mlme.c 70.3 KB
Newer Older
1
2
3
4
5
6
7
8
9
10
11
12
13
/*
 * BSS client mode implementation
 * Copyright 2003, Jouni Malinen <jkmaline@cc.hut.fi>
 * Copyright 2004, Instant802 Networks, Inc.
 * Copyright 2005, Devicescape Software, Inc.
 * Copyright 2006-2007	Jiri Benc <jbenc@suse.cz>
 * Copyright 2007, Michael Wu <flamingice@sourmilk.net>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License version 2 as
 * published by the Free Software Foundation.
 */

14
#include <linux/delay.h>
15
16
17
18
19
20
21
#include <linux/if_ether.h>
#include <linux/skbuff.h>
#include <linux/netdevice.h>
#include <linux/if_arp.h>
#include <linux/wireless.h>
#include <linux/random.h>
#include <linux/etherdevice.h>
22
#include <linux/rtnetlink.h>
23
24
#include <net/iw_handler.h>
#include <net/mac80211.h>
25
#include <asm/unaligned.h>
Johannes Berg's avatar
Johannes Berg committed
26

27
#include "ieee80211_i.h"
Johannes Berg's avatar
Johannes Berg committed
28
29
#include "rate.h"
#include "led.h"
30

31
#define IEEE80211_ASSOC_SCANS_MAX_TRIES 2
32
33
34
35
36
37
38
39
40
#define IEEE80211_AUTH_TIMEOUT (HZ / 5)
#define IEEE80211_AUTH_MAX_TRIES 3
#define IEEE80211_ASSOC_TIMEOUT (HZ / 5)
#define IEEE80211_ASSOC_MAX_TRIES 3
#define IEEE80211_MONITORING_INTERVAL (2 * HZ)
#define IEEE80211_PROBE_INTERVAL (60 * HZ)
#define IEEE80211_RETRY_AUTH_INTERVAL (1 * HZ)
#define IEEE80211_SCAN_INTERVAL (2 * HZ)
#define IEEE80211_SCAN_INTERVAL_SLOW (15 * HZ)
41
#define IEEE80211_IBSS_JOIN_TIMEOUT (7 * HZ)
42
43
44
45
46
47
48

#define IEEE80211_IBSS_MERGE_INTERVAL (30 * HZ)
#define IEEE80211_IBSS_INACTIVITY_LIMIT (60 * HZ)

#define IEEE80211_IBSS_MAX_STA_ENTRIES 128


49
50
/* utils */
static int ecw2cw(int ecw)
Johannes Berg's avatar
Johannes Berg committed
51
{
52
	return (1 << ecw) - 1;
Johannes Berg's avatar
Johannes Berg committed
53
54
}

55
static u8 *ieee80211_bss_get_ie(struct ieee80211_bss *bss, u8 ie)
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
{
	u8 *end, *pos;

	pos = bss->ies;
	if (pos == NULL)
		return NULL;
	end = pos + bss->ies_len;

	while (pos + 1 < end) {
		if (pos + 2 + pos[1] > end)
			break;
		if (pos[0] == ie)
			return pos;
		pos += 2 + pos[1];
	}

	return NULL;
}

75
static int ieee80211_compatible_rates(struct ieee80211_bss *bss,
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
				      struct ieee80211_supported_band *sband,
				      u64 *rates)
{
	int i, j, count;
	*rates = 0;
	count = 0;
	for (i = 0; i < bss->supp_rates_len; i++) {
		int rate = (bss->supp_rates[i] & 0x7F) * 5;

		for (j = 0; j < sband->n_bitrates; j++)
			if (sband->bitrates[j].bitrate == rate) {
				*rates |= BIT(j);
				count++;
				break;
			}
	}

	return count;
}

96
97
98
99
/* also used by mesh code */
u64 ieee80211_sta_get_rates(struct ieee80211_local *local,
			    struct ieee802_11_elems *elems,
			    enum ieee80211_band band)
Johannes Berg's avatar
Johannes Berg committed
100
{
101
102
103
104
105
106
	struct ieee80211_supported_band *sband;
	struct ieee80211_rate *bitrates;
	size_t num_rates;
	u64 supp_rates;
	int i, j;
	sband = local->hw.wiphy->bands[band];
Johannes Berg's avatar
Johannes Berg committed
107

108
109
110
	if (!sband) {
		WARN_ON(1);
		sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
Johannes Berg's avatar
Johannes Berg committed
111
112
	}

113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
	bitrates = sband->bitrates;
	num_rates = sband->n_bitrates;
	supp_rates = 0;
	for (i = 0; i < elems->supp_rates_len +
		     elems->ext_supp_rates_len; i++) {
		u8 rate = 0;
		int own_rate;
		if (i < elems->supp_rates_len)
			rate = elems->supp_rates[i];
		else if (elems->ext_supp_rates)
			rate = elems->ext_supp_rates
				[i - elems->supp_rates_len];
		own_rate = 5 * (rate & 0x7f);
		for (j = 0; j < num_rates; j++)
			if (bitrates[j].bitrate == own_rate)
				supp_rates |= BIT(j);
	}
	return supp_rates;
Johannes Berg's avatar
Johannes Berg committed
131
132
}

133
134
135
/* frame sending functions */

/* also used by scanning code */
136
137
void ieee80211_send_probe_req(struct ieee80211_sub_if_data *sdata, u8 *dst,
			      u8 *ssid, size_t ssid_len)
Johannes Berg's avatar
Johannes Berg committed
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
{
	struct ieee80211_local *local = sdata->local;
	struct ieee80211_supported_band *sband;
	struct sk_buff *skb;
	struct ieee80211_mgmt *mgmt;
	u8 *pos, *supp_rates, *esupp_rates = NULL;
	int i;

	skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*mgmt) + 200);
	if (!skb) {
		printk(KERN_DEBUG "%s: failed to allocate buffer for probe "
		       "request\n", sdata->dev->name);
		return;
	}
	skb_reserve(skb, local->hw.extra_tx_headroom);

	mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
	memset(mgmt, 0, 24);
	mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
					  IEEE80211_STYPE_PROBE_REQ);
	memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
	if (dst) {
		memcpy(mgmt->da, dst, ETH_ALEN);
		memcpy(mgmt->bssid, dst, ETH_ALEN);
	} else {
		memset(mgmt->da, 0xff, ETH_ALEN);
		memset(mgmt->bssid, 0xff, ETH_ALEN);
	}
	pos = skb_put(skb, 2 + ssid_len);
	*pos++ = WLAN_EID_SSID;
	*pos++ = ssid_len;
	memcpy(pos, ssid, ssid_len);

	supp_rates = skb_put(skb, 2);
	supp_rates[0] = WLAN_EID_SUPP_RATES;
	supp_rates[1] = 0;
	sband = local->hw.wiphy->bands[local->hw.conf.channel->band];

	for (i = 0; i < sband->n_bitrates; i++) {
		struct ieee80211_rate *rate = &sband->bitrates[i];
		if (esupp_rates) {
			pos = skb_put(skb, 1);
			esupp_rates[1]++;
		} else if (supp_rates[1] == 8) {
			esupp_rates = skb_put(skb, 3);
			esupp_rates[0] = WLAN_EID_EXT_SUPP_RATES;
			esupp_rates[1] = 1;
			pos = &esupp_rates[2];
		} else {
			pos = skb_put(skb, 1);
			supp_rates[1]++;
		}
		*pos = rate->bitrate / 5;
	}

193
	ieee80211_tx_skb(sdata, skb, 0);
Johannes Berg's avatar
Johannes Berg committed
194
195
}

196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
static void ieee80211_send_auth(struct ieee80211_sub_if_data *sdata,
				struct ieee80211_if_sta *ifsta,
				int transaction, u8 *extra, size_t extra_len,
				int encrypt)
{
	struct ieee80211_local *local = sdata->local;
	struct sk_buff *skb;
	struct ieee80211_mgmt *mgmt;

	skb = dev_alloc_skb(local->hw.extra_tx_headroom +
			    sizeof(*mgmt) + 6 + extra_len);
	if (!skb) {
		printk(KERN_DEBUG "%s: failed to allocate buffer for auth "
		       "frame\n", sdata->dev->name);
		return;
	}
	skb_reserve(skb, local->hw.extra_tx_headroom);

	mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24 + 6);
	memset(mgmt, 0, 24 + 6);
	mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
					  IEEE80211_STYPE_AUTH);
	if (encrypt)
		mgmt->frame_control |= cpu_to_le16(IEEE80211_FCTL_PROTECTED);
	memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
	memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
	memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
	mgmt->u.auth.auth_alg = cpu_to_le16(ifsta->auth_alg);
	mgmt->u.auth.auth_transaction = cpu_to_le16(transaction);
	ifsta->auth_transaction = transaction + 1;
	mgmt->u.auth.status_code = cpu_to_le16(0);
	if (extra)
		memcpy(skb_put(skb, extra_len), extra, extra_len);

	ieee80211_tx_skb(sdata, skb, encrypt);
}

233
234
235
236
237
238
static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata,
				 struct ieee80211_if_sta *ifsta)
{
	struct ieee80211_local *local = sdata->local;
	struct sk_buff *skb;
	struct ieee80211_mgmt *mgmt;
239
	u8 *pos, *ies, *ht_ie;
240
241
	int i, len, count, rates_len, supp_rates_len;
	u16 capab;
242
	struct ieee80211_bss *bss;
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
	int wmm = 0;
	struct ieee80211_supported_band *sband;
	u64 rates = 0;

	skb = dev_alloc_skb(local->hw.extra_tx_headroom +
			    sizeof(*mgmt) + 200 + ifsta->extra_ie_len +
			    ifsta->ssid_len);
	if (!skb) {
		printk(KERN_DEBUG "%s: failed to allocate buffer for assoc "
		       "frame\n", sdata->dev->name);
		return;
	}
	skb_reserve(skb, local->hw.extra_tx_headroom);

	sband = local->hw.wiphy->bands[local->hw.conf.channel->band];

	capab = ifsta->capab;

	if (local->hw.conf.channel->band == IEEE80211_BAND_2GHZ) {
		if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_SLOT_INCAPABLE))
			capab |= WLAN_CAPABILITY_SHORT_SLOT_TIME;
		if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_PREAMBLE_INCAPABLE))
			capab |= WLAN_CAPABILITY_SHORT_PREAMBLE;
	}

	bss = ieee80211_rx_bss_get(local, ifsta->bssid,
				   local->hw.conf.channel->center_freq,
				   ifsta->ssid, ifsta->ssid_len);
	if (bss) {
		if (bss->capability & WLAN_CAPABILITY_PRIVACY)
			capab |= WLAN_CAPABILITY_PRIVACY;
		if (bss->wmm_used)
			wmm = 1;

		/* get all rates supported by the device and the AP as
		 * some APs don't like getting a superset of their rates
		 * in the association request (e.g. D-Link DAP 1353 in
		 * b-only mode) */
		rates_len = ieee80211_compatible_rates(bss, sband, &rates);

		if ((bss->capability & WLAN_CAPABILITY_SPECTRUM_MGMT) &&
		    (local->hw.flags & IEEE80211_HW_SPECTRUM_MGMT))
			capab |= WLAN_CAPABILITY_SPECTRUM_MGMT;

		ieee80211_rx_bss_put(local, bss);
	} else {
		rates = ~0;
		rates_len = sband->n_bitrates;
	}

	mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
	memset(mgmt, 0, 24);
	memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
	memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
	memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);

	if (ifsta->flags & IEEE80211_STA_PREV_BSSID_SET) {
		skb_put(skb, 10);
		mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
						  IEEE80211_STYPE_REASSOC_REQ);
		mgmt->u.reassoc_req.capab_info = cpu_to_le16(capab);
		mgmt->u.reassoc_req.listen_interval =
				cpu_to_le16(local->hw.conf.listen_interval);
		memcpy(mgmt->u.reassoc_req.current_ap, ifsta->prev_bssid,
		       ETH_ALEN);
	} else {
		skb_put(skb, 4);
		mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
						  IEEE80211_STYPE_ASSOC_REQ);
		mgmt->u.assoc_req.capab_info = cpu_to_le16(capab);
		mgmt->u.reassoc_req.listen_interval =
				cpu_to_le16(local->hw.conf.listen_interval);
	}

	/* SSID */
	ies = pos = skb_put(skb, 2 + ifsta->ssid_len);
	*pos++ = WLAN_EID_SSID;
	*pos++ = ifsta->ssid_len;
	memcpy(pos, ifsta->ssid, ifsta->ssid_len);

	/* add all rates which were marked to be used above */
	supp_rates_len = rates_len;
	if (supp_rates_len > 8)
		supp_rates_len = 8;

	len = sband->n_bitrates;
	pos = skb_put(skb, supp_rates_len + 2);
	*pos++ = WLAN_EID_SUPP_RATES;
	*pos++ = supp_rates_len;

	count = 0;
	for (i = 0; i < sband->n_bitrates; i++) {
		if (BIT(i) & rates) {
			int rate = sband->bitrates[i].bitrate;
			*pos++ = (u8) (rate / 5);
			if (++count == 8)
				break;
		}
	}

	if (rates_len > count) {
		pos = skb_put(skb, rates_len - count + 2);
		*pos++ = WLAN_EID_EXT_SUPP_RATES;
		*pos++ = rates_len - count;

		for (i++; i < sband->n_bitrates; i++) {
			if (BIT(i) & rates) {
				int rate = sband->bitrates[i].bitrate;
				*pos++ = (u8) (rate / 5);
			}
		}
	}

	if (capab & WLAN_CAPABILITY_SPECTRUM_MGMT) {
		/* 1. power capabilities */
		pos = skb_put(skb, 4);
		*pos++ = WLAN_EID_PWR_CAPABILITY;
		*pos++ = 2;
		*pos++ = 0; /* min tx power */
		*pos++ = local->hw.conf.channel->max_power; /* max tx power */

		/* 2. supported channels */
		/* TODO: get this in reg domain format */
		pos = skb_put(skb, 2 * sband->n_channels + 2);
		*pos++ = WLAN_EID_SUPPORTED_CHANNELS;
		*pos++ = 2 * sband->n_channels;
		for (i = 0; i < sband->n_channels; i++) {
			*pos++ = ieee80211_frequency_to_channel(
					sband->channels[i].center_freq);
			*pos++ = 1; /* one channel in the subband*/
		}
	}

	if (ifsta->extra_ie) {
		pos = skb_put(skb, ifsta->extra_ie_len);
		memcpy(pos, ifsta->extra_ie, ifsta->extra_ie_len);
	}

	if (wmm && (ifsta->flags & IEEE80211_STA_WMM_ENABLED)) {
		pos = skb_put(skb, 9);
		*pos++ = WLAN_EID_VENDOR_SPECIFIC;
		*pos++ = 7; /* len */
		*pos++ = 0x00; /* Microsoft OUI 00:50:F2 */
		*pos++ = 0x50;
		*pos++ = 0xf2;
		*pos++ = 2; /* WME */
		*pos++ = 0; /* WME info */
		*pos++ = 1; /* WME ver */
		*pos++ = 0;
	}

	/* wmm support is a must to HT */
	if (wmm && (ifsta->flags & IEEE80211_STA_WMM_ENABLED) &&
396
397
398
399
400
401
	    sband->ht_cap.ht_supported &&
	    (ht_ie = ieee80211_bss_get_ie(bss, WLAN_EID_HT_INFORMATION)) &&
	    ht_ie[1] >= sizeof(struct ieee80211_ht_info)) {
		struct ieee80211_ht_info *ht_info =
			(struct ieee80211_ht_info *)(ht_ie + 2);
		u16 cap = sband->ht_cap.cap;
402
403
404
		__le16 tmp;
		u32 flags = local->hw.conf.channel->flags;

405
406
		switch (ht_info->ht_param & IEEE80211_HT_PARAM_CHA_SEC_OFFSET) {
		case IEEE80211_HT_PARAM_CHA_SEC_ABOVE:
407
			if (flags & IEEE80211_CHAN_NO_FAT_ABOVE) {
408
				cap &= ~IEEE80211_HT_CAP_SUP_WIDTH_20_40;
409
410
411
				cap &= ~IEEE80211_HT_CAP_SGI_40;
			}
			break;
412
		case IEEE80211_HT_PARAM_CHA_SEC_BELOW:
413
			if (flags & IEEE80211_CHAN_NO_FAT_BELOW) {
414
				cap &= ~IEEE80211_HT_CAP_SUP_WIDTH_20_40;
415
416
417
418
419
420
421
422
423
424
425
426
427
				cap &= ~IEEE80211_HT_CAP_SGI_40;
			}
			break;
		}

		tmp = cpu_to_le16(cap);
		pos = skb_put(skb, sizeof(struct ieee80211_ht_cap)+2);
		*pos++ = WLAN_EID_HT_CAPABILITY;
		*pos++ = sizeof(struct ieee80211_ht_cap);
		memset(pos, 0, sizeof(struct ieee80211_ht_cap));
		memcpy(pos, &tmp, sizeof(u16));
		pos += sizeof(u16);
		/* TODO: needs a define here for << 2 */
428
429
430
		*pos++ = sband->ht_cap.ampdu_factor |
			 (sband->ht_cap.ampdu_density << 2);
		memcpy(pos, &sband->ht_cap.mcs, sizeof(sband->ht_cap.mcs));
431
432
433
434
435
436
437
438
	}

	kfree(ifsta->assocreq_ies);
	ifsta->assocreq_ies_len = (skb->data + skb->len) - ies;
	ifsta->assocreq_ies = kmalloc(ifsta->assocreq_ies_len, GFP_KERNEL);
	if (ifsta->assocreq_ies)
		memcpy(ifsta->assocreq_ies, ies, ifsta->assocreq_ies_len);

439
	ieee80211_tx_skb(sdata, skb, 0);
440
441
442
}


443
444
static void ieee80211_send_deauth_disassoc(struct ieee80211_sub_if_data *sdata,
					   u16 stype, u16 reason)
445
446
{
	struct ieee80211_local *local = sdata->local;
447
	struct ieee80211_if_sta *ifsta = &sdata->u.sta;
448
449
450
451
452
	struct sk_buff *skb;
	struct ieee80211_mgmt *mgmt;

	skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*mgmt));
	if (!skb) {
453
454
		printk(KERN_DEBUG "%s: failed to allocate buffer for "
		       "deauth/disassoc frame\n", sdata->dev->name);
455
456
457
458
459
460
461
462
463
		return;
	}
	skb_reserve(skb, local->hw.extra_tx_headroom);

	mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
	memset(mgmt, 0, 24);
	memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
	memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
	memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
464
	mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | stype);
465
	skb_put(skb, 2);
466
	/* u.deauth.reason_code == u.disassoc.reason_code */
467
468
	mgmt->u.deauth.reason_code = cpu_to_le16(reason);

469
	ieee80211_tx_skb(sdata, skb, 0);
470
471
}

Johannes Berg's avatar
Johannes Berg committed
472
/* MLME */
473
static void ieee80211_sta_def_wmm_params(struct ieee80211_sub_if_data *sdata,
474
					 struct ieee80211_bss *bss)
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
{
	struct ieee80211_local *local = sdata->local;
	int i, have_higher_than_11mbit = 0;

	/* cf. IEEE 802.11 9.2.12 */
	for (i = 0; i < bss->supp_rates_len; i++)
		if ((bss->supp_rates[i] & 0x7f) * 5 > 110)
			have_higher_than_11mbit = 1;

	if (local->hw.conf.channel->band == IEEE80211_BAND_2GHZ &&
	    have_higher_than_11mbit)
		sdata->flags |= IEEE80211_SDATA_OPERATING_GMODE;
	else
		sdata->flags &= ~IEEE80211_SDATA_OPERATING_GMODE;

490
	ieee80211_set_wmm_default(sdata);
491
492
}

493
static void ieee80211_sta_wmm_params(struct ieee80211_local *local,
494
495
496
497
498
499
500
501
				     struct ieee80211_if_sta *ifsta,
				     u8 *wmm_param, size_t wmm_param_len)
{
	struct ieee80211_tx_queue_params params;
	size_t left;
	int count;
	u8 *pos;

502
503
504
505
506
507
	if (!(ifsta->flags & IEEE80211_STA_WMM_ENABLED))
		return;

	if (!wmm_param)
		return;

508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
	if (wmm_param_len < 8 || wmm_param[5] /* version */ != 1)
		return;
	count = wmm_param[6] & 0x0f;
	if (count == ifsta->wmm_last_param_set)
		return;
	ifsta->wmm_last_param_set = count;

	pos = wmm_param + 8;
	left = wmm_param_len - 8;

	memset(&params, 0, sizeof(params));

	if (!local->ops->conf_tx)
		return;

	local->wmm_acm = 0;
	for (; left >= 4; left -= 4, pos += 4) {
		int aci = (pos[0] >> 5) & 0x03;
		int acm = (pos[0] >> 4) & 0x01;
		int queue;

		switch (aci) {
		case 1:
Johannes Berg's avatar
Johannes Berg committed
531
			queue = 3;
Johannes Berg's avatar
Johannes Berg committed
532
			if (acm)
533
534
535
				local->wmm_acm |= BIT(0) | BIT(3);
			break;
		case 2:
Johannes Berg's avatar
Johannes Berg committed
536
			queue = 1;
Johannes Berg's avatar
Johannes Berg committed
537
			if (acm)
538
539
540
				local->wmm_acm |= BIT(4) | BIT(5);
			break;
		case 3:
Johannes Berg's avatar
Johannes Berg committed
541
			queue = 0;
Johannes Berg's avatar
Johannes Berg committed
542
			if (acm)
543
544
545
546
				local->wmm_acm |= BIT(6) | BIT(7);
			break;
		case 0:
		default:
Johannes Berg's avatar
Johannes Berg committed
547
			queue = 2;
Johannes Berg's avatar
Johannes Berg committed
548
			if (acm)
549
550
551
552
553
554
555
				local->wmm_acm |= BIT(1) | BIT(2);
			break;
		}

		params.aifs = pos[0] & 0x0f;
		params.cw_max = ecw2cw((pos[1] & 0xf0) >> 4);
		params.cw_min = ecw2cw(pos[1] & 0x0f);
556
		params.txop = get_unaligned_le16(pos + 2);
557
#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
558
		printk(KERN_DEBUG "%s: WMM queue=%d aci=%d acm=%d aifs=%d "
559
		       "cWmin=%d cWmax=%d txop=%d\n",
560
		       local->mdev->name, queue, aci, acm, params.aifs, params.cw_min,
561
562
		       params.cw_max, params.txop);
#endif
563
564
565
566
		/* TODO: handle ACM (block TX, fallback to next lowest allowed
		 * AC for now) */
		if (local->ops->conf_tx(local_to_hw(local), queue, &params)) {
			printk(KERN_DEBUG "%s: failed to set TX queue "
567
			       "parameters for queue %d\n", local->mdev->name, queue);
568
569
570
571
		}
	}
}

572
573
static u32 ieee80211_handle_bss_capability(struct ieee80211_sub_if_data *sdata,
					   u16 capab, bool erp_valid, u8 erp)
574
{
575
	struct ieee80211_bss_conf *bss_conf = &sdata->bss_conf;
576
#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
577
	struct ieee80211_if_sta *ifsta = &sdata->u.sta;
578
#endif
579
	u32 changed = 0;
580
581
582
583
584
585
586
587
588
589
590
591
592
	bool use_protection;
	bool use_short_preamble;
	bool use_short_slot;

	if (erp_valid) {
		use_protection = (erp & WLAN_ERP_USE_PROTECTION) != 0;
		use_short_preamble = (erp & WLAN_ERP_BARKER_PREAMBLE) == 0;
	} else {
		use_protection = false;
		use_short_preamble = !!(capab & WLAN_CAPABILITY_SHORT_PREAMBLE);
	}

	use_short_slot = !!(capab & WLAN_CAPABILITY_SHORT_SLOT_TIME);
593

594
	if (use_protection != bss_conf->use_cts_prot) {
595
#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
596
		if (net_ratelimit()) {
597
			printk(KERN_DEBUG "%s: CTS protection %s (BSSID=%pM)\n",
598
			       sdata->dev->name,
599
			       use_protection ? "enabled" : "disabled",
600
			       ifsta->bssid);
601
		}
602
#endif
603
604
		bss_conf->use_cts_prot = use_protection;
		changed |= BSS_CHANGED_ERP_CTS_PROT;
605
	}
606

607
	if (use_short_preamble != bss_conf->use_short_preamble) {
608
#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
609
610
		if (net_ratelimit()) {
			printk(KERN_DEBUG "%s: switched to %s barker preamble"
611
			       " (BSSID=%pM)\n",
612
			       sdata->dev->name,
613
			       use_short_preamble ? "short" : "long",
614
			       ifsta->bssid);
615
		}
616
#endif
617
		bss_conf->use_short_preamble = use_short_preamble;
618
		changed |= BSS_CHANGED_ERP_PREAMBLE;
619
	}
620

621
622
623
624
625
626
627
628
629
630
631
632
	if (use_short_slot != bss_conf->use_short_slot) {
#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
		if (net_ratelimit()) {
			printk(KERN_DEBUG "%s: switched to %s slot"
			       " (BSSID=%s)\n",
			       sdata->dev->name,
			       use_short_slot ? "short" : "long",
			       ifsta->bssid);
		}
#endif
		bss_conf->use_short_slot = use_short_slot;
		changed |= BSS_CHANGED_ERP_SLOT;
633
634
635
636
637
	}

	return changed;
}

638
639
640
641
642
643
644
645
646
647
648
static void ieee80211_sta_send_apinfo(struct ieee80211_sub_if_data *sdata,
					struct ieee80211_if_sta *ifsta)
{
	union iwreq_data wrqu;
	memset(&wrqu, 0, sizeof(wrqu));
	if (ifsta->flags & IEEE80211_STA_ASSOCIATED)
		memcpy(wrqu.ap_addr.sa_data, sdata->u.sta.bssid, ETH_ALEN);
	wrqu.ap_addr.sa_family = ARPHRD_ETHER;
	wireless_send_event(sdata->dev, SIOCGIWAP, &wrqu, NULL);
}

649
static void ieee80211_sta_send_associnfo(struct ieee80211_sub_if_data *sdata,
650
651
					 struct ieee80211_if_sta *ifsta)
{
652
653
654
	char *buf;
	size_t len;
	int i;
655
656
	union iwreq_data wrqu;

657
658
659
660
661
662
663
664
665
	if (!ifsta->assocreq_ies && !ifsta->assocresp_ies)
		return;

	buf = kmalloc(50 + 2 * (ifsta->assocreq_ies_len +
				ifsta->assocresp_ies_len), GFP_KERNEL);
	if (!buf)
		return;

	len = sprintf(buf, "ASSOCINFO(");
666
	if (ifsta->assocreq_ies) {
667
668
669
670
671
		len += sprintf(buf + len, "ReqIEs=");
		for (i = 0; i < ifsta->assocreq_ies_len; i++) {
			len += sprintf(buf + len, "%02x",
				       ifsta->assocreq_ies[i]);
		}
672
	}
673
	if (ifsta->assocresp_ies) {
674
675
676
677
678
679
680
		if (ifsta->assocreq_ies)
			len += sprintf(buf + len, " ");
		len += sprintf(buf + len, "RespIEs=");
		for (i = 0; i < ifsta->assocresp_ies_len; i++) {
			len += sprintf(buf + len, "%02x",
				       ifsta->assocresp_ies[i]);
		}
681
	}
682
683
684
685
686
687
688
689
690
691
	len += sprintf(buf + len, ")");

	if (len > IW_CUSTOM_MAX) {
		len = sprintf(buf, "ASSOCRESPIE=");
		for (i = 0; i < ifsta->assocresp_ies_len; i++) {
			len += sprintf(buf + len, "%02x",
				       ifsta->assocresp_ies[i]);
		}
	}

692
693
694
695
696
	if (len <= IW_CUSTOM_MAX) {
		memset(&wrqu, 0, sizeof(wrqu));
		wrqu.data.length = len;
		wireless_send_event(sdata->dev, IWEVCUSTOM, &wrqu, buf);
	}
697
698

	kfree(buf);
699
700
701
}


702
static void ieee80211_set_associated(struct ieee80211_sub_if_data *sdata,
703
				     struct ieee80211_if_sta *ifsta)
704
{
705
	struct ieee80211_local *local = sdata->local;
Tomas Winkler's avatar
Tomas Winkler committed
706
	struct ieee80211_conf *conf = &local_to_hw(local)->conf;
707
	u32 changed = BSS_CHANGED_ASSOC;
708

709
	struct ieee80211_bss *bss;
710

711
	ifsta->flags |= IEEE80211_STA_ASSOCIATED;
712

713
	if (sdata->vif.type != NL80211_IFTYPE_STATION)
714
		return;
715

716
717
718
719
720
721
722
723
	bss = ieee80211_rx_bss_get(local, ifsta->bssid,
				   conf->channel->center_freq,
				   ifsta->ssid, ifsta->ssid_len);
	if (bss) {
		/* set timing information */
		sdata->bss_conf.beacon_int = bss->beacon_int;
		sdata->bss_conf.timestamp = bss->timestamp;
		sdata->bss_conf.dtim_period = bss->dtim_period;
724

725
726
		changed |= ieee80211_handle_bss_capability(sdata,
			bss->capability, bss->has_erp_value, bss->erp_value);
727
728

		ieee80211_rx_bss_put(local, bss);
729
730
	}

731
732
733
	if (conf->flags & IEEE80211_CONF_SUPPORT_HT_MODE) {
		changed |= BSS_CHANGED_HT;
		sdata->bss_conf.assoc_ht = 1;
734
		sdata->bss_conf.ht_cap = &conf->ht_cap;
735
		sdata->bss_conf.ht_bss_conf = &conf->ht_bss_conf;
736
	}
737

738
739
740
	ifsta->flags |= IEEE80211_STA_PREV_BSSID_SET;
	memcpy(ifsta->prev_bssid, sdata->u.sta.bssid, ETH_ALEN);
	ieee80211_sta_send_associnfo(sdata, ifsta);
741

742
743
	ifsta->last_probe = jiffies;
	ieee80211_led_assoc(local, 1);
744

745
	sdata->bss_conf.assoc = 1;
746
747
748
749
750
751
	/*
	 * For now just always ask the driver to update the basic rateset
	 * when we have associated, we aren't checking whether it actually
	 * changed or not.
	 */
	changed |= BSS_CHANGED_BASIC_RATES;
752
	ieee80211_bss_info_change_notify(sdata, changed);
753

754
755
	netif_tx_start_all_queues(sdata->dev);
	netif_carrier_on(sdata->dev);
756

757
	ieee80211_sta_send_apinfo(sdata, ifsta);
758
759
}

760
761
static void ieee80211_direct_probe(struct ieee80211_sub_if_data *sdata,
				   struct ieee80211_if_sta *ifsta)
762
{
763
764
	ifsta->direct_probe_tries++;
	if (ifsta->direct_probe_tries > IEEE80211_AUTH_MAX_TRIES) {
765
766
		printk(KERN_DEBUG "%s: direct probe to AP %pM timed out\n",
		       sdata->dev->name, ifsta->bssid);
767
		ifsta->state = IEEE80211_STA_MLME_DISABLED;
768
769
770
		return;
	}

771
772
	printk(KERN_DEBUG "%s: direct probe to AP %pM try %d\n",
			sdata->dev->name, ifsta->bssid,
773
			ifsta->direct_probe_tries);
774

775
	ifsta->state = IEEE80211_STA_MLME_DIRECT_PROBE;
776

777
778
779
780
781
782
783
784
785
	set_bit(IEEE80211_STA_REQ_DIRECT_PROBE, &ifsta->request);

	/* Direct probe is sent to broadcast address as some APs
	 * will not answer to direct packet in unassociated state.
	 */
	ieee80211_send_probe_req(sdata, NULL,
				 ifsta->ssid, ifsta->ssid_len);

	mod_timer(&ifsta->timer, jiffies + IEEE80211_AUTH_TIMEOUT);
Johannes Berg's avatar
Johannes Berg committed
786
}
787

788
789
790

static void ieee80211_authenticate(struct ieee80211_sub_if_data *sdata,
				   struct ieee80211_if_sta *ifsta)
791
{
792
793
	ifsta->auth_tries++;
	if (ifsta->auth_tries > IEEE80211_AUTH_MAX_TRIES) {
794
		printk(KERN_DEBUG "%s: authentication with AP %pM"
795
		       " timed out\n",
796
		       sdata->dev->name, ifsta->bssid);
797
		ifsta->state = IEEE80211_STA_MLME_DISABLED;
798
799
800
		return;
	}

801
	ifsta->state = IEEE80211_STA_MLME_AUTHENTICATE;
802
803
	printk(KERN_DEBUG "%s: authenticate with AP %pM\n",
	       sdata->dev->name, ifsta->bssid);
804

805
806
807
	ieee80211_send_auth(sdata, ifsta, 1, NULL, 0, 0);

	mod_timer(&ifsta->timer, jiffies + IEEE80211_AUTH_TIMEOUT);
808
809
}

810
811
812
813
814
815
static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata,
				   struct ieee80211_if_sta *ifsta, bool deauth,
				   bool self_disconnected, u16 reason)
{
	struct ieee80211_local *local = sdata->local;
	struct sta_info *sta;
816
	u32 changed = BSS_CHANGED_ASSOC;
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832

	rcu_read_lock();

	sta = sta_info_get(local, ifsta->bssid);
	if (!sta) {
		rcu_read_unlock();
		return;
	}

	if (deauth) {
		ifsta->direct_probe_tries = 0;
		ifsta->auth_tries = 0;
	}
	ifsta->assoc_scan_tries = 0;
	ifsta->assoc_tries = 0;

833
	netif_tx_stop_all_queues(sdata->dev);
834
835
	netif_carrier_off(sdata->dev);

836
	ieee80211_sta_tear_down_BA_sessions(sdata, sta->sta.addr);
837
838
839

	if (self_disconnected) {
		if (deauth)
840
841
			ieee80211_send_deauth_disassoc(sdata,
				IEEE80211_STYPE_DEAUTH, reason);
842
		else
843
844
			ieee80211_send_deauth_disassoc(sdata,
				IEEE80211_STYPE_DISASSOC, reason);
845
846
	}

847
848
849
850
851
852
853
	ifsta->flags &= ~IEEE80211_STA_ASSOCIATED;
	changed |= ieee80211_reset_erp_info(sdata);

	if (sdata->bss_conf.assoc_ht)
		changed |= BSS_CHANGED_HT;

	sdata->bss_conf.assoc_ht = 0;
854
	sdata->bss_conf.ht_cap = NULL;
855
856
857
858
859
860
	sdata->bss_conf.ht_bss_conf = NULL;

	ieee80211_led_assoc(local, 0);
	sdata->bss_conf.assoc = 0;

	ieee80211_sta_send_apinfo(sdata, ifsta);
861
862
863
864
865
866
867
868
869
870

	if (self_disconnected)
		ifsta->state = IEEE80211_STA_MLME_DISABLED;

	sta_info_unlink(&sta);

	rcu_read_unlock();

	sta_info_destroy(sta);
}
871

872
873
874
875
876
877
878
879
static int ieee80211_sta_wep_configured(struct ieee80211_sub_if_data *sdata)
{
	if (!sdata || !sdata->default_key ||
	    sdata->default_key->conf.alg != ALG_WEP)
		return 0;
	return 1;
}

880
static int ieee80211_privacy_mismatch(struct ieee80211_sub_if_data *sdata,
881
882
				      struct ieee80211_if_sta *ifsta)
{
883
	struct ieee80211_local *local = sdata->local;
884
	struct ieee80211_bss *bss;
885
886
887
	int bss_privacy;
	int wep_privacy;
	int privacy_invoked;
888

889
	if (!ifsta || (ifsta->flags & IEEE80211_STA_MIXED_CELL))
890
891
		return 0;

892
	bss = ieee80211_rx_bss_get(local, ifsta->bssid,
893
				   local->hw.conf.channel->center_freq,
894
				   ifsta->ssid, ifsta->ssid_len);
895
896
897
	if (!bss)
		return 0;

898
	bss_privacy = !!(bss->capability & WLAN_CAPABILITY_PRIVACY);
899
	wep_privacy = !!ieee80211_sta_wep_configured(sdata);
900
	privacy_invoked = !!(ifsta->flags & IEEE80211_STA_PRIVACY_INVOKED);
901

902
	ieee80211_rx_bss_put(local, bss);
903

904
905
906
907
	if ((bss_privacy == wep_privacy) || (bss_privacy == privacy_invoked))
		return 0;

	return 1;
908
909
}

910
static void ieee80211_associate(struct ieee80211_sub_if_data *sdata,
911
912
913
914
				struct ieee80211_if_sta *ifsta)
{
	ifsta->assoc_tries++;
	if (ifsta->assoc_tries > IEEE80211_ASSOC_MAX_TRIES) {
915
		printk(KERN_DEBUG "%s: association with AP %pM"
916
		       " timed out\n",
917
		       sdata->dev->name, ifsta->bssid);
918
		ifsta->state = IEEE80211_STA_MLME_DISABLED;
919
920
921
		return;
	}

922
	ifsta->state = IEEE80211_STA_MLME_ASSOCIATE;
923
924
	printk(KERN_DEBUG "%s: associate with AP %pM\n",
	       sdata->dev->name, ifsta->bssid);
925
	if (ieee80211_privacy_mismatch(sdata, ifsta)) {
926
		printk(KERN_DEBUG "%s: mismatch in privacy configuration and "
927
		       "mixed-cell disabled - abort association\n", sdata->dev->name);
928
		ifsta->state = IEEE80211_STA_MLME_DISABLED;
929
930
931
		return;
	}

932
	ieee80211_send_assoc(sdata, ifsta);
933
934
935
936
937

	mod_timer(&ifsta->timer, jiffies + IEEE80211_ASSOC_TIMEOUT);
}


938
static void ieee80211_associated(struct ieee80211_sub_if_data *sdata,
939
940
				 struct ieee80211_if_sta *ifsta)
{
941
	struct ieee80211_local *local = sdata->local;
942
943
944
945
946
947
948
949
	struct sta_info *sta;
	int disassoc;

	/* TODO: start monitoring current AP signal quality and number of
	 * missed beacons. Scan other channels every now and then and search
	 * for better APs. */
	/* TODO: remove expired BSSes */

950
	ifsta->state = IEEE80211_STA_MLME_ASSOCIATED;
951

952
953
	rcu_read_lock();

954
955
	sta = sta_info_get(local, ifsta->bssid);
	if (!sta) {
956
957
		printk(KERN_DEBUG "%s: No STA entry for own AP %pM\n",
		       sdata->dev->name, ifsta->bssid);
958
959
960
961
962
		disassoc = 1;
	} else {
		disassoc = 0;
		if (time_after(jiffies,
			       sta->last_rx + IEEE80211_MONITORING_INTERVAL)) {
963
			if (ifsta->flags & IEEE80211_STA_PROBEREQ_POLL) {
964
				printk(KERN_DEBUG "%s: No ProbeResp from "
965
				       "current AP %pM - assume out of "
966
				       "range\n",
967
				       sdata->dev->name, ifsta->bssid);
968
				disassoc = 1;
969
			} else
970
				ieee80211_send_probe_req(sdata, ifsta->bssid,
971
972
							 ifsta->ssid,
							 ifsta->ssid_len);
973
			ifsta->flags ^= IEEE80211_STA_PROBEREQ_POLL;
974
		} else {
975
			ifsta->flags &= ~IEEE80211_STA_PROBEREQ_POLL;
976
977
978
			if (time_after(jiffies, ifsta->last_probe +
				       IEEE80211_PROBE_INTERVAL)) {
				ifsta->last_probe = jiffies;
979
				ieee80211_send_probe_req(sdata, ifsta->bssid,
980
981
982
983
984
							 ifsta->ssid,
							 ifsta->ssid_len);
			}
		}
	}
985
986
987

	rcu_read_unlock();

Johannes Berg's avatar
Johannes Berg committed
988
989
990
991
992
993
	if (disassoc)
		ieee80211_set_disassoc(sdata, ifsta, true, true,
					WLAN_REASON_PREV_AUTH_NOT_VALID);
	else
		mod_timer(&ifsta->timer, jiffies +
				      IEEE80211_MONITORING_INTERVAL);
994
995
996
}


997
static void ieee80211_auth_completed(struct ieee80211_sub_if_data *sdata,
998
999
				     struct ieee80211_if_sta *ifsta)
{
1000
	printk(KERN_DEBUG "%s: authenticated\n", sdata->dev->name);