1
2
3
4
5
6
7
8
9
10
11
12
13
14
15#include <linux/delay.h>
16#include <linux/if_ether.h>
17#include <linux/skbuff.h>
18#include <linux/if_arp.h>
19#include <linux/etherdevice.h>
20#include <linux/moduleparam.h>
21#include <linux/rtnetlink.h>
22#include <linux/pm_qos.h>
23#include <linux/crc32.h>
24#include <linux/slab.h>
25#include <linux/export.h>
26#include <net/mac80211.h>
27#include <asm/unaligned.h>
28
29#include "ieee80211_i.h"
30#include "driver-ops.h"
31#include "rate.h"
32#include "led.h"
33
34#define IEEE80211_AUTH_TIMEOUT (HZ / 5)
35#define IEEE80211_AUTH_TIMEOUT_LONG (HZ / 2)
36#define IEEE80211_AUTH_TIMEOUT_SHORT (HZ / 10)
37#define IEEE80211_AUTH_MAX_TRIES 3
38#define IEEE80211_AUTH_WAIT_ASSOC (HZ * 5)
39#define IEEE80211_ASSOC_TIMEOUT (HZ / 5)
40#define IEEE80211_ASSOC_TIMEOUT_LONG (HZ / 2)
41#define IEEE80211_ASSOC_TIMEOUT_SHORT (HZ / 10)
42#define IEEE80211_ASSOC_MAX_TRIES 3
43
44static int max_nullfunc_tries = 2;
45module_param(max_nullfunc_tries, int, 0644);
46MODULE_PARM_DESC(max_nullfunc_tries,
47 "Maximum nullfunc tx tries before disconnecting (reason 4).");
48
49static int max_probe_tries = 5;
50module_param(max_probe_tries, int, 0644);
51MODULE_PARM_DESC(max_probe_tries,
52 "Maximum probe tries before disconnecting (reason 4).");
53
54
55
56
57
58
59
60
61
62static int beacon_loss_count = 7;
63module_param(beacon_loss_count, int, 0644);
64MODULE_PARM_DESC(beacon_loss_count,
65 "Number of beacon intervals before we decide beacon was lost.");
66
67
68
69
70
71#define IEEE80211_CONNECTION_IDLE_TIME (30 * HZ)
72
73
74
75
76
77static int probe_wait_ms = 500;
78module_param(probe_wait_ms, int, 0644);
79MODULE_PARM_DESC(probe_wait_ms,
80 "Maximum time(ms) to wait for probe response"
81 " before disconnecting (reason 4).");
82
83
84
85
86
87
88#define IEEE80211_SIGNAL_AVE_WEIGHT 3
89
90
91
92
93
94#define IEEE80211_SIGNAL_AVE_MIN_COUNT 4
95
96
97
98
99
100
101
102
103
104
105
106static void run_again(struct ieee80211_sub_if_data *sdata,
107 unsigned long timeout)
108{
109 sdata_assert_lock(sdata);
110
111 if (!timer_pending(&sdata->u.mgd.timer) ||
112 time_before(timeout, sdata->u.mgd.timer.expires))
113 mod_timer(&sdata->u.mgd.timer, timeout);
114}
115
116void ieee80211_sta_reset_beacon_monitor(struct ieee80211_sub_if_data *sdata)
117{
118 if (sdata->vif.driver_flags & IEEE80211_VIF_BEACON_FILTER)
119 return;
120
121 if (sdata->local->hw.flags & IEEE80211_HW_CONNECTION_MONITOR)
122 return;
123
124 mod_timer(&sdata->u.mgd.bcn_mon_timer,
125 round_jiffies_up(jiffies + sdata->u.mgd.beacon_timeout));
126}
127
128void ieee80211_sta_reset_conn_monitor(struct ieee80211_sub_if_data *sdata)
129{
130 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
131
132 if (unlikely(!sdata->u.mgd.associated))
133 return;
134
135 ifmgd->probe_send_count = 0;
136
137 if (sdata->local->hw.flags & IEEE80211_HW_CONNECTION_MONITOR)
138 return;
139
140 mod_timer(&sdata->u.mgd.conn_mon_timer,
141 round_jiffies_up(jiffies + IEEE80211_CONNECTION_IDLE_TIME));
142}
143
144static int ecw2cw(int ecw)
145{
146 return (1 << ecw) - 1;
147}
148
149static u32
150ieee80211_determine_chantype(struct ieee80211_sub_if_data *sdata,
151 struct ieee80211_supported_band *sband,
152 struct ieee80211_channel *channel,
153 const struct ieee80211_ht_cap *ht_cap,
154 const struct ieee80211_ht_operation *ht_oper,
155 const struct ieee80211_vht_operation *vht_oper,
156 struct cfg80211_chan_def *chandef, bool tracking)
157{
158 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
159 struct cfg80211_chan_def vht_chandef;
160 u32 ht_cfreq, ret;
161
162 chandef->chan = channel;
163 chandef->width = NL80211_CHAN_WIDTH_20_NOHT;
164 chandef->center_freq1 = channel->center_freq;
165 chandef->center_freq2 = 0;
166
167 if (!ht_cap || !ht_oper || !sband->ht_cap.ht_supported) {
168 ret = IEEE80211_STA_DISABLE_HT | IEEE80211_STA_DISABLE_VHT;
169 goto out;
170 }
171
172 chandef->width = NL80211_CHAN_WIDTH_20;
173
174 if (!(ht_cap->cap_info &
175 cpu_to_le16(IEEE80211_HT_CAP_SUP_WIDTH_20_40))) {
176 ret = IEEE80211_STA_DISABLE_40MHZ;
177 goto out;
178 }
179
180 ht_cfreq = ieee80211_channel_to_frequency(ht_oper->primary_chan,
181 channel->band);
182
183 if (!tracking && channel->center_freq != ht_cfreq) {
184
185
186
187
188
189
190
191 sdata_info(sdata,
192 "Wrong control channel: center-freq: %d ht-cfreq: %d ht->primary_chan: %d band: %d - Disabling HT\n",
193 channel->center_freq, ht_cfreq,
194 ht_oper->primary_chan, channel->band);
195 ret = IEEE80211_STA_DISABLE_HT | IEEE80211_STA_DISABLE_VHT;
196 goto out;
197 }
198
199
200 if (sband->ht_cap.cap & IEEE80211_HT_CAP_SUP_WIDTH_20_40) {
201 switch (ht_oper->ht_param & IEEE80211_HT_PARAM_CHA_SEC_OFFSET) {
202 case IEEE80211_HT_PARAM_CHA_SEC_ABOVE:
203 chandef->width = NL80211_CHAN_WIDTH_40;
204 chandef->center_freq1 += 10;
205 break;
206 case IEEE80211_HT_PARAM_CHA_SEC_BELOW:
207 chandef->width = NL80211_CHAN_WIDTH_40;
208 chandef->center_freq1 -= 10;
209 break;
210 }
211 } else {
212
213 ret = IEEE80211_STA_DISABLE_VHT;
214
215 ret |= IEEE80211_STA_DISABLE_40MHZ;
216 goto out;
217 }
218
219 if (!vht_oper || !sband->vht_cap.vht_supported) {
220 ret = IEEE80211_STA_DISABLE_VHT;
221 goto out;
222 }
223
224 vht_chandef.chan = channel;
225 vht_chandef.center_freq1 =
226 ieee80211_channel_to_frequency(vht_oper->center_freq_seg1_idx,
227 channel->band);
228 vht_chandef.center_freq2 = 0;
229
230 switch (vht_oper->chan_width) {
231 case IEEE80211_VHT_CHANWIDTH_USE_HT:
232 vht_chandef.width = chandef->width;
233 vht_chandef.center_freq1 = chandef->center_freq1;
234 break;
235 case IEEE80211_VHT_CHANWIDTH_80MHZ:
236 vht_chandef.width = NL80211_CHAN_WIDTH_80;
237 break;
238 case IEEE80211_VHT_CHANWIDTH_160MHZ:
239 vht_chandef.width = NL80211_CHAN_WIDTH_160;
240 break;
241 case IEEE80211_VHT_CHANWIDTH_80P80MHZ:
242 vht_chandef.width = NL80211_CHAN_WIDTH_80P80;
243 vht_chandef.center_freq2 =
244 ieee80211_channel_to_frequency(
245 vht_oper->center_freq_seg2_idx,
246 channel->band);
247 break;
248 default:
249 if (!(ifmgd->flags & IEEE80211_STA_DISABLE_VHT))
250 sdata_info(sdata,
251 "AP VHT operation IE has invalid channel width (%d), disable VHT\n",
252 vht_oper->chan_width);
253 ret = IEEE80211_STA_DISABLE_VHT;
254 goto out;
255 }
256
257 if (!cfg80211_chandef_valid(&vht_chandef)) {
258 if (!(ifmgd->flags & IEEE80211_STA_DISABLE_VHT))
259 sdata_info(sdata,
260 "AP VHT information is invalid, disable VHT\n");
261 ret = IEEE80211_STA_DISABLE_VHT;
262 goto out;
263 }
264
265 if (cfg80211_chandef_identical(chandef, &vht_chandef)) {
266 ret = 0;
267 goto out;
268 }
269
270 if (!cfg80211_chandef_compatible(chandef, &vht_chandef)) {
271 if (!(ifmgd->flags & IEEE80211_STA_DISABLE_VHT))
272 sdata_info(sdata,
273 "AP VHT information doesn't match HT, disable VHT\n");
274 ret = IEEE80211_STA_DISABLE_VHT;
275 goto out;
276 }
277
278 *chandef = vht_chandef;
279
280 ret = 0;
281
282out:
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301 if (tracking &&
302 cfg80211_chandef_identical(chandef, &sdata->vif.bss_conf.chandef))
303 return ret;
304
305
306 if (ret & IEEE80211_STA_DISABLE_VHT)
307 vht_chandef = *chandef;
308
309
310
311
312
313
314
315
316
317 while (!cfg80211_chandef_usable(sdata->local->hw.wiphy, chandef,
318 tracking ? 0 :
319 IEEE80211_CHAN_DISABLED)) {
320 if (WARN_ON(chandef->width == NL80211_CHAN_WIDTH_20_NOHT)) {
321 ret = IEEE80211_STA_DISABLE_HT |
322 IEEE80211_STA_DISABLE_VHT;
323 break;
324 }
325
326 ret |= ieee80211_chandef_downgrade(chandef);
327 }
328
329 if (chandef->width != vht_chandef.width && !tracking)
330 sdata_info(sdata,
331 "capabilities/regulatory prevented using AP HT/VHT configuration, downgraded\n");
332
333 WARN_ON_ONCE(!cfg80211_chandef_valid(chandef));
334 return ret;
335}
336
337static int ieee80211_config_bw(struct ieee80211_sub_if_data *sdata,
338 struct sta_info *sta,
339 const struct ieee80211_ht_cap *ht_cap,
340 const struct ieee80211_ht_operation *ht_oper,
341 const struct ieee80211_vht_operation *vht_oper,
342 const u8 *bssid, u32 *changed)
343{
344 struct ieee80211_local *local = sdata->local;
345 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
346 struct ieee80211_supported_band *sband;
347 struct ieee80211_channel *chan;
348 struct cfg80211_chan_def chandef;
349 u16 ht_opmode;
350 u32 flags;
351 enum ieee80211_sta_rx_bandwidth new_sta_bw;
352 int ret;
353
354
355 if (ifmgd->flags & IEEE80211_STA_DISABLE_HT || !ht_oper)
356 return 0;
357
358
359 if (ifmgd->flags & IEEE80211_STA_DISABLE_VHT)
360 vht_oper = NULL;
361
362 if (WARN_ON_ONCE(!sta))
363 return -EINVAL;
364
365
366
367
368
369 ht_opmode = le16_to_cpu(ht_oper->operation_mode);
370 if (sdata->vif.bss_conf.ht_operation_mode != ht_opmode) {
371 *changed |= BSS_CHANGED_HT;
372 sdata->vif.bss_conf.ht_operation_mode = ht_opmode;
373 }
374
375 chan = sdata->vif.bss_conf.chandef.chan;
376 sband = local->hw.wiphy->bands[chan->band];
377
378
379 flags = ieee80211_determine_chantype(sdata, sband, chan,
380 ht_cap, ht_oper, vht_oper,
381 &chandef, true);
382
383
384
385
386
387
388
389
390 if (ifmgd->flags & IEEE80211_STA_DISABLE_80P80MHZ &&
391 chandef.width == NL80211_CHAN_WIDTH_80P80)
392 flags |= ieee80211_chandef_downgrade(&chandef);
393 if (ifmgd->flags & IEEE80211_STA_DISABLE_160MHZ &&
394 chandef.width == NL80211_CHAN_WIDTH_160)
395 flags |= ieee80211_chandef_downgrade(&chandef);
396 if (ifmgd->flags & IEEE80211_STA_DISABLE_40MHZ &&
397 chandef.width > NL80211_CHAN_WIDTH_20)
398 flags |= ieee80211_chandef_downgrade(&chandef);
399
400 if (cfg80211_chandef_identical(&chandef, &sdata->vif.bss_conf.chandef))
401 return 0;
402
403 sdata_info(sdata,
404 "AP %pM changed bandwidth, new config is %d MHz, width %d (%d/%d MHz)\n",
405 ifmgd->bssid, chandef.chan->center_freq, chandef.width,
406 chandef.center_freq1, chandef.center_freq2);
407
408 if (flags != (ifmgd->flags & (IEEE80211_STA_DISABLE_HT |
409 IEEE80211_STA_DISABLE_VHT |
410 IEEE80211_STA_DISABLE_40MHZ |
411 IEEE80211_STA_DISABLE_80P80MHZ |
412 IEEE80211_STA_DISABLE_160MHZ)) ||
413 !cfg80211_chandef_valid(&chandef)) {
414 sdata_info(sdata,
415 "AP %pM changed bandwidth in a way we can't support - disconnect\n",
416 ifmgd->bssid);
417 return -EINVAL;
418 }
419
420 switch (chandef.width) {
421 case NL80211_CHAN_WIDTH_20_NOHT:
422 case NL80211_CHAN_WIDTH_20:
423 new_sta_bw = IEEE80211_STA_RX_BW_20;
424 break;
425 case NL80211_CHAN_WIDTH_40:
426 new_sta_bw = IEEE80211_STA_RX_BW_40;
427 break;
428 case NL80211_CHAN_WIDTH_80:
429 new_sta_bw = IEEE80211_STA_RX_BW_80;
430 break;
431 case NL80211_CHAN_WIDTH_80P80:
432 case NL80211_CHAN_WIDTH_160:
433 new_sta_bw = IEEE80211_STA_RX_BW_160;
434 break;
435 default:
436 return -EINVAL;
437 }
438
439 if (new_sta_bw > sta->cur_max_bandwidth)
440 new_sta_bw = sta->cur_max_bandwidth;
441
442 if (new_sta_bw < sta->sta.bandwidth) {
443 sta->sta.bandwidth = new_sta_bw;
444 rate_control_rate_update(local, sband, sta,
445 IEEE80211_RC_BW_CHANGED);
446 }
447
448 ret = ieee80211_vif_change_bandwidth(sdata, &chandef, changed);
449 if (ret) {
450 sdata_info(sdata,
451 "AP %pM changed bandwidth to incompatible one - disconnect\n",
452 ifmgd->bssid);
453 return ret;
454 }
455
456 if (new_sta_bw > sta->sta.bandwidth) {
457 sta->sta.bandwidth = new_sta_bw;
458 rate_control_rate_update(local, sband, sta,
459 IEEE80211_RC_BW_CHANGED);
460 }
461
462 return 0;
463}
464
465
466
467static void ieee80211_add_ht_ie(struct ieee80211_sub_if_data *sdata,
468 struct sk_buff *skb, u8 ap_ht_param,
469 struct ieee80211_supported_band *sband,
470 struct ieee80211_channel *channel,
471 enum ieee80211_smps_mode smps)
472{
473 u8 *pos;
474 u32 flags = channel->flags;
475 u16 cap;
476 struct ieee80211_sta_ht_cap ht_cap;
477
478 BUILD_BUG_ON(sizeof(ht_cap) != sizeof(sband->ht_cap));
479
480 memcpy(&ht_cap, &sband->ht_cap, sizeof(ht_cap));
481 ieee80211_apply_htcap_overrides(sdata, &ht_cap);
482
483
484 cap = ht_cap.cap;
485
486 switch (ap_ht_param & IEEE80211_HT_PARAM_CHA_SEC_OFFSET) {
487 case IEEE80211_HT_PARAM_CHA_SEC_ABOVE:
488 if (flags & IEEE80211_CHAN_NO_HT40PLUS) {
489 cap &= ~IEEE80211_HT_CAP_SUP_WIDTH_20_40;
490 cap &= ~IEEE80211_HT_CAP_SGI_40;
491 }
492 break;
493 case IEEE80211_HT_PARAM_CHA_SEC_BELOW:
494 if (flags & IEEE80211_CHAN_NO_HT40MINUS) {
495 cap &= ~IEEE80211_HT_CAP_SUP_WIDTH_20_40;
496 cap &= ~IEEE80211_HT_CAP_SGI_40;
497 }
498 break;
499 }
500
501
502
503
504
505
506 if (sdata->u.mgd.flags & IEEE80211_STA_DISABLE_40MHZ) {
507 cap &= ~IEEE80211_HT_CAP_SUP_WIDTH_20_40;
508 cap &= ~IEEE80211_HT_CAP_SGI_40;
509 }
510
511
512 cap &= ~IEEE80211_HT_CAP_SM_PS;
513 switch (smps) {
514 case IEEE80211_SMPS_AUTOMATIC:
515 case IEEE80211_SMPS_NUM_MODES:
516 WARN_ON(1);
517 case IEEE80211_SMPS_OFF:
518 cap |= WLAN_HT_CAP_SM_PS_DISABLED <<
519 IEEE80211_HT_CAP_SM_PS_SHIFT;
520 break;
521 case IEEE80211_SMPS_STATIC:
522 cap |= WLAN_HT_CAP_SM_PS_STATIC <<
523 IEEE80211_HT_CAP_SM_PS_SHIFT;
524 break;
525 case IEEE80211_SMPS_DYNAMIC:
526 cap |= WLAN_HT_CAP_SM_PS_DYNAMIC <<
527 IEEE80211_HT_CAP_SM_PS_SHIFT;
528 break;
529 }
530
531
532 pos = skb_put(skb, sizeof(struct ieee80211_ht_cap) + 2);
533 ieee80211_ie_build_ht_cap(pos, &ht_cap, cap);
534}
535
536static void ieee80211_add_vht_ie(struct ieee80211_sub_if_data *sdata,
537 struct sk_buff *skb,
538 struct ieee80211_supported_band *sband,
539 struct ieee80211_vht_cap *ap_vht_cap)
540{
541 u8 *pos;
542 u32 cap;
543 struct ieee80211_sta_vht_cap vht_cap;
544 u32 mask, ap_bf_sts, our_bf_sts;
545
546 BUILD_BUG_ON(sizeof(vht_cap) != sizeof(sband->vht_cap));
547
548 memcpy(&vht_cap, &sband->vht_cap, sizeof(vht_cap));
549 ieee80211_apply_vhtcap_overrides(sdata, &vht_cap);
550
551
552 cap = vht_cap.cap;
553
554 if (sdata->u.mgd.flags & IEEE80211_STA_DISABLE_80P80MHZ) {
555 cap &= ~IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ;
556 cap |= IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
557 }
558
559 if (sdata->u.mgd.flags & IEEE80211_STA_DISABLE_160MHZ) {
560 cap &= ~IEEE80211_VHT_CAP_SHORT_GI_160;
561 cap &= ~IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
562 }
563
564
565
566
567
568 if (!(ap_vht_cap->vht_cap_info &
569 cpu_to_le32(IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE)))
570 cap &= ~IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE;
571
572 mask = IEEE80211_VHT_CAP_BEAMFORMEE_STS_MASK;
573
574 ap_bf_sts = le32_to_cpu(ap_vht_cap->vht_cap_info) & mask;
575 our_bf_sts = cap & mask;
576
577 if (ap_bf_sts < our_bf_sts) {
578 cap &= ~mask;
579 cap |= ap_bf_sts;
580 }
581
582
583 pos = skb_put(skb, sizeof(struct ieee80211_vht_cap) + 2);
584 ieee80211_ie_build_vht_cap(pos, &vht_cap, cap);
585}
586
587static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata)
588{
589 struct ieee80211_local *local = sdata->local;
590 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
591 struct ieee80211_mgd_assoc_data *assoc_data = ifmgd->assoc_data;
592 struct sk_buff *skb;
593 struct ieee80211_mgmt *mgmt;
594 u8 *pos, qos_info;
595 size_t offset = 0, noffset;
596 int i, count, rates_len, supp_rates_len, shift;
597 u16 capab;
598 struct ieee80211_supported_band *sband;
599 struct ieee80211_chanctx_conf *chanctx_conf;
600 struct ieee80211_channel *chan;
601 u32 rate_flags, rates = 0;
602
603 sdata_assert_lock(sdata);
604
605 rcu_read_lock();
606 chanctx_conf = rcu_dereference(sdata->vif.chanctx_conf);
607 if (WARN_ON(!chanctx_conf)) {
608 rcu_read_unlock();
609 return;
610 }
611 chan = chanctx_conf->def.chan;
612 rate_flags = ieee80211_chandef_rate_flags(&chanctx_conf->def);
613 rcu_read_unlock();
614 sband = local->hw.wiphy->bands[chan->band];
615 shift = ieee80211_vif_get_shift(&sdata->vif);
616
617 if (assoc_data->supp_rates_len) {
618
619
620
621
622
623
624 rates_len = ieee80211_parse_bitrates(&chanctx_conf->def, sband,
625 assoc_data->supp_rates,
626 assoc_data->supp_rates_len,
627 &rates);
628 } else {
629
630
631
632
633
634 rates_len = 0;
635 for (i = 0; i < sband->n_bitrates; i++) {
636 if ((rate_flags & sband->bitrates[i].flags)
637 != rate_flags)
638 continue;
639 rates |= BIT(i);
640 rates_len++;
641 }
642 }
643
644 skb = alloc_skb(local->hw.extra_tx_headroom +
645 sizeof(*mgmt) +
646 2 + assoc_data->ssid_len +
647 4 + rates_len +
648 4 +
649 2 + 2 * sband->n_channels +
650 2 + sizeof(struct ieee80211_ht_cap) +
651 2 + sizeof(struct ieee80211_vht_cap) +
652 assoc_data->ie_len +
653 9,
654 GFP_KERNEL);
655 if (!skb)
656 return;
657
658 skb_reserve(skb, local->hw.extra_tx_headroom);
659
660 capab = WLAN_CAPABILITY_ESS;
661
662 if (sband->band == IEEE80211_BAND_2GHZ) {
663 if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_SLOT_INCAPABLE))
664 capab |= WLAN_CAPABILITY_SHORT_SLOT_TIME;
665 if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_PREAMBLE_INCAPABLE))
666 capab |= WLAN_CAPABILITY_SHORT_PREAMBLE;
667 }
668
669 if (assoc_data->capability & WLAN_CAPABILITY_PRIVACY)
670 capab |= WLAN_CAPABILITY_PRIVACY;
671
672 if ((assoc_data->capability & WLAN_CAPABILITY_SPECTRUM_MGMT) &&
673 (local->hw.flags & IEEE80211_HW_SPECTRUM_MGMT))
674 capab |= WLAN_CAPABILITY_SPECTRUM_MGMT;
675
676 if (ifmgd->flags & IEEE80211_STA_ENABLE_RRM)
677 capab |= WLAN_CAPABILITY_RADIO_MEASURE;
678
679 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
680 memset(mgmt, 0, 24);
681 memcpy(mgmt->da, assoc_data->bss->bssid, ETH_ALEN);
682 memcpy(mgmt->sa, sdata->vif.addr, ETH_ALEN);
683 memcpy(mgmt->bssid, assoc_data->bss->bssid, ETH_ALEN);
684
685 if (!is_zero_ether_addr(assoc_data->prev_bssid)) {
686 skb_put(skb, 10);
687 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
688 IEEE80211_STYPE_REASSOC_REQ);
689 mgmt->u.reassoc_req.capab_info = cpu_to_le16(capab);
690 mgmt->u.reassoc_req.listen_interval =
691 cpu_to_le16(local->hw.conf.listen_interval);
692 memcpy(mgmt->u.reassoc_req.current_ap, assoc_data->prev_bssid,
693 ETH_ALEN);
694 } else {
695 skb_put(skb, 4);
696 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
697 IEEE80211_STYPE_ASSOC_REQ);
698 mgmt->u.assoc_req.capab_info = cpu_to_le16(capab);
699 mgmt->u.assoc_req.listen_interval =
700 cpu_to_le16(local->hw.conf.listen_interval);
701 }
702
703
704 pos = skb_put(skb, 2 + assoc_data->ssid_len);
705 *pos++ = WLAN_EID_SSID;
706 *pos++ = assoc_data->ssid_len;
707 memcpy(pos, assoc_data->ssid, assoc_data->ssid_len);
708
709
710 supp_rates_len = rates_len;
711 if (supp_rates_len > 8)
712 supp_rates_len = 8;
713
714 pos = skb_put(skb, supp_rates_len + 2);
715 *pos++ = WLAN_EID_SUPP_RATES;
716 *pos++ = supp_rates_len;
717
718 count = 0;
719 for (i = 0; i < sband->n_bitrates; i++) {
720 if (BIT(i) & rates) {
721 int rate = DIV_ROUND_UP(sband->bitrates[i].bitrate,
722 5 * (1 << shift));
723 *pos++ = (u8) rate;
724 if (++count == 8)
725 break;
726 }
727 }
728
729 if (rates_len > count) {
730 pos = skb_put(skb, rates_len - count + 2);
731 *pos++ = WLAN_EID_EXT_SUPP_RATES;
732 *pos++ = rates_len - count;
733
734 for (i++; i < sband->n_bitrates; i++) {
735 if (BIT(i) & rates) {
736 int rate;
737 rate = DIV_ROUND_UP(sband->bitrates[i].bitrate,
738 5 * (1 << shift));
739 *pos++ = (u8) rate;
740 }
741 }
742 }
743
744 if (capab & WLAN_CAPABILITY_SPECTRUM_MGMT ||
745 capab & WLAN_CAPABILITY_RADIO_MEASURE) {
746 pos = skb_put(skb, 4);
747 *pos++ = WLAN_EID_PWR_CAPABILITY;
748 *pos++ = 2;
749 *pos++ = 0;
750
751 *pos++ = ieee80211_chandef_max_power(&chanctx_conf->def);
752 }
753
754 if (capab & WLAN_CAPABILITY_SPECTRUM_MGMT) {
755
756 pos = skb_put(skb, 2 * sband->n_channels + 2);
757 *pos++ = WLAN_EID_SUPPORTED_CHANNELS;
758 *pos++ = 2 * sband->n_channels;
759 for (i = 0; i < sband->n_channels; i++) {
760 *pos++ = ieee80211_frequency_to_channel(
761 sband->channels[i].center_freq);
762 *pos++ = 1;
763 }
764 }
765
766
767 if (assoc_data->ie_len) {
768 static const u8 before_ht[] = {
769 WLAN_EID_SSID,
770 WLAN_EID_SUPP_RATES,
771 WLAN_EID_EXT_SUPP_RATES,
772 WLAN_EID_PWR_CAPABILITY,
773 WLAN_EID_SUPPORTED_CHANNELS,
774 WLAN_EID_RSN,
775 WLAN_EID_QOS_CAPA,
776 WLAN_EID_RRM_ENABLED_CAPABILITIES,
777 WLAN_EID_MOBILITY_DOMAIN,
778 WLAN_EID_SUPPORTED_REGULATORY_CLASSES,
779 };
780 noffset = ieee80211_ie_split(assoc_data->ie, assoc_data->ie_len,
781 before_ht, ARRAY_SIZE(before_ht),
782 offset);
783 pos = skb_put(skb, noffset - offset);
784 memcpy(pos, assoc_data->ie + offset, noffset - offset);
785 offset = noffset;
786 }
787
788 if (WARN_ON_ONCE((ifmgd->flags & IEEE80211_STA_DISABLE_HT) &&
789 !(ifmgd->flags & IEEE80211_STA_DISABLE_VHT)))
790 ifmgd->flags |= IEEE80211_STA_DISABLE_VHT;
791
792 if (!(ifmgd->flags & IEEE80211_STA_DISABLE_HT))
793 ieee80211_add_ht_ie(sdata, skb, assoc_data->ap_ht_param,
794 sband, chan, sdata->smps_mode);
795
796
797 if (assoc_data->ie_len) {
798 static const u8 before_vht[] = {
799 WLAN_EID_SSID,
800 WLAN_EID_SUPP_RATES,
801 WLAN_EID_EXT_SUPP_RATES,
802 WLAN_EID_PWR_CAPABILITY,
803 WLAN_EID_SUPPORTED_CHANNELS,
804 WLAN_EID_RSN,
805 WLAN_EID_QOS_CAPA,
806 WLAN_EID_RRM_ENABLED_CAPABILITIES,
807 WLAN_EID_MOBILITY_DOMAIN,
808 WLAN_EID_SUPPORTED_REGULATORY_CLASSES,
809 WLAN_EID_HT_CAPABILITY,
810 WLAN_EID_BSS_COEX_2040,
811 WLAN_EID_EXT_CAPABILITY,
812 WLAN_EID_QOS_TRAFFIC_CAPA,
813 WLAN_EID_TIM_BCAST_REQ,
814 WLAN_EID_INTERWORKING,
815 };
816 noffset = ieee80211_ie_split(assoc_data->ie, assoc_data->ie_len,
817 before_vht, ARRAY_SIZE(before_vht),
818 offset);
819 pos = skb_put(skb, noffset - offset);
820 memcpy(pos, assoc_data->ie + offset, noffset - offset);
821 offset = noffset;
822 }
823
824 if (!(ifmgd->flags & IEEE80211_STA_DISABLE_VHT))
825 ieee80211_add_vht_ie(sdata, skb, sband,
826 &assoc_data->ap_vht_cap);
827
828
829 if (assoc_data->ie_len) {
830 noffset = ieee80211_ie_split_vendor(assoc_data->ie,
831 assoc_data->ie_len,
832 offset);
833 pos = skb_put(skb, noffset - offset);
834 memcpy(pos, assoc_data->ie + offset, noffset - offset);
835 offset = noffset;
836 }
837
838 if (assoc_data->wmm) {
839 if (assoc_data->uapsd) {
840 qos_info = ifmgd->uapsd_queues;
841 qos_info |= (ifmgd->uapsd_max_sp_len <<
842 IEEE80211_WMM_IE_STA_QOSINFO_SP_SHIFT);
843 } else {
844 qos_info = 0;
845 }
846
847 pos = ieee80211_add_wmm_info_ie(skb_put(skb, 9), qos_info);
848 }
849
850
851 if (assoc_data->ie_len) {
852 noffset = assoc_data->ie_len;
853 pos = skb_put(skb, noffset - offset);
854 memcpy(pos, assoc_data->ie + offset, noffset - offset);
855 }
856
857 drv_mgd_prepare_tx(local, sdata);
858
859 IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT;
860 if (local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS)
861 IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_CTL_REQ_TX_STATUS |
862 IEEE80211_TX_INTFL_MLME_CONN_TX;
863 ieee80211_tx_skb(sdata, skb);
864}
865
866void ieee80211_send_pspoll(struct ieee80211_local *local,
867 struct ieee80211_sub_if_data *sdata)
868{
869 struct ieee80211_pspoll *pspoll;
870 struct sk_buff *skb;
871
872 skb = ieee80211_pspoll_get(&local->hw, &sdata->vif);
873 if (!skb)
874 return;
875
876 pspoll = (struct ieee80211_pspoll *) skb->data;
877 pspoll->frame_control |= cpu_to_le16(IEEE80211_FCTL_PM);
878
879 IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT;
880 ieee80211_tx_skb(sdata, skb);
881}
882
883void ieee80211_send_nullfunc(struct ieee80211_local *local,
884 struct ieee80211_sub_if_data *sdata,
885 int powersave)
886{
887 struct sk_buff *skb;
888 struct ieee80211_hdr_3addr *nullfunc;
889 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
890
891 skb = ieee80211_nullfunc_get(&local->hw, &sdata->vif);
892 if (!skb)
893 return;
894
895 nullfunc = (struct ieee80211_hdr_3addr *) skb->data;
896 if (powersave)
897 nullfunc->frame_control |= cpu_to_le16(IEEE80211_FCTL_PM);
898
899 IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT |
900 IEEE80211_TX_INTFL_OFFCHAN_TX_OK;
901
902 if (local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS)
903 IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_CTL_REQ_TX_STATUS;
904
905 if (ifmgd->flags & IEEE80211_STA_CONNECTION_POLL)
906 IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_CTL_USE_MINRATE;
907
908 ieee80211_tx_skb(sdata, skb);
909}
910
911static void ieee80211_send_4addr_nullfunc(struct ieee80211_local *local,
912 struct ieee80211_sub_if_data *sdata)
913{
914 struct sk_buff *skb;
915 struct ieee80211_hdr *nullfunc;
916 __le16 fc;
917
918 if (WARN_ON(sdata->vif.type != NL80211_IFTYPE_STATION))
919 return;
920
921 skb = dev_alloc_skb(local->hw.extra_tx_headroom + 30);
922 if (!skb)
923 return;
924
925 skb_reserve(skb, local->hw.extra_tx_headroom);
926
927 nullfunc = (struct ieee80211_hdr *) skb_put(skb, 30);
928 memset(nullfunc, 0, 30);
929 fc = cpu_to_le16(IEEE80211_FTYPE_DATA | IEEE80211_STYPE_NULLFUNC |
930 IEEE80211_FCTL_FROMDS | IEEE80211_FCTL_TODS);
931 nullfunc->frame_control = fc;
932 memcpy(nullfunc->addr1, sdata->u.mgd.bssid, ETH_ALEN);
933 memcpy(nullfunc->addr2, sdata->vif.addr, ETH_ALEN);
934 memcpy(nullfunc->addr3, sdata->u.mgd.bssid, ETH_ALEN);
935 memcpy(nullfunc->addr4, sdata->vif.addr, ETH_ALEN);
936
937 IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT;
938 ieee80211_tx_skb(sdata, skb);
939}
940
941
942static void ieee80211_chswitch_work(struct work_struct *work)
943{
944 struct ieee80211_sub_if_data *sdata =
945 container_of(work, struct ieee80211_sub_if_data, u.mgd.chswitch_work);
946 struct ieee80211_local *local = sdata->local;
947 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
948 int ret;
949
950 if (!ieee80211_sdata_running(sdata))
951 return;
952
953 sdata_lock(sdata);
954 mutex_lock(&local->mtx);
955 mutex_lock(&local->chanctx_mtx);
956
957 if (!ifmgd->associated)
958 goto out;
959
960 if (!sdata->vif.csa_active)
961 goto out;
962
963
964
965
966
967
968
969
970 if (sdata->reserved_chanctx) {
971
972
973
974
975
976 if (sdata->reserved_ready)
977 goto out;
978
979 ret = ieee80211_vif_use_reserved_context(sdata);
980 if (ret) {
981 sdata_info(sdata,
982 "failed to use reserved channel context, disconnecting (err=%d)\n",
983 ret);
984 ieee80211_queue_work(&sdata->local->hw,
985 &ifmgd->csa_connection_drop_work);
986 goto out;
987 }
988
989 goto out;
990 }
991
992 if (!cfg80211_chandef_identical(&sdata->vif.bss_conf.chandef,
993 &sdata->csa_chandef)) {
994 sdata_info(sdata,
995 "failed to finalize channel switch, disconnecting\n");
996 ieee80211_queue_work(&sdata->local->hw,
997 &ifmgd->csa_connection_drop_work);
998 goto out;
999 }
1000
1001
1002 ifmgd->associated->channel = sdata->csa_chandef.chan;
1003
1004 sdata->vif.csa_active = false;
1005
1006
1007 if (sdata->csa_block_tx) {
1008 ieee80211_wake_vif_queues(local, sdata,
1009 IEEE80211_QUEUE_STOP_REASON_CSA);
1010 sdata->csa_block_tx = false;
1011 }
1012
1013 ieee80211_sta_reset_beacon_monitor(sdata);
1014 ieee80211_sta_reset_conn_monitor(sdata);
1015
1016out:
1017 mutex_unlock(&local->chanctx_mtx);
1018 mutex_unlock(&local->mtx);
1019 sdata_unlock(sdata);
1020}
1021
1022void ieee80211_chswitch_done(struct ieee80211_vif *vif, bool success)
1023{
1024 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
1025 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1026
1027 trace_api_chswitch_done(sdata, success);
1028 if (!success) {
1029 sdata_info(sdata,
1030 "driver channel switch failed, disconnecting\n");
1031 ieee80211_queue_work(&sdata->local->hw,
1032 &ifmgd->csa_connection_drop_work);
1033 } else {
1034 ieee80211_queue_work(&sdata->local->hw, &ifmgd->chswitch_work);
1035 }
1036}
1037EXPORT_SYMBOL(ieee80211_chswitch_done);
1038
1039static void ieee80211_chswitch_timer(unsigned long data)
1040{
1041 struct ieee80211_sub_if_data *sdata =
1042 (struct ieee80211_sub_if_data *) data;
1043
1044 ieee80211_queue_work(&sdata->local->hw, &sdata->u.mgd.chswitch_work);
1045}
1046
1047static void
1048ieee80211_sta_process_chanswitch(struct ieee80211_sub_if_data *sdata,
1049 u64 timestamp, struct ieee802_11_elems *elems,
1050 bool beacon)
1051{
1052 struct ieee80211_local *local = sdata->local;
1053 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1054 struct cfg80211_bss *cbss = ifmgd->associated;
1055 struct ieee80211_chanctx_conf *conf;
1056 struct ieee80211_chanctx *chanctx;
1057 enum ieee80211_band current_band;
1058 struct ieee80211_csa_ie csa_ie;
1059 int res;
1060
1061 sdata_assert_lock(sdata);
1062
1063 if (!cbss)
1064 return;
1065
1066 if (local->scanning)
1067 return;
1068
1069
1070 if (sdata->vif.csa_active)
1071 return;
1072
1073 current_band = cbss->channel->band;
1074 memset(&csa_ie, 0, sizeof(csa_ie));
1075 res = ieee80211_parse_ch_switch_ie(sdata, elems, current_band,
1076 ifmgd->flags,
1077 ifmgd->associated->bssid, &csa_ie);
1078 if (res < 0)
1079 ieee80211_queue_work(&local->hw,
1080 &ifmgd->csa_connection_drop_work);
1081 if (res)
1082 return;
1083
1084 if (!cfg80211_chandef_usable(local->hw.wiphy, &csa_ie.chandef,
1085 IEEE80211_CHAN_DISABLED)) {
1086 sdata_info(sdata,
1087 "AP %pM switches to unsupported channel (%d MHz, width:%d, CF1/2: %d/%d MHz), disconnecting\n",
1088 ifmgd->associated->bssid,
1089 csa_ie.chandef.chan->center_freq,
1090 csa_ie.chandef.width, csa_ie.chandef.center_freq1,
1091 csa_ie.chandef.center_freq2);
1092 ieee80211_queue_work(&local->hw,
1093 &ifmgd->csa_connection_drop_work);
1094 return;
1095 }
1096
1097 mutex_lock(&local->mtx);
1098 mutex_lock(&local->chanctx_mtx);
1099 conf = rcu_dereference_protected(sdata->vif.chanctx_conf,
1100 lockdep_is_held(&local->chanctx_mtx));
1101 if (!conf) {
1102 sdata_info(sdata,
1103 "no channel context assigned to vif?, disconnecting\n");
1104 ieee80211_queue_work(&local->hw,
1105 &ifmgd->csa_connection_drop_work);
1106 mutex_unlock(&local->chanctx_mtx);
1107 mutex_unlock(&local->mtx);
1108 return;
1109 }
1110
1111 chanctx = container_of(conf, struct ieee80211_chanctx, conf);
1112
1113 if (local->use_chanctx) {
1114 u32 num_chanctx = 0;
1115 list_for_each_entry(chanctx, &local->chanctx_list, list)
1116 num_chanctx++;
1117
1118 if (num_chanctx > 1 ||
1119 !(local->hw.flags & IEEE80211_HW_CHANCTX_STA_CSA)) {
1120 sdata_info(sdata,
1121 "not handling chan-switch with channel contexts\n");
1122 ieee80211_queue_work(&local->hw,
1123 &ifmgd->csa_connection_drop_work);
1124 mutex_unlock(&local->chanctx_mtx);
1125 mutex_unlock(&local->mtx);
1126 return;
1127 }
1128 }
1129
1130 res = ieee80211_vif_reserve_chanctx(sdata, &csa_ie.chandef,
1131 chanctx->mode, false);
1132 if (res) {
1133 sdata_info(sdata,
1134 "failed to reserve channel context for channel switch, disconnecting (err=%d)\n",
1135 res);
1136 ieee80211_queue_work(&local->hw,
1137 &ifmgd->csa_connection_drop_work);
1138 mutex_unlock(&local->chanctx_mtx);
1139 mutex_unlock(&local->mtx);
1140 return;
1141 }
1142 mutex_unlock(&local->chanctx_mtx);
1143
1144 sdata->vif.csa_active = true;
1145 sdata->csa_chandef = csa_ie.chandef;
1146 sdata->csa_block_tx = csa_ie.mode;
1147
1148 if (sdata->csa_block_tx)
1149 ieee80211_stop_vif_queues(local, sdata,
1150 IEEE80211_QUEUE_STOP_REASON_CSA);
1151 mutex_unlock(&local->mtx);
1152
1153 if (local->ops->channel_switch) {
1154
1155 struct ieee80211_channel_switch ch_switch = {
1156 .timestamp = timestamp,
1157 .block_tx = csa_ie.mode,
1158 .chandef = csa_ie.chandef,
1159 .count = csa_ie.count,
1160 };
1161
1162 drv_channel_switch(local, &ch_switch);
1163 return;
1164 }
1165
1166
1167 if (csa_ie.count <= 1)
1168 ieee80211_queue_work(&local->hw, &ifmgd->chswitch_work);
1169 else
1170 mod_timer(&ifmgd->chswitch_timer,
1171 TU_TO_EXP_TIME((csa_ie.count - 1) *
1172 cbss->beacon_interval));
1173}
1174
1175static bool
1176ieee80211_find_80211h_pwr_constr(struct ieee80211_sub_if_data *sdata,
1177 struct ieee80211_channel *channel,
1178 const u8 *country_ie, u8 country_ie_len,
1179 const u8 *pwr_constr_elem,
1180 int *chan_pwr, int *pwr_reduction)
1181{
1182 struct ieee80211_country_ie_triplet *triplet;
1183 int chan = ieee80211_frequency_to_channel(channel->center_freq);
1184 int i, chan_increment;
1185 bool have_chan_pwr = false;
1186
1187
1188 if (country_ie_len % 2 || country_ie_len < IEEE80211_COUNTRY_IE_MIN_LEN)
1189 return false;
1190
1191 triplet = (void *)(country_ie + 3);
1192 country_ie_len -= 3;
1193
1194 switch (channel->band) {
1195 default:
1196 WARN_ON_ONCE(1);
1197
1198 case IEEE80211_BAND_2GHZ:
1199 case IEEE80211_BAND_60GHZ:
1200 chan_increment = 1;
1201 break;
1202 case IEEE80211_BAND_5GHZ:
1203 chan_increment = 4;
1204 break;
1205 }
1206
1207
1208 while (country_ie_len >= 3) {
1209 u8 first_channel = triplet->chans.first_channel;
1210
1211 if (first_channel >= IEEE80211_COUNTRY_EXTENSION_ID)
1212 goto next;
1213
1214 for (i = 0; i < triplet->chans.num_channels; i++) {
1215 if (first_channel + i * chan_increment == chan) {
1216 have_chan_pwr = true;
1217 *chan_pwr = triplet->chans.max_power;
1218 break;
1219 }
1220 }
1221 if (have_chan_pwr)
1222 break;
1223
1224 next:
1225 triplet++;
1226 country_ie_len -= 3;
1227 }
1228
1229 if (have_chan_pwr)
1230 *pwr_reduction = *pwr_constr_elem;
1231 return have_chan_pwr;
1232}
1233
1234static void ieee80211_find_cisco_dtpc(struct ieee80211_sub_if_data *sdata,
1235 struct ieee80211_channel *channel,
1236 const u8 *cisco_dtpc_ie,
1237 int *pwr_level)
1238{
1239
1240
1241
1242
1243
1244
1245 *pwr_level = (__s8)cisco_dtpc_ie[4];
1246}
1247
1248static u32 ieee80211_handle_pwr_constr(struct ieee80211_sub_if_data *sdata,
1249 struct ieee80211_channel *channel,
1250 struct ieee80211_mgmt *mgmt,
1251 const u8 *country_ie, u8 country_ie_len,
1252 const u8 *pwr_constr_ie,
1253 const u8 *cisco_dtpc_ie)
1254{
1255 bool has_80211h_pwr = false, has_cisco_pwr = false;
1256 int chan_pwr = 0, pwr_reduction_80211h = 0;
1257 int pwr_level_cisco, pwr_level_80211h;
1258 int new_ap_level;
1259
1260 if (country_ie && pwr_constr_ie &&
1261 mgmt->u.probe_resp.capab_info &
1262 cpu_to_le16(WLAN_CAPABILITY_SPECTRUM_MGMT)) {
1263 has_80211h_pwr = ieee80211_find_80211h_pwr_constr(
1264 sdata, channel, country_ie, country_ie_len,
1265 pwr_constr_ie, &chan_pwr, &pwr_reduction_80211h);
1266 pwr_level_80211h =
1267 max_t(int, 0, chan_pwr - pwr_reduction_80211h);
1268 }
1269
1270 if (cisco_dtpc_ie) {
1271 ieee80211_find_cisco_dtpc(
1272 sdata, channel, cisco_dtpc_ie, &pwr_level_cisco);
1273 has_cisco_pwr = true;
1274 }
1275
1276 if (!has_80211h_pwr && !has_cisco_pwr)
1277 return 0;
1278
1279
1280
1281
1282 if (has_80211h_pwr &&
1283 (!has_cisco_pwr || pwr_level_80211h <= pwr_level_cisco)) {
1284 sdata_info(sdata,
1285 "Limiting TX power to %d (%d - %d) dBm as advertised by %pM\n",
1286 pwr_level_80211h, chan_pwr, pwr_reduction_80211h,
1287 sdata->u.mgd.bssid);
1288 new_ap_level = pwr_level_80211h;
1289 } else {
1290 sdata_info(sdata,
1291 "Limiting TX power to %d dBm as advertised by %pM\n",
1292 pwr_level_cisco, sdata->u.mgd.bssid);
1293 new_ap_level = pwr_level_cisco;
1294 }
1295
1296 if (sdata->ap_power_level == new_ap_level)
1297 return 0;
1298
1299 sdata->ap_power_level = new_ap_level;
1300 if (__ieee80211_recalc_txpower(sdata))
1301 return BSS_CHANGED_TXPOWER;
1302 return 0;
1303}
1304
1305
1306static void ieee80211_enable_ps(struct ieee80211_local *local,
1307 struct ieee80211_sub_if_data *sdata)
1308{
1309 struct ieee80211_conf *conf = &local->hw.conf;
1310
1311
1312
1313
1314
1315 if (local->scanning)
1316 return;
1317
1318 if (conf->dynamic_ps_timeout > 0 &&
1319 !(local->hw.flags & IEEE80211_HW_SUPPORTS_DYNAMIC_PS)) {
1320 mod_timer(&local->dynamic_ps_timer, jiffies +
1321 msecs_to_jiffies(conf->dynamic_ps_timeout));
1322 } else {
1323 if (local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK)
1324 ieee80211_send_nullfunc(local, sdata, 1);
1325
1326 if ((local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK) &&
1327 (local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS))
1328 return;
1329
1330 conf->flags |= IEEE80211_CONF_PS;
1331 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS);
1332 }
1333}
1334
1335static void ieee80211_change_ps(struct ieee80211_local *local)
1336{
1337 struct ieee80211_conf *conf = &local->hw.conf;
1338
1339 if (local->ps_sdata) {
1340 ieee80211_enable_ps(local, local->ps_sdata);
1341 } else if (conf->flags & IEEE80211_CONF_PS) {
1342 conf->flags &= ~IEEE80211_CONF_PS;
1343 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS);
1344 del_timer_sync(&local->dynamic_ps_timer);
1345 cancel_work_sync(&local->dynamic_ps_enable_work);
1346 }
1347}
1348
1349static bool ieee80211_powersave_allowed(struct ieee80211_sub_if_data *sdata)
1350{
1351 struct ieee80211_if_managed *mgd = &sdata->u.mgd;
1352 struct sta_info *sta = NULL;
1353 bool authorized = false;
1354
1355 if (!mgd->powersave)
1356 return false;
1357
1358 if (mgd->broken_ap)
1359 return false;
1360
1361 if (!mgd->associated)
1362 return false;
1363
1364 if (mgd->flags & IEEE80211_STA_CONNECTION_POLL)
1365 return false;
1366
1367 if (!mgd->have_beacon)
1368 return false;
1369
1370 rcu_read_lock();
1371 sta = sta_info_get(sdata, mgd->bssid);
1372 if (sta)
1373 authorized = test_sta_flag(sta, WLAN_STA_AUTHORIZED);
1374 rcu_read_unlock();
1375
1376 return authorized;
1377}
1378
1379
1380void ieee80211_recalc_ps(struct ieee80211_local *local, s32 latency)
1381{
1382 struct ieee80211_sub_if_data *sdata, *found = NULL;
1383 int count = 0;
1384 int timeout;
1385
1386 if (!(local->hw.flags & IEEE80211_HW_SUPPORTS_PS)) {
1387 local->ps_sdata = NULL;
1388 return;
1389 }
1390
1391 list_for_each_entry(sdata, &local->interfaces, list) {
1392 if (!ieee80211_sdata_running(sdata))
1393 continue;
1394 if (sdata->vif.type == NL80211_IFTYPE_AP) {
1395
1396
1397
1398
1399 count = 0;
1400 break;
1401 }
1402 if (sdata->vif.type != NL80211_IFTYPE_STATION)
1403 continue;
1404 found = sdata;
1405 count++;
1406 }
1407
1408 if (count == 1 && ieee80211_powersave_allowed(found)) {
1409 s32 beaconint_us;
1410
1411 if (latency < 0)
1412 latency = pm_qos_request(PM_QOS_NETWORK_LATENCY);
1413
1414 beaconint_us = ieee80211_tu_to_usec(
1415 found->vif.bss_conf.beacon_int);
1416
1417 timeout = local->dynamic_ps_forced_timeout;
1418 if (timeout < 0) {
1419
1420
1421
1422
1423
1424
1425
1426 if (latency > (1900 * USEC_PER_MSEC) &&
1427 latency != (2000 * USEC_PER_SEC))
1428 timeout = 0;
1429 else
1430 timeout = 100;
1431 }
1432 local->hw.conf.dynamic_ps_timeout = timeout;
1433
1434 if (beaconint_us > latency) {
1435 local->ps_sdata = NULL;
1436 } else {
1437 int maxslp = 1;
1438 u8 dtimper = found->u.mgd.dtim_period;
1439
1440
1441 if (!dtimper)
1442 dtimper = 1;
1443 else if (dtimper > 1)
1444 maxslp = min_t(int, dtimper,
1445 latency / beaconint_us);
1446
1447 local->hw.conf.max_sleep_period = maxslp;
1448 local->hw.conf.ps_dtim_period = dtimper;
1449 local->ps_sdata = found;
1450 }
1451 } else {
1452 local->ps_sdata = NULL;
1453 }
1454
1455 ieee80211_change_ps(local);
1456}
1457
1458void ieee80211_recalc_ps_vif(struct ieee80211_sub_if_data *sdata)
1459{
1460 bool ps_allowed = ieee80211_powersave_allowed(sdata);
1461
1462 if (sdata->vif.bss_conf.ps != ps_allowed) {
1463 sdata->vif.bss_conf.ps = ps_allowed;
1464 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_PS);
1465 }
1466}
1467
1468void ieee80211_dynamic_ps_disable_work(struct work_struct *work)
1469{
1470 struct ieee80211_local *local =
1471 container_of(work, struct ieee80211_local,
1472 dynamic_ps_disable_work);
1473
1474 if (local->hw.conf.flags & IEEE80211_CONF_PS) {
1475 local->hw.conf.flags &= ~IEEE80211_CONF_PS;
1476 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS);
1477 }
1478
1479 ieee80211_wake_queues_by_reason(&local->hw,
1480 IEEE80211_MAX_QUEUE_MAP,
1481 IEEE80211_QUEUE_STOP_REASON_PS,
1482 false);
1483}
1484
1485void ieee80211_dynamic_ps_enable_work(struct work_struct *work)
1486{
1487 struct ieee80211_local *local =
1488 container_of(work, struct ieee80211_local,
1489 dynamic_ps_enable_work);
1490 struct ieee80211_sub_if_data *sdata = local->ps_sdata;
1491 struct ieee80211_if_managed *ifmgd;
1492 unsigned long flags;
1493 int q;
1494
1495
1496 if (!sdata)
1497 return;
1498
1499 ifmgd = &sdata->u.mgd;
1500
1501 if (local->hw.conf.flags & IEEE80211_CONF_PS)
1502 return;
1503
1504 if (local->hw.conf.dynamic_ps_timeout > 0) {
1505
1506 if (drv_tx_frames_pending(local)) {
1507 mod_timer(&local->dynamic_ps_timer, jiffies +
1508 msecs_to_jiffies(
1509 local->hw.conf.dynamic_ps_timeout));
1510 return;
1511 }
1512
1513
1514
1515
1516
1517
1518 spin_lock_irqsave(&local->queue_stop_reason_lock, flags);
1519 for (q = 0; q < local->hw.queues; q++) {
1520 if (local->queue_stop_reasons[q]) {
1521 spin_unlock_irqrestore(&local->queue_stop_reason_lock,
1522 flags);
1523 mod_timer(&local->dynamic_ps_timer, jiffies +
1524 msecs_to_jiffies(
1525 local->hw.conf.dynamic_ps_timeout));
1526 return;
1527 }
1528 }
1529 spin_unlock_irqrestore(&local->queue_stop_reason_lock, flags);
1530 }
1531
1532 if ((local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK) &&
1533 !(ifmgd->flags & IEEE80211_STA_NULLFUNC_ACKED)) {
1534 if (drv_tx_frames_pending(local)) {
1535 mod_timer(&local->dynamic_ps_timer, jiffies +
1536 msecs_to_jiffies(
1537 local->hw.conf.dynamic_ps_timeout));
1538 } else {
1539 ieee80211_send_nullfunc(local, sdata, 1);
1540
1541 ieee80211_flush_queues(local, sdata);
1542 }
1543 }
1544
1545 if (!((local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS) &&
1546 (local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK)) ||
1547 (ifmgd->flags & IEEE80211_STA_NULLFUNC_ACKED)) {
1548 ifmgd->flags &= ~IEEE80211_STA_NULLFUNC_ACKED;
1549 local->hw.conf.flags |= IEEE80211_CONF_PS;
1550 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS);
1551 }
1552}
1553
1554void ieee80211_dynamic_ps_timer(unsigned long data)
1555{
1556 struct ieee80211_local *local = (void *) data;
1557
1558 if (local->quiescing || local->suspended)
1559 return;
1560
1561 ieee80211_queue_work(&local->hw, &local->dynamic_ps_enable_work);
1562}
1563
1564void ieee80211_dfs_cac_timer_work(struct work_struct *work)
1565{
1566 struct delayed_work *delayed_work =
1567 container_of(work, struct delayed_work, work);
1568 struct ieee80211_sub_if_data *sdata =
1569 container_of(delayed_work, struct ieee80211_sub_if_data,
1570 dfs_cac_timer_work);
1571 struct cfg80211_chan_def chandef = sdata->vif.bss_conf.chandef;
1572
1573 mutex_lock(&sdata->local->mtx);
1574 if (sdata->wdev.cac_started) {
1575 ieee80211_vif_release_channel(sdata);
1576 cfg80211_cac_event(sdata->dev, &chandef,
1577 NL80211_RADAR_CAC_FINISHED,
1578 GFP_KERNEL);
1579 }
1580 mutex_unlock(&sdata->local->mtx);
1581}
1582
1583
1584static bool ieee80211_sta_wmm_params(struct ieee80211_local *local,
1585 struct ieee80211_sub_if_data *sdata,
1586 const u8 *wmm_param, size_t wmm_param_len)
1587{
1588 struct ieee80211_tx_queue_params params;
1589 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1590 size_t left;
1591 int count;
1592 const u8 *pos;
1593 u8 uapsd_queues = 0;
1594
1595 if (!local->ops->conf_tx)
1596 return false;
1597
1598 if (local->hw.queues < IEEE80211_NUM_ACS)
1599 return false;
1600
1601 if (!wmm_param)
1602 return false;
1603
1604 if (wmm_param_len < 8 || wmm_param[5] != 1)
1605 return false;
1606
1607 if (ifmgd->flags & IEEE80211_STA_UAPSD_ENABLED)
1608 uapsd_queues = ifmgd->uapsd_queues;
1609
1610 count = wmm_param[6] & 0x0f;
1611 if (count == ifmgd->wmm_last_param_set)
1612 return false;
1613 ifmgd->wmm_last_param_set = count;
1614
1615 pos = wmm_param + 8;
1616 left = wmm_param_len - 8;
1617
1618 memset(¶ms, 0, sizeof(params));
1619
1620 sdata->wmm_acm = 0;
1621 for (; left >= 4; left -= 4, pos += 4) {
1622 int aci = (pos[0] >> 5) & 0x03;
1623 int acm = (pos[0] >> 4) & 0x01;
1624 bool uapsd = false;
1625 int queue;
1626
1627 switch (aci) {
1628 case 1:
1629 queue = 3;
1630 if (acm)
1631 sdata->wmm_acm |= BIT(1) | BIT(2);
1632 if (uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_BK)
1633 uapsd = true;
1634 break;
1635 case 2:
1636 queue = 1;
1637 if (acm)
1638 sdata->wmm_acm |= BIT(4) | BIT(5);
1639 if (uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_VI)
1640 uapsd = true;
1641 break;
1642 case 3:
1643 queue = 0;
1644 if (acm)
1645 sdata->wmm_acm |= BIT(6) | BIT(7);
1646 if (uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_VO)
1647 uapsd = true;
1648 break;
1649 case 0:
1650 default:
1651 queue = 2;
1652 if (acm)
1653 sdata->wmm_acm |= BIT(0) | BIT(3);
1654 if (uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_BE)
1655 uapsd = true;
1656 break;
1657 }
1658
1659 params.aifs = pos[0] & 0x0f;
1660 params.cw_max = ecw2cw((pos[1] & 0xf0) >> 4);
1661 params.cw_min = ecw2cw(pos[1] & 0x0f);
1662 params.txop = get_unaligned_le16(pos + 2);
1663 params.acm = acm;
1664 params.uapsd = uapsd;
1665
1666 mlme_dbg(sdata,
1667 "WMM queue=%d aci=%d acm=%d aifs=%d cWmin=%d cWmax=%d txop=%d uapsd=%d\n",
1668 queue, aci, acm,
1669 params.aifs, params.cw_min, params.cw_max,
1670 params.txop, params.uapsd);
1671 sdata->tx_conf[queue] = params;
1672 if (drv_conf_tx(local, sdata, queue, ¶ms))
1673 sdata_err(sdata,
1674 "failed to set TX queue parameters for queue %d\n",
1675 queue);
1676 }
1677
1678
1679 sdata->vif.bss_conf.qos = true;
1680 return true;
1681}
1682
1683static void __ieee80211_stop_poll(struct ieee80211_sub_if_data *sdata)
1684{
1685 lockdep_assert_held(&sdata->local->mtx);
1686
1687 sdata->u.mgd.flags &= ~IEEE80211_STA_CONNECTION_POLL;
1688 ieee80211_run_deferred_scan(sdata->local);
1689}
1690
1691static void ieee80211_stop_poll(struct ieee80211_sub_if_data *sdata)
1692{
1693 mutex_lock(&sdata->local->mtx);
1694 __ieee80211_stop_poll(sdata);
1695 mutex_unlock(&sdata->local->mtx);
1696}
1697
1698static u32 ieee80211_handle_bss_capability(struct ieee80211_sub_if_data *sdata,
1699 u16 capab, bool erp_valid, u8 erp)
1700{
1701 struct ieee80211_bss_conf *bss_conf = &sdata->vif.bss_conf;
1702 u32 changed = 0;
1703 bool use_protection;
1704 bool use_short_preamble;
1705 bool use_short_slot;
1706
1707 if (erp_valid) {
1708 use_protection = (erp & WLAN_ERP_USE_PROTECTION) != 0;
1709 use_short_preamble = (erp & WLAN_ERP_BARKER_PREAMBLE) == 0;
1710 } else {
1711 use_protection = false;
1712 use_short_preamble = !!(capab & WLAN_CAPABILITY_SHORT_PREAMBLE);
1713 }
1714
1715 use_short_slot = !!(capab & WLAN_CAPABILITY_SHORT_SLOT_TIME);
1716 if (ieee80211_get_sdata_band(sdata) == IEEE80211_BAND_5GHZ)
1717 use_short_slot = true;
1718
1719 if (use_protection != bss_conf->use_cts_prot) {
1720 bss_conf->use_cts_prot = use_protection;
1721 changed |= BSS_CHANGED_ERP_CTS_PROT;
1722 }
1723
1724 if (use_short_preamble != bss_conf->use_short_preamble) {
1725 bss_conf->use_short_preamble = use_short_preamble;
1726 changed |= BSS_CHANGED_ERP_PREAMBLE;
1727 }
1728
1729 if (use_short_slot != bss_conf->use_short_slot) {
1730 bss_conf->use_short_slot = use_short_slot;
1731 changed |= BSS_CHANGED_ERP_SLOT;
1732 }
1733
1734 return changed;
1735}
1736
1737static void ieee80211_set_associated(struct ieee80211_sub_if_data *sdata,
1738 struct cfg80211_bss *cbss,
1739 u32 bss_info_changed)
1740{
1741 struct ieee80211_bss *bss = (void *)cbss->priv;
1742 struct ieee80211_local *local = sdata->local;
1743 struct ieee80211_bss_conf *bss_conf = &sdata->vif.bss_conf;
1744
1745 bss_info_changed |= BSS_CHANGED_ASSOC;
1746 bss_info_changed |= ieee80211_handle_bss_capability(sdata,
1747 bss_conf->assoc_capability, bss->has_erp_value, bss->erp_value);
1748
1749 sdata->u.mgd.beacon_timeout = usecs_to_jiffies(ieee80211_tu_to_usec(
1750 beacon_loss_count * bss_conf->beacon_int));
1751
1752 sdata->u.mgd.associated = cbss;
1753 memcpy(sdata->u.mgd.bssid, cbss->bssid, ETH_ALEN);
1754
1755 sdata->u.mgd.flags |= IEEE80211_STA_RESET_SIGNAL_AVE;
1756
1757 if (sdata->vif.p2p) {
1758 const struct cfg80211_bss_ies *ies;
1759
1760 rcu_read_lock();
1761 ies = rcu_dereference(cbss->ies);
1762 if (ies) {
1763 int ret;
1764
1765 ret = cfg80211_get_p2p_attr(
1766 ies->data, ies->len,
1767 IEEE80211_P2P_ATTR_ABSENCE_NOTICE,
1768 (u8 *) &bss_conf->p2p_noa_attr,
1769 sizeof(bss_conf->p2p_noa_attr));
1770 if (ret >= 2) {
1771 sdata->u.mgd.p2p_noa_index =
1772 bss_conf->p2p_noa_attr.index;
1773 bss_info_changed |= BSS_CHANGED_P2P_PS;
1774 }
1775 }
1776 rcu_read_unlock();
1777 }
1778
1779
1780 ieee80211_stop_poll(sdata);
1781
1782 ieee80211_led_assoc(local, 1);
1783
1784 if (sdata->u.mgd.have_beacon) {
1785
1786
1787
1788
1789
1790
1791 bss_conf->dtim_period = sdata->u.mgd.dtim_period ?: 1;
1792 bss_conf->beacon_rate = bss->beacon_rate;
1793 bss_info_changed |= BSS_CHANGED_BEACON_INFO;
1794 } else {
1795 bss_conf->beacon_rate = NULL;
1796 bss_conf->dtim_period = 0;
1797 }
1798
1799 bss_conf->assoc = 1;
1800
1801
1802 if (sdata->vif.driver_flags & IEEE80211_VIF_SUPPORTS_CQM_RSSI &&
1803 bss_conf->cqm_rssi_thold)
1804 bss_info_changed |= BSS_CHANGED_CQM;
1805
1806
1807 if (bss_conf->arp_addr_cnt)
1808 bss_info_changed |= BSS_CHANGED_ARP_FILTER;
1809
1810 ieee80211_bss_info_change_notify(sdata, bss_info_changed);
1811
1812 mutex_lock(&local->iflist_mtx);
1813 ieee80211_recalc_ps(local, -1);
1814 mutex_unlock(&local->iflist_mtx);
1815
1816 ieee80211_recalc_smps(sdata);
1817 ieee80211_recalc_ps_vif(sdata);
1818
1819 netif_carrier_on(sdata->dev);
1820}
1821
1822static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata,
1823 u16 stype, u16 reason, bool tx,
1824 u8 *frame_buf)
1825{
1826 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1827 struct ieee80211_local *local = sdata->local;
1828 u32 changed = 0;
1829
1830 sdata_assert_lock(sdata);
1831
1832 if (WARN_ON_ONCE(tx && !frame_buf))
1833 return;
1834
1835 if (WARN_ON(!ifmgd->associated))
1836 return;
1837
1838 ieee80211_stop_poll(sdata);
1839
1840 ifmgd->associated = NULL;
1841 netif_carrier_off(sdata->dev);
1842
1843
1844
1845
1846
1847
1848 if (local->hw.conf.flags & IEEE80211_CONF_PS) {
1849 local->hw.conf.flags &= ~IEEE80211_CONF_PS;
1850 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS);
1851 }
1852 local->ps_sdata = NULL;
1853
1854
1855 ieee80211_recalc_ps_vif(sdata);
1856
1857
1858 if (tx)
1859 ieee80211_flush_queues(local, sdata);
1860
1861
1862 if (tx || frame_buf)
1863 ieee80211_send_deauth_disassoc(sdata, ifmgd->bssid, stype,
1864 reason, tx, frame_buf);
1865
1866
1867 if (tx)
1868 ieee80211_flush_queues(local, sdata);
1869
1870
1871 memset(ifmgd->bssid, 0, ETH_ALEN);
1872
1873
1874 sta_info_flush(sdata);
1875
1876
1877 changed |= ieee80211_reset_erp_info(sdata);
1878
1879 ieee80211_led_assoc(local, 0);
1880 changed |= BSS_CHANGED_ASSOC;
1881 sdata->vif.bss_conf.assoc = false;
1882
1883 ifmgd->p2p_noa_index = -1;
1884 memset(&sdata->vif.bss_conf.p2p_noa_attr, 0,
1885 sizeof(sdata->vif.bss_conf.p2p_noa_attr));
1886
1887
1888 memset(&ifmgd->ht_capa, 0, sizeof(ifmgd->ht_capa));
1889 memset(&ifmgd->ht_capa_mask, 0, sizeof(ifmgd->ht_capa_mask));
1890 memset(&ifmgd->vht_capa, 0, sizeof(ifmgd->vht_capa));
1891 memset(&ifmgd->vht_capa_mask, 0, sizeof(ifmgd->vht_capa_mask));
1892
1893 sdata->ap_power_level = IEEE80211_UNSET_POWER_LEVEL;
1894
1895 del_timer_sync(&local->dynamic_ps_timer);
1896 cancel_work_sync(&local->dynamic_ps_enable_work);
1897
1898
1899 if (sdata->vif.bss_conf.arp_addr_cnt)
1900 changed |= BSS_CHANGED_ARP_FILTER;
1901
1902 sdata->vif.bss_conf.qos = false;
1903 changed |= BSS_CHANGED_QOS;
1904
1905
1906 changed |= BSS_CHANGED_BSSID | BSS_CHANGED_HT;
1907 ieee80211_bss_info_change_notify(sdata, changed);
1908
1909
1910 ieee80211_set_wmm_default(sdata, false);
1911
1912 del_timer_sync(&sdata->u.mgd.conn_mon_timer);
1913 del_timer_sync(&sdata->u.mgd.bcn_mon_timer);
1914 del_timer_sync(&sdata->u.mgd.timer);
1915 del_timer_sync(&sdata->u.mgd.chswitch_timer);
1916
1917 sdata->vif.bss_conf.dtim_period = 0;
1918 sdata->vif.bss_conf.beacon_rate = NULL;
1919
1920 ifmgd->have_beacon = false;
1921
1922 ifmgd->flags = 0;
1923 mutex_lock(&local->mtx);
1924 ieee80211_vif_release_channel(sdata);
1925
1926 sdata->vif.csa_active = false;
1927 if (sdata->csa_block_tx) {
1928 ieee80211_wake_vif_queues(local, sdata,
1929 IEEE80211_QUEUE_STOP_REASON_CSA);
1930 sdata->csa_block_tx = false;
1931 }
1932 mutex_unlock(&local->mtx);
1933
1934 sdata->encrypt_headroom = IEEE80211_ENCRYPT_HEADROOM;
1935}
1936
1937void ieee80211_sta_rx_notify(struct ieee80211_sub_if_data *sdata,
1938 struct ieee80211_hdr *hdr)
1939{
1940
1941
1942
1943
1944
1945
1946
1947
1948 if (is_multicast_ether_addr(hdr->addr1))
1949 return;
1950
1951 ieee80211_sta_reset_conn_monitor(sdata);
1952}
1953
1954static void ieee80211_reset_ap_probe(struct ieee80211_sub_if_data *sdata)
1955{
1956 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1957 struct ieee80211_local *local = sdata->local;
1958
1959 mutex_lock(&local->mtx);
1960 if (!(ifmgd->flags & IEEE80211_STA_CONNECTION_POLL))
1961 goto out;
1962
1963 __ieee80211_stop_poll(sdata);
1964
1965 mutex_lock(&local->iflist_mtx);
1966 ieee80211_recalc_ps(local, -1);
1967 mutex_unlock(&local->iflist_mtx);
1968
1969 if (sdata->local->hw.flags & IEEE80211_HW_CONNECTION_MONITOR)
1970 goto out;
1971
1972
1973
1974
1975
1976
1977 ieee80211_sta_reset_beacon_monitor(sdata);
1978
1979 mod_timer(&ifmgd->conn_mon_timer,
1980 round_jiffies_up(jiffies +
1981 IEEE80211_CONNECTION_IDLE_TIME));
1982out:
1983 mutex_unlock(&local->mtx);
1984}
1985
1986void ieee80211_sta_tx_notify(struct ieee80211_sub_if_data *sdata,
1987 struct ieee80211_hdr *hdr, bool ack)
1988{
1989 if (!ieee80211_is_data(hdr->frame_control))
1990 return;
1991
1992 if (ieee80211_is_nullfunc(hdr->frame_control) &&
1993 sdata->u.mgd.probe_send_count > 0) {
1994 if (ack)
1995 ieee80211_sta_reset_conn_monitor(sdata);
1996 else
1997 sdata->u.mgd.nullfunc_failed = true;
1998 ieee80211_queue_work(&sdata->local->hw, &sdata->work);
1999 return;
2000 }
2001
2002 if (ack)
2003 ieee80211_sta_reset_conn_monitor(sdata);
2004}
2005
2006static void ieee80211_mgd_probe_ap_send(struct ieee80211_sub_if_data *sdata)
2007{
2008 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2009 const u8 *ssid;
2010 u8 *dst = ifmgd->associated->bssid;
2011 u8 unicast_limit = max(1, max_probe_tries - 3);
2012
2013
2014
2015
2016
2017
2018 if (ifmgd->probe_send_count >= unicast_limit)
2019 dst = NULL;
2020
2021
2022
2023
2024
2025
2026
2027
2028 ifmgd->probe_send_count++;
2029
2030 if (sdata->local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS) {
2031 ifmgd->nullfunc_failed = false;
2032 ieee80211_send_nullfunc(sdata->local, sdata, 0);
2033 } else {
2034 int ssid_len;
2035
2036 rcu_read_lock();
2037 ssid = ieee80211_bss_get_ie(ifmgd->associated, WLAN_EID_SSID);
2038 if (WARN_ON_ONCE(ssid == NULL))
2039 ssid_len = 0;
2040 else
2041 ssid_len = ssid[1];
2042
2043 ieee80211_send_probe_req(sdata, dst, ssid + 2, ssid_len, NULL,
2044 0, (u32) -1, true, 0,
2045 ifmgd->associated->channel, false);
2046 rcu_read_unlock();
2047 }
2048
2049 ifmgd->probe_timeout = jiffies + msecs_to_jiffies(probe_wait_ms);
2050 run_again(sdata, ifmgd->probe_timeout);
2051 if (sdata->local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS)
2052 ieee80211_flush_queues(sdata->local, sdata);
2053}
2054
2055static void ieee80211_mgd_probe_ap(struct ieee80211_sub_if_data *sdata,
2056 bool beacon)
2057{
2058 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2059 bool already = false;
2060
2061 if (!ieee80211_sdata_running(sdata))
2062 return;
2063
2064 sdata_lock(sdata);
2065
2066 if (!ifmgd->associated)
2067 goto out;
2068
2069 mutex_lock(&sdata->local->mtx);
2070
2071 if (sdata->local->tmp_channel || sdata->local->scanning) {
2072 mutex_unlock(&sdata->local->mtx);
2073 goto out;
2074 }
2075
2076 if (beacon) {
2077 mlme_dbg_ratelimited(sdata,
2078 "detected beacon loss from AP (missed %d beacons) - probing\n",
2079 beacon_loss_count);
2080
2081 ieee80211_cqm_rssi_notify(&sdata->vif,
2082 NL80211_CQM_RSSI_BEACON_LOSS_EVENT,
2083 GFP_KERNEL);
2084 }
2085
2086
2087
2088
2089
2090
2091
2092
2093
2094
2095
2096
2097 if (ifmgd->flags & IEEE80211_STA_CONNECTION_POLL)
2098 already = true;
2099
2100 ifmgd->flags |= IEEE80211_STA_CONNECTION_POLL;
2101
2102 mutex_unlock(&sdata->local->mtx);
2103
2104 if (already)
2105 goto out;
2106
2107 mutex_lock(&sdata->local->iflist_mtx);
2108 ieee80211_recalc_ps(sdata->local, -1);
2109 mutex_unlock(&sdata->local->iflist_mtx);
2110
2111 ifmgd->probe_send_count = 0;
2112 ieee80211_mgd_probe_ap_send(sdata);
2113 out:
2114 sdata_unlock(sdata);
2115}
2116
2117struct sk_buff *ieee80211_ap_probereq_get(struct ieee80211_hw *hw,
2118 struct ieee80211_vif *vif)
2119{
2120 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
2121 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2122 struct cfg80211_bss *cbss;
2123 struct sk_buff *skb;
2124 const u8 *ssid;
2125 int ssid_len;
2126
2127 if (WARN_ON(sdata->vif.type != NL80211_IFTYPE_STATION))
2128 return NULL;
2129
2130 sdata_assert_lock(sdata);
2131
2132 if (ifmgd->associated)
2133 cbss = ifmgd->associated;
2134 else if (ifmgd->auth_data)
2135 cbss = ifmgd->auth_data->bss;
2136 else if (ifmgd->assoc_data)
2137 cbss = ifmgd->assoc_data->bss;
2138 else
2139 return NULL;
2140
2141 rcu_read_lock();
2142 ssid = ieee80211_bss_get_ie(cbss, WLAN_EID_SSID);
2143 if (WARN_ON_ONCE(ssid == NULL))
2144 ssid_len = 0;
2145 else
2146 ssid_len = ssid[1];
2147
2148 skb = ieee80211_build_probe_req(sdata, cbss->bssid,
2149 (u32) -1, cbss->channel,
2150 ssid + 2, ssid_len,
2151 NULL, 0, true);
2152 rcu_read_unlock();
2153
2154 return skb;
2155}
2156EXPORT_SYMBOL(ieee80211_ap_probereq_get);
2157
2158static void __ieee80211_disconnect(struct ieee80211_sub_if_data *sdata)
2159{
2160 struct ieee80211_local *local = sdata->local;
2161 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2162 u8 frame_buf[IEEE80211_DEAUTH_FRAME_LEN];
2163
2164 sdata_lock(sdata);
2165 if (!ifmgd->associated) {
2166 sdata_unlock(sdata);
2167 return;
2168 }
2169
2170 ieee80211_set_disassoc(sdata, IEEE80211_STYPE_DEAUTH,
2171 WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY,
2172 true, frame_buf);
2173 mutex_lock(&local->mtx);
2174 sdata->vif.csa_active = false;
2175 if (sdata->csa_block_tx) {
2176 ieee80211_wake_vif_queues(local, sdata,
2177 IEEE80211_QUEUE_STOP_REASON_CSA);
2178 sdata->csa_block_tx = false;
2179 }
2180 mutex_unlock(&local->mtx);
2181
2182 cfg80211_tx_mlme_mgmt(sdata->dev, frame_buf,
2183 IEEE80211_DEAUTH_FRAME_LEN);
2184 sdata_unlock(sdata);
2185}
2186
2187static void ieee80211_beacon_connection_loss_work(struct work_struct *work)
2188{
2189 struct ieee80211_sub_if_data *sdata =
2190 container_of(work, struct ieee80211_sub_if_data,
2191 u.mgd.beacon_connection_loss_work);
2192 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2193 struct sta_info *sta;
2194
2195 if (ifmgd->associated) {
2196 rcu_read_lock();
2197 sta = sta_info_get(sdata, ifmgd->bssid);
2198 if (sta)
2199 sta->beacon_loss_count++;
2200 rcu_read_unlock();
2201 }
2202
2203 if (ifmgd->connection_loss) {
2204 sdata_info(sdata, "Connection to AP %pM lost\n",
2205 ifmgd->bssid);
2206 __ieee80211_disconnect(sdata);
2207 } else {
2208 ieee80211_mgd_probe_ap(sdata, true);
2209 }
2210}
2211
2212static void ieee80211_csa_connection_drop_work(struct work_struct *work)
2213{
2214 struct ieee80211_sub_if_data *sdata =
2215 container_of(work, struct ieee80211_sub_if_data,
2216 u.mgd.csa_connection_drop_work);
2217
2218 __ieee80211_disconnect(sdata);
2219}
2220
2221void ieee80211_beacon_loss(struct ieee80211_vif *vif)
2222{
2223 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
2224 struct ieee80211_hw *hw = &sdata->local->hw;
2225
2226 trace_api_beacon_loss(sdata);
2227
2228 sdata->u.mgd.connection_loss = false;
2229 ieee80211_queue_work(hw, &sdata->u.mgd.beacon_connection_loss_work);
2230}
2231EXPORT_SYMBOL(ieee80211_beacon_loss);
2232
2233void ieee80211_connection_loss(struct ieee80211_vif *vif)
2234{
2235 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
2236 struct ieee80211_hw *hw = &sdata->local->hw;
2237
2238 trace_api_connection_loss(sdata);
2239
2240 sdata->u.mgd.connection_loss = true;
2241 ieee80211_queue_work(hw, &sdata->u.mgd.beacon_connection_loss_work);
2242}
2243EXPORT_SYMBOL(ieee80211_connection_loss);
2244
2245
2246static void ieee80211_destroy_auth_data(struct ieee80211_sub_if_data *sdata,
2247 bool assoc)
2248{
2249 struct ieee80211_mgd_auth_data *auth_data = sdata->u.mgd.auth_data;
2250
2251 sdata_assert_lock(sdata);
2252
2253 if (!assoc) {
2254 sta_info_destroy_addr(sdata, auth_data->bss->bssid);
2255
2256 memset(sdata->u.mgd.bssid, 0, ETH_ALEN);
2257 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BSSID);
2258 sdata->u.mgd.flags = 0;
2259 mutex_lock(&sdata->local->mtx);
2260 ieee80211_vif_release_channel(sdata);
2261 mutex_unlock(&sdata->local->mtx);
2262 }
2263
2264 cfg80211_put_bss(sdata->local->hw.wiphy, auth_data->bss);
2265 kfree(auth_data);
2266 sdata->u.mgd.auth_data = NULL;
2267}
2268
2269static void ieee80211_auth_challenge(struct ieee80211_sub_if_data *sdata,
2270 struct ieee80211_mgmt *mgmt, size_t len)
2271{
2272 struct ieee80211_local *local = sdata->local;
2273 struct ieee80211_mgd_auth_data *auth_data = sdata->u.mgd.auth_data;
2274 u8 *pos;
2275 struct ieee802_11_elems elems;
2276 u32 tx_flags = 0;
2277
2278 pos = mgmt->u.auth.variable;
2279 ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), false, &elems);
2280 if (!elems.challenge)
2281 return;
2282 auth_data->expected_transaction = 4;
2283 drv_mgd_prepare_tx(sdata->local, sdata);
2284 if (local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS)
2285 tx_flags = IEEE80211_TX_CTL_REQ_TX_STATUS |
2286 IEEE80211_TX_INTFL_MLME_CONN_TX;
2287 ieee80211_send_auth(sdata, 3, auth_data->algorithm, 0,
2288 elems.challenge - 2, elems.challenge_len + 2,
2289 auth_data->bss->bssid, auth_data->bss->bssid,
2290 auth_data->key, auth_data->key_len,
2291 auth_data->key_idx, tx_flags);
2292}
2293
2294static void ieee80211_rx_mgmt_auth(struct ieee80211_sub_if_data *sdata,
2295 struct ieee80211_mgmt *mgmt, size_t len)
2296{
2297 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2298 u8 bssid[ETH_ALEN];
2299 u16 auth_alg, auth_transaction, status_code;
2300 struct sta_info *sta;
2301
2302 sdata_assert_lock(sdata);
2303
2304 if (len < 24 + 6)
2305 return;
2306
2307 if (!ifmgd->auth_data || ifmgd->auth_data->done)
2308 return;
2309
2310 memcpy(bssid, ifmgd->auth_data->bss->bssid, ETH_ALEN);
2311
2312 if (!ether_addr_equal(bssid, mgmt->bssid))
2313 return;
2314
2315 auth_alg = le16_to_cpu(mgmt->u.auth.auth_alg);
2316 auth_transaction = le16_to_cpu(mgmt->u.auth.auth_transaction);
2317 status_code = le16_to_cpu(mgmt->u.auth.status_code);
2318
2319 if (auth_alg != ifmgd->auth_data->algorithm ||
2320 auth_transaction != ifmgd->auth_data->expected_transaction) {
2321 sdata_info(sdata, "%pM unexpected authentication state: alg %d (expected %d) transact %d (expected %d)\n",
2322 mgmt->sa, auth_alg, ifmgd->auth_data->algorithm,
2323 auth_transaction,
2324 ifmgd->auth_data->expected_transaction);
2325 return;
2326 }
2327
2328 if (status_code != WLAN_STATUS_SUCCESS) {
2329 sdata_info(sdata, "%pM denied authentication (status %d)\n",
2330 mgmt->sa, status_code);
2331 ieee80211_destroy_auth_data(sdata, false);
2332 cfg80211_rx_mlme_mgmt(sdata->dev, (u8 *)mgmt, len);
2333 return;
2334 }
2335
2336 switch (ifmgd->auth_data->algorithm) {
2337 case WLAN_AUTH_OPEN:
2338 case WLAN_AUTH_LEAP:
2339 case WLAN_AUTH_FT:
2340 case WLAN_AUTH_SAE:
2341 break;
2342 case WLAN_AUTH_SHARED_KEY:
2343 if (ifmgd->auth_data->expected_transaction != 4) {
2344 ieee80211_auth_challenge(sdata, mgmt, len);
2345
2346 return;
2347 }
2348 break;
2349 default:
2350 WARN_ONCE(1, "invalid auth alg %d",
2351 ifmgd->auth_data->algorithm);
2352 return;
2353 }
2354
2355 sdata_info(sdata, "authenticated\n");
2356 ifmgd->auth_data->done = true;
2357 ifmgd->auth_data->timeout = jiffies + IEEE80211_AUTH_WAIT_ASSOC;
2358 ifmgd->auth_data->timeout_started = true;
2359 run_again(sdata, ifmgd->auth_data->timeout);
2360
2361 if (ifmgd->auth_data->algorithm == WLAN_AUTH_SAE &&
2362 ifmgd->auth_data->expected_transaction != 2) {
2363
2364
2365
2366
2367 cfg80211_rx_mlme_mgmt(sdata->dev, (u8 *)mgmt, len);
2368 return;
2369 }
2370
2371
2372 mutex_lock(&sdata->local->sta_mtx);
2373 sta = sta_info_get(sdata, bssid);
2374 if (!sta) {
2375 WARN_ONCE(1, "%s: STA %pM not found", sdata->name, bssid);
2376 goto out_err;
2377 }
2378 if (sta_info_move_state(sta, IEEE80211_STA_AUTH)) {
2379 sdata_info(sdata, "failed moving %pM to auth\n", bssid);
2380 goto out_err;
2381 }
2382 mutex_unlock(&sdata->local->sta_mtx);
2383
2384 cfg80211_rx_mlme_mgmt(sdata->dev, (u8 *)mgmt, len);
2385 return;
2386 out_err:
2387 mutex_unlock(&sdata->local->sta_mtx);
2388
2389}
2390
2391#define case_WLAN(type) \
2392 case WLAN_REASON_##type: return #type
2393
2394static const char *ieee80211_get_reason_code_string(u16 reason_code)
2395{
2396 switch (reason_code) {
2397 case_WLAN(UNSPECIFIED);
2398 case_WLAN(PREV_AUTH_NOT_VALID);
2399 case_WLAN(DEAUTH_LEAVING);
2400 case_WLAN(DISASSOC_DUE_TO_INACTIVITY);
2401 case_WLAN(DISASSOC_AP_BUSY);
2402 case_WLAN(CLASS2_FRAME_FROM_NONAUTH_STA);
2403 case_WLAN(CLASS3_FRAME_FROM_NONASSOC_STA);
2404 case_WLAN(DISASSOC_STA_HAS_LEFT);
2405 case_WLAN(STA_REQ_ASSOC_WITHOUT_AUTH);
2406 case_WLAN(DISASSOC_BAD_POWER);
2407 case_WLAN(DISASSOC_BAD_SUPP_CHAN);
2408 case_WLAN(INVALID_IE);
2409 case_WLAN(MIC_FAILURE);
2410 case_WLAN(4WAY_HANDSHAKE_TIMEOUT);
2411 case_WLAN(GROUP_KEY_HANDSHAKE_TIMEOUT);
2412 case_WLAN(IE_DIFFERENT);
2413 case_WLAN(INVALID_GROUP_CIPHER);
2414 case_WLAN(INVALID_PAIRWISE_CIPHER);
2415 case_WLAN(INVALID_AKMP);
2416 case_WLAN(UNSUPP_RSN_VERSION);
2417 case_WLAN(INVALID_RSN_IE_CAP);
2418 case_WLAN(IEEE8021X_FAILED);
2419 case_WLAN(CIPHER_SUITE_REJECTED);
2420 case_WLAN(DISASSOC_UNSPECIFIED_QOS);
2421 case_WLAN(DISASSOC_QAP_NO_BANDWIDTH);
2422 case_WLAN(DISASSOC_LOW_ACK);
2423 case_WLAN(DISASSOC_QAP_EXCEED_TXOP);
2424 case_WLAN(QSTA_LEAVE_QBSS);
2425 case_WLAN(QSTA_NOT_USE);
2426 case_WLAN(QSTA_REQUIRE_SETUP);
2427 case_WLAN(QSTA_TIMEOUT);
2428 case_WLAN(QSTA_CIPHER_NOT_SUPP);
2429 case_WLAN(MESH_PEER_CANCELED);
2430 case_WLAN(MESH_MAX_PEERS);
2431 case_WLAN(MESH_CONFIG);
2432 case_WLAN(MESH_CLOSE);
2433 case_WLAN(MESH_MAX_RETRIES);
2434 case_WLAN(MESH_CONFIRM_TIMEOUT);
2435 case_WLAN(MESH_INVALID_GTK);
2436 case_WLAN(MESH_INCONSISTENT_PARAM);
2437 case_WLAN(MESH_INVALID_SECURITY);
2438 case_WLAN(MESH_PATH_ERROR);
2439 case_WLAN(MESH_PATH_NOFORWARD);
2440 case_WLAN(MESH_PATH_DEST_UNREACHABLE);
2441 case_WLAN(MAC_EXISTS_IN_MBSS);
2442 case_WLAN(MESH_CHAN_REGULATORY);
2443 case_WLAN(MESH_CHAN);
2444 default: return "<unknown>";
2445 }
2446}
2447
2448static void ieee80211_rx_mgmt_deauth(struct ieee80211_sub_if_data *sdata,
2449 struct ieee80211_mgmt *mgmt, size_t len)
2450{
2451 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2452 const u8 *bssid = NULL;
2453 u16 reason_code;
2454
2455 sdata_assert_lock(sdata);
2456
2457 if (len < 24 + 2)
2458 return;
2459
2460 if (!ifmgd->associated ||
2461 !ether_addr_equal(mgmt->bssid, ifmgd->associated->bssid))
2462 return;
2463
2464 bssid = ifmgd->associated->bssid;
2465
2466 reason_code = le16_to_cpu(mgmt->u.deauth.reason_code);
2467
2468 sdata_info(sdata, "deauthenticated from %pM (Reason: %u=%s)\n",
2469 bssid, reason_code, ieee80211_get_reason_code_string(reason_code));
2470
2471 ieee80211_set_disassoc(sdata, 0, 0, false, NULL);
2472
2473 cfg80211_rx_mlme_mgmt(sdata->dev, (u8 *)mgmt, len);
2474}
2475
2476
2477static void ieee80211_rx_mgmt_disassoc(struct ieee80211_sub_if_data *sdata,
2478 struct ieee80211_mgmt *mgmt, size_t len)
2479{
2480 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2481 u16 reason_code;
2482
2483 sdata_assert_lock(sdata);
2484
2485 if (len < 24 + 2)
2486 return;
2487
2488 if (!ifmgd->associated ||
2489 !ether_addr_equal(mgmt->bssid, ifmgd->associated->bssid))
2490 return;
2491
2492 reason_code = le16_to_cpu(mgmt->u.disassoc.reason_code);
2493
2494 sdata_info(sdata, "disassociated from %pM (Reason: %u)\n",
2495 mgmt->sa, reason_code);
2496
2497 ieee80211_set_disassoc(sdata, 0, 0, false, NULL);
2498
2499 cfg80211_rx_mlme_mgmt(sdata->dev, (u8 *)mgmt, len);
2500}
2501
2502static void ieee80211_get_rates(struct ieee80211_supported_band *sband,
2503 u8 *supp_rates, unsigned int supp_rates_len,
2504 u32 *rates, u32 *basic_rates,
2505 bool *have_higher_than_11mbit,
2506 int *min_rate, int *min_rate_index,
2507 int shift, u32 rate_flags)
2508{
2509 int i, j;
2510
2511 for (i = 0; i < supp_rates_len; i++) {
2512 int rate = supp_rates[i] & 0x7f;
2513 bool is_basic = !!(supp_rates[i] & 0x80);
2514
2515 if ((rate * 5 * (1 << shift)) > 110)
2516 *have_higher_than_11mbit = true;
2517
2518
2519
2520
2521
2522
2523
2524
2525
2526 if (!!(supp_rates[i] & 0x80) &&
2527 (supp_rates[i] & 0x7f) == BSS_MEMBERSHIP_SELECTOR_HT_PHY)
2528 continue;
2529
2530 for (j = 0; j < sband->n_bitrates; j++) {
2531 struct ieee80211_rate *br;
2532 int brate;
2533
2534 br = &sband->bitrates[j];
2535 if ((rate_flags & br->flags) != rate_flags)
2536 continue;
2537
2538 brate = DIV_ROUND_UP(br->bitrate, (1 << shift) * 5);
2539 if (brate == rate) {
2540 *rates |= BIT(j);
2541 if (is_basic)
2542 *basic_rates |= BIT(j);
2543 if ((rate * 5) < *min_rate) {
2544 *min_rate = rate * 5;
2545 *min_rate_index = j;
2546 }
2547 break;
2548 }
2549 }
2550 }
2551}
2552
2553static void ieee80211_destroy_assoc_data(struct ieee80211_sub_if_data *sdata,
2554 bool assoc)
2555{
2556 struct ieee80211_mgd_assoc_data *assoc_data = sdata->u.mgd.assoc_data;
2557
2558 sdata_assert_lock(sdata);
2559
2560 if (!assoc) {
2561 sta_info_destroy_addr(sdata, assoc_data->bss->bssid);
2562
2563 memset(sdata->u.mgd.bssid, 0, ETH_ALEN);
2564 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BSSID);
2565 sdata->u.mgd.flags = 0;
2566 mutex_lock(&sdata->local->mtx);
2567 ieee80211_vif_release_channel(sdata);
2568 mutex_unlock(&sdata->local->mtx);
2569 }
2570
2571 kfree(assoc_data);
2572 sdata->u.mgd.assoc_data = NULL;
2573}
2574
2575static bool ieee80211_assoc_success(struct ieee80211_sub_if_data *sdata,
2576 struct cfg80211_bss *cbss,
2577 struct ieee80211_mgmt *mgmt, size_t len)
2578{
2579 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2580 struct ieee80211_local *local = sdata->local;
2581 struct ieee80211_supported_band *sband;
2582 struct sta_info *sta;
2583 u8 *pos;
2584 u16 capab_info, aid;
2585 struct ieee802_11_elems elems;
2586 struct ieee80211_bss_conf *bss_conf = &sdata->vif.bss_conf;
2587 const struct cfg80211_bss_ies *bss_ies = NULL;
2588 struct ieee80211_mgd_assoc_data *assoc_data = ifmgd->assoc_data;
2589 u32 changed = 0;
2590 int err;
2591 bool ret;
2592
2593
2594
2595 aid = le16_to_cpu(mgmt->u.assoc_resp.aid);
2596 capab_info = le16_to_cpu(mgmt->u.assoc_resp.capab_info);
2597
2598 if ((aid & (BIT(15) | BIT(14))) != (BIT(15) | BIT(14)))
2599 sdata_info(sdata, "invalid AID value 0x%x; bits 15:14 not set\n",
2600 aid);
2601 aid &= ~(BIT(15) | BIT(14));
2602
2603 ifmgd->broken_ap = false;
2604
2605 if (aid == 0 || aid > IEEE80211_MAX_AID) {
2606 sdata_info(sdata, "invalid AID value %d (out of range), turn off PS\n",
2607 aid);
2608 aid = 0;
2609 ifmgd->broken_ap = true;
2610 }
2611
2612 pos = mgmt->u.assoc_resp.variable;
2613 ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), false, &elems);
2614
2615 if (!elems.supp_rates) {
2616 sdata_info(sdata, "no SuppRates element in AssocResp\n");
2617 return false;
2618 }
2619
2620 ifmgd->aid = aid;
2621
2622
2623
2624
2625
2626
2627
2628
2629 if ((assoc_data->wmm && !elems.wmm_param) ||
2630 (!(ifmgd->flags & IEEE80211_STA_DISABLE_HT) &&
2631 (!elems.ht_cap_elem || !elems.ht_operation)) ||
2632 (!(ifmgd->flags & IEEE80211_STA_DISABLE_VHT) &&
2633 (!elems.vht_cap_elem || !elems.vht_operation))) {
2634 const struct cfg80211_bss_ies *ies;
2635 struct ieee802_11_elems bss_elems;
2636
2637 rcu_read_lock();
2638 ies = rcu_dereference(cbss->ies);
2639 if (ies)
2640 bss_ies = kmemdup(ies, sizeof(*ies) + ies->len,
2641 GFP_ATOMIC);
2642 rcu_read_unlock();
2643 if (!bss_ies)
2644 return false;
2645
2646 ieee802_11_parse_elems(bss_ies->data, bss_ies->len,
2647 false, &bss_elems);
2648 if (assoc_data->wmm &&
2649 !elems.wmm_param && bss_elems.wmm_param) {
2650 elems.wmm_param = bss_elems.wmm_param;
2651 sdata_info(sdata,
2652 "AP bug: WMM param missing from AssocResp\n");
2653 }
2654
2655
2656
2657
2658
2659 if (!elems.ht_cap_elem && bss_elems.ht_cap_elem &&
2660 !(ifmgd->flags & IEEE80211_STA_DISABLE_HT)) {
2661 elems.ht_cap_elem = bss_elems.ht_cap_elem;
2662 sdata_info(sdata,
2663 "AP bug: HT capability missing from AssocResp\n");
2664 }
2665 if (!elems.ht_operation && bss_elems.ht_operation &&
2666 !(ifmgd->flags & IEEE80211_STA_DISABLE_HT)) {
2667 elems.ht_operation = bss_elems.ht_operation;
2668 sdata_info(sdata,
2669 "AP bug: HT operation missing from AssocResp\n");
2670 }
2671 if (!elems.vht_cap_elem && bss_elems.vht_cap_elem &&
2672 !(ifmgd->flags & IEEE80211_STA_DISABLE_VHT)) {
2673 elems.vht_cap_elem = bss_elems.vht_cap_elem;
2674 sdata_info(sdata,
2675 "AP bug: VHT capa missing from AssocResp\n");
2676 }
2677 if (!elems.vht_operation && bss_elems.vht_operation &&
2678 !(ifmgd->flags & IEEE80211_STA_DISABLE_VHT)) {
2679 elems.vht_operation = bss_elems.vht_operation;
2680 sdata_info(sdata,
2681 "AP bug: VHT operation missing from AssocResp\n");
2682 }
2683 }
2684
2685
2686
2687
2688
2689 if (!(ifmgd->flags & IEEE80211_STA_DISABLE_HT) &&
2690 (!elems.wmm_param || !elems.ht_cap_elem || !elems.ht_operation)) {
2691 sdata_info(sdata,
2692 "HT AP is missing WMM params or HT capability/operation\n");
2693 ret = false;
2694 goto out;
2695 }
2696
2697 if (!(ifmgd->flags & IEEE80211_STA_DISABLE_VHT) &&
2698 (!elems.vht_cap_elem || !elems.vht_operation)) {
2699 sdata_info(sdata,
2700 "VHT AP is missing VHT capability/operation\n");
2701 ret = false;
2702 goto out;
2703 }
2704
2705 mutex_lock(&sdata->local->sta_mtx);
2706
2707
2708
2709
2710 sta = sta_info_get(sdata, cbss->bssid);
2711 if (WARN_ON(!sta)) {
2712 mutex_unlock(&sdata->local->sta_mtx);
2713 ret = false;
2714 goto out;
2715 }
2716
2717 sband = local->hw.wiphy->bands[ieee80211_get_sdata_band(sdata)];
2718
2719
2720 if (elems.ht_cap_elem && !(ifmgd->flags & IEEE80211_STA_DISABLE_HT))
2721 ieee80211_ht_cap_ie_to_sta_ht_cap(sdata, sband,
2722 elems.ht_cap_elem, sta);
2723
2724 if (elems.vht_cap_elem && !(ifmgd->flags & IEEE80211_STA_DISABLE_VHT))
2725 ieee80211_vht_cap_ie_to_sta_vht_cap(sdata, sband,
2726 elems.vht_cap_elem, sta);
2727
2728
2729
2730
2731
2732
2733
2734
2735
2736
2737
2738
2739
2740 if (elems.opmode_notif &&
2741 !(*elems.opmode_notif & IEEE80211_OPMODE_NOTIF_RX_NSS_TYPE_BF)) {
2742 u8 nss;
2743
2744 nss = *elems.opmode_notif & IEEE80211_OPMODE_NOTIF_RX_NSS_MASK;
2745 nss >>= IEEE80211_OPMODE_NOTIF_RX_NSS_SHIFT;
2746 nss += 1;
2747 sta->sta.rx_nss = nss;
2748 }
2749
2750 rate_control_rate_init(sta);
2751
2752 if (ifmgd->flags & IEEE80211_STA_MFP_ENABLED)
2753 set_sta_flag(sta, WLAN_STA_MFP);
2754
2755 sta->sta.wme = elems.wmm_param;
2756
2757 err = sta_info_move_state(sta, IEEE80211_STA_ASSOC);
2758 if (!err && !(ifmgd->flags & IEEE80211_STA_CONTROL_PORT))
2759 err = sta_info_move_state(sta, IEEE80211_STA_AUTHORIZED);
2760 if (err) {
2761 sdata_info(sdata,
2762 "failed to move station %pM to desired state\n",
2763 sta->sta.addr);
2764 WARN_ON(__sta_info_destroy(sta));
2765 mutex_unlock(&sdata->local->sta_mtx);
2766 ret = false;
2767 goto out;
2768 }
2769
2770 mutex_unlock(&sdata->local->sta_mtx);
2771
2772
2773
2774
2775
2776
2777
2778 ifmgd->wmm_last_param_set = -1;
2779
2780 if (!(ifmgd->flags & IEEE80211_STA_DISABLE_WMM) && elems.wmm_param)
2781 ieee80211_sta_wmm_params(local, sdata, elems.wmm_param,
2782 elems.wmm_param_len);
2783 else
2784 ieee80211_set_wmm_default(sdata, false);
2785 changed |= BSS_CHANGED_QOS;
2786
2787
2788
2789 bss_conf->aid = aid;
2790 bss_conf->assoc_capability = capab_info;
2791 ieee80211_set_associated(sdata, cbss, changed);
2792
2793
2794
2795
2796
2797 if (ifmgd->use_4addr)
2798 ieee80211_send_4addr_nullfunc(local, sdata);
2799
2800
2801
2802
2803
2804 ieee80211_sta_rx_notify(sdata, (struct ieee80211_hdr *)mgmt);
2805 ieee80211_sta_reset_beacon_monitor(sdata);
2806
2807 ret = true;
2808 out:
2809 kfree(bss_ies);
2810 return ret;
2811}
2812
2813static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
2814 struct ieee80211_mgmt *mgmt,
2815 size_t len)
2816{
2817 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2818 struct ieee80211_mgd_assoc_data *assoc_data = ifmgd->assoc_data;
2819 u16 capab_info, status_code, aid;
2820 struct ieee802_11_elems elems;
2821 int ac, uapsd_queues = -1;
2822 u8 *pos;
2823 bool reassoc;
2824 struct cfg80211_bss *bss;
2825
2826 sdata_assert_lock(sdata);
2827
2828 if (!assoc_data)
2829 return;
2830 if (!ether_addr_equal(assoc_data->bss->bssid, mgmt->bssid))
2831 return;
2832
2833
2834
2835
2836
2837
2838 if (len < 24 + 6)
2839 return;
2840
2841 reassoc = ieee80211_is_reassoc_req(mgmt->frame_control);
2842 capab_info = le16_to_cpu(mgmt->u.assoc_resp.capab_info);
2843 status_code = le16_to_cpu(mgmt->u.assoc_resp.status_code);
2844 aid = le16_to_cpu(mgmt->u.assoc_resp.aid);
2845
2846 sdata_info(sdata,
2847 "RX %sssocResp from %pM (capab=0x%x status=%d aid=%d)\n",
2848 reassoc ? "Rea" : "A", mgmt->sa,
2849 capab_info, status_code, (u16)(aid & ~(BIT(15) | BIT(14))));
2850
2851 pos = mgmt->u.assoc_resp.variable;
2852 ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), false, &elems);
2853
2854 if (status_code == WLAN_STATUS_ASSOC_REJECTED_TEMPORARILY &&
2855 elems.timeout_int &&
2856 elems.timeout_int->type == WLAN_TIMEOUT_ASSOC_COMEBACK) {
2857 u32 tu, ms;
2858 tu = le32_to_cpu(elems.timeout_int->value);
2859 ms = tu * 1024 / 1000;
2860 sdata_info(sdata,
2861 "%pM rejected association temporarily; comeback duration %u TU (%u ms)\n",
2862 mgmt->sa, tu, ms);
2863 assoc_data->timeout = jiffies + msecs_to_jiffies(ms);
2864 assoc_data->timeout_started = true;
2865 if (ms > IEEE80211_ASSOC_TIMEOUT)
2866 run_again(sdata, assoc_data->timeout);
2867 return;
2868 }
2869
2870 bss = assoc_data->bss;
2871
2872 if (status_code != WLAN_STATUS_SUCCESS) {
2873 sdata_info(sdata, "%pM denied association (code=%d)\n",
2874 mgmt->sa, status_code);
2875 ieee80211_destroy_assoc_data(sdata, false);
2876 } else {
2877 if (!ieee80211_assoc_success(sdata, bss, mgmt, len)) {
2878
2879 ieee80211_destroy_assoc_data(sdata, false);
2880 cfg80211_assoc_timeout(sdata->dev, bss);
2881 return;
2882 }
2883 sdata_info(sdata, "associated\n");
2884
2885
2886
2887
2888
2889
2890 ieee80211_destroy_assoc_data(sdata, true);
2891
2892
2893 uapsd_queues = 0;
2894 for (ac = 0; ac < IEEE80211_NUM_ACS; ac++)
2895 if (sdata->tx_conf[ac].uapsd)
2896 uapsd_queues |= BIT(ac);
2897 }
2898
2899 cfg80211_rx_assoc_resp(sdata->dev, bss, (u8 *)mgmt, len, uapsd_queues);
2900}
2901
2902static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata,
2903 struct ieee80211_mgmt *mgmt, size_t len,
2904 struct ieee80211_rx_status *rx_status,
2905 struct ieee802_11_elems *elems)
2906{
2907 struct ieee80211_local *local = sdata->local;
2908 struct ieee80211_bss *bss;
2909 struct ieee80211_channel *channel;
2910
2911 sdata_assert_lock(sdata);
2912
2913 channel = ieee80211_get_channel(local->hw.wiphy, rx_status->freq);
2914 if (!channel)
2915 return;
2916
2917 bss = ieee80211_bss_info_update(local, rx_status, mgmt, len, elems,
2918 channel);
2919 if (bss) {
2920 sdata->vif.bss_conf.beacon_rate = bss->beacon_rate;
2921 ieee80211_rx_bss_put(local, bss);
2922 }
2923}
2924
2925
2926static void ieee80211_rx_mgmt_probe_resp(struct ieee80211_sub_if_data *sdata,
2927 struct sk_buff *skb)
2928{
2929 struct ieee80211_mgmt *mgmt = (void *)skb->data;
2930 struct ieee80211_if_managed *ifmgd;
2931 struct ieee80211_rx_status *rx_status = (void *) skb->cb;
2932 size_t baselen, len = skb->len;
2933 struct ieee802_11_elems elems;
2934
2935 ifmgd = &sdata->u.mgd;
2936
2937 sdata_assert_lock(sdata);
2938
2939 if (!ether_addr_equal(mgmt->da, sdata->vif.addr))
2940 return;
2941
2942 baselen = (u8 *) mgmt->u.probe_resp.variable - (u8 *) mgmt;
2943 if (baselen > len)
2944 return;
2945
2946 ieee802_11_parse_elems(mgmt->u.probe_resp.variable, len - baselen,
2947 false, &elems);
2948
2949 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems);
2950
2951 if (ifmgd->associated &&
2952 ether_addr_equal(mgmt->bssid, ifmgd->associated->bssid))
2953 ieee80211_reset_ap_probe(sdata);
2954
2955 if (ifmgd->auth_data && !ifmgd->auth_data->bss->proberesp_ies &&
2956 ether_addr_equal(mgmt->bssid, ifmgd->auth_data->bss->bssid)) {
2957
2958 sdata_info(sdata, "direct probe responded\n");
2959 ifmgd->auth_data->tries = 0;
2960 ifmgd->auth_data->timeout = jiffies;
2961 ifmgd->auth_data->timeout_started = true;
2962 run_again(sdata, ifmgd->auth_data->timeout);
2963 }
2964}
2965
2966
2967
2968
2969
2970
2971
2972
2973
2974
2975
2976
2977
2978
2979
2980
2981static const u64 care_about_ies =
2982 (1ULL << WLAN_EID_COUNTRY) |
2983 (1ULL << WLAN_EID_ERP_INFO) |
2984 (1ULL << WLAN_EID_CHANNEL_SWITCH) |
2985 (1ULL << WLAN_EID_PWR_CONSTRAINT) |
2986 (1ULL << WLAN_EID_HT_CAPABILITY) |
2987 (1ULL << WLAN_EID_HT_OPERATION);
2988
2989static void ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata,
2990 struct ieee80211_mgmt *mgmt, size_t len,
2991 struct ieee80211_rx_status *rx_status)
2992{
2993 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2994 struct ieee80211_bss_conf *bss_conf = &sdata->vif.bss_conf;
2995 size_t baselen;
2996 struct ieee802_11_elems elems;
2997 struct ieee80211_local *local = sdata->local;
2998 struct ieee80211_chanctx_conf *chanctx_conf;
2999 struct ieee80211_channel *chan;
3000 struct sta_info *sta;
3001 u32 changed = 0;
3002 bool erp_valid;
3003 u8 erp_value = 0;
3004 u32 ncrc;
3005 u8 *bssid;
3006 u8 deauth_buf[IEEE80211_DEAUTH_FRAME_LEN];
3007
3008 sdata_assert_lock(sdata);
3009
3010
3011 baselen = (u8 *) mgmt->u.beacon.variable - (u8 *) mgmt;
3012 if (baselen > len)
3013 return;
3014
3015 rcu_read_lock();
3016 chanctx_conf = rcu_dereference(sdata->vif.chanctx_conf);
3017 if (!chanctx_conf) {
3018 rcu_read_unlock();
3019 return;
3020 }
3021
3022 if (rx_status->freq != chanctx_conf->def.chan->center_freq) {
3023 rcu_read_unlock();
3024 return;
3025 }
3026 chan = chanctx_conf->def.chan;
3027 rcu_read_unlock();
3028
3029 if (ifmgd->assoc_data && ifmgd->assoc_data->need_beacon &&
3030 ether_addr_equal(mgmt->bssid, ifmgd->assoc_data->bss->bssid)) {
3031 ieee802_11_parse_elems(mgmt->u.beacon.variable,
3032 len - baselen, false, &elems);
3033
3034 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems);
3035 if (elems.tim && !elems.parse_error) {
3036 const struct ieee80211_tim_ie *tim_ie = elems.tim;
3037 ifmgd->dtim_period = tim_ie->dtim_period;
3038 }
3039 ifmgd->have_beacon = true;
3040 ifmgd->assoc_data->need_beacon = false;
3041 if (local->hw.flags & IEEE80211_HW_TIMING_BEACON_ONLY) {
3042 sdata->vif.bss_conf.sync_tsf =
3043 le64_to_cpu(mgmt->u.beacon.timestamp);
3044 sdata->vif.bss_conf.sync_device_ts =
3045 rx_status->device_timestamp;
3046 if (elems.tim)
3047 sdata->vif.bss_conf.sync_dtim_count =
3048 elems.tim->dtim_count;
3049 else
3050 sdata->vif.bss_conf.sync_dtim_count = 0;
3051 }
3052
3053 ifmgd->assoc_data->timeout = jiffies;
3054 ifmgd->assoc_data->timeout_started = true;
3055 run_again(sdata, ifmgd->assoc_data->timeout);
3056 return;
3057 }
3058
3059 if (!ifmgd->associated ||
3060 !ether_addr_equal(mgmt->bssid, ifmgd->associated->bssid))
3061 return;
3062 bssid = ifmgd->associated->bssid;
3063
3064
3065 ifmgd->last_beacon_signal = rx_status->signal;
3066 if (ifmgd->flags & IEEE80211_STA_RESET_SIGNAL_AVE) {
3067 ifmgd->flags &= ~IEEE80211_STA_RESET_SIGNAL_AVE;
3068 ifmgd->ave_beacon_signal = rx_status->signal * 16;
3069 ifmgd->last_cqm_event_signal = 0;
3070 ifmgd->count_beacon_signal = 1;
3071 ifmgd->last_ave_beacon_signal = 0;
3072 } else {
3073 ifmgd->ave_beacon_signal =
3074 (IEEE80211_SIGNAL_AVE_WEIGHT * rx_status->signal * 16 +
3075 (16 - IEEE80211_SIGNAL_AVE_WEIGHT) *
3076 ifmgd->ave_beacon_signal) / 16;
3077 ifmgd->count_beacon_signal++;
3078 }
3079
3080 if (ifmgd->rssi_min_thold != ifmgd->rssi_max_thold &&
3081 ifmgd->count_beacon_signal >= IEEE80211_SIGNAL_AVE_MIN_COUNT) {
3082 int sig = ifmgd->ave_beacon_signal;
3083 int last_sig = ifmgd->last_ave_beacon_signal;
3084
3085
3086
3087
3088
3089 if (sig > ifmgd->rssi_max_thold &&
3090 (last_sig <= ifmgd->rssi_min_thold || last_sig == 0)) {
3091 ifmgd->last_ave_beacon_signal = sig;
3092 drv_rssi_callback(local, sdata, RSSI_EVENT_HIGH);
3093 } else if (sig < ifmgd->rssi_min_thold &&
3094 (last_sig >= ifmgd->rssi_max_thold ||
3095 last_sig == 0)) {
3096 ifmgd->last_ave_beacon_signal = sig;
3097 drv_rssi_callback(local, sdata, RSSI_EVENT_LOW);
3098 }
3099 }
3100
3101 if (bss_conf->cqm_rssi_thold &&
3102 ifmgd->count_beacon_signal >= IEEE80211_SIGNAL_AVE_MIN_COUNT &&
3103 !(sdata->vif.driver_flags & IEEE80211_VIF_SUPPORTS_CQM_RSSI)) {
3104 int sig = ifmgd->ave_beacon_signal / 16;
3105 int last_event = ifmgd->last_cqm_event_signal;
3106 int thold = bss_conf->cqm_rssi_thold;
3107 int hyst = bss_conf->cqm_rssi_hyst;
3108 if (sig < thold &&
3109 (last_event == 0 || sig < last_event - hyst)) {
3110 ifmgd->last_cqm_event_signal = sig;
3111 ieee80211_cqm_rssi_notify(
3112 &sdata->vif,
3113 NL80211_CQM_RSSI_THRESHOLD_EVENT_LOW,
3114 GFP_KERNEL);
3115 } else if (sig > thold &&
3116 (last_event == 0 || sig > last_event + hyst)) {
3117 ifmgd->last_cqm_event_signal = sig;
3118 ieee80211_cqm_rssi_notify(
3119 &sdata->vif,
3120 NL80211_CQM_RSSI_THRESHOLD_EVENT_HIGH,
3121 GFP_KERNEL);
3122 }
3123 }
3124
3125 if (ifmgd->flags & IEEE80211_STA_CONNECTION_POLL) {
3126 mlme_dbg_ratelimited(sdata,
3127 "cancelling AP probe due to a received beacon\n");
3128 ieee80211_reset_ap_probe(sdata);
3129 }
3130
3131
3132
3133
3134
3135 ieee80211_sta_reset_beacon_monitor(sdata);
3136
3137 ncrc = crc32_be(0, (void *)&mgmt->u.beacon.beacon_int, 4);
3138 ncrc = ieee802_11_parse_elems_crc(mgmt->u.beacon.variable,
3139 len - baselen, false, &elems,
3140 care_about_ies, ncrc);
3141
3142 if (local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK) {
3143 bool directed_tim = ieee80211_check_tim(elems.tim,
3144 elems.tim_len,
3145 ifmgd->aid);
3146 if (directed_tim) {
3147 if (local->hw.conf.dynamic_ps_timeout > 0) {
3148 if (local->hw.conf.flags & IEEE80211_CONF_PS) {
3149 local->hw.conf.flags &= ~IEEE80211_CONF_PS;
3150 ieee80211_hw_config(local,
3151 IEEE80211_CONF_CHANGE_PS);
3152 }
3153 ieee80211_send_nullfunc(local, sdata, 0);
3154 } else if (!local->pspolling && sdata->u.mgd.powersave) {
3155 local->pspolling = true;
3156
3157
3158
3159
3160
3161
3162
3163
3164
3165 ieee80211_send_pspoll(local, sdata);
3166 }
3167 }
3168 }
3169
3170 if (sdata->vif.p2p) {
3171 struct ieee80211_p2p_noa_attr noa = {};
3172 int ret;
3173
3174 ret = cfg80211_get_p2p_attr(mgmt->u.beacon.variable,
3175 len - baselen,
3176 IEEE80211_P2P_ATTR_ABSENCE_NOTICE,
3177 (u8 *) &noa, sizeof(noa));
3178 if (ret >= 2) {
3179 if (sdata->u.mgd.p2p_noa_index != noa.index) {
3180
3181 sdata->u.mgd.p2p_noa_index = noa.index;
3182 memcpy(&bss_conf->p2p_noa_attr, &noa, sizeof(noa));
3183 changed |= BSS_CHANGED_P2P_PS;
3184
3185
3186
3187
3188 ifmgd->beacon_crc_valid = false;
3189 }
3190 } else if (sdata->u.mgd.p2p_noa_index != -1) {
3191
3192 sdata->u.mgd.p2p_noa_index = -1;
3193 memset(&bss_conf->p2p_noa_attr, 0, sizeof(bss_conf->p2p_noa_attr));
3194 changed |= BSS_CHANGED_P2P_PS;
3195 ifmgd->beacon_crc_valid = false;
3196 }
3197 }
3198
3199 if (ncrc == ifmgd->beacon_crc && ifmgd->beacon_crc_valid)
3200 return;
3201 ifmgd->beacon_crc = ncrc;
3202 ifmgd->beacon_crc_valid = true;
3203
3204 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems);
3205
3206 ieee80211_sta_process_chanswitch(sdata, rx_status->mactime,
3207 &elems, true);
3208
3209 if (!(ifmgd->flags & IEEE80211_STA_DISABLE_WMM) &&
3210 ieee80211_sta_wmm_params(local, sdata, elems.wmm_param,
3211 elems.wmm_param_len))
3212 changed |= BSS_CHANGED_QOS;
3213
3214
3215
3216
3217
3218 if (!ifmgd->have_beacon) {
3219
3220 if (elems.tim)
3221 bss_conf->dtim_period = elems.tim->dtim_period ?: 1;
3222 else
3223 bss_conf->dtim_period = 1;
3224
3225 if (local->hw.flags & IEEE80211_HW_TIMING_BEACON_ONLY) {
3226 sdata->vif.bss_conf.sync_tsf =
3227 le64_to_cpu(mgmt->u.beacon.timestamp);
3228 sdata->vif.bss_conf.sync_device_ts =
3229 rx_status->device_timestamp;
3230 if (elems.tim)
3231 sdata->vif.bss_conf.sync_dtim_count =
3232 elems.tim->dtim_count;
3233 else
3234 sdata->vif.bss_conf.sync_dtim_count = 0;
3235 }
3236
3237 changed |= BSS_CHANGED_BEACON_INFO;
3238 ifmgd->have_beacon = true;
3239
3240 mutex_lock(&local->iflist_mtx);
3241 ieee80211_recalc_ps(local, -1);
3242 mutex_unlock(&local->iflist_mtx);
3243
3244 ieee80211_recalc_ps_vif(sdata);
3245 }
3246
3247 if (elems.erp_info) {
3248 erp_valid = true;
3249 erp_value = elems.erp_info[0];
3250 } else {
3251 erp_valid = false;
3252 }
3253 changed |= ieee80211_handle_bss_capability(sdata,
3254 le16_to_cpu(mgmt->u.beacon.capab_info),
3255 erp_valid, erp_value);
3256
3257 mutex_lock(&local->sta_mtx);
3258 sta = sta_info_get(sdata, bssid);
3259
3260 if (ieee80211_config_bw(sdata, sta,
3261 elems.ht_cap_elem, elems.ht_operation,
3262 elems.vht_operation, bssid, &changed)) {
3263 mutex_unlock(&local->sta_mtx);
3264 ieee80211_set_disassoc(sdata, IEEE80211_STYPE_DEAUTH,
3265 WLAN_REASON_DEAUTH_LEAVING,
3266 true, deauth_buf);
3267 cfg80211_tx_mlme_mgmt(sdata->dev, deauth_buf,
3268 sizeof(deauth_buf));
3269 return;
3270 }
3271
3272 if (sta && elems.opmode_notif)
3273 ieee80211_vht_handle_opmode(sdata, sta, *elems.opmode_notif,
3274 rx_status->band, true);
3275 mutex_unlock(&local->sta_mtx);
3276
3277 changed |= ieee80211_handle_pwr_constr(sdata, chan, mgmt,
3278 elems.country_elem,
3279 elems.country_elem_len,
3280 elems.pwr_constr_elem,
3281 elems.cisco_dtpc_elem);
3282
3283 ieee80211_bss_info_change_notify(sdata, changed);
3284}
3285
3286void ieee80211_sta_rx_queued_mgmt(struct ieee80211_sub_if_data *sdata,
3287 struct sk_buff *skb)
3288{
3289 struct ieee80211_rx_status *rx_status;
3290 struct ieee80211_mgmt *mgmt;
3291 u16 fc;
3292 struct ieee802_11_elems elems;
3293 int ies_len;
3294
3295 rx_status = (struct ieee80211_rx_status *) skb->cb;
3296 mgmt = (struct ieee80211_mgmt *) skb->data;
3297 fc = le16_to_cpu(mgmt->frame_control);
3298
3299 sdata_lock(sdata);
3300
3301 switch (fc & IEEE80211_FCTL_STYPE) {
3302 case IEEE80211_STYPE_BEACON:
3303 ieee80211_rx_mgmt_beacon(sdata, mgmt, skb->len, rx_status);
3304 break;
3305 case IEEE80211_STYPE_PROBE_RESP:
3306 ieee80211_rx_mgmt_probe_resp(sdata, skb);
3307 break;
3308 case IEEE80211_STYPE_AUTH:
3309 ieee80211_rx_mgmt_auth(sdata, mgmt, skb->len);
3310 break;
3311 case IEEE80211_STYPE_DEAUTH:
3312 ieee80211_rx_mgmt_deauth(sdata, mgmt, skb->len);
3313 break;
3314 case IEEE80211_STYPE_DISASSOC:
3315 ieee80211_rx_mgmt_disassoc(sdata, mgmt, skb->len);
3316 break;
3317 case IEEE80211_STYPE_ASSOC_RESP:
3318 case IEEE80211_STYPE_REASSOC_RESP:
3319 ieee80211_rx_mgmt_assoc_resp(sdata, mgmt, skb->len);
3320 break;
3321 case IEEE80211_STYPE_ACTION:
3322 if (mgmt->u.action.category == WLAN_CATEGORY_SPECTRUM_MGMT) {
3323 ies_len = skb->len -
3324 offsetof(struct ieee80211_mgmt,
3325 u.action.u.chan_switch.variable);
3326
3327 if (ies_len < 0)
3328 break;
3329
3330 ieee802_11_parse_elems(
3331 mgmt->u.action.u.chan_switch.variable,
3332 ies_len, true, &elems);
3333
3334 if (elems.parse_error)
3335 break;
3336
3337 ieee80211_sta_process_chanswitch(sdata,
3338 rx_status->mactime,
3339 &elems, false);
3340 } else if (mgmt->u.action.category == WLAN_CATEGORY_PUBLIC) {
3341 ies_len = skb->len -
3342 offsetof(struct ieee80211_mgmt,
3343 u.action.u.ext_chan_switch.variable);
3344
3345 if (ies_len < 0)
3346 break;
3347
3348 ieee802_11_parse_elems(
3349 mgmt->u.action.u.ext_chan_switch.variable,
3350 ies_len, true, &elems);
3351
3352 if (elems.parse_error)
3353 break;
3354
3355
3356 elems.ext_chansw_ie =
3357 &mgmt->u.action.u.ext_chan_switch.data;
3358
3359 ieee80211_sta_process_chanswitch(sdata,
3360 rx_status->mactime,
3361 &elems, false);
3362 }
3363 break;
3364 }
3365 sdata_unlock(sdata);
3366}
3367
3368static void ieee80211_sta_timer(unsigned long data)
3369{
3370 struct ieee80211_sub_if_data *sdata =
3371 (struct ieee80211_sub_if_data *) data;
3372
3373 ieee80211_queue_work(&sdata->local->hw, &sdata->work);
3374}
3375
3376static void ieee80211_sta_connection_lost(struct ieee80211_sub_if_data *sdata,
3377 u8 *bssid, u8 reason, bool tx)
3378{
3379 u8 frame_buf[IEEE80211_DEAUTH_FRAME_LEN];
3380
3381 ieee80211_set_disassoc(sdata, IEEE80211_STYPE_DEAUTH, reason,
3382 tx, frame_buf);
3383
3384 cfg80211_tx_mlme_mgmt(sdata->dev, frame_buf,
3385 IEEE80211_DEAUTH_FRAME_LEN);
3386}
3387
3388static int ieee80211_probe_auth(struct ieee80211_sub_if_data *sdata)
3389{
3390 struct ieee80211_local *local = sdata->local;
3391 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
3392 struct ieee80211_mgd_auth_data *auth_data = ifmgd->auth_data;
3393 u32 tx_flags = 0;
3394
3395 sdata_assert_lock(sdata);
3396
3397 if (WARN_ON_ONCE(!auth_data))
3398 return -EINVAL;
3399
3400 auth_data->tries++;
3401
3402 if (auth_data->tries > IEEE80211_AUTH_MAX_TRIES) {
3403 sdata_info(sdata, "authentication with %pM timed out\n",
3404 auth_data->bss->bssid);
3405
3406
3407
3408
3409
3410 cfg80211_unlink_bss(local->hw.wiphy, auth_data->bss);
3411
3412 return -ETIMEDOUT;
3413 }
3414
3415 drv_mgd_prepare_tx(local, sdata);
3416
3417 if (auth_data->bss->proberesp_ies) {
3418 u16 trans = 1;
3419 u16 status = 0;
3420
3421 sdata_info(sdata, "send auth to %pM (try %d/%d)\n",
3422 auth_data->bss->bssid, auth_data->tries,
3423 IEEE80211_AUTH_MAX_TRIES);
3424
3425 auth_data->expected_transaction = 2;
3426
3427 if (auth_data->algorithm == WLAN_AUTH_SAE) {
3428 trans = auth_data->sae_trans;
3429 status = auth_data->sae_status;
3430 auth_data->expected_transaction = trans;
3431 }
3432
3433 if (local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS)
3434 tx_flags = IEEE80211_TX_CTL_REQ_TX_STATUS |
3435 IEEE80211_TX_INTFL_MLME_CONN_TX;
3436
3437 ieee80211_send_auth(sdata, trans, auth_data->algorithm, status,
3438 auth_data->data, auth_data->data_len,
3439 auth_data->bss->bssid,
3440 auth_data->bss->bssid, NULL, 0, 0,
3441 tx_flags);
3442 } else {
3443 const u8 *ssidie;
3444
3445 sdata_info(sdata, "direct probe to %pM (try %d/%i)\n",
3446 auth_data->bss->bssid, auth_data->tries,
3447 IEEE80211_AUTH_MAX_TRIES);
3448
3449 rcu_read_lock();
3450 ssidie = ieee80211_bss_get_ie(auth_data->bss, WLAN_EID_SSID);
3451 if (!ssidie) {
3452 rcu_read_unlock();
3453 return -EINVAL;
3454 }
3455
3456
3457
3458
3459 ieee80211_send_probe_req(sdata, NULL, ssidie + 2, ssidie[1],
3460 NULL, 0, (u32) -1, true, 0,
3461 auth_data->bss->channel, false);
3462 rcu_read_unlock();
3463 }
3464
3465 if (tx_flags == 0) {
3466 auth_data->timeout = jiffies + IEEE80211_AUTH_TIMEOUT;
3467 auth_data->timeout_started = true;
3468 run_again(sdata, auth_data->timeout);
3469 } else {
3470 auth_data->timeout =
3471 round_jiffies_up(jiffies + IEEE80211_AUTH_TIMEOUT_LONG);
3472 auth_data->timeout_started = true;
3473 run_again(sdata, auth_data->timeout);
3474 }
3475
3476 return 0;
3477}
3478
3479static int ieee80211_do_assoc(struct ieee80211_sub_if_data *sdata)
3480{
3481 struct ieee80211_mgd_assoc_data *assoc_data = sdata->u.mgd.assoc_data;
3482 struct ieee80211_local *local = sdata->local;
3483
3484 sdata_assert_lock(sdata);
3485
3486 assoc_data->tries++;
3487 if (assoc_data->tries > IEEE80211_ASSOC_MAX_TRIES) {
3488 sdata_info(sdata, "association with %pM timed out\n",
3489 assoc_data->bss->bssid);
3490
3491
3492
3493
3494
3495 cfg80211_unlink_bss(local->hw.wiphy, assoc_data->bss);
3496
3497 return -ETIMEDOUT;
3498 }
3499
3500 sdata_info(sdata, "associate with %pM (try %d/%d)\n",
3501 assoc_data->bss->bssid, assoc_data->tries,
3502 IEEE80211_ASSOC_MAX_TRIES);
3503 ieee80211_send_assoc(sdata);
3504
3505 if (!(local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS)) {
3506 assoc_data->timeout = jiffies + IEEE80211_ASSOC_TIMEOUT;
3507 assoc_data->timeout_started = true;
3508 run_again(sdata, assoc_data->timeout);
3509 } else {
3510 assoc_data->timeout =
3511 round_jiffies_up(jiffies +
3512 IEEE80211_ASSOC_TIMEOUT_LONG);
3513 assoc_data->timeout_started = true;
3514 run_again(sdata, assoc_data->timeout);
3515 }
3516
3517 return 0;
3518}
3519
3520void ieee80211_mgd_conn_tx_status(struct ieee80211_sub_if_data *sdata,
3521 __le16 fc, bool acked)
3522{
3523 struct ieee80211_local *local = sdata->local;
3524
3525 sdata->u.mgd.status_fc = fc;
3526 sdata->u.mgd.status_acked = acked;
3527 sdata->u.mgd.status_received = true;
3528
3529 ieee80211_queue_work(&local->hw, &sdata->work);
3530}
3531
3532void ieee80211_sta_work(struct ieee80211_sub_if_data *sdata)
3533{
3534 struct ieee80211_local *local = sdata->local;
3535 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
3536
3537 sdata_lock(sdata);
3538
3539 if (ifmgd->status_received) {
3540 __le16 fc = ifmgd->status_fc;
3541 bool status_acked = ifmgd->status_acked;
3542
3543 ifmgd->status_received = false;
3544 if (ifmgd->auth_data &&
3545 (ieee80211_is_probe_req(fc) || ieee80211_is_auth(fc))) {
3546 if (status_acked) {
3547 ifmgd->auth_data->timeout =
3548 jiffies + IEEE80211_AUTH_TIMEOUT_SHORT;
3549 run_again(sdata, ifmgd->auth_data->timeout);
3550 } else {
3551 ifmgd->auth_data->timeout = jiffies - 1;
3552 }
3553 ifmgd->auth_data->timeout_started = true;
3554 } else if (ifmgd->assoc_data &&
3555 (ieee80211_is_assoc_req(fc) ||
3556 ieee80211_is_reassoc_req(fc))) {
3557 if (status_acked) {
3558 ifmgd->assoc_data->timeout =
3559 jiffies + IEEE80211_ASSOC_TIMEOUT_SHORT;
3560 run_again(sdata, ifmgd->assoc_data->timeout);
3561 } else {
3562 ifmgd->assoc_data->timeout = jiffies - 1;
3563 }
3564 ifmgd->assoc_data->timeout_started = true;
3565 }
3566 }
3567
3568 if (ifmgd->auth_data && ifmgd->auth_data->timeout_started &&
3569 time_after(jiffies, ifmgd->auth_data->timeout)) {
3570 if (ifmgd->auth_data->done) {
3571
3572
3573
3574
3575 ieee80211_destroy_auth_data(sdata, false);
3576 } else if (ieee80211_probe_auth(sdata)) {
3577 u8 bssid[ETH_ALEN];
3578
3579 memcpy(bssid, ifmgd->auth_data->bss->bssid, ETH_ALEN);
3580
3581 ieee80211_destroy_auth_data(sdata, false);
3582
3583 cfg80211_auth_timeout(sdata->dev, bssid);
3584 }
3585 } else if (ifmgd->auth_data && ifmgd->auth_data->timeout_started)
3586 run_again(sdata, ifmgd->auth_data->timeout);
3587
3588 if (ifmgd->assoc_data && ifmgd->assoc_data->timeout_started &&
3589 time_after(jiffies, ifmgd->assoc_data->timeout)) {
3590 if ((ifmgd->assoc_data->need_beacon && !ifmgd->have_beacon) ||
3591 ieee80211_do_assoc(sdata)) {
3592 struct cfg80211_bss *bss = ifmgd->assoc_data->bss;
3593
3594 ieee80211_destroy_assoc_data(sdata, false);
3595 cfg80211_assoc_timeout(sdata->dev, bss);
3596 }
3597 } else if (ifmgd->assoc_data && ifmgd->assoc_data->timeout_started)
3598 run_again(sdata, ifmgd->assoc_data->timeout);
3599
3600 if (ifmgd->flags & IEEE80211_STA_CONNECTION_POLL &&
3601 ifmgd->associated) {
3602 u8 bssid[ETH_ALEN];
3603 int max_tries;
3604
3605 memcpy(bssid, ifmgd->associated->bssid, ETH_ALEN);
3606
3607 if (local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS)
3608 max_tries = max_nullfunc_tries;
3609 else
3610 max_tries = max_probe_tries;
3611
3612
3613 if (!ifmgd->probe_send_count)
3614 ieee80211_reset_ap_probe(sdata);
3615 else if (ifmgd->nullfunc_failed) {
3616 if (ifmgd->probe_send_count < max_tries) {
3617 mlme_dbg(sdata,
3618 "No ack for nullfunc frame to AP %pM, try %d/%i\n",
3619 bssid, ifmgd->probe_send_count,
3620 max_tries);
3621 ieee80211_mgd_probe_ap_send(sdata);
3622 } else {
3623 mlme_dbg(sdata,
3624 "No ack for nullfunc frame to AP %pM, disconnecting.\n",
3625 bssid);
3626 ieee80211_sta_connection_lost(sdata, bssid,
3627 WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY,
3628 false);
3629 }
3630 } else if (time_is_after_jiffies(ifmgd->probe_timeout))
3631 run_again(sdata, ifmgd->probe_timeout);
3632 else if (local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS) {
3633 mlme_dbg(sdata,
3634 "Failed to send nullfunc to AP %pM after %dms, disconnecting\n",
3635 bssid, probe_wait_ms);
3636 ieee80211_sta_connection_lost(sdata, bssid,
3637 WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY, false);
3638 } else if (ifmgd->probe_send_count < max_tries) {
3639 mlme_dbg(sdata,
3640 "No probe response from AP %pM after %dms, try %d/%i\n",
3641 bssid, probe_wait_ms,
3642 ifmgd->probe_send_count, max_tries);
3643 ieee80211_mgd_probe_ap_send(sdata);
3644 } else {
3645
3646
3647
3648
3649 wiphy_debug(local->hw.wiphy,
3650 "%s: No probe response from AP %pM"
3651 " after %dms, disconnecting.\n",
3652 sdata->name,
3653 bssid, probe_wait_ms);
3654
3655 ieee80211_sta_connection_lost(sdata, bssid,
3656 WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY, false);
3657 }
3658 }
3659
3660 sdata_unlock(sdata);
3661}
3662
3663static void ieee80211_sta_bcn_mon_timer(unsigned long data)
3664{
3665 struct ieee80211_sub_if_data *sdata =
3666 (struct ieee80211_sub_if_data *) data;
3667 struct ieee80211_local *local = sdata->local;
3668
3669 if (local->quiescing)
3670 return;
3671
3672 if (sdata->vif.csa_active)
3673 return;
3674
3675 sdata->u.mgd.connection_loss = false;
3676 ieee80211_queue_work(&sdata->local->hw,
3677 &sdata->u.mgd.beacon_connection_loss_work);
3678}
3679
3680static void ieee80211_sta_conn_mon_timer(unsigned long data)
3681{
3682 struct ieee80211_sub_if_data *sdata =
3683 (struct ieee80211_sub_if_data *) data;
3684 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
3685 struct ieee80211_local *local = sdata->local;
3686
3687 if (local->quiescing)
3688 return;
3689
3690 if (sdata->vif.csa_active)
3691 return;
3692
3693 ieee80211_queue_work(&local->hw, &ifmgd->monitor_work);
3694}
3695
3696static void ieee80211_sta_monitor_work(struct work_struct *work)
3697{
3698 struct ieee80211_sub_if_data *sdata =
3699 container_of(work, struct ieee80211_sub_if_data,
3700 u.mgd.monitor_work);
3701
3702 ieee80211_mgd_probe_ap(sdata, false);
3703}
3704
3705static void ieee80211_restart_sta_timer(struct ieee80211_sub_if_data *sdata)
3706{
3707 u32 flags;
3708
3709 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
3710 __ieee80211_stop_poll(sdata);
3711
3712
3713 flags = sdata->local->hw.flags;
3714 if (!(flags & IEEE80211_HW_CONNECTION_MONITOR))
3715 ieee80211_queue_work(&sdata->local->hw,
3716 &sdata->u.mgd.monitor_work);
3717
3718 ieee80211_queue_work(&sdata->local->hw, &sdata->work);
3719 }
3720}
3721
3722#ifdef CONFIG_PM
3723void ieee80211_mgd_quiesce(struct ieee80211_sub_if_data *sdata)
3724{
3725 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
3726 u8 frame_buf[IEEE80211_DEAUTH_FRAME_LEN];
3727
3728 sdata_lock(sdata);
3729
3730 if (ifmgd->auth_data || ifmgd->assoc_data) {
3731 const u8 *bssid = ifmgd->auth_data ?
3732 ifmgd->auth_data->bss->bssid :
3733 ifmgd->assoc_data->bss->bssid;
3734
3735
3736
3737
3738
3739
3740 ieee80211_send_deauth_disassoc(sdata, bssid,
3741 IEEE80211_STYPE_DEAUTH,
3742 WLAN_REASON_DEAUTH_LEAVING,
3743 false, frame_buf);
3744 if (ifmgd->assoc_data)
3745 ieee80211_destroy_assoc_data(sdata, false);
3746 if (ifmgd->auth_data)
3747 ieee80211_destroy_auth_data(sdata, false);
3748 cfg80211_tx_mlme_mgmt(sdata->dev, frame_buf,
3749 IEEE80211_DEAUTH_FRAME_LEN);
3750 }
3751
3752 sdata_unlock(sdata);
3753}
3754
3755void ieee80211_sta_restart(struct ieee80211_sub_if_data *sdata)
3756{
3757 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
3758
3759 sdata_lock(sdata);
3760 if (!ifmgd->associated) {
3761 sdata_unlock(sdata);
3762 return;
3763 }
3764
3765 if (sdata->flags & IEEE80211_SDATA_DISCONNECT_RESUME) {
3766 sdata->flags &= ~IEEE80211_SDATA_DISCONNECT_RESUME;
3767 mlme_dbg(sdata, "driver requested disconnect after resume\n");
3768 ieee80211_sta_connection_lost(sdata,
3769 ifmgd->associated->bssid,
3770 WLAN_REASON_UNSPECIFIED,
3771 true);
3772 sdata_unlock(sdata);
3773 return;
3774 }
3775 sdata_unlock(sdata);
3776}
3777#endif
3778
3779
3780void ieee80211_sta_setup_sdata(struct ieee80211_sub_if_data *sdata)
3781{
3782 struct ieee80211_if_managed *ifmgd;
3783
3784 ifmgd = &sdata->u.mgd;
3785 INIT_WORK(&ifmgd->monitor_work, ieee80211_sta_monitor_work);
3786 INIT_WORK(&ifmgd->chswitch_work, ieee80211_chswitch_work);
3787 INIT_WORK(&ifmgd->beacon_connection_loss_work,
3788 ieee80211_beacon_connection_loss_work);
3789 INIT_WORK(&ifmgd->csa_connection_drop_work,
3790 ieee80211_csa_connection_drop_work);
3791 INIT_WORK(&ifmgd->request_smps_work, ieee80211_request_smps_mgd_work);
3792 INIT_DELAYED_WORK(&ifmgd->tdls_peer_del_work,
3793 ieee80211_tdls_peer_del_work);
3794 setup_timer(&ifmgd->timer, ieee80211_sta_timer,
3795 (unsigned long) sdata);
3796 setup_timer(&ifmgd->bcn_mon_timer, ieee80211_sta_bcn_mon_timer,
3797 (unsigned long) sdata);
3798 setup_timer(&ifmgd->conn_mon_timer, ieee80211_sta_conn_mon_timer,
3799 (unsigned long) sdata);
3800 setup_timer(&ifmgd->chswitch_timer, ieee80211_chswitch_timer,
3801 (unsigned long) sdata);
3802
3803 ifmgd->flags = 0;
3804 ifmgd->powersave = sdata->wdev.ps;
3805 ifmgd->uapsd_queues = sdata->local->hw.uapsd_queues;
3806 ifmgd->uapsd_max_sp_len = sdata->local->hw.uapsd_max_sp_len;
3807 ifmgd->p2p_noa_index = -1;
3808
3809 if (sdata->local->hw.wiphy->features & NL80211_FEATURE_DYNAMIC_SMPS)
3810 ifmgd->req_smps = IEEE80211_SMPS_AUTOMATIC;
3811 else
3812 ifmgd->req_smps = IEEE80211_SMPS_OFF;
3813}
3814
3815
3816void ieee80211_mlme_notify_scan_completed(struct ieee80211_local *local)
3817{
3818 struct ieee80211_sub_if_data *sdata;
3819
3820
3821 rcu_read_lock();
3822 list_for_each_entry_rcu(sdata, &local->interfaces, list) {
3823 if (ieee80211_sdata_running(sdata))
3824 ieee80211_restart_sta_timer(sdata);
3825 }
3826 rcu_read_unlock();
3827}
3828
3829int ieee80211_max_network_latency(struct notifier_block *nb,
3830 unsigned long data, void *dummy)
3831{
3832 s32 latency_usec = (s32) data;
3833 struct ieee80211_local *local =
3834 container_of(nb, struct ieee80211_local,
3835 network_latency_notifier);
3836
3837 mutex_lock(&local->iflist_mtx);
3838 ieee80211_recalc_ps(local, latency_usec);
3839 mutex_unlock(&local->iflist_mtx);
3840
3841 return NOTIFY_OK;
3842}
3843
3844static u8 ieee80211_ht_vht_rx_chains(struct ieee80211_sub_if_data *sdata,
3845 struct cfg80211_bss *cbss)
3846{
3847 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
3848 const u8 *ht_cap_ie, *vht_cap_ie;
3849 const struct ieee80211_ht_cap *ht_cap;
3850 const struct ieee80211_vht_cap *vht_cap;
3851 u8 chains = 1;
3852
3853 if (ifmgd->flags & IEEE80211_STA_DISABLE_HT)
3854 return chains;
3855
3856 ht_cap_ie = ieee80211_bss_get_ie(cbss, WLAN_EID_HT_CAPABILITY);
3857 if (ht_cap_ie && ht_cap_ie[1] >= sizeof(*ht_cap)) {
3858 ht_cap = (void *)(ht_cap_ie + 2);
3859 chains = ieee80211_mcs_to_chains(&ht_cap->mcs);
3860
3861
3862
3863
3864 }
3865
3866 if (ifmgd->flags & IEEE80211_STA_DISABLE_VHT)
3867 return chains;
3868
3869 vht_cap_ie = ieee80211_bss_get_ie(cbss, WLAN_EID_VHT_CAPABILITY);
3870 if (vht_cap_ie && vht_cap_ie[1] >= sizeof(*vht_cap)) {
3871 u8 nss;
3872 u16 tx_mcs_map;
3873
3874 vht_cap = (void *)(vht_cap_ie + 2);
3875 tx_mcs_map = le16_to_cpu(vht_cap->supp_mcs.tx_mcs_map);
3876 for (nss = 8; nss > 0; nss--) {
3877 if (((tx_mcs_map >> (2 * (nss - 1))) & 3) !=
3878 IEEE80211_VHT_MCS_NOT_SUPPORTED)
3879 break;
3880 }
3881
3882 chains = max(chains, nss);
3883 }
3884
3885 return chains;
3886}
3887
3888static int ieee80211_prep_channel(struct ieee80211_sub_if_data *sdata,
3889 struct cfg80211_bss *cbss)
3890{
3891 struct ieee80211_local *local = sdata->local;
3892 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
3893 const struct ieee80211_ht_cap *ht_cap = NULL;
3894 const struct ieee80211_ht_operation *ht_oper = NULL;
3895 const struct ieee80211_vht_operation *vht_oper = NULL;
3896 struct ieee80211_supported_band *sband;
3897 struct cfg80211_chan_def chandef;
3898 int ret;
3899
3900 sband = local->hw.wiphy->bands[cbss->channel->band];
3901
3902 ifmgd->flags &= ~(IEEE80211_STA_DISABLE_40MHZ |
3903 IEEE80211_STA_DISABLE_80P80MHZ |
3904 IEEE80211_STA_DISABLE_160MHZ);
3905
3906 rcu_read_lock();
3907
3908 if (!(ifmgd->flags & IEEE80211_STA_DISABLE_HT) &&
3909 sband->ht_cap.ht_supported) {
3910 const u8 *ht_oper_ie, *ht_cap_ie;
3911
3912 ht_oper_ie = ieee80211_bss_get_ie(cbss, WLAN_EID_HT_OPERATION);
3913 if (ht_oper_ie && ht_oper_ie[1] >= sizeof(*ht_oper))
3914 ht_oper = (void *)(ht_oper_ie + 2);
3915
3916 ht_cap_ie = ieee80211_bss_get_ie(cbss, WLAN_EID_HT_CAPABILITY);
3917 if (ht_cap_ie && ht_cap_ie[1] >= sizeof(*ht_cap))
3918 ht_cap = (void *)(ht_cap_ie + 2);
3919
3920 if (!ht_cap) {
3921 ifmgd->flags |= IEEE80211_STA_DISABLE_HT;
3922 ht_oper = NULL;
3923 }
3924 }
3925
3926 if (!(ifmgd->flags & IEEE80211_STA_DISABLE_VHT) &&
3927 sband->vht_cap.vht_supported) {
3928 const u8 *vht_oper_ie, *vht_cap;
3929
3930 vht_oper_ie = ieee80211_bss_get_ie(cbss,
3931 WLAN_EID_VHT_OPERATION);
3932 if (vht_oper_ie && vht_oper_ie[1] >= sizeof(*vht_oper))
3933 vht_oper = (void *)(vht_oper_ie + 2);
3934 if (vht_oper && !ht_oper) {
3935 vht_oper = NULL;
3936 sdata_info(sdata,
3937 "AP advertised VHT without HT, disabling both\n");
3938 ifmgd->flags |= IEEE80211_STA_DISABLE_HT;
3939 ifmgd->flags |= IEEE80211_STA_DISABLE_VHT;
3940 }
3941
3942 vht_cap = ieee80211_bss_get_ie(cbss, WLAN_EID_VHT_CAPABILITY);
3943 if (!vht_cap || vht_cap[1] < sizeof(struct ieee80211_vht_cap)) {
3944 ifmgd->flags |= IEEE80211_STA_DISABLE_VHT;
3945 vht_oper = NULL;
3946 }
3947 }
3948
3949 ifmgd->flags |= ieee80211_determine_chantype(sdata, sband,
3950 cbss->channel,
3951 ht_cap, ht_oper, vht_oper,
3952 &chandef, false);
3953
3954 sdata->needed_rx_chains = min(ieee80211_ht_vht_rx_chains(sdata, cbss),
3955 local->rx_chains);
3956
3957 rcu_read_unlock();
3958
3959
3960 sdata->smps_mode = IEEE80211_SMPS_OFF;
3961
3962 mutex_lock(&local->mtx);
3963
3964
3965
3966
3967
3968 ret = ieee80211_vif_use_channel(sdata, &chandef,
3969 IEEE80211_CHANCTX_SHARED);
3970
3971
3972 if (chandef.width == NL80211_CHAN_WIDTH_5 ||
3973 chandef.width == NL80211_CHAN_WIDTH_10)
3974 goto out;
3975
3976 while (ret && chandef.width != NL80211_CHAN_WIDTH_20_NOHT) {
3977 ifmgd->flags |= ieee80211_chandef_downgrade(&chandef);
3978 ret = ieee80211_vif_use_channel(sdata, &chandef,
3979 IEEE80211_CHANCTX_SHARED);
3980 }
3981 out:
3982 mutex_unlock(&local->mtx);
3983 return ret;
3984}
3985
3986static int ieee80211_prep_connection(struct ieee80211_sub_if_data *sdata,
3987 struct cfg80211_bss *cbss, bool assoc)
3988{
3989 struct ieee80211_local *local = sdata->local;
3990 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
3991 struct ieee80211_bss *bss = (void *)cbss->priv;
3992 struct sta_info *new_sta = NULL;
3993 bool have_sta = false;
3994 int err;
3995
3996 if (WARN_ON(!ifmgd->auth_data && !ifmgd->assoc_data))
3997 return -EINVAL;
3998
3999 if (assoc) {
4000 rcu_read_lock();
4001 have_sta = sta_info_get(sdata, cbss->bssid);
4002 rcu_read_unlock();
4003 }
4004
4005 if (!have_sta) {
4006 new_sta = sta_info_alloc(sdata, cbss->bssid, GFP_KERNEL);
4007 if (!new_sta)
4008 return -ENOMEM;
4009 }
4010 if (new_sta) {
4011 u32 rates = 0, basic_rates = 0;
4012 bool have_higher_than_11mbit;
4013 int min_rate = INT_MAX, min_rate_index = -1;
4014 struct ieee80211_chanctx_conf *chanctx_conf;
4015 struct ieee80211_supported_band *sband;
4016 const struct cfg80211_bss_ies *ies;
4017 int shift;
4018 u32 rate_flags;
4019
4020 sband = local->hw.wiphy->bands[cbss->channel->band];
4021
4022 err = ieee80211_prep_channel(sdata, cbss);
4023 if (err) {
4024 sta_info_free(local, new_sta);
4025 return -EINVAL;
4026 }
4027 shift = ieee80211_vif_get_shift(&sdata->vif);
4028
4029 rcu_read_lock();
4030 chanctx_conf = rcu_dereference(sdata->vif.chanctx_conf);
4031 if (WARN_ON(!chanctx_conf)) {
4032 rcu_read_unlock();
4033 sta_info_free(local, new_sta);
4034 return -EINVAL;
4035 }
4036 rate_flags = ieee80211_chandef_rate_flags(&chanctx_conf->def);
4037 rcu_read_unlock();
4038
4039 ieee80211_get_rates(sband, bss->supp_rates,
4040 bss->supp_rates_len,
4041 &rates, &basic_rates,
4042 &have_higher_than_11mbit,
4043 &min_rate, &min_rate_index,
4044 shift, rate_flags);
4045
4046
4047
4048
4049
4050
4051
4052
4053
4054 if (!basic_rates && min_rate_index >= 0) {
4055 sdata_info(sdata,
4056 "No basic rates, using min rate instead\n");
4057 basic_rates = BIT(min_rate_index);
4058 }
4059
4060 new_sta->sta.supp_rates[cbss->channel->band] = rates;
4061 sdata->vif.bss_conf.basic_rates = basic_rates;
4062
4063
4064 if (cbss->channel->band == IEEE80211_BAND_2GHZ &&
4065 have_higher_than_11mbit)
4066 sdata->flags |= IEEE80211_SDATA_OPERATING_GMODE;
4067 else
4068 sdata->flags &= ~IEEE80211_SDATA_OPERATING_GMODE;
4069
4070 memcpy(ifmgd->bssid, cbss->bssid, ETH_ALEN);
4071
4072
4073 sdata->vif.bss_conf.beacon_int = cbss->beacon_interval;
4074 rcu_read_lock();
4075 ies = rcu_dereference(cbss->beacon_ies);
4076 if (ies) {
4077 const u8 *tim_ie;
4078
4079 sdata->vif.bss_conf.sync_tsf = ies->tsf;
4080 sdata->vif.bss_conf.sync_device_ts =
4081 bss->device_ts_beacon;
4082 tim_ie = cfg80211_find_ie(WLAN_EID_TIM,
4083 ies->data, ies->len);
4084 if (tim_ie && tim_ie[1] >= 2)
4085 sdata->vif.bss_conf.sync_dtim_count = tim_ie[2];
4086 else
4087 sdata->vif.bss_conf.sync_dtim_count = 0;
4088 } else if (!(local->hw.flags &
4089 IEEE80211_HW_TIMING_BEACON_ONLY)) {
4090 ies = rcu_dereference(cbss->proberesp_ies);
4091
4092 sdata->vif.bss_conf.sync_tsf = ies->tsf;
4093 sdata->vif.bss_conf.sync_device_ts =
4094 bss->device_ts_presp;
4095 sdata->vif.bss_conf.sync_dtim_count = 0;
4096 } else {
4097 sdata->vif.bss_conf.sync_tsf = 0;
4098 sdata->vif.bss_conf.sync_device_ts = 0;
4099 sdata->vif.bss_conf.sync_dtim_count = 0;
4100 }
4101 rcu_read_unlock();
4102
4103
4104 ieee80211_bss_info_change_notify(sdata,
4105 BSS_CHANGED_BSSID | BSS_CHANGED_BASIC_RATES |
4106 BSS_CHANGED_BEACON_INT);
4107
4108 if (assoc)
4109 sta_info_pre_move_state(new_sta, IEEE80211_STA_AUTH);
4110
4111 err = sta_info_insert(new_sta);
4112 new_sta = NULL;
4113 if (err) {
4114 sdata_info(sdata,
4115 "failed to insert STA entry for the AP (error %d)\n",
4116 err);
4117 return err;
4118 }
4119 } else
4120 WARN_ON_ONCE(!ether_addr_equal(ifmgd->bssid, cbss->bssid));
4121
4122 return 0;
4123}
4124
4125
4126int ieee80211_mgd_auth(struct ieee80211_sub_if_data *sdata,
4127 struct cfg80211_auth_request *req)
4128{
4129 struct ieee80211_local *local = sdata->local;
4130 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
4131 struct ieee80211_mgd_auth_data *auth_data;
4132 u16 auth_alg;
4133 int err;
4134
4135
4136
4137 switch (req->auth_type) {
4138 case NL80211_AUTHTYPE_OPEN_SYSTEM:
4139 auth_alg = WLAN_AUTH_OPEN;
4140 break;
4141 case NL80211_AUTHTYPE_SHARED_KEY:
4142 if (IS_ERR(local->wep_tx_tfm))
4143 return -EOPNOTSUPP;
4144 auth_alg = WLAN_AUTH_SHARED_KEY;
4145 break;
4146 case NL80211_AUTHTYPE_FT:
4147 auth_alg = WLAN_AUTH_FT;
4148 break;
4149 case NL80211_AUTHTYPE_NETWORK_EAP:
4150 auth_alg = WLAN_AUTH_LEAP;
4151 break;
4152 case NL80211_AUTHTYPE_SAE:
4153 auth_alg = WLAN_AUTH_SAE;
4154 break;
4155 default:
4156 return -EOPNOTSUPP;
4157 }
4158
4159 auth_data = kzalloc(sizeof(*auth_data) + req->sae_data_len +
4160 req->ie_len, GFP_KERNEL);
4161 if (!auth_data)
4162 return -ENOMEM;
4163
4164 auth_data->bss = req->bss;
4165
4166 if (req->sae_data_len >= 4) {
4167 __le16 *pos = (__le16 *) req->sae_data;
4168 auth_data->sae_trans = le16_to_cpu(pos[0]);
4169 auth_data->sae_status = le16_to_cpu(pos[1]);
4170 memcpy(auth_data->data, req->sae_data + 4,
4171 req->sae_data_len - 4);
4172 auth_data->data_len += req->sae_data_len - 4;
4173 }
4174
4175 if (req->ie && req->ie_len) {
4176 memcpy(&auth_data->data[auth_data->data_len],
4177 req->ie, req->ie_len);
4178 auth_data->data_len += req->ie_len;
4179 }
4180
4181 if (req->key && req->key_len) {
4182 auth_data->key_len = req->key_len;
4183 auth_data->key_idx = req->key_idx;
4184 memcpy(auth_data->key, req->key, req->key_len);
4185 }
4186
4187 auth_data->algorithm = auth_alg;
4188
4189
4190
4191 if ((ifmgd->auth_data && !ifmgd->auth_data->done) ||
4192 ifmgd->assoc_data) {
4193 err = -EBUSY;
4194 goto err_free;
4195 }
4196
4197 if (ifmgd->auth_data)
4198 ieee80211_destroy_auth_data(sdata, false);
4199
4200
4201 ifmgd->auth_data = auth_data;
4202
4203 if (ifmgd->associated) {
4204 u8 frame_buf[IEEE80211_DEAUTH_FRAME_LEN];
4205
4206 ieee80211_set_disassoc(sdata, IEEE80211_STYPE_DEAUTH,
4207 WLAN_REASON_UNSPECIFIED,
4208 false, frame_buf);
4209
4210 cfg80211_tx_mlme_mgmt(sdata->dev, frame_buf,
4211 sizeof(frame_buf));
4212 }
4213
4214 sdata_info(sdata, "authenticate with %pM\n", req->bss->bssid);
4215
4216 err = ieee80211_prep_connection(sdata, req->bss, false);
4217 if (err)
4218 goto err_clear;
4219
4220 err = ieee80211_probe_auth(sdata);
4221 if (err) {
4222 sta_info_destroy_addr(sdata, req->bss->bssid);
4223 goto err_clear;
4224 }
4225
4226
4227 cfg80211_ref_bss(local->hw.wiphy, auth_data->bss);
4228 return 0;
4229
4230 err_clear:
4231 memset(ifmgd->bssid, 0, ETH_ALEN);
4232 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BSSID);
4233 ifmgd->auth_data = NULL;
4234 err_free:
4235 kfree(auth_data);
4236 return err;
4237}
4238
4239static bool ieee80211_usable_wmm_params(struct ieee80211_sub_if_data *sdata,
4240 const u8 *wmm_param, int len)
4241{
4242 const u8 *pos;
4243 size_t left;
4244
4245 if (len < 8)
4246 return false;
4247
4248 if (wmm_param[5] != 1 )
4249 return false;
4250
4251 pos = wmm_param + 8;
4252 left = len - 8;
4253
4254 for (; left >= 4; left -= 4, pos += 4) {
4255 u8 aifsn = pos[0] & 0x0f;
4256 u8 ecwmin = pos[1] & 0x0f;
4257 u8 ecwmax = (pos[1] & 0xf0) >> 4;
4258 int aci = (pos[0] >> 5) & 0x03;
4259
4260 if (aifsn < 2) {
4261 sdata_info(sdata,
4262 "AP has invalid WMM params (AIFSN=%d for ACI %d), disabling WMM\n",
4263 aifsn, aci);
4264 return false;
4265 }
4266 if (ecwmin > ecwmax) {
4267 sdata_info(sdata,
4268 "AP has invalid WMM params (ECWmin/max=%d/%d for ACI %d), disabling WMM\n",
4269 ecwmin, ecwmax, aci);
4270 return false;
4271 }
4272 }
4273
4274 return true;
4275}
4276
4277int ieee80211_mgd_assoc(struct ieee80211_sub_if_data *sdata,
4278 struct cfg80211_assoc_request *req)
4279{
4280 struct ieee80211_local *local = sdata->local;
4281 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
4282 struct ieee80211_bss *bss = (void *)req->bss->priv;
4283 struct ieee80211_mgd_assoc_data *assoc_data;
4284 const struct cfg80211_bss_ies *beacon_ies;
4285 struct ieee80211_supported_band *sband;
4286 const u8 *ssidie, *ht_ie, *vht_ie;
4287 int i, err;
4288
4289 assoc_data = kzalloc(sizeof(*assoc_data) + req->ie_len, GFP_KERNEL);
4290 if (!assoc_data)
4291 return -ENOMEM;
4292
4293 rcu_read_lock();
4294 ssidie = ieee80211_bss_get_ie(req->bss, WLAN_EID_SSID);
4295 if (!ssidie) {
4296 rcu_read_unlock();
4297 kfree(assoc_data);
4298 return -EINVAL;
4299 }
4300 memcpy(assoc_data->ssid, ssidie + 2, ssidie[1]);
4301 assoc_data->ssid_len = ssidie[1];
4302 rcu_read_unlock();
4303
4304 if (ifmgd->associated) {
4305 u8 frame_buf[IEEE80211_DEAUTH_FRAME_LEN];
4306
4307 ieee80211_set_disassoc(sdata, IEEE80211_STYPE_DEAUTH,
4308 WLAN_REASON_UNSPECIFIED,
4309 false, frame_buf);
4310
4311 cfg80211_tx_mlme_mgmt(sdata->dev, frame_buf,
4312 sizeof(frame_buf));
4313 }
4314
4315 if (ifmgd->auth_data && !ifmgd->auth_data->done) {
4316 err = -EBUSY;
4317 goto err_free;
4318 }
4319
4320 if (ifmgd->assoc_data) {
4321 err = -EBUSY;
4322 goto err_free;
4323 }
4324
4325 if (ifmgd->auth_data) {
4326 bool match;
4327
4328
4329 match = ether_addr_equal(ifmgd->bssid, req->bss->bssid);
4330 ieee80211_destroy_auth_data(sdata, match);
4331 }
4332
4333
4334
4335 ifmgd->beacon_crc_valid = false;
4336
4337 assoc_data->wmm = bss->wmm_used &&
4338 (local->hw.queues >= IEEE80211_NUM_ACS);
4339 if (assoc_data->wmm) {
4340
4341 const struct cfg80211_bss_ies *ies;
4342 const u8 *wp, *start, *end;
4343
4344 rcu_read_lock();
4345 ies = rcu_dereference(req->bss->ies);
4346 start = ies->data;
4347 end = start + ies->len;
4348
4349 while (true) {
4350 wp = cfg80211_find_vendor_ie(
4351 WLAN_OUI_MICROSOFT,
4352 WLAN_OUI_TYPE_MICROSOFT_WMM,
4353 start, end - start);
4354 if (!wp)
4355 break;
4356 start = wp + wp[1] + 2;
4357
4358 if (wp[1] <= 4)
4359 continue;
4360
4361 if (wp[6] == 1)
4362 break;
4363 }
4364
4365 if (!wp || !ieee80211_usable_wmm_params(sdata, wp + 2,
4366 wp[1] - 2)) {
4367 assoc_data->wmm = false;
4368 ifmgd->flags |= IEEE80211_STA_DISABLE_WMM;
4369 }
4370 rcu_read_unlock();
4371 }
4372
4373
4374
4375
4376
4377
4378
4379
4380 for (i = 0; i < req->crypto.n_ciphers_pairwise; i++) {
4381 if (req->crypto.ciphers_pairwise[i] == WLAN_CIPHER_SUITE_WEP40 ||
4382 req->crypto.ciphers_pairwise[i] == WLAN_CIPHER_SUITE_TKIP ||
4383 req->crypto.ciphers_pairwise[i] == WLAN_CIPHER_SUITE_WEP104) {
4384 ifmgd->flags |= IEEE80211_STA_DISABLE_HT;
4385 ifmgd->flags |= IEEE80211_STA_DISABLE_VHT;
4386 netdev_info(sdata->dev,
4387 "disabling HT/VHT due to WEP/TKIP use\n");
4388 }
4389 }
4390
4391 if (req->flags & ASSOC_REQ_DISABLE_HT) {
4392 ifmgd->flags |= IEEE80211_STA_DISABLE_HT;
4393 ifmgd->flags |= IEEE80211_STA_DISABLE_VHT;
4394 }
4395
4396 if (req->flags & ASSOC_REQ_DISABLE_VHT)
4397 ifmgd->flags |= IEEE80211_STA_DISABLE_VHT;
4398
4399
4400 sband = local->hw.wiphy->bands[req->bss->channel->band];
4401 if (!sband->ht_cap.ht_supported ||
4402 local->hw.queues < IEEE80211_NUM_ACS || !bss->wmm_used ||
4403 ifmgd->flags & IEEE80211_STA_DISABLE_WMM) {
4404 ifmgd->flags |= IEEE80211_STA_DISABLE_HT;
4405 if (!bss->wmm_used &&
4406 !(ifmgd->flags & IEEE80211_STA_DISABLE_WMM))
4407 netdev_info(sdata->dev,
4408 "disabling HT as WMM/QoS is not supported by the AP\n");
4409 }
4410
4411
4412 if (!sband->vht_cap.vht_supported ||
4413 local->hw.queues < IEEE80211_NUM_ACS || !bss->wmm_used ||
4414 ifmgd->flags & IEEE80211_STA_DISABLE_WMM) {
4415 ifmgd->flags |= IEEE80211_STA_DISABLE_VHT;
4416 if (!bss->wmm_used &&
4417 !(ifmgd->flags & IEEE80211_STA_DISABLE_WMM))
4418 netdev_info(sdata->dev,
4419 "disabling VHT as WMM/QoS is not supported by the AP\n");
4420 }
4421
4422 memcpy(&ifmgd->ht_capa, &req->ht_capa, sizeof(ifmgd->ht_capa));
4423 memcpy(&ifmgd->ht_capa_mask, &req->ht_capa_mask,
4424 sizeof(ifmgd->ht_capa_mask));
4425
4426 memcpy(&ifmgd->vht_capa, &req->vht_capa, sizeof(ifmgd->vht_capa));
4427 memcpy(&ifmgd->vht_capa_mask, &req->vht_capa_mask,
4428 sizeof(ifmgd->vht_capa_mask));
4429
4430 if (req->ie && req->ie_len) {
4431 memcpy(assoc_data->ie, req->ie, req->ie_len);
4432 assoc_data->ie_len = req->ie_len;
4433 }
4434
4435 assoc_data->bss = req->bss;
4436
4437 if (ifmgd->req_smps == IEEE80211_SMPS_AUTOMATIC) {
4438 if (ifmgd->powersave)
4439 sdata->smps_mode = IEEE80211_SMPS_DYNAMIC;
4440 else
4441 sdata->smps_mode = IEEE80211_SMPS_OFF;
4442 } else
4443 sdata->smps_mode = ifmgd->req_smps;
4444
4445 assoc_data->capability = req->bss->capability;
4446 assoc_data->supp_rates = bss->supp_rates;
4447 assoc_data->supp_rates_len = bss->supp_rates_len;
4448
4449 rcu_read_lock();
4450 ht_ie = ieee80211_bss_get_ie(req->bss, WLAN_EID_HT_OPERATION);
4451 if (ht_ie && ht_ie[1] >= sizeof(struct ieee80211_ht_operation))
4452 assoc_data->ap_ht_param =
4453 ((struct ieee80211_ht_operation *)(ht_ie + 2))->ht_param;
4454 else
4455 ifmgd->flags |= IEEE80211_STA_DISABLE_HT;
4456 vht_ie = ieee80211_bss_get_ie(req->bss, WLAN_EID_VHT_CAPABILITY);
4457 if (vht_ie && vht_ie[1] >= sizeof(struct ieee80211_vht_cap))
4458 memcpy(&assoc_data->ap_vht_cap, vht_ie + 2,
4459 sizeof(struct ieee80211_vht_cap));
4460 else
4461 ifmgd->flags |= IEEE80211_STA_DISABLE_VHT;
4462 rcu_read_unlock();
4463
4464 if (bss->wmm_used && bss->uapsd_supported &&
4465 (sdata->local->hw.flags & IEEE80211_HW_SUPPORTS_UAPSD)) {
4466 assoc_data->uapsd = true;
4467 ifmgd->flags |= IEEE80211_STA_UAPSD_ENABLED;
4468 } else {
4469 assoc_data->uapsd = false;
4470 ifmgd->flags &= ~IEEE80211_STA_UAPSD_ENABLED;
4471 }
4472
4473 if (req->prev_bssid)
4474 memcpy(assoc_data->prev_bssid, req->prev_bssid, ETH_ALEN);
4475
4476 if (req->use_mfp) {
4477 ifmgd->mfp = IEEE80211_MFP_REQUIRED;
4478 ifmgd->flags |= IEEE80211_STA_MFP_ENABLED;
4479 } else {
4480 ifmgd->mfp = IEEE80211_MFP_DISABLED;
4481 ifmgd->flags &= ~IEEE80211_STA_MFP_ENABLED;
4482 }
4483
4484 if (req->flags & ASSOC_REQ_USE_RRM)
4485 ifmgd->flags |= IEEE80211_STA_ENABLE_RRM;
4486 else
4487 ifmgd->flags &= ~IEEE80211_STA_ENABLE_RRM;
4488
4489 if (req->crypto.control_port)
4490 ifmgd->flags |= IEEE80211_STA_CONTROL_PORT;
4491 else
4492 ifmgd->flags &= ~IEEE80211_STA_CONTROL_PORT;
4493
4494 sdata->control_port_protocol = req->crypto.control_port_ethertype;
4495 sdata->control_port_no_encrypt = req->crypto.control_port_no_encrypt;
4496 sdata->encrypt_headroom = ieee80211_cs_headroom(local, &req->crypto,
4497 sdata->vif.type);
4498
4499
4500
4501 ifmgd->assoc_data = assoc_data;
4502 ifmgd->dtim_period = 0;
4503 ifmgd->have_beacon = false;
4504
4505 err = ieee80211_prep_connection(sdata, req->bss, true);
4506 if (err)
4507 goto err_clear;
4508
4509 rcu_read_lock();
4510 beacon_ies = rcu_dereference(req->bss->beacon_ies);
4511
4512 if (sdata->local->hw.flags & IEEE80211_HW_NEED_DTIM_BEFORE_ASSOC &&
4513 !beacon_ies) {
4514
4515
4516
4517
4518 sdata_info(sdata, "waiting for beacon from %pM\n",
4519 ifmgd->bssid);
4520 assoc_data->timeout = TU_TO_EXP_TIME(req->bss->beacon_interval);
4521 assoc_data->timeout_started = true;
4522 assoc_data->need_beacon = true;
4523 } else if (beacon_ies) {
4524 const u8 *tim_ie = cfg80211_find_ie(WLAN_EID_TIM,
4525 beacon_ies->data,
4526 beacon_ies->len);
4527 u8 dtim_count = 0;
4528
4529 if (tim_ie && tim_ie[1] >= sizeof(struct ieee80211_tim_ie)) {
4530 const struct ieee80211_tim_ie *tim;
4531 tim = (void *)(tim_ie + 2);
4532 ifmgd->dtim_period = tim->dtim_period;
4533 dtim_count = tim->dtim_count;
4534 }
4535 ifmgd->have_beacon = true;
4536 assoc_data->timeout = jiffies;
4537 assoc_data->timeout_started = true;
4538
4539 if (local->hw.flags & IEEE80211_HW_TIMING_BEACON_ONLY) {
4540 sdata->vif.bss_conf.sync_tsf = beacon_ies->tsf;
4541 sdata->vif.bss_conf.sync_device_ts =
4542 bss->device_ts_beacon;
4543 sdata->vif.bss_conf.sync_dtim_count = dtim_count;
4544 }
4545 } else {
4546 assoc_data->timeout = jiffies;
4547 assoc_data->timeout_started = true;
4548 }
4549 rcu_read_unlock();
4550
4551 run_again(sdata, assoc_data->timeout);
4552
4553 if (bss->corrupt_data) {
4554 char *corrupt_type = "data";
4555 if (bss->corrupt_data & IEEE80211_BSS_CORRUPT_BEACON) {
4556 if (bss->corrupt_data &
4557 IEEE80211_BSS_CORRUPT_PROBE_RESP)
4558 corrupt_type = "beacon and probe response";
4559 else
4560 corrupt_type = "beacon";
4561 } else if (bss->corrupt_data & IEEE80211_BSS_CORRUPT_PROBE_RESP)
4562 corrupt_type = "probe response";
4563 sdata_info(sdata, "associating with AP with corrupt %s\n",
4564 corrupt_type);
4565 }
4566
4567 return 0;
4568 err_clear:
4569 memset(ifmgd->bssid, 0, ETH_ALEN);
4570 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BSSID);
4571 ifmgd->assoc_data = NULL;
4572 err_free:
4573 kfree(assoc_data);
4574 return err;
4575}
4576
4577int ieee80211_mgd_deauth(struct ieee80211_sub_if_data *sdata,
4578 struct cfg80211_deauth_request *req)
4579{
4580 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
4581 u8 frame_buf[IEEE80211_DEAUTH_FRAME_LEN];
4582 bool tx = !req->local_state_change;
4583
4584 if (ifmgd->auth_data &&
4585 ether_addr_equal(ifmgd->auth_data->bss->bssid, req->bssid)) {
4586 sdata_info(sdata,
4587 "aborting authentication with %pM by local choice (Reason: %u=%s)\n",
4588 req->bssid, req->reason_code,
4589 ieee80211_get_reason_code_string(req->reason_code));
4590
4591 drv_mgd_prepare_tx(sdata->local, sdata);
4592 ieee80211_send_deauth_disassoc(sdata, req->bssid,
4593 IEEE80211_STYPE_DEAUTH,
4594 req->reason_code, tx,
4595 frame_buf);
4596 ieee80211_destroy_auth_data(sdata, false);
4597 cfg80211_tx_mlme_mgmt(sdata->dev, frame_buf,
4598 IEEE80211_DEAUTH_FRAME_LEN);
4599
4600 return 0;
4601 }
4602
4603 if (ifmgd->associated &&
4604 ether_addr_equal(ifmgd->associated->bssid, req->bssid)) {
4605 sdata_info(sdata,
4606 "deauthenticating from %pM by local choice (Reason: %u=%s)\n",
4607 req->bssid, req->reason_code,
4608 ieee80211_get_reason_code_string(req->reason_code));
4609
4610 ieee80211_set_disassoc(sdata, IEEE80211_STYPE_DEAUTH,
4611 req->reason_code, tx, frame_buf);
4612 cfg80211_tx_mlme_mgmt(sdata->dev, frame_buf,
4613 IEEE80211_DEAUTH_FRAME_LEN);
4614 return 0;
4615 }
4616
4617 return -ENOTCONN;
4618}
4619
4620int ieee80211_mgd_disassoc(struct ieee80211_sub_if_data *sdata,
4621 struct cfg80211_disassoc_request *req)
4622{
4623 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
4624 u8 bssid[ETH_ALEN];
4625 u8 frame_buf[IEEE80211_DEAUTH_FRAME_LEN];
4626
4627
4628
4629
4630
4631
4632
4633 if (ifmgd->associated != req->bss)
4634 return -ENOLINK;
4635
4636 sdata_info(sdata,
4637 "disassociating from %pM by local choice (Reason: %u=%s)\n",
4638 req->bss->bssid, req->reason_code, ieee80211_get_reason_code_string(req->reason_code));
4639
4640 memcpy(bssid, req->bss->bssid, ETH_ALEN);
4641 ieee80211_set_disassoc(sdata, IEEE80211_STYPE_DISASSOC,
4642 req->reason_code, !req->local_state_change,
4643 frame_buf);
4644
4645 cfg80211_tx_mlme_mgmt(sdata->dev, frame_buf,
4646 IEEE80211_DEAUTH_FRAME_LEN);
4647
4648 return 0;
4649}
4650
4651void ieee80211_mgd_stop(struct ieee80211_sub_if_data *sdata)
4652{
4653 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
4654
4655
4656
4657
4658
4659
4660 cancel_work_sync(&ifmgd->monitor_work);
4661 cancel_work_sync(&ifmgd->beacon_connection_loss_work);
4662 cancel_work_sync(&ifmgd->request_smps_work);
4663 cancel_work_sync(&ifmgd->csa_connection_drop_work);
4664 cancel_work_sync(&ifmgd->chswitch_work);
4665 cancel_delayed_work_sync(&ifmgd->tdls_peer_del_work);
4666
4667 sdata_lock(sdata);
4668 if (ifmgd->assoc_data) {
4669 struct cfg80211_bss *bss = ifmgd->assoc_data->bss;
4670 ieee80211_destroy_assoc_data(sdata, false);
4671 cfg80211_assoc_timeout(sdata->dev, bss);
4672 }
4673 if (ifmgd->auth_data)
4674 ieee80211_destroy_auth_data(sdata, false);
4675 del_timer_sync(&ifmgd->timer);
4676 sdata_unlock(sdata);
4677}
4678
4679void ieee80211_cqm_rssi_notify(struct ieee80211_vif *vif,
4680 enum nl80211_cqm_rssi_threshold_event rssi_event,
4681 gfp_t gfp)
4682{
4683 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
4684
4685 trace_api_cqm_rssi_notify(sdata, rssi_event);
4686
4687 cfg80211_cqm_rssi_notify(sdata->dev, rssi_event, gfp);
4688}
4689EXPORT_SYMBOL(ieee80211_cqm_rssi_notify);
4690
