1
2
3
4
5
6
7
8
9
10
11
12
13
14
15#include <linux/delay.h>
16#include <linux/slab.h>
17#include <linux/if_ether.h>
18#include <linux/skbuff.h>
19#include <linux/if_arp.h>
20#include <linux/etherdevice.h>
21#include <linux/rtnetlink.h>
22#include <net/mac80211.h>
23
24#include "ieee80211_i.h"
25#include "driver-ops.h"
26#include "rate.h"
27
28#define IEEE80211_SCAN_INTERVAL (2 * HZ)
29#define IEEE80211_IBSS_JOIN_TIMEOUT (7 * HZ)
30
31#define IEEE80211_IBSS_MERGE_INTERVAL (30 * HZ)
32#define IEEE80211_IBSS_INACTIVITY_LIMIT (60 * HZ)
33#define IEEE80211_IBSS_RSN_INACTIVITY_LIMIT (10 * HZ)
34
35#define IEEE80211_IBSS_MAX_STA_ENTRIES 128
36
37static struct beacon_data *
38ieee80211_ibss_build_presp(struct ieee80211_sub_if_data *sdata,
39 const int beacon_int, const u32 basic_rates,
40 const u16 capability, u64 tsf,
41 struct cfg80211_chan_def *chandef,
42 bool *have_higher_than_11mbit,
43 struct cfg80211_csa_settings *csa_settings)
44{
45 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
46 struct ieee80211_local *local = sdata->local;
47 int rates_n = 0, i, ri;
48 struct ieee80211_mgmt *mgmt;
49 u8 *pos;
50 struct ieee80211_supported_band *sband;
51 u32 rate_flags, rates = 0, rates_added = 0;
52 struct beacon_data *presp;
53 int frame_len;
54 int shift;
55
56
57 frame_len = sizeof(struct ieee80211_hdr_3addr) +
58 12 +
59 2 + IEEE80211_MAX_SSID_LEN +
60 2 + 8 +
61 3 +
62 4 +
63 5 +
64 2 + (IEEE80211_MAX_SUPP_RATES - 8) +
65 2 + sizeof(struct ieee80211_ht_cap) +
66 2 + sizeof(struct ieee80211_ht_operation) +
67 ifibss->ie_len;
68 presp = kzalloc(sizeof(*presp) + frame_len, GFP_KERNEL);
69 if (!presp)
70 return NULL;
71
72 presp->head = (void *)(presp + 1);
73
74 mgmt = (void *) presp->head;
75 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
76 IEEE80211_STYPE_PROBE_RESP);
77 eth_broadcast_addr(mgmt->da);
78 memcpy(mgmt->sa, sdata->vif.addr, ETH_ALEN);
79 memcpy(mgmt->bssid, ifibss->bssid, ETH_ALEN);
80 mgmt->u.beacon.beacon_int = cpu_to_le16(beacon_int);
81 mgmt->u.beacon.timestamp = cpu_to_le64(tsf);
82 mgmt->u.beacon.capab_info = cpu_to_le16(capability);
83
84 pos = (u8 *)mgmt + offsetof(struct ieee80211_mgmt, u.beacon.variable);
85
86 *pos++ = WLAN_EID_SSID;
87 *pos++ = ifibss->ssid_len;
88 memcpy(pos, ifibss->ssid, ifibss->ssid_len);
89 pos += ifibss->ssid_len;
90
91 sband = local->hw.wiphy->bands[chandef->chan->band];
92 rate_flags = ieee80211_chandef_rate_flags(chandef);
93 shift = ieee80211_chandef_get_shift(chandef);
94 rates_n = 0;
95 if (have_higher_than_11mbit)
96 *have_higher_than_11mbit = false;
97
98 for (i = 0; i < sband->n_bitrates; i++) {
99 if ((rate_flags & sband->bitrates[i].flags) != rate_flags)
100 continue;
101 if (sband->bitrates[i].bitrate > 110 &&
102 have_higher_than_11mbit)
103 *have_higher_than_11mbit = true;
104
105 rates |= BIT(i);
106 rates_n++;
107 }
108
109 *pos++ = WLAN_EID_SUPP_RATES;
110 *pos++ = min_t(int, 8, rates_n);
111 for (ri = 0; ri < sband->n_bitrates; ri++) {
112 int rate = DIV_ROUND_UP(sband->bitrates[ri].bitrate,
113 5 * (1 << shift));
114 u8 basic = 0;
115 if (!(rates & BIT(ri)))
116 continue;
117
118 if (basic_rates & BIT(ri))
119 basic = 0x80;
120 *pos++ = basic | (u8) rate;
121 if (++rates_added == 8) {
122 ri++;
123 break;
124 }
125 }
126
127 if (sband->band == IEEE80211_BAND_2GHZ) {
128 *pos++ = WLAN_EID_DS_PARAMS;
129 *pos++ = 1;
130 *pos++ = ieee80211_frequency_to_channel(
131 chandef->chan->center_freq);
132 }
133
134 *pos++ = WLAN_EID_IBSS_PARAMS;
135 *pos++ = 2;
136
137 *pos++ = 0;
138 *pos++ = 0;
139
140 if (csa_settings) {
141 *pos++ = WLAN_EID_CHANNEL_SWITCH;
142 *pos++ = 3;
143 *pos++ = csa_settings->block_tx ? 1 : 0;
144 *pos++ = ieee80211_frequency_to_channel(
145 csa_settings->chandef.chan->center_freq);
146 sdata->csa_counter_offset_beacon[0] = (pos - presp->head);
147 *pos++ = csa_settings->count;
148 }
149
150
151 if (rates_n > 8) {
152 *pos++ = WLAN_EID_EXT_SUPP_RATES;
153 *pos++ = rates_n - 8;
154 for (; ri < sband->n_bitrates; ri++) {
155 int rate = DIV_ROUND_UP(sband->bitrates[ri].bitrate,
156 5 * (1 << shift));
157 u8 basic = 0;
158 if (!(rates & BIT(ri)))
159 continue;
160
161 if (basic_rates & BIT(ri))
162 basic = 0x80;
163 *pos++ = basic | (u8) rate;
164 }
165 }
166
167 if (ifibss->ie_len) {
168 memcpy(pos, ifibss->ie, ifibss->ie_len);
169 pos += ifibss->ie_len;
170 }
171
172
173 if (chandef->width != NL80211_CHAN_WIDTH_20_NOHT &&
174 chandef->width != NL80211_CHAN_WIDTH_5 &&
175 chandef->width != NL80211_CHAN_WIDTH_10 &&
176 sband->ht_cap.ht_supported) {
177 struct ieee80211_sta_ht_cap ht_cap;
178
179 memcpy(&ht_cap, &sband->ht_cap, sizeof(ht_cap));
180 ieee80211_apply_htcap_overrides(sdata, &ht_cap);
181
182 pos = ieee80211_ie_build_ht_cap(pos, &ht_cap, ht_cap.cap);
183
184
185
186
187
188 pos = ieee80211_ie_build_ht_oper(pos, &sband->ht_cap,
189 chandef, 0);
190 }
191
192 if (local->hw.queues >= IEEE80211_NUM_ACS) {
193 *pos++ = WLAN_EID_VENDOR_SPECIFIC;
194 *pos++ = 7;
195 *pos++ = 0x00;
196 *pos++ = 0x50;
197 *pos++ = 0xf2;
198 *pos++ = 2;
199 *pos++ = 0;
200 *pos++ = 1;
201 *pos++ = 0;
202 }
203
204 presp->head_len = pos - presp->head;
205 if (WARN_ON(presp->head_len > frame_len))
206 goto error;
207
208 return presp;
209error:
210 kfree(presp);
211 return NULL;
212}
213
214static void __ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata,
215 const u8 *bssid, const int beacon_int,
216 struct cfg80211_chan_def *req_chandef,
217 const u32 basic_rates,
218 const u16 capability, u64 tsf,
219 bool creator)
220{
221 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
222 struct ieee80211_local *local = sdata->local;
223 struct ieee80211_mgmt *mgmt;
224 struct cfg80211_bss *bss;
225 u32 bss_change;
226 struct cfg80211_chan_def chandef;
227 struct ieee80211_channel *chan;
228 struct beacon_data *presp;
229 enum nl80211_bss_scan_width scan_width;
230 bool have_higher_than_11mbit;
231 bool radar_required;
232 int err;
233
234 sdata_assert_lock(sdata);
235
236
237 drv_reset_tsf(local, sdata);
238
239 if (!ether_addr_equal(ifibss->bssid, bssid))
240 sta_info_flush(sdata);
241
242
243 if (sdata->vif.bss_conf.ibss_joined) {
244 sdata->vif.bss_conf.ibss_joined = false;
245 sdata->vif.bss_conf.ibss_creator = false;
246 sdata->vif.bss_conf.enable_beacon = false;
247 netif_carrier_off(sdata->dev);
248 ieee80211_bss_info_change_notify(sdata,
249 BSS_CHANGED_IBSS |
250 BSS_CHANGED_BEACON_ENABLED);
251 drv_leave_ibss(local, sdata);
252 }
253
254 presp = rcu_dereference_protected(ifibss->presp,
255 lockdep_is_held(&sdata->wdev.mtx));
256 RCU_INIT_POINTER(ifibss->presp, NULL);
257 if (presp)
258 kfree_rcu(presp, rcu_head);
259
260 sdata->drop_unencrypted = capability & WLAN_CAPABILITY_PRIVACY ? 1 : 0;
261
262
263 chandef = *req_chandef;
264 chan = chandef.chan;
265 if (!cfg80211_reg_can_beacon(local->hw.wiphy, &chandef,
266 NL80211_IFTYPE_ADHOC)) {
267 if (chandef.width == NL80211_CHAN_WIDTH_5 ||
268 chandef.width == NL80211_CHAN_WIDTH_10 ||
269 chandef.width == NL80211_CHAN_WIDTH_20_NOHT ||
270 chandef.width == NL80211_CHAN_WIDTH_20) {
271 sdata_info(sdata,
272 "Failed to join IBSS, beacons forbidden\n");
273 return;
274 }
275 chandef.width = NL80211_CHAN_WIDTH_20;
276 chandef.center_freq1 = chan->center_freq;
277
278 if (!cfg80211_reg_can_beacon(local->hw.wiphy, &chandef,
279 NL80211_IFTYPE_ADHOC)) {
280 sdata_info(sdata,
281 "Failed to join IBSS, beacons forbidden\n");
282 return;
283 }
284 }
285
286 err = cfg80211_chandef_dfs_required(sdata->local->hw.wiphy,
287 &chandef, NL80211_IFTYPE_ADHOC);
288 if (err < 0) {
289 sdata_info(sdata,
290 "Failed to join IBSS, invalid chandef\n");
291 return;
292 }
293 if (err > 0 && !ifibss->userspace_handles_dfs) {
294 sdata_info(sdata,
295 "Failed to join IBSS, DFS channel without control program\n");
296 return;
297 }
298
299 radar_required = err;
300
301 mutex_lock(&local->mtx);
302 if (ieee80211_vif_use_channel(sdata, &chandef,
303 ifibss->fixed_channel ?
304 IEEE80211_CHANCTX_SHARED :
305 IEEE80211_CHANCTX_EXCLUSIVE)) {
306 sdata_info(sdata, "Failed to join IBSS, no channel context\n");
307 mutex_unlock(&local->mtx);
308 return;
309 }
310 sdata->radar_required = radar_required;
311 mutex_unlock(&local->mtx);
312
313 memcpy(ifibss->bssid, bssid, ETH_ALEN);
314
315 presp = ieee80211_ibss_build_presp(sdata, beacon_int, basic_rates,
316 capability, tsf, &chandef,
317 &have_higher_than_11mbit, NULL);
318 if (!presp)
319 return;
320
321 rcu_assign_pointer(ifibss->presp, presp);
322 mgmt = (void *)presp->head;
323
324 sdata->vif.bss_conf.enable_beacon = true;
325 sdata->vif.bss_conf.beacon_int = beacon_int;
326 sdata->vif.bss_conf.basic_rates = basic_rates;
327 sdata->vif.bss_conf.ssid_len = ifibss->ssid_len;
328 memcpy(sdata->vif.bss_conf.ssid, ifibss->ssid, ifibss->ssid_len);
329 bss_change = BSS_CHANGED_BEACON_INT;
330 bss_change |= ieee80211_reset_erp_info(sdata);
331 bss_change |= BSS_CHANGED_BSSID;
332 bss_change |= BSS_CHANGED_BEACON;
333 bss_change |= BSS_CHANGED_BEACON_ENABLED;
334 bss_change |= BSS_CHANGED_BASIC_RATES;
335 bss_change |= BSS_CHANGED_HT;
336 bss_change |= BSS_CHANGED_IBSS;
337 bss_change |= BSS_CHANGED_SSID;
338
339
340
341
342
343
344
345
346
347
348
349 sdata->vif.bss_conf.use_short_slot = chan->band == IEEE80211_BAND_5GHZ;
350 bss_change |= BSS_CHANGED_ERP_SLOT;
351
352
353 if (chan->band == IEEE80211_BAND_2GHZ && have_higher_than_11mbit)
354 sdata->flags |= IEEE80211_SDATA_OPERATING_GMODE;
355 else
356 sdata->flags &= ~IEEE80211_SDATA_OPERATING_GMODE;
357
358 ieee80211_set_wmm_default(sdata, true);
359
360 sdata->vif.bss_conf.ibss_joined = true;
361 sdata->vif.bss_conf.ibss_creator = creator;
362
363 err = drv_join_ibss(local, sdata);
364 if (err) {
365 sdata->vif.bss_conf.ibss_joined = false;
366 sdata->vif.bss_conf.ibss_creator = false;
367 sdata->vif.bss_conf.enable_beacon = false;
368 sdata->vif.bss_conf.ssid_len = 0;
369 RCU_INIT_POINTER(ifibss->presp, NULL);
370 kfree_rcu(presp, rcu_head);
371 mutex_lock(&local->mtx);
372 ieee80211_vif_release_channel(sdata);
373 mutex_unlock(&local->mtx);
374 sdata_info(sdata, "Failed to join IBSS, driver failure: %d\n",
375 err);
376 return;
377 }
378
379 ieee80211_bss_info_change_notify(sdata, bss_change);
380
381 ifibss->state = IEEE80211_IBSS_MLME_JOINED;
382 mod_timer(&ifibss->timer,
383 round_jiffies(jiffies + IEEE80211_IBSS_MERGE_INTERVAL));
384
385 scan_width = cfg80211_chandef_to_scan_width(&chandef);
386 bss = cfg80211_inform_bss_width_frame(local->hw.wiphy, chan,
387 scan_width, mgmt,
388 presp->head_len, 0, GFP_KERNEL);
389 cfg80211_put_bss(local->hw.wiphy, bss);
390 netif_carrier_on(sdata->dev);
391 cfg80211_ibss_joined(sdata->dev, ifibss->bssid, chan, GFP_KERNEL);
392}
393
394static void ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata,
395 struct ieee80211_bss *bss)
396{
397 struct cfg80211_bss *cbss =
398 container_of((void *)bss, struct cfg80211_bss, priv);
399 struct ieee80211_supported_band *sband;
400 struct cfg80211_chan_def chandef;
401 u32 basic_rates;
402 int i, j;
403 u16 beacon_int = cbss->beacon_interval;
404 const struct cfg80211_bss_ies *ies;
405 enum nl80211_channel_type chan_type;
406 u64 tsf;
407 u32 rate_flags;
408 int shift;
409
410 sdata_assert_lock(sdata);
411
412 if (beacon_int < 10)
413 beacon_int = 10;
414
415 switch (sdata->u.ibss.chandef.width) {
416 case NL80211_CHAN_WIDTH_20_NOHT:
417 case NL80211_CHAN_WIDTH_20:
418 case NL80211_CHAN_WIDTH_40:
419 chan_type = cfg80211_get_chandef_type(&sdata->u.ibss.chandef);
420 cfg80211_chandef_create(&chandef, cbss->channel, chan_type);
421 break;
422 case NL80211_CHAN_WIDTH_5:
423 case NL80211_CHAN_WIDTH_10:
424 cfg80211_chandef_create(&chandef, cbss->channel,
425 NL80211_CHAN_WIDTH_20_NOHT);
426 chandef.width = sdata->u.ibss.chandef.width;
427 break;
428 default:
429
430 cfg80211_chandef_create(&chandef, cbss->channel,
431 NL80211_CHAN_WIDTH_20_NOHT);
432 break;
433 }
434
435 sband = sdata->local->hw.wiphy->bands[cbss->channel->band];
436 rate_flags = ieee80211_chandef_rate_flags(&sdata->u.ibss.chandef);
437 shift = ieee80211_vif_get_shift(&sdata->vif);
438
439 basic_rates = 0;
440
441 for (i = 0; i < bss->supp_rates_len; i++) {
442 int rate = bss->supp_rates[i] & 0x7f;
443 bool is_basic = !!(bss->supp_rates[i] & 0x80);
444
445 for (j = 0; j < sband->n_bitrates; j++) {
446 int brate;
447 if ((rate_flags & sband->bitrates[j].flags)
448 != rate_flags)
449 continue;
450
451 brate = DIV_ROUND_UP(sband->bitrates[j].bitrate,
452 5 * (1 << shift));
453 if (brate == rate) {
454 if (is_basic)
455 basic_rates |= BIT(j);
456 break;
457 }
458 }
459 }
460
461 rcu_read_lock();
462 ies = rcu_dereference(cbss->ies);
463 tsf = ies->tsf;
464 rcu_read_unlock();
465
466 __ieee80211_sta_join_ibss(sdata, cbss->bssid,
467 beacon_int,
468 &chandef,
469 basic_rates,
470 cbss->capability,
471 tsf, false);
472}
473
474int ieee80211_ibss_csa_beacon(struct ieee80211_sub_if_data *sdata,
475 struct cfg80211_csa_settings *csa_settings)
476{
477 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
478 struct beacon_data *presp, *old_presp;
479 struct cfg80211_bss *cbss;
480 const struct cfg80211_bss_ies *ies;
481 u16 capability;
482 u64 tsf;
483 int ret = 0;
484
485 sdata_assert_lock(sdata);
486
487 capability = WLAN_CAPABILITY_IBSS;
488
489 if (ifibss->privacy)
490 capability |= WLAN_CAPABILITY_PRIVACY;
491
492 cbss = cfg80211_get_bss(sdata->local->hw.wiphy, ifibss->chandef.chan,
493 ifibss->bssid, ifibss->ssid,
494 ifibss->ssid_len, WLAN_CAPABILITY_IBSS |
495 WLAN_CAPABILITY_PRIVACY,
496 capability);
497
498 if (WARN_ON(!cbss)) {
499 ret = -EINVAL;
500 goto out;
501 }
502
503 rcu_read_lock();
504 ies = rcu_dereference(cbss->ies);
505 tsf = ies->tsf;
506 rcu_read_unlock();
507 cfg80211_put_bss(sdata->local->hw.wiphy, cbss);
508
509 old_presp = rcu_dereference_protected(ifibss->presp,
510 lockdep_is_held(&sdata->wdev.mtx));
511
512 presp = ieee80211_ibss_build_presp(sdata,
513 sdata->vif.bss_conf.beacon_int,
514 sdata->vif.bss_conf.basic_rates,
515 capability, tsf, &ifibss->chandef,
516 NULL, csa_settings);
517 if (!presp) {
518 ret = -ENOMEM;
519 goto out;
520 }
521
522 rcu_assign_pointer(ifibss->presp, presp);
523 if (old_presp)
524 kfree_rcu(old_presp, rcu_head);
525
526 return BSS_CHANGED_BEACON;
527 out:
528 return ret;
529}
530
531int ieee80211_ibss_finish_csa(struct ieee80211_sub_if_data *sdata)
532{
533 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
534 struct cfg80211_bss *cbss;
535 int err, changed = 0;
536 u16 capability;
537
538 sdata_assert_lock(sdata);
539
540
541 if (!is_zero_ether_addr(ifibss->bssid)) {
542 capability = WLAN_CAPABILITY_IBSS;
543
544 if (ifibss->privacy)
545 capability |= WLAN_CAPABILITY_PRIVACY;
546
547 cbss = cfg80211_get_bss(sdata->local->hw.wiphy,
548 ifibss->chandef.chan,
549 ifibss->bssid, ifibss->ssid,
550 ifibss->ssid_len, WLAN_CAPABILITY_IBSS |
551 WLAN_CAPABILITY_PRIVACY,
552 capability);
553
554 if (cbss) {
555 cbss->channel = sdata->csa_chandef.chan;
556 cfg80211_put_bss(sdata->local->hw.wiphy, cbss);
557 }
558 }
559
560 ifibss->chandef = sdata->csa_chandef;
561
562
563 err = ieee80211_ibss_csa_beacon(sdata, NULL);
564 if (err < 0)
565 return err;
566
567 changed |= err;
568
569 return changed;
570}
571
572void ieee80211_ibss_stop(struct ieee80211_sub_if_data *sdata)
573{
574 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
575
576 cancel_work_sync(&ifibss->csa_connection_drop_work);
577}
578
579static struct sta_info *ieee80211_ibss_finish_sta(struct sta_info *sta)
580 __acquires(RCU)
581{
582 struct ieee80211_sub_if_data *sdata = sta->sdata;
583 u8 addr[ETH_ALEN];
584
585 memcpy(addr, sta->sta.addr, ETH_ALEN);
586
587 ibss_dbg(sdata, "Adding new IBSS station %pM\n", addr);
588
589 sta_info_pre_move_state(sta, IEEE80211_STA_AUTH);
590 sta_info_pre_move_state(sta, IEEE80211_STA_ASSOC);
591
592
593 if (!sta->sdata->u.ibss.control_port)
594 sta_info_pre_move_state(sta, IEEE80211_STA_AUTHORIZED);
595
596 rate_control_rate_init(sta);
597
598
599 if (sta_info_insert_rcu(sta))
600 return sta_info_get(sdata, addr);
601 return sta;
602}
603
604static struct sta_info *
605ieee80211_ibss_add_sta(struct ieee80211_sub_if_data *sdata, const u8 *bssid,
606 const u8 *addr, u32 supp_rates)
607 __acquires(RCU)
608{
609 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
610 struct ieee80211_local *local = sdata->local;
611 struct sta_info *sta;
612 struct ieee80211_chanctx_conf *chanctx_conf;
613 struct ieee80211_supported_band *sband;
614 enum nl80211_bss_scan_width scan_width;
615 int band;
616
617
618
619
620
621 if (local->num_sta >= IEEE80211_IBSS_MAX_STA_ENTRIES) {
622 net_info_ratelimited("%s: No room for a new IBSS STA entry %pM\n",
623 sdata->name, addr);
624 rcu_read_lock();
625 return NULL;
626 }
627
628 if (ifibss->state == IEEE80211_IBSS_MLME_SEARCH) {
629 rcu_read_lock();
630 return NULL;
631 }
632
633 if (!ether_addr_equal(bssid, sdata->u.ibss.bssid)) {
634 rcu_read_lock();
635 return NULL;
636 }
637
638 rcu_read_lock();
639 chanctx_conf = rcu_dereference(sdata->vif.chanctx_conf);
640 if (WARN_ON_ONCE(!chanctx_conf))
641 return NULL;
642 band = chanctx_conf->def.chan->band;
643 scan_width = cfg80211_chandef_to_scan_width(&chanctx_conf->def);
644 rcu_read_unlock();
645
646 sta = sta_info_alloc(sdata, addr, GFP_KERNEL);
647 if (!sta) {
648 rcu_read_lock();
649 return NULL;
650 }
651
652 sta->last_rx = jiffies;
653
654
655 sband = local->hw.wiphy->bands[band];
656 sta->sta.supp_rates[band] = supp_rates |
657 ieee80211_mandatory_rates(sband, scan_width);
658
659 return ieee80211_ibss_finish_sta(sta);
660}
661
662static int ieee80211_sta_active_ibss(struct ieee80211_sub_if_data *sdata)
663{
664 struct ieee80211_local *local = sdata->local;
665 int active = 0;
666 struct sta_info *sta;
667
668 sdata_assert_lock(sdata);
669
670 rcu_read_lock();
671
672 list_for_each_entry_rcu(sta, &local->sta_list, list) {
673 if (sta->sdata == sdata &&
674 time_after(sta->last_rx + IEEE80211_IBSS_MERGE_INTERVAL,
675 jiffies)) {
676 active++;
677 break;
678 }
679 }
680
681 rcu_read_unlock();
682
683 return active;
684}
685
686static void ieee80211_ibss_disconnect(struct ieee80211_sub_if_data *sdata)
687{
688 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
689 struct ieee80211_local *local = sdata->local;
690 struct cfg80211_bss *cbss;
691 struct beacon_data *presp;
692 struct sta_info *sta;
693 u16 capability;
694
695 if (!is_zero_ether_addr(ifibss->bssid)) {
696 capability = WLAN_CAPABILITY_IBSS;
697
698 if (ifibss->privacy)
699 capability |= WLAN_CAPABILITY_PRIVACY;
700
701 cbss = cfg80211_get_bss(local->hw.wiphy, ifibss->chandef.chan,
702 ifibss->bssid, ifibss->ssid,
703 ifibss->ssid_len, WLAN_CAPABILITY_IBSS |
704 WLAN_CAPABILITY_PRIVACY,
705 capability);
706
707 if (cbss) {
708 cfg80211_unlink_bss(local->hw.wiphy, cbss);
709 cfg80211_put_bss(sdata->local->hw.wiphy, cbss);
710 }
711 }
712
713 ifibss->state = IEEE80211_IBSS_MLME_SEARCH;
714
715 sta_info_flush(sdata);
716
717 spin_lock_bh(&ifibss->incomplete_lock);
718 while (!list_empty(&ifibss->incomplete_stations)) {
719 sta = list_first_entry(&ifibss->incomplete_stations,
720 struct sta_info, list);
721 list_del(&sta->list);
722 spin_unlock_bh(&ifibss->incomplete_lock);
723
724 sta_info_free(local, sta);
725 spin_lock_bh(&ifibss->incomplete_lock);
726 }
727 spin_unlock_bh(&ifibss->incomplete_lock);
728
729 netif_carrier_off(sdata->dev);
730
731 sdata->vif.bss_conf.ibss_joined = false;
732 sdata->vif.bss_conf.ibss_creator = false;
733 sdata->vif.bss_conf.enable_beacon = false;
734 sdata->vif.bss_conf.ssid_len = 0;
735
736
737 presp = rcu_dereference_protected(ifibss->presp,
738 lockdep_is_held(&sdata->wdev.mtx));
739 RCU_INIT_POINTER(sdata->u.ibss.presp, NULL);
740 if (presp)
741 kfree_rcu(presp, rcu_head);
742
743 clear_bit(SDATA_STATE_OFFCHANNEL_BEACON_STOPPED, &sdata->state);
744 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BEACON_ENABLED |
745 BSS_CHANGED_IBSS);
746 drv_leave_ibss(local, sdata);
747 mutex_lock(&local->mtx);
748 ieee80211_vif_release_channel(sdata);
749 mutex_unlock(&local->mtx);
750}
751
752static void ieee80211_csa_connection_drop_work(struct work_struct *work)
753{
754 struct ieee80211_sub_if_data *sdata =
755 container_of(work, struct ieee80211_sub_if_data,
756 u.ibss.csa_connection_drop_work);
757
758 sdata_lock(sdata);
759
760 ieee80211_ibss_disconnect(sdata);
761 synchronize_rcu();
762 skb_queue_purge(&sdata->skb_queue);
763
764
765 ieee80211_queue_work(&sdata->local->hw, &sdata->work);
766
767 sdata_unlock(sdata);
768}
769
770static void ieee80211_ibss_csa_mark_radar(struct ieee80211_sub_if_data *sdata)
771{
772 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
773 int err;
774
775
776
777
778 err = cfg80211_chandef_dfs_required(sdata->local->hw.wiphy,
779 &ifibss->chandef,
780 NL80211_IFTYPE_ADHOC);
781 if (err > 0)
782 cfg80211_radar_event(sdata->local->hw.wiphy, &ifibss->chandef,
783 GFP_ATOMIC);
784}
785
786static bool
787ieee80211_ibss_process_chanswitch(struct ieee80211_sub_if_data *sdata,
788 struct ieee802_11_elems *elems,
789 bool beacon)
790{
791 struct cfg80211_csa_settings params;
792 struct ieee80211_csa_ie csa_ie;
793 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
794 enum nl80211_channel_type ch_type;
795 int err;
796 u32 sta_flags;
797
798 sdata_assert_lock(sdata);
799
800 sta_flags = IEEE80211_STA_DISABLE_VHT;
801 switch (ifibss->chandef.width) {
802 case NL80211_CHAN_WIDTH_5:
803 case NL80211_CHAN_WIDTH_10:
804 case NL80211_CHAN_WIDTH_20_NOHT:
805 sta_flags |= IEEE80211_STA_DISABLE_HT;
806
807 case NL80211_CHAN_WIDTH_20:
808 sta_flags |= IEEE80211_STA_DISABLE_40MHZ;
809 break;
810 default:
811 break;
812 }
813
814 memset(¶ms, 0, sizeof(params));
815 memset(&csa_ie, 0, sizeof(csa_ie));
816 err = ieee80211_parse_ch_switch_ie(sdata, elems, beacon,
817 ifibss->chandef.chan->band,
818 sta_flags, ifibss->bssid, &csa_ie);
819
820 if (err < 0)
821 goto disconnect;
822
823
824 if (err)
825 return false;
826
827
828 if (!(sdata->local->hw.wiphy->flags & WIPHY_FLAG_HAS_CHANNEL_SWITCH))
829 goto disconnect;
830
831 params.count = csa_ie.count;
832 params.chandef = csa_ie.chandef;
833
834 switch (ifibss->chandef.width) {
835 case NL80211_CHAN_WIDTH_20_NOHT:
836 case NL80211_CHAN_WIDTH_20:
837 case NL80211_CHAN_WIDTH_40:
838
839
840
841
842
843 ch_type = cfg80211_get_chandef_type(&ifibss->chandef);
844 cfg80211_chandef_create(¶ms.chandef, params.chandef.chan,
845 ch_type);
846 break;
847 case NL80211_CHAN_WIDTH_5:
848 case NL80211_CHAN_WIDTH_10:
849 if (params.chandef.width != ifibss->chandef.width) {
850 sdata_info(sdata,
851 "IBSS %pM received channel switch from incompatible channel width (%d MHz, width:%d, CF1/2: %d/%d MHz), disconnecting\n",
852 ifibss->bssid,
853 params.chandef.chan->center_freq,
854 params.chandef.width,
855 params.chandef.center_freq1,
856 params.chandef.center_freq2);
857 goto disconnect;
858 }
859 break;
860 default:
861
862 WARN_ON(1);
863 goto disconnect;
864 }
865
866 if (!cfg80211_reg_can_beacon(sdata->local->hw.wiphy, ¶ms.chandef,
867 NL80211_IFTYPE_ADHOC)) {
868 sdata_info(sdata,
869 "IBSS %pM switches to unsupported channel (%d MHz, width:%d, CF1/2: %d/%d MHz), disconnecting\n",
870 ifibss->bssid,
871 params.chandef.chan->center_freq,
872 params.chandef.width,
873 params.chandef.center_freq1,
874 params.chandef.center_freq2);
875 goto disconnect;
876 }
877
878 err = cfg80211_chandef_dfs_required(sdata->local->hw.wiphy,
879 ¶ms.chandef,
880 NL80211_IFTYPE_ADHOC);
881 if (err < 0)
882 goto disconnect;
883 if (err > 0 && !ifibss->userspace_handles_dfs) {
884
885 goto disconnect;
886 }
887
888 params.radar_required = err;
889
890 if (cfg80211_chandef_identical(¶ms.chandef,
891 &sdata->vif.bss_conf.chandef)) {
892 ibss_dbg(sdata,
893 "received csa with an identical chandef, ignoring\n");
894 return true;
895 }
896
897
898 ibss_dbg(sdata,
899 "received channel switch announcement to go to channel %d MHz\n",
900 params.chandef.chan->center_freq);
901
902 params.block_tx = !!csa_ie.mode;
903
904 if (ieee80211_channel_switch(sdata->local->hw.wiphy, sdata->dev,
905 ¶ms))
906 goto disconnect;
907
908 ieee80211_ibss_csa_mark_radar(sdata);
909
910 return true;
911disconnect:
912 ibss_dbg(sdata, "Can't handle channel switch, disconnect\n");
913 ieee80211_queue_work(&sdata->local->hw,
914 &ifibss->csa_connection_drop_work);
915
916 ieee80211_ibss_csa_mark_radar(sdata);
917
918 return true;
919}
920
921static void
922ieee80211_rx_mgmt_spectrum_mgmt(struct ieee80211_sub_if_data *sdata,
923 struct ieee80211_mgmt *mgmt, size_t len,
924 struct ieee80211_rx_status *rx_status,
925 struct ieee802_11_elems *elems)
926{
927 int required_len;
928
929 if (len < IEEE80211_MIN_ACTION_SIZE + 1)
930 return;
931
932
933 if (mgmt->u.action.u.measurement.action_code !=
934 WLAN_ACTION_SPCT_CHL_SWITCH)
935 return;
936
937 required_len = IEEE80211_MIN_ACTION_SIZE +
938 sizeof(mgmt->u.action.u.chan_switch);
939 if (len < required_len)
940 return;
941
942 if (!sdata->vif.csa_active)
943 ieee80211_ibss_process_chanswitch(sdata, elems, false);
944}
945
946static void ieee80211_rx_mgmt_deauth_ibss(struct ieee80211_sub_if_data *sdata,
947 struct ieee80211_mgmt *mgmt,
948 size_t len)
949{
950 u16 reason = le16_to_cpu(mgmt->u.deauth.reason_code);
951
952 if (len < IEEE80211_DEAUTH_FRAME_LEN)
953 return;
954
955 ibss_dbg(sdata, "RX DeAuth SA=%pM DA=%pM BSSID=%pM (reason: %d)\n",
956 mgmt->sa, mgmt->da, mgmt->bssid, reason);
957 sta_info_destroy_addr(sdata, mgmt->sa);
958}
959
960static void ieee80211_rx_mgmt_auth_ibss(struct ieee80211_sub_if_data *sdata,
961 struct ieee80211_mgmt *mgmt,
962 size_t len)
963{
964 u16 auth_alg, auth_transaction;
965
966 sdata_assert_lock(sdata);
967
968 if (len < 24 + 6)
969 return;
970
971 auth_alg = le16_to_cpu(mgmt->u.auth.auth_alg);
972 auth_transaction = le16_to_cpu(mgmt->u.auth.auth_transaction);
973
974 ibss_dbg(sdata,
975 "RX Auth SA=%pM DA=%pM BSSID=%pM (auth_transaction=%d)\n",
976 mgmt->sa, mgmt->da, mgmt->bssid, auth_transaction);
977
978 if (auth_alg != WLAN_AUTH_OPEN || auth_transaction != 1)
979 return;
980
981
982
983
984
985
986
987 ieee80211_send_auth(sdata, 2, WLAN_AUTH_OPEN, 0, NULL, 0,
988 mgmt->sa, sdata->u.ibss.bssid, NULL, 0, 0, 0);
989}
990
991static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata,
992 struct ieee80211_mgmt *mgmt, size_t len,
993 struct ieee80211_rx_status *rx_status,
994 struct ieee802_11_elems *elems)
995{
996 struct ieee80211_local *local = sdata->local;
997 struct cfg80211_bss *cbss;
998 struct ieee80211_bss *bss;
999 struct sta_info *sta;
1000 struct ieee80211_channel *channel;
1001 u64 beacon_timestamp, rx_timestamp;
1002 u32 supp_rates = 0;
1003 enum ieee80211_band band = rx_status->band;
1004 enum nl80211_bss_scan_width scan_width;
1005 struct ieee80211_supported_band *sband = local->hw.wiphy->bands[band];
1006 bool rates_updated = false;
1007
1008 channel = ieee80211_get_channel(local->hw.wiphy, rx_status->freq);
1009 if (!channel)
1010 return;
1011
1012 if (sdata->vif.type == NL80211_IFTYPE_ADHOC &&
1013 ether_addr_equal(mgmt->bssid, sdata->u.ibss.bssid)) {
1014
1015 rcu_read_lock();
1016 sta = sta_info_get(sdata, mgmt->sa);
1017
1018 if (elems->supp_rates) {
1019 supp_rates = ieee80211_sta_get_rates(sdata, elems,
1020 band, NULL);
1021 if (sta) {
1022 u32 prev_rates;
1023
1024 prev_rates = sta->sta.supp_rates[band];
1025
1026 scan_width = NL80211_BSS_CHAN_WIDTH_20;
1027 if (rx_status->flag & RX_FLAG_5MHZ)
1028 scan_width = NL80211_BSS_CHAN_WIDTH_5;
1029 if (rx_status->flag & RX_FLAG_10MHZ)
1030 scan_width = NL80211_BSS_CHAN_WIDTH_10;
1031
1032 sta->sta.supp_rates[band] = supp_rates |
1033 ieee80211_mandatory_rates(sband,
1034 scan_width);
1035 if (sta->sta.supp_rates[band] != prev_rates) {
1036 ibss_dbg(sdata,
1037 "updated supp_rates set for %pM based on beacon/probe_resp (0x%x -> 0x%x)\n",
1038 sta->sta.addr, prev_rates,
1039 sta->sta.supp_rates[band]);
1040 rates_updated = true;
1041 }
1042 } else {
1043 rcu_read_unlock();
1044 sta = ieee80211_ibss_add_sta(sdata, mgmt->bssid,
1045 mgmt->sa, supp_rates);
1046 }
1047 }
1048
1049 if (sta && elems->wmm_info)
1050 set_sta_flag(sta, WLAN_STA_WME);
1051
1052 if (sta && elems->ht_operation && elems->ht_cap_elem &&
1053 sdata->u.ibss.chandef.width != NL80211_CHAN_WIDTH_20_NOHT &&
1054 sdata->u.ibss.chandef.width != NL80211_CHAN_WIDTH_5 &&
1055 sdata->u.ibss.chandef.width != NL80211_CHAN_WIDTH_10) {
1056
1057 struct ieee80211_ht_cap htcap_ie;
1058 struct cfg80211_chan_def chandef;
1059
1060 ieee80211_ht_oper_to_chandef(channel,
1061 elems->ht_operation,
1062 &chandef);
1063
1064 memcpy(&htcap_ie, elems->ht_cap_elem, sizeof(htcap_ie));
1065
1066
1067
1068
1069
1070 if (chandef.center_freq1 !=
1071 sdata->u.ibss.chandef.center_freq1)
1072 htcap_ie.cap_info &=
1073 cpu_to_le16(~IEEE80211_HT_CAP_SUP_WIDTH_20_40);
1074
1075 rates_updated |= ieee80211_ht_cap_ie_to_sta_ht_cap(
1076 sdata, sband, &htcap_ie, sta);
1077 }
1078
1079 if (sta && rates_updated) {
1080 drv_sta_rc_update(local, sdata, &sta->sta,
1081 IEEE80211_RC_SUPP_RATES_CHANGED);
1082 rate_control_rate_init(sta);
1083 }
1084
1085 rcu_read_unlock();
1086 }
1087
1088 bss = ieee80211_bss_info_update(local, rx_status, mgmt, len, elems,
1089 channel);
1090 if (!bss)
1091 return;
1092
1093 cbss = container_of((void *)bss, struct cfg80211_bss, priv);
1094
1095
1096 beacon_timestamp = le64_to_cpu(mgmt->u.beacon.timestamp);
1097
1098
1099
1100
1101 if (!(cbss->capability & WLAN_CAPABILITY_IBSS))
1102 goto put_bss;
1103
1104
1105 if (sdata->u.ibss.fixed_channel &&
1106 sdata->u.ibss.chandef.chan != cbss->channel)
1107 goto put_bss;
1108
1109
1110 if (elems->ssid_len != sdata->u.ibss.ssid_len ||
1111 memcmp(elems->ssid, sdata->u.ibss.ssid,
1112 sdata->u.ibss.ssid_len))
1113 goto put_bss;
1114
1115
1116 if (sdata->vif.csa_active ||
1117 ieee80211_ibss_process_chanswitch(sdata, elems, true))
1118 goto put_bss;
1119
1120
1121 if (ether_addr_equal(cbss->bssid, sdata->u.ibss.bssid))
1122 goto put_bss;
1123
1124
1125 if (sdata->u.ibss.fixed_bssid)
1126 goto put_bss;
1127
1128 if (ieee80211_have_rx_timestamp(rx_status)) {
1129
1130 rx_timestamp =
1131 ieee80211_calculate_rx_timestamp(local, rx_status,
1132 len + FCS_LEN, 24);
1133 } else {
1134
1135
1136
1137
1138 rx_timestamp = drv_get_tsf(local, sdata);
1139 }
1140
1141 ibss_dbg(sdata,
1142 "RX beacon SA=%pM BSSID=%pM TSF=0x%llx BCN=0x%llx diff=%lld @%lu\n",
1143 mgmt->sa, mgmt->bssid,
1144 (unsigned long long)rx_timestamp,
1145 (unsigned long long)beacon_timestamp,
1146 (unsigned long long)(rx_timestamp - beacon_timestamp),
1147 jiffies);
1148
1149 if (beacon_timestamp > rx_timestamp) {
1150 ibss_dbg(sdata,
1151 "beacon TSF higher than local TSF - IBSS merge with BSSID %pM\n",
1152 mgmt->bssid);
1153 ieee80211_sta_join_ibss(sdata, bss);
1154 supp_rates = ieee80211_sta_get_rates(sdata, elems, band, NULL);
1155 ieee80211_ibss_add_sta(sdata, mgmt->bssid, mgmt->sa,
1156 supp_rates);
1157 rcu_read_unlock();
1158 }
1159
1160 put_bss:
1161 ieee80211_rx_bss_put(local, bss);
1162}
1163
1164void ieee80211_ibss_rx_no_sta(struct ieee80211_sub_if_data *sdata,
1165 const u8 *bssid, const u8 *addr,
1166 u32 supp_rates)
1167{
1168 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
1169 struct ieee80211_local *local = sdata->local;
1170 struct sta_info *sta;
1171 struct ieee80211_chanctx_conf *chanctx_conf;
1172 struct ieee80211_supported_band *sband;
1173 enum nl80211_bss_scan_width scan_width;
1174 int band;
1175
1176
1177
1178
1179
1180 if (local->num_sta >= IEEE80211_IBSS_MAX_STA_ENTRIES) {
1181 net_info_ratelimited("%s: No room for a new IBSS STA entry %pM\n",
1182 sdata->name, addr);
1183 return;
1184 }
1185
1186 if (ifibss->state == IEEE80211_IBSS_MLME_SEARCH)
1187 return;
1188
1189 if (!ether_addr_equal(bssid, sdata->u.ibss.bssid))
1190 return;
1191
1192 rcu_read_lock();
1193 chanctx_conf = rcu_dereference(sdata->vif.chanctx_conf);
1194 if (WARN_ON_ONCE(!chanctx_conf)) {
1195 rcu_read_unlock();
1196 return;
1197 }
1198 band = chanctx_conf->def.chan->band;
1199 scan_width = cfg80211_chandef_to_scan_width(&chanctx_conf->def);
1200 rcu_read_unlock();
1201
1202 sta = sta_info_alloc(sdata, addr, GFP_ATOMIC);
1203 if (!sta)
1204 return;
1205
1206 sta->last_rx = jiffies;
1207
1208
1209 sband = local->hw.wiphy->bands[band];
1210 sta->sta.supp_rates[band] = supp_rates |
1211 ieee80211_mandatory_rates(sband, scan_width);
1212
1213 spin_lock(&ifibss->incomplete_lock);
1214 list_add(&sta->list, &ifibss->incomplete_stations);
1215 spin_unlock(&ifibss->incomplete_lock);
1216 ieee80211_queue_work(&local->hw, &sdata->work);
1217}
1218
1219static void ieee80211_ibss_sta_expire(struct ieee80211_sub_if_data *sdata)
1220{
1221 struct ieee80211_local *local = sdata->local;
1222 struct sta_info *sta, *tmp;
1223 unsigned long exp_time = IEEE80211_IBSS_INACTIVITY_LIMIT;
1224 unsigned long exp_rsn_time = IEEE80211_IBSS_RSN_INACTIVITY_LIMIT;
1225
1226 mutex_lock(&local->sta_mtx);
1227
1228 list_for_each_entry_safe(sta, tmp, &local->sta_list, list) {
1229 if (sdata != sta->sdata)
1230 continue;
1231
1232 if (time_after(jiffies, sta->last_rx + exp_time) ||
1233 (time_after(jiffies, sta->last_rx + exp_rsn_time) &&
1234 sta->sta_state != IEEE80211_STA_AUTHORIZED)) {
1235 sta_dbg(sta->sdata, "expiring inactive %sSTA %pM\n",
1236 sta->sta_state != IEEE80211_STA_AUTHORIZED ?
1237 "not authorized " : "", sta->sta.addr);
1238
1239 WARN_ON(__sta_info_destroy(sta));
1240 }
1241 }
1242
1243 mutex_unlock(&local->sta_mtx);
1244}
1245
1246
1247
1248
1249
1250static void ieee80211_sta_merge_ibss(struct ieee80211_sub_if_data *sdata)
1251{
1252 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
1253 enum nl80211_bss_scan_width scan_width;
1254
1255 sdata_assert_lock(sdata);
1256
1257 mod_timer(&ifibss->timer,
1258 round_jiffies(jiffies + IEEE80211_IBSS_MERGE_INTERVAL));
1259
1260 ieee80211_ibss_sta_expire(sdata);
1261
1262 if (time_before(jiffies, ifibss->last_scan_completed +
1263 IEEE80211_IBSS_MERGE_INTERVAL))
1264 return;
1265
1266 if (ieee80211_sta_active_ibss(sdata))
1267 return;
1268
1269 if (ifibss->fixed_channel)
1270 return;
1271
1272 sdata_info(sdata,
1273 "No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)\n");
1274
1275 scan_width = cfg80211_chandef_to_scan_width(&ifibss->chandef);
1276 ieee80211_request_ibss_scan(sdata, ifibss->ssid, ifibss->ssid_len,
1277 NULL, scan_width);
1278}
1279
1280static void ieee80211_sta_create_ibss(struct ieee80211_sub_if_data *sdata)
1281{
1282 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
1283 u8 bssid[ETH_ALEN];
1284 u16 capability;
1285 int i;
1286
1287 sdata_assert_lock(sdata);
1288
1289 if (ifibss->fixed_bssid) {
1290 memcpy(bssid, ifibss->bssid, ETH_ALEN);
1291 } else {
1292
1293
1294
1295 get_random_bytes(bssid, ETH_ALEN);
1296 for (i = 0; i < ETH_ALEN; i++)
1297 bssid[i] ^= sdata->vif.addr[i];
1298 bssid[0] &= ~0x01;
1299 bssid[0] |= 0x02;
1300 }
1301
1302 sdata_info(sdata, "Creating new IBSS network, BSSID %pM\n", bssid);
1303
1304 capability = WLAN_CAPABILITY_IBSS;
1305
1306 if (ifibss->privacy)
1307 capability |= WLAN_CAPABILITY_PRIVACY;
1308 else
1309 sdata->drop_unencrypted = 0;
1310
1311 __ieee80211_sta_join_ibss(sdata, bssid, sdata->vif.bss_conf.beacon_int,
1312 &ifibss->chandef, ifibss->basic_rates,
1313 capability, 0, true);
1314}
1315
1316
1317
1318
1319
1320static void ieee80211_sta_find_ibss(struct ieee80211_sub_if_data *sdata)
1321{
1322 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
1323 struct ieee80211_local *local = sdata->local;
1324 struct cfg80211_bss *cbss;
1325 struct ieee80211_channel *chan = NULL;
1326 const u8 *bssid = NULL;
1327 enum nl80211_bss_scan_width scan_width;
1328 int active_ibss;
1329 u16 capability;
1330
1331 sdata_assert_lock(sdata);
1332
1333 active_ibss = ieee80211_sta_active_ibss(sdata);
1334 ibss_dbg(sdata, "sta_find_ibss (active_ibss=%d)\n", active_ibss);
1335
1336 if (active_ibss)
1337 return;
1338
1339 capability = WLAN_CAPABILITY_IBSS;
1340 if (ifibss->privacy)
1341 capability |= WLAN_CAPABILITY_PRIVACY;
1342 if (ifibss->fixed_bssid)
1343 bssid = ifibss->bssid;
1344 if (ifibss->fixed_channel)
1345 chan = ifibss->chandef.chan;
1346 if (!is_zero_ether_addr(ifibss->bssid))
1347 bssid = ifibss->bssid;
1348 cbss = cfg80211_get_bss(local->hw.wiphy, chan, bssid,
1349 ifibss->ssid, ifibss->ssid_len,
1350 WLAN_CAPABILITY_IBSS | WLAN_CAPABILITY_PRIVACY,
1351 capability);
1352
1353 if (cbss) {
1354 struct ieee80211_bss *bss;
1355
1356 bss = (void *)cbss->priv;
1357 ibss_dbg(sdata,
1358 "sta_find_ibss: selected %pM current %pM\n",
1359 cbss->bssid, ifibss->bssid);
1360 sdata_info(sdata,
1361 "Selected IBSS BSSID %pM based on configured SSID\n",
1362 cbss->bssid);
1363
1364 ieee80211_sta_join_ibss(sdata, bss);
1365 ieee80211_rx_bss_put(local, bss);
1366 return;
1367 }
1368
1369
1370
1371
1372 if (ifibss->fixed_bssid && ifibss->fixed_channel) {
1373 sdata_info(sdata, "Created IBSS using preconfigured BSSID %pM\n",
1374 bssid);
1375 ieee80211_sta_create_ibss(sdata);
1376 return;
1377 }
1378
1379
1380 ibss_dbg(sdata, "sta_find_ibss: did not try to join ibss\n");
1381
1382
1383 if (time_after(jiffies, ifibss->last_scan_completed +
1384 IEEE80211_SCAN_INTERVAL)) {
1385 sdata_info(sdata, "Trigger new scan to find an IBSS to join\n");
1386
1387 scan_width = cfg80211_chandef_to_scan_width(&ifibss->chandef);
1388 ieee80211_request_ibss_scan(sdata, ifibss->ssid,
1389 ifibss->ssid_len, chan,
1390 scan_width);
1391 } else {
1392 int interval = IEEE80211_SCAN_INTERVAL;
1393
1394 if (time_after(jiffies, ifibss->ibss_join_req +
1395 IEEE80211_IBSS_JOIN_TIMEOUT))
1396 ieee80211_sta_create_ibss(sdata);
1397
1398 mod_timer(&ifibss->timer,
1399 round_jiffies(jiffies + interval));
1400 }
1401}
1402
1403static void ieee80211_rx_mgmt_probe_req(struct ieee80211_sub_if_data *sdata,
1404 struct sk_buff *req)
1405{
1406 struct ieee80211_mgmt *mgmt = (void *)req->data;
1407 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
1408 struct ieee80211_local *local = sdata->local;
1409 int tx_last_beacon, len = req->len;
1410 struct sk_buff *skb;
1411 struct beacon_data *presp;
1412 u8 *pos, *end;
1413
1414 sdata_assert_lock(sdata);
1415
1416 presp = rcu_dereference_protected(ifibss->presp,
1417 lockdep_is_held(&sdata->wdev.mtx));
1418
1419 if (ifibss->state != IEEE80211_IBSS_MLME_JOINED ||
1420 len < 24 + 2 || !presp)
1421 return;
1422
1423 tx_last_beacon = drv_tx_last_beacon(local);
1424
1425 ibss_dbg(sdata,
1426 "RX ProbeReq SA=%pM DA=%pM BSSID=%pM (tx_last_beacon=%d)\n",
1427 mgmt->sa, mgmt->da, mgmt->bssid, tx_last_beacon);
1428
1429 if (!tx_last_beacon && is_multicast_ether_addr(mgmt->da))
1430 return;
1431
1432 if (!ether_addr_equal(mgmt->bssid, ifibss->bssid) &&
1433 !is_broadcast_ether_addr(mgmt->bssid))
1434 return;
1435
1436 end = ((u8 *) mgmt) + len;
1437 pos = mgmt->u.probe_req.variable;
1438 if (pos[0] != WLAN_EID_SSID ||
1439 pos + 2 + pos[1] > end) {
1440 ibss_dbg(sdata, "Invalid SSID IE in ProbeReq from %pM\n",
1441 mgmt->sa);
1442 return;
1443 }
1444 if (pos[1] != 0 &&
1445 (pos[1] != ifibss->ssid_len ||
1446 memcmp(pos + 2, ifibss->ssid, ifibss->ssid_len))) {
1447
1448 return;
1449 }
1450
1451
1452 skb = dev_alloc_skb(local->tx_headroom + presp->head_len);
1453 if (!skb)
1454 return;
1455
1456 skb_reserve(skb, local->tx_headroom);
1457 memcpy(skb_put(skb, presp->head_len), presp->head, presp->head_len);
1458
1459 memcpy(((struct ieee80211_mgmt *) skb->data)->da, mgmt->sa, ETH_ALEN);
1460 ibss_dbg(sdata, "Sending ProbeResp to %pM\n", mgmt->sa);
1461 IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT;
1462
1463
1464 if (pos[1] == 0)
1465 IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_CTL_NO_ACK;
1466
1467 ieee80211_tx_skb(sdata, skb);
1468}
1469
1470static
1471void ieee80211_rx_mgmt_probe_beacon(struct ieee80211_sub_if_data *sdata,
1472 struct ieee80211_mgmt *mgmt, size_t len,
1473 struct ieee80211_rx_status *rx_status)
1474{
1475 size_t baselen;
1476 struct ieee802_11_elems elems;
1477
1478 BUILD_BUG_ON(offsetof(typeof(mgmt->u.probe_resp), variable) !=
1479 offsetof(typeof(mgmt->u.beacon), variable));
1480
1481
1482
1483
1484
1485 baselen = (u8 *) mgmt->u.probe_resp.variable - (u8 *) mgmt;
1486 if (baselen > len)
1487 return;
1488
1489 ieee802_11_parse_elems(mgmt->u.probe_resp.variable, len - baselen,
1490 false, &elems);
1491
1492 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems);
1493}
1494
1495void ieee80211_ibss_rx_queued_mgmt(struct ieee80211_sub_if_data *sdata,
1496 struct sk_buff *skb)
1497{
1498 struct ieee80211_rx_status *rx_status;
1499 struct ieee80211_mgmt *mgmt;
1500 u16 fc;
1501 struct ieee802_11_elems elems;
1502 int ies_len;
1503
1504 rx_status = IEEE80211_SKB_RXCB(skb);
1505 mgmt = (struct ieee80211_mgmt *) skb->data;
1506 fc = le16_to_cpu(mgmt->frame_control);
1507
1508 sdata_lock(sdata);
1509
1510 if (!sdata->u.ibss.ssid_len)
1511 goto mgmt_out;
1512
1513 switch (fc & IEEE80211_FCTL_STYPE) {
1514 case IEEE80211_STYPE_PROBE_REQ:
1515 ieee80211_rx_mgmt_probe_req(sdata, skb);
1516 break;
1517 case IEEE80211_STYPE_PROBE_RESP:
1518 case IEEE80211_STYPE_BEACON:
1519 ieee80211_rx_mgmt_probe_beacon(sdata, mgmt, skb->len,
1520 rx_status);
1521 break;
1522 case IEEE80211_STYPE_AUTH:
1523 ieee80211_rx_mgmt_auth_ibss(sdata, mgmt, skb->len);
1524 break;
1525 case IEEE80211_STYPE_DEAUTH:
1526 ieee80211_rx_mgmt_deauth_ibss(sdata, mgmt, skb->len);
1527 break;
1528 case IEEE80211_STYPE_ACTION:
1529 switch (mgmt->u.action.category) {
1530 case WLAN_CATEGORY_SPECTRUM_MGMT:
1531 ies_len = skb->len -
1532 offsetof(struct ieee80211_mgmt,
1533 u.action.u.chan_switch.variable);
1534
1535 if (ies_len < 0)
1536 break;
1537
1538 ieee802_11_parse_elems(
1539 mgmt->u.action.u.chan_switch.variable,
1540 ies_len, true, &elems);
1541
1542 if (elems.parse_error)
1543 break;
1544
1545 ieee80211_rx_mgmt_spectrum_mgmt(sdata, mgmt, skb->len,
1546 rx_status, &elems);
1547 break;
1548 }
1549 }
1550
1551 mgmt_out:
1552 sdata_unlock(sdata);
1553}
1554
1555void ieee80211_ibss_work(struct ieee80211_sub_if_data *sdata)
1556{
1557 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
1558 struct sta_info *sta;
1559
1560 sdata_lock(sdata);
1561
1562
1563
1564
1565
1566
1567 if (!ifibss->ssid_len)
1568 goto out;
1569
1570 spin_lock_bh(&ifibss->incomplete_lock);
1571 while (!list_empty(&ifibss->incomplete_stations)) {
1572 sta = list_first_entry(&ifibss->incomplete_stations,
1573 struct sta_info, list);
1574 list_del(&sta->list);
1575 spin_unlock_bh(&ifibss->incomplete_lock);
1576
1577 ieee80211_ibss_finish_sta(sta);
1578 rcu_read_unlock();
1579 spin_lock_bh(&ifibss->incomplete_lock);
1580 }
1581 spin_unlock_bh(&ifibss->incomplete_lock);
1582
1583 switch (ifibss->state) {
1584 case IEEE80211_IBSS_MLME_SEARCH:
1585 ieee80211_sta_find_ibss(sdata);
1586 break;
1587 case IEEE80211_IBSS_MLME_JOINED:
1588 ieee80211_sta_merge_ibss(sdata);
1589 break;
1590 default:
1591 WARN_ON(1);
1592 break;
1593 }
1594
1595 out:
1596 sdata_unlock(sdata);
1597}
1598
1599static void ieee80211_ibss_timer(unsigned long data)
1600{
1601 struct ieee80211_sub_if_data *sdata =
1602 (struct ieee80211_sub_if_data *) data;
1603
1604 ieee80211_queue_work(&sdata->local->hw, &sdata->work);
1605}
1606
1607void ieee80211_ibss_setup_sdata(struct ieee80211_sub_if_data *sdata)
1608{
1609 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
1610
1611 setup_timer(&ifibss->timer, ieee80211_ibss_timer,
1612 (unsigned long) sdata);
1613 INIT_LIST_HEAD(&ifibss->incomplete_stations);
1614 spin_lock_init(&ifibss->incomplete_lock);
1615 INIT_WORK(&ifibss->csa_connection_drop_work,
1616 ieee80211_csa_connection_drop_work);
1617}
1618
1619
1620void ieee80211_ibss_notify_scan_completed(struct ieee80211_local *local)
1621{
1622 struct ieee80211_sub_if_data *sdata;
1623
1624 mutex_lock(&local->iflist_mtx);
1625 list_for_each_entry(sdata, &local->interfaces, list) {
1626 if (!ieee80211_sdata_running(sdata))
1627 continue;
1628 if (sdata->vif.type != NL80211_IFTYPE_ADHOC)
1629 continue;
1630 sdata->u.ibss.last_scan_completed = jiffies;
1631 ieee80211_queue_work(&local->hw, &sdata->work);
1632 }
1633 mutex_unlock(&local->iflist_mtx);
1634}
1635
1636int ieee80211_ibss_join(struct ieee80211_sub_if_data *sdata,
1637 struct cfg80211_ibss_params *params)
1638{
1639 u32 changed = 0;
1640 u32 rate_flags;
1641 struct ieee80211_supported_band *sband;
1642 enum ieee80211_chanctx_mode chanmode;
1643 struct ieee80211_local *local = sdata->local;
1644 int radar_detect_width = 0;
1645 int i;
1646 int ret;
1647
1648 ret = cfg80211_chandef_dfs_required(local->hw.wiphy,
1649 ¶ms->chandef,
1650 sdata->wdev.iftype);
1651 if (ret < 0)
1652 return ret;
1653
1654 if (ret > 0) {
1655 if (!params->userspace_handles_dfs)
1656 return -EINVAL;
1657 radar_detect_width = BIT(params->chandef.width);
1658 }
1659
1660 chanmode = (params->channel_fixed && !ret) ?
1661 IEEE80211_CHANCTX_SHARED : IEEE80211_CHANCTX_EXCLUSIVE;
1662
1663 mutex_lock(&local->chanctx_mtx);
1664 ret = ieee80211_check_combinations(sdata, ¶ms->chandef, chanmode,
1665 radar_detect_width);
1666 mutex_unlock(&local->chanctx_mtx);
1667 if (ret < 0)
1668 return ret;
1669
1670 if (params->bssid) {
1671 memcpy(sdata->u.ibss.bssid, params->bssid, ETH_ALEN);
1672 sdata->u.ibss.fixed_bssid = true;
1673 } else
1674 sdata->u.ibss.fixed_bssid = false;
1675
1676 sdata->u.ibss.privacy = params->privacy;
1677 sdata->u.ibss.control_port = params->control_port;
1678 sdata->u.ibss.userspace_handles_dfs = params->userspace_handles_dfs;
1679 sdata->u.ibss.basic_rates = params->basic_rates;
1680 sdata->u.ibss.last_scan_completed = jiffies;
1681
1682
1683 rate_flags = ieee80211_chandef_rate_flags(¶ms->chandef);
1684 sband = local->hw.wiphy->bands[params->chandef.chan->band];
1685 for (i = 0; i < sband->n_bitrates; i++) {
1686 if ((rate_flags & sband->bitrates[i].flags) != rate_flags)
1687 sdata->u.ibss.basic_rates &= ~BIT(i);
1688 }
1689 memcpy(sdata->vif.bss_conf.mcast_rate, params->mcast_rate,
1690 sizeof(params->mcast_rate));
1691
1692 sdata->vif.bss_conf.beacon_int = params->beacon_interval;
1693
1694 sdata->u.ibss.chandef = params->chandef;
1695 sdata->u.ibss.fixed_channel = params->channel_fixed;
1696
1697 if (params->ie) {
1698 sdata->u.ibss.ie = kmemdup(params->ie, params->ie_len,
1699 GFP_KERNEL);
1700 if (sdata->u.ibss.ie)
1701 sdata->u.ibss.ie_len = params->ie_len;
1702 }
1703
1704 sdata->u.ibss.state = IEEE80211_IBSS_MLME_SEARCH;
1705 sdata->u.ibss.ibss_join_req = jiffies;
1706
1707 memcpy(sdata->u.ibss.ssid, params->ssid, params->ssid_len);
1708 sdata->u.ibss.ssid_len = params->ssid_len;
1709
1710 memcpy(&sdata->u.ibss.ht_capa, ¶ms->ht_capa,
1711 sizeof(sdata->u.ibss.ht_capa));
1712 memcpy(&sdata->u.ibss.ht_capa_mask, ¶ms->ht_capa_mask,
1713 sizeof(sdata->u.ibss.ht_capa_mask));
1714
1715
1716
1717
1718
1719
1720
1721
1722
1723
1724
1725 sdata->vif.bss_conf.ht_operation_mode |=
1726 IEEE80211_HT_OP_MODE_PROTECTION_NONHT_MIXED
1727 | IEEE80211_HT_PARAM_RIFS_MODE;
1728
1729 changed |= BSS_CHANGED_HT;
1730 ieee80211_bss_info_change_notify(sdata, changed);
1731
1732 sdata->smps_mode = IEEE80211_SMPS_OFF;
1733 sdata->needed_rx_chains = local->rx_chains;
1734
1735 ieee80211_queue_work(&local->hw, &sdata->work);
1736
1737 return 0;
1738}
1739
1740int ieee80211_ibss_leave(struct ieee80211_sub_if_data *sdata)
1741{
1742 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
1743
1744 ieee80211_ibss_disconnect(sdata);
1745 ifibss->ssid_len = 0;
1746 memset(ifibss->bssid, 0, ETH_ALEN);
1747
1748
1749 kfree(sdata->u.ibss.ie);
1750
1751
1752 memset(&ifibss->ht_capa, 0, sizeof(ifibss->ht_capa));
1753 memset(&ifibss->ht_capa_mask, 0, sizeof(ifibss->ht_capa_mask));
1754
1755 synchronize_rcu();
1756
1757 skb_queue_purge(&sdata->skb_queue);
1758
1759 del_timer_sync(&sdata->u.ibss.timer);
1760
1761 return 0;
1762}
1763
