1 /* 2 * BSS client mode implementation 3 * Copyright 2003-2008, Jouni Malinen <j@w1.fi> 4 * Copyright 2004, Instant802 Networks, Inc. 5 * Copyright 2005, Devicescape Software, Inc. 6 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz> 7 * Copyright 2007, Michael Wu <flamingice@sourmilk.net> 8 * 9 * This program is free software; you can redistribute it and/or modify 10 * it under the terms of the GNU General Public License version 2 as 11 * published by the Free Software Foundation. 12 */ 13 14 #include <linux/delay.h> 15 #include <linux/if_ether.h> 16 #include <linux/skbuff.h> 17 #include <linux/if_arp.h> 18 #include <linux/etherdevice.h> 19 #include <linux/moduleparam.h> 20 #include <linux/rtnetlink.h> 21 #include <linux/pm_qos.h> 22 #include <linux/crc32.h> 23 #include <linux/slab.h> 24 #include <linux/export.h> 25 #include <net/mac80211.h> 26 #include <asm/unaligned.h> 27 28 #include "ieee80211_i.h" 29 #include "driver-ops.h" 30 #include "rate.h" 31 #include "led.h" 32 33 #define IEEE80211_AUTH_TIMEOUT (HZ / 5) 34 #define IEEE80211_AUTH_MAX_TRIES 3 35 #define IEEE80211_AUTH_WAIT_ASSOC (HZ * 5) 36 #define IEEE80211_ASSOC_TIMEOUT (HZ / 5) 37 #define IEEE80211_ASSOC_MAX_TRIES 3 38 39 static int max_nullfunc_tries = 2; 40 module_param(max_nullfunc_tries, int, 0644); 41 MODULE_PARM_DESC(max_nullfunc_tries, 42 "Maximum nullfunc tx tries before disconnecting (reason 4)."); 43 44 static int max_probe_tries = 5; 45 module_param(max_probe_tries, int, 0644); 46 MODULE_PARM_DESC(max_probe_tries, 47 "Maximum probe tries before disconnecting (reason 4)."); 48 49 /* 50 * Beacon loss timeout is calculated as N frames times the 51 * advertised beacon interval. This may need to be somewhat 52 * higher than what hardware might detect to account for 53 * delays in the host processing frames. But since we also 54 * probe on beacon miss before declaring the connection lost 55 * default to what we want. 56 */ 57 #define IEEE80211_BEACON_LOSS_COUNT 7 58 59 /* 60 * Time the connection can be idle before we probe 61 * it to see if we can still talk to the AP. 62 */ 63 #define IEEE80211_CONNECTION_IDLE_TIME (30 * HZ) 64 /* 65 * Time we wait for a probe response after sending 66 * a probe request because of beacon loss or for 67 * checking the connection still works. 68 */ 69 static int probe_wait_ms = 500; 70 module_param(probe_wait_ms, int, 0644); 71 MODULE_PARM_DESC(probe_wait_ms, 72 "Maximum time(ms) to wait for probe response" 73 " before disconnecting (reason 4)."); 74 75 /* 76 * Weight given to the latest Beacon frame when calculating average signal 77 * strength for Beacon frames received in the current BSS. This must be 78 * between 1 and 15. 79 */ 80 #define IEEE80211_SIGNAL_AVE_WEIGHT 3 81 82 /* 83 * How many Beacon frames need to have been used in average signal strength 84 * before starting to indicate signal change events. 85 */ 86 #define IEEE80211_SIGNAL_AVE_MIN_COUNT 4 87 88 #define TMR_RUNNING_TIMER 0 89 #define TMR_RUNNING_CHANSW 1 90 91 /* 92 * All cfg80211 functions have to be called outside a locked 93 * section so that they can acquire a lock themselves... This 94 * is much simpler than queuing up things in cfg80211, but we 95 * do need some indirection for that here. 96 */ 97 enum rx_mgmt_action { 98 /* no action required */ 99 RX_MGMT_NONE, 100 101 /* caller must call cfg80211_send_deauth() */ 102 RX_MGMT_CFG80211_DEAUTH, 103 104 /* caller must call cfg80211_send_disassoc() */ 105 RX_MGMT_CFG80211_DISASSOC, 106 107 /* caller must call cfg80211_send_rx_auth() */ 108 RX_MGMT_CFG80211_RX_AUTH, 109 110 /* caller must call cfg80211_send_rx_assoc() */ 111 RX_MGMT_CFG80211_RX_ASSOC, 112 113 /* caller must call cfg80211_send_assoc_timeout() */ 114 RX_MGMT_CFG80211_ASSOC_TIMEOUT, 115 }; 116 117 /* utils */ 118 static inline void ASSERT_MGD_MTX(struct ieee80211_if_managed *ifmgd) 119 { 120 lockdep_assert_held(&ifmgd->mtx); 121 } 122 123 /* 124 * We can have multiple work items (and connection probing) 125 * scheduling this timer, but we need to take care to only 126 * reschedule it when it should fire _earlier_ than it was 127 * asked for before, or if it's not pending right now. This 128 * function ensures that. Note that it then is required to 129 * run this function for all timeouts after the first one 130 * has happened -- the work that runs from this timer will 131 * do that. 132 */ 133 static void run_again(struct ieee80211_if_managed *ifmgd, unsigned long timeout) 134 { 135 ASSERT_MGD_MTX(ifmgd); 136 137 if (!timer_pending(&ifmgd->timer) || 138 time_before(timeout, ifmgd->timer.expires)) 139 mod_timer(&ifmgd->timer, timeout); 140 } 141 142 void ieee80211_sta_reset_beacon_monitor(struct ieee80211_sub_if_data *sdata) 143 { 144 if (sdata->vif.driver_flags & IEEE80211_VIF_BEACON_FILTER) 145 return; 146 147 if (sdata->local->hw.flags & IEEE80211_HW_CONNECTION_MONITOR) 148 return; 149 150 mod_timer(&sdata->u.mgd.bcn_mon_timer, 151 round_jiffies_up(jiffies + sdata->u.mgd.beacon_timeout)); 152 } 153 154 void ieee80211_sta_reset_conn_monitor(struct ieee80211_sub_if_data *sdata) 155 { 156 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 157 158 if (unlikely(!sdata->u.mgd.associated)) 159 return; 160 161 if (sdata->local->hw.flags & IEEE80211_HW_CONNECTION_MONITOR) 162 return; 163 164 mod_timer(&sdata->u.mgd.conn_mon_timer, 165 round_jiffies_up(jiffies + IEEE80211_CONNECTION_IDLE_TIME)); 166 167 ifmgd->probe_send_count = 0; 168 } 169 170 static int ecw2cw(int ecw) 171 { 172 return (1 << ecw) - 1; 173 } 174 175 static u32 ieee80211_config_ht_tx(struct ieee80211_sub_if_data *sdata, 176 struct ieee80211_ht_operation *ht_oper, 177 const u8 *bssid, bool reconfig) 178 { 179 struct ieee80211_local *local = sdata->local; 180 struct ieee80211_supported_band *sband; 181 struct ieee80211_chanctx_conf *chanctx_conf; 182 struct ieee80211_channel *chan; 183 struct sta_info *sta; 184 u32 changed = 0; 185 u16 ht_opmode; 186 bool disable_40 = false; 187 188 rcu_read_lock(); 189 chanctx_conf = rcu_dereference(sdata->vif.chanctx_conf); 190 if (WARN_ON(!chanctx_conf)) { 191 rcu_read_unlock(); 192 return 0; 193 } 194 chan = chanctx_conf->def.chan; 195 rcu_read_unlock(); 196 sband = local->hw.wiphy->bands[chan->band]; 197 198 switch (sdata->vif.bss_conf.chandef.width) { 199 case NL80211_CHAN_WIDTH_40: 200 if (sdata->vif.bss_conf.chandef.chan->center_freq > 201 sdata->vif.bss_conf.chandef.center_freq1 && 202 chan->flags & IEEE80211_CHAN_NO_HT40PLUS) 203 disable_40 = true; 204 if (sdata->vif.bss_conf.chandef.chan->center_freq < 205 sdata->vif.bss_conf.chandef.center_freq1 && 206 chan->flags & IEEE80211_CHAN_NO_HT40MINUS) 207 disable_40 = true; 208 break; 209 default: 210 break; 211 } 212 213 /* This can change during the lifetime of the BSS */ 214 if (!(ht_oper->ht_param & IEEE80211_HT_PARAM_CHAN_WIDTH_ANY)) 215 disable_40 = true; 216 217 mutex_lock(&local->sta_mtx); 218 sta = sta_info_get(sdata, bssid); 219 220 WARN_ON_ONCE(!sta); 221 222 if (sta && !sta->supports_40mhz) 223 disable_40 = true; 224 225 if (sta && (!reconfig || 226 (disable_40 != !(sta->sta.ht_cap.cap & 227 IEEE80211_HT_CAP_SUP_WIDTH_20_40)))) { 228 229 if (disable_40) 230 sta->sta.ht_cap.cap &= ~IEEE80211_HT_CAP_SUP_WIDTH_20_40; 231 else 232 sta->sta.ht_cap.cap |= IEEE80211_HT_CAP_SUP_WIDTH_20_40; 233 234 rate_control_rate_update(local, sband, sta, 235 IEEE80211_RC_BW_CHANGED); 236 } 237 mutex_unlock(&local->sta_mtx); 238 239 ht_opmode = le16_to_cpu(ht_oper->operation_mode); 240 241 /* if bss configuration changed store the new one */ 242 if (!reconfig || (sdata->vif.bss_conf.ht_operation_mode != ht_opmode)) { 243 changed |= BSS_CHANGED_HT; 244 sdata->vif.bss_conf.ht_operation_mode = ht_opmode; 245 } 246 247 return changed; 248 } 249 250 /* frame sending functions */ 251 252 static int ieee80211_compatible_rates(const u8 *supp_rates, int supp_rates_len, 253 struct ieee80211_supported_band *sband, 254 u32 *rates) 255 { 256 int i, j, count; 257 *rates = 0; 258 count = 0; 259 for (i = 0; i < supp_rates_len; i++) { 260 int rate = (supp_rates[i] & 0x7F) * 5; 261 262 for (j = 0; j < sband->n_bitrates; j++) 263 if (sband->bitrates[j].bitrate == rate) { 264 *rates |= BIT(j); 265 count++; 266 break; 267 } 268 } 269 270 return count; 271 } 272 273 static void ieee80211_add_ht_ie(struct ieee80211_sub_if_data *sdata, 274 struct sk_buff *skb, u8 ap_ht_param, 275 struct ieee80211_supported_band *sband, 276 struct ieee80211_channel *channel, 277 enum ieee80211_smps_mode smps) 278 { 279 u8 *pos; 280 u32 flags = channel->flags; 281 u16 cap; 282 struct ieee80211_sta_ht_cap ht_cap; 283 284 BUILD_BUG_ON(sizeof(ht_cap) != sizeof(sband->ht_cap)); 285 286 memcpy(&ht_cap, &sband->ht_cap, sizeof(ht_cap)); 287 ieee80211_apply_htcap_overrides(sdata, &ht_cap); 288 289 /* determine capability flags */ 290 cap = ht_cap.cap; 291 292 switch (ap_ht_param & IEEE80211_HT_PARAM_CHA_SEC_OFFSET) { 293 case IEEE80211_HT_PARAM_CHA_SEC_ABOVE: 294 if (flags & IEEE80211_CHAN_NO_HT40PLUS) { 295 cap &= ~IEEE80211_HT_CAP_SUP_WIDTH_20_40; 296 cap &= ~IEEE80211_HT_CAP_SGI_40; 297 } 298 break; 299 case IEEE80211_HT_PARAM_CHA_SEC_BELOW: 300 if (flags & IEEE80211_CHAN_NO_HT40MINUS) { 301 cap &= ~IEEE80211_HT_CAP_SUP_WIDTH_20_40; 302 cap &= ~IEEE80211_HT_CAP_SGI_40; 303 } 304 break; 305 } 306 307 /* 308 * If 40 MHz was disabled associate as though we weren't 309 * capable of 40 MHz -- some broken APs will never fall 310 * back to trying to transmit in 20 MHz. 311 */ 312 if (sdata->u.mgd.flags & IEEE80211_STA_DISABLE_40MHZ) { 313 cap &= ~IEEE80211_HT_CAP_SUP_WIDTH_20_40; 314 cap &= ~IEEE80211_HT_CAP_SGI_40; 315 } 316 317 /* set SM PS mode properly */ 318 cap &= ~IEEE80211_HT_CAP_SM_PS; 319 switch (smps) { 320 case IEEE80211_SMPS_AUTOMATIC: 321 case IEEE80211_SMPS_NUM_MODES: 322 WARN_ON(1); 323 case IEEE80211_SMPS_OFF: 324 cap |= WLAN_HT_CAP_SM_PS_DISABLED << 325 IEEE80211_HT_CAP_SM_PS_SHIFT; 326 break; 327 case IEEE80211_SMPS_STATIC: 328 cap |= WLAN_HT_CAP_SM_PS_STATIC << 329 IEEE80211_HT_CAP_SM_PS_SHIFT; 330 break; 331 case IEEE80211_SMPS_DYNAMIC: 332 cap |= WLAN_HT_CAP_SM_PS_DYNAMIC << 333 IEEE80211_HT_CAP_SM_PS_SHIFT; 334 break; 335 } 336 337 /* reserve and fill IE */ 338 pos = skb_put(skb, sizeof(struct ieee80211_ht_cap) + 2); 339 ieee80211_ie_build_ht_cap(pos, &ht_cap, cap); 340 } 341 342 static void ieee80211_add_vht_ie(struct ieee80211_sub_if_data *sdata, 343 struct sk_buff *skb, 344 struct ieee80211_supported_band *sband) 345 { 346 u8 *pos; 347 u32 cap; 348 struct ieee80211_sta_vht_cap vht_cap; 349 350 BUILD_BUG_ON(sizeof(vht_cap) != sizeof(sband->vht_cap)); 351 352 memcpy(&vht_cap, &sband->vht_cap, sizeof(vht_cap)); 353 354 /* determine capability flags */ 355 cap = vht_cap.cap; 356 357 if (sdata->u.mgd.flags & IEEE80211_STA_DISABLE_80P80MHZ) { 358 cap &= ~IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ; 359 cap |= IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_160MHZ; 360 } 361 362 if (sdata->u.mgd.flags & IEEE80211_STA_DISABLE_160MHZ) { 363 cap &= ~IEEE80211_VHT_CAP_SHORT_GI_160; 364 cap &= ~IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_160MHZ; 365 } 366 367 /* reserve and fill IE */ 368 pos = skb_put(skb, sizeof(struct ieee80211_vht_cap) + 2); 369 ieee80211_ie_build_vht_cap(pos, &vht_cap, cap); 370 } 371 372 static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata) 373 { 374 struct ieee80211_local *local = sdata->local; 375 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 376 struct ieee80211_mgd_assoc_data *assoc_data = ifmgd->assoc_data; 377 struct sk_buff *skb; 378 struct ieee80211_mgmt *mgmt; 379 u8 *pos, qos_info; 380 size_t offset = 0, noffset; 381 int i, count, rates_len, supp_rates_len; 382 u16 capab; 383 struct ieee80211_supported_band *sband; 384 struct ieee80211_chanctx_conf *chanctx_conf; 385 struct ieee80211_channel *chan; 386 u32 rates = 0; 387 388 lockdep_assert_held(&ifmgd->mtx); 389 390 rcu_read_lock(); 391 chanctx_conf = rcu_dereference(sdata->vif.chanctx_conf); 392 if (WARN_ON(!chanctx_conf)) { 393 rcu_read_unlock(); 394 return; 395 } 396 chan = chanctx_conf->def.chan; 397 rcu_read_unlock(); 398 sband = local->hw.wiphy->bands[chan->band]; 399 400 if (assoc_data->supp_rates_len) { 401 /* 402 * Get all rates supported by the device and the AP as 403 * some APs don't like getting a superset of their rates 404 * in the association request (e.g. D-Link DAP 1353 in 405 * b-only mode)... 406 */ 407 rates_len = ieee80211_compatible_rates(assoc_data->supp_rates, 408 assoc_data->supp_rates_len, 409 sband, &rates); 410 } else { 411 /* 412 * In case AP not provide any supported rates information 413 * before association, we send information element(s) with 414 * all rates that we support. 415 */ 416 rates = ~0; 417 rates_len = sband->n_bitrates; 418 } 419 420 skb = alloc_skb(local->hw.extra_tx_headroom + 421 sizeof(*mgmt) + /* bit too much but doesn't matter */ 422 2 + assoc_data->ssid_len + /* SSID */ 423 4 + rates_len + /* (extended) rates */ 424 4 + /* power capability */ 425 2 + 2 * sband->n_channels + /* supported channels */ 426 2 + sizeof(struct ieee80211_ht_cap) + /* HT */ 427 2 + sizeof(struct ieee80211_vht_cap) + /* VHT */ 428 assoc_data->ie_len + /* extra IEs */ 429 9, /* WMM */ 430 GFP_KERNEL); 431 if (!skb) 432 return; 433 434 skb_reserve(skb, local->hw.extra_tx_headroom); 435 436 capab = WLAN_CAPABILITY_ESS; 437 438 if (sband->band == IEEE80211_BAND_2GHZ) { 439 if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_SLOT_INCAPABLE)) 440 capab |= WLAN_CAPABILITY_SHORT_SLOT_TIME; 441 if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_PREAMBLE_INCAPABLE)) 442 capab |= WLAN_CAPABILITY_SHORT_PREAMBLE; 443 } 444 445 if (assoc_data->capability & WLAN_CAPABILITY_PRIVACY) 446 capab |= WLAN_CAPABILITY_PRIVACY; 447 448 if ((assoc_data->capability & WLAN_CAPABILITY_SPECTRUM_MGMT) && 449 (local->hw.flags & IEEE80211_HW_SPECTRUM_MGMT)) 450 capab |= WLAN_CAPABILITY_SPECTRUM_MGMT; 451 452 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24); 453 memset(mgmt, 0, 24); 454 memcpy(mgmt->da, assoc_data->bss->bssid, ETH_ALEN); 455 memcpy(mgmt->sa, sdata->vif.addr, ETH_ALEN); 456 memcpy(mgmt->bssid, assoc_data->bss->bssid, ETH_ALEN); 457 458 if (!is_zero_ether_addr(assoc_data->prev_bssid)) { 459 skb_put(skb, 10); 460 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | 461 IEEE80211_STYPE_REASSOC_REQ); 462 mgmt->u.reassoc_req.capab_info = cpu_to_le16(capab); 463 mgmt->u.reassoc_req.listen_interval = 464 cpu_to_le16(local->hw.conf.listen_interval); 465 memcpy(mgmt->u.reassoc_req.current_ap, assoc_data->prev_bssid, 466 ETH_ALEN); 467 } else { 468 skb_put(skb, 4); 469 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | 470 IEEE80211_STYPE_ASSOC_REQ); 471 mgmt->u.assoc_req.capab_info = cpu_to_le16(capab); 472 mgmt->u.assoc_req.listen_interval = 473 cpu_to_le16(local->hw.conf.listen_interval); 474 } 475 476 /* SSID */ 477 pos = skb_put(skb, 2 + assoc_data->ssid_len); 478 *pos++ = WLAN_EID_SSID; 479 *pos++ = assoc_data->ssid_len; 480 memcpy(pos, assoc_data->ssid, assoc_data->ssid_len); 481 482 /* add all rates which were marked to be used above */ 483 supp_rates_len = rates_len; 484 if (supp_rates_len > 8) 485 supp_rates_len = 8; 486 487 pos = skb_put(skb, supp_rates_len + 2); 488 *pos++ = WLAN_EID_SUPP_RATES; 489 *pos++ = supp_rates_len; 490 491 count = 0; 492 for (i = 0; i < sband->n_bitrates; i++) { 493 if (BIT(i) & rates) { 494 int rate = sband->bitrates[i].bitrate; 495 *pos++ = (u8) (rate / 5); 496 if (++count == 8) 497 break; 498 } 499 } 500 501 if (rates_len > count) { 502 pos = skb_put(skb, rates_len - count + 2); 503 *pos++ = WLAN_EID_EXT_SUPP_RATES; 504 *pos++ = rates_len - count; 505 506 for (i++; i < sband->n_bitrates; i++) { 507 if (BIT(i) & rates) { 508 int rate = sband->bitrates[i].bitrate; 509 *pos++ = (u8) (rate / 5); 510 } 511 } 512 } 513 514 if (capab & WLAN_CAPABILITY_SPECTRUM_MGMT) { 515 /* 1. power capabilities */ 516 pos = skb_put(skb, 4); 517 *pos++ = WLAN_EID_PWR_CAPABILITY; 518 *pos++ = 2; 519 *pos++ = 0; /* min tx power */ 520 *pos++ = chan->max_power; /* max tx power */ 521 522 /* 2. supported channels */ 523 /* TODO: get this in reg domain format */ 524 pos = skb_put(skb, 2 * sband->n_channels + 2); 525 *pos++ = WLAN_EID_SUPPORTED_CHANNELS; 526 *pos++ = 2 * sband->n_channels; 527 for (i = 0; i < sband->n_channels; i++) { 528 *pos++ = ieee80211_frequency_to_channel( 529 sband->channels[i].center_freq); 530 *pos++ = 1; /* one channel in the subband*/ 531 } 532 } 533 534 /* if present, add any custom IEs that go before HT */ 535 if (assoc_data->ie_len && assoc_data->ie) { 536 static const u8 before_ht[] = { 537 WLAN_EID_SSID, 538 WLAN_EID_SUPP_RATES, 539 WLAN_EID_EXT_SUPP_RATES, 540 WLAN_EID_PWR_CAPABILITY, 541 WLAN_EID_SUPPORTED_CHANNELS, 542 WLAN_EID_RSN, 543 WLAN_EID_QOS_CAPA, 544 WLAN_EID_RRM_ENABLED_CAPABILITIES, 545 WLAN_EID_MOBILITY_DOMAIN, 546 WLAN_EID_SUPPORTED_REGULATORY_CLASSES, 547 }; 548 noffset = ieee80211_ie_split(assoc_data->ie, assoc_data->ie_len, 549 before_ht, ARRAY_SIZE(before_ht), 550 offset); 551 pos = skb_put(skb, noffset - offset); 552 memcpy(pos, assoc_data->ie + offset, noffset - offset); 553 offset = noffset; 554 } 555 556 if (WARN_ON_ONCE((ifmgd->flags & IEEE80211_STA_DISABLE_HT) && 557 !(ifmgd->flags & IEEE80211_STA_DISABLE_VHT))) 558 ifmgd->flags |= IEEE80211_STA_DISABLE_VHT; 559 560 if (!(ifmgd->flags & IEEE80211_STA_DISABLE_HT)) 561 ieee80211_add_ht_ie(sdata, skb, assoc_data->ap_ht_param, 562 sband, chan, sdata->smps_mode); 563 564 if (!(ifmgd->flags & IEEE80211_STA_DISABLE_VHT)) 565 ieee80211_add_vht_ie(sdata, skb, sband); 566 567 /* if present, add any custom non-vendor IEs that go after HT */ 568 if (assoc_data->ie_len && assoc_data->ie) { 569 noffset = ieee80211_ie_split_vendor(assoc_data->ie, 570 assoc_data->ie_len, 571 offset); 572 pos = skb_put(skb, noffset - offset); 573 memcpy(pos, assoc_data->ie + offset, noffset - offset); 574 offset = noffset; 575 } 576 577 if (assoc_data->wmm) { 578 if (assoc_data->uapsd) { 579 qos_info = ifmgd->uapsd_queues; 580 qos_info |= (ifmgd->uapsd_max_sp_len << 581 IEEE80211_WMM_IE_STA_QOSINFO_SP_SHIFT); 582 } else { 583 qos_info = 0; 584 } 585 586 pos = skb_put(skb, 9); 587 *pos++ = WLAN_EID_VENDOR_SPECIFIC; 588 *pos++ = 7; /* len */ 589 *pos++ = 0x00; /* Microsoft OUI 00:50:F2 */ 590 *pos++ = 0x50; 591 *pos++ = 0xf2; 592 *pos++ = 2; /* WME */ 593 *pos++ = 0; /* WME info */ 594 *pos++ = 1; /* WME ver */ 595 *pos++ = qos_info; 596 } 597 598 /* add any remaining custom (i.e. vendor specific here) IEs */ 599 if (assoc_data->ie_len && assoc_data->ie) { 600 noffset = assoc_data->ie_len; 601 pos = skb_put(skb, noffset - offset); 602 memcpy(pos, assoc_data->ie + offset, noffset - offset); 603 } 604 605 drv_mgd_prepare_tx(local, sdata); 606 607 IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT; 608 ieee80211_tx_skb(sdata, skb); 609 } 610 611 void ieee80211_send_pspoll(struct ieee80211_local *local, 612 struct ieee80211_sub_if_data *sdata) 613 { 614 struct ieee80211_pspoll *pspoll; 615 struct sk_buff *skb; 616 617 skb = ieee80211_pspoll_get(&local->hw, &sdata->vif); 618 if (!skb) 619 return; 620 621 pspoll = (struct ieee80211_pspoll *) skb->data; 622 pspoll->frame_control |= cpu_to_le16(IEEE80211_FCTL_PM); 623 624 IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT; 625 ieee80211_tx_skb(sdata, skb); 626 } 627 628 void ieee80211_send_nullfunc(struct ieee80211_local *local, 629 struct ieee80211_sub_if_data *sdata, 630 int powersave) 631 { 632 struct sk_buff *skb; 633 struct ieee80211_hdr_3addr *nullfunc; 634 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 635 636 skb = ieee80211_nullfunc_get(&local->hw, &sdata->vif); 637 if (!skb) 638 return; 639 640 nullfunc = (struct ieee80211_hdr_3addr *) skb->data; 641 if (powersave) 642 nullfunc->frame_control |= cpu_to_le16(IEEE80211_FCTL_PM); 643 644 IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT; 645 if (ifmgd->flags & (IEEE80211_STA_BEACON_POLL | 646 IEEE80211_STA_CONNECTION_POLL)) 647 IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_CTL_USE_MINRATE; 648 649 ieee80211_tx_skb(sdata, skb); 650 } 651 652 static void ieee80211_send_4addr_nullfunc(struct ieee80211_local *local, 653 struct ieee80211_sub_if_data *sdata) 654 { 655 struct sk_buff *skb; 656 struct ieee80211_hdr *nullfunc; 657 __le16 fc; 658 659 if (WARN_ON(sdata->vif.type != NL80211_IFTYPE_STATION)) 660 return; 661 662 skb = dev_alloc_skb(local->hw.extra_tx_headroom + 30); 663 if (!skb) 664 return; 665 666 skb_reserve(skb, local->hw.extra_tx_headroom); 667 668 nullfunc = (struct ieee80211_hdr *) skb_put(skb, 30); 669 memset(nullfunc, 0, 30); 670 fc = cpu_to_le16(IEEE80211_FTYPE_DATA | IEEE80211_STYPE_NULLFUNC | 671 IEEE80211_FCTL_FROMDS | IEEE80211_FCTL_TODS); 672 nullfunc->frame_control = fc; 673 memcpy(nullfunc->addr1, sdata->u.mgd.bssid, ETH_ALEN); 674 memcpy(nullfunc->addr2, sdata->vif.addr, ETH_ALEN); 675 memcpy(nullfunc->addr3, sdata->u.mgd.bssid, ETH_ALEN); 676 memcpy(nullfunc->addr4, sdata->vif.addr, ETH_ALEN); 677 678 IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT; 679 ieee80211_tx_skb(sdata, skb); 680 } 681 682 /* spectrum management related things */ 683 static void ieee80211_chswitch_work(struct work_struct *work) 684 { 685 struct ieee80211_sub_if_data *sdata = 686 container_of(work, struct ieee80211_sub_if_data, u.mgd.chswitch_work); 687 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 688 689 if (!ieee80211_sdata_running(sdata)) 690 return; 691 692 mutex_lock(&ifmgd->mtx); 693 if (!ifmgd->associated) 694 goto out; 695 696 sdata->local->_oper_channel = sdata->local->csa_channel; 697 if (!sdata->local->ops->channel_switch) { 698 /* call "hw_config" only if doing sw channel switch */ 699 ieee80211_hw_config(sdata->local, 700 IEEE80211_CONF_CHANGE_CHANNEL); 701 } else { 702 /* update the device channel directly */ 703 sdata->local->hw.conf.channel = sdata->local->_oper_channel; 704 } 705 706 /* XXX: shouldn't really modify cfg80211-owned data! */ 707 ifmgd->associated->channel = sdata->local->_oper_channel; 708 709 /* XXX: wait for a beacon first? */ 710 ieee80211_wake_queues_by_reason(&sdata->local->hw, 711 IEEE80211_QUEUE_STOP_REASON_CSA); 712 out: 713 ifmgd->flags &= ~IEEE80211_STA_CSA_RECEIVED; 714 mutex_unlock(&ifmgd->mtx); 715 } 716 717 void ieee80211_chswitch_done(struct ieee80211_vif *vif, bool success) 718 { 719 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); 720 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 721 722 trace_api_chswitch_done(sdata, success); 723 if (!success) { 724 sdata_info(sdata, 725 "driver channel switch failed, disconnecting\n"); 726 ieee80211_queue_work(&sdata->local->hw, 727 &ifmgd->csa_connection_drop_work); 728 } else { 729 ieee80211_queue_work(&sdata->local->hw, &ifmgd->chswitch_work); 730 } 731 } 732 EXPORT_SYMBOL(ieee80211_chswitch_done); 733 734 static void ieee80211_chswitch_timer(unsigned long data) 735 { 736 struct ieee80211_sub_if_data *sdata = 737 (struct ieee80211_sub_if_data *) data; 738 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 739 740 if (sdata->local->quiescing) { 741 set_bit(TMR_RUNNING_CHANSW, &ifmgd->timers_running); 742 return; 743 } 744 745 ieee80211_queue_work(&sdata->local->hw, &ifmgd->chswitch_work); 746 } 747 748 void ieee80211_sta_process_chanswitch(struct ieee80211_sub_if_data *sdata, 749 struct ieee80211_channel_sw_ie *sw_elem, 750 struct ieee80211_bss *bss, 751 u64 timestamp) 752 { 753 struct cfg80211_bss *cbss = 754 container_of((void *)bss, struct cfg80211_bss, priv); 755 struct ieee80211_channel *new_ch; 756 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 757 int new_freq = ieee80211_channel_to_frequency(sw_elem->new_ch_num, 758 cbss->channel->band); 759 struct ieee80211_chanctx *chanctx; 760 761 ASSERT_MGD_MTX(ifmgd); 762 763 if (!ifmgd->associated) 764 return; 765 766 if (sdata->local->scanning) 767 return; 768 769 /* Disregard subsequent beacons if we are already running a timer 770 processing a CSA */ 771 772 if (ifmgd->flags & IEEE80211_STA_CSA_RECEIVED) 773 return; 774 775 new_ch = ieee80211_get_channel(sdata->local->hw.wiphy, new_freq); 776 if (!new_ch || new_ch->flags & IEEE80211_CHAN_DISABLED) { 777 sdata_info(sdata, 778 "AP %pM switches to unsupported channel (%d MHz), disconnecting\n", 779 ifmgd->associated->bssid, new_freq); 780 ieee80211_queue_work(&sdata->local->hw, 781 &ifmgd->csa_connection_drop_work); 782 return; 783 } 784 785 ifmgd->flags |= IEEE80211_STA_CSA_RECEIVED; 786 787 if (sdata->local->use_chanctx) { 788 sdata_info(sdata, 789 "not handling channel switch with channel contexts\n"); 790 ieee80211_queue_work(&sdata->local->hw, 791 &ifmgd->csa_connection_drop_work); 792 return; 793 } 794 795 mutex_lock(&sdata->local->chanctx_mtx); 796 if (WARN_ON(!rcu_access_pointer(sdata->vif.chanctx_conf))) { 797 mutex_unlock(&sdata->local->chanctx_mtx); 798 return; 799 } 800 chanctx = container_of(rcu_access_pointer(sdata->vif.chanctx_conf), 801 struct ieee80211_chanctx, conf); 802 if (chanctx->refcount > 1) { 803 sdata_info(sdata, 804 "channel switch with multiple interfaces on the same channel, disconnecting\n"); 805 ieee80211_queue_work(&sdata->local->hw, 806 &ifmgd->csa_connection_drop_work); 807 mutex_unlock(&sdata->local->chanctx_mtx); 808 return; 809 } 810 mutex_unlock(&sdata->local->chanctx_mtx); 811 812 sdata->local->csa_channel = new_ch; 813 814 if (sw_elem->mode) 815 ieee80211_stop_queues_by_reason(&sdata->local->hw, 816 IEEE80211_QUEUE_STOP_REASON_CSA); 817 818 if (sdata->local->ops->channel_switch) { 819 /* use driver's channel switch callback */ 820 struct ieee80211_channel_switch ch_switch = { 821 .timestamp = timestamp, 822 .block_tx = sw_elem->mode, 823 .channel = new_ch, 824 .count = sw_elem->count, 825 }; 826 827 drv_channel_switch(sdata->local, &ch_switch); 828 return; 829 } 830 831 /* channel switch handled in software */ 832 if (sw_elem->count <= 1) 833 ieee80211_queue_work(&sdata->local->hw, &ifmgd->chswitch_work); 834 else 835 mod_timer(&ifmgd->chswitch_timer, 836 TU_TO_EXP_TIME(sw_elem->count * 837 cbss->beacon_interval)); 838 } 839 840 static u32 ieee80211_handle_pwr_constr(struct ieee80211_sub_if_data *sdata, 841 struct ieee80211_channel *channel, 842 const u8 *country_ie, u8 country_ie_len, 843 const u8 *pwr_constr_elem) 844 { 845 struct ieee80211_country_ie_triplet *triplet; 846 int chan = ieee80211_frequency_to_channel(channel->center_freq); 847 int i, chan_pwr, chan_increment, new_ap_level; 848 bool have_chan_pwr = false; 849 850 /* Invalid IE */ 851 if (country_ie_len % 2 || country_ie_len < IEEE80211_COUNTRY_IE_MIN_LEN) 852 return 0; 853 854 triplet = (void *)(country_ie + 3); 855 country_ie_len -= 3; 856 857 switch (channel->band) { 858 default: 859 WARN_ON_ONCE(1); 860 /* fall through */ 861 case IEEE80211_BAND_2GHZ: 862 case IEEE80211_BAND_60GHZ: 863 chan_increment = 1; 864 break; 865 case IEEE80211_BAND_5GHZ: 866 chan_increment = 4; 867 break; 868 } 869 870 /* find channel */ 871 while (country_ie_len >= 3) { 872 u8 first_channel = triplet->chans.first_channel; 873 874 if (first_channel >= IEEE80211_COUNTRY_EXTENSION_ID) 875 goto next; 876 877 for (i = 0; i < triplet->chans.num_channels; i++) { 878 if (first_channel + i * chan_increment == chan) { 879 have_chan_pwr = true; 880 chan_pwr = triplet->chans.max_power; 881 break; 882 } 883 } 884 if (have_chan_pwr) 885 break; 886 887 next: 888 triplet++; 889 country_ie_len -= 3; 890 } 891 892 if (!have_chan_pwr) 893 return 0; 894 895 new_ap_level = max_t(int, 0, chan_pwr - *pwr_constr_elem); 896 897 if (sdata->ap_power_level == new_ap_level) 898 return 0; 899 900 sdata_info(sdata, 901 "Limiting TX power to %d (%d - %d) dBm as advertised by %pM\n", 902 new_ap_level, chan_pwr, *pwr_constr_elem, 903 sdata->u.mgd.bssid); 904 sdata->ap_power_level = new_ap_level; 905 if (__ieee80211_recalc_txpower(sdata)) 906 return BSS_CHANGED_TXPOWER; 907 return 0; 908 } 909 910 void ieee80211_enable_dyn_ps(struct ieee80211_vif *vif) 911 { 912 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); 913 struct ieee80211_local *local = sdata->local; 914 struct ieee80211_conf *conf = &local->hw.conf; 915 916 WARN_ON(sdata->vif.type != NL80211_IFTYPE_STATION || 917 !(local->hw.flags & IEEE80211_HW_SUPPORTS_PS) || 918 (local->hw.flags & IEEE80211_HW_SUPPORTS_DYNAMIC_PS)); 919 920 local->disable_dynamic_ps = false; 921 conf->dynamic_ps_timeout = local->dynamic_ps_user_timeout; 922 } 923 EXPORT_SYMBOL(ieee80211_enable_dyn_ps); 924 925 void ieee80211_disable_dyn_ps(struct ieee80211_vif *vif) 926 { 927 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); 928 struct ieee80211_local *local = sdata->local; 929 struct ieee80211_conf *conf = &local->hw.conf; 930 931 WARN_ON(sdata->vif.type != NL80211_IFTYPE_STATION || 932 !(local->hw.flags & IEEE80211_HW_SUPPORTS_PS) || 933 (local->hw.flags & IEEE80211_HW_SUPPORTS_DYNAMIC_PS)); 934 935 local->disable_dynamic_ps = true; 936 conf->dynamic_ps_timeout = 0; 937 del_timer_sync(&local->dynamic_ps_timer); 938 ieee80211_queue_work(&local->hw, 939 &local->dynamic_ps_enable_work); 940 } 941 EXPORT_SYMBOL(ieee80211_disable_dyn_ps); 942 943 /* powersave */ 944 static void ieee80211_enable_ps(struct ieee80211_local *local, 945 struct ieee80211_sub_if_data *sdata) 946 { 947 struct ieee80211_conf *conf = &local->hw.conf; 948 949 /* 950 * If we are scanning right now then the parameters will 951 * take effect when scan finishes. 952 */ 953 if (local->scanning) 954 return; 955 956 if (conf->dynamic_ps_timeout > 0 && 957 !(local->hw.flags & IEEE80211_HW_SUPPORTS_DYNAMIC_PS)) { 958 mod_timer(&local->dynamic_ps_timer, jiffies + 959 msecs_to_jiffies(conf->dynamic_ps_timeout)); 960 } else { 961 if (local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK) 962 ieee80211_send_nullfunc(local, sdata, 1); 963 964 if ((local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK) && 965 (local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS)) 966 return; 967 968 conf->flags |= IEEE80211_CONF_PS; 969 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS); 970 } 971 } 972 973 static void ieee80211_change_ps(struct ieee80211_local *local) 974 { 975 struct ieee80211_conf *conf = &local->hw.conf; 976 977 if (local->ps_sdata) { 978 ieee80211_enable_ps(local, local->ps_sdata); 979 } else if (conf->flags & IEEE80211_CONF_PS) { 980 conf->flags &= ~IEEE80211_CONF_PS; 981 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS); 982 del_timer_sync(&local->dynamic_ps_timer); 983 cancel_work_sync(&local->dynamic_ps_enable_work); 984 } 985 } 986 987 static bool ieee80211_powersave_allowed(struct ieee80211_sub_if_data *sdata) 988 { 989 struct ieee80211_if_managed *mgd = &sdata->u.mgd; 990 struct sta_info *sta = NULL; 991 bool authorized = false; 992 993 if (!mgd->powersave) 994 return false; 995 996 if (mgd->broken_ap) 997 return false; 998 999 if (!mgd->associated) 1000 return false; 1001 1002 if (mgd->flags & (IEEE80211_STA_BEACON_POLL | 1003 IEEE80211_STA_CONNECTION_POLL)) 1004 return false; 1005 1006 rcu_read_lock(); 1007 sta = sta_info_get(sdata, mgd->bssid); 1008 if (sta) 1009 authorized = test_sta_flag(sta, WLAN_STA_AUTHORIZED); 1010 rcu_read_unlock(); 1011 1012 return authorized; 1013 } 1014 1015 /* need to hold RTNL or interface lock */ 1016 void ieee80211_recalc_ps(struct ieee80211_local *local, s32 latency) 1017 { 1018 struct ieee80211_sub_if_data *sdata, *found = NULL; 1019 int count = 0; 1020 int timeout; 1021 1022 if (!(local->hw.flags & IEEE80211_HW_SUPPORTS_PS)) { 1023 local->ps_sdata = NULL; 1024 return; 1025 } 1026 1027 list_for_each_entry(sdata, &local->interfaces, list) { 1028 if (!ieee80211_sdata_running(sdata)) 1029 continue; 1030 if (sdata->vif.type == NL80211_IFTYPE_AP) { 1031 /* If an AP vif is found, then disable PS 1032 * by setting the count to zero thereby setting 1033 * ps_sdata to NULL. 1034 */ 1035 count = 0; 1036 break; 1037 } 1038 if (sdata->vif.type != NL80211_IFTYPE_STATION) 1039 continue; 1040 found = sdata; 1041 count++; 1042 } 1043 1044 if (count == 1 && ieee80211_powersave_allowed(found)) { 1045 struct ieee80211_conf *conf = &local->hw.conf; 1046 s32 beaconint_us; 1047 1048 if (latency < 0) 1049 latency = pm_qos_request(PM_QOS_NETWORK_LATENCY); 1050 1051 beaconint_us = ieee80211_tu_to_usec( 1052 found->vif.bss_conf.beacon_int); 1053 1054 timeout = local->dynamic_ps_forced_timeout; 1055 if (timeout < 0) { 1056 /* 1057 * Go to full PSM if the user configures a very low 1058 * latency requirement. 1059 * The 2000 second value is there for compatibility 1060 * until the PM_QOS_NETWORK_LATENCY is configured 1061 * with real values. 1062 */ 1063 if (latency > (1900 * USEC_PER_MSEC) && 1064 latency != (2000 * USEC_PER_SEC)) 1065 timeout = 0; 1066 else 1067 timeout = 100; 1068 } 1069 local->dynamic_ps_user_timeout = timeout; 1070 if (!local->disable_dynamic_ps) 1071 conf->dynamic_ps_timeout = 1072 local->dynamic_ps_user_timeout; 1073 1074 if (beaconint_us > latency) { 1075 local->ps_sdata = NULL; 1076 } else { 1077 int maxslp = 1; 1078 u8 dtimper = found->u.mgd.dtim_period; 1079 1080 /* If the TIM IE is invalid, pretend the value is 1 */ 1081 if (!dtimper) 1082 dtimper = 1; 1083 else if (dtimper > 1) 1084 maxslp = min_t(int, dtimper, 1085 latency / beaconint_us); 1086 1087 local->hw.conf.max_sleep_period = maxslp; 1088 local->hw.conf.ps_dtim_period = dtimper; 1089 local->ps_sdata = found; 1090 } 1091 } else { 1092 local->ps_sdata = NULL; 1093 } 1094 1095 ieee80211_change_ps(local); 1096 } 1097 1098 void ieee80211_recalc_ps_vif(struct ieee80211_sub_if_data *sdata) 1099 { 1100 bool ps_allowed = ieee80211_powersave_allowed(sdata); 1101 1102 if (sdata->vif.bss_conf.ps != ps_allowed) { 1103 sdata->vif.bss_conf.ps = ps_allowed; 1104 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_PS); 1105 } 1106 } 1107 1108 void ieee80211_dynamic_ps_disable_work(struct work_struct *work) 1109 { 1110 struct ieee80211_local *local = 1111 container_of(work, struct ieee80211_local, 1112 dynamic_ps_disable_work); 1113 1114 if (local->hw.conf.flags & IEEE80211_CONF_PS) { 1115 local->hw.conf.flags &= ~IEEE80211_CONF_PS; 1116 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS); 1117 } 1118 1119 ieee80211_wake_queues_by_reason(&local->hw, 1120 IEEE80211_QUEUE_STOP_REASON_PS); 1121 } 1122 1123 void ieee80211_dynamic_ps_enable_work(struct work_struct *work) 1124 { 1125 struct ieee80211_local *local = 1126 container_of(work, struct ieee80211_local, 1127 dynamic_ps_enable_work); 1128 struct ieee80211_sub_if_data *sdata = local->ps_sdata; 1129 struct ieee80211_if_managed *ifmgd; 1130 unsigned long flags; 1131 int q; 1132 1133 /* can only happen when PS was just disabled anyway */ 1134 if (!sdata) 1135 return; 1136 1137 ifmgd = &sdata->u.mgd; 1138 1139 if (local->hw.conf.flags & IEEE80211_CONF_PS) 1140 return; 1141 1142 if (!local->disable_dynamic_ps && 1143 local->hw.conf.dynamic_ps_timeout > 0) { 1144 /* don't enter PS if TX frames are pending */ 1145 if (drv_tx_frames_pending(local)) { 1146 mod_timer(&local->dynamic_ps_timer, jiffies + 1147 msecs_to_jiffies( 1148 local->hw.conf.dynamic_ps_timeout)); 1149 return; 1150 } 1151 1152 /* 1153 * transmission can be stopped by others which leads to 1154 * dynamic_ps_timer expiry. Postpone the ps timer if it 1155 * is not the actual idle state. 1156 */ 1157 spin_lock_irqsave(&local->queue_stop_reason_lock, flags); 1158 for (q = 0; q < local->hw.queues; q++) { 1159 if (local->queue_stop_reasons[q]) { 1160 spin_unlock_irqrestore(&local->queue_stop_reason_lock, 1161 flags); 1162 mod_timer(&local->dynamic_ps_timer, jiffies + 1163 msecs_to_jiffies( 1164 local->hw.conf.dynamic_ps_timeout)); 1165 return; 1166 } 1167 } 1168 spin_unlock_irqrestore(&local->queue_stop_reason_lock, flags); 1169 } 1170 1171 if ((local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK) && 1172 !(ifmgd->flags & IEEE80211_STA_NULLFUNC_ACKED)) { 1173 netif_tx_stop_all_queues(sdata->dev); 1174 1175 if (drv_tx_frames_pending(local)) 1176 mod_timer(&local->dynamic_ps_timer, jiffies + 1177 msecs_to_jiffies( 1178 local->hw.conf.dynamic_ps_timeout)); 1179 else { 1180 ieee80211_send_nullfunc(local, sdata, 1); 1181 /* Flush to get the tx status of nullfunc frame */ 1182 drv_flush(local, false); 1183 } 1184 } 1185 1186 if (!((local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS) && 1187 (local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK)) || 1188 (ifmgd->flags & IEEE80211_STA_NULLFUNC_ACKED)) { 1189 ifmgd->flags &= ~IEEE80211_STA_NULLFUNC_ACKED; 1190 local->hw.conf.flags |= IEEE80211_CONF_PS; 1191 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS); 1192 } 1193 1194 if (local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK) 1195 netif_tx_wake_all_queues(sdata->dev); 1196 } 1197 1198 void ieee80211_dynamic_ps_timer(unsigned long data) 1199 { 1200 struct ieee80211_local *local = (void *) data; 1201 1202 if (local->quiescing || local->suspended) 1203 return; 1204 1205 ieee80211_queue_work(&local->hw, &local->dynamic_ps_enable_work); 1206 } 1207 1208 /* MLME */ 1209 static bool ieee80211_sta_wmm_params(struct ieee80211_local *local, 1210 struct ieee80211_sub_if_data *sdata, 1211 u8 *wmm_param, size_t wmm_param_len) 1212 { 1213 struct ieee80211_tx_queue_params params; 1214 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1215 size_t left; 1216 int count; 1217 u8 *pos, uapsd_queues = 0; 1218 1219 if (!local->ops->conf_tx) 1220 return false; 1221 1222 if (local->hw.queues < IEEE80211_NUM_ACS) 1223 return false; 1224 1225 if (!wmm_param) 1226 return false; 1227 1228 if (wmm_param_len < 8 || wmm_param[5] /* version */ != 1) 1229 return false; 1230 1231 if (ifmgd->flags & IEEE80211_STA_UAPSD_ENABLED) 1232 uapsd_queues = ifmgd->uapsd_queues; 1233 1234 count = wmm_param[6] & 0x0f; 1235 if (count == ifmgd->wmm_last_param_set) 1236 return false; 1237 ifmgd->wmm_last_param_set = count; 1238 1239 pos = wmm_param + 8; 1240 left = wmm_param_len - 8; 1241 1242 memset(¶ms, 0, sizeof(params)); 1243 1244 sdata->wmm_acm = 0; 1245 for (; left >= 4; left -= 4, pos += 4) { 1246 int aci = (pos[0] >> 5) & 0x03; 1247 int acm = (pos[0] >> 4) & 0x01; 1248 bool uapsd = false; 1249 int queue; 1250 1251 switch (aci) { 1252 case 1: /* AC_BK */ 1253 queue = 3; 1254 if (acm) 1255 sdata->wmm_acm |= BIT(1) | BIT(2); /* BK/- */ 1256 if (uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_BK) 1257 uapsd = true; 1258 break; 1259 case 2: /* AC_VI */ 1260 queue = 1; 1261 if (acm) 1262 sdata->wmm_acm |= BIT(4) | BIT(5); /* CL/VI */ 1263 if (uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_VI) 1264 uapsd = true; 1265 break; 1266 case 3: /* AC_VO */ 1267 queue = 0; 1268 if (acm) 1269 sdata->wmm_acm |= BIT(6) | BIT(7); /* VO/NC */ 1270 if (uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_VO) 1271 uapsd = true; 1272 break; 1273 case 0: /* AC_BE */ 1274 default: 1275 queue = 2; 1276 if (acm) 1277 sdata->wmm_acm |= BIT(0) | BIT(3); /* BE/EE */ 1278 if (uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_BE) 1279 uapsd = true; 1280 break; 1281 } 1282 1283 params.aifs = pos[0] & 0x0f; 1284 params.cw_max = ecw2cw((pos[1] & 0xf0) >> 4); 1285 params.cw_min = ecw2cw(pos[1] & 0x0f); 1286 params.txop = get_unaligned_le16(pos + 2); 1287 params.uapsd = uapsd; 1288 1289 mlme_dbg(sdata, 1290 "WMM queue=%d aci=%d acm=%d aifs=%d cWmin=%d cWmax=%d txop=%d uapsd=%d\n", 1291 queue, aci, acm, 1292 params.aifs, params.cw_min, params.cw_max, 1293 params.txop, params.uapsd); 1294 sdata->tx_conf[queue] = params; 1295 if (drv_conf_tx(local, sdata, queue, ¶ms)) 1296 sdata_err(sdata, 1297 "failed to set TX queue parameters for queue %d\n", 1298 queue); 1299 } 1300 1301 /* enable WMM or activate new settings */ 1302 sdata->vif.bss_conf.qos = true; 1303 return true; 1304 } 1305 1306 static void __ieee80211_stop_poll(struct ieee80211_sub_if_data *sdata) 1307 { 1308 lockdep_assert_held(&sdata->local->mtx); 1309 1310 sdata->u.mgd.flags &= ~(IEEE80211_STA_CONNECTION_POLL | 1311 IEEE80211_STA_BEACON_POLL); 1312 ieee80211_run_deferred_scan(sdata->local); 1313 } 1314 1315 static void ieee80211_stop_poll(struct ieee80211_sub_if_data *sdata) 1316 { 1317 mutex_lock(&sdata->local->mtx); 1318 __ieee80211_stop_poll(sdata); 1319 mutex_unlock(&sdata->local->mtx); 1320 } 1321 1322 static u32 ieee80211_handle_bss_capability(struct ieee80211_sub_if_data *sdata, 1323 u16 capab, bool erp_valid, u8 erp) 1324 { 1325 struct ieee80211_bss_conf *bss_conf = &sdata->vif.bss_conf; 1326 u32 changed = 0; 1327 bool use_protection; 1328 bool use_short_preamble; 1329 bool use_short_slot; 1330 1331 if (erp_valid) { 1332 use_protection = (erp & WLAN_ERP_USE_PROTECTION) != 0; 1333 use_short_preamble = (erp & WLAN_ERP_BARKER_PREAMBLE) == 0; 1334 } else { 1335 use_protection = false; 1336 use_short_preamble = !!(capab & WLAN_CAPABILITY_SHORT_PREAMBLE); 1337 } 1338 1339 use_short_slot = !!(capab & WLAN_CAPABILITY_SHORT_SLOT_TIME); 1340 if (ieee80211_get_sdata_band(sdata) == IEEE80211_BAND_5GHZ) 1341 use_short_slot = true; 1342 1343 if (use_protection != bss_conf->use_cts_prot) { 1344 bss_conf->use_cts_prot = use_protection; 1345 changed |= BSS_CHANGED_ERP_CTS_PROT; 1346 } 1347 1348 if (use_short_preamble != bss_conf->use_short_preamble) { 1349 bss_conf->use_short_preamble = use_short_preamble; 1350 changed |= BSS_CHANGED_ERP_PREAMBLE; 1351 } 1352 1353 if (use_short_slot != bss_conf->use_short_slot) { 1354 bss_conf->use_short_slot = use_short_slot; 1355 changed |= BSS_CHANGED_ERP_SLOT; 1356 } 1357 1358 return changed; 1359 } 1360 1361 static void ieee80211_set_associated(struct ieee80211_sub_if_data *sdata, 1362 struct cfg80211_bss *cbss, 1363 u32 bss_info_changed) 1364 { 1365 struct ieee80211_bss *bss = (void *)cbss->priv; 1366 struct ieee80211_local *local = sdata->local; 1367 struct ieee80211_bss_conf *bss_conf = &sdata->vif.bss_conf; 1368 1369 bss_info_changed |= BSS_CHANGED_ASSOC; 1370 bss_info_changed |= ieee80211_handle_bss_capability(sdata, 1371 bss_conf->assoc_capability, bss->has_erp_value, bss->erp_value); 1372 1373 sdata->u.mgd.beacon_timeout = usecs_to_jiffies(ieee80211_tu_to_usec( 1374 IEEE80211_BEACON_LOSS_COUNT * bss_conf->beacon_int)); 1375 1376 sdata->u.mgd.associated = cbss; 1377 memcpy(sdata->u.mgd.bssid, cbss->bssid, ETH_ALEN); 1378 1379 sdata->u.mgd.flags |= IEEE80211_STA_RESET_SIGNAL_AVE; 1380 1381 if (sdata->vif.p2p) { 1382 const struct cfg80211_bss_ies *ies; 1383 1384 rcu_read_lock(); 1385 ies = rcu_dereference(cbss->ies); 1386 if (ies) { 1387 u8 noa[2]; 1388 int ret; 1389 1390 ret = cfg80211_get_p2p_attr( 1391 ies->data, ies->len, 1392 IEEE80211_P2P_ATTR_ABSENCE_NOTICE, 1393 noa, sizeof(noa)); 1394 if (ret >= 2) { 1395 bss_conf->p2p_oppps = noa[1] & 0x80; 1396 bss_conf->p2p_ctwindow = noa[1] & 0x7f; 1397 bss_info_changed |= BSS_CHANGED_P2P_PS; 1398 sdata->u.mgd.p2p_noa_index = noa[0]; 1399 } 1400 } 1401 rcu_read_unlock(); 1402 } 1403 1404 /* just to be sure */ 1405 ieee80211_stop_poll(sdata); 1406 1407 ieee80211_led_assoc(local, 1); 1408 1409 if (local->hw.flags & IEEE80211_HW_NEED_DTIM_PERIOD) { 1410 /* 1411 * If the AP is buggy we may get here with no DTIM period 1412 * known, so assume it's 1 which is the only safe assumption 1413 * in that case, although if the TIM IE is broken powersave 1414 * probably just won't work at all. 1415 */ 1416 bss_conf->dtim_period = sdata->u.mgd.dtim_period ?: 1; 1417 } else { 1418 bss_conf->dtim_period = 0; 1419 } 1420 1421 bss_conf->assoc = 1; 1422 1423 /* Tell the driver to monitor connection quality (if supported) */ 1424 if (sdata->vif.driver_flags & IEEE80211_VIF_SUPPORTS_CQM_RSSI && 1425 bss_conf->cqm_rssi_thold) 1426 bss_info_changed |= BSS_CHANGED_CQM; 1427 1428 /* Enable ARP filtering */ 1429 if (bss_conf->arp_filter_enabled != sdata->arp_filter_state) { 1430 bss_conf->arp_filter_enabled = sdata->arp_filter_state; 1431 bss_info_changed |= BSS_CHANGED_ARP_FILTER; 1432 } 1433 1434 ieee80211_bss_info_change_notify(sdata, bss_info_changed); 1435 1436 mutex_lock(&local->iflist_mtx); 1437 ieee80211_recalc_ps(local, -1); 1438 mutex_unlock(&local->iflist_mtx); 1439 1440 ieee80211_recalc_smps(sdata); 1441 ieee80211_recalc_ps_vif(sdata); 1442 1443 netif_tx_start_all_queues(sdata->dev); 1444 netif_carrier_on(sdata->dev); 1445 } 1446 1447 static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata, 1448 u16 stype, u16 reason, bool tx, 1449 u8 *frame_buf) 1450 { 1451 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1452 struct ieee80211_local *local = sdata->local; 1453 struct sta_info *sta; 1454 u32 changed = 0; 1455 1456 ASSERT_MGD_MTX(ifmgd); 1457 1458 if (WARN_ON_ONCE(tx && !frame_buf)) 1459 return; 1460 1461 if (WARN_ON(!ifmgd->associated)) 1462 return; 1463 1464 ieee80211_stop_poll(sdata); 1465 1466 ifmgd->associated = NULL; 1467 1468 /* 1469 * we need to commit the associated = NULL change because the 1470 * scan code uses that to determine whether this iface should 1471 * go to/wake up from powersave or not -- and could otherwise 1472 * wake the queues erroneously. 1473 */ 1474 smp_mb(); 1475 1476 /* 1477 * Thus, we can only afterwards stop the queues -- to account 1478 * for the case where another CPU is finishing a scan at this 1479 * time -- we don't want the scan code to enable queues. 1480 */ 1481 1482 netif_tx_stop_all_queues(sdata->dev); 1483 netif_carrier_off(sdata->dev); 1484 1485 mutex_lock(&local->sta_mtx); 1486 sta = sta_info_get(sdata, ifmgd->bssid); 1487 if (sta) { 1488 set_sta_flag(sta, WLAN_STA_BLOCK_BA); 1489 ieee80211_sta_tear_down_BA_sessions(sta, false); 1490 } 1491 mutex_unlock(&local->sta_mtx); 1492 1493 /* 1494 * if we want to get out of ps before disassoc (why?) we have 1495 * to do it before sending disassoc, as otherwise the null-packet 1496 * won't be valid. 1497 */ 1498 if (local->hw.conf.flags & IEEE80211_CONF_PS) { 1499 local->hw.conf.flags &= ~IEEE80211_CONF_PS; 1500 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS); 1501 } 1502 local->ps_sdata = NULL; 1503 1504 /* disable per-vif ps */ 1505 ieee80211_recalc_ps_vif(sdata); 1506 1507 /* flush out any pending frame (e.g. DELBA) before deauth/disassoc */ 1508 if (tx) 1509 drv_flush(local, false); 1510 1511 /* deauthenticate/disassociate now */ 1512 if (tx || frame_buf) 1513 ieee80211_send_deauth_disassoc(sdata, ifmgd->bssid, stype, 1514 reason, tx, frame_buf); 1515 1516 /* flush out frame */ 1517 if (tx) 1518 drv_flush(local, false); 1519 1520 /* clear bssid only after building the needed mgmt frames */ 1521 memset(ifmgd->bssid, 0, ETH_ALEN); 1522 1523 /* remove AP and TDLS peers */ 1524 sta_info_flush(local, sdata); 1525 1526 /* finally reset all BSS / config parameters */ 1527 changed |= ieee80211_reset_erp_info(sdata); 1528 1529 ieee80211_led_assoc(local, 0); 1530 changed |= BSS_CHANGED_ASSOC; 1531 sdata->vif.bss_conf.assoc = false; 1532 1533 sdata->vif.bss_conf.p2p_ctwindow = 0; 1534 sdata->vif.bss_conf.p2p_oppps = false; 1535 1536 /* on the next assoc, re-program HT parameters */ 1537 memset(&ifmgd->ht_capa, 0, sizeof(ifmgd->ht_capa)); 1538 memset(&ifmgd->ht_capa_mask, 0, sizeof(ifmgd->ht_capa_mask)); 1539 1540 sdata->ap_power_level = IEEE80211_UNSET_POWER_LEVEL; 1541 1542 del_timer_sync(&local->dynamic_ps_timer); 1543 cancel_work_sync(&local->dynamic_ps_enable_work); 1544 1545 /* Disable ARP filtering */ 1546 if (sdata->vif.bss_conf.arp_filter_enabled) { 1547 sdata->vif.bss_conf.arp_filter_enabled = false; 1548 changed |= BSS_CHANGED_ARP_FILTER; 1549 } 1550 1551 sdata->vif.bss_conf.qos = false; 1552 changed |= BSS_CHANGED_QOS; 1553 1554 /* The BSSID (not really interesting) and HT changed */ 1555 changed |= BSS_CHANGED_BSSID | BSS_CHANGED_HT; 1556 ieee80211_bss_info_change_notify(sdata, changed); 1557 1558 /* disassociated - set to defaults now */ 1559 ieee80211_set_wmm_default(sdata, false); 1560 1561 del_timer_sync(&sdata->u.mgd.conn_mon_timer); 1562 del_timer_sync(&sdata->u.mgd.bcn_mon_timer); 1563 del_timer_sync(&sdata->u.mgd.timer); 1564 del_timer_sync(&sdata->u.mgd.chswitch_timer); 1565 1566 sdata->u.mgd.timers_running = 0; 1567 1568 sdata->vif.bss_conf.dtim_period = 0; 1569 1570 ifmgd->flags = 0; 1571 ieee80211_vif_release_channel(sdata); 1572 } 1573 1574 void ieee80211_sta_rx_notify(struct ieee80211_sub_if_data *sdata, 1575 struct ieee80211_hdr *hdr) 1576 { 1577 /* 1578 * We can postpone the mgd.timer whenever receiving unicast frames 1579 * from AP because we know that the connection is working both ways 1580 * at that time. But multicast frames (and hence also beacons) must 1581 * be ignored here, because we need to trigger the timer during 1582 * data idle periods for sending the periodic probe request to the 1583 * AP we're connected to. 1584 */ 1585 if (is_multicast_ether_addr(hdr->addr1)) 1586 return; 1587 1588 ieee80211_sta_reset_conn_monitor(sdata); 1589 } 1590 1591 static void ieee80211_reset_ap_probe(struct ieee80211_sub_if_data *sdata) 1592 { 1593 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1594 struct ieee80211_local *local = sdata->local; 1595 1596 mutex_lock(&local->mtx); 1597 if (!(ifmgd->flags & (IEEE80211_STA_BEACON_POLL | 1598 IEEE80211_STA_CONNECTION_POLL))) { 1599 mutex_unlock(&local->mtx); 1600 return; 1601 } 1602 1603 __ieee80211_stop_poll(sdata); 1604 1605 mutex_lock(&local->iflist_mtx); 1606 ieee80211_recalc_ps(local, -1); 1607 mutex_unlock(&local->iflist_mtx); 1608 1609 if (sdata->local->hw.flags & IEEE80211_HW_CONNECTION_MONITOR) 1610 goto out; 1611 1612 /* 1613 * We've received a probe response, but are not sure whether 1614 * we have or will be receiving any beacons or data, so let's 1615 * schedule the timers again, just in case. 1616 */ 1617 ieee80211_sta_reset_beacon_monitor(sdata); 1618 1619 mod_timer(&ifmgd->conn_mon_timer, 1620 round_jiffies_up(jiffies + 1621 IEEE80211_CONNECTION_IDLE_TIME)); 1622 out: 1623 mutex_unlock(&local->mtx); 1624 } 1625 1626 void ieee80211_sta_tx_notify(struct ieee80211_sub_if_data *sdata, 1627 struct ieee80211_hdr *hdr, bool ack) 1628 { 1629 if (!ieee80211_is_data(hdr->frame_control)) 1630 return; 1631 1632 if (ack) 1633 ieee80211_sta_reset_conn_monitor(sdata); 1634 1635 if (ieee80211_is_nullfunc(hdr->frame_control) && 1636 sdata->u.mgd.probe_send_count > 0) { 1637 if (ack) 1638 sdata->u.mgd.probe_send_count = 0; 1639 else 1640 sdata->u.mgd.nullfunc_failed = true; 1641 ieee80211_queue_work(&sdata->local->hw, &sdata->work); 1642 } 1643 } 1644 1645 static void ieee80211_mgd_probe_ap_send(struct ieee80211_sub_if_data *sdata) 1646 { 1647 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1648 const u8 *ssid; 1649 u8 *dst = ifmgd->associated->bssid; 1650 u8 unicast_limit = max(1, max_probe_tries - 3); 1651 1652 /* 1653 * Try sending broadcast probe requests for the last three 1654 * probe requests after the first ones failed since some 1655 * buggy APs only support broadcast probe requests. 1656 */ 1657 if (ifmgd->probe_send_count >= unicast_limit) 1658 dst = NULL; 1659 1660 /* 1661 * When the hardware reports an accurate Tx ACK status, it's 1662 * better to send a nullfunc frame instead of a probe request, 1663 * as it will kick us off the AP quickly if we aren't associated 1664 * anymore. The timeout will be reset if the frame is ACKed by 1665 * the AP. 1666 */ 1667 ifmgd->probe_send_count++; 1668 1669 if (sdata->local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS) { 1670 ifmgd->nullfunc_failed = false; 1671 ieee80211_send_nullfunc(sdata->local, sdata, 0); 1672 } else { 1673 int ssid_len; 1674 1675 rcu_read_lock(); 1676 ssid = ieee80211_bss_get_ie(ifmgd->associated, WLAN_EID_SSID); 1677 if (WARN_ON_ONCE(ssid == NULL)) 1678 ssid_len = 0; 1679 else 1680 ssid_len = ssid[1]; 1681 1682 ieee80211_send_probe_req(sdata, dst, ssid + 2, ssid_len, NULL, 1683 0, (u32) -1, true, false, 1684 ifmgd->associated->channel, false); 1685 rcu_read_unlock(); 1686 } 1687 1688 ifmgd->probe_timeout = jiffies + msecs_to_jiffies(probe_wait_ms); 1689 run_again(ifmgd, ifmgd->probe_timeout); 1690 if (sdata->local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS) 1691 drv_flush(sdata->local, false); 1692 } 1693 1694 static void ieee80211_mgd_probe_ap(struct ieee80211_sub_if_data *sdata, 1695 bool beacon) 1696 { 1697 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1698 bool already = false; 1699 1700 if (!ieee80211_sdata_running(sdata)) 1701 return; 1702 1703 mutex_lock(&ifmgd->mtx); 1704 1705 if (!ifmgd->associated) 1706 goto out; 1707 1708 mutex_lock(&sdata->local->mtx); 1709 1710 if (sdata->local->tmp_channel || sdata->local->scanning) { 1711 mutex_unlock(&sdata->local->mtx); 1712 goto out; 1713 } 1714 1715 if (beacon) 1716 mlme_dbg_ratelimited(sdata, 1717 "detected beacon loss from AP - sending probe request\n"); 1718 1719 ieee80211_cqm_rssi_notify(&sdata->vif, 1720 NL80211_CQM_RSSI_BEACON_LOSS_EVENT, GFP_KERNEL); 1721 1722 /* 1723 * The driver/our work has already reported this event or the 1724 * connection monitoring has kicked in and we have already sent 1725 * a probe request. Or maybe the AP died and the driver keeps 1726 * reporting until we disassociate... 1727 * 1728 * In either case we have to ignore the current call to this 1729 * function (except for setting the correct probe reason bit) 1730 * because otherwise we would reset the timer every time and 1731 * never check whether we received a probe response! 1732 */ 1733 if (ifmgd->flags & (IEEE80211_STA_BEACON_POLL | 1734 IEEE80211_STA_CONNECTION_POLL)) 1735 already = true; 1736 1737 if (beacon) 1738 ifmgd->flags |= IEEE80211_STA_BEACON_POLL; 1739 else 1740 ifmgd->flags |= IEEE80211_STA_CONNECTION_POLL; 1741 1742 mutex_unlock(&sdata->local->mtx); 1743 1744 if (already) 1745 goto out; 1746 1747 mutex_lock(&sdata->local->iflist_mtx); 1748 ieee80211_recalc_ps(sdata->local, -1); 1749 mutex_unlock(&sdata->local->iflist_mtx); 1750 1751 ifmgd->probe_send_count = 0; 1752 ieee80211_mgd_probe_ap_send(sdata); 1753 out: 1754 mutex_unlock(&ifmgd->mtx); 1755 } 1756 1757 struct sk_buff *ieee80211_ap_probereq_get(struct ieee80211_hw *hw, 1758 struct ieee80211_vif *vif) 1759 { 1760 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); 1761 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1762 struct cfg80211_bss *cbss; 1763 struct sk_buff *skb; 1764 const u8 *ssid; 1765 int ssid_len; 1766 1767 if (WARN_ON(sdata->vif.type != NL80211_IFTYPE_STATION)) 1768 return NULL; 1769 1770 ASSERT_MGD_MTX(ifmgd); 1771 1772 if (ifmgd->associated) 1773 cbss = ifmgd->associated; 1774 else if (ifmgd->auth_data) 1775 cbss = ifmgd->auth_data->bss; 1776 else if (ifmgd->assoc_data) 1777 cbss = ifmgd->assoc_data->bss; 1778 else 1779 return NULL; 1780 1781 rcu_read_lock(); 1782 ssid = ieee80211_bss_get_ie(cbss, WLAN_EID_SSID); 1783 if (WARN_ON_ONCE(ssid == NULL)) 1784 ssid_len = 0; 1785 else 1786 ssid_len = ssid[1]; 1787 1788 skb = ieee80211_build_probe_req(sdata, cbss->bssid, 1789 (u32) -1, cbss->channel, 1790 ssid + 2, ssid_len, 1791 NULL, 0, true); 1792 rcu_read_unlock(); 1793 1794 return skb; 1795 } 1796 EXPORT_SYMBOL(ieee80211_ap_probereq_get); 1797 1798 static void __ieee80211_disconnect(struct ieee80211_sub_if_data *sdata, 1799 bool transmit_frame) 1800 { 1801 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1802 struct ieee80211_local *local = sdata->local; 1803 u8 frame_buf[IEEE80211_DEAUTH_FRAME_LEN]; 1804 1805 mutex_lock(&ifmgd->mtx); 1806 if (!ifmgd->associated) { 1807 mutex_unlock(&ifmgd->mtx); 1808 return; 1809 } 1810 1811 ieee80211_set_disassoc(sdata, IEEE80211_STYPE_DEAUTH, 1812 WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY, 1813 transmit_frame, frame_buf); 1814 ifmgd->flags &= ~IEEE80211_STA_CSA_RECEIVED; 1815 mutex_unlock(&ifmgd->mtx); 1816 1817 /* 1818 * must be outside lock due to cfg80211, 1819 * but that's not a problem. 1820 */ 1821 cfg80211_send_deauth(sdata->dev, frame_buf, IEEE80211_DEAUTH_FRAME_LEN); 1822 1823 mutex_lock(&local->mtx); 1824 ieee80211_recalc_idle(local); 1825 mutex_unlock(&local->mtx); 1826 } 1827 1828 static void ieee80211_beacon_connection_loss_work(struct work_struct *work) 1829 { 1830 struct ieee80211_sub_if_data *sdata = 1831 container_of(work, struct ieee80211_sub_if_data, 1832 u.mgd.beacon_connection_loss_work); 1833 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1834 struct sta_info *sta; 1835 1836 if (ifmgd->associated) { 1837 rcu_read_lock(); 1838 sta = sta_info_get(sdata, ifmgd->bssid); 1839 if (sta) 1840 sta->beacon_loss_count++; 1841 rcu_read_unlock(); 1842 } 1843 1844 if (sdata->local->hw.flags & IEEE80211_HW_CONNECTION_MONITOR) { 1845 sdata_info(sdata, "Connection to AP %pM lost\n", 1846 ifmgd->bssid); 1847 __ieee80211_disconnect(sdata, false); 1848 } else { 1849 ieee80211_mgd_probe_ap(sdata, true); 1850 } 1851 } 1852 1853 static void ieee80211_csa_connection_drop_work(struct work_struct *work) 1854 { 1855 struct ieee80211_sub_if_data *sdata = 1856 container_of(work, struct ieee80211_sub_if_data, 1857 u.mgd.csa_connection_drop_work); 1858 1859 ieee80211_wake_queues_by_reason(&sdata->local->hw, 1860 IEEE80211_QUEUE_STOP_REASON_CSA); 1861 __ieee80211_disconnect(sdata, true); 1862 } 1863 1864 void ieee80211_beacon_loss(struct ieee80211_vif *vif) 1865 { 1866 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); 1867 struct ieee80211_hw *hw = &sdata->local->hw; 1868 1869 trace_api_beacon_loss(sdata); 1870 1871 WARN_ON(hw->flags & IEEE80211_HW_CONNECTION_MONITOR); 1872 ieee80211_queue_work(hw, &sdata->u.mgd.beacon_connection_loss_work); 1873 } 1874 EXPORT_SYMBOL(ieee80211_beacon_loss); 1875 1876 void ieee80211_connection_loss(struct ieee80211_vif *vif) 1877 { 1878 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); 1879 struct ieee80211_hw *hw = &sdata->local->hw; 1880 1881 trace_api_connection_loss(sdata); 1882 1883 WARN_ON(!(hw->flags & IEEE80211_HW_CONNECTION_MONITOR)); 1884 ieee80211_queue_work(hw, &sdata->u.mgd.beacon_connection_loss_work); 1885 } 1886 EXPORT_SYMBOL(ieee80211_connection_loss); 1887 1888 1889 static void ieee80211_destroy_auth_data(struct ieee80211_sub_if_data *sdata, 1890 bool assoc) 1891 { 1892 struct ieee80211_mgd_auth_data *auth_data = sdata->u.mgd.auth_data; 1893 1894 lockdep_assert_held(&sdata->u.mgd.mtx); 1895 1896 if (!assoc) { 1897 sta_info_destroy_addr(sdata, auth_data->bss->bssid); 1898 1899 memset(sdata->u.mgd.bssid, 0, ETH_ALEN); 1900 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BSSID); 1901 sdata->u.mgd.flags = 0; 1902 ieee80211_vif_release_channel(sdata); 1903 } 1904 1905 cfg80211_put_bss(auth_data->bss); 1906 kfree(auth_data); 1907 sdata->u.mgd.auth_data = NULL; 1908 } 1909 1910 static void ieee80211_auth_challenge(struct ieee80211_sub_if_data *sdata, 1911 struct ieee80211_mgmt *mgmt, size_t len) 1912 { 1913 struct ieee80211_mgd_auth_data *auth_data = sdata->u.mgd.auth_data; 1914 u8 *pos; 1915 struct ieee802_11_elems elems; 1916 1917 pos = mgmt->u.auth.variable; 1918 ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems); 1919 if (!elems.challenge) 1920 return; 1921 auth_data->expected_transaction = 4; 1922 drv_mgd_prepare_tx(sdata->local, sdata); 1923 ieee80211_send_auth(sdata, 3, auth_data->algorithm, 0, 1924 elems.challenge - 2, elems.challenge_len + 2, 1925 auth_data->bss->bssid, auth_data->bss->bssid, 1926 auth_data->key, auth_data->key_len, 1927 auth_data->key_idx); 1928 } 1929 1930 static enum rx_mgmt_action __must_check 1931 ieee80211_rx_mgmt_auth(struct ieee80211_sub_if_data *sdata, 1932 struct ieee80211_mgmt *mgmt, size_t len) 1933 { 1934 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1935 u8 bssid[ETH_ALEN]; 1936 u16 auth_alg, auth_transaction, status_code; 1937 struct sta_info *sta; 1938 1939 lockdep_assert_held(&ifmgd->mtx); 1940 1941 if (len < 24 + 6) 1942 return RX_MGMT_NONE; 1943 1944 if (!ifmgd->auth_data || ifmgd->auth_data->done) 1945 return RX_MGMT_NONE; 1946 1947 memcpy(bssid, ifmgd->auth_data->bss->bssid, ETH_ALEN); 1948 1949 if (!ether_addr_equal(bssid, mgmt->bssid)) 1950 return RX_MGMT_NONE; 1951 1952 auth_alg = le16_to_cpu(mgmt->u.auth.auth_alg); 1953 auth_transaction = le16_to_cpu(mgmt->u.auth.auth_transaction); 1954 status_code = le16_to_cpu(mgmt->u.auth.status_code); 1955 1956 if (auth_alg != ifmgd->auth_data->algorithm || 1957 auth_transaction != ifmgd->auth_data->expected_transaction) { 1958 sdata_info(sdata, "%pM unexpected authentication state: alg %d (expected %d) transact %d (expected %d)\n", 1959 mgmt->sa, auth_alg, ifmgd->auth_data->algorithm, 1960 auth_transaction, 1961 ifmgd->auth_data->expected_transaction); 1962 return RX_MGMT_NONE; 1963 } 1964 1965 if (status_code != WLAN_STATUS_SUCCESS) { 1966 sdata_info(sdata, "%pM denied authentication (status %d)\n", 1967 mgmt->sa, status_code); 1968 ieee80211_destroy_auth_data(sdata, false); 1969 return RX_MGMT_CFG80211_RX_AUTH; 1970 } 1971 1972 switch (ifmgd->auth_data->algorithm) { 1973 case WLAN_AUTH_OPEN: 1974 case WLAN_AUTH_LEAP: 1975 case WLAN_AUTH_FT: 1976 case WLAN_AUTH_SAE: 1977 break; 1978 case WLAN_AUTH_SHARED_KEY: 1979 if (ifmgd->auth_data->expected_transaction != 4) { 1980 ieee80211_auth_challenge(sdata, mgmt, len); 1981 /* need another frame */ 1982 return RX_MGMT_NONE; 1983 } 1984 break; 1985 default: 1986 WARN_ONCE(1, "invalid auth alg %d", 1987 ifmgd->auth_data->algorithm); 1988 return RX_MGMT_NONE; 1989 } 1990 1991 sdata_info(sdata, "authenticated\n"); 1992 ifmgd->auth_data->done = true; 1993 ifmgd->auth_data->timeout = jiffies + IEEE80211_AUTH_WAIT_ASSOC; 1994 run_again(ifmgd, ifmgd->auth_data->timeout); 1995 1996 if (ifmgd->auth_data->algorithm == WLAN_AUTH_SAE && 1997 ifmgd->auth_data->expected_transaction != 2) { 1998 /* 1999 * Report auth frame to user space for processing since another 2000 * round of Authentication frames is still needed. 2001 */ 2002 return RX_MGMT_CFG80211_RX_AUTH; 2003 } 2004 2005 /* move station state to auth */ 2006 mutex_lock(&sdata->local->sta_mtx); 2007 sta = sta_info_get(sdata, bssid); 2008 if (!sta) { 2009 WARN_ONCE(1, "%s: STA %pM not found", sdata->name, bssid); 2010 goto out_err; 2011 } 2012 if (sta_info_move_state(sta, IEEE80211_STA_AUTH)) { 2013 sdata_info(sdata, "failed moving %pM to auth\n", bssid); 2014 goto out_err; 2015 } 2016 mutex_unlock(&sdata->local->sta_mtx); 2017 2018 return RX_MGMT_CFG80211_RX_AUTH; 2019 out_err: 2020 mutex_unlock(&sdata->local->sta_mtx); 2021 /* ignore frame -- wait for timeout */ 2022 return RX_MGMT_NONE; 2023 } 2024 2025 2026 static enum rx_mgmt_action __must_check 2027 ieee80211_rx_mgmt_deauth(struct ieee80211_sub_if_data *sdata, 2028 struct ieee80211_mgmt *mgmt, size_t len) 2029 { 2030 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2031 const u8 *bssid = NULL; 2032 u16 reason_code; 2033 2034 lockdep_assert_held(&ifmgd->mtx); 2035 2036 if (len < 24 + 2) 2037 return RX_MGMT_NONE; 2038 2039 if (!ifmgd->associated || 2040 !ether_addr_equal(mgmt->bssid, ifmgd->associated->bssid)) 2041 return RX_MGMT_NONE; 2042 2043 bssid = ifmgd->associated->bssid; 2044 2045 reason_code = le16_to_cpu(mgmt->u.deauth.reason_code); 2046 2047 sdata_info(sdata, "deauthenticated from %pM (Reason: %u)\n", 2048 bssid, reason_code); 2049 2050 ieee80211_set_disassoc(sdata, 0, 0, false, NULL); 2051 2052 mutex_lock(&sdata->local->mtx); 2053 ieee80211_recalc_idle(sdata->local); 2054 mutex_unlock(&sdata->local->mtx); 2055 2056 return RX_MGMT_CFG80211_DEAUTH; 2057 } 2058 2059 2060 static enum rx_mgmt_action __must_check 2061 ieee80211_rx_mgmt_disassoc(struct ieee80211_sub_if_data *sdata, 2062 struct ieee80211_mgmt *mgmt, size_t len) 2063 { 2064 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2065 u16 reason_code; 2066 2067 lockdep_assert_held(&ifmgd->mtx); 2068 2069 if (len < 24 + 2) 2070 return RX_MGMT_NONE; 2071 2072 if (!ifmgd->associated || 2073 !ether_addr_equal(mgmt->bssid, ifmgd->associated->bssid)) 2074 return RX_MGMT_NONE; 2075 2076 reason_code = le16_to_cpu(mgmt->u.disassoc.reason_code); 2077 2078 sdata_info(sdata, "disassociated from %pM (Reason: %u)\n", 2079 mgmt->sa, reason_code); 2080 2081 ieee80211_set_disassoc(sdata, 0, 0, false, NULL); 2082 2083 mutex_lock(&sdata->local->mtx); 2084 ieee80211_recalc_idle(sdata->local); 2085 mutex_unlock(&sdata->local->mtx); 2086 2087 return RX_MGMT_CFG80211_DISASSOC; 2088 } 2089 2090 static void ieee80211_get_rates(struct ieee80211_supported_band *sband, 2091 u8 *supp_rates, unsigned int supp_rates_len, 2092 u32 *rates, u32 *basic_rates, 2093 bool *have_higher_than_11mbit, 2094 int *min_rate, int *min_rate_index) 2095 { 2096 int i, j; 2097 2098 for (i = 0; i < supp_rates_len; i++) { 2099 int rate = (supp_rates[i] & 0x7f) * 5; 2100 bool is_basic = !!(supp_rates[i] & 0x80); 2101 2102 if (rate > 110) 2103 *have_higher_than_11mbit = true; 2104 2105 /* 2106 * BSS_MEMBERSHIP_SELECTOR_HT_PHY is defined in 802.11n-2009 2107 * 7.3.2.2 as a magic value instead of a rate. Hence, skip it. 2108 * 2109 * Note: Even through the membership selector and the basic 2110 * rate flag share the same bit, they are not exactly 2111 * the same. 2112 */ 2113 if (!!(supp_rates[i] & 0x80) && 2114 (supp_rates[i] & 0x7f) == BSS_MEMBERSHIP_SELECTOR_HT_PHY) 2115 continue; 2116 2117 for (j = 0; j < sband->n_bitrates; j++) { 2118 if (sband->bitrates[j].bitrate == rate) { 2119 *rates |= BIT(j); 2120 if (is_basic) 2121 *basic_rates |= BIT(j); 2122 if (rate < *min_rate) { 2123 *min_rate = rate; 2124 *min_rate_index = j; 2125 } 2126 break; 2127 } 2128 } 2129 } 2130 } 2131 2132 static void ieee80211_destroy_assoc_data(struct ieee80211_sub_if_data *sdata, 2133 bool assoc) 2134 { 2135 struct ieee80211_mgd_assoc_data *assoc_data = sdata->u.mgd.assoc_data; 2136 2137 lockdep_assert_held(&sdata->u.mgd.mtx); 2138 2139 if (!assoc) { 2140 sta_info_destroy_addr(sdata, assoc_data->bss->bssid); 2141 2142 memset(sdata->u.mgd.bssid, 0, ETH_ALEN); 2143 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BSSID); 2144 sdata->u.mgd.flags = 0; 2145 ieee80211_vif_release_channel(sdata); 2146 } 2147 2148 kfree(assoc_data); 2149 sdata->u.mgd.assoc_data = NULL; 2150 } 2151 2152 static bool ieee80211_assoc_success(struct ieee80211_sub_if_data *sdata, 2153 struct cfg80211_bss *cbss, 2154 struct ieee80211_mgmt *mgmt, size_t len) 2155 { 2156 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2157 struct ieee80211_local *local = sdata->local; 2158 struct ieee80211_supported_band *sband; 2159 struct sta_info *sta; 2160 u8 *pos; 2161 u16 capab_info, aid; 2162 struct ieee802_11_elems elems; 2163 struct ieee80211_bss_conf *bss_conf = &sdata->vif.bss_conf; 2164 u32 changed = 0; 2165 int err; 2166 2167 /* AssocResp and ReassocResp have identical structure */ 2168 2169 aid = le16_to_cpu(mgmt->u.assoc_resp.aid); 2170 capab_info = le16_to_cpu(mgmt->u.assoc_resp.capab_info); 2171 2172 if ((aid & (BIT(15) | BIT(14))) != (BIT(15) | BIT(14))) 2173 sdata_info(sdata, "invalid AID value 0x%x; bits 15:14 not set\n", 2174 aid); 2175 aid &= ~(BIT(15) | BIT(14)); 2176 2177 ifmgd->broken_ap = false; 2178 2179 if (aid == 0 || aid > IEEE80211_MAX_AID) { 2180 sdata_info(sdata, "invalid AID value %d (out of range), turn off PS\n", 2181 aid); 2182 aid = 0; 2183 ifmgd->broken_ap = true; 2184 } 2185 2186 pos = mgmt->u.assoc_resp.variable; 2187 ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems); 2188 2189 if (!elems.supp_rates) { 2190 sdata_info(sdata, "no SuppRates element in AssocResp\n"); 2191 return false; 2192 } 2193 2194 ifmgd->aid = aid; 2195 2196 mutex_lock(&sdata->local->sta_mtx); 2197 /* 2198 * station info was already allocated and inserted before 2199 * the association and should be available to us 2200 */ 2201 sta = sta_info_get(sdata, cbss->bssid); 2202 if (WARN_ON(!sta)) { 2203 mutex_unlock(&sdata->local->sta_mtx); 2204 return false; 2205 } 2206 2207 sband = local->hw.wiphy->bands[ieee80211_get_sdata_band(sdata)]; 2208 2209 if (elems.ht_cap_elem && !(ifmgd->flags & IEEE80211_STA_DISABLE_HT)) 2210 ieee80211_ht_cap_ie_to_sta_ht_cap(sdata, sband, 2211 elems.ht_cap_elem, &sta->sta.ht_cap); 2212 2213 sta->supports_40mhz = 2214 sta->sta.ht_cap.cap & IEEE80211_HT_CAP_SUP_WIDTH_20_40; 2215 2216 if (elems.vht_cap_elem && !(ifmgd->flags & IEEE80211_STA_DISABLE_VHT)) 2217 ieee80211_vht_cap_ie_to_sta_vht_cap(sdata, sband, 2218 elems.vht_cap_elem, 2219 &sta->sta.vht_cap); 2220 2221 rate_control_rate_init(sta); 2222 2223 if (ifmgd->flags & IEEE80211_STA_MFP_ENABLED) 2224 set_sta_flag(sta, WLAN_STA_MFP); 2225 2226 if (elems.wmm_param) 2227 set_sta_flag(sta, WLAN_STA_WME); 2228 2229 err = sta_info_move_state(sta, IEEE80211_STA_AUTH); 2230 if (!err) 2231 err = sta_info_move_state(sta, IEEE80211_STA_ASSOC); 2232 if (!err && !(ifmgd->flags & IEEE80211_STA_CONTROL_PORT)) 2233 err = sta_info_move_state(sta, IEEE80211_STA_AUTHORIZED); 2234 if (err) { 2235 sdata_info(sdata, 2236 "failed to move station %pM to desired state\n", 2237 sta->sta.addr); 2238 WARN_ON(__sta_info_destroy(sta)); 2239 mutex_unlock(&sdata->local->sta_mtx); 2240 return false; 2241 } 2242 2243 mutex_unlock(&sdata->local->sta_mtx); 2244 2245 /* 2246 * Always handle WMM once after association regardless 2247 * of the first value the AP uses. Setting -1 here has 2248 * that effect because the AP values is an unsigned 2249 * 4-bit value. 2250 */ 2251 ifmgd->wmm_last_param_set = -1; 2252 2253 if (elems.wmm_param) 2254 ieee80211_sta_wmm_params(local, sdata, elems.wmm_param, 2255 elems.wmm_param_len); 2256 else 2257 ieee80211_set_wmm_default(sdata, false); 2258 changed |= BSS_CHANGED_QOS; 2259 2260 if (elems.ht_operation && elems.wmm_param && 2261 !(ifmgd->flags & IEEE80211_STA_DISABLE_HT)) 2262 changed |= ieee80211_config_ht_tx(sdata, elems.ht_operation, 2263 cbss->bssid, false); 2264 2265 /* set AID and assoc capability, 2266 * ieee80211_set_associated() will tell the driver */ 2267 bss_conf->aid = aid; 2268 bss_conf->assoc_capability = capab_info; 2269 ieee80211_set_associated(sdata, cbss, changed); 2270 2271 /* 2272 * If we're using 4-addr mode, let the AP know that we're 2273 * doing so, so that it can create the STA VLAN on its side 2274 */ 2275 if (ifmgd->use_4addr) 2276 ieee80211_send_4addr_nullfunc(local, sdata); 2277 2278 /* 2279 * Start timer to probe the connection to the AP now. 2280 * Also start the timer that will detect beacon loss. 2281 */ 2282 ieee80211_sta_rx_notify(sdata, (struct ieee80211_hdr *)mgmt); 2283 ieee80211_sta_reset_beacon_monitor(sdata); 2284 2285 return true; 2286 } 2287 2288 static enum rx_mgmt_action __must_check 2289 ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata, 2290 struct ieee80211_mgmt *mgmt, size_t len, 2291 struct cfg80211_bss **bss) 2292 { 2293 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2294 struct ieee80211_mgd_assoc_data *assoc_data = ifmgd->assoc_data; 2295 u16 capab_info, status_code, aid; 2296 struct ieee802_11_elems elems; 2297 u8 *pos; 2298 bool reassoc; 2299 2300 lockdep_assert_held(&ifmgd->mtx); 2301 2302 if (!assoc_data) 2303 return RX_MGMT_NONE; 2304 if (!ether_addr_equal(assoc_data->bss->bssid, mgmt->bssid)) 2305 return RX_MGMT_NONE; 2306 2307 /* 2308 * AssocResp and ReassocResp have identical structure, so process both 2309 * of them in this function. 2310 */ 2311 2312 if (len < 24 + 6) 2313 return RX_MGMT_NONE; 2314 2315 reassoc = ieee80211_is_reassoc_req(mgmt->frame_control); 2316 capab_info = le16_to_cpu(mgmt->u.assoc_resp.capab_info); 2317 status_code = le16_to_cpu(mgmt->u.assoc_resp.status_code); 2318 aid = le16_to_cpu(mgmt->u.assoc_resp.aid); 2319 2320 sdata_info(sdata, 2321 "RX %sssocResp from %pM (capab=0x%x status=%d aid=%d)\n", 2322 reassoc ? "Rea" : "A", mgmt->sa, 2323 capab_info, status_code, (u16)(aid & ~(BIT(15) | BIT(14)))); 2324 2325 pos = mgmt->u.assoc_resp.variable; 2326 ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems); 2327 2328 if (status_code == WLAN_STATUS_ASSOC_REJECTED_TEMPORARILY && 2329 elems.timeout_int && elems.timeout_int_len == 5 && 2330 elems.timeout_int[0] == WLAN_TIMEOUT_ASSOC_COMEBACK) { 2331 u32 tu, ms; 2332 tu = get_unaligned_le32(elems.timeout_int + 1); 2333 ms = tu * 1024 / 1000; 2334 sdata_info(sdata, 2335 "%pM rejected association temporarily; comeback duration %u TU (%u ms)\n", 2336 mgmt->sa, tu, ms); 2337 assoc_data->timeout = jiffies + msecs_to_jiffies(ms); 2338 if (ms > IEEE80211_ASSOC_TIMEOUT) 2339 run_again(ifmgd, assoc_data->timeout); 2340 return RX_MGMT_NONE; 2341 } 2342 2343 *bss = assoc_data->bss; 2344 2345 if (status_code != WLAN_STATUS_SUCCESS) { 2346 sdata_info(sdata, "%pM denied association (code=%d)\n", 2347 mgmt->sa, status_code); 2348 ieee80211_destroy_assoc_data(sdata, false); 2349 } else { 2350 if (!ieee80211_assoc_success(sdata, *bss, mgmt, len)) { 2351 /* oops -- internal error -- send timeout for now */ 2352 ieee80211_destroy_assoc_data(sdata, false); 2353 cfg80211_put_bss(*bss); 2354 return RX_MGMT_CFG80211_ASSOC_TIMEOUT; 2355 } 2356 sdata_info(sdata, "associated\n"); 2357 2358 /* 2359 * destroy assoc_data afterwards, as otherwise an idle 2360 * recalc after assoc_data is NULL but before associated 2361 * is set can cause the interface to go idle 2362 */ 2363 ieee80211_destroy_assoc_data(sdata, true); 2364 } 2365 2366 return RX_MGMT_CFG80211_RX_ASSOC; 2367 } 2368 2369 static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata, 2370 struct ieee80211_mgmt *mgmt, size_t len, 2371 struct ieee80211_rx_status *rx_status, 2372 struct ieee802_11_elems *elems, 2373 bool beacon) 2374 { 2375 struct ieee80211_local *local = sdata->local; 2376 int freq; 2377 struct ieee80211_bss *bss; 2378 struct ieee80211_channel *channel; 2379 bool need_ps = false; 2380 2381 if ((sdata->u.mgd.associated && 2382 ether_addr_equal(mgmt->bssid, sdata->u.mgd.associated->bssid)) || 2383 (sdata->u.mgd.assoc_data && 2384 ether_addr_equal(mgmt->bssid, 2385 sdata->u.mgd.assoc_data->bss->bssid))) { 2386 /* not previously set so we may need to recalc */ 2387 need_ps = sdata->u.mgd.associated && !sdata->u.mgd.dtim_period; 2388 2389 if (elems->tim && !elems->parse_error) { 2390 struct ieee80211_tim_ie *tim_ie = elems->tim; 2391 sdata->u.mgd.dtim_period = tim_ie->dtim_period; 2392 } 2393 } 2394 2395 if (elems->ds_params && elems->ds_params_len == 1) 2396 freq = ieee80211_channel_to_frequency(elems->ds_params[0], 2397 rx_status->band); 2398 else 2399 freq = rx_status->freq; 2400 2401 channel = ieee80211_get_channel(local->hw.wiphy, freq); 2402 2403 if (!channel || channel->flags & IEEE80211_CHAN_DISABLED) 2404 return; 2405 2406 bss = ieee80211_bss_info_update(local, rx_status, mgmt, len, elems, 2407 channel, beacon); 2408 if (bss) 2409 ieee80211_rx_bss_put(local, bss); 2410 2411 if (!sdata->u.mgd.associated) 2412 return; 2413 2414 if (need_ps) { 2415 mutex_lock(&local->iflist_mtx); 2416 ieee80211_recalc_ps(local, -1); 2417 mutex_unlock(&local->iflist_mtx); 2418 } 2419 2420 if (elems->ch_switch_ie && 2421 memcmp(mgmt->bssid, sdata->u.mgd.associated->bssid, ETH_ALEN) == 0) 2422 ieee80211_sta_process_chanswitch(sdata, elems->ch_switch_ie, 2423 bss, rx_status->mactime); 2424 } 2425 2426 2427 static void ieee80211_rx_mgmt_probe_resp(struct ieee80211_sub_if_data *sdata, 2428 struct sk_buff *skb) 2429 { 2430 struct ieee80211_mgmt *mgmt = (void *)skb->data; 2431 struct ieee80211_if_managed *ifmgd; 2432 struct ieee80211_rx_status *rx_status = (void *) skb->cb; 2433 size_t baselen, len = skb->len; 2434 struct ieee802_11_elems elems; 2435 2436 ifmgd = &sdata->u.mgd; 2437 2438 ASSERT_MGD_MTX(ifmgd); 2439 2440 if (!ether_addr_equal(mgmt->da, sdata->vif.addr)) 2441 return; /* ignore ProbeResp to foreign address */ 2442 2443 baselen = (u8 *) mgmt->u.probe_resp.variable - (u8 *) mgmt; 2444 if (baselen > len) 2445 return; 2446 2447 ieee802_11_parse_elems(mgmt->u.probe_resp.variable, len - baselen, 2448 &elems); 2449 2450 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems, false); 2451 2452 if (ifmgd->associated && 2453 ether_addr_equal(mgmt->bssid, ifmgd->associated->bssid)) 2454 ieee80211_reset_ap_probe(sdata); 2455 2456 if (ifmgd->auth_data && !ifmgd->auth_data->bss->proberesp_ies && 2457 ether_addr_equal(mgmt->bssid, ifmgd->auth_data->bss->bssid)) { 2458 /* got probe response, continue with auth */ 2459 sdata_info(sdata, "direct probe responded\n"); 2460 ifmgd->auth_data->tries = 0; 2461 ifmgd->auth_data->timeout = jiffies; 2462 run_again(ifmgd, ifmgd->auth_data->timeout); 2463 } 2464 } 2465 2466 /* 2467 * This is the canonical list of information elements we care about, 2468 * the filter code also gives us all changes to the Microsoft OUI 2469 * (00:50:F2) vendor IE which is used for WMM which we need to track. 2470 * 2471 * We implement beacon filtering in software since that means we can 2472 * avoid processing the frame here and in cfg80211, and userspace 2473 * will not be able to tell whether the hardware supports it or not. 2474 * 2475 * XXX: This list needs to be dynamic -- userspace needs to be able to 2476 * add items it requires. It also needs to be able to tell us to 2477 * look out for other vendor IEs. 2478 */ 2479 static const u64 care_about_ies = 2480 (1ULL << WLAN_EID_COUNTRY) | 2481 (1ULL << WLAN_EID_ERP_INFO) | 2482 (1ULL << WLAN_EID_CHANNEL_SWITCH) | 2483 (1ULL << WLAN_EID_PWR_CONSTRAINT) | 2484 (1ULL << WLAN_EID_HT_CAPABILITY) | 2485 (1ULL << WLAN_EID_HT_OPERATION); 2486 2487 static void ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata, 2488 struct ieee80211_mgmt *mgmt, 2489 size_t len, 2490 struct ieee80211_rx_status *rx_status) 2491 { 2492 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2493 struct ieee80211_bss_conf *bss_conf = &sdata->vif.bss_conf; 2494 size_t baselen; 2495 struct ieee802_11_elems elems; 2496 struct ieee80211_local *local = sdata->local; 2497 struct ieee80211_chanctx_conf *chanctx_conf; 2498 struct ieee80211_channel *chan; 2499 u32 changed = 0; 2500 bool erp_valid; 2501 u8 erp_value = 0; 2502 u32 ncrc; 2503 u8 *bssid; 2504 2505 lockdep_assert_held(&ifmgd->mtx); 2506 2507 /* Process beacon from the current BSS */ 2508 baselen = (u8 *) mgmt->u.beacon.variable - (u8 *) mgmt; 2509 if (baselen > len) 2510 return; 2511 2512 rcu_read_lock(); 2513 chanctx_conf = rcu_dereference(sdata->vif.chanctx_conf); 2514 if (!chanctx_conf) { 2515 rcu_read_unlock(); 2516 return; 2517 } 2518 2519 if (rx_status->freq != chanctx_conf->def.chan->center_freq) { 2520 rcu_read_unlock(); 2521 return; 2522 } 2523 chan = chanctx_conf->def.chan; 2524 rcu_read_unlock(); 2525 2526 if (ifmgd->assoc_data && !ifmgd->assoc_data->have_beacon && 2527 ether_addr_equal(mgmt->bssid, ifmgd->assoc_data->bss->bssid)) { 2528 ieee802_11_parse_elems(mgmt->u.beacon.variable, 2529 len - baselen, &elems); 2530 2531 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems, 2532 false); 2533 ifmgd->assoc_data->have_beacon = true; 2534 ifmgd->assoc_data->sent_assoc = false; 2535 /* continue assoc process */ 2536 ifmgd->assoc_data->timeout = jiffies; 2537 run_again(ifmgd, ifmgd->assoc_data->timeout); 2538 return; 2539 } 2540 2541 if (!ifmgd->associated || 2542 !ether_addr_equal(mgmt->bssid, ifmgd->associated->bssid)) 2543 return; 2544 bssid = ifmgd->associated->bssid; 2545 2546 /* Track average RSSI from the Beacon frames of the current AP */ 2547 ifmgd->last_beacon_signal = rx_status->signal; 2548 if (ifmgd->flags & IEEE80211_STA_RESET_SIGNAL_AVE) { 2549 ifmgd->flags &= ~IEEE80211_STA_RESET_SIGNAL_AVE; 2550 ifmgd->ave_beacon_signal = rx_status->signal * 16; 2551 ifmgd->last_cqm_event_signal = 0; 2552 ifmgd->count_beacon_signal = 1; 2553 ifmgd->last_ave_beacon_signal = 0; 2554 } else { 2555 ifmgd->ave_beacon_signal = 2556 (IEEE80211_SIGNAL_AVE_WEIGHT * rx_status->signal * 16 + 2557 (16 - IEEE80211_SIGNAL_AVE_WEIGHT) * 2558 ifmgd->ave_beacon_signal) / 16; 2559 ifmgd->count_beacon_signal++; 2560 } 2561 2562 if (ifmgd->rssi_min_thold != ifmgd->rssi_max_thold && 2563 ifmgd->count_beacon_signal >= IEEE80211_SIGNAL_AVE_MIN_COUNT) { 2564 int sig = ifmgd->ave_beacon_signal; 2565 int last_sig = ifmgd->last_ave_beacon_signal; 2566 2567 /* 2568 * if signal crosses either of the boundaries, invoke callback 2569 * with appropriate parameters 2570 */ 2571 if (sig > ifmgd->rssi_max_thold && 2572 (last_sig <= ifmgd->rssi_min_thold || last_sig == 0)) { 2573 ifmgd->last_ave_beacon_signal = sig; 2574 drv_rssi_callback(local, RSSI_EVENT_HIGH); 2575 } else if (sig < ifmgd->rssi_min_thold && 2576 (last_sig >= ifmgd->rssi_max_thold || 2577 last_sig == 0)) { 2578 ifmgd->last_ave_beacon_signal = sig; 2579 drv_rssi_callback(local, RSSI_EVENT_LOW); 2580 } 2581 } 2582 2583 if (bss_conf->cqm_rssi_thold && 2584 ifmgd->count_beacon_signal >= IEEE80211_SIGNAL_AVE_MIN_COUNT && 2585 !(sdata->vif.driver_flags & IEEE80211_VIF_SUPPORTS_CQM_RSSI)) { 2586 int sig = ifmgd->ave_beacon_signal / 16; 2587 int last_event = ifmgd->last_cqm_event_signal; 2588 int thold = bss_conf->cqm_rssi_thold; 2589 int hyst = bss_conf->cqm_rssi_hyst; 2590 if (sig < thold && 2591 (last_event == 0 || sig < last_event - hyst)) { 2592 ifmgd->last_cqm_event_signal = sig; 2593 ieee80211_cqm_rssi_notify( 2594 &sdata->vif, 2595 NL80211_CQM_RSSI_THRESHOLD_EVENT_LOW, 2596 GFP_KERNEL); 2597 } else if (sig > thold && 2598 (last_event == 0 || sig > last_event + hyst)) { 2599 ifmgd->last_cqm_event_signal = sig; 2600 ieee80211_cqm_rssi_notify( 2601 &sdata->vif, 2602 NL80211_CQM_RSSI_THRESHOLD_EVENT_HIGH, 2603 GFP_KERNEL); 2604 } 2605 } 2606 2607 if (ifmgd->flags & IEEE80211_STA_BEACON_POLL) { 2608 mlme_dbg_ratelimited(sdata, 2609 "cancelling probereq poll due to a received beacon\n"); 2610 mutex_lock(&local->mtx); 2611 ifmgd->flags &= ~IEEE80211_STA_BEACON_POLL; 2612 ieee80211_run_deferred_scan(local); 2613 mutex_unlock(&local->mtx); 2614 2615 mutex_lock(&local->iflist_mtx); 2616 ieee80211_recalc_ps(local, -1); 2617 mutex_unlock(&local->iflist_mtx); 2618 } 2619 2620 /* 2621 * Push the beacon loss detection into the future since 2622 * we are processing a beacon from the AP just now. 2623 */ 2624 ieee80211_sta_reset_beacon_monitor(sdata); 2625 2626 ncrc = crc32_be(0, (void *)&mgmt->u.beacon.beacon_int, 4); 2627 ncrc = ieee802_11_parse_elems_crc(mgmt->u.beacon.variable, 2628 len - baselen, &elems, 2629 care_about_ies, ncrc); 2630 2631 if (local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK) { 2632 bool directed_tim = ieee80211_check_tim(elems.tim, 2633 elems.tim_len, 2634 ifmgd->aid); 2635 if (directed_tim) { 2636 if (local->hw.conf.dynamic_ps_timeout > 0) { 2637 if (local->hw.conf.flags & IEEE80211_CONF_PS) { 2638 local->hw.conf.flags &= ~IEEE80211_CONF_PS; 2639 ieee80211_hw_config(local, 2640 IEEE80211_CONF_CHANGE_PS); 2641 } 2642 ieee80211_send_nullfunc(local, sdata, 0); 2643 } else if (!local->pspolling && sdata->u.mgd.powersave) { 2644 local->pspolling = true; 2645 2646 /* 2647 * Here is assumed that the driver will be 2648 * able to send ps-poll frame and receive a 2649 * response even though power save mode is 2650 * enabled, but some drivers might require 2651 * to disable power save here. This needs 2652 * to be investigated. 2653 */ 2654 ieee80211_send_pspoll(local, sdata); 2655 } 2656 } 2657 } 2658 2659 if (sdata->vif.p2p) { 2660 u8 noa[2]; 2661 int ret; 2662 2663 ret = cfg80211_get_p2p_attr(mgmt->u.beacon.variable, 2664 len - baselen, 2665 IEEE80211_P2P_ATTR_ABSENCE_NOTICE, 2666 noa, sizeof(noa)); 2667 if (ret >= 2 && sdata->u.mgd.p2p_noa_index != noa[0]) { 2668 bss_conf->p2p_oppps = noa[1] & 0x80; 2669 bss_conf->p2p_ctwindow = noa[1] & 0x7f; 2670 changed |= BSS_CHANGED_P2P_PS; 2671 sdata->u.mgd.p2p_noa_index = noa[0]; 2672 /* 2673 * make sure we update all information, the CRC 2674 * mechanism doesn't look at P2P attributes. 2675 */ 2676 ifmgd->beacon_crc_valid = false; 2677 } 2678 } 2679 2680 if (ncrc == ifmgd->beacon_crc && ifmgd->beacon_crc_valid) 2681 return; 2682 ifmgd->beacon_crc = ncrc; 2683 ifmgd->beacon_crc_valid = true; 2684 2685 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems, 2686 true); 2687 2688 if (ieee80211_sta_wmm_params(local, sdata, elems.wmm_param, 2689 elems.wmm_param_len)) 2690 changed |= BSS_CHANGED_QOS; 2691 2692 if (elems.erp_info && elems.erp_info_len >= 1) { 2693 erp_valid = true; 2694 erp_value = elems.erp_info[0]; 2695 } else { 2696 erp_valid = false; 2697 } 2698 changed |= ieee80211_handle_bss_capability(sdata, 2699 le16_to_cpu(mgmt->u.beacon.capab_info), 2700 erp_valid, erp_value); 2701 2702 2703 if (elems.ht_cap_elem && elems.ht_operation && elems.wmm_param && 2704 !(ifmgd->flags & IEEE80211_STA_DISABLE_HT)) 2705 changed |= ieee80211_config_ht_tx(sdata, elems.ht_operation, 2706 bssid, true); 2707 2708 if (elems.country_elem && elems.pwr_constr_elem && 2709 mgmt->u.probe_resp.capab_info & 2710 cpu_to_le16(WLAN_CAPABILITY_SPECTRUM_MGMT)) 2711 changed |= ieee80211_handle_pwr_constr(sdata, chan, 2712 elems.country_elem, 2713 elems.country_elem_len, 2714 elems.pwr_constr_elem); 2715 2716 ieee80211_bss_info_change_notify(sdata, changed); 2717 } 2718 2719 void ieee80211_sta_rx_queued_mgmt(struct ieee80211_sub_if_data *sdata, 2720 struct sk_buff *skb) 2721 { 2722 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2723 struct ieee80211_rx_status *rx_status; 2724 struct ieee80211_mgmt *mgmt; 2725 struct cfg80211_bss *bss = NULL; 2726 enum rx_mgmt_action rma = RX_MGMT_NONE; 2727 u16 fc; 2728 2729 rx_status = (struct ieee80211_rx_status *) skb->cb; 2730 mgmt = (struct ieee80211_mgmt *) skb->data; 2731 fc = le16_to_cpu(mgmt->frame_control); 2732 2733 mutex_lock(&ifmgd->mtx); 2734 2735 switch (fc & IEEE80211_FCTL_STYPE) { 2736 case IEEE80211_STYPE_BEACON: 2737 ieee80211_rx_mgmt_beacon(sdata, mgmt, skb->len, rx_status); 2738 break; 2739 case IEEE80211_STYPE_PROBE_RESP: 2740 ieee80211_rx_mgmt_probe_resp(sdata, skb); 2741 break; 2742 case IEEE80211_STYPE_AUTH: 2743 rma = ieee80211_rx_mgmt_auth(sdata, mgmt, skb->len); 2744 break; 2745 case IEEE80211_STYPE_DEAUTH: 2746 rma = ieee80211_rx_mgmt_deauth(sdata, mgmt, skb->len); 2747 break; 2748 case IEEE80211_STYPE_DISASSOC: 2749 rma = ieee80211_rx_mgmt_disassoc(sdata, mgmt, skb->len); 2750 break; 2751 case IEEE80211_STYPE_ASSOC_RESP: 2752 case IEEE80211_STYPE_REASSOC_RESP: 2753 rma = ieee80211_rx_mgmt_assoc_resp(sdata, mgmt, skb->len, &bss); 2754 break; 2755 case IEEE80211_STYPE_ACTION: 2756 switch (mgmt->u.action.category) { 2757 case WLAN_CATEGORY_SPECTRUM_MGMT: 2758 ieee80211_sta_process_chanswitch(sdata, 2759 &mgmt->u.action.u.chan_switch.sw_elem, 2760 (void *)ifmgd->associated->priv, 2761 rx_status->mactime); 2762 break; 2763 } 2764 } 2765 mutex_unlock(&ifmgd->mtx); 2766 2767 switch (rma) { 2768 case RX_MGMT_NONE: 2769 /* no action */ 2770 break; 2771 case RX_MGMT_CFG80211_DEAUTH: 2772 cfg80211_send_deauth(sdata->dev, (u8 *)mgmt, skb->len); 2773 break; 2774 case RX_MGMT_CFG80211_DISASSOC: 2775 cfg80211_send_disassoc(sdata->dev, (u8 *)mgmt, skb->len); 2776 break; 2777 case RX_MGMT_CFG80211_RX_AUTH: 2778 cfg80211_send_rx_auth(sdata->dev, (u8 *)mgmt, skb->len); 2779 break; 2780 case RX_MGMT_CFG80211_RX_ASSOC: 2781 cfg80211_send_rx_assoc(sdata->dev, bss, (u8 *)mgmt, skb->len); 2782 break; 2783 case RX_MGMT_CFG80211_ASSOC_TIMEOUT: 2784 cfg80211_send_assoc_timeout(sdata->dev, mgmt->bssid); 2785 break; 2786 default: 2787 WARN(1, "unexpected: %d", rma); 2788 } 2789 } 2790 2791 static void ieee80211_sta_timer(unsigned long data) 2792 { 2793 struct ieee80211_sub_if_data *sdata = 2794 (struct ieee80211_sub_if_data *) data; 2795 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2796 struct ieee80211_local *local = sdata->local; 2797 2798 if (local->quiescing) { 2799 set_bit(TMR_RUNNING_TIMER, &ifmgd->timers_running); 2800 return; 2801 } 2802 2803 ieee80211_queue_work(&local->hw, &sdata->work); 2804 } 2805 2806 static void ieee80211_sta_connection_lost(struct ieee80211_sub_if_data *sdata, 2807 u8 *bssid, u8 reason) 2808 { 2809 struct ieee80211_local *local = sdata->local; 2810 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2811 u8 frame_buf[IEEE80211_DEAUTH_FRAME_LEN]; 2812 2813 ieee80211_set_disassoc(sdata, IEEE80211_STYPE_DEAUTH, reason, 2814 false, frame_buf); 2815 mutex_unlock(&ifmgd->mtx); 2816 2817 /* 2818 * must be outside lock due to cfg80211, 2819 * but that's not a problem. 2820 */ 2821 cfg80211_send_deauth(sdata->dev, frame_buf, IEEE80211_DEAUTH_FRAME_LEN); 2822 2823 mutex_lock(&local->mtx); 2824 ieee80211_recalc_idle(local); 2825 mutex_unlock(&local->mtx); 2826 2827 mutex_lock(&ifmgd->mtx); 2828 } 2829 2830 static int ieee80211_probe_auth(struct ieee80211_sub_if_data *sdata) 2831 { 2832 struct ieee80211_local *local = sdata->local; 2833 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2834 struct ieee80211_mgd_auth_data *auth_data = ifmgd->auth_data; 2835 2836 lockdep_assert_held(&ifmgd->mtx); 2837 2838 if (WARN_ON_ONCE(!auth_data)) 2839 return -EINVAL; 2840 2841 auth_data->tries++; 2842 2843 if (auth_data->tries > IEEE80211_AUTH_MAX_TRIES) { 2844 sdata_info(sdata, "authentication with %pM timed out\n", 2845 auth_data->bss->bssid); 2846 2847 /* 2848 * Most likely AP is not in the range so remove the 2849 * bss struct for that AP. 2850 */ 2851 cfg80211_unlink_bss(local->hw.wiphy, auth_data->bss); 2852 2853 return -ETIMEDOUT; 2854 } 2855 2856 drv_mgd_prepare_tx(local, sdata); 2857 2858 if (auth_data->bss->proberesp_ies) { 2859 u16 trans = 1; 2860 u16 status = 0; 2861 2862 sdata_info(sdata, "send auth to %pM (try %d/%d)\n", 2863 auth_data->bss->bssid, auth_data->tries, 2864 IEEE80211_AUTH_MAX_TRIES); 2865 2866 auth_data->expected_transaction = 2; 2867 2868 if (auth_data->algorithm == WLAN_AUTH_SAE) { 2869 trans = auth_data->sae_trans; 2870 status = auth_data->sae_status; 2871 auth_data->expected_transaction = trans; 2872 } 2873 2874 ieee80211_send_auth(sdata, trans, auth_data->algorithm, status, 2875 auth_data->data, auth_data->data_len, 2876 auth_data->bss->bssid, 2877 auth_data->bss->bssid, NULL, 0, 0); 2878 } else { 2879 const u8 *ssidie; 2880 2881 sdata_info(sdata, "direct probe to %pM (try %d/%i)\n", 2882 auth_data->bss->bssid, auth_data->tries, 2883 IEEE80211_AUTH_MAX_TRIES); 2884 2885 rcu_read_lock(); 2886 ssidie = ieee80211_bss_get_ie(auth_data->bss, WLAN_EID_SSID); 2887 if (!ssidie) { 2888 rcu_read_unlock(); 2889 return -EINVAL; 2890 } 2891 /* 2892 * Direct probe is sent to broadcast address as some APs 2893 * will not answer to direct packet in unassociated state. 2894 */ 2895 ieee80211_send_probe_req(sdata, NULL, ssidie + 2, ssidie[1], 2896 NULL, 0, (u32) -1, true, false, 2897 auth_data->bss->channel, false); 2898 rcu_read_unlock(); 2899 } 2900 2901 auth_data->timeout = jiffies + IEEE80211_AUTH_TIMEOUT; 2902 run_again(ifmgd, auth_data->timeout); 2903 2904 return 0; 2905 } 2906 2907 static int ieee80211_do_assoc(struct ieee80211_sub_if_data *sdata) 2908 { 2909 struct ieee80211_mgd_assoc_data *assoc_data = sdata->u.mgd.assoc_data; 2910 struct ieee80211_local *local = sdata->local; 2911 2912 lockdep_assert_held(&sdata->u.mgd.mtx); 2913 2914 assoc_data->tries++; 2915 if (assoc_data->tries > IEEE80211_ASSOC_MAX_TRIES) { 2916 sdata_info(sdata, "association with %pM timed out\n", 2917 assoc_data->bss->bssid); 2918 2919 /* 2920 * Most likely AP is not in the range so remove the 2921 * bss struct for that AP. 2922 */ 2923 cfg80211_unlink_bss(local->hw.wiphy, assoc_data->bss); 2924 2925 return -ETIMEDOUT; 2926 } 2927 2928 sdata_info(sdata, "associate with %pM (try %d/%d)\n", 2929 assoc_data->bss->bssid, assoc_data->tries, 2930 IEEE80211_ASSOC_MAX_TRIES); 2931 ieee80211_send_assoc(sdata); 2932 2933 assoc_data->timeout = jiffies + IEEE80211_ASSOC_TIMEOUT; 2934 run_again(&sdata->u.mgd, assoc_data->timeout); 2935 2936 return 0; 2937 } 2938 2939 void ieee80211_sta_work(struct ieee80211_sub_if_data *sdata) 2940 { 2941 struct ieee80211_local *local = sdata->local; 2942 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2943 2944 mutex_lock(&ifmgd->mtx); 2945 2946 if (ifmgd->auth_data && 2947 time_after(jiffies, ifmgd->auth_data->timeout)) { 2948 if (ifmgd->auth_data->done) { 2949 /* 2950 * ok ... we waited for assoc but userspace didn't, 2951 * so let's just kill the auth data 2952 */ 2953 ieee80211_destroy_auth_data(sdata, false); 2954 } else if (ieee80211_probe_auth(sdata)) { 2955 u8 bssid[ETH_ALEN]; 2956 2957 memcpy(bssid, ifmgd->auth_data->bss->bssid, ETH_ALEN); 2958 2959 ieee80211_destroy_auth_data(sdata, false); 2960 2961 mutex_unlock(&ifmgd->mtx); 2962 cfg80211_send_auth_timeout(sdata->dev, bssid); 2963 mutex_lock(&ifmgd->mtx); 2964 } 2965 } else if (ifmgd->auth_data) 2966 run_again(ifmgd, ifmgd->auth_data->timeout); 2967 2968 if (ifmgd->assoc_data && 2969 time_after(jiffies, ifmgd->assoc_data->timeout)) { 2970 if (!ifmgd->assoc_data->have_beacon || 2971 ieee80211_do_assoc(sdata)) { 2972 u8 bssid[ETH_ALEN]; 2973 2974 memcpy(bssid, ifmgd->assoc_data->bss->bssid, ETH_ALEN); 2975 2976 ieee80211_destroy_assoc_data(sdata, false); 2977 2978 mutex_unlock(&ifmgd->mtx); 2979 cfg80211_send_assoc_timeout(sdata->dev, bssid); 2980 mutex_lock(&ifmgd->mtx); 2981 } 2982 } else if (ifmgd->assoc_data) 2983 run_again(ifmgd, ifmgd->assoc_data->timeout); 2984 2985 if (ifmgd->flags & (IEEE80211_STA_BEACON_POLL | 2986 IEEE80211_STA_CONNECTION_POLL) && 2987 ifmgd->associated) { 2988 u8 bssid[ETH_ALEN]; 2989 int max_tries; 2990 2991 memcpy(bssid, ifmgd->associated->bssid, ETH_ALEN); 2992 2993 if (local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS) 2994 max_tries = max_nullfunc_tries; 2995 else 2996 max_tries = max_probe_tries; 2997 2998 /* ACK received for nullfunc probing frame */ 2999 if (!ifmgd->probe_send_count) 3000 ieee80211_reset_ap_probe(sdata); 3001 else if (ifmgd->nullfunc_failed) { 3002 if (ifmgd->probe_send_count < max_tries) { 3003 mlme_dbg(sdata, 3004 "No ack for nullfunc frame to AP %pM, try %d/%i\n", 3005 bssid, ifmgd->probe_send_count, 3006 max_tries); 3007 ieee80211_mgd_probe_ap_send(sdata); 3008 } else { 3009 mlme_dbg(sdata, 3010 "No ack for nullfunc frame to AP %pM, disconnecting.\n", 3011 bssid); 3012 ieee80211_sta_connection_lost(sdata, bssid, 3013 WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY); 3014 } 3015 } else if (time_is_after_jiffies(ifmgd->probe_timeout)) 3016 run_again(ifmgd, ifmgd->probe_timeout); 3017 else if (local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS) { 3018 mlme_dbg(sdata, 3019 "Failed to send nullfunc to AP %pM after %dms, disconnecting\n", 3020 bssid, probe_wait_ms); 3021 ieee80211_sta_connection_lost(sdata, bssid, 3022 WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY); 3023 } else if (ifmgd->probe_send_count < max_tries) { 3024 mlme_dbg(sdata, 3025 "No probe response from AP %pM after %dms, try %d/%i\n", 3026 bssid, probe_wait_ms, 3027 ifmgd->probe_send_count, max_tries); 3028 ieee80211_mgd_probe_ap_send(sdata); 3029 } else { 3030 /* 3031 * We actually lost the connection ... or did we? 3032 * Let's make sure! 3033 */ 3034 wiphy_debug(local->hw.wiphy, 3035 "%s: No probe response from AP %pM" 3036 " after %dms, disconnecting.\n", 3037 sdata->name, 3038 bssid, probe_wait_ms); 3039 3040 ieee80211_sta_connection_lost(sdata, bssid, 3041 WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY); 3042 } 3043 } 3044 3045 mutex_unlock(&ifmgd->mtx); 3046 3047 mutex_lock(&local->mtx); 3048 ieee80211_recalc_idle(local); 3049 mutex_unlock(&local->mtx); 3050 } 3051 3052 static void ieee80211_sta_bcn_mon_timer(unsigned long data) 3053 { 3054 struct ieee80211_sub_if_data *sdata = 3055 (struct ieee80211_sub_if_data *) data; 3056 struct ieee80211_local *local = sdata->local; 3057 3058 if (local->quiescing) 3059 return; 3060 3061 ieee80211_queue_work(&sdata->local->hw, 3062 &sdata->u.mgd.beacon_connection_loss_work); 3063 } 3064 3065 static void ieee80211_sta_conn_mon_timer(unsigned long data) 3066 { 3067 struct ieee80211_sub_if_data *sdata = 3068 (struct ieee80211_sub_if_data *) data; 3069 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 3070 struct ieee80211_local *local = sdata->local; 3071 3072 if (local->quiescing) 3073 return; 3074 3075 ieee80211_queue_work(&local->hw, &ifmgd->monitor_work); 3076 } 3077 3078 static void ieee80211_sta_monitor_work(struct work_struct *work) 3079 { 3080 struct ieee80211_sub_if_data *sdata = 3081 container_of(work, struct ieee80211_sub_if_data, 3082 u.mgd.monitor_work); 3083 3084 ieee80211_mgd_probe_ap(sdata, false); 3085 } 3086 3087 static void ieee80211_restart_sta_timer(struct ieee80211_sub_if_data *sdata) 3088 { 3089 u32 flags; 3090 3091 if (sdata->vif.type == NL80211_IFTYPE_STATION) { 3092 __ieee80211_stop_poll(sdata); 3093 3094 /* let's probe the connection once */ 3095 flags = sdata->local->hw.flags; 3096 if (!(flags & IEEE80211_HW_CONNECTION_MONITOR)) 3097 ieee80211_queue_work(&sdata->local->hw, 3098 &sdata->u.mgd.monitor_work); 3099 /* and do all the other regular work too */ 3100 ieee80211_queue_work(&sdata->local->hw, &sdata->work); 3101 } 3102 } 3103 3104 #ifdef CONFIG_PM 3105 void ieee80211_sta_quiesce(struct ieee80211_sub_if_data *sdata) 3106 { 3107 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 3108 3109 /* 3110 * we need to use atomic bitops for the running bits 3111 * only because both timers might fire at the same 3112 * time -- the code here is properly synchronised. 3113 */ 3114 3115 cancel_work_sync(&ifmgd->request_smps_work); 3116 3117 cancel_work_sync(&ifmgd->monitor_work); 3118 cancel_work_sync(&ifmgd->beacon_connection_loss_work); 3119 cancel_work_sync(&ifmgd->csa_connection_drop_work); 3120 if (del_timer_sync(&ifmgd->timer)) 3121 set_bit(TMR_RUNNING_TIMER, &ifmgd->timers_running); 3122 3123 cancel_work_sync(&ifmgd->chswitch_work); 3124 if (del_timer_sync(&ifmgd->chswitch_timer)) 3125 set_bit(TMR_RUNNING_CHANSW, &ifmgd->timers_running); 3126 3127 /* these will just be re-established on connection */ 3128 del_timer_sync(&ifmgd->conn_mon_timer); 3129 del_timer_sync(&ifmgd->bcn_mon_timer); 3130 } 3131 3132 void ieee80211_sta_restart(struct ieee80211_sub_if_data *sdata) 3133 { 3134 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 3135 3136 if (!ifmgd->associated) 3137 return; 3138 3139 if (sdata->flags & IEEE80211_SDATA_DISCONNECT_RESUME) { 3140 sdata->flags &= ~IEEE80211_SDATA_DISCONNECT_RESUME; 3141 mutex_lock(&ifmgd->mtx); 3142 if (ifmgd->associated) { 3143 mlme_dbg(sdata, 3144 "driver requested disconnect after resume\n"); 3145 ieee80211_sta_connection_lost(sdata, 3146 ifmgd->associated->bssid, 3147 WLAN_REASON_UNSPECIFIED); 3148 mutex_unlock(&ifmgd->mtx); 3149 return; 3150 } 3151 mutex_unlock(&ifmgd->mtx); 3152 } 3153 3154 if (test_and_clear_bit(TMR_RUNNING_TIMER, &ifmgd->timers_running)) 3155 add_timer(&ifmgd->timer); 3156 if (test_and_clear_bit(TMR_RUNNING_CHANSW, &ifmgd->timers_running)) 3157 add_timer(&ifmgd->chswitch_timer); 3158 ieee80211_sta_reset_beacon_monitor(sdata); 3159 3160 mutex_lock(&sdata->local->mtx); 3161 ieee80211_restart_sta_timer(sdata); 3162 mutex_unlock(&sdata->local->mtx); 3163 } 3164 #endif 3165 3166 /* interface setup */ 3167 void ieee80211_sta_setup_sdata(struct ieee80211_sub_if_data *sdata) 3168 { 3169 struct ieee80211_if_managed *ifmgd; 3170 3171 ifmgd = &sdata->u.mgd; 3172 INIT_WORK(&ifmgd->monitor_work, ieee80211_sta_monitor_work); 3173 INIT_WORK(&ifmgd->chswitch_work, ieee80211_chswitch_work); 3174 INIT_WORK(&ifmgd->beacon_connection_loss_work, 3175 ieee80211_beacon_connection_loss_work); 3176 INIT_WORK(&ifmgd->csa_connection_drop_work, 3177 ieee80211_csa_connection_drop_work); 3178 INIT_WORK(&ifmgd->request_smps_work, ieee80211_request_smps_work); 3179 setup_timer(&ifmgd->timer, ieee80211_sta_timer, 3180 (unsigned long) sdata); 3181 setup_timer(&ifmgd->bcn_mon_timer, ieee80211_sta_bcn_mon_timer, 3182 (unsigned long) sdata); 3183 setup_timer(&ifmgd->conn_mon_timer, ieee80211_sta_conn_mon_timer, 3184 (unsigned long) sdata); 3185 setup_timer(&ifmgd->chswitch_timer, ieee80211_chswitch_timer, 3186 (unsigned long) sdata); 3187 3188 ifmgd->flags = 0; 3189 ifmgd->powersave = sdata->wdev.ps; 3190 ifmgd->uapsd_queues = IEEE80211_DEFAULT_UAPSD_QUEUES; 3191 ifmgd->uapsd_max_sp_len = IEEE80211_DEFAULT_MAX_SP_LEN; 3192 3193 mutex_init(&ifmgd->mtx); 3194 3195 if (sdata->local->hw.flags & IEEE80211_HW_SUPPORTS_DYNAMIC_SMPS) 3196 ifmgd->req_smps = IEEE80211_SMPS_AUTOMATIC; 3197 else 3198 ifmgd->req_smps = IEEE80211_SMPS_OFF; 3199 } 3200 3201 /* scan finished notification */ 3202 void ieee80211_mlme_notify_scan_completed(struct ieee80211_local *local) 3203 { 3204 struct ieee80211_sub_if_data *sdata; 3205 3206 /* Restart STA timers */ 3207 rcu_read_lock(); 3208 list_for_each_entry_rcu(sdata, &local->interfaces, list) 3209 ieee80211_restart_sta_timer(sdata); 3210 rcu_read_unlock(); 3211 } 3212 3213 int ieee80211_max_network_latency(struct notifier_block *nb, 3214 unsigned long data, void *dummy) 3215 { 3216 s32 latency_usec = (s32) data; 3217 struct ieee80211_local *local = 3218 container_of(nb, struct ieee80211_local, 3219 network_latency_notifier); 3220 3221 mutex_lock(&local->iflist_mtx); 3222 ieee80211_recalc_ps(local, latency_usec); 3223 mutex_unlock(&local->iflist_mtx); 3224 3225 return 0; 3226 } 3227 3228 static u32 chandef_downgrade(struct cfg80211_chan_def *c) 3229 { 3230 u32 ret; 3231 int tmp; 3232 3233 switch (c->width) { 3234 case NL80211_CHAN_WIDTH_20: 3235 c->width = NL80211_CHAN_WIDTH_20_NOHT; 3236 ret = IEEE80211_STA_DISABLE_HT | IEEE80211_STA_DISABLE_VHT; 3237 break; 3238 case NL80211_CHAN_WIDTH_40: 3239 c->width = NL80211_CHAN_WIDTH_20; 3240 c->center_freq1 = c->chan->center_freq; 3241 ret = IEEE80211_STA_DISABLE_40MHZ | 3242 IEEE80211_STA_DISABLE_VHT; 3243 break; 3244 case NL80211_CHAN_WIDTH_80: 3245 tmp = (30 + c->chan->center_freq - c->center_freq1)/20; 3246 /* n_P40 */ 3247 tmp /= 2; 3248 /* freq_P40 */ 3249 c->center_freq1 = c->center_freq1 - 20 + 40 * tmp; 3250 c->width = NL80211_CHAN_WIDTH_40; 3251 ret = IEEE80211_STA_DISABLE_VHT; 3252 break; 3253 case NL80211_CHAN_WIDTH_80P80: 3254 c->center_freq2 = 0; 3255 c->width = NL80211_CHAN_WIDTH_80; 3256 ret = IEEE80211_STA_DISABLE_80P80MHZ | 3257 IEEE80211_STA_DISABLE_160MHZ; 3258 break; 3259 case NL80211_CHAN_WIDTH_160: 3260 /* n_P20 */ 3261 tmp = (70 + c->chan->center_freq - c->center_freq1)/20; 3262 /* n_P80 */ 3263 tmp /= 4; 3264 c->center_freq1 = c->center_freq1 - 40 + 80 * tmp; 3265 c->width = NL80211_CHAN_WIDTH_80; 3266 ret = IEEE80211_STA_DISABLE_80P80MHZ | 3267 IEEE80211_STA_DISABLE_160MHZ; 3268 break; 3269 default: 3270 case NL80211_CHAN_WIDTH_20_NOHT: 3271 WARN_ON_ONCE(1); 3272 c->width = NL80211_CHAN_WIDTH_20_NOHT; 3273 ret = IEEE80211_STA_DISABLE_HT | IEEE80211_STA_DISABLE_VHT; 3274 break; 3275 } 3276 3277 WARN_ON_ONCE(!cfg80211_chandef_valid(c)); 3278 3279 return ret; 3280 } 3281 3282 static u32 3283 ieee80211_determine_chantype(struct ieee80211_sub_if_data *sdata, 3284 struct ieee80211_supported_band *sband, 3285 struct ieee80211_channel *channel, 3286 const struct ieee80211_ht_operation *ht_oper, 3287 const struct ieee80211_vht_operation *vht_oper, 3288 struct cfg80211_chan_def *chandef) 3289 { 3290 struct cfg80211_chan_def vht_chandef; 3291 u32 ht_cfreq, ret; 3292 3293 chandef->chan = channel; 3294 chandef->width = NL80211_CHAN_WIDTH_20_NOHT; 3295 chandef->center_freq1 = channel->center_freq; 3296 chandef->center_freq2 = 0; 3297 3298 if (!ht_oper || !sband->ht_cap.ht_supported) { 3299 ret = IEEE80211_STA_DISABLE_HT | IEEE80211_STA_DISABLE_VHT; 3300 goto out; 3301 } 3302 3303 chandef->width = NL80211_CHAN_WIDTH_20; 3304 3305 ht_cfreq = ieee80211_channel_to_frequency(ht_oper->primary_chan, 3306 channel->band); 3307 /* check that channel matches the right operating channel */ 3308 if (channel->center_freq != ht_cfreq) { 3309 /* 3310 * It's possible that some APs are confused here; 3311 * Netgear WNDR3700 sometimes reports 4 higher than 3312 * the actual channel in association responses, but 3313 * since we look at probe response/beacon data here 3314 * it should be OK. 3315 */ 3316 sdata_info(sdata, 3317 "Wrong control channel: center-freq: %d ht-cfreq: %d ht->primary_chan: %d band: %d - Disabling HT\n", 3318 channel->center_freq, ht_cfreq, 3319 ht_oper->primary_chan, channel->band); 3320 ret = IEEE80211_STA_DISABLE_HT | IEEE80211_STA_DISABLE_VHT; 3321 goto out; 3322 } 3323 3324 /* check 40 MHz support, if we have it */ 3325 if (sband->ht_cap.cap & IEEE80211_HT_CAP_SUP_WIDTH_20_40) { 3326 switch (ht_oper->ht_param & IEEE80211_HT_PARAM_CHA_SEC_OFFSET) { 3327 case IEEE80211_HT_PARAM_CHA_SEC_ABOVE: 3328 chandef->width = NL80211_CHAN_WIDTH_40; 3329 chandef->center_freq1 += 10; 3330 break; 3331 case IEEE80211_HT_PARAM_CHA_SEC_BELOW: 3332 chandef->width = NL80211_CHAN_WIDTH_40; 3333 chandef->center_freq1 -= 10; 3334 break; 3335 } 3336 } else { 3337 /* 40 MHz (and 80 MHz) must be supported for VHT */ 3338 ret = IEEE80211_STA_DISABLE_VHT; 3339 goto out; 3340 } 3341 3342 if (!vht_oper || !sband->vht_cap.vht_supported) { 3343 ret = IEEE80211_STA_DISABLE_VHT; 3344 goto out; 3345 } 3346 3347 vht_chandef.chan = channel; 3348 vht_chandef.center_freq1 = 3349 ieee80211_channel_to_frequency(vht_oper->center_freq_seg1_idx, 3350 channel->band); 3351 vht_chandef.center_freq2 = 0; 3352 3353 if (vht_oper->center_freq_seg2_idx) 3354 vht_chandef.center_freq2 = 3355 ieee80211_channel_to_frequency( 3356 vht_oper->center_freq_seg2_idx, 3357 channel->band); 3358 3359 switch (vht_oper->chan_width) { 3360 case IEEE80211_VHT_CHANWIDTH_USE_HT: 3361 vht_chandef.width = chandef->width; 3362 break; 3363 case IEEE80211_VHT_CHANWIDTH_80MHZ: 3364 vht_chandef.width = NL80211_CHAN_WIDTH_80; 3365 break; 3366 case IEEE80211_VHT_CHANWIDTH_160MHZ: 3367 vht_chandef.width = NL80211_CHAN_WIDTH_160; 3368 break; 3369 case IEEE80211_VHT_CHANWIDTH_80P80MHZ: 3370 vht_chandef.width = NL80211_CHAN_WIDTH_80P80; 3371 break; 3372 default: 3373 sdata_info(sdata, 3374 "AP VHT operation IE has invalid channel width (%d), disable VHT\n", 3375 vht_oper->chan_width); 3376 ret = IEEE80211_STA_DISABLE_VHT; 3377 goto out; 3378 } 3379 3380 if (!cfg80211_chandef_valid(&vht_chandef)) { 3381 sdata_info(sdata, 3382 "AP VHT information is invalid, disable VHT\n"); 3383 ret = IEEE80211_STA_DISABLE_VHT; 3384 goto out; 3385 } 3386 3387 if (cfg80211_chandef_identical(chandef, &vht_chandef)) { 3388 ret = 0; 3389 goto out; 3390 } 3391 3392 if (!cfg80211_chandef_compatible(chandef, &vht_chandef)) { 3393 sdata_info(sdata, 3394 "AP VHT information doesn't match HT, disable VHT\n"); 3395 ret = IEEE80211_STA_DISABLE_VHT; 3396 goto out; 3397 } 3398 3399 *chandef = vht_chandef; 3400 3401 ret = 0; 3402 3403 out: 3404 while (!cfg80211_chandef_usable(sdata->local->hw.wiphy, chandef, 3405 IEEE80211_CHAN_DISABLED)) { 3406 if (WARN_ON(chandef->width == NL80211_CHAN_WIDTH_20_NOHT)) { 3407 ret = IEEE80211_STA_DISABLE_HT | 3408 IEEE80211_STA_DISABLE_VHT; 3409 goto out; 3410 } 3411 3412 ret |= chandef_downgrade(chandef); 3413 } 3414 3415 if (chandef->width != vht_chandef.width) 3416 sdata_info(sdata, 3417 "capabilities/regulatory prevented using AP HT/VHT configuration, downgraded\n"); 3418 3419 WARN_ON_ONCE(!cfg80211_chandef_valid(chandef)); 3420 return ret; 3421 } 3422 3423 static u8 ieee80211_ht_vht_rx_chains(struct ieee80211_sub_if_data *sdata, 3424 struct cfg80211_bss *cbss) 3425 { 3426 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 3427 const u8 *ht_cap_ie, *vht_cap_ie; 3428 const struct ieee80211_ht_cap *ht_cap; 3429 const struct ieee80211_vht_cap *vht_cap; 3430 u8 chains = 1; 3431 3432 if (ifmgd->flags & IEEE80211_STA_DISABLE_HT) 3433 return chains; 3434 3435 ht_cap_ie = ieee80211_bss_get_ie(cbss, WLAN_EID_HT_CAPABILITY); 3436 if (ht_cap_ie && ht_cap_ie[1] >= sizeof(*ht_cap)) { 3437 ht_cap = (void *)(ht_cap_ie + 2); 3438 chains = ieee80211_mcs_to_chains(&ht_cap->mcs); 3439 /* 3440 * TODO: use "Tx Maximum Number Spatial Streams Supported" and 3441 * "Tx Unequal Modulation Supported" fields. 3442 */ 3443 } 3444 3445 if (ifmgd->flags & IEEE80211_STA_DISABLE_VHT) 3446 return chains; 3447 3448 vht_cap_ie = ieee80211_bss_get_ie(cbss, WLAN_EID_VHT_CAPABILITY); 3449 if (vht_cap_ie && vht_cap_ie[1] >= sizeof(*vht_cap)) { 3450 u8 nss; 3451 u16 tx_mcs_map; 3452 3453 vht_cap = (void *)(vht_cap_ie + 2); 3454 tx_mcs_map = le16_to_cpu(vht_cap->supp_mcs.tx_mcs_map); 3455 for (nss = 8; nss > 0; nss--) { 3456 if (((tx_mcs_map >> (2 * (nss - 1))) & 3) != 3457 IEEE80211_VHT_MCS_NOT_SUPPORTED) 3458 break; 3459 } 3460 /* TODO: use "Tx Highest Supported Long GI Data Rate" field? */ 3461 chains = max(chains, nss); 3462 } 3463 3464 return chains; 3465 } 3466 3467 static int ieee80211_prep_channel(struct ieee80211_sub_if_data *sdata, 3468 struct cfg80211_bss *cbss) 3469 { 3470 struct ieee80211_local *local = sdata->local; 3471 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 3472 const struct ieee80211_ht_operation *ht_oper = NULL; 3473 const struct ieee80211_vht_operation *vht_oper = NULL; 3474 struct ieee80211_supported_band *sband; 3475 struct cfg80211_chan_def chandef; 3476 int ret; 3477 3478 sband = local->hw.wiphy->bands[cbss->channel->band]; 3479 3480 ifmgd->flags &= ~(IEEE80211_STA_DISABLE_40MHZ | 3481 IEEE80211_STA_DISABLE_80P80MHZ | 3482 IEEE80211_STA_DISABLE_160MHZ); 3483 3484 rcu_read_lock(); 3485 3486 if (!(ifmgd->flags & IEEE80211_STA_DISABLE_HT) && 3487 sband->ht_cap.ht_supported) { 3488 const u8 *ht_oper_ie; 3489 3490 ht_oper_ie = ieee80211_bss_get_ie(cbss, WLAN_EID_HT_OPERATION); 3491 if (ht_oper_ie && ht_oper_ie[1] >= sizeof(*ht_oper)) 3492 ht_oper = (void *)(ht_oper_ie + 2); 3493 } 3494 3495 if (!(ifmgd->flags & IEEE80211_STA_DISABLE_VHT) && 3496 sband->vht_cap.vht_supported) { 3497 const u8 *vht_oper_ie; 3498 3499 vht_oper_ie = ieee80211_bss_get_ie(cbss, 3500 WLAN_EID_VHT_OPERATION); 3501 if (vht_oper_ie && vht_oper_ie[1] >= sizeof(*vht_oper)) 3502 vht_oper = (void *)(vht_oper_ie + 2); 3503 if (vht_oper && !ht_oper) { 3504 vht_oper = NULL; 3505 sdata_info(sdata, 3506 "AP advertised VHT without HT, disabling both\n"); 3507 sdata->flags |= IEEE80211_STA_DISABLE_HT; 3508 sdata->flags |= IEEE80211_STA_DISABLE_VHT; 3509 } 3510 } 3511 3512 ifmgd->flags |= ieee80211_determine_chantype(sdata, sband, 3513 cbss->channel, 3514 ht_oper, vht_oper, 3515 &chandef); 3516 3517 sdata->needed_rx_chains = min(ieee80211_ht_vht_rx_chains(sdata, cbss), 3518 local->rx_chains); 3519 3520 rcu_read_unlock(); 3521 3522 /* will change later if needed */ 3523 sdata->smps_mode = IEEE80211_SMPS_OFF; 3524 3525 /* 3526 * If this fails (possibly due to channel context sharing 3527 * on incompatible channels, e.g. 80+80 and 160 sharing the 3528 * same control channel) try to use a smaller bandwidth. 3529 */ 3530 ret = ieee80211_vif_use_channel(sdata, &chandef, 3531 IEEE80211_CHANCTX_SHARED); 3532 while (ret && chandef.width != NL80211_CHAN_WIDTH_20_NOHT) { 3533 ifmgd->flags |= chandef_downgrade(&chandef); 3534 ret = ieee80211_vif_use_channel(sdata, &chandef, 3535 IEEE80211_CHANCTX_SHARED); 3536 } 3537 return ret; 3538 } 3539 3540 static int ieee80211_prep_connection(struct ieee80211_sub_if_data *sdata, 3541 struct cfg80211_bss *cbss, bool assoc) 3542 { 3543 struct ieee80211_local *local = sdata->local; 3544 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 3545 struct ieee80211_bss *bss = (void *)cbss->priv; 3546 struct sta_info *new_sta = NULL; 3547 bool have_sta = false; 3548 int err; 3549 3550 if (WARN_ON(!ifmgd->auth_data && !ifmgd->assoc_data)) 3551 return -EINVAL; 3552 3553 if (assoc) { 3554 rcu_read_lock(); 3555 have_sta = sta_info_get(sdata, cbss->bssid); 3556 rcu_read_unlock(); 3557 } 3558 3559 if (!have_sta) { 3560 new_sta = sta_info_alloc(sdata, cbss->bssid, GFP_KERNEL); 3561 if (!new_sta) 3562 return -ENOMEM; 3563 } 3564 3565 mutex_lock(&local->mtx); 3566 ieee80211_recalc_idle(sdata->local); 3567 mutex_unlock(&local->mtx); 3568 3569 if (new_sta) { 3570 u32 rates = 0, basic_rates = 0; 3571 bool have_higher_than_11mbit; 3572 int min_rate = INT_MAX, min_rate_index = -1; 3573 struct ieee80211_supported_band *sband; 3574 3575 sband = local->hw.wiphy->bands[cbss->channel->band]; 3576 3577 err = ieee80211_prep_channel(sdata, cbss); 3578 if (err) { 3579 sta_info_free(local, new_sta); 3580 return err; 3581 } 3582 3583 ieee80211_get_rates(sband, bss->supp_rates, 3584 bss->supp_rates_len, 3585 &rates, &basic_rates, 3586 &have_higher_than_11mbit, 3587 &min_rate, &min_rate_index); 3588 3589 /* 3590 * This used to be a workaround for basic rates missing 3591 * in the association response frame. Now that we no 3592 * longer use the basic rates from there, it probably 3593 * doesn't happen any more, but keep the workaround so 3594 * in case some *other* APs are buggy in different ways 3595 * we can connect -- with a warning. 3596 */ 3597 if (!basic_rates && min_rate_index >= 0) { 3598 sdata_info(sdata, 3599 "No basic rates, using min rate instead\n"); 3600 basic_rates = BIT(min_rate_index); 3601 } 3602 3603 new_sta->sta.supp_rates[cbss->channel->band] = rates; 3604 sdata->vif.bss_conf.basic_rates = basic_rates; 3605 3606 /* cf. IEEE 802.11 9.2.12 */ 3607 if (cbss->channel->band == IEEE80211_BAND_2GHZ && 3608 have_higher_than_11mbit) 3609 sdata->flags |= IEEE80211_SDATA_OPERATING_GMODE; 3610 else 3611 sdata->flags &= ~IEEE80211_SDATA_OPERATING_GMODE; 3612 3613 memcpy(ifmgd->bssid, cbss->bssid, ETH_ALEN); 3614 3615 /* set timing information */ 3616 sdata->vif.bss_conf.beacon_int = cbss->beacon_interval; 3617 sdata->vif.bss_conf.sync_tsf = cbss->tsf; 3618 sdata->vif.bss_conf.sync_device_ts = bss->device_ts; 3619 3620 /* tell driver about BSSID, basic rates and timing */ 3621 ieee80211_bss_info_change_notify(sdata, 3622 BSS_CHANGED_BSSID | BSS_CHANGED_BASIC_RATES | 3623 BSS_CHANGED_BEACON_INT); 3624 3625 if (assoc) 3626 sta_info_pre_move_state(new_sta, IEEE80211_STA_AUTH); 3627 3628 err = sta_info_insert(new_sta); 3629 new_sta = NULL; 3630 if (err) { 3631 sdata_info(sdata, 3632 "failed to insert STA entry for the AP (error %d)\n", 3633 err); 3634 return err; 3635 } 3636 } else 3637 WARN_ON_ONCE(!ether_addr_equal(ifmgd->bssid, cbss->bssid)); 3638 3639 return 0; 3640 } 3641 3642 /* config hooks */ 3643 int ieee80211_mgd_auth(struct ieee80211_sub_if_data *sdata, 3644 struct cfg80211_auth_request *req) 3645 { 3646 struct ieee80211_local *local = sdata->local; 3647 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 3648 struct ieee80211_mgd_auth_data *auth_data; 3649 u16 auth_alg; 3650 int err; 3651 3652 /* prepare auth data structure */ 3653 3654 switch (req->auth_type) { 3655 case NL80211_AUTHTYPE_OPEN_SYSTEM: 3656 auth_alg = WLAN_AUTH_OPEN; 3657 break; 3658 case NL80211_AUTHTYPE_SHARED_KEY: 3659 if (IS_ERR(local->wep_tx_tfm)) 3660 return -EOPNOTSUPP; 3661 auth_alg = WLAN_AUTH_SHARED_KEY; 3662 break; 3663 case NL80211_AUTHTYPE_FT: 3664 auth_alg = WLAN_AUTH_FT; 3665 break; 3666 case NL80211_AUTHTYPE_NETWORK_EAP: 3667 auth_alg = WLAN_AUTH_LEAP; 3668 break; 3669 case NL80211_AUTHTYPE_SAE: 3670 auth_alg = WLAN_AUTH_SAE; 3671 break; 3672 default: 3673 return -EOPNOTSUPP; 3674 } 3675 3676 auth_data = kzalloc(sizeof(*auth_data) + req->sae_data_len + 3677 req->ie_len, GFP_KERNEL); 3678 if (!auth_data) 3679 return -ENOMEM; 3680 3681 auth_data->bss = req->bss; 3682 3683 if (req->sae_data_len >= 4) { 3684 __le16 *pos = (__le16 *) req->sae_data; 3685 auth_data->sae_trans = le16_to_cpu(pos[0]); 3686 auth_data->sae_status = le16_to_cpu(pos[1]); 3687 memcpy(auth_data->data, req->sae_data + 4, 3688 req->sae_data_len - 4); 3689 auth_data->data_len += req->sae_data_len - 4; 3690 } 3691 3692 if (req->ie && req->ie_len) { 3693 memcpy(&auth_data->data[auth_data->data_len], 3694 req->ie, req->ie_len); 3695 auth_data->data_len += req->ie_len; 3696 } 3697 3698 if (req->key && req->key_len) { 3699 auth_data->key_len = req->key_len; 3700 auth_data->key_idx = req->key_idx; 3701 memcpy(auth_data->key, req->key, req->key_len); 3702 } 3703 3704 auth_data->algorithm = auth_alg; 3705 3706 /* try to authenticate/probe */ 3707 3708 mutex_lock(&ifmgd->mtx); 3709 3710 if ((ifmgd->auth_data && !ifmgd->auth_data->done) || 3711 ifmgd->assoc_data) { 3712 err = -EBUSY; 3713 goto err_free; 3714 } 3715 3716 if (ifmgd->auth_data) 3717 ieee80211_destroy_auth_data(sdata, false); 3718 3719 /* prep auth_data so we don't go into idle on disassoc */ 3720 ifmgd->auth_data = auth_data; 3721 3722 if (ifmgd->associated) 3723 ieee80211_set_disassoc(sdata, 0, 0, false, NULL); 3724 3725 sdata_info(sdata, "authenticate with %pM\n", req->bss->bssid); 3726 3727 err = ieee80211_prep_connection(sdata, req->bss, false); 3728 if (err) 3729 goto err_clear; 3730 3731 err = ieee80211_probe_auth(sdata); 3732 if (err) { 3733 sta_info_destroy_addr(sdata, req->bss->bssid); 3734 goto err_clear; 3735 } 3736 3737 /* hold our own reference */ 3738 cfg80211_ref_bss(auth_data->bss); 3739 err = 0; 3740 goto out_unlock; 3741 3742 err_clear: 3743 memset(ifmgd->bssid, 0, ETH_ALEN); 3744 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BSSID); 3745 ifmgd->auth_data = NULL; 3746 err_free: 3747 kfree(auth_data); 3748 out_unlock: 3749 mutex_unlock(&ifmgd->mtx); 3750 3751 return err; 3752 } 3753 3754 int ieee80211_mgd_assoc(struct ieee80211_sub_if_data *sdata, 3755 struct cfg80211_assoc_request *req) 3756 { 3757 struct ieee80211_local *local = sdata->local; 3758 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 3759 struct ieee80211_bss *bss = (void *)req->bss->priv; 3760 struct ieee80211_mgd_assoc_data *assoc_data; 3761 struct ieee80211_supported_band *sband; 3762 const u8 *ssidie, *ht_ie; 3763 int i, err; 3764 3765 assoc_data = kzalloc(sizeof(*assoc_data) + req->ie_len, GFP_KERNEL); 3766 if (!assoc_data) 3767 return -ENOMEM; 3768 3769 rcu_read_lock(); 3770 ssidie = ieee80211_bss_get_ie(req->bss, WLAN_EID_SSID); 3771 if (!ssidie) { 3772 rcu_read_unlock(); 3773 kfree(assoc_data); 3774 return -EINVAL; 3775 } 3776 memcpy(assoc_data->ssid, ssidie + 2, ssidie[1]); 3777 assoc_data->ssid_len = ssidie[1]; 3778 rcu_read_unlock(); 3779 3780 mutex_lock(&ifmgd->mtx); 3781 3782 if (ifmgd->associated) 3783 ieee80211_set_disassoc(sdata, 0, 0, false, NULL); 3784 3785 if (ifmgd->auth_data && !ifmgd->auth_data->done) { 3786 err = -EBUSY; 3787 goto err_free; 3788 } 3789 3790 if (ifmgd->assoc_data) { 3791 err = -EBUSY; 3792 goto err_free; 3793 } 3794 3795 if (ifmgd->auth_data) { 3796 bool match; 3797 3798 /* keep sta info, bssid if matching */ 3799 match = ether_addr_equal(ifmgd->bssid, req->bss->bssid); 3800 ieee80211_destroy_auth_data(sdata, match); 3801 } 3802 3803 /* prepare assoc data */ 3804 3805 ifmgd->beacon_crc_valid = false; 3806 3807 /* 3808 * IEEE802.11n does not allow TKIP/WEP as pairwise ciphers in HT mode. 3809 * We still associate in non-HT mode (11a/b/g) if any one of these 3810 * ciphers is configured as pairwise. 3811 * We can set this to true for non-11n hardware, that'll be checked 3812 * separately along with the peer capabilities. 3813 */ 3814 for (i = 0; i < req->crypto.n_ciphers_pairwise; i++) { 3815 if (req->crypto.ciphers_pairwise[i] == WLAN_CIPHER_SUITE_WEP40 || 3816 req->crypto.ciphers_pairwise[i] == WLAN_CIPHER_SUITE_TKIP || 3817 req->crypto.ciphers_pairwise[i] == WLAN_CIPHER_SUITE_WEP104) { 3818 ifmgd->flags |= IEEE80211_STA_DISABLE_HT; 3819 ifmgd->flags |= IEEE80211_STA_DISABLE_VHT; 3820 netdev_info(sdata->dev, 3821 "disabling HT/VHT due to WEP/TKIP use\n"); 3822 } 3823 } 3824 3825 if (req->flags & ASSOC_REQ_DISABLE_HT) { 3826 ifmgd->flags |= IEEE80211_STA_DISABLE_HT; 3827 ifmgd->flags |= IEEE80211_STA_DISABLE_VHT; 3828 } 3829 3830 /* Also disable HT if we don't support it or the AP doesn't use WMM */ 3831 sband = local->hw.wiphy->bands[req->bss->channel->band]; 3832 if (!sband->ht_cap.ht_supported || 3833 local->hw.queues < IEEE80211_NUM_ACS || !bss->wmm_used) { 3834 ifmgd->flags |= IEEE80211_STA_DISABLE_HT; 3835 if (!bss->wmm_used) 3836 netdev_info(sdata->dev, 3837 "disabling HT as WMM/QoS is not supported by the AP\n"); 3838 } 3839 3840 /* disable VHT if we don't support it or the AP doesn't use WMM */ 3841 if (!sband->vht_cap.vht_supported || 3842 local->hw.queues < IEEE80211_NUM_ACS || !bss->wmm_used) { 3843 ifmgd->flags |= IEEE80211_STA_DISABLE_VHT; 3844 if (!bss->wmm_used) 3845 netdev_info(sdata->dev, 3846 "disabling VHT as WMM/QoS is not supported by the AP\n"); 3847 } 3848 3849 memcpy(&ifmgd->ht_capa, &req->ht_capa, sizeof(ifmgd->ht_capa)); 3850 memcpy(&ifmgd->ht_capa_mask, &req->ht_capa_mask, 3851 sizeof(ifmgd->ht_capa_mask)); 3852 3853 if (req->ie && req->ie_len) { 3854 memcpy(assoc_data->ie, req->ie, req->ie_len); 3855 assoc_data->ie_len = req->ie_len; 3856 } 3857 3858 assoc_data->bss = req->bss; 3859 3860 if (ifmgd->req_smps == IEEE80211_SMPS_AUTOMATIC) { 3861 if (ifmgd->powersave) 3862 sdata->smps_mode = IEEE80211_SMPS_DYNAMIC; 3863 else 3864 sdata->smps_mode = IEEE80211_SMPS_OFF; 3865 } else 3866 sdata->smps_mode = ifmgd->req_smps; 3867 3868 assoc_data->capability = req->bss->capability; 3869 assoc_data->wmm = bss->wmm_used && 3870 (local->hw.queues >= IEEE80211_NUM_ACS); 3871 assoc_data->supp_rates = bss->supp_rates; 3872 assoc_data->supp_rates_len = bss->supp_rates_len; 3873 3874 rcu_read_lock(); 3875 ht_ie = ieee80211_bss_get_ie(req->bss, WLAN_EID_HT_OPERATION); 3876 if (ht_ie && ht_ie[1] >= sizeof(struct ieee80211_ht_operation)) 3877 assoc_data->ap_ht_param = 3878 ((struct ieee80211_ht_operation *)(ht_ie + 2))->ht_param; 3879 else 3880 ifmgd->flags |= IEEE80211_STA_DISABLE_HT; 3881 rcu_read_unlock(); 3882 3883 if (bss->wmm_used && bss->uapsd_supported && 3884 (sdata->local->hw.flags & IEEE80211_HW_SUPPORTS_UAPSD)) { 3885 assoc_data->uapsd = true; 3886 ifmgd->flags |= IEEE80211_STA_UAPSD_ENABLED; 3887 } else { 3888 assoc_data->uapsd = false; 3889 ifmgd->flags &= ~IEEE80211_STA_UAPSD_ENABLED; 3890 } 3891 3892 if (req->prev_bssid) 3893 memcpy(assoc_data->prev_bssid, req->prev_bssid, ETH_ALEN); 3894 3895 if (req->use_mfp) { 3896 ifmgd->mfp = IEEE80211_MFP_REQUIRED; 3897 ifmgd->flags |= IEEE80211_STA_MFP_ENABLED; 3898 } else { 3899 ifmgd->mfp = IEEE80211_MFP_DISABLED; 3900 ifmgd->flags &= ~IEEE80211_STA_MFP_ENABLED; 3901 } 3902 3903 if (req->crypto.control_port) 3904 ifmgd->flags |= IEEE80211_STA_CONTROL_PORT; 3905 else 3906 ifmgd->flags &= ~IEEE80211_STA_CONTROL_PORT; 3907 3908 sdata->control_port_protocol = req->crypto.control_port_ethertype; 3909 sdata->control_port_no_encrypt = req->crypto.control_port_no_encrypt; 3910 3911 /* kick off associate process */ 3912 3913 ifmgd->assoc_data = assoc_data; 3914 ifmgd->dtim_period = 0; 3915 3916 err = ieee80211_prep_connection(sdata, req->bss, true); 3917 if (err) 3918 goto err_clear; 3919 3920 if (sdata->local->hw.flags & IEEE80211_HW_NEED_DTIM_PERIOD) { 3921 const struct cfg80211_bss_ies *beacon_ies; 3922 3923 rcu_read_lock(); 3924 beacon_ies = rcu_dereference(req->bss->beacon_ies); 3925 if (!beacon_ies) { 3926 /* 3927 * Wait up to one beacon interval ... 3928 * should this be more if we miss one? 3929 */ 3930 sdata_info(sdata, "waiting for beacon from %pM\n", 3931 ifmgd->bssid); 3932 assoc_data->timeout = 3933 TU_TO_EXP_TIME(req->bss->beacon_interval); 3934 } else { 3935 const u8 *tim_ie = cfg80211_find_ie(WLAN_EID_TIM, 3936 beacon_ies->data, 3937 beacon_ies->len); 3938 if (tim_ie && tim_ie[1] >= 3939 sizeof(struct ieee80211_tim_ie)) { 3940 const struct ieee80211_tim_ie *tim; 3941 tim = (void *)(tim_ie + 2); 3942 ifmgd->dtim_period = tim->dtim_period; 3943 } 3944 assoc_data->have_beacon = true; 3945 assoc_data->sent_assoc = false; 3946 assoc_data->timeout = jiffies; 3947 } 3948 rcu_read_unlock(); 3949 } else { 3950 assoc_data->have_beacon = true; 3951 assoc_data->sent_assoc = false; 3952 assoc_data->timeout = jiffies; 3953 } 3954 run_again(ifmgd, assoc_data->timeout); 3955 3956 if (bss->corrupt_data) { 3957 char *corrupt_type = "data"; 3958 if (bss->corrupt_data & IEEE80211_BSS_CORRUPT_BEACON) { 3959 if (bss->corrupt_data & 3960 IEEE80211_BSS_CORRUPT_PROBE_RESP) 3961 corrupt_type = "beacon and probe response"; 3962 else 3963 corrupt_type = "beacon"; 3964 } else if (bss->corrupt_data & IEEE80211_BSS_CORRUPT_PROBE_RESP) 3965 corrupt_type = "probe response"; 3966 sdata_info(sdata, "associating with AP with corrupt %s\n", 3967 corrupt_type); 3968 } 3969 3970 err = 0; 3971 goto out; 3972 err_clear: 3973 memset(ifmgd->bssid, 0, ETH_ALEN); 3974 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BSSID); 3975 ifmgd->assoc_data = NULL; 3976 err_free: 3977 kfree(assoc_data); 3978 out: 3979 mutex_unlock(&ifmgd->mtx); 3980 3981 return err; 3982 } 3983 3984 int ieee80211_mgd_deauth(struct ieee80211_sub_if_data *sdata, 3985 struct cfg80211_deauth_request *req) 3986 { 3987 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 3988 u8 frame_buf[IEEE80211_DEAUTH_FRAME_LEN]; 3989 bool tx = !req->local_state_change; 3990 bool sent_frame = false; 3991 3992 mutex_lock(&ifmgd->mtx); 3993 3994 sdata_info(sdata, 3995 "deauthenticating from %pM by local choice (reason=%d)\n", 3996 req->bssid, req->reason_code); 3997 3998 if (ifmgd->auth_data) { 3999 drv_mgd_prepare_tx(sdata->local, sdata); 4000 ieee80211_send_deauth_disassoc(sdata, req->bssid, 4001 IEEE80211_STYPE_DEAUTH, 4002 req->reason_code, tx, 4003 frame_buf); 4004 ieee80211_destroy_auth_data(sdata, false); 4005 mutex_unlock(&ifmgd->mtx); 4006 4007 sent_frame = tx; 4008 goto out; 4009 } 4010 4011 if (ifmgd->associated && 4012 ether_addr_equal(ifmgd->associated->bssid, req->bssid)) { 4013 ieee80211_set_disassoc(sdata, IEEE80211_STYPE_DEAUTH, 4014 req->reason_code, tx, frame_buf); 4015 sent_frame = tx; 4016 } 4017 mutex_unlock(&ifmgd->mtx); 4018 4019 out: 4020 mutex_lock(&sdata->local->mtx); 4021 ieee80211_recalc_idle(sdata->local); 4022 mutex_unlock(&sdata->local->mtx); 4023 4024 if (sent_frame) 4025 __cfg80211_send_deauth(sdata->dev, frame_buf, 4026 IEEE80211_DEAUTH_FRAME_LEN); 4027 4028 return 0; 4029 } 4030 4031 int ieee80211_mgd_disassoc(struct ieee80211_sub_if_data *sdata, 4032 struct cfg80211_disassoc_request *req) 4033 { 4034 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 4035 u8 bssid[ETH_ALEN]; 4036 u8 frame_buf[IEEE80211_DEAUTH_FRAME_LEN]; 4037 4038 mutex_lock(&ifmgd->mtx); 4039 4040 /* 4041 * cfg80211 should catch this ... but it's racy since 4042 * we can receive a disassoc frame, process it, hand it 4043 * to cfg80211 while that's in a locked section already 4044 * trying to tell us that the user wants to disconnect. 4045 */ 4046 if (ifmgd->associated != req->bss) { 4047 mutex_unlock(&ifmgd->mtx); 4048 return -ENOLINK; 4049 } 4050 4051 sdata_info(sdata, 4052 "disassociating from %pM by local choice (reason=%d)\n", 4053 req->bss->bssid, req->reason_code); 4054 4055 memcpy(bssid, req->bss->bssid, ETH_ALEN); 4056 ieee80211_set_disassoc(sdata, IEEE80211_STYPE_DISASSOC, 4057 req->reason_code, !req->local_state_change, 4058 frame_buf); 4059 mutex_unlock(&ifmgd->mtx); 4060 4061 __cfg80211_send_disassoc(sdata->dev, frame_buf, 4062 IEEE80211_DEAUTH_FRAME_LEN); 4063 4064 mutex_lock(&sdata->local->mtx); 4065 ieee80211_recalc_idle(sdata->local); 4066 mutex_unlock(&sdata->local->mtx); 4067 4068 return 0; 4069 } 4070 4071 void ieee80211_mgd_stop(struct ieee80211_sub_if_data *sdata) 4072 { 4073 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 4074 4075 mutex_lock(&ifmgd->mtx); 4076 if (ifmgd->assoc_data) 4077 ieee80211_destroy_assoc_data(sdata, false); 4078 if (ifmgd->auth_data) 4079 ieee80211_destroy_auth_data(sdata, false); 4080 del_timer_sync(&ifmgd->timer); 4081 mutex_unlock(&ifmgd->mtx); 4082 } 4083 4084 void ieee80211_cqm_rssi_notify(struct ieee80211_vif *vif, 4085 enum nl80211_cqm_rssi_threshold_event rssi_event, 4086 gfp_t gfp) 4087 { 4088 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); 4089 4090 trace_api_cqm_rssi_notify(sdata, rssi_event); 4091 4092 cfg80211_cqm_rssi_notify(sdata->dev, rssi_event, gfp); 4093 } 4094 EXPORT_SYMBOL(ieee80211_cqm_rssi_notify); 4095