1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16#include <linux/delay.h>
17#include <linux/slab.h>
18#include <linux/if_ether.h>
19#include <linux/skbuff.h>
20#include <linux/if_arp.h>
21#include <linux/etherdevice.h>
22#include <linux/rtnetlink.h>
23#include <net/mac80211.h>
24
25#include "ieee80211_i.h"
26#include "driver-ops.h"
27#include "rate.h"
28
29#define IEEE80211_SCAN_INTERVAL (2 * HZ)
30#define IEEE80211_IBSS_JOIN_TIMEOUT (7 * HZ)
31
32#define IEEE80211_IBSS_MERGE_INTERVAL (30 * HZ)
33#define IEEE80211_IBSS_INACTIVITY_LIMIT (60 * HZ)
34#define IEEE80211_IBSS_RSN_INACTIVITY_LIMIT (10 * HZ)
35
36#define IEEE80211_IBSS_MAX_STA_ENTRIES 128
37
38static struct beacon_data *
39ieee80211_ibss_build_presp(struct ieee80211_sub_if_data *sdata,
40 const int beacon_int, const u32 basic_rates,
41 const u16 capability, u64 tsf,
42 struct cfg80211_chan_def *chandef,
43 bool *have_higher_than_11mbit,
44 struct cfg80211_csa_settings *csa_settings)
45{
46 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
47 struct ieee80211_local *local = sdata->local;
48 int rates_n = 0, i, ri;
49 struct ieee80211_mgmt *mgmt;
50 u8 *pos;
51 struct ieee80211_supported_band *sband;
52 u32 rate_flags, rates = 0, rates_added = 0;
53 struct beacon_data *presp;
54 int frame_len;
55 int shift;
56
57
58 frame_len = sizeof(struct ieee80211_hdr_3addr) +
59 12 +
60 2 + IEEE80211_MAX_SSID_LEN +
61 2 + 8 +
62 3 +
63 4 +
64 5 +
65 2 + (IEEE80211_MAX_SUPP_RATES - 8) +
66 2 + sizeof(struct ieee80211_ht_cap) +
67 2 + sizeof(struct ieee80211_ht_operation) +
68 ifibss->ie_len;
69 presp = kzalloc(sizeof(*presp) + frame_len, GFP_KERNEL);
70 if (!presp)
71 return NULL;
72
73 presp->head = (void *)(presp + 1);
74
75 mgmt = (void *) presp->head;
76 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
77 IEEE80211_STYPE_PROBE_RESP);
78 eth_broadcast_addr(mgmt->da);
79 memcpy(mgmt->sa, sdata->vif.addr, ETH_ALEN);
80 memcpy(mgmt->bssid, ifibss->bssid, ETH_ALEN);
81 mgmt->u.beacon.beacon_int = cpu_to_le16(beacon_int);
82 mgmt->u.beacon.timestamp = cpu_to_le64(tsf);
83 mgmt->u.beacon.capab_info = cpu_to_le16(capability);
84
85 pos = (u8 *)mgmt + offsetof(struct ieee80211_mgmt, u.beacon.variable);
86
87 *pos++ = WLAN_EID_SSID;
88 *pos++ = ifibss->ssid_len;
89 memcpy(pos, ifibss->ssid, ifibss->ssid_len);
90 pos += ifibss->ssid_len;
91
92 sband = local->hw.wiphy->bands[chandef->chan->band];
93 rate_flags = ieee80211_chandef_rate_flags(chandef);
94 shift = ieee80211_chandef_get_shift(chandef);
95 rates_n = 0;
96 if (have_higher_than_11mbit)
97 *have_higher_than_11mbit = false;
98
99 for (i = 0; i < sband->n_bitrates; i++) {
100 if ((rate_flags & sband->bitrates[i].flags) != rate_flags)
101 continue;
102 if (sband->bitrates[i].bitrate > 110 &&
103 have_higher_than_11mbit)
104 *have_higher_than_11mbit = true;
105
106 rates |= BIT(i);
107 rates_n++;
108 }
109
110 *pos++ = WLAN_EID_SUPP_RATES;
111 *pos++ = min_t(int, 8, rates_n);
112 for (ri = 0; ri < sband->n_bitrates; ri++) {
113 int rate = DIV_ROUND_UP(sband->bitrates[ri].bitrate,
114 5 * (1 << shift));
115 u8 basic = 0;
116 if (!(rates & BIT(ri)))
117 continue;
118
119 if (basic_rates & BIT(ri))
120 basic = 0x80;
121 *pos++ = basic | (u8) rate;
122 if (++rates_added == 8) {
123 ri++;
124 break;
125 }
126 }
127
128 if (sband->band == IEEE80211_BAND_2GHZ) {
129 *pos++ = WLAN_EID_DS_PARAMS;
130 *pos++ = 1;
131 *pos++ = ieee80211_frequency_to_channel(
132 chandef->chan->center_freq);
133 }
134
135 *pos++ = WLAN_EID_IBSS_PARAMS;
136 *pos++ = 2;
137
138 *pos++ = 0;
139 *pos++ = 0;
140
141 if (csa_settings) {
142 *pos++ = WLAN_EID_CHANNEL_SWITCH;
143 *pos++ = 3;
144 *pos++ = csa_settings->block_tx ? 1 : 0;
145 *pos++ = ieee80211_frequency_to_channel(
146 csa_settings->chandef.chan->center_freq);
147 presp->csa_counter_offsets[0] = (pos - presp->head);
148 *pos++ = csa_settings->count;
149 }
150
151
152 if (rates_n > 8) {
153 *pos++ = WLAN_EID_EXT_SUPP_RATES;
154 *pos++ = rates_n - 8;
155 for (; ri < sband->n_bitrates; ri++) {
156 int rate = DIV_ROUND_UP(sband->bitrates[ri].bitrate,
157 5 * (1 << shift));
158 u8 basic = 0;
159 if (!(rates & BIT(ri)))
160 continue;
161
162 if (basic_rates & BIT(ri))
163 basic = 0x80;
164 *pos++ = basic | (u8) rate;
165 }
166 }
167
168 if (ifibss->ie_len) {
169 memcpy(pos, ifibss->ie, ifibss->ie_len);
170 pos += ifibss->ie_len;
171 }
172
173
174 if (chandef->width != NL80211_CHAN_WIDTH_20_NOHT &&
175 chandef->width != NL80211_CHAN_WIDTH_5 &&
176 chandef->width != NL80211_CHAN_WIDTH_10 &&
177 sband->ht_cap.ht_supported) {
178 struct ieee80211_sta_ht_cap ht_cap;
179
180 memcpy(&ht_cap, &sband->ht_cap, sizeof(ht_cap));
181 ieee80211_apply_htcap_overrides(sdata, &ht_cap);
182
183 pos = ieee80211_ie_build_ht_cap(pos, &ht_cap, ht_cap.cap);
184
185
186
187
188
189 pos = ieee80211_ie_build_ht_oper(pos, &sband->ht_cap,
190 chandef, 0);
191 }
192
193 if (local->hw.queues >= IEEE80211_NUM_ACS)
194 pos = ieee80211_add_wmm_info_ie(pos, 0);
195
196 presp->head_len = pos - presp->head;
197 if (WARN_ON(presp->head_len > frame_len))
198 goto error;
199
200 return presp;
201error:
202 kfree(presp);
203 return NULL;
204}
205
206static void __ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata,
207 const u8 *bssid, const int beacon_int,
208 struct cfg80211_chan_def *req_chandef,
209 const u32 basic_rates,
210 const u16 capability, u64 tsf,
211 bool creator)
212{
213 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
214 struct ieee80211_local *local = sdata->local;
215 struct ieee80211_mgmt *mgmt;
216 struct cfg80211_bss *bss;
217 u32 bss_change;
218 struct cfg80211_chan_def chandef;
219 struct ieee80211_channel *chan;
220 struct beacon_data *presp;
221 enum nl80211_bss_scan_width scan_width;
222 bool have_higher_than_11mbit;
223 bool radar_required;
224 int err;
225
226 sdata_assert_lock(sdata);
227
228
229 drv_reset_tsf(local, sdata);
230
231 if (!ether_addr_equal(ifibss->bssid, bssid))
232 sta_info_flush(sdata);
233
234
235 if (sdata->vif.bss_conf.ibss_joined) {
236 sdata->vif.bss_conf.ibss_joined = false;
237 sdata->vif.bss_conf.ibss_creator = false;
238 sdata->vif.bss_conf.enable_beacon = false;
239 netif_carrier_off(sdata->dev);
240 ieee80211_bss_info_change_notify(sdata,
241 BSS_CHANGED_IBSS |
242 BSS_CHANGED_BEACON_ENABLED);
243 drv_leave_ibss(local, sdata);
244 }
245
246 presp = rcu_dereference_protected(ifibss->presp,
247 lockdep_is_held(&sdata->wdev.mtx));
248 RCU_INIT_POINTER(ifibss->presp, NULL);
249 if (presp)
250 kfree_rcu(presp, rcu_head);
251
252 sdata->drop_unencrypted = capability & WLAN_CAPABILITY_PRIVACY ? 1 : 0;
253
254
255 chandef = *req_chandef;
256 chan = chandef.chan;
257 if (!cfg80211_reg_can_beacon(local->hw.wiphy, &chandef,
258 NL80211_IFTYPE_ADHOC)) {
259 if (chandef.width == NL80211_CHAN_WIDTH_5 ||
260 chandef.width == NL80211_CHAN_WIDTH_10 ||
261 chandef.width == NL80211_CHAN_WIDTH_20_NOHT ||
262 chandef.width == NL80211_CHAN_WIDTH_20) {
263 sdata_info(sdata,
264 "Failed to join IBSS, beacons forbidden\n");
265 return;
266 }
267 chandef.width = NL80211_CHAN_WIDTH_20;
268 chandef.center_freq1 = chan->center_freq;
269
270 if (!cfg80211_reg_can_beacon(local->hw.wiphy, &chandef,
271 NL80211_IFTYPE_ADHOC)) {
272 sdata_info(sdata,
273 "Failed to join IBSS, beacons forbidden\n");
274 return;
275 }
276 }
277
278 err = cfg80211_chandef_dfs_required(sdata->local->hw.wiphy,
279 &chandef, NL80211_IFTYPE_ADHOC);
280 if (err < 0) {
281 sdata_info(sdata,
282 "Failed to join IBSS, invalid chandef\n");
283 return;
284 }
285 if (err > 0 && !ifibss->userspace_handles_dfs) {
286 sdata_info(sdata,
287 "Failed to join IBSS, DFS channel without control program\n");
288 return;
289 }
290
291 radar_required = err;
292
293 mutex_lock(&local->mtx);
294 if (ieee80211_vif_use_channel(sdata, &chandef,
295 ifibss->fixed_channel ?
296 IEEE80211_CHANCTX_SHARED :
297 IEEE80211_CHANCTX_EXCLUSIVE)) {
298 sdata_info(sdata, "Failed to join IBSS, no channel context\n");
299 mutex_unlock(&local->mtx);
300 return;
301 }
302 sdata->radar_required = radar_required;
303 mutex_unlock(&local->mtx);
304
305 memcpy(ifibss->bssid, bssid, ETH_ALEN);
306
307 presp = ieee80211_ibss_build_presp(sdata, beacon_int, basic_rates,
308 capability, tsf, &chandef,
309 &have_higher_than_11mbit, NULL);
310 if (!presp)
311 return;
312
313 rcu_assign_pointer(ifibss->presp, presp);
314 mgmt = (void *)presp->head;
315
316 sdata->vif.bss_conf.enable_beacon = true;
317 sdata->vif.bss_conf.beacon_int = beacon_int;
318 sdata->vif.bss_conf.basic_rates = basic_rates;
319 sdata->vif.bss_conf.ssid_len = ifibss->ssid_len;
320 memcpy(sdata->vif.bss_conf.ssid, ifibss->ssid, ifibss->ssid_len);
321 bss_change = BSS_CHANGED_BEACON_INT;
322 bss_change |= ieee80211_reset_erp_info(sdata);
323 bss_change |= BSS_CHANGED_BSSID;
324 bss_change |= BSS_CHANGED_BEACON;
325 bss_change |= BSS_CHANGED_BEACON_ENABLED;
326 bss_change |= BSS_CHANGED_BASIC_RATES;
327 bss_change |= BSS_CHANGED_HT;
328 bss_change |= BSS_CHANGED_IBSS;
329 bss_change |= BSS_CHANGED_SSID;
330
331
332
333
334
335
336
337
338
339
340
341 sdata->vif.bss_conf.use_short_slot = chan->band == IEEE80211_BAND_5GHZ;
342 bss_change |= BSS_CHANGED_ERP_SLOT;
343
344
345 if (chan->band == IEEE80211_BAND_2GHZ && have_higher_than_11mbit)
346 sdata->flags |= IEEE80211_SDATA_OPERATING_GMODE;
347 else
348 sdata->flags &= ~IEEE80211_SDATA_OPERATING_GMODE;
349
350 ieee80211_set_wmm_default(sdata, true);
351
352 sdata->vif.bss_conf.ibss_joined = true;
353 sdata->vif.bss_conf.ibss_creator = creator;
354
355 err = drv_join_ibss(local, sdata);
356 if (err) {
357 sdata->vif.bss_conf.ibss_joined = false;
358 sdata->vif.bss_conf.ibss_creator = false;
359 sdata->vif.bss_conf.enable_beacon = false;
360 sdata->vif.bss_conf.ssid_len = 0;
361 RCU_INIT_POINTER(ifibss->presp, NULL);
362 kfree_rcu(presp, rcu_head);
363 mutex_lock(&local->mtx);
364 ieee80211_vif_release_channel(sdata);
365 mutex_unlock(&local->mtx);
366 sdata_info(sdata, "Failed to join IBSS, driver failure: %d\n",
367 err);
368 return;
369 }
370
371 ieee80211_bss_info_change_notify(sdata, bss_change);
372
373 ifibss->state = IEEE80211_IBSS_MLME_JOINED;
374 mod_timer(&ifibss->timer,
375 round_jiffies(jiffies + IEEE80211_IBSS_MERGE_INTERVAL));
376
377 scan_width = cfg80211_chandef_to_scan_width(&chandef);
378 bss = cfg80211_inform_bss_width_frame(local->hw.wiphy, chan,
379 scan_width, mgmt,
380 presp->head_len, 0, GFP_KERNEL);
381 cfg80211_put_bss(local->hw.wiphy, bss);
382 netif_carrier_on(sdata->dev);
383 cfg80211_ibss_joined(sdata->dev, ifibss->bssid, chan, GFP_KERNEL);
384}
385
386static void ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata,
387 struct ieee80211_bss *bss)
388{
389 struct cfg80211_bss *cbss =
390 container_of((void *)bss, struct cfg80211_bss, priv);
391 struct ieee80211_supported_band *sband;
392 struct cfg80211_chan_def chandef;
393 u32 basic_rates;
394 int i, j;
395 u16 beacon_int = cbss->beacon_interval;
396 const struct cfg80211_bss_ies *ies;
397 enum nl80211_channel_type chan_type;
398 u64 tsf;
399 u32 rate_flags;
400 int shift;
401
402 sdata_assert_lock(sdata);
403
404 if (beacon_int < 10)
405 beacon_int = 10;
406
407 switch (sdata->u.ibss.chandef.width) {
408 case NL80211_CHAN_WIDTH_20_NOHT:
409 case NL80211_CHAN_WIDTH_20:
410 case NL80211_CHAN_WIDTH_40:
411 chan_type = cfg80211_get_chandef_type(&sdata->u.ibss.chandef);
412 cfg80211_chandef_create(&chandef, cbss->channel, chan_type);
413 break;
414 case NL80211_CHAN_WIDTH_5:
415 case NL80211_CHAN_WIDTH_10:
416 cfg80211_chandef_create(&chandef, cbss->channel,
417 NL80211_CHAN_WIDTH_20_NOHT);
418 chandef.width = sdata->u.ibss.chandef.width;
419 break;
420 default:
421
422 cfg80211_chandef_create(&chandef, cbss->channel,
423 NL80211_CHAN_WIDTH_20_NOHT);
424 break;
425 }
426
427 sband = sdata->local->hw.wiphy->bands[cbss->channel->band];
428 rate_flags = ieee80211_chandef_rate_flags(&sdata->u.ibss.chandef);
429 shift = ieee80211_vif_get_shift(&sdata->vif);
430
431 basic_rates = 0;
432
433 for (i = 0; i < bss->supp_rates_len; i++) {
434 int rate = bss->supp_rates[i] & 0x7f;
435 bool is_basic = !!(bss->supp_rates[i] & 0x80);
436
437 for (j = 0; j < sband->n_bitrates; j++) {
438 int brate;
439 if ((rate_flags & sband->bitrates[j].flags)
440 != rate_flags)
441 continue;
442
443 brate = DIV_ROUND_UP(sband->bitrates[j].bitrate,
444 5 * (1 << shift));
445 if (brate == rate) {
446 if (is_basic)
447 basic_rates |= BIT(j);
448 break;
449 }
450 }
451 }
452
453 rcu_read_lock();
454 ies = rcu_dereference(cbss->ies);
455 tsf = ies->tsf;
456 rcu_read_unlock();
457
458 __ieee80211_sta_join_ibss(sdata, cbss->bssid,
459 beacon_int,
460 &chandef,
461 basic_rates,
462 cbss->capability,
463 tsf, false);
464}
465
466int ieee80211_ibss_csa_beacon(struct ieee80211_sub_if_data *sdata,
467 struct cfg80211_csa_settings *csa_settings)
468{
469 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
470 struct beacon_data *presp, *old_presp;
471 struct cfg80211_bss *cbss;
472 const struct cfg80211_bss_ies *ies;
473 u16 capability;
474 u64 tsf;
475 int ret = 0;
476
477 sdata_assert_lock(sdata);
478
479 capability = WLAN_CAPABILITY_IBSS;
480
481 if (ifibss->privacy)
482 capability |= WLAN_CAPABILITY_PRIVACY;
483
484 cbss = cfg80211_get_bss(sdata->local->hw.wiphy, ifibss->chandef.chan,
485 ifibss->bssid, ifibss->ssid,
486 ifibss->ssid_len, WLAN_CAPABILITY_IBSS |
487 WLAN_CAPABILITY_PRIVACY,
488 capability);
489
490 if (WARN_ON(!cbss)) {
491 ret = -EINVAL;
492 goto out;
493 }
494
495 rcu_read_lock();
496 ies = rcu_dereference(cbss->ies);
497 tsf = ies->tsf;
498 rcu_read_unlock();
499 cfg80211_put_bss(sdata->local->hw.wiphy, cbss);
500
501 old_presp = rcu_dereference_protected(ifibss->presp,
502 lockdep_is_held(&sdata->wdev.mtx));
503
504 presp = ieee80211_ibss_build_presp(sdata,
505 sdata->vif.bss_conf.beacon_int,
506 sdata->vif.bss_conf.basic_rates,
507 capability, tsf, &ifibss->chandef,
508 NULL, csa_settings);
509 if (!presp) {
510 ret = -ENOMEM;
511 goto out;
512 }
513
514 rcu_assign_pointer(ifibss->presp, presp);
515 if (old_presp)
516 kfree_rcu(old_presp, rcu_head);
517
518 return BSS_CHANGED_BEACON;
519 out:
520 return ret;
521}
522
523int ieee80211_ibss_finish_csa(struct ieee80211_sub_if_data *sdata)
524{
525 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
526 struct cfg80211_bss *cbss;
527 int err, changed = 0;
528 u16 capability;
529
530 sdata_assert_lock(sdata);
531
532
533 if (!is_zero_ether_addr(ifibss->bssid)) {
534 capability = WLAN_CAPABILITY_IBSS;
535
536 if (ifibss->privacy)
537 capability |= WLAN_CAPABILITY_PRIVACY;
538
539 cbss = cfg80211_get_bss(sdata->local->hw.wiphy,
540 ifibss->chandef.chan,
541 ifibss->bssid, ifibss->ssid,
542 ifibss->ssid_len, WLAN_CAPABILITY_IBSS |
543 WLAN_CAPABILITY_PRIVACY,
544 capability);
545
546 if (cbss) {
547 cbss->channel = sdata->csa_chandef.chan;
548 cfg80211_put_bss(sdata->local->hw.wiphy, cbss);
549 }
550 }
551
552 ifibss->chandef = sdata->csa_chandef;
553
554
555 err = ieee80211_ibss_csa_beacon(sdata, NULL);
556 if (err < 0)
557 return err;
558
559 changed |= err;
560
561 return changed;
562}
563
564void ieee80211_ibss_stop(struct ieee80211_sub_if_data *sdata)
565{
566 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
567
568 cancel_work_sync(&ifibss->csa_connection_drop_work);
569}
570
571static struct sta_info *ieee80211_ibss_finish_sta(struct sta_info *sta)
572 __acquires(RCU)
573{
574 struct ieee80211_sub_if_data *sdata = sta->sdata;
575 u8 addr[ETH_ALEN];
576
577 memcpy(addr, sta->sta.addr, ETH_ALEN);
578
579 ibss_dbg(sdata, "Adding new IBSS station %pM\n", addr);
580
581 sta_info_pre_move_state(sta, IEEE80211_STA_AUTH);
582 sta_info_pre_move_state(sta, IEEE80211_STA_ASSOC);
583
584
585 if (!sta->sdata->u.ibss.control_port)
586 sta_info_pre_move_state(sta, IEEE80211_STA_AUTHORIZED);
587
588 rate_control_rate_init(sta);
589
590
591 if (sta_info_insert_rcu(sta))
592 return sta_info_get(sdata, addr);
593 return sta;
594}
595
596static struct sta_info *
597ieee80211_ibss_add_sta(struct ieee80211_sub_if_data *sdata, const u8 *bssid,
598 const u8 *addr, u32 supp_rates)
599 __acquires(RCU)
600{
601 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
602 struct ieee80211_local *local = sdata->local;
603 struct sta_info *sta;
604 struct ieee80211_chanctx_conf *chanctx_conf;
605 struct ieee80211_supported_band *sband;
606 enum nl80211_bss_scan_width scan_width;
607 int band;
608
609
610
611
612
613 if (local->num_sta >= IEEE80211_IBSS_MAX_STA_ENTRIES) {
614 net_info_ratelimited("%s: No room for a new IBSS STA entry %pM\n",
615 sdata->name, addr);
616 rcu_read_lock();
617 return NULL;
618 }
619
620 if (ifibss->state == IEEE80211_IBSS_MLME_SEARCH) {
621 rcu_read_lock();
622 return NULL;
623 }
624
625 if (!ether_addr_equal(bssid, sdata->u.ibss.bssid)) {
626 rcu_read_lock();
627 return NULL;
628 }
629
630 rcu_read_lock();
631 chanctx_conf = rcu_dereference(sdata->vif.chanctx_conf);
632 if (WARN_ON_ONCE(!chanctx_conf))
633 return NULL;
634 band = chanctx_conf->def.chan->band;
635 scan_width = cfg80211_chandef_to_scan_width(&chanctx_conf->def);
636 rcu_read_unlock();
637
638 sta = sta_info_alloc(sdata, addr, GFP_KERNEL);
639 if (!sta) {
640 rcu_read_lock();
641 return NULL;
642 }
643
644 sta->last_rx = jiffies;
645
646
647 sband = local->hw.wiphy->bands[band];
648 sta->sta.supp_rates[band] = supp_rates |
649 ieee80211_mandatory_rates(sband, scan_width);
650
651 return ieee80211_ibss_finish_sta(sta);
652}
653
654static int ieee80211_sta_active_ibss(struct ieee80211_sub_if_data *sdata)
655{
656 struct ieee80211_local *local = sdata->local;
657 int active = 0;
658 struct sta_info *sta;
659
660 sdata_assert_lock(sdata);
661
662 rcu_read_lock();
663
664 list_for_each_entry_rcu(sta, &local->sta_list, list) {
665 if (sta->sdata == sdata &&
666 time_after(sta->last_rx + IEEE80211_IBSS_MERGE_INTERVAL,
667 jiffies)) {
668 active++;
669 break;
670 }
671 }
672
673 rcu_read_unlock();
674
675 return active;
676}
677
678static void ieee80211_ibss_disconnect(struct ieee80211_sub_if_data *sdata)
679{
680 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
681 struct ieee80211_local *local = sdata->local;
682 struct cfg80211_bss *cbss;
683 struct beacon_data *presp;
684 struct sta_info *sta;
685 u16 capability;
686
687 if (!is_zero_ether_addr(ifibss->bssid)) {
688 capability = WLAN_CAPABILITY_IBSS;
689
690 if (ifibss->privacy)
691 capability |= WLAN_CAPABILITY_PRIVACY;
692
693 cbss = cfg80211_get_bss(local->hw.wiphy, ifibss->chandef.chan,
694 ifibss->bssid, ifibss->ssid,
695 ifibss->ssid_len, WLAN_CAPABILITY_IBSS |
696 WLAN_CAPABILITY_PRIVACY,
697 capability);
698
699 if (cbss) {
700 cfg80211_unlink_bss(local->hw.wiphy, cbss);
701 cfg80211_put_bss(sdata->local->hw.wiphy, cbss);
702 }
703 }
704
705 ifibss->state = IEEE80211_IBSS_MLME_SEARCH;
706
707 sta_info_flush(sdata);
708
709 spin_lock_bh(&ifibss->incomplete_lock);
710 while (!list_empty(&ifibss->incomplete_stations)) {
711 sta = list_first_entry(&ifibss->incomplete_stations,
712 struct sta_info, list);
713 list_del(&sta->list);
714 spin_unlock_bh(&ifibss->incomplete_lock);
715
716 sta_info_free(local, sta);
717 spin_lock_bh(&ifibss->incomplete_lock);
718 }
719 spin_unlock_bh(&ifibss->incomplete_lock);
720
721 netif_carrier_off(sdata->dev);
722
723 sdata->vif.bss_conf.ibss_joined = false;
724 sdata->vif.bss_conf.ibss_creator = false;
725 sdata->vif.bss_conf.enable_beacon = false;
726 sdata->vif.bss_conf.ssid_len = 0;
727
728
729 presp = rcu_dereference_protected(ifibss->presp,
730 lockdep_is_held(&sdata->wdev.mtx));
731 RCU_INIT_POINTER(sdata->u.ibss.presp, NULL);
732 if (presp)
733 kfree_rcu(presp, rcu_head);
734
735 clear_bit(SDATA_STATE_OFFCHANNEL_BEACON_STOPPED, &sdata->state);
736 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BEACON_ENABLED |
737 BSS_CHANGED_IBSS);
738 drv_leave_ibss(local, sdata);
739 mutex_lock(&local->mtx);
740 ieee80211_vif_release_channel(sdata);
741 mutex_unlock(&local->mtx);
742}
743
744static void ieee80211_csa_connection_drop_work(struct work_struct *work)
745{
746 struct ieee80211_sub_if_data *sdata =
747 container_of(work, struct ieee80211_sub_if_data,
748 u.ibss.csa_connection_drop_work);
749
750 sdata_lock(sdata);
751
752 ieee80211_ibss_disconnect(sdata);
753 synchronize_rcu();
754 skb_queue_purge(&sdata->skb_queue);
755
756
757 ieee80211_queue_work(&sdata->local->hw, &sdata->work);
758
759 sdata_unlock(sdata);
760}
761
762static void ieee80211_ibss_csa_mark_radar(struct ieee80211_sub_if_data *sdata)
763{
764 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
765 int err;
766
767
768
769
770 err = cfg80211_chandef_dfs_required(sdata->local->hw.wiphy,
771 &ifibss->chandef,
772 NL80211_IFTYPE_ADHOC);
773 if (err > 0)
774 cfg80211_radar_event(sdata->local->hw.wiphy, &ifibss->chandef,
775 GFP_ATOMIC);
776}
777
778static bool
779ieee80211_ibss_process_chanswitch(struct ieee80211_sub_if_data *sdata,
780 struct ieee802_11_elems *elems,
781 bool beacon)
782{
783 struct cfg80211_csa_settings params;
784 struct ieee80211_csa_ie csa_ie;
785 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
786 enum nl80211_channel_type ch_type;
787 int err;
788 u32 sta_flags;
789
790 sdata_assert_lock(sdata);
791
792 sta_flags = IEEE80211_STA_DISABLE_VHT;
793 switch (ifibss->chandef.width) {
794 case NL80211_CHAN_WIDTH_5:
795 case NL80211_CHAN_WIDTH_10:
796 case NL80211_CHAN_WIDTH_20_NOHT:
797 sta_flags |= IEEE80211_STA_DISABLE_HT;
798
799 case NL80211_CHAN_WIDTH_20:
800 sta_flags |= IEEE80211_STA_DISABLE_40MHZ;
801 break;
802 default:
803 break;
804 }
805
806 memset(¶ms, 0, sizeof(params));
807 memset(&csa_ie, 0, sizeof(csa_ie));
808 err = ieee80211_parse_ch_switch_ie(sdata, elems,
809 ifibss->chandef.chan->band,
810 sta_flags, ifibss->bssid, &csa_ie);
811
812 if (err < 0)
813 goto disconnect;
814
815
816 if (err)
817 return false;
818
819
820 if (!(sdata->local->hw.wiphy->flags & WIPHY_FLAG_HAS_CHANNEL_SWITCH))
821 goto disconnect;
822
823 params.count = csa_ie.count;
824 params.chandef = csa_ie.chandef;
825
826 switch (ifibss->chandef.width) {
827 case NL80211_CHAN_WIDTH_20_NOHT:
828 case NL80211_CHAN_WIDTH_20:
829 case NL80211_CHAN_WIDTH_40:
830
831
832
833
834
835 ch_type = cfg80211_get_chandef_type(&ifibss->chandef);
836 cfg80211_chandef_create(¶ms.chandef, params.chandef.chan,
837 ch_type);
838 break;
839 case NL80211_CHAN_WIDTH_5:
840 case NL80211_CHAN_WIDTH_10:
841 if (params.chandef.width != ifibss->chandef.width) {
842 sdata_info(sdata,
843 "IBSS %pM received channel switch from incompatible channel width (%d MHz, width:%d, CF1/2: %d/%d MHz), disconnecting\n",
844 ifibss->bssid,
845 params.chandef.chan->center_freq,
846 params.chandef.width,
847 params.chandef.center_freq1,
848 params.chandef.center_freq2);
849 goto disconnect;
850 }
851 break;
852 default:
853
854 WARN_ON(1);
855 goto disconnect;
856 }
857
858 if (!cfg80211_reg_can_beacon(sdata->local->hw.wiphy, ¶ms.chandef,
859 NL80211_IFTYPE_ADHOC)) {
860 sdata_info(sdata,
861 "IBSS %pM switches to unsupported channel (%d MHz, width:%d, CF1/2: %d/%d MHz), disconnecting\n",
862 ifibss->bssid,
863 params.chandef.chan->center_freq,
864 params.chandef.width,
865 params.chandef.center_freq1,
866 params.chandef.center_freq2);
867 goto disconnect;
868 }
869
870 err = cfg80211_chandef_dfs_required(sdata->local->hw.wiphy,
871 ¶ms.chandef,
872 NL80211_IFTYPE_ADHOC);
873 if (err < 0)
874 goto disconnect;
875 if (err > 0 && !ifibss->userspace_handles_dfs) {
876
877 goto disconnect;
878 }
879
880 params.radar_required = err;
881
882 if (cfg80211_chandef_identical(¶ms.chandef,
883 &sdata->vif.bss_conf.chandef)) {
884 ibss_dbg(sdata,
885 "received csa with an identical chandef, ignoring\n");
886 return true;
887 }
888
889
890 ibss_dbg(sdata,
891 "received channel switch announcement to go to channel %d MHz\n",
892 params.chandef.chan->center_freq);
893
894 params.block_tx = !!csa_ie.mode;
895
896 if (ieee80211_channel_switch(sdata->local->hw.wiphy, sdata->dev,
897 ¶ms))
898 goto disconnect;
899
900 ieee80211_ibss_csa_mark_radar(sdata);
901
902 return true;
903disconnect:
904 ibss_dbg(sdata, "Can't handle channel switch, disconnect\n");
905 ieee80211_queue_work(&sdata->local->hw,
906 &ifibss->csa_connection_drop_work);
907
908 ieee80211_ibss_csa_mark_radar(sdata);
909
910 return true;
911}
912
913static void
914ieee80211_rx_mgmt_spectrum_mgmt(struct ieee80211_sub_if_data *sdata,
915 struct ieee80211_mgmt *mgmt, size_t len,
916 struct ieee80211_rx_status *rx_status,
917 struct ieee802_11_elems *elems)
918{
919 int required_len;
920
921 if (len < IEEE80211_MIN_ACTION_SIZE + 1)
922 return;
923
924
925 if (mgmt->u.action.u.measurement.action_code !=
926 WLAN_ACTION_SPCT_CHL_SWITCH)
927 return;
928
929 required_len = IEEE80211_MIN_ACTION_SIZE +
930 sizeof(mgmt->u.action.u.chan_switch);
931 if (len < required_len)
932 return;
933
934 if (!sdata->vif.csa_active)
935 ieee80211_ibss_process_chanswitch(sdata, elems, false);
936}
937
938static void ieee80211_rx_mgmt_deauth_ibss(struct ieee80211_sub_if_data *sdata,
939 struct ieee80211_mgmt *mgmt,
940 size_t len)
941{
942 u16 reason = le16_to_cpu(mgmt->u.deauth.reason_code);
943
944 if (len < IEEE80211_DEAUTH_FRAME_LEN)
945 return;
946
947 ibss_dbg(sdata, "RX DeAuth SA=%pM DA=%pM BSSID=%pM (reason: %d)\n",
948 mgmt->sa, mgmt->da, mgmt->bssid, reason);
949 sta_info_destroy_addr(sdata, mgmt->sa);
950}
951
952static void ieee80211_rx_mgmt_auth_ibss(struct ieee80211_sub_if_data *sdata,
953 struct ieee80211_mgmt *mgmt,
954 size_t len)
955{
956 u16 auth_alg, auth_transaction;
957
958 sdata_assert_lock(sdata);
959
960 if (len < 24 + 6)
961 return;
962
963 auth_alg = le16_to_cpu(mgmt->u.auth.auth_alg);
964 auth_transaction = le16_to_cpu(mgmt->u.auth.auth_transaction);
965
966 ibss_dbg(sdata,
967 "RX Auth SA=%pM DA=%pM BSSID=%pM (auth_transaction=%d)\n",
968 mgmt->sa, mgmt->da, mgmt->bssid, auth_transaction);
969
970 if (auth_alg != WLAN_AUTH_OPEN || auth_transaction != 1)
971 return;
972
973
974
975
976
977
978
979 ieee80211_send_auth(sdata, 2, WLAN_AUTH_OPEN, 0, NULL, 0,
980 mgmt->sa, sdata->u.ibss.bssid, NULL, 0, 0, 0);
981}
982
983static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata,
984 struct ieee80211_mgmt *mgmt, size_t len,
985 struct ieee80211_rx_status *rx_status,
986 struct ieee802_11_elems *elems)
987{
988 struct ieee80211_local *local = sdata->local;
989 struct cfg80211_bss *cbss;
990 struct ieee80211_bss *bss;
991 struct sta_info *sta;
992 struct ieee80211_channel *channel;
993 u64 beacon_timestamp, rx_timestamp;
994 u32 supp_rates = 0;
995 enum ieee80211_band band = rx_status->band;
996 enum nl80211_bss_scan_width scan_width;
997 struct ieee80211_supported_band *sband = local->hw.wiphy->bands[band];
998 bool rates_updated = false;
999
1000 channel = ieee80211_get_channel(local->hw.wiphy, rx_status->freq);
1001 if (!channel)
1002 return;
1003
1004 if (sdata->vif.type == NL80211_IFTYPE_ADHOC &&
1005 ether_addr_equal(mgmt->bssid, sdata->u.ibss.bssid)) {
1006
1007 rcu_read_lock();
1008 sta = sta_info_get(sdata, mgmt->sa);
1009
1010 if (elems->supp_rates) {
1011 supp_rates = ieee80211_sta_get_rates(sdata, elems,
1012 band, NULL);
1013 if (sta) {
1014 u32 prev_rates;
1015
1016 prev_rates = sta->sta.supp_rates[band];
1017
1018 scan_width = NL80211_BSS_CHAN_WIDTH_20;
1019 if (rx_status->flag & RX_FLAG_5MHZ)
1020 scan_width = NL80211_BSS_CHAN_WIDTH_5;
1021 if (rx_status->flag & RX_FLAG_10MHZ)
1022 scan_width = NL80211_BSS_CHAN_WIDTH_10;
1023
1024 sta->sta.supp_rates[band] = supp_rates |
1025 ieee80211_mandatory_rates(sband,
1026 scan_width);
1027 if (sta->sta.supp_rates[band] != prev_rates) {
1028 ibss_dbg(sdata,
1029 "updated supp_rates set for %pM based on beacon/probe_resp (0x%x -> 0x%x)\n",
1030 sta->sta.addr, prev_rates,
1031 sta->sta.supp_rates[band]);
1032 rates_updated = true;
1033 }
1034 } else {
1035 rcu_read_unlock();
1036 sta = ieee80211_ibss_add_sta(sdata, mgmt->bssid,
1037 mgmt->sa, supp_rates);
1038 }
1039 }
1040
1041 if (sta && elems->wmm_info)
1042 sta->sta.wme = true;
1043
1044 if (sta && elems->ht_operation && elems->ht_cap_elem &&
1045 sdata->u.ibss.chandef.width != NL80211_CHAN_WIDTH_20_NOHT &&
1046 sdata->u.ibss.chandef.width != NL80211_CHAN_WIDTH_5 &&
1047 sdata->u.ibss.chandef.width != NL80211_CHAN_WIDTH_10) {
1048
1049 struct ieee80211_ht_cap htcap_ie;
1050 struct cfg80211_chan_def chandef;
1051
1052 ieee80211_ht_oper_to_chandef(channel,
1053 elems->ht_operation,
1054 &chandef);
1055
1056 memcpy(&htcap_ie, elems->ht_cap_elem, sizeof(htcap_ie));
1057
1058
1059
1060
1061
1062 if (chandef.center_freq1 !=
1063 sdata->u.ibss.chandef.center_freq1)
1064 htcap_ie.cap_info &=
1065 cpu_to_le16(~IEEE80211_HT_CAP_SUP_WIDTH_20_40);
1066
1067 rates_updated |= ieee80211_ht_cap_ie_to_sta_ht_cap(
1068 sdata, sband, &htcap_ie, sta);
1069 }
1070
1071 if (sta && rates_updated) {
1072 u32 changed = IEEE80211_RC_SUPP_RATES_CHANGED;
1073 u8 rx_nss = sta->sta.rx_nss;
1074
1075
1076 sta->sta.rx_nss = 0;
1077 rate_control_rate_init(sta);
1078 if (sta->sta.rx_nss != rx_nss)
1079 changed |= IEEE80211_RC_NSS_CHANGED;
1080
1081 drv_sta_rc_update(local, sdata, &sta->sta, changed);
1082 }
1083
1084 rcu_read_unlock();
1085 }
1086
1087 bss = ieee80211_bss_info_update(local, rx_status, mgmt, len, elems,
1088 channel);
1089 if (!bss)
1090 return;
1091
1092 cbss = container_of((void *)bss, struct cfg80211_bss, priv);
1093
1094
1095 beacon_timestamp = le64_to_cpu(mgmt->u.beacon.timestamp);
1096
1097
1098
1099
1100 if (!(cbss->capability & WLAN_CAPABILITY_IBSS))
1101 goto put_bss;
1102
1103
1104 if (sdata->u.ibss.fixed_channel &&
1105 sdata->u.ibss.chandef.chan != cbss->channel)
1106 goto put_bss;
1107
1108
1109 if (elems->ssid_len != sdata->u.ibss.ssid_len ||
1110 memcmp(elems->ssid, sdata->u.ibss.ssid,
1111 sdata->u.ibss.ssid_len))
1112 goto put_bss;
1113
1114
1115 if (sdata->vif.csa_active ||
1116 ieee80211_ibss_process_chanswitch(sdata, elems, true))
1117 goto put_bss;
1118
1119
1120 if (ether_addr_equal(cbss->bssid, sdata->u.ibss.bssid))
1121 goto put_bss;
1122
1123
1124 if (sdata->u.ibss.fixed_bssid)
1125 goto put_bss;
1126
1127 if (ieee80211_have_rx_timestamp(rx_status)) {
1128
1129 rx_timestamp =
1130 ieee80211_calculate_rx_timestamp(local, rx_status,
1131 len + FCS_LEN, 24);
1132 } else {
1133
1134
1135
1136
1137 rx_timestamp = drv_get_tsf(local, sdata);
1138 }
1139
1140 ibss_dbg(sdata,
1141 "RX beacon SA=%pM BSSID=%pM TSF=0x%llx BCN=0x%llx diff=%lld @%lu\n",
1142 mgmt->sa, mgmt->bssid,
1143 (unsigned long long)rx_timestamp,
1144 (unsigned long long)beacon_timestamp,
1145 (unsigned long long)(rx_timestamp - beacon_timestamp),
1146 jiffies);
1147
1148 if (beacon_timestamp > rx_timestamp) {
1149 ibss_dbg(sdata,
1150 "beacon TSF higher than local TSF - IBSS merge with BSSID %pM\n",
1151 mgmt->bssid);
1152 ieee80211_sta_join_ibss(sdata, bss);
1153 supp_rates = ieee80211_sta_get_rates(sdata, elems, band, NULL);
1154 ieee80211_ibss_add_sta(sdata, mgmt->bssid, mgmt->sa,
1155 supp_rates);
1156 rcu_read_unlock();
1157 }
1158
1159 put_bss:
1160 ieee80211_rx_bss_put(local, bss);
1161}
1162
1163void ieee80211_ibss_rx_no_sta(struct ieee80211_sub_if_data *sdata,
1164 const u8 *bssid, const u8 *addr,
1165 u32 supp_rates)
1166{
1167 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
1168 struct ieee80211_local *local = sdata->local;
1169 struct sta_info *sta;
1170 struct ieee80211_chanctx_conf *chanctx_conf;
1171 struct ieee80211_supported_band *sband;
1172 enum nl80211_bss_scan_width scan_width;
1173 int band;
1174
1175
1176
1177
1178
1179 if (local->num_sta >= IEEE80211_IBSS_MAX_STA_ENTRIES) {
1180 net_info_ratelimited("%s: No room for a new IBSS STA entry %pM\n",
1181 sdata->name, addr);
1182 return;
1183 }
1184
1185 if (ifibss->state == IEEE80211_IBSS_MLME_SEARCH)
1186 return;
1187
1188 if (!ether_addr_equal(bssid, sdata->u.ibss.bssid))
1189 return;
1190
1191 rcu_read_lock();
1192 chanctx_conf = rcu_dereference(sdata->vif.chanctx_conf);
1193 if (WARN_ON_ONCE(!chanctx_conf)) {
1194 rcu_read_unlock();
1195 return;
1196 }
1197 band = chanctx_conf->def.chan->band;
1198 scan_width = cfg80211_chandef_to_scan_width(&chanctx_conf->def);
1199 rcu_read_unlock();
1200
1201 sta = sta_info_alloc(sdata, addr, GFP_ATOMIC);
1202 if (!sta)
1203 return;
1204
1205 sta->last_rx = jiffies;
1206
1207
1208 sband = local->hw.wiphy->bands[band];
1209 sta->sta.supp_rates[band] = supp_rates |
1210 ieee80211_mandatory_rates(sband, scan_width);
1211
1212 spin_lock(&ifibss->incomplete_lock);
1213 list_add(&sta->list, &ifibss->incomplete_stations);
1214 spin_unlock(&ifibss->incomplete_lock);
1215 ieee80211_queue_work(&local->hw, &sdata->work);
1216}
1217
1218static void ieee80211_ibss_sta_expire(struct ieee80211_sub_if_data *sdata)
1219{
1220 struct ieee80211_local *local = sdata->local;
1221 struct sta_info *sta, *tmp;
1222 unsigned long exp_time = IEEE80211_IBSS_INACTIVITY_LIMIT;
1223 unsigned long exp_rsn_time = IEEE80211_IBSS_RSN_INACTIVITY_LIMIT;
1224
1225 mutex_lock(&local->sta_mtx);
1226
1227 list_for_each_entry_safe(sta, tmp, &local->sta_list, list) {
1228 if (sdata != sta->sdata)
1229 continue;
1230
1231 if (time_after(jiffies, sta->last_rx + exp_time) ||
1232 (time_after(jiffies, sta->last_rx + exp_rsn_time) &&
1233 sta->sta_state != IEEE80211_STA_AUTHORIZED)) {
1234 sta_dbg(sta->sdata, "expiring inactive %sSTA %pM\n",
1235 sta->sta_state != IEEE80211_STA_AUTHORIZED ?
1236 "not authorized " : "", sta->sta.addr);
1237
1238 WARN_ON(__sta_info_destroy(sta));
1239 }
1240 }
1241
1242 mutex_unlock(&local->sta_mtx);
1243}
1244
1245
1246
1247
1248
1249static void ieee80211_sta_merge_ibss(struct ieee80211_sub_if_data *sdata)
1250{
1251 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
1252 enum nl80211_bss_scan_width scan_width;
1253
1254 sdata_assert_lock(sdata);
1255
1256 mod_timer(&ifibss->timer,
1257 round_jiffies(jiffies + IEEE80211_IBSS_MERGE_INTERVAL));
1258
1259 ieee80211_ibss_sta_expire(sdata);
1260
1261 if (time_before(jiffies, ifibss->last_scan_completed +
1262 IEEE80211_IBSS_MERGE_INTERVAL))
1263 return;
1264
1265 if (ieee80211_sta_active_ibss(sdata))
1266 return;
1267
1268 if (ifibss->fixed_channel)
1269 return;
1270
1271 sdata_info(sdata,
1272 "No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)\n");
1273
1274 scan_width = cfg80211_chandef_to_scan_width(&ifibss->chandef);
1275 ieee80211_request_ibss_scan(sdata, ifibss->ssid, ifibss->ssid_len,
1276 NULL, scan_width);
1277}
1278
1279static void ieee80211_sta_create_ibss(struct ieee80211_sub_if_data *sdata)
1280{
1281 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
1282 u8 bssid[ETH_ALEN];
1283 u16 capability;
1284 int i;
1285
1286 sdata_assert_lock(sdata);
1287
1288 if (ifibss->fixed_bssid) {
1289 memcpy(bssid, ifibss->bssid, ETH_ALEN);
1290 } else {
1291
1292
1293
1294 get_random_bytes(bssid, ETH_ALEN);
1295 for (i = 0; i < ETH_ALEN; i++)
1296 bssid[i] ^= sdata->vif.addr[i];
1297 bssid[0] &= ~0x01;
1298 bssid[0] |= 0x02;
1299 }
1300
1301 sdata_info(sdata, "Creating new IBSS network, BSSID %pM\n", bssid);
1302
1303 capability = WLAN_CAPABILITY_IBSS;
1304
1305 if (ifibss->privacy)
1306 capability |= WLAN_CAPABILITY_PRIVACY;
1307 else
1308 sdata->drop_unencrypted = 0;
1309
1310 __ieee80211_sta_join_ibss(sdata, bssid, sdata->vif.bss_conf.beacon_int,
1311 &ifibss->chandef, ifibss->basic_rates,
1312 capability, 0, true);
1313}
1314
1315
1316
1317
1318
1319static void ieee80211_sta_find_ibss(struct ieee80211_sub_if_data *sdata)
1320{
1321 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
1322 struct ieee80211_local *local = sdata->local;
1323 struct cfg80211_bss *cbss;
1324 struct ieee80211_channel *chan = NULL;
1325 const u8 *bssid = NULL;
1326 enum nl80211_bss_scan_width scan_width;
1327 int active_ibss;
1328 u16 capability;
1329
1330 sdata_assert_lock(sdata);
1331
1332 active_ibss = ieee80211_sta_active_ibss(sdata);
1333 ibss_dbg(sdata, "sta_find_ibss (active_ibss=%d)\n", active_ibss);
1334
1335 if (active_ibss)
1336 return;
1337
1338 capability = WLAN_CAPABILITY_IBSS;
1339 if (ifibss->privacy)
1340 capability |= WLAN_CAPABILITY_PRIVACY;
1341 if (ifibss->fixed_bssid)
1342 bssid = ifibss->bssid;
1343 if (ifibss->fixed_channel)
1344 chan = ifibss->chandef.chan;
1345 if (!is_zero_ether_addr(ifibss->bssid))
1346 bssid = ifibss->bssid;
1347 cbss = cfg80211_get_bss(local->hw.wiphy, chan, bssid,
1348 ifibss->ssid, ifibss->ssid_len,
1349 WLAN_CAPABILITY_IBSS | WLAN_CAPABILITY_PRIVACY,
1350 capability);
1351
1352 if (cbss) {
1353 struct ieee80211_bss *bss;
1354
1355 bss = (void *)cbss->priv;
1356 ibss_dbg(sdata,
1357 "sta_find_ibss: selected %pM current %pM\n",
1358 cbss->bssid, ifibss->bssid);
1359 sdata_info(sdata,
1360 "Selected IBSS BSSID %pM based on configured SSID\n",
1361 cbss->bssid);
1362
1363 ieee80211_sta_join_ibss(sdata, bss);
1364 ieee80211_rx_bss_put(local, bss);
1365 return;
1366 }
1367
1368
1369
1370
1371 if (ifibss->fixed_bssid && ifibss->fixed_channel) {
1372 sdata_info(sdata, "Created IBSS using preconfigured BSSID %pM\n",
1373 bssid);
1374 ieee80211_sta_create_ibss(sdata);
1375 return;
1376 }
1377
1378
1379 ibss_dbg(sdata, "sta_find_ibss: did not try to join ibss\n");
1380
1381
1382 if (time_after(jiffies, ifibss->last_scan_completed +
1383 IEEE80211_SCAN_INTERVAL)) {
1384 sdata_info(sdata, "Trigger new scan to find an IBSS to join\n");
1385
1386 scan_width = cfg80211_chandef_to_scan_width(&ifibss->chandef);
1387 ieee80211_request_ibss_scan(sdata, ifibss->ssid,
1388 ifibss->ssid_len, chan,
1389 scan_width);
1390 } else {
1391 int interval = IEEE80211_SCAN_INTERVAL;
1392
1393 if (time_after(jiffies, ifibss->ibss_join_req +
1394 IEEE80211_IBSS_JOIN_TIMEOUT))
1395 ieee80211_sta_create_ibss(sdata);
1396
1397 mod_timer(&ifibss->timer,
1398 round_jiffies(jiffies + interval));
1399 }
1400}
1401
1402static void ieee80211_rx_mgmt_probe_req(struct ieee80211_sub_if_data *sdata,
1403 struct sk_buff *req)
1404{
1405 struct ieee80211_mgmt *mgmt = (void *)req->data;
1406 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
1407 struct ieee80211_local *local = sdata->local;
1408 int tx_last_beacon, len = req->len;
1409 struct sk_buff *skb;
1410 struct beacon_data *presp;
1411 u8 *pos, *end;
1412
1413 sdata_assert_lock(sdata);
1414
1415 presp = rcu_dereference_protected(ifibss->presp,
1416 lockdep_is_held(&sdata->wdev.mtx));
1417
1418 if (ifibss->state != IEEE80211_IBSS_MLME_JOINED ||
1419 len < 24 + 2 || !presp)
1420 return;
1421
1422 tx_last_beacon = drv_tx_last_beacon(local);
1423
1424 ibss_dbg(sdata,
1425 "RX ProbeReq SA=%pM DA=%pM BSSID=%pM (tx_last_beacon=%d)\n",
1426 mgmt->sa, mgmt->da, mgmt->bssid, tx_last_beacon);
1427
1428 if (!tx_last_beacon && is_multicast_ether_addr(mgmt->da))
1429 return;
1430
1431 if (!ether_addr_equal(mgmt->bssid, ifibss->bssid) &&
1432 !is_broadcast_ether_addr(mgmt->bssid))
1433 return;
1434
1435 end = ((u8 *) mgmt) + len;
1436 pos = mgmt->u.probe_req.variable;
1437 if (pos[0] != WLAN_EID_SSID ||
1438 pos + 2 + pos[1] > end) {
1439 ibss_dbg(sdata, "Invalid SSID IE in ProbeReq from %pM\n",
1440 mgmt->sa);
1441 return;
1442 }
1443 if (pos[1] != 0 &&
1444 (pos[1] != ifibss->ssid_len ||
1445 memcmp(pos + 2, ifibss->ssid, ifibss->ssid_len))) {
1446
1447 return;
1448 }
1449
1450
1451 skb = dev_alloc_skb(local->tx_headroom + presp->head_len);
1452 if (!skb)
1453 return;
1454
1455 skb_reserve(skb, local->tx_headroom);
1456 memcpy(skb_put(skb, presp->head_len), presp->head, presp->head_len);
1457
1458 memcpy(((struct ieee80211_mgmt *) skb->data)->da, mgmt->sa, ETH_ALEN);
1459 ibss_dbg(sdata, "Sending ProbeResp to %pM\n", mgmt->sa);
1460 IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT;
1461
1462
1463 if (pos[1] == 0)
1464 IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_CTL_NO_ACK;
1465
1466 ieee80211_tx_skb(sdata, skb);
1467}
1468
1469static
1470void ieee80211_rx_mgmt_probe_beacon(struct ieee80211_sub_if_data *sdata,
1471 struct ieee80211_mgmt *mgmt, size_t len,
1472 struct ieee80211_rx_status *rx_status)
1473{
1474 size_t baselen;
1475 struct ieee802_11_elems elems;
1476
1477 BUILD_BUG_ON(offsetof(typeof(mgmt->u.probe_resp), variable) !=
1478 offsetof(typeof(mgmt->u.beacon), variable));
1479
1480
1481
1482
1483
1484 baselen = (u8 *) mgmt->u.probe_resp.variable - (u8 *) mgmt;
1485 if (baselen > len)
1486 return;
1487
1488 ieee802_11_parse_elems(mgmt->u.probe_resp.variable, len - baselen,
1489 false, &elems);
1490
1491 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems);
1492}
1493
1494void ieee80211_ibss_rx_queued_mgmt(struct ieee80211_sub_if_data *sdata,
1495 struct sk_buff *skb)
1496{
1497 struct ieee80211_rx_status *rx_status;
1498 struct ieee80211_mgmt *mgmt;
1499 u16 fc;
1500 struct ieee802_11_elems elems;
1501 int ies_len;
1502
1503 rx_status = IEEE80211_SKB_RXCB(skb);
1504 mgmt = (struct ieee80211_mgmt *) skb->data;
1505 fc = le16_to_cpu(mgmt->frame_control);
1506
1507 sdata_lock(sdata);
1508
1509 if (!sdata->u.ibss.ssid_len)
1510 goto mgmt_out;
1511
1512 switch (fc & IEEE80211_FCTL_STYPE) {
1513 case IEEE80211_STYPE_PROBE_REQ:
1514 ieee80211_rx_mgmt_probe_req(sdata, skb);
1515 break;
1516 case IEEE80211_STYPE_PROBE_RESP:
1517 case IEEE80211_STYPE_BEACON:
1518 ieee80211_rx_mgmt_probe_beacon(sdata, mgmt, skb->len,
1519 rx_status);
1520 break;
1521 case IEEE80211_STYPE_AUTH:
1522 ieee80211_rx_mgmt_auth_ibss(sdata, mgmt, skb->len);
1523 break;
1524 case IEEE80211_STYPE_DEAUTH:
1525 ieee80211_rx_mgmt_deauth_ibss(sdata, mgmt, skb->len);
1526 break;
1527 case IEEE80211_STYPE_ACTION:
1528 switch (mgmt->u.action.category) {
1529 case WLAN_CATEGORY_SPECTRUM_MGMT:
1530 ies_len = skb->len -
1531 offsetof(struct ieee80211_mgmt,
1532 u.action.u.chan_switch.variable);
1533
1534 if (ies_len < 0)
1535 break;
1536
1537 ieee802_11_parse_elems(
1538 mgmt->u.action.u.chan_switch.variable,
1539 ies_len, true, &elems);
1540
1541 if (elems.parse_error)
1542 break;
1543
1544 ieee80211_rx_mgmt_spectrum_mgmt(sdata, mgmt, skb->len,
1545 rx_status, &elems);
1546 break;
1547 }
1548 }
1549
1550 mgmt_out:
1551 sdata_unlock(sdata);
1552}
1553
1554void ieee80211_ibss_work(struct ieee80211_sub_if_data *sdata)
1555{
1556 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
1557 struct sta_info *sta;
1558
1559 sdata_lock(sdata);
1560
1561
1562
1563
1564
1565
1566 if (!ifibss->ssid_len)
1567 goto out;
1568
1569 spin_lock_bh(&ifibss->incomplete_lock);
1570 while (!list_empty(&ifibss->incomplete_stations)) {
1571 sta = list_first_entry(&ifibss->incomplete_stations,
1572 struct sta_info, list);
1573 list_del(&sta->list);
1574 spin_unlock_bh(&ifibss->incomplete_lock);
1575
1576 ieee80211_ibss_finish_sta(sta);
1577 rcu_read_unlock();
1578 spin_lock_bh(&ifibss->incomplete_lock);
1579 }
1580 spin_unlock_bh(&ifibss->incomplete_lock);
1581
1582 switch (ifibss->state) {
1583 case IEEE80211_IBSS_MLME_SEARCH:
1584 ieee80211_sta_find_ibss(sdata);
1585 break;
1586 case IEEE80211_IBSS_MLME_JOINED:
1587 ieee80211_sta_merge_ibss(sdata);
1588 break;
1589 default:
1590 WARN_ON(1);
1591 break;
1592 }
1593
1594 out:
1595 sdata_unlock(sdata);
1596}
1597
1598static void ieee80211_ibss_timer(unsigned long data)
1599{
1600 struct ieee80211_sub_if_data *sdata =
1601 (struct ieee80211_sub_if_data *) data;
1602
1603 ieee80211_queue_work(&sdata->local->hw, &sdata->work);
1604}
1605
1606void ieee80211_ibss_setup_sdata(struct ieee80211_sub_if_data *sdata)
1607{
1608 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
1609
1610 setup_timer(&ifibss->timer, ieee80211_ibss_timer,
1611 (unsigned long) sdata);
1612 INIT_LIST_HEAD(&ifibss->incomplete_stations);
1613 spin_lock_init(&ifibss->incomplete_lock);
1614 INIT_WORK(&ifibss->csa_connection_drop_work,
1615 ieee80211_csa_connection_drop_work);
1616}
1617
1618
1619void ieee80211_ibss_notify_scan_completed(struct ieee80211_local *local)
1620{
1621 struct ieee80211_sub_if_data *sdata;
1622
1623 mutex_lock(&local->iflist_mtx);
1624 list_for_each_entry(sdata, &local->interfaces, list) {
1625 if (!ieee80211_sdata_running(sdata))
1626 continue;
1627 if (sdata->vif.type != NL80211_IFTYPE_ADHOC)
1628 continue;
1629 sdata->u.ibss.last_scan_completed = jiffies;
1630 ieee80211_queue_work(&local->hw, &sdata->work);
1631 }
1632 mutex_unlock(&local->iflist_mtx);
1633}
1634
1635int ieee80211_ibss_join(struct ieee80211_sub_if_data *sdata,
1636 struct cfg80211_ibss_params *params)
1637{
1638 u32 changed = 0;
1639 u32 rate_flags;
1640 struct ieee80211_supported_band *sband;
1641 enum ieee80211_chanctx_mode chanmode;
1642 struct ieee80211_local *local = sdata->local;
1643 int radar_detect_width = 0;
1644 int i;
1645 int ret;
1646
1647 ret = cfg80211_chandef_dfs_required(local->hw.wiphy,
1648 ¶ms->chandef,
1649 sdata->wdev.iftype);
1650 if (ret < 0)
1651 return ret;
1652
1653 if (ret > 0) {
1654 if (!params->userspace_handles_dfs)
1655 return -EINVAL;
1656 radar_detect_width = BIT(params->chandef.width);
1657 }
1658
1659 chanmode = (params->channel_fixed && !ret) ?
1660 IEEE80211_CHANCTX_SHARED : IEEE80211_CHANCTX_EXCLUSIVE;
1661
1662 mutex_lock(&local->chanctx_mtx);
1663 ret = ieee80211_check_combinations(sdata, ¶ms->chandef, chanmode,
1664 radar_detect_width);
1665 mutex_unlock(&local->chanctx_mtx);
1666 if (ret < 0)
1667 return ret;
1668
1669 if (params->bssid) {
1670 memcpy(sdata->u.ibss.bssid, params->bssid, ETH_ALEN);
1671 sdata->u.ibss.fixed_bssid = true;
1672 } else
1673 sdata->u.ibss.fixed_bssid = false;
1674
1675 sdata->u.ibss.privacy = params->privacy;
1676 sdata->u.ibss.control_port = params->control_port;
1677 sdata->u.ibss.userspace_handles_dfs = params->userspace_handles_dfs;
1678 sdata->u.ibss.basic_rates = params->basic_rates;
1679 sdata->u.ibss.last_scan_completed = jiffies;
1680
1681
1682 rate_flags = ieee80211_chandef_rate_flags(¶ms->chandef);
1683 sband = local->hw.wiphy->bands[params->chandef.chan->band];
1684 for (i = 0; i < sband->n_bitrates; i++) {
1685 if ((rate_flags & sband->bitrates[i].flags) != rate_flags)
1686 sdata->u.ibss.basic_rates &= ~BIT(i);
1687 }
1688 memcpy(sdata->vif.bss_conf.mcast_rate, params->mcast_rate,
1689 sizeof(params->mcast_rate));
1690
1691 sdata->vif.bss_conf.beacon_int = params->beacon_interval;
1692
1693 sdata->u.ibss.chandef = params->chandef;
1694 sdata->u.ibss.fixed_channel = params->channel_fixed;
1695
1696 if (params->ie) {
1697 sdata->u.ibss.ie = kmemdup(params->ie, params->ie_len,
1698 GFP_KERNEL);
1699 if (sdata->u.ibss.ie)
1700 sdata->u.ibss.ie_len = params->ie_len;
1701 }
1702
1703 sdata->u.ibss.state = IEEE80211_IBSS_MLME_SEARCH;
1704 sdata->u.ibss.ibss_join_req = jiffies;
1705
1706 memcpy(sdata->u.ibss.ssid, params->ssid, params->ssid_len);
1707 sdata->u.ibss.ssid_len = params->ssid_len;
1708
1709 memcpy(&sdata->u.ibss.ht_capa, ¶ms->ht_capa,
1710 sizeof(sdata->u.ibss.ht_capa));
1711 memcpy(&sdata->u.ibss.ht_capa_mask, ¶ms->ht_capa_mask,
1712 sizeof(sdata->u.ibss.ht_capa_mask));
1713
1714
1715
1716
1717
1718
1719
1720
1721
1722
1723
1724 sdata->vif.bss_conf.ht_operation_mode |=
1725 IEEE80211_HT_OP_MODE_PROTECTION_NONHT_MIXED
1726 | IEEE80211_HT_PARAM_RIFS_MODE;
1727
1728 changed |= BSS_CHANGED_HT;
1729 ieee80211_bss_info_change_notify(sdata, changed);
1730
1731 sdata->smps_mode = IEEE80211_SMPS_OFF;
1732 sdata->needed_rx_chains = local->rx_chains;
1733
1734 ieee80211_queue_work(&local->hw, &sdata->work);
1735
1736 return 0;
1737}
1738
1739int ieee80211_ibss_leave(struct ieee80211_sub_if_data *sdata)
1740{
1741 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
1742
1743 ieee80211_ibss_disconnect(sdata);
1744 ifibss->ssid_len = 0;
1745 memset(ifibss->bssid, 0, ETH_ALEN);
1746
1747
1748 kfree(sdata->u.ibss.ie);
1749
1750
1751 memset(&ifibss->ht_capa, 0, sizeof(ifibss->ht_capa));
1752 memset(&ifibss->ht_capa_mask, 0, sizeof(ifibss->ht_capa_mask));
1753
1754 synchronize_rcu();
1755
1756 skb_queue_purge(&sdata->skb_queue);
1757
1758 del_timer_sync(&sdata->u.ibss.timer);
1759
1760 return 0;
1761}
1762
