1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * spectrum management 4 * 5 * Copyright 2003, Jouni Malinen <jkmaline@cc.hut.fi> 6 * Copyright 2002-2005, Instant802 Networks, Inc. 7 * Copyright 2005-2006, Devicescape Software, Inc. 8 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz> 9 * Copyright 2007, Michael Wu <flamingice@sourmilk.net> 10 * Copyright 2007-2008, Intel Corporation 11 * Copyright 2008, Johannes Berg <johannes@sipsolutions.net> 12 * Copyright (C) 2018, 2020, 2022-2024 Intel Corporation 13 */ 14 15 #include <linux/ieee80211.h> 16 #include <net/cfg80211.h> 17 #include <net/mac80211.h> 18 #include "ieee80211_i.h" 19 #include "sta_info.h" 20 #include "wme.h" 21 22 static bool 23 wbcs_elem_to_chandef(const struct ieee80211_wide_bw_chansw_ie *wbcs_elem, 24 struct cfg80211_chan_def *chandef) 25 { 26 u8 ccfs0 = wbcs_elem->new_center_freq_seg0; 27 u8 ccfs1 = wbcs_elem->new_center_freq_seg1; 28 u32 cf0 = ieee80211_channel_to_frequency(ccfs0, chandef->chan->band); 29 u32 cf1 = ieee80211_channel_to_frequency(ccfs1, chandef->chan->band); 30 31 switch (wbcs_elem->new_channel_width) { 32 case IEEE80211_VHT_CHANWIDTH_160MHZ: 33 /* deprecated encoding */ 34 chandef->width = NL80211_CHAN_WIDTH_160; 35 chandef->center_freq1 = cf0; 36 break; 37 case IEEE80211_VHT_CHANWIDTH_80P80MHZ: 38 /* deprecated encoding */ 39 chandef->width = NL80211_CHAN_WIDTH_80P80; 40 chandef->center_freq1 = cf0; 41 chandef->center_freq2 = cf1; 42 break; 43 case IEEE80211_VHT_CHANWIDTH_80MHZ: 44 chandef->width = NL80211_CHAN_WIDTH_80; 45 chandef->center_freq1 = cf0; 46 47 if (ccfs1) { 48 u8 diff = abs(ccfs0 - ccfs1); 49 50 if (diff == 8) { 51 chandef->width = NL80211_CHAN_WIDTH_160; 52 chandef->center_freq1 = cf1; 53 } else if (diff > 8) { 54 chandef->width = NL80211_CHAN_WIDTH_80P80; 55 chandef->center_freq2 = cf1; 56 } 57 } 58 break; 59 case IEEE80211_VHT_CHANWIDTH_USE_HT: 60 default: 61 /* If the WBCS Element is present, new channel bandwidth is 62 * at least 40 MHz. 63 */ 64 chandef->width = NL80211_CHAN_WIDTH_40; 65 chandef->center_freq1 = cf0; 66 break; 67 } 68 69 return cfg80211_chandef_valid(chandef); 70 } 71 72 static void 73 validate_chandef_by_ht_vht_oper(struct ieee80211_sub_if_data *sdata, 74 struct ieee80211_conn_settings *conn, 75 u32 vht_cap_info, 76 struct cfg80211_chan_def *chandef) 77 { 78 u32 control_freq, center_freq1, center_freq2; 79 enum nl80211_chan_width chan_width; 80 struct ieee80211_ht_operation ht_oper; 81 struct ieee80211_vht_operation vht_oper; 82 83 if (conn->mode < IEEE80211_CONN_MODE_HT || 84 conn->bw_limit < IEEE80211_CONN_BW_LIMIT_40) { 85 chandef->chan = NULL; 86 return; 87 } 88 89 control_freq = chandef->chan->center_freq; 90 center_freq1 = chandef->center_freq1; 91 center_freq2 = chandef->center_freq2; 92 chan_width = chandef->width; 93 94 ht_oper.primary_chan = ieee80211_frequency_to_channel(control_freq); 95 if (control_freq != center_freq1) 96 ht_oper.ht_param = control_freq > center_freq1 ? 97 IEEE80211_HT_PARAM_CHA_SEC_BELOW : 98 IEEE80211_HT_PARAM_CHA_SEC_ABOVE; 99 else 100 ht_oper.ht_param = IEEE80211_HT_PARAM_CHA_SEC_NONE; 101 102 ieee80211_chandef_ht_oper(&ht_oper, chandef); 103 104 if (conn->mode < IEEE80211_CONN_MODE_VHT) 105 return; 106 107 vht_oper.center_freq_seg0_idx = 108 ieee80211_frequency_to_channel(center_freq1); 109 vht_oper.center_freq_seg1_idx = center_freq2 ? 110 ieee80211_frequency_to_channel(center_freq2) : 0; 111 112 switch (chan_width) { 113 case NL80211_CHAN_WIDTH_320: 114 WARN_ON(1); 115 break; 116 case NL80211_CHAN_WIDTH_160: 117 vht_oper.chan_width = IEEE80211_VHT_CHANWIDTH_80MHZ; 118 vht_oper.center_freq_seg1_idx = vht_oper.center_freq_seg0_idx; 119 vht_oper.center_freq_seg0_idx += 120 control_freq < center_freq1 ? -8 : 8; 121 break; 122 case NL80211_CHAN_WIDTH_80P80: 123 vht_oper.chan_width = IEEE80211_VHT_CHANWIDTH_80MHZ; 124 break; 125 case NL80211_CHAN_WIDTH_80: 126 vht_oper.chan_width = IEEE80211_VHT_CHANWIDTH_80MHZ; 127 break; 128 default: 129 vht_oper.chan_width = IEEE80211_VHT_CHANWIDTH_USE_HT; 130 break; 131 } 132 133 ht_oper.operation_mode = 134 le16_encode_bits(vht_oper.center_freq_seg1_idx, 135 IEEE80211_HT_OP_MODE_CCFS2_MASK); 136 137 if (!ieee80211_chandef_vht_oper(&sdata->local->hw, vht_cap_info, 138 &vht_oper, &ht_oper, chandef)) 139 chandef->chan = NULL; 140 } 141 142 static void 143 validate_chandef_by_6ghz_he_eht_oper(struct ieee80211_sub_if_data *sdata, 144 struct ieee80211_conn_settings *conn, 145 struct cfg80211_chan_def *chandef) 146 { 147 struct ieee80211_local *local = sdata->local; 148 u32 control_freq, center_freq1, center_freq2; 149 enum nl80211_chan_width chan_width; 150 DEFINE_RAW_FLEX(struct ieee80211_he_operation, he, optional, 151 sizeof(struct ieee80211_he_6ghz_oper)); 152 struct ieee80211_he_6ghz_oper *_6ghz_oper = 153 (struct ieee80211_he_6ghz_oper *)he->optional; 154 DEFINE_RAW_FLEX(struct ieee80211_eht_operation, eht, optional, 155 sizeof(struct ieee80211_eht_operation_info)); 156 struct ieee80211_eht_operation_info *_oper_info = 157 (struct ieee80211_eht_operation_info *)eht->optional; 158 const struct ieee80211_eht_operation *eht_oper; 159 160 if (conn->mode < IEEE80211_CONN_MODE_HE) { 161 chandef->chan = NULL; 162 return; 163 } 164 165 control_freq = chandef->chan->center_freq; 166 center_freq1 = chandef->center_freq1; 167 center_freq2 = chandef->center_freq2; 168 chan_width = chandef->width; 169 170 he->he_oper_params = 171 le32_encode_bits(1, IEEE80211_HE_OPERATION_6GHZ_OP_INFO); 172 _6ghz_oper->primary = 173 ieee80211_frequency_to_channel(control_freq); 174 _6ghz_oper->ccfs0 = ieee80211_frequency_to_channel(center_freq1); 175 _6ghz_oper->ccfs1 = center_freq2 ? 176 ieee80211_frequency_to_channel(center_freq2) : 0; 177 178 switch (chan_width) { 179 case NL80211_CHAN_WIDTH_320: 180 _6ghz_oper->ccfs1 = _6ghz_oper->ccfs0; 181 _6ghz_oper->ccfs0 += control_freq < center_freq1 ? -16 : 16; 182 _6ghz_oper->control = IEEE80211_EHT_OPER_CHAN_WIDTH_320MHZ; 183 break; 184 case NL80211_CHAN_WIDTH_160: 185 _6ghz_oper->ccfs1 = _6ghz_oper->ccfs0; 186 _6ghz_oper->ccfs0 += control_freq < center_freq1 ? -8 : 8; 187 fallthrough; 188 case NL80211_CHAN_WIDTH_80P80: 189 _6ghz_oper->control = 190 IEEE80211_HE_6GHZ_OPER_CTRL_CHANWIDTH_160MHZ; 191 break; 192 case NL80211_CHAN_WIDTH_80: 193 _6ghz_oper->control = 194 IEEE80211_HE_6GHZ_OPER_CTRL_CHANWIDTH_80MHZ; 195 break; 196 case NL80211_CHAN_WIDTH_40: 197 _6ghz_oper->control = 198 IEEE80211_HE_6GHZ_OPER_CTRL_CHANWIDTH_40MHZ; 199 break; 200 default: 201 _6ghz_oper->control = 202 IEEE80211_HE_6GHZ_OPER_CTRL_CHANWIDTH_20MHZ; 203 break; 204 } 205 206 if (conn->mode < IEEE80211_CONN_MODE_EHT) { 207 eht_oper = NULL; 208 } else { 209 eht->params = IEEE80211_EHT_OPER_INFO_PRESENT; 210 _oper_info->control = _6ghz_oper->control; 211 _oper_info->ccfs0 = _6ghz_oper->ccfs0; 212 _oper_info->ccfs1 = _6ghz_oper->ccfs1; 213 eht_oper = eht; 214 } 215 216 if (!ieee80211_chandef_he_6ghz_oper(local, he, eht_oper, chandef)) 217 chandef->chan = NULL; 218 } 219 220 int ieee80211_parse_ch_switch_ie(struct ieee80211_sub_if_data *sdata, 221 struct ieee802_11_elems *elems, 222 enum nl80211_band current_band, 223 u32 vht_cap_info, 224 struct ieee80211_conn_settings *conn, 225 u8 *bssid, bool unprot_action, 226 struct ieee80211_csa_ie *csa_ie) 227 { 228 enum nl80211_band new_band = current_band; 229 int new_freq; 230 u8 new_chan_no = 0, new_op_class = 0; 231 struct ieee80211_channel *new_chan; 232 struct cfg80211_chan_def new_chandef = {}; 233 const struct ieee80211_sec_chan_offs_ie *sec_chan_offs; 234 const struct ieee80211_wide_bw_chansw_ie *wide_bw_chansw_ie; 235 const struct ieee80211_bandwidth_indication *bwi; 236 const struct ieee80211_ext_chansw_ie *ext_chansw_elem; 237 int secondary_channel_offset = -1; 238 239 memset(csa_ie, 0, sizeof(*csa_ie)); 240 241 sec_chan_offs = elems->sec_chan_offs; 242 wide_bw_chansw_ie = elems->wide_bw_chansw_ie; 243 bwi = elems->bandwidth_indication; 244 ext_chansw_elem = elems->ext_chansw_ie; 245 246 if (conn->mode < IEEE80211_CONN_MODE_HT || 247 conn->bw_limit < IEEE80211_CONN_BW_LIMIT_40) { 248 sec_chan_offs = NULL; 249 wide_bw_chansw_ie = NULL; 250 } 251 252 if (conn->mode < IEEE80211_CONN_MODE_VHT) 253 wide_bw_chansw_ie = NULL; 254 255 if (ext_chansw_elem) { 256 new_op_class = ext_chansw_elem->new_operating_class; 257 258 if (!ieee80211_operating_class_to_band(new_op_class, &new_band)) { 259 new_op_class = 0; 260 if (!unprot_action) 261 sdata_info(sdata, 262 "cannot understand ECSA IE operating class, %d, ignoring\n", 263 ext_chansw_elem->new_operating_class); 264 } else { 265 new_chan_no = ext_chansw_elem->new_ch_num; 266 csa_ie->count = ext_chansw_elem->count; 267 csa_ie->mode = ext_chansw_elem->mode; 268 } 269 } 270 271 if (!new_op_class && elems->ch_switch_ie) { 272 new_chan_no = elems->ch_switch_ie->new_ch_num; 273 csa_ie->count = elems->ch_switch_ie->count; 274 csa_ie->mode = elems->ch_switch_ie->mode; 275 } 276 277 /* nothing here we understand */ 278 if (!new_chan_no) 279 return 1; 280 281 /* Mesh Channel Switch Parameters Element */ 282 if (elems->mesh_chansw_params_ie) { 283 csa_ie->ttl = elems->mesh_chansw_params_ie->mesh_ttl; 284 csa_ie->mode = elems->mesh_chansw_params_ie->mesh_flags; 285 csa_ie->pre_value = le16_to_cpu( 286 elems->mesh_chansw_params_ie->mesh_pre_value); 287 288 if (elems->mesh_chansw_params_ie->mesh_flags & 289 WLAN_EID_CHAN_SWITCH_PARAM_REASON) 290 csa_ie->reason_code = le16_to_cpu( 291 elems->mesh_chansw_params_ie->mesh_reason); 292 } 293 294 new_freq = ieee80211_channel_to_frequency(new_chan_no, new_band); 295 new_chan = ieee80211_get_channel(sdata->local->hw.wiphy, new_freq); 296 if (!new_chan || new_chan->flags & IEEE80211_CHAN_DISABLED) { 297 if (!unprot_action) 298 sdata_info(sdata, 299 "BSS %pM switches to unsupported channel (%d MHz), disconnecting\n", 300 bssid, new_freq); 301 return -EINVAL; 302 } 303 304 if (sec_chan_offs) { 305 secondary_channel_offset = sec_chan_offs->sec_chan_offs; 306 } else if (conn->mode >= IEEE80211_CONN_MODE_HT) { 307 /* If the secondary channel offset IE is not present, 308 * we can't know what's the post-CSA offset, so the 309 * best we can do is use 20MHz. 310 */ 311 secondary_channel_offset = IEEE80211_HT_PARAM_CHA_SEC_NONE; 312 } 313 314 switch (secondary_channel_offset) { 315 default: 316 /* secondary_channel_offset was present but is invalid */ 317 case IEEE80211_HT_PARAM_CHA_SEC_NONE: 318 cfg80211_chandef_create(&csa_ie->chanreq.oper, new_chan, 319 NL80211_CHAN_HT20); 320 break; 321 case IEEE80211_HT_PARAM_CHA_SEC_ABOVE: 322 cfg80211_chandef_create(&csa_ie->chanreq.oper, new_chan, 323 NL80211_CHAN_HT40PLUS); 324 break; 325 case IEEE80211_HT_PARAM_CHA_SEC_BELOW: 326 cfg80211_chandef_create(&csa_ie->chanreq.oper, new_chan, 327 NL80211_CHAN_HT40MINUS); 328 break; 329 case -1: 330 cfg80211_chandef_create(&csa_ie->chanreq.oper, new_chan, 331 NL80211_CHAN_NO_HT); 332 /* keep width for 5/10 MHz channels */ 333 switch (sdata->vif.bss_conf.chanreq.oper.width) { 334 case NL80211_CHAN_WIDTH_5: 335 case NL80211_CHAN_WIDTH_10: 336 csa_ie->chanreq.oper.width = 337 sdata->vif.bss_conf.chanreq.oper.width; 338 break; 339 default: 340 break; 341 } 342 break; 343 } 344 345 /* capture the AP configuration */ 346 csa_ie->chanreq.ap = csa_ie->chanreq.oper; 347 348 /* parse one of the Elements to build a new chandef */ 349 memset(&new_chandef, 0, sizeof(new_chandef)); 350 new_chandef.chan = new_chan; 351 if (bwi) { 352 /* start with the CSA one */ 353 new_chandef = csa_ie->chanreq.oper; 354 /* and update the width accordingly */ 355 ieee80211_chandef_eht_oper(&bwi->info, &new_chandef); 356 357 if (bwi->params & IEEE80211_BW_IND_DIS_SUBCH_PRESENT) 358 new_chandef.punctured = 359 get_unaligned_le16(bwi->info.optional); 360 } else if (!wide_bw_chansw_ie || !wbcs_elem_to_chandef(wide_bw_chansw_ie, 361 &new_chandef)) { 362 if (!ieee80211_operating_class_to_chandef(new_op_class, new_chan, 363 &new_chandef)) 364 new_chandef = csa_ie->chanreq.oper; 365 } 366 367 /* check if the new chandef fits the capabilities */ 368 if (new_band == NL80211_BAND_6GHZ) 369 validate_chandef_by_6ghz_he_eht_oper(sdata, conn, &new_chandef); 370 else 371 validate_chandef_by_ht_vht_oper(sdata, conn, vht_cap_info, 372 &new_chandef); 373 374 /* if data is there validate the bandwidth & use it */ 375 if (new_chandef.chan) { 376 /* capture the AP chandef before (potential) downgrading */ 377 csa_ie->chanreq.ap = new_chandef; 378 379 while (conn->bw_limit < 380 ieee80211_min_bw_limit_from_chandef(&new_chandef)) 381 ieee80211_chandef_downgrade(&new_chandef, NULL); 382 383 if (!cfg80211_chandef_compatible(&new_chandef, 384 &csa_ie->chanreq.oper)) { 385 sdata_info(sdata, 386 "BSS %pM: CSA has inconsistent channel data, disconnecting\n", 387 bssid); 388 return -EINVAL; 389 } 390 391 csa_ie->chanreq.oper = new_chandef; 392 } 393 394 if (elems->max_channel_switch_time) 395 csa_ie->max_switch_time = 396 (elems->max_channel_switch_time[0] << 0) | 397 (elems->max_channel_switch_time[1] << 8) | 398 (elems->max_channel_switch_time[2] << 16); 399 400 return 0; 401 } 402 403 static void ieee80211_send_refuse_measurement_request(struct ieee80211_sub_if_data *sdata, 404 struct ieee80211_msrment_ie *request_ie, 405 const u8 *da, const u8 *bssid, 406 u8 dialog_token) 407 { 408 struct ieee80211_local *local = sdata->local; 409 struct sk_buff *skb; 410 struct ieee80211_mgmt *msr_report; 411 412 skb = dev_alloc_skb(sizeof(*msr_report) + local->hw.extra_tx_headroom + 413 sizeof(struct ieee80211_msrment_ie)); 414 if (!skb) 415 return; 416 417 skb_reserve(skb, local->hw.extra_tx_headroom); 418 msr_report = skb_put_zero(skb, 24); 419 memcpy(msr_report->da, da, ETH_ALEN); 420 memcpy(msr_report->sa, sdata->vif.addr, ETH_ALEN); 421 memcpy(msr_report->bssid, bssid, ETH_ALEN); 422 msr_report->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | 423 IEEE80211_STYPE_ACTION); 424 425 skb_put(skb, 1 + sizeof(msr_report->u.action.u.measurement)); 426 msr_report->u.action.category = WLAN_CATEGORY_SPECTRUM_MGMT; 427 msr_report->u.action.u.measurement.action_code = 428 WLAN_ACTION_SPCT_MSR_RPRT; 429 msr_report->u.action.u.measurement.dialog_token = dialog_token; 430 431 msr_report->u.action.u.measurement.element_id = WLAN_EID_MEASURE_REPORT; 432 msr_report->u.action.u.measurement.length = 433 sizeof(struct ieee80211_msrment_ie); 434 435 memset(&msr_report->u.action.u.measurement.msr_elem, 0, 436 sizeof(struct ieee80211_msrment_ie)); 437 msr_report->u.action.u.measurement.msr_elem.token = request_ie->token; 438 msr_report->u.action.u.measurement.msr_elem.mode |= 439 IEEE80211_SPCT_MSR_RPRT_MODE_REFUSED; 440 msr_report->u.action.u.measurement.msr_elem.type = request_ie->type; 441 442 ieee80211_tx_skb(sdata, skb); 443 } 444 445 void ieee80211_process_measurement_req(struct ieee80211_sub_if_data *sdata, 446 struct ieee80211_mgmt *mgmt, 447 size_t len) 448 { 449 /* 450 * Ignoring measurement request is spec violation. 451 * Mandatory measurements must be reported optional 452 * measurements might be refused or reported incapable 453 * For now just refuse 454 * TODO: Answer basic measurement as unmeasured 455 */ 456 ieee80211_send_refuse_measurement_request(sdata, 457 &mgmt->u.action.u.measurement.msr_elem, 458 mgmt->sa, mgmt->bssid, 459 mgmt->u.action.u.measurement.dialog_token); 460 } 461