1 /* 2 * IBSS mode implementation 3 * Copyright 2003-2008, Jouni Malinen <j@w1.fi> 4 * Copyright 2004, Instant802 Networks, Inc. 5 * Copyright 2005, Devicescape Software, Inc. 6 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz> 7 * Copyright 2007, Michael Wu <flamingice@sourmilk.net> 8 * Copyright 2009, Johannes Berg <johannes@sipsolutions.net> 9 * 10 * This program is free software; you can redistribute it and/or modify 11 * it under the terms of the GNU General Public License version 2 as 12 * published by the Free Software Foundation. 13 */ 14 15 #include <linux/delay.h> 16 #include <linux/slab.h> 17 #include <linux/if_ether.h> 18 #include <linux/skbuff.h> 19 #include <linux/if_arp.h> 20 #include <linux/etherdevice.h> 21 #include <linux/rtnetlink.h> 22 #include <net/mac80211.h> 23 #include <asm/unaligned.h> 24 25 #include "ieee80211_i.h" 26 #include "driver-ops.h" 27 #include "rate.h" 28 29 #define IEEE80211_SCAN_INTERVAL (2 * HZ) 30 #define IEEE80211_SCAN_INTERVAL_SLOW (15 * HZ) 31 #define IEEE80211_IBSS_JOIN_TIMEOUT (7 * HZ) 32 33 #define IEEE80211_IBSS_MERGE_INTERVAL (30 * HZ) 34 #define IEEE80211_IBSS_INACTIVITY_LIMIT (60 * HZ) 35 36 #define IEEE80211_IBSS_MAX_STA_ENTRIES 128 37 38 39 static void ieee80211_rx_mgmt_auth_ibss(struct ieee80211_sub_if_data *sdata, 40 struct ieee80211_mgmt *mgmt, 41 size_t len) 42 { 43 u16 auth_alg, auth_transaction; 44 45 lockdep_assert_held(&sdata->u.ibss.mtx); 46 47 if (len < 24 + 6) 48 return; 49 50 auth_alg = le16_to_cpu(mgmt->u.auth.auth_alg); 51 auth_transaction = le16_to_cpu(mgmt->u.auth.auth_transaction); 52 53 /* 54 * IEEE 802.11 standard does not require authentication in IBSS 55 * networks and most implementations do not seem to use it. 56 * However, try to reply to authentication attempts if someone 57 * has actually implemented this. 58 */ 59 if (auth_alg == WLAN_AUTH_OPEN && auth_transaction == 1) 60 ieee80211_send_auth(sdata, 2, WLAN_AUTH_OPEN, NULL, 0, 61 sdata->u.ibss.bssid, NULL, 0, 0); 62 } 63 64 static void __ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata, 65 const u8 *bssid, const int beacon_int, 66 struct ieee80211_channel *chan, 67 const u32 basic_rates, 68 const u16 capability, u64 tsf) 69 { 70 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; 71 struct ieee80211_local *local = sdata->local; 72 int rates, i; 73 struct sk_buff *skb; 74 struct ieee80211_mgmt *mgmt; 75 u8 *pos; 76 struct ieee80211_supported_band *sband; 77 struct cfg80211_bss *bss; 78 u32 bss_change; 79 u8 supp_rates[IEEE80211_MAX_SUPP_RATES]; 80 enum nl80211_channel_type channel_type; 81 82 lockdep_assert_held(&ifibss->mtx); 83 84 /* Reset own TSF to allow time synchronization work. */ 85 drv_reset_tsf(local, sdata); 86 87 skb = ifibss->skb; 88 RCU_INIT_POINTER(ifibss->presp, NULL); 89 synchronize_rcu(); 90 skb->data = skb->head; 91 skb->len = 0; 92 skb_reset_tail_pointer(skb); 93 skb_reserve(skb, sdata->local->hw.extra_tx_headroom); 94 95 if (memcmp(ifibss->bssid, bssid, ETH_ALEN)) 96 sta_info_flush(sdata->local, sdata); 97 98 /* if merging, indicate to driver that we leave the old IBSS */ 99 if (sdata->vif.bss_conf.ibss_joined) { 100 sdata->vif.bss_conf.ibss_joined = false; 101 netif_carrier_off(sdata->dev); 102 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_IBSS); 103 } 104 105 memcpy(ifibss->bssid, bssid, ETH_ALEN); 106 107 sdata->drop_unencrypted = capability & WLAN_CAPABILITY_PRIVACY ? 1 : 0; 108 109 channel_type = ifibss->channel_type; 110 if (channel_type > NL80211_CHAN_HT20 && 111 !cfg80211_can_beacon_sec_chan(local->hw.wiphy, chan, channel_type)) 112 channel_type = NL80211_CHAN_HT20; 113 if (!ieee80211_set_channel_type(local, sdata, channel_type)) { 114 /* can only fail due to HT40+/- mismatch */ 115 channel_type = NL80211_CHAN_HT20; 116 WARN_ON(!ieee80211_set_channel_type(local, sdata, 117 NL80211_CHAN_HT20)); 118 } 119 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_CHANNEL); 120 121 sband = local->hw.wiphy->bands[chan->band]; 122 123 /* build supported rates array */ 124 pos = supp_rates; 125 for (i = 0; i < sband->n_bitrates; i++) { 126 int rate = sband->bitrates[i].bitrate; 127 u8 basic = 0; 128 if (basic_rates & BIT(i)) 129 basic = 0x80; 130 *pos++ = basic | (u8) (rate / 5); 131 } 132 133 /* Build IBSS probe response */ 134 mgmt = (void *) skb_put(skb, 24 + sizeof(mgmt->u.beacon)); 135 memset(mgmt, 0, 24 + sizeof(mgmt->u.beacon)); 136 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | 137 IEEE80211_STYPE_PROBE_RESP); 138 memset(mgmt->da, 0xff, ETH_ALEN); 139 memcpy(mgmt->sa, sdata->vif.addr, ETH_ALEN); 140 memcpy(mgmt->bssid, ifibss->bssid, ETH_ALEN); 141 mgmt->u.beacon.beacon_int = cpu_to_le16(beacon_int); 142 mgmt->u.beacon.timestamp = cpu_to_le64(tsf); 143 mgmt->u.beacon.capab_info = cpu_to_le16(capability); 144 145 pos = skb_put(skb, 2 + ifibss->ssid_len); 146 *pos++ = WLAN_EID_SSID; 147 *pos++ = ifibss->ssid_len; 148 memcpy(pos, ifibss->ssid, ifibss->ssid_len); 149 150 rates = sband->n_bitrates; 151 if (rates > 8) 152 rates = 8; 153 pos = skb_put(skb, 2 + rates); 154 *pos++ = WLAN_EID_SUPP_RATES; 155 *pos++ = rates; 156 memcpy(pos, supp_rates, rates); 157 158 if (sband->band == IEEE80211_BAND_2GHZ) { 159 pos = skb_put(skb, 2 + 1); 160 *pos++ = WLAN_EID_DS_PARAMS; 161 *pos++ = 1; 162 *pos++ = ieee80211_frequency_to_channel(chan->center_freq); 163 } 164 165 pos = skb_put(skb, 2 + 2); 166 *pos++ = WLAN_EID_IBSS_PARAMS; 167 *pos++ = 2; 168 /* FIX: set ATIM window based on scan results */ 169 *pos++ = 0; 170 *pos++ = 0; 171 172 if (sband->n_bitrates > 8) { 173 rates = sband->n_bitrates - 8; 174 pos = skb_put(skb, 2 + rates); 175 *pos++ = WLAN_EID_EXT_SUPP_RATES; 176 *pos++ = rates; 177 memcpy(pos, &supp_rates[8], rates); 178 } 179 180 if (ifibss->ie_len) 181 memcpy(skb_put(skb, ifibss->ie_len), 182 ifibss->ie, ifibss->ie_len); 183 184 /* add HT capability and information IEs */ 185 if (channel_type && sband->ht_cap.ht_supported) { 186 pos = skb_put(skb, 4 + 187 sizeof(struct ieee80211_ht_cap) + 188 sizeof(struct ieee80211_ht_info)); 189 pos = ieee80211_ie_build_ht_cap(pos, &sband->ht_cap, 190 sband->ht_cap.cap); 191 pos = ieee80211_ie_build_ht_info(pos, 192 &sband->ht_cap, 193 chan, 194 channel_type); 195 } 196 197 if (local->hw.queues >= 4) { 198 pos = skb_put(skb, 9); 199 *pos++ = WLAN_EID_VENDOR_SPECIFIC; 200 *pos++ = 7; /* len */ 201 *pos++ = 0x00; /* Microsoft OUI 00:50:F2 */ 202 *pos++ = 0x50; 203 *pos++ = 0xf2; 204 *pos++ = 2; /* WME */ 205 *pos++ = 0; /* WME info */ 206 *pos++ = 1; /* WME ver */ 207 *pos++ = 0; /* U-APSD no in use */ 208 } 209 210 rcu_assign_pointer(ifibss->presp, skb); 211 212 sdata->vif.bss_conf.beacon_int = beacon_int; 213 sdata->vif.bss_conf.basic_rates = basic_rates; 214 bss_change = BSS_CHANGED_BEACON_INT; 215 bss_change |= ieee80211_reset_erp_info(sdata); 216 bss_change |= BSS_CHANGED_BSSID; 217 bss_change |= BSS_CHANGED_BEACON; 218 bss_change |= BSS_CHANGED_BEACON_ENABLED; 219 bss_change |= BSS_CHANGED_BASIC_RATES; 220 bss_change |= BSS_CHANGED_HT; 221 bss_change |= BSS_CHANGED_IBSS; 222 sdata->vif.bss_conf.ibss_joined = true; 223 ieee80211_bss_info_change_notify(sdata, bss_change); 224 225 ieee80211_sta_def_wmm_params(sdata, sband->n_bitrates, supp_rates); 226 227 ifibss->state = IEEE80211_IBSS_MLME_JOINED; 228 mod_timer(&ifibss->timer, 229 round_jiffies(jiffies + IEEE80211_IBSS_MERGE_INTERVAL)); 230 231 bss = cfg80211_inform_bss_frame(local->hw.wiphy, local->hw.conf.channel, 232 mgmt, skb->len, 0, GFP_KERNEL); 233 cfg80211_put_bss(bss); 234 netif_carrier_on(sdata->dev); 235 cfg80211_ibss_joined(sdata->dev, ifibss->bssid, GFP_KERNEL); 236 } 237 238 static void ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata, 239 struct ieee80211_bss *bss) 240 { 241 struct cfg80211_bss *cbss = 242 container_of((void *)bss, struct cfg80211_bss, priv); 243 struct ieee80211_supported_band *sband; 244 u32 basic_rates; 245 int i, j; 246 u16 beacon_int = cbss->beacon_interval; 247 248 lockdep_assert_held(&sdata->u.ibss.mtx); 249 250 if (beacon_int < 10) 251 beacon_int = 10; 252 253 sband = sdata->local->hw.wiphy->bands[cbss->channel->band]; 254 255 basic_rates = 0; 256 257 for (i = 0; i < bss->supp_rates_len; i++) { 258 int rate = (bss->supp_rates[i] & 0x7f) * 5; 259 bool is_basic = !!(bss->supp_rates[i] & 0x80); 260 261 for (j = 0; j < sband->n_bitrates; j++) { 262 if (sband->bitrates[j].bitrate == rate) { 263 if (is_basic) 264 basic_rates |= BIT(j); 265 break; 266 } 267 } 268 } 269 270 __ieee80211_sta_join_ibss(sdata, cbss->bssid, 271 beacon_int, 272 cbss->channel, 273 basic_rates, 274 cbss->capability, 275 cbss->tsf); 276 } 277 278 static struct sta_info *ieee80211_ibss_finish_sta(struct sta_info *sta) 279 __acquires(RCU) 280 { 281 struct ieee80211_sub_if_data *sdata = sta->sdata; 282 u8 addr[ETH_ALEN]; 283 284 memcpy(addr, sta->sta.addr, ETH_ALEN); 285 286 #ifdef CONFIG_MAC80211_VERBOSE_DEBUG 287 wiphy_debug(sdata->local->hw.wiphy, 288 "Adding new IBSS station %pM (dev=%s)\n", 289 addr, sdata->name); 290 #endif 291 292 sta_info_move_state(sta, IEEE80211_STA_AUTH); 293 sta_info_move_state(sta, IEEE80211_STA_ASSOC); 294 sta_info_move_state(sta, IEEE80211_STA_AUTHORIZED); 295 296 rate_control_rate_init(sta); 297 298 /* If it fails, maybe we raced another insertion? */ 299 if (sta_info_insert_rcu(sta)) 300 return sta_info_get(sdata, addr); 301 return sta; 302 } 303 304 static struct sta_info * 305 ieee80211_ibss_add_sta(struct ieee80211_sub_if_data *sdata, 306 const u8 *bssid, const u8 *addr, 307 u32 supp_rates) 308 __acquires(RCU) 309 { 310 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; 311 struct ieee80211_local *local = sdata->local; 312 struct sta_info *sta; 313 int band = local->hw.conf.channel->band; 314 315 /* 316 * XXX: Consider removing the least recently used entry and 317 * allow new one to be added. 318 */ 319 if (local->num_sta >= IEEE80211_IBSS_MAX_STA_ENTRIES) { 320 if (net_ratelimit()) 321 printk(KERN_DEBUG "%s: No room for a new IBSS STA entry %pM\n", 322 sdata->name, addr); 323 rcu_read_lock(); 324 return NULL; 325 } 326 327 if (ifibss->state == IEEE80211_IBSS_MLME_SEARCH) { 328 rcu_read_lock(); 329 return NULL; 330 } 331 332 if (compare_ether_addr(bssid, sdata->u.ibss.bssid)) { 333 rcu_read_lock(); 334 return NULL; 335 } 336 337 sta = sta_info_alloc(sdata, addr, GFP_KERNEL); 338 if (!sta) { 339 rcu_read_lock(); 340 return NULL; 341 } 342 343 sta->last_rx = jiffies; 344 345 /* make sure mandatory rates are always added */ 346 sta->sta.supp_rates[band] = supp_rates | 347 ieee80211_mandatory_rates(local, band); 348 349 return ieee80211_ibss_finish_sta(sta); 350 } 351 352 static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata, 353 struct ieee80211_mgmt *mgmt, 354 size_t len, 355 struct ieee80211_rx_status *rx_status, 356 struct ieee802_11_elems *elems, 357 bool beacon) 358 { 359 struct ieee80211_local *local = sdata->local; 360 int freq; 361 struct cfg80211_bss *cbss; 362 struct ieee80211_bss *bss; 363 struct sta_info *sta; 364 struct ieee80211_channel *channel; 365 u64 beacon_timestamp, rx_timestamp; 366 u32 supp_rates = 0; 367 enum ieee80211_band band = rx_status->band; 368 struct ieee80211_supported_band *sband = local->hw.wiphy->bands[band]; 369 bool rates_updated = false; 370 371 if (elems->ds_params && elems->ds_params_len == 1) 372 freq = ieee80211_channel_to_frequency(elems->ds_params[0], 373 band); 374 else 375 freq = rx_status->freq; 376 377 channel = ieee80211_get_channel(local->hw.wiphy, freq); 378 379 if (!channel || channel->flags & IEEE80211_CHAN_DISABLED) 380 return; 381 382 if (sdata->vif.type == NL80211_IFTYPE_ADHOC && 383 memcmp(mgmt->bssid, sdata->u.ibss.bssid, ETH_ALEN) == 0) { 384 385 rcu_read_lock(); 386 sta = sta_info_get(sdata, mgmt->sa); 387 388 if (elems->supp_rates) { 389 supp_rates = ieee80211_sta_get_rates(local, elems, 390 band); 391 if (sta) { 392 u32 prev_rates; 393 394 prev_rates = sta->sta.supp_rates[band]; 395 /* make sure mandatory rates are always added */ 396 sta->sta.supp_rates[band] = supp_rates | 397 ieee80211_mandatory_rates(local, band); 398 399 if (sta->sta.supp_rates[band] != prev_rates) { 400 #ifdef CONFIG_MAC80211_IBSS_DEBUG 401 printk(KERN_DEBUG 402 "%s: updated supp_rates set " 403 "for %pM based on beacon" 404 "/probe_resp (0x%x -> 0x%x)\n", 405 sdata->name, sta->sta.addr, 406 prev_rates, 407 sta->sta.supp_rates[band]); 408 #endif 409 rates_updated = true; 410 } 411 } else { 412 rcu_read_unlock(); 413 sta = ieee80211_ibss_add_sta(sdata, mgmt->bssid, 414 mgmt->sa, supp_rates); 415 } 416 } 417 418 if (sta && elems->wmm_info) 419 set_sta_flag(sta, WLAN_STA_WME); 420 421 if (sta && elems->ht_info_elem && elems->ht_cap_elem && 422 sdata->u.ibss.channel_type != NL80211_CHAN_NO_HT) { 423 /* we both use HT */ 424 struct ieee80211_sta_ht_cap sta_ht_cap_new; 425 enum nl80211_channel_type channel_type = 426 ieee80211_ht_info_to_channel_type( 427 elems->ht_info_elem); 428 429 ieee80211_ht_cap_ie_to_sta_ht_cap(sdata, sband, 430 elems->ht_cap_elem, 431 &sta_ht_cap_new); 432 433 /* 434 * fall back to HT20 if we don't use or use 435 * the other extension channel 436 */ 437 if ((channel_type == NL80211_CHAN_HT40MINUS || 438 channel_type == NL80211_CHAN_HT40PLUS) && 439 channel_type != sdata->u.ibss.channel_type) 440 sta_ht_cap_new.cap &= 441 ~IEEE80211_HT_CAP_SUP_WIDTH_20_40; 442 443 if (memcmp(&sta->sta.ht_cap, &sta_ht_cap_new, 444 sizeof(sta_ht_cap_new))) { 445 memcpy(&sta->sta.ht_cap, &sta_ht_cap_new, 446 sizeof(sta_ht_cap_new)); 447 rates_updated = true; 448 } 449 } 450 451 if (sta && rates_updated) 452 rate_control_rate_init(sta); 453 454 rcu_read_unlock(); 455 } 456 457 bss = ieee80211_bss_info_update(local, rx_status, mgmt, len, elems, 458 channel, beacon); 459 if (!bss) 460 return; 461 462 cbss = container_of((void *)bss, struct cfg80211_bss, priv); 463 464 /* was just updated in ieee80211_bss_info_update */ 465 beacon_timestamp = cbss->tsf; 466 467 /* check if we need to merge IBSS */ 468 469 /* we use a fixed BSSID */ 470 if (sdata->u.ibss.fixed_bssid) 471 goto put_bss; 472 473 /* not an IBSS */ 474 if (!(cbss->capability & WLAN_CAPABILITY_IBSS)) 475 goto put_bss; 476 477 /* different channel */ 478 if (cbss->channel != local->oper_channel) 479 goto put_bss; 480 481 /* different SSID */ 482 if (elems->ssid_len != sdata->u.ibss.ssid_len || 483 memcmp(elems->ssid, sdata->u.ibss.ssid, 484 sdata->u.ibss.ssid_len)) 485 goto put_bss; 486 487 /* same BSSID */ 488 if (memcmp(cbss->bssid, sdata->u.ibss.bssid, ETH_ALEN) == 0) 489 goto put_bss; 490 491 if (rx_status->flag & RX_FLAG_MACTIME_MPDU) { 492 /* 493 * For correct IBSS merging we need mactime; since mactime is 494 * defined as the time the first data symbol of the frame hits 495 * the PHY, and the timestamp of the beacon is defined as "the 496 * time that the data symbol containing the first bit of the 497 * timestamp is transmitted to the PHY plus the transmitting 498 * STA's delays through its local PHY from the MAC-PHY 499 * interface to its interface with the WM" (802.11 11.1.2) 500 * - equals the time this bit arrives at the receiver - we have 501 * to take into account the offset between the two. 502 * 503 * E.g. at 1 MBit that means mactime is 192 usec earlier 504 * (=24 bytes * 8 usecs/byte) than the beacon timestamp. 505 */ 506 int rate; 507 508 if (rx_status->flag & RX_FLAG_HT) 509 rate = 65; /* TODO: HT rates */ 510 else 511 rate = local->hw.wiphy->bands[band]-> 512 bitrates[rx_status->rate_idx].bitrate; 513 514 rx_timestamp = rx_status->mactime + (24 * 8 * 10 / rate); 515 } else { 516 /* 517 * second best option: get current TSF 518 * (will return -1 if not supported) 519 */ 520 rx_timestamp = drv_get_tsf(local, sdata); 521 } 522 523 #ifdef CONFIG_MAC80211_IBSS_DEBUG 524 printk(KERN_DEBUG "RX beacon SA=%pM BSSID=" 525 "%pM TSF=0x%llx BCN=0x%llx diff=%lld @%lu\n", 526 mgmt->sa, mgmt->bssid, 527 (unsigned long long)rx_timestamp, 528 (unsigned long long)beacon_timestamp, 529 (unsigned long long)(rx_timestamp - beacon_timestamp), 530 jiffies); 531 #endif 532 533 if (beacon_timestamp > rx_timestamp) { 534 #ifdef CONFIG_MAC80211_IBSS_DEBUG 535 printk(KERN_DEBUG "%s: beacon TSF higher than " 536 "local TSF - IBSS merge with BSSID %pM\n", 537 sdata->name, mgmt->bssid); 538 #endif 539 ieee80211_sta_join_ibss(sdata, bss); 540 supp_rates = ieee80211_sta_get_rates(local, elems, band); 541 ieee80211_ibss_add_sta(sdata, mgmt->bssid, mgmt->sa, 542 supp_rates); 543 rcu_read_unlock(); 544 } 545 546 put_bss: 547 ieee80211_rx_bss_put(local, bss); 548 } 549 550 void ieee80211_ibss_rx_no_sta(struct ieee80211_sub_if_data *sdata, 551 const u8 *bssid, const u8 *addr, 552 u32 supp_rates) 553 { 554 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; 555 struct ieee80211_local *local = sdata->local; 556 struct sta_info *sta; 557 int band = local->hw.conf.channel->band; 558 559 /* 560 * XXX: Consider removing the least recently used entry and 561 * allow new one to be added. 562 */ 563 if (local->num_sta >= IEEE80211_IBSS_MAX_STA_ENTRIES) { 564 if (net_ratelimit()) 565 printk(KERN_DEBUG "%s: No room for a new IBSS STA entry %pM\n", 566 sdata->name, addr); 567 return; 568 } 569 570 if (ifibss->state == IEEE80211_IBSS_MLME_SEARCH) 571 return; 572 573 if (compare_ether_addr(bssid, sdata->u.ibss.bssid)) 574 return; 575 576 sta = sta_info_alloc(sdata, addr, GFP_ATOMIC); 577 if (!sta) 578 return; 579 580 sta->last_rx = jiffies; 581 582 /* make sure mandatory rates are always added */ 583 sta->sta.supp_rates[band] = supp_rates | 584 ieee80211_mandatory_rates(local, band); 585 586 spin_lock(&ifibss->incomplete_lock); 587 list_add(&sta->list, &ifibss->incomplete_stations); 588 spin_unlock(&ifibss->incomplete_lock); 589 ieee80211_queue_work(&local->hw, &sdata->work); 590 } 591 592 static int ieee80211_sta_active_ibss(struct ieee80211_sub_if_data *sdata) 593 { 594 struct ieee80211_local *local = sdata->local; 595 int active = 0; 596 struct sta_info *sta; 597 598 lockdep_assert_held(&sdata->u.ibss.mtx); 599 600 rcu_read_lock(); 601 602 list_for_each_entry_rcu(sta, &local->sta_list, list) { 603 if (sta->sdata == sdata && 604 time_after(sta->last_rx + IEEE80211_IBSS_MERGE_INTERVAL, 605 jiffies)) { 606 active++; 607 break; 608 } 609 } 610 611 rcu_read_unlock(); 612 613 return active; 614 } 615 616 /* 617 * This function is called with state == IEEE80211_IBSS_MLME_JOINED 618 */ 619 620 static void ieee80211_sta_merge_ibss(struct ieee80211_sub_if_data *sdata) 621 { 622 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; 623 624 lockdep_assert_held(&ifibss->mtx); 625 626 mod_timer(&ifibss->timer, 627 round_jiffies(jiffies + IEEE80211_IBSS_MERGE_INTERVAL)); 628 629 ieee80211_sta_expire(sdata, IEEE80211_IBSS_INACTIVITY_LIMIT); 630 631 if (time_before(jiffies, ifibss->last_scan_completed + 632 IEEE80211_IBSS_MERGE_INTERVAL)) 633 return; 634 635 if (ieee80211_sta_active_ibss(sdata)) 636 return; 637 638 if (ifibss->fixed_channel) 639 return; 640 641 printk(KERN_DEBUG "%s: No active IBSS STAs - trying to scan for other " 642 "IBSS networks with same SSID (merge)\n", sdata->name); 643 644 ieee80211_request_internal_scan(sdata, 645 ifibss->ssid, ifibss->ssid_len, 646 ifibss->fixed_channel ? ifibss->channel : NULL); 647 } 648 649 static void ieee80211_sta_create_ibss(struct ieee80211_sub_if_data *sdata) 650 { 651 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; 652 u8 bssid[ETH_ALEN]; 653 u16 capability; 654 int i; 655 656 lockdep_assert_held(&ifibss->mtx); 657 658 if (ifibss->fixed_bssid) { 659 memcpy(bssid, ifibss->bssid, ETH_ALEN); 660 } else { 661 /* Generate random, not broadcast, locally administered BSSID. Mix in 662 * own MAC address to make sure that devices that do not have proper 663 * random number generator get different BSSID. */ 664 get_random_bytes(bssid, ETH_ALEN); 665 for (i = 0; i < ETH_ALEN; i++) 666 bssid[i] ^= sdata->vif.addr[i]; 667 bssid[0] &= ~0x01; 668 bssid[0] |= 0x02; 669 } 670 671 printk(KERN_DEBUG "%s: Creating new IBSS network, BSSID %pM\n", 672 sdata->name, bssid); 673 674 capability = WLAN_CAPABILITY_IBSS; 675 676 if (ifibss->privacy) 677 capability |= WLAN_CAPABILITY_PRIVACY; 678 else 679 sdata->drop_unencrypted = 0; 680 681 __ieee80211_sta_join_ibss(sdata, bssid, sdata->vif.bss_conf.beacon_int, 682 ifibss->channel, ifibss->basic_rates, 683 capability, 0); 684 } 685 686 /* 687 * This function is called with state == IEEE80211_IBSS_MLME_SEARCH 688 */ 689 690 static void ieee80211_sta_find_ibss(struct ieee80211_sub_if_data *sdata) 691 { 692 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; 693 struct ieee80211_local *local = sdata->local; 694 struct cfg80211_bss *cbss; 695 struct ieee80211_channel *chan = NULL; 696 const u8 *bssid = NULL; 697 int active_ibss; 698 u16 capability; 699 700 lockdep_assert_held(&ifibss->mtx); 701 702 active_ibss = ieee80211_sta_active_ibss(sdata); 703 #ifdef CONFIG_MAC80211_IBSS_DEBUG 704 printk(KERN_DEBUG "%s: sta_find_ibss (active_ibss=%d)\n", 705 sdata->name, active_ibss); 706 #endif /* CONFIG_MAC80211_IBSS_DEBUG */ 707 708 if (active_ibss) 709 return; 710 711 capability = WLAN_CAPABILITY_IBSS; 712 if (ifibss->privacy) 713 capability |= WLAN_CAPABILITY_PRIVACY; 714 if (ifibss->fixed_bssid) 715 bssid = ifibss->bssid; 716 if (ifibss->fixed_channel) 717 chan = ifibss->channel; 718 if (!is_zero_ether_addr(ifibss->bssid)) 719 bssid = ifibss->bssid; 720 cbss = cfg80211_get_bss(local->hw.wiphy, chan, bssid, 721 ifibss->ssid, ifibss->ssid_len, 722 WLAN_CAPABILITY_IBSS | WLAN_CAPABILITY_PRIVACY, 723 capability); 724 725 if (cbss) { 726 struct ieee80211_bss *bss; 727 728 bss = (void *)cbss->priv; 729 #ifdef CONFIG_MAC80211_IBSS_DEBUG 730 printk(KERN_DEBUG " sta_find_ibss: selected %pM current " 731 "%pM\n", cbss->bssid, ifibss->bssid); 732 #endif /* CONFIG_MAC80211_IBSS_DEBUG */ 733 734 printk(KERN_DEBUG "%s: Selected IBSS BSSID %pM" 735 " based on configured SSID\n", 736 sdata->name, cbss->bssid); 737 738 ieee80211_sta_join_ibss(sdata, bss); 739 ieee80211_rx_bss_put(local, bss); 740 return; 741 } 742 743 #ifdef CONFIG_MAC80211_IBSS_DEBUG 744 printk(KERN_DEBUG " did not try to join ibss\n"); 745 #endif /* CONFIG_MAC80211_IBSS_DEBUG */ 746 747 /* Selected IBSS not found in current scan results - try to scan */ 748 if (time_after(jiffies, ifibss->last_scan_completed + 749 IEEE80211_SCAN_INTERVAL)) { 750 printk(KERN_DEBUG "%s: Trigger new scan to find an IBSS to " 751 "join\n", sdata->name); 752 753 ieee80211_request_internal_scan(sdata, 754 ifibss->ssid, ifibss->ssid_len, 755 ifibss->fixed_channel ? ifibss->channel : NULL); 756 } else { 757 int interval = IEEE80211_SCAN_INTERVAL; 758 759 if (time_after(jiffies, ifibss->ibss_join_req + 760 IEEE80211_IBSS_JOIN_TIMEOUT)) { 761 if (!(local->oper_channel->flags & IEEE80211_CHAN_NO_IBSS)) { 762 ieee80211_sta_create_ibss(sdata); 763 return; 764 } 765 printk(KERN_DEBUG "%s: IBSS not allowed on" 766 " %d MHz\n", sdata->name, 767 local->hw.conf.channel->center_freq); 768 769 /* No IBSS found - decrease scan interval and continue 770 * scanning. */ 771 interval = IEEE80211_SCAN_INTERVAL_SLOW; 772 } 773 774 mod_timer(&ifibss->timer, 775 round_jiffies(jiffies + interval)); 776 } 777 } 778 779 static void ieee80211_rx_mgmt_probe_req(struct ieee80211_sub_if_data *sdata, 780 struct sk_buff *req) 781 { 782 struct ieee80211_mgmt *mgmt = (void *)req->data; 783 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; 784 struct ieee80211_local *local = sdata->local; 785 int tx_last_beacon, len = req->len; 786 struct sk_buff *skb; 787 struct ieee80211_mgmt *resp; 788 struct sk_buff *presp; 789 u8 *pos, *end; 790 791 lockdep_assert_held(&ifibss->mtx); 792 793 presp = rcu_dereference_protected(ifibss->presp, 794 lockdep_is_held(&ifibss->mtx)); 795 796 if (ifibss->state != IEEE80211_IBSS_MLME_JOINED || 797 len < 24 + 2 || !presp) 798 return; 799 800 tx_last_beacon = drv_tx_last_beacon(local); 801 802 #ifdef CONFIG_MAC80211_IBSS_DEBUG 803 printk(KERN_DEBUG "%s: RX ProbeReq SA=%pM DA=%pM BSSID=%pM" 804 " (tx_last_beacon=%d)\n", 805 sdata->name, mgmt->sa, mgmt->da, 806 mgmt->bssid, tx_last_beacon); 807 #endif /* CONFIG_MAC80211_IBSS_DEBUG */ 808 809 if (!tx_last_beacon && is_multicast_ether_addr(mgmt->da)) 810 return; 811 812 if (memcmp(mgmt->bssid, ifibss->bssid, ETH_ALEN) != 0 && 813 memcmp(mgmt->bssid, "\xff\xff\xff\xff\xff\xff", ETH_ALEN) != 0) 814 return; 815 816 end = ((u8 *) mgmt) + len; 817 pos = mgmt->u.probe_req.variable; 818 if (pos[0] != WLAN_EID_SSID || 819 pos + 2 + pos[1] > end) { 820 #ifdef CONFIG_MAC80211_IBSS_DEBUG 821 printk(KERN_DEBUG "%s: Invalid SSID IE in ProbeReq " 822 "from %pM\n", 823 sdata->name, mgmt->sa); 824 #endif 825 return; 826 } 827 if (pos[1] != 0 && 828 (pos[1] != ifibss->ssid_len || 829 memcmp(pos + 2, ifibss->ssid, ifibss->ssid_len))) { 830 /* Ignore ProbeReq for foreign SSID */ 831 return; 832 } 833 834 /* Reply with ProbeResp */ 835 skb = skb_copy(presp, GFP_KERNEL); 836 if (!skb) 837 return; 838 839 resp = (struct ieee80211_mgmt *) skb->data; 840 memcpy(resp->da, mgmt->sa, ETH_ALEN); 841 #ifdef CONFIG_MAC80211_IBSS_DEBUG 842 printk(KERN_DEBUG "%s: Sending ProbeResp to %pM\n", 843 sdata->name, resp->da); 844 #endif /* CONFIG_MAC80211_IBSS_DEBUG */ 845 IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT; 846 ieee80211_tx_skb(sdata, skb); 847 } 848 849 static void ieee80211_rx_mgmt_probe_resp(struct ieee80211_sub_if_data *sdata, 850 struct ieee80211_mgmt *mgmt, 851 size_t len, 852 struct ieee80211_rx_status *rx_status) 853 { 854 size_t baselen; 855 struct ieee802_11_elems elems; 856 857 if (memcmp(mgmt->da, sdata->vif.addr, ETH_ALEN)) 858 return; /* ignore ProbeResp to foreign address */ 859 860 baselen = (u8 *) mgmt->u.probe_resp.variable - (u8 *) mgmt; 861 if (baselen > len) 862 return; 863 864 ieee802_11_parse_elems(mgmt->u.probe_resp.variable, len - baselen, 865 &elems); 866 867 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems, false); 868 } 869 870 static void ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata, 871 struct ieee80211_mgmt *mgmt, 872 size_t len, 873 struct ieee80211_rx_status *rx_status) 874 { 875 size_t baselen; 876 struct ieee802_11_elems elems; 877 878 /* Process beacon from the current BSS */ 879 baselen = (u8 *) mgmt->u.beacon.variable - (u8 *) mgmt; 880 if (baselen > len) 881 return; 882 883 ieee802_11_parse_elems(mgmt->u.beacon.variable, len - baselen, &elems); 884 885 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems, true); 886 } 887 888 void ieee80211_ibss_rx_queued_mgmt(struct ieee80211_sub_if_data *sdata, 889 struct sk_buff *skb) 890 { 891 struct ieee80211_rx_status *rx_status; 892 struct ieee80211_mgmt *mgmt; 893 u16 fc; 894 895 rx_status = IEEE80211_SKB_RXCB(skb); 896 mgmt = (struct ieee80211_mgmt *) skb->data; 897 fc = le16_to_cpu(mgmt->frame_control); 898 899 mutex_lock(&sdata->u.ibss.mtx); 900 901 if (!sdata->u.ibss.ssid_len) 902 goto mgmt_out; /* not ready to merge yet */ 903 904 switch (fc & IEEE80211_FCTL_STYPE) { 905 case IEEE80211_STYPE_PROBE_REQ: 906 ieee80211_rx_mgmt_probe_req(sdata, skb); 907 break; 908 case IEEE80211_STYPE_PROBE_RESP: 909 ieee80211_rx_mgmt_probe_resp(sdata, mgmt, skb->len, 910 rx_status); 911 break; 912 case IEEE80211_STYPE_BEACON: 913 ieee80211_rx_mgmt_beacon(sdata, mgmt, skb->len, 914 rx_status); 915 break; 916 case IEEE80211_STYPE_AUTH: 917 ieee80211_rx_mgmt_auth_ibss(sdata, mgmt, skb->len); 918 break; 919 } 920 921 mgmt_out: 922 mutex_unlock(&sdata->u.ibss.mtx); 923 } 924 925 void ieee80211_ibss_work(struct ieee80211_sub_if_data *sdata) 926 { 927 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; 928 struct sta_info *sta; 929 930 mutex_lock(&ifibss->mtx); 931 932 /* 933 * Work could be scheduled after scan or similar 934 * when we aren't even joined (or trying) with a 935 * network. 936 */ 937 if (!ifibss->ssid_len) 938 goto out; 939 940 spin_lock_bh(&ifibss->incomplete_lock); 941 while (!list_empty(&ifibss->incomplete_stations)) { 942 sta = list_first_entry(&ifibss->incomplete_stations, 943 struct sta_info, list); 944 list_del(&sta->list); 945 spin_unlock_bh(&ifibss->incomplete_lock); 946 947 ieee80211_ibss_finish_sta(sta); 948 rcu_read_unlock(); 949 spin_lock_bh(&ifibss->incomplete_lock); 950 } 951 spin_unlock_bh(&ifibss->incomplete_lock); 952 953 switch (ifibss->state) { 954 case IEEE80211_IBSS_MLME_SEARCH: 955 ieee80211_sta_find_ibss(sdata); 956 break; 957 case IEEE80211_IBSS_MLME_JOINED: 958 ieee80211_sta_merge_ibss(sdata); 959 break; 960 default: 961 WARN_ON(1); 962 break; 963 } 964 965 out: 966 mutex_unlock(&ifibss->mtx); 967 } 968 969 static void ieee80211_ibss_timer(unsigned long data) 970 { 971 struct ieee80211_sub_if_data *sdata = 972 (struct ieee80211_sub_if_data *) data; 973 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; 974 struct ieee80211_local *local = sdata->local; 975 976 if (local->quiescing) { 977 ifibss->timer_running = true; 978 return; 979 } 980 981 ieee80211_queue_work(&local->hw, &sdata->work); 982 } 983 984 #ifdef CONFIG_PM 985 void ieee80211_ibss_quiesce(struct ieee80211_sub_if_data *sdata) 986 { 987 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; 988 989 if (del_timer_sync(&ifibss->timer)) 990 ifibss->timer_running = true; 991 } 992 993 void ieee80211_ibss_restart(struct ieee80211_sub_if_data *sdata) 994 { 995 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; 996 997 if (ifibss->timer_running) { 998 add_timer(&ifibss->timer); 999 ifibss->timer_running = false; 1000 } 1001 } 1002 #endif 1003 1004 void ieee80211_ibss_setup_sdata(struct ieee80211_sub_if_data *sdata) 1005 { 1006 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; 1007 1008 setup_timer(&ifibss->timer, ieee80211_ibss_timer, 1009 (unsigned long) sdata); 1010 mutex_init(&ifibss->mtx); 1011 INIT_LIST_HEAD(&ifibss->incomplete_stations); 1012 spin_lock_init(&ifibss->incomplete_lock); 1013 } 1014 1015 /* scan finished notification */ 1016 void ieee80211_ibss_notify_scan_completed(struct ieee80211_local *local) 1017 { 1018 struct ieee80211_sub_if_data *sdata; 1019 1020 mutex_lock(&local->iflist_mtx); 1021 list_for_each_entry(sdata, &local->interfaces, list) { 1022 if (!ieee80211_sdata_running(sdata)) 1023 continue; 1024 if (sdata->vif.type != NL80211_IFTYPE_ADHOC) 1025 continue; 1026 sdata->u.ibss.last_scan_completed = jiffies; 1027 ieee80211_queue_work(&local->hw, &sdata->work); 1028 } 1029 mutex_unlock(&local->iflist_mtx); 1030 } 1031 1032 int ieee80211_ibss_join(struct ieee80211_sub_if_data *sdata, 1033 struct cfg80211_ibss_params *params) 1034 { 1035 struct sk_buff *skb; 1036 u32 changed = 0; 1037 1038 skb = dev_alloc_skb(sdata->local->hw.extra_tx_headroom + 1039 sizeof(struct ieee80211_hdr_3addr) + 1040 12 /* struct ieee80211_mgmt.u.beacon */ + 1041 2 + IEEE80211_MAX_SSID_LEN /* max SSID */ + 1042 2 + 8 /* max Supported Rates */ + 1043 3 /* max DS params */ + 1044 4 /* IBSS params */ + 1045 2 + (IEEE80211_MAX_SUPP_RATES - 8) + 1046 2 + sizeof(struct ieee80211_ht_cap) + 1047 2 + sizeof(struct ieee80211_ht_info) + 1048 params->ie_len); 1049 if (!skb) 1050 return -ENOMEM; 1051 1052 mutex_lock(&sdata->u.ibss.mtx); 1053 1054 if (params->bssid) { 1055 memcpy(sdata->u.ibss.bssid, params->bssid, ETH_ALEN); 1056 sdata->u.ibss.fixed_bssid = true; 1057 } else 1058 sdata->u.ibss.fixed_bssid = false; 1059 1060 sdata->u.ibss.privacy = params->privacy; 1061 sdata->u.ibss.basic_rates = params->basic_rates; 1062 memcpy(sdata->vif.bss_conf.mcast_rate, params->mcast_rate, 1063 sizeof(params->mcast_rate)); 1064 1065 sdata->vif.bss_conf.beacon_int = params->beacon_interval; 1066 1067 sdata->u.ibss.channel = params->channel; 1068 sdata->u.ibss.channel_type = params->channel_type; 1069 sdata->u.ibss.fixed_channel = params->channel_fixed; 1070 1071 /* fix ourselves to that channel now already */ 1072 if (params->channel_fixed) { 1073 sdata->local->oper_channel = params->channel; 1074 if (!ieee80211_set_channel_type(sdata->local, sdata, 1075 params->channel_type)) { 1076 mutex_unlock(&sdata->u.ibss.mtx); 1077 kfree_skb(skb); 1078 return -EINVAL; 1079 } 1080 } 1081 1082 if (params->ie) { 1083 sdata->u.ibss.ie = kmemdup(params->ie, params->ie_len, 1084 GFP_KERNEL); 1085 if (sdata->u.ibss.ie) 1086 sdata->u.ibss.ie_len = params->ie_len; 1087 } 1088 1089 sdata->u.ibss.skb = skb; 1090 sdata->u.ibss.state = IEEE80211_IBSS_MLME_SEARCH; 1091 sdata->u.ibss.ibss_join_req = jiffies; 1092 1093 memcpy(sdata->u.ibss.ssid, params->ssid, IEEE80211_MAX_SSID_LEN); 1094 sdata->u.ibss.ssid_len = params->ssid_len; 1095 1096 mutex_unlock(&sdata->u.ibss.mtx); 1097 1098 mutex_lock(&sdata->local->mtx); 1099 ieee80211_recalc_idle(sdata->local); 1100 mutex_unlock(&sdata->local->mtx); 1101 1102 /* 1103 * 802.11n-2009 9.13.3.1: In an IBSS, the HT Protection field is 1104 * reserved, but an HT STA shall protect HT transmissions as though 1105 * the HT Protection field were set to non-HT mixed mode. 1106 * 1107 * In an IBSS, the RIFS Mode field of the HT Operation element is 1108 * also reserved, but an HT STA shall operate as though this field 1109 * were set to 1. 1110 */ 1111 1112 sdata->vif.bss_conf.ht_operation_mode |= 1113 IEEE80211_HT_OP_MODE_PROTECTION_NONHT_MIXED 1114 | IEEE80211_HT_PARAM_RIFS_MODE; 1115 1116 changed |= BSS_CHANGED_HT; 1117 ieee80211_bss_info_change_notify(sdata, changed); 1118 1119 ieee80211_queue_work(&sdata->local->hw, &sdata->work); 1120 1121 return 0; 1122 } 1123 1124 int ieee80211_ibss_leave(struct ieee80211_sub_if_data *sdata) 1125 { 1126 struct sk_buff *skb; 1127 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; 1128 struct ieee80211_local *local = sdata->local; 1129 struct cfg80211_bss *cbss; 1130 u16 capability; 1131 int active_ibss; 1132 struct sta_info *sta; 1133 1134 mutex_lock(&sdata->u.ibss.mtx); 1135 1136 sdata->u.ibss.state = IEEE80211_IBSS_MLME_SEARCH; 1137 memset(sdata->u.ibss.bssid, 0, ETH_ALEN); 1138 sdata->u.ibss.ssid_len = 0; 1139 1140 active_ibss = ieee80211_sta_active_ibss(sdata); 1141 1142 if (!active_ibss && !is_zero_ether_addr(ifibss->bssid)) { 1143 capability = WLAN_CAPABILITY_IBSS; 1144 1145 if (ifibss->privacy) 1146 capability |= WLAN_CAPABILITY_PRIVACY; 1147 1148 cbss = cfg80211_get_bss(local->hw.wiphy, ifibss->channel, 1149 ifibss->bssid, ifibss->ssid, 1150 ifibss->ssid_len, WLAN_CAPABILITY_IBSS | 1151 WLAN_CAPABILITY_PRIVACY, 1152 capability); 1153 1154 if (cbss) { 1155 cfg80211_unlink_bss(local->hw.wiphy, cbss); 1156 cfg80211_put_bss(cbss); 1157 } 1158 } 1159 1160 sta_info_flush(sdata->local, sdata); 1161 1162 spin_lock_bh(&ifibss->incomplete_lock); 1163 while (!list_empty(&ifibss->incomplete_stations)) { 1164 sta = list_first_entry(&ifibss->incomplete_stations, 1165 struct sta_info, list); 1166 list_del(&sta->list); 1167 spin_unlock_bh(&ifibss->incomplete_lock); 1168 1169 sta_info_free(local, sta); 1170 spin_lock_bh(&ifibss->incomplete_lock); 1171 } 1172 spin_unlock_bh(&ifibss->incomplete_lock); 1173 1174 netif_carrier_off(sdata->dev); 1175 1176 /* remove beacon */ 1177 kfree(sdata->u.ibss.ie); 1178 skb = rcu_dereference_protected(sdata->u.ibss.presp, 1179 lockdep_is_held(&sdata->u.ibss.mtx)); 1180 RCU_INIT_POINTER(sdata->u.ibss.presp, NULL); 1181 sdata->vif.bss_conf.ibss_joined = false; 1182 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BEACON_ENABLED | 1183 BSS_CHANGED_IBSS); 1184 synchronize_rcu(); 1185 kfree_skb(skb); 1186 1187 skb_queue_purge(&sdata->skb_queue); 1188 1189 del_timer_sync(&sdata->u.ibss.timer); 1190 1191 mutex_unlock(&sdata->u.ibss.mtx); 1192 1193 mutex_lock(&local->mtx); 1194 ieee80211_recalc_idle(sdata->local); 1195 mutex_unlock(&local->mtx); 1196 1197 return 0; 1198 } 1199