mlme.c 72 KB
Newer Older
1
2
/*
 * BSS client mode implementation
3
 * Copyright 2003-2008, Jouni Malinen <j@w1.fi>
4
5
6
7
8
9
10
11
12
13
 * Copyright 2004, Instant802 Networks, Inc.
 * Copyright 2005, Devicescape Software, Inc.
 * Copyright 2006-2007	Jiri Benc <jbenc@suse.cz>
 * Copyright 2007, Michael Wu <flamingice@sourmilk.net>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License version 2 as
 * published by the Free Software Foundation.
 */

14
#include <linux/delay.h>
15
16
17
18
#include <linux/if_ether.h>
#include <linux/skbuff.h>
#include <linux/if_arp.h>
#include <linux/etherdevice.h>
19
#include <linux/rtnetlink.h>
20
#include <linux/pm_qos_params.h>
21
#include <linux/crc32.h>
22
#include <net/mac80211.h>
23
#include <asm/unaligned.h>
Johannes Berg's avatar
Johannes Berg committed
24

25
#include "ieee80211_i.h"
26
#include "driver-ops.h"
Johannes Berg's avatar
Johannes Berg committed
27
28
#include "rate.h"
#include "led.h"
29

30
#define IEEE80211_ASSOC_SCANS_MAX_TRIES 2
31
32
33
34
35
#define IEEE80211_AUTH_TIMEOUT (HZ / 5)
#define IEEE80211_AUTH_MAX_TRIES 3
#define IEEE80211_ASSOC_TIMEOUT (HZ / 5)
#define IEEE80211_ASSOC_MAX_TRIES 3
#define IEEE80211_MONITORING_INTERVAL (2 * HZ)
36
#define IEEE80211_PROBE_WAIT (HZ / 5)
37
#define IEEE80211_PROBE_IDLE_TIME (60 * HZ)
38
39
#define IEEE80211_RETRY_AUTH_INTERVAL (1 * HZ)

40
41
42
#define TMR_RUNNING_TIMER	0
#define TMR_RUNNING_CHANSW	1

43
44
/* utils */
static int ecw2cw(int ecw)
Johannes Berg's avatar
Johannes Berg committed
45
{
46
	return (1 << ecw) - 1;
Johannes Berg's avatar
Johannes Berg committed
47
48
}

49
static u8 *ieee80211_bss_get_ie(struct ieee80211_bss *bss, u8 ie)
50
51
52
{
	u8 *end, *pos;

53
	pos = bss->cbss.information_elements;
54
55
	if (pos == NULL)
		return NULL;
56
	end = pos + bss->cbss.len_information_elements;
57
58
59
60
61
62
63
64
65
66
67
68

	while (pos + 1 < end) {
		if (pos + 2 + pos[1] > end)
			break;
		if (pos[0] == ie)
			return pos;
		pos += 2 + pos[1];
	}

	return NULL;
}

69
static int ieee80211_compatible_rates(struct ieee80211_bss *bss,
70
				      struct ieee80211_supported_band *sband,
71
				      u32 *rates)
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
{
	int i, j, count;
	*rates = 0;
	count = 0;
	for (i = 0; i < bss->supp_rates_len; i++) {
		int rate = (bss->supp_rates[i] & 0x7F) * 5;

		for (j = 0; j < sband->n_bitrates; j++)
			if (sband->bitrates[j].bitrate == rate) {
				*rates |= BIT(j);
				count++;
				break;
			}
	}

	return count;
}

90
91
92
93
94
95
96
97
98
99
100
101
102
103
/*
 * ieee80211_enable_ht should be called only after the operating band
 * has been determined as ht configuration depends on the hw's
 * HT abilities for a specific band.
 */
static u32 ieee80211_enable_ht(struct ieee80211_sub_if_data *sdata,
			       struct ieee80211_ht_info *hti,
			       u16 ap_ht_cap_flags)
{
	struct ieee80211_local *local = sdata->local;
	struct ieee80211_supported_band *sband;
	struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
	struct sta_info *sta;
	u32 changed = 0;
104
	u16 ht_opmode;
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
	bool enable_ht = true, ht_changed;
	enum nl80211_channel_type channel_type = NL80211_CHAN_NO_HT;

	sband = local->hw.wiphy->bands[local->hw.conf.channel->band];

	/* HT is not supported */
	if (!sband->ht_cap.ht_supported)
		enable_ht = false;

	/* check that channel matches the right operating channel */
	if (local->hw.conf.channel->center_freq !=
	    ieee80211_channel_to_frequency(hti->control_chan))
		enable_ht = false;

	if (enable_ht) {
		channel_type = NL80211_CHAN_HT20;

		if (!(ap_ht_cap_flags & IEEE80211_HT_CAP_40MHZ_INTOLERANT) &&
		    (sband->ht_cap.cap & IEEE80211_HT_CAP_SUP_WIDTH_20_40) &&
		    (hti->ht_param & IEEE80211_HT_PARAM_CHAN_WIDTH_ANY)) {
			switch(hti->ht_param & IEEE80211_HT_PARAM_CHA_SEC_OFFSET) {
			case IEEE80211_HT_PARAM_CHA_SEC_ABOVE:
127
128
129
				if (!(local->hw.conf.channel->flags &
				    IEEE80211_CHAN_NO_HT40PLUS))
					channel_type = NL80211_CHAN_HT40PLUS;
130
131
				break;
			case IEEE80211_HT_PARAM_CHA_SEC_BELOW:
132
133
134
				if (!(local->hw.conf.channel->flags &
				    IEEE80211_CHAN_NO_HT40MINUS))
					channel_type = NL80211_CHAN_HT40MINUS;
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
				break;
			}
		}
	}

	ht_changed = conf_is_ht(&local->hw.conf) != enable_ht ||
		     channel_type != local->hw.conf.channel_type;

	local->oper_channel_type = channel_type;

	if (ht_changed) {
                /* channel_type change automatically detected */
		ieee80211_hw_config(local, 0);

		rcu_read_lock();

		sta = sta_info_get(local, ifmgd->bssid);
		if (sta)
			rate_control_rate_update(local, sband, sta,
						 IEEE80211_RC_HT_CHANGED);

		rcu_read_unlock();
        }

	/* disable HT */
	if (!enable_ht)
		return 0;

163
	ht_opmode = le16_to_cpu(hti->operation_mode);
164
165

	/* if bss configuration changed store the new one */
166
167
	if (!sdata->ht_opmode_valid ||
	    sdata->vif.bss_conf.ht_operation_mode != ht_opmode) {
168
		changed |= BSS_CHANGED_HT;
169
		sdata->vif.bss_conf.ht_operation_mode = ht_opmode;
170
		sdata->ht_opmode_valid = true;
171
172
173
174
175
	}

	return changed;
}

176
177
/* frame sending functions */

178
static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata)
179
{
180
	struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
181
182
183
	struct ieee80211_local *local = sdata->local;
	struct sk_buff *skb;
	struct ieee80211_mgmt *mgmt;
184
	u8 *pos, *ies, *ht_ie;
185
186
	int i, len, count, rates_len, supp_rates_len;
	u16 capab;
187
	struct ieee80211_bss *bss;
188
189
	int wmm = 0;
	struct ieee80211_supported_band *sband;
190
	u32 rates = 0;
191
192

	skb = dev_alloc_skb(local->hw.extra_tx_headroom +
193
			    sizeof(*mgmt) + 200 + ifmgd->extra_ie_len +
194
			    ifmgd->ssid_len);
195
196
197
198
199
200
201
202
203
	if (!skb) {
		printk(KERN_DEBUG "%s: failed to allocate buffer for assoc "
		       "frame\n", sdata->dev->name);
		return;
	}
	skb_reserve(skb, local->hw.extra_tx_headroom);

	sband = local->hw.wiphy->bands[local->hw.conf.channel->band];

204
	capab = ifmgd->capab;
205
206
207
208
209
210
211
212

	if (local->hw.conf.channel->band == IEEE80211_BAND_2GHZ) {
		if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_SLOT_INCAPABLE))
			capab |= WLAN_CAPABILITY_SHORT_SLOT_TIME;
		if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_PREAMBLE_INCAPABLE))
			capab |= WLAN_CAPABILITY_SHORT_PREAMBLE;
	}

213
	bss = ieee80211_rx_bss_get(local, ifmgd->bssid,
214
				   local->hw.conf.channel->center_freq,
215
				   ifmgd->ssid, ifmgd->ssid_len);
216
	if (bss) {
217
		if (bss->cbss.capability & WLAN_CAPABILITY_PRIVACY)
218
219
220
221
222
223
224
225
226
227
			capab |= WLAN_CAPABILITY_PRIVACY;
		if (bss->wmm_used)
			wmm = 1;

		/* get all rates supported by the device and the AP as
		 * some APs don't like getting a superset of their rates
		 * in the association request (e.g. D-Link DAP 1353 in
		 * b-only mode) */
		rates_len = ieee80211_compatible_rates(bss, sband, &rates);

228
		if ((bss->cbss.capability & WLAN_CAPABILITY_SPECTRUM_MGMT) &&
229
230
231
232
233
234
235
236
237
238
239
		    (local->hw.flags & IEEE80211_HW_SPECTRUM_MGMT))
			capab |= WLAN_CAPABILITY_SPECTRUM_MGMT;

		ieee80211_rx_bss_put(local, bss);
	} else {
		rates = ~0;
		rates_len = sband->n_bitrates;
	}

	mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
	memset(mgmt, 0, 24);
240
	memcpy(mgmt->da, ifmgd->bssid, ETH_ALEN);
241
	memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
242
	memcpy(mgmt->bssid, ifmgd->bssid, ETH_ALEN);
243

244
	if (ifmgd->flags & IEEE80211_STA_PREV_BSSID_SET) {
245
246
247
248
249
250
		skb_put(skb, 10);
		mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
						  IEEE80211_STYPE_REASSOC_REQ);
		mgmt->u.reassoc_req.capab_info = cpu_to_le16(capab);
		mgmt->u.reassoc_req.listen_interval =
				cpu_to_le16(local->hw.conf.listen_interval);
251
		memcpy(mgmt->u.reassoc_req.current_ap, ifmgd->prev_bssid,
252
253
254
255
256
257
		       ETH_ALEN);
	} else {
		skb_put(skb, 4);
		mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
						  IEEE80211_STYPE_ASSOC_REQ);
		mgmt->u.assoc_req.capab_info = cpu_to_le16(capab);
258
		mgmt->u.assoc_req.listen_interval =
259
260
261
262
				cpu_to_le16(local->hw.conf.listen_interval);
	}

	/* SSID */
263
	ies = pos = skb_put(skb, 2 + ifmgd->ssid_len);
264
	*pos++ = WLAN_EID_SSID;
265
266
	*pos++ = ifmgd->ssid_len;
	memcpy(pos, ifmgd->ssid, ifmgd->ssid_len);
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320

	/* add all rates which were marked to be used above */
	supp_rates_len = rates_len;
	if (supp_rates_len > 8)
		supp_rates_len = 8;

	len = sband->n_bitrates;
	pos = skb_put(skb, supp_rates_len + 2);
	*pos++ = WLAN_EID_SUPP_RATES;
	*pos++ = supp_rates_len;

	count = 0;
	for (i = 0; i < sband->n_bitrates; i++) {
		if (BIT(i) & rates) {
			int rate = sband->bitrates[i].bitrate;
			*pos++ = (u8) (rate / 5);
			if (++count == 8)
				break;
		}
	}

	if (rates_len > count) {
		pos = skb_put(skb, rates_len - count + 2);
		*pos++ = WLAN_EID_EXT_SUPP_RATES;
		*pos++ = rates_len - count;

		for (i++; i < sband->n_bitrates; i++) {
			if (BIT(i) & rates) {
				int rate = sband->bitrates[i].bitrate;
				*pos++ = (u8) (rate / 5);
			}
		}
	}

	if (capab & WLAN_CAPABILITY_SPECTRUM_MGMT) {
		/* 1. power capabilities */
		pos = skb_put(skb, 4);
		*pos++ = WLAN_EID_PWR_CAPABILITY;
		*pos++ = 2;
		*pos++ = 0; /* min tx power */
		*pos++ = local->hw.conf.channel->max_power; /* max tx power */

		/* 2. supported channels */
		/* TODO: get this in reg domain format */
		pos = skb_put(skb, 2 * sband->n_channels + 2);
		*pos++ = WLAN_EID_SUPPORTED_CHANNELS;
		*pos++ = 2 * sband->n_channels;
		for (i = 0; i < sband->n_channels; i++) {
			*pos++ = ieee80211_frequency_to_channel(
					sband->channels[i].center_freq);
			*pos++ = 1; /* one channel in the subband*/
		}
	}

321
322
323
	if (ifmgd->extra_ie) {
		pos = skb_put(skb, ifmgd->extra_ie_len);
		memcpy(pos, ifmgd->extra_ie, ifmgd->extra_ie_len);
324
325
	}

326
	if (wmm && (ifmgd->flags & IEEE80211_STA_WMM_ENABLED)) {
327
328
329
330
331
332
333
334
335
336
337
338
339
		pos = skb_put(skb, 9);
		*pos++ = WLAN_EID_VENDOR_SPECIFIC;
		*pos++ = 7; /* len */
		*pos++ = 0x00; /* Microsoft OUI 00:50:F2 */
		*pos++ = 0x50;
		*pos++ = 0xf2;
		*pos++ = 2; /* WME */
		*pos++ = 0; /* WME info */
		*pos++ = 1; /* WME ver */
		*pos++ = 0;
	}

	/* wmm support is a must to HT */
340
341
342
343
344
345
	/*
	 * IEEE802.11n does not allow TKIP/WEP as pairwise
	 * ciphers in HT mode. We still associate in non-ht
	 * mode (11a/b/g) if any one of these ciphers is
	 * configured as pairwise.
	 */
346
	if (wmm && (ifmgd->flags & IEEE80211_STA_WMM_ENABLED) &&
347
348
	    sband->ht_cap.ht_supported &&
	    (ht_ie = ieee80211_bss_get_ie(bss, WLAN_EID_HT_INFORMATION)) &&
349
	    ht_ie[1] >= sizeof(struct ieee80211_ht_info) &&
350
	    (!(ifmgd->flags & IEEE80211_STA_TKIP_WEP_USED))) {
351
352
353
		struct ieee80211_ht_info *ht_info =
			(struct ieee80211_ht_info *)(ht_ie + 2);
		u16 cap = sband->ht_cap.cap;
354
355
356
		__le16 tmp;
		u32 flags = local->hw.conf.channel->flags;

357
358
		switch (ht_info->ht_param & IEEE80211_HT_PARAM_CHA_SEC_OFFSET) {
		case IEEE80211_HT_PARAM_CHA_SEC_ABOVE:
359
			if (flags & IEEE80211_CHAN_NO_HT40PLUS) {
360
				cap &= ~IEEE80211_HT_CAP_SUP_WIDTH_20_40;
361
362
363
				cap &= ~IEEE80211_HT_CAP_SGI_40;
			}
			break;
364
		case IEEE80211_HT_PARAM_CHA_SEC_BELOW:
365
			if (flags & IEEE80211_CHAN_NO_HT40MINUS) {
366
				cap &= ~IEEE80211_HT_CAP_SUP_WIDTH_20_40;
367
368
369
370
371
372
373
374
375
376
377
378
379
				cap &= ~IEEE80211_HT_CAP_SGI_40;
			}
			break;
		}

		tmp = cpu_to_le16(cap);
		pos = skb_put(skb, sizeof(struct ieee80211_ht_cap)+2);
		*pos++ = WLAN_EID_HT_CAPABILITY;
		*pos++ = sizeof(struct ieee80211_ht_cap);
		memset(pos, 0, sizeof(struct ieee80211_ht_cap));
		memcpy(pos, &tmp, sizeof(u16));
		pos += sizeof(u16);
		/* TODO: needs a define here for << 2 */
380
381
382
		*pos++ = sband->ht_cap.ampdu_factor |
			 (sband->ht_cap.ampdu_density << 2);
		memcpy(pos, &sband->ht_cap.mcs, sizeof(sband->ht_cap.mcs));
383
384
	}

385
386
387
388
389
	kfree(ifmgd->assocreq_ies);
	ifmgd->assocreq_ies_len = (skb->data + skb->len) - ies;
	ifmgd->assocreq_ies = kmalloc(ifmgd->assocreq_ies_len, GFP_KERNEL);
	if (ifmgd->assocreq_ies)
		memcpy(ifmgd->assocreq_ies, ies, ifmgd->assocreq_ies_len);
390

391
	ieee80211_tx_skb(sdata, skb, 0);
392
393
394
}


395
396
static void ieee80211_send_deauth_disassoc(struct ieee80211_sub_if_data *sdata,
					   u16 stype, u16 reason)
397
398
{
	struct ieee80211_local *local = sdata->local;
399
	struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
400
401
	struct sk_buff *skb;
	struct ieee80211_mgmt *mgmt;
402

403
	skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*mgmt));
404
	if (!skb) {
405
406
		printk(KERN_DEBUG "%s: failed to allocate buffer for "
		       "deauth/disassoc frame\n", sdata->dev->name);
407
408
409
410
411
412
		return;
	}
	skb_reserve(skb, local->hw.extra_tx_headroom);

	mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
	memset(mgmt, 0, 24);
413
	memcpy(mgmt->da, ifmgd->bssid, ETH_ALEN);
414
	memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
415
	memcpy(mgmt->bssid, ifmgd->bssid, ETH_ALEN);
416
	mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | stype);
417
	skb_put(skb, 2);
418
	/* u.deauth.reason_code == u.disassoc.reason_code */
419
420
	mgmt->u.deauth.reason_code = cpu_to_le16(reason);

421
422
423
424
	if (stype == IEEE80211_STYPE_DEAUTH)
		cfg80211_send_deauth(sdata->dev, (u8 *) mgmt, skb->len);
	else
		cfg80211_send_disassoc(sdata->dev, (u8 *) mgmt, skb->len);
425
	ieee80211_tx_skb(sdata, skb, ifmgd->flags & IEEE80211_STA_MFP_ENABLED);
426
427
}

428
429
430
void ieee80211_send_pspoll(struct ieee80211_local *local,
			   struct ieee80211_sub_if_data *sdata)
{
431
	struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
	struct ieee80211_pspoll *pspoll;
	struct sk_buff *skb;
	u16 fc;

	skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*pspoll));
	if (!skb) {
		printk(KERN_DEBUG "%s: failed to allocate buffer for "
		       "pspoll frame\n", sdata->dev->name);
		return;
	}
	skb_reserve(skb, local->hw.extra_tx_headroom);

	pspoll = (struct ieee80211_pspoll *) skb_put(skb, sizeof(*pspoll));
	memset(pspoll, 0, sizeof(*pspoll));
	fc = IEEE80211_FTYPE_CTL | IEEE80211_STYPE_PSPOLL | IEEE80211_FCTL_PM;
	pspoll->frame_control = cpu_to_le16(fc);
448
	pspoll->aid = cpu_to_le16(ifmgd->aid);
449
450
451
452

	/* aid in PS-Poll has its two MSBs each set to 1 */
	pspoll->aid |= cpu_to_le16(1 << 15 | 1 << 14);

453
	memcpy(pspoll->bssid, ifmgd->bssid, ETH_ALEN);
454
455
456
457
458
	memcpy(pspoll->ta, sdata->dev->dev_addr, ETH_ALEN);

	ieee80211_tx_skb(sdata, skb, 0);
}

459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
void ieee80211_send_nullfunc(struct ieee80211_local *local,
			     struct ieee80211_sub_if_data *sdata,
			     int powersave)
{
	struct sk_buff *skb;
	struct ieee80211_hdr *nullfunc;
	__le16 fc;

	if (WARN_ON(sdata->vif.type != NL80211_IFTYPE_STATION))
		return;

	skb = dev_alloc_skb(local->hw.extra_tx_headroom + 24);
	if (!skb) {
		printk(KERN_DEBUG "%s: failed to allocate buffer for nullfunc "
		       "frame\n", sdata->dev->name);
		return;
	}
	skb_reserve(skb, local->hw.extra_tx_headroom);

	nullfunc = (struct ieee80211_hdr *) skb_put(skb, 24);
	memset(nullfunc, 0, 24);
	fc = cpu_to_le16(IEEE80211_FTYPE_DATA | IEEE80211_STYPE_NULLFUNC |
			 IEEE80211_FCTL_TODS);
	if (powersave)
		fc |= cpu_to_le16(IEEE80211_FCTL_PM);
	nullfunc->frame_control = fc;
	memcpy(nullfunc->addr1, sdata->u.mgd.bssid, ETH_ALEN);
	memcpy(nullfunc->addr2, sdata->dev->dev_addr, ETH_ALEN);
	memcpy(nullfunc->addr3, sdata->u.mgd.bssid, ETH_ALEN);

	ieee80211_tx_skb(sdata, skb, 0);
}

492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
/* spectrum management related things */
static void ieee80211_chswitch_work(struct work_struct *work)
{
	struct ieee80211_sub_if_data *sdata =
		container_of(work, struct ieee80211_sub_if_data, u.mgd.chswitch_work);
	struct ieee80211_bss *bss;
	struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;

	if (!netif_running(sdata->dev))
		return;

	bss = ieee80211_rx_bss_get(sdata->local, ifmgd->bssid,
				   sdata->local->hw.conf.channel->center_freq,
				   ifmgd->ssid, ifmgd->ssid_len);
	if (!bss)
		goto exit;

	sdata->local->oper_channel = sdata->local->csa_channel;
	/* XXX: shouldn't really modify cfg80211-owned data! */
	if (!ieee80211_hw_config(sdata->local, IEEE80211_CONF_CHANGE_CHANNEL))
		bss->cbss.channel = sdata->local->oper_channel;

	ieee80211_rx_bss_put(sdata->local, bss);
exit:
	ifmgd->flags &= ~IEEE80211_STA_CSA_RECEIVED;
	ieee80211_wake_queues_by_reason(&sdata->local->hw,
					IEEE80211_QUEUE_STOP_REASON_CSA);
}

static void ieee80211_chswitch_timer(unsigned long data)
{
	struct ieee80211_sub_if_data *sdata =
		(struct ieee80211_sub_if_data *) data;
	struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;

527
528
529
530
531
	if (sdata->local->quiescing) {
		set_bit(TMR_RUNNING_CHANSW, &ifmgd->timers_running);
		return;
	}

532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
	queue_work(sdata->local->hw.workqueue, &ifmgd->chswitch_work);
}

void ieee80211_sta_process_chanswitch(struct ieee80211_sub_if_data *sdata,
				      struct ieee80211_channel_sw_ie *sw_elem,
				      struct ieee80211_bss *bss)
{
	struct ieee80211_channel *new_ch;
	struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
	int new_freq = ieee80211_channel_to_frequency(sw_elem->new_ch_num);

	if (ifmgd->state != IEEE80211_STA_MLME_ASSOCIATED)
		return;

	if (sdata->local->sw_scanning || sdata->local->hw_scanning)
		return;

	/* Disregard subsequent beacons if we are already running a timer
	   processing a CSA */

	if (ifmgd->flags & IEEE80211_STA_CSA_RECEIVED)
		return;

	new_ch = ieee80211_get_channel(sdata->local->hw.wiphy, new_freq);
	if (!new_ch || new_ch->flags & IEEE80211_CHAN_DISABLED)
		return;

	sdata->local->csa_channel = new_ch;

	if (sw_elem->count <= 1) {
		queue_work(sdata->local->hw.workqueue, &ifmgd->chswitch_work);
	} else {
		ieee80211_stop_queues_by_reason(&sdata->local->hw,
					IEEE80211_QUEUE_STOP_REASON_CSA);
		ifmgd->flags |= IEEE80211_STA_CSA_RECEIVED;
		mod_timer(&ifmgd->chswitch_timer,
			  jiffies +
			  msecs_to_jiffies(sw_elem->count *
					   bss->cbss.beacon_interval));
	}
}

static void ieee80211_handle_pwr_constr(struct ieee80211_sub_if_data *sdata,
					u16 capab_info, u8 *pwr_constr_elem,
					u8 pwr_constr_elem_len)
{
	struct ieee80211_conf *conf = &sdata->local->hw.conf;

	if (!(capab_info & WLAN_CAPABILITY_SPECTRUM_MGMT))
		return;

	/* Power constraint IE length should be 1 octet */
	if (pwr_constr_elem_len != 1)
		return;

	if ((*pwr_constr_elem <= conf->channel->max_power) &&
	    (*pwr_constr_elem != sdata->local->power_constr_level)) {
		sdata->local->power_constr_level = *pwr_constr_elem;
		ieee80211_hw_config(sdata->local, 0);
	}
}

594
595
596
597
598
599
/* powersave */
static void ieee80211_enable_ps(struct ieee80211_local *local,
				struct ieee80211_sub_if_data *sdata)
{
	struct ieee80211_conf *conf = &local->hw.conf;

Johannes Berg's avatar
Johannes Berg committed
600
601
602
603
604
605
606
	/*
	 * If we are scanning right now then the parameters will
	 * take effect when scan finishes.
	 */
	if (local->hw_scanning || local->sw_scanning)
		return;

607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
	if (conf->dynamic_ps_timeout > 0 &&
	    !(local->hw.flags & IEEE80211_HW_SUPPORTS_DYNAMIC_PS)) {
		mod_timer(&local->dynamic_ps_timer, jiffies +
			  msecs_to_jiffies(conf->dynamic_ps_timeout));
	} else {
		if (local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK)
			ieee80211_send_nullfunc(local, sdata, 1);
		conf->flags |= IEEE80211_CONF_PS;
		ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS);
	}
}

static void ieee80211_change_ps(struct ieee80211_local *local)
{
	struct ieee80211_conf *conf = &local->hw.conf;

	if (local->ps_sdata) {
		ieee80211_enable_ps(local, local->ps_sdata);
	} else if (conf->flags & IEEE80211_CONF_PS) {
		conf->flags &= ~IEEE80211_CONF_PS;
		ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS);
		del_timer_sync(&local->dynamic_ps_timer);
		cancel_work_sync(&local->dynamic_ps_enable_work);
	}
}

/* need to hold RTNL or interface lock */
634
void ieee80211_recalc_ps(struct ieee80211_local *local, s32 latency)
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
{
	struct ieee80211_sub_if_data *sdata, *found = NULL;
	int count = 0;

	if (!(local->hw.flags & IEEE80211_HW_SUPPORTS_PS)) {
		local->ps_sdata = NULL;
		return;
	}

	list_for_each_entry(sdata, &local->interfaces, list) {
		if (!netif_running(sdata->dev))
			continue;
		if (sdata->vif.type != NL80211_IFTYPE_STATION)
			continue;
		found = sdata;
		count++;
	}

653
	if (count == 1 && found->u.mgd.powersave &&
654
655
	    (found->u.mgd.flags & IEEE80211_STA_ASSOCIATED) &&
	    !(found->u.mgd.flags & IEEE80211_STA_PROBEREQ_POLL)) {
656
657
658
659
660
661
662
663
		s32 beaconint_us;

		if (latency < 0)
			latency = pm_qos_requirement(PM_QOS_NETWORK_LATENCY);

		beaconint_us = ieee80211_tu_to_usec(
					found->vif.bss_conf.beacon_int);

664
		if (beaconint_us > latency) {
665
			local->ps_sdata = NULL;
666
667
668
669
670
671
672
673
		} else {
			u8 dtimper = found->vif.bss_conf.dtim_period;
			int maxslp = 1;

			if (dtimper > 1)
				maxslp = min_t(int, dtimper,
						    latency / beaconint_us);

674
			local->hw.conf.max_sleep_period = maxslp;
675
			local->ps_sdata = found;
676
		}
677
	} else {
678
		local->ps_sdata = NULL;
679
	}
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723

	ieee80211_change_ps(local);
}

void ieee80211_dynamic_ps_disable_work(struct work_struct *work)
{
	struct ieee80211_local *local =
		container_of(work, struct ieee80211_local,
			     dynamic_ps_disable_work);

	if (local->hw.conf.flags & IEEE80211_CONF_PS) {
		local->hw.conf.flags &= ~IEEE80211_CONF_PS;
		ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS);
	}

	ieee80211_wake_queues_by_reason(&local->hw,
					IEEE80211_QUEUE_STOP_REASON_PS);
}

void ieee80211_dynamic_ps_enable_work(struct work_struct *work)
{
	struct ieee80211_local *local =
		container_of(work, struct ieee80211_local,
			     dynamic_ps_enable_work);
	struct ieee80211_sub_if_data *sdata = local->ps_sdata;

	/* can only happen when PS was just disabled anyway */
	if (!sdata)
		return;

	if (local->hw.conf.flags & IEEE80211_CONF_PS)
		return;

	if (local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK)
		ieee80211_send_nullfunc(local, sdata, 1);

	local->hw.conf.flags |= IEEE80211_CONF_PS;
	ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS);
}

void ieee80211_dynamic_ps_timer(unsigned long data)
{
	struct ieee80211_local *local = (void *) data;

724
725
726
	if (local->quiescing)
		return;

727
728
729
	queue_work(local->hw.workqueue, &local->dynamic_ps_enable_work);
}

Johannes Berg's avatar
Johannes Berg committed
730
/* MLME */
731
static void ieee80211_sta_wmm_params(struct ieee80211_local *local,
732
				     struct ieee80211_if_managed *ifmgd,
733
734
735
736
737
738
739
				     u8 *wmm_param, size_t wmm_param_len)
{
	struct ieee80211_tx_queue_params params;
	size_t left;
	int count;
	u8 *pos;

740
	if (!(ifmgd->flags & IEEE80211_STA_WMM_ENABLED))
741
742
743
744
745
		return;

	if (!wmm_param)
		return;

746
747
748
	if (wmm_param_len < 8 || wmm_param[5] /* version */ != 1)
		return;
	count = wmm_param[6] & 0x0f;
749
	if (count == ifmgd->wmm_last_param_set)
750
		return;
751
	ifmgd->wmm_last_param_set = count;
752
753
754
755
756
757
758
759
760
761
762
763
764

	pos = wmm_param + 8;
	left = wmm_param_len - 8;

	memset(&params, 0, sizeof(params));

	local->wmm_acm = 0;
	for (; left >= 4; left -= 4, pos += 4) {
		int aci = (pos[0] >> 5) & 0x03;
		int acm = (pos[0] >> 4) & 0x01;
		int queue;

		switch (aci) {
765
		case 1: /* AC_BK */
Johannes Berg's avatar
Johannes Berg committed
766
			queue = 3;
Johannes Berg's avatar
Johannes Berg committed
767
			if (acm)
768
				local->wmm_acm |= BIT(1) | BIT(2); /* BK/- */
769
			break;
770
		case 2: /* AC_VI */
Johannes Berg's avatar
Johannes Berg committed
771
			queue = 1;
Johannes Berg's avatar
Johannes Berg committed
772
			if (acm)
773
				local->wmm_acm |= BIT(4) | BIT(5); /* CL/VI */
774
			break;
775
		case 3: /* AC_VO */
Johannes Berg's avatar
Johannes Berg committed
776
			queue = 0;
Johannes Berg's avatar
Johannes Berg committed
777
			if (acm)
778
				local->wmm_acm |= BIT(6) | BIT(7); /* VO/NC */
779
			break;
780
		case 0: /* AC_BE */
781
		default:
Johannes Berg's avatar
Johannes Berg committed
782
			queue = 2;
Johannes Berg's avatar
Johannes Berg committed
783
			if (acm)
784
				local->wmm_acm |= BIT(0) | BIT(3); /* BE/EE */
785
786
787
788
789
790
			break;
		}

		params.aifs = pos[0] & 0x0f;
		params.cw_max = ecw2cw((pos[1] & 0xf0) >> 4);
		params.cw_min = ecw2cw(pos[1] & 0x0f);
791
		params.txop = get_unaligned_le16(pos + 2);
792
#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
793
		printk(KERN_DEBUG "%s: WMM queue=%d aci=%d acm=%d aifs=%d "
794
		       "cWmin=%d cWmax=%d txop=%d\n",
795
796
		       wiphy_name(local->hw.wiphy), queue, aci, acm,
		       params.aifs, params.cw_min, params.cw_max, params.txop);
797
#endif
798
		if (drv_conf_tx(local, queue, &params) && local->ops->conf_tx)
799
			printk(KERN_DEBUG "%s: failed to set TX queue "
800
801
			       "parameters for queue %d\n",
			       wiphy_name(local->hw.wiphy), queue);
802
803
804
	}
}

805
806
static u32 ieee80211_handle_bss_capability(struct ieee80211_sub_if_data *sdata,
					   u16 capab, bool erp_valid, u8 erp)
807
{
808
	struct ieee80211_bss_conf *bss_conf = &sdata->vif.bss_conf;
809
#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
810
	struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
811
#endif
812
	u32 changed = 0;
813
814
815
816
817
818
819
820
821
822
823
824
825
	bool use_protection;
	bool use_short_preamble;
	bool use_short_slot;

	if (erp_valid) {
		use_protection = (erp & WLAN_ERP_USE_PROTECTION) != 0;
		use_short_preamble = (erp & WLAN_ERP_BARKER_PREAMBLE) == 0;
	} else {
		use_protection = false;
		use_short_preamble = !!(capab & WLAN_CAPABILITY_SHORT_PREAMBLE);
	}

	use_short_slot = !!(capab & WLAN_CAPABILITY_SHORT_SLOT_TIME);
826

827
	if (use_protection != bss_conf->use_cts_prot) {
828
#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
829
		if (net_ratelimit()) {
830
			printk(KERN_DEBUG "%s: CTS protection %s (BSSID=%pM)\n",
831
			       sdata->dev->name,
832
			       use_protection ? "enabled" : "disabled",
833
			       ifmgd->bssid);
834
		}
835
#endif
836
837
		bss_conf->use_cts_prot = use_protection;
		changed |= BSS_CHANGED_ERP_CTS_PROT;
838
	}
839

840
	if (use_short_preamble != bss_conf->use_short_preamble) {
841
#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
842
843
		if (net_ratelimit()) {
			printk(KERN_DEBUG "%s: switched to %s barker preamble"
844
			       " (BSSID=%pM)\n",
845
			       sdata->dev->name,
846
			       use_short_preamble ? "short" : "long",
847
			       ifmgd->bssid);
848
		}
849
#endif
850
		bss_conf->use_short_preamble = use_short_preamble;
851
		changed |= BSS_CHANGED_ERP_PREAMBLE;
852
	}
853

854
855
856
	if (use_short_slot != bss_conf->use_short_slot) {
#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
		if (net_ratelimit()) {
857
858
			printk(KERN_DEBUG "%s: switched to %s slot time"
			       " (BSSID=%pM)\n",
859
860
			       sdata->dev->name,
			       use_short_slot ? "short" : "long",
861
			       ifmgd->bssid);
862
863
864
865
		}
#endif
		bss_conf->use_short_slot = use_short_slot;
		changed |= BSS_CHANGED_ERP_SLOT;
866
867
868
869
870
	}

	return changed;
}

871
static void ieee80211_sta_send_apinfo(struct ieee80211_sub_if_data *sdata)
872
873
{
	union iwreq_data wrqu;
874

875
	memset(&wrqu, 0, sizeof(wrqu));
876
877
	if (sdata->u.mgd.flags & IEEE80211_STA_ASSOCIATED)
		memcpy(wrqu.ap_addr.sa_data, sdata->u.mgd.bssid, ETH_ALEN);
878
879
880
881
	wrqu.ap_addr.sa_family = ARPHRD_ETHER;
	wireless_send_event(sdata->dev, SIOCGIWAP, &wrqu, NULL);
}

882
static void ieee80211_sta_send_associnfo(struct ieee80211_sub_if_data *sdata)
883
{
884
	struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
885
886
887
	char *buf;
	size_t len;
	int i;
888
889
	union iwreq_data wrqu;

890
	if (!ifmgd->assocreq_ies && !ifmgd->assocresp_ies)
891
892
		return;

893
894
	buf = kmalloc(50 + 2 * (ifmgd->assocreq_ies_len +
				ifmgd->assocresp_ies_len), GFP_KERNEL);
895
896
897
898
	if (!buf)
		return;

	len = sprintf(buf, "ASSOCINFO(");
899
	if (ifmgd->assocreq_ies) {
900
		len += sprintf(buf + len, "ReqIEs=");
901
		for (i = 0; i < ifmgd->assocreq_ies_len; i++) {
902
			len += sprintf(buf + len, "%02x",
903
				       ifmgd->assocreq_ies[i]);
904
		}
905
	}
906
907
	if (ifmgd->assocresp_ies) {
		if (ifmgd->assocreq_ies)
908
909
			len += sprintf(buf + len, " ");
		len += sprintf(buf + len, "RespIEs=");
910
		for (i = 0; i < ifmgd->assocresp_ies_len; i++) {
911
			len += sprintf(buf + len, "%02x",
912
				       ifmgd->assocresp_ies[i]);
913
		}
914
	}
915
916
917
918
	len += sprintf(buf + len, ")");

	if (len > IW_CUSTOM_MAX) {
		len = sprintf(buf, "ASSOCRESPIE=");
919
		for (i = 0; i < ifmgd->assocresp_ies_len; i++) {
920
			len += sprintf(buf + len, "%02x",
921
				       ifmgd->assocresp_ies[i]);
922
923
924
		}
	}

925
926
927
928
929
	if (len <= IW_CUSTOM_MAX) {
		memset(&wrqu, 0, sizeof(wrqu));
		wrqu.data.length = len;
		wireless_send_event(sdata->dev, IWEVCUSTOM, &wrqu, buf);
	}
930
931

	kfree(buf);
932
933
934
}


935
static void ieee80211_set_associated(struct ieee80211_sub_if_data *sdata,
Johannes Berg's avatar
Johannes Berg committed
936
				     u32 bss_info_changed)
937
{
938
	struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
939
	struct ieee80211_local *local = sdata->local;
Tomas Winkler's avatar
Tomas Winkler committed
940
	struct ieee80211_conf *conf = &local_to_hw(local)->conf;
941

942
	struct ieee80211_bss *bss;
943

Johannes Berg's avatar
Johannes Berg committed
944
	bss_info_changed |= BSS_CHANGED_ASSOC;
945
	ifmgd->flags |= IEEE80211_STA_ASSOCIATED;
946

947
	bss = ieee80211_rx_bss_get(local, ifmgd->bssid,
948
				   conf->channel->center_freq,
949
				   ifmgd->ssid, ifmgd->ssid_len);
950
951
	if (bss) {
		/* set timing information */
952
953
		sdata->vif.bss_conf.beacon_int = bss->cbss.beacon_interval;
		sdata->vif.bss_conf.timestamp = bss->cbss.tsf;
954
		sdata->vif.bss_conf.dtim_period = bss->dtim_period;
955

956
		bss_info_changed |= BSS_CHANGED_BEACON_INT;
Johannes Berg's avatar
Johannes Berg committed
957
		bss_info_changed |= ieee80211_handle_bss_capability(sdata,
958
			bss->cbss.capability, bss->has_erp_value, bss->erp_value);
959

960
961
		cfg80211_hold_bss(&bss->cbss);

962
		ieee80211_rx_bss_put(local, bss);
963
964
	}

965
966
967
	ifmgd->flags |= IEEE80211_STA_PREV_BSSID_SET;
	memcpy(ifmgd->prev_bssid, sdata->u.mgd.bssid, ETH_ALEN);
	ieee80211_sta_send_associnfo(sdata);
968

969
	ifmgd->last_probe = jiffies;
970
	ieee80211_led_assoc(local, 1);
971

972
	sdata->vif.bss_conf.assoc = 1;
973
974
975
976
977
	/*
	 * For now just always ask the driver to update the basic rateset
	 * when we have associated, we aren't checking whether it actually
	 * changed or not.
	 */
Johannes Berg's avatar
Johannes Berg committed
978
	bss_info_changed |= BSS_CHANGED_BASIC_RATES;
979
980
981
982

	/* And the BSSID changed - we're associated now */
	bss_info_changed |= BSS_CHANGED_BSSID;

Johannes Berg's avatar
Johannes Berg committed
983
	ieee80211_bss_info_change_notify(sdata, bss_info_changed);
984

985
	/* will be same as sdata */
986
987
988
989
990
	if (local->ps_sdata) {
		mutex_lock(&local->iflist_mtx);
		ieee80211_recalc_ps(local, -1);
		mutex_unlock(&local->iflist_mtx);
	}
991

992
993
	netif_tx_start_all_queues(sdata->dev);
	netif_carrier_on(sdata->dev);
994

995
	ieee80211_sta_send_apinfo(sdata);
996
997
}

998
static void ieee80211_direct_probe(struct ieee80211_sub_if_data *sdata)
999
{
1000
	struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1001
	struct ieee80211_local *local = sdata->local;
1002
1003
1004

	ifmgd->direct_probe_tries++;
	if (ifmgd->direct_probe_tries > IEEE80211_AUTH_MAX_TRIES) {
1005
		printk(KERN_DEBUG "%s: direct probe to AP %pM timed out\n",
1006
1007
		       sdata->dev->name, ifmgd->bssid);
		ifmgd->state = IEEE80211_STA_MLME_DISABLED;
1008
		ieee80211_recalc_idle(local);
1009
		cfg80211_send_auth_timeout(sdata->dev, ifmgd->bssid);
1010
1011
1012
1013
1014

		/*
		 * Most likely AP is not in the range so remove the
		 * bss information associated to the AP
		 */
1015
		ieee80211_rx_bss_remove(sdata, ifmgd->bssid,
1016
				sdata->local->hw.conf.channel->center_freq,
1017
				ifmgd->ssid, ifmgd->ssid_len);
1018
1019
1020
1021
1022
1023
1024

		/*
		 * We might have a pending scan which had no chance to run yet
		 * due to state == IEEE80211_STA_MLME_DIRECT_PROBE.
		 * Hence, queue the STAs work again
		 */
		queue_work(local->hw.workqueue, &ifmgd->work);
1025
1026
1027
		return;
	}

1028
	printk(KERN_DEBUG "%s: direct probe to AP %pM try %d\n",
1029
1030
			sdata->dev->name, ifmgd->bssid,
			ifmgd->direct_probe_tries);
1031

1032
	ifmgd->state = IEEE80211_STA_MLME_DIRECT_PROBE;
1033

1034
1035
1036
1037
	/* Direct probe is sent to broadcast address as some APs
	 * will not answer to direct packet in unassociated state.
	 */
	ieee80211_send_probe_req(sdata, NULL,
1038
				 ifmgd->ssid, ifmgd->ssid_len, NULL, 0);
1039

1040
	mod_timer(&ifmgd->timer, jiffies + IEEE80211_AUTH_TIMEOUT);
Johannes Berg's avatar
Johannes Berg committed
1041
}
1042

1043

1044
static void ieee80211_authenticate(struct ieee80211_sub_if_data *sdata)
1045
{
1046
	struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1047
	struct ieee80211_local *local = sdata->local;
1048
1049
	u8 *ies;
	size_t ies_len;
1050
1051
1052

	ifmgd->auth_tries++;
	if (ifmgd->auth_tries > IEEE80211_AUTH_MAX_TRIES) {
1053
		printk(KERN_DEBUG "%s: authentication with AP %pM"
1054
		       " timed out\n",
1055
1056
		       sdata->dev->name, ifmgd->bssid);
		ifmgd->state = IEEE80211_STA_MLME_DISABLED;
1057
		ieee80211_recalc_idle(local);
1058
		cfg80211_send_auth_timeout(sdata->dev, ifmgd->bssid);
1059
		ieee80211_rx_bss_remove(sdata, ifmgd->bssid,
1060
				sdata->local->hw.conf.channel->center_freq,
1061
				ifmgd->ssid, ifmgd->ssid_len);
1062
1063
1064
1065
1066
1067
1068

		/*
		 * We might have a pending scan which had no chance to run yet
		 * due to state == IEEE80211_STA_MLME_AUTHENTICATE.
		 * Hence, queue the STAs work again
		 */
		queue_work(local->hw.workqueue, &ifmgd->work);
1069
1070
1071
		return;
	}

1072
	ifmgd->state = IEEE80211_STA_MLME_AUTHENTICATE;
1073
	printk(KERN_DEBUG "%s: authenticate with AP %pM\n",
1074
	       sdata->dev->name, ifmgd->bssid);
1075

Jouni Malinen's avatar