1
2
3
4
5
6
7
8
9
10
11
12
13
14
15#include <linux/delay.h>
16#include <linux/slab.h>
17#include <linux/if_ether.h>
18#include <linux/skbuff.h>
19#include <linux/if_arp.h>
20#include <linux/etherdevice.h>
21#include <linux/rtnetlink.h>
22#include <net/mac80211.h>
23
24#include "ieee80211_i.h"
25#include "driver-ops.h"
26#include "rate.h"
27
28#define IEEE80211_SCAN_INTERVAL (2 * HZ)
29#define IEEE80211_IBSS_JOIN_TIMEOUT (7 * HZ)
30
31#define IEEE80211_IBSS_MERGE_INTERVAL (30 * HZ)
32#define IEEE80211_IBSS_INACTIVITY_LIMIT (60 * HZ)
33
34#define IEEE80211_IBSS_MAX_STA_ENTRIES 128
35
36
37static void __ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata,
38 const u8 *bssid, const int beacon_int,
39 struct ieee80211_channel *chan,
40 const u32 basic_rates,
41 const u16 capability, u64 tsf,
42 bool creator)
43{
44 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
45 struct ieee80211_local *local = sdata->local;
46 int rates, i;
47 struct ieee80211_mgmt *mgmt;
48 u8 *pos;
49 struct ieee80211_supported_band *sband;
50 struct cfg80211_bss *bss;
51 u32 bss_change;
52 u8 supp_rates[IEEE80211_MAX_SUPP_RATES];
53 struct cfg80211_chan_def chandef;
54 struct beacon_data *presp;
55 int frame_len;
56
57 lockdep_assert_held(&ifibss->mtx);
58
59
60 drv_reset_tsf(local, sdata);
61
62 if (!ether_addr_equal(ifibss->bssid, bssid))
63 sta_info_flush(sdata);
64
65
66 if (sdata->vif.bss_conf.ibss_joined) {
67 sdata->vif.bss_conf.ibss_joined = false;
68 sdata->vif.bss_conf.ibss_creator = false;
69 sdata->vif.bss_conf.enable_beacon = false;
70 netif_carrier_off(sdata->dev);
71 ieee80211_bss_info_change_notify(sdata,
72 BSS_CHANGED_IBSS |
73 BSS_CHANGED_BEACON_ENABLED);
74 }
75
76 presp = rcu_dereference_protected(ifibss->presp,
77 lockdep_is_held(&ifibss->mtx));
78 rcu_assign_pointer(ifibss->presp, NULL);
79 if (presp)
80 kfree_rcu(presp, rcu_head);
81
82 sdata->drop_unencrypted = capability & WLAN_CAPABILITY_PRIVACY ? 1 : 0;
83
84 cfg80211_chandef_create(&chandef, chan, ifibss->channel_type);
85 if (!cfg80211_reg_can_beacon(local->hw.wiphy, &chandef)) {
86 chandef.width = NL80211_CHAN_WIDTH_20;
87 chandef.center_freq1 = chan->center_freq;
88 }
89
90 ieee80211_vif_release_channel(sdata);
91 if (ieee80211_vif_use_channel(sdata, &chandef,
92 ifibss->fixed_channel ?
93 IEEE80211_CHANCTX_SHARED :
94 IEEE80211_CHANCTX_EXCLUSIVE)) {
95 sdata_info(sdata, "Failed to join IBSS, no channel context\n");
96 return;
97 }
98
99 memcpy(ifibss->bssid, bssid, ETH_ALEN);
100
101 sband = local->hw.wiphy->bands[chan->band];
102
103
104 frame_len = sizeof(struct ieee80211_hdr_3addr) +
105 12 +
106 2 + IEEE80211_MAX_SSID_LEN +
107 2 + 8 +
108 3 +
109 4 +
110 2 + (IEEE80211_MAX_SUPP_RATES - 8) +
111 2 + sizeof(struct ieee80211_ht_cap) +
112 2 + sizeof(struct ieee80211_ht_operation) +
113 ifibss->ie_len;
114 presp = kzalloc(sizeof(*presp) + frame_len, GFP_KERNEL);
115 if (!presp)
116 return;
117
118 presp->head = (void *)(presp + 1);
119
120 mgmt = (void *) presp->head;
121 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
122 IEEE80211_STYPE_PROBE_RESP);
123 eth_broadcast_addr(mgmt->da);
124 memcpy(mgmt->sa, sdata->vif.addr, ETH_ALEN);
125 memcpy(mgmt->bssid, ifibss->bssid, ETH_ALEN);
126 mgmt->u.beacon.beacon_int = cpu_to_le16(beacon_int);
127 mgmt->u.beacon.timestamp = cpu_to_le64(tsf);
128 mgmt->u.beacon.capab_info = cpu_to_le16(capability);
129
130 pos = (u8 *)mgmt + offsetof(struct ieee80211_mgmt, u.beacon.variable);
131
132 *pos++ = WLAN_EID_SSID;
133 *pos++ = ifibss->ssid_len;
134 memcpy(pos, ifibss->ssid, ifibss->ssid_len);
135 pos += ifibss->ssid_len;
136
137 rates = min_t(int, 8, sband->n_bitrates);
138 *pos++ = WLAN_EID_SUPP_RATES;
139 *pos++ = rates;
140 for (i = 0; i < rates; i++) {
141 int rate = sband->bitrates[i].bitrate;
142 u8 basic = 0;
143 if (basic_rates & BIT(i))
144 basic = 0x80;
145 *pos++ = basic | (u8) (rate / 5);
146 }
147
148 if (sband->band == IEEE80211_BAND_2GHZ) {
149 *pos++ = WLAN_EID_DS_PARAMS;
150 *pos++ = 1;
151 *pos++ = ieee80211_frequency_to_channel(chan->center_freq);
152 }
153
154 *pos++ = WLAN_EID_IBSS_PARAMS;
155 *pos++ = 2;
156
157 *pos++ = 0;
158 *pos++ = 0;
159
160 if (sband->n_bitrates > 8) {
161 *pos++ = WLAN_EID_EXT_SUPP_RATES;
162 *pos++ = sband->n_bitrates - 8;
163 for (i = 8; i < sband->n_bitrates; i++) {
164 int rate = sband->bitrates[i].bitrate;
165 u8 basic = 0;
166 if (basic_rates & BIT(i))
167 basic = 0x80;
168 *pos++ = basic | (u8) (rate / 5);
169 }
170 }
171
172 if (ifibss->ie_len) {
173 memcpy(pos, ifibss->ie, ifibss->ie_len);
174 pos += ifibss->ie_len;
175 }
176
177
178 if (chandef.width != NL80211_CHAN_WIDTH_20_NOHT &&
179 sband->ht_cap.ht_supported) {
180 pos = ieee80211_ie_build_ht_cap(pos, &sband->ht_cap,
181 sband->ht_cap.cap);
182
183
184
185
186
187 pos = ieee80211_ie_build_ht_oper(pos, &sband->ht_cap,
188 &chandef, 0);
189 }
190
191 if (local->hw.queues >= IEEE80211_NUM_ACS) {
192 *pos++ = WLAN_EID_VENDOR_SPECIFIC;
193 *pos++ = 7;
194 *pos++ = 0x00;
195 *pos++ = 0x50;
196 *pos++ = 0xf2;
197 *pos++ = 2;
198 *pos++ = 0;
199 *pos++ = 1;
200 *pos++ = 0;
201 }
202
203 presp->head_len = pos - presp->head;
204 if (WARN_ON(presp->head_len > frame_len))
205 return;
206
207 rcu_assign_pointer(ifibss->presp, presp);
208
209 sdata->vif.bss_conf.enable_beacon = true;
210 sdata->vif.bss_conf.beacon_int = beacon_int;
211 sdata->vif.bss_conf.basic_rates = basic_rates;
212 sdata->vif.bss_conf.ssid_len = ifibss->ssid_len;
213 memcpy(sdata->vif.bss_conf.ssid, ifibss->ssid, ifibss->ssid_len);
214 bss_change = BSS_CHANGED_BEACON_INT;
215 bss_change |= ieee80211_reset_erp_info(sdata);
216 bss_change |= BSS_CHANGED_BSSID;
217 bss_change |= BSS_CHANGED_BEACON;
218 bss_change |= BSS_CHANGED_BEACON_ENABLED;
219 bss_change |= BSS_CHANGED_BASIC_RATES;
220 bss_change |= BSS_CHANGED_HT;
221 bss_change |= BSS_CHANGED_IBSS;
222 bss_change |= BSS_CHANGED_SSID;
223
224
225
226
227
228
229
230
231
232
233
234 sdata->vif.bss_conf.use_short_slot = chan->band == IEEE80211_BAND_5GHZ;
235 bss_change |= BSS_CHANGED_ERP_SLOT;
236
237 sdata->vif.bss_conf.ibss_joined = true;
238 sdata->vif.bss_conf.ibss_creator = creator;
239 ieee80211_bss_info_change_notify(sdata, bss_change);
240
241 ieee80211_sta_def_wmm_params(sdata, sband->n_bitrates, supp_rates);
242
243 ifibss->state = IEEE80211_IBSS_MLME_JOINED;
244 mod_timer(&ifibss->timer,
245 round_jiffies(jiffies + IEEE80211_IBSS_MERGE_INTERVAL));
246
247 bss = cfg80211_inform_bss_frame(local->hw.wiphy, chan,
248 mgmt, presp->head_len, 0, GFP_KERNEL);
249 cfg80211_put_bss(local->hw.wiphy, bss);
250 netif_carrier_on(sdata->dev);
251 cfg80211_ibss_joined(sdata->dev, ifibss->bssid, GFP_KERNEL);
252}
253
254static void ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata,
255 struct ieee80211_bss *bss)
256{
257 struct cfg80211_bss *cbss =
258 container_of((void *)bss, struct cfg80211_bss, priv);
259 struct ieee80211_supported_band *sband;
260 u32 basic_rates;
261 int i, j;
262 u16 beacon_int = cbss->beacon_interval;
263 const struct cfg80211_bss_ies *ies;
264 u64 tsf;
265
266 lockdep_assert_held(&sdata->u.ibss.mtx);
267
268 if (beacon_int < 10)
269 beacon_int = 10;
270
271 sband = sdata->local->hw.wiphy->bands[cbss->channel->band];
272
273 basic_rates = 0;
274
275 for (i = 0; i < bss->supp_rates_len; i++) {
276 int rate = (bss->supp_rates[i] & 0x7f) * 5;
277 bool is_basic = !!(bss->supp_rates[i] & 0x80);
278
279 for (j = 0; j < sband->n_bitrates; j++) {
280 if (sband->bitrates[j].bitrate == rate) {
281 if (is_basic)
282 basic_rates |= BIT(j);
283 break;
284 }
285 }
286 }
287
288 rcu_read_lock();
289 ies = rcu_dereference(cbss->ies);
290 tsf = ies->tsf;
291 rcu_read_unlock();
292
293 __ieee80211_sta_join_ibss(sdata, cbss->bssid,
294 beacon_int,
295 cbss->channel,
296 basic_rates,
297 cbss->capability,
298 tsf, false);
299}
300
301static struct sta_info *ieee80211_ibss_finish_sta(struct sta_info *sta,
302 bool auth)
303 __acquires(RCU)
304{
305 struct ieee80211_sub_if_data *sdata = sta->sdata;
306 u8 addr[ETH_ALEN];
307
308 memcpy(addr, sta->sta.addr, ETH_ALEN);
309
310 ibss_dbg(sdata, "Adding new IBSS station %pM\n", addr);
311
312 sta_info_pre_move_state(sta, IEEE80211_STA_AUTH);
313 sta_info_pre_move_state(sta, IEEE80211_STA_ASSOC);
314
315
316 if (!sta->sdata->u.ibss.control_port)
317 sta_info_pre_move_state(sta, IEEE80211_STA_AUTHORIZED);
318
319 rate_control_rate_init(sta);
320
321
322 if (sta_info_insert_rcu(sta))
323 return sta_info_get(sdata, addr);
324 if (auth && !sdata->u.ibss.auth_frame_registrations) {
325 ibss_dbg(sdata,
326 "TX Auth SA=%pM DA=%pM BSSID=%pM (auth_transaction=1)\n",
327 sdata->vif.addr, addr, sdata->u.ibss.bssid);
328 ieee80211_send_auth(sdata, 1, WLAN_AUTH_OPEN, 0, NULL, 0,
329 addr, sdata->u.ibss.bssid, NULL, 0, 0, 0);
330 }
331 return sta;
332}
333
334static struct sta_info *
335ieee80211_ibss_add_sta(struct ieee80211_sub_if_data *sdata,
336 const u8 *bssid, const u8 *addr,
337 u32 supp_rates, bool auth)
338 __acquires(RCU)
339{
340 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
341 struct ieee80211_local *local = sdata->local;
342 struct sta_info *sta;
343 struct ieee80211_chanctx_conf *chanctx_conf;
344 int band;
345
346
347
348
349
350 if (local->num_sta >= IEEE80211_IBSS_MAX_STA_ENTRIES) {
351 net_info_ratelimited("%s: No room for a new IBSS STA entry %pM\n",
352 sdata->name, addr);
353 rcu_read_lock();
354 return NULL;
355 }
356
357 if (ifibss->state == IEEE80211_IBSS_MLME_SEARCH) {
358 rcu_read_lock();
359 return NULL;
360 }
361
362 if (!ether_addr_equal(bssid, sdata->u.ibss.bssid)) {
363 rcu_read_lock();
364 return NULL;
365 }
366
367 rcu_read_lock();
368 chanctx_conf = rcu_dereference(sdata->vif.chanctx_conf);
369 if (WARN_ON_ONCE(!chanctx_conf))
370 return NULL;
371 band = chanctx_conf->def.chan->band;
372 rcu_read_unlock();
373
374 sta = sta_info_alloc(sdata, addr, GFP_KERNEL);
375 if (!sta) {
376 rcu_read_lock();
377 return NULL;
378 }
379
380 sta->last_rx = jiffies;
381
382
383 sta->sta.supp_rates[band] = supp_rates |
384 ieee80211_mandatory_rates(local, band);
385
386 return ieee80211_ibss_finish_sta(sta, auth);
387}
388
389static void ieee80211_rx_mgmt_deauth_ibss(struct ieee80211_sub_if_data *sdata,
390 struct ieee80211_mgmt *mgmt,
391 size_t len)
392{
393 u16 reason = le16_to_cpu(mgmt->u.deauth.reason_code);
394
395 if (len < IEEE80211_DEAUTH_FRAME_LEN)
396 return;
397
398 ibss_dbg(sdata, "RX DeAuth SA=%pM DA=%pM BSSID=%pM (reason: %d)\n",
399 mgmt->sa, mgmt->da, mgmt->bssid, reason);
400 sta_info_destroy_addr(sdata, mgmt->sa);
401}
402
403static void ieee80211_rx_mgmt_auth_ibss(struct ieee80211_sub_if_data *sdata,
404 struct ieee80211_mgmt *mgmt,
405 size_t len)
406{
407 u16 auth_alg, auth_transaction;
408 struct sta_info *sta;
409 u8 deauth_frame_buf[IEEE80211_DEAUTH_FRAME_LEN];
410
411 lockdep_assert_held(&sdata->u.ibss.mtx);
412
413 if (len < 24 + 6)
414 return;
415
416 auth_alg = le16_to_cpu(mgmt->u.auth.auth_alg);
417 auth_transaction = le16_to_cpu(mgmt->u.auth.auth_transaction);
418
419 ibss_dbg(sdata,
420 "RX Auth SA=%pM DA=%pM BSSID=%pM (auth_transaction=%d)\n",
421 mgmt->sa, mgmt->da, mgmt->bssid, auth_transaction);
422
423 if (auth_alg != WLAN_AUTH_OPEN || auth_transaction != 1)
424 return;
425
426 sta_info_destroy_addr(sdata, mgmt->sa);
427 sta = ieee80211_ibss_add_sta(sdata, mgmt->bssid, mgmt->sa, 0, false);
428 rcu_read_unlock();
429
430
431
432
433
434 if (!sta) {
435 ieee80211_send_deauth_disassoc(sdata, sdata->u.ibss.bssid,
436 IEEE80211_STYPE_DEAUTH,
437 WLAN_REASON_UNSPECIFIED, true,
438 deauth_frame_buf);
439 return;
440 }
441
442
443
444
445
446
447
448 ieee80211_send_auth(sdata, 2, WLAN_AUTH_OPEN, 0, NULL, 0,
449 mgmt->sa, sdata->u.ibss.bssid, NULL, 0, 0, 0);
450}
451
452static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata,
453 struct ieee80211_mgmt *mgmt, size_t len,
454 struct ieee80211_rx_status *rx_status,
455 struct ieee802_11_elems *elems)
456{
457 struct ieee80211_local *local = sdata->local;
458 int freq;
459 struct cfg80211_bss *cbss;
460 struct ieee80211_bss *bss;
461 struct sta_info *sta;
462 struct ieee80211_channel *channel;
463 u64 beacon_timestamp, rx_timestamp;
464 u32 supp_rates = 0;
465 enum ieee80211_band band = rx_status->band;
466 struct ieee80211_supported_band *sband = local->hw.wiphy->bands[band];
467 bool rates_updated = false;
468
469 if (elems->ds_params)
470 freq = ieee80211_channel_to_frequency(elems->ds_params[0],
471 band);
472 else
473 freq = rx_status->freq;
474
475 channel = ieee80211_get_channel(local->hw.wiphy, freq);
476
477 if (!channel || channel->flags & IEEE80211_CHAN_DISABLED)
478 return;
479
480 if (sdata->vif.type == NL80211_IFTYPE_ADHOC &&
481 ether_addr_equal(mgmt->bssid, sdata->u.ibss.bssid)) {
482
483 rcu_read_lock();
484 sta = sta_info_get(sdata, mgmt->sa);
485
486 if (elems->supp_rates) {
487 supp_rates = ieee80211_sta_get_rates(local, elems,
488 band, NULL);
489 if (sta) {
490 u32 prev_rates;
491
492 prev_rates = sta->sta.supp_rates[band];
493
494 sta->sta.supp_rates[band] = supp_rates |
495 ieee80211_mandatory_rates(local, band);
496
497 if (sta->sta.supp_rates[band] != prev_rates) {
498 ibss_dbg(sdata,
499 "updated supp_rates set for %pM based on beacon/probe_resp (0x%x -> 0x%x)\n",
500 sta->sta.addr, prev_rates,
501 sta->sta.supp_rates[band]);
502 rates_updated = true;
503 }
504 } else {
505 rcu_read_unlock();
506 sta = ieee80211_ibss_add_sta(sdata, mgmt->bssid,
507 mgmt->sa, supp_rates, true);
508 }
509 }
510
511 if (sta && elems->wmm_info)
512 set_sta_flag(sta, WLAN_STA_WME);
513
514 if (sta && elems->ht_operation && elems->ht_cap_elem &&
515 sdata->u.ibss.channel_type != NL80211_CHAN_NO_HT) {
516
517 struct ieee80211_ht_cap htcap_ie;
518 struct cfg80211_chan_def chandef;
519
520 ieee80211_ht_oper_to_chandef(channel,
521 elems->ht_operation,
522 &chandef);
523
524 memcpy(&htcap_ie, elems->ht_cap_elem, sizeof(htcap_ie));
525
526
527
528
529
530 if (cfg80211_get_chandef_type(&chandef) !=
531 sdata->u.ibss.channel_type)
532 htcap_ie.cap_info &=
533 cpu_to_le16(~IEEE80211_HT_CAP_SUP_WIDTH_20_40);
534
535 rates_updated |= ieee80211_ht_cap_ie_to_sta_ht_cap(
536 sdata, sband, &htcap_ie, sta);
537 }
538
539 if (sta && rates_updated) {
540 drv_sta_rc_update(local, sdata, &sta->sta,
541 IEEE80211_RC_SUPP_RATES_CHANGED);
542 rate_control_rate_init(sta);
543 }
544
545 rcu_read_unlock();
546 }
547
548 bss = ieee80211_bss_info_update(local, rx_status, mgmt, len, elems,
549 channel);
550 if (!bss)
551 return;
552
553 cbss = container_of((void *)bss, struct cfg80211_bss, priv);
554
555
556 beacon_timestamp = le64_to_cpu(mgmt->u.beacon.timestamp);
557
558
559
560
561 if (sdata->u.ibss.fixed_bssid)
562 goto put_bss;
563
564
565 if (!(cbss->capability & WLAN_CAPABILITY_IBSS))
566 goto put_bss;
567
568
569 if (sdata->u.ibss.fixed_channel &&
570 sdata->u.ibss.channel != cbss->channel)
571 goto put_bss;
572
573
574 if (elems->ssid_len != sdata->u.ibss.ssid_len ||
575 memcmp(elems->ssid, sdata->u.ibss.ssid,
576 sdata->u.ibss.ssid_len))
577 goto put_bss;
578
579
580 if (ether_addr_equal(cbss->bssid, sdata->u.ibss.bssid))
581 goto put_bss;
582
583 if (ieee80211_have_rx_timestamp(rx_status)) {
584
585 rx_timestamp =
586 ieee80211_calculate_rx_timestamp(local, rx_status,
587 len + FCS_LEN, 24);
588 } else {
589
590
591
592
593 rx_timestamp = drv_get_tsf(local, sdata);
594 }
595
596 ibss_dbg(sdata,
597 "RX beacon SA=%pM BSSID=%pM TSF=0x%llx BCN=0x%llx diff=%lld @%lu\n",
598 mgmt->sa, mgmt->bssid,
599 (unsigned long long)rx_timestamp,
600 (unsigned long long)beacon_timestamp,
601 (unsigned long long)(rx_timestamp - beacon_timestamp),
602 jiffies);
603
604 if (beacon_timestamp > rx_timestamp) {
605 ibss_dbg(sdata,
606 "beacon TSF higher than local TSF - IBSS merge with BSSID %pM\n",
607 mgmt->bssid);
608 ieee80211_sta_join_ibss(sdata, bss);
609 supp_rates = ieee80211_sta_get_rates(local, elems, band, NULL);
610 ieee80211_ibss_add_sta(sdata, mgmt->bssid, mgmt->sa,
611 supp_rates, true);
612 rcu_read_unlock();
613 }
614
615 put_bss:
616 ieee80211_rx_bss_put(local, bss);
617}
618
619void ieee80211_ibss_rx_no_sta(struct ieee80211_sub_if_data *sdata,
620 const u8 *bssid, const u8 *addr,
621 u32 supp_rates)
622{
623 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
624 struct ieee80211_local *local = sdata->local;
625 struct sta_info *sta;
626 struct ieee80211_chanctx_conf *chanctx_conf;
627 int band;
628
629
630
631
632
633 if (local->num_sta >= IEEE80211_IBSS_MAX_STA_ENTRIES) {
634 net_info_ratelimited("%s: No room for a new IBSS STA entry %pM\n",
635 sdata->name, addr);
636 return;
637 }
638
639 if (ifibss->state == IEEE80211_IBSS_MLME_SEARCH)
640 return;
641
642 if (!ether_addr_equal(bssid, sdata->u.ibss.bssid))
643 return;
644
645 rcu_read_lock();
646 chanctx_conf = rcu_dereference(sdata->vif.chanctx_conf);
647 if (WARN_ON_ONCE(!chanctx_conf)) {
648 rcu_read_unlock();
649 return;
650 }
651 band = chanctx_conf->def.chan->band;
652 rcu_read_unlock();
653
654 sta = sta_info_alloc(sdata, addr, GFP_ATOMIC);
655 if (!sta)
656 return;
657
658 sta->last_rx = jiffies;
659
660
661 sta->sta.supp_rates[band] = supp_rates |
662 ieee80211_mandatory_rates(local, band);
663
664 spin_lock(&ifibss->incomplete_lock);
665 list_add(&sta->list, &ifibss->incomplete_stations);
666 spin_unlock(&ifibss->incomplete_lock);
667 ieee80211_queue_work(&local->hw, &sdata->work);
668}
669
670static int ieee80211_sta_active_ibss(struct ieee80211_sub_if_data *sdata)
671{
672 struct ieee80211_local *local = sdata->local;
673 int active = 0;
674 struct sta_info *sta;
675
676 lockdep_assert_held(&sdata->u.ibss.mtx);
677
678 rcu_read_lock();
679
680 list_for_each_entry_rcu(sta, &local->sta_list, list) {
681 if (sta->sdata == sdata &&
682 time_after(sta->last_rx + IEEE80211_IBSS_MERGE_INTERVAL,
683 jiffies)) {
684 active++;
685 break;
686 }
687 }
688
689 rcu_read_unlock();
690
691 return active;
692}
693
694
695
696
697
698static void ieee80211_sta_merge_ibss(struct ieee80211_sub_if_data *sdata)
699{
700 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
701
702 lockdep_assert_held(&ifibss->mtx);
703
704 mod_timer(&ifibss->timer,
705 round_jiffies(jiffies + IEEE80211_IBSS_MERGE_INTERVAL));
706
707 ieee80211_sta_expire(sdata, IEEE80211_IBSS_INACTIVITY_LIMIT);
708
709 if (time_before(jiffies, ifibss->last_scan_completed +
710 IEEE80211_IBSS_MERGE_INTERVAL))
711 return;
712
713 if (ieee80211_sta_active_ibss(sdata))
714 return;
715
716 if (ifibss->fixed_channel)
717 return;
718
719 sdata_info(sdata,
720 "No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)\n");
721
722 ieee80211_request_ibss_scan(sdata, ifibss->ssid, ifibss->ssid_len,
723 NULL);
724}
725
726static void ieee80211_sta_create_ibss(struct ieee80211_sub_if_data *sdata)
727{
728 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
729 u8 bssid[ETH_ALEN];
730 u16 capability;
731 int i;
732
733 lockdep_assert_held(&ifibss->mtx);
734
735 if (ifibss->fixed_bssid) {
736 memcpy(bssid, ifibss->bssid, ETH_ALEN);
737 } else {
738
739
740
741 get_random_bytes(bssid, ETH_ALEN);
742 for (i = 0; i < ETH_ALEN; i++)
743 bssid[i] ^= sdata->vif.addr[i];
744 bssid[0] &= ~0x01;
745 bssid[0] |= 0x02;
746 }
747
748 sdata_info(sdata, "Creating new IBSS network, BSSID %pM\n", bssid);
749
750 capability = WLAN_CAPABILITY_IBSS;
751
752 if (ifibss->privacy)
753 capability |= WLAN_CAPABILITY_PRIVACY;
754 else
755 sdata->drop_unencrypted = 0;
756
757 __ieee80211_sta_join_ibss(sdata, bssid, sdata->vif.bss_conf.beacon_int,
758 ifibss->channel, ifibss->basic_rates,
759 capability, 0, true);
760}
761
762
763
764
765
766static void ieee80211_sta_find_ibss(struct ieee80211_sub_if_data *sdata)
767{
768 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
769 struct ieee80211_local *local = sdata->local;
770 struct cfg80211_bss *cbss;
771 struct ieee80211_channel *chan = NULL;
772 const u8 *bssid = NULL;
773 int active_ibss;
774 u16 capability;
775
776 lockdep_assert_held(&ifibss->mtx);
777
778 active_ibss = ieee80211_sta_active_ibss(sdata);
779 ibss_dbg(sdata, "sta_find_ibss (active_ibss=%d)\n", active_ibss);
780
781 if (active_ibss)
782 return;
783
784 capability = WLAN_CAPABILITY_IBSS;
785 if (ifibss->privacy)
786 capability |= WLAN_CAPABILITY_PRIVACY;
787 if (ifibss->fixed_bssid)
788 bssid = ifibss->bssid;
789 if (ifibss->fixed_channel)
790 chan = ifibss->channel;
791 if (!is_zero_ether_addr(ifibss->bssid))
792 bssid = ifibss->bssid;
793 cbss = cfg80211_get_bss(local->hw.wiphy, chan, bssid,
794 ifibss->ssid, ifibss->ssid_len,
795 WLAN_CAPABILITY_IBSS | WLAN_CAPABILITY_PRIVACY,
796 capability);
797
798 if (cbss) {
799 struct ieee80211_bss *bss;
800
801 bss = (void *)cbss->priv;
802 ibss_dbg(sdata,
803 "sta_find_ibss: selected %pM current %pM\n",
804 cbss->bssid, ifibss->bssid);
805 sdata_info(sdata,
806 "Selected IBSS BSSID %pM based on configured SSID\n",
807 cbss->bssid);
808
809 ieee80211_sta_join_ibss(sdata, bss);
810 ieee80211_rx_bss_put(local, bss);
811 return;
812 }
813
814 ibss_dbg(sdata, "sta_find_ibss: did not try to join ibss\n");
815
816
817 if (time_after(jiffies, ifibss->last_scan_completed +
818 IEEE80211_SCAN_INTERVAL)) {
819 sdata_info(sdata, "Trigger new scan to find an IBSS to join\n");
820
821 ieee80211_request_ibss_scan(sdata, ifibss->ssid,
822 ifibss->ssid_len, chan);
823 } else {
824 int interval = IEEE80211_SCAN_INTERVAL;
825
826 if (time_after(jiffies, ifibss->ibss_join_req +
827 IEEE80211_IBSS_JOIN_TIMEOUT))
828 ieee80211_sta_create_ibss(sdata);
829
830 mod_timer(&ifibss->timer,
831 round_jiffies(jiffies + interval));
832 }
833}
834
835static void ieee80211_rx_mgmt_probe_req(struct ieee80211_sub_if_data *sdata,
836 struct sk_buff *req)
837{
838 struct ieee80211_mgmt *mgmt = (void *)req->data;
839 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
840 struct ieee80211_local *local = sdata->local;
841 int tx_last_beacon, len = req->len;
842 struct sk_buff *skb;
843 struct beacon_data *presp;
844 u8 *pos, *end;
845
846 lockdep_assert_held(&ifibss->mtx);
847
848 presp = rcu_dereference_protected(ifibss->presp,
849 lockdep_is_held(&ifibss->mtx));
850
851 if (ifibss->state != IEEE80211_IBSS_MLME_JOINED ||
852 len < 24 + 2 || !presp)
853 return;
854
855 tx_last_beacon = drv_tx_last_beacon(local);
856
857 ibss_dbg(sdata,
858 "RX ProbeReq SA=%pM DA=%pM BSSID=%pM (tx_last_beacon=%d)\n",
859 mgmt->sa, mgmt->da, mgmt->bssid, tx_last_beacon);
860
861 if (!tx_last_beacon && is_multicast_ether_addr(mgmt->da))
862 return;
863
864 if (!ether_addr_equal(mgmt->bssid, ifibss->bssid) &&
865 !is_broadcast_ether_addr(mgmt->bssid))
866 return;
867
868 end = ((u8 *) mgmt) + len;
869 pos = mgmt->u.probe_req.variable;
870 if (pos[0] != WLAN_EID_SSID ||
871 pos + 2 + pos[1] > end) {
872 ibss_dbg(sdata, "Invalid SSID IE in ProbeReq from %pM\n",
873 mgmt->sa);
874 return;
875 }
876 if (pos[1] != 0 &&
877 (pos[1] != ifibss->ssid_len ||
878 memcmp(pos + 2, ifibss->ssid, ifibss->ssid_len))) {
879
880 return;
881 }
882
883
884 skb = dev_alloc_skb(local->tx_headroom + presp->head_len);
885 if (!skb)
886 return;
887
888 skb_reserve(skb, local->tx_headroom);
889 memcpy(skb_put(skb, presp->head_len), presp->head, presp->head_len);
890
891 memcpy(((struct ieee80211_mgmt *) skb->data)->da, mgmt->sa, ETH_ALEN);
892 ibss_dbg(sdata, "Sending ProbeResp to %pM\n", mgmt->sa);
893 IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT;
894 ieee80211_tx_skb(sdata, skb);
895}
896
897static
898void ieee80211_rx_mgmt_probe_beacon(struct ieee80211_sub_if_data *sdata,
899 struct ieee80211_mgmt *mgmt, size_t len,
900 struct ieee80211_rx_status *rx_status)
901{
902 size_t baselen;
903 struct ieee802_11_elems elems;
904
905 BUILD_BUG_ON(offsetof(typeof(mgmt->u.probe_resp), variable) !=
906 offsetof(typeof(mgmt->u.beacon), variable));
907
908
909
910
911
912 baselen = (u8 *) mgmt->u.probe_resp.variable - (u8 *) mgmt;
913 if (baselen > len)
914 return;
915
916 ieee802_11_parse_elems(mgmt->u.probe_resp.variable, len - baselen,
917 false, &elems);
918
919 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems);
920}
921
922void ieee80211_ibss_rx_queued_mgmt(struct ieee80211_sub_if_data *sdata,
923 struct sk_buff *skb)
924{
925 struct ieee80211_rx_status *rx_status;
926 struct ieee80211_mgmt *mgmt;
927 u16 fc;
928
929 rx_status = IEEE80211_SKB_RXCB(skb);
930 mgmt = (struct ieee80211_mgmt *) skb->data;
931 fc = le16_to_cpu(mgmt->frame_control);
932
933 mutex_lock(&sdata->u.ibss.mtx);
934
935 if (!sdata->u.ibss.ssid_len)
936 goto mgmt_out;
937
938 switch (fc & IEEE80211_FCTL_STYPE) {
939 case IEEE80211_STYPE_PROBE_REQ:
940 ieee80211_rx_mgmt_probe_req(sdata, skb);
941 break;
942 case IEEE80211_STYPE_PROBE_RESP:
943 case IEEE80211_STYPE_BEACON:
944 ieee80211_rx_mgmt_probe_beacon(sdata, mgmt, skb->len,
945 rx_status);
946 break;
947 case IEEE80211_STYPE_AUTH:
948 ieee80211_rx_mgmt_auth_ibss(sdata, mgmt, skb->len);
949 break;
950 case IEEE80211_STYPE_DEAUTH:
951 ieee80211_rx_mgmt_deauth_ibss(sdata, mgmt, skb->len);
952 break;
953 }
954
955 mgmt_out:
956 mutex_unlock(&sdata->u.ibss.mtx);
957}
958
959void ieee80211_ibss_work(struct ieee80211_sub_if_data *sdata)
960{
961 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
962 struct sta_info *sta;
963
964 mutex_lock(&ifibss->mtx);
965
966
967
968
969
970
971 if (!ifibss->ssid_len)
972 goto out;
973
974 spin_lock_bh(&ifibss->incomplete_lock);
975 while (!list_empty(&ifibss->incomplete_stations)) {
976 sta = list_first_entry(&ifibss->incomplete_stations,
977 struct sta_info, list);
978 list_del(&sta->list);
979 spin_unlock_bh(&ifibss->incomplete_lock);
980
981 ieee80211_ibss_finish_sta(sta, true);
982 rcu_read_unlock();
983 spin_lock_bh(&ifibss->incomplete_lock);
984 }
985 spin_unlock_bh(&ifibss->incomplete_lock);
986
987 switch (ifibss->state) {
988 case IEEE80211_IBSS_MLME_SEARCH:
989 ieee80211_sta_find_ibss(sdata);
990 break;
991 case IEEE80211_IBSS_MLME_JOINED:
992 ieee80211_sta_merge_ibss(sdata);
993 break;
994 default:
995 WARN_ON(1);
996 break;
997 }
998
999 out:
1000 mutex_unlock(&ifibss->mtx);
1001}
1002
1003static void ieee80211_ibss_timer(unsigned long data)
1004{
1005 struct ieee80211_sub_if_data *sdata =
1006 (struct ieee80211_sub_if_data *) data;
1007
1008 ieee80211_queue_work(&sdata->local->hw, &sdata->work);
1009}
1010
1011void ieee80211_ibss_setup_sdata(struct ieee80211_sub_if_data *sdata)
1012{
1013 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
1014
1015 setup_timer(&ifibss->timer, ieee80211_ibss_timer,
1016 (unsigned long) sdata);
1017 mutex_init(&ifibss->mtx);
1018 INIT_LIST_HEAD(&ifibss->incomplete_stations);
1019 spin_lock_init(&ifibss->incomplete_lock);
1020}
1021
1022
1023void ieee80211_ibss_notify_scan_completed(struct ieee80211_local *local)
1024{
1025 struct ieee80211_sub_if_data *sdata;
1026
1027 mutex_lock(&local->iflist_mtx);
1028 list_for_each_entry(sdata, &local->interfaces, list) {
1029 if (!ieee80211_sdata_running(sdata))
1030 continue;
1031 if (sdata->vif.type != NL80211_IFTYPE_ADHOC)
1032 continue;
1033 sdata->u.ibss.last_scan_completed = jiffies;
1034 ieee80211_queue_work(&local->hw, &sdata->work);
1035 }
1036 mutex_unlock(&local->iflist_mtx);
1037}
1038
1039int ieee80211_ibss_join(struct ieee80211_sub_if_data *sdata,
1040 struct cfg80211_ibss_params *params)
1041{
1042 u32 changed = 0;
1043
1044 mutex_lock(&sdata->u.ibss.mtx);
1045
1046 if (params->bssid) {
1047 memcpy(sdata->u.ibss.bssid, params->bssid, ETH_ALEN);
1048 sdata->u.ibss.fixed_bssid = true;
1049 } else
1050 sdata->u.ibss.fixed_bssid = false;
1051
1052 sdata->u.ibss.privacy = params->privacy;
1053 sdata->u.ibss.control_port = params->control_port;
1054 sdata->u.ibss.basic_rates = params->basic_rates;
1055 memcpy(sdata->vif.bss_conf.mcast_rate, params->mcast_rate,
1056 sizeof(params->mcast_rate));
1057
1058 sdata->vif.bss_conf.beacon_int = params->beacon_interval;
1059
1060 sdata->u.ibss.channel = params->chandef.chan;
1061 sdata->u.ibss.channel_type =
1062 cfg80211_get_chandef_type(¶ms->chandef);
1063 sdata->u.ibss.fixed_channel = params->channel_fixed;
1064
1065 if (params->ie) {
1066 sdata->u.ibss.ie = kmemdup(params->ie, params->ie_len,
1067 GFP_KERNEL);
1068 if (sdata->u.ibss.ie)
1069 sdata->u.ibss.ie_len = params->ie_len;
1070 }
1071
1072 sdata->u.ibss.state = IEEE80211_IBSS_MLME_SEARCH;
1073 sdata->u.ibss.ibss_join_req = jiffies;
1074
1075 memcpy(sdata->u.ibss.ssid, params->ssid, params->ssid_len);
1076 sdata->u.ibss.ssid_len = params->ssid_len;
1077
1078 mutex_unlock(&sdata->u.ibss.mtx);
1079
1080
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090 sdata->vif.bss_conf.ht_operation_mode |=
1091 IEEE80211_HT_OP_MODE_PROTECTION_NONHT_MIXED
1092 | IEEE80211_HT_PARAM_RIFS_MODE;
1093
1094 changed |= BSS_CHANGED_HT;
1095 ieee80211_bss_info_change_notify(sdata, changed);
1096
1097 sdata->smps_mode = IEEE80211_SMPS_OFF;
1098 sdata->needed_rx_chains = sdata->local->rx_chains;
1099
1100 ieee80211_queue_work(&sdata->local->hw, &sdata->work);
1101
1102 return 0;
1103}
1104
1105int ieee80211_ibss_leave(struct ieee80211_sub_if_data *sdata)
1106{
1107 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
1108 struct ieee80211_local *local = sdata->local;
1109 struct cfg80211_bss *cbss;
1110 u16 capability;
1111 int active_ibss;
1112 struct sta_info *sta;
1113 struct beacon_data *presp;
1114
1115 mutex_lock(&sdata->u.ibss.mtx);
1116
1117 active_ibss = ieee80211_sta_active_ibss(sdata);
1118
1119 if (!active_ibss && !is_zero_ether_addr(ifibss->bssid)) {
1120 capability = WLAN_CAPABILITY_IBSS;
1121
1122 if (ifibss->privacy)
1123 capability |= WLAN_CAPABILITY_PRIVACY;
1124
1125 cbss = cfg80211_get_bss(local->hw.wiphy, ifibss->channel,
1126 ifibss->bssid, ifibss->ssid,
1127 ifibss->ssid_len, WLAN_CAPABILITY_IBSS |
1128 WLAN_CAPABILITY_PRIVACY,
1129 capability);
1130
1131 if (cbss) {
1132 cfg80211_unlink_bss(local->hw.wiphy, cbss);
1133 cfg80211_put_bss(local->hw.wiphy, cbss);
1134 }
1135 }
1136
1137 ifibss->state = IEEE80211_IBSS_MLME_SEARCH;
1138 memset(ifibss->bssid, 0, ETH_ALEN);
1139 ifibss->ssid_len = 0;
1140
1141 sta_info_flush(sdata);
1142
1143 spin_lock_bh(&ifibss->incomplete_lock);
1144 while (!list_empty(&ifibss->incomplete_stations)) {
1145 sta = list_first_entry(&ifibss->incomplete_stations,
1146 struct sta_info, list);
1147 list_del(&sta->list);
1148 spin_unlock_bh(&ifibss->incomplete_lock);
1149
1150 sta_info_free(local, sta);
1151 spin_lock_bh(&ifibss->incomplete_lock);
1152 }
1153 spin_unlock_bh(&ifibss->incomplete_lock);
1154
1155 netif_carrier_off(sdata->dev);
1156
1157
1158 kfree(sdata->u.ibss.ie);
1159 presp = rcu_dereference_protected(ifibss->presp,
1160 lockdep_is_held(&sdata->u.ibss.mtx));
1161 RCU_INIT_POINTER(sdata->u.ibss.presp, NULL);
1162 sdata->vif.bss_conf.ibss_joined = false;
1163 sdata->vif.bss_conf.ibss_creator = false;
1164 sdata->vif.bss_conf.enable_beacon = false;
1165 sdata->vif.bss_conf.ssid_len = 0;
1166 clear_bit(SDATA_STATE_OFFCHANNEL_BEACON_STOPPED, &sdata->state);
1167 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BEACON_ENABLED |
1168 BSS_CHANGED_IBSS);
1169 synchronize_rcu();
1170 kfree(presp);
1171
1172 skb_queue_purge(&sdata->skb_queue);
1173
1174 del_timer_sync(&sdata->u.ibss.timer);
1175
1176 mutex_unlock(&sdata->u.ibss.mtx);
1177
1178 return 0;
1179}
1180
