mlme.c 71.2 KB
Newer Older
1
2
/*
 * BSS client mode implementation
3
 * Copyright 2003-2008, Jouni Malinen <j@w1.fi>
4
5
6
7
8
9
10
11
12
13
 * Copyright 2004, Instant802 Networks, Inc.
 * Copyright 2005, Devicescape Software, Inc.
 * Copyright 2006-2007	Jiri Benc <jbenc@suse.cz>
 * Copyright 2007, Michael Wu <flamingice@sourmilk.net>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License version 2 as
 * published by the Free Software Foundation.
 */

14
#include <linux/delay.h>
15
16
17
18
#include <linux/if_ether.h>
#include <linux/skbuff.h>
#include <linux/if_arp.h>
#include <linux/etherdevice.h>
19
#include <linux/rtnetlink.h>
20
#include <linux/pm_qos_params.h>
21
#include <linux/crc32.h>
22
#include <net/mac80211.h>
23
#include <asm/unaligned.h>
Johannes Berg's avatar
Johannes Berg committed
24

25
#include "ieee80211_i.h"
26
#include "driver-ops.h"
Johannes Berg's avatar
Johannes Berg committed
27
28
#include "rate.h"
#include "led.h"
29

30
#define IEEE80211_ASSOC_SCANS_MAX_TRIES 2
31
32
33
34
35
#define IEEE80211_AUTH_TIMEOUT (HZ / 5)
#define IEEE80211_AUTH_MAX_TRIES 3
#define IEEE80211_ASSOC_TIMEOUT (HZ / 5)
#define IEEE80211_ASSOC_MAX_TRIES 3
#define IEEE80211_MONITORING_INTERVAL (2 * HZ)
36
#define IEEE80211_PROBE_WAIT (HZ / 5)
37
#define IEEE80211_PROBE_IDLE_TIME (60 * HZ)
38
39
#define IEEE80211_RETRY_AUTH_INTERVAL (1 * HZ)

40
41
42
#define TMR_RUNNING_TIMER	0
#define TMR_RUNNING_CHANSW	1

43
44
/* utils */
static int ecw2cw(int ecw)
Johannes Berg's avatar
Johannes Berg committed
45
{
46
	return (1 << ecw) - 1;
Johannes Berg's avatar
Johannes Berg committed
47
48
}

49
static u8 *ieee80211_bss_get_ie(struct ieee80211_bss *bss, u8 ie)
50
51
52
{
	u8 *end, *pos;

53
	pos = bss->cbss.information_elements;
54
55
	if (pos == NULL)
		return NULL;
56
	end = pos + bss->cbss.len_information_elements;
57
58
59
60
61
62
63
64
65
66
67
68

	while (pos + 1 < end) {
		if (pos + 2 + pos[1] > end)
			break;
		if (pos[0] == ie)
			return pos;
		pos += 2 + pos[1];
	}

	return NULL;
}

69
static int ieee80211_compatible_rates(struct ieee80211_bss *bss,
70
				      struct ieee80211_supported_band *sband,
71
				      u32 *rates)
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
{
	int i, j, count;
	*rates = 0;
	count = 0;
	for (i = 0; i < bss->supp_rates_len; i++) {
		int rate = (bss->supp_rates[i] & 0x7F) * 5;

		for (j = 0; j < sband->n_bitrates; j++)
			if (sband->bitrates[j].bitrate == rate) {
				*rates |= BIT(j);
				count++;
				break;
			}
	}

	return count;
}

90
91
92
93
94
95
96
97
98
99
100
101
102
103
/*
 * ieee80211_enable_ht should be called only after the operating band
 * has been determined as ht configuration depends on the hw's
 * HT abilities for a specific band.
 */
static u32 ieee80211_enable_ht(struct ieee80211_sub_if_data *sdata,
			       struct ieee80211_ht_info *hti,
			       u16 ap_ht_cap_flags)
{
	struct ieee80211_local *local = sdata->local;
	struct ieee80211_supported_band *sband;
	struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
	struct sta_info *sta;
	u32 changed = 0;
104
	u16 ht_opmode;
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
	bool enable_ht = true, ht_changed;
	enum nl80211_channel_type channel_type = NL80211_CHAN_NO_HT;

	sband = local->hw.wiphy->bands[local->hw.conf.channel->band];

	/* HT is not supported */
	if (!sband->ht_cap.ht_supported)
		enable_ht = false;

	/* check that channel matches the right operating channel */
	if (local->hw.conf.channel->center_freq !=
	    ieee80211_channel_to_frequency(hti->control_chan))
		enable_ht = false;

	if (enable_ht) {
		channel_type = NL80211_CHAN_HT20;

		if (!(ap_ht_cap_flags & IEEE80211_HT_CAP_40MHZ_INTOLERANT) &&
		    (sband->ht_cap.cap & IEEE80211_HT_CAP_SUP_WIDTH_20_40) &&
		    (hti->ht_param & IEEE80211_HT_PARAM_CHAN_WIDTH_ANY)) {
			switch(hti->ht_param & IEEE80211_HT_PARAM_CHA_SEC_OFFSET) {
			case IEEE80211_HT_PARAM_CHA_SEC_ABOVE:
127
128
129
				if (!(local->hw.conf.channel->flags &
				    IEEE80211_CHAN_NO_HT40PLUS))
					channel_type = NL80211_CHAN_HT40PLUS;
130
131
				break;
			case IEEE80211_HT_PARAM_CHA_SEC_BELOW:
132
133
134
				if (!(local->hw.conf.channel->flags &
				    IEEE80211_CHAN_NO_HT40MINUS))
					channel_type = NL80211_CHAN_HT40MINUS;
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
				break;
			}
		}
	}

	ht_changed = conf_is_ht(&local->hw.conf) != enable_ht ||
		     channel_type != local->hw.conf.channel_type;

	local->oper_channel_type = channel_type;

	if (ht_changed) {
                /* channel_type change automatically detected */
		ieee80211_hw_config(local, 0);

		rcu_read_lock();

		sta = sta_info_get(local, ifmgd->bssid);
		if (sta)
			rate_control_rate_update(local, sband, sta,
						 IEEE80211_RC_HT_CHANGED);

		rcu_read_unlock();
        }

	/* disable HT */
	if (!enable_ht)
		return 0;

163
	ht_opmode = le16_to_cpu(hti->operation_mode);
164
165

	/* if bss configuration changed store the new one */
166
167
	if (!sdata->ht_opmode_valid ||
	    sdata->vif.bss_conf.ht_operation_mode != ht_opmode) {
168
		changed |= BSS_CHANGED_HT;
169
		sdata->vif.bss_conf.ht_operation_mode = ht_opmode;
170
		sdata->ht_opmode_valid = true;
171
172
173
174
175
	}

	return changed;
}

176
177
/* frame sending functions */

178
static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata)
179
{
180
	struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
181
182
183
	struct ieee80211_local *local = sdata->local;
	struct sk_buff *skb;
	struct ieee80211_mgmt *mgmt;
184
	u8 *pos, *ies, *ht_ie;
185
186
	int i, len, count, rates_len, supp_rates_len;
	u16 capab;
187
	struct ieee80211_bss *bss;
188
189
	int wmm = 0;
	struct ieee80211_supported_band *sband;
190
	u32 rates = 0;
191
192

	skb = dev_alloc_skb(local->hw.extra_tx_headroom +
193
			    sizeof(*mgmt) + 200 + ifmgd->extra_ie_len +
194
			    ifmgd->ssid_len);
195
196
197
198
199
200
201
202
203
	if (!skb) {
		printk(KERN_DEBUG "%s: failed to allocate buffer for assoc "
		       "frame\n", sdata->dev->name);
		return;
	}
	skb_reserve(skb, local->hw.extra_tx_headroom);

	sband = local->hw.wiphy->bands[local->hw.conf.channel->band];

204
	capab = ifmgd->capab;
205
206
207
208
209
210
211
212

	if (local->hw.conf.channel->band == IEEE80211_BAND_2GHZ) {
		if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_SLOT_INCAPABLE))
			capab |= WLAN_CAPABILITY_SHORT_SLOT_TIME;
		if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_PREAMBLE_INCAPABLE))
			capab |= WLAN_CAPABILITY_SHORT_PREAMBLE;
	}

213
	bss = ieee80211_rx_bss_get(local, ifmgd->bssid,
214
				   local->hw.conf.channel->center_freq,
215
				   ifmgd->ssid, ifmgd->ssid_len);
216
	if (bss) {
217
		if (bss->cbss.capability & WLAN_CAPABILITY_PRIVACY)
218
219
220
221
222
223
224
225
226
227
			capab |= WLAN_CAPABILITY_PRIVACY;
		if (bss->wmm_used)
			wmm = 1;

		/* get all rates supported by the device and the AP as
		 * some APs don't like getting a superset of their rates
		 * in the association request (e.g. D-Link DAP 1353 in
		 * b-only mode) */
		rates_len = ieee80211_compatible_rates(bss, sband, &rates);

228
		if ((bss->cbss.capability & WLAN_CAPABILITY_SPECTRUM_MGMT) &&
229
230
231
232
233
234
235
236
237
238
239
		    (local->hw.flags & IEEE80211_HW_SPECTRUM_MGMT))
			capab |= WLAN_CAPABILITY_SPECTRUM_MGMT;

		ieee80211_rx_bss_put(local, bss);
	} else {
		rates = ~0;
		rates_len = sband->n_bitrates;
	}

	mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
	memset(mgmt, 0, 24);
240
	memcpy(mgmt->da, ifmgd->bssid, ETH_ALEN);
241
	memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
242
	memcpy(mgmt->bssid, ifmgd->bssid, ETH_ALEN);
243

244
	if (ifmgd->flags & IEEE80211_STA_PREV_BSSID_SET) {
245
246
247
248
249
250
		skb_put(skb, 10);
		mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
						  IEEE80211_STYPE_REASSOC_REQ);
		mgmt->u.reassoc_req.capab_info = cpu_to_le16(capab);
		mgmt->u.reassoc_req.listen_interval =
				cpu_to_le16(local->hw.conf.listen_interval);
251
		memcpy(mgmt->u.reassoc_req.current_ap, ifmgd->prev_bssid,
252
253
254
255
256
257
		       ETH_ALEN);
	} else {
		skb_put(skb, 4);
		mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
						  IEEE80211_STYPE_ASSOC_REQ);
		mgmt->u.assoc_req.capab_info = cpu_to_le16(capab);
258
		mgmt->u.assoc_req.listen_interval =
259
260
261
262
				cpu_to_le16(local->hw.conf.listen_interval);
	}

	/* SSID */
263
	ies = pos = skb_put(skb, 2 + ifmgd->ssid_len);
264
	*pos++ = WLAN_EID_SSID;
265
266
	*pos++ = ifmgd->ssid_len;
	memcpy(pos, ifmgd->ssid, ifmgd->ssid_len);
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320

	/* add all rates which were marked to be used above */
	supp_rates_len = rates_len;
	if (supp_rates_len > 8)
		supp_rates_len = 8;

	len = sband->n_bitrates;
	pos = skb_put(skb, supp_rates_len + 2);
	*pos++ = WLAN_EID_SUPP_RATES;
	*pos++ = supp_rates_len;

	count = 0;
	for (i = 0; i < sband->n_bitrates; i++) {
		if (BIT(i) & rates) {
			int rate = sband->bitrates[i].bitrate;
			*pos++ = (u8) (rate / 5);
			if (++count == 8)
				break;
		}
	}

	if (rates_len > count) {
		pos = skb_put(skb, rates_len - count + 2);
		*pos++ = WLAN_EID_EXT_SUPP_RATES;
		*pos++ = rates_len - count;

		for (i++; i < sband->n_bitrates; i++) {
			if (BIT(i) & rates) {
				int rate = sband->bitrates[i].bitrate;
				*pos++ = (u8) (rate / 5);
			}
		}
	}

	if (capab & WLAN_CAPABILITY_SPECTRUM_MGMT) {
		/* 1. power capabilities */
		pos = skb_put(skb, 4);
		*pos++ = WLAN_EID_PWR_CAPABILITY;
		*pos++ = 2;
		*pos++ = 0; /* min tx power */
		*pos++ = local->hw.conf.channel->max_power; /* max tx power */

		/* 2. supported channels */
		/* TODO: get this in reg domain format */
		pos = skb_put(skb, 2 * sband->n_channels + 2);
		*pos++ = WLAN_EID_SUPPORTED_CHANNELS;
		*pos++ = 2 * sband->n_channels;
		for (i = 0; i < sband->n_channels; i++) {
			*pos++ = ieee80211_frequency_to_channel(
					sband->channels[i].center_freq);
			*pos++ = 1; /* one channel in the subband*/
		}
	}

321
322
323
	if (ifmgd->extra_ie) {
		pos = skb_put(skb, ifmgd->extra_ie_len);
		memcpy(pos, ifmgd->extra_ie, ifmgd->extra_ie_len);
324
325
	}

326
	if (wmm && (ifmgd->flags & IEEE80211_STA_WMM_ENABLED)) {
327
328
329
330
331
332
333
334
335
336
337
338
339
		pos = skb_put(skb, 9);
		*pos++ = WLAN_EID_VENDOR_SPECIFIC;
		*pos++ = 7; /* len */
		*pos++ = 0x00; /* Microsoft OUI 00:50:F2 */
		*pos++ = 0x50;
		*pos++ = 0xf2;
		*pos++ = 2; /* WME */
		*pos++ = 0; /* WME info */
		*pos++ = 1; /* WME ver */
		*pos++ = 0;
	}

	/* wmm support is a must to HT */
340
341
342
343
344
345
	/*
	 * IEEE802.11n does not allow TKIP/WEP as pairwise
	 * ciphers in HT mode. We still associate in non-ht
	 * mode (11a/b/g) if any one of these ciphers is
	 * configured as pairwise.
	 */
346
	if (wmm && (ifmgd->flags & IEEE80211_STA_WMM_ENABLED) &&
347
348
	    sband->ht_cap.ht_supported &&
	    (ht_ie = ieee80211_bss_get_ie(bss, WLAN_EID_HT_INFORMATION)) &&
349
	    ht_ie[1] >= sizeof(struct ieee80211_ht_info) &&
350
	    (!(ifmgd->flags & IEEE80211_STA_TKIP_WEP_USED))) {
351
352
353
		struct ieee80211_ht_info *ht_info =
			(struct ieee80211_ht_info *)(ht_ie + 2);
		u16 cap = sband->ht_cap.cap;
354
355
356
		__le16 tmp;
		u32 flags = local->hw.conf.channel->flags;

357
358
		switch (ht_info->ht_param & IEEE80211_HT_PARAM_CHA_SEC_OFFSET) {
		case IEEE80211_HT_PARAM_CHA_SEC_ABOVE:
359
			if (flags & IEEE80211_CHAN_NO_HT40PLUS) {
360
				cap &= ~IEEE80211_HT_CAP_SUP_WIDTH_20_40;
361
362
363
				cap &= ~IEEE80211_HT_CAP_SGI_40;
			}
			break;
364
		case IEEE80211_HT_PARAM_CHA_SEC_BELOW:
365
			if (flags & IEEE80211_CHAN_NO_HT40MINUS) {
366
				cap &= ~IEEE80211_HT_CAP_SUP_WIDTH_20_40;
367
368
369
370
371
372
373
374
375
376
377
378
379
				cap &= ~IEEE80211_HT_CAP_SGI_40;
			}
			break;
		}

		tmp = cpu_to_le16(cap);
		pos = skb_put(skb, sizeof(struct ieee80211_ht_cap)+2);
		*pos++ = WLAN_EID_HT_CAPABILITY;
		*pos++ = sizeof(struct ieee80211_ht_cap);
		memset(pos, 0, sizeof(struct ieee80211_ht_cap));
		memcpy(pos, &tmp, sizeof(u16));
		pos += sizeof(u16);
		/* TODO: needs a define here for << 2 */
380
381
382
		*pos++ = sband->ht_cap.ampdu_factor |
			 (sband->ht_cap.ampdu_density << 2);
		memcpy(pos, &sband->ht_cap.mcs, sizeof(sband->ht_cap.mcs));
383
384
	}

385
386
387
388
389
	kfree(ifmgd->assocreq_ies);
	ifmgd->assocreq_ies_len = (skb->data + skb->len) - ies;
	ifmgd->assocreq_ies = kmalloc(ifmgd->assocreq_ies_len, GFP_KERNEL);
	if (ifmgd->assocreq_ies)
		memcpy(ifmgd->assocreq_ies, ies, ifmgd->assocreq_ies_len);
390

391
	ieee80211_tx_skb(sdata, skb, 0);
392
393
394
}


395
396
static void ieee80211_send_deauth_disassoc(struct ieee80211_sub_if_data *sdata,
					   u16 stype, u16 reason)
397
398
{
	struct ieee80211_local *local = sdata->local;
399
	struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
400
401
	struct sk_buff *skb;
	struct ieee80211_mgmt *mgmt;
402

403
	skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*mgmt));
404
	if (!skb) {
405
406
		printk(KERN_DEBUG "%s: failed to allocate buffer for "
		       "deauth/disassoc frame\n", sdata->dev->name);
407
408
409
410
411
412
		return;
	}
	skb_reserve(skb, local->hw.extra_tx_headroom);

	mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
	memset(mgmt, 0, 24);
413
	memcpy(mgmt->da, ifmgd->bssid, ETH_ALEN);
414
	memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
415
	memcpy(mgmt->bssid, ifmgd->bssid, ETH_ALEN);
416
	mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | stype);
417
	skb_put(skb, 2);
418
	/* u.deauth.reason_code == u.disassoc.reason_code */
419
420
	mgmt->u.deauth.reason_code = cpu_to_le16(reason);

421
422
423
424
	if (stype == IEEE80211_STYPE_DEAUTH)
		cfg80211_send_deauth(sdata->dev, (u8 *) mgmt, skb->len);
	else
		cfg80211_send_disassoc(sdata->dev, (u8 *) mgmt, skb->len);
425
	ieee80211_tx_skb(sdata, skb, ifmgd->flags & IEEE80211_STA_MFP_ENABLED);
426
427
}

428
429
430
void ieee80211_send_pspoll(struct ieee80211_local *local,
			   struct ieee80211_sub_if_data *sdata)
{
431
	struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
	struct ieee80211_pspoll *pspoll;
	struct sk_buff *skb;
	u16 fc;

	skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*pspoll));
	if (!skb) {
		printk(KERN_DEBUG "%s: failed to allocate buffer for "
		       "pspoll frame\n", sdata->dev->name);
		return;
	}
	skb_reserve(skb, local->hw.extra_tx_headroom);

	pspoll = (struct ieee80211_pspoll *) skb_put(skb, sizeof(*pspoll));
	memset(pspoll, 0, sizeof(*pspoll));
	fc = IEEE80211_FTYPE_CTL | IEEE80211_STYPE_PSPOLL | IEEE80211_FCTL_PM;
	pspoll->frame_control = cpu_to_le16(fc);
448
	pspoll->aid = cpu_to_le16(ifmgd->aid);
449
450
451
452

	/* aid in PS-Poll has its two MSBs each set to 1 */
	pspoll->aid |= cpu_to_le16(1 << 15 | 1 << 14);

453
	memcpy(pspoll->bssid, ifmgd->bssid, ETH_ALEN);
454
455
456
457
458
	memcpy(pspoll->ta, sdata->dev->dev_addr, ETH_ALEN);

	ieee80211_tx_skb(sdata, skb, 0);
}

459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
void ieee80211_send_nullfunc(struct ieee80211_local *local,
			     struct ieee80211_sub_if_data *sdata,
			     int powersave)
{
	struct sk_buff *skb;
	struct ieee80211_hdr *nullfunc;
	__le16 fc;

	if (WARN_ON(sdata->vif.type != NL80211_IFTYPE_STATION))
		return;

	skb = dev_alloc_skb(local->hw.extra_tx_headroom + 24);
	if (!skb) {
		printk(KERN_DEBUG "%s: failed to allocate buffer for nullfunc "
		       "frame\n", sdata->dev->name);
		return;
	}
	skb_reserve(skb, local->hw.extra_tx_headroom);

	nullfunc = (struct ieee80211_hdr *) skb_put(skb, 24);
	memset(nullfunc, 0, 24);
	fc = cpu_to_le16(IEEE80211_FTYPE_DATA | IEEE80211_STYPE_NULLFUNC |
			 IEEE80211_FCTL_TODS);
	if (powersave)
		fc |= cpu_to_le16(IEEE80211_FCTL_PM);
	nullfunc->frame_control = fc;
	memcpy(nullfunc->addr1, sdata->u.mgd.bssid, ETH_ALEN);
	memcpy(nullfunc->addr2, sdata->dev->dev_addr, ETH_ALEN);
	memcpy(nullfunc->addr3, sdata->u.mgd.bssid, ETH_ALEN);

	ieee80211_tx_skb(sdata, skb, 0);
}

492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
/* spectrum management related things */
static void ieee80211_chswitch_work(struct work_struct *work)
{
	struct ieee80211_sub_if_data *sdata =
		container_of(work, struct ieee80211_sub_if_data, u.mgd.chswitch_work);
	struct ieee80211_bss *bss;
	struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;

	if (!netif_running(sdata->dev))
		return;

	bss = ieee80211_rx_bss_get(sdata->local, ifmgd->bssid,
				   sdata->local->hw.conf.channel->center_freq,
				   ifmgd->ssid, ifmgd->ssid_len);
	if (!bss)
		goto exit;

	sdata->local->oper_channel = sdata->local->csa_channel;
	/* XXX: shouldn't really modify cfg80211-owned data! */
	if (!ieee80211_hw_config(sdata->local, IEEE80211_CONF_CHANGE_CHANNEL))
		bss->cbss.channel = sdata->local->oper_channel;

	ieee80211_rx_bss_put(sdata->local, bss);
exit:
	ifmgd->flags &= ~IEEE80211_STA_CSA_RECEIVED;
	ieee80211_wake_queues_by_reason(&sdata->local->hw,
					IEEE80211_QUEUE_STOP_REASON_CSA);
}

static void ieee80211_chswitch_timer(unsigned long data)
{
	struct ieee80211_sub_if_data *sdata =
		(struct ieee80211_sub_if_data *) data;
	struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;

527
528
529
530
531
	if (sdata->local->quiescing) {
		set_bit(TMR_RUNNING_CHANSW, &ifmgd->timers_running);
		return;
	}

532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
	queue_work(sdata->local->hw.workqueue, &ifmgd->chswitch_work);
}

void ieee80211_sta_process_chanswitch(struct ieee80211_sub_if_data *sdata,
				      struct ieee80211_channel_sw_ie *sw_elem,
				      struct ieee80211_bss *bss)
{
	struct ieee80211_channel *new_ch;
	struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
	int new_freq = ieee80211_channel_to_frequency(sw_elem->new_ch_num);

	if (ifmgd->state != IEEE80211_STA_MLME_ASSOCIATED)
		return;

	if (sdata->local->sw_scanning || sdata->local->hw_scanning)
		return;

	/* Disregard subsequent beacons if we are already running a timer
	   processing a CSA */

	if (ifmgd->flags & IEEE80211_STA_CSA_RECEIVED)
		return;

	new_ch = ieee80211_get_channel(sdata->local->hw.wiphy, new_freq);
	if (!new_ch || new_ch->flags & IEEE80211_CHAN_DISABLED)
		return;

	sdata->local->csa_channel = new_ch;

	if (sw_elem->count <= 1) {
		queue_work(sdata->local->hw.workqueue, &ifmgd->chswitch_work);
	} else {
		ieee80211_stop_queues_by_reason(&sdata->local->hw,
					IEEE80211_QUEUE_STOP_REASON_CSA);
		ifmgd->flags |= IEEE80211_STA_CSA_RECEIVED;
		mod_timer(&ifmgd->chswitch_timer,
			  jiffies +
			  msecs_to_jiffies(sw_elem->count *
					   bss->cbss.beacon_interval));
	}
}

static void ieee80211_handle_pwr_constr(struct ieee80211_sub_if_data *sdata,
					u16 capab_info, u8 *pwr_constr_elem,
					u8 pwr_constr_elem_len)
{
	struct ieee80211_conf *conf = &sdata->local->hw.conf;

	if (!(capab_info & WLAN_CAPABILITY_SPECTRUM_MGMT))
		return;

	/* Power constraint IE length should be 1 octet */
	if (pwr_constr_elem_len != 1)
		return;

	if ((*pwr_constr_elem <= conf->channel->max_power) &&
	    (*pwr_constr_elem != sdata->local->power_constr_level)) {
		sdata->local->power_constr_level = *pwr_constr_elem;
		ieee80211_hw_config(sdata->local, 0);
	}
}

594
595
596
597
598
599
/* powersave */
static void ieee80211_enable_ps(struct ieee80211_local *local,
				struct ieee80211_sub_if_data *sdata)
{
	struct ieee80211_conf *conf = &local->hw.conf;

Johannes Berg's avatar
Johannes Berg committed
600
601
602
603
604
605
606
	/*
	 * If we are scanning right now then the parameters will
	 * take effect when scan finishes.
	 */
	if (local->hw_scanning || local->sw_scanning)
		return;

607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
	if (conf->dynamic_ps_timeout > 0 &&
	    !(local->hw.flags & IEEE80211_HW_SUPPORTS_DYNAMIC_PS)) {
		mod_timer(&local->dynamic_ps_timer, jiffies +
			  msecs_to_jiffies(conf->dynamic_ps_timeout));
	} else {
		if (local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK)
			ieee80211_send_nullfunc(local, sdata, 1);
		conf->flags |= IEEE80211_CONF_PS;
		ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS);
	}
}

static void ieee80211_change_ps(struct ieee80211_local *local)
{
	struct ieee80211_conf *conf = &local->hw.conf;

	if (local->ps_sdata) {
		if (!(local->ps_sdata->u.mgd.flags & IEEE80211_STA_ASSOCIATED))
			return;

		ieee80211_enable_ps(local, local->ps_sdata);
	} else if (conf->flags & IEEE80211_CONF_PS) {
		conf->flags &= ~IEEE80211_CONF_PS;
		ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS);
		del_timer_sync(&local->dynamic_ps_timer);
		cancel_work_sync(&local->dynamic_ps_enable_work);
	}
}

/* need to hold RTNL or interface lock */
637
void ieee80211_recalc_ps(struct ieee80211_local *local, s32 latency)
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
{
	struct ieee80211_sub_if_data *sdata, *found = NULL;
	int count = 0;

	if (!(local->hw.flags & IEEE80211_HW_SUPPORTS_PS)) {
		local->ps_sdata = NULL;
		return;
	}

	list_for_each_entry(sdata, &local->interfaces, list) {
		if (!netif_running(sdata->dev))
			continue;
		if (sdata->vif.type != NL80211_IFTYPE_STATION)
			continue;
		found = sdata;
		count++;
	}

656
657
658
659
660
661
662
663
664
	if (count == 1 && found->u.mgd.powersave) {
		s32 beaconint_us;

		if (latency < 0)
			latency = pm_qos_requirement(PM_QOS_NETWORK_LATENCY);

		beaconint_us = ieee80211_tu_to_usec(
					found->vif.bss_conf.beacon_int);

665
		if (beaconint_us > latency) {
666
			local->ps_sdata = NULL;
667
668
669
670
671
672
673
674
		} else {
			u8 dtimper = found->vif.bss_conf.dtim_period;
			int maxslp = 1;

			if (dtimper > 1)
				maxslp = min_t(int, dtimper,
						    latency / beaconint_us);

675
			local->hw.conf.max_sleep_period = maxslp;
676
			local->ps_sdata = found;
677
		}
678
	} else {
679
		local->ps_sdata = NULL;
680
	}
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724

	ieee80211_change_ps(local);
}

void ieee80211_dynamic_ps_disable_work(struct work_struct *work)
{
	struct ieee80211_local *local =
		container_of(work, struct ieee80211_local,
			     dynamic_ps_disable_work);

	if (local->hw.conf.flags & IEEE80211_CONF_PS) {
		local->hw.conf.flags &= ~IEEE80211_CONF_PS;
		ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS);
	}

	ieee80211_wake_queues_by_reason(&local->hw,
					IEEE80211_QUEUE_STOP_REASON_PS);
}

void ieee80211_dynamic_ps_enable_work(struct work_struct *work)
{
	struct ieee80211_local *local =
		container_of(work, struct ieee80211_local,
			     dynamic_ps_enable_work);
	struct ieee80211_sub_if_data *sdata = local->ps_sdata;

	/* can only happen when PS was just disabled anyway */
	if (!sdata)
		return;

	if (local->hw.conf.flags & IEEE80211_CONF_PS)
		return;

	if (local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK)
		ieee80211_send_nullfunc(local, sdata, 1);

	local->hw.conf.flags |= IEEE80211_CONF_PS;
	ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS);
}

void ieee80211_dynamic_ps_timer(unsigned long data)
{
	struct ieee80211_local *local = (void *) data;

725
726
727
	if (local->quiescing)
		return;

728
729
730
	queue_work(local->hw.workqueue, &local->dynamic_ps_enable_work);
}

Johannes Berg's avatar
Johannes Berg committed
731
/* MLME */
732
static void ieee80211_sta_wmm_params(struct ieee80211_local *local,
733
				     struct ieee80211_if_managed *ifmgd,
734
735
736
737
738
739
740
				     u8 *wmm_param, size_t wmm_param_len)
{
	struct ieee80211_tx_queue_params params;
	size_t left;
	int count;
	u8 *pos;

741
	if (!(ifmgd->flags & IEEE80211_STA_WMM_ENABLED))
742
743
744
745
746
		return;

	if (!wmm_param)
		return;

747
748
749
	if (wmm_param_len < 8 || wmm_param[5] /* version */ != 1)
		return;
	count = wmm_param[6] & 0x0f;
750
	if (count == ifmgd->wmm_last_param_set)
751
		return;
752
	ifmgd->wmm_last_param_set = count;
753
754
755
756
757
758
759
760
761
762
763
764
765

	pos = wmm_param + 8;
	left = wmm_param_len - 8;

	memset(&params, 0, sizeof(params));

	local->wmm_acm = 0;
	for (; left >= 4; left -= 4, pos += 4) {
		int aci = (pos[0] >> 5) & 0x03;
		int acm = (pos[0] >> 4) & 0x01;
		int queue;

		switch (aci) {
766
		case 1: /* AC_BK */
Johannes Berg's avatar
Johannes Berg committed
767
			queue = 3;
Johannes Berg's avatar
Johannes Berg committed
768
			if (acm)
769
				local->wmm_acm |= BIT(1) | BIT(2); /* BK/- */
770
			break;
771
		case 2: /* AC_VI */
Johannes Berg's avatar
Johannes Berg committed
772
			queue = 1;
Johannes Berg's avatar
Johannes Berg committed
773
			if (acm)
774
				local->wmm_acm |= BIT(4) | BIT(5); /* CL/VI */
775
			break;
776
		case 3: /* AC_VO */
Johannes Berg's avatar
Johannes Berg committed
777
			queue = 0;
Johannes Berg's avatar
Johannes Berg committed
778
			if (acm)
779
				local->wmm_acm |= BIT(6) | BIT(7); /* VO/NC */
780
			break;
781
		case 0: /* AC_BE */
782
		default:
Johannes Berg's avatar
Johannes Berg committed
783
			queue = 2;
Johannes Berg's avatar
Johannes Berg committed
784
			if (acm)
785
				local->wmm_acm |= BIT(0) | BIT(3); /* BE/EE */
786
787
788
789
790
791
			break;
		}

		params.aifs = pos[0] & 0x0f;
		params.cw_max = ecw2cw((pos[1] & 0xf0) >> 4);
		params.cw_min = ecw2cw(pos[1] & 0x0f);
792
		params.txop = get_unaligned_le16(pos + 2);
793
#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
794
		printk(KERN_DEBUG "%s: WMM queue=%d aci=%d acm=%d aifs=%d "
795
		       "cWmin=%d cWmax=%d txop=%d\n",
796
797
		       wiphy_name(local->hw.wiphy), queue, aci, acm,
		       params.aifs, params.cw_min, params.cw_max, params.txop);
798
#endif
799
		if (drv_conf_tx(local, queue, &params) && local->ops->conf_tx)
800
			printk(KERN_DEBUG "%s: failed to set TX queue "
801
802
			       "parameters for queue %d\n",
			       wiphy_name(local->hw.wiphy), queue);
803
804
805
	}
}

806
807
static u32 ieee80211_handle_bss_capability(struct ieee80211_sub_if_data *sdata,
					   u16 capab, bool erp_valid, u8 erp)
808
{
809
	struct ieee80211_bss_conf *bss_conf = &sdata->vif.bss_conf;
810
#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
811
	struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
812
#endif
813
	u32 changed = 0;
814
815
816
817
818
819
820
821
822
823
824
825
826
	bool use_protection;
	bool use_short_preamble;
	bool use_short_slot;

	if (erp_valid) {
		use_protection = (erp & WLAN_ERP_USE_PROTECTION) != 0;
		use_short_preamble = (erp & WLAN_ERP_BARKER_PREAMBLE) == 0;
	} else {
		use_protection = false;
		use_short_preamble = !!(capab & WLAN_CAPABILITY_SHORT_PREAMBLE);
	}

	use_short_slot = !!(capab & WLAN_CAPABILITY_SHORT_SLOT_TIME);
827

828
	if (use_protection != bss_conf->use_cts_prot) {
829
#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
830
		if (net_ratelimit()) {
831
			printk(KERN_DEBUG "%s: CTS protection %s (BSSID=%pM)\n",
832
			       sdata->dev->name,
833
			       use_protection ? "enabled" : "disabled",
834
			       ifmgd->bssid);
835
		}
836
#endif
837
838
		bss_conf->use_cts_prot = use_protection;
		changed |= BSS_CHANGED_ERP_CTS_PROT;
839
	}
840

841
	if (use_short_preamble != bss_conf->use_short_preamble) {
842
#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
843
844
		if (net_ratelimit()) {
			printk(KERN_DEBUG "%s: switched to %s barker preamble"
845
			       " (BSSID=%pM)\n",
846
			       sdata->dev->name,
847
			       use_short_preamble ? "short" : "long",
848
			       ifmgd->bssid);
849
		}
850
#endif
851
		bss_conf->use_short_preamble = use_short_preamble;
852
		changed |= BSS_CHANGED_ERP_PREAMBLE;
853
	}
854

855
856
857
	if (use_short_slot != bss_conf->use_short_slot) {
#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
		if (net_ratelimit()) {
858
859
			printk(KERN_DEBUG "%s: switched to %s slot time"
			       " (BSSID=%pM)\n",
860
861
			       sdata->dev->name,
			       use_short_slot ? "short" : "long",
862
			       ifmgd->bssid);
863
864
865
866
		}
#endif
		bss_conf->use_short_slot = use_short_slot;
		changed |= BSS_CHANGED_ERP_SLOT;
867
868
869
870
871
	}

	return changed;
}

872
static void ieee80211_sta_send_apinfo(struct ieee80211_sub_if_data *sdata)
873
874
{
	union iwreq_data wrqu;
875

876
	memset(&wrqu, 0, sizeof(wrqu));
877
878
	if (sdata->u.mgd.flags & IEEE80211_STA_ASSOCIATED)
		memcpy(wrqu.ap_addr.sa_data, sdata->u.mgd.bssid, ETH_ALEN);
879
880
881
882
	wrqu.ap_addr.sa_family = ARPHRD_ETHER;
	wireless_send_event(sdata->dev, SIOCGIWAP, &wrqu, NULL);
}

883
static void ieee80211_sta_send_associnfo(struct ieee80211_sub_if_data *sdata)
884
{
885
	struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
886
887
888
	char *buf;
	size_t len;
	int i;
889
890
	union iwreq_data wrqu;

891
	if (!ifmgd->assocreq_ies && !ifmgd->assocresp_ies)
892
893
		return;

894
895
	buf = kmalloc(50 + 2 * (ifmgd->assocreq_ies_len +
				ifmgd->assocresp_ies_len), GFP_KERNEL);
896
897
898
899
	if (!buf)
		return;

	len = sprintf(buf, "ASSOCINFO(");
900
	if (ifmgd->assocreq_ies) {
901
		len += sprintf(buf + len, "ReqIEs=");
902
		for (i = 0; i < ifmgd->assocreq_ies_len; i++) {
903
			len += sprintf(buf + len, "%02x",
904
				       ifmgd->assocreq_ies[i]);
905
		}
906
	}
907
908
	if (ifmgd->assocresp_ies) {
		if (ifmgd->assocreq_ies)
909
910
			len += sprintf(buf + len, " ");
		len += sprintf(buf + len, "RespIEs=");
911
		for (i = 0; i < ifmgd->assocresp_ies_len; i++) {
912
			len += sprintf(buf + len, "%02x",
913
				       ifmgd->assocresp_ies[i]);
914
		}
915
	}
916
917
918
919
	len += sprintf(buf + len, ")");

	if (len > IW_CUSTOM_MAX) {
		len = sprintf(buf, "ASSOCRESPIE=");
920
		for (i = 0; i < ifmgd->assocresp_ies_len; i++) {
921
			len += sprintf(buf + len, "%02x",
922
				       ifmgd->assocresp_ies[i]);
923
924
925
		}
	}

926
927
928
929
930
	if (len <= IW_CUSTOM_MAX) {
		memset(&wrqu, 0, sizeof(wrqu));
		wrqu.data.length = len;
		wireless_send_event(sdata->dev, IWEVCUSTOM, &wrqu, buf);
	}
931
932

	kfree(buf);
933
934
935
}


936
static void ieee80211_set_associated(struct ieee80211_sub_if_data *sdata,
Johannes Berg's avatar
Johannes Berg committed
937
				     u32 bss_info_changed)
938
{
939
	struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
940
	struct ieee80211_local *local = sdata->local;
Tomas Winkler's avatar
Tomas Winkler committed
941
	struct ieee80211_conf *conf = &local_to_hw(local)->conf;
942

943
	struct ieee80211_bss *bss;
944

Johannes Berg's avatar
Johannes Berg committed
945
	bss_info_changed |= BSS_CHANGED_ASSOC;
946
	ifmgd->flags |= IEEE80211_STA_ASSOCIATED;
947

948
	bss = ieee80211_rx_bss_get(local, ifmgd->bssid,
949
				   conf->channel->center_freq,
950
				   ifmgd->ssid, ifmgd->ssid_len);
951
952
	if (bss) {
		/* set timing information */
953
954
		sdata->vif.bss_conf.beacon_int = bss->cbss.beacon_interval;
		sdata->vif.bss_conf.timestamp = bss->cbss.tsf;
955
		sdata->vif.bss_conf.dtim_period = bss->dtim_period;
956

957
		bss_info_changed |= BSS_CHANGED_BEACON_INT;
Johannes Berg's avatar
Johannes Berg committed
958
		bss_info_changed |= ieee80211_handle_bss_capability(sdata,
959
			bss->cbss.capability, bss->has_erp_value, bss->erp_value);
960

961
962
		cfg80211_hold_bss(&bss->cbss);

963
		ieee80211_rx_bss_put(local, bss);
964
965
	}

966
967
968
	ifmgd->flags |= IEEE80211_STA_PREV_BSSID_SET;
	memcpy(ifmgd->prev_bssid, sdata->u.mgd.bssid, ETH_ALEN);
	ieee80211_sta_send_associnfo(sdata);
969

970
	ifmgd->last_probe = jiffies;
971
	ieee80211_led_assoc(local, 1);
972

973
	sdata->vif.bss_conf.assoc = 1;
974
975
976
977
978
	/*
	 * For now just always ask the driver to update the basic rateset
	 * when we have associated, we aren't checking whether it actually
	 * changed or not.
	 */
Johannes Berg's avatar
Johannes Berg committed
979
	bss_info_changed |= BSS_CHANGED_BASIC_RATES;
980
981
982
983

	/* And the BSSID changed - we're associated now */
	bss_info_changed |= BSS_CHANGED_BSSID;

Johannes Berg's avatar
Johannes Berg committed
984
	ieee80211_bss_info_change_notify(sdata, bss_info_changed);
985

986
	/* will be same as sdata */
987
988
989
990
991
	if (local->ps_sdata) {
		mutex_lock(&local->iflist_mtx);
		ieee80211_recalc_ps(local, -1);
		mutex_unlock(&local->iflist_mtx);
	}
992

993
994
	netif_tx_start_all_queues(sdata->dev);
	netif_carrier_on(sdata->dev);
995

996
	ieee80211_sta_send_apinfo(sdata);
997
998
}

999
static void ieee80211_direct_probe(struct ieee80211_sub_if_data *sdata)
1000
{
1001
	struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1002
	struct ieee80211_local *local = sdata->local;
1003
1004
1005

	ifmgd->direct_probe_tries++;
	if (ifmgd->direct_probe_tries > IEEE80211_AUTH_MAX_TRIES) {
1006
		printk(KERN_DEBUG "%s: direct probe to AP %pM timed out\n",
1007
1008
		       sdata->dev->name, ifmgd->bssid);
		ifmgd->state = IEEE80211_STA_MLME_DISABLED;
1009
		ieee80211_recalc_idle(local);
1010
		cfg80211_send_auth_timeout(sdata->dev, ifmgd->bssid);
1011
1012
1013
1014
1015

		/*
		 * Most likely AP is not in the range so remove the
		 * bss information associated to the AP
		 */
1016
		ieee80211_rx_bss_remove(sdata, ifmgd->bssid,
1017
				sdata->local->hw.conf.channel->center_freq,
1018
				ifmgd->ssid, ifmgd->ssid_len);
1019
1020
1021
1022
1023
1024
1025

		/*
		 * We might have a pending scan which had no chance to run yet
		 * due to state == IEEE80211_STA_MLME_DIRECT_PROBE.
		 * Hence, queue the STAs work again
		 */
		queue_work(local->hw.workqueue, &ifmgd->work);
1026
1027
1028
		return;
	}

1029
	printk(KERN_DEBUG "%s: direct probe to AP %pM try %d\n",
1030
1031
			sdata->dev->name, ifmgd->bssid,
			ifmgd->direct_probe_tries);
1032

1033
	ifmgd->state = IEEE80211_STA_MLME_DIRECT_PROBE;
1034

1035
1036
1037
1038
	/* Direct probe is sent to broadcast address as some APs
	 * will not answer to direct packet in unassociated state.
	 */
	ieee80211_send_probe_req(sdata, NULL,
1039
				 ifmgd->ssid, ifmgd->ssid_len, NULL, 0);
1040

1041
	mod_timer(&ifmgd->timer, jiffies + IEEE80211_AUTH_TIMEOUT);
Johannes Berg's avatar
Johannes Berg committed
1042
}
1043

1044

1045
static void ieee80211_authenticate(struct ieee80211_sub_if_data *sdata)
1046
{
1047
	struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1048
	struct ieee80211_local *local = sdata->local;
1049
1050
	u8 *ies;
	size_t ies_len;
1051
1052
1053

	ifmgd->auth_tries++;
	if (ifmgd->auth_tries > IEEE80211_AUTH_MAX_TRIES) {
1054
		printk(KERN_DEBUG "%s: authentication with AP %pM"
1055
		       " timed out\n",
1056
1057
		       sdata->dev->name, ifmgd->bssid);
		ifmgd->state = IEEE80211_STA_MLME_DISABLED;
1058
		ieee80211_recalc_idle(local);
1059
		cfg80211_send_auth_timeout(sdata->dev, ifmgd->bssid);
1060
		ieee80211_rx_bss_remove(sdata, ifmgd->bssid,
1061
				sdata->local->hw.conf.channel->center_freq,
1062
				ifmgd->ssid, ifmgd->ssid_len);
1063
1064
1065
1066
1067
1068
1069

		/*
		 * We might have a pending scan which had no chance to run yet
		 * due to state == IEEE80211_STA_MLME_AUTHENTICATE.
		 * Hence, queue the STAs work again
		 */
		queue_work(local->hw.workqueue, &ifmgd->work);
1070
1071
1072
		return;
	}

1073
	ifmgd->state = IEEE80211_STA_MLME_AUTHENTICATE;
1074
	printk(KERN_DEBUG "%s: authenticate with AP %pM\n",
1075
	       sdata->dev->name, ifmgd->bssid);
1076

1077
1078
1079
1080
1081
1082
1083
1084
	if (ifmgd->flags & IEEE80211_STA_EXT_SME) {
		ies = ifmgd->sme_auth_ie;
		ies_len = ifmgd->sme_auth_ie_len;
	} else {