1 /* 2 * BSS client mode implementation 3 * Copyright 2003-2008, Jouni Malinen <j@w1.fi> 4 * Copyright 2004, Instant802 Networks, Inc. 5 * Copyright 2005, Devicescape Software, Inc. 6 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz> 7 * Copyright 2007, Michael Wu <flamingice@sourmilk.net> 8 * 9 * This program is free software; you can redistribute it and/or modify 10 * it under the terms of the GNU General Public License version 2 as 11 * published by the Free Software Foundation. 12 */ 13 14 #include <linux/delay.h> 15 #include <linux/if_ether.h> 16 #include <linux/skbuff.h> 17 #include <linux/if_arp.h> 18 #include <linux/etherdevice.h> 19 #include <linux/moduleparam.h> 20 #include <linux/rtnetlink.h> 21 #include <linux/pm_qos.h> 22 #include <linux/crc32.h> 23 #include <linux/slab.h> 24 #include <linux/export.h> 25 #include <net/mac80211.h> 26 #include <asm/unaligned.h> 27 28 #include "ieee80211_i.h" 29 #include "driver-ops.h" 30 #include "rate.h" 31 #include "led.h" 32 33 #define IEEE80211_AUTH_TIMEOUT (HZ / 5) 34 #define IEEE80211_AUTH_MAX_TRIES 3 35 #define IEEE80211_AUTH_WAIT_ASSOC (HZ * 5) 36 #define IEEE80211_ASSOC_TIMEOUT (HZ / 5) 37 #define IEEE80211_ASSOC_MAX_TRIES 3 38 39 static int max_nullfunc_tries = 2; 40 module_param(max_nullfunc_tries, int, 0644); 41 MODULE_PARM_DESC(max_nullfunc_tries, 42 "Maximum nullfunc tx tries before disconnecting (reason 4)."); 43 44 static int max_probe_tries = 5; 45 module_param(max_probe_tries, int, 0644); 46 MODULE_PARM_DESC(max_probe_tries, 47 "Maximum probe tries before disconnecting (reason 4)."); 48 49 /* 50 * Beacon loss timeout is calculated as N frames times the 51 * advertised beacon interval. This may need to be somewhat 52 * higher than what hardware might detect to account for 53 * delays in the host processing frames. But since we also 54 * probe on beacon miss before declaring the connection lost 55 * default to what we want. 56 */ 57 #define IEEE80211_BEACON_LOSS_COUNT 7 58 59 /* 60 * Time the connection can be idle before we probe 61 * it to see if we can still talk to the AP. 62 */ 63 #define IEEE80211_CONNECTION_IDLE_TIME (30 * HZ) 64 /* 65 * Time we wait for a probe response after sending 66 * a probe request because of beacon loss or for 67 * checking the connection still works. 68 */ 69 static int probe_wait_ms = 500; 70 module_param(probe_wait_ms, int, 0644); 71 MODULE_PARM_DESC(probe_wait_ms, 72 "Maximum time(ms) to wait for probe response" 73 " before disconnecting (reason 4)."); 74 75 /* 76 * Weight given to the latest Beacon frame when calculating average signal 77 * strength for Beacon frames received in the current BSS. This must be 78 * between 1 and 15. 79 */ 80 #define IEEE80211_SIGNAL_AVE_WEIGHT 3 81 82 /* 83 * How many Beacon frames need to have been used in average signal strength 84 * before starting to indicate signal change events. 85 */ 86 #define IEEE80211_SIGNAL_AVE_MIN_COUNT 4 87 88 #define TMR_RUNNING_TIMER 0 89 #define TMR_RUNNING_CHANSW 1 90 91 #define DEAUTH_DISASSOC_LEN (24 /* hdr */ + 2 /* reason */) 92 93 /* 94 * All cfg80211 functions have to be called outside a locked 95 * section so that they can acquire a lock themselves... This 96 * is much simpler than queuing up things in cfg80211, but we 97 * do need some indirection for that here. 98 */ 99 enum rx_mgmt_action { 100 /* no action required */ 101 RX_MGMT_NONE, 102 103 /* caller must call cfg80211_send_deauth() */ 104 RX_MGMT_CFG80211_DEAUTH, 105 106 /* caller must call cfg80211_send_disassoc() */ 107 RX_MGMT_CFG80211_DISASSOC, 108 109 /* caller must call cfg80211_send_rx_auth() */ 110 RX_MGMT_CFG80211_RX_AUTH, 111 112 /* caller must call cfg80211_send_rx_assoc() */ 113 RX_MGMT_CFG80211_RX_ASSOC, 114 115 /* caller must call cfg80211_send_assoc_timeout() */ 116 RX_MGMT_CFG80211_ASSOC_TIMEOUT, 117 }; 118 119 /* utils */ 120 static inline void ASSERT_MGD_MTX(struct ieee80211_if_managed *ifmgd) 121 { 122 lockdep_assert_held(&ifmgd->mtx); 123 } 124 125 /* 126 * We can have multiple work items (and connection probing) 127 * scheduling this timer, but we need to take care to only 128 * reschedule it when it should fire _earlier_ than it was 129 * asked for before, or if it's not pending right now. This 130 * function ensures that. Note that it then is required to 131 * run this function for all timeouts after the first one 132 * has happened -- the work that runs from this timer will 133 * do that. 134 */ 135 static void run_again(struct ieee80211_if_managed *ifmgd, unsigned long timeout) 136 { 137 ASSERT_MGD_MTX(ifmgd); 138 139 if (!timer_pending(&ifmgd->timer) || 140 time_before(timeout, ifmgd->timer.expires)) 141 mod_timer(&ifmgd->timer, timeout); 142 } 143 144 void ieee80211_sta_reset_beacon_monitor(struct ieee80211_sub_if_data *sdata) 145 { 146 if (sdata->vif.driver_flags & IEEE80211_VIF_BEACON_FILTER) 147 return; 148 149 mod_timer(&sdata->u.mgd.bcn_mon_timer, 150 round_jiffies_up(jiffies + sdata->u.mgd.beacon_timeout)); 151 } 152 153 void ieee80211_sta_reset_conn_monitor(struct ieee80211_sub_if_data *sdata) 154 { 155 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 156 157 if (unlikely(!sdata->u.mgd.associated)) 158 return; 159 160 if (sdata->local->hw.flags & IEEE80211_HW_CONNECTION_MONITOR) 161 return; 162 163 mod_timer(&sdata->u.mgd.conn_mon_timer, 164 round_jiffies_up(jiffies + IEEE80211_CONNECTION_IDLE_TIME)); 165 166 ifmgd->probe_send_count = 0; 167 } 168 169 static int ecw2cw(int ecw) 170 { 171 return (1 << ecw) - 1; 172 } 173 174 static u32 ieee80211_config_ht_tx(struct ieee80211_sub_if_data *sdata, 175 struct ieee80211_ht_operation *ht_oper, 176 const u8 *bssid, bool reconfig) 177 { 178 struct ieee80211_local *local = sdata->local; 179 struct ieee80211_supported_band *sband; 180 struct sta_info *sta; 181 u32 changed = 0; 182 u16 ht_opmode; 183 bool disable_40 = false; 184 185 sband = local->hw.wiphy->bands[local->hw.conf.channel->band]; 186 187 switch (sdata->vif.bss_conf.channel_type) { 188 case NL80211_CHAN_HT40PLUS: 189 if (local->hw.conf.channel->flags & IEEE80211_CHAN_NO_HT40PLUS) 190 disable_40 = true; 191 break; 192 case NL80211_CHAN_HT40MINUS: 193 if (local->hw.conf.channel->flags & IEEE80211_CHAN_NO_HT40MINUS) 194 disable_40 = true; 195 break; 196 default: 197 break; 198 } 199 200 /* This can change during the lifetime of the BSS */ 201 if (!(ht_oper->ht_param & IEEE80211_HT_PARAM_CHAN_WIDTH_ANY)) 202 disable_40 = true; 203 204 mutex_lock(&local->sta_mtx); 205 sta = sta_info_get(sdata, bssid); 206 207 WARN_ON_ONCE(!sta); 208 209 if (sta && !sta->supports_40mhz) 210 disable_40 = true; 211 212 if (sta && (!reconfig || 213 (disable_40 != !(sta->sta.ht_cap.cap & 214 IEEE80211_HT_CAP_SUP_WIDTH_20_40)))) { 215 216 if (disable_40) 217 sta->sta.ht_cap.cap &= ~IEEE80211_HT_CAP_SUP_WIDTH_20_40; 218 else 219 sta->sta.ht_cap.cap |= IEEE80211_HT_CAP_SUP_WIDTH_20_40; 220 221 rate_control_rate_update(local, sband, sta, 222 IEEE80211_RC_BW_CHANGED); 223 } 224 mutex_unlock(&local->sta_mtx); 225 226 ht_opmode = le16_to_cpu(ht_oper->operation_mode); 227 228 /* if bss configuration changed store the new one */ 229 if (!reconfig || (sdata->vif.bss_conf.ht_operation_mode != ht_opmode)) { 230 changed |= BSS_CHANGED_HT; 231 sdata->vif.bss_conf.ht_operation_mode = ht_opmode; 232 } 233 234 return changed; 235 } 236 237 /* frame sending functions */ 238 239 static int ieee80211_compatible_rates(const u8 *supp_rates, int supp_rates_len, 240 struct ieee80211_supported_band *sband, 241 u32 *rates) 242 { 243 int i, j, count; 244 *rates = 0; 245 count = 0; 246 for (i = 0; i < supp_rates_len; i++) { 247 int rate = (supp_rates[i] & 0x7F) * 5; 248 249 for (j = 0; j < sband->n_bitrates; j++) 250 if (sband->bitrates[j].bitrate == rate) { 251 *rates |= BIT(j); 252 count++; 253 break; 254 } 255 } 256 257 return count; 258 } 259 260 static void ieee80211_add_ht_ie(struct ieee80211_sub_if_data *sdata, 261 struct sk_buff *skb, u8 ap_ht_param, 262 struct ieee80211_supported_band *sband, 263 struct ieee80211_channel *channel, 264 enum ieee80211_smps_mode smps) 265 { 266 u8 *pos; 267 u32 flags = channel->flags; 268 u16 cap; 269 struct ieee80211_sta_ht_cap ht_cap; 270 271 BUILD_BUG_ON(sizeof(ht_cap) != sizeof(sband->ht_cap)); 272 273 memcpy(&ht_cap, &sband->ht_cap, sizeof(ht_cap)); 274 ieee80211_apply_htcap_overrides(sdata, &ht_cap); 275 276 /* determine capability flags */ 277 cap = ht_cap.cap; 278 279 switch (ap_ht_param & IEEE80211_HT_PARAM_CHA_SEC_OFFSET) { 280 case IEEE80211_HT_PARAM_CHA_SEC_ABOVE: 281 if (flags & IEEE80211_CHAN_NO_HT40PLUS) { 282 cap &= ~IEEE80211_HT_CAP_SUP_WIDTH_20_40; 283 cap &= ~IEEE80211_HT_CAP_SGI_40; 284 } 285 break; 286 case IEEE80211_HT_PARAM_CHA_SEC_BELOW: 287 if (flags & IEEE80211_CHAN_NO_HT40MINUS) { 288 cap &= ~IEEE80211_HT_CAP_SUP_WIDTH_20_40; 289 cap &= ~IEEE80211_HT_CAP_SGI_40; 290 } 291 break; 292 } 293 294 /* 295 * If 40 MHz was disabled associate as though we weren't 296 * capable of 40 MHz -- some broken APs will never fall 297 * back to trying to transmit in 20 MHz. 298 */ 299 if (sdata->u.mgd.flags & IEEE80211_STA_DISABLE_40MHZ) { 300 cap &= ~IEEE80211_HT_CAP_SUP_WIDTH_20_40; 301 cap &= ~IEEE80211_HT_CAP_SGI_40; 302 } 303 304 /* set SM PS mode properly */ 305 cap &= ~IEEE80211_HT_CAP_SM_PS; 306 switch (smps) { 307 case IEEE80211_SMPS_AUTOMATIC: 308 case IEEE80211_SMPS_NUM_MODES: 309 WARN_ON(1); 310 case IEEE80211_SMPS_OFF: 311 cap |= WLAN_HT_CAP_SM_PS_DISABLED << 312 IEEE80211_HT_CAP_SM_PS_SHIFT; 313 break; 314 case IEEE80211_SMPS_STATIC: 315 cap |= WLAN_HT_CAP_SM_PS_STATIC << 316 IEEE80211_HT_CAP_SM_PS_SHIFT; 317 break; 318 case IEEE80211_SMPS_DYNAMIC: 319 cap |= WLAN_HT_CAP_SM_PS_DYNAMIC << 320 IEEE80211_HT_CAP_SM_PS_SHIFT; 321 break; 322 } 323 324 /* reserve and fill IE */ 325 pos = skb_put(skb, sizeof(struct ieee80211_ht_cap) + 2); 326 ieee80211_ie_build_ht_cap(pos, &ht_cap, cap); 327 } 328 329 static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata) 330 { 331 struct ieee80211_local *local = sdata->local; 332 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 333 struct ieee80211_mgd_assoc_data *assoc_data = ifmgd->assoc_data; 334 struct sk_buff *skb; 335 struct ieee80211_mgmt *mgmt; 336 u8 *pos, qos_info; 337 size_t offset = 0, noffset; 338 int i, count, rates_len, supp_rates_len; 339 u16 capab; 340 struct ieee80211_supported_band *sband; 341 u32 rates = 0; 342 343 lockdep_assert_held(&ifmgd->mtx); 344 345 sband = local->hw.wiphy->bands[local->oper_channel->band]; 346 347 if (assoc_data->supp_rates_len) { 348 /* 349 * Get all rates supported by the device and the AP as 350 * some APs don't like getting a superset of their rates 351 * in the association request (e.g. D-Link DAP 1353 in 352 * b-only mode)... 353 */ 354 rates_len = ieee80211_compatible_rates(assoc_data->supp_rates, 355 assoc_data->supp_rates_len, 356 sband, &rates); 357 } else { 358 /* 359 * In case AP not provide any supported rates information 360 * before association, we send information element(s) with 361 * all rates that we support. 362 */ 363 rates = ~0; 364 rates_len = sband->n_bitrates; 365 } 366 367 skb = alloc_skb(local->hw.extra_tx_headroom + 368 sizeof(*mgmt) + /* bit too much but doesn't matter */ 369 2 + assoc_data->ssid_len + /* SSID */ 370 4 + rates_len + /* (extended) rates */ 371 4 + /* power capability */ 372 2 + 2 * sband->n_channels + /* supported channels */ 373 2 + sizeof(struct ieee80211_ht_cap) + /* HT */ 374 assoc_data->ie_len + /* extra IEs */ 375 9, /* WMM */ 376 GFP_KERNEL); 377 if (!skb) 378 return; 379 380 skb_reserve(skb, local->hw.extra_tx_headroom); 381 382 capab = WLAN_CAPABILITY_ESS; 383 384 if (sband->band == IEEE80211_BAND_2GHZ) { 385 if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_SLOT_INCAPABLE)) 386 capab |= WLAN_CAPABILITY_SHORT_SLOT_TIME; 387 if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_PREAMBLE_INCAPABLE)) 388 capab |= WLAN_CAPABILITY_SHORT_PREAMBLE; 389 } 390 391 if (assoc_data->capability & WLAN_CAPABILITY_PRIVACY) 392 capab |= WLAN_CAPABILITY_PRIVACY; 393 394 if ((assoc_data->capability & WLAN_CAPABILITY_SPECTRUM_MGMT) && 395 (local->hw.flags & IEEE80211_HW_SPECTRUM_MGMT)) 396 capab |= WLAN_CAPABILITY_SPECTRUM_MGMT; 397 398 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24); 399 memset(mgmt, 0, 24); 400 memcpy(mgmt->da, assoc_data->bss->bssid, ETH_ALEN); 401 memcpy(mgmt->sa, sdata->vif.addr, ETH_ALEN); 402 memcpy(mgmt->bssid, assoc_data->bss->bssid, ETH_ALEN); 403 404 if (!is_zero_ether_addr(assoc_data->prev_bssid)) { 405 skb_put(skb, 10); 406 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | 407 IEEE80211_STYPE_REASSOC_REQ); 408 mgmt->u.reassoc_req.capab_info = cpu_to_le16(capab); 409 mgmt->u.reassoc_req.listen_interval = 410 cpu_to_le16(local->hw.conf.listen_interval); 411 memcpy(mgmt->u.reassoc_req.current_ap, assoc_data->prev_bssid, 412 ETH_ALEN); 413 } else { 414 skb_put(skb, 4); 415 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | 416 IEEE80211_STYPE_ASSOC_REQ); 417 mgmt->u.assoc_req.capab_info = cpu_to_le16(capab); 418 mgmt->u.assoc_req.listen_interval = 419 cpu_to_le16(local->hw.conf.listen_interval); 420 } 421 422 /* SSID */ 423 pos = skb_put(skb, 2 + assoc_data->ssid_len); 424 *pos++ = WLAN_EID_SSID; 425 *pos++ = assoc_data->ssid_len; 426 memcpy(pos, assoc_data->ssid, assoc_data->ssid_len); 427 428 /* add all rates which were marked to be used above */ 429 supp_rates_len = rates_len; 430 if (supp_rates_len > 8) 431 supp_rates_len = 8; 432 433 pos = skb_put(skb, supp_rates_len + 2); 434 *pos++ = WLAN_EID_SUPP_RATES; 435 *pos++ = supp_rates_len; 436 437 count = 0; 438 for (i = 0; i < sband->n_bitrates; i++) { 439 if (BIT(i) & rates) { 440 int rate = sband->bitrates[i].bitrate; 441 *pos++ = (u8) (rate / 5); 442 if (++count == 8) 443 break; 444 } 445 } 446 447 if (rates_len > count) { 448 pos = skb_put(skb, rates_len - count + 2); 449 *pos++ = WLAN_EID_EXT_SUPP_RATES; 450 *pos++ = rates_len - count; 451 452 for (i++; i < sband->n_bitrates; i++) { 453 if (BIT(i) & rates) { 454 int rate = sband->bitrates[i].bitrate; 455 *pos++ = (u8) (rate / 5); 456 } 457 } 458 } 459 460 if (capab & WLAN_CAPABILITY_SPECTRUM_MGMT) { 461 /* 1. power capabilities */ 462 pos = skb_put(skb, 4); 463 *pos++ = WLAN_EID_PWR_CAPABILITY; 464 *pos++ = 2; 465 *pos++ = 0; /* min tx power */ 466 *pos++ = local->oper_channel->max_power; /* max tx power */ 467 468 /* 2. supported channels */ 469 /* TODO: get this in reg domain format */ 470 pos = skb_put(skb, 2 * sband->n_channels + 2); 471 *pos++ = WLAN_EID_SUPPORTED_CHANNELS; 472 *pos++ = 2 * sband->n_channels; 473 for (i = 0; i < sband->n_channels; i++) { 474 *pos++ = ieee80211_frequency_to_channel( 475 sband->channels[i].center_freq); 476 *pos++ = 1; /* one channel in the subband*/ 477 } 478 } 479 480 /* if present, add any custom IEs that go before HT */ 481 if (assoc_data->ie_len && assoc_data->ie) { 482 static const u8 before_ht[] = { 483 WLAN_EID_SSID, 484 WLAN_EID_SUPP_RATES, 485 WLAN_EID_EXT_SUPP_RATES, 486 WLAN_EID_PWR_CAPABILITY, 487 WLAN_EID_SUPPORTED_CHANNELS, 488 WLAN_EID_RSN, 489 WLAN_EID_QOS_CAPA, 490 WLAN_EID_RRM_ENABLED_CAPABILITIES, 491 WLAN_EID_MOBILITY_DOMAIN, 492 WLAN_EID_SUPPORTED_REGULATORY_CLASSES, 493 }; 494 noffset = ieee80211_ie_split(assoc_data->ie, assoc_data->ie_len, 495 before_ht, ARRAY_SIZE(before_ht), 496 offset); 497 pos = skb_put(skb, noffset - offset); 498 memcpy(pos, assoc_data->ie + offset, noffset - offset); 499 offset = noffset; 500 } 501 502 if (!(ifmgd->flags & IEEE80211_STA_DISABLE_11N)) 503 ieee80211_add_ht_ie(sdata, skb, assoc_data->ap_ht_param, 504 sband, local->oper_channel, ifmgd->ap_smps); 505 506 /* if present, add any custom non-vendor IEs that go after HT */ 507 if (assoc_data->ie_len && assoc_data->ie) { 508 noffset = ieee80211_ie_split_vendor(assoc_data->ie, 509 assoc_data->ie_len, 510 offset); 511 pos = skb_put(skb, noffset - offset); 512 memcpy(pos, assoc_data->ie + offset, noffset - offset); 513 offset = noffset; 514 } 515 516 if (assoc_data->wmm) { 517 if (assoc_data->uapsd) { 518 qos_info = ifmgd->uapsd_queues; 519 qos_info |= (ifmgd->uapsd_max_sp_len << 520 IEEE80211_WMM_IE_STA_QOSINFO_SP_SHIFT); 521 } else { 522 qos_info = 0; 523 } 524 525 pos = skb_put(skb, 9); 526 *pos++ = WLAN_EID_VENDOR_SPECIFIC; 527 *pos++ = 7; /* len */ 528 *pos++ = 0x00; /* Microsoft OUI 00:50:F2 */ 529 *pos++ = 0x50; 530 *pos++ = 0xf2; 531 *pos++ = 2; /* WME */ 532 *pos++ = 0; /* WME info */ 533 *pos++ = 1; /* WME ver */ 534 *pos++ = qos_info; 535 } 536 537 /* add any remaining custom (i.e. vendor specific here) IEs */ 538 if (assoc_data->ie_len && assoc_data->ie) { 539 noffset = assoc_data->ie_len; 540 pos = skb_put(skb, noffset - offset); 541 memcpy(pos, assoc_data->ie + offset, noffset - offset); 542 } 543 544 drv_mgd_prepare_tx(local, sdata); 545 546 IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT; 547 ieee80211_tx_skb(sdata, skb); 548 } 549 550 static void ieee80211_send_deauth_disassoc(struct ieee80211_sub_if_data *sdata, 551 const u8 *bssid, u16 stype, 552 u16 reason, bool send_frame, 553 u8 *frame_buf) 554 { 555 struct ieee80211_local *local = sdata->local; 556 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 557 struct sk_buff *skb; 558 struct ieee80211_mgmt *mgmt = (void *)frame_buf; 559 560 /* build frame */ 561 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | stype); 562 mgmt->duration = 0; /* initialize only */ 563 mgmt->seq_ctrl = 0; /* initialize only */ 564 memcpy(mgmt->da, bssid, ETH_ALEN); 565 memcpy(mgmt->sa, sdata->vif.addr, ETH_ALEN); 566 memcpy(mgmt->bssid, bssid, ETH_ALEN); 567 /* u.deauth.reason_code == u.disassoc.reason_code */ 568 mgmt->u.deauth.reason_code = cpu_to_le16(reason); 569 570 if (send_frame) { 571 skb = dev_alloc_skb(local->hw.extra_tx_headroom + 572 DEAUTH_DISASSOC_LEN); 573 if (!skb) 574 return; 575 576 skb_reserve(skb, local->hw.extra_tx_headroom); 577 578 /* copy in frame */ 579 memcpy(skb_put(skb, DEAUTH_DISASSOC_LEN), 580 mgmt, DEAUTH_DISASSOC_LEN); 581 582 if (!(ifmgd->flags & IEEE80211_STA_MFP_ENABLED)) 583 IEEE80211_SKB_CB(skb)->flags |= 584 IEEE80211_TX_INTFL_DONT_ENCRYPT; 585 586 drv_mgd_prepare_tx(local, sdata); 587 588 ieee80211_tx_skb(sdata, skb); 589 } 590 } 591 592 void ieee80211_send_pspoll(struct ieee80211_local *local, 593 struct ieee80211_sub_if_data *sdata) 594 { 595 struct ieee80211_pspoll *pspoll; 596 struct sk_buff *skb; 597 598 skb = ieee80211_pspoll_get(&local->hw, &sdata->vif); 599 if (!skb) 600 return; 601 602 pspoll = (struct ieee80211_pspoll *) skb->data; 603 pspoll->frame_control |= cpu_to_le16(IEEE80211_FCTL_PM); 604 605 IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT; 606 ieee80211_tx_skb(sdata, skb); 607 } 608 609 void ieee80211_send_nullfunc(struct ieee80211_local *local, 610 struct ieee80211_sub_if_data *sdata, 611 int powersave) 612 { 613 struct sk_buff *skb; 614 struct ieee80211_hdr_3addr *nullfunc; 615 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 616 617 skb = ieee80211_nullfunc_get(&local->hw, &sdata->vif); 618 if (!skb) 619 return; 620 621 nullfunc = (struct ieee80211_hdr_3addr *) skb->data; 622 if (powersave) 623 nullfunc->frame_control |= cpu_to_le16(IEEE80211_FCTL_PM); 624 625 IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT; 626 if (ifmgd->flags & (IEEE80211_STA_BEACON_POLL | 627 IEEE80211_STA_CONNECTION_POLL)) 628 IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_CTL_USE_MINRATE; 629 630 ieee80211_tx_skb(sdata, skb); 631 } 632 633 static void ieee80211_send_4addr_nullfunc(struct ieee80211_local *local, 634 struct ieee80211_sub_if_data *sdata) 635 { 636 struct sk_buff *skb; 637 struct ieee80211_hdr *nullfunc; 638 __le16 fc; 639 640 if (WARN_ON(sdata->vif.type != NL80211_IFTYPE_STATION)) 641 return; 642 643 skb = dev_alloc_skb(local->hw.extra_tx_headroom + 30); 644 if (!skb) 645 return; 646 647 skb_reserve(skb, local->hw.extra_tx_headroom); 648 649 nullfunc = (struct ieee80211_hdr *) skb_put(skb, 30); 650 memset(nullfunc, 0, 30); 651 fc = cpu_to_le16(IEEE80211_FTYPE_DATA | IEEE80211_STYPE_NULLFUNC | 652 IEEE80211_FCTL_FROMDS | IEEE80211_FCTL_TODS); 653 nullfunc->frame_control = fc; 654 memcpy(nullfunc->addr1, sdata->u.mgd.bssid, ETH_ALEN); 655 memcpy(nullfunc->addr2, sdata->vif.addr, ETH_ALEN); 656 memcpy(nullfunc->addr3, sdata->u.mgd.bssid, ETH_ALEN); 657 memcpy(nullfunc->addr4, sdata->vif.addr, ETH_ALEN); 658 659 IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT; 660 ieee80211_tx_skb(sdata, skb); 661 } 662 663 /* spectrum management related things */ 664 static void ieee80211_chswitch_work(struct work_struct *work) 665 { 666 struct ieee80211_sub_if_data *sdata = 667 container_of(work, struct ieee80211_sub_if_data, u.mgd.chswitch_work); 668 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 669 670 if (!ieee80211_sdata_running(sdata)) 671 return; 672 673 mutex_lock(&ifmgd->mtx); 674 if (!ifmgd->associated) 675 goto out; 676 677 sdata->local->oper_channel = sdata->local->csa_channel; 678 if (!sdata->local->ops->channel_switch) { 679 /* call "hw_config" only if doing sw channel switch */ 680 ieee80211_hw_config(sdata->local, 681 IEEE80211_CONF_CHANGE_CHANNEL); 682 } else { 683 /* update the device channel directly */ 684 sdata->local->hw.conf.channel = sdata->local->oper_channel; 685 } 686 687 /* XXX: shouldn't really modify cfg80211-owned data! */ 688 ifmgd->associated->channel = sdata->local->oper_channel; 689 690 ieee80211_wake_queues_by_reason(&sdata->local->hw, 691 IEEE80211_QUEUE_STOP_REASON_CSA); 692 out: 693 ifmgd->flags &= ~IEEE80211_STA_CSA_RECEIVED; 694 mutex_unlock(&ifmgd->mtx); 695 } 696 697 void ieee80211_chswitch_done(struct ieee80211_vif *vif, bool success) 698 { 699 struct ieee80211_sub_if_data *sdata; 700 struct ieee80211_if_managed *ifmgd; 701 702 sdata = vif_to_sdata(vif); 703 ifmgd = &sdata->u.mgd; 704 705 trace_api_chswitch_done(sdata, success); 706 if (!success) { 707 /* 708 * If the channel switch was not successful, stay 709 * around on the old channel. We currently lack 710 * good handling of this situation, possibly we 711 * should just drop the association. 712 */ 713 sdata->local->csa_channel = sdata->local->oper_channel; 714 } 715 716 ieee80211_queue_work(&sdata->local->hw, &ifmgd->chswitch_work); 717 } 718 EXPORT_SYMBOL(ieee80211_chswitch_done); 719 720 static void ieee80211_chswitch_timer(unsigned long data) 721 { 722 struct ieee80211_sub_if_data *sdata = 723 (struct ieee80211_sub_if_data *) data; 724 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 725 726 if (sdata->local->quiescing) { 727 set_bit(TMR_RUNNING_CHANSW, &ifmgd->timers_running); 728 return; 729 } 730 731 ieee80211_queue_work(&sdata->local->hw, &ifmgd->chswitch_work); 732 } 733 734 void ieee80211_sta_process_chanswitch(struct ieee80211_sub_if_data *sdata, 735 struct ieee80211_channel_sw_ie *sw_elem, 736 struct ieee80211_bss *bss, 737 u64 timestamp) 738 { 739 struct cfg80211_bss *cbss = 740 container_of((void *)bss, struct cfg80211_bss, priv); 741 struct ieee80211_channel *new_ch; 742 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 743 int new_freq = ieee80211_channel_to_frequency(sw_elem->new_ch_num, 744 cbss->channel->band); 745 746 ASSERT_MGD_MTX(ifmgd); 747 748 if (!ifmgd->associated) 749 return; 750 751 if (sdata->local->scanning) 752 return; 753 754 /* Disregard subsequent beacons if we are already running a timer 755 processing a CSA */ 756 757 if (ifmgd->flags & IEEE80211_STA_CSA_RECEIVED) 758 return; 759 760 new_ch = ieee80211_get_channel(sdata->local->hw.wiphy, new_freq); 761 if (!new_ch || new_ch->flags & IEEE80211_CHAN_DISABLED) 762 return; 763 764 sdata->local->csa_channel = new_ch; 765 766 if (sdata->local->ops->channel_switch) { 767 /* use driver's channel switch callback */ 768 struct ieee80211_channel_switch ch_switch; 769 memset(&ch_switch, 0, sizeof(ch_switch)); 770 ch_switch.timestamp = timestamp; 771 if (sw_elem->mode) { 772 ch_switch.block_tx = true; 773 ieee80211_stop_queues_by_reason(&sdata->local->hw, 774 IEEE80211_QUEUE_STOP_REASON_CSA); 775 } 776 ch_switch.channel = new_ch; 777 ch_switch.count = sw_elem->count; 778 ifmgd->flags |= IEEE80211_STA_CSA_RECEIVED; 779 drv_channel_switch(sdata->local, &ch_switch); 780 return; 781 } 782 783 /* channel switch handled in software */ 784 if (sw_elem->count <= 1) { 785 ieee80211_queue_work(&sdata->local->hw, &ifmgd->chswitch_work); 786 } else { 787 if (sw_elem->mode) 788 ieee80211_stop_queues_by_reason(&sdata->local->hw, 789 IEEE80211_QUEUE_STOP_REASON_CSA); 790 ifmgd->flags |= IEEE80211_STA_CSA_RECEIVED; 791 mod_timer(&ifmgd->chswitch_timer, 792 jiffies + 793 msecs_to_jiffies(sw_elem->count * 794 cbss->beacon_interval)); 795 } 796 } 797 798 static void ieee80211_handle_pwr_constr(struct ieee80211_sub_if_data *sdata, 799 u16 capab_info, u8 *pwr_constr_elem, 800 u8 pwr_constr_elem_len) 801 { 802 struct ieee80211_conf *conf = &sdata->local->hw.conf; 803 804 if (!(capab_info & WLAN_CAPABILITY_SPECTRUM_MGMT)) 805 return; 806 807 /* Power constraint IE length should be 1 octet */ 808 if (pwr_constr_elem_len != 1) 809 return; 810 811 if ((*pwr_constr_elem <= conf->channel->max_reg_power) && 812 (*pwr_constr_elem != sdata->local->power_constr_level)) { 813 sdata->local->power_constr_level = *pwr_constr_elem; 814 ieee80211_hw_config(sdata->local, 0); 815 } 816 } 817 818 void ieee80211_enable_dyn_ps(struct ieee80211_vif *vif) 819 { 820 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); 821 struct ieee80211_local *local = sdata->local; 822 struct ieee80211_conf *conf = &local->hw.conf; 823 824 WARN_ON(sdata->vif.type != NL80211_IFTYPE_STATION || 825 !(local->hw.flags & IEEE80211_HW_SUPPORTS_PS) || 826 (local->hw.flags & IEEE80211_HW_SUPPORTS_DYNAMIC_PS)); 827 828 local->disable_dynamic_ps = false; 829 conf->dynamic_ps_timeout = local->dynamic_ps_user_timeout; 830 } 831 EXPORT_SYMBOL(ieee80211_enable_dyn_ps); 832 833 void ieee80211_disable_dyn_ps(struct ieee80211_vif *vif) 834 { 835 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); 836 struct ieee80211_local *local = sdata->local; 837 struct ieee80211_conf *conf = &local->hw.conf; 838 839 WARN_ON(sdata->vif.type != NL80211_IFTYPE_STATION || 840 !(local->hw.flags & IEEE80211_HW_SUPPORTS_PS) || 841 (local->hw.flags & IEEE80211_HW_SUPPORTS_DYNAMIC_PS)); 842 843 local->disable_dynamic_ps = true; 844 conf->dynamic_ps_timeout = 0; 845 del_timer_sync(&local->dynamic_ps_timer); 846 ieee80211_queue_work(&local->hw, 847 &local->dynamic_ps_enable_work); 848 } 849 EXPORT_SYMBOL(ieee80211_disable_dyn_ps); 850 851 /* powersave */ 852 static void ieee80211_enable_ps(struct ieee80211_local *local, 853 struct ieee80211_sub_if_data *sdata) 854 { 855 struct ieee80211_conf *conf = &local->hw.conf; 856 857 /* 858 * If we are scanning right now then the parameters will 859 * take effect when scan finishes. 860 */ 861 if (local->scanning) 862 return; 863 864 if (conf->dynamic_ps_timeout > 0 && 865 !(local->hw.flags & IEEE80211_HW_SUPPORTS_DYNAMIC_PS)) { 866 mod_timer(&local->dynamic_ps_timer, jiffies + 867 msecs_to_jiffies(conf->dynamic_ps_timeout)); 868 } else { 869 if (local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK) 870 ieee80211_send_nullfunc(local, sdata, 1); 871 872 if ((local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK) && 873 (local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS)) 874 return; 875 876 conf->flags |= IEEE80211_CONF_PS; 877 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS); 878 } 879 } 880 881 static void ieee80211_change_ps(struct ieee80211_local *local) 882 { 883 struct ieee80211_conf *conf = &local->hw.conf; 884 885 if (local->ps_sdata) { 886 ieee80211_enable_ps(local, local->ps_sdata); 887 } else if (conf->flags & IEEE80211_CONF_PS) { 888 conf->flags &= ~IEEE80211_CONF_PS; 889 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS); 890 del_timer_sync(&local->dynamic_ps_timer); 891 cancel_work_sync(&local->dynamic_ps_enable_work); 892 } 893 } 894 895 static bool ieee80211_powersave_allowed(struct ieee80211_sub_if_data *sdata) 896 { 897 struct ieee80211_if_managed *mgd = &sdata->u.mgd; 898 struct sta_info *sta = NULL; 899 bool authorized = false; 900 901 if (!mgd->powersave) 902 return false; 903 904 if (mgd->broken_ap) 905 return false; 906 907 if (!mgd->associated) 908 return false; 909 910 if (mgd->flags & (IEEE80211_STA_BEACON_POLL | 911 IEEE80211_STA_CONNECTION_POLL)) 912 return false; 913 914 rcu_read_lock(); 915 sta = sta_info_get(sdata, mgd->bssid); 916 if (sta) 917 authorized = test_sta_flag(sta, WLAN_STA_AUTHORIZED); 918 rcu_read_unlock(); 919 920 return authorized; 921 } 922 923 /* need to hold RTNL or interface lock */ 924 void ieee80211_recalc_ps(struct ieee80211_local *local, s32 latency) 925 { 926 struct ieee80211_sub_if_data *sdata, *found = NULL; 927 int count = 0; 928 int timeout; 929 930 if (!(local->hw.flags & IEEE80211_HW_SUPPORTS_PS)) { 931 local->ps_sdata = NULL; 932 return; 933 } 934 935 list_for_each_entry(sdata, &local->interfaces, list) { 936 if (!ieee80211_sdata_running(sdata)) 937 continue; 938 if (sdata->vif.type == NL80211_IFTYPE_AP) { 939 /* If an AP vif is found, then disable PS 940 * by setting the count to zero thereby setting 941 * ps_sdata to NULL. 942 */ 943 count = 0; 944 break; 945 } 946 if (sdata->vif.type != NL80211_IFTYPE_STATION) 947 continue; 948 found = sdata; 949 count++; 950 } 951 952 if (count == 1 && ieee80211_powersave_allowed(found)) { 953 struct ieee80211_conf *conf = &local->hw.conf; 954 s32 beaconint_us; 955 956 if (latency < 0) 957 latency = pm_qos_request(PM_QOS_NETWORK_LATENCY); 958 959 beaconint_us = ieee80211_tu_to_usec( 960 found->vif.bss_conf.beacon_int); 961 962 timeout = local->dynamic_ps_forced_timeout; 963 if (timeout < 0) { 964 /* 965 * Go to full PSM if the user configures a very low 966 * latency requirement. 967 * The 2000 second value is there for compatibility 968 * until the PM_QOS_NETWORK_LATENCY is configured 969 * with real values. 970 */ 971 if (latency > (1900 * USEC_PER_MSEC) && 972 latency != (2000 * USEC_PER_SEC)) 973 timeout = 0; 974 else 975 timeout = 100; 976 } 977 local->dynamic_ps_user_timeout = timeout; 978 if (!local->disable_dynamic_ps) 979 conf->dynamic_ps_timeout = 980 local->dynamic_ps_user_timeout; 981 982 if (beaconint_us > latency) { 983 local->ps_sdata = NULL; 984 } else { 985 struct ieee80211_bss *bss; 986 int maxslp = 1; 987 u8 dtimper; 988 989 bss = (void *)found->u.mgd.associated->priv; 990 dtimper = bss->dtim_period; 991 992 /* If the TIM IE is invalid, pretend the value is 1 */ 993 if (!dtimper) 994 dtimper = 1; 995 else if (dtimper > 1) 996 maxslp = min_t(int, dtimper, 997 latency / beaconint_us); 998 999 local->hw.conf.max_sleep_period = maxslp; 1000 local->hw.conf.ps_dtim_period = dtimper; 1001 local->ps_sdata = found; 1002 } 1003 } else { 1004 local->ps_sdata = NULL; 1005 } 1006 1007 ieee80211_change_ps(local); 1008 } 1009 1010 void ieee80211_dynamic_ps_disable_work(struct work_struct *work) 1011 { 1012 struct ieee80211_local *local = 1013 container_of(work, struct ieee80211_local, 1014 dynamic_ps_disable_work); 1015 1016 if (local->hw.conf.flags & IEEE80211_CONF_PS) { 1017 local->hw.conf.flags &= ~IEEE80211_CONF_PS; 1018 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS); 1019 } 1020 1021 ieee80211_wake_queues_by_reason(&local->hw, 1022 IEEE80211_QUEUE_STOP_REASON_PS); 1023 } 1024 1025 void ieee80211_dynamic_ps_enable_work(struct work_struct *work) 1026 { 1027 struct ieee80211_local *local = 1028 container_of(work, struct ieee80211_local, 1029 dynamic_ps_enable_work); 1030 struct ieee80211_sub_if_data *sdata = local->ps_sdata; 1031 struct ieee80211_if_managed *ifmgd; 1032 unsigned long flags; 1033 int q; 1034 1035 /* can only happen when PS was just disabled anyway */ 1036 if (!sdata) 1037 return; 1038 1039 ifmgd = &sdata->u.mgd; 1040 1041 if (local->hw.conf.flags & IEEE80211_CONF_PS) 1042 return; 1043 1044 if (!local->disable_dynamic_ps && 1045 local->hw.conf.dynamic_ps_timeout > 0) { 1046 /* don't enter PS if TX frames are pending */ 1047 if (drv_tx_frames_pending(local)) { 1048 mod_timer(&local->dynamic_ps_timer, jiffies + 1049 msecs_to_jiffies( 1050 local->hw.conf.dynamic_ps_timeout)); 1051 return; 1052 } 1053 1054 /* 1055 * transmission can be stopped by others which leads to 1056 * dynamic_ps_timer expiry. Postpone the ps timer if it 1057 * is not the actual idle state. 1058 */ 1059 spin_lock_irqsave(&local->queue_stop_reason_lock, flags); 1060 for (q = 0; q < local->hw.queues; q++) { 1061 if (local->queue_stop_reasons[q]) { 1062 spin_unlock_irqrestore(&local->queue_stop_reason_lock, 1063 flags); 1064 mod_timer(&local->dynamic_ps_timer, jiffies + 1065 msecs_to_jiffies( 1066 local->hw.conf.dynamic_ps_timeout)); 1067 return; 1068 } 1069 } 1070 spin_unlock_irqrestore(&local->queue_stop_reason_lock, flags); 1071 } 1072 1073 if ((local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK) && 1074 !(ifmgd->flags & IEEE80211_STA_NULLFUNC_ACKED)) { 1075 netif_tx_stop_all_queues(sdata->dev); 1076 1077 if (drv_tx_frames_pending(local)) 1078 mod_timer(&local->dynamic_ps_timer, jiffies + 1079 msecs_to_jiffies( 1080 local->hw.conf.dynamic_ps_timeout)); 1081 else { 1082 ieee80211_send_nullfunc(local, sdata, 1); 1083 /* Flush to get the tx status of nullfunc frame */ 1084 drv_flush(local, false); 1085 } 1086 } 1087 1088 if (!((local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS) && 1089 (local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK)) || 1090 (ifmgd->flags & IEEE80211_STA_NULLFUNC_ACKED)) { 1091 ifmgd->flags &= ~IEEE80211_STA_NULLFUNC_ACKED; 1092 local->hw.conf.flags |= IEEE80211_CONF_PS; 1093 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS); 1094 } 1095 1096 if (local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK) 1097 netif_tx_wake_all_queues(sdata->dev); 1098 } 1099 1100 void ieee80211_dynamic_ps_timer(unsigned long data) 1101 { 1102 struct ieee80211_local *local = (void *) data; 1103 1104 if (local->quiescing || local->suspended) 1105 return; 1106 1107 ieee80211_queue_work(&local->hw, &local->dynamic_ps_enable_work); 1108 } 1109 1110 /* MLME */ 1111 static bool ieee80211_sta_wmm_params(struct ieee80211_local *local, 1112 struct ieee80211_sub_if_data *sdata, 1113 u8 *wmm_param, size_t wmm_param_len) 1114 { 1115 struct ieee80211_tx_queue_params params; 1116 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1117 size_t left; 1118 int count; 1119 u8 *pos, uapsd_queues = 0; 1120 1121 if (!local->ops->conf_tx) 1122 return false; 1123 1124 if (local->hw.queues < IEEE80211_NUM_ACS) 1125 return false; 1126 1127 if (!wmm_param) 1128 return false; 1129 1130 if (wmm_param_len < 8 || wmm_param[5] /* version */ != 1) 1131 return false; 1132 1133 if (ifmgd->flags & IEEE80211_STA_UAPSD_ENABLED) 1134 uapsd_queues = ifmgd->uapsd_queues; 1135 1136 count = wmm_param[6] & 0x0f; 1137 if (count == ifmgd->wmm_last_param_set) 1138 return false; 1139 ifmgd->wmm_last_param_set = count; 1140 1141 pos = wmm_param + 8; 1142 left = wmm_param_len - 8; 1143 1144 memset(¶ms, 0, sizeof(params)); 1145 1146 sdata->wmm_acm = 0; 1147 for (; left >= 4; left -= 4, pos += 4) { 1148 int aci = (pos[0] >> 5) & 0x03; 1149 int acm = (pos[0] >> 4) & 0x01; 1150 bool uapsd = false; 1151 int queue; 1152 1153 switch (aci) { 1154 case 1: /* AC_BK */ 1155 queue = 3; 1156 if (acm) 1157 sdata->wmm_acm |= BIT(1) | BIT(2); /* BK/- */ 1158 if (uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_BK) 1159 uapsd = true; 1160 break; 1161 case 2: /* AC_VI */ 1162 queue = 1; 1163 if (acm) 1164 sdata->wmm_acm |= BIT(4) | BIT(5); /* CL/VI */ 1165 if (uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_VI) 1166 uapsd = true; 1167 break; 1168 case 3: /* AC_VO */ 1169 queue = 0; 1170 if (acm) 1171 sdata->wmm_acm |= BIT(6) | BIT(7); /* VO/NC */ 1172 if (uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_VO) 1173 uapsd = true; 1174 break; 1175 case 0: /* AC_BE */ 1176 default: 1177 queue = 2; 1178 if (acm) 1179 sdata->wmm_acm |= BIT(0) | BIT(3); /* BE/EE */ 1180 if (uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_BE) 1181 uapsd = true; 1182 break; 1183 } 1184 1185 params.aifs = pos[0] & 0x0f; 1186 params.cw_max = ecw2cw((pos[1] & 0xf0) >> 4); 1187 params.cw_min = ecw2cw(pos[1] & 0x0f); 1188 params.txop = get_unaligned_le16(pos + 2); 1189 params.uapsd = uapsd; 1190 1191 mlme_dbg(sdata, 1192 "WMM queue=%d aci=%d acm=%d aifs=%d cWmin=%d cWmax=%d txop=%d uapsd=%d\n", 1193 queue, aci, acm, 1194 params.aifs, params.cw_min, params.cw_max, 1195 params.txop, params.uapsd); 1196 sdata->tx_conf[queue] = params; 1197 if (drv_conf_tx(local, sdata, queue, ¶ms)) 1198 sdata_err(sdata, 1199 "failed to set TX queue parameters for queue %d\n", 1200 queue); 1201 } 1202 1203 /* enable WMM or activate new settings */ 1204 sdata->vif.bss_conf.qos = true; 1205 return true; 1206 } 1207 1208 static void __ieee80211_stop_poll(struct ieee80211_sub_if_data *sdata) 1209 { 1210 lockdep_assert_held(&sdata->local->mtx); 1211 1212 sdata->u.mgd.flags &= ~(IEEE80211_STA_CONNECTION_POLL | 1213 IEEE80211_STA_BEACON_POLL); 1214 ieee80211_run_deferred_scan(sdata->local); 1215 } 1216 1217 static void ieee80211_stop_poll(struct ieee80211_sub_if_data *sdata) 1218 { 1219 mutex_lock(&sdata->local->mtx); 1220 __ieee80211_stop_poll(sdata); 1221 mutex_unlock(&sdata->local->mtx); 1222 } 1223 1224 static u32 ieee80211_handle_bss_capability(struct ieee80211_sub_if_data *sdata, 1225 u16 capab, bool erp_valid, u8 erp) 1226 { 1227 struct ieee80211_bss_conf *bss_conf = &sdata->vif.bss_conf; 1228 u32 changed = 0; 1229 bool use_protection; 1230 bool use_short_preamble; 1231 bool use_short_slot; 1232 1233 if (erp_valid) { 1234 use_protection = (erp & WLAN_ERP_USE_PROTECTION) != 0; 1235 use_short_preamble = (erp & WLAN_ERP_BARKER_PREAMBLE) == 0; 1236 } else { 1237 use_protection = false; 1238 use_short_preamble = !!(capab & WLAN_CAPABILITY_SHORT_PREAMBLE); 1239 } 1240 1241 use_short_slot = !!(capab & WLAN_CAPABILITY_SHORT_SLOT_TIME); 1242 if (sdata->local->hw.conf.channel->band == IEEE80211_BAND_5GHZ) 1243 use_short_slot = true; 1244 1245 if (use_protection != bss_conf->use_cts_prot) { 1246 bss_conf->use_cts_prot = use_protection; 1247 changed |= BSS_CHANGED_ERP_CTS_PROT; 1248 } 1249 1250 if (use_short_preamble != bss_conf->use_short_preamble) { 1251 bss_conf->use_short_preamble = use_short_preamble; 1252 changed |= BSS_CHANGED_ERP_PREAMBLE; 1253 } 1254 1255 if (use_short_slot != bss_conf->use_short_slot) { 1256 bss_conf->use_short_slot = use_short_slot; 1257 changed |= BSS_CHANGED_ERP_SLOT; 1258 } 1259 1260 return changed; 1261 } 1262 1263 static void ieee80211_set_associated(struct ieee80211_sub_if_data *sdata, 1264 struct cfg80211_bss *cbss, 1265 u32 bss_info_changed) 1266 { 1267 struct ieee80211_bss *bss = (void *)cbss->priv; 1268 struct ieee80211_local *local = sdata->local; 1269 struct ieee80211_bss_conf *bss_conf = &sdata->vif.bss_conf; 1270 1271 bss_info_changed |= BSS_CHANGED_ASSOC; 1272 bss_info_changed |= ieee80211_handle_bss_capability(sdata, 1273 bss_conf->assoc_capability, bss->has_erp_value, bss->erp_value); 1274 1275 sdata->u.mgd.beacon_timeout = usecs_to_jiffies(ieee80211_tu_to_usec( 1276 IEEE80211_BEACON_LOSS_COUNT * bss_conf->beacon_int)); 1277 1278 sdata->u.mgd.associated = cbss; 1279 memcpy(sdata->u.mgd.bssid, cbss->bssid, ETH_ALEN); 1280 1281 sdata->u.mgd.flags |= IEEE80211_STA_RESET_SIGNAL_AVE; 1282 1283 /* just to be sure */ 1284 ieee80211_stop_poll(sdata); 1285 1286 ieee80211_led_assoc(local, 1); 1287 1288 if (local->hw.flags & IEEE80211_HW_NEED_DTIM_PERIOD) 1289 bss_conf->dtim_period = bss->dtim_period; 1290 else 1291 bss_conf->dtim_period = 0; 1292 1293 bss_conf->assoc = 1; 1294 1295 /* Tell the driver to monitor connection quality (if supported) */ 1296 if (sdata->vif.driver_flags & IEEE80211_VIF_SUPPORTS_CQM_RSSI && 1297 bss_conf->cqm_rssi_thold) 1298 bss_info_changed |= BSS_CHANGED_CQM; 1299 1300 /* Enable ARP filtering */ 1301 if (bss_conf->arp_filter_enabled != sdata->arp_filter_state) { 1302 bss_conf->arp_filter_enabled = sdata->arp_filter_state; 1303 bss_info_changed |= BSS_CHANGED_ARP_FILTER; 1304 } 1305 1306 ieee80211_bss_info_change_notify(sdata, bss_info_changed); 1307 1308 mutex_lock(&local->iflist_mtx); 1309 ieee80211_recalc_ps(local, -1); 1310 ieee80211_recalc_smps(local); 1311 mutex_unlock(&local->iflist_mtx); 1312 1313 netif_tx_start_all_queues(sdata->dev); 1314 netif_carrier_on(sdata->dev); 1315 } 1316 1317 static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata, 1318 u16 stype, u16 reason, bool tx, 1319 u8 *frame_buf) 1320 { 1321 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1322 struct ieee80211_local *local = sdata->local; 1323 struct sta_info *sta; 1324 u32 changed = 0; 1325 1326 ASSERT_MGD_MTX(ifmgd); 1327 1328 if (WARN_ON_ONCE(tx && !frame_buf)) 1329 return; 1330 1331 if (WARN_ON(!ifmgd->associated)) 1332 return; 1333 1334 ieee80211_stop_poll(sdata); 1335 1336 ifmgd->associated = NULL; 1337 1338 /* 1339 * we need to commit the associated = NULL change because the 1340 * scan code uses that to determine whether this iface should 1341 * go to/wake up from powersave or not -- and could otherwise 1342 * wake the queues erroneously. 1343 */ 1344 smp_mb(); 1345 1346 /* 1347 * Thus, we can only afterwards stop the queues -- to account 1348 * for the case where another CPU is finishing a scan at this 1349 * time -- we don't want the scan code to enable queues. 1350 */ 1351 1352 netif_tx_stop_all_queues(sdata->dev); 1353 netif_carrier_off(sdata->dev); 1354 1355 mutex_lock(&local->sta_mtx); 1356 sta = sta_info_get(sdata, ifmgd->bssid); 1357 if (sta) { 1358 set_sta_flag(sta, WLAN_STA_BLOCK_BA); 1359 ieee80211_sta_tear_down_BA_sessions(sta, tx); 1360 } 1361 mutex_unlock(&local->sta_mtx); 1362 1363 /* 1364 * if we want to get out of ps before disassoc (why?) we have 1365 * to do it before sending disassoc, as otherwise the null-packet 1366 * won't be valid. 1367 */ 1368 if (local->hw.conf.flags & IEEE80211_CONF_PS) { 1369 local->hw.conf.flags &= ~IEEE80211_CONF_PS; 1370 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS); 1371 } 1372 local->ps_sdata = NULL; 1373 1374 /* flush out any pending frame (e.g. DELBA) before deauth/disassoc */ 1375 if (tx) 1376 drv_flush(local, false); 1377 1378 /* deauthenticate/disassociate now */ 1379 if (tx || frame_buf) 1380 ieee80211_send_deauth_disassoc(sdata, ifmgd->bssid, stype, 1381 reason, tx, frame_buf); 1382 1383 /* flush out frame */ 1384 if (tx) 1385 drv_flush(local, false); 1386 1387 /* clear bssid only after building the needed mgmt frames */ 1388 memset(ifmgd->bssid, 0, ETH_ALEN); 1389 1390 /* remove AP and TDLS peers */ 1391 sta_info_flush(local, sdata); 1392 1393 /* finally reset all BSS / config parameters */ 1394 changed |= ieee80211_reset_erp_info(sdata); 1395 1396 ieee80211_led_assoc(local, 0); 1397 changed |= BSS_CHANGED_ASSOC; 1398 sdata->vif.bss_conf.assoc = false; 1399 1400 /* on the next assoc, re-program HT parameters */ 1401 memset(&ifmgd->ht_capa, 0, sizeof(ifmgd->ht_capa)); 1402 memset(&ifmgd->ht_capa_mask, 0, sizeof(ifmgd->ht_capa_mask)); 1403 1404 local->power_constr_level = 0; 1405 1406 del_timer_sync(&local->dynamic_ps_timer); 1407 cancel_work_sync(&local->dynamic_ps_enable_work); 1408 1409 /* Disable ARP filtering */ 1410 if (sdata->vif.bss_conf.arp_filter_enabled) { 1411 sdata->vif.bss_conf.arp_filter_enabled = false; 1412 changed |= BSS_CHANGED_ARP_FILTER; 1413 } 1414 1415 sdata->vif.bss_conf.qos = false; 1416 changed |= BSS_CHANGED_QOS; 1417 1418 /* The BSSID (not really interesting) and HT changed */ 1419 changed |= BSS_CHANGED_BSSID | BSS_CHANGED_HT; 1420 ieee80211_bss_info_change_notify(sdata, changed); 1421 1422 /* channel(_type) changes are handled by ieee80211_hw_config */ 1423 WARN_ON(!ieee80211_set_channel_type(local, sdata, NL80211_CHAN_NO_HT)); 1424 ieee80211_hw_config(local, 0); 1425 1426 /* disassociated - set to defaults now */ 1427 ieee80211_set_wmm_default(sdata, false); 1428 1429 del_timer_sync(&sdata->u.mgd.conn_mon_timer); 1430 del_timer_sync(&sdata->u.mgd.bcn_mon_timer); 1431 del_timer_sync(&sdata->u.mgd.timer); 1432 del_timer_sync(&sdata->u.mgd.chswitch_timer); 1433 } 1434 1435 void ieee80211_sta_rx_notify(struct ieee80211_sub_if_data *sdata, 1436 struct ieee80211_hdr *hdr) 1437 { 1438 /* 1439 * We can postpone the mgd.timer whenever receiving unicast frames 1440 * from AP because we know that the connection is working both ways 1441 * at that time. But multicast frames (and hence also beacons) must 1442 * be ignored here, because we need to trigger the timer during 1443 * data idle periods for sending the periodic probe request to the 1444 * AP we're connected to. 1445 */ 1446 if (is_multicast_ether_addr(hdr->addr1)) 1447 return; 1448 1449 ieee80211_sta_reset_conn_monitor(sdata); 1450 } 1451 1452 static void ieee80211_reset_ap_probe(struct ieee80211_sub_if_data *sdata) 1453 { 1454 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1455 struct ieee80211_local *local = sdata->local; 1456 1457 mutex_lock(&local->mtx); 1458 if (!(ifmgd->flags & (IEEE80211_STA_BEACON_POLL | 1459 IEEE80211_STA_CONNECTION_POLL))) { 1460 mutex_unlock(&local->mtx); 1461 return; 1462 } 1463 1464 __ieee80211_stop_poll(sdata); 1465 1466 mutex_lock(&local->iflist_mtx); 1467 ieee80211_recalc_ps(local, -1); 1468 mutex_unlock(&local->iflist_mtx); 1469 1470 if (sdata->local->hw.flags & IEEE80211_HW_CONNECTION_MONITOR) 1471 goto out; 1472 1473 /* 1474 * We've received a probe response, but are not sure whether 1475 * we have or will be receiving any beacons or data, so let's 1476 * schedule the timers again, just in case. 1477 */ 1478 ieee80211_sta_reset_beacon_monitor(sdata); 1479 1480 mod_timer(&ifmgd->conn_mon_timer, 1481 round_jiffies_up(jiffies + 1482 IEEE80211_CONNECTION_IDLE_TIME)); 1483 out: 1484 mutex_unlock(&local->mtx); 1485 } 1486 1487 void ieee80211_sta_tx_notify(struct ieee80211_sub_if_data *sdata, 1488 struct ieee80211_hdr *hdr, bool ack) 1489 { 1490 if (!ieee80211_is_data(hdr->frame_control)) 1491 return; 1492 1493 if (ack) 1494 ieee80211_sta_reset_conn_monitor(sdata); 1495 1496 if (ieee80211_is_nullfunc(hdr->frame_control) && 1497 sdata->u.mgd.probe_send_count > 0) { 1498 if (ack) 1499 sdata->u.mgd.probe_send_count = 0; 1500 else 1501 sdata->u.mgd.nullfunc_failed = true; 1502 ieee80211_queue_work(&sdata->local->hw, &sdata->work); 1503 } 1504 } 1505 1506 static void ieee80211_mgd_probe_ap_send(struct ieee80211_sub_if_data *sdata) 1507 { 1508 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1509 const u8 *ssid; 1510 u8 *dst = ifmgd->associated->bssid; 1511 u8 unicast_limit = max(1, max_probe_tries - 3); 1512 1513 /* 1514 * Try sending broadcast probe requests for the last three 1515 * probe requests after the first ones failed since some 1516 * buggy APs only support broadcast probe requests. 1517 */ 1518 if (ifmgd->probe_send_count >= unicast_limit) 1519 dst = NULL; 1520 1521 /* 1522 * When the hardware reports an accurate Tx ACK status, it's 1523 * better to send a nullfunc frame instead of a probe request, 1524 * as it will kick us off the AP quickly if we aren't associated 1525 * anymore. The timeout will be reset if the frame is ACKed by 1526 * the AP. 1527 */ 1528 ifmgd->probe_send_count++; 1529 1530 if (sdata->local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS) { 1531 ifmgd->nullfunc_failed = false; 1532 ieee80211_send_nullfunc(sdata->local, sdata, 0); 1533 } else { 1534 int ssid_len; 1535 1536 ssid = ieee80211_bss_get_ie(ifmgd->associated, WLAN_EID_SSID); 1537 if (WARN_ON_ONCE(ssid == NULL)) 1538 ssid_len = 0; 1539 else 1540 ssid_len = ssid[1]; 1541 1542 ieee80211_send_probe_req(sdata, dst, ssid + 2, ssid_len, NULL, 1543 0, (u32) -1, true, false); 1544 } 1545 1546 ifmgd->probe_timeout = jiffies + msecs_to_jiffies(probe_wait_ms); 1547 run_again(ifmgd, ifmgd->probe_timeout); 1548 if (sdata->local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS) 1549 drv_flush(sdata->local, false); 1550 } 1551 1552 static void ieee80211_mgd_probe_ap(struct ieee80211_sub_if_data *sdata, 1553 bool beacon) 1554 { 1555 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1556 bool already = false; 1557 1558 if (!ieee80211_sdata_running(sdata)) 1559 return; 1560 1561 mutex_lock(&ifmgd->mtx); 1562 1563 if (!ifmgd->associated) 1564 goto out; 1565 1566 mutex_lock(&sdata->local->mtx); 1567 1568 if (sdata->local->tmp_channel || sdata->local->scanning) { 1569 mutex_unlock(&sdata->local->mtx); 1570 goto out; 1571 } 1572 1573 if (beacon) 1574 mlme_dbg_ratelimited(sdata, 1575 "detected beacon loss from AP - sending probe request\n"); 1576 1577 ieee80211_cqm_rssi_notify(&sdata->vif, 1578 NL80211_CQM_RSSI_BEACON_LOSS_EVENT, GFP_KERNEL); 1579 1580 /* 1581 * The driver/our work has already reported this event or the 1582 * connection monitoring has kicked in and we have already sent 1583 * a probe request. Or maybe the AP died and the driver keeps 1584 * reporting until we disassociate... 1585 * 1586 * In either case we have to ignore the current call to this 1587 * function (except for setting the correct probe reason bit) 1588 * because otherwise we would reset the timer every time and 1589 * never check whether we received a probe response! 1590 */ 1591 if (ifmgd->flags & (IEEE80211_STA_BEACON_POLL | 1592 IEEE80211_STA_CONNECTION_POLL)) 1593 already = true; 1594 1595 if (beacon) 1596 ifmgd->flags |= IEEE80211_STA_BEACON_POLL; 1597 else 1598 ifmgd->flags |= IEEE80211_STA_CONNECTION_POLL; 1599 1600 mutex_unlock(&sdata->local->mtx); 1601 1602 if (already) 1603 goto out; 1604 1605 mutex_lock(&sdata->local->iflist_mtx); 1606 ieee80211_recalc_ps(sdata->local, -1); 1607 mutex_unlock(&sdata->local->iflist_mtx); 1608 1609 ifmgd->probe_send_count = 0; 1610 ieee80211_mgd_probe_ap_send(sdata); 1611 out: 1612 mutex_unlock(&ifmgd->mtx); 1613 } 1614 1615 struct sk_buff *ieee80211_ap_probereq_get(struct ieee80211_hw *hw, 1616 struct ieee80211_vif *vif) 1617 { 1618 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); 1619 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1620 struct cfg80211_bss *cbss; 1621 struct sk_buff *skb; 1622 const u8 *ssid; 1623 int ssid_len; 1624 1625 if (WARN_ON(sdata->vif.type != NL80211_IFTYPE_STATION)) 1626 return NULL; 1627 1628 ASSERT_MGD_MTX(ifmgd); 1629 1630 if (ifmgd->associated) 1631 cbss = ifmgd->associated; 1632 else if (ifmgd->auth_data) 1633 cbss = ifmgd->auth_data->bss; 1634 else if (ifmgd->assoc_data) 1635 cbss = ifmgd->assoc_data->bss; 1636 else 1637 return NULL; 1638 1639 ssid = ieee80211_bss_get_ie(cbss, WLAN_EID_SSID); 1640 if (WARN_ON_ONCE(ssid == NULL)) 1641 ssid_len = 0; 1642 else 1643 ssid_len = ssid[1]; 1644 1645 skb = ieee80211_build_probe_req(sdata, cbss->bssid, 1646 (u32) -1, ssid + 2, ssid_len, 1647 NULL, 0, true); 1648 1649 return skb; 1650 } 1651 EXPORT_SYMBOL(ieee80211_ap_probereq_get); 1652 1653 static void __ieee80211_connection_loss(struct ieee80211_sub_if_data *sdata) 1654 { 1655 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1656 struct ieee80211_local *local = sdata->local; 1657 u8 bssid[ETH_ALEN]; 1658 u8 frame_buf[DEAUTH_DISASSOC_LEN]; 1659 1660 mutex_lock(&ifmgd->mtx); 1661 if (!ifmgd->associated) { 1662 mutex_unlock(&ifmgd->mtx); 1663 return; 1664 } 1665 1666 memcpy(bssid, ifmgd->associated->bssid, ETH_ALEN); 1667 1668 sdata_info(sdata, "Connection to AP %pM lost\n", bssid); 1669 1670 ieee80211_set_disassoc(sdata, IEEE80211_STYPE_DEAUTH, 1671 WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY, 1672 false, frame_buf); 1673 mutex_unlock(&ifmgd->mtx); 1674 1675 /* 1676 * must be outside lock due to cfg80211, 1677 * but that's not a problem. 1678 */ 1679 cfg80211_send_deauth(sdata->dev, frame_buf, DEAUTH_DISASSOC_LEN); 1680 1681 mutex_lock(&local->mtx); 1682 ieee80211_recalc_idle(local); 1683 mutex_unlock(&local->mtx); 1684 } 1685 1686 void ieee80211_beacon_connection_loss_work(struct work_struct *work) 1687 { 1688 struct ieee80211_sub_if_data *sdata = 1689 container_of(work, struct ieee80211_sub_if_data, 1690 u.mgd.beacon_connection_loss_work); 1691 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1692 struct sta_info *sta; 1693 1694 if (ifmgd->associated) { 1695 rcu_read_lock(); 1696 sta = sta_info_get(sdata, ifmgd->bssid); 1697 if (sta) 1698 sta->beacon_loss_count++; 1699 rcu_read_unlock(); 1700 } 1701 1702 if (sdata->local->hw.flags & IEEE80211_HW_CONNECTION_MONITOR) 1703 __ieee80211_connection_loss(sdata); 1704 else 1705 ieee80211_mgd_probe_ap(sdata, true); 1706 } 1707 1708 void ieee80211_beacon_loss(struct ieee80211_vif *vif) 1709 { 1710 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); 1711 struct ieee80211_hw *hw = &sdata->local->hw; 1712 1713 trace_api_beacon_loss(sdata); 1714 1715 WARN_ON(hw->flags & IEEE80211_HW_CONNECTION_MONITOR); 1716 ieee80211_queue_work(hw, &sdata->u.mgd.beacon_connection_loss_work); 1717 } 1718 EXPORT_SYMBOL(ieee80211_beacon_loss); 1719 1720 void ieee80211_connection_loss(struct ieee80211_vif *vif) 1721 { 1722 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); 1723 struct ieee80211_hw *hw = &sdata->local->hw; 1724 1725 trace_api_connection_loss(sdata); 1726 1727 WARN_ON(!(hw->flags & IEEE80211_HW_CONNECTION_MONITOR)); 1728 ieee80211_queue_work(hw, &sdata->u.mgd.beacon_connection_loss_work); 1729 } 1730 EXPORT_SYMBOL(ieee80211_connection_loss); 1731 1732 1733 static void ieee80211_destroy_auth_data(struct ieee80211_sub_if_data *sdata, 1734 bool assoc) 1735 { 1736 struct ieee80211_mgd_auth_data *auth_data = sdata->u.mgd.auth_data; 1737 1738 lockdep_assert_held(&sdata->u.mgd.mtx); 1739 1740 if (!assoc) { 1741 sta_info_destroy_addr(sdata, auth_data->bss->bssid); 1742 1743 memset(sdata->u.mgd.bssid, 0, ETH_ALEN); 1744 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BSSID); 1745 } 1746 1747 cfg80211_put_bss(auth_data->bss); 1748 kfree(auth_data); 1749 sdata->u.mgd.auth_data = NULL; 1750 } 1751 1752 static void ieee80211_auth_challenge(struct ieee80211_sub_if_data *sdata, 1753 struct ieee80211_mgmt *mgmt, size_t len) 1754 { 1755 struct ieee80211_mgd_auth_data *auth_data = sdata->u.mgd.auth_data; 1756 u8 *pos; 1757 struct ieee802_11_elems elems; 1758 1759 pos = mgmt->u.auth.variable; 1760 ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems); 1761 if (!elems.challenge) 1762 return; 1763 auth_data->expected_transaction = 4; 1764 drv_mgd_prepare_tx(sdata->local, sdata); 1765 ieee80211_send_auth(sdata, 3, auth_data->algorithm, 1766 elems.challenge - 2, elems.challenge_len + 2, 1767 auth_data->bss->bssid, auth_data->bss->bssid, 1768 auth_data->key, auth_data->key_len, 1769 auth_data->key_idx); 1770 } 1771 1772 static enum rx_mgmt_action __must_check 1773 ieee80211_rx_mgmt_auth(struct ieee80211_sub_if_data *sdata, 1774 struct ieee80211_mgmt *mgmt, size_t len) 1775 { 1776 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1777 u8 bssid[ETH_ALEN]; 1778 u16 auth_alg, auth_transaction, status_code; 1779 struct sta_info *sta; 1780 1781 lockdep_assert_held(&ifmgd->mtx); 1782 1783 if (len < 24 + 6) 1784 return RX_MGMT_NONE; 1785 1786 if (!ifmgd->auth_data || ifmgd->auth_data->done) 1787 return RX_MGMT_NONE; 1788 1789 memcpy(bssid, ifmgd->auth_data->bss->bssid, ETH_ALEN); 1790 1791 if (!ether_addr_equal(bssid, mgmt->bssid)) 1792 return RX_MGMT_NONE; 1793 1794 auth_alg = le16_to_cpu(mgmt->u.auth.auth_alg); 1795 auth_transaction = le16_to_cpu(mgmt->u.auth.auth_transaction); 1796 status_code = le16_to_cpu(mgmt->u.auth.status_code); 1797 1798 if (auth_alg != ifmgd->auth_data->algorithm || 1799 auth_transaction != ifmgd->auth_data->expected_transaction) 1800 return RX_MGMT_NONE; 1801 1802 if (status_code != WLAN_STATUS_SUCCESS) { 1803 sdata_info(sdata, "%pM denied authentication (status %d)\n", 1804 mgmt->sa, status_code); 1805 ieee80211_destroy_auth_data(sdata, false); 1806 return RX_MGMT_CFG80211_RX_AUTH; 1807 } 1808 1809 switch (ifmgd->auth_data->algorithm) { 1810 case WLAN_AUTH_OPEN: 1811 case WLAN_AUTH_LEAP: 1812 case WLAN_AUTH_FT: 1813 break; 1814 case WLAN_AUTH_SHARED_KEY: 1815 if (ifmgd->auth_data->expected_transaction != 4) { 1816 ieee80211_auth_challenge(sdata, mgmt, len); 1817 /* need another frame */ 1818 return RX_MGMT_NONE; 1819 } 1820 break; 1821 default: 1822 WARN_ONCE(1, "invalid auth alg %d", 1823 ifmgd->auth_data->algorithm); 1824 return RX_MGMT_NONE; 1825 } 1826 1827 sdata_info(sdata, "authenticated\n"); 1828 ifmgd->auth_data->done = true; 1829 ifmgd->auth_data->timeout = jiffies + IEEE80211_AUTH_WAIT_ASSOC; 1830 run_again(ifmgd, ifmgd->auth_data->timeout); 1831 1832 /* move station state to auth */ 1833 mutex_lock(&sdata->local->sta_mtx); 1834 sta = sta_info_get(sdata, bssid); 1835 if (!sta) { 1836 WARN_ONCE(1, "%s: STA %pM not found", sdata->name, bssid); 1837 goto out_err; 1838 } 1839 if (sta_info_move_state(sta, IEEE80211_STA_AUTH)) { 1840 sdata_info(sdata, "failed moving %pM to auth\n", bssid); 1841 goto out_err; 1842 } 1843 mutex_unlock(&sdata->local->sta_mtx); 1844 1845 return RX_MGMT_CFG80211_RX_AUTH; 1846 out_err: 1847 mutex_unlock(&sdata->local->sta_mtx); 1848 /* ignore frame -- wait for timeout */ 1849 return RX_MGMT_NONE; 1850 } 1851 1852 1853 static enum rx_mgmt_action __must_check 1854 ieee80211_rx_mgmt_deauth(struct ieee80211_sub_if_data *sdata, 1855 struct ieee80211_mgmt *mgmt, size_t len) 1856 { 1857 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1858 const u8 *bssid = NULL; 1859 u16 reason_code; 1860 1861 lockdep_assert_held(&ifmgd->mtx); 1862 1863 if (len < 24 + 2) 1864 return RX_MGMT_NONE; 1865 1866 if (!ifmgd->associated || 1867 !ether_addr_equal(mgmt->bssid, ifmgd->associated->bssid)) 1868 return RX_MGMT_NONE; 1869 1870 bssid = ifmgd->associated->bssid; 1871 1872 reason_code = le16_to_cpu(mgmt->u.deauth.reason_code); 1873 1874 sdata_info(sdata, "deauthenticated from %pM (Reason: %u)\n", 1875 bssid, reason_code); 1876 1877 ieee80211_set_disassoc(sdata, 0, 0, false, NULL); 1878 1879 mutex_lock(&sdata->local->mtx); 1880 ieee80211_recalc_idle(sdata->local); 1881 mutex_unlock(&sdata->local->mtx); 1882 1883 return RX_MGMT_CFG80211_DEAUTH; 1884 } 1885 1886 1887 static enum rx_mgmt_action __must_check 1888 ieee80211_rx_mgmt_disassoc(struct ieee80211_sub_if_data *sdata, 1889 struct ieee80211_mgmt *mgmt, size_t len) 1890 { 1891 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1892 u16 reason_code; 1893 1894 lockdep_assert_held(&ifmgd->mtx); 1895 1896 if (len < 24 + 2) 1897 return RX_MGMT_NONE; 1898 1899 if (!ifmgd->associated || 1900 !ether_addr_equal(mgmt->bssid, ifmgd->associated->bssid)) 1901 return RX_MGMT_NONE; 1902 1903 reason_code = le16_to_cpu(mgmt->u.disassoc.reason_code); 1904 1905 sdata_info(sdata, "disassociated from %pM (Reason: %u)\n", 1906 mgmt->sa, reason_code); 1907 1908 ieee80211_set_disassoc(sdata, 0, 0, false, NULL); 1909 1910 mutex_lock(&sdata->local->mtx); 1911 ieee80211_recalc_idle(sdata->local); 1912 mutex_unlock(&sdata->local->mtx); 1913 1914 return RX_MGMT_CFG80211_DISASSOC; 1915 } 1916 1917 static void ieee80211_get_rates(struct ieee80211_supported_band *sband, 1918 u8 *supp_rates, unsigned int supp_rates_len, 1919 u32 *rates, u32 *basic_rates, 1920 bool *have_higher_than_11mbit, 1921 int *min_rate, int *min_rate_index) 1922 { 1923 int i, j; 1924 1925 for (i = 0; i < supp_rates_len; i++) { 1926 int rate = (supp_rates[i] & 0x7f) * 5; 1927 bool is_basic = !!(supp_rates[i] & 0x80); 1928 1929 if (rate > 110) 1930 *have_higher_than_11mbit = true; 1931 1932 /* 1933 * BSS_MEMBERSHIP_SELECTOR_HT_PHY is defined in 802.11n-2009 1934 * 7.3.2.2 as a magic value instead of a rate. Hence, skip it. 1935 * 1936 * Note: Even through the membership selector and the basic 1937 * rate flag share the same bit, they are not exactly 1938 * the same. 1939 */ 1940 if (!!(supp_rates[i] & 0x80) && 1941 (supp_rates[i] & 0x7f) == BSS_MEMBERSHIP_SELECTOR_HT_PHY) 1942 continue; 1943 1944 for (j = 0; j < sband->n_bitrates; j++) { 1945 if (sband->bitrates[j].bitrate == rate) { 1946 *rates |= BIT(j); 1947 if (is_basic) 1948 *basic_rates |= BIT(j); 1949 if (rate < *min_rate) { 1950 *min_rate = rate; 1951 *min_rate_index = j; 1952 } 1953 break; 1954 } 1955 } 1956 } 1957 } 1958 1959 static void ieee80211_destroy_assoc_data(struct ieee80211_sub_if_data *sdata, 1960 bool assoc) 1961 { 1962 struct ieee80211_mgd_assoc_data *assoc_data = sdata->u.mgd.assoc_data; 1963 1964 lockdep_assert_held(&sdata->u.mgd.mtx); 1965 1966 if (!assoc) { 1967 sta_info_destroy_addr(sdata, assoc_data->bss->bssid); 1968 1969 memset(sdata->u.mgd.bssid, 0, ETH_ALEN); 1970 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BSSID); 1971 } 1972 1973 kfree(assoc_data); 1974 sdata->u.mgd.assoc_data = NULL; 1975 } 1976 1977 static bool ieee80211_assoc_success(struct ieee80211_sub_if_data *sdata, 1978 struct cfg80211_bss *cbss, 1979 struct ieee80211_mgmt *mgmt, size_t len) 1980 { 1981 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1982 struct ieee80211_local *local = sdata->local; 1983 struct ieee80211_supported_band *sband; 1984 struct sta_info *sta; 1985 u8 *pos; 1986 u16 capab_info, aid; 1987 struct ieee802_11_elems elems; 1988 struct ieee80211_bss_conf *bss_conf = &sdata->vif.bss_conf; 1989 u32 changed = 0; 1990 int err; 1991 1992 /* AssocResp and ReassocResp have identical structure */ 1993 1994 aid = le16_to_cpu(mgmt->u.assoc_resp.aid); 1995 capab_info = le16_to_cpu(mgmt->u.assoc_resp.capab_info); 1996 1997 if ((aid & (BIT(15) | BIT(14))) != (BIT(15) | BIT(14))) 1998 sdata_info(sdata, "invalid AID value 0x%x; bits 15:14 not set\n", 1999 aid); 2000 aid &= ~(BIT(15) | BIT(14)); 2001 2002 ifmgd->broken_ap = false; 2003 2004 if (aid == 0 || aid > IEEE80211_MAX_AID) { 2005 sdata_info(sdata, "invalid AID value %d (out of range), turn off PS\n", 2006 aid); 2007 aid = 0; 2008 ifmgd->broken_ap = true; 2009 } 2010 2011 pos = mgmt->u.assoc_resp.variable; 2012 ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems); 2013 2014 if (!elems.supp_rates) { 2015 sdata_info(sdata, "no SuppRates element in AssocResp\n"); 2016 return false; 2017 } 2018 2019 ifmgd->aid = aid; 2020 2021 mutex_lock(&sdata->local->sta_mtx); 2022 /* 2023 * station info was already allocated and inserted before 2024 * the association and should be available to us 2025 */ 2026 sta = sta_info_get(sdata, cbss->bssid); 2027 if (WARN_ON(!sta)) { 2028 mutex_unlock(&sdata->local->sta_mtx); 2029 return false; 2030 } 2031 2032 sband = local->hw.wiphy->bands[local->oper_channel->band]; 2033 2034 if (elems.ht_cap_elem && !(ifmgd->flags & IEEE80211_STA_DISABLE_11N)) 2035 ieee80211_ht_cap_ie_to_sta_ht_cap(sdata, sband, 2036 elems.ht_cap_elem, &sta->sta.ht_cap); 2037 2038 sta->supports_40mhz = 2039 sta->sta.ht_cap.cap & IEEE80211_HT_CAP_SUP_WIDTH_20_40; 2040 2041 rate_control_rate_init(sta); 2042 2043 if (ifmgd->flags & IEEE80211_STA_MFP_ENABLED) 2044 set_sta_flag(sta, WLAN_STA_MFP); 2045 2046 if (elems.wmm_param) 2047 set_sta_flag(sta, WLAN_STA_WME); 2048 2049 err = sta_info_move_state(sta, IEEE80211_STA_AUTH); 2050 if (!err) 2051 err = sta_info_move_state(sta, IEEE80211_STA_ASSOC); 2052 if (!err && !(ifmgd->flags & IEEE80211_STA_CONTROL_PORT)) 2053 err = sta_info_move_state(sta, IEEE80211_STA_AUTHORIZED); 2054 if (err) { 2055 sdata_info(sdata, 2056 "failed to move station %pM to desired state\n", 2057 sta->sta.addr); 2058 WARN_ON(__sta_info_destroy(sta)); 2059 mutex_unlock(&sdata->local->sta_mtx); 2060 return false; 2061 } 2062 2063 mutex_unlock(&sdata->local->sta_mtx); 2064 2065 /* 2066 * Always handle WMM once after association regardless 2067 * of the first value the AP uses. Setting -1 here has 2068 * that effect because the AP values is an unsigned 2069 * 4-bit value. 2070 */ 2071 ifmgd->wmm_last_param_set = -1; 2072 2073 if (elems.wmm_param) 2074 ieee80211_sta_wmm_params(local, sdata, elems.wmm_param, 2075 elems.wmm_param_len); 2076 else 2077 ieee80211_set_wmm_default(sdata, false); 2078 changed |= BSS_CHANGED_QOS; 2079 2080 if (elems.ht_operation && elems.wmm_param && 2081 !(ifmgd->flags & IEEE80211_STA_DISABLE_11N)) 2082 changed |= ieee80211_config_ht_tx(sdata, elems.ht_operation, 2083 cbss->bssid, false); 2084 2085 /* set AID and assoc capability, 2086 * ieee80211_set_associated() will tell the driver */ 2087 bss_conf->aid = aid; 2088 bss_conf->assoc_capability = capab_info; 2089 ieee80211_set_associated(sdata, cbss, changed); 2090 2091 /* 2092 * If we're using 4-addr mode, let the AP know that we're 2093 * doing so, so that it can create the STA VLAN on its side 2094 */ 2095 if (ifmgd->use_4addr) 2096 ieee80211_send_4addr_nullfunc(local, sdata); 2097 2098 /* 2099 * Start timer to probe the connection to the AP now. 2100 * Also start the timer that will detect beacon loss. 2101 */ 2102 ieee80211_sta_rx_notify(sdata, (struct ieee80211_hdr *)mgmt); 2103 ieee80211_sta_reset_beacon_monitor(sdata); 2104 2105 return true; 2106 } 2107 2108 static enum rx_mgmt_action __must_check 2109 ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata, 2110 struct ieee80211_mgmt *mgmt, size_t len, 2111 struct cfg80211_bss **bss) 2112 { 2113 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2114 struct ieee80211_mgd_assoc_data *assoc_data = ifmgd->assoc_data; 2115 u16 capab_info, status_code, aid; 2116 struct ieee802_11_elems elems; 2117 u8 *pos; 2118 bool reassoc; 2119 2120 lockdep_assert_held(&ifmgd->mtx); 2121 2122 if (!assoc_data) 2123 return RX_MGMT_NONE; 2124 if (!ether_addr_equal(assoc_data->bss->bssid, mgmt->bssid)) 2125 return RX_MGMT_NONE; 2126 2127 /* 2128 * AssocResp and ReassocResp have identical structure, so process both 2129 * of them in this function. 2130 */ 2131 2132 if (len < 24 + 6) 2133 return RX_MGMT_NONE; 2134 2135 reassoc = ieee80211_is_reassoc_req(mgmt->frame_control); 2136 capab_info = le16_to_cpu(mgmt->u.assoc_resp.capab_info); 2137 status_code = le16_to_cpu(mgmt->u.assoc_resp.status_code); 2138 aid = le16_to_cpu(mgmt->u.assoc_resp.aid); 2139 2140 sdata_info(sdata, 2141 "RX %sssocResp from %pM (capab=0x%x status=%d aid=%d)\n", 2142 reassoc ? "Rea" : "A", mgmt->sa, 2143 capab_info, status_code, (u16)(aid & ~(BIT(15) | BIT(14)))); 2144 2145 pos = mgmt->u.assoc_resp.variable; 2146 ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems); 2147 2148 if (status_code == WLAN_STATUS_ASSOC_REJECTED_TEMPORARILY && 2149 elems.timeout_int && elems.timeout_int_len == 5 && 2150 elems.timeout_int[0] == WLAN_TIMEOUT_ASSOC_COMEBACK) { 2151 u32 tu, ms; 2152 tu = get_unaligned_le32(elems.timeout_int + 1); 2153 ms = tu * 1024 / 1000; 2154 sdata_info(sdata, 2155 "%pM rejected association temporarily; comeback duration %u TU (%u ms)\n", 2156 mgmt->sa, tu, ms); 2157 assoc_data->timeout = jiffies + msecs_to_jiffies(ms); 2158 if (ms > IEEE80211_ASSOC_TIMEOUT) 2159 run_again(ifmgd, assoc_data->timeout); 2160 return RX_MGMT_NONE; 2161 } 2162 2163 *bss = assoc_data->bss; 2164 2165 if (status_code != WLAN_STATUS_SUCCESS) { 2166 sdata_info(sdata, "%pM denied association (code=%d)\n", 2167 mgmt->sa, status_code); 2168 ieee80211_destroy_assoc_data(sdata, false); 2169 } else { 2170 if (!ieee80211_assoc_success(sdata, *bss, mgmt, len)) { 2171 /* oops -- internal error -- send timeout for now */ 2172 ieee80211_destroy_assoc_data(sdata, false); 2173 cfg80211_put_bss(*bss); 2174 return RX_MGMT_CFG80211_ASSOC_TIMEOUT; 2175 } 2176 sdata_info(sdata, "associated\n"); 2177 2178 /* 2179 * destroy assoc_data afterwards, as otherwise an idle 2180 * recalc after assoc_data is NULL but before associated 2181 * is set can cause the interface to go idle 2182 */ 2183 ieee80211_destroy_assoc_data(sdata, true); 2184 } 2185 2186 return RX_MGMT_CFG80211_RX_ASSOC; 2187 } 2188 static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata, 2189 struct ieee80211_mgmt *mgmt, 2190 size_t len, 2191 struct ieee80211_rx_status *rx_status, 2192 struct ieee802_11_elems *elems, 2193 bool beacon) 2194 { 2195 struct ieee80211_local *local = sdata->local; 2196 int freq; 2197 struct ieee80211_bss *bss; 2198 struct ieee80211_channel *channel; 2199 bool need_ps = false; 2200 2201 if (sdata->u.mgd.associated && 2202 ether_addr_equal(mgmt->bssid, sdata->u.mgd.associated->bssid)) { 2203 bss = (void *)sdata->u.mgd.associated->priv; 2204 /* not previously set so we may need to recalc */ 2205 need_ps = !bss->dtim_period; 2206 } 2207 2208 if (elems->ds_params && elems->ds_params_len == 1) 2209 freq = ieee80211_channel_to_frequency(elems->ds_params[0], 2210 rx_status->band); 2211 else 2212 freq = rx_status->freq; 2213 2214 channel = ieee80211_get_channel(local->hw.wiphy, freq); 2215 2216 if (!channel || channel->flags & IEEE80211_CHAN_DISABLED) 2217 return; 2218 2219 bss = ieee80211_bss_info_update(local, rx_status, mgmt, len, elems, 2220 channel, beacon); 2221 if (bss) 2222 ieee80211_rx_bss_put(local, bss); 2223 2224 if (!sdata->u.mgd.associated) 2225 return; 2226 2227 if (need_ps) { 2228 mutex_lock(&local->iflist_mtx); 2229 ieee80211_recalc_ps(local, -1); 2230 mutex_unlock(&local->iflist_mtx); 2231 } 2232 2233 if (elems->ch_switch_elem && (elems->ch_switch_elem_len == 3) && 2234 (memcmp(mgmt->bssid, sdata->u.mgd.associated->bssid, 2235 ETH_ALEN) == 0)) { 2236 struct ieee80211_channel_sw_ie *sw_elem = 2237 (struct ieee80211_channel_sw_ie *)elems->ch_switch_elem; 2238 ieee80211_sta_process_chanswitch(sdata, sw_elem, 2239 bss, rx_status->mactime); 2240 } 2241 } 2242 2243 2244 static void ieee80211_rx_mgmt_probe_resp(struct ieee80211_sub_if_data *sdata, 2245 struct sk_buff *skb) 2246 { 2247 struct ieee80211_mgmt *mgmt = (void *)skb->data; 2248 struct ieee80211_if_managed *ifmgd; 2249 struct ieee80211_rx_status *rx_status = (void *) skb->cb; 2250 size_t baselen, len = skb->len; 2251 struct ieee802_11_elems elems; 2252 2253 ifmgd = &sdata->u.mgd; 2254 2255 ASSERT_MGD_MTX(ifmgd); 2256 2257 if (!ether_addr_equal(mgmt->da, sdata->vif.addr)) 2258 return; /* ignore ProbeResp to foreign address */ 2259 2260 baselen = (u8 *) mgmt->u.probe_resp.variable - (u8 *) mgmt; 2261 if (baselen > len) 2262 return; 2263 2264 ieee802_11_parse_elems(mgmt->u.probe_resp.variable, len - baselen, 2265 &elems); 2266 2267 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems, false); 2268 2269 if (ifmgd->associated && 2270 ether_addr_equal(mgmt->bssid, ifmgd->associated->bssid)) 2271 ieee80211_reset_ap_probe(sdata); 2272 2273 if (ifmgd->auth_data && !ifmgd->auth_data->bss->proberesp_ies && 2274 ether_addr_equal(mgmt->bssid, ifmgd->auth_data->bss->bssid)) { 2275 /* got probe response, continue with auth */ 2276 sdata_info(sdata, "direct probe responded\n"); 2277 ifmgd->auth_data->tries = 0; 2278 ifmgd->auth_data->timeout = jiffies; 2279 run_again(ifmgd, ifmgd->auth_data->timeout); 2280 } 2281 } 2282 2283 /* 2284 * This is the canonical list of information elements we care about, 2285 * the filter code also gives us all changes to the Microsoft OUI 2286 * (00:50:F2) vendor IE which is used for WMM which we need to track. 2287 * 2288 * We implement beacon filtering in software since that means we can 2289 * avoid processing the frame here and in cfg80211, and userspace 2290 * will not be able to tell whether the hardware supports it or not. 2291 * 2292 * XXX: This list needs to be dynamic -- userspace needs to be able to 2293 * add items it requires. It also needs to be able to tell us to 2294 * look out for other vendor IEs. 2295 */ 2296 static const u64 care_about_ies = 2297 (1ULL << WLAN_EID_COUNTRY) | 2298 (1ULL << WLAN_EID_ERP_INFO) | 2299 (1ULL << WLAN_EID_CHANNEL_SWITCH) | 2300 (1ULL << WLAN_EID_PWR_CONSTRAINT) | 2301 (1ULL << WLAN_EID_HT_CAPABILITY) | 2302 (1ULL << WLAN_EID_HT_OPERATION); 2303 2304 static void ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata, 2305 struct ieee80211_mgmt *mgmt, 2306 size_t len, 2307 struct ieee80211_rx_status *rx_status) 2308 { 2309 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2310 struct ieee80211_bss_conf *bss_conf = &sdata->vif.bss_conf; 2311 size_t baselen; 2312 struct ieee802_11_elems elems; 2313 struct ieee80211_local *local = sdata->local; 2314 u32 changed = 0; 2315 bool erp_valid, directed_tim = false; 2316 u8 erp_value = 0; 2317 u32 ncrc; 2318 u8 *bssid; 2319 2320 lockdep_assert_held(&ifmgd->mtx); 2321 2322 /* Process beacon from the current BSS */ 2323 baselen = (u8 *) mgmt->u.beacon.variable - (u8 *) mgmt; 2324 if (baselen > len) 2325 return; 2326 2327 if (rx_status->freq != local->hw.conf.channel->center_freq) 2328 return; 2329 2330 if (ifmgd->assoc_data && !ifmgd->assoc_data->have_beacon && 2331 ether_addr_equal(mgmt->bssid, ifmgd->assoc_data->bss->bssid)) { 2332 ieee802_11_parse_elems(mgmt->u.beacon.variable, 2333 len - baselen, &elems); 2334 2335 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems, 2336 false); 2337 ifmgd->assoc_data->have_beacon = true; 2338 ifmgd->assoc_data->sent_assoc = false; 2339 /* continue assoc process */ 2340 ifmgd->assoc_data->timeout = jiffies; 2341 run_again(ifmgd, ifmgd->assoc_data->timeout); 2342 return; 2343 } 2344 2345 if (!ifmgd->associated || 2346 !ether_addr_equal(mgmt->bssid, ifmgd->associated->bssid)) 2347 return; 2348 bssid = ifmgd->associated->bssid; 2349 2350 /* Track average RSSI from the Beacon frames of the current AP */ 2351 ifmgd->last_beacon_signal = rx_status->signal; 2352 if (ifmgd->flags & IEEE80211_STA_RESET_SIGNAL_AVE) { 2353 ifmgd->flags &= ~IEEE80211_STA_RESET_SIGNAL_AVE; 2354 ifmgd->ave_beacon_signal = rx_status->signal * 16; 2355 ifmgd->last_cqm_event_signal = 0; 2356 ifmgd->count_beacon_signal = 1; 2357 ifmgd->last_ave_beacon_signal = 0; 2358 } else { 2359 ifmgd->ave_beacon_signal = 2360 (IEEE80211_SIGNAL_AVE_WEIGHT * rx_status->signal * 16 + 2361 (16 - IEEE80211_SIGNAL_AVE_WEIGHT) * 2362 ifmgd->ave_beacon_signal) / 16; 2363 ifmgd->count_beacon_signal++; 2364 } 2365 2366 if (ifmgd->rssi_min_thold != ifmgd->rssi_max_thold && 2367 ifmgd->count_beacon_signal >= IEEE80211_SIGNAL_AVE_MIN_COUNT) { 2368 int sig = ifmgd->ave_beacon_signal; 2369 int last_sig = ifmgd->last_ave_beacon_signal; 2370 2371 /* 2372 * if signal crosses either of the boundaries, invoke callback 2373 * with appropriate parameters 2374 */ 2375 if (sig > ifmgd->rssi_max_thold && 2376 (last_sig <= ifmgd->rssi_min_thold || last_sig == 0)) { 2377 ifmgd->last_ave_beacon_signal = sig; 2378 drv_rssi_callback(local, RSSI_EVENT_HIGH); 2379 } else if (sig < ifmgd->rssi_min_thold && 2380 (last_sig >= ifmgd->rssi_max_thold || 2381 last_sig == 0)) { 2382 ifmgd->last_ave_beacon_signal = sig; 2383 drv_rssi_callback(local, RSSI_EVENT_LOW); 2384 } 2385 } 2386 2387 if (bss_conf->cqm_rssi_thold && 2388 ifmgd->count_beacon_signal >= IEEE80211_SIGNAL_AVE_MIN_COUNT && 2389 !(sdata->vif.driver_flags & IEEE80211_VIF_SUPPORTS_CQM_RSSI)) { 2390 int sig = ifmgd->ave_beacon_signal / 16; 2391 int last_event = ifmgd->last_cqm_event_signal; 2392 int thold = bss_conf->cqm_rssi_thold; 2393 int hyst = bss_conf->cqm_rssi_hyst; 2394 if (sig < thold && 2395 (last_event == 0 || sig < last_event - hyst)) { 2396 ifmgd->last_cqm_event_signal = sig; 2397 ieee80211_cqm_rssi_notify( 2398 &sdata->vif, 2399 NL80211_CQM_RSSI_THRESHOLD_EVENT_LOW, 2400 GFP_KERNEL); 2401 } else if (sig > thold && 2402 (last_event == 0 || sig > last_event + hyst)) { 2403 ifmgd->last_cqm_event_signal = sig; 2404 ieee80211_cqm_rssi_notify( 2405 &sdata->vif, 2406 NL80211_CQM_RSSI_THRESHOLD_EVENT_HIGH, 2407 GFP_KERNEL); 2408 } 2409 } 2410 2411 if (ifmgd->flags & IEEE80211_STA_BEACON_POLL) { 2412 mlme_dbg_ratelimited(sdata, 2413 "cancelling probereq poll due to a received beacon\n"); 2414 mutex_lock(&local->mtx); 2415 ifmgd->flags &= ~IEEE80211_STA_BEACON_POLL; 2416 ieee80211_run_deferred_scan(local); 2417 mutex_unlock(&local->mtx); 2418 2419 mutex_lock(&local->iflist_mtx); 2420 ieee80211_recalc_ps(local, -1); 2421 mutex_unlock(&local->iflist_mtx); 2422 } 2423 2424 /* 2425 * Push the beacon loss detection into the future since 2426 * we are processing a beacon from the AP just now. 2427 */ 2428 ieee80211_sta_reset_beacon_monitor(sdata); 2429 2430 ncrc = crc32_be(0, (void *)&mgmt->u.beacon.beacon_int, 4); 2431 ncrc = ieee802_11_parse_elems_crc(mgmt->u.beacon.variable, 2432 len - baselen, &elems, 2433 care_about_ies, ncrc); 2434 2435 if (local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK) 2436 directed_tim = ieee80211_check_tim(elems.tim, elems.tim_len, 2437 ifmgd->aid); 2438 2439 if (local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK) { 2440 if (directed_tim) { 2441 if (local->hw.conf.dynamic_ps_timeout > 0) { 2442 if (local->hw.conf.flags & IEEE80211_CONF_PS) { 2443 local->hw.conf.flags &= ~IEEE80211_CONF_PS; 2444 ieee80211_hw_config(local, 2445 IEEE80211_CONF_CHANGE_PS); 2446 } 2447 ieee80211_send_nullfunc(local, sdata, 0); 2448 } else if (!local->pspolling && sdata->u.mgd.powersave) { 2449 local->pspolling = true; 2450 2451 /* 2452 * Here is assumed that the driver will be 2453 * able to send ps-poll frame and receive a 2454 * response even though power save mode is 2455 * enabled, but some drivers might require 2456 * to disable power save here. This needs 2457 * to be investigated. 2458 */ 2459 ieee80211_send_pspoll(local, sdata); 2460 } 2461 } 2462 } 2463 2464 if (ncrc == ifmgd->beacon_crc && ifmgd->beacon_crc_valid) 2465 return; 2466 ifmgd->beacon_crc = ncrc; 2467 ifmgd->beacon_crc_valid = true; 2468 2469 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems, 2470 true); 2471 2472 if (ieee80211_sta_wmm_params(local, sdata, elems.wmm_param, 2473 elems.wmm_param_len)) 2474 changed |= BSS_CHANGED_QOS; 2475 2476 if (elems.erp_info && elems.erp_info_len >= 1) { 2477 erp_valid = true; 2478 erp_value = elems.erp_info[0]; 2479 } else { 2480 erp_valid = false; 2481 } 2482 changed |= ieee80211_handle_bss_capability(sdata, 2483 le16_to_cpu(mgmt->u.beacon.capab_info), 2484 erp_valid, erp_value); 2485 2486 2487 if (elems.ht_cap_elem && elems.ht_operation && elems.wmm_param && 2488 !(ifmgd->flags & IEEE80211_STA_DISABLE_11N)) { 2489 struct ieee80211_supported_band *sband; 2490 2491 sband = local->hw.wiphy->bands[local->hw.conf.channel->band]; 2492 2493 changed |= ieee80211_config_ht_tx(sdata, elems.ht_operation, 2494 bssid, true); 2495 } 2496 2497 /* Note: country IE parsing is done for us by cfg80211 */ 2498 if (elems.country_elem) { 2499 /* TODO: IBSS also needs this */ 2500 if (elems.pwr_constr_elem) 2501 ieee80211_handle_pwr_constr(sdata, 2502 le16_to_cpu(mgmt->u.probe_resp.capab_info), 2503 elems.pwr_constr_elem, 2504 elems.pwr_constr_elem_len); 2505 } 2506 2507 ieee80211_bss_info_change_notify(sdata, changed); 2508 } 2509 2510 void ieee80211_sta_rx_queued_mgmt(struct ieee80211_sub_if_data *sdata, 2511 struct sk_buff *skb) 2512 { 2513 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2514 struct ieee80211_rx_status *rx_status; 2515 struct ieee80211_mgmt *mgmt; 2516 struct cfg80211_bss *bss = NULL; 2517 enum rx_mgmt_action rma = RX_MGMT_NONE; 2518 u16 fc; 2519 2520 rx_status = (struct ieee80211_rx_status *) skb->cb; 2521 mgmt = (struct ieee80211_mgmt *) skb->data; 2522 fc = le16_to_cpu(mgmt->frame_control); 2523 2524 mutex_lock(&ifmgd->mtx); 2525 2526 switch (fc & IEEE80211_FCTL_STYPE) { 2527 case IEEE80211_STYPE_BEACON: 2528 ieee80211_rx_mgmt_beacon(sdata, mgmt, skb->len, rx_status); 2529 break; 2530 case IEEE80211_STYPE_PROBE_RESP: 2531 ieee80211_rx_mgmt_probe_resp(sdata, skb); 2532 break; 2533 case IEEE80211_STYPE_AUTH: 2534 rma = ieee80211_rx_mgmt_auth(sdata, mgmt, skb->len); 2535 break; 2536 case IEEE80211_STYPE_DEAUTH: 2537 rma = ieee80211_rx_mgmt_deauth(sdata, mgmt, skb->len); 2538 break; 2539 case IEEE80211_STYPE_DISASSOC: 2540 rma = ieee80211_rx_mgmt_disassoc(sdata, mgmt, skb->len); 2541 break; 2542 case IEEE80211_STYPE_ASSOC_RESP: 2543 case IEEE80211_STYPE_REASSOC_RESP: 2544 rma = ieee80211_rx_mgmt_assoc_resp(sdata, mgmt, skb->len, &bss); 2545 break; 2546 case IEEE80211_STYPE_ACTION: 2547 switch (mgmt->u.action.category) { 2548 case WLAN_CATEGORY_SPECTRUM_MGMT: 2549 ieee80211_sta_process_chanswitch(sdata, 2550 &mgmt->u.action.u.chan_switch.sw_elem, 2551 (void *)ifmgd->associated->priv, 2552 rx_status->mactime); 2553 break; 2554 } 2555 } 2556 mutex_unlock(&ifmgd->mtx); 2557 2558 switch (rma) { 2559 case RX_MGMT_NONE: 2560 /* no action */ 2561 break; 2562 case RX_MGMT_CFG80211_DEAUTH: 2563 cfg80211_send_deauth(sdata->dev, (u8 *)mgmt, skb->len); 2564 break; 2565 case RX_MGMT_CFG80211_DISASSOC: 2566 cfg80211_send_disassoc(sdata->dev, (u8 *)mgmt, skb->len); 2567 break; 2568 case RX_MGMT_CFG80211_RX_AUTH: 2569 cfg80211_send_rx_auth(sdata->dev, (u8 *)mgmt, skb->len); 2570 break; 2571 case RX_MGMT_CFG80211_RX_ASSOC: 2572 cfg80211_send_rx_assoc(sdata->dev, bss, (u8 *)mgmt, skb->len); 2573 break; 2574 case RX_MGMT_CFG80211_ASSOC_TIMEOUT: 2575 cfg80211_send_assoc_timeout(sdata->dev, mgmt->bssid); 2576 break; 2577 default: 2578 WARN(1, "unexpected: %d", rma); 2579 } 2580 } 2581 2582 static void ieee80211_sta_timer(unsigned long data) 2583 { 2584 struct ieee80211_sub_if_data *sdata = 2585 (struct ieee80211_sub_if_data *) data; 2586 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2587 struct ieee80211_local *local = sdata->local; 2588 2589 if (local->quiescing) { 2590 set_bit(TMR_RUNNING_TIMER, &ifmgd->timers_running); 2591 return; 2592 } 2593 2594 ieee80211_queue_work(&local->hw, &sdata->work); 2595 } 2596 2597 static void ieee80211_sta_connection_lost(struct ieee80211_sub_if_data *sdata, 2598 u8 *bssid, u8 reason) 2599 { 2600 struct ieee80211_local *local = sdata->local; 2601 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2602 u8 frame_buf[DEAUTH_DISASSOC_LEN]; 2603 2604 ieee80211_set_disassoc(sdata, IEEE80211_STYPE_DEAUTH, reason, 2605 false, frame_buf); 2606 mutex_unlock(&ifmgd->mtx); 2607 2608 /* 2609 * must be outside lock due to cfg80211, 2610 * but that's not a problem. 2611 */ 2612 cfg80211_send_deauth(sdata->dev, frame_buf, DEAUTH_DISASSOC_LEN); 2613 2614 mutex_lock(&local->mtx); 2615 ieee80211_recalc_idle(local); 2616 mutex_unlock(&local->mtx); 2617 2618 mutex_lock(&ifmgd->mtx); 2619 } 2620 2621 static int ieee80211_probe_auth(struct ieee80211_sub_if_data *sdata) 2622 { 2623 struct ieee80211_local *local = sdata->local; 2624 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2625 struct ieee80211_mgd_auth_data *auth_data = ifmgd->auth_data; 2626 2627 lockdep_assert_held(&ifmgd->mtx); 2628 2629 if (WARN_ON_ONCE(!auth_data)) 2630 return -EINVAL; 2631 2632 auth_data->tries++; 2633 2634 if (auth_data->tries > IEEE80211_AUTH_MAX_TRIES) { 2635 sdata_info(sdata, "authentication with %pM timed out\n", 2636 auth_data->bss->bssid); 2637 2638 /* 2639 * Most likely AP is not in the range so remove the 2640 * bss struct for that AP. 2641 */ 2642 cfg80211_unlink_bss(local->hw.wiphy, auth_data->bss); 2643 2644 return -ETIMEDOUT; 2645 } 2646 2647 drv_mgd_prepare_tx(local, sdata); 2648 2649 if (auth_data->bss->proberesp_ies) { 2650 sdata_info(sdata, "send auth to %pM (try %d/%d)\n", 2651 auth_data->bss->bssid, auth_data->tries, 2652 IEEE80211_AUTH_MAX_TRIES); 2653 2654 auth_data->expected_transaction = 2; 2655 ieee80211_send_auth(sdata, 1, auth_data->algorithm, 2656 auth_data->ie, auth_data->ie_len, 2657 auth_data->bss->bssid, 2658 auth_data->bss->bssid, NULL, 0, 0); 2659 } else { 2660 const u8 *ssidie; 2661 2662 sdata_info(sdata, "direct probe to %pM (try %d/%i)\n", 2663 auth_data->bss->bssid, auth_data->tries, 2664 IEEE80211_AUTH_MAX_TRIES); 2665 2666 ssidie = ieee80211_bss_get_ie(auth_data->bss, WLAN_EID_SSID); 2667 if (!ssidie) 2668 return -EINVAL; 2669 /* 2670 * Direct probe is sent to broadcast address as some APs 2671 * will not answer to direct packet in unassociated state. 2672 */ 2673 ieee80211_send_probe_req(sdata, NULL, ssidie + 2, ssidie[1], 2674 NULL, 0, (u32) -1, true, false); 2675 } 2676 2677 auth_data->timeout = jiffies + IEEE80211_AUTH_TIMEOUT; 2678 run_again(ifmgd, auth_data->timeout); 2679 2680 return 0; 2681 } 2682 2683 static int ieee80211_do_assoc(struct ieee80211_sub_if_data *sdata) 2684 { 2685 struct ieee80211_mgd_assoc_data *assoc_data = sdata->u.mgd.assoc_data; 2686 struct ieee80211_local *local = sdata->local; 2687 2688 lockdep_assert_held(&sdata->u.mgd.mtx); 2689 2690 assoc_data->tries++; 2691 if (assoc_data->tries > IEEE80211_ASSOC_MAX_TRIES) { 2692 sdata_info(sdata, "association with %pM timed out\n", 2693 assoc_data->bss->bssid); 2694 2695 /* 2696 * Most likely AP is not in the range so remove the 2697 * bss struct for that AP. 2698 */ 2699 cfg80211_unlink_bss(local->hw.wiphy, assoc_data->bss); 2700 2701 return -ETIMEDOUT; 2702 } 2703 2704 sdata_info(sdata, "associate with %pM (try %d/%d)\n", 2705 assoc_data->bss->bssid, assoc_data->tries, 2706 IEEE80211_ASSOC_MAX_TRIES); 2707 ieee80211_send_assoc(sdata); 2708 2709 assoc_data->timeout = jiffies + IEEE80211_ASSOC_TIMEOUT; 2710 run_again(&sdata->u.mgd, assoc_data->timeout); 2711 2712 return 0; 2713 } 2714 2715 void ieee80211_sta_work(struct ieee80211_sub_if_data *sdata) 2716 { 2717 struct ieee80211_local *local = sdata->local; 2718 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2719 2720 mutex_lock(&ifmgd->mtx); 2721 2722 if (ifmgd->auth_data && 2723 time_after(jiffies, ifmgd->auth_data->timeout)) { 2724 if (ifmgd->auth_data->done) { 2725 /* 2726 * ok ... we waited for assoc but userspace didn't, 2727 * so let's just kill the auth data 2728 */ 2729 ieee80211_destroy_auth_data(sdata, false); 2730 } else if (ieee80211_probe_auth(sdata)) { 2731 u8 bssid[ETH_ALEN]; 2732 2733 memcpy(bssid, ifmgd->auth_data->bss->bssid, ETH_ALEN); 2734 2735 ieee80211_destroy_auth_data(sdata, false); 2736 2737 mutex_unlock(&ifmgd->mtx); 2738 cfg80211_send_auth_timeout(sdata->dev, bssid); 2739 mutex_lock(&ifmgd->mtx); 2740 } 2741 } else if (ifmgd->auth_data) 2742 run_again(ifmgd, ifmgd->auth_data->timeout); 2743 2744 if (ifmgd->assoc_data && 2745 time_after(jiffies, ifmgd->assoc_data->timeout)) { 2746 if (!ifmgd->assoc_data->have_beacon || 2747 ieee80211_do_assoc(sdata)) { 2748 u8 bssid[ETH_ALEN]; 2749 2750 memcpy(bssid, ifmgd->assoc_data->bss->bssid, ETH_ALEN); 2751 2752 ieee80211_destroy_assoc_data(sdata, false); 2753 2754 mutex_unlock(&ifmgd->mtx); 2755 cfg80211_send_assoc_timeout(sdata->dev, bssid); 2756 mutex_lock(&ifmgd->mtx); 2757 } 2758 } else if (ifmgd->assoc_data) 2759 run_again(ifmgd, ifmgd->assoc_data->timeout); 2760 2761 if (ifmgd->flags & (IEEE80211_STA_BEACON_POLL | 2762 IEEE80211_STA_CONNECTION_POLL) && 2763 ifmgd->associated) { 2764 u8 bssid[ETH_ALEN]; 2765 int max_tries; 2766 2767 memcpy(bssid, ifmgd->associated->bssid, ETH_ALEN); 2768 2769 if (local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS) 2770 max_tries = max_nullfunc_tries; 2771 else 2772 max_tries = max_probe_tries; 2773 2774 /* ACK received for nullfunc probing frame */ 2775 if (!ifmgd->probe_send_count) 2776 ieee80211_reset_ap_probe(sdata); 2777 else if (ifmgd->nullfunc_failed) { 2778 if (ifmgd->probe_send_count < max_tries) { 2779 mlme_dbg(sdata, 2780 "No ack for nullfunc frame to AP %pM, try %d/%i\n", 2781 bssid, ifmgd->probe_send_count, 2782 max_tries); 2783 ieee80211_mgd_probe_ap_send(sdata); 2784 } else { 2785 mlme_dbg(sdata, 2786 "No ack for nullfunc frame to AP %pM, disconnecting.\n", 2787 bssid); 2788 ieee80211_sta_connection_lost(sdata, bssid, 2789 WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY); 2790 } 2791 } else if (time_is_after_jiffies(ifmgd->probe_timeout)) 2792 run_again(ifmgd, ifmgd->probe_timeout); 2793 else if (local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS) { 2794 mlme_dbg(sdata, 2795 "Failed to send nullfunc to AP %pM after %dms, disconnecting\n", 2796 bssid, probe_wait_ms); 2797 ieee80211_sta_connection_lost(sdata, bssid, 2798 WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY); 2799 } else if (ifmgd->probe_send_count < max_tries) { 2800 mlme_dbg(sdata, 2801 "No probe response from AP %pM after %dms, try %d/%i\n", 2802 bssid, probe_wait_ms, 2803 ifmgd->probe_send_count, max_tries); 2804 ieee80211_mgd_probe_ap_send(sdata); 2805 } else { 2806 /* 2807 * We actually lost the connection ... or did we? 2808 * Let's make sure! 2809 */ 2810 wiphy_debug(local->hw.wiphy, 2811 "%s: No probe response from AP %pM" 2812 " after %dms, disconnecting.\n", 2813 sdata->name, 2814 bssid, probe_wait_ms); 2815 2816 ieee80211_sta_connection_lost(sdata, bssid, 2817 WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY); 2818 } 2819 } 2820 2821 mutex_unlock(&ifmgd->mtx); 2822 2823 mutex_lock(&local->mtx); 2824 ieee80211_recalc_idle(local); 2825 mutex_unlock(&local->mtx); 2826 } 2827 2828 static void ieee80211_sta_bcn_mon_timer(unsigned long data) 2829 { 2830 struct ieee80211_sub_if_data *sdata = 2831 (struct ieee80211_sub_if_data *) data; 2832 struct ieee80211_local *local = sdata->local; 2833 2834 if (local->quiescing) 2835 return; 2836 2837 ieee80211_queue_work(&sdata->local->hw, 2838 &sdata->u.mgd.beacon_connection_loss_work); 2839 } 2840 2841 static void ieee80211_sta_conn_mon_timer(unsigned long data) 2842 { 2843 struct ieee80211_sub_if_data *sdata = 2844 (struct ieee80211_sub_if_data *) data; 2845 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2846 struct ieee80211_local *local = sdata->local; 2847 2848 if (local->quiescing) 2849 return; 2850 2851 ieee80211_queue_work(&local->hw, &ifmgd->monitor_work); 2852 } 2853 2854 static void ieee80211_sta_monitor_work(struct work_struct *work) 2855 { 2856 struct ieee80211_sub_if_data *sdata = 2857 container_of(work, struct ieee80211_sub_if_data, 2858 u.mgd.monitor_work); 2859 2860 ieee80211_mgd_probe_ap(sdata, false); 2861 } 2862 2863 static void ieee80211_restart_sta_timer(struct ieee80211_sub_if_data *sdata) 2864 { 2865 u32 flags; 2866 2867 if (sdata->vif.type == NL80211_IFTYPE_STATION) { 2868 __ieee80211_stop_poll(sdata); 2869 2870 /* let's probe the connection once */ 2871 flags = sdata->local->hw.flags; 2872 if (!(flags & IEEE80211_HW_CONNECTION_MONITOR)) 2873 ieee80211_queue_work(&sdata->local->hw, 2874 &sdata->u.mgd.monitor_work); 2875 /* and do all the other regular work too */ 2876 ieee80211_queue_work(&sdata->local->hw, &sdata->work); 2877 } 2878 } 2879 2880 #ifdef CONFIG_PM 2881 void ieee80211_sta_quiesce(struct ieee80211_sub_if_data *sdata) 2882 { 2883 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2884 2885 /* 2886 * we need to use atomic bitops for the running bits 2887 * only because both timers might fire at the same 2888 * time -- the code here is properly synchronised. 2889 */ 2890 2891 cancel_work_sync(&ifmgd->request_smps_work); 2892 2893 cancel_work_sync(&ifmgd->monitor_work); 2894 cancel_work_sync(&ifmgd->beacon_connection_loss_work); 2895 if (del_timer_sync(&ifmgd->timer)) 2896 set_bit(TMR_RUNNING_TIMER, &ifmgd->timers_running); 2897 2898 cancel_work_sync(&ifmgd->chswitch_work); 2899 if (del_timer_sync(&ifmgd->chswitch_timer)) 2900 set_bit(TMR_RUNNING_CHANSW, &ifmgd->timers_running); 2901 2902 /* these will just be re-established on connection */ 2903 del_timer_sync(&ifmgd->conn_mon_timer); 2904 del_timer_sync(&ifmgd->bcn_mon_timer); 2905 } 2906 2907 void ieee80211_sta_restart(struct ieee80211_sub_if_data *sdata) 2908 { 2909 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2910 2911 if (!ifmgd->associated) 2912 return; 2913 2914 if (sdata->flags & IEEE80211_SDATA_DISCONNECT_RESUME) { 2915 sdata->flags &= ~IEEE80211_SDATA_DISCONNECT_RESUME; 2916 mutex_lock(&ifmgd->mtx); 2917 if (ifmgd->associated) { 2918 mlme_dbg(sdata, 2919 "driver requested disconnect after resume\n"); 2920 ieee80211_sta_connection_lost(sdata, 2921 ifmgd->associated->bssid, 2922 WLAN_REASON_UNSPECIFIED); 2923 mutex_unlock(&ifmgd->mtx); 2924 return; 2925 } 2926 mutex_unlock(&ifmgd->mtx); 2927 } 2928 2929 if (test_and_clear_bit(TMR_RUNNING_TIMER, &ifmgd->timers_running)) 2930 add_timer(&ifmgd->timer); 2931 if (test_and_clear_bit(TMR_RUNNING_CHANSW, &ifmgd->timers_running)) 2932 add_timer(&ifmgd->chswitch_timer); 2933 ieee80211_sta_reset_beacon_monitor(sdata); 2934 2935 mutex_lock(&sdata->local->mtx); 2936 ieee80211_restart_sta_timer(sdata); 2937 mutex_unlock(&sdata->local->mtx); 2938 } 2939 #endif 2940 2941 /* interface setup */ 2942 void ieee80211_sta_setup_sdata(struct ieee80211_sub_if_data *sdata) 2943 { 2944 struct ieee80211_if_managed *ifmgd; 2945 2946 ifmgd = &sdata->u.mgd; 2947 INIT_WORK(&ifmgd->monitor_work, ieee80211_sta_monitor_work); 2948 INIT_WORK(&ifmgd->chswitch_work, ieee80211_chswitch_work); 2949 INIT_WORK(&ifmgd->beacon_connection_loss_work, 2950 ieee80211_beacon_connection_loss_work); 2951 INIT_WORK(&ifmgd->request_smps_work, ieee80211_request_smps_work); 2952 setup_timer(&ifmgd->timer, ieee80211_sta_timer, 2953 (unsigned long) sdata); 2954 setup_timer(&ifmgd->bcn_mon_timer, ieee80211_sta_bcn_mon_timer, 2955 (unsigned long) sdata); 2956 setup_timer(&ifmgd->conn_mon_timer, ieee80211_sta_conn_mon_timer, 2957 (unsigned long) sdata); 2958 setup_timer(&ifmgd->chswitch_timer, ieee80211_chswitch_timer, 2959 (unsigned long) sdata); 2960 2961 ifmgd->flags = 0; 2962 ifmgd->powersave = sdata->wdev.ps; 2963 ifmgd->uapsd_queues = IEEE80211_DEFAULT_UAPSD_QUEUES; 2964 ifmgd->uapsd_max_sp_len = IEEE80211_DEFAULT_MAX_SP_LEN; 2965 2966 mutex_init(&ifmgd->mtx); 2967 2968 if (sdata->local->hw.flags & IEEE80211_HW_SUPPORTS_DYNAMIC_SMPS) 2969 ifmgd->req_smps = IEEE80211_SMPS_AUTOMATIC; 2970 else 2971 ifmgd->req_smps = IEEE80211_SMPS_OFF; 2972 } 2973 2974 /* scan finished notification */ 2975 void ieee80211_mlme_notify_scan_completed(struct ieee80211_local *local) 2976 { 2977 struct ieee80211_sub_if_data *sdata; 2978 2979 /* Restart STA timers */ 2980 rcu_read_lock(); 2981 list_for_each_entry_rcu(sdata, &local->interfaces, list) 2982 ieee80211_restart_sta_timer(sdata); 2983 rcu_read_unlock(); 2984 } 2985 2986 int ieee80211_max_network_latency(struct notifier_block *nb, 2987 unsigned long data, void *dummy) 2988 { 2989 s32 latency_usec = (s32) data; 2990 struct ieee80211_local *local = 2991 container_of(nb, struct ieee80211_local, 2992 network_latency_notifier); 2993 2994 mutex_lock(&local->iflist_mtx); 2995 ieee80211_recalc_ps(local, latency_usec); 2996 mutex_unlock(&local->iflist_mtx); 2997 2998 return 0; 2999 } 3000 3001 static int ieee80211_prep_connection(struct ieee80211_sub_if_data *sdata, 3002 struct cfg80211_bss *cbss, bool assoc) 3003 { 3004 struct ieee80211_local *local = sdata->local; 3005 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 3006 struct ieee80211_bss *bss = (void *)cbss->priv; 3007 struct sta_info *sta = NULL; 3008 bool have_sta = false; 3009 int err; 3010 int ht_cfreq; 3011 enum nl80211_channel_type channel_type = NL80211_CHAN_NO_HT; 3012 const u8 *ht_oper_ie; 3013 const struct ieee80211_ht_operation *ht_oper = NULL; 3014 struct ieee80211_supported_band *sband; 3015 3016 if (WARN_ON(!ifmgd->auth_data && !ifmgd->assoc_data)) 3017 return -EINVAL; 3018 3019 if (assoc) { 3020 rcu_read_lock(); 3021 have_sta = sta_info_get(sdata, cbss->bssid); 3022 rcu_read_unlock(); 3023 } 3024 3025 if (!have_sta) { 3026 sta = sta_info_alloc(sdata, cbss->bssid, GFP_KERNEL); 3027 if (!sta) 3028 return -ENOMEM; 3029 } 3030 3031 mutex_lock(&local->mtx); 3032 ieee80211_recalc_idle(sdata->local); 3033 mutex_unlock(&local->mtx); 3034 3035 /* switch to the right channel */ 3036 sband = local->hw.wiphy->bands[cbss->channel->band]; 3037 3038 ifmgd->flags &= ~IEEE80211_STA_DISABLE_40MHZ; 3039 3040 if (sband->ht_cap.ht_supported) { 3041 ht_oper_ie = cfg80211_find_ie(WLAN_EID_HT_OPERATION, 3042 cbss->information_elements, 3043 cbss->len_information_elements); 3044 if (ht_oper_ie && ht_oper_ie[1] >= sizeof(*ht_oper)) 3045 ht_oper = (void *)(ht_oper_ie + 2); 3046 } 3047 3048 if (ht_oper) { 3049 ht_cfreq = ieee80211_channel_to_frequency(ht_oper->primary_chan, 3050 cbss->channel->band); 3051 /* check that channel matches the right operating channel */ 3052 if (cbss->channel->center_freq != ht_cfreq) { 3053 /* 3054 * It's possible that some APs are confused here; 3055 * Netgear WNDR3700 sometimes reports 4 higher than 3056 * the actual channel in association responses, but 3057 * since we look at probe response/beacon data here 3058 * it should be OK. 3059 */ 3060 sdata_info(sdata, 3061 "Wrong control channel: center-freq: %d ht-cfreq: %d ht->primary_chan: %d band: %d - Disabling HT\n", 3062 cbss->channel->center_freq, 3063 ht_cfreq, ht_oper->primary_chan, 3064 cbss->channel->band); 3065 ht_oper = NULL; 3066 } 3067 } 3068 3069 if (ht_oper) { 3070 channel_type = NL80211_CHAN_HT20; 3071 3072 if (sband->ht_cap.cap & IEEE80211_HT_CAP_SUP_WIDTH_20_40) { 3073 switch (ht_oper->ht_param & 3074 IEEE80211_HT_PARAM_CHA_SEC_OFFSET) { 3075 case IEEE80211_HT_PARAM_CHA_SEC_ABOVE: 3076 channel_type = NL80211_CHAN_HT40PLUS; 3077 break; 3078 case IEEE80211_HT_PARAM_CHA_SEC_BELOW: 3079 channel_type = NL80211_CHAN_HT40MINUS; 3080 break; 3081 } 3082 } 3083 } 3084 3085 if (!ieee80211_set_channel_type(local, sdata, channel_type)) { 3086 /* can only fail due to HT40+/- mismatch */ 3087 channel_type = NL80211_CHAN_HT20; 3088 sdata_info(sdata, 3089 "disabling 40 MHz due to multi-vif mismatch\n"); 3090 ifmgd->flags |= IEEE80211_STA_DISABLE_40MHZ; 3091 WARN_ON(!ieee80211_set_channel_type(local, sdata, 3092 channel_type)); 3093 } 3094 3095 local->oper_channel = cbss->channel; 3096 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_CHANNEL); 3097 3098 if (sta) { 3099 u32 rates = 0, basic_rates = 0; 3100 bool have_higher_than_11mbit; 3101 int min_rate = INT_MAX, min_rate_index = -1; 3102 3103 ieee80211_get_rates(sband, bss->supp_rates, 3104 bss->supp_rates_len, 3105 &rates, &basic_rates, 3106 &have_higher_than_11mbit, 3107 &min_rate, &min_rate_index); 3108 3109 /* 3110 * This used to be a workaround for basic rates missing 3111 * in the association response frame. Now that we no 3112 * longer use the basic rates from there, it probably 3113 * doesn't happen any more, but keep the workaround so 3114 * in case some *other* APs are buggy in different ways 3115 * we can connect -- with a warning. 3116 */ 3117 if (!basic_rates && min_rate_index >= 0) { 3118 sdata_info(sdata, 3119 "No basic rates, using min rate instead\n"); 3120 basic_rates = BIT(min_rate_index); 3121 } 3122 3123 sta->sta.supp_rates[cbss->channel->band] = rates; 3124 sdata->vif.bss_conf.basic_rates = basic_rates; 3125 3126 /* cf. IEEE 802.11 9.2.12 */ 3127 if (local->oper_channel->band == IEEE80211_BAND_2GHZ && 3128 have_higher_than_11mbit) 3129 sdata->flags |= IEEE80211_SDATA_OPERATING_GMODE; 3130 else 3131 sdata->flags &= ~IEEE80211_SDATA_OPERATING_GMODE; 3132 3133 memcpy(ifmgd->bssid, cbss->bssid, ETH_ALEN); 3134 3135 /* set timing information */ 3136 sdata->vif.bss_conf.beacon_int = cbss->beacon_interval; 3137 sdata->vif.bss_conf.sync_tsf = cbss->tsf; 3138 sdata->vif.bss_conf.sync_device_ts = bss->device_ts; 3139 3140 /* tell driver about BSSID, basic rates and timing */ 3141 ieee80211_bss_info_change_notify(sdata, 3142 BSS_CHANGED_BSSID | BSS_CHANGED_BASIC_RATES | 3143 BSS_CHANGED_BEACON_INT); 3144 3145 if (assoc) 3146 sta_info_pre_move_state(sta, IEEE80211_STA_AUTH); 3147 3148 err = sta_info_insert(sta); 3149 sta = NULL; 3150 if (err) { 3151 sdata_info(sdata, 3152 "failed to insert STA entry for the AP (error %d)\n", 3153 err); 3154 return err; 3155 } 3156 } else 3157 WARN_ON_ONCE(!ether_addr_equal(ifmgd->bssid, cbss->bssid)); 3158 3159 return 0; 3160 } 3161 3162 /* config hooks */ 3163 int ieee80211_mgd_auth(struct ieee80211_sub_if_data *sdata, 3164 struct cfg80211_auth_request *req) 3165 { 3166 struct ieee80211_local *local = sdata->local; 3167 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 3168 struct ieee80211_mgd_auth_data *auth_data; 3169 u16 auth_alg; 3170 int err; 3171 3172 /* prepare auth data structure */ 3173 3174 switch (req->auth_type) { 3175 case NL80211_AUTHTYPE_OPEN_SYSTEM: 3176 auth_alg = WLAN_AUTH_OPEN; 3177 break; 3178 case NL80211_AUTHTYPE_SHARED_KEY: 3179 if (IS_ERR(local->wep_tx_tfm)) 3180 return -EOPNOTSUPP; 3181 auth_alg = WLAN_AUTH_SHARED_KEY; 3182 break; 3183 case NL80211_AUTHTYPE_FT: 3184 auth_alg = WLAN_AUTH_FT; 3185 break; 3186 case NL80211_AUTHTYPE_NETWORK_EAP: 3187 auth_alg = WLAN_AUTH_LEAP; 3188 break; 3189 default: 3190 return -EOPNOTSUPP; 3191 } 3192 3193 auth_data = kzalloc(sizeof(*auth_data) + req->ie_len, GFP_KERNEL); 3194 if (!auth_data) 3195 return -ENOMEM; 3196 3197 auth_data->bss = req->bss; 3198 3199 if (req->ie && req->ie_len) { 3200 memcpy(auth_data->ie, req->ie, req->ie_len); 3201 auth_data->ie_len = req->ie_len; 3202 } 3203 3204 if (req->key && req->key_len) { 3205 auth_data->key_len = req->key_len; 3206 auth_data->key_idx = req->key_idx; 3207 memcpy(auth_data->key, req->key, req->key_len); 3208 } 3209 3210 auth_data->algorithm = auth_alg; 3211 3212 /* try to authenticate/probe */ 3213 3214 mutex_lock(&ifmgd->mtx); 3215 3216 if ((ifmgd->auth_data && !ifmgd->auth_data->done) || 3217 ifmgd->assoc_data) { 3218 err = -EBUSY; 3219 goto err_free; 3220 } 3221 3222 if (ifmgd->auth_data) 3223 ieee80211_destroy_auth_data(sdata, false); 3224 3225 /* prep auth_data so we don't go into idle on disassoc */ 3226 ifmgd->auth_data = auth_data; 3227 3228 if (ifmgd->associated) 3229 ieee80211_set_disassoc(sdata, 0, 0, false, NULL); 3230 3231 sdata_info(sdata, "authenticate with %pM\n", req->bss->bssid); 3232 3233 err = ieee80211_prep_connection(sdata, req->bss, false); 3234 if (err) 3235 goto err_clear; 3236 3237 err = ieee80211_probe_auth(sdata); 3238 if (err) { 3239 sta_info_destroy_addr(sdata, req->bss->bssid); 3240 goto err_clear; 3241 } 3242 3243 /* hold our own reference */ 3244 cfg80211_ref_bss(auth_data->bss); 3245 err = 0; 3246 goto out_unlock; 3247 3248 err_clear: 3249 ifmgd->auth_data = NULL; 3250 err_free: 3251 kfree(auth_data); 3252 out_unlock: 3253 mutex_unlock(&ifmgd->mtx); 3254 3255 return err; 3256 } 3257 3258 int ieee80211_mgd_assoc(struct ieee80211_sub_if_data *sdata, 3259 struct cfg80211_assoc_request *req) 3260 { 3261 struct ieee80211_local *local = sdata->local; 3262 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 3263 struct ieee80211_bss *bss = (void *)req->bss->priv; 3264 struct ieee80211_mgd_assoc_data *assoc_data; 3265 struct ieee80211_supported_band *sband; 3266 const u8 *ssidie, *ht_ie; 3267 int i, err; 3268 3269 ssidie = ieee80211_bss_get_ie(req->bss, WLAN_EID_SSID); 3270 if (!ssidie) 3271 return -EINVAL; 3272 3273 assoc_data = kzalloc(sizeof(*assoc_data) + req->ie_len, GFP_KERNEL); 3274 if (!assoc_data) 3275 return -ENOMEM; 3276 3277 mutex_lock(&ifmgd->mtx); 3278 3279 if (ifmgd->associated) 3280 ieee80211_set_disassoc(sdata, 0, 0, false, NULL); 3281 3282 if (ifmgd->auth_data && !ifmgd->auth_data->done) { 3283 err = -EBUSY; 3284 goto err_free; 3285 } 3286 3287 if (ifmgd->assoc_data) { 3288 err = -EBUSY; 3289 goto err_free; 3290 } 3291 3292 if (ifmgd->auth_data) { 3293 bool match; 3294 3295 /* keep sta info, bssid if matching */ 3296 match = ether_addr_equal(ifmgd->bssid, req->bss->bssid); 3297 ieee80211_destroy_auth_data(sdata, match); 3298 } 3299 3300 /* prepare assoc data */ 3301 3302 ifmgd->flags &= ~IEEE80211_STA_DISABLE_11N; 3303 ifmgd->flags &= ~IEEE80211_STA_NULLFUNC_ACKED; 3304 3305 ifmgd->beacon_crc_valid = false; 3306 3307 /* 3308 * IEEE802.11n does not allow TKIP/WEP as pairwise ciphers in HT mode. 3309 * We still associate in non-HT mode (11a/b/g) if any one of these 3310 * ciphers is configured as pairwise. 3311 * We can set this to true for non-11n hardware, that'll be checked 3312 * separately along with the peer capabilities. 3313 */ 3314 for (i = 0; i < req->crypto.n_ciphers_pairwise; i++) { 3315 if (req->crypto.ciphers_pairwise[i] == WLAN_CIPHER_SUITE_WEP40 || 3316 req->crypto.ciphers_pairwise[i] == WLAN_CIPHER_SUITE_TKIP || 3317 req->crypto.ciphers_pairwise[i] == WLAN_CIPHER_SUITE_WEP104) { 3318 ifmgd->flags |= IEEE80211_STA_DISABLE_11N; 3319 netdev_info(sdata->dev, 3320 "disabling HT due to WEP/TKIP use\n"); 3321 } 3322 } 3323 3324 if (req->flags & ASSOC_REQ_DISABLE_HT) 3325 ifmgd->flags |= IEEE80211_STA_DISABLE_11N; 3326 3327 /* Also disable HT if we don't support it or the AP doesn't use WMM */ 3328 sband = local->hw.wiphy->bands[req->bss->channel->band]; 3329 if (!sband->ht_cap.ht_supported || 3330 local->hw.queues < IEEE80211_NUM_ACS || !bss->wmm_used) { 3331 ifmgd->flags |= IEEE80211_STA_DISABLE_11N; 3332 netdev_info(sdata->dev, 3333 "disabling HT as WMM/QoS is not supported\n"); 3334 } 3335 3336 memcpy(&ifmgd->ht_capa, &req->ht_capa, sizeof(ifmgd->ht_capa)); 3337 memcpy(&ifmgd->ht_capa_mask, &req->ht_capa_mask, 3338 sizeof(ifmgd->ht_capa_mask)); 3339 3340 if (req->ie && req->ie_len) { 3341 memcpy(assoc_data->ie, req->ie, req->ie_len); 3342 assoc_data->ie_len = req->ie_len; 3343 } 3344 3345 assoc_data->bss = req->bss; 3346 3347 if (ifmgd->req_smps == IEEE80211_SMPS_AUTOMATIC) { 3348 if (ifmgd->powersave) 3349 ifmgd->ap_smps = IEEE80211_SMPS_DYNAMIC; 3350 else 3351 ifmgd->ap_smps = IEEE80211_SMPS_OFF; 3352 } else 3353 ifmgd->ap_smps = ifmgd->req_smps; 3354 3355 assoc_data->capability = req->bss->capability; 3356 assoc_data->wmm = bss->wmm_used && 3357 (local->hw.queues >= IEEE80211_NUM_ACS); 3358 assoc_data->supp_rates = bss->supp_rates; 3359 assoc_data->supp_rates_len = bss->supp_rates_len; 3360 3361 ht_ie = ieee80211_bss_get_ie(req->bss, WLAN_EID_HT_OPERATION); 3362 if (ht_ie && ht_ie[1] >= sizeof(struct ieee80211_ht_operation)) 3363 assoc_data->ap_ht_param = 3364 ((struct ieee80211_ht_operation *)(ht_ie + 2))->ht_param; 3365 else 3366 ifmgd->flags |= IEEE80211_STA_DISABLE_11N; 3367 3368 if (bss->wmm_used && bss->uapsd_supported && 3369 (sdata->local->hw.flags & IEEE80211_HW_SUPPORTS_UAPSD)) { 3370 assoc_data->uapsd = true; 3371 ifmgd->flags |= IEEE80211_STA_UAPSD_ENABLED; 3372 } else { 3373 assoc_data->uapsd = false; 3374 ifmgd->flags &= ~IEEE80211_STA_UAPSD_ENABLED; 3375 } 3376 3377 memcpy(assoc_data->ssid, ssidie + 2, ssidie[1]); 3378 assoc_data->ssid_len = ssidie[1]; 3379 3380 if (req->prev_bssid) 3381 memcpy(assoc_data->prev_bssid, req->prev_bssid, ETH_ALEN); 3382 3383 if (req->use_mfp) { 3384 ifmgd->mfp = IEEE80211_MFP_REQUIRED; 3385 ifmgd->flags |= IEEE80211_STA_MFP_ENABLED; 3386 } else { 3387 ifmgd->mfp = IEEE80211_MFP_DISABLED; 3388 ifmgd->flags &= ~IEEE80211_STA_MFP_ENABLED; 3389 } 3390 3391 if (req->crypto.control_port) 3392 ifmgd->flags |= IEEE80211_STA_CONTROL_PORT; 3393 else 3394 ifmgd->flags &= ~IEEE80211_STA_CONTROL_PORT; 3395 3396 sdata->control_port_protocol = req->crypto.control_port_ethertype; 3397 sdata->control_port_no_encrypt = req->crypto.control_port_no_encrypt; 3398 3399 /* kick off associate process */ 3400 3401 ifmgd->assoc_data = assoc_data; 3402 3403 err = ieee80211_prep_connection(sdata, req->bss, true); 3404 if (err) 3405 goto err_clear; 3406 3407 if (!bss->dtim_period && 3408 sdata->local->hw.flags & IEEE80211_HW_NEED_DTIM_PERIOD) { 3409 /* 3410 * Wait up to one beacon interval ... 3411 * should this be more if we miss one? 3412 */ 3413 sdata_info(sdata, "waiting for beacon from %pM\n", 3414 ifmgd->bssid); 3415 assoc_data->timeout = TU_TO_EXP_TIME(req->bss->beacon_interval); 3416 } else { 3417 assoc_data->have_beacon = true; 3418 assoc_data->sent_assoc = false; 3419 assoc_data->timeout = jiffies; 3420 } 3421 run_again(ifmgd, assoc_data->timeout); 3422 3423 if (bss->corrupt_data) { 3424 char *corrupt_type = "data"; 3425 if (bss->corrupt_data & IEEE80211_BSS_CORRUPT_BEACON) { 3426 if (bss->corrupt_data & 3427 IEEE80211_BSS_CORRUPT_PROBE_RESP) 3428 corrupt_type = "beacon and probe response"; 3429 else 3430 corrupt_type = "beacon"; 3431 } else if (bss->corrupt_data & IEEE80211_BSS_CORRUPT_PROBE_RESP) 3432 corrupt_type = "probe response"; 3433 sdata_info(sdata, "associating with AP with corrupt %s\n", 3434 corrupt_type); 3435 } 3436 3437 err = 0; 3438 goto out; 3439 err_clear: 3440 ifmgd->assoc_data = NULL; 3441 err_free: 3442 kfree(assoc_data); 3443 out: 3444 mutex_unlock(&ifmgd->mtx); 3445 3446 return err; 3447 } 3448 3449 int ieee80211_mgd_deauth(struct ieee80211_sub_if_data *sdata, 3450 struct cfg80211_deauth_request *req) 3451 { 3452 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 3453 u8 frame_buf[DEAUTH_DISASSOC_LEN]; 3454 3455 mutex_lock(&ifmgd->mtx); 3456 3457 if (ifmgd->auth_data) { 3458 ieee80211_destroy_auth_data(sdata, false); 3459 mutex_unlock(&ifmgd->mtx); 3460 return 0; 3461 } 3462 3463 sdata_info(sdata, 3464 "deauthenticating from %pM by local choice (reason=%d)\n", 3465 req->bssid, req->reason_code); 3466 3467 if (ifmgd->associated && 3468 ether_addr_equal(ifmgd->associated->bssid, req->bssid)) 3469 ieee80211_set_disassoc(sdata, IEEE80211_STYPE_DEAUTH, 3470 req->reason_code, true, frame_buf); 3471 else 3472 ieee80211_send_deauth_disassoc(sdata, req->bssid, 3473 IEEE80211_STYPE_DEAUTH, 3474 req->reason_code, true, 3475 frame_buf); 3476 mutex_unlock(&ifmgd->mtx); 3477 3478 __cfg80211_send_deauth(sdata->dev, frame_buf, DEAUTH_DISASSOC_LEN); 3479 3480 mutex_lock(&sdata->local->mtx); 3481 ieee80211_recalc_idle(sdata->local); 3482 mutex_unlock(&sdata->local->mtx); 3483 3484 return 0; 3485 } 3486 3487 int ieee80211_mgd_disassoc(struct ieee80211_sub_if_data *sdata, 3488 struct cfg80211_disassoc_request *req) 3489 { 3490 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 3491 u8 bssid[ETH_ALEN]; 3492 u8 frame_buf[DEAUTH_DISASSOC_LEN]; 3493 3494 mutex_lock(&ifmgd->mtx); 3495 3496 /* 3497 * cfg80211 should catch this ... but it's racy since 3498 * we can receive a disassoc frame, process it, hand it 3499 * to cfg80211 while that's in a locked section already 3500 * trying to tell us that the user wants to disconnect. 3501 */ 3502 if (ifmgd->associated != req->bss) { 3503 mutex_unlock(&ifmgd->mtx); 3504 return -ENOLINK; 3505 } 3506 3507 sdata_info(sdata, 3508 "disassociating from %pM by local choice (reason=%d)\n", 3509 req->bss->bssid, req->reason_code); 3510 3511 memcpy(bssid, req->bss->bssid, ETH_ALEN); 3512 ieee80211_set_disassoc(sdata, IEEE80211_STYPE_DISASSOC, 3513 req->reason_code, !req->local_state_change, 3514 frame_buf); 3515 mutex_unlock(&ifmgd->mtx); 3516 3517 __cfg80211_send_disassoc(sdata->dev, frame_buf, DEAUTH_DISASSOC_LEN); 3518 3519 mutex_lock(&sdata->local->mtx); 3520 ieee80211_recalc_idle(sdata->local); 3521 mutex_unlock(&sdata->local->mtx); 3522 3523 return 0; 3524 } 3525 3526 void ieee80211_mgd_stop(struct ieee80211_sub_if_data *sdata) 3527 { 3528 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 3529 3530 mutex_lock(&ifmgd->mtx); 3531 if (ifmgd->assoc_data) 3532 ieee80211_destroy_assoc_data(sdata, false); 3533 if (ifmgd->auth_data) 3534 ieee80211_destroy_auth_data(sdata, false); 3535 del_timer_sync(&ifmgd->timer); 3536 mutex_unlock(&ifmgd->mtx); 3537 } 3538 3539 void ieee80211_cqm_rssi_notify(struct ieee80211_vif *vif, 3540 enum nl80211_cqm_rssi_threshold_event rssi_event, 3541 gfp_t gfp) 3542 { 3543 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); 3544 3545 trace_api_cqm_rssi_notify(sdata, rssi_event); 3546 3547 cfg80211_cqm_rssi_notify(sdata->dev, rssi_event, gfp); 3548 } 3549 EXPORT_SYMBOL(ieee80211_cqm_rssi_notify); 3550