag(sta, WLAN_STA_WME); 2050 2051 err = sta_info_move_state(sta, IEEE80211_STA_AUTH); 2052 if (!err) 2053 err = sta_info_move_state(sta, IEEE80211_STA_ASSOC); 2054 if (!err && !(ifmgd->flags & IEEE80211_STA_CONTROL_PORT)) 2055 err = sta_info_move_state(sta, IEEE80211_STA_AUTHORIZED); 2056 if (err) { 2057 sdata_info(sdata, 2058 "failed to move station %pM to desired state\n", 2059 sta->sta.addr); 2060 WARN_ON(__sta_info_destroy(sta)); 2061 mutex_unlock(&sdata->local->sta_mtx); 2062 return false; 2063 } 2064 2065 mutex_unlock(&sdata->local->sta_mtx); 2066 2067 /* 2068 * Always handle WMM once after association regardless 2069 * of the first value the AP uses. Setting -1 here has 2070 * that effect because the AP values is an unsigned 2071 * 4-bit value. 2072 */ 2073 ifmgd->wmm_last_param_set = -1; 2074 2075 if (elems.wmm_param) 2076 ieee80211_sta_wmm_params(local, sdata, elems.wmm_param, 2077 elems.wmm_param_len); 2078 else 2079 ieee80211_set_wmm_default(sdata, false); 2080 changed |= BSS_CHANGED_QOS; 2081 2082 if (elems.ht_operation && elems.wmm_param && 2083 !(ifmgd->flags & IEEE80211_STA_DISABLE_11N)) 2084 changed |= ieee80211_config_ht_tx(sdata, elems.ht_operation, 2085 cbss->bssid, false); 2086 2087 /* set AID and assoc capability, 2088 * ieee80211_set_associated() will tell the driver */ 2089 bss_conf->aid = aid; 2090 bss_conf->assoc_capability = capab_info; 2091 ieee80211_set_associated(sdata, cbss, changed); 2092 2093 /* 2094 * If we're using 4-addr mode, let the AP know that we're 2095 * doing so, so that it can create the STA VLAN on its side 2096 */ 2097 if (ifmgd->use_4addr) 2098 ieee80211_send_4addr_nullfunc(local, sdata); 2099 2100 /* 2101 * Start timer to probe the connection to the AP now. 2102 * Also start the timer that will detect beacon loss. 2103 */ 2104 ieee80211_sta_rx_notify(sdata, (struct ieee80211_hdr *)mgmt); 2105 ieee80211_sta_reset_beacon_monitor(sdata); 2106 2107 return true; 2108 } 2109 2110 static enum rx_mgmt_action __must_check 2111 ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata, 2112 struct ieee80211_mgmt *mgmt, size_t len, 2113 struct cfg80211_bss **bss) 2114 { 2115 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2116 struct ieee80211_mgd_assoc_data *assoc_data = ifmgd->assoc_data; 2117 u16 capab_info, status_code, aid; 2118 struct ieee802_11_elems elems; 2119 u8 *pos; 2120 bool reassoc; 2121 2122 lockdep_assert_held(&ifmgd->mtx); 2123 2124 if (!assoc_data) 2125 return RX_MGMT_NONE; 2126 if (!ether_addr_equal(assoc_data->bss->bssid, mgmt->bssid)) 2127 return RX_MGMT_NONE; 2128 2129 /* 2130 * AssocResp and ReassocResp have identical structure, so process both 2131 * of them in this function. 2132 */ 2133 2134 if (len < 24 + 6) 2135 return RX_MGMT_NONE; 2136 2137 reassoc = ieee80211_is_reassoc_req(mgmt->frame_control); 2138 capab_info = le16_to_cpu(mgmt->u.assoc_resp.capab_info); 2139 status_code = le16_to_cpu(mgmt->u.assoc_resp.status_code); 2140 aid = le16_to_cpu(mgmt->u.assoc_resp.aid); 2141 2142 sdata_info(sdata, 2143 "RX %sssocResp from %pM (capab=0x%x status=%d aid=%d)\n", 2144 reassoc ? "Rea" : "A", mgmt->sa, 2145 capab_info, status_code, (u16)(aid & ~(BIT(15) | BIT(14)))); 2146 2147 pos = mgmt->u.assoc_resp.variable; 2148 ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems); 2149 2150 if (status_code == WLAN_STATUS_ASSOC_REJECTED_TEMPORARILY && 2151 elems.timeout_int && elems.timeout_int_len == 5 && 2152 elems.timeout_int[0] == WLAN_TIMEOUT_ASSOC_COMEBACK) { 2153 u32 tu, ms; 2154 tu = get_unaligned_le32(elems.timeout_int + 1); 2155 ms = tu * 1024 / 1000; 2156 sdata_info(sdata, 2157 "%pM rejected association temporarily; comeback duration %u TU (%u ms)\n", 2158 mgmt->sa, tu, ms); 2159 assoc_data->timeout = jiffies + msecs_to_jiffies(ms); 2160 if (ms > IEEE80211_ASSOC_TIMEOUT) 2161 run_again(ifmgd, assoc_data->timeout); 2162 return RX_MGMT_NONE; 2163 } 2164 2165 *bss = assoc_data->bss; 2166 2167 if (status_code != WLAN_STATUS_SUCCESS) { 2168 sdata_info(sdata, "%pM denied association (code=%d)\n", 2169 mgmt->sa, status_code); 2170 ieee80211_destroy_assoc_data(sdata, false); 2171 } else { 2172 if (!ieee80211_assoc_success(sdata, *bss, mgmt, len)) { 2173 /* oops -- internal error -- send timeout for now */ 2174 ieee80211_destroy_assoc_data(sdata, false); 2175 cfg80211_put_bss(*bss); 2176 return RX_MGMT_CFG80211_ASSOC_TIMEOUT; 2177 } 2178 sdata_info(sdata, "associated\n"); 2179 2180 /* 2181 * destroy assoc_data afterwards, as otherwise an idle 2182 * recalc after assoc_data is NULL but before associated 2183 * is set can cause the interface to go idle 2184 */ 2185 ieee80211_destroy_assoc_data(sdata, true); 2186 } 2187 2188 return RX_MGMT_CFG80211_RX_ASSOC; 2189 } 2190 static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata, 2191 struct ieee80211_mgmt *mgmt, 2192 size_t len, 2193 struct ieee80211_rx_status *rx_status, 2194 struct ieee802_11_elems *elems, 2195 bool beacon) 2196 { 2197 struct ieee80211_local *local = sdata->local; 2198 int freq; 2199 struct ieee80211_bss *bss; 2200 struct ieee80211_channel *channel; 2201 bool need_ps = false; 2202 2203 if (sdata->u.mgd.associated && 2204 ether_addr_equal(mgmt->bssid, sdata->u.mgd.associated->bssid)) { 2205 bss = (void *)sdata->u.mgd.associated->priv; 2206 /* not previously set so we may need to recalc */ 2207 need_ps = !bss->dtim_period; 2208 } 2209 2210 if (elems->ds_params && elems->ds_params_len == 1) 2211 freq = ieee80211_channel_to_frequency(elems->ds_params[0], 2212 rx_status->band); 2213 else 2214 freq = rx_status->freq; 2215 2216 channel = ieee80211_get_channel(local->hw.wiphy, freq); 2217 2218 if (!channel || channel->flags & IEEE80211_CHAN_DISABLED) 2219 return; 2220 2221 bss = ieee80211_bss_info_update(local, rx_status, mgmt, len, elems, 2222 channel, beacon); 2223 if (bss) 2224 ieee80211_rx_bss_put(local, bss); 2225 2226 if (!sdata->u.mgd.associated) 2227 return; 2228 2229 if (need_ps) { 2230 mutex_lock(&local->iflist_mtx); 2231 ieee80211_recalc_ps(local, -1); 2232 mutex_unlock(&local->iflist_mtx); 2233 } 2234 2235 if (elems->ch_switch_elem && (elems->ch_switch_elem_len == 3) && 2236 (memcmp(mgmt->bssid, sdata->u.mgd.associated->bssid, 2237 ETH_ALEN) == 0)) { 2238 struct ieee80211_channel_sw_ie *sw_elem = 2239 (struct ieee80211_channel_sw_ie *)elems->ch_switch_elem; 2240 ieee80211_sta_process_chanswitch(sdata, sw_elem, 2241 bss, rx_status->mactime); 2242 } 2243 } 2244 2245 2246 static void ieee80211_rx_mgmt_probe_resp(struct ieee80211_sub_if_data *sdata, 2247 struct sk_buff *skb) 2248 { 2249 struct ieee80211_mgmt *mgmt = (void *)skb->data; 2250 struct ieee80211_if_managed *ifmgd; 2251 struct ieee80211_rx_status *rx_status = (void *) skb->cb; 2252 size_t baselen, len = skb->len; 2253 struct ieee802_11_elems elems; 2254 2255 ifmgd = &sdata->u.mgd; 2256 2257 ASSERT_MGD_MTX(ifmgd); 2258 2259 if (!ether_addr_equal(mgmt->da, sdata->vif.addr)) 2260 return; /* ignore ProbeResp to foreign address */ 2261 2262 baselen = (u8 *) mgmt->u.probe_resp.variable - (u8 *) mgmt; 2263 if (baselen > len) 2264 return; 2265 2266 ieee802_11_parse_elems(mgmt->u.probe_resp.variable, len - baselen, 2267 &elems); 2268 2269 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems, false); 2270 2271 if (ifmgd->associated && 2272 ether_addr_equal(mgmt->bssid, ifmgd->associated->bssid)) 2273 ieee80211_reset_ap_probe(sdata); 2274 2275 if (ifmgd->auth_data && !ifmgd->auth_data->bss->proberesp_ies && 2276 ether_addr_equal(mgmt->bssid, ifmgd->auth_data->bss->bssid)) { 2277 /* got probe response, continue with auth */ 2278 sdata_info(sdata, "direct probe responded\n"); 2279 ifmgd->auth_data->tries = 0; 2280 ifmgd->auth_data->timeout = jiffies; 2281 run_again(ifmgd, ifmgd->auth_data->timeout); 2282 } 2283 } 2284 2285 /* 2286 * This is the canonical list of information elements we care about, 2287 * the filter code also gives us all changes to the Microsoft OUI 2288 * (00:50:F2) vendor IE which is used for WMM which we need to track. 2289 * 2290 * We implement beacon filtering in software since that means we can 2291 * avoid processing the frame here and in cfg80211, and userspace 2292 * will not be able to tell whether the hardware supports it or not. 2293 * 2294 * XXX: This list needs to be dynamic -- userspace needs to be able to 2295 * add items it requires. It also needs to be able to tell us to 2296 * look out for other vendor IEs. 2297 */ 2298 static const u64 care_about_ies = 2299 (1ULL << WLAN_EID_COUNTRY) | 2300 (1ULL << WLAN_EID_ERP_INFO) | 2301 (1ULL << WLAN_EID_CHANNEL_SWITCH) | 2302 (1ULL << WLAN_EID_PWR_CONSTRAINT) | 2303 (1ULL << WLAN_EID_HT_CAPABILITY) | 2304 (1ULL << WLAN_EID_HT_OPERATION); 2305 2306 static void ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata, 2307 struct ieee80211_mgmt *mgmt, 2308 size_t len, 2309 struct ieee80211_rx_status *rx_status) 2310 { 2311 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2312 struct ieee80211_bss_conf *bss_conf = &sdata->vif.bss_conf; 2313 size_t baselen; 2314 struct ieee802_11_elems elems; 2315 struct ieee80211_local *local = sdata->local; 2316 u32 changed = 0; 2317 bool erp_valid, directed_tim = false; 2318 u8 erp_value = 0; 2319 u32 ncrc; 2320 u8 *bssid; 2321 2322 lockdep_assert_held(&ifmgd->mtx); 2323 2324 /* Process beacon from the current BSS */ 2325 baselen = (u8 *) mgmt->u.beacon.variable - (u8 *) mgmt; 2326 if (baselen > len) 2327 return; 2328 2329 if (rx_status->freq != local->hw.conf.channel->center_freq) 2330 return; 2331 2332 if (ifmgd->assoc_data && !ifmgd->assoc_data->have_beacon && 2333 ether_addr_equal(mgmt->bssid, ifmgd->assoc_data->bss->bssid)) { 2334 ieee802_11_parse_elems(mgmt->u.beacon.variable, 2335 len - baselen, &elems); 2336 2337 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems, 2338 false); 2339 ifmgd->assoc_data->have_beacon = true; 2340 ifmgd->assoc_data->sent_assoc = false; 2341 /* continue assoc process */ 2342 ifmgd->assoc_data->timeout = jiffies; 2343 run_again(ifmgd, ifmgd->assoc_data->timeout); 2344 return; 2345 } 2346 2347 if (!ifmgd->associated || 2348 !ether_addr_equal(mgmt->bssid, ifmgd->associated->bssid)) 2349 return; 2350 bssid = ifmgd->associated->bssid; 2351 2352 /* Track average RSSI from the Beacon frames of the current AP */ 2353 ifmgd->last_beacon_signal = rx_status->signal; 2354 if (ifmgd->flags & IEEE80211_STA_RESET_SIGNAL_AVE) { 2355 ifmgd->flags &= ~IEEE80211_STA_RESET_SIGNAL_AVE; 2356 ifmgd->ave_beacon_signal = rx_status->signal * 16; 2357 ifmgd->last_cqm_event_signal = 0; 2358 ifmgd->count_beacon_signal = 1; 2359 ifmgd->last_ave_beacon_signal = 0; 2360 } else { 2361 ifmgd->ave_beacon_signal = 2362 (IEEE80211_SIGNAL_AVE_WEIGHT * rx_status->signal * 16 + 2363 (16 - IEEE80211_SIGNAL_AVE_WEIGHT) * 2364 ifmgd->ave_beacon_signal) / 16; 2365 ifmgd->count_beacon_signal++; 2366 } 2367 2368 if (ifmgd->rssi_min_thold != ifmgd->rssi_max_thold && 2369 ifmgd->count_beacon_signal >= IEEE80211_SIGNAL_AVE_MIN_COUNT) { 2370 int sig = ifmgd->ave_beacon_signal; 2371 int last_sig = ifmgd->last_ave_beacon_signal; 2372 2373 /* 2374 * if signal crosses either of the boundaries, invoke callback 2375 * with appropriate parameters 2376 */ 2377 if (sig > ifmgd->rssi_max_thold && 2378 (last_sig <= ifmgd->rssi_min_thold || last_sig == 0)) { 2379 ifmgd->last_ave_beacon_signal = sig; 2380 drv_rssi_callback(local, RSSI_EVENT_HIGH); 2381 } else if (sig < ifmgd->rssi_min_thold && 2382 (last_sig >= ifmgd->rssi_max_thold || 2383 last_sig == 0)) { 2384 ifmgd->last_ave_beacon_signal = sig; 2385 drv_rssi_callback(local, RSSI_EVENT_LOW); 2386 } 2387 } 2388 2389 if (bss_conf->cqm_rssi_thold && 2390 ifmgd->count_beacon_signal >= IEEE80211_SIGNAL_AVE_MIN_COUNT && 2391 !(sdata->vif.driver_flags & IEEE80211_VIF_SUPPORTS_CQM_RSSI)) { 2392 int sig = ifmgd->ave_beacon_signal / 16; 2393 int last_event = ifmgd->last_cqm_event_signal; 2394 int thold = bss_conf->cqm_rssi_thold; 2395 int hyst = bss_conf->cqm_rssi_hyst; 2396 if (sig < thold && 2397 (last_event == 0 || sig < last_event - hyst)) { 2398 ifmgd->last_cqm_event_signal = sig; 2399 ieee80211_cqm_rssi_notify( 2400 &sdata->vif, 2401 NL80211_CQM_RSSI_THRESHOLD_EVENT_LOW, 2402 GFP_KERNEL); 2403 } else if (sig > thold && 2404 (last_event == 0 || sig > last_event + hyst)) { 2405 ifmgd->last_cqm_event_signal = sig; 2406 ieee80211_cqm_rssi_notify( 2407 &sdata->vif, 2408 NL80211_CQM_RSSI_THRESHOLD_EVENT_HIGH, 2409 GFP_KERNEL); 2410 } 2411 } 2412 2413 if (ifmgd->flags & IEEE80211_STA_BEACON_POLL) { 2414 mlme_dbg_ratelimited(sdata, 2415 "cancelling probereq poll due to a received beacon\n"); 2416 mutex_lock(&local->mtx); 2417 ifmgd->flags &= ~IEEE80211_STA_BEACON_POLL; 2418 ieee80211_run_deferred_scan(local); 2419 mutex_unlock(&local->mtx); 2420 2421 mutex_lock(&local->iflist_mtx); 2422 ieee80211_recalc_ps(local, -1); 2423 mutex_unlock(&local->iflist_mtx); 2424 } 2425 2426 /* 2427 * Push the beacon loss detection into the future since 2428 * we are processing a beacon from the AP just now. 2429 */ 2430 ieee80211_sta_reset_beacon_monitor(sdata); 2431 2432 ncrc = crc32_be(0, (void *)&mgmt->u.beacon.beacon_int, 4); 2433 ncrc = ieee802_11_parse_elems_crc(mgmt->u.beacon.variable, 2434 len - baselen, &elems, 2435 care_about_ies, ncrc); 2436 2437 if (local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK) 2438 directed_tim = ieee80211_check_tim(elems.tim, elems.tim_len, 2439 ifmgd->aid); 2440 2441 if (local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK) { 2442 if (directed_tim) { 2443 if (local->hw.conf.dynamic_ps_timeout > 0) { 2444 if (local->hw.conf.flags & IEEE80211_CONF_PS) { 2445 local->hw.conf.flags &= ~IEEE80211_CONF_PS; 2446 ieee80211_hw_config(local, 2447 IEEE80211_CONF_CHANGE_PS); 2448 } 2449 ieee80211_send_nullfunc(local, sdata, 0); 2450 } else if (!local->pspolling && sdata->u.mgd.powersave) { 2451 local->pspolling = true; 2452 2453 /* 2454 * Here is assumed that the driver will be 2455 * able to send ps-poll frame and receive a 2456 * response even though power save mode is 2457 * enabled, but some drivers might require 2458 * to disable power save here. This needs 2459 * to be investigated. 2460 */ 2461 ieee80211_send_pspoll(local, sdata); 2462 } 2463 } 2464 } 2465 2466 if (ncrc == ifmgd->beacon_crc && ifmgd->beacon_crc_valid) 2467 return; 2468 ifmgd->beacon_crc = ncrc; 2469 ifmgd->beacon_crc_valid = true; 2470 2471 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems, 2472 true); 2473 2474 if (ieee80211_sta_wmm_params(local, sdata, elems.wmm_param, 2475 elems.wmm_param_len)) 2476 changed |= BSS_CHANGED_QOS; 2477 2478 if (elems.erp_info && elems.erp_info_len >= 1) { 2479 erp_valid = true; 2480 erp_value = elems.erp_info[0]; 2481 } else { 2482 erp_valid = false; 2483 } 2484 changed |= ieee80211_handle_bss_capability(sdata, 2485 le16_to_cpu(mgmt->u.beacon.capab_info), 2486 erp_valid, erp_value); 2487 2488 2489 if (elems.ht_cap_elem && elems.ht_operation && elems.wmm_param && 2490 !(ifmgd->flags & IEEE80211_STA_DISABLE_11N)) { 2491 struct ieee80211_supported_band *sband; 2492 2493 sband = local->hw.wiphy->bands[local->hw.conf.channel->band]; 2494 2495 changed |= ieee80211_config_ht_tx(sdata, elems.ht_operation, 2496 bssid, true); 2497 } 2498 2499 /* Note: country IE parsing is done for us by cfg80211 */ 2500 if (elems.country_elem) { 2501 /* TODO: IBSS also needs this */ 2502 if (elems.pwr_constr_elem) 2503 ieee80211_handle_pwr_constr(sdata, 2504 le16_to_cpu(mgmt->u.probe_resp.capab_info), 2505 elems.pwr_constr_elem, 2506 elems.pwr_constr_elem_len); 2507 } 2508 2509 ieee80211_bss_info_change_notify(sdata, changed); 2510 } 2511 2512 void ieee80211_sta_rx_queued_mgmt(struct ieee80211_sub_if_data *sdata, 2513 struct sk_buff *skb) 2514 { 2515 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2516 struct ieee80211_rx_status *rx_status; 2517 struct ieee80211_mgmt *mgmt; 2518 struct cfg80211_bss *bss = NULL; 2519 enum rx_mgmt_action rma = RX_MGMT_NONE; 2520 u16 fc; 2521 2522 rx_status = (struct ieee80211_rx_status *) skb->cb; 2523 mgmt = (struct ieee80211_mgmt *) skb->data; 2524 fc = le16_to_cpu(mgmt->frame_control); 2525 2526 mutex_lock(&ifmgd->mtx); 2527 2528 switch (fc & IEEE80211_FCTL_STYPE) { 2529 case IEEE80211_STYPE_BEACON: 2530 ieee80211_rx_mgmt_beacon(sdata, mgmt, skb->len, rx_status); 2531 break; 2532 case IEEE80211_STYPE_PROBE_RESP: 2533 ieee80211_rx_mgmt_probe_resp(sdata, skb); 2534 break; 2535 case IEEE80211_STYPE_AUTH: 2536 rma = ieee80211_rx_mgmt_auth(sdata, mgmt, skb->len); 2537 break; 2538 case IEEE80211_STYPE_DEAUTH: 2539 rma = ieee80211_rx_mgmt_deauth(sdata, mgmt, skb->len); 2540 break; 2541 case IEEE80211_STYPE_DISASSOC: 2542 rma = ieee80211_rx_mgmt_disassoc(sdata, mgmt, skb->len); 2543 break; 2544 case IEEE80211_STYPE_ASSOC_RESP: 2545 case IEEE80211_STYPE_REASSOC_RESP: 2546 rma = ieee80211_rx_mgmt_assoc_resp(sdata, mgmt, skb->len, &bss); 2547 break; 2548 case IEEE80211_STYPE_ACTION: 2549 switch (mgmt->u.action.category) { 2550 case WLAN_CATEGORY_SPECTRUM_MGMT: 2551 ieee80211_sta_process_chanswitch(sdata, 2552 &mgmt->u.action.u.chan_switch.sw_elem, 2553 (void *)ifmgd->associated->priv, 2554 rx_status->mactime); 2555 break; 2556 } 2557 } 2558 mutex_unlock(&ifmgd->mtx); 2559 2560 switch (rma) { 2561 case RX_MGMT_NONE: 2562 /* no action */ 2563 break; 2564 case RX_MGMT_CFG80211_DEAUTH: 2565 cfg80211_send_deauth(sdata->dev, (u8 *)mgmt, skb->len); 2566 break; 2567 case RX_MGMT_CFG80211_DISASSOC: 2568 cfg80211_send_disassoc(sdata->dev, (u8 *)mgmt, skb->len); 2569 break; 2570 case RX_MGMT_CFG80211_RX_AUTH: 2571 cfg80211_send_rx_auth(sdata->dev, (u8 *)mgmt, skb->len); 2572 break; 2573 case RX_MGMT_CFG80211_RX_ASSOC: 2574 cfg80211_send_rx_assoc(sdata->dev, bss, (u8 *)mgmt, skb->len); 2575 break; 2576 case RX_MGMT_CFG80211_ASSOC_TIMEOUT: 2577 cfg80211_send_assoc_timeout(sdata->dev, mgmt->bssid); 2578 break; 2579 default: 2580 WARN(1, "unexpected: %d", rma); 2581 } 2582 } 2583 2584 static void ieee80211_sta_timer(unsigned long data) 2585 { 2586 struct ieee80211_sub_if_data *sdata = 2587 (struct ieee80211_sub_if_data *) data; 2588 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2589 struct ieee80211_local *local = sdata->local; 2590 2591 if (local->quiescing) { 2592 set_bit(TMR_RUNNING_TIMER, &ifmgd->timers_running); 2593 return; 2594 } 2595 2596 ieee80211_queue_work(&local->hw, &sdata->work); 2597 } 2598 2599 static void ieee80211_sta_connection_lost(struct ieee80211_sub_if_data *sdata, 2600 u8 *bssid, u8 reason) 2601 { 2602 struct ieee80211_local *local = sdata->local; 2603 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2604 u8 frame_buf[DEAUTH_DISASSOC_LEN]; 2605 2606 ieee80211_set_disassoc(sdata, IEEE80211_STYPE_DEAUTH, reason, 2607 false, frame_buf); 2608 mutex_unlock(&ifmgd->mtx); 2609 2610 /* 2611 * must be outside lock due to cfg80211, 2612 * but that's not a problem. 2613 */ 2614 cfg80211_send_deauth(sdata->dev, frame_buf, DEAUTH_DISASSOC_LEN); 2615 2616 mutex_lock(&local->mtx); 2617 ieee80211_recalc_idle(local); 2618 mutex_unlock(&local->mtx); 2619 2620 mutex_lock(&ifmgd->mtx); 2621 } 2622 2623 static int ieee80211_probe_auth(struct ieee80211_sub_if_data *sdata) 2624 { 2625 struct ieee80211_local *local = sdata->local; 2626 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2627 struct ieee80211_mgd_auth_data *auth_data = ifmgd->auth_data; 2628 2629 lockdep_assert_held(&ifmgd->mtx); 2630 2631 if (WARN_ON_ONCE(!auth_data)) 2632 return -EINVAL; 2633 2634 auth_data->tries++; 2635 2636 if (auth_data->tries > IEEE80211_AUTH_MAX_TRIES) { 2637 sdata_info(sdata, "authentication with %pM timed out\n", 2638 auth_data->bss->bssid); 2639 2640 /* 2641 * Most likely AP is not in the range so remove the 2642 * bss struct for that AP. 2643 */ 2644 cfg80211_unlink_bss(local->hw.wiphy, auth_data->bss); 2645 2646 return -ETIMEDOUT; 2647 } 2648 2649 drv_mgd_prepare_tx(local, sdata); 2650 2651 if (auth_data->bss->proberesp_ies) { 2652 sdata_info(sdata, "send auth to %pM (try %d/%d)\n", 2653 auth_data->bss->bssid, auth_data->tries, 2654 IEEE80211_AUTH_MAX_TRIES); 2655 2656 auth_data->expected_transaction = 2; 2657 ieee80211_send_auth(sdata, 1, auth_data->algorithm, 2658 auth_data->ie, auth_data->ie_len, 2659 auth_data->bss->bssid, 2660 auth_data->bss->bssid, NULL, 0, 0); 2661 } else { 2662 const u8 *ssidie; 2663 2664 sdata_info(sdata, "direct probe to %pM (try %d/%i)\n", 2665 auth_data->bss->bssid, auth_data->tries, 2666 IEEE80211_AUTH_MAX_TRIES); 2667 2668 ssidie = ieee80211_bss_get_ie(auth_data->bss, WLAN_EID_SSID); 2669 if (!ssidie) 2670 return -EINVAL; 2671 /* 2672 * Direct probe is sent to broadcast address as some APs 2673 * will not answer to direct packet in unassociated state. 2674 */ 2675 ieee80211_send_probe_req(sdata, NULL, ssidie + 2, ssidie[1], 2676 NULL, 0, (u32) -1, true, false); 2677 } 2678 2679 auth_data->timeout = jiffies + IEEE80211_AUTH_TIMEOUT; 2680 run_again(ifmgd, auth_data->timeout); 2681 2682 return 0; 2683 } 2684 2685 static int ieee80211_do_assoc(struct ieee80211_sub_if_data *sdata) 2686 { 2687 struct ieee80211_mgd_assoc_data *assoc_data = sdata->u.mgd.assoc_data; 2688 struct ieee80211_local *local = sdata->local; 2689 2690 lockdep_assert_held(&sdata->u.mgd.mtx); 2691 2692 assoc_data->tries++; 2693 if (assoc_data->tries > IEEE80211_ASSOC_MAX_TRIES) { 2694 sdata_info(sdata, "association with %pM timed out\n", 2695 assoc_data->bss->bssid); 2696 2697 /* 2698 * Most likely AP is not in the range so remove the 2699 * bss struct for that AP. 2700 */ 2701 cfg80211_unlink_bss(local->hw.wiphy, assoc_data->bss); 2702 2703 return -ETIMEDOUT; 2704 } 2705 2706 sdata_info(sdata, "associate with %pM (try %d/%d)\n", 2707 assoc_data->bss->bssid, assoc_data->tries, 2708 IEEE80211_ASSOC_MAX_TRIES); 2709 ieee80211_send_assoc(sdata); 2710 2711 assoc_data->timeout = jiffies + IEEE80211_ASSOC_TIMEOUT; 2712 run_again(&sdata->u.mgd, assoc_data->timeout); 2713 2714 return 0; 2715 } 2716 2717 void ieee80211_sta_work(struct ieee80211_sub_if_data *sdata) 2718 { 2719 struct ieee80211_local *local = sdata->local; 2720 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2721 2722 mutex_lock(&ifmgd->mtx); 2723 2724 if (ifmgd->auth_data && 2725 time_after(jiffies, ifmgd->auth_data->timeout)) { 2726 if (ifmgd->auth_data->done) { 2727 /* 2728 * ok ... we waited for assoc but userspace didn't, 2729 * so let's just kill the auth data 2730 */ 2731 ieee80211_destroy_auth_data(sdata, false); 2732 } else if (ieee80211_probe_auth(sdata)) { 2733 u8 bssid[ETH_ALEN]; 2734 2735 memcpy(bssid, ifmgd->auth_data->bss->bssid, ETH_ALEN); 2736 2737 ieee80211_destroy_auth_data(sdata, false); 2738 2739 mutex_unlock(&ifmgd->mtx); 2740 cfg80211_send_auth_timeout(sdata->dev, bssid); 2741 mutex_lock(&ifmgd->mtx); 2742 } 2743 } else if (ifmgd->auth_data) 2744 run_again(ifmgd, ifmgd->auth_data->timeout); 2745 2746 if (ifmgd->assoc_data && 2747 time_after(jiffies, ifmgd->assoc_data->timeout)) { 2748 if (!ifmgd->assoc_data->have_beacon || 2749 ieee80211_do_assoc(sdata)) { 2750 u8 bssid[ETH_ALEN]; 2751 2752 memcpy(bssid, ifmgd->assoc_data->bss->bssid, ETH_ALEN); 2753 2754 ieee80211_destroy_assoc_data(sdata, false); 2755 2756 mutex_unlock(&ifmgd->mtx); 2757 cfg80211_send_assoc_timeout(sdata->dev, bssid); 2758 mutex_lock(&ifmgd->mtx); 2759 } 2760 } else if (ifmgd->assoc_data) 2761 run_again(ifmgd, ifmgd->assoc_data->timeout); 2762 2763 if (ifmgd->flags & (IEEE80211_STA_BEACON_POLL | 2764 IEEE80211_STA_CONNECTION_POLL) && 2765 ifmgd->associated) { 2766 u8 bssid[ETH_ALEN]; 2767 int max_tries; 2768 2769 memcpy(bssid, ifmgd->associated->bssid, ETH_ALEN); 2770 2771 if (local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS) 2772 max_tries = max_nullfunc_tries; 2773 else 2774 max_tries = max_probe_tries; 2775 2776 /* ACK received for nullfunc probing frame */ 2777 if (!ifmgd->probe_send_count) 2778 ieee80211_reset_ap_probe(sdata); 2779 else if (ifmgd->nullfunc_failed) { 2780 if (ifmgd->probe_send_count < max_tries) { 2781 mlme_dbg(sdata, 2782 "No ack for nullfunc frame to AP %pM, try %d/%i\n", 2783 bssid, ifmgd->probe_send_count, 2784 max_tries); 2785 ieee80211_mgd_probe_ap_send(sdata); 2786 } else { 2787 mlme_dbg(sdata, 2788 "No ack for nullfunc frame to AP %pM, disconnecting.\n", 2789 bssid); 2790 ieee80211_sta_connection_lost(sdata, bssid, 2791 WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY); 2792 } 2793 } else if (time_is_after_jiffies(ifmgd->probe_timeout)) 2794 run_again(ifmgd, ifmgd->probe_timeout); 2795 else if (local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS) { 2796 mlme_dbg(sdata, 2797 "Failed to send nullfunc to AP %pM after %dms, disconnecting\n", 2798 bssid, probe_wait_ms); 2799 ieee80211_sta_connection_lost(sdata, bssid, 2800 WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY); 2801 } else if (ifmgd->probe_send_count < max_tries) { 2802 mlme_dbg(sdata, 2803 "No probe response from AP %pM after %dms, try %d/%i\n", 2804 bssid, probe_wait_ms, 2805 ifmgd->probe_send_count, max_tries); 2806 ieee80211_mgd_probe_ap_send(sdata); 2807 } else { 2808 /* 2809 * We actually lost the connection ... or did we? 2810 * Let's make sure! 2811 */ 2812 wiphy_debug(local->hw.wiphy, 2813 "%s: No probe response from AP %pM" 2814 " after %dms, disconnecting.\n", 2815 sdata->name, 2816 bssid, probe_wait_ms); 2817 2818 ieee80211_sta_connection_lost(sdata, bssid, 2819 WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY); 2820 } 2821 } 2822 2823 mutex_unlock(&ifmgd->mtx); 2824 2825 mutex_lock(&local->mtx); 2826 ieee80211_recalc_idle(local); 2827 mutex_unlock(&local->mtx); 2828 } 2829 2830 static void ieee80211_sta_bcn_mon_timer(unsigned long data) 2831 { 2832 struct ieee80211_sub_if_data *sdata = 2833 (struct ieee80211_sub_if_data *) data; 2834 struct ieee80211_local *local = sdata->local; 2835 2836 if (local->quiescing) 2837 return; 2838 2839 ieee80211_queue_work(&sdata->local->hw, 2840 &sdata->u.mgd.beacon_connection_loss_work); 2841 } 2842 2843 static void ieee80211_sta_conn_mon_timer(unsigned long data) 2844 { 2845 struct ieee80211_sub_if_data *sdata = 2846 (struct ieee80211_sub_if_data *) data; 2847 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2848 struct ieee80211_local *local = sdata->local; 2849 2850 if (local->quiescing) 2851 return; 2852 2853 ieee80211_queue_work(&local->hw, &ifmgd->monitor_work); 2854 } 2855 2856 static void ieee80211_sta_monitor_work(struct work_struct *work) 2857 { 2858 struct ieee80211_sub_if_data *sdata = 2859 container_of(work, struct ieee80211_sub_if_data, 2860 u.mgd.monitor_work); 2861 2862 ieee80211_mgd_probe_ap(sdata, false); 2863 } 2864 2865 static void ieee80211_restart_sta_timer(struct ieee80211_sub_if_data *sdata) 2866 { 2867 u32 flags; 2868 2869 if (sdata->vif.type == NL80211_IFTYPE_STATION) { 2870 __ieee80211_stop_poll(sdata); 2871 2872 /* let's probe the connection once */ 2873 flags = sdata->local->hw.flags; 2874 if (!(flags & IEEE80211_HW_CONNECTION_MONITOR)) 2875 ieee80211_queue_work(&sdata->local->hw, 2876 &sdata->u.mgd.monitor_work); 2877 /* and do all the other regular work too */ 2878 ieee80211_queue_work(&sdata->local->hw, &sdata->work); 2879 } 2880 } 2881 2882 #ifdef CONFIG_PM 2883 void ieee80211_sta_quiesce(struct ieee80211_sub_if_data *sdata) 2884 { 2885 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2886 2887 /* 2888 * we need to use atomic bitops for the running bits 2889 * only because both timers might fire at the same 2890 * time -- the code here is properly synchronised. 2891 */ 2892 2893 cancel_work_sync(&ifmgd->request_smps_work); 2894 2895 cancel_work_sync(&ifmgd->monitor_work); 2896 cancel_work_sync(&ifmgd->beacon_connection_loss_work); 2897 if (del_timer_sync(&ifmgd->timer)) 2898 set_bit(TMR_RUNNING_TIMER, &ifmgd->timers_running); 2899 2900 cancel_work_sync(&ifmgd->chswitch_work); 2901 if (del_timer_sync(&ifmgd->chswitch_timer)) 2902 set_bit(TMR_RUNNING_CHANSW, &ifmgd->timers_running); 2903 2904 /* these will just be re-established on connection */ 2905 del_timer_sync(&ifmgd->conn_mon_timer); 2906 del_timer_sync(&ifmgd->bcn_mon_timer); 2907 } 2908 2909 void ieee80211_sta_restart(struct ieee80211_sub_if_data *sdata) 2910 { 2911 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2912 2913 if (!ifmgd->associated) 2914 return; 2915 2916 if (sdata->flags & IEEE80211_SDATA_DISCONNECT_RESUME) { 2917 sdata->flags &= ~IEEE80211_SDATA_DISCONNECT_RESUME; 2918 mutex_lock(&ifmgd->mtx); 2919 if (ifmgd->associated) { 2920 mlme_dbg(sdata, 2921 "driver requested disconnect after resume\n"); 2922 ieee80211_sta_connection_lost(sdata, 2923 ifmgd->associated->bssid, 2924 WLAN_REASON_UNSPECIFIED); 2925 mutex_unlock(&ifmgd->mtx); 2926 return; 2927 } 2928 mutex_unlock(&ifmgd->mtx); 2929 } 2930 2931 if (test_and_clear_bit(TMR_RUNNING_TIMER, &ifmgd->timers_running)) 2932 add_timer(&ifmgd->timer); 2933 if (test_and_clear_bit(TMR_RUNNING_CHANSW, &ifmgd->timers_running)) 2934 add_timer(&ifmgd->chswitch_timer); 2935 ieee80211_sta_reset_beacon_monitor(sdata); 2936 2937 mutex_lock(&sdata->local->mtx); 2938 ieee80211_restart_sta_timer(sdata); 2939 mutex_unlock(&sdata->local->mtx); 2940 } 2941 #endif 2942 2943 /* interface setup */ 2944 void ieee80211_sta_setup_sdata(struct ieee80211_sub_if_data *sdata) 2945 { 2946 struct ieee80211_if_managed *ifmgd; 2947 2948 ifmgd = &sdata->u.mgd; 2949 INIT_WORK(&ifmgd->monitor_work, ieee80211_sta_monitor_work); 2950 INIT_WORK(&ifmgd->chswitch_work, ieee80211_chswitch_work); 2951 INIT_WORK(&ifmgd->beacon_connection_loss_work, 2952 ieee80211_beacon_connection_loss_work); 2953 INIT_WORK(&ifmgd->request_smps_work, ieee80211_request_smps_work); 2954 setup_timer(&ifmgd->timer, ieee80211_sta_timer, 2955 (unsigned long) sdata); 2956 setup_timer(&ifmgd->bcn_mon_timer, ieee80211_sta_bcn_mon_timer, 2957 (unsigned long) sdata); 2958 setup_timer(&ifmgd->conn_mon_timer, ieee80211_sta_conn_mon_timer, 2959 (unsigned long) sdata); 2960 setup_timer(&ifmgd->chswitch_timer, ieee80211_chswitch_timer, 2961 (unsigned long) sdata); 2962 2963 ifmgd->flags = 0; 2964 ifmgd->powersave = sdata->wdev.ps; 2965 ifmgd->uapsd_queues = IEEE80211_DEFAULT_UAPSD_QUEUES; 2966 ifmgd->uapsd_max_sp_len = IEEE80211_DEFAULT_MAX_SP_LEN; 2967 2968 mutex_init(&ifmgd->mtx); 2969 2970 if (sdata->local->hw.flags & IEEE80211_HW_SUPPORTS_DYNAMIC_SMPS) 2971 ifmgd->req_smps = IEEE80211_SMPS_AUTOMATIC; 2972 else 2973 ifmgd->req_smps = IEEE80211_SMPS_OFF; 2974 } 2975 2976 /* scan finished notification */ 2977 void ieee80211_mlme_notify_scan_completed(struct ieee80211_local *local) 2978 { 2979 struct ieee80211_sub_if_data *sdata; 2980 2981 /* Restart STA timers */ 2982 rcu_read_lock(); 2983 list_for_each_entry_rcu(sdata, &local->interfaces, list) 2984 ieee80211_restart_sta_timer(sdata); 2985 rcu_read_unlock(); 2986 } 2987 2988 int ieee80211_max_network_latency(struct notifier_block *nb, 2989 unsigned long data, void *dummy) 2990 { 2991 s32 latency_usec = (s32) data; 2992 struct ieee80211_local *local = 2993 container_of(nb, struct ieee80211_local, 2994 network_latency_notifier); 2995 2996 mutex_lock(&local->iflist_mtx); 2997 ieee80211_recalc_ps(local, latency_usec); 2998 mutex_unlock(&local->iflist_mtx); 2999 3000 return 0; 3001 } 3002 3003 static int ieee80211_prep_connection(struct ieee80211_sub_if_data *sdata, 3004 struct cfg80211_bss *cbss, bool assoc) 3005 { 3006 struct ieee80211_local *local = sdata->local; 3007 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 3008 struct ieee80211_bss *bss = (void *)cbss->priv; 3009 struct sta_info *sta = NULL; 3010 bool have_sta = false; 3011 int err; 3012 int ht_cfreq; 3013 enum nl80211_channel_type channel_type = NL80211_CHAN_NO_HT; 3014 const u8 *ht_oper_ie; 3015 const struct ieee80211_ht_operation *ht_oper = NULL; 3016 struct ieee80211_supported_band *sband; 3017 3018 if (WARN_ON(!ifmgd->auth_data && !ifmgd->assoc_data)) 3019 return -EINVAL; 3020 3021 if (assoc) { 3022 rcu_read_lock(); 3023 have_sta = sta_info_get(sdata, cbss->bssid); 3024 rcu_read_unlock(); 3025 } 3026 3027 if (!have_sta) { 3028 sta = sta_info_alloc(sdata, cbss->bssid, GFP_KERNEL); 3029 if (!sta) 3030 return -ENOMEM; 3031 } 3032 3033 mutex_lock(&local->mtx); 3034 ieee80211_recalc_idle(sdata->local); 3035 mutex_unlock(&local->mtx); 3036 3037 /* switch to the right channel */ 3038 sband = local->hw.wiphy->bands[cbss->channel->band]; 3039 3040 ifmgd->flags &= ~IEEE80211_STA_DISABLE_40MHZ; 3041 3042 if (sband->ht_cap.ht_supported) { 3043 ht_oper_ie = cfg80211_find_ie(WLAN_EID_HT_OPERATION, 3044 cbss->information_elements, 3045 cbss->len_information_elements); 3046 if (ht_oper_ie && ht_oper_ie[1] >= sizeof(*ht_oper)) 3047 ht_oper = (void *)(ht_oper_ie + 2); 3048 } 3049 3050 if (ht_oper) { 3051 ht_cfreq = ieee80211_channel_to_frequency(ht_oper->primary_chan, 3052 cbss->channel->band); 3053 /* check that channel matches the right operating channel */ 3054 if (cbss->channel->center_freq != ht_cfreq) { 3055 /* 3056 * It's possible that some APs are confused here; 3057 * Netgear WNDR3700 sometimes reports 4 higher than 3058 * the actual channel in association responses, but 3059 * since we look at probe response/beacon data here 3060 * it should be OK. 3061 */ 3062 sdata_info(sdata, 3063 "Wrong control channel: center-freq: %d ht-cfreq: %d ht->primary_chan: %d band: %d - Disabling HT\n", 3064 cbss->channel->center_freq, 3065 ht_cfreq, ht_oper->primary_chan, 3066 cbss->channel->band); 3067 ht_oper = NULL; 3068 } 3069 } 3070 3071 if (ht_oper) { 3072 channel_type = NL80211_CHAN_HT20; 3073 3074 if (sband->ht_cap.cap & IEEE80211_HT_CAP_SUP_WIDTH_20_40) { 3075 switch (ht_oper->ht_param & 3076 IEEE80211_HT_PARAM_CHA_SEC_OFFSET) { 3077 case IEEE80211_HT_PARAM_CHA_SEC_ABOVE: 3078 channel_type = NL80211_CHAN_HT40PLUS; 3079 break; 3080 case IEEE80211_HT_PARAM_CHA_SEC_BELOW: 3081 channel_type = NL80211_CHAN_HT40MINUS; 3082 break; 3083 } 3084 } 3085 } 3086 3087 if (!ieee80211_set_channel_type(local, sdata, channel_type)) { 3088 /* can only fail due to HT40+/- mismatch */ 3089 channel_type = NL80211_CHAN_HT20; 3090 sdata_info(sdata, 3091 "disabling 40 MHz due to multi-vif mismatch\n"); 3092 ifmgd->flags |= IEEE80211_STA_DISABLE_40MHZ; 3093 WARN_ON(!ieee80211_set_channel_type(local, sdata, 3094 channel_type)); 3095 } 3096 3097 local->oper_channel = cbss->channel; 3098 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_CHANNEL); 3099 3100 if (sta) { 3101 u32 rates = 0, basic_rates = 0; 3102 bool have_higher_than_11mbit; 3103 int min_rate = INT_MAX, min_rate_index = -1; 3104 3105 ieee80211_get_rates(sband, bss->supp_rates, 3106 bss->supp_rates_len, 3107 &rates, &basic_rates, 3108 &have_higher_than_11mbit, 3109 &min_rate, &min_rate_index); 3110 3111 /* 3112 * This used to be a workaround for basic rates missing 3113 * in the association response frame. Now that we no 3114 * longer use the basic rates from there, it probably 3115 * doesn't happen any more, but keep the workaround so 3116 * in case some *other* APs are buggy in different ways 3117 * we can connect -- with a warning. 3118 */ 3119 if (!basic_rates && min_rate_index >= 0) { 3120 sdata_info(sdata, 3121 "No basic rates, using min rate instead\n"); 3122 basic_rates = BIT(min_rate_index); 3123 } 3124 3125 sta->sta.supp_rates[cbss->channel->band] = rates; 3126 sdata->vif.bss_conf.basic_rates = basic_rates; 3127 3128 /* cf. IEEE 802.11 9.2.12 */ 3129 if (local->oper_channel->band == IEEE80211_BAND_2GHZ && 3130 have_higher_than_11mbit) 3131 sdata->flags |= IEEE80211_SDATA_OPERATING_GMODE; 3132 else 3133 sdata->flags &= ~IEEE80211_SDATA_OPERATING_GMODE; 3134 3135 memcpy(ifmgd->bssid, cbss->bssid, ETH_ALEN); 3136 3137 /* set timing information */ 3138 sdata->vif.bss_conf.beacon_int = cbss->beacon_interval; 3139 sdata->vif.bss_conf.sync_tsf = cbss->tsf; 3140 sdata->vif.bss_conf.sync_device_ts = bss->device_ts; 3141 3142 /* tell driver about BSSID, basic rates and timing */ 3143 ieee80211_bss_info_change_notify(sdata, 3144 BSS_CHANGED_BSSID | BSS_CHANGED_BASIC_RATES | 3145 BSS_CHANGED_BEACON_INT); 3146 3147 if (assoc) 3148 sta_info_pre_move_state(sta, IEEE80211_STA_AUTH); 3149 3150 err = sta_info_insert(sta); 3151 sta = NULL; 3152 if (err) { 3153 sdata_info(sdata, 3154 "failed to insert STA entry for the AP (error %d)\n", 3155 err); 3156 return err; 3157 } 3158 } else 3159 WARN_ON_ONCE(!ether_addr_equal(ifmgd->bssid, cbss->bssid)); 3160 3161 return 0; 3162 } 3163 3164 /* config hooks */ 3165 int ieee80211_mgd_auth(struct ieee80211_sub_if_data *sdata, 3166 struct cfg80211_auth_request *req) 3167 { 3168 struct ieee80211_local *local = sdata->local; 3169 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 3170 struct ieee80211_mgd_auth_data *auth_data; 3171 u16 auth_alg; 3172 int err; 3173 3174 /* prepare auth data structure */ 3175 3176 switch (req->auth_type) { 3177 case NL80211_AUTHTYPE_OPEN_SYSTEM: 3178 auth_alg = WLAN_AUTH_OPEN; 3179 break; 3180 case NL80211_AUTHTYPE_SHARED_KEY: 3181 if (IS_ERR(local->wep_tx_tfm)) 3182 return -EOPNOTSUPP; 3183 auth_alg = WLAN_AUTH_SHARED_KEY; 3184 break; 3185 case NL80211_AUTHTYPE_FT: 3186 auth_alg = WLAN_AUTH_FT; 3187 break; 3188 case NL80211_AUTHTYPE_NETWORK_EAP: 3189 auth_alg = WLAN_AUTH_LEAP; 3190 break; 3191 default: 3192 return -EOPNOTSUPP; 3193 } 3194 3195 auth_data = kzalloc(sizeof(*auth_data) + req->ie_len, GFP_KERNEL); 3196 if (!auth_data) 3197 return -ENOMEM; 3198 3199 auth_data->bss = req->bss; 3200 3201 if (req->ie && req->ie_len) { 3202 memcpy(auth_data->ie, req->ie, req->ie_len); 3203 auth_data->ie_len = req->ie_len; 3204 } 3205 3206 if (req->key && req->key_len) { 3207 auth_data->key_len = req->key_len; 3208 auth_data->key_idx = req->key_idx; 3209 memcpy(auth_data->key, req->key, req->key_len); 3210 } 3211 3212 auth_data->algorithm = auth_alg; 3213 3214 /* try to authenticate/probe */ 3215 3216 mutex_lock(&ifmgd->mtx); 3217 3218 if ((ifmgd->auth_data && !ifmgd->auth_data->done) || 3219 ifmgd->assoc_data) { 3220 err = -EBUSY; 3221 goto err_free; 3222 } 3223 3224 if (ifmgd->auth_data) 3225 ieee80211_destroy_auth_data(sdata, false); 3226 3227 /* prep auth_data so we don't go into idle on disassoc */ 3228 ifmgd->auth_data = auth_data; 3229 3230 if (ifmgd->associated) 3231 ieee80211_set_disassoc(sdata, 0, 0, false, NULL); 3232 3233 sdata_info(sdata, "authenticate with %pM\n", req->bss->bssid); 3234 3235 err = ieee80211_prep_connection(sdata, req->bss, false); 3236 if (err) 3237 goto err_clear; 3238 3239 err = ieee80211_probe_auth(sdata); 3240 if (err) { 3241 sta_info_destroy_addr(sdata, req->bss->bssid); 3242 goto err_clear; 3243 } 3244 3245 /* hold our own reference */ 3246 cfg80211_ref_bss(auth_data->bss); 3247 err = 0; 3248 goto out_unlock; 3249 3250 err_clear: 3251 ifmgd->auth_data = NULL; 3252 err_free: 3253 kfree(auth_data); 3254 out_unlock: 3255 mutex_unlock(&ifmgd->mtx); 3256 3257 return err; 3258 } 3259 3260 int ieee80211_mgd_assoc(struct ieee80211_sub_if_data *sdata, 3261 struct cfg80211_assoc_request *req) 3262 { 3263 struct ieee80211_local *local = sdata->local; 3264 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 3265 struct ieee80211_bss *bss = (void *)req->bss->priv; 3266 struct ieee80211_mgd_assoc_data *assoc_data; 3267 struct ieee80211_supported_band *sband; 3268 const u8 *ssidie, *ht_ie; 3269 int i, err; 3270 3271 ssidie = ieee80211_bss_get_ie(req->bss, WLAN_EID_SSID); 3272 if (!ssidie) 3273 return -EINVAL; 3274 3275 assoc_data = kzalloc(sizeof(*assoc_data) + req->ie_len, GFP_KERNEL); 3276 if (!assoc_data) 3277 return -ENOMEM; 3278 3279 mutex_lock(&ifmgd->mtx); 3280 3281 if (ifmgd->associated) 3282 ieee80211_set_disassoc(sdata, 0, 0, false, NULL); 3283 3284 if (ifmgd->auth_data && !ifmgd->auth_data->done) { 3285 err = -EBUSY; 3286 goto err_free; 3287 } 3288 3289 if (ifmgd->assoc_data) { 3290 err = -EBUSY; 3291 goto err_free; 3292 } 3293 3294 if (ifmgd->auth_data) { 3295 bool match; 3296 3297 /* keep sta info, bssid if matching */ 3298 match = ether_addr_equal(ifmgd->bssid, req->bss->bssid); 3299 ieee80211_destroy_auth_data(sdata, match); 3300 } 3301 3302 /* prepare assoc data */ 3303 3304 ifmgd->flags &= ~IEEE80211_STA_DISABLE_11N; 3305 ifmgd->flags &= ~IEEE80211_STA_NULLFUNC_ACKED; 3306 3307 ifmgd->beacon_crc_valid = false; 3308 3309 /* 3310 * IEEE802.11n does not allow TKIP/WEP as pairwise ciphers in HT mode. 3311 * We still associate in non-HT mode (11a/b/g) if any one of these 3312 * ciphers is configured as pairwise. 3313 * We can set this to true for non-11n hardware, that'll be checked 3314 * separately along with the peer capabilities. 3315 */ 3316 for (i = 0; i < req->crypto.n_ciphers_pairwise; i++) { 3317 if (req->crypto.ciphers_pairwise[i] == WLAN_CIPHER_SUITE_WEP40 || 3318 req->crypto.ciphers_pairwise[i] == WLAN_CIPHER_SUITE_TKIP || 3319 req->crypto.ciphers_pairwise[i] == WLAN_CIPHER_SUITE_WEP104) { 3320 ifmgd->flags |= IEEE80211_STA_DISABLE_11N; 3321 netdev_info(sdata->dev, 3322 "disabling HT due to WEP/TKIP use\n"); 3323 } 3324 } 3325 3326 if (req->flags & ASSOC_REQ_DISABLE_HT) 3327 ifmgd->flags |= IEEE80211_STA_DISABLE_11N; 3328 3329 /* Also disable HT if we don't support it or the AP doesn't use WMM */ 3330 sband = local->hw.wiphy->bands[req->bss->channel->band]; 3331 if (!sband->ht_cap.ht_supported || 3332 local->hw.queues < IEEE80211_NUM_ACS || !bss->wmm_used) { 3333 ifmgd->flags |= IEEE80211_STA_DISABLE_11N; 3334 netdev_info(sdata->dev, 3335 "disabling HT as WMM/QoS is not supported\n"); 3336 } 3337 3338 memcpy(&ifmgd->ht_capa, &req->ht_capa, sizeof(ifmgd->ht_capa)); 3339 memcpy(&ifmgd->ht_capa_mask, &req->ht_capa_mask, 3340 sizeof(ifmgd->ht_capa_mask)); 3341 3342 if (req->ie && req->ie_len) { 3343 memcpy(assoc_data->ie, req->ie, req->ie_len); 3344 assoc_data->ie_len = req->ie_len; 3345 } 3346 3347 assoc_data->bss = req->bss; 3348 3349 if (ifmgd->req_smps == IEEE80211_SMPS_AUTOMATIC) { 3350 if (ifmgd->powersave) 3351 ifmgd->ap_smps = IEEE80211_SMPS_DYNAMIC; 3352 else 3353 ifmgd->ap_smps = IEEE80211_SMPS_OFF; 3354 } else 3355 ifmgd->ap_smps = ifmgd->req_smps; 3356 3357 assoc_data->capability = req->bss->capability; 3358 assoc_data->wmm = bss->wmm_used && 3359 (local->hw.queues >= IEEE80211_NUM_ACS); 3360 assoc_data->supp_rates = bss->supp_rates; 3361 assoc_data->supp_rates_len = bss->supp_rates_len; 3362 3363 ht_ie = ieee80211_bss_get_ie(req->bss, WLAN_EID_HT_OPERATION); 3364 if (ht_ie && ht_ie[1] >= sizeof(struct ieee80211_ht_operation)) 3365 assoc_data->ap_ht_param = 3366 ((struct ieee80211_ht_operation *)(ht_ie + 2))->ht_param; 3367 else 3368 ifmgd->flags |= IEEE80211_STA_DISABLE_11N; 3369 3370 if (bss->wmm_used && bss->uapsd_supported && 3371 (sdata->local->hw.flags & IEEE80211_HW_SUPPORTS_UAPSD)) { 3372 assoc_data->uapsd = true; 3373 ifmgd->flags |= IEEE80211_STA_UAPSD_ENABLED; 3374 } else { 3375 assoc_data->uapsd = false; 3376 ifmgd->flags &= ~IEEE80211_STA_UAPSD_ENABLED; 3377 } 3378 3379 memcpy(assoc_data->ssid, ssidie + 2, ssidie[1]); 3380 assoc_data->ssid_len = ssidie[1]; 3381 3382 if (req->prev_bssid) 3383 memcpy(assoc_data->prev_bssid, req->prev_bssid, ETH_ALEN); 3384 3385 if (req->use_mfp) { 3386 ifmgd->mfp = IEEE80211_MFP_REQUIRED; 3387 ifmgd->flags |= IEEE80211_STA_MFP_ENABLED; 3388 } else { 3389 ifmgd->mfp = IEEE80211_MFP_DISABLED; 3390 ifmgd->flags &= ~IEEE80211_STA_MFP_ENABLED; 3391 } 3392 3393 if (req->crypto.control_port) 3394 ifmgd->flags |= IEEE80211_STA_CONTROL_PORT; 3395 else 3396 ifmgd->flags &= ~IEEE80211_STA_CONTROL_PORT; 3397 3398 sdata->control_port_protocol = req->crypto.control_port_ethertype; 3399 sdata->control_port_no_encrypt = req->crypto.control_port_no_encrypt; 3400 3401 /* kick off associate process */ 3402 3403 ifmgd->assoc_data = assoc_data; 3404 3405 err = ieee80211_prep_connection(sdata, req->bss, true); 3406 if (err) 3407 goto err_clear; 3408 3409 if (!bss->dtim_period && 3410 sdata->local->hw.flags & IEEE80211_HW_NEED_DTIM_PERIOD) { 3411 /* 3412 * Wait up to one beacon interval ... 3413 * should this be more if we miss one? 3414 */ 3415 sdata_info(sdata, "waiting for beacon from %pM\n", 3416 ifmgd->bssid); 3417 assoc_data->timeout = TU_TO_EXP_TIME(req->bss->beacon_interval); 3418 } else { 3419 assoc_data->have_beacon = true; 3420 assoc_data->sent_assoc = false; 3421 assoc_data->timeout = jiffies; 3422 } 3423 run_again(ifmgd, assoc_data->timeout); 3424 3425 if (bss->corrupt_data) { 3426 char *corrupt_type = "data"; 3427 if (bss->corrupt_data & IEEE80211_BSS_CORRUPT_BEACON) { 3428 if (bss->corrupt_data & 3429 IEEE80211_BSS_CORRUPT_PROBE_RESP) 3430 corrupt_type = "beacon and probe response"; 3431 else 3432 corrupt_type = "beacon"; 3433 } else if (bss->corrupt_data & IEEE80211_BSS_CORRUPT_PROBE_RESP) 3434 corrupt_type = "probe response"; 3435 sdata_info(sdata, "associating with AP with corrupt %s\n", 3436 corrupt_type); 3437 } 3438 3439 err = 0; 3440 goto out; 3441 err_clear: 3442 ifmgd->assoc_data = NULL; 3443 err_free: 3444 kfree(assoc_data); 3445 out: 3446 mutex_unlock(&ifmgd->mtx); 3447 3448 return err; 3449 } 3450 3451 int ieee80211_mgd_deauth(struct ieee80211_sub_if_data *sdata, 3452 struct cfg80211_deauth_request *req) 3453 { 3454 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 3455 u8 frame_buf[DEAUTH_DISASSOC_LEN]; 3456 3457 mutex_lock(&ifmgd->mtx); 3458 3459 if (ifmgd->auth_data) { 3460 ieee80211_destroy_auth_data(sdata, false); 3461 mutex_unlock(&ifmgd->mtx); 3462 return 0; 3463 } 3464 3465 sdata_info(sdata, 3466 "deauthenticating from %pM by local choice (reason=%d)\n", 3467 req->bssid, req->reason_code); 3468 3469 if (ifmgd->associated && 3470 ether_addr_equal(ifmgd->associated->bssid, req->bssid)) 3471 ieee80211_set_disassoc(sdata, IEEE80211_STYPE_DEAUTH, 3472 req->reason_code, true, frame_buf); 3473 else 3474 ieee80211_send_deauth_disassoc(sdata, req->bssid, 3475 IEEE80211_STYPE_DEAUTH, 3476 req->reason_code, true, 3477 frame_buf); 3478 mutex_unlock(&ifmgd->mtx); 3479 3480 __cfg80211_send_deauth(sdata->dev, frame_buf, DEAUTH_DISASSOC_LEN); 3481 3482 mutex_lock(&sdata->local->mtx); 3483 ieee80211_recalc_idle(sdata->local); 3484 mutex_unlock(&sdata->local->mtx); 3485 3486 return 0; 3487 } 3488 3489 int ieee80211_mgd_disassoc(struct ieee80211_sub_if_data *sdata, 3490 struct cfg80211_disassoc_request *req) 3491 { 3492 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 3493 u8 bssid[ETH_ALEN]; 3494 u8 frame_buf[DEAUTH_DISASSOC_LEN]; 3495 3496 mutex_lock(&ifmgd->mtx); 3497 3498 /* 3499 * cfg80211 should catch this ... but it's racy since 3500 * we can receive a disassoc frame, process it, hand it 3501 * to cfg80211 while that's in a locked section already 3502 * trying to tell us that the user wants to disconnect. 3503 */ 3504 if (ifmgd->associated != req->bss) { 3505 mutex_unlock(&ifmgd->mtx); 3506 return -ENOLINK; 3507 } 3508 3509 sdata_info(sdata, 3510 "disassociating from %pM by local choice (reason=%d)\n", 3511 req->bss->bssid, req->reason_code); 3512 3513 memcpy(bssid, req->bss->bssid, ETH_ALEN); 3514 ieee80211_set_disassoc(sdata, IEEE80211_STYPE_DISASSOC, 3515 req->reason_code, !req->local_state_change, 3516 frame_buf); 3517 mutex_unlock(&ifmgd->mtx); 3518 3519 __cfg80211_send_disassoc(sdata->dev, frame_buf, DEAUTH_DISASSOC_LEN); 3520 3521 mutex_lock(&sdata->local->mtx); 3522 ieee80211_recalc_idle(sdata->local); 3523 mutex_unlock(&sdata->local->mtx); 3524 3525 return 0; 3526 } 3527 3528 void ieee80211_mgd_stop(struct ieee80211_sub_if_data *sdata) 3529 { 3530 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 3531 3532 mutex_lock(&ifmgd->mtx); 3533 if (ifmgd->assoc_data) 3534 ieee80211_destroy_assoc_data(sdata, false); 3535 if (ifmgd->auth_data) 3536 ieee80211_destroy_auth_data(sdata, false); 3537 del_timer_sync(&ifmgd->timer); 3538 mutex_unlock(&ifmgd->mtx); 3539 } 3540 3541 void ieee80211_cqm_rssi_notify(struct ieee80211_vif *vif, 3542 enum nl80211_cqm_rssi_threshold_event rssi_event, 3543 gfp_t gfp) 3544 { 3545 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); 3546 3547 trace_api_cqm_rssi_notify(sdata, rssi_event); 3548 3549 cfg80211_cqm_rssi_notify(sdata->dev, rssi_event, gfp); 3550 } 3551 EXPORT_SYMBOL(ieee80211_cqm_rssi_notify); 3552