1
2
3
4
5
6
7
8
9
10
11
12
13
14
15#include <linux/delay.h>
16#include <linux/slab.h>
17#include <linux/if_ether.h>
18#include <linux/skbuff.h>
19#include <linux/if_arp.h>
20#include <linux/etherdevice.h>
21#include <linux/rtnetlink.h>
22#include <net/mac80211.h>
23
24#include "ieee80211_i.h"
25#include "driver-ops.h"
26#include "rate.h"
27
28#define IEEE80211_SCAN_INTERVAL (2 * HZ)
29#define IEEE80211_IBSS_JOIN_TIMEOUT (7 * HZ)
30
31#define IEEE80211_IBSS_MERGE_INTERVAL (30 * HZ)
32#define IEEE80211_IBSS_INACTIVITY_LIMIT (60 * HZ)
33#define IEEE80211_IBSS_RSN_INACTIVITY_LIMIT (10 * HZ)
34
35#define IEEE80211_IBSS_MAX_STA_ENTRIES 128
36
37static struct beacon_data *
38ieee80211_ibss_build_presp(struct ieee80211_sub_if_data *sdata,
39 const int beacon_int, const u32 basic_rates,
40 const u16 capability, u64 tsf,
41 struct cfg80211_chan_def *chandef,
42 bool *have_higher_than_11mbit,
43 struct cfg80211_csa_settings *csa_settings)
44{
45 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
46 struct ieee80211_local *local = sdata->local;
47 int rates_n = 0, i, ri;
48 struct ieee80211_mgmt *mgmt;
49 u8 *pos;
50 struct ieee80211_supported_band *sband;
51 u32 rate_flags, rates = 0, rates_added = 0;
52 struct beacon_data *presp;
53 int frame_len;
54 int shift;
55
56
57 frame_len = sizeof(struct ieee80211_hdr_3addr) +
58 12 +
59 2 + IEEE80211_MAX_SSID_LEN +
60 2 + 8 +
61 3 +
62 4 +
63 5 +
64 2 + (IEEE80211_MAX_SUPP_RATES - 8) +
65 2 + sizeof(struct ieee80211_ht_cap) +
66 2 + sizeof(struct ieee80211_ht_operation) +
67 ifibss->ie_len;
68 presp = kzalloc(sizeof(*presp) + frame_len, GFP_KERNEL);
69 if (!presp)
70 return NULL;
71
72 presp->head = (void *)(presp + 1);
73
74 mgmt = (void *) presp->head;
75 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
76 IEEE80211_STYPE_PROBE_RESP);
77 eth_broadcast_addr(mgmt->da);
78 memcpy(mgmt->sa, sdata->vif.addr, ETH_ALEN);
79 memcpy(mgmt->bssid, ifibss->bssid, ETH_ALEN);
80 mgmt->u.beacon.beacon_int = cpu_to_le16(beacon_int);
81 mgmt->u.beacon.timestamp = cpu_to_le64(tsf);
82 mgmt->u.beacon.capab_info = cpu_to_le16(capability);
83
84 pos = (u8 *)mgmt + offsetof(struct ieee80211_mgmt, u.beacon.variable);
85
86 *pos++ = WLAN_EID_SSID;
87 *pos++ = ifibss->ssid_len;
88 memcpy(pos, ifibss->ssid, ifibss->ssid_len);
89 pos += ifibss->ssid_len;
90
91 sband = local->hw.wiphy->bands[chandef->chan->band];
92 rate_flags = ieee80211_chandef_rate_flags(chandef);
93 shift = ieee80211_chandef_get_shift(chandef);
94 rates_n = 0;
95 if (have_higher_than_11mbit)
96 *have_higher_than_11mbit = false;
97
98 for (i = 0; i < sband->n_bitrates; i++) {
99 if ((rate_flags & sband->bitrates[i].flags) != rate_flags)
100 continue;
101 if (sband->bitrates[i].bitrate > 110 &&
102 have_higher_than_11mbit)
103 *have_higher_than_11mbit = true;
104
105 rates |= BIT(i);
106 rates_n++;
107 }
108
109 *pos++ = WLAN_EID_SUPP_RATES;
110 *pos++ = min_t(int, 8, rates_n);
111 for (ri = 0; ri < sband->n_bitrates; ri++) {
112 int rate = DIV_ROUND_UP(sband->bitrates[ri].bitrate,
113 5 * (1 << shift));
114 u8 basic = 0;
115 if (!(rates & BIT(ri)))
116 continue;
117
118 if (basic_rates & BIT(ri))
119 basic = 0x80;
120 *pos++ = basic | (u8) rate;
121 if (++rates_added == 8) {
122 ri++;
123 break;
124 }
125 }
126
127 if (sband->band == IEEE80211_BAND_2GHZ) {
128 *pos++ = WLAN_EID_DS_PARAMS;
129 *pos++ = 1;
130 *pos++ = ieee80211_frequency_to_channel(
131 chandef->chan->center_freq);
132 }
133
134 *pos++ = WLAN_EID_IBSS_PARAMS;
135 *pos++ = 2;
136
137 *pos++ = 0;
138 *pos++ = 0;
139
140 if (csa_settings) {
141 *pos++ = WLAN_EID_CHANNEL_SWITCH;
142 *pos++ = 3;
143 *pos++ = csa_settings->block_tx ? 1 : 0;
144 *pos++ = ieee80211_frequency_to_channel(
145 csa_settings->chandef.chan->center_freq);
146 sdata->csa_counter_offset_beacon = (pos - presp->head);
147 *pos++ = csa_settings->count;
148 }
149
150
151 if (rates_n > 8) {
152 *pos++ = WLAN_EID_EXT_SUPP_RATES;
153 *pos++ = rates_n - 8;
154 for (; ri < sband->n_bitrates; ri++) {
155 int rate = DIV_ROUND_UP(sband->bitrates[ri].bitrate,
156 5 * (1 << shift));
157 u8 basic = 0;
158 if (!(rates & BIT(ri)))
159 continue;
160
161 if (basic_rates & BIT(ri))
162 basic = 0x80;
163 *pos++ = basic | (u8) rate;
164 }
165 }
166
167 if (ifibss->ie_len) {
168 memcpy(pos, ifibss->ie, ifibss->ie_len);
169 pos += ifibss->ie_len;
170 }
171
172
173 if (chandef->width != NL80211_CHAN_WIDTH_20_NOHT &&
174 chandef->width != NL80211_CHAN_WIDTH_5 &&
175 chandef->width != NL80211_CHAN_WIDTH_10 &&
176 sband->ht_cap.ht_supported) {
177 struct ieee80211_sta_ht_cap ht_cap;
178
179 memcpy(&ht_cap, &sband->ht_cap, sizeof(ht_cap));
180 ieee80211_apply_htcap_overrides(sdata, &ht_cap);
181
182 pos = ieee80211_ie_build_ht_cap(pos, &ht_cap, ht_cap.cap);
183
184
185
186
187
188 pos = ieee80211_ie_build_ht_oper(pos, &sband->ht_cap,
189 chandef, 0);
190 }
191
192 if (local->hw.queues >= IEEE80211_NUM_ACS) {
193 *pos++ = WLAN_EID_VENDOR_SPECIFIC;
194 *pos++ = 7;
195 *pos++ = 0x00;
196 *pos++ = 0x50;
197 *pos++ = 0xf2;
198 *pos++ = 2;
199 *pos++ = 0;
200 *pos++ = 1;
201 *pos++ = 0;
202 }
203
204 presp->head_len = pos - presp->head;
205 if (WARN_ON(presp->head_len > frame_len))
206 goto error;
207
208 return presp;
209error:
210 kfree(presp);
211 return NULL;
212}
213
214static void __ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata,
215 const u8 *bssid, const int beacon_int,
216 struct cfg80211_chan_def *req_chandef,
217 const u32 basic_rates,
218 const u16 capability, u64 tsf,
219 bool creator)
220{
221 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
222 struct ieee80211_local *local = sdata->local;
223 struct ieee80211_supported_band *sband;
224 struct ieee80211_mgmt *mgmt;
225 struct cfg80211_bss *bss;
226 u32 bss_change;
227 struct cfg80211_chan_def chandef;
228 struct ieee80211_channel *chan;
229 struct beacon_data *presp;
230 enum nl80211_bss_scan_width scan_width;
231 bool have_higher_than_11mbit;
232 bool radar_required = false;
233 int err;
234
235 sdata_assert_lock(sdata);
236
237
238 drv_reset_tsf(local, sdata);
239
240 if (!ether_addr_equal(ifibss->bssid, bssid))
241 sta_info_flush(sdata);
242
243
244 if (sdata->vif.bss_conf.ibss_joined) {
245 sdata->vif.bss_conf.ibss_joined = false;
246 sdata->vif.bss_conf.ibss_creator = false;
247 sdata->vif.bss_conf.enable_beacon = false;
248 netif_carrier_off(sdata->dev);
249 ieee80211_bss_info_change_notify(sdata,
250 BSS_CHANGED_IBSS |
251 BSS_CHANGED_BEACON_ENABLED);
252 drv_leave_ibss(local, sdata);
253 }
254
255 presp = rcu_dereference_protected(ifibss->presp,
256 lockdep_is_held(&sdata->wdev.mtx));
257 rcu_assign_pointer(ifibss->presp, NULL);
258 if (presp)
259 kfree_rcu(presp, rcu_head);
260
261 sdata->drop_unencrypted = capability & WLAN_CAPABILITY_PRIVACY ? 1 : 0;
262
263
264 chandef = *req_chandef;
265 chan = chandef.chan;
266 if (!cfg80211_reg_can_beacon(local->hw.wiphy, &chandef)) {
267 if (chandef.width == NL80211_CHAN_WIDTH_5 ||
268 chandef.width == NL80211_CHAN_WIDTH_10 ||
269 chandef.width == NL80211_CHAN_WIDTH_20_NOHT ||
270 chandef.width == NL80211_CHAN_WIDTH_20) {
271 sdata_info(sdata,
272 "Failed to join IBSS, beacons forbidden\n");
273 return;
274 }
275 chandef.width = NL80211_CHAN_WIDTH_20;
276 chandef.center_freq1 = chan->center_freq;
277
278 if (!cfg80211_reg_can_beacon(local->hw.wiphy, &chandef)) {
279 sdata_info(sdata,
280 "Failed to join IBSS, beacons forbidden\n");
281 return;
282 }
283 }
284
285 err = cfg80211_chandef_dfs_required(sdata->local->hw.wiphy,
286 &chandef);
287 if (err > 0) {
288 if (!ifibss->userspace_handles_dfs) {
289 sdata_info(sdata,
290 "Failed to join IBSS, DFS channel without control program\n");
291 return;
292 }
293 radar_required = true;
294 }
295
296 mutex_lock(&local->mtx);
297 ieee80211_vif_release_channel(sdata);
298 if (ieee80211_vif_use_channel(sdata, &chandef,
299 ifibss->fixed_channel ?
300 IEEE80211_CHANCTX_SHARED :
301 IEEE80211_CHANCTX_EXCLUSIVE)) {
302 sdata_info(sdata, "Failed to join IBSS, no channel context\n");
303 mutex_unlock(&local->mtx);
304 return;
305 }
306 mutex_unlock(&local->mtx);
307
308 memcpy(ifibss->bssid, bssid, ETH_ALEN);
309
310 sband = local->hw.wiphy->bands[chan->band];
311
312 presp = ieee80211_ibss_build_presp(sdata, beacon_int, basic_rates,
313 capability, tsf, &chandef,
314 &have_higher_than_11mbit, NULL);
315 if (!presp)
316 return;
317
318 rcu_assign_pointer(ifibss->presp, presp);
319 mgmt = (void *)presp->head;
320
321 sdata->radar_required = radar_required;
322 sdata->vif.bss_conf.enable_beacon = true;
323 sdata->vif.bss_conf.beacon_int = beacon_int;
324 sdata->vif.bss_conf.basic_rates = basic_rates;
325 sdata->vif.bss_conf.ssid_len = ifibss->ssid_len;
326 memcpy(sdata->vif.bss_conf.ssid, ifibss->ssid, ifibss->ssid_len);
327 bss_change = BSS_CHANGED_BEACON_INT;
328 bss_change |= ieee80211_reset_erp_info(sdata);
329 bss_change |= BSS_CHANGED_BSSID;
330 bss_change |= BSS_CHANGED_BEACON;
331 bss_change |= BSS_CHANGED_BEACON_ENABLED;
332 bss_change |= BSS_CHANGED_BASIC_RATES;
333 bss_change |= BSS_CHANGED_HT;
334 bss_change |= BSS_CHANGED_IBSS;
335 bss_change |= BSS_CHANGED_SSID;
336
337
338
339
340
341
342
343
344
345
346
347 sdata->vif.bss_conf.use_short_slot = chan->band == IEEE80211_BAND_5GHZ;
348 bss_change |= BSS_CHANGED_ERP_SLOT;
349
350
351 if (chan->band == IEEE80211_BAND_2GHZ && have_higher_than_11mbit)
352 sdata->flags |= IEEE80211_SDATA_OPERATING_GMODE;
353 else
354 sdata->flags &= ~IEEE80211_SDATA_OPERATING_GMODE;
355
356 ieee80211_set_wmm_default(sdata, true);
357
358 sdata->vif.bss_conf.ibss_joined = true;
359 sdata->vif.bss_conf.ibss_creator = creator;
360
361 err = drv_join_ibss(local, sdata);
362 if (err) {
363 sdata->vif.bss_conf.ibss_joined = false;
364 sdata->vif.bss_conf.ibss_creator = false;
365 sdata->vif.bss_conf.enable_beacon = false;
366 sdata->vif.bss_conf.ssid_len = 0;
367 RCU_INIT_POINTER(ifibss->presp, NULL);
368 kfree_rcu(presp, rcu_head);
369 mutex_lock(&local->mtx);
370 ieee80211_vif_release_channel(sdata);
371 mutex_unlock(&local->mtx);
372 sdata_info(sdata, "Failed to join IBSS, driver failure: %d\n",
373 err);
374 return;
375 }
376
377 ieee80211_bss_info_change_notify(sdata, bss_change);
378
379 ifibss->state = IEEE80211_IBSS_MLME_JOINED;
380 mod_timer(&ifibss->timer,
381 round_jiffies(jiffies + IEEE80211_IBSS_MERGE_INTERVAL));
382
383 scan_width = cfg80211_chandef_to_scan_width(&chandef);
384 bss = cfg80211_inform_bss_width_frame(local->hw.wiphy, chan,
385 scan_width, mgmt,
386 presp->head_len, 0, GFP_KERNEL);
387 cfg80211_put_bss(local->hw.wiphy, bss);
388 netif_carrier_on(sdata->dev);
389 cfg80211_ibss_joined(sdata->dev, ifibss->bssid, GFP_KERNEL);
390}
391
392static void ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata,
393 struct ieee80211_bss *bss)
394{
395 struct cfg80211_bss *cbss =
396 container_of((void *)bss, struct cfg80211_bss, priv);
397 struct ieee80211_supported_band *sband;
398 struct cfg80211_chan_def chandef;
399 u32 basic_rates;
400 int i, j;
401 u16 beacon_int = cbss->beacon_interval;
402 const struct cfg80211_bss_ies *ies;
403 enum nl80211_channel_type chan_type;
404 u64 tsf;
405 u32 rate_flags;
406 int shift;
407
408 sdata_assert_lock(sdata);
409
410 if (beacon_int < 10)
411 beacon_int = 10;
412
413 switch (sdata->u.ibss.chandef.width) {
414 case NL80211_CHAN_WIDTH_20_NOHT:
415 case NL80211_CHAN_WIDTH_20:
416 case NL80211_CHAN_WIDTH_40:
417 chan_type = cfg80211_get_chandef_type(&sdata->u.ibss.chandef);
418 cfg80211_chandef_create(&chandef, cbss->channel, chan_type);
419 break;
420 case NL80211_CHAN_WIDTH_5:
421 case NL80211_CHAN_WIDTH_10:
422 cfg80211_chandef_create(&chandef, cbss->channel,
423 NL80211_CHAN_WIDTH_20_NOHT);
424 chandef.width = sdata->u.ibss.chandef.width;
425 break;
426 default:
427
428 cfg80211_chandef_create(&chandef, cbss->channel,
429 NL80211_CHAN_WIDTH_20_NOHT);
430 break;
431 }
432
433 sband = sdata->local->hw.wiphy->bands[cbss->channel->band];
434 rate_flags = ieee80211_chandef_rate_flags(&sdata->u.ibss.chandef);
435 shift = ieee80211_vif_get_shift(&sdata->vif);
436
437 basic_rates = 0;
438
439 for (i = 0; i < bss->supp_rates_len; i++) {
440 int rate = bss->supp_rates[i] & 0x7f;
441 bool is_basic = !!(bss->supp_rates[i] & 0x80);
442
443 for (j = 0; j < sband->n_bitrates; j++) {
444 int brate;
445 if ((rate_flags & sband->bitrates[j].flags)
446 != rate_flags)
447 continue;
448
449 brate = DIV_ROUND_UP(sband->bitrates[j].bitrate,
450 5 * (1 << shift));
451 if (brate == rate) {
452 if (is_basic)
453 basic_rates |= BIT(j);
454 break;
455 }
456 }
457 }
458
459 rcu_read_lock();
460 ies = rcu_dereference(cbss->ies);
461 tsf = ies->tsf;
462 rcu_read_unlock();
463
464 __ieee80211_sta_join_ibss(sdata, cbss->bssid,
465 beacon_int,
466 &chandef,
467 basic_rates,
468 cbss->capability,
469 tsf, false);
470}
471
472int ieee80211_ibss_csa_beacon(struct ieee80211_sub_if_data *sdata,
473 struct cfg80211_csa_settings *csa_settings)
474{
475 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
476 struct beacon_data *presp, *old_presp;
477 struct cfg80211_bss *cbss;
478 const struct cfg80211_bss_ies *ies;
479 u16 capability;
480 u64 tsf;
481 int ret = 0;
482
483 sdata_assert_lock(sdata);
484
485 capability = WLAN_CAPABILITY_IBSS;
486
487 if (ifibss->privacy)
488 capability |= WLAN_CAPABILITY_PRIVACY;
489
490 cbss = cfg80211_get_bss(sdata->local->hw.wiphy, ifibss->chandef.chan,
491 ifibss->bssid, ifibss->ssid,
492 ifibss->ssid_len, WLAN_CAPABILITY_IBSS |
493 WLAN_CAPABILITY_PRIVACY,
494 capability);
495
496 if (WARN_ON(!cbss)) {
497 ret = -EINVAL;
498 goto out;
499 }
500
501 rcu_read_lock();
502 ies = rcu_dereference(cbss->ies);
503 tsf = ies->tsf;
504 rcu_read_unlock();
505 cfg80211_put_bss(sdata->local->hw.wiphy, cbss);
506
507 old_presp = rcu_dereference_protected(ifibss->presp,
508 lockdep_is_held(&sdata->wdev.mtx));
509
510 presp = ieee80211_ibss_build_presp(sdata,
511 sdata->vif.bss_conf.beacon_int,
512 sdata->vif.bss_conf.basic_rates,
513 capability, tsf, &ifibss->chandef,
514 NULL, csa_settings);
515 if (!presp) {
516 ret = -ENOMEM;
517 goto out;
518 }
519
520 rcu_assign_pointer(ifibss->presp, presp);
521 if (old_presp)
522 kfree_rcu(old_presp, rcu_head);
523
524
525
526
527 if (csa_settings)
528 ieee80211_send_action_csa(sdata, csa_settings);
529
530 return BSS_CHANGED_BEACON;
531 out:
532 return ret;
533}
534
535int ieee80211_ibss_finish_csa(struct ieee80211_sub_if_data *sdata)
536{
537 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
538 struct cfg80211_bss *cbss;
539 int err;
540 u16 capability;
541
542 sdata_assert_lock(sdata);
543
544
545 if (!is_zero_ether_addr(ifibss->bssid)) {
546 capability = WLAN_CAPABILITY_IBSS;
547
548 if (ifibss->privacy)
549 capability |= WLAN_CAPABILITY_PRIVACY;
550
551 cbss = cfg80211_get_bss(sdata->local->hw.wiphy,
552 ifibss->chandef.chan,
553 ifibss->bssid, ifibss->ssid,
554 ifibss->ssid_len, WLAN_CAPABILITY_IBSS |
555 WLAN_CAPABILITY_PRIVACY,
556 capability);
557
558 if (cbss) {
559 cbss->channel = sdata->csa_chandef.chan;
560 cfg80211_put_bss(sdata->local->hw.wiphy, cbss);
561 }
562 }
563
564 ifibss->chandef = sdata->csa_chandef;
565
566
567 err = ieee80211_ibss_csa_beacon(sdata, NULL);
568 if (err < 0)
569 return err;
570
571 if (err)
572 ieee80211_bss_info_change_notify(sdata, err);
573
574 return 0;
575}
576
577void ieee80211_ibss_stop(struct ieee80211_sub_if_data *sdata)
578{
579 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
580
581 cancel_work_sync(&ifibss->csa_connection_drop_work);
582}
583
584static struct sta_info *ieee80211_ibss_finish_sta(struct sta_info *sta)
585 __acquires(RCU)
586{
587 struct ieee80211_sub_if_data *sdata = sta->sdata;
588 u8 addr[ETH_ALEN];
589
590 memcpy(addr, sta->sta.addr, ETH_ALEN);
591
592 ibss_dbg(sdata, "Adding new IBSS station %pM\n", addr);
593
594 sta_info_pre_move_state(sta, IEEE80211_STA_AUTH);
595 sta_info_pre_move_state(sta, IEEE80211_STA_ASSOC);
596
597
598 if (!sta->sdata->u.ibss.control_port)
599 sta_info_pre_move_state(sta, IEEE80211_STA_AUTHORIZED);
600
601 rate_control_rate_init(sta);
602
603
604 if (sta_info_insert_rcu(sta))
605 return sta_info_get(sdata, addr);
606 return sta;
607}
608
609static struct sta_info *
610ieee80211_ibss_add_sta(struct ieee80211_sub_if_data *sdata, const u8 *bssid,
611 const u8 *addr, u32 supp_rates)
612 __acquires(RCU)
613{
614 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
615 struct ieee80211_local *local = sdata->local;
616 struct sta_info *sta;
617 struct ieee80211_chanctx_conf *chanctx_conf;
618 struct ieee80211_supported_band *sband;
619 enum nl80211_bss_scan_width scan_width;
620 int band;
621
622
623
624
625
626 if (local->num_sta >= IEEE80211_IBSS_MAX_STA_ENTRIES) {
627 net_info_ratelimited("%s: No room for a new IBSS STA entry %pM\n",
628 sdata->name, addr);
629 rcu_read_lock();
630 return NULL;
631 }
632
633 if (ifibss->state == IEEE80211_IBSS_MLME_SEARCH) {
634 rcu_read_lock();
635 return NULL;
636 }
637
638 if (!ether_addr_equal(bssid, sdata->u.ibss.bssid)) {
639 rcu_read_lock();
640 return NULL;
641 }
642
643 rcu_read_lock();
644 chanctx_conf = rcu_dereference(sdata->vif.chanctx_conf);
645 if (WARN_ON_ONCE(!chanctx_conf))
646 return NULL;
647 band = chanctx_conf->def.chan->band;
648 scan_width = cfg80211_chandef_to_scan_width(&chanctx_conf->def);
649 rcu_read_unlock();
650
651 sta = sta_info_alloc(sdata, addr, GFP_KERNEL);
652 if (!sta) {
653 rcu_read_lock();
654 return NULL;
655 }
656
657 sta->last_rx = jiffies;
658
659
660 sband = local->hw.wiphy->bands[band];
661 sta->sta.supp_rates[band] = supp_rates |
662 ieee80211_mandatory_rates(sband, scan_width);
663
664 return ieee80211_ibss_finish_sta(sta);
665}
666
667static int ieee80211_sta_active_ibss(struct ieee80211_sub_if_data *sdata)
668{
669 struct ieee80211_local *local = sdata->local;
670 int active = 0;
671 struct sta_info *sta;
672
673 sdata_assert_lock(sdata);
674
675 rcu_read_lock();
676
677 list_for_each_entry_rcu(sta, &local->sta_list, list) {
678 if (sta->sdata == sdata &&
679 time_after(sta->last_rx + IEEE80211_IBSS_MERGE_INTERVAL,
680 jiffies)) {
681 active++;
682 break;
683 }
684 }
685
686 rcu_read_unlock();
687
688 return active;
689}
690
691static void ieee80211_ibss_disconnect(struct ieee80211_sub_if_data *sdata)
692{
693 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
694 struct ieee80211_local *local = sdata->local;
695 struct cfg80211_bss *cbss;
696 struct beacon_data *presp;
697 struct sta_info *sta;
698 u16 capability;
699
700 if (!is_zero_ether_addr(ifibss->bssid)) {
701 capability = WLAN_CAPABILITY_IBSS;
702
703 if (ifibss->privacy)
704 capability |= WLAN_CAPABILITY_PRIVACY;
705
706 cbss = cfg80211_get_bss(local->hw.wiphy, ifibss->chandef.chan,
707 ifibss->bssid, ifibss->ssid,
708 ifibss->ssid_len, WLAN_CAPABILITY_IBSS |
709 WLAN_CAPABILITY_PRIVACY,
710 capability);
711
712 if (cbss) {
713 cfg80211_unlink_bss(local->hw.wiphy, cbss);
714 cfg80211_put_bss(sdata->local->hw.wiphy, cbss);
715 }
716 }
717
718 ifibss->state = IEEE80211_IBSS_MLME_SEARCH;
719
720 sta_info_flush(sdata);
721
722 spin_lock_bh(&ifibss->incomplete_lock);
723 while (!list_empty(&ifibss->incomplete_stations)) {
724 sta = list_first_entry(&ifibss->incomplete_stations,
725 struct sta_info, list);
726 list_del(&sta->list);
727 spin_unlock_bh(&ifibss->incomplete_lock);
728
729 sta_info_free(local, sta);
730 spin_lock_bh(&ifibss->incomplete_lock);
731 }
732 spin_unlock_bh(&ifibss->incomplete_lock);
733
734 netif_carrier_off(sdata->dev);
735
736 sdata->vif.bss_conf.ibss_joined = false;
737 sdata->vif.bss_conf.ibss_creator = false;
738 sdata->vif.bss_conf.enable_beacon = false;
739 sdata->vif.bss_conf.ssid_len = 0;
740
741
742 presp = rcu_dereference_protected(ifibss->presp,
743 lockdep_is_held(&sdata->wdev.mtx));
744 RCU_INIT_POINTER(sdata->u.ibss.presp, NULL);
745 if (presp)
746 kfree_rcu(presp, rcu_head);
747
748 clear_bit(SDATA_STATE_OFFCHANNEL_BEACON_STOPPED, &sdata->state);
749 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BEACON_ENABLED |
750 BSS_CHANGED_IBSS);
751 drv_leave_ibss(local, sdata);
752 mutex_lock(&local->mtx);
753 ieee80211_vif_release_channel(sdata);
754 mutex_unlock(&local->mtx);
755}
756
757static void ieee80211_csa_connection_drop_work(struct work_struct *work)
758{
759 struct ieee80211_sub_if_data *sdata =
760 container_of(work, struct ieee80211_sub_if_data,
761 u.ibss.csa_connection_drop_work);
762
763 sdata_lock(sdata);
764
765 ieee80211_ibss_disconnect(sdata);
766 synchronize_rcu();
767 skb_queue_purge(&sdata->skb_queue);
768
769
770 ieee80211_queue_work(&sdata->local->hw, &sdata->work);
771
772 sdata_unlock(sdata);
773}
774
775static void ieee80211_ibss_csa_mark_radar(struct ieee80211_sub_if_data *sdata)
776{
777 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
778 int err;
779
780
781
782
783 err = cfg80211_chandef_dfs_required(sdata->local->hw.wiphy,
784 &ifibss->chandef);
785 if (err > 0)
786 cfg80211_radar_event(sdata->local->hw.wiphy, &ifibss->chandef,
787 GFP_ATOMIC);
788}
789
790static bool
791ieee80211_ibss_process_chanswitch(struct ieee80211_sub_if_data *sdata,
792 struct ieee802_11_elems *elems,
793 bool beacon)
794{
795 struct cfg80211_csa_settings params;
796 struct ieee80211_csa_ie csa_ie;
797 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
798 enum nl80211_channel_type ch_type;
799 int err;
800 u32 sta_flags;
801
802 sta_flags = IEEE80211_STA_DISABLE_VHT;
803 switch (ifibss->chandef.width) {
804 case NL80211_CHAN_WIDTH_5:
805 case NL80211_CHAN_WIDTH_10:
806 case NL80211_CHAN_WIDTH_20_NOHT:
807 sta_flags |= IEEE80211_STA_DISABLE_HT;
808
809 case NL80211_CHAN_WIDTH_20:
810 sta_flags |= IEEE80211_STA_DISABLE_40MHZ;
811 break;
812 default:
813 break;
814 }
815
816 memset(¶ms, 0, sizeof(params));
817 memset(&csa_ie, 0, sizeof(csa_ie));
818 err = ieee80211_parse_ch_switch_ie(sdata, elems, beacon,
819 ifibss->chandef.chan->band,
820 sta_flags, ifibss->bssid, &csa_ie);
821
822 if (err < 0)
823 goto disconnect;
824
825
826 if (err)
827 return false;
828
829
830 if (!(sdata->local->hw.wiphy->flags & WIPHY_FLAG_HAS_CHANNEL_SWITCH))
831 goto disconnect;
832
833 params.count = csa_ie.count;
834 params.chandef = csa_ie.chandef;
835
836 switch (ifibss->chandef.width) {
837 case NL80211_CHAN_WIDTH_20_NOHT:
838 case NL80211_CHAN_WIDTH_20:
839 case NL80211_CHAN_WIDTH_40:
840
841
842
843
844
845 ch_type = cfg80211_get_chandef_type(&ifibss->chandef);
846 cfg80211_chandef_create(¶ms.chandef, params.chandef.chan,
847 ch_type);
848 break;
849 case NL80211_CHAN_WIDTH_5:
850 case NL80211_CHAN_WIDTH_10:
851 if (params.chandef.width != ifibss->chandef.width) {
852 sdata_info(sdata,
853 "IBSS %pM received channel switch from incompatible channel width (%d MHz, width:%d, CF1/2: %d/%d MHz), disconnecting\n",
854 ifibss->bssid,
855 params.chandef.chan->center_freq,
856 params.chandef.width,
857 params.chandef.center_freq1,
858 params.chandef.center_freq2);
859 goto disconnect;
860 }
861 break;
862 default:
863
864 WARN_ON(1);
865 goto disconnect;
866 }
867
868 if (!cfg80211_reg_can_beacon(sdata->local->hw.wiphy, ¶ms.chandef)) {
869 sdata_info(sdata,
870 "IBSS %pM switches to unsupported channel (%d MHz, width:%d, CF1/2: %d/%d MHz), disconnecting\n",
871 ifibss->bssid,
872 params.chandef.chan->center_freq,
873 params.chandef.width,
874 params.chandef.center_freq1,
875 params.chandef.center_freq2);
876 goto disconnect;
877 }
878
879 err = cfg80211_chandef_dfs_required(sdata->local->hw.wiphy,
880 ¶ms.chandef);
881 if (err < 0)
882 goto disconnect;
883 if (err) {
884
885 if (!ifibss->userspace_handles_dfs)
886 goto disconnect;
887
888 params.radar_required = true;
889 }
890
891 if (cfg80211_chandef_identical(¶ms.chandef,
892 &sdata->vif.bss_conf.chandef)) {
893 ibss_dbg(sdata,
894 "received csa with an identical chandef, ignoring\n");
895 return true;
896 }
897
898
899 ibss_dbg(sdata,
900 "received channel switch announcement to go to channel %d MHz\n",
901 params.chandef.chan->center_freq);
902
903 params.block_tx = !!csa_ie.mode;
904
905 if (ieee80211_channel_switch(sdata->local->hw.wiphy, sdata->dev,
906 ¶ms))
907 goto disconnect;
908
909 ieee80211_ibss_csa_mark_radar(sdata);
910
911 return true;
912disconnect:
913 ibss_dbg(sdata, "Can't handle channel switch, disconnect\n");
914 ieee80211_queue_work(&sdata->local->hw,
915 &ifibss->csa_connection_drop_work);
916
917 ieee80211_ibss_csa_mark_radar(sdata);
918
919 return true;
920}
921
922static void
923ieee80211_rx_mgmt_spectrum_mgmt(struct ieee80211_sub_if_data *sdata,
924 struct ieee80211_mgmt *mgmt, size_t len,
925 struct ieee80211_rx_status *rx_status,
926 struct ieee802_11_elems *elems)
927{
928 int required_len;
929
930 if (len < IEEE80211_MIN_ACTION_SIZE + 1)
931 return;
932
933
934 if (mgmt->u.action.u.measurement.action_code !=
935 WLAN_ACTION_SPCT_CHL_SWITCH)
936 return;
937
938 required_len = IEEE80211_MIN_ACTION_SIZE +
939 sizeof(mgmt->u.action.u.chan_switch);
940 if (len < required_len)
941 return;
942
943 if (!sdata->vif.csa_active)
944 ieee80211_ibss_process_chanswitch(sdata, elems, false);
945}
946
947static void ieee80211_rx_mgmt_deauth_ibss(struct ieee80211_sub_if_data *sdata,
948 struct ieee80211_mgmt *mgmt,
949 size_t len)
950{
951 u16 reason = le16_to_cpu(mgmt->u.deauth.reason_code);
952
953 if (len < IEEE80211_DEAUTH_FRAME_LEN)
954 return;
955
956 ibss_dbg(sdata, "RX DeAuth SA=%pM DA=%pM BSSID=%pM (reason: %d)\n",
957 mgmt->sa, mgmt->da, mgmt->bssid, reason);
958 sta_info_destroy_addr(sdata, mgmt->sa);
959}
960
961static void ieee80211_rx_mgmt_auth_ibss(struct ieee80211_sub_if_data *sdata,
962 struct ieee80211_mgmt *mgmt,
963 size_t len)
964{
965 u16 auth_alg, auth_transaction;
966
967 sdata_assert_lock(sdata);
968
969 if (len < 24 + 6)
970 return;
971
972 auth_alg = le16_to_cpu(mgmt->u.auth.auth_alg);
973 auth_transaction = le16_to_cpu(mgmt->u.auth.auth_transaction);
974
975 ibss_dbg(sdata,
976 "RX Auth SA=%pM DA=%pM BSSID=%pM (auth_transaction=%d)\n",
977 mgmt->sa, mgmt->da, mgmt->bssid, auth_transaction);
978
979 if (auth_alg != WLAN_AUTH_OPEN || auth_transaction != 1)
980 return;
981
982
983
984
985
986
987
988 ieee80211_send_auth(sdata, 2, WLAN_AUTH_OPEN, 0, NULL, 0,
989 mgmt->sa, sdata->u.ibss.bssid, NULL, 0, 0, 0);
990}
991
992static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata,
993 struct ieee80211_mgmt *mgmt, size_t len,
994 struct ieee80211_rx_status *rx_status,
995 struct ieee802_11_elems *elems)
996{
997 struct ieee80211_local *local = sdata->local;
998 int freq;
999 struct cfg80211_bss *cbss;
1000 struct ieee80211_bss *bss;
1001 struct sta_info *sta;
1002 struct ieee80211_channel *channel;
1003 u64 beacon_timestamp, rx_timestamp;
1004 u32 supp_rates = 0;
1005 enum ieee80211_band band = rx_status->band;
1006 enum nl80211_bss_scan_width scan_width;
1007 struct ieee80211_supported_band *sband = local->hw.wiphy->bands[band];
1008 bool rates_updated = false;
1009
1010 if (elems->ds_params)
1011 freq = ieee80211_channel_to_frequency(elems->ds_params[0],
1012 band);
1013 else
1014 freq = rx_status->freq;
1015
1016 channel = ieee80211_get_channel(local->hw.wiphy, freq);
1017
1018 if (!channel || channel->flags & IEEE80211_CHAN_DISABLED)
1019 return;
1020
1021 if (sdata->vif.type == NL80211_IFTYPE_ADHOC &&
1022 ether_addr_equal(mgmt->bssid, sdata->u.ibss.bssid)) {
1023
1024 rcu_read_lock();
1025 sta = sta_info_get(sdata, mgmt->sa);
1026
1027 if (elems->supp_rates) {
1028 supp_rates = ieee80211_sta_get_rates(sdata, elems,
1029 band, NULL);
1030 if (sta) {
1031 u32 prev_rates;
1032
1033 prev_rates = sta->sta.supp_rates[band];
1034
1035 scan_width = NL80211_BSS_CHAN_WIDTH_20;
1036 if (rx_status->flag & RX_FLAG_5MHZ)
1037 scan_width = NL80211_BSS_CHAN_WIDTH_5;
1038 if (rx_status->flag & RX_FLAG_10MHZ)
1039 scan_width = NL80211_BSS_CHAN_WIDTH_10;
1040
1041 sta->sta.supp_rates[band] = supp_rates |
1042 ieee80211_mandatory_rates(sband,
1043 scan_width);
1044 if (sta->sta.supp_rates[band] != prev_rates) {
1045 ibss_dbg(sdata,
1046 "updated supp_rates set for %pM based on beacon/probe_resp (0x%x -> 0x%x)\n",
1047 sta->sta.addr, prev_rates,
1048 sta->sta.supp_rates[band]);
1049 rates_updated = true;
1050 }
1051 } else {
1052 rcu_read_unlock();
1053 sta = ieee80211_ibss_add_sta(sdata, mgmt->bssid,
1054 mgmt->sa, supp_rates);
1055 }
1056 }
1057
1058 if (sta && elems->wmm_info)
1059 set_sta_flag(sta, WLAN_STA_WME);
1060
1061 if (sta && elems->ht_operation && elems->ht_cap_elem &&
1062 sdata->u.ibss.chandef.width != NL80211_CHAN_WIDTH_20_NOHT &&
1063 sdata->u.ibss.chandef.width != NL80211_CHAN_WIDTH_5 &&
1064 sdata->u.ibss.chandef.width != NL80211_CHAN_WIDTH_10) {
1065
1066 struct ieee80211_ht_cap htcap_ie;
1067 struct cfg80211_chan_def chandef;
1068
1069 ieee80211_ht_oper_to_chandef(channel,
1070 elems->ht_operation,
1071 &chandef);
1072
1073 memcpy(&htcap_ie, elems->ht_cap_elem, sizeof(htcap_ie));
1074
1075
1076
1077
1078
1079 if (chandef.center_freq1 !=
1080 sdata->u.ibss.chandef.center_freq1)
1081 htcap_ie.cap_info &=
1082 cpu_to_le16(~IEEE80211_HT_CAP_SUP_WIDTH_20_40);
1083
1084 rates_updated |= ieee80211_ht_cap_ie_to_sta_ht_cap(
1085 sdata, sband, &htcap_ie, sta);
1086 }
1087
1088 if (sta && rates_updated) {
1089 drv_sta_rc_update(local, sdata, &sta->sta,
1090 IEEE80211_RC_SUPP_RATES_CHANGED);
1091 rate_control_rate_init(sta);
1092 }
1093
1094 rcu_read_unlock();
1095 }
1096
1097 bss = ieee80211_bss_info_update(local, rx_status, mgmt, len, elems,
1098 channel);
1099 if (!bss)
1100 return;
1101
1102 cbss = container_of((void *)bss, struct cfg80211_bss, priv);
1103
1104
1105 beacon_timestamp = le64_to_cpu(mgmt->u.beacon.timestamp);
1106
1107
1108
1109
1110 if (!(cbss->capability & WLAN_CAPABILITY_IBSS))
1111 goto put_bss;
1112
1113
1114 if (sdata->u.ibss.fixed_channel &&
1115 sdata->u.ibss.chandef.chan != cbss->channel)
1116 goto put_bss;
1117
1118
1119 if (elems->ssid_len != sdata->u.ibss.ssid_len ||
1120 memcmp(elems->ssid, sdata->u.ibss.ssid,
1121 sdata->u.ibss.ssid_len))
1122 goto put_bss;
1123
1124
1125 if (sdata->vif.csa_active ||
1126 ieee80211_ibss_process_chanswitch(sdata, elems, true))
1127 goto put_bss;
1128
1129
1130 if (ether_addr_equal(cbss->bssid, sdata->u.ibss.bssid))
1131 goto put_bss;
1132
1133
1134 if (sdata->u.ibss.fixed_bssid)
1135 goto put_bss;
1136
1137 if (ieee80211_have_rx_timestamp(rx_status)) {
1138
1139 rx_timestamp =
1140 ieee80211_calculate_rx_timestamp(local, rx_status,
1141 len + FCS_LEN, 24);
1142 } else {
1143
1144
1145
1146
1147 rx_timestamp = drv_get_tsf(local, sdata);
1148 }
1149
1150 ibss_dbg(sdata,
1151 "RX beacon SA=%pM BSSID=%pM TSF=0x%llx BCN=0x%llx diff=%lld @%lu\n",
1152 mgmt->sa, mgmt->bssid,
1153 (unsigned long long)rx_timestamp,
1154 (unsigned long long)beacon_timestamp,
1155 (unsigned long long)(rx_timestamp - beacon_timestamp),
1156 jiffies);
1157
1158 if (beacon_timestamp > rx_timestamp) {
1159 ibss_dbg(sdata,
1160 "beacon TSF higher than local TSF - IBSS merge with BSSID %pM\n",
1161 mgmt->bssid);
1162 ieee80211_sta_join_ibss(sdata, bss);
1163 supp_rates = ieee80211_sta_get_rates(sdata, elems, band, NULL);
1164 ieee80211_ibss_add_sta(sdata, mgmt->bssid, mgmt->sa,
1165 supp_rates);
1166 rcu_read_unlock();
1167 }
1168
1169 put_bss:
1170 ieee80211_rx_bss_put(local, bss);
1171}
1172
1173void ieee80211_ibss_rx_no_sta(struct ieee80211_sub_if_data *sdata,
1174 const u8 *bssid, const u8 *addr,
1175 u32 supp_rates)
1176{
1177 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
1178 struct ieee80211_local *local = sdata->local;
1179 struct sta_info *sta;
1180 struct ieee80211_chanctx_conf *chanctx_conf;
1181 struct ieee80211_supported_band *sband;
1182 enum nl80211_bss_scan_width scan_width;
1183 int band;
1184
1185
1186
1187
1188
1189 if (local->num_sta >= IEEE80211_IBSS_MAX_STA_ENTRIES) {
1190 net_info_ratelimited("%s: No room for a new IBSS STA entry %pM\n",
1191 sdata->name, addr);
1192 return;
1193 }
1194
1195 if (ifibss->state == IEEE80211_IBSS_MLME_SEARCH)
1196 return;
1197
1198 if (!ether_addr_equal(bssid, sdata->u.ibss.bssid))
1199 return;
1200
1201 rcu_read_lock();
1202 chanctx_conf = rcu_dereference(sdata->vif.chanctx_conf);
1203 if (WARN_ON_ONCE(!chanctx_conf)) {
1204 rcu_read_unlock();
1205 return;
1206 }
1207 band = chanctx_conf->def.chan->band;
1208 scan_width = cfg80211_chandef_to_scan_width(&chanctx_conf->def);
1209 rcu_read_unlock();
1210
1211 sta = sta_info_alloc(sdata, addr, GFP_ATOMIC);
1212 if (!sta)
1213 return;
1214
1215 sta->last_rx = jiffies;
1216
1217
1218 sband = local->hw.wiphy->bands[band];
1219 sta->sta.supp_rates[band] = supp_rates |
1220 ieee80211_mandatory_rates(sband, scan_width);
1221
1222 spin_lock(&ifibss->incomplete_lock);
1223 list_add(&sta->list, &ifibss->incomplete_stations);
1224 spin_unlock(&ifibss->incomplete_lock);
1225 ieee80211_queue_work(&local->hw, &sdata->work);
1226}
1227
1228static void ieee80211_ibss_sta_expire(struct ieee80211_sub_if_data *sdata)
1229{
1230 struct ieee80211_local *local = sdata->local;
1231 struct sta_info *sta, *tmp;
1232 unsigned long exp_time = IEEE80211_IBSS_INACTIVITY_LIMIT;
1233 unsigned long exp_rsn_time = IEEE80211_IBSS_RSN_INACTIVITY_LIMIT;
1234
1235 mutex_lock(&local->sta_mtx);
1236
1237 list_for_each_entry_safe(sta, tmp, &local->sta_list, list) {
1238 if (sdata != sta->sdata)
1239 continue;
1240
1241 if (time_after(jiffies, sta->last_rx + exp_time) ||
1242 (time_after(jiffies, sta->last_rx + exp_rsn_time) &&
1243 sta->sta_state != IEEE80211_STA_AUTHORIZED)) {
1244 sta_dbg(sta->sdata, "expiring inactive %sSTA %pM\n",
1245 sta->sta_state != IEEE80211_STA_AUTHORIZED ?
1246 "not authorized " : "", sta->sta.addr);
1247
1248 WARN_ON(__sta_info_destroy(sta));
1249 }
1250 }
1251
1252 mutex_unlock(&local->sta_mtx);
1253}
1254
1255
1256
1257
1258
1259static void ieee80211_sta_merge_ibss(struct ieee80211_sub_if_data *sdata)
1260{
1261 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
1262 enum nl80211_bss_scan_width scan_width;
1263
1264 sdata_assert_lock(sdata);
1265
1266 mod_timer(&ifibss->timer,
1267 round_jiffies(jiffies + IEEE80211_IBSS_MERGE_INTERVAL));
1268
1269 ieee80211_ibss_sta_expire(sdata);
1270
1271 if (time_before(jiffies, ifibss->last_scan_completed +
1272 IEEE80211_IBSS_MERGE_INTERVAL))
1273 return;
1274
1275 if (ieee80211_sta_active_ibss(sdata))
1276 return;
1277
1278 if (ifibss->fixed_channel)
1279 return;
1280
1281 sdata_info(sdata,
1282 "No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)\n");
1283
1284 scan_width = cfg80211_chandef_to_scan_width(&ifibss->chandef);
1285 ieee80211_request_ibss_scan(sdata, ifibss->ssid, ifibss->ssid_len,
1286 NULL, scan_width);
1287}
1288
1289static void ieee80211_sta_create_ibss(struct ieee80211_sub_if_data *sdata)
1290{
1291 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
1292 u8 bssid[ETH_ALEN];
1293 u16 capability;
1294 int i;
1295
1296 sdata_assert_lock(sdata);
1297
1298 if (ifibss->fixed_bssid) {
1299 memcpy(bssid, ifibss->bssid, ETH_ALEN);
1300 } else {
1301
1302
1303
1304 get_random_bytes(bssid, ETH_ALEN);
1305 for (i = 0; i < ETH_ALEN; i++)
1306 bssid[i] ^= sdata->vif.addr[i];
1307 bssid[0] &= ~0x01;
1308 bssid[0] |= 0x02;
1309 }
1310
1311 sdata_info(sdata, "Creating new IBSS network, BSSID %pM\n", bssid);
1312
1313 capability = WLAN_CAPABILITY_IBSS;
1314
1315 if (ifibss->privacy)
1316 capability |= WLAN_CAPABILITY_PRIVACY;
1317 else
1318 sdata->drop_unencrypted = 0;
1319
1320 __ieee80211_sta_join_ibss(sdata, bssid, sdata->vif.bss_conf.beacon_int,
1321 &ifibss->chandef, ifibss->basic_rates,
1322 capability, 0, true);
1323}
1324
1325
1326
1327
1328
1329static void ieee80211_sta_find_ibss(struct ieee80211_sub_if_data *sdata)
1330{
1331 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
1332 struct ieee80211_local *local = sdata->local;
1333 struct cfg80211_bss *cbss;
1334 struct ieee80211_channel *chan = NULL;
1335 const u8 *bssid = NULL;
1336 enum nl80211_bss_scan_width scan_width;
1337 int active_ibss;
1338 u16 capability;
1339
1340 sdata_assert_lock(sdata);
1341
1342 active_ibss = ieee80211_sta_active_ibss(sdata);
1343 ibss_dbg(sdata, "sta_find_ibss (active_ibss=%d)\n", active_ibss);
1344
1345 if (active_ibss)
1346 return;
1347
1348 capability = WLAN_CAPABILITY_IBSS;
1349 if (ifibss->privacy)
1350 capability |= WLAN_CAPABILITY_PRIVACY;
1351 if (ifibss->fixed_bssid)
1352 bssid = ifibss->bssid;
1353 if (ifibss->fixed_channel)
1354 chan = ifibss->chandef.chan;
1355 if (!is_zero_ether_addr(ifibss->bssid))
1356 bssid = ifibss->bssid;
1357 cbss = cfg80211_get_bss(local->hw.wiphy, chan, bssid,
1358 ifibss->ssid, ifibss->ssid_len,
1359 WLAN_CAPABILITY_IBSS | WLAN_CAPABILITY_PRIVACY,
1360 capability);
1361
1362 if (cbss) {
1363 struct ieee80211_bss *bss;
1364
1365 bss = (void *)cbss->priv;
1366 ibss_dbg(sdata,
1367 "sta_find_ibss: selected %pM current %pM\n",
1368 cbss->bssid, ifibss->bssid);
1369 sdata_info(sdata,
1370 "Selected IBSS BSSID %pM based on configured SSID\n",
1371 cbss->bssid);
1372
1373 ieee80211_sta_join_ibss(sdata, bss);
1374 ieee80211_rx_bss_put(local, bss);
1375 return;
1376 }
1377
1378
1379
1380
1381 if (ifibss->fixed_bssid && ifibss->fixed_channel) {
1382 sdata_info(sdata, "Created IBSS using preconfigured BSSID %pM\n",
1383 bssid);
1384 ieee80211_sta_create_ibss(sdata);
1385 return;
1386 }
1387
1388
1389 ibss_dbg(sdata, "sta_find_ibss: did not try to join ibss\n");
1390
1391
1392 if (time_after(jiffies, ifibss->last_scan_completed +
1393 IEEE80211_SCAN_INTERVAL)) {
1394 sdata_info(sdata, "Trigger new scan to find an IBSS to join\n");
1395
1396 scan_width = cfg80211_chandef_to_scan_width(&ifibss->chandef);
1397 ieee80211_request_ibss_scan(sdata, ifibss->ssid,
1398 ifibss->ssid_len, chan,
1399 scan_width);
1400 } else {
1401 int interval = IEEE80211_SCAN_INTERVAL;
1402
1403 if (time_after(jiffies, ifibss->ibss_join_req +
1404 IEEE80211_IBSS_JOIN_TIMEOUT))
1405 ieee80211_sta_create_ibss(sdata);
1406
1407 mod_timer(&ifibss->timer,
1408 round_jiffies(jiffies + interval));
1409 }
1410}
1411
1412static void ieee80211_rx_mgmt_probe_req(struct ieee80211_sub_if_data *sdata,
1413 struct sk_buff *req)
1414{
1415 struct ieee80211_mgmt *mgmt = (void *)req->data;
1416 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
1417 struct ieee80211_local *local = sdata->local;
1418 int tx_last_beacon, len = req->len;
1419 struct sk_buff *skb;
1420 struct beacon_data *presp;
1421 u8 *pos, *end;
1422
1423 sdata_assert_lock(sdata);
1424
1425 presp = rcu_dereference_protected(ifibss->presp,
1426 lockdep_is_held(&sdata->wdev.mtx));
1427
1428 if (ifibss->state != IEEE80211_IBSS_MLME_JOINED ||
1429 len < 24 + 2 || !presp)
1430 return;
1431
1432 tx_last_beacon = drv_tx_last_beacon(local);
1433
1434 ibss_dbg(sdata,
1435 "RX ProbeReq SA=%pM DA=%pM BSSID=%pM (tx_last_beacon=%d)\n",
1436 mgmt->sa, mgmt->da, mgmt->bssid, tx_last_beacon);
1437
1438 if (!tx_last_beacon && is_multicast_ether_addr(mgmt->da))
1439 return;
1440
1441 if (!ether_addr_equal(mgmt->bssid, ifibss->bssid) &&
1442 !is_broadcast_ether_addr(mgmt->bssid))
1443 return;
1444
1445 end = ((u8 *) mgmt) + len;
1446 pos = mgmt->u.probe_req.variable;
1447 if (pos[0] != WLAN_EID_SSID ||
1448 pos + 2 + pos[1] > end) {
1449 ibss_dbg(sdata, "Invalid SSID IE in ProbeReq from %pM\n",
1450 mgmt->sa);
1451 return;
1452 }
1453 if (pos[1] != 0 &&
1454 (pos[1] != ifibss->ssid_len ||
1455 memcmp(pos + 2, ifibss->ssid, ifibss->ssid_len))) {
1456
1457 return;
1458 }
1459
1460
1461 skb = dev_alloc_skb(local->tx_headroom + presp->head_len);
1462 if (!skb)
1463 return;
1464
1465 skb_reserve(skb, local->tx_headroom);
1466 memcpy(skb_put(skb, presp->head_len), presp->head, presp->head_len);
1467
1468 memcpy(((struct ieee80211_mgmt *) skb->data)->da, mgmt->sa, ETH_ALEN);
1469 ibss_dbg(sdata, "Sending ProbeResp to %pM\n", mgmt->sa);
1470 IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT;
1471 ieee80211_tx_skb(sdata, skb);
1472}
1473
1474static
1475void ieee80211_rx_mgmt_probe_beacon(struct ieee80211_sub_if_data *sdata,
1476 struct ieee80211_mgmt *mgmt, size_t len,
1477 struct ieee80211_rx_status *rx_status)
1478{
1479 size_t baselen;
1480 struct ieee802_11_elems elems;
1481
1482 BUILD_BUG_ON(offsetof(typeof(mgmt->u.probe_resp), variable) !=
1483 offsetof(typeof(mgmt->u.beacon), variable));
1484
1485
1486
1487
1488
1489 baselen = (u8 *) mgmt->u.probe_resp.variable - (u8 *) mgmt;
1490 if (baselen > len)
1491 return;
1492
1493 ieee802_11_parse_elems(mgmt->u.probe_resp.variable, len - baselen,
1494 false, &elems);
1495
1496 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems);
1497}
1498
1499void ieee80211_ibss_rx_queued_mgmt(struct ieee80211_sub_if_data *sdata,
1500 struct sk_buff *skb)
1501{
1502 struct ieee80211_rx_status *rx_status;
1503 struct ieee80211_mgmt *mgmt;
1504 u16 fc;
1505 struct ieee802_11_elems elems;
1506 int ies_len;
1507
1508 rx_status = IEEE80211_SKB_RXCB(skb);
1509 mgmt = (struct ieee80211_mgmt *) skb->data;
1510 fc = le16_to_cpu(mgmt->frame_control);
1511
1512 sdata_lock(sdata);
1513
1514 if (!sdata->u.ibss.ssid_len)
1515 goto mgmt_out;
1516
1517 switch (fc & IEEE80211_FCTL_STYPE) {
1518 case IEEE80211_STYPE_PROBE_REQ:
1519 ieee80211_rx_mgmt_probe_req(sdata, skb);
1520 break;
1521 case IEEE80211_STYPE_PROBE_RESP:
1522 case IEEE80211_STYPE_BEACON:
1523 ieee80211_rx_mgmt_probe_beacon(sdata, mgmt, skb->len,
1524 rx_status);
1525 break;
1526 case IEEE80211_STYPE_AUTH:
1527 ieee80211_rx_mgmt_auth_ibss(sdata, mgmt, skb->len);
1528 break;
1529 case IEEE80211_STYPE_DEAUTH:
1530 ieee80211_rx_mgmt_deauth_ibss(sdata, mgmt, skb->len);
1531 break;
1532 case IEEE80211_STYPE_ACTION:
1533 switch (mgmt->u.action.category) {
1534 case WLAN_CATEGORY_SPECTRUM_MGMT:
1535 ies_len = skb->len -
1536 offsetof(struct ieee80211_mgmt,
1537 u.action.u.chan_switch.variable);
1538
1539 if (ies_len < 0)
1540 break;
1541
1542 ieee802_11_parse_elems(
1543 mgmt->u.action.u.chan_switch.variable,
1544 ies_len, true, &elems);
1545
1546 if (elems.parse_error)
1547 break;
1548
1549 ieee80211_rx_mgmt_spectrum_mgmt(sdata, mgmt, skb->len,
1550 rx_status, &elems);
1551 break;
1552 }
1553 }
1554
1555 mgmt_out:
1556 sdata_unlock(sdata);
1557}
1558
1559void ieee80211_ibss_work(struct ieee80211_sub_if_data *sdata)
1560{
1561 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
1562 struct sta_info *sta;
1563
1564 sdata_lock(sdata);
1565
1566
1567
1568
1569
1570
1571 if (!ifibss->ssid_len)
1572 goto out;
1573
1574 spin_lock_bh(&ifibss->incomplete_lock);
1575 while (!list_empty(&ifibss->incomplete_stations)) {
1576 sta = list_first_entry(&ifibss->incomplete_stations,
1577 struct sta_info, list);
1578 list_del(&sta->list);
1579 spin_unlock_bh(&ifibss->incomplete_lock);
1580
1581 ieee80211_ibss_finish_sta(sta);
1582 rcu_read_unlock();
1583 spin_lock_bh(&ifibss->incomplete_lock);
1584 }
1585 spin_unlock_bh(&ifibss->incomplete_lock);
1586
1587 switch (ifibss->state) {
1588 case IEEE80211_IBSS_MLME_SEARCH:
1589 ieee80211_sta_find_ibss(sdata);
1590 break;
1591 case IEEE80211_IBSS_MLME_JOINED:
1592 ieee80211_sta_merge_ibss(sdata);
1593 break;
1594 default:
1595 WARN_ON(1);
1596 break;
1597 }
1598
1599 out:
1600 sdata_unlock(sdata);
1601}
1602
1603static void ieee80211_ibss_timer(unsigned long data)
1604{
1605 struct ieee80211_sub_if_data *sdata =
1606 (struct ieee80211_sub_if_data *) data;
1607
1608 ieee80211_queue_work(&sdata->local->hw, &sdata->work);
1609}
1610
1611void ieee80211_ibss_setup_sdata(struct ieee80211_sub_if_data *sdata)
1612{
1613 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
1614
1615 setup_timer(&ifibss->timer, ieee80211_ibss_timer,
1616 (unsigned long) sdata);
1617 INIT_LIST_HEAD(&ifibss->incomplete_stations);
1618 spin_lock_init(&ifibss->incomplete_lock);
1619 INIT_WORK(&ifibss->csa_connection_drop_work,
1620 ieee80211_csa_connection_drop_work);
1621}
1622
1623
1624void ieee80211_ibss_notify_scan_completed(struct ieee80211_local *local)
1625{
1626 struct ieee80211_sub_if_data *sdata;
1627
1628 mutex_lock(&local->iflist_mtx);
1629 list_for_each_entry(sdata, &local->interfaces, list) {
1630 if (!ieee80211_sdata_running(sdata))
1631 continue;
1632 if (sdata->vif.type != NL80211_IFTYPE_ADHOC)
1633 continue;
1634 sdata->u.ibss.last_scan_completed = jiffies;
1635 ieee80211_queue_work(&local->hw, &sdata->work);
1636 }
1637 mutex_unlock(&local->iflist_mtx);
1638}
1639
1640int ieee80211_ibss_join(struct ieee80211_sub_if_data *sdata,
1641 struct cfg80211_ibss_params *params)
1642{
1643 u32 changed = 0;
1644 u32 rate_flags;
1645 struct ieee80211_supported_band *sband;
1646 int i;
1647
1648 if (params->bssid) {
1649 memcpy(sdata->u.ibss.bssid, params->bssid, ETH_ALEN);
1650 sdata->u.ibss.fixed_bssid = true;
1651 } else
1652 sdata->u.ibss.fixed_bssid = false;
1653
1654 sdata->u.ibss.privacy = params->privacy;
1655 sdata->u.ibss.control_port = params->control_port;
1656 sdata->u.ibss.userspace_handles_dfs = params->userspace_handles_dfs;
1657 sdata->u.ibss.basic_rates = params->basic_rates;
1658
1659
1660 rate_flags = ieee80211_chandef_rate_flags(¶ms->chandef);
1661 sband = sdata->local->hw.wiphy->bands[params->chandef.chan->band];
1662 for (i = 0; i < sband->n_bitrates; i++) {
1663 if ((rate_flags & sband->bitrates[i].flags) != rate_flags)
1664 sdata->u.ibss.basic_rates &= ~BIT(i);
1665 }
1666 memcpy(sdata->vif.bss_conf.mcast_rate, params->mcast_rate,
1667 sizeof(params->mcast_rate));
1668
1669 sdata->vif.bss_conf.beacon_int = params->beacon_interval;
1670
1671 sdata->u.ibss.chandef = params->chandef;
1672 sdata->u.ibss.fixed_channel = params->channel_fixed;
1673
1674 if (params->ie) {
1675 sdata->u.ibss.ie = kmemdup(params->ie, params->ie_len,
1676 GFP_KERNEL);
1677 if (sdata->u.ibss.ie)
1678 sdata->u.ibss.ie_len = params->ie_len;
1679 }
1680
1681 sdata->u.ibss.state = IEEE80211_IBSS_MLME_SEARCH;
1682 sdata->u.ibss.ibss_join_req = jiffies;
1683
1684 memcpy(sdata->u.ibss.ssid, params->ssid, params->ssid_len);
1685 sdata->u.ibss.ssid_len = params->ssid_len;
1686
1687 memcpy(&sdata->u.ibss.ht_capa, ¶ms->ht_capa,
1688 sizeof(sdata->u.ibss.ht_capa));
1689 memcpy(&sdata->u.ibss.ht_capa_mask, ¶ms->ht_capa_mask,
1690 sizeof(sdata->u.ibss.ht_capa_mask));
1691
1692
1693
1694
1695
1696
1697
1698
1699
1700
1701
1702 sdata->vif.bss_conf.ht_operation_mode |=
1703 IEEE80211_HT_OP_MODE_PROTECTION_NONHT_MIXED
1704 | IEEE80211_HT_PARAM_RIFS_MODE;
1705
1706 changed |= BSS_CHANGED_HT;
1707 ieee80211_bss_info_change_notify(sdata, changed);
1708
1709 sdata->smps_mode = IEEE80211_SMPS_OFF;
1710 sdata->needed_rx_chains = sdata->local->rx_chains;
1711
1712 ieee80211_queue_work(&sdata->local->hw, &sdata->work);
1713
1714 return 0;
1715}
1716
1717int ieee80211_ibss_leave(struct ieee80211_sub_if_data *sdata)
1718{
1719 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
1720
1721 ieee80211_ibss_disconnect(sdata);
1722 ifibss->ssid_len = 0;
1723 memset(ifibss->bssid, 0, ETH_ALEN);
1724
1725
1726 kfree(sdata->u.ibss.ie);
1727
1728
1729 memset(&ifibss->ht_capa, 0, sizeof(ifibss->ht_capa));
1730 memset(&ifibss->ht_capa_mask, 0, sizeof(ifibss->ht_capa_mask));
1731
1732 synchronize_rcu();
1733
1734 skb_queue_purge(&sdata->skb_queue);
1735
1736 del_timer_sync(&sdata->u.ibss.timer);
1737
1738 return 0;
1739}
1740
