1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16#include <linux/delay.h>
17#include <linux/if_ether.h>
18#include <linux/skbuff.h>
19#include <linux/if_arp.h>
20#include <linux/etherdevice.h>
21#include <linux/moduleparam.h>
22#include <linux/rtnetlink.h>
23#include <linux/pm_qos.h>
24#include <linux/crc32.h>
25#include <linux/slab.h>
26#include <linux/export.h>
27#include <net/mac80211.h>
28#include <asm/unaligned.h>
29
30#include "ieee80211_i.h"
31#include "driver-ops.h"
32#include "rate.h"
33#include "led.h"
34
35#define IEEE80211_AUTH_TIMEOUT (HZ / 5)
36#define IEEE80211_AUTH_TIMEOUT_LONG (HZ / 2)
37#define IEEE80211_AUTH_TIMEOUT_SHORT (HZ / 10)
38#define IEEE80211_AUTH_MAX_TRIES 3
39#define IEEE80211_AUTH_WAIT_ASSOC (HZ * 5)
40#define IEEE80211_ASSOC_TIMEOUT (HZ / 5)
41#define IEEE80211_ASSOC_TIMEOUT_LONG (HZ / 2)
42#define IEEE80211_ASSOC_TIMEOUT_SHORT (HZ / 10)
43#define IEEE80211_ASSOC_MAX_TRIES 3
44
45static int max_nullfunc_tries = 2;
46module_param(max_nullfunc_tries, int, 0644);
47MODULE_PARM_DESC(max_nullfunc_tries,
48 "Maximum nullfunc tx tries before disconnecting (reason 4).");
49
50static int max_probe_tries = 5;
51module_param(max_probe_tries, int, 0644);
52MODULE_PARM_DESC(max_probe_tries,
53 "Maximum probe tries before disconnecting (reason 4).");
54
55
56
57
58
59
60
61
62
63static int beacon_loss_count = 7;
64module_param(beacon_loss_count, int, 0644);
65MODULE_PARM_DESC(beacon_loss_count,
66 "Number of beacon intervals before we decide beacon was lost.");
67
68
69
70
71
72#define IEEE80211_CONNECTION_IDLE_TIME (30 * HZ)
73
74
75
76
77
78static int probe_wait_ms = 500;
79module_param(probe_wait_ms, int, 0644);
80MODULE_PARM_DESC(probe_wait_ms,
81 "Maximum time(ms) to wait for probe response"
82 " before disconnecting (reason 4).");
83
84
85
86
87
88
89#define IEEE80211_SIGNAL_AVE_WEIGHT 3
90
91
92
93
94
95#define IEEE80211_SIGNAL_AVE_MIN_COUNT 4
96
97
98
99
100
101
102
103
104
105
106
107static void run_again(struct ieee80211_sub_if_data *sdata,
108 unsigned long timeout)
109{
110 sdata_assert_lock(sdata);
111
112 if (!timer_pending(&sdata->u.mgd.timer) ||
113 time_before(timeout, sdata->u.mgd.timer.expires))
114 mod_timer(&sdata->u.mgd.timer, timeout);
115}
116
117void ieee80211_sta_reset_beacon_monitor(struct ieee80211_sub_if_data *sdata)
118{
119 if (sdata->vif.driver_flags & IEEE80211_VIF_BEACON_FILTER)
120 return;
121
122 if (ieee80211_hw_check(&sdata->local->hw, CONNECTION_MONITOR))
123 return;
124
125 mod_timer(&sdata->u.mgd.bcn_mon_timer,
126 round_jiffies_up(jiffies + sdata->u.mgd.beacon_timeout));
127}
128
129void ieee80211_sta_reset_conn_monitor(struct ieee80211_sub_if_data *sdata)
130{
131 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
132
133 if (unlikely(!sdata->u.mgd.associated))
134 return;
135
136 ifmgd->probe_send_count = 0;
137
138 if (ieee80211_hw_check(&sdata->local->hw, CONNECTION_MONITOR))
139 return;
140
141 mod_timer(&sdata->u.mgd.conn_mon_timer,
142 round_jiffies_up(jiffies + IEEE80211_CONNECTION_IDLE_TIME));
143}
144
145static int ecw2cw(int ecw)
146{
147 return (1 << ecw) - 1;
148}
149
150static u32
151ieee80211_determine_chantype(struct ieee80211_sub_if_data *sdata,
152 struct ieee80211_supported_band *sband,
153 struct ieee80211_channel *channel,
154 const struct ieee80211_ht_cap *ht_cap,
155 const struct ieee80211_ht_operation *ht_oper,
156 const struct ieee80211_vht_operation *vht_oper,
157 struct cfg80211_chan_def *chandef, bool tracking)
158{
159 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
160 struct cfg80211_chan_def vht_chandef;
161 struct ieee80211_sta_ht_cap sta_ht_cap;
162 u32 ht_cfreq, ret;
163
164 memcpy(&sta_ht_cap, &sband->ht_cap, sizeof(sta_ht_cap));
165 ieee80211_apply_htcap_overrides(sdata, &sta_ht_cap);
166
167 chandef->chan = channel;
168 chandef->width = NL80211_CHAN_WIDTH_20_NOHT;
169 chandef->center_freq1 = channel->center_freq;
170 chandef->center_freq2 = 0;
171
172 if (!ht_cap || !ht_oper || !sta_ht_cap.ht_supported) {
173 ret = IEEE80211_STA_DISABLE_HT | IEEE80211_STA_DISABLE_VHT;
174 goto out;
175 }
176
177 chandef->width = NL80211_CHAN_WIDTH_20;
178
179 if (!(ht_cap->cap_info &
180 cpu_to_le16(IEEE80211_HT_CAP_SUP_WIDTH_20_40))) {
181 ret = IEEE80211_STA_DISABLE_40MHZ;
182 vht_chandef = *chandef;
183 goto out;
184 }
185
186 ht_cfreq = ieee80211_channel_to_frequency(ht_oper->primary_chan,
187 channel->band);
188
189 if (!tracking && channel->center_freq != ht_cfreq) {
190
191
192
193
194
195
196
197 sdata_info(sdata,
198 "Wrong control channel: center-freq: %d ht-cfreq: %d ht->primary_chan: %d band: %d - Disabling HT\n",
199 channel->center_freq, ht_cfreq,
200 ht_oper->primary_chan, channel->band);
201 ret = IEEE80211_STA_DISABLE_HT | IEEE80211_STA_DISABLE_VHT;
202 goto out;
203 }
204
205
206 if (sta_ht_cap.cap & IEEE80211_HT_CAP_SUP_WIDTH_20_40) {
207 switch (ht_oper->ht_param & IEEE80211_HT_PARAM_CHA_SEC_OFFSET) {
208 case IEEE80211_HT_PARAM_CHA_SEC_ABOVE:
209 chandef->width = NL80211_CHAN_WIDTH_40;
210 chandef->center_freq1 += 10;
211 break;
212 case IEEE80211_HT_PARAM_CHA_SEC_BELOW:
213 chandef->width = NL80211_CHAN_WIDTH_40;
214 chandef->center_freq1 -= 10;
215 break;
216 }
217 } else {
218
219 ret = IEEE80211_STA_DISABLE_VHT;
220
221 ret |= IEEE80211_STA_DISABLE_40MHZ;
222 goto out;
223 }
224
225 if (!vht_oper || !sband->vht_cap.vht_supported) {
226 ret = IEEE80211_STA_DISABLE_VHT;
227 goto out;
228 }
229
230 vht_chandef.chan = channel;
231 vht_chandef.center_freq1 =
232 ieee80211_channel_to_frequency(vht_oper->center_freq_seg1_idx,
233 channel->band);
234 vht_chandef.center_freq2 = 0;
235
236 switch (vht_oper->chan_width) {
237 case IEEE80211_VHT_CHANWIDTH_USE_HT:
238 vht_chandef.width = chandef->width;
239 vht_chandef.center_freq1 = chandef->center_freq1;
240 break;
241 case IEEE80211_VHT_CHANWIDTH_80MHZ:
242 vht_chandef.width = NL80211_CHAN_WIDTH_80;
243 break;
244 case IEEE80211_VHT_CHANWIDTH_160MHZ:
245 vht_chandef.width = NL80211_CHAN_WIDTH_160;
246 break;
247 case IEEE80211_VHT_CHANWIDTH_80P80MHZ:
248 vht_chandef.width = NL80211_CHAN_WIDTH_80P80;
249 vht_chandef.center_freq2 =
250 ieee80211_channel_to_frequency(
251 vht_oper->center_freq_seg2_idx,
252 channel->band);
253 break;
254 default:
255 if (!(ifmgd->flags & IEEE80211_STA_DISABLE_VHT))
256 sdata_info(sdata,
257 "AP VHT operation IE has invalid channel width (%d), disable VHT\n",
258 vht_oper->chan_width);
259 ret = IEEE80211_STA_DISABLE_VHT;
260 goto out;
261 }
262
263 if (!cfg80211_chandef_valid(&vht_chandef)) {
264 if (!(ifmgd->flags & IEEE80211_STA_DISABLE_VHT))
265 sdata_info(sdata,
266 "AP VHT information is invalid, disable VHT\n");
267 ret = IEEE80211_STA_DISABLE_VHT;
268 goto out;
269 }
270
271 if (cfg80211_chandef_identical(chandef, &vht_chandef)) {
272 ret = 0;
273 goto out;
274 }
275
276 if (!cfg80211_chandef_compatible(chandef, &vht_chandef)) {
277 if (!(ifmgd->flags & IEEE80211_STA_DISABLE_VHT))
278 sdata_info(sdata,
279 "AP VHT information doesn't match HT, disable VHT\n");
280 ret = IEEE80211_STA_DISABLE_VHT;
281 goto out;
282 }
283
284 *chandef = vht_chandef;
285
286 ret = 0;
287
288out:
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307 if (tracking &&
308 cfg80211_chandef_identical(chandef, &sdata->vif.bss_conf.chandef))
309 return ret;
310
311
312 if (ret & IEEE80211_STA_DISABLE_VHT)
313 vht_chandef = *chandef;
314
315
316
317
318
319
320
321
322
323 while (!cfg80211_chandef_usable(sdata->local->hw.wiphy, chandef,
324 tracking ? 0 :
325 IEEE80211_CHAN_DISABLED)) {
326 if (WARN_ON(chandef->width == NL80211_CHAN_WIDTH_20_NOHT)) {
327 ret = IEEE80211_STA_DISABLE_HT |
328 IEEE80211_STA_DISABLE_VHT;
329 break;
330 }
331
332 ret |= ieee80211_chandef_downgrade(chandef);
333 }
334
335 if (chandef->width != vht_chandef.width && !tracking)
336 sdata_info(sdata,
337 "capabilities/regulatory prevented using AP HT/VHT configuration, downgraded\n");
338
339 WARN_ON_ONCE(!cfg80211_chandef_valid(chandef));
340 return ret;
341}
342
343static int ieee80211_config_bw(struct ieee80211_sub_if_data *sdata,
344 struct sta_info *sta,
345 const struct ieee80211_ht_cap *ht_cap,
346 const struct ieee80211_ht_operation *ht_oper,
347 const struct ieee80211_vht_operation *vht_oper,
348 const u8 *bssid, u32 *changed)
349{
350 struct ieee80211_local *local = sdata->local;
351 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
352 struct ieee80211_supported_band *sband;
353 struct ieee80211_channel *chan;
354 struct cfg80211_chan_def chandef;
355 u16 ht_opmode;
356 u32 flags;
357 enum ieee80211_sta_rx_bandwidth new_sta_bw;
358 int ret;
359
360
361 if (ifmgd->flags & IEEE80211_STA_DISABLE_HT || !ht_oper)
362 return 0;
363
364
365 if (ifmgd->flags & IEEE80211_STA_DISABLE_VHT)
366 vht_oper = NULL;
367
368 if (WARN_ON_ONCE(!sta))
369 return -EINVAL;
370
371
372
373
374
375 ht_opmode = le16_to_cpu(ht_oper->operation_mode);
376 if (sdata->vif.bss_conf.ht_operation_mode != ht_opmode) {
377 *changed |= BSS_CHANGED_HT;
378 sdata->vif.bss_conf.ht_operation_mode = ht_opmode;
379 }
380
381 chan = sdata->vif.bss_conf.chandef.chan;
382 sband = local->hw.wiphy->bands[chan->band];
383
384
385 flags = ieee80211_determine_chantype(sdata, sband, chan,
386 ht_cap, ht_oper, vht_oper,
387 &chandef, true);
388
389
390
391
392
393
394
395
396 if (ifmgd->flags & IEEE80211_STA_DISABLE_80P80MHZ &&
397 chandef.width == NL80211_CHAN_WIDTH_80P80)
398 flags |= ieee80211_chandef_downgrade(&chandef);
399 if (ifmgd->flags & IEEE80211_STA_DISABLE_160MHZ &&
400 chandef.width == NL80211_CHAN_WIDTH_160)
401 flags |= ieee80211_chandef_downgrade(&chandef);
402 if (ifmgd->flags & IEEE80211_STA_DISABLE_40MHZ &&
403 chandef.width > NL80211_CHAN_WIDTH_20)
404 flags |= ieee80211_chandef_downgrade(&chandef);
405
406 if (cfg80211_chandef_identical(&chandef, &sdata->vif.bss_conf.chandef))
407 return 0;
408
409 sdata_info(sdata,
410 "AP %pM changed bandwidth, new config is %d MHz, width %d (%d/%d MHz)\n",
411 ifmgd->bssid, chandef.chan->center_freq, chandef.width,
412 chandef.center_freq1, chandef.center_freq2);
413
414 if (flags != (ifmgd->flags & (IEEE80211_STA_DISABLE_HT |
415 IEEE80211_STA_DISABLE_VHT |
416 IEEE80211_STA_DISABLE_40MHZ |
417 IEEE80211_STA_DISABLE_80P80MHZ |
418 IEEE80211_STA_DISABLE_160MHZ)) ||
419 !cfg80211_chandef_valid(&chandef)) {
420 sdata_info(sdata,
421 "AP %pM changed bandwidth in a way we can't support - disconnect\n",
422 ifmgd->bssid);
423 return -EINVAL;
424 }
425
426 switch (chandef.width) {
427 case NL80211_CHAN_WIDTH_20_NOHT:
428 case NL80211_CHAN_WIDTH_20:
429 new_sta_bw = IEEE80211_STA_RX_BW_20;
430 break;
431 case NL80211_CHAN_WIDTH_40:
432 new_sta_bw = IEEE80211_STA_RX_BW_40;
433 break;
434 case NL80211_CHAN_WIDTH_80:
435 new_sta_bw = IEEE80211_STA_RX_BW_80;
436 break;
437 case NL80211_CHAN_WIDTH_80P80:
438 case NL80211_CHAN_WIDTH_160:
439 new_sta_bw = IEEE80211_STA_RX_BW_160;
440 break;
441 default:
442 return -EINVAL;
443 }
444
445 if (new_sta_bw > sta->cur_max_bandwidth)
446 new_sta_bw = sta->cur_max_bandwidth;
447
448 if (new_sta_bw < sta->sta.bandwidth) {
449 sta->sta.bandwidth = new_sta_bw;
450 rate_control_rate_update(local, sband, sta,
451 IEEE80211_RC_BW_CHANGED);
452 }
453
454 ret = ieee80211_vif_change_bandwidth(sdata, &chandef, changed);
455 if (ret) {
456 sdata_info(sdata,
457 "AP %pM changed bandwidth to incompatible one - disconnect\n",
458 ifmgd->bssid);
459 return ret;
460 }
461
462 if (new_sta_bw > sta->sta.bandwidth) {
463 sta->sta.bandwidth = new_sta_bw;
464 rate_control_rate_update(local, sband, sta,
465 IEEE80211_RC_BW_CHANGED);
466 }
467
468 return 0;
469}
470
471
472
473static void ieee80211_add_ht_ie(struct ieee80211_sub_if_data *sdata,
474 struct sk_buff *skb, u8 ap_ht_param,
475 struct ieee80211_supported_band *sband,
476 struct ieee80211_channel *channel,
477 enum ieee80211_smps_mode smps)
478{
479 u8 *pos;
480 u32 flags = channel->flags;
481 u16 cap;
482 struct ieee80211_sta_ht_cap ht_cap;
483
484 BUILD_BUG_ON(sizeof(ht_cap) != sizeof(sband->ht_cap));
485
486 memcpy(&ht_cap, &sband->ht_cap, sizeof(ht_cap));
487 ieee80211_apply_htcap_overrides(sdata, &ht_cap);
488
489
490 cap = ht_cap.cap;
491
492 switch (ap_ht_param & IEEE80211_HT_PARAM_CHA_SEC_OFFSET) {
493 case IEEE80211_HT_PARAM_CHA_SEC_ABOVE:
494 if (flags & IEEE80211_CHAN_NO_HT40PLUS) {
495 cap &= ~IEEE80211_HT_CAP_SUP_WIDTH_20_40;
496 cap &= ~IEEE80211_HT_CAP_SGI_40;
497 }
498 break;
499 case IEEE80211_HT_PARAM_CHA_SEC_BELOW:
500 if (flags & IEEE80211_CHAN_NO_HT40MINUS) {
501 cap &= ~IEEE80211_HT_CAP_SUP_WIDTH_20_40;
502 cap &= ~IEEE80211_HT_CAP_SGI_40;
503 }
504 break;
505 }
506
507
508
509
510
511
512 if (sdata->u.mgd.flags & IEEE80211_STA_DISABLE_40MHZ) {
513 cap &= ~IEEE80211_HT_CAP_SUP_WIDTH_20_40;
514 cap &= ~IEEE80211_HT_CAP_SGI_40;
515 }
516
517
518 cap &= ~IEEE80211_HT_CAP_SM_PS;
519 switch (smps) {
520 case IEEE80211_SMPS_AUTOMATIC:
521 case IEEE80211_SMPS_NUM_MODES:
522 WARN_ON(1);
523 case IEEE80211_SMPS_OFF:
524 cap |= WLAN_HT_CAP_SM_PS_DISABLED <<
525 IEEE80211_HT_CAP_SM_PS_SHIFT;
526 break;
527 case IEEE80211_SMPS_STATIC:
528 cap |= WLAN_HT_CAP_SM_PS_STATIC <<
529 IEEE80211_HT_CAP_SM_PS_SHIFT;
530 break;
531 case IEEE80211_SMPS_DYNAMIC:
532 cap |= WLAN_HT_CAP_SM_PS_DYNAMIC <<
533 IEEE80211_HT_CAP_SM_PS_SHIFT;
534 break;
535 }
536
537
538 pos = skb_put(skb, sizeof(struct ieee80211_ht_cap) + 2);
539 ieee80211_ie_build_ht_cap(pos, &ht_cap, cap);
540}
541
542
543
544
545
546static void ieee80211_add_vht_ie(struct ieee80211_sub_if_data *sdata,
547 struct sk_buff *skb,
548 struct ieee80211_supported_band *sband,
549 struct ieee80211_vht_cap *ap_vht_cap)
550{
551 struct ieee80211_local *local = sdata->local;
552 u8 *pos;
553 u32 cap;
554 struct ieee80211_sta_vht_cap vht_cap;
555 u32 mask, ap_bf_sts, our_bf_sts;
556
557 BUILD_BUG_ON(sizeof(vht_cap) != sizeof(sband->vht_cap));
558
559 memcpy(&vht_cap, &sband->vht_cap, sizeof(vht_cap));
560 ieee80211_apply_vhtcap_overrides(sdata, &vht_cap);
561
562
563 cap = vht_cap.cap;
564
565 if (sdata->u.mgd.flags & IEEE80211_STA_DISABLE_80P80MHZ) {
566 u32 bw = cap & IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_MASK;
567
568 cap &= ~IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_MASK;
569 if (bw == IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_160MHZ ||
570 bw == IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ)
571 cap |= IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
572 }
573
574 if (sdata->u.mgd.flags & IEEE80211_STA_DISABLE_160MHZ) {
575 cap &= ~IEEE80211_VHT_CAP_SHORT_GI_160;
576 cap &= ~IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_MASK;
577 }
578
579
580
581
582
583 if (!(ap_vht_cap->vht_cap_info &
584 cpu_to_le32(IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE)))
585 cap &= ~(IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE |
586 IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE);
587 else if (!(ap_vht_cap->vht_cap_info &
588 cpu_to_le32(IEEE80211_VHT_CAP_MU_BEAMFORMER_CAPABLE)))
589 cap &= ~IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE;
590
591
592
593
594
595
596
597
598 if (cap & IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE) {
599 bool disable_mu_mimo = false;
600 struct ieee80211_sub_if_data *other;
601
602 list_for_each_entry_rcu(other, &local->interfaces, list) {
603 if (other->flags & IEEE80211_SDATA_MU_MIMO_OWNER) {
604 disable_mu_mimo = true;
605 break;
606 }
607 }
608 if (disable_mu_mimo)
609 cap &= ~IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE;
610 else
611 sdata->flags |= IEEE80211_SDATA_MU_MIMO_OWNER;
612 }
613
614 mask = IEEE80211_VHT_CAP_BEAMFORMEE_STS_MASK;
615
616 ap_bf_sts = le32_to_cpu(ap_vht_cap->vht_cap_info) & mask;
617 our_bf_sts = cap & mask;
618
619 if (ap_bf_sts < our_bf_sts) {
620 cap &= ~mask;
621 cap |= ap_bf_sts;
622 }
623
624
625 pos = skb_put(skb, sizeof(struct ieee80211_vht_cap) + 2);
626 ieee80211_ie_build_vht_cap(pos, &vht_cap, cap);
627}
628
629static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata)
630{
631 struct ieee80211_local *local = sdata->local;
632 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
633 struct ieee80211_mgd_assoc_data *assoc_data = ifmgd->assoc_data;
634 struct sk_buff *skb;
635 struct ieee80211_mgmt *mgmt;
636 u8 *pos, qos_info;
637 size_t offset = 0, noffset;
638 int i, count, rates_len, supp_rates_len, shift;
639 u16 capab;
640 struct ieee80211_supported_band *sband;
641 struct ieee80211_chanctx_conf *chanctx_conf;
642 struct ieee80211_channel *chan;
643 u32 rate_flags, rates = 0;
644
645 sdata_assert_lock(sdata);
646
647 rcu_read_lock();
648 chanctx_conf = rcu_dereference(sdata->vif.chanctx_conf);
649 if (WARN_ON(!chanctx_conf)) {
650 rcu_read_unlock();
651 return;
652 }
653 chan = chanctx_conf->def.chan;
654 rate_flags = ieee80211_chandef_rate_flags(&chanctx_conf->def);
655 rcu_read_unlock();
656 sband = local->hw.wiphy->bands[chan->band];
657 shift = ieee80211_vif_get_shift(&sdata->vif);
658
659 if (assoc_data->supp_rates_len) {
660
661
662
663
664
665
666 rates_len = ieee80211_parse_bitrates(&chanctx_conf->def, sband,
667 assoc_data->supp_rates,
668 assoc_data->supp_rates_len,
669 &rates);
670 } else {
671
672
673
674
675
676 rates_len = 0;
677 for (i = 0; i < sband->n_bitrates; i++) {
678 if ((rate_flags & sband->bitrates[i].flags)
679 != rate_flags)
680 continue;
681 rates |= BIT(i);
682 rates_len++;
683 }
684 }
685
686 skb = alloc_skb(local->hw.extra_tx_headroom +
687 sizeof(*mgmt) +
688 2 + assoc_data->ssid_len +
689 4 + rates_len +
690 4 +
691 2 + 2 * sband->n_channels +
692 2 + sizeof(struct ieee80211_ht_cap) +
693 2 + sizeof(struct ieee80211_vht_cap) +
694 assoc_data->ie_len +
695 9,
696 GFP_KERNEL);
697 if (!skb)
698 return;
699
700 skb_reserve(skb, local->hw.extra_tx_headroom);
701
702 capab = WLAN_CAPABILITY_ESS;
703
704 if (sband->band == IEEE80211_BAND_2GHZ) {
705 capab |= WLAN_CAPABILITY_SHORT_SLOT_TIME;
706 capab |= WLAN_CAPABILITY_SHORT_PREAMBLE;
707 }
708
709 if (assoc_data->capability & WLAN_CAPABILITY_PRIVACY)
710 capab |= WLAN_CAPABILITY_PRIVACY;
711
712 if ((assoc_data->capability & WLAN_CAPABILITY_SPECTRUM_MGMT) &&
713 ieee80211_hw_check(&local->hw, SPECTRUM_MGMT))
714 capab |= WLAN_CAPABILITY_SPECTRUM_MGMT;
715
716 if (ifmgd->flags & IEEE80211_STA_ENABLE_RRM)
717 capab |= WLAN_CAPABILITY_RADIO_MEASURE;
718
719 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
720 memset(mgmt, 0, 24);
721 memcpy(mgmt->da, assoc_data->bss->bssid, ETH_ALEN);
722 memcpy(mgmt->sa, sdata->vif.addr, ETH_ALEN);
723 memcpy(mgmt->bssid, assoc_data->bss->bssid, ETH_ALEN);
724
725 if (!is_zero_ether_addr(assoc_data->prev_bssid)) {
726 skb_put(skb, 10);
727 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
728 IEEE80211_STYPE_REASSOC_REQ);
729 mgmt->u.reassoc_req.capab_info = cpu_to_le16(capab);
730 mgmt->u.reassoc_req.listen_interval =
731 cpu_to_le16(local->hw.conf.listen_interval);
732 memcpy(mgmt->u.reassoc_req.current_ap, assoc_data->prev_bssid,
733 ETH_ALEN);
734 } else {
735 skb_put(skb, 4);
736 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
737 IEEE80211_STYPE_ASSOC_REQ);
738 mgmt->u.assoc_req.capab_info = cpu_to_le16(capab);
739 mgmt->u.assoc_req.listen_interval =
740 cpu_to_le16(local->hw.conf.listen_interval);
741 }
742
743
744 pos = skb_put(skb, 2 + assoc_data->ssid_len);
745 *pos++ = WLAN_EID_SSID;
746 *pos++ = assoc_data->ssid_len;
747 memcpy(pos, assoc_data->ssid, assoc_data->ssid_len);
748
749
750 supp_rates_len = rates_len;
751 if (supp_rates_len > 8)
752 supp_rates_len = 8;
753
754 pos = skb_put(skb, supp_rates_len + 2);
755 *pos++ = WLAN_EID_SUPP_RATES;
756 *pos++ = supp_rates_len;
757
758 count = 0;
759 for (i = 0; i < sband->n_bitrates; i++) {
760 if (BIT(i) & rates) {
761 int rate = DIV_ROUND_UP(sband->bitrates[i].bitrate,
762 5 * (1 << shift));
763 *pos++ = (u8) rate;
764 if (++count == 8)
765 break;
766 }
767 }
768
769 if (rates_len > count) {
770 pos = skb_put(skb, rates_len - count + 2);
771 *pos++ = WLAN_EID_EXT_SUPP_RATES;
772 *pos++ = rates_len - count;
773
774 for (i++; i < sband->n_bitrates; i++) {
775 if (BIT(i) & rates) {
776 int rate;
777 rate = DIV_ROUND_UP(sband->bitrates[i].bitrate,
778 5 * (1 << shift));
779 *pos++ = (u8) rate;
780 }
781 }
782 }
783
784 if (capab & WLAN_CAPABILITY_SPECTRUM_MGMT ||
785 capab & WLAN_CAPABILITY_RADIO_MEASURE) {
786 pos = skb_put(skb, 4);
787 *pos++ = WLAN_EID_PWR_CAPABILITY;
788 *pos++ = 2;
789 *pos++ = 0;
790
791 *pos++ = ieee80211_chandef_max_power(&chanctx_conf->def);
792 }
793
794 if (capab & WLAN_CAPABILITY_SPECTRUM_MGMT) {
795
796 pos = skb_put(skb, 2 * sband->n_channels + 2);
797 *pos++ = WLAN_EID_SUPPORTED_CHANNELS;
798 *pos++ = 2 * sband->n_channels;
799 for (i = 0; i < sband->n_channels; i++) {
800 *pos++ = ieee80211_frequency_to_channel(
801 sband->channels[i].center_freq);
802 *pos++ = 1;
803 }
804 }
805
806
807 if (assoc_data->ie_len) {
808 static const u8 before_ht[] = {
809 WLAN_EID_SSID,
810 WLAN_EID_SUPP_RATES,
811 WLAN_EID_EXT_SUPP_RATES,
812 WLAN_EID_PWR_CAPABILITY,
813 WLAN_EID_SUPPORTED_CHANNELS,
814 WLAN_EID_RSN,
815 WLAN_EID_QOS_CAPA,
816 WLAN_EID_RRM_ENABLED_CAPABILITIES,
817 WLAN_EID_MOBILITY_DOMAIN,
818 WLAN_EID_FAST_BSS_TRANSITION,
819 WLAN_EID_RIC_DATA,
820 WLAN_EID_SUPPORTED_REGULATORY_CLASSES,
821 };
822 static const u8 after_ric[] = {
823 WLAN_EID_SUPPORTED_REGULATORY_CLASSES,
824 WLAN_EID_HT_CAPABILITY,
825 WLAN_EID_BSS_COEX_2040,
826 WLAN_EID_EXT_CAPABILITY,
827 WLAN_EID_QOS_TRAFFIC_CAPA,
828 WLAN_EID_TIM_BCAST_REQ,
829 WLAN_EID_INTERWORKING,
830
831 WLAN_EID_VHT_CAPABILITY,
832 WLAN_EID_OPMODE_NOTIF,
833 };
834
835 noffset = ieee80211_ie_split_ric(assoc_data->ie,
836 assoc_data->ie_len,
837 before_ht,
838 ARRAY_SIZE(before_ht),
839 after_ric,
840 ARRAY_SIZE(after_ric),
841 offset);
842 pos = skb_put(skb, noffset - offset);
843 memcpy(pos, assoc_data->ie + offset, noffset - offset);
844 offset = noffset;
845 }
846
847 if (WARN_ON_ONCE((ifmgd->flags & IEEE80211_STA_DISABLE_HT) &&
848 !(ifmgd->flags & IEEE80211_STA_DISABLE_VHT)))
849 ifmgd->flags |= IEEE80211_STA_DISABLE_VHT;
850
851 if (!(ifmgd->flags & IEEE80211_STA_DISABLE_HT))
852 ieee80211_add_ht_ie(sdata, skb, assoc_data->ap_ht_param,
853 sband, chan, sdata->smps_mode);
854
855
856 if (assoc_data->ie_len) {
857 static const u8 before_vht[] = {
858 WLAN_EID_SSID,
859 WLAN_EID_SUPP_RATES,
860 WLAN_EID_EXT_SUPP_RATES,
861 WLAN_EID_PWR_CAPABILITY,
862 WLAN_EID_SUPPORTED_CHANNELS,
863 WLAN_EID_RSN,
864 WLAN_EID_QOS_CAPA,
865 WLAN_EID_RRM_ENABLED_CAPABILITIES,
866 WLAN_EID_MOBILITY_DOMAIN,
867 WLAN_EID_SUPPORTED_REGULATORY_CLASSES,
868 WLAN_EID_HT_CAPABILITY,
869 WLAN_EID_BSS_COEX_2040,
870 WLAN_EID_EXT_CAPABILITY,
871 WLAN_EID_QOS_TRAFFIC_CAPA,
872 WLAN_EID_TIM_BCAST_REQ,
873 WLAN_EID_INTERWORKING,
874 };
875
876
877 noffset = ieee80211_ie_split(assoc_data->ie, assoc_data->ie_len,
878 before_vht, ARRAY_SIZE(before_vht),
879 offset);
880 pos = skb_put(skb, noffset - offset);
881 memcpy(pos, assoc_data->ie + offset, noffset - offset);
882 offset = noffset;
883 }
884
885 if (!(ifmgd->flags & IEEE80211_STA_DISABLE_VHT))
886 ieee80211_add_vht_ie(sdata, skb, sband,
887 &assoc_data->ap_vht_cap);
888
889
890 if (assoc_data->ie_len) {
891 noffset = ieee80211_ie_split_vendor(assoc_data->ie,
892 assoc_data->ie_len,
893 offset);
894 pos = skb_put(skb, noffset - offset);
895 memcpy(pos, assoc_data->ie + offset, noffset - offset);
896 offset = noffset;
897 }
898
899 if (assoc_data->wmm) {
900 if (assoc_data->uapsd) {
901 qos_info = ifmgd->uapsd_queues;
902 qos_info |= (ifmgd->uapsd_max_sp_len <<
903 IEEE80211_WMM_IE_STA_QOSINFO_SP_SHIFT);
904 } else {
905 qos_info = 0;
906 }
907
908 pos = ieee80211_add_wmm_info_ie(skb_put(skb, 9), qos_info);
909 }
910
911
912 if (assoc_data->ie_len) {
913 noffset = assoc_data->ie_len;
914 pos = skb_put(skb, noffset - offset);
915 memcpy(pos, assoc_data->ie + offset, noffset - offset);
916 }
917
918 drv_mgd_prepare_tx(local, sdata);
919
920 IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT;
921 if (ieee80211_hw_check(&local->hw, REPORTS_TX_ACK_STATUS))
922 IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_CTL_REQ_TX_STATUS |
923 IEEE80211_TX_INTFL_MLME_CONN_TX;
924 ieee80211_tx_skb(sdata, skb);
925}
926
927void ieee80211_send_pspoll(struct ieee80211_local *local,
928 struct ieee80211_sub_if_data *sdata)
929{
930 struct ieee80211_pspoll *pspoll;
931 struct sk_buff *skb;
932
933 skb = ieee80211_pspoll_get(&local->hw, &sdata->vif);
934 if (!skb)
935 return;
936
937 pspoll = (struct ieee80211_pspoll *) skb->data;
938 pspoll->frame_control |= cpu_to_le16(IEEE80211_FCTL_PM);
939
940 IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT;
941 ieee80211_tx_skb(sdata, skb);
942}
943
944void ieee80211_send_nullfunc(struct ieee80211_local *local,
945 struct ieee80211_sub_if_data *sdata,
946 int powersave)
947{
948 struct sk_buff *skb;
949 struct ieee80211_hdr_3addr *nullfunc;
950 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
951
952 skb = ieee80211_nullfunc_get(&local->hw, &sdata->vif);
953 if (!skb)
954 return;
955
956 nullfunc = (struct ieee80211_hdr_3addr *) skb->data;
957 if (powersave)
958 nullfunc->frame_control |= cpu_to_le16(IEEE80211_FCTL_PM);
959
960 IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT |
961 IEEE80211_TX_INTFL_OFFCHAN_TX_OK;
962
963 if (ieee80211_hw_check(&local->hw, REPORTS_TX_ACK_STATUS))
964 IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_CTL_REQ_TX_STATUS;
965
966 if (ifmgd->flags & IEEE80211_STA_CONNECTION_POLL)
967 IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_CTL_USE_MINRATE;
968
969 ieee80211_tx_skb(sdata, skb);
970}
971
972static void ieee80211_send_4addr_nullfunc(struct ieee80211_local *local,
973 struct ieee80211_sub_if_data *sdata)
974{
975 struct sk_buff *skb;
976 struct ieee80211_hdr *nullfunc;
977 __le16 fc;
978
979 if (WARN_ON(sdata->vif.type != NL80211_IFTYPE_STATION))
980 return;
981
982 skb = dev_alloc_skb(local->hw.extra_tx_headroom + 30);
983 if (!skb)
984 return;
985
986 skb_reserve(skb, local->hw.extra_tx_headroom);
987
988 nullfunc = (struct ieee80211_hdr *) skb_put(skb, 30);
989 memset(nullfunc, 0, 30);
990 fc = cpu_to_le16(IEEE80211_FTYPE_DATA | IEEE80211_STYPE_NULLFUNC |
991 IEEE80211_FCTL_FROMDS | IEEE80211_FCTL_TODS);
992 nullfunc->frame_control = fc;
993 memcpy(nullfunc->addr1, sdata->u.mgd.bssid, ETH_ALEN);
994 memcpy(nullfunc->addr2, sdata->vif.addr, ETH_ALEN);
995 memcpy(nullfunc->addr3, sdata->u.mgd.bssid, ETH_ALEN);
996 memcpy(nullfunc->addr4, sdata->vif.addr, ETH_ALEN);
997
998 IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT;
999 ieee80211_tx_skb(sdata, skb);
1000}
1001
1002
1003static void ieee80211_chswitch_work(struct work_struct *work)
1004{
1005 struct ieee80211_sub_if_data *sdata =
1006 container_of(work, struct ieee80211_sub_if_data, u.mgd.chswitch_work);
1007 struct ieee80211_local *local = sdata->local;
1008 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1009 int ret;
1010
1011 if (!ieee80211_sdata_running(sdata))
1012 return;
1013
1014 sdata_lock(sdata);
1015 mutex_lock(&local->mtx);
1016 mutex_lock(&local->chanctx_mtx);
1017
1018 if (!ifmgd->associated)
1019 goto out;
1020
1021 if (!sdata->vif.csa_active)
1022 goto out;
1023
1024
1025
1026
1027
1028
1029
1030
1031 if (sdata->reserved_chanctx) {
1032
1033
1034
1035
1036
1037 if (sdata->reserved_ready)
1038 goto out;
1039
1040 ret = ieee80211_vif_use_reserved_context(sdata);
1041 if (ret) {
1042 sdata_info(sdata,
1043 "failed to use reserved channel context, disconnecting (err=%d)\n",
1044 ret);
1045 ieee80211_queue_work(&sdata->local->hw,
1046 &ifmgd->csa_connection_drop_work);
1047 goto out;
1048 }
1049
1050 goto out;
1051 }
1052
1053 if (!cfg80211_chandef_identical(&sdata->vif.bss_conf.chandef,
1054 &sdata->csa_chandef)) {
1055 sdata_info(sdata,
1056 "failed to finalize channel switch, disconnecting\n");
1057 ieee80211_queue_work(&sdata->local->hw,
1058 &ifmgd->csa_connection_drop_work);
1059 goto out;
1060 }
1061
1062
1063 ifmgd->associated->channel = sdata->csa_chandef.chan;
1064
1065 ifmgd->csa_waiting_bcn = true;
1066
1067 ieee80211_sta_reset_beacon_monitor(sdata);
1068 ieee80211_sta_reset_conn_monitor(sdata);
1069
1070out:
1071 mutex_unlock(&local->chanctx_mtx);
1072 mutex_unlock(&local->mtx);
1073 sdata_unlock(sdata);
1074}
1075
1076static void ieee80211_chswitch_post_beacon(struct ieee80211_sub_if_data *sdata)
1077{
1078 struct ieee80211_local *local = sdata->local;
1079 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1080 int ret;
1081
1082 sdata_assert_lock(sdata);
1083
1084 WARN_ON(!sdata->vif.csa_active);
1085
1086 if (sdata->csa_block_tx) {
1087 ieee80211_wake_vif_queues(local, sdata,
1088 IEEE80211_QUEUE_STOP_REASON_CSA);
1089 sdata->csa_block_tx = false;
1090 }
1091
1092 sdata->vif.csa_active = false;
1093 ifmgd->csa_waiting_bcn = false;
1094
1095 ret = drv_post_channel_switch(sdata);
1096 if (ret) {
1097 sdata_info(sdata,
1098 "driver post channel switch failed, disconnecting\n");
1099 ieee80211_queue_work(&local->hw,
1100 &ifmgd->csa_connection_drop_work);
1101 return;
1102 }
1103
1104 cfg80211_ch_switch_notify(sdata->dev, &sdata->reserved_chandef);
1105}
1106
1107void ieee80211_chswitch_done(struct ieee80211_vif *vif, bool success)
1108{
1109 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
1110 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1111
1112 trace_api_chswitch_done(sdata, success);
1113 if (!success) {
1114 sdata_info(sdata,
1115 "driver channel switch failed, disconnecting\n");
1116 ieee80211_queue_work(&sdata->local->hw,
1117 &ifmgd->csa_connection_drop_work);
1118 } else {
1119 ieee80211_queue_work(&sdata->local->hw, &ifmgd->chswitch_work);
1120 }
1121}
1122EXPORT_SYMBOL(ieee80211_chswitch_done);
1123
1124static void ieee80211_chswitch_timer(unsigned long data)
1125{
1126 struct ieee80211_sub_if_data *sdata =
1127 (struct ieee80211_sub_if_data *) data;
1128
1129 ieee80211_queue_work(&sdata->local->hw, &sdata->u.mgd.chswitch_work);
1130}
1131
1132static void
1133ieee80211_sta_process_chanswitch(struct ieee80211_sub_if_data *sdata,
1134 u64 timestamp, u32 device_timestamp,
1135 struct ieee802_11_elems *elems,
1136 bool beacon)
1137{
1138 struct ieee80211_local *local = sdata->local;
1139 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1140 struct cfg80211_bss *cbss = ifmgd->associated;
1141 struct ieee80211_chanctx_conf *conf;
1142 struct ieee80211_chanctx *chanctx;
1143 enum ieee80211_band current_band;
1144 struct ieee80211_csa_ie csa_ie;
1145 struct ieee80211_channel_switch ch_switch;
1146 int res;
1147
1148 sdata_assert_lock(sdata);
1149
1150 if (!cbss)
1151 return;
1152
1153 if (local->scanning)
1154 return;
1155
1156
1157 if (sdata->vif.csa_active)
1158 return;
1159
1160 current_band = cbss->channel->band;
1161 memset(&csa_ie, 0, sizeof(csa_ie));
1162 res = ieee80211_parse_ch_switch_ie(sdata, elems, current_band,
1163 ifmgd->flags,
1164 ifmgd->associated->bssid, &csa_ie);
1165 if (res < 0)
1166 ieee80211_queue_work(&local->hw,
1167 &ifmgd->csa_connection_drop_work);
1168 if (res)
1169 return;
1170
1171 if (!cfg80211_chandef_usable(local->hw.wiphy, &csa_ie.chandef,
1172 IEEE80211_CHAN_DISABLED)) {
1173 sdata_info(sdata,
1174 "AP %pM switches to unsupported channel (%d MHz, width:%d, CF1/2: %d/%d MHz), disconnecting\n",
1175 ifmgd->associated->bssid,
1176 csa_ie.chandef.chan->center_freq,
1177 csa_ie.chandef.width, csa_ie.chandef.center_freq1,
1178 csa_ie.chandef.center_freq2);
1179 ieee80211_queue_work(&local->hw,
1180 &ifmgd->csa_connection_drop_work);
1181 return;
1182 }
1183
1184 if (cfg80211_chandef_identical(&csa_ie.chandef,
1185 &sdata->vif.bss_conf.chandef)) {
1186 if (ifmgd->csa_ignored_same_chan)
1187 return;
1188 sdata_info(sdata,
1189 "AP %pM tries to chanswitch to same channel, ignore\n",
1190 ifmgd->associated->bssid);
1191 ifmgd->csa_ignored_same_chan = true;
1192 return;
1193 }
1194
1195
1196
1197
1198
1199
1200
1201 ieee80211_teardown_tdls_peers(sdata);
1202
1203 mutex_lock(&local->mtx);
1204 mutex_lock(&local->chanctx_mtx);
1205 conf = rcu_dereference_protected(sdata->vif.chanctx_conf,
1206 lockdep_is_held(&local->chanctx_mtx));
1207 if (!conf) {
1208 sdata_info(sdata,
1209 "no channel context assigned to vif?, disconnecting\n");
1210 goto drop_connection;
1211 }
1212
1213 chanctx = container_of(conf, struct ieee80211_chanctx, conf);
1214
1215 if (local->use_chanctx &&
1216 !ieee80211_hw_check(&local->hw, CHANCTX_STA_CSA)) {
1217 sdata_info(sdata,
1218 "driver doesn't support chan-switch with channel contexts\n");
1219 goto drop_connection;
1220 }
1221
1222 ch_switch.timestamp = timestamp;
1223 ch_switch.device_timestamp = device_timestamp;
1224 ch_switch.block_tx = csa_ie.mode;
1225 ch_switch.chandef = csa_ie.chandef;
1226 ch_switch.count = csa_ie.count;
1227
1228 if (drv_pre_channel_switch(sdata, &ch_switch)) {
1229 sdata_info(sdata,
1230 "preparing for channel switch failed, disconnecting\n");
1231 goto drop_connection;
1232 }
1233
1234 res = ieee80211_vif_reserve_chanctx(sdata, &csa_ie.chandef,
1235 chanctx->mode, false);
1236 if (res) {
1237 sdata_info(sdata,
1238 "failed to reserve channel context for channel switch, disconnecting (err=%d)\n",
1239 res);
1240 goto drop_connection;
1241 }
1242 mutex_unlock(&local->chanctx_mtx);
1243
1244 sdata->vif.csa_active = true;
1245 sdata->csa_chandef = csa_ie.chandef;
1246 sdata->csa_block_tx = csa_ie.mode;
1247 ifmgd->csa_ignored_same_chan = false;
1248
1249 if (sdata->csa_block_tx)
1250 ieee80211_stop_vif_queues(local, sdata,
1251 IEEE80211_QUEUE_STOP_REASON_CSA);
1252 mutex_unlock(&local->mtx);
1253
1254 cfg80211_ch_switch_started_notify(sdata->dev, &csa_ie.chandef,
1255 csa_ie.count);
1256
1257 if (local->ops->channel_switch) {
1258
1259 drv_channel_switch(local, sdata, &ch_switch);
1260 return;
1261 }
1262
1263
1264 if (csa_ie.count <= 1)
1265 ieee80211_queue_work(&local->hw, &ifmgd->chswitch_work);
1266 else
1267 mod_timer(&ifmgd->chswitch_timer,
1268 TU_TO_EXP_TIME((csa_ie.count - 1) *
1269 cbss->beacon_interval));
1270 return;
1271 drop_connection:
1272 ieee80211_queue_work(&local->hw, &ifmgd->csa_connection_drop_work);
1273 mutex_unlock(&local->chanctx_mtx);
1274 mutex_unlock(&local->mtx);
1275}
1276
1277static bool
1278ieee80211_find_80211h_pwr_constr(struct ieee80211_sub_if_data *sdata,
1279 struct ieee80211_channel *channel,
1280 const u8 *country_ie, u8 country_ie_len,
1281 const u8 *pwr_constr_elem,
1282 int *chan_pwr, int *pwr_reduction)
1283{
1284 struct ieee80211_country_ie_triplet *triplet;
1285 int chan = ieee80211_frequency_to_channel(channel->center_freq);
1286 int i, chan_increment;
1287 bool have_chan_pwr = false;
1288
1289
1290 if (country_ie_len % 2 || country_ie_len < IEEE80211_COUNTRY_IE_MIN_LEN)
1291 return false;
1292
1293 triplet = (void *)(country_ie + 3);
1294 country_ie_len -= 3;
1295
1296 switch (channel->band) {
1297 default:
1298 WARN_ON_ONCE(1);
1299
1300 case IEEE80211_BAND_2GHZ:
1301 case IEEE80211_BAND_60GHZ:
1302 chan_increment = 1;
1303 break;
1304 case IEEE80211_BAND_5GHZ:
1305 chan_increment = 4;
1306 break;
1307 }
1308
1309
1310 while (country_ie_len >= 3) {
1311 u8 first_channel = triplet->chans.first_channel;
1312
1313 if (first_channel >= IEEE80211_COUNTRY_EXTENSION_ID)
1314 goto next;
1315
1316 for (i = 0; i < triplet->chans.num_channels; i++) {
1317 if (first_channel + i * chan_increment == chan) {
1318 have_chan_pwr = true;
1319 *chan_pwr = triplet->chans.max_power;
1320 break;
1321 }
1322 }
1323 if (have_chan_pwr)
1324 break;
1325
1326 next:
1327 triplet++;
1328 country_ie_len -= 3;
1329 }
1330
1331 if (have_chan_pwr && pwr_constr_elem)
1332 *pwr_reduction = *pwr_constr_elem;
1333 else
1334 *pwr_reduction = 0;
1335
1336 return have_chan_pwr;
1337}
1338
1339static void ieee80211_find_cisco_dtpc(struct ieee80211_sub_if_data *sdata,
1340 struct ieee80211_channel *channel,
1341 const u8 *cisco_dtpc_ie,
1342 int *pwr_level)
1343{
1344
1345
1346
1347
1348
1349
1350 *pwr_level = (__s8)cisco_dtpc_ie[4];
1351}
1352
1353static u32 ieee80211_handle_pwr_constr(struct ieee80211_sub_if_data *sdata,
1354 struct ieee80211_channel *channel,
1355 struct ieee80211_mgmt *mgmt,
1356 const u8 *country_ie, u8 country_ie_len,
1357 const u8 *pwr_constr_ie,
1358 const u8 *cisco_dtpc_ie)
1359{
1360 bool has_80211h_pwr = false, has_cisco_pwr = false;
1361 int chan_pwr = 0, pwr_reduction_80211h = 0;
1362 int pwr_level_cisco, pwr_level_80211h;
1363 int new_ap_level;
1364 __le16 capab = mgmt->u.probe_resp.capab_info;
1365
1366 if (country_ie &&
1367 (capab & cpu_to_le16(WLAN_CAPABILITY_SPECTRUM_MGMT) ||
1368 capab & cpu_to_le16(WLAN_CAPABILITY_RADIO_MEASURE))) {
1369 has_80211h_pwr = ieee80211_find_80211h_pwr_constr(
1370 sdata, channel, country_ie, country_ie_len,
1371 pwr_constr_ie, &chan_pwr, &pwr_reduction_80211h);
1372 pwr_level_80211h =
1373 max_t(int, 0, chan_pwr - pwr_reduction_80211h);
1374 }
1375
1376 if (cisco_dtpc_ie) {
1377 ieee80211_find_cisco_dtpc(
1378 sdata, channel, cisco_dtpc_ie, &pwr_level_cisco);
1379 has_cisco_pwr = true;
1380 }
1381
1382 if (!has_80211h_pwr && !has_cisco_pwr)
1383 return 0;
1384
1385
1386
1387
1388 if (has_80211h_pwr &&
1389 (!has_cisco_pwr || pwr_level_80211h <= pwr_level_cisco)) {
1390 sdata_dbg(sdata,
1391 "Limiting TX power to %d (%d - %d) dBm as advertised by %pM\n",
1392 pwr_level_80211h, chan_pwr, pwr_reduction_80211h,
1393 sdata->u.mgd.bssid);
1394 new_ap_level = pwr_level_80211h;
1395 } else {
1396 sdata_dbg(sdata,
1397 "Limiting TX power to %d dBm as advertised by %pM\n",
1398 pwr_level_cisco, sdata->u.mgd.bssid);
1399 new_ap_level = pwr_level_cisco;
1400 }
1401
1402 if (sdata->ap_power_level == new_ap_level)
1403 return 0;
1404
1405 sdata->ap_power_level = new_ap_level;
1406 if (__ieee80211_recalc_txpower(sdata))
1407 return BSS_CHANGED_TXPOWER;
1408 return 0;
1409}
1410
1411
1412static void ieee80211_enable_ps(struct ieee80211_local *local,
1413 struct ieee80211_sub_if_data *sdata)
1414{
1415 struct ieee80211_conf *conf = &local->hw.conf;
1416
1417
1418
1419
1420
1421 if (local->scanning)
1422 return;
1423
1424 if (conf->dynamic_ps_timeout > 0 &&
1425 !ieee80211_hw_check(&local->hw, SUPPORTS_DYNAMIC_PS)) {
1426 mod_timer(&local->dynamic_ps_timer, jiffies +
1427 msecs_to_jiffies(conf->dynamic_ps_timeout));
1428 } else {
1429 if (ieee80211_hw_check(&local->hw, PS_NULLFUNC_STACK))
1430 ieee80211_send_nullfunc(local, sdata, 1);
1431
1432 if (ieee80211_hw_check(&local->hw, PS_NULLFUNC_STACK) &&
1433 ieee80211_hw_check(&local->hw, REPORTS_TX_ACK_STATUS))
1434 return;
1435
1436 conf->flags |= IEEE80211_CONF_PS;
1437 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS);
1438 }
1439}
1440
1441static void ieee80211_change_ps(struct ieee80211_local *local)
1442{
1443 struct ieee80211_conf *conf = &local->hw.conf;
1444
1445 if (local->ps_sdata) {
1446 ieee80211_enable_ps(local, local->ps_sdata);
1447 } else if (conf->flags & IEEE80211_CONF_PS) {
1448 conf->flags &= ~IEEE80211_CONF_PS;
1449 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS);
1450 del_timer_sync(&local->dynamic_ps_timer);
1451 cancel_work_sync(&local->dynamic_ps_enable_work);
1452 }
1453}
1454
1455static bool ieee80211_powersave_allowed(struct ieee80211_sub_if_data *sdata)
1456{
1457 struct ieee80211_if_managed *mgd = &sdata->u.mgd;
1458 struct sta_info *sta = NULL;
1459 bool authorized = false;
1460
1461 if (!mgd->powersave)
1462 return false;
1463
1464 if (mgd->broken_ap)
1465 return false;
1466
1467 if (!mgd->associated)
1468 return false;
1469
1470 if (mgd->flags & IEEE80211_STA_CONNECTION_POLL)
1471 return false;
1472
1473 if (!mgd->have_beacon)
1474 return false;
1475
1476 rcu_read_lock();
1477 sta = sta_info_get(sdata, mgd->bssid);
1478 if (sta)
1479 authorized = test_sta_flag(sta, WLAN_STA_AUTHORIZED);
1480 rcu_read_unlock();
1481
1482 return authorized;
1483}
1484
1485
1486void ieee80211_recalc_ps(struct ieee80211_local *local, s32 latency)
1487{
1488 struct ieee80211_sub_if_data *sdata, *found = NULL;
1489 int count = 0;
1490 int timeout;
1491
1492 if (!ieee80211_hw_check(&local->hw, SUPPORTS_PS)) {
1493 local->ps_sdata = NULL;
1494 return;
1495 }
1496
1497 list_for_each_entry(sdata, &local->interfaces, list) {
1498 if (!ieee80211_sdata_running(sdata))
1499 continue;
1500 if (sdata->vif.type == NL80211_IFTYPE_AP) {
1501
1502
1503
1504
1505 count = 0;
1506 break;
1507 }
1508 if (sdata->vif.type != NL80211_IFTYPE_STATION)
1509 continue;
1510 found = sdata;
1511 count++;
1512 }
1513
1514 if (count == 1 && ieee80211_powersave_allowed(found)) {
1515 s32 beaconint_us;
1516
1517 if (latency < 0)
1518 latency = pm_qos_request(PM_QOS_NETWORK_LATENCY);
1519
1520 beaconint_us = ieee80211_tu_to_usec(
1521 found->vif.bss_conf.beacon_int);
1522
1523 timeout = local->dynamic_ps_forced_timeout;
1524 if (timeout < 0) {
1525
1526
1527
1528
1529
1530
1531
1532 if (latency > (1900 * USEC_PER_MSEC) &&
1533 latency != (2000 * USEC_PER_SEC))
1534 timeout = 0;
1535 else
1536 timeout = 100;
1537 }
1538 local->hw.conf.dynamic_ps_timeout = timeout;
1539
1540 if (beaconint_us > latency) {
1541 local->ps_sdata = NULL;
1542 } else {
1543 int maxslp = 1;
1544 u8 dtimper = found->u.mgd.dtim_period;
1545
1546
1547 if (!dtimper)
1548 dtimper = 1;
1549 else if (dtimper > 1)
1550 maxslp = min_t(int, dtimper,
1551 latency / beaconint_us);
1552
1553 local->hw.conf.max_sleep_period = maxslp;
1554 local->hw.conf.ps_dtim_period = dtimper;
1555 local->ps_sdata = found;
1556 }
1557 } else {
1558 local->ps_sdata = NULL;
1559 }
1560
1561 ieee80211_change_ps(local);
1562}
1563
1564void ieee80211_recalc_ps_vif(struct ieee80211_sub_if_data *sdata)
1565{
1566 bool ps_allowed = ieee80211_powersave_allowed(sdata);
1567
1568 if (sdata->vif.bss_conf.ps != ps_allowed) {
1569 sdata->vif.bss_conf.ps = ps_allowed;
1570 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_PS);
1571 }
1572}
1573
1574void ieee80211_dynamic_ps_disable_work(struct work_struct *work)
1575{
1576 struct ieee80211_local *local =
1577 container_of(work, struct ieee80211_local,
1578 dynamic_ps_disable_work);
1579
1580 if (local->hw.conf.flags & IEEE80211_CONF_PS) {
1581 local->hw.conf.flags &= ~IEEE80211_CONF_PS;
1582 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS);
1583 }
1584
1585 ieee80211_wake_queues_by_reason(&local->hw,
1586 IEEE80211_MAX_QUEUE_MAP,
1587 IEEE80211_QUEUE_STOP_REASON_PS,
1588 false);
1589}
1590
1591void ieee80211_dynamic_ps_enable_work(struct work_struct *work)
1592{
1593 struct ieee80211_local *local =
1594 container_of(work, struct ieee80211_local,
1595 dynamic_ps_enable_work);
1596 struct ieee80211_sub_if_data *sdata = local->ps_sdata;
1597 struct ieee80211_if_managed *ifmgd;
1598 unsigned long flags;
1599 int q;
1600
1601
1602 if (!sdata)
1603 return;
1604
1605 ifmgd = &sdata->u.mgd;
1606
1607 if (local->hw.conf.flags & IEEE80211_CONF_PS)
1608 return;
1609
1610 if (local->hw.conf.dynamic_ps_timeout > 0) {
1611
1612 if (drv_tx_frames_pending(local)) {
1613 mod_timer(&local->dynamic_ps_timer, jiffies +
1614 msecs_to_jiffies(
1615 local->hw.conf.dynamic_ps_timeout));
1616 return;
1617 }
1618
1619
1620
1621
1622
1623
1624 spin_lock_irqsave(&local->queue_stop_reason_lock, flags);
1625 for (q = 0; q < local->hw.queues; q++) {
1626 if (local->queue_stop_reasons[q]) {
1627 spin_unlock_irqrestore(&local->queue_stop_reason_lock,
1628 flags);
1629 mod_timer(&local->dynamic_ps_timer, jiffies +
1630 msecs_to_jiffies(
1631 local->hw.conf.dynamic_ps_timeout));
1632 return;
1633 }
1634 }
1635 spin_unlock_irqrestore(&local->queue_stop_reason_lock, flags);
1636 }
1637
1638 if (ieee80211_hw_check(&local->hw, PS_NULLFUNC_STACK) &&
1639 !(ifmgd->flags & IEEE80211_STA_NULLFUNC_ACKED)) {
1640 if (drv_tx_frames_pending(local)) {
1641 mod_timer(&local->dynamic_ps_timer, jiffies +
1642 msecs_to_jiffies(
1643 local->hw.conf.dynamic_ps_timeout));
1644 } else {
1645 ieee80211_send_nullfunc(local, sdata, 1);
1646
1647 ieee80211_flush_queues(local, sdata, false);
1648 }
1649 }
1650
1651 if (!(ieee80211_hw_check(&local->hw, REPORTS_TX_ACK_STATUS) &&
1652 ieee80211_hw_check(&local->hw, PS_NULLFUNC_STACK)) ||
1653 (ifmgd->flags & IEEE80211_STA_NULLFUNC_ACKED)) {
1654 ifmgd->flags &= ~IEEE80211_STA_NULLFUNC_ACKED;
1655 local->hw.conf.flags |= IEEE80211_CONF_PS;
1656 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS);
1657 }
1658}
1659
1660void ieee80211_dynamic_ps_timer(unsigned long data)
1661{
1662 struct ieee80211_local *local = (void *) data;
1663
1664 ieee80211_queue_work(&local->hw, &local->dynamic_ps_enable_work);
1665}
1666
1667void ieee80211_dfs_cac_timer_work(struct work_struct *work)
1668{
1669 struct delayed_work *delayed_work =
1670 container_of(work, struct delayed_work, work);
1671 struct ieee80211_sub_if_data *sdata =
1672 container_of(delayed_work, struct ieee80211_sub_if_data,
1673 dfs_cac_timer_work);
1674 struct cfg80211_chan_def chandef = sdata->vif.bss_conf.chandef;
1675
1676 mutex_lock(&sdata->local->mtx);
1677 if (sdata->wdev.cac_started) {
1678 ieee80211_vif_release_channel(sdata);
1679 cfg80211_cac_event(sdata->dev, &chandef,
1680 NL80211_RADAR_CAC_FINISHED,
1681 GFP_KERNEL);
1682 }
1683 mutex_unlock(&sdata->local->mtx);
1684}
1685
1686static bool
1687__ieee80211_sta_handle_tspec_ac_params(struct ieee80211_sub_if_data *sdata)
1688{
1689 struct ieee80211_local *local = sdata->local;
1690 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1691 bool ret = false;
1692 int ac;
1693
1694 if (local->hw.queues < IEEE80211_NUM_ACS)
1695 return false;
1696
1697 for (ac = 0; ac < IEEE80211_NUM_ACS; ac++) {
1698 struct ieee80211_sta_tx_tspec *tx_tspec = &ifmgd->tx_tspec[ac];
1699 int non_acm_ac;
1700 unsigned long now = jiffies;
1701
1702 if (tx_tspec->action == TX_TSPEC_ACTION_NONE &&
1703 tx_tspec->admitted_time &&
1704 time_after(now, tx_tspec->time_slice_start + HZ)) {
1705 tx_tspec->consumed_tx_time = 0;
1706 tx_tspec->time_slice_start = now;
1707
1708 if (tx_tspec->downgraded)
1709 tx_tspec->action =
1710 TX_TSPEC_ACTION_STOP_DOWNGRADE;
1711 }
1712
1713 switch (tx_tspec->action) {
1714 case TX_TSPEC_ACTION_STOP_DOWNGRADE:
1715
1716 if (drv_conf_tx(local, sdata, ac, &sdata->tx_conf[ac]))
1717 sdata_err(sdata,
1718 "failed to set TX queue parameters for queue %d\n",
1719 ac);
1720 tx_tspec->action = TX_TSPEC_ACTION_NONE;
1721 tx_tspec->downgraded = false;
1722 ret = true;
1723 break;
1724 case TX_TSPEC_ACTION_DOWNGRADE:
1725 if (time_after(now, tx_tspec->time_slice_start + HZ)) {
1726 tx_tspec->action = TX_TSPEC_ACTION_NONE;
1727 ret = true;
1728 break;
1729 }
1730
1731 for (non_acm_ac = ac + 1;
1732 non_acm_ac < IEEE80211_NUM_ACS;
1733 non_acm_ac++)
1734 if (!(sdata->wmm_acm & BIT(7 - 2 * non_acm_ac)))
1735 break;
1736
1737
1738
1739
1740
1741 if (drv_conf_tx(local, sdata, ac,
1742 &sdata->tx_conf[non_acm_ac]))
1743 sdata_err(sdata,
1744 "failed to set TX queue parameters for queue %d\n",
1745 ac);
1746 tx_tspec->action = TX_TSPEC_ACTION_NONE;
1747 ret = true;
1748 schedule_delayed_work(&ifmgd->tx_tspec_wk,
1749 tx_tspec->time_slice_start + HZ - now + 1);
1750 break;
1751 case TX_TSPEC_ACTION_NONE:
1752
1753 break;
1754 }
1755 }
1756
1757 return ret;
1758}
1759
1760void ieee80211_sta_handle_tspec_ac_params(struct ieee80211_sub_if_data *sdata)
1761{
1762 if (__ieee80211_sta_handle_tspec_ac_params(sdata))
1763 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_QOS);
1764}
1765
1766static void ieee80211_sta_handle_tspec_ac_params_wk(struct work_struct *work)
1767{
1768 struct ieee80211_sub_if_data *sdata;
1769
1770 sdata = container_of(work, struct ieee80211_sub_if_data,
1771 u.mgd.tx_tspec_wk.work);
1772 ieee80211_sta_handle_tspec_ac_params(sdata);
1773}
1774
1775
1776static bool ieee80211_sta_wmm_params(struct ieee80211_local *local,
1777 struct ieee80211_sub_if_data *sdata,
1778 const u8 *wmm_param, size_t wmm_param_len)
1779{
1780 struct ieee80211_tx_queue_params params;
1781 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1782 size_t left;
1783 int count;
1784 const u8 *pos;
1785 u8 uapsd_queues = 0;
1786
1787 if (!local->ops->conf_tx)
1788 return false;
1789
1790 if (local->hw.queues < IEEE80211_NUM_ACS)
1791 return false;
1792
1793 if (!wmm_param)
1794 return false;
1795
1796 if (wmm_param_len < 8 || wmm_param[5] != 1)
1797 return false;
1798
1799 if (ifmgd->flags & IEEE80211_STA_UAPSD_ENABLED)
1800 uapsd_queues = ifmgd->uapsd_queues;
1801
1802 count = wmm_param[6] & 0x0f;
1803 if (count == ifmgd->wmm_last_param_set)
1804 return false;
1805 ifmgd->wmm_last_param_set = count;
1806
1807 pos = wmm_param + 8;
1808 left = wmm_param_len - 8;
1809
1810 memset(¶ms, 0, sizeof(params));
1811
1812 sdata->wmm_acm = 0;
1813 for (; left >= 4; left -= 4, pos += 4) {
1814 int aci = (pos[0] >> 5) & 0x03;
1815 int acm = (pos[0] >> 4) & 0x01;
1816 bool uapsd = false;
1817 int queue;
1818
1819 switch (aci) {
1820 case 1:
1821 queue = 3;
1822 if (acm)
1823 sdata->wmm_acm |= BIT(1) | BIT(2);
1824 if (uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_BK)
1825 uapsd = true;
1826 break;
1827 case 2:
1828 queue = 1;
1829 if (acm)
1830 sdata->wmm_acm |= BIT(4) | BIT(5);
1831 if (uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_VI)
1832 uapsd = true;
1833 break;
1834 case 3:
1835 queue = 0;
1836 if (acm)
1837 sdata->wmm_acm |= BIT(6) | BIT(7);
1838 if (uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_VO)
1839 uapsd = true;
1840 break;
1841 case 0:
1842 default:
1843 queue = 2;
1844 if (acm)
1845 sdata->wmm_acm |= BIT(0) | BIT(3);
1846 if (uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_BE)
1847 uapsd = true;
1848 break;
1849 }
1850
1851 params.aifs = pos[0] & 0x0f;
1852 params.cw_max = ecw2cw((pos[1] & 0xf0) >> 4);
1853 params.cw_min = ecw2cw(pos[1] & 0x0f);
1854 params.txop = get_unaligned_le16(pos + 2);
1855 params.acm = acm;
1856 params.uapsd = uapsd;
1857
1858 mlme_dbg(sdata,
1859 "WMM queue=%d aci=%d acm=%d aifs=%d cWmin=%d cWmax=%d txop=%d uapsd=%d, downgraded=%d\n",
1860 queue, aci, acm,
1861 params.aifs, params.cw_min, params.cw_max,
1862 params.txop, params.uapsd,
1863 ifmgd->tx_tspec[queue].downgraded);
1864 sdata->tx_conf[queue] = params;
1865 if (!ifmgd->tx_tspec[queue].downgraded &&
1866 drv_conf_tx(local, sdata, queue, ¶ms))
1867 sdata_err(sdata,
1868 "failed to set TX queue parameters for queue %d\n",
1869 queue);
1870 }
1871
1872
1873 sdata->vif.bss_conf.qos = true;
1874 return true;
1875}
1876
1877static void __ieee80211_stop_poll(struct ieee80211_sub_if_data *sdata)
1878{
1879 lockdep_assert_held(&sdata->local->mtx);
1880
1881 sdata->u.mgd.flags &= ~IEEE80211_STA_CONNECTION_POLL;
1882 ieee80211_run_deferred_scan(sdata->local);
1883}
1884
1885static void ieee80211_stop_poll(struct ieee80211_sub_if_data *sdata)
1886{
1887 mutex_lock(&sdata->local->mtx);
1888 __ieee80211_stop_poll(sdata);
1889 mutex_unlock(&sdata->local->mtx);
1890}
1891
1892static u32 ieee80211_handle_bss_capability(struct ieee80211_sub_if_data *sdata,
1893 u16 capab, bool erp_valid, u8 erp)
1894{
1895 struct ieee80211_bss_conf *bss_conf = &sdata->vif.bss_conf;
1896 u32 changed = 0;
1897 bool use_protection;
1898 bool use_short_preamble;
1899 bool use_short_slot;
1900
1901 if (erp_valid) {
1902 use_protection = (erp & WLAN_ERP_USE_PROTECTION) != 0;
1903 use_short_preamble = (erp & WLAN_ERP_BARKER_PREAMBLE) == 0;
1904 } else {
1905 use_protection = false;
1906 use_short_preamble = !!(capab & WLAN_CAPABILITY_SHORT_PREAMBLE);
1907 }
1908
1909 use_short_slot = !!(capab & WLAN_CAPABILITY_SHORT_SLOT_TIME);
1910 if (ieee80211_get_sdata_band(sdata) == IEEE80211_BAND_5GHZ)
1911 use_short_slot = true;
1912
1913 if (use_protection != bss_conf->use_cts_prot) {
1914 bss_conf->use_cts_prot = use_protection;
1915 changed |= BSS_CHANGED_ERP_CTS_PROT;
1916 }
1917
1918 if (use_short_preamble != bss_conf->use_short_preamble) {
1919 bss_conf->use_short_preamble = use_short_preamble;
1920 changed |= BSS_CHANGED_ERP_PREAMBLE;
1921 }
1922
1923 if (use_short_slot != bss_conf->use_short_slot) {
1924 bss_conf->use_short_slot = use_short_slot;
1925 changed |= BSS_CHANGED_ERP_SLOT;
1926 }
1927
1928 return changed;
1929}
1930
1931static void ieee80211_set_associated(struct ieee80211_sub_if_data *sdata,
1932 struct cfg80211_bss *cbss,
1933 u32 bss_info_changed)
1934{
1935 struct ieee80211_bss *bss = (void *)cbss->priv;
1936 struct ieee80211_local *local = sdata->local;
1937 struct ieee80211_bss_conf *bss_conf = &sdata->vif.bss_conf;
1938
1939 bss_info_changed |= BSS_CHANGED_ASSOC;
1940 bss_info_changed |= ieee80211_handle_bss_capability(sdata,
1941 bss_conf->assoc_capability, bss->has_erp_value, bss->erp_value);
1942
1943 sdata->u.mgd.beacon_timeout = usecs_to_jiffies(ieee80211_tu_to_usec(
1944 beacon_loss_count * bss_conf->beacon_int));
1945
1946 sdata->u.mgd.associated = cbss;
1947 memcpy(sdata->u.mgd.bssid, cbss->bssid, ETH_ALEN);
1948
1949 sdata->u.mgd.flags |= IEEE80211_STA_RESET_SIGNAL_AVE;
1950
1951 if (sdata->vif.p2p) {
1952 const struct cfg80211_bss_ies *ies;
1953
1954 rcu_read_lock();
1955 ies = rcu_dereference(cbss->ies);
1956 if (ies) {
1957 int ret;
1958
1959 ret = cfg80211_get_p2p_attr(
1960 ies->data, ies->len,
1961 IEEE80211_P2P_ATTR_ABSENCE_NOTICE,
1962 (u8 *) &bss_conf->p2p_noa_attr,
1963 sizeof(bss_conf->p2p_noa_attr));
1964 if (ret >= 2) {
1965 sdata->u.mgd.p2p_noa_index =
1966 bss_conf->p2p_noa_attr.index;
1967 bss_info_changed |= BSS_CHANGED_P2P_PS;
1968 }
1969 }
1970 rcu_read_unlock();
1971 }
1972
1973
1974 ieee80211_stop_poll(sdata);
1975
1976 ieee80211_led_assoc(local, 1);
1977
1978 if (sdata->u.mgd.have_beacon) {
1979
1980
1981
1982
1983
1984
1985 bss_conf->dtim_period = sdata->u.mgd.dtim_period ?: 1;
1986 bss_conf->beacon_rate = bss->beacon_rate;
1987 bss_info_changed |= BSS_CHANGED_BEACON_INFO;
1988 } else {
1989 bss_conf->beacon_rate = NULL;
1990 bss_conf->dtim_period = 0;
1991 }
1992
1993 bss_conf->assoc = 1;
1994
1995
1996 if (sdata->vif.driver_flags & IEEE80211_VIF_SUPPORTS_CQM_RSSI &&
1997 bss_conf->cqm_rssi_thold)
1998 bss_info_changed |= BSS_CHANGED_CQM;
1999
2000
2001 if (bss_conf->arp_addr_cnt)
2002 bss_info_changed |= BSS_CHANGED_ARP_FILTER;
2003
2004 ieee80211_bss_info_change_notify(sdata, bss_info_changed);
2005
2006 mutex_lock(&local->iflist_mtx);
2007 ieee80211_recalc_ps(local, -1);
2008 mutex_unlock(&local->iflist_mtx);
2009
2010 ieee80211_recalc_smps(sdata);
2011 ieee80211_recalc_ps_vif(sdata);
2012
2013 netif_carrier_on(sdata->dev);
2014}
2015
2016static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata,
2017 u16 stype, u16 reason, bool tx,
2018 u8 *frame_buf)
2019{
2020 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2021 struct ieee80211_local *local = sdata->local;
2022 u32 changed = 0;
2023
2024 sdata_assert_lock(sdata);
2025
2026 if (WARN_ON_ONCE(tx && !frame_buf))
2027 return;
2028
2029 if (WARN_ON(!ifmgd->associated))
2030 return;
2031
2032 ieee80211_stop_poll(sdata);
2033
2034 ifmgd->associated = NULL;
2035 netif_carrier_off(sdata->dev);
2036
2037
2038
2039
2040
2041
2042 if (local->hw.conf.flags & IEEE80211_CONF_PS) {
2043 local->hw.conf.flags &= ~IEEE80211_CONF_PS;
2044 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS);
2045 }
2046 local->ps_sdata = NULL;
2047
2048
2049 ieee80211_recalc_ps_vif(sdata);
2050
2051
2052 synchronize_net();
2053
2054
2055
2056
2057
2058
2059
2060 if (tx)
2061 ieee80211_flush_queues(local, sdata, true);
2062
2063
2064 if (tx || frame_buf)
2065 ieee80211_send_deauth_disassoc(sdata, ifmgd->bssid, stype,
2066 reason, tx, frame_buf);
2067
2068
2069 if (tx)
2070 ieee80211_flush_queues(local, sdata, false);
2071
2072
2073 eth_zero_addr(ifmgd->bssid);
2074
2075
2076 sta_info_flush(sdata);
2077
2078
2079 changed |= ieee80211_reset_erp_info(sdata);
2080
2081 ieee80211_led_assoc(local, 0);
2082 changed |= BSS_CHANGED_ASSOC;
2083 sdata->vif.bss_conf.assoc = false;
2084
2085 ifmgd->p2p_noa_index = -1;
2086 memset(&sdata->vif.bss_conf.p2p_noa_attr, 0,
2087 sizeof(sdata->vif.bss_conf.p2p_noa_attr));
2088
2089
2090 memset(&ifmgd->ht_capa, 0, sizeof(ifmgd->ht_capa));
2091 memset(&ifmgd->ht_capa_mask, 0, sizeof(ifmgd->ht_capa_mask));
2092 memset(&ifmgd->vht_capa, 0, sizeof(ifmgd->vht_capa));
2093 memset(&ifmgd->vht_capa_mask, 0, sizeof(ifmgd->vht_capa_mask));
2094 sdata->flags &= ~IEEE80211_SDATA_MU_MIMO_OWNER;
2095
2096 sdata->ap_power_level = IEEE80211_UNSET_POWER_LEVEL;
2097
2098 del_timer_sync(&local->dynamic_ps_timer);
2099 cancel_work_sync(&local->dynamic_ps_enable_work);
2100
2101
2102 if (sdata->vif.bss_conf.arp_addr_cnt)
2103 changed |= BSS_CHANGED_ARP_FILTER;
2104
2105 sdata->vif.bss_conf.qos = false;
2106 changed |= BSS_CHANGED_QOS;
2107
2108
2109 changed |= BSS_CHANGED_BSSID | BSS_CHANGED_HT;
2110 ieee80211_bss_info_change_notify(sdata, changed);
2111
2112
2113 ieee80211_set_wmm_default(sdata, false);
2114
2115 del_timer_sync(&sdata->u.mgd.conn_mon_timer);
2116 del_timer_sync(&sdata->u.mgd.bcn_mon_timer);
2117 del_timer_sync(&sdata->u.mgd.timer);
2118 del_timer_sync(&sdata->u.mgd.chswitch_timer);
2119
2120 sdata->vif.bss_conf.dtim_period = 0;
2121 sdata->vif.bss_conf.beacon_rate = NULL;
2122
2123 ifmgd->have_beacon = false;
2124
2125 ifmgd->flags = 0;
2126 mutex_lock(&local->mtx);
2127 ieee80211_vif_release_channel(sdata);
2128
2129 sdata->vif.csa_active = false;
2130 ifmgd->csa_waiting_bcn = false;
2131 ifmgd->csa_ignored_same_chan = false;
2132 if (sdata->csa_block_tx) {
2133 ieee80211_wake_vif_queues(local, sdata,
2134 IEEE80211_QUEUE_STOP_REASON_CSA);
2135 sdata->csa_block_tx = false;
2136 }
2137 mutex_unlock(&local->mtx);
2138
2139
2140 memset(ifmgd->tx_tspec, 0, sizeof(ifmgd->tx_tspec));
2141 cancel_delayed_work_sync(&ifmgd->tx_tspec_wk);
2142
2143 sdata->encrypt_headroom = IEEE80211_ENCRYPT_HEADROOM;
2144}
2145
2146void ieee80211_sta_rx_notify(struct ieee80211_sub_if_data *sdata,
2147 struct ieee80211_hdr *hdr)
2148{
2149
2150
2151
2152
2153
2154
2155
2156
2157 if (is_multicast_ether_addr(hdr->addr1))
2158 return;
2159
2160 ieee80211_sta_reset_conn_monitor(sdata);
2161}
2162
2163static void ieee80211_reset_ap_probe(struct ieee80211_sub_if_data *sdata)
2164{
2165 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2166 struct ieee80211_local *local = sdata->local;
2167
2168 mutex_lock(&local->mtx);
2169 if (!(ifmgd->flags & IEEE80211_STA_CONNECTION_POLL))
2170 goto out;
2171
2172 __ieee80211_stop_poll(sdata);
2173
2174 mutex_lock(&local->iflist_mtx);
2175 ieee80211_recalc_ps(local, -1);
2176 mutex_unlock(&local->iflist_mtx);
2177
2178 if (ieee80211_hw_check(&sdata->local->hw, CONNECTION_MONITOR))
2179 goto out;
2180
2181
2182
2183
2184
2185
2186 ieee80211_sta_reset_beacon_monitor(sdata);
2187
2188 mod_timer(&ifmgd->conn_mon_timer,
2189 round_jiffies_up(jiffies +
2190 IEEE80211_CONNECTION_IDLE_TIME));
2191out:
2192 mutex_unlock(&local->mtx);
2193}
2194
2195static void ieee80211_sta_tx_wmm_ac_notify(struct ieee80211_sub_if_data *sdata,
2196 struct ieee80211_hdr *hdr,
2197 u16 tx_time)
2198{
2199 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2200 u16 tid = *ieee80211_get_qos_ctl(hdr) & IEEE80211_QOS_CTL_TID_MASK;
2201 int ac = ieee80211_ac_from_tid(tid);
2202 struct ieee80211_sta_tx_tspec *tx_tspec = &ifmgd->tx_tspec[ac];
2203 unsigned long now = jiffies;
2204
2205 if (likely(!tx_tspec->admitted_time))
2206 return;
2207
2208 if (time_after(now, tx_tspec->time_slice_start + HZ)) {
2209 tx_tspec->consumed_tx_time = 0;
2210 tx_tspec->time_slice_start = now;
2211
2212 if (tx_tspec->downgraded) {
2213 tx_tspec->action = TX_TSPEC_ACTION_STOP_DOWNGRADE;
2214 schedule_delayed_work(&ifmgd->tx_tspec_wk, 0);
2215 }
2216 }
2217
2218 if (tx_tspec->downgraded)
2219 return;
2220
2221 tx_tspec->consumed_tx_time += tx_time;
2222
2223 if (tx_tspec->consumed_tx_time >= tx_tspec->admitted_time) {
2224 tx_tspec->downgraded = true;
2225 tx_tspec->action = TX_TSPEC_ACTION_DOWNGRADE;
2226 schedule_delayed_work(&ifmgd->tx_tspec_wk, 0);
2227 }
2228}
2229
2230void ieee80211_sta_tx_notify(struct ieee80211_sub_if_data *sdata,
2231 struct ieee80211_hdr *hdr, bool ack, u16 tx_time)
2232{
2233 ieee80211_sta_tx_wmm_ac_notify(sdata, hdr, tx_time);
2234
2235 if (!ieee80211_is_data(hdr->frame_control))
2236 return;
2237
2238 if (ieee80211_is_nullfunc(hdr->frame_control) &&
2239 sdata->u.mgd.probe_send_count > 0) {
2240 if (ack)
2241 ieee80211_sta_reset_conn_monitor(sdata);
2242 else
2243 sdata->u.mgd.nullfunc_failed = true;
2244 ieee80211_queue_work(&sdata->local->hw, &sdata->work);
2245 return;
2246 }
2247
2248 if (ack)
2249 ieee80211_sta_reset_conn_monitor(sdata);
2250}
2251
2252static void ieee80211_mgd_probe_ap_send(struct ieee80211_sub_if_data *sdata)
2253{
2254 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2255 const u8 *ssid;
2256 u8 *dst = ifmgd->associated->bssid;
2257 u8 unicast_limit = max(1, max_probe_tries - 3);
2258
2259
2260
2261
2262
2263
2264 if (ifmgd->probe_send_count >= unicast_limit)
2265 dst = NULL;
2266
2267
2268
2269
2270
2271
2272
2273
2274 ifmgd->probe_send_count++;
2275
2276 if (ieee80211_hw_check(&sdata->local->hw, REPORTS_TX_ACK_STATUS)) {
2277 ifmgd->nullfunc_failed = false;
2278 ieee80211_send_nullfunc(sdata->local, sdata, 0);
2279 } else {
2280 int ssid_len;
2281
2282 rcu_read_lock();
2283 ssid = ieee80211_bss_get_ie(ifmgd->associated, WLAN_EID_SSID);
2284 if (WARN_ON_ONCE(ssid == NULL))
2285 ssid_len = 0;
2286 else
2287 ssid_len = ssid[1];
2288
2289 ieee80211_send_probe_req(sdata, sdata->vif.addr, dst,
2290 ssid + 2, ssid_len, NULL,
2291 0, (u32) -1, true, 0,
2292 ifmgd->associated->channel, false);
2293 rcu_read_unlock();
2294 }
2295
2296 ifmgd->probe_timeout = jiffies + msecs_to_jiffies(probe_wait_ms);
2297 run_again(sdata, ifmgd->probe_timeout);
2298}
2299
2300static void ieee80211_mgd_probe_ap(struct ieee80211_sub_if_data *sdata,
2301 bool beacon)
2302{
2303 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2304 bool already = false;
2305
2306 if (!ieee80211_sdata_running(sdata))
2307 return;
2308
2309 sdata_lock(sdata);
2310
2311 if (!ifmgd->associated)
2312 goto out;
2313
2314 mutex_lock(&sdata->local->mtx);
2315
2316 if (sdata->local->tmp_channel || sdata->local->scanning) {
2317 mutex_unlock(&sdata->local->mtx);
2318 goto out;
2319 }
2320
2321 if (beacon) {
2322 mlme_dbg_ratelimited(sdata,
2323 "detected beacon loss from AP (missed %d beacons) - probing\n",
2324 beacon_loss_count);
2325
2326 ieee80211_cqm_beacon_loss_notify(&sdata->vif, GFP_KERNEL);
2327 }
2328
2329
2330
2331
2332
2333
2334
2335
2336
2337
2338
2339
2340 if (ifmgd->flags & IEEE80211_STA_CONNECTION_POLL)
2341 already = true;
2342
2343 ifmgd->flags |= IEEE80211_STA_CONNECTION_POLL;
2344
2345 mutex_unlock(&sdata->local->mtx);
2346
2347 if (already)
2348 goto out;
2349
2350 mutex_lock(&sdata->local->iflist_mtx);
2351 ieee80211_recalc_ps(sdata->local, -1);
2352 mutex_unlock(&sdata->local->iflist_mtx);
2353
2354 ifmgd->probe_send_count = 0;
2355 ieee80211_mgd_probe_ap_send(sdata);
2356 out:
2357 sdata_unlock(sdata);
2358}
2359
2360struct sk_buff *ieee80211_ap_probereq_get(struct ieee80211_hw *hw,
2361 struct ieee80211_vif *vif)
2362{
2363 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
2364 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2365 struct cfg80211_bss *cbss;
2366 struct sk_buff *skb;
2367 const u8 *ssid;
2368 int ssid_len;
2369
2370 if (WARN_ON(sdata->vif.type != NL80211_IFTYPE_STATION))
2371 return NULL;
2372
2373 sdata_assert_lock(sdata);
2374
2375 if (ifmgd->associated)
2376 cbss = ifmgd->associated;
2377 else if (ifmgd->auth_data)
2378 cbss = ifmgd->auth_data->bss;
2379 else if (ifmgd->assoc_data)
2380 cbss = ifmgd->assoc_data->bss;
2381 else
2382 return NULL;
2383
2384 rcu_read_lock();
2385 ssid = ieee80211_bss_get_ie(cbss, WLAN_EID_SSID);
2386 if (WARN_ON_ONCE(ssid == NULL))
2387 ssid_len = 0;
2388 else
2389 ssid_len = ssid[1];
2390
2391 skb = ieee80211_build_probe_req(sdata, sdata->vif.addr, cbss->bssid,
2392 (u32) -1, cbss->channel,
2393 ssid + 2, ssid_len,
2394 NULL, 0, true);
2395 rcu_read_unlock();
2396
2397 return skb;
2398}
2399EXPORT_SYMBOL(ieee80211_ap_probereq_get);
2400
2401static void ieee80211_report_disconnect(struct ieee80211_sub_if_data *sdata,
2402 const u8 *buf, size_t len, bool tx,
2403 u16 reason)
2404{
2405 struct ieee80211_event event = {
2406 .type = MLME_EVENT,
2407 .u.mlme.data = tx ? DEAUTH_TX_EVENT : DEAUTH_RX_EVENT,
2408 .u.mlme.reason = reason,
2409 };
2410
2411 if (tx)
2412 cfg80211_tx_mlme_mgmt(sdata->dev, buf, len);
2413 else
2414 cfg80211_rx_mlme_mgmt(sdata->dev, buf, len);
2415
2416 drv_event_callback(sdata->local, sdata, &event);
2417}
2418
2419static void __ieee80211_disconnect(struct ieee80211_sub_if_data *sdata)
2420{
2421 struct ieee80211_local *local = sdata->local;
2422 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2423 u8 frame_buf[IEEE80211_DEAUTH_FRAME_LEN];
2424
2425 sdata_lock(sdata);
2426 if (!ifmgd->associated) {
2427 sdata_unlock(sdata);
2428 return;
2429 }
2430
2431 ieee80211_set_disassoc(sdata, IEEE80211_STYPE_DEAUTH,
2432 WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY,
2433 true, frame_buf);
2434 mutex_lock(&local->mtx);
2435 sdata->vif.csa_active = false;
2436 ifmgd->csa_waiting_bcn = false;
2437 if (sdata->csa_block_tx) {
2438 ieee80211_wake_vif_queues(local, sdata,
2439 IEEE80211_QUEUE_STOP_REASON_CSA);
2440 sdata->csa_block_tx = false;
2441 }
2442 mutex_unlock(&local->mtx);
2443
2444 ieee80211_report_disconnect(sdata, frame_buf, sizeof(frame_buf), true,
2445 WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY);
2446
2447 sdata_unlock(sdata);
2448}
2449
2450static void ieee80211_beacon_connection_loss_work(struct work_struct *work)
2451{
2452 struct ieee80211_sub_if_data *sdata =
2453 container_of(work, struct ieee80211_sub_if_data,
2454 u.mgd.beacon_connection_loss_work);
2455 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2456 struct sta_info *sta;
2457
2458 if (ifmgd->associated) {
2459 rcu_read_lock();
2460 sta = sta_info_get(sdata, ifmgd->bssid);
2461 if (sta)
2462 sta->beacon_loss_count++;
2463 rcu_read_unlock();
2464 }
2465
2466 if (ifmgd->connection_loss) {
2467 sdata_info(sdata, "Connection to AP %pM lost\n",
2468 ifmgd->bssid);
2469 __ieee80211_disconnect(sdata);
2470 } else {
2471 ieee80211_mgd_probe_ap(sdata, true);
2472 }
2473}
2474
2475static void ieee80211_csa_connection_drop_work(struct work_struct *work)
2476{
2477 struct ieee80211_sub_if_data *sdata =
2478 container_of(work, struct ieee80211_sub_if_data,
2479 u.mgd.csa_connection_drop_work);
2480
2481 __ieee80211_disconnect(sdata);
2482}
2483
2484void ieee80211_beacon_loss(struct ieee80211_vif *vif)
2485{
2486 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
2487 struct ieee80211_hw *hw = &sdata->local->hw;
2488
2489 trace_api_beacon_loss(sdata);
2490
2491 sdata->u.mgd.connection_loss = false;
2492 ieee80211_queue_work(hw, &sdata->u.mgd.beacon_connection_loss_work);
2493}
2494EXPORT_SYMBOL(ieee80211_beacon_loss);
2495
2496void ieee80211_connection_loss(struct ieee80211_vif *vif)
2497{
2498 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
2499 struct ieee80211_hw *hw = &sdata->local->hw;
2500
2501 trace_api_connection_loss(sdata);
2502
2503 sdata->u.mgd.connection_loss = true;
2504 ieee80211_queue_work(hw, &sdata->u.mgd.beacon_connection_loss_work);
2505}
2506EXPORT_SYMBOL(ieee80211_connection_loss);
2507
2508
2509static void ieee80211_destroy_auth_data(struct ieee80211_sub_if_data *sdata,
2510 bool assoc)
2511{
2512 struct ieee80211_mgd_auth_data *auth_data = sdata->u.mgd.auth_data;
2513
2514 sdata_assert_lock(sdata);
2515
2516 if (!assoc) {
2517
2518
2519
2520
2521
2522 del_timer_sync(&sdata->u.mgd.timer);
2523 sta_info_destroy_addr(sdata, auth_data->bss->bssid);
2524
2525 eth_zero_addr(sdata->u.mgd.bssid);
2526 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BSSID);
2527 sdata->u.mgd.flags = 0;
2528 mutex_lock(&sdata->local->mtx);
2529 ieee80211_vif_release_channel(sdata);
2530 mutex_unlock(&sdata->local->mtx);
2531 }
2532
2533 cfg80211_put_bss(sdata->local->hw.wiphy, auth_data->bss);
2534 kfree(auth_data);
2535 sdata->u.mgd.auth_data = NULL;
2536}
2537
2538static void ieee80211_destroy_assoc_data(struct ieee80211_sub_if_data *sdata,
2539 bool assoc)
2540{
2541 struct ieee80211_mgd_assoc_data *assoc_data = sdata->u.mgd.assoc_data;
2542
2543 sdata_assert_lock(sdata);
2544
2545 if (!assoc) {
2546
2547
2548
2549
2550
2551 del_timer_sync(&sdata->u.mgd.timer);
2552 sta_info_destroy_addr(sdata, assoc_data->bss->bssid);
2553
2554 eth_zero_addr(sdata->u.mgd.bssid);
2555 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BSSID);
2556 sdata->u.mgd.flags = 0;
2557 sdata->flags &= ~IEEE80211_SDATA_MU_MIMO_OWNER;
2558 mutex_lock(&sdata->local->mtx);
2559 ieee80211_vif_release_channel(sdata);
2560 mutex_unlock(&sdata->local->mtx);
2561 }
2562
2563 kfree(assoc_data);
2564 sdata->u.mgd.assoc_data = NULL;
2565}
2566
2567static void ieee80211_auth_challenge(struct ieee80211_sub_if_data *sdata,
2568 struct ieee80211_mgmt *mgmt, size_t len)
2569{
2570 struct ieee80211_local *local = sdata->local;
2571 struct ieee80211_mgd_auth_data *auth_data = sdata->u.mgd.auth_data;
2572 u8 *pos;
2573 struct ieee802_11_elems elems;
2574 u32 tx_flags = 0;
2575
2576 pos = mgmt->u.auth.variable;
2577 ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), false, &elems);
2578 if (!elems.challenge)
2579 return;
2580 auth_data->expected_transaction = 4;
2581 drv_mgd_prepare_tx(sdata->local, sdata);
2582 if (ieee80211_hw_check(&local->hw, REPORTS_TX_ACK_STATUS))
2583 tx_flags = IEEE80211_TX_CTL_REQ_TX_STATUS |
2584 IEEE80211_TX_INTFL_MLME_CONN_TX;
2585 ieee80211_send_auth(sdata, 3, auth_data->algorithm, 0,
2586 elems.challenge - 2, elems.challenge_len + 2,
2587 auth_data->bss->bssid, auth_data->bss->bssid,
2588 auth_data->key, auth_data->key_len,
2589 auth_data->key_idx, tx_flags);
2590}
2591
2592static void ieee80211_rx_mgmt_auth(struct ieee80211_sub_if_data *sdata,
2593 struct ieee80211_mgmt *mgmt, size_t len)
2594{
2595 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2596 u8 bssid[ETH_ALEN];
2597 u16 auth_alg, auth_transaction, status_code;
2598 struct sta_info *sta;
2599 struct ieee80211_event event = {
2600 .type = MLME_EVENT,
2601 .u.mlme.data = AUTH_EVENT,
2602 };
2603
2604 sdata_assert_lock(sdata);
2605
2606 if (len < 24 + 6)
2607 return;
2608
2609 if (!ifmgd->auth_data || ifmgd->auth_data->done)
2610 return;
2611
2612 memcpy(bssid, ifmgd->auth_data->bss->bssid, ETH_ALEN);
2613
2614 if (!ether_addr_equal(bssid, mgmt->bssid))
2615 return;
2616
2617 auth_alg = le16_to_cpu(mgmt->u.auth.auth_alg);
2618 auth_transaction = le16_to_cpu(mgmt->u.auth.auth_transaction);
2619 status_code = le16_to_cpu(mgmt->u.auth.status_code);
2620
2621 if (auth_alg != ifmgd->auth_data->algorithm ||
2622 auth_transaction != ifmgd->auth_data->expected_transaction) {
2623 sdata_info(sdata, "%pM unexpected authentication state: alg %d (expected %d) transact %d (expected %d)\n",
2624 mgmt->sa, auth_alg, ifmgd->auth_data->algorithm,
2625 auth_transaction,
2626 ifmgd->auth_data->expected_transaction);
2627 return;
2628 }
2629
2630 if (status_code != WLAN_STATUS_SUCCESS) {
2631 sdata_info(sdata, "%pM denied authentication (status %d)\n",
2632 mgmt->sa, status_code);
2633 ieee80211_destroy_auth_data(sdata, false);
2634 cfg80211_rx_mlme_mgmt(sdata->dev, (u8 *)mgmt, len);
2635 event.u.mlme.status = MLME_DENIED;
2636 event.u.mlme.reason = status_code;
2637 drv_event_callback(sdata->local, sdata, &event);
2638 return;
2639 }
2640
2641 switch (ifmgd->auth_data->algorithm) {
2642 case WLAN_AUTH_OPEN:
2643 case WLAN_AUTH_LEAP:
2644 case WLAN_AUTH_FT:
2645 case WLAN_AUTH_SAE:
2646 break;
2647 case WLAN_AUTH_SHARED_KEY:
2648 if (ifmgd->auth_data->expected_transaction != 4) {
2649 ieee80211_auth_challenge(sdata, mgmt, len);
2650
2651 return;
2652 }
2653 break;
2654 default:
2655 WARN_ONCE(1, "invalid auth alg %d",
2656 ifmgd->auth_data->algorithm);
2657 return;
2658 }
2659
2660 event.u.mlme.status = MLME_SUCCESS;
2661 drv_event_callback(sdata->local, sdata, &event);
2662 sdata_info(sdata, "authenticated\n");
2663 ifmgd->auth_data->done = true;
2664 ifmgd->auth_data->timeout = jiffies + IEEE80211_AUTH_WAIT_ASSOC;
2665 ifmgd->auth_data->timeout_started = true;
2666 run_again(sdata, ifmgd->auth_data->timeout);
2667
2668 if (ifmgd->auth_data->algorithm == WLAN_AUTH_SAE &&
2669 ifmgd->auth_data->expected_transaction != 2) {
2670
2671
2672
2673
2674 cfg80211_rx_mlme_mgmt(sdata->dev, (u8 *)mgmt, len);
2675 return;
2676 }
2677
2678
2679 mutex_lock(&sdata->local->sta_mtx);
2680 sta = sta_info_get(sdata, bssid);
2681 if (!sta) {
2682 WARN_ONCE(1, "%s: STA %pM not found", sdata->name, bssid);
2683 goto out_err;
2684 }
2685 if (sta_info_move_state(sta, IEEE80211_STA_AUTH)) {
2686 sdata_info(sdata, "failed moving %pM to auth\n", bssid);
2687 goto out_err;
2688 }
2689 mutex_unlock(&sdata->local->sta_mtx);
2690
2691 cfg80211_rx_mlme_mgmt(sdata->dev, (u8 *)mgmt, len);
2692 return;
2693 out_err:
2694 mutex_unlock(&sdata->local->sta_mtx);
2695
2696}
2697
2698#define case_WLAN(type) \
2699 case WLAN_REASON_##type: return #type
2700
2701static const char *ieee80211_get_reason_code_string(u16 reason_code)
2702{
2703 switch (reason_code) {
2704 case_WLAN(UNSPECIFIED);
2705 case_WLAN(PREV_AUTH_NOT_VALID);
2706 case_WLAN(DEAUTH_LEAVING);
2707 case_WLAN(DISASSOC_DUE_TO_INACTIVITY);
2708 case_WLAN(DISASSOC_AP_BUSY);
2709 case_WLAN(CLASS2_FRAME_FROM_NONAUTH_STA);
2710 case_WLAN(CLASS3_FRAME_FROM_NONASSOC_STA);
2711 case_WLAN(DISASSOC_STA_HAS_LEFT);
2712 case_WLAN(STA_REQ_ASSOC_WITHOUT_AUTH);
2713 case_WLAN(DISASSOC_BAD_POWER);
2714 case_WLAN(DISASSOC_BAD_SUPP_CHAN);
2715 case_WLAN(INVALID_IE);
2716 case_WLAN(MIC_FAILURE);
2717 case_WLAN(4WAY_HANDSHAKE_TIMEOUT);
2718 case_WLAN(GROUP_KEY_HANDSHAKE_TIMEOUT);
2719 case_WLAN(IE_DIFFERENT);
2720 case_WLAN(INVALID_GROUP_CIPHER);
2721 case_WLAN(INVALID_PAIRWISE_CIPHER);
2722 case_WLAN(INVALID_AKMP);
2723 case_WLAN(UNSUPP_RSN_VERSION);
2724 case_WLAN(INVALID_RSN_IE_CAP);
2725 case_WLAN(IEEE8021X_FAILED);
2726 case_WLAN(CIPHER_SUITE_REJECTED);
2727 case_WLAN(DISASSOC_UNSPECIFIED_QOS);
2728 case_WLAN(DISASSOC_QAP_NO_BANDWIDTH);
2729 case_WLAN(DISASSOC_LOW_ACK);
2730 case_WLAN(DISASSOC_QAP_EXCEED_TXOP);
2731 case_WLAN(QSTA_LEAVE_QBSS);
2732 case_WLAN(QSTA_NOT_USE);
2733 case_WLAN(QSTA_REQUIRE_SETUP);
2734 case_WLAN(QSTA_TIMEOUT);
2735 case_WLAN(QSTA_CIPHER_NOT_SUPP);
2736 case_WLAN(MESH_PEER_CANCELED);
2737 case_WLAN(MESH_MAX_PEERS);
2738 case_WLAN(MESH_CONFIG);
2739 case_WLAN(MESH_CLOSE);
2740 case_WLAN(MESH_MAX_RETRIES);
2741 case_WLAN(MESH_CONFIRM_TIMEOUT);
2742 case_WLAN(MESH_INVALID_GTK);
2743 case_WLAN(MESH_INCONSISTENT_PARAM);
2744 case_WLAN(MESH_INVALID_SECURITY);
2745 case_WLAN(MESH_PATH_ERROR);
2746 case_WLAN(MESH_PATH_NOFORWARD);
2747 case_WLAN(MESH_PATH_DEST_UNREACHABLE);
2748 case_WLAN(MAC_EXISTS_IN_MBSS);
2749 case_WLAN(MESH_CHAN_REGULATORY);
2750 case_WLAN(MESH_CHAN);
2751 default: return "<unknown>";
2752 }
2753}
2754
2755static void ieee80211_rx_mgmt_deauth(struct ieee80211_sub_if_data *sdata,
2756 struct ieee80211_mgmt *mgmt, size_t len)
2757{
2758 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2759 u16 reason_code = le16_to_cpu(mgmt->u.deauth.reason_code);
2760
2761 sdata_assert_lock(sdata);
2762
2763 if (len < 24 + 2)
2764 return;
2765
2766 if (ifmgd->associated &&
2767 ether_addr_equal(mgmt->bssid, ifmgd->associated->bssid)) {
2768 const u8 *bssid = ifmgd->associated->bssid;
2769
2770 sdata_info(sdata, "deauthenticated from %pM (Reason: %u=%s)\n",
2771 bssid, reason_code,
2772 ieee80211_get_reason_code_string(reason_code));
2773
2774 ieee80211_set_disassoc(sdata, 0, 0, false, NULL);
2775
2776 ieee80211_report_disconnect(sdata, (u8 *)mgmt, len, false,
2777 reason_code);
2778 return;
2779 }
2780
2781 if (ifmgd->assoc_data &&
2782 ether_addr_equal(mgmt->bssid, ifmgd->assoc_data->bss->bssid)) {
2783 const u8 *bssid = ifmgd->assoc_data->bss->bssid;
2784
2785 sdata_info(sdata,
2786 "deauthenticated from %pM while associating (Reason: %u=%s)\n",
2787 bssid, reason_code,
2788 ieee80211_get_reason_code_string(reason_code));
2789
2790 ieee80211_destroy_assoc_data(sdata, false);
2791
2792 cfg80211_rx_mlme_mgmt(sdata->dev, (u8 *)mgmt, len);
2793 return;
2794 }
2795}
2796
2797
2798static void ieee80211_rx_mgmt_disassoc(struct ieee80211_sub_if_data *sdata,
2799 struct ieee80211_mgmt *mgmt, size_t len)
2800{
2801 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2802 u16 reason_code;
2803
2804 sdata_assert_lock(sdata);
2805
2806 if (len < 24 + 2)
2807 return;
2808
2809 if (!ifmgd->associated ||
2810 !ether_addr_equal(mgmt->bssid, ifmgd->associated->bssid))
2811 return;
2812
2813 reason_code = le16_to_cpu(mgmt->u.disassoc.reason_code);
2814
2815 sdata_info(sdata, "disassociated from %pM (Reason: %u)\n",
2816 mgmt->sa, reason_code);
2817
2818 ieee80211_set_disassoc(sdata, 0, 0, false, NULL);
2819
2820 ieee80211_report_disconnect(sdata, (u8 *)mgmt, len, false, reason_code);
2821}
2822
2823static void ieee80211_get_rates(struct ieee80211_supported_band *sband,
2824 u8 *supp_rates, unsigned int supp_rates_len,
2825 u32 *rates, u32 *basic_rates,
2826 bool *have_higher_than_11mbit,
2827 int *min_rate, int *min_rate_index,
2828 int shift, u32 rate_flags)
2829{
2830 int i, j;
2831
2832 for (i = 0; i < supp_rates_len; i++) {
2833 int rate = supp_rates[i] & 0x7f;
2834 bool is_basic = !!(supp_rates[i] & 0x80);
2835
2836 if ((rate * 5 * (1 << shift)) > 110)
2837 *have_higher_than_11mbit = true;
2838
2839
2840
2841
2842
2843
2844
2845
2846
2847 if (!!(supp_rates[i] & 0x80) &&
2848 (supp_rates[i] & 0x7f) == BSS_MEMBERSHIP_SELECTOR_HT_PHY)
2849 continue;
2850
2851 for (j = 0; j < sband->n_bitrates; j++) {
2852 struct ieee80211_rate *br;
2853 int brate;
2854
2855 br = &sband->bitrates[j];
2856 if ((rate_flags & br->flags) != rate_flags)
2857 continue;
2858
2859 brate = DIV_ROUND_UP(br->bitrate, (1 << shift) * 5);
2860 if (brate == rate) {
2861 *rates |= BIT(j);
2862 if (is_basic)
2863 *basic_rates |= BIT(j);
2864 if ((rate * 5) < *min_rate) {
2865 *min_rate = rate * 5;
2866 *min_rate_index = j;
2867 }
2868 break;
2869 }
2870 }
2871 }
2872}
2873
2874static bool ieee80211_assoc_success(struct ieee80211_sub_if_data *sdata,
2875 struct cfg80211_bss *cbss,
2876 struct ieee80211_mgmt *mgmt, size_t len)
2877{
2878 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2879 struct ieee80211_local *local = sdata->local;
2880 struct ieee80211_supported_band *sband;
2881 struct sta_info *sta;
2882 u8 *pos;
2883 u16 capab_info, aid;
2884 struct ieee802_11_elems elems;
2885 struct ieee80211_bss_conf *bss_conf = &sdata->vif.bss_conf;
2886 const struct cfg80211_bss_ies *bss_ies = NULL;
2887 struct ieee80211_mgd_assoc_data *assoc_data = ifmgd->assoc_data;
2888 u32 changed = 0;
2889 int err;
2890 bool ret;
2891
2892
2893
2894 aid = le16_to_cpu(mgmt->u.assoc_resp.aid);
2895 capab_info = le16_to_cpu(mgmt->u.assoc_resp.capab_info);
2896
2897 if ((aid & (BIT(15) | BIT(14))) != (BIT(15) | BIT(14)))
2898 sdata_info(sdata, "invalid AID value 0x%x; bits 15:14 not set\n",
2899 aid);
2900 aid &= ~(BIT(15) | BIT(14));
2901
2902 ifmgd->broken_ap = false;
2903
2904 if (aid == 0 || aid > IEEE80211_MAX_AID) {
2905 sdata_info(sdata, "invalid AID value %d (out of range), turn off PS\n",
2906 aid);
2907 aid = 0;
2908 ifmgd->broken_ap = true;
2909 }
2910
2911 pos = mgmt->u.assoc_resp.variable;
2912 ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), false, &elems);
2913
2914 if (!elems.supp_rates) {
2915 sdata_info(sdata, "no SuppRates element in AssocResp\n");
2916 return false;
2917 }
2918
2919 ifmgd->aid = aid;
2920 ifmgd->tdls_chan_switch_prohibited =
2921 elems.ext_capab && elems.ext_capab_len >= 5 &&
2922 (elems.ext_capab[4] & WLAN_EXT_CAPA5_TDLS_CH_SW_PROHIBITED);
2923
2924
2925
2926
2927
2928
2929
2930
2931 if ((assoc_data->wmm && !elems.wmm_param) ||
2932 (!(ifmgd->flags & IEEE80211_STA_DISABLE_HT) &&
2933 (!elems.ht_cap_elem || !elems.ht_operation)) ||
2934 (!(ifmgd->flags & IEEE80211_STA_DISABLE_VHT) &&
2935 (!elems.vht_cap_elem || !elems.vht_operation))) {
2936 const struct cfg80211_bss_ies *ies;
2937 struct ieee802_11_elems bss_elems;
2938
2939 rcu_read_lock();
2940 ies = rcu_dereference(cbss->ies);
2941 if (ies)
2942 bss_ies = kmemdup(ies, sizeof(*ies) + ies->len,
2943 GFP_ATOMIC);
2944 rcu_read_unlock();
2945 if (!bss_ies)
2946 return false;
2947
2948 ieee802_11_parse_elems(bss_ies->data, bss_ies->len,
2949 false, &bss_elems);
2950 if (assoc_data->wmm &&
2951 !elems.wmm_param && bss_elems.wmm_param) {
2952 elems.wmm_param = bss_elems.wmm_param;
2953 sdata_info(sdata,
2954 "AP bug: WMM param missing from AssocResp\n");
2955 }
2956
2957
2958
2959
2960
2961 if (!elems.ht_cap_elem && bss_elems.ht_cap_elem &&
2962 !(ifmgd->flags & IEEE80211_STA_DISABLE_HT)) {
2963 elems.ht_cap_elem = bss_elems.ht_cap_elem;
2964 sdata_info(sdata,
2965 "AP bug: HT capability missing from AssocResp\n");
2966 }
2967 if (!elems.ht_operation && bss_elems.ht_operation &&
2968 !(ifmgd->flags & IEEE80211_STA_DISABLE_HT)) {
2969 elems.ht_operation = bss_elems.ht_operation;
2970 sdata_info(sdata,
2971 "AP bug: HT operation missing from AssocResp\n");
2972 }
2973 if (!elems.vht_cap_elem && bss_elems.vht_cap_elem &&
2974 !(ifmgd->flags & IEEE80211_STA_DISABLE_VHT)) {
2975 elems.vht_cap_elem = bss_elems.vht_cap_elem;
2976 sdata_info(sdata,
2977 "AP bug: VHT capa missing from AssocResp\n");
2978 }
2979 if (!elems.vht_operation && bss_elems.vht_operation &&
2980 !(ifmgd->flags & IEEE80211_STA_DISABLE_VHT)) {
2981 elems.vht_operation = bss_elems.vht_operation;
2982 sdata_info(sdata,
2983 "AP bug: VHT operation missing from AssocResp\n");
2984 }
2985 }
2986
2987
2988
2989
2990
2991 if (!(ifmgd->flags & IEEE80211_STA_DISABLE_HT) &&
2992 (!elems.wmm_param || !elems.ht_cap_elem || !elems.ht_operation)) {
2993 sdata_info(sdata,
2994 "HT AP is missing WMM params or HT capability/operation\n");
2995 ret = false;
2996 goto out;
2997 }
2998
2999 if (!(ifmgd->flags & IEEE80211_STA_DISABLE_VHT) &&
3000 (!elems.vht_cap_elem || !elems.vht_operation)) {
3001 sdata_info(sdata,
3002 "VHT AP is missing VHT capability/operation\n");
3003 ret = false;
3004 goto out;
3005 }
3006
3007 mutex_lock(&sdata->local->sta_mtx);
3008
3009
3010
3011
3012 sta = sta_info_get(sdata, cbss->bssid);
3013 if (WARN_ON(!sta)) {
3014 mutex_unlock(&sdata->local->sta_mtx);
3015 ret = false;
3016 goto out;
3017 }
3018
3019 sband = local->hw.wiphy->bands[ieee80211_get_sdata_band(sdata)];
3020
3021
3022 if (elems.ht_cap_elem && !(ifmgd->flags & IEEE80211_STA_DISABLE_HT))
3023 ieee80211_ht_cap_ie_to_sta_ht_cap(sdata, sband,
3024 elems.ht_cap_elem, sta);
3025
3026 if (elems.vht_cap_elem && !(ifmgd->flags & IEEE80211_STA_DISABLE_VHT))
3027 ieee80211_vht_cap_ie_to_sta_vht_cap(sdata, sband,
3028 elems.vht_cap_elem, sta);
3029
3030
3031
3032
3033
3034
3035
3036
3037
3038
3039
3040
3041
3042 if (elems.opmode_notif &&
3043 !(*elems.opmode_notif & IEEE80211_OPMODE_NOTIF_RX_NSS_TYPE_BF)) {
3044 u8 nss;
3045
3046 nss = *elems.opmode_notif & IEEE80211_OPMODE_NOTIF_RX_NSS_MASK;
3047 nss >>= IEEE80211_OPMODE_NOTIF_RX_NSS_SHIFT;
3048 nss += 1;
3049 sta->sta.rx_nss = nss;
3050 }
3051
3052 rate_control_rate_init(sta);
3053
3054 if (ifmgd->flags & IEEE80211_STA_MFP_ENABLED)
3055 set_sta_flag(sta, WLAN_STA_MFP);
3056
3057 sta->sta.wme = elems.wmm_param && local->hw.queues >= IEEE80211_NUM_ACS;
3058
3059 err = sta_info_move_state(sta, IEEE80211_STA_ASSOC);
3060 if (!err && !(ifmgd->flags & IEEE80211_STA_CONTROL_PORT))
3061 err = sta_info_move_state(sta, IEEE80211_STA_AUTHORIZED);
3062 if (err) {
3063 sdata_info(sdata,
3064 "failed to move station %pM to desired state\n",
3065 sta->sta.addr);
3066 WARN_ON(__sta_info_destroy(sta));
3067 mutex_unlock(&sdata->local->sta_mtx);
3068 ret = false;
3069 goto out;
3070 }
3071
3072 mutex_unlock(&sdata->local->sta_mtx);
3073
3074
3075
3076
3077
3078
3079
3080 ifmgd->wmm_last_param_set = -1;
3081
3082 if (!(ifmgd->flags & IEEE80211_STA_DISABLE_WMM) && elems.wmm_param)
3083 ieee80211_sta_wmm_params(local, sdata, elems.wmm_param,
3084 elems.wmm_param_len);
3085 else
3086 ieee80211_set_wmm_default(sdata, false);
3087 changed |= BSS_CHANGED_QOS;
3088
3089
3090
3091 bss_conf->aid = aid;
3092 bss_conf->assoc_capability = capab_info;
3093 ieee80211_set_associated(sdata, cbss, changed);
3094
3095
3096
3097
3098
3099 if (ifmgd->use_4addr)
3100 ieee80211_send_4addr_nullfunc(local, sdata);
3101
3102
3103
3104
3105
3106 ieee80211_sta_rx_notify(sdata, (struct ieee80211_hdr *)mgmt);
3107 ieee80211_sta_reset_beacon_monitor(sdata);
3108
3109 ret = true;
3110 out:
3111 kfree(bss_ies);
3112 return ret;
3113}
3114
3115static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
3116 struct ieee80211_mgmt *mgmt,
3117 size_t len)
3118{
3119 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
3120 struct ieee80211_mgd_assoc_data *assoc_data = ifmgd->assoc_data;
3121 u16 capab_info, status_code, aid;
3122 struct ieee802_11_elems elems;
3123 int ac, uapsd_queues = -1;
3124 u8 *pos;
3125 bool reassoc;
3126 struct cfg80211_bss *bss;
3127 struct ieee80211_event event = {
3128 .type = MLME_EVENT,
3129 .u.mlme.data = ASSOC_EVENT,
3130 };
3131
3132 sdata_assert_lock(sdata);
3133
3134 if (!assoc_data)
3135 return;
3136 if (!ether_addr_equal(assoc_data->bss->bssid, mgmt->bssid))
3137 return;
3138
3139
3140
3141
3142
3143
3144 if (len < 24 + 6)
3145 return;
3146
3147 reassoc = ieee80211_is_reassoc_req(mgmt->frame_control);
3148 capab_info = le16_to_cpu(mgmt->u.assoc_resp.capab_info);
3149 status_code = le16_to_cpu(mgmt->u.assoc_resp.status_code);
3150 aid = le16_to_cpu(mgmt->u.assoc_resp.aid);
3151
3152 sdata_info(sdata,
3153 "RX %sssocResp from %pM (capab=0x%x status=%d aid=%d)\n",
3154 reassoc ? "Rea" : "A", mgmt->sa,
3155 capab_info, status_code, (u16)(aid & ~(BIT(15) | BIT(14))));
3156
3157 pos = mgmt->u.assoc_resp.variable;
3158 ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), false, &elems);
3159
3160 if (status_code == WLAN_STATUS_ASSOC_REJECTED_TEMPORARILY &&
3161 elems.timeout_int &&
3162 elems.timeout_int->type == WLAN_TIMEOUT_ASSOC_COMEBACK) {
3163 u32 tu, ms;
3164 tu = le32_to_cpu(elems.timeout_int->value);
3165 ms = tu * 1024 / 1000;
3166 sdata_info(sdata,
3167 "%pM rejected association temporarily; comeback duration %u TU (%u ms)\n",
3168 mgmt->sa, tu, ms);
3169 assoc_data->timeout = jiffies + msecs_to_jiffies(ms);
3170 assoc_data->timeout_started = true;
3171 if (ms > IEEE80211_ASSOC_TIMEOUT)
3172 run_again(sdata, assoc_data->timeout);
3173 return;
3174 }
3175
3176 bss = assoc_data->bss;
3177
3178 if (status_code != WLAN_STATUS_SUCCESS) {
3179 sdata_info(sdata, "%pM denied association (code=%d)\n",
3180 mgmt->sa, status_code);
3181 ieee80211_destroy_assoc_data(sdata, false);
3182 event.u.mlme.status = MLME_DENIED;
3183 event.u.mlme.reason = status_code;
3184 drv_event_callback(sdata->local, sdata, &event);
3185 } else {
3186 if (!ieee80211_assoc_success(sdata, bss, mgmt, len)) {
3187
3188 ieee80211_destroy_assoc_data(sdata, false);
3189 cfg80211_assoc_timeout(sdata->dev, bss);
3190 return;
3191 }
3192 event.u.mlme.status = MLME_SUCCESS;
3193 drv_event_callback(sdata->local, sdata, &event);
3194 sdata_info(sdata, "associated\n");
3195
3196
3197
3198
3199
3200
3201 ieee80211_destroy_assoc_data(sdata, true);
3202
3203
3204 uapsd_queues = 0;
3205 for (ac = 0; ac < IEEE80211_NUM_ACS; ac++)
3206 if (sdata->tx_conf[ac].uapsd)
3207 uapsd_queues |= BIT(ac);
3208 }
3209
3210 cfg80211_rx_assoc_resp(sdata->dev, bss, (u8 *)mgmt, len, uapsd_queues);
3211}
3212
3213static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata,
3214 struct ieee80211_mgmt *mgmt, size_t len,
3215 struct ieee80211_rx_status *rx_status,
3216 struct ieee802_11_elems *elems)
3217{
3218 struct ieee80211_local *local = sdata->local;
3219 struct ieee80211_bss *bss;
3220 struct ieee80211_channel *channel;
3221
3222 sdata_assert_lock(sdata);
3223
3224 channel = ieee80211_get_channel(local->hw.wiphy, rx_status->freq);
3225 if (!channel)
3226 return;
3227
3228 bss = ieee80211_bss_info_update(local, rx_status, mgmt, len, elems,
3229 channel);
3230 if (bss) {
3231 sdata->vif.bss_conf.beacon_rate = bss->beacon_rate;
3232 ieee80211_rx_bss_put(local, bss);
3233 }
3234}
3235
3236
3237static void ieee80211_rx_mgmt_probe_resp(struct ieee80211_sub_if_data *sdata,
3238 struct sk_buff *skb)
3239{
3240 struct ieee80211_mgmt *mgmt = (void *)skb->data;
3241 struct ieee80211_if_managed *ifmgd;
3242 struct ieee80211_rx_status *rx_status = (void *) skb->cb;
3243 size_t baselen, len = skb->len;
3244 struct ieee802_11_elems elems;
3245
3246 ifmgd = &sdata->u.mgd;
3247
3248 sdata_assert_lock(sdata);
3249
3250 if (!ether_addr_equal(mgmt->da, sdata->vif.addr))
3251 return;
3252
3253 baselen = (u8 *) mgmt->u.probe_resp.variable - (u8 *) mgmt;
3254 if (baselen > len)
3255 return;
3256
3257 ieee802_11_parse_elems(mgmt->u.probe_resp.variable, len - baselen,
3258 false, &elems);
3259
3260 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems);
3261
3262 if (ifmgd->associated &&
3263 ether_addr_equal(mgmt->bssid, ifmgd->associated->bssid))
3264 ieee80211_reset_ap_probe(sdata);
3265
3266 if (ifmgd->auth_data && !ifmgd->auth_data->bss->proberesp_ies &&
3267 ether_addr_equal(mgmt->bssid, ifmgd->auth_data->bss->bssid)) {
3268
3269 sdata_info(sdata, "direct probe responded\n");
3270 ifmgd->auth_data->tries = 0;
3271 ifmgd->auth_data->timeout = jiffies;
3272 ifmgd->auth_data->timeout_started = true;
3273 run_again(sdata, ifmgd->auth_data->timeout);
3274 }
3275}
3276
3277
3278
3279
3280
3281
3282
3283
3284
3285
3286
3287
3288
3289
3290
3291
3292static const u64 care_about_ies =
3293 (1ULL << WLAN_EID_COUNTRY) |
3294 (1ULL << WLAN_EID_ERP_INFO) |
3295 (1ULL << WLAN_EID_CHANNEL_SWITCH) |
3296 (1ULL << WLAN_EID_PWR_CONSTRAINT) |
3297 (1ULL << WLAN_EID_HT_CAPABILITY) |
3298 (1ULL << WLAN_EID_HT_OPERATION) |
3299 (1ULL << WLAN_EID_EXT_CHANSWITCH_ANN);
3300
3301static void ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata,
3302 struct ieee80211_mgmt *mgmt, size_t len,
3303 struct ieee80211_rx_status *rx_status)
3304{
3305 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
3306 struct ieee80211_bss_conf *bss_conf = &sdata->vif.bss_conf;
3307 size_t baselen;
3308 struct ieee802_11_elems elems;
3309 struct ieee80211_local *local = sdata->local;
3310 struct ieee80211_chanctx_conf *chanctx_conf;
3311 struct ieee80211_channel *chan;
3312 struct sta_info *sta;
3313 u32 changed = 0;
3314 bool erp_valid;
3315 u8 erp_value = 0;
3316 u32 ncrc;
3317 u8 *bssid;
3318 u8 deauth_buf[IEEE80211_DEAUTH_FRAME_LEN];
3319
3320 sdata_assert_lock(sdata);
3321
3322
3323 baselen = (u8 *) mgmt->u.beacon.variable - (u8 *) mgmt;
3324 if (baselen > len)
3325 return;
3326
3327 rcu_read_lock();
3328 chanctx_conf = rcu_dereference(sdata->vif.chanctx_conf);
3329 if (!chanctx_conf) {
3330 rcu_read_unlock();
3331 return;
3332 }
3333
3334 if (rx_status->freq != chanctx_conf->def.chan->center_freq) {
3335 rcu_read_unlock();
3336 return;
3337 }
3338 chan = chanctx_conf->def.chan;
3339 rcu_read_unlock();
3340
3341 if (ifmgd->assoc_data && ifmgd->assoc_data->need_beacon &&
3342 ether_addr_equal(mgmt->bssid, ifmgd->assoc_data->bss->bssid)) {
3343 ieee802_11_parse_elems(mgmt->u.beacon.variable,
3344 len - baselen, false, &elems);
3345
3346 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems);
3347 if (elems.tim && !elems.parse_error) {
3348 const struct ieee80211_tim_ie *tim_ie = elems.tim;
3349 ifmgd->dtim_period = tim_ie->dtim_period;
3350 }
3351 ifmgd->have_beacon = true;
3352 ifmgd->assoc_data->need_beacon = false;
3353 if (ieee80211_hw_check(&local->hw, TIMING_BEACON_ONLY)) {
3354 sdata->vif.bss_conf.sync_tsf =
3355 le64_to_cpu(mgmt->u.beacon.timestamp);
3356 sdata->vif.bss_conf.sync_device_ts =
3357 rx_status->device_timestamp;
3358 if (elems.tim)
3359 sdata->vif.bss_conf.sync_dtim_count =
3360 elems.tim->dtim_count;
3361 else
3362 sdata->vif.bss_conf.sync_dtim_count = 0;
3363 }
3364
3365 ifmgd->assoc_data->timeout = jiffies;
3366 ifmgd->assoc_data->timeout_started = true;
3367 run_again(sdata, ifmgd->assoc_data->timeout);
3368 return;
3369 }
3370
3371 if (!ifmgd->associated ||
3372 !ether_addr_equal(mgmt->bssid, ifmgd->associated->bssid))
3373 return;
3374 bssid = ifmgd->associated->bssid;
3375
3376
3377 ifmgd->last_beacon_signal = rx_status->signal;
3378 if (ifmgd->flags & IEEE80211_STA_RESET_SIGNAL_AVE) {
3379 ifmgd->flags &= ~IEEE80211_STA_RESET_SIGNAL_AVE;
3380 ifmgd->ave_beacon_signal = rx_status->signal * 16;
3381 ifmgd->last_cqm_event_signal = 0;
3382 ifmgd->count_beacon_signal = 1;
3383 ifmgd->last_ave_beacon_signal = 0;
3384 } else {
3385 ifmgd->ave_beacon_signal =
3386 (IEEE80211_SIGNAL_AVE_WEIGHT * rx_status->signal * 16 +
3387 (16 - IEEE80211_SIGNAL_AVE_WEIGHT) *
3388 ifmgd->ave_beacon_signal) / 16;
3389 ifmgd->count_beacon_signal++;
3390 }
3391
3392 if (ifmgd->rssi_min_thold != ifmgd->rssi_max_thold &&
3393 ifmgd->count_beacon_signal >= IEEE80211_SIGNAL_AVE_MIN_COUNT) {
3394 int sig = ifmgd->ave_beacon_signal;
3395 int last_sig = ifmgd->last_ave_beacon_signal;
3396 struct ieee80211_event event = {
3397 .type = RSSI_EVENT,
3398 };
3399
3400
3401
3402
3403
3404 if (sig > ifmgd->rssi_max_thold &&
3405 (last_sig <= ifmgd->rssi_min_thold || last_sig == 0)) {
3406 ifmgd->last_ave_beacon_signal = sig;
3407 event.u.rssi.data = RSSI_EVENT_HIGH;
3408 drv_event_callback(local, sdata, &event);
3409 } else if (sig < ifmgd->rssi_min_thold &&
3410 (last_sig >= ifmgd->rssi_max_thold ||
3411 last_sig == 0)) {
3412 ifmgd->last_ave_beacon_signal = sig;
3413 event.u.rssi.data = RSSI_EVENT_LOW;
3414 drv_event_callback(local, sdata, &event);
3415 }
3416 }
3417
3418 if (bss_conf->cqm_rssi_thold &&
3419 ifmgd->count_beacon_signal >= IEEE80211_SIGNAL_AVE_MIN_COUNT &&
3420 !(sdata->vif.driver_flags & IEEE80211_VIF_SUPPORTS_CQM_RSSI)) {
3421 int sig = ifmgd->ave_beacon_signal / 16;
3422 int last_event = ifmgd->last_cqm_event_signal;
3423 int thold = bss_conf->cqm_rssi_thold;
3424 int hyst = bss_conf->cqm_rssi_hyst;
3425 if (sig < thold &&
3426 (last_event == 0 || sig < last_event - hyst)) {
3427 ifmgd->last_cqm_event_signal = sig;
3428 ieee80211_cqm_rssi_notify(
3429 &sdata->vif,
3430 NL80211_CQM_RSSI_THRESHOLD_EVENT_LOW,
3431 GFP_KERNEL);
3432 } else if (sig > thold &&
3433 (last_event == 0 || sig > last_event + hyst)) {
3434 ifmgd->last_cqm_event_signal = sig;
3435 ieee80211_cqm_rssi_notify(
3436 &sdata->vif,
3437 NL80211_CQM_RSSI_THRESHOLD_EVENT_HIGH,
3438 GFP_KERNEL);
3439 }
3440 }
3441
3442 if (ifmgd->flags & IEEE80211_STA_CONNECTION_POLL) {
3443 mlme_dbg_ratelimited(sdata,
3444 "cancelling AP probe due to a received beacon\n");
3445 ieee80211_reset_ap_probe(sdata);
3446 }
3447
3448
3449
3450
3451
3452 ieee80211_sta_reset_beacon_monitor(sdata);
3453
3454 ncrc = crc32_be(0, (void *)&mgmt->u.beacon.beacon_int, 4);
3455 ncrc = ieee802_11_parse_elems_crc(mgmt->u.beacon.variable,
3456 len - baselen, false, &elems,
3457 care_about_ies, ncrc);
3458
3459 if (ieee80211_hw_check(&local->hw, PS_NULLFUNC_STACK)) {
3460 bool directed_tim = ieee80211_check_tim(elems.tim,
3461 elems.tim_len,
3462 ifmgd->aid);
3463 if (directed_tim) {
3464 if (local->hw.conf.dynamic_ps_timeout > 0) {
3465 if (local->hw.conf.flags & IEEE80211_CONF_PS) {
3466 local->hw.conf.flags &= ~IEEE80211_CONF_PS;
3467 ieee80211_hw_config(local,
3468 IEEE80211_CONF_CHANGE_PS);
3469 }
3470 ieee80211_send_nullfunc(local, sdata, 0);
3471 } else if (!local->pspolling && sdata->u.mgd.powersave) {
3472 local->pspolling = true;
3473
3474
3475
3476
3477
3478
3479
3480
3481
3482 ieee80211_send_pspoll(local, sdata);
3483 }
3484 }
3485 }
3486
3487 if (sdata->vif.p2p) {
3488 struct ieee80211_p2p_noa_attr noa = {};
3489 int ret;
3490
3491 ret = cfg80211_get_p2p_attr(mgmt->u.beacon.variable,
3492 len - baselen,
3493 IEEE80211_P2P_ATTR_ABSENCE_NOTICE,
3494 (u8 *) &noa, sizeof(noa));
3495 if (ret >= 2) {
3496 if (sdata->u.mgd.p2p_noa_index != noa.index) {
3497
3498 sdata->u.mgd.p2p_noa_index = noa.index;
3499 memcpy(&bss_conf->p2p_noa_attr, &noa, sizeof(noa));
3500 changed |= BSS_CHANGED_P2P_PS;
3501
3502
3503
3504
3505 ifmgd->beacon_crc_valid = false;
3506 }
3507 } else if (sdata->u.mgd.p2p_noa_index != -1) {
3508
3509 sdata->u.mgd.p2p_noa_index = -1;
3510 memset(&bss_conf->p2p_noa_attr, 0, sizeof(bss_conf->p2p_noa_attr));
3511 changed |= BSS_CHANGED_P2P_PS;
3512 ifmgd->beacon_crc_valid = false;
3513 }
3514 }
3515
3516 if (ifmgd->csa_waiting_bcn)
3517 ieee80211_chswitch_post_beacon(sdata);
3518
3519
3520
3521
3522
3523
3524
3525
3526
3527 if (ieee80211_hw_check(&local->hw, TIMING_BEACON_ONLY)) {
3528 sdata->vif.bss_conf.sync_tsf =
3529 le64_to_cpu(mgmt->u.beacon.timestamp);
3530 sdata->vif.bss_conf.sync_device_ts =
3531 rx_status->device_timestamp;
3532 if (elems.tim)
3533 sdata->vif.bss_conf.sync_dtim_count =
3534 elems.tim->dtim_count;
3535 else
3536 sdata->vif.bss_conf.sync_dtim_count = 0;
3537 }
3538
3539 if (ncrc == ifmgd->beacon_crc && ifmgd->beacon_crc_valid)
3540 return;
3541 ifmgd->beacon_crc = ncrc;
3542 ifmgd->beacon_crc_valid = true;
3543
3544 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems);
3545
3546 ieee80211_sta_process_chanswitch(sdata, rx_status->mactime,
3547 rx_status->device_timestamp,
3548 &elems, true);
3549
3550 if (!(ifmgd->flags & IEEE80211_STA_DISABLE_WMM) &&
3551 ieee80211_sta_wmm_params(local, sdata, elems.wmm_param,
3552 elems.wmm_param_len))
3553 changed |= BSS_CHANGED_QOS;
3554
3555
3556
3557
3558
3559 if (!ifmgd->have_beacon) {
3560
3561 if (elems.tim)
3562 bss_conf->dtim_period = elems.tim->dtim_period ?: 1;
3563 else
3564 bss_conf->dtim_period = 1;
3565
3566 changed |= BSS_CHANGED_BEACON_INFO;
3567 ifmgd->have_beacon = true;
3568
3569 mutex_lock(&local->iflist_mtx);
3570 ieee80211_recalc_ps(local, -1);
3571 mutex_unlock(&local->iflist_mtx);
3572
3573 ieee80211_recalc_ps_vif(sdata);
3574 }
3575
3576 if (elems.erp_info) {
3577 erp_valid = true;
3578 erp_value = elems.erp_info[0];
3579 } else {
3580 erp_valid = false;
3581 }
3582 changed |= ieee80211_handle_bss_capability(sdata,
3583 le16_to_cpu(mgmt->u.beacon.capab_info),
3584 erp_valid, erp_value);
3585
3586 mutex_lock(&local->sta_mtx);
3587 sta = sta_info_get(sdata, bssid);
3588
3589 if (ieee80211_config_bw(sdata, sta,
3590 elems.ht_cap_elem, elems.ht_operation,
3591 elems.vht_operation, bssid, &changed)) {
3592 mutex_unlock(&local->sta_mtx);
3593 ieee80211_set_disassoc(sdata, IEEE80211_STYPE_DEAUTH,
3594 WLAN_REASON_DEAUTH_LEAVING,
3595 true, deauth_buf);
3596 ieee80211_report_disconnect(sdata, deauth_buf,
3597 sizeof(deauth_buf), true,
3598 WLAN_REASON_DEAUTH_LEAVING);
3599 return;
3600 }
3601
3602 if (sta && elems.opmode_notif)
3603 ieee80211_vht_handle_opmode(sdata, sta, *elems.opmode_notif,
3604 rx_status->band, true);
3605 mutex_unlock(&local->sta_mtx);
3606
3607 changed |= ieee80211_handle_pwr_constr(sdata, chan, mgmt,
3608 elems.country_elem,
3609 elems.country_elem_len,
3610 elems.pwr_constr_elem,
3611 elems.cisco_dtpc_elem);
3612
3613 ieee80211_bss_info_change_notify(sdata, changed);
3614}
3615
3616void ieee80211_sta_rx_queued_mgmt(struct ieee80211_sub_if_data *sdata,
3617 struct sk_buff *skb)
3618{
3619 struct ieee80211_rx_status *rx_status;
3620 struct ieee80211_mgmt *mgmt;
3621 u16 fc;
3622 struct ieee802_11_elems elems;
3623 int ies_len;
3624
3625 rx_status = (struct ieee80211_rx_status *) skb->cb;
3626 mgmt = (struct ieee80211_mgmt *) skb->data;
3627 fc = le16_to_cpu(mgmt->frame_control);
3628
3629 sdata_lock(sdata);
3630
3631 switch (fc & IEEE80211_FCTL_STYPE) {
3632 case IEEE80211_STYPE_BEACON:
3633 ieee80211_rx_mgmt_beacon(sdata, mgmt, skb->len, rx_status);
3634 break;
3635 case IEEE80211_STYPE_PROBE_RESP:
3636 ieee80211_rx_mgmt_probe_resp(sdata, skb);
3637 break;
3638 case IEEE80211_STYPE_AUTH:
3639 ieee80211_rx_mgmt_auth(sdata, mgmt, skb->len);
3640 break;
3641 case IEEE80211_STYPE_DEAUTH:
3642 ieee80211_rx_mgmt_deauth(sdata, mgmt, skb->len);
3643 break;
3644 case IEEE80211_STYPE_DISASSOC:
3645 ieee80211_rx_mgmt_disassoc(sdata, mgmt, skb->len);
3646 break;
3647 case IEEE80211_STYPE_ASSOC_RESP:
3648 case IEEE80211_STYPE_REASSOC_RESP:
3649 ieee80211_rx_mgmt_assoc_resp(sdata, mgmt, skb->len);
3650 break;
3651 case IEEE80211_STYPE_ACTION:
3652 if (mgmt->u.action.category == WLAN_CATEGORY_SPECTRUM_MGMT) {
3653 ies_len = skb->len -
3654 offsetof(struct ieee80211_mgmt,
3655 u.action.u.chan_switch.variable);
3656
3657 if (ies_len < 0)
3658 break;
3659
3660 ieee802_11_parse_elems(
3661 mgmt->u.action.u.chan_switch.variable,
3662 ies_len, true, &elems);
3663
3664 if (elems.parse_error)
3665 break;
3666
3667 ieee80211_sta_process_chanswitch(sdata,
3668 rx_status->mactime,
3669 rx_status->device_timestamp,
3670 &elems, false);
3671 } else if (mgmt->u.action.category == WLAN_CATEGORY_PUBLIC) {
3672 ies_len = skb->len -
3673 offsetof(struct ieee80211_mgmt,
3674 u.action.u.ext_chan_switch.variable);
3675
3676 if (ies_len < 0)
3677 break;
3678
3679 ieee802_11_parse_elems(
3680 mgmt->u.action.u.ext_chan_switch.variable,
3681 ies_len, true, &elems);
3682
3683 if (elems.parse_error)
3684 break;
3685
3686
3687 elems.ext_chansw_ie =
3688 &mgmt->u.action.u.ext_chan_switch.data;
3689
3690 ieee80211_sta_process_chanswitch(sdata,
3691 rx_status->mactime,
3692 rx_status->device_timestamp,
3693 &elems, false);
3694 }
3695 break;
3696 }
3697 sdata_unlock(sdata);
3698}
3699
3700static void ieee80211_sta_timer(unsigned long data)
3701{
3702 struct ieee80211_sub_if_data *sdata =
3703 (struct ieee80211_sub_if_data *) data;
3704
3705 ieee80211_queue_work(&sdata->local->hw, &sdata->work);
3706}
3707
3708static void ieee80211_sta_connection_lost(struct ieee80211_sub_if_data *sdata,
3709 u8 *bssid, u8 reason, bool tx)
3710{
3711 u8 frame_buf[IEEE80211_DEAUTH_FRAME_LEN];
3712
3713 ieee80211_set_disassoc(sdata, IEEE80211_STYPE_DEAUTH, reason,
3714 tx, frame_buf);
3715
3716 ieee80211_report_disconnect(sdata, frame_buf, sizeof(frame_buf), true,
3717 reason);
3718}
3719
3720static int ieee80211_probe_auth(struct ieee80211_sub_if_data *sdata)
3721{
3722 struct ieee80211_local *local = sdata->local;
3723 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
3724 struct ieee80211_mgd_auth_data *auth_data = ifmgd->auth_data;
3725 u32 tx_flags = 0;
3726
3727 sdata_assert_lock(sdata);
3728
3729 if (WARN_ON_ONCE(!auth_data))
3730 return -EINVAL;
3731
3732 auth_data->tries++;
3733
3734 if (auth_data->tries > IEEE80211_AUTH_MAX_TRIES) {
3735 sdata_info(sdata, "authentication with %pM timed out\n",
3736 auth_data->bss->bssid);
3737
3738
3739
3740
3741
3742 cfg80211_unlink_bss(local->hw.wiphy, auth_data->bss);
3743
3744 return -ETIMEDOUT;
3745 }
3746
3747 drv_mgd_prepare_tx(local, sdata);
3748
3749 if (auth_data->bss->proberesp_ies) {
3750 u16 trans = 1;
3751 u16 status = 0;
3752
3753 sdata_info(sdata, "send auth to %pM (try %d/%d)\n",
3754 auth_data->bss->bssid, auth_data->tries,
3755 IEEE80211_AUTH_MAX_TRIES);
3756
3757 auth_data->expected_transaction = 2;
3758
3759 if (auth_data->algorithm == WLAN_AUTH_SAE) {
3760 trans = auth_data->sae_trans;
3761 status = auth_data->sae_status;
3762 auth_data->expected_transaction = trans;
3763 }
3764
3765 if (ieee80211_hw_check(&local->hw, REPORTS_TX_ACK_STATUS))
3766 tx_flags = IEEE80211_TX_CTL_REQ_TX_STATUS |
3767 IEEE80211_TX_INTFL_MLME_CONN_TX;
3768
3769 ieee80211_send_auth(sdata, trans, auth_data->algorithm, status,
3770 auth_data->data, auth_data->data_len,
3771 auth_data->bss->bssid,
3772 auth_data->bss->bssid, NULL, 0, 0,
3773 tx_flags);
3774 } else {
3775 const u8 *ssidie;
3776
3777 sdata_info(sdata, "direct probe to %pM (try %d/%i)\n",
3778 auth_data->bss->bssid, auth_data->tries,
3779 IEEE80211_AUTH_MAX_TRIES);
3780
3781 rcu_read_lock();
3782 ssidie = ieee80211_bss_get_ie(auth_data->bss, WLAN_EID_SSID);
3783 if (!ssidie) {
3784 rcu_read_unlock();
3785 return -EINVAL;
3786 }
3787
3788
3789
3790
3791 ieee80211_send_probe_req(sdata, sdata->vif.addr, NULL,
3792 ssidie + 2, ssidie[1],
3793 NULL, 0, (u32) -1, true, 0,
3794 auth_data->bss->channel, false);
3795 rcu_read_unlock();
3796 }
3797
3798 if (tx_flags == 0) {
3799 auth_data->timeout = jiffies + IEEE80211_AUTH_TIMEOUT;
3800 auth_data->timeout_started = true;
3801 run_again(sdata, auth_data->timeout);
3802 } else {
3803 auth_data->timeout =
3804 round_jiffies_up(jiffies + IEEE80211_AUTH_TIMEOUT_LONG);
3805 auth_data->timeout_started = true;
3806 run_again(sdata, auth_data->timeout);
3807 }
3808
3809 return 0;
3810}
3811
3812static int ieee80211_do_assoc(struct ieee80211_sub_if_data *sdata)
3813{
3814 struct ieee80211_mgd_assoc_data *assoc_data = sdata->u.mgd.assoc_data;
3815 struct ieee80211_local *local = sdata->local;
3816
3817 sdata_assert_lock(sdata);
3818
3819 assoc_data->tries++;
3820 if (assoc_data->tries > IEEE80211_ASSOC_MAX_TRIES) {
3821 sdata_info(sdata, "association with %pM timed out\n",
3822 assoc_data->bss->bssid);
3823
3824
3825
3826
3827
3828 cfg80211_unlink_bss(local->hw.wiphy, assoc_data->bss);
3829
3830 return -ETIMEDOUT;
3831 }
3832
3833 sdata_info(sdata, "associate with %pM (try %d/%d)\n",
3834 assoc_data->bss->bssid, assoc_data->tries,
3835 IEEE80211_ASSOC_MAX_TRIES);
3836 ieee80211_send_assoc(sdata);
3837
3838 if (!ieee80211_hw_check(&local->hw, REPORTS_TX_ACK_STATUS)) {
3839 assoc_data->timeout = jiffies + IEEE80211_ASSOC_TIMEOUT;
3840 assoc_data->timeout_started = true;
3841 run_again(sdata, assoc_data->timeout);
3842 } else {
3843 assoc_data->timeout =
3844 round_jiffies_up(jiffies +
3845 IEEE80211_ASSOC_TIMEOUT_LONG);
3846 assoc_data->timeout_started = true;
3847 run_again(sdata, assoc_data->timeout);
3848 }
3849
3850 return 0;
3851}
3852
3853void ieee80211_mgd_conn_tx_status(struct ieee80211_sub_if_data *sdata,
3854 __le16 fc, bool acked)
3855{
3856 struct ieee80211_local *local = sdata->local;
3857
3858 sdata->u.mgd.status_fc = fc;
3859 sdata->u.mgd.status_acked = acked;
3860 sdata->u.mgd.status_received = true;
3861
3862 ieee80211_queue_work(&local->hw, &sdata->work);
3863}
3864
3865void ieee80211_sta_work(struct ieee80211_sub_if_data *sdata)
3866{
3867 struct ieee80211_local *local = sdata->local;
3868 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
3869
3870 sdata_lock(sdata);
3871
3872 if (ifmgd->status_received) {
3873 __le16 fc = ifmgd->status_fc;
3874 bool status_acked = ifmgd->status_acked;
3875
3876 ifmgd->status_received = false;
3877 if (ifmgd->auth_data &&
3878 (ieee80211_is_probe_req(fc) || ieee80211_is_auth(fc))) {
3879 if (status_acked) {
3880 ifmgd->auth_data->timeout =
3881 jiffies + IEEE80211_AUTH_TIMEOUT_SHORT;
3882 run_again(sdata, ifmgd->auth_data->timeout);
3883 } else {
3884 ifmgd->auth_data->timeout = jiffies - 1;
3885 }
3886 ifmgd->auth_data->timeout_started = true;
3887 } else if (ifmgd->assoc_data &&
3888 (ieee80211_is_assoc_req(fc) ||
3889 ieee80211_is_reassoc_req(fc))) {
3890 if (status_acked) {
3891 ifmgd->assoc_data->timeout =
3892 jiffies + IEEE80211_ASSOC_TIMEOUT_SHORT;
3893 run_again(sdata, ifmgd->assoc_data->timeout);
3894 } else {
3895 ifmgd->assoc_data->timeout = jiffies - 1;
3896 }
3897 ifmgd->assoc_data->timeout_started = true;
3898 }
3899 }
3900
3901 if (ifmgd->auth_data && ifmgd->auth_data->timeout_started &&
3902 time_after(jiffies, ifmgd->auth_data->timeout)) {
3903 if (ifmgd->auth_data->done) {
3904
3905
3906
3907
3908 ieee80211_destroy_auth_data(sdata, false);
3909 } else if (ieee80211_probe_auth(sdata)) {
3910 u8 bssid[ETH_ALEN];
3911 struct ieee80211_event event = {
3912 .type = MLME_EVENT,
3913 .u.mlme.data = AUTH_EVENT,
3914 .u.mlme.status = MLME_TIMEOUT,
3915 };
3916
3917 memcpy(bssid, ifmgd->auth_data->bss->bssid, ETH_ALEN);
3918
3919 ieee80211_destroy_auth_data(sdata, false);
3920
3921 cfg80211_auth_timeout(sdata->dev, bssid);
3922 drv_event_callback(sdata->local, sdata, &event);
3923 }
3924 } else if (ifmgd->auth_data && ifmgd->auth_data->timeout_started)
3925 run_again(sdata, ifmgd->auth_data->timeout);
3926
3927 if (ifmgd->assoc_data && ifmgd->assoc_data->timeout_started &&
3928 time_after(jiffies, ifmgd->assoc_data->timeout)) {
3929 if ((ifmgd->assoc_data->need_beacon && !ifmgd->have_beacon) ||
3930 ieee80211_do_assoc(sdata)) {
3931 struct cfg80211_bss *bss = ifmgd->assoc_data->bss;
3932 struct ieee80211_event event = {
3933 .type = MLME_EVENT,
3934 .u.mlme.data = ASSOC_EVENT,
3935 .u.mlme.status = MLME_TIMEOUT,
3936 };
3937
3938 ieee80211_destroy_assoc_data(sdata, false);
3939 cfg80211_assoc_timeout(sdata->dev, bss);
3940 drv_event_callback(sdata->local, sdata, &event);
3941 }
3942 } else if (ifmgd->assoc_data && ifmgd->assoc_data->timeout_started)
3943 run_again(sdata, ifmgd->assoc_data->timeout);
3944
3945 if (ifmgd->flags & IEEE80211_STA_CONNECTION_POLL &&
3946 ifmgd->associated) {
3947 u8 bssid[ETH_ALEN];
3948 int max_tries;
3949
3950 memcpy(bssid, ifmgd->associated->bssid, ETH_ALEN);
3951
3952 if (ieee80211_hw_check(&local->hw, REPORTS_TX_ACK_STATUS))
3953 max_tries = max_nullfunc_tries;
3954 else
3955 max_tries = max_probe_tries;
3956
3957
3958 if (!ifmgd->probe_send_count)
3959 ieee80211_reset_ap_probe(sdata);
3960 else if (ifmgd->nullfunc_failed) {
3961 if (ifmgd->probe_send_count < max_tries) {
3962 mlme_dbg(sdata,
3963 "No ack for nullfunc frame to AP %pM, try %d/%i\n",
3964 bssid, ifmgd->probe_send_count,
3965 max_tries);
3966 ieee80211_mgd_probe_ap_send(sdata);
3967 } else {
3968 mlme_dbg(sdata,
3969 "No ack for nullfunc frame to AP %pM, disconnecting.\n",
3970 bssid);
3971 ieee80211_sta_connection_lost(sdata, bssid,
3972 WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY,
3973 false);
3974 }
3975 } else if (time_is_after_jiffies(ifmgd->probe_timeout))
3976 run_again(sdata, ifmgd->probe_timeout);
3977 else if (ieee80211_hw_check(&local->hw, REPORTS_TX_ACK_STATUS)) {
3978 mlme_dbg(sdata,
3979 "Failed to send nullfunc to AP %pM after %dms, disconnecting\n",
3980 bssid, probe_wait_ms);
3981 ieee80211_sta_connection_lost(sdata, bssid,
3982 WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY, false);
3983 } else if (ifmgd->probe_send_count < max_tries) {
3984 mlme_dbg(sdata,
3985 "No probe response from AP %pM after %dms, try %d/%i\n",
3986 bssid, probe_wait_ms,
3987 ifmgd->probe_send_count, max_tries);
3988 ieee80211_mgd_probe_ap_send(sdata);
3989 } else {
3990
3991
3992
3993
3994 wiphy_debug(local->hw.wiphy,
3995 "%s: No probe response from AP %pM"
3996 " after %dms, disconnecting.\n",
3997 sdata->name,
3998 bssid, probe_wait_ms);
3999
4000 ieee80211_sta_connection_lost(sdata, bssid,
4001 WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY, false);
4002 }
4003 }
4004
4005 sdata_unlock(sdata);
4006}
4007
4008static void ieee80211_sta_bcn_mon_timer(unsigned long data)
4009{
4010 struct ieee80211_sub_if_data *sdata =
4011 (struct ieee80211_sub_if_data *) data;
4012 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
4013
4014 if (sdata->vif.csa_active && !ifmgd->csa_waiting_bcn)
4015 return;
4016
4017 sdata->u.mgd.connection_loss = false;
4018 ieee80211_queue_work(&sdata->local->hw,
4019 &sdata->u.mgd.beacon_connection_loss_work);
4020}
4021
4022static void ieee80211_sta_conn_mon_timer(unsigned long data)
4023{
4024 struct ieee80211_sub_if_data *sdata =
4025 (struct ieee80211_sub_if_data *) data;
4026 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
4027 struct ieee80211_local *local = sdata->local;
4028
4029 if (sdata->vif.csa_active && !ifmgd->csa_waiting_bcn)
4030 return;
4031
4032 ieee80211_queue_work(&local->hw, &ifmgd->monitor_work);
4033}
4034
4035static void ieee80211_sta_monitor_work(struct work_struct *work)
4036{
4037 struct ieee80211_sub_if_data *sdata =
4038 container_of(work, struct ieee80211_sub_if_data,
4039 u.mgd.monitor_work);
4040
4041 ieee80211_mgd_probe_ap(sdata, false);
4042}
4043
4044static void ieee80211_restart_sta_timer(struct ieee80211_sub_if_data *sdata)
4045{
4046 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
4047 __ieee80211_stop_poll(sdata);
4048
4049
4050 if (!ieee80211_hw_check(&sdata->local->hw, CONNECTION_MONITOR))
4051 ieee80211_queue_work(&sdata->local->hw,
4052 &sdata->u.mgd.monitor_work);
4053
4054 ieee80211_queue_work(&sdata->local->hw, &sdata->work);
4055 }
4056}
4057
4058#ifdef CONFIG_PM
4059void ieee80211_mgd_quiesce(struct ieee80211_sub_if_data *sdata)
4060{
4061 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
4062 u8 frame_buf[IEEE80211_DEAUTH_FRAME_LEN];
4063
4064 sdata_lock(sdata);
4065
4066 if (ifmgd->auth_data || ifmgd->assoc_data) {
4067 const u8 *bssid = ifmgd->auth_data ?
4068 ifmgd->auth_data->bss->bssid :
4069 ifmgd->assoc_data->bss->bssid;
4070
4071
4072
4073
4074
4075
4076 ieee80211_send_deauth_disassoc(sdata, bssid,
4077 IEEE80211_STYPE_DEAUTH,
4078 WLAN_REASON_DEAUTH_LEAVING,
4079 false, frame_buf);
4080 if (ifmgd->assoc_data)
4081 ieee80211_destroy_assoc_data(sdata, false);
4082 if (ifmgd->auth_data)
4083 ieee80211_destroy_auth_data(sdata, false);
4084 cfg80211_tx_mlme_mgmt(sdata->dev, frame_buf,
4085 IEEE80211_DEAUTH_FRAME_LEN);
4086 }
4087
4088
4089
4090
4091
4092
4093
4094
4095
4096
4097
4098
4099
4100
4101
4102
4103
4104
4105 if (ifmgd->associated && !sdata->local->wowlan) {
4106 u8 bssid[ETH_ALEN];
4107 struct cfg80211_deauth_request req = {
4108 .reason_code = WLAN_REASON_DEAUTH_LEAVING,
4109 .bssid = bssid,
4110 };
4111
4112 memcpy(bssid, ifmgd->associated->bssid, ETH_ALEN);
4113 ieee80211_mgd_deauth(sdata, &req);
4114 }
4115
4116 sdata_unlock(sdata);
4117}
4118
4119void ieee80211_sta_restart(struct ieee80211_sub_if_data *sdata)
4120{
4121 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
4122
4123 sdata_lock(sdata);
4124 if (!ifmgd->associated) {
4125 sdata_unlock(sdata);
4126 return;
4127 }
4128
4129 if (sdata->flags & IEEE80211_SDATA_DISCONNECT_RESUME) {
4130 sdata->flags &= ~IEEE80211_SDATA_DISCONNECT_RESUME;
4131 mlme_dbg(sdata, "driver requested disconnect after resume\n");
4132 ieee80211_sta_connection_lost(sdata,
4133 ifmgd->associated->bssid,
4134 WLAN_REASON_UNSPECIFIED,
4135 true);
4136 sdata_unlock(sdata);
4137 return;
4138 }
4139 sdata_unlock(sdata);
4140}
4141#endif
4142
4143
4144void ieee80211_sta_setup_sdata(struct ieee80211_sub_if_data *sdata)
4145{
4146 struct ieee80211_if_managed *ifmgd;
4147
4148 ifmgd = &sdata->u.mgd;
4149 INIT_WORK(&ifmgd->monitor_work, ieee80211_sta_monitor_work);
4150 INIT_WORK(&ifmgd->chswitch_work, ieee80211_chswitch_work);
4151 INIT_WORK(&ifmgd->beacon_connection_loss_work,
4152 ieee80211_beacon_connection_loss_work);
4153 INIT_WORK(&ifmgd->csa_connection_drop_work,
4154 ieee80211_csa_connection_drop_work);
4155 INIT_WORK(&ifmgd->request_smps_work, ieee80211_request_smps_mgd_work);
4156 INIT_DELAYED_WORK(&ifmgd->tdls_peer_del_work,
4157 ieee80211_tdls_peer_del_work);
4158 setup_timer(&ifmgd->timer, ieee80211_sta_timer,
4159 (unsigned long) sdata);
4160 setup_timer(&ifmgd->bcn_mon_timer, ieee80211_sta_bcn_mon_timer,
4161 (unsigned long) sdata);
4162 setup_timer(&ifmgd->conn_mon_timer, ieee80211_sta_conn_mon_timer,
4163 (unsigned long) sdata);
4164 setup_timer(&ifmgd->chswitch_timer, ieee80211_chswitch_timer,
4165 (unsigned long) sdata);
4166 INIT_DELAYED_WORK(&ifmgd->tx_tspec_wk,
4167 ieee80211_sta_handle_tspec_ac_params_wk);
4168
4169 ifmgd->flags = 0;
4170 ifmgd->powersave = sdata->wdev.ps;
4171 ifmgd->uapsd_queues = sdata->local->hw.uapsd_queues;
4172 ifmgd->uapsd_max_sp_len = sdata->local->hw.uapsd_max_sp_len;
4173 ifmgd->p2p_noa_index = -1;
4174
4175 if (sdata->local->hw.wiphy->features & NL80211_FEATURE_DYNAMIC_SMPS)
4176 ifmgd->req_smps = IEEE80211_SMPS_AUTOMATIC;
4177 else
4178 ifmgd->req_smps = IEEE80211_SMPS_OFF;
4179
4180
4181 spin_lock_init(&ifmgd->teardown_lock);
4182 ifmgd->teardown_skb = NULL;
4183 ifmgd->orig_teardown_skb = NULL;
4184}
4185
4186
4187void ieee80211_mlme_notify_scan_completed(struct ieee80211_local *local)
4188{
4189 struct ieee80211_sub_if_data *sdata;
4190
4191
4192 rcu_read_lock();
4193 list_for_each_entry_rcu(sdata, &local->interfaces, list) {
4194 if (ieee80211_sdata_running(sdata))
4195 ieee80211_restart_sta_timer(sdata);
4196 }
4197 rcu_read_unlock();
4198}
4199
4200int ieee80211_max_network_latency(struct notifier_block *nb,
4201 unsigned long data, void *dummy)
4202{
4203 s32 latency_usec = (s32) data;
4204 struct ieee80211_local *local =
4205 container_of(nb, struct ieee80211_local,
4206 network_latency_notifier);
4207
4208 mutex_lock(&local->iflist_mtx);
4209 ieee80211_recalc_ps(local, latency_usec);
4210 mutex_unlock(&local->iflist_mtx);
4211
4212 return NOTIFY_OK;
4213}
4214
4215static u8 ieee80211_ht_vht_rx_chains(struct ieee80211_sub_if_data *sdata,
4216 struct cfg80211_bss *cbss)
4217{
4218 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
4219 const u8 *ht_cap_ie, *vht_cap_ie;
4220 const struct ieee80211_ht_cap *ht_cap;
4221 const struct ieee80211_vht_cap *vht_cap;
4222 u8 chains = 1;
4223
4224 if (ifmgd->flags & IEEE80211_STA_DISABLE_HT)
4225 return chains;
4226
4227 ht_cap_ie = ieee80211_bss_get_ie(cbss, WLAN_EID_HT_CAPABILITY);
4228 if (ht_cap_ie && ht_cap_ie[1] >= sizeof(*ht_cap)) {
4229 ht_cap = (void *)(ht_cap_ie + 2);
4230 chains = ieee80211_mcs_to_chains(&ht_cap->mcs);
4231
4232
4233
4234
4235 }
4236
4237 if (ifmgd->flags & IEEE80211_STA_DISABLE_VHT)
4238 return chains;
4239
4240 vht_cap_ie = ieee80211_bss_get_ie(cbss, WLAN_EID_VHT_CAPABILITY);
4241 if (vht_cap_ie && vht_cap_ie[1] >= sizeof(*vht_cap)) {
4242 u8 nss;
4243 u16 tx_mcs_map;
4244
4245 vht_cap = (void *)(vht_cap_ie + 2);
4246 tx_mcs_map = le16_to_cpu(vht_cap->supp_mcs.tx_mcs_map);
4247 for (nss = 8; nss > 0; nss--) {
4248 if (((tx_mcs_map >> (2 * (nss - 1))) & 3) !=
4249 IEEE80211_VHT_MCS_NOT_SUPPORTED)
4250 break;
4251 }
4252
4253 chains = max(chains, nss);
4254 }
4255
4256 return chains;
4257}
4258
4259static int ieee80211_prep_channel(struct ieee80211_sub_if_data *sdata,
4260 struct cfg80211_bss *cbss)
4261{
4262 struct ieee80211_local *local = sdata->local;
4263 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
4264 const struct ieee80211_ht_cap *ht_cap = NULL;
4265 const struct ieee80211_ht_operation *ht_oper = NULL;
4266 const struct ieee80211_vht_operation *vht_oper = NULL;
4267 struct ieee80211_supported_band *sband;
4268 struct cfg80211_chan_def chandef;
4269 int ret;
4270 u32 i;
4271 bool have_80mhz;
4272
4273 sband = local->hw.wiphy->bands[cbss->channel->band];
4274
4275 ifmgd->flags &= ~(IEEE80211_STA_DISABLE_40MHZ |
4276 IEEE80211_STA_DISABLE_80P80MHZ |
4277 IEEE80211_STA_DISABLE_160MHZ);
4278
4279 rcu_read_lock();
4280
4281 if (!(ifmgd->flags & IEEE80211_STA_DISABLE_HT) &&
4282 sband->ht_cap.ht_supported) {
4283 const u8 *ht_oper_ie, *ht_cap_ie;
4284
4285 ht_oper_ie = ieee80211_bss_get_ie(cbss, WLAN_EID_HT_OPERATION);
4286 if (ht_oper_ie && ht_oper_ie[1] >= sizeof(*ht_oper))
4287 ht_oper = (void *)(ht_oper_ie + 2);
4288
4289 ht_cap_ie = ieee80211_bss_get_ie(cbss, WLAN_EID_HT_CAPABILITY);
4290 if (ht_cap_ie && ht_cap_ie[1] >= sizeof(*ht_cap))
4291 ht_cap = (void *)(ht_cap_ie + 2);
4292
4293 if (!ht_cap) {
4294 ifmgd->flags |= IEEE80211_STA_DISABLE_HT;
4295 ht_oper = NULL;
4296 }
4297 }
4298
4299 if (!(ifmgd->flags & IEEE80211_STA_DISABLE_VHT) &&
4300 sband->vht_cap.vht_supported) {
4301 const u8 *vht_oper_ie, *vht_cap;
4302
4303 vht_oper_ie = ieee80211_bss_get_ie(cbss,
4304 WLAN_EID_VHT_OPERATION);
4305 if (vht_oper_ie && vht_oper_ie[1] >= sizeof(*vht_oper))
4306 vht_oper = (void *)(vht_oper_ie + 2);
4307 if (vht_oper && !ht_oper) {
4308 vht_oper = NULL;
4309 sdata_info(sdata,
4310 "AP advertised VHT without HT, disabling both\n");
4311 ifmgd->flags |= IEEE80211_STA_DISABLE_HT;
4312 ifmgd->flags |= IEEE80211_STA_DISABLE_VHT;
4313 }
4314
4315 vht_cap = ieee80211_bss_get_ie(cbss, WLAN_EID_VHT_CAPABILITY);
4316 if (!vht_cap || vht_cap[1] < sizeof(struct ieee80211_vht_cap)) {
4317 ifmgd->flags |= IEEE80211_STA_DISABLE_VHT;
4318 vht_oper = NULL;
4319 }
4320 }
4321
4322
4323 have_80mhz = false;
4324 for (i = 0; i < sband->n_channels; i++) {
4325 if (sband->channels[i].flags & (IEEE80211_CHAN_DISABLED |
4326 IEEE80211_CHAN_NO_80MHZ))
4327 continue;
4328
4329 have_80mhz = true;
4330 break;
4331 }
4332
4333 if (!have_80mhz)
4334 ifmgd->flags |= IEEE80211_STA_DISABLE_VHT;
4335
4336 ifmgd->flags |= ieee80211_determine_chantype(sdata, sband,
4337 cbss->channel,
4338 ht_cap, ht_oper, vht_oper,
4339 &chandef, false);
4340
4341 sdata->needed_rx_chains = min(ieee80211_ht_vht_rx_chains(sdata, cbss),
4342 local->rx_chains);
4343
4344 rcu_read_unlock();
4345
4346
4347 sdata->smps_mode = IEEE80211_SMPS_OFF;
4348
4349 mutex_lock(&local->mtx);
4350
4351
4352
4353
4354
4355 ret = ieee80211_vif_use_channel(sdata, &chandef,
4356 IEEE80211_CHANCTX_SHARED);
4357
4358
4359 if (chandef.width == NL80211_CHAN_WIDTH_5 ||
4360 chandef.width == NL80211_CHAN_WIDTH_10)
4361 goto out;
4362
4363 while (ret && chandef.width != NL80211_CHAN_WIDTH_20_NOHT) {
4364 ifmgd->flags |= ieee80211_chandef_downgrade(&chandef);
4365 ret = ieee80211_vif_use_channel(sdata, &chandef,
4366 IEEE80211_CHANCTX_SHARED);
4367 }
4368 out:
4369 mutex_unlock(&local->mtx);
4370 return ret;
4371}
4372
4373static int ieee80211_prep_connection(struct ieee80211_sub_if_data *sdata,
4374 struct cfg80211_bss *cbss, bool assoc,
4375 bool override)
4376{
4377 struct ieee80211_local *local = sdata->local;
4378 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
4379 struct ieee80211_bss *bss = (void *)cbss->priv;
4380 struct sta_info *new_sta = NULL;
4381 struct ieee80211_supported_band *sband;
4382 bool have_sta = false;
4383 int err;
4384
4385 sband = local->hw.wiphy->bands[cbss->channel->band];
4386
4387 if (WARN_ON(!ifmgd->auth_data && !ifmgd->assoc_data))
4388 return -EINVAL;
4389
4390 if (assoc) {
4391 rcu_read_lock();
4392 have_sta = sta_info_get(sdata, cbss->bssid);
4393 rcu_read_unlock();
4394 }
4395
4396 if (!have_sta) {
4397 new_sta = sta_info_alloc(sdata, cbss->bssid, GFP_KERNEL);
4398 if (!new_sta)
4399 return -ENOMEM;
4400 }
4401
4402 if (new_sta || override) {
4403 err = ieee80211_prep_channel(sdata, cbss);
4404 if (err) {
4405 if (new_sta)
4406 sta_info_free(local, new_sta);
4407 return -EINVAL;
4408 }
4409 }
4410
4411 if (new_sta) {
4412 u32 rates = 0, basic_rates = 0;
4413 bool have_higher_than_11mbit;
4414 int min_rate = INT_MAX, min_rate_index = -1;
4415 struct ieee80211_chanctx_conf *chanctx_conf;
4416 const struct cfg80211_bss_ies *ies;
4417 int shift = ieee80211_vif_get_shift(&sdata->vif);
4418 u32 rate_flags;
4419
4420 rcu_read_lock();
4421 chanctx_conf = rcu_dereference(sdata->vif.chanctx_conf);
4422 if (WARN_ON(!chanctx_conf)) {
4423 rcu_read_unlock();
4424 sta_info_free(local, new_sta);
4425 return -EINVAL;
4426 }
4427 rate_flags = ieee80211_chandef_rate_flags(&chanctx_conf->def);
4428 rcu_read_unlock();
4429
4430 ieee80211_get_rates(sband, bss->supp_rates,
4431 bss->supp_rates_len,
4432 &rates, &basic_rates,
4433 &have_higher_than_11mbit,
4434 &min_rate, &min_rate_index,
4435 shift, rate_flags);
4436
4437
4438
4439
4440
4441
4442
4443
4444
4445 if (!basic_rates && min_rate_index >= 0) {
4446 sdata_info(sdata,
4447 "No basic rates, using min rate instead\n");
4448 basic_rates = BIT(min_rate_index);
4449 }
4450
4451 new_sta->sta.supp_rates[cbss->channel->band] = rates;
4452 sdata->vif.bss_conf.basic_rates = basic_rates;
4453
4454
4455 if (cbss->channel->band == IEEE80211_BAND_2GHZ &&
4456 have_higher_than_11mbit)
4457 sdata->flags |= IEEE80211_SDATA_OPERATING_GMODE;
4458 else
4459 sdata->flags &= ~IEEE80211_SDATA_OPERATING_GMODE;
4460
4461 memcpy(ifmgd->bssid, cbss->bssid, ETH_ALEN);
4462
4463
4464 sdata->vif.bss_conf.beacon_int = cbss->beacon_interval;
4465 rcu_read_lock();
4466 ies = rcu_dereference(cbss->beacon_ies);
4467 if (ies) {
4468 const u8 *tim_ie;
4469
4470 sdata->vif.bss_conf.sync_tsf = ies->tsf;
4471 sdata->vif.bss_conf.sync_device_ts =
4472 bss->device_ts_beacon;
4473 tim_ie = cfg80211_find_ie(WLAN_EID_TIM,
4474 ies->data, ies->len);
4475 if (tim_ie && tim_ie[1] >= 2)
4476 sdata->vif.bss_conf.sync_dtim_count = tim_ie[2];
4477 else
4478 sdata->vif.bss_conf.sync_dtim_count = 0;
4479 } else if (!ieee80211_hw_check(&sdata->local->hw,
4480 TIMING_BEACON_ONLY)) {
4481 ies = rcu_dereference(cbss->proberesp_ies);
4482
4483 sdata->vif.bss_conf.sync_tsf = ies->tsf;
4484 sdata->vif.bss_conf.sync_device_ts =
4485 bss->device_ts_presp;
4486 sdata->vif.bss_conf.sync_dtim_count = 0;
4487 } else {
4488 sdata->vif.bss_conf.sync_tsf = 0;
4489 sdata->vif.bss_conf.sync_device_ts = 0;
4490 sdata->vif.bss_conf.sync_dtim_count = 0;
4491 }
4492 rcu_read_unlock();
4493
4494
4495 ieee80211_bss_info_change_notify(sdata,
4496 BSS_CHANGED_BSSID | BSS_CHANGED_BASIC_RATES |
4497 BSS_CHANGED_BEACON_INT);
4498
4499 if (assoc)
4500 sta_info_pre_move_state(new_sta, IEEE80211_STA_AUTH);
4501
4502 err = sta_info_insert(new_sta);
4503 new_sta = NULL;
4504 if (err) {
4505 sdata_info(sdata,
4506 "failed to insert STA entry for the AP (error %d)\n",
4507 err);
4508 return err;
4509 }
4510 } else
4511 WARN_ON_ONCE(!ether_addr_equal(ifmgd->bssid, cbss->bssid));
4512
4513
4514 if (local->scanning)
4515 ieee80211_scan_cancel(local);
4516
4517 return 0;
4518}
4519
4520
4521int ieee80211_mgd_auth(struct ieee80211_sub_if_data *sdata,
4522 struct cfg80211_auth_request *req)
4523{
4524 struct ieee80211_local *local = sdata->local;
4525 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
4526 struct ieee80211_mgd_auth_data *auth_data;
4527 u16 auth_alg;
4528 int err;
4529
4530
4531
4532 switch (req->auth_type) {
4533 case NL80211_AUTHTYPE_OPEN_SYSTEM:
4534 auth_alg = WLAN_AUTH_OPEN;
4535 break;
4536 case NL80211_AUTHTYPE_SHARED_KEY:
4537 if (IS_ERR(local->wep_tx_tfm))
4538 return -EOPNOTSUPP;
4539 auth_alg = WLAN_AUTH_SHARED_KEY;
4540 break;
4541 case NL80211_AUTHTYPE_FT:
4542 auth_alg = WLAN_AUTH_FT;
4543 break;
4544 case NL80211_AUTHTYPE_NETWORK_EAP:
4545 auth_alg = WLAN_AUTH_LEAP;
4546 break;
4547 case NL80211_AUTHTYPE_SAE:
4548 auth_alg = WLAN_AUTH_SAE;
4549 break;
4550 default:
4551 return -EOPNOTSUPP;
4552 }
4553
4554 auth_data = kzalloc(sizeof(*auth_data) + req->sae_data_len +
4555 req->ie_len, GFP_KERNEL);
4556 if (!auth_data)
4557 return -ENOMEM;
4558
4559 auth_data->bss = req->bss;
4560
4561 if (req->sae_data_len >= 4) {
4562 __le16 *pos = (__le16 *) req->sae_data;
4563 auth_data->sae_trans = le16_to_cpu(pos[0]);
4564 auth_data->sae_status = le16_to_cpu(pos[1]);
4565 memcpy(auth_data->data, req->sae_data + 4,
4566 req->sae_data_len - 4);
4567 auth_data->data_len += req->sae_data_len - 4;
4568 }
4569
4570 if (req->ie && req->ie_len) {
4571 memcpy(&auth_data->data[auth_data->data_len],
4572 req->ie, req->ie_len);
4573 auth_data->data_len += req->ie_len;
4574 }
4575
4576 if (req->key && req->key_len) {
4577 auth_data->key_len = req->key_len;
4578 auth_data->key_idx = req->key_idx;
4579 memcpy(auth_data->key, req->key, req->key_len);
4580 }
4581
4582 auth_data->algorithm = auth_alg;
4583
4584
4585
4586 if ((ifmgd->auth_data && !ifmgd->auth_data->done) ||
4587 ifmgd->assoc_data) {
4588 err = -EBUSY;
4589 goto err_free;
4590 }
4591
4592 if (ifmgd->auth_data)
4593 ieee80211_destroy_auth_data(sdata, false);
4594
4595
4596 ifmgd->auth_data = auth_data;
4597
4598 if (ifmgd->associated) {
4599 u8 frame_buf[IEEE80211_DEAUTH_FRAME_LEN];
4600
4601 ieee80211_set_disassoc(sdata, IEEE80211_STYPE_DEAUTH,
4602 WLAN_REASON_UNSPECIFIED,
4603 false, frame_buf);
4604
4605 ieee80211_report_disconnect(sdata, frame_buf,
4606 sizeof(frame_buf), true,
4607 WLAN_REASON_UNSPECIFIED);
4608 }
4609
4610 sdata_info(sdata, "authenticate with %pM\n", req->bss->bssid);
4611
4612 err = ieee80211_prep_connection(sdata, req->bss, false, false);
4613 if (err)
4614 goto err_clear;
4615
4616 err = ieee80211_probe_auth(sdata);
4617 if (err) {
4618 sta_info_destroy_addr(sdata, req->bss->bssid);
4619 goto err_clear;
4620 }
4621
4622
4623 cfg80211_ref_bss(local->hw.wiphy, auth_data->bss);
4624 return 0;
4625
4626 err_clear:
4627 eth_zero_addr(ifmgd->bssid);
4628 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BSSID);
4629 ifmgd->auth_data = NULL;
4630 mutex_lock(&sdata->local->mtx);
4631 ieee80211_vif_release_channel(sdata);
4632 mutex_unlock(&sdata->local->mtx);
4633 err_free:
4634 kfree(auth_data);
4635 return err;
4636}
4637
4638static bool ieee80211_usable_wmm_params(struct ieee80211_sub_if_data *sdata,
4639 const u8 *wmm_param, int len)
4640{
4641 const u8 *pos;
4642 size_t left;
4643
4644 if (len < 8)
4645 return false;
4646
4647 if (wmm_param[5] != 1 )
4648 return false;
4649
4650 pos = wmm_param + 8;
4651 left = len - 8;
4652
4653 for (; left >= 4; left -= 4, pos += 4) {
4654 u8 aifsn = pos[0] & 0x0f;
4655 u8 ecwmin = pos[1] & 0x0f;
4656 u8 ecwmax = (pos[1] & 0xf0) >> 4;
4657 int aci = (pos[0] >> 5) & 0x03;
4658
4659 if (aifsn < 2) {
4660 sdata_info(sdata,
4661 "AP has invalid WMM params (AIFSN=%d for ACI %d), disabling WMM\n",
4662 aifsn, aci);
4663 return false;
4664 }
4665 if (ecwmin > ecwmax) {
4666 sdata_info(sdata,
4667 "AP has invalid WMM params (ECWmin/max=%d/%d for ACI %d), disabling WMM\n",
4668 ecwmin, ecwmax, aci);
4669 return false;
4670 }
4671 }
4672
4673 return true;
4674}
4675
4676int ieee80211_mgd_assoc(struct ieee80211_sub_if_data *sdata,
4677 struct cfg80211_assoc_request *req)
4678{
4679 struct ieee80211_local *local = sdata->local;
4680 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
4681 struct ieee80211_bss *bss = (void *)req->bss->priv;
4682 struct ieee80211_mgd_assoc_data *assoc_data;
4683 const struct cfg80211_bss_ies *beacon_ies;
4684 struct ieee80211_supported_band *sband;
4685 const u8 *ssidie, *ht_ie, *vht_ie;
4686 int i, err;
4687 bool override = false;
4688
4689 assoc_data = kzalloc(sizeof(*assoc_data) + req->ie_len, GFP_KERNEL);
4690 if (!assoc_data)
4691 return -ENOMEM;
4692
4693 rcu_read_lock();
4694 ssidie = ieee80211_bss_get_ie(req->bss, WLAN_EID_SSID);
4695 if (!ssidie) {
4696 rcu_read_unlock();
4697 kfree(assoc_data);
4698 return -EINVAL;
4699 }
4700 memcpy(assoc_data->ssid, ssidie + 2, ssidie[1]);
4701 assoc_data->ssid_len = ssidie[1];
4702 rcu_read_unlock();
4703
4704 if (ifmgd->associated) {
4705 u8 frame_buf[IEEE80211_DEAUTH_FRAME_LEN];
4706
4707 ieee80211_set_disassoc(sdata, IEEE80211_STYPE_DEAUTH,
4708 WLAN_REASON_UNSPECIFIED,
4709 false, frame_buf);
4710
4711 ieee80211_report_disconnect(sdata, frame_buf,
4712 sizeof(frame_buf), true,
4713 WLAN_REASON_UNSPECIFIED);
4714 }
4715
4716 if (ifmgd->auth_data && !ifmgd->auth_data->done) {
4717 err = -EBUSY;
4718 goto err_free;
4719 }
4720
4721 if (ifmgd->assoc_data) {
4722 err = -EBUSY;
4723 goto err_free;
4724 }
4725
4726 if (ifmgd->auth_data) {
4727 bool match;
4728
4729
4730 match = ether_addr_equal(ifmgd->bssid, req->bss->bssid);
4731 ieee80211_destroy_auth_data(sdata, match);
4732 }
4733
4734
4735
4736 ifmgd->beacon_crc_valid = false;
4737
4738 assoc_data->wmm = bss->wmm_used &&
4739 (local->hw.queues >= IEEE80211_NUM_ACS);
4740 if (assoc_data->wmm) {
4741
4742 const struct cfg80211_bss_ies *ies;
4743 const u8 *wp, *start, *end;
4744
4745 rcu_read_lock();
4746 ies = rcu_dereference(req->bss->ies);
4747 start = ies->data;
4748 end = start + ies->len;
4749
4750 while (true) {
4751 wp = cfg80211_find_vendor_ie(
4752 WLAN_OUI_MICROSOFT,
4753 WLAN_OUI_TYPE_MICROSOFT_WMM,
4754 start, end - start);
4755 if (!wp)
4756 break;
4757 start = wp + wp[1] + 2;
4758
4759 if (wp[1] <= 4)
4760 continue;
4761
4762 if (wp[6] == 1)
4763 break;
4764 }
4765
4766 if (!wp || !ieee80211_usable_wmm_params(sdata, wp + 2,
4767 wp[1] - 2)) {
4768 assoc_data->wmm = false;
4769 ifmgd->flags |= IEEE80211_STA_DISABLE_WMM;
4770 }
4771 rcu_read_unlock();
4772 }
4773
4774
4775
4776
4777
4778
4779
4780
4781 for (i = 0; i < req->crypto.n_ciphers_pairwise; i++) {
4782 if (req->crypto.ciphers_pairwise[i] == WLAN_CIPHER_SUITE_WEP40 ||
4783 req->crypto.ciphers_pairwise[i] == WLAN_CIPHER_SUITE_TKIP ||
4784 req->crypto.ciphers_pairwise[i] == WLAN_CIPHER_SUITE_WEP104) {
4785 ifmgd->flags |= IEEE80211_STA_DISABLE_HT;
4786 ifmgd->flags |= IEEE80211_STA_DISABLE_VHT;
4787 netdev_info(sdata->dev,
4788 "disabling HT/VHT due to WEP/TKIP use\n");
4789 }
4790 }
4791
4792
4793 sband = local->hw.wiphy->bands[req->bss->channel->band];
4794 if (!sband->ht_cap.ht_supported ||
4795 local->hw.queues < IEEE80211_NUM_ACS || !bss->wmm_used ||
4796 ifmgd->flags & IEEE80211_STA_DISABLE_WMM) {
4797 ifmgd->flags |= IEEE80211_STA_DISABLE_HT;
4798 if (!bss->wmm_used &&
4799 !(ifmgd->flags & IEEE80211_STA_DISABLE_WMM))
4800 netdev_info(sdata->dev,
4801 "disabling HT as WMM/QoS is not supported by the AP\n");
4802 }
4803
4804
4805 if (!sband->vht_cap.vht_supported ||
4806 local->hw.queues < IEEE80211_NUM_ACS || !bss->wmm_used ||
4807 ifmgd->flags & IEEE80211_STA_DISABLE_WMM) {
4808 ifmgd->flags |= IEEE80211_STA_DISABLE_VHT;
4809 if (!bss->wmm_used &&
4810 !(ifmgd->flags & IEEE80211_STA_DISABLE_WMM))
4811 netdev_info(sdata->dev,
4812 "disabling VHT as WMM/QoS is not supported by the AP\n");
4813 }
4814
4815 memcpy(&ifmgd->ht_capa, &req->ht_capa, sizeof(ifmgd->ht_capa));
4816 memcpy(&ifmgd->ht_capa_mask, &req->ht_capa_mask,
4817 sizeof(ifmgd->ht_capa_mask));
4818
4819 memcpy(&ifmgd->vht_capa, &req->vht_capa, sizeof(ifmgd->vht_capa));
4820 memcpy(&ifmgd->vht_capa_mask, &req->vht_capa_mask,
4821 sizeof(ifmgd->vht_capa_mask));
4822
4823 if (req->ie && req->ie_len) {
4824 memcpy(assoc_data->ie, req->ie, req->ie_len);
4825 assoc_data->ie_len = req->ie_len;
4826 }
4827
4828 assoc_data->bss = req->bss;
4829
4830 if (ifmgd->req_smps == IEEE80211_SMPS_AUTOMATIC) {
4831 if (ifmgd->powersave)
4832 sdata->smps_mode = IEEE80211_SMPS_DYNAMIC;
4833 else
4834 sdata->smps_mode = IEEE80211_SMPS_OFF;
4835 } else
4836 sdata->smps_mode = ifmgd->req_smps;
4837
4838 assoc_data->capability = req->bss->capability;
4839 assoc_data->supp_rates = bss->supp_rates;
4840 assoc_data->supp_rates_len = bss->supp_rates_len;
4841
4842 rcu_read_lock();
4843 ht_ie = ieee80211_bss_get_ie(req->bss, WLAN_EID_HT_OPERATION);
4844 if (ht_ie && ht_ie[1] >= sizeof(struct ieee80211_ht_operation))
4845 assoc_data->ap_ht_param =
4846 ((struct ieee80211_ht_operation *)(ht_ie + 2))->ht_param;
4847 else
4848 ifmgd->flags |= IEEE80211_STA_DISABLE_HT;
4849 vht_ie = ieee80211_bss_get_ie(req->bss, WLAN_EID_VHT_CAPABILITY);
4850 if (vht_ie && vht_ie[1] >= sizeof(struct ieee80211_vht_cap))
4851 memcpy(&assoc_data->ap_vht_cap, vht_ie + 2,
4852 sizeof(struct ieee80211_vht_cap));
4853 else
4854 ifmgd->flags |= IEEE80211_STA_DISABLE_VHT;
4855 rcu_read_unlock();
4856
4857 if (WARN((sdata->vif.driver_flags & IEEE80211_VIF_SUPPORTS_UAPSD) &&
4858 ieee80211_hw_check(&local->hw, PS_NULLFUNC_STACK),
4859 "U-APSD not supported with HW_PS_NULLFUNC_STACK\n"))
4860 sdata->vif.driver_flags &= ~IEEE80211_VIF_SUPPORTS_UAPSD;
4861
4862 if (bss->wmm_used && bss->uapsd_supported &&
4863 (sdata->vif.driver_flags & IEEE80211_VIF_SUPPORTS_UAPSD)) {
4864 assoc_data->uapsd = true;
4865 ifmgd->flags |= IEEE80211_STA_UAPSD_ENABLED;
4866 } else {
4867 assoc_data->uapsd = false;
4868 ifmgd->flags &= ~IEEE80211_STA_UAPSD_ENABLED;
4869 }
4870
4871 if (req->prev_bssid)
4872 memcpy(assoc_data->prev_bssid, req->prev_bssid, ETH_ALEN);
4873
4874 if (req->use_mfp) {
4875 ifmgd->mfp = IEEE80211_MFP_REQUIRED;
4876 ifmgd->flags |= IEEE80211_STA_MFP_ENABLED;
4877 } else {
4878 ifmgd->mfp = IEEE80211_MFP_DISABLED;
4879 ifmgd->flags &= ~IEEE80211_STA_MFP_ENABLED;
4880 }
4881
4882 if (req->flags & ASSOC_REQ_USE_RRM)
4883 ifmgd->flags |= IEEE80211_STA_ENABLE_RRM;
4884 else
4885 ifmgd->flags &= ~IEEE80211_STA_ENABLE_RRM;
4886
4887 if (req->crypto.control_port)
4888 ifmgd->flags |= IEEE80211_STA_CONTROL_PORT;
4889 else
4890 ifmgd->flags &= ~IEEE80211_STA_CONTROL_PORT;
4891
4892 sdata->control_port_protocol = req->crypto.control_port_ethertype;
4893 sdata->control_port_no_encrypt = req->crypto.control_port_no_encrypt;
4894 sdata->encrypt_headroom = ieee80211_cs_headroom(local, &req->crypto,
4895 sdata->vif.type);
4896
4897
4898
4899 ifmgd->assoc_data = assoc_data;
4900 ifmgd->dtim_period = 0;
4901 ifmgd->have_beacon = false;
4902
4903
4904 if (!(ifmgd->flags & IEEE80211_STA_DISABLE_HT)) {
4905 struct ieee80211_sta_ht_cap sta_ht_cap;
4906
4907 if (req->flags & ASSOC_REQ_DISABLE_HT)
4908 override = true;
4909
4910 memcpy(&sta_ht_cap, &sband->ht_cap, sizeof(sta_ht_cap));
4911 ieee80211_apply_htcap_overrides(sdata, &sta_ht_cap);
4912
4913
4914 if (!(ifmgd->flags & IEEE80211_STA_DISABLE_40MHZ) &&
4915 sband->ht_cap.cap & IEEE80211_HT_CAP_SUP_WIDTH_20_40 &&
4916 !(sta_ht_cap.cap & IEEE80211_HT_CAP_SUP_WIDTH_20_40))
4917 override = true;
4918
4919 if (!(ifmgd->flags & IEEE80211_STA_DISABLE_VHT) &&
4920 req->flags & ASSOC_REQ_DISABLE_VHT)
4921 override = true;
4922 }
4923
4924 if (req->flags & ASSOC_REQ_DISABLE_HT) {
4925 ifmgd->flags |= IEEE80211_STA_DISABLE_HT;
4926 ifmgd->flags |= IEEE80211_STA_DISABLE_VHT;
4927 }
4928
4929 if (req->flags & ASSOC_REQ_DISABLE_VHT)
4930 ifmgd->flags |= IEEE80211_STA_DISABLE_VHT;
4931
4932 err = ieee80211_prep_connection(sdata, req->bss, true, override);
4933 if (err)
4934 goto err_clear;
4935
4936 rcu_read_lock();
4937 beacon_ies = rcu_dereference(req->bss->beacon_ies);
4938
4939 if (ieee80211_hw_check(&sdata->local->hw, NEED_DTIM_BEFORE_ASSOC) &&
4940 !beacon_ies) {
4941
4942
4943
4944
4945 sdata_info(sdata, "waiting for beacon from %pM\n",
4946 ifmgd->bssid);
4947 assoc_data->timeout = TU_TO_EXP_TIME(req->bss->beacon_interval);
4948 assoc_data->timeout_started = true;
4949 assoc_data->need_beacon = true;
4950 } else if (beacon_ies) {
4951 const u8 *tim_ie = cfg80211_find_ie(WLAN_EID_TIM,
4952 beacon_ies->data,
4953 beacon_ies->len);
4954 u8 dtim_count = 0;
4955
4956 if (tim_ie && tim_ie[1] >= sizeof(struct ieee80211_tim_ie)) {
4957 const struct ieee80211_tim_ie *tim;
4958 tim = (void *)(tim_ie + 2);
4959 ifmgd->dtim_period = tim->dtim_period;
4960 dtim_count = tim->dtim_count;
4961 }
4962 ifmgd->have_beacon = true;
4963 assoc_data->timeout = jiffies;
4964 assoc_data->timeout_started = true;
4965
4966 if (ieee80211_hw_check(&local->hw, TIMING_BEACON_ONLY)) {
4967 sdata->vif.bss_conf.sync_tsf = beacon_ies->tsf;
4968 sdata->vif.bss_conf.sync_device_ts =
4969 bss->device_ts_beacon;
4970 sdata->vif.bss_conf.sync_dtim_count = dtim_count;
4971 }
4972 } else {
4973 assoc_data->timeout = jiffies;
4974 assoc_data->timeout_started = true;
4975 }
4976 rcu_read_unlock();
4977
4978 run_again(sdata, assoc_data->timeout);
4979
4980 if (bss->corrupt_data) {
4981 char *corrupt_type = "data";
4982 if (bss->corrupt_data & IEEE80211_BSS_CORRUPT_BEACON) {
4983 if (bss->corrupt_data &
4984 IEEE80211_BSS_CORRUPT_PROBE_RESP)
4985 corrupt_type = "beacon and probe response";
4986 else
4987 corrupt_type = "beacon";
4988 } else if (bss->corrupt_data & IEEE80211_BSS_CORRUPT_PROBE_RESP)
4989 corrupt_type = "probe response";
4990 sdata_info(sdata, "associating with AP with corrupt %s\n",
4991 corrupt_type);
4992 }
4993
4994 return 0;
4995 err_clear:
4996 eth_zero_addr(ifmgd->bssid);
4997 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BSSID);
4998 ifmgd->assoc_data = NULL;
4999 err_free:
5000 kfree(assoc_data);
5001 return err;
5002}
5003
5004int ieee80211_mgd_deauth(struct ieee80211_sub_if_data *sdata,
5005 struct cfg80211_deauth_request *req)
5006{
5007 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
5008 u8 frame_buf[IEEE80211_DEAUTH_FRAME_LEN];
5009 bool tx = !req->local_state_change;
5010
5011 if (ifmgd->auth_data &&
5012 ether_addr_equal(ifmgd->auth_data->bss->bssid, req->bssid)) {
5013 sdata_info(sdata,
5014 "aborting authentication with %pM by local choice (Reason: %u=%s)\n",
5015 req->bssid, req->reason_code,
5016 ieee80211_get_reason_code_string(req->reason_code));
5017
5018 drv_mgd_prepare_tx(sdata->local, sdata);
5019 ieee80211_send_deauth_disassoc(sdata, req->bssid,
5020 IEEE80211_STYPE_DEAUTH,
5021 req->reason_code, tx,
5022 frame_buf);
5023 ieee80211_destroy_auth_data(sdata, false);
5024 ieee80211_report_disconnect(sdata, frame_buf,
5025 sizeof(frame_buf), true,
5026 req->reason_code);
5027
5028 return 0;
5029 }
5030
5031 if (ifmgd->associated &&
5032 ether_addr_equal(ifmgd->associated->bssid, req->bssid)) {
5033 sdata_info(sdata,
5034 "deauthenticating from %pM by local choice (Reason: %u=%s)\n",
5035 req->bssid, req->reason_code,
5036 ieee80211_get_reason_code_string(req->reason_code));
5037
5038 ieee80211_set_disassoc(sdata, IEEE80211_STYPE_DEAUTH,
5039 req->reason_code, tx, frame_buf);
5040 ieee80211_report_disconnect(sdata, frame_buf,
5041 sizeof(frame_buf), true,
5042 req->reason_code);
5043 return 0;
5044 }
5045
5046 return -ENOTCONN;
5047}
5048
5049int ieee80211_mgd_disassoc(struct ieee80211_sub_if_data *sdata,
5050 struct cfg80211_disassoc_request *req)
5051{
5052 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
5053 u8 bssid[ETH_ALEN];
5054 u8 frame_buf[IEEE80211_DEAUTH_FRAME_LEN];
5055
5056
5057
5058
5059
5060
5061
5062 if (ifmgd->associated != req->bss)
5063 return -ENOLINK;
5064
5065 sdata_info(sdata,
5066 "disassociating from %pM by local choice (Reason: %u=%s)\n",
5067 req->bss->bssid, req->reason_code, ieee80211_get_reason_code_string(req->reason_code));
5068
5069 memcpy(bssid, req->bss->bssid, ETH_ALEN);
5070 ieee80211_set_disassoc(sdata, IEEE80211_STYPE_DISASSOC,
5071 req->reason_code, !req->local_state_change,
5072 frame_buf);
5073
5074 ieee80211_report_disconnect(sdata, frame_buf, sizeof(frame_buf), true,
5075 req->reason_code);
5076
5077 return 0;
5078}
5079
5080void ieee80211_mgd_stop(struct ieee80211_sub_if_data *sdata)
5081{
5082 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
5083
5084
5085
5086
5087
5088
5089 cancel_work_sync(&ifmgd->monitor_work);
5090 cancel_work_sync(&ifmgd->beacon_connection_loss_work);
5091 cancel_work_sync(&ifmgd->request_smps_work);
5092 cancel_work_sync(&ifmgd->csa_connection_drop_work);
5093 cancel_work_sync(&ifmgd->chswitch_work);
5094 cancel_delayed_work_sync(&ifmgd->tdls_peer_del_work);
5095
5096 sdata_lock(sdata);
5097 if (ifmgd->assoc_data) {
5098 struct cfg80211_bss *bss = ifmgd->assoc_data->bss;
5099 ieee80211_destroy_assoc_data(sdata, false);
5100 cfg80211_assoc_timeout(sdata->dev, bss);
5101 }
5102 if (ifmgd->auth_data)
5103 ieee80211_destroy_auth_data(sdata, false);
5104 spin_lock_bh(&ifmgd->teardown_lock);
5105 if (ifmgd->teardown_skb) {
5106 kfree_skb(ifmgd->teardown_skb);
5107 ifmgd->teardown_skb = NULL;
5108 ifmgd->orig_teardown_skb = NULL;
5109 }
5110 spin_unlock_bh(&ifmgd->teardown_lock);
5111 del_timer_sync(&ifmgd->timer);
5112 sdata_unlock(sdata);
5113}
5114
5115void ieee80211_cqm_rssi_notify(struct ieee80211_vif *vif,
5116 enum nl80211_cqm_rssi_threshold_event rssi_event,
5117 gfp_t gfp)
5118{
5119 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
5120
5121 trace_api_cqm_rssi_notify(sdata, rssi_event);
5122
5123 cfg80211_cqm_rssi_notify(sdata->dev, rssi_event, gfp);
5124}
5125EXPORT_SYMBOL(ieee80211_cqm_rssi_notify);
5126
5127void ieee80211_cqm_beacon_loss_notify(struct ieee80211_vif *vif, gfp_t gfp)
5128{
5129 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
5130
5131 trace_api_cqm_beacon_loss_notify(sdata->local, sdata);
5132
5133 cfg80211_cqm_beacon_loss_notify(sdata->dev, gfp);
5134}
5135EXPORT_SYMBOL(ieee80211_cqm_beacon_loss_notify);
5136
