1. 07 May, 2010 1 commit
    • Johannes Berg's avatar
      cfg80211/mac80211: better channel handling · f444de05
      Johannes Berg authored
      
      
      Currently (all tested with hwsim) you can do stupid
      things like setting up an AP on a certain channel,
      then adding another virtual interface and making
      that associate on another channel -- this will make
      the beaconing to move channel but obviously without
      the necessary IEs data update.
      
      In order to improve this situation, first make the
      configuration APIs (cfg80211 and nl80211) aware of
      multi-channel operation -- we'll eventually need
      that in the future anyway. There's one userland API
      change and one API addition. The API change is that
      now SET_WIPHY must be called with virtual interface
      index rather than only wiphy index in order to take
      effect for that interface -- luckily all current
      users (hostapd) do that. For monitor interfaces, the
      old setting is preserved, but monitors are always
      slaved to other devices anyway so no guarantees.
      
      The second userland API change is the introduction
      of a per virtual interface SET_CHANNEL command, that
      hostapd should use going forward to make it easier
      to understand what's going on (it can automatically
      detect a kernel with this command).
      
      Other than mac80211, no existing cfg80211 drivers
      are affected by this change because they only allow
      a single virtual interface.
      
      mac80211, however, now needs to be aware that the
      channel settings are per interface now, and needs
      to disallow (for now) real multi-channel operation,
      which is another important part of this patch.
      
      One of the immediate benefits is that you can now
      start hostapd to operate on a hardware that already
      has a connection on another virtual interface, as
      long as you specify the same channel.
      
      Note that two things are left unhandled (this is an
      improvement -- not a complete fix):
      
       * different HT/no-HT modes
      
         currently you could start an HT AP and then
         connect to a non-HT network on the same channel
         which would configure the hardware for no HT;
         that can be fixed fairly easily
      
       * CSA
      
         An AP we're connected to on a virtual interface
         might indicate switching channels, and in that
         case we would follow it, regardless of how many
         other interfaces are operating; this requires
         more effort to fix but is pretty rare after all
      Signed-off-by: default avatarJohannes Berg <johannes@sipsolutions.net>
      Signed-off-by: default avatarJohn W. Linville <linville@tuxdriver.com>
      f444de05
  2. 07 Apr, 2010 1 commit
    • Jouni Malinen's avatar
      cfg80211: Add local-state-change-only auth/deauth/disassoc · d5cdfacb
      Jouni Malinen authored
      
      
      cfg80211 is quite strict on allowing authentication and association
      commands only in certain states. In order to meet these requirements,
      user space applications may need to clear authentication or
      association state in some cases. Currently, this can be done with
      deauth/disassoc command, but that ends up sending out Deauthentication
      or Disassociation frame unnecessarily. Add a new nl80211 attribute to
      allow this sending of the frame be skipped, but with all other
      deauth/disassoc operations being completed.
      
      Similar state change is also needed for IEEE 802.11r FT protocol in
      the FT-over-DS case which does not use Authentication frame exchange
      in a transition to another BSS. For this to work with cfg80211, an
      authentication entry needs to be created for the target BSS without
      sending out an Authentication frame. The nl80211 authentication
      command can be used for this purpose, too, with the new attribute to
      indicate that the command is only for changing local state. This
      enables wpa_supplicant to complete FT-over-DS transition successfully.
      Signed-off-by: default avatarJouni Malinen <j@w1.fi>
      Signed-off-by: default avatarJohn W. Linville <linville@tuxdriver.com>
      d5cdfacb
  3. 15 Feb, 2010 1 commit
    • Jouni Malinen's avatar
      cfg80211/mac80211: allow registering for and sending action frames · 026331c4
      Jouni Malinen authored
      
      
      This implements a new command to register for action frames
      that userspace wants to handle instead of the in-kernel
      rejection. It is then responsible for rejecting ones that
      it decided not to handle. There is no unregistration, but
      the socket can be closed for that.
      
      Frames that are not registered for will not be forwarded
      to userspace and will be rejected by the kernel, the
      cfg80211 API helps implementing that.
      
      Additionally, this patch adds a new command that allows
      doing action frame transmission from userspace. It can be
      used either to exchange action frames on the current
      operational channel (e.g., with the AP with which we are
      currently associated) or to exchange off-channel Public
      Action frames with the remain-on-channel command.
      Signed-off-by: default avatarJouni Malinen <jouni.malinen@atheros.com>
      Signed-off-by: default avatarJohannes Berg <johannes@sipsolutions.net>
      Signed-off-by: default avatarJohn W. Linville <linville@tuxdriver.com>
      026331c4
  4. 19 Jan, 2010 1 commit
  5. 12 Jan, 2010 1 commit
    • Jouni Malinen's avatar
      cfg80211: Store IEs from both Beacon and Probe Response frames · 34a6eddb
      Jouni Malinen authored
      
      
      Store information elements from Beacon and Probe Response frames in
      separate buffers to allow both sets to be made available through
      nl80211. This allows user space applications to get access to IEs from
      Beacon frames even if we have received Probe Response frames from the
      BSS. Previously, the IEs from Probe Response frames would have
      overridden the IEs from Beacon frames.
      
      This feature is of somewhat limited use since most protocols include
      the same (or extended) information in Probe Response frames. However,
      there are couple of exceptions where the IEs from Beacon frames could
      be of some use: TIM IE is only included in Beacon frames (and it would
      be needed to figure out the DTIM period used in the BSS) and at least
      some implementations of Wireless Provisioning Services seem to include
      the full IE only in Beacon frames).
      
      The new BSS attribute for scan results is added to allow both the IE
      sets to be delivered. This is done in a way that maintains the
      previously used behavior for applications that are not aware of the
      new NL80211_BSS_BEACON_IES attribute.
      Signed-off-by: default avatarJouni Malinen <j@w1.fi>
      Acked-by: default avatarJohannes Berg <johannes@sipsolutions.net>
      Signed-off-by: default avatarJohn W. Linville <linville@tuxdriver.com>
      34a6eddb
  6. 28 Dec, 2009 1 commit
    • Jouni Malinen's avatar
      cfg80211: add remain-on-channel command · 9588bbd5
      Jouni Malinen authored
      
      
      Add new commands for requesting the driver to remain awake
      on a specified channel for the specified amount of time
      (and another command to cancel such an operation). This
      can be used to implement userspace-controlled off-channel
      operations, like Public Action frame exchange on another
      channel than the operation channel.
      
      The off-channel operation should behave similarly to scan,
      i.e. the local station (if associated) moves into power
      save mode to request the AP to buffer frames for it and
      then moves to the other channel to allow the off-channel
      operation to be completed. The duration parameter can be
      used to request enough time to receive a response from
      the target station.
      Signed-off-by: default avatarJouni Malinen <jouni.malinen@atheros.com>
      Signed-off-by: default avatarJohannes Berg <johannes@sipsolutions.net>
      Signed-off-by: default avatarJohn W. Linville <linville@tuxdriver.com>
      9588bbd5
  7. 21 Dec, 2009 1 commit
  8. 28 Nov, 2009 1 commit
    • Alban Browaeys's avatar
      wireless : use a dedicated workqueue for cfg80211. · e60d7443
      Alban Browaeys authored
      
      
      This patch moves the works cleanup, scan and events to a cfg80211
      dedicated workqueue.
      
      Platform driver like eeepc-laptop ought to use works to rfkill (as
      new rfkill does lock in rfkill_unregister and the platform driver is
      called from rfkill_switch_all which also lock the same mutex).
      This raise a new issue in itself that the work scheduled by the platform
      driver to the global worqueue calls wiphy_unregister which flush_work
      scan and event works (which thus flush works on the global workqueue inside
      a work on the global workqueue) and also put on hold the  wdev_cleanup_work
       (which prevents the dev_put on netdev thus indefinite Usage count error on
      wifi device).
      Signed-off-by: default avatarJohannes Berg <johannes@sipsolutions.net>
      Signed-off-by: default avatarAlban Browaeys <prahal@yahoo.com>
      Signed-off-by: default avatarJohn W. Linville <linville@tuxdriver.com>
      e60d7443
  9. 18 Nov, 2009 1 commit
  10. 30 Oct, 2009 1 commit
    • Johannes Berg's avatar
      cfg80211/mac80211: use debugfs_remove_recursive · 7bcfaf2f
      Johannes Berg authored
      
      
      We can save a lot of code and pointers in the structs
      by using debugfs_remove_recursive().
      
      First, change cfg80211 to use debugfs_remove_recursive()
      so that drivers do not need to clean up any files they
      added to the per-wiphy debugfs (if and only if they are
      ok to be accessed until after wiphy_unregister!).
      
      Then also make mac80211 use debugfs_remove_recursive()
      where necessary -- it need not remove per-wiphy files
      as cfg80211 now removes those, but netdev etc. files
      still need to be handled but can now be removed without
      needing struct dentry pointers to all of them.
      Signed-off-by: default avatarJohannes Berg <johannes@sipsolutions.net>
      Signed-off-by: default avatarJohn W. Linville <linville@tuxdriver.com>
      7bcfaf2f
  11. 27 Oct, 2009 1 commit
  12. 28 Aug, 2009 3 commits
    • Johannes Berg's avatar
      cfg80211: clean up properly on interface type change · 3d54d255
      Johannes Berg authored
      
      
      When the interface type changes while connected, and the
      driver does not require the interface to be down for a
      type change, it is currently possible to get very strange
      results unless the driver takes special care, which it
      shouldn't have to.
      
      To fix this, take care to disconnect/leave IBSS when
      changing the interface type -- even if the driver may fail
      the call. Also process all events that may be pending to
      avoid running into a situation where an event is reported
      but only processed after the type has already changed,
      which would lead to missing events and warnings.
      
      A side effect of this is that you will have disconnected
      or left the IBSS even if the mode change ultimately fails,
      but since the intention was to change it and thus leave or
      disconnect, this is not a problem.
      Signed-off-by: default avatarJohannes Berg <johannes@sipsolutions.net>
      Signed-off-by: default avatarJohn W. Linville <linville@tuxdriver.com>
      3d54d255
    • Johannes Berg's avatar
      cfg80211: make spurious warnings less likely, configurable · f7969969
      Johannes Berg authored
      
      
      Bob reported that he got warnings in IBSS mode about
      the ssid_len being zero on a joined event, but only
      when kmemcheck was enabled. This appears to be due
      to a race condition between drivers and userspace,
      when the driver reports joined but the user in the
      meantime decided to leave the IBSS again, the warning
      would trigger. This was made more likely by kmemcheck
      delaying the code that does the check and sends the
      event.
      
      So first, make the warning trigger closer to the
      driver, which means it's not locked, but since only
      the warning depends on it that's ok.
      
      And secondly, users will not want to have spurious
      warnings at all, so make those that are known to be
      racy in such a way configurable.
      Reported-by: default avatarBob Copeland <me@bobcopeland.com>
      Signed-off-by: default avatarJohannes Berg <johannes@sipsolutions.net>
      Signed-off-by: default avatarJohn W. Linville <linville@tuxdriver.com>
      f7969969
    • Johannes Berg's avatar
      cfg80211: check lost scans later, fix bug · 01a0ac41
      Johannes Berg authored
      
      
      When we lose a scan, cfg80211 tries to clean up after
      the driver. However, it currently does this too early,
      it does this in GOING_DOWN already instead of DOWN, so
      it may happen with mac80211. Besides fixing this, also
      make it more robust by leaking the scan request so if
      the driver later actually finishes the scan, it won't
      crash. Also check in ___cfg80211_scan_done whether a
      scan request is still pending and exit if not.
      Reported-by: default avatarFelix Fietkau <nbd@openwrt.org>
      Signed-off-by: default avatarJohannes Berg <johannes@sipsolutions.net>
      Tested-by: default avatarFelix Fietkau <nbd@openwrt.org>
      Signed-off-by: default avatarJohn W. Linville <linville@tuxdriver.com>
      01a0ac41
  13. 20 Aug, 2009 1 commit
    • Johannes Berg's avatar
      cfg80211: fix dangling scan request checking · ad002395
      Johannes Berg authored
      
      
      My patch "cfg80211: fix deadlock" broke the code it
      was supposed to fix, the scan request checking. But
      it's not trivial to put it back the way it was, since
      the original patch had a deadlock.
      
      Now do it in a completely new way: queue the check
      off to a work struct, where we can freely lock. But
      that has some more complications, like needing to
      wait for it to be done before the wiphy/rdev can be
      destroyed, so some code is required to handle that.
      Signed-off-by: default avatarJohannes Berg <johannes@sipsolutions.net>
      Signed-off-by: default avatarJohn W. Linville <linville@tuxdriver.com>
      ad002395
  14. 14 Aug, 2009 5 commits
    • Johannes Berg's avatar
      cfg80211: check for and abort dangling scan requests · 36e6fea8
      Johannes Berg authored
      
      
      If you trigger a scan request on an interface and then
      take it down, or rmmod the module or unplug the device
      the driver might "forget" to cancel the scan request.
      That is a bug in the driver, but the current behaviour
      is that we just hang endlessly waiting for the netdev
      refcount to become 0 which it never will. To improve
      robustness, check for this situation in cfg80211, warn
      about it and clean up behind the driver. I don't just
      clean up silently because it's likely that the driver
      also has some internal state it has now leaked.
      
      Additionally, this fixes a locking bug, clearing the
      scan_req pointer should be done under the rdev lock.
      
      Finally, we also need to _wait_ for the scan work and
      not just abort it since it might be pending and wanting
      to do a cleanup.
      Signed-off-by: default avatarJohannes Berg <johannes@sipsolutions.net>
      Signed-off-by: default avatarJohn W. Linville <linville@tuxdriver.com>
      36e6fea8
    • Johannes Berg's avatar
      cfg80211: fix locking for SIWFREQ · 4b181144
      Johannes Berg authored
      
      
      "cfg80211: validate channel settings across interfaces"
      contained a locking bug -- in the managed-mode SIWFREQ
      call it would end up running into a lock recursion.
      
      This fixes it by not checking that particular interface
      for a channel that it needs to stay on, which is as it
      should be as that's the interface we're setting the
      channel for.
      Reported-by: default avatarReinette Chatre <reinette.chatre@intel.com>
      Reported-by: default avatarKalle Valo <kalle.valo@iki.fi>
      Signed-off-by: default avatarJohannes Berg <johannes@sipsolutions.net>
      Tested-by: default avatarKalle Valo <kalle.valo@iki.fi>
      Tested-by: default avatarReinette Chatre <reinette.chatre@intel.com>
      Signed-off-by: default avatarJohn W. Linville <linville@tuxdriver.com>
      4b181144
    • Johannes Berg's avatar
      nl80211: add generation number to all dumps · f5ea9120
      Johannes Berg authored
      
      
      In order for userspace to be able to figure out whether
      it obtained a consistent snapshot of data or not when
      using netlink dumps, we need to have a generation number
      in each dump message that indicates whether the list has
      changed or not -- its value is arbitrary.
      
      This patch adds such a number to all dumps, this needs
      some mac80211 involvement to keep track of a generation
      number to start with when adding/removing mesh paths or
      stations.
      
      The wiphy and netdev lists can be fully handled within
      cfg80211, of course, but generation numbers need to be
      stored there as well.
      Signed-off-by: default avatarJohannes Berg <johannes@sipsolutions.net>
      Signed-off-by: default avatarJohn W. Linville <linville@tuxdriver.com>
      f5ea9120
    • Johannes Berg's avatar
      cfg80211: use reassociation when possible · f401a6f7
      Johannes Berg authored
      
      
      With the move of everything related to the SME from
      mac80211 to cfg80211, we lost the ability to send
      reassociation frames. This adds them back, but only
      for wireless extensions. With the userspace SME, it
      shall control assoc vs. reassoc (it already can do
      so with the nl80211 interface).
      
      I haven't touched the connect() implementation, so
      it is not possible to reassociate with the nl80211
      connect primitive. I think that should be done with
      the NL80211_CMD_ROAM command, but we'll have to see
      how that can be handled in the future, especially
      with fullmac chips.
      
      This patch addresses only the immediate regression
      we had in mac80211, which previously sent reassoc.
      Signed-off-by: default avatarJohannes Berg <johannes@sipsolutions.net>
      Signed-off-by: default avatarJohn W. Linville <linville@tuxdriver.com>
      f401a6f7
    • Johannes Berg's avatar
      cfg80211: validate channel settings across interfaces · 59bbb6f7
      Johannes Berg authored
      
      
      Currently, there's a problem that affects regulatory
      enforcement and connection stability, in that it is
      possible to switch the channel while connected to a
      network or joined to an IBSS.
      
      The problem comes from the fact that we only validate
      the channel against the current interface's type, not
      against any other interface. Thus, you have any type
      of interface up, additionally bring up a monitor mode
      interface and switch the channel on the monitor. This
      will obviously also switch the channel on the other
      interface.
      
      The problem now is that if you do that while sending
      beacons for IBSS mode, you can switch to a disabled
      channel or a channel that doesn't allow beaconing.
      Combined with a managed mode interface connected to
      an AP instead of an IBSS interface, you can easily
      break the connection that way.
      
      To fix this, this patch validates any channel change
      with all available interfaces, and disallows such
      changes on secondary interfaces if another interface
      is connected to an AP or joined to an IBSS.
      Signed-off-by: default avatarJohannes Berg <johannes@sipsolutions.net>
      Signed-off-by: default avatarJohn W. Linville <linville@tuxdriver.com>
      59bbb6f7
  15. 04 Aug, 2009 1 commit
  16. 29 Jul, 2009 1 commit
  17. 27 Jul, 2009 1 commit
    • Johannes Berg's avatar
      cfg80211: make aware of net namespaces · 463d0183
      Johannes Berg authored
      
      
      In order to make cfg80211/nl80211 aware of network namespaces,
      we have to do the following things:
      
       * del_virtual_intf method takes an interface index rather
         than a netdev pointer - simply change this
      
       * nl80211 uses init_net a lot, it changes to use the sender's
         network namespace
      
       * scan requests use the interface index, hold a netdev pointer
         and reference instead
      
       * we want a wiphy and its associated virtual interfaces to be
         in one netns together, so
          - we need to be able to change ns for a given interface, so
            export dev_change_net_namespace()
          - for each virtual interface set the NETIF_F_NETNS_LOCAL
            flag, and clear that flag only when the wiphy changes ns,
            to disallow breaking this invariant
      
       * when a network namespace goes away, we need to reparent the
         wiphy to init_net
      
       * cfg80211 users that support creating virtual interfaces must
         create them in the wiphy's namespace, currently this affects
         only mac80211
      
      The end result is that you can now switch an entire wiphy into
      a different network namespace with the new command
      	iw phy#<idx> set netns <pid>
      and all virtual interfaces will follow (or the operation fails).
      Signed-off-by: default avatarJohannes Berg <johannes@sipsolutions.net>
      Signed-off-by: default avatarJohn W. Linville <linville@tuxdriver.com>
      463d0183
  18. 24 Jul, 2009 1 commit
    • Johannes Berg's avatar
      cfg80211: rework key operation · fffd0934
      Johannes Berg authored
      
      
      This reworks the key operation in cfg80211, and now only
      allows, from userspace, configuring keys (via nl80211)
      after the connection has been established (in managed
      mode), the IBSS been joined (in IBSS mode), at any time
      (in AP[_VLAN] modes) or never for all the other modes.
      
      In order to do shared key authentication correctly, it
      is now possible to give a WEP key to the AUTH command.
      To configure static WEP keys, these are given to the
      CONNECT or IBSS_JOIN command directly, for a userspace
      SME it is assumed it will configure it properly after
      the connection has been established.
      
      Since mac80211 used to check the default key in IBSS
      mode to see whether or not the network is protected,
      it needs an update in that area, as well as an update
      to make use of the WEP key passed to auth() for shared
      key authentication.
      Signed-off-by: default avatarJohannes Berg <johannes@sipsolutions.net>
      Signed-off-by: default avatarJohn W. Linville <linville@tuxdriver.com>
      fffd0934
  19. 10 Jul, 2009 9 commits
  20. 03 Jun, 2009 1 commit
  21. 20 May, 2009 4 commits
  22. 13 May, 2009 1 commit
    • Johannes Berg's avatar
      cfg80211: implement wext key handling · 08645126
      Johannes Berg authored
      
      
      Move key handling wireless extension ioctls from mac80211 to cfg80211
      so that all drivers that implement the cfg80211 operations get wext
      compatibility.
      
      Note that this drops the SIOCGIWENCODE ioctl support for getting
      IW_ENCODE_RESTRICTED/IW_ENCODE_OPEN. This means that iwconfig will
      no longer report "Security mode:open" or "Security mode:restricted"
      for mac80211. However, what we displayed there (the authentication
      algo used) was actually wrong -- linux/wireless.h states that this
      setting is meant to differentiate between "Refuse non-encoded packets"
      and "Accept non-encoded packets".
      
      (Combined with "cfg80211: fix a couple of bugs with key ioctls". -- JWL)
      Signed-off-by: default avatarJohannes Berg <johannes@sipsolutions.net>
      Signed-off-by: default avatarJohn W. Linville <linville@tuxdriver.com>
      08645126
  23. 22 Apr, 2009 1 commit