mlme.c 61.9 KB
Newer Older
1 2
/*
 * BSS client mode implementation
3
 * Copyright 2003-2008, Jouni Malinen <j@w1.fi>
4 5 6 7 8 9 10 11 12 13
 * Copyright 2004, Instant802 Networks, Inc.
 * Copyright 2005, Devicescape Software, Inc.
 * Copyright 2006-2007	Jiri Benc <jbenc@suse.cz>
 * Copyright 2007, Michael Wu <flamingice@sourmilk.net>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License version 2 as
 * published by the Free Software Foundation.
 */

14
#include <linux/delay.h>
15 16 17 18
#include <linux/if_ether.h>
#include <linux/skbuff.h>
#include <linux/if_arp.h>
#include <linux/etherdevice.h>
19
#include <linux/rtnetlink.h>
20
#include <linux/pm_qos_params.h>
21
#include <linux/crc32.h>
22
#include <net/mac80211.h>
23
#include <asm/unaligned.h>
Johannes Berg's avatar
Johannes Berg committed
24

25
#include "ieee80211_i.h"
26
#include "driver-ops.h"
Johannes Berg's avatar
Johannes Berg committed
27 28
#include "rate.h"
#include "led.h"
29

30
#define IEEE80211_MAX_PROBE_TRIES 5
31 32 33 34 35 36 37 38 39 40

/*
 * beacon loss detection timeout
 * XXX: should depend on beacon interval
 */
#define IEEE80211_BEACON_LOSS_TIME	(2 * HZ)
/*
 * Time the connection can be idle before we probe
 * it to see if we can still talk to the AP.
 */
41
#define IEEE80211_CONNECTION_IDLE_TIME	(30 * HZ)
42 43 44 45 46
/*
 * Time we wait for a probe response after sending
 * a probe request because of beacon loss or for
 * checking the connection still works.
 */
47
#define IEEE80211_PROBE_WAIT		(HZ / 2)
48

49 50 51 52 53 54 55
/*
 * Weight given to the latest Beacon frame when calculating average signal
 * strength for Beacon frames received in the current BSS. This must be
 * between 1 and 15.
 */
#define IEEE80211_SIGNAL_AVE_WEIGHT	3

56 57 58
#define TMR_RUNNING_TIMER	0
#define TMR_RUNNING_CHANSW	1

59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80
/*
 * All cfg80211 functions have to be called outside a locked
 * section so that they can acquire a lock themselves... This
 * is much simpler than queuing up things in cfg80211, but we
 * do need some indirection for that here.
 */
enum rx_mgmt_action {
	/* no action required */
	RX_MGMT_NONE,

	/* caller must call cfg80211_send_rx_auth() */
	RX_MGMT_CFG80211_AUTH,

	/* caller must call cfg80211_send_rx_assoc() */
	RX_MGMT_CFG80211_ASSOC,

	/* caller must call cfg80211_send_deauth() */
	RX_MGMT_CFG80211_DEAUTH,

	/* caller must call cfg80211_send_disassoc() */
	RX_MGMT_CFG80211_DISASSOC,

81 82
	/* caller must tell cfg80211 about internal error */
	RX_MGMT_CFG80211_ASSOC_ERROR,
83 84
};

85
/* utils */
86 87 88 89 90
static inline void ASSERT_MGD_MTX(struct ieee80211_if_managed *ifmgd)
{
	WARN_ON(!mutex_is_locked(&ifmgd->mtx));
}

Johannes Berg's avatar
Johannes Berg committed
91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110
/*
 * We can have multiple work items (and connection probing)
 * scheduling this timer, but we need to take care to only
 * reschedule it when it should fire _earlier_ than it was
 * asked for before, or if it's not pending right now. This
 * function ensures that. Note that it then is required to
 * run this function for all timeouts after the first one
 * has happened -- the work that runs from this timer will
 * do that.
 */
static void run_again(struct ieee80211_if_managed *ifmgd,
			     unsigned long timeout)
{
	ASSERT_MGD_MTX(ifmgd);

	if (!timer_pending(&ifmgd->timer) ||
	    time_before(timeout, ifmgd->timer.expires))
		mod_timer(&ifmgd->timer, timeout);
}

111 112 113 114 115 116 117 118 119
static void mod_beacon_timer(struct ieee80211_sub_if_data *sdata)
{
	if (sdata->local->hw.flags & IEEE80211_HW_BEACON_FILTER)
		return;

	mod_timer(&sdata->u.mgd.bcn_mon_timer,
		  round_jiffies_up(jiffies + IEEE80211_BEACON_LOSS_TIME));
}

120
static int ecw2cw(int ecw)
Johannes Berg's avatar
Johannes Berg committed
121
{
122
	return (1 << ecw) - 1;
Johannes Berg's avatar
Johannes Berg committed
123 124
}

125 126 127 128 129 130 131
/*
 * ieee80211_enable_ht should be called only after the operating band
 * has been determined as ht configuration depends on the hw's
 * HT abilities for a specific band.
 */
static u32 ieee80211_enable_ht(struct ieee80211_sub_if_data *sdata,
			       struct ieee80211_ht_info *hti,
132
			       const u8 *bssid, u16 ap_ht_cap_flags)
133 134 135 136 137
{
	struct ieee80211_local *local = sdata->local;
	struct ieee80211_supported_band *sband;
	struct sta_info *sta;
	u32 changed = 0;
138
	u16 ht_opmode;
139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160
	bool enable_ht = true, ht_changed;
	enum nl80211_channel_type channel_type = NL80211_CHAN_NO_HT;

	sband = local->hw.wiphy->bands[local->hw.conf.channel->band];

	/* HT is not supported */
	if (!sband->ht_cap.ht_supported)
		enable_ht = false;

	/* check that channel matches the right operating channel */
	if (local->hw.conf.channel->center_freq !=
	    ieee80211_channel_to_frequency(hti->control_chan))
		enable_ht = false;

	if (enable_ht) {
		channel_type = NL80211_CHAN_HT20;

		if (!(ap_ht_cap_flags & IEEE80211_HT_CAP_40MHZ_INTOLERANT) &&
		    (sband->ht_cap.cap & IEEE80211_HT_CAP_SUP_WIDTH_20_40) &&
		    (hti->ht_param & IEEE80211_HT_PARAM_CHAN_WIDTH_ANY)) {
			switch(hti->ht_param & IEEE80211_HT_PARAM_CHA_SEC_OFFSET) {
			case IEEE80211_HT_PARAM_CHA_SEC_ABOVE:
161 162 163
				if (!(local->hw.conf.channel->flags &
				    IEEE80211_CHAN_NO_HT40PLUS))
					channel_type = NL80211_CHAN_HT40PLUS;
164 165
				break;
			case IEEE80211_HT_PARAM_CHA_SEC_BELOW:
166 167 168
				if (!(local->hw.conf.channel->flags &
				    IEEE80211_CHAN_NO_HT40MINUS))
					channel_type = NL80211_CHAN_HT40MINUS;
169 170 171 172 173 174 175 176 177 178 179 180 181 182 183
				break;
			}
		}
	}

	ht_changed = conf_is_ht(&local->hw.conf) != enable_ht ||
		     channel_type != local->hw.conf.channel_type;

	local->oper_channel_type = channel_type;

	if (ht_changed) {
                /* channel_type change automatically detected */
		ieee80211_hw_config(local, 0);

		rcu_read_lock();
184
		sta = sta_info_get(sdata, bssid);
185 186
		if (sta)
			rate_control_rate_update(local, sband, sta,
187 188
						 IEEE80211_RC_HT_CHANGED,
						 local->oper_channel_type);
189 190 191 192 193 194 195
		rcu_read_unlock();
        }

	/* disable HT */
	if (!enable_ht)
		return 0;

196
	ht_opmode = le16_to_cpu(hti->operation_mode);
197 198

	/* if bss configuration changed store the new one */
199 200
	if (!sdata->ht_opmode_valid ||
	    sdata->vif.bss_conf.ht_operation_mode != ht_opmode) {
201
		changed |= BSS_CHANGED_HT;
202
		sdata->vif.bss_conf.ht_operation_mode = ht_opmode;
203
		sdata->ht_opmode_valid = true;
204 205 206 207 208
	}

	return changed;
}

209 210
/* frame sending functions */

211
static void ieee80211_send_deauth_disassoc(struct ieee80211_sub_if_data *sdata,
Johannes Berg's avatar
Johannes Berg committed
212
					   const u8 *bssid, u16 stype, u16 reason,
213
					   void *cookie, bool send_frame)
214 215
{
	struct ieee80211_local *local = sdata->local;
216
	struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
217 218
	struct sk_buff *skb;
	struct ieee80211_mgmt *mgmt;
219

220
	skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*mgmt));
221
	if (!skb) {
222
		printk(KERN_DEBUG "%s: failed to allocate buffer for "
223
		       "deauth/disassoc frame\n", sdata->name);
224 225 226 227 228 229
		return;
	}
	skb_reserve(skb, local->hw.extra_tx_headroom);

	mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
	memset(mgmt, 0, 24);
230
	memcpy(mgmt->da, bssid, ETH_ALEN);
231
	memcpy(mgmt->sa, sdata->vif.addr, ETH_ALEN);
232
	memcpy(mgmt->bssid, bssid, ETH_ALEN);
233
	mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | stype);
234
	skb_put(skb, 2);
235
	/* u.deauth.reason_code == u.disassoc.reason_code */
236 237
	mgmt->u.deauth.reason_code = cpu_to_le16(reason);

238
	if (stype == IEEE80211_STYPE_DEAUTH)
239 240 241 242
		if (cookie)
			__cfg80211_send_deauth(sdata->dev, (u8 *)mgmt, skb->len);
		else
			cfg80211_send_deauth(sdata->dev, (u8 *)mgmt, skb->len);
243
	else
244 245 246 247
		if (cookie)
			__cfg80211_send_disassoc(sdata->dev, (u8 *)mgmt, skb->len);
		else
			cfg80211_send_disassoc(sdata->dev, (u8 *)mgmt, skb->len);
248 249
	if (!(ifmgd->flags & IEEE80211_STA_MFP_ENABLED))
		IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT;
250 251 252 253 254

	if (send_frame)
		ieee80211_tx_skb(sdata, skb);
	else
		kfree_skb(skb);
255 256
}

257 258 259 260 261 262
void ieee80211_send_pspoll(struct ieee80211_local *local,
			   struct ieee80211_sub_if_data *sdata)
{
	struct ieee80211_pspoll *pspoll;
	struct sk_buff *skb;

263 264
	skb = ieee80211_pspoll_get(&local->hw, &sdata->vif);
	if (!skb)
265 266
		return;

267 268
	pspoll = (struct ieee80211_pspoll *) skb->data;
	pspoll->frame_control |= cpu_to_le16(IEEE80211_FCTL_PM);
269

270 271
	IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT;
	ieee80211_tx_skb(sdata, skb);
272 273
}

274 275 276 277 278
void ieee80211_send_nullfunc(struct ieee80211_local *local,
			     struct ieee80211_sub_if_data *sdata,
			     int powersave)
{
	struct sk_buff *skb;
279
	struct ieee80211_hdr_3addr *nullfunc;
280

281 282
	skb = ieee80211_nullfunc_get(&local->hw, &sdata->vif);
	if (!skb)
283 284
		return;

285
	nullfunc = (struct ieee80211_hdr_3addr *) skb->data;
286
	if (powersave)
287
		nullfunc->frame_control |= cpu_to_le16(IEEE80211_FCTL_PM);
288

289 290
	IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT;
	ieee80211_tx_skb(sdata, skb);
291 292
}

293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324
static void ieee80211_send_4addr_nullfunc(struct ieee80211_local *local,
					  struct ieee80211_sub_if_data *sdata)
{
	struct sk_buff *skb;
	struct ieee80211_hdr *nullfunc;
	__le16 fc;

	if (WARN_ON(sdata->vif.type != NL80211_IFTYPE_STATION))
		return;

	skb = dev_alloc_skb(local->hw.extra_tx_headroom + 30);
	if (!skb) {
		printk(KERN_DEBUG "%s: failed to allocate buffer for 4addr "
		       "nullfunc frame\n", sdata->name);
		return;
	}
	skb_reserve(skb, local->hw.extra_tx_headroom);

	nullfunc = (struct ieee80211_hdr *) skb_put(skb, 30);
	memset(nullfunc, 0, 30);
	fc = cpu_to_le16(IEEE80211_FTYPE_DATA | IEEE80211_STYPE_NULLFUNC |
			 IEEE80211_FCTL_FROMDS | IEEE80211_FCTL_TODS);
	nullfunc->frame_control = fc;
	memcpy(nullfunc->addr1, sdata->u.mgd.bssid, ETH_ALEN);
	memcpy(nullfunc->addr2, sdata->vif.addr, ETH_ALEN);
	memcpy(nullfunc->addr3, sdata->u.mgd.bssid, ETH_ALEN);
	memcpy(nullfunc->addr4, sdata->vif.addr, ETH_ALEN);

	IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT;
	ieee80211_tx_skb(sdata, skb);
}

325 326 327 328 329 330 331
/* spectrum management related things */
static void ieee80211_chswitch_work(struct work_struct *work)
{
	struct ieee80211_sub_if_data *sdata =
		container_of(work, struct ieee80211_sub_if_data, u.mgd.chswitch_work);
	struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;

332
	if (!ieee80211_sdata_running(sdata))
333 334
		return;

335 336 337
	mutex_lock(&ifmgd->mtx);
	if (!ifmgd->associated)
		goto out;
338 339

	sdata->local->oper_channel = sdata->local->csa_channel;
340 341
	ieee80211_hw_config(sdata->local, IEEE80211_CONF_CHANGE_CHANNEL);

342
	/* XXX: shouldn't really modify cfg80211-owned data! */
343
	ifmgd->associated->channel = sdata->local->oper_channel;
344 345 346

	ieee80211_wake_queues_by_reason(&sdata->local->hw,
					IEEE80211_QUEUE_STOP_REASON_CSA);
347 348 349
 out:
	ifmgd->flags &= ~IEEE80211_STA_CSA_RECEIVED;
	mutex_unlock(&ifmgd->mtx);
350 351 352 353 354 355 356 357
}

static void ieee80211_chswitch_timer(unsigned long data)
{
	struct ieee80211_sub_if_data *sdata =
		(struct ieee80211_sub_if_data *) data;
	struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;

358 359 360 361 362
	if (sdata->local->quiescing) {
		set_bit(TMR_RUNNING_CHANSW, &ifmgd->timers_running);
		return;
	}

363
	ieee80211_queue_work(&sdata->local->hw, &ifmgd->chswitch_work);
364 365 366 367 368 369
}

void ieee80211_sta_process_chanswitch(struct ieee80211_sub_if_data *sdata,
				      struct ieee80211_channel_sw_ie *sw_elem,
				      struct ieee80211_bss *bss)
{
370 371
	struct cfg80211_bss *cbss =
		container_of((void *)bss, struct cfg80211_bss, priv);
372 373 374 375
	struct ieee80211_channel *new_ch;
	struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
	int new_freq = ieee80211_channel_to_frequency(sw_elem->new_ch_num);

376 377 378
	ASSERT_MGD_MTX(ifmgd);

	if (!ifmgd->associated)
379 380
		return;

381
	if (sdata->local->scanning)
382 383 384 385 386 387 388 389 390 391 392 393 394 395 396
		return;

	/* Disregard subsequent beacons if we are already running a timer
	   processing a CSA */

	if (ifmgd->flags & IEEE80211_STA_CSA_RECEIVED)
		return;

	new_ch = ieee80211_get_channel(sdata->local->hw.wiphy, new_freq);
	if (!new_ch || new_ch->flags & IEEE80211_CHAN_DISABLED)
		return;

	sdata->local->csa_channel = new_ch;

	if (sw_elem->count <= 1) {
397
		ieee80211_queue_work(&sdata->local->hw, &ifmgd->chswitch_work);
398 399 400 401 402 403 404
	} else {
		ieee80211_stop_queues_by_reason(&sdata->local->hw,
					IEEE80211_QUEUE_STOP_REASON_CSA);
		ifmgd->flags |= IEEE80211_STA_CSA_RECEIVED;
		mod_timer(&ifmgd->chswitch_timer,
			  jiffies +
			  msecs_to_jiffies(sw_elem->count *
405
					   cbss->beacon_interval));
406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428
	}
}

static void ieee80211_handle_pwr_constr(struct ieee80211_sub_if_data *sdata,
					u16 capab_info, u8 *pwr_constr_elem,
					u8 pwr_constr_elem_len)
{
	struct ieee80211_conf *conf = &sdata->local->hw.conf;

	if (!(capab_info & WLAN_CAPABILITY_SPECTRUM_MGMT))
		return;

	/* Power constraint IE length should be 1 octet */
	if (pwr_constr_elem_len != 1)
		return;

	if ((*pwr_constr_elem <= conf->channel->max_power) &&
	    (*pwr_constr_elem != sdata->local->power_constr_level)) {
		sdata->local->power_constr_level = *pwr_constr_elem;
		ieee80211_hw_config(sdata->local, 0);
	}
}

429 430 431 432 433 434
/* powersave */
static void ieee80211_enable_ps(struct ieee80211_local *local,
				struct ieee80211_sub_if_data *sdata)
{
	struct ieee80211_conf *conf = &local->hw.conf;

Johannes Berg's avatar
Johannes Berg committed
435 436 437 438
	/*
	 * If we are scanning right now then the parameters will
	 * take effect when scan finishes.
	 */
439
	if (local->scanning)
Johannes Berg's avatar
Johannes Berg committed
440 441
		return;

442 443 444 445 446 447 448
	if (conf->dynamic_ps_timeout > 0 &&
	    !(local->hw.flags & IEEE80211_HW_SUPPORTS_DYNAMIC_PS)) {
		mod_timer(&local->dynamic_ps_timer, jiffies +
			  msecs_to_jiffies(conf->dynamic_ps_timeout));
	} else {
		if (local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK)
			ieee80211_send_nullfunc(local, sdata, 1);
449

450 451 452 453 454 455
		if ((local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK) &&
		    (local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS))
			return;

		conf->flags |= IEEE80211_CONF_PS;
		ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS);
456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473
	}
}

static void ieee80211_change_ps(struct ieee80211_local *local)
{
	struct ieee80211_conf *conf = &local->hw.conf;

	if (local->ps_sdata) {
		ieee80211_enable_ps(local, local->ps_sdata);
	} else if (conf->flags & IEEE80211_CONF_PS) {
		conf->flags &= ~IEEE80211_CONF_PS;
		ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS);
		del_timer_sync(&local->dynamic_ps_timer);
		cancel_work_sync(&local->dynamic_ps_enable_work);
	}
}

/* need to hold RTNL or interface lock */
474
void ieee80211_recalc_ps(struct ieee80211_local *local, s32 latency)
475 476 477 478 479 480 481 482 483
{
	struct ieee80211_sub_if_data *sdata, *found = NULL;
	int count = 0;

	if (!(local->hw.flags & IEEE80211_HW_SUPPORTS_PS)) {
		local->ps_sdata = NULL;
		return;
	}

484 485 486 487 488
	if (!list_empty(&local->work_list)) {
		local->ps_sdata = NULL;
		goto change;
	}

489
	list_for_each_entry(sdata, &local->interfaces, list) {
490
		if (!ieee80211_sdata_running(sdata))
491 492 493 494 495 496 497
			continue;
		if (sdata->vif.type != NL80211_IFTYPE_STATION)
			continue;
		found = sdata;
		count++;
	}

498
	if (count == 1 && found->u.mgd.powersave &&
499
	    found->u.mgd.associated &&
500
	    found->u.mgd.associated->beacon_ies &&
501 502
	    !(found->u.mgd.flags & (IEEE80211_STA_BEACON_POLL |
				    IEEE80211_STA_CONNECTION_POLL))) {
503 504 505 506 507 508 509 510
		s32 beaconint_us;

		if (latency < 0)
			latency = pm_qos_requirement(PM_QOS_NETWORK_LATENCY);

		beaconint_us = ieee80211_tu_to_usec(
					found->vif.bss_conf.beacon_int);

511
		if (beaconint_us > latency) {
512
			local->ps_sdata = NULL;
513
		} else {
514
			struct ieee80211_bss *bss;
515
			int maxslp = 1;
516
			u8 dtimper;
517

518 519 520 521 522 523 524
			bss = (void *)found->u.mgd.associated->priv;
			dtimper = bss->dtim_period;

			/* If the TIM IE is invalid, pretend the value is 1 */
			if (!dtimper)
				dtimper = 1;
			else if (dtimper > 1)
525 526 527
				maxslp = min_t(int, dtimper,
						    latency / beaconint_us);

528
			local->hw.conf.max_sleep_period = maxslp;
529
			local->hw.conf.ps_dtim_period = dtimper;
530
			local->ps_sdata = found;
531
		}
532
	} else {
533
		local->ps_sdata = NULL;
534
	}
535

536
 change:
537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560
	ieee80211_change_ps(local);
}

void ieee80211_dynamic_ps_disable_work(struct work_struct *work)
{
	struct ieee80211_local *local =
		container_of(work, struct ieee80211_local,
			     dynamic_ps_disable_work);

	if (local->hw.conf.flags & IEEE80211_CONF_PS) {
		local->hw.conf.flags &= ~IEEE80211_CONF_PS;
		ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS);
	}

	ieee80211_wake_queues_by_reason(&local->hw,
					IEEE80211_QUEUE_STOP_REASON_PS);
}

void ieee80211_dynamic_ps_enable_work(struct work_struct *work)
{
	struct ieee80211_local *local =
		container_of(work, struct ieee80211_local,
			     dynamic_ps_enable_work);
	struct ieee80211_sub_if_data *sdata = local->ps_sdata;
561
	struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
562 563 564 565 566 567 568 569

	/* can only happen when PS was just disabled anyway */
	if (!sdata)
		return;

	if (local->hw.conf.flags & IEEE80211_CONF_PS)
		return;

570 571
	if ((local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK) &&
	    (!(ifmgd->flags & IEEE80211_STA_NULLFUNC_ACKED)))
572 573
		ieee80211_send_nullfunc(local, sdata, 1);

574 575
	if (!((local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS) &&
	      (local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK)) ||
576 577 578 579 580
	    (ifmgd->flags & IEEE80211_STA_NULLFUNC_ACKED)) {
		ifmgd->flags &= ~IEEE80211_STA_NULLFUNC_ACKED;
		local->hw.conf.flags |= IEEE80211_CONF_PS;
		ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS);
	}
581 582 583 584 585 586
}

void ieee80211_dynamic_ps_timer(unsigned long data)
{
	struct ieee80211_local *local = (void *) data;

587
	if (local->quiescing || local->suspended)
588 589
		return;

590
	ieee80211_queue_work(&local->hw, &local->dynamic_ps_enable_work);
591 592
}

Johannes Berg's avatar
Johannes Berg committed
593
/* MLME */
594
static void ieee80211_sta_wmm_params(struct ieee80211_local *local,
595
				     struct ieee80211_if_managed *ifmgd,
596 597 598 599 600
				     u8 *wmm_param, size_t wmm_param_len)
{
	struct ieee80211_tx_queue_params params;
	size_t left;
	int count;
601
	u8 *pos, uapsd_queues = 0;
602

603 604 605
	if (!local->ops->conf_tx)
		return;

606
	if (local->hw.queues < 4)
607 608 609 610 611
		return;

	if (!wmm_param)
		return;

612 613
	if (wmm_param_len < 8 || wmm_param[5] /* version */ != 1)
		return;
614 615

	if (ifmgd->flags & IEEE80211_STA_UAPSD_ENABLED)
616
		uapsd_queues = local->uapsd_queues;
617

618
	count = wmm_param[6] & 0x0f;
619
	if (count == ifmgd->wmm_last_param_set)
620
		return;
621
	ifmgd->wmm_last_param_set = count;
622 623 624 625 626 627 628 629 630 631

	pos = wmm_param + 8;
	left = wmm_param_len - 8;

	memset(&params, 0, sizeof(params));

	local->wmm_acm = 0;
	for (; left >= 4; left -= 4, pos += 4) {
		int aci = (pos[0] >> 5) & 0x03;
		int acm = (pos[0] >> 4) & 0x01;
632
		bool uapsd = false;
633 634 635
		int queue;

		switch (aci) {
636
		case 1: /* AC_BK */
Johannes Berg's avatar
Johannes Berg committed
637
			queue = 3;
Johannes Berg's avatar
Johannes Berg committed
638
			if (acm)
639
				local->wmm_acm |= BIT(1) | BIT(2); /* BK/- */
640 641
			if (uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_BK)
				uapsd = true;
642
			break;
643
		case 2: /* AC_VI */
Johannes Berg's avatar
Johannes Berg committed
644
			queue = 1;
Johannes Berg's avatar
Johannes Berg committed
645
			if (acm)
646
				local->wmm_acm |= BIT(4) | BIT(5); /* CL/VI */
647 648
			if (uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_VI)
				uapsd = true;
649
			break;
650
		case 3: /* AC_VO */
Johannes Berg's avatar
Johannes Berg committed
651
			queue = 0;
Johannes Berg's avatar
Johannes Berg committed
652
			if (acm)
653
				local->wmm_acm |= BIT(6) | BIT(7); /* VO/NC */
654 655
			if (uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_VO)
				uapsd = true;
656
			break;
657
		case 0: /* AC_BE */
658
		default:
Johannes Berg's avatar
Johannes Berg committed
659
			queue = 2;
Johannes Berg's avatar
Johannes Berg committed
660
			if (acm)
661
				local->wmm_acm |= BIT(0) | BIT(3); /* BE/EE */
662 663
			if (uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_BE)
				uapsd = true;
664 665 666 667 668 669
			break;
		}

		params.aifs = pos[0] & 0x0f;
		params.cw_max = ecw2cw((pos[1] & 0xf0) >> 4);
		params.cw_min = ecw2cw(pos[1] & 0x0f);
670
		params.txop = get_unaligned_le16(pos + 2);
671 672
		params.uapsd = uapsd;

673
#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
674
		printk(KERN_DEBUG "%s: WMM queue=%d aci=%d acm=%d aifs=%d "
675
		       "cWmin=%d cWmax=%d txop=%d uapsd=%d\n",
676
		       wiphy_name(local->hw.wiphy), queue, aci, acm,
677 678
		       params.aifs, params.cw_min, params.cw_max, params.txop,
		       params.uapsd);
679
#endif
680
		if (drv_conf_tx(local, queue, &params))
681
			printk(KERN_DEBUG "%s: failed to set TX queue "
682 683
			       "parameters for queue %d\n",
			       wiphy_name(local->hw.wiphy), queue);
684
	}
685 686 687 688

	/* enable WMM or activate new settings */
	local->hw.conf.flags |=	IEEE80211_CONF_QOS;
	drv_config(local, IEEE80211_CONF_CHANGE_QOS);
689 690
}

691 692
static u32 ieee80211_handle_bss_capability(struct ieee80211_sub_if_data *sdata,
					   u16 capab, bool erp_valid, u8 erp)
693
{
694
	struct ieee80211_bss_conf *bss_conf = &sdata->vif.bss_conf;
695
	u32 changed = 0;
696 697 698 699 700 701 702 703 704 705 706 707 708
	bool use_protection;
	bool use_short_preamble;
	bool use_short_slot;

	if (erp_valid) {
		use_protection = (erp & WLAN_ERP_USE_PROTECTION) != 0;
		use_short_preamble = (erp & WLAN_ERP_BARKER_PREAMBLE) == 0;
	} else {
		use_protection = false;
		use_short_preamble = !!(capab & WLAN_CAPABILITY_SHORT_PREAMBLE);
	}

	use_short_slot = !!(capab & WLAN_CAPABILITY_SHORT_SLOT_TIME);
709 710
	if (sdata->local->hw.conf.channel->band == IEEE80211_BAND_5GHZ)
		use_short_slot = true;
711

712 713 714
	if (use_protection != bss_conf->use_cts_prot) {
		bss_conf->use_cts_prot = use_protection;
		changed |= BSS_CHANGED_ERP_CTS_PROT;
715
	}
716

717 718
	if (use_short_preamble != bss_conf->use_short_preamble) {
		bss_conf->use_short_preamble = use_short_preamble;
719
		changed |= BSS_CHANGED_ERP_PREAMBLE;
720
	}
721

722 723 724
	if (use_short_slot != bss_conf->use_short_slot) {
		bss_conf->use_short_slot = use_short_slot;
		changed |= BSS_CHANGED_ERP_SLOT;
725 726 727 728 729
	}

	return changed;
}

730
static void ieee80211_set_associated(struct ieee80211_sub_if_data *sdata,
731
				     struct cfg80211_bss *cbss,
Johannes Berg's avatar
Johannes Berg committed
732
				     u32 bss_info_changed)
733
{
734
	struct ieee80211_bss *bss = (void *)cbss->priv;
735
	struct ieee80211_local *local = sdata->local;
736

Johannes Berg's avatar
Johannes Berg committed
737
	bss_info_changed |= BSS_CHANGED_ASSOC;
738
	/* set timing information */
739 740
	sdata->vif.bss_conf.beacon_int = cbss->beacon_interval;
	sdata->vif.bss_conf.timestamp = cbss->tsf;
741

742 743
	bss_info_changed |= BSS_CHANGED_BEACON_INT;
	bss_info_changed |= ieee80211_handle_bss_capability(sdata,
744
		cbss->capability, bss->has_erp_value, bss->erp_value);
745

746 747
	sdata->u.mgd.associated = cbss;
	memcpy(sdata->u.mgd.bssid, cbss->bssid, ETH_ALEN);
748

749 750
	sdata->u.mgd.flags |= IEEE80211_STA_RESET_SIGNAL_AVE;

751 752 753 754
	/* just to be sure */
	sdata->u.mgd.flags &= ~(IEEE80211_STA_CONNECTION_POLL |
				IEEE80211_STA_BEACON_POLL);

755 756 757 758 759 760 761 762
	/*
	 * Always handle WMM once after association regardless
	 * of the first value the AP uses. Setting -1 here has
	 * that effect because the AP values is an unsigned
	 * 4-bit value.
	 */
	sdata->u.mgd.wmm_last_param_set = -1;

763
	ieee80211_led_assoc(local, 1);
764

765
	sdata->vif.bss_conf.assoc = 1;
766 767 768 769 770
	/*
	 * For now just always ask the driver to update the basic rateset
	 * when we have associated, we aren't checking whether it actually
	 * changed or not.
	 */
Johannes Berg's avatar
Johannes Berg committed
771
	bss_info_changed |= BSS_CHANGED_BASIC_RATES;
772 773 774 775

	/* And the BSSID changed - we're associated now */
	bss_info_changed |= BSS_CHANGED_BSSID;

776 777 778 779 780
	/* Tell the driver to monitor connection quality (if supported) */
	if ((local->hw.flags & IEEE80211_HW_SUPPORTS_CQM_RSSI) &&
	    sdata->vif.bss_conf.cqm_rssi_thold)
		bss_info_changed |= BSS_CHANGED_CQM;

Johannes Berg's avatar
Johannes Berg committed
781
	ieee80211_bss_info_change_notify(sdata, bss_info_changed);
782

Johannes Berg's avatar
Johannes Berg committed
783 784
	mutex_lock(&local->iflist_mtx);
	ieee80211_recalc_ps(local, -1);
785
	ieee80211_recalc_smps(local, sdata);
Johannes Berg's avatar
Johannes Berg committed
786
	mutex_unlock(&local->iflist_mtx);
787

788
	netif_tx_start_all_queues(sdata->dev);
789
	netif_carrier_on(sdata->dev);
790 791
}

792 793
static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata,
				   bool remove_sta)
794
{
795
	struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
796 797
	struct ieee80211_local *local = sdata->local;
	struct sta_info *sta;
798
	u32 changed = 0, config_changed = 0;
799
	u8 bssid[ETH_ALEN];
800

801 802
	ASSERT_MGD_MTX(ifmgd);

803 804 805
	if (WARN_ON(!ifmgd->associated))
		return;

806
	memcpy(bssid, ifmgd->associated->bssid, ETH_ALEN);
807

808 809 810 811 812 813 814 815 816 817 818 819 820 821 822 823
	ifmgd->associated = NULL;
	memset(ifmgd->bssid, 0, ETH_ALEN);

	/*
	 * we need to commit the associated = NULL change because the
	 * scan code uses that to determine whether this iface should
	 * go to/wake up from powersave or not -- and could otherwise
	 * wake the queues erroneously.
	 */
	smp_mb();

	/*
	 * Thus, we can only afterwards stop the queues -- to account
	 * for the case where another CPU is finishing a scan at this
	 * time -- we don't want the scan code to enable queues.
	 */
824

825
	netif_tx_stop_all_queues(sdata->dev);
826 827
	netif_carrier_off(sdata->dev);

828
	rcu_read_lock();
829
	sta = sta_info_get(sdata, bssid);
830 831
	if (sta) {
		set_sta_flags(sta, WLAN_STA_DISASSOC);
832
		ieee80211_sta_tear_down_BA_sessions(sta);
833
	}
834
	rcu_read_unlock();
835

836 837 838
	changed |= ieee80211_reset_erp_info(sdata);

	ieee80211_led_assoc(local, 0);
Johannes Berg's avatar
Johannes Berg committed
839 840
	changed |= BSS_CHANGED_ASSOC;
	sdata->vif.bss_conf.assoc = false;
841

842 843
	ieee80211_set_wmm_default(sdata);

844
	/* channel(_type) changes are handled by ieee80211_hw_config */
Sujith's avatar
Sujith committed
845
	local->oper_channel_type = NL80211_CHAN_NO_HT;
846

847 848 849
	/* on the next assoc, re-program HT parameters */
	sdata->ht_opmode_valid = false;

850 851
	local->power_constr_level = 0;

852 853 854
	del_timer_sync(&local->dynamic_ps_timer);
	cancel_work_sync(&local->dynamic_ps_enable_work);

855 856 857 858
	if (local->hw.conf.flags & IEEE80211_CONF_PS) {
		local->hw.conf.flags &= ~IEEE80211_CONF_PS;
		config_changed |= IEEE80211_CONF_CHANGE_PS;
	}
Johannes Berg's avatar
Johannes Berg committed
859

860
	ieee80211_hw_config(local, config_changed);
861 862 863

	/* And the BSSID changed -- not very interesting here */
	changed |= BSS_CHANGED_BSSID;
Johannes Berg's avatar
Johannes Berg committed
864
	ieee80211_bss_info_change_notify(sdata, changed);
865

866 867
	if (remove_sta)
		sta_info_destroy_addr(sdata, bssid);
868
}
869

870 871 872 873 874 875 876 877
void ieee80211_sta_rx_notify(struct ieee80211_sub_if_data *sdata,
			     struct ieee80211_hdr *hdr)
{
	/*
	 * We can postpone the mgd.timer whenever receiving unicast frames
	 * from AP because we know that the connection is working both ways
	 * at that time. But multicast frames (and hence also beacons) must
	 * be ignored here, because we need to trigger the timer during
878 879
	 * data idle periods for sending the periodic probe request to the
	 * AP we're connected to.
880
	 */
881 882 883
	if (is_multicast_ether_addr(hdr->addr1))
		return;

884 885 886
	if (sdata->local->hw.flags & IEEE80211_HW_CONNECTION_MONITOR)
		return;

887 888
	mod_timer(&sdata->u.mgd.conn_mon_timer,
		  round_jiffies_up(jiffies + IEEE80211_CONNECTION_IDLE_TIME));
889
}
890

891 892 893 894 895
static void ieee80211_mgd_probe_ap_send(struct ieee80211_sub_if_data *sdata)
{
	struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
	const u8 *ssid;

896 897
	ssid = ieee80211_bss_get_ie(ifmgd->associated, WLAN_EID_SSID);
	ieee80211_send_probe_req(sdata, ifmgd->associated->bssid,
898 899 900 901 902 903 904
				 ssid + 2, ssid[1], NULL, 0);

	ifmgd->probe_send_count++;
	ifmgd->probe_timeout = jiffies + IEEE80211_PROBE_WAIT;
	run_again(ifmgd, ifmgd->probe_timeout);
}

905 906
static void ieee80211_mgd_probe_ap(struct ieee80211_sub_if_data *sdata,
				   bool beacon)
907 908
{
	struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
909
	bool already = false;
910

911
	if (!ieee80211_sdata_running(sdata))
912 913
		return;

914 915 916
	if (sdata->local->scanning)
		return;

917 918 919
	if (sdata->local->tmp_channel)
		return;

920 921 922 923 924
	mutex_lock(&ifmgd->mtx);

	if (!ifmgd->associated)
		goto out;

925
#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
926 927
	if (beacon && net_ratelimit())
		printk(KERN_DEBUG "%s: detected beacon loss from AP "
928
		       "- sending probe request\n", sdata->name);
929
#endif
930

931 932 933 934 935 936 937 938 939 940 941 942 943 944 945 946 947 948 949 950 951 952 953
	/*
	 * The driver/our work has already reported this event or the
	 * connection monitoring has kicked in and we have already sent
	 * a probe request. Or maybe the AP died and the driver keeps
	 * reporting until we disassociate...
	 *
	 * In either case we have to ignore the current call to this
	 * function (except for setting the correct probe reason bit)
	 * because otherwise we would reset the timer every time and
	 * never check whether we received a probe response!
	 */
	if (ifmgd->flags & (IEEE80211_STA_BEACON_POLL |
			    IEEE80211_STA_CONNECTION_POLL))
		already = true;

	if (beacon)
		ifmgd->flags |= IEEE80211_STA_BEACON_POLL;
	else
		ifmgd->flags |= IEEE80211_STA_CONNECTION_POLL;

	if (already)
		goto out;

954 955 956 957
	mutex_lock(&sdata->local->iflist_mtx);
	ieee80211_recalc_ps(sdata->local, -1);
	mutex_unlock(&sdata->local->iflist_mtx);

958 959
	ifmgd->probe_send_count = 0;
	ieee80211_mgd_probe_ap_send(sdata);
960 961
 out:
	mutex_unlock(&ifmgd->mtx);
962 963
}

964 965 966 967 968 969 970 971 972 973 974 975 976 977 978 979
static void __ieee80211_connection_loss(struct ieee80211_sub_if_data *sdata)
{
	struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
	struct ieee80211_local *local = sdata->local;
	u8 bssid[ETH_ALEN];

	mutex_lock(&ifmgd->mtx);
	if (!ifmgd->associated) {
		mutex_unlock(&ifmgd->mtx);
		return;
	}

	memcpy(bssid, ifmgd->associated->bssid, ETH_ALEN);

	printk(KERN_DEBUG "Connection to AP %pM lost.\n", bssid);

980
	ieee80211_set_disassoc(sdata, true);
981 982 983 984 985 986 987 988 989
	ieee80211_recalc_idle(local);
	mutex_unlock(&ifmgd->mtx);
	/*
	 * must be outside lock due to cfg80211,
	 * but that's not a problem.
	 */
	ieee80211_send_deauth_disassoc(sdata, bssid,
				       IEEE80211_STYPE_DEAUTH,
				       WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY,
990
				       NULL, true);
991 992 993
}

void ieee80211_beacon_connection_loss_work(struct work_struct *work)
994 995 996
{
	struct ieee80211_sub_if_data *sdata =
		container_of(work, struct ieee80211_sub_if_data,
997
			     u.mgd.beacon_connection_loss_work);
998

999 1000 1001 1002
	if (sdata->local->hw.flags & IEEE80211_HW_CONNECTION_MONITOR)
		__ieee80211_connection_loss(sdata);
	else
		ieee80211_mgd_probe_ap(sdata, true);
1003 1004
}

1005 1006 1007
void ieee80211_beacon_loss(struct ieee80211_vif *vif)
{
	struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
1008
	struct ieee80211_hw *hw = &sdata->local->hw;
1009

Johannes Berg's avatar
Johannes Berg committed
1010 1011
	trace_api_beacon_loss(sdata);

1012 1013
	WARN_ON(hw->flags & IEEE80211_HW_CONNECTION_MONITOR);
	ieee80211_queue_work(hw, &sdata->u.mgd.beacon_connection_loss_work);
1014 1015 1016
}
EXPORT_SYMBOL(ieee80211_beacon_loss);

1017 1018 1019 1020 1021
void ieee80211_connection_loss(struct ieee80211_vif *vif)
{
	struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
	struct ieee80211_hw *hw = &sdata->local->hw;

Johannes Berg's avatar
Johannes Berg committed
1022 1023
	trace_api_connection_loss(sdata);

1024 1025 1026 1027 1028 1029
	WARN_ON(!(hw->flags & IEEE80211_HW_CONNECTION_MONITOR));
	ieee80211_queue_work(hw, &sdata->u.mgd.beacon_connection_loss_work);
}
EXPORT_SYMBOL(ieee80211_connection_loss);


1030 1031 1032
static enum rx_mgmt_action __must_check
ieee80211_rx_mgmt_deauth(struct ieee80211_sub_if_data *sdata,
			 struct ieee80211_mgmt *mgmt, size_t len)
1033
{
1034
	struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1035
	const u8 *bssid = NULL;
1036 1037
	u16 reason_code;

1038
	if (len < 24 + 2)
1039
		return RX_MGMT_NONE;
1040

1041 1042
	ASSERT_MGD_MTX(ifmgd);

1043
	bssid = ifmgd->associated->bssid;
1044 1045 1046

	reason_code = le16_to_cpu(mgmt->u.deauth.reason_code);

1047
	printk(KERN_DEBUG "%s: deauthenticated from %pM (Reason: %u)\n",
1048
			sdata->name, bssid, reason_code);
1049

1050
	ieee80211_set_disassoc(sdata, true);
1051
	ieee80211_recalc_idle(sdata->local);
1052

1053
	return RX_MGMT_CFG80211_DEAUTH;
1054 1055 1056
}


1057 1058 1059
static enum rx_mgmt_action __must_check
ieee80211_rx_mgmt_disassoc(struct ieee80211_sub_if_data *sdata,
			   struct ieee80211_mgmt *mgmt, size_t len)
1060
{
1061
	struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1062 1063
	u16 reason_code;

1064
	if (len < 24 + 2)
1065
		return RX_MGMT_NONE;
1066

1067 1068 1069 1070 1071
	ASSERT_MGD_MTX(ifmgd);

	if (WARN_ON(!ifmgd->associated))
		return RX_MGMT_NONE;

1072
	if (WARN_ON(memcmp(ifmgd->associated->bssid, mgmt->sa, ETH_ALEN)))
1073
		return RX_MGMT_NONE;
1074 1075 1076

	reason_code = le16_to_cpu(mgmt->u.disassoc.reason_code);

1077
	printk(KERN_DEBUG "%s: disassociated from %pM (Reason: %u)\n",
1078
			sdata->name, mgmt->sa, reason_code);
1079

1080
	ieee80211_set_disassoc(sdata, true);
1081
	ieee80211_recalc_idle(sdata->local);
1082
	return RX_MGMT_CFG80211_DISASSOC;
1083 1084 1085
}


1086 1087
static bool ieee80211_assoc_success(struct ieee80211_work *wk,
				    struct ieee80211_mgmt *mgmt, size_t len)
1088
{
1089
	struct ieee80211_sub_if_data *sdata = wk->sdata;
1090
	struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1091
	struct ieee80211_local *local = sdata->local;
1092
	struct ieee80211_supported_band *sband;
1093
	struct sta_info *sta;
1094
	struct cfg80211_bss *cbss = wk->assoc.bss;
1095
	u8 *pos;
1096
	u32 rates, basic_rates;
1097
	u16 capab_info, aid;
1098
	struct ieee802_11_elems elems;
1099
	struct ieee80211_bss_conf *bss_conf = &sdata->vif.bss_conf;
Johannes Berg's avatar
Johannes Berg committed
1100
	u32 changed = 0;
1101 1102
	int i, j, err;
	bool have_higher_than_11mbit = false;
Johannes Berg's avatar
Johannes Berg committed
1103
	u16 ap_ht_cap_flags;
1104

1105
	/* AssocResp and ReassocResp have identical structure */
1106 1107

	aid = le16_to_cpu(mgmt->u.assoc_resp.aid);
1108
	capab_info = le16_to_cpu(mgmt->u.assoc_resp.capab_info);
1109

1110 1111
	if ((aid & (BIT(15) | BIT(14))) != (BIT(15) | BIT(14)))
		printk(KERN_DEBUG "%s: invalid aid value %d; bits 15:14 not "
1112
		       "set\n", sdata->name, aid);
1113 1114
	aid &= ~(BIT(15) | BIT(14));

1115 1116 1117
	pos = mgmt->u.assoc_resp.variable;
	ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems);

1118 1119
	if (!elems.supp_rates) {
		printk(KERN_DEBUG "%s: no SuppRates element in AssocResp\n",
1120
		       sdata->name);
1121
		return false;
1122 1123
	}

1124
	ifmgd->aid = aid;
1125