2 * BSS client mode implementation
3 * Copyright 2003, Jouni Malinen <jkmaline@cc.hut.fi>
4 * Copyright 2004, Instant802 Networks, Inc.
5 * Copyright 2005, Devicescape Software, Inc.
6 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz>
7 * Copyright 2007, Michael Wu <flamingice@sourmilk.net>
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License version 2 as
11 * published by the Free Software Foundation.
15 * order BSS list by RSSI(?) ("quality of AP")
16 * scan result table filtering (by capability (privacy, IBSS/BSS, WPA/RSN IE,
19 #include <linux/delay.h>
20 #include <linux/if_ether.h>
21 #include <linux/skbuff.h>
22 #include <linux/netdevice.h>
23 #include <linux/if_arp.h>
24 #include <linux/wireless.h>
25 #include <linux/random.h>
26 #include <linux/etherdevice.h>
27 #include <linux/rtnetlink.h>
28 #include <net/iw_handler.h>
29 #include <net/mac80211.h>
31 #include "ieee80211_i.h"
36 #define IEEE80211_ASSOC_SCANS_MAX_TRIES 2
37 #define IEEE80211_AUTH_TIMEOUT (HZ / 5)
38 #define IEEE80211_AUTH_MAX_TRIES 3
39 #define IEEE80211_ASSOC_TIMEOUT (HZ / 5)
40 #define IEEE80211_ASSOC_MAX_TRIES 3
41 #define IEEE80211_MONITORING_INTERVAL (2 * HZ)
42 #define IEEE80211_MESH_HOUSEKEEPING_INTERVAL (60 * HZ)
43 #define IEEE80211_PROBE_INTERVAL (60 * HZ)
44 #define IEEE80211_RETRY_AUTH_INTERVAL (1 * HZ)
45 #define IEEE80211_SCAN_INTERVAL (2 * HZ)
46 #define IEEE80211_SCAN_INTERVAL_SLOW (15 * HZ)
47 #define IEEE80211_IBSS_JOIN_TIMEOUT (7 * HZ)
49 #define IEEE80211_IBSS_MERGE_INTERVAL (30 * HZ)
50 #define IEEE80211_IBSS_INACTIVITY_LIMIT (60 * HZ)
51 #define IEEE80211_MESH_PEER_INACTIVITY_LIMIT (1800 * HZ)
53 #define IEEE80211_IBSS_MAX_STA_ENTRIES 128
56 /* mgmt header + 1 byte category code */
57 #define IEEE80211_MIN_ACTION_SIZE (24 + 1)
59 #define IEEE80211_ADDBA_PARAM_POLICY_MASK 0x0002
60 #define IEEE80211_ADDBA_PARAM_TID_MASK 0x003C
61 #define IEEE80211_ADDBA_PARAM_BUF_SIZE_MASK 0xFFA0
62 #define IEEE80211_DELBA_PARAM_TID_MASK 0xF000
63 #define IEEE80211_DELBA_PARAM_INITIATOR_MASK 0x0800
65 /* next values represent the buffer size for A-MPDU frame.
66 * According to IEEE802.11n spec size varies from 8K to 64K (in powers of 2) */
67 #define IEEE80211_MIN_AMPDU_BUF 0x8
68 #define IEEE80211_MAX_AMPDU_BUF 0x40
71 static struct ieee80211_sta_bss *
72 ieee80211_rx_bss_get(struct ieee80211_local *local, u8 *bssid, int freq,
73 u8 *ssid, u8 ssid_len)
75 struct ieee80211_sta_bss *bss;
77 spin_lock_bh(&local->sta_bss_lock);
78 bss = local->sta_bss_hash[STA_HASH(bssid)];
80 if (!bss_mesh_cfg(bss) &&
81 !memcmp(bss->bssid, bssid, ETH_ALEN) &&
83 bss->ssid_len == ssid_len &&
84 (ssid_len == 0 || !memcmp(bss->ssid, ssid, ssid_len))) {
85 atomic_inc(&bss->users);
90 spin_unlock_bh(&local->sta_bss_lock);
94 /* Caller must hold local->sta_bss_lock */
95 static void __ieee80211_rx_bss_hash_add(struct ieee80211_local *local,
96 struct ieee80211_sta_bss *bss)
100 if (bss_mesh_cfg(bss))
101 hash_idx = mesh_id_hash(bss_mesh_id(bss),
102 bss_mesh_id_len(bss));
104 hash_idx = STA_HASH(bss->bssid);
106 bss->hnext = local->sta_bss_hash[hash_idx];
107 local->sta_bss_hash[hash_idx] = bss;
110 /* Caller must hold local->sta_bss_lock */
111 static void __ieee80211_rx_bss_hash_del(struct ieee80211_local *local,
112 struct ieee80211_sta_bss *bss)
114 struct ieee80211_sta_bss *b, *prev = NULL;
115 b = local->sta_bss_hash[STA_HASH(bss->bssid)];
119 local->sta_bss_hash[STA_HASH(bss->bssid)] =
122 prev->hnext = bss->hnext;
130 static struct ieee80211_sta_bss *
131 ieee80211_rx_bss_add(struct ieee80211_local *local, u8 *bssid, int freq,
132 u8 *ssid, u8 ssid_len)
134 struct ieee80211_sta_bss *bss;
136 bss = kzalloc(sizeof(*bss), GFP_ATOMIC);
139 atomic_inc(&bss->users);
140 atomic_inc(&bss->users);
141 memcpy(bss->bssid, bssid, ETH_ALEN);
143 if (ssid && ssid_len <= IEEE80211_MAX_SSID_LEN) {
144 memcpy(bss->ssid, ssid, ssid_len);
145 bss->ssid_len = ssid_len;
148 spin_lock_bh(&local->sta_bss_lock);
149 /* TODO: order by RSSI? */
150 list_add_tail(&bss->list, &local->sta_bss_list);
151 __ieee80211_rx_bss_hash_add(local, bss);
152 spin_unlock_bh(&local->sta_bss_lock);
156 #ifdef CONFIG_MAC80211_MESH
157 static struct ieee80211_sta_bss *
158 ieee80211_rx_mesh_bss_get(struct ieee80211_local *local, u8 *mesh_id, int mesh_id_len,
159 u8 *mesh_cfg, int freq)
161 struct ieee80211_sta_bss *bss;
163 spin_lock_bh(&local->sta_bss_lock);
164 bss = local->sta_bss_hash[mesh_id_hash(mesh_id, mesh_id_len)];
166 if (bss_mesh_cfg(bss) &&
167 !memcmp(bss_mesh_cfg(bss), mesh_cfg, MESH_CFG_CMP_LEN) &&
169 mesh_id_len == bss->mesh_id_len &&
170 (mesh_id_len == 0 || !memcmp(bss->mesh_id, mesh_id,
172 atomic_inc(&bss->users);
177 spin_unlock_bh(&local->sta_bss_lock);
181 static struct ieee80211_sta_bss *
182 ieee80211_rx_mesh_bss_add(struct ieee80211_local *local, u8 *mesh_id, int mesh_id_len,
183 u8 *mesh_cfg, int mesh_config_len, int freq)
185 struct ieee80211_sta_bss *bss;
187 if (mesh_config_len != MESH_CFG_LEN)
190 bss = kzalloc(sizeof(*bss), GFP_ATOMIC);
194 bss->mesh_cfg = kmalloc(MESH_CFG_CMP_LEN, GFP_ATOMIC);
195 if (!bss->mesh_cfg) {
200 if (mesh_id_len && mesh_id_len <= IEEE80211_MAX_MESH_ID_LEN) {
201 bss->mesh_id = kmalloc(mesh_id_len, GFP_ATOMIC);
203 kfree(bss->mesh_cfg);
207 memcpy(bss->mesh_id, mesh_id, mesh_id_len);
210 atomic_inc(&bss->users);
211 atomic_inc(&bss->users);
212 memcpy(bss->mesh_cfg, mesh_cfg, MESH_CFG_CMP_LEN);
213 bss->mesh_id_len = mesh_id_len;
215 spin_lock_bh(&local->sta_bss_lock);
216 /* TODO: order by RSSI? */
217 list_add_tail(&bss->list, &local->sta_bss_list);
218 __ieee80211_rx_bss_hash_add(local, bss);
219 spin_unlock_bh(&local->sta_bss_lock);
224 static void ieee80211_rx_bss_free(struct ieee80211_sta_bss *bss)
227 kfree(bss_mesh_id(bss));
228 kfree(bss_mesh_cfg(bss));
232 void ieee80211_rx_bss_put(struct ieee80211_local *local,
233 struct ieee80211_sta_bss *bss)
236 if (!atomic_dec_and_lock(&bss->users, &local->sta_bss_lock)) {
241 __ieee80211_rx_bss_hash_del(local, bss);
242 list_del(&bss->list);
243 spin_unlock_bh(&local->sta_bss_lock);
244 ieee80211_rx_bss_free(bss);
247 void ieee80211_rx_bss_list_init(struct ieee80211_local *local)
249 spin_lock_init(&local->sta_bss_lock);
250 INIT_LIST_HEAD(&local->sta_bss_list);
253 void ieee80211_rx_bss_list_deinit(struct ieee80211_local *local)
255 struct ieee80211_sta_bss *bss, *tmp;
257 list_for_each_entry_safe(bss, tmp, &local->sta_bss_list, list)
258 ieee80211_rx_bss_put(local, bss);
261 static u8 *ieee80211_bss_get_ie(struct ieee80211_sta_bss *bss, u8 ie)
268 end = pos + bss->ies_len;
270 while (pos + 1 < end) {
271 if (pos + 2 + pos[1] > end)
282 static int ecw2cw(int ecw)
284 return (1 << ecw) - 1;
287 /* frame sending functions */
288 void ieee80211_sta_tx(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb,
291 skb->dev = sdata->local->mdev;
292 skb_set_mac_header(skb, 0);
293 skb_set_network_header(skb, 0);
294 skb_set_transport_header(skb, 0);
296 skb->iif = sdata->dev->ifindex;
297 skb->do_not_encrypt = !encrypt;
302 static void ieee80211_send_auth(struct ieee80211_sub_if_data *sdata,
303 struct ieee80211_if_sta *ifsta,
304 int transaction, u8 *extra, size_t extra_len,
307 struct ieee80211_local *local = sdata->local;
309 struct ieee80211_mgmt *mgmt;
311 skb = dev_alloc_skb(local->hw.extra_tx_headroom +
312 sizeof(*mgmt) + 6 + extra_len);
314 printk(KERN_DEBUG "%s: failed to allocate buffer for auth "
315 "frame\n", sdata->dev->name);
318 skb_reserve(skb, local->hw.extra_tx_headroom);
320 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24 + 6);
321 memset(mgmt, 0, 24 + 6);
322 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
323 IEEE80211_STYPE_AUTH);
325 mgmt->frame_control |= cpu_to_le16(IEEE80211_FCTL_PROTECTED);
326 memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
327 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
328 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
329 mgmt->u.auth.auth_alg = cpu_to_le16(ifsta->auth_alg);
330 mgmt->u.auth.auth_transaction = cpu_to_le16(transaction);
331 ifsta->auth_transaction = transaction + 1;
332 mgmt->u.auth.status_code = cpu_to_le16(0);
334 memcpy(skb_put(skb, extra_len), extra, extra_len);
336 ieee80211_sta_tx(sdata, skb, encrypt);
339 void ieee80211_send_probe_req(struct ieee80211_sub_if_data *sdata, u8 *dst,
340 u8 *ssid, size_t ssid_len)
342 struct ieee80211_local *local = sdata->local;
343 struct ieee80211_supported_band *sband;
345 struct ieee80211_mgmt *mgmt;
346 u8 *pos, *supp_rates, *esupp_rates = NULL;
349 skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*mgmt) + 200);
351 printk(KERN_DEBUG "%s: failed to allocate buffer for probe "
352 "request\n", sdata->dev->name);
355 skb_reserve(skb, local->hw.extra_tx_headroom);
357 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
359 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
360 IEEE80211_STYPE_PROBE_REQ);
361 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
363 memcpy(mgmt->da, dst, ETH_ALEN);
364 memcpy(mgmt->bssid, dst, ETH_ALEN);
366 memset(mgmt->da, 0xff, ETH_ALEN);
367 memset(mgmt->bssid, 0xff, ETH_ALEN);
369 pos = skb_put(skb, 2 + ssid_len);
370 *pos++ = WLAN_EID_SSID;
372 memcpy(pos, ssid, ssid_len);
374 supp_rates = skb_put(skb, 2);
375 supp_rates[0] = WLAN_EID_SUPP_RATES;
377 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
379 for (i = 0; i < sband->n_bitrates; i++) {
380 struct ieee80211_rate *rate = &sband->bitrates[i];
382 pos = skb_put(skb, 1);
384 } else if (supp_rates[1] == 8) {
385 esupp_rates = skb_put(skb, 3);
386 esupp_rates[0] = WLAN_EID_EXT_SUPP_RATES;
388 pos = &esupp_rates[2];
390 pos = skb_put(skb, 1);
393 *pos = rate->bitrate / 5;
396 ieee80211_sta_tx(sdata, skb, 0);
400 static void ieee80211_sta_def_wmm_params(struct ieee80211_sub_if_data *sdata,
401 struct ieee80211_sta_bss *bss,
404 struct ieee80211_local *local = sdata->local;
405 int i, have_higher_than_11mbit = 0;
408 /* cf. IEEE 802.11 9.2.12 */
409 for (i = 0; i < bss->supp_rates_len; i++)
410 if ((bss->supp_rates[i] & 0x7f) * 5 > 110)
411 have_higher_than_11mbit = 1;
413 if (local->hw.conf.channel->band == IEEE80211_BAND_2GHZ &&
414 have_higher_than_11mbit)
415 sdata->flags |= IEEE80211_SDATA_OPERATING_GMODE;
417 sdata->flags &= ~IEEE80211_SDATA_OPERATING_GMODE;
420 if (local->ops->conf_tx) {
421 struct ieee80211_tx_queue_params qparam;
423 memset(&qparam, 0, sizeof(qparam));
427 if (local->hw.conf.channel->band == IEEE80211_BAND_2GHZ &&
428 !(sdata->flags & IEEE80211_SDATA_OPERATING_GMODE))
433 qparam.cw_max = 1023;
436 for (i = 0; i < local_to_hw(local)->queues; i++)
437 local->ops->conf_tx(local_to_hw(local), i, &qparam);
441 static void ieee80211_sta_wmm_params(struct ieee80211_local *local,
442 struct ieee80211_if_sta *ifsta,
443 u8 *wmm_param, size_t wmm_param_len)
445 struct ieee80211_tx_queue_params params;
450 if (!(ifsta->flags & IEEE80211_STA_WMM_ENABLED))
456 if (wmm_param_len < 8 || wmm_param[5] /* version */ != 1)
458 count = wmm_param[6] & 0x0f;
459 if (count == ifsta->wmm_last_param_set)
461 ifsta->wmm_last_param_set = count;
464 left = wmm_param_len - 8;
466 memset(¶ms, 0, sizeof(params));
468 if (!local->ops->conf_tx)
472 for (; left >= 4; left -= 4, pos += 4) {
473 int aci = (pos[0] >> 5) & 0x03;
474 int acm = (pos[0] >> 4) & 0x01;
481 local->wmm_acm |= BIT(0) | BIT(3);
486 local->wmm_acm |= BIT(4) | BIT(5);
491 local->wmm_acm |= BIT(6) | BIT(7);
497 local->wmm_acm |= BIT(1) | BIT(2);
501 params.aifs = pos[0] & 0x0f;
502 params.cw_max = ecw2cw((pos[1] & 0xf0) >> 4);
503 params.cw_min = ecw2cw(pos[1] & 0x0f);
504 params.txop = get_unaligned_le16(pos + 2);
505 #ifdef CONFIG_MAC80211_VERBOSE_DEBUG
506 printk(KERN_DEBUG "%s: WMM queue=%d aci=%d acm=%d aifs=%d "
507 "cWmin=%d cWmax=%d txop=%d\n",
508 local->mdev->name, queue, aci, acm, params.aifs, params.cw_min,
509 params.cw_max, params.txop);
511 /* TODO: handle ACM (block TX, fallback to next lowest allowed
513 if (local->ops->conf_tx(local_to_hw(local), queue, ¶ms)) {
514 printk(KERN_DEBUG "%s: failed to set TX queue "
515 "parameters for queue %d\n", local->mdev->name, queue);
520 static u32 ieee80211_handle_protect_preamb(struct ieee80211_sub_if_data *sdata,
522 bool use_short_preamble)
524 struct ieee80211_bss_conf *bss_conf = &sdata->bss_conf;
525 #ifdef CONFIG_MAC80211_VERBOSE_DEBUG
526 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
527 DECLARE_MAC_BUF(mac);
531 if (use_protection != bss_conf->use_cts_prot) {
532 #ifdef CONFIG_MAC80211_VERBOSE_DEBUG
533 if (net_ratelimit()) {
534 printk(KERN_DEBUG "%s: CTS protection %s (BSSID="
537 use_protection ? "enabled" : "disabled",
538 print_mac(mac, ifsta->bssid));
541 bss_conf->use_cts_prot = use_protection;
542 changed |= BSS_CHANGED_ERP_CTS_PROT;
545 if (use_short_preamble != bss_conf->use_short_preamble) {
546 #ifdef CONFIG_MAC80211_VERBOSE_DEBUG
547 if (net_ratelimit()) {
548 printk(KERN_DEBUG "%s: switched to %s barker preamble"
551 use_short_preamble ? "short" : "long",
552 print_mac(mac, ifsta->bssid));
555 bss_conf->use_short_preamble = use_short_preamble;
556 changed |= BSS_CHANGED_ERP_PREAMBLE;
562 static u32 ieee80211_handle_erp_ie(struct ieee80211_sub_if_data *sdata,
565 bool use_protection = (erp_value & WLAN_ERP_USE_PROTECTION) != 0;
566 bool use_short_preamble = (erp_value & WLAN_ERP_BARKER_PREAMBLE) == 0;
568 return ieee80211_handle_protect_preamb(sdata,
569 use_protection, use_short_preamble);
572 static u32 ieee80211_handle_bss_capability(struct ieee80211_sub_if_data *sdata,
573 struct ieee80211_sta_bss *bss)
577 if (bss->has_erp_value)
578 changed |= ieee80211_handle_erp_ie(sdata, bss->erp_value);
580 u16 capab = bss->capability;
581 changed |= ieee80211_handle_protect_preamb(sdata, false,
582 (capab & WLAN_CAPABILITY_SHORT_PREAMBLE) != 0);
588 int ieee80211_ht_cap_ie_to_ht_info(struct ieee80211_ht_cap *ht_cap_ie,
589 struct ieee80211_ht_info *ht_info)
595 memset(ht_info, 0, sizeof(*ht_info));
598 u8 ampdu_info = ht_cap_ie->ampdu_params_info;
600 ht_info->ht_supported = 1;
601 ht_info->cap = le16_to_cpu(ht_cap_ie->cap_info);
602 ht_info->ampdu_factor =
603 ampdu_info & IEEE80211_HT_CAP_AMPDU_FACTOR;
604 ht_info->ampdu_density =
605 (ampdu_info & IEEE80211_HT_CAP_AMPDU_DENSITY) >> 2;
606 memcpy(ht_info->supp_mcs_set, ht_cap_ie->supp_mcs_set, 16);
608 ht_info->ht_supported = 0;
613 int ieee80211_ht_addt_info_ie_to_ht_bss_info(
614 struct ieee80211_ht_addt_info *ht_add_info_ie,
615 struct ieee80211_ht_bss_info *bss_info)
617 if (bss_info == NULL)
620 memset(bss_info, 0, sizeof(*bss_info));
622 if (ht_add_info_ie) {
624 op_mode = le16_to_cpu(ht_add_info_ie->operation_mode);
626 bss_info->primary_channel = ht_add_info_ie->control_chan;
627 bss_info->bss_cap = ht_add_info_ie->ht_param;
628 bss_info->bss_op_mode = (u8)(op_mode & 0xff);
634 static void ieee80211_sta_send_apinfo(struct ieee80211_sub_if_data *sdata,
635 struct ieee80211_if_sta *ifsta)
637 union iwreq_data wrqu;
638 memset(&wrqu, 0, sizeof(wrqu));
639 if (ifsta->flags & IEEE80211_STA_ASSOCIATED)
640 memcpy(wrqu.ap_addr.sa_data, sdata->u.sta.bssid, ETH_ALEN);
641 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
642 wireless_send_event(sdata->dev, SIOCGIWAP, &wrqu, NULL);
645 static void ieee80211_sta_send_associnfo(struct ieee80211_sub_if_data *sdata,
646 struct ieee80211_if_sta *ifsta)
648 union iwreq_data wrqu;
650 if (ifsta->assocreq_ies) {
651 memset(&wrqu, 0, sizeof(wrqu));
652 wrqu.data.length = ifsta->assocreq_ies_len;
653 wireless_send_event(sdata->dev, IWEVASSOCREQIE, &wrqu,
654 ifsta->assocreq_ies);
656 if (ifsta->assocresp_ies) {
657 memset(&wrqu, 0, sizeof(wrqu));
658 wrqu.data.length = ifsta->assocresp_ies_len;
659 wireless_send_event(sdata->dev, IWEVASSOCRESPIE, &wrqu,
660 ifsta->assocresp_ies);
665 static void ieee80211_set_associated(struct ieee80211_sub_if_data *sdata,
666 struct ieee80211_if_sta *ifsta)
668 struct ieee80211_local *local = sdata->local;
669 struct ieee80211_conf *conf = &local_to_hw(local)->conf;
670 u32 changed = BSS_CHANGED_ASSOC;
672 struct ieee80211_sta_bss *bss;
674 ifsta->flags |= IEEE80211_STA_ASSOCIATED;
676 if (sdata->vif.type != IEEE80211_IF_TYPE_STA)
679 bss = ieee80211_rx_bss_get(local, ifsta->bssid,
680 conf->channel->center_freq,
681 ifsta->ssid, ifsta->ssid_len);
683 /* set timing information */
684 sdata->bss_conf.beacon_int = bss->beacon_int;
685 sdata->bss_conf.timestamp = bss->timestamp;
686 sdata->bss_conf.dtim_period = bss->dtim_period;
688 changed |= ieee80211_handle_bss_capability(sdata, bss);
690 ieee80211_rx_bss_put(local, bss);
693 if (conf->flags & IEEE80211_CONF_SUPPORT_HT_MODE) {
694 changed |= BSS_CHANGED_HT;
695 sdata->bss_conf.assoc_ht = 1;
696 sdata->bss_conf.ht_conf = &conf->ht_conf;
697 sdata->bss_conf.ht_bss_conf = &conf->ht_bss_conf;
700 ifsta->flags |= IEEE80211_STA_PREV_BSSID_SET;
701 memcpy(ifsta->prev_bssid, sdata->u.sta.bssid, ETH_ALEN);
702 ieee80211_sta_send_associnfo(sdata, ifsta);
704 ifsta->last_probe = jiffies;
705 ieee80211_led_assoc(local, 1);
707 sdata->bss_conf.assoc = 1;
708 ieee80211_bss_info_change_notify(sdata, changed);
710 netif_tx_start_all_queues(sdata->dev);
711 netif_carrier_on(sdata->dev);
713 ieee80211_sta_send_apinfo(sdata, ifsta);
716 static void ieee80211_direct_probe(struct ieee80211_sub_if_data *sdata,
717 struct ieee80211_if_sta *ifsta)
719 DECLARE_MAC_BUF(mac);
721 ifsta->direct_probe_tries++;
722 if (ifsta->direct_probe_tries > IEEE80211_AUTH_MAX_TRIES) {
723 printk(KERN_DEBUG "%s: direct probe to AP %s timed out\n",
724 sdata->dev->name, print_mac(mac, ifsta->bssid));
725 ifsta->state = IEEE80211_STA_MLME_DISABLED;
729 printk(KERN_DEBUG "%s: direct probe to AP %s try %d\n",
730 sdata->dev->name, print_mac(mac, ifsta->bssid),
731 ifsta->direct_probe_tries);
733 ifsta->state = IEEE80211_STA_MLME_DIRECT_PROBE;
735 set_bit(IEEE80211_STA_REQ_DIRECT_PROBE, &ifsta->request);
737 /* Direct probe is sent to broadcast address as some APs
738 * will not answer to direct packet in unassociated state.
740 ieee80211_send_probe_req(sdata, NULL,
741 ifsta->ssid, ifsta->ssid_len);
743 mod_timer(&ifsta->timer, jiffies + IEEE80211_AUTH_TIMEOUT);
747 static void ieee80211_authenticate(struct ieee80211_sub_if_data *sdata,
748 struct ieee80211_if_sta *ifsta)
750 DECLARE_MAC_BUF(mac);
753 if (ifsta->auth_tries > IEEE80211_AUTH_MAX_TRIES) {
754 printk(KERN_DEBUG "%s: authentication with AP %s"
756 sdata->dev->name, print_mac(mac, ifsta->bssid));
757 ifsta->state = IEEE80211_STA_MLME_DISABLED;
761 ifsta->state = IEEE80211_STA_MLME_AUTHENTICATE;
762 printk(KERN_DEBUG "%s: authenticate with AP %s\n",
763 sdata->dev->name, print_mac(mac, ifsta->bssid));
765 ieee80211_send_auth(sdata, ifsta, 1, NULL, 0, 0);
767 mod_timer(&ifsta->timer, jiffies + IEEE80211_AUTH_TIMEOUT);
770 static int ieee80211_compatible_rates(struct ieee80211_sta_bss *bss,
771 struct ieee80211_supported_band *sband,
777 for (i = 0; i < bss->supp_rates_len; i++) {
778 int rate = (bss->supp_rates[i] & 0x7F) * 5;
780 for (j = 0; j < sband->n_bitrates; j++)
781 if (sband->bitrates[j].bitrate == rate) {
791 static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata,
792 struct ieee80211_if_sta *ifsta)
794 struct ieee80211_local *local = sdata->local;
796 struct ieee80211_mgmt *mgmt;
797 u8 *pos, *ies, *ht_add_ie;
798 int i, len, count, rates_len, supp_rates_len;
800 struct ieee80211_sta_bss *bss;
802 struct ieee80211_supported_band *sband;
805 skb = dev_alloc_skb(local->hw.extra_tx_headroom +
806 sizeof(*mgmt) + 200 + ifsta->extra_ie_len +
809 printk(KERN_DEBUG "%s: failed to allocate buffer for assoc "
810 "frame\n", sdata->dev->name);
813 skb_reserve(skb, local->hw.extra_tx_headroom);
815 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
817 capab = ifsta->capab;
819 if (local->hw.conf.channel->band == IEEE80211_BAND_2GHZ) {
820 if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_SLOT_INCAPABLE))
821 capab |= WLAN_CAPABILITY_SHORT_SLOT_TIME;
822 if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_PREAMBLE_INCAPABLE))
823 capab |= WLAN_CAPABILITY_SHORT_PREAMBLE;
826 bss = ieee80211_rx_bss_get(local, ifsta->bssid,
827 local->hw.conf.channel->center_freq,
828 ifsta->ssid, ifsta->ssid_len);
830 if (bss->capability & WLAN_CAPABILITY_PRIVACY)
831 capab |= WLAN_CAPABILITY_PRIVACY;
835 /* get all rates supported by the device and the AP as
836 * some APs don't like getting a superset of their rates
837 * in the association request (e.g. D-Link DAP 1353 in
839 rates_len = ieee80211_compatible_rates(bss, sband, &rates);
841 if ((bss->capability & WLAN_CAPABILITY_SPECTRUM_MGMT) &&
842 (local->hw.flags & IEEE80211_HW_SPECTRUM_MGMT))
843 capab |= WLAN_CAPABILITY_SPECTRUM_MGMT;
845 ieee80211_rx_bss_put(local, bss);
848 rates_len = sband->n_bitrates;
851 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
853 memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
854 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
855 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
857 if (ifsta->flags & IEEE80211_STA_PREV_BSSID_SET) {
859 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
860 IEEE80211_STYPE_REASSOC_REQ);
861 mgmt->u.reassoc_req.capab_info = cpu_to_le16(capab);
862 mgmt->u.reassoc_req.listen_interval =
863 cpu_to_le16(local->hw.conf.listen_interval);
864 memcpy(mgmt->u.reassoc_req.current_ap, ifsta->prev_bssid,
868 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
869 IEEE80211_STYPE_ASSOC_REQ);
870 mgmt->u.assoc_req.capab_info = cpu_to_le16(capab);
871 mgmt->u.reassoc_req.listen_interval =
872 cpu_to_le16(local->hw.conf.listen_interval);
876 ies = pos = skb_put(skb, 2 + ifsta->ssid_len);
877 *pos++ = WLAN_EID_SSID;
878 *pos++ = ifsta->ssid_len;
879 memcpy(pos, ifsta->ssid, ifsta->ssid_len);
881 /* add all rates which were marked to be used above */
882 supp_rates_len = rates_len;
883 if (supp_rates_len > 8)
886 len = sband->n_bitrates;
887 pos = skb_put(skb, supp_rates_len + 2);
888 *pos++ = WLAN_EID_SUPP_RATES;
889 *pos++ = supp_rates_len;
892 for (i = 0; i < sband->n_bitrates; i++) {
893 if (BIT(i) & rates) {
894 int rate = sband->bitrates[i].bitrate;
895 *pos++ = (u8) (rate / 5);
901 if (rates_len > count) {
902 pos = skb_put(skb, rates_len - count + 2);
903 *pos++ = WLAN_EID_EXT_SUPP_RATES;
904 *pos++ = rates_len - count;
906 for (i++; i < sband->n_bitrates; i++) {
907 if (BIT(i) & rates) {
908 int rate = sband->bitrates[i].bitrate;
909 *pos++ = (u8) (rate / 5);
914 if (capab & WLAN_CAPABILITY_SPECTRUM_MGMT) {
915 /* 1. power capabilities */
916 pos = skb_put(skb, 4);
917 *pos++ = WLAN_EID_PWR_CAPABILITY;
919 *pos++ = 0; /* min tx power */
920 *pos++ = local->hw.conf.channel->max_power; /* max tx power */
922 /* 2. supported channels */
923 /* TODO: get this in reg domain format */
924 pos = skb_put(skb, 2 * sband->n_channels + 2);
925 *pos++ = WLAN_EID_SUPPORTED_CHANNELS;
926 *pos++ = 2 * sband->n_channels;
927 for (i = 0; i < sband->n_channels; i++) {
928 *pos++ = ieee80211_frequency_to_channel(
929 sband->channels[i].center_freq);
930 *pos++ = 1; /* one channel in the subband*/
934 if (ifsta->extra_ie) {
935 pos = skb_put(skb, ifsta->extra_ie_len);
936 memcpy(pos, ifsta->extra_ie, ifsta->extra_ie_len);
939 if (wmm && (ifsta->flags & IEEE80211_STA_WMM_ENABLED)) {
940 pos = skb_put(skb, 9);
941 *pos++ = WLAN_EID_VENDOR_SPECIFIC;
942 *pos++ = 7; /* len */
943 *pos++ = 0x00; /* Microsoft OUI 00:50:F2 */
946 *pos++ = 2; /* WME */
947 *pos++ = 0; /* WME info */
948 *pos++ = 1; /* WME ver */
952 /* wmm support is a must to HT */
953 if (wmm && (ifsta->flags & IEEE80211_STA_WMM_ENABLED) &&
954 sband->ht_info.ht_supported &&
955 (ht_add_ie = ieee80211_bss_get_ie(bss, WLAN_EID_HT_EXTRA_INFO))) {
956 struct ieee80211_ht_addt_info *ht_add_info =
957 (struct ieee80211_ht_addt_info *)ht_add_ie;
958 u16 cap = sband->ht_info.cap;
960 u32 flags = local->hw.conf.channel->flags;
962 switch (ht_add_info->ht_param & IEEE80211_HT_IE_CHA_SEC_OFFSET) {
963 case IEEE80211_HT_IE_CHA_SEC_ABOVE:
964 if (flags & IEEE80211_CHAN_NO_FAT_ABOVE) {
965 cap &= ~IEEE80211_HT_CAP_SUP_WIDTH;
966 cap &= ~IEEE80211_HT_CAP_SGI_40;
969 case IEEE80211_HT_IE_CHA_SEC_BELOW:
970 if (flags & IEEE80211_CHAN_NO_FAT_BELOW) {
971 cap &= ~IEEE80211_HT_CAP_SUP_WIDTH;
972 cap &= ~IEEE80211_HT_CAP_SGI_40;
977 tmp = cpu_to_le16(cap);
978 pos = skb_put(skb, sizeof(struct ieee80211_ht_cap)+2);
979 *pos++ = WLAN_EID_HT_CAPABILITY;
980 *pos++ = sizeof(struct ieee80211_ht_cap);
981 memset(pos, 0, sizeof(struct ieee80211_ht_cap));
982 memcpy(pos, &tmp, sizeof(u16));
984 /* TODO: needs a define here for << 2 */
985 *pos++ = sband->ht_info.ampdu_factor |
986 (sband->ht_info.ampdu_density << 2);
987 memcpy(pos, sband->ht_info.supp_mcs_set, 16);
990 kfree(ifsta->assocreq_ies);
991 ifsta->assocreq_ies_len = (skb->data + skb->len) - ies;
992 ifsta->assocreq_ies = kmalloc(ifsta->assocreq_ies_len, GFP_KERNEL);
993 if (ifsta->assocreq_ies)
994 memcpy(ifsta->assocreq_ies, ies, ifsta->assocreq_ies_len);
996 ieee80211_sta_tx(sdata, skb, 0);
1000 static void ieee80211_send_deauth(struct ieee80211_sub_if_data *sdata,
1001 struct ieee80211_if_sta *ifsta, u16 reason)
1003 struct ieee80211_local *local = sdata->local;
1004 struct sk_buff *skb;
1005 struct ieee80211_mgmt *mgmt;
1007 skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*mgmt));
1009 printk(KERN_DEBUG "%s: failed to allocate buffer for deauth "
1010 "frame\n", sdata->dev->name);
1013 skb_reserve(skb, local->hw.extra_tx_headroom);
1015 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
1016 memset(mgmt, 0, 24);
1017 memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
1018 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
1019 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
1020 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
1021 IEEE80211_STYPE_DEAUTH);
1023 mgmt->u.deauth.reason_code = cpu_to_le16(reason);
1025 ieee80211_sta_tx(sdata, skb, 0);
1028 static int ieee80211_sta_wep_configured(struct ieee80211_sub_if_data *sdata)
1030 if (!sdata || !sdata->default_key ||
1031 sdata->default_key->conf.alg != ALG_WEP)
1036 static void ieee80211_send_disassoc(struct ieee80211_sub_if_data *sdata,
1037 struct ieee80211_if_sta *ifsta, u16 reason)
1039 struct ieee80211_local *local = sdata->local;
1040 struct sk_buff *skb;
1041 struct ieee80211_mgmt *mgmt;
1043 skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*mgmt));
1045 printk(KERN_DEBUG "%s: failed to allocate buffer for disassoc "
1046 "frame\n", sdata->dev->name);
1049 skb_reserve(skb, local->hw.extra_tx_headroom);
1051 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
1052 memset(mgmt, 0, 24);
1053 memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
1054 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
1055 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
1056 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
1057 IEEE80211_STYPE_DISASSOC);
1059 mgmt->u.disassoc.reason_code = cpu_to_le16(reason);
1061 ieee80211_sta_tx(sdata, skb, 0);
1064 static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata,
1065 struct ieee80211_if_sta *ifsta, bool deauth,
1066 bool self_disconnected, u16 reason)
1068 struct ieee80211_local *local = sdata->local;
1069 struct sta_info *sta;
1070 u32 changed = BSS_CHANGED_ASSOC;
1074 sta = sta_info_get(local, ifsta->bssid);
1081 ifsta->direct_probe_tries = 0;
1082 ifsta->auth_tries = 0;
1084 ifsta->assoc_scan_tries = 0;
1085 ifsta->assoc_tries = 0;
1087 netif_tx_stop_all_queues(sdata->dev);
1088 netif_carrier_off(sdata->dev);
1090 ieee80211_sta_tear_down_BA_sessions(sdata, sta->addr);
1092 if (self_disconnected) {
1094 ieee80211_send_deauth(sdata, ifsta, reason);
1096 ieee80211_send_disassoc(sdata, ifsta, reason);
1099 ifsta->flags &= ~IEEE80211_STA_ASSOCIATED;
1100 changed |= ieee80211_reset_erp_info(sdata);
1102 if (sdata->bss_conf.assoc_ht)
1103 changed |= BSS_CHANGED_HT;
1105 sdata->bss_conf.assoc_ht = 0;
1106 sdata->bss_conf.ht_conf = NULL;
1107 sdata->bss_conf.ht_bss_conf = NULL;
1109 ieee80211_led_assoc(local, 0);
1110 sdata->bss_conf.assoc = 0;
1112 ieee80211_sta_send_apinfo(sdata, ifsta);
1114 if (self_disconnected)
1115 ifsta->state = IEEE80211_STA_MLME_DISABLED;
1117 sta_info_unlink(&sta);
1121 sta_info_destroy(sta);
1124 static int ieee80211_privacy_mismatch(struct ieee80211_sub_if_data *sdata,
1125 struct ieee80211_if_sta *ifsta)
1127 struct ieee80211_local *local = sdata->local;
1128 struct ieee80211_sta_bss *bss;
1131 int privacy_invoked;
1133 if (!ifsta || (ifsta->flags & IEEE80211_STA_MIXED_CELL))
1136 bss = ieee80211_rx_bss_get(local, ifsta->bssid,
1137 local->hw.conf.channel->center_freq,
1138 ifsta->ssid, ifsta->ssid_len);
1142 bss_privacy = !!(bss->capability & WLAN_CAPABILITY_PRIVACY);
1143 wep_privacy = !!ieee80211_sta_wep_configured(sdata);
1144 privacy_invoked = !!(ifsta->flags & IEEE80211_STA_PRIVACY_INVOKED);
1146 ieee80211_rx_bss_put(local, bss);
1148 if ((bss_privacy == wep_privacy) || (bss_privacy == privacy_invoked))
1154 static void ieee80211_associate(struct ieee80211_sub_if_data *sdata,
1155 struct ieee80211_if_sta *ifsta)
1157 DECLARE_MAC_BUF(mac);
1159 ifsta->assoc_tries++;
1160 if (ifsta->assoc_tries > IEEE80211_ASSOC_MAX_TRIES) {
1161 printk(KERN_DEBUG "%s: association with AP %s"
1163 sdata->dev->name, print_mac(mac, ifsta->bssid));
1164 ifsta->state = IEEE80211_STA_MLME_DISABLED;
1168 ifsta->state = IEEE80211_STA_MLME_ASSOCIATE;
1169 printk(KERN_DEBUG "%s: associate with AP %s\n",
1170 sdata->dev->name, print_mac(mac, ifsta->bssid));
1171 if (ieee80211_privacy_mismatch(sdata, ifsta)) {
1172 printk(KERN_DEBUG "%s: mismatch in privacy configuration and "
1173 "mixed-cell disabled - abort association\n", sdata->dev->name);
1174 ifsta->state = IEEE80211_STA_MLME_DISABLED;
1178 ieee80211_send_assoc(sdata, ifsta);
1180 mod_timer(&ifsta->timer, jiffies + IEEE80211_ASSOC_TIMEOUT);
1184 static void ieee80211_associated(struct ieee80211_sub_if_data *sdata,
1185 struct ieee80211_if_sta *ifsta)
1187 struct ieee80211_local *local = sdata->local;
1188 struct sta_info *sta;
1190 DECLARE_MAC_BUF(mac);
1192 /* TODO: start monitoring current AP signal quality and number of
1193 * missed beacons. Scan other channels every now and then and search
1194 * for better APs. */
1195 /* TODO: remove expired BSSes */
1197 ifsta->state = IEEE80211_STA_MLME_ASSOCIATED;
1201 sta = sta_info_get(local, ifsta->bssid);
1203 printk(KERN_DEBUG "%s: No STA entry for own AP %s\n",
1204 sdata->dev->name, print_mac(mac, ifsta->bssid));
1208 if (time_after(jiffies,
1209 sta->last_rx + IEEE80211_MONITORING_INTERVAL)) {
1210 if (ifsta->flags & IEEE80211_STA_PROBEREQ_POLL) {
1211 printk(KERN_DEBUG "%s: No ProbeResp from "
1212 "current AP %s - assume out of "
1214 sdata->dev->name, print_mac(mac, ifsta->bssid));
1217 ieee80211_send_probe_req(sdata, ifsta->bssid,
1219 local->scan_ssid_len);
1220 ifsta->flags ^= IEEE80211_STA_PROBEREQ_POLL;
1222 ifsta->flags &= ~IEEE80211_STA_PROBEREQ_POLL;
1223 if (time_after(jiffies, ifsta->last_probe +
1224 IEEE80211_PROBE_INTERVAL)) {
1225 ifsta->last_probe = jiffies;
1226 ieee80211_send_probe_req(sdata, ifsta->bssid,
1236 ieee80211_set_disassoc(sdata, ifsta, true, true,
1237 WLAN_REASON_PREV_AUTH_NOT_VALID);
1239 mod_timer(&ifsta->timer, jiffies +
1240 IEEE80211_MONITORING_INTERVAL);
1244 static void ieee80211_auth_completed(struct ieee80211_sub_if_data *sdata,
1245 struct ieee80211_if_sta *ifsta)
1247 printk(KERN_DEBUG "%s: authenticated\n", sdata->dev->name);
1248 ifsta->flags |= IEEE80211_STA_AUTHENTICATED;
1249 ieee80211_associate(sdata, ifsta);
1253 static void ieee80211_auth_challenge(struct ieee80211_sub_if_data *sdata,
1254 struct ieee80211_if_sta *ifsta,
1255 struct ieee80211_mgmt *mgmt,
1259 struct ieee802_11_elems elems;
1261 pos = mgmt->u.auth.variable;
1262 ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems);
1263 if (!elems.challenge)
1265 ieee80211_send_auth(sdata, ifsta, 3, elems.challenge - 2,
1266 elems.challenge_len + 2, 1);
1269 static void ieee80211_send_addba_resp(struct ieee80211_sub_if_data *sdata, u8 *da, u16 tid,
1270 u8 dialog_token, u16 status, u16 policy,
1271 u16 buf_size, u16 timeout)
1273 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
1274 struct ieee80211_local *local = sdata->local;
1275 struct sk_buff *skb;
1276 struct ieee80211_mgmt *mgmt;
1279 skb = dev_alloc_skb(sizeof(*mgmt) + local->hw.extra_tx_headroom);
1282 printk(KERN_DEBUG "%s: failed to allocate buffer "
1283 "for addba resp frame\n", sdata->dev->name);
1287 skb_reserve(skb, local->hw.extra_tx_headroom);
1288 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
1289 memset(mgmt, 0, 24);
1290 memcpy(mgmt->da, da, ETH_ALEN);
1291 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
1292 if (sdata->vif.type == IEEE80211_IF_TYPE_AP)
1293 memcpy(mgmt->bssid, sdata->dev->dev_addr, ETH_ALEN);
1295 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
1296 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
1297 IEEE80211_STYPE_ACTION);
1299 skb_put(skb, 1 + sizeof(mgmt->u.action.u.addba_resp));
1300 mgmt->u.action.category = WLAN_CATEGORY_BACK;
1301 mgmt->u.action.u.addba_resp.action_code = WLAN_ACTION_ADDBA_RESP;
1302 mgmt->u.action.u.addba_resp.dialog_token = dialog_token;
1304 capab = (u16)(policy << 1); /* bit 1 aggregation policy */
1305 capab |= (u16)(tid << 2); /* bit 5:2 TID number */
1306 capab |= (u16)(buf_size << 6); /* bit 15:6 max size of aggregation */
1308 mgmt->u.action.u.addba_resp.capab = cpu_to_le16(capab);
1309 mgmt->u.action.u.addba_resp.timeout = cpu_to_le16(timeout);
1310 mgmt->u.action.u.addba_resp.status = cpu_to_le16(status);
1312 ieee80211_sta_tx(sdata, skb, 0);
1317 void ieee80211_send_addba_request(struct ieee80211_sub_if_data *sdata, const u8 *da,
1318 u16 tid, u8 dialog_token, u16 start_seq_num,
1319 u16 agg_size, u16 timeout)
1321 struct ieee80211_local *local = sdata->local;
1322 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
1323 struct sk_buff *skb;
1324 struct ieee80211_mgmt *mgmt;
1327 skb = dev_alloc_skb(sizeof(*mgmt) + local->hw.extra_tx_headroom);
1330 printk(KERN_ERR "%s: failed to allocate buffer "
1331 "for addba request frame\n", sdata->dev->name);
1334 skb_reserve(skb, local->hw.extra_tx_headroom);
1335 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
1336 memset(mgmt, 0, 24);
1337 memcpy(mgmt->da, da, ETH_ALEN);
1338 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
1339 if (sdata->vif.type == IEEE80211_IF_TYPE_AP)
1340 memcpy(mgmt->bssid, sdata->dev->dev_addr, ETH_ALEN);
1342 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
1344 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
1345 IEEE80211_STYPE_ACTION);
1347 skb_put(skb, 1 + sizeof(mgmt->u.action.u.addba_req));
1349 mgmt->u.action.category = WLAN_CATEGORY_BACK;
1350 mgmt->u.action.u.addba_req.action_code = WLAN_ACTION_ADDBA_REQ;
1352 mgmt->u.action.u.addba_req.dialog_token = dialog_token;
1353 capab = (u16)(1 << 1); /* bit 1 aggregation policy */
1354 capab |= (u16)(tid << 2); /* bit 5:2 TID number */
1355 capab |= (u16)(agg_size << 6); /* bit 15:6 max size of aggergation */
1357 mgmt->u.action.u.addba_req.capab = cpu_to_le16(capab);
1359 mgmt->u.action.u.addba_req.timeout = cpu_to_le16(timeout);
1360 mgmt->u.action.u.addba_req.start_seq_num =
1361 cpu_to_le16(start_seq_num << 4);
1363 ieee80211_sta_tx(sdata, skb, 0);
1367 * After accepting the AddBA Request we activated a timer,
1368 * resetting it after each frame that arrives from the originator.
1369 * if this timer expires ieee80211_sta_stop_rx_ba_session will be executed.
1371 static void sta_rx_agg_session_timer_expired(unsigned long data)
1373 /* not an elegant detour, but there is no choice as the timer passes
1374 * only one argument, and various sta_info are needed here, so init
1375 * flow in sta_info_create gives the TID as data, while the timer_to_id
1376 * array gives the sta through container_of */
1377 u8 *ptid = (u8 *)data;
1378 u8 *timer_to_id = ptid - *ptid;
1379 struct sta_info *sta = container_of(timer_to_id, struct sta_info,
1382 #ifdef CONFIG_MAC80211_HT_DEBUG
1383 printk(KERN_DEBUG "rx session timer expired on tid %d\n", (u16)*ptid);
1385 ieee80211_sta_stop_rx_ba_session(sta->sdata, sta->addr,
1386 (u16)*ptid, WLAN_BACK_TIMER,
1387 WLAN_REASON_QSTA_TIMEOUT);
1390 static void ieee80211_sta_process_addba_request(struct ieee80211_local *local,
1391 struct ieee80211_mgmt *mgmt,
1394 struct ieee80211_hw *hw = &local->hw;
1395 struct ieee80211_conf *conf = &hw->conf;
1396 struct sta_info *sta;
1397 struct tid_ampdu_rx *tid_agg_rx;
1398 u16 capab, tid, timeout, ba_policy, buf_size, start_seq_num, status;
1400 int ret = -EOPNOTSUPP;
1401 DECLARE_MAC_BUF(mac);
1405 sta = sta_info_get(local, mgmt->sa);
1411 /* extract session parameters from addba request frame */
1412 dialog_token = mgmt->u.action.u.addba_req.dialog_token;
1413 timeout = le16_to_cpu(mgmt->u.action.u.addba_req.timeout);
1415 le16_to_cpu(mgmt->u.action.u.addba_req.start_seq_num) >> 4;
1417 capab = le16_to_cpu(mgmt->u.action.u.addba_req.capab);
1418 ba_policy = (capab & IEEE80211_ADDBA_PARAM_POLICY_MASK) >> 1;
1419 tid = (capab & IEEE80211_ADDBA_PARAM_TID_MASK) >> 2;
1420 buf_size = (capab & IEEE80211_ADDBA_PARAM_BUF_SIZE_MASK) >> 6;
1422 status = WLAN_STATUS_REQUEST_DECLINED;
1424 /* sanity check for incoming parameters:
1425 * check if configuration can support the BA policy
1426 * and if buffer size does not exceeds max value */
1427 if (((ba_policy != 1)
1428 && (!(conf->ht_conf.cap & IEEE80211_HT_CAP_DELAY_BA)))
1429 || (buf_size > IEEE80211_MAX_AMPDU_BUF)) {
1430 status = WLAN_STATUS_INVALID_QOS_PARAM;
1431 #ifdef CONFIG_MAC80211_HT_DEBUG
1432 if (net_ratelimit())
1433 printk(KERN_DEBUG "AddBA Req with bad params from "
1434 "%s on tid %u. policy %d, buffer size %d\n",
1435 print_mac(mac, mgmt->sa), tid, ba_policy,
1437 #endif /* CONFIG_MAC80211_HT_DEBUG */
1440 /* determine default buffer size */
1441 if (buf_size == 0) {
1442 struct ieee80211_supported_band *sband;
1444 sband = local->hw.wiphy->bands[conf->channel->band];
1445 buf_size = IEEE80211_MIN_AMPDU_BUF;
1446 buf_size = buf_size << sband->ht_info.ampdu_factor;
1450 /* examine state machine */
1451 spin_lock_bh(&sta->lock);
1453 if (sta->ampdu_mlme.tid_state_rx[tid] != HT_AGG_STATE_IDLE) {
1454 #ifdef CONFIG_MAC80211_HT_DEBUG
1455 if (net_ratelimit())
1456 printk(KERN_DEBUG "unexpected AddBA Req from "
1458 print_mac(mac, mgmt->sa), tid);
1459 #endif /* CONFIG_MAC80211_HT_DEBUG */
1463 /* prepare A-MPDU MLME for Rx aggregation */
1464 sta->ampdu_mlme.tid_rx[tid] =
1465 kmalloc(sizeof(struct tid_ampdu_rx), GFP_ATOMIC);
1466 if (!sta->ampdu_mlme.tid_rx[tid]) {
1467 #ifdef CONFIG_MAC80211_HT_DEBUG
1468 if (net_ratelimit())
1469 printk(KERN_ERR "allocate rx mlme to tid %d failed\n",
1475 sta->ampdu_mlme.tid_rx[tid]->session_timer.function =
1476 sta_rx_agg_session_timer_expired;
1477 sta->ampdu_mlme.tid_rx[tid]->session_timer.data =
1478 (unsigned long)&sta->timer_to_tid[tid];
1479 init_timer(&sta->ampdu_mlme.tid_rx[tid]->session_timer);
1481 tid_agg_rx = sta->ampdu_mlme.tid_rx[tid];
1483 /* prepare reordering buffer */
1484 tid_agg_rx->reorder_buf =
1485 kmalloc(buf_size * sizeof(struct sk_buff *), GFP_ATOMIC);
1486 if (!tid_agg_rx->reorder_buf) {
1487 #ifdef CONFIG_MAC80211_HT_DEBUG
1488 if (net_ratelimit())
1489 printk(KERN_ERR "can not allocate reordering buffer "
1490 "to tid %d\n", tid);
1492 kfree(sta->ampdu_mlme.tid_rx[tid]);
1495 memset(tid_agg_rx->reorder_buf, 0,
1496 buf_size * sizeof(struct sk_buff *));
1498 if (local->ops->ampdu_action)
1499 ret = local->ops->ampdu_action(hw, IEEE80211_AMPDU_RX_START,
1500 sta->addr, tid, &start_seq_num);
1501 #ifdef CONFIG_MAC80211_HT_DEBUG
1502 printk(KERN_DEBUG "Rx A-MPDU request on tid %d result %d\n", tid, ret);
1503 #endif /* CONFIG_MAC80211_HT_DEBUG */
1506 kfree(tid_agg_rx->reorder_buf);
1508 sta->ampdu_mlme.tid_rx[tid] = NULL;
1512 /* change state and send addba resp */
1513 sta->ampdu_mlme.tid_state_rx[tid] = HT_AGG_STATE_OPERATIONAL;
1514 tid_agg_rx->dialog_token = dialog_token;
1515 tid_agg_rx->ssn = start_seq_num;
1516 tid_agg_rx->head_seq_num = start_seq_num;
1517 tid_agg_rx->buf_size = buf_size;
1518 tid_agg_rx->timeout = timeout;
1519 tid_agg_rx->stored_mpdu_num = 0;
1520 status = WLAN_STATUS_SUCCESS;
1522 spin_unlock_bh(&sta->lock);
1525 ieee80211_send_addba_resp(sta->sdata, sta->addr, tid,
1526 dialog_token, status, 1, buf_size, timeout);
1530 static void ieee80211_sta_process_addba_resp(struct ieee80211_local *local,
1531 struct ieee80211_mgmt *mgmt,
1534 struct ieee80211_hw *hw = &local->hw;
1535 struct sta_info *sta;
1542 sta = sta_info_get(local, mgmt->sa);
1548 capab = le16_to_cpu(mgmt->u.action.u.addba_resp.capab);
1549 tid = (capab & IEEE80211_ADDBA_PARAM_TID_MASK) >> 2;
1551 state = &sta->ampdu_mlme.tid_state_tx[tid];
1553 spin_lock_bh(&sta->lock);
1555 if (!(*state & HT_ADDBA_REQUESTED_MSK)) {
1556 spin_unlock_bh(&sta->lock);
1557 goto addba_resp_exit;
1560 if (mgmt->u.action.u.addba_resp.dialog_token !=
1561 sta->ampdu_mlme.tid_tx[tid]->dialog_token) {
1562 spin_unlock_bh(&sta->lock);
1563 #ifdef CONFIG_MAC80211_HT_DEBUG
1564 printk(KERN_DEBUG "wrong addBA response token, tid %d\n", tid);
1565 #endif /* CONFIG_MAC80211_HT_DEBUG */
1566 goto addba_resp_exit;
1569 del_timer_sync(&sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer);
1570 #ifdef CONFIG_MAC80211_HT_DEBUG
1571 printk(KERN_DEBUG "switched off addBA timer for tid %d \n", tid);
1572 #endif /* CONFIG_MAC80211_HT_DEBUG */
1573 if (le16_to_cpu(mgmt->u.action.u.addba_resp.status)
1574 == WLAN_STATUS_SUCCESS) {
1575 *state |= HT_ADDBA_RECEIVED_MSK;
1576 sta->ampdu_mlme.addba_req_num[tid] = 0;
1578 if (*state == HT_AGG_STATE_OPERATIONAL)
1579 ieee80211_wake_queue(hw, sta->tid_to_tx_q[tid]);
1581 spin_unlock_bh(&sta->lock);
1583 sta->ampdu_mlme.addba_req_num[tid]++;
1584 /* this will allow the state check in stop_BA_session */
1585 *state = HT_AGG_STATE_OPERATIONAL;
1586 spin_unlock_bh(&sta->lock);
1587 ieee80211_stop_tx_ba_session(hw, sta->addr, tid,
1588 WLAN_BACK_INITIATOR);
1595 void ieee80211_send_delba(struct ieee80211_sub_if_data *sdata, const u8 *da, u16 tid,
1596 u16 initiator, u16 reason_code)
1598 struct ieee80211_local *local = sdata->local;
1599 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
1600 struct sk_buff *skb;
1601 struct ieee80211_mgmt *mgmt;
1604 skb = dev_alloc_skb(sizeof(*mgmt) + local->hw.extra_tx_headroom);
1607 printk(KERN_ERR "%s: failed to allocate buffer "
1608 "for delba frame\n", sdata->dev->name);
1612 skb_reserve(skb, local->hw.extra_tx_headroom);
1613 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
1614 memset(mgmt, 0, 24);
1615 memcpy(mgmt->da, da, ETH_ALEN);
1616 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
1617 if (sdata->vif.type == IEEE80211_IF_TYPE_AP)
1618 memcpy(mgmt->bssid, sdata->dev->dev_addr, ETH_ALEN);
1620 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
1621 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
1622 IEEE80211_STYPE_ACTION);
1624 skb_put(skb, 1 + sizeof(mgmt->u.action.u.delba));
1626 mgmt->u.action.category = WLAN_CATEGORY_BACK;
1627 mgmt->u.action.u.delba.action_code = WLAN_ACTION_DELBA;
1628 params = (u16)(initiator << 11); /* bit 11 initiator */
1629 params |= (u16)(tid << 12); /* bit 15:12 TID number */
1631 mgmt->u.action.u.delba.params = cpu_to_le16(params);
1632 mgmt->u.action.u.delba.reason_code = cpu_to_le16(reason_code);
1634 ieee80211_sta_tx(sdata, skb, 0);
1637 void ieee80211_send_bar(struct ieee80211_sub_if_data *sdata, u8 *ra, u16 tid, u16 ssn)
1639 struct ieee80211_local *local = sdata->local;
1640 struct sk_buff *skb;
1641 struct ieee80211_bar *bar;
1642 u16 bar_control = 0;
1644 skb = dev_alloc_skb(sizeof(*bar) + local->hw.extra_tx_headroom);
1646 printk(KERN_ERR "%s: failed to allocate buffer for "
1647 "bar frame\n", sdata->dev->name);
1650 skb_reserve(skb, local->hw.extra_tx_headroom);
1651 bar = (struct ieee80211_bar *)skb_put(skb, sizeof(*bar));
1652 memset(bar, 0, sizeof(*bar));
1653 bar->frame_control = cpu_to_le16(IEEE80211_FTYPE_CTL |
1654 IEEE80211_STYPE_BACK_REQ);
1655 memcpy(bar->ra, ra, ETH_ALEN);
1656 memcpy(bar->ta, sdata->dev->dev_addr, ETH_ALEN);
1657 bar_control |= (u16)IEEE80211_BAR_CTRL_ACK_POLICY_NORMAL;
1658 bar_control |= (u16)IEEE80211_BAR_CTRL_CBMTID_COMPRESSED_BA;
1659 bar_control |= (u16)(tid << 12);
1660 bar->control = cpu_to_le16(bar_control);
1661 bar->start_seq_num = cpu_to_le16(ssn);
1663 ieee80211_sta_tx(sdata, skb, 0);
1666 void ieee80211_sta_stop_rx_ba_session(struct ieee80211_sub_if_data *sdata, u8 *ra, u16 tid,
1667 u16 initiator, u16 reason)
1669 struct ieee80211_local *local = sdata->local;
1670 struct ieee80211_hw *hw = &local->hw;
1671 struct sta_info *sta;
1673 DECLARE_MAC_BUF(mac);
1677 sta = sta_info_get(local, ra);
1683 /* check if TID is in operational state */
1684 spin_lock_bh(&sta->lock);
1685 if (sta->ampdu_mlme.tid_state_rx[tid]
1686 != HT_AGG_STATE_OPERATIONAL) {
1687 spin_unlock_bh(&sta->lock);
1691 sta->ampdu_mlme.tid_state_rx[tid] =
1692 HT_AGG_STATE_REQ_STOP_BA_MSK |
1693 (initiator << HT_AGG_STATE_INITIATOR_SHIFT);
1694 spin_unlock_bh(&sta->lock);
1696 /* stop HW Rx aggregation. ampdu_action existence
1697 * already verified in session init so we add the BUG_ON */
1698 BUG_ON(!local->ops->ampdu_action);
1700 #ifdef CONFIG_MAC80211_HT_DEBUG
1701 printk(KERN_DEBUG "Rx BA session stop requested for %s tid %u\n",
1702 print_mac(mac, ra), tid);
1703 #endif /* CONFIG_MAC80211_HT_DEBUG */
1705 ret = local->ops->ampdu_action(hw, IEEE80211_AMPDU_RX_STOP,
1708 printk(KERN_DEBUG "HW problem - can not stop rx "
1709 "aggregation for tid %d\n", tid);
1711 /* shutdown timer has not expired */
1712 if (initiator != WLAN_BACK_TIMER)
1713 del_timer_sync(&sta->ampdu_mlme.tid_rx[tid]->session_timer);
1715 /* check if this is a self generated aggregation halt */
1716 if (initiator == WLAN_BACK_RECIPIENT || initiator == WLAN_BACK_TIMER)
1717 ieee80211_send_delba(sdata, ra, tid, 0, reason);
1719 /* free the reordering buffer */
1720 for (i = 0; i < sta->ampdu_mlme.tid_rx[tid]->buf_size; i++) {
1721 if (sta->ampdu_mlme.tid_rx[tid]->reorder_buf[i]) {
1722 /* release the reordered frames */
1723 dev_kfree_skb(sta->ampdu_mlme.tid_rx[tid]->reorder_buf[i]);
1724 sta->ampdu_mlme.tid_rx[tid]->stored_mpdu_num--;
1725 sta->ampdu_mlme.tid_rx[tid]->reorder_buf[i] = NULL;
1728 /* free resources */
1729 kfree(sta->ampdu_mlme.tid_rx[tid]->reorder_buf);
1730 kfree(sta->ampdu_mlme.tid_rx[tid]);
1731 sta->ampdu_mlme.tid_rx[tid] = NULL;
1732 sta->ampdu_mlme.tid_state_rx[tid] = HT_AGG_STATE_IDLE;
1738 static void ieee80211_sta_process_delba(struct ieee80211_sub_if_data *sdata,
1739 struct ieee80211_mgmt *mgmt, size_t len)
1741 struct ieee80211_local *local = sdata->local;
1742 struct sta_info *sta;
1745 DECLARE_MAC_BUF(mac);
1749 sta = sta_info_get(local, mgmt->sa);
1755 params = le16_to_cpu(mgmt->u.action.u.delba.params);
1756 tid = (params & IEEE80211_DELBA_PARAM_TID_MASK) >> 12;
1757 initiator = (params & IEEE80211_DELBA_PARAM_INITIATOR_MASK) >> 11;
1759 #ifdef CONFIG_MAC80211_HT_DEBUG
1760 if (net_ratelimit())
1761 printk(KERN_DEBUG "delba from %s (%s) tid %d reason code %d\n",
1762 print_mac(mac, mgmt->sa),
1763 initiator ? "initiator" : "recipient", tid,
1764 mgmt->u.action.u.delba.reason_code);
1765 #endif /* CONFIG_MAC80211_HT_DEBUG */
1767 if (initiator == WLAN_BACK_INITIATOR)
1768 ieee80211_sta_stop_rx_ba_session(sdata, sta->addr, tid,
1769 WLAN_BACK_INITIATOR, 0);
1770 else { /* WLAN_BACK_RECIPIENT */
1771 spin_lock_bh(&sta->lock);
1772 sta->ampdu_mlme.tid_state_tx[tid] =
1773 HT_AGG_STATE_OPERATIONAL;
1774 spin_unlock_bh(&sta->lock);
1775 ieee80211_stop_tx_ba_session(&local->hw, sta->addr, tid,
1776 WLAN_BACK_RECIPIENT);
1782 * After sending add Block Ack request we activated a timer until
1783 * add Block Ack response will arrive from the recipient.
1784 * If this timer expires sta_addba_resp_timer_expired will be executed.
1786 void sta_addba_resp_timer_expired(unsigned long data)
1788 /* not an elegant detour, but there is no choice as the timer passes
1789 * only one argument, and both sta_info and TID are needed, so init
1790 * flow in sta_info_create gives the TID as data, while the timer_to_id
1791 * array gives the sta through container_of */
1792 u16 tid = *(u8 *)data;
1793 struct sta_info *temp_sta = container_of((void *)data,
1794 struct sta_info, timer_to_tid[tid]);
1796 struct ieee80211_local *local = temp_sta->local;
1797 struct ieee80211_hw *hw = &local->hw;
1798 struct sta_info *sta;
1803 sta = sta_info_get(local, temp_sta->addr);
1809 state = &sta->ampdu_mlme.tid_state_tx[tid];
1810 /* check if the TID waits for addBA response */
1811 spin_lock_bh(&sta->lock);
1812 if (!(*state & HT_ADDBA_REQUESTED_MSK)) {
1813 spin_unlock_bh(&sta->lock);
1814 *state = HT_AGG_STATE_IDLE;
1815 #ifdef CONFIG_MAC80211_HT_DEBUG
1816 printk(KERN_DEBUG "timer expired on tid %d but we are not "
1817 "expecting addBA response there", tid);
1819 goto timer_expired_exit;
1822 #ifdef CONFIG_MAC80211_HT_DEBUG
1823 printk(KERN_DEBUG "addBA response timer expired on tid %d\n", tid);
1826 /* go through the state check in stop_BA_session */
1827 *state = HT_AGG_STATE_OPERATIONAL;
1828 spin_unlock_bh(&sta->lock);
1829 ieee80211_stop_tx_ba_session(hw, temp_sta->addr, tid,
1830 WLAN_BACK_INITIATOR);
1836 void ieee80211_sta_tear_down_BA_sessions(struct ieee80211_sub_if_data *sdata, u8 *addr)
1838 struct ieee80211_local *local = sdata->local;
1841 for (i = 0; i < STA_TID_NUM; i++) {
1842 ieee80211_stop_tx_ba_session(&local->hw, addr, i,
1843 WLAN_BACK_INITIATOR);
1844 ieee80211_sta_stop_rx_ba_session(sdata, addr, i,
1845 WLAN_BACK_RECIPIENT,
1846 WLAN_REASON_QSTA_LEAVE_QBSS);
1850 static void ieee80211_send_refuse_measurement_request(struct ieee80211_sub_if_data *sdata,
1851 struct ieee80211_msrment_ie *request_ie,
1852 const u8 *da, const u8 *bssid,
1855 struct ieee80211_local *local = sdata->local;
1856 struct sk_buff *skb;
1857 struct ieee80211_mgmt *msr_report;
1859 skb = dev_alloc_skb(sizeof(*msr_report) + local->hw.extra_tx_headroom +
1860 sizeof(struct ieee80211_msrment_ie));
1863 printk(KERN_ERR "%s: failed to allocate buffer for "
1864 "measurement report frame\n", sdata->dev->name);
1868 skb_reserve(skb, local->hw.extra_tx_headroom);
1869 msr_report = (struct ieee80211_mgmt *)skb_put(skb, 24);
1870 memset(msr_report, 0, 24);
1871 memcpy(msr_report->da, da, ETH_ALEN);
1872 memcpy(msr_report->sa, sdata->dev->dev_addr, ETH_ALEN);
1873 memcpy(msr_report->bssid, bssid, ETH_ALEN);
1874 msr_report->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
1875 IEEE80211_STYPE_ACTION);
1877 skb_put(skb, 1 + sizeof(msr_report->u.action.u.measurement));
1878 msr_report->u.action.category = WLAN_CATEGORY_SPECTRUM_MGMT;
1879 msr_report->u.action.u.measurement.action_code =
1880 WLAN_ACTION_SPCT_MSR_RPRT;
1881 msr_report->u.action.u.measurement.dialog_token = dialog_token;
1883 msr_report->u.action.u.measurement.element_id = WLAN_EID_MEASURE_REPORT;
1884 msr_report->u.action.u.measurement.length =
1885 sizeof(struct ieee80211_msrment_ie);
1887 memset(&msr_report->u.action.u.measurement.msr_elem, 0,
1888 sizeof(struct ieee80211_msrment_ie));
1889 msr_report->u.action.u.measurement.msr_elem.token = request_ie->token;
1890 msr_report->u.action.u.measurement.msr_elem.mode |=
1891 IEEE80211_SPCT_MSR_RPRT_MODE_REFUSED;
1892 msr_report->u.action.u.measurement.msr_elem.type = request_ie->type;
1894 ieee80211_sta_tx(sdata, skb, 0);
1897 static void ieee80211_sta_process_measurement_req(struct ieee80211_sub_if_data *sdata,
1898 struct ieee80211_mgmt *mgmt,
1902 * Ignoring measurement request is spec violation.
1903 * Mandatory measurements must be reported optional
1904 * measurements might be refused or reported incapable
1905 * For now just refuse
1906 * TODO: Answer basic measurement as unmeasured
1908 ieee80211_send_refuse_measurement_request(sdata,
1909 &mgmt->u.action.u.measurement.msr_elem,
1910 mgmt->sa, mgmt->bssid,
1911 mgmt->u.action.u.measurement.dialog_token);
1915 static void ieee80211_rx_mgmt_auth(struct ieee80211_sub_if_data *sdata,
1916 struct ieee80211_if_sta *ifsta,
1917 struct ieee80211_mgmt *mgmt,
1920 u16 auth_alg, auth_transaction, status_code;
1921 DECLARE_MAC_BUF(mac);
1923 if (ifsta->state != IEEE80211_STA_MLME_AUTHENTICATE &&
1924 sdata->vif.type != IEEE80211_IF_TYPE_IBSS)
1930 if (sdata->vif.type != IEEE80211_IF_TYPE_IBSS &&
1931 memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN) != 0)
1934 if (sdata->vif.type != IEEE80211_IF_TYPE_IBSS &&
1935 memcmp(ifsta->bssid, mgmt->bssid, ETH_ALEN) != 0)
1938 auth_alg = le16_to_cpu(mgmt->u.auth.auth_alg);
1939 auth_transaction = le16_to_cpu(mgmt->u.auth.auth_transaction);
1940 status_code = le16_to_cpu(mgmt->u.auth.status_code);
1942 if (sdata->vif.type == IEEE80211_IF_TYPE_IBSS) {
1944 * IEEE 802.11 standard does not require authentication in IBSS
1945 * networks and most implementations do not seem to use it.
1946 * However, try to reply to authentication attempts if someone
1947 * has actually implemented this.
1949 if (auth_alg != WLAN_AUTH_OPEN || auth_transaction != 1)
1951 ieee80211_send_auth(sdata, ifsta, 2, NULL, 0, 0);
1954 if (auth_alg != ifsta->auth_alg ||
1955 auth_transaction != ifsta->auth_transaction)
1958 if (status_code != WLAN_STATUS_SUCCESS) {
1959 if (status_code == WLAN_STATUS_NOT_SUPPORTED_AUTH_ALG) {
1961 const int num_algs = ARRAY_SIZE(algs);
1963 algs[0] = algs[1] = algs[2] = 0xff;
1964 if (ifsta->auth_algs & IEEE80211_AUTH_ALG_OPEN)
1965 algs[0] = WLAN_AUTH_OPEN;
1966 if (ifsta->auth_algs & IEEE80211_AUTH_ALG_SHARED_KEY)
1967 algs[1] = WLAN_AUTH_SHARED_KEY;
1968 if (ifsta->auth_algs & IEEE80211_AUTH_ALG_LEAP)
1969 algs[2] = WLAN_AUTH_LEAP;
1970 if (ifsta->auth_alg == WLAN_AUTH_OPEN)
1972 else if (ifsta->auth_alg == WLAN_AUTH_SHARED_KEY)
1976 for (i = 0; i < num_algs; i++) {
1978 if (pos >= num_algs)
1980 if (algs[pos] == ifsta->auth_alg ||
1983 if (algs[pos] == WLAN_AUTH_SHARED_KEY &&
1984 !ieee80211_sta_wep_configured(sdata))
1986 ifsta->auth_alg = algs[pos];
1993 switch (ifsta->auth_alg) {
1994 case WLAN_AUTH_OPEN:
1995 case WLAN_AUTH_LEAP:
1996 ieee80211_auth_completed(sdata, ifsta);
1998 case WLAN_AUTH_SHARED_KEY:
1999 if (ifsta->auth_transaction == 4)
2000 ieee80211_auth_completed(sdata, ifsta);
2002 ieee80211_auth_challenge(sdata, ifsta, mgmt, len);
2008 static void ieee80211_rx_mgmt_deauth(struct ieee80211_sub_if_data *sdata,
2009 struct ieee80211_if_sta *ifsta,
2010 struct ieee80211_mgmt *mgmt,
2014 DECLARE_MAC_BUF(mac);
2019 if (memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN))
2022 reason_code = le16_to_cpu(mgmt->u.deauth.reason_code);
2024 if (ifsta->flags & IEEE80211_STA_AUTHENTICATED)
2025 printk(KERN_DEBUG "%s: deauthenticated\n", sdata->dev->name);
2027 if (ifsta->state == IEEE80211_STA_MLME_AUTHENTICATE ||
2028 ifsta->state == IEEE80211_STA_MLME_ASSOCIATE ||
2029 ifsta->state == IEEE80211_STA_MLME_ASSOCIATED) {
2030 ifsta->state = IEEE80211_STA_MLME_DIRECT_PROBE;
2031 mod_timer(&ifsta->timer, jiffies +
2032 IEEE80211_RETRY_AUTH_INTERVAL);
2035 ieee80211_set_disassoc(sdata, ifsta, true, false, 0);
2036 ifsta->flags &= ~IEEE80211_STA_AUTHENTICATED;
2040 static void ieee80211_rx_mgmt_disassoc(struct ieee80211_sub_if_data *sdata,
2041 struct ieee80211_if_sta *ifsta,
2042 struct ieee80211_mgmt *mgmt,
2046 DECLARE_MAC_BUF(mac);
2051 if (memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN))
2054 reason_code = le16_to_cpu(mgmt->u.disassoc.reason_code);
2056 if (ifsta->flags & IEEE80211_STA_ASSOCIATED)
2057 printk(KERN_DEBUG "%s: disassociated\n", sdata->dev->name);
2059 if (ifsta->state == IEEE80211_STA_MLME_ASSOCIATED) {
2060 ifsta->state = IEEE80211_STA_MLME_ASSOCIATE;
2061 mod_timer(&ifsta->timer, jiffies +
2062 IEEE80211_RETRY_AUTH_INTERVAL);
2065 ieee80211_set_disassoc(sdata, ifsta, false, false, 0);
2069 static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
2070 struct ieee80211_if_sta *ifsta,
2071 struct ieee80211_mgmt *mgmt,
2075 struct ieee80211_local *local = sdata->local;
2076 struct ieee80211_supported_band *sband;
2077 struct sta_info *sta;
2078 u64 rates, basic_rates;
2079 u16 capab_info, status_code, aid;
2080 struct ieee802_11_elems elems;
2081 struct ieee80211_bss_conf *bss_conf = &sdata->bss_conf;
2084 DECLARE_MAC_BUF(mac);
2085 bool have_higher_than_11mbit = false;
2087 /* AssocResp and ReassocResp have identical structure, so process both
2088 * of them in this function. */
2090 if (ifsta->state != IEEE80211_STA_MLME_ASSOCIATE)
2096 if (memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN) != 0)
2099 capab_info = le16_to_cpu(mgmt->u.assoc_resp.capab_info);
2100 status_code = le16_to_cpu(mgmt->u.assoc_resp.status_code);
2101 aid = le16_to_cpu(mgmt->u.assoc_resp.aid);
2103 printk(KERN_DEBUG "%s: RX %sssocResp from %s (capab=0x%x "
2104 "status=%d aid=%d)\n",
2105 sdata->dev->name, reassoc ? "Rea" : "A", print_mac(mac, mgmt->sa),
2106 capab_info, status_code, (u16)(aid & ~(BIT(15) | BIT(14))));
2108 if (status_code != WLAN_STATUS_SUCCESS) {
2109 printk(KERN_DEBUG "%s: AP denied association (code=%d)\n",
2110 sdata->dev->name, status_code);
2111 /* if this was a reassociation, ensure we try a "full"
2112 * association next time. This works around some broken APs
2113 * which do not correctly reject reassociation requests. */
2114 ifsta->flags &= ~IEEE80211_STA_PREV_BSSID_SET;
2118 if ((aid & (BIT(15) | BIT(14))) != (BIT(15) | BIT(14)))
2119 printk(KERN_DEBUG "%s: invalid aid value %d; bits 15:14 not "
2120 "set\n", sdata->dev->name, aid);
2121 aid &= ~(BIT(15) | BIT(14));
2123 pos = mgmt->u.assoc_resp.variable;
2124 ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems);
2126 if (!elems.supp_rates) {
2127 printk(KERN_DEBUG "%s: no SuppRates element in AssocResp\n",
2132 printk(KERN_DEBUG "%s: associated\n", sdata->dev->name);
2134 ifsta->ap_capab = capab_info;
2136 kfree(ifsta->assocresp_ies);
2137 ifsta->assocresp_ies_len = len - (pos - (u8 *) mgmt);
2138 ifsta->assocresp_ies = kmalloc(ifsta->assocresp_ies_len, GFP_KERNEL);
2139 if (ifsta->assocresp_ies)
2140 memcpy(ifsta->assocresp_ies, pos, ifsta->assocresp_ies_len);
2144 /* Add STA entry for the AP */
2145 sta = sta_info_get(local, ifsta->bssid);
2147 struct ieee80211_sta_bss *bss;
2150 sta = sta_info_alloc(sdata, ifsta->bssid, GFP_ATOMIC);
2152 printk(KERN_DEBUG "%s: failed to alloc STA entry for"
2153 " the AP\n", sdata->dev->name);
2157 bss = ieee80211_rx_bss_get(local, ifsta->bssid,
2158 local->hw.conf.channel->center_freq,
2159 ifsta->ssid, ifsta->ssid_len);
2161 sta->last_signal = bss->signal;
2162 sta->last_qual = bss->qual;
2163 sta->last_noise = bss->noise;
2164 ieee80211_rx_bss_put(local, bss);
2167 err = sta_info_insert(sta);
2169 printk(KERN_DEBUG "%s: failed to insert STA entry for"
2170 " the AP (error %d)\n", sdata->dev->name, err);
2174 /* update new sta with its last rx activity */
2175 sta->last_rx = jiffies;
2179 * FIXME: Do we really need to update the sta_info's information here?
2180 * We already know about the AP (we found it in our list) so it
2181 * should already be filled with the right info, no?
2182 * As is stands, all this is racy because typically we assume
2183 * the information that is filled in here (except flags) doesn't
2184 * change while a STA structure is alive. As such, it should move
2185 * to between the sta_info_alloc() and sta_info_insert() above.
2188 set_sta_flags(sta, WLAN_STA_AUTH | WLAN_STA_ASSOC | WLAN_STA_ASSOC_AP |
2189 WLAN_STA_AUTHORIZED);
2193 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
2195 for (i = 0; i < elems.supp_rates_len; i++) {
2196 int rate = (elems.supp_rates[i] & 0x7f) * 5;
2199 have_higher_than_11mbit = true;
2201 for (j = 0; j < sband->n_bitrates; j++) {
2202 if (sband->bitrates[j].bitrate == rate)
2204 if (elems.supp_rates[i] & 0x80)
2205 basic_rates |= BIT(j);
2209 for (i = 0; i < elems.ext_supp_rates_len; i++) {
2210 int rate = (elems.ext_supp_rates[i] & 0x7f) * 5;
2213 have_higher_than_11mbit = true;
2215 for (j = 0; j < sband->n_bitrates; j++) {
2216 if (sband->bitrates[j].bitrate == rate)
2218 if (elems.ext_supp_rates[i] & 0x80)
2219 basic_rates |= BIT(j);
2223 sta->supp_rates[local->hw.conf.channel->band] = rates;
2224 sdata->basic_rates = basic_rates;
2226 /* cf. IEEE 802.11 9.2.12 */
2227 if (local->hw.conf.channel->band == IEEE80211_BAND_2GHZ &&
2228 have_higher_than_11mbit)
2229 sdata->flags |= IEEE80211_SDATA_OPERATING_GMODE;
2231 sdata->flags &= ~IEEE80211_SDATA_OPERATING_GMODE;
2233 if (elems.ht_cap_elem && elems.ht_info_elem && elems.wmm_param &&
2234 (ifsta->flags & IEEE80211_STA_WMM_ENABLED)) {
2235 struct ieee80211_ht_bss_info bss_info;
2236 ieee80211_ht_cap_ie_to_ht_info(
2237 (struct ieee80211_ht_cap *)
2238 elems.ht_cap_elem, &sta->ht_info);
2239 ieee80211_ht_addt_info_ie_to_ht_bss_info(
2240 (struct ieee80211_ht_addt_info *)
2241 elems.ht_info_elem, &bss_info);
2242 ieee80211_handle_ht(local, 1, &sta->ht_info, &bss_info);
2245 rate_control_rate_init(sta, local);
2247 if (elems.wmm_param) {
2248 set_sta_flags(sta, WLAN_STA_WME);
2250 ieee80211_sta_wmm_params(local, ifsta, elems.wmm_param,
2251 elems.wmm_param_len);
2255 /* set AID and assoc capability,
2256 * ieee80211_set_associated() will tell the driver */
2257 bss_conf->aid = aid;
2258 bss_conf->assoc_capability = capab_info;
2259 ieee80211_set_associated(sdata, ifsta);
2261 ieee80211_associated(sdata, ifsta);
2265 static int ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata,
2266 struct ieee80211_if_sta *ifsta,
2267 struct ieee80211_sta_bss *bss)
2269 struct ieee80211_local *local = sdata->local;
2270 int res, rates, i, j;
2271 struct sk_buff *skb;
2272 struct ieee80211_mgmt *mgmt;
2274 struct ieee80211_supported_band *sband;
2275 union iwreq_data wrqu;
2277 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
2279 /* Remove possible STA entries from other IBSS networks. */
2280 sta_info_flush_delayed(sdata);
2282 if (local->ops->reset_tsf) {
2283 /* Reset own TSF to allow time synchronization work. */
2284 local->ops->reset_tsf(local_to_hw(local));
2286 memcpy(ifsta->bssid, bss->bssid, ETH_ALEN);
2287 res = ieee80211_if_config(sdata, IEEE80211_IFCC_BSSID);
2291 local->hw.conf.beacon_int = bss->beacon_int >= 10 ? bss->beacon_int : 10;
2293 sdata->drop_unencrypted = bss->capability &
2294 WLAN_CAPABILITY_PRIVACY ? 1 : 0;
2296 res = ieee80211_set_freq(sdata, bss->freq);
2301 /* Build IBSS probe response */
2302 skb = dev_alloc_skb(local->hw.extra_tx_headroom + 400);
2304 skb_reserve(skb, local->hw.extra_tx_headroom);
2306 mgmt = (struct ieee80211_mgmt *)
2307 skb_put(skb, 24 + sizeof(mgmt->u.beacon));
2308 memset(mgmt, 0, 24 + sizeof(mgmt->u.beacon));
2309 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
2310 IEEE80211_STYPE_PROBE_RESP);
2311 memset(mgmt->da, 0xff, ETH_ALEN);
2312 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
2313 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
2314 mgmt->u.beacon.beacon_int =
2315 cpu_to_le16(local->hw.conf.beacon_int);
2316 mgmt->u.beacon.timestamp = cpu_to_le64(bss->timestamp);
2317 mgmt->u.beacon.capab_info = cpu_to_le16(bss->capability);
2319 pos = skb_put(skb, 2 + ifsta->ssid_len);
2320 *pos++ = WLAN_EID_SSID;
2321 *pos++ = ifsta->ssid_len;
2322 memcpy(pos, ifsta->ssid, ifsta->ssid_len);
2324 rates = bss->supp_rates_len;
2327 pos = skb_put(skb, 2 + rates);
2328 *pos++ = WLAN_EID_SUPP_RATES;
2330 memcpy(pos, bss->supp_rates, rates);
2332 if (bss->band == IEEE80211_BAND_2GHZ) {
2333 pos = skb_put(skb, 2 + 1);
2334 *pos++ = WLAN_EID_DS_PARAMS;
2336 *pos++ = ieee80211_frequency_to_channel(bss->freq);
2339 pos = skb_put(skb, 2 + 2);
2340 *pos++ = WLAN_EID_IBSS_PARAMS;
2342 /* FIX: set ATIM window based on scan results */
2346 if (bss->supp_rates_len > 8) {
2347 rates = bss->supp_rates_len - 8;
2348 pos = skb_put(skb, 2 + rates);
2349 *pos++ = WLAN_EID_EXT_SUPP_RATES;
2351 memcpy(pos, &bss->supp_rates[8], rates);
2354 ifsta->probe_resp = skb;
2356 ieee80211_if_config(sdata, IEEE80211_IFCC_BEACON);
2360 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
2361 for (i = 0; i < bss->supp_rates_len; i++) {
2362 int bitrate = (bss->supp_rates[i] & 0x7f) * 5;
2363 for (j = 0; j < sband->n_bitrates; j++)
2364 if (sband->bitrates[j].bitrate == bitrate)
2367 ifsta->supp_rates_bits[local->hw.conf.channel->band] = rates;
2369 ieee80211_sta_def_wmm_params(sdata, bss, 1);
2371 ifsta->state = IEEE80211_STA_MLME_IBSS_JOINED;
2372 mod_timer(&ifsta->timer, jiffies + IEEE80211_IBSS_MERGE_INTERVAL);
2374 memset(&wrqu, 0, sizeof(wrqu));
2375 memcpy(wrqu.ap_addr.sa_data, bss->bssid, ETH_ALEN);
2376 wireless_send_event(sdata->dev, SIOCGIWAP, &wrqu, NULL);
2381 u64 ieee80211_sta_get_rates(struct ieee80211_local *local,
2382 struct ieee802_11_elems *elems,
2383 enum ieee80211_band band)
2385 struct ieee80211_supported_band *sband;
2386 struct ieee80211_rate *bitrates;
2390 sband = local->hw.wiphy->bands[band];
2394 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
2397 bitrates = sband->bitrates;
2398 num_rates = sband->n_bitrates;
2400 for (i = 0; i < elems->supp_rates_len +
2401 elems->ext_supp_rates_len; i++) {
2404 if (i < elems->supp_rates_len)
2405 rate = elems->supp_rates[i];
2406 else if (elems->ext_supp_rates)
2407 rate = elems->ext_supp_rates
2408 [i - elems->supp_rates_len];
2409 own_rate = 5 * (rate & 0x7f);
2410 for (j = 0; j < num_rates; j++)
2411 if (bitrates[j].bitrate == own_rate)
2412 supp_rates |= BIT(j);
2417 static u64 ieee80211_sta_get_mandatory_rates(struct ieee80211_local *local,
2418 enum ieee80211_band band)
2420 struct ieee80211_supported_band *sband;
2421 struct ieee80211_rate *bitrates;
2422 u64 mandatory_rates;
2423 enum ieee80211_rate_flags mandatory_flag;
2426 sband = local->hw.wiphy->bands[band];
2429 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
2432 if (band == IEEE80211_BAND_2GHZ)
2433 mandatory_flag = IEEE80211_RATE_MANDATORY_B;
2435 mandatory_flag = IEEE80211_RATE_MANDATORY_A;
2437 bitrates = sband->bitrates;
2438 mandatory_rates = 0;
2439 for (i = 0; i < sband->n_bitrates; i++)
2440 if (bitrates[i].flags & mandatory_flag)
2441 mandatory_rates |= BIT(i);
2442 return mandatory_rates;
2445 struct ieee80211_sta_bss *
2446 ieee80211_bss_info_update(struct ieee80211_local *local,
2447 struct ieee80211_rx_status *rx_status,
2448 struct ieee80211_mgmt *mgmt,
2450 struct ieee802_11_elems *elems,
2451 int freq, bool beacon)
2453 struct ieee80211_sta_bss *bss;
2456 #ifdef CONFIG_MAC80211_MESH
2457 if (elems->mesh_config)
2458 bss = ieee80211_rx_mesh_bss_get(local, elems->mesh_id,
2459 elems->mesh_id_len, elems->mesh_config, freq);
2462 bss = ieee80211_rx_bss_get(local, mgmt->bssid, freq,
2463 elems->ssid, elems->ssid_len);
2465 #ifdef CONFIG_MAC80211_MESH
2466 if (elems->mesh_config)
2467 bss = ieee80211_rx_mesh_bss_add(local, elems->mesh_id,
2468 elems->mesh_id_len, elems->mesh_config,
2469 elems->mesh_config_len, freq);
2472 bss = ieee80211_rx_bss_add(local, mgmt->bssid, freq,
2473 elems->ssid, elems->ssid_len);
2478 /* TODO: order by RSSI? */
2479 spin_lock_bh(&local->sta_bss_lock);
2480 list_move_tail(&bss->list, &local->sta_bss_list);
2481 spin_unlock_bh(&local->sta_bss_lock);
2485 /* save the ERP value so that it is available at association time */
2486 if (elems->erp_info && elems->erp_info_len >= 1) {
2487 bss->erp_value = elems->erp_info[0];
2488 bss->has_erp_value = 1;
2491 bss->beacon_int = le16_to_cpu(mgmt->u.beacon.beacon_int);
2492 bss->capability = le16_to_cpu(mgmt->u.beacon.capab_info);
2495 struct ieee80211_tim_ie *tim_ie =
2496 (struct ieee80211_tim_ie *)elems->tim;
2497 bss->dtim_period = tim_ie->dtim_period;
2500 /* set default value for buggy APs */
2501 if (!elems->tim || bss->dtim_period == 0)
2502 bss->dtim_period = 1;
2504 bss->supp_rates_len = 0;
2505 if (elems->supp_rates) {
2506 clen = IEEE80211_MAX_SUPP_RATES - bss->supp_rates_len;
2507 if (clen > elems->supp_rates_len)
2508 clen = elems->supp_rates_len;
2509 memcpy(&bss->supp_rates[bss->supp_rates_len], elems->supp_rates,
2511 bss->supp_rates_len += clen;
2513 if (elems->ext_supp_rates) {
2514 clen = IEEE80211_MAX_SUPP_RATES - bss->supp_rates_len;
2515 if (clen > elems->ext_supp_rates_len)
2516 clen = elems->ext_supp_rates_len;
2517 memcpy(&bss->supp_rates[bss->supp_rates_len],
2518 elems->ext_supp_rates, clen);
2519 bss->supp_rates_len += clen;
2522 bss->band = rx_status->band;
2524 bss->timestamp = le64_to_cpu(mgmt->u.beacon.timestamp);
2525 bss->last_update = jiffies;
2526 bss->signal = rx_status->signal;
2527 bss->noise = rx_status->noise;
2528 bss->qual = rx_status->qual;
2529 bss->wmm_used = elems->wmm_param || elems->wmm_info;
2532 bss->last_probe_resp = jiffies;
2535 * For probe responses, or if we don't have any information yet,
2536 * use the IEs from the beacon.
2538 if (!bss->ies || !beacon) {
2539 if (bss->ies == NULL || bss->ies_len < elems->total_len) {
2541 bss->ies = kmalloc(elems->total_len, GFP_ATOMIC);
2544 memcpy(bss->ies, elems->ie_start, elems->total_len);
2545 bss->ies_len = elems->total_len;
2553 static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata,
2554 struct ieee80211_mgmt *mgmt,
2556 struct ieee80211_rx_status *rx_status,
2557 struct ieee802_11_elems *elems,
2560 struct ieee80211_local *local = sdata->local;
2562 struct ieee80211_sta_bss *bss;
2563 struct sta_info *sta;
2564 struct ieee80211_channel *channel;
2565 u64 beacon_timestamp, rx_timestamp;
2567 enum ieee80211_band band = rx_status->band;
2568 DECLARE_MAC_BUF(mac);
2569 DECLARE_MAC_BUF(mac2);
2571 if (elems->ds_params && elems->ds_params_len == 1)
2572 freq = ieee80211_channel_to_frequency(elems->ds_params[0]);
2574 freq = rx_status->freq;
2576 channel = ieee80211_get_channel(local->hw.wiphy, freq);
2578 if (!channel || channel->flags & IEEE80211_CHAN_DISABLED)
2581 if (ieee80211_vif_is_mesh(&sdata->vif) && elems->mesh_id &&
2582 elems->mesh_config && mesh_matches_local(elems, sdata)) {
2583 supp_rates = ieee80211_sta_get_rates(local, elems, band);
2585 mesh_neighbour_update(mgmt->sa, supp_rates, sdata,
2586 mesh_peer_accepts_plinks(elems));
2589 if (sdata->vif.type == IEEE80211_IF_TYPE_IBSS && elems->supp_rates &&
2590 memcmp(mgmt->bssid, sdata->u.sta.bssid, ETH_ALEN) == 0) {
2591 supp_rates = ieee80211_sta_get_rates(local, elems, band);
2595 sta = sta_info_get(local, mgmt->sa);
2599 prev_rates = sta->supp_rates[band];
2600 /* make sure mandatory rates are always added */
2601 sta->supp_rates[band] = supp_rates |
2602 ieee80211_sta_get_mandatory_rates(local, band);
2604 #ifdef CONFIG_MAC80211_IBSS_DEBUG
2605 if (sta->supp_rates[band] != prev_rates)
2606 printk(KERN_DEBUG "%s: updated supp_rates set "
2607 "for %s based on beacon info (0x%llx | "
2608 "0x%llx -> 0x%llx)\n",
2609 sdata->dev->name, print_mac(mac, sta->addr),
2610 (unsigned long long) prev_rates,
2611 (unsigned long long) supp_rates,
2612 (unsigned long long) sta->supp_rates[band]);
2615 ieee80211_ibss_add_sta(sdata, NULL, mgmt->bssid,
2616 mgmt->sa, supp_rates);
2622 bss = ieee80211_bss_info_update(local, rx_status, mgmt, len, elems,
2627 /* was just updated in ieee80211_bss_info_update */
2628 beacon_timestamp = bss->timestamp;
2631 * In STA mode, the remaining parameters should not be overridden
2632 * by beacons because they're not necessarily accurate there.
2634 if (sdata->vif.type != IEEE80211_IF_TYPE_IBSS &&
2635 bss->last_probe_resp && beacon) {
2636 ieee80211_rx_bss_put(local, bss);
2640 /* check if we need to merge IBSS */
2641 if (sdata->vif.type == IEEE80211_IF_TYPE_IBSS && beacon &&
2642 bss->capability & WLAN_CAPABILITY_IBSS &&
2643 bss->freq == local->oper_channel->center_freq &&
2644 elems->ssid_len == sdata->u.sta.ssid_len &&
2645 memcmp(elems->ssid, sdata->u.sta.ssid,
2646 sdata->u.sta.ssid_len) == 0) {
2647 if (rx_status->flag & RX_FLAG_TSFT) {
2648 /* in order for correct IBSS merging we need mactime
2650 * since mactime is defined as the time the first data
2651 * symbol of the frame hits the PHY, and the timestamp
2652 * of the beacon is defined as "the time that the data
2653 * symbol containing the first bit of the timestamp is
2654 * transmitted to the PHY plus the transmitting STA’s
2655 * delays through its local PHY from the MAC-PHY
2656 * interface to its interface with the WM"
2657 * (802.11 11.1.2) - equals the time this bit arrives at
2658 * the receiver - we have to take into account the
2659 * offset between the two.
2660 * e.g: at 1 MBit that means mactime is 192 usec earlier
2661 * (=24 bytes * 8 usecs/byte) than the beacon timestamp.
2663 int rate = local->hw.wiphy->bands[band]->
2664 bitrates[rx_status->rate_idx].bitrate;
2665 rx_timestamp = rx_status->mactime + (24 * 8 * 10 / rate);
2666 } else if (local && local->ops && local->ops->get_tsf)
2667 /* second best option: get current TSF */
2668 rx_timestamp = local->ops->get_tsf(local_to_hw(local));
2670 /* can't merge without knowing the TSF */
2671 rx_timestamp = -1LLU;
2672 #ifdef CONFIG_MAC80211_IBSS_DEBUG
2673 printk(KERN_DEBUG "RX beacon SA=%s BSSID="
2674 "%s TSF=0x%llx BCN=0x%llx diff=%lld @%lu\n",
2675 print_mac(mac, mgmt->sa),
2676 print_mac(mac2, mgmt->bssid),
2677 (unsigned long long)rx_timestamp,
2678 (unsigned long long)beacon_timestamp,
2679 (unsigned long long)(rx_timestamp - beacon_timestamp),
2681 #endif /* CONFIG_MAC80211_IBSS_DEBUG */
2682 if (beacon_timestamp > rx_timestamp) {
2683 #ifdef CONFIG_MAC80211_IBSS_DEBUG
2684 printk(KERN_DEBUG "%s: beacon TSF higher than "
2685 "local TSF - IBSS merge with BSSID %s\n",
2686 sdata->dev->name, print_mac(mac, mgmt->bssid));
2688 ieee80211_sta_join_ibss(sdata, &sdata->u.sta, bss);
2689 ieee80211_ibss_add_sta(sdata, NULL,
2690 mgmt->bssid, mgmt->sa,
2695 ieee80211_rx_bss_put(local, bss);
2699 static void ieee80211_rx_mgmt_probe_resp(struct ieee80211_sub_if_data *sdata,
2700 struct ieee80211_mgmt *mgmt,
2702 struct ieee80211_rx_status *rx_status)
2705 struct ieee802_11_elems elems;
2706 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
2708 if (memcmp(mgmt->da, sdata->dev->dev_addr, ETH_ALEN))
2709 return; /* ignore ProbeResp to foreign address */
2711 baselen = (u8 *) mgmt->u.probe_resp.variable - (u8 *) mgmt;
2715 ieee802_11_parse_elems(mgmt->u.probe_resp.variable, len - baselen,
2718 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems, false);
2720 /* direct probe may be part of the association flow */
2721 if (test_and_clear_bit(IEEE80211_STA_REQ_DIRECT_PROBE,
2723 printk(KERN_DEBUG "%s direct probe responded\n",
2725 ieee80211_authenticate(sdata, ifsta);
2730 static void ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata,
2731 struct ieee80211_mgmt *mgmt,
2733 struct ieee80211_rx_status *rx_status)
2735 struct ieee80211_if_sta *ifsta;
2737 struct ieee802_11_elems elems;
2738 struct ieee80211_local *local = sdata->local;
2739 struct ieee80211_conf *conf = &local->hw.conf;
2742 /* Process beacon from the current BSS */
2743 baselen = (u8 *) mgmt->u.beacon.variable - (u8 *) mgmt;
2747 ieee802_11_parse_elems(mgmt->u.beacon.variable, len - baselen, &elems);
2749 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems, true);
2751 if (sdata->vif.type != IEEE80211_IF_TYPE_STA)
2753 ifsta = &sdata->u.sta;
2755 if (!(ifsta->flags & IEEE80211_STA_ASSOCIATED) ||
2756 memcmp(ifsta->bssid, mgmt->bssid, ETH_ALEN) != 0)
2759 ieee80211_sta_wmm_params(local, ifsta, elems.wmm_param,
2760 elems.wmm_param_len);
2762 if (elems.erp_info && elems.erp_info_len >= 1)
2763 changed |= ieee80211_handle_erp_ie(sdata, elems.erp_info[0]);
2765 u16 capab = le16_to_cpu(mgmt->u.beacon.capab_info);
2766 changed |= ieee80211_handle_protect_preamb(sdata, false,
2767 (capab & WLAN_CAPABILITY_SHORT_PREAMBLE) != 0);
2770 if (elems.ht_cap_elem && elems.ht_info_elem &&
2771 elems.wmm_param && conf->flags & IEEE80211_CONF_SUPPORT_HT_MODE) {
2772 struct ieee80211_ht_bss_info bss_info;
2774 ieee80211_ht_addt_info_ie_to_ht_bss_info(
2775 (struct ieee80211_ht_addt_info *)
2776 elems.ht_info_elem, &bss_info);
2777 changed |= ieee80211_handle_ht(local, 1, &conf->ht_conf,
2781 ieee80211_bss_info_change_notify(sdata, changed);
2785 static void ieee80211_rx_mgmt_probe_req(struct ieee80211_sub_if_data *sdata,
2786 struct ieee80211_if_sta *ifsta,
2787 struct ieee80211_mgmt *mgmt,
2789 struct ieee80211_rx_status *rx_status)
2791 struct ieee80211_local *local = sdata->local;
2793 struct sk_buff *skb;
2794 struct ieee80211_mgmt *resp;
2796 DECLARE_MAC_BUF(mac);
2797 #ifdef CONFIG_MAC80211_IBSS_DEBUG
2798 DECLARE_MAC_BUF(mac2);
2799 DECLARE_MAC_BUF(mac3);
2802 if (sdata->vif.type != IEEE80211_IF_TYPE_IBSS ||
2803 ifsta->state != IEEE80211_STA_MLME_IBSS_JOINED ||
2804 len < 24 + 2 || !ifsta->probe_resp)
2807 if (local->ops->tx_last_beacon)
2808 tx_last_beacon = local->ops->tx_last_beacon(local_to_hw(local));
2812 #ifdef CONFIG_MAC80211_IBSS_DEBUG
2813 printk(KERN_DEBUG "%s: RX ProbeReq SA=%s DA=%s BSSID="
2814 "%s (tx_last_beacon=%d)\n",
2815 sdata->dev->name, print_mac(mac, mgmt->sa), print_mac(mac2, mgmt->da),
2816 print_mac(mac3, mgmt->bssid), tx_last_beacon);
2817 #endif /* CONFIG_MAC80211_IBSS_DEBUG */
2819 if (!tx_last_beacon)
2822 if (memcmp(mgmt->bssid, ifsta->bssid, ETH_ALEN) != 0 &&
2823 memcmp(mgmt->bssid, "\xff\xff\xff\xff\xff\xff", ETH_ALEN) != 0)
2826 end = ((u8 *) mgmt) + len;
2827 pos = mgmt->u.probe_req.variable;
2828 if (pos[0] != WLAN_EID_SSID ||
2829 pos + 2 + pos[1] > end) {
2830 #ifdef CONFIG_MAC80211_IBSS_DEBUG
2831 printk(KERN_DEBUG "%s: Invalid SSID IE in ProbeReq "
2833 sdata->dev->name, print_mac(mac, mgmt->sa));
2838 (pos[1] != ifsta->ssid_len ||
2839 memcmp(pos + 2, ifsta->ssid, ifsta->ssid_len) != 0)) {
2840 /* Ignore ProbeReq for foreign SSID */
2844 /* Reply with ProbeResp */
2845 skb = skb_copy(ifsta->probe_resp, GFP_KERNEL);
2849 resp = (struct ieee80211_mgmt *) skb->data;
2850 memcpy(resp->da, mgmt->sa, ETH_ALEN);
2851 #ifdef CONFIG_MAC80211_IBSS_DEBUG
2852 printk(KERN_DEBUG "%s: Sending ProbeResp to %s\n",
2853 sdata->dev->name, print_mac(mac, resp->da));
2854 #endif /* CONFIG_MAC80211_IBSS_DEBUG */
2855 ieee80211_sta_tx(sdata, skb, 0);
2858 static void ieee80211_rx_mgmt_action(struct ieee80211_sub_if_data *sdata,
2859 struct ieee80211_if_sta *ifsta,
2860 struct ieee80211_mgmt *mgmt,
2862 struct ieee80211_rx_status *rx_status)
2864 struct ieee80211_local *local = sdata->local;
2866 /* all categories we currently handle have action_code */
2867 if (len < IEEE80211_MIN_ACTION_SIZE + 1)
2870 switch (mgmt->u.action.category) {
2871 case WLAN_CATEGORY_SPECTRUM_MGMT:
2872 if (local->hw.conf.channel->band != IEEE80211_BAND_5GHZ)
2874 switch (mgmt->u.action.u.measurement.action_code) {
2875 case WLAN_ACTION_SPCT_MSR_REQ:
2876 if (len < (IEEE80211_MIN_ACTION_SIZE +
2877 sizeof(mgmt->u.action.u.measurement)))
2879 ieee80211_sta_process_measurement_req(sdata, mgmt, len);
2883 case WLAN_CATEGORY_BACK:
2884 switch (mgmt->u.action.u.addba_req.action_code) {
2885 case WLAN_ACTION_ADDBA_REQ:
2886 if (len < (IEEE80211_MIN_ACTION_SIZE +
2887 sizeof(mgmt->u.action.u.addba_req)))
2889 ieee80211_sta_process_addba_request(local, mgmt, len);
2891 case WLAN_ACTION_ADDBA_RESP:
2892 if (len < (IEEE80211_MIN_ACTION_SIZE +
2893 sizeof(mgmt->u.action.u.addba_resp)))
2895 ieee80211_sta_process_addba_resp(local, mgmt, len);
2897 case WLAN_ACTION_DELBA:
2898 if (len < (IEEE80211_MIN_ACTION_SIZE +
2899 sizeof(mgmt->u.action.u.delba)))
2901 ieee80211_sta_process_delba(sdata, mgmt, len);
2905 case PLINK_CATEGORY:
2906 if (ieee80211_vif_is_mesh(&sdata->vif))
2907 mesh_rx_plink_frame(sdata, mgmt, len, rx_status);
2909 case MESH_PATH_SEL_CATEGORY:
2910 if (ieee80211_vif_is_mesh(&sdata->vif))
2911 mesh_rx_path_sel_frame(sdata, mgmt, len);
2916 void ieee80211_sta_rx_mgmt(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb,
2917 struct ieee80211_rx_status *rx_status)
2919 struct ieee80211_local *local = sdata->local;
2920 struct ieee80211_if_sta *ifsta;
2921 struct ieee80211_mgmt *mgmt;
2927 ifsta = &sdata->u.sta;
2929 mgmt = (struct ieee80211_mgmt *) skb->data;
2930 fc = le16_to_cpu(mgmt->frame_control);
2932 switch (fc & IEEE80211_FCTL_STYPE) {
2933 case IEEE80211_STYPE_PROBE_REQ:
2934 case IEEE80211_STYPE_PROBE_RESP:
2935 case IEEE80211_STYPE_BEACON:
2936 case IEEE80211_STYPE_ACTION:
2937 memcpy(skb->cb, rx_status, sizeof(*rx_status));
2938 case IEEE80211_STYPE_AUTH:
2939 case IEEE80211_STYPE_ASSOC_RESP:
2940 case IEEE80211_STYPE_REASSOC_RESP:
2941 case IEEE80211_STYPE_DEAUTH:
2942 case IEEE80211_STYPE_DISASSOC:
2943 skb_queue_tail(&ifsta->skb_queue, skb);
2944 queue_work(local->hw.workqueue, &ifsta->work);
2952 static void ieee80211_sta_rx_queued_mgmt(struct ieee80211_sub_if_data *sdata,
2953 struct sk_buff *skb)
2955 struct ieee80211_rx_status *rx_status;
2956 struct ieee80211_if_sta *ifsta;
2957 struct ieee80211_mgmt *mgmt;
2960 ifsta = &sdata->u.sta;
2962 rx_status = (struct ieee80211_rx_status *) skb->cb;
2963 mgmt = (struct ieee80211_mgmt *) skb->data;
2964 fc = le16_to_cpu(mgmt->frame_control);
2966 switch (fc & IEEE80211_FCTL_STYPE) {
2967 case IEEE80211_STYPE_PROBE_REQ:
2968 ieee80211_rx_mgmt_probe_req(sdata, ifsta, mgmt, skb->len,
2971 case IEEE80211_STYPE_PROBE_RESP:
2972 ieee80211_rx_mgmt_probe_resp(sdata, mgmt, skb->len, rx_status);
2974 case IEEE80211_STYPE_BEACON:
2975 ieee80211_rx_mgmt_beacon(sdata, mgmt, skb->len, rx_status);
2977 case IEEE80211_STYPE_AUTH:
2978 ieee80211_rx_mgmt_auth(sdata, ifsta, mgmt, skb->len);
2980 case IEEE80211_STYPE_ASSOC_RESP:
2981 ieee80211_rx_mgmt_assoc_resp(sdata, ifsta, mgmt, skb->len, 0);
2983 case IEEE80211_STYPE_REASSOC_RESP:
2984 ieee80211_rx_mgmt_assoc_resp(sdata, ifsta, mgmt, skb->len, 1);
2986 case IEEE80211_STYPE_DEAUTH:
2987 ieee80211_rx_mgmt_deauth(sdata, ifsta, mgmt, skb->len);
2989 case IEEE80211_STYPE_DISASSOC:
2990 ieee80211_rx_mgmt_disassoc(sdata, ifsta, mgmt, skb->len);
2992 case IEEE80211_STYPE_ACTION:
2993 ieee80211_rx_mgmt_action(sdata, ifsta, mgmt, skb->len, rx_status);
3001 static int ieee80211_sta_active_ibss(struct ieee80211_sub_if_data *sdata)
3003 struct ieee80211_local *local = sdata->local;
3005 struct sta_info *sta;
3009 list_for_each_entry_rcu(sta, &local->sta_list, list) {
3010 if (sta->sdata == sdata &&
3011 time_after(sta->last_rx + IEEE80211_IBSS_MERGE_INTERVAL,
3024 static void ieee80211_sta_expire(struct ieee80211_sub_if_data *sdata, unsigned long exp_time)
3026 struct ieee80211_local *local = sdata->local;
3027 struct sta_info *sta, *tmp;
3028 LIST_HEAD(tmp_list);
3029 DECLARE_MAC_BUF(mac);
3030 unsigned long flags;
3032 spin_lock_irqsave(&local->sta_lock, flags);
3033 list_for_each_entry_safe(sta, tmp, &local->sta_list, list)
3034 if (time_after(jiffies, sta->last_rx + exp_time)) {
3035 #ifdef CONFIG_MAC80211_IBSS_DEBUG
3036 printk(KERN_DEBUG "%s: expiring inactive STA %s\n",
3037 sdata->dev->name, print_mac(mac, sta->addr));
3039 __sta_info_unlink(&sta);
3041 list_add(&sta->list, &tmp_list);
3043 spin_unlock_irqrestore(&local->sta_lock, flags);
3045 list_for_each_entry_safe(sta, tmp, &tmp_list, list)
3046 sta_info_destroy(sta);
3050 static void ieee80211_sta_merge_ibss(struct ieee80211_sub_if_data *sdata,
3051 struct ieee80211_if_sta *ifsta)
3053 mod_timer(&ifsta->timer, jiffies + IEEE80211_IBSS_MERGE_INTERVAL);
3055 ieee80211_sta_expire(sdata, IEEE80211_IBSS_INACTIVITY_LIMIT);
3056 if (ieee80211_sta_active_ibss(sdata))
3059 printk(KERN_DEBUG "%s: No active IBSS STAs - trying to scan for other "
3060 "IBSS networks with same SSID (merge)\n", sdata->dev->name);
3061 ieee80211_sta_req_scan(sdata, ifsta->ssid, ifsta->ssid_len);
3065 #ifdef CONFIG_MAC80211_MESH
3066 static void ieee80211_mesh_housekeeping(struct ieee80211_sub_if_data *sdata,
3067 struct ieee80211_if_sta *ifsta)
3071 ieee80211_sta_expire(sdata, IEEE80211_MESH_PEER_INACTIVITY_LIMIT);
3072 mesh_path_expire(sdata);
3074 free_plinks = mesh_plink_availables(sdata);
3075 if (free_plinks != sdata->u.sta.accepting_plinks)
3076 ieee80211_if_config(sdata, IEEE80211_IFCC_BEACON);
3078 mod_timer(&ifsta->timer, jiffies +
3079 IEEE80211_MESH_HOUSEKEEPING_INTERVAL);
3083 void ieee80211_start_mesh(struct ieee80211_sub_if_data *sdata)
3085 struct ieee80211_if_sta *ifsta;
3086 ifsta = &sdata->u.sta;
3087 ifsta->state = IEEE80211_STA_MLME_MESH_UP;
3088 ieee80211_sta_timer((unsigned long)sdata);
3089 ieee80211_if_config(sdata, IEEE80211_IFCC_BEACON);
3094 void ieee80211_sta_timer(unsigned long data)
3096 struct ieee80211_sub_if_data *sdata =
3097 (struct ieee80211_sub_if_data *) data;
3098 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
3099 struct ieee80211_local *local = sdata->local;
3101 set_bit(IEEE80211_STA_REQ_RUN, &ifsta->request);
3102 queue_work(local->hw.workqueue, &ifsta->work);
3105 static void ieee80211_sta_reset_auth(struct ieee80211_sub_if_data *sdata,
3106 struct ieee80211_if_sta *ifsta)
3108 struct ieee80211_local *local = sdata->local;
3110 if (local->ops->reset_tsf) {
3111 /* Reset own TSF to allow time synchronization work. */
3112 local->ops->reset_tsf(local_to_hw(local));
3115 ifsta->wmm_last_param_set = -1; /* allow any WMM update */
3118 if (ifsta->auth_algs & IEEE80211_AUTH_ALG_OPEN)
3119 ifsta->auth_alg = WLAN_AUTH_OPEN;
3120 else if (ifsta->auth_algs & IEEE80211_AUTH_ALG_SHARED_KEY)
3121 ifsta->auth_alg = WLAN_AUTH_SHARED_KEY;
3122 else if (ifsta->auth_algs & IEEE80211_AUTH_ALG_LEAP)
3123 ifsta->auth_alg = WLAN_AUTH_LEAP;
3125 ifsta->auth_alg = WLAN_AUTH_OPEN;
3126 ifsta->auth_transaction = -1;
3127 ifsta->flags &= ~IEEE80211_STA_ASSOCIATED;
3128 ifsta->assoc_scan_tries = 0;
3129 ifsta->direct_probe_tries = 0;
3130 ifsta->auth_tries = 0;
3131 ifsta->assoc_tries = 0;
3132 netif_tx_stop_all_queues(sdata->dev);
3133 netif_carrier_off(sdata->dev);
3137 void ieee80211_sta_req_auth(struct ieee80211_sub_if_data *sdata,
3138 struct ieee80211_if_sta *ifsta)
3140 struct ieee80211_local *local = sdata->local;
3142 if (sdata->vif.type != IEEE80211_IF_TYPE_STA)
3145 if ((ifsta->flags & (IEEE80211_STA_BSSID_SET |
3146 IEEE80211_STA_AUTO_BSSID_SEL)) &&
3147 (ifsta->flags & (IEEE80211_STA_SSID_SET |
3148 IEEE80211_STA_AUTO_SSID_SEL))) {
3150 if (ifsta->state == IEEE80211_STA_MLME_ASSOCIATED)
3151 ieee80211_set_disassoc(sdata, ifsta, true, true,
3152 WLAN_REASON_DEAUTH_LEAVING);
3154 set_bit(IEEE80211_STA_REQ_AUTH, &ifsta->request);
3155 queue_work(local->hw.workqueue, &ifsta->work);
3159 static int ieee80211_sta_match_ssid(struct ieee80211_if_sta *ifsta,
3160 const char *ssid, int ssid_len)
3162 int tmp, hidden_ssid;
3164 if (ssid_len == ifsta->ssid_len &&
3165 !memcmp(ifsta->ssid, ssid, ssid_len))
3168 if (ifsta->flags & IEEE80211_STA_AUTO_BSSID_SEL)
3174 if (ssid[tmp] != '\0') {
3180 if (hidden_ssid && ifsta->ssid_len == ssid_len)
3183 if (ssid_len == 1 && ssid[0] == ' ')
3189 static int ieee80211_sta_create_ibss(struct ieee80211_sub_if_data *sdata,
3190 struct ieee80211_if_sta *ifsta)
3192 struct ieee80211_local *local = sdata->local;
3193 struct ieee80211_sta_bss *bss;
3194 struct ieee80211_supported_band *sband;
3195 u8 bssid[ETH_ALEN], *pos;
3198 DECLARE_MAC_BUF(mac);
3201 /* Easier testing, use fixed BSSID. */
3202 memset(bssid, 0xfe, ETH_ALEN);
3204 /* Generate random, not broadcast, locally administered BSSID. Mix in
3205 * own MAC address to make sure that devices that do not have proper
3206 * random number generator get different BSSID. */
3207 get_random_bytes(bssid, ETH_ALEN);
3208 for (i = 0; i < ETH_ALEN; i++)
3209 bssid[i] ^= sdata->dev->dev_addr[i];
3214 printk(KERN_DEBUG "%s: Creating new IBSS network, BSSID %s\n",
3215 sdata->dev->name, print_mac(mac, bssid));
3217 bss = ieee80211_rx_bss_add(local, bssid,
3218 local->hw.conf.channel->center_freq,
3219 sdata->u.sta.ssid, sdata->u.sta.ssid_len);
3223 bss->band = local->hw.conf.channel->band;
3224 sband = local->hw.wiphy->bands[bss->band];
3226 if (local->hw.conf.beacon_int == 0)
3227 local->hw.conf.beacon_int = 100;
3228 bss->beacon_int = local->hw.conf.beacon_int;
3229 bss->last_update = jiffies;
3230 bss->capability = WLAN_CAPABILITY_IBSS;
3232 if (sdata->default_key)
3233 bss->capability |= WLAN_CAPABILITY_PRIVACY;
3235 sdata->drop_unencrypted = 0;
3237 bss->supp_rates_len = sband->n_bitrates;
3238 pos = bss->supp_rates;
3239 for (i = 0; i < sband->n_bitrates; i++) {
3240 int rate = sband->bitrates[i].bitrate;
3241 *pos++ = (u8) (rate / 5);
3244 ret = ieee80211_sta_join_ibss(sdata, ifsta, bss);
3245 ieee80211_rx_bss_put(local, bss);
3250 static int ieee80211_sta_find_ibss(struct ieee80211_sub_if_data *sdata,
3251 struct ieee80211_if_sta *ifsta)
3253 struct ieee80211_local *local = sdata->local;
3254 struct ieee80211_sta_bss *bss;
3258 DECLARE_MAC_BUF(mac);
3259 DECLARE_MAC_BUF(mac2);
3261 if (ifsta->ssid_len == 0)
3264 active_ibss = ieee80211_sta_active_ibss(sdata);
3265 #ifdef CONFIG_MAC80211_IBSS_DEBUG
3266 printk(KERN_DEBUG "%s: sta_find_ibss (active_ibss=%d)\n",
3267 sdata->dev->name, active_ibss);
3268 #endif /* CONFIG_MAC80211_IBSS_DEBUG */
3269 spin_lock_bh(&local->sta_bss_lock);
3270 list_for_each_entry(bss, &local->sta_bss_list, list) {
3271 if (ifsta->ssid_len != bss->ssid_len ||
3272 memcmp(ifsta->ssid, bss->ssid, bss->ssid_len) != 0
3273 || !(bss->capability & WLAN_CAPABILITY_IBSS))
3275 #ifdef CONFIG_MAC80211_IBSS_DEBUG
3276 printk(KERN_DEBUG " bssid=%s found\n",
3277 print_mac(mac, bss->bssid));
3278 #endif /* CONFIG_MAC80211_IBSS_DEBUG */
3279 memcpy(bssid, bss->bssid, ETH_ALEN);
3281 if (active_ibss || memcmp(bssid, ifsta->bssid, ETH_ALEN) != 0)
3284 spin_unlock_bh(&local->sta_bss_lock);
3286 #ifdef CONFIG_MAC80211_IBSS_DEBUG
3288 printk(KERN_DEBUG " sta_find_ibss: selected %s current "
3289 "%s\n", print_mac(mac, bssid),
3290 print_mac(mac2, ifsta->bssid));
3291 #endif /* CONFIG_MAC80211_IBSS_DEBUG */
3293 if (found && memcmp(ifsta->bssid, bssid, ETH_ALEN) != 0) {
3297 if (ifsta->flags & IEEE80211_STA_AUTO_CHANNEL_SEL)
3298 search_freq = bss->freq;
3300 search_freq = local->hw.conf.channel->center_freq;
3302 bss = ieee80211_rx_bss_get(local, bssid, search_freq,
3303 ifsta->ssid, ifsta->ssid_len);
3307 printk(KERN_DEBUG "%s: Selected IBSS BSSID %s"
3308 " based on configured SSID\n",
3309 sdata->dev->name, print_mac(mac, bssid));
3310 ret = ieee80211_sta_join_ibss(sdata, ifsta, bss);
3311 ieee80211_rx_bss_put(local, bss);
3316 #ifdef CONFIG_MAC80211_IBSS_DEBUG
3317 printk(KERN_DEBUG " did not try to join ibss\n");
3318 #endif /* CONFIG_MAC80211_IBSS_DEBUG */
3320 /* Selected IBSS not found in current scan results - try to scan */
3321 if (ifsta->state == IEEE80211_STA_MLME_IBSS_JOINED &&
3322 !ieee80211_sta_active_ibss(sdata)) {
3323 mod_timer(&ifsta->timer, jiffies +
3324 IEEE80211_IBSS_MERGE_INTERVAL);
3325 } else if (time_after(jiffies, local->last_scan_completed +
3326 IEEE80211_SCAN_INTERVAL)) {
3327 printk(KERN_DEBUG "%s: Trigger new scan to find an IBSS to "
3328 "join\n", sdata->dev->name);
3329 return ieee80211_sta_req_scan(sdata, ifsta->ssid,
3331 } else if (ifsta->state != IEEE80211_STA_MLME_IBSS_JOINED) {
3332 int interval = IEEE80211_SCAN_INTERVAL;
3334 if (time_after(jiffies, ifsta->ibss_join_req +
3335 IEEE80211_IBSS_JOIN_TIMEOUT)) {
3336 if ((ifsta->flags & IEEE80211_STA_CREATE_IBSS) &&
3337 (!(local->oper_channel->flags &
3338 IEEE80211_CHAN_NO_IBSS)))
3339 return ieee80211_sta_create_ibss(sdata, ifsta);
3340 if (ifsta->flags & IEEE80211_STA_CREATE_IBSS) {
3341 printk(KERN_DEBUG "%s: IBSS not allowed on"
3342 " %d MHz\n", sdata->dev->name,
3343 local->hw.conf.channel->center_freq);
3346 /* No IBSS found - decrease scan interval and continue
3348 interval = IEEE80211_SCAN_INTERVAL_SLOW;
3351 ifsta->state = IEEE80211_STA_MLME_IBSS_SEARCH;
3352 mod_timer(&ifsta->timer, jiffies + interval);
3360 int ieee80211_sta_set_ssid(struct ieee80211_sub_if_data *sdata, char *ssid, size_t len)
3362 struct ieee80211_if_sta *ifsta;
3365 if (len > IEEE80211_MAX_SSID_LEN)
3368 ifsta = &sdata->u.sta;
3370 if (ifsta->ssid_len != len || memcmp(ifsta->ssid, ssid, len) != 0) {
3371 memset(ifsta->ssid, 0, sizeof(ifsta->ssid));
3372 memcpy(ifsta->ssid, ssid, len);
3373 ifsta->ssid_len = len;
3374 ifsta->flags &= ~IEEE80211_STA_PREV_BSSID_SET;
3378 * Hack! MLME code needs to be cleaned up to have different
3379 * entry points for configuration and internal selection change
3381 if (netif_running(sdata->dev))
3382 res = ieee80211_if_config(sdata, IEEE80211_IFCC_SSID);
3384 printk(KERN_DEBUG "%s: Failed to config new SSID to "
3385 "the low-level driver\n", sdata->dev->name);
3391 ifsta->flags |= IEEE80211_STA_SSID_SET;
3393 ifsta->flags &= ~IEEE80211_STA_SSID_SET;
3395 if (sdata->vif.type == IEEE80211_IF_TYPE_IBSS &&
3396 !(ifsta->flags & IEEE80211_STA_BSSID_SET)) {
3397 ifsta->ibss_join_req = jiffies;
3398 ifsta->state = IEEE80211_STA_MLME_IBSS_SEARCH;
3399 return ieee80211_sta_find_ibss(sdata, ifsta);
3406 int ieee80211_sta_get_ssid(struct ieee80211_sub_if_data *sdata, char *ssid, size_t *len)
3408 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
3409 memcpy(ssid, ifsta->ssid, ifsta->ssid_len);
3410 *len = ifsta->ssid_len;
3415 int ieee80211_sta_set_bssid(struct ieee80211_sub_if_data *sdata, u8 *bssid)
3417 struct ieee80211_if_sta *ifsta;
3420 ifsta = &sdata->u.sta;
3422 if (memcmp(ifsta->bssid, bssid, ETH_ALEN) != 0) {
3423 memcpy(ifsta->bssid, bssid, ETH_ALEN);
3426 * Hack! See also ieee80211_sta_set_ssid.
3428 if (netif_running(sdata->dev))
3429 res = ieee80211_if_config(sdata, IEEE80211_IFCC_BSSID);
3431 printk(KERN_DEBUG "%s: Failed to config new BSSID to "
3432 "the low-level driver\n", sdata->dev->name);
3437 if (is_valid_ether_addr(bssid))
3438 ifsta->flags |= IEEE80211_STA_BSSID_SET;
3440 ifsta->flags &= ~IEEE80211_STA_BSSID_SET;
3446 int ieee80211_sta_set_extra_ie(struct ieee80211_sub_if_data *sdata, char *ie, size_t len)
3448 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
3450 kfree(ifsta->extra_ie);
3452 ifsta->extra_ie = NULL;
3453 ifsta->extra_ie_len = 0;
3456 ifsta->extra_ie = kmalloc(len, GFP_KERNEL);
3457 if (!ifsta->extra_ie) {
3458 ifsta->extra_ie_len = 0;
3461 memcpy(ifsta->extra_ie, ie, len);
3462 ifsta->extra_ie_len = len;
3467 struct sta_info *ieee80211_ibss_add_sta(struct ieee80211_sub_if_data *sdata,
3468 struct sk_buff *skb, u8 *bssid,
3469 u8 *addr, u64 supp_rates)
3471 struct ieee80211_local *local = sdata->local;
3472 struct sta_info *sta;
3473 DECLARE_MAC_BUF(mac);
3474 int band = local->hw.conf.channel->band;
3476 /* TODO: Could consider removing the least recently used entry and
3477 * allow new one to be added. */
3478 if (local->num_sta >= IEEE80211_IBSS_MAX_STA_ENTRIES) {
3479 if (net_ratelimit()) {
3480 printk(KERN_DEBUG "%s: No room for a new IBSS STA "
3481 "entry %s\n", sdata->dev->name, print_mac(mac, addr));
3486 if (compare_ether_addr(bssid, sdata->u.sta.bssid))
3489 #ifdef CONFIG_MAC80211_VERBOSE_DEBUG
3490 printk(KERN_DEBUG "%s: Adding new IBSS station %s (dev=%s)\n",
3491 wiphy_name(local->hw.wiphy), print_mac(mac, addr), sdata->dev->name);
3494 sta = sta_info_alloc(sdata, addr, GFP_ATOMIC);
3498 set_sta_flags(sta, WLAN_STA_AUTHORIZED);
3500 /* make sure mandatory rates are always added */
3501 sta->supp_rates[band] = supp_rates |
3502 ieee80211_sta_get_mandatory_rates(local, band);
3504 rate_control_rate_init(sta, local);
3506 if (sta_info_insert(sta))
3513 static int ieee80211_sta_config_auth(struct ieee80211_sub_if_data *sdata,
3514 struct ieee80211_if_sta *ifsta)
3516 struct ieee80211_local *local = sdata->local;
3517 struct ieee80211_sta_bss *bss, *selected = NULL;
3518 int top_rssi = 0, freq;
3520 spin_lock_bh(&local->sta_bss_lock);
3521 freq = local->oper_channel->center_freq;
3522 list_for_each_entry(bss, &local->sta_bss_list, list) {
3523 if (!(bss->capability & WLAN_CAPABILITY_ESS))
3526 if ((ifsta->flags & (IEEE80211_STA_AUTO_SSID_SEL |
3527 IEEE80211_STA_AUTO_BSSID_SEL |
3528 IEEE80211_STA_AUTO_CHANNEL_SEL)) &&
3529 (!!(bss->capability & WLAN_CAPABILITY_PRIVACY) ^
3530 !!sdata->default_key))
3533 if (!(ifsta->flags & IEEE80211_STA_AUTO_CHANNEL_SEL) &&
3537 if (!(ifsta->flags & IEEE80211_STA_AUTO_BSSID_SEL) &&
3538 memcmp(bss->bssid, ifsta->bssid, ETH_ALEN))
3541 if (!(ifsta->flags & IEEE80211_STA_AUTO_SSID_SEL) &&
3542 !ieee80211_sta_match_ssid(ifsta, bss->ssid, bss->ssid_len))
3545 if (!selected || top_rssi < bss->signal) {
3547 top_rssi = bss->signal;
3551 atomic_inc(&selected->users);
3552 spin_unlock_bh(&local->sta_bss_lock);
3555 ieee80211_set_freq(sdata, selected->freq);
3556 if (!(ifsta->flags & IEEE80211_STA_SSID_SET))
3557 ieee80211_sta_set_ssid(sdata, selected->ssid,
3558 selected->ssid_len);
3559 ieee80211_sta_set_bssid(sdata, selected->bssid);
3560 ieee80211_sta_def_wmm_params(sdata, selected, 0);
3562 /* Send out direct probe if no probe resp was received or
3563 * the one we have is outdated
3565 if (!selected->last_probe_resp ||
3566 time_after(jiffies, selected->last_probe_resp
3567 + IEEE80211_SCAN_RESULT_EXPIRE))
3568 ifsta->state = IEEE80211_STA_MLME_DIRECT_PROBE;
3570 ifsta->state = IEEE80211_STA_MLME_AUTHENTICATE;
3572 ieee80211_rx_bss_put(local, selected);
3573 ieee80211_sta_reset_auth(sdata, ifsta);
3576 if (ifsta->assoc_scan_tries < IEEE80211_ASSOC_SCANS_MAX_TRIES) {
3577 ifsta->assoc_scan_tries++;
3578 if (ifsta->flags & IEEE80211_STA_AUTO_SSID_SEL)
3579 ieee80211_sta_start_scan(sdata, NULL, 0);
3581 ieee80211_sta_start_scan(sdata, ifsta->ssid,
3583 ifsta->state = IEEE80211_STA_MLME_AUTHENTICATE;
3584 set_bit(IEEE80211_STA_REQ_AUTH, &ifsta->request);
3586 ifsta->state = IEEE80211_STA_MLME_DISABLED;
3592 int ieee80211_sta_deauthenticate(struct ieee80211_sub_if_data *sdata, u16 reason)
3594 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
3596 printk(KERN_DEBUG "%s: deauthenticating by local choice (reason=%d)\n",
3597 sdata->dev->name, reason);
3599 if (sdata->vif.type != IEEE80211_IF_TYPE_STA &&
3600 sdata->vif.type != IEEE80211_IF_TYPE_IBSS)
3603 ieee80211_set_disassoc(sdata, ifsta, true, true, reason);
3608 int ieee80211_sta_disassociate(struct ieee80211_sub_if_data *sdata, u16 reason)
3610 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
3612 printk(KERN_DEBUG "%s: disassociating by local choice (reason=%d)\n",
3613 sdata->dev->name, reason);
3615 if (sdata->vif.type != IEEE80211_IF_TYPE_STA)
3618 if (!(ifsta->flags & IEEE80211_STA_ASSOCIATED))
3621 ieee80211_set_disassoc(sdata, ifsta, false, true, reason);
3625 void ieee80211_notify_mac(struct ieee80211_hw *hw,
3626 enum ieee80211_notification_types notif_type)
3628 struct ieee80211_local *local = hw_to_local(hw);
3629 struct ieee80211_sub_if_data *sdata;
3631 switch (notif_type) {
3632 case IEEE80211_NOTIFY_RE_ASSOC:
3634 list_for_each_entry_rcu(sdata, &local->interfaces, list) {
3635 if (sdata->vif.type != IEEE80211_IF_TYPE_STA)
3638 ieee80211_sta_req_auth(sdata, &sdata->u.sta);
3644 EXPORT_SYMBOL(ieee80211_notify_mac);
3646 void ieee80211_sta_work(struct work_struct *work)
3648 struct ieee80211_sub_if_data *sdata =
3649 container_of(work, struct ieee80211_sub_if_data, u.sta.work);
3650 struct ieee80211_local *local = sdata->local;
3651 struct ieee80211_if_sta *ifsta;
3652 struct sk_buff *skb;
3654 if (!netif_running(sdata->dev))
3657 if (local->sta_sw_scanning || local->sta_hw_scanning)
3660 if (WARN_ON(sdata->vif.type != IEEE80211_IF_TYPE_STA &&
3661 sdata->vif.type != IEEE80211_IF_TYPE_IBSS &&
3662 sdata->vif.type != IEEE80211_IF_TYPE_MESH_POINT))
3664 ifsta = &sdata->u.sta;
3666 while ((skb = skb_dequeue(&ifsta->skb_queue)))
3667 ieee80211_sta_rx_queued_mgmt(sdata, skb);
3669 #ifdef CONFIG_MAC80211_MESH
3670 if (ifsta->preq_queue_len &&
3672 ifsta->last_preq + msecs_to_jiffies(ifsta->mshcfg.dot11MeshHWMPpreqMinInterval)))
3673 mesh_path_start_discovery(sdata);
3676 if (ifsta->state != IEEE80211_STA_MLME_DIRECT_PROBE &&
3677 ifsta->state != IEEE80211_STA_MLME_AUTHENTICATE &&
3678 ifsta->state != IEEE80211_STA_MLME_ASSOCIATE &&
3679 test_and_clear_bit(IEEE80211_STA_REQ_SCAN, &ifsta->request)) {
3680 if (ifsta->scan_ssid_len)
3681 ieee80211_sta_start_scan(sdata, ifsta->scan_ssid, ifsta->scan_ssid_len);
3683 ieee80211_sta_start_scan(sdata, NULL, 0);
3687 if (test_and_clear_bit(IEEE80211_STA_REQ_AUTH, &ifsta->request)) {
3688 if (ieee80211_sta_config_auth(sdata, ifsta))
3690 clear_bit(IEEE80211_STA_REQ_RUN, &ifsta->request);
3691 } else if (!test_and_clear_bit(IEEE80211_STA_REQ_RUN, &ifsta->request))
3694 switch (ifsta->state) {
3695 case IEEE80211_STA_MLME_DISABLED:
3697 case IEEE80211_STA_MLME_DIRECT_PROBE:
3698 ieee80211_direct_probe(sdata, ifsta);
3700 case IEEE80211_STA_MLME_AUTHENTICATE:
3701 ieee80211_authenticate(sdata, ifsta);
3703 case IEEE80211_STA_MLME_ASSOCIATE:
3704 ieee80211_associate(sdata, ifsta);
3706 case IEEE80211_STA_MLME_ASSOCIATED:
3707 ieee80211_associated(sdata, ifsta);
3709 case IEEE80211_STA_MLME_IBSS_SEARCH:
3710 ieee80211_sta_find_ibss(sdata, ifsta);
3712 case IEEE80211_STA_MLME_IBSS_JOINED:
3713 ieee80211_sta_merge_ibss(sdata, ifsta);
3715 #ifdef CONFIG_MAC80211_MESH
3716 case IEEE80211_STA_MLME_MESH_UP:
3717 ieee80211_mesh_housekeeping(sdata, ifsta);
3725 if (ieee80211_privacy_mismatch(sdata, ifsta)) {
3726 printk(KERN_DEBUG "%s: privacy configuration mismatch and "
3727 "mixed-cell disabled - disassociate\n", sdata->dev->name);
3729 ieee80211_set_disassoc(sdata, ifsta, false, true,
3730 WLAN_REASON_UNSPECIFIED);
3734 void ieee80211_mlme_notify_scan_completed(struct ieee80211_local *local)
3736 struct ieee80211_sub_if_data *sdata = local->scan_sdata;
3737 struct ieee80211_if_sta *ifsta;
3739 if (sdata->vif.type == IEEE80211_IF_TYPE_IBSS) {
3740 ifsta = &sdata->u.sta;
3741 if (!(ifsta->flags & IEEE80211_STA_BSSID_SET) ||
3742 (!(ifsta->state == IEEE80211_STA_MLME_IBSS_JOINED) &&
3743 !ieee80211_sta_active_ibss(sdata)))
3744 ieee80211_sta_find_ibss(sdata, ifsta);
git://ftp.safe.ca / safe / jmp / linux-2.6 / blob