mlme.c 71.2 KB
Newer Older
1
2
/*
 * BSS client mode implementation
3
 * Copyright 2003-2008, Jouni Malinen <j@w1.fi>
4
5
6
7
8
9
10
11
12
13
 * Copyright 2004, Instant802 Networks, Inc.
 * Copyright 2005, Devicescape Software, Inc.
 * Copyright 2006-2007	Jiri Benc <jbenc@suse.cz>
 * Copyright 2007, Michael Wu <flamingice@sourmilk.net>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License version 2 as
 * published by the Free Software Foundation.
 */

14
#include <linux/delay.h>
15
16
17
18
#include <linux/if_ether.h>
#include <linux/skbuff.h>
#include <linux/if_arp.h>
#include <linux/etherdevice.h>
19
#include <linux/rtnetlink.h>
20
#include <linux/pm_qos_params.h>
21
#include <linux/crc32.h>
22
#include <net/mac80211.h>
23
#include <asm/unaligned.h>
Johannes Berg's avatar
Johannes Berg committed
24

25
#include "ieee80211_i.h"
26
#include "driver-ops.h"
Johannes Berg's avatar
Johannes Berg committed
27
28
#include "rate.h"
#include "led.h"
29

30
#define IEEE80211_ASSOC_SCANS_MAX_TRIES 2
31
32
33
34
35
#define IEEE80211_AUTH_TIMEOUT (HZ / 5)
#define IEEE80211_AUTH_MAX_TRIES 3
#define IEEE80211_ASSOC_TIMEOUT (HZ / 5)
#define IEEE80211_ASSOC_MAX_TRIES 3
#define IEEE80211_MONITORING_INTERVAL (2 * HZ)
36
#define IEEE80211_PROBE_WAIT (HZ / 5)
37
#define IEEE80211_PROBE_IDLE_TIME (60 * HZ)
38
39
#define IEEE80211_RETRY_AUTH_INTERVAL (1 * HZ)

40
41
42
#define TMR_RUNNING_TIMER	0
#define TMR_RUNNING_CHANSW	1

43
44
/* utils */
static int ecw2cw(int ecw)
Johannes Berg's avatar
Johannes Berg committed
45
{
46
	return (1 << ecw) - 1;
Johannes Berg's avatar
Johannes Berg committed
47
48
}

49
static u8 *ieee80211_bss_get_ie(struct ieee80211_bss *bss, u8 ie)
50
51
52
{
	u8 *end, *pos;

53
	pos = bss->cbss.information_elements;
54
55
	if (pos == NULL)
		return NULL;
56
	end = pos + bss->cbss.len_information_elements;
57
58
59
60
61
62
63
64
65
66
67
68

	while (pos + 1 < end) {
		if (pos + 2 + pos[1] > end)
			break;
		if (pos[0] == ie)
			return pos;
		pos += 2 + pos[1];
	}

	return NULL;
}

69
static int ieee80211_compatible_rates(struct ieee80211_bss *bss,
70
				      struct ieee80211_supported_band *sband,
71
				      u32 *rates)
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
{
	int i, j, count;
	*rates = 0;
	count = 0;
	for (i = 0; i < bss->supp_rates_len; i++) {
		int rate = (bss->supp_rates[i] & 0x7F) * 5;

		for (j = 0; j < sband->n_bitrates; j++)
			if (sband->bitrates[j].bitrate == rate) {
				*rates |= BIT(j);
				count++;
				break;
			}
	}

	return count;
}

90
91
92
93
94
95
96
97
98
99
100
101
102
103
/*
 * ieee80211_enable_ht should be called only after the operating band
 * has been determined as ht configuration depends on the hw's
 * HT abilities for a specific band.
 */
static u32 ieee80211_enable_ht(struct ieee80211_sub_if_data *sdata,
			       struct ieee80211_ht_info *hti,
			       u16 ap_ht_cap_flags)
{
	struct ieee80211_local *local = sdata->local;
	struct ieee80211_supported_band *sband;
	struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
	struct sta_info *sta;
	u32 changed = 0;
104
	u16 ht_opmode;
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
	bool enable_ht = true, ht_changed;
	enum nl80211_channel_type channel_type = NL80211_CHAN_NO_HT;

	sband = local->hw.wiphy->bands[local->hw.conf.channel->band];

	/* HT is not supported */
	if (!sband->ht_cap.ht_supported)
		enable_ht = false;

	/* check that channel matches the right operating channel */
	if (local->hw.conf.channel->center_freq !=
	    ieee80211_channel_to_frequency(hti->control_chan))
		enable_ht = false;

	if (enable_ht) {
		channel_type = NL80211_CHAN_HT20;

		if (!(ap_ht_cap_flags & IEEE80211_HT_CAP_40MHZ_INTOLERANT) &&
		    (sband->ht_cap.cap & IEEE80211_HT_CAP_SUP_WIDTH_20_40) &&
		    (hti->ht_param & IEEE80211_HT_PARAM_CHAN_WIDTH_ANY)) {
			switch(hti->ht_param & IEEE80211_HT_PARAM_CHA_SEC_OFFSET) {
			case IEEE80211_HT_PARAM_CHA_SEC_ABOVE:
127
128
129
				if (!(local->hw.conf.channel->flags &
				    IEEE80211_CHAN_NO_HT40PLUS))
					channel_type = NL80211_CHAN_HT40PLUS;
130
131
				break;
			case IEEE80211_HT_PARAM_CHA_SEC_BELOW:
132
133
134
				if (!(local->hw.conf.channel->flags &
				    IEEE80211_CHAN_NO_HT40MINUS))
					channel_type = NL80211_CHAN_HT40MINUS;
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
				break;
			}
		}
	}

	ht_changed = conf_is_ht(&local->hw.conf) != enable_ht ||
		     channel_type != local->hw.conf.channel_type;

	local->oper_channel_type = channel_type;

	if (ht_changed) {
                /* channel_type change automatically detected */
		ieee80211_hw_config(local, 0);

		rcu_read_lock();

		sta = sta_info_get(local, ifmgd->bssid);
		if (sta)
			rate_control_rate_update(local, sband, sta,
						 IEEE80211_RC_HT_CHANGED);

		rcu_read_unlock();
        }

	/* disable HT */
	if (!enable_ht)
		return 0;

163
	ht_opmode = le16_to_cpu(hti->operation_mode);
164
165

	/* if bss configuration changed store the new one */
166
167
	if (!sdata->ht_opmode_valid ||
	    sdata->vif.bss_conf.ht_operation_mode != ht_opmode) {
168
		changed |= BSS_CHANGED_HT;
169
		sdata->vif.bss_conf.ht_operation_mode = ht_opmode;
170
		sdata->ht_opmode_valid = true;
171
172
173
174
175
	}

	return changed;
}

176
177
/* frame sending functions */

178
static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata)
179
{
180
	struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
181
182
183
	struct ieee80211_local *local = sdata->local;
	struct sk_buff *skb;
	struct ieee80211_mgmt *mgmt;
184
	u8 *pos, *ies, *ht_ie;
185
186
	int i, len, count, rates_len, supp_rates_len;
	u16 capab;
187
	struct ieee80211_bss *bss;
188
189
	int wmm = 0;
	struct ieee80211_supported_band *sband;
190
	u32 rates = 0;
191
192

	skb = dev_alloc_skb(local->hw.extra_tx_headroom +
193
			    sizeof(*mgmt) + 200 + ifmgd->extra_ie_len +
194
			    ifmgd->ssid_len);
195
196
197
198
199
200
201
202
203
	if (!skb) {
		printk(KERN_DEBUG "%s: failed to allocate buffer for assoc "
		       "frame\n", sdata->dev->name);
		return;
	}
	skb_reserve(skb, local->hw.extra_tx_headroom);

	sband = local->hw.wiphy->bands[local->hw.conf.channel->band];

204
	capab = ifmgd->capab;
205
206
207
208
209
210
211
212

	if (local->hw.conf.channel->band == IEEE80211_BAND_2GHZ) {
		if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_SLOT_INCAPABLE))
			capab |= WLAN_CAPABILITY_SHORT_SLOT_TIME;
		if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_PREAMBLE_INCAPABLE))
			capab |= WLAN_CAPABILITY_SHORT_PREAMBLE;
	}

213
	bss = ieee80211_rx_bss_get(local, ifmgd->bssid,
214
				   local->hw.conf.channel->center_freq,
215
				   ifmgd->ssid, ifmgd->ssid_len);
216
	if (bss) {
217
		if (bss->cbss.capability & WLAN_CAPABILITY_PRIVACY)
218
219
220
221
222
223
224
225
226
227
			capab |= WLAN_CAPABILITY_PRIVACY;
		if (bss->wmm_used)
			wmm = 1;

		/* get all rates supported by the device and the AP as
		 * some APs don't like getting a superset of their rates
		 * in the association request (e.g. D-Link DAP 1353 in
		 * b-only mode) */
		rates_len = ieee80211_compatible_rates(bss, sband, &rates);

228
		if ((bss->cbss.capability & WLAN_CAPABILITY_SPECTRUM_MGMT) &&
229
230
231
232
233
234
235
236
237
238
239
		    (local->hw.flags & IEEE80211_HW_SPECTRUM_MGMT))
			capab |= WLAN_CAPABILITY_SPECTRUM_MGMT;

		ieee80211_rx_bss_put(local, bss);
	} else {
		rates = ~0;
		rates_len = sband->n_bitrates;
	}

	mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
	memset(mgmt, 0, 24);
240
	memcpy(mgmt->da, ifmgd->bssid, ETH_ALEN);
241
	memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
242
	memcpy(mgmt->bssid, ifmgd->bssid, ETH_ALEN);
243

244
	if (ifmgd->flags & IEEE80211_STA_PREV_BSSID_SET) {
245
246
247
248
249
250
		skb_put(skb, 10);
		mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
						  IEEE80211_STYPE_REASSOC_REQ);
		mgmt->u.reassoc_req.capab_info = cpu_to_le16(capab);
		mgmt->u.reassoc_req.listen_interval =
				cpu_to_le16(local->hw.conf.listen_interval);
251
		memcpy(mgmt->u.reassoc_req.current_ap, ifmgd->prev_bssid,
252
253
254
255
256
257
		       ETH_ALEN);
	} else {
		skb_put(skb, 4);
		mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
						  IEEE80211_STYPE_ASSOC_REQ);
		mgmt->u.assoc_req.capab_info = cpu_to_le16(capab);
258
		mgmt->u.assoc_req.listen_interval =
259
260
261
262
				cpu_to_le16(local->hw.conf.listen_interval);
	}

	/* SSID */
263
	ies = pos = skb_put(skb, 2 + ifmgd->ssid_len);
264
	*pos++ = WLAN_EID_SSID;
265
266
	*pos++ = ifmgd->ssid_len;
	memcpy(pos, ifmgd->ssid, ifmgd->ssid_len);
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320

	/* add all rates which were marked to be used above */
	supp_rates_len = rates_len;
	if (supp_rates_len > 8)
		supp_rates_len = 8;

	len = sband->n_bitrates;
	pos = skb_put(skb, supp_rates_len + 2);
	*pos++ = WLAN_EID_SUPP_RATES;
	*pos++ = supp_rates_len;

	count = 0;
	for (i = 0; i < sband->n_bitrates; i++) {
		if (BIT(i) & rates) {
			int rate = sband->bitrates[i].bitrate;
			*pos++ = (u8) (rate / 5);
			if (++count == 8)
				break;
		}
	}

	if (rates_len > count) {
		pos = skb_put(skb, rates_len - count + 2);
		*pos++ = WLAN_EID_EXT_SUPP_RATES;
		*pos++ = rates_len - count;

		for (i++; i < sband->n_bitrates; i++) {
			if (BIT(i) & rates) {
				int rate = sband->bitrates[i].bitrate;
				*pos++ = (u8) (rate / 5);
			}
		}
	}

	if (capab & WLAN_CAPABILITY_SPECTRUM_MGMT) {
		/* 1. power capabilities */
		pos = skb_put(skb, 4);
		*pos++ = WLAN_EID_PWR_CAPABILITY;
		*pos++ = 2;
		*pos++ = 0; /* min tx power */
		*pos++ = local->hw.conf.channel->max_power; /* max tx power */

		/* 2. supported channels */
		/* TODO: get this in reg domain format */
		pos = skb_put(skb, 2 * sband->n_channels + 2);
		*pos++ = WLAN_EID_SUPPORTED_CHANNELS;
		*pos++ = 2 * sband->n_channels;
		for (i = 0; i < sband->n_channels; i++) {
			*pos++ = ieee80211_frequency_to_channel(
					sband->channels[i].center_freq);
			*pos++ = 1; /* one channel in the subband*/
		}
	}

321
322
323
	if (ifmgd->extra_ie) {
		pos = skb_put(skb, ifmgd->extra_ie_len);
		memcpy(pos, ifmgd->extra_ie, ifmgd->extra_ie_len);
324
325
	}

326
	if (wmm && (ifmgd->flags & IEEE80211_STA_WMM_ENABLED)) {
327
328
329
330
331
332
333
334
335
336
337
338
339
		pos = skb_put(skb, 9);
		*pos++ = WLAN_EID_VENDOR_SPECIFIC;
		*pos++ = 7; /* len */
		*pos++ = 0x00; /* Microsoft OUI 00:50:F2 */
		*pos++ = 0x50;
		*pos++ = 0xf2;
		*pos++ = 2; /* WME */
		*pos++ = 0; /* WME info */
		*pos++ = 1; /* WME ver */
		*pos++ = 0;
	}

	/* wmm support is a must to HT */
340
341
342
343
344
345
	/*
	 * IEEE802.11n does not allow TKIP/WEP as pairwise
	 * ciphers in HT mode. We still associate in non-ht
	 * mode (11a/b/g) if any one of these ciphers is
	 * configured as pairwise.
	 */
346
	if (wmm && (ifmgd->flags & IEEE80211_STA_WMM_ENABLED) &&
347
348
	    sband->ht_cap.ht_supported &&
	    (ht_ie = ieee80211_bss_get_ie(bss, WLAN_EID_HT_INFORMATION)) &&
349
	    ht_ie[1] >= sizeof(struct ieee80211_ht_info) &&
350
	    (!(ifmgd->flags & IEEE80211_STA_TKIP_WEP_USED))) {
351
352
353
		struct ieee80211_ht_info *ht_info =
			(struct ieee80211_ht_info *)(ht_ie + 2);
		u16 cap = sband->ht_cap.cap;
354
355
356
		__le16 tmp;
		u32 flags = local->hw.conf.channel->flags;

357
358
		switch (ht_info->ht_param & IEEE80211_HT_PARAM_CHA_SEC_OFFSET) {
		case IEEE80211_HT_PARAM_CHA_SEC_ABOVE:
359
			if (flags & IEEE80211_CHAN_NO_HT40PLUS) {
360
				cap &= ~IEEE80211_HT_CAP_SUP_WIDTH_20_40;
361
362
363
				cap &= ~IEEE80211_HT_CAP_SGI_40;
			}
			break;
364
		case IEEE80211_HT_PARAM_CHA_SEC_BELOW:
365
			if (flags & IEEE80211_CHAN_NO_HT40MINUS) {
366
				cap &= ~IEEE80211_HT_CAP_SUP_WIDTH_20_40;
367
368
369
370
371
372
373
374
375
376
377
378
379
				cap &= ~IEEE80211_HT_CAP_SGI_40;
			}
			break;
		}

		tmp = cpu_to_le16(cap);
		pos = skb_put(skb, sizeof(struct ieee80211_ht_cap)+2);
		*pos++ = WLAN_EID_HT_CAPABILITY;
		*pos++ = sizeof(struct ieee80211_ht_cap);
		memset(pos, 0, sizeof(struct ieee80211_ht_cap));
		memcpy(pos, &tmp, sizeof(u16));
		pos += sizeof(u16);
		/* TODO: needs a define here for << 2 */
380
381
382
		*pos++ = sband->ht_cap.ampdu_factor |
			 (sband->ht_cap.ampdu_density << 2);
		memcpy(pos, &sband->ht_cap.mcs, sizeof(sband->ht_cap.mcs));
383
384
	}

385
386
387
388
389
	kfree(ifmgd->assocreq_ies);
	ifmgd->assocreq_ies_len = (skb->data + skb->len) - ies;
	ifmgd->assocreq_ies = kmalloc(ifmgd->assocreq_ies_len, GFP_KERNEL);
	if (ifmgd->assocreq_ies)
		memcpy(ifmgd->assocreq_ies, ies, ifmgd->assocreq_ies_len);
390

391
	ieee80211_tx_skb(sdata, skb, 0);
392
393
394
}


395
396
static void ieee80211_send_deauth_disassoc(struct ieee80211_sub_if_data *sdata,
					   u16 stype, u16 reason)
397
398
{
	struct ieee80211_local *local = sdata->local;
399
	struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
400
401
	struct sk_buff *skb;
	struct ieee80211_mgmt *mgmt;
402

403
	skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*mgmt));
404
	if (!skb) {
405
406
		printk(KERN_DEBUG "%s: failed to allocate buffer for "
		       "deauth/disassoc frame\n", sdata->dev->name);
407
408
409
410
411
412
		return;
	}
	skb_reserve(skb, local->hw.extra_tx_headroom);

	mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
	memset(mgmt, 0, 24);
413
	memcpy(mgmt->da, ifmgd->bssid, ETH_ALEN);
414
	memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
415
	memcpy(mgmt->bssid, ifmgd->bssid, ETH_ALEN);
416
	mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | stype);
417
	skb_put(skb, 2);
418
	/* u.deauth.reason_code == u.disassoc.reason_code */
419
420
	mgmt->u.deauth.reason_code = cpu_to_le16(reason);

421
422
423
424
	if (stype == IEEE80211_STYPE_DEAUTH)
		cfg80211_send_deauth(sdata->dev, (u8 *) mgmt, skb->len);
	else
		cfg80211_send_disassoc(sdata->dev, (u8 *) mgmt, skb->len);
425
	ieee80211_tx_skb(sdata, skb, ifmgd->flags & IEEE80211_STA_MFP_ENABLED);
426
427
}

428
429
430
void ieee80211_send_pspoll(struct ieee80211_local *local,
			   struct ieee80211_sub_if_data *sdata)
{
431
	struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
	struct ieee80211_pspoll *pspoll;
	struct sk_buff *skb;
	u16 fc;

	skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*pspoll));
	if (!skb) {
		printk(KERN_DEBUG "%s: failed to allocate buffer for "
		       "pspoll frame\n", sdata->dev->name);
		return;
	}
	skb_reserve(skb, local->hw.extra_tx_headroom);

	pspoll = (struct ieee80211_pspoll *) skb_put(skb, sizeof(*pspoll));
	memset(pspoll, 0, sizeof(*pspoll));
	fc = IEEE80211_FTYPE_CTL | IEEE80211_STYPE_PSPOLL | IEEE80211_FCTL_PM;
	pspoll->frame_control = cpu_to_le16(fc);
448
	pspoll->aid = cpu_to_le16(ifmgd->aid);
449
450
451
452

	/* aid in PS-Poll has its two MSBs each set to 1 */
	pspoll->aid |= cpu_to_le16(1 << 15 | 1 << 14);

453
	memcpy(pspoll->bssid, ifmgd->bssid, ETH_ALEN);
454
455
456
457
458
	memcpy(pspoll->ta, sdata->dev->dev_addr, ETH_ALEN);

	ieee80211_tx_skb(sdata, skb, 0);
}

459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
void ieee80211_send_nullfunc(struct ieee80211_local *local,
			     struct ieee80211_sub_if_data *sdata,
			     int powersave)
{
	struct sk_buff *skb;
	struct ieee80211_hdr *nullfunc;
	__le16 fc;

	if (WARN_ON(sdata->vif.type != NL80211_IFTYPE_STATION))
		return;

	skb = dev_alloc_skb(local->hw.extra_tx_headroom + 24);
	if (!skb) {
		printk(KERN_DEBUG "%s: failed to allocate buffer for nullfunc "
		       "frame\n", sdata->dev->name);
		return;
	}
	skb_reserve(skb, local->hw.extra_tx_headroom);

	nullfunc = (struct ieee80211_hdr *) skb_put(skb, 24);
	memset(nullfunc, 0, 24);
	fc = cpu_to_le16(IEEE80211_FTYPE_DATA | IEEE80211_STYPE_NULLFUNC |
			 IEEE80211_FCTL_TODS);
	if (powersave)
		fc |= cpu_to_le16(IEEE80211_FCTL_PM);
	nullfunc->frame_control = fc;
	memcpy(nullfunc->addr1, sdata->u.mgd.bssid, ETH_ALEN);
	memcpy(nullfunc->addr2, sdata->dev->dev_addr, ETH_ALEN);
	memcpy(nullfunc->addr3, sdata->u.mgd.bssid, ETH_ALEN);

	ieee80211_tx_skb(sdata, skb, 0);
}

492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
/* spectrum management related things */
static void ieee80211_chswitch_work(struct work_struct *work)
{
	struct ieee80211_sub_if_data *sdata =
		container_of(work, struct ieee80211_sub_if_data, u.mgd.chswitch_work);
	struct ieee80211_bss *bss;
	struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;

	if (!netif_running(sdata->dev))
		return;

	bss = ieee80211_rx_bss_get(sdata->local, ifmgd->bssid,
				   sdata->local->hw.conf.channel->center_freq,
				   ifmgd->ssid, ifmgd->ssid_len);
	if (!bss)
		goto exit;

	sdata->local->oper_channel = sdata->local->csa_channel;
	/* XXX: shouldn't really modify cfg80211-owned data! */
	if (!ieee80211_hw_config(sdata->local, IEEE80211_CONF_CHANGE_CHANNEL))
		bss->cbss.channel = sdata->local->oper_channel;

	ieee80211_rx_bss_put(sdata->local, bss);
exit:
	ifmgd->flags &= ~IEEE80211_STA_CSA_RECEIVED;
	ieee80211_wake_queues_by_reason(&sdata->local->hw,
					IEEE80211_QUEUE_STOP_REASON_CSA);
}

static void ieee80211_chswitch_timer(unsigned long data)
{
	struct ieee80211_sub_if_data *sdata =
		(struct ieee80211_sub_if_data *) data;
	struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;

527
528
529
530
531
	if (sdata->local->quiescing) {
		set_bit(TMR_RUNNING_CHANSW, &ifmgd->timers_running);
		return;
	}

532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
	queue_work(sdata->local->hw.workqueue, &ifmgd->chswitch_work);
}

void ieee80211_sta_process_chanswitch(struct ieee80211_sub_if_data *sdata,
				      struct ieee80211_channel_sw_ie *sw_elem,
				      struct ieee80211_bss *bss)
{
	struct ieee80211_channel *new_ch;
	struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
	int new_freq = ieee80211_channel_to_frequency(sw_elem->new_ch_num);

	if (ifmgd->state != IEEE80211_STA_MLME_ASSOCIATED)
		return;

	if (sdata->local->sw_scanning || sdata->local->hw_scanning)
		return;

	/* Disregard subsequent beacons if we are already running a timer
	   processing a CSA */

	if (ifmgd->flags & IEEE80211_STA_CSA_RECEIVED)
		return;

	new_ch = ieee80211_get_channel(sdata->local->hw.wiphy, new_freq);
	if (!new_ch || new_ch->flags & IEEE80211_CHAN_DISABLED)
		return;

	sdata->local->csa_channel = new_ch;

	if (sw_elem->count <= 1) {
		queue_work(sdata->local->hw.workqueue, &ifmgd->chswitch_work);
	} else {
		ieee80211_stop_queues_by_reason(&sdata->local->hw,
					IEEE80211_QUEUE_STOP_REASON_CSA);
		ifmgd->flags |= IEEE80211_STA_CSA_RECEIVED;
		mod_timer(&ifmgd->chswitch_timer,
			  jiffies +
			  msecs_to_jiffies(sw_elem->count *
					   bss->cbss.beacon_interval));
	}
}

static void ieee80211_handle_pwr_constr(struct ieee80211_sub_if_data *sdata,
					u16 capab_info, u8 *pwr_constr_elem,
					u8 pwr_constr_elem_len)
{
	struct ieee80211_conf *conf = &sdata->local->hw.conf;

	if (!(capab_info & WLAN_CAPABILITY_SPECTRUM_MGMT))
		return;

	/* Power constraint IE length should be 1 octet */
	if (pwr_constr_elem_len != 1)
		return;

	if ((*pwr_constr_elem <= conf->channel->max_power) &&
	    (*pwr_constr_elem != sdata->local->power_constr_level)) {
		sdata->local->power_constr_level = *pwr_constr_elem;
		ieee80211_hw_config(sdata->local, 0);
	}
}

594
595
596
597
598
599
/* powersave */
static void ieee80211_enable_ps(struct ieee80211_local *local,
				struct ieee80211_sub_if_data *sdata)
{
	struct ieee80211_conf *conf = &local->hw.conf;

Johannes Berg's avatar
Johannes Berg committed
600
601
602
603
604
605
606
	/*
	 * If we are scanning right now then the parameters will
	 * take effect when scan finishes.
	 */
	if (local->hw_scanning || local->sw_scanning)
		return;

607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
	if (conf->dynamic_ps_timeout > 0 &&
	    !(local->hw.flags & IEEE80211_HW_SUPPORTS_DYNAMIC_PS)) {
		mod_timer(&local->dynamic_ps_timer, jiffies +
			  msecs_to_jiffies(conf->dynamic_ps_timeout));
	} else {
		if (local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK)
			ieee80211_send_nullfunc(local, sdata, 1);
		conf->flags |= IEEE80211_CONF_PS;
		ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS);
	}
}

static void ieee80211_change_ps(struct ieee80211_local *local)
{
	struct ieee80211_conf *conf = &local->hw.conf;

	if (local->ps_sdata) {
		ieee80211_enable_ps(local, local->ps_sdata);
	} else if (conf->flags & IEEE80211_CONF_PS) {
		conf->flags &= ~IEEE80211_CONF_PS;
		ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS);
		del_timer_sync(&local->dynamic_ps_timer);
		cancel_work_sync(&local->dynamic_ps_enable_work);
	}
}

/* need to hold RTNL or interface lock */
634
void ieee80211_recalc_ps(struct ieee80211_local *local, s32 latency)
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
{
	struct ieee80211_sub_if_data *sdata, *found = NULL;
	int count = 0;

	if (!(local->hw.flags & IEEE80211_HW_SUPPORTS_PS)) {
		local->ps_sdata = NULL;
		return;
	}

	list_for_each_entry(sdata, &local->interfaces, list) {
		if (!netif_running(sdata->dev))
			continue;
		if (sdata->vif.type != NL80211_IFTYPE_STATION)
			continue;
		found = sdata;
		count++;
	}

653
654
	if (count == 1 && found->u.mgd.powersave &&
	    (found->u.mgd.flags & IEEE80211_STA_ASSOCIATED)) {
655
656
657
658
659
660
661
662
		s32 beaconint_us;

		if (latency < 0)
			latency = pm_qos_requirement(PM_QOS_NETWORK_LATENCY);

		beaconint_us = ieee80211_tu_to_usec(
					found->vif.bss_conf.beacon_int);

663
		if (beaconint_us > latency) {
664
			local->ps_sdata = NULL;
665
666
667
668
669
670
671
672
		} else {
			u8 dtimper = found->vif.bss_conf.dtim_period;
			int maxslp = 1;

			if (dtimper > 1)
				maxslp = min_t(int, dtimper,
						    latency / beaconint_us);

673
			local->hw.conf.max_sleep_period = maxslp;
674
			local->ps_sdata = found;
675
		}
676
	} else {
677
		local->ps_sdata = NULL;
678
	}
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722

	ieee80211_change_ps(local);
}

void ieee80211_dynamic_ps_disable_work(struct work_struct *work)
{
	struct ieee80211_local *local =
		container_of(work, struct ieee80211_local,
			     dynamic_ps_disable_work);

	if (local->hw.conf.flags & IEEE80211_CONF_PS) {
		local->hw.conf.flags &= ~IEEE80211_CONF_PS;
		ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS);
	}

	ieee80211_wake_queues_by_reason(&local->hw,
					IEEE80211_QUEUE_STOP_REASON_PS);
}

void ieee80211_dynamic_ps_enable_work(struct work_struct *work)
{
	struct ieee80211_local *local =
		container_of(work, struct ieee80211_local,
			     dynamic_ps_enable_work);
	struct ieee80211_sub_if_data *sdata = local->ps_sdata;

	/* can only happen when PS was just disabled anyway */
	if (!sdata)
		return;

	if (local->hw.conf.flags & IEEE80211_CONF_PS)
		return;

	if (local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK)
		ieee80211_send_nullfunc(local, sdata, 1);

	local->hw.conf.flags |= IEEE80211_CONF_PS;
	ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS);
}

void ieee80211_dynamic_ps_timer(unsigned long data)
{
	struct ieee80211_local *local = (void *) data;

723
724
725
	if (local->quiescing)
		return;

726
727
728
	queue_work(local->hw.workqueue, &local->dynamic_ps_enable_work);
}

Johannes Berg's avatar
Johannes Berg committed
729
/* MLME */
730
static void ieee80211_sta_wmm_params(struct ieee80211_local *local,
731
				     struct ieee80211_if_managed *ifmgd,
732
733
734
735
736
737
738
				     u8 *wmm_param, size_t wmm_param_len)
{
	struct ieee80211_tx_queue_params params;
	size_t left;
	int count;
	u8 *pos;

739
	if (!(ifmgd->flags & IEEE80211_STA_WMM_ENABLED))
740
741
742
743
744
		return;

	if (!wmm_param)
		return;

745
746
747
	if (wmm_param_len < 8 || wmm_param[5] /* version */ != 1)
		return;
	count = wmm_param[6] & 0x0f;
748
	if (count == ifmgd->wmm_last_param_set)
749
		return;
750
	ifmgd->wmm_last_param_set = count;
751
752
753
754
755
756
757
758
759
760
761
762
763

	pos = wmm_param + 8;
	left = wmm_param_len - 8;

	memset(&params, 0, sizeof(params));

	local->wmm_acm = 0;
	for (; left >= 4; left -= 4, pos += 4) {
		int aci = (pos[0] >> 5) & 0x03;
		int acm = (pos[0] >> 4) & 0x01;
		int queue;

		switch (aci) {
764
		case 1: /* AC_BK */
Johannes Berg's avatar
Johannes Berg committed
765
			queue = 3;
Johannes Berg's avatar
Johannes Berg committed
766
			if (acm)
767
				local->wmm_acm |= BIT(1) | BIT(2); /* BK/- */
768
			break;
769
		case 2: /* AC_VI */
Johannes Berg's avatar
Johannes Berg committed
770
			queue = 1;
Johannes Berg's avatar
Johannes Berg committed
771
			if (acm)
772
				local->wmm_acm |= BIT(4) | BIT(5); /* CL/VI */
773
			break;
774
		case 3: /* AC_VO */
Johannes Berg's avatar
Johannes Berg committed
775
			queue = 0;
Johannes Berg's avatar
Johannes Berg committed
776
			if (acm)
777
				local->wmm_acm |= BIT(6) | BIT(7); /* VO/NC */
778
			break;
779
		case 0: /* AC_BE */
780
		default:
Johannes Berg's avatar
Johannes Berg committed
781
			queue = 2;
Johannes Berg's avatar
Johannes Berg committed
782
			if (acm)
783
				local->wmm_acm |= BIT(0) | BIT(3); /* BE/EE */
784
785
786
787
788
789
			break;
		}

		params.aifs = pos[0] & 0x0f;
		params.cw_max = ecw2cw((pos[1] & 0xf0) >> 4);
		params.cw_min = ecw2cw(pos[1] & 0x0f);
790
		params.txop = get_unaligned_le16(pos + 2);
791
#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
792
		printk(KERN_DEBUG "%s: WMM queue=%d aci=%d acm=%d aifs=%d "
793
		       "cWmin=%d cWmax=%d txop=%d\n",
794
795
		       wiphy_name(local->hw.wiphy), queue, aci, acm,
		       params.aifs, params.cw_min, params.cw_max, params.txop);
796
#endif
797
		if (drv_conf_tx(local, queue, &params) && local->ops->conf_tx)
798
			printk(KERN_DEBUG "%s: failed to set TX queue "
799
800
			       "parameters for queue %d\n",
			       wiphy_name(local->hw.wiphy), queue);
801
802
803
	}
}

804
805
static u32 ieee80211_handle_bss_capability(struct ieee80211_sub_if_data *sdata,
					   u16 capab, bool erp_valid, u8 erp)
806
{
807
	struct ieee80211_bss_conf *bss_conf = &sdata->vif.bss_conf;
808
#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
809
	struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
810
#endif
811
	u32 changed = 0;
812
813
814
815
816
817
818
819
820
821
822
823
824
	bool use_protection;
	bool use_short_preamble;
	bool use_short_slot;

	if (erp_valid) {
		use_protection = (erp & WLAN_ERP_USE_PROTECTION) != 0;
		use_short_preamble = (erp & WLAN_ERP_BARKER_PREAMBLE) == 0;
	} else {
		use_protection = false;
		use_short_preamble = !!(capab & WLAN_CAPABILITY_SHORT_PREAMBLE);
	}

	use_short_slot = !!(capab & WLAN_CAPABILITY_SHORT_SLOT_TIME);
825

826
	if (use_protection != bss_conf->use_cts_prot) {
827
#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
828
		if (net_ratelimit()) {
829
			printk(KERN_DEBUG "%s: CTS protection %s (BSSID=%pM)\n",
830
			       sdata->dev->name,
831
			       use_protection ? "enabled" : "disabled",
832
			       ifmgd->bssid);
833
		}
834
#endif
835
836
		bss_conf->use_cts_prot = use_protection;
		changed |= BSS_CHANGED_ERP_CTS_PROT;
837
	}
838

839
	if (use_short_preamble != bss_conf->use_short_preamble) {
840
#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
841
842
		if (net_ratelimit()) {
			printk(KERN_DEBUG "%s: switched to %s barker preamble"
843
			       " (BSSID=%pM)\n",
844
			       sdata->dev->name,
845
			       use_short_preamble ? "short" : "long",
846
			       ifmgd->bssid);
847
		}
848
#endif
849
		bss_conf->use_short_preamble = use_short_preamble;
850
		changed |= BSS_CHANGED_ERP_PREAMBLE;
851
	}
852

853
854
855
	if (use_short_slot != bss_conf->use_short_slot) {
#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
		if (net_ratelimit()) {
856
857
			printk(KERN_DEBUG "%s: switched to %s slot time"
			       " (BSSID=%pM)\n",
858
859
			       sdata->dev->name,
			       use_short_slot ? "short" : "long",
860
			       ifmgd->bssid);
861
862
863
864
		}
#endif
		bss_conf->use_short_slot = use_short_slot;
		changed |= BSS_CHANGED_ERP_SLOT;
865
866
867
868
869
	}

	return changed;
}

870
static void ieee80211_sta_send_apinfo(struct ieee80211_sub_if_data *sdata)
871
872
{
	union iwreq_data wrqu;
873

874
	memset(&wrqu, 0, sizeof(wrqu));
875
876
	if (sdata->u.mgd.flags & IEEE80211_STA_ASSOCIATED)
		memcpy(wrqu.ap_addr.sa_data, sdata->u.mgd.bssid, ETH_ALEN);
877
878
879
880
	wrqu.ap_addr.sa_family = ARPHRD_ETHER;
	wireless_send_event(sdata->dev, SIOCGIWAP, &wrqu, NULL);
}

881
static void ieee80211_sta_send_associnfo(struct ieee80211_sub_if_data *sdata)
882
{
883
	struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
884
885
886
	char *buf;
	size_t len;
	int i;
887
888
	union iwreq_data wrqu;

889
	if (!ifmgd->assocreq_ies && !ifmgd->assocresp_ies)
890
891
		return;

892
893
	buf = kmalloc(50 + 2 * (ifmgd->assocreq_ies_len +
				ifmgd->assocresp_ies_len), GFP_KERNEL);
894
895
896
897
	if (!buf)
		return;

	len = sprintf(buf, "ASSOCINFO(");
898
	if (ifmgd->assocreq_ies) {
899
		len += sprintf(buf + len, "ReqIEs=");
900
		for (i = 0; i < ifmgd->assocreq_ies_len; i++) {
901
			len += sprintf(buf + len, "%02x",
902
				       ifmgd->assocreq_ies[i]);
903
		}
904
	}
905
906
	if (ifmgd->assocresp_ies) {
		if (ifmgd->assocreq_ies)
907
908
			len += sprintf(buf + len, " ");
		len += sprintf(buf + len, "RespIEs=");
909
		for (i = 0; i < ifmgd->assocresp_ies_len; i++) {
910
			len += sprintf(buf + len, "%02x",
911
				       ifmgd->assocresp_ies[i]);
912
		}
913
	}
914
915
916
917
	len += sprintf(buf + len, ")");

	if (len > IW_CUSTOM_MAX) {
		len = sprintf(buf, "ASSOCRESPIE=");
918
		for (i = 0; i < ifmgd->assocresp_ies_len; i++) {
919
			len += sprintf(buf + len, "%02x",
920
				       ifmgd->assocresp_ies[i]);
921
922
923
		}
	}

924
925
926
927
928
	if (len <= IW_CUSTOM_MAX) {
		memset(&wrqu, 0, sizeof(wrqu));
		wrqu.data.length = len;
		wireless_send_event(sdata->dev, IWEVCUSTOM, &wrqu, buf);
	}
929
930

	kfree(buf);
931
932
933
}


934
static void ieee80211_set_associated(struct ieee80211_sub_if_data *sdata,
Johannes Berg's avatar
Johannes Berg committed
935
				     u32 bss_info_changed)
936
{
937
	struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
938
	struct ieee80211_local *local = sdata->local;
Tomas Winkler's avatar
Tomas Winkler committed
939
	struct ieee80211_conf *conf = &local_to_hw(local)->conf;
940

941
	struct ieee80211_bss *bss;
942

Johannes Berg's avatar
Johannes Berg committed
943
	bss_info_changed |= BSS_CHANGED_ASSOC;
944
	ifmgd->flags |= IEEE80211_STA_ASSOCIATED;
945

946
	bss = ieee80211_rx_bss_get(local, ifmgd->bssid,
947
				   conf->channel->center_freq,
948
				   ifmgd->ssid, ifmgd->ssid_len);
949
950
	if (bss) {
		/* set timing information */
951
952
		sdata->vif.bss_conf.beacon_int = bss->cbss.beacon_interval;
		sdata->vif.bss_conf.timestamp = bss->cbss.tsf;
953
		sdata->vif.bss_conf.dtim_period = bss->dtim_period;
954

955
		bss_info_changed |= BSS_CHANGED_BEACON_INT;
Johannes Berg's avatar
Johannes Berg committed
956
		bss_info_changed |= ieee80211_handle_bss_capability(sdata,
957
			bss->cbss.capability, bss->has_erp_value, bss->erp_value);
958

959
960
		cfg80211_hold_bss(&bss->cbss);

961
		ieee80211_rx_bss_put(local, bss);
962
963
	}

964
965
966
	ifmgd->flags |= IEEE80211_STA_PREV_BSSID_SET;
	memcpy(ifmgd->prev_bssid, sdata->u.mgd.bssid, ETH_ALEN);
	ieee80211_sta_send_associnfo(sdata);
967

968
	ifmgd->last_probe = jiffies;
969
	ieee80211_led_assoc(local, 1);
970

971
	sdata->vif.bss_conf.assoc = 1;
972
973
974
975
976
	/*
	 * For now just always ask the driver to update the basic rateset
	 * when we have associated, we aren't checking whether it actually
	 * changed or not.
	 */
Johannes Berg's avatar
Johannes Berg committed
977
	bss_info_changed |= BSS_CHANGED_BASIC_RATES;
978
979
980
981

	/* And the BSSID changed - we're associated now */
	bss_info_changed |= BSS_CHANGED_BSSID;

Johannes Berg's avatar
Johannes Berg committed
982
	ieee80211_bss_info_change_notify(sdata, bss_info_changed);
983

984
	/* will be same as sdata */
985
986
987
988
989
	if (local->ps_sdata) {
		mutex_lock(&local->iflist_mtx);
		ieee80211_recalc_ps(local, -1);
		mutex_unlock(&local->iflist_mtx);
	}
990

991
992
	netif_tx_start_all_queues(sdata->dev);
	netif_carrier_on(sdata->dev);
993

994
	ieee80211_sta_send_apinfo(sdata);
995
996
}

997
static void ieee80211_direct_probe(struct ieee80211_sub_if_data *sdata)
998
{
999
	struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1000
	struct ieee80211_local *local = sdata->local;
1001
1002
1003

	ifmgd->direct_probe_tries++;
	if (ifmgd->direct_probe_tries > IEEE80211_AUTH_MAX_TRIES) {
1004
		printk(KERN_DEBUG "%s: direct probe to AP %pM timed out\n",
1005
1006
		       sdata->dev->name, ifmgd->bssid);
		ifmgd->state = IEEE80211_STA_MLME_DISABLED;
1007
		ieee80211_recalc_idle(local);
1008
		cfg80211_send_auth_timeout(sdata->dev, ifmgd->bssid);
1009
1010
1011
1012
1013

		/*
		 * Most likely AP is not in the range so remove the
		 * bss information associated to the AP
		 */
1014
		ieee80211_rx_bss_remove(sdata, ifmgd->bssid,
1015
				sdata->local->hw.conf.channel->center_freq,
1016
				ifmgd->ssid, ifmgd->ssid_len);
1017
1018
1019
1020
1021
1022
1023

		/*
		 * We might have a pending scan which had no chance to run yet
		 * due to state == IEEE80211_STA_MLME_DIRECT_PROBE.
		 * Hence, queue the STAs work again
		 */
		queue_work(local->hw.workqueue, &ifmgd->work);
1024
1025
1026
		return;
	}

1027
	printk(KERN_DEBUG "%s: direct probe to AP %pM try %d\n",
1028
1029
			sdata->dev->name, ifmgd->bssid,
			ifmgd->direct_probe_tries);
1030

1031
	ifmgd->state = IEEE80211_STA_MLME_DIRECT_PROBE;
1032

1033
1034
1035
1036
	/* Direct probe is sent to broadcast address as some APs
	 * will not answer to direct packet in unassociated state.
	 */
	ieee80211_send_probe_req(sdata, NULL,
1037
				 ifmgd->ssid, ifmgd->ssid_len, NULL, 0);
1038

1039
	mod_timer(&ifmgd->timer, jiffies + IEEE80211_AUTH_TIMEOUT);
Johannes Berg's avatar
Johannes Berg committed
1040
}
1041

1042

1043
static void ieee80211_authenticate(struct ieee80211_sub_if_data *sdata)
1044
{
1045
	struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1046
	struct ieee80211_local *local = sdata->local;
1047
1048
	u8 *ies;
	size_t ies_len;
1049
1050
1051

	ifmgd->auth_tries++;
	if (ifmgd->auth_tries > IEEE80211_AUTH_MAX_TRIES) {
1052
		printk(KERN_DEBUG "%s: authentication with AP %pM"
1053
		       " timed out\n",
1054
1055
		       sdata->dev->name, ifmgd->bssid);
		ifmgd->state = IEEE80211_STA_MLME_DISABLED;
1056
		ieee80211_recalc_idle(local);
1057
		cfg80211_send_auth_timeout(sdata->dev, ifmgd->bssid);
1058
		ieee80211_rx_bss_remove(sdata, ifmgd->bssid,
1059
				sdata->local->hw.conf.channel->center_freq,
1060
				ifmgd->ssid, ifmgd->ssid_len);
1061
1062
1063
1064
1065
1066
1067

		/*
		 * We might have a pending scan which had no chance to run yet
		 * due to state == IEEE80211_STA_MLME_AUTHENTICATE.
		 * Hence, queue the STAs work again
		 */
		queue_work(local->hw.workqueue, &ifmgd->work);
1068
1069
1070
		return;
	}

1071
	ifmgd->state = IEEE80211_STA_MLME_AUTHENTICATE;
1072
	printk(KERN_DEBUG "%s: authenticate with AP %pM\n",
1073
	       sdata->dev->name, ifmgd->bssid);
1074

1075
1076
1077
1078
1079
1080
1081