1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * spectrum management 4 * 5 * Copyright 2003, Jouni Malinen <jkmaline@cc.hut.fi> 6 * Copyright 2002-2005, Instant802 Networks, Inc. 7 * Copyright 2005-2006, Devicescape Software, Inc. 8 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz> 9 * Copyright 2007, Michael Wu <flamingice@sourmilk.net> 10 * Copyright 2007-2008, Intel Corporation 11 * Copyright 2008, Johannes Berg <johannes@sipsolutions.net> 12 * Copyright (C) 2018, 2020, 2022-2024 Intel Corporation 13 */ 14 15 #include <linux/ieee80211.h> 16 #include <net/cfg80211.h> 17 #include <net/mac80211.h> 18 #include "ieee80211_i.h" 19 #include "sta_info.h" 20 #include "wme.h" 21 22 static bool 23 wbcs_elem_to_chandef(const struct ieee80211_wide_bw_chansw_ie *wbcs_elem, 24 struct cfg80211_chan_def *chandef) 25 { 26 u8 ccfs0 = wbcs_elem->new_center_freq_seg0; 27 u8 ccfs1 = wbcs_elem->new_center_freq_seg1; 28 u32 cf0 = ieee80211_channel_to_frequency(ccfs0, chandef->chan->band); 29 u32 cf1 = ieee80211_channel_to_frequency(ccfs1, chandef->chan->band); 30 31 switch (wbcs_elem->new_channel_width) { 32 case IEEE80211_VHT_CHANWIDTH_160MHZ: 33 /* deprecated encoding */ 34 chandef->width = NL80211_CHAN_WIDTH_160; 35 chandef->center_freq1 = cf0; 36 break; 37 case IEEE80211_VHT_CHANWIDTH_80P80MHZ: 38 /* deprecated encoding */ 39 chandef->width = NL80211_CHAN_WIDTH_80P80; 40 chandef->center_freq1 = cf0; 41 chandef->center_freq2 = cf1; 42 break; 43 case IEEE80211_VHT_CHANWIDTH_80MHZ: 44 chandef->width = NL80211_CHAN_WIDTH_80; 45 chandef->center_freq1 = cf0; 46 47 if (ccfs1) { 48 u8 diff = abs(ccfs0 - ccfs1); 49 50 if (diff == 8) { 51 chandef->width = NL80211_CHAN_WIDTH_160; 52 chandef->center_freq1 = cf1; 53 } else if (diff > 8) { 54 chandef->width = NL80211_CHAN_WIDTH_80P80; 55 chandef->center_freq2 = cf1; 56 } 57 } 58 break; 59 case IEEE80211_VHT_CHANWIDTH_USE_HT: 60 default: 61 /* If the WBCS Element is present, new channel bandwidth is 62 * at least 40 MHz. 63 */ 64 chandef->width = NL80211_CHAN_WIDTH_40; 65 chandef->center_freq1 = cf0; 66 break; 67 } 68 69 return cfg80211_chandef_valid(chandef); 70 } 71 72 static void 73 validate_chandef_by_ht_vht_oper(struct ieee80211_sub_if_data *sdata, 74 struct ieee80211_conn_settings *conn, 75 u32 vht_cap_info, 76 struct cfg80211_chan_def *chandef) 77 { 78 u32 control_freq, center_freq1, center_freq2; 79 enum nl80211_chan_width chan_width; 80 struct ieee80211_ht_operation ht_oper; 81 struct ieee80211_vht_operation vht_oper; 82 83 if (conn->mode < IEEE80211_CONN_MODE_HT || 84 conn->bw_limit < IEEE80211_CONN_BW_LIMIT_40) { 85 chandef->chan = NULL; 86 return; 87 } 88 89 control_freq = chandef->chan->center_freq; 90 center_freq1 = chandef->center_freq1; 91 center_freq2 = chandef->center_freq2; 92 chan_width = chandef->width; 93 94 ht_oper.primary_chan = ieee80211_frequency_to_channel(control_freq); 95 if (control_freq != center_freq1) 96 ht_oper.ht_param = control_freq > center_freq1 ? 97 IEEE80211_HT_PARAM_CHA_SEC_BELOW : 98 IEEE80211_HT_PARAM_CHA_SEC_ABOVE; 99 else 100 ht_oper.ht_param = IEEE80211_HT_PARAM_CHA_SEC_NONE; 101 102 ieee80211_chandef_ht_oper(&ht_oper, chandef); 103 104 if (conn->mode < IEEE80211_CONN_MODE_VHT) 105 return; 106 107 vht_oper.center_freq_seg0_idx = 108 ieee80211_frequency_to_channel(center_freq1); 109 vht_oper.center_freq_seg1_idx = center_freq2 ? 110 ieee80211_frequency_to_channel(center_freq2) : 0; 111 112 switch (chan_width) { 113 case NL80211_CHAN_WIDTH_320: 114 WARN_ON(1); 115 break; 116 case NL80211_CHAN_WIDTH_160: 117 vht_oper.chan_width = IEEE80211_VHT_CHANWIDTH_80MHZ; 118 vht_oper.center_freq_seg1_idx = vht_oper.center_freq_seg0_idx; 119 vht_oper.center_freq_seg0_idx += 120 control_freq < center_freq1 ? -8 : 8; 121 break; 122 case NL80211_CHAN_WIDTH_80P80: 123 vht_oper.chan_width = IEEE80211_VHT_CHANWIDTH_80MHZ; 124 break; 125 case NL80211_CHAN_WIDTH_80: 126 vht_oper.chan_width = IEEE80211_VHT_CHANWIDTH_80MHZ; 127 break; 128 default: 129 vht_oper.chan_width = IEEE80211_VHT_CHANWIDTH_USE_HT; 130 break; 131 } 132 133 ht_oper.operation_mode = 134 le16_encode_bits(vht_oper.center_freq_seg1_idx, 135 IEEE80211_HT_OP_MODE_CCFS2_MASK); 136 137 if (!ieee80211_chandef_vht_oper(&sdata->local->hw, vht_cap_info, 138 &vht_oper, &ht_oper, chandef)) 139 chandef->chan = NULL; 140 } 141 142 static void 143 validate_chandef_by_6ghz_he_eht_oper(struct ieee80211_sub_if_data *sdata, 144 struct ieee80211_conn_settings *conn, 145 struct cfg80211_chan_def *chandef) 146 { 147 struct ieee80211_local *local = sdata->local; 148 u32 control_freq, center_freq1, center_freq2; 149 enum nl80211_chan_width chan_width; 150 struct { 151 struct ieee80211_he_operation _oper; 152 struct ieee80211_he_6ghz_oper _6ghz_oper; 153 } __packed he; 154 struct { 155 struct ieee80211_eht_operation _oper; 156 struct ieee80211_eht_operation_info _oper_info; 157 } __packed eht; 158 const struct ieee80211_eht_operation *eht_oper; 159 160 if (conn->mode < IEEE80211_CONN_MODE_HE) { 161 chandef->chan = NULL; 162 return; 163 } 164 165 control_freq = chandef->chan->center_freq; 166 center_freq1 = chandef->center_freq1; 167 center_freq2 = chandef->center_freq2; 168 chan_width = chandef->width; 169 170 he._oper.he_oper_params = 171 le32_encode_bits(1, IEEE80211_HE_OPERATION_6GHZ_OP_INFO); 172 he._6ghz_oper.primary = 173 ieee80211_frequency_to_channel(control_freq); 174 he._6ghz_oper.ccfs0 = ieee80211_frequency_to_channel(center_freq1); 175 he._6ghz_oper.ccfs1 = center_freq2 ? 176 ieee80211_frequency_to_channel(center_freq2) : 0; 177 178 switch (chan_width) { 179 case NL80211_CHAN_WIDTH_320: 180 he._6ghz_oper.ccfs1 = he._6ghz_oper.ccfs0; 181 he._6ghz_oper.ccfs0 += control_freq < center_freq1 ? -16 : 16; 182 he._6ghz_oper.control = IEEE80211_EHT_OPER_CHAN_WIDTH_320MHZ; 183 break; 184 case NL80211_CHAN_WIDTH_160: 185 he._6ghz_oper.ccfs1 = he._6ghz_oper.ccfs0; 186 he._6ghz_oper.ccfs0 += control_freq < center_freq1 ? -8 : 8; 187 fallthrough; 188 case NL80211_CHAN_WIDTH_80P80: 189 he._6ghz_oper.control = 190 IEEE80211_HE_6GHZ_OPER_CTRL_CHANWIDTH_160MHZ; 191 break; 192 case NL80211_CHAN_WIDTH_80: 193 he._6ghz_oper.control = 194 IEEE80211_HE_6GHZ_OPER_CTRL_CHANWIDTH_80MHZ; 195 break; 196 case NL80211_CHAN_WIDTH_40: 197 he._6ghz_oper.control = 198 IEEE80211_HE_6GHZ_OPER_CTRL_CHANWIDTH_40MHZ; 199 break; 200 default: 201 he._6ghz_oper.control = 202 IEEE80211_HE_6GHZ_OPER_CTRL_CHANWIDTH_20MHZ; 203 break; 204 } 205 206 if (conn->mode < IEEE80211_CONN_MODE_EHT) { 207 eht_oper = NULL; 208 } else { 209 eht._oper.params = IEEE80211_EHT_OPER_INFO_PRESENT; 210 eht._oper_info.control = he._6ghz_oper.control; 211 eht._oper_info.ccfs0 = he._6ghz_oper.ccfs0; 212 eht._oper_info.ccfs1 = he._6ghz_oper.ccfs1; 213 eht_oper = &eht._oper; 214 } 215 216 if (!ieee80211_chandef_he_6ghz_oper(local, &he._oper, 217 eht_oper, chandef)) 218 chandef->chan = NULL; 219 } 220 221 int ieee80211_parse_ch_switch_ie(struct ieee80211_sub_if_data *sdata, 222 struct ieee802_11_elems *elems, 223 enum nl80211_band current_band, 224 u32 vht_cap_info, 225 struct ieee80211_conn_settings *conn, 226 u8 *bssid, 227 struct ieee80211_csa_ie *csa_ie) 228 { 229 enum nl80211_band new_band = current_band; 230 int new_freq; 231 u8 new_chan_no = 0, new_op_class = 0; 232 struct ieee80211_channel *new_chan; 233 struct cfg80211_chan_def new_chandef = {}; 234 const struct ieee80211_sec_chan_offs_ie *sec_chan_offs; 235 const struct ieee80211_wide_bw_chansw_ie *wide_bw_chansw_ie; 236 const struct ieee80211_bandwidth_indication *bwi; 237 const struct ieee80211_ext_chansw_ie *ext_chansw_elem; 238 int secondary_channel_offset = -1; 239 240 memset(csa_ie, 0, sizeof(*csa_ie)); 241 242 sec_chan_offs = elems->sec_chan_offs; 243 wide_bw_chansw_ie = elems->wide_bw_chansw_ie; 244 bwi = elems->bandwidth_indication; 245 ext_chansw_elem = elems->ext_chansw_ie; 246 247 if (conn->mode < IEEE80211_CONN_MODE_HT || 248 conn->bw_limit < IEEE80211_CONN_BW_LIMIT_40) { 249 sec_chan_offs = NULL; 250 wide_bw_chansw_ie = NULL; 251 } 252 253 if (conn->mode < IEEE80211_CONN_MODE_VHT) 254 wide_bw_chansw_ie = NULL; 255 256 if (ext_chansw_elem) { 257 new_op_class = ext_chansw_elem->new_operating_class; 258 259 if (!ieee80211_operating_class_to_band(new_op_class, &new_band)) { 260 new_op_class = 0; 261 sdata_info(sdata, "cannot understand ECSA IE operating class, %d, ignoring\n", 262 ext_chansw_elem->new_operating_class); 263 } else { 264 new_chan_no = ext_chansw_elem->new_ch_num; 265 csa_ie->count = ext_chansw_elem->count; 266 csa_ie->mode = ext_chansw_elem->mode; 267 } 268 } 269 270 if (!new_op_class && elems->ch_switch_ie) { 271 new_chan_no = elems->ch_switch_ie->new_ch_num; 272 csa_ie->count = elems->ch_switch_ie->count; 273 csa_ie->mode = elems->ch_switch_ie->mode; 274 } 275 276 /* nothing here we understand */ 277 if (!new_chan_no) 278 return 1; 279 280 /* Mesh Channel Switch Parameters Element */ 281 if (elems->mesh_chansw_params_ie) { 282 csa_ie->ttl = elems->mesh_chansw_params_ie->mesh_ttl; 283 csa_ie->mode = elems->mesh_chansw_params_ie->mesh_flags; 284 csa_ie->pre_value = le16_to_cpu( 285 elems->mesh_chansw_params_ie->mesh_pre_value); 286 287 if (elems->mesh_chansw_params_ie->mesh_flags & 288 WLAN_EID_CHAN_SWITCH_PARAM_REASON) 289 csa_ie->reason_code = le16_to_cpu( 290 elems->mesh_chansw_params_ie->mesh_reason); 291 } 292 293 new_freq = ieee80211_channel_to_frequency(new_chan_no, new_band); 294 new_chan = ieee80211_get_channel(sdata->local->hw.wiphy, new_freq); 295 if (!new_chan || new_chan->flags & IEEE80211_CHAN_DISABLED) { 296 sdata_info(sdata, 297 "BSS %pM switches to unsupported channel (%d MHz), disconnecting\n", 298 bssid, new_freq); 299 return -EINVAL; 300 } 301 302 if (sec_chan_offs) { 303 secondary_channel_offset = sec_chan_offs->sec_chan_offs; 304 } else if (conn->mode >= IEEE80211_CONN_MODE_HT) { 305 /* If the secondary channel offset IE is not present, 306 * we can't know what's the post-CSA offset, so the 307 * best we can do is use 20MHz. 308 */ 309 secondary_channel_offset = IEEE80211_HT_PARAM_CHA_SEC_NONE; 310 } 311 312 switch (secondary_channel_offset) { 313 default: 314 /* secondary_channel_offset was present but is invalid */ 315 case IEEE80211_HT_PARAM_CHA_SEC_NONE: 316 cfg80211_chandef_create(&csa_ie->chanreq.oper, new_chan, 317 NL80211_CHAN_HT20); 318 break; 319 case IEEE80211_HT_PARAM_CHA_SEC_ABOVE: 320 cfg80211_chandef_create(&csa_ie->chanreq.oper, new_chan, 321 NL80211_CHAN_HT40PLUS); 322 break; 323 case IEEE80211_HT_PARAM_CHA_SEC_BELOW: 324 cfg80211_chandef_create(&csa_ie->chanreq.oper, new_chan, 325 NL80211_CHAN_HT40MINUS); 326 break; 327 case -1: 328 cfg80211_chandef_create(&csa_ie->chanreq.oper, new_chan, 329 NL80211_CHAN_NO_HT); 330 /* keep width for 5/10 MHz channels */ 331 switch (sdata->vif.bss_conf.chanreq.oper.width) { 332 case NL80211_CHAN_WIDTH_5: 333 case NL80211_CHAN_WIDTH_10: 334 csa_ie->chanreq.oper.width = 335 sdata->vif.bss_conf.chanreq.oper.width; 336 break; 337 default: 338 break; 339 } 340 break; 341 } 342 343 /* parse one of the Elements to build a new chandef */ 344 memset(&new_chandef, 0, sizeof(new_chandef)); 345 new_chandef.chan = new_chan; 346 if (bwi) { 347 /* start with the CSA one */ 348 new_chandef = csa_ie->chanreq.oper; 349 /* and update the width accordingly */ 350 ieee80211_chandef_eht_oper(&bwi->info, &new_chandef); 351 352 if (bwi->params & IEEE80211_BW_IND_DIS_SUBCH_PRESENT) 353 new_chandef.punctured = 354 get_unaligned_le16(bwi->info.optional); 355 } else if (!wide_bw_chansw_ie || !wbcs_elem_to_chandef(wide_bw_chansw_ie, 356 &new_chandef)) { 357 if (!ieee80211_operating_class_to_chandef(new_op_class, new_chan, 358 &new_chandef)) 359 new_chandef = csa_ie->chanreq.oper; 360 } 361 362 /* check if the new chandef fits the capabilities */ 363 if (new_band == NL80211_BAND_6GHZ) 364 validate_chandef_by_6ghz_he_eht_oper(sdata, conn, &new_chandef); 365 else 366 validate_chandef_by_ht_vht_oper(sdata, conn, vht_cap_info, 367 &new_chandef); 368 369 /* capture the AP chandef before (potential) downgrading */ 370 csa_ie->chanreq.ap = new_chandef; 371 372 /* if data is there validate the bandwidth & use it */ 373 if (new_chandef.chan) { 374 if (conn->bw_limit < IEEE80211_CONN_BW_LIMIT_320 && 375 new_chandef.width == NL80211_CHAN_WIDTH_320) 376 ieee80211_chandef_downgrade(&new_chandef, NULL); 377 378 if (conn->bw_limit < IEEE80211_CONN_BW_LIMIT_160 && 379 (new_chandef.width == NL80211_CHAN_WIDTH_80P80 || 380 new_chandef.width == NL80211_CHAN_WIDTH_160)) 381 ieee80211_chandef_downgrade(&new_chandef, NULL); 382 383 if (!cfg80211_chandef_compatible(&new_chandef, 384 &csa_ie->chanreq.oper)) { 385 sdata_info(sdata, 386 "BSS %pM: CSA has inconsistent channel data, disconnecting\n", 387 bssid); 388 return -EINVAL; 389 } 390 391 csa_ie->chanreq.oper = new_chandef; 392 } 393 394 if (elems->max_channel_switch_time) 395 csa_ie->max_switch_time = 396 (elems->max_channel_switch_time[0] << 0) | 397 (elems->max_channel_switch_time[1] << 8) | 398 (elems->max_channel_switch_time[2] << 16); 399 400 return 0; 401 } 402 403 static void ieee80211_send_refuse_measurement_request(struct ieee80211_sub_if_data *sdata, 404 struct ieee80211_msrment_ie *request_ie, 405 const u8 *da, const u8 *bssid, 406 u8 dialog_token) 407 { 408 struct ieee80211_local *local = sdata->local; 409 struct sk_buff *skb; 410 struct ieee80211_mgmt *msr_report; 411 412 skb = dev_alloc_skb(sizeof(*msr_report) + local->hw.extra_tx_headroom + 413 sizeof(struct ieee80211_msrment_ie)); 414 if (!skb) 415 return; 416 417 skb_reserve(skb, local->hw.extra_tx_headroom); 418 msr_report = skb_put_zero(skb, 24); 419 memcpy(msr_report->da, da, ETH_ALEN); 420 memcpy(msr_report->sa, sdata->vif.addr, ETH_ALEN); 421 memcpy(msr_report->bssid, bssid, ETH_ALEN); 422 msr_report->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | 423 IEEE80211_STYPE_ACTION); 424 425 skb_put(skb, 1 + sizeof(msr_report->u.action.u.measurement)); 426 msr_report->u.action.category = WLAN_CATEGORY_SPECTRUM_MGMT; 427 msr_report->u.action.u.measurement.action_code = 428 WLAN_ACTION_SPCT_MSR_RPRT; 429 msr_report->u.action.u.measurement.dialog_token = dialog_token; 430 431 msr_report->u.action.u.measurement.element_id = WLAN_EID_MEASURE_REPORT; 432 msr_report->u.action.u.measurement.length = 433 sizeof(struct ieee80211_msrment_ie); 434 435 memset(&msr_report->u.action.u.measurement.msr_elem, 0, 436 sizeof(struct ieee80211_msrment_ie)); 437 msr_report->u.action.u.measurement.msr_elem.token = request_ie->token; 438 msr_report->u.action.u.measurement.msr_elem.mode |= 439 IEEE80211_SPCT_MSR_RPRT_MODE_REFUSED; 440 msr_report->u.action.u.measurement.msr_elem.type = request_ie->type; 441 442 ieee80211_tx_skb(sdata, skb); 443 } 444 445 void ieee80211_process_measurement_req(struct ieee80211_sub_if_data *sdata, 446 struct ieee80211_mgmt *mgmt, 447 size_t len) 448 { 449 /* 450 * Ignoring measurement request is spec violation. 451 * Mandatory measurements must be reported optional 452 * measurements might be refused or reported incapable 453 * For now just refuse 454 * TODO: Answer basic measurement as unmeasured 455 */ 456 ieee80211_send_refuse_measurement_request(sdata, 457 &mgmt->u.action.u.measurement.msr_elem, 458 mgmt->sa, mgmt->bssid, 459 mgmt->u.action.u.measurement.dialog_token); 460 } 461