1 /* 2 * BSS client mode implementation 3 * Copyright 2003-2008, Jouni Malinen <j@w1.fi> 4 * Copyright 2004, Instant802 Networks, Inc. 5 * Copyright 2005, Devicescape Software, Inc. 6 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz> 7 * Copyright 2007, Michael Wu <flamingice@sourmilk.net> 8 * 9 * This program is free software; you can redistribute it and/or modify 10 * it under the terms of the GNU General Public License version 2 as 11 * published by the Free Software Foundation. 12 */ 13 14 #include <linux/delay.h> 15 #include <linux/if_ether.h> 16 #include <linux/skbuff.h> 17 #include <linux/if_arp.h> 18 #include <linux/etherdevice.h> 19 #include <linux/rtnetlink.h> 20 #include <net/mac80211.h> 21 #include <asm/unaligned.h> 22 23 #include "ieee80211_i.h" 24 #include "rate.h" 25 #include "led.h" 26 27 #define IEEE80211_ASSOC_SCANS_MAX_TRIES 2 28 #define IEEE80211_AUTH_TIMEOUT (HZ / 5) 29 #define IEEE80211_AUTH_MAX_TRIES 3 30 #define IEEE80211_ASSOC_TIMEOUT (HZ / 5) 31 #define IEEE80211_ASSOC_MAX_TRIES 3 32 #define IEEE80211_MONITORING_INTERVAL (2 * HZ) 33 #define IEEE80211_PROBE_IDLE_TIME (60 * HZ) 34 #define IEEE80211_RETRY_AUTH_INTERVAL (1 * HZ) 35 36 /* utils */ 37 static int ecw2cw(int ecw) 38 { 39 return (1 << ecw) - 1; 40 } 41 42 static u8 *ieee80211_bss_get_ie(struct ieee80211_bss *bss, u8 ie) 43 { 44 u8 *end, *pos; 45 46 pos = bss->cbss.information_elements; 47 if (pos == NULL) 48 return NULL; 49 end = pos + bss->cbss.len_information_elements; 50 51 while (pos + 1 < end) { 52 if (pos + 2 + pos[1] > end) 53 break; 54 if (pos[0] == ie) 55 return pos; 56 pos += 2 + pos[1]; 57 } 58 59 return NULL; 60 } 61 62 static int ieee80211_compatible_rates(struct ieee80211_bss *bss, 63 struct ieee80211_supported_band *sband, 64 u32 *rates) 65 { 66 int i, j, count; 67 *rates = 0; 68 count = 0; 69 for (i = 0; i < bss->supp_rates_len; i++) { 70 int rate = (bss->supp_rates[i] & 0x7F) * 5; 71 72 for (j = 0; j < sband->n_bitrates; j++) 73 if (sband->bitrates[j].bitrate == rate) { 74 *rates |= BIT(j); 75 count++; 76 break; 77 } 78 } 79 80 return count; 81 } 82 83 /* frame sending functions */ 84 85 static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata) 86 { 87 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 88 struct ieee80211_local *local = sdata->local; 89 struct sk_buff *skb; 90 struct ieee80211_mgmt *mgmt; 91 u8 *pos, *ies, *ht_ie; 92 int i, len, count, rates_len, supp_rates_len; 93 u16 capab; 94 struct ieee80211_bss *bss; 95 int wmm = 0; 96 struct ieee80211_supported_band *sband; 97 u32 rates = 0; 98 99 skb = dev_alloc_skb(local->hw.extra_tx_headroom + 100 sizeof(*mgmt) + 200 + ifmgd->extra_ie_len + 101 ifmgd->ssid_len); 102 if (!skb) { 103 printk(KERN_DEBUG "%s: failed to allocate buffer for assoc " 104 "frame\n", sdata->dev->name); 105 return; 106 } 107 skb_reserve(skb, local->hw.extra_tx_headroom); 108 109 sband = local->hw.wiphy->bands[local->hw.conf.channel->band]; 110 111 capab = ifmgd->capab; 112 113 if (local->hw.conf.channel->band == IEEE80211_BAND_2GHZ) { 114 if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_SLOT_INCAPABLE)) 115 capab |= WLAN_CAPABILITY_SHORT_SLOT_TIME; 116 if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_PREAMBLE_INCAPABLE)) 117 capab |= WLAN_CAPABILITY_SHORT_PREAMBLE; 118 } 119 120 bss = ieee80211_rx_bss_get(local, ifmgd->bssid, 121 local->hw.conf.channel->center_freq, 122 ifmgd->ssid, ifmgd->ssid_len); 123 if (bss) { 124 if (bss->cbss.capability & WLAN_CAPABILITY_PRIVACY) 125 capab |= WLAN_CAPABILITY_PRIVACY; 126 if (bss->wmm_used) 127 wmm = 1; 128 129 /* get all rates supported by the device and the AP as 130 * some APs don't like getting a superset of their rates 131 * in the association request (e.g. D-Link DAP 1353 in 132 * b-only mode) */ 133 rates_len = ieee80211_compatible_rates(bss, sband, &rates); 134 135 if ((bss->cbss.capability & WLAN_CAPABILITY_SPECTRUM_MGMT) && 136 (local->hw.flags & IEEE80211_HW_SPECTRUM_MGMT)) 137 capab |= WLAN_CAPABILITY_SPECTRUM_MGMT; 138 139 ieee80211_rx_bss_put(local, bss); 140 } else { 141 rates = ~0; 142 rates_len = sband->n_bitrates; 143 } 144 145 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24); 146 memset(mgmt, 0, 24); 147 memcpy(mgmt->da, ifmgd->bssid, ETH_ALEN); 148 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN); 149 memcpy(mgmt->bssid, ifmgd->bssid, ETH_ALEN); 150 151 if (ifmgd->flags & IEEE80211_STA_PREV_BSSID_SET) { 152 skb_put(skb, 10); 153 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | 154 IEEE80211_STYPE_REASSOC_REQ); 155 mgmt->u.reassoc_req.capab_info = cpu_to_le16(capab); 156 mgmt->u.reassoc_req.listen_interval = 157 cpu_to_le16(local->hw.conf.listen_interval); 158 memcpy(mgmt->u.reassoc_req.current_ap, ifmgd->prev_bssid, 159 ETH_ALEN); 160 } else { 161 skb_put(skb, 4); 162 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | 163 IEEE80211_STYPE_ASSOC_REQ); 164 mgmt->u.assoc_req.capab_info = cpu_to_le16(capab); 165 mgmt->u.assoc_req.listen_interval = 166 cpu_to_le16(local->hw.conf.listen_interval); 167 } 168 169 /* SSID */ 170 ies = pos = skb_put(skb, 2 + ifmgd->ssid_len); 171 *pos++ = WLAN_EID_SSID; 172 *pos++ = ifmgd->ssid_len; 173 memcpy(pos, ifmgd->ssid, ifmgd->ssid_len); 174 175 /* add all rates which were marked to be used above */ 176 supp_rates_len = rates_len; 177 if (supp_rates_len > 8) 178 supp_rates_len = 8; 179 180 len = sband->n_bitrates; 181 pos = skb_put(skb, supp_rates_len + 2); 182 *pos++ = WLAN_EID_SUPP_RATES; 183 *pos++ = supp_rates_len; 184 185 count = 0; 186 for (i = 0; i < sband->n_bitrates; i++) { 187 if (BIT(i) & rates) { 188 int rate = sband->bitrates[i].bitrate; 189 *pos++ = (u8) (rate / 5); 190 if (++count == 8) 191 break; 192 } 193 } 194 195 if (rates_len > count) { 196 pos = skb_put(skb, rates_len - count + 2); 197 *pos++ = WLAN_EID_EXT_SUPP_RATES; 198 *pos++ = rates_len - count; 199 200 for (i++; i < sband->n_bitrates; i++) { 201 if (BIT(i) & rates) { 202 int rate = sband->bitrates[i].bitrate; 203 *pos++ = (u8) (rate / 5); 204 } 205 } 206 } 207 208 if (capab & WLAN_CAPABILITY_SPECTRUM_MGMT) { 209 /* 1. power capabilities */ 210 pos = skb_put(skb, 4); 211 *pos++ = WLAN_EID_PWR_CAPABILITY; 212 *pos++ = 2; 213 *pos++ = 0; /* min tx power */ 214 *pos++ = local->hw.conf.channel->max_power; /* max tx power */ 215 216 /* 2. supported channels */ 217 /* TODO: get this in reg domain format */ 218 pos = skb_put(skb, 2 * sband->n_channels + 2); 219 *pos++ = WLAN_EID_SUPPORTED_CHANNELS; 220 *pos++ = 2 * sband->n_channels; 221 for (i = 0; i < sband->n_channels; i++) { 222 *pos++ = ieee80211_frequency_to_channel( 223 sband->channels[i].center_freq); 224 *pos++ = 1; /* one channel in the subband*/ 225 } 226 } 227 228 if (ifmgd->extra_ie) { 229 pos = skb_put(skb, ifmgd->extra_ie_len); 230 memcpy(pos, ifmgd->extra_ie, ifmgd->extra_ie_len); 231 } 232 233 if (wmm && (ifmgd->flags & IEEE80211_STA_WMM_ENABLED)) { 234 pos = skb_put(skb, 9); 235 *pos++ = WLAN_EID_VENDOR_SPECIFIC; 236 *pos++ = 7; /* len */ 237 *pos++ = 0x00; /* Microsoft OUI 00:50:F2 */ 238 *pos++ = 0x50; 239 *pos++ = 0xf2; 240 *pos++ = 2; /* WME */ 241 *pos++ = 0; /* WME info */ 242 *pos++ = 1; /* WME ver */ 243 *pos++ = 0; 244 } 245 246 /* wmm support is a must to HT */ 247 /* 248 * IEEE802.11n does not allow TKIP/WEP as pairwise 249 * ciphers in HT mode. We still associate in non-ht 250 * mode (11a/b/g) if any one of these ciphers is 251 * configured as pairwise. 252 */ 253 if (wmm && (ifmgd->flags & IEEE80211_STA_WMM_ENABLED) && 254 sband->ht_cap.ht_supported && 255 (ht_ie = ieee80211_bss_get_ie(bss, WLAN_EID_HT_INFORMATION)) && 256 ht_ie[1] >= sizeof(struct ieee80211_ht_info) && 257 (!(ifmgd->flags & IEEE80211_STA_TKIP_WEP_USED))) { 258 struct ieee80211_ht_info *ht_info = 259 (struct ieee80211_ht_info *)(ht_ie + 2); 260 u16 cap = sband->ht_cap.cap; 261 __le16 tmp; 262 u32 flags = local->hw.conf.channel->flags; 263 264 switch (ht_info->ht_param & IEEE80211_HT_PARAM_CHA_SEC_OFFSET) { 265 case IEEE80211_HT_PARAM_CHA_SEC_ABOVE: 266 if (flags & IEEE80211_CHAN_NO_FAT_ABOVE) { 267 cap &= ~IEEE80211_HT_CAP_SUP_WIDTH_20_40; 268 cap &= ~IEEE80211_HT_CAP_SGI_40; 269 } 270 break; 271 case IEEE80211_HT_PARAM_CHA_SEC_BELOW: 272 if (flags & IEEE80211_CHAN_NO_FAT_BELOW) { 273 cap &= ~IEEE80211_HT_CAP_SUP_WIDTH_20_40; 274 cap &= ~IEEE80211_HT_CAP_SGI_40; 275 } 276 break; 277 } 278 279 tmp = cpu_to_le16(cap); 280 pos = skb_put(skb, sizeof(struct ieee80211_ht_cap)+2); 281 *pos++ = WLAN_EID_HT_CAPABILITY; 282 *pos++ = sizeof(struct ieee80211_ht_cap); 283 memset(pos, 0, sizeof(struct ieee80211_ht_cap)); 284 memcpy(pos, &tmp, sizeof(u16)); 285 pos += sizeof(u16); 286 /* TODO: needs a define here for << 2 */ 287 *pos++ = sband->ht_cap.ampdu_factor | 288 (sband->ht_cap.ampdu_density << 2); 289 memcpy(pos, &sband->ht_cap.mcs, sizeof(sband->ht_cap.mcs)); 290 } 291 292 kfree(ifmgd->assocreq_ies); 293 ifmgd->assocreq_ies_len = (skb->data + skb->len) - ies; 294 ifmgd->assocreq_ies = kmalloc(ifmgd->assocreq_ies_len, GFP_KERNEL); 295 if (ifmgd->assocreq_ies) 296 memcpy(ifmgd->assocreq_ies, ies, ifmgd->assocreq_ies_len); 297 298 ieee80211_tx_skb(sdata, skb, 0); 299 } 300 301 302 static void ieee80211_send_deauth_disassoc(struct ieee80211_sub_if_data *sdata, 303 u16 stype, u16 reason) 304 { 305 struct ieee80211_local *local = sdata->local; 306 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 307 struct sk_buff *skb; 308 struct ieee80211_mgmt *mgmt; 309 310 skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*mgmt)); 311 if (!skb) { 312 printk(KERN_DEBUG "%s: failed to allocate buffer for " 313 "deauth/disassoc frame\n", sdata->dev->name); 314 return; 315 } 316 skb_reserve(skb, local->hw.extra_tx_headroom); 317 318 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24); 319 memset(mgmt, 0, 24); 320 memcpy(mgmt->da, ifmgd->bssid, ETH_ALEN); 321 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN); 322 memcpy(mgmt->bssid, ifmgd->bssid, ETH_ALEN); 323 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | stype); 324 skb_put(skb, 2); 325 /* u.deauth.reason_code == u.disassoc.reason_code */ 326 mgmt->u.deauth.reason_code = cpu_to_le16(reason); 327 328 ieee80211_tx_skb(sdata, skb, ifmgd->flags & IEEE80211_STA_MFP_ENABLED); 329 } 330 331 void ieee80211_send_pspoll(struct ieee80211_local *local, 332 struct ieee80211_sub_if_data *sdata) 333 { 334 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 335 struct ieee80211_pspoll *pspoll; 336 struct sk_buff *skb; 337 u16 fc; 338 339 skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*pspoll)); 340 if (!skb) { 341 printk(KERN_DEBUG "%s: failed to allocate buffer for " 342 "pspoll frame\n", sdata->dev->name); 343 return; 344 } 345 skb_reserve(skb, local->hw.extra_tx_headroom); 346 347 pspoll = (struct ieee80211_pspoll *) skb_put(skb, sizeof(*pspoll)); 348 memset(pspoll, 0, sizeof(*pspoll)); 349 fc = IEEE80211_FTYPE_CTL | IEEE80211_STYPE_PSPOLL | IEEE80211_FCTL_PM; 350 pspoll->frame_control = cpu_to_le16(fc); 351 pspoll->aid = cpu_to_le16(ifmgd->aid); 352 353 /* aid in PS-Poll has its two MSBs each set to 1 */ 354 pspoll->aid |= cpu_to_le16(1 << 15 | 1 << 14); 355 356 memcpy(pspoll->bssid, ifmgd->bssid, ETH_ALEN); 357 memcpy(pspoll->ta, sdata->dev->dev_addr, ETH_ALEN); 358 359 ieee80211_tx_skb(sdata, skb, 0); 360 } 361 362 /* MLME */ 363 static void ieee80211_sta_wmm_params(struct ieee80211_local *local, 364 struct ieee80211_if_managed *ifmgd, 365 u8 *wmm_param, size_t wmm_param_len) 366 { 367 struct ieee80211_tx_queue_params params; 368 size_t left; 369 int count; 370 u8 *pos; 371 372 if (!(ifmgd->flags & IEEE80211_STA_WMM_ENABLED)) 373 return; 374 375 if (!wmm_param) 376 return; 377 378 if (wmm_param_len < 8 || wmm_param[5] /* version */ != 1) 379 return; 380 count = wmm_param[6] & 0x0f; 381 if (count == ifmgd->wmm_last_param_set) 382 return; 383 ifmgd->wmm_last_param_set = count; 384 385 pos = wmm_param + 8; 386 left = wmm_param_len - 8; 387 388 memset(¶ms, 0, sizeof(params)); 389 390 local->wmm_acm = 0; 391 for (; left >= 4; left -= 4, pos += 4) { 392 int aci = (pos[0] >> 5) & 0x03; 393 int acm = (pos[0] >> 4) & 0x01; 394 int queue; 395 396 switch (aci) { 397 case 1: /* AC_BK */ 398 queue = 3; 399 if (acm) 400 local->wmm_acm |= BIT(1) | BIT(2); /* BK/- */ 401 break; 402 case 2: /* AC_VI */ 403 queue = 1; 404 if (acm) 405 local->wmm_acm |= BIT(4) | BIT(5); /* CL/VI */ 406 break; 407 case 3: /* AC_VO */ 408 queue = 0; 409 if (acm) 410 local->wmm_acm |= BIT(6) | BIT(7); /* VO/NC */ 411 break; 412 case 0: /* AC_BE */ 413 default: 414 queue = 2; 415 if (acm) 416 local->wmm_acm |= BIT(0) | BIT(3); /* BE/EE */ 417 break; 418 } 419 420 params.aifs = pos[0] & 0x0f; 421 params.cw_max = ecw2cw((pos[1] & 0xf0) >> 4); 422 params.cw_min = ecw2cw(pos[1] & 0x0f); 423 params.txop = get_unaligned_le16(pos + 2); 424 #ifdef CONFIG_MAC80211_VERBOSE_DEBUG 425 printk(KERN_DEBUG "%s: WMM queue=%d aci=%d acm=%d aifs=%d " 426 "cWmin=%d cWmax=%d txop=%d\n", 427 local->mdev->name, queue, aci, acm, params.aifs, params.cw_min, 428 params.cw_max, params.txop); 429 #endif 430 if (local->ops->conf_tx && 431 local->ops->conf_tx(local_to_hw(local), queue, ¶ms)) { 432 printk(KERN_DEBUG "%s: failed to set TX queue " 433 "parameters for queue %d\n", local->mdev->name, queue); 434 } 435 } 436 } 437 438 static bool ieee80211_check_tim(struct ieee802_11_elems *elems, u16 aid) 439 { 440 u8 mask; 441 u8 index, indexn1, indexn2; 442 struct ieee80211_tim_ie *tim = (struct ieee80211_tim_ie *) elems->tim; 443 444 if (unlikely(!tim || elems->tim_len < 4)) 445 return false; 446 447 aid &= 0x3fff; 448 index = aid / 8; 449 mask = 1 << (aid & 7); 450 451 indexn1 = tim->bitmap_ctrl & 0xfe; 452 indexn2 = elems->tim_len + indexn1 - 4; 453 454 if (index < indexn1 || index > indexn2) 455 return false; 456 457 index -= indexn1; 458 459 return !!(tim->virtual_map[index] & mask); 460 } 461 462 static u32 ieee80211_handle_bss_capability(struct ieee80211_sub_if_data *sdata, 463 u16 capab, bool erp_valid, u8 erp) 464 { 465 struct ieee80211_bss_conf *bss_conf = &sdata->vif.bss_conf; 466 #ifdef CONFIG_MAC80211_VERBOSE_DEBUG 467 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 468 #endif 469 u32 changed = 0; 470 bool use_protection; 471 bool use_short_preamble; 472 bool use_short_slot; 473 474 if (erp_valid) { 475 use_protection = (erp & WLAN_ERP_USE_PROTECTION) != 0; 476 use_short_preamble = (erp & WLAN_ERP_BARKER_PREAMBLE) == 0; 477 } else { 478 use_protection = false; 479 use_short_preamble = !!(capab & WLAN_CAPABILITY_SHORT_PREAMBLE); 480 } 481 482 use_short_slot = !!(capab & WLAN_CAPABILITY_SHORT_SLOT_TIME); 483 484 if (use_protection != bss_conf->use_cts_prot) { 485 #ifdef CONFIG_MAC80211_VERBOSE_DEBUG 486 if (net_ratelimit()) { 487 printk(KERN_DEBUG "%s: CTS protection %s (BSSID=%pM)\n", 488 sdata->dev->name, 489 use_protection ? "enabled" : "disabled", 490 ifmgd->bssid); 491 } 492 #endif 493 bss_conf->use_cts_prot = use_protection; 494 changed |= BSS_CHANGED_ERP_CTS_PROT; 495 } 496 497 if (use_short_preamble != bss_conf->use_short_preamble) { 498 #ifdef CONFIG_MAC80211_VERBOSE_DEBUG 499 if (net_ratelimit()) { 500 printk(KERN_DEBUG "%s: switched to %s barker preamble" 501 " (BSSID=%pM)\n", 502 sdata->dev->name, 503 use_short_preamble ? "short" : "long", 504 ifmgd->bssid); 505 } 506 #endif 507 bss_conf->use_short_preamble = use_short_preamble; 508 changed |= BSS_CHANGED_ERP_PREAMBLE; 509 } 510 511 if (use_short_slot != bss_conf->use_short_slot) { 512 #ifdef CONFIG_MAC80211_VERBOSE_DEBUG 513 if (net_ratelimit()) { 514 printk(KERN_DEBUG "%s: switched to %s slot time" 515 " (BSSID=%pM)\n", 516 sdata->dev->name, 517 use_short_slot ? "short" : "long", 518 ifmgd->bssid); 519 } 520 #endif 521 bss_conf->use_short_slot = use_short_slot; 522 changed |= BSS_CHANGED_ERP_SLOT; 523 } 524 525 return changed; 526 } 527 528 static void ieee80211_sta_send_apinfo(struct ieee80211_sub_if_data *sdata) 529 { 530 union iwreq_data wrqu; 531 532 memset(&wrqu, 0, sizeof(wrqu)); 533 if (sdata->u.mgd.flags & IEEE80211_STA_ASSOCIATED) 534 memcpy(wrqu.ap_addr.sa_data, sdata->u.mgd.bssid, ETH_ALEN); 535 wrqu.ap_addr.sa_family = ARPHRD_ETHER; 536 wireless_send_event(sdata->dev, SIOCGIWAP, &wrqu, NULL); 537 } 538 539 static void ieee80211_sta_send_associnfo(struct ieee80211_sub_if_data *sdata) 540 { 541 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 542 char *buf; 543 size_t len; 544 int i; 545 union iwreq_data wrqu; 546 547 if (!ifmgd->assocreq_ies && !ifmgd->assocresp_ies) 548 return; 549 550 buf = kmalloc(50 + 2 * (ifmgd->assocreq_ies_len + 551 ifmgd->assocresp_ies_len), GFP_KERNEL); 552 if (!buf) 553 return; 554 555 len = sprintf(buf, "ASSOCINFO("); 556 if (ifmgd->assocreq_ies) { 557 len += sprintf(buf + len, "ReqIEs="); 558 for (i = 0; i < ifmgd->assocreq_ies_len; i++) { 559 len += sprintf(buf + len, "%02x", 560 ifmgd->assocreq_ies[i]); 561 } 562 } 563 if (ifmgd->assocresp_ies) { 564 if (ifmgd->assocreq_ies) 565 len += sprintf(buf + len, " "); 566 len += sprintf(buf + len, "RespIEs="); 567 for (i = 0; i < ifmgd->assocresp_ies_len; i++) { 568 len += sprintf(buf + len, "%02x", 569 ifmgd->assocresp_ies[i]); 570 } 571 } 572 len += sprintf(buf + len, ")"); 573 574 if (len > IW_CUSTOM_MAX) { 575 len = sprintf(buf, "ASSOCRESPIE="); 576 for (i = 0; i < ifmgd->assocresp_ies_len; i++) { 577 len += sprintf(buf + len, "%02x", 578 ifmgd->assocresp_ies[i]); 579 } 580 } 581 582 if (len <= IW_CUSTOM_MAX) { 583 memset(&wrqu, 0, sizeof(wrqu)); 584 wrqu.data.length = len; 585 wireless_send_event(sdata->dev, IWEVCUSTOM, &wrqu, buf); 586 } 587 588 kfree(buf); 589 } 590 591 592 static void ieee80211_set_associated(struct ieee80211_sub_if_data *sdata, 593 u32 bss_info_changed) 594 { 595 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 596 struct ieee80211_local *local = sdata->local; 597 struct ieee80211_conf *conf = &local_to_hw(local)->conf; 598 599 struct ieee80211_bss *bss; 600 601 bss_info_changed |= BSS_CHANGED_ASSOC; 602 ifmgd->flags |= IEEE80211_STA_ASSOCIATED; 603 604 bss = ieee80211_rx_bss_get(local, ifmgd->bssid, 605 conf->channel->center_freq, 606 ifmgd->ssid, ifmgd->ssid_len); 607 if (bss) { 608 /* set timing information */ 609 sdata->vif.bss_conf.beacon_int = bss->cbss.beacon_interval; 610 sdata->vif.bss_conf.timestamp = bss->cbss.tsf; 611 sdata->vif.bss_conf.dtim_period = bss->dtim_period; 612 613 bss_info_changed |= ieee80211_handle_bss_capability(sdata, 614 bss->cbss.capability, bss->has_erp_value, bss->erp_value); 615 616 cfg80211_hold_bss(&bss->cbss); 617 618 ieee80211_rx_bss_put(local, bss); 619 } 620 621 ifmgd->flags |= IEEE80211_STA_PREV_BSSID_SET; 622 memcpy(ifmgd->prev_bssid, sdata->u.mgd.bssid, ETH_ALEN); 623 ieee80211_sta_send_associnfo(sdata); 624 625 ifmgd->last_probe = jiffies; 626 ieee80211_led_assoc(local, 1); 627 628 sdata->vif.bss_conf.assoc = 1; 629 /* 630 * For now just always ask the driver to update the basic rateset 631 * when we have associated, we aren't checking whether it actually 632 * changed or not. 633 */ 634 bss_info_changed |= BSS_CHANGED_BASIC_RATES; 635 ieee80211_bss_info_change_notify(sdata, bss_info_changed); 636 637 if (local->powersave) { 638 if (!(local->hw.flags & IEEE80211_HW_SUPPORTS_DYNAMIC_PS) && 639 local->hw.conf.dynamic_ps_timeout > 0) { 640 mod_timer(&local->dynamic_ps_timer, jiffies + 641 msecs_to_jiffies( 642 local->hw.conf.dynamic_ps_timeout)); 643 } else { 644 if (local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK) 645 ieee80211_send_nullfunc(local, sdata, 1); 646 conf->flags |= IEEE80211_CONF_PS; 647 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS); 648 } 649 } 650 651 netif_tx_start_all_queues(sdata->dev); 652 netif_carrier_on(sdata->dev); 653 654 ieee80211_sta_send_apinfo(sdata); 655 } 656 657 static void ieee80211_direct_probe(struct ieee80211_sub_if_data *sdata) 658 { 659 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 660 struct ieee80211_local *local = sdata->local; 661 662 ifmgd->direct_probe_tries++; 663 if (ifmgd->direct_probe_tries > IEEE80211_AUTH_MAX_TRIES) { 664 printk(KERN_DEBUG "%s: direct probe to AP %pM timed out\n", 665 sdata->dev->name, ifmgd->bssid); 666 ifmgd->state = IEEE80211_STA_MLME_DISABLED; 667 ieee80211_sta_send_apinfo(sdata); 668 669 /* 670 * Most likely AP is not in the range so remove the 671 * bss information associated to the AP 672 */ 673 ieee80211_rx_bss_remove(sdata, ifmgd->bssid, 674 sdata->local->hw.conf.channel->center_freq, 675 ifmgd->ssid, ifmgd->ssid_len); 676 677 /* 678 * We might have a pending scan which had no chance to run yet 679 * due to state == IEEE80211_STA_MLME_DIRECT_PROBE. 680 * Hence, queue the STAs work again 681 */ 682 queue_work(local->hw.workqueue, &ifmgd->work); 683 return; 684 } 685 686 printk(KERN_DEBUG "%s: direct probe to AP %pM try %d\n", 687 sdata->dev->name, ifmgd->bssid, 688 ifmgd->direct_probe_tries); 689 690 ifmgd->state = IEEE80211_STA_MLME_DIRECT_PROBE; 691 692 set_bit(IEEE80211_STA_REQ_DIRECT_PROBE, &ifmgd->request); 693 694 /* Direct probe is sent to broadcast address as some APs 695 * will not answer to direct packet in unassociated state. 696 */ 697 ieee80211_send_probe_req(sdata, NULL, 698 ifmgd->ssid, ifmgd->ssid_len, NULL, 0); 699 700 mod_timer(&ifmgd->timer, jiffies + IEEE80211_AUTH_TIMEOUT); 701 } 702 703 704 static void ieee80211_authenticate(struct ieee80211_sub_if_data *sdata) 705 { 706 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 707 struct ieee80211_local *local = sdata->local; 708 u8 *ies; 709 size_t ies_len; 710 711 ifmgd->auth_tries++; 712 if (ifmgd->auth_tries > IEEE80211_AUTH_MAX_TRIES) { 713 printk(KERN_DEBUG "%s: authentication with AP %pM" 714 " timed out\n", 715 sdata->dev->name, ifmgd->bssid); 716 ifmgd->state = IEEE80211_STA_MLME_DISABLED; 717 ieee80211_sta_send_apinfo(sdata); 718 ieee80211_rx_bss_remove(sdata, ifmgd->bssid, 719 sdata->local->hw.conf.channel->center_freq, 720 ifmgd->ssid, ifmgd->ssid_len); 721 722 /* 723 * We might have a pending scan which had no chance to run yet 724 * due to state == IEEE80211_STA_MLME_AUTHENTICATE. 725 * Hence, queue the STAs work again 726 */ 727 queue_work(local->hw.workqueue, &ifmgd->work); 728 return; 729 } 730 731 ifmgd->state = IEEE80211_STA_MLME_AUTHENTICATE; 732 printk(KERN_DEBUG "%s: authenticate with AP %pM\n", 733 sdata->dev->name, ifmgd->bssid); 734 735 if (ifmgd->flags & IEEE80211_STA_EXT_SME) { 736 ies = ifmgd->sme_auth_ie; 737 ies_len = ifmgd->sme_auth_ie_len; 738 } else { 739 ies = NULL; 740 ies_len = 0; 741 } 742 ieee80211_send_auth(sdata, 1, ifmgd->auth_alg, ies, ies_len, 743 ifmgd->bssid, 0); 744 ifmgd->auth_transaction = 2; 745 746 mod_timer(&ifmgd->timer, jiffies + IEEE80211_AUTH_TIMEOUT); 747 } 748 749 /* 750 * The disassoc 'reason' argument can be either our own reason 751 * if self disconnected or a reason code from the AP. 752 */ 753 static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata, 754 bool deauth, bool self_disconnected, 755 u16 reason) 756 { 757 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 758 struct ieee80211_local *local = sdata->local; 759 struct ieee80211_conf *conf = &local_to_hw(local)->conf; 760 struct ieee80211_bss *bss; 761 struct sta_info *sta; 762 u32 changed = 0, config_changed = 0; 763 764 rcu_read_lock(); 765 766 sta = sta_info_get(local, ifmgd->bssid); 767 if (!sta) { 768 rcu_read_unlock(); 769 return; 770 } 771 772 if (deauth) { 773 ifmgd->direct_probe_tries = 0; 774 ifmgd->auth_tries = 0; 775 } 776 ifmgd->assoc_scan_tries = 0; 777 ifmgd->assoc_tries = 0; 778 779 netif_tx_stop_all_queues(sdata->dev); 780 netif_carrier_off(sdata->dev); 781 782 ieee80211_sta_tear_down_BA_sessions(sta); 783 784 bss = ieee80211_rx_bss_get(local, ifmgd->bssid, 785 conf->channel->center_freq, 786 ifmgd->ssid, ifmgd->ssid_len); 787 788 if (bss) { 789 cfg80211_unhold_bss(&bss->cbss); 790 ieee80211_rx_bss_put(local, bss); 791 } 792 793 if (self_disconnected) { 794 if (deauth) 795 ieee80211_send_deauth_disassoc(sdata, 796 IEEE80211_STYPE_DEAUTH, reason); 797 else 798 ieee80211_send_deauth_disassoc(sdata, 799 IEEE80211_STYPE_DISASSOC, reason); 800 } 801 802 ifmgd->flags &= ~IEEE80211_STA_ASSOCIATED; 803 changed |= ieee80211_reset_erp_info(sdata); 804 805 ieee80211_led_assoc(local, 0); 806 changed |= BSS_CHANGED_ASSOC; 807 sdata->vif.bss_conf.assoc = false; 808 809 ieee80211_sta_send_apinfo(sdata); 810 811 if (self_disconnected || reason == WLAN_REASON_DISASSOC_STA_HAS_LEFT) { 812 ifmgd->state = IEEE80211_STA_MLME_DISABLED; 813 ieee80211_rx_bss_remove(sdata, ifmgd->bssid, 814 sdata->local->hw.conf.channel->center_freq, 815 ifmgd->ssid, ifmgd->ssid_len); 816 } 817 818 rcu_read_unlock(); 819 820 /* channel(_type) changes are handled by ieee80211_hw_config */ 821 local->oper_channel_type = NL80211_CHAN_NO_HT; 822 823 local->power_constr_level = 0; 824 825 del_timer_sync(&local->dynamic_ps_timer); 826 cancel_work_sync(&local->dynamic_ps_enable_work); 827 828 if (local->hw.conf.flags & IEEE80211_CONF_PS) { 829 local->hw.conf.flags &= ~IEEE80211_CONF_PS; 830 config_changed |= IEEE80211_CONF_CHANGE_PS; 831 } 832 833 ieee80211_hw_config(local, config_changed); 834 ieee80211_bss_info_change_notify(sdata, changed); 835 836 rcu_read_lock(); 837 838 sta = sta_info_get(local, ifmgd->bssid); 839 if (!sta) { 840 rcu_read_unlock(); 841 return; 842 } 843 844 sta_info_unlink(&sta); 845 846 rcu_read_unlock(); 847 848 sta_info_destroy(sta); 849 } 850 851 static int ieee80211_sta_wep_configured(struct ieee80211_sub_if_data *sdata) 852 { 853 if (!sdata || !sdata->default_key || 854 sdata->default_key->conf.alg != ALG_WEP) 855 return 0; 856 return 1; 857 } 858 859 static int ieee80211_privacy_mismatch(struct ieee80211_sub_if_data *sdata) 860 { 861 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 862 struct ieee80211_local *local = sdata->local; 863 struct ieee80211_bss *bss; 864 int bss_privacy; 865 int wep_privacy; 866 int privacy_invoked; 867 868 if (!ifmgd || (ifmgd->flags & IEEE80211_STA_EXT_SME)) 869 return 0; 870 871 bss = ieee80211_rx_bss_get(local, ifmgd->bssid, 872 local->hw.conf.channel->center_freq, 873 ifmgd->ssid, ifmgd->ssid_len); 874 if (!bss) 875 return 0; 876 877 bss_privacy = !!(bss->cbss.capability & WLAN_CAPABILITY_PRIVACY); 878 wep_privacy = !!ieee80211_sta_wep_configured(sdata); 879 privacy_invoked = !!(ifmgd->flags & IEEE80211_STA_PRIVACY_INVOKED); 880 881 ieee80211_rx_bss_put(local, bss); 882 883 if ((bss_privacy == wep_privacy) || (bss_privacy == privacy_invoked)) 884 return 0; 885 886 return 1; 887 } 888 889 static void ieee80211_associate(struct ieee80211_sub_if_data *sdata) 890 { 891 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 892 struct ieee80211_local *local = sdata->local; 893 894 ifmgd->assoc_tries++; 895 if (ifmgd->assoc_tries > IEEE80211_ASSOC_MAX_TRIES) { 896 printk(KERN_DEBUG "%s: association with AP %pM" 897 " timed out\n", 898 sdata->dev->name, ifmgd->bssid); 899 ifmgd->state = IEEE80211_STA_MLME_DISABLED; 900 ieee80211_sta_send_apinfo(sdata); 901 ieee80211_rx_bss_remove(sdata, ifmgd->bssid, 902 sdata->local->hw.conf.channel->center_freq, 903 ifmgd->ssid, ifmgd->ssid_len); 904 /* 905 * We might have a pending scan which had no chance to run yet 906 * due to state == IEEE80211_STA_MLME_ASSOCIATE. 907 * Hence, queue the STAs work again 908 */ 909 queue_work(local->hw.workqueue, &ifmgd->work); 910 return; 911 } 912 913 ifmgd->state = IEEE80211_STA_MLME_ASSOCIATE; 914 printk(KERN_DEBUG "%s: associate with AP %pM\n", 915 sdata->dev->name, ifmgd->bssid); 916 if (ieee80211_privacy_mismatch(sdata)) { 917 printk(KERN_DEBUG "%s: mismatch in privacy configuration and " 918 "mixed-cell disabled - abort association\n", sdata->dev->name); 919 ifmgd->state = IEEE80211_STA_MLME_DISABLED; 920 return; 921 } 922 923 ieee80211_send_assoc(sdata); 924 925 mod_timer(&ifmgd->timer, jiffies + IEEE80211_ASSOC_TIMEOUT); 926 } 927 928 void ieee80211_sta_rx_notify(struct ieee80211_sub_if_data *sdata, 929 struct ieee80211_hdr *hdr) 930 { 931 /* 932 * We can postpone the mgd.timer whenever receiving unicast frames 933 * from AP because we know that the connection is working both ways 934 * at that time. But multicast frames (and hence also beacons) must 935 * be ignored here, because we need to trigger the timer during 936 * data idle periods for sending the periodical probe request to 937 * the AP. 938 */ 939 if (!is_multicast_ether_addr(hdr->addr1)) 940 mod_timer(&sdata->u.mgd.timer, 941 jiffies + IEEE80211_MONITORING_INTERVAL); 942 } 943 944 void ieee80211_beacon_loss_work(struct work_struct *work) 945 { 946 struct ieee80211_sub_if_data *sdata = 947 container_of(work, struct ieee80211_sub_if_data, 948 u.mgd.beacon_loss_work); 949 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 950 951 #ifdef CONFIG_MAC80211_VERBOSE_DEBUG 952 if (net_ratelimit()) { 953 printk(KERN_DEBUG "%s: driver reports beacon loss from AP %pM " 954 "- sending probe request\n", sdata->dev->name, 955 sdata->u.mgd.bssid); 956 } 957 #endif 958 959 ifmgd->flags |= IEEE80211_STA_PROBEREQ_POLL; 960 ieee80211_send_probe_req(sdata, ifmgd->bssid, ifmgd->ssid, 961 ifmgd->ssid_len, NULL, 0); 962 963 mod_timer(&ifmgd->timer, jiffies + IEEE80211_MONITORING_INTERVAL); 964 } 965 966 void ieee80211_beacon_loss(struct ieee80211_vif *vif) 967 { 968 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); 969 970 queue_work(sdata->local->hw.workqueue, 971 &sdata->u.mgd.beacon_loss_work); 972 } 973 EXPORT_SYMBOL(ieee80211_beacon_loss); 974 975 static void ieee80211_associated(struct ieee80211_sub_if_data *sdata) 976 { 977 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 978 struct ieee80211_local *local = sdata->local; 979 struct sta_info *sta; 980 bool disassoc = false; 981 982 /* TODO: start monitoring current AP signal quality and number of 983 * missed beacons. Scan other channels every now and then and search 984 * for better APs. */ 985 /* TODO: remove expired BSSes */ 986 987 ifmgd->state = IEEE80211_STA_MLME_ASSOCIATED; 988 989 rcu_read_lock(); 990 991 sta = sta_info_get(local, ifmgd->bssid); 992 if (!sta) { 993 printk(KERN_DEBUG "%s: No STA entry for own AP %pM\n", 994 sdata->dev->name, ifmgd->bssid); 995 disassoc = true; 996 goto unlock; 997 } 998 999 if ((ifmgd->flags & IEEE80211_STA_PROBEREQ_POLL) && 1000 time_after(jiffies, sta->last_rx + IEEE80211_MONITORING_INTERVAL)) { 1001 printk(KERN_DEBUG "%s: no probe response from AP %pM " 1002 "- disassociating\n", 1003 sdata->dev->name, ifmgd->bssid); 1004 disassoc = true; 1005 ifmgd->flags &= ~IEEE80211_STA_PROBEREQ_POLL; 1006 goto unlock; 1007 } 1008 1009 /* 1010 * Beacon filtering is only enabled with power save and then the 1011 * stack should not check for beacon loss. 1012 */ 1013 if (!((local->hw.flags & IEEE80211_HW_BEACON_FILTER) && 1014 (local->hw.conf.flags & IEEE80211_CONF_PS)) && 1015 time_after(jiffies, 1016 ifmgd->last_beacon + IEEE80211_MONITORING_INTERVAL)) { 1017 #ifdef CONFIG_MAC80211_VERBOSE_DEBUG 1018 if (net_ratelimit()) { 1019 printk(KERN_DEBUG "%s: beacon loss from AP %pM " 1020 "- sending probe request\n", 1021 sdata->dev->name, ifmgd->bssid); 1022 } 1023 #endif 1024 ifmgd->flags |= IEEE80211_STA_PROBEREQ_POLL; 1025 ieee80211_send_probe_req(sdata, ifmgd->bssid, ifmgd->ssid, 1026 ifmgd->ssid_len, NULL, 0); 1027 goto unlock; 1028 1029 } 1030 1031 if (time_after(jiffies, sta->last_rx + IEEE80211_PROBE_IDLE_TIME)) { 1032 ifmgd->flags |= IEEE80211_STA_PROBEREQ_POLL; 1033 ieee80211_send_probe_req(sdata, ifmgd->bssid, ifmgd->ssid, 1034 ifmgd->ssid_len, NULL, 0); 1035 } 1036 1037 unlock: 1038 rcu_read_unlock(); 1039 1040 if (disassoc) 1041 ieee80211_set_disassoc(sdata, true, true, 1042 WLAN_REASON_PREV_AUTH_NOT_VALID); 1043 else 1044 mod_timer(&ifmgd->timer, jiffies + 1045 IEEE80211_MONITORING_INTERVAL); 1046 } 1047 1048 1049 static void ieee80211_auth_completed(struct ieee80211_sub_if_data *sdata) 1050 { 1051 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1052 1053 printk(KERN_DEBUG "%s: authenticated\n", sdata->dev->name); 1054 ifmgd->flags |= IEEE80211_STA_AUTHENTICATED; 1055 if (ifmgd->flags & IEEE80211_STA_EXT_SME) { 1056 /* Wait for SME to request association */ 1057 ifmgd->state = IEEE80211_STA_MLME_DISABLED; 1058 } else 1059 ieee80211_associate(sdata); 1060 } 1061 1062 1063 static void ieee80211_auth_challenge(struct ieee80211_sub_if_data *sdata, 1064 struct ieee80211_mgmt *mgmt, 1065 size_t len) 1066 { 1067 u8 *pos; 1068 struct ieee802_11_elems elems; 1069 1070 pos = mgmt->u.auth.variable; 1071 ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems); 1072 if (!elems.challenge) 1073 return; 1074 ieee80211_send_auth(sdata, 3, sdata->u.mgd.auth_alg, 1075 elems.challenge - 2, elems.challenge_len + 2, 1076 sdata->u.mgd.bssid, 1); 1077 sdata->u.mgd.auth_transaction = 4; 1078 } 1079 1080 static void ieee80211_rx_mgmt_auth(struct ieee80211_sub_if_data *sdata, 1081 struct ieee80211_mgmt *mgmt, 1082 size_t len) 1083 { 1084 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1085 u16 auth_alg, auth_transaction, status_code; 1086 1087 if (ifmgd->state != IEEE80211_STA_MLME_AUTHENTICATE) 1088 return; 1089 1090 if (len < 24 + 6) 1091 return; 1092 1093 if (memcmp(ifmgd->bssid, mgmt->sa, ETH_ALEN) != 0) 1094 return; 1095 1096 if (memcmp(ifmgd->bssid, mgmt->bssid, ETH_ALEN) != 0) 1097 return; 1098 1099 auth_alg = le16_to_cpu(mgmt->u.auth.auth_alg); 1100 auth_transaction = le16_to_cpu(mgmt->u.auth.auth_transaction); 1101 status_code = le16_to_cpu(mgmt->u.auth.status_code); 1102 1103 if (auth_alg != ifmgd->auth_alg || 1104 auth_transaction != ifmgd->auth_transaction) 1105 return; 1106 1107 if (status_code != WLAN_STATUS_SUCCESS) { 1108 if (status_code == WLAN_STATUS_NOT_SUPPORTED_AUTH_ALG) { 1109 u8 algs[3]; 1110 const int num_algs = ARRAY_SIZE(algs); 1111 int i, pos; 1112 algs[0] = algs[1] = algs[2] = 0xff; 1113 if (ifmgd->auth_algs & IEEE80211_AUTH_ALG_OPEN) 1114 algs[0] = WLAN_AUTH_OPEN; 1115 if (ifmgd->auth_algs & IEEE80211_AUTH_ALG_SHARED_KEY) 1116 algs[1] = WLAN_AUTH_SHARED_KEY; 1117 if (ifmgd->auth_algs & IEEE80211_AUTH_ALG_LEAP) 1118 algs[2] = WLAN_AUTH_LEAP; 1119 if (ifmgd->auth_alg == WLAN_AUTH_OPEN) 1120 pos = 0; 1121 else if (ifmgd->auth_alg == WLAN_AUTH_SHARED_KEY) 1122 pos = 1; 1123 else 1124 pos = 2; 1125 for (i = 0; i < num_algs; i++) { 1126 pos++; 1127 if (pos >= num_algs) 1128 pos = 0; 1129 if (algs[pos] == ifmgd->auth_alg || 1130 algs[pos] == 0xff) 1131 continue; 1132 if (algs[pos] == WLAN_AUTH_SHARED_KEY && 1133 !ieee80211_sta_wep_configured(sdata)) 1134 continue; 1135 ifmgd->auth_alg = algs[pos]; 1136 break; 1137 } 1138 } 1139 return; 1140 } 1141 1142 switch (ifmgd->auth_alg) { 1143 case WLAN_AUTH_OPEN: 1144 case WLAN_AUTH_LEAP: 1145 case WLAN_AUTH_FT: 1146 ieee80211_auth_completed(sdata); 1147 cfg80211_send_rx_auth(sdata->dev, (u8 *) mgmt, len); 1148 break; 1149 case WLAN_AUTH_SHARED_KEY: 1150 if (ifmgd->auth_transaction == 4) { 1151 ieee80211_auth_completed(sdata); 1152 cfg80211_send_rx_auth(sdata->dev, (u8 *) mgmt, len); 1153 } else 1154 ieee80211_auth_challenge(sdata, mgmt, len); 1155 break; 1156 } 1157 } 1158 1159 1160 static void ieee80211_rx_mgmt_deauth(struct ieee80211_sub_if_data *sdata, 1161 struct ieee80211_mgmt *mgmt, 1162 size_t len) 1163 { 1164 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1165 u16 reason_code; 1166 1167 if (len < 24 + 2) 1168 return; 1169 1170 if (memcmp(ifmgd->bssid, mgmt->sa, ETH_ALEN)) 1171 return; 1172 1173 reason_code = le16_to_cpu(mgmt->u.deauth.reason_code); 1174 1175 if (ifmgd->flags & IEEE80211_STA_AUTHENTICATED) 1176 printk(KERN_DEBUG "%s: deauthenticated (Reason: %u)\n", 1177 sdata->dev->name, reason_code); 1178 1179 if (!(ifmgd->flags & IEEE80211_STA_EXT_SME) && 1180 (ifmgd->state == IEEE80211_STA_MLME_AUTHENTICATE || 1181 ifmgd->state == IEEE80211_STA_MLME_ASSOCIATE || 1182 ifmgd->state == IEEE80211_STA_MLME_ASSOCIATED)) { 1183 ifmgd->state = IEEE80211_STA_MLME_DIRECT_PROBE; 1184 mod_timer(&ifmgd->timer, jiffies + 1185 IEEE80211_RETRY_AUTH_INTERVAL); 1186 } 1187 1188 ieee80211_set_disassoc(sdata, true, false, 0); 1189 ifmgd->flags &= ~IEEE80211_STA_AUTHENTICATED; 1190 cfg80211_send_rx_deauth(sdata->dev, (u8 *) mgmt, len); 1191 } 1192 1193 1194 static void ieee80211_rx_mgmt_disassoc(struct ieee80211_sub_if_data *sdata, 1195 struct ieee80211_mgmt *mgmt, 1196 size_t len) 1197 { 1198 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1199 u16 reason_code; 1200 1201 if (len < 24 + 2) 1202 return; 1203 1204 if (memcmp(ifmgd->bssid, mgmt->sa, ETH_ALEN)) 1205 return; 1206 1207 reason_code = le16_to_cpu(mgmt->u.disassoc.reason_code); 1208 1209 if (ifmgd->flags & IEEE80211_STA_ASSOCIATED) 1210 printk(KERN_DEBUG "%s: disassociated (Reason: %u)\n", 1211 sdata->dev->name, reason_code); 1212 1213 if (!(ifmgd->flags & IEEE80211_STA_EXT_SME) && 1214 ifmgd->state == IEEE80211_STA_MLME_ASSOCIATED) { 1215 ifmgd->state = IEEE80211_STA_MLME_ASSOCIATE; 1216 mod_timer(&ifmgd->timer, jiffies + 1217 IEEE80211_RETRY_AUTH_INTERVAL); 1218 } 1219 1220 ieee80211_set_disassoc(sdata, false, false, reason_code); 1221 cfg80211_send_rx_disassoc(sdata->dev, (u8 *) mgmt, len); 1222 } 1223 1224 1225 static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata, 1226 struct ieee80211_mgmt *mgmt, 1227 size_t len, 1228 int reassoc) 1229 { 1230 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1231 struct ieee80211_local *local = sdata->local; 1232 struct ieee80211_supported_band *sband; 1233 struct sta_info *sta; 1234 u32 rates, basic_rates; 1235 u16 capab_info, status_code, aid; 1236 struct ieee802_11_elems elems; 1237 struct ieee80211_bss_conf *bss_conf = &sdata->vif.bss_conf; 1238 u8 *pos; 1239 u32 changed = 0; 1240 int i, j; 1241 bool have_higher_than_11mbit = false, newsta = false; 1242 u16 ap_ht_cap_flags; 1243 1244 /* AssocResp and ReassocResp have identical structure, so process both 1245 * of them in this function. */ 1246 1247 if (ifmgd->state != IEEE80211_STA_MLME_ASSOCIATE) 1248 return; 1249 1250 if (len < 24 + 6) 1251 return; 1252 1253 if (memcmp(ifmgd->bssid, mgmt->sa, ETH_ALEN) != 0) 1254 return; 1255 1256 capab_info = le16_to_cpu(mgmt->u.assoc_resp.capab_info); 1257 status_code = le16_to_cpu(mgmt->u.assoc_resp.status_code); 1258 aid = le16_to_cpu(mgmt->u.assoc_resp.aid); 1259 1260 printk(KERN_DEBUG "%s: RX %sssocResp from %pM (capab=0x%x " 1261 "status=%d aid=%d)\n", 1262 sdata->dev->name, reassoc ? "Rea" : "A", mgmt->sa, 1263 capab_info, status_code, (u16)(aid & ~(BIT(15) | BIT(14)))); 1264 1265 pos = mgmt->u.assoc_resp.variable; 1266 ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems); 1267 1268 if (status_code == WLAN_STATUS_ASSOC_REJECTED_TEMPORARILY && 1269 elems.timeout_int && elems.timeout_int_len == 5 && 1270 elems.timeout_int[0] == WLAN_TIMEOUT_ASSOC_COMEBACK) { 1271 u32 tu, ms; 1272 tu = get_unaligned_le32(elems.timeout_int + 1); 1273 ms = tu * 1024 / 1000; 1274 printk(KERN_DEBUG "%s: AP rejected association temporarily; " 1275 "comeback duration %u TU (%u ms)\n", 1276 sdata->dev->name, tu, ms); 1277 if (ms > IEEE80211_ASSOC_TIMEOUT) 1278 mod_timer(&ifmgd->timer, 1279 jiffies + msecs_to_jiffies(ms)); 1280 return; 1281 } 1282 1283 if (status_code != WLAN_STATUS_SUCCESS) { 1284 printk(KERN_DEBUG "%s: AP denied association (code=%d)\n", 1285 sdata->dev->name, status_code); 1286 /* if this was a reassociation, ensure we try a "full" 1287 * association next time. This works around some broken APs 1288 * which do not correctly reject reassociation requests. */ 1289 ifmgd->flags &= ~IEEE80211_STA_PREV_BSSID_SET; 1290 return; 1291 } 1292 1293 if ((aid & (BIT(15) | BIT(14))) != (BIT(15) | BIT(14))) 1294 printk(KERN_DEBUG "%s: invalid aid value %d; bits 15:14 not " 1295 "set\n", sdata->dev->name, aid); 1296 aid &= ~(BIT(15) | BIT(14)); 1297 1298 if (!elems.supp_rates) { 1299 printk(KERN_DEBUG "%s: no SuppRates element in AssocResp\n", 1300 sdata->dev->name); 1301 return; 1302 } 1303 1304 printk(KERN_DEBUG "%s: associated\n", sdata->dev->name); 1305 ifmgd->aid = aid; 1306 ifmgd->ap_capab = capab_info; 1307 1308 kfree(ifmgd->assocresp_ies); 1309 ifmgd->assocresp_ies_len = len - (pos - (u8 *) mgmt); 1310 ifmgd->assocresp_ies = kmalloc(ifmgd->assocresp_ies_len, GFP_KERNEL); 1311 if (ifmgd->assocresp_ies) 1312 memcpy(ifmgd->assocresp_ies, pos, ifmgd->assocresp_ies_len); 1313 1314 rcu_read_lock(); 1315 1316 /* Add STA entry for the AP */ 1317 sta = sta_info_get(local, ifmgd->bssid); 1318 if (!sta) { 1319 newsta = true; 1320 1321 sta = sta_info_alloc(sdata, ifmgd->bssid, GFP_ATOMIC); 1322 if (!sta) { 1323 printk(KERN_DEBUG "%s: failed to alloc STA entry for" 1324 " the AP\n", sdata->dev->name); 1325 rcu_read_unlock(); 1326 return; 1327 } 1328 1329 /* update new sta with its last rx activity */ 1330 sta->last_rx = jiffies; 1331 } 1332 1333 /* 1334 * FIXME: Do we really need to update the sta_info's information here? 1335 * We already know about the AP (we found it in our list) so it 1336 * should already be filled with the right info, no? 1337 * As is stands, all this is racy because typically we assume 1338 * the information that is filled in here (except flags) doesn't 1339 * change while a STA structure is alive. As such, it should move 1340 * to between the sta_info_alloc() and sta_info_insert() above. 1341 */ 1342 1343 set_sta_flags(sta, WLAN_STA_AUTH | WLAN_STA_ASSOC | WLAN_STA_ASSOC_AP | 1344 WLAN_STA_AUTHORIZED); 1345 1346 rates = 0; 1347 basic_rates = 0; 1348 sband = local->hw.wiphy->bands[local->hw.conf.channel->band]; 1349 1350 for (i = 0; i < elems.supp_rates_len; i++) { 1351 int rate = (elems.supp_rates[i] & 0x7f) * 5; 1352 bool is_basic = !!(elems.supp_rates[i] & 0x80); 1353 1354 if (rate > 110) 1355 have_higher_than_11mbit = true; 1356 1357 for (j = 0; j < sband->n_bitrates; j++) { 1358 if (sband->bitrates[j].bitrate == rate) { 1359 rates |= BIT(j); 1360 if (is_basic) 1361 basic_rates |= BIT(j); 1362 break; 1363 } 1364 } 1365 } 1366 1367 for (i = 0; i < elems.ext_supp_rates_len; i++) { 1368 int rate = (elems.ext_supp_rates[i] & 0x7f) * 5; 1369 bool is_basic = !!(elems.ext_supp_rates[i] & 0x80); 1370 1371 if (rate > 110) 1372 have_higher_than_11mbit = true; 1373 1374 for (j = 0; j < sband->n_bitrates; j++) { 1375 if (sband->bitrates[j].bitrate == rate) { 1376 rates |= BIT(j); 1377 if (is_basic) 1378 basic_rates |= BIT(j); 1379 break; 1380 } 1381 } 1382 } 1383 1384 sta->sta.supp_rates[local->hw.conf.channel->band] = rates; 1385 sdata->vif.bss_conf.basic_rates = basic_rates; 1386 1387 /* cf. IEEE 802.11 9.2.12 */ 1388 if (local->hw.conf.channel->band == IEEE80211_BAND_2GHZ && 1389 have_higher_than_11mbit) 1390 sdata->flags |= IEEE80211_SDATA_OPERATING_GMODE; 1391 else 1392 sdata->flags &= ~IEEE80211_SDATA_OPERATING_GMODE; 1393 1394 /* If TKIP/WEP is used, no need to parse AP's HT capabilities */ 1395 if (elems.ht_cap_elem && !(ifmgd->flags & IEEE80211_STA_TKIP_WEP_USED)) 1396 ieee80211_ht_cap_ie_to_sta_ht_cap(sband, 1397 elems.ht_cap_elem, &sta->sta.ht_cap); 1398 1399 ap_ht_cap_flags = sta->sta.ht_cap.cap; 1400 1401 rate_control_rate_init(sta); 1402 1403 if (ifmgd->flags & IEEE80211_STA_MFP_ENABLED) 1404 set_sta_flags(sta, WLAN_STA_MFP); 1405 1406 if (elems.wmm_param) 1407 set_sta_flags(sta, WLAN_STA_WME); 1408 1409 if (newsta) { 1410 int err = sta_info_insert(sta); 1411 if (err) { 1412 printk(KERN_DEBUG "%s: failed to insert STA entry for" 1413 " the AP (error %d)\n", sdata->dev->name, err); 1414 rcu_read_unlock(); 1415 return; 1416 } 1417 } 1418 1419 rcu_read_unlock(); 1420 1421 if (elems.wmm_param) 1422 ieee80211_sta_wmm_params(local, ifmgd, elems.wmm_param, 1423 elems.wmm_param_len); 1424 1425 if (elems.ht_info_elem && elems.wmm_param && 1426 (ifmgd->flags & IEEE80211_STA_WMM_ENABLED) && 1427 !(ifmgd->flags & IEEE80211_STA_TKIP_WEP_USED)) 1428 changed |= ieee80211_enable_ht(sdata, elems.ht_info_elem, 1429 ap_ht_cap_flags); 1430 1431 /* set AID and assoc capability, 1432 * ieee80211_set_associated() will tell the driver */ 1433 bss_conf->aid = aid; 1434 bss_conf->assoc_capability = capab_info; 1435 ieee80211_set_associated(sdata, changed); 1436 1437 /* 1438 * initialise the time of last beacon to be the association time, 1439 * otherwise beacon loss check will trigger immediately 1440 */ 1441 ifmgd->last_beacon = jiffies; 1442 1443 ieee80211_associated(sdata); 1444 cfg80211_send_rx_assoc(sdata->dev, (u8 *) mgmt, len); 1445 } 1446 1447 1448 static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata, 1449 struct ieee80211_mgmt *mgmt, 1450 size_t len, 1451 struct ieee80211_rx_status *rx_status, 1452 struct ieee802_11_elems *elems, 1453 bool beacon) 1454 { 1455 struct ieee80211_local *local = sdata->local; 1456 int freq; 1457 struct ieee80211_bss *bss; 1458 struct ieee80211_channel *channel; 1459 1460 if (elems->ds_params && elems->ds_params_len == 1) 1461 freq = ieee80211_channel_to_frequency(elems->ds_params[0]); 1462 else 1463 freq = rx_status->freq; 1464 1465 channel = ieee80211_get_channel(local->hw.wiphy, freq); 1466 1467 if (!channel || channel->flags & IEEE80211_CHAN_DISABLED) 1468 return; 1469 1470 bss = ieee80211_bss_info_update(local, rx_status, mgmt, len, elems, 1471 channel, beacon); 1472 if (!bss) 1473 return; 1474 1475 if (elems->ch_switch_elem && (elems->ch_switch_elem_len == 3) && 1476 (memcmp(mgmt->bssid, sdata->u.mgd.bssid, ETH_ALEN) == 0)) { 1477 struct ieee80211_channel_sw_ie *sw_elem = 1478 (struct ieee80211_channel_sw_ie *)elems->ch_switch_elem; 1479 ieee80211_process_chanswitch(sdata, sw_elem, bss); 1480 } 1481 1482 ieee80211_rx_bss_put(local, bss); 1483 } 1484 1485 1486 static void ieee80211_rx_mgmt_probe_resp(struct ieee80211_sub_if_data *sdata, 1487 struct ieee80211_mgmt *mgmt, 1488 size_t len, 1489 struct ieee80211_rx_status *rx_status) 1490 { 1491 struct ieee80211_if_managed *ifmgd; 1492 size_t baselen; 1493 struct ieee802_11_elems elems; 1494 1495 ifmgd = &sdata->u.mgd; 1496 1497 if (memcmp(mgmt->da, sdata->dev->dev_addr, ETH_ALEN)) 1498 return; /* ignore ProbeResp to foreign address */ 1499 1500 baselen = (u8 *) mgmt->u.probe_resp.variable - (u8 *) mgmt; 1501 if (baselen > len) 1502 return; 1503 1504 ieee802_11_parse_elems(mgmt->u.probe_resp.variable, len - baselen, 1505 &elems); 1506 1507 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems, false); 1508 1509 /* direct probe may be part of the association flow */ 1510 if (test_and_clear_bit(IEEE80211_STA_REQ_DIRECT_PROBE, 1511 &ifmgd->request)) { 1512 printk(KERN_DEBUG "%s direct probe responded\n", 1513 sdata->dev->name); 1514 ieee80211_authenticate(sdata); 1515 } 1516 1517 if (ifmgd->flags & IEEE80211_STA_PROBEREQ_POLL) 1518 ifmgd->flags &= ~IEEE80211_STA_PROBEREQ_POLL; 1519 } 1520 1521 static void ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata, 1522 struct ieee80211_mgmt *mgmt, 1523 size_t len, 1524 struct ieee80211_rx_status *rx_status) 1525 { 1526 struct ieee80211_if_managed *ifmgd; 1527 size_t baselen; 1528 struct ieee802_11_elems elems; 1529 struct ieee80211_local *local = sdata->local; 1530 u32 changed = 0; 1531 bool erp_valid, directed_tim; 1532 u8 erp_value = 0; 1533 1534 /* Process beacon from the current BSS */ 1535 baselen = (u8 *) mgmt->u.beacon.variable - (u8 *) mgmt; 1536 if (baselen > len) 1537 return; 1538 1539 ieee802_11_parse_elems(mgmt->u.beacon.variable, len - baselen, &elems); 1540 1541 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems, true); 1542 1543 if (sdata->vif.type != NL80211_IFTYPE_STATION) 1544 return; 1545 1546 ifmgd = &sdata->u.mgd; 1547 1548 if (!(ifmgd->flags & IEEE80211_STA_ASSOCIATED) || 1549 memcmp(ifmgd->bssid, mgmt->bssid, ETH_ALEN) != 0) 1550 return; 1551 1552 if (rx_status->freq != local->hw.conf.channel->center_freq) 1553 return; 1554 1555 ieee80211_sta_wmm_params(local, ifmgd, elems.wmm_param, 1556 elems.wmm_param_len); 1557 1558 if (local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK) { 1559 directed_tim = ieee80211_check_tim(&elems, ifmgd->aid); 1560 1561 if (directed_tim) { 1562 if (local->hw.conf.dynamic_ps_timeout > 0) { 1563 local->hw.conf.flags &= ~IEEE80211_CONF_PS; 1564 ieee80211_hw_config(local, 1565 IEEE80211_CONF_CHANGE_PS); 1566 ieee80211_send_nullfunc(local, sdata, 0); 1567 } else { 1568 local->pspolling = true; 1569 1570 /* 1571 * Here is assumed that the driver will be 1572 * able to send ps-poll frame and receive a 1573 * response even though power save mode is 1574 * enabled, but some drivers might require 1575 * to disable power save here. This needs 1576 * to be investigated. 1577 */ 1578 ieee80211_send_pspoll(local, sdata); 1579 } 1580 } 1581 } 1582 1583 if (elems.erp_info && elems.erp_info_len >= 1) { 1584 erp_valid = true; 1585 erp_value = elems.erp_info[0]; 1586 } else { 1587 erp_valid = false; 1588 } 1589 changed |= ieee80211_handle_bss_capability(sdata, 1590 le16_to_cpu(mgmt->u.beacon.capab_info), 1591 erp_valid, erp_value); 1592 1593 1594 if (elems.ht_cap_elem && elems.ht_info_elem && elems.wmm_param && 1595 !(ifmgd->flags & IEEE80211_STA_TKIP_WEP_USED)) { 1596 struct sta_info *sta; 1597 struct ieee80211_supported_band *sband; 1598 u16 ap_ht_cap_flags; 1599 1600 rcu_read_lock(); 1601 1602 sta = sta_info_get(local, ifmgd->bssid); 1603 if (!sta) { 1604 rcu_read_unlock(); 1605 return; 1606 } 1607 1608 sband = local->hw.wiphy->bands[local->hw.conf.channel->band]; 1609 1610 ieee80211_ht_cap_ie_to_sta_ht_cap(sband, 1611 elems.ht_cap_elem, &sta->sta.ht_cap); 1612 1613 ap_ht_cap_flags = sta->sta.ht_cap.cap; 1614 1615 rcu_read_unlock(); 1616 1617 changed |= ieee80211_enable_ht(sdata, elems.ht_info_elem, 1618 ap_ht_cap_flags); 1619 } 1620 1621 if (elems.country_elem) { 1622 /* Note we are only reviewing this on beacons 1623 * for the BSSID we are associated to */ 1624 regulatory_hint_11d(local->hw.wiphy, 1625 elems.country_elem, elems.country_elem_len); 1626 1627 /* TODO: IBSS also needs this */ 1628 if (elems.pwr_constr_elem) 1629 ieee80211_handle_pwr_constr(sdata, 1630 le16_to_cpu(mgmt->u.probe_resp.capab_info), 1631 elems.pwr_constr_elem, 1632 elems.pwr_constr_elem_len); 1633 } 1634 1635 ieee80211_bss_info_change_notify(sdata, changed); 1636 } 1637 1638 ieee80211_rx_result ieee80211_sta_rx_mgmt(struct ieee80211_sub_if_data *sdata, 1639 struct sk_buff *skb, 1640 struct ieee80211_rx_status *rx_status) 1641 { 1642 struct ieee80211_local *local = sdata->local; 1643 struct ieee80211_mgmt *mgmt; 1644 u16 fc; 1645 1646 if (skb->len < 24) 1647 return RX_DROP_MONITOR; 1648 1649 mgmt = (struct ieee80211_mgmt *) skb->data; 1650 fc = le16_to_cpu(mgmt->frame_control); 1651 1652 switch (fc & IEEE80211_FCTL_STYPE) { 1653 case IEEE80211_STYPE_PROBE_REQ: 1654 case IEEE80211_STYPE_PROBE_RESP: 1655 case IEEE80211_STYPE_BEACON: 1656 memcpy(skb->cb, rx_status, sizeof(*rx_status)); 1657 case IEEE80211_STYPE_AUTH: 1658 case IEEE80211_STYPE_ASSOC_RESP: 1659 case IEEE80211_STYPE_REASSOC_RESP: 1660 case IEEE80211_STYPE_DEAUTH: 1661 case IEEE80211_STYPE_DISASSOC: 1662 skb_queue_tail(&sdata->u.mgd.skb_queue, skb); 1663 queue_work(local->hw.workqueue, &sdata->u.mgd.work); 1664 return RX_QUEUED; 1665 } 1666 1667 return RX_DROP_MONITOR; 1668 } 1669 1670 static void ieee80211_sta_rx_queued_mgmt(struct ieee80211_sub_if_data *sdata, 1671 struct sk_buff *skb) 1672 { 1673 struct ieee80211_rx_status *rx_status; 1674 struct ieee80211_mgmt *mgmt; 1675 u16 fc; 1676 1677 rx_status = (struct ieee80211_rx_status *) skb->cb; 1678 mgmt = (struct ieee80211_mgmt *) skb->data; 1679 fc = le16_to_cpu(mgmt->frame_control); 1680 1681 switch (fc & IEEE80211_FCTL_STYPE) { 1682 case IEEE80211_STYPE_PROBE_RESP: 1683 ieee80211_rx_mgmt_probe_resp(sdata, mgmt, skb->len, 1684 rx_status); 1685 break; 1686 case IEEE80211_STYPE_BEACON: 1687 ieee80211_rx_mgmt_beacon(sdata, mgmt, skb->len, 1688 rx_status); 1689 break; 1690 case IEEE80211_STYPE_AUTH: 1691 ieee80211_rx_mgmt_auth(sdata, mgmt, skb->len); 1692 break; 1693 case IEEE80211_STYPE_ASSOC_RESP: 1694 ieee80211_rx_mgmt_assoc_resp(sdata, mgmt, skb->len, 0); 1695 break; 1696 case IEEE80211_STYPE_REASSOC_RESP: 1697 ieee80211_rx_mgmt_assoc_resp(sdata, mgmt, skb->len, 1); 1698 break; 1699 case IEEE80211_STYPE_DEAUTH: 1700 ieee80211_rx_mgmt_deauth(sdata, mgmt, skb->len); 1701 break; 1702 case IEEE80211_STYPE_DISASSOC: 1703 ieee80211_rx_mgmt_disassoc(sdata, mgmt, skb->len); 1704 break; 1705 } 1706 1707 kfree_skb(skb); 1708 } 1709 1710 static void ieee80211_sta_timer(unsigned long data) 1711 { 1712 struct ieee80211_sub_if_data *sdata = 1713 (struct ieee80211_sub_if_data *) data; 1714 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1715 struct ieee80211_local *local = sdata->local; 1716 1717 set_bit(IEEE80211_STA_REQ_RUN, &ifmgd->request); 1718 queue_work(local->hw.workqueue, &ifmgd->work); 1719 } 1720 1721 static void ieee80211_sta_reset_auth(struct ieee80211_sub_if_data *sdata) 1722 { 1723 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1724 struct ieee80211_local *local = sdata->local; 1725 1726 if (local->ops->reset_tsf) { 1727 /* Reset own TSF to allow time synchronization work. */ 1728 local->ops->reset_tsf(local_to_hw(local)); 1729 } 1730 1731 ifmgd->wmm_last_param_set = -1; /* allow any WMM update */ 1732 1733 1734 if (ifmgd->auth_algs & IEEE80211_AUTH_ALG_OPEN) 1735 ifmgd->auth_alg = WLAN_AUTH_OPEN; 1736 else if (ifmgd->auth_algs & IEEE80211_AUTH_ALG_SHARED_KEY) 1737 ifmgd->auth_alg = WLAN_AUTH_SHARED_KEY; 1738 else if (ifmgd->auth_algs & IEEE80211_AUTH_ALG_LEAP) 1739 ifmgd->auth_alg = WLAN_AUTH_LEAP; 1740 else if (ifmgd->auth_algs & IEEE80211_AUTH_ALG_FT) 1741 ifmgd->auth_alg = WLAN_AUTH_FT; 1742 else 1743 ifmgd->auth_alg = WLAN_AUTH_OPEN; 1744 ifmgd->auth_transaction = -1; 1745 ifmgd->flags &= ~IEEE80211_STA_ASSOCIATED; 1746 ifmgd->assoc_scan_tries = 0; 1747 ifmgd->direct_probe_tries = 0; 1748 ifmgd->auth_tries = 0; 1749 ifmgd->assoc_tries = 0; 1750 netif_tx_stop_all_queues(sdata->dev); 1751 netif_carrier_off(sdata->dev); 1752 } 1753 1754 static int ieee80211_sta_config_auth(struct ieee80211_sub_if_data *sdata) 1755 { 1756 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1757 struct ieee80211_local *local = sdata->local; 1758 struct ieee80211_bss *bss; 1759 u8 *bssid = ifmgd->bssid, *ssid = ifmgd->ssid; 1760 u8 ssid_len = ifmgd->ssid_len; 1761 u16 capa_mask = WLAN_CAPABILITY_ESS; 1762 u16 capa_val = WLAN_CAPABILITY_ESS; 1763 struct ieee80211_channel *chan = local->oper_channel; 1764 1765 if (!(ifmgd->flags & IEEE80211_STA_EXT_SME) && 1766 ifmgd->flags & (IEEE80211_STA_AUTO_SSID_SEL | 1767 IEEE80211_STA_AUTO_BSSID_SEL | 1768 IEEE80211_STA_AUTO_CHANNEL_SEL)) { 1769 capa_mask |= WLAN_CAPABILITY_PRIVACY; 1770 if (sdata->default_key) 1771 capa_val |= WLAN_CAPABILITY_PRIVACY; 1772 } 1773 1774 if (ifmgd->flags & IEEE80211_STA_AUTO_CHANNEL_SEL) 1775 chan = NULL; 1776 1777 if (ifmgd->flags & IEEE80211_STA_AUTO_BSSID_SEL) 1778 bssid = NULL; 1779 1780 if (ifmgd->flags & IEEE80211_STA_AUTO_SSID_SEL) { 1781 ssid = NULL; 1782 ssid_len = 0; 1783 } 1784 1785 bss = (void *)cfg80211_get_bss(local->hw.wiphy, chan, 1786 bssid, ssid, ssid_len, 1787 capa_mask, capa_val); 1788 1789 if (bss) { 1790 ieee80211_set_freq(sdata, bss->cbss.channel->center_freq); 1791 if (!(ifmgd->flags & IEEE80211_STA_SSID_SET)) 1792 ieee80211_sta_set_ssid(sdata, bss->ssid, 1793 bss->ssid_len); 1794 ieee80211_sta_set_bssid(sdata, bss->cbss.bssid); 1795 ieee80211_sta_def_wmm_params(sdata, bss->supp_rates_len, 1796 bss->supp_rates); 1797 if (sdata->u.mgd.mfp == IEEE80211_MFP_REQUIRED) 1798 sdata->u.mgd.flags |= IEEE80211_STA_MFP_ENABLED; 1799 else 1800 sdata->u.mgd.flags &= ~IEEE80211_STA_MFP_ENABLED; 1801 1802 /* Send out direct probe if no probe resp was received or 1803 * the one we have is outdated 1804 */ 1805 if (!bss->last_probe_resp || 1806 time_after(jiffies, bss->last_probe_resp 1807 + IEEE80211_SCAN_RESULT_EXPIRE)) 1808 ifmgd->state = IEEE80211_STA_MLME_DIRECT_PROBE; 1809 else 1810 ifmgd->state = IEEE80211_STA_MLME_AUTHENTICATE; 1811 1812 ieee80211_rx_bss_put(local, bss); 1813 ieee80211_sta_reset_auth(sdata); 1814 return 0; 1815 } else { 1816 if (ifmgd->assoc_scan_tries < IEEE80211_ASSOC_SCANS_MAX_TRIES) { 1817 ifmgd->assoc_scan_tries++; 1818 /* XXX maybe racy? */ 1819 if (local->scan_req) 1820 return -1; 1821 memcpy(local->int_scan_req.ssids[0].ssid, 1822 ifmgd->ssid, IEEE80211_MAX_SSID_LEN); 1823 if (ifmgd->flags & IEEE80211_STA_AUTO_SSID_SEL) 1824 local->int_scan_req.ssids[0].ssid_len = 0; 1825 else 1826 local->int_scan_req.ssids[0].ssid_len = ifmgd->ssid_len; 1827 1828 if (ieee80211_start_scan(sdata, &local->int_scan_req)) 1829 ieee80211_scan_failed(local); 1830 1831 ifmgd->state = IEEE80211_STA_MLME_AUTHENTICATE; 1832 set_bit(IEEE80211_STA_REQ_AUTH, &ifmgd->request); 1833 } else { 1834 ifmgd->assoc_scan_tries = 0; 1835 ifmgd->state = IEEE80211_STA_MLME_DISABLED; 1836 } 1837 } 1838 return -1; 1839 } 1840 1841 1842 static void ieee80211_sta_work(struct work_struct *work) 1843 { 1844 struct ieee80211_sub_if_data *sdata = 1845 container_of(work, struct ieee80211_sub_if_data, u.mgd.work); 1846 struct ieee80211_local *local = sdata->local; 1847 struct ieee80211_if_managed *ifmgd; 1848 struct sk_buff *skb; 1849 1850 if (!netif_running(sdata->dev)) 1851 return; 1852 1853 if (local->sw_scanning || local->hw_scanning) 1854 return; 1855 1856 if (WARN_ON(sdata->vif.type != NL80211_IFTYPE_STATION)) 1857 return; 1858 ifmgd = &sdata->u.mgd; 1859 1860 while ((skb = skb_dequeue(&ifmgd->skb_queue))) 1861 ieee80211_sta_rx_queued_mgmt(sdata, skb); 1862 1863 if (ifmgd->state != IEEE80211_STA_MLME_DIRECT_PROBE && 1864 ifmgd->state != IEEE80211_STA_MLME_AUTHENTICATE && 1865 ifmgd->state != IEEE80211_STA_MLME_ASSOCIATE && 1866 test_and_clear_bit(IEEE80211_STA_REQ_SCAN, &ifmgd->request)) { 1867 /* 1868 * The call to ieee80211_start_scan can fail but ieee80211_request_scan 1869 * (which queued ieee80211_sta_work) did not return an error. Thus, call 1870 * ieee80211_scan_failed here if ieee80211_start_scan fails in order to 1871 * notify the scan requester. 1872 */ 1873 if (ieee80211_start_scan(sdata, local->scan_req)) 1874 ieee80211_scan_failed(local); 1875 return; 1876 } 1877 1878 if (test_and_clear_bit(IEEE80211_STA_REQ_AUTH, &ifmgd->request)) { 1879 if (ieee80211_sta_config_auth(sdata)) 1880 return; 1881 clear_bit(IEEE80211_STA_REQ_RUN, &ifmgd->request); 1882 } else if (!test_and_clear_bit(IEEE80211_STA_REQ_RUN, &ifmgd->request)) 1883 return; 1884 1885 switch (ifmgd->state) { 1886 case IEEE80211_STA_MLME_DISABLED: 1887 break; 1888 case IEEE80211_STA_MLME_DIRECT_PROBE: 1889 ieee80211_direct_probe(sdata); 1890 break; 1891 case IEEE80211_STA_MLME_AUTHENTICATE: 1892 ieee80211_authenticate(sdata); 1893 break; 1894 case IEEE80211_STA_MLME_ASSOCIATE: 1895 ieee80211_associate(sdata); 1896 break; 1897 case IEEE80211_STA_MLME_ASSOCIATED: 1898 ieee80211_associated(sdata); 1899 break; 1900 default: 1901 WARN_ON(1); 1902 break; 1903 } 1904 1905 if (ieee80211_privacy_mismatch(sdata)) { 1906 printk(KERN_DEBUG "%s: privacy configuration mismatch and " 1907 "mixed-cell disabled - disassociate\n", sdata->dev->name); 1908 1909 ieee80211_set_disassoc(sdata, false, true, 1910 WLAN_REASON_UNSPECIFIED); 1911 } 1912 } 1913 1914 static void ieee80211_restart_sta_timer(struct ieee80211_sub_if_data *sdata) 1915 { 1916 if (sdata->vif.type == NL80211_IFTYPE_STATION) { 1917 /* 1918 * Need to update last_beacon to avoid beacon loss 1919 * test to trigger. 1920 */ 1921 sdata->u.mgd.last_beacon = jiffies; 1922 1923 1924 queue_work(sdata->local->hw.workqueue, 1925 &sdata->u.mgd.work); 1926 } 1927 } 1928 1929 /* interface setup */ 1930 void ieee80211_sta_setup_sdata(struct ieee80211_sub_if_data *sdata) 1931 { 1932 struct ieee80211_if_managed *ifmgd; 1933 1934 ifmgd = &sdata->u.mgd; 1935 INIT_WORK(&ifmgd->work, ieee80211_sta_work); 1936 INIT_WORK(&ifmgd->chswitch_work, ieee80211_chswitch_work); 1937 INIT_WORK(&ifmgd->beacon_loss_work, ieee80211_beacon_loss_work); 1938 setup_timer(&ifmgd->timer, ieee80211_sta_timer, 1939 (unsigned long) sdata); 1940 setup_timer(&ifmgd->chswitch_timer, ieee80211_chswitch_timer, 1941 (unsigned long) sdata); 1942 skb_queue_head_init(&ifmgd->skb_queue); 1943 1944 ifmgd->capab = WLAN_CAPABILITY_ESS; 1945 ifmgd->auth_algs = IEEE80211_AUTH_ALG_OPEN | 1946 IEEE80211_AUTH_ALG_SHARED_KEY; 1947 ifmgd->flags |= IEEE80211_STA_CREATE_IBSS | 1948 IEEE80211_STA_AUTO_BSSID_SEL | 1949 IEEE80211_STA_AUTO_CHANNEL_SEL; 1950 if (sdata->local->hw.queues >= 4) 1951 ifmgd->flags |= IEEE80211_STA_WMM_ENABLED; 1952 } 1953 1954 /* configuration hooks */ 1955 void ieee80211_sta_req_auth(struct ieee80211_sub_if_data *sdata) 1956 { 1957 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1958 struct ieee80211_local *local = sdata->local; 1959 1960 if (WARN_ON(sdata->vif.type != NL80211_IFTYPE_STATION)) 1961 return; 1962 1963 if ((ifmgd->flags & (IEEE80211_STA_BSSID_SET | 1964 IEEE80211_STA_AUTO_BSSID_SEL)) && 1965 (ifmgd->flags & (IEEE80211_STA_SSID_SET | 1966 IEEE80211_STA_AUTO_SSID_SEL))) { 1967 1968 if (ifmgd->state == IEEE80211_STA_MLME_ASSOCIATED) 1969 ieee80211_set_disassoc(sdata, true, true, 1970 WLAN_REASON_DEAUTH_LEAVING); 1971 1972 if (!(ifmgd->flags & IEEE80211_STA_EXT_SME) || 1973 ifmgd->state != IEEE80211_STA_MLME_ASSOCIATE) 1974 set_bit(IEEE80211_STA_REQ_AUTH, &ifmgd->request); 1975 else if (ifmgd->flags & IEEE80211_STA_EXT_SME) 1976 set_bit(IEEE80211_STA_REQ_RUN, &ifmgd->request); 1977 queue_work(local->hw.workqueue, &ifmgd->work); 1978 } 1979 } 1980 1981 int ieee80211_sta_commit(struct ieee80211_sub_if_data *sdata) 1982 { 1983 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1984 1985 if (ifmgd->ssid_len) 1986 ifmgd->flags |= IEEE80211_STA_SSID_SET; 1987 else 1988 ifmgd->flags &= ~IEEE80211_STA_SSID_SET; 1989 1990 return 0; 1991 } 1992 1993 int ieee80211_sta_set_ssid(struct ieee80211_sub_if_data *sdata, char *ssid, size_t len) 1994 { 1995 struct ieee80211_if_managed *ifmgd; 1996 1997 if (len > IEEE80211_MAX_SSID_LEN) 1998 return -EINVAL; 1999 2000 ifmgd = &sdata->u.mgd; 2001 2002 if (ifmgd->ssid_len != len || memcmp(ifmgd->ssid, ssid, len) != 0) { 2003 /* 2004 * Do not use reassociation if SSID is changed (different ESS). 2005 */ 2006 ifmgd->flags &= ~IEEE80211_STA_PREV_BSSID_SET; 2007 memset(ifmgd->ssid, 0, sizeof(ifmgd->ssid)); 2008 memcpy(ifmgd->ssid, ssid, len); 2009 ifmgd->ssid_len = len; 2010 } 2011 2012 return ieee80211_sta_commit(sdata); 2013 } 2014 2015 int ieee80211_sta_get_ssid(struct ieee80211_sub_if_data *sdata, char *ssid, size_t *len) 2016 { 2017 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2018 memcpy(ssid, ifmgd->ssid, ifmgd->ssid_len); 2019 *len = ifmgd->ssid_len; 2020 return 0; 2021 } 2022 2023 int ieee80211_sta_set_bssid(struct ieee80211_sub_if_data *sdata, u8 *bssid) 2024 { 2025 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2026 2027 if (is_valid_ether_addr(bssid)) { 2028 memcpy(ifmgd->bssid, bssid, ETH_ALEN); 2029 ifmgd->flags |= IEEE80211_STA_BSSID_SET; 2030 } else { 2031 memset(ifmgd->bssid, 0, ETH_ALEN); 2032 ifmgd->flags &= ~IEEE80211_STA_BSSID_SET; 2033 } 2034 2035 if (netif_running(sdata->dev)) { 2036 if (ieee80211_if_config(sdata, IEEE80211_IFCC_BSSID)) { 2037 printk(KERN_DEBUG "%s: Failed to config new BSSID to " 2038 "the low-level driver\n", sdata->dev->name); 2039 } 2040 } 2041 2042 return ieee80211_sta_commit(sdata); 2043 } 2044 2045 int ieee80211_sta_set_extra_ie(struct ieee80211_sub_if_data *sdata, 2046 const char *ie, size_t len) 2047 { 2048 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2049 2050 kfree(ifmgd->extra_ie); 2051 if (len == 0) { 2052 ifmgd->extra_ie = NULL; 2053 ifmgd->extra_ie_len = 0; 2054 return 0; 2055 } 2056 ifmgd->extra_ie = kmalloc(len, GFP_KERNEL); 2057 if (!ifmgd->extra_ie) { 2058 ifmgd->extra_ie_len = 0; 2059 return -ENOMEM; 2060 } 2061 memcpy(ifmgd->extra_ie, ie, len); 2062 ifmgd->extra_ie_len = len; 2063 return 0; 2064 } 2065 2066 int ieee80211_sta_deauthenticate(struct ieee80211_sub_if_data *sdata, u16 reason) 2067 { 2068 printk(KERN_DEBUG "%s: deauthenticating by local choice (reason=%d)\n", 2069 sdata->dev->name, reason); 2070 2071 if (sdata->vif.type != NL80211_IFTYPE_STATION) 2072 return -EINVAL; 2073 2074 ieee80211_set_disassoc(sdata, true, true, reason); 2075 return 0; 2076 } 2077 2078 int ieee80211_sta_disassociate(struct ieee80211_sub_if_data *sdata, u16 reason) 2079 { 2080 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2081 2082 printk(KERN_DEBUG "%s: disassociating by local choice (reason=%d)\n", 2083 sdata->dev->name, reason); 2084 2085 if (sdata->vif.type != NL80211_IFTYPE_STATION) 2086 return -EINVAL; 2087 2088 if (!(ifmgd->flags & IEEE80211_STA_ASSOCIATED)) 2089 return -ENOLINK; 2090 2091 ieee80211_set_disassoc(sdata, false, true, reason); 2092 return 0; 2093 } 2094 2095 /* scan finished notification */ 2096 void ieee80211_mlme_notify_scan_completed(struct ieee80211_local *local) 2097 { 2098 struct ieee80211_sub_if_data *sdata = local->scan_sdata; 2099 2100 /* Restart STA timers */ 2101 rcu_read_lock(); 2102 list_for_each_entry_rcu(sdata, &local->interfaces, list) 2103 ieee80211_restart_sta_timer(sdata); 2104 rcu_read_unlock(); 2105 } 2106 2107 void ieee80211_dynamic_ps_disable_work(struct work_struct *work) 2108 { 2109 struct ieee80211_local *local = 2110 container_of(work, struct ieee80211_local, 2111 dynamic_ps_disable_work); 2112 2113 if (local->hw.conf.flags & IEEE80211_CONF_PS) { 2114 local->hw.conf.flags &= ~IEEE80211_CONF_PS; 2115 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS); 2116 } 2117 2118 ieee80211_wake_queues_by_reason(&local->hw, 2119 IEEE80211_QUEUE_STOP_REASON_PS); 2120 } 2121 2122 void ieee80211_dynamic_ps_enable_work(struct work_struct *work) 2123 { 2124 struct ieee80211_local *local = 2125 container_of(work, struct ieee80211_local, 2126 dynamic_ps_enable_work); 2127 /* XXX: using scan_sdata is completely broken! */ 2128 struct ieee80211_sub_if_data *sdata = local->scan_sdata; 2129 2130 if (local->hw.conf.flags & IEEE80211_CONF_PS) 2131 return; 2132 2133 if (local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK && sdata) 2134 ieee80211_send_nullfunc(local, sdata, 1); 2135 2136 local->hw.conf.flags |= IEEE80211_CONF_PS; 2137 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS); 2138 } 2139 2140 void ieee80211_dynamic_ps_timer(unsigned long data) 2141 { 2142 struct ieee80211_local *local = (void *) data; 2143 2144 queue_work(local->hw.workqueue, &local->dynamic_ps_enable_work); 2145 } 2146 2147 void ieee80211_send_nullfunc(struct ieee80211_local *local, 2148 struct ieee80211_sub_if_data *sdata, 2149 int powersave) 2150 { 2151 struct sk_buff *skb; 2152 struct ieee80211_hdr *nullfunc; 2153 __le16 fc; 2154 2155 if (WARN_ON(sdata->vif.type != NL80211_IFTYPE_STATION)) 2156 return; 2157 2158 skb = dev_alloc_skb(local->hw.extra_tx_headroom + 24); 2159 if (!skb) { 2160 printk(KERN_DEBUG "%s: failed to allocate buffer for nullfunc " 2161 "frame\n", sdata->dev->name); 2162 return; 2163 } 2164 skb_reserve(skb, local->hw.extra_tx_headroom); 2165 2166 nullfunc = (struct ieee80211_hdr *) skb_put(skb, 24); 2167 memset(nullfunc, 0, 24); 2168 fc = cpu_to_le16(IEEE80211_FTYPE_DATA | IEEE80211_STYPE_NULLFUNC | 2169 IEEE80211_FCTL_TODS); 2170 if (powersave) 2171 fc |= cpu_to_le16(IEEE80211_FCTL_PM); 2172 nullfunc->frame_control = fc; 2173 memcpy(nullfunc->addr1, sdata->u.mgd.bssid, ETH_ALEN); 2174 memcpy(nullfunc->addr2, sdata->dev->dev_addr, ETH_ALEN); 2175 memcpy(nullfunc->addr3, sdata->u.mgd.bssid, ETH_ALEN); 2176 2177 ieee80211_tx_skb(sdata, skb, 0); 2178 } 2179